[Midnightbsd-cvs] src [7118] trunk/crypto/openssl: merge openssl 1.0.1o
laffer1 at midnightbsd.org
laffer1 at midnightbsd.org
Tue Jul 21 19:23:46 EDT 2015
Revision: 7118
http://svnweb.midnightbsd.org/src/?rev=7118
Author: laffer1
Date: 2015-07-21 19:23:45 -0400 (Tue, 21 Jul 2015)
Log Message:
-----------
merge openssl 1.0.1o
Modified Paths:
--------------
trunk/crypto/openssl/CHANGES
trunk/crypto/openssl/CHANGES.SSLeay
trunk/crypto/openssl/Configure
trunk/crypto/openssl/FAQ
trunk/crypto/openssl/INSTALL
trunk/crypto/openssl/Makefile
trunk/crypto/openssl/Makefile.bak
trunk/crypto/openssl/Makefile.org
trunk/crypto/openssl/Makefile.shared
trunk/crypto/openssl/NEWS
trunk/crypto/openssl/PROBLEMS
trunk/crypto/openssl/README
trunk/crypto/openssl/VMS/mkshared.com
trunk/crypto/openssl/apps/Makefile
trunk/crypto/openssl/apps/apps.c
trunk/crypto/openssl/apps/apps.h
trunk/crypto/openssl/apps/asn1pars.c
trunk/crypto/openssl/apps/ca.c
trunk/crypto/openssl/apps/ciphers.c
trunk/crypto/openssl/apps/client.pem
trunk/crypto/openssl/apps/cms.c
trunk/crypto/openssl/apps/crl.c
trunk/crypto/openssl/apps/crl2p7.c
trunk/crypto/openssl/apps/dgst.c
trunk/crypto/openssl/apps/dh.c
trunk/crypto/openssl/apps/dhparam.c
trunk/crypto/openssl/apps/dsa.c
trunk/crypto/openssl/apps/dsaparam.c
trunk/crypto/openssl/apps/ec.c
trunk/crypto/openssl/apps/ecparam.c
trunk/crypto/openssl/apps/enc.c
trunk/crypto/openssl/apps/engine.c
trunk/crypto/openssl/apps/errstr.c
trunk/crypto/openssl/apps/gendh.c
trunk/crypto/openssl/apps/genrsa.c
trunk/crypto/openssl/apps/ocsp.c
trunk/crypto/openssl/apps/openssl.c
trunk/crypto/openssl/apps/openssl.cnf
trunk/crypto/openssl/apps/pkcs12.c
trunk/crypto/openssl/apps/pkcs7.c
trunk/crypto/openssl/apps/pkcs8.c
trunk/crypto/openssl/apps/prime.c
trunk/crypto/openssl/apps/progs.h
trunk/crypto/openssl/apps/progs.pl
trunk/crypto/openssl/apps/req.c
trunk/crypto/openssl/apps/rsa.c
trunk/crypto/openssl/apps/rsautl.c
trunk/crypto/openssl/apps/s_apps.h
trunk/crypto/openssl/apps/s_cb.c
trunk/crypto/openssl/apps/s_client.c
trunk/crypto/openssl/apps/s_server.c
trunk/crypto/openssl/apps/s_socket.c
trunk/crypto/openssl/apps/s_time.c
trunk/crypto/openssl/apps/server.pem
trunk/crypto/openssl/apps/server2.pem
trunk/crypto/openssl/apps/sess_id.c
trunk/crypto/openssl/apps/smime.c
trunk/crypto/openssl/apps/speed.c
trunk/crypto/openssl/apps/verify.c
trunk/crypto/openssl/apps/x509.c
trunk/crypto/openssl/config
trunk/crypto/openssl/crypto/LPdir_vms.c
trunk/crypto/openssl/crypto/LPdir_win.c
trunk/crypto/openssl/crypto/Makefile
trunk/crypto/openssl/crypto/aes/Makefile
trunk/crypto/openssl/crypto/aes/aes.h
trunk/crypto/openssl/crypto/aes/aes_cbc.c
trunk/crypto/openssl/crypto/aes/aes_cfb.c
trunk/crypto/openssl/crypto/aes/aes_core.c
trunk/crypto/openssl/crypto/aes/aes_ctr.c
trunk/crypto/openssl/crypto/aes/aes_ige.c
trunk/crypto/openssl/crypto/aes/aes_misc.c
trunk/crypto/openssl/crypto/aes/aes_ofb.c
trunk/crypto/openssl/crypto/aes/asm/aes-586.pl
trunk/crypto/openssl/crypto/aes/asm/aes-x86_64.pl
trunk/crypto/openssl/crypto/asn1/Makefile
trunk/crypto/openssl/crypto/asn1/a_bitstr.c
trunk/crypto/openssl/crypto/asn1/a_digest.c
trunk/crypto/openssl/crypto/asn1/a_dup.c
trunk/crypto/openssl/crypto/asn1/a_gentm.c
trunk/crypto/openssl/crypto/asn1/a_int.c
trunk/crypto/openssl/crypto/asn1/a_object.c
trunk/crypto/openssl/crypto/asn1/a_octet.c
trunk/crypto/openssl/crypto/asn1/a_set.c
trunk/crypto/openssl/crypto/asn1/a_sign.c
trunk/crypto/openssl/crypto/asn1/a_strex.c
trunk/crypto/openssl/crypto/asn1/a_strnid.c
trunk/crypto/openssl/crypto/asn1/a_time.c
trunk/crypto/openssl/crypto/asn1/a_type.c
trunk/crypto/openssl/crypto/asn1/a_utctm.c
trunk/crypto/openssl/crypto/asn1/a_verify.c
trunk/crypto/openssl/crypto/asn1/asn1.h
trunk/crypto/openssl/crypto/asn1/asn1_err.c
trunk/crypto/openssl/crypto/asn1/asn1_gen.c
trunk/crypto/openssl/crypto/asn1/asn1_lib.c
trunk/crypto/openssl/crypto/asn1/asn1_mac.h
trunk/crypto/openssl/crypto/asn1/asn1_par.c
trunk/crypto/openssl/crypto/asn1/asn1t.h
trunk/crypto/openssl/crypto/asn1/asn_mime.c
trunk/crypto/openssl/crypto/asn1/asn_pack.c
trunk/crypto/openssl/crypto/asn1/charmap.h
trunk/crypto/openssl/crypto/asn1/charmap.pl
trunk/crypto/openssl/crypto/asn1/d2i_pr.c
trunk/crypto/openssl/crypto/asn1/d2i_pu.c
trunk/crypto/openssl/crypto/asn1/i2d_pr.c
trunk/crypto/openssl/crypto/asn1/n_pkey.c
trunk/crypto/openssl/crypto/asn1/nsseq.c
trunk/crypto/openssl/crypto/asn1/p5_pbe.c
trunk/crypto/openssl/crypto/asn1/p5_pbev2.c
trunk/crypto/openssl/crypto/asn1/p8_pkey.c
trunk/crypto/openssl/crypto/asn1/t_crl.c
trunk/crypto/openssl/crypto/asn1/t_pkey.c
trunk/crypto/openssl/crypto/asn1/t_req.c
trunk/crypto/openssl/crypto/asn1/t_spki.c
trunk/crypto/openssl/crypto/asn1/t_x509.c
trunk/crypto/openssl/crypto/asn1/tasn_dec.c
trunk/crypto/openssl/crypto/asn1/tasn_enc.c
trunk/crypto/openssl/crypto/asn1/tasn_fre.c
trunk/crypto/openssl/crypto/asn1/tasn_new.c
trunk/crypto/openssl/crypto/asn1/tasn_prn.c
trunk/crypto/openssl/crypto/asn1/tasn_typ.c
trunk/crypto/openssl/crypto/asn1/x_algor.c
trunk/crypto/openssl/crypto/asn1/x_crl.c
trunk/crypto/openssl/crypto/asn1/x_long.c
trunk/crypto/openssl/crypto/asn1/x_name.c
trunk/crypto/openssl/crypto/asn1/x_pubkey.c
trunk/crypto/openssl/crypto/asn1/x_req.c
trunk/crypto/openssl/crypto/asn1/x_x509.c
trunk/crypto/openssl/crypto/bf/Makefile
trunk/crypto/openssl/crypto/bf/asm/bf-586.pl
trunk/crypto/openssl/crypto/bf/bf_skey.c
trunk/crypto/openssl/crypto/bf/blowfish.h
trunk/crypto/openssl/crypto/bio/Makefile
trunk/crypto/openssl/crypto/bio/b_print.c
trunk/crypto/openssl/crypto/bio/b_sock.c
trunk/crypto/openssl/crypto/bio/bf_nbio.c
trunk/crypto/openssl/crypto/bio/bio.h
trunk/crypto/openssl/crypto/bio/bio_cb.c
trunk/crypto/openssl/crypto/bio/bio_err.c
trunk/crypto/openssl/crypto/bio/bio_lcl.h
trunk/crypto/openssl/crypto/bio/bio_lib.c
trunk/crypto/openssl/crypto/bio/bss_acpt.c
trunk/crypto/openssl/crypto/bio/bss_bio.c
trunk/crypto/openssl/crypto/bio/bss_dgram.c
trunk/crypto/openssl/crypto/bio/bss_fd.c
trunk/crypto/openssl/crypto/bio/bss_file.c
trunk/crypto/openssl/crypto/bio/bss_log.c
trunk/crypto/openssl/crypto/bio/bss_mem.c
trunk/crypto/openssl/crypto/bn/Makefile
trunk/crypto/openssl/crypto/bn/asm/bn-586.pl
trunk/crypto/openssl/crypto/bn/asm/co-586.pl
trunk/crypto/openssl/crypto/bn/asm/ppc.pl
trunk/crypto/openssl/crypto/bn/asm/sparcv8plus.S
trunk/crypto/openssl/crypto/bn/asm/x86_64-gcc.c
trunk/crypto/openssl/crypto/bn/asm/x86_64-mont.pl
trunk/crypto/openssl/crypto/bn/bn.h
trunk/crypto/openssl/crypto/bn/bn_asm.c
trunk/crypto/openssl/crypto/bn/bn_blind.c
trunk/crypto/openssl/crypto/bn/bn_ctx.c
trunk/crypto/openssl/crypto/bn/bn_div.c
trunk/crypto/openssl/crypto/bn/bn_exp.c
trunk/crypto/openssl/crypto/bn/bn_gcd.c
trunk/crypto/openssl/crypto/bn/bn_gf2m.c
trunk/crypto/openssl/crypto/bn/bn_lcl.h
trunk/crypto/openssl/crypto/bn/bn_lib.c
trunk/crypto/openssl/crypto/bn/bn_mont.c
trunk/crypto/openssl/crypto/bn/bn_nist.c
trunk/crypto/openssl/crypto/bn/bn_print.c
trunk/crypto/openssl/crypto/bn/bn_rand.c
trunk/crypto/openssl/crypto/bn/bn_shift.c
trunk/crypto/openssl/crypto/bn/bntest.c
trunk/crypto/openssl/crypto/bn/exptest.c
trunk/crypto/openssl/crypto/buffer/Makefile
trunk/crypto/openssl/crypto/buffer/buf_err.c
trunk/crypto/openssl/crypto/buffer/buf_str.c
trunk/crypto/openssl/crypto/buffer/buffer.c
trunk/crypto/openssl/crypto/buffer/buffer.h
trunk/crypto/openssl/crypto/camellia/Makefile
trunk/crypto/openssl/crypto/camellia/camellia.c
trunk/crypto/openssl/crypto/camellia/camellia.h
trunk/crypto/openssl/crypto/camellia/cmll_cbc.c
trunk/crypto/openssl/crypto/camellia/cmll_cfb.c
trunk/crypto/openssl/crypto/camellia/cmll_ctr.c
trunk/crypto/openssl/crypto/camellia/cmll_locl.h
trunk/crypto/openssl/crypto/camellia/cmll_misc.c
trunk/crypto/openssl/crypto/camellia/cmll_ofb.c
trunk/crypto/openssl/crypto/cast/Makefile
trunk/crypto/openssl/crypto/cast/asm/cast-586.pl
trunk/crypto/openssl/crypto/cast/c_skey.c
trunk/crypto/openssl/crypto/cast/cast.h
trunk/crypto/openssl/crypto/cms/Makefile
trunk/crypto/openssl/crypto/cms/cms.h
trunk/crypto/openssl/crypto/cms/cms_asn1.c
trunk/crypto/openssl/crypto/cms/cms_enc.c
trunk/crypto/openssl/crypto/cms/cms_env.c
trunk/crypto/openssl/crypto/cms/cms_err.c
trunk/crypto/openssl/crypto/cms/cms_ess.c
trunk/crypto/openssl/crypto/cms/cms_io.c
trunk/crypto/openssl/crypto/cms/cms_lcl.h
trunk/crypto/openssl/crypto/cms/cms_lib.c
trunk/crypto/openssl/crypto/cms/cms_sd.c
trunk/crypto/openssl/crypto/cms/cms_smime.c
trunk/crypto/openssl/crypto/comp/Makefile
trunk/crypto/openssl/crypto/comp/c_rle.c
trunk/crypto/openssl/crypto/comp/c_zlib.c
trunk/crypto/openssl/crypto/comp/comp_err.c
trunk/crypto/openssl/crypto/conf/Makefile
trunk/crypto/openssl/crypto/conf/README
trunk/crypto/openssl/crypto/conf/conf.h
trunk/crypto/openssl/crypto/conf/conf_api.c
trunk/crypto/openssl/crypto/conf/conf_def.c
trunk/crypto/openssl/crypto/conf/conf_err.c
trunk/crypto/openssl/crypto/conf/conf_lib.c
trunk/crypto/openssl/crypto/conf/conf_mall.c
trunk/crypto/openssl/crypto/conf/conf_mod.c
trunk/crypto/openssl/crypto/conf/conf_sap.c
trunk/crypto/openssl/crypto/cpt_err.c
trunk/crypto/openssl/crypto/cryptlib.c
trunk/crypto/openssl/crypto/cryptlib.h
trunk/crypto/openssl/crypto/crypto-lib.com
trunk/crypto/openssl/crypto/crypto.h
trunk/crypto/openssl/crypto/cversion.c
trunk/crypto/openssl/crypto/des/Makefile
trunk/crypto/openssl/crypto/des/asm/crypt586.pl
trunk/crypto/openssl/crypto/des/asm/des-586.pl
trunk/crypto/openssl/crypto/des/asm/des_enc.m4
trunk/crypto/openssl/crypto/des/des-lib.com
trunk/crypto/openssl/crypto/des/des.c
trunk/crypto/openssl/crypto/des/des.h
trunk/crypto/openssl/crypto/des/des_enc.c
trunk/crypto/openssl/crypto/des/des_locl.h
trunk/crypto/openssl/crypto/des/ecb_enc.c
trunk/crypto/openssl/crypto/des/enc_read.c
trunk/crypto/openssl/crypto/des/enc_writ.c
trunk/crypto/openssl/crypto/des/fcrypt_b.c
trunk/crypto/openssl/crypto/des/set_key.c
trunk/crypto/openssl/crypto/des/str2key.c
trunk/crypto/openssl/crypto/des/xcbc_enc.c
trunk/crypto/openssl/crypto/dh/Makefile
trunk/crypto/openssl/crypto/dh/dh.h
trunk/crypto/openssl/crypto/dh/dh_asn1.c
trunk/crypto/openssl/crypto/dh/dh_check.c
trunk/crypto/openssl/crypto/dh/dh_err.c
trunk/crypto/openssl/crypto/dh/dh_gen.c
trunk/crypto/openssl/crypto/dh/dh_key.c
trunk/crypto/openssl/crypto/dh/dh_lib.c
trunk/crypto/openssl/crypto/dsa/Makefile
trunk/crypto/openssl/crypto/dsa/dsa.h
trunk/crypto/openssl/crypto/dsa/dsa_asn1.c
trunk/crypto/openssl/crypto/dsa/dsa_err.c
trunk/crypto/openssl/crypto/dsa/dsa_gen.c
trunk/crypto/openssl/crypto/dsa/dsa_key.c
trunk/crypto/openssl/crypto/dsa/dsa_lib.c
trunk/crypto/openssl/crypto/dsa/dsa_ossl.c
trunk/crypto/openssl/crypto/dsa/dsa_sign.c
trunk/crypto/openssl/crypto/dsa/dsa_vrf.c
trunk/crypto/openssl/crypto/dsa/dsatest.c
trunk/crypto/openssl/crypto/dso/Makefile
trunk/crypto/openssl/crypto/dso/dso.h
trunk/crypto/openssl/crypto/dso/dso_dl.c
trunk/crypto/openssl/crypto/dso/dso_dlfcn.c
trunk/crypto/openssl/crypto/dso/dso_err.c
trunk/crypto/openssl/crypto/dso/dso_lib.c
trunk/crypto/openssl/crypto/dso/dso_null.c
trunk/crypto/openssl/crypto/dso/dso_openssl.c
trunk/crypto/openssl/crypto/dso/dso_vms.c
trunk/crypto/openssl/crypto/dso/dso_win32.c
trunk/crypto/openssl/crypto/ebcdic.h
trunk/crypto/openssl/crypto/ec/Makefile
trunk/crypto/openssl/crypto/ec/ec.h
trunk/crypto/openssl/crypto/ec/ec2_mult.c
trunk/crypto/openssl/crypto/ec/ec2_smpl.c
trunk/crypto/openssl/crypto/ec/ec_asn1.c
trunk/crypto/openssl/crypto/ec/ec_curve.c
trunk/crypto/openssl/crypto/ec/ec_cvt.c
trunk/crypto/openssl/crypto/ec/ec_err.c
trunk/crypto/openssl/crypto/ec/ec_key.c
trunk/crypto/openssl/crypto/ec/ec_lcl.h
trunk/crypto/openssl/crypto/ec/ec_lib.c
trunk/crypto/openssl/crypto/ec/ec_mult.c
trunk/crypto/openssl/crypto/ec/ecp_mont.c
trunk/crypto/openssl/crypto/ec/ecp_nist.c
trunk/crypto/openssl/crypto/ec/ecp_smpl.c
trunk/crypto/openssl/crypto/ec/ectest.c
trunk/crypto/openssl/crypto/ecdh/Makefile
trunk/crypto/openssl/crypto/ecdh/ecdh.h
trunk/crypto/openssl/crypto/ecdh/ecdhtest.c
trunk/crypto/openssl/crypto/ecdh/ech_err.c
trunk/crypto/openssl/crypto/ecdh/ech_key.c
trunk/crypto/openssl/crypto/ecdh/ech_lib.c
trunk/crypto/openssl/crypto/ecdh/ech_locl.h
trunk/crypto/openssl/crypto/ecdh/ech_ossl.c
trunk/crypto/openssl/crypto/ecdsa/Makefile
trunk/crypto/openssl/crypto/ecdsa/ecdsa.h
trunk/crypto/openssl/crypto/ecdsa/ecdsatest.c
trunk/crypto/openssl/crypto/ecdsa/ecs_err.c
trunk/crypto/openssl/crypto/ecdsa/ecs_lib.c
trunk/crypto/openssl/crypto/ecdsa/ecs_locl.h
trunk/crypto/openssl/crypto/ecdsa/ecs_ossl.c
trunk/crypto/openssl/crypto/engine/Makefile
trunk/crypto/openssl/crypto/engine/eng_all.c
trunk/crypto/openssl/crypto/engine/eng_cryptodev.c
trunk/crypto/openssl/crypto/engine/eng_dyn.c
trunk/crypto/openssl/crypto/engine/eng_err.c
trunk/crypto/openssl/crypto/engine/eng_fat.c
trunk/crypto/openssl/crypto/engine/eng_int.h
trunk/crypto/openssl/crypto/engine/eng_lib.c
trunk/crypto/openssl/crypto/engine/eng_list.c
trunk/crypto/openssl/crypto/engine/eng_openssl.c
trunk/crypto/openssl/crypto/engine/eng_table.c
trunk/crypto/openssl/crypto/engine/engine.h
trunk/crypto/openssl/crypto/engine/enginetest.c
trunk/crypto/openssl/crypto/err/Makefile
trunk/crypto/openssl/crypto/err/err.c
trunk/crypto/openssl/crypto/err/err.h
trunk/crypto/openssl/crypto/err/err_all.c
trunk/crypto/openssl/crypto/err/err_prn.c
trunk/crypto/openssl/crypto/err/openssl.ec
trunk/crypto/openssl/crypto/evp/Makefile
trunk/crypto/openssl/crypto/evp/bio_enc.c
trunk/crypto/openssl/crypto/evp/bio_md.c
trunk/crypto/openssl/crypto/evp/bio_ok.c
trunk/crypto/openssl/crypto/evp/c_all.c
trunk/crypto/openssl/crypto/evp/c_allc.c
trunk/crypto/openssl/crypto/evp/c_alld.c
trunk/crypto/openssl/crypto/evp/digest.c
trunk/crypto/openssl/crypto/evp/e_aes.c
trunk/crypto/openssl/crypto/evp/e_camellia.c
trunk/crypto/openssl/crypto/evp/e_des.c
trunk/crypto/openssl/crypto/evp/e_des3.c
trunk/crypto/openssl/crypto/evp/e_idea.c
trunk/crypto/openssl/crypto/evp/e_null.c
trunk/crypto/openssl/crypto/evp/e_rc2.c
trunk/crypto/openssl/crypto/evp/e_rc4.c
trunk/crypto/openssl/crypto/evp/e_seed.c
trunk/crypto/openssl/crypto/evp/e_xcbc_d.c
trunk/crypto/openssl/crypto/evp/encode.c
trunk/crypto/openssl/crypto/evp/evp.h
trunk/crypto/openssl/crypto/evp/evp_enc.c
trunk/crypto/openssl/crypto/evp/evp_err.c
trunk/crypto/openssl/crypto/evp/evp_key.c
trunk/crypto/openssl/crypto/evp/evp_lib.c
trunk/crypto/openssl/crypto/evp/evp_locl.h
trunk/crypto/openssl/crypto/evp/evp_pbe.c
trunk/crypto/openssl/crypto/evp/evp_pkey.c
trunk/crypto/openssl/crypto/evp/evp_test.c
trunk/crypto/openssl/crypto/evp/evptests.txt
trunk/crypto/openssl/crypto/evp/m_dss.c
trunk/crypto/openssl/crypto/evp/m_dss1.c
trunk/crypto/openssl/crypto/evp/m_ecdsa.c
trunk/crypto/openssl/crypto/evp/m_md2.c
trunk/crypto/openssl/crypto/evp/m_md4.c
trunk/crypto/openssl/crypto/evp/m_md5.c
trunk/crypto/openssl/crypto/evp/m_mdc2.c
trunk/crypto/openssl/crypto/evp/m_ripemd.c
trunk/crypto/openssl/crypto/evp/m_sha.c
trunk/crypto/openssl/crypto/evp/m_sha1.c
trunk/crypto/openssl/crypto/evp/names.c
trunk/crypto/openssl/crypto/evp/p5_crpt.c
trunk/crypto/openssl/crypto/evp/p5_crpt2.c
trunk/crypto/openssl/crypto/evp/p_dec.c
trunk/crypto/openssl/crypto/evp/p_enc.c
trunk/crypto/openssl/crypto/evp/p_lib.c
trunk/crypto/openssl/crypto/evp/p_open.c
trunk/crypto/openssl/crypto/evp/p_seal.c
trunk/crypto/openssl/crypto/evp/p_sign.c
trunk/crypto/openssl/crypto/evp/p_verify.c
trunk/crypto/openssl/crypto/ex_data.c
trunk/crypto/openssl/crypto/fips_err.h
trunk/crypto/openssl/crypto/hmac/Makefile
trunk/crypto/openssl/crypto/hmac/hmac.c
trunk/crypto/openssl/crypto/hmac/hmac.h
trunk/crypto/openssl/crypto/hmac/hmactest.c
trunk/crypto/openssl/crypto/ia64cpuid.S
trunk/crypto/openssl/crypto/idea/Makefile
trunk/crypto/openssl/crypto/idea/i_skey.c
trunk/crypto/openssl/crypto/idea/idea.h
trunk/crypto/openssl/crypto/jpake/Makefile
trunk/crypto/openssl/crypto/jpake/jpake.c
trunk/crypto/openssl/crypto/jpake/jpaketest.c
trunk/crypto/openssl/crypto/krb5/Makefile
trunk/crypto/openssl/crypto/lhash/Makefile
trunk/crypto/openssl/crypto/lhash/lh_stats.c
trunk/crypto/openssl/crypto/lhash/lhash.c
trunk/crypto/openssl/crypto/lhash/lhash.h
trunk/crypto/openssl/crypto/md2/Makefile
trunk/crypto/openssl/crypto/md2/md2_dgst.c
trunk/crypto/openssl/crypto/md32_common.h
trunk/crypto/openssl/crypto/md4/Makefile
trunk/crypto/openssl/crypto/md4/md4.h
trunk/crypto/openssl/crypto/md4/md4_dgst.c
trunk/crypto/openssl/crypto/md4/md4_locl.h
trunk/crypto/openssl/crypto/md5/Makefile
trunk/crypto/openssl/crypto/md5/asm/md5-586.pl
trunk/crypto/openssl/crypto/md5/asm/md5-x86_64.pl
trunk/crypto/openssl/crypto/md5/md5.h
trunk/crypto/openssl/crypto/md5/md5_dgst.c
trunk/crypto/openssl/crypto/md5/md5_locl.h
trunk/crypto/openssl/crypto/mdc2/Makefile
trunk/crypto/openssl/crypto/mdc2/mdc2dgst.c
trunk/crypto/openssl/crypto/mem.c
trunk/crypto/openssl/crypto/mem_dbg.c
trunk/crypto/openssl/crypto/o_init.c
trunk/crypto/openssl/crypto/o_time.c
trunk/crypto/openssl/crypto/o_time.h
trunk/crypto/openssl/crypto/objects/Makefile
trunk/crypto/openssl/crypto/objects/o_names.c
trunk/crypto/openssl/crypto/objects/obj_dat.c
trunk/crypto/openssl/crypto/objects/obj_dat.h
trunk/crypto/openssl/crypto/objects/obj_dat.pl
trunk/crypto/openssl/crypto/objects/obj_err.c
trunk/crypto/openssl/crypto/objects/obj_lib.c
trunk/crypto/openssl/crypto/objects/obj_mac.h
trunk/crypto/openssl/crypto/objects/obj_mac.num
trunk/crypto/openssl/crypto/objects/objects.README
trunk/crypto/openssl/crypto/objects/objects.h
trunk/crypto/openssl/crypto/objects/objects.pl
trunk/crypto/openssl/crypto/objects/objects.txt
trunk/crypto/openssl/crypto/ocsp/Makefile
trunk/crypto/openssl/crypto/ocsp/ocsp.h
trunk/crypto/openssl/crypto/ocsp/ocsp_cl.c
trunk/crypto/openssl/crypto/ocsp/ocsp_err.c
trunk/crypto/openssl/crypto/ocsp/ocsp_ext.c
trunk/crypto/openssl/crypto/ocsp/ocsp_ht.c
trunk/crypto/openssl/crypto/ocsp/ocsp_lib.c
trunk/crypto/openssl/crypto/ocsp/ocsp_prn.c
trunk/crypto/openssl/crypto/ocsp/ocsp_vfy.c
trunk/crypto/openssl/crypto/opensslconf.h
trunk/crypto/openssl/crypto/opensslconf.h.in
trunk/crypto/openssl/crypto/opensslv.h
trunk/crypto/openssl/crypto/ossl_typ.h
trunk/crypto/openssl/crypto/pem/Makefile
trunk/crypto/openssl/crypto/pem/pem.h
trunk/crypto/openssl/crypto/pem/pem_all.c
trunk/crypto/openssl/crypto/pem/pem_err.c
trunk/crypto/openssl/crypto/pem/pem_info.c
trunk/crypto/openssl/crypto/pem/pem_lib.c
trunk/crypto/openssl/crypto/pem/pem_pkey.c
trunk/crypto/openssl/crypto/pem/pem_seal.c
trunk/crypto/openssl/crypto/pem/pem_x509.c
trunk/crypto/openssl/crypto/pem/pem_xaux.c
trunk/crypto/openssl/crypto/perlasm/cbc.pl
trunk/crypto/openssl/crypto/perlasm/x86_64-xlate.pl
trunk/crypto/openssl/crypto/perlasm/x86asm.pl
trunk/crypto/openssl/crypto/perlasm/x86nasm.pl
trunk/crypto/openssl/crypto/pkcs12/Makefile
trunk/crypto/openssl/crypto/pkcs12/p12_add.c
trunk/crypto/openssl/crypto/pkcs12/p12_attr.c
trunk/crypto/openssl/crypto/pkcs12/p12_crpt.c
trunk/crypto/openssl/crypto/pkcs12/p12_crt.c
trunk/crypto/openssl/crypto/pkcs12/p12_decr.c
trunk/crypto/openssl/crypto/pkcs12/p12_key.c
trunk/crypto/openssl/crypto/pkcs12/p12_kiss.c
trunk/crypto/openssl/crypto/pkcs12/p12_mutl.c
trunk/crypto/openssl/crypto/pkcs12/p12_utl.c
trunk/crypto/openssl/crypto/pkcs12/pk12err.c
trunk/crypto/openssl/crypto/pkcs12/pkcs12.h
trunk/crypto/openssl/crypto/pkcs7/Makefile
trunk/crypto/openssl/crypto/pkcs7/pk7_asn1.c
trunk/crypto/openssl/crypto/pkcs7/pk7_attr.c
trunk/crypto/openssl/crypto/pkcs7/pk7_doit.c
trunk/crypto/openssl/crypto/pkcs7/pk7_lib.c
trunk/crypto/openssl/crypto/pkcs7/pk7_mime.c
trunk/crypto/openssl/crypto/pkcs7/pk7_smime.c
trunk/crypto/openssl/crypto/pkcs7/pkcs7.h
trunk/crypto/openssl/crypto/pkcs7/pkcs7err.c
trunk/crypto/openssl/crypto/pqueue/Makefile
trunk/crypto/openssl/crypto/pqueue/pqueue.c
trunk/crypto/openssl/crypto/pqueue/pqueue.h
trunk/crypto/openssl/crypto/rand/Makefile
trunk/crypto/openssl/crypto/rand/md_rand.c
trunk/crypto/openssl/crypto/rand/rand.h
trunk/crypto/openssl/crypto/rand/rand_egd.c
trunk/crypto/openssl/crypto/rand/rand_err.c
trunk/crypto/openssl/crypto/rand/rand_lcl.h
trunk/crypto/openssl/crypto/rand/rand_lib.c
trunk/crypto/openssl/crypto/rand/rand_os2.c
trunk/crypto/openssl/crypto/rand/rand_unix.c
trunk/crypto/openssl/crypto/rand/rand_vms.c
trunk/crypto/openssl/crypto/rand/randfile.c
trunk/crypto/openssl/crypto/rc2/Makefile
trunk/crypto/openssl/crypto/rc2/rc2_skey.c
trunk/crypto/openssl/crypto/rc4/Makefile
trunk/crypto/openssl/crypto/rc4/asm/rc4-586.pl
trunk/crypto/openssl/crypto/rc4/asm/rc4-x86_64.pl
trunk/crypto/openssl/crypto/rc4/rc4.h
trunk/crypto/openssl/crypto/rc4/rc4_enc.c
trunk/crypto/openssl/crypto/rc4/rc4_skey.c
trunk/crypto/openssl/crypto/rc4/rc4test.c
trunk/crypto/openssl/crypto/rc5/Makefile
trunk/crypto/openssl/crypto/rc5/asm/rc5-586.pl
trunk/crypto/openssl/crypto/rc5/rc5.h
trunk/crypto/openssl/crypto/rc5/rc5_locl.h
trunk/crypto/openssl/crypto/rc5/rc5_skey.c
trunk/crypto/openssl/crypto/ripemd/Makefile
trunk/crypto/openssl/crypto/ripemd/asm/rmd-586.pl
trunk/crypto/openssl/crypto/ripemd/ripemd.h
trunk/crypto/openssl/crypto/ripemd/rmd_dgst.c
trunk/crypto/openssl/crypto/ripemd/rmd_locl.h
trunk/crypto/openssl/crypto/rsa/Makefile
trunk/crypto/openssl/crypto/rsa/rsa.h
trunk/crypto/openssl/crypto/rsa/rsa_asn1.c
trunk/crypto/openssl/crypto/rsa/rsa_chk.c
trunk/crypto/openssl/crypto/rsa/rsa_eay.c
trunk/crypto/openssl/crypto/rsa/rsa_err.c
trunk/crypto/openssl/crypto/rsa/rsa_gen.c
trunk/crypto/openssl/crypto/rsa/rsa_lib.c
trunk/crypto/openssl/crypto/rsa/rsa_oaep.c
trunk/crypto/openssl/crypto/rsa/rsa_pss.c
trunk/crypto/openssl/crypto/rsa/rsa_sign.c
trunk/crypto/openssl/crypto/rsa/rsa_test.c
trunk/crypto/openssl/crypto/seed/Makefile
trunk/crypto/openssl/crypto/seed/seed.c
trunk/crypto/openssl/crypto/seed/seed.h
trunk/crypto/openssl/crypto/seed/seed_cbc.c
trunk/crypto/openssl/crypto/seed/seed_cfb.c
trunk/crypto/openssl/crypto/seed/seed_ofb.c
trunk/crypto/openssl/crypto/sha/Makefile
trunk/crypto/openssl/crypto/sha/asm/sha1-586.pl
trunk/crypto/openssl/crypto/sha/asm/sha1-ia64.pl
trunk/crypto/openssl/crypto/sha/asm/sha1-x86_64.pl
trunk/crypto/openssl/crypto/sha/asm/sha512-x86_64.pl
trunk/crypto/openssl/crypto/sha/sha.h
trunk/crypto/openssl/crypto/sha/sha1_one.c
trunk/crypto/openssl/crypto/sha/sha1dgst.c
trunk/crypto/openssl/crypto/sha/sha256.c
trunk/crypto/openssl/crypto/sha/sha512.c
trunk/crypto/openssl/crypto/sha/sha_dgst.c
trunk/crypto/openssl/crypto/sha/sha_locl.h
trunk/crypto/openssl/crypto/sha/shatest.c
trunk/crypto/openssl/crypto/sparccpuid.S
trunk/crypto/openssl/crypto/stack/Makefile
trunk/crypto/openssl/crypto/stack/safestack.h
trunk/crypto/openssl/crypto/stack/stack.c
trunk/crypto/openssl/crypto/stack/stack.h
trunk/crypto/openssl/crypto/store/Makefile
trunk/crypto/openssl/crypto/store/store.h
trunk/crypto/openssl/crypto/store/str_err.c
trunk/crypto/openssl/crypto/store/str_lib.c
trunk/crypto/openssl/crypto/store/str_mem.c
trunk/crypto/openssl/crypto/symhacks.h
trunk/crypto/openssl/crypto/threads/mttest.c
trunk/crypto/openssl/crypto/threads/th-lock.c
trunk/crypto/openssl/crypto/txt_db/Makefile
trunk/crypto/openssl/crypto/txt_db/txt_db.c
trunk/crypto/openssl/crypto/txt_db/txt_db.h
trunk/crypto/openssl/crypto/ui/Makefile
trunk/crypto/openssl/crypto/ui/ui.h
trunk/crypto/openssl/crypto/ui/ui_err.c
trunk/crypto/openssl/crypto/ui/ui_lib.c
trunk/crypto/openssl/crypto/ui/ui_openssl.c
trunk/crypto/openssl/crypto/x509/Makefile
trunk/crypto/openssl/crypto/x509/by_dir.c
trunk/crypto/openssl/crypto/x509/by_file.c
trunk/crypto/openssl/crypto/x509/x509.h
trunk/crypto/openssl/crypto/x509/x509_cmp.c
trunk/crypto/openssl/crypto/x509/x509_err.c
trunk/crypto/openssl/crypto/x509/x509_lu.c
trunk/crypto/openssl/crypto/x509/x509_obj.c
trunk/crypto/openssl/crypto/x509/x509_req.c
trunk/crypto/openssl/crypto/x509/x509_set.c
trunk/crypto/openssl/crypto/x509/x509_trs.c
trunk/crypto/openssl/crypto/x509/x509_txt.c
trunk/crypto/openssl/crypto/x509/x509_vfy.c
trunk/crypto/openssl/crypto/x509/x509_vfy.h
trunk/crypto/openssl/crypto/x509/x509_vpm.c
trunk/crypto/openssl/crypto/x509/x509cset.c
trunk/crypto/openssl/crypto/x509/x509name.c
trunk/crypto/openssl/crypto/x509/x509type.c
trunk/crypto/openssl/crypto/x509/x_all.c
trunk/crypto/openssl/crypto/x509v3/Makefile
trunk/crypto/openssl/crypto/x509v3/ext_dat.h
trunk/crypto/openssl/crypto/x509v3/pcy_cache.c
trunk/crypto/openssl/crypto/x509v3/pcy_data.c
trunk/crypto/openssl/crypto/x509v3/pcy_int.h
trunk/crypto/openssl/crypto/x509v3/pcy_map.c
trunk/crypto/openssl/crypto/x509v3/pcy_node.c
trunk/crypto/openssl/crypto/x509v3/pcy_tree.c
trunk/crypto/openssl/crypto/x509v3/v3_addr.c
trunk/crypto/openssl/crypto/x509v3/v3_alt.c
trunk/crypto/openssl/crypto/x509v3/v3_asid.c
trunk/crypto/openssl/crypto/x509v3/v3_conf.c
trunk/crypto/openssl/crypto/x509v3/v3_cpols.c
trunk/crypto/openssl/crypto/x509v3/v3_crld.c
trunk/crypto/openssl/crypto/x509v3/v3_enum.c
trunk/crypto/openssl/crypto/x509v3/v3_extku.c
trunk/crypto/openssl/crypto/x509v3/v3_genn.c
trunk/crypto/openssl/crypto/x509v3/v3_lib.c
trunk/crypto/openssl/crypto/x509v3/v3_ncons.c
trunk/crypto/openssl/crypto/x509v3/v3_ocsp.c
trunk/crypto/openssl/crypto/x509v3/v3_pci.c
trunk/crypto/openssl/crypto/x509v3/v3_pcons.c
trunk/crypto/openssl/crypto/x509v3/v3_pmaps.c
trunk/crypto/openssl/crypto/x509v3/v3_prn.c
trunk/crypto/openssl/crypto/x509v3/v3_purp.c
trunk/crypto/openssl/crypto/x509v3/v3_skey.c
trunk/crypto/openssl/crypto/x509v3/v3_utl.c
trunk/crypto/openssl/crypto/x509v3/v3err.c
trunk/crypto/openssl/crypto/x509v3/x509v3.h
trunk/crypto/openssl/crypto/x86_64cpuid.pl
trunk/crypto/openssl/crypto/x86cpuid.pl
trunk/crypto/openssl/demos/easy_tls/easy-tls.c
trunk/crypto/openssl/demos/pkcs12/pkread.c
trunk/crypto/openssl/demos/tunala/autoungunk.sh
trunk/crypto/openssl/demos/tunala/cb.c
trunk/crypto/openssl/demos/tunala/tunala.c
trunk/crypto/openssl/doc/HOWTO/certificates.txt
trunk/crypto/openssl/doc/HOWTO/proxy_certificates.txt
trunk/crypto/openssl/doc/apps/asn1parse.pod
trunk/crypto/openssl/doc/apps/ca.pod
trunk/crypto/openssl/doc/apps/ciphers.pod
trunk/crypto/openssl/doc/apps/config.pod
trunk/crypto/openssl/doc/apps/crl.pod
trunk/crypto/openssl/doc/apps/dgst.pod
trunk/crypto/openssl/doc/apps/dhparam.pod
trunk/crypto/openssl/doc/apps/dsa.pod
trunk/crypto/openssl/doc/apps/dsaparam.pod
trunk/crypto/openssl/doc/apps/ec.pod
trunk/crypto/openssl/doc/apps/ecparam.pod
trunk/crypto/openssl/doc/apps/enc.pod
trunk/crypto/openssl/doc/apps/gendsa.pod
trunk/crypto/openssl/doc/apps/genrsa.pod
trunk/crypto/openssl/doc/apps/ocsp.pod
trunk/crypto/openssl/doc/apps/openssl.pod
trunk/crypto/openssl/doc/apps/pkcs12.pod
trunk/crypto/openssl/doc/apps/pkcs7.pod
trunk/crypto/openssl/doc/apps/pkcs8.pod
trunk/crypto/openssl/doc/apps/req.pod
trunk/crypto/openssl/doc/apps/rsa.pod
trunk/crypto/openssl/doc/apps/s_client.pod
trunk/crypto/openssl/doc/apps/s_server.pod
trunk/crypto/openssl/doc/apps/smime.pod
trunk/crypto/openssl/doc/apps/speed.pod
trunk/crypto/openssl/doc/apps/spkac.pod
trunk/crypto/openssl/doc/apps/verify.pod
trunk/crypto/openssl/doc/apps/version.pod
trunk/crypto/openssl/doc/apps/x509.pod
trunk/crypto/openssl/doc/apps/x509v3_config.pod
trunk/crypto/openssl/doc/crypto/ASN1_generate_nconf.pod
trunk/crypto/openssl/doc/crypto/BIO_f_md.pod
trunk/crypto/openssl/doc/crypto/BIO_f_ssl.pod
trunk/crypto/openssl/doc/crypto/BIO_s_accept.pod
trunk/crypto/openssl/doc/crypto/BIO_s_file.pod
trunk/crypto/openssl/doc/crypto/BIO_s_mem.pod
trunk/crypto/openssl/doc/crypto/BN_BLINDING_new.pod
trunk/crypto/openssl/doc/crypto/CONF_modules_load_file.pod
trunk/crypto/openssl/doc/crypto/DSA_get_ex_new_index.pod
trunk/crypto/openssl/doc/crypto/EVP_BytesToKey.pod
trunk/crypto/openssl/doc/crypto/EVP_DigestInit.pod
trunk/crypto/openssl/doc/crypto/EVP_EncryptInit.pod
trunk/crypto/openssl/doc/crypto/EVP_PKEY_set1_RSA.pod
trunk/crypto/openssl/doc/crypto/EVP_SignInit.pod
trunk/crypto/openssl/doc/crypto/EVP_VerifyInit.pod
trunk/crypto/openssl/doc/crypto/OPENSSL_config.pod
trunk/crypto/openssl/doc/crypto/PKCS7_encrypt.pod
trunk/crypto/openssl/doc/crypto/PKCS7_sign.pod
trunk/crypto/openssl/doc/crypto/SMIME_write_PKCS7.pod
trunk/crypto/openssl/doc/crypto/X509_NAME_add_entry_by_txt.pod
trunk/crypto/openssl/doc/crypto/X509_NAME_get_index_by_NID.pod
trunk/crypto/openssl/doc/crypto/d2i_RSAPublicKey.pod
trunk/crypto/openssl/doc/crypto/d2i_X509.pod
trunk/crypto/openssl/doc/crypto/evp.pod
trunk/crypto/openssl/doc/crypto/hmac.pod
trunk/crypto/openssl/doc/crypto/lhash.pod
trunk/crypto/openssl/doc/crypto/pem.pod
trunk/crypto/openssl/doc/crypto/threads.pod
trunk/crypto/openssl/doc/ssl/SSL_CTX_new.pod
trunk/crypto/openssl/doc/ssl/SSL_CTX_set_cipher_list.pod
trunk/crypto/openssl/doc/ssl/SSL_CTX_set_mode.pod
trunk/crypto/openssl/doc/ssl/SSL_CTX_set_options.pod
trunk/crypto/openssl/doc/ssl/SSL_CTX_set_ssl_version.pod
trunk/crypto/openssl/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod
trunk/crypto/openssl/doc/ssl/SSL_CTX_set_verify.pod
trunk/crypto/openssl/doc/ssl/SSL_alert_type_string.pod
trunk/crypto/openssl/doc/ssl/SSL_get_peer_cert_chain.pod
trunk/crypto/openssl/doc/ssl/SSL_library_init.pod
trunk/crypto/openssl/doc/ssl/SSL_pending.pod
trunk/crypto/openssl/doc/ssl/SSL_set_shutdown.pod
trunk/crypto/openssl/doc/ssl/SSL_shutdown.pod
trunk/crypto/openssl/doc/ssl/ssl.pod
trunk/crypto/openssl/doc/ssleay.txt
trunk/crypto/openssl/doc/standards.txt
trunk/crypto/openssl/e_os.h
trunk/crypto/openssl/e_os2.h
trunk/crypto/openssl/engines/Makefile
trunk/crypto/openssl/engines/e_4758cca.c
trunk/crypto/openssl/engines/e_aep.c
trunk/crypto/openssl/engines/e_capi.c
trunk/crypto/openssl/engines/e_capi_err.c
trunk/crypto/openssl/engines/e_chil.c
trunk/crypto/openssl/engines/e_gmp.c
trunk/crypto/openssl/engines/e_sureware.c
trunk/crypto/openssl/engines/e_ubsec.c
trunk/crypto/openssl/engines/vendor_defns/hwcryptohook.h
trunk/crypto/openssl/openssl.spec
trunk/crypto/openssl/ssl/Makefile
trunk/crypto/openssl/ssl/bio_ssl.c
trunk/crypto/openssl/ssl/d1_both.c
trunk/crypto/openssl/ssl/d1_clnt.c
trunk/crypto/openssl/ssl/d1_enc.c
trunk/crypto/openssl/ssl/d1_lib.c
trunk/crypto/openssl/ssl/d1_meth.c
trunk/crypto/openssl/ssl/d1_pkt.c
trunk/crypto/openssl/ssl/d1_srvr.c
trunk/crypto/openssl/ssl/dtls1.h
trunk/crypto/openssl/ssl/kssl.c
trunk/crypto/openssl/ssl/kssl.h
trunk/crypto/openssl/ssl/kssl_lcl.h
trunk/crypto/openssl/ssl/s23_clnt.c
trunk/crypto/openssl/ssl/s23_lib.c
trunk/crypto/openssl/ssl/s23_meth.c
trunk/crypto/openssl/ssl/s23_srvr.c
trunk/crypto/openssl/ssl/s2_clnt.c
trunk/crypto/openssl/ssl/s2_enc.c
trunk/crypto/openssl/ssl/s2_lib.c
trunk/crypto/openssl/ssl/s2_meth.c
trunk/crypto/openssl/ssl/s2_pkt.c
trunk/crypto/openssl/ssl/s2_srvr.c
trunk/crypto/openssl/ssl/s3_both.c
trunk/crypto/openssl/ssl/s3_cbc.c
trunk/crypto/openssl/ssl/s3_clnt.c
trunk/crypto/openssl/ssl/s3_enc.c
trunk/crypto/openssl/ssl/s3_lib.c
trunk/crypto/openssl/ssl/s3_meth.c
trunk/crypto/openssl/ssl/s3_pkt.c
trunk/crypto/openssl/ssl/s3_srvr.c
trunk/crypto/openssl/ssl/ssl-lib.com
trunk/crypto/openssl/ssl/ssl.h
trunk/crypto/openssl/ssl/ssl2.h
trunk/crypto/openssl/ssl/ssl3.h
trunk/crypto/openssl/ssl/ssl_algs.c
trunk/crypto/openssl/ssl/ssl_asn1.c
trunk/crypto/openssl/ssl/ssl_cert.c
trunk/crypto/openssl/ssl/ssl_ciph.c
trunk/crypto/openssl/ssl/ssl_err.c
trunk/crypto/openssl/ssl/ssl_lib.c
trunk/crypto/openssl/ssl/ssl_locl.h
trunk/crypto/openssl/ssl/ssl_rsa.c
trunk/crypto/openssl/ssl/ssl_sess.c
trunk/crypto/openssl/ssl/ssl_stat.c
trunk/crypto/openssl/ssl/ssl_txt.c
trunk/crypto/openssl/ssl/ssltest.c
trunk/crypto/openssl/ssl/t1_clnt.c
trunk/crypto/openssl/ssl/t1_enc.c
trunk/crypto/openssl/ssl/t1_lib.c
trunk/crypto/openssl/ssl/t1_meth.c
trunk/crypto/openssl/ssl/t1_srvr.c
trunk/crypto/openssl/ssl/tls1.h
trunk/crypto/openssl/test/CAss.cnf
trunk/crypto/openssl/test/Makefile
trunk/crypto/openssl/test/P1ss.cnf
trunk/crypto/openssl/test/P2ss.cnf
trunk/crypto/openssl/test/Uss.cnf
trunk/crypto/openssl/test/cms-test.pl
trunk/crypto/openssl/test/evptests.txt
trunk/crypto/openssl/test/maketests.com
trunk/crypto/openssl/test/md2test.c
trunk/crypto/openssl/test/mdc2test.c
trunk/crypto/openssl/test/tcrl.com
trunk/crypto/openssl/test/test.cnf
trunk/crypto/openssl/test/testca.com
trunk/crypto/openssl/test/testenc.com
trunk/crypto/openssl/test/testgen.com
trunk/crypto/openssl/test/tests.com
trunk/crypto/openssl/test/testss.com
trunk/crypto/openssl/test/testssl
trunk/crypto/openssl/test/testssl.com
trunk/crypto/openssl/test/times
trunk/crypto/openssl/test/tpkcs7.com
trunk/crypto/openssl/test/tpkcs7d.com
trunk/crypto/openssl/test/treq.com
trunk/crypto/openssl/test/trsa.com
trunk/crypto/openssl/test/tsid.com
trunk/crypto/openssl/test/tverify.com
trunk/crypto/openssl/test/tx509.com
trunk/crypto/openssl/times/x86/des3s.cpp
trunk/crypto/openssl/tools/Makefile
trunk/crypto/openssl/tools/c_rehash
trunk/crypto/openssl/tools/c_rehash.in
trunk/crypto/openssl/util/ck_errf.pl
trunk/crypto/openssl/util/clean-depend.pl
trunk/crypto/openssl/util/cygwin.sh
trunk/crypto/openssl/util/domd
trunk/crypto/openssl/util/libeay.num
trunk/crypto/openssl/util/mk1mf.pl
trunk/crypto/openssl/util/mkdef.pl
trunk/crypto/openssl/util/mkerr.pl
trunk/crypto/openssl/util/mkfiles.pl
trunk/crypto/openssl/util/mklink.pl
trunk/crypto/openssl/util/mkstack.pl
trunk/crypto/openssl/util/pl/BC-32.pl
trunk/crypto/openssl/util/pl/Mingw32.pl
trunk/crypto/openssl/util/pl/VC-32.pl
trunk/crypto/openssl/util/pl/netware.pl
trunk/crypto/openssl/util/point.sh
trunk/crypto/openssl/util/selftest.pl
trunk/crypto/openssl/util/shlib_wrap.sh
trunk/crypto/openssl/util/ssleay.num
Added Paths:
-----------
trunk/crypto/openssl/INSTALL.DJGPP
trunk/crypto/openssl/INSTALL.MacOS
trunk/crypto/openssl/INSTALL.NW
trunk/crypto/openssl/INSTALL.OS2
trunk/crypto/openssl/INSTALL.VMS
trunk/crypto/openssl/INSTALL.W32
trunk/crypto/openssl/INSTALL.W64
trunk/crypto/openssl/INSTALL.WCE
trunk/crypto/openssl/MacOS/
trunk/crypto/openssl/Netware/
trunk/crypto/openssl/VMS/install-vms.com
trunk/crypto/openssl/VMS/openssl_startup.com
trunk/crypto/openssl/VMS/openssl_undo.com
trunk/crypto/openssl/apps/demoSRP/
trunk/crypto/openssl/apps/genpkey.c
trunk/crypto/openssl/apps/install-apps.com
trunk/crypto/openssl/apps/pkey.c
trunk/crypto/openssl/apps/pkeyparam.c
trunk/crypto/openssl/apps/pkeyutl.c
trunk/crypto/openssl/apps/srp.c
trunk/crypto/openssl/apps/ts.c
trunk/crypto/openssl/apps/tsget
trunk/crypto/openssl/apps/vms_decc_init.c
trunk/crypto/openssl/crypto/aes/aes_x86core.c
trunk/crypto/openssl/crypto/aes/asm/aes-armv4.pl
trunk/crypto/openssl/crypto/aes/asm/aes-mips.pl
trunk/crypto/openssl/crypto/aes/asm/aes-parisc.pl
trunk/crypto/openssl/crypto/aes/asm/aes-ppc.pl
trunk/crypto/openssl/crypto/aes/asm/aes-s390x.pl
trunk/crypto/openssl/crypto/aes/asm/aes-sparcv9.pl
trunk/crypto/openssl/crypto/aes/asm/aesni-sha1-x86_64.pl
trunk/crypto/openssl/crypto/aes/asm/aesni-x86.pl
trunk/crypto/openssl/crypto/aes/asm/aesni-x86_64.pl
trunk/crypto/openssl/crypto/aes/asm/bsaes-x86_64.pl
trunk/crypto/openssl/crypto/aes/asm/vpaes-x86.pl
trunk/crypto/openssl/crypto/aes/asm/vpaes-x86_64.pl
trunk/crypto/openssl/crypto/alphacpuid.pl
trunk/crypto/openssl/crypto/arm_arch.h
trunk/crypto/openssl/crypto/armcap.c
trunk/crypto/openssl/crypto/armv4cpuid.S
trunk/crypto/openssl/crypto/asn1/ameth_lib.c
trunk/crypto/openssl/crypto/asn1/asn1_locl.h
trunk/crypto/openssl/crypto/asn1/bio_asn1.c
trunk/crypto/openssl/crypto/asn1/bio_ndef.c
trunk/crypto/openssl/crypto/asn1/x_nx509.c
trunk/crypto/openssl/crypto/bn/asm/alpha-mont.pl
trunk/crypto/openssl/crypto/bn/asm/armv4-gf2m.pl
trunk/crypto/openssl/crypto/bn/asm/armv4-mont.pl
trunk/crypto/openssl/crypto/bn/asm/ia64-mont.pl
trunk/crypto/openssl/crypto/bn/asm/mips-mont.pl
trunk/crypto/openssl/crypto/bn/asm/mips.pl
trunk/crypto/openssl/crypto/bn/asm/mips3-mont.pl
trunk/crypto/openssl/crypto/bn/asm/modexp512-x86_64.pl
trunk/crypto/openssl/crypto/bn/asm/parisc-mont.pl
trunk/crypto/openssl/crypto/bn/asm/ppc-mont.pl
trunk/crypto/openssl/crypto/bn/asm/ppc64-mont.pl
trunk/crypto/openssl/crypto/bn/asm/s390x-gf2m.pl
trunk/crypto/openssl/crypto/bn/asm/s390x-mont.pl
trunk/crypto/openssl/crypto/bn/asm/s390x.S
trunk/crypto/openssl/crypto/bn/asm/sparcv9-mont.pl
trunk/crypto/openssl/crypto/bn/asm/sparcv9a-mont.pl
trunk/crypto/openssl/crypto/bn/asm/via-mont.pl
trunk/crypto/openssl/crypto/bn/asm/x86-gf2m.pl
trunk/crypto/openssl/crypto/bn/asm/x86-mont.pl
trunk/crypto/openssl/crypto/bn/asm/x86_64-gf2m.pl
trunk/crypto/openssl/crypto/bn/asm/x86_64-mont5.pl
trunk/crypto/openssl/crypto/camellia/asm/
trunk/crypto/openssl/crypto/camellia/cmll_utl.c
trunk/crypto/openssl/crypto/cmac/
trunk/crypto/openssl/crypto/cms/cms_pwri.c
trunk/crypto/openssl/crypto/dh/dh_ameth.c
trunk/crypto/openssl/crypto/dh/dh_pmeth.c
trunk/crypto/openssl/crypto/dh/dh_prn.c
trunk/crypto/openssl/crypto/dsa/dsa_ameth.c
trunk/crypto/openssl/crypto/dsa/dsa_locl.h
trunk/crypto/openssl/crypto/dsa/dsa_pmeth.c
trunk/crypto/openssl/crypto/dsa/dsa_prn.c
trunk/crypto/openssl/crypto/dso/dso_beos.c
trunk/crypto/openssl/crypto/ec/ec2_oct.c
trunk/crypto/openssl/crypto/ec/ec_ameth.c
trunk/crypto/openssl/crypto/ec/ec_oct.c
trunk/crypto/openssl/crypto/ec/ec_pmeth.c
trunk/crypto/openssl/crypto/ec/eck_prn.c
trunk/crypto/openssl/crypto/ec/ecp_nistp224.c
trunk/crypto/openssl/crypto/ec/ecp_nistp256.c
trunk/crypto/openssl/crypto/ec/ecp_nistp521.c
trunk/crypto/openssl/crypto/ec/ecp_nistputil.c
trunk/crypto/openssl/crypto/ec/ecp_oct.c
trunk/crypto/openssl/crypto/engine/eng_rdrand.c
trunk/crypto/openssl/crypto/engine/eng_rsax.c
trunk/crypto/openssl/crypto/engine/tb_asnmth.c
trunk/crypto/openssl/crypto/engine/tb_pkmeth.c
trunk/crypto/openssl/crypto/evp/e_aes_cbc_hmac_sha1.c
trunk/crypto/openssl/crypto/evp/e_rc4_hmac_md5.c
trunk/crypto/openssl/crypto/evp/evp_extra_test.c
trunk/crypto/openssl/crypto/evp/evp_fips.c
trunk/crypto/openssl/crypto/evp/m_sigver.c
trunk/crypto/openssl/crypto/evp/m_wp.c
trunk/crypto/openssl/crypto/evp/pmeth_fn.c
trunk/crypto/openssl/crypto/evp/pmeth_gn.c
trunk/crypto/openssl/crypto/evp/pmeth_lib.c
trunk/crypto/openssl/crypto/fips_ers.c
trunk/crypto/openssl/crypto/hmac/hm_ameth.c
trunk/crypto/openssl/crypto/hmac/hm_pmeth.c
trunk/crypto/openssl/crypto/install-crypto.com
trunk/crypto/openssl/crypto/md5/asm/md5-ia64.S
trunk/crypto/openssl/crypto/modes/
trunk/crypto/openssl/crypto/o_fips.c
trunk/crypto/openssl/crypto/objects/obj_xref.c
trunk/crypto/openssl/crypto/objects/obj_xref.h
trunk/crypto/openssl/crypto/objects/obj_xref.txt
trunk/crypto/openssl/crypto/objects/objxref.pl
trunk/crypto/openssl/crypto/pariscid.pl
trunk/crypto/openssl/crypto/pem/pvkfmt.c
trunk/crypto/openssl/crypto/perlasm/ppc-xlate.pl
trunk/crypto/openssl/crypto/perlasm/x86gas.pl
trunk/crypto/openssl/crypto/perlasm/x86masm.pl
trunk/crypto/openssl/crypto/pkcs7/bio_pk7.c
trunk/crypto/openssl/crypto/ppccap.c
trunk/crypto/openssl/crypto/ppccpuid.pl
trunk/crypto/openssl/crypto/rc4/asm/rc4-ia64.pl
trunk/crypto/openssl/crypto/rc4/asm/rc4-md5-x86_64.pl
trunk/crypto/openssl/crypto/rc4/asm/rc4-parisc.pl
trunk/crypto/openssl/crypto/rc4/asm/rc4-s390x.pl
trunk/crypto/openssl/crypto/rc4/rc4_utl.c
trunk/crypto/openssl/crypto/rsa/rsa_ameth.c
trunk/crypto/openssl/crypto/rsa/rsa_crpt.c
trunk/crypto/openssl/crypto/rsa/rsa_locl.h
trunk/crypto/openssl/crypto/rsa/rsa_pmeth.c
trunk/crypto/openssl/crypto/rsa/rsa_prn.c
trunk/crypto/openssl/crypto/s390xcap.c
trunk/crypto/openssl/crypto/s390xcpuid.S
trunk/crypto/openssl/crypto/sha/asm/sha1-alpha.pl
trunk/crypto/openssl/crypto/sha/asm/sha1-armv4-large.pl
trunk/crypto/openssl/crypto/sha/asm/sha1-mips.pl
trunk/crypto/openssl/crypto/sha/asm/sha1-parisc.pl
trunk/crypto/openssl/crypto/sha/asm/sha1-ppc.pl
trunk/crypto/openssl/crypto/sha/asm/sha1-s390x.pl
trunk/crypto/openssl/crypto/sha/asm/sha1-sparcv9.pl
trunk/crypto/openssl/crypto/sha/asm/sha1-sparcv9a.pl
trunk/crypto/openssl/crypto/sha/asm/sha1-thumb.pl
trunk/crypto/openssl/crypto/sha/asm/sha256-586.pl
trunk/crypto/openssl/crypto/sha/asm/sha256-armv4.pl
trunk/crypto/openssl/crypto/sha/asm/sha512-586.pl
trunk/crypto/openssl/crypto/sha/asm/sha512-armv4.pl
trunk/crypto/openssl/crypto/sha/asm/sha512-mips.pl
trunk/crypto/openssl/crypto/sha/asm/sha512-parisc.pl
trunk/crypto/openssl/crypto/sha/asm/sha512-ppc.pl
trunk/crypto/openssl/crypto/sha/asm/sha512-s390x.pl
trunk/crypto/openssl/crypto/sha/asm/sha512-sparcv9.pl
trunk/crypto/openssl/crypto/sparcv9cap.c
trunk/crypto/openssl/crypto/srp/
trunk/crypto/openssl/crypto/ts/
trunk/crypto/openssl/crypto/vms_rms.h
trunk/crypto/openssl/crypto/whrlpool/
trunk/crypto/openssl/demos/cms/
trunk/crypto/openssl/demos/smime/
trunk/crypto/openssl/doc/apps/c_rehash.pod
trunk/crypto/openssl/doc/apps/cms.pod
trunk/crypto/openssl/doc/apps/genpkey.pod
trunk/crypto/openssl/doc/apps/pkey.pod
trunk/crypto/openssl/doc/apps/pkeyparam.pod
trunk/crypto/openssl/doc/apps/pkeyutl.pod
trunk/crypto/openssl/doc/apps/ts.pod
trunk/crypto/openssl/doc/apps/tsget.pod
trunk/crypto/openssl/doc/crypto/BIO_new_CMS.pod
trunk/crypto/openssl/doc/crypto/CMS_add0_cert.pod
trunk/crypto/openssl/doc/crypto/CMS_add1_recipient_cert.pod
trunk/crypto/openssl/doc/crypto/CMS_add1_signer.pod
trunk/crypto/openssl/doc/crypto/CMS_compress.pod
trunk/crypto/openssl/doc/crypto/CMS_decrypt.pod
trunk/crypto/openssl/doc/crypto/CMS_encrypt.pod
trunk/crypto/openssl/doc/crypto/CMS_final.pod
trunk/crypto/openssl/doc/crypto/CMS_get0_RecipientInfos.pod
trunk/crypto/openssl/doc/crypto/CMS_get0_SignerInfos.pod
trunk/crypto/openssl/doc/crypto/CMS_get0_type.pod
trunk/crypto/openssl/doc/crypto/CMS_get1_ReceiptRequest.pod
trunk/crypto/openssl/doc/crypto/CMS_sign.pod
trunk/crypto/openssl/doc/crypto/CMS_sign_receipt.pod
trunk/crypto/openssl/doc/crypto/CMS_uncompress.pod
trunk/crypto/openssl/doc/crypto/CMS_verify.pod
trunk/crypto/openssl/doc/crypto/CMS_verify_receipt.pod
trunk/crypto/openssl/doc/crypto/EVP_DigestSignInit.pod
trunk/crypto/openssl/doc/crypto/EVP_DigestVerifyInit.pod
trunk/crypto/openssl/doc/crypto/EVP_PKEY_CTX_ctrl.pod
trunk/crypto/openssl/doc/crypto/EVP_PKEY_CTX_new.pod
trunk/crypto/openssl/doc/crypto/EVP_PKEY_cmp.pod
trunk/crypto/openssl/doc/crypto/EVP_PKEY_decrypt.pod
trunk/crypto/openssl/doc/crypto/EVP_PKEY_derive.pod
trunk/crypto/openssl/doc/crypto/EVP_PKEY_encrypt.pod
trunk/crypto/openssl/doc/crypto/EVP_PKEY_get_default_digest.pod
trunk/crypto/openssl/doc/crypto/EVP_PKEY_keygen.pod
trunk/crypto/openssl/doc/crypto/EVP_PKEY_print_private.pod
trunk/crypto/openssl/doc/crypto/EVP_PKEY_sign.pod
trunk/crypto/openssl/doc/crypto/EVP_PKEY_verify.pod
trunk/crypto/openssl/doc/crypto/EVP_PKEY_verify_recover.pod
trunk/crypto/openssl/doc/crypto/PEM_write_bio_CMS_stream.pod
trunk/crypto/openssl/doc/crypto/PEM_write_bio_PKCS7_stream.pod
trunk/crypto/openssl/doc/crypto/PKCS7_sign_add_signer.pod
trunk/crypto/openssl/doc/crypto/SMIME_read_CMS.pod
trunk/crypto/openssl/doc/crypto/SMIME_write_CMS.pod
trunk/crypto/openssl/doc/crypto/X509_STORE_CTX_get_error.pod
trunk/crypto/openssl/doc/crypto/X509_STORE_CTX_get_ex_new_index.pod
trunk/crypto/openssl/doc/crypto/X509_STORE_CTX_new.pod
trunk/crypto/openssl/doc/crypto/X509_STORE_CTX_set_verify_cb.pod
trunk/crypto/openssl/doc/crypto/X509_STORE_set_verify_cb_func.pod
trunk/crypto/openssl/doc/crypto/X509_VERIFY_PARAM_set_flags.pod
trunk/crypto/openssl/doc/crypto/X509_verify_cert.pod
trunk/crypto/openssl/doc/crypto/d2i_CMS_ContentInfo.pod
trunk/crypto/openssl/doc/crypto/d2i_ECPrivateKey.pod
trunk/crypto/openssl/doc/crypto/i2d_CMS_bio_stream.pod
trunk/crypto/openssl/doc/crypto/i2d_PKCS7_bio_stream.pod
trunk/crypto/openssl/doc/ssl/SSL_CTX_set_psk_client_callback.pod
trunk/crypto/openssl/doc/ssl/SSL_CTX_set_read_ahead.pod
trunk/crypto/openssl/doc/ssl/SSL_CTX_use_psk_identity_hint.pod
trunk/crypto/openssl/doc/ssl/SSL_get_psk_identity.pod
trunk/crypto/openssl/engines/axp.opt
trunk/crypto/openssl/engines/capierr.bat
trunk/crypto/openssl/engines/ccgost/
trunk/crypto/openssl/engines/e_padlock.c
trunk/crypto/openssl/engines/e_padlock.ec
trunk/crypto/openssl/include/openssl/camellia.h
trunk/crypto/openssl/include/openssl/cmac.h
trunk/crypto/openssl/include/openssl/cms.h
trunk/crypto/openssl/include/openssl/mdc2.h
trunk/crypto/openssl/include/openssl/modes.h
trunk/crypto/openssl/include/openssl/seed.h
trunk/crypto/openssl/include/openssl/srp.h
trunk/crypto/openssl/include/openssl/srtp.h
trunk/crypto/openssl/include/openssl/ts.h
trunk/crypto/openssl/include/openssl/whrlpool.h
trunk/crypto/openssl/install.com
trunk/crypto/openssl/makevms.com
trunk/crypto/openssl/ms/
trunk/crypto/openssl/os2/
trunk/crypto/openssl/ssl/d1_srtp.c
trunk/crypto/openssl/ssl/heartbeat_test.c
trunk/crypto/openssl/ssl/install-ssl.com
trunk/crypto/openssl/ssl/srtp.h
trunk/crypto/openssl/ssl/ssl_utst.c
trunk/crypto/openssl/ssl/tls_srp.c
trunk/crypto/openssl/test/CAtsa.cnf
trunk/crypto/openssl/test/asn1test.c
trunk/crypto/openssl/test/bctest.com
trunk/crypto/openssl/test/bntest.com
trunk/crypto/openssl/test/clean_test.com
trunk/crypto/openssl/test/evp_extra_test.c
trunk/crypto/openssl/test/heartbeat_test.c
trunk/crypto/openssl/test/pkits-test.pl
trunk/crypto/openssl/test/srptest.c
trunk/crypto/openssl/test/test_padlock
trunk/crypto/openssl/test/testtsa
trunk/crypto/openssl/test/testtsa.com
trunk/crypto/openssl/test/testutil.h
trunk/crypto/openssl/test/wp_test.c
trunk/crypto/openssl/util/deltree.com
trunk/crypto/openssl/util/mkbuildinf.pl
Removed Paths:
-------------
trunk/crypto/openssl/VMS/install.com
trunk/crypto/openssl/crypto/bn/asm/mips3.s
trunk/crypto/openssl/crypto/dsa/dsa_utl.c
trunk/crypto/openssl/crypto/install.com
trunk/crypto/openssl/crypto/rc4/asm/rc4-ia64.S
trunk/crypto/openssl/crypto/sha/sha1s.cpp
trunk/crypto/openssl/include/openssl/fips.h
trunk/crypto/openssl/include/openssl/fips_rand.h
trunk/crypto/openssl/include/openssl/md2.h
trunk/crypto/openssl/include/openssl/pq_compat.h
trunk/crypto/openssl/include/openssl/store.h
trunk/crypto/openssl/include/openssl/tmdiff.h
trunk/crypto/openssl/test/SHAmix.r
trunk/crypto/openssl/test/SHAmix.x
trunk/crypto/openssl/test/fips_aesavs.c
trunk/crypto/openssl/test/fips_desmovs.c
trunk/crypto/openssl/test/fips_dsatest.c
trunk/crypto/openssl/test/fips_dssvs.c
trunk/crypto/openssl/test/fips_hmactest.c
trunk/crypto/openssl/test/fips_randtest.c
trunk/crypto/openssl/test/fips_rngvs.c
trunk/crypto/openssl/test/fips_rsagtest.c
trunk/crypto/openssl/test/fips_rsastest.c
trunk/crypto/openssl/test/fips_rsavtest.c
trunk/crypto/openssl/test/fips_shatest.c
trunk/crypto/openssl/test/fips_test_suite.c
trunk/crypto/openssl/util/arx.pl
trunk/crypto/openssl/util/fipslink.pl
trunk/crypto/openssl/util/mksdef.pl
Property Changed:
----------------
trunk/crypto/openssl/
Index: trunk/crypto/openssl
===================================================================
--- trunk/crypto/openssl 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl 2015-07-21 23:23:45 UTC (rev 7118)
Property changes on: trunk/crypto/openssl
___________________________________________________________________
Modified: svn:mergeinfo
## -1 +1 ##
-/vendor-crypto/openssl/dist:6869-7015
\ No newline at end of property
+/vendor-crypto/openssl/dist:6869-7117
\ No newline at end of property
Modified: trunk/crypto/openssl/CHANGES
===================================================================
--- trunk/crypto/openssl/CHANGES 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/CHANGES 2015-07-21 23:23:45 UTC (rev 7118)
@@ -2,8 +2,14 @@
OpenSSL CHANGES
_______________
- Changes between 0.9.8zf and 0.9.8zg [11 Jun 2015]
+ Changes between 1.0.1n and 1.0.1o [12 Jun 2015]
+ *) Fix HMAC ABI incompatibility. The previous version introduced an ABI
+ incompatibility in the handling of HMAC. The previous ABI has now been
+ restored.
+
+ Changes between 1.0.1m and 1.0.1n [11 Jun 2015]
+
*) Malformed ECParameters causes infinite loop
When processing an ECParameters structure OpenSSL enters an infinite loop
@@ -70,8 +76,11 @@
(CVE-2015-1791)
[Matt Caswell]
- Changes between 0.9.8ze and 0.9.8zf [19 Mar 2015]
+ *) Reject DH handshakes with parameters shorter than 768 bits.
+ [Kurt Roeckx and Emilia Kasper]
+ Changes between 1.0.1l and 1.0.1m [19 Mar 2015]
+
*) Segmentation fault in ASN1_TYPE_cmp fix
The function ASN1_TYPE_cmp will crash with an invalid read if an attempt is
@@ -144,15 +153,15 @@
(CVE-2015-0288)
[Stephen Henson]
- *) Removed the export and SSLv2 ciphers from the DEFAULT ciphers
+ *) Removed the export ciphers from the DEFAULT ciphers
[Kurt Roeckx]
- Changes between 0.9.8zd and 0.9.8ze [15 Jan 2015]
+ Changes between 1.0.1k and 1.0.1l [15 Jan 2015]
*) Build fixes for the Windows and OpenVMS platforms
[Matt Caswell and Richard Levitte]
- Changes between 0.9.8zc and 0.9.8zd [8 Jan 2015]
+ Changes between 1.0.1j and 1.0.1k [8 Jan 2015]
*) Fix DTLS segmentation fault in dtls1_get_record. A carefully crafted DTLS
message can cause a segmentation fault in OpenSSL due to a NULL pointer
@@ -161,6 +170,15 @@
(CVE-2014-3571)
[Steve Henson]
+ *) Fix DTLS memory leak in dtls1_buffer_record. A memory leak can occur in the
+ dtls1_buffer_record function under certain conditions. In particular this
+ could occur if an attacker sent repeated DTLS records with the same
+ sequence number but for the next epoch. The memory leak could be exploited
+ by an attacker in a Denial of Service attack through memory exhaustion.
+ Thanks to Chris Mueller for reporting this issue.
+ (CVE-2015-0206)
+ [Matt Caswell]
+
*) Fix issue where no-ssl3 configuration sets method to NULL. When openssl is
built with the no-ssl3 option and a SSL v3 ClientHello is received the ssl
method would be set to NULL which could later result in a NULL pointer
@@ -185,6 +203,24 @@
(CVE-2015-0204)
[Steve Henson]
+ *) Fixed issue where DH client certificates are accepted without verification.
+ An OpenSSL server will accept a DH certificate for client authentication
+ without the certificate verify message. This effectively allows a client to
+ authenticate without the use of a private key. This only affects servers
+ which trust a client certificate authority which issues certificates
+ containing DH keys: these are extremely rare and hardly ever encountered.
+ Thanks for Karthikeyan Bhargavan of the PROSECCO team at INRIA or reporting
+ this issue.
+ (CVE-2015-0205)
+ [Steve Henson]
+
+ *) Ensure that the session ID context of an SSL is updated when its
+ SSL_CTX is updated via SSL_set_SSL_CTX.
+
+ The session ID context is typically set from the parent SSL_CTX,
+ and can vary with the CTX.
+ [Adam Langley]
+
*) Fix various certificate fingerprint issues.
By using non-DER or invalid encodings outside the signed portion of a
@@ -233,8 +269,44 @@
(CVE-2014-3570)
[Andy Polyakov]
- Changes between 0.9.8zb and 0.9.8zc [15 Oct 2014]
+ *) Do not resume sessions on the server if the negotiated protocol
+ version does not match the session's version. Resuming with a different
+ version, while not strictly forbidden by the RFC, is of questionable
+ sanity and breaks all known clients.
+ [David Benjamin, Emilia K\xE4sper]
+ *) Tighten handling of the ChangeCipherSpec (CCS) message: reject
+ early CCS messages during renegotiation. (Note that because
+ renegotiation is encrypted, this early CCS was not exploitable.)
+ [Emilia K\xE4sper]
+
+ *) Tighten client-side session ticket handling during renegotiation:
+ ensure that the client only accepts a session ticket if the server sends
+ the extension anew in the ServerHello. Previously, a TLS client would
+ reuse the old extension state and thus accept a session ticket if one was
+ announced in the initial ServerHello.
+
+ Similarly, ensure that the client requires a session ticket if one
+ was advertised in the ServerHello. Previously, a TLS client would
+ ignore a missing NewSessionTicket message.
+ [Emilia K\xE4sper]
+
+ Changes between 1.0.1i and 1.0.1j [15 Oct 2014]
+
+ *) SRTP Memory Leak.
+
+ A flaw in the DTLS SRTP extension parsing code allows an attacker, who
+ sends a carefully crafted handshake message, to cause OpenSSL to fail
+ to free up to 64k of memory causing a memory leak. This could be
+ exploited in a Denial Of Service attack. This issue affects OpenSSL
+ 1.0.1 server implementations for both SSL/TLS and DTLS regardless of
+ whether SRTP is used or configured. Implementations of OpenSSL that
+ have been compiled with OPENSSL_NO_SRTP defined are not affected.
+
+ The fix was developed by the OpenSSL team.
+ (CVE-2014-3513)
+ [OpenSSL team]
+
*) Session Ticket Memory Leak.
When an OpenSSL SSL/TLS/DTLS server receives a session ticket the
@@ -270,8 +342,28 @@
[Steve Henson]
- Changes between 0.9.8za and 0.9.8zb [6 Aug 2014]
+ Changes between 1.0.1h and 1.0.1i [6 Aug 2014]
+ *) Fix SRP buffer overrun vulnerability. Invalid parameters passed to the
+ SRP code can be overrun an internal buffer. Add sanity check that
+ g, A, B < N to SRP code.
+
+ Thanks to Sean Devlin and Watson Ladd of Cryptography Services, NCC
+ Group for discovering this issue.
+ (CVE-2014-3512)
+ [Steve Henson]
+
+ *) A flaw in the OpenSSL SSL/TLS server code causes the server to negotiate
+ TLS 1.0 instead of higher protocol versions when the ClientHello message
+ is badly fragmented. This allows a man-in-the-middle attacker to force a
+ downgrade to TLS 1.0 even if both the server and the client support a
+ higher protocol version, by modifying the client's TLS records.
+
+ Thanks to David Benjamin and Adam Langley (Google) for discovering and
+ researching this issue.
+ (CVE-2014-3511)
+ [David Benjamin]
+
*) OpenSSL DTLS clients enabling anonymous (EC)DH ciphersuites are subject
to a denial of service attack. A malicious server can crash the client
with a null pointer dereference (read) by specifying an anonymous (EC)DH
@@ -303,6 +395,25 @@
(CVE-2014-3505)
[Adam Langley]
+ *) If a multithreaded client connects to a malicious server using a resumed
+ session and the server sends an ec point format extension it could write
+ up to 255 bytes to freed memory.
+
+ Thanks to Gabor Tyukasz (LogMeIn Inc) for discovering and researching this
+ issue.
+ (CVE-2014-3509)
+ [Gabor Tyukasz]
+
+ *) A malicious server can crash an OpenSSL client with a null pointer
+ dereference (read) by specifying an SRP ciphersuite even though it was not
+ properly negotiated with the client. This can be exploited through a
+ Denial of Service attack.
+
+ Thanks to Joonas Kuorilehto and Riku Hietam\xE4ki (Codenomicon) for
+ discovering and researching this issue.
+ (CVE-2014-5139)
+ [Steve Henson]
+
*) A flaw in OBJ_obj2txt may cause pretty printing functions such as
X509_name_oneline, X509_name_print_ex et al. to leak some information
from the stack. Applications may be affected if they echo pretty printing
@@ -317,7 +428,7 @@
bogus results, with non-infinity inputs mapped to infinity too.)
[Bodo Moeller]
- Changes between 0.9.8y and 0.9.8za [5 Jun 2014]
+ Changes between 1.0.1g and 1.0.1h [5 Jun 2014]
*) Fix for SSL/TLS MITM flaw. An attacker using a carefully crafted
handshake can force the use of weak keying material in OpenSSL
@@ -350,6 +461,28 @@
this issue. (CVE-2014-3470)
[Felix Gr\xF6bert, Ivan Fratric, Steve Henson]
+ *) Harmonize version and its documentation. -f flag is used to display
+ compilation flags.
+ [mancha <mancha1 at zoho.com>]
+
+ *) Fix eckey_priv_encode so it immediately returns an error upon a failure
+ in i2d_ECPrivateKey.
+ [mancha <mancha1 at zoho.com>]
+
+ *) Fix some double frees. These are not thought to be exploitable.
+ [mancha <mancha1 at zoho.com>]
+
+ Changes between 1.0.1f and 1.0.1g [7 Apr 2014]
+
+ *) A missing bounds check in the handling of the TLS heartbeat extension
+ can be used to reveal up to 64k of memory to a connected client or
+ server.
+
+ Thanks for Neel Mehta of Google Security for discovering this bug and to
+ Adam Langley <agl at chromium.org> and Bodo Moeller <bmoeller at acm.org> for
+ preparing the fix (CVE-2014-0160)
+ [Adam Langley, Bodo Moeller]
+
*) Fix for the attack described in the paper "Recovering OpenSSL
ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack"
by Yuval Yarom and Naomi Benger. Details can be obtained from:
@@ -359,14 +492,27 @@
flaw and to Yuval Yarom for supplying a fix (CVE-2014-0076)
[Yuval Yarom and Naomi Benger]
- Thanks to mancha for backporting the fix to the 0.9.8 branch.
+ *) TLS pad extension: draft-agl-tls-padding-03
- *) Fix handling of warning-level alerts in SSL23 client mode so they
- don't cause client-side termination (eg. on SNI unrecognized_name
- warnings). Add client and server support for six additional alerts
- per RFC 6066 and RFC 4279.
- [mancha]
+ Workaround for the "TLS hang bug" (see FAQ and PR#2771): if the
+ TLS client Hello record length value would otherwise be > 255 and
+ less that 512 pad with a dummy extension containing zeroes so it
+ is at least 512 bytes long.
+ [Adam Langley, Steve Henson]
+
+ Changes between 1.0.1e and 1.0.1f [6 Jan 2014]
+
+ *) Fix for TLS record tampering bug. A carefully crafted invalid
+ handshake could crash OpenSSL with a NULL pointer exception.
+ Thanks to Anton Johansson for reporting this issues.
+ (CVE-2013-4353)
+
+ *) Keep original DTLS digest and encryption contexts in retransmission
+ structures so we can use the previous session parameters if they need
+ to be resent. (CVE-2013-6450)
+ [Steve Henson]
+
*) Add option SSL_OP_SAFARI_ECDHE_ECDSA_BUG (part of SSL_OP_ALL) which
avoids preferring ECDHE-ECDSA ciphers when the client appears to be
Safari on OS X. Safari on OS X 10.8..10.8.3 advertises support for
@@ -375,8 +521,14 @@
10.8..10.8.3 and forcing users to upgrade to 10.8.4 or newer.
[Rob Stradling, Adam Langley]
- Changes between 0.9.8x and 0.9.8y [5 Feb 2013]
+ Changes between 1.0.1d and 1.0.1e [11 Feb 2013]
+ *) Correct fix for CVE-2013-0169. The original didn't work on AES-NI
+ supporting platforms or when small records were transferred.
+ [Andy Polyakov, Steve Henson]
+
+ Changes between 1.0.1c and 1.0.1d [5 Feb 2013]
+
*) Make the decoding of SSLv3, TLS and DTLS CBC records constant time.
This addresses the flaw in CBC record processing discovered by
@@ -390,25 +542,39 @@
(CVE-2013-0169)
[Emilia K\xE4sper, Adam Langley, Ben Laurie, Andy Polyakov, Steve Henson]
+ *) Fix flaw in AESNI handling of TLS 1.2 and 1.1 records for CBC mode
+ ciphersuites which can be exploited in a denial of service attack.
+ Thanks go to and to Adam Langley <agl at chromium.org> for discovering
+ and detecting this bug and to Wolfgang Ettlinger
+ <wolfgang.ettlinger at gmail.com> for independently discovering this issue.
+ (CVE-2012-2686)
+ [Adam Langley]
+
*) Return an error when checking OCSP signatures when key is NULL.
This fixes a DoS attack. (CVE-2013-0166)
[Steve Henson]
+ *) Make openssl verify return errors.
+ [Chris Palmer <palmer at google.com> and Ben Laurie]
+
*) Call OCSP Stapling callback after ciphersuite has been chosen, so
the right response is stapled. Also change SSL_get_certificate()
so it returns the certificate actually sent.
See http://rt.openssl.org/Ticket/Display.html?id=2836.
- (This is a backport)
[Rob Stradling <rob.stradling at comodo.com>]
*) Fix possible deadlock when decoding public keys.
[Steve Henson]
- Changes between 0.9.8w and 0.9.8x [10 May 2012]
+ *) Don't use TLS 1.0 record version number in initial client hello
+ if renegotiating.
+ [Steve Henson]
- *) Sanity check record length before skipping explicit IV in DTLS
- to fix DoS attack.
+ Changes between 1.0.1b and 1.0.1c [10 May 2012]
+ *) Sanity check record length before skipping explicit IV in TLS
+ 1.2, 1.1 and DTLS to fix DoS attack.
+
Thanks to Codenomicon for discovering this issue using Fuzz-o-Matic
fuzzing as a service testing platform.
(CVE-2012-2333)
@@ -418,16 +584,35 @@
Thanks to Solar Designer of Openwall for reporting this issue.
[Steve Henson]
- Changes between 0.9.8v and 0.9.8w [23 Apr 2012]
+ *) In FIPS mode don't try to use composite ciphers as they are not
+ approved.
+ [Steve Henson]
- *) The fix for CVE-2012-2110 did not take into account that the
- 'len' argument to BUF_MEM_grow and BUF_MEM_grow_clean is an
- int in OpenSSL 0.9.8, making it still vulnerable. Fix by
- rejecting negative len parameter. (CVE-2012-2131)
- [Tomas Hoger <thoger at redhat.com>]
+ Changes between 1.0.1a and 1.0.1b [26 Apr 2012]
- Changes between 0.9.8u and 0.9.8v [19 Apr 2012]
+ *) OpenSSL 1.0.0 sets SSL_OP_ALL to 0x80000FFFL and OpenSSL 1.0.1 and
+ 1.0.1a set SSL_OP_NO_TLSv1_1 to 0x00000400L which would unfortunately
+ mean any application compiled against OpenSSL 1.0.0 headers setting
+ SSL_OP_ALL would also set SSL_OP_NO_TLSv1_1, unintentionally disablng
+ TLS 1.1 also. Fix this by changing the value of SSL_OP_NO_TLSv1_1 to
+ 0x10000000L Any application which was previously compiled against
+ OpenSSL 1.0.1 or 1.0.1a headers and which cares about SSL_OP_NO_TLSv1_1
+ will need to be recompiled as a result. Letting be results in
+ inability to disable specifically TLS 1.1 and in client context,
+ in unlike event, limit maximum offered version to TLS 1.0 [see below].
+ [Steve Henson]
+ *) In order to ensure interoperabilty SSL_OP_NO_protocolX does not
+ disable just protocol X, but all protocols above X *if* there are
+ protocols *below* X still enabled. In more practical terms it means
+ that if application wants to disable TLS1.0 in favor of TLS1.1 and
+ above, it's not sufficient to pass SSL_OP_NO_TLSv1, one has to pass
+ SSL_OP_NO_TLSv1|SSL_OP_NO_SSLv3|SSL_OP_NO_SSLv2. This applies to
+ client side.
+ [Andy Polyakov]
+
+ Changes between 1.0.1 and 1.0.1a [19 Apr 2012]
+
*) Check for potentially exploitable overflows in asn1_d2i_read_bio
BUF_mem_grow and BUF_mem_grow_clean. Refuse attempts to shrink buffer
in CRYPTO_realloc_clean.
@@ -437,8 +622,311 @@
(CVE-2012-2110)
[Adam Langley (Google), Tavis Ormandy, Google Security Team]
- Changes between 0.9.8t and 0.9.8u [12 Mar 2012]
+ *) Don't allow TLS 1.2 SHA-256 ciphersuites in TLS 1.0, 1.1 connections.
+ [Adam Langley]
+ *) Workarounds for some broken servers that "hang" if a client hello
+ record length exceeds 255 bytes.
+
+ 1. Do not use record version number > TLS 1.0 in initial client
+ hello: some (but not all) hanging servers will now work.
+ 2. If we set OPENSSL_MAX_TLS1_2_CIPHER_LENGTH this will truncate
+ the number of ciphers sent in the client hello. This should be
+ set to an even number, such as 50, for example by passing:
+ -DOPENSSL_MAX_TLS1_2_CIPHER_LENGTH=50 to config or Configure.
+ Most broken servers should now work.
+ 3. If all else fails setting OPENSSL_NO_TLS1_2_CLIENT will disable
+ TLS 1.2 client support entirely.
+ [Steve Henson]
+
+ *) Fix SEGV in Vector Permutation AES module observed in OpenSSH.
+ [Andy Polyakov]
+
+ Changes between 1.0.0h and 1.0.1 [14 Mar 2012]
+
+ *) Add compatibility with old MDC2 signatures which use an ASN1 OCTET
+ STRING form instead of a DigestInfo.
+ [Steve Henson]
+
+ *) The format used for MDC2 RSA signatures is inconsistent between EVP
+ and the RSA_sign/RSA_verify functions. This was made more apparent when
+ OpenSSL used RSA_sign/RSA_verify for some RSA signatures in particular
+ those which went through EVP_PKEY_METHOD in 1.0.0 and later. Detect
+ the correct format in RSA_verify so both forms transparently work.
+ [Steve Henson]
+
+ *) Some servers which support TLS 1.0 can choke if we initially indicate
+ support for TLS 1.2 and later renegotiate using TLS 1.0 in the RSA
+ encrypted premaster secret. As a workaround use the maximum pemitted
+ client version in client hello, this should keep such servers happy
+ and still work with previous versions of OpenSSL.
+ [Steve Henson]
+
+ *) Add support for TLS/DTLS heartbeats.
+ [Robin Seggelmann <seggelmann at fh-muenster.de>]
+
+ *) Add support for SCTP.
+ [Robin Seggelmann <seggelmann at fh-muenster.de>]
+
+ *) Improved PRNG seeding for VOS.
+ [Paul Green <Paul.Green at stratus.com>]
+
+ *) Extensive assembler packs updates, most notably:
+
+ - x86[_64]: AES-NI, PCLMULQDQ, RDRAND support;
+ - x86[_64]: SSSE3 support (SHA1, vector-permutation AES);
+ - x86_64: bit-sliced AES implementation;
+ - ARM: NEON support, contemporary platforms optimizations;
+ - s390x: z196 support;
+ - *: GHASH and GF(2^m) multiplication implementations;
+
+ [Andy Polyakov]
+
+ *) Make TLS-SRP code conformant with RFC 5054 API cleanup
+ (removal of unnecessary code)
+ [Peter Sylvester <peter.sylvester at edelweb.fr>]
+
+ *) Add TLS key material exporter from RFC 5705.
+ [Eric Rescorla]
+
+ *) Add DTLS-SRTP negotiation from RFC 5764.
+ [Eric Rescorla]
+
+ *) Add Next Protocol Negotiation,
+ http://tools.ietf.org/html/draft-agl-tls-nextprotoneg-00. Can be
+ disabled with a no-npn flag to config or Configure. Code donated
+ by Google.
+ [Adam Langley <agl at google.com> and Ben Laurie]
+
+ *) Add optional 64-bit optimized implementations of elliptic curves NIST-P224,
+ NIST-P256, NIST-P521, with constant-time single point multiplication on
+ typical inputs. Compiler support for the nonstandard type __uint128_t is
+ required to use this (present in gcc 4.4 and later, for 64-bit builds).
+ Code made available under Apache License version 2.0.
+
+ Specify "enable-ec_nistp_64_gcc_128" on the Configure (or config) command
+ line to include this in your build of OpenSSL, and run "make depend" (or
+ "make update"). This enables the following EC_METHODs:
+
+ EC_GFp_nistp224_method()
+ EC_GFp_nistp256_method()
+ EC_GFp_nistp521_method()
+
+ EC_GROUP_new_by_curve_name() will automatically use these (while
+ EC_GROUP_new_curve_GFp() currently prefers the more flexible
+ implementations).
+ [Emilia K\xE4sper, Adam Langley, Bodo Moeller (Google)]
+
+ *) Use type ossl_ssize_t instad of ssize_t which isn't available on
+ all platforms. Move ssize_t definition from e_os.h to the public
+ header file e_os2.h as it now appears in public header file cms.h
+ [Steve Henson]
+
+ *) New -sigopt option to the ca, req and x509 utilities. Additional
+ signature parameters can be passed using this option and in
+ particular PSS.
+ [Steve Henson]
+
+ *) Add RSA PSS signing function. This will generate and set the
+ appropriate AlgorithmIdentifiers for PSS based on those in the
+ corresponding EVP_MD_CTX structure. No application support yet.
+ [Steve Henson]
+
+ *) Support for companion algorithm specific ASN1 signing routines.
+ New function ASN1_item_sign_ctx() signs a pre-initialised
+ EVP_MD_CTX structure and sets AlgorithmIdentifiers based on
+ the appropriate parameters.
+ [Steve Henson]
+
+ *) Add new algorithm specific ASN1 verification initialisation function
+ to EVP_PKEY_ASN1_METHOD: this is not in EVP_PKEY_METHOD since the ASN1
+ handling will be the same no matter what EVP_PKEY_METHOD is used.
+ Add a PSS handler to support verification of PSS signatures: checked
+ against a number of sample certificates.
+ [Steve Henson]
+
+ *) Add signature printing for PSS. Add PSS OIDs.
+ [Steve Henson, Martin Kaiser <lists at kaiser.cx>]
+
+ *) Add algorithm specific signature printing. An individual ASN1 method
+ can now print out signatures instead of the standard hex dump.
+
+ More complex signatures (e.g. PSS) can print out more meaningful
+ information. Include DSA version that prints out the signature
+ parameters r, s.
+ [Steve Henson]
+
+ *) Password based recipient info support for CMS library: implementing
+ RFC3211.
+ [Steve Henson]
+
+ *) Split password based encryption into PBES2 and PBKDF2 functions. This
+ neatly separates the code into cipher and PBE sections and is required
+ for some algorithms that split PBES2 into separate pieces (such as
+ password based CMS).
+ [Steve Henson]
+
+ *) Session-handling fixes:
+ - Fix handling of connections that are resuming with a session ID,
+ but also support Session Tickets.
+ - Fix a bug that suppressed issuing of a new ticket if the client
+ presented a ticket with an expired session.
+ - Try to set the ticket lifetime hint to something reasonable.
+ - Make tickets shorter by excluding irrelevant information.
+ - On the client side, don't ignore renewed tickets.
+ [Adam Langley, Bodo Moeller (Google)]
+
+ *) Fix PSK session representation.
+ [Bodo Moeller]
+
+ *) Add RC4-MD5 and AESNI-SHA1 "stitched" implementations.
+
+ This work was sponsored by Intel.
+ [Andy Polyakov]
+
+ *) Add GCM support to TLS library. Some custom code is needed to split
+ the IV between the fixed (from PRF) and explicit (from TLS record)
+ portions. This adds all GCM ciphersuites supported by RFC5288 and
+ RFC5289. Generalise some AES* cipherstrings to inlclude GCM and
+ add a special AESGCM string for GCM only.
+ [Steve Henson]
+
+ *) Expand range of ctrls for AES GCM. Permit setting invocation
+ field on decrypt and retrieval of invocation field only on encrypt.
+ [Steve Henson]
+
+ *) Add HMAC ECC ciphersuites from RFC5289. Include SHA384 PRF support.
+ As required by RFC5289 these ciphersuites cannot be used if for
+ versions of TLS earlier than 1.2.
+ [Steve Henson]
+
+ *) For FIPS capable OpenSSL interpret a NULL default public key method
+ as unset and return the appopriate default but do *not* set the default.
+ This means we can return the appopriate method in applications that
+ swicth between FIPS and non-FIPS modes.
+ [Steve Henson]
+
+ *) Redirect HMAC and CMAC operations to FIPS module in FIPS mode. If an
+ ENGINE is used then we cannot handle that in the FIPS module so we
+ keep original code iff non-FIPS operations are allowed.
+ [Steve Henson]
+
+ *) Add -attime option to openssl utilities.
+ [Peter Eckersley <pde at eff.org>, Ben Laurie and Steve Henson]
+
+ *) Redirect DSA and DH operations to FIPS module in FIPS mode.
+ [Steve Henson]
+
+ *) Redirect ECDSA and ECDH operations to FIPS module in FIPS mode. Also use
+ FIPS EC methods unconditionally for now.
+ [Steve Henson]
+
+ *) New build option no-ec2m to disable characteristic 2 code.
+ [Steve Henson]
+
+ *) Backport libcrypto audit of return value checking from 1.1.0-dev; not
+ all cases can be covered as some introduce binary incompatibilities.
+ [Steve Henson]
+
+ *) Redirect RSA operations to FIPS module including keygen,
+ encrypt, decrypt, sign and verify. Block use of non FIPS RSA methods.
+ [Steve Henson]
+
+ *) Add similar low level API blocking to ciphers.
+ [Steve Henson]
+
+ *) Low level digest APIs are not approved in FIPS mode: any attempt
+ to use these will cause a fatal error. Applications that *really* want
+ to use them can use the private_* version instead.
+ [Steve Henson]
+
+ *) Redirect cipher operations to FIPS module for FIPS builds.
+ [Steve Henson]
+
+ *) Redirect digest operations to FIPS module for FIPS builds.
+ [Steve Henson]
+
+ *) Update build system to add "fips" flag which will link in fipscanister.o
+ for static and shared library builds embedding a signature if needed.
+ [Steve Henson]
+
+ *) Output TLS supported curves in preference order instead of numerical
+ order. This is currently hardcoded for the highest order curves first.
+ This should be configurable so applications can judge speed vs strength.
+ [Steve Henson]
+
+ *) Add TLS v1.2 server support for client authentication.
+ [Steve Henson]
+
+ *) Add support for FIPS mode in ssl library: disable SSLv3, non-FIPS ciphers
+ and enable MD5.
+ [Steve Henson]
+
+ *) Functions FIPS_mode_set() and FIPS_mode() which call the underlying
+ FIPS modules versions.
+ [Steve Henson]
+
+ *) Add TLS v1.2 client side support for client authentication. Keep cache
+ of handshake records longer as we don't know the hash algorithm to use
+ until after the certificate request message is received.
+ [Steve Henson]
+
+ *) Initial TLS v1.2 client support. Add a default signature algorithms
+ extension including all the algorithms we support. Parse new signature
+ format in client key exchange. Relax some ECC signing restrictions for
+ TLS v1.2 as indicated in RFC5246.
+ [Steve Henson]
+
+ *) Add server support for TLS v1.2 signature algorithms extension. Switch
+ to new signature format when needed using client digest preference.
+ All server ciphersuites should now work correctly in TLS v1.2. No client
+ support yet and no support for client certificates.
+ [Steve Henson]
+
+ *) Initial TLS v1.2 support. Add new SHA256 digest to ssl code, switch
+ to SHA256 for PRF when using TLS v1.2 and later. Add new SHA256 based
+ ciphersuites. At present only RSA key exchange ciphersuites work with
+ TLS v1.2. Add new option for TLS v1.2 replacing the old and obsolete
+ SSL_OP_PKCS1_CHECK flags with SSL_OP_NO_TLSv1_2. New TLSv1.2 methods
+ and version checking.
+ [Steve Henson]
+
+ *) New option OPENSSL_NO_SSL_INTERN. If an application can be compiled
+ with this defined it will not be affected by any changes to ssl internal
+ structures. Add several utility functions to allow openssl application
+ to work with OPENSSL_NO_SSL_INTERN defined.
+ [Steve Henson]
+
+ *) Add SRP support.
+ [Tom Wu <tjw at cs.stanford.edu> and Ben Laurie]
+
+ *) Add functions to copy EVP_PKEY_METHOD and retrieve flags and id.
+ [Steve Henson]
+
+ *) Permit abbreviated handshakes when renegotiating using the function
+ SSL_renegotiate_abbreviated().
+ [Robin Seggelmann <seggelmann at fh-muenster.de>]
+
+ *) Add call to ENGINE_register_all_complete() to
+ ENGINE_load_builtin_engines(), so some implementations get used
+ automatically instead of needing explicit application support.
+ [Steve Henson]
+
+ *) Add support for TLS key exporter as described in RFC5705.
+ [Robin Seggelmann <seggelmann at fh-muenster.de>, Steve Henson]
+
+ *) Initial TLSv1.1 support. Since TLSv1.1 is very similar to TLS v1.0 only
+ a few changes are required:
+
+ Add SSL_OP_NO_TLSv1_1 flag.
+ Add TLSv1_1 methods.
+ Update version checking logic to handle version 1.1.
+ Add explicit IV handling (ported from DTLS code).
+ Add command line options to s_client/s_server.
+ [Steve Henson]
+
+ Changes between 1.0.0g and 1.0.0h [12 Mar 2012]
+
*) Fix MMA (Bleichenbacher's attack on PKCS #1 v1.5 RSA padding) weakness
in CMS and PKCS7 code. When RSA decryption fails use a random key for
content decryption and always return the same error. Note: this attack
@@ -455,7 +943,7 @@
Ivan Nestlerode <inestlerode at us.ibm.com> for discovering this bug.
[Steve Henson]
- Changes between 0.9.8s and 0.9.8t [18 Jan 2012]
+ Changes between 1.0.0f and 1.0.0g [18 Jan 2012]
*) Fix for DTLS DoS issue introduced by fix for CVE-2011-4109.
Thanks to Antonio Martin, Enterprise Secure Access Research and
@@ -463,7 +951,7 @@
preparing a fix. (CVE-2012-0050)
[Antonio Martin]
- Changes between 0.9.8r and 0.9.8s [4 Jan 2012]
+ Changes between 1.0.0e and 1.0.0f [4 Jan 2012]
*) Nadhem Alfardan and Kenny Paterson have discovered an extension
of the Vaudenay padding oracle attack on CBC mode encryption
@@ -479,9 +967,6 @@
for preparing the fix. (CVE-2011-4108)
[Robin Seggelmann, Michael Tuexen]
- *) Stop policy check failure freeing same buffer twice. (CVE-2011-4109)
- [Ben Laurie, Kasper <ekasper at google.com>]
-
*) Clear bytes used for block padding of SSL 3.0 records.
(CVE-2011-4576)
[Adam Langley (Google)]
@@ -490,12 +975,18 @@
Kadianakis <desnacked at gmail.com> for discovering this issue and
Adam Langley for preparing the fix. (CVE-2011-4619)
[Adam Langley (Google)]
-
+
+ *) Check parameters are not NULL in GOST ENGINE. (CVE-2012-0027)
+ [Andrey Kulikov <amdeich at gmail.com>]
+
*) Prevent malformed RFC3779 data triggering an assertion failure.
Thanks to Andrew Chi, BBN Technologies, for discovering the flaw
and Rob Austein <sra at hactrn.net> for fixing it. (CVE-2011-4577)
[Rob Austein <sra at hactrn.net>]
+ *) Improved PRNG seeding for VOS.
+ [Paul Green <Paul.Green at stratus.com>]
+
*) Fix ssl_ciph.c set-up race.
[Adam Langley (Google)]
@@ -516,13 +1007,27 @@
the last update always remained unused).
[Emilia K\xE4sper (Google)]
+ *) In ssl3_clear, preserve s3->init_extra along with s3->rbuf.
+ [Bob Buckholz (Google)]
+
+ Changes between 1.0.0d and 1.0.0e [6 Sep 2011]
+
+ *) Fix bug where CRLs with nextUpdate in the past are sometimes accepted
+ by initialising X509_STORE_CTX properly. (CVE-2011-3207)
+ [Kaspar Brand <ossl at velox.ch>]
+
*) Fix SSL memory handling for (EC)DH ciphersuites, in particular
- for multi-threaded use of ECDH.
+ for multi-threaded use of ECDH. (CVE-2011-3210)
[Adam Langley (Google)]
*) Fix x509_name_ex_d2i memory leak on bad inputs.
[Bodo Moeller]
+ *) Remove hard coded ecdsaWithSHA1 signature tests in ssl code and check
+ signature public key algorithm by using OID xref utilities instead.
+ Before this you could only use some ECC ciphersuites with SHA1 only.
+ [Steve Henson]
+
*) Add protection against ECDSA timing attacks as mentioned in the paper
by Billy Bob Brumley and Nicola Tuveri, see:
@@ -530,7 +1035,7 @@
[Billy Bob Brumley and Nicola Tuveri]
- Changes between 0.9.8q and 0.9.8r [8 Feb 2011]
+ Changes between 1.0.0c and 1.0.0d [8 Feb 2011]
*) Fix parsing of OCSP stapling ClientHello extension. CVE-2011-0014
[Neel Mehta, Adam Langley, Bodo Moeller (Google)]
@@ -540,7 +1045,7 @@
ambiguous.
[Steve Henson]
- Changes between 0.9.8p and 0.9.8q [2 Dec 2010]
+ Changes between 1.0.0b and 1.0.0c [2 Dec 2010]
*) Disable code workaround for ancient and obsolete Netscape browsers
and servers: an attacker can use it in a ciphersuite downgrade attack.
@@ -552,7 +1057,7 @@
Arentz and Feng Hao. Note that this fix is a security fix. CVE-2010-4252
[Ben Laurie]
- Changes between 0.9.8o and 0.9.8p [16 Nov 2010]
+ Changes between 1.0.0a and 1.0.0b [16 Nov 2010]
*) Fix extension code to avoid race conditions which can result in a buffer
overrun vulnerability: resumed sessions must not be modified as they can
@@ -559,44 +1064,857 @@
be shared by multiple threads. CVE-2010-3864
[Steve Henson]
- *) Fix for double free bug in ssl/s3_clnt.c CVE-2010-2939
+ *) Fix WIN32 build system to correctly link an ENGINE directory into
+ a DLL.
[Steve Henson]
- *) Don't reencode certificate when calculating signature: cache and use
- the original encoding instead. This makes signature verification of
- some broken encodings work correctly.
+ Changes between 1.0.0 and 1.0.0a [01 Jun 2010]
+
+ *) Check return value of int_rsa_verify in pkey_rsa_verifyrecover
+ (CVE-2010-1633)
+ [Steve Henson, Peter-Michael Hager <hager at dortmund.net>]
+
+ Changes between 0.9.8n and 1.0.0 [29 Mar 2010]
+
+ *) Add "missing" function EVP_CIPHER_CTX_copy(). This copies a cipher
+ context. The operation can be customised via the ctrl mechanism in
+ case ENGINEs want to include additional functionality.
[Steve Henson]
- *) ec2_GF2m_simple_mul bugfix: compute correct result if the output EC_POINT
- is also one of the inputs.
- [Emilia K\xE4sper <emilia.kasper at esat.kuleuven.be> (Google)]
+ *) Tolerate yet another broken PKCS#8 key format: private key value negative.
+ [Steve Henson]
- *) Don't repeatedly append PBE algorithms to table if they already exist.
- Sort table on each new add. This effectively makes the table read only
- after all algorithms are added and subsequent calls to PKCS12_pbe_add
- etc are non-op.
+ *) Add new -subject_hash_old and -issuer_hash_old options to x509 utility to
+ output hashes compatible with older versions of OpenSSL.
+ [Willy Weisz <weisz at vcpc.univie.ac.at>]
+
+ *) Fix compression algorithm handling: if resuming a session use the
+ compression algorithm of the resumed session instead of determining
+ it from client hello again. Don't allow server to change algorithm.
[Steve Henson]
- Changes between 0.9.8n and 0.9.8o [01 Jun 2010]
+ *) Add load_crls() function to apps tidying load_certs() too. Add option
+ to verify utility to allow additional CRLs to be included.
+ [Steve Henson]
- [NB: OpenSSL 0.9.8o and later 0.9.8 patch levels were released after
- OpenSSL 1.0.0.]
+ *) Update OCSP request code to permit adding custom headers to the request:
+ some responders need this.
+ [Steve Henson]
- *) Correct a typo in the CMS ASN1 module which can result in invalid memory
- access or freeing data twice (CVE-2010-0742)
- [Steve Henson, Ronald Moesbergen <intercommit at gmail.com>]
+ *) The function EVP_PKEY_sign() returns <=0 on error: check return code
+ correctly.
+ [Julia Lawall <julia at diku.dk>]
- *) Add SHA2 algorithms to SSL_library_init(). SHA2 is becoming far more
- common in certificates and some applications which only call
- SSL_library_init and not OpenSSL_add_all_algorithms() will fail.
+ *) Update verify callback code in apps/s_cb.c and apps/verify.c, it
+ needlessly dereferenced structures, used obsolete functions and
+ didn't handle all updated verify codes correctly.
[Steve Henson]
- *) VMS fixes:
- Reduce copying into .apps and .test in makevms.com
- Don't try to use blank CA certificate in CA.com
- Allow use of C files from original directories in maketests.com
- [Steven M. Schweda" <sms at antinode.info>]
+ *) Disable MD2 in the default configuration.
+ [Steve Henson]
+ *) In BIO_pop() and BIO_push() use the ctrl argument (which was NULL) to
+ indicate the initial BIO being pushed or popped. This makes it possible
+ to determine whether the BIO is the one explicitly called or as a result
+ of the ctrl being passed down the chain. Fix BIO_pop() and SSL BIOs so
+ it handles reference counts correctly and doesn't zero out the I/O bio
+ when it is not being explicitly popped. WARNING: applications which
+ included workarounds for the old buggy behaviour will need to be modified
+ or they could free up already freed BIOs.
+ [Steve Henson]
+
+ *) Extend the uni2asc/asc2uni => OPENSSL_uni2asc/OPENSSL_asc2uni
+ renaming to all platforms (within the 0.9.8 branch, this was
+ done conditionally on Netware platforms to avoid a name clash).
+ [Guenter <lists at gknw.net>]
+
+ *) Add ECDHE and PSK support to DTLS.
+ [Michael Tuexen <tuexen at fh-muenster.de>]
+
+ *) Add CHECKED_STACK_OF macro to safestack.h, otherwise safestack can't
+ be used on C++.
+ [Steve Henson]
+
+ *) Add "missing" function EVP_MD_flags() (without this the only way to
+ retrieve a digest flags is by accessing the structure directly. Update
+ EVP_MD_do_all*() and EVP_CIPHER_do_all*() to include the name a digest
+ or cipher is registered as in the "from" argument. Print out all
+ registered digests in the dgst usage message instead of manually
+ attempting to work them out.
+ [Steve Henson]
+
+ *) If no SSLv2 ciphers are used don't use an SSLv2 compatible client hello:
+ this allows the use of compression and extensions. Change default cipher
+ string to remove SSLv2 ciphersuites. This effectively avoids ancient SSLv2
+ by default unless an application cipher string requests it.
+ [Steve Henson]
+
+ *) Alter match criteria in PKCS12_parse(). It used to try to use local
+ key ids to find matching certificates and keys but some PKCS#12 files
+ don't follow the (somewhat unwritten) rules and this strategy fails.
+ Now just gather all certificates together and the first private key
+ then look for the first certificate that matches the key.
+ [Steve Henson]
+
+ *) Support use of registered digest and cipher names for dgst and cipher
+ commands instead of having to add each one as a special case. So now
+ you can do:
+
+ openssl sha256 foo
+
+ as well as:
+
+ openssl dgst -sha256 foo
+
+ and this works for ENGINE based algorithms too.
+
+ [Steve Henson]
+
+ *) Update Gost ENGINE to support parameter files.
+ [Victor B. Wagner <vitus at cryptocom.ru>]
+
+ *) Support GeneralizedTime in ca utility.
+ [Oliver Martin <oliver at volatilevoid.net>, Steve Henson]
+
+ *) Enhance the hash format used for certificate directory links. The new
+ form uses the canonical encoding (meaning equivalent names will work
+ even if they aren't identical) and uses SHA1 instead of MD5. This form
+ is incompatible with the older format and as a result c_rehash should
+ be used to rebuild symbolic links.
+ [Steve Henson]
+
+ *) Make PKCS#8 the default write format for private keys, replacing the
+ traditional format. This form is standardised, more secure and doesn't
+ include an implicit MD5 dependency.
+ [Steve Henson]
+
+ *) Add a $gcc_devteam_warn option to Configure. The idea is that any code
+ committed to OpenSSL should pass this lot as a minimum.
+ [Steve Henson]
+
+ *) Add session ticket override functionality for use by EAP-FAST.
+ [Jouni Malinen <j at w1.fi>]
+
+ *) Modify HMAC functions to return a value. Since these can be implemented
+ in an ENGINE errors can occur.
+ [Steve Henson]
+
+ *) Type-checked OBJ_bsearch_ex.
+ [Ben Laurie]
+
+ *) Type-checked OBJ_bsearch. Also some constification necessitated
+ by type-checking. Still to come: TXT_DB, bsearch(?),
+ OBJ_bsearch_ex, qsort, CRYPTO_EX_DATA, ASN1_VALUE, ASN1_STRING,
+ CONF_VALUE.
+ [Ben Laurie]
+
+ *) New function OPENSSL_gmtime_adj() to add a specific number of days and
+ seconds to a tm structure directly, instead of going through OS
+ specific date routines. This avoids any issues with OS routines such
+ as the year 2038 bug. New *_adj() functions for ASN1 time structures
+ and X509_time_adj_ex() to cover the extended range. The existing
+ X509_time_adj() is still usable and will no longer have any date issues.
+ [Steve Henson]
+
+ *) Delta CRL support. New use deltas option which will attempt to locate
+ and search any appropriate delta CRLs available.
+
+ This work was sponsored by Google.
+ [Steve Henson]
+
+ *) Support for CRLs partitioned by reason code. Reorganise CRL processing
+ code and add additional score elements. Validate alternate CRL paths
+ as part of the CRL checking and indicate a new error "CRL path validation
+ error" in this case. Applications wanting additional details can use
+ the verify callback and check the new "parent" field. If this is not
+ NULL CRL path validation is taking place. Existing applications wont
+ see this because it requires extended CRL support which is off by
+ default.
+
+ This work was sponsored by Google.
+ [Steve Henson]
+
+ *) Support for freshest CRL extension.
+
+ This work was sponsored by Google.
+ [Steve Henson]
+
+ *) Initial indirect CRL support. Currently only supported in the CRLs
+ passed directly and not via lookup. Process certificate issuer
+ CRL entry extension and lookup CRL entries by bother issuer name
+ and serial number. Check and process CRL issuer entry in IDP extension.
+
+ This work was sponsored by Google.
+ [Steve Henson]
+
+ *) Add support for distinct certificate and CRL paths. The CRL issuer
+ certificate is validated separately in this case. Only enabled if
+ an extended CRL support flag is set: this flag will enable additional
+ CRL functionality in future.
+
+ This work was sponsored by Google.
+ [Steve Henson]
+
+ *) Add support for policy mappings extension.
+
+ This work was sponsored by Google.
+ [Steve Henson]
+
+ *) Fixes to pathlength constraint, self issued certificate handling,
+ policy processing to align with RFC3280 and PKITS tests.
+
+ This work was sponsored by Google.
+ [Steve Henson]
+
+ *) Support for name constraints certificate extension. DN, email, DNS
+ and URI types are currently supported.
+
+ This work was sponsored by Google.
+ [Steve Henson]
+
+ *) To cater for systems that provide a pointer-based thread ID rather
+ than numeric, deprecate the current numeric thread ID mechanism and
+ replace it with a structure and associated callback type. This
+ mechanism allows a numeric "hash" to be extracted from a thread ID in
+ either case, and on platforms where pointers are larger than 'long',
+ mixing is done to help ensure the numeric 'hash' is usable even if it
+ can't be guaranteed unique. The default mechanism is to use "&errno"
+ as a pointer-based thread ID to distinguish between threads.
+
+ Applications that want to provide their own thread IDs should now use
+ CRYPTO_THREADID_set_callback() to register a callback that will call
+ either CRYPTO_THREADID_set_numeric() or CRYPTO_THREADID_set_pointer().
+
+ Note that ERR_remove_state() is now deprecated, because it is tied
+ to the assumption that thread IDs are numeric. ERR_remove_state(0)
+ to free the current thread's error state should be replaced by
+ ERR_remove_thread_state(NULL).
+
+ (This new approach replaces the functions CRYPTO_set_idptr_callback(),
+ CRYPTO_get_idptr_callback(), and CRYPTO_thread_idptr() that existed in
+ OpenSSL 0.9.9-dev between June 2006 and August 2008. Also, if an
+ application was previously providing a numeric thread callback that
+ was inappropriate for distinguishing threads, then uniqueness might
+ have been obtained with &errno that happened immediately in the
+ intermediate development versions of OpenSSL; this is no longer the
+ case, the numeric thread callback will now override the automatic use
+ of &errno.)
+ [Geoff Thorpe, with help from Bodo Moeller]
+
+ *) Initial support for different CRL issuing certificates. This covers a
+ simple case where the self issued certificates in the chain exist and
+ the real CRL issuer is higher in the existing chain.
+
+ This work was sponsored by Google.
+ [Steve Henson]
+
+ *) Removed effectively defunct crypto/store from the build.
+ [Ben Laurie]
+
+ *) Revamp of STACK to provide stronger type-checking. Still to come:
+ TXT_DB, bsearch(?), OBJ_bsearch, qsort, CRYPTO_EX_DATA, ASN1_VALUE,
+ ASN1_STRING, CONF_VALUE.
+ [Ben Laurie]
+
+ *) Add a new SSL_MODE_RELEASE_BUFFERS mode flag to release unused buffer
+ RAM on SSL connections. This option can save about 34k per idle SSL.
+ [Nick Mathewson]
+
+ *) Revamp of LHASH to provide stronger type-checking. Still to come:
+ STACK, TXT_DB, bsearch, qsort.
+ [Ben Laurie]
+
+ *) Initial support for Cryptographic Message Syntax (aka CMS) based
+ on RFC3850, RFC3851 and RFC3852. New cms directory and cms utility,
+ support for data, signedData, compressedData, digestedData and
+ encryptedData, envelopedData types included. Scripts to check against
+ RFC4134 examples draft and interop and consistency checks of many
+ content types and variants.
+ [Steve Henson]
+
+ *) Add options to enc utility to support use of zlib compression BIO.
+ [Steve Henson]
+
+ *) Extend mk1mf to support importing of options and assembly language
+ files from Configure script, currently only included in VC-WIN32.
+ The assembly language rules can now optionally generate the source
+ files from the associated perl scripts.
+ [Steve Henson]
+
+ *) Implement remaining functionality needed to support GOST ciphersuites.
+ Interop testing has been performed using CryptoPro implementations.
+ [Victor B. Wagner <vitus at cryptocom.ru>]
+
+ *) s390x assembler pack.
+ [Andy Polyakov]
+
+ *) ARMv4 assembler pack. ARMv4 refers to v4 and later ISA, not CPU
+ "family."
+ [Andy Polyakov]
+
+ *) Implement Opaque PRF Input TLS extension as specified in
+ draft-rescorla-tls-opaque-prf-input-00.txt. Since this is not an
+ official specification yet and no extension type assignment by
+ IANA exists, this extension (for now) will have to be explicitly
+ enabled when building OpenSSL by providing the extension number
+ to use. For example, specify an option
+
+ -DTLSEXT_TYPE_opaque_prf_input=0x9527
+
+ to the "config" or "Configure" script to enable the extension,
+ assuming extension number 0x9527 (which is a completely arbitrary
+ and unofficial assignment based on the MD5 hash of the Internet
+ Draft). Note that by doing so, you potentially lose
+ interoperability with other TLS implementations since these might
+ be using the same extension number for other purposes.
+
+ SSL_set_tlsext_opaque_prf_input(ssl, src, len) is used to set the
+ opaque PRF input value to use in the handshake. This will create
+ an interal copy of the length-'len' string at 'src', and will
+ return non-zero for success.
+
+ To get more control and flexibility, provide a callback function
+ by using
+
+ SSL_CTX_set_tlsext_opaque_prf_input_callback(ctx, cb)
+ SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(ctx, arg)
+
+ where
+
+ int (*cb)(SSL *, void *peerinput, size_t len, void *arg);
+ void *arg;
+
+ Callback function 'cb' will be called in handshakes, and is
+ expected to use SSL_set_tlsext_opaque_prf_input() as appropriate.
+ Argument 'arg' is for application purposes (the value as given to
+ SSL_CTX_set_tlsext_opaque_prf_input_callback_arg() will directly
+ be provided to the callback function). The callback function
+ has to return non-zero to report success: usually 1 to use opaque
+ PRF input just if possible, or 2 to enforce use of the opaque PRF
+ input. In the latter case, the library will abort the handshake
+ if opaque PRF input is not successfully negotiated.
+
+ Arguments 'peerinput' and 'len' given to the callback function
+ will always be NULL and 0 in the case of a client. A server will
+ see the client's opaque PRF input through these variables if
+ available (NULL and 0 otherwise). Note that if the server
+ provides an opaque PRF input, the length must be the same as the
+ length of the client's opaque PRF input.
+
+ Note that the callback function will only be called when creating
+ a new session (session resumption can resume whatever was
+ previously negotiated), and will not be called in SSL 2.0
+ handshakes; thus, SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2) or
+ SSL_set_options(ssl, SSL_OP_NO_SSLv2) is especially recommended
+ for applications that need to enforce opaque PRF input.
+
+ [Bodo Moeller]
+
+ *) Update ssl code to support digests other than SHA1+MD5 for handshake
+ MAC.
+
+ [Victor B. Wagner <vitus at cryptocom.ru>]
+
+ *) Add RFC4507 support to OpenSSL. This includes the corrections in
+ RFC4507bis. The encrypted ticket format is an encrypted encoded
+ SSL_SESSION structure, that way new session features are automatically
+ supported.
+
+ If a client application caches session in an SSL_SESSION structure
+ support is transparent because tickets are now stored in the encoded
+ SSL_SESSION.
+
+ The SSL_CTX structure automatically generates keys for ticket
+ protection in servers so again support should be possible
+ with no application modification.
+
+ If a client or server wishes to disable RFC4507 support then the option
+ SSL_OP_NO_TICKET can be set.
+
+ Add a TLS extension debugging callback to allow the contents of any client
+ or server extensions to be examined.
+
+ This work was sponsored by Google.
+ [Steve Henson]
+
+ *) Final changes to avoid use of pointer pointer casts in OpenSSL.
+ OpenSSL should now compile cleanly on gcc 4.2
+ [Peter Hartley <pdh at utter.chaos.org.uk>, Steve Henson]
+
+ *) Update SSL library to use new EVP_PKEY MAC API. Include generic MAC
+ support including streaming MAC support: this is required for GOST
+ ciphersuite support.
+ [Victor B. Wagner <vitus at cryptocom.ru>, Steve Henson]
+
+ *) Add option -stream to use PKCS#7 streaming in smime utility. New
+ function i2d_PKCS7_bio_stream() and PEM_write_PKCS7_bio_stream()
+ to output in BER and PEM format.
+ [Steve Henson]
+
+ *) Experimental support for use of HMAC via EVP_PKEY interface. This
+ allows HMAC to be handled via the EVP_DigestSign*() interface. The
+ EVP_PKEY "key" in this case is the HMAC key, potentially allowing
+ ENGINE support for HMAC keys which are unextractable. New -mac and
+ -macopt options to dgst utility.
+ [Steve Henson]
+
+ *) New option -sigopt to dgst utility. Update dgst to use
+ EVP_Digest{Sign,Verify}*. These two changes make it possible to use
+ alternative signing paramaters such as X9.31 or PSS in the dgst
+ utility.
+ [Steve Henson]
+
+ *) Change ssl_cipher_apply_rule(), the internal function that does
+ the work each time a ciphersuite string requests enabling
+ ("foo+bar"), moving ("+foo+bar"), disabling ("-foo+bar", or
+ removing ("!foo+bar") a class of ciphersuites: Now it maintains
+ the order of disabled ciphersuites such that those ciphersuites
+ that most recently went from enabled to disabled not only stay
+ in order with respect to each other, but also have higher priority
+ than other disabled ciphersuites the next time ciphersuites are
+ enabled again.
+
+ This means that you can now say, e.g., "PSK:-PSK:HIGH" to enable
+ the same ciphersuites as with "HIGH" alone, but in a specific
+ order where the PSK ciphersuites come first (since they are the
+ most recently disabled ciphersuites when "HIGH" is parsed).
+
+ Also, change ssl_create_cipher_list() (using this new
+ funcionality) such that between otherwise identical
+ cihpersuites, ephemeral ECDH is preferred over ephemeral DH in
+ the default order.
+ [Bodo Moeller]
+
+ *) Change ssl_create_cipher_list() so that it automatically
+ arranges the ciphersuites in reasonable order before starting
+ to process the rule string. Thus, the definition for "DEFAULT"
+ (SSL_DEFAULT_CIPHER_LIST) now is just "ALL:!aNULL:!eNULL", but
+ remains equivalent to "AES:ALL:!aNULL:!eNULL:+aECDH:+kRSA:+RC4:@STRENGTH".
+ This makes it much easier to arrive at a reasonable default order
+ in applications for which anonymous ciphers are OK (meaning
+ that you can't actually use DEFAULT).
+ [Bodo Moeller; suggested by Victor Duchovni]
+
+ *) Split the SSL/TLS algorithm mask (as used for ciphersuite string
+ processing) into multiple integers instead of setting
+ "SSL_MKEY_MASK" bits, "SSL_AUTH_MASK" bits, "SSL_ENC_MASK",
+ "SSL_MAC_MASK", and "SSL_SSL_MASK" bits all in a single integer.
+ (These masks as well as the individual bit definitions are hidden
+ away into the non-exported interface ssl/ssl_locl.h, so this
+ change to the definition of the SSL_CIPHER structure shouldn't
+ affect applications.) This give us more bits for each of these
+ categories, so there is no longer a need to coagulate AES128 and
+ AES256 into a single algorithm bit, and to coagulate Camellia128
+ and Camellia256 into a single algorithm bit, which has led to all
+ kinds of kludges.
+
+ Thus, among other things, the kludge introduced in 0.9.7m and
+ 0.9.8e for masking out AES256 independently of AES128 or masking
+ out Camellia256 independently of AES256 is not needed here in 0.9.9.
+
+ With the change, we also introduce new ciphersuite aliases that
+ so far were missing: "AES128", "AES256", "CAMELLIA128", and
+ "CAMELLIA256".
+ [Bodo Moeller]
+
+ *) Add support for dsa-with-SHA224 and dsa-with-SHA256.
+ Use the leftmost N bytes of the signature input if the input is
+ larger than the prime q (with N being the size in bytes of q).
+ [Nils Larsch]
+
+ *) Very *very* experimental PKCS#7 streaming encoder support. Nothing uses
+ it yet and it is largely untested.
+ [Steve Henson]
+
+ *) Add support for the ecdsa-with-SHA224/256/384/512 signature types.
+ [Nils Larsch]
+
+ *) Initial incomplete changes to avoid need for function casts in OpenSSL
+ some compilers (gcc 4.2 and later) reject their use. Safestack is
+ reimplemented. Update ASN1 to avoid use of legacy functions.
+ [Steve Henson]
+
+ *) Win32/64 targets are linked with Winsock2.
+ [Andy Polyakov]
+
+ *) Add an X509_CRL_METHOD structure to allow CRL processing to be redirected
+ to external functions. This can be used to increase CRL handling
+ efficiency especially when CRLs are very large by (for example) storing
+ the CRL revoked certificates in a database.
+ [Steve Henson]
+
+ *) Overhaul of by_dir code. Add support for dynamic loading of CRLs so
+ new CRLs added to a directory can be used. New command line option
+ -verify_return_error to s_client and s_server. This causes real errors
+ to be returned by the verify callback instead of carrying on no matter
+ what. This reflects the way a "real world" verify callback would behave.
+ [Steve Henson]
+
+ *) GOST engine, supporting several GOST algorithms and public key formats.
+ Kindly donated by Cryptocom.
+ [Cryptocom]
+
+ *) Partial support for Issuing Distribution Point CRL extension. CRLs
+ partitioned by DP are handled but no indirect CRL or reason partitioning
+ (yet). Complete overhaul of CRL handling: now the most suitable CRL is
+ selected via a scoring technique which handles IDP and AKID in CRLs.
+ [Steve Henson]
+
+ *) New X509_STORE_CTX callbacks lookup_crls() and lookup_certs() which
+ will ultimately be used for all verify operations: this will remove the
+ X509_STORE dependency on certificate verification and allow alternative
+ lookup methods. X509_STORE based implementations of these two callbacks.
+ [Steve Henson]
+
+ *) Allow multiple CRLs to exist in an X509_STORE with matching issuer names.
+ Modify get_crl() to find a valid (unexpired) CRL if possible.
+ [Steve Henson]
+
+ *) New function X509_CRL_match() to check if two CRLs are identical. Normally
+ this would be called X509_CRL_cmp() but that name is already used by
+ a function that just compares CRL issuer names. Cache several CRL
+ extensions in X509_CRL structure and cache CRLDP in X509.
+ [Steve Henson]
+
+ *) Store a "canonical" representation of X509_NAME structure (ASN1 Name)
+ this maps equivalent X509_NAME structures into a consistent structure.
+ Name comparison can then be performed rapidly using memcmp().
+ [Steve Henson]
+
+ *) Non-blocking OCSP request processing. Add -timeout option to ocsp
+ utility.
+ [Steve Henson]
+
+ *) Allow digests to supply their own micalg string for S/MIME type using
+ the ctrl EVP_MD_CTRL_MICALG.
+ [Steve Henson]
+
+ *) During PKCS7 signing pass the PKCS7 SignerInfo structure to the
+ EVP_PKEY_METHOD before and after signing via the EVP_PKEY_CTRL_PKCS7_SIGN
+ ctrl. It can then customise the structure before and/or after signing
+ if necessary.
+ [Steve Henson]
+
+ *) New function OBJ_add_sigid() to allow application defined signature OIDs
+ to be added to OpenSSLs internal tables. New function OBJ_sigid_free()
+ to free up any added signature OIDs.
+ [Steve Henson]
+
+ *) New functions EVP_CIPHER_do_all(), EVP_CIPHER_do_all_sorted(),
+ EVP_MD_do_all() and EVP_MD_do_all_sorted() to enumerate internal
+ digest and cipher tables. New options added to openssl utility:
+ list-message-digest-algorithms and list-cipher-algorithms.
+ [Steve Henson]
+
+ *) Change the array representation of binary polynomials: the list
+ of degrees of non-zero coefficients is now terminated with -1.
+ Previously it was terminated with 0, which was also part of the
+ value; thus, the array representation was not applicable to
+ polynomials where t^0 has coefficient zero. This change makes
+ the array representation useful in a more general context.
+ [Douglas Stebila]
+
+ *) Various modifications and fixes to SSL/TLS cipher string
+ handling. For ECC, the code now distinguishes between fixed ECDH
+ with RSA certificates on the one hand and with ECDSA certificates
+ on the other hand, since these are separate ciphersuites. The
+ unused code for Fortezza ciphersuites has been removed.
+
+ For consistency with EDH, ephemeral ECDH is now called "EECDH"
+ (not "ECDHE"). For consistency with the code for DH
+ certificates, use of ECDH certificates is now considered ECDH
+ authentication, not RSA or ECDSA authentication (the latter is
+ merely the CA's signing algorithm and not actively used in the
+ protocol).
+
+ The temporary ciphersuite alias "ECCdraft" is no longer
+ available, and ECC ciphersuites are no longer excluded from "ALL"
+ and "DEFAULT". The following aliases now exist for RFC 4492
+ ciphersuites, most of these by analogy with the DH case:
+
+ kECDHr - ECDH cert, signed with RSA
+ kECDHe - ECDH cert, signed with ECDSA
+ kECDH - ECDH cert (signed with either RSA or ECDSA)
+ kEECDH - ephemeral ECDH
+ ECDH - ECDH cert or ephemeral ECDH
+
+ aECDH - ECDH cert
+ aECDSA - ECDSA cert
+ ECDSA - ECDSA cert
+
+ AECDH - anonymous ECDH
+ EECDH - non-anonymous ephemeral ECDH (equivalent to "kEECDH:-AECDH")
+
+ [Bodo Moeller]
+
+ *) Add additional S/MIME capabilities for AES and GOST ciphers if supported.
+ Use correct micalg parameters depending on digest(s) in signed message.
+ [Steve Henson]
+
+ *) Add engine support for EVP_PKEY_ASN1_METHOD. Add functions to process
+ an ENGINE asn1 method. Support ENGINE lookups in the ASN1 code.
+ [Steve Henson]
+
+ *) Initial engine support for EVP_PKEY_METHOD. New functions to permit
+ an engine to register a method. Add ENGINE lookups for methods and
+ functional reference processing.
+ [Steve Henson]
+
+ *) New functions EVP_Digest{Sign,Verify)*. These are enchance versions of
+ EVP_{Sign,Verify}* which allow an application to customise the signature
+ process.
+ [Steve Henson]
+
+ *) New -resign option to smime utility. This adds one or more signers
+ to an existing PKCS#7 signedData structure. Also -md option to use an
+ alternative message digest algorithm for signing.
+ [Steve Henson]
+
+ *) Tidy up PKCS#7 routines and add new functions to make it easier to
+ create PKCS7 structures containing multiple signers. Update smime
+ application to support multiple signers.
+ [Steve Henson]
+
+ *) New -macalg option to pkcs12 utility to allow setting of an alternative
+ digest MAC.
+ [Steve Henson]
+
+ *) Initial support for PKCS#5 v2.0 PRFs other than default SHA1 HMAC.
+ Reorganize PBE internals to lookup from a static table using NIDs,
+ add support for HMAC PBE OID translation. Add a EVP_CIPHER ctrl:
+ EVP_CTRL_PBE_PRF_NID this allows a cipher to specify an alternative
+ PRF which will be automatically used with PBES2.
+ [Steve Henson]
+
+ *) Replace the algorithm specific calls to generate keys in "req" with the
+ new API.
+ [Steve Henson]
+
+ *) Update PKCS#7 enveloped data routines to use new API. This is now
+ supported by any public key method supporting the encrypt operation. A
+ ctrl is added to allow the public key algorithm to examine or modify
+ the PKCS#7 RecipientInfo structure if it needs to: for RSA this is
+ a no op.
+ [Steve Henson]
+
+ *) Add a ctrl to asn1 method to allow a public key algorithm to express
+ a default digest type to use. In most cases this will be SHA1 but some
+ algorithms (such as GOST) need to specify an alternative digest. The
+ return value indicates how strong the prefernce is 1 means optional and
+ 2 is mandatory (that is it is the only supported type). Modify
+ ASN1_item_sign() to accept a NULL digest argument to indicate it should
+ use the default md. Update openssl utilities to use the default digest
+ type for signing if it is not explicitly indicated.
+ [Steve Henson]
+
+ *) Use OID cross reference table in ASN1_sign() and ASN1_verify(). New
+ EVP_MD flag EVP_MD_FLAG_PKEY_METHOD_SIGNATURE. This uses the relevant
+ signing method from the key type. This effectively removes the link
+ between digests and public key types.
+ [Steve Henson]
+
+ *) Add an OID cross reference table and utility functions. Its purpose is to
+ translate between signature OIDs such as SHA1WithrsaEncryption and SHA1,
+ rsaEncryption. This will allow some of the algorithm specific hackery
+ needed to use the correct OID to be removed.
+ [Steve Henson]
+
+ *) Remove algorithm specific dependencies when setting PKCS7_SIGNER_INFO
+ structures for PKCS7_sign(). They are now set up by the relevant public
+ key ASN1 method.
+ [Steve Henson]
+
+ *) Add provisional EC pkey method with support for ECDSA and ECDH.
+ [Steve Henson]
+
+ *) Add support for key derivation (agreement) in the API, DH method and
+ pkeyutl.
+ [Steve Henson]
+
+ *) Add DSA pkey method and DH pkey methods, extend DH ASN1 method to support
+ public and private key formats. As a side effect these add additional
+ command line functionality not previously available: DSA signatures can be
+ generated and verified using pkeyutl and DH key support and generation in
+ pkey, genpkey.
+ [Steve Henson]
+
+ *) BeOS support.
+ [Oliver Tappe <zooey at hirschkaefer.de>]
+
+ *) New make target "install_html_docs" installs HTML renditions of the
+ manual pages.
+ [Oliver Tappe <zooey at hirschkaefer.de>]
+
+ *) New utility "genpkey" this is analagous to "genrsa" etc except it can
+ generate keys for any algorithm. Extend and update EVP_PKEY_METHOD to
+ support key and parameter generation and add initial key generation
+ functionality for RSA.
+ [Steve Henson]
+
+ *) Add functions for main EVP_PKEY_method operations. The undocumented
+ functions EVP_PKEY_{encrypt,decrypt} have been renamed to
+ EVP_PKEY_{encrypt,decrypt}_old.
+ [Steve Henson]
+
+ *) Initial definitions for EVP_PKEY_METHOD. This will be a high level public
+ key API, doesn't do much yet.
+ [Steve Henson]
+
+ *) New function EVP_PKEY_asn1_get0_info() to retrieve information about
+ public key algorithms. New option to openssl utility:
+ "list-public-key-algorithms" to print out info.
+ [Steve Henson]
+
+ *) Implement the Supported Elliptic Curves Extension for
+ ECC ciphersuites from draft-ietf-tls-ecc-12.txt.
+ [Douglas Stebila]
+
+ *) Don't free up OIDs in OBJ_cleanup() if they are in use by EVP_MD or
+ EVP_CIPHER structures to avoid later problems in EVP_cleanup().
+ [Steve Henson]
+
+ *) New utilities pkey and pkeyparam. These are similar to algorithm specific
+ utilities such as rsa, dsa, dsaparam etc except they process any key
+ type.
+ [Steve Henson]
+
+ *) Transfer public key printing routines to EVP_PKEY_ASN1_METHOD. New
+ functions EVP_PKEY_print_public(), EVP_PKEY_print_private(),
+ EVP_PKEY_print_param() to print public key data from an EVP_PKEY
+ structure.
+ [Steve Henson]
+
+ *) Initial support for pluggable public key ASN1.
+ De-spaghettify the public key ASN1 handling. Move public and private
+ key ASN1 handling to a new EVP_PKEY_ASN1_METHOD structure. Relocate
+ algorithm specific handling to a single module within the relevant
+ algorithm directory. Add functions to allow (near) opaque processing
+ of public and private key structures.
+ [Steve Henson]
+
+ *) Implement the Supported Point Formats Extension for
+ ECC ciphersuites from draft-ietf-tls-ecc-12.txt.
+ [Douglas Stebila]
+
+ *) Add initial support for RFC 4279 PSK TLS ciphersuites. Add members
+ for the psk identity [hint] and the psk callback functions to the
+ SSL_SESSION, SSL and SSL_CTX structure.
+
+ New ciphersuites:
+ PSK-RC4-SHA, PSK-3DES-EDE-CBC-SHA, PSK-AES128-CBC-SHA,
+ PSK-AES256-CBC-SHA
+
+ New functions:
+ SSL_CTX_use_psk_identity_hint
+ SSL_get_psk_identity_hint
+ SSL_get_psk_identity
+ SSL_use_psk_identity_hint
+
+ [Mika Kousa and Pasi Eronen of Nokia Corporation]
+
+ *) Add RFC 3161 compliant time stamp request creation, response generation
+ and response verification functionality.
+ [Zolt\xE1n Gl\xF3zik <zglozik at opentsa.org>, The OpenTSA Project]
+
+ *) Add initial support for TLS extensions, specifically for the server_name
+ extension so far. The SSL_SESSION, SSL_CTX, and SSL data structures now
+ have new members for a host name. The SSL data structure has an
+ additional member SSL_CTX *initial_ctx so that new sessions can be
+ stored in that context to allow for session resumption, even after the
+ SSL has been switched to a new SSL_CTX in reaction to a client's
+ server_name extension.
+
+ New functions (subject to change):
+
+ SSL_get_servername()
+ SSL_get_servername_type()
+ SSL_set_SSL_CTX()
+
+ New CTRL codes and macros (subject to change):
+
+ SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
+ - SSL_CTX_set_tlsext_servername_callback()
+ SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG
+ - SSL_CTX_set_tlsext_servername_arg()
+ SSL_CTRL_SET_TLSEXT_HOSTNAME - SSL_set_tlsext_host_name()
+
+ openssl s_client has a new '-servername ...' option.
+
+ openssl s_server has new options '-servername_host ...', '-cert2 ...',
+ '-key2 ...', '-servername_fatal' (subject to change). This allows
+ testing the HostName extension for a specific single host name ('-cert'
+ and '-key' remain fallbacks for handshakes without HostName
+ negotiation). If the unrecogninzed_name alert has to be sent, this by
+ default is a warning; it becomes fatal with the '-servername_fatal'
+ option.
+
+ [Peter Sylvester, Remy Allais, Christophe Renou]
+
+ *) Whirlpool hash implementation is added.
+ [Andy Polyakov]
+
+ *) BIGNUM code on 64-bit SPARCv9 targets is switched from bn(64,64) to
+ bn(64,32). Because of instruction set limitations it doesn't have
+ any negative impact on performance. This was done mostly in order
+ to make it possible to share assembler modules, such as bn_mul_mont
+ implementations, between 32- and 64-bit builds without hassle.
+ [Andy Polyakov]
+
+ *) Move code previously exiled into file crypto/ec/ec2_smpt.c
+ to ec2_smpl.c, and no longer require the OPENSSL_EC_BIN_PT_COMP
+ macro.
+ [Bodo Moeller]
+
+ *) New candidate for BIGNUM assembler implementation, bn_mul_mont,
+ dedicated Montgomery multiplication procedure, is introduced.
+ BN_MONT_CTX is modified to allow bn_mul_mont to reach for higher
+ "64-bit" performance on certain 32-bit targets.
+ [Andy Polyakov]
+
+ *) New option SSL_OP_NO_COMP to disable use of compression selectively
+ in SSL structures. New SSL ctrl to set maximum send fragment size.
+ Save memory by seeting the I/O buffer sizes dynamically instead of
+ using the maximum available value.
+ [Steve Henson]
+
+ *) New option -V for 'openssl ciphers'. This prints the ciphersuite code
+ in addition to the text details.
+ [Bodo Moeller]
+
+ *) Very, very preliminary EXPERIMENTAL support for printing of general
+ ASN1 structures. This currently produces rather ugly output and doesn't
+ handle several customised structures at all.
+ [Steve Henson]
+
+ *) Integrated support for PVK file format and some related formats such
+ as MS PUBLICKEYBLOB and PRIVATEKEYBLOB. Command line switches to support
+ these in the 'rsa' and 'dsa' utilities.
+ [Steve Henson]
+
+ *) Support for PKCS#1 RSAPublicKey format on rsa utility command line.
+ [Steve Henson]
+
+ *) Remove the ancient ASN1_METHOD code. This was only ever used in one
+ place for the (very old) "NETSCAPE" format certificates which are now
+ handled using new ASN1 code equivalents.
+ [Steve Henson]
+
+ *) Let the TLSv1_method() etc. functions return a 'const' SSL_METHOD
+ pointer and make the SSL_METHOD parameter in SSL_CTX_new,
+ SSL_CTX_set_ssl_version and SSL_set_ssl_method 'const'.
+ [Nils Larsch]
+
+ *) Modify CRL distribution points extension code to print out previously
+ unsupported fields. Enhance extension setting code to allow setting of
+ all fields.
+ [Steve Henson]
+
+ *) Add print and set support for Issuing Distribution Point CRL extension.
+ [Steve Henson]
+
+ *) Change 'Configure' script to enable Camellia by default.
+ [NTT]
+
Changes between 0.9.8m and 0.9.8n [24 Mar 2010]
*) When rejecting SSL/TLS records due to an incorrect version number, never
Modified: trunk/crypto/openssl/CHANGES.SSLeay
===================================================================
--- trunk/crypto/openssl/CHANGES.SSLeay 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/CHANGES.SSLeay 2015-07-21 23:23:45 UTC (rev 7118)
@@ -148,7 +148,7 @@
This would tend to cause memory overwrites since SSLv3 has
a maximum packet size of 16k. If your program uses
buffers <= 16k, you would probably never see this problem.
- - Fixed a new errors that were cause by malloc() not returning
+ - Fixed a few errors that were cause by malloc() not returning
0 initialised memory..
- SSL_OP_NETSCAPE_CA_DN_BUG was being switched on when using
SSL_CTX_set_options(ssl_ctx,SSL_OP_ALL); which was a bad thing
Modified: trunk/crypto/openssl/Configure
===================================================================
--- trunk/crypto/openssl/Configure 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/Configure 2015-07-21 23:23:45 UTC (rev 7118)
@@ -6,13 +6,11 @@
##
require 5.000;
-eval 'use strict;';
+use strict;
-print STDERR "Warning: perl module strict not found.\n" if ($@);
-
# see INSTALL for instructions.
-my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [experimental-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [enable-montasm] [no-asm] [no-dso] [no-krb5] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--test-sanity] os/compiler[:flags]\n";
+my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [experimental-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-dso] [no-krb5] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--test-sanity] os/compiler[:flags]\n";
# Options:
#
@@ -40,6 +38,8 @@
# --test-sanity Make a number of sanity checks on the data in this file.
# This is a debugging tool for OpenSSL developers.
#
+# --cross-compile-prefix Add specified prefix to binutils components.
+#
# no-hw-xxx do not compile support for specific crypto hardware.
# Generic OpenSSL-style methods relating to this support
# are always compiled but return NULL if the hardware
@@ -56,8 +56,7 @@
# [no-]zlib [don't] compile support for zlib compression.
# zlib-dynamic Like "zlib", but the zlib library is expected to be a shared
# library and will be loaded in run-time by the OpenSSL library.
-# enable-montasm 0.9.8 branch only: enable Montgomery x86 assembler backport
-# from 0.9.9
+# sctp include SCTP support
# 386 generate 80386 code
# no-sse2 disables IA-32 SSE2 code, above option implies no-sse2
# no-<cipher> build without specified algorithm (rsa, idea, rc5, ...)
@@ -125,14 +124,24 @@
my $bits1="THIRTY_TWO_BIT ";
my $bits2="SIXTY_FOUR_BIT ";
-my $x86_elf_asm="x86cpuid-elf.o:bn86-elf.o co86-elf.o MAYBE-MO86-elf.o:dx86-elf.o yx86-elf.o:ax86-elf.o:bx86-elf.o:mx86-elf.o:sx86-elf.o s512sse2-elf.o:cx86-elf.o:rx86-elf.o rc4_skey.o:rm86-elf.o:r586-elf.o";
-my $x86_coff_asm="x86cpuid-cof.o:bn86-cof.o co86-cof.o MAYBE-MO86-cof.o:dx86-cof.o yx86-cof.o:ax86-cof.o:bx86-cof.o:mx86-cof.o:sx86-cof.o s512sse2-cof.o:cx86-cof.o:rx86-cof.o rc4_skey.o:rm86-cof.o:r586-cof.o";
-my $x86_out_asm="x86cpuid-out.o:bn86-out.o co86-out.o MAYBE-MO86-out.o:dx86-out.o yx86-out.o:ax86-out.o:bx86-out.o:mx86-out.o:sx86-out.o s512sse2-out.o:cx86-out.o:rx86-out.o rc4_skey.o:rm86-out.o:r586-out.o";
+my $x86_asm="x86cpuid.o:bn-586.o co-586.o x86-mont.o x86-gf2m.o:des-586.o crypt586.o:aes-586.o vpaes-x86.o aesni-x86.o:bf-586.o:md5-586.o:sha1-586.o sha256-586.o sha512-586.o:cast-586.o:rc4-586.o:rmd-586.o:rc5-586.o:wp_block.o wp-mmx.o:cmll-x86.o:ghash-x86.o:";
-my $x86_64_asm="x86_64cpuid.o:x86_64-gcc.o x86_64-mont.o::aes-x86_64.o::md5-x86_64.o:sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o::rc4-x86_64.o::";
-my $ia64_asm=":bn-ia64.o::aes_core.o aes_cbc.o aes-ia64.o:::sha1-ia64.o sha256-ia64.o sha512-ia64.o::rc4-ia64.o rc4_skey.o::";
+my $x86_elf_asm="$x86_asm:elf";
-my $no_asm="::::::::::";
+my $x86_64_asm="x86_64cpuid.o:x86_64-gcc.o x86_64-mont.o x86_64-mont5.o x86_64-gf2m.o modexp512-x86_64.o::aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o::md5-x86_64.o:sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o::rc4-x86_64.o rc4-md5-x86_64.o:::wp-x86_64.o:cmll-x86_64.o cmll_misc.o:ghash-x86_64.o:";
+my $ia64_asm="ia64cpuid.o:bn-ia64.o ia64-mont.o::aes_core.o aes_cbc.o aes-ia64.o::md5-ia64.o:sha1-ia64.o sha256-ia64.o sha512-ia64.o::rc4-ia64.o rc4_skey.o:::::ghash-ia64.o::void";
+my $sparcv9_asm="sparcv9cap.o sparccpuid.o:bn-sparcv9.o sparcv9-mont.o sparcv9a-mont.o:des_enc-sparc.o fcrypt_b.o:aes_core.o aes_cbc.o aes-sparcv9.o:::sha1-sparcv9.o sha256-sparcv9.o sha512-sparcv9.o:::::::ghash-sparcv9.o::void";
+my $sparcv8_asm=":sparcv8.o:des_enc-sparc.o fcrypt_b.o:::::::::::::void";
+my $alpha_asm="alphacpuid.o:bn_asm.o alpha-mont.o:::::sha1-alpha.o:::::::ghash-alpha.o::void";
+my $mips32_asm=":bn-mips.o::aes_cbc.o aes-mips.o:::sha1-mips.o sha256-mips.o::::::::";
+my $mips64_asm=":bn-mips.o mips-mont.o::aes_cbc.o aes-mips.o:::sha1-mips.o sha256-mips.o sha512-mips.o::::::::";
+my $s390x_asm="s390xcap.o s390xcpuid.o:bn-s390x.o s390x-mont.o s390x-gf2m.o::aes-s390x.o aes-ctr.o aes-xts.o:::sha1-s390x.o sha256-s390x.o sha512-s390x.o::rc4-s390x.o:::::ghash-s390x.o:";
+my $armv4_asm="armcap.o armv4cpuid.o:bn_asm.o armv4-mont.o armv4-gf2m.o::aes_cbc.o aes-armv4.o:::sha1-armv4-large.o sha256-armv4.o sha512-armv4.o:::::::ghash-armv4.o::void";
+my $parisc11_asm="pariscid.o:bn_asm.o parisc-mont.o::aes_core.o aes_cbc.o aes-parisc.o:::sha1-parisc.o sha256-parisc.o sha512-parisc.o::rc4-parisc.o:::::ghash-parisc.o::32";
+my $parisc20_asm="pariscid.o:pa-risc2W.o parisc-mont.o::aes_core.o aes_cbc.o aes-parisc.o:::sha1-parisc.o sha256-parisc.o sha512-parisc.o::rc4-parisc.o:::::ghash-parisc.o::64";
+my $ppc32_asm="ppccpuid.o ppccap.o:bn-ppc.o ppc-mont.o ppc64-mont.o::aes_core.o aes_cbc.o aes-ppc.o:::sha1-ppc.o sha256-ppc.o::::::::";
+my $ppc64_asm="ppccpuid.o ppccap.o:bn-ppc.o ppc-mont.o ppc64-mont.o::aes_core.o aes_cbc.o aes-ppc.o:::sha1-ppc.o sha256-ppc.o sha512-ppc.o::::::::";
+my $no_asm=":::::::::::::::void";
# As for $BSDthreads. Idea is to maintain "collective" set of flags,
# which would cover all BSD flavors. -pthread applies to them all,
@@ -143,7 +152,7 @@
# seems to be sufficient?
my $BSDthreads="-pthread -D_THREAD_SAFE -D_REENTRANT";
-#config-string $cc : $cflags : $unistd : $thread_cflag : $sys_id : $lflags : $bn_ops : $cpuid_obj : $bn_obj : $des_obj : $aes_obj : $bf_obj : $md5_obj : $sha1_obj : $cast_obj : $rc4_obj : $rmd160_obj : $rc5_obj : $dso_scheme : $shared_target : $shared_cflag : $shared_ldflag : $shared_extension : $ranlib : $arflags
+#config-string $cc : $cflags : $unistd : $thread_cflag : $sys_id : $lflags : $bn_ops : $cpuid_obj : $bn_obj : $des_obj : $aes_obj : $bf_obj : $md5_obj : $sha1_obj : $cast_obj : $rc4_obj : $rmd160_obj : $rc5_obj : $wp_obj : $cmll_obj : $modes_obj : $engines_obj : $dso_scheme : $shared_target : $shared_cflag : $shared_ldflag : $shared_extension : $ranlib : $arflags : $multilib
my %table=(
# File 'TABLE' (created by 'make TABLE') contains the data from this list,
@@ -158,33 +167,36 @@
# Our development configs
"purify", "purify gcc:-g -DPURIFY -Wall::(unknown)::-lsocket -lnsl::::",
"debug", "gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -ggdb -g2 -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror::(unknown)::-lefence::::",
-"debug-ben", "gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown):::::bn86-elf.o co86-elf.o",
+"debug-ben", "gcc:$gcc_devteam_warn -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DDEBUG_SAFESTACK -O2 -pipe::(unknown):::::",
"debug-ben-openbsd","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DOPENSSL_OPENBSD_DEV_CRYPTO -DOPENSSL_NO_ASM -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown)::::",
"debug-ben-openbsd-debug","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DOPENSSL_OPENBSD_DEV_CRYPTO -DOPENSSL_NO_ASM -g3 -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown)::::",
-"debug-ben-debug", "gcc:$gcc_devteam_warn -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DDEBUG_SAFESTACK -ggdb3 -O2 -pipe::(unknown)::::::",
-"debug-ben-debug-64", "gcc:$gcc_devteam_warn -DBN_DEBUG -DCONF_DEBUG -DDEBUG_SAFESTACK -DDEBUG_UNUSED -g3 -O3 -pipe::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-ben-debug-noopt", "gcc:$gcc_devteam_warn -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DDEBUG_SAFESTACK -ggdb3 -pipe::(unknown)::::::",
+"debug-ben-debug", "gcc44:$gcc_devteam_warn -DBN_DEBUG -DCONF_DEBUG -DDEBUG_SAFESTACK -DDEBUG_UNUSED -g3 -O2 -pipe::(unknown)::::::",
+"debug-ben-debug-64", "gcc:$gcc_devteam_warn -Wno-error=overlength-strings -DBN_DEBUG -DCONF_DEBUG -DDEBUG_SAFESTACK -DDEBUG_UNUSED -g3 -O3 -pipe::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-ben-macos", "cc:$gcc_devteam_warn -arch i386 -DBN_DEBUG -DCONF_DEBUG -DDEBUG_SAFESTACK -DDEBUG_UNUSED -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -O3 -DL_ENDIAN -g3 -pipe::(unknown)::-Wl,-search_paths_first::::",
+"debug-ben-macos-gcc46", "gcc-mp-4.6:$gcc_devteam_warn -Wconversion -DBN_DEBUG -DCONF_DEBUG -DDEBUG_SAFESTACK -DDEBUG_UNUSED -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -O3 -DL_ENDIAN -g3 -pipe::(unknown)::::::",
+"debug-ben-darwin64","cc:$gcc_devteam_warn -Wno-language-extension-token -Wno-extended-offsetof -arch x86_64 -O3 -DL_ENDIAN -Wall::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:".eval{my $asm=$x86_64_asm;$asm=~s/rc4\-[^:]+//;$asm}.":macosx:dlfcn:darwin-shared:-fPIC -fno-common:-arch x86_64 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
+"debug-ben-no-opt", "gcc: -Wall -Wmissing-prototypes -Wstrict-prototypes -Wmissing-declarations -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG -Werror -DL_ENDIAN -DTERMIOS -Wall -g3::(unknown)::::::",
"debug-ben-strict", "gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DCONST_STRICT -O2 -Wall -Wshadow -Werror -Wpointer-arith -Wcast-qual -Wwrite-strings -pipe::(unknown)::::::",
"debug-rse","cc:-DTERMIOS -DL_ENDIAN -pipe -O -g -ggdb3 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
"debug-bodo", "gcc:$gcc_devteam_warn -Wno-error=overlength-strings -DBN_DEBUG -DBN_DEBUG_RAND -DCONF_DEBUG -DBIO_PAIR_DEBUG -m64 -DL_ENDIAN -DTERMIO -g -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
"debug-ulf", "gcc:-DTERMIOS -DL_ENDIAN -march=i486 -Wall -DBN_DEBUG -DBN_DEBUG_RAND -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -g -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations:::CYGWIN32:::${no_asm}:win32:cygwin-shared:::.dll",
-"debug-steve64", "gcc:$gcc_devteam_warn -m64 -DL_ENDIAN -DTERMIO -DCONF_DEBUG -DDEBUG_SAFESTACK -g -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-steve64", "gcc:$gcc_devteam_warn -m64 -DL_ENDIAN -DTERMIO -DCONF_DEBUG -DDEBUG_SAFESTACK -Wno-overlength-strings -g::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-steve32", "gcc:$gcc_devteam_warn -m32 -DL_ENDIAN -DCONF_DEBUG -DDEBUG_SAFESTACK -g -pipe::-D_REENTRANT::-rdynamic -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC:-m32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-steve-opt", "gcc:$gcc_devteam_warn -m64 -O3 -DL_ENDIAN -DTERMIO -DCONF_DEBUG -DDEBUG_SAFESTACK -g -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-steve", "gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DPEDANTIC -m32 -g -pedantic -Wno-long-long -Wall -Werror -Wshadow -pipe::-D_REENTRANT::-rdynamic -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared",
-"debug-steve-linux-pseudo64", "gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DOPENSSL_NO_ASM -g -mcpu=i486 -Wall -Werror -Wshadow -pipe::-D_REENTRANT::-rdynamic -ldl:SIXTY_FOUR_BIT:${no_asm}:dlfcn:linux-shared",
+"debug-steve-opt", "gcc:$gcc_devteam_warn -m64 -O3 -DL_ENDIAN -DTERMIO -DCONF_DEBUG -DDEBUG_SAFESTACK -g::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-levitte-linux-elf","gcc:-DLEVITTE_DEBUG -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -ggdb -g3 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-levitte-linux-noasm","gcc:-DLEVITTE_DEBUG -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -ggdb -g3 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-levitte-linux-elf-extreme","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DL_ENDIAN -DTERMIO -DPEDANTIC -ggdb -g3 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-levitte-linux-noasm-extreme","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DTERMIO -DPEDANTIC -ggdb -g3 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-geoff","gcc:-DBN_DEBUG -DBN_DEBUG_RAND -DBN_STRICT -DPURIFY -DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_ASM -DOPENSSL_NO_INLINE_ASM -DL_ENDIAN -DTERMIO -DPEDANTIC -O1 -ggdb2 -Wall -Werror -Wundef -pedantic -Wshadow -Wpointer-arith -Wbad-function-cast -Wcast-align -Wsign-compare -Wmissing-prototypes -Wmissing-declarations -Wno-long-long::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-linux-pentium","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -mcpu=pentium -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn",
-"debug-linux-ppro","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -mcpu=pentiumpro -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn",
-"debug-linux-elf","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -march=i486 -Wall::-D_REENTRANT::-lefence -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-linux-elf-noefence","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -march=i486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-linux-generic32","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DTERMIO -g -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-linux-generic64","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DTERMIO -g -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-linux-x86_64","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -m64 -DL_ENDIAN -DTERMIO -g -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-levitte-linux-elf-extreme","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DL_ENDIAN -DPEDANTIC -ggdb -g3 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-levitte-linux-noasm-extreme","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DPEDANTIC -ggdb -g3 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-geoff32","gcc:-DBN_DEBUG -DBN_DEBUG_RAND -DBN_STRICT -DPURIFY -DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_ASM -DOPENSSL_NO_INLINE_ASM -DL_ENDIAN -DTERMIO -DPEDANTIC -O1 -ggdb2 -Wall -Werror -Wundef -pedantic -Wshadow -Wpointer-arith -Wbad-function-cast -Wcast-align -Wsign-compare -Wmissing-prototypes -Wmissing-declarations -Wno-long-long::-D_REENTRANT::-ldl:BN_LLONG:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-geoff64","gcc:-DBN_DEBUG -DBN_DEBUG_RAND -DBN_STRICT -DPURIFY -DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_ASM -DOPENSSL_NO_INLINE_ASM -DL_ENDIAN -DTERMIO -DPEDANTIC -O1 -ggdb2 -Wall -Werror -Wundef -pedantic -Wshadow -Wpointer-arith -Wbad-function-cast -Wcast-align -Wsign-compare -Wmissing-prototypes -Wmissing-declarations -Wno-long-long::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-linux-pentium","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -g -mcpu=pentium -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn",
+"debug-linux-ppro","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -g -mcpu=pentiumpro -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn",
+"debug-linux-elf","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -g -march=i486 -Wall::-D_REENTRANT::-lefence -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-linux-elf-noefence","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -g -march=i486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-linux-ia32-aes", "gcc:-DAES_EXPERIMENTAL -DL_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:x86cpuid.o:bn-586.o co-586.o x86-mont.o:des-586.o crypt586.o:aes_x86core.o aes_cbc.o aesni-x86.o:bf-586.o:md5-586.o:sha1-586.o sha256-586.o sha512-586.o:cast-586.o:rc4-586.o:rmd-586.o:rc5-586.o:wp_block.o wp-mmx.o::ghash-x86.o::elf:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-linux-generic32","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -g -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-linux-generic64","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -g -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-linux-x86_64","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -m64 -DL_ENDIAN -g -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
"dist", "cc:-O::(unknown)::::::",
# Basic configs that should work on any (32 and less bit) box
@@ -192,8 +204,8 @@
"cc", "cc:-O::(unknown)::::::",
####VOS Configurations
-"vos-gcc","gcc:-O3 -Wall -D_POSIX_C_SOURCE=200112L -D_BSD -DB_ENDIAN::(unknown):VOS:-Wl,-map:BN_LLONG:${no_asm}:::::.so:",
-"debug-vos-gcc","gcc:-O0 -g -Wall -D_POSIX_C_SOURCE=200112L -D_BSD -DB_ENDIAN -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG::(unknown):VOS:-Wl,-map:BN_LLONG:${no_asm}:::::.so:",
+"vos-gcc","gcc:-O3 -Wall -DOPENSSL_SYSNAME_VOS -D_POSIX_C_SOURCE=200112L -D_BSD -D_VOS_EXTENDED_NAMES -DB_ENDIAN::(unknown):VOS:-Wl,-map:BN_LLONG:${no_asm}:::::.so:",
+"debug-vos-gcc","gcc:-O0 -g -Wall -DOPENSSL_SYSNAME_VOS -D_POSIX_C_SOURCE=200112L -D_BSD -D_VOS_EXTENDED_NAMES -DB_ENDIAN -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG::(unknown):VOS:-Wl,-map:BN_LLONG:${no_asm}:::::.so:",
#### Solaris x86 with GNU C setups
# -DOPENSSL_NO_INLINE_ASM switches off inline assembler. We have to do it
@@ -210,21 +222,21 @@
# actually recommend to consider using gcc shared build even with vendor
# compiler:-)
# <appro at fy.chalmers.se>
-"solaris64-x86_64-gcc","gcc:-m64 -O3 -Wall -DL_ENDIAN -DMD32_REG_T=int::-D_REENTRANT::-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:dlfcn:solaris-shared:-fPIC:-m64 -shared -static-libgcc:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris64-x86_64-gcc","gcc:-m64 -O3 -Wall -DL_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:solaris-shared:-fPIC:-m64 -shared -static-libgcc:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/64",
#### Solaris x86 with Sun C setups
"solaris-x86-cc","cc:-fast -O -Xa::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL BF_PTR:${no_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"solaris64-x86_64-cc","cc:-fast -xarch=amd64 -xstrconst -Xa -DL_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:dlfcn:solaris-shared:-KPIC:-xarch=amd64 -G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris64-x86_64-cc","cc:-fast -xarch=amd64 -xstrconst -Xa -DL_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:solaris-shared:-KPIC:-xarch=amd64 -G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/64",
#### SPARC Solaris with GNU C setups
"solaris-sparcv7-gcc","gcc:-O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"solaris-sparcv8-gcc","gcc:-mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::sparcv8.o:des_enc-sparc.o fcrypt_b.o:::::::::dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris-sparcv8-gcc","gcc:-mcpu=v8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
# -m32 should be safe to add as long as driver recognizes -mcpu=ultrasparc
-"solaris-sparcv9-gcc","gcc:-m32 -mcpu=ultrasparc -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::sparcv8plus.o:des_enc-sparc.o fcrypt_b.o:::::::::dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"solaris64-sparcv9-gcc","gcc:-m64 -mcpu=ultrasparc -O3 -Wall -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:::des_enc-sparc.o fcrypt_b.o:::::::::dlfcn:solaris-shared:-fPIC:-m64 -shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris-sparcv9-gcc","gcc:-m32 -mcpu=ultrasparc -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris64-sparcv9-gcc","gcc:-m64 -mcpu=ultrasparc -O3 -Wall -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-fPIC:-m64 -shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/64",
####
-"debug-solaris-sparcv8-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mv8 -Wall -DB_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::sparcv8.o::::::::::dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-solaris-sparcv9-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG_ALL -DPEDANTIC -O -g -mcpu=ultrasparc -pedantic -ansi -Wall -Wshadow -Wno-long-long -D__EXTENSIONS__ -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::sparcv8plus.o:des_enc-sparc.o fcrypt_b.o:::::::::dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-solaris-sparcv8-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mcpu=v8 -Wall -DB_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-solaris-sparcv9-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -DPEDANTIC -O -g -mcpu=ultrasparc -pedantic -ansi -Wall -Wshadow -Wno-long-long -D__EXTENSIONS__ -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
#### SPARC Solaris with Sun C setups
# SC4.0 doesn't pass 'make test', upgrade to SC5.0 or SC4.2.
@@ -231,29 +243,29 @@
# SC4.2 is ok, better than gcc even on bn as long as you tell it -xarch=v8
# SC5.0 note: Compiler common patch 107357-01 or later is required!
"solaris-sparcv7-cc","cc:-xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${no_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"solaris-sparcv8-cc","cc:-xarch=v8 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR::sparcv8.o:des_enc-sparc.o fcrypt_b.o:::::::::dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"solaris-sparcv9-cc","cc:-xtarget=ultra -xarch=v8plus -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR::sparcv8plus.o:des_enc-sparc.o fcrypt_b.o:::::::::dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"solaris64-sparcv9-cc","cc:-xtarget=ultra -xarch=v9 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:::des_enc-sparc.o fcrypt_b.o:::::::::dlfcn:solaris-shared:-KPIC:-xarch=v9 -G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):/usr/ccs/bin/ar rs",
+"solaris-sparcv8-cc","cc:-xarch=v8 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris-sparcv9-cc","cc:-xtarget=ultra -xarch=v8plus -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris64-sparcv9-cc","cc:-xtarget=ultra -xarch=v9 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-KPIC:-xarch=v9 -G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/64",
####
-"debug-solaris-sparcv8-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG_ALL -xarch=v8 -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR::sparcv8.o::::::::::dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-solaris-sparcv9-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG_ALL -xtarget=ultra -xarch=v8plus -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR::sparcv8plus.o::::::::::dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-solaris-sparcv8-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xarch=v8 -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-solaris-sparcv9-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xtarget=ultra -xarch=v8plus -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
#### SunOS configs, assuming sparc for the gcc one.
#"sunos-cc", "cc:-O4 -DNOPROTO -DNOCONST::(unknown):SUNOS::DES_UNROLL:${no_asm}::",
-"sunos-gcc","gcc:-O3 -mv8 -Dssize_t=int::(unknown):SUNOS::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL DES_PTR DES_RISC1:${no_asm}::",
+"sunos-gcc","gcc:-O3 -mcpu=v8 -Dssize_t=int::(unknown):SUNOS::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL DES_PTR DES_RISC1:${no_asm}::",
#### IRIX 5.x configs
# -mips2 flag is added by ./config when appropriate.
-"irix-gcc","gcc:-O3 -DTERMIOS -DB_ENDIAN::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK DES_UNROLL DES_RISC2 DES_PTR BF_PTR:${no_asm}:dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"irix-cc", "cc:-O2 -use_readonly_const -DTERMIOS -DB_ENDIAN::(unknown):::BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC2 DES_UNROLL BF_PTR:${no_asm}:dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"irix-gcc","gcc:-O3 -DB_ENDIAN::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK DES_UNROLL DES_RISC2 DES_PTR BF_PTR:${mips32_asm}:o32:dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"irix-cc", "cc:-O2 -use_readonly_const -DB_ENDIAN::(unknown):::BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC2 DES_UNROLL BF_PTR:${mips32_asm}:o32:dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
#### IRIX 6.x configs
# Only N32 and N64 ABIs are supported. If you need O32 ABI build, invoke
# './Configure irix-cc -o32' manually.
-"irix-mips3-gcc","gcc:-mabi=n32 -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK_LL DES_UNROLL DES_RISC2 DES_PTR BF_PTR SIXTY_FOUR_BIT::bn-mips3.o::::::::::dlfcn:irix-shared::-mabi=n32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"irix-mips3-cc", "cc:-n32 -mips3 -O2 -use_readonly_const -G0 -rdata_shared -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::DES_PTR RC4_CHAR RC4_CHUNK_LL DES_RISC2 DES_UNROLL BF_PTR SIXTY_FOUR_BIT::bn-mips3.o::::::::::dlfcn:irix-shared::-n32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"irix-mips3-gcc","gcc:-mabi=n32 -O3 -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK_LL DES_UNROLL DES_RISC2 DES_PTR BF_PTR SIXTY_FOUR_BIT:${mips64_asm}:n32:dlfcn:irix-shared::-mabi=n32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::32",
+"irix-mips3-cc", "cc:-n32 -mips3 -O2 -use_readonly_const -G0 -rdata_shared -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::DES_PTR RC4_CHAR RC4_CHUNK_LL DES_RISC2 DES_UNROLL BF_PTR SIXTY_FOUR_BIT:${mips64_asm}:n32:dlfcn:irix-shared::-n32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::32",
# N64 ABI builds.
-"irix64-mips4-gcc","gcc:-mabi=64 -mips4 -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG::bn-mips3.o::::::::::dlfcn:irix-shared::-mabi=64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"irix64-mips4-cc", "cc:-64 -mips4 -O2 -use_readonly_const -G0 -rdata_shared -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG::bn-mips3.o::::::::::dlfcn:irix-shared::-64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"irix64-mips4-gcc","gcc:-mabi=64 -mips4 -O3 -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:${mips64_asm}:64:dlfcn:irix-shared::-mabi=64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
+"irix64-mips4-cc", "cc:-64 -mips4 -O2 -use_readonly_const -G0 -rdata_shared -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:${mips64_asm}:64:dlfcn:irix-shared::-64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
#### Unified HP-UX ANSI C configs.
# Special notes:
@@ -286,8 +298,9 @@
# Since there is mention of this in shlib/hpux10-cc.sh
"hpux-parisc-cc-o4","cc:-Ae +O4 +ESlit -z -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::-D_REENTRANT::-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1:${no_asm}:dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"hpux-parisc-gcc","gcc:-O3 -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1:${no_asm}:dl:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"hpux-parisc2-gcc","gcc:-march=2.0 -O3 -DB_ENDIAN -D_REENTRANT::::-Wl,+s -ldld:SIXTY_FOUR_BIT RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL DES_RISC1::pa-risc2.o::::::::::dl:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"hpux64-parisc2-gcc","gcc:-O3 -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::pa-risc2W.o::::::::::dlfcn:hpux-shared:-fpic:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux-parisc1_1-gcc","gcc:-O3 -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1:${parisc11_asm}:dl:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/pa1.1",
+"hpux-parisc2-gcc","gcc:-march=2.0 -O3 -DB_ENDIAN -D_REENTRANT::::-Wl,+s -ldld:SIXTY_FOUR_BIT RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL DES_RISC1:".eval{my $asm=$parisc20_asm;$asm=~s/2W\./2\./;$asm=~s/:64/:32/;$asm}.":dl:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/pa20_32",
+"hpux64-parisc2-gcc","gcc:-O3 -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::pa-risc2W.o::::::::::::::void:dlfcn:hpux-shared:-fpic:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/pa20_64",
# More attempts at unified 10.X and 11.X targets for HP C compiler.
#
@@ -294,18 +307,18 @@
# Chris Ruemmler <ruemmler at cup.hp.com>
# Kevin Steves <ks at hp.se>
"hpux-parisc-cc","cc:+O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::-D_REENTRANT::-Wl,+s -ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:${no_asm}:dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"hpux-parisc1_0-cc","cc:+DAportable +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-Wl,+s -ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:${no_asm}:dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"hpux-parisc2-cc","cc:+DA2.0 +DS2.0 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY -D_REENTRANT::::-Wl,+s -ldld:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::pa-risc2.o::::::::::dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"hpux64-parisc2-cc","cc:+DD64 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::pa-risc2W.o::::::::::dlfcn:hpux-shared:+Z:+DD64 -b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux-parisc1_1-cc","cc:+DA1.1 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-Wl,+s -ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:${parisc11_asm}:dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/pa1.1",
+"hpux-parisc2-cc","cc:+DA2.0 +DS2.0 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY -D_REENTRANT::::-Wl,+s -ldld:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:".eval{my $asm=$parisc20_asm;$asm=~s/2W\./2\./;$asm=~s/:64/:32/;$asm}.":dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/pa20_32",
+"hpux64-parisc2-cc","cc:+DD64 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:${parisc20_asm}:dlfcn:hpux-shared:+Z:+DD64 -b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/pa20_64",
# HP/UX IA-64 targets
-"hpux-ia64-cc","cc:-Ae +DD32 +O2 +Olit=all -z -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:${ia64_asm}:dlfcn:hpux-shared:+Z:+DD32 -b:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux-ia64-cc","cc:-Ae +DD32 +O2 +Olit=all -z -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:${ia64_asm}:dlfcn:hpux-shared:+Z:+DD32 -b:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/hpux32",
# Frank Geurts <frank.geurts at nl.abnamro.com> has patiently assisted with
# with debugging of the following config.
-"hpux64-ia64-cc","cc:-Ae +DD64 +O3 +Olit=all -z -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:${ia64_asm}:dlfcn:hpux-shared:+Z:+DD64 -b:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux64-ia64-cc","cc:-Ae +DD64 +O3 +Olit=all -z -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:${ia64_asm}:dlfcn:hpux-shared:+Z:+DD64 -b:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/hpux64",
# GCC builds...
-"hpux-ia64-gcc","gcc:-O3 -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:${ia64_asm}:dlfcn:hpux-shared:-fpic:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"hpux64-ia64-gcc","gcc:-mlp64 -O3 -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:${ia64_asm}:dlfcn:hpux-shared:-fpic:-mlp64 -shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux-ia64-gcc","gcc:-O3 -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:${ia64_asm}:dlfcn:hpux-shared:-fpic:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/hpux32",
+"hpux64-ia64-gcc","gcc:-mlp64 -O3 -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:${ia64_asm}:dlfcn:hpux-shared:-fpic:-mlp64 -shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/hpux64",
# Legacy HPUX 9.X configs...
"hpux-cc", "cc:-DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY -Ae +ESlit +O2 -z::(unknown)::-Wl,+s -ldld:DES_PTR DES_UNROLL DES_RISC1:${no_asm}:dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
@@ -323,9 +336,9 @@
#
# For gcc, the following gave a %50 speedup on a 164 over the 'DES_INT' version
#
-"osf1-alpha-gcc", "gcc:-O3::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_RISC1:${no_asm}:dlfcn:alpha-osf1-shared:::.so",
-"osf1-alpha-cc", "cc:-std1 -tune host -O4 -readonly_strings::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${no_asm}:dlfcn:alpha-osf1-shared:::.so",
-"tru64-alpha-cc", "cc:-std1 -tune host -fast -readonly_strings::-pthread:::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${no_asm}:dlfcn:alpha-osf1-shared::-msym:.so",
+"osf1-alpha-gcc", "gcc:-O3::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_RISC1:${alpha_asm}:dlfcn:alpha-osf1-shared:::.so",
+"osf1-alpha-cc", "cc:-std1 -tune host -O4 -readonly_strings::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${alpha_asm}:dlfcn:alpha-osf1-shared:::.so",
+"tru64-alpha-cc", "cc:-std1 -tune host -fast -readonly_strings::-pthread:::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${alpha_asm}:dlfcn:alpha-osf1-shared::-msym:.so",
####
#### Variety of LINUX:-)
@@ -332,28 +345,46 @@
####
# *-generic* is endian-neutral target, but ./config is free to
# throw in -D[BL]_ENDIAN, whichever appropriate...
-"linux-generic32","gcc:-DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-ppc", "gcc:-DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL::linux_ppc32.o::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-generic32","gcc:-O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-ppc", "gcc:-DB_ENDIAN -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc32_asm}:linux32:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+# It's believed that majority of ARM toolchains predefine appropriate -march.
+# If you compiler does not, do complement config command line with one!
+"linux-armv4", "gcc:-O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${armv4_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
#### IA-32 targets...
-"linux-ia32-icc", "icc:-DL_ENDIAN -DTERMIO -O2 -no_cpprt::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-elf", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-aout", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -march=i486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}",
+"linux-ia32-icc", "icc:-DL_ENDIAN -O2 -no_cpprt::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-elf", "gcc:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-aout", "gcc:-DL_ENDIAN -O3 -fomit-frame-pointer -march=i486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out",
####
-"linux-generic64","gcc:-DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-ppc64", "gcc:-m64 -DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL::linux_ppc64.o::::::::::dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-ia64", "gcc:-DL_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-ia64-ecc","ecc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-ia64-icc","icc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-x86_64", "gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-generic64","gcc:-O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-ppc64", "gcc:-m64 -DB_ENDIAN -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc64_asm}:linux64:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
+"linux-ia64", "gcc:-DL_ENDIAN -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-ia64-ecc","ecc:-DL_ENDIAN -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-ia64-icc","icc:-DL_ENDIAN -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-x86_64", "gcc:-m64 -DL_ENDIAN -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
+"linux64-s390x", "gcc:-m64 -DB_ENDIAN -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${s390x_asm}:64:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
+#### So called "highgprs" target for z/Architecture CPUs
+# "Highgprs" is kernel feature first implemented in Linux 2.6.32, see
+# /proc/cpuinfo. The idea is to preserve most significant bits of
+# general purpose registers not only upon 32-bit process context
+# switch, but even on asynchronous signal delivery to such process.
+# This makes it possible to deploy 64-bit instructions even in legacy
+# application context and achieve better [or should we say adequate]
+# performance. The build is binary compatible with linux-generic32,
+# and the idea is to be able to install the resulting libcrypto.so
+# alongside generic one, e.g. as /lib/highgprs/libcrypto.so.x.y, for
+# ldconfig and run-time linker to autodiscover. Unfortunately it
+# doesn't work just yet, because of couple of bugs in glibc
+# sysdeps/s390/dl-procinfo.c affecting ldconfig and ld.so.1...
+"linux32-s390x", "gcc:-m31 -Wa,-mzarch -DB_ENDIAN -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:".eval{my $asm=$s390x_asm;$asm=~s/bn\-s390x\.o/bn_asm.o/;$asm}.":31:dlfcn:linux-shared:-fPIC:-m31:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/highgprs",
#### SPARC Linux setups
# Ray Miller <ray.miller at computing-services.oxford.ac.uk> has patiently
# assisted with debugging of following two configs.
-"linux-sparcv8","gcc:-mv8 -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::sparcv8.o:des_enc-sparc.o fcrypt_b.o:::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-sparcv8","gcc:-mcpu=v8 -DB_ENDIAN -O3 -fomit-frame-pointer -Wall -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
# it's a real mess with -mcpu=ultrasparc option under Linux, but
# -Wa,-Av8plus should do the trick no matter what.
-"linux-sparcv9","gcc:-m32 -mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -Wa,-Av8plus -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::sparcv8plus.o:des_enc-sparc.o fcrypt_b.o:::::::::dlfcn:linux-shared:-fPIC:-m32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-sparcv9","gcc:-m32 -mcpu=ultrasparc -DB_ENDIAN -O3 -fomit-frame-pointer -Wall -Wa,-Av8plus -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC:-m32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
# GCC 3.1 is a requirement
-"linux64-sparcv9","gcc:-m64 -mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:ULTRASPARC:-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::::::::::::dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux64-sparcv9","gcc:-m64 -mcpu=ultrasparc -DB_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
#### Alpha Linux with GNU C and Compaq C setups
# Special notes:
# - linux-alpha+bwx-gcc is ment to be used from ./config only. If you
@@ -367,28 +398,30 @@
#
# <appro at fy.chalmers.se>
#
-"linux-alpha-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-alpha+bwx-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-alpha-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${no_asm}",
-"linux-alpha+bwx-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${no_asm}",
+"linux-alpha-gcc","gcc:-O3 -DL_ENDIAN::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-alpha+bwx-gcc","gcc:-O3 -DL_ENDIAN::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-alpha-ccc","ccc:-fast -readonly_strings -DL_ENDIAN::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}",
+"linux-alpha+bwx-ccc","ccc:-fast -readonly_strings -DL_ENDIAN::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}",
-# Android: Linux but without -DTERMIO and pointers to headers and libs.
+# Android: linux-* but without pointers to headers and libs.
"android","gcc:-mandroid -I\$(ANDROID_DEV)/include -B\$(ANDROID_DEV)/lib -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"android-x86","gcc:-mandroid -I\$(ANDROID_DEV)/include -B\$(ANDROID_DEV)/lib -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:".eval{my $asm=${x86_elf_asm};$asm=~s/:elf/:android/;$asm}.":dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"android-armv7","gcc:-march=armv7-a -mandroid -I\$(ANDROID_DEV)/include -B\$(ANDROID_DEV)/lib -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${armv4_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
#### *BSD [do see comment about ${BSDthreads} above!]
-"BSD-generic32","gcc:-DTERMIOS -O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"BSD-x86", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"BSD-x86-elf", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-BSD-x86-elf", "gcc:-DL_ENDIAN -DTERMIOS -O3 -Wall -g::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"BSD-sparcv8", "gcc:-DB_ENDIAN -DTERMIOS -O3 -mv8 -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL::sparcv8.o:des_enc-sparc.o fcrypt_b.o:::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"BSD-generic32","gcc:-O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"BSD-x86", "gcc:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"BSD-x86-elf", "gcc:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-BSD-x86-elf", "gcc:-DL_ENDIAN -O3 -Wall -g::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"BSD-sparcv8", "gcc:-DB_ENDIAN -O3 -mcpu=v8 -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL:${sparcv8_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"BSD-generic64","gcc:-DTERMIOS -O3 -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"BSD-generic64","gcc:-O3 -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
# -DMD32_REG_T=int doesn't actually belong in sparc64 target, it
# simply *happens* to work around a compiler bug in gcc 3.3.3,
# triggered by RIPEMD160 code.
-"BSD-sparc64", "gcc:-DB_ENDIAN -DTERMIOS -O3 -DMD32_REG_T=int -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC2_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC2 BF_PTR:::des_enc-sparc.o fcrypt_b.o:::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"BSD-ia64", "gcc:-DL_ENDIAN -DTERMIOS -O3 -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${ia64_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"BSD-x86_64", "gcc:-DL_ENDIAN -DTERMIOS -O3 -DMD32_REG_T=int -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"BSD-sparc64", "gcc:-DB_ENDIAN -O3 -DMD32_REG_T=int -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC2 BF_PTR:${sparcv9_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"BSD-ia64", "gcc:-DL_ENDIAN -O3 -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_INT:${ia64_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"BSD-x86_64", "gcc:-DL_ENDIAN -O3 -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"bsdi-elf-gcc", "gcc:-DPERL5 -DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -Wall::(unknown)::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
@@ -400,9 +433,13 @@
# QNX
"qnx4", "cc:-DL_ENDIAN -DTERMIO::(unknown):::${x86_gcc_des} ${x86_gcc_opts}:",
-"QNX6", "gcc:-DTERMIOS::::-lsocket::${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"QNX6-i386", "gcc:-DL_ENDIAN -DTERMIOS -O2 -Wall::::-lsocket:${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"QNX6", "gcc:::::-lsocket::${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"QNX6-i386", "gcc:-DL_ENDIAN -O2 -Wall::::-lsocket:${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+# BeOS
+"beos-x86-r5", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -mcpu=pentium -Wall::-D_REENTRANT:BEOS:-lbe -lnet:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:beos:beos-shared:-fPIC -DPIC:-shared:.so",
+"beos-x86-bone", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -mcpu=pentium -Wall::-D_REENTRANT:BEOS:-lbe -lbind -lsocket:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:beos:beos-shared:-fPIC:-shared:.so",
+
#### SCO/Caldera targets.
#
# Originally we had like unixware-*, unixware-*-pentium, unixware-*-p6, etc.
@@ -425,12 +462,12 @@
#### IBM's AIX.
"aix3-cc", "cc:-O -DB_ENDIAN -qmaxmem=16384::(unknown):AIX::BN_LLONG RC4_CHAR:::",
-"aix-gcc", "gcc:-O -DB_ENDIAN::-pthread:AIX::BN_LLONG RC4_CHAR::aix_ppc32.o::::::::::dlfcn:aix-shared::-shared -Wl,-G:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 32",
-"aix64-gcc","gcc:-maix64 -O -DB_ENDIAN::-pthread:AIX::SIXTY_FOUR_BIT_LONG RC4_CHAR::aix_ppc64.o::::::::::dlfcn:aix-shared::-maix64 -shared -Wl,-G:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X64",
+"aix-gcc", "gcc:-O -DB_ENDIAN::-pthread:AIX::BN_LLONG RC4_CHAR:${ppc32_asm}:aix32:dlfcn:aix-shared::-shared -Wl,-G:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X32",
+"aix64-gcc","gcc:-maix64 -O -DB_ENDIAN::-pthread:AIX::SIXTY_FOUR_BIT_LONG RC4_CHAR:${ppc64_asm}:aix64:dlfcn:aix-shared::-maix64 -shared -Wl,-G:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X64",
# Below targets assume AIX 5. Idea is to effectively disregard $OBJECT_MODE
# at build time. $OBJECT_MODE is respected at ./config stage!
-"aix-cc", "cc:-q32 -O -DB_ENDIAN -qmaxmem=16384 -qro -qroconst::-qthreaded -D_THREAD_SAFE:AIX::BN_LLONG RC4_CHAR::aix_ppc32.o::::::::::dlfcn:aix-shared::-q32 -G:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 32",
-"aix64-cc", "cc:-q64 -O -DB_ENDIAN -qmaxmem=16384 -qro -qroconst::-qthreaded -D_THREAD_SAFE:AIX::SIXTY_FOUR_BIT_LONG RC4_CHAR::aix_ppc64.o::::::::::dlfcn:aix-shared::-q64 -G:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 64",
+"aix-cc", "cc:-q32 -O -DB_ENDIAN -qmaxmem=16384 -qro -qroconst::-qthreaded -D_THREAD_SAFE:AIX::BN_LLONG RC4_CHAR:${ppc32_asm}:aix32:dlfcn:aix-shared::-q32 -G:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 32",
+"aix64-cc", "cc:-q64 -O -DB_ENDIAN -qmaxmem=16384 -qro -qroconst::-qthreaded -D_THREAD_SAFE:AIX::SIXTY_FOUR_BIT_LONG RC4_CHAR:${ppc64_asm}:aix64:dlfcn:aix-shared::-q64 -G:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 64",
#
# Cray T90 and similar (SDSC)
@@ -470,7 +507,7 @@
"SINIX-N","/usr/ucb/cc:-O2 -misaligned::(unknown)::-lucb:RC4_INDEX RC4_CHAR:::",
# SIEMENS BS2000/OSD: an EBCDIC-based mainframe
-"BS2000-OSD","c89:-O -XLLML -XLLMK -XL -DB_ENDIAN -DTERMIOS -DCHARSET_EBCDIC::(unknown)::-lsocket -lnsl:THIRTY_TWO_BIT DES_PTR DES_UNROLL MD2_CHAR RC4_INDEX RC4_CHAR BF_PTR:::",
+"BS2000-OSD","c89:-O -XLLML -XLLMK -XL -DB_ENDIAN -DCHARSET_EBCDIC::(unknown)::-lsocket -lnsl:THIRTY_TWO_BIT DES_PTR DES_UNROLL MD2_CHAR RC4_INDEX RC4_CHAR BF_PTR:::",
# OS/390 Unix an EBCDIC-based Unix system on IBM mainframe
# You need to compile using the c89.sh wrapper in the tools directory, because the
@@ -478,20 +515,33 @@
#
"OS390-Unix","c89.sh:-O -DB_ENDIAN -DCHARSET_EBCDIC -DNO_SYS_PARAM_H -D_ALL_SOURCE::(unknown):::THIRTY_TWO_BIT DES_PTR DES_UNROLL MD2_CHAR RC4_INDEX RC4_CHAR BF_PTR:::",
+# Visual C targets
+#
# Win64 targets, WIN64I denotes IA-64 and WIN64A - AMD64
-"VC-WIN64I","cl::::WIN64I::SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:${no_asm}:win32",
-"VC-WIN64A","cl::::WIN64A::SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:${no_asm}:win32",
-
-# Visual C targets
-"VC-NT","cl::::WINNT::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${no_asm}:win32",
+"VC-WIN64I","cl:-W3 -Gs0 -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DUNICODE -D_UNICODE -D_CRT_SECURE_NO_DEPRECATE:::WIN64I::SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:ia64cpuid.o:ia64.o ia64-mont.o::aes_core.o aes_cbc.o aes-ia64.o::md5-ia64.o:sha1-ia64.o sha256-ia64.o sha512-ia64.o:::::::ghash-ia64.o::ias:win32",
+"VC-WIN64A","cl:-W3 -Gs0 -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DUNICODE -D_UNICODE -D_CRT_SECURE_NO_DEPRECATE:::WIN64A::SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:".eval{my $asm=$x86_64_asm;$asm=~s/x86_64-gcc\.o/bn_asm.o/;$asm}.":auto:win32",
+"debug-VC-WIN64I","cl:-W3 -Gs0 -Gy -Zi -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DUNICODE -D_UNICODE -D_CRT_SECURE_NO_DEPRECATE:::WIN64I::SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:ia64cpuid.o:ia64.o::aes_core.o aes_cbc.o aes-ia64.o::md5-ia64.o:sha1-ia64.o sha256-ia64.o sha512-ia64.o:::::::ghash-ia64.o::ias:win32",
+"debug-VC-WIN64A","cl:-W3 -Gs0 -Gy -Zi -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DUNICODE -D_UNICODE -D_CRT_SECURE_NO_DEPRECATE:::WIN64A::SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:".eval{my $asm=$x86_64_asm;$asm=~s/x86_64-gcc\.o/bn_asm.o/;$asm}.":auto:win32",
+# x86 Win32 target defaults to ANSI API, if you want UNICODE, complement
+# 'perl Configure VC-WIN32' with '-DUNICODE -D_UNICODE'
+"VC-WIN32","cl:-W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE:::WIN32::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${x86_asm}:win32n:win32",
+# Unified CE target
+"debug-VC-WIN32","cl:-W3 -Gs0 -GF -Gy -Zi -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE:::WIN32::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${x86_asm}:win32n:win32",
"VC-CE","cl::::WINCE::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${no_asm}:win32",
-"VC-WIN32","cl::::WIN32::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${no_asm}:win32",
# Borland C++ 4.5
"BC-32","bcc32::::WIN32::BN_LLONG DES_PTR RC4_INDEX EXPORT_VAR_AS_FN:${no_asm}:win32",
# MinGW
-"mingw", "gcc:-mno-cygwin -DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -Wall -D_WIN32_WINNT=0x333:::MINGW32:-lwsock32 -lgdi32:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts} EXPORT_VAR_AS_FN:${x86_coff_asm}:win32:cygwin-shared:-D_WINDLL -DOPENSSL_USE_APPLINK:-mno-cygwin -shared:.dll.a",
+"mingw", "gcc:-mno-cygwin -DL_ENDIAN -DWIN32_LEAN_AND_MEAN -fomit-frame-pointer -O3 -march=i486 -Wall::-D_MT:MINGW32:-lws2_32 -lgdi32 -lcrypt32:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts} EXPORT_VAR_AS_FN:${x86_asm}:coff:win32:cygwin-shared:-D_WINDLL -DOPENSSL_USE_APPLINK:-mno-cygwin:.dll.a",
+# As for OPENSSL_USE_APPLINK. Applink makes it possible to use .dll
+# compiled with one compiler with application compiled with another
+# compiler. It's possible to engage Applink support in mingw64 build,
+# but it's not done, because till mingw64 supports structured exception
+# handling, one can't seriously consider its binaries for using with
+# non-mingw64 run-time environment. And as mingw64 is always consistent
+# with itself, Applink is never engaged and can as well be omitted.
+"mingw64", "gcc:-mno-cygwin -DL_ENDIAN -O3 -Wall -DWIN32_LEAN_AND_MEAN -DUNICODE -D_UNICODE::-D_MT:MINGW64:-lws2_32 -lgdi32 -lcrypt32:SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:${x86_64_asm}:mingw64:win32:cygwin-shared:-D_WINDLL:-mno-cygwin:.dll.a",
# UWIN
"UWIN", "cc:-DTERMIOS -DL_ENDIAN -O -Wall:::UWIN::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:win32",
@@ -498,8 +548,8 @@
# Cygwin
"Cygwin-pre1.3", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown):CYGWIN32::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:win32",
-"Cygwin", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -Wall:::CYGWIN32::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_coff_asm}:dlfcn:cygwin-shared:-D_WINDLL:-shared:.dll.a",
-"debug-Cygwin", "gcc:-DTERMIOS -DL_ENDIAN -march=i486 -Wall -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -g -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror:::CYGWIN32:::${no_asm}:dlfcn:cygwin-shared:-D_WINDLL:-shared:.dll.a",
+"Cygwin", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -Wall:::CYGWIN32::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:coff:dlfcn:cygwin-shared:-D_WINDLL:-shared:.dll.a",
+"debug-Cygwin", "gcc:-DTERMIOS -DL_ENDIAN -march=i486 -Wall -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -g -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror:::CYGWIN32:::${no_asm}:dlfcn:cygwin-shared:-D_WINDLL:-shared:.dll.a",
# NetWare from David Ward (dsward at novell.com)
# requires either MetroWerks NLM development tools, or gcc / nlmconv
@@ -517,7 +567,7 @@
"netware-libc-bsdsock-gcc", "i586-netware-gcc:-nostdinc -I/ndk/libc/include -DNETWARE_BSDSOCK -DL_ENDIAN -DNETWARE_LIBC -DOPENSSL_SYSNAME_NETWARE -DTERMIO -O2 -Wall:::::BN_LLONG ${x86_gcc_opts}::",
# DJGPP
-"DJGPP", "gcc:-I/dev/env/WATT_ROOT/inc -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O2 -Wall:::MSDOS:-L/dev/env/WATT_ROOT/lib -lwatt:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:",
+"DJGPP", "gcc:-I/dev/env/WATT_ROOT/inc -DTERMIO -DL_ENDIAN -fomit-frame-pointer -O2 -Wall:::MSDOS:-L/dev/env/WATT_ROOT/lib -lwatt:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out:",
# Ultrix from Bernhard Simon <simon at zid.tuwien.ac.at>
"ultrix-cc","cc:-std1 -O -Olimit 2500 -DL_ENDIAN::(unknown):::::::",
@@ -527,12 +577,14 @@
##### MacOS X (a.k.a. Rhapsody or Darwin) setup
"rhapsody-ppc-cc","cc:-O3 -DB_ENDIAN::(unknown):MACOSX_RHAPSODY::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}::",
-"darwin-ppc-cc","cc:-arch ppc -O3 -DB_ENDIAN::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::osx_ppc32.o::::::::::dlfcn:darwin-shared:-fPIC -fno-common:-arch ppc -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
-"darwin64-ppc-cc","cc:-arch ppc64 -O3 -DB_ENDIAN::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::osx_ppc64.o::::::::::dlfcn:darwin-shared:-fPIC -fno-common:-arch ppc64 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
-"darwin-i386-cc","cc:-arch i386 -O3 -fomit-frame-pointer -DL_ENDIAN::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}:dlfcn:darwin-shared:-fPIC -fno-common:-arch i386 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
-"debug-darwin-i386-cc","cc:-arch i386 -g3 -DL_ENDIAN::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}:dlfcn:darwin-shared:-fPIC -fno-common:-arch i386 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
-"darwin64-x86_64-cc","cc:-arch x86_64 -O3 -fomit-frame-pointer -DL_ENDIAN -DMD32_REG_T=int -Wall::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${no_asm}:dlfcn:darwin-shared:-fPIC -fno-common:-arch x86_64 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
-"debug-darwin-ppc-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DB_ENDIAN -g -Wall -O::-D_REENTRANT:MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::osx_ppc32.o::::::::::dlfcn:darwin-shared:-fPIC -fno-common:-dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
+"darwin-ppc-cc","cc:-arch ppc -O3 -DB_ENDIAN -Wa,-force_cpusubtype_ALL::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${ppc32_asm}:osx32:dlfcn:darwin-shared:-fPIC -fno-common:-arch ppc -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
+"darwin64-ppc-cc","cc:-arch ppc64 -O3 -DB_ENDIAN::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${ppc64_asm}:osx64:dlfcn:darwin-shared:-fPIC -fno-common:-arch ppc64 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
+"darwin-i386-cc","cc:-arch i386 -O3 -fomit-frame-pointer -DL_ENDIAN::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:BN_LLONG RC4_INT RC4_CHUNK DES_UNROLL BF_PTR:".eval{my $asm=$x86_asm;$asm=~s/cast\-586\.o//;$asm}.":macosx:dlfcn:darwin-shared:-fPIC -fno-common:-arch i386 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
+"debug-darwin-i386-cc","cc:-arch i386 -g3 -DL_ENDIAN::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:BN_LLONG RC4_INT RC4_CHUNK DES_UNROLL BF_PTR:${x86_asm}:macosx:dlfcn:darwin-shared:-fPIC -fno-common:-arch i386 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
+"darwin64-x86_64-cc","cc:-arch x86_64 -O3 -DL_ENDIAN -Wall::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:".eval{my $asm=$x86_64_asm;$asm=~s/rc4\-[^:]+//;$asm}.":macosx:dlfcn:darwin-shared:-fPIC -fno-common:-arch x86_64 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
+"debug-darwin-ppc-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DB_ENDIAN -g -Wall -O::-D_REENTRANT:MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${ppc32_asm}:osx32:dlfcn:darwin-shared:-fPIC:-dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
+# iPhoneOS/iOS
+"iphoneos-cross","llvm-gcc:-O3 -isysroot \$(CROSS_TOP)/SDKs/\$(CROSS_SDK) -fomit-frame-pointer -fno-common::-D_REENTRANT:iOS:-Wl,-search_paths_first%:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}:dlfcn:darwin-shared:-fPIC -fno-common:-dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
##### A/UX
"aux3-gcc","gcc:-O2 -DTERMIO::(unknown):AUX:-lbsd:RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::",
@@ -541,26 +593,34 @@
"newsos4-gcc","gcc:-O -DB_ENDIAN::(unknown):NEWS4:-lmld -liberty:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::",
##### GNU Hurd
-"hurd-x86", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -march=i486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC",
+"hurd-x86", "gcc:-DL_ENDIAN -O3 -fomit-frame-pointer -march=i486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC",
##### OS/2 EMX
"OS2-EMX", "gcc::::::::",
##### VxWorks for various targets
+"vxworks-ppc60x","ccppc:-D_REENTRANT -mrtp -mhard-float -mstrict-align -fno-implicit-fp -DPPC32_fp60x -O2 -fstrength-reduce -fno-builtin -fno-strict-aliasing -Wall -DCPU=PPC32 -DTOOL_FAMILY=gnu -DTOOL=gnu -I\$(WIND_BASE)/target/usr/h -I\$(WIND_BASE)/target/usr/h/wrn/coreip:::VXWORKS:-Wl,--defsym,__wrs_rtp_base=0xe0000000 -L \$(WIND_BASE)/target/usr/lib/ppc/PPC32/common:::::",
+"vxworks-ppcgen","ccppc:-D_REENTRANT -mrtp -msoft-float -mstrict-align -O1 -fno-builtin -fno-strict-aliasing -Wall -DCPU=PPC32 -DTOOL_FAMILY=gnu -DTOOL=gnu -I\$(WIND_BASE)/target/usr/h -I\$(WIND_BASE)/target/usr/h/wrn/coreip:::VXWORKS:-Wl,--defsym,__wrs_rtp_base=0xe0000000 -L \$(WIND_BASE)/target/usr/lib/ppc/PPC32/sfcommon:::::",
"vxworks-ppc405","ccppc:-g -msoft-float -mlongcall -DCPU=PPC405 -I\$(WIND_BASE)/target/h:::VXWORKS:-r:::::",
"vxworks-ppc750","ccppc:-ansi -nostdinc -DPPC750 -D_REENTRANT -fvolatile -fno-builtin -fno-for-scope -fsigned-char -Wall -msoft-float -mlongcall -DCPU=PPC604 -I\$(WIND_BASE)/target/h \$(DEBUG_FLAG):::VXWORKS:-r:::::",
-"vxworks-ppc750-debug","ccppc:-ansi -nostdinc -DPPC750 -D_REENTRANT -fvolatile -fno-builtin -fno-for-scope -fsigned-char -Wall -msoft-float -mlongcall -DCPU=PPC604 -I\$(WIND_BASE)/target/h -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DDEBUG -g:::VXWORKS:-r:::::",
+"vxworks-ppc750-debug","ccppc:-ansi -nostdinc -DPPC750 -D_REENTRANT -fvolatile -fno-builtin -fno-for-scope -fsigned-char -Wall -msoft-float -mlongcall -DCPU=PPC604 -I\$(WIND_BASE)/target/h -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DDEBUG -g:::VXWORKS:-r:::::",
"vxworks-ppc860","ccppc:-nostdinc -msoft-float -DCPU=PPC860 -DNO_STRINGS_H -I\$(WIND_BASE)/target/h:::VXWORKS:-r:::::",
-"vxworks-mipsle","ccmips:-B\$(WIND_BASE)/host/\$(WIND_HOST_TYPE)/lib/gcc-lib/ -DL_ENDIAN -EL -Wl,-EL -mips2 -mno-branch-likely -G 0 -fno-builtin -msoft-float -DCPU=MIPS32 -DMIPSEL -DNO_STRINGS_H -I\$(WIND_BASE)/target/h:::VXWORKS:-r::${no_asm}::::::ranlibmips:",
+"vxworks-simlinux","ccpentium:-B\$(WIND_BASE)/host/\$(WIND_HOST_TYPE)/lib/gcc-lib/ -D_VSB_CONFIG_FILE=\"\$(WIND_BASE)/target/lib/h/config/vsbConfig.h\" -DL_ENDIAN -DCPU=SIMLINUX -DTOOL_FAMILY=gnu -DTOOL=gnu -fno-builtin -fno-defer-pop -DNO_STRINGS_H -I\$(WIND_BASE)/target/h -I\$(WIND_BASE)/target/h/wrn/coreip -DOPENSSL_NO_HW_PADLOCK:::VXWORKS:-r::${no_asm}::::::ranlibpentium:",
+"vxworks-mips","ccmips:-mrtp -mips2 -O -G 0 -B\$(WIND_BASE)/host/\$(WIND_HOST_TYPE)/lib/gcc-lib/ -D_VSB_CONFIG_FILE=\"\$(WIND_BASE)/target/lib/h/config/vsbConfig.h\" -DCPU=MIPS32 -msoft-float -mno-branch-likely -DTOOL_FAMILY=gnu -DTOOL=gnu -fno-builtin -fno-defer-pop -DNO_STRINGS_H -I\$(WIND_BASE)/target/usr/h -I\$(WIND_BASE)/target/h/wrn/coreip::-D_REENTRANT:VXWORKS:-Wl,--defsym,__wrs_rtp_base=0xe0000000 -L \$(WIND_BASE)/target/usr/lib/mips/MIPSI32/sfcommon::${mips32_asm}:o32::::::ranlibmips:",
##### Compaq Non-Stop Kernel (Tandem)
"tandem-c89","c89:-Ww -D__TANDEM -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1 -D_TANDEM_SOURCE -DB_ENDIAN::(unknown):::THIRTY_TWO_BIT:::",
+# uClinux
+"uClinux-dist","$ENV{'CC'}:\$(CFLAGS)::-D_REENTRANT::\$(LDFLAGS) \$(LDLIBS):BN_LLONG:${no_asm}:$ENV{'LIBSSL_dlfcn'}:linux-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):$ENV{'RANLIB'}::",
+"uClinux-dist64","$ENV{'CC'}:\$(CFLAGS)::-D_REENTRANT::\$(LDFLAGS) \$(LDLIBS):SIXTY_FOUR_BIT_LONG:${no_asm}:$ENV{'LIBSSL_dlfcn'}:linux-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):$ENV{'RANLIB'}::",
+
);
my @MK1MF_Builds=qw(VC-WIN64I VC-WIN64A
- VC-NT VC-CE VC-WIN32
- BC-32 OS2-EMX
+ debug-VC-WIN64I debug-VC-WIN64A
+ VC-NT VC-CE VC-WIN32 debug-VC-WIN32
+ BC-32
netware-clib netware-clib-bsdsock
netware-libc netware-libc-bsdsock);
@@ -583,6 +643,11 @@
my $idx_rc4_obj = $idx++;
my $idx_rmd160_obj = $idx++;
my $idx_rc5_obj = $idx++;
+my $idx_wp_obj = $idx++;
+my $idx_cmll_obj = $idx++;
+my $idx_modes_obj = $idx++;
+my $idx_engines_obj = $idx++;
+my $idx_perlasm_scheme = $idx++;
my $idx_dso_scheme = $idx++;
my $idx_shared_target = $idx++;
my $idx_shared_cflag = $idx++;
@@ -590,6 +655,7 @@
my $idx_shared_extension = $idx++;
my $idx_ranlib = $idx++;
my $idx_arflags = $idx++;
+my $idx_multilib = $idx++;
my $prefix="";
my $libdir="";
@@ -597,10 +663,8 @@
my $exe_ext="";
my $install_prefix= "$ENV{'INSTALL_PREFIX'}";
my $cross_compile_prefix="";
-my $fipslibdir="/usr/local/ssl/fips-1.0/lib/";
-my $nofipscanistercheck=0;
-my $fipsdso=0;
-my $fipscanisterinternal="n";
+my $fipsdir="/usr/local/ssl/fips-2.0";
+my $fipslibdir="";
my $baseaddr="0xFB00000";
my $no_threads=0;
my $threads=0;
@@ -608,7 +672,6 @@
my $zlib=1; # but "no-zlib" is default
my $no_krb5=0; # but "no-krb5" is implied unless "--with-krb5-..." is used
my $no_rfc3779=1; # but "no-rfc3779" is default
-my $montasm=1; # but "no-montasm" is default
my $no_asm=0;
my $no_dso=0;
my $no_gmp=0;
@@ -625,7 +688,6 @@
my $bf ="crypto/bf/bf_locl.h";
my $bn_asm ="bn_asm.o";
my $des_enc="des_enc.o fcrypt_b.o";
-my $fips_des_enc="fips_des_enc.o";
my $aes_enc="aes_core.o aes_cbc.o";
my $bf_enc ="bf_enc.o";
my $cast_enc="c_enc.o";
@@ -634,36 +696,40 @@
my $md5_obj="";
my $sha1_obj="";
my $rmd160_obj="";
+my $cmll_enc="camellia.o cmll_misc.o cmll_cbc.o";
my $processor="";
my $default_ranlib;
my $perl;
my $fips=0;
+if (exists $ENV{FIPSDIR})
+ {
+ $fipsdir = $ENV{FIPSDIR};
+ $fipsdir =~ s/\/$//;
+ }
# All of the following is disabled by default (RC5 was enabled before 0.9.8):
my %disabled = ( # "what" => "comment" [or special keyword "experimental"]
- "camellia" => "default",
- "capieng" => "default",
- "cms" => "default",
- "gmp" => "default",
- "jpake" => "experimental",
- "mdc2" => "default",
- "montasm" => "default", # explicit option in 0.9.8 only (implicitly enabled in 0.9.9)
- "rc5" => "default",
- "rfc3779" => "default",
- "seed" => "default",
- "shared" => "default",
- "zlib" => "default",
- "zlib-dynamic" => "default"
- );
+ "ec_nistp_64_gcc_128" => "default",
+ "gmp" => "default",
+ "jpake" => "experimental",
+ "md2" => "default",
+ "rc5" => "default",
+ "rfc3779" => "default",
+ "sctp" => "default",
+ "shared" => "default",
+ "store" => "experimental",
+ "unit-test" => "default",
+ "zlib" => "default",
+ "zlib-dynamic" => "default"
+ );
my @experimental = ();
# This is what $depflags will look like with the above defaults
# (we need this to see if we should advise the user to run "make depend"):
-my $default_depflags = " -DOPENSSL_NO_CAMELLIA -DOPENSSL_NO_CAPIENG -DOPENSSL_NO_CMS -DOPENSSL_NO_GMP -DOPENSSL_NO_JPAKE -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SEED";
+my $default_depflags = " -DOPENSSL_NO_EC_NISTP_64_GCC_128 -DOPENSSL_NO_GMP -DOPENSSL_NO_JPAKE -DOPENSSL_NO_MD2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SCTP -DOPENSSL_NO_STORE -DOPENSSL_NO_UNIT_TEST";
-
# Explicit "no-..." options will be collected in %disabled along with the defaults.
# To remove something from %disabled, use "enable-foo" (unless it's experimental).
# For symmetry, "disable-foo" is a synonym for "no-foo".
@@ -720,6 +786,7 @@
# rewrite some options in "enable-..." form
s /^-?-?shared$/enable-shared/;
+ s /^sctp$/enable-sctp/;
s /^threads$/enable-threads/;
s /^zlib$/enable-zlib/;
s /^zlib-dynamic$/enable-zlib-dynamic/;
@@ -737,12 +804,17 @@
{
$disabled{"tls1"} = "option(tls)"
}
+ elsif ($1 eq "ssl3-method")
+ {
+ $disabled{"ssl3-method"} = "option(ssl)";
+ $disabled{"ssl3"} = "option(ssl)";
+ }
else
{
$disabled{$1} = "option";
}
- }
- }
+ }
+ }
elsif (/^enable-(.+)$/ || /^experimental-(.+)$/)
{
my $algo = $1;
@@ -792,7 +864,7 @@
elsif (/^fips$/)
{
$fips=1;
- }
+ }
elsif (/^rsaref$/)
{
# No RSAref support any more since it's not needed.
@@ -799,34 +871,15 @@
# The check for the option is there so scripts aren't
# broken
}
- elsif (/^nofipscanistercheck$/)
- {
- $fips = 1;
- $nofipscanistercheck = 1;
- }
- elsif (/^fipscanisterbuild$/)
- {
- $fips = 1;
- $nofipscanistercheck = 1;
- $fipslibdir="";
- $fipscanisterinternal="y";
- }
- elsif (/^fipsdso$/)
- {
- $fips = 1;
- $nofipscanistercheck = 1;
- $fipslibdir="";
- $fipscanisterinternal="y";
- $fipsdso = 1;
- }
elsif (/^[-+]/)
{
- if (/^-[lL](.*)$/)
+ if (/^-[lL](.*)$/ or /^-Wl,/)
{
$libs.=$_." ";
}
elsif (/^-[^-]/ or /^\+/)
{
+ $_ =~ s/%([0-9a-f]{1,2})/chr(hex($1))/gei;
$flags.=$_." ";
}
elsif (/^--prefix=(.*)$/)
@@ -857,14 +910,22 @@
{
$withargs{"zlib-include"}="-I$1";
}
+ elsif (/^--with-fipsdir=(.*)$/)
+ {
+ $fipsdir="$1";
+ }
elsif (/^--with-fipslibdir=(.*)$/)
{
- $fipslibdir="$1/";
+ $fipslibdir="$1";
}
elsif (/^--with-baseaddr=(.*)$/)
{
$baseaddr="$1";
}
+ elsif (/^--cross-compile-prefix=(.*)$/)
+ {
+ $cross_compile_prefix=$1;
+ }
else
{
print STDERR $usage;
@@ -935,6 +996,17 @@
$disabled{"ssl2"} = "forced";
}
+if ($fips && $fipslibdir eq "")
+ {
+ $fipslibdir = $fipsdir . "/lib/";
+ }
+
+# RSAX ENGINE sets default non-FIPS RSA method.
+if ($fips)
+ {
+ $disabled{"rsax"} = "forced";
+ }
+
# SSL 3.0 and TLS requires MD5 and SHA and either RSA or DSA+DH
if (defined($disabled{"md5"}) || defined($disabled{"sha"})
|| (defined($disabled{"rsa"})
@@ -949,6 +1021,19 @@
$disabled{"tlsext"} = "forced";
}
+if (defined($disabled{"ec"}) || defined($disabled{"dsa"})
+ || defined($disabled{"dh"}))
+ {
+ $disabled{"gost"} = "forced";
+ }
+
+# SRP and HEARTBEATS require TLSEXT
+if (defined($disabled{"tlsext"}))
+ {
+ $disabled{"srp"} = "forced";
+ $disabled{"heartbeats"} = "forced";
+ }
+
if ($target eq "TABLE") {
foreach $target (sort keys %table) {
print_table_entry($target);
@@ -972,56 +1057,7 @@
&usage if (!defined($table{$target}));
-my @fields = split(/\s*:\s*/,$table{$target} . ":" x 30 , -1);
-my $cc = $fields[$idx_cc];
-# Allow environment CC to override compiler...
-if($ENV{CC}) {
- $cc = $ENV{CC};
-}
-my $cflags = $fields[$idx_cflags];
-my $unistd = $fields[$idx_unistd];
-my $thread_cflag = $fields[$idx_thread_cflag];
-my $sys_id = $fields[$idx_sys_id];
-my $lflags = $fields[$idx_lflags];
-my $bn_ops = $fields[$idx_bn_ops];
-my $cpuid_obj = $fields[$idx_cpuid_obj];
-my $bn_obj = $fields[$idx_bn_obj];
-my $des_obj = $fields[$idx_des_obj];
-my $aes_obj = $fields[$idx_aes_obj];
-my $bf_obj = $fields[$idx_bf_obj];
-my $md5_obj = $fields[$idx_md5_obj];
-my $sha1_obj = $fields[$idx_sha1_obj];
-my $cast_obj = $fields[$idx_cast_obj];
-my $rc4_obj = $fields[$idx_rc4_obj];
-my $rmd160_obj = $fields[$idx_rmd160_obj];
-my $rc5_obj = $fields[$idx_rc5_obj];
-my $dso_scheme = $fields[$idx_dso_scheme];
-my $shared_target = $fields[$idx_shared_target];
-my $shared_cflag = $fields[$idx_shared_cflag];
-my $shared_ldflag = $fields[$idx_shared_ldflag];
-my $shared_extension = $fields[$idx_shared_extension];
-my $ranlib = $ENV{'RANLIB'} || $fields[$idx_ranlib];
-my $ar = $ENV{'AR'} || "ar";
-my $arflags = $fields[$idx_arflags];
-if ($fips)
- {
- delete $disabled{"shared"} if ($disabled{"shared"} eq "default");
- $disabled{"asm"}="forced"
- if ($target !~ "VC\-.*" &&
- "$cpuid_obj:$bn_obj:$aes_obj:$des_obj:$sha1_obj" eq "::::");
- }
-
-foreach (sort @experimental)
- {
- my $ALGO;
- ($ALGO = $_) =~ tr/[a-z]/[A-Z]/;
-
- # opensslconf.h will set OPENSSL_NO_... unless OPENSSL_EXPERIMENTAL_... is defined
- $openssl_experimental_defines .= "#define OPENSSL_NO_$ALGO\n";
- $cflags .= " -DOPENSSL_EXPERIMENTAL_$ALGO";
- }
-
foreach (sort (keys %disabled))
{
$options .= " no-$_";
@@ -1036,8 +1072,6 @@
{ $no_shared = 1; }
elsif (/^zlib$/)
{ $zlib = 0; }
- elsif (/^montasm$/)
- { $montasm = 0; }
elsif (/^static-engine$/)
{ }
elsif (/^zlib-dynamic$/)
@@ -1049,7 +1083,7 @@
else
{
my ($ALGO, $algo);
- ($ALGO = $algo = $_) =~ tr/[a-z]/[A-Z]/;
+ ($ALGO = $algo = $_) =~ tr/[\-a-z]/[_A-Z]/;
if (/^asm$/ || /^err$/ || /^hw$/ || /^hw-/)
{
@@ -1069,6 +1103,8 @@
else
{
push @skip, $algo;
+ # fix-up crypto/directory name(s)
+ @skip[$#skip]="whrlpool" if $algo eq "whirlpool";
print " (skip dir)";
$depflags .= " -DOPENSSL_NO_$ALGO";
@@ -1079,30 +1115,25 @@
print "\n";
}
-my $IsMK1MF=scalar grep /^$target$/, at MK1MF_Builds;
+my $exp_cflags = "";
+foreach (sort @experimental)
+ {
+ my $ALGO;
+ ($ALGO = $_) =~ tr/[a-z]/[A-Z]/;
-$IsMK1MF=1 if ($target eq "mingw" && $^O ne "cygwin" && !is_msys());
+ # opensslconf.h will set OPENSSL_NO_... unless OPENSSL_EXPERIMENTAL_... is defined
+ $openssl_experimental_defines .= "#define OPENSSL_NO_$ALGO\n";
+ $exp_cflags .= " -DOPENSSL_EXPERIMENTAL_$ALGO";
+ }
-$no_shared = 0 if ($fipsdso && !$IsMK1MF);
+my $IsMK1MF=scalar grep /^$target$/, at MK1MF_Builds;
-$exe_ext=".exe" if ($target eq "Cygwin" || $target eq "DJGPP" || $target eq "mingw");
+$exe_ext=".exe" if ($target eq "Cygwin" || $target eq "DJGPP" || $target =~ /^mingw/);
$exe_ext=".nlm" if ($target =~ /netware/);
$exe_ext=".pm" if ($target =~ /vos/);
-if ($openssldir eq "" and $prefix eq "")
- {
- if ($fips)
- {
- $openssldir="/usr/local/ssl/fips";
- }
- else
- {
- $openssldir="/usr/local/ssl";
- }
- }
+$openssldir="/usr/local/ssl" if ($openssldir eq "" and $prefix eq "");
$prefix=$openssldir if $prefix eq "";
-$libdir="lib" if $libdir eq "";
-
$default_ranlib= &which("ranlib") or $default_ranlib="true";
$perl=$ENV{'PERL'} or $perl=&which("perl5") or $perl=&which("perl")
or $perl="perl";
@@ -1119,11 +1150,65 @@
print "IsMK1MF=$IsMK1MF\n";
+my @fields = split(/\s*:\s*/,$table{$target} . ":" x 30 , -1);
+my $cc = $fields[$idx_cc];
+# Allow environment CC to override compiler...
+if($ENV{CC}) {
+ $cc = $ENV{CC};
+}
+my $cflags = $fields[$idx_cflags];
+my $unistd = $fields[$idx_unistd];
+my $thread_cflag = $fields[$idx_thread_cflag];
+my $sys_id = $fields[$idx_sys_id];
+my $lflags = $fields[$idx_lflags];
+my $bn_ops = $fields[$idx_bn_ops];
+my $cpuid_obj = $fields[$idx_cpuid_obj];
+my $bn_obj = $fields[$idx_bn_obj];
+my $des_obj = $fields[$idx_des_obj];
+my $aes_obj = $fields[$idx_aes_obj];
+my $bf_obj = $fields[$idx_bf_obj];
+my $md5_obj = $fields[$idx_md5_obj];
+my $sha1_obj = $fields[$idx_sha1_obj];
+my $cast_obj = $fields[$idx_cast_obj];
+my $rc4_obj = $fields[$idx_rc4_obj];
+my $rmd160_obj = $fields[$idx_rmd160_obj];
+my $rc5_obj = $fields[$idx_rc5_obj];
+my $wp_obj = $fields[$idx_wp_obj];
+my $cmll_obj = $fields[$idx_cmll_obj];
+my $modes_obj = $fields[$idx_modes_obj];
+my $engines_obj = $fields[$idx_engines_obj];
+my $perlasm_scheme = $fields[$idx_perlasm_scheme];
+my $dso_scheme = $fields[$idx_dso_scheme];
+my $shared_target = $fields[$idx_shared_target];
+my $shared_cflag = $fields[$idx_shared_cflag];
+my $shared_ldflag = $fields[$idx_shared_ldflag];
+my $shared_extension = $fields[$idx_shared_extension];
+my $ranlib = $ENV{'RANLIB'} || $fields[$idx_ranlib];
+my $ar = $ENV{'AR'} || "ar";
+my $arflags = $fields[$idx_arflags];
+my $multilib = $fields[$idx_multilib];
+
+# if $prefix/lib$multilib is not an existing directory, then
+# assume that it's not searched by linker automatically, in
+# which case adding $multilib suffix causes more grief than
+# we're ready to tolerate, so don't...
+$multilib="" if !-d "$prefix/lib$multilib";
+
+$libdir="lib$multilib" if $libdir eq "";
+
+$cflags = "$cflags$exp_cflags";
+
# '%' in $lflags is used to split flags to "pre-" and post-flags
my ($prelflags,$postlflags)=split('%',$lflags);
-if (defined($postlflags)) { $lflags=$postlflags; }
-else { $lflags=$prelflags; undef $prelflags; }
+if (defined($postlflags)) { $lflags=$postlflags; }
+else { $lflags=$prelflags; undef $prelflags; }
+if ($target =~ /^mingw/ && `$cc --target-help 2>&1` !~ m/\-mno\-cygwin/m)
+ {
+ $cflags =~ s/\-mno\-cygwin\s*//;
+ $shared_ldflag =~ s/\-mno\-cygwin\s*//;
+ }
+
my $no_shared_warn=0;
my $no_user_cflags=0;
@@ -1250,19 +1335,10 @@
if ($no_asm)
{
- $cpuid_obj=$bn_obj=$des_obj=$aes_obj=$bf_obj=$cast_obj=$rc4_obj=$rc5_obj="";
- $sha1_obj=$md5_obj=$rmd160_obj="";
- $cflags=~s/\-D[BL]_ENDIAN// if ($fips);
- $thread_cflags=~s/\-D[BL]_ENDIAN// if ($fips);
+ $cpuid_obj=$bn_obj=
+ $des_obj=$aes_obj=$bf_obj=$cast_obj=$rc4_obj=$rc5_obj=$cmll_obj=
+ $modes_obj=$sha1_obj=$md5_obj=$rmd160_obj=$wp_obj=$engines_obj="";
}
-if ($montasm)
- {
- $bn_obj =~ s/MAYBE-MO86-/mo86-/;
- }
-else
- {
- $bn_obj =~ s/MAYBE-MO86-[a-z.]*//;
- }
if (!$no_shared)
{
@@ -1280,7 +1356,14 @@
$cflags = "-DZLIB $cflags";
if (defined($disabled{"zlib-dynamic"}))
{
- $lflags = "$lflags -lz";
+ if (defined($withargs{"zlib-lib"}))
+ {
+ $lflags = "$lflags -L" . $withargs{"zlib-lib"} . " -lz";
+ }
+ else
+ {
+ $lflags = "$lflags -lz";
+ }
}
else
{
@@ -1292,7 +1375,7 @@
my $shared_mark = "";
if ($shared_target eq "")
{
- $no_shared_warn = 1 if !$no_shared && !$fips;
+ $no_shared_warn = 1 if !$no_shared;
$no_shared = 1;
}
if (!$no_shared)
@@ -1305,17 +1388,20 @@
if (!$IsMK1MF)
{
+ # add {no-}static-engine to options to allow mkdef.pl to work without extra arguments
if ($no_shared)
{
$openssl_other_defines.="#define OPENSSL_NO_DYNAMIC_ENGINE\n";
+ $options.=" static-engine";
}
else
{
$openssl_other_defines.="#define OPENSSL_NO_STATIC_ENGINE\n";
+ $options.=" no-static-engine";
}
}
-$cpuid_obj.=" uplink.o uplink-cof.o" if ($cflags =~ /\-DOPENSSL_USE_APPLINK/);
+$cpuid_obj.=" uplink.o uplink-x86.o" if ($cflags =~ /\-DOPENSSL_USE_APPLINK/);
#
# Platform fix-ups
@@ -1378,17 +1464,21 @@
$cpuid_obj="" if ($processor eq "386");
$bn_obj = $bn_asm unless $bn_obj ne "";
-# bn86* is the only one implementing bn_*_part_words
-$cflags.=" -DOPENSSL_BN_ASM_PART_WORDS" if ($bn_obj =~ /bn86/);
-$cflags.=" -DOPENSSL_IA32_SSE2" if (!$no_sse2 && $bn_obj =~ /bn86/);
+# bn-586 is the only one implementing bn_*_part_words
+$cflags.=" -DOPENSSL_BN_ASM_PART_WORDS" if ($bn_obj =~ /bn-586/);
+$cflags.=" -DOPENSSL_IA32_SSE2" if (!$no_sse2 && $bn_obj =~ /86/);
-$cflags.=" -DOPENSSL_BN_ASM_MONT" if ($bn_obj =~ /\-mont|mo86\-/);
+$cflags.=" -DOPENSSL_BN_ASM_MONT" if ($bn_obj =~ /-mont/);
+$cflags.=" -DOPENSSL_BN_ASM_MONT5" if ($bn_obj =~ /-mont5/);
+$cflags.=" -DOPENSSL_BN_ASM_GF2m" if ($bn_obj =~ /-gf2m/);
if ($fips)
{
$openssl_other_defines.="#define OPENSSL_FIPS\n";
+ $cflags .= " -I\$(FIPSDIR)/include";
}
+$cpuid_obj="mem_clr.o" unless ($cpuid_obj =~ /\.o$/);
$des_obj=$des_enc unless ($des_obj =~ /\.o$/);
$bf_obj=$bf_enc unless ($bf_obj =~ /\.o$/);
$cast_obj=$cast_enc unless ($cast_obj =~ /\.o$/);
@@ -1420,10 +1510,31 @@
if ($aes_obj =~ /\.o$/)
{
$cflags.=" -DAES_ASM";
+ # aes-ctr.o is not a real file, only indication that assembler
+ # module implements AES_ctr32_encrypt...
+ $cflags.=" -DAES_CTR_ASM" if ($aes_obj =~ s/\s*aes\-ctr\.o//);
+ # aes-xts.o indicates presense of AES_xts_[en|de]crypt...
+ $cflags.=" -DAES_XTS_ASM" if ($aes_obj =~ s/\s*aes\-xts\.o//);
+ $aes_obj =~ s/\s*(vpaes|aesni)\-x86\.o//g if ($no_sse2);
+ $cflags.=" -DVPAES_ASM" if ($aes_obj =~ m/vpaes/);
+ $cflags.=" -DBSAES_ASM" if ($aes_obj =~ m/bsaes/);
}
else {
$aes_obj=$aes_enc;
}
+$wp_obj="" if ($wp_obj =~ /mmx/ && $processor eq "386");
+if ($wp_obj =~ /\.o$/ && !$disabled{"whirlpool"})
+ {
+ $cflags.=" -DWHIRLPOOL_ASM";
+ }
+else {
+ $wp_obj="wp_block.o";
+ }
+$cmll_obj=$cmll_enc unless ($cmll_obj =~ /.o$/);
+if ($modes_obj =~ /ghash/)
+ {
+ $cflags.=" -DGHASH_ASM";
+ }
# "Stringify" the C flags string. This permits it to be made part of a string
# and works as well on command lines.
@@ -1483,13 +1594,13 @@
if ($sdirs) {
my $dir;
foreach $dir (@skip) {
- s/(\s)$dir\s/$1/;
+ s/(\s)$dir /$1/;
s/\s$dir$//;
}
}
$sdirs = 0 unless /\\$/;
- s/fips // if (/^DIRS=/ && !$fips);
s/engines // if (/^DIRS=/ && $disabled{"engine"});
+ s/ccgost// if (/^ENGDIRS=/ && $disabled{"gost"});
s/^VERSION=.*/VERSION=$version/;
s/^MAJOR=.*/MAJOR=$major/;
s/^MINOR=.*/MINOR=$minor/;
@@ -1499,6 +1610,7 @@
s/^SHLIB_MINOR=.*/SHLIB_MINOR=$shlib_minor/;
s/^SHLIB_EXT=.*/SHLIB_EXT=$shared_extension/;
s/^INSTALLTOP=.*$/INSTALLTOP=$prefix/;
+ s/^MULTILIB=.*$/MULTILIB=$multilib/;
s/^OPENSSLDIR=.*$/OPENSSLDIR=$openssldir/;
s/^LIBDIR=.*$/LIBDIR=$libdir/;
s/^INSTALL_PREFIX=.*$/INSTALL_PREFIX=$install_prefix/;
@@ -1509,14 +1621,16 @@
{
s/^CC=.*$/CROSS_COMPILE= $cross_compile_prefix\nCC= \$\(CROSS_COMPILE\)$cc/;
s/^AR=\s*/AR= \$\(CROSS_COMPILE\)/;
+ s/^NM=\s*/NM= \$\(CROSS_COMPILE\)/;
s/^RANLIB=\s*/RANLIB= \$\(CROSS_COMPILE\)/;
+ s/^MAKEDEPPROG=.*$/MAKEDEPPROG= \$\(CROSS_COMPILE\)$cc/ if $cc eq "gcc";
}
else {
s/^CC=.*$/CC= $cc/;
s/^AR=\s*ar/AR= $ar/;
s/^RANLIB=.*/RANLIB= $ranlib/;
+ s/^MAKEDEPPROG=.*$/MAKEDEPPROG= $cc/ if $cc eq "gcc";
}
- s/^MAKEDEPPROG=.*$/MAKEDEPPROG= $cc/ if $cc eq "gcc";
s/^CFLAG=.*$/CFLAG= $cflags/;
s/^DEPFLAG=.*$/DEPFLAG=$depflags/;
s/^PEX_LIBS=.*$/PEX_LIBS= $prelflags/;
@@ -1525,7 +1639,7 @@
s/^CPUID_OBJ=.*$/CPUID_OBJ= $cpuid_obj/;
s/^BN_ASM=.*$/BN_ASM= $bn_obj/;
s/^DES_ENC=.*$/DES_ENC= $des_obj/;
- s/^AES_ASM_OBJ=.*$/AES_ASM_OBJ= $aes_obj/;
+ s/^AES_ENC=.*$/AES_ENC= $aes_obj/;
s/^BF_ENC=.*$/BF_ENC= $bf_obj/;
s/^CAST_ENC=.*$/CAST_ENC= $cast_obj/;
s/^RC4_ENC=.*$/RC4_ENC= $rc4_obj/;
@@ -1533,6 +1647,11 @@
s/^MD5_ASM_OBJ=.*$/MD5_ASM_OBJ= $md5_obj/;
s/^SHA1_ASM_OBJ=.*$/SHA1_ASM_OBJ= $sha1_obj/;
s/^RMD160_ASM_OBJ=.*$/RMD160_ASM_OBJ= $rmd160_obj/;
+ s/^WP_ASM_OBJ=.*$/WP_ASM_OBJ= $wp_obj/;
+ s/^CMLL_ENC=.*$/CMLL_ENC= $cmll_obj/;
+ s/^MODES_ASM_OBJ.=*$/MODES_ASM_OBJ= $modes_obj/;
+ s/^ENGINES_ASM_OBJ.=*$/ENGINES_ASM_OBJ= $engines_obj/;
+ s/^PERLASM_SCHEME=.*$/PERLASM_SCHEME= $perlasm_scheme/;
s/^PROCESSOR=.*/PROCESSOR= $processor/;
s/^ARFLAGS=.*/ARFLAGS= $arflags/;
s/^PERL=.*/PERL= $perl/;
@@ -1540,24 +1659,15 @@
s/^LIBKRB5=.*/LIBKRB5=$withargs{"krb5-lib"}/;
s/^LIBZLIB=.*/LIBZLIB=$withargs{"zlib-lib"}/;
s/^ZLIB_INCLUDE=.*/ZLIB_INCLUDE=$withargs{"zlib-include"}/;
+
+ s/^FIPSDIR=.*/FIPSDIR=$fipsdir/;
s/^FIPSLIBDIR=.*/FIPSLIBDIR=$fipslibdir/;
- if ($fipsdso)
- {
- s/^FIPSCANLIB=.*/FIPSCANLIB=libfips/;
- s/^SHARED_FIPS=.*/SHARED_FIPS=libfips\$(SHLIB_EXT)/;
- s/^SHLIBDIRS=.*/SHLIBDIRS= crypto ssl fips/;
- }
- else
- {
- s/^FIPSCANLIB=.*/FIPSCANLIB=libcrypto/ if $fips;
- s/^SHARED_FIPS=.*/SHARED_FIPS=/;
- s/^SHLIBDIRS=.*/SHLIBDIRS= crypto ssl/;
- }
- s/^FIPSCANISTERINTERNAL=.*/FIPSCANISTERINTERNAL=$fipscanisterinternal/;
+ s/^FIPSCANLIB=.*/FIPSCANLIB=libcrypto/ if $fips;
s/^BASEADDR=.*/BASEADDR=$baseaddr/;
+
s/^SHLIB_TARGET=.*/SHLIB_TARGET=$shared_target/;
s/^SHLIB_MARK=.*/SHLIB_MARK=$shared_mark/;
- s/^SHARED_LIBS=.*/SHARED_LIBS=\$(SHARED_FIPS) \$(SHARED_CRYPTO) \$(SHARED_SSL)/ if (!$no_shared);
+ s/^SHARED_LIBS=.*/SHARED_LIBS=\$(SHARED_CRYPTO) \$(SHARED_SSL)/ if (!$no_shared);
if ($shared_extension ne "" && $shared_extension =~ /^\.s([ol])\.[^\.]*$/)
{
my $sotmp = $1;
@@ -1590,7 +1700,7 @@
print "CPUID_OBJ =$cpuid_obj\n";
print "BN_ASM =$bn_obj\n";
print "DES_ENC =$des_obj\n";
-print "AES_ASM_OBJ =$aes_obj\n";
+print "AES_ENC =$aes_obj\n";
print "BF_ENC =$bf_obj\n";
print "CAST_ENC =$cast_obj\n";
print "RC4_ENC =$rc4_obj\n";
@@ -1598,6 +1708,9 @@
print "MD5_OBJ_ASM =$md5_obj\n";
print "SHA1_OBJ_ASM =$sha1_obj\n";
print "RMD160_OBJ_ASM=$rmd160_obj\n";
+print "CMLL_ENC =$cmll_obj\n";
+print "MODES_OBJ =$modes_obj\n";
+print "ENGINES_OBJ =$engines_obj\n";
print "PROCESSOR =$processor\n";
print "RANLIB =$ranlib\n";
print "ARFLAGS =$arflags\n";
@@ -1659,6 +1772,9 @@
print OUT "/* opensslconf.h */\n";
print OUT "/* WARNING: Generated automatically from opensslconf.h.in by Configure. */\n\n";
+print OUT "#ifdef __cplusplus\n";
+print OUT "extern \"C\" {\n";
+print OUT "#endif\n";
print OUT "/* OpenSSL was configured with the following options: */\n";
my $openssl_algorithm_defines_trans = $openssl_algorithm_defines;
$openssl_experimental_defines =~ s/^\s*#\s*define\s+OPENSSL_NO_(.*)/#ifndef OPENSSL_EXPERIMENTAL_$1\n# ifndef OPENSSL_NO_$1\n# define OPENSSL_NO_$1\n# endif\n#endif/mg;
@@ -1685,7 +1801,7 @@
print OUT $openssl_algorithm_defines_trans;
print OUT "#endif\n\n";
-print OUT "#define OPENSSL_CPUID_OBJ\n\n" if ($cpuid_obj);
+print OUT "#define OPENSSL_CPUID_OBJ\n\n" if ($cpuid_obj ne "mem_clr.o");
while (<IN>)
{
@@ -1697,10 +1813,7 @@
}
elsif (/^#define\s+ENGINESDIR/)
{
- # $foo is to become "$prefix/lib$multilib/engines";
- # as Makefile.org and engines/Makefile are adapted for
- # $multilib suffix.
- my $foo = "$prefix/lib/engines";
+ my $foo = "$prefix/$libdir/engines";
$foo =~ s/\\/\\\\/g;
print OUT "#define ENGINESDIR \"$foo\"\n";
}
@@ -1766,6 +1879,9 @@
{ print OUT $_; }
}
close(IN);
+print OUT "#ifdef __cplusplus\n";
+print OUT "}\n";
+print OUT "#endif\n";
close(OUT);
rename("crypto/opensslconf.h","crypto/opensslconf.h.bak") || die "unable to rename crypto/opensslconf.h\n" if -e "crypto/opensslconf.h";
rename("crypto/opensslconf.h.new","crypto/opensslconf.h") || die "unable to rename crypto/opensslconf.h.new\n";
@@ -1866,16 +1982,9 @@
BEGIN
BLOCK "040904b0"
BEGIN
-#if defined(FIPS)
- VALUE "Comments", "WARNING: TEST VERSION ONLY ***NOT*** FIPS 140-2 VALIDATED.\\0"
-#endif
// Required:
VALUE "CompanyName", "The OpenSSL Project, http://www.openssl.org/\\0"
-#if defined(FIPS)
- VALUE "FileDescription", "TEST UNVALIDATED FIPS140-2 DLL\\0"
-#else
VALUE "FileDescription", "OpenSSL Shared Library\\0"
-#endif
VALUE "FileVersion", "$version\\0"
#if defined(CRYPTO)
VALUE "InternalName", "libeay32\\0"
@@ -1883,15 +1992,12 @@
#elif defined(SSL)
VALUE "InternalName", "ssleay32\\0"
VALUE "OriginalFilename", "ssleay32.dll\\0"
-#elif defined(FIPS)
- VALUE "InternalName", "libosslfips\\0"
- VALUE "OriginalFilename", "libosslfips.dll\\0"
#endif
VALUE "ProductName", "The OpenSSL Toolkit\\0"
VALUE "ProductVersion", "$version\\0"
// Optional:
//VALUE "Comments", "\\0"
- VALUE "LegalCopyright", "Copyright \xA9 1998-2007 The OpenSSL Project. Copyright \xA9 1995-1998 Eric A. Young, Tim J. Hudson. All rights reserved.\\0"
+ VALUE "LegalCopyright", "Copyright \xA9 1998-2005 The OpenSSL Project. Copyright \xA9 1995-1998 Eric A. Young, Tim J. Hudson. All rights reserved.\\0"
//VALUE "LegalTrademarks", "\\0"
//VALUE "PrivateBuild", "\\0"
//VALUE "SpecialBuild", "\\0"
@@ -1928,21 +2034,6 @@
(but please first make sure you have tried with a current version of OpenSSL).
EOF
-print <<\EOF if ($fipscanisterinternal eq "y");
-
-WARNING: OpenSSL has been configured using unsupported option(s) to internally
-generate a fipscanister.o object module for TESTING PURPOSES ONLY; that
-compiled module is NOT FIPS 140-2 validated and CANNOT be used to replace the
-OpenSSL FIPS Object Module as identified by the CMVP
-(http://csrc.nist.gov/cryptval/) in any application requiring the use of FIPS
-140-2 validated software.
-
-This is an OpenSSL 0.9.8 test version.
-
-See the file README.FIPS for details of how to build a test library.
-
-EOF
-
exit(0);
sub usage
@@ -2018,8 +2109,9 @@
(my $cc,my $cflags,my $unistd,my $thread_cflag,my $sys_id,my $lflags,
my $bn_ops,my $cpuid_obj,my $bn_obj,my $des_obj,my $aes_obj, my $bf_obj,
my $md5_obj,my $sha1_obj,my $cast_obj,my $rc4_obj,my $rmd160_obj,
- my $rc5_obj,my $dso_scheme,my $shared_target,my $shared_cflag,
- my $shared_ldflag,my $shared_extension,my $ranlib,my $arflags)=
+ my $rc5_obj,my $wp_obj,my $cmll_obj,my $modes_obj, my $engines_obj,
+ my $perlasm_scheme,my $dso_scheme,my $shared_target,my $shared_cflag,
+ my $shared_ldflag,my $shared_extension,my $ranlib,my $arflags,my $multilib)=
split(/\s*:\s*/,$table{$target} . ":" x 30 , -1);
print <<EOF
@@ -2043,6 +2135,11 @@
\$rc4_obj = $rc4_obj
\$rmd160_obj = $rmd160_obj
\$rc5_obj = $rc5_obj
+\$wp_obj = $wp_obj
+\$cmll_obj = $cmll_obj
+\$modes_obj = $modes_obj
+\$engines_obj = $engines_obj
+\$perlasm_scheme = $perlasm_scheme
\$dso_scheme = $dso_scheme
\$shared_target= $shared_target
\$shared_cflag = $shared_cflag
@@ -2050,6 +2147,7 @@
\$shared_extension = $shared_extension
\$ranlib = $ranlib
\$arflags = $arflags
+\$multilib = $multilib
EOF
}
@@ -2066,33 +2164,25 @@
{
@fields = split(/\s*:\s*/,$table{$target} . ":" x 30 , -1);
- if ($fields[$idx_dso_scheme-1] =~ /^(dl|dlfcn|win32|vms)$/)
+ if ($fields[$idx_dso_scheme-1] =~ /^(beos|dl|dlfcn|win32|vms)$/)
{
$errorcnt++;
print STDERR "SANITY ERROR: '$target' has the dso_scheme [$idx_dso_scheme] values\n";
print STDERR " in the previous field\n";
}
- elsif ($fields[$idx_dso_scheme+1] =~ /^(dl|dlfcn|win32|vms)$/)
+ elsif ($fields[$idx_dso_scheme+1] =~ /^(beos|dl|dlfcn|win32|vms)$/)
{
$errorcnt++;
print STDERR "SANITY ERROR: '$target' has the dso_scheme [$idx_dso_scheme] values\n";
print STDERR " in the following field\n";
}
- elsif ($fields[$idx_dso_scheme] !~ /^(dl|dlfcn|win32|vms|)$/)
+ elsif ($fields[$idx_dso_scheme] !~ /^(beos|dl|dlfcn|win32|vms|)$/)
{
$errorcnt++;
print STDERR "SANITY ERROR: '$target' has the dso_scheme [$idx_dso_scheme] field = ",$fields[$idx_dso_scheme],"\n";
- print STDERR " valid values are 'dl', 'dlfcn', 'win32' and 'vms'\n";
+ print STDERR " valid values are 'beos', 'dl', 'dlfcn', 'win32' and 'vms'\n";
}
}
print STDERR "No sanity errors detected!\n" if $errorcnt == 0;
return $errorcnt;
}
-
-# Attempt to detect MSYS environment
-
-sub is_msys
- {
- return 1 if (exists $ENV{"TERM"} && $ENV{"TERM"} eq "msys");
- return 0;
- }
Modified: trunk/crypto/openssl/FAQ
===================================================================
--- trunk/crypto/openssl/FAQ 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/FAQ 2015-07-21 23:23:45 UTC (rev 7118)
@@ -83,7 +83,7 @@
* Which is the current version of OpenSSL?
The current version is available from <URL: http://www.openssl.org>.
-OpenSSL 1.0.1d was released on Feb 5th, 2013.
+OpenSSL 1.0.1e was released on Feb 11th, 2013.
In addition to the current stable release, you can also access daily
snapshots of the OpenSSL development version at <URL:
Modified: trunk/crypto/openssl/INSTALL
===================================================================
--- trunk/crypto/openssl/INSTALL 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/INSTALL 2015-07-21 23:23:45 UTC (rev 7118)
@@ -98,11 +98,17 @@
The crypto/<cipher> directory can be removed after running
"make depend".
- -Dxxx, -lxxx, -Lxxx, -fxxx, -mxxx, -Kxxx These system specific options will
+ -Dxxx, -lxxx, -Lxxx, -fxxx, -mXXX, -Kxxx These system specific options will
be passed through to the compiler to allow you to
define preprocessor symbols, specify additional libraries,
library directories or other compiler options.
+ -DHAVE_CRYPTODEV Enable the BSD cryptodev engine even if we are not using
+ BSD. Useful if you are running ocf-linux or something
+ similar. Once enabled you can also enable the use of
+ cryptodev digests, which is usually slower unless you have
+ large amounts data. Use -DUSE_CRYPTODEV_DIGESTS to force
+ it.
Installation in Detail
----------------------
@@ -206,6 +212,10 @@
compile programs with libcrypto or libssl.
lib Contains the OpenSSL library files themselves.
+ Use "make install_sw" to install the software without documentation,
+ and "install_docs_html" to install HTML renditions of the manual
+ pages.
+
Package builders who want to configure the library for standard
locations, but have the package installed somewhere else so that
it can easily be packaged, can use
Copied: trunk/crypto/openssl/INSTALL.DJGPP (from rev 7117, vendor-crypto/openssl/dist/INSTALL.DJGPP)
===================================================================
--- trunk/crypto/openssl/INSTALL.DJGPP (rev 0)
+++ trunk/crypto/openssl/INSTALL.DJGPP 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,47 @@
+
+
+ INSTALLATION ON THE DOS PLATFORM WITH DJGPP
+ -------------------------------------------
+
+ OpenSSL has been ported to DJGPP, a Unix look-alike 32-bit run-time
+ environment for 16-bit DOS, but only with long filename support.
+ If you wish to compile on native DOS with 8+3 filenames, you will
+ have to tweak the installation yourself, including renaming files
+ with illegal or duplicate names.
+
+ You should have a full DJGPP environment installed, including the
+ latest versions of DJGPP, GCC, BINUTILS, BASH, etc. This package
+ requires that PERL and BC also be installed.
+
+ All of these can be obtained from the usual DJGPP mirror sites or
+ directly at "http://www.delorie.com/pub/djgpp". For help on which
+ files to download, see the DJGPP "ZIP PICKER" page at
+ "http://www.delorie.com/djgpp/zip-picker.html". You also need to have
+ the WATT-32 networking package installed before you try to compile
+ OpenSSL. This can be obtained from "http://www.bgnett.no/~giva/".
+ The Makefile assumes that the WATT-32 code is in the directory
+ specified by the environment variable WATT_ROOT. If you have watt-32
+ in directory "watt32" under your main DJGPP directory, specify
+ WATT_ROOT="/dev/env/DJDIR/watt32".
+
+ To compile OpenSSL, start your BASH shell, then configure for DJGPP by
+ running "./Configure" with appropriate arguments:
+
+ ./Configure no-threads --prefix=/dev/env/DJDIR DJGPP
+
+ And finally fire up "make". You may run out of DPMI selectors when
+ running in a DOS box under Windows. If so, just close the BASH
+ shell, go back to Windows, and restart BASH. Then run "make" again.
+
+ RUN-TIME CAVEAT LECTOR
+ --------------
+
+ Quoting FAQ:
+
+ "Cryptographic software needs a source of unpredictable data to work
+ correctly. Many open source operating systems provide a "randomness
+ device" (/dev/urandom or /dev/random) that serves this purpose."
+
+ As of version 0.9.7f DJGPP port checks upon /dev/urandom$ for a 3rd
+ party "randomness" DOS driver. One such driver, NOISE.SYS, can be
+ obtained from "http://www.rahul.net/dkaufman/index.html".
Copied: trunk/crypto/openssl/INSTALL.MacOS (from rev 7117, vendor-crypto/openssl/dist/INSTALL.MacOS)
===================================================================
--- trunk/crypto/openssl/INSTALL.MacOS (rev 0)
+++ trunk/crypto/openssl/INSTALL.MacOS 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,72 @@
+OpenSSL - Port To The Macintosh OS 9 or Earlier
+===============================================
+
+Thanks to Roy Wood <roy at centricsystems.ca> initial support for Mac OS (pre
+X) is now provided. "Initial" means that unlike other platforms where you
+get an SDK and a "swiss army" openssl application, on Macintosh you only
+get one sample application which fetches a page over HTTPS(*) and dumps it
+in a window. We don't even build the test applications so that we can't
+guarantee that all algorithms are operational.
+
+Required software:
+
+- StuffIt Expander 5.5 or later, alternatively MacGzip and SUNtar;
+- Scriptable Finder;
+- CodeWarrior Pro 5;
+
+Installation procedure:
+
+- fetch the source at ftp://ftp.openssl.org/ (well, you probably already
+ did, huh?)
+- unpack the .tar.gz file:
+ - if you have StuffIt Expander then just drag it over it;
+ - otherwise uncompress it with MacGzip and then unpack with SUNtar;
+- locate MacOS folder in OpenSSL source tree and open it;
+- unbinhex mklinks.as.hqx and OpenSSL.mcp.hqx if present (**), do it
+ "in-place", i.e. unpacked files should end-up in the very same folder;
+- execute mklinks.as;
+- open OpenSSL.mcp(***) and build 'GetHTTPS PPC' target(****);
+- that's it for now;
+
+(*) URL is hardcoded into ./MacOS/GetHTTPS.src/GetHTTPS.cpp, lines 40
+ to 42, change appropriately.
+(**) If you use SUNtar, then it might have already unbinhexed the files
+ in question.
+(***) The project file was saved with CW Pro 5.3. If you have an earlier
+ version and it refuses to open it, then download
+ http://www.openssl.org/~appro/OpenSSL.mcp.xml and import it
+ overwriting the original OpenSSL.mcp.
+(****) Other targets are works in progress. If you feel like giving 'em a
+ shot, then you should know that OpenSSL* and Lib* targets are
+ supposed to be built with the GUSI, MacOS library which mimics
+ BSD sockets and some other POSIX APIs. The GUSI distribution is
+ expected to be found in the same directory as the openssl source tree,
+ i.e., in the parent directory to the one where this very file,
+ namely INSTALL.MacOS, resides. For more information about GUSI, see
+ http://www.iis.ee.ethz.ch/~neeri/macintosh/gusi-qa.html
+
+Finally some essential comments from our generous contributor:-)
+
+"I've gotten OpenSSL working on the Macintosh. It's probably a bit of a
+hack, but it works for what I'm doing. If you don't like the way I've done
+it, then feel free to change what I've done. I freely admit that I've done
+some less-than-ideal things in my port, and if you don't like the way I've
+done something, then feel free to change it-- I won't be offended!
+
+... I've tweaked "bss_sock.c" a little to call routines in a "MacSocket"
+library I wrote. My MacSocket library is a wrapper around OpenTransport,
+handling stuff like endpoint creation, reading, writing, etc. It is not
+designed as a high-performance package such as you'd use in a webserver,
+but is fine for lots of other applications. MacSocket also uses some other
+code libraries I've written to deal with string manipulations and error
+handling. Feel free to use these things in your own code, but give me
+credit and/or send me free stuff in appreciation! :-)
+
+...
+
+If you have any questions, feel free to email me as the following:
+
+roy at centricsystems.ca
+
+-Roy Wood"
+
Copied: trunk/crypto/openssl/INSTALL.NW (from rev 7117, vendor-crypto/openssl/dist/INSTALL.NW)
===================================================================
--- trunk/crypto/openssl/INSTALL.NW (rev 0)
+++ trunk/crypto/openssl/INSTALL.NW 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,454 @@
+
+INSTALLATION ON THE NETWARE PLATFORM
+------------------------------------
+
+Notes about building OpenSSL for NetWare.
+
+
+BUILD PLATFORM:
+---------------
+The build scripts (batch files, perl scripts, etc) have been developed and
+tested on W2K. The scripts should run fine on other Windows platforms
+(NT, Win9x, WinXP) but they have not been tested. They may require some
+modifications.
+
+
+Supported NetWare Platforms - NetWare 5.x, NetWare 6.x:
+-------------------------------------------------------
+OpenSSL can either use the WinSock interfaces introduced in NetWare 5,
+or the BSD socket interface. Previous versions of NetWare, 4.x and 3.x,
+are only supported if OpenSSL is build for CLIB and BSD sockets;
+WinSock builds only support NetWare 5 and up.
+
+On NetWare there are two c-runtime libraries. There is the legacy CLIB
+interfaces and the newer LIBC interfaces. Being ANSI-C libraries, the
+functionality in CLIB and LIBC is similar but the LIBC interfaces are built
+using Novell Kernal Services (NKS) which is designed to leverage
+multi-processor environments.
+
+The NetWare port of OpenSSL can be configured to build using CLIB or LIBC.
+The CLIB build was developed and tested using NetWare 5.0 sp6.0a. The LIBC
+build was developed and tested using the NetWare 6.0 FCS.
+
+The necessary LIBC functionality ships with NetWare 6. However, earlier
+NetWare 5.x versions will require updates in order to run the OpenSSL LIBC
+build (NetWare 5.1 SP8 is known to work).
+
+As of June 2005, the LIBC build can be configured to use BSD sockets instead
+of WinSock sockets. Call Configure (usually through netware\build.bat) using
+a target of "netware-libc-bsdsock" instead of "netware-libc".
+
+As of June 2007, support for CLIB and BSD sockets is also now available
+using a target of "netware-clib-bsdsock" instead of "netware-clib";
+also gcc builds are now supported on both Linux and Win32 (post 0.9.8e).
+
+REQUIRED TOOLS:
+---------------
+Based upon the configuration and build options used, some or all of the
+following tools may be required:
+
+* Perl for Win32 - required (http://www.activestate.com/ActivePerl)
+ Used to run the various perl scripts on the build platform.
+
+* Perl 5.8.0 for NetWare v3.20 (or later) - required
+ (http://developer.novell.com) Used to run the test script on NetWare
+ after building.
+
+* Compiler / Linker - required:
+ Metrowerks CodeWarrior PDK 2.1 (or later) for NetWare (commercial):
+ Provides command line tools used for building.
+ Tools:
+ mwccnlm.exe - C/C++ Compiler for NetWare
+ mwldnlm.exe - Linker for NetWare
+ mwasmnlm.exe - x86 assembler for NetWare (if using assembly option)
+
+ gcc / nlmconv Cross-Compiler, available from Novell Forge (free):
+ http://forge.novell.com/modules/xfmod/project/?aunixnw
+
+* Assemblers - optional:
+ If you intend to build using the assembly options you will need an
+ assembler. Work has been completed to support two assemblers, Metrowerks
+ and NASM. However, during development, a bug was found in the Metrowerks
+ assembler which generates incorrect code. Until this problem is fixed,
+ the Metrowerks assembler cannot be used.
+
+ mwasmnlm.exe - Metrowerks x86 assembler - part of CodeWarrior tools.
+ (version 2.2 Built Aug 23, 1999 - not useable due to code
+ generation bug)
+
+ nasmw.exe - Netwide Assembler NASM
+ version 0.98 was used in development and testing
+
+* Make Tool - required:
+ In order to build you will need a make tool. Two make tools are
+ supported, GNU make (gmake.exe) or Microsoft nmake.exe.
+
+ make.exe - GNU make for Windows (version 3.75 used for development)
+ http://gnuwin32.sourceforge.net/packages/make.htm
+
+ nmake.exe - Microsoft make (Version 6.00.8168.0 used for development)
+ http://support.microsoft.com/kb/132084/EN-US/
+
+* Novell Developer Kit (NDK) - required: (http://developer.novell.com)
+
+ CLIB - BUILDS:
+
+ WinSock2 Developer Components for NetWare:
+ For initial development, the October 27, 2000 version was used.
+ However, future versions should also work.
+
+ NOTE: The WinSock2 components include headers & import files for
+ NetWare, but you will also need the winsock2.h and supporting
+ headers (pshpack4.h, poppack.h, qos.h) delivered in the
+ Microsoft SDK. Note: The winsock2.h support headers may change
+ with various versions of winsock2.h. Check the dependencies
+ section on the NDK WinSock2 download page for the latest
+ information on dependencies. These components are unsupported by
+ Novell. They are provided as a courtesy, but it is strongly
+ suggested that all development be done using LIBC, not CLIB.
+
+ As of June 2005, the WinSock2 components are available at:
+ http://forgeftp.novell.com//ws2comp/
+
+
+ NLM and NetWare libraries for C (including CLIB and XPlat):
+ If you are going to build a CLIB version of OpenSSL, you will
+ need the CLIB headers and imports. The March, 2001 NDK release or
+ later is recommended.
+
+ Earlier versions should work but haven't been tested. In recent
+ versions the import files have been consolidated and function
+ names moved. This means you may run into link problems
+ (undefined symbols) when using earlier versions. The functions
+ are available in earlier versions, but you will have to modifiy
+ the make files to include additional import files (see
+ openssl\util\pl\netware.pl).
+
+
+ LIBC - BUILDS:
+
+ Libraries for C (LIBC) - LIBC headers and import files
+ If you are going to build a LIBC version of OpenSSL, you will
+ need the LIBC headers and imports. The March 14, 2002 NDK release or
+ later is required.
+
+ NOTE: The LIBC SDK includes the necessary WinSock2 support.
+ It is not necessary to download the WinSock2 NDK when building for
+ LIBC. The LIBC SDK also includes the appropriate BSD socket support
+ if configuring to use BSD sockets.
+
+
+BUILDING:
+---------
+Before building, you will need to set a few environment variables. You can
+set them manually or you can modify the "netware\set_env.bat" file.
+
+The set_env.bat file is a template you can use to set up the path
+and environment variables you will need to build. Modify the
+various lines to point to YOUR tools and run set_env.bat.
+
+ netware\set_env.bat <target> [compiler]
+
+ target - "netware-clib" - CLIB NetWare build
+ - "netware-libc" - LIBC NetWare build
+
+ compiler - "gnuc" - GNU GCC Compiler
+ - "codewarrior" - MetroWerks CodeWarrior (default)
+
+If you don't use set_env.bat, you will need to set up the following
+environment variables:
+
+ PATH - Set PATH to point to the tools you will use.
+
+ INCLUDE - The location of the NDK include files.
+
+ CLIB ex: set INCLUDE=c:\ndk\nwsdk\include\nlm
+ LIBC ex: set INCLUDE=c:\ndk\libc\include
+
+ PRELUDE - The absolute path of the prelude object to link with. For
+ a CLIB build it is recommended you use the "clibpre.o" files shipped
+ with the Metrowerks PDK for NetWare. For a LIBC build you should
+ use the "libcpre.o" file delivered with the LIBC NDK components.
+
+ CLIB ex: set PRELUDE=c:\ndk\nwsdk\imports\clibpre.o
+ LIBC ex: set PRELUDE=c:\ndk\libc\imports\libcpre.o
+
+ IMPORTS - The locaton of the NDK import files.
+
+ CLIB ex: set IMPORTS=c:\ndk\nwsdk\imports
+ LIBC ex: set IMPORTS=c:\ndk\libc\imports
+
+
+In order to build, you need to run the Perl scripts to configure the build
+process and generate a make file. There is a batch file,
+"netware\build.bat", to automate the process.
+
+Build.bat runs the build configuration scripts and generates a make file.
+If an assembly option is specified, it also runs the scripts to generate
+the assembly code. Always run build.bat from the "openssl" directory.
+
+ netware\build [target] [debug opts] [assembly opts] [configure opts]
+
+ target - "netware-clib" - CLIB NetWare build (WinSock Sockets)
+ - "netware-clib-bsdsock" - CLIB NetWare build (BSD Sockets)
+ - "netware-libc" - LIBC NetWare build (WinSock Sockets)
+ - "netware-libc-bsdsock" - LIBC NetWare build (BSD Sockets)
+
+ debug opts - "debug" - build debug
+
+ assembly opts - "nw-mwasm" - use Metrowerks assembler
+ "nw-nasm" - use NASM assembler
+ "no-asm" - don't use assembly
+
+ configure opts- all unrecognized arguments are passed to the
+ perl 'configure' script. See that script for
+ internal documentation regarding options that
+ are available.
+
+ examples:
+
+ CLIB build, debug, without assembly:
+ netware\build.bat netware-clib debug no-asm
+
+ LIBC build, non-debug, using NASM assembly, add mdc2 support:
+ netware\build.bat netware-libc nw-nasm enable-mdc2
+
+ LIBC build, BSD sockets, non-debug, without assembly:
+ netware\build.bat netware-libc-bsdsock no-asm
+
+Running build.bat generates a make file to be processed by your make
+tool (gmake or nmake):
+
+ CLIB ex: gmake -f netware\nlm_clib_dbg.mak
+ LIBC ex: gmake -f netware\nlm_libc.mak
+ LIBC ex: gmake -f netware\nlm_libc_bsdsock.mak
+
+
+You can also run the build scripts manually if you do not want to use the
+build.bat file. Run the following scripts in the "\openssl"
+subdirectory (in the order listed below):
+
+ perl configure no-asm [other config opts] [netware-clib|netware-libc|netware-libc-bsdsock]
+ configures no assembly build for specified netware environment
+ (CLIB or LIBC).
+
+ perl util\mkfiles.pl >MINFO
+ generates a listing of source files (used by mk1mf)
+
+ perl util\mk1mf.pl no-asm [other config opts] [netware-clib|netware-libc|netware-libc-bsdsock >netware\nlm.mak
+ generates the makefile for NetWare
+
+ gmake -f netware\nlm.mak
+ build with the make tool (nmake.exe also works)
+
+NOTE: If you are building using the assembly option, you must also run the
+various Perl scripts to generate the assembly files. See build.bat
+for an example of running the various assembly scripts. You must use the
+"no-asm" option to build without assembly. The configure and mk1mf scripts
+also have various other options. See the scripts for more information.
+
+
+The output from the build is placed in the following directories:
+
+ CLIB Debug build:
+ out_nw_clib.dbg - static libs & test nlm(s)
+ tmp_nw_clib.dbg - temporary build files
+ outinc_nw_clib - necessary include files
+
+ CLIB Non-debug build:
+ out_nw_clib - static libs & test nlm(s)
+ tmp_nw_clib - temporary build files
+ outinc_nw_clib - necesary include files
+
+ LIBC Debug build:
+ out_nw_libc.dbg - static libs & test nlm(s)
+ tmp_nw_libc.dbg - temporary build files
+ outinc_nw_libc - necessary include files
+
+ LIBC Non-debug build:
+ out_nw_libc - static libs & test nlm(s)
+ tmp_nw_libc - temporary build files
+ outinc_nw_libc - necesary include files
+
+
+TESTING:
+--------
+The build process creates the OpenSSL static libs ( crypto.lib, ssl.lib,
+rsaglue.lib ) and several test programs. You should copy the test programs
+to your NetWare server and run the tests.
+
+The batch file "netware\cpy_tests.bat" will copy all the necessary files
+to your server for testing. In order to run the batch file, you need a
+drive mapped to your target server. It will create an "OpenSSL" directory
+on the drive and copy the test files to it. CAUTION: If a directory with the
+name of "OpenSSL" already exists, it will be deleted.
+
+To run cpy_tests.bat:
+
+ netware\cpy_tests [output directory] [NetWare drive]
+
+ output directory - "out_nw_clib.dbg", "out_nw_libc", etc.
+ NetWare drive - drive letter of mapped drive
+
+ CLIB ex: netware\cpy_tests out_nw_clib m:
+ LIBC ex: netware\cpy_tests out_nw_libc m:
+
+
+The Perl script, "do_tests.pl", in the "OpenSSL" directory on the server
+should be used to execute the tests. Before running the script, make sure
+your SEARCH PATH includes the "OpenSSL" directory. For example, if you
+copied the files to the "sys:" volume you use the command:
+
+ SEARCH ADD SYS:\OPENSSL
+
+
+To run do_tests.pl type (at the console prompt):
+
+ perl \openssl\do_tests.pl [options]
+
+ options:
+ -p - pause after executing each test
+
+The do_tests.pl script generates a log file "\openssl\test_out\tests.log"
+which should be reviewed for errors. Any errors will be denoted by the word
+"ERROR" in the log.
+
+DEVELOPING WITH THE OPENSSL SDK:
+--------------------------------
+Now that everything is built and tested, you are ready to use the OpenSSL
+libraries in your development.
+
+There is no real installation procedure, just copy the static libs and
+headers to your build location. The libs (crypto.lib & ssl.lib) are
+located in the appropriate "out_nw_XXXX" directory
+(out_nw_clib, out_nw_libc, etc).
+
+The headers are located in the appropriate "outinc_nw_XXX" directory
+(outinc_nw_clib, outinc_nw_libc).
+
+One suggestion is to create the following directory
+structure for the OpenSSL SDK:
+
+ \openssl
+ |- bin
+ | |- openssl.nlm
+ | |- (other tests you want)
+ |
+ |- lib
+ | | - crypto.lib
+ | | - ssl.lib
+ |
+ |- include
+ | | - openssl
+ | | | - (all the headers in "outinc_nw\openssl")
+
+
+The program "openssl.nlm" can be very useful. It has dozens of
+options and you may want to keep it handy for debugging, testing, etc.
+
+When building your apps using OpenSSL, define "NETWARE". It is needed by
+some of the OpenSSL headers. One way to do this is with a compile option,
+for example "-DNETWARE".
+
+
+
+NOTES:
+------
+
+Resource leaks in Tests
+------------------------
+Some OpenSSL tests do not clean up resources and NetWare reports
+the resource leaks when the tests unload. If this really bugs you,
+you can stop the messages by setting the developer option off at the console
+prompt (set developer option = off). Or better yet, fix the tests to
+clean up the resources!
+
+
+Multi-threaded Development
+---------------------------
+The NetWare version of OpenSSL is thread-safe, however multi-threaded
+applications must provide the necessary locking function callbacks. This
+is described in doc\threads.doc. The file "openssl-x.x.x\crypto\threads\mttest.c"
+is a multi-threaded test program and demonstrates the locking functions.
+
+
+What is openssl2.nlm?
+---------------------
+The openssl program has numerous options and can be used for many different
+things. Many of the options operate in an interactive mode requiring the
+user to enter data. Because of this, a default screen is created for the
+program. However, when running the test script it is not desirable to
+have a seperate screen. Therefore, the build also creates openssl2.nlm.
+Openssl2.nlm is functionally identical but uses the console screen.
+Openssl2 can be used when a non-interactive mode is desired.
+
+NOTE: There are may other possibilities (command line options, etc)
+which could have been used to address the screen issue. The openssl2.nlm
+option was chosen because it impacted only the build not the code.
+
+
+Why only static libraries?
+--------------------------
+Globals, globals, and more globals. The OpenSSL code uses many global
+variables that are allocated and initialized when used for the first time.
+
+On NetWare, most applications (at least historically) run in the kernel.
+When running in the kernel, there is one instance of global variables.
+For regular application type NLM(s) this isn't a problem because they are
+the only ones using the globals. However, for a library NLM (an NLM which
+exposes functions and has no threads of execution), the globals cause
+problems. Applications could inadvertently step on each other if they
+change some globals. Even worse, the first application that triggers a
+global to be allocated and initialized has the allocated memory charged to
+itself. Now when that application unloads, NetWare will clean up all the
+applicaton's memory. The global pointer variables inside OpenSSL now
+point to freed memory. An abend waiting to happen!
+
+To work correctly in the kernel, library NLM(s) that use globals need to
+provide a set of globals (instance data) for each application. Another
+option is to require the library only be loaded in a protected address
+space along with the application using it.
+
+Modifying the OpenSSL code to provide a set of globals (instance data) for
+each application isn't technically difficult, but due to the large number
+globals it would require substantial code changes and it wasn't done. Hence,
+the build currently only builds static libraries which are then linked
+into each application.
+
+NOTE: If you are building a library NLM that uses the OpenSSL static
+libraries, you will still have to deal with the global variable issue.
+This is because when you link in the OpenSSL code you bring in all the
+globals. One possible solution for the global pointer variables is to
+register memory functions with OpenSSL which allocate memory and charge it
+to your library NLM (see the function CRYPTO_set_mem_functions). However,
+be aware that now all memory allocated by OpenSSL is charged to your NLM.
+
+
+CodeWarrior Tools and W2K
+---------------------------
+There have been problems reported with the CodeWarrior Linker
+(mwldnlm.exe) in the PDK 2.1 for NetWare when running on Windows 2000. The
+problems cause the link step to fail. The only work around is to obtain an
+updated linker from Metrowerks. It is expected Metrowerks will release
+PDK 3.0 (in beta testing at this time - May, 2001) in the near future which
+will fix these problems.
+
+
+Makefile "vclean"
+------------------
+The generated makefile has a "vclean" target which cleans up the build
+directories. If you have been building successfully and suddenly
+experience problems, use "vclean" (gmake -f netware\nlm_xxxx.mak vclean) and retry.
+
+
+"Undefined Symbol" Linker errors
+--------------------------------
+There have been linker errors reported when doing a CLIB build. The problems
+occur because some versions of the CLIB SDK import files inadvertently
+left out some symbols. One symbol in particular is "_lrotl". The missing
+functions are actually delivered in the binaries, but they were left out of
+the import files. The issues should be fixed in the September 2001 release
+of the NDK. If you experience the problems you can temporarily
+work around it by manually adding the missing symbols to your version of
+"clib.imp".
+
Copied: trunk/crypto/openssl/INSTALL.OS2 (from rev 7117, vendor-crypto/openssl/dist/INSTALL.OS2)
===================================================================
--- trunk/crypto/openssl/INSTALL.OS2 (rev 0)
+++ trunk/crypto/openssl/INSTALL.OS2 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,31 @@
+
+ Installation on OS/2
+ --------------------
+
+ You need to have the following tools installed:
+
+ * EMX GCC
+ * PERL
+ * GNU make
+
+
+ To build the makefile, run
+
+ > os2\os2-emx
+
+ This will configure OpenSSL and create OS2-EMX.mak which you then use to
+ build the OpenSSL libraries & programs by running
+
+ > make -f os2-emx.mak
+
+ If that finishes successfully you will find the libraries and programs in the
+ "out" directory.
+
+ Alternatively, you can make a dynamic build that puts the library code into
+ crypto.dll and ssl.dll by running
+
+ > make -f os2-emx-dll.mak
+
+ This will build the above mentioned dlls and a matching pair of import
+ libraries in the "out_dll" directory along with the set of test programs
+ and the openssl application.
Copied: trunk/crypto/openssl/INSTALL.VMS (from rev 7117, vendor-crypto/openssl/dist/INSTALL.VMS)
===================================================================
--- trunk/crypto/openssl/INSTALL.VMS (rev 0)
+++ trunk/crypto/openssl/INSTALL.VMS 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,293 @@
+ VMS Installation instructions
+ written by Richard Levitte
+ <richard at levitte.org>
+
+
+Intro:
+======
+
+This file is divided in the following parts:
+
+ Requirements - Mandatory reading.
+ Checking the distribution - Mandatory reading.
+ Compilation - Mandatory reading.
+ Logical names - Mandatory reading.
+ Test - Mandatory reading.
+ Installation - Mandatory reading.
+ Backward portability - Read if it's an issue.
+ Possible bugs or quirks - A few warnings on things that
+ may go wrong or may surprise you.
+ TODO - Things that are to come.
+
+
+Requirements:
+=============
+
+To build and install OpenSSL, you will need:
+
+ * DEC C or some other ANSI C compiler. VAX C is *not* supported.
+ [Note: OpenSSL has only been tested with DEC C. Compiling with
+ a different ANSI C compiler may require some work]
+
+Checking the distribution:
+==========================
+
+There have been reports of places where the distribution didn't quite get
+through, for example if you've copied the tree from a NFS-mounted Unix
+mount point.
+
+The easiest way to check if everything got through as it should is to check
+for one of the following files:
+
+ [.CRYPTO]OPENSSLCONF.H_IN
+ [.CRYPTO]OPENSSLCONF_H.IN
+
+They should never exist both at once, but one of them should (preferably
+the first variant). If you can't find any of those two, something went
+wrong.
+
+The best way to get a correct distribution is to download the gzipped tar
+file from ftp://ftp.openssl.org/source/, use GUNZIP to uncompress it and
+use VMSTAR to unpack the resulting tar file.
+
+GUNZIP is available in many places on the net. One of the distribution
+points is the WKU software archive, ftp://ftp.wku.edu/vms/fileserv/ .
+
+VMSTAR is also available in many places on the net. The recommended place
+to find information about it is http://www.free.lp.se/vmstar/ .
+
+
+Compilation:
+============
+
+I've used the very good command procedures written by Robert Byer
+<byer at mail.all-net.net>, and just slightly modified them, making
+them slightly more general and easier to maintain.
+
+You can actually compile in almost any directory separately. Look
+for a command procedure name xxx-LIB.COM (in the library directories)
+or MAKExxx.COM (in the program directories) and read the comments at
+the top to understand how to use them. However, if you want to
+compile all you can get, the simplest is to use MAKEVMS.COM in the top
+directory. The syntax is the following:
+
+ @MAKEVMS <option> <bits> <debug-p> [<compiler>]
+
+<option> must be one of the following:
+
+ ALL Just build "everything".
+ CONFIG Just build the "[.CRYPTO]OPENSSLCONF.H" file.
+ BUILDINF Just build the "[.INCLUDE]BUILDINF.H" file.
+ SOFTLINKS Just copies some files, to simulate Unix soft links.
+ BUILDALL Same as ALL, except CONFIG, BUILDINF and SOFTLINKS aren't done.
+ RSAREF Just build the "[.xxx.EXE.RSAREF]LIBRSAGLUE.OLB" library.
+ CRYPTO Just build the "[.xxx.EXE.CRYPTO]LIBCRYPTO.OLB" library.
+ SSL Just build the "[.xxx.EXE.SSL]LIBSSL.OLB" library.
+ SSL_TASK Just build the "[.xxx.EXE.SSL]SSL_TASK.EXE" program.
+ TEST Just build the "[.xxx.EXE.TEST]" test programs for OpenSSL.
+ APPS Just build the "[.xxx.EXE.APPS]" application programs for OpenSSL.
+
+<bits> must be one of the following:
+
+ "" compile using default pointer size
+ 32 compile using 32 bit pointer size
+ 64 compile using 64 bit pointer size
+
+<debug-p> must be one of the following:
+
+ DEBUG compile with debugging info (will not optimize)
+ NODEBUG compile without debugging info (will optimize)
+
+<compiler> must be one of the following:
+
+ DECC For DEC C.
+ GNUC For GNU C.
+
+
+You will find the crypto library in [.xxx.EXE.CRYPTO] (where xxx is VAX,
+ALPHA or IA64), called SSL_LIBCRYPTO32.OLB or SSL_LIBCRYPTO.OLB depending
+on how it was built. You will find the SSL library in [.xxx.EXE.SSL],
+named SSL_LIBSSL32.OLB or SSL_LIBSSL.OLB, and you will find a bunch of
+useful programs in [.xxx.EXE.APPS]. However, these shouldn't be used
+right off unless it's just to test them. For production use, make sure
+you install first, see Installation below.
+
+Note 1: Some programs in this package require a TCP/IP library.
+
+Note 2: if you want to compile the crypto library only, please make sure
+ you have at least done a @MAKEVMS CONFIG, a @MAKEVMS BUILDINF and
+ a @MAKEVMS SOFTLINKS. A lot of things will break if you don't.
+
+
+Logical names:
+==============
+
+There are a few things that can't currently be given through the command
+line. Instead, logical names are used.
+
+Currently, the logical names supported are:
+
+ OPENSSL_NO_ASM with value YES, the assembler parts of OpenSSL will
+ not be used. Instead, plain C implementations are
+ used. This is good to try if something doesn't work.
+ OPENSSL_NO_'alg' with value YES, the corresponding crypto algorithm
+ will not be implemented. Supported algorithms to
+ do this with are: RSA, DSA, DH, MD2, MD4, MD5, RIPEMD,
+ SHA, DES, MDC2, CR2, RC4, RC5, IDEA, BF, CAST, HMAC,
+ SSL2. So, for example, having the logical name
+ OPENSSL_NO_RSA with the value YES means that the
+ LIBCRYPTO.OLB library will not contain an RSA
+ implementation.
+
+
+Test:
+=====
+
+Testing is very simple, just do the following:
+
+ @[.TEST]TESTS
+
+If a test fails, try with defining the logical name OPENSSL_NO_ASM (yes,
+it's an ugly hack!) and rebuild. Please send a bug report to
+<openssl-bugs at openssl.org>, including the output of "openssl version -a"
+and of the failed test.
+
+
+Installation:
+=============
+
+Installation is easy, just do the following:
+
+ @INSTALL <root> <bits>
+
+<root> is the directory in which everything will be installed,
+subdirectories, libraries, header files, programs and startup command
+procedures.
+
+<bits> works the same way as for MAKEVMS.COM
+
+N.B.: INSTALL.COM builds a new directory structure, different from
+the directory tree where you have now build OpenSSL.
+
+In the [.VMS] subdirectory of the installation, you will find the
+following command procedures:
+
+ OPENSSL_STARTUP.COM
+
+ defines all needed logical names. Takes one argument that
+ tells it in what logical name table to insert the logical
+ names. If you insert if it SYS$MANAGER:SYSTARTUP_VMS.COM, the
+ call should look like this:
+
+ @openssldev:[openssldir.VMS]OPENSSL_STARTUP "/SYSTEM"
+
+ OPENSSL_UTILS.COM
+
+ sets up the symbols to the applications. Should be called
+ from for example SYS$MANAGER:SYLOGIN.COM
+
+ OPENSSL_UNDO.COM
+
+ deassigns the logical names created with OPENSSL_STARTUP.COM.
+
+The logical names that are set up are the following:
+
+ SSLROOT a dotted concealed logical name pointing at the
+ root directory.
+
+ SSLCERTS Initially an empty directory, this is the default
+ location for certificate files.
+ SSLPRIVATE Initially an empty directory, this is the default
+ location for private key files.
+
+ SSLEXE Contains the openssl binary and a few other utility
+ programs.
+ SSLINCLUDE Contains the header files needed if you want to
+ compile programs with libcrypto or libssl.
+ SSLLIB Contains the OpenSSL library files themselves:
+ - SSL_LIBCRYPTO32.OLB and SSL_LIBSSL32.OLB or
+ - SSL_LIBCRYPTO.OLB and SSL_LIBSSL.OLB
+
+ OPENSSL Same as SSLINCLUDE. This is because the standard
+ way to include OpenSSL header files from version
+ 0.9.3 and on is:
+
+ #include <openssl/header.h>
+
+ For more info on this issue, see the INSTALL. file
+ (the NOTE in section 4 of "Installation in Detail").
+ You don't need to "deleting old header files"!!!
+
+
+Backward portability:
+=====================
+
+One great problem when you build a library is making sure it will work
+on as many versions of VMS as possible. Especially, code compiled on
+OpenVMS version 7.x and above tend to be unusable in version 6.x or
+lower, because some C library routines have changed names internally
+(the C programmer won't usually see it, because the old name is
+maintained through C macros). One obvious solution is to make sure
+you have a development machine with an old enough version of OpenVMS.
+However, if you are stuck with a bunch of Alphas running OpenVMS version
+7.1, you seem to be out of luck. Fortunately, the DEC C header files
+are cluttered with conditionals that make some declarations and definitions
+dependent on the OpenVMS version or the C library version, *and* you
+can use those macros to simulate older OpenVMS or C library versions,
+by defining the macros _VMS_V6_SOURCE, __VMS_VER and __CTRL_VER with
+correct values. In the compilation scripts, I've provided the possibility
+for the user to influence the creation of such macros, through a bunch of
+symbols, all having names starting with USER_. Here's the list of them:
+
+ USER_CCFLAGS - Used to give additional qualifiers to the
+ compiler. It can't be used to define macros
+ since the scripts will do such things as well.
+ To do such things, use USER_CCDEFS.
+ USER_CCDEFS - Used to define macros on the command line. The
+ value of this symbol will be inserted inside a
+ /DEFINE=(...).
+ USER_CCDISABLEWARNINGS - Used to disable some warnings. The value is
+ inserted inside a /DISABLE=WARNING=(...).
+
+So, to maintain backward compatibility with older VMS versions, do the
+following before you start compiling:
+
+ $ USER_CCDEFS := _VMS_V6_SOURCE=1,__VMS_VER=60000000,__CRTL_VER=60000000
+ $ USER_CCDISABLEWARNINGS := PREOPTW
+
+The USER_CCDISABLEWARNINGS is there because otherwise, DEC C will complain
+that those macros have been changed.
+
+Note: Currently, this is only useful for library compilation. The
+ programs will still be linked with the current version of the
+ C library shareable image, and will thus complain if they are
+ faced with an older version of the same C library shareable image.
+ This will probably be fixed in a future revision of OpenSSL.
+
+
+Possible bugs or quirks:
+========================
+
+I'm not perfectly sure all the programs will use the SSLCERTS:
+directory by default, it may very well be that you have to give them
+extra arguments. Please experiment.
+
+
+TODO:
+=====
+
+There are a few things that need to be worked out in the VMS version of
+OpenSSL, still:
+
+- Description files. ("Makefile's" :-))
+- Script code to link an already compiled build tree.
+- A VMSINSTALlable version (way in the future, unless someone else hacks).
+- shareable images (DLL for you Windows folks).
+
+There may be other things that I have missed and that may be desirable.
+Please send mail to <openssl-users at openssl.org> or to me directly if you
+have any ideas.
+
+--
+Richard Levitte <richard at levitte.org>
+2000-02-27, 2011-03-18
Copied: trunk/crypto/openssl/INSTALL.W32 (from rev 7117, vendor-crypto/openssl/dist/INSTALL.W32)
===================================================================
--- trunk/crypto/openssl/INSTALL.W32 (rev 0)
+++ trunk/crypto/openssl/INSTALL.W32 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,325 @@
+
+ INSTALLATION ON THE WIN32 PLATFORM
+ ----------------------------------
+
+ [Instructions for building for Windows CE can be found in INSTALL.WCE]
+ [Instructions for building for Win64 can be found in INSTALL.W64]
+
+ Here are a few comments about building OpenSSL for Win32 environments,
+ such as Windows NT and Windows 9x. It should be noted though that
+ Windows 9x are not ordinarily tested. Its mention merely means that we
+ attempt to maintain certain programming discipline and pay attention
+ to backward compatibility issues, in other words it's kind of expected
+ to work on Windows 9x, but no regression tests are actually performed.
+
+ On additional note newer OpenSSL versions are compiled and linked with
+ Winsock 2. This means that minimum OS requirement was elevated to NT 4
+ and Windows 98 [there is Winsock 2 update for Windows 95 though].
+
+ - you need Perl for Win32. Unless you will build on Cygwin, you will need
+ ActiveState Perl, available from http://www.activestate.com/ActivePerl.
+
+ - one of the following C compilers:
+
+ * Visual C++
+ * Borland C
+ * GNU C (Cygwin or MinGW)
+
+- Netwide Assembler, a.k.a. NASM, available from http://nasm.sourceforge.net/
+ is required if you intend to utilize assembler modules. Note that NASM
+ is now the only supported assembler.
+
+ If you are compiling from a tarball or a Git snapshot then the Win32 files
+ may well be not up to date. This may mean that some "tweaking" is required to
+ get it all to work. See the trouble shooting section later on for if (when?)
+ it goes wrong.
+
+ Visual C++
+ ----------
+
+ If you want to compile in the assembly language routines with Visual
+ C++, then you will need already mentioned Netwide Assembler binary,
+ nasmw.exe or nasm.exe, to be available on your %PATH%.
+
+ Firstly you should run Configure with platform VC-WIN32:
+
+ > perl Configure VC-WIN32 --prefix=c:\some\openssl\dir
+
+ Where the prefix argument specifies where OpenSSL will be installed to.
+
+ Next you need to build the Makefiles and optionally the assembly
+ language files:
+
+ - If you are using NASM then run:
+
+ > ms\do_nasm
+
+ - If you don't want to use the assembly language files at all then run:
+
+ > perl Configure VC-WIN32 no-asm --prefix=c:/some/openssl/dir
+ > ms\do_ms
+
+ If you get errors about things not having numbers assigned then check the
+ troubleshooting section: you probably won't be able to compile it as it
+ stands.
+
+ Then from the VC++ environment at a prompt do:
+
+ > nmake -f ms\ntdll.mak
+
+ If all is well it should compile and you will have some DLLs and
+ executables in out32dll. If you want to try the tests then do:
+
+ > nmake -f ms\ntdll.mak test
+
+
+ To install OpenSSL to the specified location do:
+
+ > nmake -f ms\ntdll.mak install
+
+ Tweaks:
+
+ There are various changes you can make to the Win32 compile
+ environment. By default the library is not compiled with debugging
+ symbols. If you use the platform debug-VC-WIN32 instead of VC-WIN32
+ then debugging symbols will be compiled in.
+
+ By default in 1.0.0 OpenSSL will compile builtin ENGINES into the
+ separate shared librariesy. If you specify the "enable-static-engine"
+ option on the command line to Configure the shared library build
+ (ms\ntdll.mak) will compile the engines into libeay32.dll instead.
+
+ The default Win32 environment is to leave out any Windows NT specific
+ features.
+
+ If you want to enable the NT specific features of OpenSSL (currently
+ only the logging BIO) follow the instructions above but call the batch
+ file do_nt.bat instead of do_ms.bat.
+
+ You can also build a static version of the library using the Makefile
+ ms\nt.mak
+
+
+ Borland C++ builder 5
+ ---------------------
+
+ * Configure for building with Borland Builder:
+ > perl Configure BC-32
+
+ * Create the appropriate makefile
+ > ms\do_nasm
+
+ * Build
+ > make -f ms\bcb.mak
+
+ Borland C++ builder 3 and 4
+ ---------------------------
+
+ * Setup PATH. First must be GNU make then bcb4/bin
+
+ * Run ms\bcb4.bat
+
+ * Run make:
+ > make -f bcb.mak
+
+ GNU C (Cygwin)
+ --------------
+
+ Cygwin implements a Posix/Unix runtime system (cygwin1.dll) on top of
+ Win32 subsystem and provides a bash shell and GNU tools environment.
+ Consequently, a make of OpenSSL with Cygwin is virtually identical to
+ Unix procedure. It is also possible to create Win32 binaries that only
+ use the Microsoft C runtime system (msvcrt.dll or crtdll.dll) using
+ MinGW. MinGW can be used in the Cygwin development environment or in a
+ standalone setup as described in the following section.
+
+ To build OpenSSL using Cygwin:
+
+ * Install Cygwin (see http://cygwin.com/)
+
+ * Install Perl and ensure it is in the path. Both Cygwin perl
+ (5.6.1-2 or newer) and ActivePerl work.
+
+ * Run the Cygwin bash shell
+
+ * $ tar zxvf openssl-x.x.x.tar.gz
+ $ cd openssl-x.x.x
+
+ To build the Cygwin version of OpenSSL:
+
+ $ ./config
+ [...]
+ $ make
+ [...]
+ $ make test
+ $ make install
+
+ This will create a default install in /usr/local/ssl.
+
+ To build the MinGW version (native Windows) in Cygwin:
+
+ $ ./Configure mingw
+ [...]
+ $ make
+ [...]
+ $ make test
+ $ make install
+
+ Cygwin Notes:
+
+ "make test" and normal file operations may fail in directories
+ mounted as text (i.e. mount -t c:\somewhere /home) due to Cygwin
+ stripping of carriage returns. To avoid this ensure that a binary
+ mount is used, e.g. mount -b c:\somewhere /home.
+
+ "bc" is not provided in older Cygwin distribution. This causes a
+ non-fatal error in "make test" but is otherwise harmless. If
+ desired and needed, GNU bc can be built with Cygwin without change.
+
+ GNU C (MinGW/MSYS)
+ -------------
+
+ * Compiler and shell environment installation:
+
+ MinGW and MSYS are available from http://www.mingw.org/, both are
+ required. Run the installers and do whatever magic they say it takes
+ to start MSYS bash shell with GNU tools on its PATH.
+
+ N.B. Since source tar-ball can contain symbolic links, it's essential
+ that you use accompanying MSYS tar to unpack the source. It will
+ either handle them in one way or another or fail to extract them,
+ which does the trick too. Latter means that you may safely ignore all
+ "cannot create symlink" messages, as they will be "re-created" at
+ configure stage by copying corresponding files. Alternative programs
+ were observed to create empty files instead, which results in build
+ failure.
+
+ * Compile OpenSSL:
+
+ $ ./config
+ [...]
+ $ make
+ [...]
+ $ make test
+
+ This will create the library and binaries in root source directory
+ and openssl.exe application in apps directory.
+
+ It is also possible to cross-compile it on Linux by configuring
+ with './Configure --cross-compile-prefix=i386-mingw32- mingw ...'.
+ 'make test' is naturally not applicable then.
+
+ libcrypto.a and libssl.a are the static libraries. To use the DLLs,
+ link with libeay32.a and libssl32.a instead.
+
+ See troubleshooting if you get error messages about functions not
+ having a number assigned.
+
+ Installation
+ ------------
+
+ If you used the Cygwin procedure above, you have already installed and
+ can skip this section. For all other procedures, there's currently no real
+ installation procedure for Win32. There are, however, some suggestions:
+
+ - do nothing. The include files are found in the inc32/ subdirectory,
+ all binaries are found in out32dll/ or out32/ depending if you built
+ dynamic or static libraries.
+
+ - do as is written in INSTALL.Win32 that comes with modssl:
+
+ $ md c:\openssl
+ $ md c:\openssl\bin
+ $ md c:\openssl\lib
+ $ md c:\openssl\include
+ $ md c:\openssl\include\openssl
+ $ copy /b inc32\openssl\* c:\openssl\include\openssl
+ $ copy /b out32dll\ssleay32.lib c:\openssl\lib
+ $ copy /b out32dll\libeay32.lib c:\openssl\lib
+ $ copy /b out32dll\ssleay32.dll c:\openssl\bin
+ $ copy /b out32dll\libeay32.dll c:\openssl\bin
+ $ copy /b out32dll\openssl.exe c:\openssl\bin
+
+ Of course, you can choose another device than c:. C: is used here
+ because that's usually the first (and often only) harddisk device.
+ Note: in the modssl INSTALL.Win32, p: is used rather than c:.
+
+
+ Troubleshooting
+ ---------------
+
+ Since the Win32 build is only occasionally tested it may not always compile
+ cleanly. If you get an error about functions not having numbers assigned
+ when you run ms\do_ms then this means the Win32 ordinal files are not up to
+ date. You can do:
+
+ > perl util\mkdef.pl crypto ssl update
+
+ then ms\do_XXX should not give a warning any more. However the numbers that
+ get assigned by this technique may not match those that eventually get
+ assigned in the Git tree: so anything linked against this version of the
+ library may need to be recompiled.
+
+ If you get errors about unresolved symbols there are several possible
+ causes.
+
+ If this happens when the DLL is being linked and you have disabled some
+ ciphers then it is possible the DEF file generator hasn't removed all
+ the disabled symbols: the easiest solution is to edit the DEF files manually
+ to delete them. The DEF files are ms\libeay32.def ms\ssleay32.def.
+
+ Another cause is if you missed or ignored the errors about missing numbers
+ mentioned above.
+
+ If you get warnings in the code then the compilation will halt.
+
+ The default Makefile for Win32 halts whenever any warnings occur. Since VC++
+ has its own ideas about warnings which don't always match up to other
+ environments this can happen. The best fix is to edit the file with the
+ warning in and fix it. Alternatively you can turn off the halt on warnings by
+ editing the CFLAG line in the Makefile and deleting the /WX option.
+
+ You might get compilation errors. Again you will have to fix these or report
+ them.
+
+ One final comment about compiling applications linked to the OpenSSL library.
+ If you don't use the multithreaded DLL runtime library (/MD option) your
+ program will almost certainly crash because malloc gets confused -- the
+ OpenSSL DLLs are statically linked to one version, the application must
+ not use a different one. You might be able to work around such problems
+ by adding CRYPTO_malloc_init() to your program before any calls to the
+ OpenSSL libraries: This tells the OpenSSL libraries to use the same
+ malloc(), free() and realloc() as the application. However there are many
+ standard library functions used by OpenSSL that call malloc() internally
+ (e.g. fopen()), and OpenSSL cannot change these; so in general you cannot
+ rely on CRYPTO_malloc_init() solving your problem, and you should
+ consistently use the multithreaded library.
+
+ Linking your application
+ ------------------------
+
+ If you link with static OpenSSL libraries [those built with ms/nt.mak],
+ then you're expected to additionally link your application with
+ WS2_32.LIB, ADVAPI32.LIB, GDI32.LIB and USER32.LIB. Those developing
+ non-interactive service applications might feel concerned about linking
+ with the latter two, as they are justly associated with interactive
+ desktop, which is not available to service processes. The toolkit is
+ designed to detect in which context it's currently executed, GUI,
+ console app or service, and act accordingly, namely whether or not to
+ actually make GUI calls. Additionally those who wish to
+ /DELAYLOAD:GDI32.DLL and /DELAYLOAD:USER32.DLL and actually keep them
+ off service process should consider implementing and exporting from
+ .exe image in question own _OPENSSL_isservice not relying on USER32.DLL.
+ E.g., on Windows Vista and later you could:
+
+ __declspec(dllexport) __cdecl BOOL _OPENSSL_isservice(void)
+ { DWORD sess;
+ if (ProcessIdToSessionId(GetCurrentProcessId(),&sess))
+ return sess==0;
+ return FALSE;
+ }
+
+ If you link with OpenSSL .DLLs, then you're expected to include into
+ your application code small "shim" snippet, which provides glue between
+ OpenSSL BIO layer and your compiler run-time. Look up OPENSSL_Applink
+ reference page for further details.
Copied: trunk/crypto/openssl/INSTALL.W64 (from rev 7117, vendor-crypto/openssl/dist/INSTALL.W64)
===================================================================
--- trunk/crypto/openssl/INSTALL.W64 (rev 0)
+++ trunk/crypto/openssl/INSTALL.W64 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,66 @@
+
+ INSTALLATION ON THE WIN64 PLATFORM
+ ----------------------------------
+
+ Caveat lector
+ -------------
+
+ As of moment of this writing Win64 support is classified "initial"
+ for the following reasons.
+
+ - No assembler modules are engaged upon initial 0.9.8 release.
+ - API might change within 0.9.8 life-span, *but* in a manner which
+ doesn't break backward binary compatibility. Or in other words,
+ application programs compiled with initial 0.9.8 headers will
+ be expected to work with future minor release .DLL without need
+ to re-compile, even if future minor release features modified API.
+ - Above mentioned API modifications have everything to do with
+ elimination of a number of limitations, which are normally
+ considered inherent to 32-bit platforms. Which in turn is why they
+ are treated as limitations on 64-bit platform such as Win64:-)
+ The current list comprises [but not necessarily limited to]:
+
+ - null-terminated strings may not be longer than 2G-1 bytes,
+ longer strings are treated as zero-length;
+ - dynamically and *internally* allocated chunks can't be larger
+ than 2G-1 bytes;
+ - inability to encrypt/decrypt chunks of data larger than 4GB
+ [it's possibly to *hash* chunks of arbitrary size through];
+
+ Neither of these is actually big deal and hardly encountered
+ in real-life applications.
+
+ Compiling procedure
+ -------------------
+
+ You will need Perl. You can run under Cygwin or you can download
+ ActiveState Perl from http://www.activestate.com/ActivePerl.
+
+ You will need Microsoft Platform SDK, available for download at
+ http://www.microsoft.com/msdownload/platformsdk/sdkupdate/. As per
+ April 2005 Platform SDK is equipped with Win64 compilers, as well
+ as assemblers, but it might change in the future.
+
+ To build for Win64/x64:
+
+ > perl Configure VC-WIN64A
+ > ms\do_win64a
+ > nmake -f ms\ntdll.mak
+ > cd out32dll
+ > ..\ms\test
+
+ To build for Win64/IA64:
+
+ > perl Configure VC-WIN64I
+ > ms\do_win64i
+ > nmake -f ms\ntdll.mak
+ > cd out32dll
+ > ..\ms\test
+
+ Naturally test-suite itself has to be executed on the target platform.
+
+ Installation
+ ------------
+
+ TBD, for now see INSTALL.W32.
+
Copied: trunk/crypto/openssl/INSTALL.WCE (from rev 7117, vendor-crypto/openssl/dist/INSTALL.WCE)
===================================================================
--- trunk/crypto/openssl/INSTALL.WCE (rev 0)
+++ trunk/crypto/openssl/INSTALL.WCE 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,95 @@
+
+ INSTALLATION FOR THE WINDOWS CE PLATFORM
+ ----------------------------------------
+
+ Building OpenSSL for Windows CE requires the following external tools:
+
+ * Microsoft eMbedded Visual C++ 3.0 or later
+ * Appropriate SDK might be required
+ * Perl for Win32 [commonly recommended ActiveState Perl is available
+ from http://www.activestate.com/Products/ActivePerl/]
+
+ * wcecompat compatibility library available at
+ http://www.essemer.com.au/windowsce/
+ * Optionally ceutils for running automated tests (same location)
+
+ _or_
+
+ * PocketConsole driver and PortSDK available at
+ http://www.symbolictools.de/public/pocketconsole/
+ * CMD command interpreter (same location)
+
+ As Windows CE support in OpenSSL relies on 3rd party compatibility
+ library, it's appropriate to check corresponding URL for updates. For
+ example if you choose wcecompat, note that as for the moment of this
+ writing version 1.2 is available and actually required for WCE 4.2
+ and newer platforms. All wcecompat issues should be directed to
+ www.essemer.com.au.
+
+ Why compatibility library at all? The C Runtime Library implementation
+ for Windows CE that is included with Microsoft eMbedded Visual C++ is
+ incomplete and in some places incorrect. Compatibility library plugs
+ the holes and tries to bring the Windows CE CRT to [more] usable level.
+ Most gaping hole in CRT is support for stdin/stdout/stderr IO, which
+ proposed compatibility libraries solve in two different ways: wcecompat
+ redirects IO to active sync link, while PortSDK - to NT-like console
+ driver on the handheld itself.
+
+ Building
+ --------
+
+ Setup the eMbedded Visual C++ environment. There are batch files for doing
+ this installed with eVC++. For an ARM processor, for example, execute:
+
+ > "C:\Program Files\Microsoft eMbedded Tools\EVC\WCE300\BIN\WCEARM.BAT"
+
+ Next pick compatibility library according to your preferences.
+
+ 1. To choose wcecompat set up WCECOMPAT environment variable pointing
+ at the location of wcecompat tree "root":
+
+ > set WCECOMPAT=C:\wcecompat
+ > set PORTSDK_LIBPATH=
+
+ 2. To choose PortSDK set up PORTSDK_LIBPATH to point at hardware-
+ specific location where your portlib.lib is installed:
+
+ > set PORTSDK_LIBPATH=C:\PortSDK\lib\ARM
+ > set WCECOMPAT=
+
+ Note that you may not set both variables.
+
+ Next you should run Configure:
+
+ > perl Configure VC-CE
+
+ Next you need to build the Makefiles:
+
+ > ms\do_ms
+
+ If you get errors about things not having numbers assigned then check the
+ troubleshooting section in INSTALL.W32: you probably won't be able to compile
+ it as it stands.
+
+ Then from the VC++ environment at a prompt do:
+
+ > nmake -f ms\cedll.mak
+
+ [note that static builds are not supported under CE]
+
+ If all is well it should compile and you will have some DLLs and executables
+ in out32dll*.
+
+ <<< everyting below needs revision in respect to wcecompat vs. PortSDK >>>
+
+ If you want
+ to try the tests then make sure the ceutils are in the path and do:
+
+ > cd out32
+ > ..\ms\testce
+
+ This will copy each of the test programs to the Windows CE device and execute
+ them, displaying the output of the tests on this computer. The output should
+ look similar to the output produced by running the tests for a regular Windows
+ build.
+
Modified: trunk/crypto/openssl/Makefile
===================================================================
--- trunk/crypto/openssl/Makefile 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/Makefile 2015-07-21 23:23:45 UTC (rev 7118)
@@ -4,16 +4,16 @@
## Makefile for OpenSSL
##
-VERSION=0.9.8zg
-MAJOR=0
-MINOR=9.8
-SHLIB_VERSION_NUMBER=0.9.8
+VERSION=1.0.1o
+MAJOR=1
+MINOR=0.1
+SHLIB_VERSION_NUMBER=1.0.0
SHLIB_VERSION_HISTORY=
-SHLIB_MAJOR=0
-SHLIB_MINOR=9.8
+SHLIB_MAJOR=1
+SHLIB_MINOR=0.0
SHLIB_EXT=
PLATFORM=dist
-OPTIONS= no-camellia no-capieng no-cms no-gmp no-jpake no-krb5 no-mdc2 no-montasm no-rc5 no-rfc3779 no-seed no-shared no-zlib no-zlib-dynamic
+OPTIONS= no-ec_nistp_64_gcc_128 no-gmp no-jpake no-krb5 no-md2 no-rc5 no-rfc3779 no-sctp no-shared no-store no-unit-test no-zlib no-zlib-dynamic static-engine
CONFIGURE_ARGS=dist
SHLIB_TARGET=
@@ -61,14 +61,14 @@
CC= cc
CFLAG= -O
-DEPFLAG= -DOPENSSL_NO_CAMELLIA -DOPENSSL_NO_CAPIENG -DOPENSSL_NO_CMS -DOPENSSL_NO_GMP -DOPENSSL_NO_JPAKE -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SEED
+DEPFLAG= -DOPENSSL_NO_EC_NISTP_64_GCC_128 -DOPENSSL_NO_GMP -DOPENSSL_NO_JPAKE -DOPENSSL_NO_MD2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SCTP -DOPENSSL_NO_STORE -DOPENSSL_NO_UNIT_TEST
PEX_LIBS=
EX_LIBS=
EXE_EXT=
ARFLAGS=
AR= ar $(ARFLAGS) r
-ARD=ar $(ARFLAGS) d
RANLIB= /usr/bin/ranlib
+NM= nm
PERL= /usr/bin/perl
TAR= tar
TARFLAGS= --no-recursion --record-size=10240
@@ -88,10 +88,10 @@
PROCESSOR=
# CPUID module collects small commonly used assembler snippets
-CPUID_OBJ=
+CPUID_OBJ= mem_clr.o
BN_ASM= bn_asm.o
DES_ENC= des_enc.o fcrypt_b.o
-AES_ASM_OBJ= aes_core.o aes_cbc.o
+AES_ENC= aes_core.o aes_cbc.o
BF_ENC= bf_enc.o
CAST_ENC= c_enc.o
RC4_ENC= rc4_enc.o rc4_skey.o
@@ -99,6 +99,11 @@
MD5_ASM_OBJ=
SHA1_ASM_OBJ=
RMD160_ASM_OBJ=
+WP_ASM_OBJ= wp_block.o
+CMLL_ENC= camellia.o cmll_misc.o cmll_cbc.o
+MODES_ASM_OBJ=
+ENGINES_ASM_OBJ=
+PERLASM_SCHEME=
# KRB5 stuff
KRB5_INCLUDES=
@@ -108,20 +113,18 @@
ZLIB_INCLUDE=
LIBZLIB=
+# TOP level FIPS install directory.
+FIPSDIR=/usr/local/ssl/fips-2.0
+
# This is the location of fipscanister.o and friends.
# The FIPS module build will place it $(INSTALLTOP)/lib
# but since $(INSTALLTOP) can only take the default value
# when the module is built it will be in /usr/local/ssl/lib
-# $(INSTALLTOP) for this build make be different so hard
+# $(INSTALLTOP) for this build may be different so hard
# code the path.
-FIPSLIBDIR=/usr/local/ssl/fips-1.0/lib/
+FIPSLIBDIR=
-# This is set to "y" if fipscanister.o is compiled internally as
-# opposed to coming from an external validated location.
-
-FIPSCANISTERINTERNAL=n
-
# The location of the library which contains fipscanister.o
# normally it will be libcrypto unless fipsdso is set in which
# case it will be libfips. If not compiling in FIPS mode at all
@@ -135,17 +138,18 @@
BASEADDR=0xFB00000
DIRS= crypto ssl engines apps test tools
+ENGDIRS= ccgost
SHLIBDIRS= crypto ssl
# dirs in crypto to build
SDIRS= \
objects \
- md2 md4 md5 sha hmac ripemd \
- des aes rc2 rc4 idea bf cast \
+ md4 md5 sha mdc2 hmac ripemd whrlpool \
+ des aes rc2 rc4 idea bf cast camellia seed modes \
bn ec rsa dsa ecdsa dh ecdh dso engine \
buffer bio stack lhash rand err \
evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 \
- store pqueue
+ cms pqueue ts srp cmac
# keep in mind that the above list is adjusted by ./Configure
# according to no-xxx arguments...
@@ -159,6 +163,8 @@
MAN1=1
MAN3=3
MANSUFFIX=
+HTMLSUFFIX=html
+HTMLDIR=$(OPENSSLDIR)/html
SHELL=/bin/sh
TOP= .
@@ -168,7 +174,6 @@
LIBS= libcrypto.a libssl.a
SHARED_CRYPTO=libcrypto$(SHLIB_EXT)
SHARED_SSL=libssl$(SHLIB_EXT)
-SHARED_FIPS=
SHARED_LIBS=
SHARED_LIBS_LINK_EXTS=
SHARED_LDFLAGS=
@@ -181,7 +186,7 @@
EXHEADER= e_os2.h
HEADER= e_os.h
-all: Makefile build_all openssl.pc libssl.pc libcrypto.pc
+all: Makefile build_all
# as we stick to -e, CLEARENV ensures that local variables in lower
# Makefiles remain local and variable. $${VAR+VAR} is tribute to Korn
@@ -195,38 +200,44 @@
$${EXHEADER+EXHEADER} $${HEADER+HEADER} \
$${GENERAL+GENERAL} $${CFLAGS+CFLAGS} \
$${ASFLAGS+ASFLAGS} $${AFLAGS+AFLAGS} \
- $${LDCMD+LDCMD} $${LDFLAGS+LDFLAGS} \
+ $${LDCMD+LDCMD} $${LDFLAGS+LDFLAGS} $${SCRIPTS+SCRIPTS} \
$${SHAREDCMD+SHAREDCMD} $${SHAREDFLAGS+SHAREDFLAGS} \
$${SHARED_LIB+SHARED_LIB} $${LIBEXTRAS+LIBEXTRAS}
-BUILDENV= PLATFORM='${PLATFORM}' PROCESSOR='${PROCESSOR}' \
- CC='${CC}' CFLAG='${CFLAG}' \
- AS='${CC}' ASFLAG='${CFLAG} -c' \
- AR='${AR}' PERL='${PERL}' RANLIB='${RANLIB}' \
- SDIRS='${SDIRS}' LIBRPATH='${INSTALLTOP}/$(LIBDIR)' \
- INSTALL_PREFIX='${INSTALL_PREFIX}' \
- INSTALLTOP='${INSTALLTOP}' OPENSSLDIR='${OPENSSLDIR}' \
- LIBDIR='${LIBDIR}' \
- MAKEDEPEND='$$$${TOP}/util/domd $$$${TOP} -MD ${MAKEDEPPROG}' \
- DEPFLAG='-DOPENSSL_NO_DEPRECATED ${DEPFLAG}' \
- MAKEDEPPROG='${MAKEDEPPROG}' \
- SHARED_LDFLAGS='${SHARED_LDFLAGS}' \
- KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' \
- EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' \
- SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' \
- PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' \
- CPUID_OBJ='${CPUID_OBJ}' \
- BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' \
- AES_ASM_OBJ='${AES_ASM_OBJ}' \
- BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' \
- RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' \
- SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' \
- MD5_ASM_OBJ='${MD5_ASM_OBJ}' \
- RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' \
+BUILDENV= PLATFORM='$(PLATFORM)' PROCESSOR='$(PROCESSOR)' \
+ CC='$(CC)' CFLAG='$(CFLAG)' \
+ AS='$(CC)' ASFLAG='$(CFLAG) -c' \
+ AR='$(AR)' NM='$(NM)' RANLIB='$(RANLIB)' \
+ CROSS_COMPILE='$(CROSS_COMPILE)' \
+ PERL='$(PERL)' ENGDIRS='$(ENGDIRS)' \
+ SDIRS='$(SDIRS)' LIBRPATH='$(INSTALLTOP)/$(LIBDIR)' \
+ INSTALL_PREFIX='$(INSTALL_PREFIX)' \
+ INSTALLTOP='$(INSTALLTOP)' OPENSSLDIR='$(OPENSSLDIR)' \
+ LIBDIR='$(LIBDIR)' \
+ MAKEDEPEND='$$$${TOP}/util/domd $$$${TOP} -MD $(MAKEDEPPROG)' \
+ DEPFLAG='-DOPENSSL_NO_DEPRECATED $(DEPFLAG)' \
+ MAKEDEPPROG='$(MAKEDEPPROG)' \
+ SHARED_LDFLAGS='$(SHARED_LDFLAGS)' \
+ KRB5_INCLUDES='$(KRB5_INCLUDES)' LIBKRB5='$(LIBKRB5)' \
+ ZLIB_INCLUDE='$(ZLIB_INCLUDE)' LIBZLIB='$(LIBZLIB)' \
+ EXE_EXT='$(EXE_EXT)' SHARED_LIBS='$(SHARED_LIBS)' \
+ SHLIB_EXT='$(SHLIB_EXT)' SHLIB_TARGET='$(SHLIB_TARGET)' \
+ PEX_LIBS='$(PEX_LIBS)' EX_LIBS='$(EX_LIBS)' \
+ CPUID_OBJ='$(CPUID_OBJ)' \
+ BN_ASM='$(BN_ASM)' DES_ENC='$(DES_ENC)' \
+ AES_ENC='$(AES_ENC)' CMLL_ENC='$(CMLL_ENC)' \
+ BF_ENC='$(BF_ENC)' CAST_ENC='$(CAST_ENC)' \
+ RC4_ENC='$(RC4_ENC)' RC5_ENC='$(RC5_ENC)' \
+ SHA1_ASM_OBJ='$(SHA1_ASM_OBJ)' \
+ MD5_ASM_OBJ='$(MD5_ASM_OBJ)' \
+ RMD160_ASM_OBJ='$(RMD160_ASM_OBJ)' \
+ WP_ASM_OBJ='$(WP_ASM_OBJ)' \
+ MODES_ASM_OBJ='$(MODES_ASM_OBJ)' \
+ ENGINES_ASM_OBJ='$(ENGINES_ASM_OBJ)' \
+ PERLASM_SCHEME='$(PERLASM_SCHEME)' \
FIPSLIBDIR='${FIPSLIBDIR}' \
+ FIPSDIR='${FIPSDIR}' \
FIPSCANLIB="$${FIPSCANLIB:-$(FIPSCANLIB)}" \
- FIPSCANISTERINTERNAL='${FIPSCANISTERINTERNAL}' \
- FIPS_EX_OBJ='${FIPS_EX_OBJ}' \
THIS=$${THIS:-$@} MAKEFILE=Makefile MAKEOVERRIDES=
# MAKEOVERRIDES= effectively "equalizes" GNU-ish and SysV-ish make flavors,
# which in turn eliminates ambiguities in variable treatment with -e.
@@ -245,14 +256,13 @@
# subdirectories defined in $(DIRS). It requires that the target
# is given through the shell variable `target'.
BUILD_CMD= if [ -d "$$dir" ]; then \
- ( [ $$target != all -a -z "$(FIPSCANLIB)" ] && FIPSCANLIB=/dev/null; \
- cd $$dir && echo "making $$target in $$dir..." && \
+ ( cd $$dir && echo "making $$target in $$dir..." && \
$(CLEARENV) && $(MAKE) -e $(BUILDENV) TOP=.. DIR=$$dir $$target \
) || exit 1; \
fi
RECURSIVE_BUILD_CMD=for dir in $(DIRS); do $(BUILD_CMD); done
BUILD_ONE_CMD=\
- if echo " $(DIRS) " | grep " $$dir " >/dev/null 2>/dev/null; then \
+ if expr " $(DIRS) " : ".* $$dir " >/dev/null 2>&1; then \
$(BUILD_CMD); \
fi
@@ -259,93 +269,25 @@
reflect:
@[ -n "$(THIS)" ] && $(CLEARENV) && $(MAKE) $(THIS) -e $(BUILDENV)
-FIPS_EX_OBJ= ../crypto/aes/aes_cfb.o \
- ../crypto/aes/aes_ecb.o \
- ../crypto/aes/aes_ofb.o \
- ../crypto/bn/bn_add.o \
- ../crypto/bn/bn_blind.o \
- ../crypto/bn/bn_ctx.o \
- ../crypto/bn/bn_div.o \
- ../crypto/bn/bn_exp2.o \
- ../crypto/bn/bn_exp.o \
- ../crypto/bn/bn_gcd.o \
- ../crypto/bn/bn_lib.o \
- ../crypto/bn/bn_mod.o \
- ../crypto/bn/bn_mont.o \
- ../crypto/bn/bn_mul.o \
- ../crypto/bn/bn_prime.o \
- ../crypto/bn/bn_rand.o \
- ../crypto/bn/bn_recp.o \
- ../crypto/bn/bn_shift.o \
- ../crypto/bn/bn_sqr.o \
- ../crypto/bn/bn_word.o \
- ../crypto/bn/bn_x931p.o \
- ../crypto/buffer/buf_str.o \
- ../crypto/cryptlib.o \
- ../crypto/des/cfb64ede.o \
- ../crypto/des/cfb64enc.o \
- ../crypto/des/cfb_enc.o \
- ../crypto/des/ecb3_enc.o \
- ../crypto/des/ecb_enc.o \
- ../crypto/des/ofb64ede.o \
- ../crypto/des/ofb64enc.o \
- ../crypto/des/fcrypt.o \
- ../crypto/des/set_key.o \
- ../crypto/dsa/dsa_utl.o \
- ../crypto/dsa/dsa_sign.o \
- ../crypto/dsa/dsa_vrf.o \
- ../crypto/err/err.o \
- ../crypto/evp/digest.o \
- ../crypto/evp/enc_min.o \
- ../crypto/evp/e_aes.o \
- ../crypto/evp/e_des3.o \
- ../crypto/evp/p_sign.o \
- ../crypto/evp/p_verify.o \
- ../crypto/mem_clr.o \
- ../crypto/mem.o \
- ../crypto/rand/md_rand.o \
- ../crypto/rand/rand_egd.o \
- ../crypto/rand/randfile.o \
- ../crypto/rand/rand_lib.o \
- ../crypto/rand/rand_os2.o \
- ../crypto/rand/rand_unix.o \
- ../crypto/rand/rand_win.o \
- ../crypto/rsa/rsa_lib.o \
- ../crypto/rsa/rsa_none.o \
- ../crypto/rsa/rsa_oaep.o \
- ../crypto/rsa/rsa_pk1.o \
- ../crypto/rsa/rsa_pss.o \
- ../crypto/rsa/rsa_ssl.o \
- ../crypto/rsa/rsa_x931.o \
- ../crypto/sha/sha1dgst.o \
- ../crypto/sha/sha256.o \
- ../crypto/sha/sha512.o \
- ../crypto/uid.o
-
sub_all: build_all
build_all: build_libs build_apps build_tests build_tools
-build_libs: build_crypto build_fips build_ssl build_shared build_engines
+build_libs: build_libcrypto build_libssl openssl.pc
+build_libcrypto: build_crypto build_engines libcrypto.pc
+build_libssl: build_ssl libssl.pc
+
build_crypto:
- if [ -n "$(FIPSCANLIB)" ]; then \
- EXCL_OBJ='$(AES_ASM_OBJ) $(BN_ASM) $(DES_ENC) $(CPUID_OBJ) $(SHA1_ASM_OBJ) $(FIPS_EX_OBJ)' ; export EXCL_OBJ ; \
- ARX='$(PERL) $${TOP}/util/arx.pl $(AR)' ; \
- else \
- ARX='${AR}' ; \
- fi ; export ARX ; \
- dir=crypto; target=all; $(BUILD_ONE_CMD)
-build_fips:
- @dir=fips; target=all; [ -z "$(FIPSCANLIB)" ] || $(BUILD_ONE_CMD)
-build_ssl: build_crypto
+ @dir=crypto; target=all; $(BUILD_ONE_CMD)
+build_ssl:
@dir=ssl; target=all; $(BUILD_ONE_CMD)
-build_engines: build_crypto
+build_engines:
@dir=engines; target=all; $(BUILD_ONE_CMD)
-build_apps: build_libs
+build_apps:
@dir=apps; target=all; $(BUILD_ONE_CMD)
-build_tests: build_libs
+build_tests:
@dir=test; target=all; $(BUILD_ONE_CMD)
-build_tools: build_libs
+build_tools:
@dir=tools; target=all; $(BUILD_ONE_CMD)
all_testapps: build_libs build_testapps
@@ -352,20 +294,21 @@
build_testapps:
@dir=crypto; target=testapps; $(BUILD_ONE_CMD)
-build_shared: $(SHARED_LIBS)
-libcrypto$(SHLIB_EXT): libcrypto.a $(SHARED_FIPS)
+fips_premain_dso$(EXE_EXT): libcrypto.a
+ [ -z "$(FIPSCANLIB)" ] || $(CC) $(CFLAG) -Iinclude \
+ -DFINGERPRINT_PREMAIN_DSO_LOAD -o $@ \
+ $(FIPSLIBDIR)fips_premain.c $(FIPSLIBDIR)fipscanister.o \
+ libcrypto.a $(EX_LIBS)
+
+libcrypto$(SHLIB_EXT): libcrypto.a fips_premain_dso$(EXE_EXT)
@if [ "$(SHLIB_TARGET)" != "" ]; then \
- if [ "$(FIPSCANLIB)" = "libfips" ]; then \
- $(ARD) libcrypto.a fipscanister.o ; \
- $(MAKE) SHLIBDIRS='crypto' SHLIBDEPS='-lfips' build-shared; \
- $(AR) libcrypto.a fips/fipscanister.o ; \
- else \
- if [ "$(FIPSCANLIB)" = "libcrypto" ]; then \
- FIPSLD_CC="$(CC)"; CC=fips/fipsld; \
- export CC FIPSLD_CC; \
- fi; \
- $(MAKE) -e SHLIBDIRS='crypto' build-shared; \
- fi \
+ if [ "$(FIPSCANLIB)" = "libcrypto" ]; then \
+ FIPSLD_LIBCRYPTO=libcrypto.a ; \
+ FIPSLD_CC="$(CC)"; CC=$(FIPSDIR)/bin/fipsld; \
+ export CC FIPSLD_CC FIPSLD_LIBCRYPTO; \
+ fi; \
+ $(MAKE) -e SHLIBDIRS=crypto CC="$${CC:-$(CC)}" build-shared && \
+ (touch -c fips_premain_dso$(EXE_EXT) || :); \
else \
echo "There's no support for shared libraries on this platform" >&2; \
exit 1; \
@@ -373,32 +316,12 @@
libssl$(SHLIB_EXT): libcrypto$(SHLIB_EXT) libssl.a
@if [ "$(SHLIB_TARGET)" != "" ]; then \
- shlibdeps=-lcrypto; \
- [ "$(FIPSCANLIB)" = "libfips" ] && shlibdeps="$$shlibdeps -lfips"; \
- $(MAKE) SHLIBDIRS=ssl SHLIBDEPS="$$shlibdeps" build-shared; \
+ $(MAKE) SHLIBDIRS=ssl SHLIBDEPS='-lcrypto' build-shared; \
else \
- echo "There's no support for shared libraries on this platform" >&2 ; \
- exit 1; \
- fi
-
-fips/fipscanister.o: build_fips
-libfips$(SHLIB_EXT): fips/fipscanister.o
- @if [ "$(SHLIB_TARGET)" != "" ]; then \
- FIPSLD_CC="$(CC)"; CC=fips/fipsld; export CC FIPSLD_CC; \
- $(MAKE) -f Makefile.shared -e $(BUILDENV) \
- CC=$${CC} LIBNAME=fips THIS=$@ \
- LIBEXTRAS=fips/fipscanister.o \
- LIBDEPS="$(EX_LIBS)" \
- LIBVERSION=${SHLIB_MAJOR}.${SHLIB_MINOR} \
- link_o.$(SHLIB_TARGET) || { rm -f $@; exit 1; } \
- else \
echo "There's no support for shared libraries on this platform" >&2; \
exit 1; \
fi
-libfips.a:
- dir=fips; target=all; $(BUILD_ONE_CMD)
-
clean-shared:
@set -e; for i in $(SHLIBDIRS); do \
if [ -n "$(SHARED_LIBS_LINK_EXTS)" ]; then \
@@ -414,10 +337,10 @@
done
link-shared:
- @ set -e; for i in ${SHLIBDIRS}; do \
+ @ set -e; for i in $(SHLIBDIRS); do \
$(MAKE) -f $(HERE)/Makefile.shared -e $(BUILDENV) \
- LIBNAME=$$i LIBVERSION=${SHLIB_MAJOR}.${SHLIB_MINOR} \
- LIBCOMPATVERSIONS=";${SHLIB_VERSION_HISTORY}" \
+ LIBNAME=$$i LIBVERSION=$(SHLIB_MAJOR).$(SHLIB_MINOR) \
+ LIBCOMPATVERSIONS=";$(SHLIB_VERSION_HISTORY)" \
symlink.$(SHLIB_TARGET); \
libs="$$libs -l$$i"; \
done
@@ -425,13 +348,13 @@
build-shared: do_$(SHLIB_TARGET) link-shared
do_$(SHLIB_TARGET):
- @ set -e; libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
- if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
+ @ set -e; libs='-L. $(SHLIBDEPS)'; for i in $(SHLIBDIRS); do \
+ if [ "$$i" = "ssl" -a -n "$(LIBKRB5)" ]; then \
libs="$(LIBKRB5) $$libs"; \
fi; \
$(CLEARENV) && $(MAKE) -f Makefile.shared -e $(BUILDENV) \
- LIBNAME=$$i LIBVERSION=${SHLIB_MAJOR}.${SHLIB_MINOR} \
- LIBCOMPATVERSIONS=";${SHLIB_VERSION_HISTORY}" \
+ LIBNAME=$$i LIBVERSION=$(SHLIB_MAJOR).$(SHLIB_MINOR) \
+ LIBCOMPATVERSIONS=";$(SHLIB_VERSION_HISTORY)" \
LIBDEPS="$$libs $(EX_LIBS)" \
link_a.$(SHLIB_TARGET); \
libs="-l$$i $$libs"; \
@@ -447,7 +370,8 @@
echo 'Description: OpenSSL cryptography library'; \
echo 'Version: '$(VERSION); \
echo 'Requires: '; \
- echo 'Libs: -L$${libdir} -lcrypto $(EX_LIBS)'; \
+ echo 'Libs: -L$${libdir} -lcrypto'; \
+ echo 'Libs.private: $(EX_LIBS)'; \
echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libcrypto.pc
libssl.pc: Makefile
@@ -460,7 +384,8 @@
echo 'Description: Secure Sockets Layer and cryptography libraries'; \
echo 'Version: '$(VERSION); \
echo 'Requires: '; \
- echo 'Libs: -L$${libdir} -lssl -lcrypto $(EX_LIBS)'; \
+ echo 'Libs: -L$${libdir} -lssl -lcrypto'; \
+ echo 'Libs.private: $(EX_LIBS)'; \
echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libssl.pc
openssl.pc: Makefile
@@ -473,7 +398,8 @@
echo 'Description: Secure Sockets Layer and cryptography libraries and tools'; \
echo 'Version: '$(VERSION); \
echo 'Requires: '; \
- echo 'Libs: -L$${libdir} -lssl -lcrypto $(EX_LIBS)'; \
+ echo 'Libs: -L$${libdir} -lssl -lcrypto'; \
+ echo 'Libs.private: $(EX_LIBS)'; \
echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > openssl.pc
Makefile: Makefile.org Configure config
@@ -482,7 +408,7 @@
@false
libclean:
- rm -f *.map *.so *.so.* *.dll engines/*.so engines/*.dll *.a engines/*.a */lib */*/lib
+ rm -f *.map *.so *.so.* *.dylib *.dll engines/*.so engines/*.dll engines/*.dylib *.a engines/*.a */lib */*/lib
clean: libclean
rm -f shlib/*.o *.o core a.out fluff rehash.time testlog make.log cctest cctest.c
@@ -508,16 +434,13 @@
@$(PERL) $(TOP)/util/mkdir-p.pl include/openssl
@$(PERL) $(TOP)/util/mklink.pl include/openssl $(EXHEADER)
@set -e; target=links; $(RECURSIVE_BUILD_CMD)
- @if [ -z "$(FIPSCANLIB)" ]; then \
- set -e; target=links; dir=fips ; $(BUILD_CMD) ; \
- fi
gentests:
@(cd test && echo "generating dummy tests (if needed)..." && \
- $(CLEARENV) && $(MAKE) -e $(BUILDENV) TESTS='${TESTS}' OPENSSL_DEBUG_MEMORY=on generate );
+ $(CLEARENV) && $(MAKE) -e $(BUILDENV) TESTS='$(TESTS)' OPENSSL_DEBUG_MEMORY=on generate );
dclean:
- rm -f *.bak
+ rm -rf *.bak include/openssl certs/.0
@set -e; target=dclean; $(RECURSIVE_BUILD_CMD)
rehash: rehash.time
@@ -524,22 +447,26 @@
rehash.time: certs apps
@if [ -z "$(CROSS_COMPILE)" ]; then \
(OPENSSL="`pwd`/util/opensslwrap.sh"; \
+ [ -x "apps/openssl.exe" ] && OPENSSL="apps/openssl.exe" || :; \
OPENSSL_DEBUG_MEMORY=on; \
export OPENSSL OPENSSL_DEBUG_MEMORY; \
- $(PERL) tools/c_rehash certs) && \
+ $(PERL) tools/c_rehash certs/demo) && \
touch rehash.time; \
- fi
+ else :; fi
test: tests
tests: rehash
@(cd test && echo "testing..." && \
- $(CLEARENV) && $(MAKE) -e $(BUILDENV) TOP=.. TESTS='${TESTS}' OPENSSL_DEBUG_MEMORY=on tests );
- util/opensslwrap.sh version -a
+ $(CLEARENV) && $(MAKE) -e $(BUILDENV) TOP=.. TESTS='$(TESTS)' OPENSSL_DEBUG_MEMORY=on OPENSSL_CONF=../apps/openssl.cnf tests );
+ OPENSSL_CONF=apps/openssl.cnf util/opensslwrap.sh version -a
report:
@$(PERL) util/selftest.pl
+update: errors stacks util/libeay.num util/ssleay.num TABLE
+ @set -e; target=update; $(RECURSIVE_BUILD_CMD)
+
depend:
@set -e; target=depend; $(RECURSIVE_BUILD_CMD)
@@ -551,9 +478,9 @@
find . -name '[^.]*.[ch]' | xargs etags -a
errors:
+ $(PERL) util/ck_errf.pl -strict */*.c */*/*.c
$(PERL) util/mkerr.pl -recurse -write
(cd engines; $(MAKE) PERL=$(PERL) errors)
- $(PERL) util/ck_errf.pl */*.c */*/*.c
stacks:
$(PERL) util/mkstack.pl -write
@@ -564,24 +491,10 @@
util/ssleay.num::
$(PERL) util/mkdef.pl ssl update
-crypto/objects/obj_dat.h: crypto/objects/obj_dat.pl crypto/objects/obj_mac.h
- $(PERL) crypto/objects/obj_dat.pl crypto/objects/obj_mac.h crypto/objects/obj_dat.h
-crypto/objects/obj_mac.h: crypto/objects/objects.pl crypto/objects/objects.txt crypto/objects/obj_mac.num
- $(PERL) crypto/objects/objects.pl crypto/objects/objects.txt crypto/objects/obj_mac.num crypto/objects/obj_mac.h
-
-apps/openssl-vms.cnf: apps/openssl.cnf
- $(PERL) VMS/VMSify-conf.pl < apps/openssl.cnf > apps/openssl-vms.cnf
-
-crypto/bn/bn_prime.h: crypto/bn/bn_prime.pl
- $(PERL) crypto/bn/bn_prime.pl >crypto/bn/bn_prime.h
-
-
TABLE: Configure
(echo 'Output of `Configure TABLE'"':"; \
$(PERL) Configure TABLE) > TABLE
-update: errors stacks util/libeay.num util/ssleay.num crypto/objects/obj_dat.h apps/openssl-vms.cnf crypto/bn/bn_prime.h TABLE depend
-
# Build distribution tar-file. As the list of files returned by "find" is
# pretty long, on several platforms a "too many arguments" error or similar
# would occur. Therefore the list of files is temporarily stored into a file
@@ -611,8 +524,8 @@
dist:
$(PERL) Configure dist
@$(MAKE) dist_pem_h
- @$(MAKE) SDIRS='${SDIRS}' clean
- @$(MAKE) TAR='${TAR}' TARFLAGS='${TARFLAGS}' tar
+ @$(MAKE) SDIRS='$(SDIRS)' clean
+ @$(MAKE) TAR='$(TAR)' TARFLAGS='$(TARFLAGS)' tar
dist_pem_h:
(cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean)
@@ -634,7 +547,7 @@
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
done;
@set -e; target=install; $(RECURSIVE_BUILD_CMD)
- @set -e; for i in $(LIBS) ;\
+ @set -e; liblist="$(LIBS)"; for i in $$liblist ;\
do \
if [ -f "$$i" ]; then \
( echo installing $$i; \
@@ -663,6 +576,16 @@
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i; \
fi ); \
+ if expr $(PLATFORM) : 'mingw' > /dev/null; then \
+ ( case $$i in \
+ *crypto*) i=libeay32.dll;; \
+ *ssl*) i=ssleay32.dll;; \
+ esac; \
+ echo installing $$i; \
+ cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
+ chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
+ mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i ); \
+ fi; \
fi; \
done; \
( here="`pwd`"; \
@@ -682,6 +605,27 @@
cp openssl.pc $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig/openssl.pc
+install_html_docs:
+ here="`pwd`"; \
+ for subdir in apps crypto ssl; do \
+ mkdir -p $(INSTALL_PREFIX)$(HTMLDIR)/$$subdir; \
+ for i in doc/$$subdir/*.pod; do \
+ fn=`basename $$i .pod`; \
+ echo "installing html/$$fn.$(HTMLSUFFIX)"; \
+ cat $$i \
+ | sed -r 's/L<([^)]*)(\([0-9]\))?\|([^)]*)(\([0-9]\))?>/L<\1|\3>/g' \
+ | pod2html --podroot=doc --htmlroot=.. --podpath=apps:crypto:ssl \
+ | sed -r 's/<!DOCTYPE.*//g' \
+ > $(INSTALL_PREFIX)$(HTMLDIR)/$$subdir/$$fn.$(HTMLSUFFIX); \
+ $(PERL) util/extract-names.pl < $$i | \
+ grep -v $$filecase "^$$fn\$$" | \
+ (cd $(INSTALL_PREFIX)$(HTMLDIR)/$$subdir; \
+ while read n; do \
+ PLATFORM=$(PLATFORM) $$here/util/point.sh $$fn.$(HTMLSUFFIX) "$$n".$(HTMLSUFFIX); \
+ done); \
+ done; \
+ done
+
install_docs:
@$(PERL) $(TOP)/util/mkdir-p.pl \
$(INSTALL_PREFIX)$(MANDIR)/man1 \
@@ -708,7 +652,7 @@
(grep -v "[ ]"; true) | \
(cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \
while read n; do \
- $$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \
+ PLATFORM=$(PLATFORM) $$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \
done); \
done; \
set -e; for i in doc/crypto/*.pod doc/ssl/*.pod; do \
@@ -725,7 +669,7 @@
(grep -v "[ ]"; true) | \
(cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \
while read n; do \
- $$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \
+ PLATFORM=$(PLATFORM) $$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \
done); \
done
Modified: trunk/crypto/openssl/Makefile.bak
===================================================================
--- trunk/crypto/openssl/Makefile.bak 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/Makefile.bak 2015-07-21 23:23:45 UTC (rev 7118)
@@ -4,16 +4,16 @@
## Makefile for OpenSSL
##
-VERSION=0.9.8zg-dev
-MAJOR=0
-MINOR=9.8
-SHLIB_VERSION_NUMBER=0.9.8
+VERSION=1.0.1o-dev
+MAJOR=1
+MINOR=0.1
+SHLIB_VERSION_NUMBER=1.0.0
SHLIB_VERSION_HISTORY=
-SHLIB_MAJOR=0
-SHLIB_MINOR=9.8
+SHLIB_MAJOR=1
+SHLIB_MINOR=0.0
SHLIB_EXT=
PLATFORM=gcc
-OPTIONS= no-camellia no-capieng no-cms no-gmp no-jpake no-krb5 no-mdc2 no-montasm no-rc5 no-rfc3779 no-seed no-shared no-zlib no-zlib-dynamic
+OPTIONS= no-ec_nistp_64_gcc_128 no-gmp no-jpake no-krb5 no-md2 no-rc5 no-rfc3779 no-sctp no-shared no-store no-unit-test no-zlib no-zlib-dynamic static-engine
CONFIGURE_ARGS=gcc
SHLIB_TARGET=
@@ -61,14 +61,14 @@
CC= gcc
CFLAG= -O3
-DEPFLAG= -DOPENSSL_NO_CAMELLIA -DOPENSSL_NO_CAPIENG -DOPENSSL_NO_CMS -DOPENSSL_NO_GMP -DOPENSSL_NO_JPAKE -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SEED
+DEPFLAG= -DOPENSSL_NO_EC_NISTP_64_GCC_128 -DOPENSSL_NO_GMP -DOPENSSL_NO_JPAKE -DOPENSSL_NO_MD2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SCTP -DOPENSSL_NO_STORE -DOPENSSL_NO_UNIT_TEST
PEX_LIBS=
EX_LIBS=
EXE_EXT=
ARFLAGS=
AR= ar $(ARFLAGS) r
-ARD=ar $(ARFLAGS) d
RANLIB= /usr/bin/ranlib
+NM= nm
PERL= /usr/bin/perl
TAR= tar
TARFLAGS= --no-recursion --record-size=10240
@@ -88,10 +88,10 @@
PROCESSOR=
# CPUID module collects small commonly used assembler snippets
-CPUID_OBJ=
+CPUID_OBJ= mem_clr.o
BN_ASM= bn_asm.o
DES_ENC= des_enc.o fcrypt_b.o
-AES_ASM_OBJ= aes_core.o aes_cbc.o
+AES_ENC= aes_core.o aes_cbc.o
BF_ENC= bf_enc.o
CAST_ENC= c_enc.o
RC4_ENC= rc4_enc.o rc4_skey.o
@@ -99,6 +99,11 @@
MD5_ASM_OBJ=
SHA1_ASM_OBJ=
RMD160_ASM_OBJ=
+WP_ASM_OBJ= wp_block.o
+CMLL_ENC= camellia.o cmll_misc.o cmll_cbc.o
+MODES_ASM_OBJ=
+ENGINES_ASM_OBJ=
+PERLASM_SCHEME=
# KRB5 stuff
KRB5_INCLUDES=
@@ -108,20 +113,18 @@
ZLIB_INCLUDE=
LIBZLIB=
+# TOP level FIPS install directory.
+FIPSDIR=/usr/local/ssl/fips-2.0
+
# This is the location of fipscanister.o and friends.
# The FIPS module build will place it $(INSTALLTOP)/lib
# but since $(INSTALLTOP) can only take the default value
# when the module is built it will be in /usr/local/ssl/lib
-# $(INSTALLTOP) for this build make be different so hard
+# $(INSTALLTOP) for this build may be different so hard
# code the path.
-FIPSLIBDIR=/usr/local/ssl/fips-1.0/lib/
+FIPSLIBDIR=
-# This is set to "y" if fipscanister.o is compiled internally as
-# opposed to coming from an external validated location.
-
-FIPSCANISTERINTERNAL=n
-
# The location of the library which contains fipscanister.o
# normally it will be libcrypto unless fipsdso is set in which
# case it will be libfips. If not compiling in FIPS mode at all
@@ -135,17 +138,18 @@
BASEADDR=0xFB00000
DIRS= crypto ssl engines apps test tools
+ENGDIRS= ccgost
SHLIBDIRS= crypto ssl
# dirs in crypto to build
SDIRS= \
objects \
- md2 md4 md5 sha hmac ripemd \
- des aes rc2 rc4 idea bf cast \
+ md4 md5 sha mdc2 hmac ripemd whrlpool \
+ des aes rc2 rc4 idea bf cast camellia seed modes \
bn ec rsa dsa ecdsa dh ecdh dso engine \
buffer bio stack lhash rand err \
evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 \
- store pqueue
+ cms pqueue ts srp cmac
# keep in mind that the above list is adjusted by ./Configure
# according to no-xxx arguments...
@@ -159,6 +163,8 @@
MAN1=1
MAN3=3
MANSUFFIX=
+HTMLSUFFIX=html
+HTMLDIR=$(OPENSSLDIR)/html
SHELL=/bin/sh
TOP= .
@@ -168,7 +174,6 @@
LIBS= libcrypto.a libssl.a
SHARED_CRYPTO=libcrypto$(SHLIB_EXT)
SHARED_SSL=libssl$(SHLIB_EXT)
-SHARED_FIPS=
SHARED_LIBS=
SHARED_LIBS_LINK_EXTS=
SHARED_LDFLAGS=
@@ -181,7 +186,7 @@
EXHEADER= e_os2.h
HEADER= e_os.h
-all: Makefile build_all openssl.pc libssl.pc libcrypto.pc
+all: Makefile build_all
# as we stick to -e, CLEARENV ensures that local variables in lower
# Makefiles remain local and variable. $${VAR+VAR} is tribute to Korn
@@ -195,38 +200,44 @@
$${EXHEADER+EXHEADER} $${HEADER+HEADER} \
$${GENERAL+GENERAL} $${CFLAGS+CFLAGS} \
$${ASFLAGS+ASFLAGS} $${AFLAGS+AFLAGS} \
- $${LDCMD+LDCMD} $${LDFLAGS+LDFLAGS} \
+ $${LDCMD+LDCMD} $${LDFLAGS+LDFLAGS} $${SCRIPTS+SCRIPTS} \
$${SHAREDCMD+SHAREDCMD} $${SHAREDFLAGS+SHAREDFLAGS} \
$${SHARED_LIB+SHARED_LIB} $${LIBEXTRAS+LIBEXTRAS}
-BUILDENV= PLATFORM='${PLATFORM}' PROCESSOR='${PROCESSOR}' \
- CC='${CC}' CFLAG='${CFLAG}' \
- AS='${CC}' ASFLAG='${CFLAG} -c' \
- AR='${AR}' PERL='${PERL}' RANLIB='${RANLIB}' \
- SDIRS='${SDIRS}' LIBRPATH='${INSTALLTOP}/$(LIBDIR)' \
- INSTALL_PREFIX='${INSTALL_PREFIX}' \
- INSTALLTOP='${INSTALLTOP}' OPENSSLDIR='${OPENSSLDIR}' \
- LIBDIR='${LIBDIR}' \
- MAKEDEPEND='$$$${TOP}/util/domd $$$${TOP} -MD ${MAKEDEPPROG}' \
- DEPFLAG='-DOPENSSL_NO_DEPRECATED ${DEPFLAG}' \
- MAKEDEPPROG='${MAKEDEPPROG}' \
- SHARED_LDFLAGS='${SHARED_LDFLAGS}' \
- KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' \
- EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' \
- SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' \
- PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' \
- CPUID_OBJ='${CPUID_OBJ}' \
- BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' \
- AES_ASM_OBJ='${AES_ASM_OBJ}' \
- BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' \
- RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' \
- SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' \
- MD5_ASM_OBJ='${MD5_ASM_OBJ}' \
- RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' \
+BUILDENV= PLATFORM='$(PLATFORM)' PROCESSOR='$(PROCESSOR)' \
+ CC='$(CC)' CFLAG='$(CFLAG)' \
+ AS='$(CC)' ASFLAG='$(CFLAG) -c' \
+ AR='$(AR)' NM='$(NM)' RANLIB='$(RANLIB)' \
+ CROSS_COMPILE='$(CROSS_COMPILE)' \
+ PERL='$(PERL)' ENGDIRS='$(ENGDIRS)' \
+ SDIRS='$(SDIRS)' LIBRPATH='$(INSTALLTOP)/$(LIBDIR)' \
+ INSTALL_PREFIX='$(INSTALL_PREFIX)' \
+ INSTALLTOP='$(INSTALLTOP)' OPENSSLDIR='$(OPENSSLDIR)' \
+ LIBDIR='$(LIBDIR)' \
+ MAKEDEPEND='$$$${TOP}/util/domd $$$${TOP} -MD $(MAKEDEPPROG)' \
+ DEPFLAG='-DOPENSSL_NO_DEPRECATED $(DEPFLAG)' \
+ MAKEDEPPROG='$(MAKEDEPPROG)' \
+ SHARED_LDFLAGS='$(SHARED_LDFLAGS)' \
+ KRB5_INCLUDES='$(KRB5_INCLUDES)' LIBKRB5='$(LIBKRB5)' \
+ ZLIB_INCLUDE='$(ZLIB_INCLUDE)' LIBZLIB='$(LIBZLIB)' \
+ EXE_EXT='$(EXE_EXT)' SHARED_LIBS='$(SHARED_LIBS)' \
+ SHLIB_EXT='$(SHLIB_EXT)' SHLIB_TARGET='$(SHLIB_TARGET)' \
+ PEX_LIBS='$(PEX_LIBS)' EX_LIBS='$(EX_LIBS)' \
+ CPUID_OBJ='$(CPUID_OBJ)' \
+ BN_ASM='$(BN_ASM)' DES_ENC='$(DES_ENC)' \
+ AES_ENC='$(AES_ENC)' CMLL_ENC='$(CMLL_ENC)' \
+ BF_ENC='$(BF_ENC)' CAST_ENC='$(CAST_ENC)' \
+ RC4_ENC='$(RC4_ENC)' RC5_ENC='$(RC5_ENC)' \
+ SHA1_ASM_OBJ='$(SHA1_ASM_OBJ)' \
+ MD5_ASM_OBJ='$(MD5_ASM_OBJ)' \
+ RMD160_ASM_OBJ='$(RMD160_ASM_OBJ)' \
+ WP_ASM_OBJ='$(WP_ASM_OBJ)' \
+ MODES_ASM_OBJ='$(MODES_ASM_OBJ)' \
+ ENGINES_ASM_OBJ='$(ENGINES_ASM_OBJ)' \
+ PERLASM_SCHEME='$(PERLASM_SCHEME)' \
FIPSLIBDIR='${FIPSLIBDIR}' \
+ FIPSDIR='${FIPSDIR}' \
FIPSCANLIB="$${FIPSCANLIB:-$(FIPSCANLIB)}" \
- FIPSCANISTERINTERNAL='${FIPSCANISTERINTERNAL}' \
- FIPS_EX_OBJ='${FIPS_EX_OBJ}' \
THIS=$${THIS:-$@} MAKEFILE=Makefile MAKEOVERRIDES=
# MAKEOVERRIDES= effectively "equalizes" GNU-ish and SysV-ish make flavors,
# which in turn eliminates ambiguities in variable treatment with -e.
@@ -245,14 +256,13 @@
# subdirectories defined in $(DIRS). It requires that the target
# is given through the shell variable `target'.
BUILD_CMD= if [ -d "$$dir" ]; then \
- ( [ $$target != all -a -z "$(FIPSCANLIB)" ] && FIPSCANLIB=/dev/null; \
- cd $$dir && echo "making $$target in $$dir..." && \
+ ( cd $$dir && echo "making $$target in $$dir..." && \
$(CLEARENV) && $(MAKE) -e $(BUILDENV) TOP=.. DIR=$$dir $$target \
) || exit 1; \
fi
RECURSIVE_BUILD_CMD=for dir in $(DIRS); do $(BUILD_CMD); done
BUILD_ONE_CMD=\
- if echo " $(DIRS) " | grep " $$dir " >/dev/null 2>/dev/null; then \
+ if expr " $(DIRS) " : ".* $$dir " >/dev/null 2>&1; then \
$(BUILD_CMD); \
fi
@@ -259,93 +269,25 @@
reflect:
@[ -n "$(THIS)" ] && $(CLEARENV) && $(MAKE) $(THIS) -e $(BUILDENV)
-FIPS_EX_OBJ= ../crypto/aes/aes_cfb.o \
- ../crypto/aes/aes_ecb.o \
- ../crypto/aes/aes_ofb.o \
- ../crypto/bn/bn_add.o \
- ../crypto/bn/bn_blind.o \
- ../crypto/bn/bn_ctx.o \
- ../crypto/bn/bn_div.o \
- ../crypto/bn/bn_exp2.o \
- ../crypto/bn/bn_exp.o \
- ../crypto/bn/bn_gcd.o \
- ../crypto/bn/bn_lib.o \
- ../crypto/bn/bn_mod.o \
- ../crypto/bn/bn_mont.o \
- ../crypto/bn/bn_mul.o \
- ../crypto/bn/bn_prime.o \
- ../crypto/bn/bn_rand.o \
- ../crypto/bn/bn_recp.o \
- ../crypto/bn/bn_shift.o \
- ../crypto/bn/bn_sqr.o \
- ../crypto/bn/bn_word.o \
- ../crypto/bn/bn_x931p.o \
- ../crypto/buffer/buf_str.o \
- ../crypto/cryptlib.o \
- ../crypto/des/cfb64ede.o \
- ../crypto/des/cfb64enc.o \
- ../crypto/des/cfb_enc.o \
- ../crypto/des/ecb3_enc.o \
- ../crypto/des/ecb_enc.o \
- ../crypto/des/ofb64ede.o \
- ../crypto/des/ofb64enc.o \
- ../crypto/des/fcrypt.o \
- ../crypto/des/set_key.o \
- ../crypto/dsa/dsa_utl.o \
- ../crypto/dsa/dsa_sign.o \
- ../crypto/dsa/dsa_vrf.o \
- ../crypto/err/err.o \
- ../crypto/evp/digest.o \
- ../crypto/evp/enc_min.o \
- ../crypto/evp/e_aes.o \
- ../crypto/evp/e_des3.o \
- ../crypto/evp/p_sign.o \
- ../crypto/evp/p_verify.o \
- ../crypto/mem_clr.o \
- ../crypto/mem.o \
- ../crypto/rand/md_rand.o \
- ../crypto/rand/rand_egd.o \
- ../crypto/rand/randfile.o \
- ../crypto/rand/rand_lib.o \
- ../crypto/rand/rand_os2.o \
- ../crypto/rand/rand_unix.o \
- ../crypto/rand/rand_win.o \
- ../crypto/rsa/rsa_lib.o \
- ../crypto/rsa/rsa_none.o \
- ../crypto/rsa/rsa_oaep.o \
- ../crypto/rsa/rsa_pk1.o \
- ../crypto/rsa/rsa_pss.o \
- ../crypto/rsa/rsa_ssl.o \
- ../crypto/rsa/rsa_x931.o \
- ../crypto/sha/sha1dgst.o \
- ../crypto/sha/sha256.o \
- ../crypto/sha/sha512.o \
- ../crypto/uid.o
-
sub_all: build_all
build_all: build_libs build_apps build_tests build_tools
-build_libs: build_crypto build_fips build_ssl build_shared build_engines
+build_libs: build_libcrypto build_libssl openssl.pc
+build_libcrypto: build_crypto build_engines libcrypto.pc
+build_libssl: build_ssl libssl.pc
+
build_crypto:
- if [ -n "$(FIPSCANLIB)" ]; then \
- EXCL_OBJ='$(AES_ASM_OBJ) $(BN_ASM) $(DES_ENC) $(CPUID_OBJ) $(SHA1_ASM_OBJ) $(FIPS_EX_OBJ)' ; export EXCL_OBJ ; \
- ARX='$(PERL) $${TOP}/util/arx.pl $(AR)' ; \
- else \
- ARX='${AR}' ; \
- fi ; export ARX ; \
- dir=crypto; target=all; $(BUILD_ONE_CMD)
-build_fips:
- @dir=fips; target=all; [ -z "$(FIPSCANLIB)" ] || $(BUILD_ONE_CMD)
-build_ssl: build_crypto
+ @dir=crypto; target=all; $(BUILD_ONE_CMD)
+build_ssl:
@dir=ssl; target=all; $(BUILD_ONE_CMD)
-build_engines: build_crypto
+build_engines:
@dir=engines; target=all; $(BUILD_ONE_CMD)
-build_apps: build_libs
+build_apps:
@dir=apps; target=all; $(BUILD_ONE_CMD)
-build_tests: build_libs
+build_tests:
@dir=test; target=all; $(BUILD_ONE_CMD)
-build_tools: build_libs
+build_tools:
@dir=tools; target=all; $(BUILD_ONE_CMD)
all_testapps: build_libs build_testapps
@@ -352,20 +294,21 @@
build_testapps:
@dir=crypto; target=testapps; $(BUILD_ONE_CMD)
-build_shared: $(SHARED_LIBS)
-libcrypto$(SHLIB_EXT): libcrypto.a $(SHARED_FIPS)
+fips_premain_dso$(EXE_EXT): libcrypto.a
+ [ -z "$(FIPSCANLIB)" ] || $(CC) $(CFLAG) -Iinclude \
+ -DFINGERPRINT_PREMAIN_DSO_LOAD -o $@ \
+ $(FIPSLIBDIR)fips_premain.c $(FIPSLIBDIR)fipscanister.o \
+ libcrypto.a $(EX_LIBS)
+
+libcrypto$(SHLIB_EXT): libcrypto.a fips_premain_dso$(EXE_EXT)
@if [ "$(SHLIB_TARGET)" != "" ]; then \
- if [ "$(FIPSCANLIB)" = "libfips" ]; then \
- $(ARD) libcrypto.a fipscanister.o ; \
- $(MAKE) SHLIBDIRS='crypto' SHLIBDEPS='-lfips' build-shared; \
- $(AR) libcrypto.a fips/fipscanister.o ; \
- else \
- if [ "$(FIPSCANLIB)" = "libcrypto" ]; then \
- FIPSLD_CC="$(CC)"; CC=fips/fipsld; \
- export CC FIPSLD_CC; \
- fi; \
- $(MAKE) -e SHLIBDIRS='crypto' build-shared; \
- fi \
+ if [ "$(FIPSCANLIB)" = "libcrypto" ]; then \
+ FIPSLD_LIBCRYPTO=libcrypto.a ; \
+ FIPSLD_CC="$(CC)"; CC=$(FIPSDIR)/bin/fipsld; \
+ export CC FIPSLD_CC FIPSLD_LIBCRYPTO; \
+ fi; \
+ $(MAKE) -e SHLIBDIRS=crypto CC="$${CC:-$(CC)}" build-shared && \
+ (touch -c fips_premain_dso$(EXE_EXT) || :); \
else \
echo "There's no support for shared libraries on this platform" >&2; \
exit 1; \
@@ -373,32 +316,12 @@
libssl$(SHLIB_EXT): libcrypto$(SHLIB_EXT) libssl.a
@if [ "$(SHLIB_TARGET)" != "" ]; then \
- shlibdeps=-lcrypto; \
- [ "$(FIPSCANLIB)" = "libfips" ] && shlibdeps="$$shlibdeps -lfips"; \
- $(MAKE) SHLIBDIRS=ssl SHLIBDEPS="$$shlibdeps" build-shared; \
+ $(MAKE) SHLIBDIRS=ssl SHLIBDEPS='-lcrypto' build-shared; \
else \
- echo "There's no support for shared libraries on this platform" >&2 ; \
- exit 1; \
- fi
-
-fips/fipscanister.o: build_fips
-libfips$(SHLIB_EXT): fips/fipscanister.o
- @if [ "$(SHLIB_TARGET)" != "" ]; then \
- FIPSLD_CC="$(CC)"; CC=fips/fipsld; export CC FIPSLD_CC; \
- $(MAKE) -f Makefile.shared -e $(BUILDENV) \
- CC=$${CC} LIBNAME=fips THIS=$@ \
- LIBEXTRAS=fips/fipscanister.o \
- LIBDEPS="$(EX_LIBS)" \
- LIBVERSION=${SHLIB_MAJOR}.${SHLIB_MINOR} \
- link_o.$(SHLIB_TARGET) || { rm -f $@; exit 1; } \
- else \
echo "There's no support for shared libraries on this platform" >&2; \
exit 1; \
fi
-libfips.a:
- dir=fips; target=all; $(BUILD_ONE_CMD)
-
clean-shared:
@set -e; for i in $(SHLIBDIRS); do \
if [ -n "$(SHARED_LIBS_LINK_EXTS)" ]; then \
@@ -414,10 +337,10 @@
done
link-shared:
- @ set -e; for i in ${SHLIBDIRS}; do \
+ @ set -e; for i in $(SHLIBDIRS); do \
$(MAKE) -f $(HERE)/Makefile.shared -e $(BUILDENV) \
- LIBNAME=$$i LIBVERSION=${SHLIB_MAJOR}.${SHLIB_MINOR} \
- LIBCOMPATVERSIONS=";${SHLIB_VERSION_HISTORY}" \
+ LIBNAME=$$i LIBVERSION=$(SHLIB_MAJOR).$(SHLIB_MINOR) \
+ LIBCOMPATVERSIONS=";$(SHLIB_VERSION_HISTORY)" \
symlink.$(SHLIB_TARGET); \
libs="$$libs -l$$i"; \
done
@@ -425,13 +348,13 @@
build-shared: do_$(SHLIB_TARGET) link-shared
do_$(SHLIB_TARGET):
- @ set -e; libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
- if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
+ @ set -e; libs='-L. $(SHLIBDEPS)'; for i in $(SHLIBDIRS); do \
+ if [ "$$i" = "ssl" -a -n "$(LIBKRB5)" ]; then \
libs="$(LIBKRB5) $$libs"; \
fi; \
$(CLEARENV) && $(MAKE) -f Makefile.shared -e $(BUILDENV) \
- LIBNAME=$$i LIBVERSION=${SHLIB_MAJOR}.${SHLIB_MINOR} \
- LIBCOMPATVERSIONS=";${SHLIB_VERSION_HISTORY}" \
+ LIBNAME=$$i LIBVERSION=$(SHLIB_MAJOR).$(SHLIB_MINOR) \
+ LIBCOMPATVERSIONS=";$(SHLIB_VERSION_HISTORY)" \
LIBDEPS="$$libs $(EX_LIBS)" \
link_a.$(SHLIB_TARGET); \
libs="-l$$i $$libs"; \
@@ -447,7 +370,8 @@
echo 'Description: OpenSSL cryptography library'; \
echo 'Version: '$(VERSION); \
echo 'Requires: '; \
- echo 'Libs: -L$${libdir} -lcrypto $(EX_LIBS)'; \
+ echo 'Libs: -L$${libdir} -lcrypto'; \
+ echo 'Libs.private: $(EX_LIBS)'; \
echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libcrypto.pc
libssl.pc: Makefile
@@ -460,7 +384,8 @@
echo 'Description: Secure Sockets Layer and cryptography libraries'; \
echo 'Version: '$(VERSION); \
echo 'Requires: '; \
- echo 'Libs: -L$${libdir} -lssl -lcrypto $(EX_LIBS)'; \
+ echo 'Libs: -L$${libdir} -lssl -lcrypto'; \
+ echo 'Libs.private: $(EX_LIBS)'; \
echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libssl.pc
openssl.pc: Makefile
@@ -473,7 +398,8 @@
echo 'Description: Secure Sockets Layer and cryptography libraries and tools'; \
echo 'Version: '$(VERSION); \
echo 'Requires: '; \
- echo 'Libs: -L$${libdir} -lssl -lcrypto $(EX_LIBS)'; \
+ echo 'Libs: -L$${libdir} -lssl -lcrypto'; \
+ echo 'Libs.private: $(EX_LIBS)'; \
echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > openssl.pc
Makefile: Makefile.org Configure config
@@ -482,7 +408,7 @@
@false
libclean:
- rm -f *.map *.so *.so.* *.dll engines/*.so engines/*.dll *.a engines/*.a */lib */*/lib
+ rm -f *.map *.so *.so.* *.dylib *.dll engines/*.so engines/*.dll engines/*.dylib *.a engines/*.a */lib */*/lib
clean: libclean
rm -f shlib/*.o *.o core a.out fluff rehash.time testlog make.log cctest cctest.c
@@ -508,16 +434,13 @@
@$(PERL) $(TOP)/util/mkdir-p.pl include/openssl
@$(PERL) $(TOP)/util/mklink.pl include/openssl $(EXHEADER)
@set -e; target=links; $(RECURSIVE_BUILD_CMD)
- @if [ -z "$(FIPSCANLIB)" ]; then \
- set -e; target=links; dir=fips ; $(BUILD_CMD) ; \
- fi
gentests:
@(cd test && echo "generating dummy tests (if needed)..." && \
- $(CLEARENV) && $(MAKE) -e $(BUILDENV) TESTS='${TESTS}' OPENSSL_DEBUG_MEMORY=on generate );
+ $(CLEARENV) && $(MAKE) -e $(BUILDENV) TESTS='$(TESTS)' OPENSSL_DEBUG_MEMORY=on generate );
dclean:
- rm -f *.bak
+ rm -rf *.bak include/openssl certs/.0
@set -e; target=dclean; $(RECURSIVE_BUILD_CMD)
rehash: rehash.time
@@ -524,22 +447,26 @@
rehash.time: certs apps
@if [ -z "$(CROSS_COMPILE)" ]; then \
(OPENSSL="`pwd`/util/opensslwrap.sh"; \
+ [ -x "apps/openssl.exe" ] && OPENSSL="apps/openssl.exe" || :; \
OPENSSL_DEBUG_MEMORY=on; \
export OPENSSL OPENSSL_DEBUG_MEMORY; \
- $(PERL) tools/c_rehash certs) && \
+ $(PERL) tools/c_rehash certs/demo) && \
touch rehash.time; \
- fi
+ else :; fi
test: tests
tests: rehash
@(cd test && echo "testing..." && \
- $(CLEARENV) && $(MAKE) -e $(BUILDENV) TOP=.. TESTS='${TESTS}' OPENSSL_DEBUG_MEMORY=on tests );
- util/opensslwrap.sh version -a
+ $(CLEARENV) && $(MAKE) -e $(BUILDENV) TOP=.. TESTS='$(TESTS)' OPENSSL_DEBUG_MEMORY=on OPENSSL_CONF=../apps/openssl.cnf tests );
+ OPENSSL_CONF=apps/openssl.cnf util/opensslwrap.sh version -a
report:
@$(PERL) util/selftest.pl
+update: errors stacks util/libeay.num util/ssleay.num TABLE
+ @set -e; target=update; $(RECURSIVE_BUILD_CMD)
+
depend:
@set -e; target=depend; $(RECURSIVE_BUILD_CMD)
@@ -551,9 +478,9 @@
find . -name '[^.]*.[ch]' | xargs etags -a
errors:
+ $(PERL) util/ck_errf.pl -strict */*.c */*/*.c
$(PERL) util/mkerr.pl -recurse -write
(cd engines; $(MAKE) PERL=$(PERL) errors)
- $(PERL) util/ck_errf.pl */*.c */*/*.c
stacks:
$(PERL) util/mkstack.pl -write
@@ -564,24 +491,10 @@
util/ssleay.num::
$(PERL) util/mkdef.pl ssl update
-crypto/objects/obj_dat.h: crypto/objects/obj_dat.pl crypto/objects/obj_mac.h
- $(PERL) crypto/objects/obj_dat.pl crypto/objects/obj_mac.h crypto/objects/obj_dat.h
-crypto/objects/obj_mac.h: crypto/objects/objects.pl crypto/objects/objects.txt crypto/objects/obj_mac.num
- $(PERL) crypto/objects/objects.pl crypto/objects/objects.txt crypto/objects/obj_mac.num crypto/objects/obj_mac.h
-
-apps/openssl-vms.cnf: apps/openssl.cnf
- $(PERL) VMS/VMSify-conf.pl < apps/openssl.cnf > apps/openssl-vms.cnf
-
-crypto/bn/bn_prime.h: crypto/bn/bn_prime.pl
- $(PERL) crypto/bn/bn_prime.pl >crypto/bn/bn_prime.h
-
-
TABLE: Configure
(echo 'Output of `Configure TABLE'"':"; \
$(PERL) Configure TABLE) > TABLE
-update: errors stacks util/libeay.num util/ssleay.num crypto/objects/obj_dat.h apps/openssl-vms.cnf crypto/bn/bn_prime.h TABLE depend
-
# Build distribution tar-file. As the list of files returned by "find" is
# pretty long, on several platforms a "too many arguments" error or similar
# would occur. Therefore the list of files is temporarily stored into a file
@@ -611,8 +524,8 @@
dist:
$(PERL) Configure dist
@$(MAKE) dist_pem_h
- @$(MAKE) SDIRS='${SDIRS}' clean
- @$(MAKE) TAR='${TAR}' TARFLAGS='${TARFLAGS}' tar
+ @$(MAKE) SDIRS='$(SDIRS)' clean
+ @$(MAKE) TAR='$(TAR)' TARFLAGS='$(TARFLAGS)' tar
dist_pem_h:
(cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean)
@@ -634,7 +547,7 @@
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
done;
@set -e; target=install; $(RECURSIVE_BUILD_CMD)
- @set -e; for i in $(LIBS) ;\
+ @set -e; liblist="$(LIBS)"; for i in $$liblist ;\
do \
if [ -f "$$i" ]; then \
( echo installing $$i; \
@@ -663,6 +576,16 @@
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i; \
fi ); \
+ if expr $(PLATFORM) : 'mingw' > /dev/null; then \
+ ( case $$i in \
+ *crypto*) i=libeay32.dll;; \
+ *ssl*) i=ssleay32.dll;; \
+ esac; \
+ echo installing $$i; \
+ cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
+ chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
+ mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i ); \
+ fi; \
fi; \
done; \
( here="`pwd`"; \
@@ -682,6 +605,27 @@
cp openssl.pc $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig/openssl.pc
+install_html_docs:
+ here="`pwd`"; \
+ for subdir in apps crypto ssl; do \
+ mkdir -p $(INSTALL_PREFIX)$(HTMLDIR)/$$subdir; \
+ for i in doc/$$subdir/*.pod; do \
+ fn=`basename $$i .pod`; \
+ echo "installing html/$$fn.$(HTMLSUFFIX)"; \
+ cat $$i \
+ | sed -r 's/L<([^)]*)(\([0-9]\))?\|([^)]*)(\([0-9]\))?>/L<\1|\3>/g' \
+ | pod2html --podroot=doc --htmlroot=.. --podpath=apps:crypto:ssl \
+ | sed -r 's/<!DOCTYPE.*//g' \
+ > $(INSTALL_PREFIX)$(HTMLDIR)/$$subdir/$$fn.$(HTMLSUFFIX); \
+ $(PERL) util/extract-names.pl < $$i | \
+ grep -v $$filecase "^$$fn\$$" | \
+ (cd $(INSTALL_PREFIX)$(HTMLDIR)/$$subdir; \
+ while read n; do \
+ PLATFORM=$(PLATFORM) $$here/util/point.sh $$fn.$(HTMLSUFFIX) "$$n".$(HTMLSUFFIX); \
+ done); \
+ done; \
+ done
+
install_docs:
@$(PERL) $(TOP)/util/mkdir-p.pl \
$(INSTALL_PREFIX)$(MANDIR)/man1 \
@@ -708,7 +652,7 @@
(grep -v "[ ]"; true) | \
(cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \
while read n; do \
- $$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \
+ PLATFORM=$(PLATFORM) $$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \
done); \
done; \
set -e; for i in doc/crypto/*.pod doc/ssl/*.pod; do \
@@ -725,7 +669,7 @@
(grep -v "[ ]"; true) | \
(cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \
while read n; do \
- $$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \
+ PLATFORM=$(PLATFORM) $$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \
done); \
done
Modified: trunk/crypto/openssl/Makefile.org
===================================================================
--- trunk/crypto/openssl/Makefile.org 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/Makefile.org 2015-07-21 23:23:45 UTC (rev 7118)
@@ -65,8 +65,8 @@
EXE_EXT=
ARFLAGS=
AR=ar $(ARFLAGS) r
-ARD=ar $(ARFLAGS) d
RANLIB= ranlib
+NM= nm
PERL= perl
TAR= tar
TARFLAGS= --no-recursion --record-size=10240
@@ -89,7 +89,7 @@
CPUID_OBJ=
BN_ASM= bn_asm.o
DES_ENC= des_enc.o fcrypt_b.o
-AES_ASM_OBJ=aes_core.o aes_cbc.o
+AES_ENC= aes_core.o aes_cbc.o
BF_ENC= bf_enc.o
CAST_ENC= c_enc.o
RC4_ENC= rc4_enc.o
@@ -97,6 +97,11 @@
MD5_ASM_OBJ=
SHA1_ASM_OBJ=
RMD160_ASM_OBJ=
+WP_ASM_OBJ=
+CMLL_ENC=
+MODES_ASM_OBJ=
+ENGINES_ASM_OBJ=
+PERLASM_SCHEME=
# KRB5 stuff
KRB5_INCLUDES=
@@ -106,20 +111,18 @@
ZLIB_INCLUDE=
LIBZLIB=
+# TOP level FIPS install directory.
+FIPSDIR=
+
# This is the location of fipscanister.o and friends.
# The FIPS module build will place it $(INSTALLTOP)/lib
# but since $(INSTALLTOP) can only take the default value
# when the module is built it will be in /usr/local/ssl/lib
-# $(INSTALLTOP) for this build make be different so hard
+# $(INSTALLTOP) for this build may be different so hard
# code the path.
-FIPSLIBDIR=/usr/local/ssl/$(LIBDIR)/
+FIPSLIBDIR=
-# This is set to "y" if fipscanister.o is compiled internally as
-# opposed to coming from an external validated location.
-
-FIPSCANISTERINTERNAL=n
-
# The location of the library which contains fipscanister.o
# normally it will be libcrypto unless fipsdso is set in which
# case it will be libfips. If not compiling in FIPS mode at all
@@ -132,18 +135,19 @@
BASEADDR=
-DIRS= crypto fips ssl engines apps test tools
-SHLIBDIRS= crypto ssl fips
+DIRS= crypto ssl engines apps test tools
+ENGDIRS= ccgost
+SHLIBDIRS= crypto ssl
# dirs in crypto to build
SDIRS= \
objects \
- md2 md4 md5 sha mdc2 hmac ripemd \
- des aes rc2 rc4 rc5 idea bf cast camellia seed \
+ md2 md4 md5 sha mdc2 hmac ripemd whrlpool \
+ des aes rc2 rc4 rc5 idea bf cast camellia seed modes \
bn ec rsa dsa ecdsa dh ecdh dso engine \
buffer bio stack lhash rand err \
evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 \
- store cms pqueue jpake
+ cms pqueue ts jpake srp store cmac
# keep in mind that the above list is adjusted by ./Configure
# according to no-xxx arguments...
@@ -157,6 +161,8 @@
MAN1=1
MAN3=3
MANSUFFIX=
+HTMLSUFFIX=html
+HTMLDIR=$(OPENSSLDIR)/html
SHELL=/bin/sh
TOP= .
@@ -166,7 +172,6 @@
LIBS= libcrypto.a libssl.a
SHARED_CRYPTO=libcrypto$(SHLIB_EXT)
SHARED_SSL=libssl$(SHLIB_EXT)
-SHARED_FIPS=
SHARED_LIBS=
SHARED_LIBS_LINK_EXTS=
SHARED_LDFLAGS=
@@ -179,7 +184,7 @@
EXHEADER= e_os2.h
HEADER= e_os.h
-all: Makefile build_all openssl.pc libssl.pc libcrypto.pc
+all: Makefile build_all
# as we stick to -e, CLEARENV ensures that local variables in lower
# Makefiles remain local and variable. $${VAR+VAR} is tribute to Korn
@@ -193,38 +198,44 @@
$${EXHEADER+EXHEADER} $${HEADER+HEADER} \
$${GENERAL+GENERAL} $${CFLAGS+CFLAGS} \
$${ASFLAGS+ASFLAGS} $${AFLAGS+AFLAGS} \
- $${LDCMD+LDCMD} $${LDFLAGS+LDFLAGS} \
+ $${LDCMD+LDCMD} $${LDFLAGS+LDFLAGS} $${SCRIPTS+SCRIPTS} \
$${SHAREDCMD+SHAREDCMD} $${SHAREDFLAGS+SHAREDFLAGS} \
$${SHARED_LIB+SHARED_LIB} $${LIBEXTRAS+LIBEXTRAS}
-BUILDENV= PLATFORM='${PLATFORM}' PROCESSOR='${PROCESSOR}' \
- CC='${CC}' CFLAG='${CFLAG}' \
- AS='${CC}' ASFLAG='${CFLAG} -c' \
- AR='${AR}' PERL='${PERL}' RANLIB='${RANLIB}' \
- SDIRS='${SDIRS}' LIBRPATH='${INSTALLTOP}/$(LIBDIR)' \
- INSTALL_PREFIX='${INSTALL_PREFIX}' \
- INSTALLTOP='${INSTALLTOP}' OPENSSLDIR='${OPENSSLDIR}' \
- LIBDIR='${LIBDIR}' \
- MAKEDEPEND='$$$${TOP}/util/domd $$$${TOP} -MD ${MAKEDEPPROG}' \
- DEPFLAG='-DOPENSSL_NO_DEPRECATED ${DEPFLAG}' \
- MAKEDEPPROG='${MAKEDEPPROG}' \
- SHARED_LDFLAGS='${SHARED_LDFLAGS}' \
- KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' \
- EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' \
- SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' \
- PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' \
- CPUID_OBJ='${CPUID_OBJ}' \
- BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' \
- AES_ASM_OBJ='${AES_ASM_OBJ}' \
- BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' \
- RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' \
- SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' \
- MD5_ASM_OBJ='${MD5_ASM_OBJ}' \
- RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' \
+BUILDENV= PLATFORM='$(PLATFORM)' PROCESSOR='$(PROCESSOR)' \
+ CC='$(CC)' CFLAG='$(CFLAG)' \
+ AS='$(CC)' ASFLAG='$(CFLAG) -c' \
+ AR='$(AR)' NM='$(NM)' RANLIB='$(RANLIB)' \
+ CROSS_COMPILE='$(CROSS_COMPILE)' \
+ PERL='$(PERL)' ENGDIRS='$(ENGDIRS)' \
+ SDIRS='$(SDIRS)' LIBRPATH='$(INSTALLTOP)/$(LIBDIR)' \
+ INSTALL_PREFIX='$(INSTALL_PREFIX)' \
+ INSTALLTOP='$(INSTALLTOP)' OPENSSLDIR='$(OPENSSLDIR)' \
+ LIBDIR='$(LIBDIR)' \
+ MAKEDEPEND='$$$${TOP}/util/domd $$$${TOP} -MD $(MAKEDEPPROG)' \
+ DEPFLAG='-DOPENSSL_NO_DEPRECATED $(DEPFLAG)' \
+ MAKEDEPPROG='$(MAKEDEPPROG)' \
+ SHARED_LDFLAGS='$(SHARED_LDFLAGS)' \
+ KRB5_INCLUDES='$(KRB5_INCLUDES)' LIBKRB5='$(LIBKRB5)' \
+ ZLIB_INCLUDE='$(ZLIB_INCLUDE)' LIBZLIB='$(LIBZLIB)' \
+ EXE_EXT='$(EXE_EXT)' SHARED_LIBS='$(SHARED_LIBS)' \
+ SHLIB_EXT='$(SHLIB_EXT)' SHLIB_TARGET='$(SHLIB_TARGET)' \
+ PEX_LIBS='$(PEX_LIBS)' EX_LIBS='$(EX_LIBS)' \
+ CPUID_OBJ='$(CPUID_OBJ)' \
+ BN_ASM='$(BN_ASM)' DES_ENC='$(DES_ENC)' \
+ AES_ENC='$(AES_ENC)' CMLL_ENC='$(CMLL_ENC)' \
+ BF_ENC='$(BF_ENC)' CAST_ENC='$(CAST_ENC)' \
+ RC4_ENC='$(RC4_ENC)' RC5_ENC='$(RC5_ENC)' \
+ SHA1_ASM_OBJ='$(SHA1_ASM_OBJ)' \
+ MD5_ASM_OBJ='$(MD5_ASM_OBJ)' \
+ RMD160_ASM_OBJ='$(RMD160_ASM_OBJ)' \
+ WP_ASM_OBJ='$(WP_ASM_OBJ)' \
+ MODES_ASM_OBJ='$(MODES_ASM_OBJ)' \
+ ENGINES_ASM_OBJ='$(ENGINES_ASM_OBJ)' \
+ PERLASM_SCHEME='$(PERLASM_SCHEME)' \
FIPSLIBDIR='${FIPSLIBDIR}' \
+ FIPSDIR='${FIPSDIR}' \
FIPSCANLIB="$${FIPSCANLIB:-$(FIPSCANLIB)}" \
- FIPSCANISTERINTERNAL='${FIPSCANISTERINTERNAL}' \
- FIPS_EX_OBJ='${FIPS_EX_OBJ}' \
THIS=$${THIS:-$@} MAKEFILE=Makefile MAKEOVERRIDES=
# MAKEOVERRIDES= effectively "equalizes" GNU-ish and SysV-ish make flavors,
# which in turn eliminates ambiguities in variable treatment with -e.
@@ -243,14 +254,13 @@
# subdirectories defined in $(DIRS). It requires that the target
# is given through the shell variable `target'.
BUILD_CMD= if [ -d "$$dir" ]; then \
- ( [ $$target != all -a -z "$(FIPSCANLIB)" ] && FIPSCANLIB=/dev/null; \
- cd $$dir && echo "making $$target in $$dir..." && \
+ ( cd $$dir && echo "making $$target in $$dir..." && \
$(CLEARENV) && $(MAKE) -e $(BUILDENV) TOP=.. DIR=$$dir $$target \
) || exit 1; \
fi
RECURSIVE_BUILD_CMD=for dir in $(DIRS); do $(BUILD_CMD); done
BUILD_ONE_CMD=\
- if echo " $(DIRS) " | grep " $$dir " >/dev/null 2>/dev/null; then \
+ if expr " $(DIRS) " : ".* $$dir " >/dev/null 2>&1; then \
$(BUILD_CMD); \
fi
@@ -257,93 +267,25 @@
reflect:
@[ -n "$(THIS)" ] && $(CLEARENV) && $(MAKE) $(THIS) -e $(BUILDENV)
-FIPS_EX_OBJ= ../crypto/aes/aes_cfb.o \
- ../crypto/aes/aes_ecb.o \
- ../crypto/aes/aes_ofb.o \
- ../crypto/bn/bn_add.o \
- ../crypto/bn/bn_blind.o \
- ../crypto/bn/bn_ctx.o \
- ../crypto/bn/bn_div.o \
- ../crypto/bn/bn_exp2.o \
- ../crypto/bn/bn_exp.o \
- ../crypto/bn/bn_gcd.o \
- ../crypto/bn/bn_lib.o \
- ../crypto/bn/bn_mod.o \
- ../crypto/bn/bn_mont.o \
- ../crypto/bn/bn_mul.o \
- ../crypto/bn/bn_prime.o \
- ../crypto/bn/bn_rand.o \
- ../crypto/bn/bn_recp.o \
- ../crypto/bn/bn_shift.o \
- ../crypto/bn/bn_sqr.o \
- ../crypto/bn/bn_word.o \
- ../crypto/bn/bn_x931p.o \
- ../crypto/buffer/buf_str.o \
- ../crypto/cryptlib.o \
- ../crypto/des/cfb64ede.o \
- ../crypto/des/cfb64enc.o \
- ../crypto/des/cfb_enc.o \
- ../crypto/des/ecb3_enc.o \
- ../crypto/des/ecb_enc.o \
- ../crypto/des/ofb64ede.o \
- ../crypto/des/ofb64enc.o \
- ../crypto/des/fcrypt.o \
- ../crypto/des/set_key.o \
- ../crypto/dsa/dsa_utl.o \
- ../crypto/dsa/dsa_sign.o \
- ../crypto/dsa/dsa_vrf.o \
- ../crypto/err/err.o \
- ../crypto/evp/digest.o \
- ../crypto/evp/enc_min.o \
- ../crypto/evp/e_aes.o \
- ../crypto/evp/e_des3.o \
- ../crypto/evp/p_sign.o \
- ../crypto/evp/p_verify.o \
- ../crypto/mem_clr.o \
- ../crypto/mem.o \
- ../crypto/rand/md_rand.o \
- ../crypto/rand/rand_egd.o \
- ../crypto/rand/randfile.o \
- ../crypto/rand/rand_lib.o \
- ../crypto/rand/rand_os2.o \
- ../crypto/rand/rand_unix.o \
- ../crypto/rand/rand_win.o \
- ../crypto/rsa/rsa_lib.o \
- ../crypto/rsa/rsa_none.o \
- ../crypto/rsa/rsa_oaep.o \
- ../crypto/rsa/rsa_pk1.o \
- ../crypto/rsa/rsa_pss.o \
- ../crypto/rsa/rsa_ssl.o \
- ../crypto/rsa/rsa_x931.o \
- ../crypto/sha/sha1dgst.o \
- ../crypto/sha/sha256.o \
- ../crypto/sha/sha512.o \
- ../crypto/uid.o
-
sub_all: build_all
build_all: build_libs build_apps build_tests build_tools
-build_libs: build_crypto build_fips build_ssl build_shared build_engines
+build_libs: build_libcrypto build_libssl openssl.pc
+build_libcrypto: build_crypto build_engines libcrypto.pc
+build_libssl: build_ssl libssl.pc
+
build_crypto:
- if [ -n "$(FIPSCANLIB)" ]; then \
- EXCL_OBJ='$(AES_ASM_OBJ) $(BN_ASM) $(DES_ENC) $(CPUID_OBJ) $(SHA1_ASM_OBJ) $(FIPS_EX_OBJ)' ; export EXCL_OBJ ; \
- ARX='$(PERL) $${TOP}/util/arx.pl $(AR)' ; \
- else \
- ARX='${AR}' ; \
- fi ; export ARX ; \
- dir=crypto; target=all; $(BUILD_ONE_CMD)
-build_fips:
- @dir=fips; target=all; [ -z "$(FIPSCANLIB)" ] || $(BUILD_ONE_CMD)
-build_ssl: build_crypto
+ @dir=crypto; target=all; $(BUILD_ONE_CMD)
+build_ssl:
@dir=ssl; target=all; $(BUILD_ONE_CMD)
-build_engines: build_crypto
+build_engines:
@dir=engines; target=all; $(BUILD_ONE_CMD)
-build_apps: build_libs
+build_apps:
@dir=apps; target=all; $(BUILD_ONE_CMD)
-build_tests: build_libs
+build_tests:
@dir=test; target=all; $(BUILD_ONE_CMD)
-build_tools: build_libs
+build_tools:
@dir=tools; target=all; $(BUILD_ONE_CMD)
all_testapps: build_libs build_testapps
@@ -350,20 +292,21 @@
build_testapps:
@dir=crypto; target=testapps; $(BUILD_ONE_CMD)
-build_shared: $(SHARED_LIBS)
-libcrypto$(SHLIB_EXT): libcrypto.a $(SHARED_FIPS)
+fips_premain_dso$(EXE_EXT): libcrypto.a
+ [ -z "$(FIPSCANLIB)" ] || $(CC) $(CFLAG) -Iinclude \
+ -DFINGERPRINT_PREMAIN_DSO_LOAD -o $@ \
+ $(FIPSLIBDIR)fips_premain.c $(FIPSLIBDIR)fipscanister.o \
+ libcrypto.a $(EX_LIBS)
+
+libcrypto$(SHLIB_EXT): libcrypto.a fips_premain_dso$(EXE_EXT)
@if [ "$(SHLIB_TARGET)" != "" ]; then \
- if [ "$(FIPSCANLIB)" = "libfips" ]; then \
- $(ARD) libcrypto.a fipscanister.o ; \
- $(MAKE) SHLIBDIRS='crypto' SHLIBDEPS='-lfips' build-shared; \
- $(AR) libcrypto.a fips/fipscanister.o ; \
- else \
- if [ "$(FIPSCANLIB)" = "libcrypto" ]; then \
- FIPSLD_CC="$(CC)"; CC=fips/fipsld; \
- export CC FIPSLD_CC; \
- fi; \
- $(MAKE) -e SHLIBDIRS='crypto' build-shared; \
- fi \
+ if [ "$(FIPSCANLIB)" = "libcrypto" ]; then \
+ FIPSLD_LIBCRYPTO=libcrypto.a ; \
+ FIPSLD_CC="$(CC)"; CC=$(FIPSDIR)/bin/fipsld; \
+ export CC FIPSLD_CC FIPSLD_LIBCRYPTO; \
+ fi; \
+ $(MAKE) -e SHLIBDIRS=crypto CC="$${CC:-$(CC)}" build-shared && \
+ (touch -c fips_premain_dso$(EXE_EXT) || :); \
else \
echo "There's no support for shared libraries on this platform" >&2; \
exit 1; \
@@ -371,32 +314,12 @@
libssl$(SHLIB_EXT): libcrypto$(SHLIB_EXT) libssl.a
@if [ "$(SHLIB_TARGET)" != "" ]; then \
- shlibdeps=-lcrypto; \
- [ "$(FIPSCANLIB)" = "libfips" ] && shlibdeps="$$shlibdeps -lfips"; \
- $(MAKE) SHLIBDIRS=ssl SHLIBDEPS="$$shlibdeps" build-shared; \
+ $(MAKE) SHLIBDIRS=ssl SHLIBDEPS='-lcrypto' build-shared; \
else \
- echo "There's no support for shared libraries on this platform" >&2 ; \
- exit 1; \
- fi
-
-fips/fipscanister.o: build_fips
-libfips$(SHLIB_EXT): fips/fipscanister.o
- @if [ "$(SHLIB_TARGET)" != "" ]; then \
- FIPSLD_CC="$(CC)"; CC=fips/fipsld; export CC FIPSLD_CC; \
- $(MAKE) -f Makefile.shared -e $(BUILDENV) \
- CC=$${CC} LIBNAME=fips THIS=$@ \
- LIBEXTRAS=fips/fipscanister.o \
- LIBDEPS="$(EX_LIBS)" \
- LIBVERSION=${SHLIB_MAJOR}.${SHLIB_MINOR} \
- link_o.$(SHLIB_TARGET) || { rm -f $@; exit 1; } \
- else \
echo "There's no support for shared libraries on this platform" >&2; \
exit 1; \
fi
-libfips.a:
- dir=fips; target=all; $(BUILD_ONE_CMD)
-
clean-shared:
@set -e; for i in $(SHLIBDIRS); do \
if [ -n "$(SHARED_LIBS_LINK_EXTS)" ]; then \
@@ -412,10 +335,10 @@
done
link-shared:
- @ set -e; for i in ${SHLIBDIRS}; do \
+ @ set -e; for i in $(SHLIBDIRS); do \
$(MAKE) -f $(HERE)/Makefile.shared -e $(BUILDENV) \
- LIBNAME=$$i LIBVERSION=${SHLIB_MAJOR}.${SHLIB_MINOR} \
- LIBCOMPATVERSIONS=";${SHLIB_VERSION_HISTORY}" \
+ LIBNAME=$$i LIBVERSION=$(SHLIB_MAJOR).$(SHLIB_MINOR) \
+ LIBCOMPATVERSIONS=";$(SHLIB_VERSION_HISTORY)" \
symlink.$(SHLIB_TARGET); \
libs="$$libs -l$$i"; \
done
@@ -423,13 +346,13 @@
build-shared: do_$(SHLIB_TARGET) link-shared
do_$(SHLIB_TARGET):
- @ set -e; libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
- if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
+ @ set -e; libs='-L. $(SHLIBDEPS)'; for i in $(SHLIBDIRS); do \
+ if [ "$$i" = "ssl" -a -n "$(LIBKRB5)" ]; then \
libs="$(LIBKRB5) $$libs"; \
fi; \
$(CLEARENV) && $(MAKE) -f Makefile.shared -e $(BUILDENV) \
- LIBNAME=$$i LIBVERSION=${SHLIB_MAJOR}.${SHLIB_MINOR} \
- LIBCOMPATVERSIONS=";${SHLIB_VERSION_HISTORY}" \
+ LIBNAME=$$i LIBVERSION=$(SHLIB_MAJOR).$(SHLIB_MINOR) \
+ LIBCOMPATVERSIONS=";$(SHLIB_VERSION_HISTORY)" \
LIBDEPS="$$libs $(EX_LIBS)" \
link_a.$(SHLIB_TARGET); \
libs="-l$$i $$libs"; \
@@ -445,7 +368,8 @@
echo 'Description: OpenSSL cryptography library'; \
echo 'Version: '$(VERSION); \
echo 'Requires: '; \
- echo 'Libs: -L$${libdir} -lcrypto $(EX_LIBS)'; \
+ echo 'Libs: -L$${libdir} -lcrypto'; \
+ echo 'Libs.private: $(EX_LIBS)'; \
echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libcrypto.pc
libssl.pc: Makefile
@@ -458,7 +382,8 @@
echo 'Description: Secure Sockets Layer and cryptography libraries'; \
echo 'Version: '$(VERSION); \
echo 'Requires: '; \
- echo 'Libs: -L$${libdir} -lssl -lcrypto $(EX_LIBS)'; \
+ echo 'Libs: -L$${libdir} -lssl -lcrypto'; \
+ echo 'Libs.private: $(EX_LIBS)'; \
echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libssl.pc
openssl.pc: Makefile
@@ -471,7 +396,8 @@
echo 'Description: Secure Sockets Layer and cryptography libraries and tools'; \
echo 'Version: '$(VERSION); \
echo 'Requires: '; \
- echo 'Libs: -L$${libdir} -lssl -lcrypto $(EX_LIBS)'; \
+ echo 'Libs: -L$${libdir} -lssl -lcrypto'; \
+ echo 'Libs.private: $(EX_LIBS)'; \
echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > openssl.pc
Makefile: Makefile.org Configure config
@@ -480,7 +406,7 @@
@false
libclean:
- rm -f *.map *.so *.so.* *.dll engines/*.so engines/*.dll *.a engines/*.a */lib */*/lib
+ rm -f *.map *.so *.so.* *.dylib *.dll engines/*.so engines/*.dll engines/*.dylib *.a engines/*.a */lib */*/lib
clean: libclean
rm -f shlib/*.o *.o core a.out fluff rehash.time testlog make.log cctest cctest.c
@@ -506,16 +432,13 @@
@$(PERL) $(TOP)/util/mkdir-p.pl include/openssl
@$(PERL) $(TOP)/util/mklink.pl include/openssl $(EXHEADER)
@set -e; target=links; $(RECURSIVE_BUILD_CMD)
- @if [ -z "$(FIPSCANLIB)" ]; then \
- set -e; target=links; dir=fips ; $(BUILD_CMD) ; \
- fi
gentests:
@(cd test && echo "generating dummy tests (if needed)..." && \
- $(CLEARENV) && $(MAKE) -e $(BUILDENV) TESTS='${TESTS}' OPENSSL_DEBUG_MEMORY=on generate );
+ $(CLEARENV) && $(MAKE) -e $(BUILDENV) TESTS='$(TESTS)' OPENSSL_DEBUG_MEMORY=on generate );
dclean:
- rm -f *.bak
+ rm -rf *.bak include/openssl certs/.0
@set -e; target=dclean; $(RECURSIVE_BUILD_CMD)
rehash: rehash.time
@@ -522,22 +445,26 @@
rehash.time: certs apps
@if [ -z "$(CROSS_COMPILE)" ]; then \
(OPENSSL="`pwd`/util/opensslwrap.sh"; \
+ [ -x "apps/openssl.exe" ] && OPENSSL="apps/openssl.exe" || :; \
OPENSSL_DEBUG_MEMORY=on; \
export OPENSSL OPENSSL_DEBUG_MEMORY; \
- $(PERL) tools/c_rehash certs) && \
+ $(PERL) tools/c_rehash certs/demo) && \
touch rehash.time; \
- fi
+ else :; fi
test: tests
tests: rehash
@(cd test && echo "testing..." && \
- $(CLEARENV) && $(MAKE) -e $(BUILDENV) TOP=.. TESTS='${TESTS}' OPENSSL_DEBUG_MEMORY=on tests );
- util/opensslwrap.sh version -a
+ $(CLEARENV) && $(MAKE) -e $(BUILDENV) TOP=.. TESTS='$(TESTS)' OPENSSL_DEBUG_MEMORY=on OPENSSL_CONF=../apps/openssl.cnf tests );
+ OPENSSL_CONF=apps/openssl.cnf util/opensslwrap.sh version -a
report:
@$(PERL) util/selftest.pl
+update: errors stacks util/libeay.num util/ssleay.num TABLE
+ @set -e; target=update; $(RECURSIVE_BUILD_CMD)
+
depend:
@set -e; target=depend; $(RECURSIVE_BUILD_CMD)
@@ -549,9 +476,9 @@
find . -name '[^.]*.[ch]' | xargs etags -a
errors:
+ $(PERL) util/ck_errf.pl -strict */*.c */*/*.c
$(PERL) util/mkerr.pl -recurse -write
(cd engines; $(MAKE) PERL=$(PERL) errors)
- $(PERL) util/ck_errf.pl */*.c */*/*.c
stacks:
$(PERL) util/mkstack.pl -write
@@ -562,24 +489,10 @@
util/ssleay.num::
$(PERL) util/mkdef.pl ssl update
-crypto/objects/obj_dat.h: crypto/objects/obj_dat.pl crypto/objects/obj_mac.h
- $(PERL) crypto/objects/obj_dat.pl crypto/objects/obj_mac.h crypto/objects/obj_dat.h
-crypto/objects/obj_mac.h: crypto/objects/objects.pl crypto/objects/objects.txt crypto/objects/obj_mac.num
- $(PERL) crypto/objects/objects.pl crypto/objects/objects.txt crypto/objects/obj_mac.num crypto/objects/obj_mac.h
-
-apps/openssl-vms.cnf: apps/openssl.cnf
- $(PERL) VMS/VMSify-conf.pl < apps/openssl.cnf > apps/openssl-vms.cnf
-
-crypto/bn/bn_prime.h: crypto/bn/bn_prime.pl
- $(PERL) crypto/bn/bn_prime.pl >crypto/bn/bn_prime.h
-
-
TABLE: Configure
(echo 'Output of `Configure TABLE'"':"; \
$(PERL) Configure TABLE) > TABLE
-update: errors stacks util/libeay.num util/ssleay.num crypto/objects/obj_dat.h apps/openssl-vms.cnf crypto/bn/bn_prime.h TABLE depend
-
# Build distribution tar-file. As the list of files returned by "find" is
# pretty long, on several platforms a "too many arguments" error or similar
# would occur. Therefore the list of files is temporarily stored into a file
@@ -609,8 +522,8 @@
dist:
$(PERL) Configure dist
@$(MAKE) dist_pem_h
- @$(MAKE) SDIRS='${SDIRS}' clean
- @$(MAKE) TAR='${TAR}' TARFLAGS='${TARFLAGS}' tar
+ @$(MAKE) SDIRS='$(SDIRS)' clean
+ @$(MAKE) TAR='$(TAR)' TARFLAGS='$(TARFLAGS)' tar
dist_pem_h:
(cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean)
@@ -632,7 +545,7 @@
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
done;
@set -e; target=install; $(RECURSIVE_BUILD_CMD)
- @set -e; for i in $(LIBS) ;\
+ @set -e; liblist="$(LIBS)"; for i in $$liblist ;\
do \
if [ -f "$$i" ]; then \
( echo installing $$i; \
@@ -661,6 +574,16 @@
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i; \
fi ); \
+ if expr $(PLATFORM) : 'mingw' > /dev/null; then \
+ ( case $$i in \
+ *crypto*) i=libeay32.dll;; \
+ *ssl*) i=ssleay32.dll;; \
+ esac; \
+ echo installing $$i; \
+ cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
+ chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
+ mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i ); \
+ fi; \
fi; \
done; \
( here="`pwd`"; \
@@ -680,6 +603,27 @@
cp openssl.pc $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig/openssl.pc
+install_html_docs:
+ here="`pwd`"; \
+ for subdir in apps crypto ssl; do \
+ mkdir -p $(INSTALL_PREFIX)$(HTMLDIR)/$$subdir; \
+ for i in doc/$$subdir/*.pod; do \
+ fn=`basename $$i .pod`; \
+ echo "installing html/$$fn.$(HTMLSUFFIX)"; \
+ cat $$i \
+ | sed -r 's/L<([^)]*)(\([0-9]\))?\|([^)]*)(\([0-9]\))?>/L<\1|\3>/g' \
+ | pod2html --podroot=doc --htmlroot=.. --podpath=apps:crypto:ssl \
+ | sed -r 's/<!DOCTYPE.*//g' \
+ > $(INSTALL_PREFIX)$(HTMLDIR)/$$subdir/$$fn.$(HTMLSUFFIX); \
+ $(PERL) util/extract-names.pl < $$i | \
+ grep -v $$filecase "^$$fn\$$" | \
+ (cd $(INSTALL_PREFIX)$(HTMLDIR)/$$subdir; \
+ while read n; do \
+ PLATFORM=$(PLATFORM) $$here/util/point.sh $$fn.$(HTMLSUFFIX) "$$n".$(HTMLSUFFIX); \
+ done); \
+ done; \
+ done
+
install_docs:
@$(PERL) $(TOP)/util/mkdir-p.pl \
$(INSTALL_PREFIX)$(MANDIR)/man1 \
@@ -706,7 +650,7 @@
(grep -v "[ ]"; true) | \
(cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \
while read n; do \
- $$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \
+ PLATFORM=$(PLATFORM) $$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \
done); \
done; \
set -e; for i in doc/crypto/*.pod doc/ssl/*.pod; do \
@@ -723,7 +667,7 @@
(grep -v "[ ]"; true) | \
(cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \
while read n; do \
- $$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \
+ PLATFORM=$(PLATFORM) $$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \
done); \
done
Modified: trunk/crypto/openssl/Makefile.shared
===================================================================
--- trunk/crypto/openssl/Makefile.shared 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/Makefile.shared 2015-07-21 23:23:45 UTC (rev 7118)
@@ -14,6 +14,8 @@
LDFLAGS=
SHARED_LDFLAGS=
+NM=nm
+
# LIBNAME contains just the name of the library, without prefix ("lib"
# on Unix, "cyg" for certain forms under Cygwin...) or suffix (.a, .so,
# .dll, ...). This one MUST have a value when using this makefile to
@@ -91,7 +93,7 @@
( $(SET_X); \
LIBDEPS="$${LIBDEPS:-$(LIBDEPS)}"; \
LDCMD="$${LDCMD:-$(CC)}"; LDFLAGS="$${LDFLAGS:-$(CFLAGS)}"; \
- LIBPATH=`for x in $$LIBDEPS; do if echo $$x | grep '^ *-L' > /dev/null 2>&1; then echo $$x | sed -e 's/^ *-L//'; fi; done | uniq`; \
+ LIBPATH=`for x in $$LIBDEPS; do echo $$x; done | sed -e 's/^ *-L//;t' -e d | uniq`; \
LIBPATH=`echo $$LIBPATH | sed -e 's/ /:/g'`; \
LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \
$${LDCMD} $${LDFLAGS} -o $${APPNAME:=$(APPNAME)} $(OBJECTS) $${LIBDEPS} )
@@ -101,7 +103,7 @@
LIBDEPS="$${LIBDEPS:-$(LIBDEPS)}"; \
SHAREDCMD="$${SHAREDCMD:-$(CC)}"; \
SHAREDFLAGS="$${SHAREDFLAGS:-$(CFLAGS) $(SHARED_LDFLAGS)}"; \
- LIBPATH=`for x in $$LIBDEPS; do if echo $$x | grep '^ *-L' > /dev/null 2>&1; then echo $$x | sed -e 's/^ *-L//'; fi; done | uniq`; \
+ LIBPATH=`for x in $$LIBDEPS; do echo $$x; done | sed -e 's/^ *-L//;t' -e d | uniq`; \
LIBPATH=`echo $$LIBPATH | sed -e 's/ /:/g'`; \
LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \
$${SHAREDCMD} $${SHAREDFLAGS} \
@@ -133,7 +135,7 @@
ALL=$$ALLSYMSFLAGS; ALLSYMSFLAGS=; NOALLSYMSFLAGS=; \
( $(SET_X); \
ld $(LDFLAGS) -r -o lib$(LIBNAME).o $$ALL lib$(LIBNAME).a $(LIBEXTRAS) ); \
- $(LINK_SO) && rm -f $(LIBNAME).o
+ $(LINK_SO) && rm -f lib$(LIBNAME).o
LINK_SO_A_UNPACKED= \
UNPACKDIR=link_tmp.$$$$; rm -rf $$UNPACKDIR; mkdir $$UNPACKDIR; \
@@ -142,7 +144,7 @@
SHOBJECTS=$$UNPACKDIR/*.o; \
$(LINK_SO) && rm -rf $$UNPACKDIR
-DETECT_GNU_LD=(${CC} -Wl,-V /dev/null 2>&1 | grep '^GNU ld' )>/dev/null
+DETECT_GNU_LD=($(CC) -Wl,-V /dev/null 2>&1 | grep '^GNU ld' )>/dev/null
DO_GNU_SO=$(CALC_VERSIONS); \
SHLIB=lib$(LIBNAME).so; \
@@ -168,8 +170,19 @@
link_app.gnu:
@ $(DO_GNU_APP); $(LINK_APP)
+DO_BEOS_SO= SHLIB=lib$(LIBNAME).so; \
+ SHLIB_SUFFIX=; \
+ ALLSYMSFLAGS='-Wl,--whole-archive'; \
+ NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \
+ SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB$$SHLIB_SUFFIX"
+
+link_o.beos:
+ @ $(DO_BEOS_SO); $(LINK_SO_O)
+link_a.beos:
+ @ $(DO_BEOS_SO); $(LINK_SO_A)
+
link_o.bsd:
- @if ${DETECT_GNU_LD}; then $(DO_GNU_SO); else \
+ @if $(DETECT_GNU_LD); then $(DO_GNU_SO); else \
$(CALC_VERSIONS); \
SHLIB=lib$(LIBNAME).so; \
SHLIB_SUFFIX=; \
@@ -179,7 +192,7 @@
SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -nostdlib"; \
fi; $(LINK_SO_O)
link_a.bsd:
- @if ${DETECT_GNU_LD}; then $(DO_GNU_SO); else \
+ @if $(DETECT_GNU_LD); then $(DO_GNU_SO); else \
$(CALC_VERSIONS); \
SHLIB=lib$(LIBNAME).so; \
SHLIB_SUFFIX=; \
@@ -189,24 +202,34 @@
SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -nostdlib"; \
fi; $(LINK_SO_A)
link_app.bsd:
- @if ${DETECT_GNU_LD}; then $(DO_GNU_APP); else \
+ @if $(DETECT_GNU_LD); then $(DO_GNU_APP); else \
LDFLAGS="$(CFLAGS) -Wl,-rpath,$(LIBPATH)"; \
fi; $(LINK_APP)
# For Darwin AKA Mac OS/X (dyld)
-# link_o.darwin produces .so, because we let it use dso_dlfcn module,
-# which has .so extension hard-coded. One can argue that one should
-# develop special dso module for MacOS X. At least manual encourages
-# to use native NSModule(3) API and refers to dlfcn as termporary hack.
+# Originally link_o.darwin produced .so, because it was hard-coded
+# in dso_dlfcn module. At later point dso_dlfcn switched to .dylib
+# extension in order to allow for run-time linking with vendor-
+# supplied shared libraries such as libz, so that link_o.darwin had
+# to be harmonized with it. This caused minor controversy, because
+# it was believed that dlopen can't be used to dynamically load
+# .dylib-s, only so called bundle modules (ones linked with -bundle
+# flag). The belief seems to be originating from pre-10.4 release,
+# where dlfcn functionality was emulated by dlcompat add-on. In
+# 10.4 dlopen was rewritten as native part of dyld and is documented
+# to be capable of loading both dynamic libraries and bundles. In
+# order to provide compatibility with pre-10.4 dlopen, modules are
+# linked with -bundle flag, which makes .dylib extension misleading.
+# It works, because dlopen is [and always was] extension-agnostic.
+# Alternative to this heuristic approach is to develop specific
+# MacOS X dso module relying on whichever "native" dyld interface.
link_o.darwin:
@ $(CALC_VERSIONS); \
- SHLIB=`expr "$$THIS" : '.*/\([^/\.]*\)\.'`; \
- SHLIB=$${SHLIB:-lib$(LIBNAME)}; \
- SHLIB_SUFFIX=`expr "$$THIS" : '.*\(\.[^\.]*\)$$'`; \
- SHLIB_SUFFIX=$${SHLIB_SUFFIX:-.so}; \
+ SHLIB=lib$(LIBNAME); \
+ SHLIB_SUFFIX=.dylib; \
ALLSYMSFLAGS='-all_load'; \
NOALLSYMSFLAGS=''; \
- SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS)"; \
+ SHAREDFLAGS="$(CFLAGS) `echo $(SHARED_LDFLAGS) | sed s/dynamiclib/bundle/`"; \
if [ -n "$(LIBVERSION)" ]; then \
SHAREDFLAGS="$$SHAREDFLAGS -current_version $(LIBVERSION)"; \
fi; \
@@ -227,7 +250,7 @@
if [ -n "$$SHLIB_SOVER_NODOT" ]; then \
SHAREDFLAGS="$$SHAREDFLAGS -compatibility_version $$SHLIB_SOVER_NODOT"; \
fi; \
- SHAREDFLAGS="$$SHAREDFLAGS -install_name ${INSTALLTOP}/lib/$$SHLIB${SHLIB_EXT}"; \
+ SHAREDFLAGS="$$SHAREDFLAGS -install_name $(INSTALLTOP)/$(LIBDIR)/$$SHLIB$(SHLIB_EXT)"; \
$(LINK_SO_A)
link_app.darwin: # is there run-path on darwin?
$(LINK_APP)
@@ -237,8 +260,12 @@
INHIBIT_SYMLINKS=yes; \
SHLIB=cyg$(LIBNAME); \
base=-Wl,--enable-auto-image-base; \
+ deffile=; \
if expr $(PLATFORM) : 'mingw' > /dev/null; then \
SHLIB=$(LIBNAME)eay32; base=; \
+ if test -f $(LIBNAME)eay32.def; then \
+ deffile=$(LIBNAME)eay32.def; \
+ fi; \
fi; \
SHLIB_SUFFIX=.dll; \
LIBVERSION="$(LIBVERSION)"; \
@@ -245,32 +272,47 @@
SHLIB_SOVER=${LIBVERSION:+"-$(LIBVERSION)"}; \
ALLSYMSFLAGS='-Wl,--whole-archive'; \
NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \
- SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared $$base -Wl,-Bsymbolic -Wl,--out-implib,lib$(LIBNAME).dll.a"; \
+ SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared $$base $$deffile -Wl,-s,-Bsymbolic"; \
$(LINK_SO_O)
+#for mingw target if def-file is in use dll-name should match library-name
link_a.cygwin:
@ $(CALC_VERSIONS); \
INHIBIT_SYMLINKS=yes; \
- SHLIB=cyg$(LIBNAME); \
+ SHLIB=cyg$(LIBNAME); SHLIB_SOVER=-$(LIBVERSION); SHLIB_SUFFIX=.dll; \
+ dll_name=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX; extras=; \
base=-Wl,--enable-auto-image-base; \
if expr $(PLATFORM) : 'mingw' > /dev/null; then \
- SHLIB=$(LIBNAME)eay32; \
- base=; [ $(LIBNAME) = "crypto" ] && base=-Wl,--image-base,0x63000000; \
+ case $(LIBNAME) in \
+ crypto) SHLIB=libeay;; \
+ ssl) SHLIB=ssleay;; \
+ esac; \
+ SHLIB_SOVER=32; \
+ extras="$(LIBNAME).def"; \
+ $(PERL) util/mkdef.pl 32 $$SHLIB > $$extras; \
+ base=; [ $(LIBNAME) = "crypto" ] && base=-Wl,--image-base,0x63000000; \
fi; \
- SHLIB_SUFFIX=.dll; \
- SHLIB_SOVER=-$(LIBVERSION); \
+ dll_name=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX; \
+ $(PERL) util/mkrc.pl $$dll_name | \
+ $(CROSS_COMPILE)windres -o rc.o; \
+ extras="$$extras rc.o"; \
ALLSYMSFLAGS='-Wl,--whole-archive'; \
NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \
- SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared $$base -Wl,-Bsymbolic -Wl,--out-implib,lib$(LIBNAME).dll.a"; \
- [ -f apps/$$SHLIB$$SHLIB_SUFFIX ] && rm apps/$$SHLIB$$SHLIB_SUFFIX; \
- [ -f test/$$SHLIB$$SHLIB_SUFFIX ] && rm test/$$SHLIB$$SHLIB_SUFFIX; \
+ SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared $$base -Wl,-s,-Bsymbolic -Wl,--out-implib,lib$(LIBNAME).dll.a $$extras"; \
+ [ -f apps/$$dll_name ] && rm apps/$$dll_name; \
+ [ -f test/$$dll_name ] && rm test/$$dll_name; \
$(LINK_SO_A) || exit 1; \
- cp -p $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX apps/; \
- cp -p $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX test/
+ rm $$extras; \
+ cp -p $$dll_name apps/; \
+ cp -p $$dll_name test/
link_app.cygwin:
+ @if expr "$(CFLAGS)" : '.*OPENSSL_USE_APPLINK' > /dev/null; then \
+ LIBDEPS="$(TOP)/crypto/applink.o $${LIBDEPS:-$(LIBDEPS)}"; \
+ export LIBDEPS; \
+ fi; \
$(LINK_APP)
link_o.alpha-osf1:
- @ if ${DETECT_GNU_LD}; then \
+ @ if $(DETECT_GNU_LD); then \
$(DO_GNU_SO); \
else \
SHLIB=lib$(LIBNAME).so; \
@@ -291,7 +333,7 @@
fi; \
$(LINK_SO_O)
link_a.alpha-osf1:
- @ if ${DETECT_GNU_LD}; then \
+ @ if $(DETECT_GNU_LD); then \
$(DO_GNU_SO); \
else \
SHLIB=lib$(LIBNAME).so; \
@@ -312,7 +354,7 @@
fi; \
$(LINK_SO_A)
link_app.alpha-osf1:
- @if ${DETECT_GNU_LD}; then \
+ @if $(DETECT_GNU_LD); then \
$(DO_GNU_APP); \
else \
LDFLAGS="$(CFLAGS) -rpath $(LIBRPATH)"; \
@@ -320,7 +362,7 @@
$(LINK_APP)
link_o.solaris:
- @ if ${DETECT_GNU_LD}; then \
+ @ if $(DETECT_GNU_LD); then \
$(DO_GNU_SO); \
else \
$(CALC_VERSIONS); \
@@ -334,12 +376,12 @@
fi; \
$(LINK_SO_O)
link_a.solaris:
- @ if ${DETECT_GNU_LD}; then \
+ @ if $(DETECT_GNU_LD); then \
$(DO_GNU_SO); \
else \
$(CALC_VERSIONS); \
MINUSZ='-z '; \
- (${CC} -v 2>&1 | grep gcc) > /dev/null && MINUSZ='-Wl,-z,'; \
+ ($(CC) -v 2>&1 | grep gcc) > /dev/null && MINUSZ='-Wl,-z,'; \
SHLIB=lib$(LIBNAME).so; \
SHLIB_SUFFIX=;\
ALLSYMSFLAGS="$${MINUSZ}allextract"; \
@@ -348,7 +390,7 @@
fi; \
$(LINK_SO_A)
link_app.solaris:
- @ if ${DETECT_GNU_LD}; then \
+ @ if $(DETECT_GNU_LD); then \
$(DO_GNU_APP); \
else \
LDFLAGS="$(CFLAGS) -R $(LIBRPATH)"; \
@@ -357,7 +399,7 @@
# OpenServer 5 native compilers used
link_o.svr3:
- @ if ${DETECT_GNU_LD}; then \
+ @ if $(DETECT_GNU_LD); then \
$(DO_GNU_SO); \
else \
$(CALC_VERSIONS); \
@@ -369,7 +411,7 @@
fi; \
$(LINK_SO_O)
link_a.svr3:
- @ if ${DETECT_GNU_LD}; then \
+ @ if $(DETECT_GNU_LD); then \
$(DO_GNU_SO); \
else \
$(CALC_VERSIONS); \
@@ -381,12 +423,12 @@
fi; \
$(LINK_SO_A_UNPACKED)
link_app.svr3:
- @${DETECT_GNU_LD} && $(DO_GNU_APP); \
+ @$(DETECT_GNU_LD) && $(DO_GNU_APP); \
$(LINK_APP)
# UnixWare 7 and OpenUNIX 8 native compilers used
link_o.svr5:
- @ if ${DETECT_GNU_LD}; then \
+ @ if $(DETECT_GNU_LD); then \
$(DO_GNU_SO); \
else \
$(CALC_VERSIONS); \
@@ -400,12 +442,12 @@
fi; \
$(LINK_SO_O)
link_a.svr5:
- @ if ${DETECT_GNU_LD}; then \
+ @ if $(DETECT_GNU_LD); then \
$(DO_GNU_SO); \
else \
$(CALC_VERSIONS); \
SHARE_FLAG='-G'; \
- (${CC} -v 2>&1 | grep gcc) > /dev/null && SHARE_FLAG='-shared'; \
+ ($(CC) -v 2>&1 | grep gcc) > /dev/null && SHARE_FLAG='-shared'; \
SHLIB=lib$(LIBNAME).so; \
SHLIB_SUFFIX=; \
ALLSYMSFLAGS=''; \
@@ -414,11 +456,11 @@
fi; \
$(LINK_SO_A_UNPACKED)
link_app.svr5:
- @${DETECT_GNU_LD} && $(DO_GNU_APP); \
+ @$(DETECT_GNU_LD) && $(DO_GNU_APP); \
$(LINK_APP)
link_o.irix:
- @ if ${DETECT_GNU_LD}; then \
+ @ if $(DETECT_GNU_LD); then \
$(DO_GNU_SO); \
else \
$(CALC_VERSIONS); \
@@ -432,7 +474,7 @@
fi; \
$(LINK_SO_O)
link_a.irix:
- @ if ${DETECT_GNU_LD}; then \
+ @ if $(DETECT_GNU_LD); then \
$(DO_GNU_SO); \
else \
$(CALC_VERSIONS); \
@@ -458,7 +500,7 @@
# ELFs by the way].
#
link_o.hpux:
- @if ${DETECT_GNU_LD}; then $(DO_GNU_SO); else \
+ @if $(DETECT_GNU_LD); then $(DO_GNU_SO); else \
$(CALC_VERSIONS); \
SHLIB=lib$(LIBNAME).sl; \
expr "$(CFLAGS)" : '.*DSO_DLFCN' > /dev/null && SHLIB=lib$(LIBNAME).so; \
@@ -471,7 +513,7 @@
rm -f $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX || :; \
$(LINK_SO_O) && chmod a=rx $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX
link_a.hpux:
- @if ${DETECT_GNU_LD}; then $(DO_GNU_SO); else \
+ @if $(DETECT_GNU_LD); then $(DO_GNU_SO); else \
$(CALC_VERSIONS); \
SHLIB=lib$(LIBNAME).sl; \
expr $(PLATFORM) : '.*ia64' > /dev/null && SHLIB=lib$(LIBNAME).so; \
@@ -484,7 +526,7 @@
rm -f $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX || :; \
$(LINK_SO_A) && chmod a=rx $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX
link_app.hpux:
- @if ${DETECT_GNU_LD}; then $(DO_GNU_APP); else \
+ @if $(DETECT_GNU_LD); then $(DO_GNU_APP); else \
LDFLAGS="$(CFLAGS) -Wl,+s,+cdp,../:,+cdp,./:,+b,$(LIBRPATH)"; \
fi; \
$(LINK_APP)
@@ -549,7 +591,7 @@
expr $(PLATFORM) : '.*ia64' > /dev/null && SHLIB=lib$(LIBNAME).so; \
$(SYMLINK_SO)
# The following lines means those specific architectures do no symlinks
-symlink.cygwin symlink.alpha-osf1 symlink.tru64 symlink.tru64-rpath:
+symlink.cygwin symlink.alpha-osf1 symlink.tru64 symlink.tru64-rpath symlink.beos:
# Compatibility targets
link_o.bsd-gcc-shared link_o.linux-shared link_o.gnu-shared: link_o.gnu
@@ -607,3 +649,7 @@
link_a.reliantunix-shared: link_a.reliantunix
link_app.reliantunix-shared: link_app.reliantunix
symlink.reliantunix-shared: symlink.reliantunix
+link_o.beos-shared: link_o.beos
+link_a.beos-shared: link_a.beos
+link_app.beos-shared: link_app.gnu
+symlink.beos-shared: symlink.beos
Modified: trunk/crypto/openssl/NEWS
===================================================================
--- trunk/crypto/openssl/NEWS 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/NEWS 2015-07-21 23:23:45 UTC (rev 7118)
@@ -5,8 +5,12 @@
This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.
- Major changes between OpenSSL 0.9.8zf and OpenSSL 0.9.8zg [11 Jun 2015]
+ Major changes between OpenSSL 1.0.1n and OpenSSL 1.0.1o [12 Jun 2015]
+ o Fix HMAC ABI incompatibility
+
+ Major changes between OpenSSL 1.0.1m and OpenSSL 1.0.1n [11 Jun 2015]
+
o Malformed ECParameters causes infinite loop (CVE-2015-1788)
o Exploitable out-of-bounds read in X509_cmp_time (CVE-2015-1789)
o PKCS7 crash with missing EnvelopedContent (CVE-2015-1790)
@@ -13,7 +17,7 @@
o CMS verify infinite loop with unknown hash function (CVE-2015-1792)
o Race condition handling NewSessionTicket (CVE-2015-1791)
- Major changes between OpenSSL 0.9.8ze and OpenSSL 0.9.8zf [19 Mar 2015]
+ Major changes between OpenSSL 1.0.1l and OpenSSL 1.0.1m [19 Mar 2015]
o Segmentation fault in ASN1_TYPE_cmp fix (CVE-2015-0286)
o ASN.1 structure reuse memory corruption fix (CVE-2015-0287)
@@ -23,20 +27,22 @@
o X509_to_X509_REQ NULL pointer deref fix (CVE-2015-0288)
o Removed the export ciphers from the DEFAULT ciphers
- Major changes between OpenSSL 0.9.8zd and OpenSSL 0.9.8ze [15 Jan 2015]
+ Major changes between OpenSSL 1.0.1k and OpenSSL 1.0.1l [15 Jan 2015]
o Build fixes for the Windows and OpenVMS platforms
- Major changes between OpenSSL 0.9.8zc and OpenSSL 0.9.8zd [8 Jan 2015]
+ Major changes between OpenSSL 1.0.1j and OpenSSL 1.0.1k [8 Jan 2015]
o Fix for CVE-2014-3571
+ o Fix for CVE-2015-0206
o Fix for CVE-2014-3569
o Fix for CVE-2014-3572
o Fix for CVE-2015-0204
+ o Fix for CVE-2015-0205
o Fix for CVE-2014-8275
o Fix for CVE-2014-3570
- Major changes between OpenSSL 0.9.8zb and OpenSSL 0.9.8zc [15 Oct 2014]:
+ Major changes between OpenSSL 1.0.1i and OpenSSL 1.0.1j [15 Oct 2014]
o Fix for CVE-2014-3513
o Fix for CVE-2014-3567
@@ -43,88 +49,154 @@
o Mitigation for CVE-2014-3566 (SSL protocol vulnerability)
o Fix for CVE-2014-3568
- Major changes between OpenSSL 0.9.8za and OpenSSL 0.9.8zb [6 Aug 2014]:
+ Major changes between OpenSSL 1.0.1h and OpenSSL 1.0.1i [6 Aug 2014]
+ o Fix for CVE-2014-3512
+ o Fix for CVE-2014-3511
o Fix for CVE-2014-3510
o Fix for CVE-2014-3507
o Fix for CVE-2014-3506
o Fix for CVE-2014-3505
+ o Fix for CVE-2014-3509
+ o Fix for CVE-2014-5139
o Fix for CVE-2014-3508
- Known issues in OpenSSL 0.9.8za:
+ Major changes between OpenSSL 1.0.1g and OpenSSL 1.0.1h [5 Jun 2014]
- o Compilation failure of s3_pkt.c on some platforms due to missing
- <limits.h> include. Fixed in 0.9.8zb-dev.
- o FIPS capable link failure with missing symbol BN_consttime_swap.
- Fixed in 0.9.8zb-dev. Workaround is to compile with no-ec: the EC
- algorithms are not FIPS approved in OpenSSL 0.9.8 anyway.
-
- Major changes between OpenSSL 0.9.8y and OpenSSL 0.9.8za [5 Jun 2014]:
-
o Fix for CVE-2014-0224
o Fix for CVE-2014-0221
+ o Fix for CVE-2014-0198
o Fix for CVE-2014-0195
o Fix for CVE-2014-3470
- o Fix for CVE-2014-0076
o Fix for CVE-2010-5298
- o Fix to TLS alert handling.
- Major changes between OpenSSL 0.9.8x and OpenSSL 0.9.8y [5 Feb 2013]:
+ Major changes between OpenSSL 1.0.1f and OpenSSL 1.0.1g [7 Apr 2014]
+ o Fix for CVE-2014-0160
+ o Add TLS padding extension workaround for broken servers.
+ o Fix for CVE-2014-0076
+
+ Major changes between OpenSSL 1.0.1e and OpenSSL 1.0.1f [6 Jan 2014]
+
+ o Don't include gmt_unix_time in TLS server and client random values
+ o Fix for TLS record tampering bug CVE-2013-4353
+ o Fix for TLS version checking bug CVE-2013-6449
+ o Fix for DTLS retransmission bug CVE-2013-6450
+
+ Major changes between OpenSSL 1.0.1d and OpenSSL 1.0.1e [11 Feb 2013]:
+
+ o Corrected fix for CVE-2013-0169
+
+ Major changes between OpenSSL 1.0.1c and OpenSSL 1.0.1d [4 Feb 2013]:
+
+ o Fix renegotiation in TLS 1.1, 1.2 by using the correct TLS version.
+ o Include the fips configuration module.
+ o Fix OCSP bad key DoS attack CVE-2013-0166
o Fix for SSL/TLS/DTLS CBC plaintext recovery attack CVE-2013-0169
- o Fix OCSP bad key DoS attack CVE-2013-0166
+ o Fix for TLS AESNI record handling flaw CVE-2012-2686
- Major changes between OpenSSL 0.9.8w and OpenSSL 0.9.8x [10 May 2012]:
+ Major changes between OpenSSL 1.0.1b and OpenSSL 1.0.1c [10 May 2012]:
- o Fix DTLS record length checking bug CVE-2012-2333
+ o Fix TLS/DTLS record length checking bug CVE-2012-2333
+ o Don't attempt to use non-FIPS composite ciphers in FIPS mode.
- Major changes between OpenSSL 0.9.8v and OpenSSL 0.9.8w [23 Apr 2012]:
+ Major changes between OpenSSL 1.0.1a and OpenSSL 1.0.1b [26 Apr 2012]:
- o Fix for CVE-2012-2131 (corrected fix for 0.9.8 and CVE-2012-2110)
+ o Fix compilation error on non-x86 platforms.
+ o Make FIPS capable OpenSSL ciphers work in non-FIPS mode.
+ o Fix SSL_OP_NO_TLSv1_1 clash with SSL_OP_ALL in OpenSSL 1.0.0
- Major changes between OpenSSL 0.9.8u and OpenSSL 0.9.8v [19 Apr 2012]:
+ Major changes between OpenSSL 1.0.1 and OpenSSL 1.0.1a [19 Apr 2012]:
o Fix for ASN1 overflow bug CVE-2012-2110
+ o Workarounds for some servers that hang on long client hellos.
+ o Fix SEGV in AES code.
- Major changes between OpenSSL 0.9.8t and OpenSSL 0.9.8u [12 Mar 2012]:
+ Major changes between OpenSSL 1.0.0h and OpenSSL 1.0.1 [14 Mar 2012]:
+ o TLS/DTLS heartbeat support.
+ o SCTP support.
+ o RFC 5705 TLS key material exporter.
+ o RFC 5764 DTLS-SRTP negotiation.
+ o Next Protocol Negotiation.
+ o PSS signatures in certificates, requests and CRLs.
+ o Support for password based recipient info for CMS.
+ o Support TLS v1.2 and TLS v1.1.
+ o Preliminary FIPS capability for unvalidated 2.0 FIPS module.
+ o SRP support.
+
+ Major changes between OpenSSL 1.0.0g and OpenSSL 1.0.0h [12 Mar 2012]:
+
o Fix for CMS/PKCS#7 MMA CVE-2012-0884
o Corrected fix for CVE-2011-4619
o Various DTLS fixes.
- Major changes between OpenSSL 0.9.8s and OpenSSL 0.9.8t [18 Jan 2012]:
+ Major changes between OpenSSL 1.0.0f and OpenSSL 1.0.0g [18 Jan 2012]:
o Fix for DTLS DoS issue CVE-2012-0050
- Major changes between OpenSSL 0.9.8r and OpenSSL 0.9.8s [4 Jan 2012]:
+ Major changes between OpenSSL 1.0.0e and OpenSSL 1.0.0f [4 Jan 2012]:
o Fix for DTLS plaintext recovery attack CVE-2011-4108
- o Fix policy check double free error CVE-2011-4109
o Clear block padding bytes of SSL 3.0 records CVE-2011-4576
o Only allow one SGC handshake restart for SSL/TLS CVE-2011-4619
+ o Check parameters are not NULL in GOST ENGINE CVE-2012-0027
o Check for malformed RFC3779 data CVE-2011-4577
- Major changes between OpenSSL 0.9.8q and OpenSSL 0.9.8r [8 Feb 2011]:
+ Major changes between OpenSSL 1.0.0d and OpenSSL 1.0.0e [6 Sep 2011]:
+ o Fix for CRL vulnerability issue CVE-2011-3207
+ o Fix for ECDH crashes CVE-2011-3210
+ o Protection against EC timing attacks.
+ o Support ECDH ciphersuites for certificates using SHA2 algorithms.
+ o Various DTLS fixes.
+
+ Major changes between OpenSSL 1.0.0c and OpenSSL 1.0.0d [8 Feb 2011]:
+
o Fix for security issue CVE-2011-0014
- Major changes between OpenSSL 0.9.8p and OpenSSL 0.9.8q [2 Dec 2010]:
+ Major changes between OpenSSL 1.0.0b and OpenSSL 1.0.0c [2 Dec 2010]:
o Fix for security issue CVE-2010-4180
o Fix for CVE-2010-4252
+ o Fix mishandling of absent EC point format extension.
+ o Fix various platform compilation issues.
+ o Corrected fix for security issue CVE-2010-3864.
- Major changes between OpenSSL 0.9.8o and OpenSSL 0.9.8p [16 Nov 2010]:
+ Major changes between OpenSSL 1.0.0a and OpenSSL 1.0.0b [16 Nov 2010]:
o Fix for security issue CVE-2010-3864.
+ o Fix for CVE-2010-2939
+ o Fix WIN32 build system for GOST ENGINE.
- Major changes between OpenSSL 0.9.8n and OpenSSL 0.9.8o [1 Jun 2010]:
+ Major changes between OpenSSL 1.0.0 and OpenSSL 1.0.0a [1 Jun 2010]:
- o Fix for security issue CVE-2010-0742.
- o Various DTLS fixes.
- o Recognise SHA2 certificates if only SSL algorithms added.
- o Fix for no-rc4 compilation.
- o Chil ENGINE unload workaround.
+ o Fix for security issue CVE-2010-1633.
+ o GOST MAC and CFB fixes.
+ Major changes between OpenSSL 0.9.8n and OpenSSL 1.0.0 [29 Mar 2010]:
+
+ o RFC3280 path validation: sufficient to process PKITS tests.
+ o Integrated support for PVK files and keyblobs.
+ o Change default private key format to PKCS#8.
+ o CMS support: able to process all examples in RFC4134
+ o Streaming ASN1 encode support for PKCS#7 and CMS.
+ o Multiple signer and signer add support for PKCS#7 and CMS.
+ o ASN1 printing support.
+ o Whirlpool hash algorithm added.
+ o RFC3161 time stamp support.
+ o New generalised public key API supporting ENGINE based algorithms.
+ o New generalised public key API utilities.
+ o New ENGINE supporting GOST algorithms.
+ o SSL/TLS GOST ciphersuite support.
+ o PKCS#7 and CMS GOST support.
+ o RFC4279 PSK ciphersuite support.
+ o Supported points format extension for ECC ciphersuites.
+ o ecdsa-with-SHA224/256/384/512 signature types.
+ o dsa-with-SHA224 and dsa-with-SHA256 signature types.
+ o Opaque PRF Input TLS extension support.
+ o Updated time routines to avoid OS limitations.
+
Major changes between OpenSSL 0.9.8m and OpenSSL 0.9.8n [24 Mar 2010]:
o CFB cipher definition fixes.
Modified: trunk/crypto/openssl/PROBLEMS
===================================================================
--- trunk/crypto/openssl/PROBLEMS 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/PROBLEMS 2015-07-21 23:23:45 UTC (rev 7118)
@@ -197,3 +197,17 @@
We don't have framework to associate -ldl with no-dso, therefore the only
way is to edit Makefile right after ./config no-dso and remove -ldl from
EX_LIBS line.
+
+* hpux-parisc2-cc no-asm build fails with SEGV in ECDSA/DH.
+
+Compiler bug, presumably at particular patch level. Remaining
+hpux*-parisc*-cc configurations can be affected too. Drop optimization
+level to +O2 when compiling bn_nist.o.
+
+* solaris64-sparcv9-cc link failure
+
+Solaris 8 ar can fail to maintain symbol table in .a, which results in
+link failures. Apply 109147-09 or later or modify Makefile generated
+by ./Configure solaris64-sparcv9-cc and replace RANLIB assignment with
+
+ RANLIB= /usr/ccs/bin/ar rs
Modified: trunk/crypto/openssl/README
===================================================================
--- trunk/crypto/openssl/README 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/README 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,5 +1,5 @@
- OpenSSL 0.9.8zg 11 Jun 2015
+ OpenSSL 1.0.1o 12 Jun 2015
Copyright (c) 1998-2011 The OpenSSL Project
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
Copied: trunk/crypto/openssl/VMS/install-vms.com (from rev 7117, vendor-crypto/openssl/dist/VMS/install-vms.com)
===================================================================
--- trunk/crypto/openssl/VMS/install-vms.com (rev 0)
+++ trunk/crypto/openssl/VMS/install-vms.com 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,67 @@
+$! install-vms.com -- Installs the files in a given directory tree
+$!
+$! Author: Richard Levitte <richard at levitte.org>
+$! Time of creation: 23-MAY-1998 19:22
+$!
+$! P1 root of the directory tree
+$!
+$!
+$! Announce/identify.
+$!
+$ proc = f$environment( "procedure")
+$ write sys$output "@@@ "+ -
+ f$parse( proc, , , "name")+ f$parse( proc, , , "type")
+$!
+$ on error then goto tidy
+$ on control_c then goto tidy
+$!
+$ if p1 .eqs. ""
+$ then
+$ write sys$output "First argument missing."
+$ write sys$output -
+ "Should be the directory where you want things installed."
+$ exit
+$ endif
+$
+$ if (f$getsyi( "cpu") .lt. 128)
+$ then
+$ arch = "VAX"
+$ else
+$ arch = f$edit( f$getsyi( "arch_name"), "upcase")
+$ if (arch .eqs. "") then arch = "UNK"
+$ endif
+$
+$ root = f$parse( P1, "[]A.;0", , , "SYNTAX_ONLY, NO_CONCEAL")- "A.;0"
+$ root_dev = f$parse( root, , , "device", "syntax_only")
+$ root_dir = f$parse( root, , , "directory", "syntax_only") - -
+ "[000000." - "][" - "[" - "]"
+$ root = root_dev + "[" + root_dir
+$
+$ define /nolog wrk_sslroot 'root'.] /translation_attributes = concealed
+$ define /nolog wrk_sslinclude wrk_sslroot:[include]
+$
+$ if f$parse( "wrk_sslroot:[000000]") .eqs. "" then -
+ create /directory /log wrk_sslroot:[000000]
+$ if f$parse( "wrk_sslinclude:") .eqs. "" then -
+ create /directory /log wrk_sslinclude:
+$ if f$parse( "wrk_sslroot:[vms]") .eqs. "" then -
+ create /directory /log wrk_sslroot:[vms]
+$!
+$ copy /log /protection = world:re openssl_startup.com wrk_sslroot:[vms]
+$ copy /log /protection = world:re openssl_undo.com wrk_sslroot:[vms]
+$ copy /log /protection = world:re openssl_utils.com wrk_sslroot:[vms]
+$!
+$ tidy:
+$!
+$ call deass wrk_sslroot
+$ call deass wrk_sslinclude
+$!
+$ exit
+$!
+$ deass: subroutine
+$ if (f$trnlnm( p1, "LNM$PROCESS") .nes. "")
+$ then
+$ deassign /process 'p1'
+$ endif
+$ endsubroutine
+$!
Deleted: trunk/crypto/openssl/VMS/install.com
===================================================================
--- trunk/crypto/openssl/VMS/install.com 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/VMS/install.com 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,79 +0,0 @@
-$! INSTALL.COM -- Installs the files in a given directory tree
-$!
-$! Author: Richard Levitte <richard at levitte.org>
-$! Time of creation: 23-MAY-1998 19:22
-$!
-$! P1 root of the directory tree
-$!
-$ IF P1 .EQS. ""
-$ THEN
-$ WRITE SYS$OUTPUT "First argument missing."
-$ WRITE SYS$OUTPUT "Should be the directory where you want things installed."
-$ EXIT
-$ ENDIF
-$
-$ IF (F$GETSYI("CPU").LT.128)
-$ THEN
-$ ARCH := VAX
-$ ELSE
-$ ARCH = F$EDIT( F$GETSYI( "ARCH_NAME"), "UPCASE")
-$ IF (ARCH .EQS. "") THEN ARCH = "UNK"
-$ ENDIF
-$
-$ ROOT = F$PARSE(P1,"[]A.;0",,,"SYNTAX_ONLY,NO_CONCEAL") - "A.;0"
-$ ROOT_DEV = F$PARSE(ROOT,,,"DEVICE","SYNTAX_ONLY")
-$ ROOT_DIR = F$PARSE(ROOT,,,"DIRECTORY","SYNTAX_ONLY") -
- - "[000000." - "][" - "[" - "]"
-$ ROOT = ROOT_DEV + "[" + ROOT_DIR
-$
-$ DEFINE/NOLOG WRK_SSLROOT 'ROOT'.] /TRANS=CONC
-$ DEFINE/NOLOG WRK_SSLINCLUDE WRK_SSLROOT:[INCLUDE]
-$
-$ IF F$PARSE("WRK_SSLROOT:[000000]") .EQS. "" THEN -
- CREATE/DIR/LOG WRK_SSLROOT:[000000]
-$ IF F$PARSE("WRK_SSLINCLUDE:") .EQS. "" THEN -
- CREATE/DIR/LOG WRK_SSLINCLUDE:
-$ IF F$PARSE("WRK_SSLROOT:[VMS]") .EQS. "" THEN -
- CREATE/DIR/LOG WRK_SSLROOT:[VMS]
-$
-$ IF F$SEARCH("WRK_SSLINCLUDE:vms_idhacks.h") .NES. "" THEN -
- DELETE WRK_SSLINCLUDE:vms_idhacks.h;*
-$
-$ OPEN/WRITE SF WRK_SSLROOT:[VMS]OPENSSL_STARTUP.COM
-$ WRITE SYS$OUTPUT "%OPEN-I-CREATED, ",F$SEARCH("WRK_SSLROOT:[VMS]OPENSSL_STARTUP.COM")," created."
-$ WRITE SF "$! Startup file for Openssl"
-$ WRITE SF "$!"
-$ WRITE SF "$! Do not edit this file, as it will be regenerated during next installation."
-$ WRITE SF "$! Instead, add or change SSLROOT:[VMS]OPENSSL_SYSTARTUP.COM"
-$ WRITE SF "$!"
-$ WRITE SF "$! P1 a qualifier to DEFINE. For example ""/SYSTEM"" to get the logical names"
-$ WRITE SF "$! defined in the system logical name table."
-$ WRITE SF "$!"
-$ WRITE SF "$ IF (F$GETSYI(""CPU"").LT.128)"
-$ WRITE SF "$ THEN"
-$ WRITE SF "$ ARCH := VAX"
-$ WRITE SF "$ ELSE"
-$ WRITE SF "$ ARCH = F$EDIT( F$GETSYI( ""ARCH_NAME""), ""UPCASE"")"
-$ WRITE SF "$ IF (ARCH .EQS. """") THEN ARCH = ""UNK"""
-$ WRITE SF "$ ENDIF"
-$ WRITE SF "$ DEFINE/NOLOG'P1 SSLROOT ",ROOT,".] /TRANS=CONC"
-$ WRITE SF "$ DEFINE/NOLOG'P1 SSLLIB SSLROOT:['ARCH'_LIB]"
-$ WRITE SF "$ DEFINE/NOLOG'P1 SSLINCLUDE SSLROOT:[INCLUDE]"
-$ WRITE SF "$ DEFINE/NOLOG'P1 SSLEXE SSLROOT:['ARCH'_EXE]"
-$ WRITE SF "$ DEFINE/NOLOG'P1 SSLCERTS SSLROOT:[CERTS]"
-$ WRITE SF "$ DEFINE/NOLOG'P1 SSLPRIVATE SSLROOT:[PRIVATE]"
-$ WRITE SF "$"
-$ WRITE SF "$! This is program can include <openssl/{foo}.h>"
-$ WRITE SF "$ DEFINE/NOLOG'P1 OPENSSL SSLINCLUDE:"
-$ WRITE SF "$"
-$ WRITE SF "$ IF F$SEARCH(""SSLROOT:[VMS]OPENSSL_SYSTARTUP.COM"") .NES."""" THEN -"
-$ WRITE SF " @SSLROOT:[VMS]OPENSSL_SYSTARTUP.COM"
-$ WRITE SF "$"
-$ WRITE SF "$ EXIT"
-$ CLOSE SF
-$ SET FILE/PROT=WORLD:RE WRK_SSLROOT:[VMS]OPENSSL_STARTUP.COM
-$
-$ COPY OPENSSL_UTILS.COM WRK_SSLROOT:[VMS]/LOG
-$ SET FILE/PROT=WORLD:RE WRK_SSLROOT:[VMS]OPENSSL_UTILS.COM
-$
-$ EXIT
Modified: trunk/crypto/openssl/VMS/mkshared.com
===================================================================
--- trunk/crypto/openssl/VMS/mkshared.com 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/VMS/mkshared.com 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,85 +1,166 @@
-$! MKSHARED.COM -- script to created shareable images on VMS
+$! MKSHARED.COM -- Create shareable images.
$!
-$! No command line parameters. This should be run at the start of the source
-$! tree (the same directory where one finds INSTALL.VMS).
+$! P1: "64" for 64-bit pointers.
$!
-$! Input: [.UTIL]LIBEAY.NUM,[.xxx.EXE.CRYPTO]LIBCRYPTO.OLB
-$! [.UTIL]SSLEAY.NUM,[.xxx.EXE.SSL]LIBSSL.OLB
-$! Output: [.xxx.EXE.CRYPTO]LIBCRYPTO.OPT,.MAP,.EXE
-$! [.xxx.EXE.SSL]LIBSSL.OPT,.MAP,.EXE
+$! P2: Zlib object library path (optional).
$!
+$! Input: [.UTIL]LIBEAY.NUM,[.xxx.EXE.CRYPTO]SSL_LIBCRYPTO[32].OLB
+$! [.UTIL]SSLEAY.NUM,[.xxx.EXE.SSL]SSL_LIBSSL[32].OLB
+$! [.CRYPTO.xxx]OPENSSLCONF.H
+$! Output: [.xxx.EXE.CRYPTO]SSL_LIBCRYPTO_SHR[32].OPT,.MAP,.EXE
+$! [.xxx.EXE.SSL]SSL_LIBSSL_SRH[32].OPT,.MAP,.EXE
+$!
$! So far, tests have only been made on VMS for Alpha. VAX will come in time.
$! ===========================================================================
-$
+$!
+$! Announce/identify.
+$!
+$ proc = f$environment( "procedure")
+$ write sys$output "@@@ "+ -
+ f$parse( proc, , , "name")+ f$parse( proc, , , "type")
+$!
+$! Save the original default device:[directory].
+$!
+$ def_orig = f$environment( "default")
+$ on error then goto tidy
+$ on control_c then goto tidy
+$!
+$! SET DEFAULT to the main kit directory.
+$!
+$ proc = f$environment("procedure")
+$ proc = f$parse( "A.;", proc)- "A.;"
+$ set default 'proc'
+$ set default [-]
+$!
$! ----- Prepare info for processing: version number and file info
$ gosub read_version_info
$ if libver .eqs. ""
$ then
$ write sys$error "ERROR: Couldn't find any library version info..."
-$ exit
+$ go to tidy:
$ endif
$
-$ if (f$getsyi("cpu").lt.128)
+$ if (f$getsyi("cpu") .lt. 128)
$ then
-$ arch := VAX
+$ arch_vax = 1
+$ arch = "VAX"
$ else
-$ arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
-$ if (arch .eqs. "") then arch = "UNK"
+$ arch_vax = 0
+$ arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
+$ if (arch .eqs. "") then arch = "UNK"
$ endif
-$
-$ if arch .nes. "VAX"
+$!
+$ archd = arch
+$ lib32 = "32"
+$ shr = "SHR32"
+$!
+$ if (p1 .nes. "")
$ then
-$ arch_vax = 0
+$ if (p1 .eqs. "64")
+$ then
+$ archd = arch+ "_64"
+$ lib32 = ""
+$ shr = "SHR"
+$ else
+$ if (p1 .nes. "32")
+$ then
+$ write sys$output "Second argument invalid."
+$ write sys$output "It should be "32", "64", or nothing."
+$ exit
+$ endif
+$ endif
+$ endif
+$!
+$! ----- Prepare info for processing: disabled algorithms info
+$ gosub read_disabled_algorithms_info
+$!
+$ ZLIB = p2
+$ zlib_lib = ""
+$ if (ZLIB .nes. "")
+$ then
+$ file2 = f$parse( ZLIB, "libz.olb", , , "syntax_only")
+$ if (f$search( file2) .eqs. "")
+$ then
+$ write sys$output ""
+$ write sys$output "The Option ", ZLIB, " Is Invalid."
+$ write sys$output " Can't find library: ''file2'"
+$ write sys$output ""
+$ goto tidy
+$ endif
+$ zlib_lib = ", ''file2' /library"
+$ endif
+$!
+$ if (arch_vax)
+$ then
+$ libtit = "CRYPTO_TRANSFER_VECTOR"
$ libid = "Crypto"
$ libnum = "[.UTIL]LIBEAY.NUM"
-$ libdir = "[.''ARCH'.EXE.CRYPTO]"
-$ libolb = "''libdir'LIBCRYPTO.OLB"
-$ libopt = "''libdir'LIBCRYPTO.OPT"
-$ libmap = "''libdir'LIBCRYPTO.MAP"
-$ libgoal= "''libdir'LIBCRYPTO.EXE"
+$ libdir = "[.''ARCHD'.EXE.CRYPTO]"
+$ libmar = "''libdir'SSL_LIBCRYPTO_''shr'.MAR"
+$ libolb = "''libdir'SSL_LIBCRYPTO''lib32'.OLB"
+$ libopt = "''libdir'SSL_LIBCRYPTO_''shr'.OPT"
+$ libobj = "''libdir'SSL_LIBCRYPTO_''shr'.OBJ"
+$ libmap = "''libdir'SSL_LIBCRYPTO_''shr'.MAP"
+$ libgoal= "''libdir'SSL_LIBCRYPTO_''shr'.EXE"
$ libref = ""
-$ gosub create_nonvax_shr
+$ libvec = "LIBCRYPTO"
+$ if f$search( libolb) .nes. "" then gosub create_vax_shr
+$ libtit = "SSL_TRANSFER_VECTOR"
$ libid = "SSL"
$ libnum = "[.UTIL]SSLEAY.NUM"
-$ libdir = "[.''ARCH'.EXE.SSL]"
-$ libolb = "''libdir'LIBSSL.OLB"
-$ libopt = "''libdir'LIBSSL.OPT"
-$ libmap = "''libdir'LIBSSL.MAP"
-$ libgoal= "''libdir'LIBSSL.EXE"
-$ libref = "[.''ARCH'.EXE.CRYPTO]LIBCRYPTO.EXE"
-$ gosub create_nonvax_shr
+$ libdir = "[.''ARCHD'.EXE.SSL]"
+$ libmar = "''libdir'SSL_LIBSSL_''shr'.MAR"
+$ libolb = "''libdir'SSL_LIBSSL''lib32'.OLB"
+$ libopt = "''libdir'SSL_LIBSSL_''shr'.OPT"
+$ libobj = "''libdir'SSL_LIBSSL_''shr'.OBJ"
+$ libmap = "''libdir'SSL_LIBSSL_''shr'.MAP"
+$ libgoal= "''libdir'SSL_LIBSSL_''shr'.EXE"
+$ libref = "[.''ARCHD'.EXE.CRYPTO]SSL_LIBCRYPTO_''shr'.EXE"
+$ libvec = "LIBSSL"
+$ if f$search( libolb) .nes. "" then gosub create_vax_shr
$ else
-$ arch_vax = 1
-$ libtit = "CRYPTO_TRANSFER_VECTOR"
$ libid = "Crypto"
$ libnum = "[.UTIL]LIBEAY.NUM"
-$ libdir = "[.''ARCH'.EXE.CRYPTO]"
-$ libmar = "''libdir'LIBCRYPTO.MAR"
-$ libolb = "''libdir'LIBCRYPTO.OLB"
-$ libopt = "''libdir'LIBCRYPTO.OPT"
-$ libobj = "''libdir'LIBCRYPTO.OBJ"
-$ libmap = "''libdir'LIBCRYPTO.MAP"
-$ libgoal= "''libdir'LIBCRYPTO.EXE"
+$ libdir = "[.''ARCHD'.EXE.CRYPTO]"
+$ libolb = "''libdir'SSL_LIBCRYPTO''lib32'.OLB"
+$ libopt = "''libdir'SSL_LIBCRYPTO_''shr'.OPT"
+$ libmap = "''libdir'SSL_LIBCRYPTO_''shr'.MAP"
+$ libgoal= "''libdir'SSL_LIBCRYPTO_''shr'.EXE"
$ libref = ""
-$ libvec = "LIBCRYPTO"
-$ gosub create_vax_shr
-$ libtit = "SSL_TRANSFER_VECTOR"
+$ if f$search( libolb) .nes. "" then gosub create_nonvax_shr
$ libid = "SSL"
$ libnum = "[.UTIL]SSLEAY.NUM"
-$ libdir = "[.''ARCH'.EXE.SSL]"
-$ libmar = "''libdir'LIBSSL.MAR"
-$ libolb = "''libdir'LIBSSL.OLB"
-$ libopt = "''libdir'LIBSSL.OPT"
-$ libobj = "''libdir'LIBSSL.OBJ"
-$ libmap = "''libdir'LIBSSL.MAP"
-$ libgoal= "''libdir'LIBSSL.EXE"
-$ libref = "[.''ARCH'.EXE.CRYPTO]LIBCRYPTO.EXE"
-$ libvec = "LIBSSL"
-$ gosub create_vax_shr
+$ libdir = "[.''ARCHD'.EXE.SSL]"
+$ libolb = "''libdir'SSL_LIBSSL''lib32'.OLB"
+$ libopt = "''libdir'SSL_LIBSSL_''shr'.OPT"
+$ libmap = "''libdir'SSL_LIBSSL_''shr'.MAP"
+$ libgoal= "''libdir'SSL_LIBSSL_''shr'.EXE"
+$ libref = "[.''ARCHD'.EXE.CRYPTO]SSL_LIBCRYPTO_''shr'.EXE"
+$ if f$search( libolb) .nes. "" then gosub create_nonvax_shr
$ endif
+$!
+$ tidy:
+$!
+$! Close any open files.
+$!
+$ if (f$trnlnm( "libnum", "LNM$PROCESS", 0, "SUPERVISOR") .nes. "") then -
+ close libnum
+$!
+$ if (f$trnlnm( "mar", "LNM$PROCESS", 0, "SUPERVISOR") .nes. "") then -
+ close mar
+$!
+$ if (f$trnlnm( "opt", "LNM$PROCESS", 0, "SUPERVISOR") .nes. "") then -
+ close opt
+$!
+$ if (f$trnlnm( "vf", "LNM$PROCESS", 0, "SUPERVISOR") .nes. "") then -
+ close vf
+$!
+$! Restore the original default device:[directory].
+$!
+$ set default 'def_orig'
$ exit
$
-$! ----- Soubroutines to build the shareable libraries
+$! ----- Subroutines to build the shareable libraries
$! For each supported architecture, there's a main shareable library
$! creator, which is called from the main code above.
$! The creator will define a number of variables to tell the next levels of
@@ -111,9 +192,9 @@
$! -----
$! The creator routine
$ create_nonvax_shr:
-$ open/write opt 'libopt'
+$ open /write opt 'libopt'
$ write opt "identification=""",libid," ",libverstr,""""
-$ write opt libolb,"/lib"
+$ write opt libolb, " /library"
$ if libref .nes. "" then write opt libref,"/SHARE"
$ write opt "SYMBOL_VECTOR=(-"
$ libfirstentry := true
@@ -124,7 +205,8 @@
$ write opt ")"
$ write opt "GSMATCH=",libvmatch,",",libver
$ close opt
-$ link/map='libmap'/full/share='libgoal' 'libopt'/option
+$ link /map = 'libmap' /full /share = 'libgoal' 'libopt' /options -
+ 'zlib_lib'
$ return
$
$! The record writer routine
@@ -158,7 +240,7 @@
$! -----
$! The creator routine
$ create_vax_shr:
-$ open/write mar 'libmar'
+$ open /write mar 'libmar'
$ type sys$input:/out=mar:
;
; Transfer vector for VAX shareable image
@@ -193,10 +275,10 @@
$! gosub read_func_num
$ write mar " .END"
$ close mar
-$ open/write opt 'libopt'
+$ open /write opt 'libopt'
$ write opt "identification=""",libid," ",libverstr,""""
$ write opt libobj
-$ write opt libolb,"/lib"
+$ write opt libolb, " /library"
$ if libref .nes. "" then write opt libref,"/SHARE"
$ type sys$input:/out=opt:
!
@@ -215,7 +297,8 @@
$ gosub read_func_num
$ close opt
$ macro/obj='libobj' 'libmar'
-$ link/map='libmap'/full/share='libgoal' 'libopt'/option
+$ link /map = 'libmap' /full /share = 'libgoal' 'libopt' /options -
+ 'zlib_lib'
$ return
$
$! The record writer routine for VAX functions
@@ -237,9 +320,9 @@
$
$! ----- Common subroutines
$! -----
-$! The .num file reader. This one has great responsability.
+$! The .num file reader. This one has great responsibility.
$ read_func_num:
-$ open libnum 'libnum'
+$ open /read libnum 'libnum'
$ goto read_nums
$
$ read_nums:
@@ -247,14 +330,17 @@
$ liblastentry:=false
$ entrycount=0
$ loop:
-$ read/end=loop_end/err=loop_end libnum line
-$ entrynum=f$int(f$element(1," ",f$edit(line,"COMPRESS,TRIM")))
-$ entryinfo=f$element(2," ",f$edit(line,"COMPRESS,TRIM"))
-$ curentry=f$element(0," ",f$edit(line,"COMPRESS,TRIM"))
-$ info_exist=f$element(0,":",entryinfo)
-$ info_platforms=","+f$element(1,":",entryinfo)+","
-$ info_kind=f$element(2,":",entryinfo)
-$ info_algorithms=","+f$element(3,":",entryinfo)+","
+$ read /end=loop_end /err=loop_end libnum line
+$ lin = f$edit( line, "COMPRESS,TRIM")
+$! Skip a "#" comment line.
+$ if (f$extract( 0, 1, lin) .eqs. "#") then goto loop
+$ entrynum = f$int(f$element( 1, " ", lin))
+$ entryinfo = f$element( 2, " ", lin)
+$ curentry = f$element( 0, " ", lin)
+$ info_exist = f$element( 0, ":", entryinfo)
+$ info_platforms = ","+ f$element(1, ":", entryinfo)+ ","
+$ info_kind = f$element( 2, ":", entryinfo)
+$ info_algorithms = ","+ f$element( 3, ":", entryinfo)+ ","
$ if info_exist .eqs. "NOEXIST" then goto loop
$ truesum = 0
$ falsesum = 0
@@ -261,13 +347,13 @@
$ negatives = 1
$ plat_i = 0
$ loop1:
-$ plat_entry = f$element(plat_i,",",info_platforms)
+$ plat_entry = f$element( plat_i, ",", info_platforms)
$ plat_i = plat_i + 1
$ if plat_entry .eqs. "" then goto loop1
$ if plat_entry .nes. ","
$ then
$ if f$extract(0,1,plat_entry) .nes. "!" then negatives = 0
-$ if f$getsyi("CPU") .lt. 128
+$ if (arch_vax)
$ then
$ if plat_entry .eqs. "EXPORT_VAR_AS_FUNCTION" then -
$ truesum = truesum + 1
@@ -276,6 +362,7 @@
$ endif
$!
$ if ((plat_entry .eqs. "VMS") .or. -
+ ((plat_entry .eqs. "ZLIB") .and. (ZLIB .nes. "")) .or. -
(arch_vax .and. (plat_entry .eqs. "VMSVAX"))) then -
truesum = truesum + 1
$!
@@ -301,8 +388,7 @@
$ if alg_entry .eqs. "" then goto loop2
$ if alg_entry .nes. ","
$ then
-$ if alg_entry .eqs. "KRB5" then goto loop ! Special for now
-$ if alg_entry .eqs. "STATIC_ENGINE" then goto loop ! Special for now
+$ if disabled_algorithms - ("," + alg_entry + ",") .nes disabled_algorithms then goto loop
$ if f$trnlnm("OPENSSL_NO_"+alg_entry) .nes. "" then goto loop
$ goto loop2
$ endif
@@ -345,7 +431,7 @@
$! The version number reader
$ read_version_info:
$ libver = ""
-$ open/read vf [.CRYPTO]OPENSSLV.H
+$ open /read vf [.CRYPTO]OPENSSLV.H
$ loop_rvi:
$ read/err=endloop_rvi/end=endloop_rvi vf rvi_line
$ if rvi_line - "SHLIB_VERSION_NUMBER """ .eqs. rvi_line then -
@@ -369,3 +455,22 @@
$ endloop_rvi:
$ close vf
$ return
+$
+$! The disabled algorithms reader
+$ read_disabled_algorithms_info:
+$ disabled_algorithms = ","
+$ open /read cf [.CRYPTO.'ARCH']OPENSSLCONF.H
+$ loop_rci:
+$ read/err=endloop_rci/end=endloop_rci cf rci_line
+$ rci_line = f$edit(rci_line,"TRIM,COMPRESS")
+$ rci_ei = 0
+$ if f$extract(0,9,rci_line) .eqs. "# define " then rci_ei = 2
+$ if f$extract(0,8,rci_line) .eqs. "#define " then rci_ei = 1
+$ if rci_ei .eq. 0 then goto loop_rci
+$ rci_e = f$element(rci_ei," ",rci_line)
+$ if f$extract(0,11,rci_e) .nes. "OPENSSL_NO_" then goto loop_rci
+$ disabled_algorithms = disabled_algorithms + f$extract(11,999,rci_e) + ","
+$ goto loop_rci
+$ endloop_rci:
+$ close cf
+$ return
Copied: trunk/crypto/openssl/VMS/openssl_startup.com (from rev 7117, vendor-crypto/openssl/dist/VMS/openssl_startup.com)
===================================================================
--- trunk/crypto/openssl/VMS/openssl_startup.com (rev 0)
+++ trunk/crypto/openssl/VMS/openssl_startup.com 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,108 @@
+$!
+$! Startup file for OpenSSL 1.x.
+$!
+$! 2011-03-05 SMS.
+$!
+$! This procedure must reside in the OpenSSL installation directory.
+$! It will fail if it is copied to a different location.
+$!
+$! P1 qualifier(s) for DEFINE. For example, "/SYSTEM" to get the
+$! logical names defined in the system logical name table.
+$!
+$! P2 "64", to use executables which were built with 64-bit pointers.
+$!
+$! Good (default) and bad status values.
+$!
+$ status = %x00010001 ! RMS$_NORMAL, normal successful completion.
+$ rms_e_fnf = %x00018292 ! RMS$_FNF, file not found.
+$!
+$! Prepare for problems.
+$!
+$ orig_dev_dir = f$environment( "DEFAULT")
+$ on control_y then goto clean_up
+$ on error then goto clean_up
+$!
+$! Determine hardware architecture.
+$!
+$ if (f$getsyi( "cpu") .lt. 128)
+$ then
+$ arch_name = "VAX"
+$ else
+$ arch_name = f$edit( f$getsyi( "arch_name"), "upcase")
+$ if (arch_name .eqs. "") then arch_name = "UNK"
+$ endif
+$!
+$ if (p2 .eqs. "64")
+$ then
+$ arch_name_exe = arch_name+ "_64"
+$ else
+$ arch_name_exe = arch_name
+$ endif
+$!
+$! Derive the OpenSSL installation device:[directory] from the location
+$! of this command procedure.
+$!
+$ proc = f$environment( "procedure")
+$ proc_dev_dir = f$parse( "A.;", proc, , , "no_conceal") - "A.;"
+$ proc_dev = f$parse( proc_dev_dir, , , "device", "syntax_only")
+$ proc_dir = f$parse( proc_dev_dir, , , "directory", "syntax_only") - -
+ ".][000000"- "[000000."- "]["- "["- "]"
+$ proc_dev_dir = proc_dev+ "["+ proc_dir+ "]"
+$ set default 'proc_dev_dir'
+$ set default [-]
+$ ossl_dev_dir = f$environment( "default")
+$!
+$! Check existence of expected directories (to see if this procedure has
+$! been moved away from its proper place).
+$!
+$ if ((f$search( "certs.dir;1") .eqs. "") .or. -
+ (f$search( "include.dir;1") .eqs. "") .or. -
+ (f$search( "private.dir;1") .eqs. "") .or. -
+ (f$search( "vms.dir;1") .eqs. ""))
+$ then
+$ write sys$output -
+ " Can't find expected common OpenSSL directories in:"
+$ write sys$output " ''ossl_dev_dir'"
+$ status = rms_e_fnf
+$ goto clean_up
+$ endif
+$!
+$ if ((f$search( "''arch_name_exe'_exe.dir;1") .eqs. "") .or. -
+ (f$search( "''arch_name'_lib.dir;1") .eqs. ""))
+$ then
+$ write sys$output -
+ " Can't find expected architecture-specific OpenSSL directories in:"
+$ write sys$output " ''ossl_dev_dir'"
+$ status = rms_e_fnf
+$ goto clean_up
+$ endif
+$!
+$! All seems well (enough). Define the OpenSSL logical names.
+$!
+$ ossl_root = ossl_dev_dir- "]"+ ".]"
+$ define /translation_attributes = concealed /nolog'p1 SSLROOT 'ossl_root'
+$ define /nolog 'p1' SSLCERTS sslroot:[certs]
+$ define /nolog 'p1' SSLINCLUDE sslroot:[include]
+$ define /nolog 'p1' SSLPRIVATE sslroot:[private]
+$ define /nolog 'p1' SSLEXE sslroot:['arch_name_exe'_exe]
+$ define /nolog 'p1' SSLLIB sslroot:['arch_name'_lib]
+$!
+$! Defining OPENSSL lets a C program use "#include <openssl/{foo}.h>":
+$ define /nolog 'p1' OPENSSL SSLINCLUDE:
+$!
+$! Run a site-specific procedure, if it exists.
+$!
+$ if f$search( "sslroot:[vms]openssl_systartup.com") .nes."" then -
+ @ sslroot:[vms]openssl_systartup.com
+$!
+$! Restore the original default dev:[dir] (if known).
+$!
+$ clean_up:
+$!
+$ if (f$type( orig_dev_dir) .nes. "")
+$ then
+$ set default 'orig_dev_dir'
+$ endif
+$!
+$ EXIT 'status'
+$!
Copied: trunk/crypto/openssl/VMS/openssl_undo.com (from rev 7117, vendor-crypto/openssl/dist/VMS/openssl_undo.com)
===================================================================
--- trunk/crypto/openssl/VMS/openssl_undo.com (rev 0)
+++ trunk/crypto/openssl/VMS/openssl_undo.com 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,20 @@
+$!
+$! Deassign OpenSSL logical names.
+$!
+$ call deass "OPENSSL" "''p1'"
+$ call deass "SSLCERTS" "''p1'"
+$ call deass "SSLEXE" "''p1'"
+$ call deass "SSLINCLUDE" "''p1'"
+$ call deass "SSLLIB" "''p1'"
+$ call deass "SSLPRIVATE" "''p1'"
+$ call deass "SSLROOT" "''p1'"
+$!
+$ exit
+$!
+$deass: subroutine
+$ if (f$trnlnm( p1) .nes. "")
+$ then
+$ deassign 'p2' 'p1'
+$ endif
+$ endsubroutine
+$!
Modified: trunk/crypto/openssl/apps/Makefile
===================================================================
--- trunk/crypto/openssl/apps/Makefile 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/apps/Makefile 2015-07-21 23:23:45 UTC (rev 7118)
@@ -31,15 +31,15 @@
PROGRAM= openssl
-SCRIPTS=CA.sh CA.pl
+SCRIPTS=CA.sh CA.pl tsget
EXE= $(PROGRAM)$(EXE_EXT)
E_EXE= verify asn1pars req dgst dh dhparam enc passwd gendh errstr \
ca crl rsa rsautl dsa dsaparam ec ecparam \
- x509 genrsa gendsa s_server s_client speed \
+ x509 genrsa gendsa genpkey s_server s_client speed \
s_time version pkcs7 cms crl2pkcs7 sess_id ciphers nseq pkcs12 \
- pkcs8 spkac smime rand engine ocsp prime
+ pkcs8 pkey pkeyparam pkeyutl spkac smime rand engine ocsp prime ts srp
PROGS= $(PROGRAM).c
@@ -53,18 +53,18 @@
E_OBJ= verify.o asn1pars.o req.o dgst.o dh.o dhparam.o enc.o passwd.o gendh.o errstr.o \
ca.o pkcs7.o crl2p7.o crl.o \
rsa.o rsautl.o dsa.o dsaparam.o ec.o ecparam.o \
- x509.o genrsa.o gendsa.o s_server.o s_client.o speed.o \
+ x509.o genrsa.o gendsa.o genpkey.o s_server.o s_client.o speed.o \
s_time.o $(A_OBJ) $(S_OBJ) $(RAND_OBJ) version.o sess_id.o \
- ciphers.o nseq.o pkcs12.o pkcs8.o spkac.o smime.o rand.o engine.o \
- ocsp.o prime.o cms.o
+ ciphers.o nseq.o pkcs12.o pkcs8.o pkey.o pkeyparam.o pkeyutl.o \
+ spkac.o smime.o cms.o rand.o engine.o ocsp.o prime.o ts.o srp.o
E_SRC= verify.c asn1pars.c req.c dgst.c dh.c enc.c passwd.c gendh.c errstr.c ca.c \
pkcs7.c crl2p7.c crl.c \
rsa.c rsautl.c dsa.c dsaparam.c ec.c ecparam.c \
- x509.c genrsa.c gendsa.c s_server.c s_client.c speed.c \
+ x509.c genrsa.c gendsa.c genpkey.c s_server.c s_client.c speed.c \
s_time.c $(A_SRC) $(S_SRC) $(RAND_SRC) version.c sess_id.c \
- ciphers.c nseq.c pkcs12.c pkcs8.c spkac.c smime.c rand.c engine.c \
- ocsp.c prime.c cms.c
+ ciphers.c nseq.c pkcs12.c pkcs8.c pkey.c pkeyparam.c pkeyutl.c \
+ spkac.c smime.c cms.c rand.c engine.c ocsp.c prime.c ts.c srp.c
SRC=$(E_SRC)
@@ -94,6 +94,9 @@
sreq.o: req.c
$(CC) -c $(INCLUDES) $(CFLAG) -o sreq.o req.c
+openssl-vms.cnf: openssl.cnf
+ $(PERL) $(TOP)/VMS/VMSify-conf.pl < openssl.cnf > openssl-vms.cnf
+
files:
$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
@@ -127,26 +130,27 @@
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
-depend:
- @if [ -z "$(THIS)" ]; then \
- $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; \
- else \
- $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(SRC); \
- fi
+update: openssl-vms.cnf local_depend
+depend: local_depend
+ @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
+local_depend:
+ @[ -z "$(THIS)" ] || $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(SRC); \
+
dclean:
$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
mv -f Makefile.new $(MAKEFILE)
+ rm -f CA.pl
clean:
- rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff $(EXE)
+ rm -f *.o *.obj *.dll lib tags core .pure .nfs* *.old *.bak fluff $(EXE)
rm -f req
$(DLIBSSL):
- (cd ..; $(MAKE) DIRS=ssl all)
+ (cd ..; $(MAKE) build_libssl)
$(DLIBCRYPTO):
- (cd ..; $(MAKE) DIRS=crypto all)
+ (cd ..; $(MAKE) build_libcrypto)
$(EXE): progs.h $(E_OBJ) $(PROGRAM).o $(DLIBCRYPTO) $(DLIBSSL)
$(RM) $(EXE)
@@ -153,19 +157,14 @@
shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
shlib_target="$(SHLIB_TARGET)"; \
elif [ -n "$(FIPSCANLIB)" ]; then \
- FIPSLD_CC="$(CC)"; CC=$(TOP)/fips/fipsld; export CC FIPSLD_CC; \
+ FIPSLD_CC="$(CC)"; CC=$(FIPSDIR)/bin/fipsld; export CC FIPSLD_CC; \
fi; \
LIBRARIES="$(LIBSSL) $(LIBKRB5) $(LIBCRYPTO)" ; \
- [ "x$(FIPSCANLIB)" = "xlibfips" ] && LIBRARIES="$$LIBRARIES -lfips"; \
$(MAKE) -f $(TOP)/Makefile.shared -e \
- CC="$${CC}" APPNAME=$(EXE) OBJECTS="$(PROGRAM).o $(E_OBJ)" \
+ APPNAME=$(EXE) OBJECTS="$(PROGRAM).o $(E_OBJ)" \
LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
link_app.$${shlib_target}
- @if [ -z "$(CROSS_COMPILE)" ]; then \
- (cd ..; \
- OPENSSL="`pwd`/util/opensslwrap.sh"; export OPENSSL; \
- $(PERL) tools/c_rehash certs) \
- fi
+ @(cd ..; $(MAKE) rehash)
progs.h: progs.pl
$(PERL) progs.pl $(E_EXE) >progs.h
@@ -178,16 +177,16 @@
app_rand.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
app_rand.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
app_rand.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-app_rand.o: ../include/openssl/evp.h ../include/openssl/fips.h
-app_rand.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-app_rand.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
-app_rand.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-app_rand.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
-app_rand.o: ../include/openssl/rand.h ../include/openssl/safestack.h
-app_rand.o: ../include/openssl/sha.h ../include/openssl/stack.h
-app_rand.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-app_rand.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-app_rand.o: ../include/openssl/x509v3.h app_rand.c apps.h
+app_rand.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+app_rand.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+app_rand.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+app_rand.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+app_rand.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+app_rand.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+app_rand.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+app_rand.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+app_rand.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h
+app_rand.o: app_rand.c apps.h
apps.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
apps.o: ../include/openssl/bn.h ../include/openssl/buffer.h
apps.o: ../include/openssl/conf.h ../include/openssl/crypto.h
@@ -194,18 +193,17 @@
apps.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
apps.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
apps.o: ../include/openssl/engine.h ../include/openssl/err.h
-apps.o: ../include/openssl/evp.h ../include/openssl/fips.h
-apps.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-apps.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
-apps.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-apps.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-apps.o: ../include/openssl/pem2.h ../include/openssl/pkcs12.h
-apps.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
-apps.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-apps.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-apps.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
-apps.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-apps.o: ../include/openssl/x509v3.h apps.c apps.h
+apps.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+apps.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+apps.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+apps.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+apps.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+apps.o: ../include/openssl/pkcs12.h ../include/openssl/pkcs7.h
+apps.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+apps.o: ../include/openssl/sha.h ../include/openssl/stack.h
+apps.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+apps.o: ../include/openssl/ui.h ../include/openssl/x509.h
+apps.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.c apps.h
asn1pars.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
asn1pars.o: ../include/openssl/buffer.h ../include/openssl/conf.h
asn1pars.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
@@ -212,16 +210,16 @@
asn1pars.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
asn1pars.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
asn1pars.o: ../include/openssl/err.h ../include/openssl/evp.h
-asn1pars.o: ../include/openssl/fips.h ../include/openssl/lhash.h
-asn1pars.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-asn1pars.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
-asn1pars.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-asn1pars.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-asn1pars.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
-asn1pars.o: ../include/openssl/sha.h ../include/openssl/stack.h
-asn1pars.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-asn1pars.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-asn1pars.o: ../include/openssl/x509v3.h apps.h asn1pars.c
+asn1pars.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+asn1pars.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+asn1pars.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+asn1pars.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+asn1pars.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+asn1pars.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+asn1pars.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+asn1pars.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+asn1pars.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+asn1pars.o: asn1pars.c
ca.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
ca.o: ../include/openssl/bn.h ../include/openssl/buffer.h
ca.o: ../include/openssl/conf.h ../include/openssl/crypto.h
@@ -228,24 +226,23 @@
ca.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
ca.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
ca.o: ../include/openssl/engine.h ../include/openssl/err.h
-ca.o: ../include/openssl/evp.h ../include/openssl/fips.h
-ca.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-ca.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
-ca.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-ca.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-ca.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-ca.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-ca.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-ca.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
-ca.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h ca.c
+ca.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+ca.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ca.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+ca.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+ca.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+ca.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
+ca.o: ../include/openssl/sha.h ../include/openssl/stack.h
+ca.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+ca.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+ca.o: ../include/openssl/x509v3.h apps.h ca.c
ciphers.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-ciphers.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-ciphers.o: ../include/openssl/comp.h ../include/openssl/conf.h
-ciphers.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h
-ciphers.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-ciphers.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-ciphers.o: ../include/openssl/engine.h ../include/openssl/err.h
-ciphers.o: ../include/openssl/evp.h ../include/openssl/fips.h
+ciphers.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+ciphers.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+ciphers.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+ciphers.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+ciphers.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
+ciphers.o: ../include/openssl/err.h ../include/openssl/evp.h
ciphers.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
ciphers.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
ciphers.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
@@ -252,8 +249,8 @@
ciphers.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
ciphers.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
ciphers.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-ciphers.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h
-ciphers.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ciphers.o: ../include/openssl/pqueue.h ../include/openssl/safestack.h
+ciphers.o: ../include/openssl/sha.h ../include/openssl/srtp.h
ciphers.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
ciphers.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
ciphers.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
@@ -261,19 +258,21 @@
ciphers.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
ciphers.o: ../include/openssl/x509v3.h apps.h ciphers.c
cms.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-cms.o: ../include/openssl/buffer.h ../include/openssl/conf.h
-cms.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-cms.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-cms.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-cms.o: ../include/openssl/evp.h ../include/openssl/fips.h
-cms.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-cms.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
-cms.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-cms.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
-cms.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-cms.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-cms.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
-cms.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h cms.c
+cms.o: ../include/openssl/buffer.h ../include/openssl/cms.h
+cms.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+cms.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
+cms.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
+cms.o: ../include/openssl/engine.h ../include/openssl/err.h
+cms.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+cms.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+cms.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+cms.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+cms.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+cms.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
+cms.o: ../include/openssl/sha.h ../include/openssl/stack.h
+cms.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+cms.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+cms.o: ../include/openssl/x509v3.h apps.h cms.c
crl.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
crl.o: ../include/openssl/buffer.h ../include/openssl/conf.h
crl.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
@@ -280,16 +279,15 @@
crl.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
crl.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
crl.o: ../include/openssl/err.h ../include/openssl/evp.h
-crl.o: ../include/openssl/fips.h ../include/openssl/lhash.h
-crl.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-crl.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
-crl.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-crl.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-crl.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
-crl.o: ../include/openssl/sha.h ../include/openssl/stack.h
-crl.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-crl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-crl.o: ../include/openssl/x509v3.h apps.h crl.c
+crl.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+crl.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+crl.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+crl.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+crl.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+crl.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+crl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+crl.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+crl.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h crl.c
crl2p7.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
crl2p7.o: ../include/openssl/buffer.h ../include/openssl/conf.h
crl2p7.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
@@ -296,16 +294,16 @@
crl2p7.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
crl2p7.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
crl2p7.o: ../include/openssl/err.h ../include/openssl/evp.h
-crl2p7.o: ../include/openssl/fips.h ../include/openssl/lhash.h
-crl2p7.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-crl2p7.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
-crl2p7.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-crl2p7.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-crl2p7.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
-crl2p7.o: ../include/openssl/sha.h ../include/openssl/stack.h
-crl2p7.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-crl2p7.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-crl2p7.o: ../include/openssl/x509v3.h apps.h crl2p7.c
+crl2p7.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+crl2p7.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+crl2p7.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+crl2p7.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+crl2p7.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+crl2p7.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+crl2p7.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+crl2p7.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+crl2p7.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+crl2p7.o: crl2p7.c
dgst.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
dgst.o: ../include/openssl/buffer.h ../include/openssl/conf.h
dgst.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
@@ -312,16 +310,16 @@
dgst.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
dgst.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
dgst.o: ../include/openssl/err.h ../include/openssl/evp.h
-dgst.o: ../include/openssl/fips.h ../include/openssl/hmac.h
-dgst.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-dgst.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
-dgst.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-dgst.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-dgst.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-dgst.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-dgst.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-dgst.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
-dgst.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h dgst.c
+dgst.o: ../include/openssl/hmac.h ../include/openssl/lhash.h
+dgst.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+dgst.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+dgst.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+dgst.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+dgst.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
+dgst.o: ../include/openssl/sha.h ../include/openssl/stack.h
+dgst.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+dgst.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+dgst.o: ../include/openssl/x509v3.h apps.h dgst.c
dh.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
dh.o: ../include/openssl/bn.h ../include/openssl/buffer.h
dh.o: ../include/openssl/conf.h ../include/openssl/crypto.h
@@ -329,16 +327,15 @@
dh.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
dh.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
dh.o: ../include/openssl/err.h ../include/openssl/evp.h
-dh.o: ../include/openssl/fips.h ../include/openssl/lhash.h
-dh.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-dh.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
-dh.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-dh.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-dh.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
-dh.o: ../include/openssl/sha.h ../include/openssl/stack.h
-dh.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-dh.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-dh.o: ../include/openssl/x509v3.h apps.h dh.c
+dh.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+dh.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+dh.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+dh.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+dh.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+dh.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+dh.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+dh.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+dh.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h dh.c
dsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
dsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h
dsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h
@@ -346,16 +343,15 @@
dsa.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
dsa.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
dsa.o: ../include/openssl/err.h ../include/openssl/evp.h
-dsa.o: ../include/openssl/fips.h ../include/openssl/lhash.h
-dsa.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-dsa.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
-dsa.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-dsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-dsa.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
-dsa.o: ../include/openssl/sha.h ../include/openssl/stack.h
-dsa.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-dsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-dsa.o: ../include/openssl/x509v3.h apps.h dsa.c
+dsa.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+dsa.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+dsa.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+dsa.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+dsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+dsa.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+dsa.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+dsa.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+dsa.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h dsa.c
dsaparam.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
dsaparam.o: ../include/openssl/bn.h ../include/openssl/buffer.h
dsaparam.o: ../include/openssl/conf.h ../include/openssl/crypto.h
@@ -363,15 +359,14 @@
dsaparam.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
dsaparam.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
dsaparam.o: ../include/openssl/engine.h ../include/openssl/err.h
-dsaparam.o: ../include/openssl/evp.h ../include/openssl/fips.h
-dsaparam.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-dsaparam.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
-dsaparam.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-dsaparam.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-dsaparam.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-dsaparam.o: ../include/openssl/rand.h ../include/openssl/rsa.h
-dsaparam.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-dsaparam.o: ../include/openssl/stack.h ../include/openssl/store.h
+dsaparam.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+dsaparam.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+dsaparam.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+dsaparam.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+dsaparam.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+dsaparam.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+dsaparam.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+dsaparam.o: ../include/openssl/sha.h ../include/openssl/stack.h
dsaparam.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
dsaparam.o: ../include/openssl/ui.h ../include/openssl/x509.h
dsaparam.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
@@ -382,16 +377,15 @@
ec.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
ec.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
ec.o: ../include/openssl/err.h ../include/openssl/evp.h
-ec.o: ../include/openssl/fips.h ../include/openssl/lhash.h
-ec.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-ec.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
-ec.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-ec.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-ec.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
-ec.o: ../include/openssl/sha.h ../include/openssl/stack.h
-ec.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-ec.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-ec.o: ../include/openssl/x509v3.h apps.h ec.c
+ec.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+ec.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+ec.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+ec.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+ec.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+ec.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ec.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+ec.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+ec.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h ec.c
ecparam.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
ecparam.o: ../include/openssl/bn.h ../include/openssl/buffer.h
ecparam.o: ../include/openssl/conf.h ../include/openssl/crypto.h
@@ -398,24 +392,23 @@
ecparam.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
ecparam.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
ecparam.o: ../include/openssl/engine.h ../include/openssl/err.h
-ecparam.o: ../include/openssl/evp.h ../include/openssl/fips.h
-ecparam.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-ecparam.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
-ecparam.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-ecparam.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-ecparam.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-ecparam.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-ecparam.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-ecparam.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
-ecparam.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
-ecparam.o: ecparam.c
+ecparam.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+ecparam.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ecparam.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+ecparam.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+ecparam.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+ecparam.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
+ecparam.o: ../include/openssl/sha.h ../include/openssl/stack.h
+ecparam.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+ecparam.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+ecparam.o: ../include/openssl/x509v3.h apps.h ecparam.c
enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-enc.o: ../include/openssl/buffer.h ../include/openssl/conf.h
-enc.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-enc.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-enc.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-enc.o: ../include/openssl/err.h ../include/openssl/evp.h
-enc.o: ../include/openssl/fips.h ../include/openssl/lhash.h
+enc.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+enc.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+enc.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
+enc.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
+enc.o: ../include/openssl/engine.h ../include/openssl/err.h
+enc.o: ../include/openssl/evp.h ../include/openssl/lhash.h
enc.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
enc.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
enc.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
@@ -426,13 +419,12 @@
enc.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
enc.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h enc.c
engine.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-engine.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-engine.o: ../include/openssl/comp.h ../include/openssl/conf.h
-engine.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h
-engine.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-engine.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-engine.o: ../include/openssl/engine.h ../include/openssl/err.h
-engine.o: ../include/openssl/evp.h ../include/openssl/fips.h
+engine.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+engine.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+engine.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+engine.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+engine.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
+engine.o: ../include/openssl/err.h ../include/openssl/evp.h
engine.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
engine.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
engine.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
@@ -439,8 +431,8 @@
engine.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
engine.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
engine.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-engine.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h
-engine.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+engine.o: ../include/openssl/pqueue.h ../include/openssl/safestack.h
+engine.o: ../include/openssl/sha.h ../include/openssl/srtp.h
engine.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
engine.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
engine.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
@@ -448,13 +440,12 @@
engine.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
engine.o: ../include/openssl/x509v3.h apps.h engine.c
errstr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-errstr.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-errstr.o: ../include/openssl/comp.h ../include/openssl/conf.h
-errstr.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h
-errstr.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-errstr.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-errstr.o: ../include/openssl/engine.h ../include/openssl/err.h
-errstr.o: ../include/openssl/evp.h ../include/openssl/fips.h
+errstr.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+errstr.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+errstr.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+errstr.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+errstr.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
+errstr.o: ../include/openssl/err.h ../include/openssl/evp.h
errstr.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
errstr.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
errstr.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
@@ -461,8 +452,8 @@
errstr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
errstr.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
errstr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-errstr.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h
-errstr.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+errstr.o: ../include/openssl/pqueue.h ../include/openssl/safestack.h
+errstr.o: ../include/openssl/sha.h ../include/openssl/srtp.h
errstr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
errstr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
errstr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
@@ -476,15 +467,14 @@
gendh.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
gendh.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
gendh.o: ../include/openssl/engine.h ../include/openssl/err.h
-gendh.o: ../include/openssl/evp.h ../include/openssl/fips.h
-gendh.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-gendh.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
-gendh.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-gendh.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-gendh.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-gendh.o: ../include/openssl/rand.h ../include/openssl/rsa.h
-gendh.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-gendh.o: ../include/openssl/stack.h ../include/openssl/store.h
+gendh.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+gendh.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+gendh.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+gendh.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+gendh.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+gendh.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+gendh.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+gendh.o: ../include/openssl/sha.h ../include/openssl/stack.h
gendh.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
gendh.o: ../include/openssl/ui.h ../include/openssl/x509.h
gendh.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
@@ -496,16 +486,32 @@
gendsa.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
gendsa.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
gendsa.o: ../include/openssl/err.h ../include/openssl/evp.h
-gendsa.o: ../include/openssl/fips.h ../include/openssl/lhash.h
-gendsa.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-gendsa.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
-gendsa.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-gendsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-gendsa.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
-gendsa.o: ../include/openssl/sha.h ../include/openssl/stack.h
-gendsa.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-gendsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-gendsa.o: ../include/openssl/x509v3.h apps.h gendsa.c
+gendsa.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+gendsa.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+gendsa.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+gendsa.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+gendsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+gendsa.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+gendsa.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+gendsa.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+gendsa.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+gendsa.o: gendsa.c
+genpkey.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+genpkey.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+genpkey.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+genpkey.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+genpkey.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
+genpkey.o: ../include/openssl/err.h ../include/openssl/evp.h
+genpkey.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+genpkey.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+genpkey.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+genpkey.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+genpkey.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+genpkey.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+genpkey.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+genpkey.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+genpkey.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+genpkey.o: genpkey.c
genrsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
genrsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h
genrsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h
@@ -513,15 +519,14 @@
genrsa.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
genrsa.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
genrsa.o: ../include/openssl/engine.h ../include/openssl/err.h
-genrsa.o: ../include/openssl/evp.h ../include/openssl/fips.h
-genrsa.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-genrsa.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
-genrsa.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-genrsa.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-genrsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-genrsa.o: ../include/openssl/rand.h ../include/openssl/rsa.h
-genrsa.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-genrsa.o: ../include/openssl/stack.h ../include/openssl/store.h
+genrsa.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+genrsa.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+genrsa.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+genrsa.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+genrsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+genrsa.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+genrsa.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+genrsa.o: ../include/openssl/sha.h ../include/openssl/stack.h
genrsa.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
genrsa.o: ../include/openssl/ui.h ../include/openssl/x509.h
genrsa.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
@@ -532,16 +537,15 @@
nseq.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
nseq.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
nseq.o: ../include/openssl/err.h ../include/openssl/evp.h
-nseq.o: ../include/openssl/fips.h ../include/openssl/lhash.h
-nseq.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-nseq.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
-nseq.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-nseq.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-nseq.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
-nseq.o: ../include/openssl/sha.h ../include/openssl/stack.h
-nseq.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-nseq.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-nseq.o: ../include/openssl/x509v3.h apps.h nseq.c
+nseq.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+nseq.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+nseq.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+nseq.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+nseq.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+nseq.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+nseq.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+nseq.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+nseq.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h nseq.c
ocsp.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
ocsp.o: ../include/openssl/bn.h ../include/openssl/buffer.h
ocsp.o: ../include/openssl/comp.h ../include/openssl/conf.h
@@ -549,29 +553,27 @@
ocsp.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
ocsp.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
ocsp.o: ../include/openssl/engine.h ../include/openssl/err.h
-ocsp.o: ../include/openssl/evp.h ../include/openssl/fips.h
-ocsp.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
-ocsp.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-ocsp.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
-ocsp.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-ocsp.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-ocsp.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-ocsp.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h
+ocsp.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+ocsp.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+ocsp.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ocsp.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+ocsp.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+ocsp.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+ocsp.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
ocsp.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-ocsp.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-ocsp.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-ocsp.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-ocsp.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h
-ocsp.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-ocsp.o: ../include/openssl/x509v3.h apps.h ocsp.c
+ocsp.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ocsp.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ocsp.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ocsp.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ocsp.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+ocsp.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h ocsp.c
openssl.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-openssl.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-openssl.o: ../include/openssl/comp.h ../include/openssl/conf.h
-openssl.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h
-openssl.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-openssl.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-openssl.o: ../include/openssl/engine.h ../include/openssl/err.h
-openssl.o: ../include/openssl/evp.h ../include/openssl/fips.h
+openssl.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+openssl.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+openssl.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+openssl.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+openssl.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
+openssl.o: ../include/openssl/err.h ../include/openssl/evp.h
openssl.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
openssl.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
openssl.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
@@ -578,14 +580,15 @@
openssl.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
openssl.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
openssl.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-openssl.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h
+openssl.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
openssl.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-openssl.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-openssl.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-openssl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-openssl.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h
-openssl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-openssl.o: ../include/openssl/x509v3.h apps.h openssl.c progs.h s_apps.h
+openssl.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+openssl.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+openssl.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+openssl.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+openssl.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+openssl.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+openssl.o: openssl.c progs.h s_apps.h
passwd.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
passwd.o: ../include/openssl/buffer.h ../include/openssl/conf.h
passwd.o: ../include/openssl/crypto.h ../include/openssl/des.h
@@ -593,17 +596,17 @@
passwd.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
passwd.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
passwd.o: ../include/openssl/err.h ../include/openssl/evp.h
-passwd.o: ../include/openssl/fips.h ../include/openssl/lhash.h
-passwd.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
-passwd.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
-passwd.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-passwd.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
-passwd.o: ../include/openssl/rand.h ../include/openssl/safestack.h
-passwd.o: ../include/openssl/sha.h ../include/openssl/stack.h
-passwd.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-passwd.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
-passwd.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-passwd.o: ../include/openssl/x509v3.h apps.h passwd.c
+passwd.o: ../include/openssl/lhash.h ../include/openssl/md5.h
+passwd.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+passwd.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+passwd.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+passwd.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+passwd.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+passwd.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+passwd.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
+passwd.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
+passwd.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+passwd.o: passwd.c
pkcs12.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
pkcs12.o: ../include/openssl/buffer.h ../include/openssl/conf.h
pkcs12.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
@@ -610,17 +613,16 @@
pkcs12.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
pkcs12.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
pkcs12.o: ../include/openssl/err.h ../include/openssl/evp.h
-pkcs12.o: ../include/openssl/fips.h ../include/openssl/lhash.h
-pkcs12.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-pkcs12.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
-pkcs12.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-pkcs12.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-pkcs12.o: ../include/openssl/pkcs12.h ../include/openssl/pkcs7.h
-pkcs12.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-pkcs12.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-pkcs12.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
-pkcs12.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
-pkcs12.o: pkcs12.c
+pkcs12.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+pkcs12.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+pkcs12.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+pkcs12.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+pkcs12.o: ../include/openssl/pem2.h ../include/openssl/pkcs12.h
+pkcs12.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
+pkcs12.o: ../include/openssl/sha.h ../include/openssl/stack.h
+pkcs12.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+pkcs12.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+pkcs12.o: ../include/openssl/x509v3.h apps.h pkcs12.c
pkcs7.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
pkcs7.o: ../include/openssl/buffer.h ../include/openssl/conf.h
pkcs7.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
@@ -627,16 +629,16 @@
pkcs7.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
pkcs7.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
pkcs7.o: ../include/openssl/err.h ../include/openssl/evp.h
-pkcs7.o: ../include/openssl/fips.h ../include/openssl/lhash.h
-pkcs7.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-pkcs7.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
-pkcs7.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-pkcs7.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-pkcs7.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
-pkcs7.o: ../include/openssl/sha.h ../include/openssl/stack.h
-pkcs7.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-pkcs7.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-pkcs7.o: ../include/openssl/x509v3.h apps.h pkcs7.c
+pkcs7.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+pkcs7.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+pkcs7.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+pkcs7.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+pkcs7.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+pkcs7.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+pkcs7.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+pkcs7.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+pkcs7.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+pkcs7.o: pkcs7.c
pkcs8.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
pkcs8.o: ../include/openssl/buffer.h ../include/openssl/conf.h
pkcs8.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
@@ -643,17 +645,63 @@
pkcs8.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
pkcs8.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
pkcs8.o: ../include/openssl/err.h ../include/openssl/evp.h
-pkcs8.o: ../include/openssl/fips.h ../include/openssl/lhash.h
-pkcs8.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-pkcs8.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
-pkcs8.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-pkcs8.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-pkcs8.o: ../include/openssl/pkcs12.h ../include/openssl/pkcs7.h
-pkcs8.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-pkcs8.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-pkcs8.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
-pkcs8.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
-pkcs8.o: pkcs8.c
+pkcs8.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+pkcs8.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+pkcs8.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+pkcs8.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+pkcs8.o: ../include/openssl/pem2.h ../include/openssl/pkcs12.h
+pkcs8.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
+pkcs8.o: ../include/openssl/sha.h ../include/openssl/stack.h
+pkcs8.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+pkcs8.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+pkcs8.o: ../include/openssl/x509v3.h apps.h pkcs8.c
+pkey.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+pkey.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+pkey.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+pkey.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+pkey.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
+pkey.o: ../include/openssl/err.h ../include/openssl/evp.h
+pkey.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+pkey.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+pkey.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+pkey.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+pkey.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+pkey.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+pkey.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+pkey.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+pkey.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h pkey.c
+pkeyparam.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+pkeyparam.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+pkeyparam.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+pkeyparam.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+pkeyparam.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
+pkeyparam.o: ../include/openssl/err.h ../include/openssl/evp.h
+pkeyparam.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+pkeyparam.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+pkeyparam.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+pkeyparam.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+pkeyparam.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+pkeyparam.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+pkeyparam.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+pkeyparam.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+pkeyparam.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+pkeyparam.o: pkeyparam.c
+pkeyutl.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+pkeyutl.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+pkeyutl.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+pkeyutl.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+pkeyutl.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
+pkeyutl.o: ../include/openssl/err.h ../include/openssl/evp.h
+pkeyutl.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+pkeyutl.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+pkeyutl.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+pkeyutl.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+pkeyutl.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+pkeyutl.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+pkeyutl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+pkeyutl.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+pkeyutl.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+pkeyutl.o: pkeyutl.c
prime.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
prime.o: ../include/openssl/bn.h ../include/openssl/buffer.h
prime.o: ../include/openssl/conf.h ../include/openssl/crypto.h
@@ -660,15 +708,15 @@
prime.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
prime.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
prime.o: ../include/openssl/engine.h ../include/openssl/evp.h
-prime.o: ../include/openssl/fips.h ../include/openssl/lhash.h
-prime.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-prime.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
-prime.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-prime.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
-prime.o: ../include/openssl/sha.h ../include/openssl/stack.h
-prime.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-prime.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-prime.o: ../include/openssl/x509v3.h apps.h prime.c
+prime.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+prime.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+prime.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+prime.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
+prime.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+prime.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+prime.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+prime.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+prime.o: prime.c
rand.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
rand.o: ../include/openssl/buffer.h ../include/openssl/conf.h
rand.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
@@ -675,15 +723,15 @@
rand.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
rand.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
rand.o: ../include/openssl/err.h ../include/openssl/evp.h
-rand.o: ../include/openssl/fips.h ../include/openssl/lhash.h
-rand.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-rand.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
-rand.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-rand.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-rand.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-rand.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-rand.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
-rand.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h rand.c
+rand.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+rand.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+rand.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+rand.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
+rand.o: ../include/openssl/rand.h ../include/openssl/safestack.h
+rand.o: ../include/openssl/sha.h ../include/openssl/stack.h
+rand.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+rand.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+rand.o: ../include/openssl/x509v3.h apps.h rand.c
req.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
req.o: ../include/openssl/bn.h ../include/openssl/buffer.h
req.o: ../include/openssl/conf.h ../include/openssl/crypto.h
@@ -691,15 +739,14 @@
req.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
req.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
req.o: ../include/openssl/engine.h ../include/openssl/err.h
-req.o: ../include/openssl/evp.h ../include/openssl/fips.h
-req.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-req.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
-req.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-req.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-req.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-req.o: ../include/openssl/rand.h ../include/openssl/rsa.h
-req.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-req.o: ../include/openssl/stack.h ../include/openssl/store.h
+req.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+req.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+req.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+req.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+req.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+req.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+req.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+req.o: ../include/openssl/sha.h ../include/openssl/stack.h
req.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
req.o: ../include/openssl/ui.h ../include/openssl/x509.h
req.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h req.c
@@ -709,17 +756,16 @@
rsa.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
rsa.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
rsa.o: ../include/openssl/engine.h ../include/openssl/err.h
-rsa.o: ../include/openssl/evp.h ../include/openssl/fips.h
-rsa.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-rsa.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
-rsa.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-rsa.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-rsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-rsa.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-rsa.o: ../include/openssl/sha.h ../include/openssl/stack.h
-rsa.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-rsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-rsa.o: ../include/openssl/x509v3.h apps.h rsa.c
+rsa.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+rsa.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+rsa.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+rsa.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+rsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+rsa.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
+rsa.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+rsa.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+rsa.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+rsa.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h rsa.c
rsautl.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
rsautl.o: ../include/openssl/buffer.h ../include/openssl/conf.h
rsautl.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
@@ -726,25 +772,23 @@
rsautl.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
rsautl.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
rsautl.o: ../include/openssl/err.h ../include/openssl/evp.h
-rsautl.o: ../include/openssl/fips.h ../include/openssl/lhash.h
-rsautl.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-rsautl.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
-rsautl.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-rsautl.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-rsautl.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
-rsautl.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-rsautl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-rsautl.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
-rsautl.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
-rsautl.o: rsautl.c
+rsautl.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+rsautl.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+rsautl.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+rsautl.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+rsautl.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+rsautl.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+rsautl.o: ../include/openssl/sha.h ../include/openssl/stack.h
+rsautl.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+rsautl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+rsautl.o: ../include/openssl/x509v3.h apps.h rsautl.c
s_cb.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s_cb.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-s_cb.o: ../include/openssl/comp.h ../include/openssl/conf.h
-s_cb.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h
-s_cb.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-s_cb.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-s_cb.o: ../include/openssl/engine.h ../include/openssl/err.h
-s_cb.o: ../include/openssl/evp.h ../include/openssl/fips.h
+s_cb.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+s_cb.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+s_cb.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+s_cb.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+s_cb.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
+s_cb.o: ../include/openssl/err.h ../include/openssl/evp.h
s_cb.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
s_cb.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
s_cb.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
@@ -751,9 +795,9 @@
s_cb.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
s_cb.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
s_cb.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s_cb.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h
-s_cb.o: ../include/openssl/rand.h ../include/openssl/safestack.h
-s_cb.o: ../include/openssl/sha.h ../include/openssl/ssl.h
+s_cb.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+s_cb.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s_cb.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
s_cb.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
s_cb.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
s_cb.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
@@ -767,16 +811,16 @@
s_client.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
s_client.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
s_client.o: ../include/openssl/engine.h ../include/openssl/err.h
-s_client.o: ../include/openssl/evp.h ../include/openssl/fips.h
-s_client.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
-s_client.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-s_client.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
-s_client.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s_client.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-s_client.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s_client.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h
+s_client.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s_client.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s_client.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s_client.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+s_client.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+s_client.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+s_client.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
s_client.o: ../include/openssl/rand.h ../include/openssl/safestack.h
-s_client.o: ../include/openssl/sha.h ../include/openssl/ssl.h
+s_client.o: ../include/openssl/sha.h ../include/openssl/srp.h
+s_client.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
s_client.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
s_client.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
s_client.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
@@ -791,31 +835,30 @@
s_server.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
s_server.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
s_server.o: ../include/openssl/engine.h ../include/openssl/err.h
-s_server.o: ../include/openssl/evp.h ../include/openssl/fips.h
-s_server.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
-s_server.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-s_server.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
-s_server.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s_server.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-s_server.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s_server.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h
+s_server.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s_server.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s_server.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s_server.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+s_server.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+s_server.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+s_server.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
s_server.o: ../include/openssl/rand.h ../include/openssl/rsa.h
s_server.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s_server.o: ../include/openssl/srp.h ../include/openssl/srtp.h
s_server.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
s_server.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s_server.o: ../include/openssl/stack.h ../include/openssl/store.h
-s_server.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s_server.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
-s_server.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-s_server.o: ../include/openssl/x509v3.h apps.h s_apps.h s_server.c timeouts.h
+s_server.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+s_server.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h
+s_server.o: ../include/openssl/ui.h ../include/openssl/x509.h
+s_server.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+s_server.o: s_apps.h s_server.c timeouts.h
s_socket.o: ../e_os.h ../e_os2.h ../include/openssl/asn1.h
-s_socket.o: ../include/openssl/bio.h ../include/openssl/bn.h
-s_socket.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-s_socket.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-s_socket.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-s_socket.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-s_socket.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-s_socket.o: ../include/openssl/evp.h ../include/openssl/fips.h
+s_socket.o: ../include/openssl/bio.h ../include/openssl/buffer.h
+s_socket.o: ../include/openssl/comp.h ../include/openssl/conf.h
+s_socket.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h
+s_socket.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
+s_socket.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
+s_socket.o: ../include/openssl/engine.h ../include/openssl/evp.h
s_socket.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
s_socket.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
s_socket.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
@@ -822,8 +865,8 @@
s_socket.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
s_socket.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
s_socket.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s_socket.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h
-s_socket.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s_socket.o: ../include/openssl/pqueue.h ../include/openssl/safestack.h
+s_socket.o: ../include/openssl/sha.h ../include/openssl/srtp.h
s_socket.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
s_socket.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
s_socket.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
@@ -831,13 +874,12 @@
s_socket.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
s_socket.o: ../include/openssl/x509v3.h apps.h s_apps.h s_socket.c
s_time.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s_time.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-s_time.o: ../include/openssl/comp.h ../include/openssl/conf.h
-s_time.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h
-s_time.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-s_time.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-s_time.o: ../include/openssl/engine.h ../include/openssl/err.h
-s_time.o: ../include/openssl/evp.h ../include/openssl/fips.h
+s_time.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+s_time.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+s_time.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+s_time.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+s_time.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
+s_time.o: ../include/openssl/err.h ../include/openssl/evp.h
s_time.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
s_time.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
s_time.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
@@ -844,8 +886,8 @@
s_time.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
s_time.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
s_time.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s_time.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h
-s_time.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s_time.o: ../include/openssl/pqueue.h ../include/openssl/safestack.h
+s_time.o: ../include/openssl/sha.h ../include/openssl/srtp.h
s_time.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
s_time.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
s_time.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
@@ -853,13 +895,12 @@
s_time.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
s_time.o: ../include/openssl/x509v3.h apps.h s_apps.h s_time.c
sess_id.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-sess_id.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-sess_id.o: ../include/openssl/comp.h ../include/openssl/conf.h
-sess_id.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h
-sess_id.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-sess_id.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-sess_id.o: ../include/openssl/engine.h ../include/openssl/err.h
-sess_id.o: ../include/openssl/evp.h ../include/openssl/fips.h
+sess_id.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+sess_id.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+sess_id.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+sess_id.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+sess_id.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
+sess_id.o: ../include/openssl/err.h ../include/openssl/evp.h
sess_id.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
sess_id.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
sess_id.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
@@ -866,8 +907,8 @@
sess_id.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
sess_id.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
sess_id.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-sess_id.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h
-sess_id.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+sess_id.o: ../include/openssl/pqueue.h ../include/openssl/safestack.h
+sess_id.o: ../include/openssl/sha.h ../include/openssl/srtp.h
sess_id.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
sess_id.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
sess_id.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
@@ -880,41 +921,42 @@
smime.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
smime.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
smime.o: ../include/openssl/err.h ../include/openssl/evp.h
-smime.o: ../include/openssl/fips.h ../include/openssl/lhash.h
-smime.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-smime.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
-smime.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-smime.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-smime.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
-smime.o: ../include/openssl/sha.h ../include/openssl/stack.h
-smime.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-smime.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-smime.o: ../include/openssl/x509v3.h apps.h smime.c
+smime.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+smime.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+smime.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+smime.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+smime.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+smime.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+smime.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+smime.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+smime.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+smime.o: smime.c
speed.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
speed.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
speed.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-speed.o: ../include/openssl/cast.h ../include/openssl/conf.h
-speed.o: ../include/openssl/crypto.h ../include/openssl/des.h
-speed.o: ../include/openssl/des_old.h ../include/openssl/dsa.h
-speed.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-speed.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-speed.o: ../include/openssl/engine.h ../include/openssl/err.h
-speed.o: ../include/openssl/evp.h ../include/openssl/fips.h
+speed.o: ../include/openssl/camellia.h ../include/openssl/cast.h
+speed.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+speed.o: ../include/openssl/des.h ../include/openssl/des_old.h
+speed.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+speed.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+speed.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
+speed.o: ../include/openssl/err.h ../include/openssl/evp.h
speed.o: ../include/openssl/hmac.h ../include/openssl/idea.h
-speed.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-speed.o: ../include/openssl/md4.h ../include/openssl/md5.h
-speed.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-speed.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
-speed.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-speed.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-speed.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-speed.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-speed.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+speed.o: ../include/openssl/lhash.h ../include/openssl/md4.h
+speed.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
+speed.o: ../include/openssl/modes.h ../include/openssl/obj_mac.h
+speed.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+speed.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+speed.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
+speed.o: ../include/openssl/rand.h ../include/openssl/rc2.h
+speed.o: ../include/openssl/rc4.h ../include/openssl/ripemd.h
+speed.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+speed.o: ../include/openssl/seed.h ../include/openssl/sha.h
speed.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
speed.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
-speed.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
-speed.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
-speed.o: speed.c testdsa.h testrsa.h
+speed.o: ../include/openssl/ui_compat.h ../include/openssl/whrlpool.h
+speed.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+speed.o: ../include/openssl/x509v3.h apps.h speed.c testdsa.h testrsa.h
spkac.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
spkac.o: ../include/openssl/buffer.h ../include/openssl/conf.h
spkac.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
@@ -921,16 +963,49 @@
spkac.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
spkac.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
spkac.o: ../include/openssl/err.h ../include/openssl/evp.h
-spkac.o: ../include/openssl/fips.h ../include/openssl/lhash.h
-spkac.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-spkac.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
-spkac.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-spkac.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-spkac.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
-spkac.o: ../include/openssl/sha.h ../include/openssl/stack.h
-spkac.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-spkac.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-spkac.o: ../include/openssl/x509v3.h apps.h spkac.c
+spkac.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+spkac.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+spkac.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+spkac.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+spkac.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+spkac.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+spkac.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+spkac.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+spkac.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+spkac.o: spkac.c
+srp.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+srp.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+srp.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+srp.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
+srp.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
+srp.o: ../include/openssl/engine.h ../include/openssl/err.h
+srp.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+srp.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+srp.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+srp.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+srp.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
+srp.o: ../include/openssl/sha.h ../include/openssl/srp.h
+srp.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+srp.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+srp.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h srp.c
+ts.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+ts.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+ts.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+ts.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+ts.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
+ts.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
+ts.o: ../include/openssl/engine.h ../include/openssl/err.h
+ts.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+ts.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ts.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+ts.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+ts.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+ts.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+ts.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+ts.o: ../include/openssl/sha.h ../include/openssl/stack.h
+ts.o: ../include/openssl/symhacks.h ../include/openssl/ts.h
+ts.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+ts.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h ts.c
verify.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
verify.o: ../include/openssl/buffer.h ../include/openssl/conf.h
verify.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
@@ -937,16 +1012,16 @@
verify.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
verify.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
verify.o: ../include/openssl/err.h ../include/openssl/evp.h
-verify.o: ../include/openssl/fips.h ../include/openssl/lhash.h
-verify.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-verify.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
-verify.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-verify.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-verify.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
-verify.o: ../include/openssl/sha.h ../include/openssl/stack.h
-verify.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-verify.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-verify.o: ../include/openssl/x509v3.h apps.h verify.c
+verify.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+verify.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+verify.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+verify.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+verify.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+verify.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+verify.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+verify.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+verify.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+verify.o: verify.c
version.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
version.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
version.o: ../include/openssl/buffer.h ../include/openssl/conf.h
@@ -954,9 +1029,8 @@
version.o: ../include/openssl/des_old.h ../include/openssl/e_os2.h
version.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
version.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-version.o: ../include/openssl/evp.h ../include/openssl/fips.h
-version.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-version.o: ../include/openssl/md2.h ../include/openssl/obj_mac.h
+version.o: ../include/openssl/evp.h ../include/openssl/idea.h
+version.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
version.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
version.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
version.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
@@ -973,13 +1047,13 @@
x509.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
x509.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
x509.o: ../include/openssl/err.h ../include/openssl/evp.h
-x509.o: ../include/openssl/fips.h ../include/openssl/lhash.h
-x509.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-x509.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
-x509.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-x509.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-x509.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
-x509.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-x509.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-x509.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
-x509.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h x509.c
+x509.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+x509.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+x509.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+x509.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+x509.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+x509.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+x509.o: ../include/openssl/sha.h ../include/openssl/stack.h
+x509.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+x509.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+x509.o: ../include/openssl/x509v3.h apps.h x509.c
Modified: trunk/crypto/openssl/apps/apps.c
===================================================================
--- trunk/crypto/openssl/apps/apps.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/apps/apps.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -109,12 +109,22 @@
*
*/
+#if !defined(_POSIX_C_SOURCE) && defined(OPENSSL_SYS_VMS)
+/*
+ * On VMS, you need to define this to get the declaration of fileno(). The
+ * value 2 is to make sure no function defined in POSIX-2 is left undefined.
+ */
+# define _POSIX_C_SOURCE 2
+#endif
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
+#if !defined(OPENSSL_SYSNAME_WIN32) && !defined(NETWARE_CLIB)
+# include <strings.h>
+#endif
#include <sys/types.h>
-#include <sys/stat.h>
#include <ctype.h>
+#include <errno.h>
#include <assert.h>
#include <openssl/err.h>
#include <openssl/x509.h>
@@ -138,6 +148,11 @@
#include "apps.h"
#undef NON_MAIN
+#ifdef _WIN32
+static int WIN32_rename(const char *from, const char *to);
+# define rename(from,to) WIN32_rename((from),(to))
+#endif
+
typedef struct {
const char *name;
unsigned long flag;
@@ -168,19 +183,23 @@
static char *buf = NULL;
static char **arg = NULL;
char *p;
- struct stat stbuf;
- if (stat(file, &stbuf) < 0)
- return (0);
-
fp = fopen(file, "r");
if (fp == NULL)
return (0);
+ if (fseek(fp, 0, SEEK_END) == 0)
+ len = ftell(fp), rewind(fp);
+ else
+ len = -1;
+ if (len <= 0) {
+ fclose(fp);
+ return (0);
+ }
+
*argc = 0;
*argv = NULL;
- len = (unsigned int)stbuf.st_size;
if (buf != NULL)
OPENSSL_free(buf);
buf = (char *)OPENSSL_malloc(len + 1);
@@ -248,16 +267,18 @@
int str2fmt(char *s)
{
+ if (s == NULL)
+ return FORMAT_UNDEF;
if ((*s == 'D') || (*s == 'd'))
return (FORMAT_ASN1);
else if ((*s == 'T') || (*s == 't'))
return (FORMAT_TEXT);
- else if ((*s == 'P') || (*s == 'p'))
- return (FORMAT_PEM);
else if ((*s == 'N') || (*s == 'n'))
return (FORMAT_NETSCAPE);
else if ((*s == 'S') || (*s == 's'))
return (FORMAT_SMIME);
+ else if ((*s == 'M') || (*s == 'm'))
+ return (FORMAT_MSBLOB);
else if ((*s == '1')
|| (strcmp(s, "PKCS12") == 0) || (strcmp(s, "pkcs12") == 0)
|| (strcmp(s, "P12") == 0) || (strcmp(s, "p12") == 0))
@@ -264,7 +285,12 @@
return (FORMAT_PKCS12);
else if ((*s == 'E') || (*s == 'e'))
return (FORMAT_ENGINE);
- else
+ else if ((*s == 'P') || (*s == 'p')) {
+ if (s[1] == 'V' || s[1] == 'v')
+ return FORMAT_PVK;
+ else
+ return (FORMAT_PEM);
+ } else
return (FORMAT_UNDEF);
}
@@ -546,6 +572,11 @@
char *prompt = NULL;
prompt = UI_construct_prompt(ui, "pass phrase", prompt_info);
+ if (!prompt) {
+ BIO_printf(bio_err, "Out of memory\n");
+ UI_free(ui);
+ return 0;
+ }
ui_flags |= UI_INPUT_FLAG_DEFAULT_PWD;
UI_ctrl(ui, UI_CTRL_PRINT_ERRORS, 1, 0, 0);
@@ -555,6 +586,12 @@
PW_MIN_LENGTH, bufsiz - 1);
if (ok >= 0 && verify) {
buff = (char *)OPENSSL_malloc(bufsiz);
+ if (!buff) {
+ BIO_printf(bio_err, "Out of memory\n");
+ UI_free(ui);
+ OPENSSL_free(prompt);
+ return 0;
+ }
ok = UI_add_verify_string(ui, prompt, ui_flags, buff,
PW_MIN_LENGTH, bufsiz - 1, buf);
}
@@ -634,6 +671,15 @@
BIO_printf(err, "Can't open file %s\n", arg + 5);
return NULL;
}
+#if !defined(_WIN32)
+ /*
+ * Under _WIN32, which covers even Win64 and CE, file
+ * descriptors referenced by BIO_s_fd are not inherited
+ * by child process and therefore below is not an option.
+ * It could have been an option if bss_fd.c was operating
+ * on real Windows descriptors, such as those obtained
+ * with CreateFile.
+ */
} else if (!strncmp(arg, "fd:", 3)) {
BIO *btmp;
i = atoi(arg + 3);
@@ -648,6 +694,7 @@
*/
btmp = BIO_new(BIO_f_buffer());
pwdbio = BIO_push(btmp, pwdbio);
+#endif
} else if (!strcmp(arg, "stdin")) {
pwdbio = BIO_new_fp(stdin, BIO_NOCLOSE);
if (!pwdbio) {
@@ -743,8 +790,6 @@
X509 *load_cert(BIO *err, const char *file, int format,
const char *pass, ENGINE *e, const char *cert_descrip)
{
- ASN1_HEADER *ah = NULL;
- BUF_MEM *buf = NULL;
X509 *x = NULL;
BIO *cert;
@@ -754,7 +799,11 @@
}
if (file == NULL) {
+#ifdef _IONBF
+# ifndef OPENSSL_NO_SETVBUF_IONBF
setvbuf(stdin, NULL, _IONBF, 0);
+# endif /* ndef OPENSSL_NO_SETVBUF_IONBF */
+#endif
BIO_set_fp(cert, stdin, BIO_NOCLOSE);
} else {
if (BIO_read_filename(cert, file) <= 0) {
@@ -767,46 +816,20 @@
if (format == FORMAT_ASN1)
x = d2i_X509_bio(cert, NULL);
else if (format == FORMAT_NETSCAPE) {
- const unsigned char *p, *op;
- int size = 0, i;
+ NETSCAPE_X509 *nx;
+ nx = ASN1_item_d2i_bio(ASN1_ITEM_rptr(NETSCAPE_X509), cert, NULL);
+ if (nx == NULL)
+ goto end;
- /*
- * We sort of have to do it this way because it is sort of nice to
- * read the header first and check it, then try to read the
- * certificate
- */
- buf = BUF_MEM_new();
- for (;;) {
- if ((buf == NULL) || (!BUF_MEM_grow(buf, size + 1024 * 10)))
- goto end;
- i = BIO_read(cert, &(buf->data[size]), 1024 * 10);
- size += i;
- if (i == 0)
- break;
- if (i < 0) {
- perror("reading certificate");
- goto end;
- }
- }
- p = (unsigned char *)buf->data;
- op = p;
-
- /* First load the header */
- if ((ah = d2i_ASN1_HEADER(NULL, &p, (long)size)) == NULL)
- goto end;
- if ((ah->header == NULL) || (ah->header->data == NULL) ||
- (strncmp(NETSCAPE_CERT_HDR, (char *)ah->header->data,
- ah->header->length) != 0)) {
+ if ((strncmp(NETSCAPE_CERT_HDR, (char *)nx->header->data,
+ nx->header->length) != 0)) {
+ NETSCAPE_X509_free(nx);
BIO_printf(err, "Error reading header on certificate\n");
goto end;
}
- /* header is ok, so now read the object */
- p = op;
- ah->meth = X509_asn1_meth();
- if ((ah = d2i_ASN1_HEADER(&ah, &p, (long)size)) == NULL)
- goto end;
- x = (X509 *)ah->data;
- ah->data = NULL;
+ x = nx->cert;
+ nx->cert = NULL;
+ NETSCAPE_X509_free(nx);
} else if (format == FORMAT_PEM)
x = PEM_read_bio_X509_AUX(cert, NULL,
(pem_password_cb *)password_callback, NULL);
@@ -822,12 +845,8 @@
BIO_printf(err, "unable to load certificate\n");
ERR_print_errors(err);
}
- if (ah != NULL)
- ASN1_HEADER_free(ah);
if (cert != NULL)
BIO_free(cert);
- if (buf != NULL)
- BUF_MEM_free(buf);
return (x);
}
@@ -865,7 +884,11 @@
goto end;
}
if (file == NULL && maybe_stdin) {
+#ifdef _IONBF
+# ifndef OPENSSL_NO_SETVBUF_IONBF
setvbuf(stdin, NULL, _IONBF, 0);
+# endif /* ndef OPENSSL_NO_SETVBUF_IONBF */
+#endif
BIO_set_fp(key, stdin, BIO_NOCLOSE);
} else if (BIO_read_filename(key, file) <= 0) {
BIO_printf(err, "Error opening %s %s\n", key_descrip, file);
@@ -888,7 +911,15 @@
(pem_password_cb *)password_callback, &cb_data,
&pkey, NULL, NULL))
goto end;
- } else {
+ }
+#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DSA) && !defined (OPENSSL_NO_RC4)
+ else if (format == FORMAT_MSBLOB)
+ pkey = b2i_PrivateKey_bio(key);
+ else if (format == FORMAT_PVK)
+ pkey = b2i_PVK_bio(key, (pem_password_cb *)password_callback,
+ &cb_data);
+#endif
+ else {
BIO_printf(err, "bad input format specified for key file\n");
goto end;
}
@@ -931,7 +962,11 @@
goto end;
}
if (file == NULL && maybe_stdin) {
+#ifdef _IONBF
+# ifndef OPENSSL_NO_SETVBUF_IONBF
setvbuf(stdin, NULL, _IONBF, 0);
+# endif /* ndef OPENSSL_NO_SETVBUF_IONBF */
+#endif
BIO_set_fp(key, stdin, BIO_NOCLOSE);
} else if (BIO_read_filename(key, file) <= 0) {
BIO_printf(err, "Error opening %s %s\n", key_descrip, file);
@@ -940,7 +975,33 @@
}
if (format == FORMAT_ASN1) {
pkey = d2i_PUBKEY_bio(key, NULL);
- } else if (format == FORMAT_PEM) {
+ }
+#ifndef OPENSSL_NO_RSA
+ else if (format == FORMAT_ASN1RSA) {
+ RSA *rsa;
+ rsa = d2i_RSAPublicKey_bio(key, NULL);
+ if (rsa) {
+ pkey = EVP_PKEY_new();
+ if (pkey)
+ EVP_PKEY_set1_RSA(pkey, rsa);
+ RSA_free(rsa);
+ } else
+ pkey = NULL;
+ } else if (format == FORMAT_PEMRSA) {
+ RSA *rsa;
+ rsa = PEM_read_bio_RSAPublicKey(key, NULL,
+ (pem_password_cb *)password_callback,
+ &cb_data);
+ if (rsa) {
+ pkey = EVP_PKEY_new();
+ if (pkey)
+ EVP_PKEY_set1_RSA(pkey, rsa);
+ RSA_free(rsa);
+ } else
+ pkey = NULL;
+ }
+#endif
+ else if (format == FORMAT_PEM) {
pkey = PEM_read_bio_PUBKEY(key, NULL,
(pem_password_cb *)password_callback,
&cb_data);
@@ -949,6 +1010,10 @@
else if (format == FORMAT_NETSCAPE || format == FORMAT_IISSGC)
pkey = load_netscape_key(err, key, file, key_descrip, format);
#endif
+#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DSA)
+ else if (format == FORMAT_MSBLOB)
+ pkey = b2i_PublicKey_bio(key);
+#endif
else {
BIO_printf(err, "bad input format specified for key file\n");
goto end;
@@ -1003,68 +1068,114 @@
}
#endif /* ndef OPENSSL_NO_RC4 */
-STACK_OF(X509) *load_certs(BIO *err, const char *file, int format,
- const char *pass, ENGINE *e,
- const char *cert_descrip)
+static int load_certs_crls(BIO *err, const char *file, int format,
+ const char *pass, ENGINE *e, const char *desc,
+ STACK_OF(X509) **pcerts,
+ STACK_OF(X509_CRL) **pcrls)
{
- BIO *certs;
int i;
- STACK_OF(X509) *othercerts = NULL;
- STACK_OF(X509_INFO) *allcerts = NULL;
+ BIO *bio;
+ STACK_OF(X509_INFO) *xis = NULL;
X509_INFO *xi;
PW_CB_DATA cb_data;
+ int rv = 0;
cb_data.password = pass;
cb_data.prompt_info = file;
- if ((certs = BIO_new(BIO_s_file())) == NULL) {
+ if (format != FORMAT_PEM) {
+ BIO_printf(err, "bad input format specified for %s\n", desc);
+ return 0;
+ }
+
+ if (file == NULL)
+ bio = BIO_new_fp(stdin, BIO_NOCLOSE);
+ else
+ bio = BIO_new_file(file, "r");
+
+ if (bio == NULL) {
+ BIO_printf(err, "Error opening %s %s\n", desc, file ? file : "stdin");
ERR_print_errors(err);
- goto end;
+ return 0;
}
- if (file == NULL)
- BIO_set_fp(certs, stdin, BIO_NOCLOSE);
- else {
- if (BIO_read_filename(certs, file) <= 0) {
- BIO_printf(err, "Error opening %s %s\n", cert_descrip, file);
- ERR_print_errors(err);
+ xis = PEM_X509_INFO_read_bio(bio, NULL,
+ (pem_password_cb *)password_callback,
+ &cb_data);
+
+ BIO_free(bio);
+
+ if (pcerts) {
+ *pcerts = sk_X509_new_null();
+ if (!*pcerts)
goto end;
- }
}
- if (format == FORMAT_PEM) {
- othercerts = sk_X509_new_null();
- if (!othercerts) {
- sk_X509_free(othercerts);
- othercerts = NULL;
+ if (pcrls) {
+ *pcrls = sk_X509_CRL_new_null();
+ if (!*pcrls)
goto end;
+ }
+
+ for (i = 0; i < sk_X509_INFO_num(xis); i++) {
+ xi = sk_X509_INFO_value(xis, i);
+ if (xi->x509 && pcerts) {
+ if (!sk_X509_push(*pcerts, xi->x509))
+ goto end;
+ xi->x509 = NULL;
}
- allcerts = PEM_X509_INFO_read_bio(certs, NULL, (pem_password_cb *)
- password_callback, &cb_data);
- for (i = 0; i < sk_X509_INFO_num(allcerts); i++) {
- xi = sk_X509_INFO_value(allcerts, i);
- if (xi->x509) {
- sk_X509_push(othercerts, xi->x509);
- xi->x509 = NULL;
- }
+ if (xi->crl && pcrls) {
+ if (!sk_X509_CRL_push(*pcrls, xi->crl))
+ goto end;
+ xi->crl = NULL;
}
- goto end;
- } else {
- BIO_printf(err, "bad input format specified for %s\n", cert_descrip);
- goto end;
}
+
+ if (pcerts && sk_X509_num(*pcerts) > 0)
+ rv = 1;
+
+ if (pcrls && sk_X509_CRL_num(*pcrls) > 0)
+ rv = 1;
+
end:
- if (othercerts == NULL) {
- BIO_printf(err, "unable to load certificates\n");
+
+ if (xis)
+ sk_X509_INFO_pop_free(xis, X509_INFO_free);
+
+ if (rv == 0) {
+ if (pcerts) {
+ sk_X509_pop_free(*pcerts, X509_free);
+ *pcerts = NULL;
+ }
+ if (pcrls) {
+ sk_X509_CRL_pop_free(*pcrls, X509_CRL_free);
+ *pcrls = NULL;
+ }
+ BIO_printf(err, "unable to load %s\n",
+ pcerts ? "certificates" : "CRLs");
ERR_print_errors(err);
}
- if (allcerts)
- sk_X509_INFO_pop_free(allcerts, X509_INFO_free);
- if (certs != NULL)
- BIO_free(certs);
- return (othercerts);
+ return rv;
}
+STACK_OF(X509) *load_certs(BIO *err, const char *file, int format,
+ const char *pass, ENGINE *e, const char *desc)
+{
+ STACK_OF(X509) *certs;
+ if (!load_certs_crls(err, file, format, pass, e, desc, &certs, NULL))
+ return NULL;
+ return certs;
+}
+
+STACK_OF(X509_CRL) *load_crls(BIO *err, const char *file, int format,
+ const char *pass, ENGINE *e, const char *desc)
+{
+ STACK_OF(X509_CRL) *crls;
+ if (!load_certs_crls(err, file, format, pass, e, desc, NULL, &crls))
+ return NULL;
+ return crls;
+}
+
#define X509V3_EXT_UNKNOWN_MASK (0xfL << 16)
/* Return error for unknown extensions */
#define X509V3_EXT_DEFAULT 0
@@ -1353,6 +1464,10 @@
int load_config(BIO *err, CONF *cnf)
{
+ static int load_config_called = 0;
+ if (load_config_called)
+ return 1;
+ load_config_called = 1;
if (!cnf)
cnf = config;
if (!cnf)
@@ -1387,7 +1502,7 @@
return p;
}
-static unsigned long index_serial_hash(const char **a)
+static unsigned long index_serial_hash(const OPENSSL_CSTRING *a)
{
const char *n;
@@ -1397,7 +1512,8 @@
return (lh_strhash(n));
}
-static int index_serial_cmp(const char **a, const char **b)
+static int index_serial_cmp(const OPENSSL_CSTRING *a,
+ const OPENSSL_CSTRING *b)
{
const char *aa, *bb;
@@ -1411,20 +1527,20 @@
return (a[0][0] == 'V');
}
-static unsigned long index_name_hash(const char **a)
+static unsigned long index_name_hash(const OPENSSL_CSTRING *a)
{
return (lh_strhash(a[DB_name]));
}
-int index_name_cmp(const char **a, const char **b)
+int index_name_cmp(const OPENSSL_CSTRING *a, const OPENSSL_CSTRING *b)
{
return (strcmp(a[DB_name], b[DB_name]));
}
-static IMPLEMENT_LHASH_HASH_FN(index_serial_hash, const char **)
-static IMPLEMENT_LHASH_COMP_FN(index_serial_cmp, const char **)
-static IMPLEMENT_LHASH_HASH_FN(index_name_hash, const char **)
-static IMPLEMENT_LHASH_COMP_FN(index_name_cmp, const char **)
+static IMPLEMENT_LHASH_HASH_FN(index_serial, OPENSSL_CSTRING)
+static IMPLEMENT_LHASH_COMP_FN(index_serial, OPENSSL_CSTRING)
+static IMPLEMENT_LHASH_HASH_FN(index_name, OPENSSL_CSTRING)
+static IMPLEMENT_LHASH_COMP_FN(index_name, OPENSSL_CSTRING)
#undef BSIZE
#define BSIZE 256
BIGNUM *load_serial(char *serialfile, int create, ASN1_INTEGER **retai)
@@ -1541,7 +1657,6 @@
{
char buf[5][BSIZE];
int i, j;
- struct stat sb;
i = strlen(serialfile) + strlen(old_suffix);
j = strlen(serialfile) + strlen(new_suffix);
@@ -1561,24 +1676,19 @@
#else
j = BIO_snprintf(buf[1], sizeof buf[1], "%s-%s", serialfile, old_suffix);
#endif
- if (stat(serialfile, &sb) < 0) {
- if (errno != ENOENT
+#ifdef RL_DEBUG
+ BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
+ serialfile, buf[1]);
+#endif
+ if (rename(serialfile, buf[1]) < 0 && errno != ENOENT
#ifdef ENOTDIR
- && errno != ENOTDIR
+ && errno != ENOTDIR
#endif
- )
- goto err;
- } else {
-#ifdef RL_DEBUG
- BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
- serialfile, buf[1]);
-#endif
- if (rename(serialfile, buf[1]) < 0) {
- BIO_printf(bio_err,
- "unable to rename %s to %s\n", serialfile, buf[1]);
- perror("reason");
- goto err;
- }
+ ) {
+ BIO_printf(bio_err,
+ "unable to rename %s to %s\n", serialfile, buf[1]);
+ perror("reason");
+ goto err;
}
#ifdef RL_DEBUG
BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
@@ -1641,11 +1751,9 @@
BIO_printf(bio_err, "unable to open '%s'\n", dbfile);
goto err;
}
- if ((tmpdb = TXT_DB_read(in, DB_NUMBER)) == NULL) {
- if (tmpdb != NULL)
- TXT_DB_free(tmpdb);
+ if ((tmpdb = TXT_DB_read(in, DB_NUMBER)) == NULL)
goto err;
- }
+
#ifndef OPENSSL_SYS_VMS
BIO_snprintf(buf[0], sizeof buf[0], "%s.attr", dbfile);
#else
@@ -1701,8 +1809,8 @@
int index_index(CA_DB *db)
{
if (!TXT_DB_create_index(db->db, DB_serial, NULL,
- LHASH_HASH_FN(index_serial_hash),
- LHASH_COMP_FN(index_serial_cmp))) {
+ LHASH_HASH_FN(index_serial),
+ LHASH_COMP_FN(index_serial))) {
BIO_printf(bio_err,
"error creating serial number index:(%ld,%ld,%ld)\n",
db->db->error, db->db->arg1, db->db->arg2);
@@ -1711,8 +1819,8 @@
if (db->attributes.unique_subject
&& !TXT_DB_create_index(db->db, DB_name, index_name_qual,
- LHASH_HASH_FN(index_name_hash),
- LHASH_COMP_FN(index_name_cmp))) {
+ LHASH_HASH_FN(index_name),
+ LHASH_COMP_FN(index_name))) {
BIO_printf(bio_err, "error creating name index:(%ld,%ld,%ld)\n",
db->db->error, db->db->arg1, db->db->arg2);
return 0;
@@ -1788,7 +1896,6 @@
{
char buf[5][BSIZE];
int i, j;
- struct stat sb;
i = strlen(dbfile) + strlen(old_suffix);
j = strlen(dbfile) + strlen(new_suffix);
@@ -1823,24 +1930,17 @@
#else
j = BIO_snprintf(buf[3], sizeof buf[3], "%s-attr-%s", dbfile, old_suffix);
#endif
- if (stat(dbfile, &sb) < 0) {
- if (errno != ENOENT
+#ifdef RL_DEBUG
+ BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n", dbfile, buf[1]);
+#endif
+ if (rename(dbfile, buf[1]) < 0 && errno != ENOENT
#ifdef ENOTDIR
- && errno != ENOTDIR
+ && errno != ENOTDIR
#endif
- )
- goto err;
- } else {
-#ifdef RL_DEBUG
- BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
- dbfile, buf[1]);
-#endif
- if (rename(dbfile, buf[1]) < 0) {
- BIO_printf(bio_err,
- "unable to rename %s to %s\n", dbfile, buf[1]);
- perror("reason");
- goto err;
- }
+ ) {
+ BIO_printf(bio_err, "unable to rename %s to %s\n", dbfile, buf[1]);
+ perror("reason");
+ goto err;
}
#ifdef RL_DEBUG
BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n", buf[0], dbfile);
@@ -1851,26 +1951,19 @@
rename(buf[1], dbfile);
goto err;
}
- if (stat(buf[4], &sb) < 0) {
- if (errno != ENOENT
+#ifdef RL_DEBUG
+ BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n", buf[4], buf[3]);
+#endif
+ if (rename(buf[4], buf[3]) < 0 && errno != ENOENT
#ifdef ENOTDIR
- && errno != ENOTDIR
+ && errno != ENOTDIR
#endif
- )
- goto err;
- } else {
-#ifdef RL_DEBUG
- BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
- buf[4], buf[3]);
-#endif
- if (rename(buf[4], buf[3]) < 0) {
- BIO_printf(bio_err,
- "unable to rename %s to %s\n", buf[4], buf[3]);
- perror("reason");
- rename(dbfile, buf[0]);
- rename(buf[1], dbfile);
- goto err;
- }
+ ) {
+ BIO_printf(bio_err, "unable to rename %s to %s\n", buf[4], buf[3]);
+ perror("reason");
+ rename(dbfile, buf[0]);
+ rename(buf[1], dbfile);
+ goto err;
}
#ifdef RL_DEBUG
BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n", buf[2], buf[4]);
@@ -2056,45 +2149,6 @@
return NULL;
}
-/* This code MUST COME AFTER anything that uses rename() */
-#ifdef OPENSSL_SYS_WIN32
-int WIN32_rename(const char *from, const char *to)
-{
-# ifndef OPENSSL_SYS_WINCE
- /*
- * Windows rename gives an error if 'to' exists, so delete it first and
- * ignore file not found errror
- */
- if ((remove(to) != 0) && (errno != ENOENT))
- return -1;
-# undef rename
- return rename(from, to);
-# else
- /* convert strings to UNICODE */
- {
- BOOL result = FALSE;
- WCHAR *wfrom;
- WCHAR *wto;
- int i;
- wfrom = malloc((strlen(from) + 1) * 2);
- wto = malloc((strlen(to) + 1) * 2);
- if (wfrom != NULL && wto != NULL) {
- for (i = 0; i < (int)strlen(from) + 1; i++)
- wfrom[i] = (short)from[i];
- for (i = 0; i < (int)strlen(to) + 1; i++)
- wto[i] = (short)to[i];
- result = MoveFile(wfrom, wto);
- }
- if (wfrom != NULL)
- free(wfrom);
- if (wto != NULL)
- free(wto);
- return result;
- }
-# endif
-}
-#endif
-
int args_verify(char ***pargs, int *pargc,
int *badarg, BIO *err, X509_VERIFY_PARAM **pm)
{
@@ -2101,9 +2155,10 @@
ASN1_OBJECT *otmp = NULL;
unsigned long flags = 0;
int i;
- int purpose = 0;
+ int purpose = 0, depth = -1;
char **oldargs = *pargs;
char *arg = **pargs, *argn = (*pargs)[1];
+ time_t at_time = 0;
if (!strcmp(arg, "-policy")) {
if (!argn)
*badarg = 1;
@@ -2130,6 +2185,33 @@
}
}
(*pargs)++;
+ } else if (strcmp(arg, "-verify_depth") == 0) {
+ if (!argn)
+ *badarg = 1;
+ else {
+ depth = atoi(argn);
+ if (depth < 0) {
+ BIO_printf(err, "invalid depth\n");
+ *badarg = 1;
+ }
+ }
+ (*pargs)++;
+ } else if (strcmp(arg, "-attime") == 0) {
+ if (!argn)
+ *badarg = 1;
+ else {
+ long timestamp;
+ /*
+ * interpret the -attime argument as seconds since Epoch
+ */
+ if (sscanf(argn, "%li", ×tamp) != 1) {
+ BIO_printf(bio_err, "Error parsing timestamp %s\n", argn);
+ *badarg = 1;
+ }
+ /* on some platforms time_t may be a float */
+ at_time = (time_t)timestamp;
+ }
+ (*pargs)++;
} else if (!strcmp(arg, "-ignore_critical"))
flags |= X509_V_FLAG_IGNORE_CRITICAL;
else if (!strcmp(arg, "-issuer_checks"))
@@ -2142,12 +2224,22 @@
flags |= X509_V_FLAG_POLICY_CHECK;
else if (!strcmp(arg, "-explicit_policy"))
flags |= X509_V_FLAG_EXPLICIT_POLICY;
+ else if (!strcmp(arg, "-inhibit_any"))
+ flags |= X509_V_FLAG_INHIBIT_ANY;
+ else if (!strcmp(arg, "-inhibit_map"))
+ flags |= X509_V_FLAG_INHIBIT_MAP;
else if (!strcmp(arg, "-x509_strict"))
flags |= X509_V_FLAG_X509_STRICT;
+ else if (!strcmp(arg, "-extended_crl"))
+ flags |= X509_V_FLAG_EXTENDED_CRL_SUPPORT;
+ else if (!strcmp(arg, "-use_deltas"))
+ flags |= X509_V_FLAG_USE_DELTAS;
else if (!strcmp(arg, "-policy_print"))
flags |= X509_V_FLAG_NOTIFY_POLICY;
else if (!strcmp(arg, "-check_ss_sig"))
flags |= X509_V_FLAG_CHECK_SS_SIGNATURE;
+ else if (!strcmp(arg, "-no_alt_chains"))
+ flags |= X509_V_FLAG_NO_ALT_CHAINS;
else
return 0;
@@ -2171,6 +2263,12 @@
if (purpose)
X509_VERIFY_PARAM_set_purpose(*pm, purpose);
+ if (depth >= 0)
+ X509_VERIFY_PARAM_set_depth(*pm, depth);
+
+ if (at_time)
+ X509_VERIFY_PARAM_set_time(*pm, at_time);
+
end:
(*pargs)++;
@@ -2182,6 +2280,59 @@
}
+/*
+ * Read whole contents of a BIO into an allocated memory buffer and return
+ * it.
+ */
+
+int bio_to_mem(unsigned char **out, int maxlen, BIO *in)
+{
+ BIO *mem;
+ int len, ret;
+ unsigned char tbuf[1024];
+ mem = BIO_new(BIO_s_mem());
+ if (!mem)
+ return -1;
+ for (;;) {
+ if ((maxlen != -1) && maxlen < 1024)
+ len = maxlen;
+ else
+ len = 1024;
+ len = BIO_read(in, tbuf, len);
+ if (len <= 0)
+ break;
+ if (BIO_write(mem, tbuf, len) != len) {
+ BIO_free(mem);
+ return -1;
+ }
+ maxlen -= len;
+
+ if (maxlen == 0)
+ break;
+ }
+ ret = BIO_get_mem_data(mem, (char **)out);
+ BIO_set_flags(mem, BIO_FLAGS_MEM_RDONLY);
+ BIO_free(mem);
+ return ret;
+}
+
+int pkey_ctrl_string(EVP_PKEY_CTX *ctx, char *value)
+{
+ int rv;
+ char *stmp, *vtmp = NULL;
+ stmp = BUF_strdup(value);
+ if (!stmp)
+ return -1;
+ vtmp = strchr(stmp, ':');
+ if (vtmp) {
+ *vtmp = 0;
+ vtmp++;
+ }
+ rv = EVP_PKEY_CTX_ctrl_str(ctx, stmp, vtmp);
+ OPENSSL_free(stmp);
+ return rv;
+}
+
static void nodes_print(BIO *out, const char *name,
STACK_OF(X509_POLICY_NODE) *nodes)
{
@@ -2219,7 +2370,7 @@
BIO_free(out);
}
-#ifndef OPENSSL_NO_JPAKE
+#if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK)
static JPAKE_CTX *jpake_init(const char *us, const char *them,
const char *secret)
@@ -2399,17 +2550,14 @@
jpake_send_step3a(bconn, ctx);
jpake_receive_step3b(ctx, bconn);
- /*
- * The problem is that you must use the derived key in the
- * session key or you are subject to man-in-the-middle
- * attacks.
- */
- BIO_puts(out, "JPAKE authentication succeeded (N.B. This version can"
- " be MitMed. See the version in HEAD for how to do it"
- " properly)\n");
+ BIO_puts(out, "JPAKE authentication succeeded, setting PSK\n");
+ psk_key = BN_bn2hex(JPAKE_get_shared_key(ctx));
+
BIO_pop(bconn);
BIO_free(bconn);
+
+ JPAKE_CTX_free(ctx);
}
void jpake_server_auth(BIO *out, BIO *conn, const char *secret)
@@ -2431,17 +2579,399 @@
jpake_receive_step3a(ctx, bconn);
jpake_send_step3b(bconn, ctx);
- /*
- * The problem is that you must use the derived key in the
- * session key or you are subject to man-in-the-middle
- * attacks.
- */
- BIO_puts(out, "JPAKE authentication succeeded (N.B. This version can"
- " be MitMed. See the version in HEAD for how to do it"
- " properly)\n");
+ BIO_puts(out, "JPAKE authentication succeeded, setting PSK\n");
+ psk_key = BN_bn2hex(JPAKE_get_shared_key(ctx));
+
BIO_pop(bconn);
BIO_free(bconn);
+
+ JPAKE_CTX_free(ctx);
}
#endif
+
+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
+/*-
+ * next_protos_parse parses a comma separated list of strings into a string
+ * in a format suitable for passing to SSL_CTX_set_next_protos_advertised.
+ * outlen: (output) set to the length of the resulting buffer on success.
+ * err: (maybe NULL) on failure, an error message line is written to this BIO.
+ * in: a NUL termianted string like "abc,def,ghi"
+ *
+ * returns: a malloced buffer or NULL on failure.
+ */
+unsigned char *next_protos_parse(unsigned short *outlen, const char *in)
+{
+ size_t len;
+ unsigned char *out;
+ size_t i, start = 0;
+
+ len = strlen(in);
+ if (len >= 65535)
+ return NULL;
+
+ out = OPENSSL_malloc(strlen(in) + 1);
+ if (!out)
+ return NULL;
+
+ for (i = 0; i <= len; ++i) {
+ if (i == len || in[i] == ',') {
+ if (i - start > 255) {
+ OPENSSL_free(out);
+ return NULL;
+ }
+ out[start] = i - start;
+ start = i + 1;
+ } else
+ out[i + 1] = in[i];
+ }
+
+ *outlen = len + 1;
+ return out;
+}
+#endif /* !OPENSSL_NO_TLSEXT &&
+ * !OPENSSL_NO_NEXTPROTONEG */
+
+/*
+ * Platform-specific sections
+ */
+#if defined(_WIN32)
+# ifdef fileno
+# undef fileno
+# define fileno(a) (int)_fileno(a)
+# endif
+
+# include <windows.h>
+# include <tchar.h>
+
+static int WIN32_rename(const char *from, const char *to)
+{
+ TCHAR *tfrom = NULL, *tto;
+ DWORD err;
+ int ret = 0;
+
+ if (sizeof(TCHAR) == 1) {
+ tfrom = (TCHAR *)from;
+ tto = (TCHAR *)to;
+ } else { /* UNICODE path */
+
+ size_t i, flen = strlen(from) + 1, tlen = strlen(to) + 1;
+ tfrom = (TCHAR *)malloc(sizeof(TCHAR) * (flen + tlen));
+ if (tfrom == NULL)
+ goto err;
+ tto = tfrom + flen;
+# if !defined(_WIN32_WCE) || _WIN32_WCE>=101
+ if (!MultiByteToWideChar(CP_ACP, 0, from, flen, (WCHAR *)tfrom, flen))
+# endif
+ for (i = 0; i < flen; i++)
+ tfrom[i] = (TCHAR)from[i];
+# if !defined(_WIN32_WCE) || _WIN32_WCE>=101
+ if (!MultiByteToWideChar(CP_ACP, 0, to, tlen, (WCHAR *)tto, tlen))
+# endif
+ for (i = 0; i < tlen; i++)
+ tto[i] = (TCHAR)to[i];
+ }
+
+ if (MoveFile(tfrom, tto))
+ goto ok;
+ err = GetLastError();
+ if (err == ERROR_ALREADY_EXISTS || err == ERROR_FILE_EXISTS) {
+ if (DeleteFile(tto) && MoveFile(tfrom, tto))
+ goto ok;
+ err = GetLastError();
+ }
+ if (err == ERROR_FILE_NOT_FOUND || err == ERROR_PATH_NOT_FOUND)
+ errno = ENOENT;
+ else if (err == ERROR_ACCESS_DENIED)
+ errno = EACCES;
+ else
+ errno = EINVAL; /* we could map more codes... */
+ err:
+ ret = -1;
+ ok:
+ if (tfrom != NULL && tfrom != (TCHAR *)from)
+ free(tfrom);
+ return ret;
+}
+#endif
+
+/* app_tminterval section */
+#if defined(_WIN32)
+double app_tminterval(int stop, int usertime)
+{
+ FILETIME now;
+ double ret = 0;
+ static ULARGE_INTEGER tmstart;
+ static int warning = 1;
+# ifdef _WIN32_WINNT
+ static HANDLE proc = NULL;
+
+ if (proc == NULL) {
+ if (check_winnt())
+ proc = OpenProcess(PROCESS_QUERY_INFORMATION, FALSE,
+ GetCurrentProcessId());
+ if (proc == NULL)
+ proc = (HANDLE) - 1;
+ }
+
+ if (usertime && proc != (HANDLE) - 1) {
+ FILETIME junk;
+ GetProcessTimes(proc, &junk, &junk, &junk, &now);
+ } else
+# endif
+ {
+ SYSTEMTIME systime;
+
+ if (usertime && warning) {
+ BIO_printf(bio_err, "To get meaningful results, run "
+ "this program on idle system.\n");
+ warning = 0;
+ }
+ GetSystemTime(&systime);
+ SystemTimeToFileTime(&systime, &now);
+ }
+
+ if (stop == TM_START) {
+ tmstart.u.LowPart = now.dwLowDateTime;
+ tmstart.u.HighPart = now.dwHighDateTime;
+ } else {
+ ULARGE_INTEGER tmstop;
+
+ tmstop.u.LowPart = now.dwLowDateTime;
+ tmstop.u.HighPart = now.dwHighDateTime;
+
+ ret = (__int64)(tmstop.QuadPart - tmstart.QuadPart) * 1e-7;
+ }
+
+ return (ret);
+}
+
+#elif defined(OPENSSL_SYS_NETWARE)
+# include <time.h>
+
+double app_tminterval(int stop, int usertime)
+{
+ double ret = 0;
+ static clock_t tmstart;
+ static int warning = 1;
+
+ if (usertime && warning) {
+ BIO_printf(bio_err, "To get meaningful results, run "
+ "this program on idle system.\n");
+ warning = 0;
+ }
+
+ if (stop == TM_START)
+ tmstart = clock();
+ else
+ ret = (clock() - tmstart) / (double)CLOCKS_PER_SEC;
+
+ return (ret);
+}
+
+#elif defined(OPENSSL_SYSTEM_VXWORKS)
+# include <time.h>
+
+double app_tminterval(int stop, int usertime)
+{
+ double ret = 0;
+# ifdef CLOCK_REALTIME
+ static struct timespec tmstart;
+ struct timespec now;
+# else
+ static unsigned long tmstart;
+ unsigned long now;
+# endif
+ static int warning = 1;
+
+ if (usertime && warning) {
+ BIO_printf(bio_err, "To get meaningful results, run "
+ "this program on idle system.\n");
+ warning = 0;
+ }
+# ifdef CLOCK_REALTIME
+ clock_gettime(CLOCK_REALTIME, &now);
+ if (stop == TM_START)
+ tmstart = now;
+ else
+ ret = ((now.tv_sec + now.tv_nsec * 1e-9)
+ - (tmstart.tv_sec + tmstart.tv_nsec * 1e-9));
+# else
+ now = tickGet();
+ if (stop == TM_START)
+ tmstart = now;
+ else
+ ret = (now - tmstart) / (double)sysClkRateGet();
+# endif
+ return (ret);
+}
+
+#elif defined(OPENSSL_SYSTEM_VMS)
+# include <time.h>
+# include <times.h>
+
+double app_tminterval(int stop, int usertime)
+{
+ static clock_t tmstart;
+ double ret = 0;
+ clock_t now;
+# ifdef __TMS
+ struct tms rus;
+
+ now = times(&rus);
+ if (usertime)
+ now = rus.tms_utime;
+# else
+ if (usertime)
+ now = clock(); /* sum of user and kernel times */
+ else {
+ struct timeval tv;
+ gettimeofday(&tv, NULL);
+ now = (clock_t)((unsigned long long)tv.tv_sec * CLK_TCK +
+ (unsigned long long)tv.tv_usec * (1000000 / CLK_TCK)
+ );
+ }
+# endif
+ if (stop == TM_START)
+ tmstart = now;
+ else
+ ret = (now - tmstart) / (double)(CLK_TCK);
+
+ return (ret);
+}
+
+#elif defined(_SC_CLK_TCK) /* by means of unistd.h */
+# include <sys/times.h>
+
+double app_tminterval(int stop, int usertime)
+{
+ double ret = 0;
+ struct tms rus;
+ clock_t now = times(&rus);
+ static clock_t tmstart;
+
+ if (usertime)
+ now = rus.tms_utime;
+
+ if (stop == TM_START)
+ tmstart = now;
+ else {
+ long int tck = sysconf(_SC_CLK_TCK);
+ ret = (now - tmstart) / (double)tck;
+ }
+
+ return (ret);
+}
+
+#else
+# include <sys/time.h>
+# include <sys/resource.h>
+
+double app_tminterval(int stop, int usertime)
+{
+ double ret = 0;
+ struct rusage rus;
+ struct timeval now;
+ static struct timeval tmstart;
+
+ if (usertime)
+ getrusage(RUSAGE_SELF, &rus), now = rus.ru_utime;
+ else
+ gettimeofday(&now, NULL);
+
+ if (stop == TM_START)
+ tmstart = now;
+ else
+ ret = ((now.tv_sec + now.tv_usec * 1e-6)
+ - (tmstart.tv_sec + tmstart.tv_usec * 1e-6));
+
+ return ret;
+}
+#endif
+
+/* app_isdir section */
+#ifdef _WIN32
+int app_isdir(const char *name)
+{
+ HANDLE hList;
+ WIN32_FIND_DATA FileData;
+# if defined(UNICODE) || defined(_UNICODE)
+ size_t i, len_0 = strlen(name) + 1;
+
+ if (len_0 > sizeof(FileData.cFileName) / sizeof(FileData.cFileName[0]))
+ return -1;
+
+# if !defined(_WIN32_WCE) || _WIN32_WCE>=101
+ if (!MultiByteToWideChar
+ (CP_ACP, 0, name, len_0, FileData.cFileName, len_0))
+# endif
+ for (i = 0; i < len_0; i++)
+ FileData.cFileName[i] = (WCHAR)name[i];
+
+ hList = FindFirstFile(FileData.cFileName, &FileData);
+# else
+ hList = FindFirstFile(name, &FileData);
+# endif
+ if (hList == INVALID_HANDLE_VALUE)
+ return -1;
+ FindClose(hList);
+ return ((FileData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) != 0);
+}
+#else
+# include <sys/stat.h>
+# ifndef S_ISDIR
+# if defined(_S_IFMT) && defined(_S_IFDIR)
+# define S_ISDIR(a) (((a) & _S_IFMT) == _S_IFDIR)
+# else
+# define S_ISDIR(a) (((a) & S_IFMT) == S_IFDIR)
+# endif
+# endif
+
+int app_isdir(const char *name)
+{
+# if defined(S_ISDIR)
+ struct stat st;
+
+ if (stat(name, &st) == 0)
+ return S_ISDIR(st.st_mode);
+ else
+ return -1;
+# else
+ return -1;
+# endif
+}
+#endif
+
+/* raw_read|write section */
+#if defined(_WIN32) && defined(STD_INPUT_HANDLE)
+int raw_read_stdin(void *buf, int siz)
+{
+ DWORD n;
+ if (ReadFile(GetStdHandle(STD_INPUT_HANDLE), buf, siz, &n, NULL))
+ return (n);
+ else
+ return (-1);
+}
+#else
+int raw_read_stdin(void *buf, int siz)
+{
+ return read(fileno(stdin), buf, siz);
+}
+#endif
+
+#if defined(_WIN32) && defined(STD_OUTPUT_HANDLE)
+int raw_write_stdout(const void *buf, int siz)
+{
+ DWORD n;
+ if (WriteFile(GetStdHandle(STD_OUTPUT_HANDLE), buf, siz, &n, NULL))
+ return (n);
+ else
+ return (-1);
+}
+#else
+int raw_write_stdout(const void *buf, int siz)
+{
+ return write(fileno(stdout), buf, siz);
+}
+#endif
Modified: trunk/crypto/openssl/apps/apps.h
===================================================================
--- trunk/crypto/openssl/apps/apps.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/apps/apps.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -138,11 +138,6 @@
* (see e_os.h). The string is
* destroyed! */
-# ifdef OPENSSL_SYS_WIN32
-# define rename(from,to) WIN32_rename((from),(to))
-int WIN32_rename(const char *oldname, const char *newname);
-# endif
-
# ifndef MONOLITH
# define MAIN(a,v) main(a,v)
@@ -150,11 +145,9 @@
# ifndef NON_MAIN
CONF *config = NULL;
BIO *bio_err = NULL;
-int in_FIPS_mode = 0;
# else
extern CONF *config;
extern BIO *bio_err;
-extern int in_FIPS_mode;
# endif
# else
@@ -163,7 +156,6 @@
extern CONF *config;
extern char *default_config_file;
extern BIO *bio_err;
-extern int in_FIPS_mode;
# endif
@@ -177,6 +169,12 @@
# define do_pipe_sig()
# endif
+# ifdef OPENSSL_NO_COMP
+# define zlib_cleanup()
+# else
+# define zlib_cleanup() COMP_zlib_cleanup()
+# endif
+
# if defined(MONOLITH) && !defined(OPENSSL_C)
# define apps_startup() \
do_pipe_sig()
@@ -183,55 +181,27 @@
# define apps_shutdown()
# else
# ifndef OPENSSL_NO_ENGINE
-# if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WIN16) || \
- defined(OPENSSL_SYS_WIN32)
-# ifdef _O_BINARY
-# define apps_startup() \
- do { _fmode=_O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \
+# define apps_startup() \
+ do { do_pipe_sig(); CRYPTO_malloc_init(); \
ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \
ENGINE_load_builtin_engines(); setup_ui_method(); } while(0)
-# else
-# define apps_startup() \
- do { _fmode=O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \
- ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \
- ENGINE_load_builtin_engines(); setup_ui_method(); } while(0)
-# endif
-# else
-# define apps_startup() \
- do { do_pipe_sig(); OpenSSL_add_all_algorithms(); \
- ERR_load_crypto_strings(); ENGINE_load_builtin_engines(); \
- setup_ui_method(); } while(0)
-# endif
# define apps_shutdown() \
do { CONF_modules_unload(1); destroy_ui_method(); \
- EVP_cleanup(); ENGINE_cleanup(); \
- CRYPTO_cleanup_all_ex_data(); ERR_remove_state(0); \
- ERR_free_strings(); } while(0)
+ OBJ_cleanup(); EVP_cleanup(); ENGINE_cleanup(); \
+ CRYPTO_cleanup_all_ex_data(); ERR_remove_thread_state(NULL); \
+ RAND_cleanup(); \
+ ERR_free_strings(); zlib_cleanup();} while(0)
# else
-# if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WIN16) || \
- defined(OPENSSL_SYS_WIN32)
-# ifdef _O_BINARY
-# define apps_startup() \
- do { _fmode=_O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \
+# define apps_startup() \
+ do { do_pipe_sig(); CRYPTO_malloc_init(); \
ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \
setup_ui_method(); } while(0)
-# else
-# define apps_startup() \
- do { _fmode=O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \
- ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \
- setup_ui_method(); } while(0)
-# endif
-# else
-# define apps_startup() \
- do { do_pipe_sig(); OpenSSL_add_all_algorithms(); \
- ERR_load_crypto_strings(); \
- setup_ui_method(); } while(0)
-# endif
# define apps_shutdown() \
do { CONF_modules_unload(1); destroy_ui_method(); \
- EVP_cleanup(); \
- CRYPTO_cleanup_all_ex_data(); ERR_remove_state(0); \
- ERR_free_strings(); } while(0)
+ OBJ_cleanup(); EVP_cleanup(); \
+ CRYPTO_cleanup_all_ex_data(); ERR_remove_thread_state(NULL); \
+ RAND_cleanup(); \
+ ERR_free_strings(); zlib_cleanup(); } while(0)
# endif
# endif
@@ -282,6 +252,9 @@
STACK_OF(X509) *load_certs(BIO *err, const char *file, int format,
const char *pass, ENGINE *e,
const char *cert_descrip);
+STACK_OF(X509_CRL) *load_crls(BIO *err, const char *file, int format,
+ const char *pass, ENGINE *e,
+ const char *cert_descrip);
X509_STORE *setup_verify(BIO *bp, char *CAfile, char *CApath);
# ifndef OPENSSL_NO_ENGINE
ENGINE *setup_engine(BIO *err, const char *engine, int debug);
@@ -290,7 +263,8 @@
# ifndef OPENSSL_NO_OCSP
OCSP_RESPONSE *process_responder(BIO *err, OCSP_REQUEST *req,
char *host, char *path, char *port,
- int use_ssl, int req_timeout);
+ int use_ssl, STACK_OF(CONF_VALUE) *headers,
+ int req_timeout);
# endif
int load_config(BIO *err, CONF *cnf);
@@ -332,7 +306,10 @@
int rotate_index(const char *dbfile, const char *new_suffix,
const char *old_suffix);
void free_index(CA_DB *db);
-int index_name_cmp(const char **a, const char **b);
+# define index_name_cmp_noconst(a, b) \
+ index_name_cmp((const OPENSSL_CSTRING *)CHECKED_PTR_OF(OPENSSL_STRING, a), \
+ (const OPENSSL_CSTRING *)CHECKED_PTR_OF(OPENSSL_STRING, b))
+int index_name_cmp(const OPENSSL_CSTRING *a, const OPENSSL_CSTRING *b);
int parse_yesno(const char *str, int def);
X509_NAME *parse_name(char *str, long chtype, int multirdn);
@@ -339,11 +316,29 @@
int args_verify(char ***pargs, int *pargc,
int *badarg, BIO *err, X509_VERIFY_PARAM **pm);
void policies_print(BIO *out, X509_STORE_CTX *ctx);
+int bio_to_mem(unsigned char **out, int maxlen, BIO *in);
+int pkey_ctrl_string(EVP_PKEY_CTX *ctx, char *value);
+int init_gen_str(BIO *err, EVP_PKEY_CTX **pctx,
+ const char *algname, ENGINE *e, int do_param);
+int do_X509_sign(BIO *err, X509 *x, EVP_PKEY *pkey, const EVP_MD *md,
+ STACK_OF(OPENSSL_STRING) *sigopts);
+int do_X509_REQ_sign(BIO *err, X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md,
+ STACK_OF(OPENSSL_STRING) *sigopts);
+int do_X509_CRL_sign(BIO *err, X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md,
+ STACK_OF(OPENSSL_STRING) *sigopts);
+# ifndef OPENSSL_NO_PSK
+extern char *psk_key;
+# endif
# ifndef OPENSSL_NO_JPAKE
void jpake_client_auth(BIO *out, BIO *conn, const char *secret);
void jpake_server_auth(BIO *out, BIO *conn, const char *secret);
# endif
+# if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
+unsigned char *next_protos_parse(unsigned short *outlen, const char *in);
+# endif /* !OPENSSL_NO_TLSEXT &&
+ * !OPENSSL_NO_NEXTPROTONEG */
+
# define FORMAT_UNDEF 0
# define FORMAT_ASN1 1
# define FORMAT_TEXT 2
@@ -354,6 +349,10 @@
# define FORMAT_ENGINE 7
# define FORMAT_IISSGC 8 /* XXX this stupid macro helps us to avoid
* adding yet another param to load_*key() */
+# define FORMAT_PEMRSA 9 /* PEM RSAPubicKey format */
+# define FORMAT_ASN1RSA 10 /* DER RSAPubicKey format */
+# define FORMAT_MSBLOB 11 /* MS Key blob format */
+# define FORMAT_PVK 12 /* MS PVK file format */
# define EXT_COPY_NONE 0
# define EXT_COPY_ADD 1
@@ -365,4 +364,14 @@
# define SERIAL_RAND_BITS 64
+int app_isdir(const char *);
+int raw_read_stdin(void *, int);
+int raw_write_stdout(const void *, int);
+
+# define TM_START 0
+# define TM_STOP 1
+double app_tminterval(int stop, int usertime);
+
+# define OPENSSL_NO_SSL_INTERN
+
#endif
Modified: trunk/crypto/openssl/apps/asn1pars.c
===================================================================
--- trunk/crypto/openssl/apps/asn1pars.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/apps/asn1pars.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -98,7 +98,7 @@
unsigned char *tmpbuf;
const unsigned char *ctmpbuf;
BUF_MEM *buf = NULL;
- STACK *osk = NULL;
+ STACK_OF(OPENSSL_STRING) *osk = NULL;
ASN1_TYPE *at = NULL;
informat = FORMAT_PEM;
@@ -115,7 +115,7 @@
prog = argv[0];
argc--;
argv++;
- if ((osk = sk_new_null()) == NULL) {
+ if ((osk = sk_OPENSSL_STRING_new_null()) == NULL) {
BIO_printf(bio_err, "Memory allocation failure\n");
goto end;
}
@@ -161,7 +161,7 @@
} else if (strcmp(*argv, "-strparse") == 0) {
if (--argc < 1)
goto bad;
- sk_push(osk, *(++argv));
+ sk_OPENSSL_STRING_push(osk, *(++argv));
} else if (strcmp(*argv, "-genstr") == 0) {
if (--argc < 1)
goto bad;
@@ -288,16 +288,16 @@
/* If any structs to parse go through in sequence */
- if (sk_num(osk)) {
+ if (sk_OPENSSL_STRING_num(osk)) {
tmpbuf = (unsigned char *)str;
tmplen = num;
- for (i = 0; i < sk_num(osk); i++) {
+ for (i = 0; i < sk_OPENSSL_STRING_num(osk); i++) {
ASN1_TYPE *atmp;
int typ;
- j = atoi(sk_value(osk, i));
+ j = atoi(sk_OPENSSL_STRING_value(osk, i));
if (j == 0) {
BIO_printf(bio_err, "'%s' is an invalid number\n",
- sk_value(osk, i));
+ sk_OPENSSL_STRING_value(osk, i));
continue;
}
tmpbuf += j;
@@ -365,7 +365,7 @@
if (at != NULL)
ASN1_TYPE_free(at);
if (osk != NULL)
- sk_free(osk);
+ sk_OPENSSL_STRING_free(osk);
OBJ_cleanup();
apps_shutdown();
OPENSSL_EXIT(ret);
@@ -375,7 +375,7 @@
{
CONF *cnf = NULL;
int len;
- long errline;
+ long errline = 0;
unsigned char *p;
ASN1_TYPE *atyp = NULL;
Modified: trunk/crypto/openssl/apps/ca.c
===================================================================
--- trunk/crypto/openssl/apps/ca.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/apps/ca.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -63,7 +63,6 @@
#include <string.h>
#include <ctype.h>
#include <sys/types.h>
-#include <sys/stat.h>
#include <openssl/conf.h>
#include <openssl/bio.h>
#include <openssl/err.h>
@@ -83,7 +82,7 @@
# else
# include <unixlib.h>
# endif
-# elif !defined(OPENSSL_SYS_VXWORKS) && !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_NETWARE) && !defined(__TANDEM)
+# elif !defined(OPENSSL_SYS_VXWORKS) && !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_NETWARE)
# include <sys/file.h>
# endif
#endif
@@ -198,23 +197,25 @@
static void lookup_fail(const char *name, const char *tag);
static int certify(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509,
- const EVP_MD *dgst, STACK_OF(CONF_VALUE) *policy,
- CA_DB *db, BIGNUM *serial, char *subj,
- unsigned long chtype, int multirdn, int email_dn,
- char *startdate, char *enddate, long days, int batch,
- char *ext_sect, CONF *conf, int verbose,
- unsigned long certopt, unsigned long nameopt,
+ const EVP_MD *dgst, STACK_OF(OPENSSL_STRING) *sigopts,
+ STACK_OF(CONF_VALUE) *policy, CA_DB *db,
+ BIGNUM *serial, char *subj, unsigned long chtype,
+ int multirdn, int email_dn, char *startdate, char *enddate,
+ long days, int batch, char *ext_sect, CONF *conf,
+ int verbose, unsigned long certopt, unsigned long nameopt,
int default_op, int ext_copy, int selfsign);
static int certify_cert(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509,
- const EVP_MD *dgst, STACK_OF(CONF_VALUE) *policy,
- CA_DB *db, BIGNUM *serial, char *subj,
- unsigned long chtype, int multirdn, int email_dn,
- char *startdate, char *enddate, long days, int batch,
- char *ext_sect, CONF *conf, int verbose,
- unsigned long certopt, unsigned long nameopt,
- int default_op, int ext_copy, ENGINE *e);
+ const EVP_MD *dgst, STACK_OF(OPENSSL_STRING) *sigopts,
+ STACK_OF(CONF_VALUE) *policy, CA_DB *db,
+ BIGNUM *serial, char *subj, unsigned long chtype,
+ int multirdn, int email_dn, char *startdate,
+ char *enddate, long days, int batch, char *ext_sect,
+ CONF *conf, int verbose, unsigned long certopt,
+ unsigned long nameopt, int default_op, int ext_copy,
+ ENGINE *e);
static int certify_spkac(X509 **xret, char *infile, EVP_PKEY *pkey,
X509 *x509, const EVP_MD *dgst,
+ STACK_OF(OPENSSL_STRING) *sigopts,
STACK_OF(CONF_VALUE) *policy, CA_DB *db,
BIGNUM *serial, char *subj, unsigned long chtype,
int multirdn, int email_dn, char *startdate,
@@ -224,12 +225,12 @@
static void write_new_certificate(BIO *bp, X509 *x, int output_der,
int notext);
static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509,
- const EVP_MD *dgst, STACK_OF(CONF_VALUE) *policy,
- CA_DB *db, BIGNUM *serial, char *subj,
- unsigned long chtype, int multirdn, int email_dn,
- char *startdate, char *enddate, long days, int batch,
- int verbose, X509_REQ *req, char *ext_sect, CONF *conf,
- unsigned long certopt, unsigned long nameopt,
+ const EVP_MD *dgst, STACK_OF(OPENSSL_STRING) *sigopts,
+ STACK_OF(CONF_VALUE) *policy, CA_DB *db, BIGNUM *serial,
+ char *subj, unsigned long chtype, int multirdn,
+ int email_dn, char *startdate, char *enddate, long days,
+ int batch, int verbose, X509_REQ *req, char *ext_sect,
+ CONF *conf, unsigned long certopt, unsigned long nameopt,
int default_op, int ext_copy, int selfsign);
static int do_revoke(X509 *x509, CA_DB *db, int ext, char *extval);
static int get_certificate_status(const char *ser_status, CA_DB *db);
@@ -265,6 +266,7 @@
int doupdatedb = 0;
long crldays = 0;
long crlhours = 0;
+ long crlsec = 0;
long errorline = -1;
char *configfile = NULL;
char *md = NULL;
@@ -312,11 +314,13 @@
ASN1_TIME *tmptm;
ASN1_INTEGER *tmpser;
char *f;
- const char *p, **pp;
+ const char *p;
+ char *const *pp;
int i, j;
const EVP_MD *dgst = NULL;
STACK_OF(CONF_VALUE) *attribs = NULL;
STACK_OF(X509) *cert_sk = NULL;
+ STACK_OF(OPENSSL_STRING) *sigopts = NULL;
#undef BSIZE
#define BSIZE 256
MS_STATIC char buf[3][BSIZE];
@@ -424,6 +428,13 @@
if (--argc < 1)
goto bad;
outdir = *(++argv);
+ } else if (strcmp(*argv, "-sigopt") == 0) {
+ if (--argc < 1)
+ goto bad;
+ if (!sigopts)
+ sigopts = sk_OPENSSL_STRING_new_null();
+ if (!sigopts || !sk_OPENSSL_STRING_push(sigopts, *(++argv)))
+ goto bad;
} else if (strcmp(*argv, "-notext") == 0)
notext = 1;
else if (strcmp(*argv, "-batch") == 0)
@@ -444,6 +455,10 @@
if (--argc < 1)
goto bad;
crlhours = atol(*(++argv));
+ } else if (strcmp(*argv, "-crlsec") == 0) {
+ if (--argc < 1)
+ goto bad;
+ crlsec = atol(*(++argv));
} else if (strcmp(*argv, "-infiles") == 0) {
argc--;
argv++;
@@ -521,8 +536,10 @@
}
if (badops) {
- for (pp = ca_usage; (*pp != NULL); pp++)
- BIO_printf(bio_err, "%s", *pp);
+ const char **pp2;
+
+ for (pp2 = ca_usage; (*pp2 != NULL); pp2++)
+ BIO_printf(bio_err, "%s", *pp2);
goto err;
}
@@ -541,10 +558,18 @@
#ifdef OPENSSL_SYS_VMS
len = strlen(s) + sizeof(CONFIG_FILE);
tofree = OPENSSL_malloc(len);
+ if (!tofree) {
+ BIO_printf(bio_err, "Out of memory\n");
+ goto err;
+ }
strcpy(tofree, s);
#else
len = strlen(s) + sizeof(CONFIG_FILE) + 1;
tofree = OPENSSL_malloc(len);
+ if (!tofree) {
+ BIO_printf(bio_err, "Out of memory\n");
+ goto err;
+ }
BUF_strlcpy(tofree, s, len);
BUF_strlcat(tofree, "/", len);
#endif
@@ -642,7 +667,7 @@
ERR_clear_error();
#ifdef RL_DEBUG
if (!p)
- BIO_printf(bio_err, "DEBUG: unique_subject undefined\n", p);
+ BIO_printf(bio_err, "DEBUG: unique_subject undefined\n");
#endif
#ifdef RL_DEBUG
BIO_printf(bio_err, "DEBUG: configured unique_subject is %d\n",
@@ -772,7 +797,6 @@
/*****************************************************************/
/* lookup where to write new certificates */
if ((outdir == NULL) && (req)) {
- struct stat sb;
if ((outdir = NCONF_get_string(conf, section, ENV_NEW_CERTS_DIR))
== NULL) {
@@ -791,7 +815,12 @@
* routines to convert the directory syntax to Unixly, and give that
* to access(). However, time's too short to do that just now.
*/
- if (access(outdir, R_OK | W_OK | X_OK) != 0) {
+# ifndef _WIN32
+ if (access(outdir, R_OK | W_OK | X_OK) != 0)
+# else
+ if (_access(outdir, R_OK | W_OK | X_OK) != 0)
+# endif
+ {
BIO_printf(bio_err, "I am unable to access the %s directory\n",
outdir);
perror(outdir);
@@ -798,18 +827,11 @@
goto err;
}
- if (stat(outdir, &sb) != 0) {
- BIO_printf(bio_err, "unable to stat(%s)\n", outdir);
- perror(outdir);
- goto err;
- }
-# ifdef S_ISDIR
- if (!S_ISDIR(sb.st_mode)) {
+ if (app_isdir(outdir) <= 0) {
BIO_printf(bio_err, "%s need to be a directory\n", outdir);
perror(outdir);
goto err;
}
-# endif
#endif
}
@@ -824,8 +846,8 @@
goto err;
/* Lets check some fields */
- for (i = 0; i < sk_num(db->db->data); i++) {
- pp = (const char **)sk_value(db->db->data, i);
+ for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++) {
+ pp = sk_OPENSSL_PSTRING_value(db->db->data, i);
if ((pp[DB_type][0] != DB_TYPE_REV) && (pp[DB_rev_date][0] != '\0')) {
BIO_printf(bio_err,
"entry %d: not revoked yet, but has a revocation date\n",
@@ -837,7 +859,7 @@
BIO_printf(bio_err, " in entry %d\n", i + 1);
goto err;
}
- if (!check_time_format(pp[DB_exp_date])) {
+ if (!check_time_format((char *)pp[DB_exp_date])) {
BIO_printf(bio_err, "entry %d: invalid expiry date\n", i + 1);
goto err;
}
@@ -874,7 +896,7 @@
#endif
TXT_DB_write(out, db->db);
BIO_printf(bio_err, "%d entries loaded from the database\n",
- db->db->data->num);
+ sk_OPENSSL_PSTRING_num(db->db->data));
BIO_printf(bio_err, "generating index\n");
}
@@ -959,6 +981,15 @@
goto err;
}
+ if (!strcmp(md, "default")) {
+ int def_nid;
+ if (EVP_PKEY_get_default_digest_nid(pkey, &def_nid) <= 0) {
+ BIO_puts(bio_err, "no default digest\n");
+ goto err;
+ }
+ md = (char *)OBJ_nid2sn(def_nid);
+ }
+
if ((dgst = EVP_get_digestbyname(md)) == NULL) {
BIO_printf(bio_err, "%s is an unsupported message digest type\n", md);
goto err;
@@ -1022,9 +1053,9 @@
if (startdate == NULL)
ERR_clear_error();
}
- if (startdate && !ASN1_UTCTIME_set_string(NULL, startdate)) {
+ if (startdate && !ASN1_TIME_set_string(NULL, startdate)) {
BIO_printf(bio_err,
- "start date is invalid, it should be YYMMDDHHMMSSZ\n");
+ "start date is invalid, it should be YYMMDDHHMMSSZ or YYYYMMDDHHMMSSZ\n");
goto err;
}
if (startdate == NULL)
@@ -1035,9 +1066,9 @@
if (enddate == NULL)
ERR_clear_error();
}
- if (enddate && !ASN1_UTCTIME_set_string(NULL, enddate)) {
+ if (enddate && !ASN1_TIME_set_string(NULL, enddate)) {
BIO_printf(bio_err,
- "end date is invalid, it should be YYMMDDHHMMSSZ\n");
+ "end date is invalid, it should be YYMMDDHHMMSSZ or YYYYMMDDHHMMSSZ\n");
goto err;
}
@@ -1077,10 +1108,10 @@
}
if (spkac_file != NULL) {
total++;
- j = certify_spkac(&x, spkac_file, pkey, x509, dgst, attribs, db,
- serial, subj, chtype, multirdn, email_dn,
- startdate, enddate, days, extensions, conf,
- verbose, certopt, nameopt, default_op,
+ j = certify_spkac(&x, spkac_file, pkey, x509, dgst, sigopts,
+ attribs, db, serial, subj, chtype, multirdn,
+ email_dn, startdate, enddate, days, extensions,
+ conf, verbose, certopt, nameopt, default_op,
ext_copy);
if (j < 0)
goto err;
@@ -1101,7 +1132,8 @@
}
if (ss_cert_file != NULL) {
total++;
- j = certify_cert(&x, ss_cert_file, pkey, x509, dgst, attribs,
+ j = certify_cert(&x, ss_cert_file, pkey, x509, dgst, sigopts,
+ attribs,
db, serial, subj, chtype, multirdn, email_dn,
startdate, enddate, days, batch, extensions,
conf, verbose, certopt, nameopt, default_op,
@@ -1121,7 +1153,7 @@
}
if (infile != NULL) {
total++;
- j = certify(&x, infile, pkey, x509p, dgst, attribs, db,
+ j = certify(&x, infile, pkey, x509p, dgst, sigopts, attribs, db,
serial, subj, chtype, multirdn, email_dn, startdate,
enddate, days, batch, extensions, conf, verbose,
certopt, nameopt, default_op, ext_copy, selfsign);
@@ -1140,7 +1172,7 @@
}
for (i = 0; i < argc; i++) {
total++;
- j = certify(&x, argv[i], pkey, x509p, dgst, attribs, db,
+ j = certify(&x, argv[i], pkey, x509p, dgst, sigopts, attribs, db,
serial, subj, chtype, multirdn, email_dn, startdate,
enddate, days, batch, extensions, conf, verbose,
certopt, nameopt, default_op, ext_copy, selfsign);
@@ -1285,7 +1317,7 @@
goto err;
}
- if (!crldays && !crlhours) {
+ if (!crldays && !crlhours && !crlsec) {
if (!NCONF_get_number(conf, section,
ENV_DEFAULT_CRL_DAYS, &crldays))
crldays = 0;
@@ -1292,8 +1324,9 @@
if (!NCONF_get_number(conf, section,
ENV_DEFAULT_CRL_HOURS, &crlhours))
crlhours = 0;
+ ERR_clear_error();
}
- if ((crldays == 0) && (crlhours == 0)) {
+ if ((crldays == 0) && (crlhours == 0) && (crlsec == 0)) {
BIO_printf(bio_err,
"cannot lookup how long until the next CRL is issued\n");
goto err;
@@ -1311,13 +1344,17 @@
goto err;
X509_gmtime_adj(tmptm, 0);
X509_CRL_set_lastUpdate(crl, tmptm);
- X509_gmtime_adj(tmptm, (crldays * 24 + crlhours) * 60 * 60);
+ if (!X509_time_adj_ex(tmptm, crldays, crlhours * 60 * 60 + crlsec,
+ NULL)) {
+ BIO_puts(bio_err, "error setting CRL nextUpdate\n");
+ goto err;
+ }
X509_CRL_set_nextUpdate(crl, tmptm);
ASN1_TIME_free(tmptm);
- for (i = 0; i < sk_num(db->db->data); i++) {
- pp = (const char **)sk_value(db->db->data, i);
+ for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++) {
+ pp = sk_OPENSSL_PSTRING_value(db->db->data, i);
if (pp[DB_type][0] == DB_TYPE_REV) {
if ((r = X509_REVOKED_new()) == NULL)
goto err;
@@ -1347,15 +1384,6 @@
/* we now have a CRL */
if (verbose)
BIO_printf(bio_err, "signing CRL\n");
-#ifndef OPENSSL_NO_DSA
- if (pkey->type == EVP_PKEY_DSA)
- dgst = EVP_dss1();
- else
-#endif
-#ifndef OPENSSL_NO_ECDSA
- if (pkey->type == EVP_PKEY_EC)
- dgst = EVP_ecdsa();
-#endif
/* Add any extensions asked for */
@@ -1388,7 +1416,12 @@
if (!save_serial(crlnumberfile, "new", crlnumber, NULL))
goto err;
- if (!X509_CRL_sign(crl, pkey, dgst))
+ if (crlnumber) {
+ BN_free(crlnumber);
+ crlnumber = NULL;
+ }
+
+ if (!do_X509_CRL_sign(bio_err, crl, pkey, dgst, sigopts))
goto err;
PEM_write_bio_X509_CRL(Sout, crl);
@@ -1441,7 +1474,10 @@
if (free_key && key)
OPENSSL_free(key);
BN_free(serial);
+ BN_free(crlnumber);
free_index(db);
+ if (sigopts)
+ sk_OPENSSL_STRING_free(sigopts);
EVP_PKEY_free(pkey);
if (x509)
X509_free(x509);
@@ -1459,12 +1495,12 @@
}
static int certify(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509,
- const EVP_MD *dgst, STACK_OF(CONF_VALUE) *policy,
- CA_DB *db, BIGNUM *serial, char *subj,
- unsigned long chtype, int multirdn, int email_dn,
- char *startdate, char *enddate, long days, int batch,
- char *ext_sect, CONF *lconf, int verbose,
- unsigned long certopt, unsigned long nameopt,
+ const EVP_MD *dgst, STACK_OF(OPENSSL_STRING) *sigopts,
+ STACK_OF(CONF_VALUE) *policy, CA_DB *db,
+ BIGNUM *serial, char *subj, unsigned long chtype,
+ int multirdn, int email_dn, char *startdate, char *enddate,
+ long days, int batch, char *ext_sect, CONF *lconf,
+ int verbose, unsigned long certopt, unsigned long nameopt,
int default_op, int ext_copy, int selfsign)
{
X509_REQ *req = NULL;
@@ -1515,10 +1551,10 @@
} else
BIO_printf(bio_err, "Signature ok\n");
- ok = do_body(xret, pkey, x509, dgst, policy, db, serial, subj, chtype,
- multirdn, email_dn, startdate, enddate, days, batch, verbose,
- req, ext_sect, lconf, certopt, nameopt, default_op, ext_copy,
- selfsign);
+ ok = do_body(xret, pkey, x509, dgst, sigopts, policy, db, serial, subj,
+ chtype, multirdn, email_dn, startdate, enddate, days, batch,
+ verbose, req, ext_sect, lconf, certopt, nameopt, default_op,
+ ext_copy, selfsign);
err:
if (req != NULL)
@@ -1529,13 +1565,14 @@
}
static int certify_cert(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509,
- const EVP_MD *dgst, STACK_OF(CONF_VALUE) *policy,
- CA_DB *db, BIGNUM *serial, char *subj,
- unsigned long chtype, int multirdn, int email_dn,
- char *startdate, char *enddate, long days, int batch,
- char *ext_sect, CONF *lconf, int verbose,
- unsigned long certopt, unsigned long nameopt,
- int default_op, int ext_copy, ENGINE *e)
+ const EVP_MD *dgst, STACK_OF(OPENSSL_STRING) *sigopts,
+ STACK_OF(CONF_VALUE) *policy, CA_DB *db,
+ BIGNUM *serial, char *subj, unsigned long chtype,
+ int multirdn, int email_dn, char *startdate,
+ char *enddate, long days, int batch, char *ext_sect,
+ CONF *lconf, int verbose, unsigned long certopt,
+ unsigned long nameopt, int default_op, int ext_copy,
+ ENGINE *e)
{
X509 *req = NULL;
X509_REQ *rreq = NULL;
@@ -1571,9 +1608,9 @@
if ((rreq = X509_to_X509_REQ(req, NULL, EVP_md5())) == NULL)
goto err;
- ok = do_body(xret, pkey, x509, dgst, policy, db, serial, subj, chtype,
- multirdn, email_dn, startdate, enddate, days, batch, verbose,
- rreq, ext_sect, lconf, certopt, nameopt, default_op,
+ ok = do_body(xret, pkey, x509, dgst, sigopts, policy, db, serial, subj,
+ chtype, multirdn, email_dn, startdate, enddate, days, batch,
+ verbose, rreq, ext_sect, lconf, certopt, nameopt, default_op,
ext_copy, 0);
err:
@@ -1585,12 +1622,12 @@
}
static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509,
- const EVP_MD *dgst, STACK_OF(CONF_VALUE) *policy,
- CA_DB *db, BIGNUM *serial, char *subj,
- unsigned long chtype, int multirdn, int email_dn,
- char *startdate, char *enddate, long days, int batch,
- int verbose, X509_REQ *req, char *ext_sect, CONF *lconf,
- unsigned long certopt, unsigned long nameopt,
+ const EVP_MD *dgst, STACK_OF(OPENSSL_STRING) *sigopts,
+ STACK_OF(CONF_VALUE) *policy, CA_DB *db, BIGNUM *serial,
+ char *subj, unsigned long chtype, int multirdn,
+ int email_dn, char *startdate, char *enddate, long days,
+ int batch, int verbose, X509_REQ *req, char *ext_sect,
+ CONF *lconf, unsigned long certopt, unsigned long nameopt,
int default_op, int ext_copy, int selfsign)
{
X509_NAME *name = NULL, *CAname = NULL, *subject = NULL, *dn_subject =
@@ -1606,7 +1643,9 @@
int ok = -1, i, j, last, nid;
const char *p;
CONF_VALUE *cv;
- char *row[DB_NUMBER], **rrow = NULL, **irow = NULL;
+ OPENSSL_STRING row[DB_NUMBER];
+ OPENSSL_STRING *irow = NULL;
+ OPENSSL_STRING *rrow = NULL;
char buf[25];
tmptm = ASN1_UTCTIME_new();
@@ -1840,7 +1879,9 @@
}
if (db->attributes.unique_subject) {
- rrow = TXT_DB_get_by_index(db->db, DB_name, row);
+ OPENSSL_STRING *crow = row;
+
+ rrow = TXT_DB_get_by_index(db->db, DB_name, crow);
if (rrow != NULL) {
BIO_printf(bio_err,
"ERROR:There is already a certificate for %s\n",
@@ -1923,12 +1964,12 @@
if (strcmp(startdate, "today") == 0)
X509_gmtime_adj(X509_get_notBefore(ret), 0);
else
- ASN1_UTCTIME_set_string(X509_get_notBefore(ret), startdate);
+ ASN1_TIME_set_string(X509_get_notBefore(ret), startdate);
if (enddate == NULL)
- X509_gmtime_adj(X509_get_notAfter(ret), (long)60 * 60 * 24 * days);
+ X509_time_adj_ex(X509_get_notAfter(ret), days, 0, NULL);
else
- ASN1_UTCTIME_set_string(X509_get_notAfter(ret), enddate);
+ ASN1_TIME_set_string(X509_get_notAfter(ret), enddate);
if (!X509_set_subject_name(ret, subject))
goto err;
@@ -2046,26 +2087,14 @@
goto err;
}
}
-#ifndef OPENSSL_NO_DSA
- if (pkey->type == EVP_PKEY_DSA)
- dgst = EVP_dss1();
+
pktmp = X509_get_pubkey(ret);
if (EVP_PKEY_missing_parameters(pktmp) &&
!EVP_PKEY_missing_parameters(pkey))
EVP_PKEY_copy_parameters(pktmp, pkey);
EVP_PKEY_free(pktmp);
-#endif
-#ifndef OPENSSL_NO_ECDSA
- if (pkey->type == EVP_PKEY_EC)
- dgst = EVP_ecdsa();
- pktmp = X509_get_pubkey(ret);
- if (EVP_PKEY_missing_parameters(pktmp) &&
- !EVP_PKEY_missing_parameters(pkey))
- EVP_PKEY_copy_parameters(pktmp, pkey);
- EVP_PKEY_free(pktmp);
-#endif
- if (!X509_sign(ret, pkey, dgst))
+ if (!do_X509_sign(bio_err, ret, pkey, dgst, sigopts))
goto err;
/* We now just add it to the database */
@@ -2158,6 +2187,7 @@
static int certify_spkac(X509 **xret, char *infile, EVP_PKEY *pkey,
X509 *x509, const EVP_MD *dgst,
+ STACK_OF(OPENSSL_STRING) *sigopts,
STACK_OF(CONF_VALUE) *policy, CA_DB *db,
BIGNUM *serial, char *subj, unsigned long chtype,
int multirdn, int email_dn, char *startdate,
@@ -2166,7 +2196,7 @@
unsigned long nameopt, int default_op, int ext_copy)
{
STACK_OF(CONF_VALUE) *sk = NULL;
- LHASH *parms = NULL;
+ LHASH_OF(CONF_VALUE) *parms = NULL;
X509_REQ *req = NULL;
CONF_VALUE *cv = NULL;
NETSCAPE_SPKI *spki = NULL;
@@ -2280,10 +2310,10 @@
X509_REQ_set_pubkey(req, pktmp);
EVP_PKEY_free(pktmp);
- ok = do_body(xret, pkey, x509, dgst, policy, db, serial, subj, chtype,
- multirdn, email_dn, startdate, enddate, days, 1, verbose,
- req, ext_sect, lconf, certopt, nameopt, default_op, ext_copy,
- 0);
+ ok = do_body(xret, pkey, x509, dgst, sigopts, policy, db, serial, subj,
+ chtype, multirdn, email_dn, startdate, enddate, days, 1,
+ verbose, req, ext_sect, lconf, certopt, nameopt, default_op,
+ ext_copy, 0);
err:
if (req != NULL)
X509_REQ_free(req);
@@ -2299,15 +2329,7 @@
static int check_time_format(const char *str)
{
- ASN1_TIME tm;
-
- tm.data = (unsigned char *)str;
- tm.length = strlen(str);
- tm.type = V_ASN1_UTCTIME;
- if (ASN1_TIME_check(&tm))
- return 1;
- tm.type = V_ASN1_GENERALIZEDTIME;
- return ASN1_TIME_check(&tm);
+ return ASN1_TIME_set_string(NULL, str);
}
static int do_revoke(X509 *x509, CA_DB *db, int type, char *value)
@@ -2322,6 +2344,8 @@
row[i] = NULL;
row[DB_name] = X509_NAME_oneline(X509_get_subject_name(x509), NULL, 0);
bn = ASN1_INTEGER_to_BN(X509_get_serialNumber(x509), NULL);
+ if (!bn)
+ goto err;
if (BN_is_zero(bn))
row[DB_serial] = BUF_strdup("00");
else
@@ -2389,7 +2413,7 @@
goto err;
- } else if (index_name_cmp((const char **)row, (const char **)rrow)) {
+ } else if (index_name_cmp_noconst(row, rrow)) {
BIO_printf(bio_err, "ERROR:name does not match %s\n", row[DB_name]);
goto err;
} else if (rrow[DB_type][0] == 'R') {
@@ -2449,7 +2473,7 @@
/* Make it Upper Case */
for (i = 0; row[DB_serial][i] != '\0'; i++)
- row[DB_serial][i] = toupper(row[DB_serial][i]);
+ row[DB_serial][i] = toupper((unsigned char)row[DB_serial][i]);
ok = 1;
@@ -2513,8 +2537,8 @@
else
a_y2k = 0;
- for (i = 0; i < sk_num(db->db->data); i++) {
- rrow = (char **)sk_value(db->db->data, i);
+ for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++) {
+ rrow = sk_OPENSSL_PSTRING_value(db->db->data, i);
if (rrow[DB_type][0] == 'V') {
/* ignore entries that are not valid */
@@ -2753,24 +2777,14 @@
p = (char *)str->data;
for (j = str->length; j > 0; j--) {
-#ifdef CHARSET_EBCDIC
- if ((*p >= 0x20) && (*p <= 0x7e))
- BIO_printf(bp, "%c", os_toebcdic[*p]);
-#else
if ((*p >= ' ') && (*p <= '~'))
BIO_printf(bp, "%c", *p);
-#endif
else if (*p & 0x80)
BIO_printf(bp, "\\0x%02X", *p);
else if ((unsigned char)*p == 0xf7)
BIO_printf(bp, "^?");
-#ifdef CHARSET_EBCDIC
else
- BIO_printf(bp, "^%c", os_toebcdic[*p + 0x40]);
-#else
- else
BIO_printf(bp, "^%c", *p + '@');
-#endif
p++;
}
BIO_printf(bp, "'\n");
@@ -2789,6 +2803,11 @@
ASN1_GENERALIZEDTIME *comp_time = NULL;
tmp = BUF_strdup(str);
+ if (!tmp) {
+ BIO_printf(bio_err, "memory allocation failure\n");
+ goto err;
+ }
+
p = strchr(tmp, ',');
rtime_str = tmp;
@@ -2806,6 +2825,10 @@
if (prevtm) {
*prevtm = ASN1_UTCTIME_new();
+ if (!*prevtm) {
+ BIO_printf(bio_err, "memory allocation failure\n");
+ goto err;
+ }
if (!ASN1_UTCTIME_set_string(*prevtm, rtime_str)) {
BIO_printf(bio_err, "invalid revocation date %s\n", rtime_str);
goto err;
@@ -2846,6 +2869,10 @@
goto err;
}
comp_time = ASN1_GENERALIZEDTIME_new();
+ if (!comp_time) {
+ BIO_printf(bio_err, "memory allocation failure\n");
+ goto err;
+ }
if (!ASN1_GENERALIZEDTIME_set_string(comp_time, arg_str)) {
BIO_printf(bio_err, "invalid compromised time %s\n", arg_str);
goto err;
Modified: trunk/crypto/openssl/apps/ciphers.c
===================================================================
--- trunk/crypto/openssl/apps/ciphers.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/apps/ciphers.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -71,7 +71,8 @@
static const char *ciphers_usage[] = {
"usage: ciphers args\n",
- " -v - verbose mode, a textual listing of the ciphers in SSLeay\n",
+ " -v - verbose mode, a textual listing of the SSL/TLS ciphers in OpenSSL\n",
+ " -V - even more verbose\n",
" -ssl2 - SSL2 mode\n",
" -ssl3 - SSL3 mode\n",
" -tls1 - TLS1 mode\n",
@@ -83,7 +84,7 @@
int MAIN(int argc, char **argv)
{
int ret = 1, i;
- int verbose = 0;
+ int verbose = 0, Verbose = 0;
const char **pp;
const char *p;
int badops = 0;
@@ -90,18 +91,12 @@
SSL_CTX *ctx = NULL;
SSL *ssl = NULL;
char *ciphers = NULL;
- SSL_METHOD *meth = NULL;
+ const SSL_METHOD *meth = NULL;
STACK_OF(SSL_CIPHER) *sk;
char buf[512];
BIO *STDout = NULL;
-#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
meth = SSLv23_server_method();
-#elif !defined(OPENSSL_NO_SSL3)
- meth = SSLv3_server_method();
-#elif !defined(OPENSSL_NO_SSL2)
- meth = SSLv2_server_method();
-#endif
apps_startup();
@@ -114,6 +109,8 @@
STDout = BIO_push(tmpbio, STDout);
}
#endif
+ if (!load_config(bio_err, NULL))
+ goto end;
argc--;
argv++;
@@ -120,6 +117,8 @@
while (argc >= 1) {
if (strcmp(*argv, "-v") == 0)
verbose = 1;
+ else if (strcmp(*argv, "-V") == 0)
+ verbose = Verbose = 1;
#ifndef OPENSSL_NO_SSL2
else if (strcmp(*argv, "-ssl2") == 0)
meth = SSLv2_client_method();
@@ -173,13 +172,38 @@
BIO_printf(STDout, "%s", p);
}
BIO_printf(STDout, "\n");
- } else {
+ } else { /* verbose */
+
sk = SSL_get_ciphers(ssl);
for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) {
- BIO_puts(STDout,
- SSL_CIPHER_description(sk_SSL_CIPHER_value(sk, i), buf,
- sizeof buf));
+ SSL_CIPHER *c;
+
+ c = sk_SSL_CIPHER_value(sk, i);
+
+ if (Verbose) {
+ unsigned long id = SSL_CIPHER_get_id(c);
+ int id0 = (int)(id >> 24);
+ int id1 = (int)((id >> 16) & 0xffL);
+ int id2 = (int)((id >> 8) & 0xffL);
+ int id3 = (int)(id & 0xffL);
+
+ if ((id & 0xff000000L) == 0x02000000L) {
+ /* SSL2 cipher */
+ BIO_printf(STDout, " 0x%02X,0x%02X,0x%02X - ", id1,
+ id2, id3);
+ } else if ((id & 0xff000000L) == 0x03000000L) {
+ /* SSL3 cipher */
+ BIO_printf(STDout, " 0x%02X,0x%02X - ", id2,
+ id3);
+ } else {
+ /* whatever */
+ BIO_printf(STDout, "0x%02X,0x%02X,0x%02X,0x%02X - ", id0,
+ id1, id2, id3);
+ }
+ }
+
+ BIO_puts(STDout, SSL_CIPHER_description(c, buf, sizeof buf));
}
}
Modified: trunk/crypto/openssl/apps/client.pem
===================================================================
--- trunk/crypto/openssl/apps/client.pem 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/apps/client.pem 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,24 +1,52 @@
-issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
-subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Client test cert (512 bit)
+subject= C = UK, O = OpenSSL Group, OU = FOR TESTING PURPOSES ONLY, CN = Test Client Cert
+issuer= C = UK, O = OpenSSL Group, OU = FOR TESTING PURPOSES ONLY, CN = OpenSSL Test Intermediate CA
-----BEGIN CERTIFICATE-----
-MIIB6TCCAVICAQIwDQYJKoZIhvcNAQEEBQAwWzELMAkGA1UEBhMCQVUxEzARBgNV
-BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYD
-VQQDExJUZXN0IENBICgxMDI0IGJpdCkwHhcNOTcwNjA5MTM1NzU2WhcNOTgwNjA5
-MTM1NzU2WjBjMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEaMBgG
-A1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxIzAhBgNVBAMTGkNsaWVudCB0ZXN0IGNl
-cnQgKDUxMiBiaXQpMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALtv55QyzG6i2Plw
-Z1pah7++Gv8L5j6Hnyr/uTZE1NLG0ABDDexmq/R4KedLjFEIYjocDui+IXs62NNt
-XrT8odkCAwEAATANBgkqhkiG9w0BAQQFAAOBgQBwtMmI7oGUG8nKmftQssATViH5
-NRRtoEw07DxJp/LfatHdrhqQB73eGdL5WILZJXk46Xz2e9WMSUjVCSYhdKxtflU3
-UR2Ajv1Oo0sTNdfz0wDqJNirLNtzyhhsaq8qMTrLwXrCP31VxBiigFSQSUFnZyTE
-9TKwhS4GlwbtCfxSKQ==
+MIID5zCCAs+gAwIBAgIJALnu1NlVpZ6yMA0GCSqGSIb3DQEBBQUAMHAxCzAJBgNV
+BAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMSIwIAYDVQQLDBlGT1IgVEVT
+VElORyBQVVJQT1NFUyBPTkxZMSUwIwYDVQQDDBxPcGVuU1NMIFRlc3QgSW50ZXJt
+ZWRpYXRlIENBMB4XDTExMTIwODE0MDE0OFoXDTIxMTAxNjE0MDE0OFowZDELMAkG
+A1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAxIjAgBgNVBAsMGUZPUiBU
+RVNUSU5HIFBVUlBPU0VTIE9OTFkxGTAXBgNVBAMMEFRlc3QgQ2xpZW50IENlcnQw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0ranbHRLcLVqN+0BzcZpY
++yOLqxzDWT1LD9eW1stC4NzXX9/DCtSIVyN7YIHdGLrIPr64IDdXXaMRzgZ2rOKs
+lmHCAiFpO/ja99gGCJRxH0xwQatqAULfJVHeUhs7OEGOZc2nWifjqKvGfNTilP7D
+nwi69ipQFq9oS19FmhwVHk2wg7KZGHI1qDyG04UrfCZMRitvS9+UVhPpIPjuiBi2
+x3/FZIpL5gXJvvFK6xHY63oq2asyzBATntBgnP4qJFWWcvRx24wF1PnZabxuVoL2
+bPnQ/KvONDrw3IdqkKhYNTul7jEcu3OlcZIMw+7DiaKJLAzKb/bBF5gm/pwW6As9
+AgMBAAGjgY8wgYwwDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCBeAwLAYJYIZI
+AYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQW
+BBSZHKyLoTh7Mb409Zn/mK1ceSDAjDAfBgNVHSMEGDAWgBQ2w2yI55X+sL3szj49
+hqshgYfa2jANBgkqhkiG9w0BAQUFAAOCAQEAD0mL7PtPYgCEuDyOQSbLpeND5hVS
+curxQdGnrJ6Acrhodb7E9ccATokeb0PLx6HBLQUicxhTZIQ9FbO43YkQcOU6C3BB
+IlwskqmtN6+VmrQzNolHCDzvxNZs9lYL2VbGPGqVRyjZeHpoAlf9cQr8PgDb4d4b
+vUx2KAhHQvV2nkmYvKyXcgnRuHggumF87mkxidriGAEFwH4qfOqetUg64WyxP7P2
+QLipm04SyQa7ONtIApfVXgHcE42Py4/f4arzCzMjKe3VyhGkS7nsT55X/fWgTaRm
+CQPkO+H94P958WTvQDt77bQ+D3IvYaVvfil8n6HJMOJfFT0LJuSUbpSXJg==
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
-MIIBOwIBAAJBALtv55QyzG6i2PlwZ1pah7++Gv8L5j6Hnyr/uTZE1NLG0ABDDexm
-q/R4KedLjFEIYjocDui+IXs62NNtXrT8odkCAwEAAQJAbwXq0vJ/+uyEvsNgxLko
-/V86mGXQ/KrSkeKlL0r4ENxjcyeMAGoKu6J9yMY7+X9+Zm4nxShNfTsf/+Freoe1
-HQIhAPOSm5Q1YI+KIsII2GeVJx1U69+wnd71OasIPakS1L1XAiEAxQAW+J3/JWE0
-ftEYakbhUOKL8tD1OaFZS71/5GdG7E8CIQCefUMmySSvwd6kC0VlATSWbW+d+jp/
-nWmM1KvqnAo5uQIhALqEADu5U1Wvt8UN8UDGBRPQulHWNycuNV45d3nnskWPAiAw
-ueTyr6WsZ5+SD8g/Hy3xuvF3nPmJRH+rwvVihlcFOg==
+MIIEpQIBAAKCAQEAtK2p2x0S3C1ajftAc3GaWPsji6scw1k9Sw/XltbLQuDc11/f
+wwrUiFcje2CB3Ri6yD6+uCA3V12jEc4GdqzirJZhwgIhaTv42vfYBgiUcR9McEGr
+agFC3yVR3lIbOzhBjmXNp1on46irxnzU4pT+w58IuvYqUBavaEtfRZocFR5NsIOy
+mRhyNag8htOFK3wmTEYrb0vflFYT6SD47ogYtsd/xWSKS+YFyb7xSusR2Ot6Ktmr
+MswQE57QYJz+KiRVlnL0cduMBdT52Wm8blaC9mz50PyrzjQ68NyHapCoWDU7pe4x
+HLtzpXGSDMPuw4miiSwMym/2wReYJv6cFugLPQIDAQABAoIBAAZOyc9MhIwLSU4L
+p4RgQvM4UVVe8/Id+3XTZ8NsXExJbWxXfIhiqGjaIfL8u4vsgRjcl+v1s/jo2/iT
+KMab4o4D8gXD7UavQVDjtjb/ta79WL3SjRl2Uc9YjjMkyq6WmDNQeo2NKDdafCTB
+1uzSJtLNipB8Z53ELPuHJhxX9QMHrMnuha49riQgXZ7buP9iQrHJFhImBjSzbxJx
+L+TI6rkyLSf9Wi0Pd3L27Ob3QWNfNRYNSeTE+08eSRChkur5W0RuXAcuAICdQlCl
+LBvWO/LmmvbzCqiDcgy/TliSb6CGGwgiNG7LJZmlkYNj8laGwalNlYZs3UrVv6NO
+Br2loAECgYEA2kvCvPGj0Dg/6g7WhXDvAkEbcaL1tSeCxBbNH+6HS2UWMWvyTtCn
+/bbD519QIdkvayy1QjEf32GV/UjUVmlULMLBcDy0DGjtL3+XpIhLKWDNxN1v1/ai
+1oz23ZJCOgnk6K4qtFtlRS1XtynjA+rBetvYvLP9SKeFrnpzCgaA2r0CgYEA0+KX
+1ACXDTNH5ySX3kMjSS9xdINf+OOw4CvPHFwbtc9aqk2HePlEsBTz5I/W3rKwXva3
+NqZ/bRqVVeZB/hHKFywgdUQk2Uc5z/S7Lw70/w1HubNTXGU06Ngb6zOFAo/o/TwZ
+zTP1BMIKSOB6PAZPS3l+aLO4FRIRotfFhgRHOoECgYEAmiZbqt8cJaJDB/5YYDzC
+mp3tSk6gIb936Q6M5VqkMYp9pIKsxhk0N8aDCnTU+kIK6SzWBpr3/d9Ecmqmfyq7
+5SvWO3KyVf0WWK9KH0abhOm2BKm2HBQvI0DB5u8sUx2/hsvOnjPYDISbZ11t0MtK
+u35Zy89yMYcSsIYJjG/ROCUCgYEAgI2P9G5PNxEP5OtMwOsW84Y3Xat/hPAQFlI+
+HES+AzbFGWJkeT8zL2nm95tVkFP1sggZ7Kxjz3w7cpx7GX0NkbWSE9O+T51pNASV
+tN1sQ3p5M+/a+cnlqgfEGJVvc7iAcXQPa3LEi5h2yPR49QYXAgG6cifn3dDSpmwn
+SUI7PQECgYEApGCIIpSRPLAEHTGmP87RBL1smurhwmy2s/pghkvUkWehtxg0sGHh
+kuaqDWcskogv+QC0sVdytiLSz8G0DwcEcsHK1Fkyb8A+ayiw6jWJDo2m9+IF4Fww
+1Te6jFPYDESnbhq7+TLGgHGhtwcu5cnb4vSuYXGXKupZGzoLOBbv1Zw=
-----END RSA PRIVATE KEY-----
Modified: trunk/crypto/openssl/apps/cms.c
===================================================================
--- trunk/crypto/openssl/apps/cms.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/apps/cms.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -72,9 +72,9 @@
static int save_certs(char *signerfile, STACK_OF(X509) *signers);
static int cms_cb(int ok, X509_STORE_CTX *ctx);
static void receipt_request_print(BIO *out, CMS_ContentInfo *cms);
-static CMS_ReceiptRequest *make_receipt_request(STACK * rr_to,
- int rr_allorfirst,
- STACK * rr_from);
+static CMS_ReceiptRequest *make_receipt_request(STACK_OF(OPENSSL_STRING)
+ *rr_to, int rr_allorfirst, STACK_OF(OPENSSL_STRING)
+ *rr_from);
# define SMIME_OP 0x10
# define SMIME_IP 0x20
@@ -96,6 +96,8 @@
# define SMIME_SIGN_RECEIPT (15 | SMIME_IP | SMIME_OP)
# define SMIME_VERIFY_RECEIPT (16 | SMIME_IP)
+int verify_err = 0;
+
int MAIN(int, char **);
int MAIN(int argc, char **argv)
@@ -107,7 +109,7 @@
const char *inmode = "r", *outmode = "w";
char *infile = NULL, *outfile = NULL, *rctfile = NULL;
char *signerfile = NULL, *recipfile = NULL;
- STACK *sksigners = NULL, *skkeys = NULL;
+ STACK_OF(OPENSSL_STRING) *sksigners = NULL, *skkeys = NULL;
char *certfile = NULL, *keyfile = NULL, *contfile = NULL;
char *certsoutfile = NULL;
const EVP_CIPHER *cipher = NULL;
@@ -118,9 +120,10 @@
STACK_OF(X509) *encerts = NULL, *other = NULL;
BIO *in = NULL, *out = NULL, *indata = NULL, *rctin = NULL;
int badarg = 0;
- int flags = CMS_DETACHED;
+ int flags = CMS_DETACHED, noout = 0, print = 0;
+ int verify_retcode = 0;
int rr_print = 0, rr_allorfirst = -1;
- STACK *rr_to = NULL, *rr_from = NULL;
+ STACK_OF(OPENSSL_STRING) *rr_to = NULL, *rr_from = NULL;
CMS_ReceiptRequest *rr = NULL;
char *to = NULL, *from = NULL, *subject = NULL;
char *CAfile = NULL, *CApath = NULL;
@@ -134,6 +137,7 @@
char *engine = NULL;
# endif
unsigned char *secret_key = NULL, *secret_keyid = NULL;
+ unsigned char *pwri_pass = NULL, *pwri_tmp = NULL;
size_t secret_keylen = 0, secret_keyidlen = 0;
ASN1_OBJECT *econtent_type = NULL;
@@ -166,6 +170,8 @@
operation = SMIME_RESIGN;
else if (!strcmp(*args, "-verify"))
operation = SMIME_VERIFY;
+ else if (!strcmp(*args, "-verify_retcode"))
+ verify_retcode = 1;
else if (!strcmp(*args, "-verify_receipt")) {
operation = SMIME_VERIFY_RECEIPT;
if (!args[1])
@@ -251,18 +257,18 @@
flags |= CMS_NO_CONTENT_VERIFY;
else if (!strcmp(*args, "-no_attr_verify"))
flags |= CMS_NO_ATTR_VERIFY;
- else if (!strcmp(*args, "-stream")) {
- args++;
- continue;
- } else if (!strcmp(*args, "-indef")) {
- args++;
- continue;
- } else if (!strcmp(*args, "-noindef"))
+ else if (!strcmp(*args, "-stream"))
+ flags |= CMS_STREAM;
+ else if (!strcmp(*args, "-indef"))
+ flags |= CMS_STREAM;
+ else if (!strcmp(*args, "-noindef"))
flags &= ~CMS_STREAM;
else if (!strcmp(*args, "-nooldmime"))
flags |= CMS_NOOLDMIMETYPE;
else if (!strcmp(*args, "-crlfeol"))
flags |= CMS_CRLFEOL;
+ else if (!strcmp(*args, "-noout"))
+ noout = 1;
else if (!strcmp(*args, "-receipt_request_print"))
rr_print = 1;
else if (!strcmp(*args, "-receipt_request_all"))
@@ -274,15 +280,18 @@
goto argerr;
args++;
if (!rr_from)
- rr_from = sk_new_null();
- sk_push(rr_from, *args);
+ rr_from = sk_OPENSSL_STRING_new_null();
+ sk_OPENSSL_STRING_push(rr_from, *args);
} else if (!strcmp(*args, "-receipt_request_to")) {
if (!args[1])
goto argerr;
args++;
if (!rr_to)
- rr_to = sk_new_null();
- sk_push(rr_to, *args);
+ rr_to = sk_OPENSSL_STRING_new_null();
+ sk_OPENSSL_STRING_push(rr_to, *args);
+ } else if (!strcmp(*args, "-print")) {
+ noout = 1;
+ print = 1;
} else if (!strcmp(*args, "-secretkey")) {
long ltmp;
if (!args[1])
@@ -305,6 +314,11 @@
goto argerr;
}
secret_keyidlen = (size_t)ltmp;
+ } else if (!strcmp(*args, "-pwri_password")) {
+ if (!args[1])
+ goto argerr;
+ args++;
+ pwri_pass = (unsigned char *)*args;
} else if (!strcmp(*args, "-econtent_type")) {
if (!args[1])
goto argerr;
@@ -351,13 +365,13 @@
if (signerfile) {
if (!sksigners)
- sksigners = sk_new_null();
- sk_push(sksigners, signerfile);
+ sksigners = sk_OPENSSL_STRING_new_null();
+ sk_OPENSSL_STRING_push(sksigners, signerfile);
if (!keyfile)
keyfile = signerfile;
if (!skkeys)
- skkeys = sk_new_null();
- sk_push(skkeys, keyfile);
+ skkeys = sk_OPENSSL_STRING_new_null();
+ sk_OPENSSL_STRING_push(skkeys, keyfile);
keyfile = NULL;
}
signerfile = *++args;
@@ -387,12 +401,12 @@
goto argerr;
}
if (!sksigners)
- sksigners = sk_new_null();
- sk_push(sksigners, signerfile);
+ sksigners = sk_OPENSSL_STRING_new_null();
+ sk_OPENSSL_STRING_push(sksigners, signerfile);
signerfile = NULL;
if (!skkeys)
- skkeys = sk_new_null();
- sk_push(skkeys, keyfile);
+ skkeys = sk_OPENSSL_STRING_new_null();
+ sk_OPENSSL_STRING_push(skkeys, keyfile);
}
keyfile = *++args;
} else if (!strcmp(*args, "-keyform")) {
@@ -464,13 +478,13 @@
/* Check to see if any final signer needs to be appended */
if (signerfile) {
if (!sksigners)
- sksigners = sk_new_null();
- sk_push(sksigners, signerfile);
+ sksigners = sk_OPENSSL_STRING_new_null();
+ sk_OPENSSL_STRING_push(sksigners, signerfile);
if (!skkeys)
- skkeys = sk_new_null();
+ skkeys = sk_OPENSSL_STRING_new_null();
if (!keyfile)
keyfile = signerfile;
- sk_push(skkeys, keyfile);
+ sk_OPENSSL_STRING_push(skkeys, keyfile);
}
if (!sksigners) {
BIO_printf(bio_err, "No signer certificate specified\n");
@@ -482,13 +496,13 @@
}
else if (operation == SMIME_DECRYPT) {
- if (!recipfile && !keyfile && !secret_key) {
+ if (!recipfile && !keyfile && !secret_key && !pwri_pass) {
BIO_printf(bio_err,
"No recipient certificate or key specified\n");
badarg = 1;
}
} else if (operation == SMIME_ENCRYPT) {
- if (!*args && !secret_key) {
+ if (!*args && !secret_key && !pwri_pass) {
BIO_printf(bio_err, "No recipient(s) certificate(s) specified\n");
badarg = 1;
}
@@ -567,6 +581,8 @@
"-CApath dir trusted certificates directory\n");
BIO_printf(bio_err, "-CAfile file trusted certificates file\n");
BIO_printf(bio_err,
+ "-no_alt_chains only ever use the first certificate chain found\n");
+ BIO_printf(bio_err,
"-crl_check check revocation status of signer's certificate using CRLs\n");
BIO_printf(bio_err,
"-crl_check_all check revocation status of signer's certificate chain using CRLs\n");
@@ -632,7 +648,7 @@
}
if (secret_key && !secret_keyid) {
- BIO_printf(bio_err, "No sectre key id\n");
+ BIO_printf(bio_err, "No secret key id\n");
goto end;
}
@@ -774,7 +790,7 @@
if ((operation == SMIME_VERIFY) || (operation == SMIME_VERIFY_RECEIPT)) {
if (!(store = setup_verify(bio_err, CAfile, CApath)))
goto end;
- X509_STORE_set_verify_cb_func(store, cms_cb);
+ X509_STORE_set_verify_cb(store, cms_cb);
if (vpm)
X509_STORE_set1_param(store, vpm);
}
@@ -802,6 +818,16 @@
secret_key = NULL;
secret_keyid = NULL;
}
+ if (pwri_pass) {
+ pwri_tmp = (unsigned char *)BUF_strdup((char *)pwri_pass);
+ if (!pwri_tmp)
+ goto end;
+ if (!CMS_add0_recipient_password(cms,
+ -1, NID_undef, NID_undef,
+ pwri_tmp, -1, NULL))
+ goto end;
+ pwri_tmp = NULL;
+ }
if (!(flags & CMS_STREAM)) {
if (!CMS_final(cms, in, NULL, flags))
goto end;
@@ -852,10 +878,10 @@
}
} else
flags |= CMS_REUSE_DIGEST;
- for (i = 0; i < sk_num(sksigners); i++) {
+ for (i = 0; i < sk_OPENSSL_STRING_num(sksigners); i++) {
CMS_SignerInfo *si;
- signerfile = sk_value(sksigners, i);
- keyfile = sk_value(skkeys, i);
+ signerfile = sk_OPENSSL_STRING_value(sksigners, i);
+ keyfile = sk_OPENSSL_STRING_value(skkeys, i);
signer = load_cert(bio_err, signerfile, FORMAT_PEM, NULL,
e, "signer certificate");
if (!signer)
@@ -907,6 +933,13 @@
}
}
+ if (pwri_pass) {
+ if (!CMS_decrypt_set1_password(cms, pwri_pass, -1)) {
+ BIO_puts(bio_err, "Error decrypting CMS using password\n");
+ goto end;
+ }
+ }
+
if (!CMS_decrypt(cms, NULL, NULL, indata, out, flags)) {
BIO_printf(bio_err, "Error decrypting CMS structure\n");
goto end;
@@ -933,6 +966,8 @@
BIO_printf(bio_err, "Verification successful\n");
else {
BIO_printf(bio_err, "Verification failure\n");
+ if (verify_retcode)
+ ret = verify_err + 32;
goto end;
}
if (signerfile) {
@@ -957,7 +992,10 @@
goto end;
}
} else {
- if (outformat == FORMAT_SMIME) {
+ if (noout) {
+ if (print)
+ CMS_ContentInfo_print_ctx(out, cms, 0, NULL);
+ } else if (outformat == FORMAT_SMIME) {
if (to)
BIO_printf(out, "To: %s\n", to);
if (from)
@@ -969,9 +1007,9 @@
else
ret = SMIME_write_CMS(out, cms, in, flags);
} else if (outformat == FORMAT_PEM)
- ret = PEM_write_bio_CMS(out, cms);
+ ret = PEM_write_bio_CMS_stream(out, cms, in, flags);
else if (outformat == FORMAT_ASN1)
- ret = i2d_CMS_bio(out, cms);
+ ret = i2d_CMS_bio_stream(out, cms, in, flags);
else {
BIO_printf(bio_err, "Bad output format for CMS file\n");
goto end;
@@ -992,21 +1030,23 @@
if (vpm)
X509_VERIFY_PARAM_free(vpm);
if (sksigners)
- sk_free(sksigners);
+ sk_OPENSSL_STRING_free(sksigners);
if (skkeys)
- sk_free(skkeys);
+ sk_OPENSSL_STRING_free(skkeys);
if (secret_key)
OPENSSL_free(secret_key);
if (secret_keyid)
OPENSSL_free(secret_keyid);
+ if (pwri_tmp)
+ OPENSSL_free(pwri_tmp);
if (econtent_type)
ASN1_OBJECT_free(econtent_type);
if (rr)
CMS_ReceiptRequest_free(rr);
if (rr_to)
- sk_free(rr_to);
+ sk_OPENSSL_STRING_free(rr_to);
if (rr_from)
- sk_free(rr_from);
+ sk_OPENSSL_STRING_free(rr_from);
X509_STORE_free(store);
X509_free(cert);
X509_free(recip);
@@ -1046,6 +1086,8 @@
error = X509_STORE_CTX_get_error(ctx);
+ verify_err = error;
+
if ((error != X509_V_ERR_NO_EXPLICIT_POLICY)
&& ((error != X509_V_OK) || (ok != 2)))
return ok;
@@ -1119,7 +1161,7 @@
}
}
-static STACK_OF(GENERAL_NAMES) *make_names_stack(STACK * ns)
+static STACK_OF(GENERAL_NAMES) *make_names_stack(STACK_OF(OPENSSL_STRING) *ns)
{
int i;
STACK_OF(GENERAL_NAMES) *ret;
@@ -1128,11 +1170,9 @@
ret = sk_GENERAL_NAMES_new_null();
if (!ret)
goto err;
- for (i = 0; i < sk_num(ns); i++) {
- CONF_VALUE cnf;
- cnf.name = "email";
- cnf.value = sk_value(ns, i);
- gen = v2i_GENERAL_NAME(NULL, NULL, &cnf);
+ for (i = 0; i < sk_OPENSSL_STRING_num(ns); i++) {
+ char *str = sk_OPENSSL_STRING_value(ns, i);
+ gen = a2i_GENERAL_NAME(NULL, NULL, NULL, GEN_EMAIL, str, 0);
if (!gen)
goto err;
gens = GENERAL_NAMES_new();
@@ -1158,9 +1198,9 @@
return NULL;
}
-static CMS_ReceiptRequest *make_receipt_request(STACK * rr_to,
- int rr_allorfirst,
- STACK * rr_from)
+static CMS_ReceiptRequest *make_receipt_request(STACK_OF(OPENSSL_STRING)
+ *rr_to, int rr_allorfirst, STACK_OF(OPENSSL_STRING)
+ *rr_from)
{
STACK_OF(GENERAL_NAMES) *rct_to, *rct_from;
CMS_ReceiptRequest *rr;
Modified: trunk/crypto/openssl/apps/crl.c
===================================================================
--- trunk/crypto/openssl/apps/crl.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/apps/crl.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -81,6 +81,9 @@
" -in arg - input file - default stdin\n",
" -out arg - output file - default stdout\n",
" -hash - print hash value\n",
+#ifndef OPENSSL_NO_MD5
+ " -hash_old - print old-style (MD5) hash value\n",
+#endif
" -fingerprint - print the crl fingerprint\n",
" -issuer - print issuer DN\n",
" -lastupdate - lastUpdate field\n",
@@ -109,6 +112,9 @@
char *infile = NULL, *outfile = NULL;
int hash = 0, issuer = 0, lastupdate = 0, nextupdate = 0, noout =
0, text = 0;
+#ifndef OPENSSL_NO_MD5
+ int hash_old = 0;
+#endif
int fingerprint = 0, crlnumber = 0;
const char **pp;
X509_STORE *store = NULL;
@@ -187,6 +193,10 @@
text = 1;
else if (strcmp(*argv, "-hash") == 0)
hash = ++num;
+#ifndef OPENSSL_NO_MD5
+ else if (strcmp(*argv, "-hash_old") == 0)
+ hash_old = ++num;
+#endif
else if (strcmp(*argv, "-nameopt") == 0) {
if (--argc < 1)
goto bad;
@@ -292,6 +302,12 @@
BIO_printf(bio_out, "%08lx\n",
X509_NAME_hash(X509_CRL_get_issuer(x)));
}
+#ifndef OPENSSL_NO_MD5
+ if (hash_old == i) {
+ BIO_printf(bio_out, "%08lx\n",
+ X509_NAME_hash_old(X509_CRL_get_issuer(x)));
+ }
+#endif
if (lastupdate == i) {
BIO_printf(bio_out, "lastUpdate=");
ASN1_TIME_print(bio_out, X509_CRL_get_lastUpdate(x));
Modified: trunk/crypto/openssl/apps/crl2p7.c
===================================================================
--- trunk/crypto/openssl/apps/crl2p7.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/apps/crl2p7.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -65,7 +65,6 @@
#include <stdio.h>
#include <string.h>
#include <sys/types.h>
-#include <sys/stat.h>
#include "apps.h"
#include <openssl/err.h>
#include <openssl/evp.h>
@@ -96,7 +95,7 @@
PKCS7 *p7 = NULL;
PKCS7_SIGNED *p7s = NULL;
X509_CRL *crl = NULL;
- STACK *certflst = NULL;
+ STACK_OF(OPENSSL_STRING) *certflst = NULL;
STACK_OF(X509_CRL) *crl_stack = NULL;
STACK_OF(X509) *cert_stack = NULL;
int ret = 1, nocrl = 0;
@@ -138,11 +137,11 @@
if (--argc < 1)
goto bad;
if (!certflst)
- certflst = sk_new_null();
+ certflst = sk_OPENSSL_STRING_new_null();
if (!certflst)
goto end;
- if (!sk_push(certflst, *(++argv))) {
- sk_free(certflst);
+ if (!sk_OPENSSL_STRING_push(certflst, *(++argv))) {
+ sk_OPENSSL_STRING_free(certflst);
goto end;
}
} else {
@@ -228,8 +227,8 @@
p7s->cert = cert_stack;
if (certflst)
- for (i = 0; i < sk_num(certflst); i++) {
- certfile = sk_value(certflst, i);
+ for (i = 0; i < sk_OPENSSL_STRING_num(certflst); i++) {
+ certfile = sk_OPENSSL_STRING_value(certflst, i);
if (add_certs_from_file(cert_stack, certfile) < 0) {
BIO_printf(bio_err, "error loading certificates\n");
ERR_print_errors(bio_err);
@@ -237,7 +236,7 @@
}
}
- sk_free(certflst);
+ sk_OPENSSL_STRING_free(certflst);
if (outfile == NULL) {
BIO_set_fp(out, stdout, BIO_NOCLOSE);
@@ -294,7 +293,6 @@
*/
static int add_certs_from_file(STACK_OF(X509) *stack, char *certfile)
{
- struct stat st;
BIO *in = NULL;
int count = 0;
int ret = -1;
@@ -301,11 +299,6 @@
STACK_OF(X509_INFO) *sk = NULL;
X509_INFO *xi;
- if ((stat(certfile, &st) != 0)) {
- BIO_printf(bio_err, "unable to load the file, %s\n", certfile);
- goto end;
- }
-
in = BIO_new(BIO_s_file());
if ((in == NULL) || (BIO_read_filename(in, certfile) <= 0)) {
BIO_printf(bio_err, "error opening the file, %s\n", certfile);
Modified: trunk/crypto/openssl/apps/dgst.c
===================================================================
--- trunk/crypto/openssl/apps/dgst.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/apps/dgst.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -75,10 +75,30 @@
#define PROG dgst_main
int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
- EVP_PKEY *key, unsigned char *sigin, int siglen, const char *title,
- const char *file, BIO *bmd, const char *hmac_key,
- int non_fips_allow);
+ EVP_PKEY *key, unsigned char *sigin, int siglen,
+ const char *sig_name, const char *md_name,
+ const char *file, BIO *bmd);
+static void list_md_fn(const EVP_MD *m,
+ const char *from, const char *to, void *arg)
+{
+ const char *mname;
+ /* Skip aliases */
+ if (!m)
+ return;
+ mname = OBJ_nid2ln(EVP_MD_type(m));
+ /* Skip shortnames */
+ if (strcmp(from, mname))
+ return;
+ /* Skip clones */
+ if (EVP_MD_flags(m) & EVP_MD_FLAG_PKEY_DIGEST)
+ return;
+ if (strchr(mname, ' '))
+ mname = EVP_MD_name(m);
+ BIO_printf(arg, "-%-14s to use the %s message digest algorithm\n",
+ mname, mname);
+}
+
int MAIN(int, char **);
int MAIN(int argc, char **argv)
@@ -90,7 +110,6 @@
BIO *in = NULL, *inp;
BIO *bmd = NULL;
BIO *out = NULL;
- const char *name;
#define PROG_NAME_SIZE 39
char pname[PROG_NAME_SIZE + 1];
int separator = 0;
@@ -102,16 +121,17 @@
EVP_PKEY *sigkey = NULL;
unsigned char *sigbuf = NULL;
int siglen = 0;
- unsigned int sig_flags = 0;
char *passargin = NULL, *passin = NULL;
#ifndef OPENSSL_NO_ENGINE
char *engine = NULL;
#endif
char *hmac_key = NULL;
+ char *mac_name = NULL;
int non_fips_allow = 0;
+ STACK_OF(OPENSSL_STRING) *sigopts = NULL, *macopts = NULL;
apps_startup();
- ERR_load_crypto_strings();
+
if ((buf = (unsigned char *)OPENSSL_malloc(BUFSIZE)) == NULL) {
BIO_printf(bio_err, "out of memory\n");
goto end;
@@ -135,6 +155,8 @@
break;
if (strcmp(*argv, "-c") == 0)
separator = 1;
+ else if (strcmp(*argv, "-r") == 0)
+ separator = 2;
else if (strcmp(*argv, "-rand") == 0) {
if (--argc < 1)
break;
@@ -162,24 +184,6 @@
break;
keyfile = *(++argv);
do_verify = 1;
- } else if (strcmp(*argv, "-x931") == 0)
- sig_flags = EVP_MD_CTX_FLAG_PAD_X931;
- else if (strcmp(*argv, "-pss_saltlen") == 0) {
- int saltlen;
- if (--argc < 1)
- break;
- saltlen = atoi(*(++argv));
- if (saltlen == -1)
- sig_flags = EVP_MD_CTX_FLAG_PSS_MREC;
- else if (saltlen == -2)
- sig_flags = EVP_MD_CTX_FLAG_PSS_MDLEN;
- else if (saltlen < -2 || saltlen >= 0xFFFE) {
- BIO_printf(bio_err, "Invalid PSS salt length %d\n", saltlen);
- goto end;
- } else
- sig_flags = saltlen;
- sig_flags <<= 16;
- sig_flags |= EVP_MD_CTX_FLAG_PAD_PSS;
} else if (strcmp(*argv, "-signature") == 0) {
if (--argc < 1)
break;
@@ -194,6 +198,7 @@
if (--argc < 1)
break;
engine = *(++argv);
+ e = setup_engine(bio_err, engine, 0);
}
#endif
else if (strcmp(*argv, "-hex") == 0)
@@ -202,14 +207,32 @@
out_bin = 1;
else if (strcmp(*argv, "-d") == 0)
debug = 1;
+ else if (!strcmp(*argv, "-fips-fingerprint"))
+ hmac_key = "etaonrishdlcupfm";
else if (strcmp(*argv, "-non-fips-allow") == 0)
non_fips_allow = 1;
- else if (!strcmp(*argv, "-fips-fingerprint"))
- hmac_key = "etaonrishdlcupfm";
else if (!strcmp(*argv, "-hmac")) {
if (--argc < 1)
break;
hmac_key = *++argv;
+ } else if (!strcmp(*argv, "-mac")) {
+ if (--argc < 1)
+ break;
+ mac_name = *++argv;
+ } else if (strcmp(*argv, "-sigopt") == 0) {
+ if (--argc < 1)
+ break;
+ if (!sigopts)
+ sigopts = sk_OPENSSL_STRING_new_null();
+ if (!sigopts || !sk_OPENSSL_STRING_push(sigopts, *(++argv)))
+ break;
+ } else if (strcmp(*argv, "-macopt") == 0) {
+ if (--argc < 1)
+ break;
+ if (!macopts)
+ macopts = sk_OPENSSL_STRING_new_null();
+ if (!macopts || !sk_OPENSSL_STRING_push(macopts, *(++argv)))
+ break;
} else if ((m = EVP_get_digestbyname(&((*argv)[1]))) != NULL)
md = m;
else
@@ -218,13 +241,9 @@
argv++;
}
- if (md == NULL)
- md = EVP_md5();
-
if (do_verify && !sigfile) {
BIO_printf(bio_err,
"No signature to verify: use the -signature option\n");
- err = 1;
goto end;
}
@@ -233,9 +252,13 @@
BIO_printf(bio_err, "options are\n");
BIO_printf(bio_err,
"-c to output the digest with separating colons\n");
+ BIO_printf(bio_err,
+ "-r to output the digest in coreutils format\n");
BIO_printf(bio_err, "-d to output debug info\n");
BIO_printf(bio_err, "-hex output as hex dump\n");
BIO_printf(bio_err, "-binary output in binary form\n");
+ BIO_printf(bio_err, "-hmac arg set the HMAC key to arg\n");
+ BIO_printf(bio_err, "-non-fips-allow allow use of non FIPS digest\n");
BIO_printf(bio_err,
"-sign file sign digest using private key in file\n");
BIO_printf(bio_err,
@@ -244,52 +267,31 @@
"-prverify file verify a signature using private key in file\n");
BIO_printf(bio_err,
"-keyform arg key file format (PEM or ENGINE)\n");
+ BIO_printf(bio_err,
+ "-out filename output to filename rather than stdout\n");
BIO_printf(bio_err, "-signature file signature to verify\n");
- BIO_printf(bio_err, "-binary output in binary form\n");
+ BIO_printf(bio_err, "-sigopt nm:v signature parameter\n");
BIO_printf(bio_err, "-hmac key create hashed MAC with key\n");
+ BIO_printf(bio_err,
+ "-mac algorithm create MAC (not neccessarily HMAC)\n");
+ BIO_printf(bio_err,
+ "-macopt nm:v MAC algorithm parameters or key\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err,
"-engine e use engine e, possibly a hardware device.\n");
#endif
- BIO_printf(bio_err,
- "-%-14s to use the %s message digest algorithm (default)\n",
- LN_md5, LN_md5);
- BIO_printf(bio_err, "-%-14s to use the %s message digest algorithm\n",
- LN_md4, LN_md4);
- BIO_printf(bio_err, "-%-14s to use the %s message digest algorithm\n",
- LN_md2, LN_md2);
-#ifndef OPENSSL_NO_SHA
- BIO_printf(bio_err, "-%-14s to use the %s message digest algorithm\n",
- LN_sha1, LN_sha1);
- BIO_printf(bio_err, "-%-14s to use the %s message digest algorithm\n",
- LN_sha, LN_sha);
-# ifndef OPENSSL_NO_SHA256
- BIO_printf(bio_err, "-%-14s to use the %s message digest algorithm\n",
- LN_sha224, LN_sha224);
- BIO_printf(bio_err, "-%-14s to use the %s message digest algorithm\n",
- LN_sha256, LN_sha256);
-# endif
-# ifndef OPENSSL_NO_SHA512
- BIO_printf(bio_err, "-%-14s to use the %s message digest algorithm\n",
- LN_sha384, LN_sha384);
- BIO_printf(bio_err, "-%-14s to use the %s message digest algorithm\n",
- LN_sha512, LN_sha512);
-# endif
-#endif
- BIO_printf(bio_err, "-%-14s to use the %s message digest algorithm\n",
- LN_mdc2, LN_mdc2);
- BIO_printf(bio_err, "-%-14s to use the %s message digest algorithm\n",
- LN_ripemd160, LN_ripemd160);
- err = 1;
+ EVP_MD_do_all_sorted(list_md_fn, bio_err);
goto end;
}
-#ifndef OPENSSL_NO_ENGINE
- e = setup_engine(bio_err, engine, 0);
-#endif
in = BIO_new(BIO_s_file());
bmd = BIO_new(BIO_f_md());
+ if ((in == NULL) || (bmd == NULL)) {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
if (debug) {
BIO_set_callback(in, BIO_debug_callback);
/* needed for windows 3.1 */
@@ -301,11 +303,6 @@
goto end;
}
- if ((in == NULL) || (bmd == NULL)) {
- ERR_print_errors(bio_err);
- goto end;
- }
-
if (out_bin == -1) {
if (keyfile)
out_bin = 1;
@@ -337,6 +334,10 @@
ERR_print_errors(bio_err);
goto end;
}
+ if ((! !mac_name + ! !keyfile + ! !hmac_key) > 1) {
+ BIO_printf(bio_err, "MAC and Signing key cannot both be specified\n");
+ goto end;
+ }
if (keyfile) {
if (want_pub)
@@ -353,6 +354,90 @@
}
}
+ if (mac_name) {
+ EVP_PKEY_CTX *mac_ctx = NULL;
+ int r = 0;
+ if (!init_gen_str(bio_err, &mac_ctx, mac_name, e, 0))
+ goto mac_end;
+ if (macopts) {
+ char *macopt;
+ for (i = 0; i < sk_OPENSSL_STRING_num(macopts); i++) {
+ macopt = sk_OPENSSL_STRING_value(macopts, i);
+ if (pkey_ctrl_string(mac_ctx, macopt) <= 0) {
+ BIO_printf(bio_err,
+ "MAC parameter error \"%s\"\n", macopt);
+ ERR_print_errors(bio_err);
+ goto mac_end;
+ }
+ }
+ }
+ if (EVP_PKEY_keygen(mac_ctx, &sigkey) <= 0) {
+ BIO_puts(bio_err, "Error generating key\n");
+ ERR_print_errors(bio_err);
+ goto mac_end;
+ }
+ r = 1;
+ mac_end:
+ if (mac_ctx)
+ EVP_PKEY_CTX_free(mac_ctx);
+ if (r == 0)
+ goto end;
+ }
+
+ if (non_fips_allow) {
+ EVP_MD_CTX *md_ctx;
+ BIO_get_md_ctx(bmd, &md_ctx);
+ EVP_MD_CTX_set_flags(md_ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
+ }
+
+ if (hmac_key) {
+ sigkey = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, e,
+ (unsigned char *)hmac_key, -1);
+ if (!sigkey)
+ goto end;
+ }
+
+ if (sigkey) {
+ EVP_MD_CTX *mctx = NULL;
+ EVP_PKEY_CTX *pctx = NULL;
+ int r;
+ if (!BIO_get_md_ctx(bmd, &mctx)) {
+ BIO_printf(bio_err, "Error getting context\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ if (do_verify)
+ r = EVP_DigestVerifyInit(mctx, &pctx, md, NULL, sigkey);
+ else
+ r = EVP_DigestSignInit(mctx, &pctx, md, NULL, sigkey);
+ if (!r) {
+ BIO_printf(bio_err, "Error setting context\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ if (sigopts) {
+ char *sigopt;
+ for (i = 0; i < sk_OPENSSL_STRING_num(sigopts); i++) {
+ sigopt = sk_OPENSSL_STRING_value(sigopts, i);
+ if (pkey_ctrl_string(pctx, sigopt) <= 0) {
+ BIO_printf(bio_err, "parameter error \"%s\"\n", sigopt);
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ }
+ }
+ }
+ /* we use md as a filter, reading from 'in' */
+ else {
+ if (md == NULL)
+ md = EVP_md5();
+ if (!BIO_set_md(bmd, md)) {
+ BIO_printf(bio_err, "Error setting digest %s\n", pname);
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ }
+
if (sigfile && sigkey) {
BIO *sigbio;
sigbio = BIO_new_file(sigfile, "rb");
@@ -363,6 +448,11 @@
ERR_print_errors(bio_err);
goto end;
}
+ if (!sigbuf) {
+ BIO_printf(bio_err, "Out of memory\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
siglen = BIO_read(sigbio, sigbuf, siglen);
BIO_free(sigbio);
if (siglen <= 0) {
@@ -371,58 +461,42 @@
goto end;
}
}
+ inp = BIO_push(bmd, in);
- if (non_fips_allow) {
- EVP_MD_CTX *md_ctx;
- BIO_get_md_ctx(bmd, &md_ctx);
- EVP_MD_CTX_set_flags(md_ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
+ if (md == NULL) {
+ EVP_MD_CTX *tctx;
+ BIO_get_md_ctx(bmd, &tctx);
+ md = EVP_MD_CTX_md(tctx);
}
- if (sig_flags) {
- EVP_MD_CTX *md_ctx;
- BIO_get_md_ctx(bmd, &md_ctx);
- EVP_MD_CTX_set_flags(md_ctx, sig_flags);
- }
-
- /* we use md as a filter, reading from 'in' */
- if (!BIO_set_md(bmd, md)) {
- BIO_printf(bio_err, "Error setting digest %s\n", pname);
- ERR_print_errors(bio_err);
- goto end;
- }
-
- inp = BIO_push(bmd, in);
-
if (argc == 0) {
BIO_set_fp(in, stdin, BIO_NOCLOSE);
err = do_fp(out, buf, inp, separator, out_bin, sigkey, sigbuf,
- siglen, "", "(stdin)", bmd, hmac_key, non_fips_allow);
+ siglen, NULL, NULL, "stdin", bmd);
} else {
- name = OBJ_nid2sn(md->type);
+ const char *md_name = NULL, *sig_name = NULL;
+ if (!out_bin) {
+ if (sigkey) {
+ const EVP_PKEY_ASN1_METHOD *ameth;
+ ameth = EVP_PKEY_get0_asn1(sigkey);
+ if (ameth)
+ EVP_PKEY_asn1_get0_info(NULL, NULL,
+ NULL, NULL, &sig_name, ameth);
+ }
+ md_name = EVP_MD_name(md);
+ }
err = 0;
for (i = 0; i < argc; i++) {
- char *tmp, *tofree = NULL;
int r;
-
if (BIO_read_filename(in, argv[i]) <= 0) {
perror(argv[i]);
err++;
continue;
- }
- if (!out_bin) {
- size_t len =
- strlen(name) + strlen(argv[i]) + (hmac_key ? 5 : 0) + 5;
- tmp = tofree = OPENSSL_malloc(len);
- BIO_snprintf(tmp, len, "%s%s(%s)= ",
- hmac_key ? "HMAC-" : "", name, argv[i]);
} else
- tmp = "";
- r = do_fp(out, buf, inp, separator, out_bin, sigkey, sigbuf,
- siglen, tmp, argv[i], bmd, hmac_key, non_fips_allow);
+ r = do_fp(out, buf, inp, separator, out_bin, sigkey, sigbuf,
+ siglen, sig_name, md_name, argv[i], bmd);
if (r)
err = r;
- if (tofree)
- OPENSSL_free(tofree);
(void)BIO_reset(bmd);
}
}
@@ -437,6 +511,10 @@
OPENSSL_free(passin);
BIO_free_all(out);
EVP_PKEY_free(sigkey);
+ if (sigopts)
+ sk_OPENSSL_STRING_free(sigopts);
+ if (macopts)
+ sk_OPENSSL_STRING_free(macopts);
if (sigbuf)
OPENSSL_free(sigbuf);
if (bmd != NULL)
@@ -446,24 +524,13 @@
}
int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
- EVP_PKEY *key, unsigned char *sigin, int siglen, const char *title,
- const char *file, BIO *bmd, const char *hmac_key,
- int non_fips_allow)
+ EVP_PKEY *key, unsigned char *sigin, int siglen,
+ const char *sig_name, const char *md_name,
+ const char *file, BIO *bmd)
{
- unsigned int len;
+ size_t len;
int i;
- EVP_MD_CTX *md_ctx;
- HMAC_CTX hmac_ctx;
- if (hmac_key) {
- EVP_MD *md;
-
- BIO_get_md(bmd, &md);
- HMAC_CTX_init(&hmac_ctx);
- HMAC_Init_ex(&hmac_ctx, hmac_key, strlen(hmac_key), md, NULL);
- BIO_get_md_ctx(bmd, &md_ctx);
- BIO_set_md_ctx(bmd, &hmac_ctx.md_ctx);
- }
for (;;) {
i = BIO_read(bp, (char *)buf, BUFSIZE);
if (i < 0) {
@@ -477,7 +544,7 @@
if (sigin) {
EVP_MD_CTX *ctx;
BIO_get_md_ctx(bp, &ctx);
- i = EVP_VerifyFinal(ctx, sigin, (unsigned int)siglen, key);
+ i = EVP_DigestVerifyFinal(ctx, sigin, (unsigned int)siglen);
if (i > 0)
BIO_printf(out, "Verified OK\n");
else if (i == 0) {
@@ -493,21 +560,33 @@
if (key) {
EVP_MD_CTX *ctx;
BIO_get_md_ctx(bp, &ctx);
- if (!EVP_SignFinal(ctx, buf, (unsigned int *)&len, key)) {
+ len = BUFSIZE;
+ if (!EVP_DigestSignFinal(ctx, buf, &len)) {
BIO_printf(bio_err, "Error Signing Data\n");
ERR_print_errors(bio_err);
return 1;
}
- } else if (hmac_key) {
- HMAC_Final(&hmac_ctx, buf, &len);
- HMAC_CTX_cleanup(&hmac_ctx);
- } else
+ } else {
len = BIO_gets(bp, (char *)buf, BUFSIZE);
+ if ((int)len < 0) {
+ ERR_print_errors(bio_err);
+ return 1;
+ }
+ }
if (binout)
BIO_write(out, buf, len);
- else {
- BIO_write(out, title, strlen(title));
+ else if (sep == 2) {
+ for (i = 0; i < (int)len; i++)
+ BIO_printf(out, "%02x", buf[i]);
+ BIO_printf(out, " *%s\n", file);
+ } else {
+ if (sig_name)
+ BIO_printf(out, "%s-%s(%s)= ", sig_name, md_name, file);
+ else if (md_name)
+ BIO_printf(out, "%s(%s)= ", md_name, file);
+ else
+ BIO_printf(out, "(%s)= ", file);
for (i = 0; i < (int)len; i++) {
if (sep && (i != 0))
BIO_printf(out, ":");
@@ -515,8 +594,5 @@
}
BIO_printf(out, "\n");
}
- if (hmac_key) {
- BIO_set_md_ctx(bmd, md_ctx);
- }
return 0;
}
Modified: trunk/crypto/openssl/apps/dh.c
===================================================================
--- trunk/crypto/openssl/apps/dh.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/apps/dh.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -328,4 +328,10 @@
apps_shutdown();
OPENSSL_EXIT(ret);
}
+#else /* !OPENSSL_NO_DH */
+
+# if PEDANTIC
+static void *dummy = &dummy;
+# endif
+
#endif
Modified: trunk/crypto/openssl/apps/dhparam.c
===================================================================
--- trunk/crypto/openssl/apps/dhparam.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/apps/dhparam.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -130,7 +130,7 @@
# undef PROG
# define PROG dhparam_main
-# define DEFBITS 512
+# define DEFBITS 2048
/*-
* -inform arg - input format - default PEM (DER or PEM)
@@ -254,7 +254,7 @@
BIO_printf(bio_err,
" -5 generate parameters using 5 as the generator value\n");
BIO_printf(bio_err,
- " numbits number of bits in to generate (default 512)\n");
+ " numbits number of bits in to generate (default 2048)\n");
# ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err,
" -engine e use engine e, possibly a hardware device.\n");
@@ -534,4 +534,10 @@
return 1;
}
+#else /* !OPENSSL_NO_DH */
+
+# if PEDANTIC
+static void *dummy = &dummy;
+# endif
+
#endif
Modified: trunk/crypto/openssl/apps/dsa.c
===================================================================
--- trunk/crypto/openssl/apps/dsa.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/apps/dsa.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -65,11 +65,11 @@
# include "apps.h"
# include <openssl/bio.h>
# include <openssl/err.h>
+# include <openssl/dsa.h>
# include <openssl/evp.h>
# include <openssl/x509.h>
# include <openssl/pem.h>
# include <openssl/bn.h>
-# include <openssl/dsa.h>
# undef PROG
# define PROG dsa_main
@@ -113,6 +113,8 @@
char *passin = NULL, *passout = NULL;
int modulus = 0;
+ int pvk_encr = 2;
+
apps_startup();
if (bio_err == NULL)
@@ -166,6 +168,12 @@
engine = *(++argv);
}
# endif
+ else if (strcmp(*argv, "-pvk-strong") == 0)
+ pvk_encr = 2;
+ else if (strcmp(*argv, "-pvk-weak") == 0)
+ pvk_encr = 1;
+ else if (strcmp(*argv, "-pvk-none") == 0)
+ pvk_encr = 0;
else if (strcmp(*argv, "-noout") == 0)
noout = 1;
else if (strcmp(*argv, "-text") == 0)
@@ -240,15 +248,27 @@
goto end;
}
+ in = BIO_new(BIO_s_file());
out = BIO_new(BIO_s_file());
- if (out == NULL) {
+ if ((in == NULL) || (out == NULL)) {
ERR_print_errors(bio_err);
goto end;
}
+ if (infile == NULL)
+ BIO_set_fp(in, stdin, BIO_NOCLOSE);
+ else {
+ if (BIO_read_filename(in, infile) <= 0) {
+ perror(infile);
+ goto end;
+ }
+ }
+
BIO_printf(bio_err, "read DSA key\n");
+
{
EVP_PKEY *pkey;
+
if (pubin)
pkey = load_pubkey(bio_err, infile, informat, 1,
passin, e, "Public Key");
@@ -256,9 +276,10 @@
pkey = load_key(bio_err, infile, informat, 1,
passin, e, "Private Key");
- if (pkey != NULL)
- dsa = pkey == NULL ? NULL : EVP_PKEY_get1_DSA(pkey);
- EVP_PKEY_free(pkey);
+ if (pkey) {
+ dsa = EVP_PKEY_get1_DSA(pkey);
+ EVP_PKEY_free(pkey);
+ }
}
if (dsa == NULL) {
BIO_printf(bio_err, "unable to load Key\n");
@@ -308,11 +329,24 @@
else
i = PEM_write_bio_DSAPrivateKey(out, dsa, enc,
NULL, 0, NULL, passout);
+# if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_RC4)
+ } else if (outformat == FORMAT_MSBLOB || outformat == FORMAT_PVK) {
+ EVP_PKEY *pk;
+ pk = EVP_PKEY_new();
+ EVP_PKEY_set1_DSA(pk, dsa);
+ if (outformat == FORMAT_PVK)
+ i = i2b_PVK_bio(out, pk, pvk_encr, 0, passout);
+ else if (pubin || pubout)
+ i = i2b_PublicKey_bio(out, pk);
+ else
+ i = i2b_PrivateKey_bio(out, pk);
+ EVP_PKEY_free(pk);
+# endif
} else {
BIO_printf(bio_err, "bad output format specified for outfile\n");
goto end;
}
- if (!i) {
+ if (i <= 0) {
BIO_printf(bio_err, "unable to write private key\n");
ERR_print_errors(bio_err);
} else
@@ -331,4 +365,10 @@
apps_shutdown();
OPENSSL_EXIT(ret);
}
+#else /* !OPENSSL_NO_DSA */
+
+# if PEDANTIC
+static void *dummy = &dummy;
+# endif
+
#endif
Modified: trunk/crypto/openssl/apps/dsaparam.c
===================================================================
--- trunk/crypto/openssl/apps/dsaparam.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/apps/dsaparam.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -310,6 +310,7 @@
goto end;
}
# endif
+ ERR_print_errors(bio_err);
BIO_printf(bio_err, "Error, DSA key generation failed\n");
goto end;
}
@@ -405,8 +406,11 @@
assert(need_rand);
if ((dsakey = DSAparams_dup(dsa)) == NULL)
goto end;
- if (!DSA_generate_key(dsakey))
+ if (!DSA_generate_key(dsakey)) {
+ ERR_print_errors(bio_err);
+ DSA_free(dsakey);
goto end;
+ }
if (outformat == FORMAT_ASN1)
i = i2d_DSAPrivateKey_bio(out, dsakey);
else if (outformat == FORMAT_PEM)
@@ -414,6 +418,7 @@
NULL);
else {
BIO_printf(bio_err, "bad output format specified for outfile\n");
+ DSA_free(dsakey);
goto end;
}
DSA_free(dsakey);
Modified: trunk/crypto/openssl/apps/ec.c
===================================================================
--- trunk/crypto/openssl/apps/ec.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/apps/ec.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -356,4 +356,10 @@
apps_shutdown();
OPENSSL_EXIT(ret);
}
+#else /* !OPENSSL_NO_EC */
+
+# if PEDANTIC
+static void *dummy = &dummy;
+# endif
+
#endif
Modified: trunk/crypto/openssl/apps/ecparam.c
===================================================================
--- trunk/crypto/openssl/apps/ecparam.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/apps/ecparam.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -106,7 +106,7 @@
* in the asn1 der encoding
* possible values: named_curve (default)
* explicit
- * -no_seed - if 'explicit' parameters are choosen do not use the seed
+ * -no_seed - if 'explicit' parameters are chosen do not use the seed
* -genkey - generate ec key
* -rand file - files to use for random number input
* -engine e - use engine e, possibly a hardware device
@@ -270,7 +270,7 @@
BIO_printf(bio_err, " "
" explicit\n");
BIO_printf(bio_err, " -no_seed if 'explicit'"
- " parameters are choosen do not" " use the seed\n");
+ " parameters are chosen do not" " use the seed\n");
BIO_printf(bio_err, " -genkey generate ec" " key\n");
BIO_printf(bio_err, " -rand file files to use for"
" random number input\n");
@@ -650,4 +650,10 @@
BIO_printf(out, "\n\t};\n\n");
return 1;
}
+#else /* !OPENSSL_NO_EC */
+
+# if PEDANTIC
+static void *dummy = &dummy;
+# endif
+
#endif
Modified: trunk/crypto/openssl/apps/enc.c
===================================================================
--- trunk/crypto/openssl/apps/enc.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/apps/enc.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -67,6 +67,9 @@
#include <openssl/x509.h>
#include <openssl/rand.h>
#include <openssl/pem.h>
+#ifndef OPENSSL_NO_COMP
+# include <openssl/comp.h>
+#endif
#include <ctype.h>
int set_hex(char *in, unsigned char *out, int size);
@@ -111,6 +114,10 @@
char *hkey = NULL, *hiv = NULL, *hsalt = NULL;
char *md = NULL;
int enc = 1, printkey = 0, i, base64 = 0;
+#ifdef ZLIB
+ int do_zlib = 0;
+ BIO *bzl = NULL;
+#endif
int debug = 0, olb64 = 0, nosalt = 0;
const EVP_CIPHER *cipher = NULL, *c;
EVP_CIPHER_CTX *ctx = NULL;
@@ -138,9 +145,19 @@
program_name(argv[0], pname, sizeof pname);
if (strcmp(pname, "base64") == 0)
base64 = 1;
+#ifdef ZLIB
+ if (strcmp(pname, "zlib") == 0)
+ do_zlib = 1;
+#endif
cipher = EVP_get_cipherbyname(pname);
- if (!base64 && (cipher == NULL) && (strcmp(pname, "enc") != 0)) {
+#ifdef ZLIB
+ if (!do_zlib && !base64 && (cipher == NULL)
+ && (strcmp(pname, "enc") != 0))
+#else
+ if (!base64 && (cipher == NULL) && (strcmp(pname, "enc") != 0))
+#endif
+ {
BIO_printf(bio_err, "%s is an unknown cipher\n", pname);
goto bad;
}
@@ -192,6 +209,10 @@
base64 = 1;
else if (strcmp(*argv, "-base64") == 0)
base64 = 1;
+#ifdef ZLIB
+ else if (strcmp(*argv, "-z") == 0)
+ do_zlib = 1;
+#endif
else if (strcmp(*argv, "-bufsize") == 0) {
if (--argc < 1)
goto bad;
@@ -275,11 +296,15 @@
BIO_printf(bio_err,
"%-14s from a passphrase. One of md2, md5, sha or sha1\n",
"");
+ BIO_printf(bio_err, "%-14s salt in hex is the next argument\n",
+ "-S");
BIO_printf(bio_err, "%-14s key/iv in hex is the next argument\n",
"-K/-iv");
BIO_printf(bio_err, "%-14s print the iv/key (then exit if -P)\n",
"-[pP]");
BIO_printf(bio_err, "%-14s buffer size\n", "-bufsize <n>");
+ BIO_printf(bio_err, "%-14s disable standard block padding\n",
+ "-nopad");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err,
"%-14s use engine e, possibly a hardware device.\n",
@@ -301,6 +326,18 @@
setup_engine(bio_err, engine, 0);
#endif
+ if (cipher && EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) {
+ BIO_printf(bio_err,
+ "AEAD ciphers not supported by the enc utility\n");
+ goto end;
+ }
+
+ if (cipher && (EVP_CIPHER_mode(cipher) == EVP_CIPH_XTS_MODE)) {
+ BIO_printf(bio_err,
+ "Ciphers in XTS mode are not supported by the enc utility\n");
+ goto end;
+ }
+
if (md && (dgst = EVP_get_digestbyname(md)) == NULL) {
BIO_printf(bio_err, "%s is an unsupported message digest type\n", md);
goto end;
@@ -307,10 +344,7 @@
}
if (dgst == NULL) {
- if (in_FIPS_mode)
- dgst = EVP_sha1();
- else
- dgst = EVP_md5();
+ dgst = EVP_md5();
}
if (bufsize != NULL) {
@@ -362,8 +396,10 @@
}
if (inf == NULL) {
+#ifndef OPENSSL_NO_SETVBUF_IONBF
if (bufsize != NULL)
setvbuf(stdin, (char *)NULL, _IONBF, 0);
+#endif /* ndef OPENSSL_NO_SETVBUF_IONBF */
BIO_set_fp(in, stdin, BIO_NOCLOSE);
} else {
if (BIO_read_filename(in, inf) <= 0) {
@@ -406,8 +442,10 @@
if (outf == NULL) {
BIO_set_fp(out, stdout, BIO_NOCLOSE);
+#ifndef OPENSSL_NO_SETVBUF_IONBF
if (bufsize != NULL)
setvbuf(stdout, (char *)NULL, _IONBF, 0);
+#endif /* ndef OPENSSL_NO_SETVBUF_IONBF */
#ifdef OPENSSL_SYS_VMS
{
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
@@ -424,6 +462,18 @@
rbio = in;
wbio = out;
+#ifdef ZLIB
+
+ if (do_zlib) {
+ if ((bzl = BIO_new(BIO_f_zlib())) == NULL)
+ goto end;
+ if (enc)
+ wbio = BIO_push(bzl, wbio);
+ else
+ rbio = BIO_push(bzl, rbio);
+ }
+#endif
+
if (base64) {
if ((b64 = BIO_new(BIO_f_base64())) == NULL)
goto end;
@@ -498,9 +548,14 @@
else
OPENSSL_cleanse(str, strlen(str));
}
- if ((hiv != NULL) && !set_hex(hiv, iv, sizeof iv)) {
- BIO_printf(bio_err, "invalid hex iv value\n");
- goto end;
+ if (hiv != NULL) {
+ int siz = EVP_CIPHER_iv_length(cipher);
+ if (siz == 0) {
+ BIO_printf(bio_err, "warning: iv not use by this cipher\n");
+ } else if (!set_hex(hiv, iv, sizeof iv)) {
+ BIO_printf(bio_err, "invalid hex iv value\n");
+ goto end;
+ }
}
if ((hiv == NULL) && (str == NULL)
&& EVP_CIPHER_iv_length(cipher) != 0) {
@@ -512,7 +567,7 @@
BIO_printf(bio_err, "iv undefined\n");
goto end;
}
- if ((hkey != NULL) && !set_hex(hkey, key, sizeof key)) {
+ if ((hkey != NULL) && !set_hex(hkey, key, EVP_CIPHER_key_length(cipher))) {
BIO_printf(bio_err, "invalid hex key value\n");
goto end;
}
@@ -615,6 +670,10 @@
BIO_free(benc);
if (b64 != NULL)
BIO_free(b64);
+#ifdef ZLIB
+ if (bzl != NULL)
+ BIO_free(bzl);
+#endif
if (pass)
OPENSSL_free(pass);
apps_shutdown();
Modified: trunk/crypto/openssl/apps/engine.c
===================================================================
--- trunk/crypto/openssl/apps/engine.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/apps/engine.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -92,7 +92,7 @@
NULL
};
-static void identity(void *ptr)
+static void identity(char *ptr)
{
return;
}
@@ -145,10 +145,6 @@
}
if (flags & ENGINE_CMD_FLAG_NUMERIC) {
- if (started) {
- BIO_printf(bio_out, "|");
- err = 1;
- }
BIO_printf(bio_out, "NUMERIC");
started = 1;
}
@@ -199,7 +195,7 @@
char *desc = NULL;
int flags;
int xpos = 0;
- STACK *cmds = NULL;
+ STACK_OF(OPENSSL_STRING) *cmds = NULL;
if (!ENGINE_ctrl(e, ENGINE_CTRL_HAS_CTRL_FUNCTION, 0, NULL, NULL) ||
((num = ENGINE_ctrl(e, ENGINE_CTRL_GET_FIRST_CMD_TYPE,
0, NULL, NULL)) <= 0)) {
@@ -209,7 +205,7 @@
return 1;
}
- cmds = sk_new_null();
+ cmds = sk_OPENSSL_STRING_new_null();
if (!cmds)
goto err;
@@ -281,7 +277,7 @@
ret = 1;
err:
if (cmds)
- sk_pop_free(cmds, identity);
+ sk_OPENSSL_STRING_pop_free(cmds, identity);
if (name)
OPENSSL_free(name);
if (desc)
@@ -289,10 +285,11 @@
return ret;
}
-static void util_do_cmds(ENGINE *e, STACK * cmds, BIO *bio_out,
- const char *indent)
+static void util_do_cmds(ENGINE *e, STACK_OF(OPENSSL_STRING) *cmds,
+ BIO *bio_out, const char *indent)
{
- int loop, res, num = sk_num(cmds);
+ int loop, res, num = sk_OPENSSL_STRING_num(cmds);
+
if (num < 0) {
BIO_printf(bio_out, "[Error]: internal stack error\n");
return;
@@ -300,7 +297,7 @@
for (loop = 0; loop < num; loop++) {
char buf[256];
const char *cmd, *arg;
- cmd = sk_value(cmds, loop);
+ cmd = sk_OPENSSL_STRING_value(cmds, loop);
res = 1; /* assume success */
/* Check if this command has no ":arg" */
if ((arg = strstr(cmd, ":")) == NULL) {
@@ -335,9 +332,9 @@
const char **pp;
int verbose = 0, list_cap = 0, test_avail = 0, test_avail_noise = 0;
ENGINE *e;
- STACK *engines = sk_new_null();
- STACK *pre_cmds = sk_new_null();
- STACK *post_cmds = sk_new_null();
+ STACK_OF(OPENSSL_STRING) *engines = sk_OPENSSL_STRING_new_null();
+ STACK_OF(OPENSSL_STRING) *pre_cmds = sk_OPENSSL_STRING_new_null();
+ STACK_OF(OPENSSL_STRING) *post_cmds = sk_OPENSSL_STRING_new_null();
int badops = 1;
BIO *bio_out = NULL;
const char *indent = " ";
@@ -379,18 +376,18 @@
argv++;
if (argc == 0)
goto skip_arg_loop;
- sk_push(pre_cmds, *argv);
+ sk_OPENSSL_STRING_push(pre_cmds, *argv);
} else if (strcmp(*argv, "-post") == 0) {
argc--;
argv++;
if (argc == 0)
goto skip_arg_loop;
- sk_push(post_cmds, *argv);
+ sk_OPENSSL_STRING_push(post_cmds, *argv);
} else if ((strncmp(*argv, "-h", 2) == 0) ||
(strcmp(*argv, "-?") == 0))
goto skip_arg_loop;
else
- sk_push(engines, *argv);
+ sk_OPENSSL_STRING_push(engines, *argv);
argc--;
argv++;
}
@@ -404,14 +401,14 @@
goto end;
}
- if (sk_num(engines) == 0) {
+ if (sk_OPENSSL_STRING_num(engines) == 0) {
for (e = ENGINE_get_first(); e != NULL; e = ENGINE_get_next(e)) {
- sk_push(engines, (char *)ENGINE_get_id(e));
+ sk_OPENSSL_STRING_push(engines, (char *)ENGINE_get_id(e));
}
}
- for (i = 0; i < sk_num(engines); i++) {
- const char *id = sk_value(engines, i);
+ for (i = 0; i < sk_OPENSSL_STRING_num(engines); i++) {
+ const char *id = sk_OPENSSL_STRING_value(engines, i);
if ((e = ENGINE_by_id(id)) != NULL) {
const char *name = ENGINE_get_name(e);
/*
@@ -430,6 +427,7 @@
const int *nids;
ENGINE_CIPHERS_PTR fn_c;
ENGINE_DIGESTS_PTR fn_d;
+ ENGINE_PKEY_METHS_PTR fn_pk;
if (ENGINE_get_RSA(e) != NULL
&& !append_buf(&cap_buf, "RSA", &cap_size, 256))
@@ -464,6 +462,15 @@
goto end;
skip_digests:
+ fn_pk = ENGINE_get_pkey_meths(e);
+ if (!fn_pk)
+ goto skip_pmeths;
+ n = fn_pk(e, NULL, &nids, 0);
+ for (k = 0; k < n; ++k)
+ if (!append_buf(&cap_buf,
+ OBJ_nid2sn(nids[k]), &cap_size, 256))
+ goto end;
+ skip_pmeths:
if (cap_buf && (*cap_buf != '\0'))
BIO_printf(bio_out, " [%s]\n", cap_buf);
@@ -493,9 +500,9 @@
end:
ERR_print_errors(bio_err);
- sk_pop_free(engines, identity);
- sk_pop_free(pre_cmds, identity);
- sk_pop_free(post_cmds, identity);
+ sk_OPENSSL_STRING_pop_free(engines, identity);
+ sk_OPENSSL_STRING_pop_free(pre_cmds, identity);
+ sk_OPENSSL_STRING_pop_free(post_cmds, identity);
if (bio_out != NULL)
BIO_free_all(bio_out);
apps_shutdown();
Modified: trunk/crypto/openssl/apps/errstr.c
===================================================================
--- trunk/crypto/openssl/apps/errstr.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/apps/errstr.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -95,10 +95,10 @@
out = BIO_push(tmpbio, out);
}
#endif
- lh_node_stats_bio((LHASH *)ERR_get_string_table(), out);
- lh_stats_bio((LHASH *)ERR_get_string_table(), out);
- lh_node_usage_stats_bio((LHASH *)
- ERR_get_string_table(), out);
+ lh_ERR_STRING_DATA_node_stats_bio(ERR_get_string_table(), out);
+ lh_ERR_STRING_DATA_stats_bio(ERR_get_string_table(), out);
+ lh_ERR_STRING_DATA_node_usage_stats_bio(ERR_get_string_table(),
+ out);
}
if (out != NULL)
BIO_free_all(out);
Modified: trunk/crypto/openssl/apps/gendh.c
===================================================================
--- trunk/crypto/openssl/apps/gendh.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/apps/gendh.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -80,7 +80,7 @@
# include <openssl/x509.h>
# include <openssl/pem.h>
-# define DEFBITS 512
+# define DEFBITS 2048
# undef PROG
# define PROG gendh_main
@@ -239,4 +239,10 @@
# endif
return 1;
}
+#else /* !OPENSSL_NO_DH */
+
+# if PEDANTIC
+static void *dummy = &dummy;
+# endif
+
#endif
Copied: trunk/crypto/openssl/apps/genpkey.c (from rev 7117, vendor-crypto/openssl/dist/apps/genpkey.c)
===================================================================
--- trunk/crypto/openssl/apps/genpkey.c (rev 0)
+++ trunk/crypto/openssl/apps/genpkey.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,405 @@
+/* apps/genpkey.c */
+/*
+ * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+ * 2006
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+#include <stdio.h>
+#include <string.h>
+#include "apps.h"
+#include <openssl/pem.h>
+#include <openssl/err.h>
+#include <openssl/evp.h>
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+#endif
+
+static int init_keygen_file(BIO *err, EVP_PKEY_CTX **pctx,
+ const char *file, ENGINE *e);
+static int genpkey_cb(EVP_PKEY_CTX *ctx);
+
+#define PROG genpkey_main
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+{
+ ENGINE *e = NULL;
+ char **args, *outfile = NULL;
+ char *passarg = NULL;
+ BIO *in = NULL, *out = NULL;
+ const EVP_CIPHER *cipher = NULL;
+ int outformat;
+ int text = 0;
+ EVP_PKEY *pkey = NULL;
+ EVP_PKEY_CTX *ctx = NULL;
+ char *pass = NULL;
+ int badarg = 0;
+ int ret = 1, rv;
+
+ int do_param = 0;
+
+ if (bio_err == NULL)
+ bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
+
+ if (!load_config(bio_err, NULL))
+ goto end;
+
+ outformat = FORMAT_PEM;
+
+ ERR_load_crypto_strings();
+ OpenSSL_add_all_algorithms();
+ args = argv + 1;
+ while (!badarg && *args && *args[0] == '-') {
+ if (!strcmp(*args, "-outform")) {
+ if (args[1]) {
+ args++;
+ outformat = str2fmt(*args);
+ } else
+ badarg = 1;
+ } else if (!strcmp(*args, "-pass")) {
+ if (!args[1])
+ goto bad;
+ passarg = *(++args);
+ }
+#ifndef OPENSSL_NO_ENGINE
+ else if (strcmp(*args, "-engine") == 0) {
+ if (!args[1])
+ goto bad;
+ e = setup_engine(bio_err, *(++args), 0);
+ }
+#endif
+ else if (!strcmp(*args, "-paramfile")) {
+ if (!args[1])
+ goto bad;
+ args++;
+ if (do_param == 1)
+ goto bad;
+ if (!init_keygen_file(bio_err, &ctx, *args, e))
+ goto end;
+ } else if (!strcmp(*args, "-out")) {
+ if (args[1]) {
+ args++;
+ outfile = *args;
+ } else
+ badarg = 1;
+ } else if (strcmp(*args, "-algorithm") == 0) {
+ if (!args[1])
+ goto bad;
+ if (!init_gen_str(bio_err, &ctx, *(++args), e, do_param))
+ goto end;
+ } else if (strcmp(*args, "-pkeyopt") == 0) {
+ if (!args[1])
+ goto bad;
+ if (!ctx) {
+ BIO_puts(bio_err, "No keytype specified\n");
+ goto bad;
+ } else if (pkey_ctrl_string(ctx, *(++args)) <= 0) {
+ BIO_puts(bio_err, "parameter setting error\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ } else if (strcmp(*args, "-genparam") == 0) {
+ if (ctx)
+ goto bad;
+ do_param = 1;
+ } else if (strcmp(*args, "-text") == 0)
+ text = 1;
+ else {
+ cipher = EVP_get_cipherbyname(*args + 1);
+ if (!cipher) {
+ BIO_printf(bio_err, "Unknown cipher %s\n", *args + 1);
+ badarg = 1;
+ }
+ if (do_param == 1)
+ badarg = 1;
+ }
+ args++;
+ }
+
+ if (!ctx)
+ badarg = 1;
+
+ if (badarg) {
+ bad:
+ BIO_printf(bio_err, "Usage: genpkey [options]\n");
+ BIO_printf(bio_err, "where options may be\n");
+ BIO_printf(bio_err, "-out file output file\n");
+ BIO_printf(bio_err,
+ "-outform X output format (DER or PEM)\n");
+ BIO_printf(bio_err,
+ "-pass arg output file pass phrase source\n");
+ BIO_printf(bio_err,
+ "-<cipher> use cipher <cipher> to encrypt the key\n");
+#ifndef OPENSSL_NO_ENGINE
+ BIO_printf(bio_err,
+ "-engine e use engine e, possibly a hardware device.\n");
+#endif
+ BIO_printf(bio_err, "-paramfile file parameters file\n");
+ BIO_printf(bio_err, "-algorithm alg the public key algorithm\n");
+ BIO_printf(bio_err,
+ "-pkeyopt opt:value set the public key algorithm option <opt>\n"
+ " to value <value>\n");
+ BIO_printf(bio_err,
+ "-genparam generate parameters, not key\n");
+ BIO_printf(bio_err, "-text print the in text\n");
+ BIO_printf(bio_err,
+ "NB: options order may be important! See the manual page.\n");
+ goto end;
+ }
+
+ if (!app_passwd(bio_err, passarg, NULL, &pass, NULL)) {
+ BIO_puts(bio_err, "Error getting password\n");
+ goto end;
+ }
+
+ if (outfile) {
+ if (!(out = BIO_new_file(outfile, "wb"))) {
+ BIO_printf(bio_err, "Can't open output file %s\n", outfile);
+ goto end;
+ }
+ } else {
+ out = BIO_new_fp(stdout, BIO_NOCLOSE);
+#ifdef OPENSSL_SYS_VMS
+ {
+ BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+ out = BIO_push(tmpbio, out);
+ }
+#endif
+ }
+
+ EVP_PKEY_CTX_set_cb(ctx, genpkey_cb);
+ EVP_PKEY_CTX_set_app_data(ctx, bio_err);
+
+ if (do_param) {
+ if (EVP_PKEY_paramgen(ctx, &pkey) <= 0) {
+ BIO_puts(bio_err, "Error generating parameters\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ } else {
+ if (EVP_PKEY_keygen(ctx, &pkey) <= 0) {
+ BIO_puts(bio_err, "Error generating key\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ }
+
+ if (do_param)
+ rv = PEM_write_bio_Parameters(out, pkey);
+ else if (outformat == FORMAT_PEM)
+ rv = PEM_write_bio_PrivateKey(out, pkey, cipher, NULL, 0, NULL, pass);
+ else if (outformat == FORMAT_ASN1)
+ rv = i2d_PrivateKey_bio(out, pkey);
+ else {
+ BIO_printf(bio_err, "Bad format specified for key\n");
+ goto end;
+ }
+
+ if (rv <= 0) {
+ BIO_puts(bio_err, "Error writing key\n");
+ ERR_print_errors(bio_err);
+ }
+
+ if (text) {
+ if (do_param)
+ rv = EVP_PKEY_print_params(out, pkey, 0, NULL);
+ else
+ rv = EVP_PKEY_print_private(out, pkey, 0, NULL);
+
+ if (rv <= 0) {
+ BIO_puts(bio_err, "Error printing key\n");
+ ERR_print_errors(bio_err);
+ }
+ }
+
+ ret = 0;
+
+ end:
+ if (pkey)
+ EVP_PKEY_free(pkey);
+ if (ctx)
+ EVP_PKEY_CTX_free(ctx);
+ if (out)
+ BIO_free_all(out);
+ BIO_free(in);
+ if (pass)
+ OPENSSL_free(pass);
+
+ return ret;
+}
+
+static int init_keygen_file(BIO *err, EVP_PKEY_CTX **pctx,
+ const char *file, ENGINE *e)
+{
+ BIO *pbio;
+ EVP_PKEY *pkey = NULL;
+ EVP_PKEY_CTX *ctx = NULL;
+ if (*pctx) {
+ BIO_puts(err, "Parameters already set!\n");
+ return 0;
+ }
+
+ pbio = BIO_new_file(file, "r");
+ if (!pbio) {
+ BIO_printf(err, "Can't open parameter file %s\n", file);
+ return 0;
+ }
+
+ pkey = PEM_read_bio_Parameters(pbio, NULL);
+ BIO_free(pbio);
+
+ if (!pkey) {
+ BIO_printf(bio_err, "Error reading parameter file %s\n", file);
+ return 0;
+ }
+
+ ctx = EVP_PKEY_CTX_new(pkey, e);
+ if (!ctx)
+ goto err;
+ if (EVP_PKEY_keygen_init(ctx) <= 0)
+ goto err;
+ EVP_PKEY_free(pkey);
+ *pctx = ctx;
+ return 1;
+
+ err:
+ BIO_puts(err, "Error initializing context\n");
+ ERR_print_errors(err);
+ if (ctx)
+ EVP_PKEY_CTX_free(ctx);
+ if (pkey)
+ EVP_PKEY_free(pkey);
+ return 0;
+
+}
+
+int init_gen_str(BIO *err, EVP_PKEY_CTX **pctx,
+ const char *algname, ENGINE *e, int do_param)
+{
+ EVP_PKEY_CTX *ctx = NULL;
+ const EVP_PKEY_ASN1_METHOD *ameth;
+ ENGINE *tmpeng = NULL;
+ int pkey_id;
+
+ if (*pctx) {
+ BIO_puts(err, "Algorithm already set!\n");
+ return 0;
+ }
+
+ ameth = EVP_PKEY_asn1_find_str(&tmpeng, algname, -1);
+
+#ifndef OPENSSL_NO_ENGINE
+ if (!ameth && e)
+ ameth = ENGINE_get_pkey_asn1_meth_str(e, algname, -1);
+#endif
+
+ if (!ameth) {
+ BIO_printf(bio_err, "Algorithm %s not found\n", algname);
+ return 0;
+ }
+
+ ERR_clear_error();
+
+ EVP_PKEY_asn1_get0_info(&pkey_id, NULL, NULL, NULL, NULL, ameth);
+#ifndef OPENSSL_NO_ENGINE
+ if (tmpeng)
+ ENGINE_finish(tmpeng);
+#endif
+ ctx = EVP_PKEY_CTX_new_id(pkey_id, e);
+
+ if (!ctx)
+ goto err;
+ if (do_param) {
+ if (EVP_PKEY_paramgen_init(ctx) <= 0)
+ goto err;
+ } else {
+ if (EVP_PKEY_keygen_init(ctx) <= 0)
+ goto err;
+ }
+
+ *pctx = ctx;
+ return 1;
+
+ err:
+ BIO_printf(err, "Error initializing %s context\n", algname);
+ ERR_print_errors(err);
+ if (ctx)
+ EVP_PKEY_CTX_free(ctx);
+ return 0;
+
+}
+
+static int genpkey_cb(EVP_PKEY_CTX *ctx)
+{
+ char c = '*';
+ BIO *b = EVP_PKEY_CTX_get_app_data(ctx);
+ int p;
+ p = EVP_PKEY_CTX_get_keygen_info(ctx, 0);
+ if (p == 0)
+ c = '.';
+ if (p == 1)
+ c = '+';
+ if (p == 2)
+ c = '*';
+ if (p == 3)
+ c = '\n';
+ BIO_write(b, &c, 1);
+ (void)BIO_flush(b);
+#ifdef LINT
+ p = n;
+#endif
+ return 1;
+}
Modified: trunk/crypto/openssl/apps/genrsa.c
===================================================================
--- trunk/crypto/openssl/apps/genrsa.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/apps/genrsa.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -80,7 +80,7 @@
# include <openssl/pem.h>
# include <openssl/rand.h>
-# define DEFBITS 512
+# define DEFBITS 1024
# undef PROG
# define PROG genrsa_main
@@ -91,10 +91,12 @@
int MAIN(int argc, char **argv)
{
BN_GENCB cb;
+# ifndef OPENSSL_NO_ENGINE
+ ENGINE *e = NULL;
+# endif
int ret = 1;
int i, num = DEFBITS;
long l;
- int use_x931 = 0;
const EVP_CIPHER *enc = NULL;
unsigned long f4 = RSA_F4;
char *outfile = NULL;
@@ -137,8 +139,6 @@
f4 = 3;
else if (strcmp(*argv, "-F4") == 0 || strcmp(*argv, "-f4") == 0)
f4 = RSA_F4;
- else if (strcmp(*argv, "-x931") == 0)
- use_x931 = 1;
# ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv, "-engine") == 0) {
if (--argc < 1)
@@ -241,7 +241,7 @@
goto err;
}
# ifndef OPENSSL_NO_ENGINE
- setup_engine(bio_err, engine, 0);
+ e = setup_engine(bio_err, engine, 0);
# endif
if (outfile == NULL) {
@@ -270,21 +270,15 @@
BIO_printf(bio_err, "Generating RSA private key, %d bit long modulus\n",
num);
-
+# ifdef OPENSSL_NO_ENGINE
rsa = RSA_new();
+# else
+ rsa = RSA_new_method(e);
+# endif
if (!rsa)
goto err;
- if (use_x931) {
- BIGNUM *pubexp;
- pubexp = BN_new();
- if (!BN_set_word(pubexp, f4))
- goto err;
- if (!RSA_X931_generate_key_ex(rsa, num, pubexp, &cb))
- goto err;
- BN_free(pubexp);
- } else if (!BN_set_word(bn, f4)
- || !RSA_generate_key_ex(rsa, num, bn, &cb))
+ if (!BN_set_word(bn, f4) || !RSA_generate_key_ex(rsa, num, bn, &cb))
goto err;
app_RAND_write_file(NULL, bio_err);
Copied: trunk/crypto/openssl/apps/install-apps.com (from rev 7117, vendor-crypto/openssl/dist/apps/install-apps.com)
===================================================================
--- trunk/crypto/openssl/apps/install-apps.com (rev 0)
+++ trunk/crypto/openssl/apps/install-apps.com 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,107 @@
+$! INSTALL.COM -- Installs the files in a given directory tree
+$!
+$! Author: Richard Levitte <richard at levitte.org>
+$! Time of creation: 22-MAY-1998 10:13
+$!
+$! P1 root of the directory tree
+$! P2 "64" for 64-bit pointers.
+$!
+$!
+$! Announce/identify.
+$!
+$ proc = f$environment( "procedure")
+$ write sys$output "@@@ "+ -
+ f$parse( proc, , , "name")+ f$parse( proc, , , "type")
+$!
+$ on error then goto tidy
+$ on control_c then goto tidy
+$!
+$ if (p1 .eqs. "")
+$ then
+$ write sys$output "First argument missing."
+$ write sys$output -
+ "It should be the directory where you want things installed."
+$ exit
+$ endif
+$!
+$ if (f$getsyi("cpu") .lt. 128)
+$ then
+$ arch = "VAX"
+$ else
+$ arch = f$edit( f$getsyi( "arch_name"), "upcase")
+$ if (arch .eqs. "") then arch = "UNK"
+$ endif
+$!
+$ archd = arch
+$!
+$ if (p2 .nes. "")
+$ then
+$ if (p2 .eqs. "64")
+$ then
+$ archd = arch+ "_64"
+$ else
+$ if (p2 .nes. "32")
+$ then
+$ write sys$output "Second argument invalid."
+$ write sys$output "It should be "32", "64", or nothing."
+$ exit
+$ endif
+$ endif
+$ endif
+$!
+$ root = f$parse( p1, "[]A.;0", , , "syntax_only, no_conceal") - "A.;0"
+$ root_dev = f$parse(root,,,"device","syntax_only")
+$ root_dir = f$parse(root,,,"directory","syntax_only") - -
+ "[000000." - "][" - "[" - "]"
+$ root = root_dev + "[" + root_dir
+$!
+$ define /nolog wrk_sslroot 'root'.] /trans=conc
+$ define /nolog wrk_sslxexe wrk_sslroot:['archd'_exe]
+$!
+$ if f$parse("wrk_sslroot:[000000]") .eqs. "" then -
+ create /directory /log wrk_sslroot:[000000]
+$ if f$parse("wrk_sslxexe:") .eqs. "" then -
+ create /directory /log wrk_sslxexe:
+$!
+$ exe := openssl
+$!
+$ exe_dir := [-.'archd'.exe.apps]
+$!
+$! Executables.
+$!
+$ i = 0
+$ loop_exe:
+$ e = f$edit(f$element( i, ",", exe), "trim")
+$ i = i + 1
+$ if e .eqs. "," then goto loop_exe_end
+$ set noon
+$ file = exe_dir+ e+ ".exe"
+$ if f$search( file) .nes. ""
+$ then
+$ copy /protection = w:re 'file' wrk_sslxexe: /log
+$ endif
+$ set on
+$ goto loop_exe
+$ loop_exe_end:
+$!
+$! Miscellaneous.
+$!
+$ set noon
+$ copy /protection = w:re ca.com wrk_sslxexe:ca.com /log
+$ copy /protection = w:re openssl-vms.cnf wrk_sslroot:[000000]openssl.cnf /log
+$ set on
+$!
+$ tidy:
+$!
+$ call deass wrk_sslroot
+$ call deass wrk_sslxexe
+$!
+$ exit
+$!
+$ deass: subroutine
+$ if (f$trnlnm( p1, "LNM$PROCESS") .nes. "")
+$ then
+$ deassign /process 'p1'
+$ endif
+$ endsubroutine
+$!
Modified: trunk/crypto/openssl/apps/ocsp.c
===================================================================
--- trunk/crypto/openssl/apps/ocsp.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/apps/ocsp.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -57,26 +57,56 @@
*
*/
#ifndef OPENSSL_NO_OCSP
+
+# ifdef OPENSSL_SYS_VMS
+# define _XOPEN_SOURCE_EXTENDED/* So fd_set and friends get properly defined
+ * on OpenVMS */
+# endif
+
# define USE_SOCKETS
+
# include <stdio.h>
# include <stdlib.h>
# include <string.h>
+# include <time.h>
# include "apps.h" /* needs to be included before the openssl
* headers! */
# include <openssl/e_os2.h>
+# include <openssl/crypto.h>
+# include <openssl/err.h>
# include <openssl/ssl.h>
-# include <openssl/err.h>
+# include <openssl/evp.h>
+# include <openssl/bn.h>
+# include <openssl/x509v3.h>
+# if defined(NETWARE_CLIB)
+# ifdef NETWARE_BSDSOCK
+# include <sys/socket.h>
+# include <sys/bsdskt.h>
+# else
+# include <novsock2.h>
+# endif
+# elif defined(NETWARE_LIBC)
+# ifdef NETWARE_BSDSOCK
+# include <sys/select.h>
+# else
+# include <novsock2.h>
+# endif
+# endif
+
/* Maximum leeway in validity period: default 5 minutes */
# define MAX_VALIDITY_PERIOD (5 * 60)
-static int add_ocsp_cert(OCSP_REQUEST **req, X509 *cert, X509 *issuer,
+static int add_ocsp_cert(OCSP_REQUEST **req, X509 *cert,
+ const EVP_MD *cert_id_md, X509 *issuer,
STACK_OF(OCSP_CERTID) *ids);
-static int add_ocsp_serial(OCSP_REQUEST **req, char *serial, X509 *issuer,
+static int add_ocsp_serial(OCSP_REQUEST **req, char *serial,
+ const EVP_MD *cert_id_md, X509 *issuer,
STACK_OF(OCSP_CERTID) *ids);
static int print_ocsp_summary(BIO *out, OCSP_BASICRESP *bs, OCSP_REQUEST *req,
- STACK * names, STACK_OF(OCSP_CERTID) *ids,
- long nsec, long maxage);
+ STACK_OF(OPENSSL_STRING) *names,
+ STACK_OF(OCSP_CERTID) *ids, long nsec,
+ long maxage);
static int make_ocsp_response(OCSP_RESPONSE **resp, OCSP_REQUEST *req,
CA_DB *db, X509 *ca, X509 *rcert,
@@ -89,6 +119,7 @@
char *port);
static int send_ocsp_response(BIO *cbio, OCSP_RESPONSE *resp);
static OCSP_RESPONSE *query_responder(BIO *err, BIO *cbio, char *path,
+ STACK_OF(CONF_VALUE) *headers,
OCSP_REQUEST *req, int req_timeout);
# undef PROG
@@ -108,6 +139,7 @@
char *rsignfile = NULL, *rkeyfile = NULL;
char *outfile = NULL;
int add_nonce = 1, noverify = 0, use_ssl = -1;
+ STACK_OF(CONF_VALUE) *headers = NULL;
OCSP_REQUEST *req = NULL;
OCSP_RESPONSE *resp = NULL;
OCSP_BASICRESP *bs = NULL;
@@ -130,7 +162,7 @@
int badarg = 0;
int i;
int ignore_err = 0;
- STACK *reqnames = NULL;
+ STACK_OF(OPENSSL_STRING) *reqnames = NULL;
STACK_OF(OCSP_CERTID) *ids = NULL;
X509 *rca_cert = NULL;
@@ -138,6 +170,7 @@
char *rca_filename = NULL;
CA_DB *rdb = NULL;
int nmin = 0, ndays = -1;
+ const EVP_MD *cert_id_md = NULL;
if (bio_err == NULL)
bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
@@ -147,7 +180,7 @@
SSL_load_error_strings();
OpenSSL_add_ssl_algorithms();
args = argv + 1;
- reqnames = sk_new_null();
+ reqnames = sk_OPENSSL_STRING_new_null();
ids = sk_OCSP_CERTID_new_null();
while (!badarg && *args && *args[0] == '-') {
if (!strcmp(*args, "-out")) {
@@ -196,6 +229,13 @@
port = *args;
} else
badarg = 1;
+ } else if (!strcmp(*args, "-header")) {
+ if (args[1] && args[2]) {
+ if (!X509V3_add_value(args[1], args[2], &headers))
+ goto end;
+ args += 2;
+ } else
+ badarg = 1;
} else if (!strcmp(*args, "-ignore_err"))
ignore_err = 1;
else if (!strcmp(*args, "-noverify"))
@@ -343,9 +383,11 @@
NULL, e, "certificate");
if (!cert)
goto end;
- if (!add_ocsp_cert(&req, cert, issuer, ids))
+ if (!cert_id_md)
+ cert_id_md = EVP_sha1();
+ if (!add_ocsp_cert(&req, cert, cert_id_md, issuer, ids))
goto end;
- if (!sk_push(reqnames, *args))
+ if (!sk_OPENSSL_STRING_push(reqnames, *args))
goto end;
} else
badarg = 1;
@@ -352,9 +394,11 @@
} else if (!strcmp(*args, "-serial")) {
if (args[1]) {
args++;
- if (!add_ocsp_serial(&req, *args, issuer, ids))
+ if (!cert_id_md)
+ cert_id_md = EVP_sha1();
+ if (!add_ocsp_serial(&req, *args, cert_id_md, issuer, ids))
goto end;
- if (!sk_push(reqnames, *args))
+ if (!sk_OPENSSL_STRING_push(reqnames, *args))
goto end;
} else
badarg = 1;
@@ -421,8 +465,9 @@
rcertfile = *args;
} else
badarg = 1;
- } else
+ } else if ((cert_id_md = EVP_get_digestbyname((*args) + 1)) == NULL) {
badarg = 1;
+ }
args++;
}
@@ -434,85 +479,94 @@
BIO_printf(bio_err, "OCSP utility\n");
BIO_printf(bio_err, "Usage ocsp [options]\n");
BIO_printf(bio_err, "where options are\n");
- BIO_printf(bio_err, "-out file output filename\n");
- BIO_printf(bio_err, "-issuer file issuer certificate\n");
- BIO_printf(bio_err, "-cert file certificate to check\n");
- BIO_printf(bio_err, "-serial n serial number to check\n");
+ BIO_printf(bio_err, "-out file output filename\n");
+ BIO_printf(bio_err, "-issuer file issuer certificate\n");
+ BIO_printf(bio_err, "-cert file certificate to check\n");
+ BIO_printf(bio_err, "-serial n serial number to check\n");
BIO_printf(bio_err,
- "-signer file certificate to sign OCSP request with\n");
+ "-signer file certificate to sign OCSP request with\n");
BIO_printf(bio_err,
- "-signkey file private key to sign OCSP request with\n");
+ "-signkey file private key to sign OCSP request with\n");
BIO_printf(bio_err,
- "-sign_other file additional certificates to include in signed request\n");
+ "-sign_other file additional certificates to include in signed request\n");
BIO_printf(bio_err,
- "-no_certs don't include any certificates in signed request\n");
+ "-no_certs don't include any certificates in signed request\n");
BIO_printf(bio_err,
- "-req_text print text form of request\n");
+ "-req_text print text form of request\n");
BIO_printf(bio_err,
- "-resp_text print text form of response\n");
+ "-resp_text print text form of response\n");
BIO_printf(bio_err,
- "-text print text form of request and response\n");
+ "-text print text form of request and response\n");
BIO_printf(bio_err,
- "-reqout file write DER encoded OCSP request to \"file\"\n");
+ "-reqout file write DER encoded OCSP request to \"file\"\n");
BIO_printf(bio_err,
- "-respout file write DER encoded OCSP reponse to \"file\"\n");
+ "-respout file write DER encoded OCSP reponse to \"file\"\n");
BIO_printf(bio_err,
- "-reqin file read DER encoded OCSP request from \"file\"\n");
+ "-reqin file read DER encoded OCSP request from \"file\"\n");
BIO_printf(bio_err,
- "-respin file read DER encoded OCSP reponse from \"file\"\n");
- BIO_printf(bio_err, "-nonce add OCSP nonce to request\n");
+ "-respin file read DER encoded OCSP reponse from \"file\"\n");
BIO_printf(bio_err,
- "-no_nonce don't add OCSP nonce to request\n");
- BIO_printf(bio_err, "-url URL OCSP responder URL\n");
+ "-nonce add OCSP nonce to request\n");
BIO_printf(bio_err,
- "-host host:n send OCSP request to host on port n\n");
+ "-no_nonce don't add OCSP nonce to request\n");
+ BIO_printf(bio_err, "-url URL OCSP responder URL\n");
BIO_printf(bio_err,
- "-path path to use in OCSP request\n");
+ "-host host:n send OCSP request to host on port n\n");
BIO_printf(bio_err,
- "-CApath dir trusted certificates directory\n");
- BIO_printf(bio_err, "-CAfile file trusted certificates file\n");
+ "-path path to use in OCSP request\n");
BIO_printf(bio_err,
- "-VAfile file validator certificates file\n");
+ "-CApath dir trusted certificates directory\n");
BIO_printf(bio_err,
- "-validity_period n maximum validity discrepancy in seconds\n");
+ "-CAfile file trusted certificates file\n");
BIO_printf(bio_err,
- "-status_age n maximum status age in seconds\n");
+ "-no_alt_chains only ever use the first certificate chain found\n");
BIO_printf(bio_err,
- "-noverify don't verify response at all\n");
+ "-VAfile file validator certificates file\n");
BIO_printf(bio_err,
- "-verify_other file additional certificates to search for signer\n");
+ "-validity_period n maximum validity discrepancy in seconds\n");
BIO_printf(bio_err,
- "-trust_other don't verify additional certificates\n");
+ "-status_age n maximum status age in seconds\n");
BIO_printf(bio_err,
- "-no_intern don't search certificates contained in response for signer\n");
+ "-noverify don't verify response at all\n");
BIO_printf(bio_err,
+ "-verify_other file additional certificates to search for signer\n");
+ BIO_printf(bio_err,
+ "-trust_other don't verify additional certificates\n");
+ BIO_printf(bio_err,
+ "-no_intern don't search certificates contained in response for signer\n");
+ BIO_printf(bio_err,
"-no_signature_verify don't check signature on response\n");
BIO_printf(bio_err,
- "-no_cert_verify don't check signing certificate\n");
+ "-no_cert_verify don't check signing certificate\n");
BIO_printf(bio_err,
- "-no_chain don't chain verify response\n");
+ "-no_chain don't chain verify response\n");
BIO_printf(bio_err,
- "-no_cert_checks don't do additional checks on signing certificate\n");
- BIO_printf(bio_err, "-port num port to run responder on\n");
+ "-no_cert_checks don't do additional checks on signing certificate\n");
BIO_printf(bio_err,
- "-index file certificate status index file\n");
- BIO_printf(bio_err, "-CA file CA certificate\n");
+ "-port num port to run responder on\n");
BIO_printf(bio_err,
- "-rsigner file responder certificate to sign responses with\n");
+ "-index file certificate status index file\n");
+ BIO_printf(bio_err, "-CA file CA certificate\n");
BIO_printf(bio_err,
- "-rkey file responder key to sign responses with\n");
+ "-rsigner file responder certificate to sign responses with\n");
BIO_printf(bio_err,
- "-rother file other certificates to include in response\n");
+ "-rkey file responder key to sign responses with\n");
BIO_printf(bio_err,
- "-resp_no_certs don't include any certificates in response\n");
+ "-rother file other certificates to include in response\n");
BIO_printf(bio_err,
- "-nmin n number of minutes before next update\n");
+ "-resp_no_certs don't include any certificates in response\n");
BIO_printf(bio_err,
- "-ndays n number of days before next update\n");
+ "-nmin n number of minutes before next update\n");
BIO_printf(bio_err,
- "-resp_key_id identify reponse by signing certificate key ID\n");
+ "-ndays n number of days before next update\n");
BIO_printf(bio_err,
- "-nrequest n number of requests to accept (default unlimited)\n");
+ "-resp_key_id identify reponse by signing certificate key ID\n");
+ BIO_printf(bio_err,
+ "-nrequest n number of requests to accept (default unlimited)\n");
+ BIO_printf(bio_err,
+ "-<dgst alg> use specified digest in the request\n");
+ BIO_printf(bio_err,
+ "-timeout n timeout connection to OCSP responder after n seconds\n");
goto end;
}
@@ -615,8 +669,9 @@
"signer private key");
if (!key)
goto end;
+
if (!OCSP_request_sign
- (req, signer, key, EVP_sha1(), sign_other, sign_flags)) {
+ (req, signer, key, NULL, sign_other, sign_flags)) {
BIO_printf(bio_err, "Error signing OCSP request\n");
goto end;
}
@@ -657,7 +712,7 @@
} else if (host) {
# ifndef OPENSSL_NO_SOCK
resp = process_responder(bio_err, req, host, path,
- port, use_ssl, req_timeout);
+ port, use_ssl, headers, req_timeout);
if (!resp)
goto end;
# else
@@ -788,10 +843,11 @@
OCSP_REQUEST_free(req);
OCSP_RESPONSE_free(resp);
OCSP_BASICRESP_free(bs);
- sk_free(reqnames);
+ sk_OPENSSL_STRING_free(reqnames);
sk_OCSP_CERTID_free(ids);
sk_X509_pop_free(sign_other, X509_free);
sk_X509_pop_free(verify_other, X509_free);
+ sk_CONF_VALUE_pop_free(headers, X509V3_conf_free);
if (thost)
OPENSSL_free(thost);
@@ -803,7 +859,8 @@
OPENSSL_EXIT(ret);
}
-static int add_ocsp_cert(OCSP_REQUEST **req, X509 *cert, X509 *issuer,
+static int add_ocsp_cert(OCSP_REQUEST **req, X509 *cert,
+ const EVP_MD *cert_id_md, X509 *issuer,
STACK_OF(OCSP_CERTID) *ids)
{
OCSP_CERTID *id;
@@ -815,7 +872,7 @@
*req = OCSP_REQUEST_new();
if (!*req)
goto err;
- id = OCSP_cert_to_id(NULL, cert, issuer);
+ id = OCSP_cert_to_id(cert_id_md, cert, issuer);
if (!id || !sk_OCSP_CERTID_push(ids, id))
goto err;
if (!OCSP_request_add0_id(*req, id))
@@ -827,7 +884,8 @@
return 0;
}
-static int add_ocsp_serial(OCSP_REQUEST **req, char *serial, X509 *issuer,
+static int add_ocsp_serial(OCSP_REQUEST **req, char *serial,
+ const EVP_MD *cert_id_md, X509 *issuer,
STACK_OF(OCSP_CERTID) *ids)
{
OCSP_CERTID *id;
@@ -849,7 +907,7 @@
BIO_printf(bio_err, "Error converting serial number %s\n", serial);
return 0;
}
- id = OCSP_cert_id_new(EVP_sha1(), iname, ikey, sno);
+ id = OCSP_cert_id_new(cert_id_md, iname, ikey, sno);
ASN1_INTEGER_free(sno);
if (!id || !sk_OCSP_CERTID_push(ids, id))
goto err;
@@ -863,8 +921,9 @@
}
static int print_ocsp_summary(BIO *out, OCSP_BASICRESP *bs, OCSP_REQUEST *req,
- STACK * names, STACK_OF(OCSP_CERTID) *ids,
- long nsec, long maxage)
+ STACK_OF(OPENSSL_STRING) *names,
+ STACK_OF(OCSP_CERTID) *ids, long nsec,
+ long maxage)
{
OCSP_CERTID *id;
char *name;
@@ -874,12 +933,13 @@
ASN1_GENERALIZEDTIME *rev, *thisupd, *nextupd;
- if (!bs || !req || !sk_num(names) || !sk_OCSP_CERTID_num(ids))
+ if (!bs || !req || !sk_OPENSSL_STRING_num(names)
+ || !sk_OCSP_CERTID_num(ids))
return 1;
for (i = 0; i < sk_OCSP_CERTID_num(ids); i++) {
id = sk_OCSP_CERTID_value(ids, i);
- name = sk_value(names, i);
+ name = sk_OPENSSL_STRING_value(names, i);
BIO_printf(out, "%s: ", name);
if (!OCSP_resp_find_status(bs, id, &status, &reason,
@@ -940,8 +1000,6 @@
goto end;
}
- ca_id = OCSP_cert_to_id(EVP_sha1(), NULL, ca);
-
bs = OCSP_BASICRESP_new();
thisupd = X509_gmtime_adj(NULL, 0);
if (ndays != -1)
@@ -952,8 +1010,23 @@
OCSP_ONEREQ *one;
ASN1_INTEGER *serial;
char **inf;
+ ASN1_OBJECT *cert_id_md_oid;
+ const EVP_MD *cert_id_md;
one = OCSP_request_onereq_get0(req, i);
cid = OCSP_onereq_get0_id(one);
+
+ OCSP_id_get0_info(NULL, &cert_id_md_oid, NULL, NULL, cid);
+
+ cert_id_md = EVP_get_digestbyobj(cert_id_md_oid);
+ if (!cert_id_md) {
+ *resp = OCSP_response_create(OCSP_RESPONSE_STATUS_INTERNALERROR,
+ NULL);
+ goto end;
+ }
+ if (ca_id)
+ OCSP_CERTID_free(ca_id);
+ ca_id = OCSP_cert_to_id(cert_id_md, NULL, ca);
+
/* Is this request about our CA? */
if (OCSP_id_issuer_cmp(ca_id, cid)) {
OCSP_basic_add1_status(bs, cid,
@@ -996,7 +1069,7 @@
OCSP_copy_nonce(bs, req);
- OCSP_basic_sign(bs, rcert, rkey, EVP_sha1(), rother, flags);
+ OCSP_basic_sign(bs, rcert, rkey, NULL, rother, flags);
*resp = OCSP_response_create(OCSP_RESPONSE_STATUS_SUCCESSFUL, bs);
@@ -1126,10 +1199,12 @@
}
static OCSP_RESPONSE *query_responder(BIO *err, BIO *cbio, char *path,
+ STACK_OF(CONF_VALUE) *headers,
OCSP_REQUEST *req, int req_timeout)
{
int fd;
int rv;
+ int i;
OCSP_REQ_CTX *ctx = NULL;
OCSP_RESPONSE *rsp = NULL;
fd_set confds;
@@ -1145,15 +1220,12 @@
return NULL;
}
- if (req_timeout == -1)
- return OCSP_sendreq_bio(cbio, path, req);
-
if (BIO_get_fd(cbio, &fd) <= 0) {
BIO_puts(err, "Can't get connection fd\n");
goto err;
}
- if (rv <= 0) {
+ if (req_timeout != -1 && rv <= 0) {
FD_ZERO(&confds);
openssl_fdset(fd, &confds);
tv.tv_usec = 0;
@@ -1165,14 +1237,25 @@
}
}
- ctx = OCSP_sendreq_new(cbio, path, req, -1);
+ ctx = OCSP_sendreq_new(cbio, path, NULL, -1);
if (!ctx)
return NULL;
+ for (i = 0; i < sk_CONF_VALUE_num(headers); i++) {
+ CONF_VALUE *hdr = sk_CONF_VALUE_value(headers, i);
+ if (!OCSP_REQ_CTX_add1_header(ctx, hdr->name, hdr->value))
+ goto err;
+ }
+
+ if (!OCSP_REQ_CTX_set1_req(ctx, req))
+ goto err;
+
for (;;) {
rv = OCSP_sendreq_nbio(&rsp, ctx);
if (rv != -1)
break;
+ if (req_timeout == -1)
+ continue;
FD_ZERO(&confds);
openssl_fdset(fd, &confds);
tv.tv_usec = 0;
@@ -1204,7 +1287,8 @@
OCSP_RESPONSE *process_responder(BIO *err, OCSP_REQUEST *req,
char *host, char *path, char *port,
- int use_ssl, int req_timeout)
+ int use_ssl, STACK_OF(CONF_VALUE) *headers,
+ int req_timeout)
{
BIO *cbio = NULL;
SSL_CTX *ctx = NULL;
@@ -1218,16 +1302,7 @@
BIO_set_conn_port(cbio, port);
if (use_ssl == 1) {
BIO *sbio;
-# if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
ctx = SSL_CTX_new(SSLv23_client_method());
-# elif !defined(OPENSSL_NO_SSL3)
- ctx = SSL_CTX_new(SSLv3_client_method());
-# elif !defined(OPENSSL_NO_SSL2)
- ctx = SSL_CTX_new(SSLv2_client_method());
-# else
- BIO_printf(err, "SSL is disabled\n");
- goto end;
-# endif
if (ctx == NULL) {
BIO_printf(err, "Error creating SSL context.\n");
goto end;
@@ -1236,14 +1311,14 @@
sbio = BIO_new_ssl(ctx, 1);
cbio = BIO_push(sbio, cbio);
}
- resp = query_responder(err, cbio, path, req, req_timeout);
+ resp = query_responder(err, cbio, path, headers, req, req_timeout);
if (!resp)
BIO_printf(bio_err, "Error querying OCSP responder\n");
end:
+ if (cbio)
+ BIO_free_all(cbio);
if (ctx)
SSL_CTX_free(ctx);
- if (cbio)
- BIO_free_all(cbio);
return resp;
}
Modified: trunk/crypto/openssl/apps/openssl.c
===================================================================
--- trunk/crypto/openssl/apps/openssl.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/apps/openssl.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -117,6 +117,7 @@
#include "apps.h"
#include <openssl/bio.h>
#include <openssl/crypto.h>
+#include <openssl/rand.h>
#include <openssl/lhash.h>
#include <openssl/conf.h>
#include <openssl/x509.h>
@@ -130,6 +131,9 @@
#include "progs.h"
#include "s_apps.h"
#include <openssl/err.h>
+#ifdef OPENSSL_FIPS
+# include <openssl/fips.h>
+#endif
/*
* The LHASH callbacks ("hash" & "cmp") have been replaced by functions with
@@ -138,12 +142,11 @@
* macro-generated wrapper functions.
*/
-/* static unsigned long MS_CALLBACK hash(FUNCTION *a); */
-static unsigned long MS_CALLBACK hash(const void *a_void);
-/* static int MS_CALLBACK cmp(FUNCTION *a,FUNCTION *b); */
-static int MS_CALLBACK cmp(const void *a_void, const void *b_void);
-static LHASH *prog_init(void);
-static int do_cmd(LHASH *prog, int argc, char *argv[]);
+static LHASH_OF(FUNCTION) *prog_init(void);
+static int do_cmd(LHASH_OF(FUNCTION) *prog, int argc, char *argv[]);
+static void list_pkey(BIO *out);
+static void list_cipher(BIO *out);
+static void list_md(BIO *out);
char *default_config_file = NULL;
/* Make sure there is only one when MONOLITH is defined */
@@ -150,7 +153,6 @@
#ifdef MONOLITH
CONF *config = NULL;
BIO *bio_err = NULL;
-int in_FIPS_mode = 0;
#endif
static void lock_dbg_cb(int mode, int type, const char *file, int line)
@@ -207,7 +209,13 @@
}
}
-int main(int Argc, char *Argv[])
+#if defined( OPENSSL_SYS_VMS) && (__INITIAL_POINTER_SIZE == 64)
+# define ARGV _Argv
+#else
+# define ARGV Argv
+#endif
+
+int main(int Argc, char *ARGV[])
{
ARGS arg;
#define PROG_NAME_SIZE 39
@@ -219,28 +227,63 @@
int n, i, ret = 0;
int argc;
char **argv, *p;
- LHASH *prog = NULL;
+ LHASH_OF(FUNCTION) *prog = NULL;
long errline;
- arg.data = NULL;
- arg.count = 0;
+#if defined( OPENSSL_SYS_VMS) && (__INITIAL_POINTER_SIZE == 64)
+ /*-
+ * 2011-03-22 SMS.
+ * If we have 32-bit pointers everywhere, then we're safe, and
+ * we bypass this mess, as on non-VMS systems. (See ARGV,
+ * above.)
+ * Problem 1: Compaq/HP C before V7.3 always used 32-bit
+ * pointers for argv[].
+ * Fix 1: For a 32-bit argv[], when we're using 64-bit pointers
+ * everywhere else, we always allocate and use a 64-bit
+ * duplicate of argv[].
+ * Problem 2: Compaq/HP C V7.3 (Alpha, IA64) before ECO1 failed
+ * to NULL-terminate a 64-bit argv[]. (As this was written, the
+ * compiler ECO was available only on IA64.)
+ * Fix 2: Unless advised not to (VMS_TRUST_ARGV), we test a
+ * 64-bit argv[argc] for NULL, and, if necessary, use a
+ * (properly) NULL-terminated (64-bit) duplicate of argv[].
+ * The same code is used in either case to duplicate argv[].
+ * Some of these decisions could be handled in preprocessing,
+ * but the code tends to get even uglier, and the penalty for
+ * deciding at compile- or run-time is tiny.
+ */
+ char **Argv = NULL;
+ int free_Argv = 0;
- in_FIPS_mode = 0;
-
- if (getenv("OPENSSL_FIPS")) {
-#ifdef OPENSSL_FIPS
- if (!FIPS_mode_set(1)) {
- ERR_load_crypto_strings();
- ERR_print_errors(BIO_new_fp(stderr, BIO_NOCLOSE));
- EXIT(1);
+ if ((sizeof(_Argv) < 8) /* 32-bit argv[]. */
+# if !defined( VMS_TRUST_ARGV)
+ || (_Argv[Argc] != NULL) /* Untrusted argv[argc] not NULL. */
+# endif
+ ) {
+ int i;
+ Argv = OPENSSL_malloc((Argc + 1) * sizeof(char *));
+ if (Argv == NULL) {
+ ret = -1;
+ goto end;
}
- in_FIPS_mode = 1;
-#else
- fprintf(stderr, "FIPS mode not supported.\n");
- EXIT(1);
-#endif
+ for (i = 0; i < Argc; i++)
+ Argv[i] = _Argv[i];
+ Argv[Argc] = NULL; /* Certain NULL termination. */
+ free_Argv = 1;
+ } else {
+ /*
+ * Use the known-good 32-bit argv[] (which needs the type cast to
+ * satisfy the compiler), or the trusted or tested-good 64-bit argv[]
+ * as-is.
+ */
+ Argv = (char **)_Argv;
}
+#endif /* defined( OPENSSL_SYS_VMS) &&
+ * (__INITIAL_POINTER_SIZE == 64) */
+ arg.data = NULL;
+ arg.count = 0;
+
if (bio_err == NULL)
if ((bio_err = BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
@@ -265,6 +308,19 @@
CRYPTO_set_locking_callback(lock_dbg_cb);
}
+ if (getenv("OPENSSL_FIPS")) {
+#ifdef OPENSSL_FIPS
+ if (!FIPS_mode_set(1)) {
+ ERR_load_crypto_strings();
+ ERR_print_errors(BIO_new_fp(stderr, BIO_NOCLOSE));
+ EXIT(1);
+ }
+#else
+ fprintf(stderr, "FIPS mode not supported.\n");
+ EXIT(1);
+#endif
+ }
+
apps_startup();
/* Lets load up our environment a little */
@@ -279,9 +335,17 @@
config = NCONF_new(NULL);
i = NCONF_load(config, p, &errline);
if (i == 0) {
- NCONF_free(config);
- config = NULL;
- ERR_clear_error();
+ if (ERR_GET_REASON(ERR_peek_last_error())
+ == CONF_R_NO_SUCH_FILE) {
+ BIO_printf(bio_err, "WARNING: can't open config file: %s\n", p);
+ ERR_clear_error();
+ NCONF_free(config);
+ config = NULL;
+ } else {
+ ERR_print_errors(bio_err);
+ NCONF_free(config);
+ exit(1);
+ }
}
prog = prog_init();
@@ -290,7 +354,7 @@
program_name(Argv[0], pname, sizeof pname);
f.name = pname;
- fp = (FUNCTION *) lh_retrieve(prog, &f);
+ fp = lh_FUNCTION_retrieve(prog, &f);
if (fp != NULL) {
Argv[0] = pname;
ret = fp->func(Argc, Argv);
@@ -360,25 +424,34 @@
config = NULL;
}
if (prog != NULL)
- lh_free(prog);
+ lh_FUNCTION_free(prog);
if (arg.data != NULL)
OPENSSL_free(arg.data);
+#if defined( OPENSSL_SYS_VMS) && (__INITIAL_POINTER_SIZE == 64)
+ /* Free any duplicate Argv[] storage. */
+ if (free_Argv) {
+ OPENSSL_free(Argv);
+ }
+#endif
apps_shutdown();
-
CRYPTO_mem_leaks(bio_err);
if (bio_err != NULL) {
BIO_free(bio_err);
bio_err = NULL;
}
+
OPENSSL_EXIT(ret);
}
#define LIST_STANDARD_COMMANDS "list-standard-commands"
#define LIST_MESSAGE_DIGEST_COMMANDS "list-message-digest-commands"
+#define LIST_MESSAGE_DIGEST_ALGORITHMS "list-message-digest-algorithms"
#define LIST_CIPHER_COMMANDS "list-cipher-commands"
+#define LIST_CIPHER_ALGORITHMS "list-cipher-algorithms"
+#define LIST_PUBLIC_KEY_ALGORITHMS "list-public-key-algorithms"
-static int do_cmd(LHASH *prog, int argc, char *argv[])
+static int do_cmd(LHASH_OF(FUNCTION) *prog, int argc, char *argv[])
{
FUNCTION f, *fp;
int i, ret = 1, tp, nl;
@@ -388,7 +461,18 @@
goto end;
}
f.name = argv[0];
- fp = (FUNCTION *) lh_retrieve(prog, &f);
+ fp = lh_FUNCTION_retrieve(prog, &f);
+ if (fp == NULL) {
+ if (EVP_get_digestbyname(argv[0])) {
+ f.type = FUNC_TYPE_MD;
+ f.func = dgst_main;
+ fp = &f;
+ } else if (EVP_get_cipherbyname(argv[0])) {
+ f.type = FUNC_TYPE_CIPHER;
+ f.func = enc_main;
+ fp = &f;
+ }
+ }
if (fp != NULL) {
ret = fp->func(argc, argv);
} else if ((strncmp(argv[0], "no-", 3)) == 0) {
@@ -400,7 +484,7 @@
}
#endif
f.name = argv[0] + 3;
- ret = (lh_retrieve(prog, &f) != NULL);
+ ret = (lh_FUNCTION_retrieve(prog, &f) != NULL);
if (!ret)
BIO_printf(bio_stdout, "%s\n", argv[0]);
else
@@ -415,7 +499,10 @@
goto end;
} else if ((strcmp(argv[0], LIST_STANDARD_COMMANDS) == 0) ||
(strcmp(argv[0], LIST_MESSAGE_DIGEST_COMMANDS) == 0) ||
- (strcmp(argv[0], LIST_CIPHER_COMMANDS) == 0)) {
+ (strcmp(argv[0], LIST_MESSAGE_DIGEST_ALGORITHMS) == 0) ||
+ (strcmp(argv[0], LIST_CIPHER_COMMANDS) == 0) ||
+ (strcmp(argv[0], LIST_CIPHER_ALGORITHMS) == 0) ||
+ (strcmp(argv[0], LIST_PUBLIC_KEY_ALGORITHMS) == 0)) {
int list_type;
BIO *bio_stdout;
@@ -423,6 +510,12 @@
list_type = FUNC_TYPE_GENERAL;
else if (strcmp(argv[0], LIST_MESSAGE_DIGEST_COMMANDS) == 0)
list_type = FUNC_TYPE_MD;
+ else if (strcmp(argv[0], LIST_MESSAGE_DIGEST_ALGORITHMS) == 0)
+ list_type = FUNC_TYPE_MD_ALG;
+ else if (strcmp(argv[0], LIST_PUBLIC_KEY_ALGORITHMS) == 0)
+ list_type = FUNC_TYPE_PKEY;
+ else if (strcmp(argv[0], LIST_CIPHER_ALGORITHMS) == 0)
+ list_type = FUNC_TYPE_CIPHER_ALG;
else /* strcmp(argv[0],LIST_CIPHER_COMMANDS) == 0 */
list_type = FUNC_TYPE_CIPHER;
bio_stdout = BIO_new_fp(stdout, BIO_NOCLOSE);
@@ -433,9 +526,20 @@
}
#endif
- for (fp = functions; fp->name != NULL; fp++)
- if (fp->type == list_type)
- BIO_printf(bio_stdout, "%s\n", fp->name);
+ if (!load_config(bio_err, NULL))
+ goto end;
+
+ if (list_type == FUNC_TYPE_PKEY)
+ list_pkey(bio_stdout);
+ if (list_type == FUNC_TYPE_MD_ALG)
+ list_md(bio_stdout);
+ if (list_type == FUNC_TYPE_CIPHER_ALG)
+ list_cipher(bio_stdout);
+ else {
+ for (fp = functions; fp->name != NULL; fp++)
+ if (fp->type == list_type)
+ BIO_printf(bio_stdout, "%s\n", fp->name);
+ }
BIO_free_all(bio_stdout);
ret = 0;
goto end;
@@ -493,9 +597,89 @@
return strcmp(f1->name, f2->name);
}
-static LHASH *prog_init(void)
+static void list_pkey(BIO *out)
{
- LHASH *ret;
+ int i;
+ for (i = 0; i < EVP_PKEY_asn1_get_count(); i++) {
+ const EVP_PKEY_ASN1_METHOD *ameth;
+ int pkey_id, pkey_base_id, pkey_flags;
+ const char *pinfo, *pem_str;
+ ameth = EVP_PKEY_asn1_get0(i);
+ EVP_PKEY_asn1_get0_info(&pkey_id, &pkey_base_id, &pkey_flags,
+ &pinfo, &pem_str, ameth);
+ if (pkey_flags & ASN1_PKEY_ALIAS) {
+ BIO_printf(out, "Name: %s\n", OBJ_nid2ln(pkey_id));
+ BIO_printf(out, "\tType: Alias to %s\n",
+ OBJ_nid2ln(pkey_base_id));
+ } else {
+ BIO_printf(out, "Name: %s\n", pinfo);
+ BIO_printf(out, "\tType: %s Algorithm\n",
+ pkey_flags & ASN1_PKEY_DYNAMIC ?
+ "External" : "Builtin");
+ BIO_printf(out, "\tOID: %s\n", OBJ_nid2ln(pkey_id));
+ if (pem_str == NULL)
+ pem_str = "(none)";
+ BIO_printf(out, "\tPEM string: %s\n", pem_str);
+ }
+
+ }
+}
+
+static void list_cipher_fn(const EVP_CIPHER *c,
+ const char *from, const char *to, void *arg)
+{
+ if (c)
+ BIO_printf(arg, "%s\n", EVP_CIPHER_name(c));
+ else {
+ if (!from)
+ from = "<undefined>";
+ if (!to)
+ to = "<undefined>";
+ BIO_printf(arg, "%s => %s\n", from, to);
+ }
+}
+
+static void list_cipher(BIO *out)
+{
+ EVP_CIPHER_do_all_sorted(list_cipher_fn, out);
+}
+
+static void list_md_fn(const EVP_MD *m,
+ const char *from, const char *to, void *arg)
+{
+ if (m)
+ BIO_printf(arg, "%s\n", EVP_MD_name(m));
+ else {
+ if (!from)
+ from = "<undefined>";
+ if (!to)
+ to = "<undefined>";
+ BIO_printf(arg, "%s => %s\n", from, to);
+ }
+}
+
+static void list_md(BIO *out)
+{
+ EVP_MD_do_all_sorted(list_md_fn, out);
+}
+
+static int MS_CALLBACK function_cmp(const FUNCTION * a, const FUNCTION * b)
+{
+ return strncmp(a->name, b->name, 8);
+}
+
+static IMPLEMENT_LHASH_COMP_FN(function, FUNCTION)
+
+static unsigned long MS_CALLBACK function_hash(const FUNCTION * a)
+{
+ return lh_strhash(a->name);
+}
+
+static IMPLEMENT_LHASH_HASH_FN(function, FUNCTION)
+
+static LHASH_OF(FUNCTION) *prog_init(void)
+{
+ LHASH_OF(FUNCTION) *ret;
FUNCTION *f;
size_t i;
@@ -503,23 +687,10 @@
for (i = 0, f = functions; f->name != NULL; ++f, ++i) ;
qsort(functions, i, sizeof *functions, SortFnByName);
- if ((ret = lh_new(hash, cmp)) == NULL)
+ if ((ret = lh_FUNCTION_new()) == NULL)
return (NULL);
for (f = functions; f->name != NULL; f++)
- lh_insert(ret, f);
+ (void)lh_FUNCTION_insert(ret, f);
return (ret);
}
-
-/* static int MS_CALLBACK cmp(FUNCTION *a, FUNCTION *b) */
-static int MS_CALLBACK cmp(const void *a_void, const void *b_void)
-{
- return (strncmp(((const FUNCTION *)a_void)->name,
- ((const FUNCTION *)b_void)->name, 8));
-}
-
-/* static unsigned long MS_CALLBACK hash(FUNCTION *a) */
-static unsigned long MS_CALLBACK hash(const void *a_void)
-{
- return (lh_strhash(((const FUNCTION *)a_void)->name));
-}
Modified: trunk/crypto/openssl/apps/openssl.cnf
===================================================================
--- trunk/crypto/openssl/apps/openssl.cnf 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/apps/openssl.cnf 2015-07-21 23:23:45 UTC (rev 7118)
@@ -21,12 +21,17 @@
[ new_oids ]
-# We can add new OIDs in here for use by 'ca' and 'req'.
+# We can add new OIDs in here for use by 'ca', 'req' and 'ts'.
# Add a simple OID like this:
# testoid1=1.2.3.4
# Or use config file substitution like this:
# testoid2=${testoid1}.5.6
+# Policies used by the TSA examples.
+tsa_policy1 = 1.2.3.4.1
+tsa_policy2 = 1.2.3.4.5.6
+tsa_policy3 = 1.2.3.4.5.7
+
####################################################################
[ ca ]
default_ca = CA_default # The default ca section
@@ -67,7 +72,7 @@
default_days = 365 # how long to certify for
default_crl_days= 30 # how long before next CRL
-default_md = sha1 # which md to use.
+default_md = default # use public key default MD
preserve = no # keep passed DN ordering
# A few difference way of specifying how similar the request should look
@@ -110,13 +115,12 @@
# This sets a mask for permitted string types. There are several options.
# default: PrintableString, T61String, BMPString.
-# pkix : PrintableString, BMPString.
-# utf8only: only UTF8Strings.
+# pkix : PrintableString, BMPString (PKIX recommendation before 2004)
+# utf8only: only UTF8Strings (PKIX recommendation after 2004).
# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings).
# MASK:XXXX a literal mask value.
-# WARNING: current versions of Netscape crash on BMPStrings or UTF8Strings
-# so use this option with caution!
-string_mask = nombstr
+# WARNING: ancient versions of Netscape crash on BMPStrings or UTF8Strings.
+string_mask = utf8only
# req_extensions = v3_req # The extensions to add to a certificate request
@@ -207,6 +211,9 @@
#nsCaPolicyUrl
#nsSslServerName
+# This is required for TSA certificates.
+# extendedKeyUsage = critical,timeStamping
+
[ v3_req ]
# Extensions to add to a certificate request
@@ -224,7 +231,7 @@
subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid:always,issuer:always
+authorityKeyIdentifier=keyid:always,issuer
# This is what PKIX recommends but some broken software chokes on critical
# extensions.
@@ -257,7 +264,7 @@
# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
# issuerAltName=issuer:copy
-authorityKeyIdentifier=keyid:always,issuer:always
+authorityKeyIdentifier=keyid:always
[ proxy_cert_ext ]
# These extensions should be added when creating a proxy certificate
@@ -290,7 +297,7 @@
# PKIX recommendations harmless if included in all certificates.
subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer:always
+authorityKeyIdentifier=keyid,issuer
# This stuff is for subjectAltName and issuerAltname.
# Import the email address.
@@ -311,3 +318,33 @@
# This really needs to be in place for it to be a proxy certificate.
proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:3,policy:foo
+
+####################################################################
+[ tsa ]
+
+default_tsa = tsa_config1 # the default TSA section
+
+[ tsa_config1 ]
+
+# These are used by the TSA reply generation only.
+dir = ./demoCA # TSA root directory
+serial = $dir/tsaserial # The current serial number (mandatory)
+crypto_device = builtin # OpenSSL engine to use for signing
+signer_cert = $dir/tsacert.pem # The TSA signing certificate
+ # (optional)
+certs = $dir/cacert.pem # Certificate chain to include in reply
+ # (optional)
+signer_key = $dir/private/tsakey.pem # The TSA private key (optional)
+
+default_policy = tsa_policy1 # Policy if request did not specify it
+ # (optional)
+other_policies = tsa_policy2, tsa_policy3 # acceptable policies (optional)
+digests = md5, sha1 # Acceptable message digests (mandatory)
+accuracy = secs:1, millisecs:500, microsecs:100 # (optional)
+clock_precision_digits = 0 # number of digits after dot. (optional)
+ordering = yes # Is ordering defined for timestamps?
+ # (optional, default: no)
+tsa_name = yes # Must the TSA name be included in the reply?
+ # (optional, default: no)
+ess_cert_id_chain = no # Must the ESS cert id chain be included?
+ # (optional, default: no)
Modified: trunk/crypto/openssl/apps/pkcs12.c
===================================================================
--- trunk/crypto/openssl/apps/pkcs12.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/apps/pkcs12.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -69,12 +69,6 @@
# include <openssl/pem.h>
# include <openssl/pkcs12.h>
-# ifdef OPENSSL_SYS_NETWARE
-/* Rename these functions to avoid name clashes on NetWare OS */
-# define uni2asc OPENSSL_uni2asc
-# define asc2uni OPENSSL_asc2uni
-# endif
-
# define PROG pkcs12_main
const EVP_CIPHER *enc;
@@ -98,6 +92,7 @@
void hex_prin(BIO *out, unsigned char *buf, int len);
int alg_print(BIO *x, X509_ALGOR *alg);
int cert_load(BIO *in, STACK_OF(X509) *sk);
+static int set_pbe(BIO *err, int *ppbe, const char *str);
int MAIN(int, char **);
@@ -126,11 +121,12 @@
int ret = 1;
int macver = 1;
int noprompt = 0;
- STACK *canames = NULL;
+ STACK_OF(OPENSSL_STRING) *canames = NULL;
char *cpass = NULL, *mpass = NULL;
char *passargin = NULL, *passargout = NULL, *passarg = NULL;
char *passin = NULL, *passout = NULL;
char *inrand = NULL;
+ char *macalg = NULL;
char *CApath = NULL, *CAfile = NULL;
# ifndef OPENSSL_NO_ENGINE
char *engine = NULL;
@@ -218,35 +214,19 @@
maciter = 1;
else if (!strcmp(*args, "-nomac"))
maciter = -1;
- else if (!strcmp(*args, "-nodes"))
- enc = NULL;
- else if (!strcmp(*args, "-certpbe")) {
+ else if (!strcmp(*args, "-macalg"))
if (args[1]) {
args++;
- if (!strcmp(*args, "NONE"))
- cert_pbe = -1;
- else
- cert_pbe = OBJ_txt2nid(*args);
- if (cert_pbe == NID_undef) {
- BIO_printf(bio_err,
- "Unknown PBE algorithm %s\n", *args);
- badarg = 1;
- }
+ macalg = *args;
} else
badarg = 1;
+ else if (!strcmp(*args, "-nodes"))
+ enc = NULL;
+ else if (!strcmp(*args, "-certpbe")) {
+ if (!set_pbe(bio_err, &cert_pbe, *++args))
+ badarg = 1;
} else if (!strcmp(*args, "-keypbe")) {
- if (args[1]) {
- args++;
- if (!strcmp(*args, "NONE"))
- key_pbe = -1;
- else
- key_pbe = OBJ_txt2nid(*args);
- if (key_pbe == NID_undef) {
- BIO_printf(bio_err,
- "Unknown PBE algorithm %s\n", *args);
- badarg = 1;
- }
- } else
+ if (!set_pbe(bio_err, &key_pbe, *++args))
badarg = 1;
} else if (!strcmp(*args, "-rand")) {
if (args[1]) {
@@ -284,8 +264,8 @@
if (args[1]) {
args++;
if (!canames)
- canames = sk_new_null();
- sk_push(canames, *args);
+ canames = sk_OPENSSL_STRING_new_null();
+ sk_OPENSSL_STRING_push(canames, *args);
} else
badarg = 1;
} else if (!strcmp(*args, "-in")) {
@@ -392,7 +372,9 @@
# endif
BIO_printf(bio_err, "-nodes don't encrypt private keys\n");
BIO_printf(bio_err, "-noiter don't use encryption iteration\n");
+ BIO_printf(bio_err, "-nomaciter don't use MAC iteration\n");
BIO_printf(bio_err, "-maciter use MAC iteration\n");
+ BIO_printf(bio_err, "-nomac don't generate MAC\n");
BIO_printf(bio_err,
"-twopass separate MAC, encryption passwords\n");
BIO_printf(bio_err,
@@ -401,6 +383,8 @@
"-certpbe alg specify certificate PBE algorithm (default RC2-40)\n");
BIO_printf(bio_err,
"-keypbe alg specify private key PBE algorithm (default 3DES)\n");
+ BIO_printf(bio_err,
+ "-macalg alg digest algorithm used in MAC (default SHA1)\n");
BIO_printf(bio_err, "-keyex set MS key exchange type\n");
BIO_printf(bio_err, "-keysig set MS key signature type\n");
BIO_printf(bio_err,
@@ -513,6 +497,7 @@
EVP_PKEY *key = NULL;
X509 *ucert = NULL, *x = NULL;
STACK_OF(X509) *certs = NULL;
+ const EVP_MD *macmd = NULL;
unsigned char *catmp = NULL;
int i;
@@ -628,8 +613,8 @@
/* Add any CA names */
- for (i = 0; i < sk_num(canames); i++) {
- catmp = (unsigned char *)sk_value(canames, i);
+ for (i = 0; i < sk_OPENSSL_STRING_num(canames); i++) {
+ catmp = (unsigned char *)sk_OPENSSL_STRING_value(canames, i);
X509_alias_set1(sk_X509_value(certs, i), catmp, -1);
}
@@ -668,8 +653,15 @@
goto export_end;
}
+ if (macalg) {
+ macmd = EVP_get_digestbyname(macalg);
+ if (!macmd) {
+ BIO_printf(bio_err, "Unknown digest algorithm %s\n", macalg);
+ }
+ }
+
if (maciter != -1)
- PKCS12_set_mac(p12, mpass, -1, NULL, 0, maciter, NULL);
+ PKCS12_set_mac(p12, mpass, -1, NULL, 0, maciter, macmd);
# ifdef CRYPTO_MDEBUG
CRYPTO_pop_info();
@@ -766,7 +758,7 @@
BIO_free(in);
BIO_free_all(out);
if (canames)
- sk_free(canames);
+ sk_OPENSSL_STRING_free(canames);
if (passin)
OPENSSL_free(passin);
if (passout)
@@ -1022,8 +1014,8 @@
av = sk_ASN1_TYPE_value(attr->value.set, 0);
switch (av->type) {
case V_ASN1_BMPSTRING:
- value = uni2asc(av->value.bmpstring->data,
- av->value.bmpstring->length);
+ value = OPENSSL_uni2asc(av->value.bmpstring->data,
+ av->value.bmpstring->length);
BIO_printf(out, "%s\n", value);
OPENSSL_free(value);
break;
@@ -1057,4 +1049,20 @@
BIO_printf(out, "%02X ", buf[i]);
}
+static int set_pbe(BIO *err, int *ppbe, const char *str)
+{
+ if (!str)
+ return 0;
+ if (!strcmp(str, "NONE")) {
+ *ppbe = -1;
+ return 1;
+ }
+ *ppbe = OBJ_txt2nid(str);
+ if (*ppbe == NID_undef) {
+ BIO_printf(bio_err, "Unknown PBE algorithm %s\n", str);
+ return 0;
+ }
+ return 1;
+}
+
#endif
Modified: trunk/crypto/openssl/apps/pkcs7.c
===================================================================
--- trunk/crypto/openssl/apps/pkcs7.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/apps/pkcs7.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -88,7 +88,7 @@
BIO *in = NULL, *out = NULL;
int informat, outformat;
char *infile, *outfile, *prog;
- int print_certs = 0, text = 0, noout = 0;
+ int print_certs = 0, text = 0, noout = 0, p7_print = 0;
int ret = 1;
#ifndef OPENSSL_NO_ENGINE
char *engine = NULL;
@@ -132,6 +132,8 @@
noout = 1;
else if (strcmp(*argv, "-text") == 0)
text = 1;
+ else if (strcmp(*argv, "-print") == 0)
+ p7_print = 1;
else if (strcmp(*argv, "-print_certs") == 0)
print_certs = 1;
#ifndef OPENSSL_NO_ENGINE
@@ -187,11 +189,11 @@
if (infile == NULL)
BIO_set_fp(in, stdin, BIO_NOCLOSE);
else {
- if (BIO_read_filename(in, infile) <= 0)
- if (in == NULL) {
- perror(infile);
- goto end;
- }
+ if (BIO_read_filename(in, infile) <= 0) {
+ BIO_printf(bio_err, "unable to load input file\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
}
if (informat == FORMAT_ASN1)
@@ -223,6 +225,9 @@
}
}
+ if (p7_print)
+ PKCS7_print_ctx(out, p7, 0, NULL);
+
if (print_certs) {
STACK_OF(X509) *certs = NULL;
STACK_OF(X509_CRL) *crls = NULL;
Modified: trunk/crypto/openssl/apps/pkcs8.c
===================================================================
--- trunk/crypto/openssl/apps/pkcs8.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/apps/pkcs8.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -81,11 +81,12 @@
int informat, outformat;
int p8_broken = PKCS8_OK;
int nocrypt = 0;
- X509_SIG *p8;
- PKCS8_PRIV_KEY_INFO *p8inf;
+ X509_SIG *p8 = NULL;
+ PKCS8_PRIV_KEY_INFO *p8inf = NULL;
EVP_PKEY *pkey = NULL;
char pass[50], *passin = NULL, *passout = NULL, *p8pass = NULL;
int badarg = 0;
+ int ret = 1;
#ifndef OPENSSL_NO_ENGINE
char *engine = NULL;
#endif
@@ -210,7 +211,7 @@
BIO_printf(bio_err,
" -engine e use engine e, possibly a hardware device.\n");
#endif
- return 1;
+ goto end;
}
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
@@ -218,7 +219,7 @@
if (!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
BIO_printf(bio_err, "Error getting passwords\n");
- return 1;
+ goto end;
}
if ((pbe_nid == -1) && !cipher)
@@ -227,7 +228,7 @@
if (infile) {
if (!(in = BIO_new_file(infile, "rb"))) {
BIO_printf(bio_err, "Can't open input file %s\n", infile);
- return (1);
+ goto end;
}
} else
in = BIO_new_fp(stdin, BIO_NOCLOSE);
@@ -235,7 +236,7 @@
if (outfile) {
if (!(out = BIO_new_file(outfile, "wb"))) {
BIO_printf(bio_err, "Can't open output file %s\n", outfile);
- return (1);
+ goto end;
}
} else {
out = BIO_new_fp(stdout, BIO_NOCLOSE);
@@ -247,18 +248,13 @@
#endif
}
if (topk8) {
- BIO_free(in); /* Not needed in this section */
pkey = load_key(bio_err, infile, informat, 1, passin, e, "key");
- if (!pkey) {
- BIO_free_all(out);
- return 1;
- }
+ if (!pkey)
+ goto end;
if (!(p8inf = EVP_PKEY2PKCS8_broken(pkey, p8_broken))) {
BIO_printf(bio_err, "Error converting key\n");
ERR_print_errors(bio_err);
- EVP_PKEY_free(pkey);
- BIO_free_all(out);
- return 1;
+ goto end;
}
if (nocrypt) {
if (outformat == FORMAT_PEM)
@@ -267,10 +263,7 @@
i2d_PKCS8_PRIV_KEY_INFO_bio(out, p8inf);
else {
BIO_printf(bio_err, "Bad format specified for key\n");
- PKCS8_PRIV_KEY_INFO_free(p8inf);
- EVP_PKEY_free(pkey);
- BIO_free_all(out);
- return (1);
+ goto end;
}
} else {
if (passout)
@@ -278,12 +271,8 @@
else {
p8pass = pass;
if (EVP_read_pw_string
- (pass, sizeof pass, "Enter Encryption Password:", 1)) {
- PKCS8_PRIV_KEY_INFO_free(p8inf);
- EVP_PKEY_free(pkey);
- BIO_free_all(out);
- return (1);
- }
+ (pass, sizeof pass, "Enter Encryption Password:", 1))
+ goto end;
}
app_RAND_load_file(NULL, bio_err, 0);
if (!(p8 = PKCS8_encrypt(pbe_nid, cipher,
@@ -291,10 +280,7 @@
NULL, 0, iter, p8inf))) {
BIO_printf(bio_err, "Error encrypting key\n");
ERR_print_errors(bio_err);
- PKCS8_PRIV_KEY_INFO_free(p8inf);
- EVP_PKEY_free(pkey);
- BIO_free_all(out);
- return (1);
+ goto end;
}
app_RAND_write_file(NULL, bio_err);
if (outformat == FORMAT_PEM)
@@ -303,22 +289,12 @@
i2d_PKCS8_bio(out, p8);
else {
BIO_printf(bio_err, "Bad format specified for key\n");
- PKCS8_PRIV_KEY_INFO_free(p8inf);
- EVP_PKEY_free(pkey);
- BIO_free_all(out);
- return (1);
+ goto end;
}
- X509_SIG_free(p8);
}
- PKCS8_PRIV_KEY_INFO_free(p8inf);
- EVP_PKEY_free(pkey);
- BIO_free_all(out);
- if (passin)
- OPENSSL_free(passin);
- if (passout)
- OPENSSL_free(passout);
- return (0);
+ ret = 0;
+ goto end;
}
if (nocrypt) {
@@ -328,7 +304,7 @@
p8inf = d2i_PKCS8_PRIV_KEY_INFO_bio(in, NULL);
else {
BIO_printf(bio_err, "Bad format specified for key\n");
- return (1);
+ goto end;
}
} else {
if (informat == FORMAT_PEM)
@@ -337,13 +313,13 @@
p8 = d2i_PKCS8_bio(in, NULL);
else {
BIO_printf(bio_err, "Bad format specified for key\n");
- return (1);
+ goto end;
}
if (!p8) {
BIO_printf(bio_err, "Error reading key\n");
ERR_print_errors(bio_err);
- return (1);
+ goto end;
}
if (passin)
p8pass = passin;
@@ -352,19 +328,18 @@
EVP_read_pw_string(pass, sizeof pass, "Enter Password:", 0);
}
p8inf = PKCS8_decrypt(p8, p8pass, strlen(p8pass));
- X509_SIG_free(p8);
}
if (!p8inf) {
BIO_printf(bio_err, "Error decrypting key\n");
ERR_print_errors(bio_err);
- return (1);
+ goto end;
}
if (!(pkey = EVP_PKCS82PKEY(p8inf))) {
BIO_printf(bio_err, "Error converting key\n");
ERR_print_errors(bio_err);
- return (1);
+ goto end;
}
if (p8inf->broken) {
@@ -382,6 +357,10 @@
BIO_printf(bio_err, "DSA public key include in PrivateKey\n");
break;
+ case PKCS8_NEG_PRIVKEY:
+ BIO_printf(bio_err, "DSA private key value is negative\n");
+ break;
+
default:
BIO_printf(bio_err, "Unknown broken type\n");
break;
@@ -388,7 +367,6 @@
}
}
- PKCS8_PRIV_KEY_INFO_free(p8inf);
if (outformat == FORMAT_PEM)
PEM_write_bio_PrivateKey(out, pkey, NULL, NULL, 0, NULL, passout);
else if (outformat == FORMAT_ASN1)
@@ -395,10 +373,13 @@
i2d_PrivateKey_bio(out, pkey);
else {
BIO_printf(bio_err, "Bad format specified for key\n");
- return (1);
+ goto end;
}
+ ret = 0;
end:
+ X509_SIG_free(p8);
+ PKCS8_PRIV_KEY_INFO_free(p8inf);
EVP_PKEY_free(pkey);
BIO_free_all(out);
BIO_free(in);
@@ -407,5 +388,5 @@
if (passout)
OPENSSL_free(passout);
- return (0);
+ return ret;
}
Copied: trunk/crypto/openssl/apps/pkey.c (from rev 7117, vendor-crypto/openssl/dist/apps/pkey.c)
===================================================================
--- trunk/crypto/openssl/apps/pkey.c (rev 0)
+++ trunk/crypto/openssl/apps/pkey.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,251 @@
+/* apps/pkey.c */
+/*
+ * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+ * 2006
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+#include <stdio.h>
+#include <string.h>
+#include "apps.h"
+#include <openssl/pem.h>
+#include <openssl/err.h>
+#include <openssl/evp.h>
+
+#define PROG pkey_main
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+{
+ ENGINE *e = NULL;
+ char **args, *infile = NULL, *outfile = NULL;
+ char *passargin = NULL, *passargout = NULL;
+ BIO *in = NULL, *out = NULL;
+ const EVP_CIPHER *cipher = NULL;
+ int informat, outformat;
+ int pubin = 0, pubout = 0, pubtext = 0, text = 0, noout = 0;
+ EVP_PKEY *pkey = NULL;
+ char *passin = NULL, *passout = NULL;
+ int badarg = 0;
+#ifndef OPENSSL_NO_ENGINE
+ char *engine = NULL;
+#endif
+ int ret = 1;
+
+ if (bio_err == NULL)
+ bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
+
+ if (!load_config(bio_err, NULL))
+ goto end;
+
+ informat = FORMAT_PEM;
+ outformat = FORMAT_PEM;
+
+ ERR_load_crypto_strings();
+ OpenSSL_add_all_algorithms();
+ args = argv + 1;
+ while (!badarg && *args && *args[0] == '-') {
+ if (!strcmp(*args, "-inform")) {
+ if (args[1]) {
+ args++;
+ informat = str2fmt(*args);
+ } else
+ badarg = 1;
+ } else if (!strcmp(*args, "-outform")) {
+ if (args[1]) {
+ args++;
+ outformat = str2fmt(*args);
+ } else
+ badarg = 1;
+ } else if (!strcmp(*args, "-passin")) {
+ if (!args[1])
+ goto bad;
+ passargin = *(++args);
+ } else if (!strcmp(*args, "-passout")) {
+ if (!args[1])
+ goto bad;
+ passargout = *(++args);
+ }
+#ifndef OPENSSL_NO_ENGINE
+ else if (strcmp(*args, "-engine") == 0) {
+ if (!args[1])
+ goto bad;
+ engine = *(++args);
+ }
+#endif
+ else if (!strcmp(*args, "-in")) {
+ if (args[1]) {
+ args++;
+ infile = *args;
+ } else
+ badarg = 1;
+ } else if (!strcmp(*args, "-out")) {
+ if (args[1]) {
+ args++;
+ outfile = *args;
+ } else
+ badarg = 1;
+ } else if (strcmp(*args, "-pubin") == 0) {
+ pubin = 1;
+ pubout = 1;
+ pubtext = 1;
+ } else if (strcmp(*args, "-pubout") == 0)
+ pubout = 1;
+ else if (strcmp(*args, "-text_pub") == 0) {
+ pubtext = 1;
+ text = 1;
+ } else if (strcmp(*args, "-text") == 0)
+ text = 1;
+ else if (strcmp(*args, "-noout") == 0)
+ noout = 1;
+ else {
+ cipher = EVP_get_cipherbyname(*args + 1);
+ if (!cipher) {
+ BIO_printf(bio_err, "Unknown cipher %s\n", *args + 1);
+ badarg = 1;
+ }
+ }
+ args++;
+ }
+
+ if (badarg) {
+ bad:
+ BIO_printf(bio_err, "Usage pkey [options]\n");
+ BIO_printf(bio_err, "where options are\n");
+ BIO_printf(bio_err, "-in file input file\n");
+ BIO_printf(bio_err, "-inform X input format (DER or PEM)\n");
+ BIO_printf(bio_err,
+ "-passin arg input file pass phrase source\n");
+ BIO_printf(bio_err, "-outform X output format (DER or PEM)\n");
+ BIO_printf(bio_err, "-out file output file\n");
+ BIO_printf(bio_err,
+ "-passout arg output file pass phrase source\n");
+#ifndef OPENSSL_NO_ENGINE
+ BIO_printf(bio_err,
+ "-engine e use engine e, possibly a hardware device.\n");
+#endif
+ return 1;
+ }
+#ifndef OPENSSL_NO_ENGINE
+ e = setup_engine(bio_err, engine, 0);
+#endif
+
+ if (!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
+ BIO_printf(bio_err, "Error getting passwords\n");
+ goto end;
+ }
+
+ if (outfile) {
+ if (!(out = BIO_new_file(outfile, "wb"))) {
+ BIO_printf(bio_err, "Can't open output file %s\n", outfile);
+ goto end;
+ }
+ } else {
+ out = BIO_new_fp(stdout, BIO_NOCLOSE);
+#ifdef OPENSSL_SYS_VMS
+ {
+ BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+ out = BIO_push(tmpbio, out);
+ }
+#endif
+ }
+
+ if (pubin)
+ pkey = load_pubkey(bio_err, infile, informat, 1,
+ passin, e, "Public Key");
+ else
+ pkey = load_key(bio_err, infile, informat, 1, passin, e, "key");
+ if (!pkey)
+ goto end;
+
+ if (!noout) {
+ if (outformat == FORMAT_PEM) {
+ if (pubout)
+ PEM_write_bio_PUBKEY(out, pkey);
+ else
+ PEM_write_bio_PrivateKey(out, pkey, cipher,
+ NULL, 0, NULL, passout);
+ } else if (outformat == FORMAT_ASN1) {
+ if (pubout)
+ i2d_PUBKEY_bio(out, pkey);
+ else
+ i2d_PrivateKey_bio(out, pkey);
+ } else {
+ BIO_printf(bio_err, "Bad format specified for key\n");
+ goto end;
+ }
+
+ }
+
+ if (text) {
+ if (pubtext)
+ EVP_PKEY_print_public(out, pkey, 0, NULL);
+ else
+ EVP_PKEY_print_private(out, pkey, 0, NULL);
+ }
+
+ ret = 0;
+
+ end:
+ EVP_PKEY_free(pkey);
+ BIO_free_all(out);
+ BIO_free(in);
+ if (passin)
+ OPENSSL_free(passin);
+ if (passout)
+ OPENSSL_free(passout);
+
+ return ret;
+}
Copied: trunk/crypto/openssl/apps/pkeyparam.c (from rev 7117, vendor-crypto/openssl/dist/apps/pkeyparam.c)
===================================================================
--- trunk/crypto/openssl/apps/pkeyparam.c (rev 0)
+++ trunk/crypto/openssl/apps/pkeyparam.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,185 @@
+/* apps/pkeyparam.c */
+/*
+ * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+ * 2006
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+#include <stdio.h>
+#include <string.h>
+#include "apps.h"
+#include <openssl/pem.h>
+#include <openssl/err.h>
+#include <openssl/evp.h>
+
+#define PROG pkeyparam_main
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+{
+ char **args, *infile = NULL, *outfile = NULL;
+ BIO *in = NULL, *out = NULL;
+ int text = 0, noout = 0;
+ EVP_PKEY *pkey = NULL;
+ int badarg = 0;
+#ifndef OPENSSL_NO_ENGINE
+ char *engine = NULL;
+#endif
+ int ret = 1;
+
+ if (bio_err == NULL)
+ bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
+
+ if (!load_config(bio_err, NULL))
+ goto end;
+
+ ERR_load_crypto_strings();
+ OpenSSL_add_all_algorithms();
+ args = argv + 1;
+ while (!badarg && *args && *args[0] == '-') {
+ if (!strcmp(*args, "-in")) {
+ if (args[1]) {
+ args++;
+ infile = *args;
+ } else
+ badarg = 1;
+ } else if (!strcmp(*args, "-out")) {
+ if (args[1]) {
+ args++;
+ outfile = *args;
+ } else
+ badarg = 1;
+ }
+#ifndef OPENSSL_NO_ENGINE
+ else if (strcmp(*args, "-engine") == 0) {
+ if (!args[1])
+ goto bad;
+ engine = *(++args);
+ }
+#endif
+
+ else if (strcmp(*args, "-text") == 0)
+ text = 1;
+ else if (strcmp(*args, "-noout") == 0)
+ noout = 1;
+ args++;
+ }
+
+ if (badarg) {
+#ifndef OPENSSL_NO_ENGINE
+ bad:
+#endif
+ BIO_printf(bio_err, "Usage pkeyparam [options]\n");
+ BIO_printf(bio_err, "where options are\n");
+ BIO_printf(bio_err, "-in file input file\n");
+ BIO_printf(bio_err, "-out file output file\n");
+ BIO_printf(bio_err, "-text print parameters as text\n");
+ BIO_printf(bio_err,
+ "-noout don't output encoded parameters\n");
+#ifndef OPENSSL_NO_ENGINE
+ BIO_printf(bio_err,
+ "-engine e use engine e, possibly a hardware device.\n");
+#endif
+ return 1;
+ }
+#ifndef OPENSSL_NO_ENGINE
+ setup_engine(bio_err, engine, 0);
+#endif
+
+ if (infile) {
+ if (!(in = BIO_new_file(infile, "r"))) {
+ BIO_printf(bio_err, "Can't open input file %s\n", infile);
+ goto end;
+ }
+ } else
+ in = BIO_new_fp(stdin, BIO_NOCLOSE);
+
+ if (outfile) {
+ if (!(out = BIO_new_file(outfile, "w"))) {
+ BIO_printf(bio_err, "Can't open output file %s\n", outfile);
+ goto end;
+ }
+ } else {
+ out = BIO_new_fp(stdout, BIO_NOCLOSE);
+#ifdef OPENSSL_SYS_VMS
+ {
+ BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+ out = BIO_push(tmpbio, out);
+ }
+#endif
+ }
+
+ pkey = PEM_read_bio_Parameters(in, NULL);
+ if (!pkey) {
+ BIO_printf(bio_err, "Error reading parameters\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (!noout)
+ PEM_write_bio_Parameters(out, pkey);
+
+ if (text)
+ EVP_PKEY_print_params(out, pkey, 0, NULL);
+
+ ret = 0;
+
+ end:
+ EVP_PKEY_free(pkey);
+ BIO_free_all(out);
+ BIO_free(in);
+
+ return ret;
+}
Copied: trunk/crypto/openssl/apps/pkeyutl.c (from rev 7117, vendor-crypto/openssl/dist/apps/pkeyutl.c)
===================================================================
--- trunk/crypto/openssl/apps/pkeyutl.c (rev 0)
+++ trunk/crypto/openssl/apps/pkeyutl.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,523 @@
+/*
+ * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+ * 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include "apps.h"
+#include <string.h>
+#include <openssl/err.h>
+#include <openssl/pem.h>
+#include <openssl/evp.h>
+
+#define KEY_PRIVKEY 1
+#define KEY_PUBKEY 2
+#define KEY_CERT 3
+
+static void usage(void);
+
+#undef PROG
+
+#define PROG pkeyutl_main
+
+static EVP_PKEY_CTX *init_ctx(int *pkeysize,
+ char *keyfile, int keyform, int key_type,
+ char *passargin, int pkey_op, ENGINE *e);
+
+static int setup_peer(BIO *err, EVP_PKEY_CTX *ctx, int peerform,
+ const char *file);
+
+static int do_keyop(EVP_PKEY_CTX *ctx, int pkey_op,
+ unsigned char *out, size_t *poutlen,
+ unsigned char *in, size_t inlen);
+
+int MAIN(int argc, char **);
+
+int MAIN(int argc, char **argv)
+{
+ BIO *in = NULL, *out = NULL;
+ char *infile = NULL, *outfile = NULL, *sigfile = NULL;
+ ENGINE *e = NULL;
+ int pkey_op = EVP_PKEY_OP_SIGN, key_type = KEY_PRIVKEY;
+ int keyform = FORMAT_PEM, peerform = FORMAT_PEM;
+ char badarg = 0, rev = 0;
+ char hexdump = 0, asn1parse = 0;
+ EVP_PKEY_CTX *ctx = NULL;
+ char *passargin = NULL;
+ int keysize = -1;
+
+ unsigned char *buf_in = NULL, *buf_out = NULL, *sig = NULL;
+ size_t buf_outlen;
+ int buf_inlen = 0, siglen = -1;
+
+ int ret = 1, rv = -1;
+
+ argc--;
+ argv++;
+
+ if (!bio_err)
+ bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
+
+ if (!load_config(bio_err, NULL))
+ goto end;
+ ERR_load_crypto_strings();
+ OpenSSL_add_all_algorithms();
+
+ while (argc >= 1) {
+ if (!strcmp(*argv, "-in")) {
+ if (--argc < 1)
+ badarg = 1;
+ else
+ infile = *(++argv);
+ } else if (!strcmp(*argv, "-out")) {
+ if (--argc < 1)
+ badarg = 1;
+ else
+ outfile = *(++argv);
+ } else if (!strcmp(*argv, "-sigfile")) {
+ if (--argc < 1)
+ badarg = 1;
+ else
+ sigfile = *(++argv);
+ } else if (!strcmp(*argv, "-inkey")) {
+ if (--argc < 1)
+ badarg = 1;
+ else {
+ ctx = init_ctx(&keysize,
+ *(++argv), keyform, key_type,
+ passargin, pkey_op, e);
+ if (!ctx) {
+ BIO_puts(bio_err, "Error initializing context\n");
+ ERR_print_errors(bio_err);
+ badarg = 1;
+ }
+ }
+ } else if (!strcmp(*argv, "-peerkey")) {
+ if (--argc < 1)
+ badarg = 1;
+ else if (!setup_peer(bio_err, ctx, peerform, *(++argv)))
+ badarg = 1;
+ } else if (!strcmp(*argv, "-passin")) {
+ if (--argc < 1)
+ badarg = 1;
+ else
+ passargin = *(++argv);
+ } else if (strcmp(*argv, "-peerform") == 0) {
+ if (--argc < 1)
+ badarg = 1;
+ else
+ peerform = str2fmt(*(++argv));
+ } else if (strcmp(*argv, "-keyform") == 0) {
+ if (--argc < 1)
+ badarg = 1;
+ else
+ keyform = str2fmt(*(++argv));
+ }
+#ifndef OPENSSL_NO_ENGINE
+ else if (!strcmp(*argv, "-engine")) {
+ if (--argc < 1)
+ badarg = 1;
+ else
+ e = setup_engine(bio_err, *(++argv), 0);
+ }
+#endif
+ else if (!strcmp(*argv, "-pubin"))
+ key_type = KEY_PUBKEY;
+ else if (!strcmp(*argv, "-certin"))
+ key_type = KEY_CERT;
+ else if (!strcmp(*argv, "-asn1parse"))
+ asn1parse = 1;
+ else if (!strcmp(*argv, "-hexdump"))
+ hexdump = 1;
+ else if (!strcmp(*argv, "-sign"))
+ pkey_op = EVP_PKEY_OP_SIGN;
+ else if (!strcmp(*argv, "-verify"))
+ pkey_op = EVP_PKEY_OP_VERIFY;
+ else if (!strcmp(*argv, "-verifyrecover"))
+ pkey_op = EVP_PKEY_OP_VERIFYRECOVER;
+ else if (!strcmp(*argv, "-rev"))
+ rev = 1;
+ else if (!strcmp(*argv, "-encrypt"))
+ pkey_op = EVP_PKEY_OP_ENCRYPT;
+ else if (!strcmp(*argv, "-decrypt"))
+ pkey_op = EVP_PKEY_OP_DECRYPT;
+ else if (!strcmp(*argv, "-derive"))
+ pkey_op = EVP_PKEY_OP_DERIVE;
+ else if (strcmp(*argv, "-pkeyopt") == 0) {
+ if (--argc < 1)
+ badarg = 1;
+ else if (!ctx) {
+ BIO_puts(bio_err, "-pkeyopt command before -inkey\n");
+ badarg = 1;
+ } else if (pkey_ctrl_string(ctx, *(++argv)) <= 0) {
+ BIO_puts(bio_err, "parameter setting error\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ } else
+ badarg = 1;
+ if (badarg) {
+ usage();
+ goto end;
+ }
+ argc--;
+ argv++;
+ }
+
+ if (!ctx) {
+ usage();
+ goto end;
+ }
+
+ if (sigfile && (pkey_op != EVP_PKEY_OP_VERIFY)) {
+ BIO_puts(bio_err, "Signature file specified for non verify\n");
+ goto end;
+ }
+
+ if (!sigfile && (pkey_op == EVP_PKEY_OP_VERIFY)) {
+ BIO_puts(bio_err, "No signature file specified for verify\n");
+ goto end;
+ }
+
+/* FIXME: seed PRNG only if needed */
+ app_RAND_load_file(NULL, bio_err, 0);
+
+ if (pkey_op != EVP_PKEY_OP_DERIVE) {
+ if (infile) {
+ if (!(in = BIO_new_file(infile, "rb"))) {
+ BIO_puts(bio_err, "Error Opening Input File\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ } else
+ in = BIO_new_fp(stdin, BIO_NOCLOSE);
+ }
+
+ if (outfile) {
+ if (!(out = BIO_new_file(outfile, "wb"))) {
+ BIO_printf(bio_err, "Error Creating Output File\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ } else {
+ out = BIO_new_fp(stdout, BIO_NOCLOSE);
+#ifdef OPENSSL_SYS_VMS
+ {
+ BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+ out = BIO_push(tmpbio, out);
+ }
+#endif
+ }
+
+ if (sigfile) {
+ BIO *sigbio = BIO_new_file(sigfile, "rb");
+ if (!sigbio) {
+ BIO_printf(bio_err, "Can't open signature file %s\n", sigfile);
+ goto end;
+ }
+ siglen = bio_to_mem(&sig, keysize * 10, sigbio);
+ BIO_free(sigbio);
+ if (siglen <= 0) {
+ BIO_printf(bio_err, "Error reading signature data\n");
+ goto end;
+ }
+ }
+
+ if (in) {
+ /* Read the input data */
+ buf_inlen = bio_to_mem(&buf_in, keysize * 10, in);
+ if (buf_inlen <= 0) {
+ BIO_printf(bio_err, "Error reading input Data\n");
+ exit(1);
+ }
+ if (rev) {
+ size_t i;
+ unsigned char ctmp;
+ size_t l = (size_t)buf_inlen;
+ for (i = 0; i < l / 2; i++) {
+ ctmp = buf_in[i];
+ buf_in[i] = buf_in[l - 1 - i];
+ buf_in[l - 1 - i] = ctmp;
+ }
+ }
+ }
+
+ if (pkey_op == EVP_PKEY_OP_VERIFY) {
+ rv = EVP_PKEY_verify(ctx, sig, (size_t)siglen,
+ buf_in, (size_t)buf_inlen);
+ if (rv == 0)
+ BIO_puts(out, "Signature Verification Failure\n");
+ else if (rv == 1)
+ BIO_puts(out, "Signature Verified Successfully\n");
+ if (rv >= 0)
+ goto end;
+ } else {
+ rv = do_keyop(ctx, pkey_op, NULL, (size_t *)&buf_outlen,
+ buf_in, (size_t)buf_inlen);
+ if (rv > 0) {
+ buf_out = OPENSSL_malloc(buf_outlen);
+ if (!buf_out)
+ rv = -1;
+ else
+ rv = do_keyop(ctx, pkey_op,
+ buf_out, (size_t *)&buf_outlen,
+ buf_in, (size_t)buf_inlen);
+ }
+ }
+
+ if (rv <= 0) {
+ BIO_printf(bio_err, "Public Key operation error\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ ret = 0;
+ if (asn1parse) {
+ if (!ASN1_parse_dump(out, buf_out, buf_outlen, 1, -1))
+ ERR_print_errors(bio_err);
+ } else if (hexdump)
+ BIO_dump(out, (char *)buf_out, buf_outlen);
+ else
+ BIO_write(out, buf_out, buf_outlen);
+
+ end:
+ if (ctx)
+ EVP_PKEY_CTX_free(ctx);
+ BIO_free(in);
+ BIO_free_all(out);
+ if (buf_in)
+ OPENSSL_free(buf_in);
+ if (buf_out)
+ OPENSSL_free(buf_out);
+ if (sig)
+ OPENSSL_free(sig);
+ return ret;
+}
+
+static void usage()
+{
+ BIO_printf(bio_err, "Usage: pkeyutl [options]\n");
+ BIO_printf(bio_err, "-in file input file\n");
+ BIO_printf(bio_err, "-out file output file\n");
+ BIO_printf(bio_err,
+ "-sigfile file signature file (verify operation only)\n");
+ BIO_printf(bio_err, "-inkey file input key\n");
+ BIO_printf(bio_err, "-keyform arg private key format - default PEM\n");
+ BIO_printf(bio_err, "-pubin input is a public key\n");
+ BIO_printf(bio_err,
+ "-certin input is a certificate carrying a public key\n");
+ BIO_printf(bio_err, "-pkeyopt X:Y public key options\n");
+ BIO_printf(bio_err, "-sign sign with private key\n");
+ BIO_printf(bio_err, "-verify verify with public key\n");
+ BIO_printf(bio_err,
+ "-verifyrecover verify with public key, recover original data\n");
+ BIO_printf(bio_err, "-encrypt encrypt with public key\n");
+ BIO_printf(bio_err, "-decrypt decrypt with private key\n");
+ BIO_printf(bio_err, "-derive derive shared secret\n");
+ BIO_printf(bio_err, "-hexdump hex dump output\n");
+#ifndef OPENSSL_NO_ENGINE
+ BIO_printf(bio_err,
+ "-engine e use engine e, possibly a hardware device.\n");
+#endif
+ BIO_printf(bio_err, "-passin arg pass phrase source\n");
+
+}
+
+static EVP_PKEY_CTX *init_ctx(int *pkeysize,
+ char *keyfile, int keyform, int key_type,
+ char *passargin, int pkey_op, ENGINE *e)
+{
+ EVP_PKEY *pkey = NULL;
+ EVP_PKEY_CTX *ctx = NULL;
+ char *passin = NULL;
+ int rv = -1;
+ X509 *x;
+ if (((pkey_op == EVP_PKEY_OP_SIGN) || (pkey_op == EVP_PKEY_OP_DECRYPT)
+ || (pkey_op == EVP_PKEY_OP_DERIVE))
+ && (key_type != KEY_PRIVKEY)) {
+ BIO_printf(bio_err, "A private key is needed for this operation\n");
+ goto end;
+ }
+ if (!app_passwd(bio_err, passargin, NULL, &passin, NULL)) {
+ BIO_printf(bio_err, "Error getting password\n");
+ goto end;
+ }
+ switch (key_type) {
+ case KEY_PRIVKEY:
+ pkey = load_key(bio_err, keyfile, keyform, 0,
+ passin, e, "Private Key");
+ break;
+
+ case KEY_PUBKEY:
+ pkey = load_pubkey(bio_err, keyfile, keyform, 0,
+ NULL, e, "Public Key");
+ break;
+
+ case KEY_CERT:
+ x = load_cert(bio_err, keyfile, keyform, NULL, e, "Certificate");
+ if (x) {
+ pkey = X509_get_pubkey(x);
+ X509_free(x);
+ }
+ break;
+
+ }
+
+ *pkeysize = EVP_PKEY_size(pkey);
+
+ if (!pkey)
+ goto end;
+
+ ctx = EVP_PKEY_CTX_new(pkey, e);
+
+ EVP_PKEY_free(pkey);
+
+ if (!ctx)
+ goto end;
+
+ switch (pkey_op) {
+ case EVP_PKEY_OP_SIGN:
+ rv = EVP_PKEY_sign_init(ctx);
+ break;
+
+ case EVP_PKEY_OP_VERIFY:
+ rv = EVP_PKEY_verify_init(ctx);
+ break;
+
+ case EVP_PKEY_OP_VERIFYRECOVER:
+ rv = EVP_PKEY_verify_recover_init(ctx);
+ break;
+
+ case EVP_PKEY_OP_ENCRYPT:
+ rv = EVP_PKEY_encrypt_init(ctx);
+ break;
+
+ case EVP_PKEY_OP_DECRYPT:
+ rv = EVP_PKEY_decrypt_init(ctx);
+ break;
+
+ case EVP_PKEY_OP_DERIVE:
+ rv = EVP_PKEY_derive_init(ctx);
+ break;
+ }
+
+ if (rv <= 0) {
+ EVP_PKEY_CTX_free(ctx);
+ ctx = NULL;
+ }
+
+ end:
+
+ if (passin)
+ OPENSSL_free(passin);
+
+ return ctx;
+
+}
+
+static int setup_peer(BIO *err, EVP_PKEY_CTX *ctx, int peerform,
+ const char *file)
+{
+ EVP_PKEY *peer = NULL;
+ int ret;
+ if (!ctx) {
+ BIO_puts(err, "-peerkey command before -inkey\n");
+ return 0;
+ }
+
+ peer = load_pubkey(bio_err, file, peerform, 0, NULL, NULL, "Peer Key");
+
+ if (!peer) {
+ BIO_printf(bio_err, "Error reading peer key %s\n", file);
+ ERR_print_errors(err);
+ return 0;
+ }
+
+ ret = EVP_PKEY_derive_set_peer(ctx, peer);
+
+ EVP_PKEY_free(peer);
+ if (ret <= 0)
+ ERR_print_errors(err);
+ return ret;
+}
+
+static int do_keyop(EVP_PKEY_CTX *ctx, int pkey_op,
+ unsigned char *out, size_t *poutlen,
+ unsigned char *in, size_t inlen)
+{
+ int rv = 0;
+ switch (pkey_op) {
+ case EVP_PKEY_OP_VERIFYRECOVER:
+ rv = EVP_PKEY_verify_recover(ctx, out, poutlen, in, inlen);
+ break;
+
+ case EVP_PKEY_OP_SIGN:
+ rv = EVP_PKEY_sign(ctx, out, poutlen, in, inlen);
+ break;
+
+ case EVP_PKEY_OP_ENCRYPT:
+ rv = EVP_PKEY_encrypt(ctx, out, poutlen, in, inlen);
+ break;
+
+ case EVP_PKEY_OP_DECRYPT:
+ rv = EVP_PKEY_decrypt(ctx, out, poutlen, in, inlen);
+ break;
+
+ case EVP_PKEY_OP_DERIVE:
+ rv = EVP_PKEY_derive(ctx, out, poutlen);
+ break;
+
+ }
+ return rv;
+}
Modified: trunk/crypto/openssl/apps/prime.c
===================================================================
--- trunk/crypto/openssl/apps/prime.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/apps/prime.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -61,6 +61,9 @@
{
int hex = 0;
int checks = 20;
+ int generate = 0;
+ int bits = 0;
+ int safe = 0;
BIGNUM *bn = NULL;
BIO *bio_out;
@@ -75,6 +78,15 @@
while (argc >= 1 && **argv == '-') {
if (!strcmp(*argv, "-hex"))
hex = 1;
+ else if (!strcmp(*argv, "-generate"))
+ generate = 1;
+ else if (!strcmp(*argv, "-bits"))
+ if (--argc < 1)
+ goto bad;
+ else
+ bits = atoi(*++argv);
+ else if (!strcmp(*argv, "-safe"))
+ safe = 1;
else if (!strcmp(*argv, "-checks"))
if (--argc < 1)
goto bad;
@@ -88,7 +100,7 @@
++argv;
}
- if (argv[0] == NULL) {
+ if (argv[0] == NULL && !generate) {
BIO_printf(bio_err, "No prime specified\n");
goto bad;
}
@@ -103,15 +115,29 @@
#endif
}
- if (hex)
- BN_hex2bn(&bn, argv[0]);
- else
- BN_dec2bn(&bn, argv[0]);
+ if (generate) {
+ char *s;
- BN_print(bio_out, bn);
- BIO_printf(bio_out, " is %sprime\n",
- BN_is_prime_ex(bn, checks, NULL, NULL) ? "" : "not ");
+ if (!bits) {
+ BIO_printf(bio_err, "Specifiy the number of bits.\n");
+ return 1;
+ }
+ bn = BN_new();
+ BN_generate_prime_ex(bn, bits, safe, NULL, NULL, NULL);
+ s = hex ? BN_bn2hex(bn) : BN_bn2dec(bn);
+ BIO_printf(bio_out, "%s\n", s);
+ OPENSSL_free(s);
+ } else {
+ if (hex)
+ BN_hex2bn(&bn, argv[0]);
+ else
+ BN_dec2bn(&bn, argv[0]);
+ BN_print(bio_out, bn);
+ BIO_printf(bio_out, " is %sprime\n",
+ BN_is_prime_ex(bn, checks, NULL, NULL) ? "" : "not ");
+ }
+
BN_free(bn);
BIO_free_all(bio_out);
Modified: trunk/crypto/openssl/apps/progs.h
===================================================================
--- trunk/crypto/openssl/apps/progs.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/apps/progs.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -22,6 +22,7 @@
extern int x509_main(int argc, char *argv[]);
extern int genrsa_main(int argc, char *argv[]);
extern int gendsa_main(int argc, char *argv[]);
+extern int genpkey_main(int argc, char *argv[]);
extern int s_server_main(int argc, char *argv[]);
extern int s_client_main(int argc, char *argv[]);
extern int speed_main(int argc, char *argv[]);
@@ -35,6 +36,9 @@
extern int nseq_main(int argc, char *argv[]);
extern int pkcs12_main(int argc, char *argv[]);
extern int pkcs8_main(int argc, char *argv[]);
+extern int pkey_main(int argc, char *argv[]);
+extern int pkeyparam_main(int argc, char *argv[]);
+extern int pkeyutl_main(int argc, char *argv[]);
extern int spkac_main(int argc, char *argv[]);
extern int smime_main(int argc, char *argv[]);
extern int rand_main(int argc, char *argv[]);
@@ -41,10 +45,15 @@
extern int engine_main(int argc, char *argv[]);
extern int ocsp_main(int argc, char *argv[]);
extern int prime_main(int argc, char *argv[]);
+extern int ts_main(int argc, char *argv[]);
+extern int srp_main(int argc, char *argv[]);
#define FUNC_TYPE_GENERAL 1
#define FUNC_TYPE_MD 2
#define FUNC_TYPE_CIPHER 3
+#define FUNC_TYPE_PKEY 4
+#define FUNC_TYPE_MD_ALG 5
+#define FUNC_TYPE_CIPHER_ALG 6
typedef struct {
int type;
@@ -51,6 +60,7 @@
const char *name;
int (*func) (int argc, char *argv[]);
} FUNCTION;
+DECLARE_LHASH_OF(FUNCTION);
FUNCTION functions[] = {
{FUNC_TYPE_GENERAL, "verify", verify_main},
@@ -96,16 +106,17 @@
#ifndef OPENSSL_NO_DSA
{FUNC_TYPE_GENERAL, "gendsa", gendsa_main},
#endif
-#if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3))
+ {FUNC_TYPE_GENERAL, "genpkey", genpkey_main},
+#if !defined(OPENSSL_NO_SOCK)
{FUNC_TYPE_GENERAL, "s_server", s_server_main},
#endif
-#if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3))
+#if !defined(OPENSSL_NO_SOCK)
{FUNC_TYPE_GENERAL, "s_client", s_client_main},
#endif
#ifndef OPENSSL_NO_SPEED
{FUNC_TYPE_GENERAL, "speed", speed_main},
#endif
-#if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3))
+#if !defined(OPENSSL_NO_SOCK)
{FUNC_TYPE_GENERAL, "s_time", s_time_main},
#endif
{FUNC_TYPE_GENERAL, "version", version_main},
@@ -115,7 +126,7 @@
#endif
{FUNC_TYPE_GENERAL, "crl2pkcs7", crl2pkcs7_main},
{FUNC_TYPE_GENERAL, "sess_id", sess_id_main},
-#if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3))
+#if !defined(OPENSSL_NO_SOCK)
{FUNC_TYPE_GENERAL, "ciphers", ciphers_main},
#endif
{FUNC_TYPE_GENERAL, "nseq", nseq_main},
@@ -123,6 +134,9 @@
{FUNC_TYPE_GENERAL, "pkcs12", pkcs12_main},
#endif
{FUNC_TYPE_GENERAL, "pkcs8", pkcs8_main},
+ {FUNC_TYPE_GENERAL, "pkey", pkey_main},
+ {FUNC_TYPE_GENERAL, "pkeyparam", pkeyparam_main},
+ {FUNC_TYPE_GENERAL, "pkeyutl", pkeyutl_main},
{FUNC_TYPE_GENERAL, "spkac", spkac_main},
{FUNC_TYPE_GENERAL, "smime", smime_main},
{FUNC_TYPE_GENERAL, "rand", rand_main},
@@ -129,8 +143,14 @@
#ifndef OPENSSL_NO_ENGINE
{FUNC_TYPE_GENERAL, "engine", engine_main},
#endif
+#ifndef OPENSSL_NO_OCSP
{FUNC_TYPE_GENERAL, "ocsp", ocsp_main},
+#endif
{FUNC_TYPE_GENERAL, "prime", prime_main},
+ {FUNC_TYPE_GENERAL, "ts", ts_main},
+#ifndef OPENSSL_NO_SRP
+ {FUNC_TYPE_GENERAL, "srp", srp_main},
+#endif
#ifndef OPENSSL_NO_MD2
{FUNC_TYPE_MD, "md2", dgst_main},
#endif
@@ -189,6 +209,9 @@
{FUNC_TYPE_CIPHER, "camellia-256-ecb", enc_main},
#endif
{FUNC_TYPE_CIPHER, "base64", enc_main},
+#ifdef ZLIB
+ {FUNC_TYPE_CIPHER, "zlib", enc_main},
+#endif
#ifndef OPENSSL_NO_DES
{FUNC_TYPE_CIPHER, "des", enc_main},
#endif
Modified: trunk/crypto/openssl/apps/progs.pl
===================================================================
--- trunk/crypto/openssl/apps/progs.pl 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/apps/progs.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -13,6 +13,9 @@
#define FUNC_TYPE_GENERAL 1
#define FUNC_TYPE_MD 2
#define FUNC_TYPE_CIPHER 3
+#define FUNC_TYPE_PKEY 4
+#define FUNC_TYPE_MD_ALG 5
+#define FUNC_TYPE_CIPHER_ALG 6
typedef struct {
int type;
@@ -19,6 +22,7 @@
const char *name;
int (*func)(int argc,char *argv[]);
} FUNCTION;
+DECLARE_LHASH_OF(FUNCTION);
FUNCTION functions[] = {
EOF
@@ -28,7 +32,7 @@
push(@files,$_);
$str="\t{FUNC_TYPE_GENERAL,\"$_\",${_}_main},\n";
if (($_ =~ /^s_/) || ($_ =~ /^ciphers$/))
- { print "#if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3))\n${str}#endif\n"; }
+ { print "#if !defined(OPENSSL_NO_SOCK)\n${str}#endif\n"; }
elsif ( ($_ =~ /^speed$/))
{ print "#ifndef OPENSSL_NO_SPEED\n${str}#endif\n"; }
elsif ( ($_ =~ /^engine$/))
@@ -45,6 +49,10 @@
{ print "#if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_SHA1)\n${str}#endif\n"; }
elsif ( ($_ =~ /^cms$/))
{ print "#ifndef OPENSSL_NO_CMS\n${str}#endif\n"; }
+ elsif ( ($_ =~ /^ocsp$/))
+ { print "#ifndef OPENSSL_NO_OCSP\n${str}#endif\n"; }
+ elsif ( ($_ =~ /^srp$/))
+ { print "#ifndef OPENSSL_NO_SRP\n${str}#endif\n"; }
else
{ print $str; }
}
@@ -62,7 +70,7 @@
"camellia-128-cbc", "camellia-128-ecb",
"camellia-192-cbc", "camellia-192-ecb",
"camellia-256-cbc", "camellia-256-ecb",
- "base64",
+ "base64", "zlib",
"des", "des3", "desx", "idea", "seed", "rc4", "rc4-40",
"rc2", "bf", "cast", "rc5",
"des-ecb", "des-ede", "des-ede3",
@@ -89,6 +97,7 @@
elsif ($_ =~ /bf/) { $t="#ifndef OPENSSL_NO_BF\n${t}#endif\n"; }
elsif ($_ =~ /cast/) { $t="#ifndef OPENSSL_NO_CAST\n${t}#endif\n"; }
elsif ($_ =~ /rc5/) { $t="#ifndef OPENSSL_NO_RC5\n${t}#endif\n"; }
+ elsif ($_ =~ /zlib/) { $t="#ifdef ZLIB\n${t}#endif\n"; }
print $t;
}
Modified: trunk/crypto/openssl/apps/req.c
===================================================================
--- trunk/crypto/openssl/apps/req.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/apps/req.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -145,11 +145,12 @@
static int add_DN_object(X509_NAME *n, char *text, const char *def,
char *value, int nid, int n_min, int n_max,
unsigned long chtype, int mval);
-#ifndef OPENSSL_NO_RSA
-static int MS_CALLBACK req_cb(int p, int n, BN_GENCB *cb);
-#endif
+static int genpkey_cb(EVP_PKEY_CTX *ctx);
static int req_check_len(int len, int n_min, int n_max);
static int check_end(const char *str, const char *end);
+static EVP_PKEY_CTX *set_keygen_ctx(BIO *err, const char *gstr,
+ int *pkey_type, long *pkeylen,
+ char **palgnam, ENGINE *keygen_engine);
#ifndef MONOLITH
static char *default_config_file = NULL;
#endif
@@ -156,28 +157,21 @@
static CONF *req_conf = NULL;
static int batch = 0;
-#define TYPE_RSA 1
-#define TYPE_DSA 2
-#define TYPE_DH 3
-#define TYPE_EC 4
-
int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
- ENGINE *e = NULL;
-#ifndef OPENSSL_NO_DSA
- DSA *dsa_params = NULL;
-#endif
-#ifndef OPENSSL_NO_ECDSA
- EC_KEY *ec_params = NULL;
-#endif
+ ENGINE *e = NULL, *gen_eng = NULL;
unsigned long nmflag = 0, reqflag = 0;
int ex = 1, x509 = 0, days = 30;
X509 *x509ss = NULL;
X509_REQ *req = NULL;
+ EVP_PKEY_CTX *genctx = NULL;
+ const char *keyalg = NULL;
+ char *keyalgstr = NULL;
+ STACK_OF(OPENSSL_STRING) *pkeyopts = NULL, *sigopts = NULL;
EVP_PKEY *pkey = NULL;
- int i = 0, badops = 0, newreq = 0, verbose = 0, pkey_type = TYPE_RSA;
+ int i = 0, badops = 0, newreq = 0, verbose = 0, pkey_type = -1;
long newkey = -1;
BIO *in = NULL, *out = NULL;
int informat, outformat, verify = 0, noout = 0, text = 0, keyform =
@@ -199,7 +193,7 @@
char *p;
char *subj = NULL;
int multirdn = 0;
- const EVP_MD *md_alg = NULL, *digest = EVP_sha1();
+ const EVP_MD *md_alg = NULL, *digest = NULL;
unsigned long chtype = MBSTRING_ASC;
#ifndef MONOLITH
char *to_free;
@@ -239,6 +233,14 @@
if (--argc < 1)
goto bad;
engine = *(++argv);
+ } else if (strcmp(*argv, "-keygen_engine") == 0) {
+ if (--argc < 1)
+ goto bad;
+ gen_eng = ENGINE_by_id(*(++argv));
+ if (gen_eng == NULL) {
+ BIO_printf(bio_err, "Can't find keygen engine %s\n", *argv);
+ goto end;
+ }
}
#endif
else if (strcmp(*argv, "-key") == 0) {
@@ -282,116 +284,24 @@
goto bad;
inrand = *(++argv);
} else if (strcmp(*argv, "-newkey") == 0) {
- int is_numeric;
-
if (--argc < 1)
goto bad;
- p = *(++argv);
- is_numeric = p[0] >= '0' && p[0] <= '9';
- if (strncmp("rsa:", p, 4) == 0 || is_numeric) {
- pkey_type = TYPE_RSA;
- if (!is_numeric)
- p += 4;
- newkey = atoi(p);
- } else
-#ifndef OPENSSL_NO_DSA
- if (strncmp("dsa:", p, 4) == 0) {
- X509 *xtmp = NULL;
- EVP_PKEY *dtmp;
-
- pkey_type = TYPE_DSA;
- p += 4;
- if ((in = BIO_new_file(p, "r")) == NULL) {
- perror(p);
- goto end;
- }
- if ((dsa_params =
- PEM_read_bio_DSAparams(in, NULL, NULL, NULL)) == NULL) {
- ERR_clear_error();
- (void)BIO_reset(in);
- if ((xtmp =
- PEM_read_bio_X509(in, NULL, NULL, NULL)) == NULL) {
- BIO_printf(bio_err,
- "unable to load DSA parameters from file\n");
- goto end;
- }
-
- if ((dtmp = X509_get_pubkey(xtmp)) == NULL)
- goto end;
- if (dtmp->type == EVP_PKEY_DSA)
- dsa_params = DSAparams_dup(dtmp->pkey.dsa);
- EVP_PKEY_free(dtmp);
- X509_free(xtmp);
- if (dsa_params == NULL) {
- BIO_printf(bio_err,
- "Certificate does not contain DSA parameters\n");
- goto end;
- }
- }
- BIO_free(in);
- in = NULL;
- newkey = BN_num_bits(dsa_params->p);
- } else
-#endif
-#ifndef OPENSSL_NO_ECDSA
- if (strncmp("ec:", p, 3) == 0) {
- X509 *xtmp = NULL;
- EVP_PKEY *dtmp;
- EC_GROUP *group;
-
- pkey_type = TYPE_EC;
- p += 3;
- if ((in = BIO_new_file(p, "r")) == NULL) {
- perror(p);
- goto end;
- }
- if ((ec_params = EC_KEY_new()) == NULL)
- goto end;
- group = PEM_read_bio_ECPKParameters(in, NULL, NULL, NULL);
- if (group == NULL) {
- EC_KEY_free(ec_params);
- ERR_clear_error();
- (void)BIO_reset(in);
- if ((xtmp =
- PEM_read_bio_X509(in, NULL, NULL, NULL)) == NULL) {
- BIO_printf(bio_err,
- "unable to load EC parameters from file\n");
- goto end;
- }
-
- if ((dtmp = X509_get_pubkey(xtmp)) == NULL)
- goto end;
- if (dtmp->type == EVP_PKEY_EC)
- ec_params = EC_KEY_dup(dtmp->pkey.ec);
- EVP_PKEY_free(dtmp);
- X509_free(xtmp);
- if (ec_params == NULL) {
- BIO_printf(bio_err,
- "Certificate does not contain EC parameters\n");
- goto end;
- }
- } else {
- if (EC_KEY_set_group(ec_params, group) == 0)
- goto end;
- EC_GROUP_free(group);
- }
-
- BIO_free(in);
- in = NULL;
- newkey = EC_GROUP_get_degree(EC_KEY_get0_group(ec_params));
- } else
-#endif
-#ifndef OPENSSL_NO_DH
- if (strncmp("dh:", p, 4) == 0) {
- pkey_type = TYPE_DH;
- p += 3;
- } else
-#endif
- {
+ keyalg = *(++argv);
+ newreq = 1;
+ } else if (strcmp(*argv, "-pkeyopt") == 0) {
+ if (--argc < 1)
goto bad;
- }
-
- newreq = 1;
+ if (!pkeyopts)
+ pkeyopts = sk_OPENSSL_STRING_new_null();
+ if (!pkeyopts || !sk_OPENSSL_STRING_push(pkeyopts, *(++argv)))
+ goto bad;
+ } else if (strcmp(*argv, "-sigopt") == 0) {
+ if (--argc < 1)
+ goto bad;
+ if (!sigopts)
+ sigopts = sk_OPENSSL_STRING_new_null();
+ if (!sigopts || !sk_OPENSSL_STRING_push(sigopts, *(++argv)))
+ goto bad;
} else if (strcmp(*argv, "-batch") == 0)
batch = 1;
else if (strcmp(*argv, "-newhdr") == 0)
@@ -446,9 +356,6 @@
serial = s2i_ASN1_INTEGER(NULL, *(++argv));
if (!serial)
goto bad;
- } else if ((md_alg = EVP_get_digestbyname(&((*argv)[1]))) != NULL) {
- /* ok */
- digest = md_alg;
} else if (strcmp(*argv, "-extensions") == 0) {
if (--argc < 1)
goto bad;
@@ -457,6 +364,9 @@
if (--argc < 1)
goto bad;
req_exts = *(++argv);
+ } else if ((md_alg = EVP_get_digestbyname(&((*argv)[1]))) != NULL) {
+ /* ok */
+ digest = md_alg;
} else {
BIO_printf(bio_err, "unknown option %s\n", *argv);
badops = 1;
@@ -705,9 +615,6 @@
}
if (newreq && (pkey == NULL)) {
-#ifndef OPENSSL_NO_RSA
- BN_GENCB cb;
-#endif
char *randfile = NCONF_get_string(req_conf, SECTION, "RANDFILE");
if (randfile == NULL)
ERR_clear_error();
@@ -715,66 +622,60 @@
if (inrand)
app_RAND_load_files(inrand);
- if (newkey <= 0) {
- if (!NCONF_get_number(req_conf, SECTION, BITS, &newkey))
- newkey = DEFAULT_KEY_LENGTH;
+ if (!NCONF_get_number(req_conf, SECTION, BITS, &newkey)) {
+ newkey = DEFAULT_KEY_LENGTH;
}
+ if (keyalg) {
+ genctx = set_keygen_ctx(bio_err, keyalg, &pkey_type, &newkey,
+ &keyalgstr, gen_eng);
+ if (!genctx)
+ goto end;
+ }
+
if (newkey < MIN_KEY_LENGTH
- && (pkey_type == TYPE_RSA || pkey_type == TYPE_DSA)) {
+ && (pkey_type == EVP_PKEY_RSA || pkey_type == EVP_PKEY_DSA)) {
BIO_printf(bio_err, "private key length is too short,\n");
BIO_printf(bio_err, "it needs to be at least %d bits, not %ld\n",
MIN_KEY_LENGTH, newkey);
goto end;
}
- BIO_printf(bio_err, "Generating a %ld bit %s private key\n",
- newkey, (pkey_type == TYPE_RSA) ? "RSA" :
- (pkey_type == TYPE_DSA) ? "DSA" : "EC");
- if ((pkey = EVP_PKEY_new()) == NULL)
- goto end;
+ if (!genctx) {
+ genctx = set_keygen_ctx(bio_err, NULL, &pkey_type, &newkey,
+ &keyalgstr, gen_eng);
+ if (!genctx)
+ goto end;
+ }
-#ifndef OPENSSL_NO_RSA
- BN_GENCB_set(&cb, req_cb, bio_err);
- if (pkey_type == TYPE_RSA) {
- RSA *rsa = RSA_new();
- BIGNUM *bn = BN_new();
- if (!bn || !rsa || !BN_set_word(bn, 0x10001) ||
- !RSA_generate_key_ex(rsa, newkey, bn, &cb) ||
- !EVP_PKEY_assign_RSA(pkey, rsa)) {
- if (bn)
- BN_free(bn);
- if (rsa)
- RSA_free(rsa);
- goto end;
+ if (pkeyopts) {
+ char *genopt;
+ for (i = 0; i < sk_OPENSSL_STRING_num(pkeyopts); i++) {
+ genopt = sk_OPENSSL_STRING_value(pkeyopts, i);
+ if (pkey_ctrl_string(genctx, genopt) <= 0) {
+ BIO_printf(bio_err, "parameter error \"%s\"\n", genopt);
+ ERR_print_errors(bio_err);
+ goto end;
+ }
}
- BN_free(bn);
- } else
-#endif
-#ifndef OPENSSL_NO_DSA
- if (pkey_type == TYPE_DSA) {
- if (!DSA_generate_key(dsa_params))
- goto end;
- if (!EVP_PKEY_assign_DSA(pkey, dsa_params))
- goto end;
- dsa_params = NULL;
}
-#endif
-#ifndef OPENSSL_NO_ECDSA
- if (pkey_type == TYPE_EC) {
- if (!EC_KEY_generate_key(ec_params))
- goto end;
- if (!EVP_PKEY_assign_EC_KEY(pkey, ec_params))
- goto end;
- ec_params = NULL;
+
+ BIO_printf(bio_err, "Generating a %ld bit %s private key\n",
+ newkey, keyalgstr);
+
+ EVP_PKEY_CTX_set_cb(genctx, genpkey_cb);
+ EVP_PKEY_CTX_set_app_data(genctx, bio_err);
+
+ if (EVP_PKEY_keygen(genctx, &pkey) <= 0) {
+ BIO_puts(bio_err, "Error Generating Key\n");
+ goto end;
}
-#endif
+ EVP_PKEY_CTX_free(genctx);
+ genctx = NULL;
+
app_RAND_write_file(randfile, bio_err);
- if (pkey == NULL)
- goto end;
-
if (keyout == NULL) {
keyout = NCONF_get_string(req_conf, SECTION, KEYFILE);
if (keyout == NULL)
@@ -860,14 +761,7 @@
BIO_printf(bio_err, "you need to specify a private key\n");
goto end;
}
-#ifndef OPENSSL_NO_DSA
- if (pkey->type == EVP_PKEY_DSA)
- digest = EVP_dss1();
-#endif
-#ifndef OPENSSL_NO_ECDSA
- if (pkey->type == EVP_PKEY_EC)
- digest = EVP_ecdsa();
-#endif
+
if (req == NULL) {
req = X509_REQ_new();
if (req == NULL) {
@@ -907,8 +801,7 @@
goto end;
if (!X509_gmtime_adj(X509_get_notBefore(x509ss), 0))
goto end;
- if (!X509_gmtime_adj
- (X509_get_notAfter(x509ss), (long)60 * 60 * 24 * days))
+ if (!X509_time_adj_ex(X509_get_notAfter(x509ss), days, 0, NULL))
goto end;
if (!X509_set_subject_name
(x509ss, X509_REQ_get_subject_name(req)))
@@ -932,8 +825,11 @@
goto end;
}
- if (!(i = X509_sign(x509ss, pkey, digest)))
+ i = do_X509_sign(bio_err, x509ss, pkey, digest, sigopts);
+ if (!i) {
+ ERR_print_errors(bio_err);
goto end;
+ }
} else {
X509V3_CTX ext_ctx;
@@ -950,8 +846,11 @@
req_exts);
goto end;
}
- if (!(i = X509_REQ_sign(req, pkey, digest)))
+ i = do_X509_REQ_sign(bio_err, req, pkey, digest, sigopts);
+ if (!i) {
+ ERR_print_errors(bio_err);
goto end;
+ }
}
}
@@ -1071,7 +970,7 @@
}
fprintf(stdout, "Modulus=");
#ifndef OPENSSL_NO_RSA
- if (tpubkey->type == EVP_PKEY_RSA)
+ if (EVP_PKEY_base_id(tpubkey) == EVP_PKEY_RSA)
BN_print(out, tpubkey->pkey.rsa->n);
else
#endif
@@ -1125,6 +1024,18 @@
BIO_free(in);
BIO_free_all(out);
EVP_PKEY_free(pkey);
+ if (genctx)
+ EVP_PKEY_CTX_free(genctx);
+ if (pkeyopts)
+ sk_OPENSSL_STRING_free(pkeyopts);
+ if (sigopts)
+ sk_OPENSSL_STRING_free(sigopts);
+#ifndef OPENSSL_NO_ENGINE
+ if (gen_eng)
+ ENGINE_free(gen_eng);
+#endif
+ if (keyalgstr)
+ OPENSSL_free(keyalgstr);
X509_REQ_free(req);
X509_free(x509ss);
ASN1_INTEGER_free(serial);
@@ -1133,14 +1044,6 @@
if (passargout && passout)
OPENSSL_free(passout);
OBJ_cleanup();
-#ifndef OPENSSL_NO_DSA
- if (dsa_params != NULL)
- DSA_free(dsa_params);
-#endif
-#ifndef OPENSSL_NO_ECDSA
- if (ec_params != NULL)
- EC_KEY_free(ec_params);
-#endif
apps_shutdown();
OPENSSL_EXIT(ex);
}
@@ -1580,28 +1483,6 @@
return (0);
}
-#ifndef OPENSSL_NO_RSA
-static int MS_CALLBACK req_cb(int p, int n, BN_GENCB *cb)
-{
- char c = '*';
-
- if (p == 0)
- c = '.';
- if (p == 1)
- c = '+';
- if (p == 2)
- c = '*';
- if (p == 3)
- c = '\n';
- BIO_write(cb->arg, &c, 1);
- (void)BIO_flush(cb->arg);
-# ifdef LINT
- p = n;
-# endif
- return 1;
-}
-#endif
-
static int req_check_len(int len, int n_min, int n_max)
{
if ((n_min > 0) && (len < n_min)) {
@@ -1631,3 +1512,221 @@
tmp = str + slen - elen;
return strcmp(tmp, end);
}
+
+static EVP_PKEY_CTX *set_keygen_ctx(BIO *err, const char *gstr,
+ int *pkey_type, long *pkeylen,
+ char **palgnam, ENGINE *keygen_engine)
+{
+ EVP_PKEY_CTX *gctx = NULL;
+ EVP_PKEY *param = NULL;
+ long keylen = -1;
+ BIO *pbio = NULL;
+ const char *paramfile = NULL;
+
+ if (gstr == NULL) {
+ *pkey_type = EVP_PKEY_RSA;
+ keylen = *pkeylen;
+ } else if (gstr[0] >= '0' && gstr[0] <= '9') {
+ *pkey_type = EVP_PKEY_RSA;
+ keylen = atol(gstr);
+ *pkeylen = keylen;
+ } else if (!strncmp(gstr, "param:", 6))
+ paramfile = gstr + 6;
+ else {
+ const char *p = strchr(gstr, ':');
+ int len;
+ ENGINE *tmpeng;
+ const EVP_PKEY_ASN1_METHOD *ameth;
+
+ if (p)
+ len = p - gstr;
+ else
+ len = strlen(gstr);
+ /*
+ * The lookup of a the string will cover all engines so keep a note
+ * of the implementation.
+ */
+
+ ameth = EVP_PKEY_asn1_find_str(&tmpeng, gstr, len);
+
+ if (!ameth) {
+ BIO_printf(err, "Unknown algorithm %.*s\n", len, gstr);
+ return NULL;
+ }
+
+ EVP_PKEY_asn1_get0_info(NULL, pkey_type, NULL, NULL, NULL, ameth);
+#ifndef OPENSSL_NO_ENGINE
+ if (tmpeng)
+ ENGINE_finish(tmpeng);
+#endif
+ if (*pkey_type == EVP_PKEY_RSA) {
+ if (p) {
+ keylen = atol(p + 1);
+ *pkeylen = keylen;
+ } else
+ keylen = *pkeylen;
+ } else if (p)
+ paramfile = p + 1;
+ }
+
+ if (paramfile) {
+ pbio = BIO_new_file(paramfile, "r");
+ if (!pbio) {
+ BIO_printf(err, "Can't open parameter file %s\n", paramfile);
+ return NULL;
+ }
+ param = PEM_read_bio_Parameters(pbio, NULL);
+
+ if (!param) {
+ X509 *x;
+ (void)BIO_reset(pbio);
+ x = PEM_read_bio_X509(pbio, NULL, NULL, NULL);
+ if (x) {
+ param = X509_get_pubkey(x);
+ X509_free(x);
+ }
+ }
+
+ BIO_free(pbio);
+
+ if (!param) {
+ BIO_printf(err, "Error reading parameter file %s\n", paramfile);
+ return NULL;
+ }
+ if (*pkey_type == -1)
+ *pkey_type = EVP_PKEY_id(param);
+ else if (*pkey_type != EVP_PKEY_base_id(param)) {
+ BIO_printf(err, "Key Type does not match parameters\n");
+ EVP_PKEY_free(param);
+ return NULL;
+ }
+ }
+
+ if (palgnam) {
+ const EVP_PKEY_ASN1_METHOD *ameth;
+ ENGINE *tmpeng;
+ const char *anam;
+ ameth = EVP_PKEY_asn1_find(&tmpeng, *pkey_type);
+ if (!ameth) {
+ BIO_puts(err, "Internal error: can't find key algorithm\n");
+ return NULL;
+ }
+ EVP_PKEY_asn1_get0_info(NULL, NULL, NULL, NULL, &anam, ameth);
+ *palgnam = BUF_strdup(anam);
+#ifndef OPENSSL_NO_ENGINE
+ if (tmpeng)
+ ENGINE_finish(tmpeng);
+#endif
+ }
+
+ if (param) {
+ gctx = EVP_PKEY_CTX_new(param, keygen_engine);
+ *pkeylen = EVP_PKEY_bits(param);
+ EVP_PKEY_free(param);
+ } else
+ gctx = EVP_PKEY_CTX_new_id(*pkey_type, keygen_engine);
+
+ if (!gctx) {
+ BIO_puts(err, "Error allocating keygen context\n");
+ ERR_print_errors(err);
+ return NULL;
+ }
+
+ if (EVP_PKEY_keygen_init(gctx) <= 0) {
+ BIO_puts(err, "Error initializing keygen context\n");
+ ERR_print_errors(err);
+ return NULL;
+ }
+#ifndef OPENSSL_NO_RSA
+ if ((*pkey_type == EVP_PKEY_RSA) && (keylen != -1)) {
+ if (EVP_PKEY_CTX_set_rsa_keygen_bits(gctx, keylen) <= 0) {
+ BIO_puts(err, "Error setting RSA keysize\n");
+ ERR_print_errors(err);
+ EVP_PKEY_CTX_free(gctx);
+ return NULL;
+ }
+ }
+#endif
+
+ return gctx;
+}
+
+static int genpkey_cb(EVP_PKEY_CTX *ctx)
+{
+ char c = '*';
+ BIO *b = EVP_PKEY_CTX_get_app_data(ctx);
+ int p;
+ p = EVP_PKEY_CTX_get_keygen_info(ctx, 0);
+ if (p == 0)
+ c = '.';
+ if (p == 1)
+ c = '+';
+ if (p == 2)
+ c = '*';
+ if (p == 3)
+ c = '\n';
+ BIO_write(b, &c, 1);
+ (void)BIO_flush(b);
+#ifdef LINT
+ p = n;
+#endif
+ return 1;
+}
+
+static int do_sign_init(BIO *err, EVP_MD_CTX *ctx, EVP_PKEY *pkey,
+ const EVP_MD *md, STACK_OF(OPENSSL_STRING) *sigopts)
+{
+ EVP_PKEY_CTX *pkctx = NULL;
+ int i;
+ EVP_MD_CTX_init(ctx);
+ if (!EVP_DigestSignInit(ctx, &pkctx, md, NULL, pkey))
+ return 0;
+ for (i = 0; i < sk_OPENSSL_STRING_num(sigopts); i++) {
+ char *sigopt = sk_OPENSSL_STRING_value(sigopts, i);
+ if (pkey_ctrl_string(pkctx, sigopt) <= 0) {
+ BIO_printf(err, "parameter error \"%s\"\n", sigopt);
+ ERR_print_errors(bio_err);
+ return 0;
+ }
+ }
+ return 1;
+}
+
+int do_X509_sign(BIO *err, X509 *x, EVP_PKEY *pkey, const EVP_MD *md,
+ STACK_OF(OPENSSL_STRING) *sigopts)
+{
+ int rv;
+ EVP_MD_CTX mctx;
+ EVP_MD_CTX_init(&mctx);
+ rv = do_sign_init(err, &mctx, pkey, md, sigopts);
+ if (rv > 0)
+ rv = X509_sign_ctx(x, &mctx);
+ EVP_MD_CTX_cleanup(&mctx);
+ return rv > 0 ? 1 : 0;
+}
+
+int do_X509_REQ_sign(BIO *err, X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md,
+ STACK_OF(OPENSSL_STRING) *sigopts)
+{
+ int rv;
+ EVP_MD_CTX mctx;
+ EVP_MD_CTX_init(&mctx);
+ rv = do_sign_init(err, &mctx, pkey, md, sigopts);
+ if (rv > 0)
+ rv = X509_REQ_sign_ctx(x, &mctx);
+ EVP_MD_CTX_cleanup(&mctx);
+ return rv > 0 ? 1 : 0;
+}
+
+int do_X509_CRL_sign(BIO *err, X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md,
+ STACK_OF(OPENSSL_STRING) *sigopts)
+{
+ int rv;
+ EVP_MD_CTX mctx;
+ EVP_MD_CTX_init(&mctx);
+ rv = do_sign_init(err, &mctx, pkey, md, sigopts);
+ if (rv > 0)
+ rv = X509_CRL_sign_ctx(x, &mctx);
+ EVP_MD_CTX_cleanup(&mctx);
+ return rv > 0 ? 1 : 0;
+}
Modified: trunk/crypto/openssl/apps/rsa.c
===================================================================
--- trunk/crypto/openssl/apps/rsa.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/apps/rsa.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -116,6 +116,8 @@
# endif
int modulus = 0;
+ int pvk_encr = 2;
+
apps_startup();
if (bio_err == NULL)
@@ -172,6 +174,16 @@
pubin = 1;
else if (strcmp(*argv, "-pubout") == 0)
pubout = 1;
+ else if (strcmp(*argv, "-RSAPublicKey_in") == 0)
+ pubin = 2;
+ else if (strcmp(*argv, "-RSAPublicKey_out") == 0)
+ pubout = 2;
+ else if (strcmp(*argv, "-pvk-strong") == 0)
+ pvk_encr = 2;
+ else if (strcmp(*argv, "-pvk-weak") == 0)
+ pvk_encr = 1;
+ else if (strcmp(*argv, "-pvk-none") == 0)
+ pvk_encr = 0;
else if (strcmp(*argv, "-noout") == 0)
noout = 1;
else if (strcmp(*argv, "-text") == 0)
@@ -261,12 +273,21 @@
{
EVP_PKEY *pkey;
- if (pubin)
- pkey = load_pubkey(bio_err, infile,
- (informat == FORMAT_NETSCAPE && sgckey ?
- FORMAT_IISSGC : informat), 1,
+ if (pubin) {
+ int tmpformat = -1;
+ if (pubin == 2) {
+ if (informat == FORMAT_PEM)
+ tmpformat = FORMAT_PEMRSA;
+ else if (informat == FORMAT_ASN1)
+ tmpformat = FORMAT_ASN1RSA;
+ } else if (informat == FORMAT_NETSCAPE && sgckey)
+ tmpformat = FORMAT_IISSGC;
+ else
+ tmpformat = informat;
+
+ pkey = load_pubkey(bio_err, infile, tmpformat, 1,
passin, e, "Public Key");
- else
+ } else
pkey = load_key(bio_err, infile,
(informat == FORMAT_NETSCAPE && sgckey ?
FORMAT_IISSGC : informat), 1,
@@ -273,7 +294,7 @@
passin, e, "Private Key");
if (pkey != NULL)
- rsa = pkey == NULL ? NULL : EVP_PKEY_get1_RSA(pkey);
+ rsa = EVP_PKEY_get1_RSA(pkey);
EVP_PKEY_free(pkey);
}
@@ -341,9 +362,12 @@
}
BIO_printf(bio_err, "writing RSA key\n");
if (outformat == FORMAT_ASN1) {
- if (pubout || pubin)
- i = i2d_RSA_PUBKEY_bio(out, rsa);
- else
+ if (pubout || pubin) {
+ if (pubout == 2)
+ i = i2d_RSAPublicKey_bio(out, rsa);
+ else
+ i = i2d_RSA_PUBKEY_bio(out, rsa);
+ } else
i = i2d_RSAPrivateKey_bio(out, rsa);
}
# ifndef OPENSSL_NO_RC4
@@ -364,16 +388,32 @@
}
# endif
else if (outformat == FORMAT_PEM) {
- if (pubout || pubin)
- i = PEM_write_bio_RSA_PUBKEY(out, rsa);
- else
+ if (pubout || pubin) {
+ if (pubout == 2)
+ i = PEM_write_bio_RSAPublicKey(out, rsa);
+ else
+ i = PEM_write_bio_RSA_PUBKEY(out, rsa);
+ } else
i = PEM_write_bio_RSAPrivateKey(out, rsa,
enc, NULL, 0, NULL, passout);
+# if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_RC4)
+ } else if (outformat == FORMAT_MSBLOB || outformat == FORMAT_PVK) {
+ EVP_PKEY *pk;
+ pk = EVP_PKEY_new();
+ EVP_PKEY_set1_RSA(pk, rsa);
+ if (outformat == FORMAT_PVK)
+ i = i2b_PVK_bio(out, pk, pvk_encr, 0, passout);
+ else if (pubin || pubout)
+ i = i2b_PublicKey_bio(out, pk);
+ else
+ i = i2b_PrivateKey_bio(out, pk);
+ EVP_PKEY_free(pk);
+# endif
} else {
BIO_printf(bio_err, "bad output format specified for outfile\n");
goto end;
}
- if (!i) {
+ if (i <= 0) {
BIO_printf(bio_err, "unable to write key\n");
ERR_print_errors(bio_err);
} else
Modified: trunk/crypto/openssl/apps/rsautl.c
===================================================================
--- trunk/crypto/openssl/apps/rsautl.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/apps/rsautl.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -268,6 +268,11 @@
rsa_in = OPENSSL_malloc(keysize * 2);
rsa_out = OPENSSL_malloc(keysize);
+ if (!rsa_in || !rsa_out) {
+ BIO_printf(bio_err, "Out of memory\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
/* Read the input data */
rsa_inlen = BIO_read(in, rsa_in, keysize * 2);
@@ -361,4 +366,10 @@
}
+#else /* !OPENSSL_NO_RSA */
+
+# if PEDANTIC
+static void *dummy = &dummy;
+# endif
+
#endif
Modified: trunk/crypto/openssl/apps/s_apps.h
===================================================================
--- trunk/crypto/openssl/apps/s_apps.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/apps/s_apps.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -118,7 +118,7 @@
# include <conio.h>
#endif
-#ifdef OPENSSL_SYS_MSDOS
+#if defined(OPENSSL_SYS_MSDOS) && !defined(_WIN32)
# define _kbhit kbhit
#endif
Modified: trunk/crypto/openssl/apps/s_cb.c
===================================================================
--- trunk/crypto/openssl/apps/s_cb.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/apps/s_cb.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -56,7 +56,7 @@
* [including the GNU Public Licence.]
*/
/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -111,6 +111,7 @@
#include <stdio.h>
#include <stdlib.h>
+#include <string.h> /* for memcpy() */
#define USE_SOCKETS
#define NON_MAIN
#include "apps.h"
@@ -126,12 +127,12 @@
int verify_depth = 0;
int verify_error = X509_V_OK;
+int verify_return_error = 0;
unsigned char cookie_secret[COOKIE_SECRET_LENGTH];
int cookie_initialized = 0;
int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx)
{
- char buf[256];
X509 *err_cert;
int err, depth;
@@ -139,13 +140,19 @@
err = X509_STORE_CTX_get_error(ctx);
depth = X509_STORE_CTX_get_error_depth(ctx);
- X509_NAME_oneline(X509_get_subject_name(err_cert), buf, sizeof buf);
- BIO_printf(bio_err, "depth=%d %s\n", depth, buf);
+ BIO_printf(bio_err, "depth=%d ", depth);
+ if (err_cert) {
+ X509_NAME_print_ex(bio_err, X509_get_subject_name(err_cert),
+ 0, XN_FLAG_ONELINE);
+ BIO_puts(bio_err, "\n");
+ } else
+ BIO_puts(bio_err, "<no cert>\n");
if (!ok) {
BIO_printf(bio_err, "verify error:num=%d:%s\n", err,
X509_verify_cert_error_string(err));
if (verify_depth >= depth) {
- ok = 1;
+ if (!verify_return_error)
+ ok = 1;
verify_error = X509_V_OK;
} else {
ok = 0;
@@ -152,25 +159,32 @@
verify_error = X509_V_ERR_CERT_CHAIN_TOO_LONG;
}
}
- switch (ctx->error) {
+ switch (err) {
case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
- X509_NAME_oneline(X509_get_issuer_name(ctx->current_cert), buf,
- sizeof buf);
- BIO_printf(bio_err, "issuer= %s\n", buf);
+ BIO_puts(bio_err, "issuer= ");
+ X509_NAME_print_ex(bio_err, X509_get_issuer_name(err_cert),
+ 0, XN_FLAG_ONELINE);
+ BIO_puts(bio_err, "\n");
break;
case X509_V_ERR_CERT_NOT_YET_VALID:
case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
BIO_printf(bio_err, "notBefore=");
- ASN1_TIME_print(bio_err, X509_get_notBefore(ctx->current_cert));
+ ASN1_TIME_print(bio_err, X509_get_notBefore(err_cert));
BIO_printf(bio_err, "\n");
break;
case X509_V_ERR_CERT_HAS_EXPIRED:
case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
BIO_printf(bio_err, "notAfter=");
- ASN1_TIME_print(bio_err, X509_get_notAfter(ctx->current_cert));
+ ASN1_TIME_print(bio_err, X509_get_notAfter(err_cert));
BIO_printf(bio_err, "\n");
break;
+ case X509_V_ERR_NO_EXPLICIT_POLICY:
+ policies_print(bio_err, ctx);
+ break;
}
+ if (err == X509_V_OK && ok == 2)
+ policies_print(bio_err, ctx);
+
BIO_printf(bio_err, "verify return:%d\n", ok);
return (ok);
}
@@ -268,13 +282,13 @@
return (ret);
if (cmd == (BIO_CB_READ | BIO_CB_RETURN)) {
- BIO_printf(out, "read from %p [%p] (%d bytes => %ld (0x%lX))\n",
- (void *)bio, argp, argi, ret, ret);
+ BIO_printf(out, "read from %p [%p] (%lu bytes => %ld (0x%lX))\n",
+ (void *)bio, argp, (unsigned long)argi, ret, ret);
BIO_dump(out, argp, (int)ret);
return (ret);
} else if (cmd == (BIO_CB_WRITE | BIO_CB_RETURN)) {
- BIO_printf(out, "write to %p [%p] (%d bytes => %ld (0x%lX))\n",
- (void *)bio, argp, argi, ret, ret);
+ BIO_printf(out, "write to %p [%p] (%lu bytes => %ld (0x%lX))\n",
+ (void *)bio, argp, (unsigned long)argi, ret, ret);
BIO_dump(out, argp, (int)ret);
}
return (ret);
@@ -332,8 +346,12 @@
case TLS1_VERSION:
str_version = "TLS 1.0 ";
break;
- default:
- str_version = "???";
+ case TLS1_1_VERSION:
+ str_version = "TLS 1.1 ";
+ break;
+ case TLS1_2_VERSION:
+ str_version = "TLS 1.2 ";
+ break;
case DTLS1_VERSION:
str_version = "DTLS 1.0 ";
break;
@@ -340,6 +358,8 @@
case DTLS1_BAD_VER:
str_version = "DTLS 1.0 (bad) ";
break;
+ default:
+ str_version = "???";
}
if (version == SSL2_VERSION) {
@@ -402,6 +422,8 @@
if (version == SSL3_VERSION ||
version == TLS1_VERSION ||
+ version == TLS1_1_VERSION ||
+ version == TLS1_2_VERSION ||
version == DTLS1_VERSION || version == DTLS1_BAD_VER) {
switch (content_type) {
case 20:
@@ -535,6 +557,9 @@
case 2:
str_details1 = ", ServerHello";
break;
+ case 3:
+ str_details1 = ", HelloVerifyRequest";
+ break;
case 11:
str_details1 = ", Certificate";
break;
@@ -550,9 +575,6 @@
case 15:
str_details1 = ", CertificateVerify";
break;
- case 3:
- str_details1 = ", HelloVerifyRequest";
- break;
case 16:
str_details1 = ", ClientKeyExchange";
break;
@@ -562,6 +584,22 @@
}
}
}
+#ifndef OPENSSL_NO_HEARTBEATS
+ if (content_type == 24) { /* Heartbeat */
+ str_details1 = ", Heartbeat";
+
+ if (len > 0) {
+ switch (((const unsigned char *)buf)[0]) {
+ case 1:
+ str_details1 = ", HeartbeatRequest";
+ break;
+ case 2:
+ str_details1 = ", HeartbeatResponse";
+ break;
+ }
+ }
+ }
+#endif
}
BIO_printf(bio, "%s %s%s [length %04lx]%s%s\n", str_write_p, str_version,
@@ -620,6 +658,22 @@
extname = "status request";
break;
+ case TLSEXT_TYPE_user_mapping:
+ extname = "user mapping";
+ break;
+
+ case TLSEXT_TYPE_client_authz:
+ extname = "client authz";
+ break;
+
+ case TLSEXT_TYPE_server_authz:
+ extname = "server authz";
+ break;
+
+ case TLSEXT_TYPE_cert_type:
+ extname = "cert type";
+ break;
+
case TLSEXT_TYPE_elliptic_curves:
extname = "elliptic curves";
break;
@@ -628,14 +682,45 @@
extname = "EC point formats";
break;
+ case TLSEXT_TYPE_srp:
+ extname = "SRP";
+ break;
+
+ case TLSEXT_TYPE_signature_algorithms:
+ extname = "signature algorithms";
+ break;
+
+ case TLSEXT_TYPE_use_srtp:
+ extname = "use SRTP";
+ break;
+
+ case TLSEXT_TYPE_heartbeat:
+ extname = "heartbeat";
+ break;
+
case TLSEXT_TYPE_session_ticket:
- extname = "server ticket";
+ extname = "session ticket";
break;
case TLSEXT_TYPE_renegotiate:
- extname = "renegotiate";
+ extname = "renegotiation info";
break;
+#ifdef TLSEXT_TYPE_opaque_prf_input
+ case TLSEXT_TYPE_opaque_prf_input:
+ extname = "opaque PRF input";
+ break;
+#endif
+#ifdef TLSEXT_TYPE_next_proto_neg
+ case TLSEXT_TYPE_next_proto_neg:
+ extname = "next protocol";
+ break;
+#endif
+
+ case TLSEXT_TYPE_padding:
+ extname = "TLS padding";
+ break;
+
default:
extname = "unknown";
break;
@@ -653,11 +738,17 @@
{
unsigned char *buffer, result[EVP_MAX_MD_SIZE];
unsigned int length, resultlength;
- struct sockaddr_in peer;
+ union {
+ struct sockaddr sa;
+ struct sockaddr_in s4;
+#if OPENSSL_USE_IPV6
+ struct sockaddr_in6 s6;
+#endif
+ } peer;
/* Initialize a random secret */
if (!cookie_initialized) {
- if (!RAND_bytes(cookie_secret, COOKIE_SECRET_LENGTH)) {
+ if (RAND_bytes(cookie_secret, COOKIE_SECRET_LENGTH) <= 0) {
BIO_printf(bio_err, "error setting random cookie secret\n");
return 0;
}
@@ -668,8 +759,22 @@
(void)BIO_dgram_get_peer(SSL_get_rbio(ssl), &peer);
/* Create buffer with peer's address and port */
- length = sizeof(peer.sin_addr);
- length += sizeof(peer.sin_port);
+ length = 0;
+ switch (peer.sa.sa_family) {
+ case AF_INET:
+ length += sizeof(struct in_addr);
+ length += sizeof(peer.s4.sin_port);
+ break;
+#if OPENSSL_USE_IPV6
+ case AF_INET6:
+ length += sizeof(struct in6_addr);
+ length += sizeof(peer.s6.sin6_port);
+ break;
+#endif
+ default:
+ OPENSSL_assert(0);
+ break;
+ }
buffer = OPENSSL_malloc(length);
if (buffer == NULL) {
@@ -677,9 +782,23 @@
return 0;
}
- memcpy(buffer, &peer.sin_addr, sizeof(peer.sin_addr));
- memcpy(buffer + sizeof(peer.sin_addr), &peer.sin_port,
- sizeof(peer.sin_port));
+ switch (peer.sa.sa_family) {
+ case AF_INET:
+ memcpy(buffer, &peer.s4.sin_port, sizeof(peer.s4.sin_port));
+ memcpy(buffer + sizeof(peer.s4.sin_port),
+ &peer.s4.sin_addr, sizeof(struct in_addr));
+ break;
+#if OPENSSL_USE_IPV6
+ case AF_INET6:
+ memcpy(buffer, &peer.s6.sin6_port, sizeof(peer.s6.sin6_port));
+ memcpy(buffer + sizeof(peer.s6.sin6_port),
+ &peer.s6.sin6_addr, sizeof(struct in6_addr));
+ break;
+#endif
+ default:
+ OPENSSL_assert(0);
+ break;
+ }
/* Calculate HMAC of buffer using the secret */
HMAC(EVP_sha1(), cookie_secret, COOKIE_SECRET_LENGTH,
@@ -697,7 +816,13 @@
{
unsigned char *buffer, result[EVP_MAX_MD_SIZE];
unsigned int length, resultlength;
- struct sockaddr_in peer;
+ union {
+ struct sockaddr sa;
+ struct sockaddr_in s4;
+#if OPENSSL_USE_IPV6
+ struct sockaddr_in6 s6;
+#endif
+ } peer;
/* If secret isn't initialized yet, the cookie can't be valid */
if (!cookie_initialized)
@@ -707,9 +832,23 @@
(void)BIO_dgram_get_peer(SSL_get_rbio(ssl), &peer);
/* Create buffer with peer's address and port */
- length = sizeof(peer.sin_addr);
- length += sizeof(peer.sin_port);
- buffer = (unsigned char *)OPENSSL_malloc(length);
+ length = 0;
+ switch (peer.sa.sa_family) {
+ case AF_INET:
+ length += sizeof(struct in_addr);
+ length += sizeof(peer.s4.sin_port);
+ break;
+#if OPENSSL_USE_IPV6
+ case AF_INET6:
+ length += sizeof(struct in6_addr);
+ length += sizeof(peer.s6.sin6_port);
+ break;
+#endif
+ default:
+ OPENSSL_assert(0);
+ break;
+ }
+ buffer = OPENSSL_malloc(length);
if (buffer == NULL) {
BIO_printf(bio_err, "out of memory\n");
@@ -716,9 +855,23 @@
return 0;
}
- memcpy(buffer, &peer.sin_addr, sizeof(peer.sin_addr));
- memcpy(buffer + sizeof(peer.sin_addr), &peer.sin_port,
- sizeof(peer.sin_port));
+ switch (peer.sa.sa_family) {
+ case AF_INET:
+ memcpy(buffer, &peer.s4.sin_port, sizeof(peer.s4.sin_port));
+ memcpy(buffer + sizeof(peer.s4.sin_port),
+ &peer.s4.sin_addr, sizeof(struct in_addr));
+ break;
+#if OPENSSL_USE_IPV6
+ case AF_INET6:
+ memcpy(buffer, &peer.s6.sin6_port, sizeof(peer.s6.sin6_port));
+ memcpy(buffer + sizeof(peer.s6.sin6_port),
+ &peer.s6.sin6_addr, sizeof(struct in6_addr));
+ break;
+#endif
+ default:
+ OPENSSL_assert(0);
+ break;
+ }
/* Calculate HMAC of buffer using the secret */
HMAC(EVP_sha1(), cookie_secret, COOKIE_SECRET_LENGTH,
Modified: trunk/crypto/openssl/apps/s_client.c
===================================================================
--- trunk/crypto/openssl/apps/s_client.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/apps/s_client.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -56,7 +56,7 @@
* [including the GNU Public Licence.]
*/
/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -108,8 +108,35 @@
* Hudson (tjh at cryptsoft.com).
*
*/
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
#include <assert.h>
+#include <ctype.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
@@ -137,25 +164,22 @@
#include <openssl/pem.h>
#include <openssl/rand.h>
#include <openssl/ocsp.h>
+#include <openssl/bn.h>
+#ifndef OPENSSL_NO_SRP
+# include <openssl/srp.h>
+#endif
#include "s_apps.h"
#include "timeouts.h"
-#ifdef OPENSSL_SYS_WINCE
-/*
- * Windows CE incorrectly defines fileno as returning void*, so to avoid
- * problems below...
- */
-# ifdef fileno
-# undef fileno
-# endif
-# define fileno(a) (int)_fileno(a)
-#endif
-
#if (defined(OPENSSL_SYS_VMS) && __VMS_VER < 70000000)
/* FIONBIO used as a switch to enable ioctl, and that isn't in VMS < 7.0 */
# undef FIONBIO
#endif
+#if defined(OPENSSL_SYS_BEOS_R5)
+# include <fcntl.h>
+#endif
+
#undef PROG
#define PROG s_client_main
@@ -177,6 +201,7 @@
extern int verify_depth;
extern int verify_error;
+extern int verify_return_error;
#ifdef FIONBIO
static int c_nbio = 0;
@@ -190,6 +215,9 @@
static int c_msg = 0;
static int c_showcerts = 0;
+static char *keymatexportlabel = NULL;
+static int keymatexportlen = 20;
+
static void sc_usage(void);
static void print_stuff(BIO *berr, SSL *con, int full);
#ifndef OPENSSL_NO_TLSEXT
@@ -199,6 +227,74 @@
static int c_quiet = 0;
static int c_ign_eof = 0;
+#ifndef OPENSSL_NO_PSK
+/* Default PSK identity and key */
+static char *psk_identity = "Client_identity";
+/*
+ * char *psk_key=NULL; by default PSK is not used
+ */
+
+static unsigned int psk_client_cb(SSL *ssl, const char *hint, char *identity,
+ unsigned int max_identity_len,
+ unsigned char *psk,
+ unsigned int max_psk_len)
+{
+ unsigned int psk_len = 0;
+ int ret;
+ BIGNUM *bn = NULL;
+
+ if (c_debug)
+ BIO_printf(bio_c_out, "psk_client_cb\n");
+ if (!hint) {
+ /* no ServerKeyExchange message */
+ if (c_debug)
+ BIO_printf(bio_c_out,
+ "NULL received PSK identity hint, continuing anyway\n");
+ } else if (c_debug)
+ BIO_printf(bio_c_out, "Received PSK identity hint '%s'\n", hint);
+
+ /*
+ * lookup PSK identity and PSK key based on the given identity hint here
+ */
+ ret = BIO_snprintf(identity, max_identity_len, "%s", psk_identity);
+ if (ret < 0 || (unsigned int)ret > max_identity_len)
+ goto out_err;
+ if (c_debug)
+ BIO_printf(bio_c_out, "created identity '%s' len=%d\n", identity,
+ ret);
+ ret = BN_hex2bn(&bn, psk_key);
+ if (!ret) {
+ BIO_printf(bio_err, "Could not convert PSK key '%s' to BIGNUM\n",
+ psk_key);
+ if (bn)
+ BN_free(bn);
+ return 0;
+ }
+
+ if ((unsigned int)BN_num_bytes(bn) > max_psk_len) {
+ BIO_printf(bio_err,
+ "psk buffer of callback is too small (%d) for key (%d)\n",
+ max_psk_len, BN_num_bytes(bn));
+ BN_free(bn);
+ return 0;
+ }
+
+ psk_len = BN_bn2bin(bn, psk);
+ BN_free(bn);
+ if (psk_len == 0)
+ goto out_err;
+
+ if (c_debug)
+ BIO_printf(bio_c_out, "created PSK len=%d\n", psk_len);
+
+ return psk_len;
+ out_err:
+ if (c_debug)
+ BIO_printf(bio_err, "Error in PSK client callback\n");
+ return 0;
+}
+#endif
+
static void sc_usage(void)
{
BIO_printf(bio_err, "usage: s_client args\n");
@@ -210,8 +306,10 @@
SSL_HOST_NAME, PORT_STR);
BIO_printf(bio_err,
- " -verify depth - turn on peer certificate verification\n");
+ " -verify arg - turn on peer certificate verification\n");
BIO_printf(bio_err,
+ " -verify_return_error - return verification errors\n");
+ BIO_printf(bio_err,
" -cert arg - certificate file to use, PEM format assumed\n");
BIO_printf(bio_err,
" -certform arg - certificate format (PEM or DER) PEM default\n");
@@ -225,10 +323,14 @@
BIO_printf(bio_err, " -CApath arg - PEM format directory of CA's\n");
BIO_printf(bio_err, " -CAfile arg - PEM format file of CA's\n");
BIO_printf(bio_err,
+ " -no_alt_chains - only ever use the first certificate chain found\n");
+ BIO_printf(bio_err,
" -reconnect - Drop and re-make the connection with the same Session-ID\n");
BIO_printf(bio_err,
" -pause - sleep(1) after each read(2) and write(2) system call\n");
BIO_printf(bio_err,
+ " -prexit - print session information even on connection failure\n");
+ BIO_printf(bio_err,
" -showcerts - show all certificates in the chain\n");
BIO_printf(bio_err, " -debug - extra output\n");
#ifdef WATT32
@@ -246,14 +348,37 @@
BIO_printf(bio_err,
" -ign_eof - ignore input eof (default when -quiet)\n");
BIO_printf(bio_err, " -no_ign_eof - don't ignore input eof\n");
+#ifndef OPENSSL_NO_PSK
+ BIO_printf(bio_err, " -psk_identity arg - PSK identity\n");
+ BIO_printf(bio_err, " -psk arg - PSK in hex (without 0x)\n");
+# ifndef OPENSSL_NO_JPAKE
+ BIO_printf(bio_err, " -jpake arg - JPAKE secret to use\n");
+# endif
+#endif
+#ifndef OPENSSL_NO_SRP
+ BIO_printf(bio_err,
+ " -srpuser user - SRP authentification for 'user'\n");
+ BIO_printf(bio_err, " -srppass arg - password for 'user'\n");
+ BIO_printf(bio_err,
+ " -srp_lateuser - SRP username into second ClientHello message\n");
+ BIO_printf(bio_err,
+ " -srp_moregroups - Tolerate other than the known g N values.\n");
+ BIO_printf(bio_err,
+ " -srp_strength int - minimal length in bits for N (default %d).\n",
+ SRP_MINIMAL_N);
+#endif
BIO_printf(bio_err, " -ssl2 - just use SSLv2\n");
+#ifndef OPENSSL_NO_SSL3_METHOD
BIO_printf(bio_err, " -ssl3 - just use SSLv3\n");
+#endif
+ BIO_printf(bio_err, " -tls1_2 - just use TLSv1.2\n");
+ BIO_printf(bio_err, " -tls1_1 - just use TLSv1.1\n");
BIO_printf(bio_err, " -tls1 - just use TLSv1\n");
BIO_printf(bio_err, " -dtls1 - just use DTLSv1\n");
BIO_printf(bio_err, " -fallback_scsv - send TLS_FALLBACK_SCSV\n");
BIO_printf(bio_err, " -mtu - set the link layer MTU\n");
BIO_printf(bio_err,
- " -no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol\n");
+ " -no_tls1_2/-no_tls1_1/-no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol\n");
BIO_printf(bio_err,
" -bugs - Switch on all SSL implementation bug workarounds\n");
BIO_printf(bio_err,
@@ -288,9 +413,21 @@
" -status - request certificate status from server\n");
BIO_printf(bio_err,
" -no_ticket - disable use of RFC4507bis session tickets\n");
+# ifndef OPENSSL_NO_NEXTPROTONEG
+ BIO_printf(bio_err,
+ " -nextprotoneg arg - enable NPN extension, considering named protocols supported (comma-separated list)\n");
+# endif
#endif
BIO_printf(bio_err,
" -legacy_renegotiation - enable use of legacy renegotiation (dangerous)\n");
+#ifndef OPENSSL_NO_SRTP
+ BIO_printf(bio_err,
+ " -use_srtp profiles - Offer SRTP key management with a colon-separated profile list\n");
+#endif
+ BIO_printf(bio_err,
+ " -keymatexport label - Export keying material using label\n");
+ BIO_printf(bio_err,
+ " -keymatexportlen len - Export len bytes of keying material (default 20)\n");
}
#ifndef OPENSSL_NO_TLSEXT
@@ -312,7 +449,164 @@
return SSL_TLSEXT_ERR_OK;
}
+
+# ifndef OPENSSL_NO_SRP
+
+/* This is a context that we pass to all callbacks */
+typedef struct srp_arg_st {
+ char *srppassin;
+ char *srplogin;
+ int msg; /* copy from c_msg */
+ int debug; /* copy from c_debug */
+ int amp; /* allow more groups */
+ int strength /* minimal size for N */ ;
+} SRP_ARG;
+
+# define SRP_NUMBER_ITERATIONS_FOR_PRIME 64
+
+static int srp_Verify_N_and_g(BIGNUM *N, BIGNUM *g)
+{
+ BN_CTX *bn_ctx = BN_CTX_new();
+ BIGNUM *p = BN_new();
+ BIGNUM *r = BN_new();
+ int ret =
+ g != NULL && N != NULL && bn_ctx != NULL && BN_is_odd(N) &&
+ BN_is_prime_ex(N, SRP_NUMBER_ITERATIONS_FOR_PRIME, bn_ctx, NULL) &&
+ p != NULL && BN_rshift1(p, N) &&
+ /* p = (N-1)/2 */
+ BN_is_prime_ex(p, SRP_NUMBER_ITERATIONS_FOR_PRIME, bn_ctx, NULL) &&
+ r != NULL &&
+ /* verify g^((N-1)/2) == -1 (mod N) */
+ BN_mod_exp(r, g, p, N, bn_ctx) &&
+ BN_add_word(r, 1) && BN_cmp(r, N) == 0;
+
+ if (r)
+ BN_free(r);
+ if (p)
+ BN_free(p);
+ if (bn_ctx)
+ BN_CTX_free(bn_ctx);
+ return ret;
+}
+
+/*-
+ * This callback is used here for two purposes:
+ * - extended debugging
+ * - making some primality tests for unknown groups
+ * The callback is only called for a non default group.
+ *
+ * An application does not need the call back at all if
+ * only the stanard groups are used. In real life situations,
+ * client and server already share well known groups,
+ * thus there is no need to verify them.
+ * Furthermore, in case that a server actually proposes a group that
+ * is not one of those defined in RFC 5054, it is more appropriate
+ * to add the group to a static list and then compare since
+ * primality tests are rather cpu consuming.
+ */
+
+static int MS_CALLBACK ssl_srp_verify_param_cb(SSL *s, void *arg)
+{
+ SRP_ARG *srp_arg = (SRP_ARG *)arg;
+ BIGNUM *N = NULL, *g = NULL;
+ if (!(N = SSL_get_srp_N(s)) || !(g = SSL_get_srp_g(s)))
+ return 0;
+ if (srp_arg->debug || srp_arg->msg || srp_arg->amp == 1) {
+ BIO_printf(bio_err, "SRP parameters:\n");
+ BIO_printf(bio_err, "\tN=");
+ BN_print(bio_err, N);
+ BIO_printf(bio_err, "\n\tg=");
+ BN_print(bio_err, g);
+ BIO_printf(bio_err, "\n");
+ }
+
+ if (SRP_check_known_gN_param(g, N))
+ return 1;
+
+ if (srp_arg->amp == 1) {
+ if (srp_arg->debug)
+ BIO_printf(bio_err,
+ "SRP param N and g are not known params, going to check deeper.\n");
+
+ /*
+ * The srp_moregroups is a real debugging feature. Implementors
+ * should rather add the value to the known ones. The minimal size
+ * has already been tested.
+ */
+ if (BN_num_bits(g) <= BN_BITS && srp_Verify_N_and_g(N, g))
+ return 1;
+ }
+ BIO_printf(bio_err, "SRP param N and g rejected.\n");
+ return 0;
+}
+
+# define PWD_STRLEN 1024
+
+static char *MS_CALLBACK ssl_give_srp_client_pwd_cb(SSL *s, void *arg)
+{
+ SRP_ARG *srp_arg = (SRP_ARG *)arg;
+ char *pass = (char *)OPENSSL_malloc(PWD_STRLEN + 1);
+ PW_CB_DATA cb_tmp;
+ int l;
+
+ if (!pass) {
+ BIO_printf(bio_err, "Malloc failure\n");
+ return NULL;
+ }
+
+ cb_tmp.password = (char *)srp_arg->srppassin;
+ cb_tmp.prompt_info = "SRP user";
+ if ((l = password_callback(pass, PWD_STRLEN, 0, &cb_tmp)) < 0) {
+ BIO_printf(bio_err, "Can't read Password\n");
+ OPENSSL_free(pass);
+ return NULL;
+ }
+ *(pass + l) = '\0';
+
+ return pass;
+}
+
+# endif
+# ifndef OPENSSL_NO_SRTP
+char *srtp_profiles = NULL;
+# endif
+
+# ifndef OPENSSL_NO_NEXTPROTONEG
+/* This the context that we pass to next_proto_cb */
+typedef struct tlsextnextprotoctx_st {
+ unsigned char *data;
+ unsigned short len;
+ int status;
+} tlsextnextprotoctx;
+
+static tlsextnextprotoctx next_proto;
+
+static int next_proto_cb(SSL *s, unsigned char **out, unsigned char *outlen,
+ const unsigned char *in, unsigned int inlen,
+ void *arg)
+{
+ tlsextnextprotoctx *ctx = arg;
+
+ if (!c_quiet) {
+ /* We can assume that |in| is syntactically valid. */
+ unsigned i;
+ BIO_printf(bio_c_out, "Protocols advertised by server: ");
+ for (i = 0; i < inlen;) {
+ if (i)
+ BIO_write(bio_c_out, ", ", 2);
+ BIO_write(bio_c_out, &in[i + 1], in[i]);
+ i += in[i] + 1;
+ }
+ BIO_write(bio_c_out, "\n", 1);
+ }
+
+ ctx->status =
+ SSL_select_next_proto(out, outlen, in, inlen, ctx->data, ctx->len);
+ return SSL_TLSEXT_ERR_OK;
+}
+# endif /* ndef OPENSSL_NO_NEXTPROTONEG */
#endif
+
enum {
PROTO_OFF = 0,
PROTO_SMTP,
@@ -326,9 +620,11 @@
int MAIN(int argc, char **argv)
{
- int off = 0, clr = 0;
- SSL *con = NULL, *con2 = NULL;
- X509_STORE *store = NULL;
+ unsigned int off = 0, clr = 0;
+ SSL *con = NULL;
+#ifndef OPENSSL_NO_KRB5
+ KSSL_CTX *kctx;
+#endif
int s, k, width, state = 0;
char *cbuf = NULL, *sbuf = NULL, *mbuf = NULL;
int cbuf_len, cbuf_off;
@@ -349,12 +645,11 @@
SSL_CTX *ctx = NULL;
int ret = 1, in_init = 1, i, nbio_test = 0;
int starttls_proto = PROTO_OFF;
- int prexit = 0, vflags = 0;
- SSL_METHOD *meth = NULL;
-#ifdef sock_type
-# undef sock_type
-#endif
- int sock_type = SOCK_STREAM;
+ int prexit = 0;
+ X509_VERIFY_PARAM *vpm = NULL;
+ int badarg = 0;
+ const SSL_METHOD *meth = NULL;
+ int socket_type = SOCK_STREAM;
BIO *sbio;
char *inrand = NULL;
int mbuf_len = 0;
@@ -365,13 +660,18 @@
ENGINE *ssl_client_engine = NULL;
#endif
ENGINE *e = NULL;
-#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE)
+#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_BEOS_R5)
struct timeval tv;
+# if defined(OPENSSL_SYS_BEOS_R5)
+ int stdin_set = 0;
+# endif
#endif
-
#ifndef OPENSSL_NO_TLSEXT
char *servername = NULL;
tlsextctx tlsextcbp = { NULL, 0 };
+# ifndef OPENSSL_NO_NEXTPROTONEG
+ const char *next_proto_neg_in = NULL;
+# endif
#endif
char *sess_in = NULL;
char *sess_out = NULL;
@@ -383,6 +683,11 @@
#ifndef OPENSSL_NO_JPAKE
char *jpake_secret = NULL;
#endif
+#ifndef OPENSSL_NO_SRP
+ char *srppass = NULL;
+ int srp_lateuser = 0;
+ SRP_ARG srp_arg = { NULL, NULL, 0, 0, 0, 1024 };
+#endif
meth = SSLv23_client_method();
@@ -453,10 +758,12 @@
if (--argc < 1)
goto bad;
cert_format = str2fmt(*(++argv));
- } else if (strcmp(*argv, "-crl_check") == 0)
- vflags |= X509_V_FLAG_CRL_CHECK;
- else if (strcmp(*argv, "-crl_check_all") == 0)
- vflags |= X509_V_FLAG_CRL_CHECK | X509_V_FLAG_CRL_CHECK_ALL;
+ } else if (args_verify(&argv, &argc, &badarg, bio_err, &vpm)) {
+ if (badarg)
+ goto bad;
+ continue;
+ } else if (strcmp(*argv, "-verify_return_error") == 0)
+ verify_return_error = 1;
else if (strcmp(*argv, "-prexit") == 0)
prexit = 1;
else if (strcmp(*argv, "-crlf") == 0)
@@ -490,15 +797,64 @@
nbio_test = 1;
else if (strcmp(*argv, "-state") == 0)
state = 1;
+#ifndef OPENSSL_NO_PSK
+ else if (strcmp(*argv, "-psk_identity") == 0) {
+ if (--argc < 1)
+ goto bad;
+ psk_identity = *(++argv);
+ } else if (strcmp(*argv, "-psk") == 0) {
+ size_t j;
+
+ if (--argc < 1)
+ goto bad;
+ psk_key = *(++argv);
+ for (j = 0; j < strlen(psk_key); j++) {
+ if (isxdigit((unsigned char)psk_key[j]))
+ continue;
+ BIO_printf(bio_err, "Not a hex number '%s'\n", *argv);
+ goto bad;
+ }
+ }
+#endif
+#ifndef OPENSSL_NO_SRP
+ else if (strcmp(*argv, "-srpuser") == 0) {
+ if (--argc < 1)
+ goto bad;
+ srp_arg.srplogin = *(++argv);
+ meth = TLSv1_client_method();
+ } else if (strcmp(*argv, "-srppass") == 0) {
+ if (--argc < 1)
+ goto bad;
+ srppass = *(++argv);
+ meth = TLSv1_client_method();
+ } else if (strcmp(*argv, "-srp_strength") == 0) {
+ if (--argc < 1)
+ goto bad;
+ srp_arg.strength = atoi(*(++argv));
+ BIO_printf(bio_err, "SRP minimal length for N is %d\n",
+ srp_arg.strength);
+ meth = TLSv1_client_method();
+ } else if (strcmp(*argv, "-srp_lateuser") == 0) {
+ srp_lateuser = 1;
+ meth = TLSv1_client_method();
+ } else if (strcmp(*argv, "-srp_moregroups") == 0) {
+ srp_arg.amp = 1;
+ meth = TLSv1_client_method();
+ }
+#endif
#ifndef OPENSSL_NO_SSL2
else if (strcmp(*argv, "-ssl2") == 0)
meth = SSLv2_client_method();
#endif
-#ifndef OPENSSL_NO_SSL3
+#ifndef OPENSSL_NO_SSL3_METHOD
else if (strcmp(*argv, "-ssl3") == 0)
meth = SSLv3_client_method();
#endif
#ifndef OPENSSL_NO_TLS1
+ else if (strcmp(*argv, "-tls1_2") == 0)
+ meth = TLSv1_2_client_method();
+ else if (strcmp(*argv, "-tls1_1") == 0)
+ meth = TLSv1_1_client_method();
else if (strcmp(*argv, "-tls1") == 0)
meth = TLSv1_client_method();
#endif
@@ -505,7 +861,9 @@
#ifndef OPENSSL_NO_DTLS1
else if (strcmp(*argv, "-dtls1") == 0) {
meth = DTLSv1_client_method();
- sock_type = SOCK_DGRAM;
+ socket_type = SOCK_DGRAM;
+ } else if (strcmp(*argv, "-fallback_scsv") == 0) {
+ fallback_scsv = 1;
} else if (strcmp(*argv, "-timeout") == 0)
enable_timeouts = 1;
else if (strcmp(*argv, "-mtu") == 0) {
@@ -514,9 +872,7 @@
socket_mtu = atol(*(++argv));
}
#endif
- else if (strcmp(*argv, "-fallback_scsv") == 0) {
- fallback_scsv = 1;
- } else if (strcmp(*argv, "-bugs") == 0)
+ else if (strcmp(*argv, "-bugs") == 0)
bugs = 1;
else if (strcmp(*argv, "-keyform") == 0) {
if (--argc < 1)
@@ -540,16 +896,30 @@
if (--argc < 1)
goto bad;
CAfile = *(++argv);
- } else if (strcmp(*argv, "-no_tls1") == 0)
+ } else if (strcmp(*argv, "-no_tls1_2") == 0)
+ off |= SSL_OP_NO_TLSv1_2;
+ else if (strcmp(*argv, "-no_tls1_1") == 0)
+ off |= SSL_OP_NO_TLSv1_1;
+ else if (strcmp(*argv, "-no_tls1") == 0)
off |= SSL_OP_NO_TLSv1;
else if (strcmp(*argv, "-no_ssl3") == 0)
off |= SSL_OP_NO_SSLv3;
else if (strcmp(*argv, "-no_ssl2") == 0)
off |= SSL_OP_NO_SSLv2;
+ else if (strcmp(*argv, "-no_comp") == 0) {
+ off |= SSL_OP_NO_COMPRESSION;
+ }
#ifndef OPENSSL_NO_TLSEXT
else if (strcmp(*argv, "-no_ticket") == 0) {
off |= SSL_OP_NO_TICKET;
}
+# ifndef OPENSSL_NO_NEXTPROTONEG
+ else if (strcmp(*argv, "-nextprotoneg") == 0) {
+ if (--argc < 1)
+ goto bad;
+ next_proto_neg_in = *(++argv);
+ }
+# endif
#endif
else if (strcmp(*argv, "-serverpref") == 0)
off |= SSL_OP_CIPHER_SERVER_PREFERENCE;
@@ -617,7 +987,24 @@
jpake_secret = *++argv;
}
#endif
- else {
+#ifndef OPENSSL_NO_SRTP
+ else if (strcmp(*argv, "-use_srtp") == 0) {
+ if (--argc < 1)
+ goto bad;
+ srtp_profiles = *(++argv);
+ }
+#endif
+ else if (strcmp(*argv, "-keymatexport") == 0) {
+ if (--argc < 1)
+ goto bad;
+ keymatexportlabel = *(++argv);
+ } else if (strcmp(*argv, "-keymatexportlen") == 0) {
+ if (--argc < 1)
+ goto bad;
+ keymatexportlen = atoi(*(++argv));
+ if (keymatexportlen == 0)
+ goto bad;
+ } else {
BIO_printf(bio_err, "unknown option %s\n", *argv);
badop = 1;
break;
@@ -630,10 +1017,37 @@
sc_usage();
goto end;
}
+#if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK)
+ if (jpake_secret) {
+ if (psk_key) {
+ BIO_printf(bio_err, "Can't use JPAKE and PSK together\n");
+ goto end;
+ }
+ psk_identity = "JPAKE";
+ if (cipher) {
+ BIO_printf(bio_err, "JPAKE sets cipher to PSK\n");
+ goto end;
+ }
+ cipher = "PSK";
+ }
+#endif
OpenSSL_add_ssl_algorithms();
SSL_load_error_strings();
+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
+ next_proto.status = -1;
+ if (next_proto_neg_in) {
+ next_proto.data =
+ next_protos_parse(&next_proto.len, next_proto_neg_in);
+ if (next_proto.data == NULL) {
+ BIO_printf(bio_err, "Error parsing -nextprotoneg argument\n");
+ goto end;
+ }
+ } else
+ next_proto.data = NULL;
+#endif
+
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine_id, 1);
if (ssl_client_engine_id) {
@@ -690,6 +1104,12 @@
bio_c_out = BIO_new_fp(stdout, BIO_NOCLOSE);
}
}
+#ifndef OPENSSL_NO_SRP
+ if (!app_passwd(bio_err, srppass, NULL, &srp_arg.srppassin, NULL)) {
+ BIO_printf(bio_err, "Error getting password\n");
+ goto end;
+ }
+#endif
ctx = SSL_CTX_new(meth);
if (ctx == NULL) {
@@ -696,6 +1116,10 @@
ERR_print_errors(bio_err);
goto end;
}
+
+ if (vpm)
+ SSL_CTX_set1_param(ctx, vpm);
+
#ifndef OPENSSL_NO_ENGINE
if (ssl_client_engine) {
if (!SSL_CTX_set_client_cert_engine(ctx, ssl_client_engine)) {
@@ -708,6 +1132,23 @@
}
#endif
+#ifndef OPENSSL_NO_PSK
+# ifdef OPENSSL_NO_JPAKE
+ if (psk_key != NULL)
+# else
+ if (psk_key != NULL || jpake_secret)
+# endif
+ {
+ if (c_debug)
+ BIO_printf(bio_c_out,
+ "PSK key given or JPAKE in use, setting client callback\n");
+ SSL_CTX_set_psk_client_callback(ctx, psk_client_cb);
+ }
+#endif
+#ifndef OPENSSL_NO_SRTP
+ if (srtp_profiles != NULL)
+ SSL_CTX_set_tlsext_use_srtp(ctx, srtp_profiles);
+#endif
if (bugs)
SSL_CTX_set_options(ctx, SSL_OP_ALL | off);
else
@@ -715,13 +1156,12 @@
if (clr)
SSL_CTX_clear_options(ctx, clr);
- /*
- * DTLS: partial reads end up discarding unread UDP bytes :-( Setting
- * read ahead solves this problem.
- */
- if (sock_type == SOCK_DGRAM)
- SSL_CTX_set_read_ahead(ctx, 1);
+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
+ if (next_proto.data)
+ SSL_CTX_set_next_proto_select_cb(ctx, next_proto_cb, &next_proto);
+#endif
+
if (state)
SSL_CTX_set_info_callback(ctx, apps_ssl_info_callback);
if (cipher != NULL)
@@ -739,17 +1179,13 @@
if (!set_cert_key_stuff(ctx, cert, key))
goto end;
- if ((!SSL_CTX_load_verify_locations(ctx, CAfile, CApath)) ||
- (!SSL_CTX_set_default_verify_paths(ctx))) {
- /*
- * BIO_printf(bio_err,"error setting default verify locations\n");
- */
+ if ((CAfile || CApath)
+ && !SSL_CTX_load_verify_locations(ctx, CAfile, CApath)) {
ERR_print_errors(bio_err);
- /* goto end; */
}
-
- store = SSL_CTX_get_cert_store(ctx);
- X509_STORE_set_flags(store, vflags);
+ if (!SSL_CTX_set_default_verify_paths(ctx)) {
+ ERR_print_errors(bio_err);
+ }
#ifndef OPENSSL_NO_TLSEXT
if (servername != NULL) {
tlsextcbp.biodebug = bio_err;
@@ -756,6 +1192,22 @@
SSL_CTX_set_tlsext_servername_callback(ctx, ssl_servername_cb);
SSL_CTX_set_tlsext_servername_arg(ctx, &tlsextcbp);
}
+# ifndef OPENSSL_NO_SRP
+ if (srp_arg.srplogin) {
+ if (!srp_lateuser && !SSL_CTX_set_srp_username(ctx, srp_arg.srplogin)) {
+ BIO_printf(bio_err, "Unable to set SRP username\n");
+ goto end;
+ }
+ srp_arg.msg = c_msg;
+ srp_arg.debug = c_debug;
+ SSL_CTX_set_srp_cb_arg(ctx, &srp_arg);
+ SSL_CTX_set_srp_client_pwd_callback(ctx, ssl_give_srp_client_pwd_cb);
+ SSL_CTX_set_srp_strength(ctx, srp_arg.strength);
+ if (c_msg || c_debug || srp_arg.amp == 0)
+ SSL_CTX_set_srp_verify_param_callback(ctx,
+ ssl_srp_verify_param_cb);
+ }
+# endif
#endif
con = SSL_new(ctx);
@@ -790,17 +1242,22 @@
}
}
#endif
-
#ifndef OPENSSL_NO_KRB5
- if (con && (con->kssl_ctx = kssl_ctx_new()) != NULL) {
- kssl_ctx_setstring(con->kssl_ctx, KSSL_SERVER, host);
+ if (con && (kctx = kssl_ctx_new()) != NULL) {
+ SSL_set0_kssl_ctx(con, kctx);
+ kssl_ctx_setstring(kctx, KSSL_SERVER, host);
}
#endif /* OPENSSL_NO_KRB5 */
/* SSL_set_cipher_list(con,"RC4-MD5"); */
+#if 0
+# ifdef TLSEXT_TYPE_opaque_prf_input
+ SSL_set_tlsext_opaque_prf_input(con, "Test client", 11);
+# endif
+#endif
re_start:
- if (init_client(&s, host, port, sock_type) == 0) {
+ if (init_client(&s, host, port, socket_type) == 0) {
BIO_printf(bio_err, "connect:errno=%d\n", get_last_socket_error());
SHUTDOWN(s);
goto end;
@@ -818,7 +1275,7 @@
}
#endif
if (c_Pause & 0x01)
- con->debug = 1;
+ SSL_set_debug(con, 1);
if (SSL_version(con) == DTLS1_VERSION) {
@@ -842,9 +1299,19 @@
BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_SEND_TIMEOUT, 0, &timeout);
}
- if (socket_mtu > 28) {
+ if (socket_mtu) {
+ if (socket_mtu < DTLS_get_link_min_mtu(con)) {
+ BIO_printf(bio_err, "MTU too small. Must be at least %ld\n",
+ DTLS_get_link_min_mtu(con));
+ BIO_free(sbio);
+ goto shut;
+ }
SSL_set_options(con, SSL_OP_NO_QUERY_MTU);
- SSL_set_mtu(con, socket_mtu - 28);
+ if (!DTLS_set_link_mtu(con, socket_mtu)) {
+ BIO_printf(bio_err, "Failed to set MTU\n");
+ BIO_free(sbio);
+ goto shut;
+ }
} else
/* want to do MTU discovery */
BIO_ctrl(sbio, BIO_CTRL_DGRAM_MTU_DISCOVER, 0, NULL);
@@ -859,7 +1326,7 @@
}
if (c_debug) {
- con->debug = 1;
+ SSL_set_debug(con, 1);
BIO_set_callback(sbio, bio_dump_callback);
BIO_set_callback_arg(sbio, (char *)bio_c_out);
}
@@ -1029,6 +1496,16 @@
tty_on = 1;
if (in_init) {
in_init = 0;
+#if 0 /* This test doesn't really work as intended
+ * (needs to be fixed) */
+# ifndef OPENSSL_NO_TLSEXT
+ if (servername != NULL && !SSL_session_reused(con)) {
+ BIO_printf(bio_c_out,
+ "Server did %sacknowledge servername extension.\n",
+ tlsextcbp.ack ? "" : "not ");
+ }
+# endif
+#endif
if (sess_out) {
BIO *stmp = BIO_new_file(sess_out, "w");
if (stmp) {
@@ -1063,23 +1540,23 @@
ssl_pending = read_ssl && SSL_pending(con);
if (!ssl_pending) {
-#if !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_NETWARE)
+#if !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_NETWARE) && !defined (OPENSSL_SYS_BEOS_R5)
if (tty_on) {
if (read_tty)
- FD_SET(fileno(stdin), &readfds);
+ openssl_fdset(fileno(stdin), &readfds);
if (write_tty)
- FD_SET(fileno(stdout), &writefds);
+ openssl_fdset(fileno(stdout), &writefds);
}
if (read_ssl)
- FD_SET(SSL_get_fd(con), &readfds);
+ openssl_fdset(SSL_get_fd(con), &readfds);
if (write_ssl)
- FD_SET(SSL_get_fd(con), &writefds);
+ openssl_fdset(SSL_get_fd(con), &writefds);
#else
if (!tty_on || !write_tty) {
if (read_ssl)
- FD_SET(SSL_get_fd(con), &readfds);
+ openssl_fdset(SSL_get_fd(con), &readfds);
if (write_ssl)
- FD_SET(SSL_get_fd(con), &writefds);
+ openssl_fdset(SSL_get_fd(con), &writefds);
}
#endif
/*- printf("mode tty(%d %d%d) ssl(%d%d)\n",
@@ -1134,6 +1611,26 @@
i = select(width, (void *)&readfds, (void *)&writefds,
NULL, timeoutp);
}
+#elif defined(OPENSSL_SYS_BEOS_R5)
+ /* Under BeOS-R5 the situation is similar to DOS */
+ i = 0;
+ stdin_set = 0;
+ (void)fcntl(fileno(stdin), F_SETFL, O_NONBLOCK);
+ if (!write_tty) {
+ if (read_tty) {
+ tv.tv_sec = 1;
+ tv.tv_usec = 0;
+ i = select(width, (void *)&readfds, (void *)&writefds,
+ NULL, &tv);
+ if (read(fileno(stdin), sbuf, 0) >= 0)
+ stdin_set = 1;
+ if (!i && (stdin_set != 1 || !read_tty))
+ continue;
+ } else
+ i = select(width, (void *)&readfds, (void *)&writefds,
+ NULL, timeoutp);
+ }
+ (void)fcntl(fileno(stdin), F_SETFL, 0);
#else
i = select(width, (void *)&readfds, (void *)&writefds,
NULL, timeoutp);
@@ -1186,6 +1683,7 @@
case SSL_ERROR_ZERO_RETURN:
if (cbuf_len != 0) {
BIO_printf(bio_c_out, "shutdown\n");
+ ret = 0;
goto shut;
} else {
read_tty = 1;
@@ -1208,8 +1706,8 @@
goto shut;
}
}
-#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE)
- /* Assume Windows/DOS can always write */
+#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_BEOS_R5)
+ /* Assume Windows/DOS/BeOS can always write */
else if (!ssl_pending && write_tty)
#else
else if (!ssl_pending && FD_ISSET(fileno(stdout), &writefds))
@@ -1218,10 +1716,11 @@
#ifdef CHARSET_EBCDIC
ascii2ebcdic(&(sbuf[sbuf_off]), &(sbuf[sbuf_off]), sbuf_len);
#endif
- i = write(fileno(stdout), &(sbuf[sbuf_off]), sbuf_len);
+ i = raw_write_stdout(&(sbuf[sbuf_off]), sbuf_len);
if (i <= 0) {
BIO_printf(bio_c_out, "DONE\n");
+ ret = 0;
goto shut;
/* goto end; */
}
@@ -1280,11 +1779,12 @@
BIO_printf(bio_c_out, "read X BLOCK\n");
break;
case SSL_ERROR_SYSCALL:
- BIO_printf(bio_err, "read:errno=%d\n",
- get_last_socket_error());
+ ret = get_last_socket_error();
+ BIO_printf(bio_err, "read:errno=%d\n", ret);
goto shut;
case SSL_ERROR_ZERO_RETURN:
BIO_printf(bio_c_out, "closed\n");
+ ret = 0;
goto shut;
case SSL_ERROR_SSL:
ERR_print_errors(bio_err);
@@ -1302,6 +1802,8 @@
# endif
#elif defined (OPENSSL_SYS_NETWARE)
else if (_kbhit())
+#elif defined(OPENSSL_SYS_BEOS_R5)
+ else if (stdin_set)
#else
else if (FD_ISSET(fileno(stdin), &readfds))
#endif
@@ -1309,7 +1811,7 @@
if (crlf) {
int j, lf_num;
- i = read(fileno(stdin), cbuf, BUFSIZZ / 2);
+ i = raw_read_stdin(cbuf, BUFSIZZ / 2);
lf_num = 0;
/* both loops are skipped when i <= 0 */
for (j = 0; j < i; j++)
@@ -1325,10 +1827,11 @@
}
assert(lf_num == 0);
} else
- i = read(fileno(stdin), cbuf, BUFSIZZ);
+ i = raw_read_stdin(cbuf, BUFSIZZ);
if ((!c_ign_eof) && ((i <= 0) || (cbuf[0] == 'Q'))) {
BIO_printf(bio_err, "DONE\n");
+ ret = 0;
goto shut;
}
@@ -1336,7 +1839,15 @@
BIO_printf(bio_err, "RENEGOTIATING\n");
SSL_renegotiate(con);
cbuf_len = 0;
- } else {
+ }
+#ifndef OPENSSL_NO_HEARTBEATS
+ else if ((!c_ign_eof) && (cbuf[0] == 'B')) {
+ BIO_printf(bio_err, "HEARTBEATING\n");
+ SSL_heartbeat(con);
+ cbuf_len = 0;
+ }
+#endif
+ else {
cbuf_len = i;
cbuf_off = 0;
#ifdef CHARSET_EBCDIC
@@ -1348,17 +1859,23 @@
read_tty = 0;
}
}
+
+ ret = 0;
shut:
+ if (in_init)
+ print_stuff(bio_c_out, con, full_log);
SSL_shutdown(con);
SHUTDOWN(SSL_get_fd(con));
- ret = 0;
end:
- if (prexit)
- print_stuff(bio_c_out, con, 1);
- if (con != NULL)
+ if (con != NULL) {
+ if (prexit != 0)
+ print_stuff(bio_c_out, con, 1);
SSL_free(con);
- if (con2 != NULL)
- SSL_free(con2);
+ }
+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
+ if (next_proto.data)
+ OPENSSL_free(next_proto.data);
+#endif
if (ctx != NULL)
SSL_CTX_free(ctx);
if (cert)
@@ -1367,6 +1884,8 @@
EVP_PKEY_free(key);
if (pass)
OPENSSL_free(pass);
+ if (vpm)
+ X509_VERIFY_PARAM_free(vpm);
if (cbuf != NULL) {
OPENSSL_cleanse(cbuf, BUFSIZZ);
OPENSSL_free(cbuf);
@@ -1395,12 +1914,13 @@
char buf[BUFSIZ];
STACK_OF(X509) *sk;
STACK_OF(X509_NAME) *sk2;
- SSL_CIPHER *c;
+ const SSL_CIPHER *c;
X509_NAME *xn;
int j, i;
#ifndef OPENSSL_NO_COMP
const COMP_METHOD *comp, *expansion;
#endif
+ unsigned char *exportedkeymat;
if (full) {
int got_a_chain = 0;
@@ -1480,7 +2000,7 @@
BIO_number_read(SSL_get_rbio(s)),
BIO_number_written(SSL_get_wbio(s)));
}
- BIO_printf(bio, ((s->hit) ? "---\nReused, " : "---\nNew, "));
+ BIO_printf(bio, (SSL_cache_hit(s) ? "---\nReused, " : "---\nNew, "));
c = SSL_get_current_cipher(s);
BIO_printf(bio, "%s, Cipher is %s\n",
SSL_CIPHER_get_version(c), SSL_CIPHER_get_name(c));
@@ -1501,7 +2021,63 @@
BIO_printf(bio, "Expansion: %s\n",
expansion ? SSL_COMP_get_name(expansion) : "NONE");
#endif
+
+#ifdef SSL_DEBUG
+ {
+ /* Print out local port of connection: useful for debugging */
+ int sock;
+ struct sockaddr_in ladd;
+ socklen_t ladd_size = sizeof(ladd);
+ sock = SSL_get_fd(s);
+ getsockname(sock, (struct sockaddr *)&ladd, &ladd_size);
+ BIO_printf(bio_c_out, "LOCAL PORT is %u\n", ntohs(ladd.sin_port));
+ }
+#endif
+
+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
+ if (next_proto.status != -1) {
+ const unsigned char *proto;
+ unsigned int proto_len;
+ SSL_get0_next_proto_negotiated(s, &proto, &proto_len);
+ BIO_printf(bio, "Next protocol: (%d) ", next_proto.status);
+ BIO_write(bio, proto, proto_len);
+ BIO_write(bio, "\n", 1);
+ }
+#endif
+
+#ifndef OPENSSL_NO_SRTP
+ {
+ SRTP_PROTECTION_PROFILE *srtp_profile =
+ SSL_get_selected_srtp_profile(s);
+
+ if (srtp_profile)
+ BIO_printf(bio, "SRTP Extension negotiated, profile=%s\n",
+ srtp_profile->name);
+ }
+#endif
+
SSL_SESSION_print(bio, SSL_get_session(s));
+ if (keymatexportlabel != NULL) {
+ BIO_printf(bio, "Keying material exporter:\n");
+ BIO_printf(bio, " Label: '%s'\n", keymatexportlabel);
+ BIO_printf(bio, " Length: %i bytes\n", keymatexportlen);
+ exportedkeymat = OPENSSL_malloc(keymatexportlen);
+ if (exportedkeymat != NULL) {
+ if (!SSL_export_keying_material(s, exportedkeymat,
+ keymatexportlen,
+ keymatexportlabel,
+ strlen(keymatexportlabel),
+ NULL, 0, 0)) {
+ BIO_printf(bio, " Error\n");
+ } else {
+ BIO_printf(bio, " Keying material: ");
+ for (i = 0; i < keymatexportlen; i++)
+ BIO_printf(bio, "%02X", exportedkeymat[i]);
+ BIO_printf(bio, "\n");
+ }
+ OPENSSL_free(exportedkeymat);
+ }
+ }
BIO_printf(bio, "---\n");
if (peer != NULL)
X509_free(peer);
@@ -1534,4 +2110,5 @@
OCSP_RESPONSE_free(rsp);
return 1;
}
-#endif /* ndef OPENSSL_NO_TLSEXT */
+
+#endif
Modified: trunk/crypto/openssl/apps/s_server.c
===================================================================
--- trunk/crypto/openssl/apps/s_server.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/apps/s_server.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -56,7 +56,7 @@
* [including the GNU Public Licence.]
*/
/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -113,6 +113,32 @@
* ECC cipher suite support in OpenSSL originally developed by
* SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
*/
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
/*
* Until the key-gen callbacks are modified to use newer prototypes, we allow
@@ -123,11 +149,11 @@
#endif
#include <assert.h>
+#include <ctype.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
-#include <sys/stat.h>
#include <openssl/e_os2.h>
#ifdef OPENSSL_NO_STDIO
# define APPS_WIN16
@@ -165,25 +191,21 @@
#ifndef OPENSSL_NO_RSA
# include <openssl/rsa.h>
#endif
+#ifndef OPENSSL_NO_SRP
+# include <openssl/srp.h>
+#endif
#include "s_apps.h"
#include "timeouts.h"
-#ifdef OPENSSL_SYS_WINCE
-/*
- * Windows CE incorrectly defines fileno as returning void*, so to avoid
- * problems below...
- */
-# ifdef fileno
-# undef fileno
-# endif
-# define fileno(a) (int)_fileno(a)
-#endif
-
#if (defined(OPENSSL_SYS_VMS) && __VMS_VER < 70000000)
/* FIONBIO used as a switch to enable ioctl, and that isn't in VMS < 7.0 */
# undef FIONBIO
#endif
+#if defined(OPENSSL_SYS_BEOS_R5)
+# include <fcntl.h>
+#endif
+
#ifndef OPENSSL_NO_RSA
static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength);
#endif
@@ -197,7 +219,7 @@
unsigned int *id_len);
#ifndef OPENSSL_NO_DH
static DH *load_dh_param(const char *dhfile);
-static DH *get_dh512(void);
+static DH *get_dh2048(void);
#endif
#ifdef MONOLITH
@@ -204,39 +226,49 @@
static void s_server_init(void);
#endif
-#ifndef S_ISDIR
-# if defined(_S_IFMT) && defined(_S_IFDIR)
-# define S_ISDIR(a) (((a) & _S_IFMT) == _S_IFDIR)
-# else
-# define S_ISDIR(a) (((a) & S_IFMT) == S_IFDIR)
-# endif
-#endif
-
#ifndef OPENSSL_NO_DH
-static unsigned char dh512_p[] = {
- 0xDA, 0x58, 0x3C, 0x16, 0xD9, 0x85, 0x22, 0x89, 0xD0, 0xE4, 0xAF, 0x75,
- 0x6F, 0x4C, 0xCA, 0x92, 0xDD, 0x4B, 0xE5, 0x33, 0xB8, 0x04, 0xFB, 0x0F,
- 0xED, 0x94, 0xEF, 0x9C, 0x8A, 0x44, 0x03, 0xED, 0x57, 0x46, 0x50, 0xD3,
- 0x69, 0x99, 0xDB, 0x29, 0xD7, 0x76, 0x27, 0x6B, 0xA2, 0xD3, 0xD4, 0x12,
- 0xE2, 0x18, 0xF4, 0xDD, 0x1E, 0x08, 0x4C, 0xF6, 0xD8, 0x00, 0x3E, 0x7C,
- 0x47, 0x74, 0xE8, 0x33,
+static unsigned char dh2048_p[] = {
+ 0xF6,0x42,0x57,0xB7,0x08,0x7F,0x08,0x17,0x72,0xA2,0xBA,0xD6,
+ 0xA9,0x42,0xF3,0x05,0xE8,0xF9,0x53,0x11,0x39,0x4F,0xB6,0xF1,
+ 0x6E,0xB9,0x4B,0x38,0x20,0xDA,0x01,0xA7,0x56,0xA3,0x14,0xE9,
+ 0x8F,0x40,0x55,0xF3,0xD0,0x07,0xC6,0xCB,0x43,0xA9,0x94,0xAD,
+ 0xF7,0x4C,0x64,0x86,0x49,0xF8,0x0C,0x83,0xBD,0x65,0xE9,0x17,
+ 0xD4,0xA1,0xD3,0x50,0xF8,0xF5,0x59,0x5F,0xDC,0x76,0x52,0x4F,
+ 0x3D,0x3D,0x8D,0xDB,0xCE,0x99,0xE1,0x57,0x92,0x59,0xCD,0xFD,
+ 0xB8,0xAE,0x74,0x4F,0xC5,0xFC,0x76,0xBC,0x83,0xC5,0x47,0x30,
+ 0x61,0xCE,0x7C,0xC9,0x66,0xFF,0x15,0xF9,0xBB,0xFD,0x91,0x5E,
+ 0xC7,0x01,0xAA,0xD3,0x5B,0x9E,0x8D,0xA0,0xA5,0x72,0x3A,0xD4,
+ 0x1A,0xF0,0xBF,0x46,0x00,0x58,0x2B,0xE5,0xF4,0x88,0xFD,0x58,
+ 0x4E,0x49,0xDB,0xCD,0x20,0xB4,0x9D,0xE4,0x91,0x07,0x36,0x6B,
+ 0x33,0x6C,0x38,0x0D,0x45,0x1D,0x0F,0x7C,0x88,0xB3,0x1C,0x7C,
+ 0x5B,0x2D,0x8E,0xF6,0xF3,0xC9,0x23,0xC0,0x43,0xF0,0xA5,0x5B,
+ 0x18,0x8D,0x8E,0xBB,0x55,0x8C,0xB8,0x5D,0x38,0xD3,0x34,0xFD,
+ 0x7C,0x17,0x57,0x43,0xA3,0x1D,0x18,0x6C,0xDE,0x33,0x21,0x2C,
+ 0xB5,0x2A,0xFF,0x3C,0xE1,0xB1,0x29,0x40,0x18,0x11,0x8D,0x7C,
+ 0x84,0xA7,0x0A,0x72,0xD6,0x86,0xC4,0x03,0x19,0xC8,0x07,0x29,
+ 0x7A,0xCA,0x95,0x0C,0xD9,0x96,0x9F,0xAB,0xD0,0x0A,0x50,0x9B,
+ 0x02,0x46,0xD3,0x08,0x3D,0x66,0xA4,0x5D,0x41,0x9F,0x9C,0x7C,
+ 0xBD,0x89,0x4B,0x22,0x19,0x26,0xBA,0xAB,0xA2,0x5E,0xC3,0x55,
+ 0xE9,0x32,0x0B,0x3B,
};
-static unsigned char dh512_g[] = {
+static unsigned char dh2048_g[] = {
0x02,
};
-static DH *get_dh512(void)
+DH *get_dh2048()
{
- DH *dh = NULL;
+ DH *dh;
if ((dh = DH_new()) == NULL)
- return (NULL);
- dh->p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL);
- dh->g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL);
- if ((dh->p == NULL) || (dh->g == NULL))
- return (NULL);
- return (dh);
+ return NULL;
+ dh->p=BN_bin2bn(dh2048_p, sizeof(dh2048_p), NULL);
+ dh->g=BN_bin2bn(dh2048_g, sizeof(dh2048_g), NULL);
+ if (dh->p == NULL || dh->g == NULL) {
+ DH_free(dh);
+ return NULL;
+ }
+ return dh;
}
#endif
@@ -254,7 +286,7 @@
#undef PROG
#define PROG s_server_main
-extern int verify_depth;
+extern int verify_depth, verify_return_error;
static char *cipher = NULL;
static int s_server_verify = SSL_VERIFY_NONE;
@@ -285,6 +317,9 @@
static int s_msg = 0;
static int s_quiet = 0;
+static char *keymatexportlabel = NULL;
+static int keymatexportlen = 20;
+
static int hack = 0;
#ifndef OPENSSL_NO_ENGINE
static char *engine_id = NULL;
@@ -297,6 +332,117 @@
static int cert_chain = 0;
#endif
+#ifndef OPENSSL_NO_PSK
+static char *psk_identity = "Client_identity";
+char *psk_key = NULL; /* by default PSK is not used */
+
+static unsigned int psk_server_cb(SSL *ssl, const char *identity,
+ unsigned char *psk,
+ unsigned int max_psk_len)
+{
+ unsigned int psk_len = 0;
+ int ret;
+ BIGNUM *bn = NULL;
+
+ if (s_debug)
+ BIO_printf(bio_s_out, "psk_server_cb\n");
+ if (!identity) {
+ BIO_printf(bio_err, "Error: client did not send PSK identity\n");
+ goto out_err;
+ }
+ if (s_debug)
+ BIO_printf(bio_s_out, "identity_len=%d identity=%s\n",
+ (int)strlen(identity), identity);
+
+ /* here we could lookup the given identity e.g. from a database */
+ if (strcmp(identity, psk_identity) != 0) {
+ BIO_printf(bio_s_out, "PSK error: client identity not found"
+ " (got '%s' expected '%s')\n", identity, psk_identity);
+ goto out_err;
+ }
+ if (s_debug)
+ BIO_printf(bio_s_out, "PSK client identity found\n");
+
+ /* convert the PSK key to binary */
+ ret = BN_hex2bn(&bn, psk_key);
+ if (!ret) {
+ BIO_printf(bio_err, "Could not convert PSK key '%s' to BIGNUM\n",
+ psk_key);
+ if (bn)
+ BN_free(bn);
+ return 0;
+ }
+ if (BN_num_bytes(bn) > (int)max_psk_len) {
+ BIO_printf(bio_err,
+ "psk buffer of callback is too small (%d) for key (%d)\n",
+ max_psk_len, BN_num_bytes(bn));
+ BN_free(bn);
+ return 0;
+ }
+
+ ret = BN_bn2bin(bn, psk);
+ BN_free(bn);
+
+ if (ret < 0)
+ goto out_err;
+ psk_len = (unsigned int)ret;
+
+ if (s_debug)
+ BIO_printf(bio_s_out, "fetched PSK len=%d\n", psk_len);
+ return psk_len;
+ out_err:
+ if (s_debug)
+ BIO_printf(bio_err, "Error in PSK server callback\n");
+ return 0;
+}
+#endif
+
+#ifndef OPENSSL_NO_SRP
+/* This is a context that we pass to callbacks */
+typedef struct srpsrvparm_st {
+ char *login;
+ SRP_VBASE *vb;
+ SRP_user_pwd *user;
+} srpsrvparm;
+
+/*
+ * This callback pretends to require some asynchronous logic in order to
+ * obtain a verifier. When the callback is called for a new connection we
+ * return with a negative value. This will provoke the accept etc to return
+ * with an LOOKUP_X509. The main logic of the reinvokes the suspended call
+ * (which would normally occur after a worker has finished) and we set the
+ * user parameters.
+ */
+static int MS_CALLBACK ssl_srp_server_param_cb(SSL *s, int *ad, void *arg)
+{
+ srpsrvparm *p = (srpsrvparm *) arg;
+ if (p->login == NULL && p->user == NULL) {
+ p->login = SSL_get_srp_username(s);
+ BIO_printf(bio_err, "SRP username = \"%s\"\n", p->login);
+ return (-1);
+ }
+
+ if (p->user == NULL) {
+ BIO_printf(bio_err, "User %s doesn't exist\n", p->login);
+ return SSL3_AL_FATAL;
+ }
+ if (SSL_set_srp_server_param
+ (s, p->user->N, p->user->g, p->user->s, p->user->v,
+ p->user->info) < 0) {
+ *ad = SSL_AD_INTERNAL_ERROR;
+ return SSL3_AL_FATAL;
+ }
+ BIO_printf(bio_err,
+ "SRP parameters set: username = \"%s\" info=\"%s\" \n",
+ p->login, p->user->info);
+ /* need to check whether there are memory leaks */
+ p->user = NULL;
+ p->login = NULL;
+ return SSL_ERROR_NONE;
+}
+
+#endif
+
#ifdef MONOLITH
static void s_server_init(void)
{
@@ -341,6 +487,8 @@
" -verify arg - turn on peer certificate verification\n");
BIO_printf(bio_err,
" -Verify arg - turn on peer certificate verification, must have a cert.\n");
+ BIO_printf(bio_err,
+ " -verify_return_error - return verification errors\n");
BIO_printf(bio_err, " -cert arg - certificate file to use\n");
BIO_printf(bio_err, " (default is %s)\n", TEST_CERT);
BIO_printf(bio_err,
@@ -378,7 +526,7 @@
BIO_printf(bio_err,
" -named_curve arg - Elliptic curve name to use for ephemeral ECDH keys.\n"
" Use \"openssl ecparam -list_curves\" for all names\n"
- " (default is sect163r2).\n");
+ " (default is nistp256).\n");
#endif
#ifdef FIONBIO
BIO_printf(bio_err, " -nbio - Run with non-blocking IO\n");
@@ -393,6 +541,8 @@
BIO_printf(bio_err, " -CApath arg - PEM format directory of CA's\n");
BIO_printf(bio_err, " -CAfile arg - PEM format file of CA's\n");
BIO_printf(bio_err,
+ " -no_alt_chains - only ever use the first certificate chain found\n");
+ BIO_printf(bio_err,
" -nocert - Don't use any certificates (Anon-DH)\n");
BIO_printf(bio_err,
" -cipher arg - play with 'openssl ciphers' to see what goes here\n");
@@ -399,8 +549,24 @@
BIO_printf(bio_err, " -serverpref - Use server's cipher preferences\n");
BIO_printf(bio_err, " -quiet - No server output\n");
BIO_printf(bio_err, " -no_tmp_rsa - Do not generate a tmp RSA key\n");
+#ifndef OPENSSL_NO_PSK
+ BIO_printf(bio_err, " -psk_hint arg - PSK identity hint to use\n");
+ BIO_printf(bio_err, " -psk arg - PSK in hex (without 0x)\n");
+# ifndef OPENSSL_NO_JPAKE
+ BIO_printf(bio_err, " -jpake arg - JPAKE secret to use\n");
+# endif
+#endif
+#ifndef OPENSSL_NO_SRP
+ BIO_printf(bio_err, " -srpvfile file - The verifier file for SRP\n");
+ BIO_printf(bio_err,
+ " -srpuserseed string - A seed string for a default user salt.\n");
+#endif
BIO_printf(bio_err, " -ssl2 - Just talk SSLv2\n");
+#ifndef OPENSSL_NO_SSL3_METHOD
BIO_printf(bio_err, " -ssl3 - Just talk SSLv3\n");
+#endif
+ BIO_printf(bio_err, " -tls1_2 - Just talk TLSv1.2\n");
+ BIO_printf(bio_err, " -tls1_1 - Just talk TLSv1.1\n");
BIO_printf(bio_err, " -tls1 - Just talk TLSv1\n");
BIO_printf(bio_err, " -dtls1 - Just talk DTLSv1\n");
BIO_printf(bio_err, " -timeout - Enable timeouts\n");
@@ -409,6 +575,8 @@
BIO_printf(bio_err, " -no_ssl2 - Just disable SSLv2\n");
BIO_printf(bio_err, " -no_ssl3 - Just disable SSLv3\n");
BIO_printf(bio_err, " -no_tls1 - Just disable TLSv1\n");
+ BIO_printf(bio_err, " -no_tls1_1 - Just disable TLSv1.1\n");
+ BIO_printf(bio_err, " -no_tls1_2 - Just disable TLSv1.2\n");
#ifndef OPENSSL_NO_DH
BIO_printf(bio_err, " -no_dhe - Disable ephemeral DH\n");
#endif
@@ -417,6 +585,8 @@
#endif
BIO_printf(bio_err, " -bugs - Turn on SSL bug compatibility\n");
BIO_printf(bio_err,
+ " -hack - workaround for early Netscape code\n");
+ BIO_printf(bio_err,
" -www - Respond to a 'GET /' with a status page\n");
BIO_printf(bio_err,
" -WWW - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n");
@@ -450,7 +620,26 @@
" -no_ticket - disable use of RFC4507bis session tickets\n");
BIO_printf(bio_err,
" -legacy_renegotiation - enable use of legacy renegotiation (dangerous)\n");
+# ifndef OPENSSL_NO_NEXTPROTONEG
+ BIO_printf(bio_err,
+ " -nextprotoneg arg - set the advertised protocols for the NPN extension (comma-separated list)\n");
+# endif
+# ifndef OPENSSL_NO_SRTP
+ BIO_printf(bio_err,
+ " -use_srtp profiles - Offer SRTP key management with a colon-separated profile list\n");
+# endif
#endif
+ BIO_printf(bio_err,
+ " -keymatexport label - Export keying material using label\n");
+ BIO_printf(bio_err,
+ " -keymatexportlen len - Export len bytes of keying material (default 20)\n");
+ BIO_printf(bio_err,
+ " -status - respond to certificate status requests\n");
+ BIO_printf(bio_err,
+ " -status_verbose - enable status request verbose printout\n");
+ BIO_printf(bio_err,
+ " -status_timeout n - status request responder timeout\n");
+ BIO_printf(bio_err, " -status_url URL - status request fallback URL\n");
}
static int local_argc = 0;
@@ -493,6 +682,8 @@
EBCDIC_OUTBUFF *wbuf;
wbuf = (EBCDIC_OUTBUFF *) OPENSSL_malloc(sizeof(EBCDIC_OUTBUFF) + 1024);
+ if (!wbuf)
+ return 0;
wbuf->alloced = 1024;
wbuf->buff[0] = '\0';
@@ -547,9 +738,11 @@
num = num + num; /* double the size */
if (num < inl)
num = inl;
- OPENSSL_free(wbuf);
wbuf =
(EBCDIC_OUTBUFF *) OPENSSL_malloc(sizeof(EBCDIC_OUTBUFF) + num);
+ if (!wbuf)
+ return 0;
+ OPENSSL_free(b->ptr);
wbuf->alloced = num;
wbuf->buff[0] = '\0';
@@ -633,7 +826,7 @@
if (strcasecmp(servername, p->servername))
return p->extension_error;
if (ctx2) {
- BIO_printf(p->biodebug, "Swiching server context.\n");
+ BIO_printf(p->biodebug, "Switching server context.\n");
SSL_set_SSL_CTX(s, ctx2);
}
}
@@ -670,7 +863,7 @@
int use_ssl;
unsigned char *rspder = NULL;
int rspderlen;
- STACK *aia = NULL;
+ STACK_OF(OPENSSL_STRING) *aia = NULL;
X509 *x = NULL;
X509_STORE_CTX inctx;
X509_OBJECT obj;
@@ -692,12 +885,14 @@
x = SSL_get_certificate(s);
aia = X509_get1_ocsp(x);
if (aia) {
- if (!OCSP_parse_url(sk_value(aia, 0), &host, &port, &path, &use_ssl)) {
+ if (!OCSP_parse_url(sk_OPENSSL_STRING_value(aia, 0),
+ &host, &port, &path, &use_ssl)) {
BIO_puts(err, "cert_status: can't parse AIA URL\n");
goto err;
}
if (srctx->verbose)
- BIO_printf(err, "cert_status: AIA URL: %s\n", sk_value(aia, 0));
+ BIO_printf(err, "cert_status: AIA URL: %s\n",
+ sk_OPENSSL_STRING_value(aia, 0));
} else {
if (!srctx->host) {
BIO_puts(srctx->err,
@@ -738,7 +933,7 @@
if (!OCSP_REQUEST_add_ext(req, ext, -1))
goto err;
}
- resp = process_responder(err, req, host, path, port, use_ssl,
+ resp = process_responder(err, req, host, path, port, use_ssl, NULL,
srctx->timeout);
if (!resp) {
BIO_puts(err, "cert_status: error querying responder\n");
@@ -773,17 +968,44 @@
ret = SSL_TLSEXT_ERR_ALERT_FATAL;
goto done;
}
+
+# ifndef OPENSSL_NO_NEXTPROTONEG
+/* This is the context that we pass to next_proto_cb */
+typedef struct tlsextnextprotoctx_st {
+ unsigned char *data;
+ unsigned int len;
+} tlsextnextprotoctx;
+
+static int next_proto_cb(SSL *s, const unsigned char **data,
+ unsigned int *len, void *arg)
+{
+ tlsextnextprotoctx *next_proto = arg;
+
+ *data = next_proto->data;
+ *len = next_proto->len;
+
+ return SSL_TLSEXT_ERR_OK;
+}
+# endif /* ndef OPENSSL_NO_NEXTPROTONEG */
+
#endif
+
int MAIN(int, char **);
#ifndef OPENSSL_NO_JPAKE
static char *jpake_secret = NULL;
#endif
+#ifndef OPENSSL_NO_SRP
+static srpsrvparm srp_callback_parm;
+#endif
+#ifndef OPENSSL_NO_SRTP
+static char *srtp_profiles = NULL;
+#endif
int MAIN(int argc, char *argv[])
{
- X509_STORE *store = NULL;
- int vflags = 0;
+ X509_VERIFY_PARAM *vpm = NULL;
+ int badarg = 0;
short port = PORT;
char *CApath = NULL, *CAfile = NULL;
unsigned char *context = NULL;
@@ -794,9 +1016,12 @@
int badop = 0, bugs = 0;
int ret = 1;
int off = 0;
- int no_tmp_rsa = 0, no_dhe = 0, no_ecdhe = 0, nocert = 0;
+ int no_tmp_rsa = 0, no_dhe = 0, nocert = 0;
+#ifndef OPENSSL_NO_ECDH
+ int no_ecdhe = 0;
+#endif
int state = 0;
- SSL_METHOD *meth = NULL;
+ const SSL_METHOD *meth = NULL;
int socket_type = SOCK_STREAM;
ENGINE *e = NULL;
char *inrand = NULL;
@@ -810,11 +1035,20 @@
#ifndef OPENSSL_NO_TLSEXT
EVP_PKEY *s_key2 = NULL;
X509 *s_cert2 = NULL;
-#endif
-#ifndef OPENSSL_NO_TLSEXT
tlsextctx tlsextcbp = { NULL, NULL, SSL_TLSEXT_ERR_ALERT_WARNING };
+# ifndef OPENSSL_NO_NEXTPROTONEG
+ const char *next_proto_neg_in = NULL;
+ tlsextnextprotoctx next_proto;
+# endif
#endif
-
+#ifndef OPENSSL_NO_PSK
+ /* by default do not send a PSK identity hint */
+ static char *psk_identity_hint = NULL;
+#endif
+#ifndef OPENSSL_NO_SRP
+ char *srpuserseed = NULL;
+ char *srp_verifier_file = NULL;
+#endif
meth = SSLv23_server_method();
local_argc = argc;
@@ -926,11 +1160,13 @@
CApath = *(++argv);
} else if (strcmp(*argv, "-no_cache") == 0)
no_cache = 1;
- else if (strcmp(*argv, "-crl_check") == 0) {
- vflags |= X509_V_FLAG_CRL_CHECK;
- } else if (strcmp(*argv, "-crl_check_all") == 0) {
- vflags |= X509_V_FLAG_CRL_CHECK | X509_V_FLAG_CRL_CHECK_ALL;
- } else if (strcmp(*argv, "-serverpref") == 0) {
+ else if (args_verify(&argv, &argc, &badarg, bio_err, &vpm)) {
+ if (badarg)
+ goto bad;
+ continue;
+ } else if (strcmp(*argv, "-verify_return_error") == 0)
+ verify_return_error = 1;
+ else if (strcmp(*argv, "-serverpref") == 0) {
off |= SSL_OP_CIPHER_SERVER_PREFERENCE;
} else if (strcmp(*argv, "-legacy_renegotiation") == 0)
off |= SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION;
@@ -998,9 +1234,45 @@
no_tmp_rsa = 1;
} else if (strcmp(*argv, "-no_dhe") == 0) {
no_dhe = 1;
- } else if (strcmp(*argv, "-no_ecdhe") == 0) {
+ }
+#ifndef OPENSSL_NO_ECDH
+ else if (strcmp(*argv, "-no_ecdhe") == 0) {
no_ecdhe = 1;
- } else if (strcmp(*argv, "-www") == 0) {
+ }
+#endif
+#ifndef OPENSSL_NO_PSK
+ else if (strcmp(*argv, "-psk_hint") == 0) {
+ if (--argc < 1)
+ goto bad;
+ psk_identity_hint = *(++argv);
+ } else if (strcmp(*argv, "-psk") == 0) {
+ size_t i;
+
+ if (--argc < 1)
+ goto bad;
+ psk_key = *(++argv);
+ for (i = 0; i < strlen(psk_key); i++) {
+ if (isxdigit((unsigned char)psk_key[i]))
+ continue;
+ BIO_printf(bio_err, "Not a hex number '%s'\n", *argv);
+ goto bad;
+ }
+ }
+#endif
+#ifndef OPENSSL_NO_SRP
+ else if (strcmp(*argv, "-srpvfile") == 0) {
+ if (--argc < 1)
+ goto bad;
+ srp_verifier_file = *(++argv);
+ meth = TLSv1_server_method();
+ } else if (strcmp(*argv, "-srpuserseed") == 0) {
+ if (--argc < 1)
+ goto bad;
+ srpuserseed = *(++argv);
+ meth = TLSv1_server_method();
+ }
+#endif
+ else if (strcmp(*argv, "-www") == 0) {
www = 1;
} else if (strcmp(*argv, "-WWW") == 0) {
www = 2;
@@ -1012,6 +1284,12 @@
off |= SSL_OP_NO_SSLv3;
} else if (strcmp(*argv, "-no_tls1") == 0) {
off |= SSL_OP_NO_TLSv1;
+ } else if (strcmp(*argv, "-no_tls1_1") == 0) {
+ off |= SSL_OP_NO_TLSv1_1;
+ } else if (strcmp(*argv, "-no_tls1_2") == 0) {
+ off |= SSL_OP_NO_TLSv1_2;
+ } else if (strcmp(*argv, "-no_comp") == 0) {
+ off |= SSL_OP_NO_COMPRESSION;
}
#ifndef OPENSSL_NO_TLSEXT
else if (strcmp(*argv, "-no_ticket") == 0) {
@@ -1023,7 +1301,7 @@
meth = SSLv2_server_method();
}
#endif
-#ifndef OPENSSL_NO_SSL3
+#ifndef OPENSSL_NO_SSL3_METHOD
else if (strcmp(*argv, "-ssl3") == 0) {
meth = SSLv3_server_method();
}
@@ -1031,6 +1309,10 @@
#ifndef OPENSSL_NO_TLS1
else if (strcmp(*argv, "-tls1") == 0) {
meth = TLSv1_server_method();
+ } else if (strcmp(*argv, "-tls1_1") == 0) {
+ meth = TLSv1_1_server_method();
+ } else if (strcmp(*argv, "-tls1_2") == 0) {
+ meth = TLSv1_2_server_method();
}
#endif
#ifndef OPENSSL_NO_DTLS1
@@ -1079,8 +1361,15 @@
goto bad;
s_key_file2 = *(++argv);
}
+# ifndef OPENSSL_NO_NEXTPROTONEG
+ else if (strcmp(*argv, "-nextprotoneg") == 0) {
+ if (--argc < 1)
+ goto bad;
+ next_proto_neg_in = *(++argv);
+ }
+# endif
#endif
-#ifndef OPENSSL_NO_JPAKE
+#if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK)
else if (strcmp(*argv, "-jpake") == 0) {
if (--argc < 1)
goto bad;
@@ -1087,7 +1376,24 @@
jpake_secret = *(++argv);
}
#endif
- else {
+#ifndef OPENSSL_NO_SRTP
+ else if (strcmp(*argv, "-use_srtp") == 0) {
+ if (--argc < 1)
+ goto bad;
+ srtp_profiles = *(++argv);
+ }
+#endif
+ else if (strcmp(*argv, "-keymatexport") == 0) {
+ if (--argc < 1)
+ goto bad;
+ keymatexportlabel = *(++argv);
+ } else if (strcmp(*argv, "-keymatexportlen") == 0) {
+ if (--argc < 1)
+ goto bad;
+ keymatexportlen = atoi(*(++argv));
+ if (keymatexportlen == 0)
+ goto bad;
+ } else {
BIO_printf(bio_err, "unknown option %s\n", *argv);
badop = 1;
break;
@@ -1107,6 +1413,21 @@
}
#endif
+#if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK)
+ if (jpake_secret) {
+ if (psk_key) {
+ BIO_printf(bio_err, "Can't use JPAKE and PSK together\n");
+ goto end;
+ }
+ psk_identity = "JPAKE";
+ if (cipher) {
+ BIO_printf(bio_err, "JPAKE sets cipher to PSK\n");
+ goto end;
+ }
+ cipher = "PSK";
+ }
+#endif
+
SSL_load_error_strings();
OpenSSL_add_ssl_algorithms();
@@ -1160,6 +1481,18 @@
}
#endif
}
+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
+ if (next_proto_neg_in) {
+ unsigned short len;
+ next_proto.data = next_protos_parse(&len, next_proto_neg_in);
+ if (next_proto.data == NULL)
+ goto end;
+ next_proto.len = len;
+ } else {
+ next_proto.data = NULL;
+ }
+#endif
+
if (s_dcert_file) {
if (s_dkey_file == NULL)
@@ -1238,12 +1571,6 @@
if (hack)
SSL_CTX_set_options(ctx, SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG);
SSL_CTX_set_options(ctx, off);
- /*
- * DTLS: partial reads end up discarding unread UDP bytes :-( Setting
- * read ahead solves this problem.
- */
- if (socket_type == SOCK_DGRAM)
- SSL_CTX_set_read_ahead(ctx, 1);
if (state)
SSL_CTX_set_info_callback(ctx, apps_ssl_info_callback);
@@ -1252,6 +1579,11 @@
else
SSL_CTX_sess_set_cache_size(ctx, 128);
+#ifndef OPENSSL_NO_SRTP
+ if (srtp_profiles != NULL)
+ SSL_CTX_set_tlsext_use_srtp(ctx, srtp_profiles);
+#endif
+
#if 0
if (cipher == NULL)
cipher = getenv("SSL_CIPHER");
@@ -1271,8 +1603,9 @@
ERR_print_errors(bio_err);
/* goto end; */
}
- store = SSL_CTX_get_cert_store(ctx);
- X509_STORE_set_flags(store, vflags);
+ if (vpm)
+ SSL_CTX_set1_param(ctx, vpm);
+
#ifndef OPENSSL_NO_TLSEXT
if (s_cert2) {
ctx2 = SSL_CTX_new(meth);
@@ -1306,13 +1639,6 @@
SSL_CTX_set_options(ctx2, SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG);
SSL_CTX_set_options(ctx2, off);
- /*
- * DTLS: partial reads end up discarding unread UDP bytes :-(
- * Setting read ahead solves this problem.
- */
- if (socket_type == SOCK_DGRAM)
- SSL_CTX_set_read_ahead(ctx2, 1);
-
if (state)
SSL_CTX_set_info_callback(ctx2, apps_ssl_info_callback);
@@ -1325,9 +1651,14 @@
(!SSL_CTX_set_default_verify_paths(ctx2))) {
ERR_print_errors(bio_err);
}
- store = SSL_CTX_get_cert_store(ctx2);
- X509_STORE_set_flags(store, vflags);
+ if (vpm)
+ SSL_CTX_set1_param(ctx2, vpm);
}
+# ifndef OPENSSL_NO_NEXTPROTONEG
+ if (next_proto.data)
+ SSL_CTX_set_next_protos_advertised_cb(ctx, next_proto_cb,
+ &next_proto);
+# endif
#endif
#ifndef OPENSSL_NO_DH
@@ -1343,7 +1674,11 @@
BIO_printf(bio_s_out, "Setting temp DH parameters\n");
} else {
BIO_printf(bio_s_out, "Using default temp DH parameters\n");
- dh = get_dh512();
+ dh = get_dh2048();
+ if (dh == NULL) {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
}
(void)BIO_flush(bio_s_out);
@@ -1390,9 +1725,9 @@
BIO_printf(bio_s_out, "Setting temp ECDH parameters\n");
} else {
BIO_printf(bio_s_out, "Using default temp ECDH parameters\n");
- ecdh = EC_KEY_new_by_curve_name(NID_sect163r2);
+ ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
if (ecdh == NULL) {
- BIO_printf(bio_err, "unable to create curve (sect163r2)\n");
+ BIO_printf(bio_err, "unable to create curve (nistp256)\n");
goto end;
}
}
@@ -1453,19 +1788,40 @@
# endif
#endif
- if (cipher != NULL)
+#ifndef OPENSSL_NO_PSK
+# ifdef OPENSSL_NO_JPAKE
+ if (psk_key != NULL)
+# else
+ if (psk_key != NULL || jpake_secret)
+# endif
+ {
+ if (s_debug)
+ BIO_printf(bio_s_out,
+ "PSK key given or JPAKE in use, setting server callback\n");
+ SSL_CTX_set_psk_server_callback(ctx, psk_server_cb);
+ }
+
+ if (!SSL_CTX_use_psk_identity_hint(ctx, psk_identity_hint)) {
+ BIO_printf(bio_err, "error setting PSK identity hint to context\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+#endif
+
+ if (cipher != NULL) {
if (!SSL_CTX_set_cipher_list(ctx, cipher)) {
BIO_printf(bio_err, "error setting cipher list\n");
ERR_print_errors(bio_err);
goto end;
+ }
#ifndef OPENSSL_NO_TLSEXT
- if (ctx2 && !SSL_CTX_set_cipher_list(ctx2, cipher)) {
- BIO_printf(bio_err, "error setting cipher list\n");
- ERR_print_errors(bio_err);
- goto end;
- }
+ if (ctx2 && !SSL_CTX_set_cipher_list(ctx2, cipher)) {
+ BIO_printf(bio_err, "error setting cipher list\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
#endif
- }
+ }
SSL_CTX_set_verify(ctx, s_server_verify, verify_callback);
SSL_CTX_set_session_id_context(ctx, (void *)&s_server_session_id_context,
sizeof s_server_session_id_context);
@@ -1488,6 +1844,25 @@
SSL_CTX_set_tlsext_servername_arg(ctx, &tlsextcbp);
}
#endif
+
+#ifndef OPENSSL_NO_SRP
+ if (srp_verifier_file != NULL) {
+ srp_callback_parm.vb = SRP_VBASE_new(srpuserseed);
+ srp_callback_parm.user = NULL;
+ srp_callback_parm.login = NULL;
+ if ((ret =
+ SRP_VBASE_init(srp_callback_parm.vb,
+ srp_verifier_file)) != SRP_NO_ERROR) {
+ BIO_printf(bio_err,
+ "Cannot initialize SRP verifier file \"%s\":ret=%d\n",
+ srp_verifier_file, ret);
+ goto end;
+ }
+ SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, verify_callback);
+ SSL_CTX_set_srp_cb_arg(ctx, &srp_callback_parm);
+ SSL_CTX_set_srp_username_callback(ctx, ssl_srp_server_param_cb);
+ } else
+#endif
if (CAfile != NULL) {
SSL_CTX_set_client_CA_list(ctx, SSL_load_client_CA_file(CAfile));
#ifndef OPENSSL_NO_TLSEXT
@@ -1495,7 +1870,9 @@
SSL_CTX_set_client_CA_list(ctx2, SSL_load_client_CA_file(CAfile));
#endif
}
+
BIO_printf(bio_s_out, "ACCEPT\n");
+ (void)BIO_flush(bio_s_out);
if (www)
do_server(port, socket_type, &accept_socket, www_body, context);
else
@@ -1517,6 +1894,8 @@
OPENSSL_free(pass);
if (dpass)
OPENSSL_free(dpass);
+ if (vpm)
+ X509_VERIFY_PARAM_free(vpm);
#ifndef OPENSSL_NO_TLSEXT
if (tlscstatp.host)
OPENSSL_free(tlscstatp.host);
@@ -1576,8 +1955,11 @@
unsigned long l;
SSL *con = NULL;
BIO *sbio;
+#ifndef OPENSSL_NO_KRB5
+ KSSL_CTX *kctx;
+#endif
struct timeval timeout;
-#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE)
+#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_BEOS_R5)
struct timeval tv;
#else
struct timeval *timeoutp;
@@ -1612,9 +1994,10 @@
}
#endif
#ifndef OPENSSL_NO_KRB5
- if ((con->kssl_ctx = kssl_ctx_new()) != NULL) {
- kssl_ctx_setstring(con->kssl_ctx, KSSL_SERVICE, KRB5SVC);
- kssl_ctx_setstring(con->kssl_ctx, KSSL_KEYTAB, KRB5KEYTAB);
+ if ((kctx = kssl_ctx_new()) != NULL) {
+ SSL_set0_kssl_ctx(con, kctx);
+ kssl_ctx_setstring(kctx, KSSL_SERVICE, KRB5SVC);
+ kssl_ctx_setstring(kctx, KSSL_KEYTAB, KRB5KEYTAB);
}
#endif /* OPENSSL_NO_KRB5 */
if (context)
@@ -1621,6 +2004,11 @@
SSL_set_session_id_context(con, context, strlen((char *)context));
}
SSL_clear(con);
+#if 0
+# ifdef TLSEXT_TYPE_opaque_prf_input
+ SSL_set_tlsext_opaque_prf_input(con, "Test server", 11);
+# endif
+#endif
if (SSL_version(con) == DTLS1_VERSION) {
@@ -1636,9 +2024,21 @@
BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_SEND_TIMEOUT, 0, &timeout);
}
- if (socket_mtu > 28) {
+ if (socket_mtu) {
+ if (socket_mtu < DTLS_get_link_min_mtu(con)) {
+ BIO_printf(bio_err, "MTU too small. Must be at least %ld\n",
+ DTLS_get_link_min_mtu(con));
+ ret = -1;
+ BIO_free(sbio);
+ goto err;
+ }
SSL_set_options(con, SSL_OP_NO_QUERY_MTU);
- SSL_set_mtu(con, socket_mtu - 28);
+ if (!DTLS_set_link_mtu(con, socket_mtu)) {
+ BIO_printf(bio_err, "Failed to set MTU\n");
+ ret = -1;
+ BIO_free(sbio);
+ goto err;
+ }
} else
/* want to do MTU discovery */
BIO_ctrl(sbio, BIO_CTRL_DGRAM_MTU_DISCOVER, 0, NULL);
@@ -1664,7 +2064,7 @@
/* SSL_set_fd(con,s); */
if (s_debug) {
- con->debug = 1;
+ SSL_set_debug(con, 1);
BIO_set_callback(SSL_get_rbio(con), bio_dump_callback);
BIO_set_callback_arg(SSL_get_rbio(con), (char *)bio_s_out);
}
@@ -1689,10 +2089,10 @@
if (!read_from_sslcon) {
FD_ZERO(&readfds);
-#if !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_NETWARE)
- FD_SET(fileno(stdin), &readfds);
+#if !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_NETWARE) && !defined(OPENSSL_SYS_BEOS_R5)
+ openssl_fdset(fileno(stdin), &readfds);
#endif
- FD_SET(s, &readfds);
+ openssl_fdset(s, &readfds);
/*
* Note: under VMS with SOCKETSHR the second parameter is
* currently of type (int *) whereas under other systems it is
@@ -1714,6 +2114,17 @@
continue;
if (_kbhit())
read_from_terminal = 1;
+#elif defined(OPENSSL_SYS_BEOS_R5)
+ /* Under BeOS-R5 the situation is similar to DOS */
+ tv.tv_sec = 1;
+ tv.tv_usec = 0;
+ (void)fcntl(fileno(stdin), F_SETFL, O_NONBLOCK);
+ i = select(width, (void *)&readfds, NULL, NULL, &tv);
+ if ((i < 0) || (!i && read(fileno(stdin), buf, 0) < 0))
+ continue;
+ if (read(fileno(stdin), buf, 0) >= 0)
+ read_from_terminal = 1;
+ (void)fcntl(fileno(stdin), F_SETFL, 0);
#else
if ((SSL_version(con) == DTLS1_VERSION) &&
DTLSv1_get_timeout(con, &timeout))
@@ -1740,7 +2151,7 @@
if (s_crlf) {
int j, lf_num;
- i = read(fileno(stdin), buf, bufsize / 2);
+ i = raw_read_stdin(buf, bufsize / 2);
lf_num = 0;
/* both loops are skipped when i <= 0 */
for (j = 0; j < i; j++)
@@ -1756,7 +2167,7 @@
}
assert(lf_num == 0);
} else
- i = read(fileno(stdin), buf, bufsize);
+ i = raw_read_stdin(buf, bufsize);
if (!s_quiet) {
if ((i <= 0) || (buf[0] == 'Q')) {
BIO_printf(bio_s_out, "DONE\n");
@@ -1774,6 +2185,14 @@
*/
goto err;
}
+#ifndef OPENSSL_NO_HEARTBEATS
+ if ((buf[0] == 'B') && ((buf[1] == '\n') || (buf[1] == '\r'))) {
+ BIO_printf(bio_err, "HEARTBEATING\n");
+ SSL_heartbeat(con);
+ i = 0;
+ continue;
+ }
+#endif
if ((buf[0] == 'r') && ((buf[1] == '\n') || (buf[1] == '\r'))) {
SSL_renegotiate(con);
i = SSL_do_handshake(con);
@@ -1822,6 +2241,20 @@
}
#endif
k = SSL_write(con, &(buf[l]), (unsigned int)i);
+#ifndef OPENSSL_NO_SRP
+ while (SSL_get_error(con, k) == SSL_ERROR_WANT_X509_LOOKUP) {
+ BIO_printf(bio_s_out, "LOOKUP renego during write\n");
+ srp_callback_parm.user =
+ SRP_VBASE_get_by_user(srp_callback_parm.vb,
+ srp_callback_parm.login);
+ if (srp_callback_parm.user)
+ BIO_printf(bio_s_out, "LOOKUP done %s\n",
+ srp_callback_parm.user->info);
+ else
+ BIO_printf(bio_s_out, "LOOKUP not successful\n");
+ k = SSL_write(con, &(buf[l]), (unsigned int)i);
+ }
+#endif
switch (SSL_get_error(con, k)) {
case SSL_ERROR_NONE:
break;
@@ -1842,8 +2275,10 @@
ret = 1;
goto err;
}
- l += k;
- i -= k;
+ if (k > 0) {
+ l += k;
+ i -= k;
+ }
if (i <= 0)
break;
}
@@ -1862,20 +2297,31 @@
} else {
again:
i = SSL_read(con, (char *)buf, bufsize);
+#ifndef OPENSSL_NO_SRP
+ while (SSL_get_error(con, i) == SSL_ERROR_WANT_X509_LOOKUP) {
+ BIO_printf(bio_s_out, "LOOKUP renego during read\n");
+ srp_callback_parm.user =
+ SRP_VBASE_get_by_user(srp_callback_parm.vb,
+ srp_callback_parm.login);
+ if (srp_callback_parm.user)
+ BIO_printf(bio_s_out, "LOOKUP done %s\n",
+ srp_callback_parm.user->info);
+ else
+ BIO_printf(bio_s_out, "LOOKUP not successful\n");
+ i = SSL_read(con, (char *)buf, bufsize);
+ }
+#endif
switch (SSL_get_error(con, i)) {
case SSL_ERROR_NONE:
#ifdef CHARSET_EBCDIC
ascii2ebcdic(buf, buf, i);
#endif
- if (write(fileno(stdout), buf, (unsigned int)i) != i)
- goto err;
-
+ raw_write_stdout(buf, (unsigned int)i);
if (SSL_pending(con))
goto again;
break;
case SSL_ERROR_WANT_WRITE:
case SSL_ERROR_WANT_READ:
- case SSL_ERROR_WANT_X509_LOOKUP:
BIO_printf(bio_s_out, "Read BLOCK\n");
break;
case SSL_ERROR_SYSCALL:
@@ -1893,14 +2339,15 @@
}
}
err:
- BIO_printf(bio_s_out, "shutting down SSL\n");
+ if (con != NULL) {
+ BIO_printf(bio_s_out, "shutting down SSL\n");
#if 1
- SSL_set_shutdown(con, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
+ SSL_set_shutdown(con, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
#else
- SSL_shutdown(con);
+ SSL_shutdown(con);
#endif
- if (con != NULL)
SSL_free(con);
+ }
BIO_printf(bio_s_out, "CONNECTION CLOSED\n");
if (buf != NULL) {
OPENSSL_cleanse(buf, bufsize);
@@ -1926,8 +2373,32 @@
X509 *peer;
long verify_error;
MS_STATIC char buf[BUFSIZ];
+#ifndef OPENSSL_NO_KRB5
+ char *client_princ;
+#endif
+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
+ const unsigned char *next_proto_neg;
+ unsigned next_proto_neg_len;
+#endif
+ unsigned char *exportedkeymat;
- if ((i = SSL_accept(con)) <= 0) {
+ i = SSL_accept(con);
+#ifndef OPENSSL_NO_SRP
+ while (i <= 0 && SSL_get_error(con, i) == SSL_ERROR_WANT_X509_LOOKUP) {
+ BIO_printf(bio_s_out, "LOOKUP during accept %s\n",
+ srp_callback_parm.login);
+ srp_callback_parm.user =
+ SRP_VBASE_get_by_user(srp_callback_parm.vb,
+ srp_callback_parm.login);
+ if (srp_callback_parm.user)
+ BIO_printf(bio_s_out, "LOOKUP done %s\n",
+ srp_callback_parm.user->info);
+ else
+ BIO_printf(bio_s_out, "LOOKUP not successful\n");
+ i = SSL_accept(con);
+ }
+#endif
+ if (i <= 0) {
if (BIO_sock_should_retry(i)) {
BIO_printf(bio_s_out, "DELAY\n");
return (1);
@@ -1960,19 +2431,61 @@
BIO_printf(bio_s_out, "Shared ciphers:%s\n", buf);
str = SSL_CIPHER_get_name(SSL_get_current_cipher(con));
BIO_printf(bio_s_out, "CIPHER is %s\n", (str != NULL) ? str : "(NONE)");
- if (con->hit)
+
+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
+ SSL_get0_next_proto_negotiated(con, &next_proto_neg, &next_proto_neg_len);
+ if (next_proto_neg) {
+ BIO_printf(bio_s_out, "NEXTPROTO is ");
+ BIO_write(bio_s_out, next_proto_neg, next_proto_neg_len);
+ BIO_printf(bio_s_out, "\n");
+ }
+#endif
+#ifndef OPENSSL_NO_SRTP
+ {
+ SRTP_PROTECTION_PROFILE *srtp_profile
+ = SSL_get_selected_srtp_profile(con);
+
+ if (srtp_profile)
+ BIO_printf(bio_s_out, "SRTP Extension negotiated, profile=%s\n",
+ srtp_profile->name);
+ }
+#endif
+ if (SSL_cache_hit(con))
BIO_printf(bio_s_out, "Reused session-id\n");
if (SSL_ctrl(con, SSL_CTRL_GET_FLAGS, 0, NULL) &
TLS1_FLAGS_TLS_PADDING_BUG)
BIO_printf(bio_s_out, "Peer has incorrect TLSv1 block padding\n");
#ifndef OPENSSL_NO_KRB5
- if (con->kssl_ctx->client_princ != NULL) {
+ client_princ = kssl_ctx_get0_client_princ(SSL_get0_kssl_ctx(con));
+ if (client_princ != NULL) {
BIO_printf(bio_s_out, "Kerberos peer principal is %s\n",
- con->kssl_ctx->client_princ);
+ client_princ);
}
#endif /* OPENSSL_NO_KRB5 */
BIO_printf(bio_s_out, "Secure Renegotiation IS%s supported\n",
SSL_get_secure_renegotiation_support(con) ? "" : " NOT");
+ if (keymatexportlabel != NULL) {
+ BIO_printf(bio_s_out, "Keying material exporter:\n");
+ BIO_printf(bio_s_out, " Label: '%s'\n", keymatexportlabel);
+ BIO_printf(bio_s_out, " Length: %i bytes\n", keymatexportlen);
+ exportedkeymat = OPENSSL_malloc(keymatexportlen);
+ if (exportedkeymat != NULL) {
+ if (!SSL_export_keying_material(con, exportedkeymat,
+ keymatexportlen,
+ keymatexportlabel,
+ strlen(keymatexportlabel),
+ NULL, 0, 0)) {
+ BIO_printf(bio_s_out, " Error\n");
+ } else {
+ BIO_printf(bio_s_out, " Keying material: ");
+ for (i = 0; i < keymatexportlen; i++)
+ BIO_printf(bio_s_out, "%02X", exportedkeymat[i]);
+ BIO_printf(bio_s_out, "\n");
+ }
+ OPENSSL_free(exportedkeymat);
+ }
+ }
+
return (1);
}
@@ -1991,6 +2504,9 @@
return (ret);
}
#endif
+#ifndef OPENSSL_NO_KRB5
+char *client_princ;
+#endif
#if 0
static int load_CA(SSL_CTX *ctx, char *file)
@@ -2018,12 +2534,11 @@
char *buf = NULL;
int ret = 1;
int i, j, k, dot;
- struct stat st_buf;
SSL *con;
- SSL_CIPHER *c;
+ const SSL_CIPHER *c;
BIO *io, *ssl_bio, *sbio;
-#ifdef RENEG
- long total_bytes;
+#ifndef OPENSSL_NO_KRB5
+ KSSL_CTX *kctx;
#endif
buf = OPENSSL_malloc(bufsize);
@@ -2058,9 +2573,9 @@
}
#endif
#ifndef OPENSSL_NO_KRB5
- if ((con->kssl_ctx = kssl_ctx_new()) != NULL) {
- kssl_ctx_setstring(con->kssl_ctx, KSSL_SERVICE, KRB5SVC);
- kssl_ctx_setstring(con->kssl_ctx, KSSL_KEYTAB, KRB5KEYTAB);
+ if ((kctx = kssl_ctx_new()) != NULL) {
+ kssl_ctx_setstring(kctx, KSSL_SERVICE, KRB5SVC);
+ kssl_ctx_setstring(kctx, KSSL_KEYTAB, KRB5KEYTAB);
}
#endif /* OPENSSL_NO_KRB5 */
if (context)
@@ -2084,7 +2599,7 @@
#endif
if (s_debug) {
- con->debug = 1;
+ SSL_set_debug(con, 1);
BIO_set_callback(SSL_get_rbio(con), bio_dump_callback);
BIO_set_callback_arg(SSL_get_rbio(con), (char *)bio_s_out);
}
@@ -2096,7 +2611,22 @@
for (;;) {
if (hack) {
i = SSL_accept(con);
-
+#ifndef OPENSSL_NO_SRP
+ while (i <= 0
+ && SSL_get_error(con, i) == SSL_ERROR_WANT_X509_LOOKUP) {
+ BIO_printf(bio_s_out, "LOOKUP during accept %s\n",
+ srp_callback_parm.login);
+ srp_callback_parm.user =
+ SRP_VBASE_get_by_user(srp_callback_parm.vb,
+ srp_callback_parm.login);
+ if (srp_callback_parm.user)
+ BIO_printf(bio_s_out, "LOOKUP done %s\n",
+ srp_callback_parm.user->info);
+ else
+ BIO_printf(bio_s_out, "LOOKUP not successful\n");
+ i = SSL_accept(con);
+ }
+#endif
switch (SSL_get_error(con, i)) {
case SSL_ERROR_NONE:
break;
@@ -2138,7 +2668,7 @@
/* else we have data */
if (((www == 1) && (strncmp("GET ", buf, 4) == 0)) ||
- ((www == 2) && (strncmp("GET /stats ", buf, 10) == 0))) {
+ ((www == 2) && (strncmp("GET /stats ", buf, 11) == 0))) {
char *p;
X509 *peer;
STACK_OF(SSL_CIPHER) *sk;
@@ -2156,6 +2686,11 @@
}
BIO_puts(io, "\n");
+ BIO_printf(io,
+ "Secure Renegotiation IS%s supported\n",
+ SSL_get_secure_renegotiation_support(con) ?
+ "" : " NOT");
+
/*
* The following is evil and should not really be done
*/
@@ -2189,7 +2724,7 @@
}
BIO_puts(io, "\n");
}
- BIO_printf(io, ((con->hit)
+ BIO_printf(io, (SSL_cache_hit(con)
? "---\nReused, " : "---\nNew, "));
c = SSL_get_current_cipher(con);
BIO_printf(io, "%s, Cipher is %s\n",
@@ -2264,13 +2799,7 @@
#endif
/* if a directory, do the index thang */
- if (stat(p, &st_buf) < 0) {
- BIO_puts(io, text);
- BIO_printf(io, "Error accessing '%s'\r\n", p);
- ERR_print_errors(io);
- break;
- }
- if (S_ISDIR(st_buf.st_mode)) {
+ if (app_isdir(p) > 0) {
#if 0 /* must check buffer size */
strcat(p, "/index.html");
#else
@@ -2302,9 +2831,6 @@
"HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n");
}
/* send the file */
-#ifdef RENEG
- total_bytes = 0;
-#endif
for (;;) {
i = BIO_read(file, buf, bufsize);
if (i <= 0)
@@ -2416,7 +2942,8 @@
{
unsigned int count = 0;
do {
- RAND_pseudo_bytes(id, *id_len);
+ if (RAND_pseudo_bytes(id, *id_len) < 0)
+ return 0;
/*
* Prefix the session_id with the required prefix. NB: If our prefix
* is too long, clip it - but there will be worse effects anyway, eg.
Modified: trunk/crypto/openssl/apps/s_socket.c
===================================================================
--- trunk/crypto/openssl/apps/s_socket.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/apps/s_socket.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -234,14 +234,11 @@
int init_client(int *sock, char *host, int port, int type)
{
unsigned char ip[4];
- short p = 0;
- if (!host_ip(host, &(ip[0]))) {
- return (0);
- }
- if (p != 0)
- port = p;
- return (init_client_ip(sock, ip, port, type));
+ memset(ip, '\0', sizeof ip);
+ if (!host_ip(host, &(ip[0])))
+ return 0;
+ return init_client_ip(sock, ip, port, type);
}
static int init_client_ip(int *sock, unsigned char ip[4], int port, int type)
@@ -271,11 +268,12 @@
perror("socket");
return (0);
}
-# ifndef OPENSSL_SYS_MPE
+# if defined(SO_KEEPALIVE) && !defined(OPENSSL_SYS_MPE)
if (type == SOCK_STREAM) {
i = 0;
i = setsockopt(s, SOL_SOCKET, SO_KEEPALIVE, (char *)&i, sizeof(i));
if (i < 0) {
+ closesocket(s);
perror("keepalive");
return (0);
}
@@ -283,7 +281,7 @@
# endif
if (connect(s, (struct sockaddr *)&them, sizeof(them)) == -1) {
- close(s);
+ closesocket(s);
perror("connect");
return (0);
}
@@ -297,7 +295,7 @@
{
int sock;
char *name = NULL;
- int accept_socket;
+ int accept_socket = 0;
int i;
if (!init_server(&accept_socket, port, type))
@@ -454,6 +452,7 @@
} else {
if ((*host = (char *)OPENSSL_malloc(strlen(h1->h_name) + 1)) == NULL) {
perror("OPENSSL_malloc");
+ closesocket(ret);
return (0);
}
BUF_strlcpy(*host, h1->h_name, strlen(h1->h_name) + 1);
@@ -461,10 +460,12 @@
h2 = GetHostByName(*host);
if (h2 == NULL) {
BIO_printf(bio_err, "gethostbyname failure\n");
+ closesocket(ret);
return (0);
}
if (h2->h_addrtype != AF_INET) {
BIO_printf(bio_err, "gethostbyname addr is not AF_INET\n");
+ closesocket(ret);
return (0);
}
}
Modified: trunk/crypto/openssl/apps/s_time.c
===================================================================
--- trunk/crypto/openssl/apps/s_time.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/apps/s_time.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -85,57 +85,6 @@
# include OPENSSL_UNISTD
#endif
-#if !defined(OPENSSL_SYS_NETWARE) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_VXWORKS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC))
-# define TIMES
-#endif
-
-#ifndef _IRIX
-# include <time.h>
-#endif
-#ifdef TIMES
-# include <sys/types.h>
-# include <sys/times.h>
-#endif
-
-/*
- * Depending on the VMS version, the tms structure is perhaps defined. The
- * __TMS macro will show if it was. If it wasn't defined, we should undefine
- * TIMES, since that tells the rest of the program how things should be
- * handled. -- Richard Levitte
- */
-#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS)
-# undef TIMES
-#endif
-
-#if !defined(TIMES) && !defined(OPENSSL_SYS_VXWORKS) && !defined(OPENSSL_SYS_NETWARE)
-# include <sys/timeb.h>
-#endif
-
-#if defined(sun) || defined(__ultrix)
-# define _POSIX_SOURCE
-# include <limits.h>
-# include <sys/param.h>
-#endif
-
-/*
- * The following if from times(3) man page. It may need to be changed
- */
-#ifndef HZ
-# ifdef _SC_CLK_TCK
-# define HZ ((double)sysconf(_SC_CLK_TCK))
-# else
-# ifndef CLK_TCK
-# ifndef _BSD_CLK_TCK_ /* FreeBSD hack */
-# define HZ 100.0
-# else /* _BSD_CLK_TCK_ */
-# define HZ ((double)_BSD_CLK_TCK_)
-# endif
-# else /* CLK_TCK */
-# define HZ ((double)CLK_TCK)
-# endif
-# endif
-#endif
-
#undef PROG
#define PROG s_time_main
@@ -183,7 +132,7 @@
static int tm_verify = SSL_VERIFY_NONE;
static int maxTime = SECONDS;
static SSL_CTX *tm_ctx = NULL;
-static SSL_METHOD *s_time_meth = NULL;
+static const SSL_METHOD *s_time_meth = NULL;
static char *s_www_path = NULL;
static long bytes_read = 0;
static int st_bugs = 0;
@@ -353,6 +302,10 @@
if (--argc < 1)
goto bad;
maxTime = atoi(*(++argv));
+ if (maxTime <= 0) {
+ BIO_printf(bio_err, "time must be > 0\n");
+ badop = 1;
+ }
} else {
BIO_printf(bio_err, "unknown option %s\n", *argv);
badop = 1;
@@ -383,56 +336,7 @@
static double tm_Time_F(int s)
{
- static double ret;
-#ifdef TIMES
- static struct tms tstart, tend;
-
- if (s == START) {
- times(&tstart);
- return (0);
- } else {
- times(&tend);
- ret = ((double)(tend.tms_utime - tstart.tms_utime)) / HZ;
- return ((ret == 0.0) ? 1e-6 : ret);
- }
-#elif defined(OPENSSL_SYS_NETWARE)
- static clock_t tstart, tend;
-
- if (s == START) {
- tstart = clock();
- return (0);
- } else {
- tend = clock();
- ret = (double)((double)(tend) - (double)(tstart));
- return ((ret < 0.001) ? 0.001 : ret);
- }
-#elif defined(OPENSSL_SYS_VXWORKS)
- {
- static unsigned long tick_start, tick_end;
-
- if (s == START) {
- tick_start = tickGet();
- return 0;
- } else {
- tick_end = tickGet();
- ret = (double)(tick_end - tick_start) / (double)sysClkRateGet();
- return ((ret == 0.0) ? 1e-6 : ret);
- }
- }
-#else /* !times() */
- static struct timeb tstart, tend;
- long i;
-
- if (s == START) {
- ftime(&tstart);
- return (0);
- } else {
- ftime(&tend);
- i = (long)tend.millitm - (long)tstart.millitm;
- ret = ((double)(tend.time - tstart.time)) + ((double)i) / 1000.0;
- return ((ret == 0.0) ? 1e-6 : ret);
- }
-#endif
+ return app_tminterval(s, 1);
}
/***********************************************************************
@@ -457,13 +361,7 @@
if (bio_err == NULL)
bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
-#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
s_time_meth = SSLv23_client_method();
-#elif !defined(OPENSSL_NO_SSL3)
- s_time_meth = SSLv3_client_method();
-#elif !defined(OPENSSL_NO_SSL2)
- s_time_meth = SSLv2_client_method();
-#endif
/* parse the command line arguments */
if (parseArgs(argc, argv) < 0)
@@ -656,7 +554,8 @@
nConn, totalTime, ((double)nConn / totalTime), bytes_read);
printf
("%d connections in %ld real seconds, %ld bytes read per connection\n",
- nConn, (long)time(NULL) - finishtime + maxTime, bytes_read / nConn);
+ nConn, (long)time(NULL) - finishtime + maxTime,
+ bytes_read / (nConn?nConn:1));
ret = 0;
end:
@@ -714,7 +613,7 @@
i = SSL_get_fd(serverCon);
width = i + 1;
FD_ZERO(&readfds);
- FD_SET(i, &readfds);
+ openssl_fdset(i, &readfds);
/*
* Note: under VMS with SOCKETSHR the 2nd parameter is currently
* of type (int *) whereas under other systems it is (void *) if
Modified: trunk/crypto/openssl/apps/server.pem
===================================================================
--- trunk/crypto/openssl/apps/server.pem 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/apps/server.pem 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,369 +1,52 @@
-issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
-subject= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Server test cert (512 bit)
+subject= C = UK, O = OpenSSL Group, OU = FOR TESTING PURPOSES ONLY, CN = Test Server Cert
+issuer= C = UK, O = OpenSSL Group, OU = FOR TESTING PURPOSES ONLY, CN = OpenSSL Test Intermediate CA
-----BEGIN CERTIFICATE-----
-MIIB6TCCAVICAQYwDQYJKoZIhvcNAQEEBQAwWzELMAkGA1UEBhMCQVUxEzARBgNV
-BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYD
-VQQDExJUZXN0IENBICgxMDI0IGJpdCkwHhcNMDAxMDE2MjIzMTAzWhcNMDMwMTE0
-MjIzMTAzWjBjMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEaMBgG
-A1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxIzAhBgNVBAMTGlNlcnZlciB0ZXN0IGNl
-cnQgKDUxMiBiaXQpMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJ+zw4Qnlf8SMVIP
-Fe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVDTGiXav6ooKXfX3j/7tdkuD8Ey2//
-Kv7+ue0CAwEAATANBgkqhkiG9w0BAQQFAAOBgQCT0grFQeZaqYb5EYfk20XixZV4
-GmyAbXMftG1Eo7qGiMhYzRwGNWxEYojf5PZkYZXvSqZ/ZXHXa4g59jK/rJNnaVGM
-k+xIX8mxQvlV0n5O9PIha5BX5teZnkHKgL8aKKLKW1BK7YTngsfSzzaeame5iKfz
-itAE+OjGF+PFKbwX8Q==
+MIID5zCCAs+gAwIBAgIJALnu1NlVpZ6zMA0GCSqGSIb3DQEBBQUAMHAxCzAJBgNV
+BAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMSIwIAYDVQQLDBlGT1IgVEVT
+VElORyBQVVJQT1NFUyBPTkxZMSUwIwYDVQQDDBxPcGVuU1NMIFRlc3QgSW50ZXJt
+ZWRpYXRlIENBMB4XDTExMTIwODE0MDE0OFoXDTIxMTAxNjE0MDE0OFowZDELMAkG
+A1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAxIjAgBgNVBAsMGUZPUiBU
+RVNUSU5HIFBVUlBPU0VTIE9OTFkxGTAXBgNVBAMMEFRlc3QgU2VydmVyIENlcnQw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDzhPOSNtyyRspmeuUpxfNJ
+KCLTuf7g3uQ4zu4iHOmRO5TQci+HhVlLZrHF9XqFXcIP0y4pWDbMSGuiorUmzmfi
+R7bfSdI/+qIQt8KXRH6HNG1t8ou0VSvWId5TS5Dq/er5ODUr9OaaDva7EquHIcMv
+vPQGuI+OEAcnleVCy9HVEIySrO4P3CNIicnGkwwiAud05yUAq/gPXBC1hTtmlPD7
+TVcGVSEiJdvzqqlgv02qedGrkki6GY4S7GjZxrrf7Foc2EP+51LJzwLQx3/JfrCU
+41NEWAsu/Sl0tQabXESN+zJ1pDqoZ3uHMgpQjeGiE0olr+YcsSW/tJmiU9OiAr8R
+AgMBAAGjgY8wgYwwDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCBeAwLAYJYIZI
+AYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQW
+BBSCvM8AABPR9zklmifnr9LvIBturDAfBgNVHSMEGDAWgBQ2w2yI55X+sL3szj49
+hqshgYfa2jANBgkqhkiG9w0BAQUFAAOCAQEAqb1NV0B0/pbpK9Z4/bNjzPQLTRLK
+WnSNm/Jh5v0GEUOE/Beg7GNjNrmeNmqxAlpqWz9qoeoFZax+QBpIZYjROU3TS3fp
+yLsrnlr0CDQ5R7kCCDGa8dkXxemmpZZLbUCpW2Uoy8sAA4JjN9OtsZY7dvUXFgJ7
+vVNTRnI01ghknbtD+2SxSQd3CWF6QhcRMAzZJ1z1cbbwGDDzfvGFPzJ+Sq+zEPds
+xoVLLSetCiBc+40ZcDS5dV98h9XD7JMTQfxzA7mNGv73JoZJA6nFgj+ADSlJsY/t
+JBv+z1iQRueoh9Qeee+ZbRifPouCB8FDx+AltvHTANdAq0t/K3o+pplMVA==
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
-MIIBPAIBAAJBAJ+zw4Qnlf8SMVIPFe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVD
-TGiXav6ooKXfX3j/7tdkuD8Ey2//Kv7+ue0CAwEAAQJAN6W31vDEP2DjdqhzCDDu
-OA4NACqoiFqyblo7yc2tM4h4xMbC3Yx5UKMN9ZkCtX0gzrz6DyF47bdKcWBzNWCj
-gQIhANEoojVt7hq+SQ6MCN6FTAysGgQf56Q3TYoJMoWvdiXVAiEAw3e3rc+VJpOz
-rHuDo6bgpjUAAXM+v3fcpsfZSNO6V7kCIQCtbVjanpUwvZkMI9by02oUk9taki3b
-PzPfAfNPYAbCJQIhAJXNQDWyqwn/lGmR11cqY2y9nZ1+5w3yHGatLrcDnQHxAiEA
-vnlEGo8K85u+KwIOimM48ZG8oTk7iFdkqLJR1utT3aU=
+MIIEpAIBAAKCAQEA84TzkjbcskbKZnrlKcXzSSgi07n+4N7kOM7uIhzpkTuU0HIv
+h4VZS2axxfV6hV3CD9MuKVg2zEhroqK1Js5n4ke230nSP/qiELfCl0R+hzRtbfKL
+tFUr1iHeU0uQ6v3q+Tg1K/Tmmg72uxKrhyHDL7z0BriPjhAHJ5XlQsvR1RCMkqzu
+D9wjSInJxpMMIgLndOclAKv4D1wQtYU7ZpTw+01XBlUhIiXb86qpYL9NqnnRq5JI
+uhmOEuxo2ca63+xaHNhD/udSyc8C0Md/yX6wlONTRFgLLv0pdLUGm1xEjfsydaQ6
+qGd7hzIKUI3hohNKJa/mHLElv7SZolPTogK/EQIDAQABAoIBAADq9FwNtuE5IRQn
+zGtO4q7Y5uCzZ8GDNYr9RKp+P2cbuWDbvVAecYq2NV9QoIiWJOAYZKklOvekIju3
+r0UZLA0PRiIrTg6NrESx3JrjWDK8QNlUO7CPTZ39/K+FrmMkV9lem9yxjJjyC34D
+AQB+YRTx+l14HppjdxNwHjAVQpIx/uO2F5xAMuk32+3K+pq9CZUtrofe1q4Agj9R
+5s8mSy9pbRo9kW9wl5xdEotz1LivFOEiqPUJTUq5J5PeMKao3vdK726XI4Z455Nm
+W2/MA0YV0ug2FYinHcZdvKM6dimH8GLfa3X8xKRfzjGjTiMSwsdjgMa4awY3tEHH
+674jhAECgYEA/zqMrc0zsbNk83sjgaYIug5kzEpN4ic020rSZsmQxSCerJTgNhmg
+utKSCt0Re09Jt3LqG48msahX8ycqDsHNvlEGPQSbMu9IYeO3Wr3fAm75GEtFWePY
+BhM73I7gkRt4s8bUiUepMG/wY45c5tRF23xi8foReHFFe9MDzh8fJFECgYEA9EFX
+4qAik1pOJGNei9BMwmx0I0gfVEIgu0tzeVqT45vcxbxr7RkTEaDoAG6PlbWP6D9a
+WQNLp4gsgRM90ZXOJ4up5DsAWDluvaF4/omabMA+MJJ5kGZ0gCj5rbZbKqUws7x8
+bp+6iBfUPJUbcqNqFmi/08Yt7vrDnMnyMw2A/sECgYEAiiuRMxnuzVm34hQcsbhH
+6ymVqf7j0PW2qK0F4H1ocT9qhzWFd+RB3kHWrCjnqODQoI6GbGr/4JepHUpre1ex
+4UEN5oSS3G0ru0rC3U4C59dZ5KwDHFm7ffZ1pr52ljfQDUsrjjIMRtuiwNK2OoRa
+WSsqiaL+SDzSB+nBmpnAizECgYBdt/y6rerWUx4MhDwwtTnel7JwHyo2MDFS6/5g
+n8qC2Lj6/fMDRE22w+CA2esp7EJNQJGv+b27iFpbJEDh+/Lf5YzIT4MwVskQ5bYB
+JFcmRxUVmf4e09D7o705U/DjCgMH09iCsbLmqQ38ONIRSHZaJtMDtNTHD1yi+jF+
+OT43gQKBgQC/2OHZoko6iRlNOAQ/tMVFNq7fL81GivoQ9F1U0Qr+DH3ZfaH8eIkX
+xT0ToMPJUzWAn8pZv0snA0um6SIgvkCuxO84OkANCVbttzXImIsL7pFzfcwV/ERK
+UM6j0ZuSMFOCr/lGPAoOQU0fskidGEHi1/kW+suSr28TqsyYZpwBDQ==
-----END RSA PRIVATE KEY-----
-subject=/C=US/O=AT&T Bell Laboratories/OU=Prototype Research CA
-issuer= /C=US/O=AT&T Bell Laboratories/OU=Prototype Research CA
-notBefore=950413210656Z
-notAfter =970412210656Z
------BEGIN X509 CERTIFICATE-----
-
-MIICCDCCAXECAQAwDQYJKoZIhvcNAQEEBQAwTjELMAkGA1UEBhMCVVMxHzAdBgNV
-BAoUFkFUJlQgQmVsbCBMYWJvcmF0b3JpZXMxHjAcBgNVBAsUFVByb3RvdHlwZSBS
-ZXNlYXJjaCBDQTAeFw05NTA0MTMyMTA2NTZaFw05NzA0MTIyMTA2NTZaME4xCzAJ
-BgNVBAYTAlVTMR8wHQYDVQQKFBZBVCZUIEJlbGwgTGFib3JhdG9yaWVzMR4wHAYD
-VQQLFBVQcm90b3R5cGUgUmVzZWFyY2ggQ0EwgZwwDQYJKoZIhvcNAQEBBQADgYoA
-MIGGAoGAebOmgtSCl+wCYZc86UGYeTLY8cjmW2P0FN8ToT/u2pECCoFdrlycX0OR
-3wt0ZhpFXLVNeDnHwEE9veNUih7pCL2ZBFqoIoQkB1lZmXRiVtjGonz8BLm/qrFM
-YHb0lme/Ol+s118mwKVxnn6bSAeI/OXKhLaVdYZWk+aEaxEDkVkCAQ8wDQYJKoZI
-hvcNAQEEBQADgYEAAZMG14lZmZ8bahkaHaTV9dQf4p2FZiQTFwHP9ZyGsXPC+LT5
-dG5iTaRmyjNIJdPWohZDl97kAci79aBndvuEvRKOjLHs3WRGBIwERnAcnY9Mz8u/
-zIHK23PjYVxGGaZd669OJwD0CYyqH22HH9nFUGaoJdsv39ChW0NRdLE9+y8=
------END X509 CERTIFICATE-----
-issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit)
-subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
------BEGIN CERTIFICATE-----
-MIICJjCCAY8CAQAwDQYJKoZIhvcNAQEEBQAwXDELMAkGA1UEBhMCQVUxEzARBgNV
-BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYD
-VQQDExNUZXN0IFBDQSAoMTAyNCBiaXQpMB4XDTk3MDYwOTEzNTc0M1oXDTAxMDYw
-OTEzNTc0M1owWzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxGjAY
-BgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYDVQQDExJUZXN0IENBICgxMDI0
-IGJpdCkwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKO7o8t116VP6cgybTsZ
-DCZhr95nYlZuya3aCi1IKoztqwWnjbmDFIriOqGFPrZQ+moMETC9D59iRW/dFXSv
-1F65ka/XY2hLh9exCCo7XuUcDs53Qp3bI3AmMqHjgzE8oO3ajyJAzJkTTOUecQU2
-mw/gI4tMM0LqWMQS7luTy4+xAgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAM7achv3v
-hLQJcv/65eGEpBXM40ZDVoFQFFJWaY5p883HTqLB1x4FdzsXHH0QKBTcKpWwqyu4
-YDm3fb8oDugw72bCzfyZK/zVZPR/hVlqI/fvU109Qoc+7oPvIXWky71HfcK6ZBCA
-q30KIqGM/uoM60INq97qjDmCJapagcNBGQs=
------END CERTIFICATE-----
------BEGIN RSA PRIVATE KEY-----
-MIICXQIBAAKBgQCju6PLddelT+nIMm07GQwmYa/eZ2JWbsmt2gotSCqM7asFp425
-gxSK4jqhhT62UPpqDBEwvQ+fYkVv3RV0r9ReuZGv12NoS4fXsQgqO17lHA7Od0Kd
-2yNwJjKh44MxPKDt2o8iQMyZE0zlHnEFNpsP4COLTDNC6ljEEu5bk8uPsQIDAQAB
-AoGAVZmpFZsDZfr0l2S9tLLwpjRWNOlKATQkno6q2WesT0eGLQufTciY+c8ypfU6
-hyio8r5iUl/VhhdjhAtKx1mRpiotftHo/eYf8rtsrnprOnWG0bWjLjtIoMbcxGn2
-J3bN6LJmbJMjDs0eJ3KnTu646F3nDUw2oGAwmpzKXA1KAP0CQQDRvQhxk2D3Pehs
-HvG665u2pB5ipYQngEFlZO7RHJZzJOZEWSLuuMqaF/7pTfA5jiBvWqCgJeCRRInL
-21ru4dlPAkEAx9jj7BgKn5TYnMoBSSe0afjsV9oApVpN1Nacb1YDtCwy+scp3++s
-nFxlv98wxIlSdpwMUn+AUWfjiWR7Tu/G/wJBAJ/KjwZIrFVxewP0x2ILYsTRYLzz
-MS4PDsO7FB+I0i7DbBOifXS2oNSpd3I0CNMwrxFnUHzynpbOStVfN3ZL5w0CQQCa
-pwFahxBRhkJKsxhjoFJBX9yl75JoY4Wvm5Tbo9ih6UJaRx3kqfkN14L2BKYcsZgb
-KY9vmDOYy6iNfjDeWTfJAkBkfPUb8oTJ/nSP5zN6sqGxSY4krc4xLxpRmxoJ8HL2
-XfhqXkTzbU13RX9JJ/NZ8vQN9Vm2NhxRGJocQkmcdVtJ
------END RSA PRIVATE KEY-----
------BEGIN X509 CERTIFICATE-----
-MIICYDCCAiACAgEoMAkGBSsOAwINBQAwfDELMAkGA1UEBhMCVVMxNjA0BgNVBAoT
-LU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFuZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEZ
-MBcGA1UECxMQVGVzdCBFbnZpcm9ubWVudDEaMBgGA1UECxMRRFNTLU5BU0EtUGls
-b3QtQ0EwHhcNOTYwMjI2MTYzMjQ1WhcNOTcwMjI1MTYzMjQ1WjB8MQswCQYDVQQG
-EwJVUzE2MDQGA1UEChMtTmF0aW9uYWwgQWVyb25hdXRpY3MgYW5kIFNwYWNlIEFk
-bWluaXN0cmF0aW9uMRkwFwYDVQQLExBUZXN0IEVudmlyb25tZW50MRowGAYDVQQL
-ExFEU1MtTkFTQS1QaWxvdC1DQTCB8jAJBgUrDgMCDAUAA4HkADCB4AJBAMA/ssKb
-hPNUG7ZlASfVwEJU21O5OyF/iyBzgHI1O8eOhJGUYO8cc8wDMjR508Mr9cp6Uhl/
-ZB7FV5GkLNEnRHYCQQDUEaSg45P2qrDwixTRhFhmWz5Nvc4lRFQ/42XPcchiJBLb
-bn3QK74T2IxY1yY+kCNq8XrIqf5fJJzIH0J/xUP3AhUAsg2wsQHfDGYk/BOSulX3
-fVd0geUCQQCzCFUQAh+ZkEmp5804cs6ZWBhrUAfnra8lJItYo9xPcXgdIfLfibcX
-R71UsyO77MRD7B0+Ag2tq794IleCVcEEMAkGBSsOAwINBQADLwAwLAIUUayDfreR
-Yh2WeU86/pHNdkUC1IgCFEfxe1f0oMpxJyrJ5XIxTi7vGdoK
------END X509 CERTIFICATE-----
------BEGIN X509 CERTIFICATE-----
-
-MIICGTCCAdgCAwCqTDAJBgUrDgMCDQUAMHwxCzAJBgNVBAYTAlVTMTYwNAYDVQQK
-Ey1OYXRpb25hbCBBZXJvbmF1dGljcyBhbmQgU3BhY2UgQWRtaW5pc3RyYXRpb24x
-GTAXBgNVBAsTEFRlc3QgRW52aXJvbm1lbnQxGjAYBgNVBAsTEURTUy1OQVNBLVBp
-bG90LUNBMB4XDTk2MDUxNDE3MDE0MVoXDTk3MDUxNDE3MDE0MVowMzELMAkGA1UE
-BhMCQVUxDzANBgNVBAoTBk1pbmNvbTETMBEGA1UEAxMKRXJpYyBZb3VuZzCB8jAJ
-BgUrDgMCDAUAA4HkADCB4AJBAKbfHz6vE6pXXMTpswtGUec2tvnfLJUsoxE9qs4+
-ObZX7LmLvragNPUeiTJx7UOWZ5DfBj6bXLc8eYne0lP1g3ACQQDUEaSg45P2qrDw
-ixTRhFhmWz5Nvc4lRFQ/42XPcchiJBLbbn3QK74T2IxY1yY+kCNq8XrIqf5fJJzI
-H0J/xUP3AhUAsg2wsQHfDGYk/BOSulX3fVd0geUCQQCzCFUQAh+ZkEmp5804cs6Z
-WBhrUAfnra8lJItYo9xPcXgdIfLfibcXR71UsyO77MRD7B0+Ag2tq794IleCVcEE
-MAkGBSsOAwINBQADMAAwLQIUWsuuJRE3VT4ueWkWMAJMJaZjj1ECFQCYY0zX4bzM
-LC7obsrHD8XAHG+ZRG==
------END X509 CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIICTTCCAbagAwIBAgIBADANBgkqhkiG9w0BAQQFADBMMQswCQYDVQQGEwJHQjEM
-MAoGA1UEChMDVUNMMRgwFgYDVQQLEw9JQ0UtVEVMIFByb2plY3QxFTATBgNVBAMT
-DFRydXN0RmFjdG9yeTAeFw05NzA0MjIxNDM5MTRaFw05ODA0MjIxNDM5MTRaMEwx
-CzAJBgNVBAYTAkdCMQwwCgYDVQQKEwNVQ0wxGDAWBgNVBAsTD0lDRS1URUwgUHJv
-amVjdDEVMBMGA1UEAxMMVHJ1c3RGYWN0b3J5MIGcMAoGBFUIAQECAgQAA4GNADCB
-iQKBgQCEieR8NcXkUW1f0G6aC6u0i8q/98JqS6RxK5YmHIGKCkuTWAUjzLfUa4dt
-U9igGCjTuxaDqlzEim+t/02pmiBZT9HaX++35MjQPUWmsChcYU5WyzGErXi+rQaw
-zlwS73zM8qiPj/97lXYycWhgL0VaiDSPxRXEUdWoaGruom4mNQIDAQABo0IwQDAd
-BgNVHQ4EFgQUHal1LZr7oVg5z6lYzrhTgZRCmcUwDgYDVR0PAQH/BAQDAgH2MA8G
-A1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAfaggfl6FZoioecjv0dq8
-/DXo/u11iMZvXn08gjX/zl2b4wtPbShOSY5FhkSm8GeySasz+/Nwb/uzfnIhokWi
-lfPZHtlCWtXbIy/TN51eJyq04ceDCQDWvLC2enVg9KB+GJ34b5c5VaPRzq8MBxsA
-S7ELuYGtmYgYm9NZOIr7yU0=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIB6jCCAZQCAgEtMA0GCSqGSIb3DQEBBAUAMIGAMQswCQYDVQQGEwJVUzE2MDQG
-A1UEChMtTmF0aW9uYWwgQWVyb25hdXRpY3MgYW5kIFNwYWNlIEFkbWluaXN0cmF0
-aW9uMRkwFwYDVQQLExBUZXN0IEVudmlyb25tZW50MR4wHAYDVQQLExVNRDUtUlNB
-LU5BU0EtUGlsb3QtQ0EwHhcNOTYwNDMwMjIwNTAwWhcNOTcwNDMwMjIwNTAwWjCB
-gDELMAkGA1UEBhMCVVMxNjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFu
-ZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEZMBcGA1UECxMQVGVzdCBFbnZpcm9ubWVu
-dDEeMBwGA1UECxMVTUQ1LVJTQS1OQVNBLVBpbG90LUNBMFkwCgYEVQgBAQICAgAD
-SwAwSAJBALmmX5+GqAvcrWK13rfDrNX9UfeA7f+ijyBgeFQjYUoDpFqapw4nzQBL
-bAXug8pKkRwa2Zh8YODhXsRWu2F/UckCAwEAATANBgkqhkiG9w0BAQQFAANBAH9a
-OBA+QCsjxXgnSqHx04gcU8S49DVUb1f2XVoLnHlIb8RnX0k5O6mpHT5eti9bLkiW
-GJNMJ4L0AJ/ac+SmHZc=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIICajCCAdMCBDGA0QUwDQYJKoZIhvcNAQEEBQAwfTELMAkGA1UEBhMCQ2ExDzAN
-BgNVBAcTBk5lcGVhbjEeMBwGA1UECxMVTm8gTGlhYmlsaXR5IEFjY2VwdGVkMR8w
-HQYDVQQKExZGb3IgRGVtbyBQdXJwb3NlcyBPbmx5MRwwGgYDVQQDExNFbnRydXN0
-IERlbW8gV2ViIENBMB4XDTk2MDQyNjEzMzUwMVoXDTA2MDQyNjEzMzUwMVowfTEL
-MAkGA1UEBhMCQ2ExDzANBgNVBAcTBk5lcGVhbjEeMBwGA1UECxMVTm8gTGlhYmls
-aXR5IEFjY2VwdGVkMR8wHQYDVQQKExZGb3IgRGVtbyBQdXJwb3NlcyBPbmx5MRww
-GgYDVQQDExNFbnRydXN0IERlbW8gV2ViIENBMIGdMA0GCSqGSIb3DQEBAQUAA4GL
-ADCBhwKBgQCaroS7O1DA0hm4IefNYU1cx/nqOmzEnk291d1XqznDeF4wEgakbkCc
-zTKxK791yNpXG5RmngqH7cygDRTHZJ6mfCRn0wGC+AI00F2vYTGqPGRQL1N3lZT0
-YDKFC0SQeMMjFIZ1aeQigroFQnHo0VB3zWIMpNkka8PY9lxHZAmWwQIBAzANBgkq
-hkiG9w0BAQQFAAOBgQBAx0UMVA1s54lMQyXjMX5kj99FJN5itb8bK1Rk+cegPQPF
-cWO9SEWyEjjBjIkjjzAwBkaEszFsNGxemxtXvwjIm1xEUMTVlPEWTs2qnDvAUA9W
-YqhWbhH0toGT36236QAsqCZ76rbTRVSSX2BHyJwJMG2tCRv7kRJ//NIgxj3H4w==
------END CERTIFICATE-----
-
-issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit)
-subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit)
------BEGIN CERTIFICATE-----
-MIICJzCCAZACAQAwDQYJKoZIhvcNAQEEBQAwXDELMAkGA1UEBhMCQVUxEzARBgNV
-BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYD
-VQQDExNUZXN0IFBDQSAoMTAyNCBiaXQpMB4XDTk3MDYwOTEzNTczN1oXDTAxMDYw
-OTEzNTczN1owXDELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxGjAY
-BgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYDVQQDExNUZXN0IFBDQSAoMTAy
-NCBiaXQpMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCdoWk/3+WcMlfjIrkg
-40ketmnQaEogQe1LLcuOJV6rKfUSAsPgwgsabJ/wn8TxA1yy3eKJbFl3OiUXMRsp
-22Jp85PmemiDzyUIStwk72qhp1imbANZvlmlCFKiQrjUyuDfu4TABmn+kkt3vR1Y
-BEOGt+IFye1UBVSATVdRJ2UVhwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBABNA1u/S
-Cg/LJZWb7GliiKJsvuhxlE4E5JxQF2zMub/CSNbF97//tYSyj96sxeFQxZXbcjm9
-xt6mr/xNLA4szNQMJ4P+L7b5e/jC5DSqlwS+CUYJgaFs/SP+qJoCSu1bR3IM9XWO
-cRBpDmcBbYLkSyB92WURvsZ1LtjEcn+cdQVI
------END CERTIFICATE-----
------BEGIN RSA PRIVATE KEY-----
-MIICXAIBAAKBgQCdoWk/3+WcMlfjIrkg40ketmnQaEogQe1LLcuOJV6rKfUSAsPg
-wgsabJ/wn8TxA1yy3eKJbFl3OiUXMRsp22Jp85PmemiDzyUIStwk72qhp1imbANZ
-vlmlCFKiQrjUyuDfu4TABmn+kkt3vR1YBEOGt+IFye1UBVSATVdRJ2UVhwIDAQAB
-AoGAba4fTtuap5l7/8ZsbE7Z1O32KJY4ZcOZukLOLUUhXxXduT+FTgGWujc0/rgc
-z9qYCLlNZHOouMYTgtSfYvuMuLZ11VIt0GYH+nRioLShE59Yy+zCRyC+gPigS1kz
-xvo14AsOIPYV14Tk/SsHyq6E0eTk7VzaIE197giiINUERPECQQDSKmtPTh/lRKw7
-HSZSM0I1mFWn/1zqrAbontRQY5w98QWIOe5qmzYyFbPXYT3d9BzlsMyhgiRNoBbD
-yvohSHXJAkEAwAHx6ezAZeWWzD5yXD36nyjpkVCw7Tk7TSmOceLJMWt1QcrCfqlS
-xA5jjpQ6Z8suU5DdtWAryM2sAir1WisYzwJAd6Zcx56jvAQ3xcPXsE6scBTVFzrj
-7FqZ6E+cclPzfLQ+QQsyOBE7bpI6e/FJppY26XGZXo3YGzV8IGXrt40oOQJALETG
-h86EFXo3qGOFbmsDy4pdP5nBERCu8X1xUCSfintiD4c2DInxgS5oGclnJeMcjTvL
-QjQoJCX3UJCi/OUO1QJBAKgcDHWjMvt+l1pjJBsSEZ0HX9AAIIVx0RQmbFGS+F2Q
-hhu5l77WnnZOQ9vvhV5u7NPCUF9nhU3jh60qWWO8mkc=
------END RSA PRIVATE KEY-----
-subject=/C=US/O=RSA Data Security, Inc./OU=Commercial Certification Authority
-issuer= /C=US/O=RSA Data Security, Inc./OU=Commercial Certification Authority
-notBefore=941104185834Z
-notAfter =991103185834Z
------BEGIN X509 CERTIFICATE-----
-
-MIICIzCCAZACBQJBAAAWMA0GCSqGSIb3DQEBAgUAMFwxCzAJBgNVBAYTAlVTMSAw
-HgYDVQQKExdSU0EgRGF0YSBTZWN1cml0eSwgSW5jLjErMCkGA1UECxMiQ29tbWVy
-Y2lhbCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NDExMDQxODU4MzRaFw05
-OTExMDMxODU4MzRaMFwxCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdSU0EgRGF0YSBT
-ZWN1cml0eSwgSW5jLjErMCkGA1UECxMiQ29tbWVyY2lhbCBDZXJ0aWZpY2F0aW9u
-IEF1dGhvcml0eTCBmzANBgkqhkiG9w0BAQEFAAOBiQAwgYUCfgCk+4Fie84QJ93o
-975sbsZwmdu41QUDaSiCnHJ/lj+O7Kwpkj+KFPhCdr69XQO5kNTQvAayUTNfxMK/
-touPmbZiImDd298ggrTKoi8tUO2UMt7gVY3UaOLgTNLNBRYulWZcYVI4HlGogqHE
-7yXpCuaLK44xZtn42f29O2nZ6wIDAQABMA0GCSqGSIb3DQEBAgUAA34AdrW2EP4j
-9/dZYkuwX5zBaLxJu7NJbyFHXSudVMQAKD+YufKKg5tgf+tQx6sFEC097TgCwaVI
-0v5loMC86qYjFmZsGySp8+x5NRhPJsjjr1BKx6cxa9B8GJ1Qv6km+iYrRpwUqbtb
-MJhCKLVLU7tDCZJAuqiqWqTGtotXTcU=
------END X509 CERTIFICATE-----
-subject=/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
-issuer= /C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
-notBefore=941109235417Z
-notAfter =991231235417Z
------BEGIN X509 CERTIFICATE-----
-
-MIICKTCCAZYCBQJBAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMSAw
-HgYDVQQKExdSU0EgRGF0YSBTZWN1cml0eSwgSW5jLjEuMCwGA1UECxMlU2VjdXJl
-IFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NDExMDkyMzU0MTda
-Fw05OTEyMzEyMzU0MTdaMF8xCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdSU0EgRGF0
-YSBTZWN1cml0eSwgSW5jLjEuMCwGA1UECxMlU2VjdXJlIFNlcnZlciBDZXJ0aWZp
-Y2F0aW9uIEF1dGhvcml0eTCBmzANBgkqhkiG9w0BAQEFAAOBiQAwgYUCfgCSznrB
-roM+WqqJg1esJQF2DK2ujiw3zus1eGRUA+WEQFHJv48I4oqCCNIWhjdV6bEhAq12
-aIGaBaJLyUslZiJWbIgHj/eBWW2EB2VwE3F2Ppt3TONQiVaYSLkdpykaEy5KEVmc
-HhXVSVQsczppgrGXOZxtcGdI5d0t1sgeewIDAQABMA0GCSqGSIb3DQEBAgUAA34A
-iNHReSHO4ovo+MF9NFM/YYPZtgs4F7boviGNjwC4i1N+RGceIr2XJ+CchcxK9oU7
-suK+ktPlDemvXA4MRpX/oRxePug2WHpzpgr4IhFrwwk4fia7c+8AvQKk8xQNMD9h
-cHsg/jKjn7P0Z1LctO6EjJY2IN6BCINxIYoPnqk=
------END X509 CERTIFICATE-----
-subject=/C=ZA/SP=Western Cape/L=Cape Town/O=Thawte Consulting cc
- /OU=Certification Services Division/CN=Thawte Server CA
- /Email=server-certs at thawte.com
-issuer= /C=ZA/SP=Western Cape/L=Cape Town/O=Thawte Consulting cc
- /OU=Certification Services Division/CN=Thawte Server CA
- /Email=server-certs at thawte.com
------BEGIN CERTIFICATE-----
-MIIC+TCCAmICAQAwDQYJKoZIhvcNAQEEBQAwgcQxCzAJBgNVBAYTAlpBMRUwEwYD
-VQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsGA1UEChMU
-VGhhd3RlIENvbnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2Vy
-dmljZXMgRGl2aXNpb24xGTAXBgNVBAMTEFRoYXd0ZSBTZXJ2ZXIgQ0ExJjAkBgkq
-hkiG9w0BCQEWF3NlcnZlci1jZXJ0c0B0aGF3dGUuY29tMB4XDTk2MDcyNzE4MDc1
-N1oXDTk4MDcyNzE4MDc1N1owgcQxCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0
-ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsGA1UEChMUVGhhd3RlIENv
-bnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2VydmljZXMgRGl2
-aXNpb24xGTAXBgNVBAMTEFRoYXd0ZSBTZXJ2ZXIgQ0ExJjAkBgkqhkiG9w0BCQEW
-F3NlcnZlci1jZXJ0c0B0aGF3dGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB
-iQKBgQDTpFBuyP9Wa+bPXbbqDGh1R6KqwtqEJfyo9EdR2oW1IHSUhh4PdcnpCGH1
-Bm0wbhUZAulSwGLbTZme4moMRDjN/r7jZAlwxf6xaym2L0nIO9QnBCUQly/nkG3A
-KEKZ10xD3sP1IW1Un13DWOHA5NlbsLjctHvfNjrCtWYiEtaHDQIDAQABMA0GCSqG
-SIb3DQEBBAUAA4GBAIsvn7ifX3RUIrvYXtpI4DOfARkTogwm6o7OwVdl93yFhDcX
-7h5t0XZ11MUAMziKdde3rmTvzUYIUCYoY5b032IwGMTvdiclK+STN6NP2m5nvFAM
-qJT5gC5O+j/jBuZRQ4i0AMYQr5F4lT8oBJnhgafw6PL8aDY2vMHGSPl9+7uf
------END CERTIFICATE-----
-
------BEGIN CERTIFICATE-----
-MIIDDTCCAnYCAQAwDQYJKoZIhvcNAQEEBQAwgc4xCzAJBgNVBAYTAlpBMRUwEwYD
-VQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsGA1UEChMU
-VGhhd3RlIENvbnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2Vy
-dmljZXMgRGl2aXNpb24xITAfBgNVBAMTGFRoYXd0ZSBQcmVtaXVtIFNlcnZlciBD
-QTEoMCYGCSqGSIb3DQEJARYZcHJlbWl1bS1zZXJ2ZXJAdGhhd3RlLmNvbTAeFw05
-NjA3MjcxODA3MTRaFw05ODA3MjcxODA3MTRaMIHOMQswCQYDVQQGEwJaQTEVMBMG
-A1UECBMMV2VzdGVybiBDYXBlMRIwEAYDVQQHEwlDYXBlIFRvd24xHTAbBgNVBAoT
-FFRoYXd0ZSBDb25zdWx0aW5nIGNjMSgwJgYDVQQLEx9DZXJ0aWZpY2F0aW9uIFNl
-cnZpY2VzIERpdmlzaW9uMSEwHwYDVQQDExhUaGF3dGUgUHJlbWl1bSBTZXJ2ZXIg
-Q0ExKDAmBgkqhkiG9w0BCQEWGXByZW1pdW0tc2VydmVyQHRoYXd0ZS5jb20wgZ8w
-DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANI2NmqL18JbntqBQWKPOO5JBFXW0O8c
-G5UWR+8YSDU6UvQragaPOy/qVuOvho2eF/eetGV1Ak3vywmiIVHYm9Bn0LoNkgYU
-c9STy5cqAJxcTgy8+hVS/PJEbtoRSm4Iny8t4/mqOoZztkZTWMiJBb2DEbhzP6oH
-jfRCTedAnRw3AgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAutFIgTRZVYerIZfL9lvR
-w9Eifvvo5KTZ3h+Bj+VzNnyw4Qc/IyXkPOu6SIiH9LQ3sCmWBdxpe+qr4l77rLj2
-GYuMtESFfn1XVALzkYgC7JcPuTOjMfIiMByt+uFf8AV8x0IW/Qkuv+hEQcyM9vxK
-3VZdLbCVIhNoEsysrxCpxcI=
------END CERTIFICATE-----
-Tims test GCI CA
-
------BEGIN CERTIFICATE-----
-MIIB8DCCAZoCAQAwDQYJKoZIhvcNAQEEBQAwgYIxCzAJBgNVBAYTAkFVMRMwEQYD
-VQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5
-cHRTb2Z0IFB0eSBMdGQxFDASBgNVBAsTC2RldmVsb3BtZW50MRkwFwYDVQQDExBD
-cnlwdFNvZnQgRGV2IENBMB4XDTk3MDMyMjEzMzQwNFoXDTk4MDMyMjEzMzQwNFow
-gYIxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhC
-cmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxFDASBgNVBAsTC2Rl
-dmVsb3BtZW50MRkwFwYDVQQDExBDcnlwdFNvZnQgRGV2IENBMFwwDQYJKoZIhvcN
-AQEBBQADSwAwSAJBAOAOAqogG5QwAmLhzyO4CoRnx/wVy4NZP4dxJy83O1EnL0rw
-OdsamJKvPOLHgSXo3gDu9uVyvCf/QJmZAmC5ml8CAwEAATANBgkqhkiG9w0BAQQF
-AANBADRRS/GVdd7rAqRW6SdmgLJduOU2yq3avBu99kRqbp9A/dLu6r6jU+eP4oOA
-TfdbFZtAAD2Hx9jUtY3tfdrJOb8=
------END CERTIFICATE-----
-
------BEGIN CERTIFICATE-----
-MIICVjCCAgACAQAwDQYJKoZIhvcNAQEEBQAwgbUxCzAJBgNVBAYTAkFVMRMwEQYD
-VQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5
-cHRTb2Z0IFB0eSBMdGQxLDAqBgNVBAsTI1dPUlRITEVTUyBDRVJUSUZJQ0FUSU9O
-IEFVVEhPUklUSUVTMTQwMgYDVQQDEytaRVJPIFZBTFVFIENBIC0gREVNT05TVFJB
-VElPTiBQVVJQT1NFUyBPTkxZMB4XDTk3MDQwMzEzMjI1NFoXDTk4MDQwMzEzMjI1
-NFowgbUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQH
-EwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxLDAqBgNVBAsT
-I1dPUlRITEVTUyBDRVJUSUZJQ0FUSU9OIEFVVEhPUklUSUVTMTQwMgYDVQQDEyta
-RVJPIFZBTFVFIENBIC0gREVNT05TVFJBVElPTiBQVVJQT1NFUyBPTkxZMFwwDQYJ
-KoZIhvcNAQEBBQADSwAwSAJBAOZ7T7yqP/tyspcko3yPY1y0Cm2EmwNvzW4QgVXR
-Fjs3HmJ4xtSpXdo6mwcGezL3Abt/aQXaxv9PU8xt+Jr0OFUCAwEAATANBgkqhkiG
-9w0BAQQFAANBAOQpYmGgyCqCy1OljgJhCqQOu627oVlHzK1L+t9vBaMfn40AVUR4
-WzQVWO31KTgi5vTK1U+3h46fgUWqQ0h+6rU=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIAwgKADAgECAgEAMA0GCSqGSIb3DQEBBAUAMGIxETAPBgNVBAcTCEludGVybmV0
-MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xh
-c3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlcjAeFw05NjA0MDgxMDIwMjda
-Fw05NzA0MDgxMDIwMjdaMGIxETAPBgNVBAcTCEludGVybmV0MRcwFQYDVQQKEw5W
-ZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xhc3MgMSBDQSAtIElu
-ZGl2aWR1YWwgU3Vic2NyaWJlcjCAMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2
-FKbPTdAFDdjKI9BvqrQpkmOOLPhvltcunXZLEbE2jVfJw/0cxrr+Hgi6M8qV6r7j
-W80GqLd5HUQq7XPysVKDaBBwZJHXPmv5912dFEObbpdFmIFH0S3L3bty10w/cari
-QPJUObwW7s987LrbP2wqsxaxhhKdrpM01bjV0Pc+qQIDAQABAAAAADANBgkqhkiG
-9w0BAQQFAAOBgQA+1nJryNt8VBRjRr07ArDAV/3jAH7GjDc9jsrxZS68ost9v06C
-TvTNKGL+LISNmFLXl+JXhgGB0JZ9fvyYzNgHQ46HBUng1H6voalfJgS2KdEo50wW
-8EFZYMDkT1k4uynwJqkVN2QJK/2q4/A/VCov5h6SlM8Affg2W+1TLqvqkwAA
------END CERTIFICATE-----
-
- subject=/L=Internet/O=VeriSign, Inc./OU=VeriSign Class 2 CA - Individual Subscriber
- issuer= /L=Internet/O=VeriSign, Inc./OU=VeriSign Class 2 CA - Individual Subscriber
-
------BEGIN CERTIFICATE-----
-MIIEkzCCA/ygAwIBAgIRANDTUpSRL3nTFeMrMayFSPAwDQYJKoZIhvcNAQECBQAw
-YjERMA8GA1UEBxMISW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQw
-MgYDVQQLEytWZXJpU2lnbiBDbGFzcyAyIENBIC0gSW5kaXZpZHVhbCBTdWJzY3Jp
-YmVyMB4XDTk2MDYwNDAwMDAwMFoXDTk4MDYwNDIzNTk1OVowYjERMA8GA1UEBxMI
-SW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytWZXJp
-U2lnbiBDbGFzcyAyIENBIC0gSW5kaXZpZHVhbCBTdWJzY3JpYmVyMIGfMA0GCSqG
-SIb3DQEBAQUAA4GNADCBiQKBgQC6A+2czKGRcYMfm8gdnk+0de99TDDzsqo0v5nb
-RsbUmMcdRQ7nsMbRWe0SAb/9QoLTZ/cJ0iOBqdrkz7UpqqKarVoTSdlSMVM92tWp
-3bJncZHQD1t4xd6lQVdI1/T6R+5J0T1ukOdsI9Jmf+F28S6g3R3L1SFwiHKeZKZv
-z+793wIDAQABo4ICRzCCAkMwggIpBgNVHQMBAf8EggIdMIICGTCCAhUwggIRBgtg
-hkgBhvhFAQcBATCCAgAWggGrVGhpcyBjZXJ0aWZpY2F0ZSBpbmNvcnBvcmF0ZXMg
-YnkgcmVmZXJlbmNlLCBhbmQgaXRzIHVzZSBpcyBzdHJpY3RseSBzdWJqZWN0IHRv
-LCB0aGUgVmVyaVNpZ24gQ2VydGlmaWNhdGlvbiBQcmFjdGljZSBTdGF0ZW1lbnQg
-KENQUyksIGF2YWlsYWJsZSBhdDogaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL0NQ
-Uy0xLjA7IGJ5IEUtbWFpbCBhdCBDUFMtcmVxdWVzdHNAdmVyaXNpZ24uY29tOyBv
-ciBieSBtYWlsIGF0IFZlcmlTaWduLCBJbmMuLCAyNTkzIENvYXN0IEF2ZS4sIE1v
-dW50YWluIFZpZXcsIENBIDk0MDQzIFVTQSBUZWwuICsxICg0MTUpIDk2MS04ODMw
-IENvcHlyaWdodCAoYykgMTk5NiBWZXJpU2lnbiwgSW5jLiAgQWxsIFJpZ2h0cyBS
-ZXNlcnZlZC4gQ0VSVEFJTiBXQVJSQU5USUVTIERJU0NMQUlNRUQgYW5kIExJQUJJ
-TElUWSBMSU1JVEVELqAOBgxghkgBhvhFAQcBAQGhDgYMYIZIAYb4RQEHAQECMC8w
-LRYraHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JlcG9zaXRvcnkvQ1BTLTEuMDAU
-BglghkgBhvhCAQEBAf8EBAMCAgQwDQYJKoZIhvcNAQECBQADgYEApRJRkNBqLLgs
-53IR/d18ODdLOWMTZ+QOOxBrq460iBEdUwgF8vmPRX1ku7UiDeNzaLlurE6eFqHq
-2zPyK5j60zfTLVJMWKcQWwTJLjHtXrW8pxhNtFc6Fdvy5ZkHnC/9NIl7/t4U6WqB
-p4y+p7SdMIkEwIZfds0VbnQyX5MRUJY=
------END CERTIFICATE-----
-
- subject=/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
- issuer= /C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
------BEGIN CERTIFICATE-----
-MIICMTCCAZoCBQKhAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcw
-FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMg
-UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NjAxMjkwMDAwMDBa
-Fw05OTEyMzEyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2ln
-biwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZp
-Y2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAyVxZ
-nvIbigEUtBDfBEDb41evakVAj4QMC9Ez2dkRz+4CWB8l9yqoRAWq7AMfeH+ek7ma
-AKojfdashaJjRcdyJ8z0TMZ1cdI5709C8HXfCpDGjiBvmA/4rCNfcCk2pMmG57Ga
-IMtTpYXnPb59mv4kRTPcdhXtD6JxZExlLoFoRacCAwEAATANBgkqhkiG9w0BAQIF
-AAOBgQB1Zmw+0c2B27X4LzZRtvdCvM1Cr9wO+hVs+GeTVzrrtpLotgHKjLeOQ7RJ
-Zfk+7r11Ri7J/CVdqMcvi5uPaM+0nJcYwE3vH9mvgrPmZLiEXIqaB1JDYft0nls6
-NvxMsvwaPxUupVs8G5DsiCnkWRb5zget7Ond2tIxik/W2O8XjQ==
------END CERTIFICATE-----
- subject=/C=US/O=VeriSign, Inc./OU=Class 4 Public Primary Certification Authority
- issuer= /C=US/O=VeriSign, Inc./OU=Class 4 Public Primary Certification Authority
------BEGIN CERTIFICATE-----
-MIICMTCCAZoCBQKmAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcw
-FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgNCBQdWJsaWMg
-UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NjAxMjkwMDAwMDBa
-Fw05OTEyMzEyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2ln
-biwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgNCBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZp
-Y2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA0LJ1
-9njQrlpQ9OlQqZ+M1++RlHDo0iSQdomF1t+s5gEXMoDwnZNHvJplnR+Xrr/phnVj
-IIm9gFidBAydqMEk6QvlMXi9/C0MN2qeeIDpRnX57aP7E3vIwUzSo+/1PLBij0pd
-O92VZ48TucE81qcmm+zDO3rZTbxtm+gVAePwR6kCAwEAATANBgkqhkiG9w0BAQIF
-AAOBgQBT3dPwnCR+QKri/AAa19oM/DJhuBUNlvP6Vxt/M3yv6ZiaYch6s7f/sdyZ
-g9ysEvxwyR84Qu1E9oAuW2szaayc01znX1oYx7EteQSWQZGZQbE8DbqEOcY7l/Am
-yY7uvcxClf8exwI/VAx49byqYHwCaejcrOICdmHEPgPq0ook0Q==
------END CERTIFICATE-----
Modified: trunk/crypto/openssl/apps/server2.pem
===================================================================
--- trunk/crypto/openssl/apps/server2.pem 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/apps/server2.pem 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,376 +1,52 @@
-issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
-subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Server test cert (1024 bit)
+subject= C = UK, O = OpenSSL Group, OU = FOR TESTING PURPOSES ONLY, CN = Test Server Cert #2
+issuer= C = UK, O = OpenSSL Group, OU = FOR TESTING PURPOSES ONLY, CN = OpenSSL Test Intermediate CA
-----BEGIN CERTIFICATE-----
-MIICLjCCAZcCAQEwDQYJKoZIhvcNAQEEBQAwWzELMAkGA1UEBhMCQVUxEzARBgNV
-BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYD
-VQQDExJUZXN0IENBICgxMDI0IGJpdCkwHhcNOTcwNjA5MTM1NzU0WhcNOTgwNjA5
-MTM1NzU0WjBkMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEaMBgG
-A1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxJDAiBgNVBAMTG1NlcnZlciB0ZXN0IGNl
-cnQgKDEwMjQgYml0KTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAsxH1PBPm
-RkxrR11eV4bzNi4N9n11CI8nV29+ARlT1+qDe/mjVUvXlmsr1v/vf71G9GgqopSa
-6RXrICLVdk/FYYYzhPvl1M+OrjaXDFO8BzBAF1Lnz6c7aRZvGRJNrRSr2nZEkqDf
-JW9dY7r2VZEpD5QeuaRYUnuECkqeieB65GMCAwEAATANBgkqhkiG9w0BAQQFAAOB
-gQCWsOta6C0wiVzXz8wPmJKyTrurMlgUss2iSuW9366iwofZddsNg7FXniMzkIf6
-dp7jnmWZwKZ9cXsNUS2o4OL07qOk2HOywC0YsNZQsOBu1CBTYYkIefDiKFL1zQHh
-8lwwNd4NP+OE3NzUNkCfh4DnFfg9WHkXUlD5UpxNRJ4gJA==
+MIID6jCCAtKgAwIBAgIJALnu1NlVpZ60MA0GCSqGSIb3DQEBBQUAMHAxCzAJBgNV
+BAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMSIwIAYDVQQLDBlGT1IgVEVT
+VElORyBQVVJQT1NFUyBPTkxZMSUwIwYDVQQDDBxPcGVuU1NMIFRlc3QgSW50ZXJt
+ZWRpYXRlIENBMB4XDTExMTIwODE0MDE0OFoXDTIxMTAxNjE0MDE0OFowZzELMAkG
+A1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAxIjAgBgNVBAsMGUZPUiBU
+RVNUSU5HIFBVUlBPU0VTIE9OTFkxHDAaBgNVBAMME1Rlc3QgU2VydmVyIENlcnQg
+IzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDrdi7j9yctG+L4EjBy
+gjPmEqZzOJEQba26MoQGzglU7e5Xf59Rb/hgVQuKAoiZe7/R8rK4zJ4W7iXdXw0L
+qBpyG8B5aGKeI32w+A9TcBApoXXL2CrYQEQjZwUIpLlYBIi2NkJj3nVkq5dgl1gO
+ALiQ+W8jg3kzg5Ec9rimp9r93N8wsSL3awsafurmYCvOf7leHaMP1WJ/zDRGUNHG
+/WtDjXc8ZUG1+6EXU9Jc2Fs+2Omf7fcN0l00AK/wPg8OaNS0rKyGq9JdIT9FRGV1
+bXe/rx58FaE5CItdwCSYhJvF/O95LWQoxJXye5bCFLmvDTEyVq9FMSCptfsmbXjE
+ZGsXAgMBAAGjgY8wgYwwDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCBeAwLAYJ
+YIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1Ud
+DgQWBBR52UaWWTKzZGDH/X4mWNcuqeQVazAfBgNVHSMEGDAWgBQ2w2yI55X+sL3s
+zj49hqshgYfa2jANBgkqhkiG9w0BAQUFAAOCAQEANBW+XYLlHBqVY/31ie+3gRlS
+LPfy4SIqn0t3RJjagT29MXprblBO2cbMO8VGjkQdKGpmMXjxbht2arOOUXRHX4n/
+XTyn/QHEf0bcwIITMReO3DZUPAEw8hSjn9xEOM0IRVOCP+mH5fi74QzzQaZVCyYg
+5VtLKdww/+sc0nCbKl2KWgDluriH0nfVx95qgW3mg9dhXRr0zmf1w2zkBHYpARYL
+Dew6Z8EE4tS3HJu8/qM6meWzNtrfonQ3eiiMxjZBxzV46jchBwa2z9XYhP6AmpPb
+oeTSzcQNbWsxaGYzWo46oLDUZmJOwSBawbS31bZNMCoPIY6ukoesCzFSsUKZww==
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
-MIICXgIBAAKBgQCzEfU8E+ZGTGtHXV5XhvM2Lg32fXUIjydXb34BGVPX6oN7+aNV
-S9eWayvW/+9/vUb0aCqilJrpFesgItV2T8VhhjOE++XUz46uNpcMU7wHMEAXUufP
-pztpFm8ZEk2tFKvadkSSoN8lb11juvZVkSkPlB65pFhSe4QKSp6J4HrkYwIDAQAB
-AoGBAKy8jvb0Lzby8q11yNLf7+78wCVdYi7ugMHcYA1JVFK8+zb1WfSm44FLQo/0
-dSChAjgz36TTexeLODPYxleJndjVcOMVzsLJjSM8dLpXsTS4FCeMbhw2s2u+xqKY
-bbPWfk+HOTyJjfnkcC5Nbg44eOmruq0gSmBeUXVM5UntlTnxAkEA7TGCA3h7kx5E
-Bl4zl2pc3gPAGt+dyfk5Po9mGJUUXhF5p2zueGmYWW74TmOWB1kzt4QRdYMzFePq
-zfDNXEa1CwJBAMFErdY0xp0UJ13WwBbUTk8rujqQdHtjw0klhpbuKkjxu2hN0wwM
-6p0D9qxF7JHaghqVRI0fAW/EE0OzdHMR9QkCQQDNR26dMFXKsoPu+vItljj/UEGf
-QG7gERiQ4yxaFBPHgdpGo0kT31eh9x9hQGDkxTe0GNG/YSgCRvm8+C3TMcKXAkBD
-dhGn36wkUFCddMSAM4NSJ1VN8/Z0y5HzCmI8dM3VwGtGMUQlxKxwOl30LEQzdS5M
-0SWojNYXiT2gOBfBwtbhAkEAhafl5QEOIgUz+XazS/IlZ8goNKdDVfYgK3mHHjvv
-nY5G+AuGebdNkXJr4KSWxDcN+C2i47zuj4QXA16MAOandA==
+MIIEowIBAAKCAQEA63Yu4/cnLRvi+BIwcoIz5hKmcziREG2tujKEBs4JVO3uV3+f
+UW/4YFULigKImXu/0fKyuMyeFu4l3V8NC6gachvAeWhiniN9sPgPU3AQKaF1y9gq
+2EBEI2cFCKS5WASItjZCY951ZKuXYJdYDgC4kPlvI4N5M4ORHPa4pqfa/dzfMLEi
+92sLGn7q5mArzn+5Xh2jD9Vif8w0RlDRxv1rQ413PGVBtfuhF1PSXNhbPtjpn+33
+DdJdNACv8D4PDmjUtKyshqvSXSE/RURldW13v68efBWhOQiLXcAkmISbxfzveS1k
+KMSV8nuWwhS5rw0xMlavRTEgqbX7Jm14xGRrFwIDAQABAoIBAHLsTPihIfLnYIE5
+x4GsQQ5zXeBw5ITDM37ktwHnQDC+rIzyUl1aLD1AZRBoKinXd4lOTqLZ4/NHKx4A
+DYr58mZtWyUmqLOMmQVuHXTZBlp7XtYuXMMNovQwjQlp9LicBeoBU6gQ5PVMtubD
+F4xGF89Sn0cTHW3iMkqTtQ5KcR1j57OcJO0FEb1vPvk2MXI5ZyAatUYE7YacbEzd
+rg02uIwx3FqNSkuSI79uz4hMdV5TPtuhxx9nTwj9aLUhXFeZ0mn2PVgVzEnnMoJb
++znlsZDgzDlJqdaD744YGWh8Z3OEssB35KfzFcdOeO6yH8lmv2Zfznk7pNPT7LTb
+Lae9VgkCgYEA92p1qnAB3NtJtNcaW53i0S5WJgS1hxWKvUDx3lTB9s8X9fHpqL1a
+E94fDfWzp/hax6FefUKIvBOukPLQ6bYjTMiFoOHzVirghAIuIUoMI5VtLhwD1hKs
+Lr7l/dptMgKb1nZHyXoKHRBthsy3K4+udsPi8TzMvYElgEqyQIe/Rk0CgYEA86GL
+8HC6zLszzKERDPBxrboRmoFvVUCTQDhsfj1M8aR3nQ8V5LkdIJc7Wqm/Ggfk9QRf
+rJ8M2WUMlU5CNnCn/KCrKzCNZIReze3fV+HnKdbcXGLvgbHPrhnz8yYehUFG+RGq
+bVyDWRU94T38izy2s5qMYrMJWZEYyXncSPbfcPMCgYAtaXfxcZ+V5xYPQFARMtiX
+5nZfggvDoJuXgx0h3tK/N2HBfcaSdzbaYLG4gTmZggc/jwnl2dl5E++9oSPhUdIG
+3ONSFUbxsOsGr9PBvnKd8WZZyUCXAVRjPBzAzF+whzQNWCZy/5htnz9LN7YDI9s0
+5113Q96cheDZPFydZY0hHQKBgQDVbEhNukM5xCiNcu+f2SaMnLp9EjQ4h5g3IvaP
+5B16daw/Dw8LzcohWboqIxeAsze0GD/D1ZUJAEd0qBjC3g+a9BjefervCjKOzXng
+38mEUm+6EwVjJSQcjSmycEs+Sr/kwr/8i5WYvU32+jk4tFgMoC+o6tQe/Uesf68k
+z/dPVwKBgGbF7Vv1/3SmhlOy+zYyvJ0CrWtKxH9QP6tLIEgEpd8x7YTSuCH94yok
+kToMXYA3sWNPt22GbRDZ+rcp4c7HkDx6I6vpdP9aQEwJTp0EPy0sgWr2XwYmreIQ
+NFmkk8Itn9EY2R9VBaP7GLv5kvwxDdLAnmwGmzVtbmaVdxCaBwUk
-----END RSA PRIVATE KEY-----
-subject=/C=US/O=AT&T Bell Laboratories/OU=Prototype Research CA
-issuer= /C=US/O=AT&T Bell Laboratories/OU=Prototype Research CA
-notBefore=950413210656Z
-notAfter =970412210656Z
------BEGIN X509 CERTIFICATE-----
-
-MIICCDCCAXECAQAwDQYJKoZIhvcNAQEEBQAwTjELMAkGA1UEBhMCVVMxHzAdBgNV
-BAoUFkFUJlQgQmVsbCBMYWJvcmF0b3JpZXMxHjAcBgNVBAsUFVByb3RvdHlwZSBS
-ZXNlYXJjaCBDQTAeFw05NTA0MTMyMTA2NTZaFw05NzA0MTIyMTA2NTZaME4xCzAJ
-BgNVBAYTAlVTMR8wHQYDVQQKFBZBVCZUIEJlbGwgTGFib3JhdG9yaWVzMR4wHAYD
-VQQLFBVQcm90b3R5cGUgUmVzZWFyY2ggQ0EwgZwwDQYJKoZIhvcNAQEBBQADgYoA
-MIGGAoGAebOmgtSCl+wCYZc86UGYeTLY8cjmW2P0FN8ToT/u2pECCoFdrlycX0OR
-3wt0ZhpFXLVNeDnHwEE9veNUih7pCL2ZBFqoIoQkB1lZmXRiVtjGonz8BLm/qrFM
-YHb0lme/Ol+s118mwKVxnn6bSAeI/OXKhLaVdYZWk+aEaxEDkVkCAQ8wDQYJKoZI
-hvcNAQEEBQADgYEAAZMG14lZmZ8bahkaHaTV9dQf4p2FZiQTFwHP9ZyGsXPC+LT5
-dG5iTaRmyjNIJdPWohZDl97kAci79aBndvuEvRKOjLHs3WRGBIwERnAcnY9Mz8u/
-zIHK23PjYVxGGaZd669OJwD0CYyqH22HH9nFUGaoJdsv39ChW0NRdLE9+y8=
------END X509 CERTIFICATE-----
-issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit)
-subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
------BEGIN CERTIFICATE-----
-MIICJjCCAY8CAQAwDQYJKoZIhvcNAQEEBQAwXDELMAkGA1UEBhMCQVUxEzARBgNV
-BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYD
-VQQDExNUZXN0IFBDQSAoMTAyNCBiaXQpMB4XDTk3MDYwOTEzNTc0M1oXDTAxMDYw
-OTEzNTc0M1owWzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxGjAY
-BgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYDVQQDExJUZXN0IENBICgxMDI0
-IGJpdCkwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKO7o8t116VP6cgybTsZ
-DCZhr95nYlZuya3aCi1IKoztqwWnjbmDFIriOqGFPrZQ+moMETC9D59iRW/dFXSv
-1F65ka/XY2hLh9exCCo7XuUcDs53Qp3bI3AmMqHjgzE8oO3ajyJAzJkTTOUecQU2
-mw/gI4tMM0LqWMQS7luTy4+xAgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAM7achv3v
-hLQJcv/65eGEpBXM40ZDVoFQFFJWaY5p883HTqLB1x4FdzsXHH0QKBTcKpWwqyu4
-YDm3fb8oDugw72bCzfyZK/zVZPR/hVlqI/fvU109Qoc+7oPvIXWky71HfcK6ZBCA
-q30KIqGM/uoM60INq97qjDmCJapagcNBGQs=
------END CERTIFICATE-----
------BEGIN RSA PRIVATE KEY-----
-MIICXQIBAAKBgQCju6PLddelT+nIMm07GQwmYa/eZ2JWbsmt2gotSCqM7asFp425
-gxSK4jqhhT62UPpqDBEwvQ+fYkVv3RV0r9ReuZGv12NoS4fXsQgqO17lHA7Od0Kd
-2yNwJjKh44MxPKDt2o8iQMyZE0zlHnEFNpsP4COLTDNC6ljEEu5bk8uPsQIDAQAB
-AoGAVZmpFZsDZfr0l2S9tLLwpjRWNOlKATQkno6q2WesT0eGLQufTciY+c8ypfU6
-hyio8r5iUl/VhhdjhAtKx1mRpiotftHo/eYf8rtsrnprOnWG0bWjLjtIoMbcxGn2
-J3bN6LJmbJMjDs0eJ3KnTu646F3nDUw2oGAwmpzKXA1KAP0CQQDRvQhxk2D3Pehs
-HvG665u2pB5ipYQngEFlZO7RHJZzJOZEWSLuuMqaF/7pTfA5jiBvWqCgJeCRRInL
-21ru4dlPAkEAx9jj7BgKn5TYnMoBSSe0afjsV9oApVpN1Nacb1YDtCwy+scp3++s
-nFxlv98wxIlSdpwMUn+AUWfjiWR7Tu/G/wJBAJ/KjwZIrFVxewP0x2ILYsTRYLzz
-MS4PDsO7FB+I0i7DbBOifXS2oNSpd3I0CNMwrxFnUHzynpbOStVfN3ZL5w0CQQCa
-pwFahxBRhkJKsxhjoFJBX9yl75JoY4Wvm5Tbo9ih6UJaRx3kqfkN14L2BKYcsZgb
-KY9vmDOYy6iNfjDeWTfJAkBkfPUb8oTJ/nSP5zN6sqGxSY4krc4xLxpRmxoJ8HL2
-XfhqXkTzbU13RX9JJ/NZ8vQN9Vm2NhxRGJocQkmcdVtJ
------END RSA PRIVATE KEY-----
------BEGIN X509 CERTIFICATE-----
-MIICYDCCAiACAgEoMAkGBSsOAwINBQAwfDELMAkGA1UEBhMCVVMxNjA0BgNVBAoT
-LU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFuZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEZ
-MBcGA1UECxMQVGVzdCBFbnZpcm9ubWVudDEaMBgGA1UECxMRRFNTLU5BU0EtUGls
-b3QtQ0EwHhcNOTYwMjI2MTYzMjQ1WhcNOTcwMjI1MTYzMjQ1WjB8MQswCQYDVQQG
-EwJVUzE2MDQGA1UEChMtTmF0aW9uYWwgQWVyb25hdXRpY3MgYW5kIFNwYWNlIEFk
-bWluaXN0cmF0aW9uMRkwFwYDVQQLExBUZXN0IEVudmlyb25tZW50MRowGAYDVQQL
-ExFEU1MtTkFTQS1QaWxvdC1DQTCB8jAJBgUrDgMCDAUAA4HkADCB4AJBAMA/ssKb
-hPNUG7ZlASfVwEJU21O5OyF/iyBzgHI1O8eOhJGUYO8cc8wDMjR508Mr9cp6Uhl/
-ZB7FV5GkLNEnRHYCQQDUEaSg45P2qrDwixTRhFhmWz5Nvc4lRFQ/42XPcchiJBLb
-bn3QK74T2IxY1yY+kCNq8XrIqf5fJJzIH0J/xUP3AhUAsg2wsQHfDGYk/BOSulX3
-fVd0geUCQQCzCFUQAh+ZkEmp5804cs6ZWBhrUAfnra8lJItYo9xPcXgdIfLfibcX
-R71UsyO77MRD7B0+Ag2tq794IleCVcEEMAkGBSsOAwINBQADLwAwLAIUUayDfreR
-Yh2WeU86/pHNdkUC1IgCFEfxe1f0oMpxJyrJ5XIxTi7vGdoK
------END X509 CERTIFICATE-----
------BEGIN X509 CERTIFICATE-----
-
-MIICGTCCAdgCAwCqTDAJBgUrDgMCDQUAMHwxCzAJBgNVBAYTAlVTMTYwNAYDVQQK
-Ey1OYXRpb25hbCBBZXJvbmF1dGljcyBhbmQgU3BhY2UgQWRtaW5pc3RyYXRpb24x
-GTAXBgNVBAsTEFRlc3QgRW52aXJvbm1lbnQxGjAYBgNVBAsTEURTUy1OQVNBLVBp
-bG90LUNBMB4XDTk2MDUxNDE3MDE0MVoXDTk3MDUxNDE3MDE0MVowMzELMAkGA1UE
-BhMCQVUxDzANBgNVBAoTBk1pbmNvbTETMBEGA1UEAxMKRXJpYyBZb3VuZzCB8jAJ
-BgUrDgMCDAUAA4HkADCB4AJBAKbfHz6vE6pXXMTpswtGUec2tvnfLJUsoxE9qs4+
-ObZX7LmLvragNPUeiTJx7UOWZ5DfBj6bXLc8eYne0lP1g3ACQQDUEaSg45P2qrDw
-ixTRhFhmWz5Nvc4lRFQ/42XPcchiJBLbbn3QK74T2IxY1yY+kCNq8XrIqf5fJJzI
-H0J/xUP3AhUAsg2wsQHfDGYk/BOSulX3fVd0geUCQQCzCFUQAh+ZkEmp5804cs6Z
-WBhrUAfnra8lJItYo9xPcXgdIfLfibcXR71UsyO77MRD7B0+Ag2tq794IleCVcEE
-MAkGBSsOAwINBQADMAAwLQIUWsuuJRE3VT4ueWkWMAJMJaZjj1ECFQCYY0zX4bzM
-LC7obsrHD8XAHG+ZRG==
------END X509 CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIICTTCCAbagAwIBAgIBADANBgkqhkiG9w0BAQQFADBMMQswCQYDVQQGEwJHQjEM
-MAoGA1UEChMDVUNMMRgwFgYDVQQLEw9JQ0UtVEVMIFByb2plY3QxFTATBgNVBAMT
-DFRydXN0RmFjdG9yeTAeFw05NzA0MjIxNDM5MTRaFw05ODA0MjIxNDM5MTRaMEwx
-CzAJBgNVBAYTAkdCMQwwCgYDVQQKEwNVQ0wxGDAWBgNVBAsTD0lDRS1URUwgUHJv
-amVjdDEVMBMGA1UEAxMMVHJ1c3RGYWN0b3J5MIGcMAoGBFUIAQECAgQAA4GNADCB
-iQKBgQCEieR8NcXkUW1f0G6aC6u0i8q/98JqS6RxK5YmHIGKCkuTWAUjzLfUa4dt
-U9igGCjTuxaDqlzEim+t/02pmiBZT9HaX++35MjQPUWmsChcYU5WyzGErXi+rQaw
-zlwS73zM8qiPj/97lXYycWhgL0VaiDSPxRXEUdWoaGruom4mNQIDAQABo0IwQDAd
-BgNVHQ4EFgQUHal1LZr7oVg5z6lYzrhTgZRCmcUwDgYDVR0PAQH/BAQDAgH2MA8G
-A1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAfaggfl6FZoioecjv0dq8
-/DXo/u11iMZvXn08gjX/zl2b4wtPbShOSY5FhkSm8GeySasz+/Nwb/uzfnIhokWi
-lfPZHtlCWtXbIy/TN51eJyq04ceDCQDWvLC2enVg9KB+GJ34b5c5VaPRzq8MBxsA
-S7ELuYGtmYgYm9NZOIr7yU0=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIB6jCCAZQCAgEtMA0GCSqGSIb3DQEBBAUAMIGAMQswCQYDVQQGEwJVUzE2MDQG
-A1UEChMtTmF0aW9uYWwgQWVyb25hdXRpY3MgYW5kIFNwYWNlIEFkbWluaXN0cmF0
-aW9uMRkwFwYDVQQLExBUZXN0IEVudmlyb25tZW50MR4wHAYDVQQLExVNRDUtUlNB
-LU5BU0EtUGlsb3QtQ0EwHhcNOTYwNDMwMjIwNTAwWhcNOTcwNDMwMjIwNTAwWjCB
-gDELMAkGA1UEBhMCVVMxNjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFu
-ZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEZMBcGA1UECxMQVGVzdCBFbnZpcm9ubWVu
-dDEeMBwGA1UECxMVTUQ1LVJTQS1OQVNBLVBpbG90LUNBMFkwCgYEVQgBAQICAgAD
-SwAwSAJBALmmX5+GqAvcrWK13rfDrNX9UfeA7f+ijyBgeFQjYUoDpFqapw4nzQBL
-bAXug8pKkRwa2Zh8YODhXsRWu2F/UckCAwEAATANBgkqhkiG9w0BAQQFAANBAH9a
-OBA+QCsjxXgnSqHx04gcU8S49DVUb1f2XVoLnHlIb8RnX0k5O6mpHT5eti9bLkiW
-GJNMJ4L0AJ/ac+SmHZc=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIICajCCAdMCBDGA0QUwDQYJKoZIhvcNAQEEBQAwfTELMAkGA1UEBhMCQ2ExDzAN
-BgNVBAcTBk5lcGVhbjEeMBwGA1UECxMVTm8gTGlhYmlsaXR5IEFjY2VwdGVkMR8w
-HQYDVQQKExZGb3IgRGVtbyBQdXJwb3NlcyBPbmx5MRwwGgYDVQQDExNFbnRydXN0
-IERlbW8gV2ViIENBMB4XDTk2MDQyNjEzMzUwMVoXDTA2MDQyNjEzMzUwMVowfTEL
-MAkGA1UEBhMCQ2ExDzANBgNVBAcTBk5lcGVhbjEeMBwGA1UECxMVTm8gTGlhYmls
-aXR5IEFjY2VwdGVkMR8wHQYDVQQKExZGb3IgRGVtbyBQdXJwb3NlcyBPbmx5MRww
-GgYDVQQDExNFbnRydXN0IERlbW8gV2ViIENBMIGdMA0GCSqGSIb3DQEBAQUAA4GL
-ADCBhwKBgQCaroS7O1DA0hm4IefNYU1cx/nqOmzEnk291d1XqznDeF4wEgakbkCc
-zTKxK791yNpXG5RmngqH7cygDRTHZJ6mfCRn0wGC+AI00F2vYTGqPGRQL1N3lZT0
-YDKFC0SQeMMjFIZ1aeQigroFQnHo0VB3zWIMpNkka8PY9lxHZAmWwQIBAzANBgkq
-hkiG9w0BAQQFAAOBgQBAx0UMVA1s54lMQyXjMX5kj99FJN5itb8bK1Rk+cegPQPF
-cWO9SEWyEjjBjIkjjzAwBkaEszFsNGxemxtXvwjIm1xEUMTVlPEWTs2qnDvAUA9W
-YqhWbhH0toGT36236QAsqCZ76rbTRVSSX2BHyJwJMG2tCRv7kRJ//NIgxj3H4w==
------END CERTIFICATE-----
-
-issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit)
-subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit)
------BEGIN CERTIFICATE-----
-MIICJzCCAZACAQAwDQYJKoZIhvcNAQEEBQAwXDELMAkGA1UEBhMCQVUxEzARBgNV
-BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYD
-VQQDExNUZXN0IFBDQSAoMTAyNCBiaXQpMB4XDTk3MDYwOTEzNTczN1oXDTAxMDYw
-OTEzNTczN1owXDELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxGjAY
-BgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYDVQQDExNUZXN0IFBDQSAoMTAy
-NCBiaXQpMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCdoWk/3+WcMlfjIrkg
-40ketmnQaEogQe1LLcuOJV6rKfUSAsPgwgsabJ/wn8TxA1yy3eKJbFl3OiUXMRsp
-22Jp85PmemiDzyUIStwk72qhp1imbANZvlmlCFKiQrjUyuDfu4TABmn+kkt3vR1Y
-BEOGt+IFye1UBVSATVdRJ2UVhwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBABNA1u/S
-Cg/LJZWb7GliiKJsvuhxlE4E5JxQF2zMub/CSNbF97//tYSyj96sxeFQxZXbcjm9
-xt6mr/xNLA4szNQMJ4P+L7b5e/jC5DSqlwS+CUYJgaFs/SP+qJoCSu1bR3IM9XWO
-cRBpDmcBbYLkSyB92WURvsZ1LtjEcn+cdQVI
------END CERTIFICATE-----
------BEGIN RSA PRIVATE KEY-----
-MIICXAIBAAKBgQCdoWk/3+WcMlfjIrkg40ketmnQaEogQe1LLcuOJV6rKfUSAsPg
-wgsabJ/wn8TxA1yy3eKJbFl3OiUXMRsp22Jp85PmemiDzyUIStwk72qhp1imbANZ
-vlmlCFKiQrjUyuDfu4TABmn+kkt3vR1YBEOGt+IFye1UBVSATVdRJ2UVhwIDAQAB
-AoGAba4fTtuap5l7/8ZsbE7Z1O32KJY4ZcOZukLOLUUhXxXduT+FTgGWujc0/rgc
-z9qYCLlNZHOouMYTgtSfYvuMuLZ11VIt0GYH+nRioLShE59Yy+zCRyC+gPigS1kz
-xvo14AsOIPYV14Tk/SsHyq6E0eTk7VzaIE197giiINUERPECQQDSKmtPTh/lRKw7
-HSZSM0I1mFWn/1zqrAbontRQY5w98QWIOe5qmzYyFbPXYT3d9BzlsMyhgiRNoBbD
-yvohSHXJAkEAwAHx6ezAZeWWzD5yXD36nyjpkVCw7Tk7TSmOceLJMWt1QcrCfqlS
-xA5jjpQ6Z8suU5DdtWAryM2sAir1WisYzwJAd6Zcx56jvAQ3xcPXsE6scBTVFzrj
-7FqZ6E+cclPzfLQ+QQsyOBE7bpI6e/FJppY26XGZXo3YGzV8IGXrt40oOQJALETG
-h86EFXo3qGOFbmsDy4pdP5nBERCu8X1xUCSfintiD4c2DInxgS5oGclnJeMcjTvL
-QjQoJCX3UJCi/OUO1QJBAKgcDHWjMvt+l1pjJBsSEZ0HX9AAIIVx0RQmbFGS+F2Q
-hhu5l77WnnZOQ9vvhV5u7NPCUF9nhU3jh60qWWO8mkc=
------END RSA PRIVATE KEY-----
-subject=/C=US/O=RSA Data Security, Inc./OU=Commercial Certification Authority
-issuer= /C=US/O=RSA Data Security, Inc./OU=Commercial Certification Authority
-notBefore=941104185834Z
-notAfter =991103185834Z
------BEGIN X509 CERTIFICATE-----
-
-MIICIzCCAZACBQJBAAAWMA0GCSqGSIb3DQEBAgUAMFwxCzAJBgNVBAYTAlVTMSAw
-HgYDVQQKExdSU0EgRGF0YSBTZWN1cml0eSwgSW5jLjErMCkGA1UECxMiQ29tbWVy
-Y2lhbCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NDExMDQxODU4MzRaFw05
-OTExMDMxODU4MzRaMFwxCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdSU0EgRGF0YSBT
-ZWN1cml0eSwgSW5jLjErMCkGA1UECxMiQ29tbWVyY2lhbCBDZXJ0aWZpY2F0aW9u
-IEF1dGhvcml0eTCBmzANBgkqhkiG9w0BAQEFAAOBiQAwgYUCfgCk+4Fie84QJ93o
-975sbsZwmdu41QUDaSiCnHJ/lj+O7Kwpkj+KFPhCdr69XQO5kNTQvAayUTNfxMK/
-touPmbZiImDd298ggrTKoi8tUO2UMt7gVY3UaOLgTNLNBRYulWZcYVI4HlGogqHE
-7yXpCuaLK44xZtn42f29O2nZ6wIDAQABMA0GCSqGSIb3DQEBAgUAA34AdrW2EP4j
-9/dZYkuwX5zBaLxJu7NJbyFHXSudVMQAKD+YufKKg5tgf+tQx6sFEC097TgCwaVI
-0v5loMC86qYjFmZsGySp8+x5NRhPJsjjr1BKx6cxa9B8GJ1Qv6km+iYrRpwUqbtb
-MJhCKLVLU7tDCZJAuqiqWqTGtotXTcU=
------END X509 CERTIFICATE-----
-subject=/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
-issuer= /C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
-notBefore=941109235417Z
-notAfter =991231235417Z
------BEGIN X509 CERTIFICATE-----
-
-MIICKTCCAZYCBQJBAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMSAw
-HgYDVQQKExdSU0EgRGF0YSBTZWN1cml0eSwgSW5jLjEuMCwGA1UECxMlU2VjdXJl
-IFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NDExMDkyMzU0MTda
-Fw05OTEyMzEyMzU0MTdaMF8xCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdSU0EgRGF0
-YSBTZWN1cml0eSwgSW5jLjEuMCwGA1UECxMlU2VjdXJlIFNlcnZlciBDZXJ0aWZp
-Y2F0aW9uIEF1dGhvcml0eTCBmzANBgkqhkiG9w0BAQEFAAOBiQAwgYUCfgCSznrB
-roM+WqqJg1esJQF2DK2ujiw3zus1eGRUA+WEQFHJv48I4oqCCNIWhjdV6bEhAq12
-aIGaBaJLyUslZiJWbIgHj/eBWW2EB2VwE3F2Ppt3TONQiVaYSLkdpykaEy5KEVmc
-HhXVSVQsczppgrGXOZxtcGdI5d0t1sgeewIDAQABMA0GCSqGSIb3DQEBAgUAA34A
-iNHReSHO4ovo+MF9NFM/YYPZtgs4F7boviGNjwC4i1N+RGceIr2XJ+CchcxK9oU7
-suK+ktPlDemvXA4MRpX/oRxePug2WHpzpgr4IhFrwwk4fia7c+8AvQKk8xQNMD9h
-cHsg/jKjn7P0Z1LctO6EjJY2IN6BCINxIYoPnqk=
------END X509 CERTIFICATE-----
-subject=/C=ZA/SP=Western Cape/L=Cape Town/O=Thawte Consulting cc
- /OU=Certification Services Division/CN=Thawte Server CA
- /Email=server-certs at thawte.com
-issuer= /C=ZA/SP=Western Cape/L=Cape Town/O=Thawte Consulting cc
- /OU=Certification Services Division/CN=Thawte Server CA
- /Email=server-certs at thawte.com
------BEGIN CERTIFICATE-----
-MIIC+TCCAmICAQAwDQYJKoZIhvcNAQEEBQAwgcQxCzAJBgNVBAYTAlpBMRUwEwYD
-VQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsGA1UEChMU
-VGhhd3RlIENvbnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2Vy
-dmljZXMgRGl2aXNpb24xGTAXBgNVBAMTEFRoYXd0ZSBTZXJ2ZXIgQ0ExJjAkBgkq
-hkiG9w0BCQEWF3NlcnZlci1jZXJ0c0B0aGF3dGUuY29tMB4XDTk2MDcyNzE4MDc1
-N1oXDTk4MDcyNzE4MDc1N1owgcQxCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0
-ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsGA1UEChMUVGhhd3RlIENv
-bnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2VydmljZXMgRGl2
-aXNpb24xGTAXBgNVBAMTEFRoYXd0ZSBTZXJ2ZXIgQ0ExJjAkBgkqhkiG9w0BCQEW
-F3NlcnZlci1jZXJ0c0B0aGF3dGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB
-iQKBgQDTpFBuyP9Wa+bPXbbqDGh1R6KqwtqEJfyo9EdR2oW1IHSUhh4PdcnpCGH1
-Bm0wbhUZAulSwGLbTZme4moMRDjN/r7jZAlwxf6xaym2L0nIO9QnBCUQly/nkG3A
-KEKZ10xD3sP1IW1Un13DWOHA5NlbsLjctHvfNjrCtWYiEtaHDQIDAQABMA0GCSqG
-SIb3DQEBBAUAA4GBAIsvn7ifX3RUIrvYXtpI4DOfARkTogwm6o7OwVdl93yFhDcX
-7h5t0XZ11MUAMziKdde3rmTvzUYIUCYoY5b032IwGMTvdiclK+STN6NP2m5nvFAM
-qJT5gC5O+j/jBuZRQ4i0AMYQr5F4lT8oBJnhgafw6PL8aDY2vMHGSPl9+7uf
------END CERTIFICATE-----
-
------BEGIN CERTIFICATE-----
-MIIDDTCCAnYCAQAwDQYJKoZIhvcNAQEEBQAwgc4xCzAJBgNVBAYTAlpBMRUwEwYD
-VQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsGA1UEChMU
-VGhhd3RlIENvbnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2Vy
-dmljZXMgRGl2aXNpb24xITAfBgNVBAMTGFRoYXd0ZSBQcmVtaXVtIFNlcnZlciBD
-QTEoMCYGCSqGSIb3DQEJARYZcHJlbWl1bS1zZXJ2ZXJAdGhhd3RlLmNvbTAeFw05
-NjA3MjcxODA3MTRaFw05ODA3MjcxODA3MTRaMIHOMQswCQYDVQQGEwJaQTEVMBMG
-A1UECBMMV2VzdGVybiBDYXBlMRIwEAYDVQQHEwlDYXBlIFRvd24xHTAbBgNVBAoT
-FFRoYXd0ZSBDb25zdWx0aW5nIGNjMSgwJgYDVQQLEx9DZXJ0aWZpY2F0aW9uIFNl
-cnZpY2VzIERpdmlzaW9uMSEwHwYDVQQDExhUaGF3dGUgUHJlbWl1bSBTZXJ2ZXIg
-Q0ExKDAmBgkqhkiG9w0BCQEWGXByZW1pdW0tc2VydmVyQHRoYXd0ZS5jb20wgZ8w
-DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANI2NmqL18JbntqBQWKPOO5JBFXW0O8c
-G5UWR+8YSDU6UvQragaPOy/qVuOvho2eF/eetGV1Ak3vywmiIVHYm9Bn0LoNkgYU
-c9STy5cqAJxcTgy8+hVS/PJEbtoRSm4Iny8t4/mqOoZztkZTWMiJBb2DEbhzP6oH
-jfRCTedAnRw3AgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAutFIgTRZVYerIZfL9lvR
-w9Eifvvo5KTZ3h+Bj+VzNnyw4Qc/IyXkPOu6SIiH9LQ3sCmWBdxpe+qr4l77rLj2
-GYuMtESFfn1XVALzkYgC7JcPuTOjMfIiMByt+uFf8AV8x0IW/Qkuv+hEQcyM9vxK
-3VZdLbCVIhNoEsysrxCpxcI=
------END CERTIFICATE-----
-Tims test GCI CA
-
------BEGIN CERTIFICATE-----
-MIIB8DCCAZoCAQAwDQYJKoZIhvcNAQEEBQAwgYIxCzAJBgNVBAYTAkFVMRMwEQYD
-VQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5
-cHRTb2Z0IFB0eSBMdGQxFDASBgNVBAsTC2RldmVsb3BtZW50MRkwFwYDVQQDExBD
-cnlwdFNvZnQgRGV2IENBMB4XDTk3MDMyMjEzMzQwNFoXDTk4MDMyMjEzMzQwNFow
-gYIxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhC
-cmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxFDASBgNVBAsTC2Rl
-dmVsb3BtZW50MRkwFwYDVQQDExBDcnlwdFNvZnQgRGV2IENBMFwwDQYJKoZIhvcN
-AQEBBQADSwAwSAJBAOAOAqogG5QwAmLhzyO4CoRnx/wVy4NZP4dxJy83O1EnL0rw
-OdsamJKvPOLHgSXo3gDu9uVyvCf/QJmZAmC5ml8CAwEAATANBgkqhkiG9w0BAQQF
-AANBADRRS/GVdd7rAqRW6SdmgLJduOU2yq3avBu99kRqbp9A/dLu6r6jU+eP4oOA
-TfdbFZtAAD2Hx9jUtY3tfdrJOb8=
------END CERTIFICATE-----
-
------BEGIN CERTIFICATE-----
-MIICVjCCAgACAQAwDQYJKoZIhvcNAQEEBQAwgbUxCzAJBgNVBAYTAkFVMRMwEQYD
-VQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5
-cHRTb2Z0IFB0eSBMdGQxLDAqBgNVBAsTI1dPUlRITEVTUyBDRVJUSUZJQ0FUSU9O
-IEFVVEhPUklUSUVTMTQwMgYDVQQDEytaRVJPIFZBTFVFIENBIC0gREVNT05TVFJB
-VElPTiBQVVJQT1NFUyBPTkxZMB4XDTk3MDQwMzEzMjI1NFoXDTk4MDQwMzEzMjI1
-NFowgbUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQH
-EwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxLDAqBgNVBAsT
-I1dPUlRITEVTUyBDRVJUSUZJQ0FUSU9OIEFVVEhPUklUSUVTMTQwMgYDVQQDEyta
-RVJPIFZBTFVFIENBIC0gREVNT05TVFJBVElPTiBQVVJQT1NFUyBPTkxZMFwwDQYJ
-KoZIhvcNAQEBBQADSwAwSAJBAOZ7T7yqP/tyspcko3yPY1y0Cm2EmwNvzW4QgVXR
-Fjs3HmJ4xtSpXdo6mwcGezL3Abt/aQXaxv9PU8xt+Jr0OFUCAwEAATANBgkqhkiG
-9w0BAQQFAANBAOQpYmGgyCqCy1OljgJhCqQOu627oVlHzK1L+t9vBaMfn40AVUR4
-WzQVWO31KTgi5vTK1U+3h46fgUWqQ0h+6rU=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIAwgKADAgECAgEAMA0GCSqGSIb3DQEBBAUAMGIxETAPBgNVBAcTCEludGVybmV0
-MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xh
-c3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlcjAeFw05NjA0MDgxMDIwMjda
-Fw05NzA0MDgxMDIwMjdaMGIxETAPBgNVBAcTCEludGVybmV0MRcwFQYDVQQKEw5W
-ZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xhc3MgMSBDQSAtIElu
-ZGl2aWR1YWwgU3Vic2NyaWJlcjCAMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2
-FKbPTdAFDdjKI9BvqrQpkmOOLPhvltcunXZLEbE2jVfJw/0cxrr+Hgi6M8qV6r7j
-W80GqLd5HUQq7XPysVKDaBBwZJHXPmv5912dFEObbpdFmIFH0S3L3bty10w/cari
-QPJUObwW7s987LrbP2wqsxaxhhKdrpM01bjV0Pc+qQIDAQABAAAAADANBgkqhkiG
-9w0BAQQFAAOBgQA+1nJryNt8VBRjRr07ArDAV/3jAH7GjDc9jsrxZS68ost9v06C
-TvTNKGL+LISNmFLXl+JXhgGB0JZ9fvyYzNgHQ46HBUng1H6voalfJgS2KdEo50wW
-8EFZYMDkT1k4uynwJqkVN2QJK/2q4/A/VCov5h6SlM8Affg2W+1TLqvqkwAA
------END CERTIFICATE-----
-
- subject=/L=Internet/O=VeriSign, Inc./OU=VeriSign Class 2 CA - Individual Subscriber
- issuer= /L=Internet/O=VeriSign, Inc./OU=VeriSign Class 2 CA - Individual Subscriber
-
------BEGIN CERTIFICATE-----
-MIIEkzCCA/ygAwIBAgIRANDTUpSRL3nTFeMrMayFSPAwDQYJKoZIhvcNAQECBQAw
-YjERMA8GA1UEBxMISW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQw
-MgYDVQQLEytWZXJpU2lnbiBDbGFzcyAyIENBIC0gSW5kaXZpZHVhbCBTdWJzY3Jp
-YmVyMB4XDTk2MDYwNDAwMDAwMFoXDTk4MDYwNDIzNTk1OVowYjERMA8GA1UEBxMI
-SW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytWZXJp
-U2lnbiBDbGFzcyAyIENBIC0gSW5kaXZpZHVhbCBTdWJzY3JpYmVyMIGfMA0GCSqG
-SIb3DQEBAQUAA4GNADCBiQKBgQC6A+2czKGRcYMfm8gdnk+0de99TDDzsqo0v5nb
-RsbUmMcdRQ7nsMbRWe0SAb/9QoLTZ/cJ0iOBqdrkz7UpqqKarVoTSdlSMVM92tWp
-3bJncZHQD1t4xd6lQVdI1/T6R+5J0T1ukOdsI9Jmf+F28S6g3R3L1SFwiHKeZKZv
-z+793wIDAQABo4ICRzCCAkMwggIpBgNVHQMBAf8EggIdMIICGTCCAhUwggIRBgtg
-hkgBhvhFAQcBATCCAgAWggGrVGhpcyBjZXJ0aWZpY2F0ZSBpbmNvcnBvcmF0ZXMg
-YnkgcmVmZXJlbmNlLCBhbmQgaXRzIHVzZSBpcyBzdHJpY3RseSBzdWJqZWN0IHRv
-LCB0aGUgVmVyaVNpZ24gQ2VydGlmaWNhdGlvbiBQcmFjdGljZSBTdGF0ZW1lbnQg
-KENQUyksIGF2YWlsYWJsZSBhdDogaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL0NQ
-Uy0xLjA7IGJ5IEUtbWFpbCBhdCBDUFMtcmVxdWVzdHNAdmVyaXNpZ24uY29tOyBv
-ciBieSBtYWlsIGF0IFZlcmlTaWduLCBJbmMuLCAyNTkzIENvYXN0IEF2ZS4sIE1v
-dW50YWluIFZpZXcsIENBIDk0MDQzIFVTQSBUZWwuICsxICg0MTUpIDk2MS04ODMw
-IENvcHlyaWdodCAoYykgMTk5NiBWZXJpU2lnbiwgSW5jLiAgQWxsIFJpZ2h0cyBS
-ZXNlcnZlZC4gQ0VSVEFJTiBXQVJSQU5USUVTIERJU0NMQUlNRUQgYW5kIExJQUJJ
-TElUWSBMSU1JVEVELqAOBgxghkgBhvhFAQcBAQGhDgYMYIZIAYb4RQEHAQECMC8w
-LRYraHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JlcG9zaXRvcnkvQ1BTLTEuMDAU
-BglghkgBhvhCAQEBAf8EBAMCAgQwDQYJKoZIhvcNAQECBQADgYEApRJRkNBqLLgs
-53IR/d18ODdLOWMTZ+QOOxBrq460iBEdUwgF8vmPRX1ku7UiDeNzaLlurE6eFqHq
-2zPyK5j60zfTLVJMWKcQWwTJLjHtXrW8pxhNtFc6Fdvy5ZkHnC/9NIl7/t4U6WqB
-p4y+p7SdMIkEwIZfds0VbnQyX5MRUJY=
------END CERTIFICATE-----
-
- subject=/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
- issuer= /C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
------BEGIN CERTIFICATE-----
-MIICMTCCAZoCBQKhAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcw
-FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMg
-UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NjAxMjkwMDAwMDBa
-Fw05OTEyMzEyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2ln
-biwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZp
-Y2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAyVxZ
-nvIbigEUtBDfBEDb41evakVAj4QMC9Ez2dkRz+4CWB8l9yqoRAWq7AMfeH+ek7ma
-AKojfdashaJjRcdyJ8z0TMZ1cdI5709C8HXfCpDGjiBvmA/4rCNfcCk2pMmG57Ga
-IMtTpYXnPb59mv4kRTPcdhXtD6JxZExlLoFoRacCAwEAATANBgkqhkiG9w0BAQIF
-AAOBgQB1Zmw+0c2B27X4LzZRtvdCvM1Cr9wO+hVs+GeTVzrrtpLotgHKjLeOQ7RJ
-Zfk+7r11Ri7J/CVdqMcvi5uPaM+0nJcYwE3vH9mvgrPmZLiEXIqaB1JDYft0nls6
-NvxMsvwaPxUupVs8G5DsiCnkWRb5zget7Ond2tIxik/W2O8XjQ==
------END CERTIFICATE-----
- subject=/C=US/O=VeriSign, Inc./OU=Class 4 Public Primary Certification Authority
- issuer= /C=US/O=VeriSign, Inc./OU=Class 4 Public Primary Certification Authority
------BEGIN CERTIFICATE-----
-MIICMTCCAZoCBQKmAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcw
-FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgNCBQdWJsaWMg
-UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NjAxMjkwMDAwMDBa
-Fw05OTEyMzEyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2ln
-biwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgNCBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZp
-Y2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA0LJ1
-9njQrlpQ9OlQqZ+M1++RlHDo0iSQdomF1t+s5gEXMoDwnZNHvJplnR+Xrr/phnVj
-IIm9gFidBAydqMEk6QvlMXi9/C0MN2qeeIDpRnX57aP7E3vIwUzSo+/1PLBij0pd
-O92VZ48TucE81qcmm+zDO3rZTbxtm+gVAePwR6kCAwEAATANBgkqhkiG9w0BAQIF
-AAOBgQBT3dPwnCR+QKri/AAa19oM/DJhuBUNlvP6Vxt/M3yv6ZiaYch6s7f/sdyZ
-g9ysEvxwyR84Qu1E9oAuW2szaayc01znX1oYx7EteQSWQZGZQbE8DbqEOcY7l/Am
-yY7uvcxClf8exwI/VAx49byqYHwCaejcrOICdmHEPgPq0ook0Q==
------END CERTIFICATE-----
Modified: trunk/crypto/openssl/apps/sess_id.c
===================================================================
--- trunk/crypto/openssl/apps/sess_id.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/apps/sess_id.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -90,6 +90,7 @@
int MAIN(int argc, char **argv)
{
SSL_SESSION *x = NULL;
+ X509 *peer = NULL;
int ret = 1, i, num, badops = 0;
BIO *out = NULL;
int informat, outformat;
@@ -157,14 +158,15 @@
if (x == NULL) {
goto end;
}
+ peer = SSL_SESSION_get0_peer(x);
if (context) {
- x->sid_ctx_length = strlen(context);
- if (x->sid_ctx_length > SSL_MAX_SID_CTX_LENGTH) {
+ size_t ctx_len = strlen(context);
+ if (ctx_len > SSL_MAX_SID_CTX_LENGTH) {
BIO_printf(bio_err, "Context too long\n");
goto end;
}
- memcpy(x->sid_ctx, context, x->sid_ctx_length);
+ SSL_SESSION_set1_id_context(x, (unsigned char *)context, ctx_len);
}
#ifdef undef
/* just testing for memory leaks :-) */
@@ -214,10 +216,10 @@
SSL_SESSION_print(out, x);
if (cert) {
- if (x->peer == NULL)
+ if (peer == NULL)
BIO_puts(out, "No certificate present\n");
else
- X509_print(out, x->peer);
+ X509_print(out, peer);
}
}
@@ -234,11 +236,11 @@
BIO_printf(bio_err, "unable to write SSL_SESSION\n");
goto end;
}
- } else if (!noout && (x->peer != NULL)) { /* just print the certificate */
+ } else if (!noout && (peer != NULL)) { /* just print the certificate */
if (outformat == FORMAT_ASN1)
- i = (int)i2d_X509_bio(out, x->peer);
+ i = (int)i2d_X509_bio(out, peer);
else if (outformat == FORMAT_PEM)
- i = PEM_write_bio_X509(out, x->peer);
+ i = PEM_write_bio_X509(out, peer);
else {
BIO_printf(bio_err, "bad output format specified for outfile\n");
goto end;
Modified: trunk/crypto/openssl/apps/smime.c
===================================================================
--- trunk/crypto/openssl/apps/smime.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/apps/smime.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -74,11 +74,14 @@
static int smime_cb(int ok, X509_STORE_CTX *ctx);
#define SMIME_OP 0x10
+#define SMIME_IP 0x20
+#define SMIME_SIGNERS 0x40
#define SMIME_ENCRYPT (1 | SMIME_OP)
-#define SMIME_DECRYPT 2
-#define SMIME_SIGN (3 | SMIME_OP)
-#define SMIME_VERIFY 4
-#define SMIME_PK7OUT 5
+#define SMIME_DECRYPT (2 | SMIME_IP)
+#define SMIME_SIGN (3 | SMIME_OP | SMIME_SIGNERS)
+#define SMIME_VERIFY (4 | SMIME_IP)
+#define SMIME_PK7OUT (5 | SMIME_IP | SMIME_OP)
+#define SMIME_RESIGN (6 | SMIME_IP | SMIME_OP | SMIME_SIGNERS)
int MAIN(int, char **);
@@ -91,6 +94,7 @@
const char *inmode = "r", *outmode = "w";
char *infile = NULL, *outfile = NULL;
char *signerfile = NULL, *recipfile = NULL;
+ STACK_OF(OPENSSL_STRING) *sksigners = NULL, *skkeys = NULL;
char *certfile = NULL, *keyfile = NULL, *contfile = NULL;
const EVP_CIPHER *cipher = NULL;
PKCS7 *p7 = NULL;
@@ -106,6 +110,8 @@
char *passargin = NULL, *passin = NULL;
char *inrand = NULL;
int need_rand = 0;
+ int indef = 0;
+ const EVP_MD *sign_md = NULL;
int informat = FORMAT_SMIME, outformat = FORMAT_SMIME;
int keyform = FORMAT_PEM;
#ifndef OPENSSL_NO_ENGINE
@@ -134,6 +140,8 @@
operation = SMIME_DECRYPT;
else if (!strcmp(*args, "-sign"))
operation = SMIME_SIGN;
+ else if (!strcmp(*args, "-resign"))
+ operation = SMIME_RESIGN;
else if (!strcmp(*args, "-verify"))
operation = SMIME_VERIFY;
else if (!strcmp(*args, "-pk7out"))
@@ -192,135 +200,163 @@
flags |= PKCS7_BINARY;
else if (!strcmp(*args, "-nosigs"))
flags |= PKCS7_NOSIGS;
+ else if (!strcmp(*args, "-stream"))
+ indef = 1;
+ else if (!strcmp(*args, "-indef"))
+ indef = 1;
+ else if (!strcmp(*args, "-noindef"))
+ indef = 0;
else if (!strcmp(*args, "-nooldmime"))
flags |= PKCS7_NOOLDMIMETYPE;
else if (!strcmp(*args, "-crlfeol"))
flags |= PKCS7_CRLFEOL;
else if (!strcmp(*args, "-rand")) {
- if (args[1]) {
- args++;
- inrand = *args;
- } else
- badarg = 1;
+ if (!args[1])
+ goto argerr;
+ args++;
+ inrand = *args;
need_rand = 1;
}
#ifndef OPENSSL_NO_ENGINE
else if (!strcmp(*args, "-engine")) {
- if (args[1]) {
- args++;
- engine = *args;
- } else
- badarg = 1;
+ if (!args[1])
+ goto argerr;
+ engine = *++args;
}
#endif
else if (!strcmp(*args, "-passin")) {
- if (args[1]) {
- args++;
- passargin = *args;
- } else
- badarg = 1;
+ if (!args[1])
+ goto argerr;
+ passargin = *++args;
} else if (!strcmp(*args, "-to")) {
- if (args[1]) {
- args++;
- to = *args;
- } else
- badarg = 1;
+ if (!args[1])
+ goto argerr;
+ to = *++args;
} else if (!strcmp(*args, "-from")) {
- if (args[1]) {
- args++;
- from = *args;
- } else
- badarg = 1;
+ if (!args[1])
+ goto argerr;
+ from = *++args;
} else if (!strcmp(*args, "-subject")) {
- if (args[1]) {
- args++;
- subject = *args;
- } else
- badarg = 1;
+ if (!args[1])
+ goto argerr;
+ subject = *++args;
} else if (!strcmp(*args, "-signer")) {
- if (args[1]) {
- args++;
- signerfile = *args;
- } else
- badarg = 1;
+ if (!args[1])
+ goto argerr;
+ /* If previous -signer argument add signer to list */
+
+ if (signerfile) {
+ if (!sksigners)
+ sksigners = sk_OPENSSL_STRING_new_null();
+ sk_OPENSSL_STRING_push(sksigners, signerfile);
+ if (!keyfile)
+ keyfile = signerfile;
+ if (!skkeys)
+ skkeys = sk_OPENSSL_STRING_new_null();
+ sk_OPENSSL_STRING_push(skkeys, keyfile);
+ keyfile = NULL;
+ }
+ signerfile = *++args;
} else if (!strcmp(*args, "-recip")) {
- if (args[1]) {
- args++;
- recipfile = *args;
- } else
- badarg = 1;
+ if (!args[1])
+ goto argerr;
+ recipfile = *++args;
+ } else if (!strcmp(*args, "-md")) {
+ if (!args[1])
+ goto argerr;
+ sign_md = EVP_get_digestbyname(*++args);
+ if (sign_md == NULL) {
+ BIO_printf(bio_err, "Unknown digest %s\n", *args);
+ goto argerr;
+ }
} else if (!strcmp(*args, "-inkey")) {
- if (args[1]) {
- args++;
- keyfile = *args;
- } else
- badarg = 1;
+ if (!args[1])
+ goto argerr;
+ /* If previous -inkey arument add signer to list */
+ if (keyfile) {
+ if (!signerfile) {
+ BIO_puts(bio_err, "Illegal -inkey without -signer\n");
+ goto argerr;
+ }
+ if (!sksigners)
+ sksigners = sk_OPENSSL_STRING_new_null();
+ sk_OPENSSL_STRING_push(sksigners, signerfile);
+ signerfile = NULL;
+ if (!skkeys)
+ skkeys = sk_OPENSSL_STRING_new_null();
+ sk_OPENSSL_STRING_push(skkeys, keyfile);
+ }
+ keyfile = *++args;
} else if (!strcmp(*args, "-keyform")) {
- if (args[1]) {
- args++;
- keyform = str2fmt(*args);
- } else
- badarg = 1;
+ if (!args[1])
+ goto argerr;
+ keyform = str2fmt(*++args);
} else if (!strcmp(*args, "-certfile")) {
- if (args[1]) {
- args++;
- certfile = *args;
- } else
- badarg = 1;
+ if (!args[1])
+ goto argerr;
+ certfile = *++args;
} else if (!strcmp(*args, "-CAfile")) {
- if (args[1]) {
- args++;
- CAfile = *args;
- } else
- badarg = 1;
+ if (!args[1])
+ goto argerr;
+ CAfile = *++args;
} else if (!strcmp(*args, "-CApath")) {
- if (args[1]) {
- args++;
- CApath = *args;
- } else
- badarg = 1;
+ if (!args[1])
+ goto argerr;
+ CApath = *++args;
} else if (!strcmp(*args, "-in")) {
- if (args[1]) {
- args++;
- infile = *args;
- } else
- badarg = 1;
+ if (!args[1])
+ goto argerr;
+ infile = *++args;
} else if (!strcmp(*args, "-inform")) {
- if (args[1]) {
- args++;
- informat = str2fmt(*args);
- } else
- badarg = 1;
+ if (!args[1])
+ goto argerr;
+ informat = str2fmt(*++args);
} else if (!strcmp(*args, "-outform")) {
- if (args[1]) {
- args++;
- outformat = str2fmt(*args);
- } else
- badarg = 1;
+ if (!args[1])
+ goto argerr;
+ outformat = str2fmt(*++args);
} else if (!strcmp(*args, "-out")) {
- if (args[1]) {
- args++;
- outfile = *args;
- } else
- badarg = 1;
+ if (!args[1])
+ goto argerr;
+ outfile = *++args;
} else if (!strcmp(*args, "-content")) {
- if (args[1]) {
- args++;
- contfile = *args;
- } else
- badarg = 1;
+ if (!args[1])
+ goto argerr;
+ contfile = *++args;
} else if (args_verify(&args, NULL, &badarg, bio_err, &vpm))
continue;
- else
+ else if ((cipher = EVP_get_cipherbyname(*args + 1)) == NULL)
badarg = 1;
args++;
}
- if (operation == SMIME_SIGN) {
- if (!signerfile) {
+ if (!(operation & SMIME_SIGNERS) && (skkeys || sksigners)) {
+ BIO_puts(bio_err, "Multiple signers or keys not allowed\n");
+ goto argerr;
+ }
+
+ if (operation & SMIME_SIGNERS) {
+ /* Check to see if any final signer needs to be appended */
+ if (keyfile && !signerfile) {
+ BIO_puts(bio_err, "Illegal -inkey without -signer\n");
+ goto argerr;
+ }
+ if (signerfile) {
+ if (!sksigners)
+ sksigners = sk_OPENSSL_STRING_new_null();
+ sk_OPENSSL_STRING_push(sksigners, signerfile);
+ if (!skkeys)
+ skkeys = sk_OPENSSL_STRING_new_null();
+ if (!keyfile)
+ keyfile = signerfile;
+ sk_OPENSSL_STRING_push(skkeys, keyfile);
+ }
+ if (!sksigners) {
BIO_printf(bio_err, "No signer certificate specified\n");
badarg = 1;
}
+ signerfile = NULL;
+ keyfile = NULL;
need_rand = 1;
} else if (operation == SMIME_DECRYPT) {
if (!recipfile && !keyfile) {
@@ -338,6 +374,7 @@
badarg = 1;
if (badarg) {
+ argerr:
BIO_printf(bio_err, "Usage smime [options] cert.pem ...\n");
BIO_printf(bio_err, "where options are\n");
BIO_printf(bio_err, "-encrypt encrypt message\n");
@@ -405,6 +442,8 @@
"-CApath dir trusted certificates directory\n");
BIO_printf(bio_err, "-CAfile file trusted certificates file\n");
BIO_printf(bio_err,
+ "-no_alt_chains only ever use the first certificate chain found\n");
+ BIO_printf(bio_err,
"-crl_check check revocation status of signer's certificate using CRLs\n");
BIO_printf(bio_err,
"-crl_check_all check revocation status of signer's certificate chain using CRLs\n");
@@ -440,19 +479,23 @@
ret = 2;
- if (operation != SMIME_SIGN)
+ if (!(operation & SMIME_SIGNERS))
flags &= ~PKCS7_DETACHED;
if (operation & SMIME_OP) {
- if (flags & PKCS7_BINARY)
- inmode = "rb";
if (outformat == FORMAT_ASN1)
outmode = "wb";
} else {
if (flags & PKCS7_BINARY)
outmode = "wb";
+ }
+
+ if (operation & SMIME_IP) {
if (informat == FORMAT_ASN1)
inmode = "rb";
+ } else {
+ if (flags & PKCS7_BINARY)
+ inmode = "rb";
}
if (operation == SMIME_ENCRYPT) {
@@ -481,25 +524,9 @@
}
}
- if (signerfile && (operation == SMIME_SIGN)) {
- if (!(signer = load_cert(bio_err, signerfile, FORMAT_PEM, NULL,
- e, "signer certificate"))) {
-#if 0 /* An appropri message has already been
- * printed */
- BIO_printf(bio_err, "Can't read signer certificate file %s\n",
- signerfile);
-#endif
- goto end;
- }
- }
-
if (certfile) {
if (!(other = load_certs(bio_err, certfile, FORMAT_PEM, NULL,
e, "certificate file"))) {
-#if 0 /* An appropriate message has already been
- * printed */
- BIO_printf(bio_err, "Can't read certificate file %s\n", certfile);
-#endif
ERR_print_errors(bio_err);
goto end;
}
@@ -508,11 +535,6 @@
if (recipfile && (operation == SMIME_DECRYPT)) {
if (!(recip = load_cert(bio_err, recipfile, FORMAT_PEM, NULL,
e, "recipient certificate file"))) {
-#if 0 /* An appropriate message has alrady been
- * printed */
- BIO_printf(bio_err, "Can't read recipient certificate file %s\n",
- recipfile);
-#endif
ERR_print_errors(bio_err);
goto end;
}
@@ -542,6 +564,31 @@
} else
in = BIO_new_fp(stdin, BIO_NOCLOSE);
+ if (operation & SMIME_IP) {
+ if (informat == FORMAT_SMIME)
+ p7 = SMIME_read_PKCS7(in, &indata);
+ else if (informat == FORMAT_PEM)
+ p7 = PEM_read_bio_PKCS7(in, NULL, NULL, NULL);
+ else if (informat == FORMAT_ASN1)
+ p7 = d2i_PKCS7_bio(in, NULL);
+ else {
+ BIO_printf(bio_err, "Bad input format for PKCS#7 file\n");
+ goto end;
+ }
+
+ if (!p7) {
+ BIO_printf(bio_err, "Error reading S/MIME message\n");
+ goto end;
+ }
+ if (contfile) {
+ BIO_free(indata);
+ if (!(indata = BIO_new_file(contfile, "rb"))) {
+ BIO_printf(bio_err, "Can't read content file %s\n", contfile);
+ goto end;
+ }
+ }
+ }
+
if (outfile) {
if (!(out = BIO_new_file(outfile, outmode))) {
BIO_printf(bio_err, "Can't open output file %s\n", outfile);
@@ -560,7 +607,7 @@
if (operation == SMIME_VERIFY) {
if (!(store = setup_verify(bio_err, CAfile, CApath)))
goto end;
- X509_STORE_set_verify_cb_func(store, smime_cb);
+ X509_STORE_set_verify_cb(store, smime_cb);
if (vpm)
X509_STORE_set1_param(store, vpm);
}
@@ -567,37 +614,50 @@
ret = 3;
- if (operation == SMIME_ENCRYPT)
+ if (operation == SMIME_ENCRYPT) {
+ if (indef)
+ flags |= PKCS7_STREAM;
p7 = PKCS7_encrypt(encerts, in, cipher, flags);
- else if (operation == SMIME_SIGN) {
+ } else if (operation & SMIME_SIGNERS) {
+ int i;
/*
- * If detached data and SMIME output enable partial signing.
+ * If detached data content we only enable streaming if S/MIME output
+ * format.
*/
- if ((flags & PKCS7_DETACHED) && (outformat == FORMAT_SMIME))
- flags |= PKCS7_STREAM;
- p7 = PKCS7_sign(signer, key, other, in, flags);
- } else {
- if (informat == FORMAT_SMIME)
- p7 = SMIME_read_PKCS7(in, &indata);
- else if (informat == FORMAT_PEM)
- p7 = PEM_read_bio_PKCS7(in, NULL, NULL, NULL);
- else if (informat == FORMAT_ASN1)
- p7 = d2i_PKCS7_bio(in, NULL);
- else {
- BIO_printf(bio_err, "Bad input format for PKCS#7 file\n");
- goto end;
+ if (operation == SMIME_SIGN) {
+ if (flags & PKCS7_DETACHED) {
+ if (outformat == FORMAT_SMIME)
+ flags |= PKCS7_STREAM;
+ } else if (indef)
+ flags |= PKCS7_STREAM;
+ flags |= PKCS7_PARTIAL;
+ p7 = PKCS7_sign(NULL, NULL, other, in, flags);
+ if (!p7)
+ goto end;
+ } else
+ flags |= PKCS7_REUSE_DIGEST;
+ for (i = 0; i < sk_OPENSSL_STRING_num(sksigners); i++) {
+ signerfile = sk_OPENSSL_STRING_value(sksigners, i);
+ keyfile = sk_OPENSSL_STRING_value(skkeys, i);
+ signer = load_cert(bio_err, signerfile, FORMAT_PEM, NULL,
+ e, "signer certificate");
+ if (!signer)
+ goto end;
+ key = load_key(bio_err, keyfile, keyform, 0, passin, e,
+ "signing key file");
+ if (!key)
+ goto end;
+ if (!PKCS7_sign_add_signer(p7, signer, key, sign_md, flags))
+ goto end;
+ X509_free(signer);
+ signer = NULL;
+ EVP_PKEY_free(key);
+ key = NULL;
}
-
- if (!p7) {
- BIO_printf(bio_err, "Error reading S/MIME message\n");
- goto end;
- }
- if (contfile) {
- BIO_free(indata);
- if (!(indata = BIO_new_file(contfile, "rb"))) {
- BIO_printf(bio_err, "Can't read content file %s\n", contfile);
+ /* If not streaming or resigning finalize structure */
+ if ((operation == SMIME_SIGN) && !(flags & PKCS7_STREAM)) {
+ if (!PKCS7_final(p7, in, flags))
goto end;
- }
}
}
@@ -636,12 +696,15 @@
BIO_printf(out, "From: %s\n", from);
if (subject)
BIO_printf(out, "Subject: %s\n", subject);
- if (outformat == FORMAT_SMIME)
- SMIME_write_PKCS7(out, p7, in, flags);
- else if (outformat == FORMAT_PEM)
- PEM_write_bio_PKCS7(out, p7);
+ if (outformat == FORMAT_SMIME) {
+ if (operation == SMIME_RESIGN)
+ SMIME_write_PKCS7(out, p7, indata, flags);
+ else
+ SMIME_write_PKCS7(out, p7, in, flags);
+ } else if (outformat == FORMAT_PEM)
+ PEM_write_bio_PKCS7_stream(out, p7, in, flags);
else if (outformat == FORMAT_ASN1)
- i2d_PKCS7_bio(out, p7);
+ i2d_PKCS7_bio_stream(out, p7, in, flags);
else {
BIO_printf(bio_err, "Bad output format for PKCS#7 file\n");
goto end;
@@ -657,6 +720,10 @@
sk_X509_pop_free(other, X509_free);
if (vpm)
X509_VERIFY_PARAM_free(vpm);
+ if (sksigners)
+ sk_OPENSSL_STRING_free(sksigners);
+ if (skkeys)
+ sk_OPENSSL_STRING_free(skkeys);
X509_STORE_free(store);
X509_free(cert);
X509_free(recip);
Modified: trunk/crypto/openssl/apps/speed.c
===================================================================
--- trunk/crypto/openssl/apps/speed.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/apps/speed.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -108,58 +108,18 @@
# include <signal.h>
# endif
-# if defined(__FreeBSD__) || defined(__NetBSD__) || defined(__OpenBSD__) || defined(OPENSSL_SYS_MACOSX)
-# define USE_TOD
-# elif !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_VXWORKS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC))
-# define TIMES
+# if defined(_WIN32) || defined(__CYGWIN__)
+# include <windows.h>
+# if defined(__CYGWIN__) && !defined(_WIN32)
+ /*
+ * <windows.h> should define _WIN32, which normally is mutually exclusive
+ * with __CYGWIN__, but if it didn't...
+ */
+# define _WIN32
+ /* this is done because Cygwin alarm() fails sometimes. */
+# endif
# endif
-/* FIXME */
-# if !defined(_UNICOS) && !defined(__OpenBSD__) && !defined(sgi) && !defined(__FreeBSD__) && !(defined(__bsdi) || defined(__bsdi__)) && !defined(_AIX) && !defined(OPENSSL_SYS_MPE) && !defined(__NetBSD__) && !defined(OPENSSL_SYS_VXWORKS)
-# define TIMEB
-# endif
-# if defined(OPENSSL_SYS_NETWARE)
-# undef TIMES
-# undef TIMEB
-# include <time.h>
-# endif
-
-# ifndef _IRIX
-# include <time.h>
-# endif
-# ifdef TIMES
-# include <sys/types.h>
-# include <sys/times.h>
-# endif
-# ifdef USE_TOD
-# include <sys/time.h>
-# include <sys/resource.h>
-# endif
-
-/*
- * Depending on the VMS version, the tms structure is perhaps defined. The
- * __TMS macro will show if it was. If it wasn't defined, we should undefine
- * TIMES, since that tells the rest of the program how things should be
- * handled. -- Richard Levitte
- */
-# if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS)
-# undef TIMES
-# endif
-
-# ifdef TIMEB
-# include <sys/timeb.h>
-# endif
-
-# if !defined(TIMES) && !defined(TIMEB) && !defined(USE_TOD) && !defined(OPENSSL_SYS_VXWORKS) && !defined(OPENSSL_SYS_NETWARE)
-# error "It seems neither struct tms nor struct timeb is supported in this platform!"
-# endif
-
-# if defined(sun) || defined(__ultrix)
-# define _POSIX_SOURCE
-# include <limits.h>
-# include <sys/param.h>
-# endif
-
# include <openssl/bn.h>
# ifndef OPENSSL_NO_DES
# include <openssl/des.h>
@@ -192,6 +152,9 @@
# ifndef OPENSSL_NO_RIPEMD
# include <openssl/ripemd.h>
# endif
+# ifndef OPENSSL_NO_WHIRLPOOL
+# include <openssl/whrlpool.h>
+# endif
# ifndef OPENSSL_NO_RC4
# include <openssl/rc4.h>
# endif
@@ -228,33 +191,24 @@
# ifndef OPENSSL_NO_ECDH
# include <openssl/ecdh.h>
# endif
+# include <openssl/modes.h>
-/*
- * The following "HZ" timing stuff should be sync'd up with the code in
- * crypto/tmdiff.[ch]. That appears to try to do the same job, though I think
- * this code is more up to date than libcrypto's so there may be features to
- * migrate over first. This is used in two places further down AFAICS.
- * The point is that nothing in openssl actually *uses* that tmdiff stuff, so
- * either speed.c should be using it or it should go because it's obviously not
- * useful enough. Anyone want to do a janitorial job on this?
- */
-
-/* The following if from times(3) man page. It may need to be changed */
-# ifndef HZ
-# if defined(_SC_CLK_TCK) \
- && (!defined(OPENSSL_SYS_VMS) || __CTRL_VER >= 70000000)
-# define HZ sysconf(_SC_CLK_TCK)
-# else
-# ifndef CLK_TCK
-# ifndef _BSD_CLK_TCK_ /* FreeBSD hack */
-# define HZ 100.0
-# else /* _BSD_CLK_TCK_ */
-# define HZ ((double)_BSD_CLK_TCK_)
-# endif
-# else /* CLK_TCK */
-# define HZ ((double)CLK_TCK)
-# endif
+# ifdef OPENSSL_FIPS
+# ifdef OPENSSL_DOING_MAKEDEPEND
+# undef AES_set_encrypt_key
+# undef AES_set_decrypt_key
+# undef DES_set_key_unchecked
# endif
+# define BF_set_key private_BF_set_key
+# define CAST_set_key private_CAST_set_key
+# define idea_set_encrypt_key private_idea_set_encrypt_key
+# define SEED_set_key private_SEED_set_key
+# define RC2_set_key private_RC2_set_key
+# define RC4_set_key private_RC4_set_key
+# define DES_set_key_unchecked private_DES_set_key_unchecked
+# define AES_set_encrypt_key private_AES_set_encrypt_key
+# define AES_set_decrypt_key private_AES_set_decrypt_key
+# define Camellia_set_key private_Camellia_set_key
# endif
# ifndef HAVE_FORK
@@ -273,10 +227,8 @@
# undef BUFSIZE
# define BUFSIZE ((long)1024*8+1)
-int run = 0;
+static volatile int run = 0;
-static char ftime_used = 0, times_used = 0, gettimeofday_used =
- 0, getrusage_used = 0;
static int mr = 0;
static int usertime = 1;
@@ -289,7 +241,7 @@
static int do_multi(int multi);
# endif
-# define ALGOR_NUM 28
+# define ALGOR_NUM 30
# define SIZE_NUM 5
# define RSA_NUM 4
# define DSA_NUM 3
@@ -303,8 +255,8 @@
"rc2 cbc", "rc5-32/12 cbc", "blowfish cbc", "cast cbc",
"aes-128 cbc", "aes-192 cbc", "aes-256 cbc",
"camellia-128 cbc", "camellia-192 cbc", "camellia-256 cbc",
- "evp", "sha256", "sha512",
- "aes-128 ige", "aes-192 ige", "aes-256 ige"
+ "evp", "sha256", "sha512", "whirlpool",
+ "aes-128 ige", "aes-192 ige", "aes-256 ige", "ghash"
};
static double results[ALGOR_NUM][SIZE_NUM];
@@ -350,122 +302,52 @@
# define START 0
# define STOP 1
-# if defined(OPENSSL_SYS_NETWARE)
+# if defined(_WIN32)
- /*
- * for NetWare the best we can do is use clock() which returns the time,
- * in hundredths of a second, since the NLM began executing
- */
-static double Time_F(int s)
+# if !defined(SIGALRM)
+# define SIGALRM
+# endif
+static unsigned int lapse, schlock;
+static void alarm_win32(unsigned int secs)
{
- double ret;
+ lapse = secs * 1000;
+}
- static clock_t tstart, tend;
+# define alarm alarm_win32
- if (s == START) {
- tstart = clock();
- return (0);
- } else {
- tend = clock();
- ret = (double)((double)(tend) - (double)(tstart));
- return ((ret < 0.001) ? 0.001 : ret);
- }
+static DWORD WINAPI sleepy(VOID * arg)
+{
+ schlock = 1;
+ Sleep(lapse);
+ run = 0;
+ return 0;
}
-# else
-
static double Time_F(int s)
{
- double ret;
-
-# ifdef USE_TOD
- if (usertime) {
- static struct rusage tstart, tend;
-
- getrusage_used = 1;
- if (s == START) {
- getrusage(RUSAGE_SELF, &tstart);
- return (0);
- } else {
- long i;
-
- getrusage(RUSAGE_SELF, &tend);
- i = (long)tend.ru_utime.tv_usec - (long)tstart.ru_utime.tv_usec;
- ret = ((double)(tend.ru_utime.tv_sec - tstart.ru_utime.tv_sec))
- + ((double)i) / 1000000.0;
- return ((ret < 0.001) ? 0.001 : ret);
+ if (s == START) {
+ HANDLE thr;
+ schlock = 0;
+ thr = CreateThread(NULL, 4096, sleepy, NULL, 0, NULL);
+ if (thr == NULL) {
+ DWORD ret = GetLastError();
+ BIO_printf(bio_err, "unable to CreateThread (%d)", ret);
+ ExitProcess(ret);
}
- } else {
- static struct timeval tstart, tend;
- long i;
-
- gettimeofday_used = 1;
- if (s == START) {
- gettimeofday(&tstart, NULL);
- return (0);
- } else {
- gettimeofday(&tend, NULL);
- i = (long)tend.tv_usec - (long)tstart.tv_usec;
- ret =
- ((double)(tend.tv_sec - tstart.tv_sec)) +
- ((double)i) / 1000000.0;
- return ((ret < 0.001) ? 0.001 : ret);
- }
+ CloseHandle(thr); /* detach the thread */
+ while (!schlock)
+ Sleep(0); /* scheduler spinlock */
}
-# else /* ndef USE_TOD */
-# ifdef TIMES
- if (usertime) {
- static struct tms tstart, tend;
+ return app_tminterval(s, usertime);
+}
+# else
- times_used = 1;
- if (s == START) {
- times(&tstart);
- return (0);
- } else {
- times(&tend);
- ret = HZ;
- ret = (double)(tend.tms_utime - tstart.tms_utime) / ret;
- return ((ret < 1e-3) ? 1e-3 : ret);
- }
- }
-# endif /* times() */
-# if defined(TIMES) && defined(TIMEB)
- else
-# endif
-# ifdef OPENSSL_SYS_VXWORKS
- {
- static unsigned long tick_start, tick_end;
-
- if (s == START) {
- tick_start = tickGet();
- return 0;
- } else {
- tick_end = tickGet();
- ret = (double)(tick_end - tick_start) / (double)sysClkRateGet();
- return ((ret < 0.001) ? 0.001 : ret);
- }
- }
-# elif defined(TIMEB)
- {
- static struct timeb tstart, tend;
- long i;
-
- ftime_used = 1;
- if (s == START) {
- ftime(&tstart);
- return (0);
- } else {
- ftime(&tend);
- i = (long)tend.millitm - (long)tstart.millitm;
- ret = ((double)(tend.time - tstart.time)) + ((double)i) / 1000.0;
- return ((ret < 0.001) ? 0.001 : ret);
- }
- }
-# endif
-# endif
+static double Time_F(int s)
+{
+ return app_tminterval(s, usertime);
}
-# endif /* if defined(OPENSSL_SYS_NETWARE) */
+# endif
# ifndef OPENSSL_NO_ECDH
static const int KDF1_SHA1_len = 20;
@@ -521,6 +403,9 @@
unsigned char sha512[SHA512_DIGEST_LENGTH];
# endif
# endif
+# ifndef OPENSSL_NO_WHIRLPOOL
+ unsigned char whirlpool[WHIRLPOOL_DIGEST_LENGTH];
+# endif
# ifndef OPENSSL_NO_RIPEMD
unsigned char rmd160[RIPEMD160_DIGEST_LENGTH];
# endif
@@ -624,9 +509,11 @@
# define D_EVP 22
# define D_SHA256 23
# define D_SHA512 24
-# define D_IGE_128_AES 25
-# define D_IGE_192_AES 26
-# define D_IGE_256_AES 27
+# define D_WHIRLPOOL 25
+# define D_IGE_128_AES 26
+# define D_IGE_192_AES 27
+# define D_IGE_256_AES 28
+# define D_GHASH 29
double d = 0.0;
long c[ALGOR_NUM][SIZE_NUM];
# define R_DSA_512 0
@@ -932,6 +819,11 @@
else
# endif
# endif
+# ifndef OPENSSL_NO_WHIRLPOOL
+ if (strcmp(*argv, "whirlpool") == 0)
+ doit[D_WHIRLPOOL] = 1;
+ else
+# endif
# ifndef OPENSSL_NO_RIPEMD
if (strcmp(*argv, "ripemd") == 0)
doit[D_RMD160] = 1;
@@ -1063,6 +955,8 @@
doit[D_CBC_128_AES] = 1;
doit[D_CBC_192_AES] = 1;
doit[D_CBC_256_AES] = 1;
+ } else if (strcmp(*argv, "ghash") == 0) {
+ doit[D_GHASH] = 1;
} else
# endif
# ifndef OPENSSL_NO_CAMELLIA
@@ -1191,12 +1085,16 @@
# ifndef OPENSSL_NO_SHA512
BIO_printf(bio_err, "sha512 ");
# endif
+# ifndef OPENSSL_NO_WHIRLPOOL
+ BIO_printf(bio_err, "whirlpool");
+# endif
# ifndef OPENSSL_NO_RIPEMD160
BIO_printf(bio_err, "rmd160");
# endif
# if !defined(OPENSSL_NO_MD2) || !defined(OPENSSL_NO_MDC2) || \
!defined(OPENSSL_NO_MD4) || !defined(OPENSSL_NO_MD5) || \
- !defined(OPENSSL_NO_SHA1) || !defined(OPENSSL_NO_RIPEMD160)
+ !defined(OPENSSL_NO_SHA1) || !defined(OPENSSL_NO_RIPEMD160) || \
+ !defined(OPENSSL_NO_WHIRLPOOL)
BIO_printf(bio_err, "\n");
# endif
@@ -1336,6 +1234,14 @@
rsa_doit[i] = 1;
for (i = 0; i < DSA_NUM; i++)
dsa_doit[i] = 1;
+# ifndef OPENSSL_NO_ECDSA
+ for (i = 0; i < EC_NUM; i++)
+ ecdsa_doit[i] = 1;
+# endif
+# ifndef OPENSSL_NO_ECDH
+ for (i = 0; i < EC_NUM; i++)
+ ecdh_doit[i] = 1;
+# endif
}
for (i = 0; i < ALGOR_NUM; i++)
if (doit[i])
@@ -1345,11 +1251,7 @@
BIO_printf(bio_err,
"You have chosen to measure elapsed time "
"instead of user CPU time.\n");
- if (usertime <= 0 && !mr) {
- BIO_printf(bio_err,
- "To get the most accurate results, try to run this\n");
- BIO_printf(bio_err, "program when this computer is idle.\n");
- }
+
# ifndef OPENSSL_NO_RSA
for (i = 0; i < RSA_NUM; i++) {
const unsigned char *p;
@@ -1457,9 +1359,11 @@
c[D_CBC_256_CML][0] = count;
c[D_SHA256][0] = count;
c[D_SHA512][0] = count;
+ c[D_WHIRLPOOL][0] = count;
c[D_IGE_128_AES][0] = count;
c[D_IGE_192_AES][0] = count;
c[D_IGE_256_AES][0] = count;
+ c[D_GHASH][0] = count;
for (i = 1; i < SIZE_NUM; i++) {
c[D_MD2][i] = c[D_MD2][0] * 4 * lengths[0] / lengths[i];
@@ -1471,6 +1375,7 @@
c[D_RMD160][i] = c[D_RMD160][0] * 4 * lengths[0] / lengths[i];
c[D_SHA256][i] = c[D_SHA256][0] * 4 * lengths[0] / lengths[i];
c[D_SHA512][i] = c[D_SHA512][0] * 4 * lengths[0] / lengths[i];
+ c[D_WHIRLPOOL][i] = c[D_WHIRLPOOL][0] * 4 * lengths[0] / lengths[i];
}
for (i = 1; i < SIZE_NUM; i++) {
long l0, l1;
@@ -1627,9 +1532,11 @@
# error "You cannot disable DES on systems without SIGALRM."
# endif /* OPENSSL_NO_DES */
# else
-# define COND(c) (run)
+# define COND(c) (run && count<0x7fffffff)
# define COUNT(d) (count)
+# ifndef _WIN32
signal(SIGALRM, sig_done);
+# endif
# endif /* SIGALRM */
# ifndef OPENSSL_NO_MD2
@@ -1746,8 +1653,21 @@
}
}
# endif
+# endif
+# ifndef OPENSSL_NO_WHIRLPOOL
+ if (doit[D_WHIRLPOOL]) {
+ for (j = 0; j < SIZE_NUM; j++) {
+ print_message(names[D_WHIRLPOOL], c[D_WHIRLPOOL][j], lengths[j]);
+ Time_F(START);
+ for (count = 0, run = 1; COND(c[D_WHIRLPOOL][j]); count++)
+ WHIRLPOOL(buf, lengths[j], whirlpool);
+ d = Time_F(STOP);
+ print_result(D_WHIRLPOOL, j, count, d);
+ }
+ }
# endif
+
# ifndef OPENSSL_NO_RIPEMD
if (doit[D_RMD160]) {
for (j = 0; j < SIZE_NUM; j++) {
@@ -1879,6 +1799,21 @@
print_result(D_IGE_256_AES, j, count, d);
}
}
+ if (doit[D_GHASH]) {
+ GCM128_CONTEXT *ctx =
+ CRYPTO_gcm128_new(&aes_ks1, (block128_f) AES_encrypt);
+ CRYPTO_gcm128_setiv(ctx, (unsigned char *)"0123456789ab", 12);
+
+ for (j = 0; j < SIZE_NUM; j++) {
+ print_message(names[D_GHASH], c[D_GHASH][j], lengths[j]);
+ Time_F(START);
+ for (count = 0, run = 1; COND(c[D_GHASH][j]); count++)
+ CRYPTO_gcm128_aad(ctx, buf, lengths[j]);
+ d = Time_F(STOP);
+ print_result(D_GHASH, j, count, d);
+ }
+ CRYPTO_gcm128_release(ctx);
+ }
# endif
# ifndef OPENSSL_NO_CAMELLIA
if (doit[D_CBC_128_CML]) {
@@ -2426,35 +2361,6 @@
printf("%s ", BF_options());
# endif
fprintf(stdout, "\n%s\n", SSLeay_version(SSLEAY_CFLAGS));
- printf("available timing options: ");
-# ifdef TIMES
- printf("TIMES ");
-# endif
-# ifdef TIMEB
- printf("TIMEB ");
-# endif
-# ifdef USE_TOD
- printf("USE_TOD ");
-# endif
-# ifdef HZ
-# define as_string(s) (#s)
- {
- double dbl = HZ;
- printf("HZ=%g", dbl);
- }
-# ifdef _SC_CLK_TCK
- printf(" [sysconf value]");
-# endif
-# endif
- printf("\n");
- printf("timing function used: %s%s%s%s%s%s%s\n",
- (ftime_used ? "ftime" : ""),
- (ftime_used + times_used > 1 ? "," : ""),
- (times_used ? "times" : ""),
- (ftime_used + times_used + gettimeofday_used > 1 ? "," : ""),
- (gettimeofday_used ? "gettimeofday" : ""),
- (ftime_used + times_used + gettimeofday_used + getrusage_used >
- 1 ? "," : ""), (getrusage_used ? "getrusage" : ""));
}
if (pr_header) {
@@ -2631,7 +2537,7 @@
mr ? "+DTP:%d:%s:%s:%d\n"
: "Doing %d bit %s %s's for %ds: ", bits, str, str2, tm);
(void)BIO_flush(bio_err);
- alarm(RSA_SECONDS);
+ alarm(tm);
# else
BIO_printf(bio_err,
mr ? "+DNP:%ld:%d:%s:%s\n"
@@ -2708,6 +2614,7 @@
close(fd[1]);
mr = 1;
usertime = 0;
+ free(fds);
return 0;
}
printf("Forked child %d\n", n);
@@ -2758,7 +2665,9 @@
rsa_results[k][1] = 1 / (1 / rsa_results[k][1] + 1 / d);
else
rsa_results[k][1] = d;
- } else if (!strncmp(buf, "+F2:", 4)) {
+ }
+# ifndef OPENSSL_NO_DSA
+ else if (!strncmp(buf, "+F3:", 4)) {
int k;
double d;
@@ -2768,25 +2677,6 @@
d = atof(sstrsep(&p, sep));
if (n)
- rsa_results[k][0] = 1 / (1 / rsa_results[k][0] + 1 / d);
- else
- rsa_results[k][0] = d;
-
- d = atof(sstrsep(&p, sep));
- if (n)
- rsa_results[k][1] = 1 / (1 / rsa_results[k][1] + 1 / d);
- else
- rsa_results[k][1] = d;
- } else if (!strncmp(buf, "+F3:", 4)) {
- int k;
- double d;
-
- p = buf + 4;
- k = atoi(sstrsep(&p, sep));
- sstrsep(&p, sep);
-
- d = atof(sstrsep(&p, sep));
- if (n)
dsa_results[k][0] = 1 / (1 / dsa_results[k][0] + 1 / d);
else
dsa_results[k][0] = d;
@@ -2797,6 +2687,7 @@
else
dsa_results[k][1] = d;
}
+# endif
# ifndef OPENSSL_NO_ECDSA
else if (!strncmp(buf, "+F4:", 4)) {
int k;
@@ -2844,7 +2735,10 @@
} else
fprintf(stderr, "Unknown type '%s' from child %d\n", buf, n);
}
+
+ fclose(f);
}
+ free(fds);
return 1;
}
# endif
Copied: trunk/crypto/openssl/apps/srp.c (from rev 7117, vendor-crypto/openssl/dist/apps/srp.c)
===================================================================
--- trunk/crypto/openssl/apps/srp.c (rev 0)
+++ trunk/crypto/openssl/apps/srp.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,768 @@
+/* apps/srp.c */
+/*
+ * Written by Peter Sylvester (peter.sylvester at edelweb.fr) for the EdelKey
+ * project and contributed to the OpenSSL project 2004.
+ */
+/* ====================================================================
+ * Copyright (c) 2004 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+#include <openssl/opensslconf.h>
+
+#ifndef OPENSSL_NO_SRP
+# include <stdio.h>
+# include <stdlib.h>
+# include <string.h>
+# include <openssl/conf.h>
+# include <openssl/bio.h>
+# include <openssl/err.h>
+# include <openssl/txt_db.h>
+# include <openssl/buffer.h>
+# include <openssl/srp.h>
+
+# include "apps.h"
+
+# undef PROG
+# define PROG srp_main
+
+# define BASE_SECTION "srp"
+# define CONFIG_FILE "openssl.cnf"
+
+# define ENV_RANDFILE "RANDFILE"
+
+# define ENV_DATABASE "srpvfile"
+# define ENV_DEFAULT_SRP "default_srp"
+
+static char *srp_usage[] = {
+ "usage: srp [args] [user] \n",
+ "\n",
+ " -verbose Talk alot while doing things\n",
+ " -config file A config file\n",
+ " -name arg The particular srp definition to use\n",
+ " -srpvfile arg The srp verifier file name\n",
+ " -add add an user and srp verifier\n",
+ " -modify modify the srp verifier of an existing user\n",
+ " -delete delete user from verifier file\n",
+ " -list list user\n",
+ " -gn arg g and N values to be used for new verifier\n",
+ " -userinfo arg additional info to be set for user\n",
+ " -passin arg input file pass phrase source\n",
+ " -passout arg output file pass phrase source\n",
+# ifndef OPENSSL_NO_ENGINE
+ " -engine e - use engine e, possibly a hardware device.\n",
+# endif
+ NULL
+};
+
+# ifdef EFENCE
+extern int EF_PROTECT_FREE;
+extern int EF_PROTECT_BELOW;
+extern int EF_ALIGNMENT;
+# endif
+
+static CONF *conf = NULL;
+static char *section = NULL;
+
+# define VERBOSE if (verbose)
+# define VVERBOSE if (verbose>1)
+
+int MAIN(int, char **);
+
+static int get_index(CA_DB *db, char *id, char type)
+{
+ char **pp;
+ int i;
+ if (id == NULL)
+ return -1;
+ if (type == DB_SRP_INDEX)
+ for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++) {
+ pp = sk_OPENSSL_PSTRING_value(db->db->data, i);
+ if (pp[DB_srptype][0] == DB_SRP_INDEX
+ && !strcmp(id, pp[DB_srpid]))
+ return i;
+ } else
+ for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++) {
+ pp = sk_OPENSSL_PSTRING_value(db->db->data, i);
+
+ if (pp[DB_srptype][0] != DB_SRP_INDEX
+ && !strcmp(id, pp[DB_srpid]))
+ return i;
+ }
+
+ return -1;
+}
+
+static void print_entry(CA_DB *db, BIO *bio, int indx, int verbose, char *s)
+{
+ if (indx >= 0 && verbose) {
+ int j;
+ char **pp = sk_OPENSSL_PSTRING_value(db->db->data, indx);
+ BIO_printf(bio, "%s \"%s\"\n", s, pp[DB_srpid]);
+ for (j = 0; j < DB_NUMBER; j++) {
+ BIO_printf(bio_err, " %d = \"%s\"\n", j, pp[j]);
+ }
+ }
+}
+
+static void print_index(CA_DB *db, BIO *bio, int indexindex, int verbose)
+{
+ print_entry(db, bio, indexindex, verbose, "g N entry");
+}
+
+static void print_user(CA_DB *db, BIO *bio, int userindex, int verbose)
+{
+ if (verbose > 0) {
+ char **pp = sk_OPENSSL_PSTRING_value(db->db->data, userindex);
+
+ if (pp[DB_srptype][0] != 'I') {
+ print_entry(db, bio, userindex, verbose, "User entry");
+ print_entry(db, bio, get_index(db, pp[DB_srpgN], 'I'), verbose,
+ "g N entry");
+ }
+
+ }
+}
+
+static int update_index(CA_DB *db, BIO *bio, char **row)
+{
+ char **irow;
+ int i;
+
+ if ((irow =
+ (char **)OPENSSL_malloc(sizeof(char *) * (DB_NUMBER + 1))) == NULL) {
+ BIO_printf(bio_err, "Memory allocation failure\n");
+ return 0;
+ }
+
+ for (i = 0; i < DB_NUMBER; i++) {
+ irow[i] = row[i];
+ row[i] = NULL;
+ }
+ irow[DB_NUMBER] = NULL;
+
+ if (!TXT_DB_insert(db->db, irow)) {
+ BIO_printf(bio, "failed to update srpvfile\n");
+ BIO_printf(bio, "TXT_DB error number %ld\n", db->db->error);
+ OPENSSL_free(irow);
+ return 0;
+ }
+ return 1;
+}
+
+static void lookup_fail(const char *name, char *tag)
+{
+ BIO_printf(bio_err, "variable lookup failed for %s::%s\n", name, tag);
+}
+
+static char *srp_verify_user(const char *user, const char *srp_verifier,
+ char *srp_usersalt, const char *g, const char *N,
+ const char *passin, BIO *bio, int verbose)
+{
+ char password[1024];
+ PW_CB_DATA cb_tmp;
+ char *verifier = NULL;
+ char *gNid = NULL;
+
+ cb_tmp.prompt_info = user;
+ cb_tmp.password = passin;
+
+ if (password_callback(password, 1024, 0, &cb_tmp) > 0) {
+ VERBOSE BIO_printf(bio,
+ "Validating\n user=\"%s\"\n srp_verifier=\"%s\"\n srp_usersalt=\"%s\"\n g=\"%s\"\n N=\"%s\"\n",
+ user, srp_verifier, srp_usersalt, g, N);
+ BIO_printf(bio, "Pass %s\n", password);
+
+ if (!
+ (gNid =
+ SRP_create_verifier(user, password, &srp_usersalt, &verifier, N,
+ g))) {
+ BIO_printf(bio, "Internal error validating SRP verifier\n");
+ } else {
+ if (strcmp(verifier, srp_verifier))
+ gNid = NULL;
+ OPENSSL_free(verifier);
+ }
+ }
+ return gNid;
+}
+
+static char *srp_create_user(char *user, char **srp_verifier,
+ char **srp_usersalt, char *g, char *N,
+ char *passout, BIO *bio, int verbose)
+{
+ char password[1024];
+ PW_CB_DATA cb_tmp;
+ char *gNid = NULL;
+ char *salt = NULL;
+ cb_tmp.prompt_info = user;
+ cb_tmp.password = passout;
+
+ if (password_callback(password, 1024, 1, &cb_tmp) > 0) {
+ VERBOSE BIO_printf(bio,
+ "Creating\n user=\"%s\"\n g=\"%s\"\n N=\"%s\"\n",
+ user, g, N);
+ if (!
+ (gNid =
+ SRP_create_verifier(user, password, &salt, srp_verifier, N,
+ g))) {
+ BIO_printf(bio, "Internal error creating SRP verifier\n");
+ } else
+ *srp_usersalt = salt;
+ VVERBOSE BIO_printf(bio, "gNid=%s salt =\"%s\"\n verifier =\"%s\"\n",
+ gNid, salt, *srp_verifier);
+
+ }
+ return gNid;
+}
+
+int MAIN(int argc, char **argv)
+{
+ int add_user = 0;
+ int list_user = 0;
+ int delete_user = 0;
+ int modify_user = 0;
+ char *user = NULL;
+
+ char *passargin = NULL, *passargout = NULL;
+ char *passin = NULL, *passout = NULL;
+ char *gN = NULL;
+ int gNindex = -1;
+ char **gNrow = NULL;
+ int maxgN = -1;
+
+ char *userinfo = NULL;
+
+ int badops = 0;
+ int ret = 1;
+ int errors = 0;
+ int verbose = 0;
+ int doupdatedb = 0;
+ char *configfile = NULL;
+ char *dbfile = NULL;
+ CA_DB *db = NULL;
+ char **pp;
+ int i;
+ long errorline = -1;
+ char *randfile = NULL;
+# ifndef OPENSSL_NO_ENGINE
+ char *engine = NULL;
+# endif
+ char *tofree = NULL;
+ DB_ATTR db_attr;
+
+# ifdef EFENCE
+ EF_PROTECT_FREE = 1;
+ EF_PROTECT_BELOW = 1;
+ EF_ALIGNMENT = 0;
+# endif
+
+ apps_startup();
+
+ conf = NULL;
+ section = NULL;
+
+ if (bio_err == NULL)
+ if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
+
+ argc--;
+ argv++;
+ while (argc >= 1 && badops == 0) {
+ if (strcmp(*argv, "-verbose") == 0)
+ verbose++;
+ else if (strcmp(*argv, "-config") == 0) {
+ if (--argc < 1)
+ goto bad;
+ configfile = *(++argv);
+ } else if (strcmp(*argv, "-name") == 0) {
+ if (--argc < 1)
+ goto bad;
+ section = *(++argv);
+ } else if (strcmp(*argv, "-srpvfile") == 0) {
+ if (--argc < 1)
+ goto bad;
+ dbfile = *(++argv);
+ } else if (strcmp(*argv, "-add") == 0)
+ add_user = 1;
+ else if (strcmp(*argv, "-delete") == 0)
+ delete_user = 1;
+ else if (strcmp(*argv, "-modify") == 0)
+ modify_user = 1;
+ else if (strcmp(*argv, "-list") == 0)
+ list_user = 1;
+ else if (strcmp(*argv, "-gn") == 0) {
+ if (--argc < 1)
+ goto bad;
+ gN = *(++argv);
+ } else if (strcmp(*argv, "-userinfo") == 0) {
+ if (--argc < 1)
+ goto bad;
+ userinfo = *(++argv);
+ } else if (strcmp(*argv, "-passin") == 0) {
+ if (--argc < 1)
+ goto bad;
+ passargin = *(++argv);
+ } else if (strcmp(*argv, "-passout") == 0) {
+ if (--argc < 1)
+ goto bad;
+ passargout = *(++argv);
+ }
+# ifndef OPENSSL_NO_ENGINE
+ else if (strcmp(*argv, "-engine") == 0) {
+ if (--argc < 1)
+ goto bad;
+ engine = *(++argv);
+ }
+# endif
+
+ else if (**argv == '-') {
+ bad:
+ BIO_printf(bio_err, "unknown option %s\n", *argv);
+ badops = 1;
+ break;
+ } else
+ break;
+
+ argc--;
+ argv++;
+ }
+
+ if (dbfile && configfile) {
+ BIO_printf(bio_err,
+ "-dbfile and -configfile cannot be specified together.\n");
+ badops = 1;
+ }
+ if (add_user + delete_user + modify_user + list_user != 1) {
+ BIO_printf(bio_err,
+ "Exactly one of the options -add, -delete, -modify -list must be specified.\n");
+ badops = 1;
+ }
+ if (delete_user + modify_user + delete_user == 1 && argc <= 0) {
+ BIO_printf(bio_err,
+ "Need at least one user for options -add, -delete, -modify. \n");
+ badops = 1;
+ }
+ if ((passin || passout) && argc != 1) {
+ BIO_printf(bio_err,
+ "-passin, -passout arguments only valid with one user.\n");
+ badops = 1;
+ }
+
+ if (badops) {
+ for (pp = srp_usage; (*pp != NULL); pp++)
+ BIO_printf(bio_err, "%s", *pp);
+
+ BIO_printf(bio_err, " -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR,
+ LIST_SEPARATOR_CHAR);
+ BIO_printf(bio_err,
+ " load the file (or the files in the directory) into\n");
+ BIO_printf(bio_err, " the random number generator\n");
+ goto err;
+ }
+
+ ERR_load_crypto_strings();
+
+# ifndef OPENSSL_NO_ENGINE
+ setup_engine(bio_err, engine, 0);
+# endif
+
+ if (!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
+ BIO_printf(bio_err, "Error getting passwords\n");
+ goto err;
+ }
+
+ if (!dbfile) {
+
+ /*****************************************************************/
+ tofree = NULL;
+ if (configfile == NULL)
+ configfile = getenv("OPENSSL_CONF");
+ if (configfile == NULL)
+ configfile = getenv("SSLEAY_CONF");
+ if (configfile == NULL) {
+ const char *s = X509_get_default_cert_area();
+ size_t len;
+
+# ifdef OPENSSL_SYS_VMS
+ len = strlen(s) + sizeof(CONFIG_FILE);
+ tofree = OPENSSL_malloc(len);
+ if (!tofree) {
+ BIO_printf(bio_err, "Out of memory\n");
+ goto err;
+ }
+ strcpy(tofree, s);
+# else
+ len = strlen(s) + sizeof(CONFIG_FILE) + 1;
+ tofree = OPENSSL_malloc(len);
+ if (!tofree) {
+ BIO_printf(bio_err, "Out of memory\n");
+ goto err;
+ }
+ BUF_strlcpy(tofree, s, len);
+ BUF_strlcat(tofree, "/", len);
+# endif
+ BUF_strlcat(tofree, CONFIG_FILE, len);
+ configfile = tofree;
+ }
+
+ VERBOSE BIO_printf(bio_err, "Using configuration from %s\n",
+ configfile);
+ conf = NCONF_new(NULL);
+ if (NCONF_load(conf, configfile, &errorline) <= 0) {
+ if (errorline <= 0)
+ BIO_printf(bio_err, "error loading the config file '%s'\n",
+ configfile);
+ else
+ BIO_printf(bio_err, "error on line %ld of config file '%s'\n",
+ errorline, configfile);
+ goto err;
+ }
+ if (tofree) {
+ OPENSSL_free(tofree);
+ tofree = NULL;
+ }
+
+ if (!load_config(bio_err, conf))
+ goto err;
+
+ /* Lets get the config section we are using */
+ if (section == NULL) {
+ VERBOSE BIO_printf(bio_err,
+ "trying to read " ENV_DEFAULT_SRP
+ " in \" BASE_SECTION \"\n");
+
+ section = NCONF_get_string(conf, BASE_SECTION, ENV_DEFAULT_SRP);
+ if (section == NULL) {
+ lookup_fail(BASE_SECTION, ENV_DEFAULT_SRP);
+ goto err;
+ }
+ }
+
+ if (randfile == NULL && conf)
+ randfile = NCONF_get_string(conf, BASE_SECTION, "RANDFILE");
+
+ VERBOSE BIO_printf(bio_err,
+ "trying to read " ENV_DATABASE
+ " in section \"%s\"\n", section);
+
+ if ((dbfile = NCONF_get_string(conf, section, ENV_DATABASE)) == NULL) {
+ lookup_fail(section, ENV_DATABASE);
+ goto err;
+ }
+
+ }
+ if (randfile == NULL)
+ ERR_clear_error();
+ else
+ app_RAND_load_file(randfile, bio_err, 0);
+
+ VERBOSE BIO_printf(bio_err, "Trying to read SRP verifier file \"%s\"\n",
+ dbfile);
+
+ db = load_index(dbfile, &db_attr);
+ if (db == NULL)
+ goto err;
+
+ /* Lets check some fields */
+ for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++) {
+ pp = sk_OPENSSL_PSTRING_value(db->db->data, i);
+
+ if (pp[DB_srptype][0] == DB_SRP_INDEX) {
+ maxgN = i;
+ if (gNindex < 0 && gN != NULL && !strcmp(gN, pp[DB_srpid]))
+ gNindex = i;
+
+ print_index(db, bio_err, i, verbose > 1);
+ }
+ }
+
+ VERBOSE BIO_printf(bio_err, "Database initialised\n");
+
+ if (gNindex >= 0) {
+ gNrow = sk_OPENSSL_PSTRING_value(db->db->data, gNindex);
+ print_entry(db, bio_err, gNindex, verbose > 1, "Default g and N");
+ } else if (maxgN > 0 && !SRP_get_default_gN(gN)) {
+ BIO_printf(bio_err, "No g and N value for index \"%s\"\n", gN);
+ goto err;
+ } else {
+ VERBOSE BIO_printf(bio_err, "Database has no g N information.\n");
+ gNrow = NULL;
+ }
+
+ VVERBOSE BIO_printf(bio_err, "Starting user processing\n");
+
+ if (argc > 0)
+ user = *(argv++);
+
+ while (list_user || user) {
+ int userindex = -1;
+ if (user)
+ VVERBOSE BIO_printf(bio_err, "Processing user \"%s\"\n", user);
+ if ((userindex = get_index(db, user, 'U')) >= 0) {
+ print_user(db, bio_err, userindex, (verbose > 0) || list_user);
+ }
+
+ if (list_user) {
+ if (user == NULL) {
+ BIO_printf(bio_err, "List all users\n");
+
+ for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++) {
+ print_user(db, bio_err, i, 1);
+ }
+ list_user = 0;
+ } else if (userindex < 0) {
+ BIO_printf(bio_err,
+ "user \"%s\" does not exist, ignored. t\n", user);
+ errors++;
+ }
+ } else if (add_user) {
+ if (userindex >= 0) {
+ /* reactivation of a new user */
+ char **row =
+ sk_OPENSSL_PSTRING_value(db->db->data, userindex);
+ BIO_printf(bio_err, "user \"%s\" reactivated.\n", user);
+ row[DB_srptype][0] = 'V';
+
+ doupdatedb = 1;
+ } else {
+ char *row[DB_NUMBER];
+ char *gNid;
+ row[DB_srpverifier] = NULL;
+ row[DB_srpsalt] = NULL;
+ row[DB_srpinfo] = NULL;
+ if (!
+ (gNid =
+ srp_create_user(user, &(row[DB_srpverifier]),
+ &(row[DB_srpsalt]),
+ gNrow ? gNrow[DB_srpsalt] : gN,
+ gNrow ? gNrow[DB_srpverifier] : NULL,
+ passout, bio_err, verbose))) {
+ BIO_printf(bio_err,
+ "Cannot create srp verifier for user \"%s\", operation abandoned .\n",
+ user);
+ errors++;
+ goto err;
+ }
+ row[DB_srpid] = BUF_strdup(user);
+ row[DB_srptype] = BUF_strdup("v");
+ row[DB_srpgN] = BUF_strdup(gNid);
+
+ if (!row[DB_srpid] || !row[DB_srpgN] || !row[DB_srptype]
+ || !row[DB_srpverifier] || !row[DB_srpsalt] || (userinfo
+ &&
+ (!(row
+ [DB_srpinfo]
+ =
+ BUF_strdup
+ (userinfo))))
+ || !update_index(db, bio_err, row)) {
+ if (row[DB_srpid])
+ OPENSSL_free(row[DB_srpid]);
+ if (row[DB_srpgN])
+ OPENSSL_free(row[DB_srpgN]);
+ if (row[DB_srpinfo])
+ OPENSSL_free(row[DB_srpinfo]);
+ if (row[DB_srptype])
+ OPENSSL_free(row[DB_srptype]);
+ if (row[DB_srpverifier])
+ OPENSSL_free(row[DB_srpverifier]);
+ if (row[DB_srpsalt])
+ OPENSSL_free(row[DB_srpsalt]);
+ goto err;
+ }
+ doupdatedb = 1;
+ }
+ } else if (modify_user) {
+ if (userindex < 0) {
+ BIO_printf(bio_err,
+ "user \"%s\" does not exist, operation ignored.\n",
+ user);
+ errors++;
+ } else {
+
+ char **row =
+ sk_OPENSSL_PSTRING_value(db->db->data, userindex);
+ char type = row[DB_srptype][0];
+ if (type == 'v') {
+ BIO_printf(bio_err,
+ "user \"%s\" already updated, operation ignored.\n",
+ user);
+ errors++;
+ } else {
+ char *gNid;
+
+ if (row[DB_srptype][0] == 'V') {
+ int user_gN;
+ char **irow = NULL;
+ VERBOSE BIO_printf(bio_err,
+ "Verifying password for user \"%s\"\n",
+ user);
+ if ((user_gN =
+ get_index(db, row[DB_srpgN], DB_SRP_INDEX)) >= 0)
+ irow =
+ (char **)sk_OPENSSL_PSTRING_value(db->
+ db->data,
+ userindex);
+
+ if (!srp_verify_user
+ (user, row[DB_srpverifier], row[DB_srpsalt],
+ irow ? irow[DB_srpsalt] : row[DB_srpgN],
+ irow ? irow[DB_srpverifier] : NULL, passin,
+ bio_err, verbose)) {
+ BIO_printf(bio_err,
+ "Invalid password for user \"%s\", operation abandoned.\n",
+ user);
+ errors++;
+ goto err;
+ }
+ }
+ VERBOSE BIO_printf(bio_err,
+ "Password for user \"%s\" ok.\n",
+ user);
+
+ if (!
+ (gNid =
+ srp_create_user(user, &(row[DB_srpverifier]),
+ &(row[DB_srpsalt]),
+ gNrow ? gNrow[DB_srpsalt] : NULL,
+ gNrow ? gNrow[DB_srpverifier] : NULL,
+ passout, bio_err, verbose))) {
+ BIO_printf(bio_err,
+ "Cannot create srp verifier for user \"%s\", operation abandoned.\n",
+ user);
+ errors++;
+ goto err;
+ }
+
+ row[DB_srptype][0] = 'v';
+ row[DB_srpgN] = BUF_strdup(gNid);
+
+ if (!row[DB_srpid] || !row[DB_srpgN] || !row[DB_srptype]
+ || !row[DB_srpverifier] || !row[DB_srpsalt]
+ || (userinfo
+ && (!(row[DB_srpinfo] = BUF_strdup(userinfo)))))
+ goto err;
+
+ doupdatedb = 1;
+ }
+ }
+ } else if (delete_user) {
+ if (userindex < 0) {
+ BIO_printf(bio_err,
+ "user \"%s\" does not exist, operation ignored. t\n",
+ user);
+ errors++;
+ } else {
+ char **xpp =
+ sk_OPENSSL_PSTRING_value(db->db->data, userindex);
+ BIO_printf(bio_err, "user \"%s\" revoked. t\n", user);
+
+ xpp[DB_srptype][0] = 'R';
+
+ doupdatedb = 1;
+ }
+ }
+ if (--argc > 0)
+ user = *(argv++);
+ else {
+ user = NULL;
+ list_user = 0;
+ }
+ }
+
+ VERBOSE BIO_printf(bio_err, "User procession done.\n");
+
+ if (doupdatedb) {
+ /* Lets check some fields */
+ for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++) {
+ pp = sk_OPENSSL_PSTRING_value(db->db->data, i);
+
+ if (pp[DB_srptype][0] == 'v') {
+ pp[DB_srptype][0] = 'V';
+ print_user(db, bio_err, i, verbose);
+ }
+ }
+
+ VERBOSE BIO_printf(bio_err, "Trying to update srpvfile.\n");
+ if (!save_index(dbfile, "new", db))
+ goto err;
+
+ VERBOSE BIO_printf(bio_err, "Temporary srpvfile created.\n");
+ if (!rotate_index(dbfile, "new", "old"))
+ goto err;
+
+ VERBOSE BIO_printf(bio_err, "srpvfile updated.\n");
+ }
+
+ ret = (errors != 0);
+ err:
+ if (errors != 0)
+ VERBOSE BIO_printf(bio_err, "User errors %d.\n", errors);
+
+ VERBOSE BIO_printf(bio_err, "SRP terminating with code %d.\n", ret);
+ if (tofree)
+ OPENSSL_free(tofree);
+ if (ret)
+ ERR_print_errors(bio_err);
+ if (randfile)
+ app_RAND_write_file(randfile, bio_err);
+ if (conf)
+ NCONF_free(conf);
+ if (db)
+ free_index(db);
+
+ OBJ_cleanup();
+ apps_shutdown();
+ OPENSSL_EXIT(ret);
+}
+
+#endif
Copied: trunk/crypto/openssl/apps/ts.c (from rev 7117, vendor-crypto/openssl/dist/apps/ts.c)
===================================================================
--- trunk/crypto/openssl/apps/ts.c (rev 0)
+++ trunk/crypto/openssl/apps/ts.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,1119 @@
+/* apps/ts.c */
+/*
+ * Written by Zoltan Glozik (zglozik at stones.com) for the OpenSSL project
+ * 2002.
+ */
+/* ====================================================================
+ * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "apps.h"
+#include <openssl/bio.h>
+#include <openssl/err.h>
+#include <openssl/pem.h>
+#include <openssl/rand.h>
+#include <openssl/ts.h>
+#include <openssl/bn.h>
+
+#undef PROG
+#define PROG ts_main
+
+/* Length of the nonce of the request in bits (must be a multiple of 8). */
+#define NONCE_LENGTH 64
+
+/* Macro definitions for the configuration file. */
+#define ENV_OID_FILE "oid_file"
+
+/* Local function declarations. */
+
+static ASN1_OBJECT *txt2obj(const char *oid);
+static CONF *load_config_file(const char *configfile);
+
+/* Query related functions. */
+static int query_command(const char *data, char *digest,
+ const EVP_MD *md, const char *policy, int no_nonce,
+ int cert, const char *in, const char *out, int text);
+static BIO *BIO_open_with_default(const char *file, const char *mode,
+ FILE *default_fp);
+static TS_REQ *create_query(BIO *data_bio, char *digest, const EVP_MD *md,
+ const char *policy, int no_nonce, int cert);
+static int create_digest(BIO *input, char *digest,
+ const EVP_MD *md, unsigned char **md_value);
+static ASN1_INTEGER *create_nonce(int bits);
+
+/* Reply related functions. */
+static int reply_command(CONF *conf, char *section, char *engine,
+ char *queryfile, char *passin, char *inkey,
+ char *signer, char *chain, const char *policy,
+ char *in, int token_in, char *out, int token_out,
+ int text);
+static TS_RESP *read_PKCS7(BIO *in_bio);
+static TS_RESP *create_response(CONF *conf, const char *section, char *engine,
+ char *queryfile, char *passin, char *inkey,
+ char *signer, char *chain,
+ const char *policy);
+static ASN1_INTEGER *MS_CALLBACK serial_cb(TS_RESP_CTX *ctx, void *data);
+static ASN1_INTEGER *next_serial(const char *serialfile);
+static int save_ts_serial(const char *serialfile, ASN1_INTEGER *serial);
+
+/* Verify related functions. */
+static int verify_command(char *data, char *digest, char *queryfile,
+ char *in, int token_in,
+ char *ca_path, char *ca_file, char *untrusted);
+static TS_VERIFY_CTX *create_verify_ctx(char *data, char *digest,
+ char *queryfile,
+ char *ca_path, char *ca_file,
+ char *untrusted);
+static X509_STORE *create_cert_store(char *ca_path, char *ca_file);
+static int MS_CALLBACK verify_cb(int ok, X509_STORE_CTX *ctx);
+
+/* Main function definition. */
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+{
+ int ret = 1;
+ char *configfile = NULL;
+ char *section = NULL;
+ CONF *conf = NULL;
+ enum mode {
+ CMD_NONE, CMD_QUERY, CMD_REPLY, CMD_VERIFY
+ } mode = CMD_NONE;
+ char *data = NULL;
+ char *digest = NULL;
+ const EVP_MD *md = NULL;
+ char *rnd = NULL;
+ char *policy = NULL;
+ int no_nonce = 0;
+ int cert = 0;
+ char *in = NULL;
+ char *out = NULL;
+ int text = 0;
+ char *queryfile = NULL;
+ char *passin = NULL; /* Password source. */
+ char *password = NULL; /* Password itself. */
+ char *inkey = NULL;
+ char *signer = NULL;
+ char *chain = NULL;
+ char *ca_path = NULL;
+ char *ca_file = NULL;
+ char *untrusted = NULL;
+ char *engine = NULL;
+ /* Input is ContentInfo instead of TimeStampResp. */
+ int token_in = 0;
+ /* Output is ContentInfo instead of TimeStampResp. */
+ int token_out = 0;
+ int free_bio_err = 0;
+
+ ERR_load_crypto_strings();
+ apps_startup();
+
+ if (bio_err == NULL && (bio_err = BIO_new(BIO_s_file())) != NULL) {
+ free_bio_err = 1;
+ BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
+ }
+
+ if (!load_config(bio_err, NULL))
+ goto cleanup;
+
+ for (argc--, argv++; argc > 0; argc--, argv++) {
+ if (strcmp(*argv, "-config") == 0) {
+ if (argc-- < 1)
+ goto usage;
+ configfile = *++argv;
+ } else if (strcmp(*argv, "-section") == 0) {
+ if (argc-- < 1)
+ goto usage;
+ section = *++argv;
+ } else if (strcmp(*argv, "-query") == 0) {
+ if (mode != CMD_NONE)
+ goto usage;
+ mode = CMD_QUERY;
+ } else if (strcmp(*argv, "-data") == 0) {
+ if (argc-- < 1)
+ goto usage;
+ data = *++argv;
+ } else if (strcmp(*argv, "-digest") == 0) {
+ if (argc-- < 1)
+ goto usage;
+ digest = *++argv;
+ } else if (strcmp(*argv, "-rand") == 0) {
+ if (argc-- < 1)
+ goto usage;
+ rnd = *++argv;
+ } else if (strcmp(*argv, "-policy") == 0) {
+ if (argc-- < 1)
+ goto usage;
+ policy = *++argv;
+ } else if (strcmp(*argv, "-no_nonce") == 0) {
+ no_nonce = 1;
+ } else if (strcmp(*argv, "-cert") == 0) {
+ cert = 1;
+ } else if (strcmp(*argv, "-in") == 0) {
+ if (argc-- < 1)
+ goto usage;
+ in = *++argv;
+ } else if (strcmp(*argv, "-token_in") == 0) {
+ token_in = 1;
+ } else if (strcmp(*argv, "-out") == 0) {
+ if (argc-- < 1)
+ goto usage;
+ out = *++argv;
+ } else if (strcmp(*argv, "-token_out") == 0) {
+ token_out = 1;
+ } else if (strcmp(*argv, "-text") == 0) {
+ text = 1;
+ } else if (strcmp(*argv, "-reply") == 0) {
+ if (mode != CMD_NONE)
+ goto usage;
+ mode = CMD_REPLY;
+ } else if (strcmp(*argv, "-queryfile") == 0) {
+ if (argc-- < 1)
+ goto usage;
+ queryfile = *++argv;
+ } else if (strcmp(*argv, "-passin") == 0) {
+ if (argc-- < 1)
+ goto usage;
+ passin = *++argv;
+ } else if (strcmp(*argv, "-inkey") == 0) {
+ if (argc-- < 1)
+ goto usage;
+ inkey = *++argv;
+ } else if (strcmp(*argv, "-signer") == 0) {
+ if (argc-- < 1)
+ goto usage;
+ signer = *++argv;
+ } else if (strcmp(*argv, "-chain") == 0) {
+ if (argc-- < 1)
+ goto usage;
+ chain = *++argv;
+ } else if (strcmp(*argv, "-verify") == 0) {
+ if (mode != CMD_NONE)
+ goto usage;
+ mode = CMD_VERIFY;
+ } else if (strcmp(*argv, "-CApath") == 0) {
+ if (argc-- < 1)
+ goto usage;
+ ca_path = *++argv;
+ } else if (strcmp(*argv, "-CAfile") == 0) {
+ if (argc-- < 1)
+ goto usage;
+ ca_file = *++argv;
+ } else if (strcmp(*argv, "-untrusted") == 0) {
+ if (argc-- < 1)
+ goto usage;
+ untrusted = *++argv;
+ } else if (strcmp(*argv, "-engine") == 0) {
+ if (argc-- < 1)
+ goto usage;
+ engine = *++argv;
+ } else if ((md = EVP_get_digestbyname(*argv + 1)) != NULL) {
+ /* empty. */
+ } else
+ goto usage;
+ }
+
+ /* Seed the random number generator if it is going to be used. */
+ if (mode == CMD_QUERY && !no_nonce) {
+ if (!app_RAND_load_file(NULL, bio_err, 1) && rnd == NULL)
+ BIO_printf(bio_err, "warning, not much extra random "
+ "data, consider using the -rand option\n");
+ if (rnd != NULL)
+ BIO_printf(bio_err, "%ld semi-random bytes loaded\n",
+ app_RAND_load_files(rnd));
+ }
+
+ /* Get the password if required. */
+ if (mode == CMD_REPLY && passin &&
+ !app_passwd(bio_err, passin, NULL, &password, NULL)) {
+ BIO_printf(bio_err, "Error getting password.\n");
+ goto cleanup;
+ }
+
+ /*
+ * Check consistency of parameters and execute the appropriate function.
+ */
+ switch (mode) {
+ case CMD_NONE:
+ goto usage;
+ case CMD_QUERY:
+ /*
+ * Data file and message imprint cannot be specified at the same
+ * time.
+ */
+ ret = data != NULL && digest != NULL;
+ if (ret)
+ goto usage;
+ /* Load the config file for possible policy OIDs. */
+ conf = load_config_file(configfile);
+ ret = !query_command(data, digest, md, policy, no_nonce, cert,
+ in, out, text);
+ break;
+ case CMD_REPLY:
+ conf = load_config_file(configfile);
+ if (in == NULL) {
+ ret = !(queryfile != NULL && conf != NULL && !token_in);
+ if (ret)
+ goto usage;
+ } else {
+ /* 'in' and 'queryfile' are exclusive. */
+ ret = !(queryfile == NULL);
+ if (ret)
+ goto usage;
+ }
+
+ ret = !reply_command(conf, section, engine, queryfile,
+ password, inkey, signer, chain, policy,
+ in, token_in, out, token_out, text);
+ break;
+ case CMD_VERIFY:
+ ret = !(((queryfile && !data && !digest)
+ || (!queryfile && data && !digest)
+ || (!queryfile && !data && digest))
+ && in != NULL);
+ if (ret)
+ goto usage;
+
+ ret = !verify_command(data, digest, queryfile, in, token_in,
+ ca_path, ca_file, untrusted);
+ }
+
+ goto cleanup;
+
+ usage:
+ BIO_printf(bio_err, "usage:\n"
+ "ts -query [-rand file%cfile%c...] [-config configfile] "
+ "[-data file_to_hash] [-digest digest_bytes]"
+ "[-md2|-md4|-md5|-sha|-sha1|-mdc2|-ripemd160] "
+ "[-policy object_id] [-no_nonce] [-cert] "
+ "[-in request.tsq] [-out request.tsq] [-text]\n",
+ LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
+ BIO_printf(bio_err, "or\n"
+ "ts -reply [-config configfile] [-section tsa_section] "
+ "[-queryfile request.tsq] [-passin password] "
+ "[-signer tsa_cert.pem] [-inkey private_key.pem] "
+ "[-chain certs_file.pem] [-policy object_id] "
+ "[-in response.tsr] [-token_in] "
+ "[-out response.tsr] [-token_out] [-text] [-engine id]\n");
+ BIO_printf(bio_err, "or\n"
+ "ts -verify [-data file_to_hash] [-digest digest_bytes] "
+ "[-queryfile request.tsq] "
+ "-in response.tsr [-token_in] "
+ "-CApath ca_path -CAfile ca_file.pem "
+ "-untrusted cert_file.pem\n");
+ cleanup:
+ /* Clean up. */
+ app_RAND_write_file(NULL, bio_err);
+ NCONF_free(conf);
+ OPENSSL_free(password);
+ OBJ_cleanup();
+ if (free_bio_err) {
+ BIO_free_all(bio_err);
+ bio_err = NULL;
+ }
+
+ OPENSSL_EXIT(ret);
+}
+
+/*
+ * Configuration file-related function definitions.
+ */
+
+static ASN1_OBJECT *txt2obj(const char *oid)
+{
+ ASN1_OBJECT *oid_obj = NULL;
+
+ if (!(oid_obj = OBJ_txt2obj(oid, 0)))
+ BIO_printf(bio_err, "cannot convert %s to OID\n", oid);
+
+ return oid_obj;
+}
+
+static CONF *load_config_file(const char *configfile)
+{
+ CONF *conf = NULL;
+ long errorline = -1;
+
+ if (!configfile)
+ configfile = getenv("OPENSSL_CONF");
+ if (!configfile)
+ configfile = getenv("SSLEAY_CONF");
+
+ if (configfile &&
+ (!(conf = NCONF_new(NULL)) ||
+ NCONF_load(conf, configfile, &errorline) <= 0)) {
+ if (errorline <= 0)
+ BIO_printf(bio_err, "error loading the config file "
+ "'%s'\n", configfile);
+ else
+ BIO_printf(bio_err, "error on line %ld of config file "
+ "'%s'\n", errorline, configfile);
+ }
+
+ if (conf != NULL) {
+ const char *p;
+
+ BIO_printf(bio_err, "Using configuration from %s\n", configfile);
+ p = NCONF_get_string(conf, NULL, ENV_OID_FILE);
+ if (p != NULL) {
+ BIO *oid_bio = BIO_new_file(p, "r");
+ if (!oid_bio)
+ ERR_print_errors(bio_err);
+ else {
+ OBJ_create_objects(oid_bio);
+ BIO_free_all(oid_bio);
+ }
+ } else
+ ERR_clear_error();
+ if (!add_oid_section(bio_err, conf))
+ ERR_print_errors(bio_err);
+ }
+ return conf;
+}
+
+/*
+ * Query-related method definitions.
+ */
+
+static int query_command(const char *data, char *digest, const EVP_MD *md,
+ const char *policy, int no_nonce,
+ int cert, const char *in, const char *out, int text)
+{
+ int ret = 0;
+ TS_REQ *query = NULL;
+ BIO *in_bio = NULL;
+ BIO *data_bio = NULL;
+ BIO *out_bio = NULL;
+
+ /* Build query object either from file or from scratch. */
+ if (in != NULL) {
+ if ((in_bio = BIO_new_file(in, "rb")) == NULL)
+ goto end;
+ query = d2i_TS_REQ_bio(in_bio, NULL);
+ } else {
+ /*
+ * Open the file if no explicit digest bytes were specified.
+ */
+ if (!digest && !(data_bio = BIO_open_with_default(data, "rb", stdin)))
+ goto end;
+ /* Creating the query object. */
+ query = create_query(data_bio, digest, md, policy, no_nonce, cert);
+ /* Saving the random number generator state. */
+ }
+ if (query == NULL)
+ goto end;
+
+ /* Write query either in ASN.1 or in text format. */
+ if ((out_bio = BIO_open_with_default(out, "wb", stdout)) == NULL)
+ goto end;
+ if (text) {
+ /* Text output. */
+ if (!TS_REQ_print_bio(out_bio, query))
+ goto end;
+ } else {
+ /* ASN.1 output. */
+ if (!i2d_TS_REQ_bio(out_bio, query))
+ goto end;
+ }
+
+ ret = 1;
+
+ end:
+ ERR_print_errors(bio_err);
+
+ /* Clean up. */
+ BIO_free_all(in_bio);
+ BIO_free_all(data_bio);
+ BIO_free_all(out_bio);
+ TS_REQ_free(query);
+
+ return ret;
+}
+
+static BIO *BIO_open_with_default(const char *file, const char *mode,
+ FILE *default_fp)
+{
+ return file == NULL ? BIO_new_fp(default_fp, BIO_NOCLOSE)
+ : BIO_new_file(file, mode);
+}
+
+static TS_REQ *create_query(BIO *data_bio, char *digest, const EVP_MD *md,
+ const char *policy, int no_nonce, int cert)
+{
+ int ret = 0;
+ TS_REQ *ts_req = NULL;
+ int len;
+ TS_MSG_IMPRINT *msg_imprint = NULL;
+ X509_ALGOR *algo = NULL;
+ unsigned char *data = NULL;
+ ASN1_OBJECT *policy_obj = NULL;
+ ASN1_INTEGER *nonce_asn1 = NULL;
+
+ /* Setting default message digest. */
+ if (!md && !(md = EVP_get_digestbyname("sha1")))
+ goto err;
+
+ /* Creating request object. */
+ if (!(ts_req = TS_REQ_new()))
+ goto err;
+
+ /* Setting version. */
+ if (!TS_REQ_set_version(ts_req, 1))
+ goto err;
+
+ /* Creating and adding MSG_IMPRINT object. */
+ if (!(msg_imprint = TS_MSG_IMPRINT_new()))
+ goto err;
+
+ /* Adding algorithm. */
+ if (!(algo = X509_ALGOR_new()))
+ goto err;
+ if (!(algo->algorithm = OBJ_nid2obj(EVP_MD_type(md))))
+ goto err;
+ if (!(algo->parameter = ASN1_TYPE_new()))
+ goto err;
+ algo->parameter->type = V_ASN1_NULL;
+ if (!TS_MSG_IMPRINT_set_algo(msg_imprint, algo))
+ goto err;
+
+ /* Adding message digest. */
+ if ((len = create_digest(data_bio, digest, md, &data)) == 0)
+ goto err;
+ if (!TS_MSG_IMPRINT_set_msg(msg_imprint, data, len))
+ goto err;
+
+ if (!TS_REQ_set_msg_imprint(ts_req, msg_imprint))
+ goto err;
+
+ /* Setting policy if requested. */
+ if (policy && !(policy_obj = txt2obj(policy)))
+ goto err;
+ if (policy_obj && !TS_REQ_set_policy_id(ts_req, policy_obj))
+ goto err;
+
+ /* Setting nonce if requested. */
+ if (!no_nonce && !(nonce_asn1 = create_nonce(NONCE_LENGTH)))
+ goto err;
+ if (nonce_asn1 && !TS_REQ_set_nonce(ts_req, nonce_asn1))
+ goto err;
+
+ /* Setting certificate request flag if requested. */
+ if (!TS_REQ_set_cert_req(ts_req, cert))
+ goto err;
+
+ ret = 1;
+ err:
+ if (!ret) {
+ TS_REQ_free(ts_req);
+ ts_req = NULL;
+ BIO_printf(bio_err, "could not create query\n");
+ }
+ TS_MSG_IMPRINT_free(msg_imprint);
+ X509_ALGOR_free(algo);
+ OPENSSL_free(data);
+ ASN1_OBJECT_free(policy_obj);
+ ASN1_INTEGER_free(nonce_asn1);
+ return ts_req;
+}
+
+static int create_digest(BIO *input, char *digest, const EVP_MD *md,
+ unsigned char **md_value)
+{
+ int md_value_len;
+
+ md_value_len = EVP_MD_size(md);
+ if (md_value_len < 0)
+ goto err;
+ if (input) {
+ /* Digest must be computed from an input file. */
+ EVP_MD_CTX md_ctx;
+ unsigned char buffer[4096];
+ int length;
+
+ *md_value = OPENSSL_malloc(md_value_len);
+ if (*md_value == 0)
+ goto err;
+
+ EVP_DigestInit(&md_ctx, md);
+ while ((length = BIO_read(input, buffer, sizeof(buffer))) > 0) {
+ EVP_DigestUpdate(&md_ctx, buffer, length);
+ }
+ EVP_DigestFinal(&md_ctx, *md_value, NULL);
+ } else {
+ /* Digest bytes are specified with digest. */
+ long digest_len;
+ *md_value = string_to_hex(digest, &digest_len);
+ if (!*md_value || md_value_len != digest_len) {
+ OPENSSL_free(*md_value);
+ *md_value = NULL;
+ BIO_printf(bio_err, "bad digest, %d bytes "
+ "must be specified\n", md_value_len);
+ goto err;
+ }
+ }
+
+ return md_value_len;
+ err:
+ return 0;
+}
+
+static ASN1_INTEGER *create_nonce(int bits)
+{
+ unsigned char buf[20];
+ ASN1_INTEGER *nonce = NULL;
+ int len = (bits - 1) / 8 + 1;
+ int i;
+
+ /* Generating random byte sequence. */
+ if (len > (int)sizeof(buf))
+ goto err;
+ if (RAND_bytes(buf, len) <= 0)
+ goto err;
+
+ /* Find the first non-zero byte and creating ASN1_INTEGER object. */
+ for (i = 0; i < len && !buf[i]; ++i) ;
+ if (!(nonce = ASN1_INTEGER_new()))
+ goto err;
+ OPENSSL_free(nonce->data);
+ /* Allocate at least one byte. */
+ nonce->length = len - i;
+ if (!(nonce->data = OPENSSL_malloc(nonce->length + 1)))
+ goto err;
+ memcpy(nonce->data, buf + i, nonce->length);
+
+ return nonce;
+ err:
+ BIO_printf(bio_err, "could not create nonce\n");
+ ASN1_INTEGER_free(nonce);
+ return NULL;
+}
+
+/*
+ * Reply-related method definitions.
+ */
+
+static int reply_command(CONF *conf, char *section, char *engine,
+ char *queryfile, char *passin, char *inkey,
+ char *signer, char *chain, const char *policy,
+ char *in, int token_in,
+ char *out, int token_out, int text)
+{
+ int ret = 0;
+ TS_RESP *response = NULL;
+ BIO *in_bio = NULL;
+ BIO *query_bio = NULL;
+ BIO *inkey_bio = NULL;
+ BIO *signer_bio = NULL;
+ BIO *out_bio = NULL;
+
+ /* Build response object either from response or query. */
+ if (in != NULL) {
+ if ((in_bio = BIO_new_file(in, "rb")) == NULL)
+ goto end;
+ if (token_in) {
+ /*
+ * We have a ContentInfo (PKCS7) object, add 'granted' status
+ * info around it.
+ */
+ response = read_PKCS7(in_bio);
+ } else {
+ /* We have a ready-made TS_RESP object. */
+ response = d2i_TS_RESP_bio(in_bio, NULL);
+ }
+ } else {
+ response = create_response(conf, section, engine, queryfile,
+ passin, inkey, signer, chain, policy);
+ if (response)
+ BIO_printf(bio_err, "Response has been generated.\n");
+ else
+ BIO_printf(bio_err, "Response is not generated.\n");
+ }
+ if (response == NULL)
+ goto end;
+
+ /* Write response either in ASN.1 or text format. */
+ if ((out_bio = BIO_open_with_default(out, "wb", stdout)) == NULL)
+ goto end;
+ if (text) {
+ /* Text output. */
+ if (token_out) {
+ TS_TST_INFO *tst_info = TS_RESP_get_tst_info(response);
+ if (!TS_TST_INFO_print_bio(out_bio, tst_info))
+ goto end;
+ } else {
+ if (!TS_RESP_print_bio(out_bio, response))
+ goto end;
+ }
+ } else {
+ /* ASN.1 DER output. */
+ if (token_out) {
+ PKCS7 *token = TS_RESP_get_token(response);
+ if (!i2d_PKCS7_bio(out_bio, token))
+ goto end;
+ } else {
+ if (!i2d_TS_RESP_bio(out_bio, response))
+ goto end;
+ }
+ }
+
+ ret = 1;
+
+ end:
+ ERR_print_errors(bio_err);
+
+ /* Clean up. */
+ BIO_free_all(in_bio);
+ BIO_free_all(query_bio);
+ BIO_free_all(inkey_bio);
+ BIO_free_all(signer_bio);
+ BIO_free_all(out_bio);
+ TS_RESP_free(response);
+
+ return ret;
+}
+
+/* Reads a PKCS7 token and adds default 'granted' status info to it. */
+static TS_RESP *read_PKCS7(BIO *in_bio)
+{
+ int ret = 0;
+ PKCS7 *token = NULL;
+ TS_TST_INFO *tst_info = NULL;
+ TS_RESP *resp = NULL;
+ TS_STATUS_INFO *si = NULL;
+
+ /* Read PKCS7 object and extract the signed time stamp info. */
+ if (!(token = d2i_PKCS7_bio(in_bio, NULL)))
+ goto end;
+ if (!(tst_info = PKCS7_to_TS_TST_INFO(token)))
+ goto end;
+
+ /* Creating response object. */
+ if (!(resp = TS_RESP_new()))
+ goto end;
+
+ /* Create granted status info. */
+ if (!(si = TS_STATUS_INFO_new()))
+ goto end;
+ if (!(ASN1_INTEGER_set(si->status, TS_STATUS_GRANTED)))
+ goto end;
+ if (!TS_RESP_set_status_info(resp, si))
+ goto end;
+
+ /* Setting encapsulated token. */
+ TS_RESP_set_tst_info(resp, token, tst_info);
+ token = NULL; /* Ownership is lost. */
+ tst_info = NULL; /* Ownership is lost. */
+
+ ret = 1;
+ end:
+ PKCS7_free(token);
+ TS_TST_INFO_free(tst_info);
+ if (!ret) {
+ TS_RESP_free(resp);
+ resp = NULL;
+ }
+ TS_STATUS_INFO_free(si);
+ return resp;
+}
+
+static TS_RESP *create_response(CONF *conf, const char *section, char *engine,
+ char *queryfile, char *passin, char *inkey,
+ char *signer, char *chain, const char *policy)
+{
+ int ret = 0;
+ TS_RESP *response = NULL;
+ BIO *query_bio = NULL;
+ TS_RESP_CTX *resp_ctx = NULL;
+
+ if (!(query_bio = BIO_new_file(queryfile, "rb")))
+ goto end;
+
+ /* Getting TSA configuration section. */
+ if (!(section = TS_CONF_get_tsa_section(conf, section)))
+ goto end;
+
+ /* Setting up response generation context. */
+ if (!(resp_ctx = TS_RESP_CTX_new()))
+ goto end;
+
+ /* Setting serial number provider callback. */
+ if (!TS_CONF_set_serial(conf, section, serial_cb, resp_ctx))
+ goto end;
+#ifndef OPENSSL_NO_ENGINE
+ /* Setting default OpenSSL engine. */
+ if (!TS_CONF_set_crypto_device(conf, section, engine))
+ goto end;
+#endif
+
+ /* Setting TSA signer certificate. */
+ if (!TS_CONF_set_signer_cert(conf, section, signer, resp_ctx))
+ goto end;
+
+ /* Setting TSA signer certificate chain. */
+ if (!TS_CONF_set_certs(conf, section, chain, resp_ctx))
+ goto end;
+
+ /* Setting TSA signer private key. */
+ if (!TS_CONF_set_signer_key(conf, section, inkey, passin, resp_ctx))
+ goto end;
+
+ /* Setting default policy OID. */
+ if (!TS_CONF_set_def_policy(conf, section, policy, resp_ctx))
+ goto end;
+
+ /* Setting acceptable policy OIDs. */
+ if (!TS_CONF_set_policies(conf, section, resp_ctx))
+ goto end;
+
+ /* Setting the acceptable one-way hash algorithms. */
+ if (!TS_CONF_set_digests(conf, section, resp_ctx))
+ goto end;
+
+ /* Setting guaranteed time stamp accuracy. */
+ if (!TS_CONF_set_accuracy(conf, section, resp_ctx))
+ goto end;
+
+ /* Setting the precision of the time. */
+ if (!TS_CONF_set_clock_precision_digits(conf, section, resp_ctx))
+ goto end;
+
+ /* Setting the ordering flaf if requested. */
+ if (!TS_CONF_set_ordering(conf, section, resp_ctx))
+ goto end;
+
+ /* Setting the TSA name required flag if requested. */
+ if (!TS_CONF_set_tsa_name(conf, section, resp_ctx))
+ goto end;
+
+ /* Setting the ESS cert id chain flag if requested. */
+ if (!TS_CONF_set_ess_cert_id_chain(conf, section, resp_ctx))
+ goto end;
+
+ /* Creating the response. */
+ if (!(response = TS_RESP_create_response(resp_ctx, query_bio)))
+ goto end;
+
+ ret = 1;
+ end:
+ if (!ret) {
+ TS_RESP_free(response);
+ response = NULL;
+ }
+ TS_RESP_CTX_free(resp_ctx);
+ BIO_free_all(query_bio);
+
+ return response;
+}
+
+static ASN1_INTEGER *MS_CALLBACK serial_cb(TS_RESP_CTX *ctx, void *data)
+{
+ const char *serial_file = (const char *)data;
+ ASN1_INTEGER *serial = next_serial(serial_file);
+
+ if (!serial) {
+ TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
+ "Error during serial number "
+ "generation.");
+ TS_RESP_CTX_add_failure_info(ctx, TS_INFO_ADD_INFO_NOT_AVAILABLE);
+ } else
+ save_ts_serial(serial_file, serial);
+
+ return serial;
+}
+
+static ASN1_INTEGER *next_serial(const char *serialfile)
+{
+ int ret = 0;
+ BIO *in = NULL;
+ ASN1_INTEGER *serial = NULL;
+ BIGNUM *bn = NULL;
+
+ if (!(serial = ASN1_INTEGER_new()))
+ goto err;
+
+ if (!(in = BIO_new_file(serialfile, "r"))) {
+ ERR_clear_error();
+ BIO_printf(bio_err, "Warning: could not open file %s for "
+ "reading, using serial number: 1\n", serialfile);
+ if (!ASN1_INTEGER_set(serial, 1))
+ goto err;
+ } else {
+ char buf[1024];
+ if (!a2i_ASN1_INTEGER(in, serial, buf, sizeof(buf))) {
+ BIO_printf(bio_err, "unable to load number from %s\n",
+ serialfile);
+ goto err;
+ }
+ if (!(bn = ASN1_INTEGER_to_BN(serial, NULL)))
+ goto err;
+ ASN1_INTEGER_free(serial);
+ serial = NULL;
+ if (!BN_add_word(bn, 1))
+ goto err;
+ if (!(serial = BN_to_ASN1_INTEGER(bn, NULL)))
+ goto err;
+ }
+ ret = 1;
+ err:
+ if (!ret) {
+ ASN1_INTEGER_free(serial);
+ serial = NULL;
+ }
+ BIO_free_all(in);
+ BN_free(bn);
+ return serial;
+}
+
+static int save_ts_serial(const char *serialfile, ASN1_INTEGER *serial)
+{
+ int ret = 0;
+ BIO *out = NULL;
+
+ if (!(out = BIO_new_file(serialfile, "w")))
+ goto err;
+ if (i2a_ASN1_INTEGER(out, serial) <= 0)
+ goto err;
+ if (BIO_puts(out, "\n") <= 0)
+ goto err;
+ ret = 1;
+ err:
+ if (!ret)
+ BIO_printf(bio_err, "could not save serial number to %s\n",
+ serialfile);
+ BIO_free_all(out);
+ return ret;
+}
+
+/*
+ * Verify-related method definitions.
+ */
+
+static int verify_command(char *data, char *digest, char *queryfile,
+ char *in, int token_in,
+ char *ca_path, char *ca_file, char *untrusted)
+{
+ BIO *in_bio = NULL;
+ PKCS7 *token = NULL;
+ TS_RESP *response = NULL;
+ TS_VERIFY_CTX *verify_ctx = NULL;
+ int ret = 0;
+
+ /* Decode the token (PKCS7) or response (TS_RESP) files. */
+ if (!(in_bio = BIO_new_file(in, "rb")))
+ goto end;
+ if (token_in) {
+ if (!(token = d2i_PKCS7_bio(in_bio, NULL)))
+ goto end;
+ } else {
+ if (!(response = d2i_TS_RESP_bio(in_bio, NULL)))
+ goto end;
+ }
+
+ if (!(verify_ctx = create_verify_ctx(data, digest, queryfile,
+ ca_path, ca_file, untrusted)))
+ goto end;
+
+ /* Checking the token or response against the request. */
+ ret = token_in ?
+ TS_RESP_verify_token(verify_ctx, token) :
+ TS_RESP_verify_response(verify_ctx, response);
+
+ end:
+ printf("Verification: ");
+ if (ret)
+ printf("OK\n");
+ else {
+ printf("FAILED\n");
+ /* Print errors, if there are any. */
+ ERR_print_errors(bio_err);
+ }
+
+ /* Clean up. */
+ BIO_free_all(in_bio);
+ PKCS7_free(token);
+ TS_RESP_free(response);
+ TS_VERIFY_CTX_free(verify_ctx);
+ return ret;
+}
+
+static TS_VERIFY_CTX *create_verify_ctx(char *data, char *digest,
+ char *queryfile,
+ char *ca_path, char *ca_file,
+ char *untrusted)
+{
+ TS_VERIFY_CTX *ctx = NULL;
+ BIO *input = NULL;
+ TS_REQ *request = NULL;
+ int ret = 0;
+
+ if (data != NULL || digest != NULL) {
+ if (!(ctx = TS_VERIFY_CTX_new()))
+ goto err;
+ ctx->flags = TS_VFY_VERSION | TS_VFY_SIGNER;
+ if (data != NULL) {
+ ctx->flags |= TS_VFY_DATA;
+ if (!(ctx->data = BIO_new_file(data, "rb")))
+ goto err;
+ } else if (digest != NULL) {
+ long imprint_len;
+ ctx->flags |= TS_VFY_IMPRINT;
+ if (!(ctx->imprint = string_to_hex(digest, &imprint_len))) {
+ BIO_printf(bio_err, "invalid digest string\n");
+ goto err;
+ }
+ ctx->imprint_len = imprint_len;
+ }
+
+ } else if (queryfile != NULL) {
+ /*
+ * The request has just to be read, decoded and converted to a verify
+ * context object.
+ */
+ if (!(input = BIO_new_file(queryfile, "rb")))
+ goto err;
+ if (!(request = d2i_TS_REQ_bio(input, NULL)))
+ goto err;
+ if (!(ctx = TS_REQ_to_TS_VERIFY_CTX(request, NULL)))
+ goto err;
+ } else
+ return NULL;
+
+ /* Add the signature verification flag and arguments. */
+ ctx->flags |= TS_VFY_SIGNATURE;
+
+ /* Initialising the X509_STORE object. */
+ if (!(ctx->store = create_cert_store(ca_path, ca_file)))
+ goto err;
+
+ /* Loading untrusted certificates. */
+ if (untrusted && !(ctx->certs = TS_CONF_load_certs(untrusted)))
+ goto err;
+
+ ret = 1;
+ err:
+ if (!ret) {
+ TS_VERIFY_CTX_free(ctx);
+ ctx = NULL;
+ }
+ BIO_free_all(input);
+ TS_REQ_free(request);
+ return ctx;
+}
+
+static X509_STORE *create_cert_store(char *ca_path, char *ca_file)
+{
+ X509_STORE *cert_ctx = NULL;
+ X509_LOOKUP *lookup = NULL;
+ int i;
+
+ /* Creating the X509_STORE object. */
+ cert_ctx = X509_STORE_new();
+
+ /* Setting the callback for certificate chain verification. */
+ X509_STORE_set_verify_cb(cert_ctx, verify_cb);
+
+ /* Adding a trusted certificate directory source. */
+ if (ca_path) {
+ lookup = X509_STORE_add_lookup(cert_ctx, X509_LOOKUP_hash_dir());
+ if (lookup == NULL) {
+ BIO_printf(bio_err, "memory allocation failure\n");
+ goto err;
+ }
+ i = X509_LOOKUP_add_dir(lookup, ca_path, X509_FILETYPE_PEM);
+ if (!i) {
+ BIO_printf(bio_err, "Error loading directory %s\n", ca_path);
+ goto err;
+ }
+ }
+
+ /* Adding a trusted certificate file source. */
+ if (ca_file) {
+ lookup = X509_STORE_add_lookup(cert_ctx, X509_LOOKUP_file());
+ if (lookup == NULL) {
+ BIO_printf(bio_err, "memory allocation failure\n");
+ goto err;
+ }
+ i = X509_LOOKUP_load_file(lookup, ca_file, X509_FILETYPE_PEM);
+ if (!i) {
+ BIO_printf(bio_err, "Error loading file %s\n", ca_file);
+ goto err;
+ }
+ }
+
+ return cert_ctx;
+ err:
+ X509_STORE_free(cert_ctx);
+ return NULL;
+}
+
+static int MS_CALLBACK verify_cb(int ok, X509_STORE_CTX *ctx)
+{
+ /*-
+ char buf[256];
+
+ if (!ok)
+ {
+ X509_NAME_oneline(X509_get_subject_name(ctx->current_cert),
+ buf, sizeof(buf));
+ printf("%s\n", buf);
+ printf("error %d at %d depth lookup: %s\n",
+ ctx->error, ctx->error_depth,
+ X509_verify_cert_error_string(ctx->error));
+ }
+ */
+
+ return ok;
+}
Copied: trunk/crypto/openssl/apps/tsget (from rev 7117, vendor-crypto/openssl/dist/apps/tsget)
===================================================================
--- trunk/crypto/openssl/apps/tsget (rev 0)
+++ trunk/crypto/openssl/apps/tsget 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,196 @@
+#!/usr/bin/perl -w
+# Written by Zoltan Glozik <zglozik at stones.com>.
+# Copyright (c) 2002 The OpenTSA Project. All rights reserved.
+$::version = '$Id: tsget,v 1.1.2.2 2009/09/07 17:57:02 steve Exp $';
+
+use strict;
+use IO::Handle;
+use Getopt::Std;
+use File::Basename;
+use WWW::Curl::Easy;
+
+use vars qw(%options);
+
+# Callback for reading the body.
+sub read_body {
+ my ($maxlength, $state) = @_;
+ my $return_data = "";
+ my $data_len = length ${$state->{data}};
+ if ($state->{bytes} < $data_len) {
+ $data_len = $data_len - $state->{bytes};
+ $data_len = $maxlength if $data_len > $maxlength;
+ $return_data = substr ${$state->{data}}, $state->{bytes}, $data_len;
+ $state->{bytes} += $data_len;
+ }
+ return $return_data;
+}
+
+# Callback for writing the body into a variable.
+sub write_body {
+ my ($data, $pointer) = @_;
+ ${$pointer} .= $data;
+ return length($data);
+}
+
+# Initialise a new Curl object.
+sub create_curl {
+ my $url = shift;
+
+ # Create Curl object.
+ my $curl = WWW::Curl::Easy::new();
+
+ # Error-handling related options.
+ $curl->setopt(CURLOPT_VERBOSE, 1) if $options{d};
+ $curl->setopt(CURLOPT_FAILONERROR, 1);
+ $curl->setopt(CURLOPT_USERAGENT, "OpenTSA tsget.pl/" . (split / /, $::version)[2]);
+
+ # Options for POST method.
+ $curl->setopt(CURLOPT_UPLOAD, 1);
+ $curl->setopt(CURLOPT_CUSTOMREQUEST, "POST");
+ $curl->setopt(CURLOPT_HTTPHEADER,
+ ["Content-Type: application/timestamp-query",
+ "Accept: application/timestamp-reply,application/timestamp-response"]);
+ $curl->setopt(CURLOPT_READFUNCTION, \&read_body);
+ $curl->setopt(CURLOPT_HEADERFUNCTION, sub { return length($_[0]); });
+
+ # Options for getting the result.
+ $curl->setopt(CURLOPT_WRITEFUNCTION, \&write_body);
+
+ # SSL related options.
+ $curl->setopt(CURLOPT_SSLKEYTYPE, "PEM");
+ $curl->setopt(CURLOPT_SSL_VERIFYPEER, 1); # Verify server's certificate.
+ $curl->setopt(CURLOPT_SSL_VERIFYHOST, 2); # Check server's CN.
+ $curl->setopt(CURLOPT_SSLKEY, $options{k}) if defined($options{k});
+ $curl->setopt(CURLOPT_SSLKEYPASSWD, $options{p}) if defined($options{p});
+ $curl->setopt(CURLOPT_SSLCERT, $options{c}) if defined($options{c});
+ $curl->setopt(CURLOPT_CAINFO, $options{C}) if defined($options{C});
+ $curl->setopt(CURLOPT_CAPATH, $options{P}) if defined($options{P});
+ $curl->setopt(CURLOPT_RANDOM_FILE, $options{r}) if defined($options{r});
+ $curl->setopt(CURLOPT_EGDSOCKET, $options{g}) if defined($options{g});
+
+ # Setting destination.
+ $curl->setopt(CURLOPT_URL, $url);
+
+ return $curl;
+}
+
+# Send a request and returns the body back.
+sub get_timestamp {
+ my $curl = shift;
+ my $body = shift;
+ my $ts_body;
+ local $::error_buf;
+
+ # Error-handling related options.
+ $curl->setopt(CURLOPT_ERRORBUFFER, "::error_buf");
+
+ # Options for POST method.
+ $curl->setopt(CURLOPT_INFILE, {data => $body, bytes => 0});
+ $curl->setopt(CURLOPT_INFILESIZE, length(${$body}));
+
+ # Options for getting the result.
+ $curl->setopt(CURLOPT_FILE, \$ts_body);
+
+ # Send the request...
+ my $error_code = $curl->perform();
+ my $error_string;
+ if ($error_code != 0) {
+ my $http_code = $curl->getinfo(CURLINFO_HTTP_CODE);
+ $error_string = "could not get timestamp";
+ $error_string .= ", http code: $http_code" unless $http_code == 0;
+ $error_string .= ", curl code: $error_code";
+ $error_string .= " ($::error_buf)" if defined($::error_buf);
+ } else {
+ my $ct = $curl->getinfo(CURLINFO_CONTENT_TYPE);
+ if (lc($ct) ne "application/timestamp-reply"
+ && lc($ct) ne "application/timestamp-response") {
+ $error_string = "unexpected content type returned: $ct";
+ }
+ }
+ return ($ts_body, $error_string);
+
+}
+
+# Print usage information and exists.
+sub usage {
+
+ print STDERR "usage: $0 -h <server_url> [-e <extension>] [-o <output>] ";
+ print STDERR "[-v] [-d] [-k <private_key.pem>] [-p <key_password>] ";
+ print STDERR "[-c <client_cert.pem>] [-C <CA_certs.pem>] [-P <CA_path>] ";
+ print STDERR "[-r <file:file...>] [-g <EGD_socket>] [<request>]...\n";
+ exit 1;
+}
+
+# ----------------------------------------------------------------------
+# Main program
+# ----------------------------------------------------------------------
+
+# Getting command-line options (default comes from TSGET environment variable).
+my $getopt_arg = "h:e:o:vdk:p:c:C:P:r:g:";
+if (exists $ENV{TSGET}) {
+ my @old_argv = @ARGV;
+ @ARGV = split /\s+/, $ENV{TSGET};
+ getopts($getopt_arg, \%options) or usage;
+ @ARGV = @old_argv;
+}
+getopts($getopt_arg, \%options) or usage;
+
+# Checking argument consistency.
+if (!exists($options{h}) || (@ARGV == 0 && !exists($options{o}))
+ || (@ARGV > 1 && exists($options{o}))) {
+ print STDERR "Inconsistent command line options.\n";
+ usage;
+}
+# Setting defaults.
+ at ARGV = ("-") unless @ARGV != 0;
+$options{e} = ".tsr" unless defined($options{e});
+
+# Processing requests.
+my $curl = create_curl $options{h};
+undef $/; # For reading whole files.
+REQUEST: foreach (@ARGV) {
+ my $input = $_;
+ my ($base, $path) = fileparse($input, '\.[^.]*');
+ my $output_base = $base . $options{e};
+ my $output = defined($options{o}) ? $options{o} : $path . $output_base;
+
+ STDERR->printflush("$input: ") if $options{v};
+ # Read request.
+ my $body;
+ if ($input eq "-") {
+ # Read the request from STDIN;
+ $body = <STDIN>;
+ } else {
+ # Read the request from file.
+ open INPUT, "<" . $input
+ or warn("$input: could not open input file: $!\n"), next REQUEST;
+ $body = <INPUT>;
+ close INPUT
+ or warn("$input: could not close input file: $!\n"), next REQUEST;
+ }
+
+ # Send request.
+ STDERR->printflush("sending request") if $options{v};
+
+ my ($ts_body, $error) = get_timestamp $curl, \$body;
+ if (defined($error)) {
+ die "$input: fatal error: $error\n";
+ }
+ STDERR->printflush(", reply received") if $options{v};
+
+ # Write response.
+ if ($output eq "-") {
+ # Write to STDOUT.
+ print $ts_body;
+ } else {
+ # Write to file.
+ open OUTPUT, ">", $output
+ or warn("$output: could not open output file: $!\n"), next REQUEST;
+ print OUTPUT $ts_body;
+ close OUTPUT
+ or warn("$output: could not close output file: $!\n"), next REQUEST;
+ }
+ STDERR->printflush(", $output written.\n") if $options{v};
+}
+$curl->cleanup();
+WWW::Curl::Easy::global_cleanup();
Modified: trunk/crypto/openssl/apps/verify.c
===================================================================
--- trunk/crypto/openssl/apps/verify.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/apps/verify.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -70,9 +70,9 @@
#define PROG verify_main
static int MS_CALLBACK cb(int ok, X509_STORE_CTX *ctx);
-static int check(X509_STORE *ctx, char *file, STACK_OF(X509) *uchain,
- STACK_OF(X509) *tchain, int purpose, ENGINE *e);
-static STACK_OF(X509) *load_untrusted(char *file);
+static int check(X509_STORE *ctx, char *file,
+ STACK_OF(X509) *uchain, STACK_OF(X509) *tchain,
+ STACK_OF(X509_CRL) *crls, ENGINE *e);
static int v_verbose = 0, vflags = 0;
int MAIN(int, char **);
@@ -81,10 +81,10 @@
{
ENGINE *e = NULL;
int i, ret = 1, badarg = 0;
- int purpose = -1;
char *CApath = NULL, *CAfile = NULL;
- char *untfile = NULL, *trustfile = NULL;
+ char *untfile = NULL, *trustfile = NULL, *crlfile = NULL;
STACK_OF(X509) *untrusted = NULL, *trusted = NULL;
+ STACK_OF(X509_CRL) *crls = NULL;
X509_STORE *cert_ctx = NULL;
X509_LOOKUP *lookup = NULL;
X509_VERIFY_PARAM *vpm = NULL;
@@ -95,7 +95,7 @@
cert_ctx = X509_STORE_new();
if (cert_ctx == NULL)
goto end;
- X509_STORE_set_verify_cb_func(cert_ctx, cb);
+ X509_STORE_set_verify_cb(cert_ctx, cb);
ERR_load_crypto_strings();
@@ -132,6 +132,10 @@
if (argc-- < 1)
goto end;
trustfile = *(++argv);
+ } else if (strcmp(*argv, "-CRLfile") == 0) {
+ if (argc-- < 1)
+ goto end;
+ crlfile = *(++argv);
}
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv, "-engine") == 0) {
@@ -190,36 +194,45 @@
ERR_clear_error();
if (untfile) {
- if (!(untrusted = load_untrusted(untfile))) {
- BIO_printf(bio_err, "Error loading untrusted file %s\n", untfile);
- ERR_print_errors(bio_err);
+ untrusted = load_certs(bio_err, untfile, FORMAT_PEM,
+ NULL, e, "untrusted certificates");
+ if (!untrusted)
goto end;
- }
}
if (trustfile) {
- if (!(trusted = load_untrusted(trustfile))) {
- BIO_printf(bio_err, "Error loading untrusted file %s\n",
- trustfile);
- ERR_print_errors(bio_err);
+ trusted = load_certs(bio_err, trustfile, FORMAT_PEM,
+ NULL, e, "trusted certificates");
+ if (!trusted)
goto end;
- }
}
- if (argc < 1)
- check(cert_ctx, NULL, untrusted, trusted, purpose, e);
- else
+ if (crlfile) {
+ crls = load_crls(bio_err, crlfile, FORMAT_PEM, NULL, e, "other CRLs");
+ if (!crls)
+ goto end;
+ }
+
+ ret = 0;
+ if (argc < 1) {
+ if (1 != check(cert_ctx, NULL, untrusted, trusted, crls, e))
+ ret = -1;
+ } else {
for (i = 0; i < argc; i++)
- check(cert_ctx, argv[i], untrusted, trusted, purpose, e);
- ret = 0;
+ if (1 != check(cert_ctx, argv[i], untrusted, trusted, crls, e))
+ ret = -1;
+ }
+
end:
if (ret == 1) {
BIO_printf(bio_err,
"usage: verify [-verbose] [-CApath path] [-CAfile file] [-purpose purpose] [-crl_check]");
+ BIO_printf(bio_err, " [-no_alt_chains] [-attime timestamp]");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err, " [-engine e]");
#endif
BIO_printf(bio_err, " cert1 cert2 ...\n");
+
BIO_printf(bio_err, "recognized usages:\n");
for (i = 0; i < X509_PURPOSE_get_count(); i++) {
X509_PURPOSE *ptmp;
@@ -235,12 +248,14 @@
X509_STORE_free(cert_ctx);
sk_X509_pop_free(untrusted, X509_free);
sk_X509_pop_free(trusted, X509_free);
+ sk_X509_CRL_pop_free(crls, X509_CRL_free);
apps_shutdown();
- OPENSSL_EXIT(ret);
+ OPENSSL_EXIT(ret < 0 ? 2 : ret);
}
-static int check(X509_STORE *ctx, char *file, STACK_OF(X509) *uchain,
- STACK_OF(X509) *tchain, int purpose, ENGINE *e)
+static int check(X509_STORE *ctx, char *file,
+ STACK_OF(X509) *uchain, STACK_OF(X509) *tchain,
+ STACK_OF(X509_CRL) *crls, ENGINE *e)
{
X509 *x = NULL;
int i = 0, ret = 0;
@@ -263,8 +278,8 @@
}
if (tchain)
X509_STORE_CTX_trusted_stack(csc, tchain);
- if (purpose >= 0)
- X509_STORE_CTX_set_purpose(csc, purpose);
+ if (crls)
+ X509_STORE_CTX_set0_crls(csc, crls);
i = X509_verify_cert(csc);
X509_STORE_CTX_free(csc);
@@ -281,94 +296,50 @@
return (ret);
}
-static STACK_OF(X509) *load_untrusted(char *certfile)
+static int MS_CALLBACK cb(int ok, X509_STORE_CTX *ctx)
{
- STACK_OF(X509_INFO) *sk = NULL;
- STACK_OF(X509) *stack = NULL, *ret = NULL;
- BIO *in = NULL;
- X509_INFO *xi;
+ int cert_error = X509_STORE_CTX_get_error(ctx);
+ X509 *current_cert = X509_STORE_CTX_get_current_cert(ctx);
- if (!(stack = sk_X509_new_null())) {
- BIO_printf(bio_err, "memory allocation failure\n");
- goto end;
- }
+ if (!ok) {
+ if (current_cert) {
+ X509_NAME_print_ex_fp(stdout,
+ X509_get_subject_name(current_cert),
+ 0, XN_FLAG_ONELINE);
+ printf("\n");
+ }
+ printf("%serror %d at %d depth lookup:%s\n",
+ X509_STORE_CTX_get0_parent_ctx(ctx) ? "[CRL path]" : "",
+ cert_error,
+ X509_STORE_CTX_get_error_depth(ctx),
+ X509_verify_cert_error_string(cert_error));
+ switch (cert_error) {
+ case X509_V_ERR_NO_EXPLICIT_POLICY:
+ policies_print(NULL, ctx);
+ case X509_V_ERR_CERT_HAS_EXPIRED:
- if (!(in = BIO_new_file(certfile, "r"))) {
- BIO_printf(bio_err, "error opening the file, %s\n", certfile);
- goto end;
- }
+ /*
+ * since we are just checking the certificates, it is ok if they
+ * are self signed. But we should still warn the user.
+ */
- /* This loads from a file, a stack of x509/crl/pkey sets */
- if (!(sk = PEM_X509_INFO_read_bio(in, NULL, NULL, NULL))) {
- BIO_printf(bio_err, "error reading the file, %s\n", certfile);
- goto end;
- }
+ case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
+ /* Continue after extension errors too */
+ case X509_V_ERR_INVALID_CA:
+ case X509_V_ERR_INVALID_NON_CA:
+ case X509_V_ERR_PATH_LENGTH_EXCEEDED:
+ case X509_V_ERR_INVALID_PURPOSE:
+ case X509_V_ERR_CRL_HAS_EXPIRED:
+ case X509_V_ERR_CRL_NOT_YET_VALID:
+ case X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION:
+ ok = 1;
- /* scan over it and pull out the certs */
- while (sk_X509_INFO_num(sk)) {
- xi = sk_X509_INFO_shift(sk);
- if (xi->x509 != NULL) {
- sk_X509_push(stack, xi->x509);
- xi->x509 = NULL;
}
- X509_INFO_free(xi);
- }
- if (!sk_X509_num(stack)) {
- BIO_printf(bio_err, "no certificates in file, %s\n", certfile);
- sk_X509_free(stack);
- goto end;
- }
- ret = stack;
- end:
- BIO_free(in);
- sk_X509_INFO_free(sk);
- return (ret);
-}
-static int MS_CALLBACK cb(int ok, X509_STORE_CTX *ctx)
-{
- char buf[256];
-
- if (!ok) {
- if (ctx->current_cert) {
- X509_NAME_oneline(X509_get_subject_name(ctx->current_cert), buf,
- sizeof buf);
- printf("%s\n", buf);
- }
- printf("error %d at %d depth lookup:%s\n", ctx->error,
- ctx->error_depth, X509_verify_cert_error_string(ctx->error));
- if (ctx->error == X509_V_ERR_CERT_HAS_EXPIRED)
- ok = 1;
- /*
- * since we are just checking the certificates, it is ok if they are
- * self signed. But we should still warn the user.
- */
- if (ctx->error == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT)
- ok = 1;
- /* Continue after extension errors too */
- if (ctx->error == X509_V_ERR_INVALID_CA)
- ok = 1;
- if (ctx->error == X509_V_ERR_INVALID_NON_CA)
- ok = 1;
- if (ctx->error == X509_V_ERR_PATH_LENGTH_EXCEEDED)
- ok = 1;
- if (ctx->error == X509_V_ERR_INVALID_PURPOSE)
- ok = 1;
- if (ctx->error == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT)
- ok = 1;
- if (ctx->error == X509_V_ERR_CRL_HAS_EXPIRED)
- ok = 1;
- if (ctx->error == X509_V_ERR_CRL_NOT_YET_VALID)
- ok = 1;
- if (ctx->error == X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION)
- ok = 1;
-
- if (ctx->error == X509_V_ERR_NO_EXPLICIT_POLICY)
- policies_print(NULL, ctx);
return ok;
}
- if ((ctx->error == X509_V_OK) && (ok == 2))
+ if (cert_error == X509_V_OK && ok == 2)
policies_print(NULL, ctx);
if (!v_verbose)
ERR_clear_error();
Copied: trunk/crypto/openssl/apps/vms_decc_init.c (from rev 7117, vendor-crypto/openssl/dist/apps/vms_decc_init.c)
===================================================================
--- trunk/crypto/openssl/apps/vms_decc_init.c (rev 0)
+++ trunk/crypto/openssl/apps/vms_decc_init.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,172 @@
+#if defined( __VMS) && !defined( OPENSSL_NO_DECC_INIT) && \
+ defined( __DECC) && !defined( __VAX) && (__CRTL_VER >= 70301000)
+# define USE_DECC_INIT 1
+#endif
+
+#ifdef USE_DECC_INIT
+
+/*-
+ * 2010-04-26 SMS.
+ *
+ *----------------------------------------------------------------------
+ *
+ * decc_init()
+ *
+ * On non-VAX systems, uses LIB$INITIALIZE to set a collection of C
+ * RTL features without using the DECC$* logical name method.
+ *
+ *----------------------------------------------------------------------
+ */
+
+# include <stdio.h>
+# include <stdlib.h>
+# include <unixlib.h>
+
+/* Global storage. */
+
+/* Flag to sense if decc_init() was called. */
+
+int decc_init_done = -1;
+
+/* Structure to hold a DECC$* feature name and its desired value. */
+
+typedef struct {
+ char *name;
+ int value;
+} decc_feat_t;
+
+/*
+ * Array of DECC$* feature names and their desired values. Note:
+ * DECC$ARGV_PARSE_STYLE is the urgent one.
+ */
+
+decc_feat_t decc_feat_array[] = {
+ /* Preserve command-line case with SET PROCESS/PARSE_STYLE=EXTENDED */
+ {"DECC$ARGV_PARSE_STYLE", 1},
+
+ /* Preserve case for file names on ODS5 disks. */
+ {"DECC$EFS_CASE_PRESERVE", 1},
+
+ /*
+ * Enable multiple dots (and most characters) in ODS5 file names, while
+ * preserving VMS-ness of ";version".
+ */
+ {"DECC$EFS_CHARSET", 1},
+
+ /* List terminator. */
+ {(char *)NULL, 0}
+};
+
+/* LIB$INITIALIZE initialization function. */
+
+static void decc_init(void)
+{
+ char *openssl_debug_decc_init;
+ int verbose = 0;
+ int feat_index;
+ int feat_value;
+ int feat_value_max;
+ int feat_value_min;
+ int i;
+ int sts;
+
+ /* Get debug option. */
+ openssl_debug_decc_init = getenv("OPENSSL_DEBUG_DECC_INIT");
+ if (openssl_debug_decc_init != NULL) {
+ verbose = strtol(openssl_debug_decc_init, NULL, 10);
+ if (verbose <= 0) {
+ verbose = 1;
+ }
+ }
+
+ /* Set the global flag to indicate that LIB$INITIALIZE worked. */
+ decc_init_done = 1;
+
+ /* Loop through all items in the decc_feat_array[]. */
+
+ for (i = 0; decc_feat_array[i].name != NULL; i++) {
+ /* Get the feature index. */
+ feat_index = decc$feature_get_index(decc_feat_array[i].name);
+ if (feat_index >= 0) {
+ /* Valid item. Collect its properties. */
+ feat_value = decc$feature_get_value(feat_index, 1);
+ feat_value_min = decc$feature_get_value(feat_index, 2);
+ feat_value_max = decc$feature_get_value(feat_index, 3);
+
+ /* Check the validity of our desired value. */
+ if ((decc_feat_array[i].value >= feat_value_min) &&
+ (decc_feat_array[i].value <= feat_value_max)) {
+ /* Valid value. Set it if necessary. */
+ if (feat_value != decc_feat_array[i].value) {
+ sts = decc$feature_set_value(feat_index,
+ 1, decc_feat_array[i].value);
+
+ if (verbose > 1) {
+ fprintf(stderr, " %s = %d, sts = %d.\n",
+ decc_feat_array[i].name,
+ decc_feat_array[i].value, sts);
+ }
+ }
+ } else {
+ /* Invalid DECC feature value. */
+ fprintf(stderr,
+ " INVALID DECC$FEATURE VALUE, %d: %d <= %s <= %d.\n",
+ feat_value,
+ feat_value_min, decc_feat_array[i].name,
+ feat_value_max);
+ }
+ } else {
+ /* Invalid DECC feature name. */
+ fprintf(stderr,
+ " UNKNOWN DECC$FEATURE: %s.\n", decc_feat_array[i].name);
+ }
+ }
+
+ if (verbose > 0) {
+ fprintf(stderr, " DECC_INIT complete.\n");
+ }
+}
+
+/* Get "decc_init()" into a valid, loaded LIB$INITIALIZE PSECT. */
+
+# pragma nostandard
+
+/*
+ * Establish the LIB$INITIALIZE PSECTs, with proper alignment and other
+ * attributes. Note that "nopic" is significant only on VAX.
+ */
+# pragma extern_model save
+
+# if __INITIAL_POINTER_SIZE == 64
+# define PSECT_ALIGN 3
+# else
+# define PSECT_ALIGN 2
+# endif
+
+# pragma extern_model strict_refdef "LIB$INITIALIZ" PSECT_ALIGN, nopic, nowrt
+const int spare[8] = { 0 };
+
+# pragma extern_model strict_refdef "LIB$INITIALIZE" PSECT_ALIGN, nopic, nowrt
+void (*const x_decc_init) () = decc_init;
+
+# pragma extern_model restore
+
+/* Fake reference to ensure loading the LIB$INITIALIZE PSECT. */
+
+# pragma extern_model save
+
+int LIB$INITIALIZE(void);
+
+# pragma extern_model strict_refdef
+int dmy_lib$initialize = (int)LIB$INITIALIZE;
+
+# pragma extern_model restore
+
+# pragma standard
+
+#else /* def USE_DECC_INIT */
+
+/* Dummy code to avoid a %CC-W-EMPTYFILE complaint. */
+int decc_init_dummy(void);
+
+#endif /* def USE_DECC_INIT */
Modified: trunk/crypto/openssl/apps/x509.c
===================================================================
--- trunk/crypto/openssl/apps/x509.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/apps/x509.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -99,7 +99,13 @@
" -passin arg - private key password source\n",
" -serial - print serial number value\n",
" -subject_hash - print subject hash value\n",
+#ifndef OPENSSL_NO_MD5
+ " -subject_hash_old - print old-style (MD5) subject hash value\n",
+#endif
" -issuer_hash - print issuer hash value\n",
+#ifndef OPENSSL_NO_MD5
+ " -issuer_hash_old - print old-style (MD5) issuer hash value\n",
+#endif
" -hash - synonym for -subject_hash\n",
" -subject - print subject DN\n",
" -issuer - print issuer DN\n",
@@ -151,7 +157,8 @@
static int sign(X509 *x, EVP_PKEY *pkey, int days, int clrext,
const EVP_MD *digest, CONF *conf, char *section);
static int x509_certify(X509_STORE *ctx, char *CAfile, const EVP_MD *digest,
- X509 *x, X509 *xca, EVP_PKEY *pkey, char *serial,
+ X509 *x, X509 *xca, EVP_PKEY *pkey,
+ STACK_OF(OPENSSL_STRING) *sigopts, char *serial,
int create, int days, int clrext, CONF *conf,
char *section, ASN1_INTEGER *sno);
static int purpose_print(BIO *bio, X509 *cert, X509_PURPOSE *pt);
@@ -166,6 +173,7 @@
X509_REQ *req = NULL;
X509 *x = NULL, *xca = NULL;
ASN1_OBJECT *objtmp;
+ STACK_OF(OPENSSL_STRING) *sigopts = NULL;
EVP_PKEY *Upkey = NULL, *CApkey = NULL;
ASN1_INTEGER *sno = NULL;
int i, num, badops = 0;
@@ -180,6 +188,9 @@
0, enddate = 0;
int next_serial = 0;
int subject_hash = 0, issuer_hash = 0, ocspid = 0;
+#ifndef OPENSSL_NO_MD5
+ int subject_hash_old = 0, issuer_hash_old = 0;
+#endif
int noout = 0, sign_flag = 0, CA_flag = 0, CA_createserial = 0, email = 0;
int ocsp_uri = 0;
int trustout = 0, clrtrust = 0, clrreject = 0, aliasout = 0, clrext = 0;
@@ -191,7 +202,7 @@
X509_REQ *rq = NULL;
int fingerprint = 0;
char buf[256];
- const EVP_MD *md_alg, *digest = EVP_sha1();
+ const EVP_MD *md_alg, *digest = NULL;
CONF *extconf = NULL;
char *extsect = NULL, *extfile = NULL, *passin = NULL, *passargin = NULL;
int need_rand = 0;
@@ -227,7 +238,7 @@
ctx = X509_STORE_new();
if (ctx == NULL)
goto end;
- X509_STORE_set_verify_cb_func(ctx, callb);
+ X509_STORE_set_verify_cb(ctx, callb);
argc--;
argv++;
@@ -256,12 +267,19 @@
if (--argc < 1)
goto bad;
CAkeyformat = str2fmt(*(++argv));
+ } else if (strcmp(*argv, "-sigopt") == 0) {
+ if (--argc < 1)
+ goto bad;
+ if (!sigopts)
+ sigopts = sk_OPENSSL_STRING_new_null();
+ if (!sigopts || !sk_OPENSSL_STRING_push(sigopts, *(++argv)))
+ goto bad;
} else if (strcmp(*argv, "-days") == 0) {
if (--argc < 1)
goto bad;
days = atoi(*(++argv));
if (days == 0) {
- BIO_printf(STDout, "bad number of days\n");
+ BIO_printf(bio_err, "bad number of days\n");
goto bad;
}
} else if (strcmp(*argv, "-passin") == 0) {
@@ -376,8 +394,16 @@
else if (strcmp(*argv, "-hash") == 0
|| strcmp(*argv, "-subject_hash") == 0)
subject_hash = ++num;
+#ifndef OPENSSL_NO_MD5
+ else if (strcmp(*argv, "-subject_hash_old") == 0)
+ subject_hash_old = ++num;
+#endif
else if (strcmp(*argv, "-issuer_hash") == 0)
issuer_hash = ++num;
+#ifndef OPENSSL_NO_MD5
+ else if (strcmp(*argv, "-issuer_hash_old") == 0)
+ issuer_hash_old = ++num;
+#endif
else if (strcmp(*argv, "-subject") == 0)
subject = ++num;
else if (strcmp(*argv, "-issuer") == 0)
@@ -578,7 +604,7 @@
goto end;
X509_gmtime_adj(X509_get_notBefore(x), 0);
- X509_gmtime_adj(X509_get_notAfter(x), (long)60 * 60 * 24 * days);
+ X509_time_adj_ex(X509_get_notAfter(x), days, 0, NULL);
pkey = X509_REQ_get_pubkey(req);
X509_set_pubkey(x, pkey);
@@ -670,13 +696,14 @@
BIO_puts(out, "\n");
} else if ((email == i) || (ocsp_uri == i)) {
int j;
- STACK *emlst;
+ STACK_OF(OPENSSL_STRING) *emlst;
if (email == i)
emlst = X509_get1_email(x);
else
emlst = X509_get1_ocsp(x);
- for (j = 0; j < sk_num(emlst); j++)
- BIO_printf(STDout, "%s\n", sk_value(emlst, j));
+ for (j = 0; j < sk_OPENSSL_STRING_num(emlst); j++)
+ BIO_printf(STDout, "%s\n",
+ sk_OPENSSL_STRING_value(emlst, j));
X509_email_free(emlst);
} else if (aliasout == i) {
unsigned char *alstr;
@@ -687,9 +714,21 @@
BIO_puts(STDout, "<No Alias>\n");
} else if (subject_hash == i) {
BIO_printf(STDout, "%08lx\n", X509_subject_name_hash(x));
- } else if (issuer_hash == i) {
+ }
+#ifndef OPENSSL_NO_MD5
+ else if (subject_hash_old == i) {
+ BIO_printf(STDout, "%08lx\n", X509_subject_name_hash_old(x));
+ }
+#endif
+ else if (issuer_hash == i) {
BIO_printf(STDout, "%08lx\n", X509_issuer_name_hash(x));
- } else if (pprint == i) {
+ }
+#ifndef OPENSSL_NO_MD5
+ else if (issuer_hash_old == i) {
+ BIO_printf(STDout, "%08lx\n", X509_issuer_name_hash_old(x));
+ }
+#endif
+ else if (pprint == i) {
X509_PURPOSE *ptmp;
int j;
BIO_printf(STDout, "Certificate purposes:\n");
@@ -744,6 +783,11 @@
z = i2d_X509(x, NULL);
m = OPENSSL_malloc(z);
+ if (!m) {
+ BIO_printf(bio_err, "Out of memory\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
d = (unsigned char *)m;
z = i2d_X509_NAME(X509_get_subject_name(x), &d);
@@ -786,7 +830,7 @@
OPENSSL_free(m);
} else if (text == i) {
- X509_print_ex(out, x, nmflag, certflag);
+ X509_print_ex(STDout, x, nmflag, certflag);
} else if (startdate == i) {
BIO_puts(STDout, "notBefore=");
ASN1_TIME_print(STDout, X509_get_notBefore(x));
@@ -799,13 +843,17 @@
int j;
unsigned int n;
unsigned char md[EVP_MAX_MD_SIZE];
+ const EVP_MD *fdig = digest;
- if (!X509_digest(x, digest, md, &n)) {
+ if (!fdig)
+ fdig = EVP_sha1();
+
+ if (!X509_digest(x, fdig, md, &n)) {
BIO_printf(bio_err, "out of memory\n");
goto end;
}
BIO_printf(STDout, "%s Fingerprint=",
- OBJ_nid2sn(EVP_MD_type(digest)));
+ OBJ_nid2sn(EVP_MD_type(fdig)));
for (j = 0; j < (int)n; j++) {
BIO_printf(STDout, "%02X%c", md[j], (j + 1 == (int)n)
? '\n' : ':');
@@ -822,14 +870,6 @@
if (Upkey == NULL)
goto end;
}
-#ifndef OPENSSL_NO_DSA
- if (Upkey->type == EVP_PKEY_DSA)
- digest = EVP_dss1();
-#endif
-#ifndef OPENSSL_NO_ECDSA
- if (Upkey->type == EVP_PKEY_EC)
- digest = EVP_ecdsa();
-#endif
assert(need_rand);
if (!sign(x, Upkey, days, clrext, digest, extconf, extsect))
@@ -843,19 +883,12 @@
if (CApkey == NULL)
goto end;
}
-#ifndef OPENSSL_NO_DSA
- if (CApkey->type == EVP_PKEY_DSA)
- digest = EVP_dss1();
-#endif
-#ifndef OPENSSL_NO_ECDSA
- if (CApkey->type == EVP_PKEY_EC)
- digest = EVP_ecdsa();
-#endif
assert(need_rand);
if (!x509_certify(ctx, CAfile, digest, x, xca,
- CApkey, CAserial, CA_createserial, days,
- clrext, extconf, extsect, sno))
+ CApkey, sigopts,
+ CAserial, CA_createserial, days, clrext,
+ extconf, extsect, sno))
goto end;
} else if (x509req == i) {
EVP_PKEY *pk;
@@ -874,15 +907,6 @@
BIO_printf(bio_err, "Generating certificate request\n");
-#ifndef OPENSSL_NO_DSA
- if (pk->type == EVP_PKEY_DSA)
- digest = EVP_dss1();
-#endif
-#ifndef OPENSSL_NO_ECDSA
- if (pk->type == EVP_PKEY_EC)
- digest = EVP_ecdsa();
-#endif
-
rq = X509_to_X509_REQ(x, pk, digest);
EVP_PKEY_free(pk);
if (rq == NULL) {
@@ -926,16 +950,15 @@
else
i = PEM_write_bio_X509(out, x);
} else if (outformat == FORMAT_NETSCAPE) {
- ASN1_HEADER ah;
- ASN1_OCTET_STRING os;
+ NETSCAPE_X509 nx;
+ ASN1_OCTET_STRING hdr;
- os.data = (unsigned char *)NETSCAPE_CERT_HDR;
- os.length = strlen(NETSCAPE_CERT_HDR);
- ah.header = &os;
- ah.data = (char *)x;
- ah.meth = X509_asn1_meth();
+ hdr.data = (unsigned char *)NETSCAPE_CERT_HDR;
+ hdr.length = strlen(NETSCAPE_CERT_HDR);
+ nx.header = &hdr;
+ nx.cert = x;
- i = ASN1_i2d_bio_of(ASN1_HEADER, i2d_ASN1_HEADER, out, &ah);
+ i = ASN1_item_i2d_bio(ASN1_ITEM_rptr(NETSCAPE_X509), out, &nx);
} else {
BIO_printf(bio_err, "bad output format specified for outfile\n");
goto end;
@@ -959,6 +982,8 @@
X509_free(xca);
EVP_PKEY_free(Upkey);
EVP_PKEY_free(CApkey);
+ if (sigopts)
+ sk_OPENSSL_STRING_free(sigopts);
X509_REQ_free(rq);
ASN1_INTEGER_free(sno);
sk_ASN1_OBJECT_pop_free(trust, ASN1_OBJECT_free);
@@ -1016,9 +1041,11 @@
}
static int x509_certify(X509_STORE *ctx, char *CAfile, const EVP_MD *digest,
- X509 *x, X509 *xca, EVP_PKEY *pkey, char *serialfile,
- int create, int days, int clrext, CONF *conf,
- char *section, ASN1_INTEGER *sno)
+ X509 *x, X509 *xca, EVP_PKEY *pkey,
+ STACK_OF(OPENSSL_STRING) *sigopts,
+ char *serialfile, int create,
+ int days, int clrext, CONF *conf, char *section,
+ ASN1_INTEGER *sno)
{
int ret = 0;
ASN1_INTEGER *bs = NULL;
@@ -1064,8 +1091,7 @@
goto end;
/* hardwired expired */
- if (X509_gmtime_adj(X509_get_notAfter(x), (long)60 * 60 * 24 * days) ==
- NULL)
+ if (X509_time_adj_ex(X509_get_notAfter(x), days, 0, NULL) == NULL)
goto end;
if (clrext) {
@@ -1082,7 +1108,7 @@
goto end;
}
- if (!X509_sign(x, pkey, digest))
+ if (!do_X509_sign(bio_err, x, pkey, digest, sigopts))
goto end;
ret = 1;
end:
Modified: trunk/crypto/openssl/config
===================================================================
--- trunk/crypto/openssl/config 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/config 2015-07-21 23:23:45 UTC (rev 7118)
@@ -29,7 +29,7 @@
for i
do
case "$i" in
--d) PREFIX="debug-";;
+-d*) PREFIX="debug-";;
-t*) TEST="true";;
-h*) TEST="true"; cat <<EOF
Usage: config [options]
@@ -122,6 +122,14 @@
echo "${MACHINE}-ibm-aix3"; exit 0
;;
+ BeOS:*:BePC)
+ if [ -e /boot/develop/headers/be/bone ]; then
+ echo "beos-x86-bone"; exit 0
+ else
+ echo "beos-x86-r5"; exit 0
+ fi
+ ;;
+
dgux:*)
echo "${MACHINE}-dg-dgux"; exit 0
;;
@@ -270,7 +278,7 @@
echo "ppc-apple-darwin${VERSION}"
;;
*)
- echo "i386-apple-darwin${VERSION}"
+ echo "i686-apple-darwin${VERSION}"
;;
esac
exit 0
@@ -362,6 +370,10 @@
NONSTOP_KERNEL*)
echo "nsr-tandem-nsk"; exit 0;
;;
+
+ vxworks*)
+ echo "${MACHINE}-whatever-vxworks"; exit 0;
+ ;;
esac
#
@@ -399,23 +411,18 @@
# this is where the translation occurs into SSLeay terms
# ---------------------------------------------------------------------------
-GCCVER=`(gcc -dumpversion) 2>/dev/null`
-if [ "$GCCVER" != "" ]; then
- # then strip off whatever prefix egcs prepends the number with...
- # Hopefully, this will work for any future prefixes as well.
- GCCVER=`echo $GCCVER | LC_ALL=C sed 's/^[a-zA-Z]*\-//'`
- # Since gcc 3.1 gcc --version behaviour has changed. gcc -dumpversion
- # does give us what we want though, so we use that. We just just the
- # major and minor version numbers.
- # peak single digit before and after first dot, e.g. 2.95.1 gives 29
- GCCVER=`echo $GCCVER | sed 's/\([0-9]\)\.\([0-9]\).*/\1\2/'`
-fi
-
# Only set CC if not supplied already
-if [ -z "$CC" ]; then
-# figure out if gcc is available and if so we use it otherwise
-# we fallback to whatever cc does on the system
+if [ -z "$CROSS_COMPILE$CC" ]; then
+ GCCVER=`sh -c "gcc -dumpversion" 2>/dev/null`
if [ "$GCCVER" != "" ]; then
+ # then strip off whatever prefix egcs prepends the number with...
+ # Hopefully, this will work for any future prefixes as well.
+ GCCVER=`echo $GCCVER | LC_ALL=C sed 's/^[a-zA-Z]*\-//'`
+ # Since gcc 3.1 gcc --version behaviour has changed. gcc -dumpversion
+ # does give us what we want though, so we use that. We just just the
+ # major and minor version numbers.
+ # peak single digit before and after first dot, e.g. 2.95.1 gives 29
+ GCCVER=`echo $GCCVER | sed 's/\([0-9]\)\.\([0-9]\).*/\1\2/'`
CC=gcc
else
CC=cc
@@ -488,6 +495,12 @@
# script above so we end up with values in vars but that would take
# more time that I want to waste at the moment
case "$GUESSOS" in
+ uClinux*64*)
+ OUT=uClinux-dist64
+ ;;
+ uClinux*)
+ OUT=uClinux-dist
+ ;;
mips2-sgi-irix)
CPU=`(hinv -t cpu) 2>/dev/null | head -1 | sed 's/^CPU:[^R]*R\([0-9]*\).*/\1/'`
CPU=${CPU:-0}
@@ -523,8 +536,42 @@
OUT="irix-mips3-$CC"
;;
ppc-apple-rhapsody) OUT="rhapsody-ppc-cc" ;;
- ppc-apple-darwin*) OUT="darwin-ppc-cc" ;;
- i386-apple-darwin*) OUT="darwin-i386-cc" ;;
+ ppc-apple-darwin*)
+ ISA64=`(sysctl -n hw.optional.64bitops) 2>/dev/null`
+ if [ "$ISA64" = "1" -a -z "$KERNEL_BITS" ]; then
+ echo "WARNING! If you wish to build 64-bit library, then you have to"
+ echo " invoke './Configure darwin64-ppc-cc' *manually*."
+ if [ "$TEST" = "false" -a -t 1 ]; then
+ echo " You have about 5 seconds to press Ctrl-C to abort."
+ (trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1
+ fi
+ fi
+ if [ "$ISA64" = "1" -a "$KERNEL_BITS" = "64" ]; then
+ OUT="darwin64-ppc-cc"
+ else
+ OUT="darwin-ppc-cc"
+ fi ;;
+ i?86-apple-darwin*)
+ ISA64=`(sysctl -n hw.optional.x86_64) 2>/dev/null`
+ if [ "$ISA64" = "1" -a -z "$KERNEL_BITS" ]; then
+ echo "WARNING! If you wish to build 64-bit library, then you have to"
+ echo " invoke './Configure darwin64-x86_64-cc' *manually*."
+ if [ "$TEST" = "false" -a -t 1 ]; then
+ echo " You have about 5 seconds to press Ctrl-C to abort."
+ (trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1
+ fi
+ fi
+ if [ "$ISA64" = "1" -a "$KERNEL_BITS" = "64" ]; then
+ OUT="darwin64-x86_64-cc"
+ else
+ OUT="darwin-i386-cc"
+ fi ;;
+ armv6+7-*-iphoneos)
+ options="$options -arch%20armv6 -arch%20armv7"
+ OUT="iphoneos-cross" ;;
+ *-*-iphoneos)
+ options="$options -arch%20${MACHINE}"
+ OUT="iphoneos-cross" ;;
alpha-*-linux2)
ISA=`awk '/cpu model/{print$4;exit(0);}' /proc/cpuinfo`
case ${ISA:-generic} in
@@ -549,6 +596,11 @@
OUT="linux-ppc"
;;
ppc-*-linux2) OUT="linux-ppc" ;;
+ ppc60x-*-vxworks*) OUT="vxworks-ppc60x" ;;
+ ppcgen-*-vxworks*) OUT="vxworks-ppcgen" ;;
+ pentium-*-vxworks*) OUT="vxworks-pentium" ;;
+ simlinux-*-vxworks*) OUT="vxworks-simlinux" ;;
+ mips-*-vxworks*) OUT="vxworks-mips";;
ia64-*-linux?) OUT="linux-ia64" ;;
sparc64-*-linux2)
echo "WARNING! If you *know* that your GNU C supports 64-bit/V9 ABI"
@@ -589,13 +641,25 @@
options="$options -DB_ENDIAN -mschedule=$CPUSCHEDULE -march=$CPUARCH"
OUT="linux-generic32" ;;
- arm*b-*-linux2) OUT="linux-generic32"; options="$options -DB_ENDIAN" ;;
- arm*l-*-linux2) OUT="linux-generic32"; options="$options -DL_ENDIAN" ;;
+ armv[1-3]*-*-linux2) OUT="linux-generic32" ;;
+ armv[7-9]*-*-linux2) OUT="linux-armv4"; options="$options -march=armv7-a" ;;
+ arm*-*-linux2) OUT="linux-armv4" ;;
sh*b-*-linux2) OUT="linux-generic32"; options="$options -DB_ENDIAN" ;;
sh*-*-linux2) OUT="linux-generic32"; options="$options -DL_ENDIAN" ;;
m68k*-*-linux2) OUT="linux-generic32"; options="$options -DB_ENDIAN" ;;
- s390-*-linux2) OUT="linux-generic32"; options="$options -DB_ENDIAN -DNO_ASM" ;;
- s390x-*-linux2) OUT="linux-generic64"; options="$options -DB_ENDIAN" ;;
+ s390-*-linux2) OUT="linux-generic32"; options="$options -DB_ENDIAN" ;;
+ s390x-*-linux2)
+ # To be uncommented when glibc bug is fixed, see Configure...
+ #if egrep -e '^features.* highgprs' /proc/cpuinfo >/dev/null ; then
+ # echo "WARNING! If you wish to build \"highgprs\" 32-bit library, then you"
+ # echo " have to invoke './Configure linux32-s390x' *manually*."
+ # if [ "$TEST" = "false" -a -t -1 ]; then
+ # echo " You have about 5 seconds to press Ctrl-C to abort."
+ # (trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1
+ # fi
+ #fi
+ OUT="linux64-s390x"
+ ;;
x86_64-*-linux?) OUT="linux-x86_64" ;;
*86-*-linux2) OUT="linux-elf"
if [ "$GCCVER" -gt 28 ]; then
@@ -614,7 +678,7 @@
sun4[uv]*-*-solaris2)
OUT="solaris-sparcv9-$CC"
ISA64=`(isalist) 2>/dev/null | grep sparcv9`
- if [ "$ISA64" != "" ]; then
+ if [ "$ISA64" != "" -a "$KERNEL_BITS" = "" ]; then
if [ "$CC" = "cc" -a $CCVER -ge 50 ]; then
echo "WARNING! If you wish to build 64-bit library, then you have to"
echo " invoke './Configure solaris64-sparcv9-cc' *manually*."
@@ -644,6 +708,9 @@
fi
fi
fi
+ if [ "$ISA64" != "" -a "$KERNEL_BITS" = "64" ]; then
+ OUT="solaris64-sparcv9-$CC"
+ fi
;;
sun4m-*-solaris2) OUT="solaris-sparcv8-$CC" ;;
sun4d-*-solaris2) OUT="solaris-sparcv8-$CC" ;;
@@ -650,7 +717,7 @@
sun4*-*-solaris2) OUT="solaris-sparcv7-$CC" ;;
*86*-*-solaris2)
ISA64=`(isalist) 2>/dev/null | grep amd64`
- if [ "$ISA64" != "" ]; then
+ if [ "$ISA64" != "" -a ${KERNEL_BITS:-64} -eq 64 ]; then
OUT="solaris64-x86_64-$CC"
else
OUT="solaris-x86-$CC"
@@ -672,7 +739,7 @@
libc=/usr/lib/libc.so
else # OpenBSD
# ld searches for highest libc.so.* and so do we
- libc=`(ls /usr/lib/libc.so.* | tail -1) 2>/dev/null`
+ libc=`(ls /usr/lib/libc.so.* /lib/libc.so.* | tail -1) 2>/dev/null`
fi
case "`(file -L $libc) 2>/dev/null`" in
*ELF*) OUT="BSD-x86-elf" ;;
@@ -702,20 +769,17 @@
if [ $CC = "gcc" -a $GCC_BITS = "64" ]; then
OUT="hpux64-parisc2-gcc"
fi
- KERNEL_BITS=`(getconf KERNEL_BITS) 2>/dev/null`
+ [ "$KERNEL_BITS" ] || KERNEL_BITS=`(getconf KERNEL_BITS) 2>/dev/null`
KERNEL_BITS=${KERNEL_BITS:-32}
CPU_VERSION=`(getconf CPU_VERSION) 2>/dev/null`
CPU_VERSION=${CPU_VERSION:-0}
# See <sys/unistd.h> for further info on CPU_VERSION.
if [ $CPU_VERSION -ge 768 ]; then # IA-64 CPU
- echo "WARNING! 64-bit ABI is the default configured ABI on HP-UXi."
- echo " If you wish to build 32-bit library, the you have to"
- echo " invoke './Configure hpux-ia64-cc' *manually*."
- if [ "$TEST" = "false" -a -t 1 ]; then
- echo " You have about 5 seconds to press Ctrl-C to abort."
- (trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1
- fi
- OUT="hpux64-ia64-cc"
+ if [ $KERNEL_BITS -eq 64 -a "$CC" = "cc" ]; then
+ OUT="hpux64-ia64-cc"
+ else
+ OUT="hpux-ia64-cc"
+ fi
elif [ $CPU_VERSION -ge 532 ]; then # PA-RISC 2.x CPU
OUT=${OUT:-"hpux-parisc2-${CC}"}
if [ $KERNEL_BITS -eq 64 -a "$CC" = "cc" ]; then
@@ -736,7 +800,7 @@
options="$options -D_REENTRANT" ;;
*-hpux) OUT="hpux-parisc-$CC" ;;
*-aix)
- KERNEL_BITS=`(getconf KERNEL_BITMODE) 2>/dev/null`
+ [ "$KERNEL_BITS" ] || KERNEL_BITS=`(getconf KERNEL_BITMODE) 2>/dev/null`
KERNEL_BITS=${KERNEL_BITS:-32}
OBJECT_MODE=${OBJECT_MODE:-32}
if [ "$CC" = "gcc" ]; then
@@ -773,8 +837,11 @@
t3e-cray-unicosmk) OUT="cray-t3e" ;;
j90-cray-unicos) OUT="cray-j90" ;;
nsr-tandem-nsk) OUT="tandem-c89" ;;
+ beos-*) OUT="$GUESSOS" ;;
x86pc-*-qnx6) OUT="QNX6-i386" ;;
*-*-qnx6) OUT="QNX6" ;;
+ x86-*-android|i?86-*-android) OUT="android-x86" ;;
+ armv[7-9]*-*-android) OUT="android-armv7" ;;
*) OUT=`echo $GUESSOS | awk -F- '{print $3}'`;;
esac
@@ -790,9 +857,11 @@
# options="$options -DATALLA"
#fi
-($CC -Wa,--help -c -o /dev/null -x assembler /dev/null 2>&1 | \
- grep \\--noexecstack) 2>&1 > /dev/null && \
+if expr "$options" : '.*no\-asm' > /dev/null; then :; else
+ sh -c "$CROSS_COMPILE${CC:-gcc} -Wa,--help -c -o /tmp/null.$$.o -x assembler /dev/null && rm /tmp/null.$$.o" 2>&1 | \
+ grep \\--noexecstack >/dev/null && \
options="$options -Wa,--noexecstack"
+fi
# gcc < 2.8 does not support -march=ultrasparc
if [ "$OUT" = solaris-sparcv9-gcc -a $GCCVER -lt 28 ]
Modified: trunk/crypto/openssl/crypto/LPdir_vms.c
===================================================================
--- trunk/crypto/openssl/crypto/LPdir_vms.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/LPdir_vms.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -39,21 +39,17 @@
#ifndef LPDIR_H
# include "LPdir.h"
#endif
+#include "vms_rms.h"
-/* Because some compiler options hide this macor */
+/* Some compiler options hide EVMSERR. */
#ifndef EVMSERR
-# define EVMSERR 65535 /* error for non-translatable VMS errors */
+# define EVMSERR 65535 /* error for non-translatable VMS errors */
#endif
struct LP_dir_context_st {
unsigned long VMS_context;
-#ifdef NAML$C_MAXRSS
- char filespec[NAML$C_MAXRSS + 1];
- char result[NAML$C_MAXRSS + 1];
-#else
- char filespec[256];
- char result[256];
-#endif
+ char filespec[NAMX_MAXRSS + 1];
+ char result[NAMX_MAXRSS + 1];
struct dsc$descriptor_d filespec_dsc;
struct dsc$descriptor_d result_dsc;
};
@@ -64,6 +60,16 @@
char *p, *r;
size_t l;
unsigned long flags = 0;
+
+/* Arrange 32-bit pointer to (copied) string storage, if needed. */
+#if __INITIAL_POINTER_SIZE == 64
+# pragma pointer_size save
+# pragma pointer_size 32
+ char *ctx_filespec_32p;
+# pragma pointer_size restore
+ char ctx_filespec_32[NAMX_MAXRSS + 1];
+#endif /* __INITIAL_POINTER_SIZE == 64 */
+
#ifdef NAML$C_MAXRSS
flags |= LIB$M_FIL_LONG_NAMES;
#endif
@@ -93,13 +99,7 @@
filespeclen += 4; /* "*.*;" */
- if (filespeclen >
-#ifdef NAML$C_MAXRSS
- NAML$C_MAXRSS
-#else
- 255
-#endif
- ) {
+ if (filespeclen > NAMX_MAXRSS) {
errno = ENAMETOOLONG;
return 0;
}
@@ -113,14 +113,21 @@
strcpy((*ctx)->filespec, directory);
strcat((*ctx)->filespec, "*.*;");
+
+/* Arrange 32-bit pointer to (copied) string storage, if needed. */
+#if __INITIAL_POINTER_SIZE == 64
+# define CTX_FILESPEC ctx_filespec_32p
+ /* Copy the file name to storage with a 32-bit pointer. */
+ ctx_filespec_32p = ctx_filespec_32;
+ strcpy(ctx_filespec_32p, (*ctx)->filespec);
+#else /* __INITIAL_POINTER_SIZE == 64 */
+# define CTX_FILESPEC (*ctx)->filespec
+#endif /* __INITIAL_POINTER_SIZE == 64 [else] */
+
(*ctx)->filespec_dsc.dsc$w_length = filespeclen;
(*ctx)->filespec_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
(*ctx)->filespec_dsc.dsc$b_class = DSC$K_CLASS_S;
- (*ctx)->filespec_dsc.dsc$a_pointer = (*ctx)->filespec;
- (*ctx)->result_dsc.dsc$w_length = 0;
- (*ctx)->result_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
- (*ctx)->result_dsc.dsc$b_class = DSC$K_CLASS_D;
- (*ctx)->result_dsc.dsc$a_pointer = 0;
+ (*ctx)->filespec_dsc.dsc$a_pointer = CTX_FILESPEC;
}
(*ctx)->result_dsc.dsc$w_length = 0;
Modified: trunk/crypto/openssl/crypto/LPdir_win.c
===================================================================
--- trunk/crypto/openssl/crypto/LPdir_win.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/LPdir_win.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -37,7 +37,7 @@
#if defined(LP_SYS_WINCE) && !defined(FindFirstFile)
# define FindFirstFile FindFirstFileW
#endif
-#if defined(LP_SYS_WINCE) && !defined(FindFirstFile)
+#if defined(LP_SYS_WINCE) && !defined(FindNextFile)
# define FindNextFile FindNextFileW
#endif
@@ -53,8 +53,6 @@
const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory)
{
- struct dirent *direntry = NULL;
-
if (ctx == NULL || directory == NULL) {
errno = EINVAL;
return 0;
Modified: trunk/crypto/openssl/crypto/Makefile
===================================================================
--- trunk/crypto/openssl/crypto/Makefile 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/Makefile 2015-07-21 23:23:45 UTC (rev 7118)
@@ -5,9 +5,9 @@
DIR= crypto
TOP= ..
CC= cc
-INCLUDE= -I. -I$(TOP) -I../include
+INCLUDE= -I. -I$(TOP) -I../include $(ZLIB_INCLUDE)
# INCLUDES targets sudbirs!
-INCLUDES= -I.. -I../.. -I../../include
+INCLUDES= -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include $(ZLIB_INCLUDE)
CFLAG= -g
MAKEDEPPROG= makedepend
MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
@@ -17,7 +17,7 @@
RECURSIVE_MAKE= [ -n "$(SDIRS)" ] && for i in $(SDIRS) ; do \
(cd $$i && echo "making $$target in $(DIR)/$$i..." && \
- $(MAKE) -e TOP=../.. DIR=$$i INCLUDES='${INCLUDES}' $$target ) || exit 1; \
+ $(MAKE) -e TOP=../.. DIR=$$i INCLUDES='$(INCLUDES)' $$target ) || exit 1; \
done;
PEX_LIBS=
@@ -26,6 +26,7 @@
CFLAGS= $(INCLUDE) $(CFLAG)
ASFLAGS= $(INCLUDE) $(ASFLAG)
AFLAGS=$(ASFLAGS)
+CPUID_OBJ=mem_clr.o
LIBS=
@@ -34,12 +35,14 @@
LIB= $(TOP)/libcrypto.a
SHARED_LIB= libcrypto$(SHLIB_EXT)
-LIBSRC= cryptlib.c dyn_lck.c mem.c mem_clr.c mem_dbg.c cversion.c ex_data.c tmdiff.c cpt_err.c ebcdic.c uid.c o_time.c o_str.c o_dir.c o_init.c fips_err.c
-LIBOBJ= cryptlib.o dyn_lck.o mem.o mem_clr.o mem_dbg.o cversion.o ex_data.o tmdiff.o cpt_err.o ebcdic.o uid.o o_time.o o_str.o o_dir.o o_init.o fips_err.o $(CPUID_OBJ)
+LIBSRC= cryptlib.c mem.c mem_clr.c mem_dbg.c cversion.c ex_data.c cpt_err.c \
+ ebcdic.c uid.c o_time.c o_str.c o_dir.c o_fips.c o_init.c fips_ers.c
+LIBOBJ= cryptlib.o mem.o mem_dbg.o cversion.o ex_data.o cpt_err.o ebcdic.o \
+ uid.o o_time.o o_str.o o_dir.o o_fips.o o_init.o fips_ers.o $(CPUID_OBJ)
SRC= $(LIBSRC)
-EXHEADER= crypto.h tmdiff.h opensslv.h opensslconf.h ebcdic.h symhacks.h \
+EXHEADER= crypto.h opensslv.h opensslconf.h ebcdic.h symhacks.h \
ossl_typ.h
HEADER= cryptlib.h buildinf.h md32_common.h o_time.h o_str.h o_dir.h \
constant_time_locl.h $(EXHEADER)
@@ -49,36 +52,34 @@
top:
@(cd ..; $(MAKE) DIRS=$(DIR) all)
-all: lib
+all: shared
buildinf.h: ../Makefile
- ( echo "#ifndef MK1MF_BUILD"; \
- echo ' /* auto-generated by crypto/Makefile for crypto/cversion.c */'; \
- echo ' #define CFLAGS "$(CC) $(CFLAG)"'; \
- echo ' #define PLATFORM "$(PLATFORM)"'; \
- echo " #define DATE \"`LC_ALL=C LC_TIME=C date`\""; \
- echo '#endif' ) >buildinf.h
+ $(PERL) $(TOP)/util/mkbuildinf.pl "$(CC) $(CFLAGS)" "$(PLATFORM)" >buildinf.h
-x86cpuid-elf.s: x86cpuid.pl perlasm/x86asm.pl
- $(PERL) x86cpuid.pl elf $(CFLAGS) $(PROCESSOR) > $@
-x86cpuid-cof.s: x86cpuid.pl perlasm/x86asm.pl
- $(PERL) x86cpuid.pl coff $(CFLAGS) $(PROCESSOR) > $@
-x86cpuid-out.s: x86cpuid.pl perlasm/x86asm.pl
- $(PERL) x86cpuid.pl a.out $(CFLAGS) $(PROCESSOR) > $@
+x86cpuid.s: x86cpuid.pl perlasm/x86asm.pl
+ $(PERL) x86cpuid.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
-uplink.o: ../ms/uplink.c
- $(CC) $(CFLAGS) -c -o $@ ../ms/uplink.c
+applink.o: $(TOP)/ms/applink.c
+ $(CC) $(CFLAGS) -c -o $@ $(TOP)/ms/applink.c
-uplink-cof.s: ../ms/uplink.pl
- $(PERL) ../ms/uplink.pl coff > $@
+uplink.o: $(TOP)/ms/uplink.c applink.o
+ $(CC) $(CFLAGS) -c -o $@ $(TOP)/ms/uplink.c
-x86_64cpuid.s: x86_64cpuid.pl
- $(PERL) x86_64cpuid.pl $@
-ia64cpuid.s: ia64cpuid.S
- $(CC) $(CFLAGS) -E ia64cpuid.S > $@
+uplink-x86.s: $(TOP)/ms/uplink-x86.pl
+ $(PERL) $(TOP)/ms/uplink-x86.pl $(PERLASM_SCHEME) > $@
+x86_64cpuid.s: x86_64cpuid.pl; $(PERL) x86_64cpuid.pl $(PERLASM_SCHEME) > $@
+ia64cpuid.s: ia64cpuid.S; $(CC) $(CFLAGS) -E ia64cpuid.S > $@
+ppccpuid.s: ppccpuid.pl; $(PERL) ppccpuid.pl $(PERLASM_SCHEME) $@
+pariscid.s: pariscid.pl; $(PERL) pariscid.pl $(PERLASM_SCHEME) $@
+alphacpuid.s: alphacpuid.pl
+ (preproc=/tmp/$$$$.$@; trap "rm $$preproc" INT; \
+ $(PERL) alphacpuid.pl > $$preproc && \
+ $(CC) -E $$preproc > $@ && rm $$preproc)
+
testapps:
- [ -z "$(THIS)" ] || ( if echo ${SDIRS} | fgrep ' des '; \
+ [ -z "$(THIS)" ] || ( if echo $(SDIRS) | fgrep ' des '; \
then cd des && $(MAKE) -e des; fi )
[ -z "$(THIS)" ] || ( cd pkcs7 && $(MAKE) -e testapps );
@if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
@@ -96,11 +97,12 @@
@$(PERL) $(TOP)/util/mklink.pl ../apps $(APPS)
@target=links; $(RECURSIVE_MAKE)
-# lib: and $(LIB): are splitted to avoid end-less loop
-lib: buildinf.h $(LIB) subdirs
+# lib: $(LIB): are splitted to avoid end-less loop
+lib: $(LIB)
@touch lib
$(LIB): $(LIBOBJ)
- $(ARX) $(LIB) $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
+ [ -z "$(FIPSLIBDIR)" ] || $(AR) $(LIB) $(FIPSLIBDIR)fipscanister.o
$(RANLIB) $(LIB) || echo Never mind.
shared: buildinf.h lib subdirs
@@ -123,12 +125,17 @@
lint:
@target=lint; $(RECURSIVE_MAKE)
-depend:
+update: local_depend
+ @[ -z "$(THIS)" ] || (set -e; target=update; $(RECURSIVE_MAKE) )
+ @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
+
+depend: local_depend
+ @[ -z "$(THIS)" ] || (set -e; target=depend; $(RECURSIVE_MAKE) )
+ @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
+local_depend:
@[ -z "$(THIS)" -o -f buildinf.h ] || touch buildinf.h # fake buildinf.h if it does not exist
@[ -z "$(THIS)" ] || $(MAKEDEPEND) -- $(CFLAG) $(INCLUDE) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
@[ -z "$(THIS)" -o -s buildinf.h ] || rm buildinf.h
- @[ -z "$(THIS)" ] || (set -e; target=depend; $(RECURSIVE_MAKE) )
- @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
clean:
rm -f buildinf.h *.s *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
@@ -137,6 +144,7 @@
dclean:
$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
mv -f Makefile.new $(MAKEFILE)
+ rm -f opensslconf.h
@target=dclean; $(RECURSIVE_MAKE)
# DO NOT DELETE THIS LINE -- make depend depends on it.
@@ -161,13 +169,6 @@
cversion.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
cversion.o: ../include/openssl/stack.h ../include/openssl/symhacks.h buildinf.h
cversion.o: cryptlib.h cversion.c
-dyn_lck.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h
-dyn_lck.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-dyn_lck.o: ../include/openssl/err.h ../include/openssl/lhash.h
-dyn_lck.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-dyn_lck.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
-dyn_lck.o: ../include/openssl/stack.h ../include/openssl/symhacks.h cryptlib.h
-dyn_lck.o: dyn_lck.c
ebcdic.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h ebcdic.c
ex_data.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h
ex_data.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
@@ -176,13 +177,7 @@
ex_data.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
ex_data.o: ../include/openssl/stack.h ../include/openssl/symhacks.h cryptlib.h
ex_data.o: ex_data.c
-fips_err.o: ../include/openssl/bio.h ../include/openssl/crypto.h
-fips_err.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-fips_err.o: ../include/openssl/fips.h ../include/openssl/lhash.h
-fips_err.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-fips_err.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
-fips_err.o: ../include/openssl/stack.h ../include/openssl/symhacks.h fips_err.c
-fips_err.o: fips_err.h
+fips_ers.o: ../include/openssl/opensslconf.h fips_ers.c
mem.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h
mem.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
mem.o: ../include/openssl/err.h ../include/openssl/lhash.h
@@ -203,6 +198,13 @@
mem_dbg.o: mem_dbg.c
o_dir.o: ../e_os.h ../include/openssl/e_os2.h ../include/openssl/opensslconf.h
o_dir.o: LPdir_unix.c o_dir.c o_dir.h
+o_fips.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h
+o_fips.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+o_fips.o: ../include/openssl/err.h ../include/openssl/lhash.h
+o_fips.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+o_fips.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
+o_fips.o: ../include/openssl/stack.h ../include/openssl/symhacks.h cryptlib.h
+o_fips.o: o_fips.c
o_init.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/crypto.h
o_init.o: ../include/openssl/e_os2.h ../include/openssl/err.h
o_init.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
@@ -213,13 +215,6 @@
o_str.o: o_str.c o_str.h
o_time.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h o_time.c
o_time.o: o_time.h
-tmdiff.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h
-tmdiff.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-tmdiff.o: ../include/openssl/err.h ../include/openssl/lhash.h
-tmdiff.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-tmdiff.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
-tmdiff.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-tmdiff.o: ../include/openssl/tmdiff.h cryptlib.h tmdiff.c
uid.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
uid.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
uid.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
Modified: trunk/crypto/openssl/crypto/aes/Makefile
===================================================================
--- trunk/crypto/openssl/crypto/aes/Makefile 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/aes/Makefile 2015-07-21 23:23:45 UTC (rev 7118)
@@ -11,7 +11,7 @@
MAKEFILE= Makefile
AR= ar r
-AES_ASM_OBJ=aes_core.o aes_cbc.o
+AES_ENC=aes_core.o aes_cbc.o
CFLAGS= $(INCLUDES) $(CFLAG)
ASFLAGS= $(INCLUDES) $(ASFLAG)
@@ -26,7 +26,7 @@
LIBSRC=aes_core.c aes_misc.c aes_ecb.c aes_cbc.c aes_cfb.c aes_ofb.c \
aes_ctr.c aes_ige.c aes_wrap.c
LIBOBJ=aes_misc.o aes_ecb.o aes_cfb.o aes_ofb.o aes_ctr.o aes_ige.o aes_wrap.o \
- $(AES_ASM_OBJ)
+ $(AES_ENC)
SRC= $(LIBSRC)
@@ -41,25 +41,47 @@
all: lib
lib: $(LIBOBJ)
- $(ARX) $(LIB) $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
-$(LIBOBJ): $(LIBSRC)
-
aes-ia64.s: asm/aes-ia64.S
$(CC) $(CFLAGS) -E asm/aes-ia64.S > $@
-ax86-elf.s: asm/aes-586.pl ../perlasm/x86asm.pl
- (cd asm; $(PERL) aes-586.pl elf $(CFLAGS) $(PROCESSOR) > ../$@)
-ax86-cof.s: asm/aes-586.pl ../perlasm/x86asm.pl
- (cd asm; $(PERL) aes-586.pl coff $(CFLAGS) $(PROCESSOR) > ../$@)
-ax86-out.s: asm/aes-586.pl ../perlasm/x86asm.pl
- (cd asm; $(PERL) aes-586.pl a.out $(CFLAGS) $(PROCESSOR) > ../$@)
+aes-586.s: asm/aes-586.pl ../perlasm/x86asm.pl
+ $(PERL) asm/aes-586.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+vpaes-x86.s: asm/vpaes-x86.pl ../perlasm/x86asm.pl
+ $(PERL) asm/vpaes-x86.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+aesni-x86.s: asm/aesni-x86.pl ../perlasm/x86asm.pl
+ $(PERL) asm/aesni-x86.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
aes-x86_64.s: asm/aes-x86_64.pl
- $(PERL) asm/aes-x86_64.pl $@
+ $(PERL) asm/aes-x86_64.pl $(PERLASM_SCHEME) > $@
+vpaes-x86_64.s: asm/vpaes-x86_64.pl
+ $(PERL) asm/vpaes-x86_64.pl $(PERLASM_SCHEME) > $@
+bsaes-x86_64.s: asm/bsaes-x86_64.pl
+ $(PERL) asm/bsaes-x86_64.pl $(PERLASM_SCHEME) > $@
+aesni-x86_64.s: asm/aesni-x86_64.pl
+ $(PERL) asm/aesni-x86_64.pl $(PERLASM_SCHEME) > $@
+aesni-sha1-x86_64.s: asm/aesni-sha1-x86_64.pl
+ $(PERL) asm/aesni-sha1-x86_64.pl $(PERLASM_SCHEME) > $@
+aes-sparcv9.s: asm/aes-sparcv9.pl
+ $(PERL) asm/aes-sparcv9.pl $(CFLAGS) > $@
+
+aes-ppc.s: asm/aes-ppc.pl
+ $(PERL) asm/aes-ppc.pl $(PERLASM_SCHEME) $@
+
+aes-parisc.s: asm/aes-parisc.pl
+ $(PERL) asm/aes-parisc.pl $(PERLASM_SCHEME) $@
+
+aes-mips.S: asm/aes-mips.pl
+ $(PERL) asm/aes-mips.pl $(PERLASM_SCHEME) $@
+
+# GNU make "catch all"
+aes-%.S: asm/aes-%.pl; $(PERL) $< $(PERLASM_SCHEME) > $@
+aes-armv4.o: aes-armv4.S
+
files:
$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
@@ -84,6 +106,8 @@
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
+update: depend
+
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
@@ -97,16 +121,14 @@
# DO NOT DELETE THIS LINE -- make depend depends on it.
-aes_cbc.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h
-aes_cbc.o: ../../include/openssl/opensslconf.h aes_cbc.c aes_locl.h
-aes_cfb.o: ../../e_os.h ../../include/openssl/aes.h
-aes_cfb.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-aes_cfb.o: aes_cfb.c aes_locl.h
+aes_cbc.o: ../../include/openssl/aes.h ../../include/openssl/modes.h
+aes_cbc.o: ../../include/openssl/opensslconf.h aes_cbc.c
+aes_cfb.o: ../../include/openssl/aes.h ../../include/openssl/modes.h
+aes_cfb.o: ../../include/openssl/opensslconf.h aes_cfb.c
aes_core.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h
-aes_core.o: ../../include/openssl/fips.h ../../include/openssl/opensslconf.h
-aes_core.o: aes_core.c aes_locl.h
-aes_ctr.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h
-aes_ctr.o: ../../include/openssl/opensslconf.h aes_ctr.c aes_locl.h
+aes_core.o: ../../include/openssl/opensslconf.h aes_core.c aes_locl.h
+aes_ctr.o: ../../include/openssl/aes.h ../../include/openssl/modes.h
+aes_ctr.o: ../../include/openssl/opensslconf.h aes_ctr.c
aes_ecb.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h
aes_ecb.o: ../../include/openssl/opensslconf.h aes_ecb.c aes_locl.h
aes_ige.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/bio.h
@@ -116,11 +138,13 @@
aes_ige.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
aes_ige.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
aes_ige.o: ../../include/openssl/symhacks.h ../cryptlib.h aes_ige.c aes_locl.h
-aes_misc.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h
-aes_misc.o: ../../include/openssl/opensslconf.h
-aes_misc.o: ../../include/openssl/opensslv.h aes_locl.h aes_misc.c
-aes_ofb.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h
-aes_ofb.o: ../../include/openssl/opensslconf.h aes_locl.h aes_ofb.c
+aes_misc.o: ../../include/openssl/aes.h ../../include/openssl/crypto.h
+aes_misc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+aes_misc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+aes_misc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+aes_misc.o: ../../include/openssl/symhacks.h aes_locl.h aes_misc.c
+aes_ofb.o: ../../include/openssl/aes.h ../../include/openssl/modes.h
+aes_ofb.o: ../../include/openssl/opensslconf.h aes_ofb.c
aes_wrap.o: ../../e_os.h ../../include/openssl/aes.h
aes_wrap.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
aes_wrap.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
Modified: trunk/crypto/openssl/crypto/aes/aes.h
===================================================================
--- trunk/crypto/openssl/crypto/aes/aes.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/aes/aes.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -58,6 +58,8 @@
# error AES is disabled.
# endif
+# include <stddef.h>
+
# define AES_ENCRYPT 1
# define AES_DECRYPT 0
@@ -68,10 +70,6 @@
# define AES_MAXNR 14
# define AES_BLOCK_SIZE 16
-# ifdef OPENSSL_FIPS
-# define FIPS_AES_SIZE_T int
-# endif
-
#ifdef __cplusplus
extern "C" {
#endif
@@ -94,6 +92,11 @@
int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
AES_KEY *key);
+int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
+ AES_KEY *key);
+int private_AES_set_decrypt_key(const unsigned char *userKey, const int bits,
+ AES_KEY *key);
+
void AES_encrypt(const unsigned char *in, unsigned char *out,
const AES_KEY *key);
void AES_decrypt(const unsigned char *in, unsigned char *out,
@@ -102,37 +105,32 @@
void AES_ecb_encrypt(const unsigned char *in, unsigned char *out,
const AES_KEY *key, const int enc);
void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
- const unsigned long length, const AES_KEY *key,
+ size_t length, const AES_KEY *key,
unsigned char *ivec, const int enc);
void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out,
- const unsigned long length, const AES_KEY *key,
+ size_t length, const AES_KEY *key,
unsigned char *ivec, int *num, const int enc);
void AES_cfb1_encrypt(const unsigned char *in, unsigned char *out,
- const unsigned long length, const AES_KEY *key,
+ size_t length, const AES_KEY *key,
unsigned char *ivec, int *num, const int enc);
void AES_cfb8_encrypt(const unsigned char *in, unsigned char *out,
- const unsigned long length, const AES_KEY *key,
+ size_t length, const AES_KEY *key,
unsigned char *ivec, int *num, const int enc);
-void AES_cfbr_encrypt_block(const unsigned char *in, unsigned char *out,
- const int nbits, const AES_KEY *key,
- unsigned char *ivec, const int enc);
void AES_ofb128_encrypt(const unsigned char *in, unsigned char *out,
- const unsigned long length, const AES_KEY *key,
+ size_t length, const AES_KEY *key,
unsigned char *ivec, int *num);
void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out,
- const unsigned long length, const AES_KEY *key,
+ size_t length, const AES_KEY *key,
unsigned char ivec[AES_BLOCK_SIZE],
unsigned char ecount_buf[AES_BLOCK_SIZE],
unsigned int *num);
-
-/* For IGE, see also http://www.links.org/files/openssl-ige.pdf */
/* NB: the IV is _two_ blocks long */
void AES_ige_encrypt(const unsigned char *in, unsigned char *out,
- const unsigned long length, const AES_KEY *key,
+ size_t length, const AES_KEY *key,
unsigned char *ivec, const int enc);
/* NB: the IV is _four_ blocks long */
void AES_bi_ige_encrypt(const unsigned char *in, unsigned char *out,
- const unsigned long length, const AES_KEY *key,
+ size_t length, const AES_KEY *key,
const AES_KEY *key2, const unsigned char *ivec,
const int enc);
@@ -143,6 +141,7 @@
unsigned char *out,
const unsigned char *in, unsigned int inlen);
+
#ifdef __cplusplus
}
#endif
Modified: trunk/crypto/openssl/crypto/aes/aes_cbc.c
===================================================================
--- trunk/crypto/openssl/crypto/aes/aes_cbc.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/aes/aes_cbc.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -49,86 +49,18 @@
*
*/
-#ifndef AES_DEBUG
-# ifndef NDEBUG
-# define NDEBUG
-# endif
-#endif
-#include <assert.h>
-
#include <openssl/aes.h>
-#include "aes_locl.h"
+#include <openssl/modes.h>
-#if !defined(OPENSSL_FIPS_AES_ASM)
void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
- const unsigned long length, const AES_KEY *key,
+ size_t len, const AES_KEY *key,
unsigned char *ivec, const int enc)
{
- unsigned long n;
- unsigned long len = length;
- unsigned char tmp[AES_BLOCK_SIZE];
- const unsigned char *iv = ivec;
-
- assert(in && out && key && ivec);
- assert((AES_ENCRYPT == enc) || (AES_DECRYPT == enc));
-
- if (AES_ENCRYPT == enc) {
- while (len >= AES_BLOCK_SIZE) {
- for (n = 0; n < AES_BLOCK_SIZE; ++n)
- out[n] = in[n] ^ iv[n];
- AES_encrypt(out, out, key);
- iv = out;
- len -= AES_BLOCK_SIZE;
- in += AES_BLOCK_SIZE;
- out += AES_BLOCK_SIZE;
- }
- if (len) {
- for (n = 0; n < len; ++n)
- out[n] = in[n] ^ iv[n];
- for (n = len; n < AES_BLOCK_SIZE; ++n)
- out[n] = iv[n];
- AES_encrypt(out, out, key);
- iv = out;
- }
- memcpy(ivec, iv, AES_BLOCK_SIZE);
- } else if (in != out) {
- while (len >= AES_BLOCK_SIZE) {
- AES_decrypt(in, out, key);
- for (n = 0; n < AES_BLOCK_SIZE; ++n)
- out[n] ^= iv[n];
- iv = in;
- len -= AES_BLOCK_SIZE;
- in += AES_BLOCK_SIZE;
- out += AES_BLOCK_SIZE;
- }
- if (len) {
- AES_decrypt(in, tmp, key);
- for (n = 0; n < len; ++n)
- out[n] = tmp[n] ^ iv[n];
- iv = in;
- }
- memcpy(ivec, iv, AES_BLOCK_SIZE);
- } else {
- while (len >= AES_BLOCK_SIZE) {
- memcpy(tmp, in, AES_BLOCK_SIZE);
- AES_decrypt(in, out, key);
- for (n = 0; n < AES_BLOCK_SIZE; ++n)
- out[n] ^= ivec[n];
- memcpy(ivec, tmp, AES_BLOCK_SIZE);
- len -= AES_BLOCK_SIZE;
- in += AES_BLOCK_SIZE;
- out += AES_BLOCK_SIZE;
- }
- if (len) {
- memcpy(tmp, in, AES_BLOCK_SIZE);
- AES_decrypt(tmp, out, key);
- for (n = 0; n < len; ++n)
- out[n] ^= ivec[n];
- for (n = len; n < AES_BLOCK_SIZE; ++n)
- out[n] = tmp[n];
- memcpy(ivec, tmp, AES_BLOCK_SIZE);
- }
- }
+ if (enc)
+ CRYPTO_cbc128_encrypt(in, out, len, key, ivec,
+ (block128_f) AES_encrypt);
+ else
+ CRYPTO_cbc128_decrypt(in, out, len, key, ivec,
+ (block128_f) AES_decrypt);
}
-#endif
Modified: trunk/crypto/openssl/crypto/aes/aes_cfb.c
===================================================================
--- trunk/crypto/openssl/crypto/aes/aes_cfb.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/aes/aes_cfb.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,6 +1,6 @@
/* crypto/aes/aes_cfb.c -*- mode:C; c-file-style: "eay" -*- */
/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 2002-2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -48,73 +48,9 @@
* ====================================================================
*
*/
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-#ifndef AES_DEBUG
-# ifndef NDEBUG
-# define NDEBUG
-# endif
-#endif
-#include <assert.h>
-
#include <openssl/aes.h>
-#include "aes_locl.h"
-#include "e_os.h"
+#include <openssl/modes.h>
/*
* The input and output encrypted as though 128bit cfb mode is being used.
@@ -123,106 +59,27 @@
*/
void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out,
- const unsigned long length, const AES_KEY *key,
+ size_t length, const AES_KEY *key,
unsigned char *ivec, int *num, const int enc)
{
- unsigned int n;
- unsigned long l = length;
- unsigned char c;
-
- assert(in && out && key && ivec && num);
-
- n = *num;
-
- if (enc) {
- while (l--) {
- if (n == 0) {
- AES_encrypt(ivec, ivec, key);
- }
- ivec[n] = *(out++) = *(in++) ^ ivec[n];
- n = (n + 1) % AES_BLOCK_SIZE;
- }
- } else {
- while (l--) {
- if (n == 0) {
- AES_encrypt(ivec, ivec, key);
- }
- c = *(in);
- *(out++) = *(in++) ^ ivec[n];
- ivec[n] = c;
- n = (n + 1) % AES_BLOCK_SIZE;
- }
- }
-
- *num = n;
+ CRYPTO_cfb128_encrypt(in, out, length, key, ivec, num, enc,
+ (block128_f) AES_encrypt);
}
-/*
- * This expects a single block of size nbits for both in and out. Note that
- * it corrupts any extra bits in the last byte of out
- */
-void AES_cfbr_encrypt_block(const unsigned char *in, unsigned char *out,
- const int nbits, const AES_KEY *key,
- unsigned char *ivec, const int enc)
-{
- int n, rem, num;
- unsigned char ovec[AES_BLOCK_SIZE * 2];
-
- if (nbits <= 0 || nbits > 128)
- return;
-
- /* fill in the first half of the new IV with the current IV */
- memcpy(ovec, ivec, AES_BLOCK_SIZE);
- /* construct the new IV */
- AES_encrypt(ivec, ivec, key);
- num = (nbits + 7) / 8;
- if (enc) /* encrypt the input */
- for (n = 0; n < num; ++n)
- out[n] = (ovec[AES_BLOCK_SIZE + n] = in[n] ^ ivec[n]);
- else /* decrypt the input */
- for (n = 0; n < num; ++n)
- out[n] = (ovec[AES_BLOCK_SIZE + n] = in[n]) ^ ivec[n];
- /* shift ovec left... */
- rem = nbits % 8;
- num = nbits / 8;
- if (rem == 0)
- memcpy(ivec, ovec + num, AES_BLOCK_SIZE);
- else
- for (n = 0; n < AES_BLOCK_SIZE; ++n)
- ivec[n] = ovec[n + num] << rem | ovec[n + num + 1] >> (8 - rem);
-
- /* it is not necessary to cleanse ovec, since the IV is not secret */
-}
-
/* N.B. This expects the input to be packed, MS bit first */
void AES_cfb1_encrypt(const unsigned char *in, unsigned char *out,
- const unsigned long length, const AES_KEY *key,
+ size_t length, const AES_KEY *key,
unsigned char *ivec, int *num, const int enc)
{
- unsigned int n;
- unsigned char c[1], d[1];
-
- assert(in && out && key && ivec && num);
- assert(*num == 0);
-
- for (n = 0; n < length; ++n) {
- c[0] = (in[n / 8] & (1 << (7 - n % 8))) ? 0x80 : 0;
- AES_cfbr_encrypt_block(c, d, 1, key, ivec, enc);
- out[n / 8] =
- (out[n / 8] & ~(1 << (7 - n % 8))) | ((d[0] & 0x80) >> (n % 8));
- }
+ CRYPTO_cfb128_1_encrypt(in, out, length, key, ivec, num, enc,
+ (block128_f) AES_encrypt);
}
void AES_cfb8_encrypt(const unsigned char *in, unsigned char *out,
- const unsigned long length, const AES_KEY *key,
+ size_t length, const AES_KEY *key,
unsigned char *ivec, int *num, const int enc)
{
- unsigned int n;
-
- assert(in && out && key && ivec && num);
- assert(*num == 0);
-
- for (n = 0; n < length; ++n)
- AES_cfbr_encrypt_block(&in[n], &out[n], 8, key, ivec, enc);
+ CRYPTO_cfb128_8_encrypt(in, out, length, key, ivec, num, enc,
+ (block128_f) AES_encrypt);
}
Modified: trunk/crypto/openssl/crypto/aes/aes_core.c
===================================================================
--- trunk/crypto/openssl/crypto/aes/aes_core.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/aes/aes_core.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -37,12 +37,9 @@
#include <stdlib.h>
#include <openssl/aes.h>
-#ifdef OPENSSL_FIPS
-#include <openssl/fips.h>
-#endif
-
#include "aes_locl.h"
+#ifndef AES_ASM
/*-
Te0[x] = S [x].[02, 01, 01, 03];
Te1[x] = S [x].[03, 02, 01, 01];
@@ -628,17 +625,14 @@
/**
* Expand the cipher key into the encryption key schedule.
*/
-int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
- AES_KEY *key)
+int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
+ AES_KEY *key)
{
+
u32 *rk;
int i = 0;
u32 temp;
-#ifdef OPENSSL_FIPS
- FIPS_selftest_check();
-#endif
-
if (!userKey || !key)
return -1;
if (bits != 128 && bits != 192 && bits != 256)
@@ -733,8 +727,8 @@
/**
* Expand the cipher key into the decryption key schedule.
*/
-int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
- AES_KEY *key)
+int private_AES_set_decrypt_key(const unsigned char *userKey, const int bits,
+ AES_KEY *key)
{
u32 *rk;
@@ -742,7 +736,7 @@
u32 temp;
/* first, start with an encryption schedule */
- status = AES_set_encrypt_key(userKey, bits, key);
+ status = private_AES_set_encrypt_key(userKey, bits, key);
if (status < 0)
return status;
@@ -782,7 +776,6 @@
return 0;
}
-#ifndef AES_ASM
/*
* Encrypt a single block
* in and out can overlap
@@ -1137,33 +1130,234 @@
* map cipher state to byte array block:
*/
s0 =
- (Td4[(t0 >> 24) ] << 24) ^
- (Td4[(t3 >> 16) & 0xff] << 16) ^
- (Td4[(t2 >> 8) & 0xff] << 8) ^
- (Td4[(t1 ) & 0xff]) ^
+ ((u32)Td4[(t0 >> 24) ] << 24) ^
+ ((u32)Td4[(t3 >> 16) & 0xff] << 16) ^
+ ((u32)Td4[(t2 >> 8) & 0xff] << 8) ^
+ ((u32)Td4[(t1 ) & 0xff]) ^
rk[0];
PUTU32(out , s0);
s1 =
- (Td4[(t1 >> 24) ] << 24) ^
- (Td4[(t0 >> 16) & 0xff] << 16) ^
- (Td4[(t3 >> 8) & 0xff] << 8) ^
- (Td4[(t2 ) & 0xff]) ^
+ ((u32)Td4[(t1 >> 24) ] << 24) ^
+ ((u32)Td4[(t0 >> 16) & 0xff] << 16) ^
+ ((u32)Td4[(t3 >> 8) & 0xff] << 8) ^
+ ((u32)Td4[(t2 ) & 0xff]) ^
rk[1];
PUTU32(out + 4, s1);
s2 =
- (Td4[(t2 >> 24) ] << 24) ^
- (Td4[(t1 >> 16) & 0xff] << 16) ^
- (Td4[(t0 >> 8) & 0xff] << 8) ^
- (Td4[(t3 ) & 0xff]) ^
+ ((u32)Td4[(t2 >> 24) ] << 24) ^
+ ((u32)Td4[(t1 >> 16) & 0xff] << 16) ^
+ ((u32)Td4[(t0 >> 8) & 0xff] << 8) ^
+ ((u32)Td4[(t3 ) & 0xff]) ^
rk[2];
PUTU32(out + 8, s2);
s3 =
- (Td4[(t3 >> 24) ] << 24) ^
- (Td4[(t2 >> 16) & 0xff] << 16) ^
- (Td4[(t1 >> 8) & 0xff] << 8) ^
- (Td4[(t0 ) & 0xff]) ^
+ ((u32)Td4[(t3 >> 24) ] << 24) ^
+ ((u32)Td4[(t2 >> 16) & 0xff] << 16) ^
+ ((u32)Td4[(t1 >> 8) & 0xff] << 8) ^
+ ((u32)Td4[(t0 ) & 0xff]) ^
rk[3];
PUTU32(out + 12, s3);
}
+#else /* AES_ASM */
+
+static const u8 Te4[256] = {
+ 0x63U, 0x7cU, 0x77U, 0x7bU, 0xf2U, 0x6bU, 0x6fU, 0xc5U,
+ 0x30U, 0x01U, 0x67U, 0x2bU, 0xfeU, 0xd7U, 0xabU, 0x76U,
+ 0xcaU, 0x82U, 0xc9U, 0x7dU, 0xfaU, 0x59U, 0x47U, 0xf0U,
+ 0xadU, 0xd4U, 0xa2U, 0xafU, 0x9cU, 0xa4U, 0x72U, 0xc0U,
+ 0xb7U, 0xfdU, 0x93U, 0x26U, 0x36U, 0x3fU, 0xf7U, 0xccU,
+ 0x34U, 0xa5U, 0xe5U, 0xf1U, 0x71U, 0xd8U, 0x31U, 0x15U,
+ 0x04U, 0xc7U, 0x23U, 0xc3U, 0x18U, 0x96U, 0x05U, 0x9aU,
+ 0x07U, 0x12U, 0x80U, 0xe2U, 0xebU, 0x27U, 0xb2U, 0x75U,
+ 0x09U, 0x83U, 0x2cU, 0x1aU, 0x1bU, 0x6eU, 0x5aU, 0xa0U,
+ 0x52U, 0x3bU, 0xd6U, 0xb3U, 0x29U, 0xe3U, 0x2fU, 0x84U,
+ 0x53U, 0xd1U, 0x00U, 0xedU, 0x20U, 0xfcU, 0xb1U, 0x5bU,
+ 0x6aU, 0xcbU, 0xbeU, 0x39U, 0x4aU, 0x4cU, 0x58U, 0xcfU,
+ 0xd0U, 0xefU, 0xaaU, 0xfbU, 0x43U, 0x4dU, 0x33U, 0x85U,
+ 0x45U, 0xf9U, 0x02U, 0x7fU, 0x50U, 0x3cU, 0x9fU, 0xa8U,
+ 0x51U, 0xa3U, 0x40U, 0x8fU, 0x92U, 0x9dU, 0x38U, 0xf5U,
+ 0xbcU, 0xb6U, 0xdaU, 0x21U, 0x10U, 0xffU, 0xf3U, 0xd2U,
+ 0xcdU, 0x0cU, 0x13U, 0xecU, 0x5fU, 0x97U, 0x44U, 0x17U,
+ 0xc4U, 0xa7U, 0x7eU, 0x3dU, 0x64U, 0x5dU, 0x19U, 0x73U,
+ 0x60U, 0x81U, 0x4fU, 0xdcU, 0x22U, 0x2aU, 0x90U, 0x88U,
+ 0x46U, 0xeeU, 0xb8U, 0x14U, 0xdeU, 0x5eU, 0x0bU, 0xdbU,
+ 0xe0U, 0x32U, 0x3aU, 0x0aU, 0x49U, 0x06U, 0x24U, 0x5cU,
+ 0xc2U, 0xd3U, 0xacU, 0x62U, 0x91U, 0x95U, 0xe4U, 0x79U,
+ 0xe7U, 0xc8U, 0x37U, 0x6dU, 0x8dU, 0xd5U, 0x4eU, 0xa9U,
+ 0x6cU, 0x56U, 0xf4U, 0xeaU, 0x65U, 0x7aU, 0xaeU, 0x08U,
+ 0xbaU, 0x78U, 0x25U, 0x2eU, 0x1cU, 0xa6U, 0xb4U, 0xc6U,
+ 0xe8U, 0xddU, 0x74U, 0x1fU, 0x4bU, 0xbdU, 0x8bU, 0x8aU,
+ 0x70U, 0x3eU, 0xb5U, 0x66U, 0x48U, 0x03U, 0xf6U, 0x0eU,
+ 0x61U, 0x35U, 0x57U, 0xb9U, 0x86U, 0xc1U, 0x1dU, 0x9eU,
+ 0xe1U, 0xf8U, 0x98U, 0x11U, 0x69U, 0xd9U, 0x8eU, 0x94U,
+ 0x9bU, 0x1eU, 0x87U, 0xe9U, 0xceU, 0x55U, 0x28U, 0xdfU,
+ 0x8cU, 0xa1U, 0x89U, 0x0dU, 0xbfU, 0xe6U, 0x42U, 0x68U,
+ 0x41U, 0x99U, 0x2dU, 0x0fU, 0xb0U, 0x54U, 0xbbU, 0x16U
+};
+static const u32 rcon[] = {
+ 0x01000000, 0x02000000, 0x04000000, 0x08000000,
+ 0x10000000, 0x20000000, 0x40000000, 0x80000000,
+ 0x1B000000, 0x36000000, /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */
+};
+
+/**
+ * Expand the cipher key into the encryption key schedule.
+ */
+int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
+ AES_KEY *key)
+{
+ u32 *rk;
+ int i = 0;
+ u32 temp;
+
+ if (!userKey || !key)
+ return -1;
+ if (bits != 128 && bits != 192 && bits != 256)
+ return -2;
+
+ rk = key->rd_key;
+
+ if (bits==128)
+ key->rounds = 10;
+ else if (bits==192)
+ key->rounds = 12;
+ else
+ key->rounds = 14;
+
+ rk[0] = GETU32(userKey );
+ rk[1] = GETU32(userKey + 4);
+ rk[2] = GETU32(userKey + 8);
+ rk[3] = GETU32(userKey + 12);
+ if (bits == 128) {
+ while (1) {
+ temp = rk[3];
+ rk[4] = rk[0] ^
+ ((u32)Te4[(temp >> 16) & 0xff] << 24) ^
+ ((u32)Te4[(temp >> 8) & 0xff] << 16) ^
+ ((u32)Te4[(temp ) & 0xff] << 8) ^
+ ((u32)Te4[(temp >> 24) ]) ^
+ rcon[i];
+ rk[5] = rk[1] ^ rk[4];
+ rk[6] = rk[2] ^ rk[5];
+ rk[7] = rk[3] ^ rk[6];
+ if (++i == 10) {
+ return 0;
+ }
+ rk += 4;
+ }
+ }
+ rk[4] = GETU32(userKey + 16);
+ rk[5] = GETU32(userKey + 20);
+ if (bits == 192) {
+ while (1) {
+ temp = rk[ 5];
+ rk[ 6] = rk[ 0] ^
+ ((u32)Te4[(temp >> 16) & 0xff] << 24) ^
+ ((u32)Te4[(temp >> 8) & 0xff] << 16) ^
+ ((u32)Te4[(temp ) & 0xff] << 8) ^
+ ((u32)Te4[(temp >> 24) ]) ^
+ rcon[i];
+ rk[ 7] = rk[ 1] ^ rk[ 6];
+ rk[ 8] = rk[ 2] ^ rk[ 7];
+ rk[ 9] = rk[ 3] ^ rk[ 8];
+ if (++i == 8) {
+ return 0;
+ }
+ rk[10] = rk[ 4] ^ rk[ 9];
+ rk[11] = rk[ 5] ^ rk[10];
+ rk += 6;
+ }
+ }
+ rk[6] = GETU32(userKey + 24);
+ rk[7] = GETU32(userKey + 28);
+ if (bits == 256) {
+ while (1) {
+ temp = rk[ 7];
+ rk[ 8] = rk[ 0] ^
+ ((u32)Te4[(temp >> 16) & 0xff] << 24) ^
+ ((u32)Te4[(temp >> 8) & 0xff] << 16) ^
+ ((u32)Te4[(temp ) & 0xff] << 8) ^
+ ((u32)Te4[(temp >> 24) ]) ^
+ rcon[i];
+ rk[ 9] = rk[ 1] ^ rk[ 8];
+ rk[10] = rk[ 2] ^ rk[ 9];
+ rk[11] = rk[ 3] ^ rk[10];
+ if (++i == 7) {
+ return 0;
+ }
+ temp = rk[11];
+ rk[12] = rk[ 4] ^
+ ((u32)Te4[(temp >> 24) ] << 24) ^
+ ((u32)Te4[(temp >> 16) & 0xff] << 16) ^
+ ((u32)Te4[(temp >> 8) & 0xff] << 8) ^
+ ((u32)Te4[(temp ) & 0xff]);
+ rk[13] = rk[ 5] ^ rk[12];
+ rk[14] = rk[ 6] ^ rk[13];
+ rk[15] = rk[ 7] ^ rk[14];
+
+ rk += 8;
+ }
+ }
+ return 0;
+}
+
+/**
+ * Expand the cipher key into the decryption key schedule.
+ */
+int private_AES_set_decrypt_key(const unsigned char *userKey, const int bits,
+ AES_KEY *key)
+{
+
+ u32 *rk;
+ int i, j, status;
+ u32 temp;
+
+ /* first, start with an encryption schedule */
+ status = private_AES_set_encrypt_key(userKey, bits, key);
+ if (status < 0)
+ return status;
+
+ rk = key->rd_key;
+
+ /* invert the order of the round keys: */
+ for (i = 0, j = 4*(key->rounds); i < j; i += 4, j -= 4) {
+ temp = rk[i ]; rk[i ] = rk[j ]; rk[j ] = temp;
+ temp = rk[i + 1]; rk[i + 1] = rk[j + 1]; rk[j + 1] = temp;
+ temp = rk[i + 2]; rk[i + 2] = rk[j + 2]; rk[j + 2] = temp;
+ temp = rk[i + 3]; rk[i + 3] = rk[j + 3]; rk[j + 3] = temp;
+ }
+ /* apply the inverse MixColumn transform to all round keys but the first and the last: */
+ for (i = 1; i < (key->rounds); i++) {
+ rk += 4;
+ for (j = 0; j < 4; j++) {
+ u32 tp1, tp2, tp4, tp8, tp9, tpb, tpd, tpe, m;
+
+ tp1 = rk[j];
+ m = tp1 & 0x80808080;
+ tp2 = ((tp1 & 0x7f7f7f7f) << 1) ^
+ ((m - (m >> 7)) & 0x1b1b1b1b);
+ m = tp2 & 0x80808080;
+ tp4 = ((tp2 & 0x7f7f7f7f) << 1) ^
+ ((m - (m >> 7)) & 0x1b1b1b1b);
+ m = tp4 & 0x80808080;
+ tp8 = ((tp4 & 0x7f7f7f7f) << 1) ^
+ ((m - (m >> 7)) & 0x1b1b1b1b);
+ tp9 = tp8 ^ tp1;
+ tpb = tp9 ^ tp2;
+ tpd = tp9 ^ tp4;
+ tpe = tp8 ^ tp4 ^ tp2;
+#if defined(ROTATE)
+ rk[j] = tpe ^ ROTATE(tpd,16) ^
+ ROTATE(tp9,24) ^ ROTATE(tpb,8);
+#else
+ rk[j] = tpe ^ (tpd >> 16) ^ (tpd << 16) ^
+ (tp9 >> 8) ^ (tp9 << 24) ^
+ (tpb >> 24) ^ (tpb << 8);
+#endif
+ }
+ }
+ return 0;
+}
+
#endif /* AES_ASM */
Modified: trunk/crypto/openssl/crypto/aes/aes_ctr.c
===================================================================
--- trunk/crypto/openssl/crypto/aes/aes_ctr.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/aes/aes_ctr.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -49,97 +49,15 @@
*
*/
-#ifndef AES_DEBUG
-# ifndef NDEBUG
-# define NDEBUG
-# endif
-#endif
-#include <assert.h>
-
#include <openssl/aes.h>
-#include "aes_locl.h"
+#include <openssl/modes.h>
-/*
- * NOTE: the IV/counter CTR mode is big-endian. The rest of the AES code is
- * endian-neutral.
- */
-
-/* increment counter (128-bit int) by 1 */
-static void AES_ctr128_inc(unsigned char *counter)
-{
- unsigned long c;
-
- /* Grab bottom dword of counter and increment */
- c = GETU32(counter + 12);
- c++;
- c &= 0xFFFFFFFF;
- PUTU32(counter + 12, c);
-
- /* if no overflow, we're done */
- if (c)
- return;
-
- /* Grab 1st dword of counter and increment */
- c = GETU32(counter + 8);
- c++;
- c &= 0xFFFFFFFF;
- PUTU32(counter + 8, c);
-
- /* if no overflow, we're done */
- if (c)
- return;
-
- /* Grab 2nd dword of counter and increment */
- c = GETU32(counter + 4);
- c++;
- c &= 0xFFFFFFFF;
- PUTU32(counter + 4, c);
-
- /* if no overflow, we're done */
- if (c)
- return;
-
- /* Grab top dword of counter and increment */
- c = GETU32(counter + 0);
- c++;
- c &= 0xFFFFFFFF;
- PUTU32(counter + 0, c);
-}
-
-/*
- * The input encrypted as though 128bit counter mode is being used. The
- * extra state information to record how much of the 128bit block we have
- * used is contained in *num, and the encrypted counter is kept in
- * ecount_buf. Both *num and ecount_buf must be initialised with zeros
- * before the first call to AES_ctr128_encrypt(). This algorithm assumes
- * that the counter is in the x lower bits of the IV (ivec), and that the
- * application has full control over overflow and the rest of the IV. This
- * implementation takes NO responsability for checking that the counter
- * doesn't overflow into the rest of the IV when incremented.
- */
void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out,
- const unsigned long length, const AES_KEY *key,
+ size_t length, const AES_KEY *key,
unsigned char ivec[AES_BLOCK_SIZE],
unsigned char ecount_buf[AES_BLOCK_SIZE],
unsigned int *num)
{
-
- unsigned int n;
- unsigned long l = length;
-
- assert(in && out && key && counter && num);
- assert(*num < AES_BLOCK_SIZE);
-
- n = *num;
-
- while (l--) {
- if (n == 0) {
- AES_encrypt(ivec, ecount_buf, key);
- AES_ctr128_inc(ivec);
- }
- *(out++) = *(in++) ^ ecount_buf[n];
- n = (n + 1) % AES_BLOCK_SIZE;
- }
-
- *num = n;
+ CRYPTO_ctr128_encrypt(in, out, length, key, ivec, ecount_buf, num,
+ (block128_f) AES_encrypt);
}
Modified: trunk/crypto/openssl/crypto/aes/aes_ige.c
===================================================================
--- trunk/crypto/openssl/crypto/aes/aes_ige.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/aes/aes_ige.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -77,11 +77,11 @@
/* N.B. The IV for this mode is _twice_ the block size */
void AES_ige_encrypt(const unsigned char *in, unsigned char *out,
- const unsigned long length, const AES_KEY *key,
+ size_t length, const AES_KEY *key,
unsigned char *ivec, const int enc)
{
- unsigned long n;
- unsigned long len;
+ size_t n;
+ size_t len = length;
OPENSSL_assert(in && out && key && ivec);
OPENSSL_assert((AES_ENCRYPT == enc) || (AES_DECRYPT == enc));
@@ -206,12 +206,12 @@
/* N.B. The IV for this mode is _four times_ the block size */
void AES_bi_ige_encrypt(const unsigned char *in, unsigned char *out,
- const unsigned long length, const AES_KEY *key,
+ size_t length, const AES_KEY *key,
const AES_KEY *key2, const unsigned char *ivec,
const int enc)
{
- unsigned long n;
- unsigned long len = length;
+ size_t n;
+ size_t len = length;
unsigned char tmp[AES_BLOCK_SIZE];
unsigned char tmp2[AES_BLOCK_SIZE];
unsigned char tmp3[AES_BLOCK_SIZE];
Modified: trunk/crypto/openssl/crypto/aes/aes_misc.c
===================================================================
--- trunk/crypto/openssl/crypto/aes/aes_misc.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/aes/aes_misc.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -50,6 +50,7 @@
*/
#include <openssl/opensslv.h>
+#include <openssl/crypto.h>
#include <openssl/aes.h>
#include "aes_locl.h"
@@ -63,3 +64,23 @@
return "aes(partial)";
#endif
}
+
+/* FIPS wrapper functions to block low level AES calls in FIPS mode */
+
+int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
+ AES_KEY *key)
+{
+#ifdef OPENSSL_FIPS
+ fips_cipher_abort(AES);
+#endif
+ return private_AES_set_encrypt_key(userKey, bits, key);
+}
+
+int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
+ AES_KEY *key)
+{
+#ifdef OPENSSL_FIPS
+ fips_cipher_abort(AES);
+#endif
+ return private_AES_set_decrypt_key(userKey, bits, key);
+}
Modified: trunk/crypto/openssl/crypto/aes/aes_ofb.c
===================================================================
--- trunk/crypto/openssl/crypto/aes/aes_ofb.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/aes/aes_ofb.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,6 +1,6 @@
/* crypto/aes/aes_ofb.c -*- mode:C; c-file-style: "eay" -*- */
/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 2002-2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -48,97 +48,14 @@
* ====================================================================
*
*/
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-#ifndef AES_DEBUG
-# ifndef NDEBUG
-# define NDEBUG
-# endif
-#endif
-#include <assert.h>
-
#include <openssl/aes.h>
-#include "aes_locl.h"
+#include <openssl/modes.h>
-/*
- * The input and output encrypted as though 128bit ofb mode is being used.
- * The extra state information to record how much of the 128bit block we have
- * used is contained in *num;
- */
void AES_ofb128_encrypt(const unsigned char *in, unsigned char *out,
- const unsigned long length, const AES_KEY *key,
+ size_t length, const AES_KEY *key,
unsigned char *ivec, int *num)
{
-
- unsigned int n;
- unsigned long l = length;
-
- assert(in && out && key && ivec && num);
-
- n = *num;
-
- while (l--) {
- if (n == 0) {
- AES_encrypt(ivec, ivec, key);
- }
- *(out++) = *(in++) ^ ivec[n];
- n = (n + 1) % AES_BLOCK_SIZE;
- }
-
- *num = n;
+ CRYPTO_ofb128_encrypt(in, out, length, key, ivec, num,
+ (block128_f) AES_encrypt);
}
Copied: trunk/crypto/openssl/crypto/aes/aes_x86core.c (from rev 7117, vendor-crypto/openssl/dist/crypto/aes/aes_x86core.c)
===================================================================
--- trunk/crypto/openssl/crypto/aes/aes_x86core.c (rev 0)
+++ trunk/crypto/openssl/crypto/aes/aes_x86core.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,1070 @@
+/* crypto/aes/aes_core.c -*- mode:C; c-file-style: "eay" -*- */
+/**
+ * rijndael-alg-fst.c
+ *
+ * @version 3.0 (December 2000)
+ *
+ * Optimised ANSI C code for the Rijndael cipher (now AES)
+ *
+ * @author Vincent Rijmen <vincent.rijmen at esat.kuleuven.ac.be>
+ * @author Antoon Bosselaers <antoon.bosselaers at esat.kuleuven.ac.be>
+ * @author Paulo Barreto <paulo.barreto at terra.com.br>
+ *
+ * This code is hereby placed in the public domain.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
+ * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+ * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+ * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
+ * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+ * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * This is experimental x86[_64] derivative. It assumes little-endian
+ * byte order and expects CPU to sustain unaligned memory references.
+ * It is used as playground for cache-time attack mitigations and
+ * serves as reference C implementation for x86[_64] assembler.
+ *
+ * <appro at fy.chalmers.se>
+ */
+
+
+#ifndef AES_DEBUG
+# ifndef NDEBUG
+# define NDEBUG
+# endif
+#endif
+#include <assert.h>
+
+#include <stdlib.h>
+#include <openssl/aes.h>
+#include "aes_locl.h"
+
+/*
+ * These two parameters control which table, 256-byte or 2KB, is
+ * referenced in outer and respectively inner rounds.
+ */
+#define AES_COMPACT_IN_OUTER_ROUNDS
+#ifdef AES_COMPACT_IN_OUTER_ROUNDS
+/* AES_COMPACT_IN_OUTER_ROUNDS costs ~30% in performance, while
+ * adding AES_COMPACT_IN_INNER_ROUNDS reduces benchmark *further*
+ * by factor of ~2. */
+# undef AES_COMPACT_IN_INNER_ROUNDS
+#endif
+
+#if 1
+static void prefetch256(const void *table)
+{
+ volatile unsigned long *t=(void *)table,ret;
+ unsigned long sum;
+ int i;
+
+ /* 32 is common least cache-line size */
+ for (sum=0,i=0;i<256/sizeof(t[0]);i+=32/sizeof(t[0])) sum ^= t[i];
+
+ ret = sum;
+}
+#else
+# define prefetch256(t)
+#endif
+
+#undef GETU32
+#define GETU32(p) (*((u32*)(p)))
+
+#if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
+typedef unsigned __int64 u64;
+#define U64(C) C##UI64
+#elif defined(__arch64__)
+typedef unsigned long u64;
+#define U64(C) C##UL
+#else
+typedef unsigned long long u64;
+#define U64(C) C##ULL
+#endif
+
+#undef ROTATE
+#if defined(_MSC_VER) || defined(__ICC)
+# define ROTATE(a,n) _lrotl(a,n)
+#elif defined(__GNUC__) && __GNUC__>=2
+# if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)
+# define ROTATE(a,n) ({ register unsigned int ret; \
+ asm ( \
+ "roll %1,%0" \
+ : "=r"(ret) \
+ : "I"(n), "0"(a) \
+ : "cc"); \
+ ret; \
+ })
+# endif
+#endif
+/*-
+Te [x] = S [x].[02, 01, 01, 03, 02, 01, 01, 03];
+Te0[x] = S [x].[02, 01, 01, 03];
+Te1[x] = S [x].[03, 02, 01, 01];
+Te2[x] = S [x].[01, 03, 02, 01];
+Te3[x] = S [x].[01, 01, 03, 02];
+*/
+#define Te0 (u32)((u64*)((u8*)Te+0))
+#define Te1 (u32)((u64*)((u8*)Te+3))
+#define Te2 (u32)((u64*)((u8*)Te+2))
+#define Te3 (u32)((u64*)((u8*)Te+1))
+/*-
+Td [x] = Si[x].[0e, 09, 0d, 0b, 0e, 09, 0d, 0b];
+Td0[x] = Si[x].[0e, 09, 0d, 0b];
+Td1[x] = Si[x].[0b, 0e, 09, 0d];
+Td2[x] = Si[x].[0d, 0b, 0e, 09];
+Td3[x] = Si[x].[09, 0d, 0b, 0e];
+Td4[x] = Si[x].[01];
+*/
+#define Td0 (u32)((u64*)((u8*)Td+0))
+#define Td1 (u32)((u64*)((u8*)Td+3))
+#define Td2 (u32)((u64*)((u8*)Td+2))
+#define Td3 (u32)((u64*)((u8*)Td+1))
+
+static const u64 Te[256] = {
+ U64(0xa56363c6a56363c6), U64(0x847c7cf8847c7cf8),
+ U64(0x997777ee997777ee), U64(0x8d7b7bf68d7b7bf6),
+ U64(0x0df2f2ff0df2f2ff), U64(0xbd6b6bd6bd6b6bd6),
+ U64(0xb16f6fdeb16f6fde), U64(0x54c5c59154c5c591),
+ U64(0x5030306050303060), U64(0x0301010203010102),
+ U64(0xa96767cea96767ce), U64(0x7d2b2b567d2b2b56),
+ U64(0x19fefee719fefee7), U64(0x62d7d7b562d7d7b5),
+ U64(0xe6abab4de6abab4d), U64(0x9a7676ec9a7676ec),
+ U64(0x45caca8f45caca8f), U64(0x9d82821f9d82821f),
+ U64(0x40c9c98940c9c989), U64(0x877d7dfa877d7dfa),
+ U64(0x15fafaef15fafaef), U64(0xeb5959b2eb5959b2),
+ U64(0xc947478ec947478e), U64(0x0bf0f0fb0bf0f0fb),
+ U64(0xecadad41ecadad41), U64(0x67d4d4b367d4d4b3),
+ U64(0xfda2a25ffda2a25f), U64(0xeaafaf45eaafaf45),
+ U64(0xbf9c9c23bf9c9c23), U64(0xf7a4a453f7a4a453),
+ U64(0x967272e4967272e4), U64(0x5bc0c09b5bc0c09b),
+ U64(0xc2b7b775c2b7b775), U64(0x1cfdfde11cfdfde1),
+ U64(0xae93933dae93933d), U64(0x6a26264c6a26264c),
+ U64(0x5a36366c5a36366c), U64(0x413f3f7e413f3f7e),
+ U64(0x02f7f7f502f7f7f5), U64(0x4fcccc834fcccc83),
+ U64(0x5c3434685c343468), U64(0xf4a5a551f4a5a551),
+ U64(0x34e5e5d134e5e5d1), U64(0x08f1f1f908f1f1f9),
+ U64(0x937171e2937171e2), U64(0x73d8d8ab73d8d8ab),
+ U64(0x5331316253313162), U64(0x3f15152a3f15152a),
+ U64(0x0c0404080c040408), U64(0x52c7c79552c7c795),
+ U64(0x6523234665232346), U64(0x5ec3c39d5ec3c39d),
+ U64(0x2818183028181830), U64(0xa1969637a1969637),
+ U64(0x0f05050a0f05050a), U64(0xb59a9a2fb59a9a2f),
+ U64(0x0907070e0907070e), U64(0x3612122436121224),
+ U64(0x9b80801b9b80801b), U64(0x3de2e2df3de2e2df),
+ U64(0x26ebebcd26ebebcd), U64(0x6927274e6927274e),
+ U64(0xcdb2b27fcdb2b27f), U64(0x9f7575ea9f7575ea),
+ U64(0x1b0909121b090912), U64(0x9e83831d9e83831d),
+ U64(0x742c2c58742c2c58), U64(0x2e1a1a342e1a1a34),
+ U64(0x2d1b1b362d1b1b36), U64(0xb26e6edcb26e6edc),
+ U64(0xee5a5ab4ee5a5ab4), U64(0xfba0a05bfba0a05b),
+ U64(0xf65252a4f65252a4), U64(0x4d3b3b764d3b3b76),
+ U64(0x61d6d6b761d6d6b7), U64(0xceb3b37dceb3b37d),
+ U64(0x7b2929527b292952), U64(0x3ee3e3dd3ee3e3dd),
+ U64(0x712f2f5e712f2f5e), U64(0x9784841397848413),
+ U64(0xf55353a6f55353a6), U64(0x68d1d1b968d1d1b9),
+ U64(0x0000000000000000), U64(0x2cededc12cededc1),
+ U64(0x6020204060202040), U64(0x1ffcfce31ffcfce3),
+ U64(0xc8b1b179c8b1b179), U64(0xed5b5bb6ed5b5bb6),
+ U64(0xbe6a6ad4be6a6ad4), U64(0x46cbcb8d46cbcb8d),
+ U64(0xd9bebe67d9bebe67), U64(0x4b3939724b393972),
+ U64(0xde4a4a94de4a4a94), U64(0xd44c4c98d44c4c98),
+ U64(0xe85858b0e85858b0), U64(0x4acfcf854acfcf85),
+ U64(0x6bd0d0bb6bd0d0bb), U64(0x2aefefc52aefefc5),
+ U64(0xe5aaaa4fe5aaaa4f), U64(0x16fbfbed16fbfbed),
+ U64(0xc5434386c5434386), U64(0xd74d4d9ad74d4d9a),
+ U64(0x5533336655333366), U64(0x9485851194858511),
+ U64(0xcf45458acf45458a), U64(0x10f9f9e910f9f9e9),
+ U64(0x0602020406020204), U64(0x817f7ffe817f7ffe),
+ U64(0xf05050a0f05050a0), U64(0x443c3c78443c3c78),
+ U64(0xba9f9f25ba9f9f25), U64(0xe3a8a84be3a8a84b),
+ U64(0xf35151a2f35151a2), U64(0xfea3a35dfea3a35d),
+ U64(0xc0404080c0404080), U64(0x8a8f8f058a8f8f05),
+ U64(0xad92923fad92923f), U64(0xbc9d9d21bc9d9d21),
+ U64(0x4838387048383870), U64(0x04f5f5f104f5f5f1),
+ U64(0xdfbcbc63dfbcbc63), U64(0xc1b6b677c1b6b677),
+ U64(0x75dadaaf75dadaaf), U64(0x6321214263212142),
+ U64(0x3010102030101020), U64(0x1affffe51affffe5),
+ U64(0x0ef3f3fd0ef3f3fd), U64(0x6dd2d2bf6dd2d2bf),
+ U64(0x4ccdcd814ccdcd81), U64(0x140c0c18140c0c18),
+ U64(0x3513132635131326), U64(0x2fececc32fececc3),
+ U64(0xe15f5fbee15f5fbe), U64(0xa2979735a2979735),
+ U64(0xcc444488cc444488), U64(0x3917172e3917172e),
+ U64(0x57c4c49357c4c493), U64(0xf2a7a755f2a7a755),
+ U64(0x827e7efc827e7efc), U64(0x473d3d7a473d3d7a),
+ U64(0xac6464c8ac6464c8), U64(0xe75d5dbae75d5dba),
+ U64(0x2b1919322b191932), U64(0x957373e6957373e6),
+ U64(0xa06060c0a06060c0), U64(0x9881811998818119),
+ U64(0xd14f4f9ed14f4f9e), U64(0x7fdcdca37fdcdca3),
+ U64(0x6622224466222244), U64(0x7e2a2a547e2a2a54),
+ U64(0xab90903bab90903b), U64(0x8388880b8388880b),
+ U64(0xca46468cca46468c), U64(0x29eeeec729eeeec7),
+ U64(0xd3b8b86bd3b8b86b), U64(0x3c1414283c141428),
+ U64(0x79dedea779dedea7), U64(0xe25e5ebce25e5ebc),
+ U64(0x1d0b0b161d0b0b16), U64(0x76dbdbad76dbdbad),
+ U64(0x3be0e0db3be0e0db), U64(0x5632326456323264),
+ U64(0x4e3a3a744e3a3a74), U64(0x1e0a0a141e0a0a14),
+ U64(0xdb494992db494992), U64(0x0a06060c0a06060c),
+ U64(0x6c2424486c242448), U64(0xe45c5cb8e45c5cb8),
+ U64(0x5dc2c29f5dc2c29f), U64(0x6ed3d3bd6ed3d3bd),
+ U64(0xefacac43efacac43), U64(0xa66262c4a66262c4),
+ U64(0xa8919139a8919139), U64(0xa4959531a4959531),
+ U64(0x37e4e4d337e4e4d3), U64(0x8b7979f28b7979f2),
+ U64(0x32e7e7d532e7e7d5), U64(0x43c8c88b43c8c88b),
+ U64(0x5937376e5937376e), U64(0xb76d6ddab76d6dda),
+ U64(0x8c8d8d018c8d8d01), U64(0x64d5d5b164d5d5b1),
+ U64(0xd24e4e9cd24e4e9c), U64(0xe0a9a949e0a9a949),
+ U64(0xb46c6cd8b46c6cd8), U64(0xfa5656acfa5656ac),
+ U64(0x07f4f4f307f4f4f3), U64(0x25eaeacf25eaeacf),
+ U64(0xaf6565caaf6565ca), U64(0x8e7a7af48e7a7af4),
+ U64(0xe9aeae47e9aeae47), U64(0x1808081018080810),
+ U64(0xd5baba6fd5baba6f), U64(0x887878f0887878f0),
+ U64(0x6f25254a6f25254a), U64(0x722e2e5c722e2e5c),
+ U64(0x241c1c38241c1c38), U64(0xf1a6a657f1a6a657),
+ U64(0xc7b4b473c7b4b473), U64(0x51c6c69751c6c697),
+ U64(0x23e8e8cb23e8e8cb), U64(0x7cdddda17cdddda1),
+ U64(0x9c7474e89c7474e8), U64(0x211f1f3e211f1f3e),
+ U64(0xdd4b4b96dd4b4b96), U64(0xdcbdbd61dcbdbd61),
+ U64(0x868b8b0d868b8b0d), U64(0x858a8a0f858a8a0f),
+ U64(0x907070e0907070e0), U64(0x423e3e7c423e3e7c),
+ U64(0xc4b5b571c4b5b571), U64(0xaa6666ccaa6666cc),
+ U64(0xd8484890d8484890), U64(0x0503030605030306),
+ U64(0x01f6f6f701f6f6f7), U64(0x120e0e1c120e0e1c),
+ U64(0xa36161c2a36161c2), U64(0x5f35356a5f35356a),
+ U64(0xf95757aef95757ae), U64(0xd0b9b969d0b9b969),
+ U64(0x9186861791868617), U64(0x58c1c19958c1c199),
+ U64(0x271d1d3a271d1d3a), U64(0xb99e9e27b99e9e27),
+ U64(0x38e1e1d938e1e1d9), U64(0x13f8f8eb13f8f8eb),
+ U64(0xb398982bb398982b), U64(0x3311112233111122),
+ U64(0xbb6969d2bb6969d2), U64(0x70d9d9a970d9d9a9),
+ U64(0x898e8e07898e8e07), U64(0xa7949433a7949433),
+ U64(0xb69b9b2db69b9b2d), U64(0x221e1e3c221e1e3c),
+ U64(0x9287871592878715), U64(0x20e9e9c920e9e9c9),
+ U64(0x49cece8749cece87), U64(0xff5555aaff5555aa),
+ U64(0x7828285078282850), U64(0x7adfdfa57adfdfa5),
+ U64(0x8f8c8c038f8c8c03), U64(0xf8a1a159f8a1a159),
+ U64(0x8089890980898909), U64(0x170d0d1a170d0d1a),
+ U64(0xdabfbf65dabfbf65), U64(0x31e6e6d731e6e6d7),
+ U64(0xc6424284c6424284), U64(0xb86868d0b86868d0),
+ U64(0xc3414182c3414182), U64(0xb0999929b0999929),
+ U64(0x772d2d5a772d2d5a), U64(0x110f0f1e110f0f1e),
+ U64(0xcbb0b07bcbb0b07b), U64(0xfc5454a8fc5454a8),
+ U64(0xd6bbbb6dd6bbbb6d), U64(0x3a16162c3a16162c)
+};
+
+static const u8 Te4[256] = {
+ 0x63U, 0x7cU, 0x77U, 0x7bU, 0xf2U, 0x6bU, 0x6fU, 0xc5U,
+ 0x30U, 0x01U, 0x67U, 0x2bU, 0xfeU, 0xd7U, 0xabU, 0x76U,
+ 0xcaU, 0x82U, 0xc9U, 0x7dU, 0xfaU, 0x59U, 0x47U, 0xf0U,
+ 0xadU, 0xd4U, 0xa2U, 0xafU, 0x9cU, 0xa4U, 0x72U, 0xc0U,
+ 0xb7U, 0xfdU, 0x93U, 0x26U, 0x36U, 0x3fU, 0xf7U, 0xccU,
+ 0x34U, 0xa5U, 0xe5U, 0xf1U, 0x71U, 0xd8U, 0x31U, 0x15U,
+ 0x04U, 0xc7U, 0x23U, 0xc3U, 0x18U, 0x96U, 0x05U, 0x9aU,
+ 0x07U, 0x12U, 0x80U, 0xe2U, 0xebU, 0x27U, 0xb2U, 0x75U,
+ 0x09U, 0x83U, 0x2cU, 0x1aU, 0x1bU, 0x6eU, 0x5aU, 0xa0U,
+ 0x52U, 0x3bU, 0xd6U, 0xb3U, 0x29U, 0xe3U, 0x2fU, 0x84U,
+ 0x53U, 0xd1U, 0x00U, 0xedU, 0x20U, 0xfcU, 0xb1U, 0x5bU,
+ 0x6aU, 0xcbU, 0xbeU, 0x39U, 0x4aU, 0x4cU, 0x58U, 0xcfU,
+ 0xd0U, 0xefU, 0xaaU, 0xfbU, 0x43U, 0x4dU, 0x33U, 0x85U,
+ 0x45U, 0xf9U, 0x02U, 0x7fU, 0x50U, 0x3cU, 0x9fU, 0xa8U,
+ 0x51U, 0xa3U, 0x40U, 0x8fU, 0x92U, 0x9dU, 0x38U, 0xf5U,
+ 0xbcU, 0xb6U, 0xdaU, 0x21U, 0x10U, 0xffU, 0xf3U, 0xd2U,
+ 0xcdU, 0x0cU, 0x13U, 0xecU, 0x5fU, 0x97U, 0x44U, 0x17U,
+ 0xc4U, 0xa7U, 0x7eU, 0x3dU, 0x64U, 0x5dU, 0x19U, 0x73U,
+ 0x60U, 0x81U, 0x4fU, 0xdcU, 0x22U, 0x2aU, 0x90U, 0x88U,
+ 0x46U, 0xeeU, 0xb8U, 0x14U, 0xdeU, 0x5eU, 0x0bU, 0xdbU,
+ 0xe0U, 0x32U, 0x3aU, 0x0aU, 0x49U, 0x06U, 0x24U, 0x5cU,
+ 0xc2U, 0xd3U, 0xacU, 0x62U, 0x91U, 0x95U, 0xe4U, 0x79U,
+ 0xe7U, 0xc8U, 0x37U, 0x6dU, 0x8dU, 0xd5U, 0x4eU, 0xa9U,
+ 0x6cU, 0x56U, 0xf4U, 0xeaU, 0x65U, 0x7aU, 0xaeU, 0x08U,
+ 0xbaU, 0x78U, 0x25U, 0x2eU, 0x1cU, 0xa6U, 0xb4U, 0xc6U,
+ 0xe8U, 0xddU, 0x74U, 0x1fU, 0x4bU, 0xbdU, 0x8bU, 0x8aU,
+ 0x70U, 0x3eU, 0xb5U, 0x66U, 0x48U, 0x03U, 0xf6U, 0x0eU,
+ 0x61U, 0x35U, 0x57U, 0xb9U, 0x86U, 0xc1U, 0x1dU, 0x9eU,
+ 0xe1U, 0xf8U, 0x98U, 0x11U, 0x69U, 0xd9U, 0x8eU, 0x94U,
+ 0x9bU, 0x1eU, 0x87U, 0xe9U, 0xceU, 0x55U, 0x28U, 0xdfU,
+ 0x8cU, 0xa1U, 0x89U, 0x0dU, 0xbfU, 0xe6U, 0x42U, 0x68U,
+ 0x41U, 0x99U, 0x2dU, 0x0fU, 0xb0U, 0x54U, 0xbbU, 0x16U
+};
+
+static const u64 Td[256] = {
+ U64(0x50a7f45150a7f451), U64(0x5365417e5365417e),
+ U64(0xc3a4171ac3a4171a), U64(0x965e273a965e273a),
+ U64(0xcb6bab3bcb6bab3b), U64(0xf1459d1ff1459d1f),
+ U64(0xab58faacab58faac), U64(0x9303e34b9303e34b),
+ U64(0x55fa302055fa3020), U64(0xf66d76adf66d76ad),
+ U64(0x9176cc889176cc88), U64(0x254c02f5254c02f5),
+ U64(0xfcd7e54ffcd7e54f), U64(0xd7cb2ac5d7cb2ac5),
+ U64(0x8044352680443526), U64(0x8fa362b58fa362b5),
+ U64(0x495ab1de495ab1de), U64(0x671bba25671bba25),
+ U64(0x980eea45980eea45), U64(0xe1c0fe5de1c0fe5d),
+ U64(0x02752fc302752fc3), U64(0x12f04c8112f04c81),
+ U64(0xa397468da397468d), U64(0xc6f9d36bc6f9d36b),
+ U64(0xe75f8f03e75f8f03), U64(0x959c9215959c9215),
+ U64(0xeb7a6dbfeb7a6dbf), U64(0xda595295da595295),
+ U64(0x2d83bed42d83bed4), U64(0xd3217458d3217458),
+ U64(0x2969e0492969e049), U64(0x44c8c98e44c8c98e),
+ U64(0x6a89c2756a89c275), U64(0x78798ef478798ef4),
+ U64(0x6b3e58996b3e5899), U64(0xdd71b927dd71b927),
+ U64(0xb64fe1beb64fe1be), U64(0x17ad88f017ad88f0),
+ U64(0x66ac20c966ac20c9), U64(0xb43ace7db43ace7d),
+ U64(0x184adf63184adf63), U64(0x82311ae582311ae5),
+ U64(0x6033519760335197), U64(0x457f5362457f5362),
+ U64(0xe07764b1e07764b1), U64(0x84ae6bbb84ae6bbb),
+ U64(0x1ca081fe1ca081fe), U64(0x942b08f9942b08f9),
+ U64(0x5868487058684870), U64(0x19fd458f19fd458f),
+ U64(0x876cde94876cde94), U64(0xb7f87b52b7f87b52),
+ U64(0x23d373ab23d373ab), U64(0xe2024b72e2024b72),
+ U64(0x578f1fe3578f1fe3), U64(0x2aab55662aab5566),
+ U64(0x0728ebb20728ebb2), U64(0x03c2b52f03c2b52f),
+ U64(0x9a7bc5869a7bc586), U64(0xa50837d3a50837d3),
+ U64(0xf2872830f2872830), U64(0xb2a5bf23b2a5bf23),
+ U64(0xba6a0302ba6a0302), U64(0x5c8216ed5c8216ed),
+ U64(0x2b1ccf8a2b1ccf8a), U64(0x92b479a792b479a7),
+ U64(0xf0f207f3f0f207f3), U64(0xa1e2694ea1e2694e),
+ U64(0xcdf4da65cdf4da65), U64(0xd5be0506d5be0506),
+ U64(0x1f6234d11f6234d1), U64(0x8afea6c48afea6c4),
+ U64(0x9d532e349d532e34), U64(0xa055f3a2a055f3a2),
+ U64(0x32e18a0532e18a05), U64(0x75ebf6a475ebf6a4),
+ U64(0x39ec830b39ec830b), U64(0xaaef6040aaef6040),
+ U64(0x069f715e069f715e), U64(0x51106ebd51106ebd),
+ U64(0xf98a213ef98a213e), U64(0x3d06dd963d06dd96),
+ U64(0xae053eddae053edd), U64(0x46bde64d46bde64d),
+ U64(0xb58d5491b58d5491), U64(0x055dc471055dc471),
+ U64(0x6fd406046fd40604), U64(0xff155060ff155060),
+ U64(0x24fb981924fb9819), U64(0x97e9bdd697e9bdd6),
+ U64(0xcc434089cc434089), U64(0x779ed967779ed967),
+ U64(0xbd42e8b0bd42e8b0), U64(0x888b8907888b8907),
+ U64(0x385b19e7385b19e7), U64(0xdbeec879dbeec879),
+ U64(0x470a7ca1470a7ca1), U64(0xe90f427ce90f427c),
+ U64(0xc91e84f8c91e84f8), U64(0x0000000000000000),
+ U64(0x8386800983868009), U64(0x48ed2b3248ed2b32),
+ U64(0xac70111eac70111e), U64(0x4e725a6c4e725a6c),
+ U64(0xfbff0efdfbff0efd), U64(0x5638850f5638850f),
+ U64(0x1ed5ae3d1ed5ae3d), U64(0x27392d3627392d36),
+ U64(0x64d90f0a64d90f0a), U64(0x21a65c6821a65c68),
+ U64(0xd1545b9bd1545b9b), U64(0x3a2e36243a2e3624),
+ U64(0xb1670a0cb1670a0c), U64(0x0fe757930fe75793),
+ U64(0xd296eeb4d296eeb4), U64(0x9e919b1b9e919b1b),
+ U64(0x4fc5c0804fc5c080), U64(0xa220dc61a220dc61),
+ U64(0x694b775a694b775a), U64(0x161a121c161a121c),
+ U64(0x0aba93e20aba93e2), U64(0xe52aa0c0e52aa0c0),
+ U64(0x43e0223c43e0223c), U64(0x1d171b121d171b12),
+ U64(0x0b0d090e0b0d090e), U64(0xadc78bf2adc78bf2),
+ U64(0xb9a8b62db9a8b62d), U64(0xc8a91e14c8a91e14),
+ U64(0x8519f1578519f157), U64(0x4c0775af4c0775af),
+ U64(0xbbdd99eebbdd99ee), U64(0xfd607fa3fd607fa3),
+ U64(0x9f2601f79f2601f7), U64(0xbcf5725cbcf5725c),
+ U64(0xc53b6644c53b6644), U64(0x347efb5b347efb5b),
+ U64(0x7629438b7629438b), U64(0xdcc623cbdcc623cb),
+ U64(0x68fcedb668fcedb6), U64(0x63f1e4b863f1e4b8),
+ U64(0xcadc31d7cadc31d7), U64(0x1085634210856342),
+ U64(0x4022971340229713), U64(0x2011c6842011c684),
+ U64(0x7d244a857d244a85), U64(0xf83dbbd2f83dbbd2),
+ U64(0x1132f9ae1132f9ae), U64(0x6da129c76da129c7),
+ U64(0x4b2f9e1d4b2f9e1d), U64(0xf330b2dcf330b2dc),
+ U64(0xec52860dec52860d), U64(0xd0e3c177d0e3c177),
+ U64(0x6c16b32b6c16b32b), U64(0x99b970a999b970a9),
+ U64(0xfa489411fa489411), U64(0x2264e9472264e947),
+ U64(0xc48cfca8c48cfca8), U64(0x1a3ff0a01a3ff0a0),
+ U64(0xd82c7d56d82c7d56), U64(0xef903322ef903322),
+ U64(0xc74e4987c74e4987), U64(0xc1d138d9c1d138d9),
+ U64(0xfea2ca8cfea2ca8c), U64(0x360bd498360bd498),
+ U64(0xcf81f5a6cf81f5a6), U64(0x28de7aa528de7aa5),
+ U64(0x268eb7da268eb7da), U64(0xa4bfad3fa4bfad3f),
+ U64(0xe49d3a2ce49d3a2c), U64(0x0d9278500d927850),
+ U64(0x9bcc5f6a9bcc5f6a), U64(0x62467e5462467e54),
+ U64(0xc2138df6c2138df6), U64(0xe8b8d890e8b8d890),
+ U64(0x5ef7392e5ef7392e), U64(0xf5afc382f5afc382),
+ U64(0xbe805d9fbe805d9f), U64(0x7c93d0697c93d069),
+ U64(0xa92dd56fa92dd56f), U64(0xb31225cfb31225cf),
+ U64(0x3b99acc83b99acc8), U64(0xa77d1810a77d1810),
+ U64(0x6e639ce86e639ce8), U64(0x7bbb3bdb7bbb3bdb),
+ U64(0x097826cd097826cd), U64(0xf418596ef418596e),
+ U64(0x01b79aec01b79aec), U64(0xa89a4f83a89a4f83),
+ U64(0x656e95e6656e95e6), U64(0x7ee6ffaa7ee6ffaa),
+ U64(0x08cfbc2108cfbc21), U64(0xe6e815efe6e815ef),
+ U64(0xd99be7bad99be7ba), U64(0xce366f4ace366f4a),
+ U64(0xd4099fead4099fea), U64(0xd67cb029d67cb029),
+ U64(0xafb2a431afb2a431), U64(0x31233f2a31233f2a),
+ U64(0x3094a5c63094a5c6), U64(0xc066a235c066a235),
+ U64(0x37bc4e7437bc4e74), U64(0xa6ca82fca6ca82fc),
+ U64(0xb0d090e0b0d090e0), U64(0x15d8a73315d8a733),
+ U64(0x4a9804f14a9804f1), U64(0xf7daec41f7daec41),
+ U64(0x0e50cd7f0e50cd7f), U64(0x2ff691172ff69117),
+ U64(0x8dd64d768dd64d76), U64(0x4db0ef434db0ef43),
+ U64(0x544daacc544daacc), U64(0xdf0496e4df0496e4),
+ U64(0xe3b5d19ee3b5d19e), U64(0x1b886a4c1b886a4c),
+ U64(0xb81f2cc1b81f2cc1), U64(0x7f5165467f516546),
+ U64(0x04ea5e9d04ea5e9d), U64(0x5d358c015d358c01),
+ U64(0x737487fa737487fa), U64(0x2e410bfb2e410bfb),
+ U64(0x5a1d67b35a1d67b3), U64(0x52d2db9252d2db92),
+ U64(0x335610e9335610e9), U64(0x1347d66d1347d66d),
+ U64(0x8c61d79a8c61d79a), U64(0x7a0ca1377a0ca137),
+ U64(0x8e14f8598e14f859), U64(0x893c13eb893c13eb),
+ U64(0xee27a9ceee27a9ce), U64(0x35c961b735c961b7),
+ U64(0xede51ce1ede51ce1), U64(0x3cb1477a3cb1477a),
+ U64(0x59dfd29c59dfd29c), U64(0x3f73f2553f73f255),
+ U64(0x79ce141879ce1418), U64(0xbf37c773bf37c773),
+ U64(0xeacdf753eacdf753), U64(0x5baafd5f5baafd5f),
+ U64(0x146f3ddf146f3ddf), U64(0x86db447886db4478),
+ U64(0x81f3afca81f3afca), U64(0x3ec468b93ec468b9),
+ U64(0x2c3424382c342438), U64(0x5f40a3c25f40a3c2),
+ U64(0x72c31d1672c31d16), U64(0x0c25e2bc0c25e2bc),
+ U64(0x8b493c288b493c28), U64(0x41950dff41950dff),
+ U64(0x7101a8397101a839), U64(0xdeb30c08deb30c08),
+ U64(0x9ce4b4d89ce4b4d8), U64(0x90c1566490c15664),
+ U64(0x6184cb7b6184cb7b), U64(0x70b632d570b632d5),
+ U64(0x745c6c48745c6c48), U64(0x4257b8d04257b8d0)
+};
+static const u8 Td4[256] = {
+ 0x52U, 0x09U, 0x6aU, 0xd5U, 0x30U, 0x36U, 0xa5U, 0x38U,
+ 0xbfU, 0x40U, 0xa3U, 0x9eU, 0x81U, 0xf3U, 0xd7U, 0xfbU,
+ 0x7cU, 0xe3U, 0x39U, 0x82U, 0x9bU, 0x2fU, 0xffU, 0x87U,
+ 0x34U, 0x8eU, 0x43U, 0x44U, 0xc4U, 0xdeU, 0xe9U, 0xcbU,
+ 0x54U, 0x7bU, 0x94U, 0x32U, 0xa6U, 0xc2U, 0x23U, 0x3dU,
+ 0xeeU, 0x4cU, 0x95U, 0x0bU, 0x42U, 0xfaU, 0xc3U, 0x4eU,
+ 0x08U, 0x2eU, 0xa1U, 0x66U, 0x28U, 0xd9U, 0x24U, 0xb2U,
+ 0x76U, 0x5bU, 0xa2U, 0x49U, 0x6dU, 0x8bU, 0xd1U, 0x25U,
+ 0x72U, 0xf8U, 0xf6U, 0x64U, 0x86U, 0x68U, 0x98U, 0x16U,
+ 0xd4U, 0xa4U, 0x5cU, 0xccU, 0x5dU, 0x65U, 0xb6U, 0x92U,
+ 0x6cU, 0x70U, 0x48U, 0x50U, 0xfdU, 0xedU, 0xb9U, 0xdaU,
+ 0x5eU, 0x15U, 0x46U, 0x57U, 0xa7U, 0x8dU, 0x9dU, 0x84U,
+ 0x90U, 0xd8U, 0xabU, 0x00U, 0x8cU, 0xbcU, 0xd3U, 0x0aU,
+ 0xf7U, 0xe4U, 0x58U, 0x05U, 0xb8U, 0xb3U, 0x45U, 0x06U,
+ 0xd0U, 0x2cU, 0x1eU, 0x8fU, 0xcaU, 0x3fU, 0x0fU, 0x02U,
+ 0xc1U, 0xafU, 0xbdU, 0x03U, 0x01U, 0x13U, 0x8aU, 0x6bU,
+ 0x3aU, 0x91U, 0x11U, 0x41U, 0x4fU, 0x67U, 0xdcU, 0xeaU,
+ 0x97U, 0xf2U, 0xcfU, 0xceU, 0xf0U, 0xb4U, 0xe6U, 0x73U,
+ 0x96U, 0xacU, 0x74U, 0x22U, 0xe7U, 0xadU, 0x35U, 0x85U,
+ 0xe2U, 0xf9U, 0x37U, 0xe8U, 0x1cU, 0x75U, 0xdfU, 0x6eU,
+ 0x47U, 0xf1U, 0x1aU, 0x71U, 0x1dU, 0x29U, 0xc5U, 0x89U,
+ 0x6fU, 0xb7U, 0x62U, 0x0eU, 0xaaU, 0x18U, 0xbeU, 0x1bU,
+ 0xfcU, 0x56U, 0x3eU, 0x4bU, 0xc6U, 0xd2U, 0x79U, 0x20U,
+ 0x9aU, 0xdbU, 0xc0U, 0xfeU, 0x78U, 0xcdU, 0x5aU, 0xf4U,
+ 0x1fU, 0xddU, 0xa8U, 0x33U, 0x88U, 0x07U, 0xc7U, 0x31U,
+ 0xb1U, 0x12U, 0x10U, 0x59U, 0x27U, 0x80U, 0xecU, 0x5fU,
+ 0x60U, 0x51U, 0x7fU, 0xa9U, 0x19U, 0xb5U, 0x4aU, 0x0dU,
+ 0x2dU, 0xe5U, 0x7aU, 0x9fU, 0x93U, 0xc9U, 0x9cU, 0xefU,
+ 0xa0U, 0xe0U, 0x3bU, 0x4dU, 0xaeU, 0x2aU, 0xf5U, 0xb0U,
+ 0xc8U, 0xebU, 0xbbU, 0x3cU, 0x83U, 0x53U, 0x99U, 0x61U,
+ 0x17U, 0x2bU, 0x04U, 0x7eU, 0xbaU, 0x77U, 0xd6U, 0x26U,
+ 0xe1U, 0x69U, 0x14U, 0x63U, 0x55U, 0x21U, 0x0cU, 0x7dU
+};
+
+static const u32 rcon[] = {
+ 0x00000001U, 0x00000002U, 0x00000004U, 0x00000008U,
+ 0x00000010U, 0x00000020U, 0x00000040U, 0x00000080U,
+ 0x0000001bU, 0x00000036U, /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */
+};
+
+/**
+ * Expand the cipher key into the encryption key schedule.
+ */
+int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
+ AES_KEY *key)
+{
+
+ u32 *rk;
+ int i = 0;
+ u32 temp;
+
+ if (!userKey || !key)
+ return -1;
+ if (bits != 128 && bits != 192 && bits != 256)
+ return -2;
+
+ rk = key->rd_key;
+
+ if (bits==128)
+ key->rounds = 10;
+ else if (bits==192)
+ key->rounds = 12;
+ else
+ key->rounds = 14;
+
+ rk[0] = GETU32(userKey );
+ rk[1] = GETU32(userKey + 4);
+ rk[2] = GETU32(userKey + 8);
+ rk[3] = GETU32(userKey + 12);
+ if (bits == 128) {
+ while (1) {
+ temp = rk[3];
+ rk[4] = rk[0] ^
+ ((u32)Te4[(temp >> 8) & 0xff] ) ^
+ ((u32)Te4[(temp >> 16) & 0xff] << 8) ^
+ ((u32)Te4[(temp >> 24) ] << 16) ^
+ ((u32)Te4[(temp ) & 0xff] << 24) ^
+ rcon[i];
+ rk[5] = rk[1] ^ rk[4];
+ rk[6] = rk[2] ^ rk[5];
+ rk[7] = rk[3] ^ rk[6];
+ if (++i == 10) {
+ return 0;
+ }
+ rk += 4;
+ }
+ }
+ rk[4] = GETU32(userKey + 16);
+ rk[5] = GETU32(userKey + 20);
+ if (bits == 192) {
+ while (1) {
+ temp = rk[ 5];
+ rk[ 6] = rk[ 0] ^
+ ((u32)Te4[(temp >> 8) & 0xff] ) ^
+ ((u32)Te4[(temp >> 16) & 0xff] << 8) ^
+ ((u32)Te4[(temp >> 24) ] << 16) ^
+ ((u32)Te4[(temp ) & 0xff] << 24) ^
+ rcon[i];
+ rk[ 7] = rk[ 1] ^ rk[ 6];
+ rk[ 8] = rk[ 2] ^ rk[ 7];
+ rk[ 9] = rk[ 3] ^ rk[ 8];
+ if (++i == 8) {
+ return 0;
+ }
+ rk[10] = rk[ 4] ^ rk[ 9];
+ rk[11] = rk[ 5] ^ rk[10];
+ rk += 6;
+ }
+ }
+ rk[6] = GETU32(userKey + 24);
+ rk[7] = GETU32(userKey + 28);
+ if (bits == 256) {
+ while (1) {
+ temp = rk[ 7];
+ rk[ 8] = rk[ 0] ^
+ ((u32)Te4[(temp >> 8) & 0xff] ) ^
+ ((u32)Te4[(temp >> 16) & 0xff] << 8) ^
+ ((u32)Te4[(temp >> 24) ] << 16) ^
+ ((u32)Te4[(temp ) & 0xff] << 24) ^
+ rcon[i];
+ rk[ 9] = rk[ 1] ^ rk[ 8];
+ rk[10] = rk[ 2] ^ rk[ 9];
+ rk[11] = rk[ 3] ^ rk[10];
+ if (++i == 7) {
+ return 0;
+ }
+ temp = rk[11];
+ rk[12] = rk[ 4] ^
+ ((u32)Te4[(temp ) & 0xff] ) ^
+ ((u32)Te4[(temp >> 8) & 0xff] << 8) ^
+ ((u32)Te4[(temp >> 16) & 0xff] << 16) ^
+ ((u32)Te4[(temp >> 24) ] << 24);
+ rk[13] = rk[ 5] ^ rk[12];
+ rk[14] = rk[ 6] ^ rk[13];
+ rk[15] = rk[ 7] ^ rk[14];
+
+ rk += 8;
+ }
+ }
+ return 0;
+}
+
+/**
+ * Expand the cipher key into the decryption key schedule.
+ */
+int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
+ AES_KEY *key)
+{
+
+ u32 *rk;
+ int i, j, status;
+ u32 temp;
+
+ /* first, start with an encryption schedule */
+ status = AES_set_encrypt_key(userKey, bits, key);
+ if (status < 0)
+ return status;
+
+ rk = key->rd_key;
+
+ /* invert the order of the round keys: */
+ for (i = 0, j = 4*(key->rounds); i < j; i += 4, j -= 4) {
+ temp = rk[i ]; rk[i ] = rk[j ]; rk[j ] = temp;
+ temp = rk[i + 1]; rk[i + 1] = rk[j + 1]; rk[j + 1] = temp;
+ temp = rk[i + 2]; rk[i + 2] = rk[j + 2]; rk[j + 2] = temp;
+ temp = rk[i + 3]; rk[i + 3] = rk[j + 3]; rk[j + 3] = temp;
+ }
+ /* apply the inverse MixColumn transform to all round keys but the first and the last: */
+ for (i = 1; i < (key->rounds); i++) {
+ rk += 4;
+#if 1
+ for (j = 0; j < 4; j++) {
+ u32 tp1, tp2, tp4, tp8, tp9, tpb, tpd, tpe, m;
+
+ tp1 = rk[j];
+ m = tp1 & 0x80808080;
+ tp2 = ((tp1 & 0x7f7f7f7f) << 1) ^
+ ((m - (m >> 7)) & 0x1b1b1b1b);
+ m = tp2 & 0x80808080;
+ tp4 = ((tp2 & 0x7f7f7f7f) << 1) ^
+ ((m - (m >> 7)) & 0x1b1b1b1b);
+ m = tp4 & 0x80808080;
+ tp8 = ((tp4 & 0x7f7f7f7f) << 1) ^
+ ((m - (m >> 7)) & 0x1b1b1b1b);
+ tp9 = tp8 ^ tp1;
+ tpb = tp9 ^ tp2;
+ tpd = tp9 ^ tp4;
+ tpe = tp8 ^ tp4 ^ tp2;
+#if defined(ROTATE)
+ rk[j] = tpe ^ ROTATE(tpd,16) ^
+ ROTATE(tp9,8) ^ ROTATE(tpb,24);
+#else
+ rk[j] = tpe ^ (tpd >> 16) ^ (tpd << 16) ^
+ (tp9 >> 24) ^ (tp9 << 8) ^
+ (tpb >> 8) ^ (tpb << 24);
+#endif
+ }
+#else
+ rk[0] =
+ Td0[Te2[(rk[0] ) & 0xff] & 0xff] ^
+ Td1[Te2[(rk[0] >> 8) & 0xff] & 0xff] ^
+ Td2[Te2[(rk[0] >> 16) & 0xff] & 0xff] ^
+ Td3[Te2[(rk[0] >> 24) ] & 0xff];
+ rk[1] =
+ Td0[Te2[(rk[1] ) & 0xff] & 0xff] ^
+ Td1[Te2[(rk[1] >> 8) & 0xff] & 0xff] ^
+ Td2[Te2[(rk[1] >> 16) & 0xff] & 0xff] ^
+ Td3[Te2[(rk[1] >> 24) ] & 0xff];
+ rk[2] =
+ Td0[Te2[(rk[2] ) & 0xff] & 0xff] ^
+ Td1[Te2[(rk[2] >> 8) & 0xff] & 0xff] ^
+ Td2[Te2[(rk[2] >> 16) & 0xff] & 0xff] ^
+ Td3[Te2[(rk[2] >> 24) ] & 0xff];
+ rk[3] =
+ Td0[Te2[(rk[3] ) & 0xff] & 0xff] ^
+ Td1[Te2[(rk[3] >> 8) & 0xff] & 0xff] ^
+ Td2[Te2[(rk[3] >> 16) & 0xff] & 0xff] ^
+ Td3[Te2[(rk[3] >> 24) ] & 0xff];
+#endif
+ }
+ return 0;
+}
+
+/*
+ * Encrypt a single block
+ * in and out can overlap
+ */
+void AES_encrypt(const unsigned char *in, unsigned char *out,
+ const AES_KEY *key)
+{
+
+ const u32 *rk;
+ u32 s0, s1, s2, s3, t[4];
+ int r;
+
+ assert(in && out && key);
+ rk = key->rd_key;
+
+ /*
+ * map byte array block to cipher state
+ * and add initial round key:
+ */
+ s0 = GETU32(in ) ^ rk[0];
+ s1 = GETU32(in + 4) ^ rk[1];
+ s2 = GETU32(in + 8) ^ rk[2];
+ s3 = GETU32(in + 12) ^ rk[3];
+
+#if defined(AES_COMPACT_IN_OUTER_ROUNDS)
+ prefetch256(Te4);
+
+ t[0] = (u32)Te4[(s0 ) & 0xff] ^
+ (u32)Te4[(s1 >> 8) & 0xff] << 8 ^
+ (u32)Te4[(s2 >> 16) & 0xff] << 16 ^
+ (u32)Te4[(s3 >> 24) ] << 24;
+ t[1] = (u32)Te4[(s1 ) & 0xff] ^
+ (u32)Te4[(s2 >> 8) & 0xff] << 8 ^
+ (u32)Te4[(s3 >> 16) & 0xff] << 16 ^
+ (u32)Te4[(s0 >> 24) ] << 24;
+ t[2] = (u32)Te4[(s2 ) & 0xff] ^
+ (u32)Te4[(s3 >> 8) & 0xff] << 8 ^
+ (u32)Te4[(s0 >> 16) & 0xff] << 16 ^
+ (u32)Te4[(s1 >> 24) ] << 24;
+ t[3] = (u32)Te4[(s3 ) & 0xff] ^
+ (u32)Te4[(s0 >> 8) & 0xff] << 8 ^
+ (u32)Te4[(s1 >> 16) & 0xff] << 16 ^
+ (u32)Te4[(s2 >> 24) ] << 24;
+
+ /* now do the linear transform using words */
+ { int i;
+ u32 r0, r1, r2;
+
+ for (i = 0; i < 4; i++) {
+ r0 = t[i];
+ r1 = r0 & 0x80808080;
+ r2 = ((r0 & 0x7f7f7f7f) << 1) ^
+ ((r1 - (r1 >> 7)) & 0x1b1b1b1b);
+#if defined(ROTATE)
+ t[i] = r2 ^ ROTATE(r2,24) ^ ROTATE(r0,24) ^
+ ROTATE(r0,16) ^ ROTATE(r0,8);
+#else
+ t[i] = r2 ^ ((r2 ^ r0) << 24) ^ ((r2 ^ r0) >> 8) ^
+ (r0 << 16) ^ (r0 >> 16) ^
+ (r0 << 8) ^ (r0 >> 24);
+#endif
+ t[i] ^= rk[4+i];
+ }
+ }
+#else
+ t[0] = Te0[(s0 ) & 0xff] ^
+ Te1[(s1 >> 8) & 0xff] ^
+ Te2[(s2 >> 16) & 0xff] ^
+ Te3[(s3 >> 24) ] ^
+ rk[4];
+ t[1] = Te0[(s1 ) & 0xff] ^
+ Te1[(s2 >> 8) & 0xff] ^
+ Te2[(s3 >> 16) & 0xff] ^
+ Te3[(s0 >> 24) ] ^
+ rk[5];
+ t[2] = Te0[(s2 ) & 0xff] ^
+ Te1[(s3 >> 8) & 0xff] ^
+ Te2[(s0 >> 16) & 0xff] ^
+ Te3[(s1 >> 24) ] ^
+ rk[6];
+ t[3] = Te0[(s3 ) & 0xff] ^
+ Te1[(s0 >> 8) & 0xff] ^
+ Te2[(s1 >> 16) & 0xff] ^
+ Te3[(s2 >> 24) ] ^
+ rk[7];
+#endif
+ s0 = t[0]; s1 = t[1]; s2 = t[2]; s3 = t[3];
+
+ /*
+ * Nr - 2 full rounds:
+ */
+ for (rk+=8,r=key->rounds-2; r>0; rk+=4,r--) {
+#if defined(AES_COMPACT_IN_INNER_ROUNDS)
+ t[0] = (u32)Te4[(s0 ) & 0xff] ^
+ (u32)Te4[(s1 >> 8) & 0xff] << 8 ^
+ (u32)Te4[(s2 >> 16) & 0xff] << 16 ^
+ (u32)Te4[(s3 >> 24) ] << 24;
+ t[1] = (u32)Te4[(s1 ) & 0xff] ^
+ (u32)Te4[(s2 >> 8) & 0xff] << 8 ^
+ (u32)Te4[(s3 >> 16) & 0xff] << 16 ^
+ (u32)Te4[(s0 >> 24) ] << 24;
+ t[2] = (u32)Te4[(s2 ) & 0xff] ^
+ (u32)Te4[(s3 >> 8) & 0xff] << 8 ^
+ (u32)Te4[(s0 >> 16) & 0xff] << 16 ^
+ (u32)Te4[(s1 >> 24) ] << 24;
+ t[3] = (u32)Te4[(s3 ) & 0xff] ^
+ (u32)Te4[(s0 >> 8) & 0xff] << 8 ^
+ (u32)Te4[(s1 >> 16) & 0xff] << 16 ^
+ (u32)Te4[(s2 >> 24) ] << 24;
+
+ /* now do the linear transform using words */
+ {
+ int i;
+ u32 r0, r1, r2;
+
+ for (i = 0; i < 4; i++) {
+ r0 = t[i];
+ r1 = r0 & 0x80808080;
+ r2 = ((r0 & 0x7f7f7f7f) << 1) ^
+ ((r1 - (r1 >> 7)) & 0x1b1b1b1b);
+#if defined(ROTATE)
+ t[i] = r2 ^ ROTATE(r2,24) ^ ROTATE(r0,24) ^
+ ROTATE(r0,16) ^ ROTATE(r0,8);
+#else
+ t[i] = r2 ^ ((r2 ^ r0) << 24) ^ ((r2 ^ r0) >> 8) ^
+ (r0 << 16) ^ (r0 >> 16) ^
+ (r0 << 8) ^ (r0 >> 24);
+#endif
+ t[i] ^= rk[i];
+ }
+ }
+#else
+ t[0] = Te0[(s0 ) & 0xff] ^
+ Te1[(s1 >> 8) & 0xff] ^
+ Te2[(s2 >> 16) & 0xff] ^
+ Te3[(s3 >> 24) ] ^
+ rk[0];
+ t[1] = Te0[(s1 ) & 0xff] ^
+ Te1[(s2 >> 8) & 0xff] ^
+ Te2[(s3 >> 16) & 0xff] ^
+ Te3[(s0 >> 24) ] ^
+ rk[1];
+ t[2] = Te0[(s2 ) & 0xff] ^
+ Te1[(s3 >> 8) & 0xff] ^
+ Te2[(s0 >> 16) & 0xff] ^
+ Te3[(s1 >> 24) ] ^
+ rk[2];
+ t[3] = Te0[(s3 ) & 0xff] ^
+ Te1[(s0 >> 8) & 0xff] ^
+ Te2[(s1 >> 16) & 0xff] ^
+ Te3[(s2 >> 24) ] ^
+ rk[3];
+#endif
+ s0 = t[0]; s1 = t[1]; s2 = t[2]; s3 = t[3];
+ }
+ /*
+ * apply last round and
+ * map cipher state to byte array block:
+ */
+#if defined(AES_COMPACT_IN_OUTER_ROUNDS)
+ prefetch256(Te4);
+
+ *(u32*)(out+0) =
+ (u32)Te4[(s0 ) & 0xff] ^
+ (u32)Te4[(s1 >> 8) & 0xff] << 8 ^
+ (u32)Te4[(s2 >> 16) & 0xff] << 16 ^
+ (u32)Te4[(s3 >> 24) ] << 24 ^
+ rk[0];
+ *(u32*)(out+4) =
+ (u32)Te4[(s1 ) & 0xff] ^
+ (u32)Te4[(s2 >> 8) & 0xff] << 8 ^
+ (u32)Te4[(s3 >> 16) & 0xff] << 16 ^
+ (u32)Te4[(s0 >> 24) ] << 24 ^
+ rk[1];
+ *(u32*)(out+8) =
+ (u32)Te4[(s2 ) & 0xff] ^
+ (u32)Te4[(s3 >> 8) & 0xff] << 8 ^
+ (u32)Te4[(s0 >> 16) & 0xff] << 16 ^
+ (u32)Te4[(s1 >> 24) ] << 24 ^
+ rk[2];
+ *(u32*)(out+12) =
+ (u32)Te4[(s3 ) & 0xff] ^
+ (u32)Te4[(s0 >> 8) & 0xff] << 8 ^
+ (u32)Te4[(s1 >> 16) & 0xff] << 16 ^
+ (u32)Te4[(s2 >> 24) ] << 24 ^
+ rk[3];
+#else
+ *(u32*)(out+0) =
+ (Te2[(s0 ) & 0xff] & 0x000000ffU) ^
+ (Te3[(s1 >> 8) & 0xff] & 0x0000ff00U) ^
+ (Te0[(s2 >> 16) & 0xff] & 0x00ff0000U) ^
+ (Te1[(s3 >> 24) ] & 0xff000000U) ^
+ rk[0];
+ *(u32*)(out+4) =
+ (Te2[(s1 ) & 0xff] & 0x000000ffU) ^
+ (Te3[(s2 >> 8) & 0xff] & 0x0000ff00U) ^
+ (Te0[(s3 >> 16) & 0xff] & 0x00ff0000U) ^
+ (Te1[(s0 >> 24) ] & 0xff000000U) ^
+ rk[1];
+ *(u32*)(out+8) =
+ (Te2[(s2 ) & 0xff] & 0x000000ffU) ^
+ (Te3[(s3 >> 8) & 0xff] & 0x0000ff00U) ^
+ (Te0[(s0 >> 16) & 0xff] & 0x00ff0000U) ^
+ (Te1[(s1 >> 24) ] & 0xff000000U) ^
+ rk[2];
+ *(u32*)(out+12) =
+ (Te2[(s3 ) & 0xff] & 0x000000ffU) ^
+ (Te3[(s0 >> 8) & 0xff] & 0x0000ff00U) ^
+ (Te0[(s1 >> 16) & 0xff] & 0x00ff0000U) ^
+ (Te1[(s2 >> 24) ] & 0xff000000U) ^
+ rk[3];
+#endif
+}
+
+/*
+ * Decrypt a single block
+ * in and out can overlap
+ */
+void AES_decrypt(const unsigned char *in, unsigned char *out,
+ const AES_KEY *key)
+{
+
+ const u32 *rk;
+ u32 s0, s1, s2, s3, t[4];
+ int r;
+
+ assert(in && out && key);
+ rk = key->rd_key;
+
+ /*
+ * map byte array block to cipher state
+ * and add initial round key:
+ */
+ s0 = GETU32(in ) ^ rk[0];
+ s1 = GETU32(in + 4) ^ rk[1];
+ s2 = GETU32(in + 8) ^ rk[2];
+ s3 = GETU32(in + 12) ^ rk[3];
+
+#if defined(AES_COMPACT_IN_OUTER_ROUNDS)
+ prefetch256(Td4);
+
+ t[0] = (u32)Td4[(s0 ) & 0xff] ^
+ (u32)Td4[(s3 >> 8) & 0xff] << 8 ^
+ (u32)Td4[(s2 >> 16) & 0xff] << 16 ^
+ (u32)Td4[(s1 >> 24) ] << 24;
+ t[1] = (u32)Td4[(s1 ) & 0xff] ^
+ (u32)Td4[(s0 >> 8) & 0xff] << 8 ^
+ (u32)Td4[(s3 >> 16) & 0xff] << 16 ^
+ (u32)Td4[(s2 >> 24) ] << 24;
+ t[2] = (u32)Td4[(s2 ) & 0xff] ^
+ (u32)Td4[(s1 >> 8) & 0xff] << 8 ^
+ (u32)Td4[(s0 >> 16) & 0xff] << 16 ^
+ (u32)Td4[(s3 >> 24) ] << 24;
+ t[3] = (u32)Td4[(s3 ) & 0xff] ^
+ (u32)Td4[(s2 >> 8) & 0xff] << 8 ^
+ (u32)Td4[(s1 >> 16) & 0xff] << 16 ^
+ (u32)Td4[(s0 >> 24) ] << 24;
+
+ /* now do the linear transform using words */
+ {
+ int i;
+ u32 tp1, tp2, tp4, tp8, tp9, tpb, tpd, tpe, m;
+
+ for (i = 0; i < 4; i++) {
+ tp1 = t[i];
+ m = tp1 & 0x80808080;
+ tp2 = ((tp1 & 0x7f7f7f7f) << 1) ^
+ ((m - (m >> 7)) & 0x1b1b1b1b);
+ m = tp2 & 0x80808080;
+ tp4 = ((tp2 & 0x7f7f7f7f) << 1) ^
+ ((m - (m >> 7)) & 0x1b1b1b1b);
+ m = tp4 & 0x80808080;
+ tp8 = ((tp4 & 0x7f7f7f7f) << 1) ^
+ ((m - (m >> 7)) & 0x1b1b1b1b);
+ tp9 = tp8 ^ tp1;
+ tpb = tp9 ^ tp2;
+ tpd = tp9 ^ tp4;
+ tpe = tp8 ^ tp4 ^ tp2;
+#if defined(ROTATE)
+ t[i] = tpe ^ ROTATE(tpd,16) ^
+ ROTATE(tp9,8) ^ ROTATE(tpb,24);
+#else
+ t[i] = tpe ^ (tpd >> 16) ^ (tpd << 16) ^
+ (tp9 >> 24) ^ (tp9 << 8) ^
+ (tpb >> 8) ^ (tpb << 24);
+#endif
+ t[i] ^= rk[4+i];
+ }
+ }
+#else
+ t[0] = Td0[(s0 ) & 0xff] ^
+ Td1[(s3 >> 8) & 0xff] ^
+ Td2[(s2 >> 16) & 0xff] ^
+ Td3[(s1 >> 24) ] ^
+ rk[4];
+ t[1] = Td0[(s1 ) & 0xff] ^
+ Td1[(s0 >> 8) & 0xff] ^
+ Td2[(s3 >> 16) & 0xff] ^
+ Td3[(s2 >> 24) ] ^
+ rk[5];
+ t[2] = Td0[(s2 ) & 0xff] ^
+ Td1[(s1 >> 8) & 0xff] ^
+ Td2[(s0 >> 16) & 0xff] ^
+ Td3[(s3 >> 24) ] ^
+ rk[6];
+ t[3] = Td0[(s3 ) & 0xff] ^
+ Td1[(s2 >> 8) & 0xff] ^
+ Td2[(s1 >> 16) & 0xff] ^
+ Td3[(s0 >> 24) ] ^
+ rk[7];
+#endif
+ s0 = t[0]; s1 = t[1]; s2 = t[2]; s3 = t[3];
+
+ /*
+ * Nr - 2 full rounds:
+ */
+ for (rk+=8,r=key->rounds-2; r>0; rk+=4,r--) {
+#if defined(AES_COMPACT_IN_INNER_ROUNDS)
+ t[0] = (u32)Td4[(s0 ) & 0xff] ^
+ (u32)Td4[(s3 >> 8) & 0xff] << 8 ^
+ (u32)Td4[(s2 >> 16) & 0xff] << 16 ^
+ (u32)Td4[(s1 >> 24) ] << 24;
+ t[1] = (u32)Td4[(s1 ) & 0xff] ^
+ (u32)Td4[(s0 >> 8) & 0xff] << 8 ^
+ (u32)Td4[(s3 >> 16) & 0xff] << 16 ^
+ (u32)Td4[(s2 >> 24) ] << 24;
+ t[2] = (u32)Td4[(s2 ) & 0xff] ^
+ (u32)Td4[(s1 >> 8) & 0xff] << 8 ^
+ (u32)Td4[(s0 >> 16) & 0xff] << 16 ^
+ (u32)Td4[(s3 >> 24) ] << 24;
+ t[3] = (u32)Td4[(s3 ) & 0xff] ^
+ (u32)Td4[(s2 >> 8) & 0xff] << 8 ^
+ (u32)Td4[(s1 >> 16) & 0xff] << 16 ^
+ (u32)Td4[(s0 >> 24) ] << 24;
+
+ /* now do the linear transform using words */
+ {
+ int i;
+ u32 tp1, tp2, tp4, tp8, tp9, tpb, tpd, tpe, m;
+
+ for (i = 0; i < 4; i++) {
+ tp1 = t[i];
+ m = tp1 & 0x80808080;
+ tp2 = ((tp1 & 0x7f7f7f7f) << 1) ^
+ ((m - (m >> 7)) & 0x1b1b1b1b);
+ m = tp2 & 0x80808080;
+ tp4 = ((tp2 & 0x7f7f7f7f) << 1) ^
+ ((m - (m >> 7)) & 0x1b1b1b1b);
+ m = tp4 & 0x80808080;
+ tp8 = ((tp4 & 0x7f7f7f7f) << 1) ^
+ ((m - (m >> 7)) & 0x1b1b1b1b);
+ tp9 = tp8 ^ tp1;
+ tpb = tp9 ^ tp2;
+ tpd = tp9 ^ tp4;
+ tpe = tp8 ^ tp4 ^ tp2;
+#if defined(ROTATE)
+ t[i] = tpe ^ ROTATE(tpd,16) ^
+ ROTATE(tp9,8) ^ ROTATE(tpb,24);
+#else
+ t[i] = tpe ^ (tpd >> 16) ^ (tpd << 16) ^
+ (tp9 >> 24) ^ (tp9 << 8) ^
+ (tpb >> 8) ^ (tpb << 24);
+#endif
+ t[i] ^= rk[i];
+ }
+ }
+#else
+ t[0] = Td0[(s0 ) & 0xff] ^
+ Td1[(s3 >> 8) & 0xff] ^
+ Td2[(s2 >> 16) & 0xff] ^
+ Td3[(s1 >> 24) ] ^
+ rk[0];
+ t[1] = Td0[(s1 ) & 0xff] ^
+ Td1[(s0 >> 8) & 0xff] ^
+ Td2[(s3 >> 16) & 0xff] ^
+ Td3[(s2 >> 24) ] ^
+ rk[1];
+ t[2] = Td0[(s2 ) & 0xff] ^
+ Td1[(s1 >> 8) & 0xff] ^
+ Td2[(s0 >> 16) & 0xff] ^
+ Td3[(s3 >> 24) ] ^
+ rk[2];
+ t[3] = Td0[(s3 ) & 0xff] ^
+ Td1[(s2 >> 8) & 0xff] ^
+ Td2[(s1 >> 16) & 0xff] ^
+ Td3[(s0 >> 24) ] ^
+ rk[3];
+#endif
+ s0 = t[0]; s1 = t[1]; s2 = t[2]; s3 = t[3];
+ }
+ /*
+ * apply last round and
+ * map cipher state to byte array block:
+ */
+ prefetch256(Td4);
+
+ *(u32*)(out+0) =
+ ((u32)Td4[(s0 ) & 0xff]) ^
+ ((u32)Td4[(s3 >> 8) & 0xff] << 8) ^
+ ((u32)Td4[(s2 >> 16) & 0xff] << 16) ^
+ ((u32)Td4[(s1 >> 24) ] << 24) ^
+ rk[0];
+ *(u32*)(out+4) =
+ ((u32)Td4[(s1 ) & 0xff]) ^
+ ((u32)Td4[(s0 >> 8) & 0xff] << 8) ^
+ ((u32)Td4[(s3 >> 16) & 0xff] << 16) ^
+ ((u32)Td4[(s2 >> 24) ] << 24) ^
+ rk[1];
+ *(u32*)(out+8) =
+ ((u32)Td4[(s2 ) & 0xff]) ^
+ ((u32)Td4[(s1 >> 8) & 0xff] << 8) ^
+ ((u32)Td4[(s0 >> 16) & 0xff] << 16) ^
+ ((u32)Td4[(s3 >> 24) ] << 24) ^
+ rk[2];
+ *(u32*)(out+12) =
+ ((u32)Td4[(s3 ) & 0xff]) ^
+ ((u32)Td4[(s2 >> 8) & 0xff] << 8) ^
+ ((u32)Td4[(s1 >> 16) & 0xff] << 16) ^
+ ((u32)Td4[(s0 >> 24) ] << 24) ^
+ rk[3];
+}
Modified: trunk/crypto/openssl/crypto/aes/asm/aes-586.pl
===================================================================
--- trunk/crypto/openssl/crypto/aes/asm/aes-586.pl 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/aes/asm/aes-586.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -2,11 +2,12 @@
#
# ====================================================================
# Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
-# project. Rights for redistribution and usage in source and binary
-# forms are granted according to the OpenSSL license.
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
# ====================================================================
#
-# Version 3.6.
+# Version 4.3.
#
# You might fail to appreciate this module performance from the first
# try. If compared to "vanilla" linux-ia32-icc target, i.e. considered
@@ -38,7 +39,7 @@
# but exhibits up to 10% improvement on other cores.
#
# Second version is "monolithic" replacement for aes_core.c, which in
-# addition to AES_[de|en]crypt implements AES_set_[de|en]cryption_key.
+# addition to AES_[de|en]crypt implements private_AES_set_[de|en]cryption_key.
# This made it possible to implement little-endian variant of the
# algorithm without modifying the base C code. Motivating factor for
# the undertaken effort was that it appeared that in tight IA-32
@@ -81,11 +82,117 @@
# AMD K8 20 19
# PIII 25 23
# Pentium 81 78
+#
+# Version 3.7 reimplements outer rounds as "compact." Meaning that
+# first and last rounds reference compact 256 bytes S-box. This means
+# that first round consumes a lot more CPU cycles and that encrypt
+# and decrypt performance becomes asymmetric. Encrypt performance
+# drops by 10-12%, while decrypt - by 20-25%:-( 256 bytes S-box is
+# aggressively pre-fetched.
+#
+# Version 4.0 effectively rolls back to 3.6 and instead implements
+# additional set of functions, _[x86|sse]_AES_[en|de]crypt_compact,
+# which use exclusively 256 byte S-box. These functions are to be
+# called in modes not concealing plain text, such as ECB, or when
+# we're asked to process smaller amount of data [or unconditionally
+# on hyper-threading CPU]. Currently it's called unconditionally from
+# AES_[en|de]crypt, which affects all modes, but CBC. CBC routine
+# still needs to be modified to switch between slower and faster
+# mode when appropriate... But in either case benchmark landscape
+# changes dramatically and below numbers are CPU cycles per processed
+# byte for 128-bit key.
+#
+# ECB encrypt ECB decrypt CBC large chunk
+# P4 56[60] 84[100] 23
+# AMD K8 48[44] 70[79] 18
+# PIII 41[50] 61[91] 24
+# Core 2 32[38] 45[70] 18.5
+# Pentium 120 160 77
+#
+# Version 4.1 switches to compact S-box even in key schedule setup.
+#
+# Version 4.2 prefetches compact S-box in every SSE round or in other
+# words every cache-line is *guaranteed* to be accessed within ~50
+# cycles window. Why just SSE? Because it's needed on hyper-threading
+# CPU! Which is also why it's prefetched with 64 byte stride. Best
+# part is that it has no negative effect on performance:-)
+#
+# Version 4.3 implements switch between compact and non-compact block
+# functions in AES_cbc_encrypt depending on how much data was asked
+# to be processed in one stroke.
+#
+######################################################################
+# Timing attacks are classified in two classes: synchronous when
+# attacker consciously initiates cryptographic operation and collects
+# timing data of various character afterwards, and asynchronous when
+# malicious code is executed on same CPU simultaneously with AES,
+# instruments itself and performs statistical analysis of this data.
+#
+# As far as synchronous attacks go the root to the AES timing
+# vulnerability is twofold. Firstly, of 256 S-box elements at most 160
+# are referred to in single 128-bit block operation. Well, in C
+# implementation with 4 distinct tables it's actually as little as 40
+# references per 256 elements table, but anyway... Secondly, even
+# though S-box elements are clustered into smaller amount of cache-
+# lines, smaller than 160 and even 40, it turned out that for certain
+# plain-text pattern[s] or simply put chosen plain-text and given key
+# few cache-lines remain unaccessed during block operation. Now, if
+# attacker can figure out this access pattern, he can deduct the key
+# [or at least part of it]. The natural way to mitigate this kind of
+# attacks is to minimize the amount of cache-lines in S-box and/or
+# prefetch them to ensure that every one is accessed for more uniform
+# timing. But note that *if* plain-text was concealed in such way that
+# input to block function is distributed *uniformly*, then attack
+# wouldn't apply. Now note that some encryption modes, most notably
+# CBC, do mask the plain-text in this exact way [secure cipher output
+# is distributed uniformly]. Yes, one still might find input that
+# would reveal the information about given key, but if amount of
+# candidate inputs to be tried is larger than amount of possible key
+# combinations then attack becomes infeasible. This is why revised
+# AES_cbc_encrypt "dares" to switch to larger S-box when larger chunk
+# of data is to be processed in one stroke. The current size limit of
+# 512 bytes is chosen to provide same [diminishigly low] probability
+# for cache-line to remain untouched in large chunk operation with
+# large S-box as for single block operation with compact S-box and
+# surely needs more careful consideration...
+#
+# As for asynchronous attacks. There are two flavours: attacker code
+# being interleaved with AES on hyper-threading CPU at *instruction*
+# level, and two processes time sharing single core. As for latter.
+# Two vectors. 1. Given that attacker process has higher priority,
+# yield execution to process performing AES just before timer fires
+# off the scheduler, immediately regain control of CPU and analyze the
+# cache state. For this attack to be efficient attacker would have to
+# effectively slow down the operation by several *orders* of magnitute,
+# by ratio of time slice to duration of handful of AES rounds, which
+# unlikely to remain unnoticed. Not to mention that this also means
+# that he would spend correspondigly more time to collect enough
+# statistical data to mount the attack. It's probably appropriate to
+# say that if adeversary reckons that this attack is beneficial and
+# risks to be noticed, you probably have larger problems having him
+# mere opportunity. In other words suggested code design expects you
+# to preclude/mitigate this attack by overall system security design.
+# 2. Attacker manages to make his code interrupt driven. In order for
+# this kind of attack to be feasible, interrupt rate has to be high
+# enough, again comparable to duration of handful of AES rounds. But
+# is there interrupt source of such rate? Hardly, not even 1Gbps NIC
+# generates interrupts at such raging rate...
+#
+# And now back to the former, hyper-threading CPU or more specifically
+# Intel P4. Recall that asynchronous attack implies that malicious
+# code instruments itself. And naturally instrumentation granularity
+# has be noticeably lower than duration of codepath accessing S-box.
+# Given that all cache-lines are accessed during that time that is.
+# Current implementation accesses *all* cache-lines within ~50 cycles
+# window, which is actually *less* than RDTSC latency on Intel P4!
-push(@INC,"perlasm","../../perlasm");
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
require "x86asm.pl";
-&asm_init($ARGV[0],"aes-586.pl",$ARGV[$#ARGV] eq "386");
+&asm_init($ARGV[0],"aes-586.pl",$x86only = $ARGV[$#ARGV] eq "386");
+&static_label("AES_Te");
+&static_label("AES_Td");
$s0="eax";
$s1="ebx";
@@ -93,21 +200,36 @@
$s3="edx";
$key="edi";
$acc="esi";
+$tbl="ebp";
-$compromise=0; # $compromise=128 abstains from copying key
- # schedule to stack when encrypting inputs
- # shorter than 128 bytes at the cost of
- # risksing aliasing with S-boxes. In return
- # you get way better, up to +70%, small block
- # performance.
+# stack frame layout in _[x86|sse]_AES_* routines, frame is allocated
+# by caller
+$__ra=&DWP(0,"esp"); # return address
+$__s0=&DWP(4,"esp"); # s0 backing store
+$__s1=&DWP(8,"esp"); # s1 backing store
+$__s2=&DWP(12,"esp"); # s2 backing store
+$__s3=&DWP(16,"esp"); # s3 backing store
+$__key=&DWP(20,"esp"); # pointer to key schedule
+$__end=&DWP(24,"esp"); # pointer to end of key schedule
+$__tbl=&DWP(28,"esp"); # %ebp backing store
+
+# stack frame layout in AES_[en|crypt] routines, which differs from
+# above by 4 and overlaps by %ebp backing store
+$_tbl=&DWP(24,"esp");
+$_esp=&DWP(28,"esp");
+
+sub _data_word() { my $i; while(defined($i=shift)) { &data_word($i,$i); } }
+
+$speed_limit=512; # chunks smaller than $speed_limit are
+ # processed with compact routine in CBC mode
$small_footprint=1; # $small_footprint=1 code is ~5% slower [on
# recent \xB5-archs], but ~5 times smaller!
# I favor compact code to minimize cache
# contention and in hope to "collect" 5% back
# in real-life applications...
+
$vertical_spin=0; # shift "verticaly" defaults to 0, because of
# its proof-of-concept status...
-
# Note that there is no decvert(), as well as last encryption round is
# performed with "horizontal" shifts. This is because this "vertical"
# implementation [one which groups shifts on a given $s[i] to form a
@@ -170,10 +292,477 @@
&movz ($v0,&HB($v1));
&and ($v1,0xFF);
&xor ($s[3],&DWP(2,$te,$v1,8)); # s1>>16
- &mov ($key,&DWP(12,"esp")); # reincarnate v1 as key
+ &mov ($key,$__key); # reincarnate v1 as key
&xor ($s[2],&DWP(1,$te,$v0,8)); # s1>>24
}
+# Another experimental routine, which features "horizontal spin," but
+# eliminates one reference to stack. Strangely enough runs slower...
+sub enchoriz()
+{ my $v0 = $key, $v1 = $acc;
+
+ &movz ($v0,&LB($s0)); # 3, 2, 1, 0*
+ &rotr ($s2,8); # 8,11,10, 9
+ &mov ($v1,&DWP(0,$te,$v0,8)); # 0
+ &movz ($v0,&HB($s1)); # 7, 6, 5*, 4
+ &rotr ($s3,16); # 13,12,15,14
+ &xor ($v1,&DWP(3,$te,$v0,8)); # 5
+ &movz ($v0,&HB($s2)); # 8,11,10*, 9
+ &rotr ($s0,16); # 1, 0, 3, 2
+ &xor ($v1,&DWP(2,$te,$v0,8)); # 10
+ &movz ($v0,&HB($s3)); # 13,12,15*,14
+ &xor ($v1,&DWP(1,$te,$v0,8)); # 15, t[0] collected
+ &mov ($__s0,$v1); # t[0] saved
+
+ &movz ($v0,&LB($s1)); # 7, 6, 5, 4*
+ &shr ($s1,16); # -, -, 7, 6
+ &mov ($v1,&DWP(0,$te,$v0,8)); # 4
+ &movz ($v0,&LB($s3)); # 13,12,15,14*
+ &xor ($v1,&DWP(2,$te,$v0,8)); # 14
+ &movz ($v0,&HB($s0)); # 1, 0, 3*, 2
+ &and ($s3,0xffff0000); # 13,12, -, -
+ &xor ($v1,&DWP(1,$te,$v0,8)); # 3
+ &movz ($v0,&LB($s2)); # 8,11,10, 9*
+ &or ($s3,$s1); # 13,12, 7, 6
+ &xor ($v1,&DWP(3,$te,$v0,8)); # 9, t[1] collected
+ &mov ($s1,$v1); # s[1]=t[1]
+
+ &movz ($v0,&LB($s0)); # 1, 0, 3, 2*
+ &shr ($s2,16); # -, -, 8,11
+ &mov ($v1,&DWP(2,$te,$v0,8)); # 2
+ &movz ($v0,&HB($s3)); # 13,12, 7*, 6
+ &xor ($v1,&DWP(1,$te,$v0,8)); # 7
+ &movz ($v0,&HB($s2)); # -, -, 8*,11
+ &xor ($v1,&DWP(0,$te,$v0,8)); # 8
+ &mov ($v0,$s3);
+ &shr ($v0,24); # 13
+ &xor ($v1,&DWP(3,$te,$v0,8)); # 13, t[2] collected
+
+ &movz ($v0,&LB($s2)); # -, -, 8,11*
+ &shr ($s0,24); # 1*
+ &mov ($s2,&DWP(1,$te,$v0,8)); # 11
+ &xor ($s2,&DWP(3,$te,$s0,8)); # 1
+ &mov ($s0,$__s0); # s[0]=t[0]
+ &movz ($v0,&LB($s3)); # 13,12, 7, 6*
+ &shr ($s3,16); # , ,13,12
+ &xor ($s2,&DWP(2,$te,$v0,8)); # 6
+ &mov ($key,$__key); # reincarnate v0 as key
+ &and ($s3,0xff); # , ,13,12*
+ &mov ($s3,&DWP(0,$te,$s3,8)); # 12
+ &xor ($s3,$s2); # s[2]=t[3] collected
+ &mov ($s2,$v1); # s[2]=t[2]
+}
+
+# More experimental code... SSE one... Even though this one eliminates
+# *all* references to stack, it's not faster...
+sub sse_encbody()
+{
+ &movz ($acc,&LB("eax")); # 0
+ &mov ("ecx",&DWP(0,$tbl,$acc,8)); # 0
+ &pshufw ("mm2","mm0",0x0d); # 7, 6, 3, 2
+ &movz ("edx",&HB("eax")); # 1
+ &mov ("edx",&DWP(3,$tbl,"edx",8)); # 1
+ &shr ("eax",16); # 5, 4
+
+ &movz ($acc,&LB("ebx")); # 10
+ &xor ("ecx",&DWP(2,$tbl,$acc,8)); # 10
+ &pshufw ("mm6","mm4",0x08); # 13,12, 9, 8
+ &movz ($acc,&HB("ebx")); # 11
+ &xor ("edx",&DWP(1,$tbl,$acc,8)); # 11
+ &shr ("ebx",16); # 15,14
+
+ &movz ($acc,&HB("eax")); # 5
+ &xor ("ecx",&DWP(3,$tbl,$acc,8)); # 5
+ &movq ("mm3",QWP(16,$key));
+ &movz ($acc,&HB("ebx")); # 15
+ &xor ("ecx",&DWP(1,$tbl,$acc,8)); # 15
+ &movd ("mm0","ecx"); # t[0] collected
+
+ &movz ($acc,&LB("eax")); # 4
+ &mov ("ecx",&DWP(0,$tbl,$acc,8)); # 4
+ &movd ("eax","mm2"); # 7, 6, 3, 2
+ &movz ($acc,&LB("ebx")); # 14
+ &xor ("ecx",&DWP(2,$tbl,$acc,8)); # 14
+ &movd ("ebx","mm6"); # 13,12, 9, 8
+
+ &movz ($acc,&HB("eax")); # 3
+ &xor ("ecx",&DWP(1,$tbl,$acc,8)); # 3
+ &movz ($acc,&HB("ebx")); # 9
+ &xor ("ecx",&DWP(3,$tbl,$acc,8)); # 9
+ &movd ("mm1","ecx"); # t[1] collected
+
+ &movz ($acc,&LB("eax")); # 2
+ &mov ("ecx",&DWP(2,$tbl,$acc,8)); # 2
+ &shr ("eax",16); # 7, 6
+ &punpckldq ("mm0","mm1"); # t[0,1] collected
+ &movz ($acc,&LB("ebx")); # 8
+ &xor ("ecx",&DWP(0,$tbl,$acc,8)); # 8
+ &shr ("ebx",16); # 13,12
+
+ &movz ($acc,&HB("eax")); # 7
+ &xor ("ecx",&DWP(1,$tbl,$acc,8)); # 7
+ &pxor ("mm0","mm3");
+ &movz ("eax",&LB("eax")); # 6
+ &xor ("edx",&DWP(2,$tbl,"eax",8)); # 6
+ &pshufw ("mm1","mm0",0x08); # 5, 4, 1, 0
+ &movz ($acc,&HB("ebx")); # 13
+ &xor ("ecx",&DWP(3,$tbl,$acc,8)); # 13
+ &xor ("ecx",&DWP(24,$key)); # t[2]
+ &movd ("mm4","ecx"); # t[2] collected
+ &movz ("ebx",&LB("ebx")); # 12
+ &xor ("edx",&DWP(0,$tbl,"ebx",8)); # 12
+ &shr ("ecx",16);
+ &movd ("eax","mm1"); # 5, 4, 1, 0
+ &mov ("ebx",&DWP(28,$key)); # t[3]
+ &xor ("ebx","edx");
+ &movd ("mm5","ebx"); # t[3] collected
+ &and ("ebx",0xffff0000);
+ &or ("ebx","ecx");
+
+ &punpckldq ("mm4","mm5"); # t[2,3] collected
+}
+
+######################################################################
+# "Compact" block function
+######################################################################
+
+sub enccompact()
+{ my $Fn = mov;
+ while ($#_>5) { pop(@_); $Fn=sub{}; }
+ my ($i,$te, at s)=@_;
+ my $tmp = $key;
+ my $out = $i==3?$s[0]:$acc;
+
+ # $Fn is used in first compact round and its purpose is to
+ # void restoration of some values from stack, so that after
+ # 4xenccompact with extra argument $key value is left there...
+ if ($i==3) { &$Fn ($key,$__key); }##%edx
+ else { &mov ($out,$s[0]); }
+ &and ($out,0xFF);
+ if ($i==1) { &shr ($s[0],16); }#%ebx[1]
+ if ($i==2) { &shr ($s[0],24); }#%ecx[2]
+ &movz ($out,&BP(-128,$te,$out,1));
+
+ if ($i==3) { $tmp=$s[1]; }##%eax
+ &movz ($tmp,&HB($s[1]));
+ &movz ($tmp,&BP(-128,$te,$tmp,1));
+ &shl ($tmp,8);
+ &xor ($out,$tmp);
+
+ if ($i==3) { $tmp=$s[2]; &mov ($s[1],$__s0); }##%ebx
+ else { &mov ($tmp,$s[2]);
+ &shr ($tmp,16); }
+ if ($i==2) { &and ($s[1],0xFF); }#%edx[2]
+ &and ($tmp,0xFF);
+ &movz ($tmp,&BP(-128,$te,$tmp,1));
+ &shl ($tmp,16);
+ &xor ($out,$tmp);
+
+ if ($i==3) { $tmp=$s[3]; &mov ($s[2],$__s1); }##%ecx
+ elsif($i==2){ &movz ($tmp,&HB($s[3])); }#%ebx[2]
+ else { &mov ($tmp,$s[3]);
+ &shr ($tmp,24); }
+ &movz ($tmp,&BP(-128,$te,$tmp,1));
+ &shl ($tmp,24);
+ &xor ($out,$tmp);
+ if ($i<2) { &mov (&DWP(4+4*$i,"esp"),$out); }
+ if ($i==3) { &mov ($s[3],$acc); }
+ &comment();
+}
+
+sub enctransform()
+{ my @s = ($s0,$s1,$s2,$s3);
+ my $i = shift;
+ my $tmp = $tbl;
+ my $r2 = $key ;
+
+ &mov ($acc,$s[$i]);
+ &and ($acc,0x80808080);
+ &mov ($tmp,$acc);
+ &shr ($tmp,7);
+ &lea ($r2,&DWP(0,$s[$i],$s[$i]));
+ &sub ($acc,$tmp);
+ &and ($r2,0xfefefefe);
+ &and ($acc,0x1b1b1b1b);
+ &mov ($tmp,$s[$i]);
+ &xor ($acc,$r2); # r2
+
+ &xor ($s[$i],$acc); # r0 ^ r2
+ &rotl ($s[$i],24);
+ &xor ($s[$i],$acc) # ROTATE(r2^r0,24) ^ r2
+ &rotr ($tmp,16);
+ &xor ($s[$i],$tmp);
+ &rotr ($tmp,8);
+ &xor ($s[$i],$tmp);
+}
+
+&function_begin_B("_x86_AES_encrypt_compact");
+ # note that caller is expected to allocate stack frame for me!
+ &mov ($__key,$key); # save key
+
+ &xor ($s0,&DWP(0,$key)); # xor with key
+ &xor ($s1,&DWP(4,$key));
+ &xor ($s2,&DWP(8,$key));
+ &xor ($s3,&DWP(12,$key));
+
+ &mov ($acc,&DWP(240,$key)); # load key->rounds
+ &lea ($acc,&DWP(-2,$acc,$acc));
+ &lea ($acc,&DWP(0,$key,$acc,8));
+ &mov ($__end,$acc); # end of key schedule
+
+ # prefetch Te4
+ &mov ($key,&DWP(0-128,$tbl));
+ &mov ($acc,&DWP(32-128,$tbl));
+ &mov ($key,&DWP(64-128,$tbl));
+ &mov ($acc,&DWP(96-128,$tbl));
+ &mov ($key,&DWP(128-128,$tbl));
+ &mov ($acc,&DWP(160-128,$tbl));
+ &mov ($key,&DWP(192-128,$tbl));
+ &mov ($acc,&DWP(224-128,$tbl));
+
+ &set_label("loop",16);
+
+ &enccompact(0,$tbl,$s0,$s1,$s2,$s3,1);
+ &enccompact(1,$tbl,$s1,$s2,$s3,$s0,1);
+ &enccompact(2,$tbl,$s2,$s3,$s0,$s1,1);
+ &enccompact(3,$tbl,$s3,$s0,$s1,$s2,1);
+ &enctransform(2);
+ &enctransform(3);
+ &enctransform(0);
+ &enctransform(1);
+ &mov ($key,$__key);
+ &mov ($tbl,$__tbl);
+ &add ($key,16); # advance rd_key
+ &xor ($s0,&DWP(0,$key));
+ &xor ($s1,&DWP(4,$key));
+ &xor ($s2,&DWP(8,$key));
+ &xor ($s3,&DWP(12,$key));
+
+ &cmp ($key,$__end);
+ &mov ($__key,$key);
+ &jb (&label("loop"));
+
+ &enccompact(0,$tbl,$s0,$s1,$s2,$s3);
+ &enccompact(1,$tbl,$s1,$s2,$s3,$s0);
+ &enccompact(2,$tbl,$s2,$s3,$s0,$s1);
+ &enccompact(3,$tbl,$s3,$s0,$s1,$s2);
+
+ &xor ($s0,&DWP(16,$key));
+ &xor ($s1,&DWP(20,$key));
+ &xor ($s2,&DWP(24,$key));
+ &xor ($s3,&DWP(28,$key));
+
+ &ret ();
+&function_end_B("_x86_AES_encrypt_compact");
+
+######################################################################
+# "Compact" SSE block function.
+######################################################################
+#
+# Performance is not actually extraordinary in comparison to pure
+# x86 code. In particular encrypt performance is virtually the same.
+# Decrypt performance on the other hand is 15-20% better on newer
+# \xB5-archs [but we're thankful for *any* improvement here], and ~50%
+# better on PIII:-) And additionally on the pros side this code
+# eliminates redundant references to stack and thus relieves/
+# minimizes the pressure on the memory bus.
+#
+# MMX register layout lsb
+# +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
+# | mm4 | mm0 |
+# +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
+# | s3 | s2 | s1 | s0 |
+# +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
+# |15|14|13|12|11|10| 9| 8| 7| 6| 5| 4| 3| 2| 1| 0|
+# +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
+#
+# Indexes translate as s[N/4]>>(8*(N%4)), e.g. 5 means s1>>8.
+# In this terms encryption and decryption "compact" permutation
+# matrices can be depicted as following:
+#
+# encryption lsb # decryption lsb
+# +----++----+----+----+----+ # +----++----+----+----+----+
+# | t0 || 15 | 10 | 5 | 0 | # | t0 || 7 | 10 | 13 | 0 |
+# +----++----+----+----+----+ # +----++----+----+----+----+
+# | t1 || 3 | 14 | 9 | 4 | # | t1 || 11 | 14 | 1 | 4 |
+# +----++----+----+----+----+ # +----++----+----+----+----+
+# | t2 || 7 | 2 | 13 | 8 | # | t2 || 15 | 2 | 5 | 8 |
+# +----++----+----+----+----+ # +----++----+----+----+----+
+# | t3 || 11 | 6 | 1 | 12 | # | t3 || 3 | 6 | 9 | 12 |
+# +----++----+----+----+----+ # +----++----+----+----+----+
+#
+######################################################################
+# Why not xmm registers? Short answer. It was actually tested and
+# was not any faster, but *contrary*, most notably on Intel CPUs.
+# Longer answer. Main advantage of using mm registers is that movd
+# latency is lower, especially on Intel P4. While arithmetic
+# instructions are twice as many, they can be scheduled every cycle
+# and not every second one when they are operating on xmm register,
+# so that "arithmetic throughput" remains virtually the same. And
+# finally the code can be executed even on elder SSE-only CPUs:-)
+
+sub sse_enccompact()
+{
+ &pshufw ("mm1","mm0",0x08); # 5, 4, 1, 0
+ &pshufw ("mm5","mm4",0x0d); # 15,14,11,10
+ &movd ("eax","mm1"); # 5, 4, 1, 0
+ &movd ("ebx","mm5"); # 15,14,11,10
+
+ &movz ($acc,&LB("eax")); # 0
+ &movz ("ecx",&BP(-128,$tbl,$acc,1)); # 0
+ &pshufw ("mm2","mm0",0x0d); # 7, 6, 3, 2
+ &movz ("edx",&HB("eax")); # 1
+ &movz ("edx",&BP(-128,$tbl,"edx",1)); # 1
+ &shl ("edx",8); # 1
+ &shr ("eax",16); # 5, 4
+
+ &movz ($acc,&LB("ebx")); # 10
+ &movz ($acc,&BP(-128,$tbl,$acc,1)); # 10
+ &shl ($acc,16); # 10
+ &or ("ecx",$acc); # 10
+ &pshufw ("mm6","mm4",0x08); # 13,12, 9, 8
+ &movz ($acc,&HB("ebx")); # 11
+ &movz ($acc,&BP(-128,$tbl,$acc,1)); # 11
+ &shl ($acc,24); # 11
+ &or ("edx",$acc); # 11
+ &shr ("ebx",16); # 15,14
+
+ &movz ($acc,&HB("eax")); # 5
+ &movz ($acc,&BP(-128,$tbl,$acc,1)); # 5
+ &shl ($acc,8); # 5
+ &or ("ecx",$acc); # 5
+ &movz ($acc,&HB("ebx")); # 15
+ &movz ($acc,&BP(-128,$tbl,$acc,1)); # 15
+ &shl ($acc,24); # 15
+ &or ("ecx",$acc); # 15
+ &movd ("mm0","ecx"); # t[0] collected
+
+ &movz ($acc,&LB("eax")); # 4
+ &movz ("ecx",&BP(-128,$tbl,$acc,1)); # 4
+ &movd ("eax","mm2"); # 7, 6, 3, 2
+ &movz ($acc,&LB("ebx")); # 14
+ &movz ($acc,&BP(-128,$tbl,$acc,1)); # 14
+ &shl ($acc,16); # 14
+ &or ("ecx",$acc); # 14
+
+ &movd ("ebx","mm6"); # 13,12, 9, 8
+ &movz ($acc,&HB("eax")); # 3
+ &movz ($acc,&BP(-128,$tbl,$acc,1)); # 3
+ &shl ($acc,24); # 3
+ &or ("ecx",$acc); # 3
+ &movz ($acc,&HB("ebx")); # 9
+ &movz ($acc,&BP(-128,$tbl,$acc,1)); # 9
+ &shl ($acc,8); # 9
+ &or ("ecx",$acc); # 9
+ &movd ("mm1","ecx"); # t[1] collected
+
+ &movz ($acc,&LB("ebx")); # 8
+ &movz ("ecx",&BP(-128,$tbl,$acc,1)); # 8
+ &shr ("ebx",16); # 13,12
+ &movz ($acc,&LB("eax")); # 2
+ &movz ($acc,&BP(-128,$tbl,$acc,1)); # 2
+ &shl ($acc,16); # 2
+ &or ("ecx",$acc); # 2
+ &shr ("eax",16); # 7, 6
+
+ &punpckldq ("mm0","mm1"); # t[0,1] collected
+
+ &movz ($acc,&HB("eax")); # 7
+ &movz ($acc,&BP(-128,$tbl,$acc,1)); # 7
+ &shl ($acc,24); # 7
+ &or ("ecx",$acc); # 7
+ &and ("eax",0xff); # 6
+ &movz ("eax",&BP(-128,$tbl,"eax",1)); # 6
+ &shl ("eax",16); # 6
+ &or ("edx","eax"); # 6
+ &movz ($acc,&HB("ebx")); # 13
+ &movz ($acc,&BP(-128,$tbl,$acc,1)); # 13
+ &shl ($acc,8); # 13
+ &or ("ecx",$acc); # 13
+ &movd ("mm4","ecx"); # t[2] collected
+ &and ("ebx",0xff); # 12
+ &movz ("ebx",&BP(-128,$tbl,"ebx",1)); # 12
+ &or ("edx","ebx"); # 12
+ &movd ("mm5","edx"); # t[3] collected
+
+ &punpckldq ("mm4","mm5"); # t[2,3] collected
+}
+
+ if (!$x86only) {
+&function_begin_B("_sse_AES_encrypt_compact");
+ &pxor ("mm0",&QWP(0,$key)); # 7, 6, 5, 4, 3, 2, 1, 0
+ &pxor ("mm4",&QWP(8,$key)); # 15,14,13,12,11,10, 9, 8
+
+ # note that caller is expected to allocate stack frame for me!
+ &mov ($acc,&DWP(240,$key)); # load key->rounds
+ &lea ($acc,&DWP(-2,$acc,$acc));
+ &lea ($acc,&DWP(0,$key,$acc,8));
+ &mov ($__end,$acc); # end of key schedule
+
+ &mov ($s0,0x1b1b1b1b); # magic constant
+ &mov (&DWP(8,"esp"),$s0);
+ &mov (&DWP(12,"esp"),$s0);
+
+ # prefetch Te4
+ &mov ($s0,&DWP(0-128,$tbl));
+ &mov ($s1,&DWP(32-128,$tbl));
+ &mov ($s2,&DWP(64-128,$tbl));
+ &mov ($s3,&DWP(96-128,$tbl));
+ &mov ($s0,&DWP(128-128,$tbl));
+ &mov ($s1,&DWP(160-128,$tbl));
+ &mov ($s2,&DWP(192-128,$tbl));
+ &mov ($s3,&DWP(224-128,$tbl));
+
+ &set_label("loop",16);
+ &sse_enccompact();
+ &add ($key,16);
+ &cmp ($key,$__end);
+ &ja (&label("out"));
+
+ &movq ("mm2",&QWP(8,"esp"));
+ &pxor ("mm3","mm3"); &pxor ("mm7","mm7");
+ &movq ("mm1","mm0"); &movq ("mm5","mm4"); # r0
+ &pcmpgtb("mm3","mm0"); &pcmpgtb("mm7","mm4");
+ &pand ("mm3","mm2"); &pand ("mm7","mm2");
+ &pshufw ("mm2","mm0",0xb1); &pshufw ("mm6","mm4",0xb1);# ROTATE(r0,16)
+ &paddb ("mm0","mm0"); &paddb ("mm4","mm4");
+ &pxor ("mm0","mm3"); &pxor ("mm4","mm7"); # = r2
+ &pshufw ("mm3","mm2",0xb1); &pshufw ("mm7","mm6",0xb1);# r0
+ &pxor ("mm1","mm0"); &pxor ("mm5","mm4"); # r0^r2
+ &pxor ("mm0","mm2"); &pxor ("mm4","mm6"); # ^= ROTATE(r0,16)
+
+ &movq ("mm2","mm3"); &movq ("mm6","mm7");
+ &pslld ("mm3",8); &pslld ("mm7",8);
+ &psrld ("mm2",24); &psrld ("mm6",24);
+ &pxor ("mm0","mm3"); &pxor ("mm4","mm7"); # ^= r0<<8
+ &pxor ("mm0","mm2"); &pxor ("mm4","mm6"); # ^= r0>>24
+
+ &movq ("mm3","mm1"); &movq ("mm7","mm5");
+ &movq ("mm2",&QWP(0,$key)); &movq ("mm6",&QWP(8,$key));
+ &psrld ("mm1",8); &psrld ("mm5",8);
+ &mov ($s0,&DWP(0-128,$tbl));
+ &pslld ("mm3",24); &pslld ("mm7",24);
+ &mov ($s1,&DWP(64-128,$tbl));
+ &pxor ("mm0","mm1"); &pxor ("mm4","mm5"); # ^= (r2^r0)<<8
+ &mov ($s2,&DWP(128-128,$tbl));
+ &pxor ("mm0","mm3"); &pxor ("mm4","mm7"); # ^= (r2^r0)>>24
+ &mov ($s3,&DWP(192-128,$tbl));
+
+ &pxor ("mm0","mm2"); &pxor ("mm4","mm6");
+ &jmp (&label("loop"));
+
+ &set_label("out",16);
+ &pxor ("mm0",&QWP(0,$key));
+ &pxor ("mm4",&QWP(8,$key));
+
+ &ret ();
+&function_end_B("_sse_AES_encrypt_compact");
+ }
+
+######################################################################
+# Vanilla block function.
+######################################################################
+
sub encstep()
{ my ($i,$te, at s) = @_;
my $tmp = $key;
@@ -180,7 +769,7 @@
my $out = $i==3?$s[0]:$acc;
# lines marked with #%e?x[i] denote "reordered" instructions...
- if ($i==3) { &mov ($key,&DWP(12,"esp")); }##%edx
+ if ($i==3) { &mov ($key,$__key); }##%edx
else { &mov ($out,$s[0]);
&and ($out,0xFF); }
if ($i==1) { &shr ($s[0],16); }#%ebx[1]
@@ -191,7 +780,7 @@
&movz ($tmp,&HB($s[1]));
&xor ($out,&DWP(3,$te,$tmp,8));
- if ($i==3) { $tmp=$s[2]; &mov ($s[1],&DWP(4,"esp")); }##%ebx
+ if ($i==3) { $tmp=$s[2]; &mov ($s[1],$__s0); }##%ebx
else { &mov ($tmp,$s[2]);
&shr ($tmp,16); }
if ($i==2) { &and ($s[1],0xFF); }#%edx[2]
@@ -198,7 +787,7 @@
&and ($tmp,0xFF);
&xor ($out,&DWP(2,$te,$tmp,8));
- if ($i==3) { $tmp=$s[3]; &mov ($s[2],&DWP(8,"esp")); }##%ecx
+ if ($i==3) { $tmp=$s[3]; &mov ($s[2],$__s1); }##%ecx
elsif($i==2){ &movz ($tmp,&HB($s[3])); }#%ebx[2]
else { &mov ($tmp,$s[3]);
&shr ($tmp,24) }
@@ -213,7 +802,7 @@
my $tmp = $key;
my $out = $i==3?$s[0]:$acc;
- if ($i==3) { &mov ($key,&DWP(12,"esp")); }##%edx
+ if ($i==3) { &mov ($key,$__key); }##%edx
else { &mov ($out,$s[0]); }
&and ($out,0xFF);
if ($i==1) { &shr ($s[0],16); }#%ebx[1]
@@ -227,8 +816,8 @@
&and ($tmp,0x0000ff00);
&xor ($out,$tmp);
- if ($i==3) { $tmp=$s[2]; &mov ($s[1],&DWP(4,"esp")); }##%ebx
- else { mov ($tmp,$s[2]);
+ if ($i==3) { $tmp=$s[2]; &mov ($s[1],$__s0); }##%ebx
+ else { &mov ($tmp,$s[2]);
&shr ($tmp,16); }
if ($i==2) { &and ($s[1],0xFF); }#%edx[2]
&and ($tmp,0xFF);
@@ -236,7 +825,7 @@
&and ($tmp,0x00ff0000);
&xor ($out,$tmp);
- if ($i==3) { $tmp=$s[3]; &mov ($s[2],&DWP(8,"esp")); }##%ecx
+ if ($i==3) { $tmp=$s[3]; &mov ($s[2],$__s1); }##%ecx
elsif($i==2){ &movz ($tmp,&HB($s[3])); }#%ebx[2]
else { &mov ($tmp,$s[3]);
&shr ($tmp,24); }
@@ -247,9 +836,6 @@
if ($i==3) { &mov ($s[3],$acc); }
}
-sub _data_word() { my $i; while(defined($i=shift)) { &data_word($i,$i); } }
-
-&public_label("AES_Te");
&function_begin_B("_x86_AES_encrypt");
if ($vertical_spin) {
# I need high parts of volatile registers to be accessible...
@@ -258,7 +844,7 @@
}
# note that caller is expected to allocate stack frame for me!
- &mov (&DWP(12,"esp"),$key); # save key
+ &mov ($__key,$key); # save key
&xor ($s0,&DWP(0,$key)); # xor with key
&xor ($s1,&DWP(4,$key));
@@ -270,16 +856,16 @@
if ($small_footprint) {
&lea ($acc,&DWP(-2,$acc,$acc));
&lea ($acc,&DWP(0,$key,$acc,8));
- &mov (&DWP(16,"esp"),$acc); # end of key schedule
- &align (4);
- &set_label("loop");
+ &mov ($__end,$acc); # end of key schedule
+
+ &set_label("loop",16);
if ($vertical_spin) {
- &encvert("ebp",$s0,$s1,$s2,$s3);
+ &encvert($tbl,$s0,$s1,$s2,$s3);
} else {
- &encstep(0,"ebp",$s0,$s1,$s2,$s3);
- &encstep(1,"ebp",$s1,$s2,$s3,$s0);
- &encstep(2,"ebp",$s2,$s3,$s0,$s1);
- &encstep(3,"ebp",$s3,$s0,$s1,$s2);
+ &encstep(0,$tbl,$s0,$s1,$s2,$s3);
+ &encstep(1,$tbl,$s1,$s2,$s3,$s0);
+ &encstep(2,$tbl,$s2,$s3,$s0,$s1);
+ &encstep(3,$tbl,$s3,$s0,$s1,$s2);
}
&add ($key,16); # advance rd_key
&xor ($s0,&DWP(0,$key));
@@ -286,8 +872,8 @@
&xor ($s1,&DWP(4,$key));
&xor ($s2,&DWP(8,$key));
&xor ($s3,&DWP(12,$key));
- &cmp ($key,&DWP(16,"esp"));
- &mov (&DWP(12,"esp"),$key);
+ &cmp ($key,$__end);
+ &mov ($__key,$key);
&jb (&label("loop"));
}
else {
@@ -296,15 +882,15 @@
&cmp ($acc,12);
&jle (&label("12rounds"));
- &set_label("14rounds");
+ &set_label("14rounds",4);
for ($i=1;$i<3;$i++) {
if ($vertical_spin) {
- &encvert("ebp",$s0,$s1,$s2,$s3);
+ &encvert($tbl,$s0,$s1,$s2,$s3);
} else {
- &encstep(0,"ebp",$s0,$s1,$s2,$s3);
- &encstep(1,"ebp",$s1,$s2,$s3,$s0);
- &encstep(2,"ebp",$s2,$s3,$s0,$s1);
- &encstep(3,"ebp",$s3,$s0,$s1,$s2);
+ &encstep(0,$tbl,$s0,$s1,$s2,$s3);
+ &encstep(1,$tbl,$s1,$s2,$s3,$s0);
+ &encstep(2,$tbl,$s2,$s3,$s0,$s1);
+ &encstep(3,$tbl,$s3,$s0,$s1,$s2);
}
&xor ($s0,&DWP(16*$i+0,$key));
&xor ($s1,&DWP(16*$i+4,$key));
@@ -312,16 +898,16 @@
&xor ($s3,&DWP(16*$i+12,$key));
}
&add ($key,32);
- &mov (&DWP(12,"esp"),$key); # advance rd_key
- &set_label("12rounds");
+ &mov ($__key,$key); # advance rd_key
+ &set_label("12rounds",4);
for ($i=1;$i<3;$i++) {
if ($vertical_spin) {
- &encvert("ebp",$s0,$s1,$s2,$s3);
+ &encvert($tbl,$s0,$s1,$s2,$s3);
} else {
- &encstep(0,"ebp",$s0,$s1,$s2,$s3);
- &encstep(1,"ebp",$s1,$s2,$s3,$s0);
- &encstep(2,"ebp",$s2,$s3,$s0,$s1);
- &encstep(3,"ebp",$s3,$s0,$s1,$s2);
+ &encstep(0,$tbl,$s0,$s1,$s2,$s3);
+ &encstep(1,$tbl,$s1,$s2,$s3,$s0);
+ &encstep(2,$tbl,$s2,$s3,$s0,$s1);
+ &encstep(3,$tbl,$s3,$s0,$s1,$s2);
}
&xor ($s0,&DWP(16*$i+0,$key));
&xor ($s1,&DWP(16*$i+4,$key));
@@ -329,16 +915,16 @@
&xor ($s3,&DWP(16*$i+12,$key));
}
&add ($key,32);
- &mov (&DWP(12,"esp"),$key); # advance rd_key
- &set_label("10rounds");
+ &mov ($__key,$key); # advance rd_key
+ &set_label("10rounds",4);
for ($i=1;$i<10;$i++) {
if ($vertical_spin) {
- &encvert("ebp",$s0,$s1,$s2,$s3);
+ &encvert($tbl,$s0,$s1,$s2,$s3);
} else {
- &encstep(0,"ebp",$s0,$s1,$s2,$s3);
- &encstep(1,"ebp",$s1,$s2,$s3,$s0);
- &encstep(2,"ebp",$s2,$s3,$s0,$s1);
- &encstep(3,"ebp",$s3,$s0,$s1,$s2);
+ &encstep(0,$tbl,$s0,$s1,$s2,$s3);
+ &encstep(1,$tbl,$s1,$s2,$s3,$s0);
+ &encstep(2,$tbl,$s2,$s3,$s0,$s1);
+ &encstep(3,$tbl,$s3,$s0,$s1,$s2);
}
&xor ($s0,&DWP(16*$i+0,$key));
&xor ($s1,&DWP(16*$i+4,$key));
@@ -352,10 +938,10 @@
&mov ($s1="ebx",$key="edi");
&mov ($s2="ecx",$acc="esi");
}
- &enclast(0,"ebp",$s0,$s1,$s2,$s3);
- &enclast(1,"ebp",$s1,$s2,$s3,$s0);
- &enclast(2,"ebp",$s2,$s3,$s0,$s1);
- &enclast(3,"ebp",$s3,$s0,$s1,$s2);
+ &enclast(0,$tbl,$s0,$s1,$s2,$s3);
+ &enclast(1,$tbl,$s1,$s2,$s3,$s0);
+ &enclast(2,$tbl,$s2,$s3,$s0,$s1);
+ &enclast(3,$tbl,$s3,$s0,$s1,$s2);
&add ($key,$small_footprint?16:160);
&xor ($s0,&DWP(0,$key));
@@ -430,38 +1016,198 @@
&_data_word(0xdabfbf65, 0x31e6e6d7, 0xc6424284, 0xb86868d0);
&_data_word(0xc3414182, 0xb0999929, 0x772d2d5a, 0x110f0f1e);
&_data_word(0xcbb0b07b, 0xfc5454a8, 0xd6bbbb6d, 0x3a16162c);
+
+#Te4 # four copies of Te4 to choose from to avoid L1 aliasing
+ &data_byte(0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5);
+ &data_byte(0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76);
+ &data_byte(0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0);
+ &data_byte(0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0);
+ &data_byte(0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc);
+ &data_byte(0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15);
+ &data_byte(0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a);
+ &data_byte(0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75);
+ &data_byte(0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0);
+ &data_byte(0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84);
+ &data_byte(0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b);
+ &data_byte(0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf);
+ &data_byte(0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85);
+ &data_byte(0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8);
+ &data_byte(0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5);
+ &data_byte(0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2);
+ &data_byte(0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17);
+ &data_byte(0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73);
+ &data_byte(0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88);
+ &data_byte(0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb);
+ &data_byte(0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c);
+ &data_byte(0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79);
+ &data_byte(0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9);
+ &data_byte(0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08);
+ &data_byte(0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6);
+ &data_byte(0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a);
+ &data_byte(0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e);
+ &data_byte(0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e);
+ &data_byte(0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94);
+ &data_byte(0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf);
+ &data_byte(0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68);
+ &data_byte(0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16);
+
+ &data_byte(0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5);
+ &data_byte(0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76);
+ &data_byte(0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0);
+ &data_byte(0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0);
+ &data_byte(0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc);
+ &data_byte(0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15);
+ &data_byte(0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a);
+ &data_byte(0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75);
+ &data_byte(0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0);
+ &data_byte(0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84);
+ &data_byte(0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b);
+ &data_byte(0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf);
+ &data_byte(0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85);
+ &data_byte(0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8);
+ &data_byte(0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5);
+ &data_byte(0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2);
+ &data_byte(0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17);
+ &data_byte(0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73);
+ &data_byte(0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88);
+ &data_byte(0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb);
+ &data_byte(0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c);
+ &data_byte(0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79);
+ &data_byte(0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9);
+ &data_byte(0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08);
+ &data_byte(0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6);
+ &data_byte(0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a);
+ &data_byte(0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e);
+ &data_byte(0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e);
+ &data_byte(0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94);
+ &data_byte(0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf);
+ &data_byte(0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68);
+ &data_byte(0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16);
+
+ &data_byte(0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5);
+ &data_byte(0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76);
+ &data_byte(0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0);
+ &data_byte(0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0);
+ &data_byte(0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc);
+ &data_byte(0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15);
+ &data_byte(0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a);
+ &data_byte(0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75);
+ &data_byte(0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0);
+ &data_byte(0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84);
+ &data_byte(0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b);
+ &data_byte(0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf);
+ &data_byte(0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85);
+ &data_byte(0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8);
+ &data_byte(0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5);
+ &data_byte(0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2);
+ &data_byte(0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17);
+ &data_byte(0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73);
+ &data_byte(0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88);
+ &data_byte(0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb);
+ &data_byte(0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c);
+ &data_byte(0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79);
+ &data_byte(0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9);
+ &data_byte(0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08);
+ &data_byte(0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6);
+ &data_byte(0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a);
+ &data_byte(0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e);
+ &data_byte(0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e);
+ &data_byte(0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94);
+ &data_byte(0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf);
+ &data_byte(0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68);
+ &data_byte(0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16);
+
+ &data_byte(0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5);
+ &data_byte(0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76);
+ &data_byte(0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0);
+ &data_byte(0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0);
+ &data_byte(0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc);
+ &data_byte(0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15);
+ &data_byte(0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a);
+ &data_byte(0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75);
+ &data_byte(0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0);
+ &data_byte(0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84);
+ &data_byte(0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b);
+ &data_byte(0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf);
+ &data_byte(0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85);
+ &data_byte(0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8);
+ &data_byte(0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5);
+ &data_byte(0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2);
+ &data_byte(0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17);
+ &data_byte(0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73);
+ &data_byte(0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88);
+ &data_byte(0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb);
+ &data_byte(0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c);
+ &data_byte(0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79);
+ &data_byte(0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9);
+ &data_byte(0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08);
+ &data_byte(0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6);
+ &data_byte(0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a);
+ &data_byte(0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e);
+ &data_byte(0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e);
+ &data_byte(0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94);
+ &data_byte(0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf);
+ &data_byte(0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68);
+ &data_byte(0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16);
#rcon:
&data_word(0x00000001, 0x00000002, 0x00000004, 0x00000008);
&data_word(0x00000010, 0x00000020, 0x00000040, 0x00000080);
- &data_word(0x0000001b, 0x00000036, 0, 0, 0, 0, 0, 0);
+ &data_word(0x0000001b, 0x00000036, 0x00000000, 0x00000000);
+ &data_word(0x00000000, 0x00000000, 0x00000000, 0x00000000);
&function_end_B("_x86_AES_encrypt");
# void AES_encrypt (const void *inp,void *out,const AES_KEY *key);
-&public_label("AES_Te");
&function_begin("AES_encrypt");
&mov ($acc,&wparam(0)); # load inp
&mov ($key,&wparam(2)); # load key
&mov ($s0,"esp");
- &sub ("esp",24);
- &and ("esp",-64);
- &add ("esp",4);
- &mov (&DWP(16,"esp"),$s0);
+ &sub ("esp",36);
+ &and ("esp",-64); # align to cache-line
+ # place stack frame just "above" the key schedule
+ &lea ($s1,&DWP(-64-63,$key));
+ &sub ($s1,"esp");
+ &neg ($s1);
+ &and ($s1,0x3C0); # modulo 1024, but aligned to cache-line
+ &sub ("esp",$s1);
+ &add ("esp",4); # 4 is reserved for caller's return address
+ &mov ($_esp,$s0); # save stack pointer
+
&call (&label("pic_point")); # make it PIC!
&set_label("pic_point");
- &blindpop("ebp");
- &lea ("ebp",&DWP(&label("AES_Te")."-".&label("pic_point"),"ebp"));
+ &blindpop($tbl);
+ &picmeup($s0,"OPENSSL_ia32cap_P",$tbl,&label("pic_point")) if (!$x86only);
+ &lea ($tbl,&DWP(&label("AES_Te")."-".&label("pic_point"),$tbl));
+ # pick Te4 copy which can't "overlap" with stack frame or key schedule
+ &lea ($s1,&DWP(768-4,"esp"));
+ &sub ($s1,$tbl);
+ &and ($s1,0x300);
+ &lea ($tbl,&DWP(2048+128,$tbl,$s1));
+
+ if (!$x86only) {
+ &bt (&DWP(0,$s0),25); # check for SSE bit
+ &jnc (&label("x86"));
+
+ &movq ("mm0",&QWP(0,$acc));
+ &movq ("mm4",&QWP(8,$acc));
+ &call ("_sse_AES_encrypt_compact");
+ &mov ("esp",$_esp); # restore stack pointer
+ &mov ($acc,&wparam(1)); # load out
+ &movq (&QWP(0,$acc),"mm0"); # write output data
+ &movq (&QWP(8,$acc),"mm4");
+ &emms ();
+ &function_end_A();
+ }
+ &set_label("x86",16);
+ &mov ($_tbl,$tbl);
&mov ($s0,&DWP(0,$acc)); # load input data
&mov ($s1,&DWP(4,$acc));
&mov ($s2,&DWP(8,$acc));
&mov ($s3,&DWP(12,$acc));
-
- &call ("_x86_AES_encrypt");
-
- &mov ("esp",&DWP(16,"esp"));
-
+ &call ("_x86_AES_encrypt_compact");
+ &mov ("esp",$_esp); # restore stack pointer
&mov ($acc,&wparam(1)); # load out
&mov (&DWP(0,$acc),$s0); # write output data
&mov (&DWP(4,$acc),$s1);
@@ -469,8 +1215,371 @@
&mov (&DWP(12,$acc),$s3);
&function_end("AES_encrypt");
-#------------------------------------------------------------------#
+#--------------------------------------------------------------------#
+######################################################################
+# "Compact" block function
+######################################################################
+
+sub deccompact()
+{ my $Fn = mov;
+ while ($#_>5) { pop(@_); $Fn=sub{}; }
+ my ($i,$td, at s)=@_;
+ my $tmp = $key;
+ my $out = $i==3?$s[0]:$acc;
+
+ # $Fn is used in first compact round and its purpose is to
+ # void restoration of some values from stack, so that after
+ # 4xdeccompact with extra argument $key, $s0 and $s1 values
+ # are left there...
+ if($i==3) { &$Fn ($key,$__key); }
+ else { &mov ($out,$s[0]); }
+ &and ($out,0xFF);
+ &movz ($out,&BP(-128,$td,$out,1));
+
+ if ($i==3) { $tmp=$s[1]; }
+ &movz ($tmp,&HB($s[1]));
+ &movz ($tmp,&BP(-128,$td,$tmp,1));
+ &shl ($tmp,8);
+ &xor ($out,$tmp);
+
+ if ($i==3) { $tmp=$s[2]; &mov ($s[1],$acc); }
+ else { mov ($tmp,$s[2]); }
+ &shr ($tmp,16);
+ &and ($tmp,0xFF);
+ &movz ($tmp,&BP(-128,$td,$tmp,1));
+ &shl ($tmp,16);
+ &xor ($out,$tmp);
+
+ if ($i==3) { $tmp=$s[3]; &$Fn ($s[2],$__s1); }
+ else { &mov ($tmp,$s[3]); }
+ &shr ($tmp,24);
+ &movz ($tmp,&BP(-128,$td,$tmp,1));
+ &shl ($tmp,24);
+ &xor ($out,$tmp);
+ if ($i<2) { &mov (&DWP(4+4*$i,"esp"),$out); }
+ if ($i==3) { &$Fn ($s[3],$__s0); }
+}
+
+# must be called with 2,3,0,1 as argument sequence!!!
+sub dectransform()
+{ my @s = ($s0,$s1,$s2,$s3);
+ my $i = shift;
+ my $tmp = $key;
+ my $tp2 = @s[($i+2)%4]; $tp2 = @s[2] if ($i==1);
+ my $tp4 = @s[($i+3)%4]; $tp4 = @s[3] if ($i==1);
+ my $tp8 = $tbl;
+
+ &mov ($acc,$s[$i]);
+ &and ($acc,0x80808080);
+ &mov ($tmp,$acc);
+ &shr ($tmp,7);
+ &lea ($tp2,&DWP(0,$s[$i],$s[$i]));
+ &sub ($acc,$tmp);
+ &and ($tp2,0xfefefefe);
+ &and ($acc,0x1b1b1b1b);
+ &xor ($acc,$tp2);
+ &mov ($tp2,$acc);
+
+ &and ($acc,0x80808080);
+ &mov ($tmp,$acc);
+ &shr ($tmp,7);
+ &lea ($tp4,&DWP(0,$tp2,$tp2));
+ &sub ($acc,$tmp);
+ &and ($tp4,0xfefefefe);
+ &and ($acc,0x1b1b1b1b);
+ &xor ($tp2,$s[$i]); # tp2^tp1
+ &xor ($acc,$tp4);
+ &mov ($tp4,$acc);
+
+ &and ($acc,0x80808080);
+ &mov ($tmp,$acc);
+ &shr ($tmp,7);
+ &lea ($tp8,&DWP(0,$tp4,$tp4));
+ &sub ($acc,$tmp);
+ &and ($tp8,0xfefefefe);
+ &and ($acc,0x1b1b1b1b);
+ &xor ($tp4,$s[$i]); # tp4^tp1
+ &rotl ($s[$i],8); # = ROTATE(tp1,8)
+ &xor ($tp8,$acc);
+
+ &xor ($s[$i],$tp2);
+ &xor ($tp2,$tp8);
+ &rotl ($tp2,24);
+ &xor ($s[$i],$tp4);
+ &xor ($tp4,$tp8);
+ &rotl ($tp4,16);
+ &xor ($s[$i],$tp8); # ^= tp8^(tp4^tp1)^(tp2^tp1)
+ &rotl ($tp8,8);
+ &xor ($s[$i],$tp2); # ^= ROTATE(tp8^tp2^tp1,24)
+ &xor ($s[$i],$tp4); # ^= ROTATE(tp8^tp4^tp1,16)
+ &mov ($s[0],$__s0) if($i==2); #prefetch $s0
+ &mov ($s[1],$__s1) if($i==3); #prefetch $s1
+ &mov ($s[2],$__s2) if($i==1);
+ &xor ($s[$i],$tp8); # ^= ROTATE(tp8,8)
+
+ &mov ($s[3],$__s3) if($i==1);
+ &mov (&DWP(4+4*$i,"esp"),$s[$i]) if($i>=2);
+}
+
+&function_begin_B("_x86_AES_decrypt_compact");
+ # note that caller is expected to allocate stack frame for me!
+ &mov ($__key,$key); # save key
+
+ &xor ($s0,&DWP(0,$key)); # xor with key
+ &xor ($s1,&DWP(4,$key));
+ &xor ($s2,&DWP(8,$key));
+ &xor ($s3,&DWP(12,$key));
+
+ &mov ($acc,&DWP(240,$key)); # load key->rounds
+
+ &lea ($acc,&DWP(-2,$acc,$acc));
+ &lea ($acc,&DWP(0,$key,$acc,8));
+ &mov ($__end,$acc); # end of key schedule
+
+ # prefetch Td4
+ &mov ($key,&DWP(0-128,$tbl));
+ &mov ($acc,&DWP(32-128,$tbl));
+ &mov ($key,&DWP(64-128,$tbl));
+ &mov ($acc,&DWP(96-128,$tbl));
+ &mov ($key,&DWP(128-128,$tbl));
+ &mov ($acc,&DWP(160-128,$tbl));
+ &mov ($key,&DWP(192-128,$tbl));
+ &mov ($acc,&DWP(224-128,$tbl));
+
+ &set_label("loop",16);
+
+ &deccompact(0,$tbl,$s0,$s3,$s2,$s1,1);
+ &deccompact(1,$tbl,$s1,$s0,$s3,$s2,1);
+ &deccompact(2,$tbl,$s2,$s1,$s0,$s3,1);
+ &deccompact(3,$tbl,$s3,$s2,$s1,$s0,1);
+ &dectransform(2);
+ &dectransform(3);
+ &dectransform(0);
+ &dectransform(1);
+ &mov ($key,$__key);
+ &mov ($tbl,$__tbl);
+ &add ($key,16); # advance rd_key
+ &xor ($s0,&DWP(0,$key));
+ &xor ($s1,&DWP(4,$key));
+ &xor ($s2,&DWP(8,$key));
+ &xor ($s3,&DWP(12,$key));
+
+ &cmp ($key,$__end);
+ &mov ($__key,$key);
+ &jb (&label("loop"));
+
+ &deccompact(0,$tbl,$s0,$s3,$s2,$s1);
+ &deccompact(1,$tbl,$s1,$s0,$s3,$s2);
+ &deccompact(2,$tbl,$s2,$s1,$s0,$s3);
+ &deccompact(3,$tbl,$s3,$s2,$s1,$s0);
+
+ &xor ($s0,&DWP(16,$key));
+ &xor ($s1,&DWP(20,$key));
+ &xor ($s2,&DWP(24,$key));
+ &xor ($s3,&DWP(28,$key));
+
+ &ret ();
+&function_end_B("_x86_AES_decrypt_compact");
+
+######################################################################
+# "Compact" SSE block function.
+######################################################################
+
+sub sse_deccompact()
+{
+ &pshufw ("mm1","mm0",0x0c); # 7, 6, 1, 0
+ &movd ("eax","mm1"); # 7, 6, 1, 0
+
+ &pshufw ("mm5","mm4",0x09); # 13,12,11,10
+ &movz ($acc,&LB("eax")); # 0
+ &movz ("ecx",&BP(-128,$tbl,$acc,1)); # 0
+ &movd ("ebx","mm5"); # 13,12,11,10
+ &movz ("edx",&HB("eax")); # 1
+ &movz ("edx",&BP(-128,$tbl,"edx",1)); # 1
+ &shl ("edx",8); # 1
+
+ &pshufw ("mm2","mm0",0x06); # 3, 2, 5, 4
+ &movz ($acc,&LB("ebx")); # 10
+ &movz ($acc,&BP(-128,$tbl,$acc,1)); # 10
+ &shl ($acc,16); # 10
+ &or ("ecx",$acc); # 10
+ &shr ("eax",16); # 7, 6
+ &movz ($acc,&HB("ebx")); # 11
+ &movz ($acc,&BP(-128,$tbl,$acc,1)); # 11
+ &shl ($acc,24); # 11
+ &or ("edx",$acc); # 11
+ &shr ("ebx",16); # 13,12
+
+ &pshufw ("mm6","mm4",0x03); # 9, 8,15,14
+ &movz ($acc,&HB("eax")); # 7
+ &movz ($acc,&BP(-128,$tbl,$acc,1)); # 7
+ &shl ($acc,24); # 7
+ &or ("ecx",$acc); # 7
+ &movz ($acc,&HB("ebx")); # 13
+ &movz ($acc,&BP(-128,$tbl,$acc,1)); # 13
+ &shl ($acc,8); # 13
+ &or ("ecx",$acc); # 13
+ &movd ("mm0","ecx"); # t[0] collected
+
+ &movz ($acc,&LB("eax")); # 6
+ &movd ("eax","mm2"); # 3, 2, 5, 4
+ &movz ("ecx",&BP(-128,$tbl,$acc,1)); # 6
+ &shl ("ecx",16); # 6
+ &movz ($acc,&LB("ebx")); # 12
+ &movd ("ebx","mm6"); # 9, 8,15,14
+ &movz ($acc,&BP(-128,$tbl,$acc,1)); # 12
+ &or ("ecx",$acc); # 12
+
+ &movz ($acc,&LB("eax")); # 4
+ &movz ($acc,&BP(-128,$tbl,$acc,1)); # 4
+ &or ("edx",$acc); # 4
+ &movz ($acc,&LB("ebx")); # 14
+ &movz ($acc,&BP(-128,$tbl,$acc,1)); # 14
+ &shl ($acc,16); # 14
+ &or ("edx",$acc); # 14
+ &movd ("mm1","edx"); # t[1] collected
+
+ &movz ($acc,&HB("eax")); # 5
+ &movz ("edx",&BP(-128,$tbl,$acc,1)); # 5
+ &shl ("edx",8); # 5
+ &movz ($acc,&HB("ebx")); # 15
+ &shr ("eax",16); # 3, 2
+ &movz ($acc,&BP(-128,$tbl,$acc,1)); # 15
+ &shl ($acc,24); # 15
+ &or ("edx",$acc); # 15
+ &shr ("ebx",16); # 9, 8
+
+ &punpckldq ("mm0","mm1"); # t[0,1] collected
+
+ &movz ($acc,&HB("ebx")); # 9
+ &movz ($acc,&BP(-128,$tbl,$acc,1)); # 9
+ &shl ($acc,8); # 9
+ &or ("ecx",$acc); # 9
+ &and ("ebx",0xff); # 8
+ &movz ("ebx",&BP(-128,$tbl,"ebx",1)); # 8
+ &or ("edx","ebx"); # 8
+ &movz ($acc,&LB("eax")); # 2
+ &movz ($acc,&BP(-128,$tbl,$acc,1)); # 2
+ &shl ($acc,16); # 2
+ &or ("edx",$acc); # 2
+ &movd ("mm4","edx"); # t[2] collected
+ &movz ("eax",&HB("eax")); # 3
+ &movz ("eax",&BP(-128,$tbl,"eax",1)); # 3
+ &shl ("eax",24); # 3
+ &or ("ecx","eax"); # 3
+ &movd ("mm5","ecx"); # t[3] collected
+
+ &punpckldq ("mm4","mm5"); # t[2,3] collected
+}
+
+ if (!$x86only) {
+&function_begin_B("_sse_AES_decrypt_compact");
+ &pxor ("mm0",&QWP(0,$key)); # 7, 6, 5, 4, 3, 2, 1, 0
+ &pxor ("mm4",&QWP(8,$key)); # 15,14,13,12,11,10, 9, 8
+
+ # note that caller is expected to allocate stack frame for me!
+ &mov ($acc,&DWP(240,$key)); # load key->rounds
+ &lea ($acc,&DWP(-2,$acc,$acc));
+ &lea ($acc,&DWP(0,$key,$acc,8));
+ &mov ($__end,$acc); # end of key schedule
+
+ &mov ($s0,0x1b1b1b1b); # magic constant
+ &mov (&DWP(8,"esp"),$s0);
+ &mov (&DWP(12,"esp"),$s0);
+
+ # prefetch Td4
+ &mov ($s0,&DWP(0-128,$tbl));
+ &mov ($s1,&DWP(32-128,$tbl));
+ &mov ($s2,&DWP(64-128,$tbl));
+ &mov ($s3,&DWP(96-128,$tbl));
+ &mov ($s0,&DWP(128-128,$tbl));
+ &mov ($s1,&DWP(160-128,$tbl));
+ &mov ($s2,&DWP(192-128,$tbl));
+ &mov ($s3,&DWP(224-128,$tbl));
+
+ &set_label("loop",16);
+ &sse_deccompact();
+ &add ($key,16);
+ &cmp ($key,$__end);
+ &ja (&label("out"));
+
+ # ROTATE(x^y,N) == ROTATE(x,N)^ROTATE(y,N)
+ &movq ("mm3","mm0"); &movq ("mm7","mm4");
+ &movq ("mm2","mm0",1); &movq ("mm6","mm4",1);
+ &movq ("mm1","mm0"); &movq ("mm5","mm4");
+ &pshufw ("mm0","mm0",0xb1); &pshufw ("mm4","mm4",0xb1);# = ROTATE(tp0,16)
+ &pslld ("mm2",8); &pslld ("mm6",8);
+ &psrld ("mm3",8); &psrld ("mm7",8);
+ &pxor ("mm0","mm2"); &pxor ("mm4","mm6"); # ^= tp0<<8
+ &pxor ("mm0","mm3"); &pxor ("mm4","mm7"); # ^= tp0>>8
+ &pslld ("mm2",16); &pslld ("mm6",16);
+ &psrld ("mm3",16); &psrld ("mm7",16);
+ &pxor ("mm0","mm2"); &pxor ("mm4","mm6"); # ^= tp0<<24
+ &pxor ("mm0","mm3"); &pxor ("mm4","mm7"); # ^= tp0>>24
+
+ &movq ("mm3",&QWP(8,"esp"));
+ &pxor ("mm2","mm2"); &pxor ("mm6","mm6");
+ &pcmpgtb("mm2","mm1"); &pcmpgtb("mm6","mm5");
+ &pand ("mm2","mm3"); &pand ("mm6","mm3");
+ &paddb ("mm1","mm1"); &paddb ("mm5","mm5");
+ &pxor ("mm1","mm2"); &pxor ("mm5","mm6"); # tp2
+ &movq ("mm3","mm1"); &movq ("mm7","mm5");
+ &movq ("mm2","mm1"); &movq ("mm6","mm5");
+ &pxor ("mm0","mm1"); &pxor ("mm4","mm5"); # ^= tp2
+ &pslld ("mm3",24); &pslld ("mm7",24);
+ &psrld ("mm2",8); &psrld ("mm6",8);
+ &pxor ("mm0","mm3"); &pxor ("mm4","mm7"); # ^= tp2<<24
+ &pxor ("mm0","mm2"); &pxor ("mm4","mm6"); # ^= tp2>>8
+
+ &movq ("mm2",&QWP(8,"esp"));
+ &pxor ("mm3","mm3"); &pxor ("mm7","mm7");
+ &pcmpgtb("mm3","mm1"); &pcmpgtb("mm7","mm5");
+ &pand ("mm3","mm2"); &pand ("mm7","mm2");
+ &paddb ("mm1","mm1"); &paddb ("mm5","mm5");
+ &pxor ("mm1","mm3"); &pxor ("mm5","mm7"); # tp4
+ &pshufw ("mm3","mm1",0xb1); &pshufw ("mm7","mm5",0xb1);
+ &pxor ("mm0","mm1"); &pxor ("mm4","mm5"); # ^= tp4
+ &pxor ("mm0","mm3"); &pxor ("mm4","mm7"); # ^= ROTATE(tp4,16)
+
+ &pxor ("mm3","mm3"); &pxor ("mm7","mm7");
+ &pcmpgtb("mm3","mm1"); &pcmpgtb("mm7","mm5");
+ &pand ("mm3","mm2"); &pand ("mm7","mm2");
+ &paddb ("mm1","mm1"); &paddb ("mm5","mm5");
+ &pxor ("mm1","mm3"); &pxor ("mm5","mm7"); # tp8
+ &pxor ("mm0","mm1"); &pxor ("mm4","mm5"); # ^= tp8
+ &movq ("mm3","mm1"); &movq ("mm7","mm5");
+ &pshufw ("mm2","mm1",0xb1); &pshufw ("mm6","mm5",0xb1);
+ &pxor ("mm0","mm2"); &pxor ("mm4","mm6"); # ^= ROTATE(tp8,16)
+ &pslld ("mm1",8); &pslld ("mm5",8);
+ &psrld ("mm3",8); &psrld ("mm7",8);
+ &movq ("mm2",&QWP(0,$key)); &movq ("mm6",&QWP(8,$key));
+ &pxor ("mm0","mm1"); &pxor ("mm4","mm5"); # ^= tp8<<8
+ &pxor ("mm0","mm3"); &pxor ("mm4","mm7"); # ^= tp8>>8
+ &mov ($s0,&DWP(0-128,$tbl));
+ &pslld ("mm1",16); &pslld ("mm5",16);
+ &mov ($s1,&DWP(64-128,$tbl));
+ &psrld ("mm3",16); &psrld ("mm7",16);
+ &mov ($s2,&DWP(128-128,$tbl));
+ &pxor ("mm0","mm1"); &pxor ("mm4","mm5"); # ^= tp8<<24
+ &mov ($s3,&DWP(192-128,$tbl));
+ &pxor ("mm0","mm3"); &pxor ("mm4","mm7"); # ^= tp8>>24
+
+ &pxor ("mm0","mm2"); &pxor ("mm4","mm6");
+ &jmp (&label("loop"));
+
+ &set_label("out",16);
+ &pxor ("mm0",&QWP(0,$key));
+ &pxor ("mm4",&QWP(8,$key));
+
+ &ret ();
+&function_end_B("_sse_AES_decrypt_compact");
+ }
+
+######################################################################
+# Vanilla block function.
+######################################################################
+
sub decstep()
{ my ($i,$td, at s) = @_;
my $tmp = $key;
@@ -480,7 +1589,7 @@
# optimal... or rather that all attempts to reorder didn't
# result in better performance [which by the way is not a
# bit lower than ecryption].
- if($i==3) { &mov ($key,&DWP(12,"esp")); }
+ if($i==3) { &mov ($key,$__key); }
else { &mov ($out,$s[0]); }
&and ($out,0xFF);
&mov ($out,&DWP(0,$td,$out,8));
@@ -495,12 +1604,12 @@
&and ($tmp,0xFF);
&xor ($out,&DWP(2,$td,$tmp,8));
- if ($i==3) { $tmp=$s[3]; &mov ($s[2],&DWP(8,"esp")); }
+ if ($i==3) { $tmp=$s[3]; &mov ($s[2],$__s1); }
else { &mov ($tmp,$s[3]); }
&shr ($tmp,24);
&xor ($out,&DWP(1,$td,$tmp,8));
if ($i<2) { &mov (&DWP(4+4*$i,"esp"),$out); }
- if ($i==3) { &mov ($s[3],&DWP(4,"esp")); }
+ if ($i==3) { &mov ($s[3],$__s0); }
&comment();
}
@@ -509,14 +1618,24 @@
my $tmp = $key;
my $out = $i==3?$s[0]:$acc;
- if($i==3) { &mov ($key,&DWP(12,"esp")); }
+ if($i==0) { &lea ($td,&DWP(2048+128,$td));
+ &mov ($tmp,&DWP(0-128,$td));
+ &mov ($acc,&DWP(32-128,$td));
+ &mov ($tmp,&DWP(64-128,$td));
+ &mov ($acc,&DWP(96-128,$td));
+ &mov ($tmp,&DWP(128-128,$td));
+ &mov ($acc,&DWP(160-128,$td));
+ &mov ($tmp,&DWP(192-128,$td));
+ &mov ($acc,&DWP(224-128,$td));
+ &lea ($td,&DWP(-128,$td)); }
+ if($i==3) { &mov ($key,$__key); }
else { &mov ($out,$s[0]); }
&and ($out,0xFF);
- &movz ($out,&BP(2048,$td,$out,1));
+ &movz ($out,&BP(0,$td,$out,1));
if ($i==3) { $tmp=$s[1]; }
&movz ($tmp,&HB($s[1]));
- &movz ($tmp,&BP(2048,$td,$tmp,1));
+ &movz ($tmp,&BP(0,$td,$tmp,1));
&shl ($tmp,8);
&xor ($out,$tmp);
@@ -524,24 +1643,24 @@
else { mov ($tmp,$s[2]); }
&shr ($tmp,16);
&and ($tmp,0xFF);
- &movz ($tmp,&BP(2048,$td,$tmp,1));
+ &movz ($tmp,&BP(0,$td,$tmp,1));
&shl ($tmp,16);
&xor ($out,$tmp);
- if ($i==3) { $tmp=$s[3]; &mov ($s[2],&DWP(8,"esp")); }
+ if ($i==3) { $tmp=$s[3]; &mov ($s[2],$__s1); }
else { &mov ($tmp,$s[3]); }
&shr ($tmp,24);
- &movz ($tmp,&BP(2048,$td,$tmp,1));
+ &movz ($tmp,&BP(0,$td,$tmp,1));
&shl ($tmp,24);
&xor ($out,$tmp);
if ($i<2) { &mov (&DWP(4+4*$i,"esp"),$out); }
- if ($i==3) { &mov ($s[3],&DWP(4,"esp")); }
+ if ($i==3) { &mov ($s[3],$__s0);
+ &lea ($td,&DWP(-2048,$td)); }
}
-&public_label("AES_Td");
&function_begin_B("_x86_AES_decrypt");
# note that caller is expected to allocate stack frame for me!
- &mov (&DWP(12,"esp"),$key); # save key
+ &mov ($__key,$key); # save key
&xor ($s0,&DWP(0,$key)); # xor with key
&xor ($s1,&DWP(4,$key));
@@ -553,20 +1672,19 @@
if ($small_footprint) {
&lea ($acc,&DWP(-2,$acc,$acc));
&lea ($acc,&DWP(0,$key,$acc,8));
- &mov (&DWP(16,"esp"),$acc); # end of key schedule
- &align (4);
- &set_label("loop");
- &decstep(0,"ebp",$s0,$s3,$s2,$s1);
- &decstep(1,"ebp",$s1,$s0,$s3,$s2);
- &decstep(2,"ebp",$s2,$s1,$s0,$s3);
- &decstep(3,"ebp",$s3,$s2,$s1,$s0);
+ &mov ($__end,$acc); # end of key schedule
+ &set_label("loop",16);
+ &decstep(0,$tbl,$s0,$s3,$s2,$s1);
+ &decstep(1,$tbl,$s1,$s0,$s3,$s2);
+ &decstep(2,$tbl,$s2,$s1,$s0,$s3);
+ &decstep(3,$tbl,$s3,$s2,$s1,$s0);
&add ($key,16); # advance rd_key
&xor ($s0,&DWP(0,$key));
&xor ($s1,&DWP(4,$key));
&xor ($s2,&DWP(8,$key));
&xor ($s3,&DWP(12,$key));
- &cmp ($key,&DWP(16,"esp"));
- &mov (&DWP(12,"esp"),$key);
+ &cmp ($key,$__end);
+ &mov ($__key,$key);
&jb (&label("loop"));
}
else {
@@ -575,12 +1693,12 @@
&cmp ($acc,12);
&jle (&label("12rounds"));
- &set_label("14rounds");
+ &set_label("14rounds",4);
for ($i=1;$i<3;$i++) {
- &decstep(0,"ebp",$s0,$s3,$s2,$s1);
- &decstep(1,"ebp",$s1,$s0,$s3,$s2);
- &decstep(2,"ebp",$s2,$s1,$s0,$s3);
- &decstep(3,"ebp",$s3,$s2,$s1,$s0);
+ &decstep(0,$tbl,$s0,$s3,$s2,$s1);
+ &decstep(1,$tbl,$s1,$s0,$s3,$s2);
+ &decstep(2,$tbl,$s2,$s1,$s0,$s3);
+ &decstep(3,$tbl,$s3,$s2,$s1,$s0);
&xor ($s0,&DWP(16*$i+0,$key));
&xor ($s1,&DWP(16*$i+4,$key));
&xor ($s2,&DWP(16*$i+8,$key));
@@ -587,13 +1705,13 @@
&xor ($s3,&DWP(16*$i+12,$key));
}
&add ($key,32);
- &mov (&DWP(12,"esp"),$key); # advance rd_key
- &set_label("12rounds");
+ &mov ($__key,$key); # advance rd_key
+ &set_label("12rounds",4);
for ($i=1;$i<3;$i++) {
- &decstep(0,"ebp",$s0,$s3,$s2,$s1);
- &decstep(1,"ebp",$s1,$s0,$s3,$s2);
- &decstep(2,"ebp",$s2,$s1,$s0,$s3);
- &decstep(3,"ebp",$s3,$s2,$s1,$s0);
+ &decstep(0,$tbl,$s0,$s3,$s2,$s1);
+ &decstep(1,$tbl,$s1,$s0,$s3,$s2);
+ &decstep(2,$tbl,$s2,$s1,$s0,$s3);
+ &decstep(3,$tbl,$s3,$s2,$s1,$s0);
&xor ($s0,&DWP(16*$i+0,$key));
&xor ($s1,&DWP(16*$i+4,$key));
&xor ($s2,&DWP(16*$i+8,$key));
@@ -600,13 +1718,13 @@
&xor ($s3,&DWP(16*$i+12,$key));
}
&add ($key,32);
- &mov (&DWP(12,"esp"),$key); # advance rd_key
- &set_label("10rounds");
+ &mov ($__key,$key); # advance rd_key
+ &set_label("10rounds",4);
for ($i=1;$i<10;$i++) {
- &decstep(0,"ebp",$s0,$s3,$s2,$s1);
- &decstep(1,"ebp",$s1,$s0,$s3,$s2);
- &decstep(2,"ebp",$s2,$s1,$s0,$s3);
- &decstep(3,"ebp",$s3,$s2,$s1,$s0);
+ &decstep(0,$tbl,$s0,$s3,$s2,$s1);
+ &decstep(1,$tbl,$s1,$s0,$s3,$s2);
+ &decstep(2,$tbl,$s2,$s1,$s0,$s3);
+ &decstep(3,$tbl,$s3,$s2,$s1,$s0);
&xor ($s0,&DWP(16*$i+0,$key));
&xor ($s1,&DWP(16*$i+4,$key));
&xor ($s2,&DWP(16*$i+8,$key));
@@ -614,10 +1732,10 @@
}
}
- &declast(0,"ebp",$s0,$s3,$s2,$s1);
- &declast(1,"ebp",$s1,$s0,$s3,$s2);
- &declast(2,"ebp",$s2,$s1,$s0,$s3);
- &declast(3,"ebp",$s3,$s2,$s1,$s0);
+ &declast(0,$tbl,$s0,$s3,$s2,$s1);
+ &declast(1,$tbl,$s1,$s0,$s3,$s2);
+ &declast(2,$tbl,$s2,$s1,$s0,$s3);
+ &declast(3,$tbl,$s3,$s2,$s1,$s0);
&add ($key,$small_footprint?16:160);
&xor ($s0,&DWP(0,$key));
@@ -692,7 +1810,8 @@
&_data_word(0x72c31d16, 0x0c25e2bc, 0x8b493c28, 0x41950dff);
&_data_word(0x7101a839, 0xdeb30c08, 0x9ce4b4d8, 0x90c15664);
&_data_word(0x6184cb7b, 0x70b632d5, 0x745c6c48, 0x4257b8d0);
-#Td4:
+
+#Td4: # four copies of Td4 to choose from to avoid L1 aliasing
&data_byte(0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38);
&data_byte(0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb);
&data_byte(0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87);
@@ -725,46 +1844,159 @@
&data_byte(0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61);
&data_byte(0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26);
&data_byte(0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d);
+
+ &data_byte(0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38);
+ &data_byte(0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb);
+ &data_byte(0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87);
+ &data_byte(0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb);
+ &data_byte(0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d);
+ &data_byte(0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e);
+ &data_byte(0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2);
+ &data_byte(0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25);
+ &data_byte(0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16);
+ &data_byte(0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92);
+ &data_byte(0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda);
+ &data_byte(0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84);
+ &data_byte(0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a);
+ &data_byte(0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06);
+ &data_byte(0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02);
+ &data_byte(0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b);
+ &data_byte(0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea);
+ &data_byte(0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73);
+ &data_byte(0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85);
+ &data_byte(0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e);
+ &data_byte(0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89);
+ &data_byte(0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b);
+ &data_byte(0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20);
+ &data_byte(0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4);
+ &data_byte(0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31);
+ &data_byte(0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f);
+ &data_byte(0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d);
+ &data_byte(0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef);
+ &data_byte(0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0);
+ &data_byte(0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61);
+ &data_byte(0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26);
+ &data_byte(0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d);
+
+ &data_byte(0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38);
+ &data_byte(0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb);
+ &data_byte(0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87);
+ &data_byte(0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb);
+ &data_byte(0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d);
+ &data_byte(0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e);
+ &data_byte(0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2);
+ &data_byte(0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25);
+ &data_byte(0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16);
+ &data_byte(0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92);
+ &data_byte(0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda);
+ &data_byte(0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84);
+ &data_byte(0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a);
+ &data_byte(0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06);
+ &data_byte(0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02);
+ &data_byte(0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b);
+ &data_byte(0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea);
+ &data_byte(0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73);
+ &data_byte(0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85);
+ &data_byte(0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e);
+ &data_byte(0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89);
+ &data_byte(0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b);
+ &data_byte(0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20);
+ &data_byte(0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4);
+ &data_byte(0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31);
+ &data_byte(0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f);
+ &data_byte(0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d);
+ &data_byte(0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef);
+ &data_byte(0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0);
+ &data_byte(0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61);
+ &data_byte(0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26);
+ &data_byte(0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d);
+
+ &data_byte(0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38);
+ &data_byte(0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb);
+ &data_byte(0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87);
+ &data_byte(0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb);
+ &data_byte(0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d);
+ &data_byte(0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e);
+ &data_byte(0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2);
+ &data_byte(0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25);
+ &data_byte(0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16);
+ &data_byte(0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92);
+ &data_byte(0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda);
+ &data_byte(0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84);
+ &data_byte(0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a);
+ &data_byte(0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06);
+ &data_byte(0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02);
+ &data_byte(0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b);
+ &data_byte(0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea);
+ &data_byte(0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73);
+ &data_byte(0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85);
+ &data_byte(0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e);
+ &data_byte(0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89);
+ &data_byte(0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b);
+ &data_byte(0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20);
+ &data_byte(0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4);
+ &data_byte(0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31);
+ &data_byte(0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f);
+ &data_byte(0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d);
+ &data_byte(0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef);
+ &data_byte(0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0);
+ &data_byte(0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61);
+ &data_byte(0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26);
+ &data_byte(0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d);
&function_end_B("_x86_AES_decrypt");
# void AES_decrypt (const void *inp,void *out,const AES_KEY *key);
-&public_label("AES_Td");
&function_begin("AES_decrypt");
&mov ($acc,&wparam(0)); # load inp
&mov ($key,&wparam(2)); # load key
&mov ($s0,"esp");
- &sub ("esp",24);
- &and ("esp",-64);
- &add ("esp",4);
- &mov (&DWP(16,"esp"),$s0);
+ &sub ("esp",36);
+ &and ("esp",-64); # align to cache-line
+ # place stack frame just "above" the key schedule
+ &lea ($s1,&DWP(-64-63,$key));
+ &sub ($s1,"esp");
+ &neg ($s1);
+ &and ($s1,0x3C0); # modulo 1024, but aligned to cache-line
+ &sub ("esp",$s1);
+ &add ("esp",4); # 4 is reserved for caller's return address
+ &mov ($_esp,$s0); # save stack pointer
+
&call (&label("pic_point")); # make it PIC!
&set_label("pic_point");
- &blindpop("ebp");
- &lea ("ebp",&DWP(&label("AES_Td")."-".&label("pic_point"),"ebp"));
+ &blindpop($tbl);
+ &picmeup($s0,"OPENSSL_ia32cap_P",$tbl,&label("pic_point")) if(!$x86only);
+ &lea ($tbl,&DWP(&label("AES_Td")."-".&label("pic_point"),$tbl));
- # prefetch Td4
- &lea ("ebp",&DWP(2048+128,"ebp"));
- &mov ($s0,&DWP(0-128,"ebp"));
- &mov ($s1,&DWP(32-128,"ebp"));
- &mov ($s2,&DWP(64-128,"ebp"));
- &mov ($s3,&DWP(96-128,"ebp"));
- &mov ($s0,&DWP(128-128,"ebp"));
- &mov ($s1,&DWP(160-128,"ebp"));
- &mov ($s2,&DWP(192-128,"ebp"));
- &mov ($s3,&DWP(224-128,"ebp"));
- &lea ("ebp",&DWP(-2048-128,"ebp"));
+ # pick Td4 copy which can't "overlap" with stack frame or key schedule
+ &lea ($s1,&DWP(768-4,"esp"));
+ &sub ($s1,$tbl);
+ &and ($s1,0x300);
+ &lea ($tbl,&DWP(2048+128,$tbl,$s1));
+ if (!$x86only) {
+ &bt (&DWP(0,$s0),25); # check for SSE bit
+ &jnc (&label("x86"));
+
+ &movq ("mm0",&QWP(0,$acc));
+ &movq ("mm4",&QWP(8,$acc));
+ &call ("_sse_AES_decrypt_compact");
+ &mov ("esp",$_esp); # restore stack pointer
+ &mov ($acc,&wparam(1)); # load out
+ &movq (&QWP(0,$acc),"mm0"); # write output data
+ &movq (&QWP(8,$acc),"mm4");
+ &emms ();
+ &function_end_A();
+ }
+ &set_label("x86",16);
+ &mov ($_tbl,$tbl);
&mov ($s0,&DWP(0,$acc)); # load input data
&mov ($s1,&DWP(4,$acc));
&mov ($s2,&DWP(8,$acc));
&mov ($s3,&DWP(12,$acc));
-
- &call ("_x86_AES_decrypt");
-
- &mov ("esp",&DWP(16,"esp"));
-
+ &call ("_x86_AES_decrypt_compact");
+ &mov ("esp",$_esp); # restore stack pointer
&mov ($acc,&wparam(1)); # load out
&mov (&DWP(0,$acc),$s0); # write output data
&mov (&DWP(4,$acc),$s1);
@@ -777,126 +2009,136 @@
# unsigned char *ivp,const int enc);
{
# stack frame layout
-# -4(%esp) 0(%esp) return address
-# 0(%esp) 4(%esp) tmp1
-# 4(%esp) 8(%esp) tmp2
-# 8(%esp) 12(%esp) key
-# 12(%esp) 16(%esp) end of key schedule
-my $_esp=&DWP(16,"esp"); #saved %esp
-my $_inp=&DWP(20,"esp"); #copy of wparam(0)
-my $_out=&DWP(24,"esp"); #copy of wparam(1)
-my $_len=&DWP(28,"esp"); #copy of wparam(2)
-my $_key=&DWP(32,"esp"); #copy of wparam(3)
-my $_ivp=&DWP(36,"esp"); #copy of wparam(4)
-my $_tmp=&DWP(40,"esp"); #volatile variable
-my $ivec=&DWP(44,"esp"); #ivec[16]
-my $aes_key=&DWP(60,"esp"); #copy of aes_key
-my $mark=&DWP(60+240,"esp"); #copy of aes_key->rounds
+# -4(%esp) # return address 0(%esp)
+# 0(%esp) # s0 backing store 4(%esp)
+# 4(%esp) # s1 backing store 8(%esp)
+# 8(%esp) # s2 backing store 12(%esp)
+# 12(%esp) # s3 backing store 16(%esp)
+# 16(%esp) # key backup 20(%esp)
+# 20(%esp) # end of key schedule 24(%esp)
+# 24(%esp) # %ebp backup 28(%esp)
+# 28(%esp) # %esp backup
+my $_inp=&DWP(32,"esp"); # copy of wparam(0)
+my $_out=&DWP(36,"esp"); # copy of wparam(1)
+my $_len=&DWP(40,"esp"); # copy of wparam(2)
+my $_key=&DWP(44,"esp"); # copy of wparam(3)
+my $_ivp=&DWP(48,"esp"); # copy of wparam(4)
+my $_tmp=&DWP(52,"esp"); # volatile variable
+#
+my $ivec=&DWP(60,"esp"); # ivec[16]
+my $aes_key=&DWP(76,"esp"); # copy of aes_key
+my $mark=&DWP(76+240,"esp"); # copy of aes_key->rounds
-&public_label("AES_Te");
-&public_label("AES_Td");
&function_begin("AES_cbc_encrypt");
&mov ($s2 eq "ecx"? $s2 : "",&wparam(2)); # load len
&cmp ($s2,0);
- &je (&label("enc_out"));
+ &je (&label("drop_out"));
&call (&label("pic_point")); # make it PIC!
&set_label("pic_point");
- &blindpop("ebp");
+ &blindpop($tbl);
+ &picmeup($s0,"OPENSSL_ia32cap_P",$tbl,&label("pic_point")) if(!$x86only);
+ &cmp (&wparam(5),0);
+ &lea ($tbl,&DWP(&label("AES_Te")."-".&label("pic_point"),$tbl));
+ &jne (&label("picked_te"));
+ &lea ($tbl,&DWP(&label("AES_Td")."-".&label("AES_Te"),$tbl));
+ &set_label("picked_te");
+
+ # one can argue if this is required
&pushf ();
&cld ();
- &cmp (&wparam(5),0);
- &je (&label("DECRYPT"));
+ &cmp ($s2,$speed_limit);
+ &jb (&label("slow_way"));
+ &test ($s2,15);
+ &jnz (&label("slow_way"));
+ if (!$x86only) {
+ &bt (&DWP(0,$s0),28); # check for hyper-threading bit
+ &jc (&label("slow_way"));
+ }
+ # pre-allocate aligned stack frame...
+ &lea ($acc,&DWP(-80-244,"esp"));
+ &and ($acc,-64);
- &lea ("ebp",&DWP(&label("AES_Te")."-".&label("pic_point"),"ebp"));
-
- # allocate aligned stack frame...
- &lea ($key,&DWP(-64-244,"esp"));
- &and ($key,-64);
-
- # ... and make sure it doesn't alias with AES_Te modulo 4096
- &mov ($s0,"ebp");
- &lea ($s1,&DWP(2048,"ebp"));
- &mov ($s3,$key);
+ # ... and make sure it doesn't alias with $tbl modulo 4096
+ &mov ($s0,$tbl);
+ &lea ($s1,&DWP(2048+256,$tbl));
+ &mov ($s3,$acc);
&and ($s0,0xfff); # s = %ebp&0xfff
- &and ($s1,0xfff); # e = (%ebp+2048)&0xfff
+ &and ($s1,0xfff); # e = (%ebp+2048+256)&0xfff
&and ($s3,0xfff); # p = %esp&0xfff
&cmp ($s3,$s1); # if (p>=e) %esp =- (p-e);
- &jb (&label("te_break_out"));
+ &jb (&label("tbl_break_out"));
&sub ($s3,$s1);
- &sub ($key,$s3);
- &jmp (&label("te_ok"));
- &set_label("te_break_out"); # else %esp -= (p-s)&0xfff + framesz;
+ &sub ($acc,$s3);
+ &jmp (&label("tbl_ok"));
+ &set_label("tbl_break_out",4); # else %esp -= (p-s)&0xfff + framesz;
&sub ($s3,$s0);
&and ($s3,0xfff);
- &add ($s3,64+256);
- &sub ($key,$s3);
- &align (4);
- &set_label("te_ok");
+ &add ($s3,384);
+ &sub ($acc,$s3);
+ &set_label("tbl_ok",4);
- &mov ($s0,&wparam(0)); # load inp
- &mov ($s1,&wparam(1)); # load out
- &mov ($s3,&wparam(3)); # load key
- &mov ($acc,&wparam(4)); # load ivp
-
- &exch ("esp",$key);
+ &lea ($s3,&wparam(0)); # obtain pointer to parameter block
+ &exch ("esp",$acc); # allocate stack frame
&add ("esp",4); # reserve for return address!
- &mov ($_esp,$key); # save %esp
+ &mov ($_tbl,$tbl); # save %ebp
+ &mov ($_esp,$acc); # save %esp
+ &mov ($s0,&DWP(0,$s3)); # load inp
+ &mov ($s1,&DWP(4,$s3)); # load out
+ #&mov ($s2,&DWP(8,$s3)); # load len
+ &mov ($key,&DWP(12,$s3)); # load key
+ &mov ($acc,&DWP(16,$s3)); # load ivp
+ &mov ($s3,&DWP(20,$s3)); # load enc flag
+
&mov ($_inp,$s0); # save copy of inp
&mov ($_out,$s1); # save copy of out
&mov ($_len,$s2); # save copy of len
- &mov ($_key,$s3); # save copy of key
+ &mov ($_key,$key); # save copy of key
&mov ($_ivp,$acc); # save copy of ivp
&mov ($mark,0); # copy of aes_key->rounds = 0;
- if ($compromise) {
- &cmp ($s2,$compromise);
- &jb (&label("skip_ecopy"));
- }
# do we copy key schedule to stack?
- &mov ($s1 eq "ebx" ? $s1 : "",$s3);
+ &mov ($s1 eq "ebx" ? $s1 : "",$key);
&mov ($s2 eq "ecx" ? $s2 : "",244/4);
- &sub ($s1,"ebp");
- &mov ("esi",$s3);
+ &sub ($s1,$tbl);
+ &mov ("esi",$key);
&and ($s1,0xfff);
&lea ("edi",$aes_key);
- &cmp ($s1,2048);
- &jb (&label("do_ecopy"));
+ &cmp ($s1,2048+256);
+ &jb (&label("do_copy"));
&cmp ($s1,4096-244);
- &jb (&label("skip_ecopy"));
- &align (4);
- &set_label("do_ecopy");
+ &jb (&label("skip_copy"));
+ &set_label("do_copy",4);
&mov ($_key,"edi");
&data_word(0xA5F3F689); # rep movsd
- &set_label("skip_ecopy");
+ &set_label("skip_copy");
- &mov ($acc,$s0);
&mov ($key,16);
- &align (4);
- &set_label("prefetch_te");
- &mov ($s0,&DWP(0,"ebp"));
- &mov ($s1,&DWP(32,"ebp"));
- &mov ($s2,&DWP(64,"ebp"));
- &mov ($s3,&DWP(96,"ebp"));
- &lea ("ebp",&DWP(128,"ebp"));
- &dec ($key);
- &jnz (&label("prefetch_te"));
- &sub ("ebp",2048);
+ &set_label("prefetch_tbl",4);
+ &mov ($s0,&DWP(0,$tbl));
+ &mov ($s1,&DWP(32,$tbl));
+ &mov ($s2,&DWP(64,$tbl));
+ &mov ($acc,&DWP(96,$tbl));
+ &lea ($tbl,&DWP(128,$tbl));
+ &sub ($key,1);
+ &jnz (&label("prefetch_tbl"));
+ &sub ($tbl,2048);
- &mov ($s2,$_len);
+ &mov ($acc,$_inp);
&mov ($key,$_ivp);
- &test ($s2,0xFFFFFFF0);
- &jz (&label("enc_tail")); # short input...
+ &cmp ($s3,0);
+ &je (&label("fast_decrypt"));
+
+#----------------------------- ENCRYPT -----------------------------#
&mov ($s0,&DWP(0,$key)); # load iv
&mov ($s1,&DWP(4,$key));
- &align (4);
- &set_label("enc_loop");
+ &set_label("fast_enc_loop",16);
&mov ($s2,&DWP(8,$key));
&mov ($s3,&DWP(12,$key));
@@ -916,22 +2158,16 @@
&mov (&DWP(8,$key),$s2);
&mov (&DWP(12,$key),$s3);
+ &lea ($acc,&DWP(16,$acc)); # advance inp
&mov ($s2,$_len); # load len
-
- &lea ($acc,&DWP(16,$acc));
&mov ($_inp,$acc); # save inp
-
- &lea ($s3,&DWP(16,$key));
+ &lea ($s3,&DWP(16,$key)); # advance out
&mov ($_out,$s3); # save out
-
- &sub ($s2,16);
- &test ($s2,0xFFFFFFF0);
+ &sub ($s2,16); # decrease len
&mov ($_len,$s2); # save len
- &jnz (&label("enc_loop"));
- &test ($s2,15);
- &jnz (&label("enc_tail"));
+ &jnz (&label("fast_enc_loop"));
&mov ($acc,$_ivp); # load ivp
- &mov ($s2,&DWP(8,$key)); # restore last dwords
+ &mov ($s2,&DWP(8,$key)); # restore last 2 dwords
&mov ($s3,&DWP(12,$key));
&mov (&DWP(0,$acc),$s0); # save ivec
&mov (&DWP(4,$acc),$s1);
@@ -949,125 +2185,20 @@
&set_label("skip_ezero")
&mov ("esp",$_esp);
&popf ();
- &set_label("enc_out");
+ &set_label("drop_out");
&function_end_A();
&pushf (); # kludge, never executed
- &align (4);
- &set_label("enc_tail");
- &mov ($s0,$key eq "edi" ? $key : "");
- &mov ($key,$_out); # load out
- &push ($s0); # push ivp
- &mov ($s1,16);
- &sub ($s1,$s2);
- &cmp ($key,$acc); # compare with inp
- &je (&label("enc_in_place"));
- &align (4);
- &data_word(0xA4F3F689); # rep movsb # copy input
- &jmp (&label("enc_skip_in_place"));
- &set_label("enc_in_place");
- &lea ($key,&DWP(0,$key,$s2));
- &set_label("enc_skip_in_place");
- &mov ($s2,$s1);
- &xor ($s0,$s0);
- &align (4);
- &data_word(0xAAF3F689); # rep stosb # zero tail
- &pop ($key); # pop ivp
-
- &mov ($acc,$_out); # output as input
- &mov ($s0,&DWP(0,$key));
- &mov ($s1,&DWP(4,$key));
- &mov ($_len,16); # len=16
- &jmp (&label("enc_loop")); # one more spin...
-
#----------------------------- DECRYPT -----------------------------#
-&align (4);
-&set_label("DECRYPT");
- &lea ("ebp",&DWP(&label("AES_Td")."-".&label("pic_point"),"ebp"));
+&set_label("fast_decrypt",16);
- # allocate aligned stack frame...
- &lea ($key,&DWP(-64-244,"esp"));
- &and ($key,-64);
-
- # ... and make sure it doesn't alias with AES_Td modulo 4096
- &mov ($s0,"ebp");
- &lea ($s1,&DWP(2048+256,"ebp"));
- &mov ($s3,$key);
- &and ($s0,0xfff); # s = %ebp&0xfff
- &and ($s1,0xfff); # e = (%ebp+2048+256)&0xfff
- &and ($s3,0xfff); # p = %esp&0xfff
-
- &cmp ($s3,$s1); # if (p>=e) %esp =- (p-e);
- &jb (&label("td_break_out"));
- &sub ($s3,$s1);
- &sub ($key,$s3);
- &jmp (&label("td_ok"));
- &set_label("td_break_out"); # else %esp -= (p-s)&0xfff + framesz;
- &sub ($s3,$s0);
- &and ($s3,0xfff);
- &add ($s3,64+256);
- &sub ($key,$s3);
- &align (4);
- &set_label("td_ok");
-
- &mov ($s0,&wparam(0)); # load inp
- &mov ($s1,&wparam(1)); # load out
- &mov ($s3,&wparam(3)); # load key
- &mov ($acc,&wparam(4)); # load ivp
-
- &exch ("esp",$key);
- &add ("esp",4); # reserve for return address!
- &mov ($_esp,$key); # save %esp
-
- &mov ($_inp,$s0); # save copy of inp
- &mov ($_out,$s1); # save copy of out
- &mov ($_len,$s2); # save copy of len
- &mov ($_key,$s3); # save copy of key
- &mov ($_ivp,$acc); # save copy of ivp
-
- &mov ($mark,0); # copy of aes_key->rounds = 0;
- if ($compromise) {
- &cmp ($s2,$compromise);
- &jb (&label("skip_dcopy"));
- }
- # do we copy key schedule to stack?
- &mov ($s1 eq "ebx" ? $s1 : "",$s3);
- &mov ($s2 eq "ecx" ? $s2 : "",244/4);
- &sub ($s1,"ebp");
- &mov ("esi",$s3);
- &and ($s1,0xfff);
- &lea ("edi",$aes_key);
- &cmp ($s1,2048+256);
- &jb (&label("do_dcopy"));
- &cmp ($s1,4096-244);
- &jb (&label("skip_dcopy"));
- &align (4);
- &set_label("do_dcopy");
- &mov ($_key,"edi");
- &data_word(0xA5F3F689); # rep movsd
- &set_label("skip_dcopy");
-
- &mov ($acc,$s0);
- &mov ($key,18);
- &align (4);
- &set_label("prefetch_td");
- &mov ($s0,&DWP(0,"ebp"));
- &mov ($s1,&DWP(32,"ebp"));
- &mov ($s2,&DWP(64,"ebp"));
- &mov ($s3,&DWP(96,"ebp"));
- &lea ("ebp",&DWP(128,"ebp"));
- &dec ($key);
- &jnz (&label("prefetch_td"));
- &sub ("ebp",2048+256);
-
&cmp ($acc,$_out);
- &je (&label("dec_in_place")); # in-place processing...
+ &je (&label("fast_dec_in_place")); # in-place processing...
- &mov ($key,$_ivp); # load ivp
&mov ($_tmp,$key);
&align (4);
- &set_label("dec_loop");
+ &set_label("fast_dec_loop",16);
&mov ($s0,&DWP(0,$acc)); # read input
&mov ($s1,&DWP(4,$acc));
&mov ($s2,&DWP(8,$acc));
@@ -1083,11 +2214,8 @@
&xor ($s2,&DWP(8,$key));
&xor ($s3,&DWP(12,$key));
- &sub ($acc,16);
- &jc (&label("dec_partial"));
- &mov ($_len,$acc); # save len
+ &mov ($key,$_out); # load out
&mov ($acc,$_inp); # load inp
- &mov ($key,$_out); # load out
&mov (&DWP(0,$key),$s0); # write output
&mov (&DWP(4,$key),$s1);
@@ -1094,16 +2222,16 @@
&mov (&DWP(8,$key),$s2);
&mov (&DWP(12,$key),$s3);
+ &mov ($s2,$_len); # load len
&mov ($_tmp,$acc); # save ivp
- &lea ($acc,&DWP(16,$acc));
+ &lea ($acc,&DWP(16,$acc)); # advance inp
&mov ($_inp,$acc); # save inp
-
- &lea ($key,&DWP(16,$key));
+ &lea ($key,&DWP(16,$key)); # advance out
&mov ($_out,$key); # save out
-
- &jnz (&label("dec_loop"));
+ &sub ($s2,16); # decrease len
+ &mov ($_len,$s2); # save len
+ &jnz (&label("fast_dec_loop"));
&mov ($key,$_tmp); # load temp ivp
- &set_label("dec_end");
&mov ($acc,$_ivp); # load user ivp
&mov ($s0,&DWP(0,$key)); # load iv
&mov ($s1,&DWP(4,$key));
@@ -1113,31 +2241,16 @@
&mov (&DWP(4,$acc),$s1);
&mov (&DWP(8,$acc),$s2);
&mov (&DWP(12,$acc),$s3);
- &jmp (&label("dec_out"));
+ &jmp (&label("fast_dec_out"));
- &align (4);
- &set_label("dec_partial");
- &lea ($key,$ivec);
- &mov (&DWP(0,$key),$s0); # dump output to stack
- &mov (&DWP(4,$key),$s1);
- &mov (&DWP(8,$key),$s2);
- &mov (&DWP(12,$key),$s3);
- &lea ($s2 eq "ecx" ? $s2 : "",&DWP(16,$acc));
- &mov ($acc eq "esi" ? $acc : "",$key);
- &mov ($key eq "edi" ? $key : "",$_out); # load out
- &data_word(0xA4F3F689); # rep movsb # copy output
- &mov ($key,$_inp); # use inp as temp ivp
- &jmp (&label("dec_end"));
-
- &align (4);
- &set_label("dec_in_place");
- &set_label("dec_in_place_loop");
- &lea ($key,$ivec);
+ &set_label("fast_dec_in_place",16);
+ &set_label("fast_dec_in_place_loop");
&mov ($s0,&DWP(0,$acc)); # read input
&mov ($s1,&DWP(4,$acc));
&mov ($s2,&DWP(8,$acc));
&mov ($s3,&DWP(12,$acc));
+ &lea ($key,$ivec);
&mov (&DWP(0,$key),$s0); # copy to temp
&mov (&DWP(4,$key),$s1);
&mov (&DWP(8,$key),$s2);
@@ -1158,7 +2271,7 @@
&mov (&DWP(8,$acc),$s2);
&mov (&DWP(12,$acc),$s3);
- &lea ($acc,&DWP(16,$acc));
+ &lea ($acc,&DWP(16,$acc)); # advance out
&mov ($_out,$acc); # save out
&lea ($acc,$ivec);
@@ -1173,40 +2286,340 @@
&mov (&DWP(12,$key),$s3);
&mov ($acc,$_inp); # load inp
+ &mov ($s2,$_len); # load len
+ &lea ($acc,&DWP(16,$acc)); # advance inp
+ &mov ($_inp,$acc); # save inp
+ &sub ($s2,16); # decrease len
+ &mov ($_len,$s2); # save len
+ &jnz (&label("fast_dec_in_place_loop"));
- &lea ($acc,&DWP(16,$acc));
+ &set_label("fast_dec_out",4);
+ &cmp ($mark,0); # was the key schedule copied?
+ &mov ("edi",$_key);
+ &je (&label("skip_dzero"));
+ # zero copy of key schedule
+ &mov ("ecx",240/4);
+ &xor ("eax","eax");
+ &align (4);
+ &data_word(0xABF3F689); # rep stosd
+ &set_label("skip_dzero")
+ &mov ("esp",$_esp);
+ &popf ();
+ &function_end_A();
+ &pushf (); # kludge, never executed
+
+#--------------------------- SLOW ROUTINE ---------------------------#
+&set_label("slow_way",16);
+
+ &mov ($s0,&DWP(0,$s0)) if (!$x86only);# load OPENSSL_ia32cap
+ &mov ($key,&wparam(3)); # load key
+
+ # pre-allocate aligned stack frame...
+ &lea ($acc,&DWP(-80,"esp"));
+ &and ($acc,-64);
+
+ # ... and make sure it doesn't alias with $key modulo 1024
+ &lea ($s1,&DWP(-80-63,$key));
+ &sub ($s1,$acc);
+ &neg ($s1);
+ &and ($s1,0x3C0); # modulo 1024, but aligned to cache-line
+ &sub ($acc,$s1);
+
+ # pick S-box copy which can't overlap with stack frame or $key
+ &lea ($s1,&DWP(768,$acc));
+ &sub ($s1,$tbl);
+ &and ($s1,0x300);
+ &lea ($tbl,&DWP(2048+128,$tbl,$s1));
+
+ &lea ($s3,&wparam(0)); # pointer to parameter block
+
+ &exch ("esp",$acc);
+ &add ("esp",4); # reserve for return address!
+ &mov ($_tbl,$tbl); # save %ebp
+ &mov ($_esp,$acc); # save %esp
+ &mov ($_tmp,$s0); # save OPENSSL_ia32cap
+
+ &mov ($s0,&DWP(0,$s3)); # load inp
+ &mov ($s1,&DWP(4,$s3)); # load out
+ #&mov ($s2,&DWP(8,$s3)); # load len
+ #&mov ($key,&DWP(12,$s3)); # load key
+ &mov ($acc,&DWP(16,$s3)); # load ivp
+ &mov ($s3,&DWP(20,$s3)); # load enc flag
+
+ &mov ($_inp,$s0); # save copy of inp
+ &mov ($_out,$s1); # save copy of out
+ &mov ($_len,$s2); # save copy of len
+ &mov ($_key,$key); # save copy of key
+ &mov ($_ivp,$acc); # save copy of ivp
+
+ &mov ($key,$acc);
+ &mov ($acc,$s0);
+
+ &cmp ($s3,0);
+ &je (&label("slow_decrypt"));
+
+#--------------------------- SLOW ENCRYPT ---------------------------#
+ &cmp ($s2,16);
+ &mov ($s3,$s1);
+ &jb (&label("slow_enc_tail"));
+
+ if (!$x86only) {
+ &bt ($_tmp,25); # check for SSE bit
+ &jnc (&label("slow_enc_x86"));
+
+ &movq ("mm0",&QWP(0,$key)); # load iv
+ &movq ("mm4",&QWP(8,$key));
+
+ &set_label("slow_enc_loop_sse",16);
+ &pxor ("mm0",&QWP(0,$acc)); # xor input data
+ &pxor ("mm4",&QWP(8,$acc));
+
+ &mov ($key,$_key);
+ &call ("_sse_AES_encrypt_compact");
+
+ &mov ($acc,$_inp); # load inp
+ &mov ($key,$_out); # load out
+ &mov ($s2,$_len); # load len
+
+ &movq (&QWP(0,$key),"mm0"); # save output data
+ &movq (&QWP(8,$key),"mm4");
+
+ &lea ($acc,&DWP(16,$acc)); # advance inp
&mov ($_inp,$acc); # save inp
+ &lea ($s3,&DWP(16,$key)); # advance out
+ &mov ($_out,$s3); # save out
+ &sub ($s2,16); # decrease len
+ &cmp ($s2,16);
+ &mov ($_len,$s2); # save len
+ &jae (&label("slow_enc_loop_sse"));
+ &test ($s2,15);
+ &jnz (&label("slow_enc_tail"));
+ &mov ($acc,$_ivp); # load ivp
+ &movq (&QWP(0,$acc),"mm0"); # save ivec
+ &movq (&QWP(8,$acc),"mm4");
+ &emms ();
+ &mov ("esp",$_esp);
+ &popf ();
+ &function_end_A();
+ &pushf (); # kludge, never executed
+ }
+ &set_label("slow_enc_x86",16);
+ &mov ($s0,&DWP(0,$key)); # load iv
+ &mov ($s1,&DWP(4,$key));
+ &set_label("slow_enc_loop_x86",4);
+ &mov ($s2,&DWP(8,$key));
+ &mov ($s3,&DWP(12,$key));
+
+ &xor ($s0,&DWP(0,$acc)); # xor input data
+ &xor ($s1,&DWP(4,$acc));
+ &xor ($s2,&DWP(8,$acc));
+ &xor ($s3,&DWP(12,$acc));
+
+ &mov ($key,$_key); # load key
+ &call ("_x86_AES_encrypt_compact");
+
+ &mov ($acc,$_inp); # load inp
+ &mov ($key,$_out); # load out
+
+ &mov (&DWP(0,$key),$s0); # save output data
+ &mov (&DWP(4,$key),$s1);
+ &mov (&DWP(8,$key),$s2);
+ &mov (&DWP(12,$key),$s3);
+
&mov ($s2,$_len); # load len
- &sub ($s2,16);
- &jc (&label("dec_in_place_partial"));
+ &lea ($acc,&DWP(16,$acc)); # advance inp
+ &mov ($_inp,$acc); # save inp
+ &lea ($s3,&DWP(16,$key)); # advance out
+ &mov ($_out,$s3); # save out
+ &sub ($s2,16); # decrease len
+ &cmp ($s2,16);
&mov ($_len,$s2); # save len
- &jnz (&label("dec_in_place_loop"));
- &jmp (&label("dec_out"));
+ &jae (&label("slow_enc_loop_x86"));
+ &test ($s2,15);
+ &jnz (&label("slow_enc_tail"));
+ &mov ($acc,$_ivp); # load ivp
+ &mov ($s2,&DWP(8,$key)); # restore last dwords
+ &mov ($s3,&DWP(12,$key));
+ &mov (&DWP(0,$acc),$s0); # save ivec
+ &mov (&DWP(4,$acc),$s1);
+ &mov (&DWP(8,$acc),$s2);
+ &mov (&DWP(12,$acc),$s3);
- &align (4);
- &set_label("dec_in_place_partial");
- # one can argue if this is actually required...
- &mov ($key eq "edi" ? $key : "",$_out);
- &lea ($acc eq "esi" ? $acc : "",$ivec);
+ &mov ("esp",$_esp);
+ &popf ();
+ &function_end_A();
+ &pushf (); # kludge, never executed
+
+ &set_label("slow_enc_tail",16);
+ &emms () if (!$x86only);
+ &mov ($key eq "edi"? $key:"",$s3); # load out to edi
+ &mov ($s1,16);
+ &sub ($s1,$s2);
+ &cmp ($key,$acc eq "esi"? $acc:""); # compare with inp
+ &je (&label("enc_in_place"));
+ &align (4);
+ &data_word(0xA4F3F689); # rep movsb # copy input
+ &jmp (&label("enc_skip_in_place"));
+ &set_label("enc_in_place");
&lea ($key,&DWP(0,$key,$s2));
- &lea ($acc,&DWP(16,$acc,$s2));
- &neg ($s2 eq "ecx" ? $s2 : "");
- &data_word(0xA4F3F689); # rep movsb # restore tail
+ &set_label("enc_skip_in_place");
+ &mov ($s2,$s1);
+ &xor ($s0,$s0);
+ &align (4);
+ &data_word(0xAAF3F689); # rep stosb # zero tail
- &align (4);
- &set_label("dec_out");
- &cmp ($mark,0); # was the key schedule copied?
- &mov ("edi",$_key);
- &je (&label("skip_dzero"));
- # zero copy of key schedule
- &mov ("ecx",240/4);
- &xor ("eax","eax");
- &align (4);
- &data_word(0xABF3F689); # rep stosd
- &set_label("skip_dzero")
- &mov ("esp",$_esp);
- &popf ();
+ &mov ($key,$_ivp); # restore ivp
+ &mov ($acc,$s3); # output as input
+ &mov ($s0,&DWP(0,$key));
+ &mov ($s1,&DWP(4,$key));
+ &mov ($_len,16); # len=16
+ &jmp (&label("slow_enc_loop_x86")); # one more spin...
+
+#--------------------------- SLOW DECRYPT ---------------------------#
+&set_label("slow_decrypt",16);
+ if (!$x86only) {
+ &bt ($_tmp,25); # check for SSE bit
+ &jnc (&label("slow_dec_loop_x86"));
+
+ &set_label("slow_dec_loop_sse",4);
+ &movq ("mm0",&QWP(0,$acc)); # read input
+ &movq ("mm4",&QWP(8,$acc));
+
+ &mov ($key,$_key);
+ &call ("_sse_AES_decrypt_compact");
+
+ &mov ($acc,$_inp); # load inp
+ &lea ($s0,$ivec);
+ &mov ($s1,$_out); # load out
+ &mov ($s2,$_len); # load len
+ &mov ($key,$_ivp); # load ivp
+
+ &movq ("mm1",&QWP(0,$acc)); # re-read input
+ &movq ("mm5",&QWP(8,$acc));
+
+ &pxor ("mm0",&QWP(0,$key)); # xor iv
+ &pxor ("mm4",&QWP(8,$key));
+
+ &movq (&QWP(0,$key),"mm1"); # copy input to iv
+ &movq (&QWP(8,$key),"mm5");
+
+ &sub ($s2,16); # decrease len
+ &jc (&label("slow_dec_partial_sse"));
+
+ &movq (&QWP(0,$s1),"mm0"); # write output
+ &movq (&QWP(8,$s1),"mm4");
+
+ &lea ($s1,&DWP(16,$s1)); # advance out
+ &mov ($_out,$s1); # save out
+ &lea ($acc,&DWP(16,$acc)); # advance inp
+ &mov ($_inp,$acc); # save inp
+ &mov ($_len,$s2); # save len
+ &jnz (&label("slow_dec_loop_sse"));
+ &emms ();
+ &mov ("esp",$_esp);
+ &popf ();
+ &function_end_A();
+ &pushf (); # kludge, never executed
+
+ &set_label("slow_dec_partial_sse",16);
+ &movq (&QWP(0,$s0),"mm0"); # save output to temp
+ &movq (&QWP(8,$s0),"mm4");
+ &emms ();
+
+ &add ($s2 eq "ecx" ? "ecx":"",16);
+ &mov ("edi",$s1); # out
+ &mov ("esi",$s0); # temp
+ &align (4);
+ &data_word(0xA4F3F689); # rep movsb # copy partial output
+
+ &mov ("esp",$_esp);
+ &popf ();
+ &function_end_A();
+ &pushf (); # kludge, never executed
+ }
+ &set_label("slow_dec_loop_x86",16);
+ &mov ($s0,&DWP(0,$acc)); # read input
+ &mov ($s1,&DWP(4,$acc));
+ &mov ($s2,&DWP(8,$acc));
+ &mov ($s3,&DWP(12,$acc));
+
+ &lea ($key,$ivec);
+ &mov (&DWP(0,$key),$s0); # copy to temp
+ &mov (&DWP(4,$key),$s1);
+ &mov (&DWP(8,$key),$s2);
+ &mov (&DWP(12,$key),$s3);
+
+ &mov ($key,$_key); # load key
+ &call ("_x86_AES_decrypt_compact");
+
+ &mov ($key,$_ivp); # load ivp
+ &mov ($acc,$_len); # load len
+ &xor ($s0,&DWP(0,$key)); # xor iv
+ &xor ($s1,&DWP(4,$key));
+ &xor ($s2,&DWP(8,$key));
+ &xor ($s3,&DWP(12,$key));
+
+ &sub ($acc,16);
+ &jc (&label("slow_dec_partial_x86"));
+
+ &mov ($_len,$acc); # save len
+ &mov ($acc,$_out); # load out
+
+ &mov (&DWP(0,$acc),$s0); # write output
+ &mov (&DWP(4,$acc),$s1);
+ &mov (&DWP(8,$acc),$s2);
+ &mov (&DWP(12,$acc),$s3);
+
+ &lea ($acc,&DWP(16,$acc)); # advance out
+ &mov ($_out,$acc); # save out
+
+ &lea ($acc,$ivec);
+ &mov ($s0,&DWP(0,$acc)); # read temp
+ &mov ($s1,&DWP(4,$acc));
+ &mov ($s2,&DWP(8,$acc));
+ &mov ($s3,&DWP(12,$acc));
+
+ &mov (&DWP(0,$key),$s0); # copy it to iv
+ &mov (&DWP(4,$key),$s1);
+ &mov (&DWP(8,$key),$s2);
+ &mov (&DWP(12,$key),$s3);
+
+ &mov ($acc,$_inp); # load inp
+ &lea ($acc,&DWP(16,$acc)); # advance inp
+ &mov ($_inp,$acc); # save inp
+ &jnz (&label("slow_dec_loop_x86"));
+ &mov ("esp",$_esp);
+ &popf ();
+ &function_end_A();
+ &pushf (); # kludge, never executed
+
+ &set_label("slow_dec_partial_x86",16);
+ &lea ($acc,$ivec);
+ &mov (&DWP(0,$acc),$s0); # save output to temp
+ &mov (&DWP(4,$acc),$s1);
+ &mov (&DWP(8,$acc),$s2);
+ &mov (&DWP(12,$acc),$s3);
+
+ &mov ($acc,$_inp);
+ &mov ($s0,&DWP(0,$acc)); # re-read input
+ &mov ($s1,&DWP(4,$acc));
+ &mov ($s2,&DWP(8,$acc));
+ &mov ($s3,&DWP(12,$acc));
+
+ &mov (&DWP(0,$key),$s0); # copy it to iv
+ &mov (&DWP(4,$key),$s1);
+ &mov (&DWP(8,$key),$s2);
+ &mov (&DWP(12,$key),$s3);
+
+ &mov ("ecx",$_len);
+ &mov ("edi",$_out);
+ &lea ("esi",$ivec);
+ &align (4);
+ &data_word(0xA4F3F689); # rep movsb # copy partial output
+
+ &mov ("esp",$_esp);
+ &popf ();
&function_end("AES_cbc_encrypt");
}
@@ -1215,35 +2628,31 @@
sub enckey()
{
&movz ("esi",&LB("edx")); # rk[i]>>0
- &mov ("ebx",&DWP(2,"ebp","esi",8));
+ &movz ("ebx",&BP(-128,$tbl,"esi",1));
&movz ("esi",&HB("edx")); # rk[i]>>8
- &and ("ebx",0xFF000000);
+ &shl ("ebx",24);
&xor ("eax","ebx");
- &mov ("ebx",&DWP(2,"ebp","esi",8));
+ &movz ("ebx",&BP(-128,$tbl,"esi",1));
&shr ("edx",16);
- &and ("ebx",0x000000FF);
&movz ("esi",&LB("edx")); # rk[i]>>16
&xor ("eax","ebx");
- &mov ("ebx",&DWP(0,"ebp","esi",8));
+ &movz ("ebx",&BP(-128,$tbl,"esi",1));
&movz ("esi",&HB("edx")); # rk[i]>>24
- &and ("ebx",0x0000FF00);
+ &shl ("ebx",8);
&xor ("eax","ebx");
- &mov ("ebx",&DWP(0,"ebp","esi",8));
- &and ("ebx",0x00FF0000);
+ &movz ("ebx",&BP(-128,$tbl,"esi",1));
+ &shl ("ebx",16);
&xor ("eax","ebx");
- &xor ("eax",&DWP(2048,"ebp","ecx",4)); # rcon
+ &xor ("eax",&DWP(1024-128,$tbl,"ecx",4)); # rcon
}
-# int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
-# AES_KEY *key)
-&public_label("AES_Te");
-&function_begin("AES_set_encrypt_key");
- &mov ("esi",&wparam(0)); # user supplied key
- &mov ("edi",&wparam(2)); # private key schedule
+&function_begin("_x86_AES_set_encrypt_key");
+ &mov ("esi",&wparam(1)); # user supplied key
+ &mov ("edi",&wparam(3)); # private key schedule
&test ("esi",-1);
&jz (&label("badpointer"));
@@ -1252,10 +2661,21 @@
&call (&label("pic_point"));
&set_label("pic_point");
- &blindpop("ebp");
- &lea ("ebp",&DWP(&label("AES_Te")."-".&label("pic_point"),"ebp"));
+ &blindpop($tbl);
+ &lea ($tbl,&DWP(&label("AES_Te")."-".&label("pic_point"),$tbl));
+ &lea ($tbl,&DWP(2048+128,$tbl));
- &mov ("ecx",&wparam(1)); # number of bits in key
+ # prefetch Te4
+ &mov ("eax",&DWP(0-128,$tbl));
+ &mov ("ebx",&DWP(32-128,$tbl));
+ &mov ("ecx",&DWP(64-128,$tbl));
+ &mov ("edx",&DWP(96-128,$tbl));
+ &mov ("eax",&DWP(128-128,$tbl));
+ &mov ("ebx",&DWP(160-128,$tbl));
+ &mov ("ecx",&DWP(192-128,$tbl));
+ &mov ("edx",&DWP(224-128,$tbl));
+
+ &mov ("ecx",&wparam(2)); # number of bits in key
&cmp ("ecx",128);
&je (&label("10rounds"));
&cmp ("ecx",192);
@@ -1394,24 +2814,23 @@
&mov ("edx","eax");
&mov ("eax",&DWP(16,"edi")); # rk[4]
&movz ("esi",&LB("edx")); # rk[11]>>0
- &mov ("ebx",&DWP(2,"ebp","esi",8));
+ &movz ("ebx",&BP(-128,$tbl,"esi",1));
&movz ("esi",&HB("edx")); # rk[11]>>8
- &and ("ebx",0x000000FF);
&xor ("eax","ebx");
- &mov ("ebx",&DWP(0,"ebp","esi",8));
+ &movz ("ebx",&BP(-128,$tbl,"esi",1));
&shr ("edx",16);
- &and ("ebx",0x0000FF00);
+ &shl ("ebx",8);
&movz ("esi",&LB("edx")); # rk[11]>>16
&xor ("eax","ebx");
- &mov ("ebx",&DWP(0,"ebp","esi",8));
+ &movz ("ebx",&BP(-128,$tbl,"esi",1));
&movz ("esi",&HB("edx")); # rk[11]>>24
- &and ("ebx",0x00FF0000);
+ &shl ("ebx",16);
&xor ("eax","ebx");
- &mov ("ebx",&DWP(2,"ebp","esi",8));
- &and ("ebx",0xFF000000);
+ &movz ("ebx",&BP(-128,$tbl,"esi",1));
+ &shl ("ebx",24);
&xor ("eax","ebx");
&mov (&DWP(48,"edi"),"eax"); # rk[12]
@@ -1433,43 +2852,74 @@
&set_label("badpointer");
&mov ("eax",-1);
&set_label("exit");
-&function_end("AES_set_encrypt_key");
+&function_end("_x86_AES_set_encrypt_key");
+# int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
+# AES_KEY *key)
+&function_begin_B("private_AES_set_encrypt_key");
+ &call ("_x86_AES_set_encrypt_key");
+ &ret ();
+&function_end_B("private_AES_set_encrypt_key");
+
sub deckey()
-{ my ($i,$ptr,$te,$td) = @_;
+{ my ($i,$key,$tp1,$tp2,$tp4,$tp8) = @_;
+ my $tmp = $tbl;
- &mov ("eax",&DWP($i,$ptr));
- &mov ("edx","eax");
- &movz ("ebx",&HB("eax"));
- &shr ("edx",16);
- &and ("eax",0xFF);
- &movz ("eax",&BP(2,$te,"eax",8));
- &movz ("ebx",&BP(2,$te,"ebx",8));
- &mov ("eax",&DWP(0,$td,"eax",8));
- &xor ("eax",&DWP(3,$td,"ebx",8));
- &movz ("ebx",&HB("edx"));
- &and ("edx",0xFF);
- &movz ("edx",&BP(2,$te,"edx",8));
- &movz ("ebx",&BP(2,$te,"ebx",8));
- &xor ("eax",&DWP(2,$td,"edx",8));
- &xor ("eax",&DWP(1,$td,"ebx",8));
- &mov (&DWP($i,$ptr),"eax");
+ &mov ($acc,$tp1);
+ &and ($acc,0x80808080);
+ &mov ($tmp,$acc);
+ &shr ($tmp,7);
+ &lea ($tp2,&DWP(0,$tp1,$tp1));
+ &sub ($acc,$tmp);
+ &and ($tp2,0xfefefefe);
+ &and ($acc,0x1b1b1b1b);
+ &xor ($acc,$tp2);
+ &mov ($tp2,$acc);
+
+ &and ($acc,0x80808080);
+ &mov ($tmp,$acc);
+ &shr ($tmp,7);
+ &lea ($tp4,&DWP(0,$tp2,$tp2));
+ &sub ($acc,$tmp);
+ &and ($tp4,0xfefefefe);
+ &and ($acc,0x1b1b1b1b);
+ &xor ($tp2,$tp1); # tp2^tp1
+ &xor ($acc,$tp4);
+ &mov ($tp4,$acc);
+
+ &and ($acc,0x80808080);
+ &mov ($tmp,$acc);
+ &shr ($tmp,7);
+ &lea ($tp8,&DWP(0,$tp4,$tp4));
+ &xor ($tp4,$tp1); # tp4^tp1
+ &sub ($acc,$tmp);
+ &and ($tp8,0xfefefefe);
+ &and ($acc,0x1b1b1b1b);
+ &rotl ($tp1,8); # = ROTATE(tp1,8)
+ &xor ($tp8,$acc);
+
+ &mov ($tmp,&DWP(4*($i+1),$key)); # modulo-scheduled load
+
+ &xor ($tp1,$tp2);
+ &xor ($tp2,$tp8);
+ &xor ($tp1,$tp4);
+ &rotl ($tp2,24);
+ &xor ($tp4,$tp8);
+ &xor ($tp1,$tp8); # ^= tp8^(tp4^tp1)^(tp2^tp1)
+ &rotl ($tp4,16);
+ &xor ($tp1,$tp2); # ^= ROTATE(tp8^tp2^tp1,24)
+ &rotl ($tp8,8);
+ &xor ($tp1,$tp4); # ^= ROTATE(tp8^tp4^tp1,16)
+ &mov ($tp2,$tmp);
+ &xor ($tp1,$tp8); # ^= ROTATE(tp8,8)
+
+ &mov (&DWP(4*$i,$key),$tp1);
}
-# int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
+# int private_AES_set_decrypt_key(const unsigned char *userKey, const int bits,
# AES_KEY *key)
-&public_label("AES_Td");
-&public_label("AES_Te");
-&function_begin_B("AES_set_decrypt_key");
- &mov ("eax",&wparam(0));
- &mov ("ecx",&wparam(1));
- &mov ("edx",&wparam(2));
- &sub ("esp",12);
- &mov (&DWP(0,"esp"),"eax");
- &mov (&DWP(4,"esp"),"ecx");
- &mov (&DWP(8,"esp"),"edx");
- &call ("AES_set_encrypt_key");
- &add ("esp",12);
+&function_begin_B("private_AES_set_decrypt_key");
+ &call ("_x86_AES_set_encrypt_key");
&cmp ("eax",0);
&je (&label("proceed"));
&ret ();
@@ -1485,8 +2935,7 @@
&lea ("ecx",&DWP(0,"","ecx",4));
&lea ("edi",&DWP(0,"esi","ecx",4)); # pointer to last chunk
- &align (4);
- &set_label("invert"); # invert order of chunks
+ &set_label("invert",4); # invert order of chunks
&mov ("eax",&DWP(0,"esi"));
&mov ("ebx",&DWP(4,"esi"));
&mov ("ecx",&DWP(0,"edi"));
@@ -1508,26 +2957,24 @@
&cmp ("esi","edi");
&jne (&label("invert"));
- &call (&label("pic_point"));
- &set_label("pic_point");
- blindpop("ebp");
- &lea ("edi",&DWP(&label("AES_Td")."-".&label("pic_point"),"ebp"));
- &lea ("ebp",&DWP(&label("AES_Te")."-".&label("pic_point"),"ebp"));
+ &mov ($key,&wparam(2));
+ &mov ($acc,&DWP(240,$key)); # pull number of rounds
+ &lea ($acc,&DWP(-2,$acc,$acc));
+ &lea ($acc,&DWP(0,$key,$acc,8));
+ &mov (&wparam(2),$acc);
- &mov ("esi",&wparam(2));
- &mov ("ecx",&DWP(240,"esi")); # pull number of rounds
- &dec ("ecx");
- &align (4);
- &set_label("permute"); # permute the key schedule
- &add ("esi",16);
- &deckey (0,"esi","ebp","edi");
- &deckey (4,"esi","ebp","edi");
- &deckey (8,"esi","ebp","edi");
- &deckey (12,"esi","ebp","edi");
- &dec ("ecx");
- &jnz (&label("permute"));
+ &mov ($s0,&DWP(16,$key)); # modulo-scheduled load
+ &set_label("permute",4); # permute the key schedule
+ &add ($key,16);
+ &deckey (0,$key,$s0,$s1,$s2,$s3);
+ &deckey (1,$key,$s1,$s2,$s3,$s0);
+ &deckey (2,$key,$s2,$s3,$s0,$s1);
+ &deckey (3,$key,$s3,$s0,$s1,$s2);
+ &cmp ($key,&wparam(2));
+ &jb (&label("permute"));
&xor ("eax","eax"); # return success
-&function_end("AES_set_decrypt_key");
+&function_end("private_AES_set_decrypt_key");
+&asciz("AES for x86, CRYPTOGAMS by <appro\@openssl.org>");
&asm_finish();
Copied: trunk/crypto/openssl/crypto/aes/asm/aes-armv4.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/aes/asm/aes-armv4.pl)
===================================================================
--- trunk/crypto/openssl/crypto/aes/asm/aes-armv4.pl (rev 0)
+++ trunk/crypto/openssl/crypto/aes/asm/aes-armv4.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,1134 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# AES for ARMv4
+
+# January 2007.
+#
+# Code uses single 1K S-box and is >2 times faster than code generated
+# by gcc-3.4.1. This is thanks to unique feature of ARMv4 ISA, which
+# allows to merge logical or arithmetic operation with shift or rotate
+# in one instruction and emit combined result every cycle. The module
+# is endian-neutral. The performance is ~42 cycles/byte for 128-bit
+# key [on single-issue Xscale PXA250 core].
+
+# May 2007.
+#
+# AES_set_[en|de]crypt_key is added.
+
+# July 2010.
+#
+# Rescheduling for dual-issue pipeline resulted in 12% improvement on
+# Cortex A8 core and ~25 cycles per byte processed with 128-bit key.
+
+# February 2011.
+#
+# Profiler-assisted and platform-specific optimization resulted in 16%
+# improvement on Cortex A8 core and ~21.5 cycles per byte.
+
+while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
+open STDOUT,">$output";
+
+$s0="r0";
+$s1="r1";
+$s2="r2";
+$s3="r3";
+$t1="r4";
+$t2="r5";
+$t3="r6";
+$i1="r7";
+$i2="r8";
+$i3="r9";
+
+$tbl="r10";
+$key="r11";
+$rounds="r12";
+
+$code=<<___;
+#include "arm_arch.h"
+.text
+.code 32
+
+.type AES_Te,%object
+.align 5
+AES_Te:
+.word 0xc66363a5, 0xf87c7c84, 0xee777799, 0xf67b7b8d
+.word 0xfff2f20d, 0xd66b6bbd, 0xde6f6fb1, 0x91c5c554
+.word 0x60303050, 0x02010103, 0xce6767a9, 0x562b2b7d
+.word 0xe7fefe19, 0xb5d7d762, 0x4dababe6, 0xec76769a
+.word 0x8fcaca45, 0x1f82829d, 0x89c9c940, 0xfa7d7d87
+.word 0xeffafa15, 0xb25959eb, 0x8e4747c9, 0xfbf0f00b
+.word 0x41adadec, 0xb3d4d467, 0x5fa2a2fd, 0x45afafea
+.word 0x239c9cbf, 0x53a4a4f7, 0xe4727296, 0x9bc0c05b
+.word 0x75b7b7c2, 0xe1fdfd1c, 0x3d9393ae, 0x4c26266a
+.word 0x6c36365a, 0x7e3f3f41, 0xf5f7f702, 0x83cccc4f
+.word 0x6834345c, 0x51a5a5f4, 0xd1e5e534, 0xf9f1f108
+.word 0xe2717193, 0xabd8d873, 0x62313153, 0x2a15153f
+.word 0x0804040c, 0x95c7c752, 0x46232365, 0x9dc3c35e
+.word 0x30181828, 0x379696a1, 0x0a05050f, 0x2f9a9ab5
+.word 0x0e070709, 0x24121236, 0x1b80809b, 0xdfe2e23d
+.word 0xcdebeb26, 0x4e272769, 0x7fb2b2cd, 0xea75759f
+.word 0x1209091b, 0x1d83839e, 0x582c2c74, 0x341a1a2e
+.word 0x361b1b2d, 0xdc6e6eb2, 0xb45a5aee, 0x5ba0a0fb
+.word 0xa45252f6, 0x763b3b4d, 0xb7d6d661, 0x7db3b3ce
+.word 0x5229297b, 0xdde3e33e, 0x5e2f2f71, 0x13848497
+.word 0xa65353f5, 0xb9d1d168, 0x00000000, 0xc1eded2c
+.word 0x40202060, 0xe3fcfc1f, 0x79b1b1c8, 0xb65b5bed
+.word 0xd46a6abe, 0x8dcbcb46, 0x67bebed9, 0x7239394b
+.word 0x944a4ade, 0x984c4cd4, 0xb05858e8, 0x85cfcf4a
+.word 0xbbd0d06b, 0xc5efef2a, 0x4faaaae5, 0xedfbfb16
+.word 0x864343c5, 0x9a4d4dd7, 0x66333355, 0x11858594
+.word 0x8a4545cf, 0xe9f9f910, 0x04020206, 0xfe7f7f81
+.word 0xa05050f0, 0x783c3c44, 0x259f9fba, 0x4ba8a8e3
+.word 0xa25151f3, 0x5da3a3fe, 0x804040c0, 0x058f8f8a
+.word 0x3f9292ad, 0x219d9dbc, 0x70383848, 0xf1f5f504
+.word 0x63bcbcdf, 0x77b6b6c1, 0xafdada75, 0x42212163
+.word 0x20101030, 0xe5ffff1a, 0xfdf3f30e, 0xbfd2d26d
+.word 0x81cdcd4c, 0x180c0c14, 0x26131335, 0xc3ecec2f
+.word 0xbe5f5fe1, 0x359797a2, 0x884444cc, 0x2e171739
+.word 0x93c4c457, 0x55a7a7f2, 0xfc7e7e82, 0x7a3d3d47
+.word 0xc86464ac, 0xba5d5de7, 0x3219192b, 0xe6737395
+.word 0xc06060a0, 0x19818198, 0x9e4f4fd1, 0xa3dcdc7f
+.word 0x44222266, 0x542a2a7e, 0x3b9090ab, 0x0b888883
+.word 0x8c4646ca, 0xc7eeee29, 0x6bb8b8d3, 0x2814143c
+.word 0xa7dede79, 0xbc5e5ee2, 0x160b0b1d, 0xaddbdb76
+.word 0xdbe0e03b, 0x64323256, 0x743a3a4e, 0x140a0a1e
+.word 0x924949db, 0x0c06060a, 0x4824246c, 0xb85c5ce4
+.word 0x9fc2c25d, 0xbdd3d36e, 0x43acacef, 0xc46262a6
+.word 0x399191a8, 0x319595a4, 0xd3e4e437, 0xf279798b
+.word 0xd5e7e732, 0x8bc8c843, 0x6e373759, 0xda6d6db7
+.word 0x018d8d8c, 0xb1d5d564, 0x9c4e4ed2, 0x49a9a9e0
+.word 0xd86c6cb4, 0xac5656fa, 0xf3f4f407, 0xcfeaea25
+.word 0xca6565af, 0xf47a7a8e, 0x47aeaee9, 0x10080818
+.word 0x6fbabad5, 0xf0787888, 0x4a25256f, 0x5c2e2e72
+.word 0x381c1c24, 0x57a6a6f1, 0x73b4b4c7, 0x97c6c651
+.word 0xcbe8e823, 0xa1dddd7c, 0xe874749c, 0x3e1f1f21
+.word 0x964b4bdd, 0x61bdbddc, 0x0d8b8b86, 0x0f8a8a85
+.word 0xe0707090, 0x7c3e3e42, 0x71b5b5c4, 0xcc6666aa
+.word 0x904848d8, 0x06030305, 0xf7f6f601, 0x1c0e0e12
+.word 0xc26161a3, 0x6a35355f, 0xae5757f9, 0x69b9b9d0
+.word 0x17868691, 0x99c1c158, 0x3a1d1d27, 0x279e9eb9
+.word 0xd9e1e138, 0xebf8f813, 0x2b9898b3, 0x22111133
+.word 0xd26969bb, 0xa9d9d970, 0x078e8e89, 0x339494a7
+.word 0x2d9b9bb6, 0x3c1e1e22, 0x15878792, 0xc9e9e920
+.word 0x87cece49, 0xaa5555ff, 0x50282878, 0xa5dfdf7a
+.word 0x038c8c8f, 0x59a1a1f8, 0x09898980, 0x1a0d0d17
+.word 0x65bfbfda, 0xd7e6e631, 0x844242c6, 0xd06868b8
+.word 0x824141c3, 0x299999b0, 0x5a2d2d77, 0x1e0f0f11
+.word 0x7bb0b0cb, 0xa85454fc, 0x6dbbbbd6, 0x2c16163a
+@ Te4[256]
+.byte 0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5
+.byte 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76
+.byte 0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0
+.byte 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0
+.byte 0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc
+.byte 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15
+.byte 0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a
+.byte 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75
+.byte 0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0
+.byte 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84
+.byte 0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b
+.byte 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf
+.byte 0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85
+.byte 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8
+.byte 0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5
+.byte 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2
+.byte 0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17
+.byte 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73
+.byte 0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88
+.byte 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb
+.byte 0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c
+.byte 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79
+.byte 0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9
+.byte 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08
+.byte 0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6
+.byte 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a
+.byte 0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e
+.byte 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e
+.byte 0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94
+.byte 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf
+.byte 0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68
+.byte 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16
+@ rcon[]
+.word 0x01000000, 0x02000000, 0x04000000, 0x08000000
+.word 0x10000000, 0x20000000, 0x40000000, 0x80000000
+.word 0x1B000000, 0x36000000, 0, 0, 0, 0, 0, 0
+.size AES_Te,.-AES_Te
+
+@ void AES_encrypt(const unsigned char *in, unsigned char *out,
+@ const AES_KEY *key) {
+.global AES_encrypt
+.type AES_encrypt,%function
+.align 5
+AES_encrypt:
+ sub r3,pc,#8 @ AES_encrypt
+ stmdb sp!,{r1,r4-r12,lr}
+ mov $rounds,r0 @ inp
+ mov $key,r2
+ sub $tbl,r3,#AES_encrypt-AES_Te @ Te
+#if __ARM_ARCH__<7
+ ldrb $s0,[$rounds,#3] @ load input data in endian-neutral
+ ldrb $t1,[$rounds,#2] @ manner...
+ ldrb $t2,[$rounds,#1]
+ ldrb $t3,[$rounds,#0]
+ orr $s0,$s0,$t1,lsl#8
+ ldrb $s1,[$rounds,#7]
+ orr $s0,$s0,$t2,lsl#16
+ ldrb $t1,[$rounds,#6]
+ orr $s0,$s0,$t3,lsl#24
+ ldrb $t2,[$rounds,#5]
+ ldrb $t3,[$rounds,#4]
+ orr $s1,$s1,$t1,lsl#8
+ ldrb $s2,[$rounds,#11]
+ orr $s1,$s1,$t2,lsl#16
+ ldrb $t1,[$rounds,#10]
+ orr $s1,$s1,$t3,lsl#24
+ ldrb $t2,[$rounds,#9]
+ ldrb $t3,[$rounds,#8]
+ orr $s2,$s2,$t1,lsl#8
+ ldrb $s3,[$rounds,#15]
+ orr $s2,$s2,$t2,lsl#16
+ ldrb $t1,[$rounds,#14]
+ orr $s2,$s2,$t3,lsl#24
+ ldrb $t2,[$rounds,#13]
+ ldrb $t3,[$rounds,#12]
+ orr $s3,$s3,$t1,lsl#8
+ orr $s3,$s3,$t2,lsl#16
+ orr $s3,$s3,$t3,lsl#24
+#else
+ ldr $s0,[$rounds,#0]
+ ldr $s1,[$rounds,#4]
+ ldr $s2,[$rounds,#8]
+ ldr $s3,[$rounds,#12]
+#ifdef __ARMEL__
+ rev $s0,$s0
+ rev $s1,$s1
+ rev $s2,$s2
+ rev $s3,$s3
+#endif
+#endif
+ bl _armv4_AES_encrypt
+
+ ldr $rounds,[sp],#4 @ pop out
+#if __ARM_ARCH__>=7
+#ifdef __ARMEL__
+ rev $s0,$s0
+ rev $s1,$s1
+ rev $s2,$s2
+ rev $s3,$s3
+#endif
+ str $s0,[$rounds,#0]
+ str $s1,[$rounds,#4]
+ str $s2,[$rounds,#8]
+ str $s3,[$rounds,#12]
+#else
+ mov $t1,$s0,lsr#24 @ write output in endian-neutral
+ mov $t2,$s0,lsr#16 @ manner...
+ mov $t3,$s0,lsr#8
+ strb $t1,[$rounds,#0]
+ strb $t2,[$rounds,#1]
+ mov $t1,$s1,lsr#24
+ strb $t3,[$rounds,#2]
+ mov $t2,$s1,lsr#16
+ strb $s0,[$rounds,#3]
+ mov $t3,$s1,lsr#8
+ strb $t1,[$rounds,#4]
+ strb $t2,[$rounds,#5]
+ mov $t1,$s2,lsr#24
+ strb $t3,[$rounds,#6]
+ mov $t2,$s2,lsr#16
+ strb $s1,[$rounds,#7]
+ mov $t3,$s2,lsr#8
+ strb $t1,[$rounds,#8]
+ strb $t2,[$rounds,#9]
+ mov $t1,$s3,lsr#24
+ strb $t3,[$rounds,#10]
+ mov $t2,$s3,lsr#16
+ strb $s2,[$rounds,#11]
+ mov $t3,$s3,lsr#8
+ strb $t1,[$rounds,#12]
+ strb $t2,[$rounds,#13]
+ strb $t3,[$rounds,#14]
+ strb $s3,[$rounds,#15]
+#endif
+#if __ARM_ARCH__>=5
+ ldmia sp!,{r4-r12,pc}
+#else
+ ldmia sp!,{r4-r12,lr}
+ tst lr,#1
+ moveq pc,lr @ be binary compatible with V4, yet
+ bx lr @ interoperable with Thumb ISA:-)
+#endif
+.size AES_encrypt,.-AES_encrypt
+
+.type _armv4_AES_encrypt,%function
+.align 2
+_armv4_AES_encrypt:
+ str lr,[sp,#-4]! @ push lr
+ ldmia $key!,{$t1-$i1}
+ eor $s0,$s0,$t1
+ ldr $rounds,[$key,#240-16]
+ eor $s1,$s1,$t2
+ eor $s2,$s2,$t3
+ eor $s3,$s3,$i1
+ sub $rounds,$rounds,#1
+ mov lr,#255
+
+ and $i1,lr,$s0
+ and $i2,lr,$s0,lsr#8
+ and $i3,lr,$s0,lsr#16
+ mov $s0,$s0,lsr#24
+.Lenc_loop:
+ ldr $t1,[$tbl,$i1,lsl#2] @ Te3[s0>>0]
+ and $i1,lr,$s1,lsr#16 @ i0
+ ldr $t2,[$tbl,$i2,lsl#2] @ Te2[s0>>8]
+ and $i2,lr,$s1
+ ldr $t3,[$tbl,$i3,lsl#2] @ Te1[s0>>16]
+ and $i3,lr,$s1,lsr#8
+ ldr $s0,[$tbl,$s0,lsl#2] @ Te0[s0>>24]
+ mov $s1,$s1,lsr#24
+
+ ldr $i1,[$tbl,$i1,lsl#2] @ Te1[s1>>16]
+ ldr $i2,[$tbl,$i2,lsl#2] @ Te3[s1>>0]
+ ldr $i3,[$tbl,$i3,lsl#2] @ Te2[s1>>8]
+ eor $s0,$s0,$i1,ror#8
+ ldr $s1,[$tbl,$s1,lsl#2] @ Te0[s1>>24]
+ and $i1,lr,$s2,lsr#8 @ i0
+ eor $t2,$t2,$i2,ror#8
+ and $i2,lr,$s2,lsr#16 @ i1
+ eor $t3,$t3,$i3,ror#8
+ and $i3,lr,$s2
+ ldr $i1,[$tbl,$i1,lsl#2] @ Te2[s2>>8]
+ eor $s1,$s1,$t1,ror#24
+ ldr $i2,[$tbl,$i2,lsl#2] @ Te1[s2>>16]
+ mov $s2,$s2,lsr#24
+
+ ldr $i3,[$tbl,$i3,lsl#2] @ Te3[s2>>0]
+ eor $s0,$s0,$i1,ror#16
+ ldr $s2,[$tbl,$s2,lsl#2] @ Te0[s2>>24]
+ and $i1,lr,$s3 @ i0
+ eor $s1,$s1,$i2,ror#8
+ and $i2,lr,$s3,lsr#8 @ i1
+ eor $t3,$t3,$i3,ror#16
+ and $i3,lr,$s3,lsr#16 @ i2
+ ldr $i1,[$tbl,$i1,lsl#2] @ Te3[s3>>0]
+ eor $s2,$s2,$t2,ror#16
+ ldr $i2,[$tbl,$i2,lsl#2] @ Te2[s3>>8]
+ mov $s3,$s3,lsr#24
+
+ ldr $i3,[$tbl,$i3,lsl#2] @ Te1[s3>>16]
+ eor $s0,$s0,$i1,ror#24
+ ldr $i1,[$key],#16
+ eor $s1,$s1,$i2,ror#16
+ ldr $s3,[$tbl,$s3,lsl#2] @ Te0[s3>>24]
+ eor $s2,$s2,$i3,ror#8
+ ldr $t1,[$key,#-12]
+ eor $s3,$s3,$t3,ror#8
+
+ ldr $t2,[$key,#-8]
+ eor $s0,$s0,$i1
+ ldr $t3,[$key,#-4]
+ and $i1,lr,$s0
+ eor $s1,$s1,$t1
+ and $i2,lr,$s0,lsr#8
+ eor $s2,$s2,$t2
+ and $i3,lr,$s0,lsr#16
+ eor $s3,$s3,$t3
+ mov $s0,$s0,lsr#24
+
+ subs $rounds,$rounds,#1
+ bne .Lenc_loop
+
+ add $tbl,$tbl,#2
+
+ ldrb $t1,[$tbl,$i1,lsl#2] @ Te4[s0>>0]
+ and $i1,lr,$s1,lsr#16 @ i0
+ ldrb $t2,[$tbl,$i2,lsl#2] @ Te4[s0>>8]
+ and $i2,lr,$s1
+ ldrb $t3,[$tbl,$i3,lsl#2] @ Te4[s0>>16]
+ and $i3,lr,$s1,lsr#8
+ ldrb $s0,[$tbl,$s0,lsl#2] @ Te4[s0>>24]
+ mov $s1,$s1,lsr#24
+
+ ldrb $i1,[$tbl,$i1,lsl#2] @ Te4[s1>>16]
+ ldrb $i2,[$tbl,$i2,lsl#2] @ Te4[s1>>0]
+ ldrb $i3,[$tbl,$i3,lsl#2] @ Te4[s1>>8]
+ eor $s0,$i1,$s0,lsl#8
+ ldrb $s1,[$tbl,$s1,lsl#2] @ Te4[s1>>24]
+ and $i1,lr,$s2,lsr#8 @ i0
+ eor $t2,$i2,$t2,lsl#8
+ and $i2,lr,$s2,lsr#16 @ i1
+ eor $t3,$i3,$t3,lsl#8
+ and $i3,lr,$s2
+ ldrb $i1,[$tbl,$i1,lsl#2] @ Te4[s2>>8]
+ eor $s1,$t1,$s1,lsl#24
+ ldrb $i2,[$tbl,$i2,lsl#2] @ Te4[s2>>16]
+ mov $s2,$s2,lsr#24
+
+ ldrb $i3,[$tbl,$i3,lsl#2] @ Te4[s2>>0]
+ eor $s0,$i1,$s0,lsl#8
+ ldrb $s2,[$tbl,$s2,lsl#2] @ Te4[s2>>24]
+ and $i1,lr,$s3 @ i0
+ eor $s1,$s1,$i2,lsl#16
+ and $i2,lr,$s3,lsr#8 @ i1
+ eor $t3,$i3,$t3,lsl#8
+ and $i3,lr,$s3,lsr#16 @ i2
+ ldrb $i1,[$tbl,$i1,lsl#2] @ Te4[s3>>0]
+ eor $s2,$t2,$s2,lsl#24
+ ldrb $i2,[$tbl,$i2,lsl#2] @ Te4[s3>>8]
+ mov $s3,$s3,lsr#24
+
+ ldrb $i3,[$tbl,$i3,lsl#2] @ Te4[s3>>16]
+ eor $s0,$i1,$s0,lsl#8
+ ldr $i1,[$key,#0]
+ ldrb $s3,[$tbl,$s3,lsl#2] @ Te4[s3>>24]
+ eor $s1,$s1,$i2,lsl#8
+ ldr $t1,[$key,#4]
+ eor $s2,$s2,$i3,lsl#16
+ ldr $t2,[$key,#8]
+ eor $s3,$t3,$s3,lsl#24
+ ldr $t3,[$key,#12]
+
+ eor $s0,$s0,$i1
+ eor $s1,$s1,$t1
+ eor $s2,$s2,$t2
+ eor $s3,$s3,$t3
+
+ sub $tbl,$tbl,#2
+ ldr pc,[sp],#4 @ pop and return
+.size _armv4_AES_encrypt,.-_armv4_AES_encrypt
+
+.global private_AES_set_encrypt_key
+.type private_AES_set_encrypt_key,%function
+.align 5
+private_AES_set_encrypt_key:
+_armv4_AES_set_encrypt_key:
+ sub r3,pc,#8 @ AES_set_encrypt_key
+ teq r0,#0
+ moveq r0,#-1
+ beq .Labrt
+ teq r2,#0
+ moveq r0,#-1
+ beq .Labrt
+
+ teq r1,#128
+ beq .Lok
+ teq r1,#192
+ beq .Lok
+ teq r1,#256
+ movne r0,#-1
+ bne .Labrt
+
+.Lok: stmdb sp!,{r4-r12,lr}
+ sub $tbl,r3,#_armv4_AES_set_encrypt_key-AES_Te-1024 @ Te4
+
+ mov $rounds,r0 @ inp
+ mov lr,r1 @ bits
+ mov $key,r2 @ key
+
+#if __ARM_ARCH__<7
+ ldrb $s0,[$rounds,#3] @ load input data in endian-neutral
+ ldrb $t1,[$rounds,#2] @ manner...
+ ldrb $t2,[$rounds,#1]
+ ldrb $t3,[$rounds,#0]
+ orr $s0,$s0,$t1,lsl#8
+ ldrb $s1,[$rounds,#7]
+ orr $s0,$s0,$t2,lsl#16
+ ldrb $t1,[$rounds,#6]
+ orr $s0,$s0,$t3,lsl#24
+ ldrb $t2,[$rounds,#5]
+ ldrb $t3,[$rounds,#4]
+ orr $s1,$s1,$t1,lsl#8
+ ldrb $s2,[$rounds,#11]
+ orr $s1,$s1,$t2,lsl#16
+ ldrb $t1,[$rounds,#10]
+ orr $s1,$s1,$t3,lsl#24
+ ldrb $t2,[$rounds,#9]
+ ldrb $t3,[$rounds,#8]
+ orr $s2,$s2,$t1,lsl#8
+ ldrb $s3,[$rounds,#15]
+ orr $s2,$s2,$t2,lsl#16
+ ldrb $t1,[$rounds,#14]
+ orr $s2,$s2,$t3,lsl#24
+ ldrb $t2,[$rounds,#13]
+ ldrb $t3,[$rounds,#12]
+ orr $s3,$s3,$t1,lsl#8
+ str $s0,[$key],#16
+ orr $s3,$s3,$t2,lsl#16
+ str $s1,[$key,#-12]
+ orr $s3,$s3,$t3,lsl#24
+ str $s2,[$key,#-8]
+ str $s3,[$key,#-4]
+#else
+ ldr $s0,[$rounds,#0]
+ ldr $s1,[$rounds,#4]
+ ldr $s2,[$rounds,#8]
+ ldr $s3,[$rounds,#12]
+#ifdef __ARMEL__
+ rev $s0,$s0
+ rev $s1,$s1
+ rev $s2,$s2
+ rev $s3,$s3
+#endif
+ str $s0,[$key],#16
+ str $s1,[$key,#-12]
+ str $s2,[$key,#-8]
+ str $s3,[$key,#-4]
+#endif
+
+ teq lr,#128
+ bne .Lnot128
+ mov $rounds,#10
+ str $rounds,[$key,#240-16]
+ add $t3,$tbl,#256 @ rcon
+ mov lr,#255
+
+.L128_loop:
+ and $t2,lr,$s3,lsr#24
+ and $i1,lr,$s3,lsr#16
+ ldrb $t2,[$tbl,$t2]
+ and $i2,lr,$s3,lsr#8
+ ldrb $i1,[$tbl,$i1]
+ and $i3,lr,$s3
+ ldrb $i2,[$tbl,$i2]
+ orr $t2,$t2,$i1,lsl#24
+ ldrb $i3,[$tbl,$i3]
+ orr $t2,$t2,$i2,lsl#16
+ ldr $t1,[$t3],#4 @ rcon[i++]
+ orr $t2,$t2,$i3,lsl#8
+ eor $t2,$t2,$t1
+ eor $s0,$s0,$t2 @ rk[4]=rk[0]^...
+ eor $s1,$s1,$s0 @ rk[5]=rk[1]^rk[4]
+ str $s0,[$key],#16
+ eor $s2,$s2,$s1 @ rk[6]=rk[2]^rk[5]
+ str $s1,[$key,#-12]
+ eor $s3,$s3,$s2 @ rk[7]=rk[3]^rk[6]
+ str $s2,[$key,#-8]
+ subs $rounds,$rounds,#1
+ str $s3,[$key,#-4]
+ bne .L128_loop
+ sub r2,$key,#176
+ b .Ldone
+
+.Lnot128:
+#if __ARM_ARCH__<7
+ ldrb $i2,[$rounds,#19]
+ ldrb $t1,[$rounds,#18]
+ ldrb $t2,[$rounds,#17]
+ ldrb $t3,[$rounds,#16]
+ orr $i2,$i2,$t1,lsl#8
+ ldrb $i3,[$rounds,#23]
+ orr $i2,$i2,$t2,lsl#16
+ ldrb $t1,[$rounds,#22]
+ orr $i2,$i2,$t3,lsl#24
+ ldrb $t2,[$rounds,#21]
+ ldrb $t3,[$rounds,#20]
+ orr $i3,$i3,$t1,lsl#8
+ orr $i3,$i3,$t2,lsl#16
+ str $i2,[$key],#8
+ orr $i3,$i3,$t3,lsl#24
+ str $i3,[$key,#-4]
+#else
+ ldr $i2,[$rounds,#16]
+ ldr $i3,[$rounds,#20]
+#ifdef __ARMEL__
+ rev $i2,$i2
+ rev $i3,$i3
+#endif
+ str $i2,[$key],#8
+ str $i3,[$key,#-4]
+#endif
+
+ teq lr,#192
+ bne .Lnot192
+ mov $rounds,#12
+ str $rounds,[$key,#240-24]
+ add $t3,$tbl,#256 @ rcon
+ mov lr,#255
+ mov $rounds,#8
+
+.L192_loop:
+ and $t2,lr,$i3,lsr#24
+ and $i1,lr,$i3,lsr#16
+ ldrb $t2,[$tbl,$t2]
+ and $i2,lr,$i3,lsr#8
+ ldrb $i1,[$tbl,$i1]
+ and $i3,lr,$i3
+ ldrb $i2,[$tbl,$i2]
+ orr $t2,$t2,$i1,lsl#24
+ ldrb $i3,[$tbl,$i3]
+ orr $t2,$t2,$i2,lsl#16
+ ldr $t1,[$t3],#4 @ rcon[i++]
+ orr $t2,$t2,$i3,lsl#8
+ eor $i3,$t2,$t1
+ eor $s0,$s0,$i3 @ rk[6]=rk[0]^...
+ eor $s1,$s1,$s0 @ rk[7]=rk[1]^rk[6]
+ str $s0,[$key],#24
+ eor $s2,$s2,$s1 @ rk[8]=rk[2]^rk[7]
+ str $s1,[$key,#-20]
+ eor $s3,$s3,$s2 @ rk[9]=rk[3]^rk[8]
+ str $s2,[$key,#-16]
+ subs $rounds,$rounds,#1
+ str $s3,[$key,#-12]
+ subeq r2,$key,#216
+ beq .Ldone
+
+ ldr $i1,[$key,#-32]
+ ldr $i2,[$key,#-28]
+ eor $i1,$i1,$s3 @ rk[10]=rk[4]^rk[9]
+ eor $i3,$i2,$i1 @ rk[11]=rk[5]^rk[10]
+ str $i1,[$key,#-8]
+ str $i3,[$key,#-4]
+ b .L192_loop
+
+.Lnot192:
+#if __ARM_ARCH__<7
+ ldrb $i2,[$rounds,#27]
+ ldrb $t1,[$rounds,#26]
+ ldrb $t2,[$rounds,#25]
+ ldrb $t3,[$rounds,#24]
+ orr $i2,$i2,$t1,lsl#8
+ ldrb $i3,[$rounds,#31]
+ orr $i2,$i2,$t2,lsl#16
+ ldrb $t1,[$rounds,#30]
+ orr $i2,$i2,$t3,lsl#24
+ ldrb $t2,[$rounds,#29]
+ ldrb $t3,[$rounds,#28]
+ orr $i3,$i3,$t1,lsl#8
+ orr $i3,$i3,$t2,lsl#16
+ str $i2,[$key],#8
+ orr $i3,$i3,$t3,lsl#24
+ str $i3,[$key,#-4]
+#else
+ ldr $i2,[$rounds,#24]
+ ldr $i3,[$rounds,#28]
+#ifdef __ARMEL__
+ rev $i2,$i2
+ rev $i3,$i3
+#endif
+ str $i2,[$key],#8
+ str $i3,[$key,#-4]
+#endif
+
+ mov $rounds,#14
+ str $rounds,[$key,#240-32]
+ add $t3,$tbl,#256 @ rcon
+ mov lr,#255
+ mov $rounds,#7
+
+.L256_loop:
+ and $t2,lr,$i3,lsr#24
+ and $i1,lr,$i3,lsr#16
+ ldrb $t2,[$tbl,$t2]
+ and $i2,lr,$i3,lsr#8
+ ldrb $i1,[$tbl,$i1]
+ and $i3,lr,$i3
+ ldrb $i2,[$tbl,$i2]
+ orr $t2,$t2,$i1,lsl#24
+ ldrb $i3,[$tbl,$i3]
+ orr $t2,$t2,$i2,lsl#16
+ ldr $t1,[$t3],#4 @ rcon[i++]
+ orr $t2,$t2,$i3,lsl#8
+ eor $i3,$t2,$t1
+ eor $s0,$s0,$i3 @ rk[8]=rk[0]^...
+ eor $s1,$s1,$s0 @ rk[9]=rk[1]^rk[8]
+ str $s0,[$key],#32
+ eor $s2,$s2,$s1 @ rk[10]=rk[2]^rk[9]
+ str $s1,[$key,#-28]
+ eor $s3,$s3,$s2 @ rk[11]=rk[3]^rk[10]
+ str $s2,[$key,#-24]
+ subs $rounds,$rounds,#1
+ str $s3,[$key,#-20]
+ subeq r2,$key,#256
+ beq .Ldone
+
+ and $t2,lr,$s3
+ and $i1,lr,$s3,lsr#8
+ ldrb $t2,[$tbl,$t2]
+ and $i2,lr,$s3,lsr#16
+ ldrb $i1,[$tbl,$i1]
+ and $i3,lr,$s3,lsr#24
+ ldrb $i2,[$tbl,$i2]
+ orr $t2,$t2,$i1,lsl#8
+ ldrb $i3,[$tbl,$i3]
+ orr $t2,$t2,$i2,lsl#16
+ ldr $t1,[$key,#-48]
+ orr $t2,$t2,$i3,lsl#24
+
+ ldr $i1,[$key,#-44]
+ ldr $i2,[$key,#-40]
+ eor $t1,$t1,$t2 @ rk[12]=rk[4]^...
+ ldr $i3,[$key,#-36]
+ eor $i1,$i1,$t1 @ rk[13]=rk[5]^rk[12]
+ str $t1,[$key,#-16]
+ eor $i2,$i2,$i1 @ rk[14]=rk[6]^rk[13]
+ str $i1,[$key,#-12]
+ eor $i3,$i3,$i2 @ rk[15]=rk[7]^rk[14]
+ str $i2,[$key,#-8]
+ str $i3,[$key,#-4]
+ b .L256_loop
+
+.Ldone: mov r0,#0
+ ldmia sp!,{r4-r12,lr}
+.Labrt: tst lr,#1
+ moveq pc,lr @ be binary compatible with V4, yet
+ bx lr @ interoperable with Thumb ISA:-)
+.size private_AES_set_encrypt_key,.-private_AES_set_encrypt_key
+
+.global private_AES_set_decrypt_key
+.type private_AES_set_decrypt_key,%function
+.align 5
+private_AES_set_decrypt_key:
+ str lr,[sp,#-4]! @ push lr
+ bl _armv4_AES_set_encrypt_key
+ teq r0,#0
+ ldrne lr,[sp],#4 @ pop lr
+ bne .Labrt
+
+ stmdb sp!,{r4-r12}
+
+ ldr $rounds,[r2,#240] @ AES_set_encrypt_key preserves r2,
+ mov $key,r2 @ which is AES_KEY *key
+ mov $i1,r2
+ add $i2,r2,$rounds,lsl#4
+
+.Linv: ldr $s0,[$i1]
+ ldr $s1,[$i1,#4]
+ ldr $s2,[$i1,#8]
+ ldr $s3,[$i1,#12]
+ ldr $t1,[$i2]
+ ldr $t2,[$i2,#4]
+ ldr $t3,[$i2,#8]
+ ldr $i3,[$i2,#12]
+ str $s0,[$i2],#-16
+ str $s1,[$i2,#16+4]
+ str $s2,[$i2,#16+8]
+ str $s3,[$i2,#16+12]
+ str $t1,[$i1],#16
+ str $t2,[$i1,#-12]
+ str $t3,[$i1,#-8]
+ str $i3,[$i1,#-4]
+ teq $i1,$i2
+ bne .Linv
+___
+$mask80=$i1;
+$mask1b=$i2;
+$mask7f=$i3;
+$code.=<<___;
+ ldr $s0,[$key,#16]! @ prefetch tp1
+ mov $mask80,#0x80
+ mov $mask1b,#0x1b
+ orr $mask80,$mask80,#0x8000
+ orr $mask1b,$mask1b,#0x1b00
+ orr $mask80,$mask80,$mask80,lsl#16
+ orr $mask1b,$mask1b,$mask1b,lsl#16
+ sub $rounds,$rounds,#1
+ mvn $mask7f,$mask80
+ mov $rounds,$rounds,lsl#2 @ (rounds-1)*4
+
+.Lmix: and $t1,$s0,$mask80
+ and $s1,$s0,$mask7f
+ sub $t1,$t1,$t1,lsr#7
+ and $t1,$t1,$mask1b
+ eor $s1,$t1,$s1,lsl#1 @ tp2
+
+ and $t1,$s1,$mask80
+ and $s2,$s1,$mask7f
+ sub $t1,$t1,$t1,lsr#7
+ and $t1,$t1,$mask1b
+ eor $s2,$t1,$s2,lsl#1 @ tp4
+
+ and $t1,$s2,$mask80
+ and $s3,$s2,$mask7f
+ sub $t1,$t1,$t1,lsr#7
+ and $t1,$t1,$mask1b
+ eor $s3,$t1,$s3,lsl#1 @ tp8
+
+ eor $t1,$s1,$s2
+ eor $t2,$s0,$s3 @ tp9
+ eor $t1,$t1,$s3 @ tpe
+ eor $t1,$t1,$s1,ror#24
+ eor $t1,$t1,$t2,ror#24 @ ^= ROTATE(tpb=tp9^tp2,8)
+ eor $t1,$t1,$s2,ror#16
+ eor $t1,$t1,$t2,ror#16 @ ^= ROTATE(tpd=tp9^tp4,16)
+ eor $t1,$t1,$t2,ror#8 @ ^= ROTATE(tp9,24)
+
+ ldr $s0,[$key,#4] @ prefetch tp1
+ str $t1,[$key],#4
+ subs $rounds,$rounds,#1
+ bne .Lmix
+
+ mov r0,#0
+#if __ARM_ARCH__>=5
+ ldmia sp!,{r4-r12,pc}
+#else
+ ldmia sp!,{r4-r12,lr}
+ tst lr,#1
+ moveq pc,lr @ be binary compatible with V4, yet
+ bx lr @ interoperable with Thumb ISA:-)
+#endif
+.size private_AES_set_decrypt_key,.-private_AES_set_decrypt_key
+
+.type AES_Td,%object
+.align 5
+AES_Td:
+.word 0x51f4a750, 0x7e416553, 0x1a17a4c3, 0x3a275e96
+.word 0x3bab6bcb, 0x1f9d45f1, 0xacfa58ab, 0x4be30393
+.word 0x2030fa55, 0xad766df6, 0x88cc7691, 0xf5024c25
+.word 0x4fe5d7fc, 0xc52acbd7, 0x26354480, 0xb562a38f
+.word 0xdeb15a49, 0x25ba1b67, 0x45ea0e98, 0x5dfec0e1
+.word 0xc32f7502, 0x814cf012, 0x8d4697a3, 0x6bd3f9c6
+.word 0x038f5fe7, 0x15929c95, 0xbf6d7aeb, 0x955259da
+.word 0xd4be832d, 0x587421d3, 0x49e06929, 0x8ec9c844
+.word 0x75c2896a, 0xf48e7978, 0x99583e6b, 0x27b971dd
+.word 0xbee14fb6, 0xf088ad17, 0xc920ac66, 0x7dce3ab4
+.word 0x63df4a18, 0xe51a3182, 0x97513360, 0x62537f45
+.word 0xb16477e0, 0xbb6bae84, 0xfe81a01c, 0xf9082b94
+.word 0x70486858, 0x8f45fd19, 0x94de6c87, 0x527bf8b7
+.word 0xab73d323, 0x724b02e2, 0xe31f8f57, 0x6655ab2a
+.word 0xb2eb2807, 0x2fb5c203, 0x86c57b9a, 0xd33708a5
+.word 0x302887f2, 0x23bfa5b2, 0x02036aba, 0xed16825c
+.word 0x8acf1c2b, 0xa779b492, 0xf307f2f0, 0x4e69e2a1
+.word 0x65daf4cd, 0x0605bed5, 0xd134621f, 0xc4a6fe8a
+.word 0x342e539d, 0xa2f355a0, 0x058ae132, 0xa4f6eb75
+.word 0x0b83ec39, 0x4060efaa, 0x5e719f06, 0xbd6e1051
+.word 0x3e218af9, 0x96dd063d, 0xdd3e05ae, 0x4de6bd46
+.word 0x91548db5, 0x71c45d05, 0x0406d46f, 0x605015ff
+.word 0x1998fb24, 0xd6bde997, 0x894043cc, 0x67d99e77
+.word 0xb0e842bd, 0x07898b88, 0xe7195b38, 0x79c8eedb
+.word 0xa17c0a47, 0x7c420fe9, 0xf8841ec9, 0x00000000
+.word 0x09808683, 0x322bed48, 0x1e1170ac, 0x6c5a724e
+.word 0xfd0efffb, 0x0f853856, 0x3daed51e, 0x362d3927
+.word 0x0a0fd964, 0x685ca621, 0x9b5b54d1, 0x24362e3a
+.word 0x0c0a67b1, 0x9357e70f, 0xb4ee96d2, 0x1b9b919e
+.word 0x80c0c54f, 0x61dc20a2, 0x5a774b69, 0x1c121a16
+.word 0xe293ba0a, 0xc0a02ae5, 0x3c22e043, 0x121b171d
+.word 0x0e090d0b, 0xf28bc7ad, 0x2db6a8b9, 0x141ea9c8
+.word 0x57f11985, 0xaf75074c, 0xee99ddbb, 0xa37f60fd
+.word 0xf701269f, 0x5c72f5bc, 0x44663bc5, 0x5bfb7e34
+.word 0x8b432976, 0xcb23c6dc, 0xb6edfc68, 0xb8e4f163
+.word 0xd731dcca, 0x42638510, 0x13972240, 0x84c61120
+.word 0x854a247d, 0xd2bb3df8, 0xaef93211, 0xc729a16d
+.word 0x1d9e2f4b, 0xdcb230f3, 0x0d8652ec, 0x77c1e3d0
+.word 0x2bb3166c, 0xa970b999, 0x119448fa, 0x47e96422
+.word 0xa8fc8cc4, 0xa0f03f1a, 0x567d2cd8, 0x223390ef
+.word 0x87494ec7, 0xd938d1c1, 0x8ccaa2fe, 0x98d40b36
+.word 0xa6f581cf, 0xa57ade28, 0xdab78e26, 0x3fadbfa4
+.word 0x2c3a9de4, 0x5078920d, 0x6a5fcc9b, 0x547e4662
+.word 0xf68d13c2, 0x90d8b8e8, 0x2e39f75e, 0x82c3aff5
+.word 0x9f5d80be, 0x69d0937c, 0x6fd52da9, 0xcf2512b3
+.word 0xc8ac993b, 0x10187da7, 0xe89c636e, 0xdb3bbb7b
+.word 0xcd267809, 0x6e5918f4, 0xec9ab701, 0x834f9aa8
+.word 0xe6956e65, 0xaaffe67e, 0x21bccf08, 0xef15e8e6
+.word 0xbae79bd9, 0x4a6f36ce, 0xea9f09d4, 0x29b07cd6
+.word 0x31a4b2af, 0x2a3f2331, 0xc6a59430, 0x35a266c0
+.word 0x744ebc37, 0xfc82caa6, 0xe090d0b0, 0x33a7d815
+.word 0xf104984a, 0x41ecdaf7, 0x7fcd500e, 0x1791f62f
+.word 0x764dd68d, 0x43efb04d, 0xccaa4d54, 0xe49604df
+.word 0x9ed1b5e3, 0x4c6a881b, 0xc12c1fb8, 0x4665517f
+.word 0x9d5eea04, 0x018c355d, 0xfa877473, 0xfb0b412e
+.word 0xb3671d5a, 0x92dbd252, 0xe9105633, 0x6dd64713
+.word 0x9ad7618c, 0x37a10c7a, 0x59f8148e, 0xeb133c89
+.word 0xcea927ee, 0xb761c935, 0xe11ce5ed, 0x7a47b13c
+.word 0x9cd2df59, 0x55f2733f, 0x1814ce79, 0x73c737bf
+.word 0x53f7cdea, 0x5ffdaa5b, 0xdf3d6f14, 0x7844db86
+.word 0xcaaff381, 0xb968c43e, 0x3824342c, 0xc2a3405f
+.word 0x161dc372, 0xbce2250c, 0x283c498b, 0xff0d9541
+.word 0x39a80171, 0x080cb3de, 0xd8b4e49c, 0x6456c190
+.word 0x7bcb8461, 0xd532b670, 0x486c5c74, 0xd0b85742
+@ Td4[256]
+.byte 0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38
+.byte 0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb
+.byte 0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87
+.byte 0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb
+.byte 0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d
+.byte 0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e
+.byte 0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2
+.byte 0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25
+.byte 0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16
+.byte 0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92
+.byte 0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda
+.byte 0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84
+.byte 0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a
+.byte 0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06
+.byte 0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02
+.byte 0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b
+.byte 0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea
+.byte 0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73
+.byte 0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85
+.byte 0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e
+.byte 0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89
+.byte 0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b
+.byte 0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20
+.byte 0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4
+.byte 0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31
+.byte 0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f
+.byte 0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d
+.byte 0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef
+.byte 0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0
+.byte 0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61
+.byte 0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26
+.byte 0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d
+.size AES_Td,.-AES_Td
+
+@ void AES_decrypt(const unsigned char *in, unsigned char *out,
+@ const AES_KEY *key) {
+.global AES_decrypt
+.type AES_decrypt,%function
+.align 5
+AES_decrypt:
+ sub r3,pc,#8 @ AES_decrypt
+ stmdb sp!,{r1,r4-r12,lr}
+ mov $rounds,r0 @ inp
+ mov $key,r2
+ sub $tbl,r3,#AES_decrypt-AES_Td @ Td
+#if __ARM_ARCH__<7
+ ldrb $s0,[$rounds,#3] @ load input data in endian-neutral
+ ldrb $t1,[$rounds,#2] @ manner...
+ ldrb $t2,[$rounds,#1]
+ ldrb $t3,[$rounds,#0]
+ orr $s0,$s0,$t1,lsl#8
+ ldrb $s1,[$rounds,#7]
+ orr $s0,$s0,$t2,lsl#16
+ ldrb $t1,[$rounds,#6]
+ orr $s0,$s0,$t3,lsl#24
+ ldrb $t2,[$rounds,#5]
+ ldrb $t3,[$rounds,#4]
+ orr $s1,$s1,$t1,lsl#8
+ ldrb $s2,[$rounds,#11]
+ orr $s1,$s1,$t2,lsl#16
+ ldrb $t1,[$rounds,#10]
+ orr $s1,$s1,$t3,lsl#24
+ ldrb $t2,[$rounds,#9]
+ ldrb $t3,[$rounds,#8]
+ orr $s2,$s2,$t1,lsl#8
+ ldrb $s3,[$rounds,#15]
+ orr $s2,$s2,$t2,lsl#16
+ ldrb $t1,[$rounds,#14]
+ orr $s2,$s2,$t3,lsl#24
+ ldrb $t2,[$rounds,#13]
+ ldrb $t3,[$rounds,#12]
+ orr $s3,$s3,$t1,lsl#8
+ orr $s3,$s3,$t2,lsl#16
+ orr $s3,$s3,$t3,lsl#24
+#else
+ ldr $s0,[$rounds,#0]
+ ldr $s1,[$rounds,#4]
+ ldr $s2,[$rounds,#8]
+ ldr $s3,[$rounds,#12]
+#ifdef __ARMEL__
+ rev $s0,$s0
+ rev $s1,$s1
+ rev $s2,$s2
+ rev $s3,$s3
+#endif
+#endif
+ bl _armv4_AES_decrypt
+
+ ldr $rounds,[sp],#4 @ pop out
+#if __ARM_ARCH__>=7
+#ifdef __ARMEL__
+ rev $s0,$s0
+ rev $s1,$s1
+ rev $s2,$s2
+ rev $s3,$s3
+#endif
+ str $s0,[$rounds,#0]
+ str $s1,[$rounds,#4]
+ str $s2,[$rounds,#8]
+ str $s3,[$rounds,#12]
+#else
+ mov $t1,$s0,lsr#24 @ write output in endian-neutral
+ mov $t2,$s0,lsr#16 @ manner...
+ mov $t3,$s0,lsr#8
+ strb $t1,[$rounds,#0]
+ strb $t2,[$rounds,#1]
+ mov $t1,$s1,lsr#24
+ strb $t3,[$rounds,#2]
+ mov $t2,$s1,lsr#16
+ strb $s0,[$rounds,#3]
+ mov $t3,$s1,lsr#8
+ strb $t1,[$rounds,#4]
+ strb $t2,[$rounds,#5]
+ mov $t1,$s2,lsr#24
+ strb $t3,[$rounds,#6]
+ mov $t2,$s2,lsr#16
+ strb $s1,[$rounds,#7]
+ mov $t3,$s2,lsr#8
+ strb $t1,[$rounds,#8]
+ strb $t2,[$rounds,#9]
+ mov $t1,$s3,lsr#24
+ strb $t3,[$rounds,#10]
+ mov $t2,$s3,lsr#16
+ strb $s2,[$rounds,#11]
+ mov $t3,$s3,lsr#8
+ strb $t1,[$rounds,#12]
+ strb $t2,[$rounds,#13]
+ strb $t3,[$rounds,#14]
+ strb $s3,[$rounds,#15]
+#endif
+#if __ARM_ARCH__>=5
+ ldmia sp!,{r4-r12,pc}
+#else
+ ldmia sp!,{r4-r12,lr}
+ tst lr,#1
+ moveq pc,lr @ be binary compatible with V4, yet
+ bx lr @ interoperable with Thumb ISA:-)
+#endif
+.size AES_decrypt,.-AES_decrypt
+
+.type _armv4_AES_decrypt,%function
+.align 2
+_armv4_AES_decrypt:
+ str lr,[sp,#-4]! @ push lr
+ ldmia $key!,{$t1-$i1}
+ eor $s0,$s0,$t1
+ ldr $rounds,[$key,#240-16]
+ eor $s1,$s1,$t2
+ eor $s2,$s2,$t3
+ eor $s3,$s3,$i1
+ sub $rounds,$rounds,#1
+ mov lr,#255
+
+ and $i1,lr,$s0,lsr#16
+ and $i2,lr,$s0,lsr#8
+ and $i3,lr,$s0
+ mov $s0,$s0,lsr#24
+.Ldec_loop:
+ ldr $t1,[$tbl,$i1,lsl#2] @ Td1[s0>>16]
+ and $i1,lr,$s1 @ i0
+ ldr $t2,[$tbl,$i2,lsl#2] @ Td2[s0>>8]
+ and $i2,lr,$s1,lsr#16
+ ldr $t3,[$tbl,$i3,lsl#2] @ Td3[s0>>0]
+ and $i3,lr,$s1,lsr#8
+ ldr $s0,[$tbl,$s0,lsl#2] @ Td0[s0>>24]
+ mov $s1,$s1,lsr#24
+
+ ldr $i1,[$tbl,$i1,lsl#2] @ Td3[s1>>0]
+ ldr $i2,[$tbl,$i2,lsl#2] @ Td1[s1>>16]
+ ldr $i3,[$tbl,$i3,lsl#2] @ Td2[s1>>8]
+ eor $s0,$s0,$i1,ror#24
+ ldr $s1,[$tbl,$s1,lsl#2] @ Td0[s1>>24]
+ and $i1,lr,$s2,lsr#8 @ i0
+ eor $t2,$i2,$t2,ror#8
+ and $i2,lr,$s2 @ i1
+ eor $t3,$i3,$t3,ror#8
+ and $i3,lr,$s2,lsr#16
+ ldr $i1,[$tbl,$i1,lsl#2] @ Td2[s2>>8]
+ eor $s1,$s1,$t1,ror#8
+ ldr $i2,[$tbl,$i2,lsl#2] @ Td3[s2>>0]
+ mov $s2,$s2,lsr#24
+
+ ldr $i3,[$tbl,$i3,lsl#2] @ Td1[s2>>16]
+ eor $s0,$s0,$i1,ror#16
+ ldr $s2,[$tbl,$s2,lsl#2] @ Td0[s2>>24]
+ and $i1,lr,$s3,lsr#16 @ i0
+ eor $s1,$s1,$i2,ror#24
+ and $i2,lr,$s3,lsr#8 @ i1
+ eor $t3,$i3,$t3,ror#8
+ and $i3,lr,$s3 @ i2
+ ldr $i1,[$tbl,$i1,lsl#2] @ Td1[s3>>16]
+ eor $s2,$s2,$t2,ror#8
+ ldr $i2,[$tbl,$i2,lsl#2] @ Td2[s3>>8]
+ mov $s3,$s3,lsr#24
+
+ ldr $i3,[$tbl,$i3,lsl#2] @ Td3[s3>>0]
+ eor $s0,$s0,$i1,ror#8
+ ldr $i1,[$key],#16
+ eor $s1,$s1,$i2,ror#16
+ ldr $s3,[$tbl,$s3,lsl#2] @ Td0[s3>>24]
+ eor $s2,$s2,$i3,ror#24
+
+ ldr $t1,[$key,#-12]
+ eor $s0,$s0,$i1
+ ldr $t2,[$key,#-8]
+ eor $s3,$s3,$t3,ror#8
+ ldr $t3,[$key,#-4]
+ and $i1,lr,$s0,lsr#16
+ eor $s1,$s1,$t1
+ and $i2,lr,$s0,lsr#8
+ eor $s2,$s2,$t2
+ and $i3,lr,$s0
+ eor $s3,$s3,$t3
+ mov $s0,$s0,lsr#24
+
+ subs $rounds,$rounds,#1
+ bne .Ldec_loop
+
+ add $tbl,$tbl,#1024
+
+ ldr $t2,[$tbl,#0] @ prefetch Td4
+ ldr $t3,[$tbl,#32]
+ ldr $t1,[$tbl,#64]
+ ldr $t2,[$tbl,#96]
+ ldr $t3,[$tbl,#128]
+ ldr $t1,[$tbl,#160]
+ ldr $t2,[$tbl,#192]
+ ldr $t3,[$tbl,#224]
+
+ ldrb $s0,[$tbl,$s0] @ Td4[s0>>24]
+ ldrb $t1,[$tbl,$i1] @ Td4[s0>>16]
+ and $i1,lr,$s1 @ i0
+ ldrb $t2,[$tbl,$i2] @ Td4[s0>>8]
+ and $i2,lr,$s1,lsr#16
+ ldrb $t3,[$tbl,$i3] @ Td4[s0>>0]
+ and $i3,lr,$s1,lsr#8
+
+ ldrb $i1,[$tbl,$i1] @ Td4[s1>>0]
+ ldrb $s1,[$tbl,$s1,lsr#24] @ Td4[s1>>24]
+ ldrb $i2,[$tbl,$i2] @ Td4[s1>>16]
+ eor $s0,$i1,$s0,lsl#24
+ ldrb $i3,[$tbl,$i3] @ Td4[s1>>8]
+ eor $s1,$t1,$s1,lsl#8
+ and $i1,lr,$s2,lsr#8 @ i0
+ eor $t2,$t2,$i2,lsl#8
+ and $i2,lr,$s2 @ i1
+ ldrb $i1,[$tbl,$i1] @ Td4[s2>>8]
+ eor $t3,$t3,$i3,lsl#8
+ ldrb $i2,[$tbl,$i2] @ Td4[s2>>0]
+ and $i3,lr,$s2,lsr#16
+
+ ldrb $s2,[$tbl,$s2,lsr#24] @ Td4[s2>>24]
+ eor $s0,$s0,$i1,lsl#8
+ ldrb $i3,[$tbl,$i3] @ Td4[s2>>16]
+ eor $s1,$i2,$s1,lsl#16
+ and $i1,lr,$s3,lsr#16 @ i0
+ eor $s2,$t2,$s2,lsl#16
+ and $i2,lr,$s3,lsr#8 @ i1
+ ldrb $i1,[$tbl,$i1] @ Td4[s3>>16]
+ eor $t3,$t3,$i3,lsl#16
+ ldrb $i2,[$tbl,$i2] @ Td4[s3>>8]
+ and $i3,lr,$s3 @ i2
+
+ ldrb $i3,[$tbl,$i3] @ Td4[s3>>0]
+ ldrb $s3,[$tbl,$s3,lsr#24] @ Td4[s3>>24]
+ eor $s0,$s0,$i1,lsl#16
+ ldr $i1,[$key,#0]
+ eor $s1,$s1,$i2,lsl#8
+ ldr $t1,[$key,#4]
+ eor $s2,$i3,$s2,lsl#8
+ ldr $t2,[$key,#8]
+ eor $s3,$t3,$s3,lsl#24
+ ldr $t3,[$key,#12]
+
+ eor $s0,$s0,$i1
+ eor $s1,$s1,$t1
+ eor $s2,$s2,$t2
+ eor $s3,$s3,$t3
+
+ sub $tbl,$tbl,#1024
+ ldr pc,[sp],#4 @ pop and return
+.size _armv4_AES_decrypt,.-_armv4_AES_decrypt
+.asciz "AES for ARMv4, CRYPTOGAMS by <appro\@openssl.org>"
+.align 2
+___
+
+$code =~ s/\bbx\s+lr\b/.word\t0xe12fff1e/gm; # make it possible to compile with -march=armv4
+print $code;
+close STDOUT; # enforce flush
Copied: trunk/crypto/openssl/crypto/aes/asm/aes-mips.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/aes/asm/aes-mips.pl)
===================================================================
--- trunk/crypto/openssl/crypto/aes/asm/aes-mips.pl (rev 0)
+++ trunk/crypto/openssl/crypto/aes/asm/aes-mips.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,1611 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# AES for MIPS
+
+# October 2010
+#
+# Code uses 1K[+256B] S-box and on single-issue core [such as R5000]
+# spends ~68 cycles per byte processed with 128-bit key. This is ~16%
+# faster than gcc-generated code, which is not very impressive. But
+# recall that compressed S-box requires extra processing, namely
+# additional rotations. Rotations are implemented with lwl/lwr pairs,
+# which is normally used for loading unaligned data. Another cool
+# thing about this module is its endian neutrality, which means that
+# it processes data without ever changing byte order...
+
+######################################################################
+# There is a number of MIPS ABI in use, O32 and N32/64 are most
+# widely used. Then there is a new contender: NUBI. It appears that if
+# one picks the latter, it's possible to arrange code in ABI neutral
+# manner. Therefore let's stick to NUBI register layout:
+#
+($zero,$at,$t0,$t1,$t2)=map("\$$_",(0..2,24,25));
+($a0,$a1,$a2,$a3,$a4,$a5,$a6,$a7)=map("\$$_",(4..11));
+($s0,$s1,$s2,$s3,$s4,$s5,$s6,$s7,$s8,$s9,$s10,$s11)=map("\$$_",(12..23));
+($gp,$tp,$sp,$fp,$ra)=map("\$$_",(3,28..31));
+#
+# The return value is placed in $a0. Following coding rules facilitate
+# interoperability:
+#
+# - never ever touch $tp, "thread pointer", former $gp;
+# - copy return value to $t0, former $v0 [or to $a0 if you're adapting
+# old code];
+# - on O32 populate $a4-$a7 with 'lw $aN,4*N($sp)' if necessary;
+#
+# For reference here is register layout for N32/64 MIPS ABIs:
+#
+# ($zero,$at,$v0,$v1)=map("\$$_",(0..3));
+# ($a0,$a1,$a2,$a3,$a4,$a5,$a6,$a7)=map("\$$_",(4..11));
+# ($t0,$t1,$t2,$t3,$t8,$t9)=map("\$$_",(12..15,24,25));
+# ($s0,$s1,$s2,$s3,$s4,$s5,$s6,$s7)=map("\$$_",(16..23));
+# ($gp,$sp,$fp,$ra)=map("\$$_",(28..31));
+#
+$flavour = shift; # supported flavours are o32,n32,64,nubi32,nubi64
+
+if ($flavour =~ /64|n32/i) {
+ $PTR_ADD="dadd"; # incidentally works even on n32
+ $PTR_SUB="dsub"; # incidentally works even on n32
+ $REG_S="sd";
+ $REG_L="ld";
+ $PTR_SLL="dsll"; # incidentally works even on n32
+ $SZREG=8;
+} else {
+ $PTR_ADD="add";
+ $PTR_SUB="sub";
+ $REG_S="sw";
+ $REG_L="lw";
+ $PTR_SLL="sll";
+ $SZREG=4;
+}
+$pf = ($flavour =~ /nubi/i) ? $t0 : $t2;
+#
+# <appro at openssl.org>
+#
+######################################################################
+
+$big_endian=(`echo MIPSEL | $ENV{CC} -E -`=~/MIPSEL/)?1:0 if ($ENV{CC});
+
+for (@ARGV) { $output=$_ if (/^\w[\w\-]*\.\w+$/); }
+open STDOUT,">$output";
+
+if (!defined($big_endian))
+{ $big_endian=(unpack('L',pack('N',1))==1); }
+
+while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
+open STDOUT,">$output";
+
+my ($MSB,$LSB)=(0,3); # automatically converted to little-endian
+
+$code.=<<___;
+.text
+#ifdef OPENSSL_FIPSCANISTER
+# include <openssl/fipssyms.h>
+#endif
+
+#if !defined(__vxworks) || defined(__pic__)
+.option pic2
+#endif
+.set noat
+___
+
+{{{
+my $FRAMESIZE=16*$SZREG;
+my $SAVED_REGS_MASK = ($flavour =~ /nubi/i) ? 0xc0fff008 : 0xc0ff0000;
+
+my ($inp,$out,$key,$Tbl,$s0,$s1,$s2,$s3)=($a0,$a1,$a2,$a3,$a4,$a5,$a6,$a7);
+my ($i0,$i1,$i2,$i3)=($at,$t0,$t1,$t2);
+my ($t0,$t1,$t2,$t3,$t4,$t5,$t6,$t7,$t8,$t9,$t10,$t11) = map("\$$_",(12..23));
+my ($key0,$cnt)=($gp,$fp);
+
+# instuction ordering is "stolen" from output from MIPSpro assembler
+# invoked with -mips3 -O3 arguments...
+$code.=<<___;
+.align 5
+.ent _mips_AES_encrypt
+_mips_AES_encrypt:
+ .frame $sp,0,$ra
+ .set reorder
+ lw $t0,0($key)
+ lw $t1,4($key)
+ lw $t2,8($key)
+ lw $t3,12($key)
+ lw $cnt,240($key)
+ $PTR_ADD $key0,$key,16
+
+ xor $s0,$t0
+ xor $s1,$t1
+ xor $s2,$t2
+ xor $s3,$t3
+
+ sub $cnt,1
+ _xtr $i0,$s1,16-2
+.Loop_enc:
+ _xtr $i1,$s2,16-2
+ _xtr $i2,$s3,16-2
+ _xtr $i3,$s0,16-2
+ and $i0,0x3fc
+ and $i1,0x3fc
+ and $i2,0x3fc
+ and $i3,0x3fc
+ $PTR_ADD $i0,$Tbl
+ $PTR_ADD $i1,$Tbl
+ $PTR_ADD $i2,$Tbl
+ $PTR_ADD $i3,$Tbl
+ lwl $t0,3($i0) # Te1[s1>>16]
+ lwl $t1,3($i1) # Te1[s2>>16]
+ lwl $t2,3($i2) # Te1[s3>>16]
+ lwl $t3,3($i3) # Te1[s0>>16]
+ lwr $t0,2($i0) # Te1[s1>>16]
+ lwr $t1,2($i1) # Te1[s2>>16]
+ lwr $t2,2($i2) # Te1[s3>>16]
+ lwr $t3,2($i3) # Te1[s0>>16]
+
+ _xtr $i0,$s2,8-2
+ _xtr $i1,$s3,8-2
+ _xtr $i2,$s0,8-2
+ _xtr $i3,$s1,8-2
+ and $i0,0x3fc
+ and $i1,0x3fc
+ and $i2,0x3fc
+ and $i3,0x3fc
+ $PTR_ADD $i0,$Tbl
+ $PTR_ADD $i1,$Tbl
+ $PTR_ADD $i2,$Tbl
+ $PTR_ADD $i3,$Tbl
+ lwl $t4,2($i0) # Te2[s2>>8]
+ lwl $t5,2($i1) # Te2[s3>>8]
+ lwl $t6,2($i2) # Te2[s0>>8]
+ lwl $t7,2($i3) # Te2[s1>>8]
+ lwr $t4,1($i0) # Te2[s2>>8]
+ lwr $t5,1($i1) # Te2[s3>>8]
+ lwr $t6,1($i2) # Te2[s0>>8]
+ lwr $t7,1($i3) # Te2[s1>>8]
+
+ _xtr $i0,$s3,0-2
+ _xtr $i1,$s0,0-2
+ _xtr $i2,$s1,0-2
+ _xtr $i3,$s2,0-2
+ and $i0,0x3fc
+ and $i1,0x3fc
+ and $i2,0x3fc
+ and $i3,0x3fc
+ $PTR_ADD $i0,$Tbl
+ $PTR_ADD $i1,$Tbl
+ $PTR_ADD $i2,$Tbl
+ $PTR_ADD $i3,$Tbl
+ lwl $t8,1($i0) # Te3[s3]
+ lwl $t9,1($i1) # Te3[s0]
+ lwl $t10,1($i2) # Te3[s1]
+ lwl $t11,1($i3) # Te3[s2]
+ lwr $t8,0($i0) # Te3[s3]
+ lwr $t9,0($i1) # Te3[s0]
+ lwr $t10,0($i2) # Te3[s1]
+ lwr $t11,0($i3) # Te3[s2]
+
+ _xtr $i0,$s0,24-2
+ _xtr $i1,$s1,24-2
+ _xtr $i2,$s2,24-2
+ _xtr $i3,$s3,24-2
+ and $i0,0x3fc
+ and $i1,0x3fc
+ and $i2,0x3fc
+ and $i3,0x3fc
+ $PTR_ADD $i0,$Tbl
+ $PTR_ADD $i1,$Tbl
+ $PTR_ADD $i2,$Tbl
+ $PTR_ADD $i3,$Tbl
+ xor $t0,$t4
+ xor $t1,$t5
+ xor $t2,$t6
+ xor $t3,$t7
+ lw $t4,0($i0) # Te0[s0>>24]
+ lw $t5,0($i1) # Te0[s1>>24]
+ lw $t6,0($i2) # Te0[s2>>24]
+ lw $t7,0($i3) # Te0[s3>>24]
+
+ lw $s0,0($key0)
+ lw $s1,4($key0)
+ lw $s2,8($key0)
+ lw $s3,12($key0)
+
+ xor $t0,$t8
+ xor $t1,$t9
+ xor $t2,$t10
+ xor $t3,$t11
+
+ xor $t0,$t4
+ xor $t1,$t5
+ xor $t2,$t6
+ xor $t3,$t7
+
+ sub $cnt,1
+ $PTR_ADD $key0,16
+ xor $s0,$t0
+ xor $s1,$t1
+ xor $s2,$t2
+ xor $s3,$t3
+ .set noreorder
+ bnez $cnt,.Loop_enc
+ _xtr $i0,$s1,16-2
+
+ .set reorder
+ _xtr $i1,$s2,16-2
+ _xtr $i2,$s3,16-2
+ _xtr $i3,$s0,16-2
+ and $i0,0x3fc
+ and $i1,0x3fc
+ and $i2,0x3fc
+ and $i3,0x3fc
+ $PTR_ADD $i0,$Tbl
+ $PTR_ADD $i1,$Tbl
+ $PTR_ADD $i2,$Tbl
+ $PTR_ADD $i3,$Tbl
+ lbu $t0,2($i0) # Te4[s1>>16]
+ lbu $t1,2($i1) # Te4[s2>>16]
+ lbu $t2,2($i2) # Te4[s3>>16]
+ lbu $t3,2($i3) # Te4[s0>>16]
+
+ _xtr $i0,$s2,8-2
+ _xtr $i1,$s3,8-2
+ _xtr $i2,$s0,8-2
+ _xtr $i3,$s1,8-2
+ and $i0,0x3fc
+ and $i1,0x3fc
+ and $i2,0x3fc
+ and $i3,0x3fc
+ $PTR_ADD $i0,$Tbl
+ $PTR_ADD $i1,$Tbl
+ $PTR_ADD $i2,$Tbl
+ $PTR_ADD $i3,$Tbl
+ lbu $t4,2($i0) # Te4[s2>>8]
+ lbu $t5,2($i1) # Te4[s3>>8]
+ lbu $t6,2($i2) # Te4[s0>>8]
+ lbu $t7,2($i3) # Te4[s1>>8]
+
+ _xtr $i0,$s0,24-2
+ _xtr $i1,$s1,24-2
+ _xtr $i2,$s2,24-2
+ _xtr $i3,$s3,24-2
+ and $i0,0x3fc
+ and $i1,0x3fc
+ and $i2,0x3fc
+ and $i3,0x3fc
+ $PTR_ADD $i0,$Tbl
+ $PTR_ADD $i1,$Tbl
+ $PTR_ADD $i2,$Tbl
+ $PTR_ADD $i3,$Tbl
+ lbu $t8,2($i0) # Te4[s0>>24]
+ lbu $t9,2($i1) # Te4[s1>>24]
+ lbu $t10,2($i2) # Te4[s2>>24]
+ lbu $t11,2($i3) # Te4[s3>>24]
+
+ _xtr $i0,$s3,0-2
+ _xtr $i1,$s0,0-2
+ _xtr $i2,$s1,0-2
+ _xtr $i3,$s2,0-2
+ and $i0,0x3fc
+ and $i1,0x3fc
+ and $i2,0x3fc
+ and $i3,0x3fc
+
+ _ins $t0,16
+ _ins $t1,16
+ _ins $t2,16
+ _ins $t3,16
+
+ _ins $t4,8
+ _ins $t5,8
+ _ins $t6,8
+ _ins $t7,8
+
+ xor $t0,$t4
+ xor $t1,$t5
+ xor $t2,$t6
+ xor $t3,$t7
+
+ $PTR_ADD $i0,$Tbl
+ $PTR_ADD $i1,$Tbl
+ $PTR_ADD $i2,$Tbl
+ $PTR_ADD $i3,$Tbl
+ lbu $t4,2($i0) # Te4[s3]
+ lbu $t5,2($i1) # Te4[s0]
+ lbu $t6,2($i2) # Te4[s1]
+ lbu $t7,2($i3) # Te4[s2]
+
+ _ins $t8,24
+ _ins $t9,24
+ _ins $t10,24
+ _ins $t11,24
+
+ lw $s0,0($key0)
+ lw $s1,4($key0)
+ lw $s2,8($key0)
+ lw $s3,12($key0)
+
+ xor $t0,$t8
+ xor $t1,$t9
+ xor $t2,$t10
+ xor $t3,$t11
+
+ _ins $t4,0
+ _ins $t5,0
+ _ins $t6,0
+ _ins $t7,0
+
+ xor $t0,$t4
+ xor $t1,$t5
+ xor $t2,$t6
+ xor $t3,$t7
+
+ xor $s0,$t0
+ xor $s1,$t1
+ xor $s2,$t2
+ xor $s3,$t3
+
+ jr $ra
+.end _mips_AES_encrypt
+
+.align 5
+.globl AES_encrypt
+.ent AES_encrypt
+AES_encrypt:
+ .frame $sp,$FRAMESIZE,$ra
+ .mask $SAVED_REGS_MASK,-$SZREG
+ .set noreorder
+___
+$code.=<<___ if ($flavour =~ /o32/i); # o32 PIC-ification
+ .cpload $pf
+___
+$code.=<<___;
+ $PTR_SUB $sp,$FRAMESIZE
+ $REG_S $ra,$FRAMESIZE-1*$SZREG($sp)
+ $REG_S $fp,$FRAMESIZE-2*$SZREG($sp)
+ $REG_S $s11,$FRAMESIZE-3*$SZREG($sp)
+ $REG_S $s10,$FRAMESIZE-4*$SZREG($sp)
+ $REG_S $s9,$FRAMESIZE-5*$SZREG($sp)
+ $REG_S $s8,$FRAMESIZE-6*$SZREG($sp)
+ $REG_S $s7,$FRAMESIZE-7*$SZREG($sp)
+ $REG_S $s6,$FRAMESIZE-8*$SZREG($sp)
+ $REG_S $s5,$FRAMESIZE-9*$SZREG($sp)
+ $REG_S $s4,$FRAMESIZE-10*$SZREG($sp)
+___
+$code.=<<___ if ($flavour =~ /nubi/i); # optimize non-nubi prologue
+ $REG_S \$15,$FRAMESIZE-11*$SZREG($sp)
+ $REG_S \$14,$FRAMESIZE-12*$SZREG($sp)
+ $REG_S \$13,$FRAMESIZE-13*$SZREG($sp)
+ $REG_S \$12,$FRAMESIZE-14*$SZREG($sp)
+ $REG_S $gp,$FRAMESIZE-15*$SZREG($sp)
+___
+$code.=<<___ if ($flavour !~ /o32/i); # non-o32 PIC-ification
+ .cplocal $Tbl
+ .cpsetup $pf,$zero,AES_encrypt
+___
+$code.=<<___;
+ .set reorder
+ la $Tbl,AES_Te # PIC-ified 'load address'
+
+ lwl $s0,0+$MSB($inp)
+ lwl $s1,4+$MSB($inp)
+ lwl $s2,8+$MSB($inp)
+ lwl $s3,12+$MSB($inp)
+ lwr $s0,0+$LSB($inp)
+ lwr $s1,4+$LSB($inp)
+ lwr $s2,8+$LSB($inp)
+ lwr $s3,12+$LSB($inp)
+
+ bal _mips_AES_encrypt
+
+ swr $s0,0+$LSB($out)
+ swr $s1,4+$LSB($out)
+ swr $s2,8+$LSB($out)
+ swr $s3,12+$LSB($out)
+ swl $s0,0+$MSB($out)
+ swl $s1,4+$MSB($out)
+ swl $s2,8+$MSB($out)
+ swl $s3,12+$MSB($out)
+
+ .set noreorder
+ $REG_L $ra,$FRAMESIZE-1*$SZREG($sp)
+ $REG_L $fp,$FRAMESIZE-2*$SZREG($sp)
+ $REG_L $s11,$FRAMESIZE-3*$SZREG($sp)
+ $REG_L $s10,$FRAMESIZE-4*$SZREG($sp)
+ $REG_L $s9,$FRAMESIZE-5*$SZREG($sp)
+ $REG_L $s8,$FRAMESIZE-6*$SZREG($sp)
+ $REG_L $s7,$FRAMESIZE-7*$SZREG($sp)
+ $REG_L $s6,$FRAMESIZE-8*$SZREG($sp)
+ $REG_L $s5,$FRAMESIZE-9*$SZREG($sp)
+ $REG_L $s4,$FRAMESIZE-10*$SZREG($sp)
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+ $REG_L \$15,$FRAMESIZE-11*$SZREG($sp)
+ $REG_L \$14,$FRAMESIZE-12*$SZREG($sp)
+ $REG_L \$13,$FRAMESIZE-13*$SZREG($sp)
+ $REG_L \$12,$FRAMESIZE-14*$SZREG($sp)
+ $REG_L $gp,$FRAMESIZE-15*$SZREG($sp)
+___
+$code.=<<___;
+ jr $ra
+ $PTR_ADD $sp,$FRAMESIZE
+.end AES_encrypt
+___
+
+$code.=<<___;
+.align 5
+.ent _mips_AES_decrypt
+_mips_AES_decrypt:
+ .frame $sp,0,$ra
+ .set reorder
+ lw $t0,0($key)
+ lw $t1,4($key)
+ lw $t2,8($key)
+ lw $t3,12($key)
+ lw $cnt,240($key)
+ $PTR_ADD $key0,$key,16
+
+ xor $s0,$t0
+ xor $s1,$t1
+ xor $s2,$t2
+ xor $s3,$t3
+
+ sub $cnt,1
+ _xtr $i0,$s3,16-2
+.Loop_dec:
+ _xtr $i1,$s0,16-2
+ _xtr $i2,$s1,16-2
+ _xtr $i3,$s2,16-2
+ and $i0,0x3fc
+ and $i1,0x3fc
+ and $i2,0x3fc
+ and $i3,0x3fc
+ $PTR_ADD $i0,$Tbl
+ $PTR_ADD $i1,$Tbl
+ $PTR_ADD $i2,$Tbl
+ $PTR_ADD $i3,$Tbl
+ lwl $t0,3($i0) # Td1[s3>>16]
+ lwl $t1,3($i1) # Td1[s0>>16]
+ lwl $t2,3($i2) # Td1[s1>>16]
+ lwl $t3,3($i3) # Td1[s2>>16]
+ lwr $t0,2($i0) # Td1[s3>>16]
+ lwr $t1,2($i1) # Td1[s0>>16]
+ lwr $t2,2($i2) # Td1[s1>>16]
+ lwr $t3,2($i3) # Td1[s2>>16]
+
+ _xtr $i0,$s2,8-2
+ _xtr $i1,$s3,8-2
+ _xtr $i2,$s0,8-2
+ _xtr $i3,$s1,8-2
+ and $i0,0x3fc
+ and $i1,0x3fc
+ and $i2,0x3fc
+ and $i3,0x3fc
+ $PTR_ADD $i0,$Tbl
+ $PTR_ADD $i1,$Tbl
+ $PTR_ADD $i2,$Tbl
+ $PTR_ADD $i3,$Tbl
+ lwl $t4,2($i0) # Td2[s2>>8]
+ lwl $t5,2($i1) # Td2[s3>>8]
+ lwl $t6,2($i2) # Td2[s0>>8]
+ lwl $t7,2($i3) # Td2[s1>>8]
+ lwr $t4,1($i0) # Td2[s2>>8]
+ lwr $t5,1($i1) # Td2[s3>>8]
+ lwr $t6,1($i2) # Td2[s0>>8]
+ lwr $t7,1($i3) # Td2[s1>>8]
+
+ _xtr $i0,$s1,0-2
+ _xtr $i1,$s2,0-2
+ _xtr $i2,$s3,0-2
+ _xtr $i3,$s0,0-2
+ and $i0,0x3fc
+ and $i1,0x3fc
+ and $i2,0x3fc
+ and $i3,0x3fc
+ $PTR_ADD $i0,$Tbl
+ $PTR_ADD $i1,$Tbl
+ $PTR_ADD $i2,$Tbl
+ $PTR_ADD $i3,$Tbl
+ lwl $t8,1($i0) # Td3[s1]
+ lwl $t9,1($i1) # Td3[s2]
+ lwl $t10,1($i2) # Td3[s3]
+ lwl $t11,1($i3) # Td3[s0]
+ lwr $t8,0($i0) # Td3[s1]
+ lwr $t9,0($i1) # Td3[s2]
+ lwr $t10,0($i2) # Td3[s3]
+ lwr $t11,0($i3) # Td3[s0]
+
+ _xtr $i0,$s0,24-2
+ _xtr $i1,$s1,24-2
+ _xtr $i2,$s2,24-2
+ _xtr $i3,$s3,24-2
+ and $i0,0x3fc
+ and $i1,0x3fc
+ and $i2,0x3fc
+ and $i3,0x3fc
+ $PTR_ADD $i0,$Tbl
+ $PTR_ADD $i1,$Tbl
+ $PTR_ADD $i2,$Tbl
+ $PTR_ADD $i3,$Tbl
+
+ xor $t0,$t4
+ xor $t1,$t5
+ xor $t2,$t6
+ xor $t3,$t7
+
+
+ lw $t4,0($i0) # Td0[s0>>24]
+ lw $t5,0($i1) # Td0[s1>>24]
+ lw $t6,0($i2) # Td0[s2>>24]
+ lw $t7,0($i3) # Td0[s3>>24]
+
+ lw $s0,0($key0)
+ lw $s1,4($key0)
+ lw $s2,8($key0)
+ lw $s3,12($key0)
+
+ xor $t0,$t8
+ xor $t1,$t9
+ xor $t2,$t10
+ xor $t3,$t11
+
+ xor $t0,$t4
+ xor $t1,$t5
+ xor $t2,$t6
+ xor $t3,$t7
+
+ sub $cnt,1
+ $PTR_ADD $key0,16
+ xor $s0,$t0
+ xor $s1,$t1
+ xor $s2,$t2
+ xor $s3,$t3
+ .set noreorder
+ bnez $cnt,.Loop_dec
+ _xtr $i0,$s3,16-2
+
+ .set reorder
+ lw $t4,1024($Tbl) # prefetch Td4
+ lw $t5,1024+32($Tbl)
+ lw $t6,1024+64($Tbl)
+ lw $t7,1024+96($Tbl)
+ lw $t8,1024+128($Tbl)
+ lw $t9,1024+160($Tbl)
+ lw $t10,1024+192($Tbl)
+ lw $t11,1024+224($Tbl)
+
+ _xtr $i0,$s3,16
+ _xtr $i1,$s0,16
+ _xtr $i2,$s1,16
+ _xtr $i3,$s2,16
+ and $i0,0xff
+ and $i1,0xff
+ and $i2,0xff
+ and $i3,0xff
+ $PTR_ADD $i0,$Tbl
+ $PTR_ADD $i1,$Tbl
+ $PTR_ADD $i2,$Tbl
+ $PTR_ADD $i3,$Tbl
+ lbu $t0,1024($i0) # Td4[s3>>16]
+ lbu $t1,1024($i1) # Td4[s0>>16]
+ lbu $t2,1024($i2) # Td4[s1>>16]
+ lbu $t3,1024($i3) # Td4[s2>>16]
+
+ _xtr $i0,$s2,8
+ _xtr $i1,$s3,8
+ _xtr $i2,$s0,8
+ _xtr $i3,$s1,8
+ and $i0,0xff
+ and $i1,0xff
+ and $i2,0xff
+ and $i3,0xff
+ $PTR_ADD $i0,$Tbl
+ $PTR_ADD $i1,$Tbl
+ $PTR_ADD $i2,$Tbl
+ $PTR_ADD $i3,$Tbl
+ lbu $t4,1024($i0) # Td4[s2>>8]
+ lbu $t5,1024($i1) # Td4[s3>>8]
+ lbu $t6,1024($i2) # Td4[s0>>8]
+ lbu $t7,1024($i3) # Td4[s1>>8]
+
+ _xtr $i0,$s0,24
+ _xtr $i1,$s1,24
+ _xtr $i2,$s2,24
+ _xtr $i3,$s3,24
+ $PTR_ADD $i0,$Tbl
+ $PTR_ADD $i1,$Tbl
+ $PTR_ADD $i2,$Tbl
+ $PTR_ADD $i3,$Tbl
+ lbu $t8,1024($i0) # Td4[s0>>24]
+ lbu $t9,1024($i1) # Td4[s1>>24]
+ lbu $t10,1024($i2) # Td4[s2>>24]
+ lbu $t11,1024($i3) # Td4[s3>>24]
+
+ _xtr $i0,$s1,0
+ _xtr $i1,$s2,0
+ _xtr $i2,$s3,0
+ _xtr $i3,$s0,0
+
+ _ins $t0,16
+ _ins $t1,16
+ _ins $t2,16
+ _ins $t3,16
+
+ _ins $t4,8
+ _ins $t5,8
+ _ins $t6,8
+ _ins $t7,8
+
+ xor $t0,$t4
+ xor $t1,$t5
+ xor $t2,$t6
+ xor $t3,$t7
+
+ $PTR_ADD $i0,$Tbl
+ $PTR_ADD $i1,$Tbl
+ $PTR_ADD $i2,$Tbl
+ $PTR_ADD $i3,$Tbl
+ lbu $t4,1024($i0) # Td4[s1]
+ lbu $t5,1024($i1) # Td4[s2]
+ lbu $t6,1024($i2) # Td4[s3]
+ lbu $t7,1024($i3) # Td4[s0]
+
+ _ins $t8,24
+ _ins $t9,24
+ _ins $t10,24
+ _ins $t11,24
+
+ lw $s0,0($key0)
+ lw $s1,4($key0)
+ lw $s2,8($key0)
+ lw $s3,12($key0)
+
+ _ins $t4,0
+ _ins $t5,0
+ _ins $t6,0
+ _ins $t7,0
+
+
+ xor $t0,$t8
+ xor $t1,$t9
+ xor $t2,$t10
+ xor $t3,$t11
+
+ xor $t0,$t4
+ xor $t1,$t5
+ xor $t2,$t6
+ xor $t3,$t7
+
+ xor $s0,$t0
+ xor $s1,$t1
+ xor $s2,$t2
+ xor $s3,$t3
+
+ jr $ra
+.end _mips_AES_decrypt
+
+.align 5
+.globl AES_decrypt
+.ent AES_decrypt
+AES_decrypt:
+ .frame $sp,$FRAMESIZE,$ra
+ .mask $SAVED_REGS_MASK,-$SZREG
+ .set noreorder
+___
+$code.=<<___ if ($flavour =~ /o32/i); # o32 PIC-ification
+ .cpload $pf
+___
+$code.=<<___;
+ $PTR_SUB $sp,$FRAMESIZE
+ $REG_S $ra,$FRAMESIZE-1*$SZREG($sp)
+ $REG_S $fp,$FRAMESIZE-2*$SZREG($sp)
+ $REG_S $s11,$FRAMESIZE-3*$SZREG($sp)
+ $REG_S $s10,$FRAMESIZE-4*$SZREG($sp)
+ $REG_S $s9,$FRAMESIZE-5*$SZREG($sp)
+ $REG_S $s8,$FRAMESIZE-6*$SZREG($sp)
+ $REG_S $s7,$FRAMESIZE-7*$SZREG($sp)
+ $REG_S $s6,$FRAMESIZE-8*$SZREG($sp)
+ $REG_S $s5,$FRAMESIZE-9*$SZREG($sp)
+ $REG_S $s4,$FRAMESIZE-10*$SZREG($sp)
+___
+$code.=<<___ if ($flavour =~ /nubi/i); # optimize non-nubi prologue
+ $REG_S \$15,$FRAMESIZE-11*$SZREG($sp)
+ $REG_S \$14,$FRAMESIZE-12*$SZREG($sp)
+ $REG_S \$13,$FRAMESIZE-13*$SZREG($sp)
+ $REG_S \$12,$FRAMESIZE-14*$SZREG($sp)
+ $REG_S $gp,$FRAMESIZE-15*$SZREG($sp)
+___
+$code.=<<___ if ($flavour !~ /o32/i); # non-o32 PIC-ification
+ .cplocal $Tbl
+ .cpsetup $pf,$zero,AES_decrypt
+___
+$code.=<<___;
+ .set reorder
+ la $Tbl,AES_Td # PIC-ified 'load address'
+
+ lwl $s0,0+$MSB($inp)
+ lwl $s1,4+$MSB($inp)
+ lwl $s2,8+$MSB($inp)
+ lwl $s3,12+$MSB($inp)
+ lwr $s0,0+$LSB($inp)
+ lwr $s1,4+$LSB($inp)
+ lwr $s2,8+$LSB($inp)
+ lwr $s3,12+$LSB($inp)
+
+ bal _mips_AES_decrypt
+
+ swr $s0,0+$LSB($out)
+ swr $s1,4+$LSB($out)
+ swr $s2,8+$LSB($out)
+ swr $s3,12+$LSB($out)
+ swl $s0,0+$MSB($out)
+ swl $s1,4+$MSB($out)
+ swl $s2,8+$MSB($out)
+ swl $s3,12+$MSB($out)
+
+ .set noreorder
+ $REG_L $ra,$FRAMESIZE-1*$SZREG($sp)
+ $REG_L $fp,$FRAMESIZE-2*$SZREG($sp)
+ $REG_L $s11,$FRAMESIZE-3*$SZREG($sp)
+ $REG_L $s10,$FRAMESIZE-4*$SZREG($sp)
+ $REG_L $s9,$FRAMESIZE-5*$SZREG($sp)
+ $REG_L $s8,$FRAMESIZE-6*$SZREG($sp)
+ $REG_L $s7,$FRAMESIZE-7*$SZREG($sp)
+ $REG_L $s6,$FRAMESIZE-8*$SZREG($sp)
+ $REG_L $s5,$FRAMESIZE-9*$SZREG($sp)
+ $REG_L $s4,$FRAMESIZE-10*$SZREG($sp)
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+ $REG_L \$15,$FRAMESIZE-11*$SZREG($sp)
+ $REG_L \$14,$FRAMESIZE-12*$SZREG($sp)
+ $REG_L \$13,$FRAMESIZE-13*$SZREG($sp)
+ $REG_L \$12,$FRAMESIZE-14*$SZREG($sp)
+ $REG_L $gp,$FRAMESIZE-15*$SZREG($sp)
+___
+$code.=<<___;
+ jr $ra
+ $PTR_ADD $sp,$FRAMESIZE
+.end AES_decrypt
+___
+}}}
+
+{{{
+my $FRAMESIZE=8*$SZREG;
+my $SAVED_REGS_MASK = ($flavour =~ /nubi/i) ? 0xc000f008 : 0xc0000000;
+
+my ($inp,$bits,$key,$Tbl)=($a0,$a1,$a2,$a3);
+my ($rk0,$rk1,$rk2,$rk3,$rk4,$rk5,$rk6,$rk7)=($a4,$a5,$a6,$a7,$s0,$s1,$s2,$s3);
+my ($i0,$i1,$i2,$i3)=($at,$t0,$t1,$t2);
+my ($rcon,$cnt)=($gp,$fp);
+
+$code.=<<___;
+.align 5
+.ent _mips_AES_set_encrypt_key
+_mips_AES_set_encrypt_key:
+ .frame $sp,0,$ra
+ .set noreorder
+ beqz $inp,.Lekey_done
+ li $t0,-1
+ beqz $key,.Lekey_done
+ $PTR_ADD $rcon,$Tbl,1024+256
+
+ .set reorder
+ lwl $rk0,0+$MSB($inp) # load 128 bits
+ lwl $rk1,4+$MSB($inp)
+ lwl $rk2,8+$MSB($inp)
+ lwl $rk3,12+$MSB($inp)
+ li $at,128
+ lwr $rk0,0+$LSB($inp)
+ lwr $rk1,4+$LSB($inp)
+ lwr $rk2,8+$LSB($inp)
+ lwr $rk3,12+$LSB($inp)
+ .set noreorder
+ beq $bits,$at,.L128bits
+ li $cnt,10
+
+ .set reorder
+ lwl $rk4,16+$MSB($inp) # load 192 bits
+ lwl $rk5,20+$MSB($inp)
+ li $at,192
+ lwr $rk4,16+$LSB($inp)
+ lwr $rk5,20+$LSB($inp)
+ .set noreorder
+ beq $bits,$at,.L192bits
+ li $cnt,8
+
+ .set reorder
+ lwl $rk6,24+$MSB($inp) # load 256 bits
+ lwl $rk7,28+$MSB($inp)
+ li $at,256
+ lwr $rk6,24+$LSB($inp)
+ lwr $rk7,28+$LSB($inp)
+ .set noreorder
+ beq $bits,$at,.L256bits
+ li $cnt,7
+
+ b .Lekey_done
+ li $t0,-2
+
+.align 4
+.L128bits:
+ .set reorder
+ srl $i0,$rk3,16
+ srl $i1,$rk3,8
+ and $i0,0xff
+ and $i1,0xff
+ and $i2,$rk3,0xff
+ srl $i3,$rk3,24
+ $PTR_ADD $i0,$Tbl
+ $PTR_ADD $i1,$Tbl
+ $PTR_ADD $i2,$Tbl
+ $PTR_ADD $i3,$Tbl
+ lbu $i0,1024($i0)
+ lbu $i1,1024($i1)
+ lbu $i2,1024($i2)
+ lbu $i3,1024($i3)
+
+ sw $rk0,0($key)
+ sw $rk1,4($key)
+ sw $rk2,8($key)
+ sw $rk3,12($key)
+ sub $cnt,1
+ $PTR_ADD $key,16
+
+ _bias $i0,24
+ _bias $i1,16
+ _bias $i2,8
+ _bias $i3,0
+
+ xor $rk0,$i0
+ lw $i0,0($rcon)
+ xor $rk0,$i1
+ xor $rk0,$i2
+ xor $rk0,$i3
+ xor $rk0,$i0
+
+ xor $rk1,$rk0
+ xor $rk2,$rk1
+ xor $rk3,$rk2
+
+ .set noreorder
+ bnez $cnt,.L128bits
+ $PTR_ADD $rcon,4
+
+ sw $rk0,0($key)
+ sw $rk1,4($key)
+ sw $rk2,8($key)
+ li $cnt,10
+ sw $rk3,12($key)
+ li $t0,0
+ sw $cnt,80($key)
+ b .Lekey_done
+ $PTR_SUB $key,10*16
+
+.align 4
+.L192bits:
+ .set reorder
+ srl $i0,$rk5,16
+ srl $i1,$rk5,8
+ and $i0,0xff
+ and $i1,0xff
+ and $i2,$rk5,0xff
+ srl $i3,$rk5,24
+ $PTR_ADD $i0,$Tbl
+ $PTR_ADD $i1,$Tbl
+ $PTR_ADD $i2,$Tbl
+ $PTR_ADD $i3,$Tbl
+ lbu $i0,1024($i0)
+ lbu $i1,1024($i1)
+ lbu $i2,1024($i2)
+ lbu $i3,1024($i3)
+
+ sw $rk0,0($key)
+ sw $rk1,4($key)
+ sw $rk2,8($key)
+ sw $rk3,12($key)
+ sw $rk4,16($key)
+ sw $rk5,20($key)
+ sub $cnt,1
+ $PTR_ADD $key,24
+
+ _bias $i0,24
+ _bias $i1,16
+ _bias $i2,8
+ _bias $i3,0
+
+ xor $rk0,$i0
+ lw $i0,0($rcon)
+ xor $rk0,$i1
+ xor $rk0,$i2
+ xor $rk0,$i3
+ xor $rk0,$i0
+
+ xor $rk1,$rk0
+ xor $rk2,$rk1
+ xor $rk3,$rk2
+ xor $rk4,$rk3
+ xor $rk5,$rk4
+
+ .set noreorder
+ bnez $cnt,.L192bits
+ $PTR_ADD $rcon,4
+
+ sw $rk0,0($key)
+ sw $rk1,4($key)
+ sw $rk2,8($key)
+ li $cnt,12
+ sw $rk3,12($key)
+ li $t0,0
+ sw $cnt,48($key)
+ b .Lekey_done
+ $PTR_SUB $key,12*16
+
+.align 4
+.L256bits:
+ .set reorder
+ srl $i0,$rk7,16
+ srl $i1,$rk7,8
+ and $i0,0xff
+ and $i1,0xff
+ and $i2,$rk7,0xff
+ srl $i3,$rk7,24
+ $PTR_ADD $i0,$Tbl
+ $PTR_ADD $i1,$Tbl
+ $PTR_ADD $i2,$Tbl
+ $PTR_ADD $i3,$Tbl
+ lbu $i0,1024($i0)
+ lbu $i1,1024($i1)
+ lbu $i2,1024($i2)
+ lbu $i3,1024($i3)
+
+ sw $rk0,0($key)
+ sw $rk1,4($key)
+ sw $rk2,8($key)
+ sw $rk3,12($key)
+ sw $rk4,16($key)
+ sw $rk5,20($key)
+ sw $rk6,24($key)
+ sw $rk7,28($key)
+ sub $cnt,1
+
+ _bias $i0,24
+ _bias $i1,16
+ _bias $i2,8
+ _bias $i3,0
+
+ xor $rk0,$i0
+ lw $i0,0($rcon)
+ xor $rk0,$i1
+ xor $rk0,$i2
+ xor $rk0,$i3
+ xor $rk0,$i0
+
+ xor $rk1,$rk0
+ xor $rk2,$rk1
+ xor $rk3,$rk2
+ beqz $cnt,.L256bits_done
+
+ srl $i0,$rk3,24
+ srl $i1,$rk3,16
+ srl $i2,$rk3,8
+ and $i3,$rk3,0xff
+ and $i1,0xff
+ and $i2,0xff
+ $PTR_ADD $i0,$Tbl
+ $PTR_ADD $i1,$Tbl
+ $PTR_ADD $i2,$Tbl
+ $PTR_ADD $i3,$Tbl
+ lbu $i0,1024($i0)
+ lbu $i1,1024($i1)
+ lbu $i2,1024($i2)
+ lbu $i3,1024($i3)
+ sll $i0,24
+ sll $i1,16
+ sll $i2,8
+
+ xor $rk4,$i0
+ xor $rk4,$i1
+ xor $rk4,$i2
+ xor $rk4,$i3
+
+ xor $rk5,$rk4
+ xor $rk6,$rk5
+ xor $rk7,$rk6
+
+ $PTR_ADD $key,32
+ .set noreorder
+ b .L256bits
+ $PTR_ADD $rcon,4
+
+.L256bits_done:
+ sw $rk0,32($key)
+ sw $rk1,36($key)
+ sw $rk2,40($key)
+ li $cnt,14
+ sw $rk3,44($key)
+ li $t0,0
+ sw $cnt,48($key)
+ $PTR_SUB $key,12*16
+
+.Lekey_done:
+ jr $ra
+ nop
+.end _mips_AES_set_encrypt_key
+
+.globl private_AES_set_encrypt_key
+.ent private_AES_set_encrypt_key
+private_AES_set_encrypt_key:
+ .frame $sp,$FRAMESIZE,$ra
+ .mask $SAVED_REGS_MASK,-$SZREG
+ .set noreorder
+___
+$code.=<<___ if ($flavour =~ /o32/i); # o32 PIC-ification
+ .cpload $pf
+___
+$code.=<<___;
+ $PTR_SUB $sp,$FRAMESIZE
+ $REG_S $ra,$FRAMESIZE-1*$SZREG($sp)
+ $REG_S $fp,$FRAMESIZE-2*$SZREG($sp)
+___
+$code.=<<___ if ($flavour =~ /nubi/i); # optimize non-nubi prologue
+ $REG_S $s3,$FRAMESIZE-3*$SZREG($sp)
+ $REG_S $s2,$FRAMESIZE-4*$SZREG($sp)
+ $REG_S $s1,$FRAMESIZE-5*$SZREG($sp)
+ $REG_S $s0,$FRAMESIZE-6*$SZREG($sp)
+ $REG_S $gp,$FRAMESIZE-7*$SZREG($sp)
+___
+$code.=<<___ if ($flavour !~ /o32/i); # non-o32 PIC-ification
+ .cplocal $Tbl
+ .cpsetup $pf,$zero,private_AES_set_encrypt_key
+___
+$code.=<<___;
+ .set reorder
+ la $Tbl,AES_Te # PIC-ified 'load address'
+
+ bal _mips_AES_set_encrypt_key
+
+ .set noreorder
+ move $a0,$t0
+ $REG_L $ra,$FRAMESIZE-1*$SZREG($sp)
+ $REG_L $fp,$FRAMESIZE-2*$SZREG($sp)
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+ $REG_L $s3,$FRAMESIZE-11*$SZREG($sp)
+ $REG_L $s2,$FRAMESIZE-12*$SZREG($sp)
+ $REG_L $s1,$FRAMESIZE-13*$SZREG($sp)
+ $REG_L $s0,$FRAMESIZE-14*$SZREG($sp)
+ $REG_L $gp,$FRAMESIZE-15*$SZREG($sp)
+___
+$code.=<<___;
+ jr $ra
+ $PTR_ADD $sp,$FRAMESIZE
+.end private_AES_set_encrypt_key
+___
+
+my ($head,$tail)=($inp,$bits);
+my ($tp1,$tp2,$tp4,$tp8,$tp9,$tpb,$tpd,$tpe)=($a4,$a5,$a6,$a7,$s0,$s1,$s2,$s3);
+my ($m,$x80808080,$x7f7f7f7f,$x1b1b1b1b)=($at,$t0,$t1,$t2);
+$code.=<<___;
+.align 5
+.globl private_AES_set_decrypt_key
+.ent private_AES_set_decrypt_key
+private_AES_set_decrypt_key:
+ .frame $sp,$FRAMESIZE,$ra
+ .mask $SAVED_REGS_MASK,-$SZREG
+ .set noreorder
+___
+$code.=<<___ if ($flavour =~ /o32/i); # o32 PIC-ification
+ .cpload $pf
+___
+$code.=<<___;
+ $PTR_SUB $sp,$FRAMESIZE
+ $REG_S $ra,$FRAMESIZE-1*$SZREG($sp)
+ $REG_S $fp,$FRAMESIZE-2*$SZREG($sp)
+___
+$code.=<<___ if ($flavour =~ /nubi/i); # optimize non-nubi prologue
+ $REG_S $s3,$FRAMESIZE-3*$SZREG($sp)
+ $REG_S $s2,$FRAMESIZE-4*$SZREG($sp)
+ $REG_S $s1,$FRAMESIZE-5*$SZREG($sp)
+ $REG_S $s0,$FRAMESIZE-6*$SZREG($sp)
+ $REG_S $gp,$FRAMESIZE-7*$SZREG($sp)
+___
+$code.=<<___ if ($flavour !~ /o32/i); # non-o32 PIC-ification
+ .cplocal $Tbl
+ .cpsetup $pf,$zero,private_AES_set_decrypt_key
+___
+$code.=<<___;
+ .set reorder
+ la $Tbl,AES_Te # PIC-ified 'load address'
+
+ bal _mips_AES_set_encrypt_key
+
+ bltz $t0,.Ldkey_done
+
+ sll $at,$cnt,4
+ $PTR_ADD $head,$key,0
+ $PTR_ADD $tail,$key,$at
+.align 4
+.Lswap:
+ lw $rk0,0($head)
+ lw $rk1,4($head)
+ lw $rk2,8($head)
+ lw $rk3,12($head)
+ lw $rk4,0($tail)
+ lw $rk5,4($tail)
+ lw $rk6,8($tail)
+ lw $rk7,12($tail)
+ sw $rk0,0($tail)
+ sw $rk1,4($tail)
+ sw $rk2,8($tail)
+ sw $rk3,12($tail)
+ $PTR_ADD $head,16
+ $PTR_SUB $tail,16
+ sw $rk4,-16($head)
+ sw $rk5,-12($head)
+ sw $rk6,-8($head)
+ sw $rk7,-4($head)
+ bne $head,$tail,.Lswap
+
+ lw $tp1,16($key) # modulo-scheduled
+ lui $x80808080,0x8080
+ sub $cnt,1
+ or $x80808080,0x8080
+ sll $cnt,2
+ $PTR_ADD $key,16
+ lui $x1b1b1b1b,0x1b1b
+ nor $x7f7f7f7f,$zero,$x80808080
+ or $x1b1b1b1b,0x1b1b
+.align 4
+.Lmix:
+ and $m,$tp1,$x80808080
+ and $tp2,$tp1,$x7f7f7f7f
+ srl $tp4,$m,7
+ addu $tp2,$tp2 # tp2<<1
+ subu $m,$tp4
+ and $m,$x1b1b1b1b
+ xor $tp2,$m
+
+ and $m,$tp2,$x80808080
+ and $tp4,$tp2,$x7f7f7f7f
+ srl $tp8,$m,7
+ addu $tp4,$tp4 # tp4<<1
+ subu $m,$tp8
+ and $m,$x1b1b1b1b
+ xor $tp4,$m
+
+ and $m,$tp4,$x80808080
+ and $tp8,$tp4,$x7f7f7f7f
+ srl $tp9,$m,7
+ addu $tp8,$tp8 # tp8<<1
+ subu $m,$tp9
+ and $m,$x1b1b1b1b
+ xor $tp8,$m
+
+ xor $tp9,$tp8,$tp1
+ xor $tpe,$tp8,$tp4
+ xor $tpb,$tp9,$tp2
+ xor $tpd,$tp9,$tp4
+
+ _ror $tp1,$tpd,16
+ xor $tpe,$tp2
+ _ror $tp2,$tpd,-16
+ xor $tpe,$tp1
+ _ror $tp1,$tp9,8
+ xor $tpe,$tp2
+ _ror $tp2,$tp9,-24
+ xor $tpe,$tp1
+ _ror $tp1,$tpb,24
+ xor $tpe,$tp2
+ _ror $tp2,$tpb,-8
+ xor $tpe,$tp1
+ lw $tp1,4($key) # modulo-scheduled
+ xor $tpe,$tp2
+ sub $cnt,1
+ sw $tpe,0($key)
+ $PTR_ADD $key,4
+ bnez $cnt,.Lmix
+
+ li $t0,0
+.Ldkey_done:
+ .set noreorder
+ move $a0,$t0
+ $REG_L $ra,$FRAMESIZE-1*$SZREG($sp)
+ $REG_L $fp,$FRAMESIZE-2*$SZREG($sp)
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+ $REG_L $s3,$FRAMESIZE-11*$SZREG($sp)
+ $REG_L $s2,$FRAMESIZE-12*$SZREG($sp)
+ $REG_L $s1,$FRAMESIZE-13*$SZREG($sp)
+ $REG_L $s0,$FRAMESIZE-14*$SZREG($sp)
+ $REG_L $gp,$FRAMESIZE-15*$SZREG($sp)
+___
+$code.=<<___;
+ jr $ra
+ $PTR_ADD $sp,$FRAMESIZE
+.end private_AES_set_decrypt_key
+___
+}}}
+
+######################################################################
+# Tables are kept in endian-neutral manner
+$code.=<<___;
+.rdata
+.align 6
+AES_Te:
+.byte 0xc6,0x63,0x63,0xa5, 0xf8,0x7c,0x7c,0x84 # Te0
+.byte 0xee,0x77,0x77,0x99, 0xf6,0x7b,0x7b,0x8d
+.byte 0xff,0xf2,0xf2,0x0d, 0xd6,0x6b,0x6b,0xbd
+.byte 0xde,0x6f,0x6f,0xb1, 0x91,0xc5,0xc5,0x54
+.byte 0x60,0x30,0x30,0x50, 0x02,0x01,0x01,0x03
+.byte 0xce,0x67,0x67,0xa9, 0x56,0x2b,0x2b,0x7d
+.byte 0xe7,0xfe,0xfe,0x19, 0xb5,0xd7,0xd7,0x62
+.byte 0x4d,0xab,0xab,0xe6, 0xec,0x76,0x76,0x9a
+.byte 0x8f,0xca,0xca,0x45, 0x1f,0x82,0x82,0x9d
+.byte 0x89,0xc9,0xc9,0x40, 0xfa,0x7d,0x7d,0x87
+.byte 0xef,0xfa,0xfa,0x15, 0xb2,0x59,0x59,0xeb
+.byte 0x8e,0x47,0x47,0xc9, 0xfb,0xf0,0xf0,0x0b
+.byte 0x41,0xad,0xad,0xec, 0xb3,0xd4,0xd4,0x67
+.byte 0x5f,0xa2,0xa2,0xfd, 0x45,0xaf,0xaf,0xea
+.byte 0x23,0x9c,0x9c,0xbf, 0x53,0xa4,0xa4,0xf7
+.byte 0xe4,0x72,0x72,0x96, 0x9b,0xc0,0xc0,0x5b
+.byte 0x75,0xb7,0xb7,0xc2, 0xe1,0xfd,0xfd,0x1c
+.byte 0x3d,0x93,0x93,0xae, 0x4c,0x26,0x26,0x6a
+.byte 0x6c,0x36,0x36,0x5a, 0x7e,0x3f,0x3f,0x41
+.byte 0xf5,0xf7,0xf7,0x02, 0x83,0xcc,0xcc,0x4f
+.byte 0x68,0x34,0x34,0x5c, 0x51,0xa5,0xa5,0xf4
+.byte 0xd1,0xe5,0xe5,0x34, 0xf9,0xf1,0xf1,0x08
+.byte 0xe2,0x71,0x71,0x93, 0xab,0xd8,0xd8,0x73
+.byte 0x62,0x31,0x31,0x53, 0x2a,0x15,0x15,0x3f
+.byte 0x08,0x04,0x04,0x0c, 0x95,0xc7,0xc7,0x52
+.byte 0x46,0x23,0x23,0x65, 0x9d,0xc3,0xc3,0x5e
+.byte 0x30,0x18,0x18,0x28, 0x37,0x96,0x96,0xa1
+.byte 0x0a,0x05,0x05,0x0f, 0x2f,0x9a,0x9a,0xb5
+.byte 0x0e,0x07,0x07,0x09, 0x24,0x12,0x12,0x36
+.byte 0x1b,0x80,0x80,0x9b, 0xdf,0xe2,0xe2,0x3d
+.byte 0xcd,0xeb,0xeb,0x26, 0x4e,0x27,0x27,0x69
+.byte 0x7f,0xb2,0xb2,0xcd, 0xea,0x75,0x75,0x9f
+.byte 0x12,0x09,0x09,0x1b, 0x1d,0x83,0x83,0x9e
+.byte 0x58,0x2c,0x2c,0x74, 0x34,0x1a,0x1a,0x2e
+.byte 0x36,0x1b,0x1b,0x2d, 0xdc,0x6e,0x6e,0xb2
+.byte 0xb4,0x5a,0x5a,0xee, 0x5b,0xa0,0xa0,0xfb
+.byte 0xa4,0x52,0x52,0xf6, 0x76,0x3b,0x3b,0x4d
+.byte 0xb7,0xd6,0xd6,0x61, 0x7d,0xb3,0xb3,0xce
+.byte 0x52,0x29,0x29,0x7b, 0xdd,0xe3,0xe3,0x3e
+.byte 0x5e,0x2f,0x2f,0x71, 0x13,0x84,0x84,0x97
+.byte 0xa6,0x53,0x53,0xf5, 0xb9,0xd1,0xd1,0x68
+.byte 0x00,0x00,0x00,0x00, 0xc1,0xed,0xed,0x2c
+.byte 0x40,0x20,0x20,0x60, 0xe3,0xfc,0xfc,0x1f
+.byte 0x79,0xb1,0xb1,0xc8, 0xb6,0x5b,0x5b,0xed
+.byte 0xd4,0x6a,0x6a,0xbe, 0x8d,0xcb,0xcb,0x46
+.byte 0x67,0xbe,0xbe,0xd9, 0x72,0x39,0x39,0x4b
+.byte 0x94,0x4a,0x4a,0xde, 0x98,0x4c,0x4c,0xd4
+.byte 0xb0,0x58,0x58,0xe8, 0x85,0xcf,0xcf,0x4a
+.byte 0xbb,0xd0,0xd0,0x6b, 0xc5,0xef,0xef,0x2a
+.byte 0x4f,0xaa,0xaa,0xe5, 0xed,0xfb,0xfb,0x16
+.byte 0x86,0x43,0x43,0xc5, 0x9a,0x4d,0x4d,0xd7
+.byte 0x66,0x33,0x33,0x55, 0x11,0x85,0x85,0x94
+.byte 0x8a,0x45,0x45,0xcf, 0xe9,0xf9,0xf9,0x10
+.byte 0x04,0x02,0x02,0x06, 0xfe,0x7f,0x7f,0x81
+.byte 0xa0,0x50,0x50,0xf0, 0x78,0x3c,0x3c,0x44
+.byte 0x25,0x9f,0x9f,0xba, 0x4b,0xa8,0xa8,0xe3
+.byte 0xa2,0x51,0x51,0xf3, 0x5d,0xa3,0xa3,0xfe
+.byte 0x80,0x40,0x40,0xc0, 0x05,0x8f,0x8f,0x8a
+.byte 0x3f,0x92,0x92,0xad, 0x21,0x9d,0x9d,0xbc
+.byte 0x70,0x38,0x38,0x48, 0xf1,0xf5,0xf5,0x04
+.byte 0x63,0xbc,0xbc,0xdf, 0x77,0xb6,0xb6,0xc1
+.byte 0xaf,0xda,0xda,0x75, 0x42,0x21,0x21,0x63
+.byte 0x20,0x10,0x10,0x30, 0xe5,0xff,0xff,0x1a
+.byte 0xfd,0xf3,0xf3,0x0e, 0xbf,0xd2,0xd2,0x6d
+.byte 0x81,0xcd,0xcd,0x4c, 0x18,0x0c,0x0c,0x14
+.byte 0x26,0x13,0x13,0x35, 0xc3,0xec,0xec,0x2f
+.byte 0xbe,0x5f,0x5f,0xe1, 0x35,0x97,0x97,0xa2
+.byte 0x88,0x44,0x44,0xcc, 0x2e,0x17,0x17,0x39
+.byte 0x93,0xc4,0xc4,0x57, 0x55,0xa7,0xa7,0xf2
+.byte 0xfc,0x7e,0x7e,0x82, 0x7a,0x3d,0x3d,0x47
+.byte 0xc8,0x64,0x64,0xac, 0xba,0x5d,0x5d,0xe7
+.byte 0x32,0x19,0x19,0x2b, 0xe6,0x73,0x73,0x95
+.byte 0xc0,0x60,0x60,0xa0, 0x19,0x81,0x81,0x98
+.byte 0x9e,0x4f,0x4f,0xd1, 0xa3,0xdc,0xdc,0x7f
+.byte 0x44,0x22,0x22,0x66, 0x54,0x2a,0x2a,0x7e
+.byte 0x3b,0x90,0x90,0xab, 0x0b,0x88,0x88,0x83
+.byte 0x8c,0x46,0x46,0xca, 0xc7,0xee,0xee,0x29
+.byte 0x6b,0xb8,0xb8,0xd3, 0x28,0x14,0x14,0x3c
+.byte 0xa7,0xde,0xde,0x79, 0xbc,0x5e,0x5e,0xe2
+.byte 0x16,0x0b,0x0b,0x1d, 0xad,0xdb,0xdb,0x76
+.byte 0xdb,0xe0,0xe0,0x3b, 0x64,0x32,0x32,0x56
+.byte 0x74,0x3a,0x3a,0x4e, 0x14,0x0a,0x0a,0x1e
+.byte 0x92,0x49,0x49,0xdb, 0x0c,0x06,0x06,0x0a
+.byte 0x48,0x24,0x24,0x6c, 0xb8,0x5c,0x5c,0xe4
+.byte 0x9f,0xc2,0xc2,0x5d, 0xbd,0xd3,0xd3,0x6e
+.byte 0x43,0xac,0xac,0xef, 0xc4,0x62,0x62,0xa6
+.byte 0x39,0x91,0x91,0xa8, 0x31,0x95,0x95,0xa4
+.byte 0xd3,0xe4,0xe4,0x37, 0xf2,0x79,0x79,0x8b
+.byte 0xd5,0xe7,0xe7,0x32, 0x8b,0xc8,0xc8,0x43
+.byte 0x6e,0x37,0x37,0x59, 0xda,0x6d,0x6d,0xb7
+.byte 0x01,0x8d,0x8d,0x8c, 0xb1,0xd5,0xd5,0x64
+.byte 0x9c,0x4e,0x4e,0xd2, 0x49,0xa9,0xa9,0xe0
+.byte 0xd8,0x6c,0x6c,0xb4, 0xac,0x56,0x56,0xfa
+.byte 0xf3,0xf4,0xf4,0x07, 0xcf,0xea,0xea,0x25
+.byte 0xca,0x65,0x65,0xaf, 0xf4,0x7a,0x7a,0x8e
+.byte 0x47,0xae,0xae,0xe9, 0x10,0x08,0x08,0x18
+.byte 0x6f,0xba,0xba,0xd5, 0xf0,0x78,0x78,0x88
+.byte 0x4a,0x25,0x25,0x6f, 0x5c,0x2e,0x2e,0x72
+.byte 0x38,0x1c,0x1c,0x24, 0x57,0xa6,0xa6,0xf1
+.byte 0x73,0xb4,0xb4,0xc7, 0x97,0xc6,0xc6,0x51
+.byte 0xcb,0xe8,0xe8,0x23, 0xa1,0xdd,0xdd,0x7c
+.byte 0xe8,0x74,0x74,0x9c, 0x3e,0x1f,0x1f,0x21
+.byte 0x96,0x4b,0x4b,0xdd, 0x61,0xbd,0xbd,0xdc
+.byte 0x0d,0x8b,0x8b,0x86, 0x0f,0x8a,0x8a,0x85
+.byte 0xe0,0x70,0x70,0x90, 0x7c,0x3e,0x3e,0x42
+.byte 0x71,0xb5,0xb5,0xc4, 0xcc,0x66,0x66,0xaa
+.byte 0x90,0x48,0x48,0xd8, 0x06,0x03,0x03,0x05
+.byte 0xf7,0xf6,0xf6,0x01, 0x1c,0x0e,0x0e,0x12
+.byte 0xc2,0x61,0x61,0xa3, 0x6a,0x35,0x35,0x5f
+.byte 0xae,0x57,0x57,0xf9, 0x69,0xb9,0xb9,0xd0
+.byte 0x17,0x86,0x86,0x91, 0x99,0xc1,0xc1,0x58
+.byte 0x3a,0x1d,0x1d,0x27, 0x27,0x9e,0x9e,0xb9
+.byte 0xd9,0xe1,0xe1,0x38, 0xeb,0xf8,0xf8,0x13
+.byte 0x2b,0x98,0x98,0xb3, 0x22,0x11,0x11,0x33
+.byte 0xd2,0x69,0x69,0xbb, 0xa9,0xd9,0xd9,0x70
+.byte 0x07,0x8e,0x8e,0x89, 0x33,0x94,0x94,0xa7
+.byte 0x2d,0x9b,0x9b,0xb6, 0x3c,0x1e,0x1e,0x22
+.byte 0x15,0x87,0x87,0x92, 0xc9,0xe9,0xe9,0x20
+.byte 0x87,0xce,0xce,0x49, 0xaa,0x55,0x55,0xff
+.byte 0x50,0x28,0x28,0x78, 0xa5,0xdf,0xdf,0x7a
+.byte 0x03,0x8c,0x8c,0x8f, 0x59,0xa1,0xa1,0xf8
+.byte 0x09,0x89,0x89,0x80, 0x1a,0x0d,0x0d,0x17
+.byte 0x65,0xbf,0xbf,0xda, 0xd7,0xe6,0xe6,0x31
+.byte 0x84,0x42,0x42,0xc6, 0xd0,0x68,0x68,0xb8
+.byte 0x82,0x41,0x41,0xc3, 0x29,0x99,0x99,0xb0
+.byte 0x5a,0x2d,0x2d,0x77, 0x1e,0x0f,0x0f,0x11
+.byte 0x7b,0xb0,0xb0,0xcb, 0xa8,0x54,0x54,0xfc
+.byte 0x6d,0xbb,0xbb,0xd6, 0x2c,0x16,0x16,0x3a
+
+.byte 0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5 # Te4
+.byte 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76
+.byte 0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0
+.byte 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0
+.byte 0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc
+.byte 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15
+.byte 0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a
+.byte 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75
+.byte 0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0
+.byte 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84
+.byte 0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b
+.byte 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf
+.byte 0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85
+.byte 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8
+.byte 0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5
+.byte 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2
+.byte 0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17
+.byte 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73
+.byte 0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88
+.byte 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb
+.byte 0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c
+.byte 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79
+.byte 0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9
+.byte 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08
+.byte 0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6
+.byte 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a
+.byte 0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e
+.byte 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e
+.byte 0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94
+.byte 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf
+.byte 0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68
+.byte 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16
+
+.byte 0x01,0x00,0x00,0x00, 0x02,0x00,0x00,0x00 # rcon
+.byte 0x04,0x00,0x00,0x00, 0x08,0x00,0x00,0x00
+.byte 0x10,0x00,0x00,0x00, 0x20,0x00,0x00,0x00
+.byte 0x40,0x00,0x00,0x00, 0x80,0x00,0x00,0x00
+.byte 0x1B,0x00,0x00,0x00, 0x36,0x00,0x00,0x00
+
+.align 6
+AES_Td:
+.byte 0x51,0xf4,0xa7,0x50, 0x7e,0x41,0x65,0x53 # Td0
+.byte 0x1a,0x17,0xa4,0xc3, 0x3a,0x27,0x5e,0x96
+.byte 0x3b,0xab,0x6b,0xcb, 0x1f,0x9d,0x45,0xf1
+.byte 0xac,0xfa,0x58,0xab, 0x4b,0xe3,0x03,0x93
+.byte 0x20,0x30,0xfa,0x55, 0xad,0x76,0x6d,0xf6
+.byte 0x88,0xcc,0x76,0x91, 0xf5,0x02,0x4c,0x25
+.byte 0x4f,0xe5,0xd7,0xfc, 0xc5,0x2a,0xcb,0xd7
+.byte 0x26,0x35,0x44,0x80, 0xb5,0x62,0xa3,0x8f
+.byte 0xde,0xb1,0x5a,0x49, 0x25,0xba,0x1b,0x67
+.byte 0x45,0xea,0x0e,0x98, 0x5d,0xfe,0xc0,0xe1
+.byte 0xc3,0x2f,0x75,0x02, 0x81,0x4c,0xf0,0x12
+.byte 0x8d,0x46,0x97,0xa3, 0x6b,0xd3,0xf9,0xc6
+.byte 0x03,0x8f,0x5f,0xe7, 0x15,0x92,0x9c,0x95
+.byte 0xbf,0x6d,0x7a,0xeb, 0x95,0x52,0x59,0xda
+.byte 0xd4,0xbe,0x83,0x2d, 0x58,0x74,0x21,0xd3
+.byte 0x49,0xe0,0x69,0x29, 0x8e,0xc9,0xc8,0x44
+.byte 0x75,0xc2,0x89,0x6a, 0xf4,0x8e,0x79,0x78
+.byte 0x99,0x58,0x3e,0x6b, 0x27,0xb9,0x71,0xdd
+.byte 0xbe,0xe1,0x4f,0xb6, 0xf0,0x88,0xad,0x17
+.byte 0xc9,0x20,0xac,0x66, 0x7d,0xce,0x3a,0xb4
+.byte 0x63,0xdf,0x4a,0x18, 0xe5,0x1a,0x31,0x82
+.byte 0x97,0x51,0x33,0x60, 0x62,0x53,0x7f,0x45
+.byte 0xb1,0x64,0x77,0xe0, 0xbb,0x6b,0xae,0x84
+.byte 0xfe,0x81,0xa0,0x1c, 0xf9,0x08,0x2b,0x94
+.byte 0x70,0x48,0x68,0x58, 0x8f,0x45,0xfd,0x19
+.byte 0x94,0xde,0x6c,0x87, 0x52,0x7b,0xf8,0xb7
+.byte 0xab,0x73,0xd3,0x23, 0x72,0x4b,0x02,0xe2
+.byte 0xe3,0x1f,0x8f,0x57, 0x66,0x55,0xab,0x2a
+.byte 0xb2,0xeb,0x28,0x07, 0x2f,0xb5,0xc2,0x03
+.byte 0x86,0xc5,0x7b,0x9a, 0xd3,0x37,0x08,0xa5
+.byte 0x30,0x28,0x87,0xf2, 0x23,0xbf,0xa5,0xb2
+.byte 0x02,0x03,0x6a,0xba, 0xed,0x16,0x82,0x5c
+.byte 0x8a,0xcf,0x1c,0x2b, 0xa7,0x79,0xb4,0x92
+.byte 0xf3,0x07,0xf2,0xf0, 0x4e,0x69,0xe2,0xa1
+.byte 0x65,0xda,0xf4,0xcd, 0x06,0x05,0xbe,0xd5
+.byte 0xd1,0x34,0x62,0x1f, 0xc4,0xa6,0xfe,0x8a
+.byte 0x34,0x2e,0x53,0x9d, 0xa2,0xf3,0x55,0xa0
+.byte 0x05,0x8a,0xe1,0x32, 0xa4,0xf6,0xeb,0x75
+.byte 0x0b,0x83,0xec,0x39, 0x40,0x60,0xef,0xaa
+.byte 0x5e,0x71,0x9f,0x06, 0xbd,0x6e,0x10,0x51
+.byte 0x3e,0x21,0x8a,0xf9, 0x96,0xdd,0x06,0x3d
+.byte 0xdd,0x3e,0x05,0xae, 0x4d,0xe6,0xbd,0x46
+.byte 0x91,0x54,0x8d,0xb5, 0x71,0xc4,0x5d,0x05
+.byte 0x04,0x06,0xd4,0x6f, 0x60,0x50,0x15,0xff
+.byte 0x19,0x98,0xfb,0x24, 0xd6,0xbd,0xe9,0x97
+.byte 0x89,0x40,0x43,0xcc, 0x67,0xd9,0x9e,0x77
+.byte 0xb0,0xe8,0x42,0xbd, 0x07,0x89,0x8b,0x88
+.byte 0xe7,0x19,0x5b,0x38, 0x79,0xc8,0xee,0xdb
+.byte 0xa1,0x7c,0x0a,0x47, 0x7c,0x42,0x0f,0xe9
+.byte 0xf8,0x84,0x1e,0xc9, 0x00,0x00,0x00,0x00
+.byte 0x09,0x80,0x86,0x83, 0x32,0x2b,0xed,0x48
+.byte 0x1e,0x11,0x70,0xac, 0x6c,0x5a,0x72,0x4e
+.byte 0xfd,0x0e,0xff,0xfb, 0x0f,0x85,0x38,0x56
+.byte 0x3d,0xae,0xd5,0x1e, 0x36,0x2d,0x39,0x27
+.byte 0x0a,0x0f,0xd9,0x64, 0x68,0x5c,0xa6,0x21
+.byte 0x9b,0x5b,0x54,0xd1, 0x24,0x36,0x2e,0x3a
+.byte 0x0c,0x0a,0x67,0xb1, 0x93,0x57,0xe7,0x0f
+.byte 0xb4,0xee,0x96,0xd2, 0x1b,0x9b,0x91,0x9e
+.byte 0x80,0xc0,0xc5,0x4f, 0x61,0xdc,0x20,0xa2
+.byte 0x5a,0x77,0x4b,0x69, 0x1c,0x12,0x1a,0x16
+.byte 0xe2,0x93,0xba,0x0a, 0xc0,0xa0,0x2a,0xe5
+.byte 0x3c,0x22,0xe0,0x43, 0x12,0x1b,0x17,0x1d
+.byte 0x0e,0x09,0x0d,0x0b, 0xf2,0x8b,0xc7,0xad
+.byte 0x2d,0xb6,0xa8,0xb9, 0x14,0x1e,0xa9,0xc8
+.byte 0x57,0xf1,0x19,0x85, 0xaf,0x75,0x07,0x4c
+.byte 0xee,0x99,0xdd,0xbb, 0xa3,0x7f,0x60,0xfd
+.byte 0xf7,0x01,0x26,0x9f, 0x5c,0x72,0xf5,0xbc
+.byte 0x44,0x66,0x3b,0xc5, 0x5b,0xfb,0x7e,0x34
+.byte 0x8b,0x43,0x29,0x76, 0xcb,0x23,0xc6,0xdc
+.byte 0xb6,0xed,0xfc,0x68, 0xb8,0xe4,0xf1,0x63
+.byte 0xd7,0x31,0xdc,0xca, 0x42,0x63,0x85,0x10
+.byte 0x13,0x97,0x22,0x40, 0x84,0xc6,0x11,0x20
+.byte 0x85,0x4a,0x24,0x7d, 0xd2,0xbb,0x3d,0xf8
+.byte 0xae,0xf9,0x32,0x11, 0xc7,0x29,0xa1,0x6d
+.byte 0x1d,0x9e,0x2f,0x4b, 0xdc,0xb2,0x30,0xf3
+.byte 0x0d,0x86,0x52,0xec, 0x77,0xc1,0xe3,0xd0
+.byte 0x2b,0xb3,0x16,0x6c, 0xa9,0x70,0xb9,0x99
+.byte 0x11,0x94,0x48,0xfa, 0x47,0xe9,0x64,0x22
+.byte 0xa8,0xfc,0x8c,0xc4, 0xa0,0xf0,0x3f,0x1a
+.byte 0x56,0x7d,0x2c,0xd8, 0x22,0x33,0x90,0xef
+.byte 0x87,0x49,0x4e,0xc7, 0xd9,0x38,0xd1,0xc1
+.byte 0x8c,0xca,0xa2,0xfe, 0x98,0xd4,0x0b,0x36
+.byte 0xa6,0xf5,0x81,0xcf, 0xa5,0x7a,0xde,0x28
+.byte 0xda,0xb7,0x8e,0x26, 0x3f,0xad,0xbf,0xa4
+.byte 0x2c,0x3a,0x9d,0xe4, 0x50,0x78,0x92,0x0d
+.byte 0x6a,0x5f,0xcc,0x9b, 0x54,0x7e,0x46,0x62
+.byte 0xf6,0x8d,0x13,0xc2, 0x90,0xd8,0xb8,0xe8
+.byte 0x2e,0x39,0xf7,0x5e, 0x82,0xc3,0xaf,0xf5
+.byte 0x9f,0x5d,0x80,0xbe, 0x69,0xd0,0x93,0x7c
+.byte 0x6f,0xd5,0x2d,0xa9, 0xcf,0x25,0x12,0xb3
+.byte 0xc8,0xac,0x99,0x3b, 0x10,0x18,0x7d,0xa7
+.byte 0xe8,0x9c,0x63,0x6e, 0xdb,0x3b,0xbb,0x7b
+.byte 0xcd,0x26,0x78,0x09, 0x6e,0x59,0x18,0xf4
+.byte 0xec,0x9a,0xb7,0x01, 0x83,0x4f,0x9a,0xa8
+.byte 0xe6,0x95,0x6e,0x65, 0xaa,0xff,0xe6,0x7e
+.byte 0x21,0xbc,0xcf,0x08, 0xef,0x15,0xe8,0xe6
+.byte 0xba,0xe7,0x9b,0xd9, 0x4a,0x6f,0x36,0xce
+.byte 0xea,0x9f,0x09,0xd4, 0x29,0xb0,0x7c,0xd6
+.byte 0x31,0xa4,0xb2,0xaf, 0x2a,0x3f,0x23,0x31
+.byte 0xc6,0xa5,0x94,0x30, 0x35,0xa2,0x66,0xc0
+.byte 0x74,0x4e,0xbc,0x37, 0xfc,0x82,0xca,0xa6
+.byte 0xe0,0x90,0xd0,0xb0, 0x33,0xa7,0xd8,0x15
+.byte 0xf1,0x04,0x98,0x4a, 0x41,0xec,0xda,0xf7
+.byte 0x7f,0xcd,0x50,0x0e, 0x17,0x91,0xf6,0x2f
+.byte 0x76,0x4d,0xd6,0x8d, 0x43,0xef,0xb0,0x4d
+.byte 0xcc,0xaa,0x4d,0x54, 0xe4,0x96,0x04,0xdf
+.byte 0x9e,0xd1,0xb5,0xe3, 0x4c,0x6a,0x88,0x1b
+.byte 0xc1,0x2c,0x1f,0xb8, 0x46,0x65,0x51,0x7f
+.byte 0x9d,0x5e,0xea,0x04, 0x01,0x8c,0x35,0x5d
+.byte 0xfa,0x87,0x74,0x73, 0xfb,0x0b,0x41,0x2e
+.byte 0xb3,0x67,0x1d,0x5a, 0x92,0xdb,0xd2,0x52
+.byte 0xe9,0x10,0x56,0x33, 0x6d,0xd6,0x47,0x13
+.byte 0x9a,0xd7,0x61,0x8c, 0x37,0xa1,0x0c,0x7a
+.byte 0x59,0xf8,0x14,0x8e, 0xeb,0x13,0x3c,0x89
+.byte 0xce,0xa9,0x27,0xee, 0xb7,0x61,0xc9,0x35
+.byte 0xe1,0x1c,0xe5,0xed, 0x7a,0x47,0xb1,0x3c
+.byte 0x9c,0xd2,0xdf,0x59, 0x55,0xf2,0x73,0x3f
+.byte 0x18,0x14,0xce,0x79, 0x73,0xc7,0x37,0xbf
+.byte 0x53,0xf7,0xcd,0xea, 0x5f,0xfd,0xaa,0x5b
+.byte 0xdf,0x3d,0x6f,0x14, 0x78,0x44,0xdb,0x86
+.byte 0xca,0xaf,0xf3,0x81, 0xb9,0x68,0xc4,0x3e
+.byte 0x38,0x24,0x34,0x2c, 0xc2,0xa3,0x40,0x5f
+.byte 0x16,0x1d,0xc3,0x72, 0xbc,0xe2,0x25,0x0c
+.byte 0x28,0x3c,0x49,0x8b, 0xff,0x0d,0x95,0x41
+.byte 0x39,0xa8,0x01,0x71, 0x08,0x0c,0xb3,0xde
+.byte 0xd8,0xb4,0xe4,0x9c, 0x64,0x56,0xc1,0x90
+.byte 0x7b,0xcb,0x84,0x61, 0xd5,0x32,0xb6,0x70
+.byte 0x48,0x6c,0x5c,0x74, 0xd0,0xb8,0x57,0x42
+
+.byte 0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38 # Td4
+.byte 0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb
+.byte 0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87
+.byte 0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb
+.byte 0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d
+.byte 0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e
+.byte 0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2
+.byte 0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25
+.byte 0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16
+.byte 0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92
+.byte 0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda
+.byte 0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84
+.byte 0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a
+.byte 0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06
+.byte 0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02
+.byte 0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b
+.byte 0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea
+.byte 0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73
+.byte 0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85
+.byte 0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e
+.byte 0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89
+.byte 0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b
+.byte 0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20
+.byte 0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4
+.byte 0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31
+.byte 0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f
+.byte 0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d
+.byte 0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef
+.byte 0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0
+.byte 0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61
+.byte 0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26
+.byte 0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d
+___
+
+foreach (split("\n",$code)) {
+ s/\`([^\`]*)\`/eval $1/ge;
+
+ # made-up _instructions, _xtr, _ins, _ror and _bias, cope
+ # with byte order dependencies...
+ if (/^\s+_/) {
+ s/(_[a-z]+\s+)(\$[0-9]+),([^,]+)(#.*)*$/$1$2,$2,$3/;
+
+ s/_xtr\s+(\$[0-9]+),(\$[0-9]+),([0-9]+(\-2)*)/
+ sprintf("srl\t$1,$2,%d",$big_endian ? eval($3)
+ : eval("24-$3"))/e or
+ s/_ins\s+(\$[0-9]+),(\$[0-9]+),([0-9]+)/
+ sprintf("sll\t$1,$2,%d",$big_endian ? eval($3)
+ : eval("24-$3"))/e or
+ s/_ror\s+(\$[0-9]+),(\$[0-9]+),(\-?[0-9]+)/
+ sprintf("srl\t$1,$2,%d",$big_endian ? eval($3)
+ : eval("$3*-1"))/e or
+ s/_bias\s+(\$[0-9]+),(\$[0-9]+),([0-9]+)/
+ sprintf("sll\t$1,$2,%d",$big_endian ? eval($3)
+ : eval("($3-16)&31"))/e;
+
+ s/srl\s+(\$[0-9]+),(\$[0-9]+),\-([0-9]+)/
+ sprintf("sll\t$1,$2,$3")/e or
+ s/srl\s+(\$[0-9]+),(\$[0-9]+),0/
+ sprintf("and\t$1,$2,0xff")/e or
+ s/(sll\s+\$[0-9]+,\$[0-9]+,0)/#$1/;
+ }
+
+ # convert lwl/lwr and swr/swl to little-endian order
+ if (!$big_endian && /^\s+[sl]w[lr]\s+/) {
+ s/([sl]wl.*)([0-9]+)\((\$[0-9]+)\)/
+ sprintf("$1%d($3)",eval("$2-$2%4+($2%4-1)&3"))/e or
+ s/([sl]wr.*)([0-9]+)\((\$[0-9]+)\)/
+ sprintf("$1%d($3)",eval("$2-$2%4+($2%4+1)&3"))/e;
+ }
+
+ print $_,"\n";
+}
+
+close STDOUT;
Copied: trunk/crypto/openssl/crypto/aes/asm/aes-parisc.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/aes/asm/aes-parisc.pl)
===================================================================
--- trunk/crypto/openssl/crypto/aes/asm/aes-parisc.pl (rev 0)
+++ trunk/crypto/openssl/crypto/aes/asm/aes-parisc.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,1022 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# AES for PA-RISC.
+#
+# June 2009.
+#
+# The module is mechanical transliteration of aes-sparcv9.pl, but with
+# a twist: S-boxes are compressed even further down to 1K+256B. On
+# PA-7100LC performance is ~40% better than gcc 3.2 generated code and
+# is about 33 cycles per byte processed with 128-bit key. Newer CPUs
+# perform at 16 cycles per byte. It's not faster than code generated
+# by vendor compiler, but recall that it has compressed S-boxes, which
+# requires extra processing.
+#
+# Special thanks to polarhome.com for providing HP-UX account.
+
+$flavour = shift;
+$output = shift;
+open STDOUT,">$output";
+
+if ($flavour =~ /64/) {
+ $LEVEL ="2.0W";
+ $SIZE_T =8;
+ $FRAME_MARKER =80;
+ $SAVED_RP =16;
+ $PUSH ="std";
+ $PUSHMA ="std,ma";
+ $POP ="ldd";
+ $POPMB ="ldd,mb";
+} else {
+ $LEVEL ="1.0";
+ $SIZE_T =4;
+ $FRAME_MARKER =48;
+ $SAVED_RP =20;
+ $PUSH ="stw";
+ $PUSHMA ="stwm";
+ $POP ="ldw";
+ $POPMB ="ldwm";
+}
+
+$FRAME=16*$SIZE_T+$FRAME_MARKER;# 16 saved regs + frame marker
+ # [+ argument transfer]
+$inp="%r26"; # arg0
+$out="%r25"; # arg1
+$key="%r24"; # arg2
+
+($s0,$s1,$s2,$s3) = ("%r1","%r2","%r3","%r4");
+($t0,$t1,$t2,$t3) = ("%r5","%r6","%r7","%r8");
+
+($acc0, $acc1, $acc2, $acc3, $acc4, $acc5, $acc6, $acc7,
+ $acc8, $acc9,$acc10,$acc11,$acc12,$acc13,$acc14,$acc15) =
+("%r9","%r10","%r11","%r12","%r13","%r14","%r15","%r16",
+"%r17","%r18","%r19","%r20","%r21","%r22","%r23","%r26");
+
+$tbl="%r28";
+$rounds="%r29";
+
+$code=<<___;
+ .LEVEL $LEVEL
+ .SPACE \$TEXT\$
+ .SUBSPA \$CODE\$,QUAD=0,ALIGN=8,ACCESS=0x2C,CODE_ONLY
+
+ .EXPORT AES_encrypt,ENTRY,ARGW0=GR,ARGW1=GR,ARGW2=GR
+ .ALIGN 64
+AES_encrypt
+ .PROC
+ .CALLINFO FRAME=`$FRAME-16*$SIZE_T`,NO_CALLS,SAVE_RP,ENTRY_GR=18
+ .ENTRY
+ $PUSH %r2,-$SAVED_RP(%sp) ; standard prologue
+ $PUSHMA %r3,$FRAME(%sp)
+ $PUSH %r4,`-$FRAME+1*$SIZE_T`(%sp)
+ $PUSH %r5,`-$FRAME+2*$SIZE_T`(%sp)
+ $PUSH %r6,`-$FRAME+3*$SIZE_T`(%sp)
+ $PUSH %r7,`-$FRAME+4*$SIZE_T`(%sp)
+ $PUSH %r8,`-$FRAME+5*$SIZE_T`(%sp)
+ $PUSH %r9,`-$FRAME+6*$SIZE_T`(%sp)
+ $PUSH %r10,`-$FRAME+7*$SIZE_T`(%sp)
+ $PUSH %r11,`-$FRAME+8*$SIZE_T`(%sp)
+ $PUSH %r12,`-$FRAME+9*$SIZE_T`(%sp)
+ $PUSH %r13,`-$FRAME+10*$SIZE_T`(%sp)
+ $PUSH %r14,`-$FRAME+11*$SIZE_T`(%sp)
+ $PUSH %r15,`-$FRAME+12*$SIZE_T`(%sp)
+ $PUSH %r16,`-$FRAME+13*$SIZE_T`(%sp)
+ $PUSH %r17,`-$FRAME+14*$SIZE_T`(%sp)
+ $PUSH %r18,`-$FRAME+15*$SIZE_T`(%sp)
+
+ blr %r0,$tbl
+ ldi 3,$t0
+L\$enc_pic
+ andcm $tbl,$t0,$tbl
+ ldo L\$AES_Te-L\$enc_pic($tbl),$tbl
+
+ and $inp,$t0,$t0
+ sub $inp,$t0,$inp
+ ldw 0($inp),$s0
+ ldw 4($inp),$s1
+ ldw 8($inp),$s2
+ comib,= 0,$t0,L\$enc_inp_aligned
+ ldw 12($inp),$s3
+
+ sh3addl $t0,%r0,$t0
+ subi 32,$t0,$t0
+ mtctl $t0,%cr11
+ ldw 16($inp),$t1
+ vshd $s0,$s1,$s0
+ vshd $s1,$s2,$s1
+ vshd $s2,$s3,$s2
+ vshd $s3,$t1,$s3
+
+L\$enc_inp_aligned
+ bl _parisc_AES_encrypt,%r31
+ nop
+
+ extru,<> $out,31,2,%r0
+ b L\$enc_out_aligned
+ nop
+
+ _srm $s0,24,$acc0
+ _srm $s0,16,$acc1
+ stb $acc0,0($out)
+ _srm $s0,8,$acc2
+ stb $acc1,1($out)
+ _srm $s1,24,$acc4
+ stb $acc2,2($out)
+ _srm $s1,16,$acc5
+ stb $s0,3($out)
+ _srm $s1,8,$acc6
+ stb $acc4,4($out)
+ _srm $s2,24,$acc0
+ stb $acc5,5($out)
+ _srm $s2,16,$acc1
+ stb $acc6,6($out)
+ _srm $s2,8,$acc2
+ stb $s1,7($out)
+ _srm $s3,24,$acc4
+ stb $acc0,8($out)
+ _srm $s3,16,$acc5
+ stb $acc1,9($out)
+ _srm $s3,8,$acc6
+ stb $acc2,10($out)
+ stb $s2,11($out)
+ stb $acc4,12($out)
+ stb $acc5,13($out)
+ stb $acc6,14($out)
+ b L\$enc_done
+ stb $s3,15($out)
+
+L\$enc_out_aligned
+ stw $s0,0($out)
+ stw $s1,4($out)
+ stw $s2,8($out)
+ stw $s3,12($out)
+
+L\$enc_done
+ $POP `-$FRAME-$SAVED_RP`(%sp),%r2 ; standard epilogue
+ $POP `-$FRAME+1*$SIZE_T`(%sp),%r4
+ $POP `-$FRAME+2*$SIZE_T`(%sp),%r5
+ $POP `-$FRAME+3*$SIZE_T`(%sp),%r6
+ $POP `-$FRAME+4*$SIZE_T`(%sp),%r7
+ $POP `-$FRAME+5*$SIZE_T`(%sp),%r8
+ $POP `-$FRAME+6*$SIZE_T`(%sp),%r9
+ $POP `-$FRAME+7*$SIZE_T`(%sp),%r10
+ $POP `-$FRAME+8*$SIZE_T`(%sp),%r11
+ $POP `-$FRAME+9*$SIZE_T`(%sp),%r12
+ $POP `-$FRAME+10*$SIZE_T`(%sp),%r13
+ $POP `-$FRAME+11*$SIZE_T`(%sp),%r14
+ $POP `-$FRAME+12*$SIZE_T`(%sp),%r15
+ $POP `-$FRAME+13*$SIZE_T`(%sp),%r16
+ $POP `-$FRAME+14*$SIZE_T`(%sp),%r17
+ $POP `-$FRAME+15*$SIZE_T`(%sp),%r18
+ bv (%r2)
+ .EXIT
+ $POPMB -$FRAME(%sp),%r3
+ .PROCEND
+
+ .ALIGN 16
+_parisc_AES_encrypt
+ .PROC
+ .CALLINFO MILLICODE
+ .ENTRY
+ ldw 240($key),$rounds
+ ldw 0($key),$t0
+ ldw 4($key),$t1
+ ldw 8($key),$t2
+ _srm $rounds,1,$rounds
+ xor $t0,$s0,$s0
+ ldw 12($key),$t3
+ _srm $s0,24,$acc0
+ xor $t1,$s1,$s1
+ ldw 16($key),$t0
+ _srm $s1,16,$acc1
+ xor $t2,$s2,$s2
+ ldw 20($key),$t1
+ xor $t3,$s3,$s3
+ ldw 24($key),$t2
+ ldw 28($key),$t3
+L\$enc_loop
+ _srm $s2,8,$acc2
+ ldwx,s $acc0($tbl),$acc0
+ _srm $s3,0,$acc3
+ ldwx,s $acc1($tbl),$acc1
+ _srm $s1,24,$acc4
+ ldwx,s $acc2($tbl),$acc2
+ _srm $s2,16,$acc5
+ ldwx,s $acc3($tbl),$acc3
+ _srm $s3,8,$acc6
+ ldwx,s $acc4($tbl),$acc4
+ _srm $s0,0,$acc7
+ ldwx,s $acc5($tbl),$acc5
+ _srm $s2,24,$acc8
+ ldwx,s $acc6($tbl),$acc6
+ _srm $s3,16,$acc9
+ ldwx,s $acc7($tbl),$acc7
+ _srm $s0,8,$acc10
+ ldwx,s $acc8($tbl),$acc8
+ _srm $s1,0,$acc11
+ ldwx,s $acc9($tbl),$acc9
+ _srm $s3,24,$acc12
+ ldwx,s $acc10($tbl),$acc10
+ _srm $s0,16,$acc13
+ ldwx,s $acc11($tbl),$acc11
+ _srm $s1,8,$acc14
+ ldwx,s $acc12($tbl),$acc12
+ _srm $s2,0,$acc15
+ ldwx,s $acc13($tbl),$acc13
+ ldwx,s $acc14($tbl),$acc14
+ ldwx,s $acc15($tbl),$acc15
+ addib,= -1,$rounds,L\$enc_last
+ ldo 32($key),$key
+
+ _ror $acc1,8,$acc1
+ xor $acc0,$t0,$t0
+ ldw 0($key),$s0
+ _ror $acc2,16,$acc2
+ xor $acc1,$t0,$t0
+ ldw 4($key),$s1
+ _ror $acc3,24,$acc3
+ xor $acc2,$t0,$t0
+ ldw 8($key),$s2
+ _ror $acc5,8,$acc5
+ xor $acc3,$t0,$t0
+ ldw 12($key),$s3
+ _ror $acc6,16,$acc6
+ xor $acc4,$t1,$t1
+ _ror $acc7,24,$acc7
+ xor $acc5,$t1,$t1
+ _ror $acc9,8,$acc9
+ xor $acc6,$t1,$t1
+ _ror $acc10,16,$acc10
+ xor $acc7,$t1,$t1
+ _ror $acc11,24,$acc11
+ xor $acc8,$t2,$t2
+ _ror $acc13,8,$acc13
+ xor $acc9,$t2,$t2
+ _ror $acc14,16,$acc14
+ xor $acc10,$t2,$t2
+ _ror $acc15,24,$acc15
+ xor $acc11,$t2,$t2
+ xor $acc12,$acc14,$acc14
+ xor $acc13,$t3,$t3
+ _srm $t0,24,$acc0
+ xor $acc14,$t3,$t3
+ _srm $t1,16,$acc1
+ xor $acc15,$t3,$t3
+
+ _srm $t2,8,$acc2
+ ldwx,s $acc0($tbl),$acc0
+ _srm $t3,0,$acc3
+ ldwx,s $acc1($tbl),$acc1
+ _srm $t1,24,$acc4
+ ldwx,s $acc2($tbl),$acc2
+ _srm $t2,16,$acc5
+ ldwx,s $acc3($tbl),$acc3
+ _srm $t3,8,$acc6
+ ldwx,s $acc4($tbl),$acc4
+ _srm $t0,0,$acc7
+ ldwx,s $acc5($tbl),$acc5
+ _srm $t2,24,$acc8
+ ldwx,s $acc6($tbl),$acc6
+ _srm $t3,16,$acc9
+ ldwx,s $acc7($tbl),$acc7
+ _srm $t0,8,$acc10
+ ldwx,s $acc8($tbl),$acc8
+ _srm $t1,0,$acc11
+ ldwx,s $acc9($tbl),$acc9
+ _srm $t3,24,$acc12
+ ldwx,s $acc10($tbl),$acc10
+ _srm $t0,16,$acc13
+ ldwx,s $acc11($tbl),$acc11
+ _srm $t1,8,$acc14
+ ldwx,s $acc12($tbl),$acc12
+ _srm $t2,0,$acc15
+ ldwx,s $acc13($tbl),$acc13
+ _ror $acc1,8,$acc1
+ ldwx,s $acc14($tbl),$acc14
+
+ _ror $acc2,16,$acc2
+ xor $acc0,$s0,$s0
+ ldwx,s $acc15($tbl),$acc15
+ _ror $acc3,24,$acc3
+ xor $acc1,$s0,$s0
+ ldw 16($key),$t0
+ _ror $acc5,8,$acc5
+ xor $acc2,$s0,$s0
+ ldw 20($key),$t1
+ _ror $acc6,16,$acc6
+ xor $acc3,$s0,$s0
+ ldw 24($key),$t2
+ _ror $acc7,24,$acc7
+ xor $acc4,$s1,$s1
+ ldw 28($key),$t3
+ _ror $acc9,8,$acc9
+ xor $acc5,$s1,$s1
+ ldw 1024+0($tbl),%r0 ; prefetch te4
+ _ror $acc10,16,$acc10
+ xor $acc6,$s1,$s1
+ ldw 1024+32($tbl),%r0 ; prefetch te4
+ _ror $acc11,24,$acc11
+ xor $acc7,$s1,$s1
+ ldw 1024+64($tbl),%r0 ; prefetch te4
+ _ror $acc13,8,$acc13
+ xor $acc8,$s2,$s2
+ ldw 1024+96($tbl),%r0 ; prefetch te4
+ _ror $acc14,16,$acc14
+ xor $acc9,$s2,$s2
+ ldw 1024+128($tbl),%r0 ; prefetch te4
+ _ror $acc15,24,$acc15
+ xor $acc10,$s2,$s2
+ ldw 1024+160($tbl),%r0 ; prefetch te4
+ _srm $s0,24,$acc0
+ xor $acc11,$s2,$s2
+ ldw 1024+192($tbl),%r0 ; prefetch te4
+ xor $acc12,$acc14,$acc14
+ xor $acc13,$s3,$s3
+ ldw 1024+224($tbl),%r0 ; prefetch te4
+ _srm $s1,16,$acc1
+ xor $acc14,$s3,$s3
+ b L\$enc_loop
+ xor $acc15,$s3,$s3
+
+ .ALIGN 16
+L\$enc_last
+ ldo 1024($tbl),$rounds
+ _ror $acc1,8,$acc1
+ xor $acc0,$t0,$t0
+ ldw 0($key),$s0
+ _ror $acc2,16,$acc2
+ xor $acc1,$t0,$t0
+ ldw 4($key),$s1
+ _ror $acc3,24,$acc3
+ xor $acc2,$t0,$t0
+ ldw 8($key),$s2
+ _ror $acc5,8,$acc5
+ xor $acc3,$t0,$t0
+ ldw 12($key),$s3
+ _ror $acc6,16,$acc6
+ xor $acc4,$t1,$t1
+ _ror $acc7,24,$acc7
+ xor $acc5,$t1,$t1
+ _ror $acc9,8,$acc9
+ xor $acc6,$t1,$t1
+ _ror $acc10,16,$acc10
+ xor $acc7,$t1,$t1
+ _ror $acc11,24,$acc11
+ xor $acc8,$t2,$t2
+ _ror $acc13,8,$acc13
+ xor $acc9,$t2,$t2
+ _ror $acc14,16,$acc14
+ xor $acc10,$t2,$t2
+ _ror $acc15,24,$acc15
+ xor $acc11,$t2,$t2
+ xor $acc12,$acc14,$acc14
+ xor $acc13,$t3,$t3
+ _srm $t0,24,$acc0
+ xor $acc14,$t3,$t3
+ _srm $t1,16,$acc1
+ xor $acc15,$t3,$t3
+
+ _srm $t2,8,$acc2
+ ldbx $acc0($rounds),$acc0
+ _srm $t1,24,$acc4
+ ldbx $acc1($rounds),$acc1
+ _srm $t2,16,$acc5
+ _srm $t3,0,$acc3
+ ldbx $acc2($rounds),$acc2
+ ldbx $acc3($rounds),$acc3
+ _srm $t3,8,$acc6
+ ldbx $acc4($rounds),$acc4
+ _srm $t2,24,$acc8
+ ldbx $acc5($rounds),$acc5
+ _srm $t3,16,$acc9
+ _srm $t0,0,$acc7
+ ldbx $acc6($rounds),$acc6
+ ldbx $acc7($rounds),$acc7
+ _srm $t0,8,$acc10
+ ldbx $acc8($rounds),$acc8
+ _srm $t3,24,$acc12
+ ldbx $acc9($rounds),$acc9
+ _srm $t0,16,$acc13
+ _srm $t1,0,$acc11
+ ldbx $acc10($rounds),$acc10
+ _srm $t1,8,$acc14
+ ldbx $acc11($rounds),$acc11
+ ldbx $acc12($rounds),$acc12
+ ldbx $acc13($rounds),$acc13
+ _srm $t2,0,$acc15
+ ldbx $acc14($rounds),$acc14
+
+ dep $acc0,7,8,$acc3
+ ldbx $acc15($rounds),$acc15
+ dep $acc4,7,8,$acc7
+ dep $acc1,15,8,$acc3
+ dep $acc5,15,8,$acc7
+ dep $acc2,23,8,$acc3
+ dep $acc6,23,8,$acc7
+ xor $acc3,$s0,$s0
+ xor $acc7,$s1,$s1
+ dep $acc8,7,8,$acc11
+ dep $acc12,7,8,$acc15
+ dep $acc9,15,8,$acc11
+ dep $acc13,15,8,$acc15
+ dep $acc10,23,8,$acc11
+ dep $acc14,23,8,$acc15
+ xor $acc11,$s2,$s2
+
+ bv (%r31)
+ .EXIT
+ xor $acc15,$s3,$s3
+ .PROCEND
+
+ .ALIGN 64
+L\$AES_Te
+ .WORD 0xc66363a5, 0xf87c7c84, 0xee777799, 0xf67b7b8d
+ .WORD 0xfff2f20d, 0xd66b6bbd, 0xde6f6fb1, 0x91c5c554
+ .WORD 0x60303050, 0x02010103, 0xce6767a9, 0x562b2b7d
+ .WORD 0xe7fefe19, 0xb5d7d762, 0x4dababe6, 0xec76769a
+ .WORD 0x8fcaca45, 0x1f82829d, 0x89c9c940, 0xfa7d7d87
+ .WORD 0xeffafa15, 0xb25959eb, 0x8e4747c9, 0xfbf0f00b
+ .WORD 0x41adadec, 0xb3d4d467, 0x5fa2a2fd, 0x45afafea
+ .WORD 0x239c9cbf, 0x53a4a4f7, 0xe4727296, 0x9bc0c05b
+ .WORD 0x75b7b7c2, 0xe1fdfd1c, 0x3d9393ae, 0x4c26266a
+ .WORD 0x6c36365a, 0x7e3f3f41, 0xf5f7f702, 0x83cccc4f
+ .WORD 0x6834345c, 0x51a5a5f4, 0xd1e5e534, 0xf9f1f108
+ .WORD 0xe2717193, 0xabd8d873, 0x62313153, 0x2a15153f
+ .WORD 0x0804040c, 0x95c7c752, 0x46232365, 0x9dc3c35e
+ .WORD 0x30181828, 0x379696a1, 0x0a05050f, 0x2f9a9ab5
+ .WORD 0x0e070709, 0x24121236, 0x1b80809b, 0xdfe2e23d
+ .WORD 0xcdebeb26, 0x4e272769, 0x7fb2b2cd, 0xea75759f
+ .WORD 0x1209091b, 0x1d83839e, 0x582c2c74, 0x341a1a2e
+ .WORD 0x361b1b2d, 0xdc6e6eb2, 0xb45a5aee, 0x5ba0a0fb
+ .WORD 0xa45252f6, 0x763b3b4d, 0xb7d6d661, 0x7db3b3ce
+ .WORD 0x5229297b, 0xdde3e33e, 0x5e2f2f71, 0x13848497
+ .WORD 0xa65353f5, 0xb9d1d168, 0x00000000, 0xc1eded2c
+ .WORD 0x40202060, 0xe3fcfc1f, 0x79b1b1c8, 0xb65b5bed
+ .WORD 0xd46a6abe, 0x8dcbcb46, 0x67bebed9, 0x7239394b
+ .WORD 0x944a4ade, 0x984c4cd4, 0xb05858e8, 0x85cfcf4a
+ .WORD 0xbbd0d06b, 0xc5efef2a, 0x4faaaae5, 0xedfbfb16
+ .WORD 0x864343c5, 0x9a4d4dd7, 0x66333355, 0x11858594
+ .WORD 0x8a4545cf, 0xe9f9f910, 0x04020206, 0xfe7f7f81
+ .WORD 0xa05050f0, 0x783c3c44, 0x259f9fba, 0x4ba8a8e3
+ .WORD 0xa25151f3, 0x5da3a3fe, 0x804040c0, 0x058f8f8a
+ .WORD 0x3f9292ad, 0x219d9dbc, 0x70383848, 0xf1f5f504
+ .WORD 0x63bcbcdf, 0x77b6b6c1, 0xafdada75, 0x42212163
+ .WORD 0x20101030, 0xe5ffff1a, 0xfdf3f30e, 0xbfd2d26d
+ .WORD 0x81cdcd4c, 0x180c0c14, 0x26131335, 0xc3ecec2f
+ .WORD 0xbe5f5fe1, 0x359797a2, 0x884444cc, 0x2e171739
+ .WORD 0x93c4c457, 0x55a7a7f2, 0xfc7e7e82, 0x7a3d3d47
+ .WORD 0xc86464ac, 0xba5d5de7, 0x3219192b, 0xe6737395
+ .WORD 0xc06060a0, 0x19818198, 0x9e4f4fd1, 0xa3dcdc7f
+ .WORD 0x44222266, 0x542a2a7e, 0x3b9090ab, 0x0b888883
+ .WORD 0x8c4646ca, 0xc7eeee29, 0x6bb8b8d3, 0x2814143c
+ .WORD 0xa7dede79, 0xbc5e5ee2, 0x160b0b1d, 0xaddbdb76
+ .WORD 0xdbe0e03b, 0x64323256, 0x743a3a4e, 0x140a0a1e
+ .WORD 0x924949db, 0x0c06060a, 0x4824246c, 0xb85c5ce4
+ .WORD 0x9fc2c25d, 0xbdd3d36e, 0x43acacef, 0xc46262a6
+ .WORD 0x399191a8, 0x319595a4, 0xd3e4e437, 0xf279798b
+ .WORD 0xd5e7e732, 0x8bc8c843, 0x6e373759, 0xda6d6db7
+ .WORD 0x018d8d8c, 0xb1d5d564, 0x9c4e4ed2, 0x49a9a9e0
+ .WORD 0xd86c6cb4, 0xac5656fa, 0xf3f4f407, 0xcfeaea25
+ .WORD 0xca6565af, 0xf47a7a8e, 0x47aeaee9, 0x10080818
+ .WORD 0x6fbabad5, 0xf0787888, 0x4a25256f, 0x5c2e2e72
+ .WORD 0x381c1c24, 0x57a6a6f1, 0x73b4b4c7, 0x97c6c651
+ .WORD 0xcbe8e823, 0xa1dddd7c, 0xe874749c, 0x3e1f1f21
+ .WORD 0x964b4bdd, 0x61bdbddc, 0x0d8b8b86, 0x0f8a8a85
+ .WORD 0xe0707090, 0x7c3e3e42, 0x71b5b5c4, 0xcc6666aa
+ .WORD 0x904848d8, 0x06030305, 0xf7f6f601, 0x1c0e0e12
+ .WORD 0xc26161a3, 0x6a35355f, 0xae5757f9, 0x69b9b9d0
+ .WORD 0x17868691, 0x99c1c158, 0x3a1d1d27, 0x279e9eb9
+ .WORD 0xd9e1e138, 0xebf8f813, 0x2b9898b3, 0x22111133
+ .WORD 0xd26969bb, 0xa9d9d970, 0x078e8e89, 0x339494a7
+ .WORD 0x2d9b9bb6, 0x3c1e1e22, 0x15878792, 0xc9e9e920
+ .WORD 0x87cece49, 0xaa5555ff, 0x50282878, 0xa5dfdf7a
+ .WORD 0x038c8c8f, 0x59a1a1f8, 0x09898980, 0x1a0d0d17
+ .WORD 0x65bfbfda, 0xd7e6e631, 0x844242c6, 0xd06868b8
+ .WORD 0x824141c3, 0x299999b0, 0x5a2d2d77, 0x1e0f0f11
+ .WORD 0x7bb0b0cb, 0xa85454fc, 0x6dbbbbd6, 0x2c16163a
+ .BYTE 0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5
+ .BYTE 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76
+ .BYTE 0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0
+ .BYTE 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0
+ .BYTE 0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc
+ .BYTE 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15
+ .BYTE 0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a
+ .BYTE 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75
+ .BYTE 0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0
+ .BYTE 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84
+ .BYTE 0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b
+ .BYTE 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf
+ .BYTE 0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85
+ .BYTE 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8
+ .BYTE 0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5
+ .BYTE 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2
+ .BYTE 0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17
+ .BYTE 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73
+ .BYTE 0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88
+ .BYTE 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb
+ .BYTE 0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c
+ .BYTE 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79
+ .BYTE 0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9
+ .BYTE 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08
+ .BYTE 0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6
+ .BYTE 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a
+ .BYTE 0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e
+ .BYTE 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e
+ .BYTE 0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94
+ .BYTE 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf
+ .BYTE 0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68
+ .BYTE 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16
+___
+
+$code.=<<___;
+ .EXPORT AES_decrypt,ENTRY,ARGW0=GR,ARGW1=GR,ARGW2=GR
+ .ALIGN 16
+AES_decrypt
+ .PROC
+ .CALLINFO FRAME=`$FRAME-16*$SIZE_T`,NO_CALLS,SAVE_RP,ENTRY_GR=18
+ .ENTRY
+ $PUSH %r2,-$SAVED_RP(%sp) ; standard prologue
+ $PUSHMA %r3,$FRAME(%sp)
+ $PUSH %r4,`-$FRAME+1*$SIZE_T`(%sp)
+ $PUSH %r5,`-$FRAME+2*$SIZE_T`(%sp)
+ $PUSH %r6,`-$FRAME+3*$SIZE_T`(%sp)
+ $PUSH %r7,`-$FRAME+4*$SIZE_T`(%sp)
+ $PUSH %r8,`-$FRAME+5*$SIZE_T`(%sp)
+ $PUSH %r9,`-$FRAME+6*$SIZE_T`(%sp)
+ $PUSH %r10,`-$FRAME+7*$SIZE_T`(%sp)
+ $PUSH %r11,`-$FRAME+8*$SIZE_T`(%sp)
+ $PUSH %r12,`-$FRAME+9*$SIZE_T`(%sp)
+ $PUSH %r13,`-$FRAME+10*$SIZE_T`(%sp)
+ $PUSH %r14,`-$FRAME+11*$SIZE_T`(%sp)
+ $PUSH %r15,`-$FRAME+12*$SIZE_T`(%sp)
+ $PUSH %r16,`-$FRAME+13*$SIZE_T`(%sp)
+ $PUSH %r17,`-$FRAME+14*$SIZE_T`(%sp)
+ $PUSH %r18,`-$FRAME+15*$SIZE_T`(%sp)
+
+ blr %r0,$tbl
+ ldi 3,$t0
+L\$dec_pic
+ andcm $tbl,$t0,$tbl
+ ldo L\$AES_Td-L\$dec_pic($tbl),$tbl
+
+ and $inp,$t0,$t0
+ sub $inp,$t0,$inp
+ ldw 0($inp),$s0
+ ldw 4($inp),$s1
+ ldw 8($inp),$s2
+ comib,= 0,$t0,L\$dec_inp_aligned
+ ldw 12($inp),$s3
+
+ sh3addl $t0,%r0,$t0
+ subi 32,$t0,$t0
+ mtctl $t0,%cr11
+ ldw 16($inp),$t1
+ vshd $s0,$s1,$s0
+ vshd $s1,$s2,$s1
+ vshd $s2,$s3,$s2
+ vshd $s3,$t1,$s3
+
+L\$dec_inp_aligned
+ bl _parisc_AES_decrypt,%r31
+ nop
+
+ extru,<> $out,31,2,%r0
+ b L\$dec_out_aligned
+ nop
+
+ _srm $s0,24,$acc0
+ _srm $s0,16,$acc1
+ stb $acc0,0($out)
+ _srm $s0,8,$acc2
+ stb $acc1,1($out)
+ _srm $s1,24,$acc4
+ stb $acc2,2($out)
+ _srm $s1,16,$acc5
+ stb $s0,3($out)
+ _srm $s1,8,$acc6
+ stb $acc4,4($out)
+ _srm $s2,24,$acc0
+ stb $acc5,5($out)
+ _srm $s2,16,$acc1
+ stb $acc6,6($out)
+ _srm $s2,8,$acc2
+ stb $s1,7($out)
+ _srm $s3,24,$acc4
+ stb $acc0,8($out)
+ _srm $s3,16,$acc5
+ stb $acc1,9($out)
+ _srm $s3,8,$acc6
+ stb $acc2,10($out)
+ stb $s2,11($out)
+ stb $acc4,12($out)
+ stb $acc5,13($out)
+ stb $acc6,14($out)
+ b L\$dec_done
+ stb $s3,15($out)
+
+L\$dec_out_aligned
+ stw $s0,0($out)
+ stw $s1,4($out)
+ stw $s2,8($out)
+ stw $s3,12($out)
+
+L\$dec_done
+ $POP `-$FRAME-$SAVED_RP`(%sp),%r2 ; standard epilogue
+ $POP `-$FRAME+1*$SIZE_T`(%sp),%r4
+ $POP `-$FRAME+2*$SIZE_T`(%sp),%r5
+ $POP `-$FRAME+3*$SIZE_T`(%sp),%r6
+ $POP `-$FRAME+4*$SIZE_T`(%sp),%r7
+ $POP `-$FRAME+5*$SIZE_T`(%sp),%r8
+ $POP `-$FRAME+6*$SIZE_T`(%sp),%r9
+ $POP `-$FRAME+7*$SIZE_T`(%sp),%r10
+ $POP `-$FRAME+8*$SIZE_T`(%sp),%r11
+ $POP `-$FRAME+9*$SIZE_T`(%sp),%r12
+ $POP `-$FRAME+10*$SIZE_T`(%sp),%r13
+ $POP `-$FRAME+11*$SIZE_T`(%sp),%r14
+ $POP `-$FRAME+12*$SIZE_T`(%sp),%r15
+ $POP `-$FRAME+13*$SIZE_T`(%sp),%r16
+ $POP `-$FRAME+14*$SIZE_T`(%sp),%r17
+ $POP `-$FRAME+15*$SIZE_T`(%sp),%r18
+ bv (%r2)
+ .EXIT
+ $POPMB -$FRAME(%sp),%r3
+ .PROCEND
+
+ .ALIGN 16
+_parisc_AES_decrypt
+ .PROC
+ .CALLINFO MILLICODE
+ .ENTRY
+ ldw 240($key),$rounds
+ ldw 0($key),$t0
+ ldw 4($key),$t1
+ ldw 8($key),$t2
+ ldw 12($key),$t3
+ _srm $rounds,1,$rounds
+ xor $t0,$s0,$s0
+ ldw 16($key),$t0
+ xor $t1,$s1,$s1
+ ldw 20($key),$t1
+ _srm $s0,24,$acc0
+ xor $t2,$s2,$s2
+ ldw 24($key),$t2
+ xor $t3,$s3,$s3
+ ldw 28($key),$t3
+ _srm $s3,16,$acc1
+L\$dec_loop
+ _srm $s2,8,$acc2
+ ldwx,s $acc0($tbl),$acc0
+ _srm $s1,0,$acc3
+ ldwx,s $acc1($tbl),$acc1
+ _srm $s1,24,$acc4
+ ldwx,s $acc2($tbl),$acc2
+ _srm $s0,16,$acc5
+ ldwx,s $acc3($tbl),$acc3
+ _srm $s3,8,$acc6
+ ldwx,s $acc4($tbl),$acc4
+ _srm $s2,0,$acc7
+ ldwx,s $acc5($tbl),$acc5
+ _srm $s2,24,$acc8
+ ldwx,s $acc6($tbl),$acc6
+ _srm $s1,16,$acc9
+ ldwx,s $acc7($tbl),$acc7
+ _srm $s0,8,$acc10
+ ldwx,s $acc8($tbl),$acc8
+ _srm $s3,0,$acc11
+ ldwx,s $acc9($tbl),$acc9
+ _srm $s3,24,$acc12
+ ldwx,s $acc10($tbl),$acc10
+ _srm $s2,16,$acc13
+ ldwx,s $acc11($tbl),$acc11
+ _srm $s1,8,$acc14
+ ldwx,s $acc12($tbl),$acc12
+ _srm $s0,0,$acc15
+ ldwx,s $acc13($tbl),$acc13
+ ldwx,s $acc14($tbl),$acc14
+ ldwx,s $acc15($tbl),$acc15
+ addib,= -1,$rounds,L\$dec_last
+ ldo 32($key),$key
+
+ _ror $acc1,8,$acc1
+ xor $acc0,$t0,$t0
+ ldw 0($key),$s0
+ _ror $acc2,16,$acc2
+ xor $acc1,$t0,$t0
+ ldw 4($key),$s1
+ _ror $acc3,24,$acc3
+ xor $acc2,$t0,$t0
+ ldw 8($key),$s2
+ _ror $acc5,8,$acc5
+ xor $acc3,$t0,$t0
+ ldw 12($key),$s3
+ _ror $acc6,16,$acc6
+ xor $acc4,$t1,$t1
+ _ror $acc7,24,$acc7
+ xor $acc5,$t1,$t1
+ _ror $acc9,8,$acc9
+ xor $acc6,$t1,$t1
+ _ror $acc10,16,$acc10
+ xor $acc7,$t1,$t1
+ _ror $acc11,24,$acc11
+ xor $acc8,$t2,$t2
+ _ror $acc13,8,$acc13
+ xor $acc9,$t2,$t2
+ _ror $acc14,16,$acc14
+ xor $acc10,$t2,$t2
+ _ror $acc15,24,$acc15
+ xor $acc11,$t2,$t2
+ xor $acc12,$acc14,$acc14
+ xor $acc13,$t3,$t3
+ _srm $t0,24,$acc0
+ xor $acc14,$t3,$t3
+ xor $acc15,$t3,$t3
+ _srm $t3,16,$acc1
+
+ _srm $t2,8,$acc2
+ ldwx,s $acc0($tbl),$acc0
+ _srm $t1,0,$acc3
+ ldwx,s $acc1($tbl),$acc1
+ _srm $t1,24,$acc4
+ ldwx,s $acc2($tbl),$acc2
+ _srm $t0,16,$acc5
+ ldwx,s $acc3($tbl),$acc3
+ _srm $t3,8,$acc6
+ ldwx,s $acc4($tbl),$acc4
+ _srm $t2,0,$acc7
+ ldwx,s $acc5($tbl),$acc5
+ _srm $t2,24,$acc8
+ ldwx,s $acc6($tbl),$acc6
+ _srm $t1,16,$acc9
+ ldwx,s $acc7($tbl),$acc7
+ _srm $t0,8,$acc10
+ ldwx,s $acc8($tbl),$acc8
+ _srm $t3,0,$acc11
+ ldwx,s $acc9($tbl),$acc9
+ _srm $t3,24,$acc12
+ ldwx,s $acc10($tbl),$acc10
+ _srm $t2,16,$acc13
+ ldwx,s $acc11($tbl),$acc11
+ _srm $t1,8,$acc14
+ ldwx,s $acc12($tbl),$acc12
+ _srm $t0,0,$acc15
+ ldwx,s $acc13($tbl),$acc13
+ _ror $acc1,8,$acc1
+ ldwx,s $acc14($tbl),$acc14
+
+ _ror $acc2,16,$acc2
+ xor $acc0,$s0,$s0
+ ldwx,s $acc15($tbl),$acc15
+ _ror $acc3,24,$acc3
+ xor $acc1,$s0,$s0
+ ldw 16($key),$t0
+ _ror $acc5,8,$acc5
+ xor $acc2,$s0,$s0
+ ldw 20($key),$t1
+ _ror $acc6,16,$acc6
+ xor $acc3,$s0,$s0
+ ldw 24($key),$t2
+ _ror $acc7,24,$acc7
+ xor $acc4,$s1,$s1
+ ldw 28($key),$t3
+ _ror $acc9,8,$acc9
+ xor $acc5,$s1,$s1
+ ldw 1024+0($tbl),%r0 ; prefetch td4
+ _ror $acc10,16,$acc10
+ xor $acc6,$s1,$s1
+ ldw 1024+32($tbl),%r0 ; prefetch td4
+ _ror $acc11,24,$acc11
+ xor $acc7,$s1,$s1
+ ldw 1024+64($tbl),%r0 ; prefetch td4
+ _ror $acc13,8,$acc13
+ xor $acc8,$s2,$s2
+ ldw 1024+96($tbl),%r0 ; prefetch td4
+ _ror $acc14,16,$acc14
+ xor $acc9,$s2,$s2
+ ldw 1024+128($tbl),%r0 ; prefetch td4
+ _ror $acc15,24,$acc15
+ xor $acc10,$s2,$s2
+ ldw 1024+160($tbl),%r0 ; prefetch td4
+ _srm $s0,24,$acc0
+ xor $acc11,$s2,$s2
+ ldw 1024+192($tbl),%r0 ; prefetch td4
+ xor $acc12,$acc14,$acc14
+ xor $acc13,$s3,$s3
+ ldw 1024+224($tbl),%r0 ; prefetch td4
+ xor $acc14,$s3,$s3
+ xor $acc15,$s3,$s3
+ b L\$dec_loop
+ _srm $s3,16,$acc1
+
+ .ALIGN 16
+L\$dec_last
+ ldo 1024($tbl),$rounds
+ _ror $acc1,8,$acc1
+ xor $acc0,$t0,$t0
+ ldw 0($key),$s0
+ _ror $acc2,16,$acc2
+ xor $acc1,$t0,$t0
+ ldw 4($key),$s1
+ _ror $acc3,24,$acc3
+ xor $acc2,$t0,$t0
+ ldw 8($key),$s2
+ _ror $acc5,8,$acc5
+ xor $acc3,$t0,$t0
+ ldw 12($key),$s3
+ _ror $acc6,16,$acc6
+ xor $acc4,$t1,$t1
+ _ror $acc7,24,$acc7
+ xor $acc5,$t1,$t1
+ _ror $acc9,8,$acc9
+ xor $acc6,$t1,$t1
+ _ror $acc10,16,$acc10
+ xor $acc7,$t1,$t1
+ _ror $acc11,24,$acc11
+ xor $acc8,$t2,$t2
+ _ror $acc13,8,$acc13
+ xor $acc9,$t2,$t2
+ _ror $acc14,16,$acc14
+ xor $acc10,$t2,$t2
+ _ror $acc15,24,$acc15
+ xor $acc11,$t2,$t2
+ xor $acc12,$acc14,$acc14
+ xor $acc13,$t3,$t3
+ _srm $t0,24,$acc0
+ xor $acc14,$t3,$t3
+ xor $acc15,$t3,$t3
+ _srm $t3,16,$acc1
+
+ _srm $t2,8,$acc2
+ ldbx $acc0($rounds),$acc0
+ _srm $t1,24,$acc4
+ ldbx $acc1($rounds),$acc1
+ _srm $t0,16,$acc5
+ _srm $t1,0,$acc3
+ ldbx $acc2($rounds),$acc2
+ ldbx $acc3($rounds),$acc3
+ _srm $t3,8,$acc6
+ ldbx $acc4($rounds),$acc4
+ _srm $t2,24,$acc8
+ ldbx $acc5($rounds),$acc5
+ _srm $t1,16,$acc9
+ _srm $t2,0,$acc7
+ ldbx $acc6($rounds),$acc6
+ ldbx $acc7($rounds),$acc7
+ _srm $t0,8,$acc10
+ ldbx $acc8($rounds),$acc8
+ _srm $t3,24,$acc12
+ ldbx $acc9($rounds),$acc9
+ _srm $t2,16,$acc13
+ _srm $t3,0,$acc11
+ ldbx $acc10($rounds),$acc10
+ _srm $t1,8,$acc14
+ ldbx $acc11($rounds),$acc11
+ ldbx $acc12($rounds),$acc12
+ ldbx $acc13($rounds),$acc13
+ _srm $t0,0,$acc15
+ ldbx $acc14($rounds),$acc14
+
+ dep $acc0,7,8,$acc3
+ ldbx $acc15($rounds),$acc15
+ dep $acc4,7,8,$acc7
+ dep $acc1,15,8,$acc3
+ dep $acc5,15,8,$acc7
+ dep $acc2,23,8,$acc3
+ dep $acc6,23,8,$acc7
+ xor $acc3,$s0,$s0
+ xor $acc7,$s1,$s1
+ dep $acc8,7,8,$acc11
+ dep $acc12,7,8,$acc15
+ dep $acc9,15,8,$acc11
+ dep $acc13,15,8,$acc15
+ dep $acc10,23,8,$acc11
+ dep $acc14,23,8,$acc15
+ xor $acc11,$s2,$s2
+
+ bv (%r31)
+ .EXIT
+ xor $acc15,$s3,$s3
+ .PROCEND
+
+ .ALIGN 64
+L\$AES_Td
+ .WORD 0x51f4a750, 0x7e416553, 0x1a17a4c3, 0x3a275e96
+ .WORD 0x3bab6bcb, 0x1f9d45f1, 0xacfa58ab, 0x4be30393
+ .WORD 0x2030fa55, 0xad766df6, 0x88cc7691, 0xf5024c25
+ .WORD 0x4fe5d7fc, 0xc52acbd7, 0x26354480, 0xb562a38f
+ .WORD 0xdeb15a49, 0x25ba1b67, 0x45ea0e98, 0x5dfec0e1
+ .WORD 0xc32f7502, 0x814cf012, 0x8d4697a3, 0x6bd3f9c6
+ .WORD 0x038f5fe7, 0x15929c95, 0xbf6d7aeb, 0x955259da
+ .WORD 0xd4be832d, 0x587421d3, 0x49e06929, 0x8ec9c844
+ .WORD 0x75c2896a, 0xf48e7978, 0x99583e6b, 0x27b971dd
+ .WORD 0xbee14fb6, 0xf088ad17, 0xc920ac66, 0x7dce3ab4
+ .WORD 0x63df4a18, 0xe51a3182, 0x97513360, 0x62537f45
+ .WORD 0xb16477e0, 0xbb6bae84, 0xfe81a01c, 0xf9082b94
+ .WORD 0x70486858, 0x8f45fd19, 0x94de6c87, 0x527bf8b7
+ .WORD 0xab73d323, 0x724b02e2, 0xe31f8f57, 0x6655ab2a
+ .WORD 0xb2eb2807, 0x2fb5c203, 0x86c57b9a, 0xd33708a5
+ .WORD 0x302887f2, 0x23bfa5b2, 0x02036aba, 0xed16825c
+ .WORD 0x8acf1c2b, 0xa779b492, 0xf307f2f0, 0x4e69e2a1
+ .WORD 0x65daf4cd, 0x0605bed5, 0xd134621f, 0xc4a6fe8a
+ .WORD 0x342e539d, 0xa2f355a0, 0x058ae132, 0xa4f6eb75
+ .WORD 0x0b83ec39, 0x4060efaa, 0x5e719f06, 0xbd6e1051
+ .WORD 0x3e218af9, 0x96dd063d, 0xdd3e05ae, 0x4de6bd46
+ .WORD 0x91548db5, 0x71c45d05, 0x0406d46f, 0x605015ff
+ .WORD 0x1998fb24, 0xd6bde997, 0x894043cc, 0x67d99e77
+ .WORD 0xb0e842bd, 0x07898b88, 0xe7195b38, 0x79c8eedb
+ .WORD 0xa17c0a47, 0x7c420fe9, 0xf8841ec9, 0x00000000
+ .WORD 0x09808683, 0x322bed48, 0x1e1170ac, 0x6c5a724e
+ .WORD 0xfd0efffb, 0x0f853856, 0x3daed51e, 0x362d3927
+ .WORD 0x0a0fd964, 0x685ca621, 0x9b5b54d1, 0x24362e3a
+ .WORD 0x0c0a67b1, 0x9357e70f, 0xb4ee96d2, 0x1b9b919e
+ .WORD 0x80c0c54f, 0x61dc20a2, 0x5a774b69, 0x1c121a16
+ .WORD 0xe293ba0a, 0xc0a02ae5, 0x3c22e043, 0x121b171d
+ .WORD 0x0e090d0b, 0xf28bc7ad, 0x2db6a8b9, 0x141ea9c8
+ .WORD 0x57f11985, 0xaf75074c, 0xee99ddbb, 0xa37f60fd
+ .WORD 0xf701269f, 0x5c72f5bc, 0x44663bc5, 0x5bfb7e34
+ .WORD 0x8b432976, 0xcb23c6dc, 0xb6edfc68, 0xb8e4f163
+ .WORD 0xd731dcca, 0x42638510, 0x13972240, 0x84c61120
+ .WORD 0x854a247d, 0xd2bb3df8, 0xaef93211, 0xc729a16d
+ .WORD 0x1d9e2f4b, 0xdcb230f3, 0x0d8652ec, 0x77c1e3d0
+ .WORD 0x2bb3166c, 0xa970b999, 0x119448fa, 0x47e96422
+ .WORD 0xa8fc8cc4, 0xa0f03f1a, 0x567d2cd8, 0x223390ef
+ .WORD 0x87494ec7, 0xd938d1c1, 0x8ccaa2fe, 0x98d40b36
+ .WORD 0xa6f581cf, 0xa57ade28, 0xdab78e26, 0x3fadbfa4
+ .WORD 0x2c3a9de4, 0x5078920d, 0x6a5fcc9b, 0x547e4662
+ .WORD 0xf68d13c2, 0x90d8b8e8, 0x2e39f75e, 0x82c3aff5
+ .WORD 0x9f5d80be, 0x69d0937c, 0x6fd52da9, 0xcf2512b3
+ .WORD 0xc8ac993b, 0x10187da7, 0xe89c636e, 0xdb3bbb7b
+ .WORD 0xcd267809, 0x6e5918f4, 0xec9ab701, 0x834f9aa8
+ .WORD 0xe6956e65, 0xaaffe67e, 0x21bccf08, 0xef15e8e6
+ .WORD 0xbae79bd9, 0x4a6f36ce, 0xea9f09d4, 0x29b07cd6
+ .WORD 0x31a4b2af, 0x2a3f2331, 0xc6a59430, 0x35a266c0
+ .WORD 0x744ebc37, 0xfc82caa6, 0xe090d0b0, 0x33a7d815
+ .WORD 0xf104984a, 0x41ecdaf7, 0x7fcd500e, 0x1791f62f
+ .WORD 0x764dd68d, 0x43efb04d, 0xccaa4d54, 0xe49604df
+ .WORD 0x9ed1b5e3, 0x4c6a881b, 0xc12c1fb8, 0x4665517f
+ .WORD 0x9d5eea04, 0x018c355d, 0xfa877473, 0xfb0b412e
+ .WORD 0xb3671d5a, 0x92dbd252, 0xe9105633, 0x6dd64713
+ .WORD 0x9ad7618c, 0x37a10c7a, 0x59f8148e, 0xeb133c89
+ .WORD 0xcea927ee, 0xb761c935, 0xe11ce5ed, 0x7a47b13c
+ .WORD 0x9cd2df59, 0x55f2733f, 0x1814ce79, 0x73c737bf
+ .WORD 0x53f7cdea, 0x5ffdaa5b, 0xdf3d6f14, 0x7844db86
+ .WORD 0xcaaff381, 0xb968c43e, 0x3824342c, 0xc2a3405f
+ .WORD 0x161dc372, 0xbce2250c, 0x283c498b, 0xff0d9541
+ .WORD 0x39a80171, 0x080cb3de, 0xd8b4e49c, 0x6456c190
+ .WORD 0x7bcb8461, 0xd532b670, 0x486c5c74, 0xd0b85742
+ .BYTE 0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38
+ .BYTE 0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb
+ .BYTE 0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87
+ .BYTE 0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb
+ .BYTE 0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d
+ .BYTE 0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e
+ .BYTE 0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2
+ .BYTE 0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25
+ .BYTE 0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16
+ .BYTE 0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92
+ .BYTE 0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda
+ .BYTE 0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84
+ .BYTE 0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a
+ .BYTE 0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06
+ .BYTE 0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02
+ .BYTE 0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b
+ .BYTE 0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea
+ .BYTE 0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73
+ .BYTE 0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85
+ .BYTE 0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e
+ .BYTE 0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89
+ .BYTE 0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b
+ .BYTE 0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20
+ .BYTE 0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4
+ .BYTE 0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31
+ .BYTE 0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f
+ .BYTE 0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d
+ .BYTE 0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef
+ .BYTE 0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0
+ .BYTE 0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61
+ .BYTE 0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26
+ .BYTE 0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d
+ .STRINGZ "AES for PA-RISC, CRYPTOGAMS by <appro\@openssl.org>"
+___
+
+foreach (split("\n",$code)) {
+ s/\`([^\`]*)\`/eval $1/ge;
+
+ # translate made up instructons: _ror, _srm
+ s/_ror(\s+)(%r[0-9]+),/shd$1$2,$2,/ or
+
+ s/_srm(\s+%r[0-9]+),([0-9]+),/
+ $SIZE_T==4 ? sprintf("extru%s,%d,8,",$1,31-$2)
+ : sprintf("extrd,u%s,%d,8,",$1,63-$2)/e;
+
+ s/,\*/,/ if ($SIZE_T==4);
+ s/\bbv\b(.*\(%r2\))/bve$1/ if ($SIZE_T==8);
+ print $_,"\n";
+}
+close STDOUT;
Copied: trunk/crypto/openssl/crypto/aes/asm/aes-ppc.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/aes/asm/aes-ppc.pl)
===================================================================
--- trunk/crypto/openssl/crypto/aes/asm/aes-ppc.pl (rev 0)
+++ trunk/crypto/openssl/crypto/aes/asm/aes-ppc.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,1365 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# Needs more work: key setup, CBC routine...
+#
+# ppc_AES_[en|de]crypt perform at 18 cycles per byte processed with
+# 128-bit key, which is ~40% better than 64-bit code generated by gcc
+# 4.0. But these are not the ones currently used! Their "compact"
+# counterparts are, for security reason. ppc_AES_encrypt_compact runs
+# at 1/2 of ppc_AES_encrypt speed, while ppc_AES_decrypt_compact -
+# at 1/3 of ppc_AES_decrypt.
+
+# February 2010
+#
+# Rescheduling instructions to favour Power6 pipeline gave 10%
+# performance improvement on the platfrom in question (and marginal
+# improvement even on others). It should be noted that Power6 fails
+# to process byte in 18 cycles, only in 23, because it fails to issue
+# 4 load instructions in two cycles, only in 3. As result non-compact
+# block subroutines are 25% slower than one would expect. Compact
+# functions scale better, because they have pure computational part,
+# which scales perfectly with clock frequency. To be specific
+# ppc_AES_encrypt_compact operates at 42 cycles per byte, while
+# ppc_AES_decrypt_compact - at 55 (in 64-bit build).
+
+$flavour = shift;
+
+if ($flavour =~ /64/) {
+ $SIZE_T =8;
+ $LRSAVE =2*$SIZE_T;
+ $STU ="stdu";
+ $POP ="ld";
+ $PUSH ="std";
+} elsif ($flavour =~ /32/) {
+ $SIZE_T =4;
+ $LRSAVE =$SIZE_T;
+ $STU ="stwu";
+ $POP ="lwz";
+ $PUSH ="stw";
+} else { die "nonsense $flavour"; }
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}ppc-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/ppc-xlate.pl" and -f $xlate) or
+die "can't locate ppc-xlate.pl";
+
+open STDOUT,"| $^X $xlate $flavour ".shift || die "can't call $xlate: $!";
+
+$FRAME=32*$SIZE_T;
+
+sub _data_word()
+{ my $i;
+ while(defined($i=shift)) { $code.=sprintf"\t.long\t0x%08x,0x%08x\n",$i,$i; }
+}
+
+$sp="r1";
+$toc="r2";
+$inp="r3";
+$out="r4";
+$key="r5";
+
+$Tbl0="r3";
+$Tbl1="r6";
+$Tbl2="r7";
+$Tbl3="r2";
+
+$s0="r8";
+$s1="r9";
+$s2="r10";
+$s3="r11";
+
+$t0="r12";
+$t1="r13";
+$t2="r14";
+$t3="r15";
+
+$acc00="r16";
+$acc01="r17";
+$acc02="r18";
+$acc03="r19";
+
+$acc04="r20";
+$acc05="r21";
+$acc06="r22";
+$acc07="r23";
+
+$acc08="r24";
+$acc09="r25";
+$acc10="r26";
+$acc11="r27";
+
+$acc12="r28";
+$acc13="r29";
+$acc14="r30";
+$acc15="r31";
+
+# stay away from TLS pointer
+if ($SIZE_T==8) { die if ($t1 ne "r13"); $t1="r0"; }
+else { die if ($Tbl3 ne "r2"); $Tbl3=$t0; $t0="r0"; }
+$mask80=$Tbl2;
+$mask1b=$Tbl3;
+
+$code.=<<___;
+.machine "any"
+.text
+
+.align 7
+LAES_Te:
+ mflr r0
+ bcl 20,31,\$+4
+ mflr $Tbl0 ; vvvvv "distance" between . and 1st data entry
+ addi $Tbl0,$Tbl0,`128-8`
+ mtlr r0
+ blr
+ .long 0
+ .byte 0,12,0x14,0,0,0,0,0
+ .space `64-9*4`
+LAES_Td:
+ mflr r0
+ bcl 20,31,\$+4
+ mflr $Tbl0 ; vvvvvvvv "distance" between . and 1st data entry
+ addi $Tbl0,$Tbl0,`128-64-8+2048+256`
+ mtlr r0
+ blr
+ .long 0
+ .byte 0,12,0x14,0,0,0,0,0
+ .space `128-64-9*4`
+___
+&_data_word(
+ 0xc66363a5, 0xf87c7c84, 0xee777799, 0xf67b7b8d,
+ 0xfff2f20d, 0xd66b6bbd, 0xde6f6fb1, 0x91c5c554,
+ 0x60303050, 0x02010103, 0xce6767a9, 0x562b2b7d,
+ 0xe7fefe19, 0xb5d7d762, 0x4dababe6, 0xec76769a,
+ 0x8fcaca45, 0x1f82829d, 0x89c9c940, 0xfa7d7d87,
+ 0xeffafa15, 0xb25959eb, 0x8e4747c9, 0xfbf0f00b,
+ 0x41adadec, 0xb3d4d467, 0x5fa2a2fd, 0x45afafea,
+ 0x239c9cbf, 0x53a4a4f7, 0xe4727296, 0x9bc0c05b,
+ 0x75b7b7c2, 0xe1fdfd1c, 0x3d9393ae, 0x4c26266a,
+ 0x6c36365a, 0x7e3f3f41, 0xf5f7f702, 0x83cccc4f,
+ 0x6834345c, 0x51a5a5f4, 0xd1e5e534, 0xf9f1f108,
+ 0xe2717193, 0xabd8d873, 0x62313153, 0x2a15153f,
+ 0x0804040c, 0x95c7c752, 0x46232365, 0x9dc3c35e,
+ 0x30181828, 0x379696a1, 0x0a05050f, 0x2f9a9ab5,
+ 0x0e070709, 0x24121236, 0x1b80809b, 0xdfe2e23d,
+ 0xcdebeb26, 0x4e272769, 0x7fb2b2cd, 0xea75759f,
+ 0x1209091b, 0x1d83839e, 0x582c2c74, 0x341a1a2e,
+ 0x361b1b2d, 0xdc6e6eb2, 0xb45a5aee, 0x5ba0a0fb,
+ 0xa45252f6, 0x763b3b4d, 0xb7d6d661, 0x7db3b3ce,
+ 0x5229297b, 0xdde3e33e, 0x5e2f2f71, 0x13848497,
+ 0xa65353f5, 0xb9d1d168, 0x00000000, 0xc1eded2c,
+ 0x40202060, 0xe3fcfc1f, 0x79b1b1c8, 0xb65b5bed,
+ 0xd46a6abe, 0x8dcbcb46, 0x67bebed9, 0x7239394b,
+ 0x944a4ade, 0x984c4cd4, 0xb05858e8, 0x85cfcf4a,
+ 0xbbd0d06b, 0xc5efef2a, 0x4faaaae5, 0xedfbfb16,
+ 0x864343c5, 0x9a4d4dd7, 0x66333355, 0x11858594,
+ 0x8a4545cf, 0xe9f9f910, 0x04020206, 0xfe7f7f81,
+ 0xa05050f0, 0x783c3c44, 0x259f9fba, 0x4ba8a8e3,
+ 0xa25151f3, 0x5da3a3fe, 0x804040c0, 0x058f8f8a,
+ 0x3f9292ad, 0x219d9dbc, 0x70383848, 0xf1f5f504,
+ 0x63bcbcdf, 0x77b6b6c1, 0xafdada75, 0x42212163,
+ 0x20101030, 0xe5ffff1a, 0xfdf3f30e, 0xbfd2d26d,
+ 0x81cdcd4c, 0x180c0c14, 0x26131335, 0xc3ecec2f,
+ 0xbe5f5fe1, 0x359797a2, 0x884444cc, 0x2e171739,
+ 0x93c4c457, 0x55a7a7f2, 0xfc7e7e82, 0x7a3d3d47,
+ 0xc86464ac, 0xba5d5de7, 0x3219192b, 0xe6737395,
+ 0xc06060a0, 0x19818198, 0x9e4f4fd1, 0xa3dcdc7f,
+ 0x44222266, 0x542a2a7e, 0x3b9090ab, 0x0b888883,
+ 0x8c4646ca, 0xc7eeee29, 0x6bb8b8d3, 0x2814143c,
+ 0xa7dede79, 0xbc5e5ee2, 0x160b0b1d, 0xaddbdb76,
+ 0xdbe0e03b, 0x64323256, 0x743a3a4e, 0x140a0a1e,
+ 0x924949db, 0x0c06060a, 0x4824246c, 0xb85c5ce4,
+ 0x9fc2c25d, 0xbdd3d36e, 0x43acacef, 0xc46262a6,
+ 0x399191a8, 0x319595a4, 0xd3e4e437, 0xf279798b,
+ 0xd5e7e732, 0x8bc8c843, 0x6e373759, 0xda6d6db7,
+ 0x018d8d8c, 0xb1d5d564, 0x9c4e4ed2, 0x49a9a9e0,
+ 0xd86c6cb4, 0xac5656fa, 0xf3f4f407, 0xcfeaea25,
+ 0xca6565af, 0xf47a7a8e, 0x47aeaee9, 0x10080818,
+ 0x6fbabad5, 0xf0787888, 0x4a25256f, 0x5c2e2e72,
+ 0x381c1c24, 0x57a6a6f1, 0x73b4b4c7, 0x97c6c651,
+ 0xcbe8e823, 0xa1dddd7c, 0xe874749c, 0x3e1f1f21,
+ 0x964b4bdd, 0x61bdbddc, 0x0d8b8b86, 0x0f8a8a85,
+ 0xe0707090, 0x7c3e3e42, 0x71b5b5c4, 0xcc6666aa,
+ 0x904848d8, 0x06030305, 0xf7f6f601, 0x1c0e0e12,
+ 0xc26161a3, 0x6a35355f, 0xae5757f9, 0x69b9b9d0,
+ 0x17868691, 0x99c1c158, 0x3a1d1d27, 0x279e9eb9,
+ 0xd9e1e138, 0xebf8f813, 0x2b9898b3, 0x22111133,
+ 0xd26969bb, 0xa9d9d970, 0x078e8e89, 0x339494a7,
+ 0x2d9b9bb6, 0x3c1e1e22, 0x15878792, 0xc9e9e920,
+ 0x87cece49, 0xaa5555ff, 0x50282878, 0xa5dfdf7a,
+ 0x038c8c8f, 0x59a1a1f8, 0x09898980, 0x1a0d0d17,
+ 0x65bfbfda, 0xd7e6e631, 0x844242c6, 0xd06868b8,
+ 0x824141c3, 0x299999b0, 0x5a2d2d77, 0x1e0f0f11,
+ 0x7bb0b0cb, 0xa85454fc, 0x6dbbbbd6, 0x2c16163a);
+$code.=<<___;
+.byte 0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5
+.byte 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76
+.byte 0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0
+.byte 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0
+.byte 0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc
+.byte 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15
+.byte 0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a
+.byte 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75
+.byte 0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0
+.byte 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84
+.byte 0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b
+.byte 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf
+.byte 0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85
+.byte 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8
+.byte 0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5
+.byte 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2
+.byte 0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17
+.byte 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73
+.byte 0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88
+.byte 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb
+.byte 0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c
+.byte 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79
+.byte 0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9
+.byte 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08
+.byte 0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6
+.byte 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a
+.byte 0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e
+.byte 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e
+.byte 0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94
+.byte 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf
+.byte 0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68
+.byte 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16
+___
+&_data_word(
+ 0x51f4a750, 0x7e416553, 0x1a17a4c3, 0x3a275e96,
+ 0x3bab6bcb, 0x1f9d45f1, 0xacfa58ab, 0x4be30393,
+ 0x2030fa55, 0xad766df6, 0x88cc7691, 0xf5024c25,
+ 0x4fe5d7fc, 0xc52acbd7, 0x26354480, 0xb562a38f,
+ 0xdeb15a49, 0x25ba1b67, 0x45ea0e98, 0x5dfec0e1,
+ 0xc32f7502, 0x814cf012, 0x8d4697a3, 0x6bd3f9c6,
+ 0x038f5fe7, 0x15929c95, 0xbf6d7aeb, 0x955259da,
+ 0xd4be832d, 0x587421d3, 0x49e06929, 0x8ec9c844,
+ 0x75c2896a, 0xf48e7978, 0x99583e6b, 0x27b971dd,
+ 0xbee14fb6, 0xf088ad17, 0xc920ac66, 0x7dce3ab4,
+ 0x63df4a18, 0xe51a3182, 0x97513360, 0x62537f45,
+ 0xb16477e0, 0xbb6bae84, 0xfe81a01c, 0xf9082b94,
+ 0x70486858, 0x8f45fd19, 0x94de6c87, 0x527bf8b7,
+ 0xab73d323, 0x724b02e2, 0xe31f8f57, 0x6655ab2a,
+ 0xb2eb2807, 0x2fb5c203, 0x86c57b9a, 0xd33708a5,
+ 0x302887f2, 0x23bfa5b2, 0x02036aba, 0xed16825c,
+ 0x8acf1c2b, 0xa779b492, 0xf307f2f0, 0x4e69e2a1,
+ 0x65daf4cd, 0x0605bed5, 0xd134621f, 0xc4a6fe8a,
+ 0x342e539d, 0xa2f355a0, 0x058ae132, 0xa4f6eb75,
+ 0x0b83ec39, 0x4060efaa, 0x5e719f06, 0xbd6e1051,
+ 0x3e218af9, 0x96dd063d, 0xdd3e05ae, 0x4de6bd46,
+ 0x91548db5, 0x71c45d05, 0x0406d46f, 0x605015ff,
+ 0x1998fb24, 0xd6bde997, 0x894043cc, 0x67d99e77,
+ 0xb0e842bd, 0x07898b88, 0xe7195b38, 0x79c8eedb,
+ 0xa17c0a47, 0x7c420fe9, 0xf8841ec9, 0x00000000,
+ 0x09808683, 0x322bed48, 0x1e1170ac, 0x6c5a724e,
+ 0xfd0efffb, 0x0f853856, 0x3daed51e, 0x362d3927,
+ 0x0a0fd964, 0x685ca621, 0x9b5b54d1, 0x24362e3a,
+ 0x0c0a67b1, 0x9357e70f, 0xb4ee96d2, 0x1b9b919e,
+ 0x80c0c54f, 0x61dc20a2, 0x5a774b69, 0x1c121a16,
+ 0xe293ba0a, 0xc0a02ae5, 0x3c22e043, 0x121b171d,
+ 0x0e090d0b, 0xf28bc7ad, 0x2db6a8b9, 0x141ea9c8,
+ 0x57f11985, 0xaf75074c, 0xee99ddbb, 0xa37f60fd,
+ 0xf701269f, 0x5c72f5bc, 0x44663bc5, 0x5bfb7e34,
+ 0x8b432976, 0xcb23c6dc, 0xb6edfc68, 0xb8e4f163,
+ 0xd731dcca, 0x42638510, 0x13972240, 0x84c61120,
+ 0x854a247d, 0xd2bb3df8, 0xaef93211, 0xc729a16d,
+ 0x1d9e2f4b, 0xdcb230f3, 0x0d8652ec, 0x77c1e3d0,
+ 0x2bb3166c, 0xa970b999, 0x119448fa, 0x47e96422,
+ 0xa8fc8cc4, 0xa0f03f1a, 0x567d2cd8, 0x223390ef,
+ 0x87494ec7, 0xd938d1c1, 0x8ccaa2fe, 0x98d40b36,
+ 0xa6f581cf, 0xa57ade28, 0xdab78e26, 0x3fadbfa4,
+ 0x2c3a9de4, 0x5078920d, 0x6a5fcc9b, 0x547e4662,
+ 0xf68d13c2, 0x90d8b8e8, 0x2e39f75e, 0x82c3aff5,
+ 0x9f5d80be, 0x69d0937c, 0x6fd52da9, 0xcf2512b3,
+ 0xc8ac993b, 0x10187da7, 0xe89c636e, 0xdb3bbb7b,
+ 0xcd267809, 0x6e5918f4, 0xec9ab701, 0x834f9aa8,
+ 0xe6956e65, 0xaaffe67e, 0x21bccf08, 0xef15e8e6,
+ 0xbae79bd9, 0x4a6f36ce, 0xea9f09d4, 0x29b07cd6,
+ 0x31a4b2af, 0x2a3f2331, 0xc6a59430, 0x35a266c0,
+ 0x744ebc37, 0xfc82caa6, 0xe090d0b0, 0x33a7d815,
+ 0xf104984a, 0x41ecdaf7, 0x7fcd500e, 0x1791f62f,
+ 0x764dd68d, 0x43efb04d, 0xccaa4d54, 0xe49604df,
+ 0x9ed1b5e3, 0x4c6a881b, 0xc12c1fb8, 0x4665517f,
+ 0x9d5eea04, 0x018c355d, 0xfa877473, 0xfb0b412e,
+ 0xb3671d5a, 0x92dbd252, 0xe9105633, 0x6dd64713,
+ 0x9ad7618c, 0x37a10c7a, 0x59f8148e, 0xeb133c89,
+ 0xcea927ee, 0xb761c935, 0xe11ce5ed, 0x7a47b13c,
+ 0x9cd2df59, 0x55f2733f, 0x1814ce79, 0x73c737bf,
+ 0x53f7cdea, 0x5ffdaa5b, 0xdf3d6f14, 0x7844db86,
+ 0xcaaff381, 0xb968c43e, 0x3824342c, 0xc2a3405f,
+ 0x161dc372, 0xbce2250c, 0x283c498b, 0xff0d9541,
+ 0x39a80171, 0x080cb3de, 0xd8b4e49c, 0x6456c190,
+ 0x7bcb8461, 0xd532b670, 0x486c5c74, 0xd0b85742);
+$code.=<<___;
+.byte 0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38
+.byte 0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb
+.byte 0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87
+.byte 0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb
+.byte 0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d
+.byte 0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e
+.byte 0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2
+.byte 0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25
+.byte 0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16
+.byte 0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92
+.byte 0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda
+.byte 0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84
+.byte 0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a
+.byte 0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06
+.byte 0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02
+.byte 0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b
+.byte 0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea
+.byte 0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73
+.byte 0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85
+.byte 0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e
+.byte 0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89
+.byte 0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b
+.byte 0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20
+.byte 0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4
+.byte 0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31
+.byte 0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f
+.byte 0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d
+.byte 0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef
+.byte 0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0
+.byte 0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61
+.byte 0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26
+.byte 0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d
+
+
+.globl .AES_encrypt
+.align 7
+.AES_encrypt:
+ $STU $sp,-$FRAME($sp)
+ mflr r0
+
+ $PUSH $toc,`$FRAME-$SIZE_T*20`($sp)
+ $PUSH r13,`$FRAME-$SIZE_T*19`($sp)
+ $PUSH r14,`$FRAME-$SIZE_T*18`($sp)
+ $PUSH r15,`$FRAME-$SIZE_T*17`($sp)
+ $PUSH r16,`$FRAME-$SIZE_T*16`($sp)
+ $PUSH r17,`$FRAME-$SIZE_T*15`($sp)
+ $PUSH r18,`$FRAME-$SIZE_T*14`($sp)
+ $PUSH r19,`$FRAME-$SIZE_T*13`($sp)
+ $PUSH r20,`$FRAME-$SIZE_T*12`($sp)
+ $PUSH r21,`$FRAME-$SIZE_T*11`($sp)
+ $PUSH r22,`$FRAME-$SIZE_T*10`($sp)
+ $PUSH r23,`$FRAME-$SIZE_T*9`($sp)
+ $PUSH r24,`$FRAME-$SIZE_T*8`($sp)
+ $PUSH r25,`$FRAME-$SIZE_T*7`($sp)
+ $PUSH r26,`$FRAME-$SIZE_T*6`($sp)
+ $PUSH r27,`$FRAME-$SIZE_T*5`($sp)
+ $PUSH r28,`$FRAME-$SIZE_T*4`($sp)
+ $PUSH r29,`$FRAME-$SIZE_T*3`($sp)
+ $PUSH r30,`$FRAME-$SIZE_T*2`($sp)
+ $PUSH r31,`$FRAME-$SIZE_T*1`($sp)
+ $PUSH r0,`$FRAME+$LRSAVE`($sp)
+
+ andi. $t0,$inp,3
+ andi. $t1,$out,3
+ or. $t0,$t0,$t1
+ bne Lenc_unaligned
+
+Lenc_unaligned_ok:
+ lwz $s0,0($inp)
+ lwz $s1,4($inp)
+ lwz $s2,8($inp)
+ lwz $s3,12($inp)
+ bl LAES_Te
+ bl Lppc_AES_encrypt_compact
+ stw $s0,0($out)
+ stw $s1,4($out)
+ stw $s2,8($out)
+ stw $s3,12($out)
+ b Lenc_done
+
+Lenc_unaligned:
+ subfic $t0,$inp,4096
+ subfic $t1,$out,4096
+ andi. $t0,$t0,4096-16
+ beq Lenc_xpage
+ andi. $t1,$t1,4096-16
+ bne Lenc_unaligned_ok
+
+Lenc_xpage:
+ lbz $acc00,0($inp)
+ lbz $acc01,1($inp)
+ lbz $acc02,2($inp)
+ lbz $s0,3($inp)
+ lbz $acc04,4($inp)
+ lbz $acc05,5($inp)
+ lbz $acc06,6($inp)
+ lbz $s1,7($inp)
+ lbz $acc08,8($inp)
+ lbz $acc09,9($inp)
+ lbz $acc10,10($inp)
+ insrwi $s0,$acc00,8,0
+ lbz $s2,11($inp)
+ insrwi $s1,$acc04,8,0
+ lbz $acc12,12($inp)
+ insrwi $s0,$acc01,8,8
+ lbz $acc13,13($inp)
+ insrwi $s1,$acc05,8,8
+ lbz $acc14,14($inp)
+ insrwi $s0,$acc02,8,16
+ lbz $s3,15($inp)
+ insrwi $s1,$acc06,8,16
+ insrwi $s2,$acc08,8,0
+ insrwi $s3,$acc12,8,0
+ insrwi $s2,$acc09,8,8
+ insrwi $s3,$acc13,8,8
+ insrwi $s2,$acc10,8,16
+ insrwi $s3,$acc14,8,16
+
+ bl LAES_Te
+ bl Lppc_AES_encrypt_compact
+
+ extrwi $acc00,$s0,8,0
+ extrwi $acc01,$s0,8,8
+ stb $acc00,0($out)
+ extrwi $acc02,$s0,8,16
+ stb $acc01,1($out)
+ stb $acc02,2($out)
+ extrwi $acc04,$s1,8,0
+ stb $s0,3($out)
+ extrwi $acc05,$s1,8,8
+ stb $acc04,4($out)
+ extrwi $acc06,$s1,8,16
+ stb $acc05,5($out)
+ stb $acc06,6($out)
+ extrwi $acc08,$s2,8,0
+ stb $s1,7($out)
+ extrwi $acc09,$s2,8,8
+ stb $acc08,8($out)
+ extrwi $acc10,$s2,8,16
+ stb $acc09,9($out)
+ stb $acc10,10($out)
+ extrwi $acc12,$s3,8,0
+ stb $s2,11($out)
+ extrwi $acc13,$s3,8,8
+ stb $acc12,12($out)
+ extrwi $acc14,$s3,8,16
+ stb $acc13,13($out)
+ stb $acc14,14($out)
+ stb $s3,15($out)
+
+Lenc_done:
+ $POP r0,`$FRAME+$LRSAVE`($sp)
+ $POP $toc,`$FRAME-$SIZE_T*20`($sp)
+ $POP r13,`$FRAME-$SIZE_T*19`($sp)
+ $POP r14,`$FRAME-$SIZE_T*18`($sp)
+ $POP r15,`$FRAME-$SIZE_T*17`($sp)
+ $POP r16,`$FRAME-$SIZE_T*16`($sp)
+ $POP r17,`$FRAME-$SIZE_T*15`($sp)
+ $POP r18,`$FRAME-$SIZE_T*14`($sp)
+ $POP r19,`$FRAME-$SIZE_T*13`($sp)
+ $POP r20,`$FRAME-$SIZE_T*12`($sp)
+ $POP r21,`$FRAME-$SIZE_T*11`($sp)
+ $POP r22,`$FRAME-$SIZE_T*10`($sp)
+ $POP r23,`$FRAME-$SIZE_T*9`($sp)
+ $POP r24,`$FRAME-$SIZE_T*8`($sp)
+ $POP r25,`$FRAME-$SIZE_T*7`($sp)
+ $POP r26,`$FRAME-$SIZE_T*6`($sp)
+ $POP r27,`$FRAME-$SIZE_T*5`($sp)
+ $POP r28,`$FRAME-$SIZE_T*4`($sp)
+ $POP r29,`$FRAME-$SIZE_T*3`($sp)
+ $POP r30,`$FRAME-$SIZE_T*2`($sp)
+ $POP r31,`$FRAME-$SIZE_T*1`($sp)
+ mtlr r0
+ addi $sp,$sp,$FRAME
+ blr
+ .long 0
+ .byte 0,12,4,1,0x80,18,3,0
+ .long 0
+
+.align 5
+Lppc_AES_encrypt:
+ lwz $acc00,240($key)
+ addi $Tbl1,$Tbl0,3
+ lwz $t0,0($key)
+ addi $Tbl2,$Tbl0,2
+ lwz $t1,4($key)
+ addi $Tbl3,$Tbl0,1
+ lwz $t2,8($key)
+ addi $acc00,$acc00,-1
+ lwz $t3,12($key)
+ addi $key,$key,16
+ xor $s0,$s0,$t0
+ xor $s1,$s1,$t1
+ xor $s2,$s2,$t2
+ xor $s3,$s3,$t3
+ mtctr $acc00
+.align 4
+Lenc_loop:
+ rlwinm $acc00,$s0,`32-24+3`,21,28
+ rlwinm $acc01,$s1,`32-24+3`,21,28
+ rlwinm $acc02,$s2,`32-24+3`,21,28
+ rlwinm $acc03,$s3,`32-24+3`,21,28
+ lwz $t0,0($key)
+ rlwinm $acc04,$s1,`32-16+3`,21,28
+ lwz $t1,4($key)
+ rlwinm $acc05,$s2,`32-16+3`,21,28
+ lwz $t2,8($key)
+ rlwinm $acc06,$s3,`32-16+3`,21,28
+ lwz $t3,12($key)
+ rlwinm $acc07,$s0,`32-16+3`,21,28
+ lwzx $acc00,$Tbl0,$acc00
+ rlwinm $acc08,$s2,`32-8+3`,21,28
+ lwzx $acc01,$Tbl0,$acc01
+ rlwinm $acc09,$s3,`32-8+3`,21,28
+ lwzx $acc02,$Tbl0,$acc02
+ rlwinm $acc10,$s0,`32-8+3`,21,28
+ lwzx $acc03,$Tbl0,$acc03
+ rlwinm $acc11,$s1,`32-8+3`,21,28
+ lwzx $acc04,$Tbl1,$acc04
+ rlwinm $acc12,$s3,`0+3`,21,28
+ lwzx $acc05,$Tbl1,$acc05
+ rlwinm $acc13,$s0,`0+3`,21,28
+ lwzx $acc06,$Tbl1,$acc06
+ rlwinm $acc14,$s1,`0+3`,21,28
+ lwzx $acc07,$Tbl1,$acc07
+ rlwinm $acc15,$s2,`0+3`,21,28
+ lwzx $acc08,$Tbl2,$acc08
+ xor $t0,$t0,$acc00
+ lwzx $acc09,$Tbl2,$acc09
+ xor $t1,$t1,$acc01
+ lwzx $acc10,$Tbl2,$acc10
+ xor $t2,$t2,$acc02
+ lwzx $acc11,$Tbl2,$acc11
+ xor $t3,$t3,$acc03
+ lwzx $acc12,$Tbl3,$acc12
+ xor $t0,$t0,$acc04
+ lwzx $acc13,$Tbl3,$acc13
+ xor $t1,$t1,$acc05
+ lwzx $acc14,$Tbl3,$acc14
+ xor $t2,$t2,$acc06
+ lwzx $acc15,$Tbl3,$acc15
+ xor $t3,$t3,$acc07
+ xor $t0,$t0,$acc08
+ xor $t1,$t1,$acc09
+ xor $t2,$t2,$acc10
+ xor $t3,$t3,$acc11
+ xor $s0,$t0,$acc12
+ xor $s1,$t1,$acc13
+ xor $s2,$t2,$acc14
+ xor $s3,$t3,$acc15
+ addi $key,$key,16
+ bdnz- Lenc_loop
+
+ addi $Tbl2,$Tbl0,2048
+ nop
+ lwz $t0,0($key)
+ rlwinm $acc00,$s0,`32-24`,24,31
+ lwz $t1,4($key)
+ rlwinm $acc01,$s1,`32-24`,24,31
+ lwz $t2,8($key)
+ rlwinm $acc02,$s2,`32-24`,24,31
+ lwz $t3,12($key)
+ rlwinm $acc03,$s3,`32-24`,24,31
+ lwz $acc08,`2048+0`($Tbl0) ! prefetch Te4
+ rlwinm $acc04,$s1,`32-16`,24,31
+ lwz $acc09,`2048+32`($Tbl0)
+ rlwinm $acc05,$s2,`32-16`,24,31
+ lwz $acc10,`2048+64`($Tbl0)
+ rlwinm $acc06,$s3,`32-16`,24,31
+ lwz $acc11,`2048+96`($Tbl0)
+ rlwinm $acc07,$s0,`32-16`,24,31
+ lwz $acc12,`2048+128`($Tbl0)
+ rlwinm $acc08,$s2,`32-8`,24,31
+ lwz $acc13,`2048+160`($Tbl0)
+ rlwinm $acc09,$s3,`32-8`,24,31
+ lwz $acc14,`2048+192`($Tbl0)
+ rlwinm $acc10,$s0,`32-8`,24,31
+ lwz $acc15,`2048+224`($Tbl0)
+ rlwinm $acc11,$s1,`32-8`,24,31
+ lbzx $acc00,$Tbl2,$acc00
+ rlwinm $acc12,$s3,`0`,24,31
+ lbzx $acc01,$Tbl2,$acc01
+ rlwinm $acc13,$s0,`0`,24,31
+ lbzx $acc02,$Tbl2,$acc02
+ rlwinm $acc14,$s1,`0`,24,31
+ lbzx $acc03,$Tbl2,$acc03
+ rlwinm $acc15,$s2,`0`,24,31
+ lbzx $acc04,$Tbl2,$acc04
+ rlwinm $s0,$acc00,24,0,7
+ lbzx $acc05,$Tbl2,$acc05
+ rlwinm $s1,$acc01,24,0,7
+ lbzx $acc06,$Tbl2,$acc06
+ rlwinm $s2,$acc02,24,0,7
+ lbzx $acc07,$Tbl2,$acc07
+ rlwinm $s3,$acc03,24,0,7
+ lbzx $acc08,$Tbl2,$acc08
+ rlwimi $s0,$acc04,16,8,15
+ lbzx $acc09,$Tbl2,$acc09
+ rlwimi $s1,$acc05,16,8,15
+ lbzx $acc10,$Tbl2,$acc10
+ rlwimi $s2,$acc06,16,8,15
+ lbzx $acc11,$Tbl2,$acc11
+ rlwimi $s3,$acc07,16,8,15
+ lbzx $acc12,$Tbl2,$acc12
+ rlwimi $s0,$acc08,8,16,23
+ lbzx $acc13,$Tbl2,$acc13
+ rlwimi $s1,$acc09,8,16,23
+ lbzx $acc14,$Tbl2,$acc14
+ rlwimi $s2,$acc10,8,16,23
+ lbzx $acc15,$Tbl2,$acc15
+ rlwimi $s3,$acc11,8,16,23
+ or $s0,$s0,$acc12
+ or $s1,$s1,$acc13
+ or $s2,$s2,$acc14
+ or $s3,$s3,$acc15
+ xor $s0,$s0,$t0
+ xor $s1,$s1,$t1
+ xor $s2,$s2,$t2
+ xor $s3,$s3,$t3
+ blr
+ .long 0
+ .byte 0,12,0x14,0,0,0,0,0
+
+.align 4
+Lppc_AES_encrypt_compact:
+ lwz $acc00,240($key)
+ addi $Tbl1,$Tbl0,2048
+ lwz $t0,0($key)
+ lis $mask80,0x8080
+ lwz $t1,4($key)
+ lis $mask1b,0x1b1b
+ lwz $t2,8($key)
+ ori $mask80,$mask80,0x8080
+ lwz $t3,12($key)
+ ori $mask1b,$mask1b,0x1b1b
+ addi $key,$key,16
+ mtctr $acc00
+.align 4
+Lenc_compact_loop:
+ xor $s0,$s0,$t0
+ xor $s1,$s1,$t1
+ rlwinm $acc00,$s0,`32-24`,24,31
+ xor $s2,$s2,$t2
+ rlwinm $acc01,$s1,`32-24`,24,31
+ xor $s3,$s3,$t3
+ rlwinm $acc02,$s2,`32-24`,24,31
+ rlwinm $acc03,$s3,`32-24`,24,31
+ rlwinm $acc04,$s1,`32-16`,24,31
+ rlwinm $acc05,$s2,`32-16`,24,31
+ rlwinm $acc06,$s3,`32-16`,24,31
+ rlwinm $acc07,$s0,`32-16`,24,31
+ lbzx $acc00,$Tbl1,$acc00
+ rlwinm $acc08,$s2,`32-8`,24,31
+ lbzx $acc01,$Tbl1,$acc01
+ rlwinm $acc09,$s3,`32-8`,24,31
+ lbzx $acc02,$Tbl1,$acc02
+ rlwinm $acc10,$s0,`32-8`,24,31
+ lbzx $acc03,$Tbl1,$acc03
+ rlwinm $acc11,$s1,`32-8`,24,31
+ lbzx $acc04,$Tbl1,$acc04
+ rlwinm $acc12,$s3,`0`,24,31
+ lbzx $acc05,$Tbl1,$acc05
+ rlwinm $acc13,$s0,`0`,24,31
+ lbzx $acc06,$Tbl1,$acc06
+ rlwinm $acc14,$s1,`0`,24,31
+ lbzx $acc07,$Tbl1,$acc07
+ rlwinm $acc15,$s2,`0`,24,31
+ lbzx $acc08,$Tbl1,$acc08
+ rlwinm $s0,$acc00,24,0,7
+ lbzx $acc09,$Tbl1,$acc09
+ rlwinm $s1,$acc01,24,0,7
+ lbzx $acc10,$Tbl1,$acc10
+ rlwinm $s2,$acc02,24,0,7
+ lbzx $acc11,$Tbl1,$acc11
+ rlwinm $s3,$acc03,24,0,7
+ lbzx $acc12,$Tbl1,$acc12
+ rlwimi $s0,$acc04,16,8,15
+ lbzx $acc13,$Tbl1,$acc13
+ rlwimi $s1,$acc05,16,8,15
+ lbzx $acc14,$Tbl1,$acc14
+ rlwimi $s2,$acc06,16,8,15
+ lbzx $acc15,$Tbl1,$acc15
+ rlwimi $s3,$acc07,16,8,15
+ rlwimi $s0,$acc08,8,16,23
+ rlwimi $s1,$acc09,8,16,23
+ rlwimi $s2,$acc10,8,16,23
+ rlwimi $s3,$acc11,8,16,23
+ lwz $t0,0($key)
+ or $s0,$s0,$acc12
+ lwz $t1,4($key)
+ or $s1,$s1,$acc13
+ lwz $t2,8($key)
+ or $s2,$s2,$acc14
+ lwz $t3,12($key)
+ or $s3,$s3,$acc15
+
+ addi $key,$key,16
+ bdz Lenc_compact_done
+
+ and $acc00,$s0,$mask80 # r1=r0&0x80808080
+ and $acc01,$s1,$mask80
+ and $acc02,$s2,$mask80
+ and $acc03,$s3,$mask80
+ srwi $acc04,$acc00,7 # r1>>7
+ andc $acc08,$s0,$mask80 # r0&0x7f7f7f7f
+ srwi $acc05,$acc01,7
+ andc $acc09,$s1,$mask80
+ srwi $acc06,$acc02,7
+ andc $acc10,$s2,$mask80
+ srwi $acc07,$acc03,7
+ andc $acc11,$s3,$mask80
+ sub $acc00,$acc00,$acc04 # r1-(r1>>7)
+ sub $acc01,$acc01,$acc05
+ sub $acc02,$acc02,$acc06
+ sub $acc03,$acc03,$acc07
+ add $acc08,$acc08,$acc08 # (r0&0x7f7f7f7f)<<1
+ add $acc09,$acc09,$acc09
+ add $acc10,$acc10,$acc10
+ add $acc11,$acc11,$acc11
+ and $acc00,$acc00,$mask1b # (r1-(r1>>7))&0x1b1b1b1b
+ and $acc01,$acc01,$mask1b
+ and $acc02,$acc02,$mask1b
+ and $acc03,$acc03,$mask1b
+ xor $acc00,$acc00,$acc08 # r2
+ xor $acc01,$acc01,$acc09
+ rotlwi $acc12,$s0,16 # ROTATE(r0,16)
+ xor $acc02,$acc02,$acc10
+ rotlwi $acc13,$s1,16
+ xor $acc03,$acc03,$acc11
+ rotlwi $acc14,$s2,16
+
+ xor $s0,$s0,$acc00 # r0^r2
+ rotlwi $acc15,$s3,16
+ xor $s1,$s1,$acc01
+ rotrwi $s0,$s0,24 # ROTATE(r2^r0,24)
+ xor $s2,$s2,$acc02
+ rotrwi $s1,$s1,24
+ xor $s3,$s3,$acc03
+ rotrwi $s2,$s2,24
+ xor $s0,$s0,$acc00 # ROTATE(r2^r0,24)^r2
+ rotrwi $s3,$s3,24
+ xor $s1,$s1,$acc01
+ xor $s2,$s2,$acc02
+ xor $s3,$s3,$acc03
+ rotlwi $acc08,$acc12,8 # ROTATE(r0,24)
+ xor $s0,$s0,$acc12 #
+ rotlwi $acc09,$acc13,8
+ xor $s1,$s1,$acc13
+ rotlwi $acc10,$acc14,8
+ xor $s2,$s2,$acc14
+ rotlwi $acc11,$acc15,8
+ xor $s3,$s3,$acc15
+ xor $s0,$s0,$acc08 #
+ xor $s1,$s1,$acc09
+ xor $s2,$s2,$acc10
+ xor $s3,$s3,$acc11
+
+ b Lenc_compact_loop
+.align 4
+Lenc_compact_done:
+ xor $s0,$s0,$t0
+ xor $s1,$s1,$t1
+ xor $s2,$s2,$t2
+ xor $s3,$s3,$t3
+ blr
+ .long 0
+ .byte 0,12,0x14,0,0,0,0,0
+
+.globl .AES_decrypt
+.align 7
+.AES_decrypt:
+ $STU $sp,-$FRAME($sp)
+ mflr r0
+
+ $PUSH $toc,`$FRAME-$SIZE_T*20`($sp)
+ $PUSH r13,`$FRAME-$SIZE_T*19`($sp)
+ $PUSH r14,`$FRAME-$SIZE_T*18`($sp)
+ $PUSH r15,`$FRAME-$SIZE_T*17`($sp)
+ $PUSH r16,`$FRAME-$SIZE_T*16`($sp)
+ $PUSH r17,`$FRAME-$SIZE_T*15`($sp)
+ $PUSH r18,`$FRAME-$SIZE_T*14`($sp)
+ $PUSH r19,`$FRAME-$SIZE_T*13`($sp)
+ $PUSH r20,`$FRAME-$SIZE_T*12`($sp)
+ $PUSH r21,`$FRAME-$SIZE_T*11`($sp)
+ $PUSH r22,`$FRAME-$SIZE_T*10`($sp)
+ $PUSH r23,`$FRAME-$SIZE_T*9`($sp)
+ $PUSH r24,`$FRAME-$SIZE_T*8`($sp)
+ $PUSH r25,`$FRAME-$SIZE_T*7`($sp)
+ $PUSH r26,`$FRAME-$SIZE_T*6`($sp)
+ $PUSH r27,`$FRAME-$SIZE_T*5`($sp)
+ $PUSH r28,`$FRAME-$SIZE_T*4`($sp)
+ $PUSH r29,`$FRAME-$SIZE_T*3`($sp)
+ $PUSH r30,`$FRAME-$SIZE_T*2`($sp)
+ $PUSH r31,`$FRAME-$SIZE_T*1`($sp)
+ $PUSH r0,`$FRAME+$LRSAVE`($sp)
+
+ andi. $t0,$inp,3
+ andi. $t1,$out,3
+ or. $t0,$t0,$t1
+ bne Ldec_unaligned
+
+Ldec_unaligned_ok:
+ lwz $s0,0($inp)
+ lwz $s1,4($inp)
+ lwz $s2,8($inp)
+ lwz $s3,12($inp)
+ bl LAES_Td
+ bl Lppc_AES_decrypt_compact
+ stw $s0,0($out)
+ stw $s1,4($out)
+ stw $s2,8($out)
+ stw $s3,12($out)
+ b Ldec_done
+
+Ldec_unaligned:
+ subfic $t0,$inp,4096
+ subfic $t1,$out,4096
+ andi. $t0,$t0,4096-16
+ beq Ldec_xpage
+ andi. $t1,$t1,4096-16
+ bne Ldec_unaligned_ok
+
+Ldec_xpage:
+ lbz $acc00,0($inp)
+ lbz $acc01,1($inp)
+ lbz $acc02,2($inp)
+ lbz $s0,3($inp)
+ lbz $acc04,4($inp)
+ lbz $acc05,5($inp)
+ lbz $acc06,6($inp)
+ lbz $s1,7($inp)
+ lbz $acc08,8($inp)
+ lbz $acc09,9($inp)
+ lbz $acc10,10($inp)
+ insrwi $s0,$acc00,8,0
+ lbz $s2,11($inp)
+ insrwi $s1,$acc04,8,0
+ lbz $acc12,12($inp)
+ insrwi $s0,$acc01,8,8
+ lbz $acc13,13($inp)
+ insrwi $s1,$acc05,8,8
+ lbz $acc14,14($inp)
+ insrwi $s0,$acc02,8,16
+ lbz $s3,15($inp)
+ insrwi $s1,$acc06,8,16
+ insrwi $s2,$acc08,8,0
+ insrwi $s3,$acc12,8,0
+ insrwi $s2,$acc09,8,8
+ insrwi $s3,$acc13,8,8
+ insrwi $s2,$acc10,8,16
+ insrwi $s3,$acc14,8,16
+
+ bl LAES_Td
+ bl Lppc_AES_decrypt_compact
+
+ extrwi $acc00,$s0,8,0
+ extrwi $acc01,$s0,8,8
+ stb $acc00,0($out)
+ extrwi $acc02,$s0,8,16
+ stb $acc01,1($out)
+ stb $acc02,2($out)
+ extrwi $acc04,$s1,8,0
+ stb $s0,3($out)
+ extrwi $acc05,$s1,8,8
+ stb $acc04,4($out)
+ extrwi $acc06,$s1,8,16
+ stb $acc05,5($out)
+ stb $acc06,6($out)
+ extrwi $acc08,$s2,8,0
+ stb $s1,7($out)
+ extrwi $acc09,$s2,8,8
+ stb $acc08,8($out)
+ extrwi $acc10,$s2,8,16
+ stb $acc09,9($out)
+ stb $acc10,10($out)
+ extrwi $acc12,$s3,8,0
+ stb $s2,11($out)
+ extrwi $acc13,$s3,8,8
+ stb $acc12,12($out)
+ extrwi $acc14,$s3,8,16
+ stb $acc13,13($out)
+ stb $acc14,14($out)
+ stb $s3,15($out)
+
+Ldec_done:
+ $POP r0,`$FRAME+$LRSAVE`($sp)
+ $POP $toc,`$FRAME-$SIZE_T*20`($sp)
+ $POP r13,`$FRAME-$SIZE_T*19`($sp)
+ $POP r14,`$FRAME-$SIZE_T*18`($sp)
+ $POP r15,`$FRAME-$SIZE_T*17`($sp)
+ $POP r16,`$FRAME-$SIZE_T*16`($sp)
+ $POP r17,`$FRAME-$SIZE_T*15`($sp)
+ $POP r18,`$FRAME-$SIZE_T*14`($sp)
+ $POP r19,`$FRAME-$SIZE_T*13`($sp)
+ $POP r20,`$FRAME-$SIZE_T*12`($sp)
+ $POP r21,`$FRAME-$SIZE_T*11`($sp)
+ $POP r22,`$FRAME-$SIZE_T*10`($sp)
+ $POP r23,`$FRAME-$SIZE_T*9`($sp)
+ $POP r24,`$FRAME-$SIZE_T*8`($sp)
+ $POP r25,`$FRAME-$SIZE_T*7`($sp)
+ $POP r26,`$FRAME-$SIZE_T*6`($sp)
+ $POP r27,`$FRAME-$SIZE_T*5`($sp)
+ $POP r28,`$FRAME-$SIZE_T*4`($sp)
+ $POP r29,`$FRAME-$SIZE_T*3`($sp)
+ $POP r30,`$FRAME-$SIZE_T*2`($sp)
+ $POP r31,`$FRAME-$SIZE_T*1`($sp)
+ mtlr r0
+ addi $sp,$sp,$FRAME
+ blr
+ .long 0
+ .byte 0,12,4,1,0x80,18,3,0
+ .long 0
+
+.align 5
+Lppc_AES_decrypt:
+ lwz $acc00,240($key)
+ addi $Tbl1,$Tbl0,3
+ lwz $t0,0($key)
+ addi $Tbl2,$Tbl0,2
+ lwz $t1,4($key)
+ addi $Tbl3,$Tbl0,1
+ lwz $t2,8($key)
+ addi $acc00,$acc00,-1
+ lwz $t3,12($key)
+ addi $key,$key,16
+ xor $s0,$s0,$t0
+ xor $s1,$s1,$t1
+ xor $s2,$s2,$t2
+ xor $s3,$s3,$t3
+ mtctr $acc00
+.align 4
+Ldec_loop:
+ rlwinm $acc00,$s0,`32-24+3`,21,28
+ rlwinm $acc01,$s1,`32-24+3`,21,28
+ rlwinm $acc02,$s2,`32-24+3`,21,28
+ rlwinm $acc03,$s3,`32-24+3`,21,28
+ lwz $t0,0($key)
+ rlwinm $acc04,$s3,`32-16+3`,21,28
+ lwz $t1,4($key)
+ rlwinm $acc05,$s0,`32-16+3`,21,28
+ lwz $t2,8($key)
+ rlwinm $acc06,$s1,`32-16+3`,21,28
+ lwz $t3,12($key)
+ rlwinm $acc07,$s2,`32-16+3`,21,28
+ lwzx $acc00,$Tbl0,$acc00
+ rlwinm $acc08,$s2,`32-8+3`,21,28
+ lwzx $acc01,$Tbl0,$acc01
+ rlwinm $acc09,$s3,`32-8+3`,21,28
+ lwzx $acc02,$Tbl0,$acc02
+ rlwinm $acc10,$s0,`32-8+3`,21,28
+ lwzx $acc03,$Tbl0,$acc03
+ rlwinm $acc11,$s1,`32-8+3`,21,28
+ lwzx $acc04,$Tbl1,$acc04
+ rlwinm $acc12,$s1,`0+3`,21,28
+ lwzx $acc05,$Tbl1,$acc05
+ rlwinm $acc13,$s2,`0+3`,21,28
+ lwzx $acc06,$Tbl1,$acc06
+ rlwinm $acc14,$s3,`0+3`,21,28
+ lwzx $acc07,$Tbl1,$acc07
+ rlwinm $acc15,$s0,`0+3`,21,28
+ lwzx $acc08,$Tbl2,$acc08
+ xor $t0,$t0,$acc00
+ lwzx $acc09,$Tbl2,$acc09
+ xor $t1,$t1,$acc01
+ lwzx $acc10,$Tbl2,$acc10
+ xor $t2,$t2,$acc02
+ lwzx $acc11,$Tbl2,$acc11
+ xor $t3,$t3,$acc03
+ lwzx $acc12,$Tbl3,$acc12
+ xor $t0,$t0,$acc04
+ lwzx $acc13,$Tbl3,$acc13
+ xor $t1,$t1,$acc05
+ lwzx $acc14,$Tbl3,$acc14
+ xor $t2,$t2,$acc06
+ lwzx $acc15,$Tbl3,$acc15
+ xor $t3,$t3,$acc07
+ xor $t0,$t0,$acc08
+ xor $t1,$t1,$acc09
+ xor $t2,$t2,$acc10
+ xor $t3,$t3,$acc11
+ xor $s0,$t0,$acc12
+ xor $s1,$t1,$acc13
+ xor $s2,$t2,$acc14
+ xor $s3,$t3,$acc15
+ addi $key,$key,16
+ bdnz- Ldec_loop
+
+ addi $Tbl2,$Tbl0,2048
+ nop
+ lwz $t0,0($key)
+ rlwinm $acc00,$s0,`32-24`,24,31
+ lwz $t1,4($key)
+ rlwinm $acc01,$s1,`32-24`,24,31
+ lwz $t2,8($key)
+ rlwinm $acc02,$s2,`32-24`,24,31
+ lwz $t3,12($key)
+ rlwinm $acc03,$s3,`32-24`,24,31
+ lwz $acc08,`2048+0`($Tbl0) ! prefetch Td4
+ rlwinm $acc04,$s3,`32-16`,24,31
+ lwz $acc09,`2048+32`($Tbl0)
+ rlwinm $acc05,$s0,`32-16`,24,31
+ lwz $acc10,`2048+64`($Tbl0)
+ lbzx $acc00,$Tbl2,$acc00
+ lwz $acc11,`2048+96`($Tbl0)
+ lbzx $acc01,$Tbl2,$acc01
+ lwz $acc12,`2048+128`($Tbl0)
+ rlwinm $acc06,$s1,`32-16`,24,31
+ lwz $acc13,`2048+160`($Tbl0)
+ rlwinm $acc07,$s2,`32-16`,24,31
+ lwz $acc14,`2048+192`($Tbl0)
+ rlwinm $acc08,$s2,`32-8`,24,31
+ lwz $acc15,`2048+224`($Tbl0)
+ rlwinm $acc09,$s3,`32-8`,24,31
+ lbzx $acc02,$Tbl2,$acc02
+ rlwinm $acc10,$s0,`32-8`,24,31
+ lbzx $acc03,$Tbl2,$acc03
+ rlwinm $acc11,$s1,`32-8`,24,31
+ lbzx $acc04,$Tbl2,$acc04
+ rlwinm $acc12,$s1,`0`,24,31
+ lbzx $acc05,$Tbl2,$acc05
+ rlwinm $acc13,$s2,`0`,24,31
+ lbzx $acc06,$Tbl2,$acc06
+ rlwinm $acc14,$s3,`0`,24,31
+ lbzx $acc07,$Tbl2,$acc07
+ rlwinm $acc15,$s0,`0`,24,31
+ lbzx $acc08,$Tbl2,$acc08
+ rlwinm $s0,$acc00,24,0,7
+ lbzx $acc09,$Tbl2,$acc09
+ rlwinm $s1,$acc01,24,0,7
+ lbzx $acc10,$Tbl2,$acc10
+ rlwinm $s2,$acc02,24,0,7
+ lbzx $acc11,$Tbl2,$acc11
+ rlwinm $s3,$acc03,24,0,7
+ lbzx $acc12,$Tbl2,$acc12
+ rlwimi $s0,$acc04,16,8,15
+ lbzx $acc13,$Tbl2,$acc13
+ rlwimi $s1,$acc05,16,8,15
+ lbzx $acc14,$Tbl2,$acc14
+ rlwimi $s2,$acc06,16,8,15
+ lbzx $acc15,$Tbl2,$acc15
+ rlwimi $s3,$acc07,16,8,15
+ rlwimi $s0,$acc08,8,16,23
+ rlwimi $s1,$acc09,8,16,23
+ rlwimi $s2,$acc10,8,16,23
+ rlwimi $s3,$acc11,8,16,23
+ or $s0,$s0,$acc12
+ or $s1,$s1,$acc13
+ or $s2,$s2,$acc14
+ or $s3,$s3,$acc15
+ xor $s0,$s0,$t0
+ xor $s1,$s1,$t1
+ xor $s2,$s2,$t2
+ xor $s3,$s3,$t3
+ blr
+ .long 0
+ .byte 0,12,0x14,0,0,0,0,0
+
+.align 4
+Lppc_AES_decrypt_compact:
+ lwz $acc00,240($key)
+ addi $Tbl1,$Tbl0,2048
+ lwz $t0,0($key)
+ lis $mask80,0x8080
+ lwz $t1,4($key)
+ lis $mask1b,0x1b1b
+ lwz $t2,8($key)
+ ori $mask80,$mask80,0x8080
+ lwz $t3,12($key)
+ ori $mask1b,$mask1b,0x1b1b
+ addi $key,$key,16
+___
+$code.=<<___ if ($SIZE_T==8);
+ insrdi $mask80,$mask80,32,0
+ insrdi $mask1b,$mask1b,32,0
+___
+$code.=<<___;
+ mtctr $acc00
+.align 4
+Ldec_compact_loop:
+ xor $s0,$s0,$t0
+ xor $s1,$s1,$t1
+ rlwinm $acc00,$s0,`32-24`,24,31
+ xor $s2,$s2,$t2
+ rlwinm $acc01,$s1,`32-24`,24,31
+ xor $s3,$s3,$t3
+ rlwinm $acc02,$s2,`32-24`,24,31
+ rlwinm $acc03,$s3,`32-24`,24,31
+ rlwinm $acc04,$s3,`32-16`,24,31
+ rlwinm $acc05,$s0,`32-16`,24,31
+ rlwinm $acc06,$s1,`32-16`,24,31
+ rlwinm $acc07,$s2,`32-16`,24,31
+ lbzx $acc00,$Tbl1,$acc00
+ rlwinm $acc08,$s2,`32-8`,24,31
+ lbzx $acc01,$Tbl1,$acc01
+ rlwinm $acc09,$s3,`32-8`,24,31
+ lbzx $acc02,$Tbl1,$acc02
+ rlwinm $acc10,$s0,`32-8`,24,31
+ lbzx $acc03,$Tbl1,$acc03
+ rlwinm $acc11,$s1,`32-8`,24,31
+ lbzx $acc04,$Tbl1,$acc04
+ rlwinm $acc12,$s1,`0`,24,31
+ lbzx $acc05,$Tbl1,$acc05
+ rlwinm $acc13,$s2,`0`,24,31
+ lbzx $acc06,$Tbl1,$acc06
+ rlwinm $acc14,$s3,`0`,24,31
+ lbzx $acc07,$Tbl1,$acc07
+ rlwinm $acc15,$s0,`0`,24,31
+ lbzx $acc08,$Tbl1,$acc08
+ rlwinm $s0,$acc00,24,0,7
+ lbzx $acc09,$Tbl1,$acc09
+ rlwinm $s1,$acc01,24,0,7
+ lbzx $acc10,$Tbl1,$acc10
+ rlwinm $s2,$acc02,24,0,7
+ lbzx $acc11,$Tbl1,$acc11
+ rlwinm $s3,$acc03,24,0,7
+ lbzx $acc12,$Tbl1,$acc12
+ rlwimi $s0,$acc04,16,8,15
+ lbzx $acc13,$Tbl1,$acc13
+ rlwimi $s1,$acc05,16,8,15
+ lbzx $acc14,$Tbl1,$acc14
+ rlwimi $s2,$acc06,16,8,15
+ lbzx $acc15,$Tbl1,$acc15
+ rlwimi $s3,$acc07,16,8,15
+ rlwimi $s0,$acc08,8,16,23
+ rlwimi $s1,$acc09,8,16,23
+ rlwimi $s2,$acc10,8,16,23
+ rlwimi $s3,$acc11,8,16,23
+ lwz $t0,0($key)
+ or $s0,$s0,$acc12
+ lwz $t1,4($key)
+ or $s1,$s1,$acc13
+ lwz $t2,8($key)
+ or $s2,$s2,$acc14
+ lwz $t3,12($key)
+ or $s3,$s3,$acc15
+
+ addi $key,$key,16
+ bdz Ldec_compact_done
+___
+$code.=<<___ if ($SIZE_T==8);
+ # vectorized permutation improves decrypt performance by 10%
+ insrdi $s0,$s1,32,0
+ insrdi $s2,$s3,32,0
+
+ and $acc00,$s0,$mask80 # r1=r0&0x80808080
+ and $acc02,$s2,$mask80
+ srdi $acc04,$acc00,7 # r1>>7
+ srdi $acc06,$acc02,7
+ andc $acc08,$s0,$mask80 # r0&0x7f7f7f7f
+ andc $acc10,$s2,$mask80
+ sub $acc00,$acc00,$acc04 # r1-(r1>>7)
+ sub $acc02,$acc02,$acc06
+ add $acc08,$acc08,$acc08 # (r0&0x7f7f7f7f)<<1
+ add $acc10,$acc10,$acc10
+ and $acc00,$acc00,$mask1b # (r1-(r1>>7))&0x1b1b1b1b
+ and $acc02,$acc02,$mask1b
+ xor $acc00,$acc00,$acc08 # r2
+ xor $acc02,$acc02,$acc10
+
+ and $acc04,$acc00,$mask80 # r1=r2&0x80808080
+ and $acc06,$acc02,$mask80
+ srdi $acc08,$acc04,7 # r1>>7
+ srdi $acc10,$acc06,7
+ andc $acc12,$acc00,$mask80 # r2&0x7f7f7f7f
+ andc $acc14,$acc02,$mask80
+ sub $acc04,$acc04,$acc08 # r1-(r1>>7)
+ sub $acc06,$acc06,$acc10
+ add $acc12,$acc12,$acc12 # (r2&0x7f7f7f7f)<<1
+ add $acc14,$acc14,$acc14
+ and $acc04,$acc04,$mask1b # (r1-(r1>>7))&0x1b1b1b1b
+ and $acc06,$acc06,$mask1b
+ xor $acc04,$acc04,$acc12 # r4
+ xor $acc06,$acc06,$acc14
+
+ and $acc08,$acc04,$mask80 # r1=r4&0x80808080
+ and $acc10,$acc06,$mask80
+ srdi $acc12,$acc08,7 # r1>>7
+ srdi $acc14,$acc10,7
+ sub $acc08,$acc08,$acc12 # r1-(r1>>7)
+ sub $acc10,$acc10,$acc14
+ andc $acc12,$acc04,$mask80 # r4&0x7f7f7f7f
+ andc $acc14,$acc06,$mask80
+ add $acc12,$acc12,$acc12 # (r4&0x7f7f7f7f)<<1
+ add $acc14,$acc14,$acc14
+ and $acc08,$acc08,$mask1b # (r1-(r1>>7))&0x1b1b1b1b
+ and $acc10,$acc10,$mask1b
+ xor $acc08,$acc08,$acc12 # r8
+ xor $acc10,$acc10,$acc14
+
+ xor $acc00,$acc00,$s0 # r2^r0
+ xor $acc02,$acc02,$s2
+ xor $acc04,$acc04,$s0 # r4^r0
+ xor $acc06,$acc06,$s2
+
+ extrdi $acc01,$acc00,32,0
+ extrdi $acc03,$acc02,32,0
+ extrdi $acc05,$acc04,32,0
+ extrdi $acc07,$acc06,32,0
+ extrdi $acc09,$acc08,32,0
+ extrdi $acc11,$acc10,32,0
+___
+$code.=<<___ if ($SIZE_T==4);
+ and $acc00,$s0,$mask80 # r1=r0&0x80808080
+ and $acc01,$s1,$mask80
+ and $acc02,$s2,$mask80
+ and $acc03,$s3,$mask80
+ srwi $acc04,$acc00,7 # r1>>7
+ andc $acc08,$s0,$mask80 # r0&0x7f7f7f7f
+ srwi $acc05,$acc01,7
+ andc $acc09,$s1,$mask80
+ srwi $acc06,$acc02,7
+ andc $acc10,$s2,$mask80
+ srwi $acc07,$acc03,7
+ andc $acc11,$s3,$mask80
+ sub $acc00,$acc00,$acc04 # r1-(r1>>7)
+ sub $acc01,$acc01,$acc05
+ sub $acc02,$acc02,$acc06
+ sub $acc03,$acc03,$acc07
+ add $acc08,$acc08,$acc08 # (r0&0x7f7f7f7f)<<1
+ add $acc09,$acc09,$acc09
+ add $acc10,$acc10,$acc10
+ add $acc11,$acc11,$acc11
+ and $acc00,$acc00,$mask1b # (r1-(r1>>7))&0x1b1b1b1b
+ and $acc01,$acc01,$mask1b
+ and $acc02,$acc02,$mask1b
+ and $acc03,$acc03,$mask1b
+ xor $acc00,$acc00,$acc08 # r2
+ xor $acc01,$acc01,$acc09
+ xor $acc02,$acc02,$acc10
+ xor $acc03,$acc03,$acc11
+
+ and $acc04,$acc00,$mask80 # r1=r2&0x80808080
+ and $acc05,$acc01,$mask80
+ and $acc06,$acc02,$mask80
+ and $acc07,$acc03,$mask80
+ srwi $acc08,$acc04,7 # r1>>7
+ andc $acc12,$acc00,$mask80 # r2&0x7f7f7f7f
+ srwi $acc09,$acc05,7
+ andc $acc13,$acc01,$mask80
+ srwi $acc10,$acc06,7
+ andc $acc14,$acc02,$mask80
+ srwi $acc11,$acc07,7
+ andc $acc15,$acc03,$mask80
+ sub $acc04,$acc04,$acc08 # r1-(r1>>7)
+ sub $acc05,$acc05,$acc09
+ sub $acc06,$acc06,$acc10
+ sub $acc07,$acc07,$acc11
+ add $acc12,$acc12,$acc12 # (r2&0x7f7f7f7f)<<1
+ add $acc13,$acc13,$acc13
+ add $acc14,$acc14,$acc14
+ add $acc15,$acc15,$acc15
+ and $acc04,$acc04,$mask1b # (r1-(r1>>7))&0x1b1b1b1b
+ and $acc05,$acc05,$mask1b
+ and $acc06,$acc06,$mask1b
+ and $acc07,$acc07,$mask1b
+ xor $acc04,$acc04,$acc12 # r4
+ xor $acc05,$acc05,$acc13
+ xor $acc06,$acc06,$acc14
+ xor $acc07,$acc07,$acc15
+
+ and $acc08,$acc04,$mask80 # r1=r4&0x80808080
+ and $acc09,$acc05,$mask80
+ srwi $acc12,$acc08,7 # r1>>7
+ and $acc10,$acc06,$mask80
+ srwi $acc13,$acc09,7
+ and $acc11,$acc07,$mask80
+ srwi $acc14,$acc10,7
+ sub $acc08,$acc08,$acc12 # r1-(r1>>7)
+ srwi $acc15,$acc11,7
+ sub $acc09,$acc09,$acc13
+ sub $acc10,$acc10,$acc14
+ sub $acc11,$acc11,$acc15
+ andc $acc12,$acc04,$mask80 # r4&0x7f7f7f7f
+ andc $acc13,$acc05,$mask80
+ andc $acc14,$acc06,$mask80
+ andc $acc15,$acc07,$mask80
+ add $acc12,$acc12,$acc12 # (r4&0x7f7f7f7f)<<1
+ add $acc13,$acc13,$acc13
+ add $acc14,$acc14,$acc14
+ add $acc15,$acc15,$acc15
+ and $acc08,$acc08,$mask1b # (r1-(r1>>7))&0x1b1b1b1b
+ and $acc09,$acc09,$mask1b
+ and $acc10,$acc10,$mask1b
+ and $acc11,$acc11,$mask1b
+ xor $acc08,$acc08,$acc12 # r8
+ xor $acc09,$acc09,$acc13
+ xor $acc10,$acc10,$acc14
+ xor $acc11,$acc11,$acc15
+
+ xor $acc00,$acc00,$s0 # r2^r0
+ xor $acc01,$acc01,$s1
+ xor $acc02,$acc02,$s2
+ xor $acc03,$acc03,$s3
+ xor $acc04,$acc04,$s0 # r4^r0
+ xor $acc05,$acc05,$s1
+ xor $acc06,$acc06,$s2
+ xor $acc07,$acc07,$s3
+___
+$code.=<<___;
+ rotrwi $s0,$s0,8 # = ROTATE(r0,8)
+ rotrwi $s1,$s1,8
+ xor $s0,$s0,$acc00 # ^= r2^r0
+ rotrwi $s2,$s2,8
+ xor $s1,$s1,$acc01
+ rotrwi $s3,$s3,8
+ xor $s2,$s2,$acc02
+ xor $s3,$s3,$acc03
+ xor $acc00,$acc00,$acc08
+ xor $acc01,$acc01,$acc09
+ xor $acc02,$acc02,$acc10
+ xor $acc03,$acc03,$acc11
+ xor $s0,$s0,$acc04 # ^= r4^r0
+ rotrwi $acc00,$acc00,24
+ xor $s1,$s1,$acc05
+ rotrwi $acc01,$acc01,24
+ xor $s2,$s2,$acc06
+ rotrwi $acc02,$acc02,24
+ xor $s3,$s3,$acc07
+ rotrwi $acc03,$acc03,24
+ xor $acc04,$acc04,$acc08
+ xor $acc05,$acc05,$acc09
+ xor $acc06,$acc06,$acc10
+ xor $acc07,$acc07,$acc11
+ xor $s0,$s0,$acc08 # ^= r8 [^((r4^r0)^(r2^r0)=r4^r2)]
+ rotrwi $acc04,$acc04,16
+ xor $s1,$s1,$acc09
+ rotrwi $acc05,$acc05,16
+ xor $s2,$s2,$acc10
+ rotrwi $acc06,$acc06,16
+ xor $s3,$s3,$acc11
+ rotrwi $acc07,$acc07,16
+ xor $s0,$s0,$acc00 # ^= ROTATE(r8^r2^r0,24)
+ rotrwi $acc08,$acc08,8
+ xor $s1,$s1,$acc01
+ rotrwi $acc09,$acc09,8
+ xor $s2,$s2,$acc02
+ rotrwi $acc10,$acc10,8
+ xor $s3,$s3,$acc03
+ rotrwi $acc11,$acc11,8
+ xor $s0,$s0,$acc04 # ^= ROTATE(r8^r4^r0,16)
+ xor $s1,$s1,$acc05
+ xor $s2,$s2,$acc06
+ xor $s3,$s3,$acc07
+ xor $s0,$s0,$acc08 # ^= ROTATE(r8,8)
+ xor $s1,$s1,$acc09
+ xor $s2,$s2,$acc10
+ xor $s3,$s3,$acc11
+
+ b Ldec_compact_loop
+.align 4
+Ldec_compact_done:
+ xor $s0,$s0,$t0
+ xor $s1,$s1,$t1
+ xor $s2,$s2,$t2
+ xor $s3,$s3,$t3
+ blr
+ .long 0
+ .byte 0,12,0x14,0,0,0,0,0
+
+.asciz "AES for PPC, CRYPTOGAMS by <appro\@openssl.org>"
+.align 7
+___
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+print $code;
+close STDOUT;
Copied: trunk/crypto/openssl/crypto/aes/asm/aes-s390x.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/aes/asm/aes-s390x.pl)
===================================================================
--- trunk/crypto/openssl/crypto/aes/asm/aes-s390x.pl (rev 0)
+++ trunk/crypto/openssl/crypto/aes/asm/aes-s390x.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,2237 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# AES for s390x.
+
+# April 2007.
+#
+# Software performance improvement over gcc-generated code is ~70% and
+# in absolute terms is ~73 cycles per byte processed with 128-bit key.
+# You're likely to exclaim "why so slow?" Keep in mind that z-CPUs are
+# *strictly* in-order execution and issued instruction [in this case
+# load value from memory is critical] has to complete before execution
+# flow proceeds. S-boxes are compressed to 2KB[+256B].
+#
+# As for hardware acceleration support. It's basically a "teaser," as
+# it can and should be improved in several ways. Most notably support
+# for CBC is not utilized, nor multiple blocks are ever processed.
+# Then software key schedule can be postponed till hardware support
+# detection... Performance improvement over assembler is reportedly
+# ~2.5x, but can reach >8x [naturally on larger chunks] if proper
+# support is implemented.
+
+# May 2007.
+#
+# Implement AES_set_[en|de]crypt_key. Key schedule setup is avoided
+# for 128-bit keys, if hardware support is detected.
+
+# Januray 2009.
+#
+# Add support for hardware AES192/256 and reschedule instructions to
+# minimize/avoid Address Generation Interlock hazard and to favour
+# dual-issue z10 pipeline. This gave ~25% improvement on z10 and
+# almost 50% on z9. The gain is smaller on z10, because being dual-
+# issue z10 makes it improssible to eliminate the interlock condition:
+# critial path is not long enough. Yet it spends ~24 cycles per byte
+# processed with 128-bit key.
+#
+# Unlike previous version hardware support detection takes place only
+# at the moment of key schedule setup, which is denoted in key->rounds.
+# This is done, because deferred key setup can't be made MT-safe, not
+# for keys longer than 128 bits.
+#
+# Add AES_cbc_encrypt, which gives incredible performance improvement,
+# it was measured to be ~6.6x. It's less than previously mentioned 8x,
+# because software implementation was optimized.
+
+# May 2010.
+#
+# Add AES_ctr32_encrypt. If hardware-assisted, it provides up to 4.3x
+# performance improvement over "generic" counter mode routine relying
+# on single-block, also hardware-assisted, AES_encrypt. "Up to" refers
+# to the fact that exact throughput value depends on current stack
+# frame alignment within 4KB page. In worst case you get ~75% of the
+# maximum, but *on average* it would be as much as ~98%. Meaning that
+# worst case is unlike, it's like hitting ravine on plateau.
+
+# November 2010.
+#
+# Adapt for -m31 build. If kernel supports what's called "highgprs"
+# feature on Linux [see /proc/cpuinfo], it's possible to use 64-bit
+# instructions and achieve "64-bit" performance even in 31-bit legacy
+# application context. The feature is not specific to any particular
+# processor, as long as it's "z-CPU". Latter implies that the code
+# remains z/Architecture specific. On z990 it was measured to perform
+# 2x better than code generated by gcc 4.3.
+
+# December 2010.
+#
+# Add support for z196 "cipher message with counter" instruction.
+# Note however that it's disengaged, because it was measured to
+# perform ~12% worse than vanilla km-based code...
+
+# February 2011.
+#
+# Add AES_xts_[en|de]crypt. This includes support for z196 km-xts-aes
+# instructions, which deliver ~70% improvement at 8KB block size over
+# vanilla km-based code, 37% - at most like 512-bytes block size.
+
+$flavour = shift;
+
+if ($flavour =~ /3[12]/) {
+ $SIZE_T=4;
+ $g="";
+} else {
+ $SIZE_T=8;
+ $g="g";
+}
+
+while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
+open STDOUT,">$output";
+
+$softonly=0; # allow hardware support
+
+$t0="%r0"; $mask="%r0";
+$t1="%r1";
+$t2="%r2"; $inp="%r2";
+$t3="%r3"; $out="%r3"; $bits="%r3";
+$key="%r4";
+$i1="%r5";
+$i2="%r6";
+$i3="%r7";
+$s0="%r8";
+$s1="%r9";
+$s2="%r10";
+$s3="%r11";
+$tbl="%r12";
+$rounds="%r13";
+$ra="%r14";
+$sp="%r15";
+
+$stdframe=16*$SIZE_T+4*8;
+
+sub _data_word()
+{ my $i;
+ while(defined($i=shift)) { $code.=sprintf".long\t0x%08x,0x%08x\n",$i,$i; }
+}
+
+$code=<<___;
+.text
+
+.type AES_Te,\@object
+.align 256
+AES_Te:
+___
+&_data_word(
+ 0xc66363a5, 0xf87c7c84, 0xee777799, 0xf67b7b8d,
+ 0xfff2f20d, 0xd66b6bbd, 0xde6f6fb1, 0x91c5c554,
+ 0x60303050, 0x02010103, 0xce6767a9, 0x562b2b7d,
+ 0xe7fefe19, 0xb5d7d762, 0x4dababe6, 0xec76769a,
+ 0x8fcaca45, 0x1f82829d, 0x89c9c940, 0xfa7d7d87,
+ 0xeffafa15, 0xb25959eb, 0x8e4747c9, 0xfbf0f00b,
+ 0x41adadec, 0xb3d4d467, 0x5fa2a2fd, 0x45afafea,
+ 0x239c9cbf, 0x53a4a4f7, 0xe4727296, 0x9bc0c05b,
+ 0x75b7b7c2, 0xe1fdfd1c, 0x3d9393ae, 0x4c26266a,
+ 0x6c36365a, 0x7e3f3f41, 0xf5f7f702, 0x83cccc4f,
+ 0x6834345c, 0x51a5a5f4, 0xd1e5e534, 0xf9f1f108,
+ 0xe2717193, 0xabd8d873, 0x62313153, 0x2a15153f,
+ 0x0804040c, 0x95c7c752, 0x46232365, 0x9dc3c35e,
+ 0x30181828, 0x379696a1, 0x0a05050f, 0x2f9a9ab5,
+ 0x0e070709, 0x24121236, 0x1b80809b, 0xdfe2e23d,
+ 0xcdebeb26, 0x4e272769, 0x7fb2b2cd, 0xea75759f,
+ 0x1209091b, 0x1d83839e, 0x582c2c74, 0x341a1a2e,
+ 0x361b1b2d, 0xdc6e6eb2, 0xb45a5aee, 0x5ba0a0fb,
+ 0xa45252f6, 0x763b3b4d, 0xb7d6d661, 0x7db3b3ce,
+ 0x5229297b, 0xdde3e33e, 0x5e2f2f71, 0x13848497,
+ 0xa65353f5, 0xb9d1d168, 0x00000000, 0xc1eded2c,
+ 0x40202060, 0xe3fcfc1f, 0x79b1b1c8, 0xb65b5bed,
+ 0xd46a6abe, 0x8dcbcb46, 0x67bebed9, 0x7239394b,
+ 0x944a4ade, 0x984c4cd4, 0xb05858e8, 0x85cfcf4a,
+ 0xbbd0d06b, 0xc5efef2a, 0x4faaaae5, 0xedfbfb16,
+ 0x864343c5, 0x9a4d4dd7, 0x66333355, 0x11858594,
+ 0x8a4545cf, 0xe9f9f910, 0x04020206, 0xfe7f7f81,
+ 0xa05050f0, 0x783c3c44, 0x259f9fba, 0x4ba8a8e3,
+ 0xa25151f3, 0x5da3a3fe, 0x804040c0, 0x058f8f8a,
+ 0x3f9292ad, 0x219d9dbc, 0x70383848, 0xf1f5f504,
+ 0x63bcbcdf, 0x77b6b6c1, 0xafdada75, 0x42212163,
+ 0x20101030, 0xe5ffff1a, 0xfdf3f30e, 0xbfd2d26d,
+ 0x81cdcd4c, 0x180c0c14, 0x26131335, 0xc3ecec2f,
+ 0xbe5f5fe1, 0x359797a2, 0x884444cc, 0x2e171739,
+ 0x93c4c457, 0x55a7a7f2, 0xfc7e7e82, 0x7a3d3d47,
+ 0xc86464ac, 0xba5d5de7, 0x3219192b, 0xe6737395,
+ 0xc06060a0, 0x19818198, 0x9e4f4fd1, 0xa3dcdc7f,
+ 0x44222266, 0x542a2a7e, 0x3b9090ab, 0x0b888883,
+ 0x8c4646ca, 0xc7eeee29, 0x6bb8b8d3, 0x2814143c,
+ 0xa7dede79, 0xbc5e5ee2, 0x160b0b1d, 0xaddbdb76,
+ 0xdbe0e03b, 0x64323256, 0x743a3a4e, 0x140a0a1e,
+ 0x924949db, 0x0c06060a, 0x4824246c, 0xb85c5ce4,
+ 0x9fc2c25d, 0xbdd3d36e, 0x43acacef, 0xc46262a6,
+ 0x399191a8, 0x319595a4, 0xd3e4e437, 0xf279798b,
+ 0xd5e7e732, 0x8bc8c843, 0x6e373759, 0xda6d6db7,
+ 0x018d8d8c, 0xb1d5d564, 0x9c4e4ed2, 0x49a9a9e0,
+ 0xd86c6cb4, 0xac5656fa, 0xf3f4f407, 0xcfeaea25,
+ 0xca6565af, 0xf47a7a8e, 0x47aeaee9, 0x10080818,
+ 0x6fbabad5, 0xf0787888, 0x4a25256f, 0x5c2e2e72,
+ 0x381c1c24, 0x57a6a6f1, 0x73b4b4c7, 0x97c6c651,
+ 0xcbe8e823, 0xa1dddd7c, 0xe874749c, 0x3e1f1f21,
+ 0x964b4bdd, 0x61bdbddc, 0x0d8b8b86, 0x0f8a8a85,
+ 0xe0707090, 0x7c3e3e42, 0x71b5b5c4, 0xcc6666aa,
+ 0x904848d8, 0x06030305, 0xf7f6f601, 0x1c0e0e12,
+ 0xc26161a3, 0x6a35355f, 0xae5757f9, 0x69b9b9d0,
+ 0x17868691, 0x99c1c158, 0x3a1d1d27, 0x279e9eb9,
+ 0xd9e1e138, 0xebf8f813, 0x2b9898b3, 0x22111133,
+ 0xd26969bb, 0xa9d9d970, 0x078e8e89, 0x339494a7,
+ 0x2d9b9bb6, 0x3c1e1e22, 0x15878792, 0xc9e9e920,
+ 0x87cece49, 0xaa5555ff, 0x50282878, 0xa5dfdf7a,
+ 0x038c8c8f, 0x59a1a1f8, 0x09898980, 0x1a0d0d17,
+ 0x65bfbfda, 0xd7e6e631, 0x844242c6, 0xd06868b8,
+ 0x824141c3, 0x299999b0, 0x5a2d2d77, 0x1e0f0f11,
+ 0x7bb0b0cb, 0xa85454fc, 0x6dbbbbd6, 0x2c16163a);
+$code.=<<___;
+# Te4[256]
+.byte 0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5
+.byte 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76
+.byte 0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0
+.byte 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0
+.byte 0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc
+.byte 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15
+.byte 0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a
+.byte 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75
+.byte 0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0
+.byte 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84
+.byte 0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b
+.byte 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf
+.byte 0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85
+.byte 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8
+.byte 0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5
+.byte 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2
+.byte 0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17
+.byte 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73
+.byte 0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88
+.byte 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb
+.byte 0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c
+.byte 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79
+.byte 0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9
+.byte 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08
+.byte 0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6
+.byte 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a
+.byte 0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e
+.byte 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e
+.byte 0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94
+.byte 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf
+.byte 0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68
+.byte 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16
+# rcon[]
+.long 0x01000000, 0x02000000, 0x04000000, 0x08000000
+.long 0x10000000, 0x20000000, 0x40000000, 0x80000000
+.long 0x1B000000, 0x36000000, 0, 0, 0, 0, 0, 0
+.align 256
+.size AES_Te,.-AES_Te
+
+# void AES_encrypt(const unsigned char *inp, unsigned char *out,
+# const AES_KEY *key) {
+.globl AES_encrypt
+.type AES_encrypt,\@function
+AES_encrypt:
+___
+$code.=<<___ if (!$softonly);
+ l %r0,240($key)
+ lhi %r1,16
+ clr %r0,%r1
+ jl .Lesoft
+
+ la %r1,0($key)
+ #la %r2,0($inp)
+ la %r4,0($out)
+ lghi %r3,16 # single block length
+ .long 0xb92e0042 # km %r4,%r2
+ brc 1,.-4 # can this happen?
+ br %r14
+.align 64
+.Lesoft:
+___
+$code.=<<___;
+ stm${g} %r3,$ra,3*$SIZE_T($sp)
+
+ llgf $s0,0($inp)
+ llgf $s1,4($inp)
+ llgf $s2,8($inp)
+ llgf $s3,12($inp)
+
+ larl $tbl,AES_Te
+ bras $ra,_s390x_AES_encrypt
+
+ l${g} $out,3*$SIZE_T($sp)
+ st $s0,0($out)
+ st $s1,4($out)
+ st $s2,8($out)
+ st $s3,12($out)
+
+ lm${g} %r6,$ra,6*$SIZE_T($sp)
+ br $ra
+.size AES_encrypt,.-AES_encrypt
+
+.type _s390x_AES_encrypt,\@function
+.align 16
+_s390x_AES_encrypt:
+ st${g} $ra,15*$SIZE_T($sp)
+ x $s0,0($key)
+ x $s1,4($key)
+ x $s2,8($key)
+ x $s3,12($key)
+ l $rounds,240($key)
+ llill $mask,`0xff<<3`
+ aghi $rounds,-1
+ j .Lenc_loop
+.align 16
+.Lenc_loop:
+ sllg $t1,$s0,`0+3`
+ srlg $t2,$s0,`8-3`
+ srlg $t3,$s0,`16-3`
+ srl $s0,`24-3`
+ nr $s0,$mask
+ ngr $t1,$mask
+ nr $t2,$mask
+ nr $t3,$mask
+
+ srlg $i1,$s1,`16-3` # i0
+ sllg $i2,$s1,`0+3`
+ srlg $i3,$s1,`8-3`
+ srl $s1,`24-3`
+ nr $i1,$mask
+ nr $s1,$mask
+ ngr $i2,$mask
+ nr $i3,$mask
+
+ l $s0,0($s0,$tbl) # Te0[s0>>24]
+ l $t1,1($t1,$tbl) # Te3[s0>>0]
+ l $t2,2($t2,$tbl) # Te2[s0>>8]
+ l $t3,3($t3,$tbl) # Te1[s0>>16]
+
+ x $s0,3($i1,$tbl) # Te1[s1>>16]
+ l $s1,0($s1,$tbl) # Te0[s1>>24]
+ x $t2,1($i2,$tbl) # Te3[s1>>0]
+ x $t3,2($i3,$tbl) # Te2[s1>>8]
+
+ srlg $i1,$s2,`8-3` # i0
+ srlg $i2,$s2,`16-3` # i1
+ nr $i1,$mask
+ nr $i2,$mask
+ sllg $i3,$s2,`0+3`
+ srl $s2,`24-3`
+ nr $s2,$mask
+ ngr $i3,$mask
+
+ xr $s1,$t1
+ srlg $ra,$s3,`8-3` # i1
+ sllg $t1,$s3,`0+3` # i0
+ nr $ra,$mask
+ la $key,16($key)
+ ngr $t1,$mask
+
+ x $s0,2($i1,$tbl) # Te2[s2>>8]
+ x $s1,3($i2,$tbl) # Te1[s2>>16]
+ l $s2,0($s2,$tbl) # Te0[s2>>24]
+ x $t3,1($i3,$tbl) # Te3[s2>>0]
+
+ srlg $i3,$s3,`16-3` # i2
+ xr $s2,$t2
+ srl $s3,`24-3`
+ nr $i3,$mask
+ nr $s3,$mask
+
+ x $s0,0($key)
+ x $s1,4($key)
+ x $s2,8($key)
+ x $t3,12($key)
+
+ x $s0,1($t1,$tbl) # Te3[s3>>0]
+ x $s1,2($ra,$tbl) # Te2[s3>>8]
+ x $s2,3($i3,$tbl) # Te1[s3>>16]
+ l $s3,0($s3,$tbl) # Te0[s3>>24]
+ xr $s3,$t3
+
+ brct $rounds,.Lenc_loop
+ .align 16
+
+ sllg $t1,$s0,`0+3`
+ srlg $t2,$s0,`8-3`
+ ngr $t1,$mask
+ srlg $t3,$s0,`16-3`
+ srl $s0,`24-3`
+ nr $s0,$mask
+ nr $t2,$mask
+ nr $t3,$mask
+
+ srlg $i1,$s1,`16-3` # i0
+ sllg $i2,$s1,`0+3`
+ ngr $i2,$mask
+ srlg $i3,$s1,`8-3`
+ srl $s1,`24-3`
+ nr $i1,$mask
+ nr $s1,$mask
+ nr $i3,$mask
+
+ llgc $s0,2($s0,$tbl) # Te4[s0>>24]
+ llgc $t1,2($t1,$tbl) # Te4[s0>>0]
+ sll $s0,24
+ llgc $t2,2($t2,$tbl) # Te4[s0>>8]
+ llgc $t3,2($t3,$tbl) # Te4[s0>>16]
+ sll $t2,8
+ sll $t3,16
+
+ llgc $i1,2($i1,$tbl) # Te4[s1>>16]
+ llgc $s1,2($s1,$tbl) # Te4[s1>>24]
+ llgc $i2,2($i2,$tbl) # Te4[s1>>0]
+ llgc $i3,2($i3,$tbl) # Te4[s1>>8]
+ sll $i1,16
+ sll $s1,24
+ sll $i3,8
+ or $s0,$i1
+ or $s1,$t1
+ or $t2,$i2
+ or $t3,$i3
+
+ srlg $i1,$s2,`8-3` # i0
+ srlg $i2,$s2,`16-3` # i1
+ nr $i1,$mask
+ nr $i2,$mask
+ sllg $i3,$s2,`0+3`
+ srl $s2,`24-3`
+ ngr $i3,$mask
+ nr $s2,$mask
+
+ sllg $t1,$s3,`0+3` # i0
+ srlg $ra,$s3,`8-3` # i1
+ ngr $t1,$mask
+
+ llgc $i1,2($i1,$tbl) # Te4[s2>>8]
+ llgc $i2,2($i2,$tbl) # Te4[s2>>16]
+ sll $i1,8
+ llgc $s2,2($s2,$tbl) # Te4[s2>>24]
+ llgc $i3,2($i3,$tbl) # Te4[s2>>0]
+ sll $i2,16
+ nr $ra,$mask
+ sll $s2,24
+ or $s0,$i1
+ or $s1,$i2
+ or $s2,$t2
+ or $t3,$i3
+
+ srlg $i3,$s3,`16-3` # i2
+ srl $s3,`24-3`
+ nr $i3,$mask
+ nr $s3,$mask
+
+ l $t0,16($key)
+ l $t2,20($key)
+
+ llgc $i1,2($t1,$tbl) # Te4[s3>>0]
+ llgc $i2,2($ra,$tbl) # Te4[s3>>8]
+ llgc $i3,2($i3,$tbl) # Te4[s3>>16]
+ llgc $s3,2($s3,$tbl) # Te4[s3>>24]
+ sll $i2,8
+ sll $i3,16
+ sll $s3,24
+ or $s0,$i1
+ or $s1,$i2
+ or $s2,$i3
+ or $s3,$t3
+
+ l${g} $ra,15*$SIZE_T($sp)
+ xr $s0,$t0
+ xr $s1,$t2
+ x $s2,24($key)
+ x $s3,28($key)
+
+ br $ra
+.size _s390x_AES_encrypt,.-_s390x_AES_encrypt
+___
+
+$code.=<<___;
+.type AES_Td,\@object
+.align 256
+AES_Td:
+___
+&_data_word(
+ 0x51f4a750, 0x7e416553, 0x1a17a4c3, 0x3a275e96,
+ 0x3bab6bcb, 0x1f9d45f1, 0xacfa58ab, 0x4be30393,
+ 0x2030fa55, 0xad766df6, 0x88cc7691, 0xf5024c25,
+ 0x4fe5d7fc, 0xc52acbd7, 0x26354480, 0xb562a38f,
+ 0xdeb15a49, 0x25ba1b67, 0x45ea0e98, 0x5dfec0e1,
+ 0xc32f7502, 0x814cf012, 0x8d4697a3, 0x6bd3f9c6,
+ 0x038f5fe7, 0x15929c95, 0xbf6d7aeb, 0x955259da,
+ 0xd4be832d, 0x587421d3, 0x49e06929, 0x8ec9c844,
+ 0x75c2896a, 0xf48e7978, 0x99583e6b, 0x27b971dd,
+ 0xbee14fb6, 0xf088ad17, 0xc920ac66, 0x7dce3ab4,
+ 0x63df4a18, 0xe51a3182, 0x97513360, 0x62537f45,
+ 0xb16477e0, 0xbb6bae84, 0xfe81a01c, 0xf9082b94,
+ 0x70486858, 0x8f45fd19, 0x94de6c87, 0x527bf8b7,
+ 0xab73d323, 0x724b02e2, 0xe31f8f57, 0x6655ab2a,
+ 0xb2eb2807, 0x2fb5c203, 0x86c57b9a, 0xd33708a5,
+ 0x302887f2, 0x23bfa5b2, 0x02036aba, 0xed16825c,
+ 0x8acf1c2b, 0xa779b492, 0xf307f2f0, 0x4e69e2a1,
+ 0x65daf4cd, 0x0605bed5, 0xd134621f, 0xc4a6fe8a,
+ 0x342e539d, 0xa2f355a0, 0x058ae132, 0xa4f6eb75,
+ 0x0b83ec39, 0x4060efaa, 0x5e719f06, 0xbd6e1051,
+ 0x3e218af9, 0x96dd063d, 0xdd3e05ae, 0x4de6bd46,
+ 0x91548db5, 0x71c45d05, 0x0406d46f, 0x605015ff,
+ 0x1998fb24, 0xd6bde997, 0x894043cc, 0x67d99e77,
+ 0xb0e842bd, 0x07898b88, 0xe7195b38, 0x79c8eedb,
+ 0xa17c0a47, 0x7c420fe9, 0xf8841ec9, 0x00000000,
+ 0x09808683, 0x322bed48, 0x1e1170ac, 0x6c5a724e,
+ 0xfd0efffb, 0x0f853856, 0x3daed51e, 0x362d3927,
+ 0x0a0fd964, 0x685ca621, 0x9b5b54d1, 0x24362e3a,
+ 0x0c0a67b1, 0x9357e70f, 0xb4ee96d2, 0x1b9b919e,
+ 0x80c0c54f, 0x61dc20a2, 0x5a774b69, 0x1c121a16,
+ 0xe293ba0a, 0xc0a02ae5, 0x3c22e043, 0x121b171d,
+ 0x0e090d0b, 0xf28bc7ad, 0x2db6a8b9, 0x141ea9c8,
+ 0x57f11985, 0xaf75074c, 0xee99ddbb, 0xa37f60fd,
+ 0xf701269f, 0x5c72f5bc, 0x44663bc5, 0x5bfb7e34,
+ 0x8b432976, 0xcb23c6dc, 0xb6edfc68, 0xb8e4f163,
+ 0xd731dcca, 0x42638510, 0x13972240, 0x84c61120,
+ 0x854a247d, 0xd2bb3df8, 0xaef93211, 0xc729a16d,
+ 0x1d9e2f4b, 0xdcb230f3, 0x0d8652ec, 0x77c1e3d0,
+ 0x2bb3166c, 0xa970b999, 0x119448fa, 0x47e96422,
+ 0xa8fc8cc4, 0xa0f03f1a, 0x567d2cd8, 0x223390ef,
+ 0x87494ec7, 0xd938d1c1, 0x8ccaa2fe, 0x98d40b36,
+ 0xa6f581cf, 0xa57ade28, 0xdab78e26, 0x3fadbfa4,
+ 0x2c3a9de4, 0x5078920d, 0x6a5fcc9b, 0x547e4662,
+ 0xf68d13c2, 0x90d8b8e8, 0x2e39f75e, 0x82c3aff5,
+ 0x9f5d80be, 0x69d0937c, 0x6fd52da9, 0xcf2512b3,
+ 0xc8ac993b, 0x10187da7, 0xe89c636e, 0xdb3bbb7b,
+ 0xcd267809, 0x6e5918f4, 0xec9ab701, 0x834f9aa8,
+ 0xe6956e65, 0xaaffe67e, 0x21bccf08, 0xef15e8e6,
+ 0xbae79bd9, 0x4a6f36ce, 0xea9f09d4, 0x29b07cd6,
+ 0x31a4b2af, 0x2a3f2331, 0xc6a59430, 0x35a266c0,
+ 0x744ebc37, 0xfc82caa6, 0xe090d0b0, 0x33a7d815,
+ 0xf104984a, 0x41ecdaf7, 0x7fcd500e, 0x1791f62f,
+ 0x764dd68d, 0x43efb04d, 0xccaa4d54, 0xe49604df,
+ 0x9ed1b5e3, 0x4c6a881b, 0xc12c1fb8, 0x4665517f,
+ 0x9d5eea04, 0x018c355d, 0xfa877473, 0xfb0b412e,
+ 0xb3671d5a, 0x92dbd252, 0xe9105633, 0x6dd64713,
+ 0x9ad7618c, 0x37a10c7a, 0x59f8148e, 0xeb133c89,
+ 0xcea927ee, 0xb761c935, 0xe11ce5ed, 0x7a47b13c,
+ 0x9cd2df59, 0x55f2733f, 0x1814ce79, 0x73c737bf,
+ 0x53f7cdea, 0x5ffdaa5b, 0xdf3d6f14, 0x7844db86,
+ 0xcaaff381, 0xb968c43e, 0x3824342c, 0xc2a3405f,
+ 0x161dc372, 0xbce2250c, 0x283c498b, 0xff0d9541,
+ 0x39a80171, 0x080cb3de, 0xd8b4e49c, 0x6456c190,
+ 0x7bcb8461, 0xd532b670, 0x486c5c74, 0xd0b85742);
+$code.=<<___;
+# Td4[256]
+.byte 0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38
+.byte 0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb
+.byte 0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87
+.byte 0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb
+.byte 0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d
+.byte 0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e
+.byte 0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2
+.byte 0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25
+.byte 0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16
+.byte 0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92
+.byte 0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda
+.byte 0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84
+.byte 0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a
+.byte 0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06
+.byte 0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02
+.byte 0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b
+.byte 0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea
+.byte 0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73
+.byte 0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85
+.byte 0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e
+.byte 0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89
+.byte 0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b
+.byte 0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20
+.byte 0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4
+.byte 0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31
+.byte 0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f
+.byte 0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d
+.byte 0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef
+.byte 0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0
+.byte 0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61
+.byte 0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26
+.byte 0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d
+.size AES_Td,.-AES_Td
+
+# void AES_decrypt(const unsigned char *inp, unsigned char *out,
+# const AES_KEY *key) {
+.globl AES_decrypt
+.type AES_decrypt,\@function
+AES_decrypt:
+___
+$code.=<<___ if (!$softonly);
+ l %r0,240($key)
+ lhi %r1,16
+ clr %r0,%r1
+ jl .Ldsoft
+
+ la %r1,0($key)
+ #la %r2,0($inp)
+ la %r4,0($out)
+ lghi %r3,16 # single block length
+ .long 0xb92e0042 # km %r4,%r2
+ brc 1,.-4 # can this happen?
+ br %r14
+.align 64
+.Ldsoft:
+___
+$code.=<<___;
+ stm${g} %r3,$ra,3*$SIZE_T($sp)
+
+ llgf $s0,0($inp)
+ llgf $s1,4($inp)
+ llgf $s2,8($inp)
+ llgf $s3,12($inp)
+
+ larl $tbl,AES_Td
+ bras $ra,_s390x_AES_decrypt
+
+ l${g} $out,3*$SIZE_T($sp)
+ st $s0,0($out)
+ st $s1,4($out)
+ st $s2,8($out)
+ st $s3,12($out)
+
+ lm${g} %r6,$ra,6*$SIZE_T($sp)
+ br $ra
+.size AES_decrypt,.-AES_decrypt
+
+.type _s390x_AES_decrypt,\@function
+.align 16
+_s390x_AES_decrypt:
+ st${g} $ra,15*$SIZE_T($sp)
+ x $s0,0($key)
+ x $s1,4($key)
+ x $s2,8($key)
+ x $s3,12($key)
+ l $rounds,240($key)
+ llill $mask,`0xff<<3`
+ aghi $rounds,-1
+ j .Ldec_loop
+.align 16
+.Ldec_loop:
+ srlg $t1,$s0,`16-3`
+ srlg $t2,$s0,`8-3`
+ sllg $t3,$s0,`0+3`
+ srl $s0,`24-3`
+ nr $s0,$mask
+ nr $t1,$mask
+ nr $t2,$mask
+ ngr $t3,$mask
+
+ sllg $i1,$s1,`0+3` # i0
+ srlg $i2,$s1,`16-3`
+ srlg $i3,$s1,`8-3`
+ srl $s1,`24-3`
+ ngr $i1,$mask
+ nr $s1,$mask
+ nr $i2,$mask
+ nr $i3,$mask
+
+ l $s0,0($s0,$tbl) # Td0[s0>>24]
+ l $t1,3($t1,$tbl) # Td1[s0>>16]
+ l $t2,2($t2,$tbl) # Td2[s0>>8]
+ l $t3,1($t3,$tbl) # Td3[s0>>0]
+
+ x $s0,1($i1,$tbl) # Td3[s1>>0]
+ l $s1,0($s1,$tbl) # Td0[s1>>24]
+ x $t2,3($i2,$tbl) # Td1[s1>>16]
+ x $t3,2($i3,$tbl) # Td2[s1>>8]
+
+ srlg $i1,$s2,`8-3` # i0
+ sllg $i2,$s2,`0+3` # i1
+ srlg $i3,$s2,`16-3`
+ srl $s2,`24-3`
+ nr $i1,$mask
+ ngr $i2,$mask
+ nr $s2,$mask
+ nr $i3,$mask
+
+ xr $s1,$t1
+ srlg $ra,$s3,`8-3` # i1
+ srlg $t1,$s3,`16-3` # i0
+ nr $ra,$mask
+ la $key,16($key)
+ nr $t1,$mask
+
+ x $s0,2($i1,$tbl) # Td2[s2>>8]
+ x $s1,1($i2,$tbl) # Td3[s2>>0]
+ l $s2,0($s2,$tbl) # Td0[s2>>24]
+ x $t3,3($i3,$tbl) # Td1[s2>>16]
+
+ sllg $i3,$s3,`0+3` # i2
+ srl $s3,`24-3`
+ ngr $i3,$mask
+ nr $s3,$mask
+
+ xr $s2,$t2
+ x $s0,0($key)
+ x $s1,4($key)
+ x $s2,8($key)
+ x $t3,12($key)
+
+ x $s0,3($t1,$tbl) # Td1[s3>>16]
+ x $s1,2($ra,$tbl) # Td2[s3>>8]
+ x $s2,1($i3,$tbl) # Td3[s3>>0]
+ l $s3,0($s3,$tbl) # Td0[s3>>24]
+ xr $s3,$t3
+
+ brct $rounds,.Ldec_loop
+ .align 16
+
+ l $t1,`2048+0`($tbl) # prefetch Td4
+ l $t2,`2048+64`($tbl)
+ l $t3,`2048+128`($tbl)
+ l $i1,`2048+192`($tbl)
+ llill $mask,0xff
+
+ srlg $i3,$s0,24 # i0
+ srlg $t1,$s0,16
+ srlg $t2,$s0,8
+ nr $s0,$mask # i3
+ nr $t1,$mask
+
+ srlg $i1,$s1,24
+ nr $t2,$mask
+ srlg $i2,$s1,16
+ srlg $ra,$s1,8
+ nr $s1,$mask # i0
+ nr $i2,$mask
+ nr $ra,$mask
+
+ llgc $i3,2048($i3,$tbl) # Td4[s0>>24]
+ llgc $t1,2048($t1,$tbl) # Td4[s0>>16]
+ llgc $t2,2048($t2,$tbl) # Td4[s0>>8]
+ sll $t1,16
+ llgc $t3,2048($s0,$tbl) # Td4[s0>>0]
+ sllg $s0,$i3,24
+ sll $t2,8
+
+ llgc $s1,2048($s1,$tbl) # Td4[s1>>0]
+ llgc $i1,2048($i1,$tbl) # Td4[s1>>24]
+ llgc $i2,2048($i2,$tbl) # Td4[s1>>16]
+ sll $i1,24
+ llgc $i3,2048($ra,$tbl) # Td4[s1>>8]
+ sll $i2,16
+ sll $i3,8
+ or $s0,$s1
+ or $t1,$i1
+ or $t2,$i2
+ or $t3,$i3
+
+ srlg $i1,$s2,8 # i0
+ srlg $i2,$s2,24
+ srlg $i3,$s2,16
+ nr $s2,$mask # i1
+ nr $i1,$mask
+ nr $i3,$mask
+ llgc $i1,2048($i1,$tbl) # Td4[s2>>8]
+ llgc $s1,2048($s2,$tbl) # Td4[s2>>0]
+ llgc $i2,2048($i2,$tbl) # Td4[s2>>24]
+ llgc $i3,2048($i3,$tbl) # Td4[s2>>16]
+ sll $i1,8
+ sll $i2,24
+ or $s0,$i1
+ sll $i3,16
+ or $t2,$i2
+ or $t3,$i3
+
+ srlg $i1,$s3,16 # i0
+ srlg $i2,$s3,8 # i1
+ srlg $i3,$s3,24
+ nr $s3,$mask # i2
+ nr $i1,$mask
+ nr $i2,$mask
+
+ l${g} $ra,15*$SIZE_T($sp)
+ or $s1,$t1
+ l $t0,16($key)
+ l $t1,20($key)
+
+ llgc $i1,2048($i1,$tbl) # Td4[s3>>16]
+ llgc $i2,2048($i2,$tbl) # Td4[s3>>8]
+ sll $i1,16
+ llgc $s2,2048($s3,$tbl) # Td4[s3>>0]
+ llgc $s3,2048($i3,$tbl) # Td4[s3>>24]
+ sll $i2,8
+ sll $s3,24
+ or $s0,$i1
+ or $s1,$i2
+ or $s2,$t2
+ or $s3,$t3
+
+ xr $s0,$t0
+ xr $s1,$t1
+ x $s2,24($key)
+ x $s3,28($key)
+
+ br $ra
+.size _s390x_AES_decrypt,.-_s390x_AES_decrypt
+___
+
+$code.=<<___;
+# void AES_set_encrypt_key(const unsigned char *in, int bits,
+# AES_KEY *key) {
+.globl private_AES_set_encrypt_key
+.type private_AES_set_encrypt_key,\@function
+.align 16
+private_AES_set_encrypt_key:
+_s390x_AES_set_encrypt_key:
+ lghi $t0,0
+ cl${g}r $inp,$t0
+ je .Lminus1
+ cl${g}r $key,$t0
+ je .Lminus1
+
+ lghi $t0,128
+ clr $bits,$t0
+ je .Lproceed
+ lghi $t0,192
+ clr $bits,$t0
+ je .Lproceed
+ lghi $t0,256
+ clr $bits,$t0
+ je .Lproceed
+ lghi %r2,-2
+ br %r14
+
+.align 16
+.Lproceed:
+___
+$code.=<<___ if (!$softonly);
+ # convert bits to km code, [128,192,256]->[18,19,20]
+ lhi %r5,-128
+ lhi %r0,18
+ ar %r5,$bits
+ srl %r5,6
+ ar %r5,%r0
+
+ larl %r1,OPENSSL_s390xcap_P
+ lg %r0,0(%r1)
+ tmhl %r0,0x4000 # check for message-security assist
+ jz .Lekey_internal
+
+ lghi %r0,0 # query capability vector
+ la %r1,16($sp)
+ .long 0xb92f0042 # kmc %r4,%r2
+
+ llihh %r1,0x8000
+ srlg %r1,%r1,0(%r5)
+ ng %r1,16($sp)
+ jz .Lekey_internal
+
+ lmg %r0,%r1,0($inp) # just copy 128 bits...
+ stmg %r0,%r1,0($key)
+ lhi %r0,192
+ cr $bits,%r0
+ jl 1f
+ lg %r1,16($inp)
+ stg %r1,16($key)
+ je 1f
+ lg %r1,24($inp)
+ stg %r1,24($key)
+1: st $bits,236($key) # save bits [for debugging purposes]
+ lgr $t0,%r5
+ st %r5,240($key) # save km code
+ lghi %r2,0
+ br %r14
+___
+$code.=<<___;
+.align 16
+.Lekey_internal:
+ stm${g} %r4,%r13,4*$SIZE_T($sp) # all non-volatile regs and $key
+
+ larl $tbl,AES_Te+2048
+
+ llgf $s0,0($inp)
+ llgf $s1,4($inp)
+ llgf $s2,8($inp)
+ llgf $s3,12($inp)
+ st $s0,0($key)
+ st $s1,4($key)
+ st $s2,8($key)
+ st $s3,12($key)
+ lghi $t0,128
+ cr $bits,$t0
+ jne .Lnot128
+
+ llill $mask,0xff
+ lghi $t3,0 # i=0
+ lghi $rounds,10
+ st $rounds,240($key)
+
+ llgfr $t2,$s3 # temp=rk[3]
+ srlg $i1,$s3,8
+ srlg $i2,$s3,16
+ srlg $i3,$s3,24
+ nr $t2,$mask
+ nr $i1,$mask
+ nr $i2,$mask
+
+.align 16
+.L128_loop:
+ la $t2,0($t2,$tbl)
+ la $i1,0($i1,$tbl)
+ la $i2,0($i2,$tbl)
+ la $i3,0($i3,$tbl)
+ icm $t2,2,0($t2) # Te4[rk[3]>>0]<<8
+ icm $t2,4,0($i1) # Te4[rk[3]>>8]<<16
+ icm $t2,8,0($i2) # Te4[rk[3]>>16]<<24
+ icm $t2,1,0($i3) # Te4[rk[3]>>24]
+ x $t2,256($t3,$tbl) # rcon[i]
+ xr $s0,$t2 # rk[4]=rk[0]^...
+ xr $s1,$s0 # rk[5]=rk[1]^rk[4]
+ xr $s2,$s1 # rk[6]=rk[2]^rk[5]
+ xr $s3,$s2 # rk[7]=rk[3]^rk[6]
+
+ llgfr $t2,$s3 # temp=rk[3]
+ srlg $i1,$s3,8
+ srlg $i2,$s3,16
+ nr $t2,$mask
+ nr $i1,$mask
+ srlg $i3,$s3,24
+ nr $i2,$mask
+
+ st $s0,16($key)
+ st $s1,20($key)
+ st $s2,24($key)
+ st $s3,28($key)
+ la $key,16($key) # key+=4
+ la $t3,4($t3) # i++
+ brct $rounds,.L128_loop
+ lghi $t0,10
+ lghi %r2,0
+ lm${g} %r4,%r13,4*$SIZE_T($sp)
+ br $ra
+
+.align 16
+.Lnot128:
+ llgf $t0,16($inp)
+ llgf $t1,20($inp)
+ st $t0,16($key)
+ st $t1,20($key)
+ lghi $t0,192
+ cr $bits,$t0
+ jne .Lnot192
+
+ llill $mask,0xff
+ lghi $t3,0 # i=0
+ lghi $rounds,12
+ st $rounds,240($key)
+ lghi $rounds,8
+
+ srlg $i1,$t1,8
+ srlg $i2,$t1,16
+ srlg $i3,$t1,24
+ nr $t1,$mask
+ nr $i1,$mask
+ nr $i2,$mask
+
+.align 16
+.L192_loop:
+ la $t1,0($t1,$tbl)
+ la $i1,0($i1,$tbl)
+ la $i2,0($i2,$tbl)
+ la $i3,0($i3,$tbl)
+ icm $t1,2,0($t1) # Te4[rk[5]>>0]<<8
+ icm $t1,4,0($i1) # Te4[rk[5]>>8]<<16
+ icm $t1,8,0($i2) # Te4[rk[5]>>16]<<24
+ icm $t1,1,0($i3) # Te4[rk[5]>>24]
+ x $t1,256($t3,$tbl) # rcon[i]
+ xr $s0,$t1 # rk[6]=rk[0]^...
+ xr $s1,$s0 # rk[7]=rk[1]^rk[6]
+ xr $s2,$s1 # rk[8]=rk[2]^rk[7]
+ xr $s3,$s2 # rk[9]=rk[3]^rk[8]
+
+ st $s0,24($key)
+ st $s1,28($key)
+ st $s2,32($key)
+ st $s3,36($key)
+ brct $rounds,.L192_continue
+ lghi $t0,12
+ lghi %r2,0
+ lm${g} %r4,%r13,4*$SIZE_T($sp)
+ br $ra
+
+.align 16
+.L192_continue:
+ lgr $t1,$s3
+ x $t1,16($key) # rk[10]=rk[4]^rk[9]
+ st $t1,40($key)
+ x $t1,20($key) # rk[11]=rk[5]^rk[10]
+ st $t1,44($key)
+
+ srlg $i1,$t1,8
+ srlg $i2,$t1,16
+ srlg $i3,$t1,24
+ nr $t1,$mask
+ nr $i1,$mask
+ nr $i2,$mask
+
+ la $key,24($key) # key+=6
+ la $t3,4($t3) # i++
+ j .L192_loop
+
+.align 16
+.Lnot192:
+ llgf $t0,24($inp)
+ llgf $t1,28($inp)
+ st $t0,24($key)
+ st $t1,28($key)
+ llill $mask,0xff
+ lghi $t3,0 # i=0
+ lghi $rounds,14
+ st $rounds,240($key)
+ lghi $rounds,7
+
+ srlg $i1,$t1,8
+ srlg $i2,$t1,16
+ srlg $i3,$t1,24
+ nr $t1,$mask
+ nr $i1,$mask
+ nr $i2,$mask
+
+.align 16
+.L256_loop:
+ la $t1,0($t1,$tbl)
+ la $i1,0($i1,$tbl)
+ la $i2,0($i2,$tbl)
+ la $i3,0($i3,$tbl)
+ icm $t1,2,0($t1) # Te4[rk[7]>>0]<<8
+ icm $t1,4,0($i1) # Te4[rk[7]>>8]<<16
+ icm $t1,8,0($i2) # Te4[rk[7]>>16]<<24
+ icm $t1,1,0($i3) # Te4[rk[7]>>24]
+ x $t1,256($t3,$tbl) # rcon[i]
+ xr $s0,$t1 # rk[8]=rk[0]^...
+ xr $s1,$s0 # rk[9]=rk[1]^rk[8]
+ xr $s2,$s1 # rk[10]=rk[2]^rk[9]
+ xr $s3,$s2 # rk[11]=rk[3]^rk[10]
+ st $s0,32($key)
+ st $s1,36($key)
+ st $s2,40($key)
+ st $s3,44($key)
+ brct $rounds,.L256_continue
+ lghi $t0,14
+ lghi %r2,0
+ lm${g} %r4,%r13,4*$SIZE_T($sp)
+ br $ra
+
+.align 16
+.L256_continue:
+ lgr $t1,$s3 # temp=rk[11]
+ srlg $i1,$s3,8
+ srlg $i2,$s3,16
+ srlg $i3,$s3,24
+ nr $t1,$mask
+ nr $i1,$mask
+ nr $i2,$mask
+ la $t1,0($t1,$tbl)
+ la $i1,0($i1,$tbl)
+ la $i2,0($i2,$tbl)
+ la $i3,0($i3,$tbl)
+ llgc $t1,0($t1) # Te4[rk[11]>>0]
+ icm $t1,2,0($i1) # Te4[rk[11]>>8]<<8
+ icm $t1,4,0($i2) # Te4[rk[11]>>16]<<16
+ icm $t1,8,0($i3) # Te4[rk[11]>>24]<<24
+ x $t1,16($key) # rk[12]=rk[4]^...
+ st $t1,48($key)
+ x $t1,20($key) # rk[13]=rk[5]^rk[12]
+ st $t1,52($key)
+ x $t1,24($key) # rk[14]=rk[6]^rk[13]
+ st $t1,56($key)
+ x $t1,28($key) # rk[15]=rk[7]^rk[14]
+ st $t1,60($key)
+
+ srlg $i1,$t1,8
+ srlg $i2,$t1,16
+ srlg $i3,$t1,24
+ nr $t1,$mask
+ nr $i1,$mask
+ nr $i2,$mask
+
+ la $key,32($key) # key+=8
+ la $t3,4($t3) # i++
+ j .L256_loop
+
+.Lminus1:
+ lghi %r2,-1
+ br $ra
+.size private_AES_set_encrypt_key,.-private_AES_set_encrypt_key
+
+# void AES_set_decrypt_key(const unsigned char *in, int bits,
+# AES_KEY *key) {
+.globl private_AES_set_decrypt_key
+.type private_AES_set_decrypt_key,\@function
+.align 16
+private_AES_set_decrypt_key:
+ #st${g} $key,4*$SIZE_T($sp) # I rely on AES_set_encrypt_key to
+ st${g} $ra,14*$SIZE_T($sp) # save non-volatile registers and $key!
+ bras $ra,_s390x_AES_set_encrypt_key
+ #l${g} $key,4*$SIZE_T($sp)
+ l${g} $ra,14*$SIZE_T($sp)
+ ltgr %r2,%r2
+ bnzr $ra
+___
+$code.=<<___ if (!$softonly);
+ #l $t0,240($key)
+ lhi $t1,16
+ cr $t0,$t1
+ jl .Lgo
+ oill $t0,0x80 # set "decrypt" bit
+ st $t0,240($key)
+ br $ra
+___
+$code.=<<___;
+.align 16
+.Lgo: lgr $rounds,$t0 #llgf $rounds,240($key)
+ la $i1,0($key)
+ sllg $i2,$rounds,4
+ la $i2,0($i2,$key)
+ srl $rounds,1
+ lghi $t1,-16
+
+.align 16
+.Linv: lmg $s0,$s1,0($i1)
+ lmg $s2,$s3,0($i2)
+ stmg $s0,$s1,0($i2)
+ stmg $s2,$s3,0($i1)
+ la $i1,16($i1)
+ la $i2,0($t1,$i2)
+ brct $rounds,.Linv
+___
+$mask80=$i1;
+$mask1b=$i2;
+$maskfe=$i3;
+$code.=<<___;
+ llgf $rounds,240($key)
+ aghi $rounds,-1
+ sll $rounds,2 # (rounds-1)*4
+ llilh $mask80,0x8080
+ llilh $mask1b,0x1b1b
+ llilh $maskfe,0xfefe
+ oill $mask80,0x8080
+ oill $mask1b,0x1b1b
+ oill $maskfe,0xfefe
+
+.align 16
+.Lmix: l $s0,16($key) # tp1
+ lr $s1,$s0
+ ngr $s1,$mask80
+ srlg $t1,$s1,7
+ slr $s1,$t1
+ nr $s1,$mask1b
+ sllg $t1,$s0,1
+ nr $t1,$maskfe
+ xr $s1,$t1 # tp2
+
+ lr $s2,$s1
+ ngr $s2,$mask80
+ srlg $t1,$s2,7
+ slr $s2,$t1
+ nr $s2,$mask1b
+ sllg $t1,$s1,1
+ nr $t1,$maskfe
+ xr $s2,$t1 # tp4
+
+ lr $s3,$s2
+ ngr $s3,$mask80
+ srlg $t1,$s3,7
+ slr $s3,$t1
+ nr $s3,$mask1b
+ sllg $t1,$s2,1
+ nr $t1,$maskfe
+ xr $s3,$t1 # tp8
+
+ xr $s1,$s0 # tp2^tp1
+ xr $s2,$s0 # tp4^tp1
+ rll $s0,$s0,24 # = ROTATE(tp1,8)
+ xr $s2,$s3 # ^=tp8
+ xr $s0,$s1 # ^=tp2^tp1
+ xr $s1,$s3 # tp2^tp1^tp8
+ xr $s0,$s2 # ^=tp4^tp1^tp8
+ rll $s1,$s1,8
+ rll $s2,$s2,16
+ xr $s0,$s1 # ^= ROTATE(tp8^tp2^tp1,24)
+ rll $s3,$s3,24
+ xr $s0,$s2 # ^= ROTATE(tp8^tp4^tp1,16)
+ xr $s0,$s3 # ^= ROTATE(tp8,8)
+
+ st $s0,16($key)
+ la $key,4($key)
+ brct $rounds,.Lmix
+
+ lm${g} %r6,%r13,6*$SIZE_T($sp)# as was saved by AES_set_encrypt_key!
+ lghi %r2,0
+ br $ra
+.size private_AES_set_decrypt_key,.-private_AES_set_decrypt_key
+___
+
+########################################################################
+# void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
+# size_t length, const AES_KEY *key,
+# unsigned char *ivec, const int enc)
+{
+my $inp="%r2";
+my $out="%r4"; # length and out are swapped
+my $len="%r3";
+my $key="%r5";
+my $ivp="%r6";
+
+$code.=<<___;
+.globl AES_cbc_encrypt
+.type AES_cbc_encrypt,\@function
+.align 16
+AES_cbc_encrypt:
+ xgr %r3,%r4 # flip %r3 and %r4, out and len
+ xgr %r4,%r3
+ xgr %r3,%r4
+___
+$code.=<<___ if (!$softonly);
+ lhi %r0,16
+ cl %r0,240($key)
+ jh .Lcbc_software
+
+ lg %r0,0($ivp) # copy ivec
+ lg %r1,8($ivp)
+ stmg %r0,%r1,16($sp)
+ lmg %r0,%r1,0($key) # copy key, cover 256 bit
+ stmg %r0,%r1,32($sp)
+ lmg %r0,%r1,16($key)
+ stmg %r0,%r1,48($sp)
+ l %r0,240($key) # load kmc code
+ lghi $key,15 # res=len%16, len-=res;
+ ngr $key,$len
+ sl${g}r $len,$key
+ la %r1,16($sp) # parameter block - ivec || key
+ jz .Lkmc_truncated
+ .long 0xb92f0042 # kmc %r4,%r2
+ brc 1,.-4 # pay attention to "partial completion"
+ ltr $key,$key
+ jnz .Lkmc_truncated
+.Lkmc_done:
+ lmg %r0,%r1,16($sp) # copy ivec to caller
+ stg %r0,0($ivp)
+ stg %r1,8($ivp)
+ br $ra
+.align 16
+.Lkmc_truncated:
+ ahi $key,-1 # it's the way it's encoded in mvc
+ tmll %r0,0x80
+ jnz .Lkmc_truncated_dec
+ lghi %r1,0
+ stg %r1,16*$SIZE_T($sp)
+ stg %r1,16*$SIZE_T+8($sp)
+ bras %r1,1f
+ mvc 16*$SIZE_T(1,$sp),0($inp)
+1: ex $key,0(%r1)
+ la %r1,16($sp) # restore parameter block
+ la $inp,16*$SIZE_T($sp)
+ lghi $len,16
+ .long 0xb92f0042 # kmc %r4,%r2
+ j .Lkmc_done
+.align 16
+.Lkmc_truncated_dec:
+ st${g} $out,4*$SIZE_T($sp)
+ la $out,16*$SIZE_T($sp)
+ lghi $len,16
+ .long 0xb92f0042 # kmc %r4,%r2
+ l${g} $out,4*$SIZE_T($sp)
+ bras %r1,2f
+ mvc 0(1,$out),16*$SIZE_T($sp)
+2: ex $key,0(%r1)
+ j .Lkmc_done
+.align 16
+.Lcbc_software:
+___
+$code.=<<___;
+ stm${g} $key,$ra,5*$SIZE_T($sp)
+ lhi %r0,0
+ cl %r0,`$stdframe+$SIZE_T-4`($sp)
+ je .Lcbc_decrypt
+
+ larl $tbl,AES_Te
+
+ llgf $s0,0($ivp)
+ llgf $s1,4($ivp)
+ llgf $s2,8($ivp)
+ llgf $s3,12($ivp)
+
+ lghi $t0,16
+ sl${g}r $len,$t0
+ brc 4,.Lcbc_enc_tail # if borrow
+.Lcbc_enc_loop:
+ stm${g} $inp,$out,2*$SIZE_T($sp)
+ x $s0,0($inp)
+ x $s1,4($inp)
+ x $s2,8($inp)
+ x $s3,12($inp)
+ lgr %r4,$key
+
+ bras $ra,_s390x_AES_encrypt
+
+ lm${g} $inp,$key,2*$SIZE_T($sp)
+ st $s0,0($out)
+ st $s1,4($out)
+ st $s2,8($out)
+ st $s3,12($out)
+
+ la $inp,16($inp)
+ la $out,16($out)
+ lghi $t0,16
+ lt${g}r $len,$len
+ jz .Lcbc_enc_done
+ sl${g}r $len,$t0
+ brc 4,.Lcbc_enc_tail # if borrow
+ j .Lcbc_enc_loop
+.align 16
+.Lcbc_enc_done:
+ l${g} $ivp,6*$SIZE_T($sp)
+ st $s0,0($ivp)
+ st $s1,4($ivp)
+ st $s2,8($ivp)
+ st $s3,12($ivp)
+
+ lm${g} %r7,$ra,7*$SIZE_T($sp)
+ br $ra
+
+.align 16
+.Lcbc_enc_tail:
+ aghi $len,15
+ lghi $t0,0
+ stg $t0,16*$SIZE_T($sp)
+ stg $t0,16*$SIZE_T+8($sp)
+ bras $t1,3f
+ mvc 16*$SIZE_T(1,$sp),0($inp)
+3: ex $len,0($t1)
+ lghi $len,0
+ la $inp,16*$SIZE_T($sp)
+ j .Lcbc_enc_loop
+
+.align 16
+.Lcbc_decrypt:
+ larl $tbl,AES_Td
+
+ lg $t0,0($ivp)
+ lg $t1,8($ivp)
+ stmg $t0,$t1,16*$SIZE_T($sp)
+
+.Lcbc_dec_loop:
+ stm${g} $inp,$out,2*$SIZE_T($sp)
+ llgf $s0,0($inp)
+ llgf $s1,4($inp)
+ llgf $s2,8($inp)
+ llgf $s3,12($inp)
+ lgr %r4,$key
+
+ bras $ra,_s390x_AES_decrypt
+
+ lm${g} $inp,$key,2*$SIZE_T($sp)
+ sllg $s0,$s0,32
+ sllg $s2,$s2,32
+ lr $s0,$s1
+ lr $s2,$s3
+
+ lg $t0,0($inp)
+ lg $t1,8($inp)
+ xg $s0,16*$SIZE_T($sp)
+ xg $s2,16*$SIZE_T+8($sp)
+ lghi $s1,16
+ sl${g}r $len,$s1
+ brc 4,.Lcbc_dec_tail # if borrow
+ brc 2,.Lcbc_dec_done # if zero
+ stg $s0,0($out)
+ stg $s2,8($out)
+ stmg $t0,$t1,16*$SIZE_T($sp)
+
+ la $inp,16($inp)
+ la $out,16($out)
+ j .Lcbc_dec_loop
+
+.Lcbc_dec_done:
+ stg $s0,0($out)
+ stg $s2,8($out)
+.Lcbc_dec_exit:
+ lm${g} %r6,$ra,6*$SIZE_T($sp)
+ stmg $t0,$t1,0($ivp)
+
+ br $ra
+
+.align 16
+.Lcbc_dec_tail:
+ aghi $len,15
+ stg $s0,16*$SIZE_T($sp)
+ stg $s2,16*$SIZE_T+8($sp)
+ bras $s1,4f
+ mvc 0(1,$out),16*$SIZE_T($sp)
+4: ex $len,0($s1)
+ j .Lcbc_dec_exit
+.size AES_cbc_encrypt,.-AES_cbc_encrypt
+___
+}
+########################################################################
+# void AES_ctr32_encrypt(const unsigned char *in, unsigned char *out,
+# size_t blocks, const AES_KEY *key,
+# const unsigned char *ivec)
+{
+my $inp="%r2";
+my $out="%r4"; # blocks and out are swapped
+my $len="%r3";
+my $key="%r5"; my $iv0="%r5";
+my $ivp="%r6";
+my $fp ="%r7";
+
+$code.=<<___;
+.globl AES_ctr32_encrypt
+.type AES_ctr32_encrypt,\@function
+.align 16
+AES_ctr32_encrypt:
+ xgr %r3,%r4 # flip %r3 and %r4, $out and $len
+ xgr %r4,%r3
+ xgr %r3,%r4
+ llgfr $len,$len # safe in ctr32 subroutine even in 64-bit case
+___
+$code.=<<___ if (!$softonly);
+ l %r0,240($key)
+ lhi %r1,16
+ clr %r0,%r1
+ jl .Lctr32_software
+
+ stm${g} %r6,$s3,6*$SIZE_T($sp)
+
+ slgr $out,$inp
+ la %r1,0($key) # %r1 is permanent copy of $key
+ lg $iv0,0($ivp) # load ivec
+ lg $ivp,8($ivp)
+
+ # prepare and allocate stack frame at the top of 4K page
+ # with 1K reserved for eventual signal handling
+ lghi $s0,-1024-256-16# guarantee at least 256-bytes buffer
+ lghi $s1,-4096
+ algr $s0,$sp
+ lgr $fp,$sp
+ ngr $s0,$s1 # align at page boundary
+ slgr $fp,$s0 # total buffer size
+ lgr $s2,$sp
+ lghi $s1,1024+16 # sl[g]fi is extended-immediate facility
+ slgr $fp,$s1 # deduct reservation to get usable buffer size
+ # buffer size is at lest 256 and at most 3072+256-16
+
+ la $sp,1024($s0) # alloca
+ srlg $fp,$fp,4 # convert bytes to blocks, minimum 16
+ st${g} $s2,0($sp) # back-chain
+ st${g} $fp,$SIZE_T($sp)
+
+ slgr $len,$fp
+ brc 1,.Lctr32_hw_switch # not zero, no borrow
+ algr $fp,$len # input is shorter than allocated buffer
+ lghi $len,0
+ st${g} $fp,$SIZE_T($sp)
+
+.Lctr32_hw_switch:
+___
+$code.=<<___ if (0); ######### kmctr code was measured to be ~12% slower
+ larl $s0,OPENSSL_s390xcap_P
+ lg $s0,8($s0)
+ tmhh $s0,0x0004 # check for message_security-assist-4
+ jz .Lctr32_km_loop
+
+ llgfr $s0,%r0
+ lgr $s1,%r1
+ lghi %r0,0
+ la %r1,16($sp)
+ .long 0xb92d2042 # kmctr %r4,%r2,%r2
+
+ llihh %r0,0x8000 # check if kmctr supports the function code
+ srlg %r0,%r0,0($s0)
+ ng %r0,16($sp)
+ lgr %r0,$s0
+ lgr %r1,$s1
+ jz .Lctr32_km_loop
+
+####### kmctr code
+ algr $out,$inp # restore $out
+ lgr $s1,$len # $s1 undertakes $len
+ j .Lctr32_kmctr_loop
+.align 16
+.Lctr32_kmctr_loop:
+ la $s2,16($sp)
+ lgr $s3,$fp
+.Lctr32_kmctr_prepare:
+ stg $iv0,0($s2)
+ stg $ivp,8($s2)
+ la $s2,16($s2)
+ ahi $ivp,1 # 32-bit increment, preserves upper half
+ brct $s3,.Lctr32_kmctr_prepare
+
+ #la $inp,0($inp) # inp
+ sllg $len,$fp,4 # len
+ #la $out,0($out) # out
+ la $s2,16($sp) # iv
+ .long 0xb92da042 # kmctr $out,$s2,$inp
+ brc 1,.-4 # pay attention to "partial completion"
+
+ slgr $s1,$fp
+ brc 1,.Lctr32_kmctr_loop # not zero, no borrow
+ algr $fp,$s1
+ lghi $s1,0
+ brc 4+1,.Lctr32_kmctr_loop # not zero
+
+ l${g} $sp,0($sp)
+ lm${g} %r6,$s3,6*$SIZE_T($sp)
+ br $ra
+.align 16
+___
+$code.=<<___;
+.Lctr32_km_loop:
+ la $s2,16($sp)
+ lgr $s3,$fp
+.Lctr32_km_prepare:
+ stg $iv0,0($s2)
+ stg $ivp,8($s2)
+ la $s2,16($s2)
+ ahi $ivp,1 # 32-bit increment, preserves upper half
+ brct $s3,.Lctr32_km_prepare
+
+ la $s0,16($sp) # inp
+ sllg $s1,$fp,4 # len
+ la $s2,16($sp) # out
+ .long 0xb92e00a8 # km %r10,%r8
+ brc 1,.-4 # pay attention to "partial completion"
+
+ la $s2,16($sp)
+ lgr $s3,$fp
+ slgr $s2,$inp
+.Lctr32_km_xor:
+ lg $s0,0($inp)
+ lg $s1,8($inp)
+ xg $s0,0($s2,$inp)
+ xg $s1,8($s2,$inp)
+ stg $s0,0($out,$inp)
+ stg $s1,8($out,$inp)
+ la $inp,16($inp)
+ brct $s3,.Lctr32_km_xor
+
+ slgr $len,$fp
+ brc 1,.Lctr32_km_loop # not zero, no borrow
+ algr $fp,$len
+ lghi $len,0
+ brc 4+1,.Lctr32_km_loop # not zero
+
+ l${g} $s0,0($sp)
+ l${g} $s1,$SIZE_T($sp)
+ la $s2,16($sp)
+.Lctr32_km_zap:
+ stg $s0,0($s2)
+ stg $s0,8($s2)
+ la $s2,16($s2)
+ brct $s1,.Lctr32_km_zap
+
+ la $sp,0($s0)
+ lm${g} %r6,$s3,6*$SIZE_T($sp)
+ br $ra
+.align 16
+.Lctr32_software:
+___
+$code.=<<___;
+ stm${g} $key,$ra,5*$SIZE_T($sp)
+ sl${g}r $inp,$out
+ larl $tbl,AES_Te
+ llgf $t1,12($ivp)
+
+.Lctr32_loop:
+ stm${g} $inp,$out,2*$SIZE_T($sp)
+ llgf $s0,0($ivp)
+ llgf $s1,4($ivp)
+ llgf $s2,8($ivp)
+ lgr $s3,$t1
+ st $t1,16*$SIZE_T($sp)
+ lgr %r4,$key
+
+ bras $ra,_s390x_AES_encrypt
+
+ lm${g} $inp,$ivp,2*$SIZE_T($sp)
+ llgf $t1,16*$SIZE_T($sp)
+ x $s0,0($inp,$out)
+ x $s1,4($inp,$out)
+ x $s2,8($inp,$out)
+ x $s3,12($inp,$out)
+ stm $s0,$s3,0($out)
+
+ la $out,16($out)
+ ahi $t1,1 # 32-bit increment
+ brct $len,.Lctr32_loop
+
+ lm${g} %r6,$ra,6*$SIZE_T($sp)
+ br $ra
+.size AES_ctr32_encrypt,.-AES_ctr32_encrypt
+___
+}
+
+########################################################################
+# void AES_xts_encrypt(const char *inp,char *out,size_t len,
+# const AES_KEY *key1, const AES_KEY *key2,
+# const unsigned char iv[16]);
+#
+{
+my $inp="%r2";
+my $out="%r4"; # len and out are swapped
+my $len="%r3";
+my $key1="%r5"; # $i1
+my $key2="%r6"; # $i2
+my $fp="%r7"; # $i3
+my $tweak=16*$SIZE_T+16; # or $stdframe-16, bottom of the frame...
+
+$code.=<<___;
+.type _s390x_xts_km,\@function
+.align 16
+_s390x_xts_km:
+___
+$code.=<<___ if(1);
+ llgfr $s0,%r0 # put aside the function code
+ lghi $s1,0x7f
+ nr $s1,%r0
+ lghi %r0,0 # query capability vector
+ la %r1,$tweak-16($sp)
+ .long 0xb92e0042 # km %r4,%r2
+ llihh %r1,0x8000
+ srlg %r1,%r1,32($s1) # check for 32+function code
+ ng %r1,$tweak-16($sp)
+ lgr %r0,$s0 # restore the function code
+ la %r1,0($key1) # restore $key1
+ jz .Lxts_km_vanilla
+
+ lmg $i2,$i3,$tweak($sp) # put aside the tweak value
+ algr $out,$inp
+
+ oill %r0,32 # switch to xts function code
+ aghi $s1,-18 #
+ sllg $s1,$s1,3 # (function code - 18)*8, 0 or 16
+ la %r1,$tweak-16($sp)
+ slgr %r1,$s1 # parameter block position
+ lmg $s0,$s3,0($key1) # load 256 bits of key material,
+ stmg $s0,$s3,0(%r1) # and copy it to parameter block.
+ # yes, it contains junk and overlaps
+ # with the tweak in 128-bit case.
+ # it's done to avoid conditional
+ # branch.
+ stmg $i2,$i3,$tweak($sp) # "re-seat" the tweak value
+
+ .long 0xb92e0042 # km %r4,%r2
+ brc 1,.-4 # pay attention to "partial completion"
+
+ lrvg $s0,$tweak+0($sp) # load the last tweak
+ lrvg $s1,$tweak+8($sp)
+ stmg %r0,%r3,$tweak-32($sp) # wipe copy of the key
+
+ nill %r0,0xffdf # switch back to original function code
+ la %r1,0($key1) # restore pointer to $key1
+ slgr $out,$inp
+
+ llgc $len,2*$SIZE_T-1($sp)
+ nill $len,0x0f # $len%=16
+ br $ra
+
+.align 16
+.Lxts_km_vanilla:
+___
+$code.=<<___;
+ # prepare and allocate stack frame at the top of 4K page
+ # with 1K reserved for eventual signal handling
+ lghi $s0,-1024-256-16# guarantee at least 256-bytes buffer
+ lghi $s1,-4096
+ algr $s0,$sp
+ lgr $fp,$sp
+ ngr $s0,$s1 # align at page boundary
+ slgr $fp,$s0 # total buffer size
+ lgr $s2,$sp
+ lghi $s1,1024+16 # sl[g]fi is extended-immediate facility
+ slgr $fp,$s1 # deduct reservation to get usable buffer size
+ # buffer size is at lest 256 and at most 3072+256-16
+
+ la $sp,1024($s0) # alloca
+ nill $fp,0xfff0 # round to 16*n
+ st${g} $s2,0($sp) # back-chain
+ nill $len,0xfff0 # redundant
+ st${g} $fp,$SIZE_T($sp)
+
+ slgr $len,$fp
+ brc 1,.Lxts_km_go # not zero, no borrow
+ algr $fp,$len # input is shorter than allocated buffer
+ lghi $len,0
+ st${g} $fp,$SIZE_T($sp)
+
+.Lxts_km_go:
+ lrvg $s0,$tweak+0($s2) # load the tweak value in little-endian
+ lrvg $s1,$tweak+8($s2)
+
+ la $s2,16($sp) # vector of ascending tweak values
+ slgr $s2,$inp
+ srlg $s3,$fp,4
+ j .Lxts_km_start
+
+.Lxts_km_loop:
+ la $s2,16($sp)
+ slgr $s2,$inp
+ srlg $s3,$fp,4
+.Lxts_km_prepare:
+ lghi $i1,0x87
+ srag $i2,$s1,63 # broadcast upper bit
+ ngr $i1,$i2 # rem
+ algr $s0,$s0
+ alcgr $s1,$s1
+ xgr $s0,$i1
+.Lxts_km_start:
+ lrvgr $i1,$s0 # flip byte order
+ lrvgr $i2,$s1
+ stg $i1,0($s2,$inp)
+ stg $i2,8($s2,$inp)
+ xg $i1,0($inp)
+ xg $i2,8($inp)
+ stg $i1,0($out,$inp)
+ stg $i2,8($out,$inp)
+ la $inp,16($inp)
+ brct $s3,.Lxts_km_prepare
+
+ slgr $inp,$fp # rewind $inp
+ la $s2,0($out,$inp)
+ lgr $s3,$fp
+ .long 0xb92e00aa # km $s2,$s2
+ brc 1,.-4 # pay attention to "partial completion"
+
+ la $s2,16($sp)
+ slgr $s2,$inp
+ srlg $s3,$fp,4
+.Lxts_km_xor:
+ lg $i1,0($out,$inp)
+ lg $i2,8($out,$inp)
+ xg $i1,0($s2,$inp)
+ xg $i2,8($s2,$inp)
+ stg $i1,0($out,$inp)
+ stg $i2,8($out,$inp)
+ la $inp,16($inp)
+ brct $s3,.Lxts_km_xor
+
+ slgr $len,$fp
+ brc 1,.Lxts_km_loop # not zero, no borrow
+ algr $fp,$len
+ lghi $len,0
+ brc 4+1,.Lxts_km_loop # not zero
+
+ l${g} $i1,0($sp) # back-chain
+ llgf $fp,`2*$SIZE_T-4`($sp) # bytes used
+ la $i2,16($sp)
+ srlg $fp,$fp,4
+.Lxts_km_zap:
+ stg $i1,0($i2)
+ stg $i1,8($i2)
+ la $i2,16($i2)
+ brct $fp,.Lxts_km_zap
+
+ la $sp,0($i1)
+ llgc $len,2*$SIZE_T-1($i1)
+ nill $len,0x0f # $len%=16
+ bzr $ra
+
+ # generate one more tweak...
+ lghi $i1,0x87
+ srag $i2,$s1,63 # broadcast upper bit
+ ngr $i1,$i2 # rem
+ algr $s0,$s0
+ alcgr $s1,$s1
+ xgr $s0,$i1
+
+ ltr $len,$len # clear zero flag
+ br $ra
+.size _s390x_xts_km,.-_s390x_xts_km
+
+.globl AES_xts_encrypt
+.type AES_xts_encrypt,\@function
+.align 16
+AES_xts_encrypt:
+ xgr %r3,%r4 # flip %r3 and %r4, $out and $len
+ xgr %r4,%r3
+ xgr %r3,%r4
+___
+$code.=<<___ if ($SIZE_T==4);
+ llgfr $len,$len
+___
+$code.=<<___;
+ st${g} $len,1*$SIZE_T($sp) # save copy of $len
+ srag $len,$len,4 # formally wrong, because it expands
+ # sign byte, but who can afford asking
+ # to process more than 2^63-1 bytes?
+ # I use it, because it sets condition
+ # code...
+ bcr 8,$ra # abort if zero (i.e. less than 16)
+___
+$code.=<<___ if (!$softonly);
+ llgf %r0,240($key2)
+ lhi %r1,16
+ clr %r0,%r1
+ jl .Lxts_enc_software
+
+ st${g} $ra,5*$SIZE_T($sp)
+ stm${g} %r6,$s3,6*$SIZE_T($sp)
+
+ sllg $len,$len,4 # $len&=~15
+ slgr $out,$inp
+
+ # generate the tweak value
+ l${g} $s3,$stdframe($sp) # pointer to iv
+ la $s2,$tweak($sp)
+ lmg $s0,$s1,0($s3)
+ lghi $s3,16
+ stmg $s0,$s1,0($s2)
+ la %r1,0($key2) # $key2 is not needed anymore
+ .long 0xb92e00aa # km $s2,$s2, generate the tweak
+ brc 1,.-4 # can this happen?
+
+ l %r0,240($key1)
+ la %r1,0($key1) # $key1 is not needed anymore
+ bras $ra,_s390x_xts_km
+ jz .Lxts_enc_km_done
+
+ aghi $inp,-16 # take one step back
+ la $i3,0($out,$inp) # put aside real $out
+.Lxts_enc_km_steal:
+ llgc $i1,16($inp)
+ llgc $i2,0($out,$inp)
+ stc $i1,0($out,$inp)
+ stc $i2,16($out,$inp)
+ la $inp,1($inp)
+ brct $len,.Lxts_enc_km_steal
+
+ la $s2,0($i3)
+ lghi $s3,16
+ lrvgr $i1,$s0 # flip byte order
+ lrvgr $i2,$s1
+ xg $i1,0($s2)
+ xg $i2,8($s2)
+ stg $i1,0($s2)
+ stg $i2,8($s2)
+ .long 0xb92e00aa # km $s2,$s2
+ brc 1,.-4 # can this happen?
+ lrvgr $i1,$s0 # flip byte order
+ lrvgr $i2,$s1
+ xg $i1,0($i3)
+ xg $i2,8($i3)
+ stg $i1,0($i3)
+ stg $i2,8($i3)
+
+.Lxts_enc_km_done:
+ stg $sp,$tweak+0($sp) # wipe tweak
+ stg $sp,$tweak+8($sp)
+ l${g} $ra,5*$SIZE_T($sp)
+ lm${g} %r6,$s3,6*$SIZE_T($sp)
+ br $ra
+.align 16
+.Lxts_enc_software:
+___
+$code.=<<___;
+ stm${g} %r6,$ra,6*$SIZE_T($sp)
+
+ slgr $out,$inp
+
+ l${g} $s3,$stdframe($sp) # ivp
+ llgf $s0,0($s3) # load iv
+ llgf $s1,4($s3)
+ llgf $s2,8($s3)
+ llgf $s3,12($s3)
+ stm${g} %r2,%r5,2*$SIZE_T($sp)
+ la $key,0($key2)
+ larl $tbl,AES_Te
+ bras $ra,_s390x_AES_encrypt # generate the tweak
+ lm${g} %r2,%r5,2*$SIZE_T($sp)
+ stm $s0,$s3,$tweak($sp) # save the tweak
+ j .Lxts_enc_enter
+
+.align 16
+.Lxts_enc_loop:
+ lrvg $s1,$tweak+0($sp) # load the tweak in little-endian
+ lrvg $s3,$tweak+8($sp)
+ lghi %r1,0x87
+ srag %r0,$s3,63 # broadcast upper bit
+ ngr %r1,%r0 # rem
+ algr $s1,$s1
+ alcgr $s3,$s3
+ xgr $s1,%r1
+ lrvgr $s1,$s1 # flip byte order
+ lrvgr $s3,$s3
+ srlg $s0,$s1,32 # smash the tweak to 4x32-bits
+ stg $s1,$tweak+0($sp) # save the tweak
+ llgfr $s1,$s1
+ srlg $s2,$s3,32
+ stg $s3,$tweak+8($sp)
+ llgfr $s3,$s3
+ la $inp,16($inp) # $inp+=16
+.Lxts_enc_enter:
+ x $s0,0($inp) # ^=*($inp)
+ x $s1,4($inp)
+ x $s2,8($inp)
+ x $s3,12($inp)
+ stm${g} %r2,%r3,2*$SIZE_T($sp) # only two registers are changing
+ la $key,0($key1)
+ bras $ra,_s390x_AES_encrypt
+ lm${g} %r2,%r5,2*$SIZE_T($sp)
+ x $s0,$tweak+0($sp) # ^=tweak
+ x $s1,$tweak+4($sp)
+ x $s2,$tweak+8($sp)
+ x $s3,$tweak+12($sp)
+ st $s0,0($out,$inp)
+ st $s1,4($out,$inp)
+ st $s2,8($out,$inp)
+ st $s3,12($out,$inp)
+ brct${g} $len,.Lxts_enc_loop
+
+ llgc $len,`2*$SIZE_T-1`($sp)
+ nill $len,0x0f # $len%16
+ jz .Lxts_enc_done
+
+ la $i3,0($inp,$out) # put aside real $out
+.Lxts_enc_steal:
+ llgc %r0,16($inp)
+ llgc %r1,0($out,$inp)
+ stc %r0,0($out,$inp)
+ stc %r1,16($out,$inp)
+ la $inp,1($inp)
+ brct $len,.Lxts_enc_steal
+ la $out,0($i3) # restore real $out
+
+ # generate last tweak...
+ lrvg $s1,$tweak+0($sp) # load the tweak in little-endian
+ lrvg $s3,$tweak+8($sp)
+ lghi %r1,0x87
+ srag %r0,$s3,63 # broadcast upper bit
+ ngr %r1,%r0 # rem
+ algr $s1,$s1
+ alcgr $s3,$s3
+ xgr $s1,%r1
+ lrvgr $s1,$s1 # flip byte order
+ lrvgr $s3,$s3
+ srlg $s0,$s1,32 # smash the tweak to 4x32-bits
+ stg $s1,$tweak+0($sp) # save the tweak
+ llgfr $s1,$s1
+ srlg $s2,$s3,32
+ stg $s3,$tweak+8($sp)
+ llgfr $s3,$s3
+
+ x $s0,0($out) # ^=*(inp)|stolen cipther-text
+ x $s1,4($out)
+ x $s2,8($out)
+ x $s3,12($out)
+ st${g} $out,4*$SIZE_T($sp)
+ la $key,0($key1)
+ bras $ra,_s390x_AES_encrypt
+ l${g} $out,4*$SIZE_T($sp)
+ x $s0,`$tweak+0`($sp) # ^=tweak
+ x $s1,`$tweak+4`($sp)
+ x $s2,`$tweak+8`($sp)
+ x $s3,`$tweak+12`($sp)
+ st $s0,0($out)
+ st $s1,4($out)
+ st $s2,8($out)
+ st $s3,12($out)
+
+.Lxts_enc_done:
+ stg $sp,$tweak+0($sp) # wipe tweak
+ stg $sp,$twesk+8($sp)
+ lm${g} %r6,$ra,6*$SIZE_T($sp)
+ br $ra
+.size AES_xts_encrypt,.-AES_xts_encrypt
+___
+# void AES_xts_decrypt(const char *inp,char *out,size_t len,
+# const AES_KEY *key1, const AES_KEY *key2,
+# const unsigned char iv[16]);
+#
+$code.=<<___;
+.globl AES_xts_decrypt
+.type AES_xts_decrypt,\@function
+.align 16
+AES_xts_decrypt:
+ xgr %r3,%r4 # flip %r3 and %r4, $out and $len
+ xgr %r4,%r3
+ xgr %r3,%r4
+___
+$code.=<<___ if ($SIZE_T==4);
+ llgfr $len,$len
+___
+$code.=<<___;
+ st${g} $len,1*$SIZE_T($sp) # save copy of $len
+ aghi $len,-16
+ bcr 4,$ra # abort if less than zero. formally
+ # wrong, because $len is unsigned,
+ # but who can afford asking to
+ # process more than 2^63-1 bytes?
+ tmll $len,0x0f
+ jnz .Lxts_dec_proceed
+ aghi $len,16
+.Lxts_dec_proceed:
+___
+$code.=<<___ if (!$softonly);
+ llgf %r0,240($key2)
+ lhi %r1,16
+ clr %r0,%r1
+ jl .Lxts_dec_software
+
+ st${g} $ra,5*$SIZE_T($sp)
+ stm${g} %r6,$s3,6*$SIZE_T($sp)
+
+ nill $len,0xfff0 # $len&=~15
+ slgr $out,$inp
+
+ # generate the tweak value
+ l${g} $s3,$stdframe($sp) # pointer to iv
+ la $s2,$tweak($sp)
+ lmg $s0,$s1,0($s3)
+ lghi $s3,16
+ stmg $s0,$s1,0($s2)
+ la %r1,0($key2) # $key2 is not needed past this point
+ .long 0xb92e00aa # km $s2,$s2, generate the tweak
+ brc 1,.-4 # can this happen?
+
+ l %r0,240($key1)
+ la %r1,0($key1) # $key1 is not needed anymore
+
+ ltgr $len,$len
+ jz .Lxts_dec_km_short
+ bras $ra,_s390x_xts_km
+ jz .Lxts_dec_km_done
+
+ lrvgr $s2,$s0 # make copy in reverse byte order
+ lrvgr $s3,$s1
+ j .Lxts_dec_km_2ndtweak
+
+.Lxts_dec_km_short:
+ llgc $len,`2*$SIZE_T-1`($sp)
+ nill $len,0x0f # $len%=16
+ lrvg $s0,$tweak+0($sp) # load the tweak
+ lrvg $s1,$tweak+8($sp)
+ lrvgr $s2,$s0 # make copy in reverse byte order
+ lrvgr $s3,$s1
+
+.Lxts_dec_km_2ndtweak:
+ lghi $i1,0x87
+ srag $i2,$s1,63 # broadcast upper bit
+ ngr $i1,$i2 # rem
+ algr $s0,$s0
+ alcgr $s1,$s1
+ xgr $s0,$i1
+ lrvgr $i1,$s0 # flip byte order
+ lrvgr $i2,$s1
+
+ xg $i1,0($inp)
+ xg $i2,8($inp)
+ stg $i1,0($out,$inp)
+ stg $i2,8($out,$inp)
+ la $i2,0($out,$inp)
+ lghi $i3,16
+ .long 0xb92e0066 # km $i2,$i2
+ brc 1,.-4 # can this happen?
+ lrvgr $i1,$s0
+ lrvgr $i2,$s1
+ xg $i1,0($out,$inp)
+ xg $i2,8($out,$inp)
+ stg $i1,0($out,$inp)
+ stg $i2,8($out,$inp)
+
+ la $i3,0($out,$inp) # put aside real $out
+.Lxts_dec_km_steal:
+ llgc $i1,16($inp)
+ llgc $i2,0($out,$inp)
+ stc $i1,0($out,$inp)
+ stc $i2,16($out,$inp)
+ la $inp,1($inp)
+ brct $len,.Lxts_dec_km_steal
+
+ lgr $s0,$s2
+ lgr $s1,$s3
+ xg $s0,0($i3)
+ xg $s1,8($i3)
+ stg $s0,0($i3)
+ stg $s1,8($i3)
+ la $s0,0($i3)
+ lghi $s1,16
+ .long 0xb92e0088 # km $s0,$s0
+ brc 1,.-4 # can this happen?
+ xg $s2,0($i3)
+ xg $s3,8($i3)
+ stg $s2,0($i3)
+ stg $s3,8($i3)
+.Lxts_dec_km_done:
+ stg $sp,$tweak+0($sp) # wipe tweak
+ stg $sp,$tweak+8($sp)
+ l${g} $ra,5*$SIZE_T($sp)
+ lm${g} %r6,$s3,6*$SIZE_T($sp)
+ br $ra
+.align 16
+.Lxts_dec_software:
+___
+$code.=<<___;
+ stm${g} %r6,$ra,6*$SIZE_T($sp)
+
+ srlg $len,$len,4
+ slgr $out,$inp
+
+ l${g} $s3,$stdframe($sp) # ivp
+ llgf $s0,0($s3) # load iv
+ llgf $s1,4($s3)
+ llgf $s2,8($s3)
+ llgf $s3,12($s3)
+ stm${g} %r2,%r5,2*$SIZE_T($sp)
+ la $key,0($key2)
+ larl $tbl,AES_Te
+ bras $ra,_s390x_AES_encrypt # generate the tweak
+ lm${g} %r2,%r5,2*$SIZE_T($sp)
+ larl $tbl,AES_Td
+ lt${g}r $len,$len
+ stm $s0,$s3,$tweak($sp) # save the tweak
+ jz .Lxts_dec_short
+ j .Lxts_dec_enter
+
+.align 16
+.Lxts_dec_loop:
+ lrvg $s1,$tweak+0($sp) # load the tweak in little-endian
+ lrvg $s3,$tweak+8($sp)
+ lghi %r1,0x87
+ srag %r0,$s3,63 # broadcast upper bit
+ ngr %r1,%r0 # rem
+ algr $s1,$s1
+ alcgr $s3,$s3
+ xgr $s1,%r1
+ lrvgr $s1,$s1 # flip byte order
+ lrvgr $s3,$s3
+ srlg $s0,$s1,32 # smash the tweak to 4x32-bits
+ stg $s1,$tweak+0($sp) # save the tweak
+ llgfr $s1,$s1
+ srlg $s2,$s3,32
+ stg $s3,$tweak+8($sp)
+ llgfr $s3,$s3
+.Lxts_dec_enter:
+ x $s0,0($inp) # tweak^=*(inp)
+ x $s1,4($inp)
+ x $s2,8($inp)
+ x $s3,12($inp)
+ stm${g} %r2,%r3,2*$SIZE_T($sp) # only two registers are changing
+ la $key,0($key1)
+ bras $ra,_s390x_AES_decrypt
+ lm${g} %r2,%r5,2*$SIZE_T($sp)
+ x $s0,$tweak+0($sp) # ^=tweak
+ x $s1,$tweak+4($sp)
+ x $s2,$tweak+8($sp)
+ x $s3,$tweak+12($sp)
+ st $s0,0($out,$inp)
+ st $s1,4($out,$inp)
+ st $s2,8($out,$inp)
+ st $s3,12($out,$inp)
+ la $inp,16($inp)
+ brct${g} $len,.Lxts_dec_loop
+
+ llgc $len,`2*$SIZE_T-1`($sp)
+ nill $len,0x0f # $len%16
+ jz .Lxts_dec_done
+
+ # generate pair of tweaks...
+ lrvg $s1,$tweak+0($sp) # load the tweak in little-endian
+ lrvg $s3,$tweak+8($sp)
+ lghi %r1,0x87
+ srag %r0,$s3,63 # broadcast upper bit
+ ngr %r1,%r0 # rem
+ algr $s1,$s1
+ alcgr $s3,$s3
+ xgr $s1,%r1
+ lrvgr $i2,$s1 # flip byte order
+ lrvgr $i3,$s3
+ stmg $i2,$i3,$tweak($sp) # save the 1st tweak
+ j .Lxts_dec_2ndtweak
+
+.align 16
+.Lxts_dec_short:
+ llgc $len,`2*$SIZE_T-1`($sp)
+ nill $len,0x0f # $len%16
+ lrvg $s1,$tweak+0($sp) # load the tweak in little-endian
+ lrvg $s3,$tweak+8($sp)
+.Lxts_dec_2ndtweak:
+ lghi %r1,0x87
+ srag %r0,$s3,63 # broadcast upper bit
+ ngr %r1,%r0 # rem
+ algr $s1,$s1
+ alcgr $s3,$s3
+ xgr $s1,%r1
+ lrvgr $s1,$s1 # flip byte order
+ lrvgr $s3,$s3
+ srlg $s0,$s1,32 # smash the tweak to 4x32-bits
+ stg $s1,$tweak-16+0($sp) # save the 2nd tweak
+ llgfr $s1,$s1
+ srlg $s2,$s3,32
+ stg $s3,$tweak-16+8($sp)
+ llgfr $s3,$s3
+
+ x $s0,0($inp) # tweak_the_2nd^=*(inp)
+ x $s1,4($inp)
+ x $s2,8($inp)
+ x $s3,12($inp)
+ stm${g} %r2,%r3,2*$SIZE_T($sp)
+ la $key,0($key1)
+ bras $ra,_s390x_AES_decrypt
+ lm${g} %r2,%r5,2*$SIZE_T($sp)
+ x $s0,$tweak-16+0($sp) # ^=tweak_the_2nd
+ x $s1,$tweak-16+4($sp)
+ x $s2,$tweak-16+8($sp)
+ x $s3,$tweak-16+12($sp)
+ st $s0,0($out,$inp)
+ st $s1,4($out,$inp)
+ st $s2,8($out,$inp)
+ st $s3,12($out,$inp)
+
+ la $i3,0($out,$inp) # put aside real $out
+.Lxts_dec_steal:
+ llgc %r0,16($inp)
+ llgc %r1,0($out,$inp)
+ stc %r0,0($out,$inp)
+ stc %r1,16($out,$inp)
+ la $inp,1($inp)
+ brct $len,.Lxts_dec_steal
+ la $out,0($i3) # restore real $out
+
+ lm $s0,$s3,$tweak($sp) # load the 1st tweak
+ x $s0,0($out) # tweak^=*(inp)|stolen cipher-text
+ x $s1,4($out)
+ x $s2,8($out)
+ x $s3,12($out)
+ st${g} $out,4*$SIZE_T($sp)
+ la $key,0($key1)
+ bras $ra,_s390x_AES_decrypt
+ l${g} $out,4*$SIZE_T($sp)
+ x $s0,$tweak+0($sp) # ^=tweak
+ x $s1,$tweak+4($sp)
+ x $s2,$tweak+8($sp)
+ x $s3,$tweak+12($sp)
+ st $s0,0($out)
+ st $s1,4($out)
+ st $s2,8($out)
+ st $s3,12($out)
+ stg $sp,$tweak-16+0($sp) # wipe 2nd tweak
+ stg $sp,$tweak-16+8($sp)
+.Lxts_dec_done:
+ stg $sp,$tweak+0($sp) # wipe tweak
+ stg $sp,$twesk+8($sp)
+ lm${g} %r6,$ra,6*$SIZE_T($sp)
+ br $ra
+.size AES_xts_decrypt,.-AES_xts_decrypt
+___
+}
+$code.=<<___;
+.string "AES for s390x, CRYPTOGAMS by <appro\@openssl.org>"
+.comm OPENSSL_s390xcap_P,16,8
+___
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+print $code;
+close STDOUT; # force flush
Copied: trunk/crypto/openssl/crypto/aes/asm/aes-sparcv9.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/aes/asm/aes-sparcv9.pl)
===================================================================
--- trunk/crypto/openssl/crypto/aes/asm/aes-sparcv9.pl (rev 0)
+++ trunk/crypto/openssl/crypto/aes/asm/aes-sparcv9.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,1182 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+# project. Rights for redistribution and usage in source and binary
+# forms are granted according to the OpenSSL license.
+# ====================================================================
+#
+# Version 1.1
+#
+# The major reason for undertaken effort was to mitigate the hazard of
+# cache-timing attack. This is [currently and initially!] addressed in
+# two ways. 1. S-boxes are compressed from 5KB to 2KB+256B size each.
+# 2. References to them are scheduled for L2 cache latency, meaning
+# that the tables don't have to reside in L1 cache. Once again, this
+# is an initial draft and one should expect more countermeasures to
+# be implemented...
+#
+# Version 1.1 prefetches T[ed]4 in order to mitigate attack on last
+# round.
+#
+# Even though performance was not the primary goal [on the contrary,
+# extra shifts "induced" by compressed S-box and longer loop epilogue
+# "induced" by scheduling for L2 have negative effect on performance],
+# the code turned out to run in ~23 cycles per processed byte en-/
+# decrypted with 128-bit key. This is pretty good result for code
+# with mentioned qualities and UltraSPARC core. Compared to Sun C
+# generated code my encrypt procedure runs just few percents faster,
+# while decrypt one - whole 50% faster [yes, Sun C failed to generate
+# optimal decrypt procedure]. Compared to GNU C generated code both
+# procedures are more than 60% faster:-)
+
+$bits=32;
+for (@ARGV) { $bits=64 if (/\-m64/ || /\-xarch\=v9/); }
+if ($bits==64) { $bias=2047; $frame=192; }
+else { $bias=0; $frame=112; }
+$locals=16;
+
+$acc0="%l0";
+$acc1="%o0";
+$acc2="%o1";
+$acc3="%o2";
+
+$acc4="%l1";
+$acc5="%o3";
+$acc6="%o4";
+$acc7="%o5";
+
+$acc8="%l2";
+$acc9="%o7";
+$acc10="%g1";
+$acc11="%g2";
+
+$acc12="%l3";
+$acc13="%g3";
+$acc14="%g4";
+$acc15="%g5";
+
+$t0="%l4";
+$t1="%l5";
+$t2="%l6";
+$t3="%l7";
+
+$s0="%i0";
+$s1="%i1";
+$s2="%i2";
+$s3="%i3";
+$tbl="%i4";
+$key="%i5";
+$rounds="%i7"; # aliases with return address, which is off-loaded to stack
+
+sub _data_word()
+{ my $i;
+ while(defined($i=shift)) { $code.=sprintf"\t.long\t0x%08x,0x%08x\n",$i,$i; }
+}
+
+$code.=<<___ if ($bits==64);
+.register %g2,#scratch
+.register %g3,#scratch
+___
+$code.=<<___;
+.section ".text",#alloc,#execinstr
+
+.align 256
+AES_Te:
+___
+&_data_word(
+ 0xc66363a5, 0xf87c7c84, 0xee777799, 0xf67b7b8d,
+ 0xfff2f20d, 0xd66b6bbd, 0xde6f6fb1, 0x91c5c554,
+ 0x60303050, 0x02010103, 0xce6767a9, 0x562b2b7d,
+ 0xe7fefe19, 0xb5d7d762, 0x4dababe6, 0xec76769a,
+ 0x8fcaca45, 0x1f82829d, 0x89c9c940, 0xfa7d7d87,
+ 0xeffafa15, 0xb25959eb, 0x8e4747c9, 0xfbf0f00b,
+ 0x41adadec, 0xb3d4d467, 0x5fa2a2fd, 0x45afafea,
+ 0x239c9cbf, 0x53a4a4f7, 0xe4727296, 0x9bc0c05b,
+ 0x75b7b7c2, 0xe1fdfd1c, 0x3d9393ae, 0x4c26266a,
+ 0x6c36365a, 0x7e3f3f41, 0xf5f7f702, 0x83cccc4f,
+ 0x6834345c, 0x51a5a5f4, 0xd1e5e534, 0xf9f1f108,
+ 0xe2717193, 0xabd8d873, 0x62313153, 0x2a15153f,
+ 0x0804040c, 0x95c7c752, 0x46232365, 0x9dc3c35e,
+ 0x30181828, 0x379696a1, 0x0a05050f, 0x2f9a9ab5,
+ 0x0e070709, 0x24121236, 0x1b80809b, 0xdfe2e23d,
+ 0xcdebeb26, 0x4e272769, 0x7fb2b2cd, 0xea75759f,
+ 0x1209091b, 0x1d83839e, 0x582c2c74, 0x341a1a2e,
+ 0x361b1b2d, 0xdc6e6eb2, 0xb45a5aee, 0x5ba0a0fb,
+ 0xa45252f6, 0x763b3b4d, 0xb7d6d661, 0x7db3b3ce,
+ 0x5229297b, 0xdde3e33e, 0x5e2f2f71, 0x13848497,
+ 0xa65353f5, 0xb9d1d168, 0x00000000, 0xc1eded2c,
+ 0x40202060, 0xe3fcfc1f, 0x79b1b1c8, 0xb65b5bed,
+ 0xd46a6abe, 0x8dcbcb46, 0x67bebed9, 0x7239394b,
+ 0x944a4ade, 0x984c4cd4, 0xb05858e8, 0x85cfcf4a,
+ 0xbbd0d06b, 0xc5efef2a, 0x4faaaae5, 0xedfbfb16,
+ 0x864343c5, 0x9a4d4dd7, 0x66333355, 0x11858594,
+ 0x8a4545cf, 0xe9f9f910, 0x04020206, 0xfe7f7f81,
+ 0xa05050f0, 0x783c3c44, 0x259f9fba, 0x4ba8a8e3,
+ 0xa25151f3, 0x5da3a3fe, 0x804040c0, 0x058f8f8a,
+ 0x3f9292ad, 0x219d9dbc, 0x70383848, 0xf1f5f504,
+ 0x63bcbcdf, 0x77b6b6c1, 0xafdada75, 0x42212163,
+ 0x20101030, 0xe5ffff1a, 0xfdf3f30e, 0xbfd2d26d,
+ 0x81cdcd4c, 0x180c0c14, 0x26131335, 0xc3ecec2f,
+ 0xbe5f5fe1, 0x359797a2, 0x884444cc, 0x2e171739,
+ 0x93c4c457, 0x55a7a7f2, 0xfc7e7e82, 0x7a3d3d47,
+ 0xc86464ac, 0xba5d5de7, 0x3219192b, 0xe6737395,
+ 0xc06060a0, 0x19818198, 0x9e4f4fd1, 0xa3dcdc7f,
+ 0x44222266, 0x542a2a7e, 0x3b9090ab, 0x0b888883,
+ 0x8c4646ca, 0xc7eeee29, 0x6bb8b8d3, 0x2814143c,
+ 0xa7dede79, 0xbc5e5ee2, 0x160b0b1d, 0xaddbdb76,
+ 0xdbe0e03b, 0x64323256, 0x743a3a4e, 0x140a0a1e,
+ 0x924949db, 0x0c06060a, 0x4824246c, 0xb85c5ce4,
+ 0x9fc2c25d, 0xbdd3d36e, 0x43acacef, 0xc46262a6,
+ 0x399191a8, 0x319595a4, 0xd3e4e437, 0xf279798b,
+ 0xd5e7e732, 0x8bc8c843, 0x6e373759, 0xda6d6db7,
+ 0x018d8d8c, 0xb1d5d564, 0x9c4e4ed2, 0x49a9a9e0,
+ 0xd86c6cb4, 0xac5656fa, 0xf3f4f407, 0xcfeaea25,
+ 0xca6565af, 0xf47a7a8e, 0x47aeaee9, 0x10080818,
+ 0x6fbabad5, 0xf0787888, 0x4a25256f, 0x5c2e2e72,
+ 0x381c1c24, 0x57a6a6f1, 0x73b4b4c7, 0x97c6c651,
+ 0xcbe8e823, 0xa1dddd7c, 0xe874749c, 0x3e1f1f21,
+ 0x964b4bdd, 0x61bdbddc, 0x0d8b8b86, 0x0f8a8a85,
+ 0xe0707090, 0x7c3e3e42, 0x71b5b5c4, 0xcc6666aa,
+ 0x904848d8, 0x06030305, 0xf7f6f601, 0x1c0e0e12,
+ 0xc26161a3, 0x6a35355f, 0xae5757f9, 0x69b9b9d0,
+ 0x17868691, 0x99c1c158, 0x3a1d1d27, 0x279e9eb9,
+ 0xd9e1e138, 0xebf8f813, 0x2b9898b3, 0x22111133,
+ 0xd26969bb, 0xa9d9d970, 0x078e8e89, 0x339494a7,
+ 0x2d9b9bb6, 0x3c1e1e22, 0x15878792, 0xc9e9e920,
+ 0x87cece49, 0xaa5555ff, 0x50282878, 0xa5dfdf7a,
+ 0x038c8c8f, 0x59a1a1f8, 0x09898980, 0x1a0d0d17,
+ 0x65bfbfda, 0xd7e6e631, 0x844242c6, 0xd06868b8,
+ 0x824141c3, 0x299999b0, 0x5a2d2d77, 0x1e0f0f11,
+ 0x7bb0b0cb, 0xa85454fc, 0x6dbbbbd6, 0x2c16163a);
+$code.=<<___;
+ .byte 0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5
+ .byte 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76
+ .byte 0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0
+ .byte 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0
+ .byte 0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc
+ .byte 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15
+ .byte 0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a
+ .byte 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75
+ .byte 0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0
+ .byte 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84
+ .byte 0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b
+ .byte 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf
+ .byte 0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85
+ .byte 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8
+ .byte 0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5
+ .byte 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2
+ .byte 0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17
+ .byte 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73
+ .byte 0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88
+ .byte 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb
+ .byte 0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c
+ .byte 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79
+ .byte 0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9
+ .byte 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08
+ .byte 0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6
+ .byte 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a
+ .byte 0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e
+ .byte 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e
+ .byte 0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94
+ .byte 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf
+ .byte 0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68
+ .byte 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16
+.type AES_Te,#object
+.size AES_Te,(.-AES_Te)
+
+.align 64
+.skip 16
+_sparcv9_AES_encrypt:
+ save %sp,-$frame-$locals,%sp
+ stx %i7,[%sp+$bias+$frame+0] ! off-load return address
+ ld [$key+240],$rounds
+ ld [$key+0],$t0
+ ld [$key+4],$t1 !
+ ld [$key+8],$t2
+ srl $rounds,1,$rounds
+ xor $t0,$s0,$s0
+ ld [$key+12],$t3
+ srl $s0,21,$acc0
+ xor $t1,$s1,$s1
+ ld [$key+16],$t0
+ srl $s1,13,$acc1 !
+ xor $t2,$s2,$s2
+ ld [$key+20],$t1
+ xor $t3,$s3,$s3
+ ld [$key+24],$t2
+ and $acc0,2040,$acc0
+ ld [$key+28],$t3
+ nop
+.Lenc_loop:
+ srl $s2,5,$acc2 !
+ and $acc1,2040,$acc1
+ ldx [$tbl+$acc0],$acc0
+ sll $s3,3,$acc3
+ and $acc2,2040,$acc2
+ ldx [$tbl+$acc1],$acc1
+ srl $s1,21,$acc4
+ and $acc3,2040,$acc3
+ ldx [$tbl+$acc2],$acc2 !
+ srl $s2,13,$acc5
+ and $acc4,2040,$acc4
+ ldx [$tbl+$acc3],$acc3
+ srl $s3,5,$acc6
+ and $acc5,2040,$acc5
+ ldx [$tbl+$acc4],$acc4
+ fmovs %f0,%f0
+ sll $s0,3,$acc7 !
+ and $acc6,2040,$acc6
+ ldx [$tbl+$acc5],$acc5
+ srl $s2,21,$acc8
+ and $acc7,2040,$acc7
+ ldx [$tbl+$acc6],$acc6
+ srl $s3,13,$acc9
+ and $acc8,2040,$acc8
+ ldx [$tbl+$acc7],$acc7 !
+ srl $s0,5,$acc10
+ and $acc9,2040,$acc9
+ ldx [$tbl+$acc8],$acc8
+ sll $s1,3,$acc11
+ and $acc10,2040,$acc10
+ ldx [$tbl+$acc9],$acc9
+ fmovs %f0,%f0
+ srl $s3,21,$acc12 !
+ and $acc11,2040,$acc11
+ ldx [$tbl+$acc10],$acc10
+ srl $s0,13,$acc13
+ and $acc12,2040,$acc12
+ ldx [$tbl+$acc11],$acc11
+ srl $s1,5,$acc14
+ and $acc13,2040,$acc13
+ ldx [$tbl+$acc12],$acc12 !
+ sll $s2,3,$acc15
+ and $acc14,2040,$acc14
+ ldx [$tbl+$acc13],$acc13
+ and $acc15,2040,$acc15
+ add $key,32,$key
+ ldx [$tbl+$acc14],$acc14
+ fmovs %f0,%f0
+ subcc $rounds,1,$rounds !
+ ldx [$tbl+$acc15],$acc15
+ bz,a,pn %icc,.Lenc_last
+ add $tbl,2048,$rounds
+
+ srlx $acc1,8,$acc1
+ xor $acc0,$t0,$t0
+ ld [$key+0],$s0
+ fmovs %f0,%f0
+ srlx $acc2,16,$acc2 !
+ xor $acc1,$t0,$t0
+ ld [$key+4],$s1
+ srlx $acc3,24,$acc3
+ xor $acc2,$t0,$t0
+ ld [$key+8],$s2
+ srlx $acc5,8,$acc5
+ xor $acc3,$t0,$t0
+ ld [$key+12],$s3 !
+ srlx $acc6,16,$acc6
+ xor $acc4,$t1,$t1
+ fmovs %f0,%f0
+ srlx $acc7,24,$acc7
+ xor $acc5,$t1,$t1
+ srlx $acc9,8,$acc9
+ xor $acc6,$t1,$t1
+ srlx $acc10,16,$acc10 !
+ xor $acc7,$t1,$t1
+ srlx $acc11,24,$acc11
+ xor $acc8,$t2,$t2
+ srlx $acc13,8,$acc13
+ xor $acc9,$t2,$t2
+ srlx $acc14,16,$acc14
+ xor $acc10,$t2,$t2
+ srlx $acc15,24,$acc15 !
+ xor $acc11,$t2,$t2
+ xor $acc12,$acc14,$acc14
+ xor $acc13,$t3,$t3
+ srl $t0,21,$acc0
+ xor $acc14,$t3,$t3
+ srl $t1,13,$acc1
+ xor $acc15,$t3,$t3
+
+ and $acc0,2040,$acc0 !
+ srl $t2,5,$acc2
+ and $acc1,2040,$acc1
+ ldx [$tbl+$acc0],$acc0
+ sll $t3,3,$acc3
+ and $acc2,2040,$acc2
+ ldx [$tbl+$acc1],$acc1
+ fmovs %f0,%f0
+ srl $t1,21,$acc4 !
+ and $acc3,2040,$acc3
+ ldx [$tbl+$acc2],$acc2
+ srl $t2,13,$acc5
+ and $acc4,2040,$acc4
+ ldx [$tbl+$acc3],$acc3
+ srl $t3,5,$acc6
+ and $acc5,2040,$acc5
+ ldx [$tbl+$acc4],$acc4 !
+ sll $t0,3,$acc7
+ and $acc6,2040,$acc6
+ ldx [$tbl+$acc5],$acc5
+ srl $t2,21,$acc8
+ and $acc7,2040,$acc7
+ ldx [$tbl+$acc6],$acc6
+ fmovs %f0,%f0
+ srl $t3,13,$acc9 !
+ and $acc8,2040,$acc8
+ ldx [$tbl+$acc7],$acc7
+ srl $t0,5,$acc10
+ and $acc9,2040,$acc9
+ ldx [$tbl+$acc8],$acc8
+ sll $t1,3,$acc11
+ and $acc10,2040,$acc10
+ ldx [$tbl+$acc9],$acc9 !
+ srl $t3,21,$acc12
+ and $acc11,2040,$acc11
+ ldx [$tbl+$acc10],$acc10
+ srl $t0,13,$acc13
+ and $acc12,2040,$acc12
+ ldx [$tbl+$acc11],$acc11
+ fmovs %f0,%f0
+ srl $t1,5,$acc14 !
+ and $acc13,2040,$acc13
+ ldx [$tbl+$acc12],$acc12
+ sll $t2,3,$acc15
+ and $acc14,2040,$acc14
+ ldx [$tbl+$acc13],$acc13
+ srlx $acc1,8,$acc1
+ and $acc15,2040,$acc15
+ ldx [$tbl+$acc14],$acc14 !
+
+ srlx $acc2,16,$acc2
+ xor $acc0,$s0,$s0
+ ldx [$tbl+$acc15],$acc15
+ srlx $acc3,24,$acc3
+ xor $acc1,$s0,$s0
+ ld [$key+16],$t0
+ fmovs %f0,%f0
+ srlx $acc5,8,$acc5 !
+ xor $acc2,$s0,$s0
+ ld [$key+20],$t1
+ srlx $acc6,16,$acc6
+ xor $acc3,$s0,$s0
+ ld [$key+24],$t2
+ srlx $acc7,24,$acc7
+ xor $acc4,$s1,$s1
+ ld [$key+28],$t3 !
+ srlx $acc9,8,$acc9
+ xor $acc5,$s1,$s1
+ ldx [$tbl+2048+0],%g0 ! prefetch te4
+ srlx $acc10,16,$acc10
+ xor $acc6,$s1,$s1
+ ldx [$tbl+2048+32],%g0 ! prefetch te4
+ srlx $acc11,24,$acc11
+ xor $acc7,$s1,$s1
+ ldx [$tbl+2048+64],%g0 ! prefetch te4
+ srlx $acc13,8,$acc13
+ xor $acc8,$s2,$s2
+ ldx [$tbl+2048+96],%g0 ! prefetch te4
+ srlx $acc14,16,$acc14 !
+ xor $acc9,$s2,$s2
+ ldx [$tbl+2048+128],%g0 ! prefetch te4
+ srlx $acc15,24,$acc15
+ xor $acc10,$s2,$s2
+ ldx [$tbl+2048+160],%g0 ! prefetch te4
+ srl $s0,21,$acc0
+ xor $acc11,$s2,$s2
+ ldx [$tbl+2048+192],%g0 ! prefetch te4
+ xor $acc12,$acc14,$acc14
+ xor $acc13,$s3,$s3
+ ldx [$tbl+2048+224],%g0 ! prefetch te4
+ srl $s1,13,$acc1 !
+ xor $acc14,$s3,$s3
+ xor $acc15,$s3,$s3
+ ba .Lenc_loop
+ and $acc0,2040,$acc0
+
+.align 32
+.Lenc_last:
+ srlx $acc1,8,$acc1 !
+ xor $acc0,$t0,$t0
+ ld [$key+0],$s0
+ srlx $acc2,16,$acc2
+ xor $acc1,$t0,$t0
+ ld [$key+4],$s1
+ srlx $acc3,24,$acc3
+ xor $acc2,$t0,$t0
+ ld [$key+8],$s2 !
+ srlx $acc5,8,$acc5
+ xor $acc3,$t0,$t0
+ ld [$key+12],$s3
+ srlx $acc6,16,$acc6
+ xor $acc4,$t1,$t1
+ srlx $acc7,24,$acc7
+ xor $acc5,$t1,$t1
+ srlx $acc9,8,$acc9 !
+ xor $acc6,$t1,$t1
+ srlx $acc10,16,$acc10
+ xor $acc7,$t1,$t1
+ srlx $acc11,24,$acc11
+ xor $acc8,$t2,$t2
+ srlx $acc13,8,$acc13
+ xor $acc9,$t2,$t2
+ srlx $acc14,16,$acc14 !
+ xor $acc10,$t2,$t2
+ srlx $acc15,24,$acc15
+ xor $acc11,$t2,$t2
+ xor $acc12,$acc14,$acc14
+ xor $acc13,$t3,$t3
+ srl $t0,24,$acc0
+ xor $acc14,$t3,$t3
+ srl $t1,16,$acc1 !
+ xor $acc15,$t3,$t3
+
+ srl $t2,8,$acc2
+ and $acc1,255,$acc1
+ ldub [$rounds+$acc0],$acc0
+ srl $t1,24,$acc4
+ and $acc2,255,$acc2
+ ldub [$rounds+$acc1],$acc1
+ srl $t2,16,$acc5 !
+ and $t3,255,$acc3
+ ldub [$rounds+$acc2],$acc2
+ ldub [$rounds+$acc3],$acc3
+ srl $t3,8,$acc6
+ and $acc5,255,$acc5
+ ldub [$rounds+$acc4],$acc4
+ fmovs %f0,%f0
+ srl $t2,24,$acc8 !
+ and $acc6,255,$acc6
+ ldub [$rounds+$acc5],$acc5
+ srl $t3,16,$acc9
+ and $t0,255,$acc7
+ ldub [$rounds+$acc6],$acc6
+ ldub [$rounds+$acc7],$acc7
+ fmovs %f0,%f0
+ srl $t0,8,$acc10 !
+ and $acc9,255,$acc9
+ ldub [$rounds+$acc8],$acc8
+ srl $t3,24,$acc12
+ and $acc10,255,$acc10
+ ldub [$rounds+$acc9],$acc9
+ srl $t0,16,$acc13
+ and $t1,255,$acc11
+ ldub [$rounds+$acc10],$acc10 !
+ srl $t1,8,$acc14
+ and $acc13,255,$acc13
+ ldub [$rounds+$acc11],$acc11
+ ldub [$rounds+$acc12],$acc12
+ and $acc14,255,$acc14
+ ldub [$rounds+$acc13],$acc13
+ and $t2,255,$acc15
+ ldub [$rounds+$acc14],$acc14 !
+
+ sll $acc0,24,$acc0
+ xor $acc3,$s0,$s0
+ ldub [$rounds+$acc15],$acc15
+ sll $acc1,16,$acc1
+ xor $acc0,$s0,$s0
+ ldx [%sp+$bias+$frame+0],%i7 ! restore return address
+ fmovs %f0,%f0
+ sll $acc2,8,$acc2 !
+ xor $acc1,$s0,$s0
+ sll $acc4,24,$acc4
+ xor $acc2,$s0,$s0
+ sll $acc5,16,$acc5
+ xor $acc7,$s1,$s1
+ sll $acc6,8,$acc6
+ xor $acc4,$s1,$s1
+ sll $acc8,24,$acc8 !
+ xor $acc5,$s1,$s1
+ sll $acc9,16,$acc9
+ xor $acc11,$s2,$s2
+ sll $acc10,8,$acc10
+ xor $acc6,$s1,$s1
+ sll $acc12,24,$acc12
+ xor $acc8,$s2,$s2
+ sll $acc13,16,$acc13 !
+ xor $acc9,$s2,$s2
+ sll $acc14,8,$acc14
+ xor $acc10,$s2,$s2
+ xor $acc12,$acc14,$acc14
+ xor $acc13,$s3,$s3
+ xor $acc14,$s3,$s3
+ xor $acc15,$s3,$s3
+
+ ret
+ restore
+.type _sparcv9_AES_encrypt,#function
+.size _sparcv9_AES_encrypt,(.-_sparcv9_AES_encrypt)
+
+.align 32
+.globl AES_encrypt
+AES_encrypt:
+ or %o0,%o1,%g1
+ andcc %g1,3,%g0
+ bnz,pn %xcc,.Lunaligned_enc
+ save %sp,-$frame,%sp
+
+ ld [%i0+0],%o0
+ ld [%i0+4],%o1
+ ld [%i0+8],%o2
+ ld [%i0+12],%o3
+
+1: call .+8
+ add %o7,AES_Te-1b,%o4
+ call _sparcv9_AES_encrypt
+ mov %i2,%o5
+
+ st %o0,[%i1+0]
+ st %o1,[%i1+4]
+ st %o2,[%i1+8]
+ st %o3,[%i1+12]
+
+ ret
+ restore
+
+.align 32
+.Lunaligned_enc:
+ ldub [%i0+0],%l0
+ ldub [%i0+1],%l1
+ ldub [%i0+2],%l2
+
+ sll %l0,24,%l0
+ ldub [%i0+3],%l3
+ sll %l1,16,%l1
+ ldub [%i0+4],%l4
+ sll %l2,8,%l2
+ or %l1,%l0,%l0
+ ldub [%i0+5],%l5
+ sll %l4,24,%l4
+ or %l3,%l2,%l2
+ ldub [%i0+6],%l6
+ sll %l5,16,%l5
+ or %l0,%l2,%o0
+ ldub [%i0+7],%l7
+
+ sll %l6,8,%l6
+ or %l5,%l4,%l4
+ ldub [%i0+8],%l0
+ or %l7,%l6,%l6
+ ldub [%i0+9],%l1
+ or %l4,%l6,%o1
+ ldub [%i0+10],%l2
+
+ sll %l0,24,%l0
+ ldub [%i0+11],%l3
+ sll %l1,16,%l1
+ ldub [%i0+12],%l4
+ sll %l2,8,%l2
+ or %l1,%l0,%l0
+ ldub [%i0+13],%l5
+ sll %l4,24,%l4
+ or %l3,%l2,%l2
+ ldub [%i0+14],%l6
+ sll %l5,16,%l5
+ or %l0,%l2,%o2
+ ldub [%i0+15],%l7
+
+ sll %l6,8,%l6
+ or %l5,%l4,%l4
+ or %l7,%l6,%l6
+ or %l4,%l6,%o3
+
+1: call .+8
+ add %o7,AES_Te-1b,%o4
+ call _sparcv9_AES_encrypt
+ mov %i2,%o5
+
+ srl %o0,24,%l0
+ srl %o0,16,%l1
+ stb %l0,[%i1+0]
+ srl %o0,8,%l2
+ stb %l1,[%i1+1]
+ stb %l2,[%i1+2]
+ srl %o1,24,%l4
+ stb %o0,[%i1+3]
+
+ srl %o1,16,%l5
+ stb %l4,[%i1+4]
+ srl %o1,8,%l6
+ stb %l5,[%i1+5]
+ stb %l6,[%i1+6]
+ srl %o2,24,%l0
+ stb %o1,[%i1+7]
+
+ srl %o2,16,%l1
+ stb %l0,[%i1+8]
+ srl %o2,8,%l2
+ stb %l1,[%i1+9]
+ stb %l2,[%i1+10]
+ srl %o3,24,%l4
+ stb %o2,[%i1+11]
+
+ srl %o3,16,%l5
+ stb %l4,[%i1+12]
+ srl %o3,8,%l6
+ stb %l5,[%i1+13]
+ stb %l6,[%i1+14]
+ stb %o3,[%i1+15]
+
+ ret
+ restore
+.type AES_encrypt,#function
+.size AES_encrypt,(.-AES_encrypt)
+
+___
+
+$code.=<<___;
+.align 256
+AES_Td:
+___
+&_data_word(
+ 0x51f4a750, 0x7e416553, 0x1a17a4c3, 0x3a275e96,
+ 0x3bab6bcb, 0x1f9d45f1, 0xacfa58ab, 0x4be30393,
+ 0x2030fa55, 0xad766df6, 0x88cc7691, 0xf5024c25,
+ 0x4fe5d7fc, 0xc52acbd7, 0x26354480, 0xb562a38f,
+ 0xdeb15a49, 0x25ba1b67, 0x45ea0e98, 0x5dfec0e1,
+ 0xc32f7502, 0x814cf012, 0x8d4697a3, 0x6bd3f9c6,
+ 0x038f5fe7, 0x15929c95, 0xbf6d7aeb, 0x955259da,
+ 0xd4be832d, 0x587421d3, 0x49e06929, 0x8ec9c844,
+ 0x75c2896a, 0xf48e7978, 0x99583e6b, 0x27b971dd,
+ 0xbee14fb6, 0xf088ad17, 0xc920ac66, 0x7dce3ab4,
+ 0x63df4a18, 0xe51a3182, 0x97513360, 0x62537f45,
+ 0xb16477e0, 0xbb6bae84, 0xfe81a01c, 0xf9082b94,
+ 0x70486858, 0x8f45fd19, 0x94de6c87, 0x527bf8b7,
+ 0xab73d323, 0x724b02e2, 0xe31f8f57, 0x6655ab2a,
+ 0xb2eb2807, 0x2fb5c203, 0x86c57b9a, 0xd33708a5,
+ 0x302887f2, 0x23bfa5b2, 0x02036aba, 0xed16825c,
+ 0x8acf1c2b, 0xa779b492, 0xf307f2f0, 0x4e69e2a1,
+ 0x65daf4cd, 0x0605bed5, 0xd134621f, 0xc4a6fe8a,
+ 0x342e539d, 0xa2f355a0, 0x058ae132, 0xa4f6eb75,
+ 0x0b83ec39, 0x4060efaa, 0x5e719f06, 0xbd6e1051,
+ 0x3e218af9, 0x96dd063d, 0xdd3e05ae, 0x4de6bd46,
+ 0x91548db5, 0x71c45d05, 0x0406d46f, 0x605015ff,
+ 0x1998fb24, 0xd6bde997, 0x894043cc, 0x67d99e77,
+ 0xb0e842bd, 0x07898b88, 0xe7195b38, 0x79c8eedb,
+ 0xa17c0a47, 0x7c420fe9, 0xf8841ec9, 0x00000000,
+ 0x09808683, 0x322bed48, 0x1e1170ac, 0x6c5a724e,
+ 0xfd0efffb, 0x0f853856, 0x3daed51e, 0x362d3927,
+ 0x0a0fd964, 0x685ca621, 0x9b5b54d1, 0x24362e3a,
+ 0x0c0a67b1, 0x9357e70f, 0xb4ee96d2, 0x1b9b919e,
+ 0x80c0c54f, 0x61dc20a2, 0x5a774b69, 0x1c121a16,
+ 0xe293ba0a, 0xc0a02ae5, 0x3c22e043, 0x121b171d,
+ 0x0e090d0b, 0xf28bc7ad, 0x2db6a8b9, 0x141ea9c8,
+ 0x57f11985, 0xaf75074c, 0xee99ddbb, 0xa37f60fd,
+ 0xf701269f, 0x5c72f5bc, 0x44663bc5, 0x5bfb7e34,
+ 0x8b432976, 0xcb23c6dc, 0xb6edfc68, 0xb8e4f163,
+ 0xd731dcca, 0x42638510, 0x13972240, 0x84c61120,
+ 0x854a247d, 0xd2bb3df8, 0xaef93211, 0xc729a16d,
+ 0x1d9e2f4b, 0xdcb230f3, 0x0d8652ec, 0x77c1e3d0,
+ 0x2bb3166c, 0xa970b999, 0x119448fa, 0x47e96422,
+ 0xa8fc8cc4, 0xa0f03f1a, 0x567d2cd8, 0x223390ef,
+ 0x87494ec7, 0xd938d1c1, 0x8ccaa2fe, 0x98d40b36,
+ 0xa6f581cf, 0xa57ade28, 0xdab78e26, 0x3fadbfa4,
+ 0x2c3a9de4, 0x5078920d, 0x6a5fcc9b, 0x547e4662,
+ 0xf68d13c2, 0x90d8b8e8, 0x2e39f75e, 0x82c3aff5,
+ 0x9f5d80be, 0x69d0937c, 0x6fd52da9, 0xcf2512b3,
+ 0xc8ac993b, 0x10187da7, 0xe89c636e, 0xdb3bbb7b,
+ 0xcd267809, 0x6e5918f4, 0xec9ab701, 0x834f9aa8,
+ 0xe6956e65, 0xaaffe67e, 0x21bccf08, 0xef15e8e6,
+ 0xbae79bd9, 0x4a6f36ce, 0xea9f09d4, 0x29b07cd6,
+ 0x31a4b2af, 0x2a3f2331, 0xc6a59430, 0x35a266c0,
+ 0x744ebc37, 0xfc82caa6, 0xe090d0b0, 0x33a7d815,
+ 0xf104984a, 0x41ecdaf7, 0x7fcd500e, 0x1791f62f,
+ 0x764dd68d, 0x43efb04d, 0xccaa4d54, 0xe49604df,
+ 0x9ed1b5e3, 0x4c6a881b, 0xc12c1fb8, 0x4665517f,
+ 0x9d5eea04, 0x018c355d, 0xfa877473, 0xfb0b412e,
+ 0xb3671d5a, 0x92dbd252, 0xe9105633, 0x6dd64713,
+ 0x9ad7618c, 0x37a10c7a, 0x59f8148e, 0xeb133c89,
+ 0xcea927ee, 0xb761c935, 0xe11ce5ed, 0x7a47b13c,
+ 0x9cd2df59, 0x55f2733f, 0x1814ce79, 0x73c737bf,
+ 0x53f7cdea, 0x5ffdaa5b, 0xdf3d6f14, 0x7844db86,
+ 0xcaaff381, 0xb968c43e, 0x3824342c, 0xc2a3405f,
+ 0x161dc372, 0xbce2250c, 0x283c498b, 0xff0d9541,
+ 0x39a80171, 0x080cb3de, 0xd8b4e49c, 0x6456c190,
+ 0x7bcb8461, 0xd532b670, 0x486c5c74, 0xd0b85742);
+$code.=<<___;
+ .byte 0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38
+ .byte 0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb
+ .byte 0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87
+ .byte 0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb
+ .byte 0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d
+ .byte 0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e
+ .byte 0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2
+ .byte 0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25
+ .byte 0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16
+ .byte 0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92
+ .byte 0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda
+ .byte 0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84
+ .byte 0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a
+ .byte 0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06
+ .byte 0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02
+ .byte 0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b
+ .byte 0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea
+ .byte 0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73
+ .byte 0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85
+ .byte 0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e
+ .byte 0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89
+ .byte 0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b
+ .byte 0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20
+ .byte 0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4
+ .byte 0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31
+ .byte 0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f
+ .byte 0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d
+ .byte 0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef
+ .byte 0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0
+ .byte 0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61
+ .byte 0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26
+ .byte 0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d
+.type AES_Td,#object
+.size AES_Td,(.-AES_Td)
+
+.align 64
+.skip 16
+_sparcv9_AES_decrypt:
+ save %sp,-$frame-$locals,%sp
+ stx %i7,[%sp+$bias+$frame+0] ! off-load return address
+ ld [$key+240],$rounds
+ ld [$key+0],$t0
+ ld [$key+4],$t1 !
+ ld [$key+8],$t2
+ ld [$key+12],$t3
+ srl $rounds,1,$rounds
+ xor $t0,$s0,$s0
+ ld [$key+16],$t0
+ xor $t1,$s1,$s1
+ ld [$key+20],$t1
+ srl $s0,21,$acc0 !
+ xor $t2,$s2,$s2
+ ld [$key+24],$t2
+ xor $t3,$s3,$s3
+ and $acc0,2040,$acc0
+ ld [$key+28],$t3
+ srl $s3,13,$acc1
+ nop
+.Ldec_loop:
+ srl $s2,5,$acc2 !
+ and $acc1,2040,$acc1
+ ldx [$tbl+$acc0],$acc0
+ sll $s1,3,$acc3
+ and $acc2,2040,$acc2
+ ldx [$tbl+$acc1],$acc1
+ srl $s1,21,$acc4
+ and $acc3,2040,$acc3
+ ldx [$tbl+$acc2],$acc2 !
+ srl $s0,13,$acc5
+ and $acc4,2040,$acc4
+ ldx [$tbl+$acc3],$acc3
+ srl $s3,5,$acc6
+ and $acc5,2040,$acc5
+ ldx [$tbl+$acc4],$acc4
+ fmovs %f0,%f0
+ sll $s2,3,$acc7 !
+ and $acc6,2040,$acc6
+ ldx [$tbl+$acc5],$acc5
+ srl $s2,21,$acc8
+ and $acc7,2040,$acc7
+ ldx [$tbl+$acc6],$acc6
+ srl $s1,13,$acc9
+ and $acc8,2040,$acc8
+ ldx [$tbl+$acc7],$acc7 !
+ srl $s0,5,$acc10
+ and $acc9,2040,$acc9
+ ldx [$tbl+$acc8],$acc8
+ sll $s3,3,$acc11
+ and $acc10,2040,$acc10
+ ldx [$tbl+$acc9],$acc9
+ fmovs %f0,%f0
+ srl $s3,21,$acc12 !
+ and $acc11,2040,$acc11
+ ldx [$tbl+$acc10],$acc10
+ srl $s2,13,$acc13
+ and $acc12,2040,$acc12
+ ldx [$tbl+$acc11],$acc11
+ srl $s1,5,$acc14
+ and $acc13,2040,$acc13
+ ldx [$tbl+$acc12],$acc12 !
+ sll $s0,3,$acc15
+ and $acc14,2040,$acc14
+ ldx [$tbl+$acc13],$acc13
+ and $acc15,2040,$acc15
+ add $key,32,$key
+ ldx [$tbl+$acc14],$acc14
+ fmovs %f0,%f0
+ subcc $rounds,1,$rounds !
+ ldx [$tbl+$acc15],$acc15
+ bz,a,pn %icc,.Ldec_last
+ add $tbl,2048,$rounds
+
+ srlx $acc1,8,$acc1
+ xor $acc0,$t0,$t0
+ ld [$key+0],$s0
+ fmovs %f0,%f0
+ srlx $acc2,16,$acc2 !
+ xor $acc1,$t0,$t0
+ ld [$key+4],$s1
+ srlx $acc3,24,$acc3
+ xor $acc2,$t0,$t0
+ ld [$key+8],$s2
+ srlx $acc5,8,$acc5
+ xor $acc3,$t0,$t0
+ ld [$key+12],$s3 !
+ srlx $acc6,16,$acc6
+ xor $acc4,$t1,$t1
+ fmovs %f0,%f0
+ srlx $acc7,24,$acc7
+ xor $acc5,$t1,$t1
+ srlx $acc9,8,$acc9
+ xor $acc6,$t1,$t1
+ srlx $acc10,16,$acc10 !
+ xor $acc7,$t1,$t1
+ srlx $acc11,24,$acc11
+ xor $acc8,$t2,$t2
+ srlx $acc13,8,$acc13
+ xor $acc9,$t2,$t2
+ srlx $acc14,16,$acc14
+ xor $acc10,$t2,$t2
+ srlx $acc15,24,$acc15 !
+ xor $acc11,$t2,$t2
+ xor $acc12,$acc14,$acc14
+ xor $acc13,$t3,$t3
+ srl $t0,21,$acc0
+ xor $acc14,$t3,$t3
+ xor $acc15,$t3,$t3
+ srl $t3,13,$acc1
+
+ and $acc0,2040,$acc0 !
+ srl $t2,5,$acc2
+ and $acc1,2040,$acc1
+ ldx [$tbl+$acc0],$acc0
+ sll $t1,3,$acc3
+ and $acc2,2040,$acc2
+ ldx [$tbl+$acc1],$acc1
+ fmovs %f0,%f0
+ srl $t1,21,$acc4 !
+ and $acc3,2040,$acc3
+ ldx [$tbl+$acc2],$acc2
+ srl $t0,13,$acc5
+ and $acc4,2040,$acc4
+ ldx [$tbl+$acc3],$acc3
+ srl $t3,5,$acc6
+ and $acc5,2040,$acc5
+ ldx [$tbl+$acc4],$acc4 !
+ sll $t2,3,$acc7
+ and $acc6,2040,$acc6
+ ldx [$tbl+$acc5],$acc5
+ srl $t2,21,$acc8
+ and $acc7,2040,$acc7
+ ldx [$tbl+$acc6],$acc6
+ fmovs %f0,%f0
+ srl $t1,13,$acc9 !
+ and $acc8,2040,$acc8
+ ldx [$tbl+$acc7],$acc7
+ srl $t0,5,$acc10
+ and $acc9,2040,$acc9
+ ldx [$tbl+$acc8],$acc8
+ sll $t3,3,$acc11
+ and $acc10,2040,$acc10
+ ldx [$tbl+$acc9],$acc9 !
+ srl $t3,21,$acc12
+ and $acc11,2040,$acc11
+ ldx [$tbl+$acc10],$acc10
+ srl $t2,13,$acc13
+ and $acc12,2040,$acc12
+ ldx [$tbl+$acc11],$acc11
+ fmovs %f0,%f0
+ srl $t1,5,$acc14 !
+ and $acc13,2040,$acc13
+ ldx [$tbl+$acc12],$acc12
+ sll $t0,3,$acc15
+ and $acc14,2040,$acc14
+ ldx [$tbl+$acc13],$acc13
+ srlx $acc1,8,$acc1
+ and $acc15,2040,$acc15
+ ldx [$tbl+$acc14],$acc14 !
+
+ srlx $acc2,16,$acc2
+ xor $acc0,$s0,$s0
+ ldx [$tbl+$acc15],$acc15
+ srlx $acc3,24,$acc3
+ xor $acc1,$s0,$s0
+ ld [$key+16],$t0
+ fmovs %f0,%f0
+ srlx $acc5,8,$acc5 !
+ xor $acc2,$s0,$s0
+ ld [$key+20],$t1
+ srlx $acc6,16,$acc6
+ xor $acc3,$s0,$s0
+ ld [$key+24],$t2
+ srlx $acc7,24,$acc7
+ xor $acc4,$s1,$s1
+ ld [$key+28],$t3 !
+ srlx $acc9,8,$acc9
+ xor $acc5,$s1,$s1
+ ldx [$tbl+2048+0],%g0 ! prefetch td4
+ srlx $acc10,16,$acc10
+ xor $acc6,$s1,$s1
+ ldx [$tbl+2048+32],%g0 ! prefetch td4
+ srlx $acc11,24,$acc11
+ xor $acc7,$s1,$s1
+ ldx [$tbl+2048+64],%g0 ! prefetch td4
+ srlx $acc13,8,$acc13
+ xor $acc8,$s2,$s2
+ ldx [$tbl+2048+96],%g0 ! prefetch td4
+ srlx $acc14,16,$acc14 !
+ xor $acc9,$s2,$s2
+ ldx [$tbl+2048+128],%g0 ! prefetch td4
+ srlx $acc15,24,$acc15
+ xor $acc10,$s2,$s2
+ ldx [$tbl+2048+160],%g0 ! prefetch td4
+ srl $s0,21,$acc0
+ xor $acc11,$s2,$s2
+ ldx [$tbl+2048+192],%g0 ! prefetch td4
+ xor $acc12,$acc14,$acc14
+ xor $acc13,$s3,$s3
+ ldx [$tbl+2048+224],%g0 ! prefetch td4
+ and $acc0,2040,$acc0 !
+ xor $acc14,$s3,$s3
+ xor $acc15,$s3,$s3
+ ba .Ldec_loop
+ srl $s3,13,$acc1
+
+.align 32
+.Ldec_last:
+ srlx $acc1,8,$acc1 !
+ xor $acc0,$t0,$t0
+ ld [$key+0],$s0
+ srlx $acc2,16,$acc2
+ xor $acc1,$t0,$t0
+ ld [$key+4],$s1
+ srlx $acc3,24,$acc3
+ xor $acc2,$t0,$t0
+ ld [$key+8],$s2 !
+ srlx $acc5,8,$acc5
+ xor $acc3,$t0,$t0
+ ld [$key+12],$s3
+ srlx $acc6,16,$acc6
+ xor $acc4,$t1,$t1
+ srlx $acc7,24,$acc7
+ xor $acc5,$t1,$t1
+ srlx $acc9,8,$acc9 !
+ xor $acc6,$t1,$t1
+ srlx $acc10,16,$acc10
+ xor $acc7,$t1,$t1
+ srlx $acc11,24,$acc11
+ xor $acc8,$t2,$t2
+ srlx $acc13,8,$acc13
+ xor $acc9,$t2,$t2
+ srlx $acc14,16,$acc14 !
+ xor $acc10,$t2,$t2
+ srlx $acc15,24,$acc15
+ xor $acc11,$t2,$t2
+ xor $acc12,$acc14,$acc14
+ xor $acc13,$t3,$t3
+ srl $t0,24,$acc0
+ xor $acc14,$t3,$t3
+ xor $acc15,$t3,$t3 !
+ srl $t3,16,$acc1
+
+ srl $t2,8,$acc2
+ and $acc1,255,$acc1
+ ldub [$rounds+$acc0],$acc0
+ srl $t1,24,$acc4
+ and $acc2,255,$acc2
+ ldub [$rounds+$acc1],$acc1
+ srl $t0,16,$acc5 !
+ and $t1,255,$acc3
+ ldub [$rounds+$acc2],$acc2
+ ldub [$rounds+$acc3],$acc3
+ srl $t3,8,$acc6
+ and $acc5,255,$acc5
+ ldub [$rounds+$acc4],$acc4
+ fmovs %f0,%f0
+ srl $t2,24,$acc8 !
+ and $acc6,255,$acc6
+ ldub [$rounds+$acc5],$acc5
+ srl $t1,16,$acc9
+ and $t2,255,$acc7
+ ldub [$rounds+$acc6],$acc6
+ ldub [$rounds+$acc7],$acc7
+ fmovs %f0,%f0
+ srl $t0,8,$acc10 !
+ and $acc9,255,$acc9
+ ldub [$rounds+$acc8],$acc8
+ srl $t3,24,$acc12
+ and $acc10,255,$acc10
+ ldub [$rounds+$acc9],$acc9
+ srl $t2,16,$acc13
+ and $t3,255,$acc11
+ ldub [$rounds+$acc10],$acc10 !
+ srl $t1,8,$acc14
+ and $acc13,255,$acc13
+ ldub [$rounds+$acc11],$acc11
+ ldub [$rounds+$acc12],$acc12
+ and $acc14,255,$acc14
+ ldub [$rounds+$acc13],$acc13
+ and $t0,255,$acc15
+ ldub [$rounds+$acc14],$acc14 !
+
+ sll $acc0,24,$acc0
+ xor $acc3,$s0,$s0
+ ldub [$rounds+$acc15],$acc15
+ sll $acc1,16,$acc1
+ xor $acc0,$s0,$s0
+ ldx [%sp+$bias+$frame+0],%i7 ! restore return address
+ fmovs %f0,%f0
+ sll $acc2,8,$acc2 !
+ xor $acc1,$s0,$s0
+ sll $acc4,24,$acc4
+ xor $acc2,$s0,$s0
+ sll $acc5,16,$acc5
+ xor $acc7,$s1,$s1
+ sll $acc6,8,$acc6
+ xor $acc4,$s1,$s1
+ sll $acc8,24,$acc8 !
+ xor $acc5,$s1,$s1
+ sll $acc9,16,$acc9
+ xor $acc11,$s2,$s2
+ sll $acc10,8,$acc10
+ xor $acc6,$s1,$s1
+ sll $acc12,24,$acc12
+ xor $acc8,$s2,$s2
+ sll $acc13,16,$acc13 !
+ xor $acc9,$s2,$s2
+ sll $acc14,8,$acc14
+ xor $acc10,$s2,$s2
+ xor $acc12,$acc14,$acc14
+ xor $acc13,$s3,$s3
+ xor $acc14,$s3,$s3
+ xor $acc15,$s3,$s3
+
+ ret
+ restore
+.type _sparcv9_AES_decrypt,#function
+.size _sparcv9_AES_decrypt,(.-_sparcv9_AES_decrypt)
+
+.align 32
+.globl AES_decrypt
+AES_decrypt:
+ or %o0,%o1,%g1
+ andcc %g1,3,%g0
+ bnz,pn %xcc,.Lunaligned_dec
+ save %sp,-$frame,%sp
+
+ ld [%i0+0],%o0
+ ld [%i0+4],%o1
+ ld [%i0+8],%o2
+ ld [%i0+12],%o3
+
+1: call .+8
+ add %o7,AES_Td-1b,%o4
+ call _sparcv9_AES_decrypt
+ mov %i2,%o5
+
+ st %o0,[%i1+0]
+ st %o1,[%i1+4]
+ st %o2,[%i1+8]
+ st %o3,[%i1+12]
+
+ ret
+ restore
+
+.align 32
+.Lunaligned_dec:
+ ldub [%i0+0],%l0
+ ldub [%i0+1],%l1
+ ldub [%i0+2],%l2
+
+ sll %l0,24,%l0
+ ldub [%i0+3],%l3
+ sll %l1,16,%l1
+ ldub [%i0+4],%l4
+ sll %l2,8,%l2
+ or %l1,%l0,%l0
+ ldub [%i0+5],%l5
+ sll %l4,24,%l4
+ or %l3,%l2,%l2
+ ldub [%i0+6],%l6
+ sll %l5,16,%l5
+ or %l0,%l2,%o0
+ ldub [%i0+7],%l7
+
+ sll %l6,8,%l6
+ or %l5,%l4,%l4
+ ldub [%i0+8],%l0
+ or %l7,%l6,%l6
+ ldub [%i0+9],%l1
+ or %l4,%l6,%o1
+ ldub [%i0+10],%l2
+
+ sll %l0,24,%l0
+ ldub [%i0+11],%l3
+ sll %l1,16,%l1
+ ldub [%i0+12],%l4
+ sll %l2,8,%l2
+ or %l1,%l0,%l0
+ ldub [%i0+13],%l5
+ sll %l4,24,%l4
+ or %l3,%l2,%l2
+ ldub [%i0+14],%l6
+ sll %l5,16,%l5
+ or %l0,%l2,%o2
+ ldub [%i0+15],%l7
+
+ sll %l6,8,%l6
+ or %l5,%l4,%l4
+ or %l7,%l6,%l6
+ or %l4,%l6,%o3
+
+1: call .+8
+ add %o7,AES_Td-1b,%o4
+ call _sparcv9_AES_decrypt
+ mov %i2,%o5
+
+ srl %o0,24,%l0
+ srl %o0,16,%l1
+ stb %l0,[%i1+0]
+ srl %o0,8,%l2
+ stb %l1,[%i1+1]
+ stb %l2,[%i1+2]
+ srl %o1,24,%l4
+ stb %o0,[%i1+3]
+
+ srl %o1,16,%l5
+ stb %l4,[%i1+4]
+ srl %o1,8,%l6
+ stb %l5,[%i1+5]
+ stb %l6,[%i1+6]
+ srl %o2,24,%l0
+ stb %o1,[%i1+7]
+
+ srl %o2,16,%l1
+ stb %l0,[%i1+8]
+ srl %o2,8,%l2
+ stb %l1,[%i1+9]
+ stb %l2,[%i1+10]
+ srl %o3,24,%l4
+ stb %o2,[%i1+11]
+
+ srl %o3,16,%l5
+ stb %l4,[%i1+12]
+ srl %o3,8,%l6
+ stb %l5,[%i1+13]
+ stb %l6,[%i1+14]
+ stb %o3,[%i1+15]
+
+ ret
+ restore
+.type AES_decrypt,#function
+.size AES_decrypt,(.-AES_decrypt)
+___
+
+# fmovs instructions substituting for FP nops were originally added
+# to meet specific instruction alignment requirements to maximize ILP.
+# As UltraSPARC T1, a.k.a. Niagara, has shared FPU, FP nops can have
+# undesired effect, so just omit them and sacrifice some portion of
+# percent in performance...
+$code =~ s/fmovs.*$//gm;
+
+print $code;
+close STDOUT; # ensure flush
Modified: trunk/crypto/openssl/crypto/aes/asm/aes-x86_64.pl
===================================================================
--- trunk/crypto/openssl/crypto/aes/asm/aes-x86_64.pl 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/aes/asm/aes-x86_64.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -2,11 +2,12 @@
#
# ====================================================================
# Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
-# project. Rights for redistribution and usage in source and binary
-# forms are granted according to the OpenSSL license.
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
# ====================================================================
#
-# Version 1.2.
+# Version 2.1.
#
# aes-*-cbc benchmarks are improved by >70% [compared to gcc 3.3.2 on
# Opteron 240 CPU] plus all the bells-n-whistles from 32-bit version
@@ -17,17 +18,30 @@
#
# Performance in number of cycles per processed byte for 128-bit key:
#
-# ECB CBC encrypt
-# AMD64 13.7 13.0(*)
-# EM64T 20.2 18.6(*)
+# ECB encrypt ECB decrypt CBC large chunk
+# AMD64 33 41 13.0
+# EM64T 38 59 18.6(*)
+# Core 2 30 43 14.5(*)
#
-# (*) CBC benchmarks are better than ECB thanks to custom ABI used
-# by the private block encryption function.
+# (*) with hyper-threading off
+$flavour = shift;
+$output = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+
+$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
+die "can't locate x86_64-xlate.pl";
+
+open OUT,"| \"$^X\" $xlate $flavour $output";
+*STDOUT=*OUT;
+
$verticalspin=1; # unlike 32-bit version $verticalspin performs
# ~15% better on both AMD and Intel cores
-$output=shift;
-open STDOUT,"| $^X ../perlasm/x86_64-xlate.pl $output";
+$speed_limit=512; # see aes-586.pl for details
$code=".text\n";
@@ -35,9 +49,9 @@
$s1="%ebx";
$s2="%ecx";
$s3="%edx";
-$acc0="%esi";
-$acc1="%edi";
-$acc2="%ebp";
+$acc0="%esi"; $mask80="%rsi";
+$acc1="%edi"; $maskfe="%rdi";
+$acc2="%ebp"; $mask1b="%rbp";
$inp="%r8";
$out="%r9";
$t0="%r10d";
@@ -51,6 +65,8 @@
sub lo() { my $r=shift; $r =~ s/%[er]([a-d])x/%\1l/;
$r =~ s/%[er]([sd]i)/%\1l/;
$r =~ s/%(r[0-9]+)[d]?/%\1b/; $r; }
+sub LO() { my $r=shift; $r =~ s/%r([a-z]+)/%e\1/;
+ $r =~ s/%r([0-9]+)/%r\1d/; $r; }
sub _data_word()
{ my $i;
while(defined($i=shift)) { $code.=sprintf".long\t0x%08x,0x%08x\n",$i,$i; }
@@ -138,22 +154,17 @@
movzb `&lo("$s0")`,$acc0
movzb `&lo("$s1")`,$acc1
movzb `&lo("$s2")`,$acc2
- mov 2($sbox,$acc0,8),$t0
- mov 2($sbox,$acc1,8),$t1
- mov 2($sbox,$acc2,8),$t2
+ movzb 2($sbox,$acc0,8),$t0
+ movzb 2($sbox,$acc1,8),$t1
+ movzb 2($sbox,$acc2,8),$t2
- and \$0x000000ff,$t0
- and \$0x000000ff,$t1
- and \$0x000000ff,$t2
-
movzb `&lo("$s3")`,$acc0
movzb `&hi("$s1")`,$acc1
movzb `&hi("$s2")`,$acc2
- mov 2($sbox,$acc0,8),$t3
+ movzb 2($sbox,$acc0,8),$t3
mov 0($sbox,$acc1,8),$acc1 #$t0
mov 0($sbox,$acc2,8),$acc2 #$t1
- and \$0x000000ff,$t3
and \$0x0000ff00,$acc1
and \$0x0000ff00,$acc2
@@ -345,11 +356,242 @@
.size _x86_64_AES_encrypt,.-_x86_64_AES_encrypt
___
+# it's possible to implement this by shifting tN by 8, filling least
+# significant byte with byte load and finally bswap-ing at the end,
+# but such partial register load kills Core 2...
+sub enccompactvert()
+{ my ($t3,$t4,$t5)=("%r8d","%r9d","%r13d");
+
+$code.=<<___;
+ movzb `&lo("$s0")`,$t0
+ movzb `&lo("$s1")`,$t1
+ movzb `&lo("$s2")`,$t2
+ movzb ($sbox,$t0,1),$t0
+ movzb ($sbox,$t1,1),$t1
+ movzb ($sbox,$t2,1),$t2
+
+ movzb `&lo("$s3")`,$t3
+ movzb `&hi("$s1")`,$acc0
+ movzb `&hi("$s2")`,$acc1
+ movzb ($sbox,$t3,1),$t3
+ movzb ($sbox,$acc0,1),$t4 #$t0
+ movzb ($sbox,$acc1,1),$t5 #$t1
+
+ movzb `&hi("$s3")`,$acc2
+ movzb `&hi("$s0")`,$acc0
+ shr \$16,$s2
+ movzb ($sbox,$acc2,1),$acc2 #$t2
+ movzb ($sbox,$acc0,1),$acc0 #$t3
+ shr \$16,$s3
+
+ movzb `&lo("$s2")`,$acc1
+ shl \$8,$t4
+ shl \$8,$t5
+ movzb ($sbox,$acc1,1),$acc1 #$t0
+ xor $t4,$t0
+ xor $t5,$t1
+
+ movzb `&lo("$s3")`,$t4
+ shr \$16,$s0
+ shr \$16,$s1
+ movzb `&lo("$s0")`,$t5
+ shl \$8,$acc2
+ shl \$8,$acc0
+ movzb ($sbox,$t4,1),$t4 #$t1
+ movzb ($sbox,$t5,1),$t5 #$t2
+ xor $acc2,$t2
+ xor $acc0,$t3
+
+ movzb `&lo("$s1")`,$acc2
+ movzb `&hi("$s3")`,$acc0
+ shl \$16,$acc1
+ movzb ($sbox,$acc2,1),$acc2 #$t3
+ movzb ($sbox,$acc0,1),$acc0 #$t0
+ xor $acc1,$t0
+
+ movzb `&hi("$s0")`,$acc1
+ shr \$8,$s2
+ shr \$8,$s1
+ movzb ($sbox,$acc1,1),$acc1 #$t1
+ movzb ($sbox,$s2,1),$s3 #$t3
+ movzb ($sbox,$s1,1),$s2 #$t2
+ shl \$16,$t4
+ shl \$16,$t5
+ shl \$16,$acc2
+ xor $t4,$t1
+ xor $t5,$t2
+ xor $acc2,$t3
+
+ shl \$24,$acc0
+ shl \$24,$acc1
+ shl \$24,$s3
+ xor $acc0,$t0
+ shl \$24,$s2
+ xor $acc1,$t1
+ mov $t0,$s0
+ mov $t1,$s1
+ xor $t2,$s2
+ xor $t3,$s3
+___
+}
+
+sub enctransform_ref()
+{ my $sn = shift;
+ my ($acc,$r2,$tmp)=("%r8d","%r9d","%r13d");
+
+$code.=<<___;
+ mov $sn,$acc
+ and \$0x80808080,$acc
+ mov $acc,$tmp
+ shr \$7,$tmp
+ lea ($sn,$sn),$r2
+ sub $tmp,$acc
+ and \$0xfefefefe,$r2
+ and \$0x1b1b1b1b,$acc
+ mov $sn,$tmp
+ xor $acc,$r2
+
+ xor $r2,$sn
+ rol \$24,$sn
+ xor $r2,$sn
+ ror \$16,$tmp
+ xor $tmp,$sn
+ ror \$8,$tmp
+ xor $tmp,$sn
+___
+}
+
+# unlike decrypt case it does not pay off to parallelize enctransform
+sub enctransform()
+{ my ($t3,$r20,$r21)=($acc2,"%r8d","%r9d");
+
+$code.=<<___;
+ mov $s0,$acc0
+ mov $s1,$acc1
+ and \$0x80808080,$acc0
+ and \$0x80808080,$acc1
+ mov $acc0,$t0
+ mov $acc1,$t1
+ shr \$7,$t0
+ lea ($s0,$s0),$r20
+ shr \$7,$t1
+ lea ($s1,$s1),$r21
+ sub $t0,$acc0
+ sub $t1,$acc1
+ and \$0xfefefefe,$r20
+ and \$0xfefefefe,$r21
+ and \$0x1b1b1b1b,$acc0
+ and \$0x1b1b1b1b,$acc1
+ mov $s0,$t0
+ mov $s1,$t1
+ xor $acc0,$r20
+ xor $acc1,$r21
+
+ xor $r20,$s0
+ xor $r21,$s1
+ mov $s2,$acc0
+ mov $s3,$acc1
+ rol \$24,$s0
+ rol \$24,$s1
+ and \$0x80808080,$acc0
+ and \$0x80808080,$acc1
+ xor $r20,$s0
+ xor $r21,$s1
+ mov $acc0,$t2
+ mov $acc1,$t3
+ ror \$16,$t0
+ ror \$16,$t1
+ shr \$7,$t2
+ lea ($s2,$s2),$r20
+ xor $t0,$s0
+ xor $t1,$s1
+ shr \$7,$t3
+ lea ($s3,$s3),$r21
+ ror \$8,$t0
+ ror \$8,$t1
+ sub $t2,$acc0
+ sub $t3,$acc1
+ xor $t0,$s0
+ xor $t1,$s1
+
+ and \$0xfefefefe,$r20
+ and \$0xfefefefe,$r21
+ and \$0x1b1b1b1b,$acc0
+ and \$0x1b1b1b1b,$acc1
+ mov $s2,$t2
+ mov $s3,$t3
+ xor $acc0,$r20
+ xor $acc1,$r21
+
+ xor $r20,$s2
+ xor $r21,$s3
+ rol \$24,$s2
+ rol \$24,$s3
+ xor $r20,$s2
+ xor $r21,$s3
+ mov 0($sbox),$acc0 # prefetch Te4
+ ror \$16,$t2
+ ror \$16,$t3
+ mov 64($sbox),$acc1
+ xor $t2,$s2
+ xor $t3,$s3
+ mov 128($sbox),$r20
+ ror \$8,$t2
+ ror \$8,$t3
+ mov 192($sbox),$r21
+ xor $t2,$s2
+ xor $t3,$s3
+___
+}
+
+$code.=<<___;
+.type _x86_64_AES_encrypt_compact,\@abi-omnipotent
+.align 16
+_x86_64_AES_encrypt_compact:
+ lea 128($sbox),$inp # size optimization
+ mov 0-128($inp),$acc1 # prefetch Te4
+ mov 32-128($inp),$acc2
+ mov 64-128($inp),$t0
+ mov 96-128($inp),$t1
+ mov 128-128($inp),$acc1
+ mov 160-128($inp),$acc2
+ mov 192-128($inp),$t0
+ mov 224-128($inp),$t1
+ jmp .Lenc_loop_compact
+.align 16
+.Lenc_loop_compact:
+ xor 0($key),$s0 # xor with key
+ xor 4($key),$s1
+ xor 8($key),$s2
+ xor 12($key),$s3
+ lea 16($key),$key
+___
+ &enccompactvert();
+$code.=<<___;
+ cmp 16(%rsp),$key
+ je .Lenc_compact_done
+___
+ &enctransform();
+$code.=<<___;
+ jmp .Lenc_loop_compact
+.align 16
+.Lenc_compact_done:
+ xor 0($key),$s0
+ xor 4($key),$s1
+ xor 8($key),$s2
+ xor 12($key),$s3
+ .byte 0xf3,0xc3 # rep ret
+.size _x86_64_AES_encrypt_compact,.-_x86_64_AES_encrypt_compact
+___
+
# void AES_encrypt (const void *inp,void *out,const AES_KEY *key);
$code.=<<___;
.globl AES_encrypt
.type AES_encrypt,\@function,3
.align 16
+.globl asm_AES_encrypt
+.hidden asm_AES_encrypt
+asm_AES_encrypt:
AES_encrypt:
push %rbx
push %rbp
@@ -358,31 +600,57 @@
push %r14
push %r15
+ # allocate frame "above" key schedule
+ mov %rsp,%r10
+ lea -63(%rdx),%rcx # %rdx is key argument
+ and \$-64,%rsp
+ sub %rsp,%rcx
+ neg %rcx
+ and \$0x3c0,%rcx
+ sub %rcx,%rsp
+ sub \$32,%rsp
+
+ mov %rsi,16(%rsp) # save out
+ mov %r10,24(%rsp) # save real stack pointer
+.Lenc_prologue:
+
mov %rdx,$key
- mov %rdi,$inp
- mov %rsi,$out
+ mov 240($key),$rnds # load rounds
- .picmeup $sbox
- lea AES_Te-.($sbox),$sbox
+ mov 0(%rdi),$s0 # load input vector
+ mov 4(%rdi),$s1
+ mov 8(%rdi),$s2
+ mov 12(%rdi),$s3
- mov 0($inp),$s0
- mov 4($inp),$s1
- mov 8($inp),$s2
- mov 12($inp),$s3
+ shl \$4,$rnds
+ lea ($key,$rnds),%rbp
+ mov $key,(%rsp) # key schedule
+ mov %rbp,8(%rsp) # end of key schedule
- call _x86_64_AES_encrypt
+ # pick Te4 copy which can't "overlap" with stack frame or key schedule
+ lea .LAES_Te+2048(%rip),$sbox
+ lea 768(%rsp),%rbp
+ sub $sbox,%rbp
+ and \$0x300,%rbp
+ lea ($sbox,%rbp),$sbox
- mov $s0,0($out)
+ call _x86_64_AES_encrypt_compact
+
+ mov 16(%rsp),$out # restore out
+ mov 24(%rsp),%rsi # restore saved stack pointer
+ mov $s0,0($out) # write output vector
mov $s1,4($out)
mov $s2,8($out)
mov $s3,12($out)
- pop %r15
- pop %r14
- pop %r13
- pop %r12
- pop %rbp
- pop %rbx
+ mov (%rsi),%r15
+ mov 8(%rsi),%r14
+ mov 16(%rsi),%r13
+ mov 24(%rsi),%r12
+ mov 32(%rsi),%rbp
+ mov 40(%rsi),%rbx
+ lea 48(%rsi),%rsp
+.Lenc_epilogue:
ret
.size AES_encrypt,.-AES_encrypt
___
@@ -453,19 +721,20 @@
{ my $t3="%r8d"; # zaps $inp!
$code.=<<___;
+ lea 2048($sbox),$sbox # size optimization
movzb `&lo("$s0")`,$acc0
movzb `&lo("$s1")`,$acc1
movzb `&lo("$s2")`,$acc2
- movzb 2048($sbox,$acc0,1),$t0
- movzb 2048($sbox,$acc1,1),$t1
- movzb 2048($sbox,$acc2,1),$t2
+ movzb ($sbox,$acc0,1),$t0
+ movzb ($sbox,$acc1,1),$t1
+ movzb ($sbox,$acc2,1),$t2
movzb `&lo("$s3")`,$acc0
movzb `&hi("$s3")`,$acc1
movzb `&hi("$s0")`,$acc2
- movzb 2048($sbox,$acc0,1),$t3
- movzb 2048($sbox,$acc1,1),$acc1 #$t0
- movzb 2048($sbox,$acc2,1),$acc2 #$t1
+ movzb ($sbox,$acc0,1),$t3
+ movzb ($sbox,$acc1,1),$acc1 #$t0
+ movzb ($sbox,$acc2,1),$acc2 #$t1
shl \$8,$acc1
shl \$8,$acc2
@@ -477,8 +746,8 @@
movzb `&hi("$s1")`,$acc0
movzb `&hi("$s2")`,$acc1
shr \$16,$s0
- movzb 2048($sbox,$acc0,1),$acc0 #$t2
- movzb 2048($sbox,$acc1,1),$acc1 #$t3
+ movzb ($sbox,$acc0,1),$acc0 #$t2
+ movzb ($sbox,$acc1,1),$acc1 #$t3
shl \$8,$acc0
shl \$8,$acc1
@@ -490,9 +759,9 @@
movzb `&lo("$s2")`,$acc0
movzb `&lo("$s3")`,$acc1
movzb `&lo("$s0")`,$acc2
- movzb 2048($sbox,$acc0,1),$acc0 #$t0
- movzb 2048($sbox,$acc1,1),$acc1 #$t1
- movzb 2048($sbox,$acc2,1),$acc2 #$t2
+ movzb ($sbox,$acc0,1),$acc0 #$t0
+ movzb ($sbox,$acc1,1),$acc1 #$t1
+ movzb ($sbox,$acc2,1),$acc2 #$t2
shl \$16,$acc0
shl \$16,$acc1
@@ -505,9 +774,9 @@
movzb `&lo("$s1")`,$acc0
movzb `&hi("$s1")`,$acc1
movzb `&hi("$s2")`,$acc2
- movzb 2048($sbox,$acc0,1),$acc0 #$t3
- movzb 2048($sbox,$acc1,1),$acc1 #$t0
- movzb 2048($sbox,$acc2,1),$acc2 #$t1
+ movzb ($sbox,$acc0,1),$acc0 #$t3
+ movzb ($sbox,$acc1,1),$acc1 #$t0
+ movzb ($sbox,$acc2,1),$acc2 #$t1
shl \$16,$acc0
shl \$24,$acc1
@@ -520,8 +789,8 @@
movzb `&hi("$s3")`,$acc0
movzb `&hi("$s0")`,$acc1
mov 16+12($key),$s3
- movzb 2048($sbox,$acc0,1),$acc0 #$t2
- movzb 2048($sbox,$acc1,1),$acc1 #$t3
+ movzb ($sbox,$acc0,1),$acc0 #$t2
+ movzb ($sbox,$acc1,1),$acc1 #$t3
mov 16+0($key),$s0
shl \$24,$acc0
@@ -532,6 +801,7 @@
mov 16+4($key),$s1
mov 16+8($key),$s2
+ lea -2048($sbox),$sbox
xor $t0,$s0
xor $t1,$s1
xor $t2,$s2
@@ -659,11 +929,268 @@
.size _x86_64_AES_decrypt,.-_x86_64_AES_decrypt
___
+sub deccompactvert()
+{ my ($t3,$t4,$t5)=("%r8d","%r9d","%r13d");
+
+$code.=<<___;
+ movzb `&lo("$s0")`,$t0
+ movzb `&lo("$s1")`,$t1
+ movzb `&lo("$s2")`,$t2
+ movzb ($sbox,$t0,1),$t0
+ movzb ($sbox,$t1,1),$t1
+ movzb ($sbox,$t2,1),$t2
+
+ movzb `&lo("$s3")`,$t3
+ movzb `&hi("$s3")`,$acc0
+ movzb `&hi("$s0")`,$acc1
+ movzb ($sbox,$t3,1),$t3
+ movzb ($sbox,$acc0,1),$t4 #$t0
+ movzb ($sbox,$acc1,1),$t5 #$t1
+
+ movzb `&hi("$s1")`,$acc2
+ movzb `&hi("$s2")`,$acc0
+ shr \$16,$s2
+ movzb ($sbox,$acc2,1),$acc2 #$t2
+ movzb ($sbox,$acc0,1),$acc0 #$t3
+ shr \$16,$s3
+
+ movzb `&lo("$s2")`,$acc1
+ shl \$8,$t4
+ shl \$8,$t5
+ movzb ($sbox,$acc1,1),$acc1 #$t0
+ xor $t4,$t0
+ xor $t5,$t1
+
+ movzb `&lo("$s3")`,$t4
+ shr \$16,$s0
+ shr \$16,$s1
+ movzb `&lo("$s0")`,$t5
+ shl \$8,$acc2
+ shl \$8,$acc0
+ movzb ($sbox,$t4,1),$t4 #$t1
+ movzb ($sbox,$t5,1),$t5 #$t2
+ xor $acc2,$t2
+ xor $acc0,$t3
+
+ movzb `&lo("$s1")`,$acc2
+ movzb `&hi("$s1")`,$acc0
+ shl \$16,$acc1
+ movzb ($sbox,$acc2,1),$acc2 #$t3
+ movzb ($sbox,$acc0,1),$acc0 #$t0
+ xor $acc1,$t0
+
+ movzb `&hi("$s2")`,$acc1
+ shl \$16,$t4
+ shl \$16,$t5
+ movzb ($sbox,$acc1,1),$s1 #$t1
+ xor $t4,$t1
+ xor $t5,$t2
+
+ movzb `&hi("$s3")`,$acc1
+ shr \$8,$s0
+ shl \$16,$acc2
+ movzb ($sbox,$acc1,1),$s2 #$t2
+ movzb ($sbox,$s0,1),$s3 #$t3
+ xor $acc2,$t3
+
+ shl \$24,$acc0
+ shl \$24,$s1
+ shl \$24,$s2
+ xor $acc0,$t0
+ shl \$24,$s3
+ xor $t1,$s1
+ mov $t0,$s0
+ xor $t2,$s2
+ xor $t3,$s3
+___
+}
+
+# parallelized version! input is pair of 64-bit values: %rax=s1.s0
+# and %rcx=s3.s2, output is four 32-bit values in %eax=s0, %ebx=s1,
+# %ecx=s2 and %edx=s3.
+sub dectransform()
+{ my ($tp10,$tp20,$tp40,$tp80,$acc0)=("%rax","%r8", "%r9", "%r10","%rbx");
+ my ($tp18,$tp28,$tp48,$tp88,$acc8)=("%rcx","%r11","%r12","%r13","%rdx");
+ my $prefetch = shift;
+
+$code.=<<___;
+ mov $tp10,$acc0
+ mov $tp18,$acc8
+ and $mask80,$acc0
+ and $mask80,$acc8
+ mov $acc0,$tp40
+ mov $acc8,$tp48
+ shr \$7,$tp40
+ lea ($tp10,$tp10),$tp20
+ shr \$7,$tp48
+ lea ($tp18,$tp18),$tp28
+ sub $tp40,$acc0
+ sub $tp48,$acc8
+ and $maskfe,$tp20
+ and $maskfe,$tp28
+ and $mask1b,$acc0
+ and $mask1b,$acc8
+ xor $tp20,$acc0
+ xor $tp28,$acc8
+ mov $acc0,$tp20
+ mov $acc8,$tp28
+
+ and $mask80,$acc0
+ and $mask80,$acc8
+ mov $acc0,$tp80
+ mov $acc8,$tp88
+ shr \$7,$tp80
+ lea ($tp20,$tp20),$tp40
+ shr \$7,$tp88
+ lea ($tp28,$tp28),$tp48
+ sub $tp80,$acc0
+ sub $tp88,$acc8
+ and $maskfe,$tp40
+ and $maskfe,$tp48
+ and $mask1b,$acc0
+ and $mask1b,$acc8
+ xor $tp40,$acc0
+ xor $tp48,$acc8
+ mov $acc0,$tp40
+ mov $acc8,$tp48
+
+ and $mask80,$acc0
+ and $mask80,$acc8
+ mov $acc0,$tp80
+ mov $acc8,$tp88
+ shr \$7,$tp80
+ xor $tp10,$tp20 # tp2^=tp1
+ shr \$7,$tp88
+ xor $tp18,$tp28 # tp2^=tp1
+ sub $tp80,$acc0
+ sub $tp88,$acc8
+ lea ($tp40,$tp40),$tp80
+ lea ($tp48,$tp48),$tp88
+ xor $tp10,$tp40 # tp4^=tp1
+ xor $tp18,$tp48 # tp4^=tp1
+ and $maskfe,$tp80
+ and $maskfe,$tp88
+ and $mask1b,$acc0
+ and $mask1b,$acc8
+ xor $acc0,$tp80
+ xor $acc8,$tp88
+
+ xor $tp80,$tp10 # tp1^=tp8
+ xor $tp88,$tp18 # tp1^=tp8
+ xor $tp80,$tp20 # tp2^tp1^=tp8
+ xor $tp88,$tp28 # tp2^tp1^=tp8
+ mov $tp10,$acc0
+ mov $tp18,$acc8
+ xor $tp80,$tp40 # tp4^tp1^=tp8
+ xor $tp88,$tp48 # tp4^tp1^=tp8
+ shr \$32,$acc0
+ shr \$32,$acc8
+ xor $tp20,$tp80 # tp8^=tp8^tp2^tp1=tp2^tp1
+ xor $tp28,$tp88 # tp8^=tp8^tp2^tp1=tp2^tp1
+ rol \$8,`&LO("$tp10")` # ROTATE(tp1^tp8,8)
+ rol \$8,`&LO("$tp18")` # ROTATE(tp1^tp8,8)
+ xor $tp40,$tp80 # tp2^tp1^=tp8^tp4^tp1=tp8^tp4^tp2
+ xor $tp48,$tp88 # tp2^tp1^=tp8^tp4^tp1=tp8^tp4^tp2
+
+ rol \$8,`&LO("$acc0")` # ROTATE(tp1^tp8,8)
+ rol \$8,`&LO("$acc8")` # ROTATE(tp1^tp8,8)
+ xor `&LO("$tp80")`,`&LO("$tp10")`
+ xor `&LO("$tp88")`,`&LO("$tp18")`
+ shr \$32,$tp80
+ shr \$32,$tp88
+ xor `&LO("$tp80")`,`&LO("$acc0")`
+ xor `&LO("$tp88")`,`&LO("$acc8")`
+
+ mov $tp20,$tp80
+ mov $tp28,$tp88
+ shr \$32,$tp80
+ shr \$32,$tp88
+ rol \$24,`&LO("$tp20")` # ROTATE(tp2^tp1^tp8,24)
+ rol \$24,`&LO("$tp28")` # ROTATE(tp2^tp1^tp8,24)
+ rol \$24,`&LO("$tp80")` # ROTATE(tp2^tp1^tp8,24)
+ rol \$24,`&LO("$tp88")` # ROTATE(tp2^tp1^tp8,24)
+ xor `&LO("$tp20")`,`&LO("$tp10")`
+ xor `&LO("$tp28")`,`&LO("$tp18")`
+ mov $tp40,$tp20
+ mov $tp48,$tp28
+ xor `&LO("$tp80")`,`&LO("$acc0")`
+ xor `&LO("$tp88")`,`&LO("$acc8")`
+
+ `"mov 0($sbox),$mask80" if ($prefetch)`
+ shr \$32,$tp20
+ shr \$32,$tp28
+ `"mov 64($sbox),$maskfe" if ($prefetch)`
+ rol \$16,`&LO("$tp40")` # ROTATE(tp4^tp1^tp8,16)
+ rol \$16,`&LO("$tp48")` # ROTATE(tp4^tp1^tp8,16)
+ `"mov 128($sbox),$mask1b" if ($prefetch)`
+ rol \$16,`&LO("$tp20")` # ROTATE(tp4^tp1^tp8,16)
+ rol \$16,`&LO("$tp28")` # ROTATE(tp4^tp1^tp8,16)
+ `"mov 192($sbox),$tp80" if ($prefetch)`
+ xor `&LO("$tp40")`,`&LO("$tp10")`
+ xor `&LO("$tp48")`,`&LO("$tp18")`
+ `"mov 256($sbox),$tp88" if ($prefetch)`
+ xor `&LO("$tp20")`,`&LO("$acc0")`
+ xor `&LO("$tp28")`,`&LO("$acc8")`
+___
+}
+
+$code.=<<___;
+.type _x86_64_AES_decrypt_compact,\@abi-omnipotent
+.align 16
+_x86_64_AES_decrypt_compact:
+ lea 128($sbox),$inp # size optimization
+ mov 0-128($inp),$acc1 # prefetch Td4
+ mov 32-128($inp),$acc2
+ mov 64-128($inp),$t0
+ mov 96-128($inp),$t1
+ mov 128-128($inp),$acc1
+ mov 160-128($inp),$acc2
+ mov 192-128($inp),$t0
+ mov 224-128($inp),$t1
+ jmp .Ldec_loop_compact
+
+.align 16
+.Ldec_loop_compact:
+ xor 0($key),$s0 # xor with key
+ xor 4($key),$s1
+ xor 8($key),$s2
+ xor 12($key),$s3
+ lea 16($key),$key
+___
+ &deccompactvert();
+$code.=<<___;
+ cmp 16(%rsp),$key
+ je .Ldec_compact_done
+
+ mov 256+0($sbox),$mask80
+ shl \$32,%rbx
+ shl \$32,%rdx
+ mov 256+8($sbox),$maskfe
+ or %rbx,%rax
+ or %rdx,%rcx
+ mov 256+16($sbox),$mask1b
+___
+ &dectransform(1);
+$code.=<<___;
+ jmp .Ldec_loop_compact
+.align 16
+.Ldec_compact_done:
+ xor 0($key),$s0
+ xor 4($key),$s1
+ xor 8($key),$s2
+ xor 12($key),$s3
+ .byte 0xf3,0xc3 # rep ret
+.size _x86_64_AES_decrypt_compact,.-_x86_64_AES_decrypt_compact
+___
+
# void AES_decrypt (const void *inp,void *out,const AES_KEY *key);
$code.=<<___;
.globl AES_decrypt
.type AES_decrypt,\@function,3
.align 16
+.globl asm_AES_decrypt
+.hidden asm_AES_decrypt
+asm_AES_decrypt:
AES_decrypt:
push %rbx
push %rbp
@@ -672,43 +1199,59 @@
push %r14
push %r15
+ # allocate frame "above" key schedule
+ mov %rsp,%r10
+ lea -63(%rdx),%rcx # %rdx is key argument
+ and \$-64,%rsp
+ sub %rsp,%rcx
+ neg %rcx
+ and \$0x3c0,%rcx
+ sub %rcx,%rsp
+ sub \$32,%rsp
+
+ mov %rsi,16(%rsp) # save out
+ mov %r10,24(%rsp) # save real stack pointer
+.Ldec_prologue:
+
mov %rdx,$key
- mov %rdi,$inp
- mov %rsi,$out
+ mov 240($key),$rnds # load rounds
- .picmeup $sbox
- lea AES_Td-.($sbox),$sbox
+ mov 0(%rdi),$s0 # load input vector
+ mov 4(%rdi),$s1
+ mov 8(%rdi),$s2
+ mov 12(%rdi),$s3
- # prefetch Td4
- lea 2048+128($sbox),$sbox;
- mov 0-128($sbox),$s0
- mov 32-128($sbox),$s1
- mov 64-128($sbox),$s2
- mov 96-128($sbox),$s3
- mov 128-128($sbox),$s0
- mov 160-128($sbox),$s1
- mov 192-128($sbox),$s2
- mov 224-128($sbox),$s3
- lea -2048-128($sbox),$sbox;
+ shl \$4,$rnds
+ lea ($key,$rnds),%rbp
+ mov $key,(%rsp) # key schedule
+ mov %rbp,8(%rsp) # end of key schedule
- mov 0($inp),$s0
- mov 4($inp),$s1
- mov 8($inp),$s2
- mov 12($inp),$s3
+ # pick Td4 copy which can't "overlap" with stack frame or key schedule
+ lea .LAES_Td+2048(%rip),$sbox
+ lea 768(%rsp),%rbp
+ sub $sbox,%rbp
+ and \$0x300,%rbp
+ lea ($sbox,%rbp),$sbox
+ shr \$3,%rbp # recall "magic" constants!
+ add %rbp,$sbox
- call _x86_64_AES_decrypt
+ call _x86_64_AES_decrypt_compact
- mov $s0,0($out)
+ mov 16(%rsp),$out # restore out
+ mov 24(%rsp),%rsi # restore saved stack pointer
+ mov $s0,0($out) # write output vector
mov $s1,4($out)
mov $s2,8($out)
mov $s3,12($out)
- pop %r15
- pop %r14
- pop %r13
- pop %r12
- pop %rbp
- pop %rbx
+ mov (%rsi),%r15
+ mov 8(%rsi),%r14
+ mov 16(%rsi),%r13
+ mov 24(%rsi),%r12
+ mov 32(%rsi),%rbp
+ mov 40(%rsi),%rbx
+ lea 48(%rsi),%rsp
+.Ldec_epilogue:
ret
.size AES_decrypt,.-AES_decrypt
___
@@ -718,48 +1261,57 @@
{
$code.=<<___;
movz %dl,%esi # rk[i]>>0
- mov 2(%rbp,%rsi,8),%ebx
+ movzb -128(%rbp,%rsi),%ebx
movz %dh,%esi # rk[i]>>8
- and \$0xFF000000,%ebx
+ shl \$24,%ebx
xor %ebx,%eax
- mov 2(%rbp,%rsi,8),%ebx
+ movzb -128(%rbp,%rsi),%ebx
shr \$16,%edx
- and \$0x000000FF,%ebx
movz %dl,%esi # rk[i]>>16
xor %ebx,%eax
- mov 0(%rbp,%rsi,8),%ebx
+ movzb -128(%rbp,%rsi),%ebx
movz %dh,%esi # rk[i]>>24
- and \$0x0000FF00,%ebx
+ shl \$8,%ebx
xor %ebx,%eax
- mov 0(%rbp,%rsi,8),%ebx
- and \$0x00FF0000,%ebx
+ movzb -128(%rbp,%rsi),%ebx
+ shl \$16,%ebx
xor %ebx,%eax
- xor 2048(%rbp,%rcx,4),%eax # rcon
+ xor 1024-128(%rbp,%rcx,4),%eax # rcon
___
}
-# int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
+# int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
# AES_KEY *key)
$code.=<<___;
-.globl AES_set_encrypt_key
-.type AES_set_encrypt_key,\@function,3
+.globl private_AES_set_encrypt_key
+.type private_AES_set_encrypt_key,\@function,3
.align 16
-AES_set_encrypt_key:
+private_AES_set_encrypt_key:
push %rbx
push %rbp
+ push %r12 # redundant, but allows to share
+ push %r13 # exception handler...
+ push %r14
+ push %r15
sub \$8,%rsp
+.Lenc_key_prologue:
call _x86_64_AES_set_encrypt_key
- mov 8(%rsp),%rbp
- mov 16(%rsp),%rbx
- add \$24,%rsp
+ mov 8(%rsp),%r15
+ mov 16(%rsp),%r14
+ mov 24(%rsp),%r13
+ mov 32(%rsp),%r12
+ mov 40(%rsp),%rbp
+ mov 48(%rsp),%rbx
+ add \$56,%rsp
+.Lenc_key_epilogue:
ret
-.size AES_set_encrypt_key,.-AES_set_encrypt_key
+.size private_AES_set_encrypt_key,.-private_AES_set_encrypt_key
.type _x86_64_AES_set_encrypt_key,\@abi-omnipotent
.align 16
@@ -773,9 +1325,19 @@
test \$-1,%rdi
jz .Lbadpointer
- .picmeup %rbp
- lea AES_Te-.(%rbp),%rbp
+ lea .LAES_Te(%rip),%rbp
+ lea 2048+128(%rbp),%rbp
+ # prefetch Te4
+ mov 0-128(%rbp),%eax
+ mov 32-128(%rbp),%ebx
+ mov 64-128(%rbp),%r8d
+ mov 96-128(%rbp),%edx
+ mov 128-128(%rbp),%eax
+ mov 160-128(%rbp),%ebx
+ mov 192-128(%rbp),%r8d
+ mov 224-128(%rbp),%edx
+
cmp \$128,%ecx
je .L10rounds
cmp \$192,%ecx
@@ -786,15 +1348,12 @@
jmp .Lexit
.L10rounds:
- mov 0(%rsi),%eax # copy first 4 dwords
- mov 4(%rsi),%ebx
- mov 8(%rsi),%ecx
- mov 12(%rsi),%edx
- mov %eax,0(%rdi)
- mov %ebx,4(%rdi)
- mov %ecx,8(%rdi)
- mov %edx,12(%rdi)
+ mov 0(%rsi),%rax # copy first 4 dwords
+ mov 8(%rsi),%rdx
+ mov %rax,0(%rdi)
+ mov %rdx,8(%rdi)
+ shr \$32,%rdx
xor %ecx,%ecx
jmp .L10shortcut
.align 4
@@ -822,19 +1381,14 @@
jmp .Lexit
.L12rounds:
- mov 0(%rsi),%eax # copy first 6 dwords
- mov 4(%rsi),%ebx
- mov 8(%rsi),%ecx
- mov 12(%rsi),%edx
- mov %eax,0(%rdi)
- mov %ebx,4(%rdi)
- mov %ecx,8(%rdi)
- mov %edx,12(%rdi)
- mov 16(%rsi),%ecx
- mov 20(%rsi),%edx
- mov %ecx,16(%rdi)
- mov %edx,20(%rdi)
+ mov 0(%rsi),%rax # copy first 6 dwords
+ mov 8(%rsi),%rbx
+ mov 16(%rsi),%rdx
+ mov %rax,0(%rdi)
+ mov %rbx,8(%rdi)
+ mov %rdx,16(%rdi)
+ shr \$32,%rdx
xor %ecx,%ecx
jmp .L12shortcut
.align 4
@@ -870,30 +1424,23 @@
jmp .Lexit
.L14rounds:
- mov 0(%rsi),%eax # copy first 8 dwords
- mov 4(%rsi),%ebx
- mov 8(%rsi),%ecx
- mov 12(%rsi),%edx
- mov %eax,0(%rdi)
- mov %ebx,4(%rdi)
- mov %ecx,8(%rdi)
- mov %edx,12(%rdi)
- mov 16(%rsi),%eax
- mov 20(%rsi),%ebx
- mov 24(%rsi),%ecx
- mov 28(%rsi),%edx
- mov %eax,16(%rdi)
- mov %ebx,20(%rdi)
- mov %ecx,24(%rdi)
- mov %edx,28(%rdi)
+ mov 0(%rsi),%rax # copy first 8 dwords
+ mov 8(%rsi),%rbx
+ mov 16(%rsi),%rcx
+ mov 24(%rsi),%rdx
+ mov %rax,0(%rdi)
+ mov %rbx,8(%rdi)
+ mov %rcx,16(%rdi)
+ mov %rdx,24(%rdi)
+ shr \$32,%rdx
xor %ecx,%ecx
jmp .L14shortcut
.align 4
.L14loop:
+ mov 0(%rdi),%eax # rk[0]
mov 28(%rdi),%edx # rk[4]
.L14shortcut:
- mov 0(%rdi),%eax # rk[0]
___
&enckey ();
$code.=<<___;
@@ -912,24 +1459,23 @@
mov %eax,%edx
mov 16(%rdi),%eax # rk[4]
movz %dl,%esi # rk[11]>>0
- mov 2(%rbp,%rsi,8),%ebx
+ movzb -128(%rbp,%rsi),%ebx
movz %dh,%esi # rk[11]>>8
- and \$0x000000FF,%ebx
xor %ebx,%eax
- mov 0(%rbp,%rsi,8),%ebx
+ movzb -128(%rbp,%rsi),%ebx
shr \$16,%edx
- and \$0x0000FF00,%ebx
+ shl \$8,%ebx
movz %dl,%esi # rk[11]>>16
xor %ebx,%eax
- mov 0(%rbp,%rsi,8),%ebx
+ movzb -128(%rbp,%rsi),%ebx
movz %dh,%esi # rk[11]>>24
- and \$0x00FF0000,%ebx
+ shl \$16,%ebx
xor %ebx,%eax
- mov 2(%rbp,%rsi,8),%ebx
- and \$0xFF000000,%ebx
+ movzb -128(%rbp,%rsi),%ebx
+ shl \$24,%ebx
xor %ebx,%eax
mov %eax,48(%rdi) # rk[12]
@@ -950,42 +1496,79 @@
.Lbadpointer:
mov \$-1,%rax
.Lexit:
- .byte 0xf3,0xc3 # rep ret
+ .byte 0xf3,0xc3 # rep ret
.size _x86_64_AES_set_encrypt_key,.-_x86_64_AES_set_encrypt_key
___
-sub deckey()
+sub deckey_ref()
{ my ($i,$ptr,$te,$td) = @_;
+ my ($tp1,$tp2,$tp4,$tp8,$acc)=("%eax","%ebx","%edi","%edx","%r8d");
$code.=<<___;
- mov $i($ptr),%eax
- mov %eax,%edx
- movz %ah,%ebx
- shr \$16,%edx
- and \$0xFF,%eax
- movzb 2($te,%rax,8),%rax
- movzb 2($te,%rbx,8),%rbx
- mov 0($td,%rax,8),%eax
- xor 3($td,%rbx,8),%eax
- movzb %dh,%ebx
- and \$0xFF,%edx
- movzb 2($te,%rdx,8),%rdx
- movzb 2($te,%rbx,8),%rbx
- xor 2($td,%rdx,8),%eax
- xor 1($td,%rbx,8),%eax
- mov %eax,$i($ptr)
+ mov $i($ptr),$tp1
+ mov $tp1,$acc
+ and \$0x80808080,$acc
+ mov $acc,$tp4
+ shr \$7,$tp4
+ lea 0($tp1,$tp1),$tp2
+ sub $tp4,$acc
+ and \$0xfefefefe,$tp2
+ and \$0x1b1b1b1b,$acc
+ xor $tp2,$acc
+ mov $acc,$tp2
+
+ and \$0x80808080,$acc
+ mov $acc,$tp8
+ shr \$7,$tp8
+ lea 0($tp2,$tp2),$tp4
+ sub $tp8,$acc
+ and \$0xfefefefe,$tp4
+ and \$0x1b1b1b1b,$acc
+ xor $tp1,$tp2 # tp2^tp1
+ xor $tp4,$acc
+ mov $acc,$tp4
+
+ and \$0x80808080,$acc
+ mov $acc,$tp8
+ shr \$7,$tp8
+ sub $tp8,$acc
+ lea 0($tp4,$tp4),$tp8
+ xor $tp1,$tp4 # tp4^tp1
+ and \$0xfefefefe,$tp8
+ and \$0x1b1b1b1b,$acc
+ xor $acc,$tp8
+
+ xor $tp8,$tp1 # tp1^tp8
+ rol \$8,$tp1 # ROTATE(tp1^tp8,8)
+ xor $tp8,$tp2 # tp2^tp1^tp8
+ xor $tp8,$tp4 # tp4^tp1^tp8
+ xor $tp2,$tp8
+ xor $tp4,$tp8 # tp8^(tp8^tp4^tp1)^(tp8^tp2^tp1)=tp8^tp4^tp2
+
+ xor $tp8,$tp1
+ rol \$24,$tp2 # ROTATE(tp2^tp1^tp8,24)
+ xor $tp2,$tp1
+ rol \$16,$tp4 # ROTATE(tp4^tp1^tp8,16)
+ xor $tp4,$tp1
+
+ mov $tp1,$i($ptr)
___
}
-# int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
+# int private_AES_set_decrypt_key(const unsigned char *userKey, const int bits,
# AES_KEY *key)
$code.=<<___;
-.globl AES_set_decrypt_key
-.type AES_set_decrypt_key,\@function,3
+.globl private_AES_set_decrypt_key
+.type private_AES_set_decrypt_key,\@function,3
.align 16
-AES_set_decrypt_key:
+private_AES_set_decrypt_key:
push %rbx
push %rbp
+ push %r12
+ push %r13
+ push %r14
+ push %r15
push %rdx # save key schedule
+.Ldec_key_prologue:
call _x86_64_AES_set_encrypt_key
mov (%rsp),%r8 # restore key schedule
@@ -992,9 +1575,9 @@
cmp \$0,%eax
jne .Labort
- mov 240(%r8),%ecx # pull number of rounds
+ mov 240(%r8),%r14d # pull number of rounds
xor %rdi,%rdi
- lea (%rdi,%rcx,4),%rcx
+ lea (%rdi,%r14d,4),%rcx
mov %r8,%rsi
lea (%r8,%rcx,4),%rdi # pointer to last chunk
.align 4
@@ -1012,32 +1595,41 @@
cmp %rsi,%rdi
jne .Linvert
- .picmeup %r9
- lea AES_Td-.(%r9),%rdi
- lea AES_Te-AES_Td(%rdi),%r9
+ lea .LAES_Te+2048+1024(%rip),%rax # rcon
- mov %r8,%rsi
- mov 240(%r8),%ecx # pull number of rounds
- sub \$1,%ecx
+ mov 40(%rax),$mask80
+ mov 48(%rax),$maskfe
+ mov 56(%rax),$mask1b
+
+ mov %r8,$key
+ sub \$1,%r14d
.align 4
.Lpermute:
- lea 16(%rsi),%rsi
+ lea 16($key),$key
+ mov 0($key),%rax
+ mov 8($key),%rcx
___
- &deckey (0,"%rsi","%r9","%rdi");
- &deckey (4,"%rsi","%r9","%rdi");
- &deckey (8,"%rsi","%r9","%rdi");
- &deckey (12,"%rsi","%r9","%rdi");
+ &dectransform ();
$code.=<<___;
- sub \$1,%ecx
+ mov %eax,0($key)
+ mov %ebx,4($key)
+ mov %ecx,8($key)
+ mov %edx,12($key)
+ sub \$1,%r14d
jnz .Lpermute
xor %rax,%rax
.Labort:
- mov 8(%rsp),%rbp
- mov 16(%rsp),%rbx
- add \$24,%rsp
+ mov 8(%rsp),%r15
+ mov 16(%rsp),%r14
+ mov 24(%rsp),%r13
+ mov 32(%rsp),%r12
+ mov 40(%rsp),%rbp
+ mov 48(%rsp),%rbx
+ add \$56,%rsp
+.Ldec_key_epilogue:
ret
-.size AES_set_decrypt_key,.-AES_set_decrypt_key
+.size private_AES_set_decrypt_key,.-private_AES_set_decrypt_key
___
# void AES_cbc_encrypt (const void char *inp, unsigned char *out,
@@ -1046,22 +1638,30 @@
{
# stack frame layout
# -8(%rsp) return address
-my $_rsp="0(%rsp)"; # saved %rsp
-my $_len="8(%rsp)"; # copy of 3rd parameter, length
-my $_key="16(%rsp)"; # copy of 4th parameter, key
-my $_ivp="24(%rsp)"; # copy of 5th parameter, ivp
-my $keyp="32(%rsp)"; # one to pass as $key
-my $ivec="40(%rsp)"; # ivec[16]
-my $aes_key="56(%rsp)"; # copy of aes_key
-my $mark="56+240(%rsp)"; # copy of aes_key->rounds
+my $keyp="0(%rsp)"; # one to pass as $key
+my $keyend="8(%rsp)"; # &(keyp->rd_key[4*keyp->rounds])
+my $_rsp="16(%rsp)"; # saved %rsp
+my $_inp="24(%rsp)"; # copy of 1st parameter, inp
+my $_out="32(%rsp)"; # copy of 2nd parameter, out
+my $_len="40(%rsp)"; # copy of 3rd parameter, length
+my $_key="48(%rsp)"; # copy of 4th parameter, key
+my $_ivp="56(%rsp)"; # copy of 5th parameter, ivp
+my $ivec="64(%rsp)"; # ivec[16]
+my $aes_key="80(%rsp)"; # copy of aes_key
+my $mark="80+240(%rsp)"; # copy of aes_key->rounds
$code.=<<___;
.globl AES_cbc_encrypt
.type AES_cbc_encrypt,\@function,6
.align 16
+.extern OPENSSL_ia32cap_P
+.globl asm_AES_cbc_encrypt
+.hidden asm_AES_cbc_encrypt
+asm_AES_cbc_encrypt:
AES_cbc_encrypt:
cmp \$0,%rdx # check length
- je .Lcbc_just_ret
+ je .Lcbc_epilogue
+ pushfq
push %rbx
push %rbp
push %r12
@@ -1068,25 +1668,32 @@
push %r13
push %r14
push %r15
- pushfq
+.Lcbc_prologue:
+
cld
mov %r9d,%r9d # clear upper half of enc
- .picmeup $sbox
-.Lcbc_pic_point:
-
+ lea .LAES_Te(%rip),$sbox
cmp \$0,%r9
- je .LDECRYPT
+ jne .Lcbc_picked_te
+ lea .LAES_Td(%rip),$sbox
+.Lcbc_picked_te:
- lea AES_Te-.Lcbc_pic_point($sbox),$sbox
+ mov OPENSSL_ia32cap_P(%rip),%r10d
+ cmp \$$speed_limit,%rdx
+ jb .Lcbc_slow_prologue
+ test \$15,%rdx
+ jnz .Lcbc_slow_prologue
+ bt \$28,%r10d
+ jc .Lcbc_slow_prologue
# allocate aligned stack frame...
- lea -64-248(%rsp),$key
+ lea -88-248(%rsp),$key
and \$-64,$key
- # ... and make it doesn't alias with AES_Te modulo 4096
+ # ... and make sure it doesn't alias with AES_T[ed] modulo 4096
mov $sbox,%r10
- lea 2048($sbox),%r11
+ lea 2304($sbox),%r11
mov $key,%r12
and \$0xFFF,%r10 # s = $sbox&0xfff
and \$0xFFF,%r11 # e = ($sbox+2048)&0xfff
@@ -1106,22 +1713,27 @@
.Lcbc_te_ok:
xchg %rsp,$key
- add \$8,%rsp # reserve for return address!
+ #add \$8,%rsp # reserve for return address!
mov $key,$_rsp # save %rsp
+.Lcbc_fast_body:
+ mov %rdi,$_inp # save copy of inp
+ mov %rsi,$_out # save copy of out
mov %rdx,$_len # save copy of len
mov %rcx,$_key # save copy of key
mov %r8,$_ivp # save copy of ivp
movl \$0,$mark # copy of aes_key->rounds = 0;
mov %r8,%rbp # rearrange input arguments
+ mov %r9,%rbx
mov %rsi,$out
mov %rdi,$inp
mov %rcx,$key
+ mov 240($key),%eax # key->rounds
# do we copy key schedule to stack?
mov $key,%r10
sub $sbox,%r10
and \$0xfff,%r10
- cmp \$2048,%r10
+ cmp \$2304,%r10
jb .Lcbc_do_ecopy
cmp \$4096-248,%r10
jb .Lcbc_skip_ecopy
@@ -1132,12 +1744,11 @@
lea $aes_key,$key
mov \$240/8,%ecx
.long 0x90A548F3 # rep movsq
- mov (%rsi),%eax # copy aes_key->rounds
- mov %eax,(%rdi)
+ mov %eax,(%rdi) # copy aes_key->rounds
.Lcbc_skip_ecopy:
mov $key,$keyp # save key pointer
- mov \$16,%ecx
+ mov \$18,%ecx
.align 4
.Lcbc_prefetch_te:
mov 0($sbox),%r10
@@ -1147,42 +1758,41 @@
lea 128($sbox),$sbox
sub \$1,%ecx
jnz .Lcbc_prefetch_te
- sub \$2048,$sbox
+ lea -2304($sbox),$sbox
- test \$-16,%rdx # check upon length
- mov %rdx,%r10
+ cmp \$0,%rbx
+ je .LFAST_DECRYPT
+
+#----------------------------- ENCRYPT -----------------------------#
mov 0(%rbp),$s0 # load iv
mov 4(%rbp),$s1
mov 8(%rbp),$s2
mov 12(%rbp),$s3
- jz .Lcbc_enc_tail # short input...
.align 4
-.Lcbc_enc_loop:
+.Lcbc_fast_enc_loop:
xor 0($inp),$s0
xor 4($inp),$s1
xor 8($inp),$s2
xor 12($inp),$s3
- mov $inp,$ivec # if ($verticalspin) save inp
+ mov $keyp,$key # restore key
+ mov $inp,$_inp # if ($verticalspin) save inp
- mov $keyp,$key # restore key
call _x86_64_AES_encrypt
- mov $ivec,$inp # if ($verticalspin) restore inp
+ mov $_inp,$inp # if ($verticalspin) restore inp
+ mov $_len,%r10
mov $s0,0($out)
mov $s1,4($out)
mov $s2,8($out)
mov $s3,12($out)
- mov $_len,%r10
lea 16($inp),$inp
lea 16($out),$out
sub \$16,%r10
test \$-16,%r10
mov %r10,$_len
- jnz .Lcbc_enc_loop
- test \$15,%r10
- jnz .Lcbc_enc_tail
+ jnz .Lcbc_fast_enc_loop
mov $_ivp,%rbp # restore ivp
mov $s0,0(%rbp) # save ivec
mov $s1,4(%rbp)
@@ -1189,133 +1799,29 @@
mov $s2,8(%rbp)
mov $s3,12(%rbp)
-.align 4
-.Lcbc_cleanup:
- cmpl \$0,$mark # was the key schedule copied?
- lea $aes_key,%rdi
- je .Lcbc_exit
- mov \$240/8,%ecx
- xor %rax,%rax
- .long 0x90AB48F3 # rep stosq
-.Lcbc_exit:
- mov $_rsp,%rsp
- popfq
- pop %r15
- pop %r14
- pop %r13
- pop %r12
- pop %rbp
- pop %rbx
-.Lcbc_just_ret:
- ret
-.align 4
-.Lcbc_enc_tail:
- mov %rax,%r11
- mov %rcx,%r12
- mov %r10,%rcx
- mov $inp,%rsi
- mov $out,%rdi
- .long 0xF689A4F3 # rep movsb
- mov \$16,%rcx # zero tail
- sub %r10,%rcx
- xor %rax,%rax
- .long 0xF689AAF3 # rep stosb
- mov $out,$inp # this is not a mistake!
- movq \$16,$_len # len=16
- mov %r11,%rax
- mov %r12,%rcx
- jmp .Lcbc_enc_loop # one more spin...
+ jmp .Lcbc_fast_cleanup
+
#----------------------------- DECRYPT -----------------------------#
.align 16
-.LDECRYPT:
- lea AES_Td-.Lcbc_pic_point($sbox),$sbox
-
- # allocate aligned stack frame...
- lea -64-248(%rsp),$key
- and \$-64,$key
-
- # ... and make it doesn't alias with AES_Td modulo 4096
- mov $sbox,%r10
- lea 2304($sbox),%r11
- mov $key,%r12
- and \$0xFFF,%r10 # s = $sbox&0xfff
- and \$0xFFF,%r11 # e = ($sbox+2048+256)&0xfff
- and \$0xFFF,%r12 # p = %rsp&0xfff
-
- cmp %r11,%r12 # if (p=>e) %rsp =- (p-e);
- jb .Lcbc_td_break_out
- sub %r11,%r12
- sub %r12,$key
- jmp .Lcbc_td_ok
-.Lcbc_td_break_out: # else %rsp -= (p-s)&0xfff + framesz
- sub %r10,%r12
- and \$0xFFF,%r12
- add \$320,%r12
- sub %r12,$key
-.align 4
-.Lcbc_td_ok:
-
- xchg %rsp,$key
- add \$8,%rsp # reserve for return address!
- mov $key,$_rsp # save %rsp
- mov %rdx,$_len # save copy of len
- mov %rcx,$_key # save copy of key
- mov %r8,$_ivp # save copy of ivp
- movl \$0,$mark # copy of aes_key->rounds = 0;
- mov %r8,%rbp # rearrange input arguments
- mov %rsi,$out
- mov %rdi,$inp
- mov %rcx,$key
-
- # do we copy key schedule to stack?
- mov $key,%r10
- sub $sbox,%r10
- and \$0xfff,%r10
- cmp \$2304,%r10
- jb .Lcbc_do_dcopy
- cmp \$4096-248,%r10
- jb .Lcbc_skip_dcopy
-.align 4
-.Lcbc_do_dcopy:
- mov $key,%rsi
- lea $aes_key,%rdi
- lea $aes_key,$key
- mov \$240/8,%ecx
- .long 0x90A548F3 # rep movsq
- mov (%rsi),%eax # copy aes_key->rounds
- mov %eax,(%rdi)
-.Lcbc_skip_dcopy:
- mov $key,$keyp # save key pointer
-
- mov \$18,%ecx
-.align 4
-.Lcbc_prefetch_td:
- mov 0($sbox),%r10
- mov 32($sbox),%r11
- mov 64($sbox),%r12
- mov 96($sbox),%r13
- lea 128($sbox),$sbox
- sub \$1,%ecx
- jnz .Lcbc_prefetch_td
- sub \$2304,$sbox
-
+.LFAST_DECRYPT:
cmp $inp,$out
- je .Lcbc_dec_in_place
+ je .Lcbc_fast_dec_in_place
mov %rbp,$ivec
.align 4
-.Lcbc_dec_loop:
- mov 0($inp),$s0 # read input
+.Lcbc_fast_dec_loop:
+ mov 0($inp),$s0 # read input
mov 4($inp),$s1
mov 8($inp),$s2
mov 12($inp),$s3
- mov $inp,8+$ivec # if ($verticalspin) save inp
+ mov $keyp,$key # restore key
+ mov $inp,$_inp # if ($verticalspin) save inp
- mov $keyp,$key # restore key
call _x86_64_AES_decrypt
mov $ivec,%rbp # load ivp
- mov 8+$ivec,$inp # if ($verticalspin) restore inp
+ mov $_inp,$inp # if ($verticalspin) restore inp
+ mov $_len,%r10 # load len
xor 0(%rbp),$s0 # xor iv
xor 4(%rbp),$s1
xor 8(%rbp),$s2
@@ -1322,9 +1828,7 @@
xor 12(%rbp),$s3
mov $inp,%rbp # current input, next iv
- mov $_len,%r10 # load len
sub \$16,%r10
- jc .Lcbc_dec_partial
mov %r10,$_len # update len
mov %rbp,$ivec # update ivp
@@ -1335,81 +1839,281 @@
lea 16($inp),$inp
lea 16($out),$out
- jnz .Lcbc_dec_loop
-.Lcbc_dec_end:
+ jnz .Lcbc_fast_dec_loop
mov $_ivp,%r12 # load user ivp
mov 0(%rbp),%r10 # load iv
mov 8(%rbp),%r11
mov %r10,0(%r12) # copy back to user
mov %r11,8(%r12)
- jmp .Lcbc_cleanup
+ jmp .Lcbc_fast_cleanup
+.align 16
+.Lcbc_fast_dec_in_place:
+ mov 0(%rbp),%r10 # copy iv to stack
+ mov 8(%rbp),%r11
+ mov %r10,0+$ivec
+ mov %r11,8+$ivec
.align 4
-.Lcbc_dec_partial:
- mov $s0,0+$ivec # dump output to stack
- mov $s1,4+$ivec
- mov $s2,8+$ivec
- mov $s3,12+$ivec
- mov $out,%rdi
- lea $ivec,%rsi
- mov \$16,%rcx
- add %r10,%rcx # number of bytes to copy
- .long 0xF689A4F3 # rep movsb
- jmp .Lcbc_dec_end
-
-.align 16
-.Lcbc_dec_in_place:
+.Lcbc_fast_dec_in_place_loop:
mov 0($inp),$s0 # load input
mov 4($inp),$s1
mov 8($inp),$s2
mov 12($inp),$s3
+ mov $keyp,$key # restore key
+ mov $inp,$_inp # if ($verticalspin) save inp
- mov $inp,$ivec # if ($verticalspin) save inp
- mov $keyp,$key
call _x86_64_AES_decrypt
- mov $ivec,$inp # if ($verticalspin) restore inp
- mov $_ivp,%rbp
- xor 0(%rbp),$s0
- xor 4(%rbp),$s1
- xor 8(%rbp),$s2
- xor 12(%rbp),$s3
+ mov $_inp,$inp # if ($verticalspin) restore inp
+ mov $_len,%r10
+ xor 0+$ivec,$s0
+ xor 4+$ivec,$s1
+ xor 8+$ivec,$s2
+ xor 12+$ivec,$s3
- mov 0($inp),%r10 # copy input to iv
- mov 8($inp),%r11
- mov %r10,0(%rbp)
- mov %r11,8(%rbp)
+ mov 0($inp),%r11 # load input
+ mov 8($inp),%r12
+ sub \$16,%r10
+ jz .Lcbc_fast_dec_in_place_done
+ mov %r11,0+$ivec # copy input to iv
+ mov %r12,8+$ivec
+
mov $s0,0($out) # save output [zaps input]
mov $s1,4($out)
mov $s2,8($out)
mov $s3,12($out)
- mov $_len,%rcx
lea 16($inp),$inp
lea 16($out),$out
- sub \$16,%rcx
- jc .Lcbc_dec_in_place_partial
- mov %rcx,$_len
- jnz .Lcbc_dec_in_place
- jmp .Lcbc_cleanup
+ mov %r10,$_len
+ jmp .Lcbc_fast_dec_in_place_loop
+.Lcbc_fast_dec_in_place_done:
+ mov $_ivp,%rdi
+ mov %r11,0(%rdi) # copy iv back to user
+ mov %r12,8(%rdi)
+ mov $s0,0($out) # save output [zaps input]
+ mov $s1,4($out)
+ mov $s2,8($out)
+ mov $s3,12($out)
+
.align 4
-.Lcbc_dec_in_place_partial:
- # one can argue if this is actually required
- lea ($out,%rcx),%rdi
- lea (%rbp,%rcx),%rsi
- neg %rcx
- .long 0xF689A4F3 # rep movsb # restore tail
- jmp .Lcbc_cleanup
+.Lcbc_fast_cleanup:
+ cmpl \$0,$mark # was the key schedule copied?
+ lea $aes_key,%rdi
+ je .Lcbc_exit
+ mov \$240/8,%ecx
+ xor %rax,%rax
+ .long 0x90AB48F3 # rep stosq
+
+ jmp .Lcbc_exit
+
+#--------------------------- SLOW ROUTINE ---------------------------#
+.align 16
+.Lcbc_slow_prologue:
+ # allocate aligned stack frame...
+ lea -88(%rsp),%rbp
+ and \$-64,%rbp
+ # ... just "above" key schedule
+ lea -88-63(%rcx),%r10
+ sub %rbp,%r10
+ neg %r10
+ and \$0x3c0,%r10
+ sub %r10,%rbp
+
+ xchg %rsp,%rbp
+ #add \$8,%rsp # reserve for return address!
+ mov %rbp,$_rsp # save %rsp
+.Lcbc_slow_body:
+ #mov %rdi,$_inp # save copy of inp
+ #mov %rsi,$_out # save copy of out
+ #mov %rdx,$_len # save copy of len
+ #mov %rcx,$_key # save copy of key
+ mov %r8,$_ivp # save copy of ivp
+ mov %r8,%rbp # rearrange input arguments
+ mov %r9,%rbx
+ mov %rsi,$out
+ mov %rdi,$inp
+ mov %rcx,$key
+ mov %rdx,%r10
+
+ mov 240($key),%eax
+ mov $key,$keyp # save key pointer
+ shl \$4,%eax
+ lea ($key,%rax),%rax
+ mov %rax,$keyend
+
+ # pick Te4 copy which can't "overlap" with stack frame or key scdedule
+ lea 2048($sbox),$sbox
+ lea 768-8(%rsp),%rax
+ sub $sbox,%rax
+ and \$0x300,%rax
+ lea ($sbox,%rax),$sbox
+
+ cmp \$0,%rbx
+ je .LSLOW_DECRYPT
+
+#--------------------------- SLOW ENCRYPT ---------------------------#
+ test \$-16,%r10 # check upon length
+ mov 0(%rbp),$s0 # load iv
+ mov 4(%rbp),$s1
+ mov 8(%rbp),$s2
+ mov 12(%rbp),$s3
+ jz .Lcbc_slow_enc_tail # short input...
+
+.align 4
+.Lcbc_slow_enc_loop:
+ xor 0($inp),$s0
+ xor 4($inp),$s1
+ xor 8($inp),$s2
+ xor 12($inp),$s3
+ mov $keyp,$key # restore key
+ mov $inp,$_inp # save inp
+ mov $out,$_out # save out
+ mov %r10,$_len # save len
+
+ call _x86_64_AES_encrypt_compact
+
+ mov $_inp,$inp # restore inp
+ mov $_out,$out # restore out
+ mov $_len,%r10 # restore len
+ mov $s0,0($out)
+ mov $s1,4($out)
+ mov $s2,8($out)
+ mov $s3,12($out)
+
+ lea 16($inp),$inp
+ lea 16($out),$out
+ sub \$16,%r10
+ test \$-16,%r10
+ jnz .Lcbc_slow_enc_loop
+ test \$15,%r10
+ jnz .Lcbc_slow_enc_tail
+ mov $_ivp,%rbp # restore ivp
+ mov $s0,0(%rbp) # save ivec
+ mov $s1,4(%rbp)
+ mov $s2,8(%rbp)
+ mov $s3,12(%rbp)
+
+ jmp .Lcbc_exit
+
+.align 4
+.Lcbc_slow_enc_tail:
+ mov %rax,%r11
+ mov %rcx,%r12
+ mov %r10,%rcx
+ mov $inp,%rsi
+ mov $out,%rdi
+ .long 0x9066A4F3 # rep movsb
+ mov \$16,%rcx # zero tail
+ sub %r10,%rcx
+ xor %rax,%rax
+ .long 0x9066AAF3 # rep stosb
+ mov $out,$inp # this is not a mistake!
+ mov \$16,%r10 # len=16
+ mov %r11,%rax
+ mov %r12,%rcx
+ jmp .Lcbc_slow_enc_loop # one more spin...
+#--------------------------- SLOW DECRYPT ---------------------------#
+.align 16
+.LSLOW_DECRYPT:
+ shr \$3,%rax
+ add %rax,$sbox # recall "magic" constants!
+
+ mov 0(%rbp),%r11 # copy iv to stack
+ mov 8(%rbp),%r12
+ mov %r11,0+$ivec
+ mov %r12,8+$ivec
+
+.align 4
+.Lcbc_slow_dec_loop:
+ mov 0($inp),$s0 # load input
+ mov 4($inp),$s1
+ mov 8($inp),$s2
+ mov 12($inp),$s3
+ mov $keyp,$key # restore key
+ mov $inp,$_inp # save inp
+ mov $out,$_out # save out
+ mov %r10,$_len # save len
+
+ call _x86_64_AES_decrypt_compact
+
+ mov $_inp,$inp # restore inp
+ mov $_out,$out # restore out
+ mov $_len,%r10
+ xor 0+$ivec,$s0
+ xor 4+$ivec,$s1
+ xor 8+$ivec,$s2
+ xor 12+$ivec,$s3
+
+ mov 0($inp),%r11 # load input
+ mov 8($inp),%r12
+ sub \$16,%r10
+ jc .Lcbc_slow_dec_partial
+ jz .Lcbc_slow_dec_done
+
+ mov %r11,0+$ivec # copy input to iv
+ mov %r12,8+$ivec
+
+ mov $s0,0($out) # save output [can zap input]
+ mov $s1,4($out)
+ mov $s2,8($out)
+ mov $s3,12($out)
+
+ lea 16($inp),$inp
+ lea 16($out),$out
+ jmp .Lcbc_slow_dec_loop
+.Lcbc_slow_dec_done:
+ mov $_ivp,%rdi
+ mov %r11,0(%rdi) # copy iv back to user
+ mov %r12,8(%rdi)
+
+ mov $s0,0($out) # save output [can zap input]
+ mov $s1,4($out)
+ mov $s2,8($out)
+ mov $s3,12($out)
+
+ jmp .Lcbc_exit
+
+.align 4
+.Lcbc_slow_dec_partial:
+ mov $_ivp,%rdi
+ mov %r11,0(%rdi) # copy iv back to user
+ mov %r12,8(%rdi)
+
+ mov $s0,0+$ivec # save output to stack
+ mov $s1,4+$ivec
+ mov $s2,8+$ivec
+ mov $s3,12+$ivec
+
+ mov $out,%rdi
+ lea $ivec,%rsi
+ lea 16(%r10),%rcx
+ .long 0x9066A4F3 # rep movsb
+ jmp .Lcbc_exit
+
+.align 16
+.Lcbc_exit:
+ mov $_rsp,%rsi
+ mov (%rsi),%r15
+ mov 8(%rsi),%r14
+ mov 16(%rsi),%r13
+ mov 24(%rsi),%r12
+ mov 32(%rsi),%rbp
+ mov 40(%rsi),%rbx
+ lea 48(%rsi),%rsp
+.Lcbc_popfq:
+ popfq
+.Lcbc_epilogue:
+ ret
.size AES_cbc_encrypt,.-AES_cbc_encrypt
___
}
$code.=<<___;
-.globl AES_Te
.align 64
-AES_Te:
+.LAES_Te:
___
&_data_word(0xa56363c6, 0x847c7cf8, 0x997777ee, 0x8d7b7bf6);
&_data_word(0x0df2f2ff, 0xbd6b6bd6, 0xb16f6fde, 0x54c5c591);
@@ -1475,16 +2179,149 @@
&_data_word(0xdabfbf65, 0x31e6e6d7, 0xc6424284, 0xb86868d0);
&_data_word(0xc3414182, 0xb0999929, 0x772d2d5a, 0x110f0f1e);
&_data_word(0xcbb0b07b, 0xfc5454a8, 0xd6bbbb6d, 0x3a16162c);
+
+#Te4 # four copies of Te4 to choose from to avoid L1 aliasing
+ &data_byte(0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5);
+ &data_byte(0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76);
+ &data_byte(0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0);
+ &data_byte(0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0);
+ &data_byte(0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc);
+ &data_byte(0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15);
+ &data_byte(0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a);
+ &data_byte(0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75);
+ &data_byte(0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0);
+ &data_byte(0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84);
+ &data_byte(0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b);
+ &data_byte(0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf);
+ &data_byte(0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85);
+ &data_byte(0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8);
+ &data_byte(0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5);
+ &data_byte(0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2);
+ &data_byte(0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17);
+ &data_byte(0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73);
+ &data_byte(0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88);
+ &data_byte(0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb);
+ &data_byte(0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c);
+ &data_byte(0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79);
+ &data_byte(0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9);
+ &data_byte(0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08);
+ &data_byte(0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6);
+ &data_byte(0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a);
+ &data_byte(0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e);
+ &data_byte(0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e);
+ &data_byte(0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94);
+ &data_byte(0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf);
+ &data_byte(0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68);
+ &data_byte(0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16);
+
+ &data_byte(0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5);
+ &data_byte(0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76);
+ &data_byte(0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0);
+ &data_byte(0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0);
+ &data_byte(0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc);
+ &data_byte(0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15);
+ &data_byte(0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a);
+ &data_byte(0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75);
+ &data_byte(0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0);
+ &data_byte(0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84);
+ &data_byte(0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b);
+ &data_byte(0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf);
+ &data_byte(0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85);
+ &data_byte(0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8);
+ &data_byte(0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5);
+ &data_byte(0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2);
+ &data_byte(0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17);
+ &data_byte(0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73);
+ &data_byte(0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88);
+ &data_byte(0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb);
+ &data_byte(0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c);
+ &data_byte(0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79);
+ &data_byte(0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9);
+ &data_byte(0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08);
+ &data_byte(0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6);
+ &data_byte(0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a);
+ &data_byte(0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e);
+ &data_byte(0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e);
+ &data_byte(0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94);
+ &data_byte(0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf);
+ &data_byte(0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68);
+ &data_byte(0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16);
+
+ &data_byte(0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5);
+ &data_byte(0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76);
+ &data_byte(0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0);
+ &data_byte(0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0);
+ &data_byte(0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc);
+ &data_byte(0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15);
+ &data_byte(0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a);
+ &data_byte(0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75);
+ &data_byte(0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0);
+ &data_byte(0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84);
+ &data_byte(0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b);
+ &data_byte(0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf);
+ &data_byte(0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85);
+ &data_byte(0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8);
+ &data_byte(0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5);
+ &data_byte(0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2);
+ &data_byte(0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17);
+ &data_byte(0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73);
+ &data_byte(0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88);
+ &data_byte(0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb);
+ &data_byte(0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c);
+ &data_byte(0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79);
+ &data_byte(0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9);
+ &data_byte(0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08);
+ &data_byte(0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6);
+ &data_byte(0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a);
+ &data_byte(0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e);
+ &data_byte(0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e);
+ &data_byte(0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94);
+ &data_byte(0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf);
+ &data_byte(0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68);
+ &data_byte(0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16);
+
+ &data_byte(0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5);
+ &data_byte(0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76);
+ &data_byte(0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0);
+ &data_byte(0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0);
+ &data_byte(0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc);
+ &data_byte(0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15);
+ &data_byte(0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a);
+ &data_byte(0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75);
+ &data_byte(0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0);
+ &data_byte(0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84);
+ &data_byte(0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b);
+ &data_byte(0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf);
+ &data_byte(0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85);
+ &data_byte(0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8);
+ &data_byte(0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5);
+ &data_byte(0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2);
+ &data_byte(0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17);
+ &data_byte(0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73);
+ &data_byte(0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88);
+ &data_byte(0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb);
+ &data_byte(0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c);
+ &data_byte(0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79);
+ &data_byte(0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9);
+ &data_byte(0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08);
+ &data_byte(0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6);
+ &data_byte(0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a);
+ &data_byte(0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e);
+ &data_byte(0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e);
+ &data_byte(0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94);
+ &data_byte(0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf);
+ &data_byte(0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68);
+ &data_byte(0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16);
#rcon:
$code.=<<___;
.long 0x00000001, 0x00000002, 0x00000004, 0x00000008
.long 0x00000010, 0x00000020, 0x00000040, 0x00000080
- .long 0x0000001b, 0x00000036, 0, 0, 0, 0, 0, 0
+ .long 0x0000001b, 0x00000036, 0x80808080, 0x80808080
+ .long 0xfefefefe, 0xfefefefe, 0x1b1b1b1b, 0x1b1b1b1b
___
$code.=<<___;
-.globl AES_Td
.align 64
-AES_Td:
+.LAES_Td:
___
&_data_word(0x50a7f451, 0x5365417e, 0xc3a4171a, 0x965e273a);
&_data_word(0xcb6bab3b, 0xf1459d1f, 0xab58faac, 0x9303e34b);
@@ -1550,7 +2387,8 @@
&_data_word(0x72c31d16, 0x0c25e2bc, 0x8b493c28, 0x41950dff);
&_data_word(0x7101a839, 0xdeb30c08, 0x9ce4b4d8, 0x90c15664);
&_data_word(0x6184cb7b, 0x70b632d5, 0x745c6c48, 0x4257b8d0);
-#Td4:
+
+#Td4: # four copies of Td4 to choose from to avoid L1 aliasing
&data_byte(0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38);
&data_byte(0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb);
&data_byte(0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87);
@@ -1583,7 +2421,397 @@
&data_byte(0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61);
&data_byte(0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26);
&data_byte(0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d);
+$code.=<<___;
+ .long 0x80808080, 0x80808080, 0xfefefefe, 0xfefefefe
+ .long 0x1b1b1b1b, 0x1b1b1b1b, 0, 0
+___
+ &data_byte(0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38);
+ &data_byte(0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb);
+ &data_byte(0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87);
+ &data_byte(0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb);
+ &data_byte(0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d);
+ &data_byte(0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e);
+ &data_byte(0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2);
+ &data_byte(0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25);
+ &data_byte(0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16);
+ &data_byte(0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92);
+ &data_byte(0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda);
+ &data_byte(0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84);
+ &data_byte(0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a);
+ &data_byte(0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06);
+ &data_byte(0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02);
+ &data_byte(0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b);
+ &data_byte(0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea);
+ &data_byte(0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73);
+ &data_byte(0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85);
+ &data_byte(0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e);
+ &data_byte(0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89);
+ &data_byte(0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b);
+ &data_byte(0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20);
+ &data_byte(0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4);
+ &data_byte(0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31);
+ &data_byte(0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f);
+ &data_byte(0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d);
+ &data_byte(0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef);
+ &data_byte(0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0);
+ &data_byte(0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61);
+ &data_byte(0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26);
+ &data_byte(0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d);
+$code.=<<___;
+ .long 0x80808080, 0x80808080, 0xfefefefe, 0xfefefefe
+ .long 0x1b1b1b1b, 0x1b1b1b1b, 0, 0
+___
+ &data_byte(0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38);
+ &data_byte(0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb);
+ &data_byte(0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87);
+ &data_byte(0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb);
+ &data_byte(0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d);
+ &data_byte(0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e);
+ &data_byte(0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2);
+ &data_byte(0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25);
+ &data_byte(0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16);
+ &data_byte(0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92);
+ &data_byte(0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda);
+ &data_byte(0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84);
+ &data_byte(0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a);
+ &data_byte(0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06);
+ &data_byte(0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02);
+ &data_byte(0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b);
+ &data_byte(0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea);
+ &data_byte(0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73);
+ &data_byte(0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85);
+ &data_byte(0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e);
+ &data_byte(0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89);
+ &data_byte(0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b);
+ &data_byte(0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20);
+ &data_byte(0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4);
+ &data_byte(0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31);
+ &data_byte(0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f);
+ &data_byte(0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d);
+ &data_byte(0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef);
+ &data_byte(0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0);
+ &data_byte(0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61);
+ &data_byte(0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26);
+ &data_byte(0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d);
+$code.=<<___;
+ .long 0x80808080, 0x80808080, 0xfefefefe, 0xfefefefe
+ .long 0x1b1b1b1b, 0x1b1b1b1b, 0, 0
+___
+ &data_byte(0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38);
+ &data_byte(0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb);
+ &data_byte(0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87);
+ &data_byte(0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb);
+ &data_byte(0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d);
+ &data_byte(0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e);
+ &data_byte(0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2);
+ &data_byte(0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25);
+ &data_byte(0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16);
+ &data_byte(0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92);
+ &data_byte(0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda);
+ &data_byte(0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84);
+ &data_byte(0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a);
+ &data_byte(0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06);
+ &data_byte(0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02);
+ &data_byte(0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b);
+ &data_byte(0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea);
+ &data_byte(0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73);
+ &data_byte(0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85);
+ &data_byte(0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e);
+ &data_byte(0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89);
+ &data_byte(0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b);
+ &data_byte(0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20);
+ &data_byte(0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4);
+ &data_byte(0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31);
+ &data_byte(0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f);
+ &data_byte(0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d);
+ &data_byte(0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef);
+ &data_byte(0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0);
+ &data_byte(0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61);
+ &data_byte(0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26);
+ &data_byte(0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d);
+$code.=<<___;
+ .long 0x80808080, 0x80808080, 0xfefefefe, 0xfefefefe
+ .long 0x1b1b1b1b, 0x1b1b1b1b, 0, 0
+.asciz "AES for x86_64, CRYPTOGAMS by <appro\@openssl.org>"
+.align 64
+___
+# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
+# CONTEXT *context,DISPATCHER_CONTEXT *disp)
+if ($win64) {
+$rec="%rcx";
+$frame="%rdx";
+$context="%r8";
+$disp="%r9";
+
+$code.=<<___;
+.extern __imp_RtlVirtualUnwind
+.type block_se_handler,\@abi-omnipotent
+.align 16
+block_se_handler:
+ push %rsi
+ push %rdi
+ push %rbx
+ push %rbp
+ push %r12
+ push %r13
+ push %r14
+ push %r15
+ pushfq
+ sub \$64,%rsp
+
+ mov 120($context),%rax # pull context->Rax
+ mov 248($context),%rbx # pull context->Rip
+
+ mov 8($disp),%rsi # disp->ImageBase
+ mov 56($disp),%r11 # disp->HandlerData
+
+ mov 0(%r11),%r10d # HandlerData[0]
+ lea (%rsi,%r10),%r10 # prologue label
+ cmp %r10,%rbx # context->Rip<prologue label
+ jb .Lin_block_prologue
+
+ mov 152($context),%rax # pull context->Rsp
+
+ mov 4(%r11),%r10d # HandlerData[1]
+ lea (%rsi,%r10),%r10 # epilogue label
+ cmp %r10,%rbx # context->Rip>=epilogue label
+ jae .Lin_block_prologue
+
+ mov 24(%rax),%rax # pull saved real stack pointer
+ lea 48(%rax),%rax # adjust...
+
+ mov -8(%rax),%rbx
+ mov -16(%rax),%rbp
+ mov -24(%rax),%r12
+ mov -32(%rax),%r13
+ mov -40(%rax),%r14
+ mov -48(%rax),%r15
+ mov %rbx,144($context) # restore context->Rbx
+ mov %rbp,160($context) # restore context->Rbp
+ mov %r12,216($context) # restore context->R12
+ mov %r13,224($context) # restore context->R13
+ mov %r14,232($context) # restore context->R14
+ mov %r15,240($context) # restore context->R15
+
+.Lin_block_prologue:
+ mov 8(%rax),%rdi
+ mov 16(%rax),%rsi
+ mov %rax,152($context) # restore context->Rsp
+ mov %rsi,168($context) # restore context->Rsi
+ mov %rdi,176($context) # restore context->Rdi
+
+ jmp .Lcommon_seh_exit
+.size block_se_handler,.-block_se_handler
+
+.type key_se_handler,\@abi-omnipotent
+.align 16
+key_se_handler:
+ push %rsi
+ push %rdi
+ push %rbx
+ push %rbp
+ push %r12
+ push %r13
+ push %r14
+ push %r15
+ pushfq
+ sub \$64,%rsp
+
+ mov 120($context),%rax # pull context->Rax
+ mov 248($context),%rbx # pull context->Rip
+
+ mov 8($disp),%rsi # disp->ImageBase
+ mov 56($disp),%r11 # disp->HandlerData
+
+ mov 0(%r11),%r10d # HandlerData[0]
+ lea (%rsi,%r10),%r10 # prologue label
+ cmp %r10,%rbx # context->Rip<prologue label
+ jb .Lin_key_prologue
+
+ mov 152($context),%rax # pull context->Rsp
+
+ mov 4(%r11),%r10d # HandlerData[1]
+ lea (%rsi,%r10),%r10 # epilogue label
+ cmp %r10,%rbx # context->Rip>=epilogue label
+ jae .Lin_key_prologue
+
+ lea 56(%rax),%rax
+
+ mov -8(%rax),%rbx
+ mov -16(%rax),%rbp
+ mov -24(%rax),%r12
+ mov -32(%rax),%r13
+ mov -40(%rax),%r14
+ mov -48(%rax),%r15
+ mov %rbx,144($context) # restore context->Rbx
+ mov %rbp,160($context) # restore context->Rbp
+ mov %r12,216($context) # restore context->R12
+ mov %r13,224($context) # restore context->R13
+ mov %r14,232($context) # restore context->R14
+ mov %r15,240($context) # restore context->R15
+
+.Lin_key_prologue:
+ mov 8(%rax),%rdi
+ mov 16(%rax),%rsi
+ mov %rax,152($context) # restore context->Rsp
+ mov %rsi,168($context) # restore context->Rsi
+ mov %rdi,176($context) # restore context->Rdi
+
+ jmp .Lcommon_seh_exit
+.size key_se_handler,.-key_se_handler
+
+.type cbc_se_handler,\@abi-omnipotent
+.align 16
+cbc_se_handler:
+ push %rsi
+ push %rdi
+ push %rbx
+ push %rbp
+ push %r12
+ push %r13
+ push %r14
+ push %r15
+ pushfq
+ sub \$64,%rsp
+
+ mov 120($context),%rax # pull context->Rax
+ mov 248($context),%rbx # pull context->Rip
+
+ lea .Lcbc_prologue(%rip),%r10
+ cmp %r10,%rbx # context->Rip<.Lcbc_prologue
+ jb .Lin_cbc_prologue
+
+ lea .Lcbc_fast_body(%rip),%r10
+ cmp %r10,%rbx # context->Rip<.Lcbc_fast_body
+ jb .Lin_cbc_frame_setup
+
+ lea .Lcbc_slow_prologue(%rip),%r10
+ cmp %r10,%rbx # context->Rip<.Lcbc_slow_prologue
+ jb .Lin_cbc_body
+
+ lea .Lcbc_slow_body(%rip),%r10
+ cmp %r10,%rbx # context->Rip<.Lcbc_slow_body
+ jb .Lin_cbc_frame_setup
+
+.Lin_cbc_body:
+ mov 152($context),%rax # pull context->Rsp
+
+ lea .Lcbc_epilogue(%rip),%r10
+ cmp %r10,%rbx # context->Rip>=.Lcbc_epilogue
+ jae .Lin_cbc_prologue
+
+ lea 8(%rax),%rax
+
+ lea .Lcbc_popfq(%rip),%r10
+ cmp %r10,%rbx # context->Rip>=.Lcbc_popfq
+ jae .Lin_cbc_prologue
+
+ mov `16-8`(%rax),%rax # biased $_rsp
+ lea 56(%rax),%rax
+
+.Lin_cbc_frame_setup:
+ mov -16(%rax),%rbx
+ mov -24(%rax),%rbp
+ mov -32(%rax),%r12
+ mov -40(%rax),%r13
+ mov -48(%rax),%r14
+ mov -56(%rax),%r15
+ mov %rbx,144($context) # restore context->Rbx
+ mov %rbp,160($context) # restore context->Rbp
+ mov %r12,216($context) # restore context->R12
+ mov %r13,224($context) # restore context->R13
+ mov %r14,232($context) # restore context->R14
+ mov %r15,240($context) # restore context->R15
+
+.Lin_cbc_prologue:
+ mov 8(%rax),%rdi
+ mov 16(%rax),%rsi
+ mov %rax,152($context) # restore context->Rsp
+ mov %rsi,168($context) # restore context->Rsi
+ mov %rdi,176($context) # restore context->Rdi
+
+.Lcommon_seh_exit:
+
+ mov 40($disp),%rdi # disp->ContextRecord
+ mov $context,%rsi # context
+ mov \$`1232/8`,%ecx # sizeof(CONTEXT)
+ .long 0xa548f3fc # cld; rep movsq
+
+ mov $disp,%rsi
+ xor %rcx,%rcx # arg1, UNW_FLAG_NHANDLER
+ mov 8(%rsi),%rdx # arg2, disp->ImageBase
+ mov 0(%rsi),%r8 # arg3, disp->ControlPc
+ mov 16(%rsi),%r9 # arg4, disp->FunctionEntry
+ mov 40(%rsi),%r10 # disp->ContextRecord
+ lea 56(%rsi),%r11 # &disp->HandlerData
+ lea 24(%rsi),%r12 # &disp->EstablisherFrame
+ mov %r10,32(%rsp) # arg5
+ mov %r11,40(%rsp) # arg6
+ mov %r12,48(%rsp) # arg7
+ mov %rcx,56(%rsp) # arg8, (NULL)
+ call *__imp_RtlVirtualUnwind(%rip)
+
+ mov \$1,%eax # ExceptionContinueSearch
+ add \$64,%rsp
+ popfq
+ pop %r15
+ pop %r14
+ pop %r13
+ pop %r12
+ pop %rbp
+ pop %rbx
+ pop %rdi
+ pop %rsi
+ ret
+.size cbc_se_handler,.-cbc_se_handler
+
+.section .pdata
+.align 4
+ .rva .LSEH_begin_AES_encrypt
+ .rva .LSEH_end_AES_encrypt
+ .rva .LSEH_info_AES_encrypt
+
+ .rva .LSEH_begin_AES_decrypt
+ .rva .LSEH_end_AES_decrypt
+ .rva .LSEH_info_AES_decrypt
+
+ .rva .LSEH_begin_private_AES_set_encrypt_key
+ .rva .LSEH_end_private_AES_set_encrypt_key
+ .rva .LSEH_info_private_AES_set_encrypt_key
+
+ .rva .LSEH_begin_private_AES_set_decrypt_key
+ .rva .LSEH_end_private_AES_set_decrypt_key
+ .rva .LSEH_info_private_AES_set_decrypt_key
+
+ .rva .LSEH_begin_AES_cbc_encrypt
+ .rva .LSEH_end_AES_cbc_encrypt
+ .rva .LSEH_info_AES_cbc_encrypt
+
+.section .xdata
+.align 8
+.LSEH_info_AES_encrypt:
+ .byte 9,0,0,0
+ .rva block_se_handler
+ .rva .Lenc_prologue,.Lenc_epilogue # HandlerData[]
+.LSEH_info_AES_decrypt:
+ .byte 9,0,0,0
+ .rva block_se_handler
+ .rva .Ldec_prologue,.Ldec_epilogue # HandlerData[]
+.LSEH_info_private_AES_set_encrypt_key:
+ .byte 9,0,0,0
+ .rva key_se_handler
+ .rva .Lenc_key_prologue,.Lenc_key_epilogue # HandlerData[]
+.LSEH_info_private_AES_set_decrypt_key:
+ .byte 9,0,0,0
+ .rva key_se_handler
+ .rva .Ldec_key_prologue,.Ldec_key_epilogue # HandlerData[]
+.LSEH_info_AES_cbc_encrypt:
+ .byte 9,0,0,0
+ .rva cbc_se_handler
+___
+}
+
$code =~ s/\`([^\`]*)\`/eval($1)/gem;
print $code;
Copied: trunk/crypto/openssl/crypto/aes/asm/aesni-sha1-x86_64.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/aes/asm/aesni-sha1-x86_64.pl)
===================================================================
--- trunk/crypto/openssl/crypto/aes/asm/aesni-sha1-x86_64.pl (rev 0)
+++ trunk/crypto/openssl/crypto/aes/asm/aesni-sha1-x86_64.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,1250 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+#
+# June 2011
+#
+# This is AESNI-CBC+SHA1 "stitch" implementation. The idea, as spelled
+# in http://download.intel.com/design/intarch/papers/323686.pdf, is
+# that since AESNI-CBC encrypt exhibit *very* low instruction-level
+# parallelism, interleaving it with another algorithm would allow to
+# utilize processor resources better and achieve better performance.
+# SHA1 instruction sequences(*) are taken from sha1-x86_64.pl and
+# AESNI code is weaved into it. Below are performance numbers in
+# cycles per processed byte, less is better, for standalone AESNI-CBC
+# encrypt, sum of the latter and standalone SHA1, and "stitched"
+# subroutine:
+#
+# AES-128-CBC +SHA1 stitch gain
+# Westmere 3.77[+5.6] 9.37 6.65 +41%
+# Sandy Bridge 5.05[+5.2(6.3)] 10.25(11.35) 6.16(7.08) +67%(+60%)
+#
+# AES-192-CBC
+# Westmere 4.51 10.11 6.97 +45%
+# Sandy Bridge 6.05 11.25(12.35) 6.34(7.27) +77%(+70%)
+#
+# AES-256-CBC
+# Westmere 5.25 10.85 7.25 +50%
+# Sandy Bridge 7.05 12.25(13.35) 7.06(7.70) +74%(+73%)
+#
+# (*) There are two code paths: SSSE3 and AVX. See sha1-568.pl for
+# background information. Above numbers in parentheses are SSSE3
+# results collected on AVX-capable CPU, i.e. apply on OSes that
+# don't support AVX.
+#
+# Needless to mention that it makes no sense to implement "stitched"
+# *decrypt* subroutine. Because *both* AESNI-CBC decrypt and SHA1
+# fully utilize parallelism, so stitching would not give any gain
+# anyway. Well, there might be some, e.g. because of better cache
+# locality... For reference, here are performance results for
+# standalone AESNI-CBC decrypt:
+#
+# AES-128-CBC AES-192-CBC AES-256-CBC
+# Westmere 1.31 1.55 1.80
+# Sandy Bridge 0.93 1.06 1.22
+
+$flavour = shift;
+$output = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+
+$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
+die "can't locate x86_64-xlate.pl";
+
+$avx=1 if (`$ENV{CC} -Wa,-v -c -o /dev/null -x assembler /dev/null 2>&1`
+ =~ /GNU assembler version ([2-9]\.[0-9]+)/ &&
+ $1>=2.19);
+$avx=1 if (!$avx && $win64 && ($flavour =~ /nasm/ || $ENV{ASM} =~ /nasm/) &&
+ `nasm -v 2>&1` =~ /NASM version ([2-9]\.[0-9]+)/ &&
+ $1>=2.09);
+$avx=1 if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
+ `ml64 2>&1` =~ /Version ([0-9]+)\./ &&
+ $1>=10);
+
+open OUT,"| \"$^X\" $xlate $flavour $output";
+*STDOUT=*OUT;
+
+# void aesni_cbc_sha1_enc(const void *inp,
+# void *out,
+# size_t length,
+# const AES_KEY *key,
+# unsigned char *iv,
+# SHA_CTX *ctx,
+# const void *in0);
+
+$code.=<<___;
+.text
+.extern OPENSSL_ia32cap_P
+
+.globl aesni_cbc_sha1_enc
+.type aesni_cbc_sha1_enc,\@abi-omnipotent
+.align 16
+aesni_cbc_sha1_enc:
+ # caller should check for SSSE3 and AES-NI bits
+ mov OPENSSL_ia32cap_P+0(%rip),%r10d
+ mov OPENSSL_ia32cap_P+4(%rip),%r11d
+___
+$code.=<<___ if ($avx);
+ and \$`1<<28`,%r11d # mask AVX bit
+ and \$`1<<30`,%r10d # mask "Intel CPU" bit
+ or %r11d,%r10d
+ cmp \$`1<<28|1<<30`,%r10d
+ je aesni_cbc_sha1_enc_avx
+___
+$code.=<<___;
+ jmp aesni_cbc_sha1_enc_ssse3
+ ret
+.size aesni_cbc_sha1_enc,.-aesni_cbc_sha1_enc
+___
+
+my ($in0,$out,$len,$key,$ivp,$ctx,$inp)=("%rdi","%rsi","%rdx","%rcx","%r8","%r9","%r10");
+
+my $Xi=4;
+my @X=map("%xmm$_",(4..7,0..3));
+my @Tx=map("%xmm$_",(8..10));
+my @V=($A,$B,$C,$D,$E)=("%eax","%ebx","%ecx","%edx","%ebp"); # size optimization
+my @T=("%esi","%edi");
+my $j=0; my $jj=0; my $r=0; my $sn=0;
+my $K_XX_XX="%r11";
+my ($iv,$in,$rndkey0)=map("%xmm$_",(11..13));
+my @rndkey=("%xmm14","%xmm15");
+
+sub AUTOLOAD() # thunk [simplified] 32-bit style perlasm
+{ my $opcode = $AUTOLOAD; $opcode =~ s/.*:://;
+ my $arg = pop;
+ $arg = "\$$arg" if ($arg*1 eq $arg);
+ $code .= "\t$opcode\t".join(',',$arg,reverse @_)."\n";
+}
+
+my $_rol=sub { &rol(@_) };
+my $_ror=sub { &ror(@_) };
+
+$code.=<<___;
+.type aesni_cbc_sha1_enc_ssse3,\@function,6
+.align 16
+aesni_cbc_sha1_enc_ssse3:
+ mov `($win64?56:8)`(%rsp),$inp # load 7th argument
+ #shr \$6,$len # debugging artefact
+ #jz .Lepilogue_ssse3 # debugging artefact
+ push %rbx
+ push %rbp
+ push %r12
+ push %r13
+ push %r14
+ push %r15
+ lea `-104-($win64?10*16:0)`(%rsp),%rsp
+ #mov $in0,$inp # debugging artefact
+ #lea 64(%rsp),$ctx # debugging artefact
+___
+$code.=<<___ if ($win64);
+ movaps %xmm6,96+0(%rsp)
+ movaps %xmm7,96+16(%rsp)
+ movaps %xmm8,96+32(%rsp)
+ movaps %xmm9,96+48(%rsp)
+ movaps %xmm10,96+64(%rsp)
+ movaps %xmm11,96+80(%rsp)
+ movaps %xmm12,96+96(%rsp)
+ movaps %xmm13,96+112(%rsp)
+ movaps %xmm14,96+128(%rsp)
+ movaps %xmm15,96+144(%rsp)
+.Lprologue_ssse3:
+___
+$code.=<<___;
+ mov $in0,%r12 # reassign arguments
+ mov $out,%r13
+ mov $len,%r14
+ mov $key,%r15
+ movdqu ($ivp),$iv # load IV
+ mov $ivp,88(%rsp) # save $ivp
+___
+my ($in0,$out,$len,$key)=map("%r$_",(12..15)); # reassign arguments
+my $rounds="${ivp}d";
+$code.=<<___;
+ shl \$6,$len
+ sub $in0,$out
+ mov 240($key),$rounds
+ add $inp,$len # end of input
+
+ lea K_XX_XX(%rip),$K_XX_XX
+ mov 0($ctx),$A # load context
+ mov 4($ctx),$B
+ mov 8($ctx),$C
+ mov 12($ctx),$D
+ mov $B, at T[0] # magic seed
+ mov 16($ctx),$E
+
+ movdqa 64($K_XX_XX), at X[2] # pbswap mask
+ movdqa 0($K_XX_XX), at Tx[1] # K_00_19
+ movdqu 0($inp), at X[-4&7] # load input to %xmm[0-3]
+ movdqu 16($inp), at X[-3&7]
+ movdqu 32($inp), at X[-2&7]
+ movdqu 48($inp), at X[-1&7]
+ pshufb @X[2], at X[-4&7] # byte swap
+ add \$64,$inp
+ pshufb @X[2], at X[-3&7]
+ pshufb @X[2], at X[-2&7]
+ pshufb @X[2], at X[-1&7]
+ paddd @Tx[1], at X[-4&7] # add K_00_19
+ paddd @Tx[1], at X[-3&7]
+ paddd @Tx[1], at X[-2&7]
+ movdqa @X[-4&7],0(%rsp) # X[]+K xfer to IALU
+ psubd @Tx[1], at X[-4&7] # restore X[]
+ movdqa @X[-3&7],16(%rsp)
+ psubd @Tx[1], at X[-3&7]
+ movdqa @X[-2&7],32(%rsp)
+ psubd @Tx[1], at X[-2&7]
+ movups ($key),$rndkey0 # $key[0]
+ movups 16($key),$rndkey[0] # forward reference
+ jmp .Loop_ssse3
+___
+
+my $aesenc=sub {
+ use integer;
+ my ($n,$k)=($r/10,$r%10);
+ if ($k==0) {
+ $code.=<<___;
+ movups `16*$n`($in0),$in # load input
+ xorps $rndkey0,$in
+___
+ $code.=<<___ if ($n);
+ movups $iv,`16*($n-1)`($out,$in0) # write output
+___
+ $code.=<<___;
+ xorps $in,$iv
+ aesenc $rndkey[0],$iv
+ movups `32+16*$k`($key),$rndkey[1]
+___
+ } elsif ($k==9) {
+ $sn++;
+ $code.=<<___;
+ cmp \$11,$rounds
+ jb .Laesenclast$sn
+ movups `32+16*($k+0)`($key),$rndkey[1]
+ aesenc $rndkey[0],$iv
+ movups `32+16*($k+1)`($key),$rndkey[0]
+ aesenc $rndkey[1],$iv
+ je .Laesenclast$sn
+ movups `32+16*($k+2)`($key),$rndkey[1]
+ aesenc $rndkey[0],$iv
+ movups `32+16*($k+3)`($key),$rndkey[0]
+ aesenc $rndkey[1],$iv
+.Laesenclast$sn:
+ aesenclast $rndkey[0],$iv
+ movups 16($key),$rndkey[1] # forward reference
+___
+ } else {
+ $code.=<<___;
+ aesenc $rndkey[0],$iv
+ movups `32+16*$k`($key),$rndkey[1]
+___
+ }
+ $r++; unshift(@rndkey,pop(@rndkey));
+};
+
+sub Xupdate_ssse3_16_31() # recall that $Xi starts wtih 4
+{ use integer;
+ my $body = shift;
+ my @insns = (&$body,&$body,&$body,&$body); # 40 instructions
+ my ($a,$b,$c,$d,$e);
+
+ &movdqa (@X[0], at X[-3&7]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &movdqa (@Tx[0], at X[-1&7]);
+ &palignr(@X[0], at X[-4&7],8); # compose "X[-14]" in "X[0]"
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &paddd (@Tx[1], at X[-1&7]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &psrldq (@Tx[0],4); # "X[-3]", 3 dwords
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &pxor (@X[0], at X[-4&7]); # "X[0]"^="X[-16]"
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &pxor (@Tx[0], at X[-2&7]); # "X[-3]"^"X[-8]"
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &pxor (@X[0], at Tx[0]); # "X[0]"^="X[-3]"^"X[-8]"
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &movdqa (eval(16*(($Xi-1)&3))."(%rsp)", at Tx[1]); # X[]+K xfer to IALU
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &movdqa (@Tx[2], at X[0]);
+ &movdqa (@Tx[0], at X[0]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &pslldq (@Tx[2],12); # "X[0]"<<96, extract one dword
+ &paddd (@X[0], at X[0]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &psrld (@Tx[0],31);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &movdqa (@Tx[1], at Tx[2]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &psrld (@Tx[2],30);
+ &por (@X[0], at Tx[0]); # "X[0]"<<<=1
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &pslld (@Tx[1],2);
+ &pxor (@X[0], at Tx[2]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &movdqa (@Tx[2],eval(16*(($Xi)/5))."($K_XX_XX)"); # K_XX_XX
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &pxor (@X[0], at Tx[1]); # "X[0]"^=("X[0]">>96)<<<2
+
+ foreach (@insns) { eval; } # remaining instructions [if any]
+
+ $Xi++; push(@X,shift(@X)); # "rotate" X[]
+ push(@Tx,shift(@Tx));
+}
+
+sub Xupdate_ssse3_32_79()
+{ use integer;
+ my $body = shift;
+ my @insns = (&$body,&$body,&$body,&$body); # 32 to 48 instructions
+ my ($a,$b,$c,$d,$e);
+
+ &movdqa (@Tx[0], at X[-1&7]) if ($Xi==8);
+ eval(shift(@insns)); # body_20_39
+ &pxor (@X[0], at X[-4&7]); # "X[0]"="X[-32]"^"X[-16]"
+ &palignr(@Tx[0], at X[-2&7],8); # compose "X[-6]"
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns)); # rol
+
+ &pxor (@X[0], at X[-7&7]); # "X[0]"^="X[-28]"
+ eval(shift(@insns));
+ eval(shift(@insns)) if (@insns[0] !~ /&ro[rl]/);
+ if ($Xi%5) {
+ &movdqa (@Tx[2], at Tx[1]);# "perpetuate" K_XX_XX...
+ } else { # ... or load next one
+ &movdqa (@Tx[2],eval(16*($Xi/5))."($K_XX_XX)");
+ }
+ &paddd (@Tx[1], at X[-1&7]);
+ eval(shift(@insns)); # ror
+ eval(shift(@insns));
+
+ &pxor (@X[0], at Tx[0]); # "X[0]"^="X[-6]"
+ eval(shift(@insns)); # body_20_39
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns)); # rol
+
+ &movdqa (@Tx[0], at X[0]);
+ &movdqa (eval(16*(($Xi-1)&3))."(%rsp)", at Tx[1]); # X[]+K xfer to IALU
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns)); # ror
+ eval(shift(@insns));
+
+ &pslld (@X[0],2);
+ eval(shift(@insns)); # body_20_39
+ eval(shift(@insns));
+ &psrld (@Tx[0],30);
+ eval(shift(@insns));
+ eval(shift(@insns)); # rol
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns)); # ror
+ eval(shift(@insns));
+
+ &por (@X[0], at Tx[0]); # "X[0]"<<<=2
+ eval(shift(@insns)); # body_20_39
+ eval(shift(@insns));
+ &movdqa (@Tx[1], at X[0]) if ($Xi<19);
+ eval(shift(@insns));
+ eval(shift(@insns)); # rol
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns)); # rol
+ eval(shift(@insns));
+
+ foreach (@insns) { eval; } # remaining instructions
+
+ $Xi++; push(@X,shift(@X)); # "rotate" X[]
+ push(@Tx,shift(@Tx));
+}
+
+sub Xuplast_ssse3_80()
+{ use integer;
+ my $body = shift;
+ my @insns = (&$body,&$body,&$body,&$body); # 32 instructions
+ my ($a,$b,$c,$d,$e);
+
+ eval(shift(@insns));
+ &paddd (@Tx[1], at X[-1&7]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &movdqa (eval(16*(($Xi-1)&3))."(%rsp)", at Tx[1]); # X[]+K xfer IALU
+
+ foreach (@insns) { eval; } # remaining instructions
+
+ &cmp ($inp,$len);
+ &je (".Ldone_ssse3");
+
+ unshift(@Tx,pop(@Tx));
+
+ &movdqa (@X[2],"64($K_XX_XX)"); # pbswap mask
+ &movdqa (@Tx[1],"0($K_XX_XX)"); # K_00_19
+ &movdqu (@X[-4&7],"0($inp)"); # load input
+ &movdqu (@X[-3&7],"16($inp)");
+ &movdqu (@X[-2&7],"32($inp)");
+ &movdqu (@X[-1&7],"48($inp)");
+ &pshufb (@X[-4&7], at X[2]); # byte swap
+ &add ($inp,64);
+
+ $Xi=0;
+}
+
+sub Xloop_ssse3()
+{ use integer;
+ my $body = shift;
+ my @insns = (&$body,&$body,&$body,&$body); # 32 instructions
+ my ($a,$b,$c,$d,$e);
+
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &pshufb (@X[($Xi-3)&7], at X[2]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &paddd (@X[($Xi-4)&7], at Tx[1]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &movdqa (eval(16*$Xi)."(%rsp)", at X[($Xi-4)&7]); # X[]+K xfer to IALU
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &psubd (@X[($Xi-4)&7], at Tx[1]);
+
+ foreach (@insns) { eval; }
+ $Xi++;
+}
+
+sub Xtail_ssse3()
+{ use integer;
+ my $body = shift;
+ my @insns = (&$body,&$body,&$body,&$body); # 32 instructions
+ my ($a,$b,$c,$d,$e);
+
+ foreach (@insns) { eval; }
+}
+
+sub body_00_19 () {
+ use integer;
+ my ($k,$n);
+ my @r=(
+ '($a,$b,$c,$d,$e)=@V;'.
+ '&add ($e,eval(4*($j&15))."(%rsp)");', # X[]+K xfer
+ '&xor ($c,$d);',
+ '&mov (@T[1],$a);', # $b in next round
+ '&$_rol ($a,5);',
+ '&and (@T[0],$c);', # ($b&($c^$d))
+ '&xor ($c,$d);', # restore $c
+ '&xor (@T[0],$d);',
+ '&add ($e,$a);',
+ '&$_ror ($b,$j?7:2);', # $b>>>2
+ '&add ($e, at T[0]);' .'$j++; unshift(@V,pop(@V)); unshift(@T,pop(@T));'
+ );
+ $n = scalar(@r);
+ $k = (($jj+1)*12/20)*20*$n/12; # 12 aesencs per these 20 rounds
+ @r[$k%$n].='&$aesenc();' if ($jj==$k/$n);
+ $jj++;
+ return @r;
+}
+
+sub body_20_39 () {
+ use integer;
+ my ($k,$n);
+ my @r=(
+ '($a,$b,$c,$d,$e)=@V;'.
+ '&add ($e,eval(4*($j++&15))."(%rsp)");', # X[]+K xfer
+ '&xor (@T[0],$d);', # ($b^$d)
+ '&mov (@T[1],$a);', # $b in next round
+ '&$_rol ($a,5);',
+ '&xor (@T[0],$c);', # ($b^$d^$c)
+ '&add ($e,$a);',
+ '&$_ror ($b,7);', # $b>>>2
+ '&add ($e, at T[0]);' .'unshift(@V,pop(@V)); unshift(@T,pop(@T));'
+ );
+ $n = scalar(@r);
+ $k = (($jj+1)*8/20)*20*$n/8; # 8 aesencs per these 20 rounds
+ @r[$k%$n].='&$aesenc();' if ($jj==$k/$n);
+ $jj++;
+ return @r;
+}
+
+sub body_40_59 () {
+ use integer;
+ my ($k,$n);
+ my @r=(
+ '($a,$b,$c,$d,$e)=@V;'.
+ '&mov (@T[1],$c);',
+ '&xor ($c,$d);',
+ '&add ($e,eval(4*($j++&15))."(%rsp)");', # X[]+K xfer
+ '&and (@T[1],$d);',
+ '&and (@T[0],$c);', # ($b&($c^$d))
+ '&$_ror ($b,7);', # $b>>>2
+ '&add ($e, at T[1]);',
+ '&mov (@T[1],$a);', # $b in next round
+ '&$_rol ($a,5);',
+ '&add ($e, at T[0]);',
+ '&xor ($c,$d);', # restore $c
+ '&add ($e,$a);' .'unshift(@V,pop(@V)); unshift(@T,pop(@T));'
+ );
+ $n = scalar(@r);
+ $k=(($jj+1)*12/20)*20*$n/12; # 12 aesencs per these 20 rounds
+ @r[$k%$n].='&$aesenc();' if ($jj==$k/$n);
+ $jj++;
+ return @r;
+}
+$code.=<<___;
+.align 16
+.Loop_ssse3:
+___
+ &Xupdate_ssse3_16_31(\&body_00_19);
+ &Xupdate_ssse3_16_31(\&body_00_19);
+ &Xupdate_ssse3_16_31(\&body_00_19);
+ &Xupdate_ssse3_16_31(\&body_00_19);
+ &Xupdate_ssse3_32_79(\&body_00_19);
+ &Xupdate_ssse3_32_79(\&body_20_39);
+ &Xupdate_ssse3_32_79(\&body_20_39);
+ &Xupdate_ssse3_32_79(\&body_20_39);
+ &Xupdate_ssse3_32_79(\&body_20_39);
+ &Xupdate_ssse3_32_79(\&body_20_39);
+ &Xupdate_ssse3_32_79(\&body_40_59);
+ &Xupdate_ssse3_32_79(\&body_40_59);
+ &Xupdate_ssse3_32_79(\&body_40_59);
+ &Xupdate_ssse3_32_79(\&body_40_59);
+ &Xupdate_ssse3_32_79(\&body_40_59);
+ &Xupdate_ssse3_32_79(\&body_20_39);
+ &Xuplast_ssse3_80(\&body_20_39); # can jump to "done"
+
+ $saved_j=$j; @saved_V=@V;
+ $saved_r=$r; @saved_rndkey=@rndkey;
+
+ &Xloop_ssse3(\&body_20_39);
+ &Xloop_ssse3(\&body_20_39);
+ &Xloop_ssse3(\&body_20_39);
+
+$code.=<<___;
+ movups $iv,48($out,$in0) # write output
+ lea 64($in0),$in0
+
+ add 0($ctx),$A # update context
+ add 4($ctx), at T[0]
+ add 8($ctx),$C
+ add 12($ctx),$D
+ mov $A,0($ctx)
+ add 16($ctx),$E
+ mov @T[0],4($ctx)
+ mov @T[0],$B # magic seed
+ mov $C,8($ctx)
+ mov $D,12($ctx)
+ mov $E,16($ctx)
+ jmp .Loop_ssse3
+
+.align 16
+.Ldone_ssse3:
+___
+ $jj=$j=$saved_j; @V=@saved_V;
+ $r=$saved_r; @rndkey=@saved_rndkey;
+
+ &Xtail_ssse3(\&body_20_39);
+ &Xtail_ssse3(\&body_20_39);
+ &Xtail_ssse3(\&body_20_39);
+
+$code.=<<___;
+ movups $iv,48($out,$in0) # write output
+ mov 88(%rsp),$ivp # restore $ivp
+
+ add 0($ctx),$A # update context
+ add 4($ctx), at T[0]
+ add 8($ctx),$C
+ mov $A,0($ctx)
+ add 12($ctx),$D
+ mov @T[0],4($ctx)
+ add 16($ctx),$E
+ mov $C,8($ctx)
+ mov $D,12($ctx)
+ mov $E,16($ctx)
+ movups $iv,($ivp) # write IV
+___
+$code.=<<___ if ($win64);
+ movaps 96+0(%rsp),%xmm6
+ movaps 96+16(%rsp),%xmm7
+ movaps 96+32(%rsp),%xmm8
+ movaps 96+48(%rsp),%xmm9
+ movaps 96+64(%rsp),%xmm10
+ movaps 96+80(%rsp),%xmm11
+ movaps 96+96(%rsp),%xmm12
+ movaps 96+112(%rsp),%xmm13
+ movaps 96+128(%rsp),%xmm14
+ movaps 96+144(%rsp),%xmm15
+___
+$code.=<<___;
+ lea `104+($win64?10*16:0)`(%rsp),%rsi
+ mov 0(%rsi),%r15
+ mov 8(%rsi),%r14
+ mov 16(%rsi),%r13
+ mov 24(%rsi),%r12
+ mov 32(%rsi),%rbp
+ mov 40(%rsi),%rbx
+ lea 48(%rsi),%rsp
+.Lepilogue_ssse3:
+ ret
+.size aesni_cbc_sha1_enc_ssse3,.-aesni_cbc_sha1_enc_ssse3
+___
+
+$j=$jj=$r=$sn=0;
+
+if ($avx) {
+my ($in0,$out,$len,$key,$ivp,$ctx,$inp)=("%rdi","%rsi","%rdx","%rcx","%r8","%r9","%r10");
+
+my $Xi=4;
+my @X=map("%xmm$_",(4..7,0..3));
+my @Tx=map("%xmm$_",(8..10));
+my @V=($A,$B,$C,$D,$E)=("%eax","%ebx","%ecx","%edx","%ebp"); # size optimization
+my @T=("%esi","%edi");
+
+my $_rol=sub { &shld(@_[0], at _) };
+my $_ror=sub { &shrd(@_[0], at _) };
+
+$code.=<<___;
+.type aesni_cbc_sha1_enc_avx,\@function,6
+.align 16
+aesni_cbc_sha1_enc_avx:
+ mov `($win64?56:8)`(%rsp),$inp # load 7th argument
+ #shr \$6,$len # debugging artefact
+ #jz .Lepilogue_avx # debugging artefact
+ push %rbx
+ push %rbp
+ push %r12
+ push %r13
+ push %r14
+ push %r15
+ lea `-104-($win64?10*16:0)`(%rsp),%rsp
+ #mov $in0,$inp # debugging artefact
+ #lea 64(%rsp),$ctx # debugging artefact
+___
+$code.=<<___ if ($win64);
+ movaps %xmm6,96+0(%rsp)
+ movaps %xmm7,96+16(%rsp)
+ movaps %xmm8,96+32(%rsp)
+ movaps %xmm9,96+48(%rsp)
+ movaps %xmm10,96+64(%rsp)
+ movaps %xmm11,96+80(%rsp)
+ movaps %xmm12,96+96(%rsp)
+ movaps %xmm13,96+112(%rsp)
+ movaps %xmm14,96+128(%rsp)
+ movaps %xmm15,96+144(%rsp)
+.Lprologue_avx:
+___
+$code.=<<___;
+ vzeroall
+ mov $in0,%r12 # reassign arguments
+ mov $out,%r13
+ mov $len,%r14
+ mov $key,%r15
+ vmovdqu ($ivp),$iv # load IV
+ mov $ivp,88(%rsp) # save $ivp
+___
+my ($in0,$out,$len,$key)=map("%r$_",(12..15)); # reassign arguments
+my $rounds="${ivp}d";
+$code.=<<___;
+ shl \$6,$len
+ sub $in0,$out
+ mov 240($key),$rounds
+ add \$112,$key # size optimization
+ add $inp,$len # end of input
+
+ lea K_XX_XX(%rip),$K_XX_XX
+ mov 0($ctx),$A # load context
+ mov 4($ctx),$B
+ mov 8($ctx),$C
+ mov 12($ctx),$D
+ mov $B, at T[0] # magic seed
+ mov 16($ctx),$E
+
+ vmovdqa 64($K_XX_XX), at X[2] # pbswap mask
+ vmovdqa 0($K_XX_XX), at Tx[1] # K_00_19
+ vmovdqu 0($inp), at X[-4&7] # load input to %xmm[0-3]
+ vmovdqu 16($inp), at X[-3&7]
+ vmovdqu 32($inp), at X[-2&7]
+ vmovdqu 48($inp), at X[-1&7]
+ vpshufb @X[2], at X[-4&7], at X[-4&7] # byte swap
+ add \$64,$inp
+ vpshufb @X[2], at X[-3&7], at X[-3&7]
+ vpshufb @X[2], at X[-2&7], at X[-2&7]
+ vpshufb @X[2], at X[-1&7], at X[-1&7]
+ vpaddd @Tx[1], at X[-4&7], at X[0] # add K_00_19
+ vpaddd @Tx[1], at X[-3&7], at X[1]
+ vpaddd @Tx[1], at X[-2&7], at X[2]
+ vmovdqa @X[0],0(%rsp) # X[]+K xfer to IALU
+ vmovdqa @X[1],16(%rsp)
+ vmovdqa @X[2],32(%rsp)
+ vmovups -112($key),$rndkey0 # $key[0]
+ vmovups 16-112($key),$rndkey[0] # forward reference
+ jmp .Loop_avx
+___
+
+my $aesenc=sub {
+ use integer;
+ my ($n,$k)=($r/10,$r%10);
+ if ($k==0) {
+ $code.=<<___;
+ vmovups `16*$n`($in0),$in # load input
+ vxorps $rndkey0,$in,$in
+___
+ $code.=<<___ if ($n);
+ vmovups $iv,`16*($n-1)`($out,$in0) # write output
+___
+ $code.=<<___;
+ vxorps $in,$iv,$iv
+ vaesenc $rndkey[0],$iv,$iv
+ vmovups `32+16*$k-112`($key),$rndkey[1]
+___
+ } elsif ($k==9) {
+ $sn++;
+ $code.=<<___;
+ cmp \$11,$rounds
+ jb .Lvaesenclast$sn
+ vaesenc $rndkey[0],$iv,$iv
+ vmovups `32+16*($k+0)-112`($key),$rndkey[1]
+ vaesenc $rndkey[1],$iv,$iv
+ vmovups `32+16*($k+1)-112`($key),$rndkey[0]
+ je .Lvaesenclast$sn
+ vaesenc $rndkey[0],$iv,$iv
+ vmovups `32+16*($k+2)-112`($key),$rndkey[1]
+ vaesenc $rndkey[1],$iv,$iv
+ vmovups `32+16*($k+3)-112`($key),$rndkey[0]
+.Lvaesenclast$sn:
+ vaesenclast $rndkey[0],$iv,$iv
+ vmovups 16-112($key),$rndkey[1] # forward reference
+___
+ } else {
+ $code.=<<___;
+ vaesenc $rndkey[0],$iv,$iv
+ vmovups `32+16*$k-112`($key),$rndkey[1]
+___
+ }
+ $r++; unshift(@rndkey,pop(@rndkey));
+};
+
+sub Xupdate_avx_16_31() # recall that $Xi starts wtih 4
+{ use integer;
+ my $body = shift;
+ my @insns = (&$body,&$body,&$body,&$body); # 40 instructions
+ my ($a,$b,$c,$d,$e);
+
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &vpalignr(@X[0], at X[-3&7], at X[-4&7],8); # compose "X[-14]" in "X[0]"
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &vpaddd (@Tx[1], at Tx[1], at X[-1&7]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &vpsrldq(@Tx[0], at X[-1&7],4); # "X[-3]", 3 dwords
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &vpxor (@X[0], at X[0], at X[-4&7]); # "X[0]"^="X[-16]"
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &vpxor (@Tx[0], at Tx[0], at X[-2&7]); # "X[-3]"^"X[-8]"
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &vpxor (@X[0], at X[0], at Tx[0]); # "X[0]"^="X[-3]"^"X[-8]"
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &vmovdqa (eval(16*(($Xi-1)&3))."(%rsp)", at Tx[1]); # X[]+K xfer to IALU
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &vpsrld (@Tx[0], at X[0],31);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &vpslldq(@Tx[2], at X[0],12); # "X[0]"<<96, extract one dword
+ &vpaddd (@X[0], at X[0], at X[0]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &vpsrld (@Tx[1], at Tx[2],30);
+ &vpor (@X[0], at X[0], at Tx[0]); # "X[0]"<<<=1
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &vpslld (@Tx[2], at Tx[2],2);
+ &vpxor (@X[0], at X[0], at Tx[1]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &vpxor (@X[0], at X[0], at Tx[2]); # "X[0]"^=("X[0]">>96)<<<2
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &vmovdqa (@Tx[2],eval(16*(($Xi)/5))."($K_XX_XX)"); # K_XX_XX
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+
+ foreach (@insns) { eval; } # remaining instructions [if any]
+
+ $Xi++; push(@X,shift(@X)); # "rotate" X[]
+ push(@Tx,shift(@Tx));
+}
+
+sub Xupdate_avx_32_79()
+{ use integer;
+ my $body = shift;
+ my @insns = (&$body,&$body,&$body,&$body); # 32 to 48 instructions
+ my ($a,$b,$c,$d,$e);
+
+ &vpalignr(@Tx[0], at X[-1&7], at X[-2&7],8); # compose "X[-6]"
+ &vpxor (@X[0], at X[0], at X[-4&7]); # "X[0]"="X[-32]"^"X[-16]"
+ eval(shift(@insns)); # body_20_39
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns)); # rol
+
+ &vpxor (@X[0], at X[0], at X[-7&7]); # "X[0]"^="X[-28]"
+ eval(shift(@insns));
+ eval(shift(@insns)) if (@insns[0] !~ /&ro[rl]/);
+ if ($Xi%5) {
+ &vmovdqa (@Tx[2], at Tx[1]);# "perpetuate" K_XX_XX...
+ } else { # ... or load next one
+ &vmovdqa (@Tx[2],eval(16*($Xi/5))."($K_XX_XX)");
+ }
+ &vpaddd (@Tx[1], at Tx[1], at X[-1&7]);
+ eval(shift(@insns)); # ror
+ eval(shift(@insns));
+
+ &vpxor (@X[0], at X[0], at Tx[0]); # "X[0]"^="X[-6]"
+ eval(shift(@insns)); # body_20_39
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns)); # rol
+
+ &vpsrld (@Tx[0], at X[0],30);
+ &vmovdqa (eval(16*(($Xi-1)&3))."(%rsp)", at Tx[1]); # X[]+K xfer to IALU
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns)); # ror
+ eval(shift(@insns));
+
+ &vpslld (@X[0], at X[0],2);
+ eval(shift(@insns)); # body_20_39
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns)); # rol
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns)); # ror
+ eval(shift(@insns));
+
+ &vpor (@X[0], at X[0], at Tx[0]); # "X[0]"<<<=2
+ eval(shift(@insns)); # body_20_39
+ eval(shift(@insns));
+ &vmovdqa (@Tx[1], at X[0]) if ($Xi<19);
+ eval(shift(@insns));
+ eval(shift(@insns)); # rol
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns)); # rol
+ eval(shift(@insns));
+
+ foreach (@insns) { eval; } # remaining instructions
+
+ $Xi++; push(@X,shift(@X)); # "rotate" X[]
+ push(@Tx,shift(@Tx));
+}
+
+sub Xuplast_avx_80()
+{ use integer;
+ my $body = shift;
+ my @insns = (&$body,&$body,&$body,&$body); # 32 instructions
+ my ($a,$b,$c,$d,$e);
+
+ eval(shift(@insns));
+ &vpaddd (@Tx[1], at Tx[1], at X[-1&7]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &movdqa (eval(16*(($Xi-1)&3))."(%rsp)", at Tx[1]); # X[]+K xfer IALU
+
+ foreach (@insns) { eval; } # remaining instructions
+
+ &cmp ($inp,$len);
+ &je (".Ldone_avx");
+
+ unshift(@Tx,pop(@Tx));
+
+ &vmovdqa(@X[2],"64($K_XX_XX)"); # pbswap mask
+ &vmovdqa(@Tx[1],"0($K_XX_XX)"); # K_00_19
+ &vmovdqu(@X[-4&7],"0($inp)"); # load input
+ &vmovdqu(@X[-3&7],"16($inp)");
+ &vmovdqu(@X[-2&7],"32($inp)");
+ &vmovdqu(@X[-1&7],"48($inp)");
+ &vpshufb(@X[-4&7], at X[-4&7], at X[2]); # byte swap
+ &add ($inp,64);
+
+ $Xi=0;
+}
+
+sub Xloop_avx()
+{ use integer;
+ my $body = shift;
+ my @insns = (&$body,&$body,&$body,&$body); # 32 instructions
+ my ($a,$b,$c,$d,$e);
+
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &vpshufb(@X[($Xi-3)&7], at X[($Xi-3)&7], at X[2]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &vpaddd (@X[$Xi&7], at X[($Xi-4)&7], at Tx[1]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &vmovdqa(eval(16*$Xi)."(%rsp)", at X[$Xi&7]); # X[]+K xfer to IALU
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ foreach (@insns) { eval; }
+ $Xi++;
+}
+
+sub Xtail_avx()
+{ use integer;
+ my $body = shift;
+ my @insns = (&$body,&$body,&$body,&$body); # 32 instructions
+ my ($a,$b,$c,$d,$e);
+
+ foreach (@insns) { eval; }
+}
+
+$code.=<<___;
+.align 16
+.Loop_avx:
+___
+ &Xupdate_avx_16_31(\&body_00_19);
+ &Xupdate_avx_16_31(\&body_00_19);
+ &Xupdate_avx_16_31(\&body_00_19);
+ &Xupdate_avx_16_31(\&body_00_19);
+ &Xupdate_avx_32_79(\&body_00_19);
+ &Xupdate_avx_32_79(\&body_20_39);
+ &Xupdate_avx_32_79(\&body_20_39);
+ &Xupdate_avx_32_79(\&body_20_39);
+ &Xupdate_avx_32_79(\&body_20_39);
+ &Xupdate_avx_32_79(\&body_20_39);
+ &Xupdate_avx_32_79(\&body_40_59);
+ &Xupdate_avx_32_79(\&body_40_59);
+ &Xupdate_avx_32_79(\&body_40_59);
+ &Xupdate_avx_32_79(\&body_40_59);
+ &Xupdate_avx_32_79(\&body_40_59);
+ &Xupdate_avx_32_79(\&body_20_39);
+ &Xuplast_avx_80(\&body_20_39); # can jump to "done"
+
+ $saved_j=$j; @saved_V=@V;
+ $saved_r=$r; @saved_rndkey=@rndkey;
+
+ &Xloop_avx(\&body_20_39);
+ &Xloop_avx(\&body_20_39);
+ &Xloop_avx(\&body_20_39);
+
+$code.=<<___;
+ vmovups $iv,48($out,$in0) # write output
+ lea 64($in0),$in0
+
+ add 0($ctx),$A # update context
+ add 4($ctx), at T[0]
+ add 8($ctx),$C
+ add 12($ctx),$D
+ mov $A,0($ctx)
+ add 16($ctx),$E
+ mov @T[0],4($ctx)
+ mov @T[0],$B # magic seed
+ mov $C,8($ctx)
+ mov $D,12($ctx)
+ mov $E,16($ctx)
+ jmp .Loop_avx
+
+.align 16
+.Ldone_avx:
+___
+ $jj=$j=$saved_j; @V=@saved_V;
+ $r=$saved_r; @rndkey=@saved_rndkey;
+
+ &Xtail_avx(\&body_20_39);
+ &Xtail_avx(\&body_20_39);
+ &Xtail_avx(\&body_20_39);
+
+$code.=<<___;
+ vmovups $iv,48($out,$in0) # write output
+ mov 88(%rsp),$ivp # restore $ivp
+
+ add 0($ctx),$A # update context
+ add 4($ctx), at T[0]
+ add 8($ctx),$C
+ mov $A,0($ctx)
+ add 12($ctx),$D
+ mov @T[0],4($ctx)
+ add 16($ctx),$E
+ mov $C,8($ctx)
+ mov $D,12($ctx)
+ mov $E,16($ctx)
+ vmovups $iv,($ivp) # write IV
+ vzeroall
+___
+$code.=<<___ if ($win64);
+ movaps 96+0(%rsp),%xmm6
+ movaps 96+16(%rsp),%xmm7
+ movaps 96+32(%rsp),%xmm8
+ movaps 96+48(%rsp),%xmm9
+ movaps 96+64(%rsp),%xmm10
+ movaps 96+80(%rsp),%xmm11
+ movaps 96+96(%rsp),%xmm12
+ movaps 96+112(%rsp),%xmm13
+ movaps 96+128(%rsp),%xmm14
+ movaps 96+144(%rsp),%xmm15
+___
+$code.=<<___;
+ lea `104+($win64?10*16:0)`(%rsp),%rsi
+ mov 0(%rsi),%r15
+ mov 8(%rsi),%r14
+ mov 16(%rsi),%r13
+ mov 24(%rsi),%r12
+ mov 32(%rsi),%rbp
+ mov 40(%rsi),%rbx
+ lea 48(%rsi),%rsp
+.Lepilogue_avx:
+ ret
+.size aesni_cbc_sha1_enc_avx,.-aesni_cbc_sha1_enc_avx
+___
+}
+$code.=<<___;
+.align 64
+K_XX_XX:
+.long 0x5a827999,0x5a827999,0x5a827999,0x5a827999 # K_00_19
+.long 0x6ed9eba1,0x6ed9eba1,0x6ed9eba1,0x6ed9eba1 # K_20_39
+.long 0x8f1bbcdc,0x8f1bbcdc,0x8f1bbcdc,0x8f1bbcdc # K_40_59
+.long 0xca62c1d6,0xca62c1d6,0xca62c1d6,0xca62c1d6 # K_60_79
+.long 0x00010203,0x04050607,0x08090a0b,0x0c0d0e0f # pbswap mask
+
+.asciz "AESNI-CBC+SHA1 stitch for x86_64, CRYPTOGAMS by <appro\@openssl.org>"
+.align 64
+___
+
+# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
+# CONTEXT *context,DISPATCHER_CONTEXT *disp)
+if ($win64) {
+$rec="%rcx";
+$frame="%rdx";
+$context="%r8";
+$disp="%r9";
+
+$code.=<<___;
+.extern __imp_RtlVirtualUnwind
+.type ssse3_handler,\@abi-omnipotent
+.align 16
+ssse3_handler:
+ push %rsi
+ push %rdi
+ push %rbx
+ push %rbp
+ push %r12
+ push %r13
+ push %r14
+ push %r15
+ pushfq
+ sub \$64,%rsp
+
+ mov 120($context),%rax # pull context->Rax
+ mov 248($context),%rbx # pull context->Rip
+
+ mov 8($disp),%rsi # disp->ImageBase
+ mov 56($disp),%r11 # disp->HandlerData
+
+ mov 0(%r11),%r10d # HandlerData[0]
+ lea (%rsi,%r10),%r10 # prologue label
+ cmp %r10,%rbx # context->Rip<prologue label
+ jb .Lcommon_seh_tail
+
+ mov 152($context),%rax # pull context->Rsp
+
+ mov 4(%r11),%r10d # HandlerData[1]
+ lea (%rsi,%r10),%r10 # epilogue label
+ cmp %r10,%rbx # context->Rip>=epilogue label
+ jae .Lcommon_seh_tail
+
+ lea 96(%rax),%rsi
+ lea 512($context),%rdi # &context.Xmm6
+ mov \$20,%ecx
+ .long 0xa548f3fc # cld; rep movsq
+ lea `104+10*16`(%rax),%rax # adjust stack pointer
+
+ mov 0(%rax),%r15
+ mov 8(%rax),%r14
+ mov 16(%rax),%r13
+ mov 24(%rax),%r12
+ mov 32(%rax),%rbp
+ mov 40(%rax),%rbx
+ lea 48(%rax),%rax
+ mov %rbx,144($context) # restore context->Rbx
+ mov %rbp,160($context) # restore context->Rbp
+ mov %r12,216($context) # restore context->R12
+ mov %r13,224($context) # restore context->R13
+ mov %r14,232($context) # restore context->R14
+ mov %r15,240($context) # restore context->R15
+
+.Lcommon_seh_tail:
+ mov 8(%rax),%rdi
+ mov 16(%rax),%rsi
+ mov %rax,152($context) # restore context->Rsp
+ mov %rsi,168($context) # restore context->Rsi
+ mov %rdi,176($context) # restore context->Rdi
+
+ mov 40($disp),%rdi # disp->ContextRecord
+ mov $context,%rsi # context
+ mov \$154,%ecx # sizeof(CONTEXT)
+ .long 0xa548f3fc # cld; rep movsq
+
+ mov $disp,%rsi
+ xor %rcx,%rcx # arg1, UNW_FLAG_NHANDLER
+ mov 8(%rsi),%rdx # arg2, disp->ImageBase
+ mov 0(%rsi),%r8 # arg3, disp->ControlPc
+ mov 16(%rsi),%r9 # arg4, disp->FunctionEntry
+ mov 40(%rsi),%r10 # disp->ContextRecord
+ lea 56(%rsi),%r11 # &disp->HandlerData
+ lea 24(%rsi),%r12 # &disp->EstablisherFrame
+ mov %r10,32(%rsp) # arg5
+ mov %r11,40(%rsp) # arg6
+ mov %r12,48(%rsp) # arg7
+ mov %rcx,56(%rsp) # arg8, (NULL)
+ call *__imp_RtlVirtualUnwind(%rip)
+
+ mov \$1,%eax # ExceptionContinueSearch
+ add \$64,%rsp
+ popfq
+ pop %r15
+ pop %r14
+ pop %r13
+ pop %r12
+ pop %rbp
+ pop %rbx
+ pop %rdi
+ pop %rsi
+ ret
+.size ssse3_handler,.-ssse3_handler
+
+.section .pdata
+.align 4
+ .rva .LSEH_begin_aesni_cbc_sha1_enc_ssse3
+ .rva .LSEH_end_aesni_cbc_sha1_enc_ssse3
+ .rva .LSEH_info_aesni_cbc_sha1_enc_ssse3
+___
+$code.=<<___ if ($avx);
+ .rva .LSEH_begin_aesni_cbc_sha1_enc_avx
+ .rva .LSEH_end_aesni_cbc_sha1_enc_avx
+ .rva .LSEH_info_aesni_cbc_sha1_enc_avx
+___
+$code.=<<___;
+.section .xdata
+.align 8
+.LSEH_info_aesni_cbc_sha1_enc_ssse3:
+ .byte 9,0,0,0
+ .rva ssse3_handler
+ .rva .Lprologue_ssse3,.Lepilogue_ssse3 # HandlerData[]
+___
+$code.=<<___ if ($avx);
+.LSEH_info_aesni_cbc_sha1_enc_avx:
+ .byte 9,0,0,0
+ .rva ssse3_handler
+ .rva .Lprologue_avx,.Lepilogue_avx # HandlerData[]
+___
+}
+
+####################################################################
+sub rex {
+ local *opcode=shift;
+ my ($dst,$src)=@_;
+ my $rex=0;
+
+ $rex|=0x04 if($dst>=8);
+ $rex|=0x01 if($src>=8);
+ push @opcode,$rex|0x40 if($rex);
+}
+
+sub aesni {
+ my $line=shift;
+ my @opcode=(0x66);
+
+ if ($line=~/(aes[a-z]+)\s+%xmm([0-9]+),\s*%xmm([0-9]+)/) {
+ my %opcodelet = (
+ "aesenc" => 0xdc, "aesenclast" => 0xdd
+ );
+ return undef if (!defined($opcodelet{$1}));
+ rex(\@opcode,$3,$2);
+ push @opcode,0x0f,0x38,$opcodelet{$1};
+ push @opcode,0xc0|($2&7)|(($3&7)<<3); # ModR/M
+ return ".byte\t".join(',', at opcode);
+ }
+ return $line;
+}
+
+$code =~ s/\`([^\`]*)\`/eval($1)/gem;
+$code =~ s/\b(aes.*%xmm[0-9]+).*$/aesni($1)/gem;
+
+print $code;
+close STDOUT;
Copied: trunk/crypto/openssl/crypto/aes/asm/aesni-x86.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/aes/asm/aesni-x86.pl)
===================================================================
--- trunk/crypto/openssl/crypto/aes/asm/aesni-x86.pl (rev 0)
+++ trunk/crypto/openssl/crypto/aes/asm/aesni-x86.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,2189 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+#
+# This module implements support for Intel AES-NI extension. In
+# OpenSSL context it's used with Intel engine, but can also be used as
+# drop-in replacement for crypto/aes/asm/aes-586.pl [see below for
+# details].
+#
+# Performance.
+#
+# To start with see corresponding paragraph in aesni-x86_64.pl...
+# Instead of filling table similar to one found there I've chosen to
+# summarize *comparison* results for raw ECB, CTR and CBC benchmarks.
+# The simplified table below represents 32-bit performance relative
+# to 64-bit one in every given point. Ratios vary for different
+# encryption modes, therefore interval values.
+#
+# 16-byte 64-byte 256-byte 1-KB 8-KB
+# 53-67% 67-84% 91-94% 95-98% 97-99.5%
+#
+# Lower ratios for smaller block sizes are perfectly understandable,
+# because function call overhead is higher in 32-bit mode. Largest
+# 8-KB block performance is virtually same: 32-bit code is less than
+# 1% slower for ECB, CBC and CCM, and ~3% slower otherwise.
+
+# January 2011
+#
+# See aesni-x86_64.pl for details. Unlike x86_64 version this module
+# interleaves at most 6 aes[enc|dec] instructions, because there are
+# not enough registers for 8x interleave [which should be optimal for
+# Sandy Bridge]. Actually, performance results for 6x interleave
+# factor presented in aesni-x86_64.pl (except for CTR) are for this
+# module.
+
+# April 2011
+#
+# Add aesni_xts_[en|de]crypt. Westmere spends 1.50 cycles processing
+# one byte out of 8KB with 128-bit key, Sandy Bridge - 1.09.
+
+$PREFIX="aesni"; # if $PREFIX is set to "AES", the script
+ # generates drop-in replacement for
+ # crypto/aes/asm/aes-586.pl:-)
+$inline=1; # inline _aesni_[en|de]crypt
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
+require "x86asm.pl";
+
+&asm_init($ARGV[0],$0);
+
+if ($PREFIX eq "aesni") { $movekey=*movups; }
+else { $movekey=*movups; }
+
+$len="eax";
+$rounds="ecx";
+$key="edx";
+$inp="esi";
+$out="edi";
+$rounds_="ebx"; # backup copy for $rounds
+$key_="ebp"; # backup copy for $key
+
+$rndkey0="xmm0";
+$rndkey1="xmm1";
+$inout0="xmm2";
+$inout1="xmm3";
+$inout2="xmm4";
+$inout3="xmm5"; $in1="xmm5";
+$inout4="xmm6"; $in0="xmm6";
+$inout5="xmm7"; $ivec="xmm7";
+
+# AESNI extenstion
+sub aeskeygenassist
+{ my($dst,$src,$imm)=@_;
+ if ("$dst:$src" =~ /xmm([0-7]):xmm([0-7])/)
+ { &data_byte(0x66,0x0f,0x3a,0xdf,0xc0|($1<<3)|$2,$imm); }
+}
+sub aescommon
+{ my($opcodelet,$dst,$src)=@_;
+ if ("$dst:$src" =~ /xmm([0-7]):xmm([0-7])/)
+ { &data_byte(0x66,0x0f,0x38,$opcodelet,0xc0|($1<<3)|$2);}
+}
+sub aesimc { aescommon(0xdb, at _); }
+sub aesenc { aescommon(0xdc, at _); }
+sub aesenclast { aescommon(0xdd, at _); }
+sub aesdec { aescommon(0xde, at _); }
+sub aesdeclast { aescommon(0xdf, at _); }
+
+# Inline version of internal aesni_[en|de]crypt1
+{ my $sn;
+sub aesni_inline_generate1
+{ my ($p,$inout,$ivec)=@_; $inout=$inout0 if (!defined($inout));
+ $sn++;
+
+ &$movekey ($rndkey0,&QWP(0,$key));
+ &$movekey ($rndkey1,&QWP(16,$key));
+ &xorps ($ivec,$rndkey0) if (defined($ivec));
+ &lea ($key,&DWP(32,$key));
+ &xorps ($inout,$ivec) if (defined($ivec));
+ &xorps ($inout,$rndkey0) if (!defined($ivec));
+ &set_label("${p}1_loop_$sn");
+ eval"&aes${p} ($inout,$rndkey1)";
+ &dec ($rounds);
+ &$movekey ($rndkey1,&QWP(0,$key));
+ &lea ($key,&DWP(16,$key));
+ &jnz (&label("${p}1_loop_$sn"));
+ eval"&aes${p}last ($inout,$rndkey1)";
+}}
+
+sub aesni_generate1 # fully unrolled loop
+{ my ($p,$inout)=@_; $inout=$inout0 if (!defined($inout));
+
+ &function_begin_B("_aesni_${p}rypt1");
+ &movups ($rndkey0,&QWP(0,$key));
+ &$movekey ($rndkey1,&QWP(0x10,$key));
+ &xorps ($inout,$rndkey0);
+ &$movekey ($rndkey0,&QWP(0x20,$key));
+ &lea ($key,&DWP(0x30,$key));
+ &cmp ($rounds,11);
+ &jb (&label("${p}128"));
+ &lea ($key,&DWP(0x20,$key));
+ &je (&label("${p}192"));
+ &lea ($key,&DWP(0x20,$key));
+ eval"&aes${p} ($inout,$rndkey1)";
+ &$movekey ($rndkey1,&QWP(-0x40,$key));
+ eval"&aes${p} ($inout,$rndkey0)";
+ &$movekey ($rndkey0,&QWP(-0x30,$key));
+ &set_label("${p}192");
+ eval"&aes${p} ($inout,$rndkey1)";
+ &$movekey ($rndkey1,&QWP(-0x20,$key));
+ eval"&aes${p} ($inout,$rndkey0)";
+ &$movekey ($rndkey0,&QWP(-0x10,$key));
+ &set_label("${p}128");
+ eval"&aes${p} ($inout,$rndkey1)";
+ &$movekey ($rndkey1,&QWP(0,$key));
+ eval"&aes${p} ($inout,$rndkey0)";
+ &$movekey ($rndkey0,&QWP(0x10,$key));
+ eval"&aes${p} ($inout,$rndkey1)";
+ &$movekey ($rndkey1,&QWP(0x20,$key));
+ eval"&aes${p} ($inout,$rndkey0)";
+ &$movekey ($rndkey0,&QWP(0x30,$key));
+ eval"&aes${p} ($inout,$rndkey1)";
+ &$movekey ($rndkey1,&QWP(0x40,$key));
+ eval"&aes${p} ($inout,$rndkey0)";
+ &$movekey ($rndkey0,&QWP(0x50,$key));
+ eval"&aes${p} ($inout,$rndkey1)";
+ &$movekey ($rndkey1,&QWP(0x60,$key));
+ eval"&aes${p} ($inout,$rndkey0)";
+ &$movekey ($rndkey0,&QWP(0x70,$key));
+ eval"&aes${p} ($inout,$rndkey1)";
+ eval"&aes${p}last ($inout,$rndkey0)";
+ &ret();
+ &function_end_B("_aesni_${p}rypt1");
+}
+
+# void $PREFIX_encrypt (const void *inp,void *out,const AES_KEY *key);
+&aesni_generate1("enc") if (!$inline);
+&function_begin_B("${PREFIX}_encrypt");
+ &mov ("eax",&wparam(0));
+ &mov ($key,&wparam(2));
+ &movups ($inout0,&QWP(0,"eax"));
+ &mov ($rounds,&DWP(240,$key));
+ &mov ("eax",&wparam(1));
+ if ($inline)
+ { &aesni_inline_generate1("enc"); }
+ else
+ { &call ("_aesni_encrypt1"); }
+ &movups (&QWP(0,"eax"),$inout0);
+ &ret ();
+&function_end_B("${PREFIX}_encrypt");
+
+# void $PREFIX_decrypt (const void *inp,void *out,const AES_KEY *key);
+&aesni_generate1("dec") if(!$inline);
+&function_begin_B("${PREFIX}_decrypt");
+ &mov ("eax",&wparam(0));
+ &mov ($key,&wparam(2));
+ &movups ($inout0,&QWP(0,"eax"));
+ &mov ($rounds,&DWP(240,$key));
+ &mov ("eax",&wparam(1));
+ if ($inline)
+ { &aesni_inline_generate1("dec"); }
+ else
+ { &call ("_aesni_decrypt1"); }
+ &movups (&QWP(0,"eax"),$inout0);
+ &ret ();
+&function_end_B("${PREFIX}_decrypt");
+
+# _aesni_[en|de]cryptN are private interfaces, N denotes interleave
+# factor. Why 3x subroutine were originally used in loops? Even though
+# aes[enc|dec] latency was originally 6, it could be scheduled only
+# every *2nd* cycle. Thus 3x interleave was the one providing optimal
+# utilization, i.e. when subroutine's throughput is virtually same as
+# of non-interleaved subroutine [for number of input blocks up to 3].
+# This is why it makes no sense to implement 2x subroutine.
+# aes[enc|dec] latency in next processor generation is 8, but the
+# instructions can be scheduled every cycle. Optimal interleave for
+# new processor is therefore 8x, but it's unfeasible to accommodate it
+# in XMM registers addreassable in 32-bit mode and therefore 6x is
+# used instead...
+
+sub aesni_generate3
+{ my $p=shift;
+
+ &function_begin_B("_aesni_${p}rypt3");
+ &$movekey ($rndkey0,&QWP(0,$key));
+ &shr ($rounds,1);
+ &$movekey ($rndkey1,&QWP(16,$key));
+ &lea ($key,&DWP(32,$key));
+ &xorps ($inout0,$rndkey0);
+ &pxor ($inout1,$rndkey0);
+ &pxor ($inout2,$rndkey0);
+ &$movekey ($rndkey0,&QWP(0,$key));
+
+ &set_label("${p}3_loop");
+ eval"&aes${p} ($inout0,$rndkey1)";
+ eval"&aes${p} ($inout1,$rndkey1)";
+ &dec ($rounds);
+ eval"&aes${p} ($inout2,$rndkey1)";
+ &$movekey ($rndkey1,&QWP(16,$key));
+ eval"&aes${p} ($inout0,$rndkey0)";
+ eval"&aes${p} ($inout1,$rndkey0)";
+ &lea ($key,&DWP(32,$key));
+ eval"&aes${p} ($inout2,$rndkey0)";
+ &$movekey ($rndkey0,&QWP(0,$key));
+ &jnz (&label("${p}3_loop"));
+ eval"&aes${p} ($inout0,$rndkey1)";
+ eval"&aes${p} ($inout1,$rndkey1)";
+ eval"&aes${p} ($inout2,$rndkey1)";
+ eval"&aes${p}last ($inout0,$rndkey0)";
+ eval"&aes${p}last ($inout1,$rndkey0)";
+ eval"&aes${p}last ($inout2,$rndkey0)";
+ &ret();
+ &function_end_B("_aesni_${p}rypt3");
+}
+
+# 4x interleave is implemented to improve small block performance,
+# most notably [and naturally] 4 block by ~30%. One can argue that one
+# should have implemented 5x as well, but improvement would be <20%,
+# so it's not worth it...
+sub aesni_generate4
+{ my $p=shift;
+
+ &function_begin_B("_aesni_${p}rypt4");
+ &$movekey ($rndkey0,&QWP(0,$key));
+ &$movekey ($rndkey1,&QWP(16,$key));
+ &shr ($rounds,1);
+ &lea ($key,&DWP(32,$key));
+ &xorps ($inout0,$rndkey0);
+ &pxor ($inout1,$rndkey0);
+ &pxor ($inout2,$rndkey0);
+ &pxor ($inout3,$rndkey0);
+ &$movekey ($rndkey0,&QWP(0,$key));
+
+ &set_label("${p}4_loop");
+ eval"&aes${p} ($inout0,$rndkey1)";
+ eval"&aes${p} ($inout1,$rndkey1)";
+ &dec ($rounds);
+ eval"&aes${p} ($inout2,$rndkey1)";
+ eval"&aes${p} ($inout3,$rndkey1)";
+ &$movekey ($rndkey1,&QWP(16,$key));
+ eval"&aes${p} ($inout0,$rndkey0)";
+ eval"&aes${p} ($inout1,$rndkey0)";
+ &lea ($key,&DWP(32,$key));
+ eval"&aes${p} ($inout2,$rndkey0)";
+ eval"&aes${p} ($inout3,$rndkey0)";
+ &$movekey ($rndkey0,&QWP(0,$key));
+ &jnz (&label("${p}4_loop"));
+
+ eval"&aes${p} ($inout0,$rndkey1)";
+ eval"&aes${p} ($inout1,$rndkey1)";
+ eval"&aes${p} ($inout2,$rndkey1)";
+ eval"&aes${p} ($inout3,$rndkey1)";
+ eval"&aes${p}last ($inout0,$rndkey0)";
+ eval"&aes${p}last ($inout1,$rndkey0)";
+ eval"&aes${p}last ($inout2,$rndkey0)";
+ eval"&aes${p}last ($inout3,$rndkey0)";
+ &ret();
+ &function_end_B("_aesni_${p}rypt4");
+}
+
+sub aesni_generate6
+{ my $p=shift;
+
+ &function_begin_B("_aesni_${p}rypt6");
+ &static_label("_aesni_${p}rypt6_enter");
+ &$movekey ($rndkey0,&QWP(0,$key));
+ &shr ($rounds,1);
+ &$movekey ($rndkey1,&QWP(16,$key));
+ &lea ($key,&DWP(32,$key));
+ &xorps ($inout0,$rndkey0);
+ &pxor ($inout1,$rndkey0); # pxor does better here
+ eval"&aes${p} ($inout0,$rndkey1)";
+ &pxor ($inout2,$rndkey0);
+ eval"&aes${p} ($inout1,$rndkey1)";
+ &pxor ($inout3,$rndkey0);
+ &dec ($rounds);
+ eval"&aes${p} ($inout2,$rndkey1)";
+ &pxor ($inout4,$rndkey0);
+ eval"&aes${p} ($inout3,$rndkey1)";
+ &pxor ($inout5,$rndkey0);
+ eval"&aes${p} ($inout4,$rndkey1)";
+ &$movekey ($rndkey0,&QWP(0,$key));
+ eval"&aes${p} ($inout5,$rndkey1)";
+ &jmp (&label("_aesni_${p}rypt6_enter"));
+
+ &set_label("${p}6_loop",16);
+ eval"&aes${p} ($inout0,$rndkey1)";
+ eval"&aes${p} ($inout1,$rndkey1)";
+ &dec ($rounds);
+ eval"&aes${p} ($inout2,$rndkey1)";
+ eval"&aes${p} ($inout3,$rndkey1)";
+ eval"&aes${p} ($inout4,$rndkey1)";
+ eval"&aes${p} ($inout5,$rndkey1)";
+ &set_label("_aesni_${p}rypt6_enter",16);
+ &$movekey ($rndkey1,&QWP(16,$key));
+ eval"&aes${p} ($inout0,$rndkey0)";
+ eval"&aes${p} ($inout1,$rndkey0)";
+ &lea ($key,&DWP(32,$key));
+ eval"&aes${p} ($inout2,$rndkey0)";
+ eval"&aes${p} ($inout3,$rndkey0)";
+ eval"&aes${p} ($inout4,$rndkey0)";
+ eval"&aes${p} ($inout5,$rndkey0)";
+ &$movekey ($rndkey0,&QWP(0,$key));
+ &jnz (&label("${p}6_loop"));
+
+ eval"&aes${p} ($inout0,$rndkey1)";
+ eval"&aes${p} ($inout1,$rndkey1)";
+ eval"&aes${p} ($inout2,$rndkey1)";
+ eval"&aes${p} ($inout3,$rndkey1)";
+ eval"&aes${p} ($inout4,$rndkey1)";
+ eval"&aes${p} ($inout5,$rndkey1)";
+ eval"&aes${p}last ($inout0,$rndkey0)";
+ eval"&aes${p}last ($inout1,$rndkey0)";
+ eval"&aes${p}last ($inout2,$rndkey0)";
+ eval"&aes${p}last ($inout3,$rndkey0)";
+ eval"&aes${p}last ($inout4,$rndkey0)";
+ eval"&aes${p}last ($inout5,$rndkey0)";
+ &ret();
+ &function_end_B("_aesni_${p}rypt6");
+}
+&aesni_generate3("enc") if ($PREFIX eq "aesni");
+&aesni_generate3("dec");
+&aesni_generate4("enc") if ($PREFIX eq "aesni");
+&aesni_generate4("dec");
+&aesni_generate6("enc") if ($PREFIX eq "aesni");
+&aesni_generate6("dec");
+
+if ($PREFIX eq "aesni") {
+######################################################################
+# void aesni_ecb_encrypt (const void *in, void *out,
+# size_t length, const AES_KEY *key,
+# int enc);
+&function_begin("aesni_ecb_encrypt");
+ &mov ($inp,&wparam(0));
+ &mov ($out,&wparam(1));
+ &mov ($len,&wparam(2));
+ &mov ($key,&wparam(3));
+ &mov ($rounds_,&wparam(4));
+ &and ($len,-16);
+ &jz (&label("ecb_ret"));
+ &mov ($rounds,&DWP(240,$key));
+ &test ($rounds_,$rounds_);
+ &jz (&label("ecb_decrypt"));
+
+ &mov ($key_,$key); # backup $key
+ &mov ($rounds_,$rounds); # backup $rounds
+ &cmp ($len,0x60);
+ &jb (&label("ecb_enc_tail"));
+
+ &movdqu ($inout0,&QWP(0,$inp));
+ &movdqu ($inout1,&QWP(0x10,$inp));
+ &movdqu ($inout2,&QWP(0x20,$inp));
+ &movdqu ($inout3,&QWP(0x30,$inp));
+ &movdqu ($inout4,&QWP(0x40,$inp));
+ &movdqu ($inout5,&QWP(0x50,$inp));
+ &lea ($inp,&DWP(0x60,$inp));
+ &sub ($len,0x60);
+ &jmp (&label("ecb_enc_loop6_enter"));
+
+&set_label("ecb_enc_loop6",16);
+ &movups (&QWP(0,$out),$inout0);
+ &movdqu ($inout0,&QWP(0,$inp));
+ &movups (&QWP(0x10,$out),$inout1);
+ &movdqu ($inout1,&QWP(0x10,$inp));
+ &movups (&QWP(0x20,$out),$inout2);
+ &movdqu ($inout2,&QWP(0x20,$inp));
+ &movups (&QWP(0x30,$out),$inout3);
+ &movdqu ($inout3,&QWP(0x30,$inp));
+ &movups (&QWP(0x40,$out),$inout4);
+ &movdqu ($inout4,&QWP(0x40,$inp));
+ &movups (&QWP(0x50,$out),$inout5);
+ &lea ($out,&DWP(0x60,$out));
+ &movdqu ($inout5,&QWP(0x50,$inp));
+ &lea ($inp,&DWP(0x60,$inp));
+&set_label("ecb_enc_loop6_enter");
+
+ &call ("_aesni_encrypt6");
+
+ &mov ($key,$key_); # restore $key
+ &mov ($rounds,$rounds_); # restore $rounds
+ &sub ($len,0x60);
+ &jnc (&label("ecb_enc_loop6"));
+
+ &movups (&QWP(0,$out),$inout0);
+ &movups (&QWP(0x10,$out),$inout1);
+ &movups (&QWP(0x20,$out),$inout2);
+ &movups (&QWP(0x30,$out),$inout3);
+ &movups (&QWP(0x40,$out),$inout4);
+ &movups (&QWP(0x50,$out),$inout5);
+ &lea ($out,&DWP(0x60,$out));
+ &add ($len,0x60);
+ &jz (&label("ecb_ret"));
+
+&set_label("ecb_enc_tail");
+ &movups ($inout0,&QWP(0,$inp));
+ &cmp ($len,0x20);
+ &jb (&label("ecb_enc_one"));
+ &movups ($inout1,&QWP(0x10,$inp));
+ &je (&label("ecb_enc_two"));
+ &movups ($inout2,&QWP(0x20,$inp));
+ &cmp ($len,0x40);
+ &jb (&label("ecb_enc_three"));
+ &movups ($inout3,&QWP(0x30,$inp));
+ &je (&label("ecb_enc_four"));
+ &movups ($inout4,&QWP(0x40,$inp));
+ &xorps ($inout5,$inout5);
+ &call ("_aesni_encrypt6");
+ &movups (&QWP(0,$out),$inout0);
+ &movups (&QWP(0x10,$out),$inout1);
+ &movups (&QWP(0x20,$out),$inout2);
+ &movups (&QWP(0x30,$out),$inout3);
+ &movups (&QWP(0x40,$out),$inout4);
+ jmp (&label("ecb_ret"));
+
+&set_label("ecb_enc_one",16);
+ if ($inline)
+ { &aesni_inline_generate1("enc"); }
+ else
+ { &call ("_aesni_encrypt1"); }
+ &movups (&QWP(0,$out),$inout0);
+ &jmp (&label("ecb_ret"));
+
+&set_label("ecb_enc_two",16);
+ &xorps ($inout2,$inout2);
+ &call ("_aesni_encrypt3");
+ &movups (&QWP(0,$out),$inout0);
+ &movups (&QWP(0x10,$out),$inout1);
+ &jmp (&label("ecb_ret"));
+
+&set_label("ecb_enc_three",16);
+ &call ("_aesni_encrypt3");
+ &movups (&QWP(0,$out),$inout0);
+ &movups (&QWP(0x10,$out),$inout1);
+ &movups (&QWP(0x20,$out),$inout2);
+ &jmp (&label("ecb_ret"));
+
+&set_label("ecb_enc_four",16);
+ &call ("_aesni_encrypt4");
+ &movups (&QWP(0,$out),$inout0);
+ &movups (&QWP(0x10,$out),$inout1);
+ &movups (&QWP(0x20,$out),$inout2);
+ &movups (&QWP(0x30,$out),$inout3);
+ &jmp (&label("ecb_ret"));
+######################################################################
+&set_label("ecb_decrypt",16);
+ &mov ($key_,$key); # backup $key
+ &mov ($rounds_,$rounds); # backup $rounds
+ &cmp ($len,0x60);
+ &jb (&label("ecb_dec_tail"));
+
+ &movdqu ($inout0,&QWP(0,$inp));
+ &movdqu ($inout1,&QWP(0x10,$inp));
+ &movdqu ($inout2,&QWP(0x20,$inp));
+ &movdqu ($inout3,&QWP(0x30,$inp));
+ &movdqu ($inout4,&QWP(0x40,$inp));
+ &movdqu ($inout5,&QWP(0x50,$inp));
+ &lea ($inp,&DWP(0x60,$inp));
+ &sub ($len,0x60);
+ &jmp (&label("ecb_dec_loop6_enter"));
+
+&set_label("ecb_dec_loop6",16);
+ &movups (&QWP(0,$out),$inout0);
+ &movdqu ($inout0,&QWP(0,$inp));
+ &movups (&QWP(0x10,$out),$inout1);
+ &movdqu ($inout1,&QWP(0x10,$inp));
+ &movups (&QWP(0x20,$out),$inout2);
+ &movdqu ($inout2,&QWP(0x20,$inp));
+ &movups (&QWP(0x30,$out),$inout3);
+ &movdqu ($inout3,&QWP(0x30,$inp));
+ &movups (&QWP(0x40,$out),$inout4);
+ &movdqu ($inout4,&QWP(0x40,$inp));
+ &movups (&QWP(0x50,$out),$inout5);
+ &lea ($out,&DWP(0x60,$out));
+ &movdqu ($inout5,&QWP(0x50,$inp));
+ &lea ($inp,&DWP(0x60,$inp));
+&set_label("ecb_dec_loop6_enter");
+
+ &call ("_aesni_decrypt6");
+
+ &mov ($key,$key_); # restore $key
+ &mov ($rounds,$rounds_); # restore $rounds
+ &sub ($len,0x60);
+ &jnc (&label("ecb_dec_loop6"));
+
+ &movups (&QWP(0,$out),$inout0);
+ &movups (&QWP(0x10,$out),$inout1);
+ &movups (&QWP(0x20,$out),$inout2);
+ &movups (&QWP(0x30,$out),$inout3);
+ &movups (&QWP(0x40,$out),$inout4);
+ &movups (&QWP(0x50,$out),$inout5);
+ &lea ($out,&DWP(0x60,$out));
+ &add ($len,0x60);
+ &jz (&label("ecb_ret"));
+
+&set_label("ecb_dec_tail");
+ &movups ($inout0,&QWP(0,$inp));
+ &cmp ($len,0x20);
+ &jb (&label("ecb_dec_one"));
+ &movups ($inout1,&QWP(0x10,$inp));
+ &je (&label("ecb_dec_two"));
+ &movups ($inout2,&QWP(0x20,$inp));
+ &cmp ($len,0x40);
+ &jb (&label("ecb_dec_three"));
+ &movups ($inout3,&QWP(0x30,$inp));
+ &je (&label("ecb_dec_four"));
+ &movups ($inout4,&QWP(0x40,$inp));
+ &xorps ($inout5,$inout5);
+ &call ("_aesni_decrypt6");
+ &movups (&QWP(0,$out),$inout0);
+ &movups (&QWP(0x10,$out),$inout1);
+ &movups (&QWP(0x20,$out),$inout2);
+ &movups (&QWP(0x30,$out),$inout3);
+ &movups (&QWP(0x40,$out),$inout4);
+ &jmp (&label("ecb_ret"));
+
+&set_label("ecb_dec_one",16);
+ if ($inline)
+ { &aesni_inline_generate1("dec"); }
+ else
+ { &call ("_aesni_decrypt1"); }
+ &movups (&QWP(0,$out),$inout0);
+ &jmp (&label("ecb_ret"));
+
+&set_label("ecb_dec_two",16);
+ &xorps ($inout2,$inout2);
+ &call ("_aesni_decrypt3");
+ &movups (&QWP(0,$out),$inout0);
+ &movups (&QWP(0x10,$out),$inout1);
+ &jmp (&label("ecb_ret"));
+
+&set_label("ecb_dec_three",16);
+ &call ("_aesni_decrypt3");
+ &movups (&QWP(0,$out),$inout0);
+ &movups (&QWP(0x10,$out),$inout1);
+ &movups (&QWP(0x20,$out),$inout2);
+ &jmp (&label("ecb_ret"));
+
+&set_label("ecb_dec_four",16);
+ &call ("_aesni_decrypt4");
+ &movups (&QWP(0,$out),$inout0);
+ &movups (&QWP(0x10,$out),$inout1);
+ &movups (&QWP(0x20,$out),$inout2);
+ &movups (&QWP(0x30,$out),$inout3);
+
+&set_label("ecb_ret");
+&function_end("aesni_ecb_encrypt");
+
+######################################################################
+# void aesni_ccm64_[en|de]crypt_blocks (const void *in, void *out,
+# size_t blocks, const AES_KEY *key,
+# const char *ivec,char *cmac);
+#
+# Handles only complete blocks, operates on 64-bit counter and
+# does not update *ivec! Nor does it finalize CMAC value
+# (see engine/eng_aesni.c for details)
+#
+{ my $cmac=$inout1;
+&function_begin("aesni_ccm64_encrypt_blocks");
+ &mov ($inp,&wparam(0));
+ &mov ($out,&wparam(1));
+ &mov ($len,&wparam(2));
+ &mov ($key,&wparam(3));
+ &mov ($rounds_,&wparam(4));
+ &mov ($rounds,&wparam(5));
+ &mov ($key_,"esp");
+ &sub ("esp",60);
+ &and ("esp",-16); # align stack
+ &mov (&DWP(48,"esp"),$key_);
+
+ &movdqu ($ivec,&QWP(0,$rounds_)); # load ivec
+ &movdqu ($cmac,&QWP(0,$rounds)); # load cmac
+ &mov ($rounds,&DWP(240,$key));
+
+ # compose byte-swap control mask for pshufb on stack
+ &mov (&DWP(0,"esp"),0x0c0d0e0f);
+ &mov (&DWP(4,"esp"),0x08090a0b);
+ &mov (&DWP(8,"esp"),0x04050607);
+ &mov (&DWP(12,"esp"),0x00010203);
+
+ # compose counter increment vector on stack
+ &mov ($rounds_,1);
+ &xor ($key_,$key_);
+ &mov (&DWP(16,"esp"),$rounds_);
+ &mov (&DWP(20,"esp"),$key_);
+ &mov (&DWP(24,"esp"),$key_);
+ &mov (&DWP(28,"esp"),$key_);
+
+ &shr ($rounds,1);
+ &lea ($key_,&DWP(0,$key));
+ &movdqa ($inout3,&QWP(0,"esp"));
+ &movdqa ($inout0,$ivec);
+ &mov ($rounds_,$rounds);
+ &pshufb ($ivec,$inout3);
+
+&set_label("ccm64_enc_outer");
+ &$movekey ($rndkey0,&QWP(0,$key_));
+ &mov ($rounds,$rounds_);
+ &movups ($in0,&QWP(0,$inp));
+
+ &xorps ($inout0,$rndkey0);
+ &$movekey ($rndkey1,&QWP(16,$key_));
+ &xorps ($rndkey0,$in0);
+ &lea ($key,&DWP(32,$key_));
+ &xorps ($cmac,$rndkey0); # cmac^=inp
+ &$movekey ($rndkey0,&QWP(0,$key));
+
+&set_label("ccm64_enc2_loop");
+ &aesenc ($inout0,$rndkey1);
+ &dec ($rounds);
+ &aesenc ($cmac,$rndkey1);
+ &$movekey ($rndkey1,&QWP(16,$key));
+ &aesenc ($inout0,$rndkey0);
+ &lea ($key,&DWP(32,$key));
+ &aesenc ($cmac,$rndkey0);
+ &$movekey ($rndkey0,&QWP(0,$key));
+ &jnz (&label("ccm64_enc2_loop"));
+ &aesenc ($inout0,$rndkey1);
+ &aesenc ($cmac,$rndkey1);
+ &paddq ($ivec,&QWP(16,"esp"));
+ &aesenclast ($inout0,$rndkey0);
+ &aesenclast ($cmac,$rndkey0);
+
+ &dec ($len);
+ &lea ($inp,&DWP(16,$inp));
+ &xorps ($in0,$inout0); # inp^=E(ivec)
+ &movdqa ($inout0,$ivec);
+ &movups (&QWP(0,$out),$in0); # save output
+ &lea ($out,&DWP(16,$out));
+ &pshufb ($inout0,$inout3);
+ &jnz (&label("ccm64_enc_outer"));
+
+ &mov ("esp",&DWP(48,"esp"));
+ &mov ($out,&wparam(5));
+ &movups (&QWP(0,$out),$cmac);
+&function_end("aesni_ccm64_encrypt_blocks");
+
+&function_begin("aesni_ccm64_decrypt_blocks");
+ &mov ($inp,&wparam(0));
+ &mov ($out,&wparam(1));
+ &mov ($len,&wparam(2));
+ &mov ($key,&wparam(3));
+ &mov ($rounds_,&wparam(4));
+ &mov ($rounds,&wparam(5));
+ &mov ($key_,"esp");
+ &sub ("esp",60);
+ &and ("esp",-16); # align stack
+ &mov (&DWP(48,"esp"),$key_);
+
+ &movdqu ($ivec,&QWP(0,$rounds_)); # load ivec
+ &movdqu ($cmac,&QWP(0,$rounds)); # load cmac
+ &mov ($rounds,&DWP(240,$key));
+
+ # compose byte-swap control mask for pshufb on stack
+ &mov (&DWP(0,"esp"),0x0c0d0e0f);
+ &mov (&DWP(4,"esp"),0x08090a0b);
+ &mov (&DWP(8,"esp"),0x04050607);
+ &mov (&DWP(12,"esp"),0x00010203);
+
+ # compose counter increment vector on stack
+ &mov ($rounds_,1);
+ &xor ($key_,$key_);
+ &mov (&DWP(16,"esp"),$rounds_);
+ &mov (&DWP(20,"esp"),$key_);
+ &mov (&DWP(24,"esp"),$key_);
+ &mov (&DWP(28,"esp"),$key_);
+
+ &movdqa ($inout3,&QWP(0,"esp")); # bswap mask
+ &movdqa ($inout0,$ivec);
+
+ &mov ($key_,$key);
+ &mov ($rounds_,$rounds);
+
+ &pshufb ($ivec,$inout3);
+ if ($inline)
+ { &aesni_inline_generate1("enc"); }
+ else
+ { &call ("_aesni_encrypt1"); }
+ &movups ($in0,&QWP(0,$inp)); # load inp
+ &paddq ($ivec,&QWP(16,"esp"));
+ &lea ($inp,&QWP(16,$inp));
+ &jmp (&label("ccm64_dec_outer"));
+
+&set_label("ccm64_dec_outer",16);
+ &xorps ($in0,$inout0); # inp ^= E(ivec)
+ &movdqa ($inout0,$ivec);
+ &mov ($rounds,$rounds_);
+ &movups (&QWP(0,$out),$in0); # save output
+ &lea ($out,&DWP(16,$out));
+ &pshufb ($inout0,$inout3);
+
+ &sub ($len,1);
+ &jz (&label("ccm64_dec_break"));
+
+ &$movekey ($rndkey0,&QWP(0,$key_));
+ &shr ($rounds,1);
+ &$movekey ($rndkey1,&QWP(16,$key_));
+ &xorps ($in0,$rndkey0);
+ &lea ($key,&DWP(32,$key_));
+ &xorps ($inout0,$rndkey0);
+ &xorps ($cmac,$in0); # cmac^=out
+ &$movekey ($rndkey0,&QWP(0,$key));
+
+&set_label("ccm64_dec2_loop");
+ &aesenc ($inout0,$rndkey1);
+ &dec ($rounds);
+ &aesenc ($cmac,$rndkey1);
+ &$movekey ($rndkey1,&QWP(16,$key));
+ &aesenc ($inout0,$rndkey0);
+ &lea ($key,&DWP(32,$key));
+ &aesenc ($cmac,$rndkey0);
+ &$movekey ($rndkey0,&QWP(0,$key));
+ &jnz (&label("ccm64_dec2_loop"));
+ &movups ($in0,&QWP(0,$inp)); # load inp
+ &paddq ($ivec,&QWP(16,"esp"));
+ &aesenc ($inout0,$rndkey1);
+ &aesenc ($cmac,$rndkey1);
+ &lea ($inp,&QWP(16,$inp));
+ &aesenclast ($inout0,$rndkey0);
+ &aesenclast ($cmac,$rndkey0);
+ &jmp (&label("ccm64_dec_outer"));
+
+&set_label("ccm64_dec_break",16);
+ &mov ($key,$key_);
+ if ($inline)
+ { &aesni_inline_generate1("enc",$cmac,$in0); }
+ else
+ { &call ("_aesni_encrypt1",$cmac); }
+
+ &mov ("esp",&DWP(48,"esp"));
+ &mov ($out,&wparam(5));
+ &movups (&QWP(0,$out),$cmac);
+&function_end("aesni_ccm64_decrypt_blocks");
+}
+
+######################################################################
+# void aesni_ctr32_encrypt_blocks (const void *in, void *out,
+# size_t blocks, const AES_KEY *key,
+# const char *ivec);
+#
+# Handles only complete blocks, operates on 32-bit counter and
+# does not update *ivec! (see engine/eng_aesni.c for details)
+#
+# stack layout:
+# 0 pshufb mask
+# 16 vector addend: 0,6,6,6
+# 32 counter-less ivec
+# 48 1st triplet of counter vector
+# 64 2nd triplet of counter vector
+# 80 saved %esp
+
+&function_begin("aesni_ctr32_encrypt_blocks");
+ &mov ($inp,&wparam(0));
+ &mov ($out,&wparam(1));
+ &mov ($len,&wparam(2));
+ &mov ($key,&wparam(3));
+ &mov ($rounds_,&wparam(4));
+ &mov ($key_,"esp");
+ &sub ("esp",88);
+ &and ("esp",-16); # align stack
+ &mov (&DWP(80,"esp"),$key_);
+
+ &cmp ($len,1);
+ &je (&label("ctr32_one_shortcut"));
+
+ &movdqu ($inout5,&QWP(0,$rounds_)); # load ivec
+
+ # compose byte-swap control mask for pshufb on stack
+ &mov (&DWP(0,"esp"),0x0c0d0e0f);
+ &mov (&DWP(4,"esp"),0x08090a0b);
+ &mov (&DWP(8,"esp"),0x04050607);
+ &mov (&DWP(12,"esp"),0x00010203);
+
+ # compose counter increment vector on stack
+ &mov ($rounds,6);
+ &xor ($key_,$key_);
+ &mov (&DWP(16,"esp"),$rounds);
+ &mov (&DWP(20,"esp"),$rounds);
+ &mov (&DWP(24,"esp"),$rounds);
+ &mov (&DWP(28,"esp"),$key_);
+
+ &pextrd ($rounds_,$inout5,3); # pull 32-bit counter
+ &pinsrd ($inout5,$key_,3); # wipe 32-bit counter
+
+ &mov ($rounds,&DWP(240,$key)); # key->rounds
+
+ # compose 2 vectors of 3x32-bit counters
+ &bswap ($rounds_);
+ &pxor ($rndkey1,$rndkey1);
+ &pxor ($rndkey0,$rndkey0);
+ &movdqa ($inout0,&QWP(0,"esp")); # load byte-swap mask
+ &pinsrd ($rndkey1,$rounds_,0);
+ &lea ($key_,&DWP(3,$rounds_));
+ &pinsrd ($rndkey0,$key_,0);
+ &inc ($rounds_);
+ &pinsrd ($rndkey1,$rounds_,1);
+ &inc ($key_);
+ &pinsrd ($rndkey0,$key_,1);
+ &inc ($rounds_);
+ &pinsrd ($rndkey1,$rounds_,2);
+ &inc ($key_);
+ &pinsrd ($rndkey0,$key_,2);
+ &movdqa (&QWP(48,"esp"),$rndkey1); # save 1st triplet
+ &pshufb ($rndkey1,$inout0); # byte swap
+ &movdqa (&QWP(64,"esp"),$rndkey0); # save 2nd triplet
+ &pshufb ($rndkey0,$inout0); # byte swap
+
+ &pshufd ($inout0,$rndkey1,3<<6); # place counter to upper dword
+ &pshufd ($inout1,$rndkey1,2<<6);
+ &cmp ($len,6);
+ &jb (&label("ctr32_tail"));
+ &movdqa (&QWP(32,"esp"),$inout5); # save counter-less ivec
+ &shr ($rounds,1);
+ &mov ($key_,$key); # backup $key
+ &mov ($rounds_,$rounds); # backup $rounds
+ &sub ($len,6);
+ &jmp (&label("ctr32_loop6"));
+
+&set_label("ctr32_loop6",16);
+ &pshufd ($inout2,$rndkey1,1<<6);
+ &movdqa ($rndkey1,&QWP(32,"esp")); # pull counter-less ivec
+ &pshufd ($inout3,$rndkey0,3<<6);
+ &por ($inout0,$rndkey1); # merge counter-less ivec
+ &pshufd ($inout4,$rndkey0,2<<6);
+ &por ($inout1,$rndkey1);
+ &pshufd ($inout5,$rndkey0,1<<6);
+ &por ($inout2,$rndkey1);
+ &por ($inout3,$rndkey1);
+ &por ($inout4,$rndkey1);
+ &por ($inout5,$rndkey1);
+
+ # inlining _aesni_encrypt6's prologue gives ~4% improvement...
+ &$movekey ($rndkey0,&QWP(0,$key_));
+ &$movekey ($rndkey1,&QWP(16,$key_));
+ &lea ($key,&DWP(32,$key_));
+ &dec ($rounds);
+ &pxor ($inout0,$rndkey0);
+ &pxor ($inout1,$rndkey0);
+ &aesenc ($inout0,$rndkey1);
+ &pxor ($inout2,$rndkey0);
+ &aesenc ($inout1,$rndkey1);
+ &pxor ($inout3,$rndkey0);
+ &aesenc ($inout2,$rndkey1);
+ &pxor ($inout4,$rndkey0);
+ &aesenc ($inout3,$rndkey1);
+ &pxor ($inout5,$rndkey0);
+ &aesenc ($inout4,$rndkey1);
+ &$movekey ($rndkey0,&QWP(0,$key));
+ &aesenc ($inout5,$rndkey1);
+
+ &call (&label("_aesni_encrypt6_enter"));
+
+ &movups ($rndkey1,&QWP(0,$inp));
+ &movups ($rndkey0,&QWP(0x10,$inp));
+ &xorps ($inout0,$rndkey1);
+ &movups ($rndkey1,&QWP(0x20,$inp));
+ &xorps ($inout1,$rndkey0);
+ &movups (&QWP(0,$out),$inout0);
+ &movdqa ($rndkey0,&QWP(16,"esp")); # load increment
+ &xorps ($inout2,$rndkey1);
+ &movdqa ($rndkey1,&QWP(48,"esp")); # load 1st triplet
+ &movups (&QWP(0x10,$out),$inout1);
+ &movups (&QWP(0x20,$out),$inout2);
+
+ &paddd ($rndkey1,$rndkey0); # 1st triplet increment
+ &paddd ($rndkey0,&QWP(64,"esp")); # 2nd triplet increment
+ &movdqa ($inout0,&QWP(0,"esp")); # load byte swap mask
+
+ &movups ($inout1,&QWP(0x30,$inp));
+ &movups ($inout2,&QWP(0x40,$inp));
+ &xorps ($inout3,$inout1);
+ &movups ($inout1,&QWP(0x50,$inp));
+ &lea ($inp,&DWP(0x60,$inp));
+ &movdqa (&QWP(48,"esp"),$rndkey1); # save 1st triplet
+ &pshufb ($rndkey1,$inout0); # byte swap
+ &xorps ($inout4,$inout2);
+ &movups (&QWP(0x30,$out),$inout3);
+ &xorps ($inout5,$inout1);
+ &movdqa (&QWP(64,"esp"),$rndkey0); # save 2nd triplet
+ &pshufb ($rndkey0,$inout0); # byte swap
+ &movups (&QWP(0x40,$out),$inout4);
+ &pshufd ($inout0,$rndkey1,3<<6);
+ &movups (&QWP(0x50,$out),$inout5);
+ &lea ($out,&DWP(0x60,$out));
+
+ &mov ($rounds,$rounds_);
+ &pshufd ($inout1,$rndkey1,2<<6);
+ &sub ($len,6);
+ &jnc (&label("ctr32_loop6"));
+
+ &add ($len,6);
+ &jz (&label("ctr32_ret"));
+ &mov ($key,$key_);
+ &lea ($rounds,&DWP(1,"",$rounds,2)); # restore $rounds
+ &movdqa ($inout5,&QWP(32,"esp")); # pull count-less ivec
+
+&set_label("ctr32_tail");
+ &por ($inout0,$inout5);
+ &cmp ($len,2);
+ &jb (&label("ctr32_one"));
+
+ &pshufd ($inout2,$rndkey1,1<<6);
+ &por ($inout1,$inout5);
+ &je (&label("ctr32_two"));
+
+ &pshufd ($inout3,$rndkey0,3<<6);
+ &por ($inout2,$inout5);
+ &cmp ($len,4);
+ &jb (&label("ctr32_three"));
+
+ &pshufd ($inout4,$rndkey0,2<<6);
+ &por ($inout3,$inout5);
+ &je (&label("ctr32_four"));
+
+ &por ($inout4,$inout5);
+ &call ("_aesni_encrypt6");
+ &movups ($rndkey1,&QWP(0,$inp));
+ &movups ($rndkey0,&QWP(0x10,$inp));
+ &xorps ($inout0,$rndkey1);
+ &movups ($rndkey1,&QWP(0x20,$inp));
+ &xorps ($inout1,$rndkey0);
+ &movups ($rndkey0,&QWP(0x30,$inp));
+ &xorps ($inout2,$rndkey1);
+ &movups ($rndkey1,&QWP(0x40,$inp));
+ &xorps ($inout3,$rndkey0);
+ &movups (&QWP(0,$out),$inout0);
+ &xorps ($inout4,$rndkey1);
+ &movups (&QWP(0x10,$out),$inout1);
+ &movups (&QWP(0x20,$out),$inout2);
+ &movups (&QWP(0x30,$out),$inout3);
+ &movups (&QWP(0x40,$out),$inout4);
+ &jmp (&label("ctr32_ret"));
+
+&set_label("ctr32_one_shortcut",16);
+ &movups ($inout0,&QWP(0,$rounds_)); # load ivec
+ &mov ($rounds,&DWP(240,$key));
+
+&set_label("ctr32_one");
+ if ($inline)
+ { &aesni_inline_generate1("enc"); }
+ else
+ { &call ("_aesni_encrypt1"); }
+ &movups ($in0,&QWP(0,$inp));
+ &xorps ($in0,$inout0);
+ &movups (&QWP(0,$out),$in0);
+ &jmp (&label("ctr32_ret"));
+
+&set_label("ctr32_two",16);
+ &call ("_aesni_encrypt3");
+ &movups ($inout3,&QWP(0,$inp));
+ &movups ($inout4,&QWP(0x10,$inp));
+ &xorps ($inout0,$inout3);
+ &xorps ($inout1,$inout4);
+ &movups (&QWP(0,$out),$inout0);
+ &movups (&QWP(0x10,$out),$inout1);
+ &jmp (&label("ctr32_ret"));
+
+&set_label("ctr32_three",16);
+ &call ("_aesni_encrypt3");
+ &movups ($inout3,&QWP(0,$inp));
+ &movups ($inout4,&QWP(0x10,$inp));
+ &xorps ($inout0,$inout3);
+ &movups ($inout5,&QWP(0x20,$inp));
+ &xorps ($inout1,$inout4);
+ &movups (&QWP(0,$out),$inout0);
+ &xorps ($inout2,$inout5);
+ &movups (&QWP(0x10,$out),$inout1);
+ &movups (&QWP(0x20,$out),$inout2);
+ &jmp (&label("ctr32_ret"));
+
+&set_label("ctr32_four",16);
+ &call ("_aesni_encrypt4");
+ &movups ($inout4,&QWP(0,$inp));
+ &movups ($inout5,&QWP(0x10,$inp));
+ &movups ($rndkey1,&QWP(0x20,$inp));
+ &xorps ($inout0,$inout4);
+ &movups ($rndkey0,&QWP(0x30,$inp));
+ &xorps ($inout1,$inout5);
+ &movups (&QWP(0,$out),$inout0);
+ &xorps ($inout2,$rndkey1);
+ &movups (&QWP(0x10,$out),$inout1);
+ &xorps ($inout3,$rndkey0);
+ &movups (&QWP(0x20,$out),$inout2);
+ &movups (&QWP(0x30,$out),$inout3);
+
+&set_label("ctr32_ret");
+ &mov ("esp",&DWP(80,"esp"));
+&function_end("aesni_ctr32_encrypt_blocks");
+
+######################################################################
+# void aesni_xts_[en|de]crypt(const char *inp,char *out,size_t len,
+# const AES_KEY *key1, const AES_KEY *key2
+# const unsigned char iv[16]);
+#
+{ my ($tweak,$twtmp,$twres,$twmask)=($rndkey1,$rndkey0,$inout0,$inout1);
+
+&function_begin("aesni_xts_encrypt");
+ &mov ($key,&wparam(4)); # key2
+ &mov ($inp,&wparam(5)); # clear-text tweak
+
+ &mov ($rounds,&DWP(240,$key)); # key2->rounds
+ &movups ($inout0,&QWP(0,$inp));
+ if ($inline)
+ { &aesni_inline_generate1("enc"); }
+ else
+ { &call ("_aesni_encrypt1"); }
+
+ &mov ($inp,&wparam(0));
+ &mov ($out,&wparam(1));
+ &mov ($len,&wparam(2));
+ &mov ($key,&wparam(3)); # key1
+
+ &mov ($key_,"esp");
+ &sub ("esp",16*7+8);
+ &mov ($rounds,&DWP(240,$key)); # key1->rounds
+ &and ("esp",-16); # align stack
+
+ &mov (&DWP(16*6+0,"esp"),0x87); # compose the magic constant
+ &mov (&DWP(16*6+4,"esp"),0);
+ &mov (&DWP(16*6+8,"esp"),1);
+ &mov (&DWP(16*6+12,"esp"),0);
+ &mov (&DWP(16*7+0,"esp"),$len); # save original $len
+ &mov (&DWP(16*7+4,"esp"),$key_); # save original %esp
+
+ &movdqa ($tweak,$inout0);
+ &pxor ($twtmp,$twtmp);
+ &movdqa ($twmask,&QWP(6*16,"esp")); # 0x0...010...87
+ &pcmpgtd($twtmp,$tweak); # broadcast upper bits
+
+ &and ($len,-16);
+ &mov ($key_,$key); # backup $key
+ &mov ($rounds_,$rounds); # backup $rounds
+ &sub ($len,16*6);
+ &jc (&label("xts_enc_short"));
+
+ &shr ($rounds,1);
+ &mov ($rounds_,$rounds);
+ &jmp (&label("xts_enc_loop6"));
+
+&set_label("xts_enc_loop6",16);
+ for ($i=0;$i<4;$i++) {
+ &pshufd ($twres,$twtmp,0x13);
+ &pxor ($twtmp,$twtmp);
+ &movdqa (&QWP(16*$i,"esp"),$tweak);
+ &paddq ($tweak,$tweak); # &psllq($tweak,1);
+ &pand ($twres,$twmask); # isolate carry and residue
+ &pcmpgtd ($twtmp,$tweak); # broadcast upper bits
+ &pxor ($tweak,$twres);
+ }
+ &pshufd ($inout5,$twtmp,0x13);
+ &movdqa (&QWP(16*$i++,"esp"),$tweak);
+ &paddq ($tweak,$tweak); # &psllq($tweak,1);
+ &$movekey ($rndkey0,&QWP(0,$key_));
+ &pand ($inout5,$twmask); # isolate carry and residue
+ &movups ($inout0,&QWP(0,$inp)); # load input
+ &pxor ($inout5,$tweak);
+
+ # inline _aesni_encrypt6 prologue and flip xor with tweak and key[0]
+ &movdqu ($inout1,&QWP(16*1,$inp));
+ &xorps ($inout0,$rndkey0); # input^=rndkey[0]
+ &movdqu ($inout2,&QWP(16*2,$inp));
+ &pxor ($inout1,$rndkey0);
+ &movdqu ($inout3,&QWP(16*3,$inp));
+ &pxor ($inout2,$rndkey0);
+ &movdqu ($inout4,&QWP(16*4,$inp));
+ &pxor ($inout3,$rndkey0);
+ &movdqu ($rndkey1,&QWP(16*5,$inp));
+ &pxor ($inout4,$rndkey0);
+ &lea ($inp,&DWP(16*6,$inp));
+ &pxor ($inout0,&QWP(16*0,"esp")); # input^=tweak
+ &movdqa (&QWP(16*$i,"esp"),$inout5); # save last tweak
+ &pxor ($inout5,$rndkey1);
+
+ &$movekey ($rndkey1,&QWP(16,$key_));
+ &lea ($key,&DWP(32,$key_));
+ &pxor ($inout1,&QWP(16*1,"esp"));
+ &aesenc ($inout0,$rndkey1);
+ &pxor ($inout2,&QWP(16*2,"esp"));
+ &aesenc ($inout1,$rndkey1);
+ &pxor ($inout3,&QWP(16*3,"esp"));
+ &dec ($rounds);
+ &aesenc ($inout2,$rndkey1);
+ &pxor ($inout4,&QWP(16*4,"esp"));
+ &aesenc ($inout3,$rndkey1);
+ &pxor ($inout5,$rndkey0);
+ &aesenc ($inout4,$rndkey1);
+ &$movekey ($rndkey0,&QWP(0,$key));
+ &aesenc ($inout5,$rndkey1);
+ &call (&label("_aesni_encrypt6_enter"));
+
+ &movdqa ($tweak,&QWP(16*5,"esp")); # last tweak
+ &pxor ($twtmp,$twtmp);
+ &xorps ($inout0,&QWP(16*0,"esp")); # output^=tweak
+ &pcmpgtd ($twtmp,$tweak); # broadcast upper bits
+ &xorps ($inout1,&QWP(16*1,"esp"));
+ &movups (&QWP(16*0,$out),$inout0); # write output
+ &xorps ($inout2,&QWP(16*2,"esp"));
+ &movups (&QWP(16*1,$out),$inout1);
+ &xorps ($inout3,&QWP(16*3,"esp"));
+ &movups (&QWP(16*2,$out),$inout2);
+ &xorps ($inout4,&QWP(16*4,"esp"));
+ &movups (&QWP(16*3,$out),$inout3);
+ &xorps ($inout5,$tweak);
+ &movups (&QWP(16*4,$out),$inout4);
+ &pshufd ($twres,$twtmp,0x13);
+ &movups (&QWP(16*5,$out),$inout5);
+ &lea ($out,&DWP(16*6,$out));
+ &movdqa ($twmask,&QWP(16*6,"esp")); # 0x0...010...87
+
+ &pxor ($twtmp,$twtmp);
+ &paddq ($tweak,$tweak); # &psllq($tweak,1);
+ &pand ($twres,$twmask); # isolate carry and residue
+ &pcmpgtd($twtmp,$tweak); # broadcast upper bits
+ &mov ($rounds,$rounds_); # restore $rounds
+ &pxor ($tweak,$twres);
+
+ &sub ($len,16*6);
+ &jnc (&label("xts_enc_loop6"));
+
+ &lea ($rounds,&DWP(1,"",$rounds,2)); # restore $rounds
+ &mov ($key,$key_); # restore $key
+ &mov ($rounds_,$rounds);
+
+&set_label("xts_enc_short");
+ &add ($len,16*6);
+ &jz (&label("xts_enc_done6x"));
+
+ &movdqa ($inout3,$tweak); # put aside previous tweak
+ &cmp ($len,0x20);
+ &jb (&label("xts_enc_one"));
+
+ &pshufd ($twres,$twtmp,0x13);
+ &pxor ($twtmp,$twtmp);
+ &paddq ($tweak,$tweak); # &psllq($tweak,1);
+ &pand ($twres,$twmask); # isolate carry and residue
+ &pcmpgtd($twtmp,$tweak); # broadcast upper bits
+ &pxor ($tweak,$twres);
+ &je (&label("xts_enc_two"));
+
+ &pshufd ($twres,$twtmp,0x13);
+ &pxor ($twtmp,$twtmp);
+ &movdqa ($inout4,$tweak); # put aside previous tweak
+ &paddq ($tweak,$tweak); # &psllq($tweak,1);
+ &pand ($twres,$twmask); # isolate carry and residue
+ &pcmpgtd($twtmp,$tweak); # broadcast upper bits
+ &pxor ($tweak,$twres);
+ &cmp ($len,0x40);
+ &jb (&label("xts_enc_three"));
+
+ &pshufd ($twres,$twtmp,0x13);
+ &pxor ($twtmp,$twtmp);
+ &movdqa ($inout5,$tweak); # put aside previous tweak
+ &paddq ($tweak,$tweak); # &psllq($tweak,1);
+ &pand ($twres,$twmask); # isolate carry and residue
+ &pcmpgtd($twtmp,$tweak); # broadcast upper bits
+ &pxor ($tweak,$twres);
+ &movdqa (&QWP(16*0,"esp"),$inout3);
+ &movdqa (&QWP(16*1,"esp"),$inout4);
+ &je (&label("xts_enc_four"));
+
+ &movdqa (&QWP(16*2,"esp"),$inout5);
+ &pshufd ($inout5,$twtmp,0x13);
+ &movdqa (&QWP(16*3,"esp"),$tweak);
+ &paddq ($tweak,$tweak); # &psllq($inout0,1);
+ &pand ($inout5,$twmask); # isolate carry and residue
+ &pxor ($inout5,$tweak);
+
+ &movdqu ($inout0,&QWP(16*0,$inp)); # load input
+ &movdqu ($inout1,&QWP(16*1,$inp));
+ &movdqu ($inout2,&QWP(16*2,$inp));
+ &pxor ($inout0,&QWP(16*0,"esp")); # input^=tweak
+ &movdqu ($inout3,&QWP(16*3,$inp));
+ &pxor ($inout1,&QWP(16*1,"esp"));
+ &movdqu ($inout4,&QWP(16*4,$inp));
+ &pxor ($inout2,&QWP(16*2,"esp"));
+ &lea ($inp,&DWP(16*5,$inp));
+ &pxor ($inout3,&QWP(16*3,"esp"));
+ &movdqa (&QWP(16*4,"esp"),$inout5); # save last tweak
+ &pxor ($inout4,$inout5);
+
+ &call ("_aesni_encrypt6");
+
+ &movaps ($tweak,&QWP(16*4,"esp")); # last tweak
+ &xorps ($inout0,&QWP(16*0,"esp")); # output^=tweak
+ &xorps ($inout1,&QWP(16*1,"esp"));
+ &xorps ($inout2,&QWP(16*2,"esp"));
+ &movups (&QWP(16*0,$out),$inout0); # write output
+ &xorps ($inout3,&QWP(16*3,"esp"));
+ &movups (&QWP(16*1,$out),$inout1);
+ &xorps ($inout4,$tweak);
+ &movups (&QWP(16*2,$out),$inout2);
+ &movups (&QWP(16*3,$out),$inout3);
+ &movups (&QWP(16*4,$out),$inout4);
+ &lea ($out,&DWP(16*5,$out));
+ &jmp (&label("xts_enc_done"));
+
+&set_label("xts_enc_one",16);
+ &movups ($inout0,&QWP(16*0,$inp)); # load input
+ &lea ($inp,&DWP(16*1,$inp));
+ &xorps ($inout0,$inout3); # input^=tweak
+ if ($inline)
+ { &aesni_inline_generate1("enc"); }
+ else
+ { &call ("_aesni_encrypt1"); }
+ &xorps ($inout0,$inout3); # output^=tweak
+ &movups (&QWP(16*0,$out),$inout0); # write output
+ &lea ($out,&DWP(16*1,$out));
+
+ &movdqa ($tweak,$inout3); # last tweak
+ &jmp (&label("xts_enc_done"));
+
+&set_label("xts_enc_two",16);
+ &movaps ($inout4,$tweak); # put aside last tweak
+
+ &movups ($inout0,&QWP(16*0,$inp)); # load input
+ &movups ($inout1,&QWP(16*1,$inp));
+ &lea ($inp,&DWP(16*2,$inp));
+ &xorps ($inout0,$inout3); # input^=tweak
+ &xorps ($inout1,$inout4);
+ &xorps ($inout2,$inout2);
+
+ &call ("_aesni_encrypt3");
+
+ &xorps ($inout0,$inout3); # output^=tweak
+ &xorps ($inout1,$inout4);
+ &movups (&QWP(16*0,$out),$inout0); # write output
+ &movups (&QWP(16*1,$out),$inout1);
+ &lea ($out,&DWP(16*2,$out));
+
+ &movdqa ($tweak,$inout4); # last tweak
+ &jmp (&label("xts_enc_done"));
+
+&set_label("xts_enc_three",16);
+ &movaps ($inout5,$tweak); # put aside last tweak
+ &movups ($inout0,&QWP(16*0,$inp)); # load input
+ &movups ($inout1,&QWP(16*1,$inp));
+ &movups ($inout2,&QWP(16*2,$inp));
+ &lea ($inp,&DWP(16*3,$inp));
+ &xorps ($inout0,$inout3); # input^=tweak
+ &xorps ($inout1,$inout4);
+ &xorps ($inout2,$inout5);
+
+ &call ("_aesni_encrypt3");
+
+ &xorps ($inout0,$inout3); # output^=tweak
+ &xorps ($inout1,$inout4);
+ &xorps ($inout2,$inout5);
+ &movups (&QWP(16*0,$out),$inout0); # write output
+ &movups (&QWP(16*1,$out),$inout1);
+ &movups (&QWP(16*2,$out),$inout2);
+ &lea ($out,&DWP(16*3,$out));
+
+ &movdqa ($tweak,$inout5); # last tweak
+ &jmp (&label("xts_enc_done"));
+
+&set_label("xts_enc_four",16);
+ &movaps ($inout4,$tweak); # put aside last tweak
+
+ &movups ($inout0,&QWP(16*0,$inp)); # load input
+ &movups ($inout1,&QWP(16*1,$inp));
+ &movups ($inout2,&QWP(16*2,$inp));
+ &xorps ($inout0,&QWP(16*0,"esp")); # input^=tweak
+ &movups ($inout3,&QWP(16*3,$inp));
+ &lea ($inp,&DWP(16*4,$inp));
+ &xorps ($inout1,&QWP(16*1,"esp"));
+ &xorps ($inout2,$inout5);
+ &xorps ($inout3,$inout4);
+
+ &call ("_aesni_encrypt4");
+
+ &xorps ($inout0,&QWP(16*0,"esp")); # output^=tweak
+ &xorps ($inout1,&QWP(16*1,"esp"));
+ &xorps ($inout2,$inout5);
+ &movups (&QWP(16*0,$out),$inout0); # write output
+ &xorps ($inout3,$inout4);
+ &movups (&QWP(16*1,$out),$inout1);
+ &movups (&QWP(16*2,$out),$inout2);
+ &movups (&QWP(16*3,$out),$inout3);
+ &lea ($out,&DWP(16*4,$out));
+
+ &movdqa ($tweak,$inout4); # last tweak
+ &jmp (&label("xts_enc_done"));
+
+&set_label("xts_enc_done6x",16); # $tweak is pre-calculated
+ &mov ($len,&DWP(16*7+0,"esp")); # restore original $len
+ &and ($len,15);
+ &jz (&label("xts_enc_ret"));
+ &movdqa ($inout3,$tweak);
+ &mov (&DWP(16*7+0,"esp"),$len); # save $len%16
+ &jmp (&label("xts_enc_steal"));
+
+&set_label("xts_enc_done",16);
+ &mov ($len,&DWP(16*7+0,"esp")); # restore original $len
+ &pxor ($twtmp,$twtmp);
+ &and ($len,15);
+ &jz (&label("xts_enc_ret"));
+
+ &pcmpgtd($twtmp,$tweak); # broadcast upper bits
+ &mov (&DWP(16*7+0,"esp"),$len); # save $len%16
+ &pshufd ($inout3,$twtmp,0x13);
+ &paddq ($tweak,$tweak); # &psllq($tweak,1);
+ &pand ($inout3,&QWP(16*6,"esp")); # isolate carry and residue
+ &pxor ($inout3,$tweak);
+
+&set_label("xts_enc_steal");
+ &movz ($rounds,&BP(0,$inp));
+ &movz ($key,&BP(-16,$out));
+ &lea ($inp,&DWP(1,$inp));
+ &mov (&BP(-16,$out),&LB($rounds));
+ &mov (&BP(0,$out),&LB($key));
+ &lea ($out,&DWP(1,$out));
+ &sub ($len,1);
+ &jnz (&label("xts_enc_steal"));
+
+ &sub ($out,&DWP(16*7+0,"esp")); # rewind $out
+ &mov ($key,$key_); # restore $key
+ &mov ($rounds,$rounds_); # restore $rounds
+
+ &movups ($inout0,&QWP(-16,$out)); # load input
+ &xorps ($inout0,$inout3); # input^=tweak
+ if ($inline)
+ { &aesni_inline_generate1("enc"); }
+ else
+ { &call ("_aesni_encrypt1"); }
+ &xorps ($inout0,$inout3); # output^=tweak
+ &movups (&QWP(-16,$out),$inout0); # write output
+
+&set_label("xts_enc_ret");
+ &mov ("esp",&DWP(16*7+4,"esp")); # restore %esp
+&function_end("aesni_xts_encrypt");
+
+&function_begin("aesni_xts_decrypt");
+ &mov ($key,&wparam(4)); # key2
+ &mov ($inp,&wparam(5)); # clear-text tweak
+
+ &mov ($rounds,&DWP(240,$key)); # key2->rounds
+ &movups ($inout0,&QWP(0,$inp));
+ if ($inline)
+ { &aesni_inline_generate1("enc"); }
+ else
+ { &call ("_aesni_encrypt1"); }
+
+ &mov ($inp,&wparam(0));
+ &mov ($out,&wparam(1));
+ &mov ($len,&wparam(2));
+ &mov ($key,&wparam(3)); # key1
+
+ &mov ($key_,"esp");
+ &sub ("esp",16*7+8);
+ &and ("esp",-16); # align stack
+
+ &xor ($rounds_,$rounds_); # if(len%16) len-=16;
+ &test ($len,15);
+ &setnz (&LB($rounds_));
+ &shl ($rounds_,4);
+ &sub ($len,$rounds_);
+
+ &mov (&DWP(16*6+0,"esp"),0x87); # compose the magic constant
+ &mov (&DWP(16*6+4,"esp"),0);
+ &mov (&DWP(16*6+8,"esp"),1);
+ &mov (&DWP(16*6+12,"esp"),0);
+ &mov (&DWP(16*7+0,"esp"),$len); # save original $len
+ &mov (&DWP(16*7+4,"esp"),$key_); # save original %esp
+
+ &mov ($rounds,&DWP(240,$key)); # key1->rounds
+ &mov ($key_,$key); # backup $key
+ &mov ($rounds_,$rounds); # backup $rounds
+
+ &movdqa ($tweak,$inout0);
+ &pxor ($twtmp,$twtmp);
+ &movdqa ($twmask,&QWP(6*16,"esp")); # 0x0...010...87
+ &pcmpgtd($twtmp,$tweak); # broadcast upper bits
+
+ &and ($len,-16);
+ &sub ($len,16*6);
+ &jc (&label("xts_dec_short"));
+
+ &shr ($rounds,1);
+ &mov ($rounds_,$rounds);
+ &jmp (&label("xts_dec_loop6"));
+
+&set_label("xts_dec_loop6",16);
+ for ($i=0;$i<4;$i++) {
+ &pshufd ($twres,$twtmp,0x13);
+ &pxor ($twtmp,$twtmp);
+ &movdqa (&QWP(16*$i,"esp"),$tweak);
+ &paddq ($tweak,$tweak); # &psllq($tweak,1);
+ &pand ($twres,$twmask); # isolate carry and residue
+ &pcmpgtd ($twtmp,$tweak); # broadcast upper bits
+ &pxor ($tweak,$twres);
+ }
+ &pshufd ($inout5,$twtmp,0x13);
+ &movdqa (&QWP(16*$i++,"esp"),$tweak);
+ &paddq ($tweak,$tweak); # &psllq($tweak,1);
+ &$movekey ($rndkey0,&QWP(0,$key_));
+ &pand ($inout5,$twmask); # isolate carry and residue
+ &movups ($inout0,&QWP(0,$inp)); # load input
+ &pxor ($inout5,$tweak);
+
+ # inline _aesni_encrypt6 prologue and flip xor with tweak and key[0]
+ &movdqu ($inout1,&QWP(16*1,$inp));
+ &xorps ($inout0,$rndkey0); # input^=rndkey[0]
+ &movdqu ($inout2,&QWP(16*2,$inp));
+ &pxor ($inout1,$rndkey0);
+ &movdqu ($inout3,&QWP(16*3,$inp));
+ &pxor ($inout2,$rndkey0);
+ &movdqu ($inout4,&QWP(16*4,$inp));
+ &pxor ($inout3,$rndkey0);
+ &movdqu ($rndkey1,&QWP(16*5,$inp));
+ &pxor ($inout4,$rndkey0);
+ &lea ($inp,&DWP(16*6,$inp));
+ &pxor ($inout0,&QWP(16*0,"esp")); # input^=tweak
+ &movdqa (&QWP(16*$i,"esp"),$inout5); # save last tweak
+ &pxor ($inout5,$rndkey1);
+
+ &$movekey ($rndkey1,&QWP(16,$key_));
+ &lea ($key,&DWP(32,$key_));
+ &pxor ($inout1,&QWP(16*1,"esp"));
+ &aesdec ($inout0,$rndkey1);
+ &pxor ($inout2,&QWP(16*2,"esp"));
+ &aesdec ($inout1,$rndkey1);
+ &pxor ($inout3,&QWP(16*3,"esp"));
+ &dec ($rounds);
+ &aesdec ($inout2,$rndkey1);
+ &pxor ($inout4,&QWP(16*4,"esp"));
+ &aesdec ($inout3,$rndkey1);
+ &pxor ($inout5,$rndkey0);
+ &aesdec ($inout4,$rndkey1);
+ &$movekey ($rndkey0,&QWP(0,$key));
+ &aesdec ($inout5,$rndkey1);
+ &call (&label("_aesni_decrypt6_enter"));
+
+ &movdqa ($tweak,&QWP(16*5,"esp")); # last tweak
+ &pxor ($twtmp,$twtmp);
+ &xorps ($inout0,&QWP(16*0,"esp")); # output^=tweak
+ &pcmpgtd ($twtmp,$tweak); # broadcast upper bits
+ &xorps ($inout1,&QWP(16*1,"esp"));
+ &movups (&QWP(16*0,$out),$inout0); # write output
+ &xorps ($inout2,&QWP(16*2,"esp"));
+ &movups (&QWP(16*1,$out),$inout1);
+ &xorps ($inout3,&QWP(16*3,"esp"));
+ &movups (&QWP(16*2,$out),$inout2);
+ &xorps ($inout4,&QWP(16*4,"esp"));
+ &movups (&QWP(16*3,$out),$inout3);
+ &xorps ($inout5,$tweak);
+ &movups (&QWP(16*4,$out),$inout4);
+ &pshufd ($twres,$twtmp,0x13);
+ &movups (&QWP(16*5,$out),$inout5);
+ &lea ($out,&DWP(16*6,$out));
+ &movdqa ($twmask,&QWP(16*6,"esp")); # 0x0...010...87
+
+ &pxor ($twtmp,$twtmp);
+ &paddq ($tweak,$tweak); # &psllq($tweak,1);
+ &pand ($twres,$twmask); # isolate carry and residue
+ &pcmpgtd($twtmp,$tweak); # broadcast upper bits
+ &mov ($rounds,$rounds_); # restore $rounds
+ &pxor ($tweak,$twres);
+
+ &sub ($len,16*6);
+ &jnc (&label("xts_dec_loop6"));
+
+ &lea ($rounds,&DWP(1,"",$rounds,2)); # restore $rounds
+ &mov ($key,$key_); # restore $key
+ &mov ($rounds_,$rounds);
+
+&set_label("xts_dec_short");
+ &add ($len,16*6);
+ &jz (&label("xts_dec_done6x"));
+
+ &movdqa ($inout3,$tweak); # put aside previous tweak
+ &cmp ($len,0x20);
+ &jb (&label("xts_dec_one"));
+
+ &pshufd ($twres,$twtmp,0x13);
+ &pxor ($twtmp,$twtmp);
+ &paddq ($tweak,$tweak); # &psllq($tweak,1);
+ &pand ($twres,$twmask); # isolate carry and residue
+ &pcmpgtd($twtmp,$tweak); # broadcast upper bits
+ &pxor ($tweak,$twres);
+ &je (&label("xts_dec_two"));
+
+ &pshufd ($twres,$twtmp,0x13);
+ &pxor ($twtmp,$twtmp);
+ &movdqa ($inout4,$tweak); # put aside previous tweak
+ &paddq ($tweak,$tweak); # &psllq($tweak,1);
+ &pand ($twres,$twmask); # isolate carry and residue
+ &pcmpgtd($twtmp,$tweak); # broadcast upper bits
+ &pxor ($tweak,$twres);
+ &cmp ($len,0x40);
+ &jb (&label("xts_dec_three"));
+
+ &pshufd ($twres,$twtmp,0x13);
+ &pxor ($twtmp,$twtmp);
+ &movdqa ($inout5,$tweak); # put aside previous tweak
+ &paddq ($tweak,$tweak); # &psllq($tweak,1);
+ &pand ($twres,$twmask); # isolate carry and residue
+ &pcmpgtd($twtmp,$tweak); # broadcast upper bits
+ &pxor ($tweak,$twres);
+ &movdqa (&QWP(16*0,"esp"),$inout3);
+ &movdqa (&QWP(16*1,"esp"),$inout4);
+ &je (&label("xts_dec_four"));
+
+ &movdqa (&QWP(16*2,"esp"),$inout5);
+ &pshufd ($inout5,$twtmp,0x13);
+ &movdqa (&QWP(16*3,"esp"),$tweak);
+ &paddq ($tweak,$tweak); # &psllq($inout0,1);
+ &pand ($inout5,$twmask); # isolate carry and residue
+ &pxor ($inout5,$tweak);
+
+ &movdqu ($inout0,&QWP(16*0,$inp)); # load input
+ &movdqu ($inout1,&QWP(16*1,$inp));
+ &movdqu ($inout2,&QWP(16*2,$inp));
+ &pxor ($inout0,&QWP(16*0,"esp")); # input^=tweak
+ &movdqu ($inout3,&QWP(16*3,$inp));
+ &pxor ($inout1,&QWP(16*1,"esp"));
+ &movdqu ($inout4,&QWP(16*4,$inp));
+ &pxor ($inout2,&QWP(16*2,"esp"));
+ &lea ($inp,&DWP(16*5,$inp));
+ &pxor ($inout3,&QWP(16*3,"esp"));
+ &movdqa (&QWP(16*4,"esp"),$inout5); # save last tweak
+ &pxor ($inout4,$inout5);
+
+ &call ("_aesni_decrypt6");
+
+ &movaps ($tweak,&QWP(16*4,"esp")); # last tweak
+ &xorps ($inout0,&QWP(16*0,"esp")); # output^=tweak
+ &xorps ($inout1,&QWP(16*1,"esp"));
+ &xorps ($inout2,&QWP(16*2,"esp"));
+ &movups (&QWP(16*0,$out),$inout0); # write output
+ &xorps ($inout3,&QWP(16*3,"esp"));
+ &movups (&QWP(16*1,$out),$inout1);
+ &xorps ($inout4,$tweak);
+ &movups (&QWP(16*2,$out),$inout2);
+ &movups (&QWP(16*3,$out),$inout3);
+ &movups (&QWP(16*4,$out),$inout4);
+ &lea ($out,&DWP(16*5,$out));
+ &jmp (&label("xts_dec_done"));
+
+&set_label("xts_dec_one",16);
+ &movups ($inout0,&QWP(16*0,$inp)); # load input
+ &lea ($inp,&DWP(16*1,$inp));
+ &xorps ($inout0,$inout3); # input^=tweak
+ if ($inline)
+ { &aesni_inline_generate1("dec"); }
+ else
+ { &call ("_aesni_decrypt1"); }
+ &xorps ($inout0,$inout3); # output^=tweak
+ &movups (&QWP(16*0,$out),$inout0); # write output
+ &lea ($out,&DWP(16*1,$out));
+
+ &movdqa ($tweak,$inout3); # last tweak
+ &jmp (&label("xts_dec_done"));
+
+&set_label("xts_dec_two",16);
+ &movaps ($inout4,$tweak); # put aside last tweak
+
+ &movups ($inout0,&QWP(16*0,$inp)); # load input
+ &movups ($inout1,&QWP(16*1,$inp));
+ &lea ($inp,&DWP(16*2,$inp));
+ &xorps ($inout0,$inout3); # input^=tweak
+ &xorps ($inout1,$inout4);
+
+ &call ("_aesni_decrypt3");
+
+ &xorps ($inout0,$inout3); # output^=tweak
+ &xorps ($inout1,$inout4);
+ &movups (&QWP(16*0,$out),$inout0); # write output
+ &movups (&QWP(16*1,$out),$inout1);
+ &lea ($out,&DWP(16*2,$out));
+
+ &movdqa ($tweak,$inout4); # last tweak
+ &jmp (&label("xts_dec_done"));
+
+&set_label("xts_dec_three",16);
+ &movaps ($inout5,$tweak); # put aside last tweak
+ &movups ($inout0,&QWP(16*0,$inp)); # load input
+ &movups ($inout1,&QWP(16*1,$inp));
+ &movups ($inout2,&QWP(16*2,$inp));
+ &lea ($inp,&DWP(16*3,$inp));
+ &xorps ($inout0,$inout3); # input^=tweak
+ &xorps ($inout1,$inout4);
+ &xorps ($inout2,$inout5);
+
+ &call ("_aesni_decrypt3");
+
+ &xorps ($inout0,$inout3); # output^=tweak
+ &xorps ($inout1,$inout4);
+ &xorps ($inout2,$inout5);
+ &movups (&QWP(16*0,$out),$inout0); # write output
+ &movups (&QWP(16*1,$out),$inout1);
+ &movups (&QWP(16*2,$out),$inout2);
+ &lea ($out,&DWP(16*3,$out));
+
+ &movdqa ($tweak,$inout5); # last tweak
+ &jmp (&label("xts_dec_done"));
+
+&set_label("xts_dec_four",16);
+ &movaps ($inout4,$tweak); # put aside last tweak
+
+ &movups ($inout0,&QWP(16*0,$inp)); # load input
+ &movups ($inout1,&QWP(16*1,$inp));
+ &movups ($inout2,&QWP(16*2,$inp));
+ &xorps ($inout0,&QWP(16*0,"esp")); # input^=tweak
+ &movups ($inout3,&QWP(16*3,$inp));
+ &lea ($inp,&DWP(16*4,$inp));
+ &xorps ($inout1,&QWP(16*1,"esp"));
+ &xorps ($inout2,$inout5);
+ &xorps ($inout3,$inout4);
+
+ &call ("_aesni_decrypt4");
+
+ &xorps ($inout0,&QWP(16*0,"esp")); # output^=tweak
+ &xorps ($inout1,&QWP(16*1,"esp"));
+ &xorps ($inout2,$inout5);
+ &movups (&QWP(16*0,$out),$inout0); # write output
+ &xorps ($inout3,$inout4);
+ &movups (&QWP(16*1,$out),$inout1);
+ &movups (&QWP(16*2,$out),$inout2);
+ &movups (&QWP(16*3,$out),$inout3);
+ &lea ($out,&DWP(16*4,$out));
+
+ &movdqa ($tweak,$inout4); # last tweak
+ &jmp (&label("xts_dec_done"));
+
+&set_label("xts_dec_done6x",16); # $tweak is pre-calculated
+ &mov ($len,&DWP(16*7+0,"esp")); # restore original $len
+ &and ($len,15);
+ &jz (&label("xts_dec_ret"));
+ &mov (&DWP(16*7+0,"esp"),$len); # save $len%16
+ &jmp (&label("xts_dec_only_one_more"));
+
+&set_label("xts_dec_done",16);
+ &mov ($len,&DWP(16*7+0,"esp")); # restore original $len
+ &pxor ($twtmp,$twtmp);
+ &and ($len,15);
+ &jz (&label("xts_dec_ret"));
+
+ &pcmpgtd($twtmp,$tweak); # broadcast upper bits
+ &mov (&DWP(16*7+0,"esp"),$len); # save $len%16
+ &pshufd ($twres,$twtmp,0x13);
+ &pxor ($twtmp,$twtmp);
+ &movdqa ($twmask,&QWP(16*6,"esp"));
+ &paddq ($tweak,$tweak); # &psllq($tweak,1);
+ &pand ($twres,$twmask); # isolate carry and residue
+ &pcmpgtd($twtmp,$tweak); # broadcast upper bits
+ &pxor ($tweak,$twres);
+
+&set_label("xts_dec_only_one_more");
+ &pshufd ($inout3,$twtmp,0x13);
+ &movdqa ($inout4,$tweak); # put aside previous tweak
+ &paddq ($tweak,$tweak); # &psllq($tweak,1);
+ &pand ($inout3,$twmask); # isolate carry and residue
+ &pxor ($inout3,$tweak);
+
+ &mov ($key,$key_); # restore $key
+ &mov ($rounds,$rounds_); # restore $rounds
+
+ &movups ($inout0,&QWP(0,$inp)); # load input
+ &xorps ($inout0,$inout3); # input^=tweak
+ if ($inline)
+ { &aesni_inline_generate1("dec"); }
+ else
+ { &call ("_aesni_decrypt1"); }
+ &xorps ($inout0,$inout3); # output^=tweak
+ &movups (&QWP(0,$out),$inout0); # write output
+
+&set_label("xts_dec_steal");
+ &movz ($rounds,&BP(16,$inp));
+ &movz ($key,&BP(0,$out));
+ &lea ($inp,&DWP(1,$inp));
+ &mov (&BP(0,$out),&LB($rounds));
+ &mov (&BP(16,$out),&LB($key));
+ &lea ($out,&DWP(1,$out));
+ &sub ($len,1);
+ &jnz (&label("xts_dec_steal"));
+
+ &sub ($out,&DWP(16*7+0,"esp")); # rewind $out
+ &mov ($key,$key_); # restore $key
+ &mov ($rounds,$rounds_); # restore $rounds
+
+ &movups ($inout0,&QWP(0,$out)); # load input
+ &xorps ($inout0,$inout4); # input^=tweak
+ if ($inline)
+ { &aesni_inline_generate1("dec"); }
+ else
+ { &call ("_aesni_decrypt1"); }
+ &xorps ($inout0,$inout4); # output^=tweak
+ &movups (&QWP(0,$out),$inout0); # write output
+
+&set_label("xts_dec_ret");
+ &mov ("esp",&DWP(16*7+4,"esp")); # restore %esp
+&function_end("aesni_xts_decrypt");
+}
+}
+
+######################################################################
+# void $PREFIX_cbc_encrypt (const void *inp, void *out,
+# size_t length, const AES_KEY *key,
+# unsigned char *ivp,const int enc);
+&function_begin("${PREFIX}_cbc_encrypt");
+ &mov ($inp,&wparam(0));
+ &mov ($rounds_,"esp");
+ &mov ($out,&wparam(1));
+ &sub ($rounds_,24);
+ &mov ($len,&wparam(2));
+ &and ($rounds_,-16);
+ &mov ($key,&wparam(3));
+ &mov ($key_,&wparam(4));
+ &test ($len,$len);
+ &jz (&label("cbc_abort"));
+
+ &cmp (&wparam(5),0);
+ &xchg ($rounds_,"esp"); # alloca
+ &movups ($ivec,&QWP(0,$key_)); # load IV
+ &mov ($rounds,&DWP(240,$key));
+ &mov ($key_,$key); # backup $key
+ &mov (&DWP(16,"esp"),$rounds_); # save original %esp
+ &mov ($rounds_,$rounds); # backup $rounds
+ &je (&label("cbc_decrypt"));
+
+ &movaps ($inout0,$ivec);
+ &cmp ($len,16);
+ &jb (&label("cbc_enc_tail"));
+ &sub ($len,16);
+ &jmp (&label("cbc_enc_loop"));
+
+&set_label("cbc_enc_loop",16);
+ &movups ($ivec,&QWP(0,$inp)); # input actually
+ &lea ($inp,&DWP(16,$inp));
+ if ($inline)
+ { &aesni_inline_generate1("enc",$inout0,$ivec); }
+ else
+ { &xorps($inout0,$ivec); &call("_aesni_encrypt1"); }
+ &mov ($rounds,$rounds_); # restore $rounds
+ &mov ($key,$key_); # restore $key
+ &movups (&QWP(0,$out),$inout0); # store output
+ &lea ($out,&DWP(16,$out));
+ &sub ($len,16);
+ &jnc (&label("cbc_enc_loop"));
+ &add ($len,16);
+ &jnz (&label("cbc_enc_tail"));
+ &movaps ($ivec,$inout0);
+ &jmp (&label("cbc_ret"));
+
+&set_label("cbc_enc_tail");
+ &mov ("ecx",$len); # zaps $rounds
+ &data_word(0xA4F3F689); # rep movsb
+ &mov ("ecx",16); # zero tail
+ &sub ("ecx",$len);
+ &xor ("eax","eax"); # zaps $len
+ &data_word(0xAAF3F689); # rep stosb
+ &lea ($out,&DWP(-16,$out)); # rewind $out by 1 block
+ &mov ($rounds,$rounds_); # restore $rounds
+ &mov ($inp,$out); # $inp and $out are the same
+ &mov ($key,$key_); # restore $key
+ &jmp (&label("cbc_enc_loop"));
+######################################################################
+&set_label("cbc_decrypt",16);
+ &cmp ($len,0x50);
+ &jbe (&label("cbc_dec_tail"));
+ &movaps (&QWP(0,"esp"),$ivec); # save IV
+ &sub ($len,0x50);
+ &jmp (&label("cbc_dec_loop6_enter"));
+
+&set_label("cbc_dec_loop6",16);
+ &movaps (&QWP(0,"esp"),$rndkey0); # save IV
+ &movups (&QWP(0,$out),$inout5);
+ &lea ($out,&DWP(0x10,$out));
+&set_label("cbc_dec_loop6_enter");
+ &movdqu ($inout0,&QWP(0,$inp));
+ &movdqu ($inout1,&QWP(0x10,$inp));
+ &movdqu ($inout2,&QWP(0x20,$inp));
+ &movdqu ($inout3,&QWP(0x30,$inp));
+ &movdqu ($inout4,&QWP(0x40,$inp));
+ &movdqu ($inout5,&QWP(0x50,$inp));
+
+ &call ("_aesni_decrypt6");
+
+ &movups ($rndkey1,&QWP(0,$inp));
+ &movups ($rndkey0,&QWP(0x10,$inp));
+ &xorps ($inout0,&QWP(0,"esp")); # ^=IV
+ &xorps ($inout1,$rndkey1);
+ &movups ($rndkey1,&QWP(0x20,$inp));
+ &xorps ($inout2,$rndkey0);
+ &movups ($rndkey0,&QWP(0x30,$inp));
+ &xorps ($inout3,$rndkey1);
+ &movups ($rndkey1,&QWP(0x40,$inp));
+ &xorps ($inout4,$rndkey0);
+ &movups ($rndkey0,&QWP(0x50,$inp)); # IV
+ &xorps ($inout5,$rndkey1);
+ &movups (&QWP(0,$out),$inout0);
+ &movups (&QWP(0x10,$out),$inout1);
+ &lea ($inp,&DWP(0x60,$inp));
+ &movups (&QWP(0x20,$out),$inout2);
+ &mov ($rounds,$rounds_) # restore $rounds
+ &movups (&QWP(0x30,$out),$inout3);
+ &mov ($key,$key_); # restore $key
+ &movups (&QWP(0x40,$out),$inout4);
+ &lea ($out,&DWP(0x50,$out));
+ &sub ($len,0x60);
+ &ja (&label("cbc_dec_loop6"));
+
+ &movaps ($inout0,$inout5);
+ &movaps ($ivec,$rndkey0);
+ &add ($len,0x50);
+ &jle (&label("cbc_dec_tail_collected"));
+ &movups (&QWP(0,$out),$inout0);
+ &lea ($out,&DWP(0x10,$out));
+&set_label("cbc_dec_tail");
+ &movups ($inout0,&QWP(0,$inp));
+ &movaps ($in0,$inout0);
+ &cmp ($len,0x10);
+ &jbe (&label("cbc_dec_one"));
+
+ &movups ($inout1,&QWP(0x10,$inp));
+ &movaps ($in1,$inout1);
+ &cmp ($len,0x20);
+ &jbe (&label("cbc_dec_two"));
+
+ &movups ($inout2,&QWP(0x20,$inp));
+ &cmp ($len,0x30);
+ &jbe (&label("cbc_dec_three"));
+
+ &movups ($inout3,&QWP(0x30,$inp));
+ &cmp ($len,0x40);
+ &jbe (&label("cbc_dec_four"));
+
+ &movups ($inout4,&QWP(0x40,$inp));
+ &movaps (&QWP(0,"esp"),$ivec); # save IV
+ &movups ($inout0,&QWP(0,$inp));
+ &xorps ($inout5,$inout5);
+ &call ("_aesni_decrypt6");
+ &movups ($rndkey1,&QWP(0,$inp));
+ &movups ($rndkey0,&QWP(0x10,$inp));
+ &xorps ($inout0,&QWP(0,"esp")); # ^= IV
+ &xorps ($inout1,$rndkey1);
+ &movups ($rndkey1,&QWP(0x20,$inp));
+ &xorps ($inout2,$rndkey0);
+ &movups ($rndkey0,&QWP(0x30,$inp));
+ &xorps ($inout3,$rndkey1);
+ &movups ($ivec,&QWP(0x40,$inp)); # IV
+ &xorps ($inout4,$rndkey0);
+ &movups (&QWP(0,$out),$inout0);
+ &movups (&QWP(0x10,$out),$inout1);
+ &movups (&QWP(0x20,$out),$inout2);
+ &movups (&QWP(0x30,$out),$inout3);
+ &lea ($out,&DWP(0x40,$out));
+ &movaps ($inout0,$inout4);
+ &sub ($len,0x50);
+ &jmp (&label("cbc_dec_tail_collected"));
+
+&set_label("cbc_dec_one",16);
+ if ($inline)
+ { &aesni_inline_generate1("dec"); }
+ else
+ { &call ("_aesni_decrypt1"); }
+ &xorps ($inout0,$ivec);
+ &movaps ($ivec,$in0);
+ &sub ($len,0x10);
+ &jmp (&label("cbc_dec_tail_collected"));
+
+&set_label("cbc_dec_two",16);
+ &xorps ($inout2,$inout2);
+ &call ("_aesni_decrypt3");
+ &xorps ($inout0,$ivec);
+ &xorps ($inout1,$in0);
+ &movups (&QWP(0,$out),$inout0);
+ &movaps ($inout0,$inout1);
+ &lea ($out,&DWP(0x10,$out));
+ &movaps ($ivec,$in1);
+ &sub ($len,0x20);
+ &jmp (&label("cbc_dec_tail_collected"));
+
+&set_label("cbc_dec_three",16);
+ &call ("_aesni_decrypt3");
+ &xorps ($inout0,$ivec);
+ &xorps ($inout1,$in0);
+ &xorps ($inout2,$in1);
+ &movups (&QWP(0,$out),$inout0);
+ &movaps ($inout0,$inout2);
+ &movups (&QWP(0x10,$out),$inout1);
+ &lea ($out,&DWP(0x20,$out));
+ &movups ($ivec,&QWP(0x20,$inp));
+ &sub ($len,0x30);
+ &jmp (&label("cbc_dec_tail_collected"));
+
+&set_label("cbc_dec_four",16);
+ &call ("_aesni_decrypt4");
+ &movups ($rndkey1,&QWP(0x10,$inp));
+ &movups ($rndkey0,&QWP(0x20,$inp));
+ &xorps ($inout0,$ivec);
+ &movups ($ivec,&QWP(0x30,$inp));
+ &xorps ($inout1,$in0);
+ &movups (&QWP(0,$out),$inout0);
+ &xorps ($inout2,$rndkey1);
+ &movups (&QWP(0x10,$out),$inout1);
+ &xorps ($inout3,$rndkey0);
+ &movups (&QWP(0x20,$out),$inout2);
+ &lea ($out,&DWP(0x30,$out));
+ &movaps ($inout0,$inout3);
+ &sub ($len,0x40);
+
+&set_label("cbc_dec_tail_collected");
+ &and ($len,15);
+ &jnz (&label("cbc_dec_tail_partial"));
+ &movups (&QWP(0,$out),$inout0);
+ &jmp (&label("cbc_ret"));
+
+&set_label("cbc_dec_tail_partial",16);
+ &movaps (&QWP(0,"esp"),$inout0);
+ &mov ("ecx",16);
+ &mov ($inp,"esp");
+ &sub ("ecx",$len);
+ &data_word(0xA4F3F689); # rep movsb
+
+&set_label("cbc_ret");
+ &mov ("esp",&DWP(16,"esp")); # pull original %esp
+ &mov ($key_,&wparam(4));
+ &movups (&QWP(0,$key_),$ivec); # output IV
+&set_label("cbc_abort");
+&function_end("${PREFIX}_cbc_encrypt");
+
+######################################################################
+# Mechanical port from aesni-x86_64.pl.
+#
+# _aesni_set_encrypt_key is private interface,
+# input:
+# "eax" const unsigned char *userKey
+# $rounds int bits
+# $key AES_KEY *key
+# output:
+# "eax" return code
+# $round rounds
+
+&function_begin_B("_aesni_set_encrypt_key");
+ &test ("eax","eax");
+ &jz (&label("bad_pointer"));
+ &test ($key,$key);
+ &jz (&label("bad_pointer"));
+
+ &movups ("xmm0",&QWP(0,"eax")); # pull first 128 bits of *userKey
+ &xorps ("xmm4","xmm4"); # low dword of xmm4 is assumed 0
+ &lea ($key,&DWP(16,$key));
+ &cmp ($rounds,256);
+ &je (&label("14rounds"));
+ &cmp ($rounds,192);
+ &je (&label("12rounds"));
+ &cmp ($rounds,128);
+ &jne (&label("bad_keybits"));
+
+&set_label("10rounds",16);
+ &mov ($rounds,9);
+ &$movekey (&QWP(-16,$key),"xmm0"); # round 0
+ &aeskeygenassist("xmm1","xmm0",0x01); # round 1
+ &call (&label("key_128_cold"));
+ &aeskeygenassist("xmm1","xmm0",0x2); # round 2
+ &call (&label("key_128"));
+ &aeskeygenassist("xmm1","xmm0",0x04); # round 3
+ &call (&label("key_128"));
+ &aeskeygenassist("xmm1","xmm0",0x08); # round 4
+ &call (&label("key_128"));
+ &aeskeygenassist("xmm1","xmm0",0x10); # round 5
+ &call (&label("key_128"));
+ &aeskeygenassist("xmm1","xmm0",0x20); # round 6
+ &call (&label("key_128"));
+ &aeskeygenassist("xmm1","xmm0",0x40); # round 7
+ &call (&label("key_128"));
+ &aeskeygenassist("xmm1","xmm0",0x80); # round 8
+ &call (&label("key_128"));
+ &aeskeygenassist("xmm1","xmm0",0x1b); # round 9
+ &call (&label("key_128"));
+ &aeskeygenassist("xmm1","xmm0",0x36); # round 10
+ &call (&label("key_128"));
+ &$movekey (&QWP(0,$key),"xmm0");
+ &mov (&DWP(80,$key),$rounds);
+ &xor ("eax","eax");
+ &ret();
+
+&set_label("key_128",16);
+ &$movekey (&QWP(0,$key),"xmm0");
+ &lea ($key,&DWP(16,$key));
+&set_label("key_128_cold");
+ &shufps ("xmm4","xmm0",0b00010000);
+ &xorps ("xmm0","xmm4");
+ &shufps ("xmm4","xmm0",0b10001100);
+ &xorps ("xmm0","xmm4");
+ &shufps ("xmm1","xmm1",0b11111111); # critical path
+ &xorps ("xmm0","xmm1");
+ &ret();
+
+&set_label("12rounds",16);
+ &movq ("xmm2",&QWP(16,"eax")); # remaining 1/3 of *userKey
+ &mov ($rounds,11);
+ &$movekey (&QWP(-16,$key),"xmm0") # round 0
+ &aeskeygenassist("xmm1","xmm2",0x01); # round 1,2
+ &call (&label("key_192a_cold"));
+ &aeskeygenassist("xmm1","xmm2",0x02); # round 2,3
+ &call (&label("key_192b"));
+ &aeskeygenassist("xmm1","xmm2",0x04); # round 4,5
+ &call (&label("key_192a"));
+ &aeskeygenassist("xmm1","xmm2",0x08); # round 5,6
+ &call (&label("key_192b"));
+ &aeskeygenassist("xmm1","xmm2",0x10); # round 7,8
+ &call (&label("key_192a"));
+ &aeskeygenassist("xmm1","xmm2",0x20); # round 8,9
+ &call (&label("key_192b"));
+ &aeskeygenassist("xmm1","xmm2",0x40); # round 10,11
+ &call (&label("key_192a"));
+ &aeskeygenassist("xmm1","xmm2",0x80); # round 11,12
+ &call (&label("key_192b"));
+ &$movekey (&QWP(0,$key),"xmm0");
+ &mov (&DWP(48,$key),$rounds);
+ &xor ("eax","eax");
+ &ret();
+
+&set_label("key_192a",16);
+ &$movekey (&QWP(0,$key),"xmm0");
+ &lea ($key,&DWP(16,$key));
+&set_label("key_192a_cold",16);
+ &movaps ("xmm5","xmm2");
+&set_label("key_192b_warm");
+ &shufps ("xmm4","xmm0",0b00010000);
+ &movdqa ("xmm3","xmm2");
+ &xorps ("xmm0","xmm4");
+ &shufps ("xmm4","xmm0",0b10001100);
+ &pslldq ("xmm3",4);
+ &xorps ("xmm0","xmm4");
+ &pshufd ("xmm1","xmm1",0b01010101); # critical path
+ &pxor ("xmm2","xmm3");
+ &pxor ("xmm0","xmm1");
+ &pshufd ("xmm3","xmm0",0b11111111);
+ &pxor ("xmm2","xmm3");
+ &ret();
+
+&set_label("key_192b",16);
+ &movaps ("xmm3","xmm0");
+ &shufps ("xmm5","xmm0",0b01000100);
+ &$movekey (&QWP(0,$key),"xmm5");
+ &shufps ("xmm3","xmm2",0b01001110);
+ &$movekey (&QWP(16,$key),"xmm3");
+ &lea ($key,&DWP(32,$key));
+ &jmp (&label("key_192b_warm"));
+
+&set_label("14rounds",16);
+ &movups ("xmm2",&QWP(16,"eax")); # remaining half of *userKey
+ &mov ($rounds,13);
+ &lea ($key,&DWP(16,$key));
+ &$movekey (&QWP(-32,$key),"xmm0"); # round 0
+ &$movekey (&QWP(-16,$key),"xmm2"); # round 1
+ &aeskeygenassist("xmm1","xmm2",0x01); # round 2
+ &call (&label("key_256a_cold"));
+ &aeskeygenassist("xmm1","xmm0",0x01); # round 3
+ &call (&label("key_256b"));
+ &aeskeygenassist("xmm1","xmm2",0x02); # round 4
+ &call (&label("key_256a"));
+ &aeskeygenassist("xmm1","xmm0",0x02); # round 5
+ &call (&label("key_256b"));
+ &aeskeygenassist("xmm1","xmm2",0x04); # round 6
+ &call (&label("key_256a"));
+ &aeskeygenassist("xmm1","xmm0",0x04); # round 7
+ &call (&label("key_256b"));
+ &aeskeygenassist("xmm1","xmm2",0x08); # round 8
+ &call (&label("key_256a"));
+ &aeskeygenassist("xmm1","xmm0",0x08); # round 9
+ &call (&label("key_256b"));
+ &aeskeygenassist("xmm1","xmm2",0x10); # round 10
+ &call (&label("key_256a"));
+ &aeskeygenassist("xmm1","xmm0",0x10); # round 11
+ &call (&label("key_256b"));
+ &aeskeygenassist("xmm1","xmm2",0x20); # round 12
+ &call (&label("key_256a"));
+ &aeskeygenassist("xmm1","xmm0",0x20); # round 13
+ &call (&label("key_256b"));
+ &aeskeygenassist("xmm1","xmm2",0x40); # round 14
+ &call (&label("key_256a"));
+ &$movekey (&QWP(0,$key),"xmm0");
+ &mov (&DWP(16,$key),$rounds);
+ &xor ("eax","eax");
+ &ret();
+
+&set_label("key_256a",16);
+ &$movekey (&QWP(0,$key),"xmm2");
+ &lea ($key,&DWP(16,$key));
+&set_label("key_256a_cold");
+ &shufps ("xmm4","xmm0",0b00010000);
+ &xorps ("xmm0","xmm4");
+ &shufps ("xmm4","xmm0",0b10001100);
+ &xorps ("xmm0","xmm4");
+ &shufps ("xmm1","xmm1",0b11111111); # critical path
+ &xorps ("xmm0","xmm1");
+ &ret();
+
+&set_label("key_256b",16);
+ &$movekey (&QWP(0,$key),"xmm0");
+ &lea ($key,&DWP(16,$key));
+
+ &shufps ("xmm4","xmm2",0b00010000);
+ &xorps ("xmm2","xmm4");
+ &shufps ("xmm4","xmm2",0b10001100);
+ &xorps ("xmm2","xmm4");
+ &shufps ("xmm1","xmm1",0b10101010); # critical path
+ &xorps ("xmm2","xmm1");
+ &ret();
+
+&set_label("bad_pointer",4);
+ &mov ("eax",-1);
+ &ret ();
+&set_label("bad_keybits",4);
+ &mov ("eax",-2);
+ &ret ();
+&function_end_B("_aesni_set_encrypt_key");
+
+# int $PREFIX_set_encrypt_key (const unsigned char *userKey, int bits,
+# AES_KEY *key)
+&function_begin_B("${PREFIX}_set_encrypt_key");
+ &mov ("eax",&wparam(0));
+ &mov ($rounds,&wparam(1));
+ &mov ($key,&wparam(2));
+ &call ("_aesni_set_encrypt_key");
+ &ret ();
+&function_end_B("${PREFIX}_set_encrypt_key");
+
+# int $PREFIX_set_decrypt_key (const unsigned char *userKey, int bits,
+# AES_KEY *key)
+&function_begin_B("${PREFIX}_set_decrypt_key");
+ &mov ("eax",&wparam(0));
+ &mov ($rounds,&wparam(1));
+ &mov ($key,&wparam(2));
+ &call ("_aesni_set_encrypt_key");
+ &mov ($key,&wparam(2));
+ &shl ($rounds,4) # rounds-1 after _aesni_set_encrypt_key
+ &test ("eax","eax");
+ &jnz (&label("dec_key_ret"));
+ &lea ("eax",&DWP(16,$key,$rounds)); # end of key schedule
+
+ &$movekey ("xmm0",&QWP(0,$key)); # just swap
+ &$movekey ("xmm1",&QWP(0,"eax"));
+ &$movekey (&QWP(0,"eax"),"xmm0");
+ &$movekey (&QWP(0,$key),"xmm1");
+ &lea ($key,&DWP(16,$key));
+ &lea ("eax",&DWP(-16,"eax"));
+
+&set_label("dec_key_inverse");
+ &$movekey ("xmm0",&QWP(0,$key)); # swap and inverse
+ &$movekey ("xmm1",&QWP(0,"eax"));
+ &aesimc ("xmm0","xmm0");
+ &aesimc ("xmm1","xmm1");
+ &lea ($key,&DWP(16,$key));
+ &lea ("eax",&DWP(-16,"eax"));
+ &$movekey (&QWP(16,"eax"),"xmm0");
+ &$movekey (&QWP(-16,$key),"xmm1");
+ &cmp ("eax",$key);
+ &ja (&label("dec_key_inverse"));
+
+ &$movekey ("xmm0",&QWP(0,$key)); # inverse middle
+ &aesimc ("xmm0","xmm0");
+ &$movekey (&QWP(0,$key),"xmm0");
+
+ &xor ("eax","eax"); # return success
+&set_label("dec_key_ret");
+ &ret ();
+&function_end_B("${PREFIX}_set_decrypt_key");
+&asciz("AES for Intel AES-NI, CRYPTOGAMS by <appro\@openssl.org>");
+
+&asm_finish();
Copied: trunk/crypto/openssl/crypto/aes/asm/aesni-x86_64.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/aes/asm/aesni-x86_64.pl)
===================================================================
--- trunk/crypto/openssl/crypto/aes/asm/aesni-x86_64.pl (rev 0)
+++ trunk/crypto/openssl/crypto/aes/asm/aesni-x86_64.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,3071 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+#
+# This module implements support for Intel AES-NI extension. In
+# OpenSSL context it's used with Intel engine, but can also be used as
+# drop-in replacement for crypto/aes/asm/aes-x86_64.pl [see below for
+# details].
+#
+# Performance.
+#
+# Given aes(enc|dec) instructions' latency asymptotic performance for
+# non-parallelizable modes such as CBC encrypt is 3.75 cycles per byte
+# processed with 128-bit key. And given their throughput asymptotic
+# performance for parallelizable modes is 1.25 cycles per byte. Being
+# asymptotic limit it's not something you commonly achieve in reality,
+# but how close does one get? Below are results collected for
+# different modes and block sized. Pairs of numbers are for en-/
+# decryption.
+#
+# 16-byte 64-byte 256-byte 1-KB 8-KB
+# ECB 4.25/4.25 1.38/1.38 1.28/1.28 1.26/1.26 1.26/1.26
+# CTR 5.42/5.42 1.92/1.92 1.44/1.44 1.28/1.28 1.26/1.26
+# CBC 4.38/4.43 4.15/1.43 4.07/1.32 4.07/1.29 4.06/1.28
+# CCM 5.66/9.42 4.42/5.41 4.16/4.40 4.09/4.15 4.06/4.07
+# OFB 5.42/5.42 4.64/4.64 4.44/4.44 4.39/4.39 4.38/4.38
+# CFB 5.73/5.85 5.56/5.62 5.48/5.56 5.47/5.55 5.47/5.55
+#
+# ECB, CTR, CBC and CCM results are free from EVP overhead. This means
+# that otherwise used 'openssl speed -evp aes-128-??? -engine aesni
+# [-decrypt]' will exhibit 10-15% worse results for smaller blocks.
+# The results were collected with specially crafted speed.c benchmark
+# in order to compare them with results reported in "Intel Advanced
+# Encryption Standard (AES) New Instruction Set" White Paper Revision
+# 3.0 dated May 2010. All above results are consistently better. This
+# module also provides better performance for block sizes smaller than
+# 128 bytes in points *not* represented in the above table.
+#
+# Looking at the results for 8-KB buffer.
+#
+# CFB and OFB results are far from the limit, because implementation
+# uses "generic" CRYPTO_[c|o]fb128_encrypt interfaces relying on
+# single-block aesni_encrypt, which is not the most optimal way to go.
+# CBC encrypt result is unexpectedly high and there is no documented
+# explanation for it. Seemingly there is a small penalty for feeding
+# the result back to AES unit the way it's done in CBC mode. There is
+# nothing one can do and the result appears optimal. CCM result is
+# identical to CBC, because CBC-MAC is essentially CBC encrypt without
+# saving output. CCM CTR "stays invisible," because it's neatly
+# interleaved wih CBC-MAC. This provides ~30% improvement over
+# "straghtforward" CCM implementation with CTR and CBC-MAC performed
+# disjointly. Parallelizable modes practically achieve the theoretical
+# limit.
+#
+# Looking at how results vary with buffer size.
+#
+# Curves are practically saturated at 1-KB buffer size. In most cases
+# "256-byte" performance is >95%, and "64-byte" is ~90% of "8-KB" one.
+# CTR curve doesn't follow this pattern and is "slowest" changing one
+# with "256-byte" result being 87% of "8-KB." This is because overhead
+# in CTR mode is most computationally intensive. Small-block CCM
+# decrypt is slower than encrypt, because first CTR and last CBC-MAC
+# iterations can't be interleaved.
+#
+# Results for 192- and 256-bit keys.
+#
+# EVP-free results were observed to scale perfectly with number of
+# rounds for larger block sizes, i.e. 192-bit result being 10/12 times
+# lower and 256-bit one - 10/14. Well, in CBC encrypt case differences
+# are a tad smaller, because the above mentioned penalty biases all
+# results by same constant value. In similar way function call
+# overhead affects small-block performance, as well as OFB and CFB
+# results. Differences are not large, most common coefficients are
+# 10/11.7 and 10/13.4 (as opposite to 10/12.0 and 10/14.0), but one
+# observe even 10/11.2 and 10/12.4 (CTR, OFB, CFB)...
+
+# January 2011
+#
+# While Westmere processor features 6 cycles latency for aes[enc|dec]
+# instructions, which can be scheduled every second cycle, Sandy
+# Bridge spends 8 cycles per instruction, but it can schedule them
+# every cycle. This means that code targeting Westmere would perform
+# suboptimally on Sandy Bridge. Therefore this update.
+#
+# In addition, non-parallelizable CBC encrypt (as well as CCM) is
+# optimized. Relative improvement might appear modest, 8% on Westmere,
+# but in absolute terms it's 3.77 cycles per byte encrypted with
+# 128-bit key on Westmere, and 5.07 - on Sandy Bridge. These numbers
+# should be compared to asymptotic limits of 3.75 for Westmere and
+# 5.00 for Sandy Bridge. Actually, the fact that they get this close
+# to asymptotic limits is quite amazing. Indeed, the limit is
+# calculated as latency times number of rounds, 10 for 128-bit key,
+# and divided by 16, the number of bytes in block, or in other words
+# it accounts *solely* for aesenc instructions. But there are extra
+# instructions, and numbers so close to the asymptotic limits mean
+# that it's as if it takes as little as *one* additional cycle to
+# execute all of them. How is it possible? It is possible thanks to
+# out-of-order execution logic, which manages to overlap post-
+# processing of previous block, things like saving the output, with
+# actual encryption of current block, as well as pre-processing of
+# current block, things like fetching input and xor-ing it with
+# 0-round element of the key schedule, with actual encryption of
+# previous block. Keep this in mind...
+#
+# For parallelizable modes, such as ECB, CBC decrypt, CTR, higher
+# performance is achieved by interleaving instructions working on
+# independent blocks. In which case asymptotic limit for such modes
+# can be obtained by dividing above mentioned numbers by AES
+# instructions' interleave factor. Westmere can execute at most 3
+# instructions at a time, meaning that optimal interleave factor is 3,
+# and that's where the "magic" number of 1.25 come from. "Optimal
+# interleave factor" means that increase of interleave factor does
+# not improve performance. The formula has proven to reflect reality
+# pretty well on Westmere... Sandy Bridge on the other hand can
+# execute up to 8 AES instructions at a time, so how does varying
+# interleave factor affect the performance? Here is table for ECB
+# (numbers are cycles per byte processed with 128-bit key):
+#
+# instruction interleave factor 3x 6x 8x
+# theoretical asymptotic limit 1.67 0.83 0.625
+# measured performance for 8KB block 1.05 0.86 0.84
+#
+# "as if" interleave factor 4.7x 5.8x 6.0x
+#
+# Further data for other parallelizable modes:
+#
+# CBC decrypt 1.16 0.93 0.93
+# CTR 1.14 0.91 n/a
+#
+# Well, given 3x column it's probably inappropriate to call the limit
+# asymptotic, if it can be surpassed, isn't it? What happens there?
+# Rewind to CBC paragraph for the answer. Yes, out-of-order execution
+# magic is responsible for this. Processor overlaps not only the
+# additional instructions with AES ones, but even AES instuctions
+# processing adjacent triplets of independent blocks. In the 6x case
+# additional instructions still claim disproportionally small amount
+# of additional cycles, but in 8x case number of instructions must be
+# a tad too high for out-of-order logic to cope with, and AES unit
+# remains underutilized... As you can see 8x interleave is hardly
+# justifiable, so there no need to feel bad that 32-bit aesni-x86.pl
+# utilizies 6x interleave because of limited register bank capacity.
+#
+# Higher interleave factors do have negative impact on Westmere
+# performance. While for ECB mode it's negligible ~1.5%, other
+# parallelizables perform ~5% worse, which is outweighed by ~25%
+# improvement on Sandy Bridge. To balance regression on Westmere
+# CTR mode was implemented with 6x aesenc interleave factor.
+
+# April 2011
+#
+# Add aesni_xts_[en|de]crypt. Westmere spends 1.33 cycles processing
+# one byte out of 8KB with 128-bit key, Sandy Bridge - 0.97. Just like
+# in CTR mode AES instruction interleave factor was chosen to be 6x.
+
+$PREFIX="aesni"; # if $PREFIX is set to "AES", the script
+ # generates drop-in replacement for
+ # crypto/aes/asm/aes-x86_64.pl:-)
+
+$flavour = shift;
+$output = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+
+$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
+die "can't locate x86_64-xlate.pl";
+
+open OUT,"| \"$^X\" $xlate $flavour $output";
+*STDOUT=*OUT;
+
+$movkey = $PREFIX eq "aesni" ? "movups" : "movups";
+ at _4args=$win64? ("%rcx","%rdx","%r8", "%r9") : # Win64 order
+ ("%rdi","%rsi","%rdx","%rcx"); # Unix order
+
+$code=".text\n";
+
+$rounds="%eax"; # input to and changed by aesni_[en|de]cryptN !!!
+# this is natural Unix argument order for public $PREFIX_[ecb|cbc]_encrypt ...
+$inp="%rdi";
+$out="%rsi";
+$len="%rdx";
+$key="%rcx"; # input to and changed by aesni_[en|de]cryptN !!!
+$ivp="%r8"; # cbc, ctr, ...
+
+$rnds_="%r10d"; # backup copy for $rounds
+$key_="%r11"; # backup copy for $key
+
+# %xmm register layout
+$rndkey0="%xmm0"; $rndkey1="%xmm1";
+$inout0="%xmm2"; $inout1="%xmm3";
+$inout2="%xmm4"; $inout3="%xmm5";
+$inout4="%xmm6"; $inout5="%xmm7";
+$inout6="%xmm8"; $inout7="%xmm9";
+
+$in2="%xmm6"; $in1="%xmm7"; # used in CBC decrypt, CTR, ...
+$in0="%xmm8"; $iv="%xmm9";
+
+# Inline version of internal aesni_[en|de]crypt1.
+#
+# Why folded loop? Because aes[enc|dec] is slow enough to accommodate
+# cycles which take care of loop variables...
+{ my $sn;
+sub aesni_generate1 {
+my ($p,$key,$rounds,$inout,$ivec)=@_; $inout=$inout0 if (!defined($inout));
+++$sn;
+$code.=<<___;
+ $movkey ($key),$rndkey0
+ $movkey 16($key),$rndkey1
+___
+$code.=<<___ if (defined($ivec));
+ xorps $rndkey0,$ivec
+ lea 32($key),$key
+ xorps $ivec,$inout
+___
+$code.=<<___ if (!defined($ivec));
+ lea 32($key),$key
+ xorps $rndkey0,$inout
+___
+$code.=<<___;
+.Loop_${p}1_$sn:
+ aes${p} $rndkey1,$inout
+ dec $rounds
+ $movkey ($key),$rndkey1
+ lea 16($key),$key
+ jnz .Loop_${p}1_$sn # loop body is 16 bytes
+ aes${p}last $rndkey1,$inout
+___
+}}
+# void $PREFIX_[en|de]crypt (const void *inp,void *out,const AES_KEY *key);
+#
+{ my ($inp,$out,$key) = @_4args;
+
+$code.=<<___;
+.globl ${PREFIX}_encrypt
+.type ${PREFIX}_encrypt,\@abi-omnipotent
+.align 16
+${PREFIX}_encrypt:
+ movups ($inp),$inout0 # load input
+ mov 240($key),$rounds # key->rounds
+___
+ &aesni_generate1("enc",$key,$rounds);
+$code.=<<___;
+ movups $inout0,($out) # output
+ ret
+.size ${PREFIX}_encrypt,.-${PREFIX}_encrypt
+
+.globl ${PREFIX}_decrypt
+.type ${PREFIX}_decrypt,\@abi-omnipotent
+.align 16
+${PREFIX}_decrypt:
+ movups ($inp),$inout0 # load input
+ mov 240($key),$rounds # key->rounds
+___
+ &aesni_generate1("dec",$key,$rounds);
+$code.=<<___;
+ movups $inout0,($out) # output
+ ret
+.size ${PREFIX}_decrypt, .-${PREFIX}_decrypt
+___
+}
+
+# _aesni_[en|de]cryptN are private interfaces, N denotes interleave
+# factor. Why 3x subroutine were originally used in loops? Even though
+# aes[enc|dec] latency was originally 6, it could be scheduled only
+# every *2nd* cycle. Thus 3x interleave was the one providing optimal
+# utilization, i.e. when subroutine's throughput is virtually same as
+# of non-interleaved subroutine [for number of input blocks up to 3].
+# This is why it makes no sense to implement 2x subroutine.
+# aes[enc|dec] latency in next processor generation is 8, but the
+# instructions can be scheduled every cycle. Optimal interleave for
+# new processor is therefore 8x...
+sub aesni_generate3 {
+my $dir=shift;
+# As already mentioned it takes in $key and $rounds, which are *not*
+# preserved. $inout[0-2] is cipher/clear text...
+$code.=<<___;
+.type _aesni_${dir}rypt3,\@abi-omnipotent
+.align 16
+_aesni_${dir}rypt3:
+ $movkey ($key),$rndkey0
+ shr \$1,$rounds
+ $movkey 16($key),$rndkey1
+ lea 32($key),$key
+ xorps $rndkey0,$inout0
+ xorps $rndkey0,$inout1
+ xorps $rndkey0,$inout2
+ $movkey ($key),$rndkey0
+
+.L${dir}_loop3:
+ aes${dir} $rndkey1,$inout0
+ aes${dir} $rndkey1,$inout1
+ dec $rounds
+ aes${dir} $rndkey1,$inout2
+ $movkey 16($key),$rndkey1
+ aes${dir} $rndkey0,$inout0
+ aes${dir} $rndkey0,$inout1
+ lea 32($key),$key
+ aes${dir} $rndkey0,$inout2
+ $movkey ($key),$rndkey0
+ jnz .L${dir}_loop3
+
+ aes${dir} $rndkey1,$inout0
+ aes${dir} $rndkey1,$inout1
+ aes${dir} $rndkey1,$inout2
+ aes${dir}last $rndkey0,$inout0
+ aes${dir}last $rndkey0,$inout1
+ aes${dir}last $rndkey0,$inout2
+ ret
+.size _aesni_${dir}rypt3,.-_aesni_${dir}rypt3
+___
+}
+# 4x interleave is implemented to improve small block performance,
+# most notably [and naturally] 4 block by ~30%. One can argue that one
+# should have implemented 5x as well, but improvement would be <20%,
+# so it's not worth it...
+sub aesni_generate4 {
+my $dir=shift;
+# As already mentioned it takes in $key and $rounds, which are *not*
+# preserved. $inout[0-3] is cipher/clear text...
+$code.=<<___;
+.type _aesni_${dir}rypt4,\@abi-omnipotent
+.align 16
+_aesni_${dir}rypt4:
+ $movkey ($key),$rndkey0
+ shr \$1,$rounds
+ $movkey 16($key),$rndkey1
+ lea 32($key),$key
+ xorps $rndkey0,$inout0
+ xorps $rndkey0,$inout1
+ xorps $rndkey0,$inout2
+ xorps $rndkey0,$inout3
+ $movkey ($key),$rndkey0
+
+.L${dir}_loop4:
+ aes${dir} $rndkey1,$inout0
+ aes${dir} $rndkey1,$inout1
+ dec $rounds
+ aes${dir} $rndkey1,$inout2
+ aes${dir} $rndkey1,$inout3
+ $movkey 16($key),$rndkey1
+ aes${dir} $rndkey0,$inout0
+ aes${dir} $rndkey0,$inout1
+ lea 32($key),$key
+ aes${dir} $rndkey0,$inout2
+ aes${dir} $rndkey0,$inout3
+ $movkey ($key),$rndkey0
+ jnz .L${dir}_loop4
+
+ aes${dir} $rndkey1,$inout0
+ aes${dir} $rndkey1,$inout1
+ aes${dir} $rndkey1,$inout2
+ aes${dir} $rndkey1,$inout3
+ aes${dir}last $rndkey0,$inout0
+ aes${dir}last $rndkey0,$inout1
+ aes${dir}last $rndkey0,$inout2
+ aes${dir}last $rndkey0,$inout3
+ ret
+.size _aesni_${dir}rypt4,.-_aesni_${dir}rypt4
+___
+}
+sub aesni_generate6 {
+my $dir=shift;
+# As already mentioned it takes in $key and $rounds, which are *not*
+# preserved. $inout[0-5] is cipher/clear text...
+$code.=<<___;
+.type _aesni_${dir}rypt6,\@abi-omnipotent
+.align 16
+_aesni_${dir}rypt6:
+ $movkey ($key),$rndkey0
+ shr \$1,$rounds
+ $movkey 16($key),$rndkey1
+ lea 32($key),$key
+ xorps $rndkey0,$inout0
+ pxor $rndkey0,$inout1
+ aes${dir} $rndkey1,$inout0
+ pxor $rndkey0,$inout2
+ aes${dir} $rndkey1,$inout1
+ pxor $rndkey0,$inout3
+ aes${dir} $rndkey1,$inout2
+ pxor $rndkey0,$inout4
+ aes${dir} $rndkey1,$inout3
+ pxor $rndkey0,$inout5
+ dec $rounds
+ aes${dir} $rndkey1,$inout4
+ $movkey ($key),$rndkey0
+ aes${dir} $rndkey1,$inout5
+ jmp .L${dir}_loop6_enter
+.align 16
+.L${dir}_loop6:
+ aes${dir} $rndkey1,$inout0
+ aes${dir} $rndkey1,$inout1
+ dec $rounds
+ aes${dir} $rndkey1,$inout2
+ aes${dir} $rndkey1,$inout3
+ aes${dir} $rndkey1,$inout4
+ aes${dir} $rndkey1,$inout5
+.L${dir}_loop6_enter: # happens to be 16-byte aligned
+ $movkey 16($key),$rndkey1
+ aes${dir} $rndkey0,$inout0
+ aes${dir} $rndkey0,$inout1
+ lea 32($key),$key
+ aes${dir} $rndkey0,$inout2
+ aes${dir} $rndkey0,$inout3
+ aes${dir} $rndkey0,$inout4
+ aes${dir} $rndkey0,$inout5
+ $movkey ($key),$rndkey0
+ jnz .L${dir}_loop6
+
+ aes${dir} $rndkey1,$inout0
+ aes${dir} $rndkey1,$inout1
+ aes${dir} $rndkey1,$inout2
+ aes${dir} $rndkey1,$inout3
+ aes${dir} $rndkey1,$inout4
+ aes${dir} $rndkey1,$inout5
+ aes${dir}last $rndkey0,$inout0
+ aes${dir}last $rndkey0,$inout1
+ aes${dir}last $rndkey0,$inout2
+ aes${dir}last $rndkey0,$inout3
+ aes${dir}last $rndkey0,$inout4
+ aes${dir}last $rndkey0,$inout5
+ ret
+.size _aesni_${dir}rypt6,.-_aesni_${dir}rypt6
+___
+}
+sub aesni_generate8 {
+my $dir=shift;
+# As already mentioned it takes in $key and $rounds, which are *not*
+# preserved. $inout[0-7] is cipher/clear text...
+$code.=<<___;
+.type _aesni_${dir}rypt8,\@abi-omnipotent
+.align 16
+_aesni_${dir}rypt8:
+ $movkey ($key),$rndkey0
+ shr \$1,$rounds
+ $movkey 16($key),$rndkey1
+ lea 32($key),$key
+ xorps $rndkey0,$inout0
+ xorps $rndkey0,$inout1
+ aes${dir} $rndkey1,$inout0
+ pxor $rndkey0,$inout2
+ aes${dir} $rndkey1,$inout1
+ pxor $rndkey0,$inout3
+ aes${dir} $rndkey1,$inout2
+ pxor $rndkey0,$inout4
+ aes${dir} $rndkey1,$inout3
+ pxor $rndkey0,$inout5
+ dec $rounds
+ aes${dir} $rndkey1,$inout4
+ pxor $rndkey0,$inout6
+ aes${dir} $rndkey1,$inout5
+ pxor $rndkey0,$inout7
+ $movkey ($key),$rndkey0
+ aes${dir} $rndkey1,$inout6
+ aes${dir} $rndkey1,$inout7
+ $movkey 16($key),$rndkey1
+ jmp .L${dir}_loop8_enter
+.align 16
+.L${dir}_loop8:
+ aes${dir} $rndkey1,$inout0
+ aes${dir} $rndkey1,$inout1
+ dec $rounds
+ aes${dir} $rndkey1,$inout2
+ aes${dir} $rndkey1,$inout3
+ aes${dir} $rndkey1,$inout4
+ aes${dir} $rndkey1,$inout5
+ aes${dir} $rndkey1,$inout6
+ aes${dir} $rndkey1,$inout7
+ $movkey 16($key),$rndkey1
+.L${dir}_loop8_enter: # happens to be 16-byte aligned
+ aes${dir} $rndkey0,$inout0
+ aes${dir} $rndkey0,$inout1
+ lea 32($key),$key
+ aes${dir} $rndkey0,$inout2
+ aes${dir} $rndkey0,$inout3
+ aes${dir} $rndkey0,$inout4
+ aes${dir} $rndkey0,$inout5
+ aes${dir} $rndkey0,$inout6
+ aes${dir} $rndkey0,$inout7
+ $movkey ($key),$rndkey0
+ jnz .L${dir}_loop8
+
+ aes${dir} $rndkey1,$inout0
+ aes${dir} $rndkey1,$inout1
+ aes${dir} $rndkey1,$inout2
+ aes${dir} $rndkey1,$inout3
+ aes${dir} $rndkey1,$inout4
+ aes${dir} $rndkey1,$inout5
+ aes${dir} $rndkey1,$inout6
+ aes${dir} $rndkey1,$inout7
+ aes${dir}last $rndkey0,$inout0
+ aes${dir}last $rndkey0,$inout1
+ aes${dir}last $rndkey0,$inout2
+ aes${dir}last $rndkey0,$inout3
+ aes${dir}last $rndkey0,$inout4
+ aes${dir}last $rndkey0,$inout5
+ aes${dir}last $rndkey0,$inout6
+ aes${dir}last $rndkey0,$inout7
+ ret
+.size _aesni_${dir}rypt8,.-_aesni_${dir}rypt8
+___
+}
+&aesni_generate3("enc") if ($PREFIX eq "aesni");
+&aesni_generate3("dec");
+&aesni_generate4("enc") if ($PREFIX eq "aesni");
+&aesni_generate4("dec");
+&aesni_generate6("enc") if ($PREFIX eq "aesni");
+&aesni_generate6("dec");
+&aesni_generate8("enc") if ($PREFIX eq "aesni");
+&aesni_generate8("dec");
+
+if ($PREFIX eq "aesni") {
+########################################################################
+# void aesni_ecb_encrypt (const void *in, void *out,
+# size_t length, const AES_KEY *key,
+# int enc);
+$code.=<<___;
+.globl aesni_ecb_encrypt
+.type aesni_ecb_encrypt,\@function,5
+.align 16
+aesni_ecb_encrypt:
+___
+$code.=<<___ if ($win64);
+ lea -0x58(%rsp),%rsp
+ movaps %xmm6,(%rsp)
+ movaps %xmm7,0x10(%rsp)
+ movaps %xmm8,0x20(%rsp)
+ movaps %xmm9,0x30(%rsp)
+.Lecb_enc_body:
+___
+$code.=<<___;
+ and \$-16,$len
+ jz .Lecb_ret
+
+ mov 240($key),$rounds # key->rounds
+ $movkey ($key),$rndkey0
+ mov $key,$key_ # backup $key
+ mov $rounds,$rnds_ # backup $rounds
+ test %r8d,%r8d # 5th argument
+ jz .Lecb_decrypt
+#--------------------------- ECB ENCRYPT ------------------------------#
+ cmp \$0x80,$len
+ jb .Lecb_enc_tail
+
+ movdqu ($inp),$inout0
+ movdqu 0x10($inp),$inout1
+ movdqu 0x20($inp),$inout2
+ movdqu 0x30($inp),$inout3
+ movdqu 0x40($inp),$inout4
+ movdqu 0x50($inp),$inout5
+ movdqu 0x60($inp),$inout6
+ movdqu 0x70($inp),$inout7
+ lea 0x80($inp),$inp
+ sub \$0x80,$len
+ jmp .Lecb_enc_loop8_enter
+.align 16
+.Lecb_enc_loop8:
+ movups $inout0,($out)
+ mov $key_,$key # restore $key
+ movdqu ($inp),$inout0
+ mov $rnds_,$rounds # restore $rounds
+ movups $inout1,0x10($out)
+ movdqu 0x10($inp),$inout1
+ movups $inout2,0x20($out)
+ movdqu 0x20($inp),$inout2
+ movups $inout3,0x30($out)
+ movdqu 0x30($inp),$inout3
+ movups $inout4,0x40($out)
+ movdqu 0x40($inp),$inout4
+ movups $inout5,0x50($out)
+ movdqu 0x50($inp),$inout5
+ movups $inout6,0x60($out)
+ movdqu 0x60($inp),$inout6
+ movups $inout7,0x70($out)
+ lea 0x80($out),$out
+ movdqu 0x70($inp),$inout7
+ lea 0x80($inp),$inp
+.Lecb_enc_loop8_enter:
+
+ call _aesni_encrypt8
+
+ sub \$0x80,$len
+ jnc .Lecb_enc_loop8
+
+ movups $inout0,($out)
+ mov $key_,$key # restore $key
+ movups $inout1,0x10($out)
+ mov $rnds_,$rounds # restore $rounds
+ movups $inout2,0x20($out)
+ movups $inout3,0x30($out)
+ movups $inout4,0x40($out)
+ movups $inout5,0x50($out)
+ movups $inout6,0x60($out)
+ movups $inout7,0x70($out)
+ lea 0x80($out),$out
+ add \$0x80,$len
+ jz .Lecb_ret
+
+.Lecb_enc_tail:
+ movups ($inp),$inout0
+ cmp \$0x20,$len
+ jb .Lecb_enc_one
+ movups 0x10($inp),$inout1
+ je .Lecb_enc_two
+ movups 0x20($inp),$inout2
+ cmp \$0x40,$len
+ jb .Lecb_enc_three
+ movups 0x30($inp),$inout3
+ je .Lecb_enc_four
+ movups 0x40($inp),$inout4
+ cmp \$0x60,$len
+ jb .Lecb_enc_five
+ movups 0x50($inp),$inout5
+ je .Lecb_enc_six
+ movdqu 0x60($inp),$inout6
+ call _aesni_encrypt8
+ movups $inout0,($out)
+ movups $inout1,0x10($out)
+ movups $inout2,0x20($out)
+ movups $inout3,0x30($out)
+ movups $inout4,0x40($out)
+ movups $inout5,0x50($out)
+ movups $inout6,0x60($out)
+ jmp .Lecb_ret
+.align 16
+.Lecb_enc_one:
+___
+ &aesni_generate1("enc",$key,$rounds);
+$code.=<<___;
+ movups $inout0,($out)
+ jmp .Lecb_ret
+.align 16
+.Lecb_enc_two:
+ xorps $inout2,$inout2
+ call _aesni_encrypt3
+ movups $inout0,($out)
+ movups $inout1,0x10($out)
+ jmp .Lecb_ret
+.align 16
+.Lecb_enc_three:
+ call _aesni_encrypt3
+ movups $inout0,($out)
+ movups $inout1,0x10($out)
+ movups $inout2,0x20($out)
+ jmp .Lecb_ret
+.align 16
+.Lecb_enc_four:
+ call _aesni_encrypt4
+ movups $inout0,($out)
+ movups $inout1,0x10($out)
+ movups $inout2,0x20($out)
+ movups $inout3,0x30($out)
+ jmp .Lecb_ret
+.align 16
+.Lecb_enc_five:
+ xorps $inout5,$inout5
+ call _aesni_encrypt6
+ movups $inout0,($out)
+ movups $inout1,0x10($out)
+ movups $inout2,0x20($out)
+ movups $inout3,0x30($out)
+ movups $inout4,0x40($out)
+ jmp .Lecb_ret
+.align 16
+.Lecb_enc_six:
+ call _aesni_encrypt6
+ movups $inout0,($out)
+ movups $inout1,0x10($out)
+ movups $inout2,0x20($out)
+ movups $inout3,0x30($out)
+ movups $inout4,0x40($out)
+ movups $inout5,0x50($out)
+ jmp .Lecb_ret
+
#--------------------------- ECB DECRYPT ------------------------------#
+.align 16
+.Lecb_decrypt:
+ cmp \$0x80,$len
+ jb .Lecb_dec_tail
+
+ movdqu ($inp),$inout0
+ movdqu 0x10($inp),$inout1
+ movdqu 0x20($inp),$inout2
+ movdqu 0x30($inp),$inout3
+ movdqu 0x40($inp),$inout4
+ movdqu 0x50($inp),$inout5
+ movdqu 0x60($inp),$inout6
+ movdqu 0x70($inp),$inout7
+ lea 0x80($inp),$inp
+ sub \$0x80,$len
+ jmp .Lecb_dec_loop8_enter
+.align 16
+.Lecb_dec_loop8:
+ movups $inout0,($out)
+ mov $key_,$key # restore $key
+ movdqu ($inp),$inout0
+ mov $rnds_,$rounds # restore $rounds
+ movups $inout1,0x10($out)
+ movdqu 0x10($inp),$inout1
+ movups $inout2,0x20($out)
+ movdqu 0x20($inp),$inout2
+ movups $inout3,0x30($out)
+ movdqu 0x30($inp),$inout3
+ movups $inout4,0x40($out)
+ movdqu 0x40($inp),$inout4
+ movups $inout5,0x50($out)
+ movdqu 0x50($inp),$inout5
+ movups $inout6,0x60($out)
+ movdqu 0x60($inp),$inout6
+ movups $inout7,0x70($out)
+ lea 0x80($out),$out
+ movdqu 0x70($inp),$inout7
+ lea 0x80($inp),$inp
+.Lecb_dec_loop8_enter:
+
+ call _aesni_decrypt8
+
+ $movkey ($key_),$rndkey0
+ sub \$0x80,$len
+ jnc .Lecb_dec_loop8
+
+ movups $inout0,($out)
+ mov $key_,$key # restore $key
+ movups $inout1,0x10($out)
+ mov $rnds_,$rounds # restore $rounds
+ movups $inout2,0x20($out)
+ movups $inout3,0x30($out)
+ movups $inout4,0x40($out)
+ movups $inout5,0x50($out)
+ movups $inout6,0x60($out)
+ movups $inout7,0x70($out)
+ lea 0x80($out),$out
+ add \$0x80,$len
+ jz .Lecb_ret
+
+.Lecb_dec_tail:
+ movups ($inp),$inout0
+ cmp \$0x20,$len
+ jb .Lecb_dec_one
+ movups 0x10($inp),$inout1
+ je .Lecb_dec_two
+ movups 0x20($inp),$inout2
+ cmp \$0x40,$len
+ jb .Lecb_dec_three
+ movups 0x30($inp),$inout3
+ je .Lecb_dec_four
+ movups 0x40($inp),$inout4
+ cmp \$0x60,$len
+ jb .Lecb_dec_five
+ movups 0x50($inp),$inout5
+ je .Lecb_dec_six
+ movups 0x60($inp),$inout6
+ $movkey ($key),$rndkey0
+ call _aesni_decrypt8
+ movups $inout0,($out)
+ movups $inout1,0x10($out)
+ movups $inout2,0x20($out)
+ movups $inout3,0x30($out)
+ movups $inout4,0x40($out)
+ movups $inout5,0x50($out)
+ movups $inout6,0x60($out)
+ jmp .Lecb_ret
+.align 16
+.Lecb_dec_one:
+___
+ &aesni_generate1("dec",$key,$rounds);
+$code.=<<___;
+ movups $inout0,($out)
+ jmp .Lecb_ret
+.align 16
+.Lecb_dec_two:
+ xorps $inout2,$inout2
+ call _aesni_decrypt3
+ movups $inout0,($out)
+ movups $inout1,0x10($out)
+ jmp .Lecb_ret
+.align 16
+.Lecb_dec_three:
+ call _aesni_decrypt3
+ movups $inout0,($out)
+ movups $inout1,0x10($out)
+ movups $inout2,0x20($out)
+ jmp .Lecb_ret
+.align 16
+.Lecb_dec_four:
+ call _aesni_decrypt4
+ movups $inout0,($out)
+ movups $inout1,0x10($out)
+ movups $inout2,0x20($out)
+ movups $inout3,0x30($out)
+ jmp .Lecb_ret
+.align 16
+.Lecb_dec_five:
+ xorps $inout5,$inout5
+ call _aesni_decrypt6
+ movups $inout0,($out)
+ movups $inout1,0x10($out)
+ movups $inout2,0x20($out)
+ movups $inout3,0x30($out)
+ movups $inout4,0x40($out)
+ jmp .Lecb_ret
+.align 16
+.Lecb_dec_six:
+ call _aesni_decrypt6
+ movups $inout0,($out)
+ movups $inout1,0x10($out)
+ movups $inout2,0x20($out)
+ movups $inout3,0x30($out)
+ movups $inout4,0x40($out)
+ movups $inout5,0x50($out)
+
+.Lecb_ret:
+___
+$code.=<<___ if ($win64);
+ movaps (%rsp),%xmm6
+ movaps 0x10(%rsp),%xmm7
+ movaps 0x20(%rsp),%xmm8
+ movaps 0x30(%rsp),%xmm9
+ lea 0x58(%rsp),%rsp
+.Lecb_enc_ret:
+___
+$code.=<<___;
+ ret
+.size aesni_ecb_encrypt,.-aesni_ecb_encrypt
+___
+
+{
+######################################################################
+# void aesni_ccm64_[en|de]crypt_blocks (const void *in, void *out,
+# size_t blocks, const AES_KEY *key,
+# const char *ivec,char *cmac);
+#
+# Handles only complete blocks, operates on 64-bit counter and
+# does not update *ivec! Nor does it finalize CMAC value
+# (see engine/eng_aesni.c for details)
+#
+{
+my $cmac="%r9"; # 6th argument
+
+my $increment="%xmm6";
+my $bswap_mask="%xmm7";
+
+$code.=<<___;
+.globl aesni_ccm64_encrypt_blocks
+.type aesni_ccm64_encrypt_blocks,\@function,6
+.align 16
+aesni_ccm64_encrypt_blocks:
+___
+$code.=<<___ if ($win64);
+ lea -0x58(%rsp),%rsp
+ movaps %xmm6,(%rsp)
+ movaps %xmm7,0x10(%rsp)
+ movaps %xmm8,0x20(%rsp)
+ movaps %xmm9,0x30(%rsp)
+.Lccm64_enc_body:
+___
+$code.=<<___;
+ mov 240($key),$rounds # key->rounds
+ movdqu ($ivp),$iv
+ movdqa .Lincrement64(%rip),$increment
+ movdqa .Lbswap_mask(%rip),$bswap_mask
+
+ shr \$1,$rounds
+ lea 0($key),$key_
+ movdqu ($cmac),$inout1
+ movdqa $iv,$inout0
+ mov $rounds,$rnds_
+ pshufb $bswap_mask,$iv
+ jmp .Lccm64_enc_outer
+.align 16
+.Lccm64_enc_outer:
+ $movkey ($key_),$rndkey0
+ mov $rnds_,$rounds
+ movups ($inp),$in0 # load inp
+
+ xorps $rndkey0,$inout0 # counter
+ $movkey 16($key_),$rndkey1
+ xorps $in0,$rndkey0
+ lea 32($key_),$key
+ xorps $rndkey0,$inout1 # cmac^=inp
+ $movkey ($key),$rndkey0
+
+.Lccm64_enc2_loop:
+ aesenc $rndkey1,$inout0
+ dec $rounds
+ aesenc $rndkey1,$inout1
+ $movkey 16($key),$rndkey1
+ aesenc $rndkey0,$inout0
+ lea 32($key),$key
+ aesenc $rndkey0,$inout1
+ $movkey 0($key),$rndkey0
+ jnz .Lccm64_enc2_loop
+ aesenc $rndkey1,$inout0
+ aesenc $rndkey1,$inout1
+ paddq $increment,$iv
+ aesenclast $rndkey0,$inout0
+ aesenclast $rndkey0,$inout1
+
+ dec $len
+ lea 16($inp),$inp
+ xorps $inout0,$in0 # inp ^= E(iv)
+ movdqa $iv,$inout0
+ movups $in0,($out) # save output
+ lea 16($out),$out
+ pshufb $bswap_mask,$inout0
+ jnz .Lccm64_enc_outer
+
+ movups $inout1,($cmac)
+___
+$code.=<<___ if ($win64);
+ movaps (%rsp),%xmm6
+ movaps 0x10(%rsp),%xmm7
+ movaps 0x20(%rsp),%xmm8
+ movaps 0x30(%rsp),%xmm9
+ lea 0x58(%rsp),%rsp
+.Lccm64_enc_ret:
+___
+$code.=<<___;
+ ret
+.size aesni_ccm64_encrypt_blocks,.-aesni_ccm64_encrypt_blocks
+___
+######################################################################
+$code.=<<___;
+.globl aesni_ccm64_decrypt_blocks
+.type aesni_ccm64_decrypt_blocks,\@function,6
+.align 16
+aesni_ccm64_decrypt_blocks:
+___
+$code.=<<___ if ($win64);
+ lea -0x58(%rsp),%rsp
+ movaps %xmm6,(%rsp)
+ movaps %xmm7,0x10(%rsp)
+ movaps %xmm8,0x20(%rsp)
+ movaps %xmm9,0x30(%rsp)
+.Lccm64_dec_body:
+___
+$code.=<<___;
+ mov 240($key),$rounds # key->rounds
+ movups ($ivp),$iv
+ movdqu ($cmac),$inout1
+ movdqa .Lincrement64(%rip),$increment
+ movdqa .Lbswap_mask(%rip),$bswap_mask
+
+ movaps $iv,$inout0
+ mov $rounds,$rnds_
+ mov $key,$key_
+ pshufb $bswap_mask,$iv
+___
+ &aesni_generate1("enc",$key,$rounds);
+$code.=<<___;
+ movups ($inp),$in0 # load inp
+ paddq $increment,$iv
+ lea 16($inp),$inp
+ jmp .Lccm64_dec_outer
+.align 16
+.Lccm64_dec_outer:
+ xorps $inout0,$in0 # inp ^= E(iv)
+ movdqa $iv,$inout0
+ mov $rnds_,$rounds
+ movups $in0,($out) # save output
+ lea 16($out),$out
+ pshufb $bswap_mask,$inout0
+
+ sub \$1,$len
+ jz .Lccm64_dec_break
+
+ $movkey ($key_),$rndkey0
+ shr \$1,$rounds
+ $movkey 16($key_),$rndkey1
+ xorps $rndkey0,$in0
+ lea 32($key_),$key
+ xorps $rndkey0,$inout0
+ xorps $in0,$inout1 # cmac^=out
+ $movkey ($key),$rndkey0
+
+.Lccm64_dec2_loop:
+ aesenc $rndkey1,$inout0
+ dec $rounds
+ aesenc $rndkey1,$inout1
+ $movkey 16($key),$rndkey1
+ aesenc $rndkey0,$inout0
+ lea 32($key),$key
+ aesenc $rndkey0,$inout1
+ $movkey 0($key),$rndkey0
+ jnz .Lccm64_dec2_loop
+ movups ($inp),$in0 # load inp
+ paddq $increment,$iv
+ aesenc $rndkey1,$inout0
+ aesenc $rndkey1,$inout1
+ lea 16($inp),$inp
+ aesenclast $rndkey0,$inout0
+ aesenclast $rndkey0,$inout1
+ jmp .Lccm64_dec_outer
+
+.align 16
+.Lccm64_dec_break:
+ #xorps $in0,$inout1 # cmac^=out
+___
+ &aesni_generate1("enc",$key_,$rounds,$inout1,$in0);
+$code.=<<___;
+ movups $inout1,($cmac)
+___
+$code.=<<___ if ($win64);
+ movaps (%rsp),%xmm6
+ movaps 0x10(%rsp),%xmm7
+ movaps 0x20(%rsp),%xmm8
+ movaps 0x30(%rsp),%xmm9
+ lea 0x58(%rsp),%rsp
+.Lccm64_dec_ret:
+___
+$code.=<<___;
+ ret
+.size aesni_ccm64_decrypt_blocks,.-aesni_ccm64_decrypt_blocks
+___
+}
+######################################################################
+# void aesni_ctr32_encrypt_blocks (const void *in, void *out,
+# size_t blocks, const AES_KEY *key,
+# const char *ivec);
+#
+# Handles only complete blocks, operates on 32-bit counter and
+# does not update *ivec! (see engine/eng_aesni.c for details)
+#
+{
+my $reserved = $win64?0:-0x28;
+my ($in0,$in1,$in2,$in3)=map("%xmm$_",(8..11));
+my ($iv0,$iv1,$ivec)=("%xmm12","%xmm13","%xmm14");
+my $bswap_mask="%xmm15";
+
+$code.=<<___;
+.globl aesni_ctr32_encrypt_blocks
+.type aesni_ctr32_encrypt_blocks,\@function,5
+.align 16
+aesni_ctr32_encrypt_blocks:
+___
+$code.=<<___ if ($win64);
+ lea -0xc8(%rsp),%rsp
+ movaps %xmm6,0x20(%rsp)
+ movaps %xmm7,0x30(%rsp)
+ movaps %xmm8,0x40(%rsp)
+ movaps %xmm9,0x50(%rsp)
+ movaps %xmm10,0x60(%rsp)
+ movaps %xmm11,0x70(%rsp)
+ movaps %xmm12,0x80(%rsp)
+ movaps %xmm13,0x90(%rsp)
+ movaps %xmm14,0xa0(%rsp)
+ movaps %xmm15,0xb0(%rsp)
+.Lctr32_body:
+___
+$code.=<<___;
+ cmp \$1,$len
+ je .Lctr32_one_shortcut
+
+ movdqu ($ivp),$ivec
+ movdqa .Lbswap_mask(%rip),$bswap_mask
+ xor $rounds,$rounds
+ pextrd \$3,$ivec,$rnds_ # pull 32-bit counter
+ pinsrd \$3,$rounds,$ivec # wipe 32-bit counter
+
+ mov 240($key),$rounds # key->rounds
+ bswap $rnds_
+ pxor $iv0,$iv0 # vector of 3 32-bit counters
+ pxor $iv1,$iv1 # vector of 3 32-bit counters
+ pinsrd \$0,$rnds_,$iv0
+ lea 3($rnds_),$key_
+ pinsrd \$0,$key_,$iv1
+ inc $rnds_
+ pinsrd \$1,$rnds_,$iv0
+ inc $key_
+ pinsrd \$1,$key_,$iv1
+ inc $rnds_
+ pinsrd \$2,$rnds_,$iv0
+ inc $key_
+ pinsrd \$2,$key_,$iv1
+ movdqa $iv0,$reserved(%rsp)
+ pshufb $bswap_mask,$iv0
+ movdqa $iv1,`$reserved+0x10`(%rsp)
+ pshufb $bswap_mask,$iv1
+
+ pshufd \$`3<<6`,$iv0,$inout0 # place counter to upper dword
+ pshufd \$`2<<6`,$iv0,$inout1
+ pshufd \$`1<<6`,$iv0,$inout2
+ cmp \$6,$len
+ jb .Lctr32_tail
+ shr \$1,$rounds
+ mov $key,$key_ # backup $key
+ mov $rounds,$rnds_ # backup $rounds
+ sub \$6,$len
+ jmp .Lctr32_loop6
+
+.align 16
+.Lctr32_loop6:
+ pshufd \$`3<<6`,$iv1,$inout3
+ por $ivec,$inout0 # merge counter-less ivec
+ $movkey ($key_),$rndkey0
+ pshufd \$`2<<6`,$iv1,$inout4
+ por $ivec,$inout1
+ $movkey 16($key_),$rndkey1
+ pshufd \$`1<<6`,$iv1,$inout5
+ por $ivec,$inout2
+ por $ivec,$inout3
+ xorps $rndkey0,$inout0
+ por $ivec,$inout4
+ por $ivec,$inout5
+
+ # inline _aesni_encrypt6 and interleave last rounds
+ # with own code...
+
+ pxor $rndkey0,$inout1
+ aesenc $rndkey1,$inout0
+ lea 32($key_),$key
+ pxor $rndkey0,$inout2
+ aesenc $rndkey1,$inout1
+ movdqa .Lincrement32(%rip),$iv1
+ pxor $rndkey0,$inout3
+ aesenc $rndkey1,$inout2
+ movdqa $reserved(%rsp),$iv0
+ pxor $rndkey0,$inout4
+ aesenc $rndkey1,$inout3
+ pxor $rndkey0,$inout5
+ $movkey ($key),$rndkey0
+ dec $rounds
+ aesenc $rndkey1,$inout4
+ aesenc $rndkey1,$inout5
+ jmp .Lctr32_enc_loop6_enter
+.align 16
+.Lctr32_enc_loop6:
+ aesenc $rndkey1,$inout0
+ aesenc $rndkey1,$inout1
+ dec $rounds
+ aesenc $rndkey1,$inout2
+ aesenc $rndkey1,$inout3
+ aesenc $rndkey1,$inout4
+ aesenc $rndkey1,$inout5
+.Lctr32_enc_loop6_enter:
+ $movkey 16($key),$rndkey1
+ aesenc $rndkey0,$inout0
+ aesenc $rndkey0,$inout1
+ lea 32($key),$key
+ aesenc $rndkey0,$inout2
+ aesenc $rndkey0,$inout3
+ aesenc $rndkey0,$inout4
+ aesenc $rndkey0,$inout5
+ $movkey ($key),$rndkey0
+ jnz .Lctr32_enc_loop6
+
+ aesenc $rndkey1,$inout0
+ paddd $iv1,$iv0 # increment counter vector
+ aesenc $rndkey1,$inout1
+ paddd `$reserved+0x10`(%rsp),$iv1
+ aesenc $rndkey1,$inout2
+ movdqa $iv0,$reserved(%rsp) # save counter vector
+ aesenc $rndkey1,$inout3
+ movdqa $iv1,`$reserved+0x10`(%rsp)
+ aesenc $rndkey1,$inout4
+ pshufb $bswap_mask,$iv0 # byte swap
+ aesenc $rndkey1,$inout5
+ pshufb $bswap_mask,$iv1
+
+ aesenclast $rndkey0,$inout0
+ movups ($inp),$in0 # load input
+ aesenclast $rndkey0,$inout1
+ movups 0x10($inp),$in1
+ aesenclast $rndkey0,$inout2
+ movups 0x20($inp),$in2
+ aesenclast $rndkey0,$inout3
+ movups 0x30($inp),$in3
+ aesenclast $rndkey0,$inout4
+ movups 0x40($inp),$rndkey1
+ aesenclast $rndkey0,$inout5
+ movups 0x50($inp),$rndkey0
+ lea 0x60($inp),$inp
+
+ xorps $inout0,$in0 # xor
+ pshufd \$`3<<6`,$iv0,$inout0
+ xorps $inout1,$in1
+ pshufd \$`2<<6`,$iv0,$inout1
+ movups $in0,($out) # store output
+ xorps $inout2,$in2
+ pshufd \$`1<<6`,$iv0,$inout2
+ movups $in1,0x10($out)
+ xorps $inout3,$in3
+ movups $in2,0x20($out)
+ xorps $inout4,$rndkey1
+ movups $in3,0x30($out)
+ xorps $inout5,$rndkey0
+ movups $rndkey1,0x40($out)
+ movups $rndkey0,0x50($out)
+ lea 0x60($out),$out
+ mov $rnds_,$rounds
+ sub \$6,$len
+ jnc .Lctr32_loop6
+
+ add \$6,$len
+ jz .Lctr32_done
+ mov $key_,$key # restore $key
+ lea 1($rounds,$rounds),$rounds # restore original value
+
+.Lctr32_tail:
+ por $ivec,$inout0
+ movups ($inp),$in0
+ cmp \$2,$len
+ jb .Lctr32_one
+
+ por $ivec,$inout1
+ movups 0x10($inp),$in1
+ je .Lctr32_two
+
+ pshufd \$`3<<6`,$iv1,$inout3
+ por $ivec,$inout2
+ movups 0x20($inp),$in2
+ cmp \$4,$len
+ jb .Lctr32_three
+
+ pshufd \$`2<<6`,$iv1,$inout4
+ por $ivec,$inout3
+ movups 0x30($inp),$in3
+ je .Lctr32_four
+
+ por $ivec,$inout4
+ xorps $inout5,$inout5
+
+ call _aesni_encrypt6
+
+ movups 0x40($inp),$rndkey1
+ xorps $inout0,$in0
+ xorps $inout1,$in1
+ movups $in0,($out)
+ xorps $inout2,$in2
+ movups $in1,0x10($out)
+ xorps $inout3,$in3
+ movups $in2,0x20($out)
+ xorps $inout4,$rndkey1
+ movups $in3,0x30($out)
+ movups $rndkey1,0x40($out)
+ jmp .Lctr32_done
+
+.align 16
+.Lctr32_one_shortcut:
+ movups ($ivp),$inout0
+ movups ($inp),$in0
+ mov 240($key),$rounds # key->rounds
+.Lctr32_one:
+___
+ &aesni_generate1("enc",$key,$rounds);
+$code.=<<___;
+ xorps $inout0,$in0
+ movups $in0,($out)
+ jmp .Lctr32_done
+
+.align 16
+.Lctr32_two:
+ xorps $inout2,$inout2
+ call _aesni_encrypt3
+ xorps $inout0,$in0
+ xorps $inout1,$in1
+ movups $in0,($out)
+ movups $in1,0x10($out)
+ jmp .Lctr32_done
+
+.align 16
+.Lctr32_three:
+ call _aesni_encrypt3
+ xorps $inout0,$in0
+ xorps $inout1,$in1
+ movups $in0,($out)
+ xorps $inout2,$in2
+ movups $in1,0x10($out)
+ movups $in2,0x20($out)
+ jmp .Lctr32_done
+
+.align 16
+.Lctr32_four:
+ call _aesni_encrypt4
+ xorps $inout0,$in0
+ xorps $inout1,$in1
+ movups $in0,($out)
+ xorps $inout2,$in2
+ movups $in1,0x10($out)
+ xorps $inout3,$in3
+ movups $in2,0x20($out)
+ movups $in3,0x30($out)
+
+.Lctr32_done:
+___
+$code.=<<___ if ($win64);
+ movaps 0x20(%rsp),%xmm6
+ movaps 0x30(%rsp),%xmm7
+ movaps 0x40(%rsp),%xmm8
+ movaps 0x50(%rsp),%xmm9
+ movaps 0x60(%rsp),%xmm10
+ movaps 0x70(%rsp),%xmm11
+ movaps 0x80(%rsp),%xmm12
+ movaps 0x90(%rsp),%xmm13
+ movaps 0xa0(%rsp),%xmm14
+ movaps 0xb0(%rsp),%xmm15
+ lea 0xc8(%rsp),%rsp
+.Lctr32_ret:
+___
+$code.=<<___;
+ ret
+.size aesni_ctr32_encrypt_blocks,.-aesni_ctr32_encrypt_blocks
+___
+}
+
+######################################################################
+# void aesni_xts_[en|de]crypt(const char *inp,char *out,size_t len,
+# const AES_KEY *key1, const AES_KEY *key2
+# const unsigned char iv[16]);
+#
+{
+my @tweak=map("%xmm$_",(10..15));
+my ($twmask,$twres,$twtmp)=("%xmm8","%xmm9", at tweak[4]);
+my ($key2,$ivp,$len_)=("%r8","%r9","%r9");
+my $frame_size = 0x68 + ($win64?160:0);
+
+$code.=<<___;
+.globl aesni_xts_encrypt
+.type aesni_xts_encrypt,\@function,6
+.align 16
+aesni_xts_encrypt:
+ lea -$frame_size(%rsp),%rsp
+___
+$code.=<<___ if ($win64);
+ movaps %xmm6,0x60(%rsp)
+ movaps %xmm7,0x70(%rsp)
+ movaps %xmm8,0x80(%rsp)
+ movaps %xmm9,0x90(%rsp)
+ movaps %xmm10,0xa0(%rsp)
+ movaps %xmm11,0xb0(%rsp)
+ movaps %xmm12,0xc0(%rsp)
+ movaps %xmm13,0xd0(%rsp)
+ movaps %xmm14,0xe0(%rsp)
+ movaps %xmm15,0xf0(%rsp)
+.Lxts_enc_body:
+___
+$code.=<<___;
+ movups ($ivp), at tweak[5] # load clear-text tweak
+ mov 240(%r8),$rounds # key2->rounds
+ mov 240($key),$rnds_ # key1->rounds
+___
+ # generate the tweak
+ &aesni_generate1("enc",$key2,$rounds, at tweak[5]);
+$code.=<<___;
+ mov $key,$key_ # backup $key
+ mov $rnds_,$rounds # backup $rounds
+ mov $len,$len_ # backup $len
+ and \$-16,$len
+
+ movdqa .Lxts_magic(%rip),$twmask
+ pxor $twtmp,$twtmp
+ pcmpgtd @tweak[5],$twtmp # broadcast upper bits
+___
+ for ($i=0;$i<4;$i++) {
+ $code.=<<___;
+ pshufd \$0x13,$twtmp,$twres
+ pxor $twtmp,$twtmp
+ movdqa @tweak[5], at tweak[$i]
+ paddq @tweak[5], at tweak[5] # psllq 1,$tweak
+ pand $twmask,$twres # isolate carry and residue
+ pcmpgtd @tweak[5],$twtmp # broadcat upper bits
+ pxor $twres, at tweak[5]
+___
+ }
+$code.=<<___;
+ sub \$16*6,$len
+ jc .Lxts_enc_short
+
+ shr \$1,$rounds
+ sub \$1,$rounds
+ mov $rounds,$rnds_
+ jmp .Lxts_enc_grandloop
+
+.align 16
+.Lxts_enc_grandloop:
+ pshufd \$0x13,$twtmp,$twres
+ movdqa @tweak[5], at tweak[4]
+ paddq @tweak[5], at tweak[5] # psllq 1,$tweak
+ movdqu `16*0`($inp),$inout0 # load input
+ pand $twmask,$twres # isolate carry and residue
+ movdqu `16*1`($inp),$inout1
+ pxor $twres, at tweak[5]
+
+ movdqu `16*2`($inp),$inout2
+ pxor @tweak[0],$inout0 # input^=tweak
+ movdqu `16*3`($inp),$inout3
+ pxor @tweak[1],$inout1
+ movdqu `16*4`($inp),$inout4
+ pxor @tweak[2],$inout2
+ movdqu `16*5`($inp),$inout5
+ lea `16*6`($inp),$inp
+ pxor @tweak[3],$inout3
+ $movkey ($key_),$rndkey0
+ pxor @tweak[4],$inout4
+ pxor @tweak[5],$inout5
+
+ # inline _aesni_encrypt6 and interleave first and last rounds
+ # with own code...
+ $movkey 16($key_),$rndkey1
+ pxor $rndkey0,$inout0
+ pxor $rndkey0,$inout1
+ movdqa @tweak[0],`16*0`(%rsp) # put aside tweaks
+ aesenc $rndkey1,$inout0
+ lea 32($key_),$key
+ pxor $rndkey0,$inout2
+ movdqa @tweak[1],`16*1`(%rsp)
+ aesenc $rndkey1,$inout1
+ pxor $rndkey0,$inout3
+ movdqa @tweak[2],`16*2`(%rsp)
+ aesenc $rndkey1,$inout2
+ pxor $rndkey0,$inout4
+ movdqa @tweak[3],`16*3`(%rsp)
+ aesenc $rndkey1,$inout3
+ pxor $rndkey0,$inout5
+ $movkey ($key),$rndkey0
+ dec $rounds
+ movdqa @tweak[4],`16*4`(%rsp)
+ aesenc $rndkey1,$inout4
+ movdqa @tweak[5],`16*5`(%rsp)
+ aesenc $rndkey1,$inout5
+ pxor $twtmp,$twtmp
+ pcmpgtd @tweak[5],$twtmp
+ jmp .Lxts_enc_loop6_enter
+
+.align 16
+.Lxts_enc_loop6:
+ aesenc $rndkey1,$inout0
+ aesenc $rndkey1,$inout1
+ dec $rounds
+ aesenc $rndkey1,$inout2
+ aesenc $rndkey1,$inout3
+ aesenc $rndkey1,$inout4
+ aesenc $rndkey1,$inout5
+.Lxts_enc_loop6_enter:
+ $movkey 16($key),$rndkey1
+ aesenc $rndkey0,$inout0
+ aesenc $rndkey0,$inout1
+ lea 32($key),$key
+ aesenc $rndkey0,$inout2
+ aesenc $rndkey0,$inout3
+ aesenc $rndkey0,$inout4
+ aesenc $rndkey0,$inout5
+ $movkey ($key),$rndkey0
+ jnz .Lxts_enc_loop6
+
+ pshufd \$0x13,$twtmp,$twres
+ pxor $twtmp,$twtmp
+ paddq @tweak[5], at tweak[5] # psllq 1,$tweak
+ aesenc $rndkey1,$inout0
+ pand $twmask,$twres # isolate carry and residue
+ aesenc $rndkey1,$inout1
+ pcmpgtd @tweak[5],$twtmp # broadcast upper bits
+ aesenc $rndkey1,$inout2
+ pxor $twres, at tweak[5]
+ aesenc $rndkey1,$inout3
+ aesenc $rndkey1,$inout4
+ aesenc $rndkey1,$inout5
+ $movkey 16($key),$rndkey1
+
+ pshufd \$0x13,$twtmp,$twres
+ pxor $twtmp,$twtmp
+ movdqa @tweak[5], at tweak[0]
+ paddq @tweak[5], at tweak[5] # psllq 1,$tweak
+ aesenc $rndkey0,$inout0
+ pand $twmask,$twres # isolate carry and residue
+ aesenc $rndkey0,$inout1
+ pcmpgtd @tweak[5],$twtmp # broadcat upper bits
+ aesenc $rndkey0,$inout2
+ pxor $twres, at tweak[5]
+ aesenc $rndkey0,$inout3
+ aesenc $rndkey0,$inout4
+ aesenc $rndkey0,$inout5
+ $movkey 32($key),$rndkey0
+
+ pshufd \$0x13,$twtmp,$twres
+ pxor $twtmp,$twtmp
+ movdqa @tweak[5], at tweak[1]
+ paddq @tweak[5], at tweak[5] # psllq 1,$tweak
+ aesenc $rndkey1,$inout0
+ pand $twmask,$twres # isolate carry and residue
+ aesenc $rndkey1,$inout1
+ pcmpgtd @tweak[5],$twtmp # broadcat upper bits
+ aesenc $rndkey1,$inout2
+ pxor $twres, at tweak[5]
+ aesenc $rndkey1,$inout3
+ aesenc $rndkey1,$inout4
+ aesenc $rndkey1,$inout5
+
+ pshufd \$0x13,$twtmp,$twres
+ pxor $twtmp,$twtmp
+ movdqa @tweak[5], at tweak[2]
+ paddq @tweak[5], at tweak[5] # psllq 1,$tweak
+ aesenclast $rndkey0,$inout0
+ pand $twmask,$twres # isolate carry and residue
+ aesenclast $rndkey0,$inout1
+ pcmpgtd @tweak[5],$twtmp # broadcat upper bits
+ aesenclast $rndkey0,$inout2
+ pxor $twres, at tweak[5]
+ aesenclast $rndkey0,$inout3
+ aesenclast $rndkey0,$inout4
+ aesenclast $rndkey0,$inout5
+
+ pshufd \$0x13,$twtmp,$twres
+ pxor $twtmp,$twtmp
+ movdqa @tweak[5], at tweak[3]
+ paddq @tweak[5], at tweak[5] # psllq 1,$tweak
+ xorps `16*0`(%rsp),$inout0 # output^=tweak
+ pand $twmask,$twres # isolate carry and residue
+ xorps `16*1`(%rsp),$inout1
+ pcmpgtd @tweak[5],$twtmp # broadcat upper bits
+ pxor $twres, at tweak[5]
+
+ xorps `16*2`(%rsp),$inout2
+ movups $inout0,`16*0`($out) # write output
+ xorps `16*3`(%rsp),$inout3
+ movups $inout1,`16*1`($out)
+ xorps `16*4`(%rsp),$inout4
+ movups $inout2,`16*2`($out)
+ xorps `16*5`(%rsp),$inout5
+ movups $inout3,`16*3`($out)
+ mov $rnds_,$rounds # restore $rounds
+ movups $inout4,`16*4`($out)
+ movups $inout5,`16*5`($out)
+ lea `16*6`($out),$out
+ sub \$16*6,$len
+ jnc .Lxts_enc_grandloop
+
+ lea 3($rounds,$rounds),$rounds # restore original value
+ mov $key_,$key # restore $key
+ mov $rounds,$rnds_ # backup $rounds
+
+.Lxts_enc_short:
+ add \$16*6,$len
+ jz .Lxts_enc_done
+
+ cmp \$0x20,$len
+ jb .Lxts_enc_one
+ je .Lxts_enc_two
+
+ cmp \$0x40,$len
+ jb .Lxts_enc_three
+ je .Lxts_enc_four
+
+ pshufd \$0x13,$twtmp,$twres
+ movdqa @tweak[5], at tweak[4]
+ paddq @tweak[5], at tweak[5] # psllq 1,$tweak
+ movdqu ($inp),$inout0
+ pand $twmask,$twres # isolate carry and residue
+ movdqu 16*1($inp),$inout1
+ pxor $twres, at tweak[5]
+
+ movdqu 16*2($inp),$inout2
+ pxor @tweak[0],$inout0
+ movdqu 16*3($inp),$inout3
+ pxor @tweak[1],$inout1
+ movdqu 16*4($inp),$inout4
+ lea 16*5($inp),$inp
+ pxor @tweak[2],$inout2
+ pxor @tweak[3],$inout3
+ pxor @tweak[4],$inout4
+
+ call _aesni_encrypt6
+
+ xorps @tweak[0],$inout0
+ movdqa @tweak[5], at tweak[0]
+ xorps @tweak[1],$inout1
+ xorps @tweak[2],$inout2
+ movdqu $inout0,($out)
+ xorps @tweak[3],$inout3
+ movdqu $inout1,16*1($out)
+ xorps @tweak[4],$inout4
+ movdqu $inout2,16*2($out)
+ movdqu $inout3,16*3($out)
+ movdqu $inout4,16*4($out)
+ lea 16*5($out),$out
+ jmp .Lxts_enc_done
+
+.align 16
+.Lxts_enc_one:
+ movups ($inp),$inout0
+ lea 16*1($inp),$inp
+ xorps @tweak[0],$inout0
+___
+ &aesni_generate1("enc",$key,$rounds);
+$code.=<<___;
+ xorps @tweak[0],$inout0
+ movdqa @tweak[1], at tweak[0]
+ movups $inout0,($out)
+ lea 16*1($out),$out
+ jmp .Lxts_enc_done
+
+.align 16
+.Lxts_enc_two:
+ movups ($inp),$inout0
+ movups 16($inp),$inout1
+ lea 32($inp),$inp
+ xorps @tweak[0],$inout0
+ xorps @tweak[1],$inout1
+
+ call _aesni_encrypt3
+
+ xorps @tweak[0],$inout0
+ movdqa @tweak[2], at tweak[0]
+ xorps @tweak[1],$inout1
+ movups $inout0,($out)
+ movups $inout1,16*1($out)
+ lea 16*2($out),$out
+ jmp .Lxts_enc_done
+
+.align 16
+.Lxts_enc_three:
+ movups ($inp),$inout0
+ movups 16*1($inp),$inout1
+ movups 16*2($inp),$inout2
+ lea 16*3($inp),$inp
+ xorps @tweak[0],$inout0
+ xorps @tweak[1],$inout1
+ xorps @tweak[2],$inout2
+
+ call _aesni_encrypt3
+
+ xorps @tweak[0],$inout0
+ movdqa @tweak[3], at tweak[0]
+ xorps @tweak[1],$inout1
+ xorps @tweak[2],$inout2
+ movups $inout0,($out)
+ movups $inout1,16*1($out)
+ movups $inout2,16*2($out)
+ lea 16*3($out),$out
+ jmp .Lxts_enc_done
+
+.align 16
+.Lxts_enc_four:
+ movups ($inp),$inout0
+ movups 16*1($inp),$inout1
+ movups 16*2($inp),$inout2
+ xorps @tweak[0],$inout0
+ movups 16*3($inp),$inout3
+ lea 16*4($inp),$inp
+ xorps @tweak[1],$inout1
+ xorps @tweak[2],$inout2
+ xorps @tweak[3],$inout3
+
+ call _aesni_encrypt4
+
+ xorps @tweak[0],$inout0
+ movdqa @tweak[5], at tweak[0]
+ xorps @tweak[1],$inout1
+ xorps @tweak[2],$inout2
+ movups $inout0,($out)
+ xorps @tweak[3],$inout3
+ movups $inout1,16*1($out)
+ movups $inout2,16*2($out)
+ movups $inout3,16*3($out)
+ lea 16*4($out),$out
+ jmp .Lxts_enc_done
+
+.align 16
+.Lxts_enc_done:
+ and \$15,$len_
+ jz .Lxts_enc_ret
+ mov $len_,$len
+
+.Lxts_enc_steal:
+ movzb ($inp),%eax # borrow $rounds ...
+ movzb -16($out),%ecx # ... and $key
+ lea 1($inp),$inp
+ mov %al,-16($out)
+ mov %cl,0($out)
+ lea 1($out),$out
+ sub \$1,$len
+ jnz .Lxts_enc_steal
+
+ sub $len_,$out # rewind $out
+ mov $key_,$key # restore $key
+ mov $rnds_,$rounds # restore $rounds
+
+ movups -16($out),$inout0
+ xorps @tweak[0],$inout0
+___
+ &aesni_generate1("enc",$key,$rounds);
+$code.=<<___;
+ xorps @tweak[0],$inout0
+ movups $inout0,-16($out)
+
+.Lxts_enc_ret:
+___
+$code.=<<___ if ($win64);
+ movaps 0x60(%rsp),%xmm6
+ movaps 0x70(%rsp),%xmm7
+ movaps 0x80(%rsp),%xmm8
+ movaps 0x90(%rsp),%xmm9
+ movaps 0xa0(%rsp),%xmm10
+ movaps 0xb0(%rsp),%xmm11
+ movaps 0xc0(%rsp),%xmm12
+ movaps 0xd0(%rsp),%xmm13
+ movaps 0xe0(%rsp),%xmm14
+ movaps 0xf0(%rsp),%xmm15
+___
+$code.=<<___;
+ lea $frame_size(%rsp),%rsp
+.Lxts_enc_epilogue:
+ ret
+.size aesni_xts_encrypt,.-aesni_xts_encrypt
+___
+
+$code.=<<___;
+.globl aesni_xts_decrypt
+.type aesni_xts_decrypt,\@function,6
+.align 16
+aesni_xts_decrypt:
+ lea -$frame_size(%rsp),%rsp
+___
+$code.=<<___ if ($win64);
+ movaps %xmm6,0x60(%rsp)
+ movaps %xmm7,0x70(%rsp)
+ movaps %xmm8,0x80(%rsp)
+ movaps %xmm9,0x90(%rsp)
+ movaps %xmm10,0xa0(%rsp)
+ movaps %xmm11,0xb0(%rsp)
+ movaps %xmm12,0xc0(%rsp)
+ movaps %xmm13,0xd0(%rsp)
+ movaps %xmm14,0xe0(%rsp)
+ movaps %xmm15,0xf0(%rsp)
+.Lxts_dec_body:
+___
+$code.=<<___;
+ movups ($ivp), at tweak[5] # load clear-text tweak
+ mov 240($key2),$rounds # key2->rounds
+ mov 240($key),$rnds_ # key1->rounds
+___
+ # generate the tweak
+ &aesni_generate1("enc",$key2,$rounds, at tweak[5]);
+$code.=<<___;
+ xor %eax,%eax # if ($len%16) len-=16;
+ test \$15,$len
+ setnz %al
+ shl \$4,%rax
+ sub %rax,$len
+
+ mov $key,$key_ # backup $key
+ mov $rnds_,$rounds # backup $rounds
+ mov $len,$len_ # backup $len
+ and \$-16,$len
+
+ movdqa .Lxts_magic(%rip),$twmask
+ pxor $twtmp,$twtmp
+ pcmpgtd @tweak[5],$twtmp # broadcast upper bits
+___
+ for ($i=0;$i<4;$i++) {
+ $code.=<<___;
+ pshufd \$0x13,$twtmp,$twres
+ pxor $twtmp,$twtmp
+ movdqa @tweak[5], at tweak[$i]
+ paddq @tweak[5], at tweak[5] # psllq 1,$tweak
+ pand $twmask,$twres # isolate carry and residue
+ pcmpgtd @tweak[5],$twtmp # broadcat upper bits
+ pxor $twres, at tweak[5]
+___
+ }
+$code.=<<___;
+ sub \$16*6,$len
+ jc .Lxts_dec_short
+
+ shr \$1,$rounds
+ sub \$1,$rounds
+ mov $rounds,$rnds_
+ jmp .Lxts_dec_grandloop
+
+.align 16
+.Lxts_dec_grandloop:
+ pshufd \$0x13,$twtmp,$twres
+ movdqa @tweak[5], at tweak[4]
+ paddq @tweak[5], at tweak[5] # psllq 1,$tweak
+ movdqu `16*0`($inp),$inout0 # load input
+ pand $twmask,$twres # isolate carry and residue
+ movdqu `16*1`($inp),$inout1
+ pxor $twres, at tweak[5]
+
+ movdqu `16*2`($inp),$inout2
+ pxor @tweak[0],$inout0 # input^=tweak
+ movdqu `16*3`($inp),$inout3
+ pxor @tweak[1],$inout1
+ movdqu `16*4`($inp),$inout4
+ pxor @tweak[2],$inout2
+ movdqu `16*5`($inp),$inout5
+ lea `16*6`($inp),$inp
+ pxor @tweak[3],$inout3
+ $movkey ($key_),$rndkey0
+ pxor @tweak[4],$inout4
+ pxor @tweak[5],$inout5
+
+ # inline _aesni_decrypt6 and interleave first and last rounds
+ # with own code...
+ $movkey 16($key_),$rndkey1
+ pxor $rndkey0,$inout0
+ pxor $rndkey0,$inout1
+ movdqa @tweak[0],`16*0`(%rsp) # put aside tweaks
+ aesdec $rndkey1,$inout0
+ lea 32($key_),$key
+ pxor $rndkey0,$inout2
+ movdqa @tweak[1],`16*1`(%rsp)
+ aesdec $rndkey1,$inout1
+ pxor $rndkey0,$inout3
+ movdqa @tweak[2],`16*2`(%rsp)
+ aesdec $rndkey1,$inout2
+ pxor $rndkey0,$inout4
+ movdqa @tweak[3],`16*3`(%rsp)
+ aesdec $rndkey1,$inout3
+ pxor $rndkey0,$inout5
+ $movkey ($key),$rndkey0
+ dec $rounds
+ movdqa @tweak[4],`16*4`(%rsp)
+ aesdec $rndkey1,$inout4
+ movdqa @tweak[5],`16*5`(%rsp)
+ aesdec $rndkey1,$inout5
+ pxor $twtmp,$twtmp
+ pcmpgtd @tweak[5],$twtmp
+ jmp .Lxts_dec_loop6_enter
+
+.align 16
+.Lxts_dec_loop6:
+ aesdec $rndkey1,$inout0
+ aesdec $rndkey1,$inout1
+ dec $rounds
+ aesdec $rndkey1,$inout2
+ aesdec $rndkey1,$inout3
+ aesdec $rndkey1,$inout4
+ aesdec $rndkey1,$inout5
+.Lxts_dec_loop6_enter:
+ $movkey 16($key),$rndkey1
+ aesdec $rndkey0,$inout0
+ aesdec $rndkey0,$inout1
+ lea 32($key),$key
+ aesdec $rndkey0,$inout2
+ aesdec $rndkey0,$inout3
+ aesdec $rndkey0,$inout4
+ aesdec $rndkey0,$inout5
+ $movkey ($key),$rndkey0
+ jnz .Lxts_dec_loop6
+
+ pshufd \$0x13,$twtmp,$twres
+ pxor $twtmp,$twtmp
+ paddq @tweak[5], at tweak[5] # psllq 1,$tweak
+ aesdec $rndkey1,$inout0
+ pand $twmask,$twres # isolate carry and residue
+ aesdec $rndkey1,$inout1
+ pcmpgtd @tweak[5],$twtmp # broadcast upper bits
+ aesdec $rndkey1,$inout2
+ pxor $twres, at tweak[5]
+ aesdec $rndkey1,$inout3
+ aesdec $rndkey1,$inout4
+ aesdec $rndkey1,$inout5
+ $movkey 16($key),$rndkey1
+
+ pshufd \$0x13,$twtmp,$twres
+ pxor $twtmp,$twtmp
+ movdqa @tweak[5], at tweak[0]
+ paddq @tweak[5], at tweak[5] # psllq 1,$tweak
+ aesdec $rndkey0,$inout0
+ pand $twmask,$twres # isolate carry and residue
+ aesdec $rndkey0,$inout1
+ pcmpgtd @tweak[5],$twtmp # broadcat upper bits
+ aesdec $rndkey0,$inout2
+ pxor $twres, at tweak[5]
+ aesdec $rndkey0,$inout3
+ aesdec $rndkey0,$inout4
+ aesdec $rndkey0,$inout5
+ $movkey 32($key),$rndkey0
+
+ pshufd \$0x13,$twtmp,$twres
+ pxor $twtmp,$twtmp
+ movdqa @tweak[5], at tweak[1]
+ paddq @tweak[5], at tweak[5] # psllq 1,$tweak
+ aesdec $rndkey1,$inout0
+ pand $twmask,$twres # isolate carry and residue
+ aesdec $rndkey1,$inout1
+ pcmpgtd @tweak[5],$twtmp # broadcat upper bits
+ aesdec $rndkey1,$inout2
+ pxor $twres, at tweak[5]
+ aesdec $rndkey1,$inout3
+ aesdec $rndkey1,$inout4
+ aesdec $rndkey1,$inout5
+
+ pshufd \$0x13,$twtmp,$twres
+ pxor $twtmp,$twtmp
+ movdqa @tweak[5], at tweak[2]
+ paddq @tweak[5], at tweak[5] # psllq 1,$tweak
+ aesdeclast $rndkey0,$inout0
+ pand $twmask,$twres # isolate carry and residue
+ aesdeclast $rndkey0,$inout1
+ pcmpgtd @tweak[5],$twtmp # broadcat upper bits
+ aesdeclast $rndkey0,$inout2
+ pxor $twres, at tweak[5]
+ aesdeclast $rndkey0,$inout3
+ aesdeclast $rndkey0,$inout4
+ aesdeclast $rndkey0,$inout5
+
+ pshufd \$0x13,$twtmp,$twres
+ pxor $twtmp,$twtmp
+ movdqa @tweak[5], at tweak[3]
+ paddq @tweak[5], at tweak[5] # psllq 1,$tweak
+ xorps `16*0`(%rsp),$inout0 # output^=tweak
+ pand $twmask,$twres # isolate carry and residue
+ xorps `16*1`(%rsp),$inout1
+ pcmpgtd @tweak[5],$twtmp # broadcat upper bits
+ pxor $twres, at tweak[5]
+
+ xorps `16*2`(%rsp),$inout2
+ movups $inout0,`16*0`($out) # write output
+ xorps `16*3`(%rsp),$inout3
+ movups $inout1,`16*1`($out)
+ xorps `16*4`(%rsp),$inout4
+ movups $inout2,`16*2`($out)
+ xorps `16*5`(%rsp),$inout5
+ movups $inout3,`16*3`($out)
+ mov $rnds_,$rounds # restore $rounds
+ movups $inout4,`16*4`($out)
+ movups $inout5,`16*5`($out)
+ lea `16*6`($out),$out
+ sub \$16*6,$len
+ jnc .Lxts_dec_grandloop
+
+ lea 3($rounds,$rounds),$rounds # restore original value
+ mov $key_,$key # restore $key
+ mov $rounds,$rnds_ # backup $rounds
+
+.Lxts_dec_short:
+ add \$16*6,$len
+ jz .Lxts_dec_done
+
+ cmp \$0x20,$len
+ jb .Lxts_dec_one
+ je .Lxts_dec_two
+
+ cmp \$0x40,$len
+ jb .Lxts_dec_three
+ je .Lxts_dec_four
+
+ pshufd \$0x13,$twtmp,$twres
+ movdqa @tweak[5], at tweak[4]
+ paddq @tweak[5], at tweak[5] # psllq 1,$tweak
+ movdqu ($inp),$inout0
+ pand $twmask,$twres # isolate carry and residue
+ movdqu 16*1($inp),$inout1
+ pxor $twres, at tweak[5]
+
+ movdqu 16*2($inp),$inout2
+ pxor @tweak[0],$inout0
+ movdqu 16*3($inp),$inout3
+ pxor @tweak[1],$inout1
+ movdqu 16*4($inp),$inout4
+ lea 16*5($inp),$inp
+ pxor @tweak[2],$inout2
+ pxor @tweak[3],$inout3
+ pxor @tweak[4],$inout4
+
+ call _aesni_decrypt6
+
+ xorps @tweak[0],$inout0
+ xorps @tweak[1],$inout1
+ xorps @tweak[2],$inout2
+ movdqu $inout0,($out)
+ xorps @tweak[3],$inout3
+ movdqu $inout1,16*1($out)
+ xorps @tweak[4],$inout4
+ movdqu $inout2,16*2($out)
+ pxor $twtmp,$twtmp
+ movdqu $inout3,16*3($out)
+ pcmpgtd @tweak[5],$twtmp
+ movdqu $inout4,16*4($out)
+ lea 16*5($out),$out
+ pshufd \$0x13,$twtmp, at tweak[1] # $twres
+ and \$15,$len_
+ jz .Lxts_dec_ret
+
+ movdqa @tweak[5], at tweak[0]
+ paddq @tweak[5], at tweak[5] # psllq 1,$tweak
+ pand $twmask, at tweak[1] # isolate carry and residue
+ pxor @tweak[5], at tweak[1]
+ jmp .Lxts_dec_done2
+
+.align 16
+.Lxts_dec_one:
+ movups ($inp),$inout0
+ lea 16*1($inp),$inp
+ xorps @tweak[0],$inout0
+___
+ &aesni_generate1("dec",$key,$rounds);
+$code.=<<___;
+ xorps @tweak[0],$inout0
+ movdqa @tweak[1], at tweak[0]
+ movups $inout0,($out)
+ movdqa @tweak[2], at tweak[1]
+ lea 16*1($out),$out
+ jmp .Lxts_dec_done
+
+.align 16
+.Lxts_dec_two:
+ movups ($inp),$inout0
+ movups 16($inp),$inout1
+ lea 32($inp),$inp
+ xorps @tweak[0],$inout0
+ xorps @tweak[1],$inout1
+
+ call _aesni_decrypt3
+
+ xorps @tweak[0],$inout0
+ movdqa @tweak[2], at tweak[0]
+ xorps @tweak[1],$inout1
+ movdqa @tweak[3], at tweak[1]
+ movups $inout0,($out)
+ movups $inout1,16*1($out)
+ lea 16*2($out),$out
+ jmp .Lxts_dec_done
+
+.align 16
+.Lxts_dec_three:
+ movups ($inp),$inout0
+ movups 16*1($inp),$inout1
+ movups 16*2($inp),$inout2
+ lea 16*3($inp),$inp
+ xorps @tweak[0],$inout0
+ xorps @tweak[1],$inout1
+ xorps @tweak[2],$inout2
+
+ call _aesni_decrypt3
+
+ xorps @tweak[0],$inout0
+ movdqa @tweak[3], at tweak[0]
+ xorps @tweak[1],$inout1
+ movdqa @tweak[5], at tweak[1]
+ xorps @tweak[2],$inout2
+ movups $inout0,($out)
+ movups $inout1,16*1($out)
+ movups $inout2,16*2($out)
+ lea 16*3($out),$out
+ jmp .Lxts_dec_done
+
+.align 16
+.Lxts_dec_four:
+ pshufd \$0x13,$twtmp,$twres
+ movdqa @tweak[5], at tweak[4]
+ paddq @tweak[5], at tweak[5] # psllq 1,$tweak
+ movups ($inp),$inout0
+ pand $twmask,$twres # isolate carry and residue
+ movups 16*1($inp),$inout1
+ pxor $twres, at tweak[5]
+
+ movups 16*2($inp),$inout2
+ xorps @tweak[0],$inout0
+ movups 16*3($inp),$inout3
+ lea 16*4($inp),$inp
+ xorps @tweak[1],$inout1
+ xorps @tweak[2],$inout2
+ xorps @tweak[3],$inout3
+
+ call _aesni_decrypt4
+
+ xorps @tweak[0],$inout0
+ movdqa @tweak[4], at tweak[0]
+ xorps @tweak[1],$inout1
+ movdqa @tweak[5], at tweak[1]
+ xorps @tweak[2],$inout2
+ movups $inout0,($out)
+ xorps @tweak[3],$inout3
+ movups $inout1,16*1($out)
+ movups $inout2,16*2($out)
+ movups $inout3,16*3($out)
+ lea 16*4($out),$out
+ jmp .Lxts_dec_done
+
+.align 16
+.Lxts_dec_done:
+ and \$15,$len_
+ jz .Lxts_dec_ret
+.Lxts_dec_done2:
+ mov $len_,$len
+ mov $key_,$key # restore $key
+ mov $rnds_,$rounds # restore $rounds
+
+ movups ($inp),$inout0
+ xorps @tweak[1],$inout0
+___
+ &aesni_generate1("dec",$key,$rounds);
+$code.=<<___;
+ xorps @tweak[1],$inout0
+ movups $inout0,($out)
+
+.Lxts_dec_steal:
+ movzb 16($inp),%eax # borrow $rounds ...
+ movzb ($out),%ecx # ... and $key
+ lea 1($inp),$inp
+ mov %al,($out)
+ mov %cl,16($out)
+ lea 1($out),$out
+ sub \$1,$len
+ jnz .Lxts_dec_steal
+
+ sub $len_,$out # rewind $out
+ mov $key_,$key # restore $key
+ mov $rnds_,$rounds # restore $rounds
+
+ movups ($out),$inout0
+ xorps @tweak[0],$inout0
+___
+ &aesni_generate1("dec",$key,$rounds);
+$code.=<<___;
+ xorps @tweak[0],$inout0
+ movups $inout0,($out)
+
+.Lxts_dec_ret:
+___
+$code.=<<___ if ($win64);
+ movaps 0x60(%rsp),%xmm6
+ movaps 0x70(%rsp),%xmm7
+ movaps 0x80(%rsp),%xmm8
+ movaps 0x90(%rsp),%xmm9
+ movaps 0xa0(%rsp),%xmm10
+ movaps 0xb0(%rsp),%xmm11
+ movaps 0xc0(%rsp),%xmm12
+ movaps 0xd0(%rsp),%xmm13
+ movaps 0xe0(%rsp),%xmm14
+ movaps 0xf0(%rsp),%xmm15
+___
+$code.=<<___;
+ lea $frame_size(%rsp),%rsp
+.Lxts_dec_epilogue:
+ ret
+.size aesni_xts_decrypt,.-aesni_xts_decrypt
+___
+} }}
+
+########################################################################
+# void $PREFIX_cbc_encrypt (const void *inp, void *out,
+# size_t length, const AES_KEY *key,
+# unsigned char *ivp,const int enc);
+{
+my $reserved = $win64?0x40:-0x18; # used in decrypt
+$code.=<<___;
+.globl ${PREFIX}_cbc_encrypt
+.type ${PREFIX}_cbc_encrypt,\@function,6
+.align 16
+${PREFIX}_cbc_encrypt:
+ test $len,$len # check length
+ jz .Lcbc_ret
+
+ mov 240($key),$rnds_ # key->rounds
+ mov $key,$key_ # backup $key
+ test %r9d,%r9d # 6th argument
+ jz .Lcbc_decrypt
+#--------------------------- CBC ENCRYPT ------------------------------#
+ movups ($ivp),$inout0 # load iv as initial state
+ mov $rnds_,$rounds
+ cmp \$16,$len
+ jb .Lcbc_enc_tail
+ sub \$16,$len
+ jmp .Lcbc_enc_loop
+.align 16
+.Lcbc_enc_loop:
+ movups ($inp),$inout1 # load input
+ lea 16($inp),$inp
+ #xorps $inout1,$inout0
+___
+ &aesni_generate1("enc",$key,$rounds,$inout0,$inout1);
+$code.=<<___;
+ mov $rnds_,$rounds # restore $rounds
+ mov $key_,$key # restore $key
+ movups $inout0,0($out) # store output
+ lea 16($out),$out
+ sub \$16,$len
+ jnc .Lcbc_enc_loop
+ add \$16,$len
+ jnz .Lcbc_enc_tail
+ movups $inout0,($ivp)
+ jmp .Lcbc_ret
+
+.Lcbc_enc_tail:
+ mov $len,%rcx # zaps $key
+ xchg $inp,$out # $inp is %rsi and $out is %rdi now
+ .long 0x9066A4F3 # rep movsb
+ mov \$16,%ecx # zero tail
+ sub $len,%rcx
+ xor %eax,%eax
+ .long 0x9066AAF3 # rep stosb
+ lea -16(%rdi),%rdi # rewind $out by 1 block
+ mov $rnds_,$rounds # restore $rounds
+ mov %rdi,%rsi # $inp and $out are the same
+ mov $key_,$key # restore $key
+ xor $len,$len # len=16
+ jmp .Lcbc_enc_loop # one more spin
+
#--------------------------- CBC DECRYPT ------------------------------#
+.align 16
+.Lcbc_decrypt:
+___
+$code.=<<___ if ($win64);
+ lea -0x58(%rsp),%rsp
+ movaps %xmm6,(%rsp)
+ movaps %xmm7,0x10(%rsp)
+ movaps %xmm8,0x20(%rsp)
+ movaps %xmm9,0x30(%rsp)
+.Lcbc_decrypt_body:
+___
+$code.=<<___;
+ movups ($ivp),$iv
+ mov $rnds_,$rounds
+ cmp \$0x70,$len
+ jbe .Lcbc_dec_tail
+ shr \$1,$rnds_
+ sub \$0x70,$len
+ mov $rnds_,$rounds
+ movaps $iv,$reserved(%rsp)
+ jmp .Lcbc_dec_loop8_enter
+.align 16
+.Lcbc_dec_loop8:
+ movaps $rndkey0,$reserved(%rsp) # save IV
+ movups $inout7,($out)
+ lea 0x10($out),$out
+.Lcbc_dec_loop8_enter:
+ $movkey ($key),$rndkey0
+ movups ($inp),$inout0 # load input
+ movups 0x10($inp),$inout1
+ $movkey 16($key),$rndkey1
+
+ lea 32($key),$key
+ movdqu 0x20($inp),$inout2
+ xorps $rndkey0,$inout0
+ movdqu 0x30($inp),$inout3
+ xorps $rndkey0,$inout1
+ movdqu 0x40($inp),$inout4
+ aesdec $rndkey1,$inout0
+ pxor $rndkey0,$inout2
+ movdqu 0x50($inp),$inout5
+ aesdec $rndkey1,$inout1
+ pxor $rndkey0,$inout3
+ movdqu 0x60($inp),$inout6
+ aesdec $rndkey1,$inout2
+ pxor $rndkey0,$inout4
+ movdqu 0x70($inp),$inout7
+ aesdec $rndkey1,$inout3
+ pxor $rndkey0,$inout5
+ dec $rounds
+ aesdec $rndkey1,$inout4
+ pxor $rndkey0,$inout6
+ aesdec $rndkey1,$inout5
+ pxor $rndkey0,$inout7
+ $movkey ($key),$rndkey0
+ aesdec $rndkey1,$inout6
+ aesdec $rndkey1,$inout7
+ $movkey 16($key),$rndkey1
+
+ call .Ldec_loop8_enter
+
+ movups ($inp),$rndkey1 # re-load input
+ movups 0x10($inp),$rndkey0
+ xorps $reserved(%rsp),$inout0 # ^= IV
+ xorps $rndkey1,$inout1
+ movups 0x20($inp),$rndkey1
+ xorps $rndkey0,$inout2
+ movups 0x30($inp),$rndkey0
+ xorps $rndkey1,$inout3
+ movups 0x40($inp),$rndkey1
+ xorps $rndkey0,$inout4
+ movups 0x50($inp),$rndkey0
+ xorps $rndkey1,$inout5
+ movups 0x60($inp),$rndkey1
+ xorps $rndkey0,$inout6
+ movups 0x70($inp),$rndkey0 # IV
+ xorps $rndkey1,$inout7
+ movups $inout0,($out)
+ movups $inout1,0x10($out)
+ movups $inout2,0x20($out)
+ movups $inout3,0x30($out)
+ mov $rnds_,$rounds # restore $rounds
+ movups $inout4,0x40($out)
+ mov $key_,$key # restore $key
+ movups $inout5,0x50($out)
+ lea 0x80($inp),$inp
+ movups $inout6,0x60($out)
+ lea 0x70($out),$out
+ sub \$0x80,$len
+ ja .Lcbc_dec_loop8
+
+ movaps $inout7,$inout0
+ movaps $rndkey0,$iv
+ add \$0x70,$len
+ jle .Lcbc_dec_tail_collected
+ movups $inout0,($out)
+ lea 1($rnds_,$rnds_),$rounds
+ lea 0x10($out),$out
+.Lcbc_dec_tail:
+ movups ($inp),$inout0
+ movaps $inout0,$in0
+ cmp \$0x10,$len
+ jbe .Lcbc_dec_one
+
+ movups 0x10($inp),$inout1
+ movaps $inout1,$in1
+ cmp \$0x20,$len
+ jbe .Lcbc_dec_two
+
+ movups 0x20($inp),$inout2
+ movaps $inout2,$in2
+ cmp \$0x30,$len
+ jbe .Lcbc_dec_three
+
+ movups 0x30($inp),$inout3
+ cmp \$0x40,$len
+ jbe .Lcbc_dec_four
+
+ movups 0x40($inp),$inout4
+ cmp \$0x50,$len
+ jbe .Lcbc_dec_five
+
+ movups 0x50($inp),$inout5
+ cmp \$0x60,$len
+ jbe .Lcbc_dec_six
+
+ movups 0x60($inp),$inout6
+ movaps $iv,$reserved(%rsp) # save IV
+ call _aesni_decrypt8
+ movups ($inp),$rndkey1
+ movups 0x10($inp),$rndkey0
+ xorps $reserved(%rsp),$inout0 # ^= IV
+ xorps $rndkey1,$inout1
+ movups 0x20($inp),$rndkey1
+ xorps $rndkey0,$inout2
+ movups 0x30($inp),$rndkey0
+ xorps $rndkey1,$inout3
+ movups 0x40($inp),$rndkey1
+ xorps $rndkey0,$inout4
+ movups 0x50($inp),$rndkey0
+ xorps $rndkey1,$inout5
+ movups 0x60($inp),$iv # IV
+ xorps $rndkey0,$inout6
+ movups $inout0,($out)
+ movups $inout1,0x10($out)
+ movups $inout2,0x20($out)
+ movups $inout3,0x30($out)
+ movups $inout4,0x40($out)
+ movups $inout5,0x50($out)
+ lea 0x60($out),$out
+ movaps $inout6,$inout0
+ sub \$0x70,$len
+ jmp .Lcbc_dec_tail_collected
+.align 16
+.Lcbc_dec_one:
+___
+ &aesni_generate1("dec",$key,$rounds);
+$code.=<<___;
+ xorps $iv,$inout0
+ movaps $in0,$iv
+ sub \$0x10,$len
+ jmp .Lcbc_dec_tail_collected
+.align 16
+.Lcbc_dec_two:
+ xorps $inout2,$inout2
+ call _aesni_decrypt3
+ xorps $iv,$inout0
+ xorps $in0,$inout1
+ movups $inout0,($out)
+ movaps $in1,$iv
+ movaps $inout1,$inout0
+ lea 0x10($out),$out
+ sub \$0x20,$len
+ jmp .Lcbc_dec_tail_collected
+.align 16
+.Lcbc_dec_three:
+ call _aesni_decrypt3
+ xorps $iv,$inout0
+ xorps $in0,$inout1
+ movups $inout0,($out)
+ xorps $in1,$inout2
+ movups $inout1,0x10($out)
+ movaps $in2,$iv
+ movaps $inout2,$inout0
+ lea 0x20($out),$out
+ sub \$0x30,$len
+ jmp .Lcbc_dec_tail_collected
+.align 16
+.Lcbc_dec_four:
+ call _aesni_decrypt4
+ xorps $iv,$inout0
+ movups 0x30($inp),$iv
+ xorps $in0,$inout1
+ movups $inout0,($out)
+ xorps $in1,$inout2
+ movups $inout1,0x10($out)
+ xorps $in2,$inout3
+ movups $inout2,0x20($out)
+ movaps $inout3,$inout0
+ lea 0x30($out),$out
+ sub \$0x40,$len
+ jmp .Lcbc_dec_tail_collected
+.align 16
+.Lcbc_dec_five:
+ xorps $inout5,$inout5
+ call _aesni_decrypt6
+ movups 0x10($inp),$rndkey1
+ movups 0x20($inp),$rndkey0
+ xorps $iv,$inout0
+ xorps $in0,$inout1
+ xorps $rndkey1,$inout2
+ movups 0x30($inp),$rndkey1
+ xorps $rndkey0,$inout3
+ movups 0x40($inp),$iv
+ xorps $rndkey1,$inout4
+ movups $inout0,($out)
+ movups $inout1,0x10($out)
+ movups $inout2,0x20($out)
+ movups $inout3,0x30($out)
+ lea 0x40($out),$out
+ movaps $inout4,$inout0
+ sub \$0x50,$len
+ jmp .Lcbc_dec_tail_collected
+.align 16
+.Lcbc_dec_six:
+ call _aesni_decrypt6
+ movups 0x10($inp),$rndkey1
+ movups 0x20($inp),$rndkey0
+ xorps $iv,$inout0
+ xorps $in0,$inout1
+ xorps $rndkey1,$inout2
+ movups 0x30($inp),$rndkey1
+ xorps $rndkey0,$inout3
+ movups 0x40($inp),$rndkey0
+ xorps $rndkey1,$inout4
+ movups 0x50($inp),$iv
+ xorps $rndkey0,$inout5
+ movups $inout0,($out)
+ movups $inout1,0x10($out)
+ movups $inout2,0x20($out)
+ movups $inout3,0x30($out)
+ movups $inout4,0x40($out)
+ lea 0x50($out),$out
+ movaps $inout5,$inout0
+ sub \$0x60,$len
+ jmp .Lcbc_dec_tail_collected
+.align 16
+.Lcbc_dec_tail_collected:
+ and \$15,$len
+ movups $iv,($ivp)
+ jnz .Lcbc_dec_tail_partial
+ movups $inout0,($out)
+ jmp .Lcbc_dec_ret
+.align 16
+.Lcbc_dec_tail_partial:
+ movaps $inout0,$reserved(%rsp)
+ mov \$16,%rcx
+ mov $out,%rdi
+ sub $len,%rcx
+ lea $reserved(%rsp),%rsi
+ .long 0x9066A4F3 # rep movsb
+
+.Lcbc_dec_ret:
+___
+$code.=<<___ if ($win64);
+ movaps (%rsp),%xmm6
+ movaps 0x10(%rsp),%xmm7
+ movaps 0x20(%rsp),%xmm8
+ movaps 0x30(%rsp),%xmm9
+ lea 0x58(%rsp),%rsp
+___
+$code.=<<___;
+.Lcbc_ret:
+ ret
+.size ${PREFIX}_cbc_encrypt,.-${PREFIX}_cbc_encrypt
+___
+}
+# int $PREFIX_set_[en|de]crypt_key (const unsigned char *userKey,
+# int bits, AES_KEY *key)
+{ my ($inp,$bits,$key) = @_4args;
+ $bits =~ s/%r/%e/;
+
+$code.=<<___;
+.globl ${PREFIX}_set_decrypt_key
+.type ${PREFIX}_set_decrypt_key,\@abi-omnipotent
+.align 16
+${PREFIX}_set_decrypt_key:
+ .byte 0x48,0x83,0xEC,0x08 # sub rsp,8
+ call __aesni_set_encrypt_key
+ shl \$4,$bits # rounds-1 after _aesni_set_encrypt_key
+ test %eax,%eax
+ jnz .Ldec_key_ret
+ lea 16($key,$bits),$inp # points at the end of key schedule
+
+ $movkey ($key),%xmm0 # just swap
+ $movkey ($inp),%xmm1
+ $movkey %xmm0,($inp)
+ $movkey %xmm1,($key)
+ lea 16($key),$key
+ lea -16($inp),$inp
+
+.Ldec_key_inverse:
+ $movkey ($key),%xmm0 # swap and inverse
+ $movkey ($inp),%xmm1
+ aesimc %xmm0,%xmm0
+ aesimc %xmm1,%xmm1
+ lea 16($key),$key
+ lea -16($inp),$inp
+ $movkey %xmm0,16($inp)
+ $movkey %xmm1,-16($key)
+ cmp $key,$inp
+ ja .Ldec_key_inverse
+
+ $movkey ($key),%xmm0 # inverse middle
+ aesimc %xmm0,%xmm0
+ $movkey %xmm0,($inp)
+.Ldec_key_ret:
+ add \$8,%rsp
+ ret
+.LSEH_end_set_decrypt_key:
+.size ${PREFIX}_set_decrypt_key,.-${PREFIX}_set_decrypt_key
+___
+
+# This is based on submission by
+#
+# Huang Ying <ying.huang at intel.com>
+# Vinodh Gopal <vinodh.gopal at intel.com>
+# Kahraman Akdemir
+#
+# Agressively optimized in respect to aeskeygenassist's critical path
+# and is contained in %xmm0-5 to meet Win64 ABI requirement.
+#
+$code.=<<___;
+.globl ${PREFIX}_set_encrypt_key
+.type ${PREFIX}_set_encrypt_key,\@abi-omnipotent
+.align 16
+${PREFIX}_set_encrypt_key:
+__aesni_set_encrypt_key:
+ .byte 0x48,0x83,0xEC,0x08 # sub rsp,8
+ mov \$-1,%rax
+ test $inp,$inp
+ jz .Lenc_key_ret
+ test $key,$key
+ jz .Lenc_key_ret
+
+ movups ($inp),%xmm0 # pull first 128 bits of *userKey
+ xorps %xmm4,%xmm4 # low dword of xmm4 is assumed 0
+ lea 16($key),%rax
+ cmp \$256,$bits
+ je .L14rounds
+ cmp \$192,$bits
+ je .L12rounds
+ cmp \$128,$bits
+ jne .Lbad_keybits
+
+.L10rounds:
+ mov \$9,$bits # 10 rounds for 128-bit key
+ $movkey %xmm0,($key) # round 0
+ aeskeygenassist \$0x1,%xmm0,%xmm1 # round 1
+ call .Lkey_expansion_128_cold
+ aeskeygenassist \$0x2,%xmm0,%xmm1 # round 2
+ call .Lkey_expansion_128
+ aeskeygenassist \$0x4,%xmm0,%xmm1 # round 3
+ call .Lkey_expansion_128
+ aeskeygenassist \$0x8,%xmm0,%xmm1 # round 4
+ call .Lkey_expansion_128
+ aeskeygenassist \$0x10,%xmm0,%xmm1 # round 5
+ call .Lkey_expansion_128
+ aeskeygenassist \$0x20,%xmm0,%xmm1 # round 6
+ call .Lkey_expansion_128
+ aeskeygenassist \$0x40,%xmm0,%xmm1 # round 7
+ call .Lkey_expansion_128
+ aeskeygenassist \$0x80,%xmm0,%xmm1 # round 8
+ call .Lkey_expansion_128
+ aeskeygenassist \$0x1b,%xmm0,%xmm1 # round 9
+ call .Lkey_expansion_128
+ aeskeygenassist \$0x36,%xmm0,%xmm1 # round 10
+ call .Lkey_expansion_128
+ $movkey %xmm0,(%rax)
+ mov $bits,80(%rax) # 240(%rdx)
+ xor %eax,%eax
+ jmp .Lenc_key_ret
+
+.align 16
+.L12rounds:
+ movq 16($inp),%xmm2 # remaining 1/3 of *userKey
+ mov \$11,$bits # 12 rounds for 192
+ $movkey %xmm0,($key) # round 0
+ aeskeygenassist \$0x1,%xmm2,%xmm1 # round 1,2
+ call .Lkey_expansion_192a_cold
+ aeskeygenassist \$0x2,%xmm2,%xmm1 # round 2,3
+ call .Lkey_expansion_192b
+ aeskeygenassist \$0x4,%xmm2,%xmm1 # round 4,5
+ call .Lkey_expansion_192a
+ aeskeygenassist \$0x8,%xmm2,%xmm1 # round 5,6
+ call .Lkey_expansion_192b
+ aeskeygenassist \$0x10,%xmm2,%xmm1 # round 7,8
+ call .Lkey_expansion_192a
+ aeskeygenassist \$0x20,%xmm2,%xmm1 # round 8,9
+ call .Lkey_expansion_192b
+ aeskeygenassist \$0x40,%xmm2,%xmm1 # round 10,11
+ call .Lkey_expansion_192a
+ aeskeygenassist \$0x80,%xmm2,%xmm1 # round 11,12
+ call .Lkey_expansion_192b
+ $movkey %xmm0,(%rax)
+ mov $bits,48(%rax) # 240(%rdx)
+ xor %rax, %rax
+ jmp .Lenc_key_ret
+
+.align 16
+.L14rounds:
+ movups 16($inp),%xmm2 # remaning half of *userKey
+ mov \$13,$bits # 14 rounds for 256
+ lea 16(%rax),%rax
+ $movkey %xmm0,($key) # round 0
+ $movkey %xmm2,16($key) # round 1
+ aeskeygenassist \$0x1,%xmm2,%xmm1 # round 2
+ call .Lkey_expansion_256a_cold
+ aeskeygenassist \$0x1,%xmm0,%xmm1 # round 3
+ call .Lkey_expansion_256b
+ aeskeygenassist \$0x2,%xmm2,%xmm1 # round 4
+ call .Lkey_expansion_256a
+ aeskeygenassist \$0x2,%xmm0,%xmm1 # round 5
+ call .Lkey_expansion_256b
+ aeskeygenassist \$0x4,%xmm2,%xmm1 # round 6
+ call .Lkey_expansion_256a
+ aeskeygenassist \$0x4,%xmm0,%xmm1 # round 7
+ call .Lkey_expansion_256b
+ aeskeygenassist \$0x8,%xmm2,%xmm1 # round 8
+ call .Lkey_expansion_256a
+ aeskeygenassist \$0x8,%xmm0,%xmm1 # round 9
+ call .Lkey_expansion_256b
+ aeskeygenassist \$0x10,%xmm2,%xmm1 # round 10
+ call .Lkey_expansion_256a
+ aeskeygenassist \$0x10,%xmm0,%xmm1 # round 11
+ call .Lkey_expansion_256b
+ aeskeygenassist \$0x20,%xmm2,%xmm1 # round 12
+ call .Lkey_expansion_256a
+ aeskeygenassist \$0x20,%xmm0,%xmm1 # round 13
+ call .Lkey_expansion_256b
+ aeskeygenassist \$0x40,%xmm2,%xmm1 # round 14
+ call .Lkey_expansion_256a
+ $movkey %xmm0,(%rax)
+ mov $bits,16(%rax) # 240(%rdx)
+ xor %rax,%rax
+ jmp .Lenc_key_ret
+
+.align 16
+.Lbad_keybits:
+ mov \$-2,%rax
+.Lenc_key_ret:
+ add \$8,%rsp
+ ret
+.LSEH_end_set_encrypt_key:
+
+.align 16
+.Lkey_expansion_128:
+ $movkey %xmm0,(%rax)
+ lea 16(%rax),%rax
+.Lkey_expansion_128_cold:
+ shufps \$0b00010000,%xmm0,%xmm4
+ xorps %xmm4, %xmm0
+ shufps \$0b10001100,%xmm0,%xmm4
+ xorps %xmm4, %xmm0
+ shufps \$0b11111111,%xmm1,%xmm1 # critical path
+ xorps %xmm1,%xmm0
+ ret
+
+.align 16
+.Lkey_expansion_192a:
+ $movkey %xmm0,(%rax)
+ lea 16(%rax),%rax
+.Lkey_expansion_192a_cold:
+ movaps %xmm2, %xmm5
+.Lkey_expansion_192b_warm:
+ shufps \$0b00010000,%xmm0,%xmm4
+ movdqa %xmm2,%xmm3
+ xorps %xmm4,%xmm0
+ shufps \$0b10001100,%xmm0,%xmm4
+ pslldq \$4,%xmm3
+ xorps %xmm4,%xmm0
+ pshufd \$0b01010101,%xmm1,%xmm1 # critical path
+ pxor %xmm3,%xmm2
+ pxor %xmm1,%xmm0
+ pshufd \$0b11111111,%xmm0,%xmm3
+ pxor %xmm3,%xmm2
+ ret
+
+.align 16
+.Lkey_expansion_192b:
+ movaps %xmm0,%xmm3
+ shufps \$0b01000100,%xmm0,%xmm5
+ $movkey %xmm5,(%rax)
+ shufps \$0b01001110,%xmm2,%xmm3
+ $movkey %xmm3,16(%rax)
+ lea 32(%rax),%rax
+ jmp .Lkey_expansion_192b_warm
+
+.align 16
+.Lkey_expansion_256a:
+ $movkey %xmm2,(%rax)
+ lea 16(%rax),%rax
+.Lkey_expansion_256a_cold:
+ shufps \$0b00010000,%xmm0,%xmm4
+ xorps %xmm4,%xmm0
+ shufps \$0b10001100,%xmm0,%xmm4
+ xorps %xmm4,%xmm0
+ shufps \$0b11111111,%xmm1,%xmm1 # critical path
+ xorps %xmm1,%xmm0
+ ret
+
+.align 16
+.Lkey_expansion_256b:
+ $movkey %xmm0,(%rax)
+ lea 16(%rax),%rax
+
+ shufps \$0b00010000,%xmm2,%xmm4
+ xorps %xmm4,%xmm2
+ shufps \$0b10001100,%xmm2,%xmm4
+ xorps %xmm4,%xmm2
+ shufps \$0b10101010,%xmm1,%xmm1 # critical path
+ xorps %xmm1,%xmm2
+ ret
+.size ${PREFIX}_set_encrypt_key,.-${PREFIX}_set_encrypt_key
+.size __aesni_set_encrypt_key,.-__aesni_set_encrypt_key
+___
+}
+
+$code.=<<___;
+.align 64
+.Lbswap_mask:
+ .byte 15,14,13,12,11,10,9,8,7,6,5,4,3,2,1,0
+.Lincrement32:
+ .long 6,6,6,0
+.Lincrement64:
+ .long 1,0,0,0
+.Lxts_magic:
+ .long 0x87,0,1,0
+
+.asciz "AES for Intel AES-NI, CRYPTOGAMS by <appro\@openssl.org>"
+.align 64
+___
+
+# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
+# CONTEXT *context,DISPATCHER_CONTEXT *disp)
+if ($win64) {
+$rec="%rcx";
+$frame="%rdx";
+$context="%r8";
+$disp="%r9";
+
+$code.=<<___;
+.extern __imp_RtlVirtualUnwind
+___
+$code.=<<___ if ($PREFIX eq "aesni");
+.type ecb_ccm64_se_handler,\@abi-omnipotent
+.align 16
+ecb_ccm64_se_handler:
+ push %rsi
+ push %rdi
+ push %rbx
+ push %rbp
+ push %r12
+ push %r13
+ push %r14
+ push %r15
+ pushfq
+ sub \$64,%rsp
+
+ mov 120($context),%rax # pull context->Rax
+ mov 248($context),%rbx # pull context->Rip
+
+ mov 8($disp),%rsi # disp->ImageBase
+ mov 56($disp),%r11 # disp->HandlerData
+
+ mov 0(%r11),%r10d # HandlerData[0]
+ lea (%rsi,%r10),%r10 # prologue label
+ cmp %r10,%rbx # context->Rip<prologue label
+ jb .Lcommon_seh_tail
+
+ mov 152($context),%rax # pull context->Rsp
+
+ mov 4(%r11),%r10d # HandlerData[1]
+ lea (%rsi,%r10),%r10 # epilogue label
+ cmp %r10,%rbx # context->Rip>=epilogue label
+ jae .Lcommon_seh_tail
+
+ lea 0(%rax),%rsi # %xmm save area
+ lea 512($context),%rdi # &context.Xmm6
+ mov \$8,%ecx # 4*sizeof(%xmm0)/sizeof(%rax)
+ .long 0xa548f3fc # cld; rep movsq
+ lea 0x58(%rax),%rax # adjust stack pointer
+
+ jmp .Lcommon_seh_tail
+.size ecb_ccm64_se_handler,.-ecb_ccm64_se_handler
+
+.type ctr32_se_handler,\@abi-omnipotent
+.align 16
+ctr32_se_handler:
+ push %rsi
+ push %rdi
+ push %rbx
+ push %rbp
+ push %r12
+ push %r13
+ push %r14
+ push %r15
+ pushfq
+ sub \$64,%rsp
+
+ mov 120($context),%rax # pull context->Rax
+ mov 248($context),%rbx # pull context->Rip
+
+ lea .Lctr32_body(%rip),%r10
+ cmp %r10,%rbx # context->Rip<"prologue" label
+ jb .Lcommon_seh_tail
+
+ mov 152($context),%rax # pull context->Rsp
+
+ lea .Lctr32_ret(%rip),%r10
+ cmp %r10,%rbx
+ jae .Lcommon_seh_tail
+
+ lea 0x20(%rax),%rsi # %xmm save area
+ lea 512($context),%rdi # &context.Xmm6
+ mov \$20,%ecx # 10*sizeof(%xmm0)/sizeof(%rax)
+ .long 0xa548f3fc # cld; rep movsq
+ lea 0xc8(%rax),%rax # adjust stack pointer
+
+ jmp .Lcommon_seh_tail
+.size ctr32_se_handler,.-ctr32_se_handler
+
+.type xts_se_handler,\@abi-omnipotent
+.align 16
+xts_se_handler:
+ push %rsi
+ push %rdi
+ push %rbx
+ push %rbp
+ push %r12
+ push %r13
+ push %r14
+ push %r15
+ pushfq
+ sub \$64,%rsp
+
+ mov 120($context),%rax # pull context->Rax
+ mov 248($context),%rbx # pull context->Rip
+
+ mov 8($disp),%rsi # disp->ImageBase
+ mov 56($disp),%r11 # disp->HandlerData
+
+ mov 0(%r11),%r10d # HandlerData[0]
+ lea (%rsi,%r10),%r10 # prologue lable
+ cmp %r10,%rbx # context->Rip<prologue label
+ jb .Lcommon_seh_tail
+
+ mov 152($context),%rax # pull context->Rsp
+
+ mov 4(%r11),%r10d # HandlerData[1]
+ lea (%rsi,%r10),%r10 # epilogue label
+ cmp %r10,%rbx # context->Rip>=epilogue label
+ jae .Lcommon_seh_tail
+
+ lea 0x60(%rax),%rsi # %xmm save area
+ lea 512($context),%rdi # & context.Xmm6
+ mov \$20,%ecx # 10*sizeof(%xmm0)/sizeof(%rax)
+ .long 0xa548f3fc # cld; rep movsq
+ lea 0x68+160(%rax),%rax # adjust stack pointer
+
+ jmp .Lcommon_seh_tail
+.size xts_se_handler,.-xts_se_handler
+___
+$code.=<<___;
+.type cbc_se_handler,\@abi-omnipotent
+.align 16
+cbc_se_handler:
+ push %rsi
+ push %rdi
+ push %rbx
+ push %rbp
+ push %r12
+ push %r13
+ push %r14
+ push %r15
+ pushfq
+ sub \$64,%rsp
+
+ mov 152($context),%rax # pull context->Rsp
+ mov 248($context),%rbx # pull context->Rip
+
+ lea .Lcbc_decrypt(%rip),%r10
+ cmp %r10,%rbx # context->Rip<"prologue" label
+ jb .Lcommon_seh_tail
+
+ lea .Lcbc_decrypt_body(%rip),%r10
+ cmp %r10,%rbx # context->Rip<cbc_decrypt_body
+ jb .Lrestore_cbc_rax
+
+ lea .Lcbc_ret(%rip),%r10
+ cmp %r10,%rbx # context->Rip>="epilogue" label
+ jae .Lcommon_seh_tail
+
+ lea 0(%rax),%rsi # top of stack
+ lea 512($context),%rdi # &context.Xmm6
+ mov \$8,%ecx # 4*sizeof(%xmm0)/sizeof(%rax)
+ .long 0xa548f3fc # cld; rep movsq
+ lea 0x58(%rax),%rax # adjust stack pointer
+ jmp .Lcommon_seh_tail
+
+.Lrestore_cbc_rax:
+ mov 120($context),%rax
+
+.Lcommon_seh_tail:
+ mov 8(%rax),%rdi
+ mov 16(%rax),%rsi
+ mov %rax,152($context) # restore context->Rsp
+ mov %rsi,168($context) # restore context->Rsi
+ mov %rdi,176($context) # restore context->Rdi
+
+ mov 40($disp),%rdi # disp->ContextRecord
+ mov $context,%rsi # context
+ mov \$154,%ecx # sizeof(CONTEXT)
+ .long 0xa548f3fc # cld; rep movsq
+
+ mov $disp,%rsi
+ xor %rcx,%rcx # arg1, UNW_FLAG_NHANDLER
+ mov 8(%rsi),%rdx # arg2, disp->ImageBase
+ mov 0(%rsi),%r8 # arg3, disp->ControlPc
+ mov 16(%rsi),%r9 # arg4, disp->FunctionEntry
+ mov 40(%rsi),%r10 # disp->ContextRecord
+ lea 56(%rsi),%r11 # &disp->HandlerData
+ lea 24(%rsi),%r12 # &disp->EstablisherFrame
+ mov %r10,32(%rsp) # arg5
+ mov %r11,40(%rsp) # arg6
+ mov %r12,48(%rsp) # arg7
+ mov %rcx,56(%rsp) # arg8, (NULL)
+ call *__imp_RtlVirtualUnwind(%rip)
+
+ mov \$1,%eax # ExceptionContinueSearch
+ add \$64,%rsp
+ popfq
+ pop %r15
+ pop %r14
+ pop %r13
+ pop %r12
+ pop %rbp
+ pop %rbx
+ pop %rdi
+ pop %rsi
+ ret
+.size cbc_se_handler,.-cbc_se_handler
+
+.section .pdata
+.align 4
+___
+$code.=<<___ if ($PREFIX eq "aesni");
+ .rva .LSEH_begin_aesni_ecb_encrypt
+ .rva .LSEH_end_aesni_ecb_encrypt
+ .rva .LSEH_info_ecb
+
+ .rva .LSEH_begin_aesni_ccm64_encrypt_blocks
+ .rva .LSEH_end_aesni_ccm64_encrypt_blocks
+ .rva .LSEH_info_ccm64_enc
+
+ .rva .LSEH_begin_aesni_ccm64_decrypt_blocks
+ .rva .LSEH_end_aesni_ccm64_decrypt_blocks
+ .rva .LSEH_info_ccm64_dec
+
+ .rva .LSEH_begin_aesni_ctr32_encrypt_blocks
+ .rva .LSEH_end_aesni_ctr32_encrypt_blocks
+ .rva .LSEH_info_ctr32
+
+ .rva .LSEH_begin_aesni_xts_encrypt
+ .rva .LSEH_end_aesni_xts_encrypt
+ .rva .LSEH_info_xts_enc
+
+ .rva .LSEH_begin_aesni_xts_decrypt
+ .rva .LSEH_end_aesni_xts_decrypt
+ .rva .LSEH_info_xts_dec
+___
+$code.=<<___;
+ .rva .LSEH_begin_${PREFIX}_cbc_encrypt
+ .rva .LSEH_end_${PREFIX}_cbc_encrypt
+ .rva .LSEH_info_cbc
+
+ .rva ${PREFIX}_set_decrypt_key
+ .rva .LSEH_end_set_decrypt_key
+ .rva .LSEH_info_key
+
+ .rva ${PREFIX}_set_encrypt_key
+ .rva .LSEH_end_set_encrypt_key
+ .rva .LSEH_info_key
+.section .xdata
+.align 8
+___
+$code.=<<___ if ($PREFIX eq "aesni");
+.LSEH_info_ecb:
+ .byte 9,0,0,0
+ .rva ecb_ccm64_se_handler
+ .rva .Lecb_enc_body,.Lecb_enc_ret # HandlerData[]
+.LSEH_info_ccm64_enc:
+ .byte 9,0,0,0
+ .rva ecb_ccm64_se_handler
+ .rva .Lccm64_enc_body,.Lccm64_enc_ret # HandlerData[]
+.LSEH_info_ccm64_dec:
+ .byte 9,0,0,0
+ .rva ecb_ccm64_se_handler
+ .rva .Lccm64_dec_body,.Lccm64_dec_ret # HandlerData[]
+.LSEH_info_ctr32:
+ .byte 9,0,0,0
+ .rva ctr32_se_handler
+.LSEH_info_xts_enc:
+ .byte 9,0,0,0
+ .rva xts_se_handler
+ .rva .Lxts_enc_body,.Lxts_enc_epilogue # HandlerData[]
+.LSEH_info_xts_dec:
+ .byte 9,0,0,0
+ .rva xts_se_handler
+ .rva .Lxts_dec_body,.Lxts_dec_epilogue # HandlerData[]
+___
+$code.=<<___;
+.LSEH_info_cbc:
+ .byte 9,0,0,0
+ .rva cbc_se_handler
+.LSEH_info_key:
+ .byte 0x01,0x04,0x01,0x00
+ .byte 0x04,0x02,0x00,0x00 # sub rsp,8
+___
+}
+
+sub rex {
+ local *opcode=shift;
+ my ($dst,$src)=@_;
+ my $rex=0;
+
+ $rex|=0x04 if($dst>=8);
+ $rex|=0x01 if($src>=8);
+ push @opcode,$rex|0x40 if($rex);
+}
+
+sub aesni {
+ my $line=shift;
+ my @opcode=(0x66);
+
+ if ($line=~/(aeskeygenassist)\s+\$([x0-9a-f]+),\s*%xmm([0-9]+),\s*%xmm([0-9]+)/) {
+ rex(\@opcode,$4,$3);
+ push @opcode,0x0f,0x3a,0xdf;
+ push @opcode,0xc0|($3&7)|(($4&7)<<3); # ModR/M
+ my $c=$2;
+ push @opcode,$c=~/^0/?oct($c):$c;
+ return ".byte\t".join(',', at opcode);
+ }
+ elsif ($line=~/(aes[a-z]+)\s+%xmm([0-9]+),\s*%xmm([0-9]+)/) {
+ my %opcodelet = (
+ "aesimc" => 0xdb,
+ "aesenc" => 0xdc, "aesenclast" => 0xdd,
+ "aesdec" => 0xde, "aesdeclast" => 0xdf
+ );
+ return undef if (!defined($opcodelet{$1}));
+ rex(\@opcode,$3,$2);
+ push @opcode,0x0f,0x38,$opcodelet{$1};
+ push @opcode,0xc0|($2&7)|(($3&7)<<3); # ModR/M
+ return ".byte\t".join(',', at opcode);
+ }
+ return $line;
+}
+
+$code =~ s/\`([^\`]*)\`/eval($1)/gem;
+$code =~ s/\b(aes.*%xmm[0-9]+).*$/aesni($1)/gem;
+
+print $code;
+
+close STDOUT;
Copied: trunk/crypto/openssl/crypto/aes/asm/bsaes-x86_64.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/aes/asm/bsaes-x86_64.pl)
===================================================================
--- trunk/crypto/openssl/crypto/aes/asm/bsaes-x86_64.pl (rev 0)
+++ trunk/crypto/openssl/crypto/aes/asm/bsaes-x86_64.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,3108 @@
+#!/usr/bin/env perl
+
+###################################################################
+### AES-128 [originally in CTR mode] ###
+### bitsliced implementation for Intel Core 2 processors ###
+### requires support of SSE extensions up to SSSE3 ###
+### Author: Emilia Käsper and Peter Schwabe ###
+### Date: 2009-03-19 ###
+### Public domain ###
+### ###
+### See http://homes.esat.kuleuven.be/~ekasper/#software for ###
+### further information. ###
+###################################################################
+#
+# September 2011.
+#
+# Started as transliteration to "perlasm" the original code has
+# undergone following changes:
+#
+# - code was made position-independent;
+# - rounds were folded into a loop resulting in >5x size reduction
+# from 12.5KB to 2.2KB;
+# - above was possibile thanks to mixcolumns() modification that
+# allowed to feed its output back to aesenc[last], this was
+# achieved at cost of two additional inter-registers moves;
+# - some instruction reordering and interleaving;
+# - this module doesn't implement key setup subroutine, instead it
+# relies on conversion of "conventional" key schedule as returned
+# by AES_set_encrypt_key (see discussion below);
+# - first and last round keys are treated differently, which allowed
+# to skip one shiftrows(), reduce bit-sliced key schedule and
+# speed-up conversion by 22%;
+# - support for 192- and 256-bit keys was added;
+#
+# Resulting performance in CPU cycles spent to encrypt one byte out
+# of 4096-byte buffer with 128-bit key is:
+#
+# Emilia's this(*) difference
+#
+# Core 2 9.30 8.69 +7%
+# Nehalem(**) 7.63 6.98 +9%
+# Atom 17.1 17.4 -2%(***)
+#
+# (*) Comparison is not completely fair, because "this" is ECB,
+# i.e. no extra processing such as counter values calculation
+# and xor-ing input as in Emilia's CTR implementation is
+# performed. However, the CTR calculations stand for not more
+# than 1% of total time, so comparison is *rather* fair.
+#
+# (**) Results were collected on Westmere, which is considered to
+# be equivalent to Nehalem for this code.
+#
+# (***) Slowdown on Atom is rather strange per se, because original
+# implementation has a number of 9+-bytes instructions, which
+# are bad for Atom front-end, and which I eliminated completely.
+# In attempt to address deterioration sbox() was tested in FP
+# SIMD "domain" (movaps instead of movdqa, xorps instead of
+# pxor, etc.). While it resulted in nominal 4% improvement on
+# Atom, it hurted Westmere by more than 2x factor.
+#
+# As for key schedule conversion subroutine. Interface to OpenSSL
+# relies on per-invocation on-the-fly conversion. This naturally
+# has impact on performance, especially for short inputs. Conversion
+# time in CPU cycles and its ratio to CPU cycles spent in 8x block
+# function is:
+#
+# conversion conversion/8x block
+# Core 2 240 0.22
+# Nehalem 180 0.20
+# Atom 430 0.19
+#
+# The ratio values mean that 128-byte blocks will be processed
+# 16-18% slower, 256-byte blocks - 9-10%, 384-byte blocks - 6-7%,
+# etc. Then keep in mind that input sizes not divisible by 128 are
+# *effectively* slower, especially shortest ones, e.g. consecutive
+# 144-byte blocks are processed 44% slower than one would expect,
+# 272 - 29%, 400 - 22%, etc. Yet, despite all these "shortcomings"
+# it's still faster than ["hyper-threading-safe" code path in]
+# aes-x86_64.pl on all lengths above 64 bytes...
+#
+# October 2011.
+#
+# Add decryption procedure. Performance in CPU cycles spent to decrypt
+# one byte out of 4096-byte buffer with 128-bit key is:
+#
+# Core 2 9.83
+# Nehalem 7.74
+# Atom 19.0
+#
+# November 2011.
+#
+# Add bsaes_xts_[en|de]crypt. Less-than-80-bytes-block performance is
+# suboptimal, but XTS is meant to be used with larger blocks...
+#
+# <appro at openssl.org>
+
+$flavour = shift;
+$output = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+
+$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
+die "can't locate x86_64-xlate.pl";
+
+open OUT,"| \"$^X\" $xlate $flavour $output";
+*STDOUT=*OUT;
+
+my ($inp,$out,$len,$key,$ivp)=("%rdi","%rsi","%rdx","%rcx");
+my @XMM=map("%xmm$_",(15,0..14)); # best on Atom, +10% over (0..15)
+my $ecb=0; # suppress unreferenced ECB subroutines, spare some space...
+
+{
+my ($key,$rounds,$const)=("%rax","%r10d","%r11");
+
+sub Sbox {
+# input in lsb > [b0, b1, b2, b3, b4, b5, b6, b7] < msb
+# output in lsb > [b0, b1, b4, b6, b3, b7, b2, b5] < msb
+my @b=@_[0..7];
+my @t=@_[8..11];
+my @s=@_[12..15];
+ &InBasisChange (@b);
+ &Inv_GF256 (@b[6,5,0,3,7,1,4,2], at t, at s);
+ &OutBasisChange (@b[7,1,4,2,6,5,0,3]);
+}
+
+sub InBasisChange {
+# input in lsb > [b0, b1, b2, b3, b4, b5, b6, b7] < msb
+# output in lsb > [b6, b5, b0, b3, b7, b1, b4, b2] < msb
+my @b=@_[0..7];
+$code.=<<___;
+ pxor @b[6], @b[5]
+ pxor @b[1], @b[2]
+ pxor @b[0], @b[3]
+ pxor @b[2], @b[6]
+ pxor @b[0], @b[5]
+
+ pxor @b[3], @b[6]
+ pxor @b[7], @b[3]
+ pxor @b[5], @b[7]
+ pxor @b[4], @b[3]
+ pxor @b[5], @b[4]
+ pxor @b[1], @b[3]
+
+ pxor @b[7], @b[2]
+ pxor @b[5], @b[1]
+___
+}
+
+sub OutBasisChange {
+# input in lsb > [b0, b1, b2, b3, b4, b5, b6, b7] < msb
+# output in lsb > [b6, b1, b2, b4, b7, b0, b3, b5] < msb
+my @b=@_[0..7];
+$code.=<<___;
+ pxor @b[6], @b[0]
+ pxor @b[4], @b[1]
+ pxor @b[0], @b[2]
+ pxor @b[6], @b[4]
+ pxor @b[1], @b[6]
+
+ pxor @b[5], @b[1]
+ pxor @b[3], @b[5]
+ pxor @b[7], @b[3]
+ pxor @b[5], @b[7]
+ pxor @b[5], @b[2]
+
+ pxor @b[7], @b[4]
+___
+}
+
+sub InvSbox {
+# input in lsb > [b0, b1, b2, b3, b4, b5, b6, b7] < msb
+# output in lsb > [b0, b1, b6, b4, b2, b7, b3, b5] < msb
+my @b=@_[0..7];
+my @t=@_[8..11];
+my @s=@_[12..15];
+ &InvInBasisChange (@b);
+ &Inv_GF256 (@b[5,1,2,6,3,7,0,4], at t, at s);
+ &InvOutBasisChange (@b[3,7,0,4,5,1,2,6]);
+}
+
+sub InvInBasisChange { # OutBasisChange in reverse
+my @b=@_[5,1,2,6,3,7,0,4];
+$code.=<<___
+ pxor @b[7], @b[4]
+
+ pxor @b[5], @b[7]
+ pxor @b[5], @b[2]
+ pxor @b[7], @b[3]
+ pxor @b[3], @b[5]
+ pxor @b[5], @b[1]
+
+ pxor @b[1], @b[6]
+ pxor @b[0], @b[2]
+ pxor @b[6], @b[4]
+ pxor @b[6], @b[0]
+ pxor @b[4], @b[1]
+___
+}
+
+sub InvOutBasisChange { # InBasisChange in reverse
+my @b=@_[2,5,7,3,6,1,0,4];
+$code.=<<___;
+ pxor @b[5], @b[1]
+ pxor @b[7], @b[2]
+
+ pxor @b[1], @b[3]
+ pxor @b[5], @b[4]
+ pxor @b[5], @b[7]
+ pxor @b[4], @b[3]
+ pxor @b[0], @b[5]
+ pxor @b[7], @b[3]
+ pxor @b[2], @b[6]
+ pxor @b[1], @b[2]
+ pxor @b[3], @b[6]
+
+ pxor @b[0], @b[3]
+ pxor @b[6], @b[5]
+___
+}
+
+sub Mul_GF4 {
+#;*************************************************************
+#;* Mul_GF4: Input x0-x1,y0-y1 Output x0-x1 Temp t0 (8) *
+#;*************************************************************
+my ($x0,$x1,$y0,$y1,$t0)=@_;
+$code.=<<___;
+ movdqa $y0, $t0
+ pxor $y1, $t0
+ pand $x0, $t0
+ pxor $x1, $x0
+ pand $y0, $x1
+ pand $y1, $x0
+ pxor $x1, $x0
+ pxor $t0, $x1
+___
+}
+
+sub Mul_GF4_N { # not used, see next subroutine
+# multiply and scale by N
+my ($x0,$x1,$y0,$y1,$t0)=@_;
+$code.=<<___;
+ movdqa $y0, $t0
+ pxor $y1, $t0
+ pand $x0, $t0
+ pxor $x1, $x0
+ pand $y0, $x1
+ pand $y1, $x0
+ pxor $x0, $x1
+ pxor $t0, $x0
+___
+}
+
+sub Mul_GF4_N_GF4 {
+# interleaved Mul_GF4_N and Mul_GF4
+my ($x0,$x1,$y0,$y1,$t0,
+ $x2,$x3,$y2,$y3,$t1)=@_;
+$code.=<<___;
+ movdqa $y0, $t0
+ movdqa $y2, $t1
+ pxor $y1, $t0
+ pxor $y3, $t1
+ pand $x0, $t0
+ pand $x2, $t1
+ pxor $x1, $x0
+ pxor $x3, $x2
+ pand $y0, $x1
+ pand $y2, $x3
+ pand $y1, $x0
+ pand $y3, $x2
+ pxor $x0, $x1
+ pxor $x3, $x2
+ pxor $t0, $x0
+ pxor $t1, $x3
+___
+}
+sub Mul_GF16_2 {
+my @x=@_[0..7];
+my @y=@_[8..11];
+my @t=@_[12..15];
+$code.=<<___;
+ movdqa @x[0], @t[0]
+ movdqa @x[1], @t[1]
+___
+ &Mul_GF4 (@x[0], @x[1], @y[0], @y[1], @t[2]);
+$code.=<<___;
+ pxor @x[2], @t[0]
+ pxor @x[3], @t[1]
+ pxor @y[2], @y[0]
+ pxor @y[3], @y[1]
+___
+ Mul_GF4_N_GF4 (@t[0], @t[1], @y[0], @y[1], @t[3],
+ @x[2], @x[3], @y[2], @y[3], @t[2]);
+$code.=<<___;
+ pxor @t[0], @x[0]
+ pxor @t[0], @x[2]
+ pxor @t[1], @x[1]
+ pxor @t[1], @x[3]
+
+ movdqa @x[4], @t[0]
+ movdqa @x[5], @t[1]
+ pxor @x[6], @t[0]
+ pxor @x[7], @t[1]
+___
+ &Mul_GF4_N_GF4 (@t[0], @t[1], @y[0], @y[1], @t[3],
+ @x[6], @x[7], @y[2], @y[3], @t[2]);
+$code.=<<___;
+ pxor @y[2], @y[0]
+ pxor @y[3], @y[1]
+___
+ &Mul_GF4 (@x[4], @x[5], @y[0], @y[1], @t[3]);
+$code.=<<___;
+ pxor @t[0], @x[4]
+ pxor @t[0], @x[6]
+ pxor @t[1], @x[5]
+ pxor @t[1], @x[7]
+___
+}
+sub Inv_GF256 {
+#;********************************************************************
+#;* Inv_GF256: Input x0-x7 Output x0-x7 Temp t0-t3,s0-s3 (144) *
+#;********************************************************************
+my @x=@_[0..7];
+my @t=@_[8..11];
+my @s=@_[12..15];
+# direct optimizations from hardware
+$code.=<<___;
+ movdqa @x[4], @t[3]
+ movdqa @x[5], @t[2]
+ movdqa @x[1], @t[1]
+ movdqa @x[7], @s[1]
+ movdqa @x[0], @s[0]
+
+ pxor @x[6], @t[3]
+ pxor @x[7], @t[2]
+ pxor @x[3], @t[1]
+ movdqa @t[3], @s[2]
+ pxor @x[6], @s[1]
+ movdqa @t[2], @t[0]
+ pxor @x[2], @s[0]
+ movdqa @t[3], @s[3]
+
+ por @t[1], @t[2]
+ por @s[0], @t[3]
+ pxor @t[0], @s[3]
+ pand @s[0], @s[2]
+ pxor @t[1], @s[0]
+ pand @t[1], @t[0]
+ pand @s[0], @s[3]
+ movdqa @x[3], @s[0]
+ pxor @x[2], @s[0]
+ pand @s[0], @s[1]
+ pxor @s[1], @t[3]
+ pxor @s[1], @t[2]
+ movdqa @x[4], @s[1]
+ movdqa @x[1], @s[0]
+ pxor @x[5], @s[1]
+ pxor @x[0], @s[0]
+ movdqa @s[1], @t[1]
+ pand @s[0], @s[1]
+ por @s[0], @t[1]
+ pxor @s[1], @t[0]
+ pxor @s[3], @t[3]
+ pxor @s[2], @t[2]
+ pxor @s[3], @t[1]
+ movdqa @x[7], @s[0]
+ pxor @s[2], @t[0]
+ movdqa @x[6], @s[1]
+ pxor @s[2], @t[1]
+ movdqa @x[5], @s[2]
+ pand @x[3], @s[0]
+ movdqa @x[4], @s[3]
+ pand @x[2], @s[1]
+ pand @x[1], @s[2]
+ por @x[0], @s[3]
+ pxor @s[0], @t[3]
+ pxor @s[1], @t[2]
+ pxor @s[2], @t[1]
+ pxor @s[3], @t[0]
+
+ #Inv_GF16 \t0, \t1, \t2, \t3, \s0, \s1, \s2, \s3
+
+ # new smaller inversion
+
+ movdqa @t[3], @s[0]
+ pand @t[1], @t[3]
+ pxor @t[2], @s[0]
+
+ movdqa @t[0], @s[2]
+ movdqa @s[0], @s[3]
+ pxor @t[3], @s[2]
+ pand @s[2], @s[3]
+
+ movdqa @t[1], @s[1]
+ pxor @t[2], @s[3]
+ pxor @t[0], @s[1]
+
+ pxor @t[2], @t[3]
+
+ pand @t[3], @s[1]
+
+ movdqa @s[2], @t[2]
+ pxor @t[0], @s[1]
+
+ pxor @s[1], @t[2]
+ pxor @s[1], @t[1]
+
+ pand @t[0], @t[2]
+
+ pxor @t[2], @s[2]
+ pxor @t[2], @t[1]
+
+ pand @s[3], @s[2]
+
+ pxor @s[0], @s[2]
+___
+# output in s3, s2, s1, t1
+
+# Mul_GF16_2 \x0, \x1, \x2, \x3, \x4, \x5, \x6, \x7, \t2, \t3, \t0, \t1, \s0, \s1, \s2, \s3
+
+# Mul_GF16_2 \x0, \x1, \x2, \x3, \x4, \x5, \x6, \x7, \s3, \s2, \s1, \t1, \s0, \t0, \t2, \t3
+ &Mul_GF16_2(@x, at s[3,2,1], at t[1], at s[0], at t[0,2,3]);
+
+### output msb > [x3,x2,x1,x0,x7,x6,x5,x4] < lsb
+}
+
+# AES linear components
+
+sub ShiftRows {
+my @x=@_[0..7];
+my $mask=pop;
+$code.=<<___;
+ pxor 0x00($key), at x[0]
+ pxor 0x10($key), at x[1]
+ pshufb $mask, at x[0]
+ pxor 0x20($key), at x[2]
+ pshufb $mask, at x[1]
+ pxor 0x30($key), at x[3]
+ pshufb $mask, at x[2]
+ pxor 0x40($key), at x[4]
+ pshufb $mask, at x[3]
+ pxor 0x50($key), at x[5]
+ pshufb $mask, at x[4]
+ pxor 0x60($key), at x[6]
+ pshufb $mask, at x[5]
+ pxor 0x70($key), at x[7]
+ pshufb $mask, at x[6]
+ lea 0x80($key),$key
+ pshufb $mask, at x[7]
+___
+}
+
+sub MixColumns {
+# modified to emit output in order suitable for feeding back to aesenc[last]
+my @x=@_[0..7];
+my @t=@_[8..15];
+my $inv=@_[16]; # optional
+$code.=<<___;
+ pshufd \$0x93, @x[0], @t[0] # x0 <<< 32
+ pshufd \$0x93, @x[1], @t[1]
+ pxor @t[0], @x[0] # x0 ^ (x0 <<< 32)
+ pshufd \$0x93, @x[2], @t[2]
+ pxor @t[1], @x[1]
+ pshufd \$0x93, @x[3], @t[3]
+ pxor @t[2], @x[2]
+ pshufd \$0x93, @x[4], @t[4]
+ pxor @t[3], @x[3]
+ pshufd \$0x93, @x[5], @t[5]
+ pxor @t[4], @x[4]
+ pshufd \$0x93, @x[6], @t[6]
+ pxor @t[5], @x[5]
+ pshufd \$0x93, @x[7], @t[7]
+ pxor @t[6], @x[6]
+ pxor @t[7], @x[7]
+
+ pxor @x[0], @t[1]
+ pxor @x[7], @t[0]
+ pxor @x[7], @t[1]
+ pshufd \$0x4E, @x[0], @x[0] # (x0 ^ (x0 <<< 32)) <<< 64)
+ pxor @x[1], @t[2]
+ pshufd \$0x4E, @x[1], @x[1]
+ pxor @x[4], @t[5]
+ pxor @t[0], @x[0]
+ pxor @x[5], @t[6]
+ pxor @t[1], @x[1]
+ pxor @x[3], @t[4]
+ pshufd \$0x4E, @x[4], @t[0]
+ pxor @x[6], @t[7]
+ pshufd \$0x4E, @x[5], @t[1]
+ pxor @x[2], @t[3]
+ pshufd \$0x4E, @x[3], @x[4]
+ pxor @x[7], @t[3]
+ pshufd \$0x4E, @x[7], @x[5]
+ pxor @x[7], @t[4]
+ pshufd \$0x4E, @x[6], @x[3]
+ pxor @t[4], @t[0]
+ pshufd \$0x4E, @x[2], @x[6]
+ pxor @t[5], @t[1]
+___
+$code.=<<___ if (!$inv);
+ pxor @t[3], @x[4]
+ pxor @t[7], @x[5]
+ pxor @t[6], @x[3]
+ movdqa @t[0], @x[2]
+ pxor @t[2], @x[6]
+ movdqa @t[1], @x[7]
+___
+$code.=<<___ if ($inv);
+ pxor @x[4], @t[3]
+ pxor @t[7], @x[5]
+ pxor @x[3], @t[6]
+ movdqa @t[0], @x[3]
+ pxor @t[2], @x[6]
+ movdqa @t[6], @x[2]
+ movdqa @t[1], @x[7]
+ movdqa @x[6], @x[4]
+ movdqa @t[3], @x[6]
+___
+}
+
+sub InvMixColumns_orig {
+my @x=@_[0..7];
+my @t=@_[8..15];
+
+$code.=<<___;
+ # multiplication by 0x0e
+ pshufd \$0x93, @x[7], @t[7]
+ movdqa @x[2], @t[2]
+ pxor @x[5], @x[7] # 7 5
+ pxor @x[5], @x[2] # 2 5
+ pshufd \$0x93, @x[0], @t[0]
+ movdqa @x[5], @t[5]
+ pxor @x[0], @x[5] # 5 0 [1]
+ pxor @x[1], @x[0] # 0 1
+ pshufd \$0x93, @x[1], @t[1]
+ pxor @x[2], @x[1] # 1 25
+ pxor @x[6], @x[0] # 01 6 [2]
+ pxor @x[3], @x[1] # 125 3 [4]
+ pshufd \$0x93, @x[3], @t[3]
+ pxor @x[0], @x[2] # 25 016 [3]
+ pxor @x[7], @x[3] # 3 75
+ pxor @x[6], @x[7] # 75 6 [0]
+ pshufd \$0x93, @x[6], @t[6]
+ movdqa @x[4], @t[4]
+ pxor @x[4], @x[6] # 6 4
+ pxor @x[3], @x[4] # 4 375 [6]
+ pxor @x[7], @x[3] # 375 756=36
+ pxor @t[5], @x[6] # 64 5 [7]
+ pxor @t[2], @x[3] # 36 2
+ pxor @t[4], @x[3] # 362 4 [5]
+ pshufd \$0x93, @t[5], @t[5]
+___
+ my @y = @x[7,5,0,2,1,3,4,6];
+$code.=<<___;
+ # multiplication by 0x0b
+ pxor @y[0], @y[1]
+ pxor @t[0], @y[0]
+ pxor @t[1], @y[1]
+ pshufd \$0x93, @t[2], @t[2]
+ pxor @t[5], @y[0]
+ pxor @t[6], @y[1]
+ pxor @t[7], @y[0]
+ pshufd \$0x93, @t[4], @t[4]
+ pxor @t[6], @t[7] # clobber t[7]
+ pxor @y[0], @y[1]
+
+ pxor @t[0], @y[3]
+ pshufd \$0x93, @t[0], @t[0]
+ pxor @t[1], @y[2]
+ pxor @t[1], @y[4]
+ pxor @t[2], @y[2]
+ pshufd \$0x93, @t[1], @t[1]
+ pxor @t[2], @y[3]
+ pxor @t[2], @y[5]
+ pxor @t[7], @y[2]
+ pshufd \$0x93, @t[2], @t[2]
+ pxor @t[3], @y[3]
+ pxor @t[3], @y[6]
+ pxor @t[3], @y[4]
+ pshufd \$0x93, @t[3], @t[3]
+ pxor @t[4], @y[7]
+ pxor @t[4], @y[5]
+ pxor @t[7], @y[7]
+ pxor @t[5], @y[3]
+ pxor @t[4], @y[4]
+ pxor @t[5], @t[7] # clobber t[7] even more
+
+ pxor @t[7], @y[5]
+ pshufd \$0x93, @t[4], @t[4]
+ pxor @t[7], @y[6]
+ pxor @t[7], @y[4]
+
+ pxor @t[5], @t[7]
+ pshufd \$0x93, @t[5], @t[5]
+ pxor @t[6], @t[7] # restore t[7]
+
+ # multiplication by 0x0d
+ pxor @y[7], @y[4]
+ pxor @t[4], @y[7]
+ pshufd \$0x93, @t[6], @t[6]
+ pxor @t[0], @y[2]
+ pxor @t[5], @y[7]
+ pxor @t[2], @y[2]
+ pshufd \$0x93, @t[7], @t[7]
+
+ pxor @y[1], @y[3]
+ pxor @t[1], @y[1]
+ pxor @t[0], @y[0]
+ pxor @t[0], @y[3]
+ pxor @t[5], @y[1]
+ pxor @t[5], @y[0]
+ pxor @t[7], @y[1]
+ pshufd \$0x93, @t[0], @t[0]
+ pxor @t[6], @y[0]
+ pxor @y[1], @y[3]
+ pxor @t[1], @y[4]
+ pshufd \$0x93, @t[1], @t[1]
+
+ pxor @t[7], @y[7]
+ pxor @t[2], @y[4]
+ pxor @t[2], @y[5]
+ pshufd \$0x93, @t[2], @t[2]
+ pxor @t[6], @y[2]
+ pxor @t[3], @t[6] # clobber t[6]
+ pxor @y[7], @y[4]
+ pxor @t[6], @y[3]
+
+ pxor @t[6], @y[6]
+ pxor @t[5], @y[5]
+ pxor @t[4], @y[6]
+ pshufd \$0x93, @t[4], @t[4]
+ pxor @t[6], @y[5]
+ pxor @t[7], @y[6]
+ pxor @t[3], @t[6] # restore t[6]
+
+ pshufd \$0x93, @t[5], @t[5]
+ pshufd \$0x93, @t[6], @t[6]
+ pshufd \$0x93, @t[7], @t[7]
+ pshufd \$0x93, @t[3], @t[3]
+
+ # multiplication by 0x09
+ pxor @y[1], @y[4]
+ pxor @y[1], @t[1] # t[1]=y[1]
+ pxor @t[5], @t[0] # clobber t[0]
+ pxor @t[5], @t[1]
+ pxor @t[0], @y[3]
+ pxor @y[0], @t[0] # t[0]=y[0]
+ pxor @t[6], @t[1]
+ pxor @t[7], @t[6] # clobber t[6]
+ pxor @t[1], @y[4]
+ pxor @t[4], @y[7]
+ pxor @y[4], @t[4] # t[4]=y[4]
+ pxor @t[3], @y[6]
+ pxor @y[3], @t[3] # t[3]=y[3]
+ pxor @t[2], @y[5]
+ pxor @y[2], @t[2] # t[2]=y[2]
+ pxor @t[7], @t[3]
+ pxor @y[5], @t[5] # t[5]=y[5]
+ pxor @t[6], @t[2]
+ pxor @t[6], @t[5]
+ pxor @y[6], @t[6] # t[6]=y[6]
+ pxor @y[7], @t[7] # t[7]=y[7]
+
+ movdqa @t[0], at XMM[0]
+ movdqa @t[1], at XMM[1]
+ movdqa @t[2], at XMM[2]
+ movdqa @t[3], at XMM[3]
+ movdqa @t[4], at XMM[4]
+ movdqa @t[5], at XMM[5]
+ movdqa @t[6], at XMM[6]
+ movdqa @t[7], at XMM[7]
+___
+}
+
+sub InvMixColumns {
+my @x=@_[0..7];
+my @t=@_[8..15];
+
+# Thanks to Jussi Kivilinna for providing pointer to
+#
+# | 0e 0b 0d 09 | | 02 03 01 01 | | 05 00 04 00 |
+# | 09 0e 0b 0d | = | 01 02 03 01 | x | 00 05 00 04 |
+# | 0d 09 0e 0b | | 01 01 02 03 | | 04 00 05 00 |
+# | 0b 0d 09 0e | | 03 01 01 02 | | 00 04 00 05 |
+
+$code.=<<___;
+ # multiplication by 0x05-0x00-0x04-0x00
+ pshufd \$0x4E, @x[0], @t[0]
+ pshufd \$0x4E, @x[6], @t[6]
+ pxor @x[0], @t[0]
+ pshufd \$0x4E, @x[7], @t[7]
+ pxor @x[6], @t[6]
+ pshufd \$0x4E, @x[1], @t[1]
+ pxor @x[7], @t[7]
+ pshufd \$0x4E, @x[2], @t[2]
+ pxor @x[1], @t[1]
+ pshufd \$0x4E, @x[3], @t[3]
+ pxor @x[2], @t[2]
+ pxor @t[6], @x[0]
+ pxor @t[6], @x[1]
+ pshufd \$0x4E, @x[4], @t[4]
+ pxor @x[3], @t[3]
+ pxor @t[0], @x[2]
+ pxor @t[1], @x[3]
+ pshufd \$0x4E, @x[5], @t[5]
+ pxor @x[4], @t[4]
+ pxor @t[7], @x[1]
+ pxor @t[2], @x[4]
+ pxor @x[5], @t[5]
+
+ pxor @t[7], @x[2]
+ pxor @t[6], @x[3]
+ pxor @t[6], @x[4]
+ pxor @t[3], @x[5]
+ pxor @t[4], @x[6]
+ pxor @t[7], @x[4]
+ pxor @t[7], @x[5]
+ pxor @t[5], @x[7]
+___
+ &MixColumns (@x, at t,1); # flipped 2<->3 and 4<->6
+}
+
+sub aesenc { # not used
+my @b=@_[0..7];
+my @t=@_[8..15];
+$code.=<<___;
+ movdqa 0x30($const), at t[0] # .LSR
+___
+ &ShiftRows (@b, at t[0]);
+ &Sbox (@b, at t);
+ &MixColumns (@b[0,1,4,6,3,7,2,5], at t);
+}
+
+sub aesenclast { # not used
+my @b=@_[0..7];
+my @t=@_[8..15];
+$code.=<<___;
+ movdqa 0x40($const), at t[0] # .LSRM0
+___
+ &ShiftRows (@b, at t[0]);
+ &Sbox (@b, at t);
+$code.=<<___
+ pxor 0x00($key), at b[0]
+ pxor 0x10($key), at b[1]
+ pxor 0x20($key), at b[4]
+ pxor 0x30($key), at b[6]
+ pxor 0x40($key), at b[3]
+ pxor 0x50($key), at b[7]
+ pxor 0x60($key), at b[2]
+ pxor 0x70($key), at b[5]
+___
+}
+
+sub swapmove {
+my ($a,$b,$n,$mask,$t)=@_;
+$code.=<<___;
+ movdqa $b,$t
+ psrlq \$$n,$b
+ pxor $a,$b
+ pand $mask,$b
+ pxor $b,$a
+ psllq \$$n,$b
+ pxor $t,$b
+___
+}
+sub swapmove2x {
+my ($a0,$b0,$a1,$b1,$n,$mask,$t0,$t1)=@_;
+$code.=<<___;
+ movdqa $b0,$t0
+ psrlq \$$n,$b0
+ movdqa $b1,$t1
+ psrlq \$$n,$b1
+ pxor $a0,$b0
+ pxor $a1,$b1
+ pand $mask,$b0
+ pand $mask,$b1
+ pxor $b0,$a0
+ psllq \$$n,$b0
+ pxor $b1,$a1
+ psllq \$$n,$b1
+ pxor $t0,$b0
+ pxor $t1,$b1
+___
+}
+
+sub bitslice {
+my @x=reverse(@_[0..7]);
+my ($t0,$t1,$t2,$t3)=@_[8..11];
+$code.=<<___;
+ movdqa 0x00($const),$t0 # .LBS0
+ movdqa 0x10($const),$t1 # .LBS1
+___
+ &swapmove2x(@x[0,1,2,3],1,$t0,$t2,$t3);
+ &swapmove2x(@x[4,5,6,7],1,$t0,$t2,$t3);
+$code.=<<___;
+ movdqa 0x20($const),$t0 # .LBS2
+___
+ &swapmove2x(@x[0,2,1,3],2,$t1,$t2,$t3);
+ &swapmove2x(@x[4,6,5,7],2,$t1,$t2,$t3);
+
+ &swapmove2x(@x[0,4,1,5],4,$t0,$t2,$t3);
+ &swapmove2x(@x[2,6,3,7],4,$t0,$t2,$t3);
+}
+
+$code.=<<___;
+.text
+
+.extern asm_AES_encrypt
+.extern asm_AES_decrypt
+
+.type _bsaes_encrypt8,\@abi-omnipotent
+.align 64
+_bsaes_encrypt8:
+ lea .LBS0(%rip), $const # constants table
+
+ movdqa ($key), @XMM[9] # round 0 key
+ lea 0x10($key), $key
+ movdqa 0x50($const), @XMM[8] # .LM0SR
+ pxor @XMM[9], @XMM[0] # xor with round0 key
+ pxor @XMM[9], @XMM[1]
+ pshufb @XMM[8], @XMM[0]
+ pxor @XMM[9], @XMM[2]
+ pshufb @XMM[8], @XMM[1]
+ pxor @XMM[9], @XMM[3]
+ pshufb @XMM[8], @XMM[2]
+ pxor @XMM[9], @XMM[4]
+ pshufb @XMM[8], @XMM[3]
+ pxor @XMM[9], @XMM[5]
+ pshufb @XMM[8], @XMM[4]
+ pxor @XMM[9], @XMM[6]
+ pshufb @XMM[8], @XMM[5]
+ pxor @XMM[9], @XMM[7]
+ pshufb @XMM[8], @XMM[6]
+ pshufb @XMM[8], @XMM[7]
+_bsaes_encrypt8_bitslice:
+___
+ &bitslice (@XMM[0..7, 8..11]);
+$code.=<<___;
+ dec $rounds
+ jmp .Lenc_sbox
+.align 16
+.Lenc_loop:
+___
+ &ShiftRows (@XMM[0..7, 8]);
+$code.=".Lenc_sbox:\n";
+ &Sbox (@XMM[0..7, 8..15]);
+$code.=<<___;
+ dec $rounds
+ jl .Lenc_done
+___
+ &MixColumns (@XMM[0,1,4,6,3,7,2,5, 8..15]);
+$code.=<<___;
+ movdqa 0x30($const), @XMM[8] # .LSR
+ jnz .Lenc_loop
+ movdqa 0x40($const), @XMM[8] # .LSRM0
+ jmp .Lenc_loop
+.align 16
+.Lenc_done:
+___
+ # output in lsb > [t0, t1, t4, t6, t3, t7, t2, t5] < msb
+ &bitslice (@XMM[0,1,4,6,3,7,2,5, 8..11]);
+$code.=<<___;
+ movdqa ($key), @XMM[8] # last round key
+ pxor @XMM[8], @XMM[4]
+ pxor @XMM[8], @XMM[6]
+ pxor @XMM[8], @XMM[3]
+ pxor @XMM[8], @XMM[7]
+ pxor @XMM[8], @XMM[2]
+ pxor @XMM[8], @XMM[5]
+ pxor @XMM[8], @XMM[0]
+ pxor @XMM[8], @XMM[1]
+ ret
+.size _bsaes_encrypt8,.-_bsaes_encrypt8
+
+.type _bsaes_decrypt8,\@abi-omnipotent
+.align 64
+_bsaes_decrypt8:
+ lea .LBS0(%rip), $const # constants table
+
+ movdqa ($key), @XMM[9] # round 0 key
+ lea 0x10($key), $key
+ movdqa -0x30($const), @XMM[8] # .LM0ISR
+ pxor @XMM[9], @XMM[0] # xor with round0 key
+ pxor @XMM[9], @XMM[1]
+ pshufb @XMM[8], @XMM[0]
+ pxor @XMM[9], @XMM[2]
+ pshufb @XMM[8], @XMM[1]
+ pxor @XMM[9], @XMM[3]
+ pshufb @XMM[8], @XMM[2]
+ pxor @XMM[9], @XMM[4]
+ pshufb @XMM[8], @XMM[3]
+ pxor @XMM[9], @XMM[5]
+ pshufb @XMM[8], @XMM[4]
+ pxor @XMM[9], @XMM[6]
+ pshufb @XMM[8], @XMM[5]
+ pxor @XMM[9], @XMM[7]
+ pshufb @XMM[8], @XMM[6]
+ pshufb @XMM[8], @XMM[7]
+___
+ &bitslice (@XMM[0..7, 8..11]);
+$code.=<<___;
+ dec $rounds
+ jmp .Ldec_sbox
+.align 16
+.Ldec_loop:
+___
+ &ShiftRows (@XMM[0..7, 8]);
+$code.=".Ldec_sbox:\n";
+ &InvSbox (@XMM[0..7, 8..15]);
+$code.=<<___;
+ dec $rounds
+ jl .Ldec_done
+___
+ &InvMixColumns (@XMM[0,1,6,4,2,7,3,5, 8..15]);
+$code.=<<___;
+ movdqa -0x10($const), @XMM[8] # .LISR
+ jnz .Ldec_loop
+ movdqa -0x20($const), @XMM[8] # .LISRM0
+ jmp .Ldec_loop
+.align 16
+.Ldec_done:
+___
+ &bitslice (@XMM[0,1,6,4,2,7,3,5, 8..11]);
+$code.=<<___;
+ movdqa ($key), @XMM[8] # last round key
+ pxor @XMM[8], @XMM[6]
+ pxor @XMM[8], @XMM[4]
+ pxor @XMM[8], @XMM[2]
+ pxor @XMM[8], @XMM[7]
+ pxor @XMM[8], @XMM[3]
+ pxor @XMM[8], @XMM[5]
+ pxor @XMM[8], @XMM[0]
+ pxor @XMM[8], @XMM[1]
+ ret
+.size _bsaes_decrypt8,.-_bsaes_decrypt8
+___
+}
+{
+my ($out,$inp,$rounds,$const)=("%rax","%rcx","%r10d","%r11");
+
+sub bitslice_key {
+my @x=reverse(@_[0..7]);
+my ($bs0,$bs1,$bs2,$t2,$t3)=@_[8..12];
+
+ &swapmove (@x[0,1],1,$bs0,$t2,$t3);
+$code.=<<___;
+ #&swapmove(@x[2,3],1,$t0,$t2,$t3);
+ movdqa @x[0], @x[2]
+ movdqa @x[1], @x[3]
+___
+ #&swapmove2x(@x[4,5,6,7],1,$t0,$t2,$t3);
+
+ &swapmove2x (@x[0,2,1,3],2,$bs1,$t2,$t3);
+$code.=<<___;
+ #&swapmove2x(@x[4,6,5,7],2,$t1,$t2,$t3);
+ movdqa @x[0], @x[4]
+ movdqa @x[2], @x[6]
+ movdqa @x[1], @x[5]
+ movdqa @x[3], @x[7]
+___
+ &swapmove2x (@x[0,4,1,5],4,$bs2,$t2,$t3);
+ &swapmove2x (@x[2,6,3,7],4,$bs2,$t2,$t3);
+}
+
+$code.=<<___;
+.type _bsaes_key_convert,\@abi-omnipotent
+.align 16
+_bsaes_key_convert:
+ lea .Lmasks(%rip), $const
+ movdqu ($inp), %xmm7 # load round 0 key
+ lea 0x10($inp), $inp
+ movdqa 0x00($const), %xmm0 # 0x01...
+ movdqa 0x10($const), %xmm1 # 0x02...
+ movdqa 0x20($const), %xmm2 # 0x04...
+ movdqa 0x30($const), %xmm3 # 0x08...
+ movdqa 0x40($const), %xmm4 # .LM0
+ pcmpeqd %xmm5, %xmm5 # .LNOT
+
+ movdqu ($inp), %xmm6 # load round 1 key
+ movdqa %xmm7, ($out) # save round 0 key
+ lea 0x10($out), $out
+ dec $rounds
+ jmp .Lkey_loop
+.align 16
+.Lkey_loop:
+ pshufb %xmm4, %xmm6 # .LM0
+
+ movdqa %xmm0, %xmm8
+ movdqa %xmm1, %xmm9
+
+ pand %xmm6, %xmm8
+ pand %xmm6, %xmm9
+ movdqa %xmm2, %xmm10
+ pcmpeqb %xmm0, %xmm8
+ psllq \$4, %xmm0 # 0x10...
+ movdqa %xmm3, %xmm11
+ pcmpeqb %xmm1, %xmm9
+ psllq \$4, %xmm1 # 0x20...
+
+ pand %xmm6, %xmm10
+ pand %xmm6, %xmm11
+ movdqa %xmm0, %xmm12
+ pcmpeqb %xmm2, %xmm10
+ psllq \$4, %xmm2 # 0x40...
+ movdqa %xmm1, %xmm13
+ pcmpeqb %xmm3, %xmm11
+ psllq \$4, %xmm3 # 0x80...
+
+ movdqa %xmm2, %xmm14
+ movdqa %xmm3, %xmm15
+ pxor %xmm5, %xmm8 # "pnot"
+ pxor %xmm5, %xmm9
+
+ pand %xmm6, %xmm12
+ pand %xmm6, %xmm13
+ movdqa %xmm8, 0x00($out) # write bit-sliced round key
+ pcmpeqb %xmm0, %xmm12
+ psrlq \$4, %xmm0 # 0x01...
+ movdqa %xmm9, 0x10($out)
+ pcmpeqb %xmm1, %xmm13
+ psrlq \$4, %xmm1 # 0x02...
+ lea 0x10($inp), $inp
+
+ pand %xmm6, %xmm14
+ pand %xmm6, %xmm15
+ movdqa %xmm10, 0x20($out)
+ pcmpeqb %xmm2, %xmm14
+ psrlq \$4, %xmm2 # 0x04...
+ movdqa %xmm11, 0x30($out)
+ pcmpeqb %xmm3, %xmm15
+ psrlq \$4, %xmm3 # 0x08...
+ movdqu ($inp), %xmm6 # load next round key
+
+ pxor %xmm5, %xmm13 # "pnot"
+ pxor %xmm5, %xmm14
+ movdqa %xmm12, 0x40($out)
+ movdqa %xmm13, 0x50($out)
+ movdqa %xmm14, 0x60($out)
+ movdqa %xmm15, 0x70($out)
+ lea 0x80($out),$out
+ dec $rounds
+ jnz .Lkey_loop
+
+ movdqa 0x50($const), %xmm7 # .L63
+ #movdqa %xmm6, ($out) # don't save last round key
+ ret
+.size _bsaes_key_convert,.-_bsaes_key_convert
+___
+}
+
+if (0 && !$win64) { # following four functions are unsupported interface
+ # used for benchmarking...
+$code.=<<___;
+.globl bsaes_enc_key_convert
+.type bsaes_enc_key_convert,\@function,2
+.align 16
+bsaes_enc_key_convert:
+ mov 240($inp),%r10d # pass rounds
+ mov $inp,%rcx # pass key
+ mov $out,%rax # pass key schedule
+ call _bsaes_key_convert
+ pxor %xmm6,%xmm7 # fix up last round key
+ movdqa %xmm7,(%rax) # save last round key
+ ret
+.size bsaes_enc_key_convert,.-bsaes_enc_key_convert
+
+.globl bsaes_encrypt_128
+.type bsaes_encrypt_128,\@function,4
+.align 16
+bsaes_encrypt_128:
+.Lenc128_loop:
+ movdqu 0x00($inp), @XMM[0] # load input
+ movdqu 0x10($inp), @XMM[1]
+ movdqu 0x20($inp), @XMM[2]
+ movdqu 0x30($inp), @XMM[3]
+ movdqu 0x40($inp), @XMM[4]
+ movdqu 0x50($inp), @XMM[5]
+ movdqu 0x60($inp), @XMM[6]
+ movdqu 0x70($inp), @XMM[7]
+ mov $key, %rax # pass the $key
+ lea 0x80($inp), $inp
+ mov \$10,%r10d
+
+ call _bsaes_encrypt8
+
+ movdqu @XMM[0], 0x00($out) # write output
+ movdqu @XMM[1], 0x10($out)
+ movdqu @XMM[4], 0x20($out)
+ movdqu @XMM[6], 0x30($out)
+ movdqu @XMM[3], 0x40($out)
+ movdqu @XMM[7], 0x50($out)
+ movdqu @XMM[2], 0x60($out)
+ movdqu @XMM[5], 0x70($out)
+ lea 0x80($out), $out
+ sub \$0x80,$len
+ ja .Lenc128_loop
+ ret
+.size bsaes_encrypt_128,.-bsaes_encrypt_128
+
+.globl bsaes_dec_key_convert
+.type bsaes_dec_key_convert,\@function,2
+.align 16
+bsaes_dec_key_convert:
+ mov 240($inp),%r10d # pass rounds
+ mov $inp,%rcx # pass key
+ mov $out,%rax # pass key schedule
+ call _bsaes_key_convert
+ pxor ($out),%xmm7 # fix up round 0 key
+ movdqa %xmm6,(%rax) # save last round key
+ movdqa %xmm7,($out)
+ ret
+.size bsaes_dec_key_convert,.-bsaes_dec_key_convert
+
+.globl bsaes_decrypt_128
+.type bsaes_decrypt_128,\@function,4
+.align 16
+bsaes_decrypt_128:
+.Ldec128_loop:
+ movdqu 0x00($inp), @XMM[0] # load input
+ movdqu 0x10($inp), @XMM[1]
+ movdqu 0x20($inp), @XMM[2]
+ movdqu 0x30($inp), @XMM[3]
+ movdqu 0x40($inp), @XMM[4]
+ movdqu 0x50($inp), @XMM[5]
+ movdqu 0x60($inp), @XMM[6]
+ movdqu 0x70($inp), @XMM[7]
+ mov $key, %rax # pass the $key
+ lea 0x80($inp), $inp
+ mov \$10,%r10d
+
+ call _bsaes_decrypt8
+
+ movdqu @XMM[0], 0x00($out) # write output
+ movdqu @XMM[1], 0x10($out)
+ movdqu @XMM[6], 0x20($out)
+ movdqu @XMM[4], 0x30($out)
+ movdqu @XMM[2], 0x40($out)
+ movdqu @XMM[7], 0x50($out)
+ movdqu @XMM[3], 0x60($out)
+ movdqu @XMM[5], 0x70($out)
+ lea 0x80($out), $out
+ sub \$0x80,$len
+ ja .Ldec128_loop
+ ret
+.size bsaes_decrypt_128,.-bsaes_decrypt_128
+___
+}
+{
+######################################################################
+#
+# OpenSSL interface
+#
+my ($arg1,$arg2,$arg3,$arg4,$arg5,$arg6)=$win64 ? ("%rcx","%rdx","%r8","%r9","%r10","%r11d")
+ : ("%rdi","%rsi","%rdx","%rcx","%r8","%r9d");
+my ($inp,$out,$len,$key)=("%r12","%r13","%r14","%r15");
+
+if ($ecb) {
+$code.=<<___;
+.globl bsaes_ecb_encrypt_blocks
+.type bsaes_ecb_encrypt_blocks,\@abi-omnipotent
+.align 16
+bsaes_ecb_encrypt_blocks:
+ mov %rsp, %rax
+.Lecb_enc_prologue:
+ push %rbp
+ push %rbx
+ push %r12
+ push %r13
+ push %r14
+ push %r15
+ lea -0x48(%rsp),%rsp
+___
+$code.=<<___ if ($win64);
+ lea -0xa0(%rsp), %rsp
+ movaps %xmm6, 0x40(%rsp)
+ movaps %xmm7, 0x50(%rsp)
+ movaps %xmm8, 0x60(%rsp)
+ movaps %xmm9, 0x70(%rsp)
+ movaps %xmm10, 0x80(%rsp)
+ movaps %xmm11, 0x90(%rsp)
+ movaps %xmm12, 0xa0(%rsp)
+ movaps %xmm13, 0xb0(%rsp)
+ movaps %xmm14, 0xc0(%rsp)
+ movaps %xmm15, 0xd0(%rsp)
+.Lecb_enc_body:
+___
+$code.=<<___;
+ mov %rsp,%rbp # backup %rsp
+ mov 240($arg4),%eax # rounds
+ mov $arg1,$inp # backup arguments
+ mov $arg2,$out
+ mov $arg3,$len
+ mov $arg4,$key
+ cmp \$8,$arg3
+ jb .Lecb_enc_short
+
+ mov %eax,%ebx # backup rounds
+ shl \$7,%rax # 128 bytes per inner round key
+ sub \$`128-32`,%rax # size of bit-sliced key schedule
+ sub %rax,%rsp
+ mov %rsp,%rax # pass key schedule
+ mov $key,%rcx # pass key
+ mov %ebx,%r10d # pass rounds
+ call _bsaes_key_convert
+ pxor %xmm6,%xmm7 # fix up last round key
+ movdqa %xmm7,(%rax) # save last round key
+
+ sub \$8,$len
+.Lecb_enc_loop:
+ movdqu 0x00($inp), @XMM[0] # load input
+ movdqu 0x10($inp), @XMM[1]
+ movdqu 0x20($inp), @XMM[2]
+ movdqu 0x30($inp), @XMM[3]
+ movdqu 0x40($inp), @XMM[4]
+ movdqu 0x50($inp), @XMM[5]
+ mov %rsp, %rax # pass key schedule
+ movdqu 0x60($inp), @XMM[6]
+ mov %ebx,%r10d # pass rounds
+ movdqu 0x70($inp), @XMM[7]
+ lea 0x80($inp), $inp
+
+ call _bsaes_encrypt8
+
+ movdqu @XMM[0], 0x00($out) # write output
+ movdqu @XMM[1], 0x10($out)
+ movdqu @XMM[4], 0x20($out)
+ movdqu @XMM[6], 0x30($out)
+ movdqu @XMM[3], 0x40($out)
+ movdqu @XMM[7], 0x50($out)
+ movdqu @XMM[2], 0x60($out)
+ movdqu @XMM[5], 0x70($out)
+ lea 0x80($out), $out
+ sub \$8,$len
+ jnc .Lecb_enc_loop
+
+ add \$8,$len
+ jz .Lecb_enc_done
+
+ movdqu 0x00($inp), @XMM[0] # load input
+ mov %rsp, %rax # pass key schedule
+ mov %ebx,%r10d # pass rounds
+ cmp \$2,$len
+ jb .Lecb_enc_one
+ movdqu 0x10($inp), @XMM[1]
+ je .Lecb_enc_two
+ movdqu 0x20($inp), @XMM[2]
+ cmp \$4,$len
+ jb .Lecb_enc_three
+ movdqu 0x30($inp), @XMM[3]
+ je .Lecb_enc_four
+ movdqu 0x40($inp), @XMM[4]
+ cmp \$6,$len
+ jb .Lecb_enc_five
+ movdqu 0x50($inp), @XMM[5]
+ je .Lecb_enc_six
+ movdqu 0x60($inp), @XMM[6]
+ call _bsaes_encrypt8
+ movdqu @XMM[0], 0x00($out) # write output
+ movdqu @XMM[1], 0x10($out)
+ movdqu @XMM[4], 0x20($out)
+ movdqu @XMM[6], 0x30($out)
+ movdqu @XMM[3], 0x40($out)
+ movdqu @XMM[7], 0x50($out)
+ movdqu @XMM[2], 0x60($out)
+ jmp .Lecb_enc_done
+.align 16
+.Lecb_enc_six:
+ call _bsaes_encrypt8
+ movdqu @XMM[0], 0x00($out) # write output
+ movdqu @XMM[1], 0x10($out)
+ movdqu @XMM[4], 0x20($out)
+ movdqu @XMM[6], 0x30($out)
+ movdqu @XMM[3], 0x40($out)
+ movdqu @XMM[7], 0x50($out)
+ jmp .Lecb_enc_done
+.align 16
+.Lecb_enc_five:
+ call _bsaes_encrypt8
+ movdqu @XMM[0], 0x00($out) # write output
+ movdqu @XMM[1], 0x10($out)
+ movdqu @XMM[4], 0x20($out)
+ movdqu @XMM[6], 0x30($out)
+ movdqu @XMM[3], 0x40($out)
+ jmp .Lecb_enc_done
+.align 16
+.Lecb_enc_four:
+ call _bsaes_encrypt8
+ movdqu @XMM[0], 0x00($out) # write output
+ movdqu @XMM[1], 0x10($out)
+ movdqu @XMM[4], 0x20($out)
+ movdqu @XMM[6], 0x30($out)
+ jmp .Lecb_enc_done
+.align 16
+.Lecb_enc_three:
+ call _bsaes_encrypt8
+ movdqu @XMM[0], 0x00($out) # write output
+ movdqu @XMM[1], 0x10($out)
+ movdqu @XMM[4], 0x20($out)
+ jmp .Lecb_enc_done
+.align 16
+.Lecb_enc_two:
+ call _bsaes_encrypt8
+ movdqu @XMM[0], 0x00($out) # write output
+ movdqu @XMM[1], 0x10($out)
+ jmp .Lecb_enc_done
+.align 16
+.Lecb_enc_one:
+ call _bsaes_encrypt8
+ movdqu @XMM[0], 0x00($out) # write output
+ jmp .Lecb_enc_done
+.align 16
+.Lecb_enc_short:
+ lea ($inp), $arg1
+ lea ($out), $arg2
+ lea ($key), $arg3
+ call asm_AES_encrypt
+ lea 16($inp), $inp
+ lea 16($out), $out
+ dec $len
+ jnz .Lecb_enc_short
+
+.Lecb_enc_done:
+ lea (%rsp),%rax
+ pxor %xmm0, %xmm0
+.Lecb_enc_bzero: # wipe key schedule [if any]
+ movdqa %xmm0, 0x00(%rax)
+ movdqa %xmm0, 0x10(%rax)
+ lea 0x20(%rax), %rax
+ cmp %rax, %rbp
+ jb .Lecb_enc_bzero
+
+ lea (%rbp),%rsp # restore %rsp
+___
+$code.=<<___ if ($win64);
+ movaps 0x40(%rbp), %xmm6
+ movaps 0x50(%rbp), %xmm7
+ movaps 0x60(%rbp), %xmm8
+ movaps 0x70(%rbp), %xmm9
+ movaps 0x80(%rbp), %xmm10
+ movaps 0x90(%rbp), %xmm11
+ movaps 0xa0(%rbp), %xmm12
+ movaps 0xb0(%rbp), %xmm13
+ movaps 0xc0(%rbp), %xmm14
+ movaps 0xd0(%rbp), %xmm15
+ lea 0xa0(%rbp), %rsp
+___
+$code.=<<___;
+ mov 0x48(%rsp), %r15
+ mov 0x50(%rsp), %r14
+ mov 0x58(%rsp), %r13
+ mov 0x60(%rsp), %r12
+ mov 0x68(%rsp), %rbx
+ mov 0x70(%rsp), %rax
+ lea 0x78(%rsp), %rsp
+ mov %rax, %rbp
+.Lecb_enc_epilogue:
+ ret
+.size bsaes_ecb_encrypt_blocks,.-bsaes_ecb_encrypt_blocks
+
+.globl bsaes_ecb_decrypt_blocks
+.type bsaes_ecb_decrypt_blocks,\@abi-omnipotent
+.align 16
+bsaes_ecb_decrypt_blocks:
+ mov %rsp, %rax
+.Lecb_dec_prologue:
+ push %rbp
+ push %rbx
+ push %r12
+ push %r13
+ push %r14
+ push %r15
+ lea -0x48(%rsp),%rsp
+___
+$code.=<<___ if ($win64);
+ lea -0xa0(%rsp), %rsp
+ movaps %xmm6, 0x40(%rsp)
+ movaps %xmm7, 0x50(%rsp)
+ movaps %xmm8, 0x60(%rsp)
+ movaps %xmm9, 0x70(%rsp)
+ movaps %xmm10, 0x80(%rsp)
+ movaps %xmm11, 0x90(%rsp)
+ movaps %xmm12, 0xa0(%rsp)
+ movaps %xmm13, 0xb0(%rsp)
+ movaps %xmm14, 0xc0(%rsp)
+ movaps %xmm15, 0xd0(%rsp)
+.Lecb_dec_body:
+___
+$code.=<<___;
+ mov %rsp,%rbp # backup %rsp
+ mov 240($arg4),%eax # rounds
+ mov $arg1,$inp # backup arguments
+ mov $arg2,$out
+ mov $arg3,$len
+ mov $arg4,$key
+ cmp \$8,$arg3
+ jb .Lecb_dec_short
+
+ mov %eax,%ebx # backup rounds
+ shl \$7,%rax # 128 bytes per inner round key
+ sub \$`128-32`,%rax # size of bit-sliced key schedule
+ sub %rax,%rsp
+ mov %rsp,%rax # pass key schedule
+ mov $key,%rcx # pass key
+ mov %ebx,%r10d # pass rounds
+ call _bsaes_key_convert
+ pxor (%rsp),%xmm7 # fix up 0 round key
+ movdqa %xmm6,(%rax) # save last round key
+ movdqa %xmm7,(%rsp)
+
+ sub \$8,$len
+.Lecb_dec_loop:
+ movdqu 0x00($inp), @XMM[0] # load input
+ movdqu 0x10($inp), @XMM[1]
+ movdqu 0x20($inp), @XMM[2]
+ movdqu 0x30($inp), @XMM[3]
+ movdqu 0x40($inp), @XMM[4]
+ movdqu 0x50($inp), @XMM[5]
+ mov %rsp, %rax # pass key schedule
+ movdqu 0x60($inp), @XMM[6]
+ mov %ebx,%r10d # pass rounds
+ movdqu 0x70($inp), @XMM[7]
+ lea 0x80($inp), $inp
+
+ call _bsaes_decrypt8
+
+ movdqu @XMM[0], 0x00($out) # write output
+ movdqu @XMM[1], 0x10($out)
+ movdqu @XMM[6], 0x20($out)
+ movdqu @XMM[4], 0x30($out)
+ movdqu @XMM[2], 0x40($out)
+ movdqu @XMM[7], 0x50($out)
+ movdqu @XMM[3], 0x60($out)
+ movdqu @XMM[5], 0x70($out)
+ lea 0x80($out), $out
+ sub \$8,$len
+ jnc .Lecb_dec_loop
+
+ add \$8,$len
+ jz .Lecb_dec_done
+
+ movdqu 0x00($inp), @XMM[0] # load input
+ mov %rsp, %rax # pass key schedule
+ mov %ebx,%r10d # pass rounds
+ cmp \$2,$len
+ jb .Lecb_dec_one
+ movdqu 0x10($inp), @XMM[1]
+ je .Lecb_dec_two
+ movdqu 0x20($inp), @XMM[2]
+ cmp \$4,$len
+ jb .Lecb_dec_three
+ movdqu 0x30($inp), @XMM[3]
+ je .Lecb_dec_four
+ movdqu 0x40($inp), @XMM[4]
+ cmp \$6,$len
+ jb .Lecb_dec_five
+ movdqu 0x50($inp), @XMM[5]
+ je .Lecb_dec_six
+ movdqu 0x60($inp), @XMM[6]
+ call _bsaes_decrypt8
+ movdqu @XMM[0], 0x00($out) # write output
+ movdqu @XMM[1], 0x10($out)
+ movdqu @XMM[6], 0x20($out)
+ movdqu @XMM[4], 0x30($out)
+ movdqu @XMM[2], 0x40($out)
+ movdqu @XMM[7], 0x50($out)
+ movdqu @XMM[3], 0x60($out)
+ jmp .Lecb_dec_done
+.align 16
+.Lecb_dec_six:
+ call _bsaes_decrypt8
+ movdqu @XMM[0], 0x00($out) # write output
+ movdqu @XMM[1], 0x10($out)
+ movdqu @XMM[6], 0x20($out)
+ movdqu @XMM[4], 0x30($out)
+ movdqu @XMM[2], 0x40($out)
+ movdqu @XMM[7], 0x50($out)
+ jmp .Lecb_dec_done
+.align 16
+.Lecb_dec_five:
+ call _bsaes_decrypt8
+ movdqu @XMM[0], 0x00($out) # write output
+ movdqu @XMM[1], 0x10($out)
+ movdqu @XMM[6], 0x20($out)
+ movdqu @XMM[4], 0x30($out)
+ movdqu @XMM[2], 0x40($out)
+ jmp .Lecb_dec_done
+.align 16
+.Lecb_dec_four:
+ call _bsaes_decrypt8
+ movdqu @XMM[0], 0x00($out) # write output
+ movdqu @XMM[1], 0x10($out)
+ movdqu @XMM[6], 0x20($out)
+ movdqu @XMM[4], 0x30($out)
+ jmp .Lecb_dec_done
+.align 16
+.Lecb_dec_three:
+ call _bsaes_decrypt8
+ movdqu @XMM[0], 0x00($out) # write output
+ movdqu @XMM[1], 0x10($out)
+ movdqu @XMM[6], 0x20($out)
+ jmp .Lecb_dec_done
+.align 16
+.Lecb_dec_two:
+ call _bsaes_decrypt8
+ movdqu @XMM[0], 0x00($out) # write output
+ movdqu @XMM[1], 0x10($out)
+ jmp .Lecb_dec_done
+.align 16
+.Lecb_dec_one:
+ call _bsaes_decrypt8
+ movdqu @XMM[0], 0x00($out) # write output
+ jmp .Lecb_dec_done
+.align 16
+.Lecb_dec_short:
+ lea ($inp), $arg1
+ lea ($out), $arg2
+ lea ($key), $arg3
+ call asm_AES_decrypt
+ lea 16($inp), $inp
+ lea 16($out), $out
+ dec $len
+ jnz .Lecb_dec_short
+
+.Lecb_dec_done:
+ lea (%rsp),%rax
+ pxor %xmm0, %xmm0
+.Lecb_dec_bzero: # wipe key schedule [if any]
+ movdqa %xmm0, 0x00(%rax)
+ movdqa %xmm0, 0x10(%rax)
+ lea 0x20(%rax), %rax
+ cmp %rax, %rbp
+ jb .Lecb_dec_bzero
+
+ lea (%rbp),%rsp # restore %rsp
+___
+$code.=<<___ if ($win64);
+ movaps 0x40(%rbp), %xmm6
+ movaps 0x50(%rbp), %xmm7
+ movaps 0x60(%rbp), %xmm8
+ movaps 0x70(%rbp), %xmm9
+ movaps 0x80(%rbp), %xmm10
+ movaps 0x90(%rbp), %xmm11
+ movaps 0xa0(%rbp), %xmm12
+ movaps 0xb0(%rbp), %xmm13
+ movaps 0xc0(%rbp), %xmm14
+ movaps 0xd0(%rbp), %xmm15
+ lea 0xa0(%rbp), %rsp
+___
+$code.=<<___;
+ mov 0x48(%rsp), %r15
+ mov 0x50(%rsp), %r14
+ mov 0x58(%rsp), %r13
+ mov 0x60(%rsp), %r12
+ mov 0x68(%rsp), %rbx
+ mov 0x70(%rsp), %rax
+ lea 0x78(%rsp), %rsp
+ mov %rax, %rbp
+.Lecb_dec_epilogue:
+ ret
+.size bsaes_ecb_decrypt_blocks,.-bsaes_ecb_decrypt_blocks
+___
+}
+$code.=<<___;
+.extern asm_AES_cbc_encrypt
+.globl bsaes_cbc_encrypt
+.type bsaes_cbc_encrypt,\@abi-omnipotent
+.align 16
+bsaes_cbc_encrypt:
+___
+$code.=<<___ if ($win64);
+ mov 48(%rsp),$arg6 # pull direction flag
+___
+$code.=<<___;
+ cmp \$0,$arg6
+ jne asm_AES_cbc_encrypt
+ cmp \$128,$arg3
+ jb asm_AES_cbc_encrypt
+
+ mov %rsp, %rax
+.Lcbc_dec_prologue:
+ push %rbp
+ push %rbx
+ push %r12
+ push %r13
+ push %r14
+ push %r15
+ lea -0x48(%rsp), %rsp
+___
+$code.=<<___ if ($win64);
+ mov 0xa0(%rsp),$arg5 # pull ivp
+ lea -0xa0(%rsp), %rsp
+ movaps %xmm6, 0x40(%rsp)
+ movaps %xmm7, 0x50(%rsp)
+ movaps %xmm8, 0x60(%rsp)
+ movaps %xmm9, 0x70(%rsp)
+ movaps %xmm10, 0x80(%rsp)
+ movaps %xmm11, 0x90(%rsp)
+ movaps %xmm12, 0xa0(%rsp)
+ movaps %xmm13, 0xb0(%rsp)
+ movaps %xmm14, 0xc0(%rsp)
+ movaps %xmm15, 0xd0(%rsp)
+.Lcbc_dec_body:
+___
+$code.=<<___;
+ mov %rsp, %rbp # backup %rsp
+ mov 240($arg4), %eax # rounds
+ mov $arg1, $inp # backup arguments
+ mov $arg2, $out
+ mov $arg3, $len
+ mov $arg4, $key
+ mov $arg5, %rbx
+ shr \$4, $len # bytes to blocks
+
+ mov %eax, %edx # rounds
+ shl \$7, %rax # 128 bytes per inner round key
+ sub \$`128-32`, %rax # size of bit-sliced key schedule
+ sub %rax, %rsp
+
+ mov %rsp, %rax # pass key schedule
+ mov $key, %rcx # pass key
+ mov %edx, %r10d # pass rounds
+ call _bsaes_key_convert
+ pxor (%rsp),%xmm7 # fix up 0 round key
+ movdqa %xmm6,(%rax) # save last round key
+ movdqa %xmm7,(%rsp)
+
+ movdqu (%rbx), @XMM[15] # load IV
+ sub \$8,$len
+.Lcbc_dec_loop:
+ movdqu 0x00($inp), @XMM[0] # load input
+ movdqu 0x10($inp), @XMM[1]
+ movdqu 0x20($inp), @XMM[2]
+ movdqu 0x30($inp), @XMM[3]
+ movdqu 0x40($inp), @XMM[4]
+ movdqu 0x50($inp), @XMM[5]
+ mov %rsp, %rax # pass key schedule
+ movdqu 0x60($inp), @XMM[6]
+ mov %edx,%r10d # pass rounds
+ movdqu 0x70($inp), @XMM[7]
+ movdqa @XMM[15], 0x20(%rbp) # put aside IV
+
+ call _bsaes_decrypt8
+
+ pxor 0x20(%rbp), @XMM[0] # ^= IV
+ movdqu 0x00($inp), @XMM[8] # re-load input
+ movdqu 0x10($inp), @XMM[9]
+ pxor @XMM[8], @XMM[1]
+ movdqu 0x20($inp), @XMM[10]
+ pxor @XMM[9], @XMM[6]
+ movdqu 0x30($inp), @XMM[11]
+ pxor @XMM[10], @XMM[4]
+ movdqu 0x40($inp), @XMM[12]
+ pxor @XMM[11], @XMM[2]
+ movdqu 0x50($inp), @XMM[13]
+ pxor @XMM[12], @XMM[7]
+ movdqu 0x60($inp), @XMM[14]
+ pxor @XMM[13], @XMM[3]
+ movdqu 0x70($inp), @XMM[15] # IV
+ pxor @XMM[14], @XMM[5]
+ movdqu @XMM[0], 0x00($out) # write output
+ lea 0x80($inp), $inp
+ movdqu @XMM[1], 0x10($out)
+ movdqu @XMM[6], 0x20($out)
+ movdqu @XMM[4], 0x30($out)
+ movdqu @XMM[2], 0x40($out)
+ movdqu @XMM[7], 0x50($out)
+ movdqu @XMM[3], 0x60($out)
+ movdqu @XMM[5], 0x70($out)
+ lea 0x80($out), $out
+ sub \$8,$len
+ jnc .Lcbc_dec_loop
+
+ add \$8,$len
+ jz .Lcbc_dec_done
+
+ movdqu 0x00($inp), @XMM[0] # load input
+ mov %rsp, %rax # pass key schedule
+ mov %edx, %r10d # pass rounds
+ cmp \$2,$len
+ jb .Lcbc_dec_one
+ movdqu 0x10($inp), @XMM[1]
+ je .Lcbc_dec_two
+ movdqu 0x20($inp), @XMM[2]
+ cmp \$4,$len
+ jb .Lcbc_dec_three
+ movdqu 0x30($inp), @XMM[3]
+ je .Lcbc_dec_four
+ movdqu 0x40($inp), @XMM[4]
+ cmp \$6,$len
+ jb .Lcbc_dec_five
+ movdqu 0x50($inp), @XMM[5]
+ je .Lcbc_dec_six
+ movdqu 0x60($inp), @XMM[6]
+ movdqa @XMM[15], 0x20(%rbp) # put aside IV
+ call _bsaes_decrypt8
+ pxor 0x20(%rbp), @XMM[0] # ^= IV
+ movdqu 0x00($inp), @XMM[8] # re-load input
+ movdqu 0x10($inp), @XMM[9]
+ pxor @XMM[8], @XMM[1]
+ movdqu 0x20($inp), @XMM[10]
+ pxor @XMM[9], @XMM[6]
+ movdqu 0x30($inp), @XMM[11]
+ pxor @XMM[10], @XMM[4]
+ movdqu 0x40($inp), @XMM[12]
+ pxor @XMM[11], @XMM[2]
+ movdqu 0x50($inp), @XMM[13]
+ pxor @XMM[12], @XMM[7]
+ movdqu 0x60($inp), @XMM[15] # IV
+ pxor @XMM[13], @XMM[3]
+ movdqu @XMM[0], 0x00($out) # write output
+ movdqu @XMM[1], 0x10($out)
+ movdqu @XMM[6], 0x20($out)
+ movdqu @XMM[4], 0x30($out)
+ movdqu @XMM[2], 0x40($out)
+ movdqu @XMM[7], 0x50($out)
+ movdqu @XMM[3], 0x60($out)
+ jmp .Lcbc_dec_done
+.align 16
+.Lcbc_dec_six:
+ movdqa @XMM[15], 0x20(%rbp) # put aside IV
+ call _bsaes_decrypt8
+ pxor 0x20(%rbp), @XMM[0] # ^= IV
+ movdqu 0x00($inp), @XMM[8] # re-load input
+ movdqu 0x10($inp), @XMM[9]
+ pxor @XMM[8], @XMM[1]
+ movdqu 0x20($inp), @XMM[10]
+ pxor @XMM[9], @XMM[6]
+ movdqu 0x30($inp), @XMM[11]
+ pxor @XMM[10], @XMM[4]
+ movdqu 0x40($inp), @XMM[12]
+ pxor @XMM[11], @XMM[2]
+ movdqu 0x50($inp), @XMM[15] # IV
+ pxor @XMM[12], @XMM[7]
+ movdqu @XMM[0], 0x00($out) # write output
+ movdqu @XMM[1], 0x10($out)
+ movdqu @XMM[6], 0x20($out)
+ movdqu @XMM[4], 0x30($out)
+ movdqu @XMM[2], 0x40($out)
+ movdqu @XMM[7], 0x50($out)
+ jmp .Lcbc_dec_done
+.align 16
+.Lcbc_dec_five:
+ movdqa @XMM[15], 0x20(%rbp) # put aside IV
+ call _bsaes_decrypt8
+ pxor 0x20(%rbp), @XMM[0] # ^= IV
+ movdqu 0x00($inp), @XMM[8] # re-load input
+ movdqu 0x10($inp), @XMM[9]
+ pxor @XMM[8], @XMM[1]
+ movdqu 0x20($inp), @XMM[10]
+ pxor @XMM[9], @XMM[6]
+ movdqu 0x30($inp), @XMM[11]
+ pxor @XMM[10], @XMM[4]
+ movdqu 0x40($inp), @XMM[15] # IV
+ pxor @XMM[11], @XMM[2]
+ movdqu @XMM[0], 0x00($out) # write output
+ movdqu @XMM[1], 0x10($out)
+ movdqu @XMM[6], 0x20($out)
+ movdqu @XMM[4], 0x30($out)
+ movdqu @XMM[2], 0x40($out)
+ jmp .Lcbc_dec_done
+.align 16
+.Lcbc_dec_four:
+ movdqa @XMM[15], 0x20(%rbp) # put aside IV
+ call _bsaes_decrypt8
+ pxor 0x20(%rbp), @XMM[0] # ^= IV
+ movdqu 0x00($inp), @XMM[8] # re-load input
+ movdqu 0x10($inp), @XMM[9]
+ pxor @XMM[8], @XMM[1]
+ movdqu 0x20($inp), @XMM[10]
+ pxor @XMM[9], @XMM[6]
+ movdqu 0x30($inp), @XMM[15] # IV
+ pxor @XMM[10], @XMM[4]
+ movdqu @XMM[0], 0x00($out) # write output
+ movdqu @XMM[1], 0x10($out)
+ movdqu @XMM[6], 0x20($out)
+ movdqu @XMM[4], 0x30($out)
+ jmp .Lcbc_dec_done
+.align 16
+.Lcbc_dec_three:
+ movdqa @XMM[15], 0x20(%rbp) # put aside IV
+ call _bsaes_decrypt8
+ pxor 0x20(%rbp), @XMM[0] # ^= IV
+ movdqu 0x00($inp), @XMM[8] # re-load input
+ movdqu 0x10($inp), @XMM[9]
+ pxor @XMM[8], @XMM[1]
+ movdqu 0x20($inp), @XMM[15] # IV
+ pxor @XMM[9], @XMM[6]
+ movdqu @XMM[0], 0x00($out) # write output
+ movdqu @XMM[1], 0x10($out)
+ movdqu @XMM[6], 0x20($out)
+ jmp .Lcbc_dec_done
+.align 16
+.Lcbc_dec_two:
+ movdqa @XMM[15], 0x20(%rbp) # put aside IV
+ call _bsaes_decrypt8
+ pxor 0x20(%rbp), @XMM[0] # ^= IV
+ movdqu 0x00($inp), @XMM[8] # re-load input
+ movdqu 0x10($inp), @XMM[15] # IV
+ pxor @XMM[8], @XMM[1]
+ movdqu @XMM[0], 0x00($out) # write output
+ movdqu @XMM[1], 0x10($out)
+ jmp .Lcbc_dec_done
+.align 16
+.Lcbc_dec_one:
+ lea ($inp), $arg1
+ lea 0x20(%rbp), $arg2 # buffer output
+ lea ($key), $arg3
+ call asm_AES_decrypt # doesn't touch %xmm
+ pxor 0x20(%rbp), @XMM[15] # ^= IV
+ movdqu @XMM[15], ($out) # write output
+ movdqa @XMM[0], @XMM[15] # IV
+
+.Lcbc_dec_done:
+ movdqu @XMM[15], (%rbx) # return IV
+ lea (%rsp), %rax
+ pxor %xmm0, %xmm0
+.Lcbc_dec_bzero: # wipe key schedule [if any]
+ movdqa %xmm0, 0x00(%rax)
+ movdqa %xmm0, 0x10(%rax)
+ lea 0x20(%rax), %rax
+ cmp %rax, %rbp
+ ja .Lcbc_dec_bzero
+
+ lea (%rbp),%rsp # restore %rsp
+___
+$code.=<<___ if ($win64);
+ movaps 0x40(%rbp), %xmm6
+ movaps 0x50(%rbp), %xmm7
+ movaps 0x60(%rbp), %xmm8
+ movaps 0x70(%rbp), %xmm9
+ movaps 0x80(%rbp), %xmm10
+ movaps 0x90(%rbp), %xmm11
+ movaps 0xa0(%rbp), %xmm12
+ movaps 0xb0(%rbp), %xmm13
+ movaps 0xc0(%rbp), %xmm14
+ movaps 0xd0(%rbp), %xmm15
+ lea 0xa0(%rbp), %rsp
+___
+$code.=<<___;
+ mov 0x48(%rsp), %r15
+ mov 0x50(%rsp), %r14
+ mov 0x58(%rsp), %r13
+ mov 0x60(%rsp), %r12
+ mov 0x68(%rsp), %rbx
+ mov 0x70(%rsp), %rax
+ lea 0x78(%rsp), %rsp
+ mov %rax, %rbp
+.Lcbc_dec_epilogue:
+ ret
+.size bsaes_cbc_encrypt,.-bsaes_cbc_encrypt
+
+.globl bsaes_ctr32_encrypt_blocks
+.type bsaes_ctr32_encrypt_blocks,\@abi-omnipotent
+.align 16
+bsaes_ctr32_encrypt_blocks:
+ mov %rsp, %rax
+.Lctr_enc_prologue:
+ push %rbp
+ push %rbx
+ push %r12
+ push %r13
+ push %r14
+ push %r15
+ lea -0x48(%rsp), %rsp
+___
+$code.=<<___ if ($win64);
+ mov 0xa0(%rsp),$arg5 # pull ivp
+ lea -0xa0(%rsp), %rsp
+ movaps %xmm6, 0x40(%rsp)
+ movaps %xmm7, 0x50(%rsp)
+ movaps %xmm8, 0x60(%rsp)
+ movaps %xmm9, 0x70(%rsp)
+ movaps %xmm10, 0x80(%rsp)
+ movaps %xmm11, 0x90(%rsp)
+ movaps %xmm12, 0xa0(%rsp)
+ movaps %xmm13, 0xb0(%rsp)
+ movaps %xmm14, 0xc0(%rsp)
+ movaps %xmm15, 0xd0(%rsp)
+.Lctr_enc_body:
+___
+$code.=<<___;
+ mov %rsp, %rbp # backup %rsp
+ movdqu ($arg5), %xmm0 # load counter
+ mov 240($arg4), %eax # rounds
+ mov $arg1, $inp # backup arguments
+ mov $arg2, $out
+ mov $arg3, $len
+ mov $arg4, $key
+ movdqa %xmm0, 0x20(%rbp) # copy counter
+ cmp \$8, $arg3
+ jb .Lctr_enc_short
+
+ mov %eax, %ebx # rounds
+ shl \$7, %rax # 128 bytes per inner round key
+ sub \$`128-32`, %rax # size of bit-sliced key schedule
+ sub %rax, %rsp
+
+ mov %rsp, %rax # pass key schedule
+ mov $key, %rcx # pass key
+ mov %ebx, %r10d # pass rounds
+ call _bsaes_key_convert
+ pxor %xmm6,%xmm7 # fix up last round key
+ movdqa %xmm7,(%rax) # save last round key
+
+ movdqa (%rsp), @XMM[9] # load round0 key
+ lea .LADD1(%rip), %r11
+ movdqa 0x20(%rbp), @XMM[0] # counter copy
+ movdqa -0x20(%r11), @XMM[8] # .LSWPUP
+ pshufb @XMM[8], @XMM[9] # byte swap upper part
+ pshufb @XMM[8], @XMM[0]
+ movdqa @XMM[9], (%rsp) # save adjusted round0 key
+ jmp .Lctr_enc_loop
+.align 16
+.Lctr_enc_loop:
+ movdqa @XMM[0], 0x20(%rbp) # save counter
+ movdqa @XMM[0], @XMM[1] # prepare 8 counter values
+ movdqa @XMM[0], @XMM[2]
+ paddd 0x00(%r11), @XMM[1] # .LADD1
+ movdqa @XMM[0], @XMM[3]
+ paddd 0x10(%r11), @XMM[2] # .LADD2
+ movdqa @XMM[0], @XMM[4]
+ paddd 0x20(%r11), @XMM[3] # .LADD3
+ movdqa @XMM[0], @XMM[5]
+ paddd 0x30(%r11), @XMM[4] # .LADD4
+ movdqa @XMM[0], @XMM[6]
+ paddd 0x40(%r11), @XMM[5] # .LADD5
+ movdqa @XMM[0], @XMM[7]
+ paddd 0x50(%r11), @XMM[6] # .LADD6
+ paddd 0x60(%r11), @XMM[7] # .LADD7
+
+ # Borrow prologue from _bsaes_encrypt8 to use the opportunity
+ # to flip byte order in 32-bit counter
+ movdqa (%rsp), @XMM[9] # round 0 key
+ lea 0x10(%rsp), %rax # pass key schedule
+ movdqa -0x10(%r11), @XMM[8] # .LSWPUPM0SR
+ pxor @XMM[9], @XMM[0] # xor with round0 key
+ pxor @XMM[9], @XMM[1]
+ pshufb @XMM[8], @XMM[0]
+ pxor @XMM[9], @XMM[2]
+ pshufb @XMM[8], @XMM[1]
+ pxor @XMM[9], @XMM[3]
+ pshufb @XMM[8], @XMM[2]
+ pxor @XMM[9], @XMM[4]
+ pshufb @XMM[8], @XMM[3]
+ pxor @XMM[9], @XMM[5]
+ pshufb @XMM[8], @XMM[4]
+ pxor @XMM[9], @XMM[6]
+ pshufb @XMM[8], @XMM[5]
+ pxor @XMM[9], @XMM[7]
+ pshufb @XMM[8], @XMM[6]
+ lea .LBS0(%rip), %r11 # constants table
+ pshufb @XMM[8], @XMM[7]
+ mov %ebx,%r10d # pass rounds
+
+ call _bsaes_encrypt8_bitslice
+
+ sub \$8,$len
+ jc .Lctr_enc_loop_done
+
+ movdqu 0x00($inp), @XMM[8] # load input
+ movdqu 0x10($inp), @XMM[9]
+ movdqu 0x20($inp), @XMM[10]
+ movdqu 0x30($inp), @XMM[11]
+ movdqu 0x40($inp), @XMM[12]
+ movdqu 0x50($inp), @XMM[13]
+ movdqu 0x60($inp), @XMM[14]
+ movdqu 0x70($inp), @XMM[15]
+ lea 0x80($inp),$inp
+ pxor @XMM[0], @XMM[8]
+ movdqa 0x20(%rbp), @XMM[0] # load counter
+ pxor @XMM[9], @XMM[1]
+ movdqu @XMM[8], 0x00($out) # write output
+ pxor @XMM[10], @XMM[4]
+ movdqu @XMM[1], 0x10($out)
+ pxor @XMM[11], @XMM[6]
+ movdqu @XMM[4], 0x20($out)
+ pxor @XMM[12], @XMM[3]
+ movdqu @XMM[6], 0x30($out)
+ pxor @XMM[13], @XMM[7]
+ movdqu @XMM[3], 0x40($out)
+ pxor @XMM[14], @XMM[2]
+ movdqu @XMM[7], 0x50($out)
+ pxor @XMM[15], @XMM[5]
+ movdqu @XMM[2], 0x60($out)
+ lea .LADD1(%rip), %r11
+ movdqu @XMM[5], 0x70($out)
+ lea 0x80($out), $out
+ paddd 0x70(%r11), @XMM[0] # .LADD8
+ jnz .Lctr_enc_loop
+
+ jmp .Lctr_enc_done
+.align 16
+.Lctr_enc_loop_done:
+ add \$8, $len
+ movdqu 0x00($inp), @XMM[8] # load input
+ pxor @XMM[8], @XMM[0]
+ movdqu @XMM[0], 0x00($out) # write output
+ cmp \$2,$len
+ jb .Lctr_enc_done
+ movdqu 0x10($inp), @XMM[9]
+ pxor @XMM[9], @XMM[1]
+ movdqu @XMM[1], 0x10($out)
+ je .Lctr_enc_done
+ movdqu 0x20($inp), @XMM[10]
+ pxor @XMM[10], @XMM[4]
+ movdqu @XMM[4], 0x20($out)
+ cmp \$4,$len
+ jb .Lctr_enc_done
+ movdqu 0x30($inp), @XMM[11]
+ pxor @XMM[11], @XMM[6]
+ movdqu @XMM[6], 0x30($out)
+ je .Lctr_enc_done
+ movdqu 0x40($inp), @XMM[12]
+ pxor @XMM[12], @XMM[3]
+ movdqu @XMM[3], 0x40($out)
+ cmp \$6,$len
+ jb .Lctr_enc_done
+ movdqu 0x50($inp), @XMM[13]
+ pxor @XMM[13], @XMM[7]
+ movdqu @XMM[7], 0x50($out)
+ je .Lctr_enc_done
+ movdqu 0x60($inp), @XMM[14]
+ pxor @XMM[14], @XMM[2]
+ movdqu @XMM[2], 0x60($out)
+ jmp .Lctr_enc_done
+
+.align 16
+.Lctr_enc_short:
+ lea 0x20(%rbp), $arg1
+ lea 0x30(%rbp), $arg2
+ lea ($key), $arg3
+ call asm_AES_encrypt
+ movdqu ($inp), @XMM[1]
+ lea 16($inp), $inp
+ mov 0x2c(%rbp), %eax # load 32-bit counter
+ bswap %eax
+ pxor 0x30(%rbp), @XMM[1]
+ inc %eax # increment
+ movdqu @XMM[1], ($out)
+ bswap %eax
+ lea 16($out), $out
+ mov %eax, 0x2c(%rsp) # save 32-bit counter
+ dec $len
+ jnz .Lctr_enc_short
+
+.Lctr_enc_done:
+ lea (%rsp), %rax
+ pxor %xmm0, %xmm0
+.Lctr_enc_bzero: # wipe key schedule [if any]
+ movdqa %xmm0, 0x00(%rax)
+ movdqa %xmm0, 0x10(%rax)
+ lea 0x20(%rax), %rax
+ cmp %rax, %rbp
+ ja .Lctr_enc_bzero
+
+ lea (%rbp),%rsp # restore %rsp
+___
+$code.=<<___ if ($win64);
+ movaps 0x40(%rbp), %xmm6
+ movaps 0x50(%rbp), %xmm7
+ movaps 0x60(%rbp), %xmm8
+ movaps 0x70(%rbp), %xmm9
+ movaps 0x80(%rbp), %xmm10
+ movaps 0x90(%rbp), %xmm11
+ movaps 0xa0(%rbp), %xmm12
+ movaps 0xb0(%rbp), %xmm13
+ movaps 0xc0(%rbp), %xmm14
+ movaps 0xd0(%rbp), %xmm15
+ lea 0xa0(%rbp), %rsp
+___
+$code.=<<___;
+ mov 0x48(%rsp), %r15
+ mov 0x50(%rsp), %r14
+ mov 0x58(%rsp), %r13
+ mov 0x60(%rsp), %r12
+ mov 0x68(%rsp), %rbx
+ mov 0x70(%rsp), %rax
+ lea 0x78(%rsp), %rsp
+ mov %rax, %rbp
+.Lctr_enc_epilogue:
+ ret
+.size bsaes_ctr32_encrypt_blocks,.-bsaes_ctr32_encrypt_blocks
+___
+######################################################################
+# void bsaes_xts_[en|de]crypt(const char *inp,char *out,size_t len,
+# const AES_KEY *key1, const AES_KEY *key2,
+# const unsigned char iv[16]);
+#
+my ($twmask,$twres,$twtmp)=@XMM[13..15];
+$arg6=~s/d$//;
+
+$code.=<<___;
+.globl bsaes_xts_encrypt
+.type bsaes_xts_encrypt,\@abi-omnipotent
+.align 16
+bsaes_xts_encrypt:
+ mov %rsp, %rax
+.Lxts_enc_prologue:
+ push %rbp
+ push %rbx
+ push %r12
+ push %r13
+ push %r14
+ push %r15
+ lea -0x48(%rsp), %rsp
+___
+$code.=<<___ if ($win64);
+ mov 0xa0(%rsp),$arg5 # pull key2
+ mov 0xa8(%rsp),$arg6 # pull ivp
+ lea -0xa0(%rsp), %rsp
+ movaps %xmm6, 0x40(%rsp)
+ movaps %xmm7, 0x50(%rsp)
+ movaps %xmm8, 0x60(%rsp)
+ movaps %xmm9, 0x70(%rsp)
+ movaps %xmm10, 0x80(%rsp)
+ movaps %xmm11, 0x90(%rsp)
+ movaps %xmm12, 0xa0(%rsp)
+ movaps %xmm13, 0xb0(%rsp)
+ movaps %xmm14, 0xc0(%rsp)
+ movaps %xmm15, 0xd0(%rsp)
+.Lxts_enc_body:
+___
+$code.=<<___;
+ mov %rsp, %rbp # backup %rsp
+ mov $arg1, $inp # backup arguments
+ mov $arg2, $out
+ mov $arg3, $len
+ mov $arg4, $key
+
+ lea ($arg6), $arg1
+ lea 0x20(%rbp), $arg2
+ lea ($arg5), $arg3
+ call asm_AES_encrypt # generate initial tweak
+
+ mov 240($key), %eax # rounds
+ mov $len, %rbx # backup $len
+
+ mov %eax, %edx # rounds
+ shl \$7, %rax # 128 bytes per inner round key
+ sub \$`128-32`, %rax # size of bit-sliced key schedule
+ sub %rax, %rsp
+
+ mov %rsp, %rax # pass key schedule
+ mov $key, %rcx # pass key
+ mov %edx, %r10d # pass rounds
+ call _bsaes_key_convert
+ pxor %xmm6, %xmm7 # fix up last round key
+ movdqa %xmm7, (%rax) # save last round key
+
+ and \$-16, $len
+ sub \$0x80, %rsp # place for tweak[8]
+ movdqa 0x20(%rbp), @XMM[7] # initial tweak
+
+ pxor $twtmp, $twtmp
+ movdqa .Lxts_magic(%rip), $twmask
+ pcmpgtd @XMM[7], $twtmp # broadcast upper bits
+
+ sub \$0x80, $len
+ jc .Lxts_enc_short
+ jmp .Lxts_enc_loop
+
+.align 16
+.Lxts_enc_loop:
+___
+ for ($i=0;$i<7;$i++) {
+ $code.=<<___;
+ pshufd \$0x13, $twtmp, $twres
+ pxor $twtmp, $twtmp
+ movdqa @XMM[7], @XMM[$i]
+ movdqa @XMM[7], `0x10*$i`(%rsp)# save tweak[$i]
+ paddq @XMM[7], @XMM[7] # psllq 1,$tweak
+ pand $twmask, $twres # isolate carry and residue
+ pcmpgtd @XMM[7], $twtmp # broadcast upper bits
+ pxor $twres, @XMM[7]
+___
+ $code.=<<___ if ($i>=1);
+ movdqu `0x10*($i-1)`($inp), @XMM[8+$i-1]
+___
+ $code.=<<___ if ($i>=2);
+ pxor @XMM[8+$i-2], @XMM[$i-2]# input[] ^ tweak[]
+___
+ }
+$code.=<<___;
+ movdqu 0x60($inp), @XMM[8+6]
+ pxor @XMM[8+5], @XMM[5]
+ movdqu 0x70($inp), @XMM[8+7]
+ lea 0x80($inp), $inp
+ movdqa @XMM[7], 0x70(%rsp)
+ pxor @XMM[8+6], @XMM[6]
+ lea 0x80(%rsp), %rax # pass key schedule
+ pxor @XMM[8+7], @XMM[7]
+ mov %edx, %r10d # pass rounds
+
+ call _bsaes_encrypt8
+
+ pxor 0x00(%rsp), @XMM[0] # ^= tweak[]
+ pxor 0x10(%rsp), @XMM[1]
+ movdqu @XMM[0], 0x00($out) # write output
+ pxor 0x20(%rsp), @XMM[4]
+ movdqu @XMM[1], 0x10($out)
+ pxor 0x30(%rsp), @XMM[6]
+ movdqu @XMM[4], 0x20($out)
+ pxor 0x40(%rsp), @XMM[3]
+ movdqu @XMM[6], 0x30($out)
+ pxor 0x50(%rsp), @XMM[7]
+ movdqu @XMM[3], 0x40($out)
+ pxor 0x60(%rsp), @XMM[2]
+ movdqu @XMM[7], 0x50($out)
+ pxor 0x70(%rsp), @XMM[5]
+ movdqu @XMM[2], 0x60($out)
+ movdqu @XMM[5], 0x70($out)
+ lea 0x80($out), $out
+
+ movdqa 0x70(%rsp), @XMM[7] # prepare next iteration tweak
+ pxor $twtmp, $twtmp
+ movdqa .Lxts_magic(%rip), $twmask
+ pcmpgtd @XMM[7], $twtmp
+ pshufd \$0x13, $twtmp, $twres
+ pxor $twtmp, $twtmp
+ paddq @XMM[7], @XMM[7] # psllq 1,$tweak
+ pand $twmask, $twres # isolate carry and residue
+ pcmpgtd @XMM[7], $twtmp # broadcast upper bits
+ pxor $twres, @XMM[7]
+
+ sub \$0x80,$len
+ jnc .Lxts_enc_loop
+
+.Lxts_enc_short:
+ add \$0x80, $len
+ jz .Lxts_enc_done
+___
+ for ($i=0;$i<7;$i++) {
+ $code.=<<___;
+ pshufd \$0x13, $twtmp, $twres
+ pxor $twtmp, $twtmp
+ movdqa @XMM[7], @XMM[$i]
+ movdqa @XMM[7], `0x10*$i`(%rsp)# save tweak[$i]
+ paddq @XMM[7], @XMM[7] # psllq 1,$tweak
+ pand $twmask, $twres # isolate carry and residue
+ pcmpgtd @XMM[7], $twtmp # broadcast upper bits
+ pxor $twres, @XMM[7]
+___
+ $code.=<<___ if ($i>=1);
+ movdqu `0x10*($i-1)`($inp), @XMM[8+$i-1]
+ cmp \$`0x10*$i`,$len
+ je .Lxts_enc_$i
+___
+ $code.=<<___ if ($i>=2);
+ pxor @XMM[8+$i-2], @XMM[$i-2]# input[] ^ tweak[]
+___
+ }
+$code.=<<___;
+ movdqu 0x60($inp), @XMM[8+6]
+ pxor @XMM[8+5], @XMM[5]
+ movdqa @XMM[7], 0x70(%rsp)
+ lea 0x70($inp), $inp
+ pxor @XMM[8+6], @XMM[6]
+ lea 0x80(%rsp), %rax # pass key schedule
+ mov %edx, %r10d # pass rounds
+
+ call _bsaes_encrypt8
+
+ pxor 0x00(%rsp), @XMM[0] # ^= tweak[]
+ pxor 0x10(%rsp), @XMM[1]
+ movdqu @XMM[0], 0x00($out) # write output
+ pxor 0x20(%rsp), @XMM[4]
+ movdqu @XMM[1], 0x10($out)
+ pxor 0x30(%rsp), @XMM[6]
+ movdqu @XMM[4], 0x20($out)
+ pxor 0x40(%rsp), @XMM[3]
+ movdqu @XMM[6], 0x30($out)
+ pxor 0x50(%rsp), @XMM[7]
+ movdqu @XMM[3], 0x40($out)
+ pxor 0x60(%rsp), @XMM[2]
+ movdqu @XMM[7], 0x50($out)
+ movdqu @XMM[2], 0x60($out)
+ lea 0x70($out), $out
+
+ movdqa 0x70(%rsp), @XMM[7] # next iteration tweak
+ jmp .Lxts_enc_done
+.align 16
+.Lxts_enc_6:
+ pxor @XMM[8+4], @XMM[4]
+ lea 0x60($inp), $inp
+ pxor @XMM[8+5], @XMM[5]
+ lea 0x80(%rsp), %rax # pass key schedule
+ mov %edx, %r10d # pass rounds
+
+ call _bsaes_encrypt8
+
+ pxor 0x00(%rsp), @XMM[0] # ^= tweak[]
+ pxor 0x10(%rsp), @XMM[1]
+ movdqu @XMM[0], 0x00($out) # write output
+ pxor 0x20(%rsp), @XMM[4]
+ movdqu @XMM[1], 0x10($out)
+ pxor 0x30(%rsp), @XMM[6]
+ movdqu @XMM[4], 0x20($out)
+ pxor 0x40(%rsp), @XMM[3]
+ movdqu @XMM[6], 0x30($out)
+ pxor 0x50(%rsp), @XMM[7]
+ movdqu @XMM[3], 0x40($out)
+ movdqu @XMM[7], 0x50($out)
+ lea 0x60($out), $out
+
+ movdqa 0x60(%rsp), @XMM[7] # next iteration tweak
+ jmp .Lxts_enc_done
+.align 16
+.Lxts_enc_5:
+ pxor @XMM[8+3], @XMM[3]
+ lea 0x50($inp), $inp
+ pxor @XMM[8+4], @XMM[4]
+ lea 0x80(%rsp), %rax # pass key schedule
+ mov %edx, %r10d # pass rounds
+
+ call _bsaes_encrypt8
+
+ pxor 0x00(%rsp), @XMM[0] # ^= tweak[]
+ pxor 0x10(%rsp), @XMM[1]
+ movdqu @XMM[0], 0x00($out) # write output
+ pxor 0x20(%rsp), @XMM[4]
+ movdqu @XMM[1], 0x10($out)
+ pxor 0x30(%rsp), @XMM[6]
+ movdqu @XMM[4], 0x20($out)
+ pxor 0x40(%rsp), @XMM[3]
+ movdqu @XMM[6], 0x30($out)
+ movdqu @XMM[3], 0x40($out)
+ lea 0x50($out), $out
+
+ movdqa 0x50(%rsp), @XMM[7] # next iteration tweak
+ jmp .Lxts_enc_done
+.align 16
+.Lxts_enc_4:
+ pxor @XMM[8+2], @XMM[2]
+ lea 0x40($inp), $inp
+ pxor @XMM[8+3], @XMM[3]
+ lea 0x80(%rsp), %rax # pass key schedule
+ mov %edx, %r10d # pass rounds
+
+ call _bsaes_encrypt8
+
+ pxor 0x00(%rsp), @XMM[0] # ^= tweak[]
+ pxor 0x10(%rsp), @XMM[1]
+ movdqu @XMM[0], 0x00($out) # write output
+ pxor 0x20(%rsp), @XMM[4]
+ movdqu @XMM[1], 0x10($out)
+ pxor 0x30(%rsp), @XMM[6]
+ movdqu @XMM[4], 0x20($out)
+ movdqu @XMM[6], 0x30($out)
+ lea 0x40($out), $out
+
+ movdqa 0x40(%rsp), @XMM[7] # next iteration tweak
+ jmp .Lxts_enc_done
+.align 16
+.Lxts_enc_3:
+ pxor @XMM[8+1], @XMM[1]
+ lea 0x30($inp), $inp
+ pxor @XMM[8+2], @XMM[2]
+ lea 0x80(%rsp), %rax # pass key schedule
+ mov %edx, %r10d # pass rounds
+
+ call _bsaes_encrypt8
+
+ pxor 0x00(%rsp), @XMM[0] # ^= tweak[]
+ pxor 0x10(%rsp), @XMM[1]
+ movdqu @XMM[0], 0x00($out) # write output
+ pxor 0x20(%rsp), @XMM[4]
+ movdqu @XMM[1], 0x10($out)
+ movdqu @XMM[4], 0x20($out)
+ lea 0x30($out), $out
+
+ movdqa 0x30(%rsp), @XMM[7] # next iteration tweak
+ jmp .Lxts_enc_done
+.align 16
+.Lxts_enc_2:
+ pxor @XMM[8+0], @XMM[0]
+ lea 0x20($inp), $inp
+ pxor @XMM[8+1], @XMM[1]
+ lea 0x80(%rsp), %rax # pass key schedule
+ mov %edx, %r10d # pass rounds
+
+ call _bsaes_encrypt8
+
+ pxor 0x00(%rsp), @XMM[0] # ^= tweak[]
+ pxor 0x10(%rsp), @XMM[1]
+ movdqu @XMM[0], 0x00($out) # write output
+ movdqu @XMM[1], 0x10($out)
+ lea 0x20($out), $out
+
+ movdqa 0x20(%rsp), @XMM[7] # next iteration tweak
+ jmp .Lxts_enc_done
+.align 16
+.Lxts_enc_1:
+ pxor @XMM[0], @XMM[8]
+ lea 0x10($inp), $inp
+ movdqa @XMM[8], 0x20(%rbp)
+ lea 0x20(%rbp), $arg1
+ lea 0x20(%rbp), $arg2
+ lea ($key), $arg3
+ call asm_AES_encrypt # doesn't touch %xmm
+ pxor 0x20(%rbp), @XMM[0] # ^= tweak[]
+ #pxor @XMM[8], @XMM[0]
+ #lea 0x80(%rsp), %rax # pass key schedule
+ #mov %edx, %r10d # pass rounds
+ #call _bsaes_encrypt8
+ #pxor 0x00(%rsp), @XMM[0] # ^= tweak[]
+ movdqu @XMM[0], 0x00($out) # write output
+ lea 0x10($out), $out
+
+ movdqa 0x10(%rsp), @XMM[7] # next iteration tweak
+
+.Lxts_enc_done:
+ and \$15, %ebx
+ jz .Lxts_enc_ret
+ mov $out, %rdx
+
+.Lxts_enc_steal:
+ movzb ($inp), %eax
+ movzb -16(%rdx), %ecx
+ lea 1($inp), $inp
+ mov %al, -16(%rdx)
+ mov %cl, 0(%rdx)
+ lea 1(%rdx), %rdx
+ sub \$1,%ebx
+ jnz .Lxts_enc_steal
+
+ movdqu -16($out), @XMM[0]
+ lea 0x20(%rbp), $arg1
+ pxor @XMM[7], @XMM[0]
+ lea 0x20(%rbp), $arg2
+ movdqa @XMM[0], 0x20(%rbp)
+ lea ($key), $arg3
+ call asm_AES_encrypt # doesn't touch %xmm
+ pxor 0x20(%rbp), @XMM[7]
+ movdqu @XMM[7], -16($out)
+
+.Lxts_enc_ret:
+ lea (%rsp), %rax
+ pxor %xmm0, %xmm0
+.Lxts_enc_bzero: # wipe key schedule [if any]
+ movdqa %xmm0, 0x00(%rax)
+ movdqa %xmm0, 0x10(%rax)
+ lea 0x20(%rax), %rax
+ cmp %rax, %rbp
+ ja .Lxts_enc_bzero
+
+ lea (%rbp),%rsp # restore %rsp
+___
+$code.=<<___ if ($win64);
+ movaps 0x40(%rbp), %xmm6
+ movaps 0x50(%rbp), %xmm7
+ movaps 0x60(%rbp), %xmm8
+ movaps 0x70(%rbp), %xmm9
+ movaps 0x80(%rbp), %xmm10
+ movaps 0x90(%rbp), %xmm11
+ movaps 0xa0(%rbp), %xmm12
+ movaps 0xb0(%rbp), %xmm13
+ movaps 0xc0(%rbp), %xmm14
+ movaps 0xd0(%rbp), %xmm15
+ lea 0xa0(%rbp), %rsp
+___
+$code.=<<___;
+ mov 0x48(%rsp), %r15
+ mov 0x50(%rsp), %r14
+ mov 0x58(%rsp), %r13
+ mov 0x60(%rsp), %r12
+ mov 0x68(%rsp), %rbx
+ mov 0x70(%rsp), %rax
+ lea 0x78(%rsp), %rsp
+ mov %rax, %rbp
+.Lxts_enc_epilogue:
+ ret
+.size bsaes_xts_encrypt,.-bsaes_xts_encrypt
+
+.globl bsaes_xts_decrypt
+.type bsaes_xts_decrypt,\@abi-omnipotent
+.align 16
+bsaes_xts_decrypt:
+ mov %rsp, %rax
+.Lxts_dec_prologue:
+ push %rbp
+ push %rbx
+ push %r12
+ push %r13
+ push %r14
+ push %r15
+ lea -0x48(%rsp), %rsp
+___
+$code.=<<___ if ($win64);
+ mov 0xa0(%rsp),$arg5 # pull key2
+ mov 0xa8(%rsp),$arg6 # pull ivp
+ lea -0xa0(%rsp), %rsp
+ movaps %xmm6, 0x40(%rsp)
+ movaps %xmm7, 0x50(%rsp)
+ movaps %xmm8, 0x60(%rsp)
+ movaps %xmm9, 0x70(%rsp)
+ movaps %xmm10, 0x80(%rsp)
+ movaps %xmm11, 0x90(%rsp)
+ movaps %xmm12, 0xa0(%rsp)
+ movaps %xmm13, 0xb0(%rsp)
+ movaps %xmm14, 0xc0(%rsp)
+ movaps %xmm15, 0xd0(%rsp)
+.Lxts_dec_body:
+___
+$code.=<<___;
+ mov %rsp, %rbp # backup %rsp
+ mov $arg1, $inp # backup arguments
+ mov $arg2, $out
+ mov $arg3, $len
+ mov $arg4, $key
+
+ lea ($arg6), $arg1
+ lea 0x20(%rbp), $arg2
+ lea ($arg5), $arg3
+ call asm_AES_encrypt # generate initial tweak
+
+ mov 240($key), %eax # rounds
+ mov $len, %rbx # backup $len
+
+ mov %eax, %edx # rounds
+ shl \$7, %rax # 128 bytes per inner round key
+ sub \$`128-32`, %rax # size of bit-sliced key schedule
+ sub %rax, %rsp
+
+ mov %rsp, %rax # pass key schedule
+ mov $key, %rcx # pass key
+ mov %edx, %r10d # pass rounds
+ call _bsaes_key_convert
+ pxor (%rsp), %xmm7 # fix up round 0 key
+ movdqa %xmm6, (%rax) # save last round key
+ movdqa %xmm7, (%rsp)
+
+ xor %eax, %eax # if ($len%16) len-=16;
+ and \$-16, $len
+ test \$15, %ebx
+ setnz %al
+ shl \$4, %rax
+ sub %rax, $len
+
+ sub \$0x80, %rsp # place for tweak[8]
+ movdqa 0x20(%rbp), @XMM[7] # initial tweak
+
+ pxor $twtmp, $twtmp
+ movdqa .Lxts_magic(%rip), $twmask
+ pcmpgtd @XMM[7], $twtmp # broadcast upper bits
+
+ sub \$0x80, $len
+ jc .Lxts_dec_short
+ jmp .Lxts_dec_loop
+
+.align 16
+.Lxts_dec_loop:
+___
+ for ($i=0;$i<7;$i++) {
+ $code.=<<___;
+ pshufd \$0x13, $twtmp, $twres
+ pxor $twtmp, $twtmp
+ movdqa @XMM[7], @XMM[$i]
+ movdqa @XMM[7], `0x10*$i`(%rsp)# save tweak[$i]
+ paddq @XMM[7], @XMM[7] # psllq 1,$tweak
+ pand $twmask, $twres # isolate carry and residue
+ pcmpgtd @XMM[7], $twtmp # broadcast upper bits
+ pxor $twres, @XMM[7]
+___
+ $code.=<<___ if ($i>=1);
+ movdqu `0x10*($i-1)`($inp), @XMM[8+$i-1]
+___
+ $code.=<<___ if ($i>=2);
+ pxor @XMM[8+$i-2], @XMM[$i-2]# input[] ^ tweak[]
+___
+ }
+$code.=<<___;
+ movdqu 0x60($inp), @XMM[8+6]
+ pxor @XMM[8+5], @XMM[5]
+ movdqu 0x70($inp), @XMM[8+7]
+ lea 0x80($inp), $inp
+ movdqa @XMM[7], 0x70(%rsp)
+ pxor @XMM[8+6], @XMM[6]
+ lea 0x80(%rsp), %rax # pass key schedule
+ pxor @XMM[8+7], @XMM[7]
+ mov %edx, %r10d # pass rounds
+
+ call _bsaes_decrypt8
+
+ pxor 0x00(%rsp), @XMM[0] # ^= tweak[]
+ pxor 0x10(%rsp), @XMM[1]
+ movdqu @XMM[0], 0x00($out) # write output
+ pxor 0x20(%rsp), @XMM[6]
+ movdqu @XMM[1], 0x10($out)
+ pxor 0x30(%rsp), @XMM[4]
+ movdqu @XMM[6], 0x20($out)
+ pxor 0x40(%rsp), @XMM[2]
+ movdqu @XMM[4], 0x30($out)
+ pxor 0x50(%rsp), @XMM[7]
+ movdqu @XMM[2], 0x40($out)
+ pxor 0x60(%rsp), @XMM[3]
+ movdqu @XMM[7], 0x50($out)
+ pxor 0x70(%rsp), @XMM[5]
+ movdqu @XMM[3], 0x60($out)
+ movdqu @XMM[5], 0x70($out)
+ lea 0x80($out), $out
+
+ movdqa 0x70(%rsp), @XMM[7] # prepare next iteration tweak
+ pxor $twtmp, $twtmp
+ movdqa .Lxts_magic(%rip), $twmask
+ pcmpgtd @XMM[7], $twtmp
+ pshufd \$0x13, $twtmp, $twres
+ pxor $twtmp, $twtmp
+ paddq @XMM[7], @XMM[7] # psllq 1,$tweak
+ pand $twmask, $twres # isolate carry and residue
+ pcmpgtd @XMM[7], $twtmp # broadcast upper bits
+ pxor $twres, @XMM[7]
+
+ sub \$0x80,$len
+ jnc .Lxts_dec_loop
+
+.Lxts_dec_short:
+ add \$0x80, $len
+ jz .Lxts_dec_done
+___
+ for ($i=0;$i<7;$i++) {
+ $code.=<<___;
+ pshufd \$0x13, $twtmp, $twres
+ pxor $twtmp, $twtmp
+ movdqa @XMM[7], @XMM[$i]
+ movdqa @XMM[7], `0x10*$i`(%rsp)# save tweak[$i]
+ paddq @XMM[7], @XMM[7] # psllq 1,$tweak
+ pand $twmask, $twres # isolate carry and residue
+ pcmpgtd @XMM[7], $twtmp # broadcast upper bits
+ pxor $twres, @XMM[7]
+___
+ $code.=<<___ if ($i>=1);
+ movdqu `0x10*($i-1)`($inp), @XMM[8+$i-1]
+ cmp \$`0x10*$i`,$len
+ je .Lxts_dec_$i
+___
+ $code.=<<___ if ($i>=2);
+ pxor @XMM[8+$i-2], @XMM[$i-2]# input[] ^ tweak[]
+___
+ }
+$code.=<<___;
+ movdqu 0x60($inp), @XMM[8+6]
+ pxor @XMM[8+5], @XMM[5]
+ movdqa @XMM[7], 0x70(%rsp)
+ lea 0x70($inp), $inp
+ pxor @XMM[8+6], @XMM[6]
+ lea 0x80(%rsp), %rax # pass key schedule
+ mov %edx, %r10d # pass rounds
+
+ call _bsaes_decrypt8
+
+ pxor 0x00(%rsp), @XMM[0] # ^= tweak[]
+ pxor 0x10(%rsp), @XMM[1]
+ movdqu @XMM[0], 0x00($out) # write output
+ pxor 0x20(%rsp), @XMM[6]
+ movdqu @XMM[1], 0x10($out)
+ pxor 0x30(%rsp), @XMM[4]
+ movdqu @XMM[6], 0x20($out)
+ pxor 0x40(%rsp), @XMM[2]
+ movdqu @XMM[4], 0x30($out)
+ pxor 0x50(%rsp), @XMM[7]
+ movdqu @XMM[2], 0x40($out)
+ pxor 0x60(%rsp), @XMM[3]
+ movdqu @XMM[7], 0x50($out)
+ movdqu @XMM[3], 0x60($out)
+ lea 0x70($out), $out
+
+ movdqa 0x70(%rsp), @XMM[7] # next iteration tweak
+ jmp .Lxts_dec_done
+.align 16
+.Lxts_dec_6:
+ pxor @XMM[8+4], @XMM[4]
+ lea 0x60($inp), $inp
+ pxor @XMM[8+5], @XMM[5]
+ lea 0x80(%rsp), %rax # pass key schedule
+ mov %edx, %r10d # pass rounds
+
+ call _bsaes_decrypt8
+
+ pxor 0x00(%rsp), @XMM[0] # ^= tweak[]
+ pxor 0x10(%rsp), @XMM[1]
+ movdqu @XMM[0], 0x00($out) # write output
+ pxor 0x20(%rsp), @XMM[6]
+ movdqu @XMM[1], 0x10($out)
+ pxor 0x30(%rsp), @XMM[4]
+ movdqu @XMM[6], 0x20($out)
+ pxor 0x40(%rsp), @XMM[2]
+ movdqu @XMM[4], 0x30($out)
+ pxor 0x50(%rsp), @XMM[7]
+ movdqu @XMM[2], 0x40($out)
+ movdqu @XMM[7], 0x50($out)
+ lea 0x60($out), $out
+
+ movdqa 0x60(%rsp), @XMM[7] # next iteration tweak
+ jmp .Lxts_dec_done
+.align 16
+.Lxts_dec_5:
+ pxor @XMM[8+3], @XMM[3]
+ lea 0x50($inp), $inp
+ pxor @XMM[8+4], @XMM[4]
+ lea 0x80(%rsp), %rax # pass key schedule
+ mov %edx, %r10d # pass rounds
+
+ call _bsaes_decrypt8
+
+ pxor 0x00(%rsp), @XMM[0] # ^= tweak[]
+ pxor 0x10(%rsp), @XMM[1]
+ movdqu @XMM[0], 0x00($out) # write output
+ pxor 0x20(%rsp), @XMM[6]
+ movdqu @XMM[1], 0x10($out)
+ pxor 0x30(%rsp), @XMM[4]
+ movdqu @XMM[6], 0x20($out)
+ pxor 0x40(%rsp), @XMM[2]
+ movdqu @XMM[4], 0x30($out)
+ movdqu @XMM[2], 0x40($out)
+ lea 0x50($out), $out
+
+ movdqa 0x50(%rsp), @XMM[7] # next iteration tweak
+ jmp .Lxts_dec_done
+.align 16
+.Lxts_dec_4:
+ pxor @XMM[8+2], @XMM[2]
+ lea 0x40($inp), $inp
+ pxor @XMM[8+3], @XMM[3]
+ lea 0x80(%rsp), %rax # pass key schedule
+ mov %edx, %r10d # pass rounds
+
+ call _bsaes_decrypt8
+
+ pxor 0x00(%rsp), @XMM[0] # ^= tweak[]
+ pxor 0x10(%rsp), @XMM[1]
+ movdqu @XMM[0], 0x00($out) # write output
+ pxor 0x20(%rsp), @XMM[6]
+ movdqu @XMM[1], 0x10($out)
+ pxor 0x30(%rsp), @XMM[4]
+ movdqu @XMM[6], 0x20($out)
+ movdqu @XMM[4], 0x30($out)
+ lea 0x40($out), $out
+
+ movdqa 0x40(%rsp), @XMM[7] # next iteration tweak
+ jmp .Lxts_dec_done
+.align 16
+.Lxts_dec_3:
+ pxor @XMM[8+1], @XMM[1]
+ lea 0x30($inp), $inp
+ pxor @XMM[8+2], @XMM[2]
+ lea 0x80(%rsp), %rax # pass key schedule
+ mov %edx, %r10d # pass rounds
+
+ call _bsaes_decrypt8
+
+ pxor 0x00(%rsp), @XMM[0] # ^= tweak[]
+ pxor 0x10(%rsp), @XMM[1]
+ movdqu @XMM[0], 0x00($out) # write output
+ pxor 0x20(%rsp), @XMM[6]
+ movdqu @XMM[1], 0x10($out)
+ movdqu @XMM[6], 0x20($out)
+ lea 0x30($out), $out
+
+ movdqa 0x30(%rsp), @XMM[7] # next iteration tweak
+ jmp .Lxts_dec_done
+.align 16
+.Lxts_dec_2:
+ pxor @XMM[8+0], @XMM[0]
+ lea 0x20($inp), $inp
+ pxor @XMM[8+1], @XMM[1]
+ lea 0x80(%rsp), %rax # pass key schedule
+ mov %edx, %r10d # pass rounds
+
+ call _bsaes_decrypt8
+
+ pxor 0x00(%rsp), @XMM[0] # ^= tweak[]
+ pxor 0x10(%rsp), @XMM[1]
+ movdqu @XMM[0], 0x00($out) # write output
+ movdqu @XMM[1], 0x10($out)
+ lea 0x20($out), $out
+
+ movdqa 0x20(%rsp), @XMM[7] # next iteration tweak
+ jmp .Lxts_dec_done
+.align 16
+.Lxts_dec_1:
+ pxor @XMM[0], @XMM[8]
+ lea 0x10($inp), $inp
+ movdqa @XMM[8], 0x20(%rbp)
+ lea 0x20(%rbp), $arg1
+ lea 0x20(%rbp), $arg2
+ lea ($key), $arg3
+ call asm_AES_decrypt # doesn't touch %xmm
+ pxor 0x20(%rbp), @XMM[0] # ^= tweak[]
+ #pxor @XMM[8], @XMM[0]
+ #lea 0x80(%rsp), %rax # pass key schedule
+ #mov %edx, %r10d # pass rounds
+ #call _bsaes_decrypt8
+ #pxor 0x00(%rsp), @XMM[0] # ^= tweak[]
+ movdqu @XMM[0], 0x00($out) # write output
+ lea 0x10($out), $out
+
+ movdqa 0x10(%rsp), @XMM[7] # next iteration tweak
+
+.Lxts_dec_done:
+ and \$15, %ebx
+ jz .Lxts_dec_ret
+
+ pxor $twtmp, $twtmp
+ movdqa .Lxts_magic(%rip), $twmask
+ pcmpgtd @XMM[7], $twtmp
+ pshufd \$0x13, $twtmp, $twres
+ movdqa @XMM[7], @XMM[6]
+ paddq @XMM[7], @XMM[7] # psllq 1,$tweak
+ pand $twmask, $twres # isolate carry and residue
+ movdqu ($inp), @XMM[0]
+ pxor $twres, @XMM[7]
+
+ lea 0x20(%rbp), $arg1
+ pxor @XMM[7], @XMM[0]
+ lea 0x20(%rbp), $arg2
+ movdqa @XMM[0], 0x20(%rbp)
+ lea ($key), $arg3
+ call asm_AES_decrypt # doesn't touch %xmm
+ pxor 0x20(%rbp), @XMM[7]
+ mov $out, %rdx
+ movdqu @XMM[7], ($out)
+
+.Lxts_dec_steal:
+ movzb 16($inp), %eax
+ movzb (%rdx), %ecx
+ lea 1($inp), $inp
+ mov %al, (%rdx)
+ mov %cl, 16(%rdx)
+ lea 1(%rdx), %rdx
+ sub \$1,%ebx
+ jnz .Lxts_dec_steal
+
+ movdqu ($out), @XMM[0]
+ lea 0x20(%rbp), $arg1
+ pxor @XMM[6], @XMM[0]
+ lea 0x20(%rbp), $arg2
+ movdqa @XMM[0], 0x20(%rbp)
+ lea ($key), $arg3
+ call asm_AES_decrypt # doesn't touch %xmm
+ pxor 0x20(%rbp), @XMM[6]
+ movdqu @XMM[6], ($out)
+
+.Lxts_dec_ret:
+ lea (%rsp), %rax
+ pxor %xmm0, %xmm0
+.Lxts_dec_bzero: # wipe key schedule [if any]
+ movdqa %xmm0, 0x00(%rax)
+ movdqa %xmm0, 0x10(%rax)
+ lea 0x20(%rax), %rax
+ cmp %rax, %rbp
+ ja .Lxts_dec_bzero
+
+ lea (%rbp),%rsp # restore %rsp
+___
+$code.=<<___ if ($win64);
+ movaps 0x40(%rbp), %xmm6
+ movaps 0x50(%rbp), %xmm7
+ movaps 0x60(%rbp), %xmm8
+ movaps 0x70(%rbp), %xmm9
+ movaps 0x80(%rbp), %xmm10
+ movaps 0x90(%rbp), %xmm11
+ movaps 0xa0(%rbp), %xmm12
+ movaps 0xb0(%rbp), %xmm13
+ movaps 0xc0(%rbp), %xmm14
+ movaps 0xd0(%rbp), %xmm15
+ lea 0xa0(%rbp), %rsp
+___
+$code.=<<___;
+ mov 0x48(%rsp), %r15
+ mov 0x50(%rsp), %r14
+ mov 0x58(%rsp), %r13
+ mov 0x60(%rsp), %r12
+ mov 0x68(%rsp), %rbx
+ mov 0x70(%rsp), %rax
+ lea 0x78(%rsp), %rsp
+ mov %rax, %rbp
+.Lxts_dec_epilogue:
+ ret
+.size bsaes_xts_decrypt,.-bsaes_xts_decrypt
+___
+}
+$code.=<<___;
+.type _bsaes_const,\@object
+.align 64
+_bsaes_const:
+.LM0ISR: # InvShiftRows constants
+ .quad 0x0a0e0206070b0f03, 0x0004080c0d010509
+.LISRM0:
+ .quad 0x01040b0e0205080f, 0x0306090c00070a0d
+.LISR:
+ .quad 0x0504070602010003, 0x0f0e0d0c080b0a09
+.LBS0: # bit-slice constants
+ .quad 0x5555555555555555, 0x5555555555555555
+.LBS1:
+ .quad 0x3333333333333333, 0x3333333333333333
+.LBS2:
+ .quad 0x0f0f0f0f0f0f0f0f, 0x0f0f0f0f0f0f0f0f
+.LSR: # shiftrows constants
+ .quad 0x0504070600030201, 0x0f0e0d0c0a09080b
+.LSRM0:
+ .quad 0x0304090e00050a0f, 0x01060b0c0207080d
+.LM0SR:
+ .quad 0x0a0e02060f03070b, 0x0004080c05090d01
+.LSWPUP: # byte-swap upper dword
+ .quad 0x0706050403020100, 0x0c0d0e0f0b0a0908
+.LSWPUPM0SR:
+ .quad 0x0a0d02060c03070b, 0x0004080f05090e01
+.LADD1: # counter increment constants
+ .quad 0x0000000000000000, 0x0000000100000000
+.LADD2:
+ .quad 0x0000000000000000, 0x0000000200000000
+.LADD3:
+ .quad 0x0000000000000000, 0x0000000300000000
+.LADD4:
+ .quad 0x0000000000000000, 0x0000000400000000
+.LADD5:
+ .quad 0x0000000000000000, 0x0000000500000000
+.LADD6:
+ .quad 0x0000000000000000, 0x0000000600000000
+.LADD7:
+ .quad 0x0000000000000000, 0x0000000700000000
+.LADD8:
+ .quad 0x0000000000000000, 0x0000000800000000
+.Lxts_magic:
+ .long 0x87,0,1,0
+.Lmasks:
+ .quad 0x0101010101010101, 0x0101010101010101
+ .quad 0x0202020202020202, 0x0202020202020202
+ .quad 0x0404040404040404, 0x0404040404040404
+ .quad 0x0808080808080808, 0x0808080808080808
+.LM0:
+ .quad 0x02060a0e03070b0f, 0x0004080c0105090d
+.L63:
+ .quad 0x6363636363636363, 0x6363636363636363
+.asciz "Bit-sliced AES for x86_64/SSSE3, Emilia Käsper, Peter Schwabe, Andy Polyakov"
+.align 64
+.size _bsaes_const,.-_bsaes_const
+___
+
+# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
+# CONTEXT *context,DISPATCHER_CONTEXT *disp)
+if ($win64) {
+$rec="%rcx";
+$frame="%rdx";
+$context="%r8";
+$disp="%r9";
+
+$code.=<<___;
+.extern __imp_RtlVirtualUnwind
+.type se_handler,\@abi-omnipotent
+.align 16
+se_handler:
+ push %rsi
+ push %rdi
+ push %rbx
+ push %rbp
+ push %r12
+ push %r13
+ push %r14
+ push %r15
+ pushfq
+ sub \$64,%rsp
+
+ mov 120($context),%rax # pull context->Rax
+ mov 248($context),%rbx # pull context->Rip
+
+ mov 8($disp),%rsi # disp->ImageBase
+ mov 56($disp),%r11 # disp->HandlerData
+
+ mov 0(%r11),%r10d # HandlerData[0]
+ lea (%rsi,%r10),%r10 # prologue label
+ cmp %r10,%rbx # context->Rip<prologue label
+ jb .Lin_prologue
+
+ mov 152($context),%rax # pull context->Rsp
+
+ mov 4(%r11),%r10d # HandlerData[1]
+ lea (%rsi,%r10),%r10 # epilogue label
+ cmp %r10,%rbx # context->Rip>=epilogue label
+ jae .Lin_prologue
+
+ mov 160($context),%rax # pull context->Rbp
+
+ lea 0x40(%rax),%rsi # %xmm save area
+ lea 512($context),%rdi # &context.Xmm6
+ mov \$20,%ecx # 10*sizeof(%xmm0)/sizeof(%rax)
+ .long 0xa548f3fc # cld; rep movsq
+ lea 0xa0(%rax),%rax # adjust stack pointer
+
+ mov 0x70(%rax),%rbp
+ mov 0x68(%rax),%rbx
+ mov 0x60(%rax),%r12
+ mov 0x58(%rax),%r13
+ mov 0x50(%rax),%r14
+ mov 0x48(%rax),%r15
+ lea 0x78(%rax),%rax # adjust stack pointer
+ mov %rbx,144($context) # restore context->Rbx
+ mov %rbp,160($context) # restore context->Rbp
+ mov %r12,216($context) # restore context->R12
+ mov %r13,224($context) # restore context->R13
+ mov %r14,232($context) # restore context->R14
+ mov %r15,240($context) # restore context->R15
+
+.Lin_prologue:
+ mov %rax,152($context) # restore context->Rsp
+
+ mov 40($disp),%rdi # disp->ContextRecord
+ mov $context,%rsi # context
+ mov \$`1232/8`,%ecx # sizeof(CONTEXT)
+ .long 0xa548f3fc # cld; rep movsq
+
+ mov $disp,%rsi
+ xor %rcx,%rcx # arg1, UNW_FLAG_NHANDLER
+ mov 8(%rsi),%rdx # arg2, disp->ImageBase
+ mov 0(%rsi),%r8 # arg3, disp->ControlPc
+ mov 16(%rsi),%r9 # arg4, disp->FunctionEntry
+ mov 40(%rsi),%r10 # disp->ContextRecord
+ lea 56(%rsi),%r11 # &disp->HandlerData
+ lea 24(%rsi),%r12 # &disp->EstablisherFrame
+ mov %r10,32(%rsp) # arg5
+ mov %r11,40(%rsp) # arg6
+ mov %r12,48(%rsp) # arg7
+ mov %rcx,56(%rsp) # arg8, (NULL)
+ call *__imp_RtlVirtualUnwind(%rip)
+
+ mov \$1,%eax # ExceptionContinueSearch
+ add \$64,%rsp
+ popfq
+ pop %r15
+ pop %r14
+ pop %r13
+ pop %r12
+ pop %rbp
+ pop %rbx
+ pop %rdi
+ pop %rsi
+ ret
+.size se_handler,.-se_handler
+
+.section .pdata
+.align 4
+___
+$code.=<<___ if ($ecb);
+ .rva .Lecb_enc_prologue
+ .rva .Lecb_enc_epilogue
+ .rva .Lecb_enc_info
+
+ .rva .Lecb_dec_prologue
+ .rva .Lecb_dec_epilogue
+ .rva .Lecb_dec_info
+___
+$code.=<<___;
+ .rva .Lcbc_dec_prologue
+ .rva .Lcbc_dec_epilogue
+ .rva .Lcbc_dec_info
+
+ .rva .Lctr_enc_prologue
+ .rva .Lctr_enc_epilogue
+ .rva .Lctr_enc_info
+
+ .rva .Lxts_enc_prologue
+ .rva .Lxts_enc_epilogue
+ .rva .Lxts_enc_info
+
+ .rva .Lxts_dec_prologue
+ .rva .Lxts_dec_epilogue
+ .rva .Lxts_dec_info
+
+.section .xdata
+.align 8
+___
+$code.=<<___ if ($ecb);
+.Lecb_enc_info:
+ .byte 9,0,0,0
+ .rva se_handler
+ .rva .Lecb_enc_body,.Lecb_enc_epilogue # HandlerData[]
+.Lecb_dec_info:
+ .byte 9,0,0,0
+ .rva se_handler
+ .rva .Lecb_dec_body,.Lecb_dec_epilogue # HandlerData[]
+___
+$code.=<<___;
+.Lcbc_dec_info:
+ .byte 9,0,0,0
+ .rva se_handler
+ .rva .Lcbc_dec_body,.Lcbc_dec_epilogue # HandlerData[]
+.Lctr_enc_info:
+ .byte 9,0,0,0
+ .rva se_handler
+ .rva .Lctr_enc_body,.Lctr_enc_epilogue # HandlerData[]
+.Lxts_enc_info:
+ .byte 9,0,0,0
+ .rva se_handler
+ .rva .Lxts_enc_body,.Lxts_enc_epilogue # HandlerData[]
+.Lxts_dec_info:
+ .byte 9,0,0,0
+ .rva se_handler
+ .rva .Lxts_dec_body,.Lxts_dec_epilogue # HandlerData[]
+___
+}
+
+$code =~ s/\`([^\`]*)\`/eval($1)/gem;
+
+print $code;
+
+close STDOUT;
Copied: trunk/crypto/openssl/crypto/aes/asm/vpaes-x86.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/aes/asm/vpaes-x86.pl)
===================================================================
--- trunk/crypto/openssl/crypto/aes/asm/vpaes-x86.pl (rev 0)
+++ trunk/crypto/openssl/crypto/aes/asm/vpaes-x86.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,903 @@
+#!/usr/bin/env perl
+
+######################################################################
+## Constant-time SSSE3 AES core implementation.
+## version 0.1
+##
+## By Mike Hamburg (Stanford University), 2009
+## Public domain.
+##
+## For details see http://shiftleft.org/papers/vector_aes/ and
+## http://crypto.stanford.edu/vpaes/.
+
+######################################################################
+# September 2011.
+#
+# Port vpaes-x86_64.pl as 32-bit "almost" drop-in replacement for
+# aes-586.pl. "Almost" refers to the fact that AES_cbc_encrypt
+# doesn't handle partial vectors (doesn't have to if called from
+# EVP only). "Drop-in" implies that this module doesn't share key
+# schedule structure with the original nor does it make assumption
+# about its alignment...
+#
+# Performance summary. aes-586.pl column lists large-block CBC
+# encrypt/decrypt/with-hyper-threading-off(*) results in cycles per
+# byte processed with 128-bit key, and vpaes-x86.pl column - [also
+# large-block CBC] encrypt/decrypt.
+#
+# aes-586.pl vpaes-x86.pl
+#
+# Core 2(**) 29.1/42.3/18.3 22.0/25.6(***)
+# Nehalem 27.9/40.4/18.1 10.3/12.0
+# Atom 102./119./60.1 64.5/85.3(***)
+#
+# (*) "Hyper-threading" in the context refers rather to cache shared
+# among multiple cores, than to specifically Intel HTT. As vast
+# majority of contemporary cores share cache, slower code path
+# is common place. In other words "with-hyper-threading-off"
+# results are presented mostly for reference purposes.
+#
+# (**) "Core 2" refers to initial 65nm design, a.k.a. Conroe.
+#
+# (***) Less impressive improvement on Core 2 and Atom is due to slow
+# pshufb, yet it's respectable +32%/65% improvement on Core 2
+# and +58%/40% on Atom (as implied, over "hyper-threading-safe"
+# code path).
+#
+# <appro at openssl.org>
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
+require "x86asm.pl";
+
+&asm_init($ARGV[0],"vpaes-x86.pl",$x86only = $ARGV[$#ARGV] eq "386");
+
+$PREFIX="vpaes";
+
+my ($round, $base, $magic, $key, $const, $inp, $out)=
+ ("eax", "ebx", "ecx", "edx","ebp", "esi","edi");
+
+&static_label("_vpaes_consts");
+&static_label("_vpaes_schedule_low_round");
+
+&set_label("_vpaes_consts",64);
+$k_inv=-0x30; # inv, inva
+ &data_word(0x0D080180,0x0E05060F,0x0A0B0C02,0x04070309);
+ &data_word(0x0F0B0780,0x01040A06,0x02050809,0x030D0E0C);
+
+$k_s0F=-0x10; # s0F
+ &data_word(0x0F0F0F0F,0x0F0F0F0F,0x0F0F0F0F,0x0F0F0F0F);
+
+$k_ipt=0x00; # input transform (lo, hi)
+ &data_word(0x5A2A7000,0xC2B2E898,0x52227808,0xCABAE090);
+ &data_word(0x317C4D00,0x4C01307D,0xB0FDCC81,0xCD80B1FC);
+
+$k_sb1=0x20; # sb1u, sb1t
+ &data_word(0xCB503E00,0xB19BE18F,0x142AF544,0xA5DF7A6E);
+ &data_word(0xFAE22300,0x3618D415,0x0D2ED9EF,0x3BF7CCC1);
+$k_sb2=0x40; # sb2u, sb2t
+ &data_word(0x0B712400,0xE27A93C6,0xBC982FCD,0x5EB7E955);
+ &data_word(0x0AE12900,0x69EB8840,0xAB82234A,0xC2A163C8);
+$k_sbo=0x60; # sbou, sbot
+ &data_word(0x6FBDC700,0xD0D26D17,0xC502A878,0x15AABF7A);
+ &data_word(0x5FBB6A00,0xCFE474A5,0x412B35FA,0x8E1E90D1);
+
+$k_mc_forward=0x80; # mc_forward
+ &data_word(0x00030201,0x04070605,0x080B0A09,0x0C0F0E0D);
+ &data_word(0x04070605,0x080B0A09,0x0C0F0E0D,0x00030201);
+ &data_word(0x080B0A09,0x0C0F0E0D,0x00030201,0x04070605);
+ &data_word(0x0C0F0E0D,0x00030201,0x04070605,0x080B0A09);
+
+$k_mc_backward=0xc0; # mc_backward
+ &data_word(0x02010003,0x06050407,0x0A09080B,0x0E0D0C0F);
+ &data_word(0x0E0D0C0F,0x02010003,0x06050407,0x0A09080B);
+ &data_word(0x0A09080B,0x0E0D0C0F,0x02010003,0x06050407);
+ &data_word(0x06050407,0x0A09080B,0x0E0D0C0F,0x02010003);
+
+$k_sr=0x100; # sr
+ &data_word(0x03020100,0x07060504,0x0B0A0908,0x0F0E0D0C);
+ &data_word(0x0F0A0500,0x030E0904,0x07020D08,0x0B06010C);
+ &data_word(0x0B020900,0x0F060D04,0x030A0108,0x070E050C);
+ &data_word(0x070A0D00,0x0B0E0104,0x0F020508,0x0306090C);
+
+$k_rcon=0x140; # rcon
+ &data_word(0xAF9DEEB6,0x1F8391B9,0x4D7C7D81,0x702A9808);
+
+$k_s63=0x150; # s63: all equal to 0x63 transformed
+ &data_word(0x5B5B5B5B,0x5B5B5B5B,0x5B5B5B5B,0x5B5B5B5B);
+
+$k_opt=0x160; # output transform
+ &data_word(0xD6B66000,0xFF9F4929,0xDEBE6808,0xF7974121);
+ &data_word(0x50BCEC00,0x01EDBD51,0xB05C0CE0,0xE10D5DB1);
+
+$k_deskew=0x180; # deskew tables: inverts the sbox's "skew"
+ &data_word(0x47A4E300,0x07E4A340,0x5DBEF91A,0x1DFEB95A);
+ &data_word(0x83EA6900,0x5F36B5DC,0xF49D1E77,0x2841C2AB);
+##
+## Decryption stuff
+## Key schedule constants
+##
+$k_dksd=0x1a0; # decryption key schedule: invskew x*D
+ &data_word(0xA3E44700,0xFEB91A5D,0x5A1DBEF9,0x0740E3A4);
+ &data_word(0xB5368300,0x41C277F4,0xAB289D1E,0x5FDC69EA);
+$k_dksb=0x1c0; # decryption key schedule: invskew x*B
+ &data_word(0x8550D500,0x9A4FCA1F,0x1CC94C99,0x03D65386);
+ &data_word(0xB6FC4A00,0x115BEDA7,0x7E3482C8,0xD993256F);
+$k_dkse=0x1e0; # decryption key schedule: invskew x*E + 0x63
+ &data_word(0x1FC9D600,0xD5031CCA,0x994F5086,0x53859A4C);
+ &data_word(0x4FDC7BE8,0xA2319605,0x20B31487,0xCD5EF96A);
+$k_dks9=0x200; # decryption key schedule: invskew x*9
+ &data_word(0x7ED9A700,0xB6116FC8,0x82255BFC,0x4AED9334);
+ &data_word(0x27143300,0x45765162,0xE9DAFDCE,0x8BB89FAC);
+
+##
+## Decryption stuff
+## Round function constants
+##
+$k_dipt=0x220; # decryption input transform
+ &data_word(0x0B545F00,0x0F505B04,0x114E451A,0x154A411E);
+ &data_word(0x60056500,0x86E383E6,0xF491F194,0x12771772);
+
+$k_dsb9=0x240; # decryption sbox output *9*u, *9*t
+ &data_word(0x9A86D600,0x851C0353,0x4F994CC9,0xCAD51F50);
+ &data_word(0xECD74900,0xC03B1789,0xB2FBA565,0x725E2C9E);
+$k_dsbd=0x260; # decryption sbox output *D*u, *D*t
+ &data_word(0xE6B1A200,0x7D57CCDF,0x882A4439,0xF56E9B13);
+ &data_word(0x24C6CB00,0x3CE2FAF7,0x15DEEFD3,0x2931180D);
+$k_dsbb=0x280; # decryption sbox output *B*u, *B*t
+ &data_word(0x96B44200,0xD0226492,0xB0F2D404,0x602646F6);
+ &data_word(0xCD596700,0xC19498A6,0x3255AA6B,0xF3FF0C3E);
+$k_dsbe=0x2a0; # decryption sbox output *E*u, *E*t
+ &data_word(0x26D4D000,0x46F29296,0x64B4F6B0,0x22426004);
+ &data_word(0xFFAAC100,0x0C55A6CD,0x98593E32,0x9467F36B);
+$k_dsbo=0x2c0; # decryption sbox final output
+ &data_word(0x7EF94000,0x1387EA53,0xD4943E2D,0xC7AA6DB9);
+ &data_word(0x93441D00,0x12D7560F,0xD8C58E9C,0xCA4B8159);
+&asciz ("Vector Permutation AES for x86/SSSE3, Mike Hamburg (Stanford University)");
+&align (64);
+
+&function_begin_B("_vpaes_preheat");
+ &add ($const,&DWP(0,"esp"));
+ &movdqa ("xmm7",&QWP($k_inv,$const));
+ &movdqa ("xmm6",&QWP($k_s0F,$const));
+ &ret ();
+&function_end_B("_vpaes_preheat");
+
+##
+## _aes_encrypt_core
+##
+## AES-encrypt %xmm0.
+##
+## Inputs:
+## %xmm0 = input
+## %xmm6-%xmm7 as in _vpaes_preheat
+## (%edx) = scheduled keys
+##
+## Output in %xmm0
+## Clobbers %xmm1-%xmm5, %eax, %ebx, %ecx, %edx
+##
+##
+&function_begin_B("_vpaes_encrypt_core");
+ &mov ($magic,16);
+ &mov ($round,&DWP(240,$key));
+ &movdqa ("xmm1","xmm6")
+ &movdqa ("xmm2",&QWP($k_ipt,$const));
+ &pandn ("xmm1","xmm0");
+ &movdqu ("xmm5",&QWP(0,$key));
+ &psrld ("xmm1",4);
+ &pand ("xmm0","xmm6");
+ &pshufb ("xmm2","xmm0");
+ &movdqa ("xmm0",&QWP($k_ipt+16,$const));
+ &pshufb ("xmm0","xmm1");
+ &pxor ("xmm2","xmm5");
+ &pxor ("xmm0","xmm2");
+ &add ($key,16);
+ &lea ($base,&DWP($k_mc_backward,$const));
+ &jmp (&label("enc_entry"));
+
+
+&set_label("enc_loop",16);
+ # middle of middle round
+ &movdqa ("xmm4",&QWP($k_sb1,$const)); # 4 : sb1u
+ &pshufb ("xmm4","xmm2"); # 4 = sb1u
+ &pxor ("xmm4","xmm5"); # 4 = sb1u + k
+ &movdqa ("xmm0",&QWP($k_sb1+16,$const));# 0 : sb1t
+ &pshufb ("xmm0","xmm3"); # 0 = sb1t
+ &pxor ("xmm0","xmm4"); # 0 = A
+ &movdqa ("xmm5",&QWP($k_sb2,$const)); # 4 : sb2u
+ &pshufb ("xmm5","xmm2"); # 4 = sb2u
+ &movdqa ("xmm1",&QWP(-0x40,$base,$magic));# .Lk_mc_forward[]
+ &movdqa ("xmm2",&QWP($k_sb2+16,$const));# 2 : sb2t
+ &pshufb ("xmm2","xmm3"); # 2 = sb2t
+ &pxor ("xmm2","xmm5"); # 2 = 2A
+ &movdqa ("xmm4",&QWP(0,$base,$magic)); # .Lk_mc_backward[]
+ &movdqa ("xmm3","xmm0"); # 3 = A
+ &pshufb ("xmm0","xmm1"); # 0 = B
+ &add ($key,16); # next key
+ &pxor ("xmm0","xmm2"); # 0 = 2A+B
+ &pshufb ("xmm3","xmm4"); # 3 = D
+ &add ($magic,16); # next mc
+ &pxor ("xmm3","xmm0"); # 3 = 2A+B+D
+ &pshufb ("xmm0","xmm1"); # 0 = 2B+C
+ &and ($magic,0x30); # ... mod 4
+ &pxor ("xmm0","xmm3"); # 0 = 2A+3B+C+D
+ &sub ($round,1); # nr--
+
+&set_label("enc_entry");
+ # top of round
+ &movdqa ("xmm1","xmm6"); # 1 : i
+ &pandn ("xmm1","xmm0"); # 1 = i<<4
+ &psrld ("xmm1",4); # 1 = i
+ &pand ("xmm0","xmm6"); # 0 = k
+ &movdqa ("xmm5",&QWP($k_inv+16,$const));# 2 : a/k
+ &pshufb ("xmm5","xmm0"); # 2 = a/k
+ &pxor ("xmm0","xmm1"); # 0 = j
+ &movdqa ("xmm3","xmm7"); # 3 : 1/i
+ &pshufb ("xmm3","xmm1"); # 3 = 1/i
+ &pxor ("xmm3","xmm5"); # 3 = iak = 1/i + a/k
+ &movdqa ("xmm4","xmm7"); # 4 : 1/j
+ &pshufb ("xmm4","xmm0"); # 4 = 1/j
+ &pxor ("xmm4","xmm5"); # 4 = jak = 1/j + a/k
+ &movdqa ("xmm2","xmm7"); # 2 : 1/iak
+ &pshufb ("xmm2","xmm3"); # 2 = 1/iak
+ &pxor ("xmm2","xmm0"); # 2 = io
+ &movdqa ("xmm3","xmm7"); # 3 : 1/jak
+ &movdqu ("xmm5",&QWP(0,$key));
+ &pshufb ("xmm3","xmm4"); # 3 = 1/jak
+ &pxor ("xmm3","xmm1"); # 3 = jo
+ &jnz (&label("enc_loop"));
+
+ # middle of last round
+ &movdqa ("xmm4",&QWP($k_sbo,$const)); # 3 : sbou .Lk_sbo
+ &movdqa ("xmm0",&QWP($k_sbo+16,$const));# 3 : sbot .Lk_sbo+16
+ &pshufb ("xmm4","xmm2"); # 4 = sbou
+ &pxor ("xmm4","xmm5"); # 4 = sb1u + k
+ &pshufb ("xmm0","xmm3"); # 0 = sb1t
+ &movdqa ("xmm1",&QWP(0x40,$base,$magic));# .Lk_sr[]
+ &pxor ("xmm0","xmm4"); # 0 = A
+ &pshufb ("xmm0","xmm1");
+ &ret ();
+&function_end_B("_vpaes_encrypt_core");
+
+##
+## Decryption core
+##
+## Same API as encryption core.
+##
+&function_begin_B("_vpaes_decrypt_core");
+ &mov ($round,&DWP(240,$key));
+ &lea ($base,&DWP($k_dsbd,$const));
+ &movdqa ("xmm1","xmm6");
+ &movdqa ("xmm2",&QWP($k_dipt-$k_dsbd,$base));
+ &pandn ("xmm1","xmm0");
+ &mov ($magic,$round);
+ &psrld ("xmm1",4)
+ &movdqu ("xmm5",&QWP(0,$key));
+ &shl ($magic,4);
+ &pand ("xmm0","xmm6");
+ &pshufb ("xmm2","xmm0");
+ &movdqa ("xmm0",&QWP($k_dipt-$k_dsbd+16,$base));
+ &xor ($magic,0x30);
+ &pshufb ("xmm0","xmm1");
+ &and ($magic,0x30);
+ &pxor ("xmm2","xmm5");
+ &movdqa ("xmm5",&QWP($k_mc_forward+48,$const));
+ &pxor ("xmm0","xmm2");
+ &add ($key,16);
+ &lea ($magic,&DWP($k_sr-$k_dsbd,$base,$magic));
+ &jmp (&label("dec_entry"));
+
+&set_label("dec_loop",16);
+##
+## Inverse mix columns
+##
+ &movdqa ("xmm4",&QWP(-0x20,$base)); # 4 : sb9u
+ &pshufb ("xmm4","xmm2"); # 4 = sb9u
+ &pxor ("xmm4","xmm0");
+ &movdqa ("xmm0",&QWP(-0x10,$base)); # 0 : sb9t
+ &pshufb ("xmm0","xmm3"); # 0 = sb9t
+ &pxor ("xmm0","xmm4"); # 0 = ch
+ &add ($key,16); # next round key
+
+ &pshufb ("xmm0","xmm5"); # MC ch
+ &movdqa ("xmm4",&QWP(0,$base)); # 4 : sbdu
+ &pshufb ("xmm4","xmm2"); # 4 = sbdu
+ &pxor ("xmm4","xmm0"); # 4 = ch
+ &movdqa ("xmm0",&QWP(0x10,$base)); # 0 : sbdt
+ &pshufb ("xmm0","xmm3"); # 0 = sbdt
+ &pxor ("xmm0","xmm4"); # 0 = ch
+ &sub ($round,1); # nr--
+
+ &pshufb ("xmm0","xmm5"); # MC ch
+ &movdqa ("xmm4",&QWP(0x20,$base)); # 4 : sbbu
+ &pshufb ("xmm4","xmm2"); # 4 = sbbu
+ &pxor ("xmm4","xmm0"); # 4 = ch
+ &movdqa ("xmm0",&QWP(0x30,$base)); # 0 : sbbt
+ &pshufb ("xmm0","xmm3"); # 0 = sbbt
+ &pxor ("xmm0","xmm4"); # 0 = ch
+
+ &pshufb ("xmm0","xmm5"); # MC ch
+ &movdqa ("xmm4",&QWP(0x40,$base)); # 4 : sbeu
+ &pshufb ("xmm4","xmm2"); # 4 = sbeu
+ &pxor ("xmm4","xmm0"); # 4 = ch
+ &movdqa ("xmm0",&QWP(0x50,$base)); # 0 : sbet
+ &pshufb ("xmm0","xmm3"); # 0 = sbet
+ &pxor ("xmm0","xmm4"); # 0 = ch
+
+ &palignr("xmm5","xmm5",12);
+
+&set_label("dec_entry");
+ # top of round
+ &movdqa ("xmm1","xmm6"); # 1 : i
+ &pandn ("xmm1","xmm0"); # 1 = i<<4
+ &psrld ("xmm1",4); # 1 = i
+ &pand ("xmm0","xmm6"); # 0 = k
+ &movdqa ("xmm2",&QWP($k_inv+16,$const));# 2 : a/k
+ &pshufb ("xmm2","xmm0"); # 2 = a/k
+ &pxor ("xmm0","xmm1"); # 0 = j
+ &movdqa ("xmm3","xmm7"); # 3 : 1/i
+ &pshufb ("xmm3","xmm1"); # 3 = 1/i
+ &pxor ("xmm3","xmm2"); # 3 = iak = 1/i + a/k
+ &movdqa ("xmm4","xmm7"); # 4 : 1/j
+ &pshufb ("xmm4","xmm0"); # 4 = 1/j
+ &pxor ("xmm4","xmm2"); # 4 = jak = 1/j + a/k
+ &movdqa ("xmm2","xmm7"); # 2 : 1/iak
+ &pshufb ("xmm2","xmm3"); # 2 = 1/iak
+ &pxor ("xmm2","xmm0"); # 2 = io
+ &movdqa ("xmm3","xmm7"); # 3 : 1/jak
+ &pshufb ("xmm3","xmm4"); # 3 = 1/jak
+ &pxor ("xmm3","xmm1"); # 3 = jo
+ &movdqu ("xmm0",&QWP(0,$key));
+ &jnz (&label("dec_loop"));
+
+ # middle of last round
+ &movdqa ("xmm4",&QWP(0x60,$base)); # 3 : sbou
+ &pshufb ("xmm4","xmm2"); # 4 = sbou
+ &pxor ("xmm4","xmm0"); # 4 = sb1u + k
+ &movdqa ("xmm0",&QWP(0x70,$base)); # 0 : sbot
+ &movdqa ("xmm2",&QWP(0,$magic));
+ &pshufb ("xmm0","xmm3"); # 0 = sb1t
+ &pxor ("xmm0","xmm4"); # 0 = A
+ &pshufb ("xmm0","xmm2");
+ &ret ();
+&function_end_B("_vpaes_decrypt_core");
+
+########################################################
+## ##
+## AES key schedule ##
+## ##
+########################################################
+&function_begin_B("_vpaes_schedule_core");
+ &add ($const,&DWP(0,"esp"));
+ &movdqu ("xmm0",&QWP(0,$inp)); # load key (unaligned)
+ &movdqa ("xmm2",&QWP($k_rcon,$const)); # load rcon
+
+ # input transform
+ &movdqa ("xmm3","xmm0");
+ &lea ($base,&DWP($k_ipt,$const));
+ &movdqa (&QWP(4,"esp"),"xmm2"); # xmm8
+ &call ("_vpaes_schedule_transform");
+ &movdqa ("xmm7","xmm0");
+
+ &test ($out,$out);
+ &jnz (&label("schedule_am_decrypting"));
+
+ # encrypting, output zeroth round key after transform
+ &movdqu (&QWP(0,$key),"xmm0");
+ &jmp (&label("schedule_go"));
+
+&set_label("schedule_am_decrypting");
+ # decrypting, output zeroth round key after shiftrows
+ &movdqa ("xmm1",&QWP($k_sr,$const,$magic));
+ &pshufb ("xmm3","xmm1");
+ &movdqu (&QWP(0,$key),"xmm3");
+ &xor ($magic,0x30);
+
+&set_label("schedule_go");
+ &cmp ($round,192);
+ &ja (&label("schedule_256"));
+ &je (&label("schedule_192"));
+ # 128: fall though
+
+##
+## .schedule_128
+##
+## 128-bit specific part of key schedule.
+##
+## This schedule is really simple, because all its parts
+## are accomplished by the subroutines.
+##
+&set_label("schedule_128");
+ &mov ($round,10);
+
+&set_label("loop_schedule_128");
+ &call ("_vpaes_schedule_round");
+ &dec ($round);
+ &jz (&label("schedule_mangle_last"));
+ &call ("_vpaes_schedule_mangle"); # write output
+ &jmp (&label("loop_schedule_128"));
+
+##
+## .aes_schedule_192
+##
+## 192-bit specific part of key schedule.
+##
+## The main body of this schedule is the same as the 128-bit
+## schedule, but with more smearing. The long, high side is
+## stored in %xmm7 as before, and the short, low side is in
+## the high bits of %xmm6.
+##
+## This schedule is somewhat nastier, however, because each
+## round produces 192 bits of key material, or 1.5 round keys.
+## Therefore, on each cycle we do 2 rounds and produce 3 round
+## keys.
+##
+&set_label("schedule_192",16);
+ &movdqu ("xmm0",&QWP(8,$inp)); # load key part 2 (very unaligned)
+ &call ("_vpaes_schedule_transform"); # input transform
+ &movdqa ("xmm6","xmm0"); # save short part
+ &pxor ("xmm4","xmm4"); # clear 4
+ &movhlps("xmm6","xmm4"); # clobber low side with zeros
+ &mov ($round,4);
+
+&set_label("loop_schedule_192");
+ &call ("_vpaes_schedule_round");
+ &palignr("xmm0","xmm6",8);
+ &call ("_vpaes_schedule_mangle"); # save key n
+ &call ("_vpaes_schedule_192_smear");
+ &call ("_vpaes_schedule_mangle"); # save key n+1
+ &call ("_vpaes_schedule_round");
+ &dec ($round);
+ &jz (&label("schedule_mangle_last"));
+ &call ("_vpaes_schedule_mangle"); # save key n+2
+ &call ("_vpaes_schedule_192_smear");
+ &jmp (&label("loop_schedule_192"));
+
+##
+## .aes_schedule_256
+##
+## 256-bit specific part of key schedule.
+##
+## The structure here is very similar to the 128-bit
+## schedule, but with an additional "low side" in
+## %xmm6. The low side's rounds are the same as the
+## high side's, except no rcon and no rotation.
+##
+&set_label("schedule_256",16);
+ &movdqu ("xmm0",&QWP(16,$inp)); # load key part 2 (unaligned)
+ &call ("_vpaes_schedule_transform"); # input transform
+ &mov ($round,7);
+
+&set_label("loop_schedule_256");
+ &call ("_vpaes_schedule_mangle"); # output low result
+ &movdqa ("xmm6","xmm0"); # save cur_lo in xmm6
+
+ # high round
+ &call ("_vpaes_schedule_round");
+ &dec ($round);
+ &jz (&label("schedule_mangle_last"));
+ &call ("_vpaes_schedule_mangle");
+
+ # low round. swap xmm7 and xmm6
+ &pshufd ("xmm0","xmm0",0xFF);
+ &movdqa (&QWP(20,"esp"),"xmm7");
+ &movdqa ("xmm7","xmm6");
+ &call ("_vpaes_schedule_low_round");
+ &movdqa ("xmm7",&QWP(20,"esp"));
+
+ &jmp (&label("loop_schedule_256"));
+
+##
+## .aes_schedule_mangle_last
+##
+## Mangler for last round of key schedule
+## Mangles %xmm0
+## when encrypting, outputs out(%xmm0) ^ 63
+## when decrypting, outputs unskew(%xmm0)
+##
+## Always called right before return... jumps to cleanup and exits
+##
+&set_label("schedule_mangle_last",16);
+ # schedule last round key from xmm0
+ &lea ($base,&DWP($k_deskew,$const));
+ &test ($out,$out);
+ &jnz (&label("schedule_mangle_last_dec"));
+
+ # encrypting
+ &movdqa ("xmm1",&QWP($k_sr,$const,$magic));
+ &pshufb ("xmm0","xmm1"); # output permute
+ &lea ($base,&DWP($k_opt,$const)); # prepare to output transform
+ &add ($key,32);
+
+&set_label("schedule_mangle_last_dec");
+ &add ($key,-16);
+ &pxor ("xmm0",&QWP($k_s63,$const));
+ &call ("_vpaes_schedule_transform"); # output transform
+ &movdqu (&QWP(0,$key),"xmm0"); # save last key
+
+ # cleanup
+ &pxor ("xmm0","xmm0");
+ &pxor ("xmm1","xmm1");
+ &pxor ("xmm2","xmm2");
+ &pxor ("xmm3","xmm3");
+ &pxor ("xmm4","xmm4");
+ &pxor ("xmm5","xmm5");
+ &pxor ("xmm6","xmm6");
+ &pxor ("xmm7","xmm7");
+ &ret ();
+&function_end_B("_vpaes_schedule_core");
+
+##
+## .aes_schedule_192_smear
+##
+## Smear the short, low side in the 192-bit key schedule.
+##
+## Inputs:
+## %xmm7: high side, b a x y
+## %xmm6: low side, d c 0 0
+## %xmm13: 0
+##
+## Outputs:
+## %xmm6: b+c+d b+c 0 0
+## %xmm0: b+c+d b+c b a
+##
+&function_begin_B("_vpaes_schedule_192_smear");
+ &pshufd ("xmm0","xmm6",0x80); # d c 0 0 -> c 0 0 0
+ &pxor ("xmm6","xmm0"); # -> c+d c 0 0
+ &pshufd ("xmm0","xmm7",0xFE); # b a _ _ -> b b b a
+ &pxor ("xmm6","xmm0"); # -> b+c+d b+c b a
+ &movdqa ("xmm0","xmm6");
+ &pxor ("xmm1","xmm1");
+ &movhlps("xmm6","xmm1"); # clobber low side with zeros
+ &ret ();
+&function_end_B("_vpaes_schedule_192_smear");
+
+##
+## .aes_schedule_round
+##
+## Runs one main round of the key schedule on %xmm0, %xmm7
+##
+## Specifically, runs subbytes on the high dword of %xmm0
+## then rotates it by one byte and xors into the low dword of
+## %xmm7.
+##
+## Adds rcon from low byte of %xmm8, then rotates %xmm8 for
+## next rcon.
+##
+## Smears the dwords of %xmm7 by xoring the low into the
+## second low, result into third, result into highest.
+##
+## Returns results in %xmm7 = %xmm0.
+## Clobbers %xmm1-%xmm5.
+##
+&function_begin_B("_vpaes_schedule_round");
+ # extract rcon from xmm8
+ &movdqa ("xmm2",&QWP(8,"esp")); # xmm8
+ &pxor ("xmm1","xmm1");
+ &palignr("xmm1","xmm2",15);
+ &palignr("xmm2","xmm2",15);
+ &pxor ("xmm7","xmm1");
+
+ # rotate
+ &pshufd ("xmm0","xmm0",0xFF);
+ &palignr("xmm0","xmm0",1);
+
+ # fall through...
+ &movdqa (&QWP(8,"esp"),"xmm2"); # xmm8
+
+ # low round: same as high round, but no rotation and no rcon.
+&set_label("_vpaes_schedule_low_round");
+ # smear xmm7
+ &movdqa ("xmm1","xmm7");
+ &pslldq ("xmm7",4);
+ &pxor ("xmm7","xmm1");
+ &movdqa ("xmm1","xmm7");
+ &pslldq ("xmm7",8);
+ &pxor ("xmm7","xmm1");
+ &pxor ("xmm7",&QWP($k_s63,$const));
+
+ # subbyte
+ &movdqa ("xmm4",&QWP($k_s0F,$const));
+ &movdqa ("xmm5",&QWP($k_inv,$const)); # 4 : 1/j
+ &movdqa ("xmm1","xmm4");
+ &pandn ("xmm1","xmm0");
+ &psrld ("xmm1",4); # 1 = i
+ &pand ("xmm0","xmm4"); # 0 = k
+ &movdqa ("xmm2",&QWP($k_inv+16,$const));# 2 : a/k
+ &pshufb ("xmm2","xmm0"); # 2 = a/k
+ &pxor ("xmm0","xmm1"); # 0 = j
+ &movdqa ("xmm3","xmm5"); # 3 : 1/i
+ &pshufb ("xmm3","xmm1"); # 3 = 1/i
+ &pxor ("xmm3","xmm2"); # 3 = iak = 1/i + a/k
+ &movdqa ("xmm4","xmm5"); # 4 : 1/j
+ &pshufb ("xmm4","xmm0"); # 4 = 1/j
+ &pxor ("xmm4","xmm2"); # 4 = jak = 1/j + a/k
+ &movdqa ("xmm2","xmm5"); # 2 : 1/iak
+ &pshufb ("xmm2","xmm3"); # 2 = 1/iak
+ &pxor ("xmm2","xmm0"); # 2 = io
+ &movdqa ("xmm3","xmm5"); # 3 : 1/jak
+ &pshufb ("xmm3","xmm4"); # 3 = 1/jak
+ &pxor ("xmm3","xmm1"); # 3 = jo
+ &movdqa ("xmm4",&QWP($k_sb1,$const)); # 4 : sbou
+ &pshufb ("xmm4","xmm2"); # 4 = sbou
+ &movdqa ("xmm0",&QWP($k_sb1+16,$const));# 0 : sbot
+ &pshufb ("xmm0","xmm3"); # 0 = sb1t
+ &pxor ("xmm0","xmm4"); # 0 = sbox output
+
+ # add in smeared stuff
+ &pxor ("xmm0","xmm7");
+ &movdqa ("xmm7","xmm0");
+ &ret ();
+&function_end_B("_vpaes_schedule_round");
+
+##
+## .aes_schedule_transform
+##
+## Linear-transform %xmm0 according to tables at (%ebx)
+##
+## Output in %xmm0
+## Clobbers %xmm1, %xmm2
+##
+&function_begin_B("_vpaes_schedule_transform");
+ &movdqa ("xmm2",&QWP($k_s0F,$const));
+ &movdqa ("xmm1","xmm2");
+ &pandn ("xmm1","xmm0");
+ &psrld ("xmm1",4);
+ &pand ("xmm0","xmm2");
+ &movdqa ("xmm2",&QWP(0,$base));
+ &pshufb ("xmm2","xmm0");
+ &movdqa ("xmm0",&QWP(16,$base));
+ &pshufb ("xmm0","xmm1");
+ &pxor ("xmm0","xmm2");
+ &ret ();
+&function_end_B("_vpaes_schedule_transform");
+
+##
+## .aes_schedule_mangle
+##
+## Mangle xmm0 from (basis-transformed) standard version
+## to our version.
+##
+## On encrypt,
+## xor with 0x63
+## multiply by circulant 0,1,1,1
+## apply shiftrows transform
+##
+## On decrypt,
+## xor with 0x63
+## multiply by "inverse mixcolumns" circulant E,B,D,9
+## deskew
+## apply shiftrows transform
+##
+##
+## Writes out to (%edx), and increments or decrements it
+## Keeps track of round number mod 4 in %ecx
+## Preserves xmm0
+## Clobbers xmm1-xmm5
+##
+&function_begin_B("_vpaes_schedule_mangle");
+ &movdqa ("xmm4","xmm0"); # save xmm0 for later
+ &movdqa ("xmm5",&QWP($k_mc_forward,$const));
+ &test ($out,$out);
+ &jnz (&label("schedule_mangle_dec"));
+
+ # encrypting
+ &add ($key,16);
+ &pxor ("xmm4",&QWP($k_s63,$const));
+ &pshufb ("xmm4","xmm5");
+ &movdqa ("xmm3","xmm4");
+ &pshufb ("xmm4","xmm5");
+ &pxor ("xmm3","xmm4");
+ &pshufb ("xmm4","xmm5");
+ &pxor ("xmm3","xmm4");
+
+ &jmp (&label("schedule_mangle_both"));
+
+&set_label("schedule_mangle_dec",16);
+ # inverse mix columns
+ &movdqa ("xmm2",&QWP($k_s0F,$const));
+ &lea ($inp,&DWP($k_dksd,$const));
+ &movdqa ("xmm1","xmm2");
+ &pandn ("xmm1","xmm4");
+ &psrld ("xmm1",4); # 1 = hi
+ &pand ("xmm4","xmm2"); # 4 = lo
+
+ &movdqa ("xmm2",&QWP(0,$inp));
+ &pshufb ("xmm2","xmm4");
+ &movdqa ("xmm3",&QWP(0x10,$inp));
+ &pshufb ("xmm3","xmm1");
+ &pxor ("xmm3","xmm2");
+ &pshufb ("xmm3","xmm5");
+
+ &movdqa ("xmm2",&QWP(0x20,$inp));
+ &pshufb ("xmm2","xmm4");
+ &pxor ("xmm2","xmm3");
+ &movdqa ("xmm3",&QWP(0x30,$inp));
+ &pshufb ("xmm3","xmm1");
+ &pxor ("xmm3","xmm2");
+ &pshufb ("xmm3","xmm5");
+
+ &movdqa ("xmm2",&QWP(0x40,$inp));
+ &pshufb ("xmm2","xmm4");
+ &pxor ("xmm2","xmm3");
+ &movdqa ("xmm3",&QWP(0x50,$inp));
+ &pshufb ("xmm3","xmm1");
+ &pxor ("xmm3","xmm2");
+ &pshufb ("xmm3","xmm5");
+
+ &movdqa ("xmm2",&QWP(0x60,$inp));
+ &pshufb ("xmm2","xmm4");
+ &pxor ("xmm2","xmm3");
+ &movdqa ("xmm3",&QWP(0x70,$inp));
+ &pshufb ("xmm3","xmm1");
+ &pxor ("xmm3","xmm2");
+
+ &add ($key,-16);
+
+&set_label("schedule_mangle_both");
+ &movdqa ("xmm1",&QWP($k_sr,$const,$magic));
+ &pshufb ("xmm3","xmm1");
+ &add ($magic,-16);
+ &and ($magic,0x30);
+ &movdqu (&QWP(0,$key),"xmm3");
+ &ret ();
+&function_end_B("_vpaes_schedule_mangle");
+
+#
+# Interface to OpenSSL
+#
+&function_begin("${PREFIX}_set_encrypt_key");
+ &mov ($inp,&wparam(0)); # inp
+ &lea ($base,&DWP(-56,"esp"));
+ &mov ($round,&wparam(1)); # bits
+ &and ($base,-16);
+ &mov ($key,&wparam(2)); # key
+ &xchg ($base,"esp"); # alloca
+ &mov (&DWP(48,"esp"),$base);
+
+ &mov ($base,$round);
+ &shr ($base,5);
+ &add ($base,5);
+ &mov (&DWP(240,$key),$base); # AES_KEY->rounds = nbits/32+5;
+ &mov ($magic,0x30);
+ &mov ($out,0);
+
+ &lea ($const,&DWP(&label("_vpaes_consts")."+0x30-".&label("pic_point")));
+ &call ("_vpaes_schedule_core");
+&set_label("pic_point");
+
+ &mov ("esp",&DWP(48,"esp"));
+ &xor ("eax","eax");
+&function_end("${PREFIX}_set_encrypt_key");
+
+&function_begin("${PREFIX}_set_decrypt_key");
+ &mov ($inp,&wparam(0)); # inp
+ &lea ($base,&DWP(-56,"esp"));
+ &mov ($round,&wparam(1)); # bits
+ &and ($base,-16);
+ &mov ($key,&wparam(2)); # key
+ &xchg ($base,"esp"); # alloca
+ &mov (&DWP(48,"esp"),$base);
+
+ &mov ($base,$round);
+ &shr ($base,5);
+ &add ($base,5);
+ &mov (&DWP(240,$key),$base); # AES_KEY->rounds = nbits/32+5;
+ &shl ($base,4);
+ &lea ($key,&DWP(16,$key,$base));
+
+ &mov ($out,1);
+ &mov ($magic,$round);
+ &shr ($magic,1);
+ &and ($magic,32);
+ &xor ($magic,32); # nbist==192?0:32;
+
+ &lea ($const,&DWP(&label("_vpaes_consts")."+0x30-".&label("pic_point")));
+ &call ("_vpaes_schedule_core");
+&set_label("pic_point");
+
+ &mov ("esp",&DWP(48,"esp"));
+ &xor ("eax","eax");
+&function_end("${PREFIX}_set_decrypt_key");
+
+&function_begin("${PREFIX}_encrypt");
+ &lea ($const,&DWP(&label("_vpaes_consts")."+0x30-".&label("pic_point")));
+ &call ("_vpaes_preheat");
+&set_label("pic_point");
+ &mov ($inp,&wparam(0)); # inp
+ &lea ($base,&DWP(-56,"esp"));
+ &mov ($out,&wparam(1)); # out
+ &and ($base,-16);
+ &mov ($key,&wparam(2)); # key
+ &xchg ($base,"esp"); # alloca
+ &mov (&DWP(48,"esp"),$base);
+
+ &movdqu ("xmm0",&QWP(0,$inp));
+ &call ("_vpaes_encrypt_core");
+ &movdqu (&QWP(0,$out),"xmm0");
+
+ &mov ("esp",&DWP(48,"esp"));
+&function_end("${PREFIX}_encrypt");
+
+&function_begin("${PREFIX}_decrypt");
+ &lea ($const,&DWP(&label("_vpaes_consts")."+0x30-".&label("pic_point")));
+ &call ("_vpaes_preheat");
+&set_label("pic_point");
+ &mov ($inp,&wparam(0)); # inp
+ &lea ($base,&DWP(-56,"esp"));
+ &mov ($out,&wparam(1)); # out
+ &and ($base,-16);
+ &mov ($key,&wparam(2)); # key
+ &xchg ($base,"esp"); # alloca
+ &mov (&DWP(48,"esp"),$base);
+
+ &movdqu ("xmm0",&QWP(0,$inp));
+ &call ("_vpaes_decrypt_core");
+ &movdqu (&QWP(0,$out),"xmm0");
+
+ &mov ("esp",&DWP(48,"esp"));
+&function_end("${PREFIX}_decrypt");
+
+&function_begin("${PREFIX}_cbc_encrypt");
+ &mov ($inp,&wparam(0)); # inp
+ &mov ($out,&wparam(1)); # out
+ &mov ($round,&wparam(2)); # len
+ &mov ($key,&wparam(3)); # key
+ &sub ($round,16);
+ &jc (&label("cbc_abort"));
+ &lea ($base,&DWP(-56,"esp"));
+ &mov ($const,&wparam(4)); # ivp
+ &and ($base,-16);
+ &mov ($magic,&wparam(5)); # enc
+ &xchg ($base,"esp"); # alloca
+ &movdqu ("xmm1",&QWP(0,$const)); # load IV
+ &sub ($out,$inp);
+ &mov (&DWP(48,"esp"),$base);
+
+ &mov (&DWP(0,"esp"),$out); # save out
+ &mov (&DWP(4,"esp"),$key) # save key
+ &mov (&DWP(8,"esp"),$const); # save ivp
+ &mov ($out,$round); # $out works as $len
+
+ &lea ($const,&DWP(&label("_vpaes_consts")."+0x30-".&label("pic_point")));
+ &call ("_vpaes_preheat");
+&set_label("pic_point");
+ &cmp ($magic,0);
+ &je (&label("cbc_dec_loop"));
+ &jmp (&label("cbc_enc_loop"));
+
+&set_label("cbc_enc_loop",16);
+ &movdqu ("xmm0",&QWP(0,$inp)); # load input
+ &pxor ("xmm0","xmm1"); # inp^=iv
+ &call ("_vpaes_encrypt_core");
+ &mov ($base,&DWP(0,"esp")); # restore out
+ &mov ($key,&DWP(4,"esp")); # restore key
+ &movdqa ("xmm1","xmm0");
+ &movdqu (&QWP(0,$base,$inp),"xmm0"); # write output
+ &lea ($inp,&DWP(16,$inp));
+ &sub ($out,16);
+ &jnc (&label("cbc_enc_loop"));
+ &jmp (&label("cbc_done"));
+
+&set_label("cbc_dec_loop",16);
+ &movdqu ("xmm0",&QWP(0,$inp)); # load input
+ &movdqa (&QWP(16,"esp"),"xmm1"); # save IV
+ &movdqa (&QWP(32,"esp"),"xmm0"); # save future IV
+ &call ("_vpaes_decrypt_core");
+ &mov ($base,&DWP(0,"esp")); # restore out
+ &mov ($key,&DWP(4,"esp")); # restore key
+ &pxor ("xmm0",&QWP(16,"esp")); # out^=iv
+ &movdqa ("xmm1",&QWP(32,"esp")); # load next IV
+ &movdqu (&QWP(0,$base,$inp),"xmm0"); # write output
+ &lea ($inp,&DWP(16,$inp));
+ &sub ($out,16);
+ &jnc (&label("cbc_dec_loop"));
+
+&set_label("cbc_done");
+ &mov ($base,&DWP(8,"esp")); # restore ivp
+ &mov ("esp",&DWP(48,"esp"));
+ &movdqu (&QWP(0,$base),"xmm1"); # write IV
+&set_label("cbc_abort");
+&function_end("${PREFIX}_cbc_encrypt");
+
+&asm_finish();
Copied: trunk/crypto/openssl/crypto/aes/asm/vpaes-x86_64.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/aes/asm/vpaes-x86_64.pl)
===================================================================
--- trunk/crypto/openssl/crypto/aes/asm/vpaes-x86_64.pl (rev 0)
+++ trunk/crypto/openssl/crypto/aes/asm/vpaes-x86_64.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,1207 @@
+#!/usr/bin/env perl
+
+######################################################################
+## Constant-time SSSE3 AES core implementation.
+## version 0.1
+##
+## By Mike Hamburg (Stanford University), 2009
+## Public domain.
+##
+## For details see http://shiftleft.org/papers/vector_aes/ and
+## http://crypto.stanford.edu/vpaes/.
+
+######################################################################
+# September 2011.
+#
+# Interface to OpenSSL as "almost" drop-in replacement for
+# aes-x86_64.pl. "Almost" refers to the fact that AES_cbc_encrypt
+# doesn't handle partial vectors (doesn't have to if called from
+# EVP only). "Drop-in" implies that this module doesn't share key
+# schedule structure with the original nor does it make assumption
+# about its alignment...
+#
+# Performance summary. aes-x86_64.pl column lists large-block CBC
+# encrypt/decrypt/with-hyper-threading-off(*) results in cycles per
+# byte processed with 128-bit key, and vpaes-x86_64.pl column -
+# [also large-block CBC] encrypt/decrypt.
+#
+# aes-x86_64.pl vpaes-x86_64.pl
+#
+# Core 2(**) 30.5/43.7/14.3 21.8/25.7(***)
+# Nehalem 30.5/42.2/14.6 9.8/11.8
+# Atom 63.9/79.0/32.1 64.0/84.8(***)
+#
+# (*) "Hyper-threading" in the context refers rather to cache shared
+# among multiple cores, than to specifically Intel HTT. As vast
+# majority of contemporary cores share cache, slower code path
+# is common place. In other words "with-hyper-threading-off"
+# results are presented mostly for reference purposes.
+#
+# (**) "Core 2" refers to initial 65nm design, a.k.a. Conroe.
+#
+# (***) Less impressive improvement on Core 2 and Atom is due to slow
+# pshufb, yet it's respectable +40%/78% improvement on Core 2
+# (as implied, over "hyper-threading-safe" code path).
+#
+# <appro at openssl.org>
+
+$flavour = shift;
+$output = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+
+$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
+die "can't locate x86_64-xlate.pl";
+
+open OUT,"| \"$^X\" $xlate $flavour $output";
+*STDOUT=*OUT;
+
+$PREFIX="vpaes";
+
+$code.=<<___;
+.text
+
+##
+## _aes_encrypt_core
+##
+## AES-encrypt %xmm0.
+##
+## Inputs:
+## %xmm0 = input
+## %xmm9-%xmm15 as in _vpaes_preheat
+## (%rdx) = scheduled keys
+##
+## Output in %xmm0
+## Clobbers %xmm1-%xmm5, %r9, %r10, %r11, %rax
+## Preserves %xmm6 - %xmm8 so you get some local vectors
+##
+##
+.type _vpaes_encrypt_core,\@abi-omnipotent
+.align 16
+_vpaes_encrypt_core:
+ mov %rdx, %r9
+ mov \$16, %r11
+ mov 240(%rdx),%eax
+ movdqa %xmm9, %xmm1
+ movdqa .Lk_ipt(%rip), %xmm2 # iptlo
+ pandn %xmm0, %xmm1
+ movdqu (%r9), %xmm5 # round0 key
+ psrld \$4, %xmm1
+ pand %xmm9, %xmm0
+ pshufb %xmm0, %xmm2
+ movdqa .Lk_ipt+16(%rip), %xmm0 # ipthi
+ pshufb %xmm1, %xmm0
+ pxor %xmm5, %xmm2
+ pxor %xmm2, %xmm0
+ add \$16, %r9
+ lea .Lk_mc_backward(%rip),%r10
+ jmp .Lenc_entry
+
+.align 16
+.Lenc_loop:
+ # middle of middle round
+ movdqa %xmm13, %xmm4 # 4 : sb1u
+ pshufb %xmm2, %xmm4 # 4 = sb1u
+ pxor %xmm5, %xmm4 # 4 = sb1u + k
+ movdqa %xmm12, %xmm0 # 0 : sb1t
+ pshufb %xmm3, %xmm0 # 0 = sb1t
+ pxor %xmm4, %xmm0 # 0 = A
+ movdqa %xmm15, %xmm5 # 4 : sb2u
+ pshufb %xmm2, %xmm5 # 4 = sb2u
+ movdqa -0x40(%r11,%r10), %xmm1 # .Lk_mc_forward[]
+ movdqa %xmm14, %xmm2 # 2 : sb2t
+ pshufb %xmm3, %xmm2 # 2 = sb2t
+ pxor %xmm5, %xmm2 # 2 = 2A
+ movdqa (%r11,%r10), %xmm4 # .Lk_mc_backward[]
+ movdqa %xmm0, %xmm3 # 3 = A
+ pshufb %xmm1, %xmm0 # 0 = B
+ add \$16, %r9 # next key
+ pxor %xmm2, %xmm0 # 0 = 2A+B
+ pshufb %xmm4, %xmm3 # 3 = D
+ add \$16, %r11 # next mc
+ pxor %xmm0, %xmm3 # 3 = 2A+B+D
+ pshufb %xmm1, %xmm0 # 0 = 2B+C
+ and \$0x30, %r11 # ... mod 4
+ pxor %xmm3, %xmm0 # 0 = 2A+3B+C+D
+ sub \$1,%rax # nr--
+
+.Lenc_entry:
+ # top of round
+ movdqa %xmm9, %xmm1 # 1 : i
+ pandn %xmm0, %xmm1 # 1 = i<<4
+ psrld \$4, %xmm1 # 1 = i
+ pand %xmm9, %xmm0 # 0 = k
+ movdqa %xmm11, %xmm5 # 2 : a/k
+ pshufb %xmm0, %xmm5 # 2 = a/k
+ pxor %xmm1, %xmm0 # 0 = j
+ movdqa %xmm10, %xmm3 # 3 : 1/i
+ pshufb %xmm1, %xmm3 # 3 = 1/i
+ pxor %xmm5, %xmm3 # 3 = iak = 1/i + a/k
+ movdqa %xmm10, %xmm4 # 4 : 1/j
+ pshufb %xmm0, %xmm4 # 4 = 1/j
+ pxor %xmm5, %xmm4 # 4 = jak = 1/j + a/k
+ movdqa %xmm10, %xmm2 # 2 : 1/iak
+ pshufb %xmm3, %xmm2 # 2 = 1/iak
+ pxor %xmm0, %xmm2 # 2 = io
+ movdqa %xmm10, %xmm3 # 3 : 1/jak
+ movdqu (%r9), %xmm5
+ pshufb %xmm4, %xmm3 # 3 = 1/jak
+ pxor %xmm1, %xmm3 # 3 = jo
+ jnz .Lenc_loop
+
+ # middle of last round
+ movdqa -0x60(%r10), %xmm4 # 3 : sbou .Lk_sbo
+ movdqa -0x50(%r10), %xmm0 # 0 : sbot .Lk_sbo+16
+ pshufb %xmm2, %xmm4 # 4 = sbou
+ pxor %xmm5, %xmm4 # 4 = sb1u + k
+ pshufb %xmm3, %xmm0 # 0 = sb1t
+ movdqa 0x40(%r11,%r10), %xmm1 # .Lk_sr[]
+ pxor %xmm4, %xmm0 # 0 = A
+ pshufb %xmm1, %xmm0
+ ret
+.size _vpaes_encrypt_core,.-_vpaes_encrypt_core
+
+##
+## Decryption core
+##
+## Same API as encryption core.
+##
+.type _vpaes_decrypt_core,\@abi-omnipotent
+.align 16
+_vpaes_decrypt_core:
+ mov %rdx, %r9 # load key
+ mov 240(%rdx),%eax
+ movdqa %xmm9, %xmm1
+ movdqa .Lk_dipt(%rip), %xmm2 # iptlo
+ pandn %xmm0, %xmm1
+ mov %rax, %r11
+ psrld \$4, %xmm1
+ movdqu (%r9), %xmm5 # round0 key
+ shl \$4, %r11
+ pand %xmm9, %xmm0
+ pshufb %xmm0, %xmm2
+ movdqa .Lk_dipt+16(%rip), %xmm0 # ipthi
+ xor \$0x30, %r11
+ lea .Lk_dsbd(%rip),%r10
+ pshufb %xmm1, %xmm0
+ and \$0x30, %r11
+ pxor %xmm5, %xmm2
+ movdqa .Lk_mc_forward+48(%rip), %xmm5
+ pxor %xmm2, %xmm0
+ add \$16, %r9
+ add %r10, %r11
+ jmp .Ldec_entry
+
+.align 16
+.Ldec_loop:
+##
+## Inverse mix columns
+##
+ movdqa -0x20(%r10),%xmm4 # 4 : sb9u
+ pshufb %xmm2, %xmm4 # 4 = sb9u
+ pxor %xmm0, %xmm4
+ movdqa -0x10(%r10),%xmm0 # 0 : sb9t
+ pshufb %xmm3, %xmm0 # 0 = sb9t
+ pxor %xmm4, %xmm0 # 0 = ch
+ add \$16, %r9 # next round key
+
+ pshufb %xmm5, %xmm0 # MC ch
+ movdqa 0x00(%r10),%xmm4 # 4 : sbdu
+ pshufb %xmm2, %xmm4 # 4 = sbdu
+ pxor %xmm0, %xmm4 # 4 = ch
+ movdqa 0x10(%r10),%xmm0 # 0 : sbdt
+ pshufb %xmm3, %xmm0 # 0 = sbdt
+ pxor %xmm4, %xmm0 # 0 = ch
+ sub \$1,%rax # nr--
+
+ pshufb %xmm5, %xmm0 # MC ch
+ movdqa 0x20(%r10),%xmm4 # 4 : sbbu
+ pshufb %xmm2, %xmm4 # 4 = sbbu
+ pxor %xmm0, %xmm4 # 4 = ch
+ movdqa 0x30(%r10),%xmm0 # 0 : sbbt
+ pshufb %xmm3, %xmm0 # 0 = sbbt
+ pxor %xmm4, %xmm0 # 0 = ch
+
+ pshufb %xmm5, %xmm0 # MC ch
+ movdqa 0x40(%r10),%xmm4 # 4 : sbeu
+ pshufb %xmm2, %xmm4 # 4 = sbeu
+ pxor %xmm0, %xmm4 # 4 = ch
+ movdqa 0x50(%r10),%xmm0 # 0 : sbet
+ pshufb %xmm3, %xmm0 # 0 = sbet
+ pxor %xmm4, %xmm0 # 0 = ch
+
+ palignr \$12, %xmm5, %xmm5
+
+.Ldec_entry:
+ # top of round
+ movdqa %xmm9, %xmm1 # 1 : i
+ pandn %xmm0, %xmm1 # 1 = i<<4
+ psrld \$4, %xmm1 # 1 = i
+ pand %xmm9, %xmm0 # 0 = k
+ movdqa %xmm11, %xmm2 # 2 : a/k
+ pshufb %xmm0, %xmm2 # 2 = a/k
+ pxor %xmm1, %xmm0 # 0 = j
+ movdqa %xmm10, %xmm3 # 3 : 1/i
+ pshufb %xmm1, %xmm3 # 3 = 1/i
+ pxor %xmm2, %xmm3 # 3 = iak = 1/i + a/k
+ movdqa %xmm10, %xmm4 # 4 : 1/j
+ pshufb %xmm0, %xmm4 # 4 = 1/j
+ pxor %xmm2, %xmm4 # 4 = jak = 1/j + a/k
+ movdqa %xmm10, %xmm2 # 2 : 1/iak
+ pshufb %xmm3, %xmm2 # 2 = 1/iak
+ pxor %xmm0, %xmm2 # 2 = io
+ movdqa %xmm10, %xmm3 # 3 : 1/jak
+ pshufb %xmm4, %xmm3 # 3 = 1/jak
+ pxor %xmm1, %xmm3 # 3 = jo
+ movdqu (%r9), %xmm0
+ jnz .Ldec_loop
+
+ # middle of last round
+ movdqa 0x60(%r10), %xmm4 # 3 : sbou
+ pshufb %xmm2, %xmm4 # 4 = sbou
+ pxor %xmm0, %xmm4 # 4 = sb1u + k
+ movdqa 0x70(%r10), %xmm0 # 0 : sbot
+ movdqa -0x160(%r11), %xmm2 # .Lk_sr-.Lk_dsbd=-0x160
+ pshufb %xmm3, %xmm0 # 0 = sb1t
+ pxor %xmm4, %xmm0 # 0 = A
+ pshufb %xmm2, %xmm0
+ ret
+.size _vpaes_decrypt_core,.-_vpaes_decrypt_core
+
+########################################################
+## ##
+## AES key schedule ##
+## ##
+########################################################
+.type _vpaes_schedule_core,\@abi-omnipotent
+.align 16
+_vpaes_schedule_core:
+ # rdi = key
+ # rsi = size in bits
+ # rdx = buffer
+ # rcx = direction. 0=encrypt, 1=decrypt
+
+ call _vpaes_preheat # load the tables
+ movdqa .Lk_rcon(%rip), %xmm8 # load rcon
+ movdqu (%rdi), %xmm0 # load key (unaligned)
+
+ # input transform
+ movdqa %xmm0, %xmm3
+ lea .Lk_ipt(%rip), %r11
+ call _vpaes_schedule_transform
+ movdqa %xmm0, %xmm7
+
+ lea .Lk_sr(%rip),%r10
+ test %rcx, %rcx
+ jnz .Lschedule_am_decrypting
+
+ # encrypting, output zeroth round key after transform
+ movdqu %xmm0, (%rdx)
+ jmp .Lschedule_go
+
+.Lschedule_am_decrypting:
+ # decrypting, output zeroth round key after shiftrows
+ movdqa (%r8,%r10),%xmm1
+ pshufb %xmm1, %xmm3
+ movdqu %xmm3, (%rdx)
+ xor \$0x30, %r8
+
+.Lschedule_go:
+ cmp \$192, %esi
+ ja .Lschedule_256
+ je .Lschedule_192
+ # 128: fall though
+
+##
+## .schedule_128
+##
+## 128-bit specific part of key schedule.
+##
+## This schedule is really simple, because all its parts
+## are accomplished by the subroutines.
+##
+.Lschedule_128:
+ mov \$10, %esi
+
+.Loop_schedule_128:
+ call _vpaes_schedule_round
+ dec %rsi
+ jz .Lschedule_mangle_last
+ call _vpaes_schedule_mangle # write output
+ jmp .Loop_schedule_128
+
+##
+## .aes_schedule_192
+##
+## 192-bit specific part of key schedule.
+##
+## The main body of this schedule is the same as the 128-bit
+## schedule, but with more smearing. The long, high side is
+## stored in %xmm7 as before, and the short, low side is in
+## the high bits of %xmm6.
+##
+## This schedule is somewhat nastier, however, because each
+## round produces 192 bits of key material, or 1.5 round keys.
+## Therefore, on each cycle we do 2 rounds and produce 3 round
+## keys.
+##
+.align 16
+.Lschedule_192:
+ movdqu 8(%rdi),%xmm0 # load key part 2 (very unaligned)
+ call _vpaes_schedule_transform # input transform
+ movdqa %xmm0, %xmm6 # save short part
+ pxor %xmm4, %xmm4 # clear 4
+ movhlps %xmm4, %xmm6 # clobber low side with zeros
+ mov \$4, %esi
+
+.Loop_schedule_192:
+ call _vpaes_schedule_round
+ palignr \$8,%xmm6,%xmm0
+ call _vpaes_schedule_mangle # save key n
+ call _vpaes_schedule_192_smear
+ call _vpaes_schedule_mangle # save key n+1
+ call _vpaes_schedule_round
+ dec %rsi
+ jz .Lschedule_mangle_last
+ call _vpaes_schedule_mangle # save key n+2
+ call _vpaes_schedule_192_smear
+ jmp .Loop_schedule_192
+
+##
+## .aes_schedule_256
+##
+## 256-bit specific part of key schedule.
+##
+## The structure here is very similar to the 128-bit
+## schedule, but with an additional "low side" in
+## %xmm6. The low side's rounds are the same as the
+## high side's, except no rcon and no rotation.
+##
+.align 16
+.Lschedule_256:
+ movdqu 16(%rdi),%xmm0 # load key part 2 (unaligned)
+ call _vpaes_schedule_transform # input transform
+ mov \$7, %esi
+
+.Loop_schedule_256:
+ call _vpaes_schedule_mangle # output low result
+ movdqa %xmm0, %xmm6 # save cur_lo in xmm6
+
+ # high round
+ call _vpaes_schedule_round
+ dec %rsi
+ jz .Lschedule_mangle_last
+ call _vpaes_schedule_mangle
+
+ # low round. swap xmm7 and xmm6
+ pshufd \$0xFF, %xmm0, %xmm0
+ movdqa %xmm7, %xmm5
+ movdqa %xmm6, %xmm7
+ call _vpaes_schedule_low_round
+ movdqa %xmm5, %xmm7
+
+ jmp .Loop_schedule_256
+
+
+##
+## .aes_schedule_mangle_last
+##
+## Mangler for last round of key schedule
+## Mangles %xmm0
+## when encrypting, outputs out(%xmm0) ^ 63
+## when decrypting, outputs unskew(%xmm0)
+##
+## Always called right before return... jumps to cleanup and exits
+##
+.align 16
+.Lschedule_mangle_last:
+ # schedule last round key from xmm0
+ lea .Lk_deskew(%rip),%r11 # prepare to deskew
+ test %rcx, %rcx
+ jnz .Lschedule_mangle_last_dec
+
+ # encrypting
+ movdqa (%r8,%r10),%xmm1
+ pshufb %xmm1, %xmm0 # output permute
+ lea .Lk_opt(%rip), %r11 # prepare to output transform
+ add \$32, %rdx
+
+.Lschedule_mangle_last_dec:
+ add \$-16, %rdx
+ pxor .Lk_s63(%rip), %xmm0
+ call _vpaes_schedule_transform # output transform
+ movdqu %xmm0, (%rdx) # save last key
+
+ # cleanup
+ pxor %xmm0, %xmm0
+ pxor %xmm1, %xmm1
+ pxor %xmm2, %xmm2
+ pxor %xmm3, %xmm3
+ pxor %xmm4, %xmm4
+ pxor %xmm5, %xmm5
+ pxor %xmm6, %xmm6
+ pxor %xmm7, %xmm7
+ ret
+.size _vpaes_schedule_core,.-_vpaes_schedule_core
+
+##
+## .aes_schedule_192_smear
+##
+## Smear the short, low side in the 192-bit key schedule.
+##
+## Inputs:
+## %xmm7: high side, b a x y
+## %xmm6: low side, d c 0 0
+## %xmm13: 0
+##
+## Outputs:
+## %xmm6: b+c+d b+c 0 0
+## %xmm0: b+c+d b+c b a
+##
+.type _vpaes_schedule_192_smear,\@abi-omnipotent
+.align 16
+_vpaes_schedule_192_smear:
+ pshufd \$0x80, %xmm6, %xmm0 # d c 0 0 -> c 0 0 0
+ pxor %xmm0, %xmm6 # -> c+d c 0 0
+ pshufd \$0xFE, %xmm7, %xmm0 # b a _ _ -> b b b a
+ pxor %xmm0, %xmm6 # -> b+c+d b+c b a
+ movdqa %xmm6, %xmm0
+ pxor %xmm1, %xmm1
+ movhlps %xmm1, %xmm6 # clobber low side with zeros
+ ret
+.size _vpaes_schedule_192_smear,.-_vpaes_schedule_192_smear
+
+##
+## .aes_schedule_round
+##
+## Runs one main round of the key schedule on %xmm0, %xmm7
+##
+## Specifically, runs subbytes on the high dword of %xmm0
+## then rotates it by one byte and xors into the low dword of
+## %xmm7.
+##
+## Adds rcon from low byte of %xmm8, then rotates %xmm8 for
+## next rcon.
+##
+## Smears the dwords of %xmm7 by xoring the low into the
+## second low, result into third, result into highest.
+##
+## Returns results in %xmm7 = %xmm0.
+## Clobbers %xmm1-%xmm4, %r11.
+##
+.type _vpaes_schedule_round,\@abi-omnipotent
+.align 16
+_vpaes_schedule_round:
+ # extract rcon from xmm8
+ pxor %xmm1, %xmm1
+ palignr \$15, %xmm8, %xmm1
+ palignr \$15, %xmm8, %xmm8
+ pxor %xmm1, %xmm7
+
+ # rotate
+ pshufd \$0xFF, %xmm0, %xmm0
+ palignr \$1, %xmm0, %xmm0
+
+ # fall through...
+
+ # low round: same as high round, but no rotation and no rcon.
+_vpaes_schedule_low_round:
+ # smear xmm7
+ movdqa %xmm7, %xmm1
+ pslldq \$4, %xmm7
+ pxor %xmm1, %xmm7
+ movdqa %xmm7, %xmm1
+ pslldq \$8, %xmm7
+ pxor %xmm1, %xmm7
+ pxor .Lk_s63(%rip), %xmm7
+
+ # subbytes
+ movdqa %xmm9, %xmm1
+ pandn %xmm0, %xmm1
+ psrld \$4, %xmm1 # 1 = i
+ pand %xmm9, %xmm0 # 0 = k
+ movdqa %xmm11, %xmm2 # 2 : a/k
+ pshufb %xmm0, %xmm2 # 2 = a/k
+ pxor %xmm1, %xmm0 # 0 = j
+ movdqa %xmm10, %xmm3 # 3 : 1/i
+ pshufb %xmm1, %xmm3 # 3 = 1/i
+ pxor %xmm2, %xmm3 # 3 = iak = 1/i + a/k
+ movdqa %xmm10, %xmm4 # 4 : 1/j
+ pshufb %xmm0, %xmm4 # 4 = 1/j
+ pxor %xmm2, %xmm4 # 4 = jak = 1/j + a/k
+ movdqa %xmm10, %xmm2 # 2 : 1/iak
+ pshufb %xmm3, %xmm2 # 2 = 1/iak
+ pxor %xmm0, %xmm2 # 2 = io
+ movdqa %xmm10, %xmm3 # 3 : 1/jak
+ pshufb %xmm4, %xmm3 # 3 = 1/jak
+ pxor %xmm1, %xmm3 # 3 = jo
+ movdqa %xmm13, %xmm4 # 4 : sbou
+ pshufb %xmm2, %xmm4 # 4 = sbou
+ movdqa %xmm12, %xmm0 # 0 : sbot
+ pshufb %xmm3, %xmm0 # 0 = sb1t
+ pxor %xmm4, %xmm0 # 0 = sbox output
+
+ # add in smeared stuff
+ pxor %xmm7, %xmm0
+ movdqa %xmm0, %xmm7
+ ret
+.size _vpaes_schedule_round,.-_vpaes_schedule_round
+
+##
+## .aes_schedule_transform
+##
+## Linear-transform %xmm0 according to tables at (%r11)
+##
+## Requires that %xmm9 = 0x0F0F... as in preheat
+## Output in %xmm0
+## Clobbers %xmm1, %xmm2
+##
+.type _vpaes_schedule_transform,\@abi-omnipotent
+.align 16
+_vpaes_schedule_transform:
+ movdqa %xmm9, %xmm1
+ pandn %xmm0, %xmm1
+ psrld \$4, %xmm1
+ pand %xmm9, %xmm0
+ movdqa (%r11), %xmm2 # lo
+ pshufb %xmm0, %xmm2
+ movdqa 16(%r11), %xmm0 # hi
+ pshufb %xmm1, %xmm0
+ pxor %xmm2, %xmm0
+ ret
+.size _vpaes_schedule_transform,.-_vpaes_schedule_transform
+
+##
+## .aes_schedule_mangle
+##
+## Mangle xmm0 from (basis-transformed) standard version
+## to our version.
+##
+## On encrypt,
+## xor with 0x63
+## multiply by circulant 0,1,1,1
+## apply shiftrows transform
+##
+## On decrypt,
+## xor with 0x63
+## multiply by "inverse mixcolumns" circulant E,B,D,9
+## deskew
+## apply shiftrows transform
+##
+##
+## Writes out to (%rdx), and increments or decrements it
+## Keeps track of round number mod 4 in %r8
+## Preserves xmm0
+## Clobbers xmm1-xmm5
+##
+.type _vpaes_schedule_mangle,\@abi-omnipotent
+.align 16
+_vpaes_schedule_mangle:
+ movdqa %xmm0, %xmm4 # save xmm0 for later
+ movdqa .Lk_mc_forward(%rip),%xmm5
+ test %rcx, %rcx
+ jnz .Lschedule_mangle_dec
+
+ # encrypting
+ add \$16, %rdx
+ pxor .Lk_s63(%rip),%xmm4
+ pshufb %xmm5, %xmm4
+ movdqa %xmm4, %xmm3
+ pshufb %xmm5, %xmm4
+ pxor %xmm4, %xmm3
+ pshufb %xmm5, %xmm4
+ pxor %xmm4, %xmm3
+
+ jmp .Lschedule_mangle_both
+.align 16
+.Lschedule_mangle_dec:
+ # inverse mix columns
+ lea .Lk_dksd(%rip),%r11
+ movdqa %xmm9, %xmm1
+ pandn %xmm4, %xmm1
+ psrld \$4, %xmm1 # 1 = hi
+ pand %xmm9, %xmm4 # 4 = lo
+
+ movdqa 0x00(%r11), %xmm2
+ pshufb %xmm4, %xmm2
+ movdqa 0x10(%r11), %xmm3
+ pshufb %xmm1, %xmm3
+ pxor %xmm2, %xmm3
+ pshufb %xmm5, %xmm3
+
+ movdqa 0x20(%r11), %xmm2
+ pshufb %xmm4, %xmm2
+ pxor %xmm3, %xmm2
+ movdqa 0x30(%r11), %xmm3
+ pshufb %xmm1, %xmm3
+ pxor %xmm2, %xmm3
+ pshufb %xmm5, %xmm3
+
+ movdqa 0x40(%r11), %xmm2
+ pshufb %xmm4, %xmm2
+ pxor %xmm3, %xmm2
+ movdqa 0x50(%r11), %xmm3
+ pshufb %xmm1, %xmm3
+ pxor %xmm2, %xmm3
+ pshufb %xmm5, %xmm3
+
+ movdqa 0x60(%r11), %xmm2
+ pshufb %xmm4, %xmm2
+ pxor %xmm3, %xmm2
+ movdqa 0x70(%r11), %xmm3
+ pshufb %xmm1, %xmm3
+ pxor %xmm2, %xmm3
+
+ add \$-16, %rdx
+
+.Lschedule_mangle_both:
+ movdqa (%r8,%r10),%xmm1
+ pshufb %xmm1,%xmm3
+ add \$-16, %r8
+ and \$0x30, %r8
+ movdqu %xmm3, (%rdx)
+ ret
+.size _vpaes_schedule_mangle,.-_vpaes_schedule_mangle
+
+#
+# Interface to OpenSSL
+#
+.globl ${PREFIX}_set_encrypt_key
+.type ${PREFIX}_set_encrypt_key,\@function,3
+.align 16
+${PREFIX}_set_encrypt_key:
+___
+$code.=<<___ if ($win64);
+ lea -0xb8(%rsp),%rsp
+ movaps %xmm6,0x10(%rsp)
+ movaps %xmm7,0x20(%rsp)
+ movaps %xmm8,0x30(%rsp)
+ movaps %xmm9,0x40(%rsp)
+ movaps %xmm10,0x50(%rsp)
+ movaps %xmm11,0x60(%rsp)
+ movaps %xmm12,0x70(%rsp)
+ movaps %xmm13,0x80(%rsp)
+ movaps %xmm14,0x90(%rsp)
+ movaps %xmm15,0xa0(%rsp)
+.Lenc_key_body:
+___
+$code.=<<___;
+ mov %esi,%eax
+ shr \$5,%eax
+ add \$5,%eax
+ mov %eax,240(%rdx) # AES_KEY->rounds = nbits/32+5;
+
+ mov \$0,%ecx
+ mov \$0x30,%r8d
+ call _vpaes_schedule_core
+___
+$code.=<<___ if ($win64);
+ movaps 0x10(%rsp),%xmm6
+ movaps 0x20(%rsp),%xmm7
+ movaps 0x30(%rsp),%xmm8
+ movaps 0x40(%rsp),%xmm9
+ movaps 0x50(%rsp),%xmm10
+ movaps 0x60(%rsp),%xmm11
+ movaps 0x70(%rsp),%xmm12
+ movaps 0x80(%rsp),%xmm13
+ movaps 0x90(%rsp),%xmm14
+ movaps 0xa0(%rsp),%xmm15
+ lea 0xb8(%rsp),%rsp
+.Lenc_key_epilogue:
+___
+$code.=<<___;
+ xor %eax,%eax
+ ret
+.size ${PREFIX}_set_encrypt_key,.-${PREFIX}_set_encrypt_key
+
+.globl ${PREFIX}_set_decrypt_key
+.type ${PREFIX}_set_decrypt_key,\@function,3
+.align 16
+${PREFIX}_set_decrypt_key:
+___
+$code.=<<___ if ($win64);
+ lea -0xb8(%rsp),%rsp
+ movaps %xmm6,0x10(%rsp)
+ movaps %xmm7,0x20(%rsp)
+ movaps %xmm8,0x30(%rsp)
+ movaps %xmm9,0x40(%rsp)
+ movaps %xmm10,0x50(%rsp)
+ movaps %xmm11,0x60(%rsp)
+ movaps %xmm12,0x70(%rsp)
+ movaps %xmm13,0x80(%rsp)
+ movaps %xmm14,0x90(%rsp)
+ movaps %xmm15,0xa0(%rsp)
+.Ldec_key_body:
+___
+$code.=<<___;
+ mov %esi,%eax
+ shr \$5,%eax
+ add \$5,%eax
+ mov %eax,240(%rdx) # AES_KEY->rounds = nbits/32+5;
+ shl \$4,%eax
+ lea 16(%rdx,%rax),%rdx
+
+ mov \$1,%ecx
+ mov %esi,%r8d
+ shr \$1,%r8d
+ and \$32,%r8d
+ xor \$32,%r8d # nbits==192?0:32
+ call _vpaes_schedule_core
+___
+$code.=<<___ if ($win64);
+ movaps 0x10(%rsp),%xmm6
+ movaps 0x20(%rsp),%xmm7
+ movaps 0x30(%rsp),%xmm8
+ movaps 0x40(%rsp),%xmm9
+ movaps 0x50(%rsp),%xmm10
+ movaps 0x60(%rsp),%xmm11
+ movaps 0x70(%rsp),%xmm12
+ movaps 0x80(%rsp),%xmm13
+ movaps 0x90(%rsp),%xmm14
+ movaps 0xa0(%rsp),%xmm15
+ lea 0xb8(%rsp),%rsp
+.Ldec_key_epilogue:
+___
+$code.=<<___;
+ xor %eax,%eax
+ ret
+.size ${PREFIX}_set_decrypt_key,.-${PREFIX}_set_decrypt_key
+
+.globl ${PREFIX}_encrypt
+.type ${PREFIX}_encrypt,\@function,3
+.align 16
+${PREFIX}_encrypt:
+___
+$code.=<<___ if ($win64);
+ lea -0xb8(%rsp),%rsp
+ movaps %xmm6,0x10(%rsp)
+ movaps %xmm7,0x20(%rsp)
+ movaps %xmm8,0x30(%rsp)
+ movaps %xmm9,0x40(%rsp)
+ movaps %xmm10,0x50(%rsp)
+ movaps %xmm11,0x60(%rsp)
+ movaps %xmm12,0x70(%rsp)
+ movaps %xmm13,0x80(%rsp)
+ movaps %xmm14,0x90(%rsp)
+ movaps %xmm15,0xa0(%rsp)
+.Lenc_body:
+___
+$code.=<<___;
+ movdqu (%rdi),%xmm0
+ call _vpaes_preheat
+ call _vpaes_encrypt_core
+ movdqu %xmm0,(%rsi)
+___
+$code.=<<___ if ($win64);
+ movaps 0x10(%rsp),%xmm6
+ movaps 0x20(%rsp),%xmm7
+ movaps 0x30(%rsp),%xmm8
+ movaps 0x40(%rsp),%xmm9
+ movaps 0x50(%rsp),%xmm10
+ movaps 0x60(%rsp),%xmm11
+ movaps 0x70(%rsp),%xmm12
+ movaps 0x80(%rsp),%xmm13
+ movaps 0x90(%rsp),%xmm14
+ movaps 0xa0(%rsp),%xmm15
+ lea 0xb8(%rsp),%rsp
+.Lenc_epilogue:
+___
+$code.=<<___;
+ ret
+.size ${PREFIX}_encrypt,.-${PREFIX}_encrypt
+
+.globl ${PREFIX}_decrypt
+.type ${PREFIX}_decrypt,\@function,3
+.align 16
+${PREFIX}_decrypt:
+___
+$code.=<<___ if ($win64);
+ lea -0xb8(%rsp),%rsp
+ movaps %xmm6,0x10(%rsp)
+ movaps %xmm7,0x20(%rsp)
+ movaps %xmm8,0x30(%rsp)
+ movaps %xmm9,0x40(%rsp)
+ movaps %xmm10,0x50(%rsp)
+ movaps %xmm11,0x60(%rsp)
+ movaps %xmm12,0x70(%rsp)
+ movaps %xmm13,0x80(%rsp)
+ movaps %xmm14,0x90(%rsp)
+ movaps %xmm15,0xa0(%rsp)
+.Ldec_body:
+___
+$code.=<<___;
+ movdqu (%rdi),%xmm0
+ call _vpaes_preheat
+ call _vpaes_decrypt_core
+ movdqu %xmm0,(%rsi)
+___
+$code.=<<___ if ($win64);
+ movaps 0x10(%rsp),%xmm6
+ movaps 0x20(%rsp),%xmm7
+ movaps 0x30(%rsp),%xmm8
+ movaps 0x40(%rsp),%xmm9
+ movaps 0x50(%rsp),%xmm10
+ movaps 0x60(%rsp),%xmm11
+ movaps 0x70(%rsp),%xmm12
+ movaps 0x80(%rsp),%xmm13
+ movaps 0x90(%rsp),%xmm14
+ movaps 0xa0(%rsp),%xmm15
+ lea 0xb8(%rsp),%rsp
+.Ldec_epilogue:
+___
+$code.=<<___;
+ ret
+.size ${PREFIX}_decrypt,.-${PREFIX}_decrypt
+___
+{
+my ($inp,$out,$len,$key,$ivp,$enc)=("%rdi","%rsi","%rdx","%rcx","%r8","%r9");
+# void AES_cbc_encrypt (const void char *inp, unsigned char *out,
+# size_t length, const AES_KEY *key,
+# unsigned char *ivp,const int enc);
+$code.=<<___;
+.globl ${PREFIX}_cbc_encrypt
+.type ${PREFIX}_cbc_encrypt,\@function,6
+.align 16
+${PREFIX}_cbc_encrypt:
+ xchg $key,$len
+___
+($len,$key)=($key,$len);
+$code.=<<___;
+ sub \$16,$len
+ jc .Lcbc_abort
+___
+$code.=<<___ if ($win64);
+ lea -0xb8(%rsp),%rsp
+ movaps %xmm6,0x10(%rsp)
+ movaps %xmm7,0x20(%rsp)
+ movaps %xmm8,0x30(%rsp)
+ movaps %xmm9,0x40(%rsp)
+ movaps %xmm10,0x50(%rsp)
+ movaps %xmm11,0x60(%rsp)
+ movaps %xmm12,0x70(%rsp)
+ movaps %xmm13,0x80(%rsp)
+ movaps %xmm14,0x90(%rsp)
+ movaps %xmm15,0xa0(%rsp)
+.Lcbc_body:
+___
+$code.=<<___;
+ movdqu ($ivp),%xmm6 # load IV
+ sub $inp,$out
+ call _vpaes_preheat
+ cmp \$0,${enc}d
+ je .Lcbc_dec_loop
+ jmp .Lcbc_enc_loop
+.align 16
+.Lcbc_enc_loop:
+ movdqu ($inp),%xmm0
+ pxor %xmm6,%xmm0
+ call _vpaes_encrypt_core
+ movdqa %xmm0,%xmm6
+ movdqu %xmm0,($out,$inp)
+ lea 16($inp),$inp
+ sub \$16,$len
+ jnc .Lcbc_enc_loop
+ jmp .Lcbc_done
+.align 16
+.Lcbc_dec_loop:
+ movdqu ($inp),%xmm0
+ movdqa %xmm0,%xmm7
+ call _vpaes_decrypt_core
+ pxor %xmm6,%xmm0
+ movdqa %xmm7,%xmm6
+ movdqu %xmm0,($out,$inp)
+ lea 16($inp),$inp
+ sub \$16,$len
+ jnc .Lcbc_dec_loop
+.Lcbc_done:
+ movdqu %xmm6,($ivp) # save IV
+___
+$code.=<<___ if ($win64);
+ movaps 0x10(%rsp),%xmm6
+ movaps 0x20(%rsp),%xmm7
+ movaps 0x30(%rsp),%xmm8
+ movaps 0x40(%rsp),%xmm9
+ movaps 0x50(%rsp),%xmm10
+ movaps 0x60(%rsp),%xmm11
+ movaps 0x70(%rsp),%xmm12
+ movaps 0x80(%rsp),%xmm13
+ movaps 0x90(%rsp),%xmm14
+ movaps 0xa0(%rsp),%xmm15
+ lea 0xb8(%rsp),%rsp
+.Lcbc_epilogue:
+___
+$code.=<<___;
+.Lcbc_abort:
+ ret
+.size ${PREFIX}_cbc_encrypt,.-${PREFIX}_cbc_encrypt
+___
+}
+$code.=<<___;
+##
+## _aes_preheat
+##
+## Fills register %r10 -> .aes_consts (so you can -fPIC)
+## and %xmm9-%xmm15 as specified below.
+##
+.type _vpaes_preheat,\@abi-omnipotent
+.align 16
+_vpaes_preheat:
+ lea .Lk_s0F(%rip), %r10
+ movdqa -0x20(%r10), %xmm10 # .Lk_inv
+ movdqa -0x10(%r10), %xmm11 # .Lk_inv+16
+ movdqa 0x00(%r10), %xmm9 # .Lk_s0F
+ movdqa 0x30(%r10), %xmm13 # .Lk_sb1
+ movdqa 0x40(%r10), %xmm12 # .Lk_sb1+16
+ movdqa 0x50(%r10), %xmm15 # .Lk_sb2
+ movdqa 0x60(%r10), %xmm14 # .Lk_sb2+16
+ ret
+.size _vpaes_preheat,.-_vpaes_preheat
+########################################################
+## ##
+## Constants ##
+## ##
+########################################################
+.type _vpaes_consts,\@object
+.align 64
+_vpaes_consts:
+.Lk_inv: # inv, inva
+ .quad 0x0E05060F0D080180, 0x040703090A0B0C02
+ .quad 0x01040A060F0B0780, 0x030D0E0C02050809
+
+.Lk_s0F: # s0F
+ .quad 0x0F0F0F0F0F0F0F0F, 0x0F0F0F0F0F0F0F0F
+
+.Lk_ipt: # input transform (lo, hi)
+ .quad 0xC2B2E8985A2A7000, 0xCABAE09052227808
+ .quad 0x4C01307D317C4D00, 0xCD80B1FCB0FDCC81
+
+.Lk_sb1: # sb1u, sb1t
+ .quad 0xB19BE18FCB503E00, 0xA5DF7A6E142AF544
+ .quad 0x3618D415FAE22300, 0x3BF7CCC10D2ED9EF
+.Lk_sb2: # sb2u, sb2t
+ .quad 0xE27A93C60B712400, 0x5EB7E955BC982FCD
+ .quad 0x69EB88400AE12900, 0xC2A163C8AB82234A
+.Lk_sbo: # sbou, sbot
+ .quad 0xD0D26D176FBDC700, 0x15AABF7AC502A878
+ .quad 0xCFE474A55FBB6A00, 0x8E1E90D1412B35FA
+
+.Lk_mc_forward: # mc_forward
+ .quad 0x0407060500030201, 0x0C0F0E0D080B0A09
+ .quad 0x080B0A0904070605, 0x000302010C0F0E0D
+ .quad 0x0C0F0E0D080B0A09, 0x0407060500030201
+ .quad 0x000302010C0F0E0D, 0x080B0A0904070605
+
+.Lk_mc_backward:# mc_backward
+ .quad 0x0605040702010003, 0x0E0D0C0F0A09080B
+ .quad 0x020100030E0D0C0F, 0x0A09080B06050407
+ .quad 0x0E0D0C0F0A09080B, 0x0605040702010003
+ .quad 0x0A09080B06050407, 0x020100030E0D0C0F
+
+.Lk_sr: # sr
+ .quad 0x0706050403020100, 0x0F0E0D0C0B0A0908
+ .quad 0x030E09040F0A0500, 0x0B06010C07020D08
+ .quad 0x0F060D040B020900, 0x070E050C030A0108
+ .quad 0x0B0E0104070A0D00, 0x0306090C0F020508
+
+.Lk_rcon: # rcon
+ .quad 0x1F8391B9AF9DEEB6, 0x702A98084D7C7D81
+
+.Lk_s63: # s63: all equal to 0x63 transformed
+ .quad 0x5B5B5B5B5B5B5B5B, 0x5B5B5B5B5B5B5B5B
+
+.Lk_opt: # output transform
+ .quad 0xFF9F4929D6B66000, 0xF7974121DEBE6808
+ .quad 0x01EDBD5150BCEC00, 0xE10D5DB1B05C0CE0
+
+.Lk_deskew: # deskew tables: inverts the sbox's "skew"
+ .quad 0x07E4A34047A4E300, 0x1DFEB95A5DBEF91A
+ .quad 0x5F36B5DC83EA6900, 0x2841C2ABF49D1E77
+
+##
+## Decryption stuff
+## Key schedule constants
+##
+.Lk_dksd: # decryption key schedule: invskew x*D
+ .quad 0xFEB91A5DA3E44700, 0x0740E3A45A1DBEF9
+ .quad 0x41C277F4B5368300, 0x5FDC69EAAB289D1E
+.Lk_dksb: # decryption key schedule: invskew x*B
+ .quad 0x9A4FCA1F8550D500, 0x03D653861CC94C99
+ .quad 0x115BEDA7B6FC4A00, 0xD993256F7E3482C8
+.Lk_dkse: # decryption key schedule: invskew x*E + 0x63
+ .quad 0xD5031CCA1FC9D600, 0x53859A4C994F5086
+ .quad 0xA23196054FDC7BE8, 0xCD5EF96A20B31487
+.Lk_dks9: # decryption key schedule: invskew x*9
+ .quad 0xB6116FC87ED9A700, 0x4AED933482255BFC
+ .quad 0x4576516227143300, 0x8BB89FACE9DAFDCE
+
+##
+## Decryption stuff
+## Round function constants
+##
+.Lk_dipt: # decryption input transform
+ .quad 0x0F505B040B545F00, 0x154A411E114E451A
+ .quad 0x86E383E660056500, 0x12771772F491F194
+
+.Lk_dsb9: # decryption sbox output *9*u, *9*t
+ .quad 0x851C03539A86D600, 0xCAD51F504F994CC9
+ .quad 0xC03B1789ECD74900, 0x725E2C9EB2FBA565
+.Lk_dsbd: # decryption sbox output *D*u, *D*t
+ .quad 0x7D57CCDFE6B1A200, 0xF56E9B13882A4439
+ .quad 0x3CE2FAF724C6CB00, 0x2931180D15DEEFD3
+.Lk_dsbb: # decryption sbox output *B*u, *B*t
+ .quad 0xD022649296B44200, 0x602646F6B0F2D404
+ .quad 0xC19498A6CD596700, 0xF3FF0C3E3255AA6B
+.Lk_dsbe: # decryption sbox output *E*u, *E*t
+ .quad 0x46F2929626D4D000, 0x2242600464B4F6B0
+ .quad 0x0C55A6CDFFAAC100, 0x9467F36B98593E32
+.Lk_dsbo: # decryption sbox final output
+ .quad 0x1387EA537EF94000, 0xC7AA6DB9D4943E2D
+ .quad 0x12D7560F93441D00, 0xCA4B8159D8C58E9C
+.asciz "Vector Permutation AES for x86_64/SSSE3, Mike Hamburg (Stanford University)"
+.align 64
+.size _vpaes_consts,.-_vpaes_consts
+___
+
+if ($win64) {
+# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
+# CONTEXT *context,DISPATCHER_CONTEXT *disp)
+$rec="%rcx";
+$frame="%rdx";
+$context="%r8";
+$disp="%r9";
+
+$code.=<<___;
+.extern __imp_RtlVirtualUnwind
+.type se_handler,\@abi-omnipotent
+.align 16
+se_handler:
+ push %rsi
+ push %rdi
+ push %rbx
+ push %rbp
+ push %r12
+ push %r13
+ push %r14
+ push %r15
+ pushfq
+ sub \$64,%rsp
+
+ mov 120($context),%rax # pull context->Rax
+ mov 248($context),%rbx # pull context->Rip
+
+ mov 8($disp),%rsi # disp->ImageBase
+ mov 56($disp),%r11 # disp->HandlerData
+
+ mov 0(%r11),%r10d # HandlerData[0]
+ lea (%rsi,%r10),%r10 # prologue label
+ cmp %r10,%rbx # context->Rip<prologue label
+ jb .Lin_prologue
+
+ mov 152($context),%rax # pull context->Rsp
+
+ mov 4(%r11),%r10d # HandlerData[1]
+ lea (%rsi,%r10),%r10 # epilogue label
+ cmp %r10,%rbx # context->Rip>=epilogue label
+ jae .Lin_prologue
+
+ lea 16(%rax),%rsi # %xmm save area
+ lea 512($context),%rdi # &context.Xmm6
+ mov \$20,%ecx # 10*sizeof(%xmm0)/sizeof(%rax)
+ .long 0xa548f3fc # cld; rep movsq
+ lea 0xb8(%rax),%rax # adjust stack pointer
+
+.Lin_prologue:
+ mov 8(%rax),%rdi
+ mov 16(%rax),%rsi
+ mov %rax,152($context) # restore context->Rsp
+ mov %rsi,168($context) # restore context->Rsi
+ mov %rdi,176($context) # restore context->Rdi
+
+ mov 40($disp),%rdi # disp->ContextRecord
+ mov $context,%rsi # context
+ mov \$`1232/8`,%ecx # sizeof(CONTEXT)
+ .long 0xa548f3fc # cld; rep movsq
+
+ mov $disp,%rsi
+ xor %rcx,%rcx # arg1, UNW_FLAG_NHANDLER
+ mov 8(%rsi),%rdx # arg2, disp->ImageBase
+ mov 0(%rsi),%r8 # arg3, disp->ControlPc
+ mov 16(%rsi),%r9 # arg4, disp->FunctionEntry
+ mov 40(%rsi),%r10 # disp->ContextRecord
+ lea 56(%rsi),%r11 # &disp->HandlerData
+ lea 24(%rsi),%r12 # &disp->EstablisherFrame
+ mov %r10,32(%rsp) # arg5
+ mov %r11,40(%rsp) # arg6
+ mov %r12,48(%rsp) # arg7
+ mov %rcx,56(%rsp) # arg8, (NULL)
+ call *__imp_RtlVirtualUnwind(%rip)
+
+ mov \$1,%eax # ExceptionContinueSearch
+ add \$64,%rsp
+ popfq
+ pop %r15
+ pop %r14
+ pop %r13
+ pop %r12
+ pop %rbp
+ pop %rbx
+ pop %rdi
+ pop %rsi
+ ret
+.size se_handler,.-se_handler
+
+.section .pdata
+.align 4
+ .rva .LSEH_begin_${PREFIX}_set_encrypt_key
+ .rva .LSEH_end_${PREFIX}_set_encrypt_key
+ .rva .LSEH_info_${PREFIX}_set_encrypt_key
+
+ .rva .LSEH_begin_${PREFIX}_set_decrypt_key
+ .rva .LSEH_end_${PREFIX}_set_decrypt_key
+ .rva .LSEH_info_${PREFIX}_set_decrypt_key
+
+ .rva .LSEH_begin_${PREFIX}_encrypt
+ .rva .LSEH_end_${PREFIX}_encrypt
+ .rva .LSEH_info_${PREFIX}_encrypt
+
+ .rva .LSEH_begin_${PREFIX}_decrypt
+ .rva .LSEH_end_${PREFIX}_decrypt
+ .rva .LSEH_info_${PREFIX}_decrypt
+
+ .rva .LSEH_begin_${PREFIX}_cbc_encrypt
+ .rva .LSEH_end_${PREFIX}_cbc_encrypt
+ .rva .LSEH_info_${PREFIX}_cbc_encrypt
+
+.section .xdata
+.align 8
+.LSEH_info_${PREFIX}_set_encrypt_key:
+ .byte 9,0,0,0
+ .rva se_handler
+ .rva .Lenc_key_body,.Lenc_key_epilogue # HandlerData[]
+.LSEH_info_${PREFIX}_set_decrypt_key:
+ .byte 9,0,0,0
+ .rva se_handler
+ .rva .Ldec_key_body,.Ldec_key_epilogue # HandlerData[]
+.LSEH_info_${PREFIX}_encrypt:
+ .byte 9,0,0,0
+ .rva se_handler
+ .rva .Lenc_body,.Lenc_epilogue # HandlerData[]
+.LSEH_info_${PREFIX}_decrypt:
+ .byte 9,0,0,0
+ .rva se_handler
+ .rva .Ldec_body,.Ldec_epilogue # HandlerData[]
+.LSEH_info_${PREFIX}_cbc_encrypt:
+ .byte 9,0,0,0
+ .rva se_handler
+ .rva .Lcbc_body,.Lcbc_epilogue # HandlerData[]
+___
+}
+
+$code =~ s/\`([^\`]*)\`/eval($1)/gem;
+
+print $code;
+
+close STDOUT;
Copied: trunk/crypto/openssl/crypto/alphacpuid.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/alphacpuid.pl)
===================================================================
--- trunk/crypto/openssl/crypto/alphacpuid.pl (rev 0)
+++ trunk/crypto/openssl/crypto/alphacpuid.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,126 @@
+#!/usr/bin/env perl
+print <<'___';
+.text
+
+.set noat
+
+.globl OPENSSL_cpuid_setup
+.ent OPENSSL_cpuid_setup
+OPENSSL_cpuid_setup:
+ .frame $30,0,$26
+ .prologue 0
+ ret ($26)
+.end OPENSSL_cpuid_setup
+
+.globl OPENSSL_wipe_cpu
+.ent OPENSSL_wipe_cpu
+OPENSSL_wipe_cpu:
+ .frame $30,0,$26
+ .prologue 0
+ clr $1
+ clr $2
+ clr $3
+ clr $4
+ clr $5
+ clr $6
+ clr $7
+ clr $8
+ clr $16
+ clr $17
+ clr $18
+ clr $19
+ clr $20
+ clr $21
+ clr $22
+ clr $23
+ clr $24
+ clr $25
+ clr $27
+ clr $at
+ clr $29
+ fclr $f0
+ fclr $f1
+ fclr $f10
+ fclr $f11
+ fclr $f12
+ fclr $f13
+ fclr $f14
+ fclr $f15
+ fclr $f16
+ fclr $f17
+ fclr $f18
+ fclr $f19
+ fclr $f20
+ fclr $f21
+ fclr $f22
+ fclr $f23
+ fclr $f24
+ fclr $f25
+ fclr $f26
+ fclr $f27
+ fclr $f28
+ fclr $f29
+ fclr $f30
+ mov $sp,$0
+ ret ($26)
+.end OPENSSL_wipe_cpu
+
+.globl OPENSSL_atomic_add
+.ent OPENSSL_atomic_add
+OPENSSL_atomic_add:
+ .frame $30,0,$26
+ .prologue 0
+1: ldl_l $0,0($16)
+ addl $0,$17,$1
+ stl_c $1,0($16)
+ beq $1,1b
+ addl $0,$17,$0
+ ret ($26)
+.end OPENSSL_atomic_add
+
+.globl OPENSSL_rdtsc
+.ent OPENSSL_rdtsc
+OPENSSL_rdtsc:
+ .frame $30,0,$26
+ .prologue 0
+ rpcc $0
+ ret ($26)
+.end OPENSSL_rdtsc
+
+.globl OPENSSL_cleanse
+.ent OPENSSL_cleanse
+OPENSSL_cleanse:
+ .frame $30,0,$26
+ .prologue 0
+ beq $17,.Ldone
+ and $16,7,$0
+ bic $17,7,$at
+ beq $at,.Little
+ beq $0,.Laligned
+
+.Little:
+ subq $0,8,$0
+ ldq_u $1,0($16)
+ mov $16,$2
+.Lalign:
+ mskbl $1,$16,$1
+ lda $16,1($16)
+ subq $17,1,$17
+ addq $0,1,$0
+ beq $17,.Lout
+ bne $0,.Lalign
+.Lout: stq_u $1,0($2)
+ beq $17,.Ldone
+ bic $17,7,$at
+ beq $at,.Little
+
+.Laligned:
+ stq $31,0($16)
+ subq $17,8,$17
+ lda $16,8($16)
+ bic $17,7,$at
+ bne $at,.Laligned
+ bne $17,.Little
+.Ldone: ret ($26)
+.end OPENSSL_cleanse
+___
Copied: trunk/crypto/openssl/crypto/arm_arch.h (from rev 7117, vendor-crypto/openssl/dist/crypto/arm_arch.h)
===================================================================
--- trunk/crypto/openssl/crypto/arm_arch.h (rev 0)
+++ trunk/crypto/openssl/crypto/arm_arch.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,51 @@
+#ifndef __ARM_ARCH_H__
+# define __ARM_ARCH_H__
+
+# if !defined(__ARM_ARCH__)
+# if defined(__CC_ARM)
+# define __ARM_ARCH__ __TARGET_ARCH_ARM
+# if defined(__BIG_ENDIAN)
+# define __ARMEB__
+# else
+# define __ARMEL__
+# endif
+# elif defined(__GNUC__)
+ /*
+ * Why doesn't gcc define __ARM_ARCH__? Instead it defines
+ * bunch of below macros. See all_architectires[] table in
+ * gcc/config/arm/arm.c. On a side note it defines
+ * __ARMEL__/__ARMEB__ for little-/big-endian.
+ */
+# if defined(__ARM_ARCH_7__) || defined(__ARM_ARCH_7A__) || \
+ defined(__ARM_ARCH_7R__)|| defined(__ARM_ARCH_7M__) || \
+ defined(__ARM_ARCH_7EM__)
+# define __ARM_ARCH__ 7
+# elif defined(__ARM_ARCH_6__) || defined(__ARM_ARCH_6J__) || \
+ defined(__ARM_ARCH_6K__)|| defined(__ARM_ARCH_6M__) || \
+ defined(__ARM_ARCH_6Z__)|| defined(__ARM_ARCH_6ZK__) || \
+ defined(__ARM_ARCH_6T2__)
+# define __ARM_ARCH__ 6
+# elif defined(__ARM_ARCH_5__) || defined(__ARM_ARCH_5T__) || \
+ defined(__ARM_ARCH_5E__)|| defined(__ARM_ARCH_5TE__) || \
+ defined(__ARM_ARCH_5TEJ__)
+# define __ARM_ARCH__ 5
+# elif defined(__ARM_ARCH_4__) || defined(__ARM_ARCH_4T__)
+# define __ARM_ARCH__ 4
+# else
+# error "unsupported ARM architecture"
+# endif
+# endif
+# endif
+
+# ifdef OPENSSL_FIPSCANISTER
+# include <openssl/fipssyms.h>
+# endif
+
+# if !__ASSEMBLER__
+extern unsigned int OPENSSL_armcap_P;
+
+# define ARMV7_NEON (1<<0)
+# define ARMV7_TICK (1<<1)
+# endif
+
+#endif
Copied: trunk/crypto/openssl/crypto/armcap.c (from rev 7117, vendor-crypto/openssl/dist/crypto/armcap.c)
===================================================================
--- trunk/crypto/openssl/crypto/armcap.c (rev 0)
+++ trunk/crypto/openssl/crypto/armcap.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,81 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <setjmp.h>
+#include <signal.h>
+#include <crypto.h>
+
+#include "arm_arch.h"
+
+unsigned int OPENSSL_armcap_P;
+
+static sigset_t all_masked;
+
+static sigjmp_buf ill_jmp;
+static void ill_handler(int sig)
+{
+ siglongjmp(ill_jmp, sig);
+}
+
+/*
+ * Following subroutines could have been inlined, but it's not all
+ * ARM compilers support inline assembler...
+ */
+void _armv7_neon_probe(void);
+unsigned int _armv7_tick(void);
+
+unsigned int OPENSSL_rdtsc(void)
+{
+ if (OPENSSL_armcap_P & ARMV7_TICK)
+ return _armv7_tick();
+ else
+ return 0;
+}
+
+#if defined(__GNUC__) && __GNUC__>=2
+void OPENSSL_cpuid_setup(void) __attribute__ ((constructor));
+#endif
+void OPENSSL_cpuid_setup(void)
+{
+ char *e;
+ struct sigaction ill_oact, ill_act;
+ sigset_t oset;
+ static int trigger = 0;
+
+ if (trigger)
+ return;
+ trigger = 1;
+
+ if ((e = getenv("OPENSSL_armcap"))) {
+ OPENSSL_armcap_P = strtoul(e, NULL, 0);
+ return;
+ }
+
+ sigfillset(&all_masked);
+ sigdelset(&all_masked, SIGILL);
+ sigdelset(&all_masked, SIGTRAP);
+ sigdelset(&all_masked, SIGFPE);
+ sigdelset(&all_masked, SIGBUS);
+ sigdelset(&all_masked, SIGSEGV);
+
+ OPENSSL_armcap_P = 0;
+
+ memset(&ill_act, 0, sizeof(ill_act));
+ ill_act.sa_handler = ill_handler;
+ ill_act.sa_mask = all_masked;
+
+ sigprocmask(SIG_SETMASK, &ill_act.sa_mask, &oset);
+ sigaction(SIGILL, &ill_act, &ill_oact);
+
+ if (sigsetjmp(ill_jmp, 1) == 0) {
+ _armv7_neon_probe();
+ OPENSSL_armcap_P |= ARMV7_NEON;
+ }
+ if (sigsetjmp(ill_jmp, 1) == 0) {
+ _armv7_tick();
+ OPENSSL_armcap_P |= ARMV7_TICK;
+ }
+
+ sigaction(SIGILL, &ill_oact, NULL);
+ sigprocmask(SIG_SETMASK, &oset, NULL);
+}
Copied: trunk/crypto/openssl/crypto/armv4cpuid.S (from rev 7117, vendor-crypto/openssl/dist/crypto/armv4cpuid.S)
===================================================================
--- trunk/crypto/openssl/crypto/armv4cpuid.S (rev 0)
+++ trunk/crypto/openssl/crypto/armv4cpuid.S 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,154 @@
+#include "arm_arch.h"
+
+.text
+.code 32
+
+.align 5
+.global _armv7_neon_probe
+.type _armv7_neon_probe,%function
+_armv7_neon_probe:
+ .word 0xf26ee1fe @ vorr q15,q15,q15
+ .word 0xe12fff1e @ bx lr
+.size _armv7_neon_probe,.-_armv7_neon_probe
+
+.global _armv7_tick
+.type _armv7_tick,%function
+_armv7_tick:
+ mrc p15,0,r0,c9,c13,0
+ .word 0xe12fff1e @ bx lr
+.size _armv7_tick,.-_armv7_tick
+
+.global OPENSSL_atomic_add
+.type OPENSSL_atomic_add,%function
+OPENSSL_atomic_add:
+#if __ARM_ARCH__>=6
+.Ladd: ldrex r2,[r0]
+ add r3,r2,r1
+ strex r2,r3,[r0]
+ cmp r2,#0
+ bne .Ladd
+ mov r0,r3
+ .word 0xe12fff1e @ bx lr
+#else
+ stmdb sp!,{r4-r6,lr}
+ ldr r2,.Lspinlock
+ adr r3,.Lspinlock
+ mov r4,r0
+ mov r5,r1
+ add r6,r3,r2 @ &spinlock
+ b .+8
+.Lspin: bl sched_yield
+ mov r0,#-1
+ swp r0,r0,[r6]
+ cmp r0,#0
+ bne .Lspin
+
+ ldr r2,[r4]
+ add r2,r2,r5
+ str r2,[r4]
+ str r0,[r6] @ release spinlock
+ ldmia sp!,{r4-r6,lr}
+ tst lr,#1
+ moveq pc,lr
+ .word 0xe12fff1e @ bx lr
+#endif
+.size OPENSSL_atomic_add,.-OPENSSL_atomic_add
+
+.global OPENSSL_cleanse
+.type OPENSSL_cleanse,%function
+OPENSSL_cleanse:
+ eor ip,ip,ip
+ cmp r1,#7
+ subhs r1,r1,#4
+ bhs .Lot
+ cmp r1,#0
+ beq .Lcleanse_done
+.Little:
+ strb ip,[r0],#1
+ subs r1,r1,#1
+ bhi .Little
+ b .Lcleanse_done
+
+.Lot: tst r0,#3
+ beq .Laligned
+ strb ip,[r0],#1
+ sub r1,r1,#1
+ b .Lot
+.Laligned:
+ str ip,[r0],#4
+ subs r1,r1,#4
+ bhs .Laligned
+ adds r1,r1,#4
+ bne .Little
+.Lcleanse_done:
+ tst lr,#1
+ moveq pc,lr
+ .word 0xe12fff1e @ bx lr
+.size OPENSSL_cleanse,.-OPENSSL_cleanse
+
+.global OPENSSL_wipe_cpu
+.type OPENSSL_wipe_cpu,%function
+OPENSSL_wipe_cpu:
+ ldr r0,.LOPENSSL_armcap
+ adr r1,.LOPENSSL_armcap
+ ldr r0,[r1,r0]
+ eor r2,r2,r2
+ eor r3,r3,r3
+ eor ip,ip,ip
+ tst r0,#1
+ beq .Lwipe_done
+ .word 0xf3000150 @ veor q0, q0, q0
+ .word 0xf3022152 @ veor q1, q1, q1
+ .word 0xf3044154 @ veor q2, q2, q2
+ .word 0xf3066156 @ veor q3, q3, q3
+ .word 0xf34001f0 @ veor q8, q8, q8
+ .word 0xf34221f2 @ veor q9, q9, q9
+ .word 0xf34441f4 @ veor q10, q10, q10
+ .word 0xf34661f6 @ veor q11, q11, q11
+ .word 0xf34881f8 @ veor q12, q12, q12
+ .word 0xf34aa1fa @ veor q13, q13, q13
+ .word 0xf34cc1fc @ veor q14, q14, q14
+ .word 0xf34ee1fe @ veor q15, q15, q15
+.Lwipe_done:
+ mov r0,sp
+ tst lr,#1
+ moveq pc,lr
+ .word 0xe12fff1e @ bx lr
+.size OPENSSL_wipe_cpu,.-OPENSSL_wipe_cpu
+
+.global OPENSSL_instrument_bus
+.type OPENSSL_instrument_bus,%function
+OPENSSL_instrument_bus:
+ eor r0,r0,r0
+ tst lr,#1
+ moveq pc,lr
+ .word 0xe12fff1e @ bx lr
+.size OPENSSL_instrument_bus,.-OPENSSL_instrument_bus
+
+.global OPENSSL_instrument_bus2
+.type OPENSSL_instrument_bus2,%function
+OPENSSL_instrument_bus2:
+ eor r0,r0,r0
+ tst lr,#1
+ moveq pc,lr
+ .word 0xe12fff1e @ bx lr
+.size OPENSSL_instrument_bus2,.-OPENSSL_instrument_bus2
+
+.align 5
+.LOPENSSL_armcap:
+.word OPENSSL_armcap_P-.LOPENSSL_armcap
+#if __ARM_ARCH__>=6
+.align 5
+#else
+.Lspinlock:
+.word atomic_add_spinlock-.Lspinlock
+.align 5
+
+.data
+.align 2
+atomic_add_spinlock:
+.word 0
+#endif
+
+.comm OPENSSL_armcap_P,4,4
+.hidden OPENSSL_armcap_P
Modified: trunk/crypto/openssl/crypto/asn1/Makefile
===================================================================
--- trunk/crypto/openssl/crypto/asn1/Makefile 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/asn1/Makefile 2015-07-21 23:23:45 UTC (rev 7118)
@@ -22,12 +22,13 @@
a_enum.c a_utf8.c a_sign.c a_digest.c a_verify.c a_mbstr.c a_strex.c \
x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_bignum.c \
x_long.c x_name.c x_x509.c x_x509a.c x_crl.c x_info.c x_spki.c nsseq.c \
- d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c\
+ x_nx509.c d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c\
t_req.c t_x509.c t_x509a.c t_crl.c t_pkey.c t_spki.c t_bitst.c \
tasn_new.c tasn_fre.c tasn_enc.c tasn_dec.c tasn_utl.c tasn_typ.c \
+ tasn_prn.c ameth_lib.c \
f_int.c f_string.c n_pkey.c \
- f_enum.c a_hdr.c x_pkey.c a_bool.c x_exten.c asn_mime.c \
- asn1_gen.c asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c a_strnid.c \
+ f_enum.c x_pkey.c a_bool.c x_exten.c bio_asn1.c bio_ndef.c asn_mime.c \
+ asn1_gen.c asn1_par.c asn1_lib.c asn1_err.c a_bytes.c a_strnid.c \
evp_asn1.c asn_pack.c p5_pbe.c p5_pbev2.c p8_pkey.c asn_moid.c
LIBOBJ= a_object.o a_bitstr.o a_utctm.o a_gentm.o a_time.o a_int.o a_octet.o \
a_print.o a_type.o a_set.o a_dup.o a_d2i_fp.o a_i2d_fp.o \
@@ -34,18 +35,19 @@
a_enum.o a_utf8.o a_sign.o a_digest.o a_verify.o a_mbstr.o a_strex.o \
x_algor.o x_val.o x_pubkey.o x_sig.o x_req.o x_attrib.o x_bignum.o \
x_long.o x_name.o x_x509.o x_x509a.o x_crl.o x_info.o x_spki.o nsseq.o \
- d2i_pu.o d2i_pr.o i2d_pu.o i2d_pr.o \
+ x_nx509.o d2i_pu.o d2i_pr.o i2d_pu.o i2d_pr.o \
t_req.o t_x509.o t_x509a.o t_crl.o t_pkey.o t_spki.o t_bitst.o \
tasn_new.o tasn_fre.o tasn_enc.o tasn_dec.o tasn_utl.o tasn_typ.o \
+ tasn_prn.o ameth_lib.o \
f_int.o f_string.o n_pkey.o \
- f_enum.o a_hdr.o x_pkey.o a_bool.o x_exten.o asn_mime.o \
- asn1_gen.o asn1_par.o asn1_lib.o asn1_err.o a_meth.o a_bytes.o a_strnid.o \
+ f_enum.o x_pkey.o a_bool.o x_exten.o bio_asn1.o bio_ndef.o asn_mime.o \
+ asn1_gen.o asn1_par.o asn1_lib.o asn1_err.o a_bytes.o a_strnid.o \
evp_asn1.o asn_pack.o p5_pbe.o p5_pbev2.o p8_pkey.o asn_moid.o
SRC= $(LIBSRC)
EXHEADER= asn1.h asn1_mac.h asn1t.h
-HEADER= $(EXHEADER)
+HEADER= $(EXHEADER) asn1_locl.h
ALL= $(GENERAL) $(SRC) $(HEADER)
@@ -63,7 +65,7 @@
all: lib
lib: $(LIBOBJ)
- $(ARX) $(LIB) $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
@@ -91,6 +93,8 @@
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
+update: depend
+
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by top Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
@@ -142,9 +146,9 @@
a_digest.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
a_digest.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
a_digest.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-a_digest.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-a_digest.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-a_digest.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+a_digest.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+a_digest.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+a_digest.o: ../../include/openssl/opensslconf.h
a_digest.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
a_digest.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
a_digest.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
@@ -173,14 +177,6 @@
a_gentm.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
a_gentm.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
a_gentm.o: ../cryptlib.h ../o_time.h a_gentm.c
-a_hdr.o: ../../e_os.h ../../include/openssl/asn1.h
-a_hdr.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
-a_hdr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-a_hdr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-a_hdr.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-a_hdr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-a_hdr.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-a_hdr.o: ../../include/openssl/symhacks.h ../cryptlib.h a_hdr.c
a_i2d_fp.o: ../../e_os.h ../../include/openssl/asn1.h
a_i2d_fp.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
a_i2d_fp.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
@@ -205,13 +201,6 @@
a_mbstr.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
a_mbstr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
a_mbstr.o: ../cryptlib.h a_mbstr.c
-a_meth.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-a_meth.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-a_meth.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-a_meth.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-a_meth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-a_meth.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-a_meth.o: ../../include/openssl/symhacks.h ../cryptlib.h a_meth.c
a_object.o: ../../e_os.h ../../include/openssl/asn1.h
a_object.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
a_object.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
@@ -250,27 +239,27 @@
a_sign.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
a_sign.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
a_sign.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-a_sign.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-a_sign.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-a_sign.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-a_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-a_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-a_sign.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-a_sign.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-a_sign.o: ../../include/openssl/x509_vfy.h ../cryptlib.h a_sign.c
+a_sign.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+a_sign.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+a_sign.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+a_sign.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+a_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+a_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+a_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+a_sign.o: ../cryptlib.h a_sign.c asn1_locl.h
a_strex.o: ../../e_os.h ../../include/openssl/asn1.h
a_strex.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
a_strex.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
a_strex.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
a_strex.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-a_strex.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-a_strex.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-a_strex.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-a_strex.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-a_strex.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-a_strex.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-a_strex.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-a_strex.o: ../../include/openssl/x509_vfy.h ../cryptlib.h a_strex.c charmap.h
+a_strex.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+a_strex.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+a_strex.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+a_strex.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+a_strex.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+a_strex.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+a_strex.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+a_strex.o: ../cryptlib.h a_strex.c charmap.h
a_strnid.o: ../../e_os.h ../../include/openssl/asn1.h
a_strnid.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
a_strnid.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
@@ -318,14 +307,29 @@
a_verify.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
a_verify.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
a_verify.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-a_verify.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-a_verify.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-a_verify.o: ../../include/openssl/opensslconf.h
+a_verify.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+a_verify.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
a_verify.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
a_verify.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
a_verify.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
a_verify.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
a_verify.o: ../../include/openssl/x509_vfy.h ../cryptlib.h a_verify.c
+a_verify.o: asn1_locl.h
+ameth_lib.o: ../../e_os.h ../../include/openssl/asn1.h
+ameth_lib.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+ameth_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+ameth_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ameth_lib.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+ameth_lib.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+ameth_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+ameth_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+ameth_lib.o: ../../include/openssl/opensslconf.h
+ameth_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ameth_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+ameth_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ameth_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+ameth_lib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h ameth_lib.c
+ameth_lib.o: asn1_locl.h
asn1_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
asn1_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
asn1_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
@@ -339,9 +343,8 @@
asn1_gen.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
asn1_gen.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
asn1_gen.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-asn1_gen.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-asn1_gen.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-asn1_gen.o: ../../include/openssl/opensslconf.h
+asn1_gen.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+asn1_gen.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
asn1_gen.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
asn1_gen.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
asn1_gen.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
@@ -371,15 +374,14 @@
asn_mime.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
asn_mime.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
asn_mime.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-asn_mime.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-asn_mime.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-asn_mime.o: ../../include/openssl/opensslconf.h
+asn_mime.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+asn_mime.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
asn_mime.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
asn_mime.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
asn_mime.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
asn_mime.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
asn_mime.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-asn_mime.o: ../cryptlib.h asn_mime.c
+asn_mime.o: ../cryptlib.h asn1_locl.h asn_mime.c
asn_moid.o: ../../e_os.h ../../include/openssl/asn1.h
asn_moid.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
asn_moid.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
@@ -386,9 +388,9 @@
asn_moid.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
asn_moid.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
asn_moid.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-asn_moid.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-asn_moid.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-asn_moid.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+asn_moid.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+asn_moid.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+asn_moid.o: ../../include/openssl/opensslconf.h
asn_moid.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
asn_moid.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
asn_moid.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
@@ -402,28 +404,43 @@
asn_pack.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
asn_pack.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
asn_pack.o: ../../include/openssl/symhacks.h ../cryptlib.h asn_pack.c
+bio_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+bio_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+bio_asn1.o: ../../include/openssl/opensslconf.h
+bio_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bio_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bio_asn1.o: ../../include/openssl/symhacks.h bio_asn1.c
+bio_ndef.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+bio_ndef.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+bio_ndef.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bio_ndef.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bio_ndef.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bio_ndef.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bio_ndef.o: ../../include/openssl/symhacks.h bio_ndef.c
d2i_pr.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
d2i_pr.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-d2i_pr.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
-d2i_pr.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+d2i_pr.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+d2i_pr.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+d2i_pr.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
d2i_pr.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-d2i_pr.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-d2i_pr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-d2i_pr.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-d2i_pr.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rsa.h
-d2i_pr.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-d2i_pr.o: ../../include/openssl/symhacks.h ../cryptlib.h d2i_pr.c
+d2i_pr.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+d2i_pr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+d2i_pr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+d2i_pr.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+d2i_pr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+d2i_pr.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+d2i_pr.o: ../../include/openssl/x509_vfy.h ../cryptlib.h asn1_locl.h d2i_pr.c
d2i_pu.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
d2i_pu.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
d2i_pu.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
d2i_pu.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
d2i_pu.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-d2i_pu.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-d2i_pu.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-d2i_pu.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-d2i_pu.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rsa.h
-d2i_pu.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-d2i_pu.o: ../../include/openssl/symhacks.h ../cryptlib.h d2i_pu.c
+d2i_pu.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+d2i_pu.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+d2i_pu.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+d2i_pu.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+d2i_pu.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+d2i_pu.o: ../cryptlib.h d2i_pu.c
evp_asn1.o: ../../e_os.h ../../include/openssl/asn1.h
evp_asn1.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
evp_asn1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
@@ -455,27 +472,28 @@
f_string.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
f_string.o: ../../include/openssl/symhacks.h ../cryptlib.h f_string.c
i2d_pr.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-i2d_pr.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-i2d_pr.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
+i2d_pr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
i2d_pr.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+i2d_pr.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
i2d_pr.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-i2d_pr.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-i2d_pr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-i2d_pr.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-i2d_pr.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rsa.h
-i2d_pr.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-i2d_pr.o: ../../include/openssl/symhacks.h ../cryptlib.h i2d_pr.c
+i2d_pr.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+i2d_pr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+i2d_pr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+i2d_pr.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+i2d_pr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+i2d_pr.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+i2d_pr.o: ../../include/openssl/x509_vfy.h ../cryptlib.h asn1_locl.h i2d_pr.c
i2d_pu.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
i2d_pu.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
i2d_pu.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
i2d_pu.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
i2d_pu.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-i2d_pu.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-i2d_pu.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-i2d_pu.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-i2d_pu.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rsa.h
-i2d_pu.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-i2d_pu.o: ../../include/openssl/symhacks.h ../cryptlib.h i2d_pu.c
+i2d_pu.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+i2d_pu.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+i2d_pu.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+i2d_pu.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+i2d_pu.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+i2d_pu.o: ../cryptlib.h i2d_pu.c
n_pkey.o: ../../e_os.h ../../include/openssl/asn1.h
n_pkey.o: ../../include/openssl/asn1_mac.h ../../include/openssl/asn1t.h
n_pkey.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
@@ -482,27 +500,26 @@
n_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
n_pkey.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
n_pkey.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-n_pkey.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-n_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-n_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-n_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-n_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
-n_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-n_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-n_pkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-n_pkey.o: ../cryptlib.h n_pkey.c
+n_pkey.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+n_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+n_pkey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+n_pkey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+n_pkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+n_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+n_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+n_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h n_pkey.c
nsseq.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
nsseq.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
nsseq.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
nsseq.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
nsseq.o: ../../include/openssl/ecdsa.h ../../include/openssl/evp.h
-nsseq.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-nsseq.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-nsseq.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-nsseq.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-nsseq.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-nsseq.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-nsseq.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h nsseq.c
+nsseq.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+nsseq.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+nsseq.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+nsseq.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+nsseq.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+nsseq.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+nsseq.o: ../../include/openssl/x509_vfy.h nsseq.c
p5_pbe.o: ../../e_os.h ../../include/openssl/asn1.h
p5_pbe.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
p5_pbe.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
@@ -509,14 +526,14 @@
p5_pbe.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
p5_pbe.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
p5_pbe.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p5_pbe.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-p5_pbe.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p5_pbe.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-p5_pbe.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-p5_pbe.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
-p5_pbe.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p5_pbe.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p5_pbe.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p5_pbe.c
+p5_pbe.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p5_pbe.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p5_pbe.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p5_pbe.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+p5_pbe.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p5_pbe.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p5_pbe.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p5_pbe.o: ../cryptlib.h p5_pbe.c
p5_pbev2.o: ../../e_os.h ../../include/openssl/asn1.h
p5_pbev2.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
p5_pbev2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
@@ -523,9 +540,8 @@
p5_pbev2.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
p5_pbev2.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
p5_pbev2.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p5_pbev2.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-p5_pbev2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p5_pbev2.o: ../../include/openssl/opensslconf.h
+p5_pbev2.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p5_pbev2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
p5_pbev2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
p5_pbev2.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
p5_pbev2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
@@ -538,14 +554,13 @@
p8_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
p8_pkey.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
p8_pkey.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p8_pkey.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-p8_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p8_pkey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-p8_pkey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-p8_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p8_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p8_pkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p8_pkey.o: ../cryptlib.h p8_pkey.c
+p8_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p8_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p8_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p8_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+p8_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+p8_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+p8_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p8_pkey.c
t_bitst.o: ../../e_os.h ../../include/openssl/asn1.h
t_bitst.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
t_bitst.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
@@ -552,14 +567,14 @@
t_bitst.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
t_bitst.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
t_bitst.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-t_bitst.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-t_bitst.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-t_bitst.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-t_bitst.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-t_bitst.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-t_bitst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-t_bitst.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-t_bitst.o: ../../include/openssl/x509v3.h ../cryptlib.h t_bitst.c
+t_bitst.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+t_bitst.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+t_bitst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+t_bitst.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+t_bitst.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+t_bitst.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+t_bitst.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+t_bitst.o: ../cryptlib.h t_bitst.c
t_crl.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
t_crl.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
t_crl.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
@@ -566,23 +581,21 @@
t_crl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
t_crl.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
t_crl.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-t_crl.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-t_crl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-t_crl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-t_crl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-t_crl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-t_crl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-t_crl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-t_crl.o: ../../include/openssl/x509v3.h ../cryptlib.h t_crl.c
+t_crl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+t_crl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+t_crl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+t_crl.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+t_crl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+t_crl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+t_crl.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+t_crl.o: ../cryptlib.h t_crl.c
t_pkey.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
t_pkey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-t_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
-t_pkey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-t_pkey.o: ../../include/openssl/ec.h ../../include/openssl/err.h
-t_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-t_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-t_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-t_pkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+t_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+t_pkey.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+t_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+t_pkey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+t_pkey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
t_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
t_pkey.o: ../cryptlib.h t_pkey.c
t_req.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
@@ -591,15 +604,15 @@
t_req.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
t_req.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
t_req.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-t_req.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-t_req.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-t_req.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-t_req.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-t_req.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
-t_req.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-t_req.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-t_req.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-t_req.o: ../../include/openssl/x509v3.h ../cryptlib.h t_req.c
+t_req.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+t_req.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+t_req.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+t_req.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+t_req.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+t_req.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+t_req.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+t_req.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+t_req.o: ../cryptlib.h t_req.c
t_spki.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
t_spki.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
t_spki.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
@@ -606,14 +619,14 @@
t_spki.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
t_spki.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
t_spki.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-t_spki.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-t_spki.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-t_spki.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-t_spki.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-t_spki.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-t_spki.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-t_spki.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-t_spki.o: ../../include/openssl/x509_vfy.h ../cryptlib.h t_spki.c
+t_spki.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+t_spki.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+t_spki.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+t_spki.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+t_spki.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+t_spki.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+t_spki.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+t_spki.o: ../cryptlib.h t_spki.c
t_x509.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
t_x509.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
t_x509.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
@@ -620,28 +633,28 @@
t_x509.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
t_x509.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
t_x509.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-t_x509.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-t_x509.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-t_x509.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-t_x509.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-t_x509.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
-t_x509.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-t_x509.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-t_x509.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-t_x509.o: ../../include/openssl/x509v3.h ../cryptlib.h t_x509.c
+t_x509.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+t_x509.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+t_x509.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+t_x509.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+t_x509.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+t_x509.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+t_x509.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+t_x509.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+t_x509.o: ../cryptlib.h asn1_locl.h t_x509.c
t_x509a.o: ../../e_os.h ../../include/openssl/asn1.h
t_x509a.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
t_x509a.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
t_x509a.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
t_x509a.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-t_x509a.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-t_x509a.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-t_x509a.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-t_x509a.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-t_x509a.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-t_x509a.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-t_x509a.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-t_x509a.o: ../../include/openssl/x509_vfy.h ../cryptlib.h t_x509a.c
+t_x509a.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+t_x509a.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+t_x509a.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+t_x509a.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+t_x509a.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+t_x509a.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+t_x509a.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+t_x509a.o: ../cryptlib.h t_x509a.c
tasn_dec.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
tasn_dec.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
tasn_dec.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
@@ -675,6 +688,21 @@
tasn_new.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
tasn_new.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
tasn_new.o: ../../include/openssl/symhacks.h tasn_new.c
+tasn_prn.o: ../../e_os.h ../../include/openssl/asn1.h
+tasn_prn.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+tasn_prn.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+tasn_prn.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+tasn_prn.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+tasn_prn.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
+tasn_prn.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+tasn_prn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+tasn_prn.o: ../../include/openssl/opensslconf.h
+tasn_prn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+tasn_prn.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+tasn_prn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+tasn_prn.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+tasn_prn.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+tasn_prn.o: ../cryptlib.h asn1_locl.h tasn_prn.c
tasn_typ.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
tasn_typ.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
tasn_typ.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
@@ -694,14 +722,13 @@
x_algor.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
x_algor.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
x_algor.o: ../../include/openssl/ecdsa.h ../../include/openssl/evp.h
-x_algor.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-x_algor.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x_algor.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-x_algor.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-x_algor.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x_algor.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x_algor.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-x_algor.o: x_algor.c
+x_algor.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x_algor.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x_algor.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x_algor.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x_algor.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x_algor.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x_algor.o: ../../include/openssl/x509_vfy.h x_algor.c
x_attrib.o: ../../e_os.h ../../include/openssl/asn1.h
x_attrib.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
x_attrib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
@@ -708,9 +735,8 @@
x_attrib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
x_attrib.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
x_attrib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x_attrib.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-x_attrib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x_attrib.o: ../../include/openssl/opensslconf.h
+x_attrib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x_attrib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
x_attrib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
x_attrib.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
x_attrib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
@@ -727,11 +753,11 @@
x_bignum.o: ../../include/openssl/symhacks.h ../cryptlib.h x_bignum.c
x_crl.o: ../../e_os.h ../../include/openssl/asn1.h
x_crl.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-x_crl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-x_crl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-x_crl.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-x_crl.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x_crl.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
+x_crl.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+x_crl.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x_crl.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+x_crl.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
+x_crl.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
x_crl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
x_crl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
x_crl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
@@ -738,33 +764,31 @@
x_crl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
x_crl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
x_crl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-x_crl.o: ../cryptlib.h x_crl.c
+x_crl.o: ../../include/openssl/x509v3.h ../cryptlib.h asn1_locl.h x_crl.c
x_exten.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
x_exten.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
x_exten.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
x_exten.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
x_exten.o: ../../include/openssl/ecdsa.h ../../include/openssl/evp.h
-x_exten.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-x_exten.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x_exten.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-x_exten.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-x_exten.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x_exten.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x_exten.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-x_exten.o: x_exten.c
+x_exten.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x_exten.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x_exten.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x_exten.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x_exten.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x_exten.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x_exten.o: ../../include/openssl/x509_vfy.h x_exten.c
x_info.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
x_info.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
x_info.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
x_info.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
x_info.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x_info.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-x_info.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x_info.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-x_info.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-x_info.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x_info.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x_info.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-x_info.o: ../cryptlib.h x_info.c
+x_info.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x_info.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x_info.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x_info.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x_info.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x_info.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x_info.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_info.c
x_long.o: ../../e_os.h ../../include/openssl/asn1.h
x_long.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
x_long.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
@@ -780,14 +804,25 @@
x_name.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
x_name.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
x_name.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x_name.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-x_name.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x_name.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-x_name.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-x_name.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x_name.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x_name.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-x_name.o: ../cryptlib.h x_name.c
+x_name.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x_name.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x_name.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x_name.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x_name.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x_name.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x_name.o: ../../include/openssl/x509_vfy.h ../cryptlib.h asn1_locl.h x_name.c
+x_nx509.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+x_nx509.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x_nx509.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x_nx509.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+x_nx509.o: ../../include/openssl/ecdsa.h ../../include/openssl/evp.h
+x_nx509.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x_nx509.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x_nx509.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x_nx509.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x_nx509.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x_nx509.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x_nx509.o: ../../include/openssl/x509_vfy.h x_nx509.c
x_pkey.o: ../../e_os.h ../../include/openssl/asn1.h
x_pkey.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
x_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
@@ -794,14 +829,13 @@
x_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
x_pkey.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
x_pkey.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x_pkey.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-x_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x_pkey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-x_pkey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-x_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x_pkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-x_pkey.o: ../cryptlib.h x_pkey.c
+x_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_pkey.c
x_pubkey.o: ../../e_os.h ../../include/openssl/asn1.h
x_pubkey.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
x_pubkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
@@ -808,15 +842,15 @@
x_pubkey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
x_pubkey.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
x_pubkey.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-x_pubkey.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-x_pubkey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-x_pubkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x_pubkey.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x_pubkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x_pubkey.o: ../../include/openssl/opensslconf.h
x_pubkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
x_pubkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
x_pubkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
x_pubkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
x_pubkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-x_pubkey.o: ../cryptlib.h x_pubkey.c
+x_pubkey.o: ../cryptlib.h asn1_locl.h x_pubkey.c
x_req.o: ../../e_os.h ../../include/openssl/asn1.h
x_req.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
x_req.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
@@ -823,14 +857,13 @@
x_req.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
x_req.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
x_req.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x_req.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-x_req.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x_req.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-x_req.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-x_req.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x_req.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x_req.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-x_req.o: ../cryptlib.h x_req.c
+x_req.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x_req.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x_req.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x_req.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x_req.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x_req.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x_req.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_req.c
x_sig.o: ../../e_os.h ../../include/openssl/asn1.h
x_sig.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
x_sig.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
@@ -837,14 +870,13 @@
x_sig.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
x_sig.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
x_sig.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x_sig.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-x_sig.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x_sig.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-x_sig.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-x_sig.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x_sig.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x_sig.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-x_sig.o: ../cryptlib.h x_sig.c
+x_sig.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x_sig.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x_sig.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x_sig.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x_sig.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x_sig.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x_sig.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_sig.c
x_spki.o: ../../e_os.h ../../include/openssl/asn1.h
x_spki.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
x_spki.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
@@ -851,14 +883,13 @@
x_spki.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
x_spki.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
x_spki.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x_spki.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-x_spki.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x_spki.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-x_spki.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-x_spki.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x_spki.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x_spki.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-x_spki.o: ../cryptlib.h x_spki.c
+x_spki.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x_spki.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x_spki.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x_spki.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x_spki.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x_spki.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x_spki.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_spki.c
x_val.o: ../../e_os.h ../../include/openssl/asn1.h
x_val.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
x_val.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
@@ -865,14 +896,13 @@
x_val.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
x_val.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
x_val.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x_val.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-x_val.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x_val.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-x_val.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-x_val.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x_val.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x_val.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-x_val.o: ../cryptlib.h x_val.c
+x_val.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x_val.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x_val.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x_val.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x_val.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x_val.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x_val.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_val.c
x_x509.o: ../../e_os.h ../../include/openssl/asn1.h
x_x509.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
x_x509.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
@@ -879,15 +909,14 @@
x_x509.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
x_x509.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
x_x509.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-x_x509.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-x_x509.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-x_x509.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x_x509.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x_x509.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-x_x509.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x_x509.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x_x509.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-x_x509.o: ../cryptlib.h x_x509.c
+x_x509.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x_x509.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x_x509.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x_x509.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+x_x509.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x_x509.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_x509.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x_x509.o: ../../include/openssl/x509v3.h ../cryptlib.h x_x509.c
x_x509a.o: ../../e_os.h ../../include/openssl/asn1.h
x_x509a.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
x_x509a.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
@@ -894,11 +923,10 @@
x_x509a.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
x_x509a.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
x_x509a.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x_x509a.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-x_x509a.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x_x509a.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-x_x509a.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-x_x509a.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x_x509a.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x_x509a.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-x_x509a.o: ../cryptlib.h x_x509a.c
+x_x509a.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x_x509a.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x_x509a.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x_x509a.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x_x509a.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x_x509a.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x_x509a.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_x509a.c
Modified: trunk/crypto/openssl/crypto/asn1/a_bitstr.c
===================================================================
--- trunk/crypto/openssl/crypto/asn1/a_bitstr.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/asn1/a_bitstr.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -234,3 +234,29 @@
return (0);
return ((a->data[w] & v) != 0);
}
+
+/*
+ * Checks if the given bit string contains only bits specified by
+ * the flags vector. Returns 0 if there is at least one bit set in 'a'
+ * which is not specified in 'flags', 1 otherwise.
+ * 'len' is the length of 'flags'.
+ */
+int ASN1_BIT_STRING_check(ASN1_BIT_STRING *a,
+ unsigned char *flags, int flags_len)
+{
+ int i, ok;
+ /* Check if there is one bit set at all. */
+ if (!a || !a->data)
+ return 1;
+
+ /*
+ * Check each byte of the internal representation of the bit string.
+ */
+ ok = 1;
+ for (i = 0; i < a->length && ok; ++i) {
+ unsigned char mask = i < flags_len ? ~flags[i] : 0xff;
+ /* We are done if there is an unneeded bit set. */
+ ok = (a->data[i] & mask) == 0;
+ }
+ return ok;
+}
Modified: trunk/crypto/openssl/crypto/asn1/a_digest.c
===================================================================
--- trunk/crypto/openssl/crypto/asn1/a_digest.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/asn1/a_digest.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -86,7 +86,8 @@
p = str;
i2d(data, &p);
- EVP_Digest(str, i, md, len, type, NULL);
+ if (!EVP_Digest(str, i, md, len, type, NULL))
+ return 0;
OPENSSL_free(str);
return (1);
}
@@ -103,7 +104,8 @@
if (!str)
return (0);
- EVP_Digest(str, i, md, len, type, NULL);
+ if (!EVP_Digest(str, i, md, len, type, NULL))
+ return 0;
OPENSSL_free(str);
return (1);
}
Modified: trunk/crypto/openssl/crypto/asn1/a_dup.c
===================================================================
--- trunk/crypto/openssl/crypto/asn1/a_dup.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/asn1/a_dup.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -62,7 +62,7 @@
#ifndef NO_OLD_ASN1
-void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, char *x)
+void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, void *x)
{
unsigned char *b, *p;
const unsigned char *p2;
Modified: trunk/crypto/openssl/crypto/asn1/a_gentm.c
===================================================================
--- trunk/crypto/openssl/crypto/asn1/a_gentm.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/asn1/a_gentm.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -119,8 +119,8 @@
int ASN1_GENERALIZEDTIME_check(ASN1_GENERALIZEDTIME *d)
{
- static int min[9] = { 0, 0, 1, 1, 0, 0, 0, 0, 0 };
- static int max[9] = { 99, 99, 12, 31, 23, 59, 59, 12, 59 };
+ static const int min[9] = { 0, 0, 1, 1, 0, 0, 0, 0, 0 };
+ static const int max[9] = { 99, 99, 12, 31, 23, 59, 59, 12, 59 };
char *a;
int n, i, l, o;
@@ -189,6 +189,9 @@
goto err;
o++;
}
+ } else {
+ /* Missing time zone information. */
+ goto err;
}
return (o == l);
err:
@@ -217,6 +220,13 @@
ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,
time_t t)
{
+ return ASN1_GENERALIZEDTIME_adj(s, t, 0, 0);
+}
+
+ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s,
+ time_t t, int offset_day,
+ long offset_sec)
+{
char *p;
struct tm *ts;
struct tm data;
@@ -231,11 +241,16 @@
if (ts == NULL)
return (NULL);
+ if (offset_day || offset_sec) {
+ if (!OPENSSL_gmtime_adj(ts, offset_day, offset_sec))
+ return NULL;
+ }
+
p = (char *)s->data;
if ((p == NULL) || ((size_t)s->length < len)) {
p = OPENSSL_malloc(len);
if (p == NULL) {
- ASN1err(ASN1_F_ASN1_GENERALIZEDTIME_SET, ERR_R_MALLOC_FAILURE);
+ ASN1err(ASN1_F_ASN1_GENERALIZEDTIME_ADJ, ERR_R_MALLOC_FAILURE);
return (NULL);
}
if (s->data != NULL)
Modified: trunk/crypto/openssl/crypto/asn1/a_int.c
===================================================================
--- trunk/crypto/openssl/crypto/asn1/a_int.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/asn1/a_int.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -61,12 +61,12 @@
#include <openssl/asn1.h>
#include <openssl/bn.h>
-ASN1_INTEGER *ASN1_INTEGER_dup(ASN1_INTEGER *x)
+ASN1_INTEGER *ASN1_INTEGER_dup(const ASN1_INTEGER *x)
{
return M_ASN1_INTEGER_dup(x);
}
-int ASN1_INTEGER_cmp(ASN1_INTEGER *x, ASN1_INTEGER *y)
+int ASN1_INTEGER_cmp(const ASN1_INTEGER *x, const ASN1_INTEGER *y)
{
int neg, ret;
/* Compare signs */
@@ -379,7 +379,7 @@
return (1);
}
-long ASN1_INTEGER_get(ASN1_INTEGER *a)
+long ASN1_INTEGER_get(const ASN1_INTEGER *a)
{
int neg = 0, i;
long r = 0;
@@ -393,8 +393,8 @@
return -1;
if (a->length > (int)sizeof(long)) {
- /* hmm... a bit ugly */
- return (0xffffffffL);
+ /* hmm... a bit ugly, return all ones */
+ return -1;
}
if (a->data == NULL)
return 0;
@@ -408,7 +408,7 @@
return (r);
}
-ASN1_INTEGER *BN_to_ASN1_INTEGER(BIGNUM *bn, ASN1_INTEGER *ai)
+ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai)
{
ASN1_INTEGER *ret;
int len, j;
@@ -448,7 +448,7 @@
return (NULL);
}
-BIGNUM *ASN1_INTEGER_to_BN(ASN1_INTEGER *ai, BIGNUM *bn)
+BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai, BIGNUM *bn)
{
BIGNUM *ret;
Modified: trunk/crypto/openssl/crypto/asn1/a_object.c
===================================================================
--- trunk/crypto/openssl/crypto/asn1/a_object.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/asn1/a_object.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -262,8 +262,6 @@
return ret;
err:
ASN1err(ASN1_F_D2I_ASN1_OBJECT, i);
- if ((ret != NULL) && ((a == NULL) || (*a != ret)))
- ASN1_OBJECT_free(ret);
return (NULL);
}
@@ -272,6 +270,7 @@
{
ASN1_OBJECT *ret = NULL;
const unsigned char *p;
+ unsigned char *data;
int i, length;
/*
@@ -305,17 +304,24 @@
ret = (*a);
p = *pp;
- if ((ret->data == NULL) || (ret->length < length)) {
- if (ret->data != NULL)
- OPENSSL_free(ret->data);
- ret->data = (unsigned char *)OPENSSL_malloc(length);
- ret->flags |= ASN1_OBJECT_FLAG_DYNAMIC_DATA;
- if (ret->data == NULL) {
+ /* detach data from object */
+ data = (unsigned char *)ret->data;
+ ret->data = NULL;
+ /* once detached we can change it */
+ if ((data == NULL) || (ret->length < length)) {
+ ret->length = 0;
+ if (data != NULL)
+ OPENSSL_free(data);
+ data = (unsigned char *)OPENSSL_malloc(length);
+ if (data == NULL) {
i = ERR_R_MALLOC_FAILURE;
goto err;
}
+ ret->flags |= ASN1_OBJECT_FLAG_DYNAMIC_DATA;
}
- memcpy(ret->data, p, length);
+ memcpy(data, p, length);
+ /* reattach data to object, after which it remains const */
+ ret->data = data;
ret->length = length;
ret->sn = NULL;
ret->ln = NULL;
@@ -368,7 +374,7 @@
}
if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_DATA) {
if (a->data != NULL)
- OPENSSL_free(a->data);
+ OPENSSL_free((void *)a->data);
a->data = NULL;
a->length = 0;
}
Modified: trunk/crypto/openssl/crypto/asn1/a_octet.c
===================================================================
--- trunk/crypto/openssl/crypto/asn1/a_octet.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/asn1/a_octet.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -60,12 +60,13 @@
#include "cryptlib.h"
#include <openssl/asn1.h>
-ASN1_OCTET_STRING *ASN1_OCTET_STRING_dup(ASN1_OCTET_STRING *x)
+ASN1_OCTET_STRING *ASN1_OCTET_STRING_dup(const ASN1_OCTET_STRING *x)
{
return M_ASN1_OCTET_STRING_dup(x);
}
-int ASN1_OCTET_STRING_cmp(ASN1_OCTET_STRING *a, ASN1_OCTET_STRING *b)
+int ASN1_OCTET_STRING_cmp(const ASN1_OCTET_STRING *a,
+ const ASN1_OCTET_STRING *b)
{
return M_ASN1_OCTET_STRING_cmp(a, b);
}
Modified: trunk/crypto/openssl/crypto/asn1/a_set.c
===================================================================
--- trunk/crypto/openssl/crypto/asn1/a_set.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/asn1/a_set.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -86,8 +86,8 @@
/*
* int is_set: if TRUE, then sort the contents (i.e. it isn't a SEQUENCE)
*/
-int i2d_ASN1_SET(STACK * a, unsigned char **pp, i2d_of_void *i2d, int ex_tag,
- int ex_class, int is_set)
+int i2d_ASN1_SET(STACK_OF(OPENSSL_BLOCK) *a, unsigned char **pp,
+ i2d_of_void *i2d, int ex_tag, int ex_class, int is_set)
{
int ret = 0, r;
int i;
@@ -98,8 +98,8 @@
if (a == NULL)
return (0);
- for (i = sk_num(a) - 1; i >= 0; i--)
- ret += i2d(sk_value(a, i), NULL);
+ for (i = sk_OPENSSL_BLOCK_num(a) - 1; i >= 0; i--)
+ ret += i2d(sk_OPENSSL_BLOCK_value(a, i), NULL);
r = ASN1_object_size(1, ret, ex_tag);
if (pp == NULL)
return (r);
@@ -111,9 +111,9 @@
/* And then again by Ben */
/* And again by Steve */
- if (!is_set || (sk_num(a) < 2)) {
- for (i = 0; i < sk_num(a); i++)
- i2d(sk_value(a, i), &p);
+ if (!is_set || (sk_OPENSSL_BLOCK_num(a) < 2)) {
+ for (i = 0; i < sk_OPENSSL_BLOCK_num(a); i++)
+ i2d(sk_OPENSSL_BLOCK_value(a, i), &p);
*pp = p;
return (r);
@@ -121,15 +121,15 @@
pStart = p; /* Catch the beg of Setblobs */
/* In this array we will store the SET blobs */
- rgSetBlob = (MYBLOB *) OPENSSL_malloc(sk_num(a) * sizeof(MYBLOB));
+ rgSetBlob = OPENSSL_malloc(sk_OPENSSL_BLOCK_num(a) * sizeof(MYBLOB));
if (rgSetBlob == NULL) {
ASN1err(ASN1_F_I2D_ASN1_SET, ERR_R_MALLOC_FAILURE);
return (0);
}
- for (i = 0; i < sk_num(a); i++) {
+ for (i = 0; i < sk_OPENSSL_BLOCK_num(a); i++) {
rgSetBlob[i].pbData = p; /* catch each set encode blob */
- i2d(sk_value(a, i), &p);
+ i2d(sk_OPENSSL_BLOCK_value(a, i), &p);
rgSetBlob[i].cbData = p - rgSetBlob[i].pbData; /* Length of this
* SetBlob */
}
@@ -140,7 +140,7 @@
* Now we have to sort the blobs. I am using a simple algo. *Sort ptrs
* *Copy to temp-mem *Copy from temp-mem to user-mem
*/
- qsort(rgSetBlob, sk_num(a), sizeof(MYBLOB), SetBlobCmp);
+ qsort(rgSetBlob, sk_OPENSSL_BLOCK_num(a), sizeof(MYBLOB), SetBlobCmp);
if (!(pTempMem = OPENSSL_malloc(totSize))) {
ASN1err(ASN1_F_I2D_ASN1_SET, ERR_R_MALLOC_FAILURE);
return (0);
@@ -148,7 +148,7 @@
/* Copy to temp mem */
p = pTempMem;
- for (i = 0; i < sk_num(a); ++i) {
+ for (i = 0; i < sk_OPENSSL_BLOCK_num(a); ++i) {
memcpy(p, rgSetBlob[i].pbData, rgSetBlob[i].cbData);
p += rgSetBlob[i].cbData;
}
@@ -161,15 +161,17 @@
return (r);
}
-STACK *d2i_ASN1_SET(STACK ** a, const unsigned char **pp, long length,
- d2i_of_void *d2i, void (*free_func) (void *), int ex_tag,
- int ex_class)
+STACK_OF(OPENSSL_BLOCK) *d2i_ASN1_SET(STACK_OF(OPENSSL_BLOCK) **a,
+ const unsigned char **pp,
+ long length, d2i_of_void *d2i,
+ void (*free_func) (OPENSSL_BLOCK),
+ int ex_tag, int ex_class)
{
ASN1_const_CTX c;
- STACK *ret = NULL;
+ STACK_OF(OPENSSL_BLOCK) *ret = NULL;
if ((a == NULL) || ((*a) == NULL)) {
- if ((ret = sk_new_null()) == NULL) {
+ if ((ret = sk_OPENSSL_BLOCK_new_null()) == NULL) {
ASN1err(ASN1_F_D2I_ASN1_SET, ERR_R_MALLOC_FAILURE);
goto err;
}
@@ -213,10 +215,10 @@
*/
if ((s = d2i(NULL, &c.p, c.slen)) == NULL) {
ASN1err(ASN1_F_D2I_ASN1_SET, ASN1_R_ERROR_PARSING_SET_ELEMENT);
- asn1_add_error(*pp, (int)(c.q - *pp));
+ asn1_add_error(*pp, (int)(c.p - *pp));
goto err;
}
- if (!sk_push(ret, s))
+ if (!sk_OPENSSL_BLOCK_push(ret, s))
goto err;
}
if (a != NULL)
@@ -226,9 +228,9 @@
err:
if ((ret != NULL) && ((a == NULL) || (*a != ret))) {
if (free_func != NULL)
- sk_pop_free(ret, free_func);
+ sk_OPENSSL_BLOCK_pop_free(ret, free_func);
else
- sk_free(ret);
+ sk_OPENSSL_BLOCK_free(ret);
}
return (NULL);
}
Modified: trunk/crypto/openssl/crypto/asn1/a_sign.c
===================================================================
--- trunk/crypto/openssl/crypto/asn1/a_sign.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/asn1/a_sign.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -123,6 +123,7 @@
#include <openssl/x509.h>
#include <openssl/objects.h>
#include <openssl/buffer.h>
+#include "asn1_locl.h"
#ifndef NO_ASN1_OLD
@@ -181,10 +182,10 @@
p = buf_in;
i2d(data, &p);
- EVP_SignInit_ex(&ctx, type, NULL);
- EVP_SignUpdate(&ctx, (unsigned char *)buf_in, inl);
- if (!EVP_SignFinal(&ctx, (unsigned char *)buf_out,
- (unsigned int *)&outl, pkey)) {
+ if (!EVP_SignInit_ex(&ctx, type, NULL)
+ || !EVP_SignUpdate(&ctx, (unsigned char *)buf_in, inl)
+ || !EVP_SignFinal(&ctx, (unsigned char *)buf_out,
+ (unsigned int *)&outl, pkey)) {
outl = 0;
ASN1err(ASN1_F_ASN1_SIGN, ERR_R_EVP_LIB);
goto err;
@@ -220,66 +221,91 @@
EVP_PKEY *pkey, const EVP_MD *type)
{
EVP_MD_CTX ctx;
+ EVP_MD_CTX_init(&ctx);
+ if (!EVP_DigestSignInit(&ctx, NULL, type, NULL, pkey)) {
+ EVP_MD_CTX_cleanup(&ctx);
+ return 0;
+ }
+ return ASN1_item_sign_ctx(it, algor1, algor2, signature, asn, &ctx);
+}
+
+int ASN1_item_sign_ctx(const ASN1_ITEM *it,
+ X509_ALGOR *algor1, X509_ALGOR *algor2,
+ ASN1_BIT_STRING *signature, void *asn, EVP_MD_CTX *ctx)
+{
+ const EVP_MD *type;
+ EVP_PKEY *pkey;
unsigned char *buf_in = NULL, *buf_out = NULL;
- int i, inl = 0, outl = 0, outll = 0;
- X509_ALGOR *a;
+ size_t inl = 0, outl = 0, outll = 0;
+ int signid, paramtype;
+ int rv;
- EVP_MD_CTX_init(&ctx);
- for (i = 0; i < 2; i++) {
- if (i == 0)
- a = algor1;
+ type = EVP_MD_CTX_md(ctx);
+ pkey = EVP_PKEY_CTX_get0_pkey(ctx->pctx);
+
+ if (!type || !pkey) {
+ ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ASN1_R_CONTEXT_NOT_INITIALISED);
+ return 0;
+ }
+
+ if (pkey->ameth->item_sign) {
+ rv = pkey->ameth->item_sign(ctx, it, asn, algor1, algor2, signature);
+ if (rv == 1)
+ outl = signature->length;
+ /*-
+ * Return value meanings:
+ * <=0: error.
+ * 1: method does everything.
+ * 2: carry on as normal.
+ * 3: ASN1 method sets algorithm identifiers: just sign.
+ */
+ if (rv <= 0)
+ ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ERR_R_EVP_LIB);
+ if (rv <= 1)
+ goto err;
+ } else
+ rv = 2;
+
+ if (rv == 2) {
+ if (type->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) {
+ if (!pkey->ameth ||
+ !OBJ_find_sigid_by_algs(&signid,
+ EVP_MD_nid(type),
+ pkey->ameth->pkey_id)) {
+ ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX,
+ ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED);
+ return 0;
+ }
+ } else
+ signid = type->pkey_type;
+
+ if (pkey->ameth->pkey_flags & ASN1_PKEY_SIGPARAM_NULL)
+ paramtype = V_ASN1_NULL;
else
- a = algor2;
- if (a == NULL)
- continue;
- if (type->pkey_type == NID_dsaWithSHA1 ||
- type->pkey_type == NID_ecdsa_with_SHA1) {
- /*
- * special case: RFC 3279 tells us to omit 'parameters' with
- * id-dsa-with-sha1 and ecdsa-with-SHA1
- */
- ASN1_TYPE_free(a->parameter);
- a->parameter = NULL;
- } else if ((a->parameter == NULL) ||
- (a->parameter->type != V_ASN1_NULL)) {
- ASN1_TYPE_free(a->parameter);
- if ((a->parameter = ASN1_TYPE_new()) == NULL)
- goto err;
- a->parameter->type = V_ASN1_NULL;
- }
- ASN1_OBJECT_free(a->algorithm);
- a->algorithm = OBJ_nid2obj(type->pkey_type);
- if (a->algorithm == NULL) {
- ASN1err(ASN1_F_ASN1_ITEM_SIGN, ASN1_R_UNKNOWN_OBJECT_TYPE);
- goto err;
- }
- if (a->algorithm->length == 0) {
- ASN1err(ASN1_F_ASN1_ITEM_SIGN,
- ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD);
- goto err;
- }
+ paramtype = V_ASN1_UNDEF;
+
+ if (algor1)
+ X509_ALGOR_set0(algor1, OBJ_nid2obj(signid), paramtype, NULL);
+ if (algor2)
+ X509_ALGOR_set0(algor2, OBJ_nid2obj(signid), paramtype, NULL);
+
}
+
inl = ASN1_item_i2d(asn, &buf_in, it);
outll = outl = EVP_PKEY_size(pkey);
- buf_out = (unsigned char *)OPENSSL_malloc((unsigned int)outl);
+ buf_out = OPENSSL_malloc((unsigned int)outl);
if ((buf_in == NULL) || (buf_out == NULL)) {
outl = 0;
- ASN1err(ASN1_F_ASN1_ITEM_SIGN, ERR_R_MALLOC_FAILURE);
+ ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ERR_R_MALLOC_FAILURE);
goto err;
}
- if (!EVP_SignInit_ex(&ctx, type, NULL)) {
+ if (!EVP_DigestSignUpdate(ctx, buf_in, inl)
+ || !EVP_DigestSignFinal(ctx, buf_out, &outl)) {
outl = 0;
- ASN1err(ASN1_F_ASN1_ITEM_SIGN, ERR_R_EVP_LIB);
+ ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ERR_R_EVP_LIB);
goto err;
}
- EVP_SignUpdate(&ctx, (unsigned char *)buf_in, inl);
- if (!EVP_SignFinal(&ctx, (unsigned char *)buf_out,
- (unsigned int *)&outl, pkey)) {
- outl = 0;
- ASN1err(ASN1_F_ASN1_ITEM_SIGN, ERR_R_EVP_LIB);
- goto err;
- }
if (signature->data != NULL)
OPENSSL_free(signature->data);
signature->data = buf_out;
@@ -292,7 +318,7 @@
signature->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07);
signature->flags |= ASN1_STRING_FLAG_BITS_LEFT;
err:
- EVP_MD_CTX_cleanup(&ctx);
+ EVP_MD_CTX_cleanup(ctx);
if (buf_in != NULL) {
OPENSSL_cleanse((char *)buf_in, (unsigned int)inl);
OPENSSL_free(buf_in);
Modified: trunk/crypto/openssl/crypto/asn1/a_strex.c
===================================================================
--- trunk/crypto/openssl/crypto/asn1/a_strex.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/asn1/a_strex.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -638,6 +638,7 @@
mbflag |= MBSTRING_FLAG;
stmp.data = NULL;
stmp.length = 0;
+ stmp.flags = 0;
ret =
ASN1_mbstring_copy(&str, in->data, in->length, mbflag,
B_ASN1_UTF8STRING);
Modified: trunk/crypto/openssl/crypto/asn1/a_strnid.c
===================================================================
--- trunk/crypto/openssl/crypto/asn1/a_strnid.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/asn1/a_strnid.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -67,7 +67,6 @@
static void st_free(ASN1_STRING_TABLE *tbl);
static int sk_table_cmp(const ASN1_STRING_TABLE *const *a,
const ASN1_STRING_TABLE *const *b);
-static int table_cmp(const void *a, const void *b);
/*
* This is the global mask for the mbstring functions: this is use to mask
@@ -171,7 +170,7 @@
/* This table must be kept in NID order */
-static ASN1_STRING_TABLE tbl_standard[] = {
+static const ASN1_STRING_TABLE tbl_standard[] = {
{NID_commonName, 1, ub_common_name, DIRSTRING_TYPE, 0},
{NID_countryName, 2, 2, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK},
{NID_localityName, 1, ub_locality_name, DIRSTRING_TYPE, 0},
@@ -202,12 +201,15 @@
return (*a)->nid - (*b)->nid;
}
-static int table_cmp(const void *a, const void *b)
+DECLARE_OBJ_BSEARCH_CMP_FN(ASN1_STRING_TABLE, ASN1_STRING_TABLE, table);
+
+static int table_cmp(const ASN1_STRING_TABLE *a, const ASN1_STRING_TABLE *b)
{
- const ASN1_STRING_TABLE *sa = a, *sb = b;
- return sa->nid - sb->nid;
+ return a->nid - b->nid;
}
+IMPLEMENT_OBJ_BSEARCH_CMP_FN(ASN1_STRING_TABLE, ASN1_STRING_TABLE, table);
+
ASN1_STRING_TABLE *ASN1_STRING_TABLE_get(int nid)
{
int idx;
@@ -214,12 +216,9 @@
ASN1_STRING_TABLE *ttmp;
ASN1_STRING_TABLE fnd;
fnd.nid = nid;
- ttmp = (ASN1_STRING_TABLE *)OBJ_bsearch((char *)&fnd,
- (char *)tbl_standard,
- sizeof(tbl_standard) /
- sizeof(ASN1_STRING_TABLE),
- sizeof(ASN1_STRING_TABLE),
- table_cmp);
+ ttmp = OBJ_bsearch_table(&fnd, tbl_standard,
+ sizeof(tbl_standard) /
+ sizeof(ASN1_STRING_TABLE));
if (ttmp)
return ttmp;
if (!stable)
Modified: trunk/crypto/openssl/crypto/asn1/a_time.c
===================================================================
--- trunk/crypto/openssl/crypto/asn1/a_time.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/asn1/a_time.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -100,17 +100,27 @@
ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t)
{
+ return ASN1_TIME_adj(s, t, 0, 0);
+}
+
+ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t,
+ int offset_day, long offset_sec)
+{
struct tm *ts;
struct tm data;
ts = OPENSSL_gmtime(&t, &data);
if (ts == NULL) {
- ASN1err(ASN1_F_ASN1_TIME_SET, ASN1_R_ERROR_GETTING_TIME);
+ ASN1err(ASN1_F_ASN1_TIME_ADJ, ASN1_R_ERROR_GETTING_TIME);
return NULL;
}
+ if (offset_day || offset_sec) {
+ if (!OPENSSL_gmtime_adj(ts, offset_day, offset_sec))
+ return NULL;
+ }
if ((ts->tm_year >= 50) && (ts->tm_year < 150))
- return ASN1_UTCTIME_set(s, t);
- return ASN1_GENERALIZEDTIME_set(s, t);
+ return ASN1_UTCTIME_adj(s, t, offset_day, offset_sec);
+ return ASN1_GENERALIZEDTIME_adj(s, t, offset_day, offset_sec);
}
int ASN1_TIME_check(ASN1_TIME *t)
@@ -164,3 +174,25 @@
return ret;
}
+
+int ASN1_TIME_set_string(ASN1_TIME *s, const char *str)
+{
+ ASN1_TIME t;
+
+ t.length = strlen(str);
+ t.data = (unsigned char *)str;
+ t.flags = 0;
+
+ t.type = V_ASN1_UTCTIME;
+
+ if (!ASN1_TIME_check(&t)) {
+ t.type = V_ASN1_GENERALIZEDTIME;
+ if (!ASN1_TIME_check(&t))
+ return 0;
+ }
+
+ if (s && !ASN1_STRING_copy((ASN1_STRING *)s, (ASN1_STRING *)&t))
+ return 0;
+
+ return 1;
+}
Modified: trunk/crypto/openssl/crypto/asn1/a_type.c
===================================================================
--- trunk/crypto/openssl/crypto/asn1/a_type.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/asn1/a_type.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -76,7 +76,10 @@
ASN1_primitive_free((ASN1_VALUE **)tmp_a, NULL);
}
a->type = type;
- a->value.ptr = value;
+ if (type == V_ASN1_BOOLEAN)
+ a->value.boolean = value ? 0xff : 0;
+ else
+ a->value.ptr = value;
}
int ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value)
@@ -92,7 +95,7 @@
ASN1_TYPE_set(a, type, odup);
} else {
ASN1_STRING *sdup;
- sdup = ASN1_STRING_dup((ASN1_STRING *)value);
+ sdup = ASN1_STRING_dup(value);
if (!sdup)
return 0;
ASN1_TYPE_set(a, type, sdup);
Modified: trunk/crypto/openssl/crypto/asn1/a_utctm.c
===================================================================
--- trunk/crypto/openssl/crypto/asn1/a_utctm.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/asn1/a_utctm.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -111,8 +111,8 @@
int ASN1_UTCTIME_check(ASN1_UTCTIME *d)
{
- static int min[8] = { 0, 1, 1, 0, 0, 0, 0, 0 };
- static int max[8] = { 99, 12, 31, 23, 59, 59, 12, 59 };
+ static const int min[8] = { 0, 1, 1, 0, 0, 0, 0, 0 };
+ static const int max[8] = { 99, 12, 31, 23, 59, 59, 12, 59 };
char *a;
int n, i, l, o;
@@ -189,26 +189,43 @@
ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t)
{
+ return ASN1_UTCTIME_adj(s, t, 0, 0);
+}
+
+ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
+ int offset_day, long offset_sec)
+{
char *p;
struct tm *ts;
struct tm data;
size_t len = 20;
+ int free_s = 0;
- if (s == NULL)
+ if (s == NULL) {
+ free_s = 1;
s = M_ASN1_UTCTIME_new();
+ }
if (s == NULL)
- return (NULL);
+ goto err;
ts = OPENSSL_gmtime(&t, &data);
if (ts == NULL)
- return (NULL);
+ goto err;
+ if (offset_day || offset_sec) {
+ if (!OPENSSL_gmtime_adj(ts, offset_day, offset_sec))
+ goto err;
+ }
+
+ if ((ts->tm_year < 50) || (ts->tm_year >= 150))
+ goto err;
+
p = (char *)s->data;
if ((p == NULL) || ((size_t)s->length < len)) {
p = OPENSSL_malloc(len);
if (p == NULL) {
- ASN1err(ASN1_F_ASN1_UTCTIME_SET, ERR_R_MALLOC_FAILURE);
- return (NULL);
+ ASN1err(ASN1_F_ASN1_UTCTIME_ADJ, ERR_R_MALLOC_FAILURE);
+ goto err;
}
if (s->data != NULL)
OPENSSL_free(s->data);
@@ -224,6 +241,10 @@
ebcdic2ascii(s->data, s->data, s->length);
#endif
return (s);
+ err:
+ if (free_s && s)
+ M_ASN1_UTCTIME_free(s);
+ return NULL;
}
int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t)
@@ -246,6 +267,11 @@
t -= offset * 60; /* FIXME: may overflow in extreme cases */
tm = OPENSSL_gmtime(&t, &data);
+ /*
+ * NB: -1, 0, 1 already valid return values so use -2 to indicate error.
+ */
+ if (tm == NULL)
+ return -2;
#define return_cmp(a,b) if ((a)<(b)) return -1; else if ((a)>(b)) return 1
year = g2(s->data);
Modified: trunk/crypto/openssl/crypto/asn1/a_verify.c
===================================================================
--- trunk/crypto/openssl/crypto/asn1/a_verify.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/asn1/a_verify.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -60,6 +60,7 @@
#include <time.h>
#include "cryptlib.h"
+#include "asn1_locl.h"
#ifndef NO_SYS_TYPES_H
# include <sys/types.h>
@@ -103,12 +104,12 @@
p = buf_in;
i2d(data, &p);
- if (!EVP_VerifyInit_ex(&ctx, type, NULL)) {
+ if (!EVP_VerifyInit_ex(&ctx, type, NULL)
+ || !EVP_VerifyUpdate(&ctx, (unsigned char *)buf_in, inl)) {
ASN1err(ASN1_F_ASN1_VERIFY, ERR_R_EVP_LIB);
ret = 0;
goto err;
}
- EVP_VerifyUpdate(&ctx, (unsigned char *)buf_in, inl);
OPENSSL_cleanse(buf_in, (unsigned int)inl);
OPENSSL_free(buf_in);
@@ -136,10 +137,11 @@
ASN1_BIT_STRING *signature, void *asn, EVP_PKEY *pkey)
{
EVP_MD_CTX ctx;
- const EVP_MD *type;
unsigned char *buf_in = NULL;
- int ret = -1, i, inl;
+ int ret = -1, inl;
+ int mdnid, pknid;
+
if (!pkey) {
ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_PASSED_NULL_PARAMETER);
return -1;
@@ -151,18 +153,48 @@
}
EVP_MD_CTX_init(&ctx);
- i = OBJ_obj2nid(a->algorithm);
- type = EVP_get_digestbyname(OBJ_nid2sn(i));
- if (type == NULL) {
- ASN1err(ASN1_F_ASN1_ITEM_VERIFY,
- ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM);
+
+ /* Convert signature OID into digest and public key OIDs */
+ if (!OBJ_find_sigid_algs(OBJ_obj2nid(a->algorithm), &mdnid, &pknid)) {
+ ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM);
goto err;
}
+ if (mdnid == NID_undef) {
+ if (!pkey->ameth || !pkey->ameth->item_verify) {
+ ASN1err(ASN1_F_ASN1_ITEM_VERIFY,
+ ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM);
+ goto err;
+ }
+ ret = pkey->ameth->item_verify(&ctx, it, asn, a, signature, pkey);
+ /*
+ * Return value of 2 means carry on, anything else means we exit
+ * straight away: either a fatal error of the underlying verification
+ * routine handles all verification.
+ */
+ if (ret != 2)
+ goto err;
+ ret = -1;
+ } else {
+ const EVP_MD *type;
+ type = EVP_get_digestbynid(mdnid);
+ if (type == NULL) {
+ ASN1err(ASN1_F_ASN1_ITEM_VERIFY,
+ ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM);
+ goto err;
+ }
- if (!EVP_VerifyInit_ex(&ctx, type, NULL)) {
- ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_EVP_LIB);
- ret = 0;
- goto err;
+ /* Check public key OID matches public key type */
+ if (EVP_PKEY_type(pknid) != pkey->ameth->pkey_id) {
+ ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ASN1_R_WRONG_PUBLIC_KEY_TYPE);
+ goto err;
+ }
+
+ if (!EVP_DigestVerifyInit(&ctx, NULL, type, NULL, pkey)) {
+ ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_EVP_LIB);
+ ret = 0;
+ goto err;
+ }
+
}
inl = ASN1_item_i2d(asn, &buf_in, it);
@@ -172,13 +204,17 @@
goto err;
}
- EVP_VerifyUpdate(&ctx, (unsigned char *)buf_in, inl);
+ if (!EVP_DigestVerifyUpdate(&ctx, buf_in, inl)) {
+ ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_EVP_LIB);
+ ret = 0;
+ goto err;
+ }
OPENSSL_cleanse(buf_in, (unsigned int)inl);
OPENSSL_free(buf_in);
- if (EVP_VerifyFinal(&ctx, (unsigned char *)signature->data,
- (unsigned int)signature->length, pkey) <= 0) {
+ if (EVP_DigestVerifyFinal(&ctx, signature->data,
+ (size_t)signature->length) <= 0) {
ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_EVP_LIB);
ret = 0;
goto err;
Copied: trunk/crypto/openssl/crypto/asn1/ameth_lib.c (from rev 7117, vendor-crypto/openssl/dist/crypto/asn1/ameth_lib.c)
===================================================================
--- trunk/crypto/openssl/crypto/asn1/ameth_lib.c (rev 0)
+++ trunk/crypto/openssl/crypto/asn1/ameth_lib.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,462 @@
+/*
+ * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+ * 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/x509.h>
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+#endif
+#include "asn1_locl.h"
+
+extern const EVP_PKEY_ASN1_METHOD rsa_asn1_meths[];
+extern const EVP_PKEY_ASN1_METHOD dsa_asn1_meths[];
+extern const EVP_PKEY_ASN1_METHOD dh_asn1_meth;
+extern const EVP_PKEY_ASN1_METHOD eckey_asn1_meth;
+extern const EVP_PKEY_ASN1_METHOD hmac_asn1_meth;
+extern const EVP_PKEY_ASN1_METHOD cmac_asn1_meth;
+
+/* Keep this sorted in type order !! */
+static const EVP_PKEY_ASN1_METHOD *standard_methods[] = {
+#ifndef OPENSSL_NO_RSA
+ &rsa_asn1_meths[0],
+ &rsa_asn1_meths[1],
+#endif
+#ifndef OPENSSL_NO_DH
+ &dh_asn1_meth,
+#endif
+#ifndef OPENSSL_NO_DSA
+ &dsa_asn1_meths[0],
+ &dsa_asn1_meths[1],
+ &dsa_asn1_meths[2],
+ &dsa_asn1_meths[3],
+ &dsa_asn1_meths[4],
+#endif
+#ifndef OPENSSL_NO_EC
+ &eckey_asn1_meth,
+#endif
+ &hmac_asn1_meth,
+ &cmac_asn1_meth
+};
+
+typedef int sk_cmp_fn_type(const char *const *a, const char *const *b);
+DECLARE_STACK_OF(EVP_PKEY_ASN1_METHOD)
+static STACK_OF(EVP_PKEY_ASN1_METHOD) *app_methods = NULL;
+
+#ifdef TEST
+void main()
+{
+ int i;
+ for (i = 0;
+ i < sizeof(standard_methods) / sizeof(EVP_PKEY_ASN1_METHOD *); i++)
+ fprintf(stderr, "Number %d id=%d (%s)\n", i,
+ standard_methods[i]->pkey_id,
+ OBJ_nid2sn(standard_methods[i]->pkey_id));
+}
+#endif
+
+DECLARE_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_ASN1_METHOD *,
+ const EVP_PKEY_ASN1_METHOD *, ameth);
+
+static int ameth_cmp(const EVP_PKEY_ASN1_METHOD *const *a,
+ const EVP_PKEY_ASN1_METHOD *const *b)
+{
+ return ((*a)->pkey_id - (*b)->pkey_id);
+}
+
+IMPLEMENT_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_ASN1_METHOD *,
+ const EVP_PKEY_ASN1_METHOD *, ameth);
+
+int EVP_PKEY_asn1_get_count(void)
+{
+ int num = sizeof(standard_methods) / sizeof(EVP_PKEY_ASN1_METHOD *);
+ if (app_methods)
+ num += sk_EVP_PKEY_ASN1_METHOD_num(app_methods);
+ return num;
+}
+
+const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_get0(int idx)
+{
+ int num = sizeof(standard_methods) / sizeof(EVP_PKEY_ASN1_METHOD *);
+ if (idx < 0)
+ return NULL;
+ if (idx < num)
+ return standard_methods[idx];
+ idx -= num;
+ return sk_EVP_PKEY_ASN1_METHOD_value(app_methods, idx);
+}
+
+static const EVP_PKEY_ASN1_METHOD *pkey_asn1_find(int type)
+{
+ EVP_PKEY_ASN1_METHOD tmp;
+ const EVP_PKEY_ASN1_METHOD *t = &tmp, **ret;
+ tmp.pkey_id = type;
+ if (app_methods) {
+ int idx;
+ idx = sk_EVP_PKEY_ASN1_METHOD_find(app_methods, &tmp);
+ if (idx >= 0)
+ return sk_EVP_PKEY_ASN1_METHOD_value(app_methods, idx);
+ }
+ ret = OBJ_bsearch_ameth(&t, standard_methods, sizeof(standard_methods)
+ / sizeof(EVP_PKEY_ASN1_METHOD *));
+ if (!ret || !*ret)
+ return NULL;
+ return *ret;
+}
+
+/*
+ * Find an implementation of an ASN1 algorithm. If 'pe' is not NULL also
+ * search through engines and set *pe to a functional reference to the engine
+ * implementing 'type' or NULL if no engine implements it.
+ */
+
+const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find(ENGINE **pe, int type)
+{
+ const EVP_PKEY_ASN1_METHOD *t;
+
+ for (;;) {
+ t = pkey_asn1_find(type);
+ if (!t || !(t->pkey_flags & ASN1_PKEY_ALIAS))
+ break;
+ type = t->pkey_base_id;
+ }
+ if (pe) {
+#ifndef OPENSSL_NO_ENGINE
+ ENGINE *e;
+ /* type will contain the final unaliased type */
+ e = ENGINE_get_pkey_asn1_meth_engine(type);
+ if (e) {
+ *pe = e;
+ return ENGINE_get_pkey_asn1_meth(e, type);
+ }
+#endif
+ *pe = NULL;
+ }
+ return t;
+}
+
+const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find_str(ENGINE **pe,
+ const char *str, int len)
+{
+ int i;
+ const EVP_PKEY_ASN1_METHOD *ameth;
+ if (len == -1)
+ len = strlen(str);
+ if (pe) {
+#ifndef OPENSSL_NO_ENGINE
+ ENGINE *e;
+ ameth = ENGINE_pkey_asn1_find_str(&e, str, len);
+ if (ameth) {
+ /*
+ * Convert structural into functional reference
+ */
+ if (!ENGINE_init(e))
+ ameth = NULL;
+ ENGINE_free(e);
+ *pe = e;
+ return ameth;
+ }
+#endif
+ *pe = NULL;
+ }
+ for (i = 0; i < EVP_PKEY_asn1_get_count(); i++) {
+ ameth = EVP_PKEY_asn1_get0(i);
+ if (ameth->pkey_flags & ASN1_PKEY_ALIAS)
+ continue;
+ if (((int)strlen(ameth->pem_str) == len) &&
+ !strncasecmp(ameth->pem_str, str, len))
+ return ameth;
+ }
+ return NULL;
+}
+
+int EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth)
+{
+ if (app_methods == NULL) {
+ app_methods = sk_EVP_PKEY_ASN1_METHOD_new(ameth_cmp);
+ if (!app_methods)
+ return 0;
+ }
+ if (!sk_EVP_PKEY_ASN1_METHOD_push(app_methods, ameth))
+ return 0;
+ sk_EVP_PKEY_ASN1_METHOD_sort(app_methods);
+ return 1;
+}
+
+int EVP_PKEY_asn1_add_alias(int to, int from)
+{
+ EVP_PKEY_ASN1_METHOD *ameth;
+ ameth = EVP_PKEY_asn1_new(from, ASN1_PKEY_ALIAS, NULL, NULL);
+ if (!ameth)
+ return 0;
+ ameth->pkey_base_id = to;
+ if (!EVP_PKEY_asn1_add0(ameth)) {
+ EVP_PKEY_asn1_free(ameth);
+ return 0;
+ }
+ return 1;
+}
+
+int EVP_PKEY_asn1_get0_info(int *ppkey_id, int *ppkey_base_id,
+ int *ppkey_flags, const char **pinfo,
+ const char **ppem_str,
+ const EVP_PKEY_ASN1_METHOD *ameth)
+{
+ if (!ameth)
+ return 0;
+ if (ppkey_id)
+ *ppkey_id = ameth->pkey_id;
+ if (ppkey_base_id)
+ *ppkey_base_id = ameth->pkey_base_id;
+ if (ppkey_flags)
+ *ppkey_flags = ameth->pkey_flags;
+ if (pinfo)
+ *pinfo = ameth->info;
+ if (ppem_str)
+ *ppem_str = ameth->pem_str;
+ return 1;
+}
+
+const EVP_PKEY_ASN1_METHOD *EVP_PKEY_get0_asn1(EVP_PKEY *pkey)
+{
+ return pkey->ameth;
+}
+
+EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_new(int id, int flags,
+ const char *pem_str, const char *info)
+{
+ EVP_PKEY_ASN1_METHOD *ameth;
+ ameth = OPENSSL_malloc(sizeof(EVP_PKEY_ASN1_METHOD));
+ if (!ameth)
+ return NULL;
+
+ memset(ameth, 0, sizeof(EVP_PKEY_ASN1_METHOD));
+
+ ameth->pkey_id = id;
+ ameth->pkey_base_id = id;
+ ameth->pkey_flags = flags | ASN1_PKEY_DYNAMIC;
+
+ if (info) {
+ ameth->info = BUF_strdup(info);
+ if (!ameth->info)
+ goto err;
+ } else
+ ameth->info = NULL;
+
+ if (pem_str) {
+ ameth->pem_str = BUF_strdup(pem_str);
+ if (!ameth->pem_str)
+ goto err;
+ } else
+ ameth->pem_str = NULL;
+
+ ameth->pub_decode = 0;
+ ameth->pub_encode = 0;
+ ameth->pub_cmp = 0;
+ ameth->pub_print = 0;
+
+ ameth->priv_decode = 0;
+ ameth->priv_encode = 0;
+ ameth->priv_print = 0;
+
+ ameth->old_priv_encode = 0;
+ ameth->old_priv_decode = 0;
+
+ ameth->item_verify = 0;
+ ameth->item_sign = 0;
+
+ ameth->pkey_size = 0;
+ ameth->pkey_bits = 0;
+
+ ameth->param_decode = 0;
+ ameth->param_encode = 0;
+ ameth->param_missing = 0;
+ ameth->param_copy = 0;
+ ameth->param_cmp = 0;
+ ameth->param_print = 0;
+
+ ameth->pkey_free = 0;
+ ameth->pkey_ctrl = 0;
+
+ return ameth;
+
+ err:
+
+ EVP_PKEY_asn1_free(ameth);
+ return NULL;
+
+}
+
+void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst,
+ const EVP_PKEY_ASN1_METHOD *src)
+{
+
+ dst->pub_decode = src->pub_decode;
+ dst->pub_encode = src->pub_encode;
+ dst->pub_cmp = src->pub_cmp;
+ dst->pub_print = src->pub_print;
+
+ dst->priv_decode = src->priv_decode;
+ dst->priv_encode = src->priv_encode;
+ dst->priv_print = src->priv_print;
+
+ dst->old_priv_encode = src->old_priv_encode;
+ dst->old_priv_decode = src->old_priv_decode;
+
+ dst->pkey_size = src->pkey_size;
+ dst->pkey_bits = src->pkey_bits;
+
+ dst->param_decode = src->param_decode;
+ dst->param_encode = src->param_encode;
+ dst->param_missing = src->param_missing;
+ dst->param_copy = src->param_copy;
+ dst->param_cmp = src->param_cmp;
+ dst->param_print = src->param_print;
+
+ dst->pkey_free = src->pkey_free;
+ dst->pkey_ctrl = src->pkey_ctrl;
+
+ dst->item_sign = src->item_sign;
+ dst->item_verify = src->item_verify;
+
+}
+
+void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth)
+{
+ if (ameth && (ameth->pkey_flags & ASN1_PKEY_DYNAMIC)) {
+ if (ameth->pem_str)
+ OPENSSL_free(ameth->pem_str);
+ if (ameth->info)
+ OPENSSL_free(ameth->info);
+ OPENSSL_free(ameth);
+ }
+}
+
+void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth,
+ int (*pub_decode) (EVP_PKEY *pk,
+ X509_PUBKEY *pub),
+ int (*pub_encode) (X509_PUBKEY *pub,
+ const EVP_PKEY *pk),
+ int (*pub_cmp) (const EVP_PKEY *a,
+ const EVP_PKEY *b),
+ int (*pub_print) (BIO *out,
+ const EVP_PKEY *pkey,
+ int indent, ASN1_PCTX *pctx),
+ int (*pkey_size) (const EVP_PKEY *pk),
+ int (*pkey_bits) (const EVP_PKEY *pk))
+{
+ ameth->pub_decode = pub_decode;
+ ameth->pub_encode = pub_encode;
+ ameth->pub_cmp = pub_cmp;
+ ameth->pub_print = pub_print;
+ ameth->pkey_size = pkey_size;
+ ameth->pkey_bits = pkey_bits;
+}
+
+void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth,
+ int (*priv_decode) (EVP_PKEY *pk,
+ PKCS8_PRIV_KEY_INFO
+ *p8inf),
+ int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8,
+ const EVP_PKEY *pk),
+ int (*priv_print) (BIO *out,
+ const EVP_PKEY *pkey,
+ int indent,
+ ASN1_PCTX *pctx))
+{
+ ameth->priv_decode = priv_decode;
+ ameth->priv_encode = priv_encode;
+ ameth->priv_print = priv_print;
+}
+
+void EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth,
+ int (*param_decode) (EVP_PKEY *pkey,
+ const unsigned char **pder,
+ int derlen),
+ int (*param_encode) (const EVP_PKEY *pkey,
+ unsigned char **pder),
+ int (*param_missing) (const EVP_PKEY *pk),
+ int (*param_copy) (EVP_PKEY *to,
+ const EVP_PKEY *from),
+ int (*param_cmp) (const EVP_PKEY *a,
+ const EVP_PKEY *b),
+ int (*param_print) (BIO *out,
+ const EVP_PKEY *pkey,
+ int indent, ASN1_PCTX *pctx))
+{
+ ameth->param_decode = param_decode;
+ ameth->param_encode = param_encode;
+ ameth->param_missing = param_missing;
+ ameth->param_copy = param_copy;
+ ameth->param_cmp = param_cmp;
+ ameth->param_print = param_print;
+}
+
+void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth,
+ void (*pkey_free) (EVP_PKEY *pkey))
+{
+ ameth->pkey_free = pkey_free;
+}
+
+void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
+ int (*pkey_ctrl) (EVP_PKEY *pkey, int op,
+ long arg1, void *arg2))
+{
+ ameth->pkey_ctrl = pkey_ctrl;
+}
Modified: trunk/crypto/openssl/crypto/asn1/asn1.h
===================================================================
--- trunk/crypto/openssl/crypto/asn1/asn1.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/asn1/asn1.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -211,7 +211,7 @@
const char *sn, *ln;
int nid;
int length;
- unsigned char *data;
+ const unsigned char *data; /* data remains const after init */
int flags; /* Should we free this one */
} ASN1_OBJECT;
@@ -228,10 +228,15 @@
* complete and is a place holder for content when it had all been accessed.
* The flag will be reset when content has been written to it.
*/
+
# define ASN1_STRING_FLAG_CONT 0x020
-
+/*
+ * This flag is used by ASN1 code to indicate an ASN1_STRING is an MSTRING
+ * type.
+ */
+# define ASN1_STRING_FLAG_MSTRING 0x040
/* This is the base type that holds just about everything :-) */
-typedef struct asn1_string_st {
+struct asn1_string_st {
int length;
int type;
unsigned char *data;
@@ -241,7 +246,7 @@
* non-zero 'unused bits' value, it will be handled correctly
*/
long flags;
-} ASN1_STRING;
+};
/*
* ASN1_ENCODING structure: this is used to save the received encoding of an
@@ -289,7 +294,6 @@
* Declarations for template structures: for full definitions see asn1t.h
*/
typedef struct ASN1_TEMPLATE_st ASN1_TEMPLATE;
-typedef struct ASN1_ITEM_st ASN1_ITEM;
typedef struct ASN1_TLC_st ASN1_TLC;
/* This is just an opaque pointer */
typedef struct ASN1_VALUE_st ASN1_VALUE;
@@ -330,6 +334,13 @@
type *name##_new(void); \
void name##_free(type *a);
+# define DECLARE_ASN1_PRINT_FUNCTION(stname) \
+ DECLARE_ASN1_PRINT_FUNCTION_fname(stname, stname)
+
+# define DECLARE_ASN1_PRINT_FUNCTION_fname(stname, fname) \
+ int fname##_print_ctx(BIO *out, stname *x, int indent, \
+ const ASN1_PCTX *pctx);
+
# define D2I_OF(type) type *(*)(type **,const unsigned char **,long)
# define I2D_OF(type) int (*)(type *,unsigned char **)
# define I2D_OF_const(type) int (*)(const type *,unsigned char **)
@@ -344,8 +355,6 @@
((void*) (1 ? p : (type*)0))
# define CHECKED_PPTR_OF(type, p) \
((void**) (1 ? p : (type**)0))
-# define CHECKED_PTR_OF_TO_CHAR(type, p) \
- ((char*) (1 ? p : (type*)0))
# define TYPEDEF_D2I_OF(type) typedef type *d2i_of_##type(type **,const unsigned char **,long)
# define TYPEDEF_I2D_OF(type) typedef int i2d_of_##type(type *,unsigned char **)
@@ -546,19 +555,15 @@
DECLARE_STACK_OF(ASN1_TYPE)
DECLARE_ASN1_SET_OF(ASN1_TYPE)
-typedef struct asn1_method_st {
- i2d_of_void *i2d;
- d2i_of_void *d2i;
- void *(*create) (void);
- void (*destroy) (void *);
-} ASN1_METHOD;
+typedef STACK_OF(ASN1_TYPE) ASN1_SEQUENCE_ANY;
-/* This is used when parsing some Netscape objects */
-typedef struct asn1_header_st {
+DECLARE_ASN1_ENCODE_FUNCTIONS_const(ASN1_SEQUENCE_ANY, ASN1_SEQUENCE_ANY)
+DECLARE_ASN1_ENCODE_FUNCTIONS_const(ASN1_SEQUENCE_ANY, ASN1_SET_ANY)
+
+typedef struct NETSCAPE_X509_st {
ASN1_OCTET_STRING *header;
- void *data;
- ASN1_METHOD *meth;
-} ASN1_HEADER;
+ X509 *cert;
+} NETSCAPE_X509;
/* This is used to contain a list of bit names */
typedef struct BIT_STRING_BITNAME_st {
@@ -577,32 +582,34 @@
ASN1_STRING_type_new(V_ASN1_BIT_STRING)
# define M_ASN1_BIT_STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
# define M_ASN1_BIT_STRING_dup(a) (ASN1_BIT_STRING *)\
- ASN1_STRING_dup((ASN1_STRING *)a)
+ ASN1_STRING_dup((const ASN1_STRING *)a)
# define M_ASN1_BIT_STRING_cmp(a,b) ASN1_STRING_cmp(\
- (ASN1_STRING *)a,(ASN1_STRING *)b)
+ (const ASN1_STRING *)a,(const ASN1_STRING *)b)
# define M_ASN1_BIT_STRING_set(a,b,c) ASN1_STRING_set((ASN1_STRING *)a,b,c)
# define M_ASN1_INTEGER_new() (ASN1_INTEGER *)\
ASN1_STRING_type_new(V_ASN1_INTEGER)
# define M_ASN1_INTEGER_free(a) ASN1_STRING_free((ASN1_STRING *)a)
-# define M_ASN1_INTEGER_dup(a) (ASN1_INTEGER *)ASN1_STRING_dup((ASN1_STRING *)a)
+# define M_ASN1_INTEGER_dup(a) (ASN1_INTEGER *)\
+ ASN1_STRING_dup((const ASN1_STRING *)a)
# define M_ASN1_INTEGER_cmp(a,b) ASN1_STRING_cmp(\
- (ASN1_STRING *)a,(ASN1_STRING *)b)
+ (const ASN1_STRING *)a,(const ASN1_STRING *)b)
# define M_ASN1_ENUMERATED_new() (ASN1_ENUMERATED *)\
ASN1_STRING_type_new(V_ASN1_ENUMERATED)
# define M_ASN1_ENUMERATED_free(a) ASN1_STRING_free((ASN1_STRING *)a)
-# define M_ASN1_ENUMERATED_dup(a) (ASN1_ENUMERATED *)ASN1_STRING_dup((ASN1_STRING *)a)
+# define M_ASN1_ENUMERATED_dup(a) (ASN1_ENUMERATED *)\
+ ASN1_STRING_dup((const ASN1_STRING *)a)
# define M_ASN1_ENUMERATED_cmp(a,b) ASN1_STRING_cmp(\
- (ASN1_STRING *)a,(ASN1_STRING *)b)
+ (const ASN1_STRING *)a,(const ASN1_STRING *)b)
# define M_ASN1_OCTET_STRING_new() (ASN1_OCTET_STRING *)\
ASN1_STRING_type_new(V_ASN1_OCTET_STRING)
# define M_ASN1_OCTET_STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
# define M_ASN1_OCTET_STRING_dup(a) (ASN1_OCTET_STRING *)\
- ASN1_STRING_dup((ASN1_STRING *)a)
+ ASN1_STRING_dup((const ASN1_STRING *)a)
# define M_ASN1_OCTET_STRING_cmp(a,b) ASN1_STRING_cmp(\
- (ASN1_STRING *)a,(ASN1_STRING *)b)
+ (const ASN1_STRING *)a,(const ASN1_STRING *)b)
# define M_ASN1_OCTET_STRING_set(a,b,c) ASN1_STRING_set((ASN1_STRING *)a,b,c)
# define M_ASN1_OCTET_STRING_print(a,b) ASN1_STRING_print(a,(ASN1_STRING *)b)
# define M_i2d_ASN1_OCTET_STRING(a,pp) \
@@ -686,7 +693,7 @@
ASN1_STRING_type_new(V_ASN1_IA5STRING)
# define M_ASN1_IA5STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
# define M_ASN1_IA5STRING_dup(a) \
- (ASN1_IA5STRING *)ASN1_STRING_dup((ASN1_STRING *)a)
+ (ASN1_IA5STRING *)ASN1_STRING_dup((const ASN1_STRING *)a)
# define M_i2d_ASN1_IA5STRING(a,pp) \
i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_IA5STRING,\
V_ASN1_UNIVERSAL)
@@ -697,18 +704,20 @@
# define M_ASN1_UTCTIME_new() (ASN1_UTCTIME *)\
ASN1_STRING_type_new(V_ASN1_UTCTIME)
# define M_ASN1_UTCTIME_free(a) ASN1_STRING_free((ASN1_STRING *)a)
-# define M_ASN1_UTCTIME_dup(a) (ASN1_UTCTIME *)ASN1_STRING_dup((ASN1_STRING *)a)
+# define M_ASN1_UTCTIME_dup(a) (ASN1_UTCTIME *)\
+ ASN1_STRING_dup((const ASN1_STRING *)a)
# define M_ASN1_GENERALIZEDTIME_new() (ASN1_GENERALIZEDTIME *)\
ASN1_STRING_type_new(V_ASN1_GENERALIZEDTIME)
# define M_ASN1_GENERALIZEDTIME_free(a) ASN1_STRING_free((ASN1_STRING *)a)
# define M_ASN1_GENERALIZEDTIME_dup(a) (ASN1_GENERALIZEDTIME *)ASN1_STRING_dup(\
- (ASN1_STRING *)a)
+ (const ASN1_STRING *)a)
# define M_ASN1_TIME_new() (ASN1_TIME *)\
ASN1_STRING_type_new(V_ASN1_UTCTIME)
# define M_ASN1_TIME_free(a) ASN1_STRING_free((ASN1_STRING *)a)
-# define M_ASN1_TIME_dup(a) (ASN1_TIME *)ASN1_STRING_dup((ASN1_STRING *)a)
+# define M_ASN1_TIME_dup(a) (ASN1_TIME *)\
+ ASN1_STRING_dup((const ASN1_STRING *)a)
# define M_ASN1_GENERALSTRING_new() (ASN1_GENERALSTRING *)\
ASN1_STRING_type_new(V_ASN1_GENERALSTRING)
@@ -786,9 +795,11 @@
ASN1_STRING *ASN1_STRING_new(void);
void ASN1_STRING_free(ASN1_STRING *a);
-ASN1_STRING *ASN1_STRING_dup(ASN1_STRING *a);
+void ASN1_STRING_clear_free(ASN1_STRING *a);
+int ASN1_STRING_copy(ASN1_STRING *dst, const ASN1_STRING *str);
+ASN1_STRING *ASN1_STRING_dup(const ASN1_STRING *a);
ASN1_STRING *ASN1_STRING_type_new(int type);
-int ASN1_STRING_cmp(ASN1_STRING *a, ASN1_STRING *b);
+int ASN1_STRING_cmp(const ASN1_STRING *a, const ASN1_STRING *b);
/*
* Since this is used to store all sorts of things, via macros, for now,
* make its data void *
@@ -795,7 +806,7 @@
*/
int ASN1_STRING_set(ASN1_STRING *str, const void *data, int len);
void ASN1_STRING_set0(ASN1_STRING *str, void *data, int len);
-int ASN1_STRING_length(ASN1_STRING *x);
+int ASN1_STRING_length(const ASN1_STRING *x);
void ASN1_STRING_length_set(ASN1_STRING *x, int n);
int ASN1_STRING_type(ASN1_STRING *x);
unsigned char *ASN1_STRING_data(ASN1_STRING *x);
@@ -807,6 +818,8 @@
int ASN1_BIT_STRING_set(ASN1_BIT_STRING *a, unsigned char *d, int length);
int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value);
int ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, int n);
+int ASN1_BIT_STRING_check(ASN1_BIT_STRING *a,
+ unsigned char *flags, int flags_len);
# ifndef OPENSSL_NO_BIO
int ASN1_BIT_STRING_name_print(BIO *out, ASN1_BIT_STRING *bs,
@@ -825,13 +838,15 @@
long length);
ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp,
long length);
-ASN1_INTEGER *ASN1_INTEGER_dup(ASN1_INTEGER *x);
-int ASN1_INTEGER_cmp(ASN1_INTEGER *x, ASN1_INTEGER *y);
+ASN1_INTEGER *ASN1_INTEGER_dup(const ASN1_INTEGER *x);
+int ASN1_INTEGER_cmp(const ASN1_INTEGER *x, const ASN1_INTEGER *y);
DECLARE_ASN1_FUNCTIONS(ASN1_ENUMERATED)
int ASN1_UTCTIME_check(ASN1_UTCTIME *a);
ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t);
+ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
+ int offset_day, long offset_sec);
int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str);
int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t);
# if 0
@@ -841,11 +856,15 @@
int ASN1_GENERALIZEDTIME_check(ASN1_GENERALIZEDTIME *a);
ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,
time_t t);
+ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s,
+ time_t t, int offset_day,
+ long offset_sec);
int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, const char *str);
DECLARE_ASN1_FUNCTIONS(ASN1_OCTET_STRING)
-ASN1_OCTET_STRING *ASN1_OCTET_STRING_dup(ASN1_OCTET_STRING *a);
-int ASN1_OCTET_STRING_cmp(ASN1_OCTET_STRING *a, ASN1_OCTET_STRING *b);
+ASN1_OCTET_STRING *ASN1_OCTET_STRING_dup(const ASN1_OCTET_STRING *a);
+int ASN1_OCTET_STRING_cmp(const ASN1_OCTET_STRING *a,
+ const ASN1_OCTET_STRING *b);
int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *str, const unsigned char *data,
int len);
@@ -873,15 +892,20 @@
DECLARE_ASN1_ITEM(ASN1_OCTET_STRING_NDEF)
ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t);
+ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t,
+ int offset_day, long offset_sec);
int ASN1_TIME_check(ASN1_TIME *t);
ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZEDTIME
**out);
+int ASN1_TIME_set_string(ASN1_TIME *s, const char *str);
-int i2d_ASN1_SET(STACK * a, unsigned char **pp,
+int i2d_ASN1_SET(STACK_OF(OPENSSL_BLOCK) *a, unsigned char **pp,
i2d_of_void *i2d, int ex_tag, int ex_class, int is_set);
-STACK *d2i_ASN1_SET(STACK ** a, const unsigned char **pp, long length,
- d2i_of_void *d2i, void (*free_func) (void *),
- int ex_tag, int ex_class);
+STACK_OF(OPENSSL_BLOCK) *d2i_ASN1_SET(STACK_OF(OPENSSL_BLOCK) **a,
+ const unsigned char **pp,
+ long length, d2i_of_void *d2i,
+ void (*free_func) (OPENSSL_BLOCK),
+ int ex_tag, int ex_class);
# ifndef OPENSSL_NO_BIO
int i2a_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *a);
@@ -899,9 +923,9 @@
const char *sn, const char *ln);
int ASN1_INTEGER_set(ASN1_INTEGER *a, long v);
-long ASN1_INTEGER_get(ASN1_INTEGER *a);
-ASN1_INTEGER *BN_to_ASN1_INTEGER(BIGNUM *bn, ASN1_INTEGER *ai);
-BIGNUM *ASN1_INTEGER_to_BN(ASN1_INTEGER *ai, BIGNUM *bn);
+long ASN1_INTEGER_get(const ASN1_INTEGER *a);
+ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai);
+BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai, BIGNUM *bn);
int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v);
long ASN1_ENUMERATED_get(ASN1_ENUMERATED *a);
@@ -935,17 +959,17 @@
int ASN1_object_size(int constructed, int length, int tag);
/* Used to implement other functions */
-void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, char *x);
+void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, void *x);
# define ASN1_dup_of(type,i2d,d2i,x) \
((type*)ASN1_dup(CHECKED_I2D_OF(type, i2d), \
CHECKED_D2I_OF(type, d2i), \
- CHECKED_PTR_OF_TO_CHAR(type, x)))
+ CHECKED_PTR_OF(type, x)))
# define ASN1_dup_of_const(type,i2d,d2i,x) \
((type*)ASN1_dup(CHECKED_I2D_OF(const type, i2d), \
CHECKED_D2I_OF(type, d2i), \
- CHECKED_PTR_OF_TO_CHAR(const type, x)))
+ CHECKED_PTR_OF(const type, x)))
void *ASN1_item_dup(const ASN1_ITEM *it, void *x);
@@ -1006,11 +1030,13 @@
CHECKED_PTR_OF(const type, x)))
int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, void *x);
-int ASN1_UTCTIME_print(BIO *fp, ASN1_UTCTIME *a);
-int ASN1_GENERALIZEDTIME_print(BIO *fp, ASN1_GENERALIZEDTIME *a);
-int ASN1_TIME_print(BIO *fp, ASN1_TIME *a);
-int ASN1_STRING_print(BIO *bp, ASN1_STRING *v);
+int ASN1_UTCTIME_print(BIO *fp, const ASN1_UTCTIME *a);
+int ASN1_GENERALIZEDTIME_print(BIO *fp, const ASN1_GENERALIZEDTIME *a);
+int ASN1_TIME_print(BIO *fp, const ASN1_TIME *a);
+int ASN1_STRING_print(BIO *bp, const ASN1_STRING *v);
int ASN1_STRING_print_ex(BIO *out, ASN1_STRING *str, unsigned long flags);
+int ASN1_bn_print(BIO *bp, const char *number, const BIGNUM *num,
+ unsigned char *buf, int off);
int ASN1_parse(BIO *bp, const unsigned char *pp, long len, int indent);
int ASN1_parse_dump(BIO *bp, const unsigned char *pp, long len, int indent,
int dump);
@@ -1017,21 +1043,12 @@
# endif
const char *ASN1_tag2str(int tag);
-/* Used to load and write netscape format cert/key */
-int i2d_ASN1_HEADER(ASN1_HEADER * a, unsigned char **pp);
-ASN1_HEADER *d2i_ASN1_HEADER(ASN1_HEADER ** a, const unsigned char **pp,
- long length);
-ASN1_HEADER *ASN1_HEADER_new(void);
-void ASN1_HEADER_free(ASN1_HEADER * a);
+/* Used to load and write netscape format cert */
+DECLARE_ASN1_FUNCTIONS(NETSCAPE_X509)
+
int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s);
-/* Not used that much at this point, except for the first two */
-ASN1_METHOD *X509_asn1_meth(void);
-ASN1_METHOD *RSAPrivateKey_asn1_meth(void);
-ASN1_METHOD *ASN1_IA5STRING_asn1_meth(void);
-ASN1_METHOD *ASN1_BIT_STRING_asn1_meth(void);
-
int ASN1_TYPE_set_octetstring(ASN1_TYPE *a, unsigned char *data, int len);
int ASN1_TYPE_get_octetstring(ASN1_TYPE *a, unsigned char *data, int max_len);
int ASN1_TYPE_set_int_octetstring(ASN1_TYPE *a, long num,
@@ -1039,9 +1056,10 @@
int ASN1_TYPE_get_int_octetstring(ASN1_TYPE *a, long *num,
unsigned char *data, int max_len);
-STACK *ASN1_seq_unpack(const unsigned char *buf, int len,
- d2i_of_void *d2i, void (*free_func) (void *));
-unsigned char *ASN1_seq_pack(STACK * safes, i2d_of_void *i2d,
+STACK_OF(OPENSSL_BLOCK) *ASN1_seq_unpack(const unsigned char *buf, int len,
+ d2i_of_void *d2i,
+ void (*free_func) (OPENSSL_BLOCK));
+unsigned char *ASN1_seq_pack(STACK_OF(OPENSSL_BLOCK) *safes, i2d_of_void *i2d,
unsigned char **buf, int *len);
void *ASN1_unpack_string(ASN1_STRING *oct, d2i_of_void *d2i);
void *ASN1_item_unpack(ASN1_STRING *oct, const ASN1_ITEM *it);
@@ -1088,14 +1106,56 @@
ASN1_TYPE *ASN1_generate_nconf(char *str, CONF *nconf);
ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf);
-typedef int asn1_output_data_fn(BIO *out, BIO *data, ASN1_VALUE *val,
- int flags, const ASN1_ITEM *it);
+/* ASN1 Print flags */
-int int_smime_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags,
- int ctype_nid, int econt_nid,
- STACK_OF(X509_ALGOR) *mdalgs,
- asn1_output_data_fn * data_fn, const ASN1_ITEM *it);
+/* Indicate missing OPTIONAL fields */
+# define ASN1_PCTX_FLAGS_SHOW_ABSENT 0x001
+/* Mark start and end of SEQUENCE */
+# define ASN1_PCTX_FLAGS_SHOW_SEQUENCE 0x002
+/* Mark start and end of SEQUENCE/SET OF */
+# define ASN1_PCTX_FLAGS_SHOW_SSOF 0x004
+/* Show the ASN1 type of primitives */
+# define ASN1_PCTX_FLAGS_SHOW_TYPE 0x008
+/* Don't show ASN1 type of ANY */
+# define ASN1_PCTX_FLAGS_NO_ANY_TYPE 0x010
+/* Don't show ASN1 type of MSTRINGs */
+# define ASN1_PCTX_FLAGS_NO_MSTRING_TYPE 0x020
+/* Don't show field names in SEQUENCE */
+# define ASN1_PCTX_FLAGS_NO_FIELD_NAME 0x040
+/* Show structure names of each SEQUENCE field */
+# define ASN1_PCTX_FLAGS_SHOW_FIELD_STRUCT_NAME 0x080
+/* Don't show structure name even at top level */
+# define ASN1_PCTX_FLAGS_NO_STRUCT_NAME 0x100
+
+int ASN1_item_print(BIO *out, ASN1_VALUE *ifld, int indent,
+ const ASN1_ITEM *it, const ASN1_PCTX *pctx);
+ASN1_PCTX *ASN1_PCTX_new(void);
+void ASN1_PCTX_free(ASN1_PCTX *p);
+unsigned long ASN1_PCTX_get_flags(ASN1_PCTX *p);
+void ASN1_PCTX_set_flags(ASN1_PCTX *p, unsigned long flags);
+unsigned long ASN1_PCTX_get_nm_flags(ASN1_PCTX *p);
+void ASN1_PCTX_set_nm_flags(ASN1_PCTX *p, unsigned long flags);
+unsigned long ASN1_PCTX_get_cert_flags(ASN1_PCTX *p);
+void ASN1_PCTX_set_cert_flags(ASN1_PCTX *p, unsigned long flags);
+unsigned long ASN1_PCTX_get_oid_flags(ASN1_PCTX *p);
+void ASN1_PCTX_set_oid_flags(ASN1_PCTX *p, unsigned long flags);
+unsigned long ASN1_PCTX_get_str_flags(ASN1_PCTX *p);
+void ASN1_PCTX_set_str_flags(ASN1_PCTX *p, unsigned long flags);
+
+BIO_METHOD *BIO_f_asn1(void);
+
+BIO *BIO_new_NDEF(BIO *out, ASN1_VALUE *val, const ASN1_ITEM *it);
+
+int i2d_ASN1_bio_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
+ const ASN1_ITEM *it);
+int PEM_write_bio_ASN1_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
+ const char *hdr, const ASN1_ITEM *it);
+int SMIME_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags,
+ int ctype_nid, int econt_nid,
+ STACK_OF(X509_ALGOR) *mdalgs, const ASN1_ITEM *it);
ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it);
+int SMIME_crlf_copy(BIO *in, BIO *out, int flags);
+int SMIME_text(BIO *in, BIO *out);
/* BEGIN ERROR CODES */
/*
@@ -1127,6 +1187,7 @@
# define ASN1_F_ASN1_ENUMERATED_TO_BN 113
# define ASN1_F_ASN1_EX_C2I 204
# define ASN1_F_ASN1_FIND_END 190
+# define ASN1_F_ASN1_GENERALIZEDTIME_ADJ 216
# define ASN1_F_ASN1_GENERALIZEDTIME_SET 185
# define ASN1_F_ASN1_GENERATE_V3 178
# define ASN1_F_ASN1_GET_OBJECT 114
@@ -1143,11 +1204,12 @@
# define ASN1_F_ASN1_ITEM_I2D_FP 193
# define ASN1_F_ASN1_ITEM_PACK 198
# define ASN1_F_ASN1_ITEM_SIGN 195
+# define ASN1_F_ASN1_ITEM_SIGN_CTX 220
# define ASN1_F_ASN1_ITEM_UNPACK 199
# define ASN1_F_ASN1_ITEM_VERIFY 197
# define ASN1_F_ASN1_MBSTRING_NCOPY 122
# define ASN1_F_ASN1_OBJECT_NEW 123
-# define ASN1_F_ASN1_OUTPUT_DATA 207
+# define ASN1_F_ASN1_OUTPUT_DATA 214
# define ASN1_F_ASN1_PACK_STRING 124
# define ASN1_F_ASN1_PCTX_NEW 205
# define ASN1_F_ASN1_PKCS5_PBE_SET 125
@@ -1161,14 +1223,17 @@
# define ASN1_F_ASN1_TEMPLATE_EX_D2I 132
# define ASN1_F_ASN1_TEMPLATE_NEW 133
# define ASN1_F_ASN1_TEMPLATE_NOEXP_D2I 131
+# define ASN1_F_ASN1_TIME_ADJ 217
# define ASN1_F_ASN1_TIME_SET 175
# define ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING 134
# define ASN1_F_ASN1_TYPE_GET_OCTETSTRING 135
# define ASN1_F_ASN1_UNPACK_STRING 136
+# define ASN1_F_ASN1_UTCTIME_ADJ 218
# define ASN1_F_ASN1_UTCTIME_SET 187
# define ASN1_F_ASN1_VERIFY 137
-# define ASN1_F_B64_READ_ASN1 208
-# define ASN1_F_B64_WRITE_ASN1 209
+# define ASN1_F_B64_READ_ASN1 209
+# define ASN1_F_B64_WRITE_ASN1 210
+# define ASN1_F_BIO_NEW_NDEF 208
# define ASN1_F_BITSTR_CB 180
# define ASN1_F_BN_TO_ASN1_ENUMERATED 138
# define ASN1_F_BN_TO_ASN1_INTEGER 139
@@ -1187,6 +1252,7 @@
# define ASN1_F_D2I_ASN1_TYPE_BYTES 149
# define ASN1_F_D2I_ASN1_UINTEGER 150
# define ASN1_F_D2I_ASN1_UTCTIME 151
+# define ASN1_F_D2I_AUTOPRIVATEKEY 207
# define ASN1_F_D2I_NETSCAPE_RSA 152
# define ASN1_F_D2I_NETSCAPE_RSA_2 153
# define ASN1_F_D2I_PRIVATEKEY 154
@@ -1196,6 +1262,7 @@
# define ASN1_F_D2I_X509 156
# define ASN1_F_D2I_X509_CINF 157
# define ASN1_F_D2I_X509_PKEY 159
+# define ASN1_F_I2D_ASN1_BIO_STREAM 211
# define ASN1_F_I2D_ASN1_SET 188
# define ASN1_F_I2D_ASN1_TIME 160
# define ASN1_F_I2D_DSA_PUBKEY 161
@@ -1207,10 +1274,12 @@
# define ASN1_F_LONG_C2I 166
# define ASN1_F_OID_MODULE_INIT 174
# define ASN1_F_PARSE_TAGGING 182
-# define ASN1_F_PKCS5_PBE2_SET 167
+# define ASN1_F_PKCS5_PBE2_SET_IV 167
# define ASN1_F_PKCS5_PBE_SET 202
-# define ASN1_F_SMIME_READ_ASN1 210
-# define ASN1_F_SMIME_TEXT 211
+# define ASN1_F_PKCS5_PBE_SET0_ALGOR 215
+# define ASN1_F_PKCS5_PBKDF2_SET 219
+# define ASN1_F_SMIME_READ_ASN1 212
+# define ASN1_F_SMIME_TEXT 213
# define ASN1_F_X509_CINF_NEW 168
# define ASN1_F_X509_CRL_ADD0_REVOKED 169
# define ASN1_F_X509_INFO_NEW 170
@@ -1222,22 +1291,24 @@
/* Reason codes. */
# define ASN1_R_ADDING_OBJECT 171
-# define ASN1_R_ASN1_PARSE_ERROR 198
-# define ASN1_R_ASN1_SIG_PARSE_ERROR 199
+# define ASN1_R_ASN1_PARSE_ERROR 203
+# define ASN1_R_ASN1_SIG_PARSE_ERROR 204
# define ASN1_R_AUX_ERROR 100
# define ASN1_R_BAD_CLASS 101
# define ASN1_R_BAD_OBJECT_HEADER 102
# define ASN1_R_BAD_PASSWORD_READ 103
# define ASN1_R_BAD_TAG 104
-# define ASN1_R_BMPSTRING_IS_WRONG_LENGTH 210
+# define ASN1_R_BMPSTRING_IS_WRONG_LENGTH 214
# define ASN1_R_BN_LIB 105
# define ASN1_R_BOOLEAN_IS_WRONG_LENGTH 106
# define ASN1_R_BUFFER_TOO_SMALL 107
# define ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER 108
+# define ASN1_R_CONTEXT_NOT_INITIALISED 217
# define ASN1_R_DATA_IS_WRONG 109
# define ASN1_R_DECODE_ERROR 110
# define ASN1_R_DECODING_ERROR 111
# define ASN1_R_DEPTH_EXCEEDED 174
+# define ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED 198
# define ASN1_R_ENCODE_ERROR 112
# define ASN1_R_ERROR_GETTING_TIME 173
# define ASN1_R_ERROR_LOADING_SECTION 172
@@ -1272,10 +1343,10 @@
# define ASN1_R_INVALID_BIT_STRING_BITS_LEFT 220
# define ASN1_R_INVALID_BMPSTRING_LENGTH 129
# define ASN1_R_INVALID_DIGIT 130
-# define ASN1_R_INVALID_MIME_TYPE 200
+# define ASN1_R_INVALID_MIME_TYPE 205
# define ASN1_R_INVALID_MODIFIER 186
# define ASN1_R_INVALID_NUMBER 187
-# define ASN1_R_INVALID_OBJECT_ENCODING 212
+# define ASN1_R_INVALID_OBJECT_ENCODING 216
# define ASN1_R_INVALID_SEPARATOR 131
# define ASN1_R_INVALID_TIME_FORMAT 132
# define ASN1_R_INVALID_UNIVERSALSTRING_LENGTH 133
@@ -1283,9 +1354,9 @@
# define ASN1_R_IV_TOO_LARGE 135
# define ASN1_R_LENGTH_ERROR 136
# define ASN1_R_LIST_ERROR 188
-# define ASN1_R_MIME_NO_CONTENT_TYPE 201
-# define ASN1_R_MIME_PARSE_ERROR 202
-# define ASN1_R_MIME_SIG_PARSE_ERROR 203
+# define ASN1_R_MIME_NO_CONTENT_TYPE 206
+# define ASN1_R_MIME_PARSE_ERROR 207
+# define ASN1_R_MIME_SIG_PARSE_ERROR 208
# define ASN1_R_MISSING_EOC 137
# define ASN1_R_MISSING_SECOND_NUMBER 138
# define ASN1_R_MISSING_VALUE 189
@@ -1295,11 +1366,12 @@
# define ASN1_R_NON_HEX_CHARACTERS 141
# define ASN1_R_NOT_ASCII_FORMAT 190
# define ASN1_R_NOT_ENOUGH_DATA 142
-# define ASN1_R_NO_CONTENT_TYPE 204
+# define ASN1_R_NO_CONTENT_TYPE 209
+# define ASN1_R_NO_DEFAULT_DIGEST 201
# define ASN1_R_NO_MATCHING_CHOICE_TYPE 143
-# define ASN1_R_NO_MULTIPART_BODY_FAILURE 205
-# define ASN1_R_NO_MULTIPART_BOUNDARY 206
-# define ASN1_R_NO_SIG_CONTENT_TYPE 207
+# define ASN1_R_NO_MULTIPART_BODY_FAILURE 210
+# define ASN1_R_NO_MULTIPART_BOUNDARY 211
+# define ASN1_R_NO_SIG_CONTENT_TYPE 212
# define ASN1_R_NULL_IS_WRONG_LENGTH 144
# define ASN1_R_OBJECT_NOT_ASCII_FORMAT 191
# define ASN1_R_ODD_NUMBER_OF_CHARS 145
@@ -1309,8 +1381,8 @@
# define ASN1_R_SEQUENCE_NOT_CONSTRUCTED 149
# define ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG 192
# define ASN1_R_SHORT_LINE 150
-# define ASN1_R_SIG_INVALID_MIME_TYPE 208
-# define ASN1_R_STREAMING_NOT_SUPPORTED 209
+# define ASN1_R_SIG_INVALID_MIME_TYPE 213
+# define ASN1_R_STREAMING_NOT_SUPPORTED 202
# define ASN1_R_STRING_TOO_LONG 151
# define ASN1_R_STRING_TOO_SHORT 152
# define ASN1_R_TAG_VALUE_TOO_HIGH 153
@@ -1322,11 +1394,12 @@
# define ASN1_R_UNABLE_TO_DECODE_RSA_KEY 157
# define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY 158
# define ASN1_R_UNEXPECTED_EOC 159
-# define ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH 211
+# define ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH 215
# define ASN1_R_UNKNOWN_FORMAT 160
# define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM 161
# define ASN1_R_UNKNOWN_OBJECT_TYPE 162
# define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE 163
+# define ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM 199
# define ASN1_R_UNKNOWN_TAG 194
# define ASN1_R_UNKOWN_FORMAT 195
# define ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE 164
@@ -1334,6 +1407,7 @@
# define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM 166
# define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE 167
# define ASN1_R_UNSUPPORTED_TYPE 196
+# define ASN1_R_WRONG_PUBLIC_KEY_TYPE 200
# define ASN1_R_WRONG_TAG 168
# define ASN1_R_WRONG_TYPE 169
Modified: trunk/crypto/openssl/crypto/asn1/asn1_err.c
===================================================================
--- trunk/crypto/openssl/crypto/asn1/asn1_err.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/asn1/asn1_err.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -90,10 +90,11 @@
{ERR_FUNC(ASN1_F_ASN1_ENUMERATED_TO_BN), "ASN1_ENUMERATED_to_BN"},
{ERR_FUNC(ASN1_F_ASN1_EX_C2I), "ASN1_EX_C2I"},
{ERR_FUNC(ASN1_F_ASN1_FIND_END), "ASN1_FIND_END"},
+ {ERR_FUNC(ASN1_F_ASN1_GENERALIZEDTIME_ADJ), "ASN1_GENERALIZEDTIME_adj"},
{ERR_FUNC(ASN1_F_ASN1_GENERALIZEDTIME_SET), "ASN1_GENERALIZEDTIME_set"},
{ERR_FUNC(ASN1_F_ASN1_GENERATE_V3), "ASN1_generate_v3"},
{ERR_FUNC(ASN1_F_ASN1_GET_OBJECT), "ASN1_get_object"},
- {ERR_FUNC(ASN1_F_ASN1_HEADER_NEW), "ASN1_HEADER_new"},
+ {ERR_FUNC(ASN1_F_ASN1_HEADER_NEW), "ASN1_HEADER_NEW"},
{ERR_FUNC(ASN1_F_ASN1_I2D_BIO), "ASN1_i2d_bio"},
{ERR_FUNC(ASN1_F_ASN1_I2D_FP), "ASN1_i2d_fp"},
{ERR_FUNC(ASN1_F_ASN1_INTEGER_SET), "ASN1_INTEGER_set"},
@@ -106,6 +107,7 @@
{ERR_FUNC(ASN1_F_ASN1_ITEM_I2D_FP), "ASN1_item_i2d_fp"},
{ERR_FUNC(ASN1_F_ASN1_ITEM_PACK), "ASN1_item_pack"},
{ERR_FUNC(ASN1_F_ASN1_ITEM_SIGN), "ASN1_item_sign"},
+ {ERR_FUNC(ASN1_F_ASN1_ITEM_SIGN_CTX), "ASN1_item_sign_ctx"},
{ERR_FUNC(ASN1_F_ASN1_ITEM_UNPACK), "ASN1_item_unpack"},
{ERR_FUNC(ASN1_F_ASN1_ITEM_VERIFY), "ASN1_item_verify"},
{ERR_FUNC(ASN1_F_ASN1_MBSTRING_NCOPY), "ASN1_mbstring_ncopy"},
@@ -112,7 +114,7 @@
{ERR_FUNC(ASN1_F_ASN1_OBJECT_NEW), "ASN1_OBJECT_new"},
{ERR_FUNC(ASN1_F_ASN1_OUTPUT_DATA), "ASN1_OUTPUT_DATA"},
{ERR_FUNC(ASN1_F_ASN1_PACK_STRING), "ASN1_pack_string"},
- {ERR_FUNC(ASN1_F_ASN1_PCTX_NEW), "ASN1_PCTX_NEW"},
+ {ERR_FUNC(ASN1_F_ASN1_PCTX_NEW), "ASN1_PCTX_new"},
{ERR_FUNC(ASN1_F_ASN1_PKCS5_PBE_SET), "ASN1_PKCS5_PBE_SET"},
{ERR_FUNC(ASN1_F_ASN1_SEQ_PACK), "ASN1_seq_pack"},
{ERR_FUNC(ASN1_F_ASN1_SEQ_UNPACK), "ASN1_seq_unpack"},
@@ -124,15 +126,18 @@
{ERR_FUNC(ASN1_F_ASN1_TEMPLATE_EX_D2I), "ASN1_TEMPLATE_EX_D2I"},
{ERR_FUNC(ASN1_F_ASN1_TEMPLATE_NEW), "ASN1_TEMPLATE_NEW"},
{ERR_FUNC(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I), "ASN1_TEMPLATE_NOEXP_D2I"},
+ {ERR_FUNC(ASN1_F_ASN1_TIME_ADJ), "ASN1_TIME_adj"},
{ERR_FUNC(ASN1_F_ASN1_TIME_SET), "ASN1_TIME_set"},
{ERR_FUNC(ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING),
"ASN1_TYPE_get_int_octetstring"},
{ERR_FUNC(ASN1_F_ASN1_TYPE_GET_OCTETSTRING), "ASN1_TYPE_get_octetstring"},
{ERR_FUNC(ASN1_F_ASN1_UNPACK_STRING), "ASN1_unpack_string"},
+ {ERR_FUNC(ASN1_F_ASN1_UTCTIME_ADJ), "ASN1_UTCTIME_adj"},
{ERR_FUNC(ASN1_F_ASN1_UTCTIME_SET), "ASN1_UTCTIME_set"},
{ERR_FUNC(ASN1_F_ASN1_VERIFY), "ASN1_verify"},
{ERR_FUNC(ASN1_F_B64_READ_ASN1), "B64_READ_ASN1"},
{ERR_FUNC(ASN1_F_B64_WRITE_ASN1), "B64_WRITE_ASN1"},
+ {ERR_FUNC(ASN1_F_BIO_NEW_NDEF), "BIO_new_NDEF"},
{ERR_FUNC(ASN1_F_BITSTR_CB), "BITSTR_CB"},
{ERR_FUNC(ASN1_F_BN_TO_ASN1_ENUMERATED), "BN_to_ASN1_ENUMERATED"},
{ERR_FUNC(ASN1_F_BN_TO_ASN1_INTEGER), "BN_to_ASN1_INTEGER"},
@@ -144,7 +149,7 @@
{ERR_FUNC(ASN1_F_D2I_ASN1_BOOLEAN), "d2i_ASN1_BOOLEAN"},
{ERR_FUNC(ASN1_F_D2I_ASN1_BYTES), "d2i_ASN1_bytes"},
{ERR_FUNC(ASN1_F_D2I_ASN1_GENERALIZEDTIME), "D2I_ASN1_GENERALIZEDTIME"},
- {ERR_FUNC(ASN1_F_D2I_ASN1_HEADER), "d2i_ASN1_HEADER"},
+ {ERR_FUNC(ASN1_F_D2I_ASN1_HEADER), "D2I_ASN1_HEADER"},
{ERR_FUNC(ASN1_F_D2I_ASN1_INTEGER), "D2I_ASN1_INTEGER"},
{ERR_FUNC(ASN1_F_D2I_ASN1_OBJECT), "d2i_ASN1_OBJECT"},
{ERR_FUNC(ASN1_F_D2I_ASN1_SET), "d2i_ASN1_SET"},
@@ -151,6 +156,7 @@
{ERR_FUNC(ASN1_F_D2I_ASN1_TYPE_BYTES), "d2i_ASN1_type_bytes"},
{ERR_FUNC(ASN1_F_D2I_ASN1_UINTEGER), "d2i_ASN1_UINTEGER"},
{ERR_FUNC(ASN1_F_D2I_ASN1_UTCTIME), "D2I_ASN1_UTCTIME"},
+ {ERR_FUNC(ASN1_F_D2I_AUTOPRIVATEKEY), "d2i_AutoPrivateKey"},
{ERR_FUNC(ASN1_F_D2I_NETSCAPE_RSA), "d2i_Netscape_RSA"},
{ERR_FUNC(ASN1_F_D2I_NETSCAPE_RSA_2), "D2I_NETSCAPE_RSA_2"},
{ERR_FUNC(ASN1_F_D2I_PRIVATEKEY), "d2i_PrivateKey"},
@@ -160,6 +166,7 @@
{ERR_FUNC(ASN1_F_D2I_X509), "D2I_X509"},
{ERR_FUNC(ASN1_F_D2I_X509_CINF), "D2I_X509_CINF"},
{ERR_FUNC(ASN1_F_D2I_X509_PKEY), "d2i_X509_PKEY"},
+ {ERR_FUNC(ASN1_F_I2D_ASN1_BIO_STREAM), "i2d_ASN1_bio_stream"},
{ERR_FUNC(ASN1_F_I2D_ASN1_SET), "i2d_ASN1_SET"},
{ERR_FUNC(ASN1_F_I2D_ASN1_TIME), "I2D_ASN1_TIME"},
{ERR_FUNC(ASN1_F_I2D_DSA_PUBKEY), "i2d_DSA_PUBKEY"},
@@ -171,8 +178,10 @@
{ERR_FUNC(ASN1_F_LONG_C2I), "LONG_C2I"},
{ERR_FUNC(ASN1_F_OID_MODULE_INIT), "OID_MODULE_INIT"},
{ERR_FUNC(ASN1_F_PARSE_TAGGING), "PARSE_TAGGING"},
- {ERR_FUNC(ASN1_F_PKCS5_PBE2_SET), "PKCS5_pbe2_set"},
+ {ERR_FUNC(ASN1_F_PKCS5_PBE2_SET_IV), "PKCS5_pbe2_set_iv"},
{ERR_FUNC(ASN1_F_PKCS5_PBE_SET), "PKCS5_pbe_set"},
+ {ERR_FUNC(ASN1_F_PKCS5_PBE_SET0_ALGOR), "PKCS5_pbe_set0_algor"},
+ {ERR_FUNC(ASN1_F_PKCS5_PBKDF2_SET), "PKCS5_pbkdf2_set"},
{ERR_FUNC(ASN1_F_SMIME_READ_ASN1), "SMIME_read_ASN1"},
{ERR_FUNC(ASN1_F_SMIME_TEXT), "SMIME_text"},
{ERR_FUNC(ASN1_F_X509_CINF_NEW), "X509_CINF_NEW"},
@@ -202,10 +211,13 @@
{ERR_REASON(ASN1_R_BUFFER_TOO_SMALL), "buffer too small"},
{ERR_REASON(ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER),
"cipher has no object identifier"},
+ {ERR_REASON(ASN1_R_CONTEXT_NOT_INITIALISED), "context not initialised"},
{ERR_REASON(ASN1_R_DATA_IS_WRONG), "data is wrong"},
{ERR_REASON(ASN1_R_DECODE_ERROR), "decode error"},
{ERR_REASON(ASN1_R_DECODING_ERROR), "decoding error"},
{ERR_REASON(ASN1_R_DEPTH_EXCEEDED), "depth exceeded"},
+ {ERR_REASON(ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED),
+ "digest and key type not supported"},
{ERR_REASON(ASN1_R_ENCODE_ERROR), "encode error"},
{ERR_REASON(ASN1_R_ERROR_GETTING_TIME), "error getting time"},
{ERR_REASON(ASN1_R_ERROR_LOADING_SECTION), "error loading section"},
@@ -271,6 +283,7 @@
{ERR_REASON(ASN1_R_NOT_ASCII_FORMAT), "not ascii format"},
{ERR_REASON(ASN1_R_NOT_ENOUGH_DATA), "not enough data"},
{ERR_REASON(ASN1_R_NO_CONTENT_TYPE), "no content type"},
+ {ERR_REASON(ASN1_R_NO_DEFAULT_DIGEST), "no default digest"},
{ERR_REASON(ASN1_R_NO_MATCHING_CHOICE_TYPE), "no matching choice type"},
{ERR_REASON(ASN1_R_NO_MULTIPART_BODY_FAILURE),
"no multipart body failure"},
@@ -309,8 +322,10 @@
"unknown message digest algorithm"},
{ERR_REASON(ASN1_R_UNKNOWN_OBJECT_TYPE), "unknown object type"},
{ERR_REASON(ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE), "unknown public key type"},
+ {ERR_REASON(ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM),
+ "unknown signature algorithm"},
{ERR_REASON(ASN1_R_UNKNOWN_TAG), "unknown tag"},
- {ERR_REASON(ASN1_R_UNKOWN_FORMAT), "unkown format"},
+ {ERR_REASON(ASN1_R_UNKOWN_FORMAT), "unknown format"},
{ERR_REASON(ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE),
"unsupported any defined by type"},
{ERR_REASON(ASN1_R_UNSUPPORTED_CIPHER), "unsupported cipher"},
@@ -319,6 +334,7 @@
{ERR_REASON(ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE),
"unsupported public key type"},
{ERR_REASON(ASN1_R_UNSUPPORTED_TYPE), "unsupported type"},
+ {ERR_REASON(ASN1_R_WRONG_PUBLIC_KEY_TYPE), "wrong public key type"},
{ERR_REASON(ASN1_R_WRONG_TAG), "wrong tag"},
{ERR_REASON(ASN1_R_WRONG_TYPE), "wrong type"},
{0, NULL}
Modified: trunk/crypto/openssl/crypto/asn1/asn1_gen.c
===================================================================
--- trunk/crypto/openssl/crypto/asn1/asn1_gen.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/asn1/asn1_gen.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -74,6 +74,8 @@
#define ASN1_GEN_STR(str,val) {str, sizeof(str) - 1, val}
#define ASN1_FLAG_EXP_MAX 20
+/* Maximum number of nested sequences */
+#define ASN1_GEN_SEQ_MAX_DEPTH 50
/* Input formats */
@@ -110,6 +112,8 @@
int exp_count;
} tag_exp_arg;
+static ASN1_TYPE *generate_v3(char *str, X509V3_CTX *cnf, int depth,
+ int *perr);
static int bitstr_cb(const char *elem, int len, void *bitstr);
static int asn1_cb(const char *elem, int len, void *bitstr);
static int append_exp(tag_exp_arg *arg, int exp_tag, int exp_class,
@@ -116,7 +120,8 @@
int exp_constructed, int exp_pad, int imp_ok);
static int parse_tagging(const char *vstart, int vlen, int *ptag,
int *pclass);
-static ASN1_TYPE *asn1_multi(int utype, const char *section, X509V3_CTX *cnf);
+static ASN1_TYPE *asn1_multi(int utype, const char *section, X509V3_CTX *cnf,
+ int depth, int *perr);
static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype);
static int asn1_str2tag(const char *tagstr, int len);
@@ -133,6 +138,16 @@
ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf)
{
+ int err = 0;
+ ASN1_TYPE *ret = generate_v3(str, cnf, 0, &err);
+ if (err)
+ ASN1err(ASN1_F_ASN1_GENERATE_V3, err);
+ return ret;
+}
+
+static ASN1_TYPE *generate_v3(char *str, X509V3_CTX *cnf, int depth,
+ int *perr)
+{
ASN1_TYPE *ret;
tag_exp_arg asn1_tags;
tag_exp_type *etmp;
@@ -152,17 +167,22 @@
asn1_tags.imp_class = -1;
asn1_tags.format = ASN1_GEN_FORMAT_ASCII;
asn1_tags.exp_count = 0;
- if (CONF_parse_list(str, ',', 1, asn1_cb, &asn1_tags) != 0)
+ if (CONF_parse_list(str, ',', 1, asn1_cb, &asn1_tags) != 0) {
+ *perr = ASN1_R_UNKNOWN_TAG;
return NULL;
+ }
if ((asn1_tags.utype == V_ASN1_SEQUENCE)
|| (asn1_tags.utype == V_ASN1_SET)) {
if (!cnf) {
- ASN1err(ASN1_F_ASN1_GENERATE_V3,
- ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG);
+ *perr = ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG;
return NULL;
}
- ret = asn1_multi(asn1_tags.utype, asn1_tags.str, cnf);
+ if (depth >= ASN1_GEN_SEQ_MAX_DEPTH) {
+ *perr = ASN1_R_ILLEGAL_NESTED_TAGGING;
+ return NULL;
+ }
+ ret = asn1_multi(asn1_tags.utype, asn1_tags.str, cnf, depth, perr);
} else
ret = asn1_str2type(asn1_tags.str, asn1_tags.format, asn1_tags.utype);
@@ -242,9 +262,14 @@
/* If IMPLICIT, output tag */
- if (asn1_tags.imp_tag != -1)
+ if (asn1_tags.imp_tag != -1) {
+ if (asn1_tags.imp_class == V_ASN1_UNIVERSAL
+ && (asn1_tags.imp_tag == V_ASN1_SEQUENCE
+ || asn1_tags.imp_tag == V_ASN1_SET))
+ hdr_constructed = V_ASN1_CONSTRUCTED;
ASN1_put_object(&p, hdr_constructed, hdr_len,
asn1_tags.imp_tag, asn1_tags.imp_class);
+ }
/* Copy across original encoding */
memcpy(p, cpy_start, cpy_len);
@@ -274,6 +299,9 @@
int tmp_tag, tmp_class;
+ if (elem == NULL)
+ return -1;
+
for (i = 0, p = elem; i < len; p++, i++) {
/* Look for the ':' in name value pairs */
if (*p == ':') {
@@ -345,6 +373,10 @@
break;
case ASN1_GEN_FLAG_FORMAT:
+ if (!vstart) {
+ ASN1err(ASN1_F_ASN1_CB, ASN1_R_UNKNOWN_FORMAT);
+ return -1;
+ }
if (!strncmp(vstart, "ASCII", 5))
arg->format = ASN1_GEN_FORMAT_ASCII;
else if (!strncmp(vstart, "UTF8", 4))
@@ -351,7 +383,7 @@
arg->format = ASN1_GEN_FORMAT_UTF8;
else if (!strncmp(vstart, "HEX", 3))
arg->format = ASN1_GEN_FORMAT_HEX;
- else if (!strncmp(vstart, "BITLIST", 3))
+ else if (!strncmp(vstart, "BITLIST", 7))
arg->format = ASN1_GEN_FORMAT_BITLIST;
else {
ASN1err(ASN1_F_ASN1_CB, ASN1_R_UNKOWN_FORMAT);
@@ -423,14 +455,15 @@
/* Handle multiple types: SET and SEQUENCE */
-static ASN1_TYPE *asn1_multi(int utype, const char *section, X509V3_CTX *cnf)
+static ASN1_TYPE *asn1_multi(int utype, const char *section, X509V3_CTX *cnf,
+ int depth, int *perr)
{
- ASN1_TYPE *ret = NULL, *typ = NULL;
+ ASN1_TYPE *ret = NULL;
STACK_OF(ASN1_TYPE) *sk = NULL;
STACK_OF(CONF_VALUE) *sect = NULL;
- unsigned char *der = NULL, *p;
+ unsigned char *der = NULL;
int derlen;
- int i, is_set;
+ int i;
sk = sk_ASN1_TYPE_new_null();
if (!sk)
goto bad;
@@ -441,12 +474,13 @@
if (!sect)
goto bad;
for (i = 0; i < sk_CONF_VALUE_num(sect); i++) {
- typ = ASN1_generate_v3(sk_CONF_VALUE_value(sect, i)->value, cnf);
+ ASN1_TYPE *typ =
+ generate_v3(sk_CONF_VALUE_value(sect, i)->value, cnf,
+ depth + 1, perr);
if (!typ)
goto bad;
if (!sk_ASN1_TYPE_push(sk, typ))
goto bad;
- typ = NULL;
}
}
@@ -455,18 +489,12 @@
*/
if (utype == V_ASN1_SET)
- is_set = 1;
+ derlen = i2d_ASN1_SET_ANY(sk, &der);
else
- is_set = 0;
+ derlen = i2d_ASN1_SEQUENCE_ANY(sk, &der);
- derlen = i2d_ASN1_SET_OF_ASN1_TYPE(sk, NULL, i2d_ASN1_TYPE, utype,
- V_ASN1_UNIVERSAL, is_set);
- der = OPENSSL_malloc(derlen);
- if (!der)
+ if (derlen < 0)
goto bad;
- p = der;
- i2d_ASN1_SET_OF_ASN1_TYPE(sk, &p, i2d_ASN1_TYPE, utype,
- V_ASN1_UNIVERSAL, is_set);
if (!(ret = ASN1_TYPE_new()))
goto bad;
@@ -488,8 +516,6 @@
if (sk)
sk_ASN1_TYPE_pop_free(sk, ASN1_TYPE_free);
- if (typ)
- ASN1_TYPE_free(typ);
if (sect)
X509V3_section_free(cnf, sect);
@@ -535,7 +561,7 @@
static int asn1_str2tag(const char *tagstr, int len)
{
unsigned int i;
- static struct tag_name_st *tntmp, tnst[] = {
+ static const struct tag_name_st *tntmp, tnst[] = {
ASN1_GEN_STR("BOOL", V_ASN1_BOOLEAN),
ASN1_GEN_STR("BOOLEAN", V_ASN1_BOOLEAN),
ASN1_GEN_STR("NULL", V_ASN1_NULL),
@@ -570,6 +596,8 @@
ASN1_GEN_STR("TELETEXSTRING", V_ASN1_T61STRING),
ASN1_GEN_STR("GeneralString", V_ASN1_GENERALSTRING),
ASN1_GEN_STR("GENSTR", V_ASN1_GENERALSTRING),
+ ASN1_GEN_STR("NUMERIC", V_ASN1_NUMERICSTRING),
+ ASN1_GEN_STR("NUMERICSTRING", V_ASN1_NUMERICSTRING),
/* Special cases */
ASN1_GEN_STR("SEQUENCE", V_ASN1_SEQUENCE),
@@ -701,6 +729,7 @@
case V_ASN1_VISIBLESTRING:
case V_ASN1_UNIVERSALSTRING:
case V_ASN1_GENERALSTRING:
+ case V_ASN1_NUMERICSTRING:
if (format == ASN1_GEN_FORMAT_ASCII)
format = MBSTRING_ASC;
Modified: trunk/crypto/openssl/crypto/asn1/asn1_lib.c
===================================================================
--- trunk/crypto/openssl/crypto/asn1/asn1_lib.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/asn1/asn1_lib.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -333,20 +333,30 @@
return (1);
}
-ASN1_STRING *ASN1_STRING_dup(ASN1_STRING *str)
+int ASN1_STRING_copy(ASN1_STRING *dst, const ASN1_STRING *str)
{
+ if (str == NULL)
+ return 0;
+ dst->type = str->type;
+ if (!ASN1_STRING_set(dst, str->data, str->length))
+ return 0;
+ dst->flags = str->flags;
+ return 1;
+}
+
+ASN1_STRING *ASN1_STRING_dup(const ASN1_STRING *str)
+{
ASN1_STRING *ret;
-
- if (str == NULL)
- return (NULL);
- if ((ret = ASN1_STRING_type_new(str->type)) == NULL)
- return (NULL);
- if (!ASN1_STRING_set(ret, str->data, str->length)) {
+ if (!str)
+ return NULL;
+ ret = ASN1_STRING_new();
+ if (!ret)
+ return NULL;
+ if (!ASN1_STRING_copy(ret, str)) {
ASN1_STRING_free(ret);
- return (NULL);
+ return NULL;
}
- ret->flags = str->flags;
- return (ret);
+ return ret;
}
int ASN1_STRING_set(ASN1_STRING *str, const void *_data, int len)
@@ -415,13 +425,20 @@
{
if (a == NULL)
return;
- if (a->data != NULL)
+ if (a->data && !(a->flags & ASN1_STRING_FLAG_NDEF))
OPENSSL_free(a->data);
OPENSSL_free(a);
}
-int ASN1_STRING_cmp(ASN1_STRING *a, ASN1_STRING *b)
+void ASN1_STRING_clear_free(ASN1_STRING *a)
{
+ if (a && a->data && !(a->flags & ASN1_STRING_FLAG_NDEF))
+ OPENSSL_cleanse(a->data, a->length);
+ ASN1_STRING_free(a);
+}
+
+int ASN1_STRING_cmp(const ASN1_STRING *a, const ASN1_STRING *b)
+{
int i;
i = (a->length - b->length);
@@ -444,7 +461,7 @@
ERR_add_error_data(4, "address=", buf1, " offset=", buf2);
}
-int ASN1_STRING_length(ASN1_STRING *x)
+int ASN1_STRING_length(const ASN1_STRING *x)
{
return M_ASN1_STRING_length(x);
}
Copied: trunk/crypto/openssl/crypto/asn1/asn1_locl.h (from rev 7117, vendor-crypto/openssl/dist/crypto/asn1/asn1_locl.h)
===================================================================
--- trunk/crypto/openssl/crypto/asn1/asn1_locl.h (rev 0)
+++ trunk/crypto/openssl/crypto/asn1/asn1_locl.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,132 @@
+/* asn1t.h */
+/*
+ * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+ * 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+/* Internal ASN1 structures and functions: not for application use */
+
+/* ASN1 print context structure */
+
+struct asn1_pctx_st {
+ unsigned long flags;
+ unsigned long nm_flags;
+ unsigned long cert_flags;
+ unsigned long oid_flags;
+ unsigned long str_flags;
+} /* ASN1_PCTX */ ;
+
+/* ASN1 public key method structure */
+
+struct evp_pkey_asn1_method_st {
+ int pkey_id;
+ int pkey_base_id;
+ unsigned long pkey_flags;
+ char *pem_str;
+ char *info;
+ int (*pub_decode) (EVP_PKEY *pk, X509_PUBKEY *pub);
+ int (*pub_encode) (X509_PUBKEY *pub, const EVP_PKEY *pk);
+ int (*pub_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
+ int (*pub_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+ ASN1_PCTX *pctx);
+ int (*priv_decode) (EVP_PKEY *pk, PKCS8_PRIV_KEY_INFO *p8inf);
+ int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk);
+ int (*priv_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+ ASN1_PCTX *pctx);
+ int (*pkey_size) (const EVP_PKEY *pk);
+ int (*pkey_bits) (const EVP_PKEY *pk);
+ int (*param_decode) (EVP_PKEY *pkey,
+ const unsigned char **pder, int derlen);
+ int (*param_encode) (const EVP_PKEY *pkey, unsigned char **pder);
+ int (*param_missing) (const EVP_PKEY *pk);
+ int (*param_copy) (EVP_PKEY *to, const EVP_PKEY *from);
+ int (*param_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
+ int (*param_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+ ASN1_PCTX *pctx);
+ int (*sig_print) (BIO *out,
+ const X509_ALGOR *sigalg, const ASN1_STRING *sig,
+ int indent, ASN1_PCTX *pctx);
+ void (*pkey_free) (EVP_PKEY *pkey);
+ int (*pkey_ctrl) (EVP_PKEY *pkey, int op, long arg1, void *arg2);
+ /* Legacy functions for old PEM */
+ int (*old_priv_decode) (EVP_PKEY *pkey,
+ const unsigned char **pder, int derlen);
+ int (*old_priv_encode) (const EVP_PKEY *pkey, unsigned char **pder);
+ /* Custom ASN1 signature verification */
+ int (*item_verify) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+ X509_ALGOR *a, ASN1_BIT_STRING *sig, EVP_PKEY *pkey);
+ int (*item_sign) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+ X509_ALGOR *alg1, X509_ALGOR *alg2,
+ ASN1_BIT_STRING *sig);
+} /* EVP_PKEY_ASN1_METHOD */ ;
+
+/*
+ * Method to handle CRL access. In general a CRL could be very large (several
+ * Mb) and can consume large amounts of resources if stored in memory by
+ * multiple processes. This method allows general CRL operations to be
+ * redirected to more efficient callbacks: for example a CRL entry database.
+ */
+
+#define X509_CRL_METHOD_DYNAMIC 1
+
+struct x509_crl_method_st {
+ int flags;
+ int (*crl_init) (X509_CRL *crl);
+ int (*crl_free) (X509_CRL *crl);
+ int (*crl_lookup) (X509_CRL *crl, X509_REVOKED **ret,
+ ASN1_INTEGER *ser, X509_NAME *issuer);
+ int (*crl_verify) (X509_CRL *crl, EVP_PKEY *pk);
+};
Modified: trunk/crypto/openssl/crypto/asn1/asn1_mac.h
===================================================================
--- trunk/crypto/openssl/crypto/asn1/asn1_mac.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/asn1/asn1_mac.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -153,6 +153,13 @@
M_ASN1_D2I_get(b,func); \
}
+# define M_ASN1_D2I_get_int_opt(b,func,type) \
+ if ((c.slen != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) \
+ == (V_ASN1_UNIVERSAL|(type)))) \
+ { \
+ M_ASN1_D2I_get_int(b,func); \
+ }
+
# define M_ASN1_D2I_get_imp(b,func, type) \
M_ASN1_next=(_tmp& V_ASN1_CONSTRUCTED)|type; \
c.q=c.p; \
Modified: trunk/crypto/openssl/crypto/asn1/asn1_par.c
===================================================================
--- trunk/crypto/openssl/crypto/asn1/asn1_par.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/asn1/asn1_par.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -70,9 +70,8 @@
int indent)
{
static const char fmt[] = "%-18s";
- static const char fmt2[] = "%2d %-15s";
char str[128];
- const char *p, *p2 = NULL;
+ const char *p;
if (constructed & V_ASN1_CONSTRUCTED)
p = "cons: ";
@@ -94,13 +93,8 @@
else
p = ASN1_tag2str(tag);
- if (p2 != NULL) {
- if (BIO_printf(bp, fmt2, tag, p2) <= 0)
- goto err;
- } else {
- if (BIO_printf(bp, fmt, p) <= 0)
- goto err;
- }
+ if (BIO_printf(bp, fmt, p) <= 0)
+ goto err;
return (1);
err:
return (0);
@@ -343,7 +337,7 @@
goto end;
}
} else {
- if (BIO_write(bp, "BAD ENUMERATED", 11) <= 0)
+ if (BIO_write(bp, "BAD ENUMERATED", 14) <= 0)
goto end;
}
M_ASN1_ENUMERATED_free(bs);
@@ -383,7 +377,7 @@
const char *ASN1_tag2str(int tag)
{
- static const char *tag2str[] = {
+ static const char *const tag2str[] = {
/* 0-4 */
"EOC", "BOOLEAN", "INTEGER", "BIT STRING", "OCTET STRING",
/* 5-9 */
Modified: trunk/crypto/openssl/crypto/asn1/asn1t.h
===================================================================
--- trunk/crypto/openssl/crypto/asn1/asn1t.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/asn1/asn1t.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -4,7 +4,7 @@
* 2000.
*/
/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -215,6 +215,18 @@
#stname \
ASN1_ITEM_end(tname)
+# define ASN1_NDEF_SEQUENCE_END_cb(stname, tname) \
+ ;\
+ ASN1_ITEM_start(tname) \
+ ASN1_ITYPE_NDEF_SEQUENCE,\
+ V_ASN1_SEQUENCE,\
+ tname##_seq_tt,\
+ sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
+ &tname##_aux,\
+ sizeof(stname),\
+ #stname \
+ ASN1_ITEM_end(tname)
+
/*-
* This pair helps declare a CHOICE type. We can do:
*
@@ -652,11 +664,18 @@
typedef int ASN1_ex_new_func(ASN1_VALUE **pval, const ASN1_ITEM *it);
typedef void ASN1_ex_free_func(ASN1_VALUE **pval, const ASN1_ITEM *it);
+typedef int ASN1_ex_print_func(BIO *out, ASN1_VALUE **pval,
+ int indent, const char *fname,
+ const ASN1_PCTX *pctx);
+
typedef int ASN1_primitive_i2c(ASN1_VALUE **pval, unsigned char *cont,
int *putype, const ASN1_ITEM *it);
typedef int ASN1_primitive_c2i(ASN1_VALUE **pval, const unsigned char *cont,
int len, int utype, char *free_cont,
const ASN1_ITEM *it);
+typedef int ASN1_primitive_print(BIO *out, ASN1_VALUE **pval,
+ const ASN1_ITEM *it, int indent,
+ const ASN1_PCTX *pctx);
typedef struct ASN1_COMPAT_FUNCS_st {
ASN1_new_func *asn1_new;
@@ -672,6 +691,7 @@
ASN1_ex_free_func *asn1_ex_clear;
ASN1_ex_d2i *asn1_ex_d2i;
ASN1_ex_i2d *asn1_ex_i2d;
+ ASN1_ex_print_func *asn1_ex_print;
} ASN1_EXTERN_FUNCS;
typedef struct ASN1_PRIMITIVE_FUNCS_st {
@@ -682,6 +702,7 @@
ASN1_ex_free_func *prim_clear;
ASN1_primitive_c2i *prim_c2i;
ASN1_primitive_i2c *prim_i2c;
+ ASN1_primitive_print *prim_print;
} ASN1_PRIMITIVE_FUNCS;
/*
@@ -697,7 +718,8 @@
* more appropriate.
*/
-typedef int ASN1_aux_cb(int operation, ASN1_VALUE **in, const ASN1_ITEM *it);
+typedef int ASN1_aux_cb(int operation, ASN1_VALUE **in, const ASN1_ITEM *it,
+ void *exarg);
typedef struct ASN1_AUX_st {
void *app_data;
@@ -708,6 +730,23 @@
int enc_offset; /* Offset of ASN1_ENCODING structure */
} ASN1_AUX;
+/* For print related callbacks exarg points to this structure */
+typedef struct ASN1_PRINT_ARG_st {
+ BIO *out;
+ int indent;
+ const ASN1_PCTX *pctx;
+} ASN1_PRINT_ARG;
+
+/* For streaming related callbacks exarg points to this structure */
+typedef struct ASN1_STREAM_ARG_st {
+ /* BIO to stream through */
+ BIO *out;
+ /* BIO with filters appended */
+ BIO *ndef_bio;
+ /* Streaming I/O boundary */
+ unsigned char **boundary;
+} ASN1_STREAM_ARG;
+
/* Flags in ASN1_AUX */
/* Use a reference count */
@@ -727,6 +766,12 @@
# define ASN1_OP_D2I_POST 5
# define ASN1_OP_I2D_PRE 6
# define ASN1_OP_I2D_POST 7
+# define ASN1_OP_PRINT_PRE 8
+# define ASN1_OP_PRINT_POST 9
+# define ASN1_OP_STREAM_PRE 10
+# define ASN1_OP_STREAM_POST 11
+# define ASN1_OP_DETACHED_PRE 12
+# define ASN1_OP_DETACHED_POST 13
/* Macro to implement a primitive type */
# define IMPLEMENT_ASN1_TYPE(stname) IMPLEMENT_ASN1_TYPE_ex(stname, stname, 0)
@@ -782,9 +827,22 @@
# define IMPLEMENT_ASN1_FUNCTIONS_ENCODE_name(stname, itname) \
IMPLEMENT_ASN1_FUNCTIONS_ENCODE_fname(stname, itname, itname)
+# define IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(stname) \
+ IMPLEMENT_ASN1_ALLOC_FUNCTIONS_pfname(static, stname, stname, stname)
+
# define IMPLEMENT_ASN1_ALLOC_FUNCTIONS(stname) \
IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, stname, stname)
+# define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_pfname(pre, stname, itname, fname) \
+ pre stname *fname##_new(void) \
+ { \
+ return (stname *)ASN1_item_new(ASN1_ITEM_rptr(itname)); \
+ } \
+ pre void fname##_free(stname *a) \
+ { \
+ ASN1_item_free((ASN1_VALUE *)a, ASN1_ITEM_rptr(itname)); \
+ }
+
# define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) \
stname *fname##_new(void) \
{ \
@@ -835,6 +893,17 @@
return ASN1_item_dup(ASN1_ITEM_rptr(stname), x); \
}
+# define IMPLEMENT_ASN1_PRINT_FUNCTION(stname) \
+ IMPLEMENT_ASN1_PRINT_FUNCTION_fname(stname, stname, stname)
+
+# define IMPLEMENT_ASN1_PRINT_FUNCTION_fname(stname, itname, fname) \
+ int fname##_print_ctx(BIO *out, stname *x, int indent, \
+ const ASN1_PCTX *pctx) \
+ { \
+ return ASN1_item_print(out, (ASN1_VALUE *)x, indent, \
+ ASN1_ITEM_rptr(itname), pctx); \
+ }
+
# define IMPLEMENT_ASN1_FUNCTIONS_const(name) \
IMPLEMENT_ASN1_FUNCTIONS_const_fname(name, name, name)
Modified: trunk/crypto/openssl/crypto/asn1/asn_mime.c
===================================================================
--- trunk/crypto/openssl/crypto/asn1/asn_mime.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/asn1/asn_mime.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -60,6 +60,7 @@
#include <openssl/x509.h>
#include <openssl/asn1.h>
#include <openssl/asn1t.h>
+#include "asn1_locl.h"
/*
* Generalised MIME like utilities for streaming ASN1. Although many have a
@@ -88,6 +89,8 @@
DECLARE_STACK_OF(MIME_HEADER)
IMPLEMENT_STACK_OF(MIME_HEADER)
+static int asn1_output_data(BIO *out, BIO *data, ASN1_VALUE *val, int flags,
+ const ASN1_ITEM *it);
static char *strip_ends(char *name);
static char *strip_start(char *name);
static char *strip_end(char *name);
@@ -109,6 +112,37 @@
#define MAX_SMLEN 1024
#define mime_debug(x) /* x */
+/* Output an ASN1 structure in BER format streaming if necessary */
+
+int i2d_ASN1_bio_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
+ const ASN1_ITEM *it)
+{
+ /* If streaming create stream BIO and copy all content through it */
+ if (flags & SMIME_STREAM) {
+ BIO *bio, *tbio;
+ bio = BIO_new_NDEF(out, val, it);
+ if (!bio) {
+ ASN1err(ASN1_F_I2D_ASN1_BIO_STREAM, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+ SMIME_crlf_copy(in, bio, flags);
+ (void)BIO_flush(bio);
+ /* Free up successive BIOs until we hit the old output BIO */
+ do {
+ tbio = BIO_pop(bio);
+ BIO_free(bio);
+ bio = tbio;
+ } while (bio != out);
+ }
+ /*
+ * else just write out ASN1 structure which will have all content stored
+ * internally
+ */
+ else
+ ASN1_item_i2d_bio(it, out, val);
+ return 1;
+}
+
/* Base 64 read and write of ASN1 structure */
static int B64_write_ASN1(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
@@ -125,7 +159,7 @@
* prepend the b64 BIO so all data is base64 encoded.
*/
out = BIO_push(b64, out);
- r = ASN1_item_i2d_bio(it, out, val);
+ r = i2d_ASN1_bio_stream(out, val, in, flags, it);
(void)BIO_flush(out);
BIO_pop(out);
BIO_free(b64);
@@ -132,6 +166,18 @@
return r;
}
+/* Streaming ASN1 PEM write */
+
+int PEM_write_bio_ASN1_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
+ const char *hdr, const ASN1_ITEM *it)
+{
+ int r;
+ BIO_printf(out, "-----BEGIN %s-----\n", hdr);
+ r = B64_write_ASN1(out, val, in, flags, it);
+ BIO_printf(out, "-----END %s-----\n", hdr);
+ return r;
+}
+
static ASN1_VALUE *b64_read_asn1(BIO *bio, const ASN1_ITEM *it)
{
BIO *b64;
@@ -154,7 +200,8 @@
static int asn1_write_micalg(BIO *out, STACK_OF(X509_ALGOR) *mdalgs)
{
- int i, have_unknown = 0, write_comma, md_nid;
+ const EVP_MD *md;
+ int i, have_unknown = 0, write_comma, ret = 0, md_nid;
have_unknown = 0;
write_comma = 0;
for (i = 0; i < sk_X509_ALGOR_num(mdalgs); i++) {
@@ -162,6 +209,19 @@
BIO_write(out, ",", 1);
write_comma = 1;
md_nid = OBJ_obj2nid(sk_X509_ALGOR_value(mdalgs, i)->algorithm);
+ md = EVP_get_digestbynid(md_nid);
+ if (md && md->md_ctrl) {
+ int rv;
+ char *micstr;
+ rv = md->md_ctrl(NULL, EVP_MD_CTRL_MICALG, 0, &micstr);
+ if (rv > 0) {
+ BIO_puts(out, micstr);
+ OPENSSL_free(micstr);
+ continue;
+ }
+ if (rv != -2)
+ goto err;
+ }
switch (md_nid) {
case NID_sha1:
BIO_puts(out, "sha1");
@@ -183,6 +243,11 @@
BIO_puts(out, "sha-512");
break;
+ case NID_id_GostR3411_94:
+ BIO_puts(out, "gostr3411-94");
+ goto err;
+ break;
+
default:
if (have_unknown)
write_comma = 0;
@@ -195,16 +260,18 @@
}
}
- return 1;
+ ret = 1;
+ err:
+ return ret;
+
}
/* SMIME sender */
-int int_smime_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags,
- int ctype_nid, int econt_nid,
- STACK_OF(X509_ALGOR) *mdalgs,
- asn1_output_data_fn * data_fn, const ASN1_ITEM *it)
+int SMIME_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags,
+ int ctype_nid, int econt_nid,
+ STACK_OF(X509_ALGOR) *mdalgs, const ASN1_ITEM *it)
{
char bound[33], c;
int i;
@@ -222,7 +289,8 @@
if ((flags & SMIME_DETACHED) && data) {
/* We want multipart/signed */
/* Generate a random boundary */
- RAND_pseudo_bytes((unsigned char *)bound, 32);
+ if (RAND_pseudo_bytes((unsigned char *)bound, 32) < 0)
+ return 0;
for (i = 0; i < 32; i++) {
c = bound[i] & 0xf;
if (c < 10)
@@ -243,7 +311,7 @@
mime_eol, mime_eol);
/* Now write out the first part */
BIO_printf(bio, "------%s%s", bound, mime_eol);
- if (!data_fn(bio, data, val, flags, it))
+ if (!asn1_output_data(bio, data, val, flags, it))
return 0;
BIO_printf(bio, "%s------%s%s", mime_eol, bound, mime_eol);
@@ -291,8 +359,6 @@
return 1;
}
-#if 0
-
/* Handle output of ASN1 data */
static int asn1_output_data(BIO *out, BIO *data, ASN1_VALUE *val, int flags,
@@ -301,8 +367,13 @@
BIO *tmpbio;
const ASN1_AUX *aux = it->funcs;
ASN1_STREAM_ARG sarg;
+ int rv = 1;
- if (!(flags & SMIME_DETACHED)) {
+ /*
+ * If data is not deteched or resigning then the output BIO is already
+ * set up to finalise when it is written through.
+ */
+ if (!(flags & SMIME_DETACHED) || (flags & PKCS7_REUSE_DIGEST)) {
SMIME_crlf_copy(data, out, flags);
return 1;
}
@@ -326,7 +397,7 @@
/* Finalize structure */
if (aux->asn1_cb(ASN1_OP_DETACHED_POST, &val, it, &sarg) <= 0)
- return 0;
+ rv = 0;
/* Now remove any digests prepended to the BIO */
@@ -336,12 +407,10 @@
sarg.ndef_bio = tmpbio;
}
- return 1;
+ return rv;
}
-#endif
-
/*
* SMIME reader: handle multipart/signed and opaque signing. in multipart
* case the content is placed in a memory BIO pointed to by "bcont". In
@@ -737,7 +806,7 @@
if (!(tmpname = BUF_strdup(name)))
return NULL;
for (p = tmpname; *p; p++) {
- c = *p;
+ c = (unsigned char)*p;
if (isupper(c)) {
c = tolower(c);
*p = c;
@@ -749,7 +818,7 @@
if (!(tmpval = BUF_strdup(value)))
return NULL;
for (p = tmpval; *p; p++) {
- c = *p;
+ c = (unsigned char)*p;
if (isupper(c)) {
c = tolower(c);
*p = c;
@@ -777,7 +846,7 @@
if (!tmpname)
return 0;
for (p = tmpname; *p; p++) {
- c = *p;
+ c = (unsigned char)*p;
if (isupper(c)) {
c = tolower(c);
*p = c;
Modified: trunk/crypto/openssl/crypto/asn1/asn_pack.c
===================================================================
--- trunk/crypto/openssl/crypto/asn1/asn_pack.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/asn1/asn_pack.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -67,10 +67,11 @@
/* Turn an ASN1 encoded SEQUENCE OF into a STACK of structures */
-STACK *ASN1_seq_unpack(const unsigned char *buf, int len,
- d2i_of_void *d2i, void (*free_func) (void *))
+STACK_OF(OPENSSL_BLOCK) *ASN1_seq_unpack(const unsigned char *buf, int len,
+ d2i_of_void *d2i,
+ void (*free_func) (OPENSSL_BLOCK))
{
- STACK *sk;
+ STACK_OF(OPENSSL_BLOCK) *sk;
const unsigned char *pbuf;
pbuf = buf;
if (!(sk = d2i_ASN1_SET(NULL, &pbuf, len, d2i, free_func,
@@ -84,7 +85,7 @@
* OPENSSL_malloc'ed buffer
*/
-unsigned char *ASN1_seq_pack(STACK * safes, i2d_of_void *i2d,
+unsigned char *ASN1_seq_pack(STACK_OF(OPENSSL_BLOCK) *safes, i2d_of_void *i2d,
unsigned char **buf, int *len)
{
int safelen;
Copied: trunk/crypto/openssl/crypto/asn1/bio_asn1.c (from rev 7117, vendor-crypto/openssl/dist/crypto/asn1/bio_asn1.c)
===================================================================
--- trunk/crypto/openssl/crypto/asn1/bio_asn1.c (rev 0)
+++ trunk/crypto/openssl/crypto/asn1/bio_asn1.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,482 @@
+/* bio_asn1.c */
+/*
+ * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+/*
+ * Experimental ASN1 BIO. When written through the data is converted to an
+ * ASN1 string type: default is OCTET STRING. Additional functions can be
+ * provided to add prefix and suffix data.
+ */
+
+#include <string.h>
+#include <openssl/bio.h>
+#include <openssl/asn1.h>
+
+/* Must be large enough for biggest tag+length */
+#define DEFAULT_ASN1_BUF_SIZE 20
+
+typedef enum {
+ ASN1_STATE_START,
+ ASN1_STATE_PRE_COPY,
+ ASN1_STATE_HEADER,
+ ASN1_STATE_HEADER_COPY,
+ ASN1_STATE_DATA_COPY,
+ ASN1_STATE_POST_COPY,
+ ASN1_STATE_DONE
+} asn1_bio_state_t;
+
+typedef struct BIO_ASN1_EX_FUNCS_st {
+ asn1_ps_func *ex_func;
+ asn1_ps_func *ex_free_func;
+} BIO_ASN1_EX_FUNCS;
+
+typedef struct BIO_ASN1_BUF_CTX_t {
+ /* Internal state */
+ asn1_bio_state_t state;
+ /* Internal buffer */
+ unsigned char *buf;
+ /* Size of buffer */
+ int bufsize;
+ /* Current position in buffer */
+ int bufpos;
+ /* Current buffer length */
+ int buflen;
+ /* Amount of data to copy */
+ int copylen;
+ /* Class and tag to use */
+ int asn1_class, asn1_tag;
+ asn1_ps_func *prefix, *prefix_free, *suffix, *suffix_free;
+ /* Extra buffer for prefix and suffix data */
+ unsigned char *ex_buf;
+ int ex_len;
+ int ex_pos;
+ void *ex_arg;
+} BIO_ASN1_BUF_CTX;
+
+static int asn1_bio_write(BIO *h, const char *buf, int num);
+static int asn1_bio_read(BIO *h, char *buf, int size);
+static int asn1_bio_puts(BIO *h, const char *str);
+static int asn1_bio_gets(BIO *h, char *str, int size);
+static long asn1_bio_ctrl(BIO *h, int cmd, long arg1, void *arg2);
+static int asn1_bio_new(BIO *h);
+static int asn1_bio_free(BIO *data);
+static long asn1_bio_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
+
+static int asn1_bio_init(BIO_ASN1_BUF_CTX *ctx, int size);
+static int asn1_bio_flush_ex(BIO *b, BIO_ASN1_BUF_CTX *ctx,
+ asn1_ps_func *cleanup, asn1_bio_state_t next);
+static int asn1_bio_setup_ex(BIO *b, BIO_ASN1_BUF_CTX *ctx,
+ asn1_ps_func *setup,
+ asn1_bio_state_t ex_state,
+ asn1_bio_state_t other_state);
+
+static BIO_METHOD methods_asn1 = {
+ BIO_TYPE_ASN1,
+ "asn1",
+ asn1_bio_write,
+ asn1_bio_read,
+ asn1_bio_puts,
+ asn1_bio_gets,
+ asn1_bio_ctrl,
+ asn1_bio_new,
+ asn1_bio_free,
+ asn1_bio_callback_ctrl,
+};
+
+BIO_METHOD *BIO_f_asn1(void)
+{
+ return (&methods_asn1);
+}
+
+static int asn1_bio_new(BIO *b)
+{
+ BIO_ASN1_BUF_CTX *ctx;
+ ctx = OPENSSL_malloc(sizeof(BIO_ASN1_BUF_CTX));
+ if (!ctx)
+ return 0;
+ if (!asn1_bio_init(ctx, DEFAULT_ASN1_BUF_SIZE)) {
+ OPENSSL_free(ctx);
+ return 0;
+ }
+ b->init = 1;
+ b->ptr = (char *)ctx;
+ b->flags = 0;
+ return 1;
+}
+
+static int asn1_bio_init(BIO_ASN1_BUF_CTX *ctx, int size)
+{
+ ctx->buf = OPENSSL_malloc(size);
+ if (!ctx->buf)
+ return 0;
+ ctx->bufsize = size;
+ ctx->bufpos = 0;
+ ctx->buflen = 0;
+ ctx->copylen = 0;
+ ctx->asn1_class = V_ASN1_UNIVERSAL;
+ ctx->asn1_tag = V_ASN1_OCTET_STRING;
+ ctx->ex_buf = 0;
+ ctx->ex_pos = 0;
+ ctx->ex_len = 0;
+ ctx->state = ASN1_STATE_START;
+ return 1;
+}
+
+static int asn1_bio_free(BIO *b)
+{
+ BIO_ASN1_BUF_CTX *ctx;
+ ctx = (BIO_ASN1_BUF_CTX *)b->ptr;
+ if (ctx == NULL)
+ return 0;
+ if (ctx->buf)
+ OPENSSL_free(ctx->buf);
+ OPENSSL_free(ctx);
+ b->init = 0;
+ b->ptr = NULL;
+ b->flags = 0;
+ return 1;
+}
+
+static int asn1_bio_write(BIO *b, const char *in, int inl)
+{
+ BIO_ASN1_BUF_CTX *ctx;
+ int wrmax, wrlen, ret;
+ unsigned char *p;
+ if (!in || (inl < 0) || (b->next_bio == NULL))
+ return 0;
+ ctx = (BIO_ASN1_BUF_CTX *)b->ptr;
+ if (ctx == NULL)
+ return 0;
+
+ wrlen = 0;
+ ret = -1;
+
+ for (;;) {
+ switch (ctx->state) {
+
+ /* Setup prefix data, call it */
+ case ASN1_STATE_START:
+ if (!asn1_bio_setup_ex(b, ctx, ctx->prefix,
+ ASN1_STATE_PRE_COPY, ASN1_STATE_HEADER))
+ return 0;
+ break;
+
+ /* Copy any pre data first */
+ case ASN1_STATE_PRE_COPY:
+
+ ret = asn1_bio_flush_ex(b, ctx, ctx->prefix_free,
+ ASN1_STATE_HEADER);
+
+ if (ret <= 0)
+ goto done;
+
+ break;
+
+ case ASN1_STATE_HEADER:
+ ctx->buflen = ASN1_object_size(0, inl, ctx->asn1_tag) - inl;
+ OPENSSL_assert(ctx->buflen <= ctx->bufsize);
+ p = ctx->buf;
+ ASN1_put_object(&p, 0, inl, ctx->asn1_tag, ctx->asn1_class);
+ ctx->copylen = inl;
+ ctx->state = ASN1_STATE_HEADER_COPY;
+
+ break;
+
+ case ASN1_STATE_HEADER_COPY:
+ ret = BIO_write(b->next_bio, ctx->buf + ctx->bufpos, ctx->buflen);
+ if (ret <= 0)
+ goto done;
+
+ ctx->buflen -= ret;
+ if (ctx->buflen)
+ ctx->bufpos += ret;
+ else {
+ ctx->bufpos = 0;
+ ctx->state = ASN1_STATE_DATA_COPY;
+ }
+
+ break;
+
+ case ASN1_STATE_DATA_COPY:
+
+ if (inl > ctx->copylen)
+ wrmax = ctx->copylen;
+ else
+ wrmax = inl;
+ ret = BIO_write(b->next_bio, in, wrmax);
+ if (ret <= 0)
+ break;
+ wrlen += ret;
+ ctx->copylen -= ret;
+ in += ret;
+ inl -= ret;
+
+ if (ctx->copylen == 0)
+ ctx->state = ASN1_STATE_HEADER;
+
+ if (inl == 0)
+ goto done;
+
+ break;
+
+ default:
+ BIO_clear_retry_flags(b);
+ return 0;
+
+ }
+
+ }
+
+ done:
+ BIO_clear_retry_flags(b);
+ BIO_copy_next_retry(b);
+
+ return (wrlen > 0) ? wrlen : ret;
+
+}
+
+static int asn1_bio_flush_ex(BIO *b, BIO_ASN1_BUF_CTX *ctx,
+ asn1_ps_func *cleanup, asn1_bio_state_t next)
+{
+ int ret;
+ if (ctx->ex_len <= 0)
+ return 1;
+ for (;;) {
+ ret = BIO_write(b->next_bio, ctx->ex_buf + ctx->ex_pos, ctx->ex_len);
+ if (ret <= 0)
+ break;
+ ctx->ex_len -= ret;
+ if (ctx->ex_len > 0)
+ ctx->ex_pos += ret;
+ else {
+ if (cleanup)
+ cleanup(b, &ctx->ex_buf, &ctx->ex_len, &ctx->ex_arg);
+ ctx->state = next;
+ ctx->ex_pos = 0;
+ break;
+ }
+ }
+ return ret;
+}
+
+static int asn1_bio_setup_ex(BIO *b, BIO_ASN1_BUF_CTX *ctx,
+ asn1_ps_func *setup,
+ asn1_bio_state_t ex_state,
+ asn1_bio_state_t other_state)
+{
+ if (setup && !setup(b, &ctx->ex_buf, &ctx->ex_len, &ctx->ex_arg)) {
+ BIO_clear_retry_flags(b);
+ return 0;
+ }
+ if (ctx->ex_len > 0)
+ ctx->state = ex_state;
+ else
+ ctx->state = other_state;
+ return 1;
+}
+
+static int asn1_bio_read(BIO *b, char *in, int inl)
+{
+ if (!b->next_bio)
+ return 0;
+ return BIO_read(b->next_bio, in, inl);
+}
+
+static int asn1_bio_puts(BIO *b, const char *str)
+{
+ return asn1_bio_write(b, str, strlen(str));
+}
+
+static int asn1_bio_gets(BIO *b, char *str, int size)
+{
+ if (!b->next_bio)
+ return 0;
+ return BIO_gets(b->next_bio, str, size);
+}
+
+static long asn1_bio_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
+{
+ if (b->next_bio == NULL)
+ return (0);
+ return BIO_callback_ctrl(b->next_bio, cmd, fp);
+}
+
+static long asn1_bio_ctrl(BIO *b, int cmd, long arg1, void *arg2)
+{
+ BIO_ASN1_BUF_CTX *ctx;
+ BIO_ASN1_EX_FUNCS *ex_func;
+ long ret = 1;
+ ctx = (BIO_ASN1_BUF_CTX *)b->ptr;
+ if (ctx == NULL)
+ return 0;
+ switch (cmd) {
+
+ case BIO_C_SET_PREFIX:
+ ex_func = arg2;
+ ctx->prefix = ex_func->ex_func;
+ ctx->prefix_free = ex_func->ex_free_func;
+ break;
+
+ case BIO_C_GET_PREFIX:
+ ex_func = arg2;
+ ex_func->ex_func = ctx->prefix;
+ ex_func->ex_free_func = ctx->prefix_free;
+ break;
+
+ case BIO_C_SET_SUFFIX:
+ ex_func = arg2;
+ ctx->suffix = ex_func->ex_func;
+ ctx->suffix_free = ex_func->ex_free_func;
+ break;
+
+ case BIO_C_GET_SUFFIX:
+ ex_func = arg2;
+ ex_func->ex_func = ctx->suffix;
+ ex_func->ex_free_func = ctx->suffix_free;
+ break;
+
+ case BIO_C_SET_EX_ARG:
+ ctx->ex_arg = arg2;
+ break;
+
+ case BIO_C_GET_EX_ARG:
+ *(void **)arg2 = ctx->ex_arg;
+ break;
+
+ case BIO_CTRL_FLUSH:
+ if (!b->next_bio)
+ return 0;
+
+ /* Call post function if possible */
+ if (ctx->state == ASN1_STATE_HEADER) {
+ if (!asn1_bio_setup_ex(b, ctx, ctx->suffix,
+ ASN1_STATE_POST_COPY, ASN1_STATE_DONE))
+ return 0;
+ }
+
+ if (ctx->state == ASN1_STATE_POST_COPY) {
+ ret = asn1_bio_flush_ex(b, ctx, ctx->suffix_free,
+ ASN1_STATE_DONE);
+ if (ret <= 0)
+ return ret;
+ }
+
+ if (ctx->state == ASN1_STATE_DONE)
+ return BIO_ctrl(b->next_bio, cmd, arg1, arg2);
+ else {
+ BIO_clear_retry_flags(b);
+ return 0;
+ }
+ break;
+
+ default:
+ if (!b->next_bio)
+ return 0;
+ return BIO_ctrl(b->next_bio, cmd, arg1, arg2);
+
+ }
+
+ return ret;
+}
+
+static int asn1_bio_set_ex(BIO *b, int cmd,
+ asn1_ps_func *ex_func, asn1_ps_func *ex_free_func)
+{
+ BIO_ASN1_EX_FUNCS extmp;
+ extmp.ex_func = ex_func;
+ extmp.ex_free_func = ex_free_func;
+ return BIO_ctrl(b, cmd, 0, &extmp);
+}
+
+static int asn1_bio_get_ex(BIO *b, int cmd,
+ asn1_ps_func **ex_func,
+ asn1_ps_func **ex_free_func)
+{
+ BIO_ASN1_EX_FUNCS extmp;
+ int ret;
+ ret = BIO_ctrl(b, cmd, 0, &extmp);
+ if (ret > 0) {
+ *ex_func = extmp.ex_func;
+ *ex_free_func = extmp.ex_free_func;
+ }
+ return ret;
+}
+
+int BIO_asn1_set_prefix(BIO *b, asn1_ps_func *prefix,
+ asn1_ps_func *prefix_free)
+{
+ return asn1_bio_set_ex(b, BIO_C_SET_PREFIX, prefix, prefix_free);
+}
+
+int BIO_asn1_get_prefix(BIO *b, asn1_ps_func **pprefix,
+ asn1_ps_func **pprefix_free)
+{
+ return asn1_bio_get_ex(b, BIO_C_GET_PREFIX, pprefix, pprefix_free);
+}
+
+int BIO_asn1_set_suffix(BIO *b, asn1_ps_func *suffix,
+ asn1_ps_func *suffix_free)
+{
+ return asn1_bio_set_ex(b, BIO_C_SET_SUFFIX, suffix, suffix_free);
+}
+
+int BIO_asn1_get_suffix(BIO *b, asn1_ps_func **psuffix,
+ asn1_ps_func **psuffix_free)
+{
+ return asn1_bio_get_ex(b, BIO_C_GET_SUFFIX, psuffix, psuffix_free);
+}
Copied: trunk/crypto/openssl/crypto/asn1/bio_ndef.c (from rev 7117, vendor-crypto/openssl/dist/crypto/asn1/bio_ndef.c)
===================================================================
--- trunk/crypto/openssl/crypto/asn1/bio_ndef.c (rev 0)
+++ trunk/crypto/openssl/crypto/asn1/bio_ndef.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,248 @@
+/* bio_ndef.c */
+/*
+ * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+#include <openssl/bio.h>
+#include <openssl/err.h>
+
+#include <stdio.h>
+
+/* Experimental NDEF ASN1 BIO support routines */
+
+/*
+ * The usage is quite simple, initialize an ASN1 structure, get a BIO from it
+ * then any data written through the BIO will end up translated to
+ * approptiate format on the fly. The data is streamed out and does *not*
+ * need to be all held in memory at once. When the BIO is flushed the output
+ * is finalized and any signatures etc written out. The BIO is a 'proper'
+ * BIO and can handle non blocking I/O correctly. The usage is simple. The
+ * implementation is *not*...
+ */
+
+/* BIO support data stored in the ASN1 BIO ex_arg */
+
+typedef struct ndef_aux_st {
+ /* ASN1 structure this BIO refers to */
+ ASN1_VALUE *val;
+ const ASN1_ITEM *it;
+ /* Top of the BIO chain */
+ BIO *ndef_bio;
+ /* Output BIO */
+ BIO *out;
+ /* Boundary where content is inserted */
+ unsigned char **boundary;
+ /* DER buffer start */
+ unsigned char *derbuf;
+} NDEF_SUPPORT;
+
+static int ndef_prefix(BIO *b, unsigned char **pbuf, int *plen, void *parg);
+static int ndef_prefix_free(BIO *b, unsigned char **pbuf, int *plen,
+ void *parg);
+static int ndef_suffix(BIO *b, unsigned char **pbuf, int *plen, void *parg);
+static int ndef_suffix_free(BIO *b, unsigned char **pbuf, int *plen,
+ void *parg);
+
+BIO *BIO_new_NDEF(BIO *out, ASN1_VALUE *val, const ASN1_ITEM *it)
+{
+ NDEF_SUPPORT *ndef_aux = NULL;
+ BIO *asn_bio = NULL;
+ const ASN1_AUX *aux = it->funcs;
+ ASN1_STREAM_ARG sarg;
+
+ if (!aux || !aux->asn1_cb) {
+ ASN1err(ASN1_F_BIO_NEW_NDEF, ASN1_R_STREAMING_NOT_SUPPORTED);
+ return NULL;
+ }
+ ndef_aux = OPENSSL_malloc(sizeof(NDEF_SUPPORT));
+ asn_bio = BIO_new(BIO_f_asn1());
+
+ /* ASN1 bio needs to be next to output BIO */
+
+ out = BIO_push(asn_bio, out);
+
+ if (!ndef_aux || !asn_bio || !out)
+ goto err;
+
+ BIO_asn1_set_prefix(asn_bio, ndef_prefix, ndef_prefix_free);
+ BIO_asn1_set_suffix(asn_bio, ndef_suffix, ndef_suffix_free);
+
+ /*
+ * Now let callback prepend any digest, cipher etc BIOs ASN1 structure
+ * needs.
+ */
+
+ sarg.out = out;
+ sarg.ndef_bio = NULL;
+ sarg.boundary = NULL;
+
+ if (aux->asn1_cb(ASN1_OP_STREAM_PRE, &val, it, &sarg) <= 0)
+ goto err;
+
+ ndef_aux->val = val;
+ ndef_aux->it = it;
+ ndef_aux->ndef_bio = sarg.ndef_bio;
+ ndef_aux->boundary = sarg.boundary;
+ ndef_aux->out = out;
+
+ BIO_ctrl(asn_bio, BIO_C_SET_EX_ARG, 0, ndef_aux);
+
+ return sarg.ndef_bio;
+
+ err:
+ if (asn_bio)
+ BIO_free(asn_bio);
+ if (ndef_aux)
+ OPENSSL_free(ndef_aux);
+ return NULL;
+}
+
+static int ndef_prefix(BIO *b, unsigned char **pbuf, int *plen, void *parg)
+{
+ NDEF_SUPPORT *ndef_aux;
+ unsigned char *p;
+ int derlen;
+
+ if (!parg)
+ return 0;
+
+ ndef_aux = *(NDEF_SUPPORT **)parg;
+
+ derlen = ASN1_item_ndef_i2d(ndef_aux->val, NULL, ndef_aux->it);
+ p = OPENSSL_malloc(derlen);
+ if (!p)
+ return 0;
+
+ ndef_aux->derbuf = p;
+ *pbuf = p;
+ derlen = ASN1_item_ndef_i2d(ndef_aux->val, &p, ndef_aux->it);
+
+ if (!*ndef_aux->boundary)
+ return 0;
+
+ *plen = *ndef_aux->boundary - *pbuf;
+
+ return 1;
+}
+
+static int ndef_prefix_free(BIO *b, unsigned char **pbuf, int *plen,
+ void *parg)
+{
+ NDEF_SUPPORT *ndef_aux;
+
+ if (!parg)
+ return 0;
+
+ ndef_aux = *(NDEF_SUPPORT **)parg;
+
+ if (ndef_aux->derbuf)
+ OPENSSL_free(ndef_aux->derbuf);
+
+ ndef_aux->derbuf = NULL;
+ *pbuf = NULL;
+ *plen = 0;
+ return 1;
+}
+
+static int ndef_suffix_free(BIO *b, unsigned char **pbuf, int *plen,
+ void *parg)
+{
+ NDEF_SUPPORT **pndef_aux = (NDEF_SUPPORT **)parg;
+ if (!ndef_prefix_free(b, pbuf, plen, parg))
+ return 0;
+ OPENSSL_free(*pndef_aux);
+ *pndef_aux = NULL;
+ return 1;
+}
+
+static int ndef_suffix(BIO *b, unsigned char **pbuf, int *plen, void *parg)
+{
+ NDEF_SUPPORT *ndef_aux;
+ unsigned char *p;
+ int derlen;
+ const ASN1_AUX *aux;
+ ASN1_STREAM_ARG sarg;
+
+ if (!parg)
+ return 0;
+
+ ndef_aux = *(NDEF_SUPPORT **)parg;
+
+ aux = ndef_aux->it->funcs;
+
+ /* Finalize structures */
+ sarg.ndef_bio = ndef_aux->ndef_bio;
+ sarg.out = ndef_aux->out;
+ sarg.boundary = ndef_aux->boundary;
+ if (aux->asn1_cb(ASN1_OP_STREAM_POST,
+ &ndef_aux->val, ndef_aux->it, &sarg) <= 0)
+ return 0;
+
+ derlen = ASN1_item_ndef_i2d(ndef_aux->val, NULL, ndef_aux->it);
+ p = OPENSSL_malloc(derlen);
+ if (!p)
+ return 0;
+
+ ndef_aux->derbuf = p;
+ *pbuf = p;
+ derlen = ASN1_item_ndef_i2d(ndef_aux->val, &p, ndef_aux->it);
+
+ if (!*ndef_aux->boundary)
+ return 0;
+ *pbuf = *ndef_aux->boundary;
+ *plen = derlen - (*ndef_aux->boundary - ndef_aux->derbuf);
+
+ return 1;
+}
Modified: trunk/crypto/openssl/crypto/asn1/charmap.h
===================================================================
--- trunk/crypto/openssl/crypto/asn1/charmap.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/asn1/charmap.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -3,7 +3,7 @@
* properties
*/
-static unsigned char char_type[] = {
+static const unsigned char char_type[] = {
2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
120, 0, 1, 40, 0, 0, 0, 16, 16, 16, 0, 25, 25, 16, 16, 16,
Modified: trunk/crypto/openssl/crypto/asn1/charmap.pl
===================================================================
--- trunk/crypto/openssl/crypto/asn1/charmap.pl 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/asn1/charmap.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,5 +1,8 @@
#!/usr/local/bin/perl -w
+# Written by Dr Stephen N Henson (steve at openssl.org).
+# Licensed under the terms of the OpenSSL license.
+
use strict;
my ($i, @arr);
Modified: trunk/crypto/openssl/crypto/asn1/d2i_pr.c
===================================================================
--- trunk/crypto/openssl/crypto/asn1/d2i_pr.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/asn1/d2i_pr.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -61,16 +61,12 @@
#include <openssl/bn.h>
#include <openssl/evp.h>
#include <openssl/objects.h>
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+#endif
+#include <openssl/x509.h>
#include <openssl/asn1.h>
-#ifndef OPENSSL_NO_RSA
-# include <openssl/rsa.h>
-#endif
-#ifndef OPENSSL_NO_DSA
-# include <openssl/dsa.h>
-#endif
-#ifndef OPENSSL_NO_EC
-# include <openssl/ec.h>
-#endif
+#include "asn1_locl.h"
EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
long length)
@@ -82,48 +78,36 @@
ASN1err(ASN1_F_D2I_PRIVATEKEY, ERR_R_EVP_LIB);
return (NULL);
}
- } else
+ } else {
ret = *a;
-
- ret->save_type = type;
- ret->type = EVP_PKEY_type(type);
- switch (ret->type) {
-#ifndef OPENSSL_NO_RSA
- case EVP_PKEY_RSA:
- /* TMP UGLY CAST */
- if ((ret->pkey.rsa = d2i_RSAPrivateKey(NULL,
- (const unsigned char **)pp,
- length)) == NULL) {
- ASN1err(ASN1_F_D2I_PRIVATEKEY, ERR_R_ASN1_LIB);
- goto err;
+#ifndef OPENSSL_NO_ENGINE
+ if (ret->engine) {
+ ENGINE_finish(ret->engine);
+ ret->engine = NULL;
}
- break;
#endif
-#ifndef OPENSSL_NO_DSA
- case EVP_PKEY_DSA:
- /* TMP UGLY CAST */
- if ((ret->pkey.dsa = d2i_DSAPrivateKey(NULL,
- (const unsigned char **)pp,
- length)) == NULL) {
+ }
+
+ if (!EVP_PKEY_set_type(ret, type)) {
+ ASN1err(ASN1_F_D2I_PRIVATEKEY, ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE);
+ goto err;
+ }
+
+ if (!ret->ameth->old_priv_decode ||
+ !ret->ameth->old_priv_decode(ret, pp, length)) {
+ if (ret->ameth->priv_decode) {
+ PKCS8_PRIV_KEY_INFO *p8 = NULL;
+ p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, pp, length);
+ if (!p8)
+ goto err;
+ EVP_PKEY_free(ret);
+ ret = EVP_PKCS82PKEY(p8);
+ PKCS8_PRIV_KEY_INFO_free(p8);
+
+ } else {
ASN1err(ASN1_F_D2I_PRIVATEKEY, ERR_R_ASN1_LIB);
goto err;
}
- break;
-#endif
-#ifndef OPENSSL_NO_EC
- case EVP_PKEY_EC:
- if ((ret->pkey.ec = d2i_ECPrivateKey(NULL,
- (const unsigned char **)pp,
- length)) == NULL) {
- ASN1err(ASN1_F_D2I_PRIVATEKEY, ERR_R_ASN1_LIB);
- goto err;
- }
- break;
-#endif
- default:
- ASN1err(ASN1_F_D2I_PRIVATEKEY, ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE);
- goto err;
- /* break; */
}
if (a != NULL)
(*a) = ret;
@@ -151,9 +135,7 @@
* analyzing it we can determine the passed structure: this assumes the
* input is surrounded by an ASN1 SEQUENCE.
*/
- inkey = d2i_ASN1_SET_OF_ASN1_TYPE(NULL, &p, length, d2i_ASN1_TYPE,
- ASN1_TYPE_free, V_ASN1_SEQUENCE,
- V_ASN1_UNIVERSAL);
+ inkey = d2i_ASN1_SEQUENCE_ANY(NULL, &p, length);
/*
* Since we only need to discern "traditional format" RSA and DSA keys we
* can just count the elements.
@@ -162,7 +144,24 @@
keytype = EVP_PKEY_DSA;
else if (sk_ASN1_TYPE_num(inkey) == 4)
keytype = EVP_PKEY_EC;
- else
+ else if (sk_ASN1_TYPE_num(inkey) == 3) { /* This seems to be PKCS8, not
+ * traditional format */
+ PKCS8_PRIV_KEY_INFO *p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, pp, length);
+ EVP_PKEY *ret;
+
+ sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free);
+ if (!p8) {
+ ASN1err(ASN1_F_D2I_AUTOPRIVATEKEY,
+ ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
+ return NULL;
+ }
+ ret = EVP_PKCS82PKEY(p8);
+ PKCS8_PRIV_KEY_INFO_free(p8);
+ if (a) {
+ *a = ret;
+ }
+ return ret;
+ } else
keytype = EVP_PKEY_RSA;
sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free);
return d2i_PrivateKey(keytype, a, pp, length);
Modified: trunk/crypto/openssl/crypto/asn1/d2i_pu.c
===================================================================
--- trunk/crypto/openssl/crypto/asn1/d2i_pu.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/asn1/d2i_pu.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -85,9 +85,12 @@
} else
ret = *a;
- ret->save_type = type;
- ret->type = EVP_PKEY_type(type);
- switch (ret->type) {
+ if (!EVP_PKEY_set_type(ret, type)) {
+ ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_EVP_LIB);
+ goto err;
+ }
+
+ switch (EVP_PKEY_id(ret)) {
#ifndef OPENSSL_NO_RSA
case EVP_PKEY_RSA:
/* TMP UGLY CAST */
Modified: trunk/crypto/openssl/crypto/asn1/i2d_pr.c
===================================================================
--- trunk/crypto/openssl/crypto/asn1/i2d_pr.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/asn1/i2d_pr.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -58,37 +58,21 @@
#include <stdio.h>
#include "cryptlib.h"
-#include <openssl/bn.h>
#include <openssl/evp.h>
-#include <openssl/objects.h>
-#ifndef OPENSSL_NO_RSA
-# include <openssl/rsa.h>
-#endif
-#ifndef OPENSSL_NO_DSA
-# include <openssl/dsa.h>
-#endif
-#ifndef OPENSSL_NO_EC
-# include <openssl/ec.h>
-#endif
+#include <openssl/x509.h>
+#include "asn1_locl.h"
int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp)
{
-#ifndef OPENSSL_NO_RSA
- if (a->type == EVP_PKEY_RSA) {
- return (i2d_RSAPrivateKey(a->pkey.rsa, pp));
- } else
-#endif
-#ifndef OPENSSL_NO_DSA
- if (a->type == EVP_PKEY_DSA) {
- return (i2d_DSAPrivateKey(a->pkey.dsa, pp));
+ if (a->ameth && a->ameth->old_priv_encode) {
+ return a->ameth->old_priv_encode(a, pp);
}
-#endif
-#ifndef OPENSSL_NO_EC
- if (a->type == EVP_PKEY_EC) {
- return (i2d_ECPrivateKey(a->pkey.ec, pp));
+ if (a->ameth && a->ameth->priv_encode) {
+ PKCS8_PRIV_KEY_INFO *p8 = EVP_PKEY2PKCS8(a);
+ int ret = i2d_PKCS8_PRIV_KEY_INFO(p8, pp);
+ PKCS8_PRIV_KEY_INFO_free(p8);
+ return ret;
}
-#endif
-
ASN1err(ASN1_F_I2D_PRIVATEKEY, ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
return (-1);
}
Modified: trunk/crypto/openssl/crypto/asn1/n_pkey.c
===================================================================
--- trunk/crypto/openssl/crypto/asn1/n_pkey.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/asn1/n_pkey.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -125,6 +125,7 @@
unsigned char buf[256], *zz;
unsigned char key[EVP_MAX_KEY_LENGTH];
EVP_CIPHER_CTX ctx;
+ EVP_CIPHER_CTX_init(&ctx);
if (a == NULL)
return (0);
@@ -201,24 +202,28 @@
i = strlen((char *)buf);
/* If the key is used for SGC the algorithm is modified a little. */
if (sgckey) {
- EVP_Digest(buf, i, buf, NULL, EVP_md5(), NULL);
+ if (!EVP_Digest(buf, i, buf, NULL, EVP_md5(), NULL))
+ goto err;
memcpy(buf + 16, "SGCKEYSALT", 10);
i = 26;
}
- EVP_BytesToKey(EVP_rc4(), EVP_md5(), NULL, buf, i, 1, key, NULL);
+ if (!EVP_BytesToKey(EVP_rc4(), EVP_md5(), NULL, buf, i, 1, key, NULL))
+ goto err;
OPENSSL_cleanse(buf, 256);
/* Encrypt private key in place */
zz = enckey->enckey->digest->data;
- EVP_CIPHER_CTX_init(&ctx);
- EVP_EncryptInit_ex(&ctx, EVP_rc4(), NULL, key, NULL);
- EVP_EncryptUpdate(&ctx, zz, &i, zz, pkeylen);
- EVP_EncryptFinal_ex(&ctx, zz + i, &j);
- EVP_CIPHER_CTX_cleanup(&ctx);
+ if (!EVP_EncryptInit_ex(&ctx, EVP_rc4(), NULL, key, NULL))
+ goto err;
+ if (!EVP_EncryptUpdate(&ctx, zz, &i, zz, pkeylen))
+ goto err;
+ if (!EVP_EncryptFinal_ex(&ctx, zz + i, &j))
+ goto err;
ret = i2d_NETSCAPE_ENCRYPTED_PKEY(enckey, pp);
err:
+ EVP_CIPHER_CTX_cleanup(&ctx);
NETSCAPE_ENCRYPTED_PKEY_free(enckey);
NETSCAPE_PKEY_free(pkey);
return (ret);
@@ -282,6 +287,7 @@
const unsigned char *zz;
unsigned char key[EVP_MAX_KEY_LENGTH];
EVP_CIPHER_CTX ctx;
+ EVP_CIPHER_CTX_init(&ctx);
i = cb((char *)buf, 256, "Enter Private Key password:", 0);
if (i != 0) {
@@ -291,19 +297,22 @@
i = strlen((char *)buf);
if (sgckey) {
- EVP_Digest(buf, i, buf, NULL, EVP_md5(), NULL);
+ if (!EVP_Digest(buf, i, buf, NULL, EVP_md5(), NULL))
+ goto err;
memcpy(buf + 16, "SGCKEYSALT", 10);
i = 26;
}
- EVP_BytesToKey(EVP_rc4(), EVP_md5(), NULL, buf, i, 1, key, NULL);
+ if (!EVP_BytesToKey(EVP_rc4(), EVP_md5(), NULL, buf, i, 1, key, NULL))
+ goto err;
OPENSSL_cleanse(buf, 256);
- EVP_CIPHER_CTX_init(&ctx);
- EVP_DecryptInit_ex(&ctx, EVP_rc4(), NULL, key, NULL);
- EVP_DecryptUpdate(&ctx, os->data, &i, os->data, os->length);
- EVP_DecryptFinal_ex(&ctx, &(os->data[i]), &j);
- EVP_CIPHER_CTX_cleanup(&ctx);
+ if (!EVP_DecryptInit_ex(&ctx, EVP_rc4(), NULL, key, NULL))
+ goto err;
+ if (!EVP_DecryptUpdate(&ctx, os->data, &i, os->data, os->length))
+ goto err;
+ if (!EVP_DecryptFinal_ex(&ctx, &(os->data[i]), &j))
+ goto err;
os->length = i + j;
zz = os->data;
@@ -320,6 +329,7 @@
goto err;
}
err:
+ EVP_CIPHER_CTX_cleanup(&ctx);
NETSCAPE_PKEY_free(pkey);
return (ret);
}
Modified: trunk/crypto/openssl/crypto/asn1/nsseq.c
===================================================================
--- trunk/crypto/openssl/crypto/asn1/nsseq.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/asn1/nsseq.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -4,7 +4,7 @@
* 1999.
*/
/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -63,7 +63,8 @@
#include <openssl/x509.h>
#include <openssl/objects.h>
-static int nsseq_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
+static int nsseq_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+ void *exarg)
{
if (operation == ASN1_OP_NEW_POST) {
NETSCAPE_CERT_SEQUENCE *nsseq;
Modified: trunk/crypto/openssl/crypto/asn1/p5_pbe.c
===================================================================
--- trunk/crypto/openssl/crypto/asn1/p5_pbe.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/asn1/p5_pbe.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -72,65 +72,72 @@
IMPLEMENT_ASN1_FUNCTIONS(PBEPARAM)
-/* Return an algorithm identifier for a PKCS#5 PBE algorithm */
+/* Set an algorithm identifier for a PKCS#5 PBE algorithm */
-X509_ALGOR *PKCS5_pbe_set(int alg, int iter, unsigned char *salt, int saltlen)
+int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter,
+ const unsigned char *salt, int saltlen)
{
PBEPARAM *pbe = NULL;
- ASN1_OBJECT *al;
- X509_ALGOR *algor;
- ASN1_TYPE *astype = NULL;
+ ASN1_STRING *pbe_str = NULL;
+ unsigned char *sstr;
- if (!(pbe = PBEPARAM_new())) {
- ASN1err(ASN1_F_PKCS5_PBE_SET, ERR_R_MALLOC_FAILURE);
+ pbe = PBEPARAM_new();
+ if (!pbe) {
+ ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR, ERR_R_MALLOC_FAILURE);
goto err;
}
if (iter <= 0)
iter = PKCS5_DEFAULT_ITER;
if (!ASN1_INTEGER_set(pbe->iter, iter)) {
- ASN1err(ASN1_F_PKCS5_PBE_SET, ERR_R_MALLOC_FAILURE);
+ ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR, ERR_R_MALLOC_FAILURE);
goto err;
}
if (!saltlen)
saltlen = PKCS5_SALT_LEN;
- if (!(pbe->salt->data = OPENSSL_malloc(saltlen))) {
- ASN1err(ASN1_F_PKCS5_PBE_SET, ERR_R_MALLOC_FAILURE);
+ if (!ASN1_STRING_set(pbe->salt, NULL, saltlen)) {
+ ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR, ERR_R_MALLOC_FAILURE);
goto err;
}
- pbe->salt->length = saltlen;
+ sstr = ASN1_STRING_data(pbe->salt);
if (salt)
- memcpy(pbe->salt->data, salt, saltlen);
- else if (RAND_pseudo_bytes(pbe->salt->data, saltlen) < 0)
+ memcpy(sstr, salt, saltlen);
+ else if (RAND_pseudo_bytes(sstr, saltlen) < 0)
goto err;
- if (!(astype = ASN1_TYPE_new())) {
- ASN1err(ASN1_F_PKCS5_PBE_SET, ERR_R_MALLOC_FAILURE);
+ if (!ASN1_item_pack(pbe, ASN1_ITEM_rptr(PBEPARAM), &pbe_str)) {
+ ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR, ERR_R_MALLOC_FAILURE);
goto err;
}
- astype->type = V_ASN1_SEQUENCE;
- if (!ASN1_pack_string_of(PBEPARAM, pbe, i2d_PBEPARAM,
- &astype->value.sequence)) {
- ASN1err(ASN1_F_PKCS5_PBE_SET, ERR_R_MALLOC_FAILURE);
- goto err;
- }
PBEPARAM_free(pbe);
pbe = NULL;
- al = OBJ_nid2obj(alg); /* never need to free al */
- if (!(algor = X509_ALGOR_new())) {
- ASN1err(ASN1_F_PKCS5_PBE_SET, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- ASN1_OBJECT_free(algor->algorithm);
- algor->algorithm = al;
- algor->parameter = astype;
+ if (X509_ALGOR_set0(algor, OBJ_nid2obj(alg), V_ASN1_SEQUENCE, pbe_str))
+ return 1;
- return (algor);
err:
if (pbe != NULL)
PBEPARAM_free(pbe);
- if (astype != NULL)
- ASN1_TYPE_free(astype);
+ if (pbe_str != NULL)
+ ASN1_STRING_free(pbe_str);
+ return 0;
+}
+
+/* Return an algorithm identifier for a PKCS#5 PBE algorithm */
+
+X509_ALGOR *PKCS5_pbe_set(int alg, int iter,
+ const unsigned char *salt, int saltlen)
+{
+ X509_ALGOR *ret;
+ ret = X509_ALGOR_new();
+ if (!ret) {
+ ASN1err(ASN1_F_PKCS5_PBE_SET, ERR_R_MALLOC_FAILURE);
+ return NULL;
+ }
+
+ if (PKCS5_pbe_set0_algor(ret, alg, iter, salt, saltlen))
+ return ret;
+
+ X509_ALGOR_free(ret);
return NULL;
}
Modified: trunk/crypto/openssl/crypto/asn1/p5_pbev2.c
===================================================================
--- trunk/crypto/openssl/crypto/asn1/p5_pbev2.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/asn1/p5_pbev2.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -83,24 +83,24 @@
/*
* Return an algorithm identifier for a PKCS#5 v2.0 PBE algorithm: yes I know
- * this is horrible!
+ * this is horrible! Extended version to allow application supplied PRF NID
+ * and IV.
*/
-X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
- unsigned char *salt, int saltlen)
+X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter,
+ unsigned char *salt, int saltlen,
+ unsigned char *aiv, int prf_nid)
{
X509_ALGOR *scheme = NULL, *kalg = NULL, *ret = NULL;
- int alg_nid;
+ int alg_nid, keylen;
EVP_CIPHER_CTX ctx;
unsigned char iv[EVP_MAX_IV_LENGTH];
- PBKDF2PARAM *kdf = NULL;
PBE2PARAM *pbe2 = NULL;
- ASN1_OCTET_STRING *osalt = NULL;
ASN1_OBJECT *obj;
alg_nid = EVP_CIPHER_type(cipher);
if (alg_nid == NID_undef) {
- ASN1err(ASN1_F_PKCS5_PBE2_SET,
+ ASN1err(ASN1_F_PKCS5_PBE2_SET_IV,
ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER);
goto err;
}
@@ -117,31 +117,112 @@
goto merr;
/* Create random IV */
- if (EVP_CIPHER_iv_length(cipher) &&
- RAND_pseudo_bytes(iv, EVP_CIPHER_iv_length(cipher)) < 0)
- goto err;
+ if (EVP_CIPHER_iv_length(cipher)) {
+ if (aiv)
+ memcpy(iv, aiv, EVP_CIPHER_iv_length(cipher));
+ else if (RAND_pseudo_bytes(iv, EVP_CIPHER_iv_length(cipher)) < 0)
+ goto err;
+ }
EVP_CIPHER_CTX_init(&ctx);
- /* Dummy cipherinit to just setup the IV */
- EVP_CipherInit_ex(&ctx, cipher, NULL, NULL, iv, 0);
+ /* Dummy cipherinit to just setup the IV, and PRF */
+ if (!EVP_CipherInit_ex(&ctx, cipher, NULL, NULL, iv, 0))
+ goto err;
if (EVP_CIPHER_param_to_asn1(&ctx, scheme->parameter) < 0) {
- ASN1err(ASN1_F_PKCS5_PBE2_SET, ASN1_R_ERROR_SETTING_CIPHER_PARAMS);
+ ASN1err(ASN1_F_PKCS5_PBE2_SET_IV, ASN1_R_ERROR_SETTING_CIPHER_PARAMS);
EVP_CIPHER_CTX_cleanup(&ctx);
goto err;
}
+ /*
+ * If prf NID unspecified see if cipher has a preference. An error is OK
+ * here: just means use default PRF.
+ */
+ if ((prf_nid == -1) &&
+ EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_PBE_PRF_NID, 0, &prf_nid) <= 0) {
+ ERR_clear_error();
+ prf_nid = NID_hmacWithSHA1;
+ }
EVP_CIPHER_CTX_cleanup(&ctx);
+ /* If its RC2 then we'd better setup the key length */
+
+ if (alg_nid == NID_rc2_cbc)
+ keylen = EVP_CIPHER_key_length(cipher);
+ else
+ keylen = -1;
+
+ /* Setup keyfunc */
+
+ X509_ALGOR_free(pbe2->keyfunc);
+
+ pbe2->keyfunc = PKCS5_pbkdf2_set(iter, salt, saltlen, prf_nid, keylen);
+
+ if (!pbe2->keyfunc)
+ goto merr;
+
+ /* Now set up top level AlgorithmIdentifier */
+
+ if (!(ret = X509_ALGOR_new()))
+ goto merr;
+ if (!(ret->parameter = ASN1_TYPE_new()))
+ goto merr;
+
+ ret->algorithm = OBJ_nid2obj(NID_pbes2);
+
+ /* Encode PBE2PARAM into parameter */
+
+ if (!ASN1_item_pack(pbe2, ASN1_ITEM_rptr(PBE2PARAM),
+ &ret->parameter->value.sequence))
+ goto merr;
+ ret->parameter->type = V_ASN1_SEQUENCE;
+
+ PBE2PARAM_free(pbe2);
+ pbe2 = NULL;
+
+ return ret;
+
+ merr:
+ ASN1err(ASN1_F_PKCS5_PBE2_SET_IV, ERR_R_MALLOC_FAILURE);
+
+ err:
+ PBE2PARAM_free(pbe2);
+ /* Note 'scheme' is freed as part of pbe2 */
+ X509_ALGOR_free(kalg);
+ X509_ALGOR_free(ret);
+
+ return NULL;
+
+}
+
+X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
+ unsigned char *salt, int saltlen)
+{
+ return PKCS5_pbe2_set_iv(cipher, iter, salt, saltlen, NULL, -1);
+}
+
+X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen,
+ int prf_nid, int keylen)
+{
+ X509_ALGOR *keyfunc = NULL;
+ PBKDF2PARAM *kdf = NULL;
+ ASN1_OCTET_STRING *osalt = NULL;
+
if (!(kdf = PBKDF2PARAM_new()))
goto merr;
if (!(osalt = M_ASN1_OCTET_STRING_new()))
goto merr;
+ kdf->salt->value.octet_string = osalt;
+ kdf->salt->type = V_ASN1_OCTET_STRING;
+
if (!saltlen)
saltlen = PKCS5_SALT_LEN;
if (!(osalt->data = OPENSSL_malloc(saltlen)))
goto merr;
+
osalt->length = saltlen;
+
if (salt)
memcpy(osalt->data, salt, saltlen);
else if (RAND_pseudo_bytes(osalt->data, saltlen) < 0)
@@ -149,74 +230,51 @@
if (iter <= 0)
iter = PKCS5_DEFAULT_ITER;
+
if (!ASN1_INTEGER_set(kdf->iter, iter))
goto merr;
- /* Now include salt in kdf structure */
- kdf->salt->value.octet_string = osalt;
- kdf->salt->type = V_ASN1_OCTET_STRING;
- osalt = NULL;
+ /* If have a key len set it up */
- /* If its RC2 then we'd better setup the key length */
-
- if (alg_nid == NID_rc2_cbc) {
+ if (keylen > 0) {
if (!(kdf->keylength = M_ASN1_INTEGER_new()))
goto merr;
- if (!ASN1_INTEGER_set(kdf->keylength, EVP_CIPHER_key_length(cipher)))
+ if (!ASN1_INTEGER_set(kdf->keylength, keylen))
goto merr;
}
- /* prf can stay NULL because we are using hmacWithSHA1 */
+ /* prf can stay NULL if we are using hmacWithSHA1 */
+ if (prf_nid > 0 && prf_nid != NID_hmacWithSHA1) {
+ kdf->prf = X509_ALGOR_new();
+ if (!kdf->prf)
+ goto merr;
+ X509_ALGOR_set0(kdf->prf, OBJ_nid2obj(prf_nid), V_ASN1_NULL, NULL);
+ }
- /* Now setup the PBE2PARAM keyfunc structure */
+ /* Finally setup the keyfunc structure */
- pbe2->keyfunc->algorithm = OBJ_nid2obj(NID_id_pbkdf2);
+ keyfunc = X509_ALGOR_new();
+ if (!keyfunc)
+ goto merr;
+ keyfunc->algorithm = OBJ_nid2obj(NID_id_pbkdf2);
+
/* Encode PBKDF2PARAM into parameter of pbe2 */
- if (!(pbe2->keyfunc->parameter = ASN1_TYPE_new()))
+ if (!(keyfunc->parameter = ASN1_TYPE_new()))
goto merr;
- if (!ASN1_pack_string_of(PBKDF2PARAM, kdf, i2d_PBKDF2PARAM,
- &pbe2->keyfunc->parameter->value.sequence))
+ if (!ASN1_item_pack(kdf, ASN1_ITEM_rptr(PBKDF2PARAM),
+ &keyfunc->parameter->value.sequence))
goto merr;
- pbe2->keyfunc->parameter->type = V_ASN1_SEQUENCE;
+ keyfunc->parameter->type = V_ASN1_SEQUENCE;
PBKDF2PARAM_free(kdf);
- kdf = NULL;
+ return keyfunc;
- /* Now set up top level AlgorithmIdentifier */
-
- if (!(ret = X509_ALGOR_new()))
- goto merr;
- if (!(ret->parameter = ASN1_TYPE_new()))
- goto merr;
-
- ret->algorithm = OBJ_nid2obj(NID_pbes2);
-
- /* Encode PBE2PARAM into parameter */
-
- if (!ASN1_pack_string_of(PBE2PARAM, pbe2, i2d_PBE2PARAM,
- &ret->parameter->value.sequence))
- goto merr;
- ret->parameter->type = V_ASN1_SEQUENCE;
-
- PBE2PARAM_free(pbe2);
- pbe2 = NULL;
-
- return ret;
-
merr:
- ASN1err(ASN1_F_PKCS5_PBE2_SET, ERR_R_MALLOC_FAILURE);
-
- err:
- PBE2PARAM_free(pbe2);
- /* Note 'scheme' is freed as part of pbe2 */
- M_ASN1_OCTET_STRING_free(osalt);
+ ASN1err(ASN1_F_PKCS5_PBKDF2_SET, ERR_R_MALLOC_FAILURE);
PBKDF2PARAM_free(kdf);
- X509_ALGOR_free(kalg);
- X509_ALGOR_free(ret);
-
+ X509_ALGOR_free(keyfunc);
return NULL;
-
}
Modified: trunk/crypto/openssl/crypto/asn1/p8_pkey.c
===================================================================
--- trunk/crypto/openssl/crypto/asn1/p8_pkey.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/asn1/p8_pkey.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -4,7 +4,7 @@
* 1999.
*/
/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -63,7 +63,8 @@
#include <openssl/x509.h>
/* Minor tweak to operation: zero private key data */
-static int pkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
+static int pkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+ void *exarg)
{
/* Since the structure must still be valid use ASN1_OP_FREE_PRE */
if (operation == ASN1_OP_FREE_PRE) {
@@ -84,3 +85,61 @@
} ASN1_SEQUENCE_END_cb(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO)
IMPLEMENT_ASN1_FUNCTIONS(PKCS8_PRIV_KEY_INFO)
+
+int PKCS8_pkey_set0(PKCS8_PRIV_KEY_INFO *priv, ASN1_OBJECT *aobj,
+ int version,
+ int ptype, void *pval, unsigned char *penc, int penclen)
+{
+ unsigned char **ppenc = NULL;
+ if (version >= 0) {
+ if (!ASN1_INTEGER_set(priv->version, version))
+ return 0;
+ }
+ if (penc) {
+ int pmtype;
+ ASN1_OCTET_STRING *oct;
+ oct = ASN1_OCTET_STRING_new();
+ if (!oct)
+ return 0;
+ oct->data = penc;
+ ppenc = &oct->data;
+ oct->length = penclen;
+ if (priv->broken == PKCS8_NO_OCTET)
+ pmtype = V_ASN1_SEQUENCE;
+ else
+ pmtype = V_ASN1_OCTET_STRING;
+ ASN1_TYPE_set(priv->pkey, pmtype, oct);
+ }
+ if (!X509_ALGOR_set0(priv->pkeyalg, aobj, ptype, pval)) {
+ /* If call fails do not swallow 'enc' */
+ if (ppenc)
+ *ppenc = NULL;
+ return 0;
+ }
+ return 1;
+}
+
+int PKCS8_pkey_get0(ASN1_OBJECT **ppkalg,
+ const unsigned char **pk, int *ppklen,
+ X509_ALGOR **pa, PKCS8_PRIV_KEY_INFO *p8)
+{
+ if (ppkalg)
+ *ppkalg = p8->pkeyalg->algorithm;
+ if (p8->pkey->type == V_ASN1_OCTET_STRING) {
+ p8->broken = PKCS8_OK;
+ if (pk) {
+ *pk = p8->pkey->value.octet_string->data;
+ *ppklen = p8->pkey->value.octet_string->length;
+ }
+ } else if (p8->pkey->type == V_ASN1_SEQUENCE) {
+ p8->broken = PKCS8_NO_OCTET;
+ if (pk) {
+ *pk = p8->pkey->value.sequence->data;
+ *ppklen = p8->pkey->value.sequence->length;
+ }
+ } else
+ return 0;
+ if (pa)
+ *pa = p8->pkeyalg;
+ return 1;
+}
Modified: trunk/crypto/openssl/crypto/asn1/t_crl.c
===================================================================
--- trunk/crypto/openssl/crypto/asn1/t_crl.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/asn1/t_crl.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -94,8 +94,7 @@
l = X509_CRL_get_version(x);
BIO_printf(out, "%8sVersion %lu (0x%lx)\n", "", l + 1, l);
i = OBJ_obj2nid(x->sig_alg->algorithm);
- BIO_printf(out, "%8sSignature Algorithm: %s\n", "",
- (i == NID_undef) ? "NONE" : OBJ_nid2ln(i));
+ X509_signature_print(out, x->sig_alg, NULL);
p = X509_NAME_oneline(X509_CRL_get_issuer(x), NULL, 0);
BIO_printf(out, "%8sIssuer: %s\n", "", p);
OPENSSL_free(p);
Modified: trunk/crypto/openssl/crypto/asn1/t_pkey.c
===================================================================
--- trunk/crypto/openssl/crypto/asn1/t_pkey.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/asn1/t_pkey.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -55,11 +55,6 @@
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * Binary polynomial ECC support in OpenSSL originally developed by
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
#include <stdio.h>
#include "cryptlib.h"
@@ -66,477 +61,10 @@
#include <openssl/objects.h>
#include <openssl/buffer.h>
#include <openssl/bn.h>
-#ifndef OPENSSL_NO_RSA
-# include <openssl/rsa.h>
-#endif
-#ifndef OPENSSL_NO_DH
-# include <openssl/dh.h>
-#endif
-#ifndef OPENSSL_NO_DSA
-# include <openssl/dsa.h>
-#endif
-#ifndef OPENSSL_NO_EC
-# include <openssl/ec.h>
-#endif
-static int print(BIO *fp, const char *str, const BIGNUM *num,
- unsigned char *buf, int off);
-#ifndef OPENSSL_NO_EC
-static int print_bin(BIO *fp, const char *str, const unsigned char *num,
- size_t len, int off);
-#endif
-#ifndef OPENSSL_NO_RSA
-# ifndef OPENSSL_NO_FP_API
-int RSA_print_fp(FILE *fp, const RSA *x, int off)
+int ASN1_bn_print(BIO *bp, const char *number, const BIGNUM *num,
+ unsigned char *buf, int off)
{
- BIO *b;
- int ret;
-
- if ((b = BIO_new(BIO_s_file())) == NULL) {
- RSAerr(RSA_F_RSA_PRINT_FP, ERR_R_BUF_LIB);
- return (0);
- }
- BIO_set_fp(b, fp, BIO_NOCLOSE);
- ret = RSA_print(b, x, off);
- BIO_free(b);
- return (ret);
-}
-# endif
-
-int RSA_print(BIO *bp, const RSA *x, int off)
-{
- char str[128];
- const char *s;
- unsigned char *m = NULL;
- int ret = 0, mod_len = 0;
- size_t buf_len = 0, i;
-
- if (x->n)
- buf_len = (size_t)BN_num_bytes(x->n);
- if (x->e)
- if (buf_len < (i = (size_t)BN_num_bytes(x->e)))
- buf_len = i;
- if (x->d)
- if (buf_len < (i = (size_t)BN_num_bytes(x->d)))
- buf_len = i;
- if (x->p)
- if (buf_len < (i = (size_t)BN_num_bytes(x->p)))
- buf_len = i;
- if (x->q)
- if (buf_len < (i = (size_t)BN_num_bytes(x->q)))
- buf_len = i;
- if (x->dmp1)
- if (buf_len < (i = (size_t)BN_num_bytes(x->dmp1)))
- buf_len = i;
- if (x->dmq1)
- if (buf_len < (i = (size_t)BN_num_bytes(x->dmq1)))
- buf_len = i;
- if (x->iqmp)
- if (buf_len < (i = (size_t)BN_num_bytes(x->iqmp)))
- buf_len = i;
-
- m = (unsigned char *)OPENSSL_malloc(buf_len + 10);
- if (m == NULL) {
- RSAerr(RSA_F_RSA_PRINT, ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- if (x->n != NULL)
- mod_len = BN_num_bits(x->n);
-
- if (x->d != NULL) {
- if (!BIO_indent(bp, off, 128))
- goto err;
- if (BIO_printf(bp, "Private-Key: (%d bit)\n", mod_len)
- <= 0)
- goto err;
- }
-
- if (x->d == NULL)
- BIO_snprintf(str, sizeof str, "Modulus (%d bit):", mod_len);
- else
- BUF_strlcpy(str, "modulus:", sizeof str);
- if (!print(bp, str, x->n, m, off))
- goto err;
- s = (x->d == NULL) ? "Exponent:" : "publicExponent:";
- if ((x->e != NULL) && !print(bp, s, x->e, m, off))
- goto err;
- if ((x->d != NULL) && !print(bp, "privateExponent:", x->d, m, off))
- goto err;
- if ((x->p != NULL) && !print(bp, "prime1:", x->p, m, off))
- goto err;
- if ((x->q != NULL) && !print(bp, "prime2:", x->q, m, off))
- goto err;
- if ((x->dmp1 != NULL) && !print(bp, "exponent1:", x->dmp1, m, off))
- goto err;
- if ((x->dmq1 != NULL) && !print(bp, "exponent2:", x->dmq1, m, off))
- goto err;
- if ((x->iqmp != NULL) && !print(bp, "coefficient:", x->iqmp, m, off))
- goto err;
- ret = 1;
- err:
- if (m != NULL)
- OPENSSL_free(m);
- return (ret);
-}
-#endif /* OPENSSL_NO_RSA */
-
-#ifndef OPENSSL_NO_DSA
-# ifndef OPENSSL_NO_FP_API
-int DSA_print_fp(FILE *fp, const DSA *x, int off)
-{
- BIO *b;
- int ret;
-
- if ((b = BIO_new(BIO_s_file())) == NULL) {
- DSAerr(DSA_F_DSA_PRINT_FP, ERR_R_BUF_LIB);
- return (0);
- }
- BIO_set_fp(b, fp, BIO_NOCLOSE);
- ret = DSA_print(b, x, off);
- BIO_free(b);
- return (ret);
-}
-# endif
-
-int DSA_print(BIO *bp, const DSA *x, int off)
-{
- unsigned char *m = NULL;
- int ret = 0;
- size_t buf_len = 0, i;
-
- if (x->p)
- buf_len = (size_t)BN_num_bytes(x->p);
- if (x->q)
- if (buf_len < (i = (size_t)BN_num_bytes(x->q)))
- buf_len = i;
- if (x->g)
- if (buf_len < (i = (size_t)BN_num_bytes(x->g)))
- buf_len = i;
- if (x->priv_key)
- if (buf_len < (i = (size_t)BN_num_bytes(x->priv_key)))
- buf_len = i;
- if (x->pub_key)
- if (buf_len < (i = (size_t)BN_num_bytes(x->pub_key)))
- buf_len = i;
-
- m = (unsigned char *)OPENSSL_malloc(buf_len + 10);
- if (m == NULL) {
- DSAerr(DSA_F_DSA_PRINT, ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- if (x->priv_key != NULL) {
- if (!BIO_indent(bp, off, 128))
- goto err;
- if (BIO_printf(bp, "Private-Key: (%d bit)\n", BN_num_bits(x->p))
- <= 0)
- goto err;
- }
-
- if ((x->priv_key != NULL) && !print(bp, "priv:", x->priv_key, m, off))
- goto err;
- if ((x->pub_key != NULL) && !print(bp, "pub: ", x->pub_key, m, off))
- goto err;
- if ((x->p != NULL) && !print(bp, "P: ", x->p, m, off))
- goto err;
- if ((x->q != NULL) && !print(bp, "Q: ", x->q, m, off))
- goto err;
- if ((x->g != NULL) && !print(bp, "G: ", x->g, m, off))
- goto err;
- ret = 1;
- err:
- if (m != NULL)
- OPENSSL_free(m);
- return (ret);
-}
-#endif /* !OPENSSL_NO_DSA */
-
-#ifndef OPENSSL_NO_EC
-# ifndef OPENSSL_NO_FP_API
-int ECPKParameters_print_fp(FILE *fp, const EC_GROUP *x, int off)
-{
- BIO *b;
- int ret;
-
- if ((b = BIO_new(BIO_s_file())) == NULL) {
- ECerr(EC_F_ECPKPARAMETERS_PRINT_FP, ERR_R_BUF_LIB);
- return (0);
- }
- BIO_set_fp(b, fp, BIO_NOCLOSE);
- ret = ECPKParameters_print(b, x, off);
- BIO_free(b);
- return (ret);
-}
-
-int EC_KEY_print_fp(FILE *fp, const EC_KEY *x, int off)
-{
- BIO *b;
- int ret;
-
- if ((b = BIO_new(BIO_s_file())) == NULL) {
- ECerr(EC_F_EC_KEY_PRINT_FP, ERR_R_BIO_LIB);
- return (0);
- }
- BIO_set_fp(b, fp, BIO_NOCLOSE);
- ret = EC_KEY_print(b, x, off);
- BIO_free(b);
- return (ret);
-}
-# endif
-
-int ECPKParameters_print(BIO *bp, const EC_GROUP *x, int off)
-{
- unsigned char *buffer = NULL;
- size_t buf_len = 0, i;
- int ret = 0, reason = ERR_R_BIO_LIB;
- BN_CTX *ctx = NULL;
- const EC_POINT *point = NULL;
- BIGNUM *p = NULL, *a = NULL, *b = NULL, *gen = NULL,
- *order = NULL, *cofactor = NULL;
- const unsigned char *seed;
- size_t seed_len = 0;
-
- static const char *gen_compressed = "Generator (compressed):";
- static const char *gen_uncompressed = "Generator (uncompressed):";
- static const char *gen_hybrid = "Generator (hybrid):";
-
- if (!x) {
- reason = ERR_R_PASSED_NULL_PARAMETER;
- goto err;
- }
-
- if (EC_GROUP_get_asn1_flag(x)) {
- /* the curve parameter are given by an asn1 OID */
- int nid;
-
- if (!BIO_indent(bp, off, 128))
- goto err;
-
- nid = EC_GROUP_get_curve_name(x);
- if (nid == 0)
- goto err;
-
- if (BIO_printf(bp, "ASN1 OID: %s", OBJ_nid2sn(nid)) <= 0)
- goto err;
- if (BIO_printf(bp, "\n") <= 0)
- goto err;
- } else {
- /* explicit parameters */
- int is_char_two = 0;
- point_conversion_form_t form;
- int tmp_nid = EC_METHOD_get_field_type(EC_GROUP_method_of(x));
-
- if (tmp_nid == NID_X9_62_characteristic_two_field)
- is_char_two = 1;
-
- if ((p = BN_new()) == NULL || (a = BN_new()) == NULL ||
- (b = BN_new()) == NULL || (order = BN_new()) == NULL ||
- (cofactor = BN_new()) == NULL) {
- reason = ERR_R_MALLOC_FAILURE;
- goto err;
- }
-
- if (is_char_two) {
- if (!EC_GROUP_get_curve_GF2m(x, p, a, b, ctx)) {
- reason = ERR_R_EC_LIB;
- goto err;
- }
- } else { /* prime field */
-
- if (!EC_GROUP_get_curve_GFp(x, p, a, b, ctx)) {
- reason = ERR_R_EC_LIB;
- goto err;
- }
- }
-
- if ((point = EC_GROUP_get0_generator(x)) == NULL) {
- reason = ERR_R_EC_LIB;
- goto err;
- }
- if (!EC_GROUP_get_order(x, order, NULL) ||
- !EC_GROUP_get_cofactor(x, cofactor, NULL)) {
- reason = ERR_R_EC_LIB;
- goto err;
- }
-
- form = EC_GROUP_get_point_conversion_form(x);
-
- if ((gen = EC_POINT_point2bn(x, point, form, NULL, ctx)) == NULL) {
- reason = ERR_R_EC_LIB;
- goto err;
- }
-
- buf_len = (size_t)BN_num_bytes(p);
- if (buf_len < (i = (size_t)BN_num_bytes(a)))
- buf_len = i;
- if (buf_len < (i = (size_t)BN_num_bytes(b)))
- buf_len = i;
- if (buf_len < (i = (size_t)BN_num_bytes(gen)))
- buf_len = i;
- if (buf_len < (i = (size_t)BN_num_bytes(order)))
- buf_len = i;
- if (buf_len < (i = (size_t)BN_num_bytes(cofactor)))
- buf_len = i;
-
- if ((seed = EC_GROUP_get0_seed(x)) != NULL)
- seed_len = EC_GROUP_get_seed_len(x);
-
- buf_len += 10;
- if ((buffer = OPENSSL_malloc(buf_len)) == NULL) {
- reason = ERR_R_MALLOC_FAILURE;
- goto err;
- }
-
- if (!BIO_indent(bp, off, 128))
- goto err;
-
- /* print the 'short name' of the field type */
- if (BIO_printf(bp, "Field Type: %s\n", OBJ_nid2sn(tmp_nid))
- <= 0)
- goto err;
-
- if (is_char_two) {
- /* print the 'short name' of the base type OID */
- int basis_type = EC_GROUP_get_basis_type(x);
- if (basis_type == 0)
- goto err;
-
- if (!BIO_indent(bp, off, 128))
- goto err;
-
- if (BIO_printf(bp, "Basis Type: %s\n",
- OBJ_nid2sn(basis_type)) <= 0)
- goto err;
-
- /* print the polynomial */
- if ((p != NULL) && !print(bp, "Polynomial:", p, buffer, off))
- goto err;
- } else {
- if ((p != NULL) && !print(bp, "Prime:", p, buffer, off))
- goto err;
- }
- if ((a != NULL) && !print(bp, "A: ", a, buffer, off))
- goto err;
- if ((b != NULL) && !print(bp, "B: ", b, buffer, off))
- goto err;
- if (form == POINT_CONVERSION_COMPRESSED) {
- if ((gen != NULL) && !print(bp, gen_compressed, gen, buffer, off))
- goto err;
- } else if (form == POINT_CONVERSION_UNCOMPRESSED) {
- if ((gen != NULL) && !print(bp, gen_uncompressed, gen,
- buffer, off))
- goto err;
- } else { /* form == POINT_CONVERSION_HYBRID */
-
- if ((gen != NULL) && !print(bp, gen_hybrid, gen, buffer, off))
- goto err;
- }
- if ((order != NULL) && !print(bp, "Order: ", order, buffer, off))
- goto err;
- if ((cofactor != NULL) && !print(bp, "Cofactor: ", cofactor,
- buffer, off))
- goto err;
- if (seed && !print_bin(bp, "Seed:", seed, seed_len, off))
- goto err;
- }
- ret = 1;
- err:
- if (!ret)
- ECerr(EC_F_ECPKPARAMETERS_PRINT, reason);
- if (p)
- BN_free(p);
- if (a)
- BN_free(a);
- if (b)
- BN_free(b);
- if (gen)
- BN_free(gen);
- if (order)
- BN_free(order);
- if (cofactor)
- BN_free(cofactor);
- if (ctx)
- BN_CTX_free(ctx);
- if (buffer != NULL)
- OPENSSL_free(buffer);
- return (ret);
-}
-
-int EC_KEY_print(BIO *bp, const EC_KEY *x, int off)
-{
- unsigned char *buffer = NULL;
- size_t buf_len = 0, i;
- int ret = 0, reason = ERR_R_BIO_LIB;
- BIGNUM *pub_key = NULL, *order = NULL;
- BN_CTX *ctx = NULL;
- const EC_GROUP *group;
- const EC_POINT *public_key;
- const BIGNUM *priv_key;
-
- if (x == NULL || (group = EC_KEY_get0_group(x)) == NULL) {
- reason = ERR_R_PASSED_NULL_PARAMETER;
- goto err;
- }
-
- public_key = EC_KEY_get0_public_key(x);
- if ((pub_key = EC_POINT_point2bn(group, public_key,
- EC_KEY_get_conv_form(x), NULL,
- ctx)) == NULL) {
- reason = ERR_R_EC_LIB;
- goto err;
- }
-
- buf_len = (size_t)BN_num_bytes(pub_key);
- priv_key = EC_KEY_get0_private_key(x);
- if (priv_key != NULL) {
- if ((i = (size_t)BN_num_bytes(priv_key)) > buf_len)
- buf_len = i;
- }
-
- buf_len += 10;
- if ((buffer = OPENSSL_malloc(buf_len)) == NULL) {
- reason = ERR_R_MALLOC_FAILURE;
- goto err;
- }
-
- if (priv_key != NULL) {
- if (!BIO_indent(bp, off, 128))
- goto err;
- if ((order = BN_new()) == NULL)
- goto err;
- if (!EC_GROUP_get_order(group, order, NULL))
- goto err;
- if (BIO_printf(bp, "Private-Key: (%d bit)\n",
- BN_num_bits(order)) <= 0)
- goto err;
- }
-
- if ((priv_key != NULL) && !print(bp, "priv:", priv_key, buffer, off))
- goto err;
- if ((pub_key != NULL) && !print(bp, "pub: ", pub_key, buffer, off))
- goto err;
- if (!ECPKParameters_print(bp, group, off))
- goto err;
- ret = 1;
- err:
- if (!ret)
- ECerr(EC_F_EC_KEY_PRINT, reason);
- if (pub_key)
- BN_free(pub_key);
- if (order)
- BN_free(order);
- if (ctx)
- BN_CTX_free(ctx);
- if (buffer != NULL)
- OPENSSL_free(buffer);
- return (ret);
-}
-#endif /* OPENSSL_NO_EC */
-
-static int print(BIO *bp, const char *number, const BIGNUM *num,
- unsigned char *buf, int off)
-{
int n, i;
const char *neg;
@@ -583,216 +111,3 @@
}
return (1);
}
-
-#ifndef OPENSSL_NO_EC
-static int print_bin(BIO *fp, const char *name, const unsigned char *buf,
- size_t len, int off)
-{
- size_t i;
- char str[128];
-
- if (buf == NULL)
- return 1;
- if (off) {
- if (off > 128)
- off = 128;
- memset(str, ' ', off);
- if (BIO_write(fp, str, off) <= 0)
- return 0;
- }
-
- if (BIO_printf(fp, "%s", name) <= 0)
- return 0;
-
- for (i = 0; i < len; i++) {
- if ((i % 15) == 0) {
- str[0] = '\n';
- memset(&(str[1]), ' ', off + 4);
- if (BIO_write(fp, str, off + 1 + 4) <= 0)
- return 0;
- }
- if (BIO_printf(fp, "%02x%s", buf[i], ((i + 1) == len) ? "" : ":") <=
- 0)
- return 0;
- }
- if (BIO_write(fp, "\n", 1) <= 0)
- return 0;
-
- return 1;
-}
-#endif
-
-#ifndef OPENSSL_NO_DH
-# ifndef OPENSSL_NO_FP_API
-int DHparams_print_fp(FILE *fp, const DH *x)
-{
- BIO *b;
- int ret;
-
- if ((b = BIO_new(BIO_s_file())) == NULL) {
- DHerr(DH_F_DHPARAMS_PRINT_FP, ERR_R_BUF_LIB);
- return (0);
- }
- BIO_set_fp(b, fp, BIO_NOCLOSE);
- ret = DHparams_print(b, x);
- BIO_free(b);
- return (ret);
-}
-# endif
-
-int DHparams_print(BIO *bp, const DH *x)
-{
- unsigned char *m = NULL;
- int reason = ERR_R_BUF_LIB, ret = 0;
- size_t buf_len = 0, i;
-
- if (x->p)
- buf_len = (size_t)BN_num_bytes(x->p);
- else {
- reason = ERR_R_PASSED_NULL_PARAMETER;
- goto err;
- }
- if (x->g)
- if (buf_len < (i = (size_t)BN_num_bytes(x->g)))
- buf_len = i;
- m = (unsigned char *)OPENSSL_malloc(buf_len + 10);
- if (m == NULL) {
- reason = ERR_R_MALLOC_FAILURE;
- goto err;
- }
-
- if (BIO_printf(bp, "Diffie-Hellman-Parameters: (%d bit)\n",
- BN_num_bits(x->p)) <= 0)
- goto err;
- if (!print(bp, "prime:", x->p, m, 4))
- goto err;
- if (!print(bp, "generator:", x->g, m, 4))
- goto err;
- if (x->length != 0) {
- if (BIO_printf(bp, " recommended-private-length: %d bits\n",
- (int)x->length) <= 0)
- goto err;
- }
- ret = 1;
- if (0) {
- err:
- DHerr(DH_F_DHPARAMS_PRINT, reason);
- }
- if (m != NULL)
- OPENSSL_free(m);
- return (ret);
-}
-#endif
-
-#ifndef OPENSSL_NO_DSA
-# ifndef OPENSSL_NO_FP_API
-int DSAparams_print_fp(FILE *fp, const DSA *x)
-{
- BIO *b;
- int ret;
-
- if ((b = BIO_new(BIO_s_file())) == NULL) {
- DSAerr(DSA_F_DSAPARAMS_PRINT_FP, ERR_R_BUF_LIB);
- return (0);
- }
- BIO_set_fp(b, fp, BIO_NOCLOSE);
- ret = DSAparams_print(b, x);
- BIO_free(b);
- return (ret);
-}
-# endif
-
-int DSAparams_print(BIO *bp, const DSA *x)
-{
- unsigned char *m = NULL;
- int ret = 0;
- size_t buf_len = 0, i;
-
- if (x->p)
- buf_len = (size_t)BN_num_bytes(x->p);
- else {
- DSAerr(DSA_F_DSAPARAMS_PRINT, DSA_R_MISSING_PARAMETERS);
- goto err;
- }
- if (x->q)
- if (buf_len < (i = (size_t)BN_num_bytes(x->q)))
- buf_len = i;
- if (x->g)
- if (buf_len < (i = (size_t)BN_num_bytes(x->g)))
- buf_len = i;
- m = (unsigned char *)OPENSSL_malloc(buf_len + 10);
- if (m == NULL) {
- DSAerr(DSA_F_DSAPARAMS_PRINT, ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- if (BIO_printf(bp, "DSA-Parameters: (%d bit)\n", BN_num_bits(x->p)) <= 0)
- goto err;
- if (!print(bp, "p:", x->p, m, 4))
- goto err;
- if ((x->q != NULL) && !print(bp, "q:", x->q, m, 4))
- goto err;
- if ((x->g != NULL) && !print(bp, "g:", x->g, m, 4))
- goto err;
- ret = 1;
- err:
- if (m != NULL)
- OPENSSL_free(m);
- return (ret);
-}
-
-#endif /* !OPENSSL_NO_DSA */
-
-#ifndef OPENSSL_NO_EC
-# ifndef OPENSSL_NO_FP_API
-int ECParameters_print_fp(FILE *fp, const EC_KEY *x)
-{
- BIO *b;
- int ret;
-
- if ((b = BIO_new(BIO_s_file())) == NULL) {
- ECerr(EC_F_ECPARAMETERS_PRINT_FP, ERR_R_BIO_LIB);
- return (0);
- }
- BIO_set_fp(b, fp, BIO_NOCLOSE);
- ret = ECParameters_print(b, x);
- BIO_free(b);
- return (ret);
-}
-# endif
-
-int ECParameters_print(BIO *bp, const EC_KEY *x)
-{
- int reason = ERR_R_EC_LIB, ret = 0;
- BIGNUM *order = NULL;
- const EC_GROUP *group;
-
- if (x == NULL || (group = EC_KEY_get0_group(x)) == NULL) {
- reason = ERR_R_PASSED_NULL_PARAMETER;;
- goto err;
- }
-
- if ((order = BN_new()) == NULL) {
- reason = ERR_R_MALLOC_FAILURE;
- goto err;
- }
-
- if (!EC_GROUP_get_order(group, order, NULL)) {
- reason = ERR_R_EC_LIB;
- goto err;
- }
-
- if (BIO_printf(bp, "ECDSA-Parameters: (%d bit)\n",
- BN_num_bits(order)) <= 0)
- goto err;
- if (!ECPKParameters_print(bp, group, 4))
- goto err;
- ret = 1;
- err:
- if (order)
- BN_free(order);
- ECerr(EC_F_ECPARAMETERS_PRINT, reason);
- return (ret);
-}
-
-#endif
Modified: trunk/crypto/openssl/crypto/asn1/t_req.c
===================================================================
--- trunk/crypto/openssl/crypto/asn1/t_req.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/asn1/t_req.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -148,29 +148,10 @@
if (pkey == NULL) {
BIO_printf(bp, "%12sUnable to load Public Key\n", "");
ERR_print_errors(bp);
- } else
-#ifndef OPENSSL_NO_RSA
- if (pkey->type == EVP_PKEY_RSA) {
- BIO_printf(bp, "%12sRSA Public Key: (%d bit)\n", "",
- BN_num_bits(pkey->pkey.rsa->n));
- RSA_print(bp, pkey->pkey.rsa, 16);
- } else
-#endif
-#ifndef OPENSSL_NO_DSA
- if (pkey->type == EVP_PKEY_DSA) {
- BIO_printf(bp, "%12sDSA Public Key:\n", "");
- DSA_print(bp, pkey->pkey.dsa, 16);
- } else
-#endif
-#ifndef OPENSSL_NO_EC
- if (pkey->type == EVP_PKEY_EC) {
- BIO_printf(bp, "%12sEC Public Key: \n", "");
- EC_KEY_print(bp, pkey->pkey.ec, 16);
- } else
-#endif
- BIO_printf(bp, "%12sUnknown Public Key:\n", "");
-
- EVP_PKEY_free(pkey);
+ } else {
+ EVP_PKEY_print_public(bp, pkey, 16, NULL);
+ EVP_PKEY_free(pkey);
+ }
}
if (!(cflag & X509_FLAG_NO_ATTRIBUTES)) {
Modified: trunk/crypto/openssl/crypto/asn1/t_spki.c
===================================================================
--- trunk/crypto/openssl/crypto/asn1/t_spki.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/asn1/t_spki.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -85,27 +85,7 @@
if (!pkey)
BIO_printf(out, " Unable to load public key\n");
else {
-#ifndef OPENSSL_NO_RSA
- if (pkey->type == EVP_PKEY_RSA) {
- BIO_printf(out, " RSA Public Key: (%d bit)\n",
- BN_num_bits(pkey->pkey.rsa->n));
- RSA_print(out, pkey->pkey.rsa, 2);
- } else
-#endif
-#ifndef OPENSSL_NO_DSA
- if (pkey->type == EVP_PKEY_DSA) {
- BIO_printf(out, " DSA Public Key:\n");
- DSA_print(out, pkey->pkey.dsa, 2);
- } else
-#endif
-#ifndef OPENSSL_NO_EC
- if (pkey->type == EVP_PKEY_EC) {
- BIO_printf(out, " EC Public Key:\n");
- EC_KEY_print(out, pkey->pkey.ec, 2);
- } else
-#endif
-
- BIO_printf(out, " Unknown Public Key:\n");
+ EVP_PKEY_print_public(out, pkey, 4, NULL);
EVP_PKEY_free(pkey);
}
chal = spki->spkac->challenge;
Modified: trunk/crypto/openssl/crypto/asn1/t_x509.c
===================================================================
--- trunk/crypto/openssl/crypto/asn1/t_x509.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/asn1/t_x509.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -72,6 +72,7 @@
#include <openssl/objects.h>
#include <openssl/x509.h>
#include <openssl/x509v3.h>
+#include "asn1_locl.h"
#ifndef OPENSSL_NO_FP_API
int X509_print_fp(FILE *fp, X509 *x)
@@ -112,7 +113,6 @@
ASN1_INTEGER *bs;
EVP_PKEY *pkey = NULL;
const char *neg;
- ASN1_STRING *str = NULL;
if ((nmflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) {
mlch = '\n';
@@ -140,9 +140,9 @@
goto err;
bs = X509_get_serialNumber(x);
- if (bs->length <= 4) {
+ if (bs->length <= (int)sizeof(long)) {
l = ASN1_INTEGER_get(bs);
- if (l < 0) {
+ if (bs->type == V_ASN1_NEG_INTEGER) {
l = -l;
neg = "-";
} else
@@ -164,6 +164,9 @@
}
if (!(cflag & X509_FLAG_NO_SIGNAME)) {
+ if (X509_signature_print(bp, ci->signature, NULL) <= 0)
+ goto err;
+#if 0
if (BIO_printf(bp, "%8sSignature Algorithm: ", "") <= 0)
goto err;
if (i2a_ASN1_OBJECT(bp, ci->signature->algorithm) <= 0)
@@ -170,6 +173,7 @@
goto err;
if (BIO_puts(bp, "\n") <= 0)
goto err;
+#endif
}
if (!(cflag & X509_FLAG_NO_ISSUER)) {
@@ -218,29 +222,10 @@
if (pkey == NULL) {
BIO_printf(bp, "%12sUnable to load Public Key\n", "");
ERR_print_errors(bp);
- } else
-#ifndef OPENSSL_NO_RSA
- if (pkey->type == EVP_PKEY_RSA) {
- BIO_printf(bp, "%12sRSA Public Key: (%d bit)\n", "",
- BN_num_bits(pkey->pkey.rsa->n));
- RSA_print(bp, pkey->pkey.rsa, 16);
- } else
-#endif
-#ifndef OPENSSL_NO_DSA
- if (pkey->type == EVP_PKEY_DSA) {
- BIO_printf(bp, "%12sDSA Public Key:\n", "");
- DSA_print(bp, pkey->pkey.dsa, 16);
- } else
-#endif
-#ifndef OPENSSL_NO_EC
- if (pkey->type == EVP_PKEY_EC) {
- BIO_printf(bp, "%12sEC Public Key:\n", "");
- EC_KEY_print(bp, pkey->pkey.ec, 16);
- } else
-#endif
- BIO_printf(bp, "%12sUnknown Public Key:\n", "");
-
- EVP_PKEY_free(pkey);
+ } else {
+ EVP_PKEY_print_public(bp, pkey, 16, NULL);
+ EVP_PKEY_free(pkey);
+ }
}
if (!(cflag & X509_FLAG_NO_EXTENSIONS))
@@ -257,8 +242,6 @@
}
ret = 1;
err:
- if (str != NULL)
- ASN1_STRING_free(str);
if (m != NULL)
OPENSSL_free(m);
return (ret);
@@ -282,7 +265,8 @@
goto err;
i2d_X509_NAME(x->cert_info->subject, &dertmp);
- EVP_Digest(der, derlen, SHA1md, NULL, EVP_sha1(), NULL);
+ if (!EVP_Digest(der, derlen, SHA1md, NULL, EVP_sha1(), NULL))
+ goto err;
for (i = 0; i < SHA_DIGEST_LENGTH; i++) {
if (BIO_printf(bp, "%02X", SHA1md[i]) <= 0)
goto err;
@@ -296,9 +280,10 @@
if (BIO_printf(bp, "\n Public key OCSP hash: ") <= 0)
goto err;
- EVP_Digest(x->cert_info->key->public_key->data,
- x->cert_info->key->public_key->length, SHA1md, NULL,
- EVP_sha1(), NULL);
+ if (!EVP_Digest(x->cert_info->key->public_key->data,
+ x->cert_info->key->public_key->length,
+ SHA1md, NULL, EVP_sha1(), NULL))
+ goto err;
for (i = 0; i < SHA_DIGEST_LENGTH; i++) {
if (BIO_printf(bp, "%02X", SHA1md[i]) <= 0)
goto err;
@@ -312,38 +297,64 @@
return (0);
}
-int X509_signature_print(BIO *bp, X509_ALGOR *sigalg, ASN1_STRING *sig)
+int X509_signature_dump(BIO *bp, const ASN1_STRING *sig, int indent)
{
- unsigned char *s;
+ const unsigned char *s;
int i, n;
- if (BIO_puts(bp, " Signature Algorithm: ") <= 0)
- return 0;
- if (i2a_ASN1_OBJECT(bp, sigalg->algorithm) <= 0)
- return 0;
n = sig->length;
s = sig->data;
for (i = 0; i < n; i++) {
- if ((i % 18) == 0)
- if (BIO_write(bp, "\n ", 9) <= 0)
+ if ((i % 18) == 0) {
+ if (BIO_write(bp, "\n", 1) <= 0)
return 0;
+ if (BIO_indent(bp, indent, indent) <= 0)
+ return 0;
+ }
if (BIO_printf(bp, "%02x%s", s[i], ((i + 1) == n) ? "" : ":") <= 0)
return 0;
}
if (BIO_write(bp, "\n", 1) != 1)
return 0;
+
return 1;
}
-int ASN1_STRING_print(BIO *bp, ASN1_STRING *v)
+int X509_signature_print(BIO *bp, X509_ALGOR *sigalg, ASN1_STRING *sig)
{
+ int sig_nid;
+ if (BIO_puts(bp, " Signature Algorithm: ") <= 0)
+ return 0;
+ if (i2a_ASN1_OBJECT(bp, sigalg->algorithm) <= 0)
+ return 0;
+
+ sig_nid = OBJ_obj2nid(sigalg->algorithm);
+ if (sig_nid != NID_undef) {
+ int pkey_nid, dig_nid;
+ const EVP_PKEY_ASN1_METHOD *ameth;
+ if (OBJ_find_sigid_algs(sig_nid, &dig_nid, &pkey_nid)) {
+ ameth = EVP_PKEY_asn1_find(NULL, pkey_nid);
+ if (ameth && ameth->sig_print)
+ return ameth->sig_print(bp, sigalg, sig, 9, 0);
+ }
+ }
+ if (sig)
+ return X509_signature_dump(bp, sig, 9);
+ else if (BIO_puts(bp, "\n") <= 0)
+ return 0;
+ return 1;
+}
+
+int ASN1_STRING_print(BIO *bp, const ASN1_STRING *v)
+{
int i, n;
- char buf[80], *p;
+ char buf[80];
+ const char *p;
if (v == NULL)
return (0);
n = 0;
- p = (char *)v->data;
+ p = (const char *)v->data;
for (i = 0; i < v->length; i++) {
if ((p[i] > '~') || ((p[i] < ' ') &&
(p[i] != '\n') && (p[i] != '\r')))
@@ -363,7 +374,7 @@
return (1);
}
-int ASN1_TIME_print(BIO *bp, ASN1_TIME *tm)
+int ASN1_TIME_print(BIO *bp, const ASN1_TIME *tm)
{
if (tm->type == V_ASN1_UTCTIME)
return ASN1_UTCTIME_print(bp, tm);
@@ -378,7 +389,7 @@
"Jul", "Aug", "Sep", "Oct", "Nov", "Dec"
};
-int ASN1_GENERALIZEDTIME_print(BIO *bp, ASN1_GENERALIZEDTIME *tm)
+int ASN1_GENERALIZEDTIME_print(BIO *bp, const ASN1_GENERALIZEDTIME *tm)
{
char *v;
int gmt = 0;
@@ -430,15 +441,15 @@
return (0);
}
-int ASN1_UTCTIME_print(BIO *bp, ASN1_UTCTIME *tm)
+int ASN1_UTCTIME_print(BIO *bp, const ASN1_UTCTIME *tm)
{
- char *v;
+ const char *v;
int gmt = 0;
int i;
int y = 0, M = 0, d = 0, h = 0, m = 0, s = 0;
i = tm->length;
- v = (char *)tm->data;
+ v = (const char *)tm->data;
if (i < 10)
goto err;
Modified: trunk/crypto/openssl/crypto/asn1/tasn_dec.c
===================================================================
--- trunk/crypto/openssl/crypto/asn1/tasn_dec.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/asn1/tasn_dec.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -124,6 +124,8 @@
/* Macro to initialize and invalidate the cache */
#define asn1_tlc_clear(c) if (c) (c)->valid = 0
+/* Version to avoid compiler warning about 'c' always non-NULL */
+#define asn1_tlc_clear_nc(c) (c)->valid = 0
/*
* Decode an ASN1 item, this currently behaves just like a standard 'd2i'
@@ -140,7 +142,7 @@
ASN1_VALUE *ptmpval = NULL;
if (!pval)
pval = &ptmpval;
- c.valid = 0;
+ asn1_tlc_clear_nc(&c);
if (ASN1_item_ex_d2i(pval, in, len, it, -1, 0, 0, &c) > 0)
return *pval;
return NULL;
@@ -151,7 +153,7 @@
const ASN1_TEMPLATE *tt)
{
ASN1_TLC c;
- c.valid = 0;
+ asn1_tlc_clear_nc(&c);
return asn1_template_ex_d2i(pval, in, len, tt, 0, &c);
}
@@ -300,7 +302,7 @@
goto err;
case ASN1_ITYPE_CHOICE:
- if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it))
+ if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL))
goto auxerr;
if (*pval) {
/* Free up and zero CHOICE value if initialised */
@@ -349,7 +351,7 @@
asn1_set_choice_selector(pval, i, it);
*in = p;
- if (asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it))
+ if (asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it, NULL))
goto auxerr;
return 1;
@@ -388,7 +390,7 @@
goto err;
}
- if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it))
+ if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL))
goto auxerr;
/* Free up and zero any ADB found */
@@ -488,7 +490,7 @@
if (!asn1_enc_save(pval, *in, p - *in, it))
goto auxerr;
*in = p;
- if (asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it))
+ if (asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it, NULL))
goto auxerr;
return 1;
@@ -629,10 +631,10 @@
/*
* We've got a valid STACK: free up any items present
*/
- STACK *sktmp = (STACK *) * val;
+ STACK_OF(ASN1_VALUE) *sktmp = (STACK_OF(ASN1_VALUE) *)*val;
ASN1_VALUE *vtmp;
- while (sk_num(sktmp) > 0) {
- vtmp = (ASN1_VALUE *)sk_pop(sktmp);
+ while (sk_ASN1_VALUE_num(sktmp) > 0) {
+ vtmp = sk_ASN1_VALUE_pop(sktmp);
ASN1_item_ex_free(&vtmp, ASN1_ITEM_ptr(tt->item));
}
}
@@ -665,7 +667,7 @@
goto err;
}
len -= p - q;
- if (!sk_push((STACK *) * val, (char *)skfield)) {
+ if (!sk_ASN1_VALUE_push((STACK_OF(ASN1_VALUE) *)*val, skfield)) {
ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_MALLOC_FAILURE);
goto err;
}
Modified: trunk/crypto/openssl/crypto/asn1/tasn_enc.c
===================================================================
--- trunk/crypto/openssl/crypto/asn1/tasn_enc.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/asn1/tasn_enc.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -153,7 +153,7 @@
return asn1_i2d_ex_primitive(pval, out, it, -1, aclass);
case ASN1_ITYPE_CHOICE:
- if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it))
+ if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it, NULL))
return 0;
i = asn1_get_choice_selector(pval, it);
if ((i >= 0) && (i < it->tcount)) {
@@ -164,7 +164,7 @@
return asn1_template_ex_i2d(pchval, out, chtt, -1, aclass);
}
/* Fixme: error condition if selector out of range */
- if (asn1_cb && !asn1_cb(ASN1_OP_I2D_POST, pval, it))
+ if (asn1_cb && !asn1_cb(ASN1_OP_I2D_POST, pval, it, NULL))
return 0;
break;
@@ -210,7 +210,7 @@
aclass = (aclass & ~ASN1_TFLG_TAG_CLASS)
| V_ASN1_UNIVERSAL;
}
- if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it))
+ if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it, NULL))
return 0;
/* First work out sequence content length */
for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) {
@@ -242,7 +242,7 @@
}
if (ndef == 2)
ASN1_put_eoc(out);
- if (asn1_cb && !asn1_cb(ASN1_OP_I2D_POST, pval, it))
+ if (asn1_cb && !asn1_cb(ASN1_OP_I2D_POST, pval, it, NULL))
return 0;
return seqlen;
@@ -545,7 +545,8 @@
ASN1_STRING *strtmp;
ASN1_OBJECT *otmp;
int utype;
- unsigned char *cont, c;
+ const unsigned char *cont;
+ unsigned char c;
int len;
const ASN1_PRIMITIVE_FUNCS *pf;
pf = it->funcs;
Modified: trunk/crypto/openssl/crypto/asn1/tasn_fre.c
===================================================================
--- trunk/crypto/openssl/crypto/asn1/tasn_fre.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/asn1/tasn_fre.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -110,7 +110,7 @@
case ASN1_ITYPE_CHOICE:
if (asn1_cb) {
- i = asn1_cb(ASN1_OP_FREE_PRE, pval, it);
+ i = asn1_cb(ASN1_OP_FREE_PRE, pval, it, NULL);
if (i == 2)
return;
}
@@ -122,7 +122,7 @@
ASN1_template_free(pchval, tt);
}
if (asn1_cb)
- asn1_cb(ASN1_OP_FREE_POST, pval, it);
+ asn1_cb(ASN1_OP_FREE_POST, pval, it, NULL);
if (!combine) {
OPENSSL_free(*pval);
*pval = NULL;
@@ -146,7 +146,7 @@
if (asn1_do_lock(pval, -1, it) > 0)
return;
if (asn1_cb) {
- i = asn1_cb(ASN1_OP_FREE_PRE, pval, it);
+ i = asn1_cb(ASN1_OP_FREE_PRE, pval, it, NULL);
if (i == 2)
return;
}
@@ -166,7 +166,7 @@
ASN1_template_free(pseqval, seqtt);
}
if (asn1_cb)
- asn1_cb(ASN1_OP_FREE_POST, pval, it);
+ asn1_cb(ASN1_OP_FREE_POST, pval, it, NULL);
if (!combine) {
OPENSSL_free(*pval);
*pval = NULL;
Modified: trunk/crypto/openssl/crypto/asn1/tasn_new.c
===================================================================
--- trunk/crypto/openssl/crypto/asn1/tasn_new.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/asn1/tasn_new.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -68,7 +68,7 @@
int combine);
static void asn1_item_clear(ASN1_VALUE **pval, const ASN1_ITEM *it);
static void asn1_template_clear(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
-void asn1_primitive_clear(ASN1_VALUE **pval, const ASN1_ITEM *it);
+static void asn1_primitive_clear(ASN1_VALUE **pval, const ASN1_ITEM *it);
ASN1_VALUE *ASN1_item_new(const ASN1_ITEM *it)
{
@@ -139,7 +139,7 @@
case ASN1_ITYPE_CHOICE:
if (asn1_cb) {
- i = asn1_cb(ASN1_OP_NEW_PRE, pval, it);
+ i = asn1_cb(ASN1_OP_NEW_PRE, pval, it, NULL);
if (!i)
goto auxerr;
if (i == 2) {
@@ -157,7 +157,7 @@
memset(*pval, 0, it->size);
}
asn1_set_choice_selector(pval, -1, it);
- if (asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it))
+ if (asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it, NULL))
goto auxerr;
break;
@@ -164,7 +164,7 @@
case ASN1_ITYPE_NDEF_SEQUENCE:
case ASN1_ITYPE_SEQUENCE:
if (asn1_cb) {
- i = asn1_cb(ASN1_OP_NEW_PRE, pval, it);
+ i = asn1_cb(ASN1_OP_NEW_PRE, pval, it, NULL);
if (!i)
goto auxerr;
if (i == 2) {
@@ -188,7 +188,7 @@
if (!ASN1_template_new(pseqval, tt))
goto memerr;
}
- if (asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it))
+ if (asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it, NULL))
goto auxerr;
break;
}
@@ -309,15 +309,19 @@
int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
{
ASN1_TYPE *typ;
+ ASN1_STRING *str;
int utype;
- if (it && it->funcs) {
+ if (!it)
+ return 0;
+
+ if (it->funcs) {
const ASN1_PRIMITIVE_FUNCS *pf = it->funcs;
if (pf->prim_new)
return pf->prim_new(pval, it);
}
- if (!it || (it->itype == ASN1_ITYPE_MSTRING))
+ if (it->itype == ASN1_ITYPE_MSTRING)
utype = -1;
else
utype = it->utype;
@@ -327,10 +331,7 @@
return 1;
case V_ASN1_BOOLEAN:
- if (it)
- *(ASN1_BOOLEAN *)pval = it->size;
- else
- *(ASN1_BOOLEAN *)pval = -1;
+ *(ASN1_BOOLEAN *)pval = it->size;
return 1;
case V_ASN1_NULL:
@@ -347,7 +348,10 @@
break;
default:
- *pval = (ASN1_VALUE *)ASN1_STRING_type_new(utype);
+ str = ASN1_STRING_type_new(utype);
+ if (it->itype == ASN1_ITYPE_MSTRING && str)
+ str->flags |= ASN1_STRING_FLAG_MSTRING;
+ *pval = (ASN1_VALUE *)str;
break;
}
if (*pval)
@@ -355,7 +359,7 @@
return 0;
}
-void asn1_primitive_clear(ASN1_VALUE **pval, const ASN1_ITEM *it)
+static void asn1_primitive_clear(ASN1_VALUE **pval, const ASN1_ITEM *it)
{
int utype;
if (it && it->funcs) {
Modified: trunk/crypto/openssl/crypto/asn1/tasn_prn.c
===================================================================
--- trunk/crypto/openssl/crypto/asn1/tasn_prn.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/asn1/tasn_prn.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -4,7 +4,7 @@
* 2000.
*/
/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 2000,2005 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -58,161 +58,528 @@
*/
#include <stddef.h>
+#include "cryptlib.h"
#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
#include <openssl/objects.h>
#include <openssl/buffer.h>
#include <openssl/err.h>
-#include <openssl/nasn.h>
+#include <openssl/x509v3.h>
+#include "asn1_locl.h"
/*
- * Print routines. Print out a whole structure from a template.
+ * Print routines.
*/
-static int asn1_item_print_nm(BIO *out, void *fld, int indent,
- const ASN1_ITEM *it, const char *name);
+/* ASN1_PCTX routines */
-int ASN1_item_print(BIO *out, void *fld, int indent, const ASN1_ITEM *it)
+ASN1_PCTX default_pctx = {
+ ASN1_PCTX_FLAGS_SHOW_ABSENT, /* flags */
+ 0, /* nm_flags */
+ 0, /* cert_flags */
+ 0, /* oid_flags */
+ 0 /* str_flags */
+};
+
+ASN1_PCTX *ASN1_PCTX_new(void)
{
- return asn1_item_print_nm(out, fld, indent, it, it->sname);
+ ASN1_PCTX *ret;
+ ret = OPENSSL_malloc(sizeof(ASN1_PCTX));
+ if (ret == NULL) {
+ ASN1err(ASN1_F_ASN1_PCTX_NEW, ERR_R_MALLOC_FAILURE);
+ return NULL;
+ }
+ ret->flags = 0;
+ ret->nm_flags = 0;
+ ret->cert_flags = 0;
+ ret->oid_flags = 0;
+ ret->str_flags = 0;
+ return ret;
}
-static int asn1_item_print_nm(BIO *out, void *fld, int indent,
- const ASN1_ITEM *it, const char *name)
+void ASN1_PCTX_free(ASN1_PCTX *p)
{
- ASN1_STRING *str;
+ OPENSSL_free(p);
+}
+
+unsigned long ASN1_PCTX_get_flags(ASN1_PCTX *p)
+{
+ return p->flags;
+}
+
+void ASN1_PCTX_set_flags(ASN1_PCTX *p, unsigned long flags)
+{
+ p->flags = flags;
+}
+
+unsigned long ASN1_PCTX_get_nm_flags(ASN1_PCTX *p)
+{
+ return p->nm_flags;
+}
+
+void ASN1_PCTX_set_nm_flags(ASN1_PCTX *p, unsigned long flags)
+{
+ p->nm_flags = flags;
+}
+
+unsigned long ASN1_PCTX_get_cert_flags(ASN1_PCTX *p)
+{
+ return p->cert_flags;
+}
+
+void ASN1_PCTX_set_cert_flags(ASN1_PCTX *p, unsigned long flags)
+{
+ p->cert_flags = flags;
+}
+
+unsigned long ASN1_PCTX_get_oid_flags(ASN1_PCTX *p)
+{
+ return p->oid_flags;
+}
+
+void ASN1_PCTX_set_oid_flags(ASN1_PCTX *p, unsigned long flags)
+{
+ p->oid_flags = flags;
+}
+
+unsigned long ASN1_PCTX_get_str_flags(ASN1_PCTX *p)
+{
+ return p->str_flags;
+}
+
+void ASN1_PCTX_set_str_flags(ASN1_PCTX *p, unsigned long flags)
+{
+ p->str_flags = flags;
+}
+
+/* Main print routines */
+
+static int asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
+ const ASN1_ITEM *it,
+ const char *fname, const char *sname,
+ int nohdr, const ASN1_PCTX *pctx);
+
+int asn1_template_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
+ const ASN1_TEMPLATE *tt, const ASN1_PCTX *pctx);
+
+static int asn1_primitive_print(BIO *out, ASN1_VALUE **fld,
+ const ASN1_ITEM *it, int indent,
+ const char *fname, const char *sname,
+ const ASN1_PCTX *pctx);
+
+static int asn1_print_fsname(BIO *out, int indent,
+ const char *fname, const char *sname,
+ const ASN1_PCTX *pctx);
+
+int ASN1_item_print(BIO *out, ASN1_VALUE *ifld, int indent,
+ const ASN1_ITEM *it, const ASN1_PCTX *pctx)
+{
+ const char *sname;
+ if (pctx == NULL)
+ pctx = &default_pctx;
+ if (pctx->flags & ASN1_PCTX_FLAGS_NO_STRUCT_NAME)
+ sname = NULL;
+ else
+ sname = it->sname;
+ return asn1_item_print_ctx(out, &ifld, indent, it, NULL, sname, 0, pctx);
+}
+
+static int asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
+ const ASN1_ITEM *it,
+ const char *fname, const char *sname,
+ int nohdr, const ASN1_PCTX *pctx)
+{
const ASN1_TEMPLATE *tt;
- void *tmpfld;
+ const ASN1_EXTERN_FUNCS *ef;
+ ASN1_VALUE **tmpfld;
+ const ASN1_AUX *aux = it->funcs;
+ ASN1_aux_cb *asn1_cb;
+ ASN1_PRINT_ARG parg;
int i;
- if (!fld) {
- BIO_printf(out, "%*s%s ABSENT\n", indent, "", name);
+ if (aux && aux->asn1_cb) {
+ parg.out = out;
+ parg.indent = indent;
+ parg.pctx = pctx;
+ asn1_cb = aux->asn1_cb;
+ } else
+ asn1_cb = 0;
+
+ if (*fld == NULL) {
+ if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_ABSENT) {
+ if (!nohdr && !asn1_print_fsname(out, indent, fname, sname, pctx))
+ return 0;
+ if (BIO_puts(out, "<ABSENT>\n") <= 0)
+ return 0;
+ }
return 1;
}
+
switch (it->itype) {
-
case ASN1_ITYPE_PRIMITIVE:
- if (it->templates)
- return ASN1_template_print(out, fld, indent, it->templates);
- return asn1_primitive_print(out, fld, it->utype, indent, name);
+ if (it->templates) {
+ if (!asn1_template_print_ctx(out, fld, indent,
+ it->templates, pctx))
+ return 0;
+ break;
+ }
+ /* fall thru */
+ case ASN1_ITYPE_MSTRING:
+ if (!asn1_primitive_print(out, fld, it, indent, fname, sname, pctx))
+ return 0;
break;
- case ASN1_ITYPE_MSTRING:
- str = fld;
- return asn1_primitive_print(out, fld, str->type, indent, name);
-
case ASN1_ITYPE_EXTERN:
- BIO_printf(out, "%*s%s:EXTERNAL TYPE %s %s\n", indent, "", name,
- it->sname, fld ? "" : "ABSENT");
- return 1;
- case ASN1_ITYPE_COMPAT:
- BIO_printf(out, "%*s%s:COMPATIBLE TYPE %s %s\n", indent, "", name,
- it->sname, fld ? "" : "ABSENT");
- return 1;
+ if (!nohdr && !asn1_print_fsname(out, indent, fname, sname, pctx))
+ return 0;
+ /* Use new style print routine if possible */
+ ef = it->funcs;
+ if (ef && ef->asn1_ex_print) {
+ i = ef->asn1_ex_print(out, fld, indent, "", pctx);
+ if (!i)
+ return 0;
+ if ((i == 2) && (BIO_puts(out, "\n") <= 0))
+ return 0;
+ return 1;
+ } else if (sname &&
+ BIO_printf(out, ":EXTERNAL TYPE %s\n", sname) <= 0)
+ return 0;
+ break;
case ASN1_ITYPE_CHOICE:
+#if 0
+ if (!nohdr && !asn1_print_fsname(out, indent, fname, sname, pctx))
+ return 0;
+#endif
/* CHOICE type, get selector */
i = asn1_get_choice_selector(fld, it);
/* This should never happen... */
if ((i < 0) || (i >= it->tcount)) {
- BIO_printf(out, "%s selector [%d] out of range\n", it->sname, i);
+ if (BIO_printf(out, "ERROR: selector [%d] invalid\n", i) <= 0)
+ return 0;
return 1;
}
tt = it->templates + i;
- tmpfld = asn1_get_field(fld, tt);
- return ASN1_template_print(out, tmpfld, indent, tt);
+ tmpfld = asn1_get_field_ptr(fld, tt);
+ if (!asn1_template_print_ctx(out, tmpfld, indent, tt, pctx))
+ return 0;
+ break;
case ASN1_ITYPE_SEQUENCE:
- BIO_printf(out, "%*s%s {\n", indent, "", name);
- /* Get each field entry */
+ case ASN1_ITYPE_NDEF_SEQUENCE:
+ if (!nohdr && !asn1_print_fsname(out, indent, fname, sname, pctx))
+ return 0;
+ if (fname || sname) {
+ if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_SEQUENCE) {
+ if (BIO_puts(out, " {\n") <= 0)
+ return 0;
+ } else {
+ if (BIO_puts(out, "\n") <= 0)
+ return 0;
+ }
+ }
+
+ if (asn1_cb) {
+ i = asn1_cb(ASN1_OP_PRINT_PRE, fld, it, &parg);
+ if (i == 0)
+ return 0;
+ if (i == 2)
+ return 1;
+ }
+
+ /* Print each field entry */
for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) {
- tmpfld = asn1_get_field(fld, tt);
- ASN1_template_print(out, tmpfld, indent + 2, tt);
+ const ASN1_TEMPLATE *seqtt;
+ seqtt = asn1_do_adb(fld, tt, 1);
+ if (!seqtt)
+ return 0;
+ tmpfld = asn1_get_field_ptr(fld, seqtt);
+ if (!asn1_template_print_ctx(out, tmpfld,
+ indent + 2, seqtt, pctx))
+ return 0;
}
- BIO_printf(out, "%*s}\n", indent, "");
- return 1;
+ if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_SEQUENCE) {
+ if (BIO_printf(out, "%*s}\n", indent, "") < 0)
+ return 0;
+ }
+ if (asn1_cb) {
+ i = asn1_cb(ASN1_OP_PRINT_POST, fld, it, &parg);
+ if (i == 0)
+ return 0;
+ }
+ break;
+
default:
+ BIO_printf(out, "Unprocessed type %d\n", it->itype);
return 0;
}
+
+ return 1;
}
-int ASN1_template_print(BIO *out, void *fld, int indent,
- const ASN1_TEMPLATE *tt)
+int asn1_template_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
+ const ASN1_TEMPLATE *tt, const ASN1_PCTX *pctx)
{
int i, flags;
-#if 0
- if (!fld)
- return 0;
-#endif
+ const char *sname, *fname;
flags = tt->flags;
+ if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_FIELD_STRUCT_NAME)
+ sname = ASN1_ITEM_ptr(tt->item)->sname;
+ else
+ sname = NULL;
+ if (pctx->flags & ASN1_PCTX_FLAGS_NO_FIELD_NAME)
+ fname = NULL;
+ else
+ fname = tt->field_name;
if (flags & ASN1_TFLG_SK_MASK) {
char *tname;
- void *skitem;
+ ASN1_VALUE *skitem;
+ STACK_OF(ASN1_VALUE) *stack;
+
/* SET OF, SEQUENCE OF */
- if (flags & ASN1_TFLG_SET_OF)
- tname = "SET";
- else
- tname = "SEQUENCE";
- if (fld) {
- BIO_printf(out, "%*s%s OF %s {\n", indent, "", tname,
- tt->field_name);
- for (i = 0; i < sk_num(fld); i++) {
- skitem = sk_value(fld, i);
- asn1_item_print_nm(out, skitem, indent + 2, tt->item, "");
- }
- BIO_printf(out, "%*s}\n", indent, "");
- } else
- BIO_printf(out, "%*s%s OF %s ABSENT\n", indent, "", tname,
- tt->field_name);
+ if (fname) {
+ if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_SSOF) {
+ if (flags & ASN1_TFLG_SET_OF)
+ tname = "SET";
+ else
+ tname = "SEQUENCE";
+ if (BIO_printf(out, "%*s%s OF %s {\n",
+ indent, "", tname, tt->field_name) <= 0)
+ return 0;
+ } else if (BIO_printf(out, "%*s%s:\n", indent, "", fname) <= 0)
+ return 0;
+ }
+ stack = (STACK_OF(ASN1_VALUE) *)*fld;
+ for (i = 0; i < sk_ASN1_VALUE_num(stack); i++) {
+ if ((i > 0) && (BIO_puts(out, "\n") <= 0))
+ return 0;
+
+ skitem = sk_ASN1_VALUE_value(stack, i);
+ if (!asn1_item_print_ctx(out, &skitem, indent + 2,
+ ASN1_ITEM_ptr(tt->item), NULL, NULL, 1,
+ pctx))
+ return 0;
+ }
+ if (!i && BIO_printf(out, "%*s<EMPTY>\n", indent + 2, "") <= 0)
+ return 0;
+ if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_SEQUENCE) {
+ if (BIO_printf(out, "%*s}\n", indent, "") <= 0)
+ return 0;
+ }
return 1;
}
- return asn1_item_print_nm(out, fld, indent, tt->item, tt->field_name);
+ return asn1_item_print_ctx(out, fld, indent, ASN1_ITEM_ptr(tt->item),
+ fname, sname, 0, pctx);
}
-static int asn1_primitive_print(BIO *out, void *fld, long utype, int indent,
- const char *name)
+static int asn1_print_fsname(BIO *out, int indent,
+ const char *fname, const char *sname,
+ const ASN1_PCTX *pctx)
{
- ASN1_STRING *str = fld;
- if (fld) {
- if (utype == V_ASN1_BOOLEAN) {
- int *bool = fld;
- if (*bool == -1)
- printf("BOOL MISSING\n");
- BIO_printf(out, "%*s%s:%s", indent, "", "BOOLEAN",
- *bool ? "TRUE" : "FALSE");
- } else if ((utype == V_ASN1_INTEGER)
- || (utype == V_ASN1_ENUMERATED)) {
- char *s, *nm;
- s = i2s_ASN1_INTEGER(NULL, fld);
- if (utype == V_ASN1_INTEGER)
- nm = "INTEGER";
- else
- nm = "ENUMERATED";
- BIO_printf(out, "%*s%s:%s", indent, "", nm, s);
- OPENSSL_free(s);
- } else if (utype == V_ASN1_NULL) {
- BIO_printf(out, "%*s%s", indent, "", "NULL");
- } else if (utype == V_ASN1_UTCTIME) {
- BIO_printf(out, "%*s%s:%s:", indent, "", name, "UTCTIME");
- ASN1_UTCTIME_print(out, str);
- } else if (utype == V_ASN1_GENERALIZEDTIME) {
- BIO_printf(out, "%*s%s:%s:", indent, "", name, "GENERALIZEDTIME");
- ASN1_GENERALIZEDTIME_print(out, str);
- } else if (utype == V_ASN1_OBJECT) {
- char objbuf[80], *ln;
- ln = OBJ_nid2ln(OBJ_obj2nid(fld));
- if (!ln)
- ln = "";
- OBJ_obj2txt(objbuf, sizeof objbuf, fld, 1);
- BIO_printf(out, "%*s%s:%s (%s)", indent, "", "OBJECT", ln,
- objbuf);
+ static char spaces[] = " ";
+ const int nspaces = sizeof(spaces) - 1;
+
+#if 0
+ if (!sname && !fname)
+ return 1;
+#endif
+
+ while (indent > nspaces) {
+ if (BIO_write(out, spaces, nspaces) != nspaces)
+ return 0;
+ indent -= nspaces;
+ }
+ if (BIO_write(out, spaces, indent) != indent)
+ return 0;
+ if (pctx->flags & ASN1_PCTX_FLAGS_NO_STRUCT_NAME)
+ sname = NULL;
+ if (pctx->flags & ASN1_PCTX_FLAGS_NO_FIELD_NAME)
+ fname = NULL;
+ if (!sname && !fname)
+ return 1;
+ if (fname) {
+ if (BIO_puts(out, fname) <= 0)
+ return 0;
+ }
+ if (sname) {
+ if (fname) {
+ if (BIO_printf(out, " (%s)", sname) <= 0)
+ return 0;
} else {
- BIO_printf(out, "%*s%s:", indent, "", name);
- ASN1_STRING_print_ex(out, str,
- ASN1_STRFLGS_DUMP_UNKNOWN |
- ASN1_STRFLGS_SHOW_TYPE);
+ if (BIO_puts(out, sname) <= 0)
+ return 0;
}
- BIO_printf(out, "\n");
- } else
- BIO_printf(out, "%*s%s [ABSENT]\n", indent, "", name);
+ }
+ if (BIO_write(out, ": ", 2) != 2)
+ return 0;
return 1;
}
+
+static int asn1_print_boolean_ctx(BIO *out, int boolval,
+ const ASN1_PCTX *pctx)
+{
+ const char *str;
+ switch (boolval) {
+ case -1:
+ str = "BOOL ABSENT";
+ break;
+
+ case 0:
+ str = "FALSE";
+ break;
+
+ default:
+ str = "TRUE";
+ break;
+
+ }
+
+ if (BIO_puts(out, str) <= 0)
+ return 0;
+ return 1;
+
+}
+
+static int asn1_print_integer_ctx(BIO *out, ASN1_INTEGER *str,
+ const ASN1_PCTX *pctx)
+{
+ char *s;
+ int ret = 1;
+ s = i2s_ASN1_INTEGER(NULL, str);
+ if (BIO_puts(out, s) <= 0)
+ ret = 0;
+ OPENSSL_free(s);
+ return ret;
+}
+
+static int asn1_print_oid_ctx(BIO *out, const ASN1_OBJECT *oid,
+ const ASN1_PCTX *pctx)
+{
+ char objbuf[80];
+ const char *ln;
+ ln = OBJ_nid2ln(OBJ_obj2nid(oid));
+ if (!ln)
+ ln = "";
+ OBJ_obj2txt(objbuf, sizeof objbuf, oid, 1);
+ if (BIO_printf(out, "%s (%s)", ln, objbuf) <= 0)
+ return 0;
+ return 1;
+}
+
+static int asn1_print_obstring_ctx(BIO *out, ASN1_STRING *str, int indent,
+ const ASN1_PCTX *pctx)
+{
+ if (str->type == V_ASN1_BIT_STRING) {
+ if (BIO_printf(out, " (%ld unused bits)\n", str->flags & 0x7) <= 0)
+ return 0;
+ } else if (BIO_puts(out, "\n") <= 0)
+ return 0;
+ if ((str->length > 0)
+ && BIO_dump_indent(out, (char *)str->data, str->length,
+ indent + 2) <= 0)
+ return 0;
+ return 1;
+}
+
+static int asn1_primitive_print(BIO *out, ASN1_VALUE **fld,
+ const ASN1_ITEM *it, int indent,
+ const char *fname, const char *sname,
+ const ASN1_PCTX *pctx)
+{
+ long utype;
+ ASN1_STRING *str;
+ int ret = 1, needlf = 1;
+ const char *pname;
+ const ASN1_PRIMITIVE_FUNCS *pf;
+ pf = it->funcs;
+ if (!asn1_print_fsname(out, indent, fname, sname, pctx))
+ return 0;
+ if (pf && pf->prim_print)
+ return pf->prim_print(out, fld, it, indent, pctx);
+ str = (ASN1_STRING *)*fld;
+ if (it->itype == ASN1_ITYPE_MSTRING)
+ utype = str->type & ~V_ASN1_NEG;
+ else
+ utype = it->utype;
+ if (utype == V_ASN1_ANY) {
+ ASN1_TYPE *atype = (ASN1_TYPE *)*fld;
+ utype = atype->type;
+ fld = &atype->value.asn1_value;
+ str = (ASN1_STRING *)*fld;
+ if (pctx->flags & ASN1_PCTX_FLAGS_NO_ANY_TYPE)
+ pname = NULL;
+ else
+ pname = ASN1_tag2str(utype);
+ } else {
+ if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_TYPE)
+ pname = ASN1_tag2str(utype);
+ else
+ pname = NULL;
+ }
+
+ if (utype == V_ASN1_NULL) {
+ if (BIO_puts(out, "NULL\n") <= 0)
+ return 0;
+ return 1;
+ }
+
+ if (pname) {
+ if (BIO_puts(out, pname) <= 0)
+ return 0;
+ if (BIO_puts(out, ":") <= 0)
+ return 0;
+ }
+
+ switch (utype) {
+ case V_ASN1_BOOLEAN:
+ {
+ int boolval = *(int *)fld;
+ if (boolval == -1)
+ boolval = it->size;
+ ret = asn1_print_boolean_ctx(out, boolval, pctx);
+ }
+ break;
+
+ case V_ASN1_INTEGER:
+ case V_ASN1_ENUMERATED:
+ ret = asn1_print_integer_ctx(out, str, pctx);
+ break;
+
+ case V_ASN1_UTCTIME:
+ ret = ASN1_UTCTIME_print(out, str);
+ break;
+
+ case V_ASN1_GENERALIZEDTIME:
+ ret = ASN1_GENERALIZEDTIME_print(out, str);
+ break;
+
+ case V_ASN1_OBJECT:
+ ret = asn1_print_oid_ctx(out, (const ASN1_OBJECT *)*fld, pctx);
+ break;
+
+ case V_ASN1_OCTET_STRING:
+ case V_ASN1_BIT_STRING:
+ ret = asn1_print_obstring_ctx(out, str, indent, pctx);
+ needlf = 0;
+ break;
+
+ case V_ASN1_SEQUENCE:
+ case V_ASN1_SET:
+ case V_ASN1_OTHER:
+ if (BIO_puts(out, "\n") <= 0)
+ return 0;
+ if (ASN1_parse_dump(out, str->data, str->length, indent, 0) <= 0)
+ ret = 0;
+ needlf = 0;
+ break;
+
+ default:
+ ret = ASN1_STRING_print_ex(out, str, pctx->str_flags);
+
+ }
+ if (!ret)
+ return 0;
+ if (needlf && BIO_puts(out, "\n") <= 0)
+ return 0;
+ return 1;
+}
Modified: trunk/crypto/openssl/crypto/asn1/tasn_typ.c
===================================================================
--- trunk/crypto/openssl/crypto/asn1/tasn_typ.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/asn1/tasn_typ.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -136,3 +136,14 @@
/* Special, OCTET STRING with indefinite length constructed support */
IMPLEMENT_ASN1_TYPE_ex(ASN1_OCTET_STRING_NDEF, ASN1_OCTET_STRING, ASN1_TFLG_NDEF)
+
+ASN1_ITEM_TEMPLATE(ASN1_SEQUENCE_ANY) =
+ ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, ASN1_SEQUENCE_ANY, ASN1_ANY)
+ASN1_ITEM_TEMPLATE_END(ASN1_SEQUENCE_ANY)
+
+ASN1_ITEM_TEMPLATE(ASN1_SET_ANY) =
+ ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SET_OF, 0, ASN1_SET_ANY, ASN1_ANY)
+ASN1_ITEM_TEMPLATE_END(ASN1_SET_ANY)
+
+IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(ASN1_SEQUENCE_ANY, ASN1_SEQUENCE_ANY, ASN1_SEQUENCE_ANY)
+IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(ASN1_SEQUENCE_ANY, ASN1_SET_ANY, ASN1_SET_ANY)
Modified: trunk/crypto/openssl/crypto/asn1/x_algor.c
===================================================================
--- trunk/crypto/openssl/crypto/asn1/x_algor.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/asn1/x_algor.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -121,6 +121,21 @@
}
}
+/* Set up an X509_ALGOR DigestAlgorithmIdentifier from an EVP_MD */
+
+void X509_ALGOR_set_md(X509_ALGOR *alg, const EVP_MD *md)
+{
+ int param_type;
+
+ if (md->flags & EVP_MD_FLAG_DIGALGID_ABSENT)
+ param_type = V_ASN1_UNDEF;
+ else
+ param_type = V_ASN1_NULL;
+
+ X509_ALGOR_set0(alg, OBJ_nid2obj(EVP_MD_type(md)), param_type, NULL);
+
+}
+
int X509_ALGOR_cmp(const X509_ALGOR *a, const X509_ALGOR *b)
{
int rv;
Modified: trunk/crypto/openssl/crypto/asn1/x_crl.c
===================================================================
--- trunk/crypto/openssl/crypto/asn1/x_crl.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/asn1/x_crl.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -58,11 +58,14 @@
#include <stdio.h>
#include "cryptlib.h"
+#include "asn1_locl.h"
#include <openssl/asn1t.h>
#include <openssl/x509.h>
+#include <openssl/x509v3.h>
static int X509_REVOKED_cmp(const X509_REVOKED *const *a,
const X509_REVOKED *const *b);
+static void setup_idp(X509_CRL *crl, ISSUING_DIST_POINT *idp);
ASN1_SEQUENCE(X509_REVOKED) = {
ASN1_SIMPLE(X509_REVOKED,serialNumber, ASN1_INTEGER),
@@ -70,12 +73,27 @@
ASN1_SEQUENCE_OF_OPT(X509_REVOKED,extensions, X509_EXTENSION)
} ASN1_SEQUENCE_END(X509_REVOKED)
+static int def_crl_verify(X509_CRL *crl, EVP_PKEY *r);
+static int def_crl_lookup(X509_CRL *crl,
+ X509_REVOKED **ret, ASN1_INTEGER *serial,
+ X509_NAME *issuer);
+
+static X509_CRL_METHOD int_crl_meth = {
+ 0,
+ 0, 0,
+ def_crl_lookup,
+ def_crl_verify
+};
+
+static const X509_CRL_METHOD *default_crl_method = &int_crl_meth;
+
/*
* The X509_CRL_INFO structure needs a bit of customisation. Since we cache
* the original encoding the signature wont be affected by reordering of the
* revoked field.
*/
-static int crl_inf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
+static int crl_inf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+ void *exarg)
{
X509_CRL_INFO *a = (X509_CRL_INFO *)*pval;
@@ -104,7 +122,218 @@
ASN1_EXP_SEQUENCE_OF_OPT(X509_CRL_INFO, extensions, X509_EXTENSION, 0)
} ASN1_SEQUENCE_END_enc(X509_CRL_INFO, X509_CRL_INFO)
-ASN1_SEQUENCE_ref(X509_CRL, 0, CRYPTO_LOCK_X509_CRL) = {
+/*
+ * Set CRL entry issuer according to CRL certificate issuer extension. Check
+ * for unhandled critical CRL entry extensions.
+ */
+
+static int crl_set_issuers(X509_CRL *crl)
+{
+
+ int i, j;
+ GENERAL_NAMES *gens, *gtmp;
+ STACK_OF(X509_REVOKED) *revoked;
+
+ revoked = X509_CRL_get_REVOKED(crl);
+
+ gens = NULL;
+ for (i = 0; i < sk_X509_REVOKED_num(revoked); i++) {
+ X509_REVOKED *rev = sk_X509_REVOKED_value(revoked, i);
+ STACK_OF(X509_EXTENSION) *exts;
+ ASN1_ENUMERATED *reason;
+ X509_EXTENSION *ext;
+ gtmp = X509_REVOKED_get_ext_d2i(rev,
+ NID_certificate_issuer, &j, NULL);
+ if (!gtmp && (j != -1)) {
+ crl->flags |= EXFLAG_INVALID;
+ return 1;
+ }
+
+ if (gtmp) {
+ gens = gtmp;
+ if (!crl->issuers) {
+ crl->issuers = sk_GENERAL_NAMES_new_null();
+ if (!crl->issuers)
+ return 0;
+ }
+ if (!sk_GENERAL_NAMES_push(crl->issuers, gtmp))
+ return 0;
+ }
+ rev->issuer = gens;
+
+ reason = X509_REVOKED_get_ext_d2i(rev, NID_crl_reason, &j, NULL);
+ if (!reason && (j != -1)) {
+ crl->flags |= EXFLAG_INVALID;
+ return 1;
+ }
+
+ if (reason) {
+ rev->reason = ASN1_ENUMERATED_get(reason);
+ ASN1_ENUMERATED_free(reason);
+ } else
+ rev->reason = CRL_REASON_NONE;
+
+ /* Check for critical CRL entry extensions */
+
+ exts = rev->extensions;
+
+ for (j = 0; j < sk_X509_EXTENSION_num(exts); j++) {
+ ext = sk_X509_EXTENSION_value(exts, j);
+ if (ext->critical > 0) {
+ if (OBJ_obj2nid(ext->object) == NID_certificate_issuer)
+ continue;
+ crl->flags |= EXFLAG_CRITICAL;
+ break;
+ }
+ }
+
+ }
+
+ return 1;
+
+}
+
+/*
+ * The X509_CRL structure needs a bit of customisation. Cache some extensions
+ * and hash of the whole CRL.
+ */
+static int crl_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+ void *exarg)
+{
+ X509_CRL *crl = (X509_CRL *)*pval;
+ STACK_OF(X509_EXTENSION) *exts;
+ X509_EXTENSION *ext;
+ int idx;
+
+ switch (operation) {
+ case ASN1_OP_NEW_POST:
+ crl->idp = NULL;
+ crl->akid = NULL;
+ crl->flags = 0;
+ crl->idp_flags = 0;
+ crl->idp_reasons = CRLDP_ALL_REASONS;
+ crl->meth = default_crl_method;
+ crl->meth_data = NULL;
+ crl->issuers = NULL;
+ crl->crl_number = NULL;
+ crl->base_crl_number = NULL;
+ break;
+
+ case ASN1_OP_D2I_POST:
+#ifndef OPENSSL_NO_SHA
+ X509_CRL_digest(crl, EVP_sha1(), crl->sha1_hash, NULL);
+#endif
+ crl->idp = X509_CRL_get_ext_d2i(crl,
+ NID_issuing_distribution_point, NULL,
+ NULL);
+ if (crl->idp)
+ setup_idp(crl, crl->idp);
+
+ crl->akid = X509_CRL_get_ext_d2i(crl,
+ NID_authority_key_identifier, NULL,
+ NULL);
+
+ crl->crl_number = X509_CRL_get_ext_d2i(crl,
+ NID_crl_number, NULL, NULL);
+
+ crl->base_crl_number = X509_CRL_get_ext_d2i(crl,
+ NID_delta_crl, NULL,
+ NULL);
+ /* Delta CRLs must have CRL number */
+ if (crl->base_crl_number && !crl->crl_number)
+ crl->flags |= EXFLAG_INVALID;
+
+ /*
+ * See if we have any unhandled critical CRL extensions and indicate
+ * this in a flag. We only currently handle IDP so anything else
+ * critical sets the flag. This code accesses the X509_CRL structure
+ * directly: applications shouldn't do this.
+ */
+
+ exts = crl->crl->extensions;
+
+ for (idx = 0; idx < sk_X509_EXTENSION_num(exts); idx++) {
+ int nid;
+ ext = sk_X509_EXTENSION_value(exts, idx);
+ nid = OBJ_obj2nid(ext->object);
+ if (nid == NID_freshest_crl)
+ crl->flags |= EXFLAG_FRESHEST;
+ if (ext->critical > 0) {
+ /* We handle IDP and deltas */
+ if ((nid == NID_issuing_distribution_point)
+ || (nid == NID_authority_key_identifier)
+ || (nid == NID_delta_crl))
+ break;;
+ crl->flags |= EXFLAG_CRITICAL;
+ break;
+ }
+ }
+
+ if (!crl_set_issuers(crl))
+ return 0;
+
+ if (crl->meth->crl_init) {
+ if (crl->meth->crl_init(crl) == 0)
+ return 0;
+ }
+ break;
+
+ case ASN1_OP_FREE_POST:
+ if (crl->meth->crl_free) {
+ if (!crl->meth->crl_free(crl))
+ return 0;
+ }
+ if (crl->akid)
+ AUTHORITY_KEYID_free(crl->akid);
+ if (crl->idp)
+ ISSUING_DIST_POINT_free(crl->idp);
+ ASN1_INTEGER_free(crl->crl_number);
+ ASN1_INTEGER_free(crl->base_crl_number);
+ sk_GENERAL_NAMES_pop_free(crl->issuers, GENERAL_NAMES_free);
+ break;
+ }
+ return 1;
+}
+
+/* Convert IDP into a more convenient form */
+
+static void setup_idp(X509_CRL *crl, ISSUING_DIST_POINT *idp)
+{
+ int idp_only = 0;
+ /* Set various flags according to IDP */
+ crl->idp_flags |= IDP_PRESENT;
+ if (idp->onlyuser > 0) {
+ idp_only++;
+ crl->idp_flags |= IDP_ONLYUSER;
+ }
+ if (idp->onlyCA > 0) {
+ idp_only++;
+ crl->idp_flags |= IDP_ONLYCA;
+ }
+ if (idp->onlyattr > 0) {
+ idp_only++;
+ crl->idp_flags |= IDP_ONLYATTR;
+ }
+
+ if (idp_only > 1)
+ crl->idp_flags |= IDP_INVALID;
+
+ if (idp->indirectCRL > 0)
+ crl->idp_flags |= IDP_INDIRECT;
+
+ if (idp->onlysomereasons) {
+ crl->idp_flags |= IDP_REASONS;
+ if (idp->onlysomereasons->length > 0)
+ crl->idp_reasons = idp->onlysomereasons->data[0];
+ if (idp->onlysomereasons->length > 1)
+ crl->idp_reasons |= (idp->onlysomereasons->data[1] << 8);
+ crl->idp_reasons &= CRLDP_ALL_REASONS;
+ }
+
+ DIST_POINT_set_dpname(idp->distpoint, X509_CRL_get_issuer(crl));
+}
+
+ASN1_SEQUENCE_ref(X509_CRL, crl_cb, CRYPTO_LOCK_X509_CRL) = {
ASN1_SIMPLE(X509_CRL, crl, X509_CRL_INFO),
ASN1_SIMPLE(X509_CRL, sig_alg, X509_ALGOR),
ASN1_SIMPLE(X509_CRL, signature, ASN1_BIT_STRING)
@@ -139,6 +368,144 @@
return 1;
}
+int X509_CRL_verify(X509_CRL *crl, EVP_PKEY *r)
+{
+ if (crl->meth->crl_verify)
+ return crl->meth->crl_verify(crl, r);
+ return 0;
+}
+
+int X509_CRL_get0_by_serial(X509_CRL *crl,
+ X509_REVOKED **ret, ASN1_INTEGER *serial)
+{
+ if (crl->meth->crl_lookup)
+ return crl->meth->crl_lookup(crl, ret, serial, NULL);
+ return 0;
+}
+
+int X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret, X509 *x)
+{
+ if (crl->meth->crl_lookup)
+ return crl->meth->crl_lookup(crl, ret,
+ X509_get_serialNumber(x),
+ X509_get_issuer_name(x));
+ return 0;
+}
+
+static int def_crl_verify(X509_CRL *crl, EVP_PKEY *r)
+{
+ return (ASN1_item_verify(ASN1_ITEM_rptr(X509_CRL_INFO),
+ crl->sig_alg, crl->signature, crl->crl, r));
+}
+
+static int crl_revoked_issuer_match(X509_CRL *crl, X509_NAME *nm,
+ X509_REVOKED *rev)
+{
+ int i;
+
+ if (!rev->issuer) {
+ if (!nm)
+ return 1;
+ if (!X509_NAME_cmp(nm, X509_CRL_get_issuer(crl)))
+ return 1;
+ return 0;
+ }
+
+ if (!nm)
+ nm = X509_CRL_get_issuer(crl);
+
+ for (i = 0; i < sk_GENERAL_NAME_num(rev->issuer); i++) {
+ GENERAL_NAME *gen = sk_GENERAL_NAME_value(rev->issuer, i);
+ if (gen->type != GEN_DIRNAME)
+ continue;
+ if (!X509_NAME_cmp(nm, gen->d.directoryName))
+ return 1;
+ }
+ return 0;
+
+}
+
+static int def_crl_lookup(X509_CRL *crl,
+ X509_REVOKED **ret, ASN1_INTEGER *serial,
+ X509_NAME *issuer)
+{
+ X509_REVOKED rtmp, *rev;
+ int idx;
+ rtmp.serialNumber = serial;
+ /*
+ * Sort revoked into serial number order if not already sorted. Do this
+ * under a lock to avoid race condition.
+ */
+ if (!sk_X509_REVOKED_is_sorted(crl->crl->revoked)) {
+ CRYPTO_w_lock(CRYPTO_LOCK_X509_CRL);
+ sk_X509_REVOKED_sort(crl->crl->revoked);
+ CRYPTO_w_unlock(CRYPTO_LOCK_X509_CRL);
+ }
+ idx = sk_X509_REVOKED_find(crl->crl->revoked, &rtmp);
+ if (idx < 0)
+ return 0;
+ /* Need to look for matching name */
+ for (; idx < sk_X509_REVOKED_num(crl->crl->revoked); idx++) {
+ rev = sk_X509_REVOKED_value(crl->crl->revoked, idx);
+ if (ASN1_INTEGER_cmp(rev->serialNumber, serial))
+ return 0;
+ if (crl_revoked_issuer_match(crl, issuer, rev)) {
+ if (ret)
+ *ret = rev;
+ if (rev->reason == CRL_REASON_REMOVE_FROM_CRL)
+ return 2;
+ return 1;
+ }
+ }
+ return 0;
+}
+
+void X509_CRL_set_default_method(const X509_CRL_METHOD *meth)
+{
+ if (meth == NULL)
+ default_crl_method = &int_crl_meth;
+ else
+ default_crl_method = meth;
+}
+
+X509_CRL_METHOD *X509_CRL_METHOD_new(int (*crl_init) (X509_CRL *crl),
+ int (*crl_free) (X509_CRL *crl),
+ int (*crl_lookup) (X509_CRL *crl,
+ X509_REVOKED **ret,
+ ASN1_INTEGER *ser,
+ X509_NAME *issuer),
+ int (*crl_verify) (X509_CRL *crl,
+ EVP_PKEY *pk))
+{
+ X509_CRL_METHOD *m;
+ m = OPENSSL_malloc(sizeof(X509_CRL_METHOD));
+ if (!m)
+ return NULL;
+ m->crl_init = crl_init;
+ m->crl_free = crl_free;
+ m->crl_lookup = crl_lookup;
+ m->crl_verify = crl_verify;
+ m->flags = X509_CRL_METHOD_DYNAMIC;
+ return m;
+}
+
+void X509_CRL_METHOD_free(X509_CRL_METHOD *m)
+{
+ if (!(m->flags & X509_CRL_METHOD_DYNAMIC))
+ return;
+ OPENSSL_free(m);
+}
+
+void X509_CRL_set_meth_data(X509_CRL *crl, void *dat)
+{
+ crl->meth_data = dat;
+}
+
+void *X509_CRL_get_meth_data(X509_CRL *crl)
+{
+ return crl->meth_data;
+}
+
IMPLEMENT_STACK_OF(X509_REVOKED)
IMPLEMENT_ASN1_SET_OF(X509_REVOKED)
Modified: trunk/crypto/openssl/crypto/asn1/x_long.c
===================================================================
--- trunk/crypto/openssl/crypto/asn1/x_long.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/asn1/x_long.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -74,6 +74,8 @@
const ASN1_ITEM *it);
static int long_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
int utype, char *free_cont, const ASN1_ITEM *it);
+static int long_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it,
+ int indent, const ASN1_PCTX *pctx);
static ASN1_PRIMITIVE_FUNCS long_pf = {
NULL, 0,
@@ -81,7 +83,8 @@
long_free,
long_free, /* Clear should set to initial value */
long_c2i,
- long_i2c
+ long_i2c,
+ long_print
};
ASN1_ITEM_start(LONG)
@@ -185,3 +188,9 @@
memcpy(cp, <mp, sizeof(long));
return 1;
}
+
+static int long_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it,
+ int indent, const ASN1_PCTX *pctx)
+{
+ return BIO_printf(out, "%ld\n", *(long *)pval);
+}
Modified: trunk/crypto/openssl/crypto/asn1/x_name.c
===================================================================
--- trunk/crypto/openssl/crypto/asn1/x_name.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/asn1/x_name.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -57,14 +57,20 @@
*/
#include <stdio.h>
+#include <ctype.h>
#include "cryptlib.h"
#include <openssl/asn1t.h>
#include <openssl/x509.h>
+#include "asn1_locl.h"
-static int x509_name_ex_d2i(ASN1_VALUE **val, const unsigned char **in,
- long len, const ASN1_ITEM *it, int tag,
- int aclass, char opt, ASN1_TLC *ctx);
+typedef STACK_OF(X509_NAME_ENTRY) STACK_OF_X509_NAME_ENTRY;
+DECLARE_STACK_OF(STACK_OF_X509_NAME_ENTRY)
+static int x509_name_ex_d2i(ASN1_VALUE **val,
+ const unsigned char **in, long len,
+ const ASN1_ITEM *it,
+ int tag, int aclass, char opt, ASN1_TLC *ctx);
+
static int x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out,
const ASN1_ITEM *it, int tag, int aclass);
static int x509_name_ex_new(ASN1_VALUE **val, const ASN1_ITEM *it);
@@ -71,7 +77,15 @@
static void x509_name_ex_free(ASN1_VALUE **val, const ASN1_ITEM *it);
static int x509_name_encode(X509_NAME *a);
+static int x509_name_canon(X509_NAME *a);
+static int asn1_string_canon(ASN1_STRING *out, ASN1_STRING *in);
+static int i2d_name_canon(STACK_OF(STACK_OF_X509_NAME_ENTRY) * intname,
+ unsigned char **in);
+static int x509_name_ex_print(BIO *out, ASN1_VALUE **pval,
+ int indent,
+ const char *fname, const ASN1_PCTX *pctx);
+
ASN1_SEQUENCE(X509_NAME_ENTRY) = {
ASN1_SIMPLE(X509_NAME_ENTRY, object, ASN1_OBJECT),
ASN1_SIMPLE(X509_NAME_ENTRY, value, ASN1_PRINTABLE)
@@ -106,7 +120,8 @@
x509_name_ex_free,
0, /* Default clear behaviour is OK */
x509_name_ex_d2i,
- x509_name_ex_i2d
+ x509_name_ex_i2d,
+ x509_name_ex_print
};
IMPLEMENT_EXTERN_ASN1(X509_NAME, V_ASN1_SEQUENCE, x509_name_ff)
@@ -125,6 +140,8 @@
goto memerr;
if ((ret->bytes = BUF_MEM_new()) == NULL)
goto memerr;
+ ret->canon_enc = NULL;
+ ret->canon_enclen = 0;
ret->modified = 1;
*val = (ASN1_VALUE *)ret;
return 1;
@@ -148,28 +165,20 @@
BUF_MEM_free(a->bytes);
sk_X509_NAME_ENTRY_pop_free(a->entries, X509_NAME_ENTRY_free);
+ if (a->canon_enc)
+ OPENSSL_free(a->canon_enc);
OPENSSL_free(a);
*pval = NULL;
}
-/*
- * Used with sk_pop_free() to free up the internal representation. NB: we
- * only free the STACK and not its contents because it is already present in
- * the X509_NAME structure.
- */
-
-static void sk_internal_free(void *a)
+static int x509_name_ex_d2i(ASN1_VALUE **val,
+ const unsigned char **in, long len,
+ const ASN1_ITEM *it, int tag, int aclass,
+ char opt, ASN1_TLC *ctx)
{
- sk_free(a);
-}
-
-static int x509_name_ex_d2i(ASN1_VALUE **val, const unsigned char **in,
- long len, const ASN1_ITEM *it, int tag,
- int aclass, char opt, ASN1_TLC *ctx)
-{
const unsigned char *p = *in, *q;
union {
- STACK *s;
+ STACK_OF(STACK_OF_X509_NAME_ENTRY) *s;
ASN1_VALUE *a;
} intname = {
NULL
@@ -203,8 +212,8 @@
memcpy(nm.x->bytes->data, q, p - q);
/* Convert internal representation to X509_NAME structure */
- for (i = 0; i < sk_num(intname.s); i++) {
- entries = (STACK_OF(X509_NAME_ENTRY) *)sk_value(intname.s, i);
+ for (i = 0; i < sk_STACK_OF_X509_NAME_ENTRY_num(intname.s); i++) {
+ entries = sk_STACK_OF_X509_NAME_ENTRY_value(intname.s, i);
for (j = 0; j < sk_X509_NAME_ENTRY_num(entries); j++) {
entry = sk_X509_NAME_ENTRY_value(entries, j);
entry->set = i;
@@ -213,7 +222,10 @@
}
sk_X509_NAME_ENTRY_free(entries);
}
- sk_free(intname.s);
+ sk_STACK_OF_X509_NAME_ENTRY_free(intname.s);
+ ret = x509_name_canon(nm.x);
+ if (!ret)
+ goto err;
nm.x->modified = 0;
*val = nm.a;
*in = p;
@@ -231,9 +243,12 @@
int ret;
X509_NAME *a = (X509_NAME *)*val;
if (a->modified) {
- ret = x509_name_encode((X509_NAME *)a);
+ ret = x509_name_encode(a);
if (ret < 0)
return ret;
+ ret = x509_name_canon(a);
+ if (ret < 0)
+ return ret;
}
ret = a->bytes->length;
if (out != NULL) {
@@ -243,10 +258,20 @@
return ret;
}
+static void local_sk_X509_NAME_ENTRY_free(STACK_OF(X509_NAME_ENTRY) *ne)
+{
+ sk_X509_NAME_ENTRY_free(ne);
+}
+
+static void local_sk_X509_NAME_ENTRY_pop_free(STACK_OF(X509_NAME_ENTRY) *ne)
+{
+ sk_X509_NAME_ENTRY_pop_free(ne, X509_NAME_ENTRY_free);
+}
+
static int x509_name_encode(X509_NAME *a)
{
union {
- STACK *s;
+ STACK_OF(STACK_OF_X509_NAME_ENTRY) *s;
ASN1_VALUE *a;
} intname = {
NULL
@@ -256,7 +281,7 @@
STACK_OF(X509_NAME_ENTRY) *entries = NULL;
X509_NAME_ENTRY *entry;
int i, set = -1;
- intname.s = sk_new_null();
+ intname.s = sk_STACK_OF_X509_NAME_ENTRY_new_null();
if (!intname.s)
goto memerr;
for (i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) {
@@ -265,7 +290,7 @@
entries = sk_X509_NAME_ENTRY_new_null();
if (!entries)
goto memerr;
- if (!sk_push(intname.s, (char *)entries))
+ if (!sk_STACK_OF_X509_NAME_ENTRY_push(intname.s, entries))
goto memerr;
set = entry->set;
}
@@ -279,15 +304,207 @@
p = (unsigned char *)a->bytes->data;
ASN1_item_ex_i2d(&intname.a,
&p, ASN1_ITEM_rptr(X509_NAME_INTERNAL), -1, -1);
- sk_pop_free(intname.s, sk_internal_free);
+ sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname.s,
+ local_sk_X509_NAME_ENTRY_free);
a->modified = 0;
return len;
memerr:
- sk_pop_free(intname.s, sk_internal_free);
+ sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname.s,
+ local_sk_X509_NAME_ENTRY_free);
ASN1err(ASN1_F_X509_NAME_ENCODE, ERR_R_MALLOC_FAILURE);
return -1;
}
+static int x509_name_ex_print(BIO *out, ASN1_VALUE **pval,
+ int indent,
+ const char *fname, const ASN1_PCTX *pctx)
+{
+ if (X509_NAME_print_ex(out, (X509_NAME *)*pval,
+ indent, pctx->nm_flags) <= 0)
+ return 0;
+ return 2;
+}
+
+/*
+ * This function generates the canonical encoding of the Name structure. In
+ * it all strings are converted to UTF8, leading, trailing and multiple
+ * spaces collapsed, converted to lower case and the leading SEQUENCE header
+ * removed. In future we could also normalize the UTF8 too. By doing this
+ * comparison of Name structures can be rapidly perfomed by just using
+ * memcmp() of the canonical encoding. By omitting the leading SEQUENCE name
+ * constraints of type dirName can also be checked with a simple memcmp().
+ */
+
+static int x509_name_canon(X509_NAME *a)
+{
+ unsigned char *p;
+ STACK_OF(STACK_OF_X509_NAME_ENTRY) *intname = NULL;
+ STACK_OF(X509_NAME_ENTRY) *entries = NULL;
+ X509_NAME_ENTRY *entry, *tmpentry = NULL;
+ int i, set = -1, ret = 0;
+
+ if (a->canon_enc) {
+ OPENSSL_free(a->canon_enc);
+ a->canon_enc = NULL;
+ }
+ /* Special case: empty X509_NAME => null encoding */
+ if (sk_X509_NAME_ENTRY_num(a->entries) == 0) {
+ a->canon_enclen = 0;
+ return 1;
+ }
+ intname = sk_STACK_OF_X509_NAME_ENTRY_new_null();
+ if (!intname)
+ goto err;
+ for (i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) {
+ entry = sk_X509_NAME_ENTRY_value(a->entries, i);
+ if (entry->set != set) {
+ entries = sk_X509_NAME_ENTRY_new_null();
+ if (!entries)
+ goto err;
+ if (!sk_STACK_OF_X509_NAME_ENTRY_push(intname, entries))
+ goto err;
+ set = entry->set;
+ }
+ tmpentry = X509_NAME_ENTRY_new();
+ if (!tmpentry)
+ goto err;
+ tmpentry->object = OBJ_dup(entry->object);
+ if (!asn1_string_canon(tmpentry->value, entry->value))
+ goto err;
+ if (!sk_X509_NAME_ENTRY_push(entries, tmpentry))
+ goto err;
+ tmpentry = NULL;
+ }
+
+ /* Finally generate encoding */
+
+ a->canon_enclen = i2d_name_canon(intname, NULL);
+
+ p = OPENSSL_malloc(a->canon_enclen);
+
+ if (!p)
+ goto err;
+
+ a->canon_enc = p;
+
+ i2d_name_canon(intname, &p);
+
+ ret = 1;
+
+ err:
+
+ if (tmpentry)
+ X509_NAME_ENTRY_free(tmpentry);
+ if (intname)
+ sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname,
+ local_sk_X509_NAME_ENTRY_pop_free);
+ return ret;
+}
+
+/* Bitmap of all the types of string that will be canonicalized. */
+
+#define ASN1_MASK_CANON \
+ (B_ASN1_UTF8STRING | B_ASN1_BMPSTRING | B_ASN1_UNIVERSALSTRING \
+ | B_ASN1_PRINTABLESTRING | B_ASN1_T61STRING | B_ASN1_IA5STRING \
+ | B_ASN1_VISIBLESTRING)
+
+static int asn1_string_canon(ASN1_STRING *out, ASN1_STRING *in)
+{
+ unsigned char *to, *from;
+ int len, i;
+
+ /* If type not in bitmask just copy string across */
+ if (!(ASN1_tag2bit(in->type) & ASN1_MASK_CANON)) {
+ if (!ASN1_STRING_copy(out, in))
+ return 0;
+ return 1;
+ }
+
+ out->type = V_ASN1_UTF8STRING;
+ out->length = ASN1_STRING_to_UTF8(&out->data, in);
+ if (out->length == -1)
+ return 0;
+
+ to = out->data;
+ from = to;
+
+ len = out->length;
+
+ /*
+ * Convert string in place to canonical form. Ultimately we may need to
+ * handle a wider range of characters but for now ignore anything with
+ * MSB set and rely on the isspace() and tolower() functions.
+ */
+
+ /* Ignore leading spaces */
+ while ((len > 0) && !(*from & 0x80) && isspace(*from)) {
+ from++;
+ len--;
+ }
+
+ to = from + len - 1;
+
+ /* Ignore trailing spaces */
+ while ((len > 0) && !(*to & 0x80) && isspace(*to)) {
+ to--;
+ len--;
+ }
+
+ to = out->data;
+
+ i = 0;
+ while (i < len) {
+ /* If MSB set just copy across */
+ if (*from & 0x80) {
+ *to++ = *from++;
+ i++;
+ }
+ /* Collapse multiple spaces */
+ else if (isspace(*from)) {
+ /* Copy one space across */
+ *to++ = ' ';
+ /*
+ * Ignore subsequent spaces. Note: don't need to check len here
+ * because we know the last character is a non-space so we can't
+ * overflow.
+ */
+ do {
+ from++;
+ i++;
+ }
+ while (!(*from & 0x80) && isspace(*from));
+ } else {
+ *to++ = tolower(*from);
+ from++;
+ i++;
+ }
+ }
+
+ out->length = to - out->data;
+
+ return 1;
+
+}
+
+static int i2d_name_canon(STACK_OF(STACK_OF_X509_NAME_ENTRY) * _intname,
+ unsigned char **in)
+{
+ int i, len, ltmp;
+ ASN1_VALUE *v;
+ STACK_OF(ASN1_VALUE) *intname = (STACK_OF(ASN1_VALUE) *)_intname;
+
+ len = 0;
+ for (i = 0; i < sk_ASN1_VALUE_num(intname); i++) {
+ v = sk_ASN1_VALUE_value(intname, i);
+ ltmp = ASN1_item_ex_i2d(&v, in,
+ ASN1_ITEM_rptr(X509_NAME_ENTRIES), -1, -1);
+ if (ltmp < 0)
+ return ltmp;
+ len += ltmp;
+ }
+ return len;
+}
+
int X509_NAME_set(X509_NAME **xn, X509_NAME *name)
{
X509_NAME *in;
Copied: trunk/crypto/openssl/crypto/asn1/x_nx509.c (from rev 7117, vendor-crypto/openssl/dist/crypto/asn1/x_nx509.c)
===================================================================
--- trunk/crypto/openssl/crypto/asn1/x_nx509.c (rev 0)
+++ trunk/crypto/openssl/crypto/asn1/x_nx509.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,72 @@
+/* x_nx509.c */
+/*
+ * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+ * 2005.
+ */
+/* ====================================================================
+ * Copyright (c) 2005 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <stddef.h>
+#include <openssl/x509.h>
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+
+/* Old netscape certificate wrapper format */
+
+ASN1_SEQUENCE(NETSCAPE_X509) = {
+ ASN1_SIMPLE(NETSCAPE_X509, header, ASN1_OCTET_STRING),
+ ASN1_OPT(NETSCAPE_X509, cert, X509)
+} ASN1_SEQUENCE_END(NETSCAPE_X509)
+
+IMPLEMENT_ASN1_FUNCTIONS(NETSCAPE_X509)
Modified: trunk/crypto/openssl/crypto/asn1/x_pubkey.c
===================================================================
--- trunk/crypto/openssl/crypto/asn1/x_pubkey.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/asn1/x_pubkey.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -60,6 +60,7 @@
#include "cryptlib.h"
#include <openssl/asn1t.h>
#include <openssl/x509.h>
+#include "asn1_locl.h"
#ifndef OPENSSL_NO_RSA
# include <openssl/rsa.h>
#endif
@@ -68,7 +69,8 @@
#endif
/* Minor tweak to operation: free up EVP_PKEY */
-static int pubkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
+static int pubkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+ void *exarg)
{
if (operation == ASN1_OP_FREE_POST) {
X509_PUBKEY *pubkey = (X509_PUBKEY *)*pval;
@@ -87,146 +89,29 @@
int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
{
X509_PUBKEY *pk = NULL;
- X509_ALGOR *a;
- ASN1_OBJECT *o;
- unsigned char *s, *p = NULL;
- int i;
if (x == NULL)
return (0);
if ((pk = X509_PUBKEY_new()) == NULL)
- goto err;
- a = pk->algor;
+ goto error;
- /* set the algorithm id */
- if ((o = OBJ_nid2obj(pkey->type)) == NULL)
- goto err;
- ASN1_OBJECT_free(a->algorithm);
- a->algorithm = o;
-
- /* Set the parameter list */
- if (!pkey->save_parameters || (pkey->type == EVP_PKEY_RSA)) {
- if ((a->parameter == NULL) || (a->parameter->type != V_ASN1_NULL)) {
- ASN1_TYPE_free(a->parameter);
- if (!(a->parameter = ASN1_TYPE_new())) {
- X509err(X509_F_X509_PUBKEY_SET, ERR_R_MALLOC_FAILURE);
- goto err;
+ if (pkey->ameth) {
+ if (pkey->ameth->pub_encode) {
+ if (!pkey->ameth->pub_encode(pk, pkey)) {
+ X509err(X509_F_X509_PUBKEY_SET,
+ X509_R_PUBLIC_KEY_ENCODE_ERROR);
+ goto error;
}
- a->parameter->type = V_ASN1_NULL;
+ } else {
+ X509err(X509_F_X509_PUBKEY_SET, X509_R_METHOD_NOT_SUPPORTED);
+ goto error;
}
- }
-#ifndef OPENSSL_NO_DSA
- else if (pkey->type == EVP_PKEY_DSA) {
- unsigned char *pp;
- DSA *dsa;
-
- dsa = pkey->pkey.dsa;
- dsa->write_params = 0;
- ASN1_TYPE_free(a->parameter);
- if ((i = i2d_DSAparams(dsa, NULL)) <= 0)
- goto err;
- if (!(p = (unsigned char *)OPENSSL_malloc(i))) {
- X509err(X509_F_X509_PUBKEY_SET, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- pp = p;
- i2d_DSAparams(dsa, &pp);
- if (!(a->parameter = ASN1_TYPE_new())) {
- OPENSSL_free(p);
- X509err(X509_F_X509_PUBKEY_SET, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- a->parameter->type = V_ASN1_SEQUENCE;
- if (!(a->parameter->value.sequence = ASN1_STRING_new())) {
- OPENSSL_free(p);
- X509err(X509_F_X509_PUBKEY_SET, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- if (!ASN1_STRING_set(a->parameter->value.sequence, p, i)) {
- OPENSSL_free(p);
- X509err(X509_F_X509_PUBKEY_SET, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- OPENSSL_free(p);
- }
-#endif
-#ifndef OPENSSL_NO_EC
- else if (pkey->type == EVP_PKEY_EC) {
- int nid = 0;
- unsigned char *pp;
- EC_KEY *ec_key;
- const EC_GROUP *group;
-
- ec_key = pkey->pkey.ec;
- ASN1_TYPE_free(a->parameter);
-
- if ((a->parameter = ASN1_TYPE_new()) == NULL) {
- X509err(X509_F_X509_PUBKEY_SET, ERR_R_ASN1_LIB);
- goto err;
- }
-
- group = EC_KEY_get0_group(ec_key);
- if (EC_GROUP_get_asn1_flag(group)
- && (nid = EC_GROUP_get_curve_name(group))) {
- /* just set the OID */
- a->parameter->type = V_ASN1_OBJECT;
- a->parameter->value.object = OBJ_nid2obj(nid);
- } else { /* explicit parameters */
-
- if ((i = i2d_ECParameters(ec_key, NULL)) == 0) {
- X509err(X509_F_X509_PUBKEY_SET, ERR_R_EC_LIB);
- goto err;
- }
- if ((p = (unsigned char *)OPENSSL_malloc(i)) == NULL) {
- X509err(X509_F_X509_PUBKEY_SET, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- pp = p;
- if (!i2d_ECParameters(ec_key, &pp)) {
- X509err(X509_F_X509_PUBKEY_SET, ERR_R_EC_LIB);
- OPENSSL_free(p);
- goto err;
- }
- a->parameter->type = V_ASN1_SEQUENCE;
- if ((a->parameter->value.sequence = ASN1_STRING_new()) == NULL) {
- X509err(X509_F_X509_PUBKEY_SET, ERR_R_ASN1_LIB);
- OPENSSL_free(p);
- goto err;
- }
- ASN1_STRING_set(a->parameter->value.sequence, p, i);
- OPENSSL_free(p);
- }
- }
-#endif
- else if (1) {
+ } else {
X509err(X509_F_X509_PUBKEY_SET, X509_R_UNSUPPORTED_ALGORITHM);
- goto err;
+ goto error;
}
- if ((i = i2d_PublicKey(pkey, NULL)) <= 0)
- goto err;
- if ((s = (unsigned char *)OPENSSL_malloc(i + 1)) == NULL) {
- X509err(X509_F_X509_PUBKEY_SET, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- p = s;
- i2d_PublicKey(pkey, &p);
- if (!M_ASN1_BIT_STRING_set(pk->public_key, s, i)) {
- X509err(X509_F_X509_PUBKEY_SET, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- /* Set number of unused bits to zero */
- pk->public_key->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07);
- pk->public_key->flags |= ASN1_STRING_FLAG_BITS_LEFT;
-
- OPENSSL_free(s);
-
-#if 0
- CRYPTO_add(&pkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
- pk->pkey = pkey;
-#endif
-
if (*x != NULL)
X509_PUBKEY_free(*x);
@@ -233,7 +118,7 @@
*x = pk;
return 1;
- err:
+ error:
if (pk != NULL)
X509_PUBKEY_free(pk);
return 0;
@@ -242,109 +127,38 @@
EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key)
{
EVP_PKEY *ret = NULL;
- long j;
- int type;
- const unsigned char *p;
-#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_ECDSA)
- const unsigned char *cp;
- X509_ALGOR *a;
-#endif
if (key == NULL)
- goto err;
+ goto error;
if (key->pkey != NULL) {
CRYPTO_add(&key->pkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
- return (key->pkey);
+ return key->pkey;
}
if (key->public_key == NULL)
- goto err;
+ goto error;
- type = OBJ_obj2nid(key->algor->algorithm);
if ((ret = EVP_PKEY_new()) == NULL) {
X509err(X509_F_X509_PUBKEY_GET, ERR_R_MALLOC_FAILURE);
- goto err;
+ goto error;
}
- ret->type = EVP_PKEY_type(type);
- /* the parameters must be extracted before the public key (ECDSA!) */
-
-#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_ECDSA)
- a = key->algor;
-#endif
-
- if (0) ;
-#ifndef OPENSSL_NO_DSA
- else if (ret->type == EVP_PKEY_DSA) {
- if (a->parameter && (a->parameter->type == V_ASN1_SEQUENCE)) {
- if ((ret->pkey.dsa = DSA_new()) == NULL) {
- X509err(X509_F_X509_PUBKEY_GET, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- ret->pkey.dsa->write_params = 0;
- cp = p = a->parameter->value.sequence->data;
- j = a->parameter->value.sequence->length;
- if (!d2i_DSAparams(&ret->pkey.dsa, &cp, (long)j))
- goto err;
- }
- ret->save_parameters = 1;
+ if (!EVP_PKEY_set_type(ret, OBJ_obj2nid(key->algor->algorithm))) {
+ X509err(X509_F_X509_PUBKEY_GET, X509_R_UNSUPPORTED_ALGORITHM);
+ goto error;
}
-#endif
-#ifndef OPENSSL_NO_EC
- else if (ret->type == EVP_PKEY_EC) {
- if (a->parameter && (a->parameter->type == V_ASN1_SEQUENCE)) {
- /*
- * type == V_ASN1_SEQUENCE => we have explicit parameters (e.g.
- * parameters in the X9_62_EC_PARAMETERS-structure )
- */
- if ((ret->pkey.ec = EC_KEY_new()) == NULL) {
- X509err(X509_F_X509_PUBKEY_GET, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- cp = p = a->parameter->value.sequence->data;
- j = a->parameter->value.sequence->length;
- if (!d2i_ECParameters(&ret->pkey.ec, &cp, (long)j)) {
- X509err(X509_F_X509_PUBKEY_GET, ERR_R_EC_LIB);
- goto err;
- }
- } else if (a->parameter && (a->parameter->type == V_ASN1_OBJECT)) {
- /*
- * type == V_ASN1_OBJECT => the parameters are given by an asn1
- * OID
- */
- EC_KEY *ec_key;
- EC_GROUP *group;
- if (ret->pkey.ec == NULL)
- ret->pkey.ec = EC_KEY_new();
- ec_key = ret->pkey.ec;
- if (ec_key == NULL)
- goto err;
- group =
- EC_GROUP_new_by_curve_name(OBJ_obj2nid
- (a->parameter->value.object));
- if (group == NULL)
- goto err;
- EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE);
- if (EC_KEY_set_group(ec_key, group) == 0)
- goto err;
- EC_GROUP_free(group);
+ if (ret->ameth->pub_decode) {
+ if (!ret->ameth->pub_decode(ret, key)) {
+ X509err(X509_F_X509_PUBKEY_GET, X509_R_PUBLIC_KEY_DECODE_ERROR);
+ goto error;
}
- /*
- * the case implicitlyCA is currently not implemented
- */
- ret->save_parameters = 1;
+ } else {
+ X509err(X509_F_X509_PUBKEY_GET, X509_R_METHOD_NOT_SUPPORTED);
+ goto error;
}
-#endif
- p = key->public_key->data;
- j = key->public_key->length;
- if (!d2i_PublicKey(type, &ret, &p, (long)j)) {
- X509err(X509_F_X509_PUBKEY_GET, X509_R_ERR_ASN1_LIB);
- goto err;
- }
-
/* Check to see if another thread set key->pkey first */
CRYPTO_w_lock(CRYPTO_LOCK_EVP_PKEY);
if (key->pkey) {
@@ -356,8 +170,10 @@
CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY);
}
CRYPTO_add(&ret->references, 1, CRYPTO_LOCK_EVP_PKEY);
- return (ret);
- err:
+
+ return ret;
+
+ error:
if (ret != NULL)
EVP_PKEY_free(ret);
return (NULL);
@@ -520,3 +336,36 @@
return (ret);
}
#endif
+
+int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj,
+ int ptype, void *pval,
+ unsigned char *penc, int penclen)
+{
+ if (!X509_ALGOR_set0(pub->algor, aobj, ptype, pval))
+ return 0;
+ if (penc) {
+ if (pub->public_key->data)
+ OPENSSL_free(pub->public_key->data);
+ pub->public_key->data = penc;
+ pub->public_key->length = penclen;
+ /* Set number of unused bits to zero */
+ pub->public_key->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07);
+ pub->public_key->flags |= ASN1_STRING_FLAG_BITS_LEFT;
+ }
+ return 1;
+}
+
+int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg,
+ const unsigned char **pk, int *ppklen,
+ X509_ALGOR **pa, X509_PUBKEY *pub)
+{
+ if (ppkalg)
+ *ppkalg = pub->algor->algorithm;
+ if (pk) {
+ *pk = pub->public_key->data;
+ *ppklen = pub->public_key->length;
+ }
+ if (pa)
+ *pa = pub->algor;
+ return 1;
+}
Modified: trunk/crypto/openssl/crypto/asn1/x_req.c
===================================================================
--- trunk/crypto/openssl/crypto/asn1/x_req.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/asn1/x_req.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -80,7 +80,8 @@
*
*/
-static int rinf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
+static int rinf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+ void *exarg)
{
X509_REQ_INFO *rinf = (X509_REQ_INFO *)*pval;
Modified: trunk/crypto/openssl/crypto/asn1/x_x509.c
===================================================================
--- trunk/crypto/openssl/crypto/asn1/x_x509.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/asn1/x_x509.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -81,7 +81,8 @@
extern void policy_cache_free(X509_POLICY_CACHE *cache);
-static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
+static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+ void *exarg)
{
X509 *ret = (X509 *)*pval;
@@ -99,6 +100,7 @@
ret->rfc3779_asid = NULL;
#endif
ret->aux = NULL;
+ ret->crldp = NULL;
CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data);
break;
@@ -113,7 +115,10 @@
X509_CERT_AUX_free(ret->aux);
ASN1_OCTET_STRING_free(ret->skid);
AUTHORITY_KEYID_free(ret->akid);
+ CRL_DIST_POINTS_free(ret->crldp);
policy_cache_free(ret->policy_cache);
+ GENERAL_NAMES_free(ret->altname);
+ NAME_CONSTRAINTS_free(ret->nc);
#ifndef OPENSSL_NO_RFC3779
sk_IPAddressFamily_pop_free(ret->rfc3779_addr, IPAddressFamily_free);
ASIdentifiers_free(ret->rfc3779_asid);
@@ -139,18 +144,6 @@
IMPLEMENT_ASN1_DUP_FUNCTION(X509)
-static ASN1_METHOD meth = {
- (I2D_OF(void)) i2d_X509,
- (D2I_OF(void)) d2i_X509,
- (void *(*)(void))X509_new,
- (void (*)(void *))X509_free
-};
-
-ASN1_METHOD *X509_asn1_meth(void)
-{
- return (&meth);
-}
-
int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
{
Modified: trunk/crypto/openssl/crypto/bf/Makefile
===================================================================
--- trunk/crypto/openssl/crypto/bf/Makefile 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/bf/Makefile 2015-07-21 23:23:45 UTC (rev 7118)
@@ -12,8 +12,6 @@
AR= ar r
BF_ENC= bf_enc.o
-# or use
-#DES_ENC= bx86-elf.o
CFLAGS= $(INCLUDES) $(CFLAG)
ASFLAGS= $(INCLUDES) $(ASFLAG)
@@ -40,19 +38,12 @@
all: lib
lib: $(LIBOBJ)
- $(ARX) $(LIB) $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
-# ELF
-bx86-elf.s: asm/bf-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
- (cd asm; $(PERL) bf-586.pl elf $(CFLAGS) $(PROCESSOR) > ../$@)
-# COFF
-bx86-cof.s: asm/bf-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
- (cd asm; $(PERL) bf-586.pl coff $(CFLAGS) $(PROCESSOR) > ../$@)
-# a.out
-bx86-out.s: asm/bf-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
- (cd asm; $(PERL) bf-586.pl a.out $(CFLAGS) $(PROCESSOR) > ../$@)
+bf-586.s: asm/bf-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
+ $(PERL) asm/bf-586.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
files:
$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
@@ -81,6 +72,8 @@
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
+update: depend
+
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
@@ -104,8 +97,7 @@
bf_ofb64.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h
bf_ofb64.o: ../../include/openssl/opensslconf.h bf_locl.h bf_ofb64.c
bf_skey.o: ../../include/openssl/blowfish.h ../../include/openssl/crypto.h
-bf_skey.o: ../../include/openssl/e_os2.h ../../include/openssl/fips.h
-bf_skey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-bf_skey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-bf_skey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bf_skey.o: bf_locl.h bf_pi.h bf_skey.c
+bf_skey.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+bf_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bf_skey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bf_skey.o: ../../include/openssl/symhacks.h bf_locl.h bf_pi.h bf_skey.c
Modified: trunk/crypto/openssl/crypto/bf/asm/bf-586.pl
===================================================================
--- trunk/crypto/openssl/crypto/bf/asm/bf-586.pl 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/bf/asm/bf-586.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,6 +1,7 @@
#!/usr/local/bin/perl
-push(@INC,"perlasm","../../perlasm");
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
require "x86asm.pl";
require "cbc.pl";
Modified: trunk/crypto/openssl/crypto/bf/bf_skey.c
===================================================================
--- trunk/crypto/openssl/crypto/bf/bf_skey.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/bf/bf_skey.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -58,17 +58,21 @@
#include <stdio.h>
#include <string.h>
+#include <openssl/crypto.h>
#include <openssl/blowfish.h>
-#include <openssl/crypto.h>
-#ifdef OPENSSL_FIPS
-# include <openssl/fips.h>
-#endif
-
#include "bf_locl.h"
#include "bf_pi.h"
-FIPS_NON_FIPS_VCIPHER_Init(BF)
+void BF_set_key(BF_KEY *key, int len, const unsigned char *data)
+#ifdef OPENSSL_FIPS
{
+ fips_cipher_abort(BLOWFISH);
+ private_BF_set_key(key, len, data);
+}
+
+void private_BF_set_key(BF_KEY *key, int len, const unsigned char *data)
+#endif
+{
int i;
BF_LONG *p, ri, in[2];
const unsigned char *d, *end;
Modified: trunk/crypto/openssl/crypto/bf/blowfish.h
===================================================================
--- trunk/crypto/openssl/crypto/bf/blowfish.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/bf/blowfish.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -79,7 +79,7 @@
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
*/
-# if defined(OPENSSL_SYS_WIN16) || defined(__LP32__)
+# if defined(__LP32__)
# define BF_LONG unsigned long
# elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__)
# define BF_LONG unsigned long
Modified: trunk/crypto/openssl/crypto/bio/Makefile
===================================================================
--- trunk/crypto/openssl/crypto/bio/Makefile 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/bio/Makefile 2015-07-21 23:23:45 UTC (rev 7118)
@@ -45,7 +45,7 @@
all: lib
lib: $(LIBOBJ)
- $(ARX) $(LIB) $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
@@ -73,6 +73,8 @@
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
+update: depend
+
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
@@ -102,11 +104,12 @@
b_print.o: ../../include/openssl/symhacks.h ../cryptlib.h b_print.c
b_sock.o: ../../e_os.h ../../include/openssl/bio.h
b_sock.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-b_sock.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-b_sock.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-b_sock.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-b_sock.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-b_sock.o: ../../include/openssl/symhacks.h ../cryptlib.h b_sock.c
+b_sock.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+b_sock.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+b_sock.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+b_sock.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+b_sock.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+b_sock.o: ../cryptlib.h b_sock.c
bf_buff.o: ../../e_os.h ../../include/openssl/bio.h
bf_buff.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
bf_buff.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
Modified: trunk/crypto/openssl/crypto/bio/b_print.c
===================================================================
--- trunk/crypto/openssl/crypto/bio/b_print.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/bio/b_print.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -115,8 +115,8 @@
# define LDOUBLE double
#endif
-#if HAVE_LONG_LONG
-# if defined(OPENSSL_SYS_WIN32) && !defined(__GNUC__)
+#ifdef HAVE_LONG_LONG
+# if defined(_WIN32) && !defined(__GNUC__)
# define LLONG __int64
# else
# define LLONG long long
@@ -592,7 +592,6 @@
int fplace = 0;
int padlen = 0;
int zpadlen = 0;
- int caps = 0;
long intpart;
long fracpart;
long max10;
@@ -630,8 +629,7 @@
/* convert integer part */
do {
- iconvert[iplace++] =
- (caps ? "0123456789ABCDEF" : "0123456789abcdef")[intpart % 10];
+ iconvert[iplace++] = "0123456789"[intpart % 10];
intpart = (intpart / 10);
} while (intpart && (iplace < (int)sizeof(iconvert)));
if (iplace == sizeof iconvert)
@@ -640,8 +638,7 @@
/* convert fractional part */
do {
- fconvert[fplace++] =
- (caps ? "0123456789ABCDEF" : "0123456789abcdef")[fracpart % 10];
+ fconvert[fplace++] = "0123456789"[fracpart % 10];
fracpart = (fracpart / 10);
} while (fplace < max);
if (fplace == sizeof fconvert)
@@ -707,24 +704,29 @@
/* If we haven't at least one buffer, someone has doe a big booboo */
assert(*sbuffer != NULL || buffer != NULL);
- if (buffer) {
- while (*currlen >= *maxlen) {
- if (*buffer == NULL) {
- if (*maxlen == 0)
- *maxlen = 1024;
- *buffer = OPENSSL_malloc(*maxlen);
- if (*currlen > 0) {
- assert(*sbuffer != NULL);
- memcpy(*buffer, *sbuffer, *currlen);
- }
- *sbuffer = NULL;
- } else {
- *maxlen += 1024;
- *buffer = OPENSSL_realloc(*buffer, *maxlen);
+ /* |currlen| must always be <= |*maxlen| */
+ assert(*currlen <= *maxlen);
+
+ if (buffer && *currlen == *maxlen) {
+ *maxlen += 1024;
+ if (*buffer == NULL) {
+ *buffer = OPENSSL_malloc(*maxlen);
+ if (!*buffer) {
+ /* Panic! Can't really do anything sensible. Just return */
+ return;
}
+ if (*currlen > 0) {
+ assert(*sbuffer != NULL);
+ memcpy(*buffer, *sbuffer, *currlen);
+ }
+ *sbuffer = NULL;
+ } else {
+ *buffer = OPENSSL_realloc(*buffer, *maxlen);
+ if (!*buffer) {
+ /* Panic! Can't really do anything sensible. Just return */
+ return;
+ }
}
- /* What to do if *buffer is NULL? */
- assert(*sbuffer != NULL || *buffer != NULL);
}
if (*currlen < *maxlen) {
Modified: trunk/crypto/openssl/crypto/bio/b_sock.c
===================================================================
--- trunk/crypto/openssl/crypto/bio/b_sock.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/bio/b_sock.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -70,11 +70,8 @@
# endif
#endif
#ifndef OPENSSL_NO_SOCK
-# ifdef OPENSSL_SYS_WIN16
-# define SOCKET_PROTOCOL 0 /* more microsoft stupidity */
-# else
-# define SOCKET_PROTOCOL IPPROTO_TCP
-# endif
+# include <openssl/dso.h>
+# define SOCKET_PROTOCOL IPPROTO_TCP
# ifdef SO_MAXCONN
# define MAX_LISTEN SO_MAXCONN
# elif defined(SOMAXCONN)
@@ -86,6 +83,17 @@
static int wsa_init_done = 0;
# endif
+/*
+ * WSAAPI specifier is required to make indirect calls to run-time
+ * linked WinSock 2 functions used in this module, to be specific
+ * [get|free]addrinfo and getnameinfo. This is because WinSock uses
+ * uses non-C calling convention, __stdcall vs. __cdecl, on x86
+ * Windows. On non-WinSock platforms WSAAPI needs to be void.
+ */
+# ifndef WSAAPI
+# define WSAAPI
+# endif
+
# if 0
static unsigned long BIO_ghbn_hits = 0L;
static unsigned long BIO_ghbn_miss = 0L;
@@ -219,6 +227,10 @@
int j, i;
int size;
+# if defined(OPENSSL_SYS_BEOS_R5)
+ return 0;
+# endif
+
size = sizeof(int);
/*
* Note: under Windows the third parameter is of type (char *) whereas
@@ -448,7 +460,13 @@
wsa_init_done = 1;
memset(&wsa_state, 0, sizeof(wsa_state));
- if (WSAStartup(0x0101, &wsa_state) != 0) {
+ /*
+ * Not making wsa_state available to the rest of the code is formally
+ * wrong. But the structures we use are [beleived to be] invariable
+ * among Winsock DLLs, while API availability is [expected to be]
+ * probed at run-time with DSO_global_lookup.
+ */
+ if (WSAStartup(0x0202, &wsa_state) != 0) {
err = WSAGetLastError();
SYSerr(SYS_F_WSASTARTUP, err);
BIOerr(BIO_F_BIO_SOCK_INIT, BIO_R_WSASTARTUP);
@@ -488,8 +506,9 @@
# ifdef OPENSSL_SYS_WINDOWS
if (wsa_init_done) {
wsa_init_done = 0;
-# ifndef OPENSSL_SYS_WINCE
- WSACancelBlockingCall(); /* Winsock 1.1 specific */
+# if 0 /* this call is claimed to be non-present in
+ * Winsock2 */
+ WSACancelBlockingCall();
# endif
WSACleanup();
}
@@ -510,7 +529,31 @@
# ifdef __DJGPP__
i = ioctlsocket(fd, type, (char *)arg);
# else
- i = ioctlsocket(fd, type, arg);
+# if defined(OPENSSL_SYS_VMS)
+ /*-
+ * 2011-02-18 SMS.
+ * VMS ioctl() can't tolerate a 64-bit "void *arg", but we
+ * observe that all the consumers pass in an "unsigned long *",
+ * so we arrange a local copy with a short pointer, and use
+ * that, instead.
+ */
+# if __INITIAL_POINTER_SIZE == 64
+# define ARG arg_32p
+# pragma pointer_size save
+# pragma pointer_size 32
+ unsigned long arg_32;
+ unsigned long *arg_32p;
+# pragma pointer_size restore
+ arg_32p = &arg_32;
+ arg_32 = *((unsigned long *)arg);
+# else /* __INITIAL_POINTER_SIZE == 64 */
+# define ARG arg
+# endif /* __INITIAL_POINTER_SIZE == 64 [else] */
+# else /* defined(OPENSSL_SYS_VMS) */
+# define ARG arg
+# endif /* defined(OPENSSL_SYS_VMS) [else] */
+
+ i = ioctlsocket(fd, type, ARG);
# endif /* __DJGPP__ */
if (i < 0)
SYSerr(SYS_F_IOCTLSOCKET, get_last_socket_error());
@@ -558,12 +601,18 @@
int BIO_get_accept_socket(char *host, int bind_mode)
{
int ret = 0;
- struct sockaddr_in server, client;
- int s = INVALID_SOCKET, cs;
+ union {
+ struct sockaddr sa;
+ struct sockaddr_in sa_in;
+# if OPENSSL_USE_IPV6
+ struct sockaddr_in6 sa_in6;
+# endif
+ } server, client;
+ int s = INVALID_SOCKET, cs, addrlen;
unsigned char ip[4];
unsigned short port;
char *str = NULL, *e;
- const char *h, *p;
+ char *h, *p;
unsigned long l;
int err_num;
@@ -577,28 +626,88 @@
h = str;
for (e = str; *e; e++) {
if (*e == ':') {
- p = &(e[1]);
- *e = '\0';
+ p = e;
} else if (*e == '/') {
*e = '\0';
break;
}
}
+ if (p)
+ *p++ = '\0'; /* points at last ':', '::port' is special
+ * [see below] */
+ else
+ p = h, h = NULL;
- if (p == NULL) {
- p = h;
- h = "*";
- }
+# ifdef EAI_FAMILY
+ do {
+ static union {
+ void *p;
+ int (WSAAPI *f) (const char *, const char *,
+ const struct addrinfo *, struct addrinfo **);
+ } p_getaddrinfo = {
+ NULL
+ };
+ static union {
+ void *p;
+ void (WSAAPI *f) (struct addrinfo *);
+ } p_freeaddrinfo = {
+ NULL
+ };
+ struct addrinfo *res, hint;
+ if (p_getaddrinfo.p == NULL) {
+ if ((p_getaddrinfo.p = DSO_global_lookup("getaddrinfo")) == NULL
+ || (p_freeaddrinfo.p =
+ DSO_global_lookup("freeaddrinfo")) == NULL)
+ p_getaddrinfo.p = (void *)-1;
+ }
+ if (p_getaddrinfo.p == (void *)-1)
+ break;
+
+ /*
+ * '::port' enforces IPv6 wildcard listener. Some OSes, e.g. Solaris,
+ * default to IPv6 without any hint. Also note that commonly IPv6
+ * wildchard socket can service IPv4 connections just as well...
+ */
+ memset(&hint, 0, sizeof(hint));
+ hint.ai_flags = AI_PASSIVE;
+ if (h) {
+ if (strchr(h, ':')) {
+ if (h[1] == '\0')
+ h = NULL;
+# if OPENSSL_USE_IPV6
+ hint.ai_family = AF_INET6;
+# else
+ h = NULL;
+# endif
+ } else if (h[0] == '*' && h[1] == '\0') {
+ hint.ai_family = AF_INET;
+ h = NULL;
+ }
+ }
+
+ if ((*p_getaddrinfo.f) (h, p, &hint, &res))
+ break;
+
+ addrlen = res->ai_addrlen <= sizeof(server) ?
+ res->ai_addrlen : sizeof(server);
+ memcpy(&server, res->ai_addr, addrlen);
+
+ (*p_freeaddrinfo.f) (res);
+ goto again;
+ } while (0);
+# endif
+
if (!BIO_get_port(p, &port))
goto err;
memset((char *)&server, 0, sizeof(server));
- server.sin_family = AF_INET;
- server.sin_port = htons(port);
+ server.sa_in.sin_family = AF_INET;
+ server.sa_in.sin_port = htons(port);
+ addrlen = sizeof(server.sa_in);
- if (strcmp(h, "*") == 0)
- server.sin_addr.s_addr = INADDR_ANY;
+ if (h == NULL || strcmp(h, "*") == 0)
+ server.sa_in.sin_addr.s_addr = INADDR_ANY;
else {
if (!BIO_get_host_ip(h, &(ip[0])))
goto err;
@@ -606,11 +715,11 @@
((unsigned long)ip[0] << 24L) |
((unsigned long)ip[1] << 16L) |
((unsigned long)ip[2] << 8L) | ((unsigned long)ip[3]);
- server.sin_addr.s_addr = htonl(l);
+ server.sa_in.sin_addr.s_addr = htonl(l);
}
again:
- s = socket(AF_INET, SOCK_STREAM, SOCKET_PROTOCOL);
+ s = socket(server.sa.sa_family, SOCK_STREAM, SOCKET_PROTOCOL);
if (s == INVALID_SOCKET) {
SYSerr(SYS_F_SOCKET, get_last_socket_error());
ERR_add_error_data(3, "port='", host, "'");
@@ -625,7 +734,7 @@
bind_mode = BIO_BIND_NORMAL;
}
# endif
- if (bind(s, (struct sockaddr *)&server, sizeof(server)) == -1) {
+ if (bind(s, &server.sa, addrlen) == -1) {
# ifdef SO_REUSEADDR
err_num = get_last_socket_error();
if ((bind_mode == BIO_BIND_REUSEADDR_IF_UNUSED) &&
@@ -638,13 +747,24 @@
(err_num == EADDRINUSE))
# endif
{
- memcpy((char *)&client, (char *)&server, sizeof(server));
- if (strcmp(h, "*") == 0)
- client.sin_addr.s_addr = htonl(0x7F000001);
- cs = socket(AF_INET, SOCK_STREAM, SOCKET_PROTOCOL);
+ client = server;
+ if (h == NULL || strcmp(h, "*") == 0) {
+# if OPENSSL_USE_IPV6
+ if (client.sa.sa_family == AF_INET6) {
+ memset(&client.sa_in6.sin6_addr, 0,
+ sizeof(client.sa_in6.sin6_addr));
+ client.sa_in6.sin6_addr.s6_addr[15] = 1;
+ } else
+# endif
+ if (client.sa.sa_family == AF_INET) {
+ client.sa_in.sin_addr.s_addr = htonl(0x7F000001);
+ } else
+ goto err;
+ }
+ cs = socket(client.sa.sa_family, SOCK_STREAM, SOCKET_PROTOCOL);
if (cs != INVALID_SOCKET) {
int ii;
- ii = connect(cs, (struct sockaddr *)&client, sizeof(client));
+ ii = connect(cs, &client.sa, addrlen);
closesocket(cs);
if (ii == INVALID_SOCKET) {
bind_mode = BIO_BIND_REUSEADDR;
@@ -681,21 +801,54 @@
int BIO_accept(int sock, char **addr)
{
int ret = INVALID_SOCKET;
- static struct sockaddr_in from;
unsigned long l;
unsigned short port;
- int len;
char *p;
- memset((char *)&from, 0, sizeof(from));
- len = sizeof(from);
- /*
- * Note: under VMS with SOCKETSHR the fourth parameter is currently of
- * type (int *) whereas under other systems it is (void *) if you don't
- * have a cast it will choke the compiler: if you do have a cast then you
- * can either go for (int *) or (void *).
- */
- ret = accept(sock, (struct sockaddr *)&from, (void *)&len);
+ struct {
+ /*
+ * As for following union. Trouble is that there are platforms
+ * that have socklen_t and there are platforms that don't, on
+ * some platforms socklen_t is int and on some size_t. So what
+ * one can do? One can cook #ifdef spaghetti, which is nothing
+ * but masochistic. Or one can do union between int and size_t.
+ * One naturally does it primarily for 64-bit platforms where
+ * sizeof(int) != sizeof(size_t). But would it work? Note that
+ * if size_t member is initialized to 0, then later int member
+ * assignment naturally does the job on little-endian platforms
+ * regardless accept's expectations! What about big-endians?
+ * If accept expects int*, then it works, and if size_t*, then
+ * length value would appear as unreasonably large. But this
+ * won't prevent it from filling in the address structure. The
+ * trouble of course would be if accept returns more data than
+ * actual buffer can accomodate and overwrite stack... That's
+ * where early OPENSSL_assert comes into picture. Besides, the
+ * only 64-bit big-endian platform found so far that expects
+ * size_t* is HP-UX, where stack grows towards higher address.
+ * <appro>
+ */
+ union {
+ size_t s;
+ int i;
+ } len;
+ union {
+ struct sockaddr sa;
+ struct sockaddr_in sa_in;
+# if OPENSSL_USE_IPV6
+ struct sockaddr_in6 sa_in6;
+# endif
+ } from;
+ } sa;
+
+ sa.len.s = 0;
+ sa.len.i = sizeof(sa.from);
+ memset(&sa.from, 0, sizeof(sa.from));
+ ret = accept(sock, &sa.from.sa, (void *)&sa.len);
+ if (sizeof(sa.len.i) != sizeof(sa.len.s) && sa.len.i == 0) {
+ OPENSSL_assert(sa.len.s <= sizeof(sa.from));
+ sa.len.i = (int)sa.len.s;
+ /* use sa.len.i from this point */
+ }
if (ret == INVALID_SOCKET) {
if (BIO_sock_should_retry(ret))
return -2;
@@ -707,8 +860,55 @@
if (addr == NULL)
goto end;
- l = ntohl(from.sin_addr.s_addr);
- port = ntohs(from.sin_port);
+# ifdef EAI_FAMILY
+ do {
+ char h[NI_MAXHOST], s[NI_MAXSERV];
+ size_t nl;
+ static union {
+ void *p;
+ int (WSAAPI *f) (const struct sockaddr *, size_t /* socklen_t */ ,
+ char *, size_t, char *, size_t, int);
+ } p_getnameinfo = {
+ NULL
+ };
+ /*
+ * 2nd argument to getnameinfo is specified to be socklen_t.
+ * Unfortunately there is a number of environments where socklen_t is
+ * not defined. As it's passed by value, it's safe to pass it as
+ * size_t... <appro>
+ */
+
+ if (p_getnameinfo.p == NULL) {
+ if ((p_getnameinfo.p = DSO_global_lookup("getnameinfo")) == NULL)
+ p_getnameinfo.p = (void *)-1;
+ }
+ if (p_getnameinfo.p == (void *)-1)
+ break;
+
+ if ((*p_getnameinfo.f) (&sa.from.sa, sa.len.i, h, sizeof(h), s,
+ sizeof(s), NI_NUMERICHOST | NI_NUMERICSERV))
+ break;
+ nl = strlen(h) + strlen(s) + 2;
+ p = *addr;
+ if (p) {
+ *p = '\0';
+ p = OPENSSL_realloc(p, nl);
+ } else {
+ p = OPENSSL_malloc(nl);
+ }
+ if (p == NULL) {
+ BIOerr(BIO_F_BIO_ACCEPT, ERR_R_MALLOC_FAILURE);
+ goto end;
+ }
+ *addr = p;
+ BIO_snprintf(*addr, nl, "%s:%s", h, s);
+ goto end;
+ } while (0);
+# endif
+ if (sa.from.sa.sa_family != AF_INET)
+ goto end;
+ l = ntohl(sa.from.sa_in.sin_addr.s_addr);
+ port = ntohs(sa.from.sa_in.sin_port);
if (*addr == NULL) {
if ((p = OPENSSL_malloc(24)) == NULL) {
BIOerr(BIO_F_BIO_ACCEPT, ERR_R_MALLOC_FAILURE);
@@ -743,7 +943,6 @@
# endif
return (ret == 0);
}
-#endif
int BIO_socket_nbio(int s, int mode)
{
@@ -751,8 +950,9 @@
int l;
l = mode;
-#ifdef FIONBIO
+# ifdef FIONBIO
ret = BIO_socket_ioctl(s, FIONBIO, &l);
-#endif
+# endif
return (ret == 0);
}
+#endif
Modified: trunk/crypto/openssl/crypto/bio/bf_nbio.c
===================================================================
--- trunk/crypto/openssl/crypto/bio/bf_nbio.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/bio/bf_nbio.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -139,7 +139,8 @@
BIO_clear_retry_flags(b);
#if 1
- RAND_pseudo_bytes(&n, 1);
+ if (RAND_pseudo_bytes(&n, 1) < 0)
+ return -1;
num = (n & 0x07);
if (outl > num)
@@ -178,7 +179,8 @@
num = nt->lwn;
nt->lwn = 0;
} else {
- RAND_pseudo_bytes(&n, 1);
+ if (RAND_pseudo_bytes(&n, 1) < 0)
+ return -1;
num = (n & 7);
}
Modified: trunk/crypto/openssl/crypto/bio/bio.h
===================================================================
--- trunk/crypto/openssl/crypto/bio/bio.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/bio/bio.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -68,6 +68,14 @@
# include <openssl/crypto.h>
+# ifndef OPENSSL_NO_SCTP
+# ifndef OPENSSL_SYS_VMS
+# include <stdint.h>
+# else
+# include <inttypes.h>
+# endif
+# endif
+
#ifdef __cplusplus
extern "C" {
#endif
@@ -95,6 +103,10 @@
# define BIO_TYPE_BIO (19|0x0400)/* (half a) BIO pair */
# define BIO_TYPE_LINEBUFFER (20|0x0200)/* filter */
# define BIO_TYPE_DGRAM (21|0x0400|0x0100)
+# ifndef OPENSSL_NO_SCTP
+# define BIO_TYPE_DGRAM_SCTP (24|0x0400|0x0100)
+# endif
+# define BIO_TYPE_ASN1 (22|0x0200)/* filter */
# define BIO_TYPE_COMP (23|0x0200)/* filter */
# define BIO_TYPE_DESCRIPTOR 0x0100/* socket, fd, connect or accept */
@@ -161,8 +173,25 @@
# define BIO_CTRL_DGRAM_SET_PEER 44/* Destination for the data */
# define BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT 45/* Next DTLS handshake timeout
- * to * adjust socket timeouts */
+ * to adjust socket timeouts */
+# define BIO_CTRL_DGRAM_GET_MTU_OVERHEAD 49
+
+# ifndef OPENSSL_NO_SCTP
+/* SCTP stuff */
+# define BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE 50
+# define BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY 51
+# define BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY 52
+# define BIO_CTRL_DGRAM_SCTP_AUTH_CCS_RCVD 53
+# define BIO_CTRL_DGRAM_SCTP_GET_SNDINFO 60
+# define BIO_CTRL_DGRAM_SCTP_SET_SNDINFO 61
+# define BIO_CTRL_DGRAM_SCTP_GET_RCVINFO 62
+# define BIO_CTRL_DGRAM_SCTP_SET_RCVINFO 63
+# define BIO_CTRL_DGRAM_SCTP_GET_PRINFO 64
+# define BIO_CTRL_DGRAM_SCTP_SET_PRINFO 65
+# define BIO_CTRL_DGRAM_SCTP_SAVE_SHUTDOWN 70
+# endif
+
/* modifiers */
# define BIO_FP_READ 0x02
# define BIO_FP_WRITE 0x04
@@ -279,7 +308,6 @@
typedef void bio_info_cb (struct bio_st *, int, const char *, int, long,
long);
-# ifndef OPENSSL_SYS_WIN16
typedef struct bio_method_st {
int type;
const char *name;
@@ -292,20 +320,6 @@
int (*destroy) (BIO *);
long (*callback_ctrl) (BIO *, int, bio_info_cb *);
} BIO_METHOD;
-# else
-typedef struct bio_method_st {
- int type;
- const char *name;
- int (_far * bwrite) ();
- int (_far * bread) ();
- int (_far * bputs) ();
- int (_far * bgets) ();
- long (_far * ctrl) ();
- int (_far * create) ();
- int (_far * destroy) ();
- long (_far * callback_ctrl) ();
-} BIO_METHOD;
-# endif
struct bio_st {
BIO_METHOD *method;
@@ -351,6 +365,35 @@
int obuf_off; /* write/read offset */
} BIO_F_BUFFER_CTX;
+/* Prefix and suffix callback in ASN1 BIO */
+typedef int asn1_ps_func (BIO *b, unsigned char **pbuf, int *plen,
+ void *parg);
+
+# ifndef OPENSSL_NO_SCTP
+/* SCTP parameter structs */
+struct bio_dgram_sctp_sndinfo {
+ uint16_t snd_sid;
+ uint16_t snd_flags;
+ uint32_t snd_ppid;
+ uint32_t snd_context;
+};
+
+struct bio_dgram_sctp_rcvinfo {
+ uint16_t rcv_sid;
+ uint16_t rcv_ssn;
+ uint16_t rcv_flags;
+ uint32_t rcv_ppid;
+ uint32_t rcv_tsn;
+ uint32_t rcv_cumtsn;
+ uint32_t rcv_context;
+};
+
+struct bio_dgram_sctp_prinfo {
+ uint16_t pr_policy;
+ uint32_t pr_value;
+};
+# endif
+
/* connect BIO stuff */
# define BIO_CONN_S_BEFORE 1
# define BIO_CONN_S_GET_IP 2
@@ -416,6 +459,14 @@
# define BIO_C_RESET_READ_REQUEST 147
# define BIO_C_SET_MD_CTX 148
+# define BIO_C_SET_PREFIX 149
+# define BIO_C_GET_PREFIX 150
+# define BIO_C_SET_SUFFIX 151
+# define BIO_C_GET_SUFFIX 152
+
+# define BIO_C_SET_EX_ARG 153
+# define BIO_C_GET_EX_ARG 154
+
# define BIO_set_app_data(s,arg) BIO_set_ex_data(s,0,arg)
# define BIO_get_app_data(s) BIO_get_ex_data(s,0)
@@ -571,6 +622,8 @@
(int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_PEER, 0, (char *)peer)
# define BIO_dgram_set_peer(b,peer) \
(int)BIO_ctrl(b, BIO_CTRL_DGRAM_SET_PEER, 0, (char *)peer)
+# define BIO_dgram_get_mtu_overhead(b) \
+ (unsigned int)BIO_ctrl((b), BIO_CTRL_DGRAM_GET_MTU_OVERHEAD, 0, NULL)
/* These two aren't currently implemented */
/* int BIO_get_ex_num(BIO *bio); */
@@ -582,22 +635,21 @@
unsigned long BIO_number_read(BIO *bio);
unsigned long BIO_number_written(BIO *bio);
+/* For BIO_f_asn1() */
+int BIO_asn1_set_prefix(BIO *b, asn1_ps_func *prefix,
+ asn1_ps_func *prefix_free);
+int BIO_asn1_get_prefix(BIO *b, asn1_ps_func **pprefix,
+ asn1_ps_func **pprefix_free);
+int BIO_asn1_set_suffix(BIO *b, asn1_ps_func *suffix,
+ asn1_ps_func *suffix_free);
+int BIO_asn1_get_suffix(BIO *b, asn1_ps_func **psuffix,
+ asn1_ps_func **psuffix_free);
+
# ifndef OPENSSL_NO_FP_API
-# if defined(OPENSSL_SYS_WIN16) && defined(_WINDLL)
-BIO_METHOD *BIO_s_file_internal(void);
-BIO *BIO_new_file_internal(char *filename, char *mode);
-BIO *BIO_new_fp_internal(FILE *stream, int close_flag);
-# define BIO_s_file BIO_s_file_internal
-# define BIO_new_file BIO_new_file_internal
-# define BIO_new_fp BIO_new_fp_internal
-# else /* FP_API */
BIO_METHOD *BIO_s_file(void);
BIO *BIO_new_file(const char *filename, const char *mode);
BIO *BIO_new_fp(FILE *stream, int close_flag);
-# define BIO_s_file_internal BIO_s_file
-# define BIO_new_file_internal BIO_new_file
-# define BIO_new_fp_internal BIO_s_file
-# endif /* FP_API */
+# define BIO_s_file_internal BIO_s_file
# endif
BIO *BIO_new(BIO_METHOD *type);
int BIO_set(BIO *a, BIO_METHOD *type);
@@ -628,13 +680,8 @@
int BIO_nwrite0(BIO *bio, char **buf);
int BIO_nwrite(BIO *bio, char **buf, int num);
-# ifndef OPENSSL_SYS_WIN16
long BIO_debug_callback(BIO *bio, int cmd, const char *argp, int argi,
long argl, long ret);
-# else
-long _far _loadds BIO_debug_callback(BIO *bio, int cmd, const char *argp,
- int argi, long argl, long ret);
-# endif
BIO_METHOD *BIO_s_mem(void);
BIO *BIO_new_mem_buf(void *buf, int len);
@@ -655,6 +702,9 @@
BIO_METHOD *BIO_f_nbio_test(void);
# ifndef OPENSSL_NO_DGRAM
BIO_METHOD *BIO_s_datagram(void);
+# ifndef OPENSSL_NO_SCTP
+BIO_METHOD *BIO_s_datagram_sctp(void);
+# endif
# endif
/* BIO_METHOD *BIO_f_ber(void); */
@@ -698,6 +748,18 @@
BIO *BIO_new_socket(int sock, int close_flag);
BIO *BIO_new_dgram(int fd, int close_flag);
+# ifndef OPENSSL_NO_SCTP
+BIO *BIO_new_dgram_sctp(int fd, int close_flag);
+int BIO_dgram_is_sctp(BIO *bio);
+int BIO_dgram_sctp_notification_cb(BIO *b,
+ void (*handle_notifications) (BIO *bio,
+ void
+ *context,
+ void *buf),
+ void *context);
+int BIO_dgram_sctp_wait_for_dry(BIO *b);
+int BIO_dgram_sctp_msg_waiting(BIO *b);
+# endif
BIO *BIO_new_fd(int fd, int close_flag);
BIO *BIO_new_connect(char *host_port);
BIO *BIO_new_accept(char *host_port);
@@ -766,6 +828,8 @@
# define BIO_F_BUFFER_CTRL 114
# define BIO_F_CONN_CTRL 127
# define BIO_F_CONN_STATE 115
+# define BIO_F_DGRAM_SCTP_READ 132
+# define BIO_F_DGRAM_SCTP_WRITE 133
# define BIO_F_FILE_CTRL 116
# define BIO_F_FILE_READ 130
# define BIO_F_LINEBUFFER_CTRL 129
Modified: trunk/crypto/openssl/crypto/bio/bio_cb.c
===================================================================
--- trunk/crypto/openssl/crypto/bio/bio_cb.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/bio/bio_cb.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -70,14 +70,17 @@
MS_STATIC char buf[256];
char *p;
long r = 1;
+ int len;
size_t p_maxlen;
if (BIO_CB_RETURN & cmd)
r = ret;
- BIO_snprintf(buf, sizeof buf, "BIO[%08lX]:", (unsigned long)bio);
- p = &(buf[14]);
- p_maxlen = sizeof buf - 14;
+ len = BIO_snprintf(buf,sizeof buf,"BIO[%p]: ",(void *)bio);
+
+ p = buf + len;
+ p_maxlen = sizeof(buf) - len;
+
switch (cmd) {
case BIO_CB_FREE:
BIO_snprintf(p, p_maxlen, "Free - %s\n", bio->method->name);
@@ -84,28 +87,32 @@
break;
case BIO_CB_READ:
if (bio->method->type & BIO_TYPE_DESCRIPTOR)
- BIO_snprintf(p, p_maxlen, "read(%d,%d) - %s fd=%d\n",
- bio->num, argi, bio->method->name, bio->num);
+ BIO_snprintf(p, p_maxlen, "read(%d,%lu) - %s fd=%d\n",
+ bio->num, (unsigned long)argi,
+ bio->method->name, bio->num);
else
- BIO_snprintf(p, p_maxlen, "read(%d,%d) - %s\n",
- bio->num, argi, bio->method->name);
+ BIO_snprintf(p, p_maxlen, "read(%d,%lu) - %s\n",
+ bio->num, (unsigned long)argi, bio->method->name);
break;
case BIO_CB_WRITE:
if (bio->method->type & BIO_TYPE_DESCRIPTOR)
- BIO_snprintf(p, p_maxlen, "write(%d,%d) - %s fd=%d\n",
- bio->num, argi, bio->method->name, bio->num);
+ BIO_snprintf(p, p_maxlen, "write(%d,%lu) - %s fd=%d\n",
+ bio->num, (unsigned long)argi,
+ bio->method->name, bio->num);
else
- BIO_snprintf(p, p_maxlen, "write(%d,%d) - %s\n",
- bio->num, argi, bio->method->name);
+ BIO_snprintf(p, p_maxlen, "write(%d,%lu) - %s\n",
+ bio->num, (unsigned long)argi, bio->method->name);
break;
case BIO_CB_PUTS:
BIO_snprintf(p, p_maxlen, "puts() - %s\n", bio->method->name);
break;
case BIO_CB_GETS:
- BIO_snprintf(p, p_maxlen, "gets(%d) - %s\n", argi, bio->method->name);
+ BIO_snprintf(p, p_maxlen, "gets(%lu) - %s\n", (unsigned long)argi,
+ bio->method->name);
break;
case BIO_CB_CTRL:
- BIO_snprintf(p, p_maxlen, "ctrl(%d) - %s\n", argi, bio->method->name);
+ BIO_snprintf(p, p_maxlen, "ctrl(%lu) - %s\n", (unsigned long)argi,
+ bio->method->name);
break;
case BIO_CB_RETURN | BIO_CB_READ:
BIO_snprintf(p, p_maxlen, "read return %ld\n", ret);
Modified: trunk/crypto/openssl/crypto/bio/bio_err.c
===================================================================
--- trunk/crypto/openssl/crypto/bio/bio_err.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/bio/bio_err.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,6 +1,6 @@
/* crypto/bio/bio_err.c */
/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -95,6 +95,8 @@
{ERR_FUNC(BIO_F_BUFFER_CTRL), "BUFFER_CTRL"},
{ERR_FUNC(BIO_F_CONN_CTRL), "CONN_CTRL"},
{ERR_FUNC(BIO_F_CONN_STATE), "CONN_STATE"},
+ {ERR_FUNC(BIO_F_DGRAM_SCTP_READ), "DGRAM_SCTP_READ"},
+ {ERR_FUNC(BIO_F_DGRAM_SCTP_WRITE), "DGRAM_SCTP_WRITE"},
{ERR_FUNC(BIO_F_FILE_CTRL), "FILE_CTRL"},
{ERR_FUNC(BIO_F_FILE_READ), "FILE_READ"},
{ERR_FUNC(BIO_F_LINEBUFFER_CTRL), "LINEBUFFER_CTRL"},
Modified: trunk/crypto/openssl/crypto/bio/bio_lcl.h
===================================================================
--- trunk/crypto/openssl/crypto/bio/bio_lcl.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/bio/bio_lcl.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -18,11 +18,19 @@
# define UP_ftell ftell
# define UP_fflush fflush
# define UP_ferror ferror
-# define UP_fileno fileno
-
-# define UP_open open
-# define UP_read read
-# define UP_write write
-# define UP_lseek lseek
-# define UP_close close
+# ifdef _WIN32
+# define UP_fileno _fileno
+# define UP_open _open
+# define UP_read _read
+# define UP_write _write
+# define UP_lseek _lseek
+# define UP_close _close
+# else
+# define UP_fileno fileno
+# define UP_open open
+# define UP_read read
+# define UP_write write
+# define UP_lseek lseek
+# define UP_close close
+# endif
#endif
Modified: trunk/crypto/openssl/crypto/bio/bio_lib.c
===================================================================
--- trunk/crypto/openssl/crypto/bio/bio_lib.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/bio/bio_lib.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -420,7 +420,7 @@
if (bio != NULL)
bio->prev_bio = lb;
/* called to do internal processing */
- BIO_ctrl(b, BIO_CTRL_PUSH, 0, NULL);
+ BIO_ctrl(b, BIO_CTRL_PUSH, 0, lb);
return (b);
}
@@ -433,7 +433,7 @@
return (NULL);
ret = b->next_bio;
- BIO_ctrl(b, BIO_CTRL_POP, 0, NULL);
+ BIO_ctrl(b, BIO_CTRL_POP, 0, b);
if (b->prev_bio != NULL)
b->prev_bio->next_bio = b->next_bio;
@@ -515,42 +515,44 @@
BIO *BIO_dup_chain(BIO *in)
{
- BIO *ret = NULL, *eoc = NULL, *bio, *new;
+ BIO *ret = NULL, *eoc = NULL, *bio, *new_bio;
for (bio = in; bio != NULL; bio = bio->next_bio) {
- if ((new = BIO_new(bio->method)) == NULL)
+ if ((new_bio = BIO_new(bio->method)) == NULL)
goto err;
- new->callback = bio->callback;
- new->cb_arg = bio->cb_arg;
- new->init = bio->init;
- new->shutdown = bio->shutdown;
- new->flags = bio->flags;
+ new_bio->callback = bio->callback;
+ new_bio->cb_arg = bio->cb_arg;
+ new_bio->init = bio->init;
+ new_bio->shutdown = bio->shutdown;
+ new_bio->flags = bio->flags;
/* This will let SSL_s_sock() work with stdin/stdout */
- new->num = bio->num;
+ new_bio->num = bio->num;
- if (!BIO_dup_state(bio, (char *)new)) {
- BIO_free(new);
+ if (!BIO_dup_state(bio, (char *)new_bio)) {
+ BIO_free(new_bio);
goto err;
}
/* copy app data */
- if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_BIO, &new->ex_data,
- &bio->ex_data))
+ if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_BIO, &new_bio->ex_data,
+ &bio->ex_data)) {
+ BIO_free(new_bio);
goto err;
+ }
if (ret == NULL) {
- eoc = new;
+ eoc = new_bio;
ret = eoc;
} else {
- BIO_push(eoc, new);
- eoc = new;
+ BIO_push(eoc, new_bio);
+ eoc = new_bio;
}
}
return (ret);
err:
- if (ret != NULL)
- BIO_free(ret);
+ BIO_free_all(ret);
+
return (NULL);
}
Modified: trunk/crypto/openssl/crypto/bio/bss_acpt.c
===================================================================
--- trunk/crypto/openssl/crypto/bio/bss_acpt.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/bio/bss_acpt.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -99,8 +99,8 @@
static int acpt_free(BIO *data);
static int acpt_state(BIO *b, BIO_ACCEPT *c);
static void acpt_close_socket(BIO *data);
-BIO_ACCEPT *BIO_ACCEPT_new(void);
-void BIO_ACCEPT_free(BIO_ACCEPT *a);
+static BIO_ACCEPT *BIO_ACCEPT_new(void);
+static void BIO_ACCEPT_free(BIO_ACCEPT *a);
# define ACPT_S_BEFORE 1
# define ACPT_S_GET_ACCEPT_SOCKET 2
@@ -139,7 +139,7 @@
return (1);
}
-BIO_ACCEPT *BIO_ACCEPT_new(void)
+static BIO_ACCEPT *BIO_ACCEPT_new(void)
{
BIO_ACCEPT *ret;
@@ -152,7 +152,7 @@
return (ret);
}
-void BIO_ACCEPT_free(BIO_ACCEPT *a)
+static void BIO_ACCEPT_free(BIO_ACCEPT *a)
{
if (a == NULL)
return;
Modified: trunk/crypto/openssl/crypto/bio/bss_bio.c
===================================================================
--- trunk/crypto/openssl/crypto/bio/bss_bio.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/bio/bss_bio.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -270,10 +270,10 @@
* WARNING: The non-copying interface is largely untested as of yet and may
* contain bugs.
*/
-static ssize_t bio_nread0(BIO *bio, char **buf)
+static ossl_ssize_t bio_nread0(BIO *bio, char **buf)
{
struct bio_bio_st *b, *peer_b;
- ssize_t num;
+ ossl_ssize_t num;
BIO_clear_retry_flags(bio);
@@ -307,15 +307,15 @@
return num;
}
-static ssize_t bio_nread(BIO *bio, char **buf, size_t num_)
+static ossl_ssize_t bio_nread(BIO *bio, char **buf, size_t num_)
{
struct bio_bio_st *b, *peer_b;
- ssize_t num, available;
+ ossl_ssize_t num, available;
if (num_ > SSIZE_MAX)
num = SSIZE_MAX;
else
- num = (ssize_t) num_;
+ num = (ossl_ssize_t) num_;
available = bio_nread0(bio, buf);
if (num > available)
@@ -415,7 +415,7 @@
* (example usage: bio_nwrite0(), write to buffer, bio_nwrite()
* or just bio_nwrite(), write to buffer)
*/
-static ssize_t bio_nwrite0(BIO *bio, char **buf)
+static ossl_ssize_t bio_nwrite0(BIO *bio, char **buf)
{
struct bio_bio_st *b;
size_t num;
@@ -463,15 +463,15 @@
return num;
}
-static ssize_t bio_nwrite(BIO *bio, char **buf, size_t num_)
+static ossl_ssize_t bio_nwrite(BIO *bio, char **buf, size_t num_)
{
struct bio_bio_st *b;
- ssize_t num, space;
+ ossl_ssize_t num, space;
if (num_ > SSIZE_MAX)
num = SSIZE_MAX;
else
- num = (ssize_t) num_;
+ num = (ossl_ssize_t) num_;
space = bio_nwrite0(bio, buf);
if (num > space)
Modified: trunk/crypto/openssl/crypto/bio/bss_dgram.c
===================================================================
--- trunk/crypto/openssl/crypto/bio/bss_dgram.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/bio/bss_dgram.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -69,10 +69,27 @@
# include <sys/timeb.h>
# endif
-# ifdef OPENSSL_SYS_LINUX
+# ifndef OPENSSL_NO_SCTP
+# include <netinet/sctp.h>
+# include <fcntl.h>
+# define OPENSSL_SCTP_DATA_CHUNK_TYPE 0x00
+# define OPENSSL_SCTP_FORWARD_CUM_TSN_CHUNK_TYPE 0xc0
+# endif
+
+# if defined(OPENSSL_SYS_LINUX) && !defined(IP_MTU)
# define IP_MTU 14 /* linux is lame */
# endif
+# if defined(__FreeBSD__) && defined(IN6_IS_ADDR_V4MAPPED)
+/* Standard definition causes type-punning problems. */
+# undef IN6_IS_ADDR_V4MAPPED
+# define s6_addr32 __u6_addr.__u6_addr32
+# define IN6_IS_ADDR_V4MAPPED(a) \
+ (((a)->s6_addr32[0] == 0) && \
+ ((a)->s6_addr32[1] == 0) && \
+ ((a)->s6_addr32[2] == htonl(0x0000ffff)))
+# endif
+
# ifdef WATT32
# define sock_write SockWrite /* Watt-32 uses same names */
# define sock_read SockRead
@@ -87,6 +104,19 @@
static int dgram_free(BIO *data);
static int dgram_clear(BIO *bio);
+# ifndef OPENSSL_NO_SCTP
+static int dgram_sctp_write(BIO *h, const char *buf, int num);
+static int dgram_sctp_read(BIO *h, char *buf, int size);
+static int dgram_sctp_puts(BIO *h, const char *str);
+static long dgram_sctp_ctrl(BIO *h, int cmd, long arg1, void *arg2);
+static int dgram_sctp_new(BIO *h);
+static int dgram_sctp_free(BIO *data);
+# ifdef SCTP_AUTHENTICATION_EVENT
+static void dgram_sctp_handle_auth_free_key_event(BIO *b, union sctp_notification
+ *snp);
+# endif
+# endif
+
static int BIO_dgram_should_retry(int s);
static void get_current_time(struct timeval *t);
@@ -104,8 +134,29 @@
NULL,
};
+# ifndef OPENSSL_NO_SCTP
+static BIO_METHOD methods_dgramp_sctp = {
+ BIO_TYPE_DGRAM_SCTP,
+ "datagram sctp socket",
+ dgram_sctp_write,
+ dgram_sctp_read,
+ dgram_sctp_puts,
+ NULL, /* dgram_gets, */
+ dgram_sctp_ctrl,
+ dgram_sctp_new,
+ dgram_sctp_free,
+ NULL,
+};
+# endif
+
typedef struct bio_dgram_data_st {
- struct sockaddr peer;
+ union {
+ struct sockaddr sa;
+ struct sockaddr_in sa_in;
+# if OPENSSL_USE_IPV6
+ struct sockaddr_in6 sa_in6;
+# endif
+ } peer;
unsigned int connected;
unsigned int _errno;
unsigned int mtu;
@@ -113,6 +164,38 @@
struct timeval socket_timeout;
} bio_dgram_data;
+# ifndef OPENSSL_NO_SCTP
+typedef struct bio_dgram_sctp_save_message_st {
+ BIO *bio;
+ char *data;
+ int length;
+} bio_dgram_sctp_save_message;
+
+typedef struct bio_dgram_sctp_data_st {
+ union {
+ struct sockaddr sa;
+ struct sockaddr_in sa_in;
+# if OPENSSL_USE_IPV6
+ struct sockaddr_in6 sa_in6;
+# endif
+ } peer;
+ unsigned int connected;
+ unsigned int _errno;
+ unsigned int mtu;
+ struct bio_dgram_sctp_sndinfo sndinfo;
+ struct bio_dgram_sctp_rcvinfo rcvinfo;
+ struct bio_dgram_sctp_prinfo prinfo;
+ void (*handle_notifications) (BIO *bio, void *context, void *buf);
+ void *notification_context;
+ int in_handshake;
+ int ccs_rcvd;
+ int ccs_sent;
+ int save_shutdown;
+ int peer_auth_tested;
+ bio_dgram_sctp_save_message saved_message;
+} bio_dgram_sctp_data;
+# endif
+
BIO_METHOD *BIO_s_datagram(void)
{
return (&methods_dgramp);
@@ -179,7 +262,12 @@
{
# if defined(SO_RCVTIMEO)
bio_dgram_data *data = (bio_dgram_data *)b->ptr;
- int sz = sizeof(int);
+ union {
+ size_t s;
+ int i;
+ } sz = {
+ 0
+ };
/* Is a timer active? */
if (data->next_timeout.tv_sec > 0 || data->next_timeout.tv_usec > 0) {
@@ -188,8 +276,10 @@
/* Read current socket timeout */
# ifdef OPENSSL_SYS_WINDOWS
int timeout;
+
+ sz.i = sizeof(timeout);
if (getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
- (void *)&timeout, &sz) < 0) {
+ (void *)&timeout, &sz.i) < 0) {
perror("getsockopt");
} else {
data->socket_timeout.tv_sec = timeout / 1000;
@@ -196,10 +286,12 @@
data->socket_timeout.tv_usec = (timeout % 1000) * 1000;
}
# else
+ sz.i = sizeof(data->socket_timeout);
if (getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
&(data->socket_timeout), (void *)&sz) < 0) {
perror("getsockopt");
- }
+ } else if (sizeof(sz.s) != sizeof(sz.i) && sz.i == 0)
+ OPENSSL_assert(sz.s <= sizeof(data->socket_timeout));
# endif
/* Get current time */
@@ -207,16 +299,17 @@
/* Calculate time left until timer expires */
memcpy(&timeleft, &(data->next_timeout), sizeof(struct timeval));
- timeleft.tv_sec -= timenow.tv_sec;
- timeleft.tv_usec -= timenow.tv_usec;
- if (timeleft.tv_usec < 0) {
+ if (timeleft.tv_usec < timenow.tv_usec) {
+ timeleft.tv_usec = 1000000 - timenow.tv_usec + timeleft.tv_usec;
timeleft.tv_sec--;
- timeleft.tv_usec += 1000000;
+ } else {
+ timeleft.tv_usec -= timenow.tv_usec;
}
-
- if (timeleft.tv_sec < 0) {
+ if (timeleft.tv_sec < timenow.tv_sec) {
timeleft.tv_sec = 0;
timeleft.tv_usec = 1;
+ } else {
+ timeleft.tv_sec -= timenow.tv_sec;
}
/*
@@ -275,22 +368,38 @@
int ret = 0;
bio_dgram_data *data = (bio_dgram_data *)b->ptr;
- struct sockaddr peer;
- int peerlen = sizeof(peer);
+ struct {
+ /*
+ * See commentary in b_sock.c. <appro>
+ */
+ union {
+ size_t s;
+ int i;
+ } len;
+ union {
+ struct sockaddr sa;
+ struct sockaddr_in sa_in;
+# if OPENSSL_USE_IPV6
+ struct sockaddr_in6 sa_in6;
+# endif
+ } peer;
+ } sa;
+ sa.len.s = 0;
+ sa.len.i = sizeof(sa.peer);
+
if (out != NULL) {
clear_socket_error();
- memset(&peer, 0x00, peerlen);
- /*
- * Last arg in recvfrom is signed on some platforms and unsigned on
- * others. It is of type socklen_t on some but this is not universal.
- * Cast to (void *) to avoid compiler warnings.
- */
+ memset(&sa.peer, 0x00, sizeof(sa.peer));
dgram_adjust_rcv_timeout(b);
- ret = recvfrom(b->num, out, outl, 0, &peer, (void *)&peerlen);
+ ret = recvfrom(b->num, out, outl, 0, &sa.peer.sa, (void *)&sa.len);
+ if (sizeof(sa.len.i) != sizeof(sa.len.s) && sa.len.i == 0) {
+ OPENSSL_assert(sa.len.s <= sizeof(sa.peer));
+ sa.len.i = (int)sa.len.s;
+ }
if (!data->connected && ret >= 0)
- BIO_ctrl(b, BIO_CTRL_DGRAM_SET_PEER, 0, &peer);
+ BIO_ctrl(b, BIO_CTRL_DGRAM_SET_PEER, 0, &sa.peer);
BIO_clear_retry_flags(b);
if (ret < 0) {
@@ -313,14 +422,21 @@
if (data->connected)
ret = writesocket(b->num, in, inl);
- else
+ else {
+ int peerlen = sizeof(data->peer);
+
+ if (data->peer.sa.sa_family == AF_INET)
+ peerlen = sizeof(data->peer.sa_in);
+# if OPENSSL_USE_IPV6
+ else if (data->peer.sa.sa_family == AF_INET6)
+ peerlen = sizeof(data->peer.sa_in6);
+# endif
# if defined(NETWARE_CLIB) && defined(NETWARE_BSDSOCK)
- ret =
- sendto(b->num, (char *)in, inl, 0, &data->peer,
- sizeof(data->peer));
+ ret = sendto(b->num, (char *)in, inl, 0, &data->peer.sa, peerlen);
# else
- ret = sendto(b->num, in, inl, 0, &data->peer, sizeof(data->peer));
+ ret = sendto(b->num, in, inl, 0, &data->peer.sa, peerlen);
# endif
+ }
BIO_clear_retry_flags(b);
if (ret <= 0) {
@@ -339,6 +455,41 @@
return (ret);
}
+static long dgram_get_mtu_overhead(bio_dgram_data *data)
+{
+ long ret;
+
+ switch (data->peer.sa.sa_family) {
+ case AF_INET:
+ /*
+ * Assume this is UDP - 20 bytes for IP, 8 bytes for UDP
+ */
+ ret = 28;
+ break;
+# if OPENSSL_USE_IPV6
+ case AF_INET6:
+# ifdef IN6_IS_ADDR_V4MAPPED
+ if (IN6_IS_ADDR_V4MAPPED(&data->peer.sa_in6.sin6_addr))
+ /*
+ * Assume this is UDP - 20 bytes for IP, 8 bytes for UDP
+ */
+ ret = 28;
+ else
+# endif
+ /*
+ * Assume this is UDP - 40 bytes for IP, 8 bytes for UDP
+ */
+ ret = 48;
+ break;
+# endif
+ default:
+ /* We don't know. Go with the historical default */
+ ret = 28;
+ break;
+ }
+ return ret;
+}
+
static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr)
{
long ret = 1;
@@ -345,13 +496,18 @@
int *ip;
struct sockaddr *to = NULL;
bio_dgram_data *data = NULL;
-# if defined(IP_MTU_DISCOVER) || defined(IP_MTU)
- long sockopt_val = 0;
- unsigned int sockopt_len = 0;
-# endif
-# ifdef OPENSSL_SYS_LINUX
+# if defined(OPENSSL_SYS_LINUX) && (defined(IP_MTU_DISCOVER) || defined(IP_MTU))
+ int sockopt_val = 0;
+ socklen_t sockopt_len; /* assume that system supporting IP_MTU is
+ * modern enough to define socklen_t */
socklen_t addr_len;
- struct sockaddr_storage addr;
+ union {
+ struct sockaddr sa;
+ struct sockaddr_in s4;
+# if OPENSSL_USE_IPV6
+ struct sockaddr_in6 s6;
+# endif
+ } addr;
# endif
data = (bio_dgram_data *)b->ptr;
@@ -403,7 +559,19 @@
ret = 0;
} else {
# endif
- memcpy(&(data->peer), to, sizeof(struct sockaddr));
+ switch (to->sa_family) {
+ case AF_INET:
+ memcpy(&data->peer, to, sizeof(data->peer.sa_in));
+ break;
+# if OPENSSL_USE_IPV6
+ case AF_INET6:
+ memcpy(&data->peer, to, sizeof(data->peer.sa_in6));
+ break;
+# endif
+ default:
+ memcpy(&data->peer, to, sizeof(data->peer.sa));
+ break;
+ }
# if 0
}
# endif
@@ -410,15 +578,14 @@
break;
/* (Linux)kernel sets DF bit on outgoing IP packets */
case BIO_CTRL_DGRAM_MTU_DISCOVER:
-# ifdef OPENSSL_SYS_LINUX
- addr_len = (socklen_t) sizeof(struct sockaddr_storage);
- memset((void *)&addr, 0, sizeof(struct sockaddr_storage));
- if (getsockname(b->num, (void *)&addr, &addr_len) < 0) {
+# if defined(OPENSSL_SYS_LINUX) && defined(IP_MTU_DISCOVER) && defined(IP_PMTUDISC_DO)
+ addr_len = (socklen_t) sizeof(addr);
+ memset((void *)&addr, 0, sizeof(addr));
+ if (getsockname(b->num, &addr.sa, &addr_len) < 0) {
ret = 0;
break;
}
- sockopt_len = sizeof(sockopt_val);
- switch (addr.ss_family) {
+ switch (addr.sa.sa_family) {
case AF_INET:
sockopt_val = IP_PMTUDISC_DO;
if ((ret = setsockopt(b->num, IPPROTO_IP, IP_MTU_DISCOVER,
@@ -425,6 +592,7 @@
&sockopt_val, sizeof(sockopt_val))) < 0)
perror("setsockopt");
break;
+# if OPENSSL_USE_IPV6 && defined(IPV6_MTU_DISCOVER) && defined(IPV6_PMTUDISC_DO)
case AF_INET6:
sockopt_val = IPV6_PMTUDISC_DO;
if ((ret = setsockopt(b->num, IPPROTO_IPV6, IPV6_MTU_DISCOVER,
@@ -431,6 +599,7 @@
&sockopt_val, sizeof(sockopt_val))) < 0)
perror("setsockopt");
break;
+# endif
default:
ret = -1;
break;
@@ -440,15 +609,15 @@
break;
# endif
case BIO_CTRL_DGRAM_QUERY_MTU:
-# ifdef OPENSSL_SYS_LINUX
- addr_len = (socklen_t) sizeof(struct sockaddr_storage);
- memset((void *)&addr, 0, sizeof(struct sockaddr_storage));
- if (getsockname(b->num, (void *)&addr, &addr_len) < 0) {
+# if defined(OPENSSL_SYS_LINUX) && defined(IP_MTU)
+ addr_len = (socklen_t) sizeof(addr);
+ memset((void *)&addr, 0, sizeof(addr));
+ if (getsockname(b->num, &addr.sa, &addr_len) < 0) {
ret = 0;
break;
}
sockopt_len = sizeof(sockopt_val);
- switch (addr.ss_family) {
+ switch (addr.sa.sa_family) {
case AF_INET:
if ((ret =
getsockopt(b->num, IPPROTO_IP, IP_MTU, (void *)&sockopt_val,
@@ -463,6 +632,7 @@
ret = data->mtu;
}
break;
+# if OPENSSL_USE_IPV6 && defined(IPV6_MTU)
case AF_INET6:
if ((ret =
getsockopt(b->num, IPPROTO_IPV6, IPV6_MTU,
@@ -478,6 +648,7 @@
ret = data->mtu;
}
break;
+# endif
default:
ret = 0;
break;
@@ -487,7 +658,25 @@
# endif
break;
case BIO_CTRL_DGRAM_GET_FALLBACK_MTU:
- ret = 576 - 20 - 8;
+ ret = -dgram_get_mtu_overhead(data);
+ switch (data->peer.sa.sa_family) {
+ case AF_INET:
+ ret += 576;
+ break;
+# if OPENSSL_USE_IPV6
+ case AF_INET6:
+# ifdef IN6_IS_ADDR_V4MAPPED
+ if (IN6_IS_ADDR_V4MAPPED(&data->peer.sa_in6.sin6_addr))
+ ret += 576;
+ else
+# endif
+ ret += 1280;
+ break;
+# endif
+ default:
+ ret += 576;
+ break;
+ }
break;
case BIO_CTRL_DGRAM_GET_MTU:
return data->mtu;
@@ -501,22 +690,57 @@
if (to != NULL) {
data->connected = 1;
- memcpy(&(data->peer), to, sizeof(struct sockaddr));
+ switch (to->sa_family) {
+ case AF_INET:
+ memcpy(&data->peer, to, sizeof(data->peer.sa_in));
+ break;
+# if OPENSSL_USE_IPV6
+ case AF_INET6:
+ memcpy(&data->peer, to, sizeof(data->peer.sa_in6));
+ break;
+# endif
+ default:
+ memcpy(&data->peer, to, sizeof(data->peer.sa));
+ break;
+ }
} else {
data->connected = 0;
- memset(&(data->peer), 0x00, sizeof(struct sockaddr));
+ memset(&(data->peer), 0x00, sizeof(data->peer));
}
break;
case BIO_CTRL_DGRAM_GET_PEER:
- to = (struct sockaddr *)ptr;
-
- memcpy(to, &(data->peer), sizeof(struct sockaddr));
- ret = sizeof(struct sockaddr);
+ switch (data->peer.sa.sa_family) {
+ case AF_INET:
+ ret = sizeof(data->peer.sa_in);
+ break;
+# if OPENSSL_USE_IPV6
+ case AF_INET6:
+ ret = sizeof(data->peer.sa_in6);
+ break;
+# endif
+ default:
+ ret = sizeof(data->peer.sa);
+ break;
+ }
+ if (num == 0 || num > ret)
+ num = ret;
+ memcpy(ptr, &data->peer, (ret = num));
break;
case BIO_CTRL_DGRAM_SET_PEER:
to = (struct sockaddr *)ptr;
-
- memcpy(&(data->peer), to, sizeof(struct sockaddr));
+ switch (to->sa_family) {
+ case AF_INET:
+ memcpy(&data->peer, to, sizeof(data->peer.sa_in));
+ break;
+# if OPENSSL_USE_IPV6
+ case AF_INET6:
+ memcpy(&data->peer, to, sizeof(data->peer.sa_in6));
+ break;
+# endif
+ default:
+ memcpy(&data->peer, to, sizeof(data->peer.sa));
+ break;
+ }
break;
case BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT:
memcpy(&(data->next_timeout), ptr, sizeof(struct timeval));
@@ -542,12 +766,20 @@
# endif
break;
case BIO_CTRL_DGRAM_GET_RECV_TIMEOUT:
+ {
+ union {
+ size_t s;
+ int i;
+ } sz = {
+ 0
+ };
# ifdef OPENSSL_SYS_WINDOWS
- {
- int timeout, sz = sizeof(timeout);
+ int timeout;
struct timeval *tv = (struct timeval *)ptr;
+
+ sz.i = sizeof(timeout);
if (getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
- (void *)&timeout, &sz) < 0) {
+ (void *)&timeout, &sz.i) < 0) {
perror("getsockopt");
ret = -1;
} else {
@@ -555,14 +787,19 @@
tv->tv_usec = (timeout % 1000) * 1000;
ret = sizeof(*tv);
}
- }
# else
- if (getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
- ptr, (void *)&ret) < 0) {
- perror("getsockopt");
- ret = -1;
+ sz.i = sizeof(struct timeval);
+ if (getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
+ ptr, (void *)&sz) < 0) {
+ perror("getsockopt");
+ ret = -1;
+ } else if (sizeof(sz.s) != sizeof(sz.i) && sz.i == 0) {
+ OPENSSL_assert(sz.s <= sizeof(struct timeval));
+ ret = (int)sz.s;
+ } else
+ ret = sz.i;
+# endif
}
-# endif
break;
# endif
# if defined(SO_SNDTIMEO)
@@ -586,12 +823,20 @@
# endif
break;
case BIO_CTRL_DGRAM_GET_SEND_TIMEOUT:
+ {
+ union {
+ size_t s;
+ int i;
+ } sz = {
+ 0
+ };
# ifdef OPENSSL_SYS_WINDOWS
- {
- int timeout, sz = sizeof(timeout);
+ int timeout;
struct timeval *tv = (struct timeval *)ptr;
+
+ sz.i = sizeof(timeout);
if (getsockopt(b->num, SOL_SOCKET, SO_SNDTIMEO,
- (void *)&timeout, &sz) < 0) {
+ (void *)&timeout, &sz.i) < 0) {
perror("getsockopt");
ret = -1;
} else {
@@ -599,14 +844,19 @@
tv->tv_usec = (timeout % 1000) * 1000;
ret = sizeof(*tv);
}
- }
# else
- if (getsockopt(b->num, SOL_SOCKET, SO_SNDTIMEO,
- ptr, (void *)&ret) < 0) {
- perror("getsockopt");
- ret = -1;
+ sz.i = sizeof(struct timeval);
+ if (getsockopt(b->num, SOL_SOCKET, SO_SNDTIMEO,
+ ptr, (void *)&sz) < 0) {
+ perror("getsockopt");
+ ret = -1;
+ } else if (sizeof(sz.s) != sizeof(sz.i) && sz.i == 0) {
+ OPENSSL_assert(sz.s <= sizeof(struct timeval));
+ ret = (int)sz.s;
+ } else
+ ret = sz.i;
+# endif
}
-# endif
break;
# endif
case BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP:
@@ -632,6 +882,9 @@
ret = 0;
break;
# endif
+ case BIO_CTRL_DGRAM_GET_MTU_OVERHEAD:
+ ret = dgram_get_mtu_overhead(data);
+ break;
default:
ret = 0;
break;
@@ -648,6 +901,1023 @@
return (ret);
}
+# ifndef OPENSSL_NO_SCTP
+BIO_METHOD *BIO_s_datagram_sctp(void)
+{
+ return (&methods_dgramp_sctp);
+}
+
+BIO *BIO_new_dgram_sctp(int fd, int close_flag)
+{
+ BIO *bio;
+ int ret, optval = 20000;
+ int auth_data = 0, auth_forward = 0;
+ unsigned char *p;
+ struct sctp_authchunk auth;
+ struct sctp_authchunks *authchunks;
+ socklen_t sockopt_len;
+# ifdef SCTP_AUTHENTICATION_EVENT
+# ifdef SCTP_EVENT
+ struct sctp_event event;
+# else
+ struct sctp_event_subscribe event;
+# endif
+# endif
+
+ bio = BIO_new(BIO_s_datagram_sctp());
+ if (bio == NULL)
+ return (NULL);
+ BIO_set_fd(bio, fd, close_flag);
+
+ /* Activate SCTP-AUTH for DATA and FORWARD-TSN chunks */
+ auth.sauth_chunk = OPENSSL_SCTP_DATA_CHUNK_TYPE;
+ ret =
+ setsockopt(fd, IPPROTO_SCTP, SCTP_AUTH_CHUNK, &auth,
+ sizeof(struct sctp_authchunk));
+ if (ret < 0) {
+ BIO_vfree(bio);
+ return (NULL);
+ }
+ auth.sauth_chunk = OPENSSL_SCTP_FORWARD_CUM_TSN_CHUNK_TYPE;
+ ret =
+ setsockopt(fd, IPPROTO_SCTP, SCTP_AUTH_CHUNK, &auth,
+ sizeof(struct sctp_authchunk));
+ if (ret < 0) {
+ BIO_vfree(bio);
+ return (NULL);
+ }
+
+ /*
+ * Test if activation was successful. When using accept(), SCTP-AUTH has
+ * to be activated for the listening socket already, otherwise the
+ * connected socket won't use it.
+ */
+ sockopt_len = (socklen_t) (sizeof(sctp_assoc_t) + 256 * sizeof(uint8_t));
+ authchunks = OPENSSL_malloc(sockopt_len);
+ if (!authchunks) {
+ BIO_vfree(bio);
+ return (NULL);
+ }
+ memset(authchunks, 0, sizeof(sockopt_len));
+ ret =
+ getsockopt(fd, IPPROTO_SCTP, SCTP_LOCAL_AUTH_CHUNKS, authchunks,
+ &sockopt_len);
+
+ if (ret < 0) {
+ OPENSSL_free(authchunks);
+ BIO_vfree(bio);
+ return (NULL);
+ }
+
+ for (p = (unsigned char *)authchunks->gauth_chunks;
+ p < (unsigned char *)authchunks + sockopt_len;
+ p += sizeof(uint8_t)) {
+ if (*p == OPENSSL_SCTP_DATA_CHUNK_TYPE)
+ auth_data = 1;
+ if (*p == OPENSSL_SCTP_FORWARD_CUM_TSN_CHUNK_TYPE)
+ auth_forward = 1;
+ }
+
+ OPENSSL_free(authchunks);
+
+ OPENSSL_assert(auth_data);
+ OPENSSL_assert(auth_forward);
+
+# ifdef SCTP_AUTHENTICATION_EVENT
+# ifdef SCTP_EVENT
+ memset(&event, 0, sizeof(struct sctp_event));
+ event.se_assoc_id = 0;
+ event.se_type = SCTP_AUTHENTICATION_EVENT;
+ event.se_on = 1;
+ ret =
+ setsockopt(fd, IPPROTO_SCTP, SCTP_EVENT, &event,
+ sizeof(struct sctp_event));
+ if (ret < 0) {
+ BIO_vfree(bio);
+ return (NULL);
+ }
+# else
+ sockopt_len = (socklen_t) sizeof(struct sctp_event_subscribe);
+ ret = getsockopt(fd, IPPROTO_SCTP, SCTP_EVENTS, &event, &sockopt_len);
+ if (ret < 0) {
+ BIO_vfree(bio);
+ return (NULL);
+ }
+
+ event.sctp_authentication_event = 1;
+
+ ret =
+ setsockopt(fd, IPPROTO_SCTP, SCTP_EVENTS, &event,
+ sizeof(struct sctp_event_subscribe));
+ if (ret < 0) {
+ BIO_vfree(bio);
+ return (NULL);
+ }
+# endif
+# endif
+
+ /*
+ * Disable partial delivery by setting the min size larger than the max
+ * record size of 2^14 + 2048 + 13
+ */
+ ret =
+ setsockopt(fd, IPPROTO_SCTP, SCTP_PARTIAL_DELIVERY_POINT, &optval,
+ sizeof(optval));
+ if (ret < 0) {
+ BIO_vfree(bio);
+ return (NULL);
+ }
+
+ return (bio);
+}
+
+int BIO_dgram_is_sctp(BIO *bio)
+{
+ return (BIO_method_type(bio) == BIO_TYPE_DGRAM_SCTP);
+}
+
+static int dgram_sctp_new(BIO *bi)
+{
+ bio_dgram_sctp_data *data = NULL;
+
+ bi->init = 0;
+ bi->num = 0;
+ data = OPENSSL_malloc(sizeof(bio_dgram_sctp_data));
+ if (data == NULL)
+ return 0;
+ memset(data, 0x00, sizeof(bio_dgram_sctp_data));
+# ifdef SCTP_PR_SCTP_NONE
+ data->prinfo.pr_policy = SCTP_PR_SCTP_NONE;
+# endif
+ bi->ptr = data;
+
+ bi->flags = 0;
+ return (1);
+}
+
+static int dgram_sctp_free(BIO *a)
+{
+ bio_dgram_sctp_data *data;
+
+ if (a == NULL)
+ return (0);
+ if (!dgram_clear(a))
+ return 0;
+
+ data = (bio_dgram_sctp_data *) a->ptr;
+ if (data != NULL) {
+ if (data->saved_message.data != NULL)
+ OPENSSL_free(data->saved_message.data);
+ OPENSSL_free(data);
+ }
+
+ return (1);
+}
+
+# ifdef SCTP_AUTHENTICATION_EVENT
+void dgram_sctp_handle_auth_free_key_event(BIO *b,
+ union sctp_notification *snp)
+{
+ int ret;
+ struct sctp_authkey_event *authkeyevent = &snp->sn_auth_event;
+
+ if (authkeyevent->auth_indication == SCTP_AUTH_FREE_KEY) {
+ struct sctp_authkeyid authkeyid;
+
+ /* delete key */
+ authkeyid.scact_keynumber = authkeyevent->auth_keynumber;
+ ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_DELETE_KEY,
+ &authkeyid, sizeof(struct sctp_authkeyid));
+ }
+}
+# endif
+
+static int dgram_sctp_read(BIO *b, char *out, int outl)
+{
+ int ret = 0, n = 0, i, optval;
+ socklen_t optlen;
+ bio_dgram_sctp_data *data = (bio_dgram_sctp_data *) b->ptr;
+ union sctp_notification *snp;
+ struct msghdr msg;
+ struct iovec iov;
+ struct cmsghdr *cmsg;
+ char cmsgbuf[512];
+
+ if (out != NULL) {
+ clear_socket_error();
+
+ do {
+ memset(&data->rcvinfo, 0x00,
+ sizeof(struct bio_dgram_sctp_rcvinfo));
+ iov.iov_base = out;
+ iov.iov_len = outl;
+ msg.msg_name = NULL;
+ msg.msg_namelen = 0;
+ msg.msg_iov = &iov;
+ msg.msg_iovlen = 1;
+ msg.msg_control = cmsgbuf;
+ msg.msg_controllen = 512;
+ msg.msg_flags = 0;
+ n = recvmsg(b->num, &msg, 0);
+
+ if (n <= 0) {
+ if (n < 0)
+ ret = n;
+ break;
+ }
+
+ if (msg.msg_controllen > 0) {
+ for (cmsg = CMSG_FIRSTHDR(&msg); cmsg;
+ cmsg = CMSG_NXTHDR(&msg, cmsg)) {
+ if (cmsg->cmsg_level != IPPROTO_SCTP)
+ continue;
+# ifdef SCTP_RCVINFO
+ if (cmsg->cmsg_type == SCTP_RCVINFO) {
+ struct sctp_rcvinfo *rcvinfo;
+
+ rcvinfo = (struct sctp_rcvinfo *)CMSG_DATA(cmsg);
+ data->rcvinfo.rcv_sid = rcvinfo->rcv_sid;
+ data->rcvinfo.rcv_ssn = rcvinfo->rcv_ssn;
+ data->rcvinfo.rcv_flags = rcvinfo->rcv_flags;
+ data->rcvinfo.rcv_ppid = rcvinfo->rcv_ppid;
+ data->rcvinfo.rcv_tsn = rcvinfo->rcv_tsn;
+ data->rcvinfo.rcv_cumtsn = rcvinfo->rcv_cumtsn;
+ data->rcvinfo.rcv_context = rcvinfo->rcv_context;
+ }
+# endif
+# ifdef SCTP_SNDRCV
+ if (cmsg->cmsg_type == SCTP_SNDRCV) {
+ struct sctp_sndrcvinfo *sndrcvinfo;
+
+ sndrcvinfo =
+ (struct sctp_sndrcvinfo *)CMSG_DATA(cmsg);
+ data->rcvinfo.rcv_sid = sndrcvinfo->sinfo_stream;
+ data->rcvinfo.rcv_ssn = sndrcvinfo->sinfo_ssn;
+ data->rcvinfo.rcv_flags = sndrcvinfo->sinfo_flags;
+ data->rcvinfo.rcv_ppid = sndrcvinfo->sinfo_ppid;
+ data->rcvinfo.rcv_tsn = sndrcvinfo->sinfo_tsn;
+ data->rcvinfo.rcv_cumtsn = sndrcvinfo->sinfo_cumtsn;
+ data->rcvinfo.rcv_context = sndrcvinfo->sinfo_context;
+ }
+# endif
+ }
+ }
+
+ if (msg.msg_flags & MSG_NOTIFICATION) {
+ snp = (union sctp_notification *)out;
+ if (snp->sn_header.sn_type == SCTP_SENDER_DRY_EVENT) {
+# ifdef SCTP_EVENT
+ struct sctp_event event;
+# else
+ struct sctp_event_subscribe event;
+ socklen_t eventsize;
+# endif
+ /*
+ * If a message has been delayed until the socket is dry,
+ * it can be sent now.
+ */
+ if (data->saved_message.length > 0) {
+ dgram_sctp_write(data->saved_message.bio,
+ data->saved_message.data,
+ data->saved_message.length);
+ OPENSSL_free(data->saved_message.data);
+ data->saved_message.data = NULL;
+ data->saved_message.length = 0;
+ }
+
+ /* disable sender dry event */
+# ifdef SCTP_EVENT
+ memset(&event, 0, sizeof(struct sctp_event));
+ event.se_assoc_id = 0;
+ event.se_type = SCTP_SENDER_DRY_EVENT;
+ event.se_on = 0;
+ i = setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENT, &event,
+ sizeof(struct sctp_event));
+ if (i < 0) {
+ ret = i;
+ break;
+ }
+# else
+ eventsize = sizeof(struct sctp_event_subscribe);
+ i = getsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event,
+ &eventsize);
+ if (i < 0) {
+ ret = i;
+ break;
+ }
+
+ event.sctp_sender_dry_event = 0;
+
+ i = setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event,
+ sizeof(struct sctp_event_subscribe));
+ if (i < 0) {
+ ret = i;
+ break;
+ }
+# endif
+ }
+# ifdef SCTP_AUTHENTICATION_EVENT
+ if (snp->sn_header.sn_type == SCTP_AUTHENTICATION_EVENT)
+ dgram_sctp_handle_auth_free_key_event(b, snp);
+# endif
+
+ if (data->handle_notifications != NULL)
+ data->handle_notifications(b, data->notification_context,
+ (void *)out);
+
+ memset(out, 0, outl);
+ } else
+ ret += n;
+ }
+ while ((msg.msg_flags & MSG_NOTIFICATION) && (msg.msg_flags & MSG_EOR)
+ && (ret < outl));
+
+ if (ret > 0 && !(msg.msg_flags & MSG_EOR)) {
+ /* Partial message read, this should never happen! */
+
+ /*
+ * The buffer was too small, this means the peer sent a message
+ * that was larger than allowed.
+ */
+ if (ret == outl)
+ return -1;
+
+ /*
+ * Test if socket buffer can handle max record size (2^14 + 2048
+ * + 13)
+ */
+ optlen = (socklen_t) sizeof(int);
+ ret = getsockopt(b->num, SOL_SOCKET, SO_RCVBUF, &optval, &optlen);
+ if (ret >= 0)
+ OPENSSL_assert(optval >= 18445);
+
+ /*
+ * Test if SCTP doesn't partially deliver below max record size
+ * (2^14 + 2048 + 13)
+ */
+ optlen = (socklen_t) sizeof(int);
+ ret =
+ getsockopt(b->num, IPPROTO_SCTP, SCTP_PARTIAL_DELIVERY_POINT,
+ &optval, &optlen);
+ if (ret >= 0)
+ OPENSSL_assert(optval >= 18445);
+
+ /*
+ * Partially delivered notification??? Probably a bug....
+ */
+ OPENSSL_assert(!(msg.msg_flags & MSG_NOTIFICATION));
+
+ /*
+ * Everything seems ok till now, so it's most likely a message
+ * dropped by PR-SCTP.
+ */
+ memset(out, 0, outl);
+ BIO_set_retry_read(b);
+ return -1;
+ }
+
+ BIO_clear_retry_flags(b);
+ if (ret < 0) {
+ if (BIO_dgram_should_retry(ret)) {
+ BIO_set_retry_read(b);
+ data->_errno = get_last_socket_error();
+ }
+ }
+
+ /* Test if peer uses SCTP-AUTH before continuing */
+ if (!data->peer_auth_tested) {
+ int ii, auth_data = 0, auth_forward = 0;
+ unsigned char *p;
+ struct sctp_authchunks *authchunks;
+
+ optlen =
+ (socklen_t) (sizeof(sctp_assoc_t) + 256 * sizeof(uint8_t));
+ authchunks = OPENSSL_malloc(optlen);
+ if (!authchunks) {
+ BIOerr(BIO_F_DGRAM_SCTP_READ, ERR_R_MALLOC_FAILURE);
+ return -1;
+ }
+ memset(authchunks, 0, sizeof(optlen));
+ ii = getsockopt(b->num, IPPROTO_SCTP, SCTP_PEER_AUTH_CHUNKS,
+ authchunks, &optlen);
+
+ if (ii >= 0)
+ for (p = (unsigned char *)authchunks->gauth_chunks;
+ p < (unsigned char *)authchunks + optlen;
+ p += sizeof(uint8_t)) {
+ if (*p == OPENSSL_SCTP_DATA_CHUNK_TYPE)
+ auth_data = 1;
+ if (*p == OPENSSL_SCTP_FORWARD_CUM_TSN_CHUNK_TYPE)
+ auth_forward = 1;
+ }
+
+ OPENSSL_free(authchunks);
+
+ if (!auth_data || !auth_forward) {
+ BIOerr(BIO_F_DGRAM_SCTP_READ, BIO_R_CONNECT_ERROR);
+ return -1;
+ }
+
+ data->peer_auth_tested = 1;
+ }
+ }
+ return (ret);
+}
+
+static int dgram_sctp_write(BIO *b, const char *in, int inl)
+{
+ int ret;
+ bio_dgram_sctp_data *data = (bio_dgram_sctp_data *) b->ptr;
+ struct bio_dgram_sctp_sndinfo *sinfo = &(data->sndinfo);
+ struct bio_dgram_sctp_prinfo *pinfo = &(data->prinfo);
+ struct bio_dgram_sctp_sndinfo handshake_sinfo;
+ struct iovec iov[1];
+ struct msghdr msg;
+ struct cmsghdr *cmsg;
+# if defined(SCTP_SNDINFO) && defined(SCTP_PRINFO)
+ char cmsgbuf[CMSG_SPACE(sizeof(struct sctp_sndinfo)) +
+ CMSG_SPACE(sizeof(struct sctp_prinfo))];
+ struct sctp_sndinfo *sndinfo;
+ struct sctp_prinfo *prinfo;
+# else
+ char cmsgbuf[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
+ struct sctp_sndrcvinfo *sndrcvinfo;
+# endif
+
+ clear_socket_error();
+
+ /*
+ * If we're send anything else than application data, disable all user
+ * parameters and flags.
+ */
+ if (in[0] != 23) {
+ memset(&handshake_sinfo, 0x00, sizeof(struct bio_dgram_sctp_sndinfo));
+# ifdef SCTP_SACK_IMMEDIATELY
+ handshake_sinfo.snd_flags = SCTP_SACK_IMMEDIATELY;
+# endif
+ sinfo = &handshake_sinfo;
+ }
+
+ /*
+ * If we have to send a shutdown alert message and the socket is not dry
+ * yet, we have to save it and send it as soon as the socket gets dry.
+ */
+ if (data->save_shutdown && !BIO_dgram_sctp_wait_for_dry(b)) {
+ char *tmp;
+ data->saved_message.bio = b;
+ if (!(tmp = OPENSSL_malloc(inl))) {
+ BIOerr(BIO_F_DGRAM_SCTP_WRITE, ERR_R_MALLOC_FAILURE);
+ return -1;
+ }
+ if (data->saved_message.data)
+ OPENSSL_free(data->saved_message.data);
+ data->saved_message.data = tmp;
+ memcpy(data->saved_message.data, in, inl);
+ data->saved_message.length = inl;
+ return inl;
+ }
+
+ iov[0].iov_base = (char *)in;
+ iov[0].iov_len = inl;
+ msg.msg_name = NULL;
+ msg.msg_namelen = 0;
+ msg.msg_iov = iov;
+ msg.msg_iovlen = 1;
+ msg.msg_control = (caddr_t) cmsgbuf;
+ msg.msg_controllen = 0;
+ msg.msg_flags = 0;
+# if defined(SCTP_SNDINFO) && defined(SCTP_PRINFO)
+ cmsg = (struct cmsghdr *)cmsgbuf;
+ cmsg->cmsg_level = IPPROTO_SCTP;
+ cmsg->cmsg_type = SCTP_SNDINFO;
+ cmsg->cmsg_len = CMSG_LEN(sizeof(struct sctp_sndinfo));
+ sndinfo = (struct sctp_sndinfo *)CMSG_DATA(cmsg);
+ memset(sndinfo, 0, sizeof(struct sctp_sndinfo));
+ sndinfo->snd_sid = sinfo->snd_sid;
+ sndinfo->snd_flags = sinfo->snd_flags;
+ sndinfo->snd_ppid = sinfo->snd_ppid;
+ sndinfo->snd_context = sinfo->snd_context;
+ msg.msg_controllen += CMSG_SPACE(sizeof(struct sctp_sndinfo));
+
+ cmsg =
+ (struct cmsghdr *)&cmsgbuf[CMSG_SPACE(sizeof(struct sctp_sndinfo))];
+ cmsg->cmsg_level = IPPROTO_SCTP;
+ cmsg->cmsg_type = SCTP_PRINFO;
+ cmsg->cmsg_len = CMSG_LEN(sizeof(struct sctp_prinfo));
+ prinfo = (struct sctp_prinfo *)CMSG_DATA(cmsg);
+ memset(prinfo, 0, sizeof(struct sctp_prinfo));
+ prinfo->pr_policy = pinfo->pr_policy;
+ prinfo->pr_value = pinfo->pr_value;
+ msg.msg_controllen += CMSG_SPACE(sizeof(struct sctp_prinfo));
+# else
+ cmsg = (struct cmsghdr *)cmsgbuf;
+ cmsg->cmsg_level = IPPROTO_SCTP;
+ cmsg->cmsg_type = SCTP_SNDRCV;
+ cmsg->cmsg_len = CMSG_LEN(sizeof(struct sctp_sndrcvinfo));
+ sndrcvinfo = (struct sctp_sndrcvinfo *)CMSG_DATA(cmsg);
+ memset(sndrcvinfo, 0, sizeof(struct sctp_sndrcvinfo));
+ sndrcvinfo->sinfo_stream = sinfo->snd_sid;
+ sndrcvinfo->sinfo_flags = sinfo->snd_flags;
+# ifdef __FreeBSD__
+ sndrcvinfo->sinfo_flags |= pinfo->pr_policy;
+# endif
+ sndrcvinfo->sinfo_ppid = sinfo->snd_ppid;
+ sndrcvinfo->sinfo_context = sinfo->snd_context;
+ sndrcvinfo->sinfo_timetolive = pinfo->pr_value;
+ msg.msg_controllen += CMSG_SPACE(sizeof(struct sctp_sndrcvinfo));
+# endif
+
+ ret = sendmsg(b->num, &msg, 0);
+
+ BIO_clear_retry_flags(b);
+ if (ret <= 0) {
+ if (BIO_dgram_should_retry(ret)) {
+ BIO_set_retry_write(b);
+ data->_errno = get_last_socket_error();
+ }
+ }
+ return (ret);
+}
+
+static long dgram_sctp_ctrl(BIO *b, int cmd, long num, void *ptr)
+{
+ long ret = 1;
+ bio_dgram_sctp_data *data = NULL;
+ socklen_t sockopt_len = 0;
+ struct sctp_authkeyid authkeyid;
+ struct sctp_authkey *authkey = NULL;
+
+ data = (bio_dgram_sctp_data *) b->ptr;
+
+ switch (cmd) {
+ case BIO_CTRL_DGRAM_QUERY_MTU:
+ /*
+ * Set to maximum (2^14) and ignore user input to enable transport
+ * protocol fragmentation. Returns always 2^14.
+ */
+ data->mtu = 16384;
+ ret = data->mtu;
+ break;
+ case BIO_CTRL_DGRAM_SET_MTU:
+ /*
+ * Set to maximum (2^14) and ignore input to enable transport
+ * protocol fragmentation. Returns always 2^14.
+ */
+ data->mtu = 16384;
+ ret = data->mtu;
+ break;
+ case BIO_CTRL_DGRAM_SET_CONNECTED:
+ case BIO_CTRL_DGRAM_CONNECT:
+ /* Returns always -1. */
+ ret = -1;
+ break;
+ case BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT:
+ /*
+ * SCTP doesn't need the DTLS timer Returns always 1.
+ */
+ break;
+ case BIO_CTRL_DGRAM_GET_MTU_OVERHEAD:
+ /*
+ * We allow transport protocol fragmentation so this is irrelevant
+ */
+ ret = 0;
+ break;
+ case BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE:
+ if (num > 0)
+ data->in_handshake = 1;
+ else
+ data->in_handshake = 0;
+
+ ret =
+ setsockopt(b->num, IPPROTO_SCTP, SCTP_NODELAY,
+ &data->in_handshake, sizeof(int));
+ break;
+ case BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY:
+ /*
+ * New shared key for SCTP AUTH. Returns 0 on success, -1 otherwise.
+ */
+
+ /* Get active key */
+ sockopt_len = sizeof(struct sctp_authkeyid);
+ ret =
+ getsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_ACTIVE_KEY, &authkeyid,
+ &sockopt_len);
+ if (ret < 0)
+ break;
+
+ /* Add new key */
+ sockopt_len = sizeof(struct sctp_authkey) + 64 * sizeof(uint8_t);
+ authkey = OPENSSL_malloc(sockopt_len);
+ if (authkey == NULL) {
+ ret = -1;
+ break;
+ }
+ memset(authkey, 0x00, sockopt_len);
+ authkey->sca_keynumber = authkeyid.scact_keynumber + 1;
+# ifndef __FreeBSD__
+ /*
+ * This field is missing in FreeBSD 8.2 and earlier, and FreeBSD 8.3
+ * and higher work without it.
+ */
+ authkey->sca_keylength = 64;
+# endif
+ memcpy(&authkey->sca_key[0], ptr, 64 * sizeof(uint8_t));
+
+ ret =
+ setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_KEY, authkey,
+ sockopt_len);
+ OPENSSL_free(authkey);
+ authkey = NULL;
+ if (ret < 0)
+ break;
+
+ /* Reset active key */
+ ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_ACTIVE_KEY,
+ &authkeyid, sizeof(struct sctp_authkeyid));
+ if (ret < 0)
+ break;
+
+ break;
+ case BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY:
+ /* Returns 0 on success, -1 otherwise. */
+
+ /* Get active key */
+ sockopt_len = sizeof(struct sctp_authkeyid);
+ ret =
+ getsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_ACTIVE_KEY, &authkeyid,
+ &sockopt_len);
+ if (ret < 0)
+ break;
+
+ /* Set active key */
+ authkeyid.scact_keynumber = authkeyid.scact_keynumber + 1;
+ ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_ACTIVE_KEY,
+ &authkeyid, sizeof(struct sctp_authkeyid));
+ if (ret < 0)
+ break;
+
+ /*
+ * CCS has been sent, so remember that and fall through to check if
+ * we need to deactivate an old key
+ */
+ data->ccs_sent = 1;
+
+ case BIO_CTRL_DGRAM_SCTP_AUTH_CCS_RCVD:
+ /* Returns 0 on success, -1 otherwise. */
+
+ /*
+ * Has this command really been called or is this just a
+ * fall-through?
+ */
+ if (cmd == BIO_CTRL_DGRAM_SCTP_AUTH_CCS_RCVD)
+ data->ccs_rcvd = 1;
+
+ /*
+ * CSS has been both, received and sent, so deactivate an old key
+ */
+ if (data->ccs_rcvd == 1 && data->ccs_sent == 1) {
+ /* Get active key */
+ sockopt_len = sizeof(struct sctp_authkeyid);
+ ret =
+ getsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_ACTIVE_KEY,
+ &authkeyid, &sockopt_len);
+ if (ret < 0)
+ break;
+
+ /*
+ * Deactivate key or delete second last key if
+ * SCTP_AUTHENTICATION_EVENT is not available.
+ */
+ authkeyid.scact_keynumber = authkeyid.scact_keynumber - 1;
+# ifdef SCTP_AUTH_DEACTIVATE_KEY
+ sockopt_len = sizeof(struct sctp_authkeyid);
+ ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_DEACTIVATE_KEY,
+ &authkeyid, sockopt_len);
+ if (ret < 0)
+ break;
+# endif
+# ifndef SCTP_AUTHENTICATION_EVENT
+ if (authkeyid.scact_keynumber > 0) {
+ authkeyid.scact_keynumber = authkeyid.scact_keynumber - 1;
+ ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_DELETE_KEY,
+ &authkeyid, sizeof(struct sctp_authkeyid));
+ if (ret < 0)
+ break;
+ }
+# endif
+
+ data->ccs_rcvd = 0;
+ data->ccs_sent = 0;
+ }
+ break;
+ case BIO_CTRL_DGRAM_SCTP_GET_SNDINFO:
+ /* Returns the size of the copied struct. */
+ if (num > (long)sizeof(struct bio_dgram_sctp_sndinfo))
+ num = sizeof(struct bio_dgram_sctp_sndinfo);
+
+ memcpy(ptr, &(data->sndinfo), num);
+ ret = num;
+ break;
+ case BIO_CTRL_DGRAM_SCTP_SET_SNDINFO:
+ /* Returns the size of the copied struct. */
+ if (num > (long)sizeof(struct bio_dgram_sctp_sndinfo))
+ num = sizeof(struct bio_dgram_sctp_sndinfo);
+
+ memcpy(&(data->sndinfo), ptr, num);
+ break;
+ case BIO_CTRL_DGRAM_SCTP_GET_RCVINFO:
+ /* Returns the size of the copied struct. */
+ if (num > (long)sizeof(struct bio_dgram_sctp_rcvinfo))
+ num = sizeof(struct bio_dgram_sctp_rcvinfo);
+
+ memcpy(ptr, &data->rcvinfo, num);
+
+ ret = num;
+ break;
+ case BIO_CTRL_DGRAM_SCTP_SET_RCVINFO:
+ /* Returns the size of the copied struct. */
+ if (num > (long)sizeof(struct bio_dgram_sctp_rcvinfo))
+ num = sizeof(struct bio_dgram_sctp_rcvinfo);
+
+ memcpy(&(data->rcvinfo), ptr, num);
+ break;
+ case BIO_CTRL_DGRAM_SCTP_GET_PRINFO:
+ /* Returns the size of the copied struct. */
+ if (num > (long)sizeof(struct bio_dgram_sctp_prinfo))
+ num = sizeof(struct bio_dgram_sctp_prinfo);
+
+ memcpy(ptr, &(data->prinfo), num);
+ ret = num;
+ break;
+ case BIO_CTRL_DGRAM_SCTP_SET_PRINFO:
+ /* Returns the size of the copied struct. */
+ if (num > (long)sizeof(struct bio_dgram_sctp_prinfo))
+ num = sizeof(struct bio_dgram_sctp_prinfo);
+
+ memcpy(&(data->prinfo), ptr, num);
+ break;
+ case BIO_CTRL_DGRAM_SCTP_SAVE_SHUTDOWN:
+ /* Returns always 1. */
+ if (num > 0)
+ data->save_shutdown = 1;
+ else
+ data->save_shutdown = 0;
+ break;
+
+ default:
+ /*
+ * Pass to default ctrl function to process SCTP unspecific commands
+ */
+ ret = dgram_ctrl(b, cmd, num, ptr);
+ break;
+ }
+ return (ret);
+}
+
+int BIO_dgram_sctp_notification_cb(BIO *b,
+ void (*handle_notifications) (BIO *bio,
+ void
+ *context,
+ void *buf),
+ void *context)
+{
+ bio_dgram_sctp_data *data = (bio_dgram_sctp_data *) b->ptr;
+
+ if (handle_notifications != NULL) {
+ data->handle_notifications = handle_notifications;
+ data->notification_context = context;
+ } else
+ return -1;
+
+ return 0;
+}
+
+int BIO_dgram_sctp_wait_for_dry(BIO *b)
+{
+ int is_dry = 0;
+ int n, sockflags, ret;
+ union sctp_notification snp;
+ struct msghdr msg;
+ struct iovec iov;
+# ifdef SCTP_EVENT
+ struct sctp_event event;
+# else
+ struct sctp_event_subscribe event;
+ socklen_t eventsize;
+# endif
+ bio_dgram_sctp_data *data = (bio_dgram_sctp_data *) b->ptr;
+
+ /* set sender dry event */
+# ifdef SCTP_EVENT
+ memset(&event, 0, sizeof(struct sctp_event));
+ event.se_assoc_id = 0;
+ event.se_type = SCTP_SENDER_DRY_EVENT;
+ event.se_on = 1;
+ ret =
+ setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENT, &event,
+ sizeof(struct sctp_event));
+# else
+ eventsize = sizeof(struct sctp_event_subscribe);
+ ret = getsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event, &eventsize);
+ if (ret < 0)
+ return -1;
+
+ event.sctp_sender_dry_event = 1;
+
+ ret =
+ setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event,
+ sizeof(struct sctp_event_subscribe));
+# endif
+ if (ret < 0)
+ return -1;
+
+ /* peek for notification */
+ memset(&snp, 0x00, sizeof(union sctp_notification));
+ iov.iov_base = (char *)&snp;
+ iov.iov_len = sizeof(union sctp_notification);
+ msg.msg_name = NULL;
+ msg.msg_namelen = 0;
+ msg.msg_iov = &iov;
+ msg.msg_iovlen = 1;
+ msg.msg_control = NULL;
+ msg.msg_controllen = 0;
+ msg.msg_flags = 0;
+
+ n = recvmsg(b->num, &msg, MSG_PEEK);
+ if (n <= 0) {
+ if ((n < 0) && (get_last_socket_error() != EAGAIN)
+ && (get_last_socket_error() != EWOULDBLOCK))
+ return -1;
+ else
+ return 0;
+ }
+
+ /* if we find a notification, process it and try again if necessary */
+ while (msg.msg_flags & MSG_NOTIFICATION) {
+ memset(&snp, 0x00, sizeof(union sctp_notification));
+ iov.iov_base = (char *)&snp;
+ iov.iov_len = sizeof(union sctp_notification);
+ msg.msg_name = NULL;
+ msg.msg_namelen = 0;
+ msg.msg_iov = &iov;
+ msg.msg_iovlen = 1;
+ msg.msg_control = NULL;
+ msg.msg_controllen = 0;
+ msg.msg_flags = 0;
+
+ n = recvmsg(b->num, &msg, 0);
+ if (n <= 0) {
+ if ((n < 0) && (get_last_socket_error() != EAGAIN)
+ && (get_last_socket_error() != EWOULDBLOCK))
+ return -1;
+ else
+ return is_dry;
+ }
+
+ if (snp.sn_header.sn_type == SCTP_SENDER_DRY_EVENT) {
+ is_dry = 1;
+
+ /* disable sender dry event */
+# ifdef SCTP_EVENT
+ memset(&event, 0, sizeof(struct sctp_event));
+ event.se_assoc_id = 0;
+ event.se_type = SCTP_SENDER_DRY_EVENT;
+ event.se_on = 0;
+ ret =
+ setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENT, &event,
+ sizeof(struct sctp_event));
+# else
+ eventsize = (socklen_t) sizeof(struct sctp_event_subscribe);
+ ret =
+ getsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event,
+ &eventsize);
+ if (ret < 0)
+ return -1;
+
+ event.sctp_sender_dry_event = 0;
+
+ ret =
+ setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event,
+ sizeof(struct sctp_event_subscribe));
+# endif
+ if (ret < 0)
+ return -1;
+ }
+# ifdef SCTP_AUTHENTICATION_EVENT
+ if (snp.sn_header.sn_type == SCTP_AUTHENTICATION_EVENT)
+ dgram_sctp_handle_auth_free_key_event(b, &snp);
+# endif
+
+ if (data->handle_notifications != NULL)
+ data->handle_notifications(b, data->notification_context,
+ (void *)&snp);
+
+ /* found notification, peek again */
+ memset(&snp, 0x00, sizeof(union sctp_notification));
+ iov.iov_base = (char *)&snp;
+ iov.iov_len = sizeof(union sctp_notification);
+ msg.msg_name = NULL;
+ msg.msg_namelen = 0;
+ msg.msg_iov = &iov;
+ msg.msg_iovlen = 1;
+ msg.msg_control = NULL;
+ msg.msg_controllen = 0;
+ msg.msg_flags = 0;
+
+ /* if we have seen the dry already, don't wait */
+ if (is_dry) {
+ sockflags = fcntl(b->num, F_GETFL, 0);
+ fcntl(b->num, F_SETFL, O_NONBLOCK);
+ }
+
+ n = recvmsg(b->num, &msg, MSG_PEEK);
+
+ if (is_dry) {
+ fcntl(b->num, F_SETFL, sockflags);
+ }
+
+ if (n <= 0) {
+ if ((n < 0) && (get_last_socket_error() != EAGAIN)
+ && (get_last_socket_error() != EWOULDBLOCK))
+ return -1;
+ else
+ return is_dry;
+ }
+ }
+
+ /* read anything else */
+ return is_dry;
+}
+
+int BIO_dgram_sctp_msg_waiting(BIO *b)
+{
+ int n, sockflags;
+ union sctp_notification snp;
+ struct msghdr msg;
+ struct iovec iov;
+ bio_dgram_sctp_data *data = (bio_dgram_sctp_data *) b->ptr;
+
+ /* Check if there are any messages waiting to be read */
+ do {
+ memset(&snp, 0x00, sizeof(union sctp_notification));
+ iov.iov_base = (char *)&snp;
+ iov.iov_len = sizeof(union sctp_notification);
+ msg.msg_name = NULL;
+ msg.msg_namelen = 0;
+ msg.msg_iov = &iov;
+ msg.msg_iovlen = 1;
+ msg.msg_control = NULL;
+ msg.msg_controllen = 0;
+ msg.msg_flags = 0;
+
+ sockflags = fcntl(b->num, F_GETFL, 0);
+ fcntl(b->num, F_SETFL, O_NONBLOCK);
+ n = recvmsg(b->num, &msg, MSG_PEEK);
+ fcntl(b->num, F_SETFL, sockflags);
+
+ /* if notification, process and try again */
+ if (n > 0 && (msg.msg_flags & MSG_NOTIFICATION)) {
+# ifdef SCTP_AUTHENTICATION_EVENT
+ if (snp.sn_header.sn_type == SCTP_AUTHENTICATION_EVENT)
+ dgram_sctp_handle_auth_free_key_event(b, &snp);
+# endif
+
+ memset(&snp, 0x00, sizeof(union sctp_notification));
+ iov.iov_base = (char *)&snp;
+ iov.iov_len = sizeof(union sctp_notification);
+ msg.msg_name = NULL;
+ msg.msg_namelen = 0;
+ msg.msg_iov = &iov;
+ msg.msg_iovlen = 1;
+ msg.msg_control = NULL;
+ msg.msg_controllen = 0;
+ msg.msg_flags = 0;
+ n = recvmsg(b->num, &msg, 0);
+
+ if (data->handle_notifications != NULL)
+ data->handle_notifications(b, data->notification_context,
+ (void *)&snp);
+ }
+
+ } while (n > 0 && (msg.msg_flags & MSG_NOTIFICATION));
+
+ /* Return 1 if there is a message to be read, return 0 otherwise. */
+ if (n > 0)
+ return 1;
+ else
+ return 0;
+}
+
+static int dgram_sctp_puts(BIO *bp, const char *str)
+{
+ int n, ret;
+
+ n = strlen(str);
+ ret = dgram_sctp_write(bp, str, n);
+ return (ret);
+}
+# endif
+
static int BIO_dgram_should_retry(int i)
{
int err;
Modified: trunk/crypto/openssl/crypto/bio/bss_fd.c
===================================================================
--- trunk/crypto/openssl/crypto/bio/bss_fd.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/bio/bss_fd.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -60,7 +60,14 @@
#include <errno.h>
#define USE_SOCKETS
#include "cryptlib.h"
+
+#if defined(OPENSSL_NO_POSIX_IO)
/*
+ * One can argue that one should implement dummy placeholder for
+ * BIO_s_fd here...
+ */
+#else
+/*
* As for unconditional usage of "UPLINK" interface in this module.
* Trouble is that unlike Unix file descriptors [which are indexes
* in kernel-side per-process table], corresponding descriptors on
@@ -72,11 +79,12 @@
* file descriptors can only be provided by application. Therefore
* "UPLINK" calls are due...
*/
-#include "bio_lcl.h"
+# include "bio_lcl.h"
static int fd_write(BIO *h, const char *buf, int num);
static int fd_read(BIO *h, char *buf, int size);
static int fd_puts(BIO *h, const char *str);
+static int fd_gets(BIO *h, char *buf, int size);
static long fd_ctrl(BIO *h, int cmd, long arg1, void *arg2);
static int fd_new(BIO *h);
static int fd_free(BIO *data);
@@ -87,7 +95,7 @@
fd_write,
fd_read,
fd_puts,
- NULL, /* fd_gets, */
+ fd_gets,
fd_ctrl,
fd_new,
fd_free,
@@ -221,6 +229,22 @@
return (ret);
}
+static int fd_gets(BIO *bp, char *buf, int size)
+{
+ int ret = 0;
+ char *ptr = buf;
+ char *end = buf + size - 1;
+
+ while ((ptr < end) && (fd_read(bp, ptr, 1) > 0) && (ptr[0] != '\n'))
+ ptr++;
+
+ ptr[0] = '\0';
+
+ if (buf[0] != '\0')
+ ret = strlen(buf);
+ return (ret);
+}
+
int BIO_fd_should_retry(int i)
{
int err;
@@ -228,11 +252,11 @@
if ((i == 0) || (i == -1)) {
err = get_last_sys_error();
-#if defined(OPENSSL_SYS_WINDOWS) && 0 /* more microsoft stupidity? perhaps
+# if defined(OPENSSL_SYS_WINDOWS) && 0/* more microsoft stupidity? perhaps
* not? Ben 4/1/99 */
if ((i == -1) && (err == 0))
return (1);
-#endif
+# endif
return (BIO_fd_non_fatal_error(err));
}
@@ -243,41 +267,41 @@
{
switch (err) {
-#ifdef EWOULDBLOCK
-# ifdef WSAEWOULDBLOCK
-# if WSAEWOULDBLOCK != EWOULDBLOCK
+# ifdef EWOULDBLOCK
+# ifdef WSAEWOULDBLOCK
+# if WSAEWOULDBLOCK != EWOULDBLOCK
case EWOULDBLOCK:
+# endif
+# else
+ case EWOULDBLOCK:
# endif
-# else
- case EWOULDBLOCK:
# endif
-#endif
-#if defined(ENOTCONN)
+# if defined(ENOTCONN)
case ENOTCONN:
-#endif
+# endif
-#ifdef EINTR
+# ifdef EINTR
case EINTR:
-#endif
+# endif
-#ifdef EAGAIN
-# if EWOULDBLOCK != EAGAIN
+# ifdef EAGAIN
+# if EWOULDBLOCK != EAGAIN
case EAGAIN:
+# endif
# endif
-#endif
-#ifdef EPROTO
+# ifdef EPROTO
case EPROTO:
-#endif
+# endif
-#ifdef EINPROGRESS
+# ifdef EINPROGRESS
case EINPROGRESS:
-#endif
+# endif
-#ifdef EALREADY
+# ifdef EALREADY
case EALREADY:
-#endif
+# endif
return (1);
/* break; */
default:
@@ -285,3 +309,4 @@
}
return (0);
}
+#endif
Modified: trunk/crypto/openssl/crypto/bio/bss_file.c
===================================================================
--- trunk/crypto/openssl/crypto/bio/bss_file.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/bio/bss_file.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -118,9 +118,53 @@
BIO *BIO_new_file(const char *filename, const char *mode)
{
BIO *ret;
- FILE *file;
+ FILE *file = NULL;
- if ((file = fopen(filename, mode)) == NULL) {
+# if defined(_WIN32) && defined(CP_UTF8)
+ int sz, len_0 = (int)strlen(filename) + 1;
+ DWORD flags;
+
+ /*
+ * Basically there are three cases to cover: a) filename is
+ * pure ASCII string; b) actual UTF-8 encoded string and
+ * c) locale-ized string, i.e. one containing 8-bit
+ * characters that are meaningful in current system locale.
+ * If filename is pure ASCII or real UTF-8 encoded string,
+ * MultiByteToWideChar succeeds and _wfopen works. If
+ * filename is locale-ized string, chances are that
+ * MultiByteToWideChar fails reporting
+ * ERROR_NO_UNICODE_TRANSLATION, in which case we fall
+ * back to fopen...
+ */
+ if ((sz = MultiByteToWideChar(CP_UTF8, (flags = MB_ERR_INVALID_CHARS),
+ filename, len_0, NULL, 0)) > 0 ||
+ (GetLastError() == ERROR_INVALID_FLAGS &&
+ (sz = MultiByteToWideChar(CP_UTF8, (flags = 0),
+ filename, len_0, NULL, 0)) > 0)
+ ) {
+ WCHAR wmode[8];
+ WCHAR *wfilename = _alloca(sz * sizeof(WCHAR));
+
+ if (MultiByteToWideChar(CP_UTF8, flags,
+ filename, len_0, wfilename, sz) &&
+ MultiByteToWideChar(CP_UTF8, 0, mode, strlen(mode) + 1,
+ wmode, sizeof(wmode) / sizeof(wmode[0])) &&
+ (file = _wfopen(wfilename, wmode)) == NULL &&
+ (errno == ENOENT || errno == EBADF)
+ ) {
+ /*
+ * UTF-8 decode succeeded, but no file, filename
+ * could still have been locale-ized...
+ */
+ file = fopen(filename, mode);
+ }
+ } else if (GetLastError() == ERROR_NO_UNICODE_TRANSLATION) {
+ file = fopen(filename, mode);
+ }
+# else
+ file = fopen(filename, mode);
+# endif
+ if (file == NULL) {
SYSerr(SYS_F_FOPEN, get_last_sys_error());
ERR_add_error_data(5, "fopen('", filename, "','", mode, "')");
if (errno == ENOENT)
@@ -129,7 +173,7 @@
BIOerr(BIO_F_BIO_NEW_FILE, ERR_R_SYS_LIB);
return (NULL);
}
- if ((ret = BIO_new(BIO_s_file_internal())) == NULL) {
+ if ((ret = BIO_new(BIO_s_file())) == NULL) {
fclose(file);
return (NULL);
}
@@ -284,9 +328,7 @@
_setmode(fd, _O_BINARY);
# elif defined(OPENSSL_SYS_NETWARE) && defined(NETWARE_CLIB)
int fd = fileno((FILE *)ptr);
- /*
- * Under CLib there are differences in file modes
- */
+ /* Under CLib there are differences in file modes */
if (num & BIO_FP_TEXT)
setmode(fd, O_TEXT);
else
@@ -304,7 +346,7 @@
} else
_setmode(fd, _O_BINARY);
}
-# elif defined(OPENSSL_SYS_OS2)
+# elif defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_WIN32_CYGWIN)
int fd = fileno((FILE *)ptr);
if (num & BIO_FP_TEXT)
setmode(fd, O_TEXT);
Modified: trunk/crypto/openssl/crypto/bio/bss_log.c
===================================================================
--- trunk/crypto/openssl/crypto/bio/bss_log.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/bio/bss_log.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -69,12 +69,21 @@
#if defined(OPENSSL_SYS_WINCE)
#elif defined(OPENSSL_SYS_WIN32)
-# include <process.h>
#elif defined(OPENSSL_SYS_VMS)
# include <opcdef.h>
# include <descrip.h>
# include <lib$routines.h>
# include <starlet.h>
+/* Some compiler options may mask the declaration of "_malloc32". */
+# if __INITIAL_POINTER_SIZE && defined _ANSI_C_SOURCE
+# if __INITIAL_POINTER_SIZE == 64
+# pragma pointer_size save
+# pragma pointer_size 32
+void *_malloc32(__size_t);
+# pragma pointer_size restore
+# endif /* __INITIAL_POINTER_SIZE == 64 */
+# endif /* __INITIAL_POINTER_SIZE && defined
+ * _ANSI_C_SOURCE */
#elif defined(__ultrix)
# include <sys/syslog.h>
#elif defined(OPENSSL_SYS_NETWARE)
@@ -121,18 +130,6 @@
static void xopenlog(BIO *bp, char *name, int level);
static void xsyslog(BIO *bp, int priority, const char *string);
static void xcloselog(BIO *bp);
-# ifdef OPENSSL_SYS_WIN32
-LONG(WINAPI *go_for_advapi) () = RegOpenKeyEx;
-HANDLE(WINAPI *register_event_source) () = NULL;
-BOOL(WINAPI *deregister_event_source) () = NULL;
-BOOL(WINAPI *report_event) () = NULL;
-# define DL_PROC(m,f) (GetProcAddress( m, f ))
-# ifdef UNICODE
-# define DL_PROC_X(m,f) DL_PROC( m, f "W" )
-# else
-# define DL_PROC_X(m,f) DL_PROC( m, f "A" )
-# endif
-# endif
static BIO_METHOD methods_slg = {
BIO_TYPE_MEM, "syslog",
@@ -174,7 +171,7 @@
char *buf;
char *pp;
int priority, i;
- static struct {
+ static const struct {
int strl;
char str[10];
int log_level;
@@ -286,24 +283,10 @@
static void xopenlog(BIO *bp, char *name, int level)
{
- if (!register_event_source) {
- HANDLE advapi;
- if (!(advapi = GetModuleHandle("advapi32")))
- return;
- register_event_source = (HANDLE(WINAPI *)())DL_PROC_X(advapi,
- "RegisterEventSource");
- deregister_event_source = (BOOL(WINAPI *)()) DL_PROC(advapi,
- "DeregisterEventSource");
- report_event = (BOOL(WINAPI *)()) DL_PROC_X(advapi, "ReportEvent");
- if (!(register_event_source && deregister_event_source &&
- report_event)) {
- register_event_source = NULL;
- deregister_event_source = NULL;
- report_event = NULL;
- return;
- }
- }
- bp->ptr = (char *)register_event_source(NULL, name);
+ if (check_winnt())
+ bp->ptr = RegisterEventSourceA(NULL, name);
+ else
+ bp->ptr = NULL;
}
static void xsyslog(BIO *bp, int priority, const char *string)
@@ -310,9 +293,11 @@
{
LPCSTR lpszStrings[2];
WORD evtype = EVENTLOG_ERROR_TYPE;
- int pid = _getpid();
- char pidbuf[DECIMAL_SIZE(pid) + 4];
+ char pidbuf[DECIMAL_SIZE(DWORD) + 4];
+ if (bp->ptr == NULL)
+ return;
+
switch (priority) {
case LOG_EMERG:
case LOG_ALERT:
@@ -337,18 +322,17 @@
break;
}
- sprintf(pidbuf, "[%d] ", pid);
+ sprintf(pidbuf, "[%u] ", GetCurrentProcessId());
lpszStrings[0] = pidbuf;
lpszStrings[1] = string;
- if (report_event && bp->ptr)
- report_event(bp->ptr, evtype, 0, 1024, NULL, 2, 0, lpszStrings, NULL);
+ ReportEventA(bp->ptr, evtype, 0, 1024, NULL, 2, 0, lpszStrings, NULL);
}
static void xcloselog(BIO *bp)
{
- if (deregister_event_source && bp->ptr)
- deregister_event_source((HANDLE) (bp->ptr));
+ if (bp->ptr)
+ DeregisterEventSource((HANDLE) (bp->ptr));
bp->ptr = NULL;
}
@@ -364,7 +348,24 @@
static void xsyslog(BIO *bp, int priority, const char *string)
{
struct dsc$descriptor_s opc_dsc;
+
+/* Arrange 32-bit pointer to opcdef buffer and malloc(), if needed. */
+# if __INITIAL_POINTER_SIZE == 64
+# pragma pointer_size save
+# pragma pointer_size 32
+# define OPCDEF_TYPE __char_ptr32
+# define OPCDEF_MALLOC _malloc32
+# else /* __INITIAL_POINTER_SIZE == 64 */
+# define OPCDEF_TYPE char *
+# define OPCDEF_MALLOC OPENSSL_malloc
+# endif /* __INITIAL_POINTER_SIZE == 64 [else] */
+
struct opcdef *opcdef_p;
+
+# if __INITIAL_POINTER_SIZE == 64
+# pragma pointer_size restore
+# endif /* __INITIAL_POINTER_SIZE == 64 */
+
char buf[10240];
unsigned int len;
struct dsc$descriptor_s buf_dsc;
@@ -405,8 +406,8 @@
lib$sys_fao(&fao_cmd, &len, &buf_dsc, priority_tag, string);
- /* we know there's an 8 byte header. That's documented */
- opcdef_p = (struct opcdef *)OPENSSL_malloc(8 + len);
+ /* We know there's an 8-byte header. That's documented. */
+ opcdef_p = OPCDEF_MALLOC(8 + len);
opcdef_p->opc$b_ms_type = OPC$_RQ_RQST;
memcpy(opcdef_p->opc$z_ms_target_classes, &VMS_OPC_target, 3);
opcdef_p->opc$l_ms_rqstid = 0;
@@ -414,7 +415,7 @@
opc_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
opc_dsc.dsc$b_class = DSC$K_CLASS_S;
- opc_dsc.dsc$a_pointer = (char *)opcdef_p;
+ opc_dsc.dsc$a_pointer = (OPCDEF_TYPE) opcdef_p;
opc_dsc.dsc$w_length = len + 8;
sys$sndopr(opc_dsc, 0);
Modified: trunk/crypto/openssl/crypto/bio/bss_mem.c
===================================================================
--- trunk/crypto/openssl/crypto/bio/bss_mem.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/bio/bss_mem.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -95,18 +95,19 @@
{
BIO *ret;
BUF_MEM *b;
+ size_t sz;
+
if (!buf) {
BIOerr(BIO_F_BIO_NEW_MEM_BUF, BIO_R_NULL_PARAMETER);
return NULL;
}
- if (len == -1)
- len = strlen(buf);
+ sz = (len < 0) ? strlen(buf) : (size_t)len;
if (!(ret = BIO_new(BIO_s_mem())))
return NULL;
b = (BUF_MEM *)ret->ptr;
b->data = buf;
- b->length = len;
- b->max = len;
+ b->length = sz;
+ b->max = sz;
ret->flags |= BIO_FLAGS_MEM_RDONLY;
/* Since this is static data retrying wont help */
ret->num = 0;
@@ -147,23 +148,17 @@
{
int ret = -1;
BUF_MEM *bm;
- int i;
- char *from, *to;
bm = (BUF_MEM *)b->ptr;
BIO_clear_retry_flags(b);
- ret = (outl > bm->length) ? bm->length : outl;
+ ret = (outl >= 0 && (size_t)outl > bm->length) ? (int)bm->length : outl;
if ((out != NULL) && (ret > 0)) {
memcpy(out, bm->data, ret);
bm->length -= ret;
- /* memmove(&(bm->data[0]),&(bm->data[ret]), bm->length); */
if (b->flags & BIO_FLAGS_MEM_RDONLY)
bm->data += ret;
else {
- from = (char *)&(bm->data[ret]);
- to = (char *)&(bm->data[0]);
- for (i = 0; i < bm->length; i++)
- to[i] = from[i];
+ memmove(&(bm->data[0]), &(bm->data[ret]), bm->length);
}
} else if (bm->length == 0) {
ret = b->num;
Modified: trunk/crypto/openssl/crypto/bn/Makefile
===================================================================
--- trunk/crypto/openssl/crypto/bn/Makefile 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/bn/Makefile 2015-07-21 23:23:45 UTC (rev 7118)
@@ -12,8 +12,6 @@
AR= ar r
BN_ASM= bn_asm.o
-# or use
-#BN_ASM= bn86-elf.o
CFLAGS= $(INCLUDES) $(CFLAG)
ASFLAGS= $(INCLUDES) $(ASFLAG)
@@ -28,13 +26,13 @@
bn_print.c bn_rand.c bn_shift.c bn_word.c bn_blind.c \
bn_kron.c bn_sqrt.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_asm.c \
bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c bn_gf2m.c bn_nist.c \
- bn_depr.c bn_x931p.c bn_const.c bn_opt.c
+ bn_depr.c bn_const.c bn_x931p.c
LIBOBJ= bn_add.o bn_div.o bn_exp.o bn_lib.o bn_ctx.o bn_mul.o bn_mod.o \
bn_print.o bn_rand.o bn_shift.o bn_word.o bn_blind.o \
bn_kron.o bn_sqrt.o bn_gcd.o bn_prime.o bn_err.o bn_sqr.o $(BN_ASM) \
bn_recp.o bn_mont.o bn_mpi.o bn_exp2.o bn_gf2m.o bn_nist.o \
- bn_depr.o bn_x931p.o bn_const.o bn_opt.o
+ bn_depr.o bn_const.o bn_x931p.o
SRC= $(LIBSRC)
@@ -58,36 +56,27 @@
cc -g -I../../include bnbug.c -o bnbug ../../libcrypto.a
lib: $(LIBOBJ)
- $(ARX) $(LIB) $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
-# ELF
-bn86-elf.s: asm/bn-586.pl ../perlasm/x86asm.pl
- (cd asm; $(PERL) bn-586.pl elf $(CFLAGS) > ../$@)
-co86-elf.s: asm/co-586.pl ../perlasm/x86asm.pl
- (cd asm; $(PERL) co-586.pl elf $(CFLAGS) > ../$@)
-mo86-elf.s: asm/mo-586.pl ../perlasm/x86asm.pl
- (cd asm; $(PERL) mo-586.pl elf $(CFLAGS) > ../$@)
-# COFF
-bn86-cof.s: asm/bn-586.pl ../perlasm/x86asm.pl
- (cd asm; $(PERL) bn-586.pl coff $(CFLAGS) > ../$@)
-co86-cof.s: asm/co-586.pl ../perlasm/x86asm.pl
- (cd asm; $(PERL) co-586.pl coff $(CFLAGS) > ../$@)
-mo86-cof.s: asm/mo-586.pl ../perlasm/x86asm.pl
- (cd asm; $(PERL) mo-586.pl coff $(CFLAGS) > ../$@)
-# a.out
-bn86-out.s: asm/bn-586.pl ../perlasm/x86asm.pl
- (cd asm; $(PERL) bn-586.pl a.out $(CFLAGS) > ../$@)
-co86-out.s: asm/co-586.pl ../perlasm/x86asm.pl
- (cd asm; $(PERL) co-586.pl a.out $(CFLAGS) > ../$@)
-mo86-out.s: asm/mo-586.pl ../perlasm/x86asm.pl
- (cd asm; $(PERL) mo-586.pl a.out $(CFLAGS) > ../$@)
+bn-586.s: asm/bn-586.pl ../perlasm/x86asm.pl
+ $(PERL) asm/bn-586.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+co-586.s: asm/co-586.pl ../perlasm/x86asm.pl
+ $(PERL) asm/co-586.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+x86-mont.s: asm/x86-mont.pl ../perlasm/x86asm.pl
+ $(PERL) asm/x86-mont.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+x86-gf2m.s: asm/x86-gf2m.pl ../perlasm/x86asm.pl
+ $(PERL) asm/x86-gf2m.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
sparcv8.o: asm/sparcv8.S
$(CC) $(CFLAGS) -c asm/sparcv8.S
-sparcv8plus.o: asm/sparcv8plus.S
- $(CC) $(CFLAGS) -c asm/sparcv8plus.S
+bn-sparcv9.o: asm/sparcv8plus.S
+ $(CC) $(CFLAGS) -c -o $@ asm/sparcv8plus.S
+sparcv9a-mont.s: asm/sparcv9a-mont.pl
+ $(PERL) asm/sparcv9a-mont.pl $(CFLAGS) > $@
+sparcv9-mont.s: asm/sparcv9-mont.pl
+ $(PERL) asm/sparcv9-mont.pl $(CFLAGS) > $@
bn-mips3.o: asm/mips3.s
@if [ "$(CC)" = "gcc" ]; then \
@@ -95,13 +84,31 @@
as -$$ABI -O -o $@ asm/mips3.s; \
else $(CC) -c $(CFLAGS) -o $@ asm/mips3.s; fi
+bn-mips.s: asm/mips.pl
+ $(PERL) asm/mips.pl $(PERLASM_SCHEME) $@
+mips-mont.s: asm/mips-mont.pl
+ $(PERL) asm/mips-mont.pl $(PERLASM_SCHEME) $@
+
+bn-s390x.o: asm/s390x.S
+ $(CC) $(CFLAGS) -c -o $@ asm/s390x.S
+s390x-gf2m.s: asm/s390x-gf2m.pl
+ $(PERL) asm/s390x-gf2m.pl $(PERLASM_SCHEME) $@
+
x86_64-gcc.o: asm/x86_64-gcc.c
$(CC) $(CFLAGS) -c -o $@ asm/x86_64-gcc.c
x86_64-mont.s: asm/x86_64-mont.pl
- $(PERL) asm/x86_64-mont.pl $@
+ $(PERL) asm/x86_64-mont.pl $(PERLASM_SCHEME) > $@
+x86_64-mont5.s: asm/x86_64-mont5.pl
+ $(PERL) asm/x86_64-mont5.pl $(PERLASM_SCHEME) > $@
+x86_64-gf2m.s: asm/x86_64-gf2m.pl
+ $(PERL) asm/x86_64-gf2m.pl $(PERLASM_SCHEME) > $@
+modexp512-x86_64.s: asm/modexp512-x86_64.pl
+ $(PERL) asm/modexp512-x86_64.pl $(PERLASM_SCHEME) > $@
bn-ia64.s: asm/ia64.S
$(CC) $(CFLAGS) -E asm/ia64.S > $@
+ia64-mont.s: asm/ia64-mont.pl
+ $(PERL) asm/ia64-mont.pl $@ $(CFLAGS)
# GNU assembler fails to compile PA-RISC2 modules, insist on calling
# vendor assembler...
@@ -109,15 +116,25 @@
/usr/ccs/bin/as -o pa-risc2W.o asm/pa-risc2W.s
pa-risc2.o: asm/pa-risc2.s
/usr/ccs/bin/as -o pa-risc2.o asm/pa-risc2.s
+parisc-mont.s: asm/parisc-mont.pl
+ $(PERL) asm/parisc-mont.pl $(PERLASM_SCHEME) $@
# ppc - AIX, Linux, MacOS X...
-linux_ppc32.s: asm/ppc.pl; $(PERL) $< $@
-linux_ppc64.s: asm/ppc.pl; $(PERL) $< $@
-aix_ppc32.s: asm/ppc.pl; $(PERL) asm/ppc.pl $@
-aix_ppc64.s: asm/ppc.pl; $(PERL) asm/ppc.pl $@
-osx_ppc32.s: asm/ppc.pl; $(PERL) $< $@
-osx_ppc64.s: asm/ppc.pl; $(PERL) $< $@
+bn-ppc.s: asm/ppc.pl; $(PERL) asm/ppc.pl $(PERLASM_SCHEME) $@
+ppc-mont.s: asm/ppc-mont.pl;$(PERL) asm/ppc-mont.pl $(PERLASM_SCHEME) $@
+ppc64-mont.s: asm/ppc64-mont.pl;$(PERL) asm/ppc64-mont.pl $(PERLASM_SCHEME) $@
+alpha-mont.s: asm/alpha-mont.pl
+ (preproc=/tmp/$$$$.$@; trap "rm $$preproc" INT; \
+ $(PERL) asm/alpha-mont.pl > $$preproc && \
+ $(CC) -E $$preproc > $@ && rm $$preproc)
+
+# GNU make "catch all"
+%-mont.s: asm/%-mont.pl; $(PERL) $< $(PERLASM_SCHEME) $@
+%-gf2m.S: asm/%-gf2m.pl; $(PERL) $< $(PERLASM_SCHEME) $@
+
+armv4-gf2m.o: armv4-gf2m.S
+
files:
$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
@@ -150,6 +167,8 @@
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
+update: bn_prime.h depend
+
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
@@ -184,8 +203,11 @@
bn_blind.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
bn_blind.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
bn_blind.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_blind.c bn_lcl.h
-bn_const.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-bn_const.o: ../../include/openssl/ossl_typ.h bn.h bn_const.c
+bn_const.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+bn_const.o: ../../include/openssl/opensslconf.h
+bn_const.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_const.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_const.o: ../../include/openssl/symhacks.h bn.h bn_const.c
bn_ctx.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
bn_ctx.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
bn_ctx.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
@@ -292,13 +314,6 @@
bn_nist.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
bn_nist.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
bn_nist.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_nist.c
-bn_opt.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_opt.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_opt.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_opt.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_opt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_opt.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_opt.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_opt.c
bn_prime.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
bn_prime.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
bn_prime.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
@@ -357,6 +372,8 @@
bn_word.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
bn_word.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
bn_word.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_word.c
-bn_x931p.o: ../../include/openssl/bn.h ../../include/openssl/e_os2.h
-bn_x931p.o: ../../include/openssl/opensslconf.h
-bn_x931p.o: ../../include/openssl/ossl_typ.h bn_x931p.c
+bn_x931p.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+bn_x931p.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+bn_x931p.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_x931p.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_x931p.o: ../../include/openssl/symhacks.h bn_x931p.c
Copied: trunk/crypto/openssl/crypto/bn/asm/alpha-mont.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/bn/asm/alpha-mont.pl)
===================================================================
--- trunk/crypto/openssl/crypto/bn/asm/alpha-mont.pl (rev 0)
+++ trunk/crypto/openssl/crypto/bn/asm/alpha-mont.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,321 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+#
+# On 21264 RSA sign performance improves by 70/35/20/15 percent for
+# 512/1024/2048/4096 bit key lengths. This is against vendor compiler
+# instructed to '-tune host' code with in-line assembler. Other
+# benchmarks improve by 15-20%. To anchor it to something else, the
+# code provides approximately the same performance per GHz as AMD64.
+# I.e. if you compare 1GHz 21264 and 2GHz Opteron, you'll observe ~2x
+# difference.
+
+# int bn_mul_mont(
+$rp="a0"; # BN_ULONG *rp,
+$ap="a1"; # const BN_ULONG *ap,
+$bp="a2"; # const BN_ULONG *bp,
+$np="a3"; # const BN_ULONG *np,
+$n0="a4"; # const BN_ULONG *n0,
+$num="a5"; # int num);
+
+$lo0="t0";
+$hi0="t1";
+$lo1="t2";
+$hi1="t3";
+$aj="t4";
+$bi="t5";
+$nj="t6";
+$tp="t7";
+$alo="t8";
+$ahi="t9";
+$nlo="t10";
+$nhi="t11";
+$tj="t12";
+$i="s3";
+$j="s4";
+$m1="s5";
+
+$code=<<___;
+#ifdef __linux__
+#include <asm/regdef.h>
+#else
+#include <asm.h>
+#include <regdef.h>
+#endif
+
+.text
+
+.set noat
+.set noreorder
+
+.globl bn_mul_mont
+.align 5
+.ent bn_mul_mont
+bn_mul_mont:
+ lda sp,-48(sp)
+ stq ra,0(sp)
+ stq s3,8(sp)
+ stq s4,16(sp)
+ stq s5,24(sp)
+ stq fp,32(sp)
+ mov sp,fp
+ .mask 0x0400f000,-48
+ .frame fp,48,ra
+ .prologue 0
+
+ .align 4
+ .set reorder
+ sextl $num,$num
+ mov 0,v0
+ cmplt $num,4,AT
+ bne AT,.Lexit
+
+ ldq $hi0,0($ap) # ap[0]
+ s8addq $num,16,AT
+ ldq $aj,8($ap)
+ subq sp,AT,sp
+ ldq $bi,0($bp) # bp[0]
+ lda AT,-4096(zero) # mov -4096,AT
+ ldq $n0,0($n0)
+ and sp,AT,sp
+
+ mulq $hi0,$bi,$lo0
+ ldq $hi1,0($np) # np[0]
+ umulh $hi0,$bi,$hi0
+ ldq $nj,8($np)
+
+ mulq $lo0,$n0,$m1
+
+ mulq $hi1,$m1,$lo1
+ umulh $hi1,$m1,$hi1
+
+ addq $lo1,$lo0,$lo1
+ cmpult $lo1,$lo0,AT
+ addq $hi1,AT,$hi1
+
+ mulq $aj,$bi,$alo
+ mov 2,$j
+ umulh $aj,$bi,$ahi
+ mov sp,$tp
+
+ mulq $nj,$m1,$nlo
+ s8addq $j,$ap,$aj
+ umulh $nj,$m1,$nhi
+ s8addq $j,$np,$nj
+.align 4
+.L1st:
+ .set noreorder
+ ldq $aj,0($aj)
+ addl $j,1,$j
+ ldq $nj,0($nj)
+ lda $tp,8($tp)
+
+ addq $alo,$hi0,$lo0
+ mulq $aj,$bi,$alo
+ cmpult $lo0,$hi0,AT
+ addq $nlo,$hi1,$lo1
+
+ mulq $nj,$m1,$nlo
+ addq $ahi,AT,$hi0
+ cmpult $lo1,$hi1,v0
+ cmplt $j,$num,$tj
+
+ umulh $aj,$bi,$ahi
+ addq $nhi,v0,$hi1
+ addq $lo1,$lo0,$lo1
+ s8addq $j,$ap,$aj
+
+ umulh $nj,$m1,$nhi
+ cmpult $lo1,$lo0,v0
+ addq $hi1,v0,$hi1
+ s8addq $j,$np,$nj
+
+ stq $lo1,-8($tp)
+ nop
+ unop
+ bne $tj,.L1st
+ .set reorder
+
+ addq $alo,$hi0,$lo0
+ addq $nlo,$hi1,$lo1
+ cmpult $lo0,$hi0,AT
+ cmpult $lo1,$hi1,v0
+ addq $ahi,AT,$hi0
+ addq $nhi,v0,$hi1
+
+ addq $lo1,$lo0,$lo1
+ cmpult $lo1,$lo0,v0
+ addq $hi1,v0,$hi1
+
+ stq $lo1,0($tp)
+
+ addq $hi1,$hi0,$hi1
+ cmpult $hi1,$hi0,AT
+ stq $hi1,8($tp)
+ stq AT,16($tp)
+
+ mov 1,$i
+.align 4
+.Louter:
+ s8addq $i,$bp,$bi
+ ldq $hi0,0($ap)
+ ldq $aj,8($ap)
+ ldq $bi,0($bi)
+ ldq $hi1,0($np)
+ ldq $nj,8($np)
+ ldq $tj,0(sp)
+
+ mulq $hi0,$bi,$lo0
+ umulh $hi0,$bi,$hi0
+
+ addq $lo0,$tj,$lo0
+ cmpult $lo0,$tj,AT
+ addq $hi0,AT,$hi0
+
+ mulq $lo0,$n0,$m1
+
+ mulq $hi1,$m1,$lo1
+ umulh $hi1,$m1,$hi1
+
+ addq $lo1,$lo0,$lo1
+ cmpult $lo1,$lo0,AT
+ mov 2,$j
+ addq $hi1,AT,$hi1
+
+ mulq $aj,$bi,$alo
+ mov sp,$tp
+ umulh $aj,$bi,$ahi
+
+ mulq $nj,$m1,$nlo
+ s8addq $j,$ap,$aj
+ umulh $nj,$m1,$nhi
+.align 4
+.Linner:
+ .set noreorder
+ ldq $tj,8($tp) #L0
+ nop #U1
+ ldq $aj,0($aj) #L1
+ s8addq $j,$np,$nj #U0
+
+ ldq $nj,0($nj) #L0
+ nop #U1
+ addq $alo,$hi0,$lo0 #L1
+ lda $tp,8($tp)
+
+ mulq $aj,$bi,$alo #U1
+ cmpult $lo0,$hi0,AT #L0
+ addq $nlo,$hi1,$lo1 #L1
+ addl $j,1,$j
+
+ mulq $nj,$m1,$nlo #U1
+ addq $ahi,AT,$hi0 #L0
+ addq $lo0,$tj,$lo0 #L1
+ cmpult $lo1,$hi1,v0 #U0
+
+ umulh $aj,$bi,$ahi #U1
+ cmpult $lo0,$tj,AT #L0
+ addq $lo1,$lo0,$lo1 #L1
+ addq $nhi,v0,$hi1 #U0
+
+ umulh $nj,$m1,$nhi #U1
+ s8addq $j,$ap,$aj #L0
+ cmpult $lo1,$lo0,v0 #L1
+ cmplt $j,$num,$tj #U0 # borrow $tj
+
+ addq $hi0,AT,$hi0 #L0
+ addq $hi1,v0,$hi1 #U1
+ stq $lo1,-8($tp) #L1
+ bne $tj,.Linner #U0
+ .set reorder
+
+ ldq $tj,8($tp)
+ addq $alo,$hi0,$lo0
+ addq $nlo,$hi1,$lo1
+ cmpult $lo0,$hi0,AT
+ cmpult $lo1,$hi1,v0
+ addq $ahi,AT,$hi0
+ addq $nhi,v0,$hi1
+
+ addq $lo0,$tj,$lo0
+ cmpult $lo0,$tj,AT
+ addq $hi0,AT,$hi0
+
+ ldq $tj,16($tp)
+ addq $lo1,$lo0,$j
+ cmpult $j,$lo0,v0
+ addq $hi1,v0,$hi1
+
+ addq $hi1,$hi0,$lo1
+ stq $j,0($tp)
+ cmpult $lo1,$hi0,$hi1
+ addq $lo1,$tj,$lo1
+ cmpult $lo1,$tj,AT
+ addl $i,1,$i
+ addq $hi1,AT,$hi1
+ stq $lo1,8($tp)
+ cmplt $i,$num,$tj # borrow $tj
+ stq $hi1,16($tp)
+ bne $tj,.Louter
+
+ s8addq $num,sp,$tj # &tp[num]
+ mov $rp,$bp # put rp aside
+ mov sp,$tp
+ mov sp,$ap
+ mov 0,$hi0 # clear borrow bit
+
+.align 4
+.Lsub: ldq $lo0,0($tp)
+ ldq $lo1,0($np)
+ lda $tp,8($tp)
+ lda $np,8($np)
+ subq $lo0,$lo1,$lo1 # tp[i]-np[i]
+ cmpult $lo0,$lo1,AT
+ subq $lo1,$hi0,$lo0
+ cmpult $lo1,$lo0,$hi0
+ or $hi0,AT,$hi0
+ stq $lo0,0($rp)
+ cmpult $tp,$tj,v0
+ lda $rp,8($rp)
+ bne v0,.Lsub
+
+ subq $hi1,$hi0,$hi0 # handle upmost overflow bit
+ mov sp,$tp
+ mov $bp,$rp # restore rp
+
+ and sp,$hi0,$ap
+ bic $bp,$hi0,$bp
+ bis $bp,$ap,$ap # ap=borrow?tp:rp
+
+.align 4
+.Lcopy: ldq $aj,0($ap) # copy or in-place refresh
+ lda $tp,8($tp)
+ lda $rp,8($rp)
+ lda $ap,8($ap)
+ stq zero,-8($tp) # zap tp
+ cmpult $tp,$tj,AT
+ stq $aj,-8($rp)
+ bne AT,.Lcopy
+ mov 1,v0
+
+.Lexit:
+ .set noreorder
+ mov fp,sp
+ /*ldq ra,0(sp)*/
+ ldq s3,8(sp)
+ ldq s4,16(sp)
+ ldq s5,24(sp)
+ ldq fp,32(sp)
+ lda sp,48(sp)
+ ret (ra)
+.end bn_mul_mont
+.ascii "Montgomery Multiplication for Alpha, CRYPTOGAMS by <appro\@openssl.org>"
+.align 2
+___
+
+print $code;
+close STDOUT;
Copied: trunk/crypto/openssl/crypto/bn/asm/armv4-gf2m.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/bn/asm/armv4-gf2m.pl)
===================================================================
--- trunk/crypto/openssl/crypto/bn/asm/armv4-gf2m.pl (rev 0)
+++ trunk/crypto/openssl/crypto/bn/asm/armv4-gf2m.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,278 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+#
+# May 2011
+#
+# The module implements bn_GF2m_mul_2x2 polynomial multiplication
+# used in bn_gf2m.c. It's kind of low-hanging mechanical port from
+# C for the time being... Except that it has two code paths: pure
+# integer code suitable for any ARMv4 and later CPU and NEON code
+# suitable for ARMv7. Pure integer 1x1 multiplication subroutine runs
+# in ~45 cycles on dual-issue core such as Cortex A8, which is ~50%
+# faster than compiler-generated code. For ECDH and ECDSA verify (but
+# not for ECDSA sign) it means 25%-45% improvement depending on key
+# length, more for longer keys. Even though NEON 1x1 multiplication
+# runs in even less cycles, ~30, improvement is measurable only on
+# longer keys. One has to optimize code elsewhere to get NEON glow...
+
+while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
+open STDOUT,">$output";
+
+sub Dlo() { shift=~m|q([1]?[0-9])|?"d".($1*2):""; }
+sub Dhi() { shift=~m|q([1]?[0-9])|?"d".($1*2+1):""; }
+sub Q() { shift=~m|d([1-3]?[02468])|?"q".($1/2):""; }
+
+$code=<<___;
+#include "arm_arch.h"
+
+.text
+.code 32
+
+#if __ARM_ARCH__>=7
+.fpu neon
+
+.type mul_1x1_neon,%function
+.align 5
+mul_1x1_neon:
+ vshl.u64 `&Dlo("q1")`,d16,#8 @ q1-q3 are slided $a
+ vmull.p8 `&Q("d0")`,d16,d17 @ a\xB7bb
+ vshl.u64 `&Dlo("q2")`,d16,#16
+ vmull.p8 q1,`&Dlo("q1")`,d17 @ a<<8\xB7bb
+ vshl.u64 `&Dlo("q3")`,d16,#24
+ vmull.p8 q2,`&Dlo("q2")`,d17 @ a<<16\xB7bb
+ vshr.u64 `&Dlo("q1")`,#8
+ vmull.p8 q3,`&Dlo("q3")`,d17 @ a<<24\xB7bb
+ vshl.u64 `&Dhi("q1")`,#24
+ veor d0,`&Dlo("q1")`
+ vshr.u64 `&Dlo("q2")`,#16
+ veor d0,`&Dhi("q1")`
+ vshl.u64 `&Dhi("q2")`,#16
+ veor d0,`&Dlo("q2")`
+ vshr.u64 `&Dlo("q3")`,#24
+ veor d0,`&Dhi("q2")`
+ vshl.u64 `&Dhi("q3")`,#8
+ veor d0,`&Dlo("q3")`
+ veor d0,`&Dhi("q3")`
+ bx lr
+.size mul_1x1_neon,.-mul_1x1_neon
+#endif
+___
+################
+# private interface to mul_1x1_ialu
+#
+$a="r1";
+$b="r0";
+
+($a0,$a1,$a2,$a12,$a4,$a14)=
+($hi,$lo,$t0,$t1, $i0,$i1 )=map("r$_",(4..9),12);
+
+$mask="r12";
+
+$code.=<<___;
+.type mul_1x1_ialu,%function
+.align 5
+mul_1x1_ialu:
+ mov $a0,#0
+ bic $a1,$a,#3<<30 @ a1=a&0x3fffffff
+ str $a0,[sp,#0] @ tab[0]=0
+ add $a2,$a1,$a1 @ a2=a1<<1
+ str $a1,[sp,#4] @ tab[1]=a1
+ eor $a12,$a1,$a2 @ a1^a2
+ str $a2,[sp,#8] @ tab[2]=a2
+ mov $a4,$a1,lsl#2 @ a4=a1<<2
+ str $a12,[sp,#12] @ tab[3]=a1^a2
+ eor $a14,$a1,$a4 @ a1^a4
+ str $a4,[sp,#16] @ tab[4]=a4
+ eor $a0,$a2,$a4 @ a2^a4
+ str $a14,[sp,#20] @ tab[5]=a1^a4
+ eor $a12,$a12,$a4 @ a1^a2^a4
+ str $a0,[sp,#24] @ tab[6]=a2^a4
+ and $i0,$mask,$b,lsl#2
+ str $a12,[sp,#28] @ tab[7]=a1^a2^a4
+
+ and $i1,$mask,$b,lsr#1
+ ldr $lo,[sp,$i0] @ tab[b & 0x7]
+ and $i0,$mask,$b,lsr#4
+ ldr $t1,[sp,$i1] @ tab[b >> 3 & 0x7]
+ and $i1,$mask,$b,lsr#7
+ ldr $t0,[sp,$i0] @ tab[b >> 6 & 0x7]
+ eor $lo,$lo,$t1,lsl#3 @ stall
+ mov $hi,$t1,lsr#29
+ ldr $t1,[sp,$i1] @ tab[b >> 9 & 0x7]
+
+ and $i0,$mask,$b,lsr#10
+ eor $lo,$lo,$t0,lsl#6
+ eor $hi,$hi,$t0,lsr#26
+ ldr $t0,[sp,$i0] @ tab[b >> 12 & 0x7]
+
+ and $i1,$mask,$b,lsr#13
+ eor $lo,$lo,$t1,lsl#9
+ eor $hi,$hi,$t1,lsr#23
+ ldr $t1,[sp,$i1] @ tab[b >> 15 & 0x7]
+
+ and $i0,$mask,$b,lsr#16
+ eor $lo,$lo,$t0,lsl#12
+ eor $hi,$hi,$t0,lsr#20
+ ldr $t0,[sp,$i0] @ tab[b >> 18 & 0x7]
+
+ and $i1,$mask,$b,lsr#19
+ eor $lo,$lo,$t1,lsl#15
+ eor $hi,$hi,$t1,lsr#17
+ ldr $t1,[sp,$i1] @ tab[b >> 21 & 0x7]
+
+ and $i0,$mask,$b,lsr#22
+ eor $lo,$lo,$t0,lsl#18
+ eor $hi,$hi,$t0,lsr#14
+ ldr $t0,[sp,$i0] @ tab[b >> 24 & 0x7]
+
+ and $i1,$mask,$b,lsr#25
+ eor $lo,$lo,$t1,lsl#21
+ eor $hi,$hi,$t1,lsr#11
+ ldr $t1,[sp,$i1] @ tab[b >> 27 & 0x7]
+
+ tst $a,#1<<30
+ and $i0,$mask,$b,lsr#28
+ eor $lo,$lo,$t0,lsl#24
+ eor $hi,$hi,$t0,lsr#8
+ ldr $t0,[sp,$i0] @ tab[b >> 30 ]
+
+ eorne $lo,$lo,$b,lsl#30
+ eorne $hi,$hi,$b,lsr#2
+ tst $a,#1<<31
+ eor $lo,$lo,$t1,lsl#27
+ eor $hi,$hi,$t1,lsr#5
+ eorne $lo,$lo,$b,lsl#31
+ eorne $hi,$hi,$b,lsr#1
+ eor $lo,$lo,$t0,lsl#30
+ eor $hi,$hi,$t0,lsr#2
+
+ mov pc,lr
+.size mul_1x1_ialu,.-mul_1x1_ialu
+___
+################
+# void bn_GF2m_mul_2x2(BN_ULONG *r,
+# BN_ULONG a1,BN_ULONG a0,
+# BN_ULONG b1,BN_ULONG b0); # r[3..0]=a1a0\xB7b1b0
+
+($A1,$B1,$A0,$B0,$A1B1,$A0B0)=map("d$_",(18..23));
+
+$code.=<<___;
+.global bn_GF2m_mul_2x2
+.type bn_GF2m_mul_2x2,%function
+.align 5
+bn_GF2m_mul_2x2:
+#if __ARM_ARCH__>=7
+ ldr r12,.LOPENSSL_armcap
+.Lpic: ldr r12,[pc,r12]
+ tst r12,#1
+ beq .Lialu
+
+ veor $A1,$A1
+ vmov.32 $B1,r3,r3 @ two copies of b1
+ vmov.32 ${A1}[0],r1 @ a1
+
+ veor $A0,$A0
+ vld1.32 ${B0}[],[sp,:32] @ two copies of b0
+ vmov.32 ${A0}[0],r2 @ a0
+ mov r12,lr
+
+ vmov d16,$A1
+ vmov d17,$B1
+ bl mul_1x1_neon @ a1\xB7b1
+ vmov $A1B1,d0
+
+ vmov d16,$A0
+ vmov d17,$B0
+ bl mul_1x1_neon @ a0\xB7b0
+ vmov $A0B0,d0
+
+ veor d16,$A0,$A1
+ veor d17,$B0,$B1
+ veor $A0,$A0B0,$A1B1
+ bl mul_1x1_neon @ (a0+a1)\xB7(b0+b1)
+
+ veor d0,$A0 @ (a0+a1)\xB7(b0+b1)-a0\xB7b0-a1\xB7b1
+ vshl.u64 d1,d0,#32
+ vshr.u64 d0,d0,#32
+ veor $A0B0,d1
+ veor $A1B1,d0
+ vst1.32 {${A0B0}[0]},[r0,:32]!
+ vst1.32 {${A0B0}[1]},[r0,:32]!
+ vst1.32 {${A1B1}[0]},[r0,:32]!
+ vst1.32 {${A1B1}[1]},[r0,:32]
+ bx r12
+.align 4
+.Lialu:
+#endif
+___
+$ret="r10"; # reassigned 1st argument
+$code.=<<___;
+ stmdb sp!,{r4-r10,lr}
+ mov $ret,r0 @ reassign 1st argument
+ mov $b,r3 @ $b=b1
+ ldr r3,[sp,#32] @ load b0
+ mov $mask,#7<<2
+ sub sp,sp,#32 @ allocate tab[8]
+
+ bl mul_1x1_ialu @ a1\xB7b1
+ str $lo,[$ret,#8]
+ str $hi,[$ret,#12]
+
+ eor $b,$b,r3 @ flip b0 and b1
+ eor $a,$a,r2 @ flip a0 and a1
+ eor r3,r3,$b
+ eor r2,r2,$a
+ eor $b,$b,r3
+ eor $a,$a,r2
+ bl mul_1x1_ialu @ a0\xB7b0
+ str $lo,[$ret]
+ str $hi,[$ret,#4]
+
+ eor $a,$a,r2
+ eor $b,$b,r3
+ bl mul_1x1_ialu @ (a1+a0)\xB7(b1+b0)
+___
+ at r=map("r$_",(6..9));
+$code.=<<___;
+ ldmia $ret,{@r[0]- at r[3]}
+ eor $lo,$lo,$hi
+ eor $hi,$hi, at r[1]
+ eor $lo,$lo, at r[0]
+ eor $hi,$hi, at r[2]
+ eor $lo,$lo, at r[3]
+ eor $hi,$hi, at r[3]
+ str $hi,[$ret,#8]
+ eor $lo,$lo,$hi
+ add sp,sp,#32 @ destroy tab[8]
+ str $lo,[$ret,#4]
+
+#if __ARM_ARCH__>=5
+ ldmia sp!,{r4-r10,pc}
+#else
+ ldmia sp!,{r4-r10,lr}
+ tst lr,#1
+ moveq pc,lr @ be binary compatible with V4, yet
+ bx lr @ interoperable with Thumb ISA:-)
+#endif
+.size bn_GF2m_mul_2x2,.-bn_GF2m_mul_2x2
+#if __ARM_ARCH__>=7
+.align 5
+.LOPENSSL_armcap:
+.word OPENSSL_armcap_P-(.Lpic+8)
+#endif
+.asciz "GF(2^m) Multiplication for ARMv4/NEON, CRYPTOGAMS by <appro\@openssl.org>"
+.align 5
+
+.comm OPENSSL_armcap_P,4,4
+___
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+$code =~ s/\bbx\s+lr\b/.word\t0xe12fff1e/gm; # make it possible to compile with -march=armv4
+print $code;
+close STDOUT; # enforce flush
Copied: trunk/crypto/openssl/crypto/bn/asm/armv4-mont.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/bn/asm/armv4-mont.pl)
===================================================================
--- trunk/crypto/openssl/crypto/bn/asm/armv4-mont.pl (rev 0)
+++ trunk/crypto/openssl/crypto/bn/asm/armv4-mont.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,204 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# January 2007.
+
+# Montgomery multiplication for ARMv4.
+#
+# Performance improvement naturally varies among CPU implementations
+# and compilers. The code was observed to provide +65-35% improvement
+# [depending on key length, less for longer keys] on ARM920T, and
+# +115-80% on Intel IXP425. This is compared to pre-bn_mul_mont code
+# base and compiler generated code with in-lined umull and even umlal
+# instructions. The latter means that this code didn't really have an
+# "advantage" of utilizing some "secret" instruction.
+#
+# The code is interoperable with Thumb ISA and is rather compact, less
+# than 1/2KB. Windows CE port would be trivial, as it's exclusively
+# about decorations, ABI and instruction syntax are identical.
+
+while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
+open STDOUT,">$output";
+
+$num="r0"; # starts as num argument, but holds &tp[num-1]
+$ap="r1";
+$bp="r2"; $bi="r2"; $rp="r2";
+$np="r3";
+$tp="r4";
+$aj="r5";
+$nj="r6";
+$tj="r7";
+$n0="r8";
+########### # r9 is reserved by ELF as platform specific, e.g. TLS pointer
+$alo="r10"; # sl, gcc uses it to keep @GOT
+$ahi="r11"; # fp
+$nlo="r12"; # ip
+########### # r13 is stack pointer
+$nhi="r14"; # lr
+########### # r15 is program counter
+
+#### argument block layout relative to &tp[num-1], a.k.a. $num
+$_rp="$num,#12*4";
+# ap permanently resides in r1
+$_bp="$num,#13*4";
+# np permanently resides in r3
+$_n0="$num,#14*4";
+$_num="$num,#15*4"; $_bpend=$_num;
+
+$code=<<___;
+.text
+
+.global bn_mul_mont
+.type bn_mul_mont,%function
+
+.align 2
+bn_mul_mont:
+ stmdb sp!,{r0,r2} @ sp points at argument block
+ ldr $num,[sp,#3*4] @ load num
+ cmp $num,#2
+ movlt r0,#0
+ addlt sp,sp,#2*4
+ blt .Labrt
+
+ stmdb sp!,{r4-r12,lr} @ save 10 registers
+
+ mov $num,$num,lsl#2 @ rescale $num for byte count
+ sub sp,sp,$num @ alloca(4*num)
+ sub sp,sp,#4 @ +extra dword
+ sub $num,$num,#4 @ "num=num-1"
+ add $tp,$bp,$num @ &bp[num-1]
+
+ add $num,sp,$num @ $num to point at &tp[num-1]
+ ldr $n0,[$_n0] @ &n0
+ ldr $bi,[$bp] @ bp[0]
+ ldr $aj,[$ap],#4 @ ap[0],ap++
+ ldr $nj,[$np],#4 @ np[0],np++
+ ldr $n0,[$n0] @ *n0
+ str $tp,[$_bpend] @ save &bp[num]
+
+ umull $alo,$ahi,$aj,$bi @ ap[0]*bp[0]
+ str $n0,[$_n0] @ save n0 value
+ mul $n0,$alo,$n0 @ "tp[0]"*n0
+ mov $nlo,#0
+ umlal $alo,$nlo,$nj,$n0 @ np[0]*n0+"t[0]"
+ mov $tp,sp
+
+.L1st:
+ ldr $aj,[$ap],#4 @ ap[j],ap++
+ mov $alo,$ahi
+ ldr $nj,[$np],#4 @ np[j],np++
+ mov $ahi,#0
+ umlal $alo,$ahi,$aj,$bi @ ap[j]*bp[0]
+ mov $nhi,#0
+ umlal $nlo,$nhi,$nj,$n0 @ np[j]*n0
+ adds $nlo,$nlo,$alo
+ str $nlo,[$tp],#4 @ tp[j-1]=,tp++
+ adc $nlo,$nhi,#0
+ cmp $tp,$num
+ bne .L1st
+
+ adds $nlo,$nlo,$ahi
+ ldr $tp,[$_bp] @ restore bp
+ mov $nhi,#0
+ ldr $n0,[$_n0] @ restore n0
+ adc $nhi,$nhi,#0
+ str $nlo,[$num] @ tp[num-1]=
+ str $nhi,[$num,#4] @ tp[num]=
+
+.Louter:
+ sub $tj,$num,sp @ "original" $num-1 value
+ sub $ap,$ap,$tj @ "rewind" ap to &ap[1]
+ ldr $bi,[$tp,#4]! @ *(++bp)
+ sub $np,$np,$tj @ "rewind" np to &np[1]
+ ldr $aj,[$ap,#-4] @ ap[0]
+ ldr $alo,[sp] @ tp[0]
+ ldr $nj,[$np,#-4] @ np[0]
+ ldr $tj,[sp,#4] @ tp[1]
+
+ mov $ahi,#0
+ umlal $alo,$ahi,$aj,$bi @ ap[0]*bp[i]+tp[0]
+ str $tp,[$_bp] @ save bp
+ mul $n0,$alo,$n0
+ mov $nlo,#0
+ umlal $alo,$nlo,$nj,$n0 @ np[0]*n0+"tp[0]"
+ mov $tp,sp
+
+.Linner:
+ ldr $aj,[$ap],#4 @ ap[j],ap++
+ adds $alo,$ahi,$tj @ +=tp[j]
+ ldr $nj,[$np],#4 @ np[j],np++
+ mov $ahi,#0
+ umlal $alo,$ahi,$aj,$bi @ ap[j]*bp[i]
+ mov $nhi,#0
+ umlal $nlo,$nhi,$nj,$n0 @ np[j]*n0
+ adc $ahi,$ahi,#0
+ ldr $tj,[$tp,#8] @ tp[j+1]
+ adds $nlo,$nlo,$alo
+ str $nlo,[$tp],#4 @ tp[j-1]=,tp++
+ adc $nlo,$nhi,#0
+ cmp $tp,$num
+ bne .Linner
+
+ adds $nlo,$nlo,$ahi
+ mov $nhi,#0
+ ldr $tp,[$_bp] @ restore bp
+ adc $nhi,$nhi,#0
+ ldr $n0,[$_n0] @ restore n0
+ adds $nlo,$nlo,$tj
+ ldr $tj,[$_bpend] @ restore &bp[num]
+ adc $nhi,$nhi,#0
+ str $nlo,[$num] @ tp[num-1]=
+ str $nhi,[$num,#4] @ tp[num]=
+
+ cmp $tp,$tj
+ bne .Louter
+
+ ldr $rp,[$_rp] @ pull rp
+ add $num,$num,#4 @ $num to point at &tp[num]
+ sub $aj,$num,sp @ "original" num value
+ mov $tp,sp @ "rewind" $tp
+ mov $ap,$tp @ "borrow" $ap
+ sub $np,$np,$aj @ "rewind" $np to &np[0]
+
+ subs $tj,$tj,$tj @ "clear" carry flag
+.Lsub: ldr $tj,[$tp],#4
+ ldr $nj,[$np],#4
+ sbcs $tj,$tj,$nj @ tp[j]-np[j]
+ str $tj,[$rp],#4 @ rp[j]=
+ teq $tp,$num @ preserve carry
+ bne .Lsub
+ sbcs $nhi,$nhi,#0 @ upmost carry
+ mov $tp,sp @ "rewind" $tp
+ sub $rp,$rp,$aj @ "rewind" $rp
+
+ and $ap,$tp,$nhi
+ bic $np,$rp,$nhi
+ orr $ap,$ap,$np @ ap=borrow?tp:rp
+
+.Lcopy: ldr $tj,[$ap],#4 @ copy or in-place refresh
+ str sp,[$tp],#4 @ zap tp
+ str $tj,[$rp],#4
+ cmp $tp,$num
+ bne .Lcopy
+
+ add sp,$num,#4 @ skip over tp[num+1]
+ ldmia sp!,{r4-r12,lr} @ restore registers
+ add sp,sp,#2*4 @ skip over {r0,r2}
+ mov r0,#1
+.Labrt: tst lr,#1
+ moveq pc,lr @ be binary compatible with V4, yet
+ bx lr @ interoperable with Thumb ISA:-)
+.size bn_mul_mont,.-bn_mul_mont
+.asciz "Montgomery multiplication for ARMv4, CRYPTOGAMS by <appro\@openssl.org>"
+.align 2
+___
+
+$code =~ s/\bbx\s+lr\b/.word\t0xe12fff1e/gm; # make it possible to compile with -march=armv4
+print $code;
+close STDOUT;
Modified: trunk/crypto/openssl/crypto/bn/asm/bn-586.pl
===================================================================
--- trunk/crypto/openssl/crypto/bn/asm/bn-586.pl 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/bn/asm/bn-586.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,6 +1,7 @@
#!/usr/local/bin/perl
-push(@INC,"perlasm","../../perlasm");
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
require "x86asm.pl";
&asm_init($ARGV[0],$0);
@@ -24,38 +25,25 @@
{
local($name)=@_;
- &function_begin($name,$sse2?"EXTRN\t_OPENSSL_ia32cap_P:DWORD":"");
+ &function_begin_B($name,$sse2?"EXTRN\t_OPENSSL_ia32cap_P:DWORD":"");
- &comment("");
- $Low="eax";
- $High="edx";
- $a="ebx";
- $w="ebp";
- $r="edi";
- $c="esi";
+ $r="eax";
+ $a="edx";
+ $c="ecx";
- &xor($c,$c); # clear carry
- &mov($r,&wparam(0)); #
-
- &mov("ecx",&wparam(2)); #
- &mov($a,&wparam(1)); #
-
- &and("ecx",0xfffffff8); # num / 8
- &mov($w,&wparam(3)); #
-
- &push("ecx"); # Up the stack for a tmp variable
-
- &jz(&label("maw_finish"));
-
if ($sse2) {
&picmeup("eax","OPENSSL_ia32cap_P");
&bt(&DWP(0,"eax"),26);
- &jnc(&label("maw_loop"));
+ &jnc(&label("maw_non_sse2"));
- &movd("mm0",$w); # mm0 = w
+ &mov($r,&wparam(0));
+ &mov($a,&wparam(1));
+ &mov($c,&wparam(2));
+ &movd("mm0",&wparam(3)); # mm0 = w
&pxor("mm1","mm1"); # mm1 = carry_in
-
- &set_label("maw_sse2_loop",0);
+ &jmp(&label("maw_sse2_entry"));
+
+ &set_label("maw_sse2_unrolled",16);
&movd("mm3",&DWP(0,$r,"",0)); # mm3 = r[0]
&paddq("mm1","mm3"); # mm1 = carry_in + r[0]
&movd("mm2",&DWP(0,$a,"",0)); # mm2 = a[0]
@@ -112,42 +100,82 @@
&psrlq("mm1",32); # mm1 = carry6
&paddq("mm1","mm3"); # mm1 = carry6 + r[7] + w*a[7]
&movd(&DWP(28,$r,"",0),"mm1");
- &add($r,32);
+ &lea($r,&DWP(32,$r));
&psrlq("mm1",32); # mm1 = carry_out
- &sub("ecx",8);
+ &sub($c,8);
+ &jz(&label("maw_sse2_exit"));
+ &set_label("maw_sse2_entry");
+ &test($c,0xfffffff8);
+ &jnz(&label("maw_sse2_unrolled"));
+
+ &set_label("maw_sse2_loop",4);
+ &movd("mm2",&DWP(0,$a)); # mm2 = a[i]
+ &movd("mm3",&DWP(0,$r)); # mm3 = r[i]
+ &pmuludq("mm2","mm0"); # a[i] *= w
+ &lea($a,&DWP(4,$a));
+ &paddq("mm1","mm3"); # carry += r[i]
+ &paddq("mm1","mm2"); # carry += a[i]*w
+ &movd(&DWP(0,$r),"mm1"); # r[i] = carry_low
+ &sub($c,1);
+ &psrlq("mm1",32); # carry = carry_high
+ &lea($r,&DWP(4,$r));
&jnz(&label("maw_sse2_loop"));
-
- &movd($c,"mm1"); # c = carry_out
+ &set_label("maw_sse2_exit");
+ &movd("eax","mm1"); # c = carry_out
&emms();
+ &ret();
- &jmp(&label("maw_finish"));
+ &set_label("maw_non_sse2",16);
}
- &set_label("maw_loop",0);
+ # function_begin prologue
+ &push("ebp");
+ &push("ebx");
+ &push("esi");
+ &push("edi");
- &mov(&swtmp(0),"ecx"); #
+ &comment("");
+ $Low="eax";
+ $High="edx";
+ $a="ebx";
+ $w="ebp";
+ $r="edi";
+ $c="esi";
+ &xor($c,$c); # clear carry
+ &mov($r,&wparam(0)); #
+
+ &mov("ecx",&wparam(2)); #
+ &mov($a,&wparam(1)); #
+
+ &and("ecx",0xfffffff8); # num / 8
+ &mov($w,&wparam(3)); #
+
+ &push("ecx"); # Up the stack for a tmp variable
+
+ &jz(&label("maw_finish"));
+
+ &set_label("maw_loop",16);
+
for ($i=0; $i<32; $i+=4)
{
&comment("Round $i");
- &mov("eax",&DWP($i,$a,"",0)); # *a
+ &mov("eax",&DWP($i,$a)); # *a
&mul($w); # *a * w
- &add("eax",$c); # L(t)+= *r
- &mov($c,&DWP($i,$r,"",0)); # L(t)+= *r
+ &add("eax",$c); # L(t)+= c
&adc("edx",0); # H(t)+=carry
- &add("eax",$c); # L(t)+=c
+ &add("eax",&DWP($i,$r)); # L(t)+= *r
&adc("edx",0); # H(t)+=carry
- &mov(&DWP($i,$r,"",0),"eax"); # *r= L(t);
+ &mov(&DWP($i,$r),"eax"); # *r= L(t);
&mov($c,"edx"); # c= H(t);
}
&comment("");
- &mov("ecx",&swtmp(0)); #
- &add($a,32);
- &add($r,32);
&sub("ecx",8);
+ &lea($a,&DWP(32,$a));
+ &lea($r,&DWP(32,$r));
&jnz(&label("maw_loop"));
&set_label("maw_finish",0);
@@ -160,16 +188,15 @@
for ($i=0; $i<7; $i++)
{
&comment("Tail Round $i");
- &mov("eax",&DWP($i*4,$a,"",0));# *a
+ &mov("eax",&DWP($i*4,$a)); # *a
&mul($w); # *a * w
&add("eax",$c); # L(t)+=c
- &mov($c,&DWP($i*4,$r,"",0)); # L(t)+= *r
&adc("edx",0); # H(t)+=carry
- &add("eax",$c);
+ &add("eax",&DWP($i*4,$r)); # L(t)+= *r
&adc("edx",0); # H(t)+=carry
&dec("ecx") if ($i != 7-1);
- &mov(&DWP($i*4,$r,"",0),"eax"); # *r= L(t);
- &mov($c,"edx"); # c= H(t);
+ &mov(&DWP($i*4,$r),"eax"); # *r= L(t);
+ &mov($c,"edx"); # c= H(t);
&jz(&label("maw_end")) if ($i != 7-1);
}
&set_label("maw_end",0);
@@ -184,8 +211,46 @@
{
local($name)=@_;
- &function_begin($name,"");
+ &function_begin_B($name,$sse2?"EXTRN\t_OPENSSL_ia32cap_P:DWORD":"");
+ $r="eax";
+ $a="edx";
+ $c="ecx";
+
+ if ($sse2) {
+ &picmeup("eax","OPENSSL_ia32cap_P");
+ &bt(&DWP(0,"eax"),26);
+ &jnc(&label("mw_non_sse2"));
+
+ &mov($r,&wparam(0));
+ &mov($a,&wparam(1));
+ &mov($c,&wparam(2));
+ &movd("mm0",&wparam(3)); # mm0 = w
+ &pxor("mm1","mm1"); # mm1 = carry = 0
+
+ &set_label("mw_sse2_loop",16);
+ &movd("mm2",&DWP(0,$a)); # mm2 = a[i]
+ &pmuludq("mm2","mm0"); # a[i] *= w
+ &lea($a,&DWP(4,$a));
+ &paddq("mm1","mm2"); # carry += a[i]*w
+ &movd(&DWP(0,$r),"mm1"); # r[i] = carry_low
+ &sub($c,1);
+ &psrlq("mm1",32); # carry = carry_high
+ &lea($r,&DWP(4,$r));
+ &jnz(&label("mw_sse2_loop"));
+
+ &movd("eax","mm1"); # return carry
+ &emms();
+ &ret();
+ &set_label("mw_non_sse2",16);
+ }
+
+ # function_begin prologue
+ &push("ebp");
+ &push("ebx");
+ &push("esi");
+ &push("edi");
+
&comment("");
$Low="eax";
$High="edx";
@@ -257,8 +322,41 @@
{
local($name)=@_;
- &function_begin($name,"");
+ &function_begin_B($name,$sse2?"EXTRN\t_OPENSSL_ia32cap_P:DWORD":"");
+ $r="eax";
+ $a="edx";
+ $c="ecx";
+
+ if ($sse2) {
+ &picmeup("eax","OPENSSL_ia32cap_P");
+ &bt(&DWP(0,"eax"),26);
+ &jnc(&label("sqr_non_sse2"));
+
+ &mov($r,&wparam(0));
+ &mov($a,&wparam(1));
+ &mov($c,&wparam(2));
+
+ &set_label("sqr_sse2_loop",16);
+ &movd("mm0",&DWP(0,$a)); # mm0 = a[i]
+ &pmuludq("mm0","mm0"); # a[i] *= a[i]
+ &lea($a,&DWP(4,$a)); # a++
+ &movq(&QWP(0,$r),"mm0"); # r[i] = a[i]*a[i]
+ &sub($c,1);
+ &lea($r,&DWP(8,$r)); # r += 2
+ &jnz(&label("sqr_sse2_loop"));
+
+ &emms();
+ &ret();
+ &set_label("sqr_non_sse2",16);
+ }
+
+ # function_begin prologue
+ &push("ebp");
+ &push("ebx");
+ &push("esi");
+ &push("edi");
+
&comment("");
$r="esi";
$a="edi";
@@ -313,12 +411,13 @@
{
local($name)=@_;
- &function_begin($name,"");
+ &function_begin_B($name,"");
&mov("edx",&wparam(0)); #
&mov("eax",&wparam(1)); #
- &mov("ebx",&wparam(2)); #
- &div("ebx");
- &function_end($name);
+ &mov("ecx",&wparam(2)); #
+ &div("ecx");
+ &ret();
+ &function_end_B($name);
}
sub bn_add_words
Modified: trunk/crypto/openssl/crypto/bn/asm/co-586.pl
===================================================================
--- trunk/crypto/openssl/crypto/bn/asm/co-586.pl 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/bn/asm/co-586.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,6 +1,7 @@
#!/usr/local/bin/perl
-push(@INC,"perlasm","../../perlasm");
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
require "x86asm.pl";
&asm_init($ARGV[0],$0);
Copied: trunk/crypto/openssl/crypto/bn/asm/ia64-mont.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/bn/asm/ia64-mont.pl)
===================================================================
--- trunk/crypto/openssl/crypto/bn/asm/ia64-mont.pl (rev 0)
+++ trunk/crypto/openssl/crypto/bn/asm/ia64-mont.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,851 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# January 2010
+#
+# "Teaser" Montgomery multiplication module for IA-64. There are
+# several possibilities for improvement:
+#
+# - modulo-scheduling outer loop would eliminate quite a number of
+# stalls after ldf8, xma and getf.sig outside inner loop and
+# improve shorter key performance;
+# - shorter vector support [with input vectors being fetched only
+# once] should be added;
+# - 2x unroll with help of n0[1] would make the code scalable on
+# "wider" IA-64, "wider" than Itanium 2 that is, which is not of
+# acute interest, because upcoming Tukwila's individual cores are
+# reportedly based on Itanium 2 design;
+# - dedicated squaring procedure(?);
+#
+# January 2010
+#
+# Shorter vector support is implemented by zero-padding ap and np
+# vectors up to 8 elements, or 512 bits. This means that 256-bit
+# inputs will be processed only 2 times faster than 512-bit inputs,
+# not 4 [as one would expect, because algorithm complexity is n^2].
+# The reason for padding is that inputs shorter than 512 bits won't
+# be processed faster anyway, because minimal critical path of the
+# core loop happens to match 512-bit timing. Either way, it resulted
+# in >100% improvement of 512-bit RSA sign benchmark and 50% - of
+# 1024-bit one [in comparison to original version of *this* module].
+#
+# So far 'openssl speed rsa dsa' output on 900MHz Itanium 2 *with*
+# this module is:
+# sign verify sign/s verify/s
+# rsa 512 bits 0.000290s 0.000024s 3452.8 42031.4
+# rsa 1024 bits 0.000793s 0.000058s 1261.7 17172.0
+# rsa 2048 bits 0.005908s 0.000148s 169.3 6754.0
+# rsa 4096 bits 0.033456s 0.000469s 29.9 2133.6
+# dsa 512 bits 0.000253s 0.000198s 3949.9 5057.0
+# dsa 1024 bits 0.000585s 0.000607s 1708.4 1647.4
+# dsa 2048 bits 0.001453s 0.001703s 688.1 587.4
+#
+# ... and *without* (but still with ia64.S):
+#
+# rsa 512 bits 0.000670s 0.000041s 1491.8 24145.5
+# rsa 1024 bits 0.001988s 0.000080s 502.9 12499.3
+# rsa 2048 bits 0.008702s 0.000189s 114.9 5293.9
+# rsa 4096 bits 0.043860s 0.000533s 22.8 1875.9
+# dsa 512 bits 0.000441s 0.000427s 2265.3 2340.6
+# dsa 1024 bits 0.000823s 0.000867s 1215.6 1153.2
+# dsa 2048 bits 0.001894s 0.002179s 528.1 458.9
+#
+# As it can be seen, RSA sign performance improves by 130-30%,
+# hereafter less for longer keys, while verify - by 74-13%.
+# DSA performance improves by 115-30%.
+
+if ($^O eq "hpux") {
+ $ADDP="addp4";
+ for (@ARGV) { $ADDP="add" if (/[\+DD|\-mlp]64/); }
+} else { $ADDP="add"; }
+
+$code=<<___;
+.explicit
+.text
+
+// int bn_mul_mont (BN_ULONG *rp,const BN_ULONG *ap,
+// const BN_ULONG *bp,const BN_ULONG *np,
+// const BN_ULONG *n0p,int num);
+.align 64
+.global bn_mul_mont#
+.proc bn_mul_mont#
+bn_mul_mont:
+ .prologue
+ .body
+{ .mmi; cmp4.le p6,p7=2,r37;;
+(p6) cmp4.lt.unc p8,p9=8,r37
+ mov ret0=r0 };;
+{ .bbb;
+(p9) br.cond.dptk.many bn_mul_mont_8
+(p8) br.cond.dpnt.many bn_mul_mont_general
+(p7) br.ret.spnt.many b0 };;
+.endp bn_mul_mont#
+
+prevfs=r2; prevpr=r3; prevlc=r10; prevsp=r11;
+
+rptr=r8; aptr=r9; bptr=r14; nptr=r15;
+tptr=r16; // &tp[0]
+tp_1=r17; // &tp[-1]
+num=r18; len=r19; lc=r20;
+topbit=r21; // carry bit from tmp[num]
+
+n0=f6;
+m0=f7;
+bi=f8;
+
+.align 64
+.local bn_mul_mont_general#
+.proc bn_mul_mont_general#
+bn_mul_mont_general:
+ .prologue
+{ .mmi; .save ar.pfs,prevfs
+ alloc prevfs=ar.pfs,6,2,0,8
+ $ADDP aptr=0,in1
+ .save ar.lc,prevlc
+ mov prevlc=ar.lc }
+{ .mmi; .vframe prevsp
+ mov prevsp=sp
+ $ADDP bptr=0,in2
+ .save pr,prevpr
+ mov prevpr=pr };;
+
+ .body
+ .rotf alo[6],nlo[4],ahi[8],nhi[6]
+ .rotr a[3],n[3],t[2]
+
+{ .mmi; ldf8 bi=[bptr],8 // (*bp++)
+ ldf8 alo[4]=[aptr],16 // ap[0]
+ $ADDP r30=8,in1 };;
+{ .mmi; ldf8 alo[3]=[r30],16 // ap[1]
+ ldf8 alo[2]=[aptr],16 // ap[2]
+ $ADDP in4=0,in4 };;
+{ .mmi; ldf8 alo[1]=[r30] // ap[3]
+ ldf8 n0=[in4] // n0
+ $ADDP rptr=0,in0 }
+{ .mmi; $ADDP nptr=0,in3
+ mov r31=16
+ zxt4 num=in5 };;
+{ .mmi; ldf8 nlo[2]=[nptr],8 // np[0]
+ shladd len=num,3,r0
+ shladd r31=num,3,r31 };;
+{ .mmi; ldf8 nlo[1]=[nptr],8 // np[1]
+ add lc=-5,num
+ sub r31=sp,r31 };;
+{ .mfb; and sp=-16,r31 // alloca
+ xmpy.hu ahi[2]=alo[4],bi // ap[0]*bp[0]
+ nop.b 0 }
+{ .mfb; nop.m 0
+ xmpy.lu alo[4]=alo[4],bi
+ brp.loop.imp .L1st_ctop,.L1st_cend-16
+ };;
+{ .mfi; nop.m 0
+ xma.hu ahi[1]=alo[3],bi,ahi[2] // ap[1]*bp[0]
+ add tp_1=8,sp }
+{ .mfi; nop.m 0
+ xma.lu alo[3]=alo[3],bi,ahi[2]
+ mov pr.rot=0x20001f<<16
+ // ------^----- (p40) at first (p23)
+ // ----------^^ p[16:20]=1
+ };;
+{ .mfi; nop.m 0
+ xmpy.lu m0=alo[4],n0 // (ap[0]*bp[0])*n0
+ mov ar.lc=lc }
+{ .mfi; nop.m 0
+ fcvt.fxu.s1 nhi[1]=f0
+ mov ar.ec=8 };;
+
+.align 32
+.L1st_ctop:
+.pred.rel "mutex",p40,p42
+{ .mfi; (p16) ldf8 alo[0]=[aptr],8 // *(aptr++)
+ (p18) xma.hu ahi[0]=alo[2],bi,ahi[1]
+ (p40) add n[2]=n[2],a[2] } // (p23) }
+{ .mfi; (p18) ldf8 nlo[0]=[nptr],8 // *(nptr++)(p16)
+ (p18) xma.lu alo[2]=alo[2],bi,ahi[1]
+ (p42) add n[2]=n[2],a[2],1 };; // (p23)
+{ .mfi; (p21) getf.sig a[0]=alo[5]
+ (p20) xma.hu nhi[0]=nlo[2],m0,nhi[1]
+ (p42) cmp.leu p41,p39=n[2],a[2] } // (p23)
+{ .mfi; (p23) st8 [tp_1]=n[2],8
+ (p20) xma.lu nlo[2]=nlo[2],m0,nhi[1]
+ (p40) cmp.ltu p41,p39=n[2],a[2] } // (p23)
+{ .mmb; (p21) getf.sig n[0]=nlo[3]
+ (p16) nop.m 0
+ br.ctop.sptk .L1st_ctop };;
+.L1st_cend:
+
+{ .mmi; getf.sig a[0]=ahi[6] // (p24)
+ getf.sig n[0]=nhi[4]
+ add num=-1,num };; // num--
+{ .mmi; .pred.rel "mutex",p40,p42
+(p40) add n[0]=n[0],a[0]
+(p42) add n[0]=n[0],a[0],1
+ sub aptr=aptr,len };; // rewind
+{ .mmi; .pred.rel "mutex",p40,p42
+(p40) cmp.ltu p41,p39=n[0],a[0]
+(p42) cmp.leu p41,p39=n[0],a[0]
+ sub nptr=nptr,len };;
+{ .mmi; .pred.rel "mutex",p39,p41
+(p39) add topbit=r0,r0
+(p41) add topbit=r0,r0,1
+ nop.i 0 }
+{ .mmi; st8 [tp_1]=n[0]
+ add tptr=16,sp
+ add tp_1=8,sp };;
+
+.Louter:
+{ .mmi; ldf8 bi=[bptr],8 // (*bp++)
+ ldf8 ahi[3]=[tptr] // tp[0]
+ add r30=8,aptr };;
+{ .mmi; ldf8 alo[4]=[aptr],16 // ap[0]
+ ldf8 alo[3]=[r30],16 // ap[1]
+ add r31=8,nptr };;
+{ .mfb; ldf8 alo[2]=[aptr],16 // ap[2]
+ xma.hu ahi[2]=alo[4],bi,ahi[3] // ap[0]*bp[i]+tp[0]
+ brp.loop.imp .Linner_ctop,.Linner_cend-16
+ }
+{ .mfb; ldf8 alo[1]=[r30] // ap[3]
+ xma.lu alo[4]=alo[4],bi,ahi[3]
+ clrrrb.pr };;
+{ .mfi; ldf8 nlo[2]=[nptr],16 // np[0]
+ xma.hu ahi[1]=alo[3],bi,ahi[2] // ap[1]*bp[i]
+ nop.i 0 }
+{ .mfi; ldf8 nlo[1]=[r31] // np[1]
+ xma.lu alo[3]=alo[3],bi,ahi[2]
+ mov pr.rot=0x20101f<<16
+ // ------^----- (p40) at first (p23)
+ // --------^--- (p30) at first (p22)
+ // ----------^^ p[16:20]=1
+ };;
+{ .mfi; st8 [tptr]=r0 // tp[0] is already accounted
+ xmpy.lu m0=alo[4],n0 // (ap[0]*bp[i]+tp[0])*n0
+ mov ar.lc=lc }
+{ .mfi;
+ fcvt.fxu.s1 nhi[1]=f0
+ mov ar.ec=8 };;
+
+// This loop spins in 4*(n+7) ticks on Itanium 2 and should spin in
+// 7*(n+7) ticks on Itanium (the one codenamed Merced). Factor of 7
+// in latter case accounts for two-tick pipeline stall, which means
+// that its performance would be ~20% lower than optimal one. No
+// attempt was made to address this, because original Itanium is
+// hardly represented out in the wild...
+.align 32
+.Linner_ctop:
+.pred.rel "mutex",p40,p42
+.pred.rel "mutex",p30,p32
+{ .mfi; (p16) ldf8 alo[0]=[aptr],8 // *(aptr++)
+ (p18) xma.hu ahi[0]=alo[2],bi,ahi[1]
+ (p40) add n[2]=n[2],a[2] } // (p23)
+{ .mfi; (p16) nop.m 0
+ (p18) xma.lu alo[2]=alo[2],bi,ahi[1]
+ (p42) add n[2]=n[2],a[2],1 };; // (p23)
+{ .mfi; (p21) getf.sig a[0]=alo[5]
+ (p16) nop.f 0
+ (p40) cmp.ltu p41,p39=n[2],a[2] } // (p23)
+{ .mfi; (p21) ld8 t[0]=[tptr],8
+ (p16) nop.f 0
+ (p42) cmp.leu p41,p39=n[2],a[2] };; // (p23)
+{ .mfi; (p18) ldf8 nlo[0]=[nptr],8 // *(nptr++)
+ (p20) xma.hu nhi[0]=nlo[2],m0,nhi[1]
+ (p30) add a[1]=a[1],t[1] } // (p22)
+{ .mfi; (p16) nop.m 0
+ (p20) xma.lu nlo[2]=nlo[2],m0,nhi[1]
+ (p32) add a[1]=a[1],t[1],1 };; // (p22)
+{ .mmi; (p21) getf.sig n[0]=nlo[3]
+ (p16) nop.m 0
+ (p30) cmp.ltu p31,p29=a[1],t[1] } // (p22)
+{ .mmb; (p23) st8 [tp_1]=n[2],8
+ (p32) cmp.leu p31,p29=a[1],t[1] // (p22)
+ br.ctop.sptk .Linner_ctop };;
+.Linner_cend:
+
+{ .mmi; getf.sig a[0]=ahi[6] // (p24)
+ getf.sig n[0]=nhi[4]
+ nop.i 0 };;
+
+{ .mmi; .pred.rel "mutex",p31,p33
+(p31) add a[0]=a[0],topbit
+(p33) add a[0]=a[0],topbit,1
+ mov topbit=r0 };;
+{ .mfi; .pred.rel "mutex",p31,p33
+(p31) cmp.ltu p32,p30=a[0],topbit
+(p33) cmp.leu p32,p30=a[0],topbit
+ }
+{ .mfi; .pred.rel "mutex",p40,p42
+(p40) add n[0]=n[0],a[0]
+(p42) add n[0]=n[0],a[0],1
+ };;
+{ .mmi; .pred.rel "mutex",p44,p46
+(p40) cmp.ltu p41,p39=n[0],a[0]
+(p42) cmp.leu p41,p39=n[0],a[0]
+(p32) add topbit=r0,r0,1 }
+
+{ .mmi; st8 [tp_1]=n[0],8
+ cmp4.ne p6,p0=1,num
+ sub aptr=aptr,len };; // rewind
+{ .mmi; sub nptr=nptr,len
+(p41) add topbit=r0,r0,1
+ add tptr=16,sp }
+{ .mmb; add tp_1=8,sp
+ add num=-1,num // num--
+(p6) br.cond.sptk.many .Louter };;
+
+{ .mbb; add lc=4,lc
+ brp.loop.imp .Lsub_ctop,.Lsub_cend-16
+ clrrrb.pr };;
+{ .mii; nop.m 0
+ mov pr.rot=0x10001<<16
+ // ------^---- (p33) at first (p17)
+ mov ar.lc=lc }
+{ .mii; nop.m 0
+ mov ar.ec=3
+ nop.i 0 };;
+
+.Lsub_ctop:
+.pred.rel "mutex",p33,p35
+{ .mfi; (p16) ld8 t[0]=[tptr],8 // t=*(tp++)
+ (p16) nop.f 0
+ (p33) sub n[1]=t[1],n[1] } // (p17)
+{ .mfi; (p16) ld8 n[0]=[nptr],8 // n=*(np++)
+ (p16) nop.f 0
+ (p35) sub n[1]=t[1],n[1],1 };; // (p17)
+{ .mib; (p18) st8 [rptr]=n[2],8 // *(rp++)=r
+ (p33) cmp.gtu p34,p32=n[1],t[1] // (p17)
+ (p18) nop.b 0 }
+{ .mib; (p18) nop.m 0
+ (p35) cmp.geu p34,p32=n[1],t[1] // (p17)
+ br.ctop.sptk .Lsub_ctop };;
+.Lsub_cend:
+
+{ .mmb; .pred.rel "mutex",p34,p36
+(p34) sub topbit=topbit,r0 // (p19)
+(p36) sub topbit=topbit,r0,1
+ brp.loop.imp .Lcopy_ctop,.Lcopy_cend-16
+ }
+{ .mmb; sub rptr=rptr,len // rewind
+ sub tptr=tptr,len
+ clrrrb.pr };;
+{ .mmi; and aptr=tptr,topbit
+ andcm bptr=rptr,topbit
+ mov pr.rot=1<<16 };;
+{ .mii; or nptr=aptr,bptr
+ mov ar.lc=lc
+ mov ar.ec=3 };;
+
+.Lcopy_ctop:
+{ .mmb; (p16) ld8 n[0]=[nptr],8
+ (p18) st8 [tptr]=r0,8
+ (p16) nop.b 0 }
+{ .mmb; (p16) nop.m 0
+ (p18) st8 [rptr]=n[2],8
+ br.ctop.sptk .Lcopy_ctop };;
+.Lcopy_cend:
+
+{ .mmi; mov ret0=1 // signal "handled"
+ rum 1<<5 // clear um.mfh
+ mov ar.lc=prevlc }
+{ .mib; .restore sp
+ mov sp=prevsp
+ mov pr=prevpr,0x1ffff
+ br.ret.sptk.many b0 };;
+.endp bn_mul_mont_general#
+
+a1=r16; a2=r17; a3=r18; a4=r19; a5=r20; a6=r21; a7=r22; a8=r23;
+n1=r24; n2=r25; n3=r26; n4=r27; n5=r28; n6=r29; n7=r30; n8=r31;
+t0=r15;
+
+ai0=f8; ai1=f9; ai2=f10; ai3=f11; ai4=f12; ai5=f13; ai6=f14; ai7=f15;
+ni0=f16; ni1=f17; ni2=f18; ni3=f19; ni4=f20; ni5=f21; ni6=f22; ni7=f23;
+
+.align 64
+.skip 48 // aligns loop body
+.local bn_mul_mont_8#
+.proc bn_mul_mont_8#
+bn_mul_mont_8:
+ .prologue
+{ .mmi; .save ar.pfs,prevfs
+ alloc prevfs=ar.pfs,6,2,0,8
+ .vframe prevsp
+ mov prevsp=sp
+ .save ar.lc,prevlc
+ mov prevlc=ar.lc }
+{ .mmi; add r17=-6*16,sp
+ add sp=-7*16,sp
+ .save pr,prevpr
+ mov prevpr=pr };;
+
+{ .mmi; .save.gf 0,0x10
+ stf.spill [sp]=f16,-16
+ .save.gf 0,0x20
+ stf.spill [r17]=f17,32
+ add r16=-5*16,prevsp};;
+{ .mmi; .save.gf 0,0x40
+ stf.spill [r16]=f18,32
+ .save.gf 0,0x80
+ stf.spill [r17]=f19,32
+ $ADDP aptr=0,in1 };;
+{ .mmi; .save.gf 0,0x100
+ stf.spill [r16]=f20,32
+ .save.gf 0,0x200
+ stf.spill [r17]=f21,32
+ $ADDP r29=8,in1 };;
+{ .mmi; .save.gf 0,0x400
+ stf.spill [r16]=f22
+ .save.gf 0,0x800
+ stf.spill [r17]=f23
+ $ADDP rptr=0,in0 };;
+
+ .body
+ .rotf bj[8],mj[2],tf[2],alo[10],ahi[10],nlo[10],nhi[10]
+ .rotr t[8]
+
+// load input vectors padding them to 8 elements
+{ .mmi; ldf8 ai0=[aptr],16 // ap[0]
+ ldf8 ai1=[r29],16 // ap[1]
+ $ADDP bptr=0,in2 }
+{ .mmi; $ADDP r30=8,in2
+ $ADDP nptr=0,in3
+ $ADDP r31=8,in3 };;
+{ .mmi; ldf8 bj[7]=[bptr],16 // bp[0]
+ ldf8 bj[6]=[r30],16 // bp[1]
+ cmp4.le p4,p5=3,in5 }
+{ .mmi; ldf8 ni0=[nptr],16 // np[0]
+ ldf8 ni1=[r31],16 // np[1]
+ cmp4.le p6,p7=4,in5 };;
+
+{ .mfi; (p4)ldf8 ai2=[aptr],16 // ap[2]
+ (p5)fcvt.fxu ai2=f0
+ cmp4.le p8,p9=5,in5 }
+{ .mfi; (p6)ldf8 ai3=[r29],16 // ap[3]
+ (p7)fcvt.fxu ai3=f0
+ cmp4.le p10,p11=6,in5 }
+{ .mfi; (p4)ldf8 bj[5]=[bptr],16 // bp[2]
+ (p5)fcvt.fxu bj[5]=f0
+ cmp4.le p12,p13=7,in5 }
+{ .mfi; (p6)ldf8 bj[4]=[r30],16 // bp[3]
+ (p7)fcvt.fxu bj[4]=f0
+ cmp4.le p14,p15=8,in5 }
+{ .mfi; (p4)ldf8 ni2=[nptr],16 // np[2]
+ (p5)fcvt.fxu ni2=f0
+ addp4 r28=-1,in5 }
+{ .mfi; (p6)ldf8 ni3=[r31],16 // np[3]
+ (p7)fcvt.fxu ni3=f0
+ $ADDP in4=0,in4 };;
+
+{ .mfi; ldf8 n0=[in4]
+ fcvt.fxu tf[1]=f0
+ nop.i 0 }
+
+{ .mfi; (p8)ldf8 ai4=[aptr],16 // ap[4]
+ (p9)fcvt.fxu ai4=f0
+ mov t[0]=r0 }
+{ .mfi; (p10)ldf8 ai5=[r29],16 // ap[5]
+ (p11)fcvt.fxu ai5=f0
+ mov t[1]=r0 }
+{ .mfi; (p8)ldf8 bj[3]=[bptr],16 // bp[4]
+ (p9)fcvt.fxu bj[3]=f0
+ mov t[2]=r0 }
+{ .mfi; (p10)ldf8 bj[2]=[r30],16 // bp[5]
+ (p11)fcvt.fxu bj[2]=f0
+ mov t[3]=r0 }
+{ .mfi; (p8)ldf8 ni4=[nptr],16 // np[4]
+ (p9)fcvt.fxu ni4=f0
+ mov t[4]=r0 }
+{ .mfi; (p10)ldf8 ni5=[r31],16 // np[5]
+ (p11)fcvt.fxu ni5=f0
+ mov t[5]=r0 };;
+
+{ .mfi; (p12)ldf8 ai6=[aptr],16 // ap[6]
+ (p13)fcvt.fxu ai6=f0
+ mov t[6]=r0 }
+{ .mfi; (p14)ldf8 ai7=[r29],16 // ap[7]
+ (p15)fcvt.fxu ai7=f0
+ mov t[7]=r0 }
+{ .mfi; (p12)ldf8 bj[1]=[bptr],16 // bp[6]
+ (p13)fcvt.fxu bj[1]=f0
+ mov ar.lc=r28 }
+{ .mfi; (p14)ldf8 bj[0]=[r30],16 // bp[7]
+ (p15)fcvt.fxu bj[0]=f0
+ mov ar.ec=1 }
+{ .mfi; (p12)ldf8 ni6=[nptr],16 // np[6]
+ (p13)fcvt.fxu ni6=f0
+ mov pr.rot=1<<16 }
+{ .mfb; (p14)ldf8 ni7=[r31],16 // np[7]
+ (p15)fcvt.fxu ni7=f0
+ brp.loop.imp .Louter_8_ctop,.Louter_8_cend-16
+ };;
+
+// The loop is scheduled for 32*n ticks on Itanium 2. Actual attempt
+// to measure with help of Interval Time Counter indicated that the
+// factor is a tad higher: 33 or 34, if not 35. Exact measurement and
+// addressing the issue is problematic, because I don't have access
+// to platform-specific instruction-level profiler. On Itanium it
+// should run in 56*n ticks, because of higher xma latency...
+.Louter_8_ctop:
+ .pred.rel "mutex",p40,p42
+ .pred.rel "mutex",p48,p50
+{ .mfi; (p16) nop.m 0 // 0:
+ (p16) xma.hu ahi[0]=ai0,bj[7],tf[1] // ap[0]*b[i]+t[0]
+ (p40) add a3=a3,n3 } // (p17) a3+=n3
+{ .mfi; (p42) add a3=a3,n3,1
+ (p16) xma.lu alo[0]=ai0,bj[7],tf[1]
+ (p16) nop.i 0 };;
+{ .mii; (p17) getf.sig a7=alo[8] // 1:
+ (p48) add t[6]=t[6],a3 // (p17) t[6]+=a3
+ (p50) add t[6]=t[6],a3,1 };;
+{ .mfi; (p17) getf.sig a8=ahi[8] // 2:
+ (p17) xma.hu nhi[7]=ni6,mj[1],nhi[6] // np[6]*m0
+ (p40) cmp.ltu p43,p41=a3,n3 }
+{ .mfi; (p42) cmp.leu p43,p41=a3,n3
+ (p17) xma.lu nlo[7]=ni6,mj[1],nhi[6]
+ (p16) nop.i 0 };;
+{ .mii; (p17) getf.sig n5=nlo[6] // 3:
+ (p48) cmp.ltu p51,p49=t[6],a3
+ (p50) cmp.leu p51,p49=t[6],a3 };;
+ .pred.rel "mutex",p41,p43
+ .pred.rel "mutex",p49,p51
+{ .mfi; (p16) nop.m 0 // 4:
+ (p16) xma.hu ahi[1]=ai1,bj[7],ahi[0] // ap[1]*b[i]
+ (p41) add a4=a4,n4 } // (p17) a4+=n4
+{ .mfi; (p43) add a4=a4,n4,1
+ (p16) xma.lu alo[1]=ai1,bj[7],ahi[0]
+ (p16) nop.i 0 };;
+{ .mfi; (p49) add t[5]=t[5],a4 // 5: (p17) t[5]+=a4
+ (p16) xmpy.lu mj[0]=alo[0],n0 // (ap[0]*b[i]+t[0])*n0
+ (p51) add t[5]=t[5],a4,1 };;
+{ .mfi; (p16) nop.m 0 // 6:
+ (p17) xma.hu nhi[8]=ni7,mj[1],nhi[7] // np[7]*m0
+ (p41) cmp.ltu p42,p40=a4,n4 }
+{ .mfi; (p43) cmp.leu p42,p40=a4,n4
+ (p17) xma.lu nlo[8]=ni7,mj[1],nhi[7]
+ (p16) nop.i 0 };;
+{ .mii; (p17) getf.sig n6=nlo[7] // 7:
+ (p49) cmp.ltu p50,p48=t[5],a4
+ (p51) cmp.leu p50,p48=t[5],a4 };;
+ .pred.rel "mutex",p40,p42
+ .pred.rel "mutex",p48,p50
+{ .mfi; (p16) nop.m 0 // 8:
+ (p16) xma.hu ahi[2]=ai2,bj[7],ahi[1] // ap[2]*b[i]
+ (p40) add a5=a5,n5 } // (p17) a5+=n5
+{ .mfi; (p42) add a5=a5,n5,1
+ (p16) xma.lu alo[2]=ai2,bj[7],ahi[1]
+ (p16) nop.i 0 };;
+{ .mii; (p16) getf.sig a1=alo[1] // 9:
+ (p48) add t[4]=t[4],a5 // p(17) t[4]+=a5
+ (p50) add t[4]=t[4],a5,1 };;
+{ .mfi; (p16) nop.m 0 // 10:
+ (p16) xma.hu nhi[0]=ni0,mj[0],alo[0] // np[0]*m0
+ (p40) cmp.ltu p43,p41=a5,n5 }
+{ .mfi; (p42) cmp.leu p43,p41=a5,n5
+ (p16) xma.lu nlo[0]=ni0,mj[0],alo[0]
+ (p16) nop.i 0 };;
+{ .mii; (p17) getf.sig n7=nlo[8] // 11:
+ (p48) cmp.ltu p51,p49=t[4],a5
+ (p50) cmp.leu p51,p49=t[4],a5 };;
+ .pred.rel "mutex",p41,p43
+ .pred.rel "mutex",p49,p51
+{ .mfi; (p17) getf.sig n8=nhi[8] // 12:
+ (p16) xma.hu ahi[3]=ai3,bj[7],ahi[2] // ap[3]*b[i]
+ (p41) add a6=a6,n6 } // (p17) a6+=n6
+{ .mfi; (p43) add a6=a6,n6,1
+ (p16) xma.lu alo[3]=ai3,bj[7],ahi[2]
+ (p16) nop.i 0 };;
+{ .mii; (p16) getf.sig a2=alo[2] // 13:
+ (p49) add t[3]=t[3],a6 // (p17) t[3]+=a6
+ (p51) add t[3]=t[3],a6,1 };;
+{ .mfi; (p16) nop.m 0 // 14:
+ (p16) xma.hu nhi[1]=ni1,mj[0],nhi[0] // np[1]*m0
+ (p41) cmp.ltu p42,p40=a6,n6 }
+{ .mfi; (p43) cmp.leu p42,p40=a6,n6
+ (p16) xma.lu nlo[1]=ni1,mj[0],nhi[0]
+ (p16) nop.i 0 };;
+{ .mii; (p16) nop.m 0 // 15:
+ (p49) cmp.ltu p50,p48=t[3],a6
+ (p51) cmp.leu p50,p48=t[3],a6 };;
+ .pred.rel "mutex",p40,p42
+ .pred.rel "mutex",p48,p50
+{ .mfi; (p16) nop.m 0 // 16:
+ (p16) xma.hu ahi[4]=ai4,bj[7],ahi[3] // ap[4]*b[i]
+ (p40) add a7=a7,n7 } // (p17) a7+=n7
+{ .mfi; (p42) add a7=a7,n7,1
+ (p16) xma.lu alo[4]=ai4,bj[7],ahi[3]
+ (p16) nop.i 0 };;
+{ .mii; (p16) getf.sig a3=alo[3] // 17:
+ (p48) add t[2]=t[2],a7 // (p17) t[2]+=a7
+ (p50) add t[2]=t[2],a7,1 };;
+{ .mfi; (p16) nop.m 0 // 18:
+ (p16) xma.hu nhi[2]=ni2,mj[0],nhi[1] // np[2]*m0
+ (p40) cmp.ltu p43,p41=a7,n7 }
+{ .mfi; (p42) cmp.leu p43,p41=a7,n7
+ (p16) xma.lu nlo[2]=ni2,mj[0],nhi[1]
+ (p16) nop.i 0 };;
+{ .mii; (p16) getf.sig n1=nlo[1] // 19:
+ (p48) cmp.ltu p51,p49=t[2],a7
+ (p50) cmp.leu p51,p49=t[2],a7 };;
+ .pred.rel "mutex",p41,p43
+ .pred.rel "mutex",p49,p51
+{ .mfi; (p16) nop.m 0 // 20:
+ (p16) xma.hu ahi[5]=ai5,bj[7],ahi[4] // ap[5]*b[i]
+ (p41) add a8=a8,n8 } // (p17) a8+=n8
+{ .mfi; (p43) add a8=a8,n8,1
+ (p16) xma.lu alo[5]=ai5,bj[7],ahi[4]
+ (p16) nop.i 0 };;
+{ .mii; (p16) getf.sig a4=alo[4] // 21:
+ (p49) add t[1]=t[1],a8 // (p17) t[1]+=a8
+ (p51) add t[1]=t[1],a8,1 };;
+{ .mfi; (p16) nop.m 0 // 22:
+ (p16) xma.hu nhi[3]=ni3,mj[0],nhi[2] // np[3]*m0
+ (p41) cmp.ltu p42,p40=a8,n8 }
+{ .mfi; (p43) cmp.leu p42,p40=a8,n8
+ (p16) xma.lu nlo[3]=ni3,mj[0],nhi[2]
+ (p16) nop.i 0 };;
+{ .mii; (p16) getf.sig n2=nlo[2] // 23:
+ (p49) cmp.ltu p50,p48=t[1],a8
+ (p51) cmp.leu p50,p48=t[1],a8 };;
+{ .mfi; (p16) nop.m 0 // 24:
+ (p16) xma.hu ahi[6]=ai6,bj[7],ahi[5] // ap[6]*b[i]
+ (p16) add a1=a1,n1 } // (p16) a1+=n1
+{ .mfi; (p16) nop.m 0
+ (p16) xma.lu alo[6]=ai6,bj[7],ahi[5]
+ (p17) mov t[0]=r0 };;
+{ .mii; (p16) getf.sig a5=alo[5] // 25:
+ (p16) add t0=t[7],a1 // (p16) t[7]+=a1
+ (p42) add t[0]=t[0],r0,1 };;
+{ .mfi; (p16) setf.sig tf[0]=t0 // 26:
+ (p16) xma.hu nhi[4]=ni4,mj[0],nhi[3] // np[4]*m0
+ (p50) add t[0]=t[0],r0,1 }
+{ .mfi; (p16) cmp.ltu.unc p42,p40=a1,n1
+ (p16) xma.lu nlo[4]=ni4,mj[0],nhi[3]
+ (p16) nop.i 0 };;
+{ .mii; (p16) getf.sig n3=nlo[3] // 27:
+ (p16) cmp.ltu.unc p50,p48=t0,a1
+ (p16) nop.i 0 };;
+ .pred.rel "mutex",p40,p42
+ .pred.rel "mutex",p48,p50
+{ .mfi; (p16) nop.m 0 // 28:
+ (p16) xma.hu ahi[7]=ai7,bj[7],ahi[6] // ap[7]*b[i]
+ (p40) add a2=a2,n2 } // (p16) a2+=n2
+{ .mfi; (p42) add a2=a2,n2,1
+ (p16) xma.lu alo[7]=ai7,bj[7],ahi[6]
+ (p16) nop.i 0 };;
+{ .mii; (p16) getf.sig a6=alo[6] // 29:
+ (p48) add t[6]=t[6],a2 // (p16) t[6]+=a2
+ (p50) add t[6]=t[6],a2,1 };;
+{ .mfi; (p16) nop.m 0 // 30:
+ (p16) xma.hu nhi[5]=ni5,mj[0],nhi[4] // np[5]*m0
+ (p40) cmp.ltu p41,p39=a2,n2 }
+{ .mfi; (p42) cmp.leu p41,p39=a2,n2
+ (p16) xma.lu nlo[5]=ni5,mj[0],nhi[4]
+ (p16) nop.i 0 };;
+{ .mfi; (p16) getf.sig n4=nlo[4] // 31:
+ (p16) nop.f 0
+ (p48) cmp.ltu p49,p47=t[6],a2 }
+{ .mfb; (p50) cmp.leu p49,p47=t[6],a2
+ (p16) nop.f 0
+ br.ctop.sptk.many .Louter_8_ctop };;
+.Louter_8_cend:
+
+// above loop has to execute one more time, without (p16), which is
+// replaced with merged move of np[8] to GPR bank
+ .pred.rel "mutex",p40,p42
+ .pred.rel "mutex",p48,p50
+{ .mmi; (p0) getf.sig n1=ni0 // 0:
+ (p40) add a3=a3,n3 // (p17) a3+=n3
+ (p42) add a3=a3,n3,1 };;
+{ .mii; (p17) getf.sig a7=alo[8] // 1:
+ (p48) add t[6]=t[6],a3 // (p17) t[6]+=a3
+ (p50) add t[6]=t[6],a3,1 };;
+{ .mfi; (p17) getf.sig a8=ahi[8] // 2:
+ (p17) xma.hu nhi[7]=ni6,mj[1],nhi[6] // np[6]*m0
+ (p40) cmp.ltu p43,p41=a3,n3 }
+{ .mfi; (p42) cmp.leu p43,p41=a3,n3
+ (p17) xma.lu nlo[7]=ni6,mj[1],nhi[6]
+ (p0) nop.i 0 };;
+{ .mii; (p17) getf.sig n5=nlo[6] // 3:
+ (p48) cmp.ltu p51,p49=t[6],a3
+ (p50) cmp.leu p51,p49=t[6],a3 };;
+ .pred.rel "mutex",p41,p43
+ .pred.rel "mutex",p49,p51
+{ .mmi; (p0) getf.sig n2=ni1 // 4:
+ (p41) add a4=a4,n4 // (p17) a4+=n4
+ (p43) add a4=a4,n4,1 };;
+{ .mfi; (p49) add t[5]=t[5],a4 // 5: (p17) t[5]+=a4
+ (p0) nop.f 0
+ (p51) add t[5]=t[5],a4,1 };;
+{ .mfi; (p0) getf.sig n3=ni2 // 6:
+ (p17) xma.hu nhi[8]=ni7,mj[1],nhi[7] // np[7]*m0
+ (p41) cmp.ltu p42,p40=a4,n4 }
+{ .mfi; (p43) cmp.leu p42,p40=a4,n4
+ (p17) xma.lu nlo[8]=ni7,mj[1],nhi[7]
+ (p0) nop.i 0 };;
+{ .mii; (p17) getf.sig n6=nlo[7] // 7:
+ (p49) cmp.ltu p50,p48=t[5],a4
+ (p51) cmp.leu p50,p48=t[5],a4 };;
+ .pred.rel "mutex",p40,p42
+ .pred.rel "mutex",p48,p50
+{ .mii; (p0) getf.sig n4=ni3 // 8:
+ (p40) add a5=a5,n5 // (p17) a5+=n5
+ (p42) add a5=a5,n5,1 };;
+{ .mii; (p0) nop.m 0 // 9:
+ (p48) add t[4]=t[4],a5 // p(17) t[4]+=a5
+ (p50) add t[4]=t[4],a5,1 };;
+{ .mii; (p0) nop.m 0 // 10:
+ (p40) cmp.ltu p43,p41=a5,n5
+ (p42) cmp.leu p43,p41=a5,n5 };;
+{ .mii; (p17) getf.sig n7=nlo[8] // 11:
+ (p48) cmp.ltu p51,p49=t[4],a5
+ (p50) cmp.leu p51,p49=t[4],a5 };;
+ .pred.rel "mutex",p41,p43
+ .pred.rel "mutex",p49,p51
+{ .mii; (p17) getf.sig n8=nhi[8] // 12:
+ (p41) add a6=a6,n6 // (p17) a6+=n6
+ (p43) add a6=a6,n6,1 };;
+{ .mii; (p0) getf.sig n5=ni4 // 13:
+ (p49) add t[3]=t[3],a6 // (p17) t[3]+=a6
+ (p51) add t[3]=t[3],a6,1 };;
+{ .mii; (p0) nop.m 0 // 14:
+ (p41) cmp.ltu p42,p40=a6,n6
+ (p43) cmp.leu p42,p40=a6,n6 };;
+{ .mii; (p0) getf.sig n6=ni5 // 15:
+ (p49) cmp.ltu p50,p48=t[3],a6
+ (p51) cmp.leu p50,p48=t[3],a6 };;
+ .pred.rel "mutex",p40,p42
+ .pred.rel "mutex",p48,p50
+{ .mii; (p0) nop.m 0 // 16:
+ (p40) add a7=a7,n7 // (p17) a7+=n7
+ (p42) add a7=a7,n7,1 };;
+{ .mii; (p0) nop.m 0 // 17:
+ (p48) add t[2]=t[2],a7 // (p17) t[2]+=a7
+ (p50) add t[2]=t[2],a7,1 };;
+{ .mii; (p0) nop.m 0 // 18:
+ (p40) cmp.ltu p43,p41=a7,n7
+ (p42) cmp.leu p43,p41=a7,n7 };;
+{ .mii; (p0) getf.sig n7=ni6 // 19:
+ (p48) cmp.ltu p51,p49=t[2],a7
+ (p50) cmp.leu p51,p49=t[2],a7 };;
+ .pred.rel "mutex",p41,p43
+ .pred.rel "mutex",p49,p51
+{ .mii; (p0) nop.m 0 // 20:
+ (p41) add a8=a8,n8 // (p17) a8+=n8
+ (p43) add a8=a8,n8,1 };;
+{ .mmi; (p0) nop.m 0 // 21:
+ (p49) add t[1]=t[1],a8 // (p17) t[1]+=a8
+ (p51) add t[1]=t[1],a8,1 }
+{ .mmi; (p17) mov t[0]=r0
+ (p41) cmp.ltu p42,p40=a8,n8
+ (p43) cmp.leu p42,p40=a8,n8 };;
+{ .mmi; (p0) getf.sig n8=ni7 // 22:
+ (p49) cmp.ltu p50,p48=t[1],a8
+ (p51) cmp.leu p50,p48=t[1],a8 }
+{ .mmi; (p42) add t[0]=t[0],r0,1
+ (p0) add r16=-7*16,prevsp
+ (p0) add r17=-6*16,prevsp };;
+
+// subtract np[8] from carrybit|tmp[8]
+// carrybit|tmp[8] layout upon exit from above loop is:
+// t[0]|t[1]|t[2]|t[3]|t[4]|t[5]|t[6]|t[7]|t0 (least significant)
+{ .mmi; (p50)add t[0]=t[0],r0,1
+ add r18=-5*16,prevsp
+ sub n1=t0,n1 };;
+{ .mmi; cmp.gtu p34,p32=n1,t0;;
+ .pred.rel "mutex",p32,p34
+ (p32)sub n2=t[7],n2
+ (p34)sub n2=t[7],n2,1 };;
+{ .mii; (p32)cmp.gtu p35,p33=n2,t[7]
+ (p34)cmp.geu p35,p33=n2,t[7];;
+ .pred.rel "mutex",p33,p35
+ (p33)sub n3=t[6],n3 }
+{ .mmi; (p35)sub n3=t[6],n3,1;;
+ (p33)cmp.gtu p34,p32=n3,t[6]
+ (p35)cmp.geu p34,p32=n3,t[6] };;
+ .pred.rel "mutex",p32,p34
+{ .mii; (p32)sub n4=t[5],n4
+ (p34)sub n4=t[5],n4,1;;
+ (p32)cmp.gtu p35,p33=n4,t[5] }
+{ .mmi; (p34)cmp.geu p35,p33=n4,t[5];;
+ .pred.rel "mutex",p33,p35
+ (p33)sub n5=t[4],n5
+ (p35)sub n5=t[4],n5,1 };;
+{ .mii; (p33)cmp.gtu p34,p32=n5,t[4]
+ (p35)cmp.geu p34,p32=n5,t[4];;
+ .pred.rel "mutex",p32,p34
+ (p32)sub n6=t[3],n6 }
+{ .mmi; (p34)sub n6=t[3],n6,1;;
+ (p32)cmp.gtu p35,p33=n6,t[3]
+ (p34)cmp.geu p35,p33=n6,t[3] };;
+ .pred.rel "mutex",p33,p35
+{ .mii; (p33)sub n7=t[2],n7
+ (p35)sub n7=t[2],n7,1;;
+ (p33)cmp.gtu p34,p32=n7,t[2] }
+{ .mmi; (p35)cmp.geu p34,p32=n7,t[2];;
+ .pred.rel "mutex",p32,p34
+ (p32)sub n8=t[1],n8
+ (p34)sub n8=t[1],n8,1 };;
+{ .mii; (p32)cmp.gtu p35,p33=n8,t[1]
+ (p34)cmp.geu p35,p33=n8,t[1];;
+ .pred.rel "mutex",p33,p35
+ (p33)sub a8=t[0],r0 }
+{ .mmi; (p35)sub a8=t[0],r0,1;;
+ (p33)cmp.gtu p34,p32=a8,t[0]
+ (p35)cmp.geu p34,p32=a8,t[0] };;
+
+// save the result, either tmp[num] or tmp[num]-np[num]
+ .pred.rel "mutex",p32,p34
+{ .mmi; (p32)st8 [rptr]=n1,8
+ (p34)st8 [rptr]=t0,8
+ add r19=-4*16,prevsp};;
+{ .mmb; (p32)st8 [rptr]=n2,8
+ (p34)st8 [rptr]=t[7],8
+ (p5)br.cond.dpnt.few .Ldone };;
+{ .mmb; (p32)st8 [rptr]=n3,8
+ (p34)st8 [rptr]=t[6],8
+ (p7)br.cond.dpnt.few .Ldone };;
+{ .mmb; (p32)st8 [rptr]=n4,8
+ (p34)st8 [rptr]=t[5],8
+ (p9)br.cond.dpnt.few .Ldone };;
+{ .mmb; (p32)st8 [rptr]=n5,8
+ (p34)st8 [rptr]=t[4],8
+ (p11)br.cond.dpnt.few .Ldone };;
+{ .mmb; (p32)st8 [rptr]=n6,8
+ (p34)st8 [rptr]=t[3],8
+ (p13)br.cond.dpnt.few .Ldone };;
+{ .mmb; (p32)st8 [rptr]=n7,8
+ (p34)st8 [rptr]=t[2],8
+ (p15)br.cond.dpnt.few .Ldone };;
+{ .mmb; (p32)st8 [rptr]=n8,8
+ (p34)st8 [rptr]=t[1],8
+ nop.b 0 };;
+.Ldone: // epilogue
+{ .mmi; ldf.fill f16=[r16],64
+ ldf.fill f17=[r17],64
+ nop.i 0 }
+{ .mmi; ldf.fill f18=[r18],64
+ ldf.fill f19=[r19],64
+ mov pr=prevpr,0x1ffff };;
+{ .mmi; ldf.fill f20=[r16]
+ ldf.fill f21=[r17]
+ mov ar.lc=prevlc }
+{ .mmi; ldf.fill f22=[r18]
+ ldf.fill f23=[r19]
+ mov ret0=1 } // signal "handled"
+{ .mib; rum 1<<5
+ .restore sp
+ mov sp=prevsp
+ br.ret.sptk.many b0 };;
+.endp bn_mul_mont_8#
+
+.type copyright#,\@object
+copyright:
+stringz "Montgomery multiplication for IA-64, CRYPTOGAMS by <appro\@openssl.org>"
+___
+
+$output=shift and open STDOUT,">$output";
+print $code;
+close STDOUT;
Copied: trunk/crypto/openssl/crypto/bn/asm/mips-mont.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/bn/asm/mips-mont.pl)
===================================================================
--- trunk/crypto/openssl/crypto/bn/asm/mips-mont.pl (rev 0)
+++ trunk/crypto/openssl/crypto/bn/asm/mips-mont.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,426 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# This module doesn't present direct interest for OpenSSL, because it
+# doesn't provide better performance for longer keys, at least not on
+# in-order-execution cores. While 512-bit RSA sign operations can be
+# 65% faster in 64-bit mode, 1024-bit ones are only 15% faster, and
+# 4096-bit ones are up to 15% slower. In 32-bit mode it varies from
+# 16% improvement for 512-bit RSA sign to -33% for 4096-bit RSA
+# verify:-( All comparisons are against bn_mul_mont-free assembler.
+# The module might be of interest to embedded system developers, as
+# the code is smaller than 1KB, yet offers >3x improvement on MIPS64
+# and 75-30% [less for longer keys] on MIPS32 over compiler-generated
+# code.
+
+######################################################################
+# There is a number of MIPS ABI in use, O32 and N32/64 are most
+# widely used. Then there is a new contender: NUBI. It appears that if
+# one picks the latter, it's possible to arrange code in ABI neutral
+# manner. Therefore let's stick to NUBI register layout:
+#
+($zero,$at,$t0,$t1,$t2)=map("\$$_",(0..2,24,25));
+($a0,$a1,$a2,$a3,$a4,$a5,$a6,$a7)=map("\$$_",(4..11));
+($s0,$s1,$s2,$s3,$s4,$s5,$s6,$s7,$s8,$s9,$s10,$s11)=map("\$$_",(12..23));
+($gp,$tp,$sp,$fp,$ra)=map("\$$_",(3,28..31));
+#
+# The return value is placed in $a0. Following coding rules facilitate
+# interoperability:
+#
+# - never ever touch $tp, "thread pointer", former $gp;
+# - copy return value to $t0, former $v0 [or to $a0 if you're adapting
+# old code];
+# - on O32 populate $a4-$a7 with 'lw $aN,4*N($sp)' if necessary;
+#
+# For reference here is register layout for N32/64 MIPS ABIs:
+#
+# ($zero,$at,$v0,$v1)=map("\$$_",(0..3));
+# ($a0,$a1,$a2,$a3,$a4,$a5,$a6,$a7)=map("\$$_",(4..11));
+# ($t0,$t1,$t2,$t3,$t8,$t9)=map("\$$_",(12..15,24,25));
+# ($s0,$s1,$s2,$s3,$s4,$s5,$s6,$s7)=map("\$$_",(16..23));
+# ($gp,$sp,$fp,$ra)=map("\$$_",(28..31));
+#
+$flavour = shift; # supported flavours are o32,n32,64,nubi32,nubi64
+
+if ($flavour =~ /64|n32/i) {
+ $PTR_ADD="dadd"; # incidentally works even on n32
+ $PTR_SUB="dsub"; # incidentally works even on n32
+ $REG_S="sd";
+ $REG_L="ld";
+ $SZREG=8;
+} else {
+ $PTR_ADD="add";
+ $PTR_SUB="sub";
+ $REG_S="sw";
+ $REG_L="lw";
+ $SZREG=4;
+}
+$SAVED_REGS_MASK = ($flavour =~ /nubi/i) ? 0x00fff000 : 0x00ff0000;
+#
+# <appro at openssl.org>
+#
+######################################################################
+
+while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
+open STDOUT,">$output";
+
+if ($flavour =~ /64|n32/i) {
+ $LD="ld";
+ $ST="sd";
+ $MULTU="dmultu";
+ $ADDU="daddu";
+ $SUBU="dsubu";
+ $BNSZ=8;
+} else {
+ $LD="lw";
+ $ST="sw";
+ $MULTU="multu";
+ $ADDU="addu";
+ $SUBU="subu";
+ $BNSZ=4;
+}
+
+# int bn_mul_mont(
+$rp=$a0; # BN_ULONG *rp,
+$ap=$a1; # const BN_ULONG *ap,
+$bp=$a2; # const BN_ULONG *bp,
+$np=$a3; # const BN_ULONG *np,
+$n0=$a4; # const BN_ULONG *n0,
+$num=$a5; # int num);
+
+$lo0=$a6;
+$hi0=$a7;
+$lo1=$t1;
+$hi1=$t2;
+$aj=$s0;
+$bi=$s1;
+$nj=$s2;
+$tp=$s3;
+$alo=$s4;
+$ahi=$s5;
+$nlo=$s6;
+$nhi=$s7;
+$tj=$s8;
+$i=$s9;
+$j=$s10;
+$m1=$s11;
+
+$FRAMESIZE=14;
+
+$code=<<___;
+.text
+
+.set noat
+.set noreorder
+
+.align 5
+.globl bn_mul_mont
+.ent bn_mul_mont
+bn_mul_mont:
+___
+$code.=<<___ if ($flavour =~ /o32/i);
+ lw $n0,16($sp)
+ lw $num,20($sp)
+___
+$code.=<<___;
+ slt $at,$num,4
+ bnez $at,1f
+ li $t0,0
+ slt $at,$num,17 # on in-order CPU
+ bnez $at,bn_mul_mont_internal
+ nop
+1: jr $ra
+ li $a0,0
+.end bn_mul_mont
+
+.align 5
+.ent bn_mul_mont_internal
+bn_mul_mont_internal:
+ .frame $fp,$FRAMESIZE*$SZREG,$ra
+ .mask 0x40000000|$SAVED_REGS_MASK,-$SZREG
+ $PTR_SUB $sp,$FRAMESIZE*$SZREG
+ $REG_S $fp,($FRAMESIZE-1)*$SZREG($sp)
+ $REG_S $s11,($FRAMESIZE-2)*$SZREG($sp)
+ $REG_S $s10,($FRAMESIZE-3)*$SZREG($sp)
+ $REG_S $s9,($FRAMESIZE-4)*$SZREG($sp)
+ $REG_S $s8,($FRAMESIZE-5)*$SZREG($sp)
+ $REG_S $s7,($FRAMESIZE-6)*$SZREG($sp)
+ $REG_S $s6,($FRAMESIZE-7)*$SZREG($sp)
+ $REG_S $s5,($FRAMESIZE-8)*$SZREG($sp)
+ $REG_S $s4,($FRAMESIZE-9)*$SZREG($sp)
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+ $REG_S $s3,($FRAMESIZE-10)*$SZREG($sp)
+ $REG_S $s2,($FRAMESIZE-11)*$SZREG($sp)
+ $REG_S $s1,($FRAMESIZE-12)*$SZREG($sp)
+ $REG_S $s0,($FRAMESIZE-13)*$SZREG($sp)
+___
+$code.=<<___;
+ move $fp,$sp
+
+ .set reorder
+ $LD $n0,0($n0)
+ $LD $bi,0($bp) # bp[0]
+ $LD $aj,0($ap) # ap[0]
+ $LD $nj,0($np) # np[0]
+
+ $PTR_SUB $sp,2*$BNSZ # place for two extra words
+ sll $num,`log($BNSZ)/log(2)`
+ li $at,-4096
+ $PTR_SUB $sp,$num
+ and $sp,$at
+
+ $MULTU $aj,$bi
+ $LD $alo,$BNSZ($ap)
+ $LD $nlo,$BNSZ($np)
+ mflo $lo0
+ mfhi $hi0
+ $MULTU $lo0,$n0
+ mflo $m1
+
+ $MULTU $alo,$bi
+ mflo $alo
+ mfhi $ahi
+
+ $MULTU $nj,$m1
+ mflo $lo1
+ mfhi $hi1
+ $MULTU $nlo,$m1
+ $ADDU $lo1,$lo0
+ sltu $at,$lo1,$lo0
+ $ADDU $hi1,$at
+ mflo $nlo
+ mfhi $nhi
+
+ move $tp,$sp
+ li $j,2*$BNSZ
+.align 4
+.L1st:
+ .set noreorder
+ $PTR_ADD $aj,$ap,$j
+ $PTR_ADD $nj,$np,$j
+ $LD $aj,($aj)
+ $LD $nj,($nj)
+
+ $MULTU $aj,$bi
+ $ADDU $lo0,$alo,$hi0
+ $ADDU $lo1,$nlo,$hi1
+ sltu $at,$lo0,$hi0
+ sltu $t0,$lo1,$hi1
+ $ADDU $hi0,$ahi,$at
+ $ADDU $hi1,$nhi,$t0
+ mflo $alo
+ mfhi $ahi
+
+ $ADDU $lo1,$lo0
+ sltu $at,$lo1,$lo0
+ $MULTU $nj,$m1
+ $ADDU $hi1,$at
+ addu $j,$BNSZ
+ $ST $lo1,($tp)
+ sltu $t0,$j,$num
+ mflo $nlo
+ mfhi $nhi
+
+ bnez $t0,.L1st
+ $PTR_ADD $tp,$BNSZ
+ .set reorder
+
+ $ADDU $lo0,$alo,$hi0
+ sltu $at,$lo0,$hi0
+ $ADDU $hi0,$ahi,$at
+
+ $ADDU $lo1,$nlo,$hi1
+ sltu $t0,$lo1,$hi1
+ $ADDU $hi1,$nhi,$t0
+ $ADDU $lo1,$lo0
+ sltu $at,$lo1,$lo0
+ $ADDU $hi1,$at
+
+ $ST $lo1,($tp)
+
+ $ADDU $hi1,$hi0
+ sltu $at,$hi1,$hi0
+ $ST $hi1,$BNSZ($tp)
+ $ST $at,2*$BNSZ($tp)
+
+ li $i,$BNSZ
+.align 4
+.Louter:
+ $PTR_ADD $bi,$bp,$i
+ $LD $bi,($bi)
+ $LD $aj,($ap)
+ $LD $alo,$BNSZ($ap)
+ $LD $tj,($sp)
+
+ $MULTU $aj,$bi
+ $LD $nj,($np)
+ $LD $nlo,$BNSZ($np)
+ mflo $lo0
+ mfhi $hi0
+ $ADDU $lo0,$tj
+ $MULTU $lo0,$n0
+ sltu $at,$lo0,$tj
+ $ADDU $hi0,$at
+ mflo $m1
+
+ $MULTU $alo,$bi
+ mflo $alo
+ mfhi $ahi
+
+ $MULTU $nj,$m1
+ mflo $lo1
+ mfhi $hi1
+
+ $MULTU $nlo,$m1
+ $ADDU $lo1,$lo0
+ sltu $at,$lo1,$lo0
+ $ADDU $hi1,$at
+ mflo $nlo
+ mfhi $nhi
+
+ move $tp,$sp
+ li $j,2*$BNSZ
+ $LD $tj,$BNSZ($tp)
+.align 4
+.Linner:
+ .set noreorder
+ $PTR_ADD $aj,$ap,$j
+ $PTR_ADD $nj,$np,$j
+ $LD $aj,($aj)
+ $LD $nj,($nj)
+
+ $MULTU $aj,$bi
+ $ADDU $lo0,$alo,$hi0
+ $ADDU $lo1,$nlo,$hi1
+ sltu $at,$lo0,$hi0
+ sltu $t0,$lo1,$hi1
+ $ADDU $hi0,$ahi,$at
+ $ADDU $hi1,$nhi,$t0
+ mflo $alo
+ mfhi $ahi
+
+ $ADDU $lo0,$tj
+ addu $j,$BNSZ
+ $MULTU $nj,$m1
+ sltu $at,$lo0,$tj
+ $ADDU $lo1,$lo0
+ $ADDU $hi0,$at
+ sltu $t0,$lo1,$lo0
+ $LD $tj,2*$BNSZ($tp)
+ $ADDU $hi1,$t0
+ sltu $at,$j,$num
+ mflo $nlo
+ mfhi $nhi
+ $ST $lo1,($tp)
+ bnez $at,.Linner
+ $PTR_ADD $tp,$BNSZ
+ .set reorder
+
+ $ADDU $lo0,$alo,$hi0
+ sltu $at,$lo0,$hi0
+ $ADDU $hi0,$ahi,$at
+ $ADDU $lo0,$tj
+ sltu $t0,$lo0,$tj
+ $ADDU $hi0,$t0
+
+ $LD $tj,2*$BNSZ($tp)
+ $ADDU $lo1,$nlo,$hi1
+ sltu $at,$lo1,$hi1
+ $ADDU $hi1,$nhi,$at
+ $ADDU $lo1,$lo0
+ sltu $t0,$lo1,$lo0
+ $ADDU $hi1,$t0
+ $ST $lo1,($tp)
+
+ $ADDU $lo1,$hi1,$hi0
+ sltu $hi1,$lo1,$hi0
+ $ADDU $lo1,$tj
+ sltu $at,$lo1,$tj
+ $ADDU $hi1,$at
+ $ST $lo1,$BNSZ($tp)
+ $ST $hi1,2*$BNSZ($tp)
+
+ addu $i,$BNSZ
+ sltu $t0,$i,$num
+ bnez $t0,.Louter
+
+ .set noreorder
+ $PTR_ADD $tj,$sp,$num # &tp[num]
+ move $tp,$sp
+ move $ap,$sp
+ li $hi0,0 # clear borrow bit
+
+.align 4
+.Lsub: $LD $lo0,($tp)
+ $LD $lo1,($np)
+ $PTR_ADD $tp,$BNSZ
+ $PTR_ADD $np,$BNSZ
+ $SUBU $lo1,$lo0,$lo1 # tp[i]-np[i]
+ sgtu $at,$lo1,$lo0
+ $SUBU $lo0,$lo1,$hi0
+ sgtu $hi0,$lo0,$lo1
+ $ST $lo0,($rp)
+ or $hi0,$at
+ sltu $at,$tp,$tj
+ bnez $at,.Lsub
+ $PTR_ADD $rp,$BNSZ
+
+ $SUBU $hi0,$hi1,$hi0 # handle upmost overflow bit
+ move $tp,$sp
+ $PTR_SUB $rp,$num # restore rp
+ not $hi1,$hi0
+
+ and $ap,$hi0,$sp
+ and $bp,$hi1,$rp
+ or $ap,$ap,$bp # ap=borrow?tp:rp
+
+.align 4
+.Lcopy: $LD $aj,($ap)
+ $PTR_ADD $ap,$BNSZ
+ $ST $zero,($tp)
+ $PTR_ADD $tp,$BNSZ
+ sltu $at,$tp,$tj
+ $ST $aj,($rp)
+ bnez $at,.Lcopy
+ $PTR_ADD $rp,$BNSZ
+
+ li $a0,1
+ li $t0,1
+
+ .set noreorder
+ move $sp,$fp
+ $REG_L $fp,($FRAMESIZE-1)*$SZREG($sp)
+ $REG_L $s11,($FRAMESIZE-2)*$SZREG($sp)
+ $REG_L $s10,($FRAMESIZE-3)*$SZREG($sp)
+ $REG_L $s9,($FRAMESIZE-4)*$SZREG($sp)
+ $REG_L $s8,($FRAMESIZE-5)*$SZREG($sp)
+ $REG_L $s7,($FRAMESIZE-6)*$SZREG($sp)
+ $REG_L $s6,($FRAMESIZE-7)*$SZREG($sp)
+ $REG_L $s5,($FRAMESIZE-8)*$SZREG($sp)
+ $REG_L $s4,($FRAMESIZE-9)*$SZREG($sp)
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+ $REG_L $s3,($FRAMESIZE-10)*$SZREG($sp)
+ $REG_L $s2,($FRAMESIZE-11)*$SZREG($sp)
+ $REG_L $s1,($FRAMESIZE-12)*$SZREG($sp)
+ $REG_L $s0,($FRAMESIZE-13)*$SZREG($sp)
+___
+$code.=<<___;
+ jr $ra
+ $PTR_ADD $sp,$FRAMESIZE*$SZREG
+.end bn_mul_mont_internal
+.rdata
+.asciiz "Montgomery Multiplication for MIPS, CRYPTOGAMS by <appro\@openssl.org>"
+___
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+
+print $code;
+close STDOUT;
Copied: trunk/crypto/openssl/crypto/bn/asm/mips.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/bn/asm/mips.pl)
===================================================================
--- trunk/crypto/openssl/crypto/bn/asm/mips.pl (rev 0)
+++ trunk/crypto/openssl/crypto/bn/asm/mips.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,2234 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+# project.
+#
+# Rights for redistribution and usage in source and binary forms are
+# granted according to the OpenSSL license. Warranty of any kind is
+# disclaimed.
+# ====================================================================
+
+
+# July 1999
+#
+# This is drop-in MIPS III/IV ISA replacement for crypto/bn/bn_asm.c.
+#
+# The module is designed to work with either of the "new" MIPS ABI(5),
+# namely N32 or N64, offered by IRIX 6.x. It's not ment to work under
+# IRIX 5.x not only because it doesn't support new ABIs but also
+# because 5.x kernels put R4x00 CPU into 32-bit mode and all those
+# 64-bit instructions (daddu, dmultu, etc.) found below gonna only
+# cause illegal instruction exception:-(
+#
+# In addition the code depends on preprocessor flags set up by MIPSpro
+# compiler driver (either as or cc) and therefore (probably?) can't be
+# compiled by the GNU assembler. GNU C driver manages fine though...
+# I mean as long as -mmips-as is specified or is the default option,
+# because then it simply invokes /usr/bin/as which in turn takes
+# perfect care of the preprocessor definitions. Another neat feature
+# offered by the MIPSpro assembler is an optimization pass. This gave
+# me the opportunity to have the code looking more regular as all those
+# architecture dependent instruction rescheduling details were left to
+# the assembler. Cool, huh?
+#
+# Performance improvement is astonishing! 'apps/openssl speed rsa dsa'
+# goes way over 3 times faster!
+#
+# <appro at fy.chalmers.se>
+
+# October 2010
+#
+# Adapt the module even for 32-bit ABIs and other OSes. The former was
+# achieved by mechanical replacement of 64-bit arithmetic instructions
+# such as dmultu, daddu, etc. with their 32-bit counterparts and
+# adjusting offsets denoting multiples of BN_ULONG. Above mentioned
+# >3x performance improvement naturally does not apply to 32-bit code
+# [because there is no instruction 32-bit compiler can't use], one
+# has to content with 40-85% improvement depending on benchmark and
+# key length, more for longer keys.
+
+$flavour = shift;
+while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
+open STDOUT,">$output";
+
+if ($flavour =~ /64|n32/i) {
+ $LD="ld";
+ $ST="sd";
+ $MULTU="dmultu";
+ $DIVU="ddivu";
+ $ADDU="daddu";
+ $SUBU="dsubu";
+ $SRL="dsrl";
+ $SLL="dsll";
+ $BNSZ=8;
+ $PTR_ADD="daddu";
+ $PTR_SUB="dsubu";
+ $SZREG=8;
+ $REG_S="sd";
+ $REG_L="ld";
+} else {
+ $LD="lw";
+ $ST="sw";
+ $MULTU="multu";
+ $DIVU="divu";
+ $ADDU="addu";
+ $SUBU="subu";
+ $SRL="srl";
+ $SLL="sll";
+ $BNSZ=4;
+ $PTR_ADD="addu";
+ $PTR_SUB="subu";
+ $SZREG=4;
+ $REG_S="sw";
+ $REG_L="lw";
+ $code=".set mips2\n";
+}
+
+# Below is N32/64 register layout used in the original module.
+#
+($zero,$at,$v0,$v1)=map("\$$_",(0..3));
+($a0,$a1,$a2,$a3,$a4,$a5,$a6,$a7)=map("\$$_",(4..11));
+($t0,$t1,$t2,$t3,$t8,$t9)=map("\$$_",(12..15,24,25));
+($s0,$s1,$s2,$s3,$s4,$s5,$s6,$s7)=map("\$$_",(16..23));
+($gp,$sp,$fp,$ra)=map("\$$_",(28..31));
+($ta0,$ta1,$ta2,$ta3)=($a4,$a5,$a6,$a7);
+#
+# No special adaptation is required for O32. NUBI on the other hand
+# is treated by saving/restoring ($v1,$t0..$t3).
+
+$gp=$v1 if ($flavour =~ /nubi/i);
+
+$minus4=$v1;
+
+$code.=<<___;
+.rdata
+.asciiz "mips3.s, Version 1.2"
+.asciiz "MIPS II/III/IV ISA artwork by Andy Polyakov <appro\@fy.chalmers.se>"
+
+.text
+.set noat
+
+.align 5
+.globl bn_mul_add_words
+.ent bn_mul_add_words
+bn_mul_add_words:
+ .set noreorder
+ bgtz $a2,bn_mul_add_words_internal
+ move $v0,$zero
+ jr $ra
+ move $a0,$v0
+.end bn_mul_add_words
+
+.align 5
+.ent bn_mul_add_words_internal
+bn_mul_add_words_internal:
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+ .frame $sp,6*$SZREG,$ra
+ .mask 0x8000f008,-$SZREG
+ .set noreorder
+ $PTR_SUB $sp,6*$SZREG
+ $REG_S $ra,5*$SZREG($sp)
+ $REG_S $t3,4*$SZREG($sp)
+ $REG_S $t2,3*$SZREG($sp)
+ $REG_S $t1,2*$SZREG($sp)
+ $REG_S $t0,1*$SZREG($sp)
+ $REG_S $gp,0*$SZREG($sp)
+___
+$code.=<<___;
+ .set reorder
+ li $minus4,-4
+ and $ta0,$a2,$minus4
+ beqz $ta0,.L_bn_mul_add_words_tail
+
+.L_bn_mul_add_words_loop:
+ $LD $t0,0($a1)
+ $MULTU $t0,$a3
+ $LD $t1,0($a0)
+ $LD $t2,$BNSZ($a1)
+ $LD $t3,$BNSZ($a0)
+ $LD $ta0,2*$BNSZ($a1)
+ $LD $ta1,2*$BNSZ($a0)
+ $ADDU $t1,$v0
+ sltu $v0,$t1,$v0 # All manuals say it "compares 32-bit
+ # values", but it seems to work fine
+ # even on 64-bit registers.
+ mflo $at
+ mfhi $t0
+ $ADDU $t1,$at
+ $ADDU $v0,$t0
+ $MULTU $t2,$a3
+ sltu $at,$t1,$at
+ $ST $t1,0($a0)
+ $ADDU $v0,$at
+
+ $LD $ta2,3*$BNSZ($a1)
+ $LD $ta3,3*$BNSZ($a0)
+ $ADDU $t3,$v0
+ sltu $v0,$t3,$v0
+ mflo $at
+ mfhi $t2
+ $ADDU $t3,$at
+ $ADDU $v0,$t2
+ $MULTU $ta0,$a3
+ sltu $at,$t3,$at
+ $ST $t3,$BNSZ($a0)
+ $ADDU $v0,$at
+
+ subu $a2,4
+ $PTR_ADD $a0,4*$BNSZ
+ $PTR_ADD $a1,4*$BNSZ
+ $ADDU $ta1,$v0
+ sltu $v0,$ta1,$v0
+ mflo $at
+ mfhi $ta0
+ $ADDU $ta1,$at
+ $ADDU $v0,$ta0
+ $MULTU $ta2,$a3
+ sltu $at,$ta1,$at
+ $ST $ta1,-2*$BNSZ($a0)
+ $ADDU $v0,$at
+
+
+ and $ta0,$a2,$minus4
+ $ADDU $ta3,$v0
+ sltu $v0,$ta3,$v0
+ mflo $at
+ mfhi $ta2
+ $ADDU $ta3,$at
+ $ADDU $v0,$ta2
+ sltu $at,$ta3,$at
+ $ST $ta3,-$BNSZ($a0)
+ .set noreorder
+ bgtz $ta0,.L_bn_mul_add_words_loop
+ $ADDU $v0,$at
+
+ beqz $a2,.L_bn_mul_add_words_return
+ nop
+
+.L_bn_mul_add_words_tail:
+ .set reorder
+ $LD $t0,0($a1)
+ $MULTU $t0,$a3
+ $LD $t1,0($a0)
+ subu $a2,1
+ $ADDU $t1,$v0
+ sltu $v0,$t1,$v0
+ mflo $at
+ mfhi $t0
+ $ADDU $t1,$at
+ $ADDU $v0,$t0
+ sltu $at,$t1,$at
+ $ST $t1,0($a0)
+ $ADDU $v0,$at
+ beqz $a2,.L_bn_mul_add_words_return
+
+ $LD $t0,$BNSZ($a1)
+ $MULTU $t0,$a3
+ $LD $t1,$BNSZ($a0)
+ subu $a2,1
+ $ADDU $t1,$v0
+ sltu $v0,$t1,$v0
+ mflo $at
+ mfhi $t0
+ $ADDU $t1,$at
+ $ADDU $v0,$t0
+ sltu $at,$t1,$at
+ $ST $t1,$BNSZ($a0)
+ $ADDU $v0,$at
+ beqz $a2,.L_bn_mul_add_words_return
+
+ $LD $t0,2*$BNSZ($a1)
+ $MULTU $t0,$a3
+ $LD $t1,2*$BNSZ($a0)
+ $ADDU $t1,$v0
+ sltu $v0,$t1,$v0
+ mflo $at
+ mfhi $t0
+ $ADDU $t1,$at
+ $ADDU $v0,$t0
+ sltu $at,$t1,$at
+ $ST $t1,2*$BNSZ($a0)
+ $ADDU $v0,$at
+
+.L_bn_mul_add_words_return:
+ .set noreorder
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+ $REG_L $t3,4*$SZREG($sp)
+ $REG_L $t2,3*$SZREG($sp)
+ $REG_L $t1,2*$SZREG($sp)
+ $REG_L $t0,1*$SZREG($sp)
+ $REG_L $gp,0*$SZREG($sp)
+ $PTR_ADD $sp,6*$SZREG
+___
+$code.=<<___;
+ jr $ra
+ move $a0,$v0
+.end bn_mul_add_words_internal
+
+.align 5
+.globl bn_mul_words
+.ent bn_mul_words
+bn_mul_words:
+ .set noreorder
+ bgtz $a2,bn_mul_words_internal
+ move $v0,$zero
+ jr $ra
+ move $a0,$v0
+.end bn_mul_words
+
+.align 5
+.ent bn_mul_words_internal
+bn_mul_words_internal:
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+ .frame $sp,6*$SZREG,$ra
+ .mask 0x8000f008,-$SZREG
+ .set noreorder
+ $PTR_SUB $sp,6*$SZREG
+ $REG_S $ra,5*$SZREG($sp)
+ $REG_S $t3,4*$SZREG($sp)
+ $REG_S $t2,3*$SZREG($sp)
+ $REG_S $t1,2*$SZREG($sp)
+ $REG_S $t0,1*$SZREG($sp)
+ $REG_S $gp,0*$SZREG($sp)
+___
+$code.=<<___;
+ .set reorder
+ li $minus4,-4
+ and $ta0,$a2,$minus4
+ beqz $ta0,.L_bn_mul_words_tail
+
+.L_bn_mul_words_loop:
+ $LD $t0,0($a1)
+ $MULTU $t0,$a3
+ $LD $t2,$BNSZ($a1)
+ $LD $ta0,2*$BNSZ($a1)
+ $LD $ta2,3*$BNSZ($a1)
+ mflo $at
+ mfhi $t0
+ $ADDU $v0,$at
+ sltu $t1,$v0,$at
+ $MULTU $t2,$a3
+ $ST $v0,0($a0)
+ $ADDU $v0,$t1,$t0
+
+ subu $a2,4
+ $PTR_ADD $a0,4*$BNSZ
+ $PTR_ADD $a1,4*$BNSZ
+ mflo $at
+ mfhi $t2
+ $ADDU $v0,$at
+ sltu $t3,$v0,$at
+ $MULTU $ta0,$a3
+ $ST $v0,-3*$BNSZ($a0)
+ $ADDU $v0,$t3,$t2
+
+ mflo $at
+ mfhi $ta0
+ $ADDU $v0,$at
+ sltu $ta1,$v0,$at
+ $MULTU $ta2,$a3
+ $ST $v0,-2*$BNSZ($a0)
+ $ADDU $v0,$ta1,$ta0
+
+ and $ta0,$a2,$minus4
+ mflo $at
+ mfhi $ta2
+ $ADDU $v0,$at
+ sltu $ta3,$v0,$at
+ $ST $v0,-$BNSZ($a0)
+ .set noreorder
+ bgtz $ta0,.L_bn_mul_words_loop
+ $ADDU $v0,$ta3,$ta2
+
+ beqz $a2,.L_bn_mul_words_return
+ nop
+
+.L_bn_mul_words_tail:
+ .set reorder
+ $LD $t0,0($a1)
+ $MULTU $t0,$a3
+ subu $a2,1
+ mflo $at
+ mfhi $t0
+ $ADDU $v0,$at
+ sltu $t1,$v0,$at
+ $ST $v0,0($a0)
+ $ADDU $v0,$t1,$t0
+ beqz $a2,.L_bn_mul_words_return
+
+ $LD $t0,$BNSZ($a1)
+ $MULTU $t0,$a3
+ subu $a2,1
+ mflo $at
+ mfhi $t0
+ $ADDU $v0,$at
+ sltu $t1,$v0,$at
+ $ST $v0,$BNSZ($a0)
+ $ADDU $v0,$t1,$t0
+ beqz $a2,.L_bn_mul_words_return
+
+ $LD $t0,2*$BNSZ($a1)
+ $MULTU $t0,$a3
+ mflo $at
+ mfhi $t0
+ $ADDU $v0,$at
+ sltu $t1,$v0,$at
+ $ST $v0,2*$BNSZ($a0)
+ $ADDU $v0,$t1,$t0
+
+.L_bn_mul_words_return:
+ .set noreorder
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+ $REG_L $t3,4*$SZREG($sp)
+ $REG_L $t2,3*$SZREG($sp)
+ $REG_L $t1,2*$SZREG($sp)
+ $REG_L $t0,1*$SZREG($sp)
+ $REG_L $gp,0*$SZREG($sp)
+ $PTR_ADD $sp,6*$SZREG
+___
+$code.=<<___;
+ jr $ra
+ move $a0,$v0
+.end bn_mul_words_internal
+
+.align 5
+.globl bn_sqr_words
+.ent bn_sqr_words
+bn_sqr_words:
+ .set noreorder
+ bgtz $a2,bn_sqr_words_internal
+ move $v0,$zero
+ jr $ra
+ move $a0,$v0
+.end bn_sqr_words
+
+.align 5
+.ent bn_sqr_words_internal
+bn_sqr_words_internal:
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+ .frame $sp,6*$SZREG,$ra
+ .mask 0x8000f008,-$SZREG
+ .set noreorder
+ $PTR_SUB $sp,6*$SZREG
+ $REG_S $ra,5*$SZREG($sp)
+ $REG_S $t3,4*$SZREG($sp)
+ $REG_S $t2,3*$SZREG($sp)
+ $REG_S $t1,2*$SZREG($sp)
+ $REG_S $t0,1*$SZREG($sp)
+ $REG_S $gp,0*$SZREG($sp)
+___
+$code.=<<___;
+ .set reorder
+ li $minus4,-4
+ and $ta0,$a2,$minus4
+ beqz $ta0,.L_bn_sqr_words_tail
+
+.L_bn_sqr_words_loop:
+ $LD $t0,0($a1)
+ $MULTU $t0,$t0
+ $LD $t2,$BNSZ($a1)
+ $LD $ta0,2*$BNSZ($a1)
+ $LD $ta2,3*$BNSZ($a1)
+ mflo $t1
+ mfhi $t0
+ $ST $t1,0($a0)
+ $ST $t0,$BNSZ($a0)
+
+ $MULTU $t2,$t2
+ subu $a2,4
+ $PTR_ADD $a0,8*$BNSZ
+ $PTR_ADD $a1,4*$BNSZ
+ mflo $t3
+ mfhi $t2
+ $ST $t3,-6*$BNSZ($a0)
+ $ST $t2,-5*$BNSZ($a0)
+
+ $MULTU $ta0,$ta0
+ mflo $ta1
+ mfhi $ta0
+ $ST $ta1,-4*$BNSZ($a0)
+ $ST $ta0,-3*$BNSZ($a0)
+
+
+ $MULTU $ta2,$ta2
+ and $ta0,$a2,$minus4
+ mflo $ta3
+ mfhi $ta2
+ $ST $ta3,-2*$BNSZ($a0)
+
+ .set noreorder
+ bgtz $ta0,.L_bn_sqr_words_loop
+ $ST $ta2,-$BNSZ($a0)
+
+ beqz $a2,.L_bn_sqr_words_return
+ nop
+
+.L_bn_sqr_words_tail:
+ .set reorder
+ $LD $t0,0($a1)
+ $MULTU $t0,$t0
+ subu $a2,1
+ mflo $t1
+ mfhi $t0
+ $ST $t1,0($a0)
+ $ST $t0,$BNSZ($a0)
+ beqz $a2,.L_bn_sqr_words_return
+
+ $LD $t0,$BNSZ($a1)
+ $MULTU $t0,$t0
+ subu $a2,1
+ mflo $t1
+ mfhi $t0
+ $ST $t1,2*$BNSZ($a0)
+ $ST $t0,3*$BNSZ($a0)
+ beqz $a2,.L_bn_sqr_words_return
+
+ $LD $t0,2*$BNSZ($a1)
+ $MULTU $t0,$t0
+ mflo $t1
+ mfhi $t0
+ $ST $t1,4*$BNSZ($a0)
+ $ST $t0,5*$BNSZ($a0)
+
+.L_bn_sqr_words_return:
+ .set noreorder
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+ $REG_L $t3,4*$SZREG($sp)
+ $REG_L $t2,3*$SZREG($sp)
+ $REG_L $t1,2*$SZREG($sp)
+ $REG_L $t0,1*$SZREG($sp)
+ $REG_L $gp,0*$SZREG($sp)
+ $PTR_ADD $sp,6*$SZREG
+___
+$code.=<<___;
+ jr $ra
+ move $a0,$v0
+
+.end bn_sqr_words_internal
+
+.align 5
+.globl bn_add_words
+.ent bn_add_words
+bn_add_words:
+ .set noreorder
+ bgtz $a3,bn_add_words_internal
+ move $v0,$zero
+ jr $ra
+ move $a0,$v0
+.end bn_add_words
+
+.align 5
+.ent bn_add_words_internal
+bn_add_words_internal:
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+ .frame $sp,6*$SZREG,$ra
+ .mask 0x8000f008,-$SZREG
+ .set noreorder
+ $PTR_SUB $sp,6*$SZREG
+ $REG_S $ra,5*$SZREG($sp)
+ $REG_S $t3,4*$SZREG($sp)
+ $REG_S $t2,3*$SZREG($sp)
+ $REG_S $t1,2*$SZREG($sp)
+ $REG_S $t0,1*$SZREG($sp)
+ $REG_S $gp,0*$SZREG($sp)
+___
+$code.=<<___;
+ .set reorder
+ li $minus4,-4
+ and $at,$a3,$minus4
+ beqz $at,.L_bn_add_words_tail
+
+.L_bn_add_words_loop:
+ $LD $t0,0($a1)
+ $LD $ta0,0($a2)
+ subu $a3,4
+ $LD $t1,$BNSZ($a1)
+ and $at,$a3,$minus4
+ $LD $t2,2*$BNSZ($a1)
+ $PTR_ADD $a2,4*$BNSZ
+ $LD $t3,3*$BNSZ($a1)
+ $PTR_ADD $a0,4*$BNSZ
+ $LD $ta1,-3*$BNSZ($a2)
+ $PTR_ADD $a1,4*$BNSZ
+ $LD $ta2,-2*$BNSZ($a2)
+ $LD $ta3,-$BNSZ($a2)
+ $ADDU $ta0,$t0
+ sltu $t8,$ta0,$t0
+ $ADDU $t0,$ta0,$v0
+ sltu $v0,$t0,$ta0
+ $ST $t0,-4*$BNSZ($a0)
+ $ADDU $v0,$t8
+
+ $ADDU $ta1,$t1
+ sltu $t9,$ta1,$t1
+ $ADDU $t1,$ta1,$v0
+ sltu $v0,$t1,$ta1
+ $ST $t1,-3*$BNSZ($a0)
+ $ADDU $v0,$t9
+
+ $ADDU $ta2,$t2
+ sltu $t8,$ta2,$t2
+ $ADDU $t2,$ta2,$v0
+ sltu $v0,$t2,$ta2
+ $ST $t2,-2*$BNSZ($a0)
+ $ADDU $v0,$t8
+
+ $ADDU $ta3,$t3
+ sltu $t9,$ta3,$t3
+ $ADDU $t3,$ta3,$v0
+ sltu $v0,$t3,$ta3
+ $ST $t3,-$BNSZ($a0)
+
+ .set noreorder
+ bgtz $at,.L_bn_add_words_loop
+ $ADDU $v0,$t9
+
+ beqz $a3,.L_bn_add_words_return
+ nop
+
+.L_bn_add_words_tail:
+ .set reorder
+ $LD $t0,0($a1)
+ $LD $ta0,0($a2)
+ $ADDU $ta0,$t0
+ subu $a3,1
+ sltu $t8,$ta0,$t0
+ $ADDU $t0,$ta0,$v0
+ sltu $v0,$t0,$ta0
+ $ST $t0,0($a0)
+ $ADDU $v0,$t8
+ beqz $a3,.L_bn_add_words_return
+
+ $LD $t1,$BNSZ($a1)
+ $LD $ta1,$BNSZ($a2)
+ $ADDU $ta1,$t1
+ subu $a3,1
+ sltu $t9,$ta1,$t1
+ $ADDU $t1,$ta1,$v0
+ sltu $v0,$t1,$ta1
+ $ST $t1,$BNSZ($a0)
+ $ADDU $v0,$t9
+ beqz $a3,.L_bn_add_words_return
+
+ $LD $t2,2*$BNSZ($a1)
+ $LD $ta2,2*$BNSZ($a2)
+ $ADDU $ta2,$t2
+ sltu $t8,$ta2,$t2
+ $ADDU $t2,$ta2,$v0
+ sltu $v0,$t2,$ta2
+ $ST $t2,2*$BNSZ($a0)
+ $ADDU $v0,$t8
+
+.L_bn_add_words_return:
+ .set noreorder
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+ $REG_L $t3,4*$SZREG($sp)
+ $REG_L $t2,3*$SZREG($sp)
+ $REG_L $t1,2*$SZREG($sp)
+ $REG_L $t0,1*$SZREG($sp)
+ $REG_L $gp,0*$SZREG($sp)
+ $PTR_ADD $sp,6*$SZREG
+___
+$code.=<<___;
+ jr $ra
+ move $a0,$v0
+
+.end bn_add_words_internal
+
+.align 5
+.globl bn_sub_words
+.ent bn_sub_words
+bn_sub_words:
+ .set noreorder
+ bgtz $a3,bn_sub_words_internal
+ move $v0,$zero
+ jr $ra
+ move $a0,$zero
+.end bn_sub_words
+
+.align 5
+.ent bn_sub_words_internal
+bn_sub_words_internal:
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+ .frame $sp,6*$SZREG,$ra
+ .mask 0x8000f008,-$SZREG
+ .set noreorder
+ $PTR_SUB $sp,6*$SZREG
+ $REG_S $ra,5*$SZREG($sp)
+ $REG_S $t3,4*$SZREG($sp)
+ $REG_S $t2,3*$SZREG($sp)
+ $REG_S $t1,2*$SZREG($sp)
+ $REG_S $t0,1*$SZREG($sp)
+ $REG_S $gp,0*$SZREG($sp)
+___
+$code.=<<___;
+ .set reorder
+ li $minus4,-4
+ and $at,$a3,$minus4
+ beqz $at,.L_bn_sub_words_tail
+
+.L_bn_sub_words_loop:
+ $LD $t0,0($a1)
+ $LD $ta0,0($a2)
+ subu $a3,4
+ $LD $t1,$BNSZ($a1)
+ and $at,$a3,$minus4
+ $LD $t2,2*$BNSZ($a1)
+ $PTR_ADD $a2,4*$BNSZ
+ $LD $t3,3*$BNSZ($a1)
+ $PTR_ADD $a0,4*$BNSZ
+ $LD $ta1,-3*$BNSZ($a2)
+ $PTR_ADD $a1,4*$BNSZ
+ $LD $ta2,-2*$BNSZ($a2)
+ $LD $ta3,-$BNSZ($a2)
+ sltu $t8,$t0,$ta0
+ $SUBU $ta0,$t0,$ta0
+ $SUBU $t0,$ta0,$v0
+ sgtu $v0,$t0,$ta0
+ $ST $t0,-4*$BNSZ($a0)
+ $ADDU $v0,$t8
+
+ sltu $t9,$t1,$ta1
+ $SUBU $ta1,$t1,$ta1
+ $SUBU $t1,$ta1,$v0
+ sgtu $v0,$t1,$ta1
+ $ST $t1,-3*$BNSZ($a0)
+ $ADDU $v0,$t9
+
+
+ sltu $t8,$t2,$ta2
+ $SUBU $ta2,$t2,$ta2
+ $SUBU $t2,$ta2,$v0
+ sgtu $v0,$t2,$ta2
+ $ST $t2,-2*$BNSZ($a0)
+ $ADDU $v0,$t8
+
+ sltu $t9,$t3,$ta3
+ $SUBU $ta3,$t3,$ta3
+ $SUBU $t3,$ta3,$v0
+ sgtu $v0,$t3,$ta3
+ $ST $t3,-$BNSZ($a0)
+
+ .set noreorder
+ bgtz $at,.L_bn_sub_words_loop
+ $ADDU $v0,$t9
+
+ beqz $a3,.L_bn_sub_words_return
+ nop
+
+.L_bn_sub_words_tail:
+ .set reorder
+ $LD $t0,0($a1)
+ $LD $ta0,0($a2)
+ subu $a3,1
+ sltu $t8,$t0,$ta0
+ $SUBU $ta0,$t0,$ta0
+ $SUBU $t0,$ta0,$v0
+ sgtu $v0,$t0,$ta0
+ $ST $t0,0($a0)
+ $ADDU $v0,$t8
+ beqz $a3,.L_bn_sub_words_return
+
+ $LD $t1,$BNSZ($a1)
+ subu $a3,1
+ $LD $ta1,$BNSZ($a2)
+ sltu $t9,$t1,$ta1
+ $SUBU $ta1,$t1,$ta1
+ $SUBU $t1,$ta1,$v0
+ sgtu $v0,$t1,$ta1
+ $ST $t1,$BNSZ($a0)
+ $ADDU $v0,$t9
+ beqz $a3,.L_bn_sub_words_return
+
+ $LD $t2,2*$BNSZ($a1)
+ $LD $ta2,2*$BNSZ($a2)
+ sltu $t8,$t2,$ta2
+ $SUBU $ta2,$t2,$ta2
+ $SUBU $t2,$ta2,$v0
+ sgtu $v0,$t2,$ta2
+ $ST $t2,2*$BNSZ($a0)
+ $ADDU $v0,$t8
+
+.L_bn_sub_words_return:
+ .set noreorder
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+ $REG_L $t3,4*$SZREG($sp)
+ $REG_L $t2,3*$SZREG($sp)
+ $REG_L $t1,2*$SZREG($sp)
+ $REG_L $t0,1*$SZREG($sp)
+ $REG_L $gp,0*$SZREG($sp)
+ $PTR_ADD $sp,6*$SZREG
+___
+$code.=<<___;
+ jr $ra
+ move $a0,$v0
+.end bn_sub_words_internal
+
+.align 5
+.globl bn_div_3_words
+.ent bn_div_3_words
+bn_div_3_words:
+ .set noreorder
+ move $a3,$a0 # we know that bn_div_words does not
+ # touch $a3, $ta2, $ta3 and preserves $a2
+ # so that we can save two arguments
+ # and return address in registers
+ # instead of stack:-)
+
+ $LD $a0,($a3)
+ move $ta2,$a1
+ bne $a0,$a2,bn_div_3_words_internal
+ $LD $a1,-$BNSZ($a3)
+ li $v0,-1
+ jr $ra
+ move $a0,$v0
+.end bn_div_3_words
+
+.align 5
+.ent bn_div_3_words_internal
+bn_div_3_words_internal:
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+ .frame $sp,6*$SZREG,$ra
+ .mask 0x8000f008,-$SZREG
+ .set noreorder
+ $PTR_SUB $sp,6*$SZREG
+ $REG_S $ra,5*$SZREG($sp)
+ $REG_S $t3,4*$SZREG($sp)
+ $REG_S $t2,3*$SZREG($sp)
+ $REG_S $t1,2*$SZREG($sp)
+ $REG_S $t0,1*$SZREG($sp)
+ $REG_S $gp,0*$SZREG($sp)
+___
+$code.=<<___;
+ .set reorder
+ move $ta3,$ra
+ bal bn_div_words_internal
+ move $ra,$ta3
+ $MULTU $ta2,$v0
+ $LD $t2,-2*$BNSZ($a3)
+ move $ta0,$zero
+ mfhi $t1
+ mflo $t0
+ sltu $t8,$t1,$a1
+.L_bn_div_3_words_inner_loop:
+ bnez $t8,.L_bn_div_3_words_inner_loop_done
+ sgeu $at,$t2,$t0
+ seq $t9,$t1,$a1
+ and $at,$t9
+ sltu $t3,$t0,$ta2
+ $ADDU $a1,$a2
+ $SUBU $t1,$t3
+ $SUBU $t0,$ta2
+ sltu $t8,$t1,$a1
+ sltu $ta0,$a1,$a2
+ or $t8,$ta0
+ .set noreorder
+ beqz $at,.L_bn_div_3_words_inner_loop
+ $SUBU $v0,1
+ $ADDU $v0,1
+ .set reorder
+.L_bn_div_3_words_inner_loop_done:
+ .set noreorder
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+ $REG_L $t3,4*$SZREG($sp)
+ $REG_L $t2,3*$SZREG($sp)
+ $REG_L $t1,2*$SZREG($sp)
+ $REG_L $t0,1*$SZREG($sp)
+ $REG_L $gp,0*$SZREG($sp)
+ $PTR_ADD $sp,6*$SZREG
+___
+$code.=<<___;
+ jr $ra
+ move $a0,$v0
+.end bn_div_3_words_internal
+
+.align 5
+.globl bn_div_words
+.ent bn_div_words
+bn_div_words:
+ .set noreorder
+ bnez $a2,bn_div_words_internal
+ li $v0,-1 # I would rather signal div-by-zero
+ # which can be done with 'break 7'
+ jr $ra
+ move $a0,$v0
+.end bn_div_words
+
+.align 5
+.ent bn_div_words_internal
+bn_div_words_internal:
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+ .frame $sp,6*$SZREG,$ra
+ .mask 0x8000f008,-$SZREG
+ .set noreorder
+ $PTR_SUB $sp,6*$SZREG
+ $REG_S $ra,5*$SZREG($sp)
+ $REG_S $t3,4*$SZREG($sp)
+ $REG_S $t2,3*$SZREG($sp)
+ $REG_S $t1,2*$SZREG($sp)
+ $REG_S $t0,1*$SZREG($sp)
+ $REG_S $gp,0*$SZREG($sp)
+___
+$code.=<<___;
+ move $v1,$zero
+ bltz $a2,.L_bn_div_words_body
+ move $t9,$v1
+ $SLL $a2,1
+ bgtz $a2,.-4
+ addu $t9,1
+
+ .set reorder
+ negu $t1,$t9
+ li $t2,-1
+ $SLL $t2,$t1
+ and $t2,$a0
+ $SRL $at,$a1,$t1
+ .set noreorder
+ beqz $t2,.+12
+ nop
+ break 6 # signal overflow
+ .set reorder
+ $SLL $a0,$t9
+ $SLL $a1,$t9
+ or $a0,$at
+___
+$QT=$ta0;
+$HH=$ta1;
+$DH=$v1;
+$code.=<<___;
+.L_bn_div_words_body:
+ $SRL $DH,$a2,4*$BNSZ # bits
+ sgeu $at,$a0,$a2
+ .set noreorder
+ beqz $at,.+12
+ nop
+ $SUBU $a0,$a2
+ .set reorder
+
+ li $QT,-1
+ $SRL $HH,$a0,4*$BNSZ # bits
+ $SRL $QT,4*$BNSZ # q=0xffffffff
+ beq $DH,$HH,.L_bn_div_words_skip_div1
+ $DIVU $zero,$a0,$DH
+ mflo $QT
+.L_bn_div_words_skip_div1:
+ $MULTU $a2,$QT
+ $SLL $t3,$a0,4*$BNSZ # bits
+ $SRL $at,$a1,4*$BNSZ # bits
+ or $t3,$at
+ mflo $t0
+ mfhi $t1
+.L_bn_div_words_inner_loop1:
+ sltu $t2,$t3,$t0
+ seq $t8,$HH,$t1
+ sltu $at,$HH,$t1
+ and $t2,$t8
+ sltu $v0,$t0,$a2
+ or $at,$t2
+ .set noreorder
+ beqz $at,.L_bn_div_words_inner_loop1_done
+ $SUBU $t1,$v0
+ $SUBU $t0,$a2
+ b .L_bn_div_words_inner_loop1
+ $SUBU $QT,1
+ .set reorder
+.L_bn_div_words_inner_loop1_done:
+
+ $SLL $a1,4*$BNSZ # bits
+ $SUBU $a0,$t3,$t0
+ $SLL $v0,$QT,4*$BNSZ # bits
+
+ li $QT,-1
+ $SRL $HH,$a0,4*$BNSZ # bits
+ $SRL $QT,4*$BNSZ # q=0xffffffff
+ beq $DH,$HH,.L_bn_div_words_skip_div2
+ $DIVU $zero,$a0,$DH
+ mflo $QT
+.L_bn_div_words_skip_div2:
+ $MULTU $a2,$QT
+ $SLL $t3,$a0,4*$BNSZ # bits
+ $SRL $at,$a1,4*$BNSZ # bits
+ or $t3,$at
+ mflo $t0
+ mfhi $t1
+.L_bn_div_words_inner_loop2:
+ sltu $t2,$t3,$t0
+ seq $t8,$HH,$t1
+ sltu $at,$HH,$t1
+ and $t2,$t8
+ sltu $v1,$t0,$a2
+ or $at,$t2
+ .set noreorder
+ beqz $at,.L_bn_div_words_inner_loop2_done
+ $SUBU $t1,$v1
+ $SUBU $t0,$a2
+ b .L_bn_div_words_inner_loop2
+ $SUBU $QT,1
+ .set reorder
+.L_bn_div_words_inner_loop2_done:
+
+ $SUBU $a0,$t3,$t0
+ or $v0,$QT
+ $SRL $v1,$a0,$t9 # $v1 contains remainder if anybody wants it
+ $SRL $a2,$t9 # restore $a2
+
+ .set noreorder
+ move $a1,$v1
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+ $REG_L $t3,4*$SZREG($sp)
+ $REG_L $t2,3*$SZREG($sp)
+ $REG_L $t1,2*$SZREG($sp)
+ $REG_L $t0,1*$SZREG($sp)
+ $REG_L $gp,0*$SZREG($sp)
+ $PTR_ADD $sp,6*$SZREG
+___
+$code.=<<___;
+ jr $ra
+ move $a0,$v0
+.end bn_div_words_internal
+___
+undef $HH; undef $QT; undef $DH;
+
+($a_0,$a_1,$a_2,$a_3)=($t0,$t1,$t2,$t3);
+($b_0,$b_1,$b_2,$b_3)=($ta0,$ta1,$ta2,$ta3);
+
+($a_4,$a_5,$a_6,$a_7)=($s0,$s2,$s4,$a1); # once we load a[7], no use for $a1
+($b_4,$b_5,$b_6,$b_7)=($s1,$s3,$s5,$a2); # once we load b[7], no use for $a2
+
+($t_1,$t_2,$c_1,$c_2,$c_3)=($t8,$t9,$v0,$v1,$a3);
+
+$code.=<<___;
+
+.align 5
+.globl bn_mul_comba8
+.ent bn_mul_comba8
+bn_mul_comba8:
+ .set noreorder
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+ .frame $sp,12*$SZREG,$ra
+ .mask 0x803ff008,-$SZREG
+ $PTR_SUB $sp,12*$SZREG
+ $REG_S $ra,11*$SZREG($sp)
+ $REG_S $s5,10*$SZREG($sp)
+ $REG_S $s4,9*$SZREG($sp)
+ $REG_S $s3,8*$SZREG($sp)
+ $REG_S $s2,7*$SZREG($sp)
+ $REG_S $s1,6*$SZREG($sp)
+ $REG_S $s0,5*$SZREG($sp)
+ $REG_S $t3,4*$SZREG($sp)
+ $REG_S $t2,3*$SZREG($sp)
+ $REG_S $t1,2*$SZREG($sp)
+ $REG_S $t0,1*$SZREG($sp)
+ $REG_S $gp,0*$SZREG($sp)
+___
+$code.=<<___ if ($flavour !~ /nubi/i);
+ .frame $sp,6*$SZREG,$ra
+ .mask 0x003f0000,-$SZREG
+ $PTR_SUB $sp,6*$SZREG
+ $REG_S $s5,5*$SZREG($sp)
+ $REG_S $s4,4*$SZREG($sp)
+ $REG_S $s3,3*$SZREG($sp)
+ $REG_S $s2,2*$SZREG($sp)
+ $REG_S $s1,1*$SZREG($sp)
+ $REG_S $s0,0*$SZREG($sp)
+___
+$code.=<<___;
+
+ .set reorder
+ $LD $a_0,0($a1) # If compiled with -mips3 option on
+ # R5000 box assembler barks on this
+ # 1ine with "should not have mult/div
+ # as last instruction in bb (R10K
+ # bug)" warning. If anybody out there
+ # has a clue about how to circumvent
+ # this do send me a note.
+ # <appro\@fy.chalmers.se>
+
+ $LD $b_0,0($a2)
+ $LD $a_1,$BNSZ($a1)
+ $LD $a_2,2*$BNSZ($a1)
+ $MULTU $a_0,$b_0 # mul_add_c(a[0],b[0],c1,c2,c3);
+ $LD $a_3,3*$BNSZ($a1)
+ $LD $b_1,$BNSZ($a2)
+ $LD $b_2,2*$BNSZ($a2)
+ $LD $b_3,3*$BNSZ($a2)
+ mflo $c_1
+ mfhi $c_2
+
+ $LD $a_4,4*$BNSZ($a1)
+ $LD $a_5,5*$BNSZ($a1)
+ $MULTU $a_0,$b_1 # mul_add_c(a[0],b[1],c2,c3,c1);
+ $LD $a_6,6*$BNSZ($a1)
+ $LD $a_7,7*$BNSZ($a1)
+ $LD $b_4,4*$BNSZ($a2)
+ $LD $b_5,5*$BNSZ($a2)
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_2,$t_1
+ sltu $at,$c_2,$t_1
+ $MULTU $a_1,$b_0 # mul_add_c(a[1],b[0],c2,c3,c1);
+ $ADDU $c_3,$t_2,$at
+ $LD $b_6,6*$BNSZ($a2)
+ $LD $b_7,7*$BNSZ($a2)
+ $ST $c_1,0($a0) # r[0]=c1;
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_2,$t_1
+ sltu $at,$c_2,$t_1
+ $MULTU $a_2,$b_0 # mul_add_c(a[2],b[0],c3,c1,c2);
+ $ADDU $t_2,$at
+ $ADDU $c_3,$t_2
+ sltu $c_1,$c_3,$t_2
+ $ST $c_2,$BNSZ($a0) # r[1]=c2;
+
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_3,$t_1
+ sltu $at,$c_3,$t_1
+ $MULTU $a_1,$b_1 # mul_add_c(a[1],b[1],c3,c1,c2);
+ $ADDU $t_2,$at
+ $ADDU $c_1,$t_2
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_3,$t_1
+ sltu $at,$c_3,$t_1
+ $MULTU $a_0,$b_2 # mul_add_c(a[0],b[2],c3,c1,c2);
+ $ADDU $t_2,$at
+ $ADDU $c_1,$t_2
+ sltu $c_2,$c_1,$t_2
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_3,$t_1
+ sltu $at,$c_3,$t_1
+ $MULTU $a_0,$b_3 # mul_add_c(a[0],b[3],c1,c2,c3);
+ $ADDU $t_2,$at
+ $ADDU $c_1,$t_2
+ sltu $at,$c_1,$t_2
+ $ADDU $c_2,$at
+ $ST $c_3,2*$BNSZ($a0) # r[2]=c3;
+
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_1,$t_1
+ sltu $at,$c_1,$t_1
+ $MULTU $a_1,$b_2 # mul_add_c(a[1],b[2],c1,c2,c3);
+ $ADDU $t_2,$at
+ $ADDU $c_2,$t_2
+ sltu $c_3,$c_2,$t_2
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_1,$t_1
+ sltu $at,$c_1,$t_1
+ $MULTU $a_2,$b_1 # mul_add_c(a[2],b[1],c1,c2,c3);
+ $ADDU $t_2,$at
+ $ADDU $c_2,$t_2
+ sltu $at,$c_2,$t_2
+ $ADDU $c_3,$at
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_1,$t_1
+ sltu $at,$c_1,$t_1
+ $MULTU $a_3,$b_0 # mul_add_c(a[3],b[0],c1,c2,c3);
+ $ADDU $t_2,$at
+ $ADDU $c_2,$t_2
+ sltu $at,$c_2,$t_2
+ $ADDU $c_3,$at
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_1,$t_1
+ sltu $at,$c_1,$t_1
+ $MULTU $a_4,$b_0 # mul_add_c(a[4],b[0],c2,c3,c1);
+ $ADDU $t_2,$at
+ $ADDU $c_2,$t_2
+ sltu $at,$c_2,$t_2
+ $ADDU $c_3,$at
+ $ST $c_1,3*$BNSZ($a0) # r[3]=c1;
+
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_2,$t_1
+ sltu $at,$c_2,$t_1
+ $MULTU $a_3,$b_1 # mul_add_c(a[3],b[1],c2,c3,c1);
+ $ADDU $t_2,$at
+ $ADDU $c_3,$t_2
+ sltu $c_1,$c_3,$t_2
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_2,$t_1
+ sltu $at,$c_2,$t_1
+ $MULTU $a_2,$b_2 # mul_add_c(a[2],b[2],c2,c3,c1);
+ $ADDU $t_2,$at
+ $ADDU $c_3,$t_2
+ sltu $at,$c_3,$t_2
+ $ADDU $c_1,$at
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_2,$t_1
+ sltu $at,$c_2,$t_1
+ $MULTU $a_1,$b_3 # mul_add_c(a[1],b[3],c2,c3,c1);
+ $ADDU $t_2,$at
+ $ADDU $c_3,$t_2
+ sltu $at,$c_3,$t_2
+ $ADDU $c_1,$at
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_2,$t_1
+ sltu $at,$c_2,$t_1
+ $MULTU $a_0,$b_4 # mul_add_c(a[0],b[4],c2,c3,c1);
+ $ADDU $t_2,$at
+ $ADDU $c_3,$t_2
+ sltu $at,$c_3,$t_2
+ $ADDU $c_1,$at
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_2,$t_1
+ sltu $at,$c_2,$t_1
+ $MULTU $a_0,$b_5 # mul_add_c(a[0],b[5],c3,c1,c2);
+ $ADDU $t_2,$at
+ $ADDU $c_3,$t_2
+ sltu $at,$c_3,$t_2
+ $ADDU $c_1,$at
+ $ST $c_2,4*$BNSZ($a0) # r[4]=c2;
+
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_3,$t_1
+ sltu $at,$c_3,$t_1
+ $MULTU $a_1,$b_4 # mul_add_c(a[1],b[4],c3,c1,c2);
+ $ADDU $t_2,$at
+ $ADDU $c_1,$t_2
+ sltu $c_2,$c_1,$t_2
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_3,$t_1
+ sltu $at,$c_3,$t_1
+ $MULTU $a_2,$b_3 # mul_add_c(a[2],b[3],c3,c1,c2);
+ $ADDU $t_2,$at
+ $ADDU $c_1,$t_2
+ sltu $at,$c_1,$t_2
+ $ADDU $c_2,$at
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_3,$t_1
+ sltu $at,$c_3,$t_1
+ $MULTU $a_3,$b_2 # mul_add_c(a[3],b[2],c3,c1,c2);
+ $ADDU $t_2,$at
+ $ADDU $c_1,$t_2
+ sltu $at,$c_1,$t_2
+ $ADDU $c_2,$at
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_3,$t_1
+ sltu $at,$c_3,$t_1
+ $MULTU $a_4,$b_1 # mul_add_c(a[4],b[1],c3,c1,c2);
+ $ADDU $t_2,$at
+ $ADDU $c_1,$t_2
+ sltu $at,$c_1,$t_2
+ $ADDU $c_2,$at
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_3,$t_1
+ sltu $at,$c_3,$t_1
+ $MULTU $a_5,$b_0 # mul_add_c(a[5],b[0],c3,c1,c2);
+ $ADDU $t_2,$at
+ $ADDU $c_1,$t_2
+ sltu $at,$c_1,$t_2
+ $ADDU $c_2,$at
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_3,$t_1
+ sltu $at,$c_3,$t_1
+ $MULTU $a_6,$b_0 # mul_add_c(a[6],b[0],c1,c2,c3);
+ $ADDU $t_2,$at
+ $ADDU $c_1,$t_2
+ sltu $at,$c_1,$t_2
+ $ADDU $c_2,$at
+ $ST $c_3,5*$BNSZ($a0) # r[5]=c3;
+
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_1,$t_1
+ sltu $at,$c_1,$t_1
+ $MULTU $a_5,$b_1 # mul_add_c(a[5],b[1],c1,c2,c3);
+ $ADDU $t_2,$at
+ $ADDU $c_2,$t_2
+ sltu $c_3,$c_2,$t_2
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_1,$t_1
+ sltu $at,$c_1,$t_1
+ $MULTU $a_4,$b_2 # mul_add_c(a[4],b[2],c1,c2,c3);
+ $ADDU $t_2,$at
+ $ADDU $c_2,$t_2
+ sltu $at,$c_2,$t_2
+ $ADDU $c_3,$at
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_1,$t_1
+ sltu $at,$c_1,$t_1
+ $MULTU $a_3,$b_3 # mul_add_c(a[3],b[3],c1,c2,c3);
+ $ADDU $t_2,$at
+ $ADDU $c_2,$t_2
+ sltu $at,$c_2,$t_2
+ $ADDU $c_3,$at
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_1,$t_1
+ sltu $at,$c_1,$t_1
+ $MULTU $a_2,$b_4 # mul_add_c(a[2],b[4],c1,c2,c3);
+ $ADDU $t_2,$at
+ $ADDU $c_2,$t_2
+ sltu $at,$c_2,$t_2
+ $ADDU $c_3,$at
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_1,$t_1
+ sltu $at,$c_1,$t_1
+ $MULTU $a_1,$b_5 # mul_add_c(a[1],b[5],c1,c2,c3);
+ $ADDU $t_2,$at
+ $ADDU $c_2,$t_2
+ sltu $at,$c_2,$t_2
+ $ADDU $c_3,$at
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_1,$t_1
+ sltu $at,$c_1,$t_1
+ $MULTU $a_0,$b_6 # mul_add_c(a[0],b[6],c1,c2,c3);
+ $ADDU $t_2,$at
+ $ADDU $c_2,$t_2
+ sltu $at,$c_2,$t_2
+ $ADDU $c_3,$at
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_1,$t_1
+ sltu $at,$c_1,$t_1
+ $MULTU $a_0,$b_7 # mul_add_c(a[0],b[7],c2,c3,c1);
+ $ADDU $t_2,$at
+ $ADDU $c_2,$t_2
+ sltu $at,$c_2,$t_2
+ $ADDU $c_3,$at
+ $ST $c_1,6*$BNSZ($a0) # r[6]=c1;
+
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_2,$t_1
+ sltu $at,$c_2,$t_1
+ $MULTU $a_1,$b_6 # mul_add_c(a[1],b[6],c2,c3,c1);
+ $ADDU $t_2,$at
+ $ADDU $c_3,$t_2
+ sltu $c_1,$c_3,$t_2
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_2,$t_1
+ sltu $at,$c_2,$t_1
+ $MULTU $a_2,$b_5 # mul_add_c(a[2],b[5],c2,c3,c1);
+ $ADDU $t_2,$at
+ $ADDU $c_3,$t_2
+ sltu $at,$c_3,$t_2
+ $ADDU $c_1,$at
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_2,$t_1
+ sltu $at,$c_2,$t_1
+ $MULTU $a_3,$b_4 # mul_add_c(a[3],b[4],c2,c3,c1);
+ $ADDU $t_2,$at
+ $ADDU $c_3,$t_2
+ sltu $at,$c_3,$t_2
+ $ADDU $c_1,$at
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_2,$t_1
+ sltu $at,$c_2,$t_1
+ $MULTU $a_4,$b_3 # mul_add_c(a[4],b[3],c2,c3,c1);
+ $ADDU $t_2,$at
+ $ADDU $c_3,$t_2
+ sltu $at,$c_3,$t_2
+ $ADDU $c_1,$at
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_2,$t_1
+ sltu $at,$c_2,$t_1
+ $MULTU $a_5,$b_2 # mul_add_c(a[5],b[2],c2,c3,c1);
+ $ADDU $t_2,$at
+ $ADDU $c_3,$t_2
+ sltu $at,$c_3,$t_2
+ $ADDU $c_1,$at
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_2,$t_1
+ sltu $at,$c_2,$t_1
+ $MULTU $a_6,$b_1 # mul_add_c(a[6],b[1],c2,c3,c1);
+ $ADDU $t_2,$at
+ $ADDU $c_3,$t_2
+ sltu $at,$c_3,$t_2
+ $ADDU $c_1,$at
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_2,$t_1
+ sltu $at,$c_2,$t_1
+ $MULTU $a_7,$b_0 # mul_add_c(a[7],b[0],c2,c3,c1);
+ $ADDU $t_2,$at
+ $ADDU $c_3,$t_2
+ sltu $at,$c_3,$t_2
+ $ADDU $c_1,$at
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_2,$t_1
+ sltu $at,$c_2,$t_1
+ $MULTU $a_7,$b_1 # mul_add_c(a[7],b[1],c3,c1,c2);
+ $ADDU $t_2,$at
+ $ADDU $c_3,$t_2
+ sltu $at,$c_3,$t_2
+ $ADDU $c_1,$at
+ $ST $c_2,7*$BNSZ($a0) # r[7]=c2;
+
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_3,$t_1
+ sltu $at,$c_3,$t_1
+ $MULTU $a_6,$b_2 # mul_add_c(a[6],b[2],c3,c1,c2);
+ $ADDU $t_2,$at
+ $ADDU $c_1,$t_2
+ sltu $c_2,$c_1,$t_2
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_3,$t_1
+ sltu $at,$c_3,$t_1
+ $MULTU $a_5,$b_3 # mul_add_c(a[5],b[3],c3,c1,c2);
+ $ADDU $t_2,$at
+ $ADDU $c_1,$t_2
+ sltu $at,$c_1,$t_2
+ $ADDU $c_2,$at
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_3,$t_1
+ sltu $at,$c_3,$t_1
+ $MULTU $a_4,$b_4 # mul_add_c(a[4],b[4],c3,c1,c2);
+ $ADDU $t_2,$at
+ $ADDU $c_1,$t_2
+ sltu $at,$c_1,$t_2
+ $ADDU $c_2,$at
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_3,$t_1
+ sltu $at,$c_3,$t_1
+ $MULTU $a_3,$b_5 # mul_add_c(a[3],b[5],c3,c1,c2);
+ $ADDU $t_2,$at
+ $ADDU $c_1,$t_2
+ sltu $at,$c_1,$t_2
+ $ADDU $c_2,$at
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_3,$t_1
+ sltu $at,$c_3,$t_1
+ $MULTU $a_2,$b_6 # mul_add_c(a[2],b[6],c3,c1,c2);
+ $ADDU $t_2,$at
+ $ADDU $c_1,$t_2
+ sltu $at,$c_1,$t_2
+ $ADDU $c_2,$at
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_3,$t_1
+ sltu $at,$c_3,$t_1
+ $MULTU $a_1,$b_7 # mul_add_c(a[1],b[7],c3,c1,c2);
+ $ADDU $t_2,$at
+ $ADDU $c_1,$t_2
+ sltu $at,$c_1,$t_2
+ $ADDU $c_2,$at
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_3,$t_1
+ sltu $at,$c_3,$t_1
+ $MULTU $a_2,$b_7 # mul_add_c(a[2],b[7],c1,c2,c3);
+ $ADDU $t_2,$at
+ $ADDU $c_1,$t_2
+ sltu $at,$c_1,$t_2
+ $ADDU $c_2,$at
+ $ST $c_3,8*$BNSZ($a0) # r[8]=c3;
+
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_1,$t_1
+ sltu $at,$c_1,$t_1
+ $MULTU $a_3,$b_6 # mul_add_c(a[3],b[6],c1,c2,c3);
+ $ADDU $t_2,$at
+ $ADDU $c_2,$t_2
+ sltu $c_3,$c_2,$t_2
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_1,$t_1
+ sltu $at,$c_1,$t_1
+ $MULTU $a_4,$b_5 # mul_add_c(a[4],b[5],c1,c2,c3);
+ $ADDU $t_2,$at
+ $ADDU $c_2,$t_2
+ sltu $at,$c_2,$t_2
+ $ADDU $c_3,$at
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_1,$t_1
+ sltu $at,$c_1,$t_1
+ $MULTU $a_5,$b_4 # mul_add_c(a[5],b[4],c1,c2,c3);
+ $ADDU $t_2,$at
+ $ADDU $c_2,$t_2
+ sltu $at,$c_2,$t_2
+ $ADDU $c_3,$at
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_1,$t_1
+ sltu $at,$c_1,$t_1
+ $MULTU $a_6,$b_3 # mul_add_c(a[6],b[3],c1,c2,c3);
+ $ADDU $t_2,$at
+ $ADDU $c_2,$t_2
+ sltu $at,$c_2,$t_2
+ $ADDU $c_3,$at
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_1,$t_1
+ sltu $at,$c_1,$t_1
+ $MULTU $a_7,$b_2 # mul_add_c(a[7],b[2],c1,c2,c3);
+ $ADDU $t_2,$at
+ $ADDU $c_2,$t_2
+ sltu $at,$c_2,$t_2
+ $ADDU $c_3,$at
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_1,$t_1
+ sltu $at,$c_1,$t_1
+ $MULTU $a_7,$b_3 # mul_add_c(a[7],b[3],c2,c3,c1);
+ $ADDU $t_2,$at
+ $ADDU $c_2,$t_2
+ sltu $at,$c_2,$t_2
+ $ADDU $c_3,$at
+ $ST $c_1,9*$BNSZ($a0) # r[9]=c1;
+
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_2,$t_1
+ sltu $at,$c_2,$t_1
+ $MULTU $a_6,$b_4 # mul_add_c(a[6],b[4],c2,c3,c1);
+ $ADDU $t_2,$at
+ $ADDU $c_3,$t_2
+ sltu $c_1,$c_3,$t_2
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_2,$t_1
+ sltu $at,$c_2,$t_1
+ $MULTU $a_5,$b_5 # mul_add_c(a[5],b[5],c2,c3,c1);
+ $ADDU $t_2,$at
+ $ADDU $c_3,$t_2
+ sltu $at,$c_3,$t_2
+ $ADDU $c_1,$at
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_2,$t_1
+ sltu $at,$c_2,$t_1
+ $MULTU $a_4,$b_6 # mul_add_c(a[4],b[6],c2,c3,c1);
+ $ADDU $t_2,$at
+ $ADDU $c_3,$t_2
+ sltu $at,$c_3,$t_2
+ $ADDU $c_1,$at
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_2,$t_1
+ sltu $at,$c_2,$t_1
+ $MULTU $a_3,$b_7 # mul_add_c(a[3],b[7],c2,c3,c1);
+ $ADDU $t_2,$at
+ $ADDU $c_3,$t_2
+ sltu $at,$c_3,$t_2
+ $ADDU $c_1,$at
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_2,$t_1
+ sltu $at,$c_2,$t_1
+ $MULTU $a_4,$b_7 # mul_add_c(a[4],b[7],c3,c1,c2);
+ $ADDU $t_2,$at
+ $ADDU $c_3,$t_2
+ sltu $at,$c_3,$t_2
+ $ADDU $c_1,$at
+ $ST $c_2,10*$BNSZ($a0) # r[10]=c2;
+
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_3,$t_1
+ sltu $at,$c_3,$t_1
+ $MULTU $a_5,$b_6 # mul_add_c(a[5],b[6],c3,c1,c2);
+ $ADDU $t_2,$at
+ $ADDU $c_1,$t_2
+ sltu $c_2,$c_1,$t_2
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_3,$t_1
+ sltu $at,$c_3,$t_1
+ $MULTU $a_6,$b_5 # mul_add_c(a[6],b[5],c3,c1,c2);
+ $ADDU $t_2,$at
+ $ADDU $c_1,$t_2
+ sltu $at,$c_1,$t_2
+ $ADDU $c_2,$at
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_3,$t_1
+ sltu $at,$c_3,$t_1
+ $MULTU $a_7,$b_4 # mul_add_c(a[7],b[4],c3,c1,c2);
+ $ADDU $t_2,$at
+ $ADDU $c_1,$t_2
+ sltu $at,$c_1,$t_2
+ $ADDU $c_2,$at
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_3,$t_1
+ sltu $at,$c_3,$t_1
+ $MULTU $a_7,$b_5 # mul_add_c(a[7],b[5],c1,c2,c3);
+ $ADDU $t_2,$at
+ $ADDU $c_1,$t_2
+ sltu $at,$c_1,$t_2
+ $ADDU $c_2,$at
+ $ST $c_3,11*$BNSZ($a0) # r[11]=c3;
+
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_1,$t_1
+ sltu $at,$c_1,$t_1
+ $MULTU $a_6,$b_6 # mul_add_c(a[6],b[6],c1,c2,c3);
+ $ADDU $t_2,$at
+ $ADDU $c_2,$t_2
+ sltu $c_3,$c_2,$t_2
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_1,$t_1
+ sltu $at,$c_1,$t_1
+ $MULTU $a_5,$b_7 # mul_add_c(a[5],b[7],c1,c2,c3);
+ $ADDU $t_2,$at
+ $ADDU $c_2,$t_2
+ sltu $at,$c_2,$t_2
+ $ADDU $c_3,$at
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_1,$t_1
+ sltu $at,$c_1,$t_1
+ $MULTU $a_6,$b_7 # mul_add_c(a[6],b[7],c2,c3,c1);
+ $ADDU $t_2,$at
+ $ADDU $c_2,$t_2
+ sltu $at,$c_2,$t_2
+ $ADDU $c_3,$at
+ $ST $c_1,12*$BNSZ($a0) # r[12]=c1;
+
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_2,$t_1
+ sltu $at,$c_2,$t_1
+ $MULTU $a_7,$b_6 # mul_add_c(a[7],b[6],c2,c3,c1);
+ $ADDU $t_2,$at
+ $ADDU $c_3,$t_2
+ sltu $c_1,$c_3,$t_2
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_2,$t_1
+ sltu $at,$c_2,$t_1
+ $MULTU $a_7,$b_7 # mul_add_c(a[7],b[7],c3,c1,c2);
+ $ADDU $t_2,$at
+ $ADDU $c_3,$t_2
+ sltu $at,$c_3,$t_2
+ $ADDU $c_1,$at
+ $ST $c_2,13*$BNSZ($a0) # r[13]=c2;
+
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_3,$t_1
+ sltu $at,$c_3,$t_1
+ $ADDU $t_2,$at
+ $ADDU $c_1,$t_2
+ $ST $c_3,14*$BNSZ($a0) # r[14]=c3;
+ $ST $c_1,15*$BNSZ($a0) # r[15]=c1;
+
+ .set noreorder
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+ $REG_L $s5,10*$SZREG($sp)
+ $REG_L $s4,9*$SZREG($sp)
+ $REG_L $s3,8*$SZREG($sp)
+ $REG_L $s2,7*$SZREG($sp)
+ $REG_L $s1,6*$SZREG($sp)
+ $REG_L $s0,5*$SZREG($sp)
+ $REG_L $t3,4*$SZREG($sp)
+ $REG_L $t2,3*$SZREG($sp)
+ $REG_L $t1,2*$SZREG($sp)
+ $REG_L $t0,1*$SZREG($sp)
+ $REG_L $gp,0*$SZREG($sp)
+ jr $ra
+ $PTR_ADD $sp,12*$SZREG
+___
+$code.=<<___ if ($flavour !~ /nubi/i);
+ $REG_L $s5,5*$SZREG($sp)
+ $REG_L $s4,4*$SZREG($sp)
+ $REG_L $s3,3*$SZREG($sp)
+ $REG_L $s2,2*$SZREG($sp)
+ $REG_L $s1,1*$SZREG($sp)
+ $REG_L $s0,0*$SZREG($sp)
+ jr $ra
+ $PTR_ADD $sp,6*$SZREG
+___
+$code.=<<___;
+.end bn_mul_comba8
+
+.align 5
+.globl bn_mul_comba4
+.ent bn_mul_comba4
+bn_mul_comba4:
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+ .frame $sp,6*$SZREG,$ra
+ .mask 0x8000f008,-$SZREG
+ .set noreorder
+ $PTR_SUB $sp,6*$SZREG
+ $REG_S $ra,5*$SZREG($sp)
+ $REG_S $t3,4*$SZREG($sp)
+ $REG_S $t2,3*$SZREG($sp)
+ $REG_S $t1,2*$SZREG($sp)
+ $REG_S $t0,1*$SZREG($sp)
+ $REG_S $gp,0*$SZREG($sp)
+___
+$code.=<<___;
+ .set reorder
+ $LD $a_0,0($a1)
+ $LD $b_0,0($a2)
+ $LD $a_1,$BNSZ($a1)
+ $LD $a_2,2*$BNSZ($a1)
+ $MULTU $a_0,$b_0 # mul_add_c(a[0],b[0],c1,c2,c3);
+ $LD $a_3,3*$BNSZ($a1)
+ $LD $b_1,$BNSZ($a2)
+ $LD $b_2,2*$BNSZ($a2)
+ $LD $b_3,3*$BNSZ($a2)
+ mflo $c_1
+ mfhi $c_2
+ $ST $c_1,0($a0)
+
+ $MULTU $a_0,$b_1 # mul_add_c(a[0],b[1],c2,c3,c1);
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_2,$t_1
+ sltu $at,$c_2,$t_1
+ $MULTU $a_1,$b_0 # mul_add_c(a[1],b[0],c2,c3,c1);
+ $ADDU $c_3,$t_2,$at
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_2,$t_1
+ sltu $at,$c_2,$t_1
+ $MULTU $a_2,$b_0 # mul_add_c(a[2],b[0],c3,c1,c2);
+ $ADDU $t_2,$at
+ $ADDU $c_3,$t_2
+ sltu $c_1,$c_3,$t_2
+ $ST $c_2,$BNSZ($a0)
+
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_3,$t_1
+ sltu $at,$c_3,$t_1
+ $MULTU $a_1,$b_1 # mul_add_c(a[1],b[1],c3,c1,c2);
+ $ADDU $t_2,$at
+ $ADDU $c_1,$t_2
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_3,$t_1
+ sltu $at,$c_3,$t_1
+ $MULTU $a_0,$b_2 # mul_add_c(a[0],b[2],c3,c1,c2);
+ $ADDU $t_2,$at
+ $ADDU $c_1,$t_2
+ sltu $c_2,$c_1,$t_2
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_3,$t_1
+ sltu $at,$c_3,$t_1
+ $MULTU $a_0,$b_3 # mul_add_c(a[0],b[3],c1,c2,c3);
+ $ADDU $t_2,$at
+ $ADDU $c_1,$t_2
+ sltu $at,$c_1,$t_2
+ $ADDU $c_2,$at
+ $ST $c_3,2*$BNSZ($a0)
+
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_1,$t_1
+ sltu $at,$c_1,$t_1
+ $MULTU $a_1,$b_2 # mul_add_c(a[1],b[2],c1,c2,c3);
+ $ADDU $t_2,$at
+ $ADDU $c_2,$t_2
+ sltu $c_3,$c_2,$t_2
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_1,$t_1
+ sltu $at,$c_1,$t_1
+ $MULTU $a_2,$b_1 # mul_add_c(a[2],b[1],c1,c2,c3);
+ $ADDU $t_2,$at
+ $ADDU $c_2,$t_2
+ sltu $at,$c_2,$t_2
+ $ADDU $c_3,$at
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_1,$t_1
+ sltu $at,$c_1,$t_1
+ $MULTU $a_3,$b_0 # mul_add_c(a[3],b[0],c1,c2,c3);
+ $ADDU $t_2,$at
+ $ADDU $c_2,$t_2
+ sltu $at,$c_2,$t_2
+ $ADDU $c_3,$at
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_1,$t_1
+ sltu $at,$c_1,$t_1
+ $MULTU $a_3,$b_1 # mul_add_c(a[3],b[1],c2,c3,c1);
+ $ADDU $t_2,$at
+ $ADDU $c_2,$t_2
+ sltu $at,$c_2,$t_2
+ $ADDU $c_3,$at
+ $ST $c_1,3*$BNSZ($a0)
+
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_2,$t_1
+ sltu $at,$c_2,$t_1
+ $MULTU $a_2,$b_2 # mul_add_c(a[2],b[2],c2,c3,c1);
+ $ADDU $t_2,$at
+ $ADDU $c_3,$t_2
+ sltu $c_1,$c_3,$t_2
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_2,$t_1
+ sltu $at,$c_2,$t_1
+ $MULTU $a_1,$b_3 # mul_add_c(a[1],b[3],c2,c3,c1);
+ $ADDU $t_2,$at
+ $ADDU $c_3,$t_2
+ sltu $at,$c_3,$t_2
+ $ADDU $c_1,$at
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_2,$t_1
+ sltu $at,$c_2,$t_1
+ $MULTU $a_2,$b_3 # mul_add_c(a[2],b[3],c3,c1,c2);
+ $ADDU $t_2,$at
+ $ADDU $c_3,$t_2
+ sltu $at,$c_3,$t_2
+ $ADDU $c_1,$at
+ $ST $c_2,4*$BNSZ($a0)
+
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_3,$t_1
+ sltu $at,$c_3,$t_1
+ $MULTU $a_3,$b_2 # mul_add_c(a[3],b[2],c3,c1,c2);
+ $ADDU $t_2,$at
+ $ADDU $c_1,$t_2
+ sltu $c_2,$c_1,$t_2
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_3,$t_1
+ sltu $at,$c_3,$t_1
+ $MULTU $a_3,$b_3 # mul_add_c(a[3],b[3],c1,c2,c3);
+ $ADDU $t_2,$at
+ $ADDU $c_1,$t_2
+ sltu $at,$c_1,$t_2
+ $ADDU $c_2,$at
+ $ST $c_3,5*$BNSZ($a0)
+
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_1,$t_1
+ sltu $at,$c_1,$t_1
+ $ADDU $t_2,$at
+ $ADDU $c_2,$t_2
+ $ST $c_1,6*$BNSZ($a0)
+ $ST $c_2,7*$BNSZ($a0)
+
+ .set noreorder
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+ $REG_L $t3,4*$SZREG($sp)
+ $REG_L $t2,3*$SZREG($sp)
+ $REG_L $t1,2*$SZREG($sp)
+ $REG_L $t0,1*$SZREG($sp)
+ $REG_L $gp,0*$SZREG($sp)
+ $PTR_ADD $sp,6*$SZREG
+___
+$code.=<<___;
+ jr $ra
+ nop
+.end bn_mul_comba4
+___
+
+($a_4,$a_5,$a_6,$a_7)=($b_0,$b_1,$b_2,$b_3);
+
+sub add_c2 () {
+my ($hi,$lo,$c0,$c1,$c2,
+ $warm, # !$warm denotes first call with specific sequence of
+ # $c_[XYZ] when there is no Z-carry to accumulate yet;
+ $an,$bn # these two are arguments for multiplication which
+ # result is used in *next* step [which is why it's
+ # commented as "forward multiplication" below];
+ )=@_;
+$code.=<<___;
+ mflo $lo
+ mfhi $hi
+ $ADDU $c0,$lo
+ sltu $at,$c0,$lo
+ $MULTU $an,$bn # forward multiplication
+ $ADDU $c0,$lo
+ $ADDU $at,$hi
+ sltu $lo,$c0,$lo
+ $ADDU $c1,$at
+ $ADDU $hi,$lo
+___
+$code.=<<___ if (!$warm);
+ sltu $c2,$c1,$at
+ $ADDU $c1,$hi
+ sltu $hi,$c1,$hi
+ $ADDU $c2,$hi
+___
+$code.=<<___ if ($warm);
+ sltu $at,$c1,$at
+ $ADDU $c1,$hi
+ $ADDU $c2,$at
+ sltu $hi,$c1,$hi
+ $ADDU $c2,$hi
+___
+}
+
+$code.=<<___;
+
+.align 5
+.globl bn_sqr_comba8
+.ent bn_sqr_comba8
+bn_sqr_comba8:
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+ .frame $sp,6*$SZREG,$ra
+ .mask 0x8000f008,-$SZREG
+ .set noreorder
+ $PTR_SUB $sp,6*$SZREG
+ $REG_S $ra,5*$SZREG($sp)
+ $REG_S $t3,4*$SZREG($sp)
+ $REG_S $t2,3*$SZREG($sp)
+ $REG_S $t1,2*$SZREG($sp)
+ $REG_S $t0,1*$SZREG($sp)
+ $REG_S $gp,0*$SZREG($sp)
+___
+$code.=<<___;
+ .set reorder
+ $LD $a_0,0($a1)
+ $LD $a_1,$BNSZ($a1)
+ $LD $a_2,2*$BNSZ($a1)
+ $LD $a_3,3*$BNSZ($a1)
+
+ $MULTU $a_0,$a_0 # mul_add_c(a[0],b[0],c1,c2,c3);
+ $LD $a_4,4*$BNSZ($a1)
+ $LD $a_5,5*$BNSZ($a1)
+ $LD $a_6,6*$BNSZ($a1)
+ $LD $a_7,7*$BNSZ($a1)
+ mflo $c_1
+ mfhi $c_2
+ $ST $c_1,0($a0)
+
+ $MULTU $a_0,$a_1 # mul_add_c2(a[0],b[1],c2,c3,c1);
+ mflo $t_1
+ mfhi $t_2
+ slt $c_1,$t_2,$zero
+ $SLL $t_2,1
+ $MULTU $a_2,$a_0 # mul_add_c2(a[2],b[0],c3,c1,c2);
+ slt $a2,$t_1,$zero
+ $ADDU $t_2,$a2
+ $SLL $t_1,1
+ $ADDU $c_2,$t_1
+ sltu $at,$c_2,$t_1
+ $ADDU $c_3,$t_2,$at
+ $ST $c_2,$BNSZ($a0)
+___
+ &add_c2($t_2,$t_1,$c_3,$c_1,$c_2,0,
+ $a_1,$a_1); # mul_add_c(a[1],b[1],c3,c1,c2);
+$code.=<<___;
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_3,$t_1
+ sltu $at,$c_3,$t_1
+ $MULTU $a_0,$a_3 # mul_add_c2(a[0],b[3],c1,c2,c3);
+ $ADDU $t_2,$at
+ $ADDU $c_1,$t_2
+ sltu $at,$c_1,$t_2
+ $ADDU $c_2,$at
+ $ST $c_3,2*$BNSZ($a0)
+___
+ &add_c2($t_2,$t_1,$c_1,$c_2,$c_3,0,
+ $a_1,$a_2); # mul_add_c2(a[1],b[2],c1,c2,c3);
+ &add_c2($t_2,$t_1,$c_1,$c_2,$c_3,1,
+ $a_4,$a_0); # mul_add_c2(a[4],b[0],c2,c3,c1);
+$code.=<<___;
+ $ST $c_1,3*$BNSZ($a0)
+___
+ &add_c2($t_2,$t_1,$c_2,$c_3,$c_1,0,
+ $a_3,$a_1); # mul_add_c2(a[3],b[1],c2,c3,c1);
+ &add_c2($t_2,$t_1,$c_2,$c_3,$c_1,1,
+ $a_2,$a_2); # mul_add_c(a[2],b[2],c2,c3,c1);
+$code.=<<___;
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_2,$t_1
+ sltu $at,$c_2,$t_1
+ $MULTU $a_0,$a_5 # mul_add_c2(a[0],b[5],c3,c1,c2);
+ $ADDU $t_2,$at
+ $ADDU $c_3,$t_2
+ sltu $at,$c_3,$t_2
+ $ADDU $c_1,$at
+ $ST $c_2,4*$BNSZ($a0)
+___
+ &add_c2($t_2,$t_1,$c_3,$c_1,$c_2,0,
+ $a_1,$a_4); # mul_add_c2(a[1],b[4],c3,c1,c2);
+ &add_c2($t_2,$t_1,$c_3,$c_1,$c_2,1,
+ $a_2,$a_3); # mul_add_c2(a[2],b[3],c3,c1,c2);
+ &add_c2($t_2,$t_1,$c_3,$c_1,$c_2,1,
+ $a_6,$a_0); # mul_add_c2(a[6],b[0],c1,c2,c3);
+$code.=<<___;
+ $ST $c_3,5*$BNSZ($a0)
+___
+ &add_c2($t_2,$t_1,$c_1,$c_2,$c_3,0,
+ $a_5,$a_1); # mul_add_c2(a[5],b[1],c1,c2,c3);
+ &add_c2($t_2,$t_1,$c_1,$c_2,$c_3,1,
+ $a_4,$a_2); # mul_add_c2(a[4],b[2],c1,c2,c3);
+ &add_c2($t_2,$t_1,$c_1,$c_2,$c_3,1,
+ $a_3,$a_3); # mul_add_c(a[3],b[3],c1,c2,c3);
+$code.=<<___;
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_1,$t_1
+ sltu $at,$c_1,$t_1
+ $MULTU $a_0,$a_7 # mul_add_c2(a[0],b[7],c2,c3,c1);
+ $ADDU $t_2,$at
+ $ADDU $c_2,$t_2
+ sltu $at,$c_2,$t_2
+ $ADDU $c_3,$at
+ $ST $c_1,6*$BNSZ($a0)
+___
+ &add_c2($t_2,$t_1,$c_2,$c_3,$c_1,0,
+ $a_1,$a_6); # mul_add_c2(a[1],b[6],c2,c3,c1);
+ &add_c2($t_2,$t_1,$c_2,$c_3,$c_1,1,
+ $a_2,$a_5); # mul_add_c2(a[2],b[5],c2,c3,c1);
+ &add_c2($t_2,$t_1,$c_2,$c_3,$c_1,1,
+ $a_3,$a_4); # mul_add_c2(a[3],b[4],c2,c3,c1);
+ &add_c2($t_2,$t_1,$c_2,$c_3,$c_1,1,
+ $a_7,$a_1); # mul_add_c2(a[7],b[1],c3,c1,c2);
+$code.=<<___;
+ $ST $c_2,7*$BNSZ($a0)
+___
+ &add_c2($t_2,$t_1,$c_3,$c_1,$c_2,0,
+ $a_6,$a_2); # mul_add_c2(a[6],b[2],c3,c1,c2);
+ &add_c2($t_2,$t_1,$c_3,$c_1,$c_2,1,
+ $a_5,$a_3); # mul_add_c2(a[5],b[3],c3,c1,c2);
+ &add_c2($t_2,$t_1,$c_3,$c_1,$c_2,1,
+ $a_4,$a_4); # mul_add_c(a[4],b[4],c3,c1,c2);
+$code.=<<___;
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_3,$t_1
+ sltu $at,$c_3,$t_1
+ $MULTU $a_2,$a_7 # mul_add_c2(a[2],b[7],c1,c2,c3);
+ $ADDU $t_2,$at
+ $ADDU $c_1,$t_2
+ sltu $at,$c_1,$t_2
+ $ADDU $c_2,$at
+ $ST $c_3,8*$BNSZ($a0)
+___
+ &add_c2($t_2,$t_1,$c_1,$c_2,$c_3,0,
+ $a_3,$a_6); # mul_add_c2(a[3],b[6],c1,c2,c3);
+ &add_c2($t_2,$t_1,$c_1,$c_2,$c_3,1,
+ $a_4,$a_5); # mul_add_c2(a[4],b[5],c1,c2,c3);
+ &add_c2($t_2,$t_1,$c_1,$c_2,$c_3,1,
+ $a_7,$a_3); # mul_add_c2(a[7],b[3],c2,c3,c1);
+$code.=<<___;
+ $ST $c_1,9*$BNSZ($a0)
+___
+ &add_c2($t_2,$t_1,$c_2,$c_3,$c_1,0,
+ $a_6,$a_4); # mul_add_c2(a[6],b[4],c2,c3,c1);
+ &add_c2($t_2,$t_1,$c_2,$c_3,$c_1,1,
+ $a_5,$a_5); # mul_add_c(a[5],b[5],c2,c3,c1);
+$code.=<<___;
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_2,$t_1
+ sltu $at,$c_2,$t_1
+ $MULTU $a_4,$a_7 # mul_add_c2(a[4],b[7],c3,c1,c2);
+ $ADDU $t_2,$at
+ $ADDU $c_3,$t_2
+ sltu $at,$c_3,$t_2
+ $ADDU $c_1,$at
+ $ST $c_2,10*$BNSZ($a0)
+___
+ &add_c2($t_2,$t_1,$c_3,$c_1,$c_2,0,
+ $a_5,$a_6); # mul_add_c2(a[5],b[6],c3,c1,c2);
+ &add_c2($t_2,$t_1,$c_3,$c_1,$c_2,1,
+ $a_7,$a_5); # mul_add_c2(a[7],b[5],c1,c2,c3);
+$code.=<<___;
+ $ST $c_3,11*$BNSZ($a0)
+___
+ &add_c2($t_2,$t_1,$c_1,$c_2,$c_3,0,
+ $a_6,$a_6); # mul_add_c(a[6],b[6],c1,c2,c3);
+$code.=<<___;
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_1,$t_1
+ sltu $at,$c_1,$t_1
+ $MULTU $a_6,$a_7 # mul_add_c2(a[6],b[7],c2,c3,c1);
+ $ADDU $t_2,$at
+ $ADDU $c_2,$t_2
+ sltu $at,$c_2,$t_2
+ $ADDU $c_3,$at
+ $ST $c_1,12*$BNSZ($a0)
+___
+ &add_c2($t_2,$t_1,$c_2,$c_3,$c_1,0,
+ $a_7,$a_7); # mul_add_c(a[7],b[7],c3,c1,c2);
+$code.=<<___;
+ $ST $c_2,13*$BNSZ($a0)
+
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_3,$t_1
+ sltu $at,$c_3,$t_1
+ $ADDU $t_2,$at
+ $ADDU $c_1,$t_2
+ $ST $c_3,14*$BNSZ($a0)
+ $ST $c_1,15*$BNSZ($a0)
+
+ .set noreorder
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+ $REG_L $t3,4*$SZREG($sp)
+ $REG_L $t2,3*$SZREG($sp)
+ $REG_L $t1,2*$SZREG($sp)
+ $REG_L $t0,1*$SZREG($sp)
+ $REG_L $gp,0*$SZREG($sp)
+ $PTR_ADD $sp,6*$SZREG
+___
+$code.=<<___;
+ jr $ra
+ nop
+.end bn_sqr_comba8
+
+.align 5
+.globl bn_sqr_comba4
+.ent bn_sqr_comba4
+bn_sqr_comba4:
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+ .frame $sp,6*$SZREG,$ra
+ .mask 0x8000f008,-$SZREG
+ .set noreorder
+ $PTR_SUB $sp,6*$SZREG
+ $REG_S $ra,5*$SZREG($sp)
+ $REG_S $t3,4*$SZREG($sp)
+ $REG_S $t2,3*$SZREG($sp)
+ $REG_S $t1,2*$SZREG($sp)
+ $REG_S $t0,1*$SZREG($sp)
+ $REG_S $gp,0*$SZREG($sp)
+___
+$code.=<<___;
+ .set reorder
+ $LD $a_0,0($a1)
+ $LD $a_1,$BNSZ($a1)
+ $MULTU $a_0,$a_0 # mul_add_c(a[0],b[0],c1,c2,c3);
+ $LD $a_2,2*$BNSZ($a1)
+ $LD $a_3,3*$BNSZ($a1)
+ mflo $c_1
+ mfhi $c_2
+ $ST $c_1,0($a0)
+
+ $MULTU $a_0,$a_1 # mul_add_c2(a[0],b[1],c2,c3,c1);
+ mflo $t_1
+ mfhi $t_2
+ slt $c_1,$t_2,$zero
+ $SLL $t_2,1
+ $MULTU $a_2,$a_0 # mul_add_c2(a[2],b[0],c3,c1,c2);
+ slt $a2,$t_1,$zero
+ $ADDU $t_2,$a2
+ $SLL $t_1,1
+ $ADDU $c_2,$t_1
+ sltu $at,$c_2,$t_1
+ $ADDU $c_3,$t_2,$at
+ $ST $c_2,$BNSZ($a0)
+___
+ &add_c2($t_2,$t_1,$c_3,$c_1,$c_2,0,
+ $a_1,$a_1); # mul_add_c(a[1],b[1],c3,c1,c2);
+$code.=<<___;
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_3,$t_1
+ sltu $at,$c_3,$t_1
+ $MULTU $a_0,$a_3 # mul_add_c2(a[0],b[3],c1,c2,c3);
+ $ADDU $t_2,$at
+ $ADDU $c_1,$t_2
+ sltu $at,$c_1,$t_2
+ $ADDU $c_2,$at
+ $ST $c_3,2*$BNSZ($a0)
+___
+ &add_c2($t_2,$t_1,$c_1,$c_2,$c_3,0,
+ $a_1,$a_2); # mul_add_c2(a2[1],b[2],c1,c2,c3);
+ &add_c2($t_2,$t_1,$c_1,$c_2,$c_3,1,
+ $a_3,$a_1); # mul_add_c2(a[3],b[1],c2,c3,c1);
+$code.=<<___;
+ $ST $c_1,3*$BNSZ($a0)
+___
+ &add_c2($t_2,$t_1,$c_2,$c_3,$c_1,0,
+ $a_2,$a_2); # mul_add_c(a[2],b[2],c2,c3,c1);
+$code.=<<___;
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_2,$t_1
+ sltu $at,$c_2,$t_1
+ $MULTU $a_2,$a_3 # mul_add_c2(a[2],b[3],c3,c1,c2);
+ $ADDU $t_2,$at
+ $ADDU $c_3,$t_2
+ sltu $at,$c_3,$t_2
+ $ADDU $c_1,$at
+ $ST $c_2,4*$BNSZ($a0)
+___
+ &add_c2($t_2,$t_1,$c_3,$c_1,$c_2,0,
+ $a_3,$a_3); # mul_add_c(a[3],b[3],c1,c2,c3);
+$code.=<<___;
+ $ST $c_3,5*$BNSZ($a0)
+
+ mflo $t_1
+ mfhi $t_2
+ $ADDU $c_1,$t_1
+ sltu $at,$c_1,$t_1
+ $ADDU $t_2,$at
+ $ADDU $c_2,$t_2
+ $ST $c_1,6*$BNSZ($a0)
+ $ST $c_2,7*$BNSZ($a0)
+
+ .set noreorder
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+ $REG_L $t3,4*$SZREG($sp)
+ $REG_L $t2,3*$SZREG($sp)
+ $REG_L $t1,2*$SZREG($sp)
+ $REG_L $t0,1*$SZREG($sp)
+ $REG_L $gp,0*$SZREG($sp)
+ $PTR_ADD $sp,6*$SZREG
+___
+$code.=<<___;
+ jr $ra
+ nop
+.end bn_sqr_comba4
+___
+print $code;
+close STDOUT;
Copied: trunk/crypto/openssl/crypto/bn/asm/mips3-mont.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/bn/asm/mips3-mont.pl)
===================================================================
--- trunk/crypto/openssl/crypto/bn/asm/mips3-mont.pl (rev 0)
+++ trunk/crypto/openssl/crypto/bn/asm/mips3-mont.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,327 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# This module doesn't present direct interest for OpenSSL, because it
+# doesn't provide better performance for longer keys. While 512-bit
+# RSA private key operations are 40% faster, 1024-bit ones are hardly
+# faster at all, while longer key operations are slower by up to 20%.
+# It might be of interest to embedded system developers though, as
+# it's smaller than 1KB, yet offers ~3x improvement over compiler
+# generated code.
+#
+# The module targets N32 and N64 MIPS ABIs and currently is a bit
+# IRIX-centric, i.e. is likely to require adaptation for other OSes.
+
+# int bn_mul_mont(
+$rp="a0"; # BN_ULONG *rp,
+$ap="a1"; # const BN_ULONG *ap,
+$bp="a2"; # const BN_ULONG *bp,
+$np="a3"; # const BN_ULONG *np,
+$n0="a4"; # const BN_ULONG *n0,
+$num="a5"; # int num);
+
+$lo0="a6";
+$hi0="a7";
+$lo1="v0";
+$hi1="v1";
+$aj="t0";
+$bi="t1";
+$nj="t2";
+$tp="t3";
+$alo="s0";
+$ahi="s1";
+$nlo="s2";
+$nhi="s3";
+$tj="s4";
+$i="s5";
+$j="s6";
+$fp="t8";
+$m1="t9";
+
+$FRAME=8*(2+8);
+
+$code=<<___;
+#include <asm.h>
+#include <regdef.h>
+
+.text
+
+.set noat
+.set reorder
+
+.align 5
+.globl bn_mul_mont
+.ent bn_mul_mont
+bn_mul_mont:
+ .set noreorder
+ PTR_SUB sp,64
+ move $fp,sp
+ .frame $fp,64,ra
+ slt AT,$num,4
+ li v0,0
+ beqzl AT,.Lproceed
+ nop
+ jr ra
+ PTR_ADD sp,$fp,64
+ .set reorder
+.align 5
+.Lproceed:
+ ld $n0,0($n0)
+ ld $bi,0($bp) # bp[0]
+ ld $aj,0($ap) # ap[0]
+ ld $nj,0($np) # np[0]
+ PTR_SUB sp,16 # place for two extra words
+ sll $num,3
+ li AT,-4096
+ PTR_SUB sp,$num
+ and sp,AT
+
+ sd s0,0($fp)
+ sd s1,8($fp)
+ sd s2,16($fp)
+ sd s3,24($fp)
+ sd s4,32($fp)
+ sd s5,40($fp)
+ sd s6,48($fp)
+ sd s7,56($fp)
+
+ dmultu $aj,$bi
+ ld $alo,8($ap)
+ ld $nlo,8($np)
+ mflo $lo0
+ mfhi $hi0
+ dmultu $lo0,$n0
+ mflo $m1
+
+ dmultu $alo,$bi
+ mflo $alo
+ mfhi $ahi
+
+ dmultu $nj,$m1
+ mflo $lo1
+ mfhi $hi1
+ dmultu $nlo,$m1
+ daddu $lo1,$lo0
+ sltu AT,$lo1,$lo0
+ daddu $hi1,AT
+ mflo $nlo
+ mfhi $nhi
+
+ move $tp,sp
+ li $j,16
+.align 4
+.L1st:
+ .set noreorder
+ PTR_ADD $aj,$ap,$j
+ ld $aj,($aj)
+ PTR_ADD $nj,$np,$j
+ ld $nj,($nj)
+
+ dmultu $aj,$bi
+ daddu $lo0,$alo,$hi0
+ daddu $lo1,$nlo,$hi1
+ sltu AT,$lo0,$hi0
+ sltu s7,$lo1,$hi1
+ daddu $hi0,$ahi,AT
+ daddu $hi1,$nhi,s7
+ mflo $alo
+ mfhi $ahi
+
+ daddu $lo1,$lo0
+ sltu AT,$lo1,$lo0
+ dmultu $nj,$m1
+ daddu $hi1,AT
+ addu $j,8
+ sd $lo1,($tp)
+ sltu s7,$j,$num
+ mflo $nlo
+ mfhi $nhi
+
+ bnez s7,.L1st
+ PTR_ADD $tp,8
+ .set reorder
+
+ daddu $lo0,$alo,$hi0
+ sltu AT,$lo0,$hi0
+ daddu $hi0,$ahi,AT
+
+ daddu $lo1,$nlo,$hi1
+ sltu s7,$lo1,$hi1
+ daddu $hi1,$nhi,s7
+ daddu $lo1,$lo0
+ sltu AT,$lo1,$lo0
+ daddu $hi1,AT
+
+ sd $lo1,($tp)
+
+ daddu $hi1,$hi0
+ sltu AT,$hi1,$hi0
+ sd $hi1,8($tp)
+ sd AT,16($tp)
+
+ li $i,8
+.align 4
+.Louter:
+ PTR_ADD $bi,$bp,$i
+ ld $bi,($bi)
+ ld $aj,($ap)
+ ld $alo,8($ap)
+ ld $tj,(sp)
+
+ dmultu $aj,$bi
+ ld $nj,($np)
+ ld $nlo,8($np)
+ mflo $lo0
+ mfhi $hi0
+ daddu $lo0,$tj
+ dmultu $lo0,$n0
+ sltu AT,$lo0,$tj
+ daddu $hi0,AT
+ mflo $m1
+
+ dmultu $alo,$bi
+ mflo $alo
+ mfhi $ahi
+
+ dmultu $nj,$m1
+ mflo $lo1
+ mfhi $hi1
+
+ dmultu $nlo,$m1
+ daddu $lo1,$lo0
+ sltu AT,$lo1,$lo0
+ daddu $hi1,AT
+ mflo $nlo
+ mfhi $nhi
+
+ move $tp,sp
+ li $j,16
+ ld $tj,8($tp)
+.align 4
+.Linner:
+ .set noreorder
+ PTR_ADD $aj,$ap,$j
+ ld $aj,($aj)
+ PTR_ADD $nj,$np,$j
+ ld $nj,($nj)
+
+ dmultu $aj,$bi
+ daddu $lo0,$alo,$hi0
+ daddu $lo1,$nlo,$hi1
+ sltu AT,$lo0,$hi0
+ sltu s7,$lo1,$hi1
+ daddu $hi0,$ahi,AT
+ daddu $hi1,$nhi,s7
+ mflo $alo
+ mfhi $ahi
+
+ daddu $lo0,$tj
+ addu $j,8
+ dmultu $nj,$m1
+ sltu AT,$lo0,$tj
+ daddu $lo1,$lo0
+ daddu $hi0,AT
+ sltu s7,$lo1,$lo0
+ ld $tj,16($tp)
+ daddu $hi1,s7
+ sltu AT,$j,$num
+ mflo $nlo
+ mfhi $nhi
+ sd $lo1,($tp)
+ bnez AT,.Linner
+ PTR_ADD $tp,8
+ .set reorder
+
+ daddu $lo0,$alo,$hi0
+ sltu AT,$lo0,$hi0
+ daddu $hi0,$ahi,AT
+ daddu $lo0,$tj
+ sltu s7,$lo0,$tj
+ daddu $hi0,s7
+
+ ld $tj,16($tp)
+ daddu $lo1,$nlo,$hi1
+ sltu AT,$lo1,$hi1
+ daddu $hi1,$nhi,AT
+ daddu $lo1,$lo0
+ sltu s7,$lo1,$lo0
+ daddu $hi1,s7
+ sd $lo1,($tp)
+
+ daddu $lo1,$hi1,$hi0
+ sltu $hi1,$lo1,$hi0
+ daddu $lo1,$tj
+ sltu AT,$lo1,$tj
+ daddu $hi1,AT
+ sd $lo1,8($tp)
+ sd $hi1,16($tp)
+
+ addu $i,8
+ sltu s7,$i,$num
+ bnez s7,.Louter
+
+ .set noreorder
+ PTR_ADD $tj,sp,$num # &tp[num]
+ move $tp,sp
+ move $ap,sp
+ li $hi0,0 # clear borrow bit
+
+.align 4
+.Lsub: ld $lo0,($tp)
+ ld $lo1,($np)
+ PTR_ADD $tp,8
+ PTR_ADD $np,8
+ dsubu $lo1,$lo0,$lo1 # tp[i]-np[i]
+ sgtu AT,$lo1,$lo0
+ dsubu $lo0,$lo1,$hi0
+ sgtu $hi0,$lo0,$lo1
+ sd $lo0,($rp)
+ or $hi0,AT
+ sltu AT,$tp,$tj
+ bnez AT,.Lsub
+ PTR_ADD $rp,8
+
+ dsubu $hi0,$hi1,$hi0 # handle upmost overflow bit
+ move $tp,sp
+ PTR_SUB $rp,$num # restore rp
+ not $hi1,$hi0
+
+ and $ap,$hi0,sp
+ and $bp,$hi1,$rp
+ or $ap,$ap,$bp # ap=borrow?tp:rp
+
+.align 4
+.Lcopy: ld $aj,($ap)
+ PTR_ADD $ap,8
+ PTR_ADD $tp,8
+ sd zero,-8($tp)
+ sltu AT,$tp,$tj
+ sd $aj,($rp)
+ bnez AT,.Lcopy
+ PTR_ADD $rp,8
+
+ ld s0,0($fp)
+ ld s1,8($fp)
+ ld s2,16($fp)
+ ld s3,24($fp)
+ ld s4,32($fp)
+ ld s5,40($fp)
+ ld s6,48($fp)
+ ld s7,56($fp)
+ li v0,1
+ jr ra
+ PTR_ADD sp,$fp,64
+ .set reorder
+END(bn_mul_mont)
+.rdata
+.asciiz "Montgomery Multiplication for MIPS III/IV, CRYPTOGAMS by <appro\@openssl.org>"
+___
+
+print $code;
+close STDOUT;
Deleted: trunk/crypto/openssl/crypto/bn/asm/mips3.s
===================================================================
--- trunk/crypto/openssl/crypto/bn/asm/mips3.s 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/bn/asm/mips3.s 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,2201 +0,0 @@
-.rdata
-.asciiz "mips3.s, Version 1.1"
-.asciiz "MIPS III/IV ISA artwork by Andy Polyakov <appro at fy.chalmers.se>"
-
-/*
- * ====================================================================
- * Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
- * project.
- *
- * Rights for redistribution and usage in source and binary forms are
- * granted according to the OpenSSL license. Warranty of any kind is
- * disclaimed.
- * ====================================================================
- */
-
-/*
- * This is my modest contributon to the OpenSSL project (see
- * http://www.openssl.org/ for more information about it) and is
- * a drop-in MIPS III/IV ISA replacement for crypto/bn/bn_asm.c
- * module. For updates see http://fy.chalmers.se/~appro/hpe/.
- *
- * The module is designed to work with either of the "new" MIPS ABI(5),
- * namely N32 or N64, offered by IRIX 6.x. It's not ment to work under
- * IRIX 5.x not only because it doesn't support new ABIs but also
- * because 5.x kernels put R4x00 CPU into 32-bit mode and all those
- * 64-bit instructions (daddu, dmultu, etc.) found below gonna only
- * cause illegal instruction exception:-(
- *
- * In addition the code depends on preprocessor flags set up by MIPSpro
- * compiler driver (either as or cc) and therefore (probably?) can't be
- * compiled by the GNU assembler. GNU C driver manages fine though...
- * I mean as long as -mmips-as is specified or is the default option,
- * because then it simply invokes /usr/bin/as which in turn takes
- * perfect care of the preprocessor definitions. Another neat feature
- * offered by the MIPSpro assembler is an optimization pass. This gave
- * me the opportunity to have the code looking more regular as all those
- * architecture dependent instruction rescheduling details were left to
- * the assembler. Cool, huh?
- *
- * Performance improvement is astonishing! 'apps/openssl speed rsa dsa'
- * goes way over 3 times faster!
- *
- * <appro at fy.chalmers.se>
- */
-#include <asm.h>
-#include <regdef.h>
-
-#if _MIPS_ISA>=4
-#define MOVNZ(cond,dst,src) \
- movn dst,src,cond
-#else
-#define MOVNZ(cond,dst,src) \
- .set noreorder; \
- bnezl cond,.+8; \
- move dst,src; \
- .set reorder
-#endif
-
-.text
-
-.set noat
-.set reorder
-
-#define MINUS4 v1
-
-.align 5
-LEAF(bn_mul_add_words)
- .set noreorder
- bgtzl a2,.L_bn_mul_add_words_proceed
- ld t0,0(a1)
- jr ra
- move v0,zero
- .set reorder
-
-.L_bn_mul_add_words_proceed:
- li MINUS4,-4
- and ta0,a2,MINUS4
- move v0,zero
- beqz ta0,.L_bn_mul_add_words_tail
-
-.L_bn_mul_add_words_loop:
- dmultu t0,a3
- ld t1,0(a0)
- ld t2,8(a1)
- ld t3,8(a0)
- ld ta0,16(a1)
- ld ta1,16(a0)
- daddu t1,v0
- sltu v0,t1,v0 /* All manuals say it "compares 32-bit
- * values", but it seems to work fine
- * even on 64-bit registers. */
- mflo AT
- mfhi t0
- daddu t1,AT
- daddu v0,t0
- sltu AT,t1,AT
- sd t1,0(a0)
- daddu v0,AT
-
- dmultu t2,a3
- ld ta2,24(a1)
- ld ta3,24(a0)
- daddu t3,v0
- sltu v0,t3,v0
- mflo AT
- mfhi t2
- daddu t3,AT
- daddu v0,t2
- sltu AT,t3,AT
- sd t3,8(a0)
- daddu v0,AT
-
- dmultu ta0,a3
- subu a2,4
- PTR_ADD a0,32
- PTR_ADD a1,32
- daddu ta1,v0
- sltu v0,ta1,v0
- mflo AT
- mfhi ta0
- daddu ta1,AT
- daddu v0,ta0
- sltu AT,ta1,AT
- sd ta1,-16(a0)
- daddu v0,AT
-
-
- dmultu ta2,a3
- and ta0,a2,MINUS4
- daddu ta3,v0
- sltu v0,ta3,v0
- mflo AT
- mfhi ta2
- daddu ta3,AT
- daddu v0,ta2
- sltu AT,ta3,AT
- sd ta3,-8(a0)
- daddu v0,AT
- .set noreorder
- bgtzl ta0,.L_bn_mul_add_words_loop
- ld t0,0(a1)
-
- bnezl a2,.L_bn_mul_add_words_tail
- ld t0,0(a1)
- .set reorder
-
-.L_bn_mul_add_words_return:
- jr ra
-
-.L_bn_mul_add_words_tail:
- dmultu t0,a3
- ld t1,0(a0)
- subu a2,1
- daddu t1,v0
- sltu v0,t1,v0
- mflo AT
- mfhi t0
- daddu t1,AT
- daddu v0,t0
- sltu AT,t1,AT
- sd t1,0(a0)
- daddu v0,AT
- beqz a2,.L_bn_mul_add_words_return
-
- ld t0,8(a1)
- dmultu t0,a3
- ld t1,8(a0)
- subu a2,1
- daddu t1,v0
- sltu v0,t1,v0
- mflo AT
- mfhi t0
- daddu t1,AT
- daddu v0,t0
- sltu AT,t1,AT
- sd t1,8(a0)
- daddu v0,AT
- beqz a2,.L_bn_mul_add_words_return
-
- ld t0,16(a1)
- dmultu t0,a3
- ld t1,16(a0)
- daddu t1,v0
- sltu v0,t1,v0
- mflo AT
- mfhi t0
- daddu t1,AT
- daddu v0,t0
- sltu AT,t1,AT
- sd t1,16(a0)
- daddu v0,AT
- jr ra
-END(bn_mul_add_words)
-
-.align 5
-LEAF(bn_mul_words)
- .set noreorder
- bgtzl a2,.L_bn_mul_words_proceed
- ld t0,0(a1)
- jr ra
- move v0,zero
- .set reorder
-
-.L_bn_mul_words_proceed:
- li MINUS4,-4
- and ta0,a2,MINUS4
- move v0,zero
- beqz ta0,.L_bn_mul_words_tail
-
-.L_bn_mul_words_loop:
- dmultu t0,a3
- ld t2,8(a1)
- ld ta0,16(a1)
- ld ta2,24(a1)
- mflo AT
- mfhi t0
- daddu v0,AT
- sltu t1,v0,AT
- sd v0,0(a0)
- daddu v0,t1,t0
-
- dmultu t2,a3
- subu a2,4
- PTR_ADD a0,32
- PTR_ADD a1,32
- mflo AT
- mfhi t2
- daddu v0,AT
- sltu t3,v0,AT
- sd v0,-24(a0)
- daddu v0,t3,t2
-
- dmultu ta0,a3
- mflo AT
- mfhi ta0
- daddu v0,AT
- sltu ta1,v0,AT
- sd v0,-16(a0)
- daddu v0,ta1,ta0
-
-
- dmultu ta2,a3
- and ta0,a2,MINUS4
- mflo AT
- mfhi ta2
- daddu v0,AT
- sltu ta3,v0,AT
- sd v0,-8(a0)
- daddu v0,ta3,ta2
- .set noreorder
- bgtzl ta0,.L_bn_mul_words_loop
- ld t0,0(a1)
-
- bnezl a2,.L_bn_mul_words_tail
- ld t0,0(a1)
- .set reorder
-
-.L_bn_mul_words_return:
- jr ra
-
-.L_bn_mul_words_tail:
- dmultu t0,a3
- subu a2,1
- mflo AT
- mfhi t0
- daddu v0,AT
- sltu t1,v0,AT
- sd v0,0(a0)
- daddu v0,t1,t0
- beqz a2,.L_bn_mul_words_return
-
- ld t0,8(a1)
- dmultu t0,a3
- subu a2,1
- mflo AT
- mfhi t0
- daddu v0,AT
- sltu t1,v0,AT
- sd v0,8(a0)
- daddu v0,t1,t0
- beqz a2,.L_bn_mul_words_return
-
- ld t0,16(a1)
- dmultu t0,a3
- mflo AT
- mfhi t0
- daddu v0,AT
- sltu t1,v0,AT
- sd v0,16(a0)
- daddu v0,t1,t0
- jr ra
-END(bn_mul_words)
-
-.align 5
-LEAF(bn_sqr_words)
- .set noreorder
- bgtzl a2,.L_bn_sqr_words_proceed
- ld t0,0(a1)
- jr ra
- move v0,zero
- .set reorder
-
-.L_bn_sqr_words_proceed:
- li MINUS4,-4
- and ta0,a2,MINUS4
- move v0,zero
- beqz ta0,.L_bn_sqr_words_tail
-
-.L_bn_sqr_words_loop:
- dmultu t0,t0
- ld t2,8(a1)
- ld ta0,16(a1)
- ld ta2,24(a1)
- mflo t1
- mfhi t0
- sd t1,0(a0)
- sd t0,8(a0)
-
- dmultu t2,t2
- subu a2,4
- PTR_ADD a0,64
- PTR_ADD a1,32
- mflo t3
- mfhi t2
- sd t3,-48(a0)
- sd t2,-40(a0)
-
- dmultu ta0,ta0
- mflo ta1
- mfhi ta0
- sd ta1,-32(a0)
- sd ta0,-24(a0)
-
-
- dmultu ta2,ta2
- and ta0,a2,MINUS4
- mflo ta3
- mfhi ta2
- sd ta3,-16(a0)
- sd ta2,-8(a0)
-
- .set noreorder
- bgtzl ta0,.L_bn_sqr_words_loop
- ld t0,0(a1)
-
- bnezl a2,.L_bn_sqr_words_tail
- ld t0,0(a1)
- .set reorder
-
-.L_bn_sqr_words_return:
- move v0,zero
- jr ra
-
-.L_bn_sqr_words_tail:
- dmultu t0,t0
- subu a2,1
- mflo t1
- mfhi t0
- sd t1,0(a0)
- sd t0,8(a0)
- beqz a2,.L_bn_sqr_words_return
-
- ld t0,8(a1)
- dmultu t0,t0
- subu a2,1
- mflo t1
- mfhi t0
- sd t1,16(a0)
- sd t0,24(a0)
- beqz a2,.L_bn_sqr_words_return
-
- ld t0,16(a1)
- dmultu t0,t0
- mflo t1
- mfhi t0
- sd t1,32(a0)
- sd t0,40(a0)
- jr ra
-END(bn_sqr_words)
-
-.align 5
-LEAF(bn_add_words)
- .set noreorder
- bgtzl a3,.L_bn_add_words_proceed
- ld t0,0(a1)
- jr ra
- move v0,zero
- .set reorder
-
-.L_bn_add_words_proceed:
- li MINUS4,-4
- and AT,a3,MINUS4
- move v0,zero
- beqz AT,.L_bn_add_words_tail
-
-.L_bn_add_words_loop:
- ld ta0,0(a2)
- subu a3,4
- ld t1,8(a1)
- and AT,a3,MINUS4
- ld t2,16(a1)
- PTR_ADD a2,32
- ld t3,24(a1)
- PTR_ADD a0,32
- ld ta1,-24(a2)
- PTR_ADD a1,32
- ld ta2,-16(a2)
- ld ta3,-8(a2)
- daddu ta0,t0
- sltu t8,ta0,t0
- daddu t0,ta0,v0
- sltu v0,t0,ta0
- sd t0,-32(a0)
- daddu v0,t8
-
- daddu ta1,t1
- sltu t9,ta1,t1
- daddu t1,ta1,v0
- sltu v0,t1,ta1
- sd t1,-24(a0)
- daddu v0,t9
-
- daddu ta2,t2
- sltu t8,ta2,t2
- daddu t2,ta2,v0
- sltu v0,t2,ta2
- sd t2,-16(a0)
- daddu v0,t8
-
- daddu ta3,t3
- sltu t9,ta3,t3
- daddu t3,ta3,v0
- sltu v0,t3,ta3
- sd t3,-8(a0)
- daddu v0,t9
-
- .set noreorder
- bgtzl AT,.L_bn_add_words_loop
- ld t0,0(a1)
-
- bnezl a3,.L_bn_add_words_tail
- ld t0,0(a1)
- .set reorder
-
-.L_bn_add_words_return:
- jr ra
-
-.L_bn_add_words_tail:
- ld ta0,0(a2)
- daddu ta0,t0
- subu a3,1
- sltu t8,ta0,t0
- daddu t0,ta0,v0
- sltu v0,t0,ta0
- sd t0,0(a0)
- daddu v0,t8
- beqz a3,.L_bn_add_words_return
-
- ld t1,8(a1)
- ld ta1,8(a2)
- daddu ta1,t1
- subu a3,1
- sltu t9,ta1,t1
- daddu t1,ta1,v0
- sltu v0,t1,ta1
- sd t1,8(a0)
- daddu v0,t9
- beqz a3,.L_bn_add_words_return
-
- ld t2,16(a1)
- ld ta2,16(a2)
- daddu ta2,t2
- sltu t8,ta2,t2
- daddu t2,ta2,v0
- sltu v0,t2,ta2
- sd t2,16(a0)
- daddu v0,t8
- jr ra
-END(bn_add_words)
-
-.align 5
-LEAF(bn_sub_words)
- .set noreorder
- bgtzl a3,.L_bn_sub_words_proceed
- ld t0,0(a1)
- jr ra
- move v0,zero
- .set reorder
-
-.L_bn_sub_words_proceed:
- li MINUS4,-4
- and AT,a3,MINUS4
- move v0,zero
- beqz AT,.L_bn_sub_words_tail
-
-.L_bn_sub_words_loop:
- ld ta0,0(a2)
- subu a3,4
- ld t1,8(a1)
- and AT,a3,MINUS4
- ld t2,16(a1)
- PTR_ADD a2,32
- ld t3,24(a1)
- PTR_ADD a0,32
- ld ta1,-24(a2)
- PTR_ADD a1,32
- ld ta2,-16(a2)
- ld ta3,-8(a2)
- sltu t8,t0,ta0
- dsubu t0,ta0
- dsubu ta0,t0,v0
- sd ta0,-32(a0)
- MOVNZ (t0,v0,t8)
-
- sltu t9,t1,ta1
- dsubu t1,ta1
- dsubu ta1,t1,v0
- sd ta1,-24(a0)
- MOVNZ (t1,v0,t9)
-
-
- sltu t8,t2,ta2
- dsubu t2,ta2
- dsubu ta2,t2,v0
- sd ta2,-16(a0)
- MOVNZ (t2,v0,t8)
-
- sltu t9,t3,ta3
- dsubu t3,ta3
- dsubu ta3,t3,v0
- sd ta3,-8(a0)
- MOVNZ (t3,v0,t9)
-
- .set noreorder
- bgtzl AT,.L_bn_sub_words_loop
- ld t0,0(a1)
-
- bnezl a3,.L_bn_sub_words_tail
- ld t0,0(a1)
- .set reorder
-
-.L_bn_sub_words_return:
- jr ra
-
-.L_bn_sub_words_tail:
- ld ta0,0(a2)
- subu a3,1
- sltu t8,t0,ta0
- dsubu t0,ta0
- dsubu ta0,t0,v0
- MOVNZ (t0,v0,t8)
- sd ta0,0(a0)
- beqz a3,.L_bn_sub_words_return
-
- ld t1,8(a1)
- subu a3,1
- ld ta1,8(a2)
- sltu t9,t1,ta1
- dsubu t1,ta1
- dsubu ta1,t1,v0
- MOVNZ (t1,v0,t9)
- sd ta1,8(a0)
- beqz a3,.L_bn_sub_words_return
-
- ld t2,16(a1)
- ld ta2,16(a2)
- sltu t8,t2,ta2
- dsubu t2,ta2
- dsubu ta2,t2,v0
- MOVNZ (t2,v0,t8)
- sd ta2,16(a0)
- jr ra
-END(bn_sub_words)
-
-#undef MINUS4
-
-.align 5
-LEAF(bn_div_3_words)
- .set reorder
- move a3,a0 /* we know that bn_div_words doesn't
- * touch a3, ta2, ta3 and preserves a2
- * so that we can save two arguments
- * and return address in registers
- * instead of stack:-)
- */
- ld a0,(a3)
- move ta2,a1
- ld a1,-8(a3)
- bne a0,a2,.L_bn_div_3_words_proceed
- li v0,-1
- jr ra
-.L_bn_div_3_words_proceed:
- move ta3,ra
- bal bn_div_words
- move ra,ta3
- dmultu ta2,v0
- ld t2,-16(a3)
- move ta0,zero
- mfhi t1
- mflo t0
- sltu t8,t1,v1
-.L_bn_div_3_words_inner_loop:
- bnez t8,.L_bn_div_3_words_inner_loop_done
- sgeu AT,t2,t0
- seq t9,t1,v1
- and AT,t9
- sltu t3,t0,ta2
- daddu v1,a2
- dsubu t1,t3
- dsubu t0,ta2
- sltu t8,t1,v1
- sltu ta0,v1,a2
- or t8,ta0
- .set noreorder
- beqzl AT,.L_bn_div_3_words_inner_loop
- dsubu v0,1
- .set reorder
-.L_bn_div_3_words_inner_loop_done:
- jr ra
-END(bn_div_3_words)
-
-.align 5
-LEAF(bn_div_words)
- .set noreorder
- bnezl a2,.L_bn_div_words_proceed
- move v1,zero
- jr ra
- li v0,-1 /* I'd rather signal div-by-zero
- * which can be done with 'break 7' */
-
-.L_bn_div_words_proceed:
- bltz a2,.L_bn_div_words_body
- move t9,v1
- dsll a2,1
- bgtz a2,.-4
- addu t9,1
-
- .set reorder
- negu t1,t9
- li t2,-1
- dsll t2,t1
- and t2,a0
- dsrl AT,a1,t1
- .set noreorder
- bnezl t2,.+8
- break 6 /* signal overflow */
- .set reorder
- dsll a0,t9
- dsll a1,t9
- or a0,AT
-
-#define QT ta0
-#define HH ta1
-#define DH v1
-.L_bn_div_words_body:
- dsrl DH,a2,32
- sgeu AT,a0,a2
- .set noreorder
- bnezl AT,.+8
- dsubu a0,a2
- .set reorder
-
- li QT,-1
- dsrl HH,a0,32
- dsrl QT,32 /* q=0xffffffff */
- beq DH,HH,.L_bn_div_words_skip_div1
- ddivu zero,a0,DH
- mflo QT
-.L_bn_div_words_skip_div1:
- dmultu a2,QT
- dsll t3,a0,32
- dsrl AT,a1,32
- or t3,AT
- mflo t0
- mfhi t1
-.L_bn_div_words_inner_loop1:
- sltu t2,t3,t0
- seq t8,HH,t1
- sltu AT,HH,t1
- and t2,t8
- sltu v0,t0,a2
- or AT,t2
- .set noreorder
- beqz AT,.L_bn_div_words_inner_loop1_done
- dsubu t1,v0
- dsubu t0,a2
- b .L_bn_div_words_inner_loop1
- dsubu QT,1
- .set reorder
-.L_bn_div_words_inner_loop1_done:
-
- dsll a1,32
- dsubu a0,t3,t0
- dsll v0,QT,32
-
- li QT,-1
- dsrl HH,a0,32
- dsrl QT,32 /* q=0xffffffff */
- beq DH,HH,.L_bn_div_words_skip_div2
- ddivu zero,a0,DH
- mflo QT
-.L_bn_div_words_skip_div2:
-#undef DH
- dmultu a2,QT
- dsll t3,a0,32
- dsrl AT,a1,32
- or t3,AT
- mflo t0
- mfhi t1
-.L_bn_div_words_inner_loop2:
- sltu t2,t3,t0
- seq t8,HH,t1
- sltu AT,HH,t1
- and t2,t8
- sltu v1,t0,a2
- or AT,t2
- .set noreorder
- beqz AT,.L_bn_div_words_inner_loop2_done
- dsubu t1,v1
- dsubu t0,a2
- b .L_bn_div_words_inner_loop2
- dsubu QT,1
- .set reorder
-.L_bn_div_words_inner_loop2_done:
-#undef HH
-
- dsubu a0,t3,t0
- or v0,QT
- dsrl v1,a0,t9 /* v1 contains remainder if anybody wants it */
- dsrl a2,t9 /* restore a2 */
- jr ra
-#undef QT
-END(bn_div_words)
-
-#define a_0 t0
-#define a_1 t1
-#define a_2 t2
-#define a_3 t3
-#define b_0 ta0
-#define b_1 ta1
-#define b_2 ta2
-#define b_3 ta3
-
-#define a_4 s0
-#define a_5 s2
-#define a_6 s4
-#define a_7 a1 /* once we load a[7] we don't need a anymore */
-#define b_4 s1
-#define b_5 s3
-#define b_6 s5
-#define b_7 a2 /* once we load b[7] we don't need b anymore */
-
-#define t_1 t8
-#define t_2 t9
-
-#define c_1 v0
-#define c_2 v1
-#define c_3 a3
-
-#define FRAME_SIZE 48
-
-.align 5
-LEAF(bn_mul_comba8)
- .set noreorder
- PTR_SUB sp,FRAME_SIZE
- .frame sp,64,ra
- .set reorder
- ld a_0,0(a1) /* If compiled with -mips3 option on
- * R5000 box assembler barks on this
- * line with "shouldn't have mult/div
- * as last instruction in bb (R10K
- * bug)" warning. If anybody out there
- * has a clue about how to circumvent
- * this do send me a note.
- * <appro at fy.chalmers.se>
- */
- ld b_0,0(a2)
- ld a_1,8(a1)
- ld a_2,16(a1)
- ld a_3,24(a1)
- ld b_1,8(a2)
- ld b_2,16(a2)
- ld b_3,24(a2)
- dmultu a_0,b_0 /* mul_add_c(a[0],b[0],c1,c2,c3); */
- sd s0,0(sp)
- sd s1,8(sp)
- sd s2,16(sp)
- sd s3,24(sp)
- sd s4,32(sp)
- sd s5,40(sp)
- mflo c_1
- mfhi c_2
-
- dmultu a_0,b_1 /* mul_add_c(a[0],b[1],c2,c3,c1); */
- ld a_4,32(a1)
- ld a_5,40(a1)
- ld a_6,48(a1)
- ld a_7,56(a1)
- ld b_4,32(a2)
- ld b_5,40(a2)
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu c_3,t_2,AT
- dmultu a_1,b_0 /* mul_add_c(a[1],b[0],c2,c3,c1); */
- ld b_6,48(a2)
- ld b_7,56(a2)
- sd c_1,0(a0) /* r[0]=c1; */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu c_1,c_3,t_2
- sd c_2,8(a0) /* r[1]=c2; */
-
- dmultu a_2,b_0 /* mul_add_c(a[2],b[0],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- dmultu a_1,b_1 /* mul_add_c(a[1],b[1],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu c_2,c_1,t_2
- dmultu a_0,b_2 /* mul_add_c(a[0],b[2],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu AT,c_1,t_2
- daddu c_2,AT
- sd c_3,16(a0) /* r[2]=c3; */
-
- dmultu a_0,b_3 /* mul_add_c(a[0],b[3],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu c_3,c_2,t_2
- dmultu a_1,b_2 /* mul_add_c(a[1],b[2],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
- dmultu a_2,b_1 /* mul_add_c(a[2],b[1],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
- dmultu a_3,b_0 /* mul_add_c(a[3],b[0],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
- sd c_1,24(a0) /* r[3]=c1; */
-
- dmultu a_4,b_0 /* mul_add_c(a[4],b[0],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu c_1,c_3,t_2
- dmultu a_3,b_1 /* mul_add_c(a[3],b[1],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu AT,c_3,t_2
- daddu c_1,AT
- dmultu a_2,b_2 /* mul_add_c(a[2],b[2],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu AT,c_3,t_2
- daddu c_1,AT
- dmultu a_1,b_3 /* mul_add_c(a[1],b[3],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu AT,c_3,t_2
- daddu c_1,AT
- dmultu a_0,b_4 /* mul_add_c(a[0],b[4],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu AT,c_3,t_2
- daddu c_1,AT
- sd c_2,32(a0) /* r[4]=c2; */
-
- dmultu a_0,b_5 /* mul_add_c(a[0],b[5],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu c_2,c_1,t_2
- dmultu a_1,b_4 /* mul_add_c(a[1],b[4],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu AT,c_1,t_2
- daddu c_2,AT
- dmultu a_2,b_3 /* mul_add_c(a[2],b[3],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu AT,c_1,t_2
- daddu c_2,AT
- dmultu a_3,b_2 /* mul_add_c(a[3],b[2],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu AT,c_1,t_2
- daddu c_2,AT
- dmultu a_4,b_1 /* mul_add_c(a[4],b[1],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu AT,c_1,t_2
- daddu c_2,AT
- dmultu a_5,b_0 /* mul_add_c(a[5],b[0],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu AT,c_1,t_2
- daddu c_2,AT
- sd c_3,40(a0) /* r[5]=c3; */
-
- dmultu a_6,b_0 /* mul_add_c(a[6],b[0],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu c_3,c_2,t_2
- dmultu a_5,b_1 /* mul_add_c(a[5],b[1],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
- dmultu a_4,b_2 /* mul_add_c(a[4],b[2],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
- dmultu a_3,b_3 /* mul_add_c(a[3],b[3],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
- dmultu a_2,b_4 /* mul_add_c(a[2],b[4],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
- dmultu a_1,b_5 /* mul_add_c(a[1],b[5],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
- dmultu a_0,b_6 /* mul_add_c(a[0],b[6],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
- sd c_1,48(a0) /* r[6]=c1; */
-
- dmultu a_0,b_7 /* mul_add_c(a[0],b[7],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu c_1,c_3,t_2
- dmultu a_1,b_6 /* mul_add_c(a[1],b[6],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu AT,c_3,t_2
- daddu c_1,AT
- dmultu a_2,b_5 /* mul_add_c(a[2],b[5],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu AT,c_3,t_2
- daddu c_1,AT
- dmultu a_3,b_4 /* mul_add_c(a[3],b[4],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu AT,c_3,t_2
- daddu c_1,AT
- dmultu a_4,b_3 /* mul_add_c(a[4],b[3],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu AT,c_3,t_2
- daddu c_1,AT
- dmultu a_5,b_2 /* mul_add_c(a[5],b[2],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu AT,c_3,t_2
- daddu c_1,AT
- dmultu a_6,b_1 /* mul_add_c(a[6],b[1],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu AT,c_3,t_2
- daddu c_1,AT
- dmultu a_7,b_0 /* mul_add_c(a[7],b[0],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu AT,c_3,t_2
- daddu c_1,AT
- sd c_2,56(a0) /* r[7]=c2; */
-
- dmultu a_7,b_1 /* mul_add_c(a[7],b[1],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu c_2,c_1,t_2
- dmultu a_6,b_2 /* mul_add_c(a[6],b[2],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu AT,c_1,t_2
- daddu c_2,AT
- dmultu a_5,b_3 /* mul_add_c(a[5],b[3],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu AT,c_1,t_2
- daddu c_2,AT
- dmultu a_4,b_4 /* mul_add_c(a[4],b[4],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu AT,c_1,t_2
- daddu c_2,AT
- dmultu a_3,b_5 /* mul_add_c(a[3],b[5],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu AT,c_1,t_2
- daddu c_2,AT
- dmultu a_2,b_6 /* mul_add_c(a[2],b[6],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu AT,c_1,t_2
- daddu c_2,AT
- dmultu a_1,b_7 /* mul_add_c(a[1],b[7],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu AT,c_1,t_2
- daddu c_2,AT
- sd c_3,64(a0) /* r[8]=c3; */
-
- dmultu a_2,b_7 /* mul_add_c(a[2],b[7],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu c_3,c_2,t_2
- dmultu a_3,b_6 /* mul_add_c(a[3],b[6],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
- dmultu a_4,b_5 /* mul_add_c(a[4],b[5],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
- dmultu a_5,b_4 /* mul_add_c(a[5],b[4],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
- dmultu a_6,b_3 /* mul_add_c(a[6],b[3],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
- dmultu a_7,b_2 /* mul_add_c(a[7],b[2],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
- sd c_1,72(a0) /* r[9]=c1; */
-
- dmultu a_7,b_3 /* mul_add_c(a[7],b[3],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu c_1,c_3,t_2
- dmultu a_6,b_4 /* mul_add_c(a[6],b[4],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu AT,c_3,t_2
- daddu c_1,AT
- dmultu a_5,b_5 /* mul_add_c(a[5],b[5],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu AT,c_3,t_2
- daddu c_1,AT
- dmultu a_4,b_6 /* mul_add_c(a[4],b[6],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu AT,c_3,t_2
- daddu c_1,AT
- dmultu a_3,b_7 /* mul_add_c(a[3],b[7],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu AT,c_3,t_2
- daddu c_1,AT
- sd c_2,80(a0) /* r[10]=c2; */
-
- dmultu a_4,b_7 /* mul_add_c(a[4],b[7],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu c_2,c_1,t_2
- dmultu a_5,b_6 /* mul_add_c(a[5],b[6],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu AT,c_1,t_2
- daddu c_2,AT
- dmultu a_6,b_5 /* mul_add_c(a[6],b[5],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu AT,c_1,t_2
- daddu c_2,AT
- dmultu a_7,b_4 /* mul_add_c(a[7],b[4],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu AT,c_1,t_2
- daddu c_2,AT
- sd c_3,88(a0) /* r[11]=c3; */
-
- dmultu a_7,b_5 /* mul_add_c(a[7],b[5],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu c_3,c_2,t_2
- dmultu a_6,b_6 /* mul_add_c(a[6],b[6],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
- dmultu a_5,b_7 /* mul_add_c(a[5],b[7],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
- sd c_1,96(a0) /* r[12]=c1; */
-
- dmultu a_6,b_7 /* mul_add_c(a[6],b[7],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu c_1,c_3,t_2
- dmultu a_7,b_6 /* mul_add_c(a[7],b[6],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu AT,c_3,t_2
- daddu c_1,AT
- sd c_2,104(a0) /* r[13]=c2; */
-
- dmultu a_7,b_7 /* mul_add_c(a[7],b[7],c3,c1,c2); */
- ld s0,0(sp)
- ld s1,8(sp)
- ld s2,16(sp)
- ld s3,24(sp)
- ld s4,32(sp)
- ld s5,40(sp)
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sd c_3,112(a0) /* r[14]=c3; */
- sd c_1,120(a0) /* r[15]=c1; */
-
- PTR_ADD sp,FRAME_SIZE
-
- jr ra
-END(bn_mul_comba8)
-
-.align 5
-LEAF(bn_mul_comba4)
- .set reorder
- ld a_0,0(a1)
- ld b_0,0(a2)
- ld a_1,8(a1)
- ld a_2,16(a1)
- dmultu a_0,b_0 /* mul_add_c(a[0],b[0],c1,c2,c3); */
- ld a_3,24(a1)
- ld b_1,8(a2)
- ld b_2,16(a2)
- ld b_3,24(a2)
- mflo c_1
- mfhi c_2
- sd c_1,0(a0)
-
- dmultu a_0,b_1 /* mul_add_c(a[0],b[1],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu c_3,t_2,AT
- dmultu a_1,b_0 /* mul_add_c(a[1],b[0],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu c_1,c_3,t_2
- sd c_2,8(a0)
-
- dmultu a_2,b_0 /* mul_add_c(a[2],b[0],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- dmultu a_1,b_1 /* mul_add_c(a[1],b[1],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu c_2,c_1,t_2
- dmultu a_0,b_2 /* mul_add_c(a[0],b[2],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu AT,c_1,t_2
- daddu c_2,AT
- sd c_3,16(a0)
-
- dmultu a_0,b_3 /* mul_add_c(a[0],b[3],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu c_3,c_2,t_2
- dmultu a_1,b_2 /* mul_add_c(a[1],b[2],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
- dmultu a_2,b_1 /* mul_add_c(a[2],b[1],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
- dmultu a_3,b_0 /* mul_add_c(a[3],b[0],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
- sd c_1,24(a0)
-
- dmultu a_3,b_1 /* mul_add_c(a[3],b[1],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu c_1,c_3,t_2
- dmultu a_2,b_2 /* mul_add_c(a[2],b[2],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu AT,c_3,t_2
- daddu c_1,AT
- dmultu a_1,b_3 /* mul_add_c(a[1],b[3],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu AT,c_3,t_2
- daddu c_1,AT
- sd c_2,32(a0)
-
- dmultu a_2,b_3 /* mul_add_c(a[2],b[3],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu c_2,c_1,t_2
- dmultu a_3,b_2 /* mul_add_c(a[3],b[2],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu AT,c_1,t_2
- daddu c_2,AT
- sd c_3,40(a0)
-
- dmultu a_3,b_3 /* mul_add_c(a[3],b[3],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sd c_1,48(a0)
- sd c_2,56(a0)
-
- jr ra
-END(bn_mul_comba4)
-
-#undef a_4
-#undef a_5
-#undef a_6
-#undef a_7
-#define a_4 b_0
-#define a_5 b_1
-#define a_6 b_2
-#define a_7 b_3
-
-.align 5
-LEAF(bn_sqr_comba8)
- .set reorder
- ld a_0,0(a1)
- ld a_1,8(a1)
- ld a_2,16(a1)
- ld a_3,24(a1)
-
- dmultu a_0,a_0 /* mul_add_c(a[0],b[0],c1,c2,c3); */
- ld a_4,32(a1)
- ld a_5,40(a1)
- ld a_6,48(a1)
- ld a_7,56(a1)
- mflo c_1
- mfhi c_2
- sd c_1,0(a0)
-
- dmultu a_0,a_1 /* mul_add_c2(a[0],b[1],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- slt c_1,t_2,zero
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu c_3,t_2,AT
- sd c_2,8(a0)
-
- dmultu a_2,a_0 /* mul_add_c2(a[2],b[0],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu c_3,t_1
- daddu AT,t_2
- sltu t_1,c_3,t_1
- daddu c_1,AT
- daddu t_2,t_1
- sltu c_2,c_1,AT
- daddu c_1,t_2
- sltu t_2,c_1,t_2
- daddu c_2,t_2
- dmultu a_1,a_1 /* mul_add_c(a[1],b[1],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu AT,c_1,t_2
- daddu c_2,AT
- sd c_3,16(a0)
-
- dmultu a_0,a_3 /* mul_add_c2(a[0],b[3],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu c_1,t_1
- daddu AT,t_2
- sltu t_1,c_1,t_1
- daddu c_2,AT
- daddu t_2,t_1
- sltu c_3,c_2,AT
- daddu c_2,t_2
- sltu t_2,c_2,t_2
- daddu c_3,t_2
- dmultu a_1,a_2 /* mul_add_c2(a[1],b[2],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu c_1,t_1
- daddu AT,t_2
- sltu t_1,c_1,t_1
- daddu c_2,AT
- daddu t_2,t_1
- sltu AT,c_2,AT
- daddu c_2,t_2
- daddu c_3,AT
- sltu t_2,c_2,t_2
- daddu c_3,t_2
- sd c_1,24(a0)
-
- dmultu a_4,a_0 /* mul_add_c2(a[4],b[0],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu c_2,t_1
- daddu AT,t_2
- sltu t_1,c_2,t_1
- daddu c_3,AT
- daddu t_2,t_1
- sltu c_1,c_3,AT
- daddu c_3,t_2
- sltu t_2,c_3,t_2
- daddu c_1,t_2
- dmultu a_3,a_1 /* mul_add_c2(a[3],b[1],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu c_2,t_1
- daddu AT,t_2
- sltu t_1,c_2,t_1
- daddu c_3,AT
- daddu t_2,t_1
- sltu AT,c_3,AT
- daddu c_3,t_2
- daddu c_1,AT
- sltu t_2,c_3,t_2
- daddu c_1,t_2
- dmultu a_2,a_2 /* mul_add_c(a[2],b[2],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu AT,c_3,t_2
- daddu c_1,AT
- sd c_2,32(a0)
-
- dmultu a_0,a_5 /* mul_add_c2(a[0],b[5],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu c_3,t_1
- daddu AT,t_2
- sltu t_1,c_3,t_1
- daddu c_1,AT
- daddu t_2,t_1
- sltu c_2,c_1,AT
- daddu c_1,t_2
- sltu t_2,c_1,t_2
- daddu c_2,t_2
- dmultu a_1,a_4 /* mul_add_c2(a[1],b[4],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu c_3,t_1
- daddu AT,t_2
- sltu t_1,c_3,t_1
- daddu c_1,AT
- daddu t_2,t_1
- sltu AT,c_1,AT
- daddu c_1,t_2
- daddu c_2,AT
- sltu t_2,c_1,t_2
- daddu c_2,t_2
- dmultu a_2,a_3 /* mul_add_c2(a[2],b[3],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu c_3,t_1
- daddu AT,t_2
- sltu t_1,c_3,t_1
- daddu c_1,AT
- daddu t_2,t_1
- sltu AT,c_1,AT
- daddu c_1,t_2
- daddu c_2,AT
- sltu t_2,c_1,t_2
- daddu c_2,t_2
- sd c_3,40(a0)
-
- dmultu a_6,a_0 /* mul_add_c2(a[6],b[0],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu c_1,t_1
- daddu AT,t_2
- sltu t_1,c_1,t_1
- daddu c_2,AT
- daddu t_2,t_1
- sltu c_3,c_2,AT
- daddu c_2,t_2
- sltu t_2,c_2,t_2
- daddu c_3,t_2
- dmultu a_5,a_1 /* mul_add_c2(a[5],b[1],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu c_1,t_1
- daddu AT,t_2
- sltu t_1,c_1,t_1
- daddu c_2,AT
- daddu t_2,t_1
- sltu AT,c_2,AT
- daddu c_2,t_2
- daddu c_3,AT
- sltu t_2,c_2,t_2
- daddu c_3,t_2
- dmultu a_4,a_2 /* mul_add_c2(a[4],b[2],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu c_1,t_1
- daddu AT,t_2
- sltu t_1,c_1,t_1
- daddu c_2,AT
- daddu t_2,t_1
- sltu AT,c_2,AT
- daddu c_2,t_2
- daddu c_3,AT
- sltu t_2,c_2,t_2
- daddu c_3,t_2
- dmultu a_3,a_3 /* mul_add_c(a[3],b[3],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
- sd c_1,48(a0)
-
- dmultu a_0,a_7 /* mul_add_c2(a[0],b[7],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu c_2,t_1
- daddu AT,t_2
- sltu t_1,c_2,t_1
- daddu c_3,AT
- daddu t_2,t_1
- sltu c_1,c_3,AT
- daddu c_3,t_2
- sltu t_2,c_3,t_2
- daddu c_1,t_2
- dmultu a_1,a_6 /* mul_add_c2(a[1],b[6],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu c_2,t_1
- daddu AT,t_2
- sltu t_1,c_2,t_1
- daddu c_3,AT
- daddu t_2,t_1
- sltu AT,c_3,AT
- daddu c_3,t_2
- daddu c_1,AT
- sltu t_2,c_3,t_2
- daddu c_1,t_2
- dmultu a_2,a_5 /* mul_add_c2(a[2],b[5],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu c_2,t_1
- daddu AT,t_2
- sltu t_1,c_2,t_1
- daddu c_3,AT
- daddu t_2,t_1
- sltu AT,c_3,AT
- daddu c_3,t_2
- daddu c_1,AT
- sltu t_2,c_3,t_2
- daddu c_1,t_2
- dmultu a_3,a_4 /* mul_add_c2(a[3],b[4],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu c_2,t_1
- daddu AT,t_2
- sltu t_1,c_2,t_1
- daddu c_3,AT
- daddu t_2,t_1
- sltu AT,c_3,AT
- daddu c_3,t_2
- daddu c_1,AT
- sltu t_2,c_3,t_2
- daddu c_1,t_2
- sd c_2,56(a0)
-
- dmultu a_7,a_1 /* mul_add_c2(a[7],b[1],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu c_3,t_1
- daddu AT,t_2
- sltu t_1,c_3,t_1
- daddu c_1,AT
- daddu t_2,t_1
- sltu c_2,c_1,AT
- daddu c_1,t_2
- sltu t_2,c_1,t_2
- daddu c_2,t_2
- dmultu a_6,a_2 /* mul_add_c2(a[6],b[2],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu c_3,t_1
- daddu AT,t_2
- sltu t_1,c_3,t_1
- daddu c_1,AT
- daddu t_2,t_1
- sltu AT,c_1,AT
- daddu c_1,t_2
- daddu c_2,AT
- sltu t_2,c_1,t_2
- daddu c_2,t_2
- dmultu a_5,a_3 /* mul_add_c2(a[5],b[3],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu c_3,t_1
- daddu AT,t_2
- sltu t_1,c_3,t_1
- daddu c_1,AT
- daddu t_2,t_1
- sltu AT,c_1,AT
- daddu c_1,t_2
- daddu c_2,AT
- sltu t_2,c_1,t_2
- daddu c_2,t_2
- dmultu a_4,a_4 /* mul_add_c(a[4],b[4],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu AT,c_1,t_2
- daddu c_2,AT
- sd c_3,64(a0)
-
- dmultu a_2,a_7 /* mul_add_c2(a[2],b[7],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu c_1,t_1
- daddu AT,t_2
- sltu t_1,c_1,t_1
- daddu c_2,AT
- daddu t_2,t_1
- sltu c_3,c_2,AT
- daddu c_2,t_2
- sltu t_2,c_2,t_2
- daddu c_3,t_2
- dmultu a_3,a_6 /* mul_add_c2(a[3],b[6],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu c_1,t_1
- daddu AT,t_2
- sltu t_1,c_1,t_1
- daddu c_2,AT
- daddu t_2,t_1
- sltu AT,c_2,AT
- daddu c_2,t_2
- daddu c_3,AT
- sltu t_2,c_2,t_2
- daddu c_3,t_2
- dmultu a_4,a_5 /* mul_add_c2(a[4],b[5],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu c_1,t_1
- daddu AT,t_2
- sltu t_1,c_1,t_1
- daddu c_2,AT
- daddu t_2,t_1
- sltu AT,c_2,AT
- daddu c_2,t_2
- daddu c_3,AT
- sltu t_2,c_2,t_2
- daddu c_3,t_2
- sd c_1,72(a0)
-
- dmultu a_7,a_3 /* mul_add_c2(a[7],b[3],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu c_2,t_1
- daddu AT,t_2
- sltu t_1,c_2,t_1
- daddu c_3,AT
- daddu t_2,t_1
- sltu c_1,c_3,AT
- daddu c_3,t_2
- sltu t_2,c_3,t_2
- daddu c_1,t_2
- dmultu a_6,a_4 /* mul_add_c2(a[6],b[4],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu c_2,t_1
- daddu AT,t_2
- sltu t_1,c_2,t_1
- daddu c_3,AT
- daddu t_2,t_1
- sltu AT,c_3,AT
- daddu c_3,t_2
- daddu c_1,AT
- sltu t_2,c_3,t_2
- daddu c_1,t_2
- dmultu a_5,a_5 /* mul_add_c(a[5],b[5],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu AT,c_3,t_2
- daddu c_1,AT
- sd c_2,80(a0)
-
- dmultu a_4,a_7 /* mul_add_c2(a[4],b[7],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu c_3,t_1
- daddu AT,t_2
- sltu t_1,c_3,t_1
- daddu c_1,AT
- daddu t_2,t_1
- sltu c_2,c_1,AT
- daddu c_1,t_2
- sltu t_2,c_1,t_2
- daddu c_2,t_2
- dmultu a_5,a_6 /* mul_add_c2(a[5],b[6],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu c_3,t_1
- daddu AT,t_2
- sltu t_1,c_3,t_1
- daddu c_1,AT
- daddu t_2,t_1
- sltu AT,c_1,AT
- daddu c_1,t_2
- daddu c_2,AT
- sltu t_2,c_1,t_2
- daddu c_2,t_2
- sd c_3,88(a0)
-
- dmultu a_7,a_5 /* mul_add_c2(a[7],b[5],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu c_1,t_1
- daddu AT,t_2
- sltu t_1,c_1,t_1
- daddu c_2,AT
- daddu t_2,t_1
- sltu c_3,c_2,AT
- daddu c_2,t_2
- sltu t_2,c_2,t_2
- daddu c_3,t_2
- dmultu a_6,a_6 /* mul_add_c(a[6],b[6],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
- sd c_1,96(a0)
-
- dmultu a_6,a_7 /* mul_add_c2(a[6],b[7],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu c_2,t_1
- daddu AT,t_2
- sltu t_1,c_2,t_1
- daddu c_3,AT
- daddu t_2,t_1
- sltu c_1,c_3,AT
- daddu c_3,t_2
- sltu t_2,c_3,t_2
- daddu c_1,t_2
- sd c_2,104(a0)
-
- dmultu a_7,a_7 /* mul_add_c(a[7],b[7],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sd c_3,112(a0)
- sd c_1,120(a0)
-
- jr ra
-END(bn_sqr_comba8)
-
-.align 5
-LEAF(bn_sqr_comba4)
- .set reorder
- ld a_0,0(a1)
- ld a_1,8(a1)
- dmultu a_0,a_0 /* mul_add_c(a[0],b[0],c1,c2,c3); */
- ld a_2,16(a1)
- ld a_3,24(a1)
- mflo c_1
- mfhi c_2
- sd c_1,0(a0)
-
- dmultu a_0,a_1 /* mul_add_c2(a[0],b[1],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- slt c_1,t_2,zero
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu c_3,t_2,AT
- sd c_2,8(a0)
-
- dmultu a_2,a_0 /* mul_add_c2(a[2],b[0],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu c_3,t_1
- daddu AT,t_2
- sltu t_1,c_3,t_1
- daddu c_1,AT
- daddu t_2,t_1
- sltu c_2,c_1,AT
- daddu c_1,t_2
- sltu t_2,c_1,t_2
- daddu c_2,t_2
- dmultu a_1,a_1 /* mul_add_c(a[1],b[1],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu t_2,AT
- daddu c_1,t_2
- sltu AT,c_1,t_2
- daddu c_2,AT
- sd c_3,16(a0)
-
- dmultu a_0,a_3 /* mul_add_c2(a[0],b[3],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu c_1,t_1
- daddu AT,t_2
- sltu t_1,c_1,t_1
- daddu c_2,AT
- daddu t_2,t_1
- sltu c_3,c_2,AT
- daddu c_2,t_2
- sltu t_2,c_2,t_2
- daddu c_3,t_2
- dmultu a_1,a_2 /* mul_add_c(a2[1],b[2],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu c_1,t_1
- daddu AT,t_2
- sltu t_1,c_1,t_1
- daddu c_2,AT
- daddu t_2,t_1
- sltu AT,c_2,AT
- daddu c_2,t_2
- daddu c_3,AT
- sltu t_2,c_2,t_2
- daddu c_3,t_2
- sd c_1,24(a0)
-
- dmultu a_3,a_1 /* mul_add_c2(a[3],b[1],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu c_2,t_1
- daddu AT,t_2
- sltu t_1,c_2,t_1
- daddu c_3,AT
- daddu t_2,t_1
- sltu c_1,c_3,AT
- daddu c_3,t_2
- sltu t_2,c_3,t_2
- daddu c_1,t_2
- dmultu a_2,a_2 /* mul_add_c(a[2],b[2],c2,c3,c1); */
- mflo t_1
- mfhi t_2
- daddu c_2,t_1
- sltu AT,c_2,t_1
- daddu t_2,AT
- daddu c_3,t_2
- sltu AT,c_3,t_2
- daddu c_1,AT
- sd c_2,32(a0)
-
- dmultu a_2,a_3 /* mul_add_c2(a[2],b[3],c3,c1,c2); */
- mflo t_1
- mfhi t_2
- daddu c_3,t_1
- sltu AT,c_3,t_1
- daddu c_3,t_1
- daddu AT,t_2
- sltu t_1,c_3,t_1
- daddu c_1,AT
- daddu t_2,t_1
- sltu c_2,c_1,AT
- daddu c_1,t_2
- sltu t_2,c_1,t_2
- daddu c_2,t_2
- sd c_3,40(a0)
-
- dmultu a_3,a_3 /* mul_add_c(a[3],b[3],c1,c2,c3); */
- mflo t_1
- mfhi t_2
- daddu c_1,t_1
- sltu AT,c_1,t_1
- daddu t_2,AT
- daddu c_2,t_2
- sd c_1,48(a0)
- sd c_2,56(a0)
-
- jr ra
-END(bn_sqr_comba4)
Copied: trunk/crypto/openssl/crypto/bn/asm/modexp512-x86_64.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/bn/asm/modexp512-x86_64.pl)
===================================================================
--- trunk/crypto/openssl/crypto/bn/asm/modexp512-x86_64.pl (rev 0)
+++ trunk/crypto/openssl/crypto/bn/asm/modexp512-x86_64.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,1497 @@
+#!/usr/bin/env perl
+#
+# Copyright (c) 2010-2011 Intel Corp.
+# Author: Vinodh.Gopal at intel.com
+# Jim Guilford
+# Erdinc.Ozturk at intel.com
+# Maxim.Perminov at intel.com
+#
+# More information about algorithm used can be found at:
+# http://www.cse.buffalo.edu/srds2009/escs2009_submission_Gopal.pdf
+#
+# ====================================================================
+# Copyright (c) 2011 The OpenSSL Project. All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+#
+# 1. Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+#
+# 2. Redistributions in binary form must reproduce the above copyright
+# notice, this list of conditions and the following disclaimer in
+# the documentation and/or other materials provided with the
+# distribution.
+#
+# 3. All advertising materials mentioning features or use of this
+# software must display the following acknowledgment:
+# "This product includes software developed by the OpenSSL Project
+# for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+#
+# 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+# endorse or promote products derived from this software without
+# prior written permission. For written permission, please contact
+# licensing at OpenSSL.org.
+#
+# 5. Products derived from this software may not be called "OpenSSL"
+# nor may "OpenSSL" appear in their names without prior written
+# permission of the OpenSSL Project.
+#
+# 6. Redistributions of any form whatsoever must retain the following
+# acknowledgment:
+# "This product includes software developed by the OpenSSL Project
+# for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+#
+# THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+# ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+# OF THE POSSIBILITY OF SUCH DAMAGE.
+# ====================================================================
+
+$flavour = shift;
+$output = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+
+my $win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
+die "can't locate x86_64-xlate.pl";
+
+open OUT,"| \"$^X\" $xlate $flavour $output";
+*STDOUT=*OUT;
+
+use strict;
+my $code=".text\n\n";
+my $m=0;
+
+#
+# Define x512 macros
+#
+
+#MULSTEP_512_ADD MACRO x7, x6, x5, x4, x3, x2, x1, x0, dst, src1, src2, add_src, tmp1, tmp2
+#
+# uses rax, rdx, and args
+sub MULSTEP_512_ADD
+{
+ my ($x, $DST, $SRC2, $ASRC, $OP, $TMP)=@_;
+ my @X=@$x; # make a copy
+$code.=<<___;
+ mov (+8*0)($SRC2), %rax
+ mul $OP # rdx:rax = %OP * [0]
+ mov ($ASRC), $X[0]
+ add %rax, $X[0]
+ adc \$0, %rdx
+ mov $X[0], $DST
+___
+for(my $i=1;$i<8;$i++) {
+$code.=<<___;
+ mov %rdx, $TMP
+
+ mov (+8*$i)($SRC2), %rax
+ mul $OP # rdx:rax = %OP * [$i]
+ mov (+8*$i)($ASRC), $X[$i]
+ add %rax, $X[$i]
+ adc \$0, %rdx
+ add $TMP, $X[$i]
+ adc \$0, %rdx
+___
+}
+$code.=<<___;
+ mov %rdx, $X[0]
+___
+}
+
+#MULSTEP_512 MACRO x7, x6, x5, x4, x3, x2, x1, x0, dst, src2, src1_val, tmp
+#
+# uses rax, rdx, and args
+sub MULSTEP_512
+{
+ my ($x, $DST, $SRC2, $OP, $TMP)=@_;
+ my @X=@$x; # make a copy
+$code.=<<___;
+ mov (+8*0)($SRC2), %rax
+ mul $OP # rdx:rax = %OP * [0]
+ add %rax, $X[0]
+ adc \$0, %rdx
+ mov $X[0], $DST
+___
+for(my $i=1;$i<8;$i++) {
+$code.=<<___;
+ mov %rdx, $TMP
+
+ mov (+8*$i)($SRC2), %rax
+ mul $OP # rdx:rax = %OP * [$i]
+ add %rax, $X[$i]
+ adc \$0, %rdx
+ add $TMP, $X[$i]
+ adc \$0, %rdx
+___
+}
+$code.=<<___;
+ mov %rdx, $X[0]
+___
+}
+
+#
+# Swizzle Macros
+#
+
+# macro to copy data from flat space to swizzled table
+#MACRO swizzle pDst, pSrc, tmp1, tmp2
+# pDst and pSrc are modified
+sub swizzle
+{
+ my ($pDst, $pSrc, $cnt, $d0)=@_;
+$code.=<<___;
+ mov \$8, $cnt
+loop_$m:
+ mov ($pSrc), $d0
+ mov $d0#w, ($pDst)
+ shr \$16, $d0
+ mov $d0#w, (+64*1)($pDst)
+ shr \$16, $d0
+ mov $d0#w, (+64*2)($pDst)
+ shr \$16, $d0
+ mov $d0#w, (+64*3)($pDst)
+ lea 8($pSrc), $pSrc
+ lea 64*4($pDst), $pDst
+ dec $cnt
+ jnz loop_$m
+___
+
+ $m++;
+}
+
+# macro to copy data from swizzled table to flat space
+#MACRO unswizzle pDst, pSrc, tmp*3
+sub unswizzle
+{
+ my ($pDst, $pSrc, $cnt, $d0, $d1)=@_;
+$code.=<<___;
+ mov \$4, $cnt
+loop_$m:
+ movzxw (+64*3+256*0)($pSrc), $d0
+ movzxw (+64*3+256*1)($pSrc), $d1
+ shl \$16, $d0
+ shl \$16, $d1
+ mov (+64*2+256*0)($pSrc), $d0#w
+ mov (+64*2+256*1)($pSrc), $d1#w
+ shl \$16, $d0
+ shl \$16, $d1
+ mov (+64*1+256*0)($pSrc), $d0#w
+ mov (+64*1+256*1)($pSrc), $d1#w
+ shl \$16, $d0
+ shl \$16, $d1
+ mov (+64*0+256*0)($pSrc), $d0#w
+ mov (+64*0+256*1)($pSrc), $d1#w
+ mov $d0, (+8*0)($pDst)
+ mov $d1, (+8*1)($pDst)
+ lea 256*2($pSrc), $pSrc
+ lea 8*2($pDst), $pDst
+ sub \$1, $cnt
+ jnz loop_$m
+___
+
+ $m++;
+}
+
+#
+# Data Structures
+#
+
+# Reduce Data
+#
+#
+# Offset Value
+# 0C0 Carries
+# 0B8 X2[10]
+# 0B0 X2[9]
+# 0A8 X2[8]
+# 0A0 X2[7]
+# 098 X2[6]
+# 090 X2[5]
+# 088 X2[4]
+# 080 X2[3]
+# 078 X2[2]
+# 070 X2[1]
+# 068 X2[0]
+# 060 X1[12] P[10]
+# 058 X1[11] P[9] Z[8]
+# 050 X1[10] P[8] Z[7]
+# 048 X1[9] P[7] Z[6]
+# 040 X1[8] P[6] Z[5]
+# 038 X1[7] P[5] Z[4]
+# 030 X1[6] P[4] Z[3]
+# 028 X1[5] P[3] Z[2]
+# 020 X1[4] P[2] Z[1]
+# 018 X1[3] P[1] Z[0]
+# 010 X1[2] P[0] Y[2]
+# 008 X1[1] Q[1] Y[1]
+# 000 X1[0] Q[0] Y[0]
+
+my $X1_offset = 0; # 13 qwords
+my $X2_offset = $X1_offset + 13*8; # 11 qwords
+my $Carries_offset = $X2_offset + 11*8; # 1 qword
+my $Q_offset = 0; # 2 qwords
+my $P_offset = $Q_offset + 2*8; # 11 qwords
+my $Y_offset = 0; # 3 qwords
+my $Z_offset = $Y_offset + 3*8; # 9 qwords
+
+my $Red_Data_Size = $Carries_offset + 1*8; # (25 qwords)
+
+#
+# Stack Frame
+#
+#
+# offset value
+# ... <old stack contents>
+# ...
+# 280 Garray
+
+# 278 tmp16[15]
+# ... ...
+# 200 tmp16[0]
+
+# 1F8 tmp[7]
+# ... ...
+# 1C0 tmp[0]
+
+# 1B8 GT[7]
+# ... ...
+# 180 GT[0]
+
+# 178 Reduce Data
+# ... ...
+# 0B8 Reduce Data
+# 0B0 reserved
+# 0A8 reserved
+# 0A0 reserved
+# 098 reserved
+# 090 reserved
+# 088 reduce result addr
+# 080 exp[8]
+
+# ...
+# 048 exp[1]
+# 040 exp[0]
+
+# 038 reserved
+# 030 loop_idx
+# 028 pg
+# 020 i
+# 018 pData ; arg 4
+# 010 pG ; arg 2
+# 008 pResult ; arg 1
+# 000 rsp ; stack pointer before subtract
+
+my $rsp_offset = 0;
+my $pResult_offset = 8*1 + $rsp_offset;
+my $pG_offset = 8*1 + $pResult_offset;
+my $pData_offset = 8*1 + $pG_offset;
+my $i_offset = 8*1 + $pData_offset;
+my $pg_offset = 8*1 + $i_offset;
+my $loop_idx_offset = 8*1 + $pg_offset;
+my $reserved1_offset = 8*1 + $loop_idx_offset;
+my $exp_offset = 8*1 + $reserved1_offset;
+my $red_result_addr_offset= 8*9 + $exp_offset;
+my $reserved2_offset = 8*1 + $red_result_addr_offset;
+my $Reduce_Data_offset = 8*5 + $reserved2_offset;
+my $GT_offset = $Red_Data_Size + $Reduce_Data_offset;
+my $tmp_offset = 8*8 + $GT_offset;
+my $tmp16_offset = 8*8 + $tmp_offset;
+my $garray_offset = 8*16 + $tmp16_offset;
+my $mem_size = 8*8*32 + $garray_offset;
+
+#
+# Offsets within Reduce Data
+#
+#
+# struct MODF_2FOLD_MONT_512_C1_DATA {
+# UINT64 t[8][8];
+# UINT64 m[8];
+# UINT64 m1[8]; /* 2^768 % m */
+# UINT64 m2[8]; /* 2^640 % m */
+# UINT64 k1[2]; /* (- 1/m) % 2^128 */
+# };
+
+my $T = 0;
+my $M = 512; # = 8 * 8 * 8
+my $M1 = 576; # = 8 * 8 * 9 /* += 8 * 8 */
+my $M2 = 640; # = 8 * 8 * 10 /* += 8 * 8 */
+my $K1 = 704; # = 8 * 8 * 11 /* += 8 * 8 */
+
+#
+# FUNCTIONS
+#
+
+{{{
+#
+# MULADD_128x512 : Function to multiply 128-bits (2 qwords) by 512-bits (8 qwords)
+# and add 512-bits (8 qwords)
+# to get 640 bits (10 qwords)
+# Input: 128-bit mul source: [rdi+8*1], rbp
+# 512-bit mul source: [rsi+8*n]
+# 512-bit add source: r15, r14, ..., r9, r8
+# Output: r9, r8, r15, r14, r13, r12, r11, r10, [rcx+8*1], [rcx+8*0]
+# Clobbers all regs except: rcx, rsi, rdi
+$code.=<<___;
+.type MULADD_128x512,\@abi-omnipotent
+.align 16
+MULADD_128x512:
+___
+ &MULSTEP_512([map("%r$_",(8..15))], "(+8*0)(%rcx)", "%rsi", "%rbp", "%rbx");
+$code.=<<___;
+ mov (+8*1)(%rdi), %rbp
+___
+ &MULSTEP_512([map("%r$_",(9..15,8))], "(+8*1)(%rcx)", "%rsi", "%rbp", "%rbx");
+$code.=<<___;
+ ret
+.size MULADD_128x512,.-MULADD_128x512
+___
+}}}
+
+{{{
+#MULADD_256x512 MACRO pDst, pA, pB, OP, TMP, X7, X6, X5, X4, X3, X2, X1, X0
+#
+# Inputs: pDst: Destination (768 bits, 12 qwords)
+# pA: Multiplicand (1024 bits, 16 qwords)
+# pB: Multiplicand (512 bits, 8 qwords)
+# Dst = Ah * B + Al
+# where Ah is (in qwords) A[15:12] (256 bits) and Al is A[7:0] (512 bits)
+# Results in X3 X2 X1 X0 X7 X6 X5 X4 Dst[3:0]
+# Uses registers: arguments, RAX, RDX
+sub MULADD_256x512
+{
+ my ($pDst, $pA, $pB, $OP, $TMP, $X)=@_;
+$code.=<<___;
+ mov (+8*12)($pA), $OP
+___
+ &MULSTEP_512_ADD($X, "(+8*0)($pDst)", $pB, $pA, $OP, $TMP);
+ push(@$X,shift(@$X));
+
+$code.=<<___;
+ mov (+8*13)($pA), $OP
+___
+ &MULSTEP_512($X, "(+8*1)($pDst)", $pB, $OP, $TMP);
+ push(@$X,shift(@$X));
+
+$code.=<<___;
+ mov (+8*14)($pA), $OP
+___
+ &MULSTEP_512($X, "(+8*2)($pDst)", $pB, $OP, $TMP);
+ push(@$X,shift(@$X));
+
+$code.=<<___;
+ mov (+8*15)($pA), $OP
+___
+ &MULSTEP_512($X, "(+8*3)($pDst)", $pB, $OP, $TMP);
+ push(@$X,shift(@$X));
+}
+
+#
+# mont_reduce(UINT64 *x, /* 1024 bits, 16 qwords */
+# UINT64 *m, /* 512 bits, 8 qwords */
+# MODF_2FOLD_MONT_512_C1_DATA *data,
+# UINT64 *r) /* 512 bits, 8 qwords */
+# Input: x (number to be reduced): tmp16 (Implicit)
+# m (modulus): [pM] (Implicit)
+# data (reduce data): [pData] (Implicit)
+# Output: r (result): Address in [red_res_addr]
+# result also in: r9, r8, r15, r14, r13, r12, r11, r10
+
+my @X=map("%r$_",(8..15));
+
+$code.=<<___;
+.type mont_reduce,\@abi-omnipotent
+.align 16
+mont_reduce:
+___
+
+my $STACK_DEPTH = 8;
+ #
+ # X1 = Xh * M1 + Xl
+$code.=<<___;
+ lea (+$Reduce_Data_offset+$X1_offset+$STACK_DEPTH)(%rsp), %rdi # pX1 (Dst) 769 bits, 13 qwords
+ mov (+$pData_offset+$STACK_DEPTH)(%rsp), %rsi # pM1 (Bsrc) 512 bits, 8 qwords
+ add \$$M1, %rsi
+ lea (+$tmp16_offset+$STACK_DEPTH)(%rsp), %rcx # X (Asrc) 1024 bits, 16 qwords
+
+___
+
+ &MULADD_256x512("%rdi", "%rcx", "%rsi", "%rbp", "%rbx", \@X); # rotates @X 4 times
+ # results in r11, r10, r9, r8, r15, r14, r13, r12, X1[3:0]
+
+$code.=<<___;
+ xor %rax, %rax
+ # X1 += xl
+ add (+8*8)(%rcx), $X[4]
+ adc (+8*9)(%rcx), $X[5]
+ adc (+8*10)(%rcx), $X[6]
+ adc (+8*11)(%rcx), $X[7]
+ adc \$0, %rax
+ # X1 is now rax, r11-r8, r15-r12, tmp16[3:0]
+
+ #
+ # check for carry ;; carry stored in rax
+ mov $X[4], (+8*8)(%rdi) # rdi points to X1
+ mov $X[5], (+8*9)(%rdi)
+ mov $X[6], %rbp
+ mov $X[7], (+8*11)(%rdi)
+
+ mov %rax, (+$Reduce_Data_offset+$Carries_offset+$STACK_DEPTH)(%rsp)
+
+ mov (+8*0)(%rdi), $X[4]
+ mov (+8*1)(%rdi), $X[5]
+ mov (+8*2)(%rdi), $X[6]
+ mov (+8*3)(%rdi), $X[7]
+
+ # X1 is now stored in: X1[11], rbp, X1[9:8], r15-r8
+ # rdi -> X1
+ # rsi -> M1
+
+ #
+ # X2 = Xh * M2 + Xl
+ # do first part (X2 = Xh * M2)
+ add \$8*10, %rdi # rdi -> pXh ; 128 bits, 2 qwords
+ # Xh is actually { [rdi+8*1], rbp }
+ add \$`$M2-$M1`, %rsi # rsi -> M2
+ lea (+$Reduce_Data_offset+$X2_offset+$STACK_DEPTH)(%rsp), %rcx # rcx -> pX2 ; 641 bits, 11 qwords
+___
+ unshift(@X,pop(@X)); unshift(@X,pop(@X));
+$code.=<<___;
+
+ call MULADD_128x512 # args in rcx, rdi / rbp, rsi, r15-r8
+ # result in r9, r8, r15, r14, r13, r12, r11, r10, X2[1:0]
+ mov (+$Reduce_Data_offset+$Carries_offset+$STACK_DEPTH)(%rsp), %rax
+
+ # X2 += Xl
+ add (+8*8-8*10)(%rdi), $X[6] # (-8*10) is to adjust rdi -> Xh to Xl
+ adc (+8*9-8*10)(%rdi), $X[7]
+ mov $X[6], (+8*8)(%rcx)
+ mov $X[7], (+8*9)(%rcx)
+
+ adc %rax, %rax
+ mov %rax, (+$Reduce_Data_offset+$Carries_offset+$STACK_DEPTH)(%rsp)
+
+ lea (+$Reduce_Data_offset+$Q_offset+$STACK_DEPTH)(%rsp), %rdi # rdi -> pQ ; 128 bits, 2 qwords
+ add \$`$K1-$M2`, %rsi # rsi -> pK1 ; 128 bits, 2 qwords
+
+ # MUL_128x128t128 rdi, rcx, rsi ; Q = X2 * K1 (bottom half)
+ # B1:B0 = rsi[1:0] = K1[1:0]
+ # A1:A0 = rcx[1:0] = X2[1:0]
+ # Result = rdi[1],rbp = Q[1],rbp
+ mov (%rsi), %r8 # B0
+ mov (+8*1)(%rsi), %rbx # B1
+
+ mov (%rcx), %rax # A0
+ mul %r8 # B0
+ mov %rax, %rbp
+ mov %rdx, %r9
+
+ mov (+8*1)(%rcx), %rax # A1
+ mul %r8 # B0
+ add %rax, %r9
+
+ mov (%rcx), %rax # A0
+ mul %rbx # B1
+ add %rax, %r9
+
+ mov %r9, (+8*1)(%rdi)
+ # end MUL_128x128t128
+
+ sub \$`$K1-$M`, %rsi
+
+ mov (%rcx), $X[6]
+ mov (+8*1)(%rcx), $X[7] # r9:r8 = X2[1:0]
+
+ call MULADD_128x512 # args in rcx, rdi / rbp, rsi, r15-r8
+ # result in r9, r8, r15, r14, r13, r12, r11, r10, X2[1:0]
+
+ # load first half of m to rdx, rdi, rbx, rax
+ # moved this here for efficiency
+ mov (+8*0)(%rsi), %rax
+ mov (+8*1)(%rsi), %rbx
+ mov (+8*2)(%rsi), %rdi
+ mov (+8*3)(%rsi), %rdx
+
+ # continue with reduction
+ mov (+$Reduce_Data_offset+$Carries_offset+$STACK_DEPTH)(%rsp), %rbp
+
+ add (+8*8)(%rcx), $X[6]
+ adc (+8*9)(%rcx), $X[7]
+
+ #accumulate the final carry to rbp
+ adc %rbp, %rbp
+
+ # Add in overflow corrections: R = (X2>>128) += T[overflow]
+ # R = {r9, r8, r15, r14, ..., r10}
+ shl \$3, %rbp
+ mov (+$pData_offset+$STACK_DEPTH)(%rsp), %rcx # rsi -> Data (and points to T)
+ add %rcx, %rbp # pT ; 512 bits, 8 qwords, spread out
+
+ # rsi will be used to generate a mask after the addition
+ xor %rsi, %rsi
+
+ add (+8*8*0)(%rbp), $X[0]
+ adc (+8*8*1)(%rbp), $X[1]
+ adc (+8*8*2)(%rbp), $X[2]
+ adc (+8*8*3)(%rbp), $X[3]
+ adc (+8*8*4)(%rbp), $X[4]
+ adc (+8*8*5)(%rbp), $X[5]
+ adc (+8*8*6)(%rbp), $X[6]
+ adc (+8*8*7)(%rbp), $X[7]
+
+ # if there is a carry: rsi = 0xFFFFFFFFFFFFFFFF
+ # if carry is clear: rsi = 0x0000000000000000
+ sbb \$0, %rsi
+
+ # if carry is clear, subtract 0. Otherwise, subtract 256 bits of m
+ and %rsi, %rax
+ and %rsi, %rbx
+ and %rsi, %rdi
+ and %rsi, %rdx
+
+ mov \$1, %rbp
+ sub %rax, $X[0]
+ sbb %rbx, $X[1]
+ sbb %rdi, $X[2]
+ sbb %rdx, $X[3]
+
+ # if there is a borrow: rbp = 0
+ # if there is no borrow: rbp = 1
+ # this is used to save the borrows in between the first half and the 2nd half of the subtraction of m
+ sbb \$0, %rbp
+
+ #load second half of m to rdx, rdi, rbx, rax
+
+ add \$$M, %rcx
+ mov (+8*4)(%rcx), %rax
+ mov (+8*5)(%rcx), %rbx
+ mov (+8*6)(%rcx), %rdi
+ mov (+8*7)(%rcx), %rdx
+
+ # use the rsi mask as before
+ # if carry is clear, subtract 0. Otherwise, subtract 256 bits of m
+ and %rsi, %rax
+ and %rsi, %rbx
+ and %rsi, %rdi
+ and %rsi, %rdx
+
+ # if rbp = 0, there was a borrow before, it is moved to the carry flag
+ # if rbp = 1, there was not a borrow before, carry flag is cleared
+ sub \$1, %rbp
+
+ sbb %rax, $X[4]
+ sbb %rbx, $X[5]
+ sbb %rdi, $X[6]
+ sbb %rdx, $X[7]
+
+ # write R back to memory
+
+ mov (+$red_result_addr_offset+$STACK_DEPTH)(%rsp), %rsi
+ mov $X[0], (+8*0)(%rsi)
+ mov $X[1], (+8*1)(%rsi)
+ mov $X[2], (+8*2)(%rsi)
+ mov $X[3], (+8*3)(%rsi)
+ mov $X[4], (+8*4)(%rsi)
+ mov $X[5], (+8*5)(%rsi)
+ mov $X[6], (+8*6)(%rsi)
+ mov $X[7], (+8*7)(%rsi)
+
+ ret
+.size mont_reduce,.-mont_reduce
+___
+}}}
+
+{{{
+#MUL_512x512 MACRO pDst, pA, pB, x7, x6, x5, x4, x3, x2, x1, x0, tmp*2
+#
+# Inputs: pDst: Destination (1024 bits, 16 qwords)
+# pA: Multiplicand (512 bits, 8 qwords)
+# pB: Multiplicand (512 bits, 8 qwords)
+# Uses registers rax, rdx, args
+# B operand in [pB] and also in x7...x0
+sub MUL_512x512
+{
+ my ($pDst, $pA, $pB, $x, $OP, $TMP, $pDst_o)=@_;
+ my ($pDst, $pDst_o) = ($pDst =~ m/([^+]*)\+?(.*)?/);
+ my @X=@$x; # make a copy
+
+$code.=<<___;
+ mov (+8*0)($pA), $OP
+
+ mov $X[0], %rax
+ mul $OP # rdx:rax = %OP * [0]
+ mov %rax, (+$pDst_o+8*0)($pDst)
+ mov %rdx, $X[0]
+___
+for(my $i=1;$i<8;$i++) {
+$code.=<<___;
+ mov $X[$i], %rax
+ mul $OP # rdx:rax = %OP * [$i]
+ add %rax, $X[$i-1]
+ adc \$0, %rdx
+ mov %rdx, $X[$i]
+___
+}
+
+for(my $i=1;$i<8;$i++) {
+$code.=<<___;
+ mov (+8*$i)($pA), $OP
+___
+
+ &MULSTEP_512(\@X, "(+$pDst_o+8*$i)($pDst)", $pB, $OP, $TMP);
+ push(@X,shift(@X));
+}
+
+$code.=<<___;
+ mov $X[0], (+$pDst_o+8*8)($pDst)
+ mov $X[1], (+$pDst_o+8*9)($pDst)
+ mov $X[2], (+$pDst_o+8*10)($pDst)
+ mov $X[3], (+$pDst_o+8*11)($pDst)
+ mov $X[4], (+$pDst_o+8*12)($pDst)
+ mov $X[5], (+$pDst_o+8*13)($pDst)
+ mov $X[6], (+$pDst_o+8*14)($pDst)
+ mov $X[7], (+$pDst_o+8*15)($pDst)
+___
+}
+
+#
+# mont_mul_a3b : subroutine to compute (Src1 * Src2) % M (all 512-bits)
+# Input: src1: Address of source 1: rdi
+# src2: Address of source 2: rsi
+# Output: dst: Address of destination: [red_res_addr]
+# src2 and result also in: r9, r8, r15, r14, r13, r12, r11, r10
+# Temp: Clobbers [tmp16], all registers
+$code.=<<___;
+.type mont_mul_a3b,\@abi-omnipotent
+.align 16
+mont_mul_a3b:
+ #
+ # multiply tmp = src1 * src2
+ # For multiply: dst = rcx, src1 = rdi, src2 = rsi
+ # stack depth is extra 8 from call
+___
+ &MUL_512x512("%rsp+$tmp16_offset+8", "%rdi", "%rsi", [map("%r$_",(10..15,8..9))], "%rbp", "%rbx");
+$code.=<<___;
+ #
+ # Dst = tmp % m
+ # Call reduce(tmp, m, data, dst)
+
+ # tail recursion optimization: jmp to mont_reduce and return from there
+ jmp mont_reduce
+ # call mont_reduce
+ # ret
+.size mont_mul_a3b,.-mont_mul_a3b
+___
+}}}
+
+{{{
+#SQR_512 MACRO pDest, pA, x7, x6, x5, x4, x3, x2, x1, x0, tmp*4
+#
+# Input in memory [pA] and also in x7...x0
+# Uses all argument registers plus rax and rdx
+#
+# This version computes all of the off-diagonal terms into memory,
+# and then it adds in the diagonal terms
+
+sub SQR_512
+{
+ my ($pDst, $pA, $x, $A, $tmp, $x7, $x6, $pDst_o)=@_;
+ my ($pDst, $pDst_o) = ($pDst =~ m/([^+]*)\+?(.*)?/);
+ my @X=@$x; # make a copy
+$code.=<<___;
+ # ------------------
+ # first pass 01...07
+ # ------------------
+ mov $X[0], $A
+
+ mov $X[1],%rax
+ mul $A
+ mov %rax, (+$pDst_o+8*1)($pDst)
+___
+for(my $i=2;$i<8;$i++) {
+$code.=<<___;
+ mov %rdx, $X[$i-2]
+ mov $X[$i],%rax
+ mul $A
+ add %rax, $X[$i-2]
+ adc \$0, %rdx
+___
+}
+$code.=<<___;
+ mov %rdx, $x7
+
+ mov $X[0], (+$pDst_o+8*2)($pDst)
+
+ # ------------------
+ # second pass 12...17
+ # ------------------
+
+ mov (+8*1)($pA), $A
+
+ mov (+8*2)($pA),%rax
+ mul $A
+ add %rax, $X[1]
+ adc \$0, %rdx
+ mov $X[1], (+$pDst_o+8*3)($pDst)
+
+ mov %rdx, $X[0]
+ mov (+8*3)($pA),%rax
+ mul $A
+ add %rax, $X[2]
+ adc \$0, %rdx
+ add $X[0], $X[2]
+ adc \$0, %rdx
+ mov $X[2], (+$pDst_o+8*4)($pDst)
+
+ mov %rdx, $X[0]
+ mov (+8*4)($pA),%rax
+ mul $A
+ add %rax, $X[3]
+ adc \$0, %rdx
+ add $X[0], $X[3]
+ adc \$0, %rdx
+
+ mov %rdx, $X[0]
+ mov (+8*5)($pA),%rax
+ mul $A
+ add %rax, $X[4]
+ adc \$0, %rdx
+ add $X[0], $X[4]
+ adc \$0, %rdx
+
+ mov %rdx, $X[0]
+ mov $X[6],%rax
+ mul $A
+ add %rax, $X[5]
+ adc \$0, %rdx
+ add $X[0], $X[5]
+ adc \$0, %rdx
+
+ mov %rdx, $X[0]
+ mov $X[7],%rax
+ mul $A
+ add %rax, $x7
+ adc \$0, %rdx
+ add $X[0], $x7
+ adc \$0, %rdx
+
+ mov %rdx, $X[1]
+
+ # ------------------
+ # third pass 23...27
+ # ------------------
+ mov (+8*2)($pA), $A
+
+ mov (+8*3)($pA),%rax
+ mul $A
+ add %rax, $X[3]
+ adc \$0, %rdx
+ mov $X[3], (+$pDst_o+8*5)($pDst)
+
+ mov %rdx, $X[0]
+ mov (+8*4)($pA),%rax
+ mul $A
+ add %rax, $X[4]
+ adc \$0, %rdx
+ add $X[0], $X[4]
+ adc \$0, %rdx
+ mov $X[4], (+$pDst_o+8*6)($pDst)
+
+ mov %rdx, $X[0]
+ mov (+8*5)($pA),%rax
+ mul $A
+ add %rax, $X[5]
+ adc \$0, %rdx
+ add $X[0], $X[5]
+ adc \$0, %rdx
+
+ mov %rdx, $X[0]
+ mov $X[6],%rax
+ mul $A
+ add %rax, $x7
+ adc \$0, %rdx
+ add $X[0], $x7
+ adc \$0, %rdx
+
+ mov %rdx, $X[0]
+ mov $X[7],%rax
+ mul $A
+ add %rax, $X[1]
+ adc \$0, %rdx
+ add $X[0], $X[1]
+ adc \$0, %rdx
+
+ mov %rdx, $X[2]
+
+ # ------------------
+ # fourth pass 34...37
+ # ------------------
+
+ mov (+8*3)($pA), $A
+
+ mov (+8*4)($pA),%rax
+ mul $A
+ add %rax, $X[5]
+ adc \$0, %rdx
+ mov $X[5], (+$pDst_o+8*7)($pDst)
+
+ mov %rdx, $X[0]
+ mov (+8*5)($pA),%rax
+ mul $A
+ add %rax, $x7
+ adc \$0, %rdx
+ add $X[0], $x7
+ adc \$0, %rdx
+ mov $x7, (+$pDst_o+8*8)($pDst)
+
+ mov %rdx, $X[0]
+ mov $X[6],%rax
+ mul $A
+ add %rax, $X[1]
+ adc \$0, %rdx
+ add $X[0], $X[1]
+ adc \$0, %rdx
+
+ mov %rdx, $X[0]
+ mov $X[7],%rax
+ mul $A
+ add %rax, $X[2]
+ adc \$0, %rdx
+ add $X[0], $X[2]
+ adc \$0, %rdx
+
+ mov %rdx, $X[5]
+
+ # ------------------
+ # fifth pass 45...47
+ # ------------------
+ mov (+8*4)($pA), $A
+
+ mov (+8*5)($pA),%rax
+ mul $A
+ add %rax, $X[1]
+ adc \$0, %rdx
+ mov $X[1], (+$pDst_o+8*9)($pDst)
+
+ mov %rdx, $X[0]
+ mov $X[6],%rax
+ mul $A
+ add %rax, $X[2]
+ adc \$0, %rdx
+ add $X[0], $X[2]
+ adc \$0, %rdx
+ mov $X[2], (+$pDst_o+8*10)($pDst)
+
+ mov %rdx, $X[0]
+ mov $X[7],%rax
+ mul $A
+ add %rax, $X[5]
+ adc \$0, %rdx
+ add $X[0], $X[5]
+ adc \$0, %rdx
+
+ mov %rdx, $X[1]
+
+ # ------------------
+ # sixth pass 56...57
+ # ------------------
+ mov (+8*5)($pA), $A
+
+ mov $X[6],%rax
+ mul $A
+ add %rax, $X[5]
+ adc \$0, %rdx
+ mov $X[5], (+$pDst_o+8*11)($pDst)
+
+ mov %rdx, $X[0]
+ mov $X[7],%rax
+ mul $A
+ add %rax, $X[1]
+ adc \$0, %rdx
+ add $X[0], $X[1]
+ adc \$0, %rdx
+ mov $X[1], (+$pDst_o+8*12)($pDst)
+
+ mov %rdx, $X[2]
+
+ # ------------------
+ # seventh pass 67
+ # ------------------
+ mov $X[6], $A
+
+ mov $X[7],%rax
+ mul $A
+ add %rax, $X[2]
+ adc \$0, %rdx
+ mov $X[2], (+$pDst_o+8*13)($pDst)
+
+ mov %rdx, (+$pDst_o+8*14)($pDst)
+
+ # start finalize (add in squares, and double off-terms)
+ mov (+$pDst_o+8*1)($pDst), $X[0]
+ mov (+$pDst_o+8*2)($pDst), $X[1]
+ mov (+$pDst_o+8*3)($pDst), $X[2]
+ mov (+$pDst_o+8*4)($pDst), $X[3]
+ mov (+$pDst_o+8*5)($pDst), $X[4]
+ mov (+$pDst_o+8*6)($pDst), $X[5]
+
+ mov (+8*3)($pA), %rax
+ mul %rax
+ mov %rax, $x6
+ mov %rdx, $X[6]
+
+ add $X[0], $X[0]
+ adc $X[1], $X[1]
+ adc $X[2], $X[2]
+ adc $X[3], $X[3]
+ adc $X[4], $X[4]
+ adc $X[5], $X[5]
+ adc \$0, $X[6]
+
+ mov (+8*0)($pA), %rax
+ mul %rax
+ mov %rax, (+$pDst_o+8*0)($pDst)
+ mov %rdx, $A
+
+ mov (+8*1)($pA), %rax
+ mul %rax
+
+ add $A, $X[0]
+ adc %rax, $X[1]
+ adc \$0, %rdx
+
+ mov %rdx, $A
+ mov $X[0], (+$pDst_o+8*1)($pDst)
+ mov $X[1], (+$pDst_o+8*2)($pDst)
+
+ mov (+8*2)($pA), %rax
+ mul %rax
+
+ add $A, $X[2]
+ adc %rax, $X[3]
+ adc \$0, %rdx
+
+ mov %rdx, $A
+
+ mov $X[2], (+$pDst_o+8*3)($pDst)
+ mov $X[3], (+$pDst_o+8*4)($pDst)
+
+ xor $tmp, $tmp
+ add $A, $X[4]
+ adc $x6, $X[5]
+ adc \$0, $tmp
+
+ mov $X[4], (+$pDst_o+8*5)($pDst)
+ mov $X[5], (+$pDst_o+8*6)($pDst)
+
+ # %%tmp has 0/1 in column 7
+ # %%A6 has a full value in column 7
+
+ mov (+$pDst_o+8*7)($pDst), $X[0]
+ mov (+$pDst_o+8*8)($pDst), $X[1]
+ mov (+$pDst_o+8*9)($pDst), $X[2]
+ mov (+$pDst_o+8*10)($pDst), $X[3]
+ mov (+$pDst_o+8*11)($pDst), $X[4]
+ mov (+$pDst_o+8*12)($pDst), $X[5]
+ mov (+$pDst_o+8*13)($pDst), $x6
+ mov (+$pDst_o+8*14)($pDst), $x7
+
+ mov $X[7], %rax
+ mul %rax
+ mov %rax, $X[7]
+ mov %rdx, $A
+
+ add $X[0], $X[0]
+ adc $X[1], $X[1]
+ adc $X[2], $X[2]
+ adc $X[3], $X[3]
+ adc $X[4], $X[4]
+ adc $X[5], $X[5]
+ adc $x6, $x6
+ adc $x7, $x7
+ adc \$0, $A
+
+ add $tmp, $X[0]
+
+ mov (+8*4)($pA), %rax
+ mul %rax
+
+ add $X[6], $X[0]
+ adc %rax, $X[1]
+ adc \$0, %rdx
+
+ mov %rdx, $tmp
+
+ mov $X[0], (+$pDst_o+8*7)($pDst)
+ mov $X[1], (+$pDst_o+8*8)($pDst)
+
+ mov (+8*5)($pA), %rax
+ mul %rax
+
+ add $tmp, $X[2]
+ adc %rax, $X[3]
+ adc \$0, %rdx
+
+ mov %rdx, $tmp
+
+ mov $X[2], (+$pDst_o+8*9)($pDst)
+ mov $X[3], (+$pDst_o+8*10)($pDst)
+
+ mov (+8*6)($pA), %rax
+ mul %rax
+
+ add $tmp, $X[4]
+ adc %rax, $X[5]
+ adc \$0, %rdx
+
+ mov $X[4], (+$pDst_o+8*11)($pDst)
+ mov $X[5], (+$pDst_o+8*12)($pDst)
+
+ add %rdx, $x6
+ adc $X[7], $x7
+ adc \$0, $A
+
+ mov $x6, (+$pDst_o+8*13)($pDst)
+ mov $x7, (+$pDst_o+8*14)($pDst)
+ mov $A, (+$pDst_o+8*15)($pDst)
+___
+}
+
+#
+# sqr_reduce: subroutine to compute Result = reduce(Result * Result)
+#
+# input and result also in: r9, r8, r15, r14, r13, r12, r11, r10
+#
+$code.=<<___;
+.type sqr_reduce,\@abi-omnipotent
+.align 16
+sqr_reduce:
+ mov (+$pResult_offset+8)(%rsp), %rcx
+___
+ &SQR_512("%rsp+$tmp16_offset+8", "%rcx", [map("%r$_",(10..15,8..9))], "%rbx", "%rbp", "%rsi", "%rdi");
+$code.=<<___;
+ # tail recursion optimization: jmp to mont_reduce and return from there
+ jmp mont_reduce
+ # call mont_reduce
+ # ret
+.size sqr_reduce,.-sqr_reduce
+___
+}}}
+
+#
+# MAIN FUNCTION
+#
+
+#mod_exp_512(UINT64 *result, /* 512 bits, 8 qwords */
+# UINT64 *g, /* 512 bits, 8 qwords */
+# UINT64 *exp, /* 512 bits, 8 qwords */
+# struct mod_ctx_512 *data)
+
+# window size = 5
+# table size = 2^5 = 32
+#table_entries equ 32
+#table_size equ table_entries * 8
+$code.=<<___;
+.globl mod_exp_512
+.type mod_exp_512,\@function,4
+mod_exp_512:
+ push %rbp
+ push %rbx
+ push %r12
+ push %r13
+ push %r14
+ push %r15
+
+ # adjust stack down and then align it with cache boundary
+ mov %rsp, %r8
+ sub \$$mem_size, %rsp
+ and \$-64, %rsp
+
+ # store previous stack pointer and arguments
+ mov %r8, (+$rsp_offset)(%rsp)
+ mov %rdi, (+$pResult_offset)(%rsp)
+ mov %rsi, (+$pG_offset)(%rsp)
+ mov %rcx, (+$pData_offset)(%rsp)
+.Lbody:
+ # transform g into montgomery space
+ # GT = reduce(g * C2) = reduce(g * (2^256))
+ # reduce expects to have the input in [tmp16]
+ pxor %xmm4, %xmm4
+ movdqu (+16*0)(%rsi), %xmm0
+ movdqu (+16*1)(%rsi), %xmm1
+ movdqu (+16*2)(%rsi), %xmm2
+ movdqu (+16*3)(%rsi), %xmm3
+ movdqa %xmm4, (+$tmp16_offset+16*0)(%rsp)
+ movdqa %xmm4, (+$tmp16_offset+16*1)(%rsp)
+ movdqa %xmm4, (+$tmp16_offset+16*6)(%rsp)
+ movdqa %xmm4, (+$tmp16_offset+16*7)(%rsp)
+ movdqa %xmm0, (+$tmp16_offset+16*2)(%rsp)
+ movdqa %xmm1, (+$tmp16_offset+16*3)(%rsp)
+ movdqa %xmm2, (+$tmp16_offset+16*4)(%rsp)
+ movdqa %xmm3, (+$tmp16_offset+16*5)(%rsp)
+
+ # load pExp before rdx gets blown away
+ movdqu (+16*0)(%rdx), %xmm0
+ movdqu (+16*1)(%rdx), %xmm1
+ movdqu (+16*2)(%rdx), %xmm2
+ movdqu (+16*3)(%rdx), %xmm3
+
+ lea (+$GT_offset)(%rsp), %rbx
+ mov %rbx, (+$red_result_addr_offset)(%rsp)
+ call mont_reduce
+
+ # Initialize tmp = C
+ lea (+$tmp_offset)(%rsp), %rcx
+ xor %rax, %rax
+ mov %rax, (+8*0)(%rcx)
+ mov %rax, (+8*1)(%rcx)
+ mov %rax, (+8*3)(%rcx)
+ mov %rax, (+8*4)(%rcx)
+ mov %rax, (+8*5)(%rcx)
+ mov %rax, (+8*6)(%rcx)
+ mov %rax, (+8*7)(%rcx)
+ mov %rax, (+$exp_offset+8*8)(%rsp)
+ movq \$1, (+8*2)(%rcx)
+
+ lea (+$garray_offset)(%rsp), %rbp
+ mov %rcx, %rsi # pTmp
+ mov %rbp, %rdi # Garray[][0]
+___
+
+ &swizzle("%rdi", "%rcx", "%rax", "%rbx");
+
+ # for (rax = 31; rax != 0; rax--) {
+ # tmp = reduce(tmp * G)
+ # swizzle(pg, tmp);
+ # pg += 2; }
+$code.=<<___;
+ mov \$31, %rax
+ mov %rax, (+$i_offset)(%rsp)
+ mov %rbp, (+$pg_offset)(%rsp)
+ # rsi -> pTmp
+ mov %rsi, (+$red_result_addr_offset)(%rsp)
+ mov (+8*0)(%rsi), %r10
+ mov (+8*1)(%rsi), %r11
+ mov (+8*2)(%rsi), %r12
+ mov (+8*3)(%rsi), %r13
+ mov (+8*4)(%rsi), %r14
+ mov (+8*5)(%rsi), %r15
+ mov (+8*6)(%rsi), %r8
+ mov (+8*7)(%rsi), %r9
+init_loop:
+ lea (+$GT_offset)(%rsp), %rdi
+ call mont_mul_a3b
+ lea (+$tmp_offset)(%rsp), %rsi
+ mov (+$pg_offset)(%rsp), %rbp
+ add \$2, %rbp
+ mov %rbp, (+$pg_offset)(%rsp)
+ mov %rsi, %rcx # rcx = rsi = addr of tmp
+___
+
+ &swizzle("%rbp", "%rcx", "%rax", "%rbx");
+$code.=<<___;
+ mov (+$i_offset)(%rsp), %rax
+ sub \$1, %rax
+ mov %rax, (+$i_offset)(%rsp)
+ jne init_loop
+
+ #
+ # Copy exponent onto stack
+ movdqa %xmm0, (+$exp_offset+16*0)(%rsp)
+ movdqa %xmm1, (+$exp_offset+16*1)(%rsp)
+ movdqa %xmm2, (+$exp_offset+16*2)(%rsp)
+ movdqa %xmm3, (+$exp_offset+16*3)(%rsp)
+
+
+ #
+ # Do exponentiation
+ # Initialize result to G[exp{511:507}]
+ mov (+$exp_offset+62)(%rsp), %eax
+ mov %rax, %rdx
+ shr \$11, %rax
+ and \$0x07FF, %edx
+ mov %edx, (+$exp_offset+62)(%rsp)
+ lea (+$garray_offset)(%rsp,%rax,2), %rsi
+ mov (+$pResult_offset)(%rsp), %rdx
+___
+
+ &unswizzle("%rdx", "%rsi", "%rbp", "%rbx", "%rax");
+
+ #
+ # Loop variables
+ # rcx = [loop_idx] = index: 510-5 to 0 by 5
+$code.=<<___;
+ movq \$505, (+$loop_idx_offset)(%rsp)
+
+ mov (+$pResult_offset)(%rsp), %rcx
+ mov %rcx, (+$red_result_addr_offset)(%rsp)
+ mov (+8*0)(%rcx), %r10
+ mov (+8*1)(%rcx), %r11
+ mov (+8*2)(%rcx), %r12
+ mov (+8*3)(%rcx), %r13
+ mov (+8*4)(%rcx), %r14
+ mov (+8*5)(%rcx), %r15
+ mov (+8*6)(%rcx), %r8
+ mov (+8*7)(%rcx), %r9
+ jmp sqr_2
+
+main_loop_a3b:
+ call sqr_reduce
+ call sqr_reduce
+ call sqr_reduce
+sqr_2:
+ call sqr_reduce
+ call sqr_reduce
+
+ #
+ # Do multiply, first look up proper value in Garray
+ mov (+$loop_idx_offset)(%rsp), %rcx # bit index
+ mov %rcx, %rax
+ shr \$4, %rax # rax is word pointer
+ mov (+$exp_offset)(%rsp,%rax,2), %edx
+ and \$15, %rcx
+ shrq %cl, %rdx
+ and \$0x1F, %rdx
+
+ lea (+$garray_offset)(%rsp,%rdx,2), %rsi
+ lea (+$tmp_offset)(%rsp), %rdx
+ mov %rdx, %rdi
+___
+
+ &unswizzle("%rdx", "%rsi", "%rbp", "%rbx", "%rax");
+ # rdi = tmp = pG
+
+ #
+ # Call mod_mul_a1(pDst, pSrc1, pSrc2, pM, pData)
+ # result result pG M Data
+$code.=<<___;
+ mov (+$pResult_offset)(%rsp), %rsi
+ call mont_mul_a3b
+
+ #
+ # finish loop
+ mov (+$loop_idx_offset)(%rsp), %rcx
+ sub \$5, %rcx
+ mov %rcx, (+$loop_idx_offset)(%rsp)
+ jge main_loop_a3b
+
+ #
+
+end_main_loop_a3b:
+ # transform result out of Montgomery space
+ # result = reduce(result)
+ mov (+$pResult_offset)(%rsp), %rdx
+ pxor %xmm4, %xmm4
+ movdqu (+16*0)(%rdx), %xmm0
+ movdqu (+16*1)(%rdx), %xmm1
+ movdqu (+16*2)(%rdx), %xmm2
+ movdqu (+16*3)(%rdx), %xmm3
+ movdqa %xmm4, (+$tmp16_offset+16*4)(%rsp)
+ movdqa %xmm4, (+$tmp16_offset+16*5)(%rsp)
+ movdqa %xmm4, (+$tmp16_offset+16*6)(%rsp)
+ movdqa %xmm4, (+$tmp16_offset+16*7)(%rsp)
+ movdqa %xmm0, (+$tmp16_offset+16*0)(%rsp)
+ movdqa %xmm1, (+$tmp16_offset+16*1)(%rsp)
+ movdqa %xmm2, (+$tmp16_offset+16*2)(%rsp)
+ movdqa %xmm3, (+$tmp16_offset+16*3)(%rsp)
+ call mont_reduce
+
+ # If result > m, subract m
+ # load result into r15:r8
+ mov (+$pResult_offset)(%rsp), %rax
+ mov (+8*0)(%rax), %r8
+ mov (+8*1)(%rax), %r9
+ mov (+8*2)(%rax), %r10
+ mov (+8*3)(%rax), %r11
+ mov (+8*4)(%rax), %r12
+ mov (+8*5)(%rax), %r13
+ mov (+8*6)(%rax), %r14
+ mov (+8*7)(%rax), %r15
+
+ # subtract m
+ mov (+$pData_offset)(%rsp), %rbx
+ add \$$M, %rbx
+
+ sub (+8*0)(%rbx), %r8
+ sbb (+8*1)(%rbx), %r9
+ sbb (+8*2)(%rbx), %r10
+ sbb (+8*3)(%rbx), %r11
+ sbb (+8*4)(%rbx), %r12
+ sbb (+8*5)(%rbx), %r13
+ sbb (+8*6)(%rbx), %r14
+ sbb (+8*7)(%rbx), %r15
+
+ # if Carry is clear, replace result with difference
+ mov (+8*0)(%rax), %rsi
+ mov (+8*1)(%rax), %rdi
+ mov (+8*2)(%rax), %rcx
+ mov (+8*3)(%rax), %rdx
+ cmovnc %r8, %rsi
+ cmovnc %r9, %rdi
+ cmovnc %r10, %rcx
+ cmovnc %r11, %rdx
+ mov %rsi, (+8*0)(%rax)
+ mov %rdi, (+8*1)(%rax)
+ mov %rcx, (+8*2)(%rax)
+ mov %rdx, (+8*3)(%rax)
+
+ mov (+8*4)(%rax), %rsi
+ mov (+8*5)(%rax), %rdi
+ mov (+8*6)(%rax), %rcx
+ mov (+8*7)(%rax), %rdx
+ cmovnc %r12, %rsi
+ cmovnc %r13, %rdi
+ cmovnc %r14, %rcx
+ cmovnc %r15, %rdx
+ mov %rsi, (+8*4)(%rax)
+ mov %rdi, (+8*5)(%rax)
+ mov %rcx, (+8*6)(%rax)
+ mov %rdx, (+8*7)(%rax)
+
+ mov (+$rsp_offset)(%rsp), %rsi
+ mov 0(%rsi),%r15
+ mov 8(%rsi),%r14
+ mov 16(%rsi),%r13
+ mov 24(%rsi),%r12
+ mov 32(%rsi),%rbx
+ mov 40(%rsi),%rbp
+ lea 48(%rsi),%rsp
+.Lepilogue:
+ ret
+.size mod_exp_512, . - mod_exp_512
+___
+
+if ($win64) {
+# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
+# CONTEXT *context,DISPATCHER_CONTEXT *disp)
+my $rec="%rcx";
+my $frame="%rdx";
+my $context="%r8";
+my $disp="%r9";
+
+$code.=<<___;
+.extern __imp_RtlVirtualUnwind
+.type mod_exp_512_se_handler,\@abi-omnipotent
+.align 16
+mod_exp_512_se_handler:
+ push %rsi
+ push %rdi
+ push %rbx
+ push %rbp
+ push %r12
+ push %r13
+ push %r14
+ push %r15
+ pushfq
+ sub \$64,%rsp
+
+ mov 120($context),%rax # pull context->Rax
+ mov 248($context),%rbx # pull context->Rip
+
+ lea .Lbody(%rip),%r10
+ cmp %r10,%rbx # context->Rip<prologue label
+ jb .Lin_prologue
+
+ mov 152($context),%rax # pull context->Rsp
+
+ lea .Lepilogue(%rip),%r10
+ cmp %r10,%rbx # context->Rip>=epilogue label
+ jae .Lin_prologue
+
+ mov $rsp_offset(%rax),%rax # pull saved Rsp
+
+ mov 32(%rax),%rbx
+ mov 40(%rax),%rbp
+ mov 24(%rax),%r12
+ mov 16(%rax),%r13
+ mov 8(%rax),%r14
+ mov 0(%rax),%r15
+ lea 48(%rax),%rax
+ mov %rbx,144($context) # restore context->Rbx
+ mov %rbp,160($context) # restore context->Rbp
+ mov %r12,216($context) # restore context->R12
+ mov %r13,224($context) # restore context->R13
+ mov %r14,232($context) # restore context->R14
+ mov %r15,240($context) # restore context->R15
+
+.Lin_prologue:
+ mov 8(%rax),%rdi
+ mov 16(%rax),%rsi
+ mov %rax,152($context) # restore context->Rsp
+ mov %rsi,168($context) # restore context->Rsi
+ mov %rdi,176($context) # restore context->Rdi
+
+ mov 40($disp),%rdi # disp->ContextRecord
+ mov $context,%rsi # context
+ mov \$154,%ecx # sizeof(CONTEXT)
+ .long 0xa548f3fc # cld; rep movsq
+
+ mov $disp,%rsi
+ xor %rcx,%rcx # arg1, UNW_FLAG_NHANDLER
+ mov 8(%rsi),%rdx # arg2, disp->ImageBase
+ mov 0(%rsi),%r8 # arg3, disp->ControlPc
+ mov 16(%rsi),%r9 # arg4, disp->FunctionEntry
+ mov 40(%rsi),%r10 # disp->ContextRecord
+ lea 56(%rsi),%r11 # &disp->HandlerData
+ lea 24(%rsi),%r12 # &disp->EstablisherFrame
+ mov %r10,32(%rsp) # arg5
+ mov %r11,40(%rsp) # arg6
+ mov %r12,48(%rsp) # arg7
+ mov %rcx,56(%rsp) # arg8, (NULL)
+ call *__imp_RtlVirtualUnwind(%rip)
+
+ mov \$1,%eax # ExceptionContinueSearch
+ add \$64,%rsp
+ popfq
+ pop %r15
+ pop %r14
+ pop %r13
+ pop %r12
+ pop %rbp
+ pop %rbx
+ pop %rdi
+ pop %rsi
+ ret
+.size mod_exp_512_se_handler,.-mod_exp_512_se_handler
+
+.section .pdata
+.align 4
+ .rva .LSEH_begin_mod_exp_512
+ .rva .LSEH_end_mod_exp_512
+ .rva .LSEH_info_mod_exp_512
+
+.section .xdata
+.align 8
+.LSEH_info_mod_exp_512:
+ .byte 9,0,0,0
+ .rva mod_exp_512_se_handler
+___
+}
+
+sub reg_part {
+my ($reg,$conv)=@_;
+ if ($reg =~ /%r[0-9]+/) { $reg .= $conv; }
+ elsif ($conv eq "b") { $reg =~ s/%[er]([^x]+)x?/%$1l/; }
+ elsif ($conv eq "w") { $reg =~ s/%[er](.+)/%$1/; }
+ elsif ($conv eq "d") { $reg =~ s/%[er](.+)/%e$1/; }
+ return $reg;
+}
+
+$code =~ s/(%[a-z0-9]+)#([bwd])/reg_part($1,$2)/gem;
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+$code =~ s/(\(\+[^)]+\))/eval $1/gem;
+print $code;
+close STDOUT;
Copied: trunk/crypto/openssl/crypto/bn/asm/parisc-mont.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/bn/asm/parisc-mont.pl)
===================================================================
--- trunk/crypto/openssl/crypto/bn/asm/parisc-mont.pl (rev 0)
+++ trunk/crypto/openssl/crypto/bn/asm/parisc-mont.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,995 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# On PA-7100LC this module performs ~90-50% better, less for longer
+# keys, than code generated by gcc 3.2 for PA-RISC 1.1. Latter means
+# that compiler utilized xmpyu instruction to perform 32x32=64-bit
+# multiplication, which in turn means that "baseline" performance was
+# optimal in respect to instruction set capabilities. Fair comparison
+# with vendor compiler is problematic, because OpenSSL doesn't define
+# BN_LLONG [presumably] for historical reasons, which drives compiler
+# toward 4 times 16x16=32-bit multiplicatons [plus complementary
+# shifts and additions] instead. This means that you should observe
+# several times improvement over code generated by vendor compiler
+# for PA-RISC 1.1, but the "baseline" is far from optimal. The actual
+# improvement coefficient was never collected on PA-7100LC, or any
+# other 1.1 CPU, because I don't have access to such machine with
+# vendor compiler. But to give you a taste, PA-RISC 1.1 code path
+# reportedly outperformed code generated by cc +DA1.1 +O3 by factor
+# of ~5x on PA-8600.
+#
+# On PA-RISC 2.0 it has to compete with pa-risc2[W].s, which is
+# reportedly ~2x faster than vendor compiler generated code [according
+# to comment in pa-risc2[W].s]. Here comes a catch. Execution core of
+# this implementation is actually 32-bit one, in the sense that it
+# operates on 32-bit values. But pa-risc2[W].s operates on arrays of
+# 64-bit BN_LONGs... How do they interoperate then? No problem. This
+# module picks halves of 64-bit values in reverse order and pretends
+# they were 32-bit BN_LONGs. But can 32-bit core compete with "pure"
+# 64-bit code such as pa-risc2[W].s then? Well, the thing is that
+# 32x32=64-bit multiplication is the best even PA-RISC 2.0 can do,
+# i.e. there is no "wider" multiplication like on most other 64-bit
+# platforms. This means that even being effectively 32-bit, this
+# implementation performs "64-bit" computational task in same amount
+# of arithmetic operations, most notably multiplications. It requires
+# more memory references, most notably to tp[num], but this doesn't
+# seem to exhaust memory port capacity. And indeed, dedicated PA-RISC
+# 2.0 code path provides virtually same performance as pa-risc2[W].s:
+# it's ~10% better for shortest key length and ~10% worse for longest
+# one.
+#
+# In case it wasn't clear. The module has two distinct code paths:
+# PA-RISC 1.1 and PA-RISC 2.0 ones. Latter features carry-free 64-bit
+# additions and 64-bit integer loads, not to mention specific
+# instruction scheduling. In 64-bit build naturally only 2.0 code path
+# is assembled. In 32-bit application context both code paths are
+# assembled, PA-RISC 2.0 CPU is detected at run-time and proper path
+# is taken automatically. Also, in 32-bit build the module imposes
+# couple of limitations: vector lengths has to be even and vector
+# addresses has to be 64-bit aligned. Normally neither is a problem:
+# most common key lengths are even and vectors are commonly malloc-ed,
+# which ensures alignment.
+#
+# Special thanks to polarhome.com for providing HP-UX account on
+# PA-RISC 1.1 machine, and to correspondent who chose to remain
+# anonymous for testing the code on PA-RISC 2.0 machine.
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+
+$flavour = shift;
+$output = shift;
+
+open STDOUT,">$output";
+
+if ($flavour =~ /64/) {
+ $LEVEL ="2.0W";
+ $SIZE_T =8;
+ $FRAME_MARKER =80;
+ $SAVED_RP =16;
+ $PUSH ="std";
+ $PUSHMA ="std,ma";
+ $POP ="ldd";
+ $POPMB ="ldd,mb";
+ $BN_SZ =$SIZE_T;
+} else {
+ $LEVEL ="1.1"; #$LEVEL.="\n\t.ALLOW\t2.0";
+ $SIZE_T =4;
+ $FRAME_MARKER =48;
+ $SAVED_RP =20;
+ $PUSH ="stw";
+ $PUSHMA ="stwm";
+ $POP ="ldw";
+ $POPMB ="ldwm";
+ $BN_SZ =$SIZE_T;
+ if (open CONF,"<${dir}../../opensslconf.h") {
+ while(<CONF>) {
+ if (m/#\s*define\s+SIXTY_FOUR_BIT/) {
+ $BN_SZ=8;
+ $LEVEL="2.0";
+ last;
+ }
+ }
+ close CONF;
+ }
+}
+
+$FRAME=8*$SIZE_T+$FRAME_MARKER; # 8 saved regs + frame marker
+ # [+ argument transfer]
+$LOCALS=$FRAME-$FRAME_MARKER;
+$FRAME+=32; # local variables
+
+$tp="%r31";
+$ti1="%r29";
+$ti0="%r28";
+
+$rp="%r26";
+$ap="%r25";
+$bp="%r24";
+$np="%r23";
+$n0="%r22"; # passed through stack in 32-bit
+$num="%r21"; # passed through stack in 32-bit
+$idx="%r20";
+$arrsz="%r19";
+
+$nm1="%r7";
+$nm0="%r6";
+$ab1="%r5";
+$ab0="%r4";
+
+$fp="%r3";
+$hi1="%r2";
+$hi0="%r1";
+
+$xfer=$n0; # accomodates [-16..15] offset in fld[dw]s
+
+$fm0="%fr4"; $fti=$fm0;
+$fbi="%fr5L";
+$fn0="%fr5R";
+$fai="%fr6"; $fab0="%fr7"; $fab1="%fr8";
+$fni="%fr9"; $fnm0="%fr10"; $fnm1="%fr11";
+
+$code=<<___;
+ .LEVEL $LEVEL
+ .SPACE \$TEXT\$
+ .SUBSPA \$CODE\$,QUAD=0,ALIGN=8,ACCESS=0x2C,CODE_ONLY
+
+ .EXPORT bn_mul_mont,ENTRY,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR
+ .ALIGN 64
+bn_mul_mont
+ .PROC
+ .CALLINFO FRAME=`$FRAME-8*$SIZE_T`,NO_CALLS,SAVE_RP,SAVE_SP,ENTRY_GR=6
+ .ENTRY
+ $PUSH %r2,-$SAVED_RP(%sp) ; standard prologue
+ $PUSHMA %r3,$FRAME(%sp)
+ $PUSH %r4,`-$FRAME+1*$SIZE_T`(%sp)
+ $PUSH %r5,`-$FRAME+2*$SIZE_T`(%sp)
+ $PUSH %r6,`-$FRAME+3*$SIZE_T`(%sp)
+ $PUSH %r7,`-$FRAME+4*$SIZE_T`(%sp)
+ $PUSH %r8,`-$FRAME+5*$SIZE_T`(%sp)
+ $PUSH %r9,`-$FRAME+6*$SIZE_T`(%sp)
+ $PUSH %r10,`-$FRAME+7*$SIZE_T`(%sp)
+ ldo -$FRAME(%sp),$fp
+___
+$code.=<<___ if ($SIZE_T==4);
+ ldw `-$FRAME_MARKER-4`($fp),$n0
+ ldw `-$FRAME_MARKER-8`($fp),$num
+ nop
+ nop ; alignment
+___
+$code.=<<___ if ($BN_SZ==4);
+ comiclr,<= 6,$num,%r0 ; are vectors long enough?
+ b L\$abort
+ ldi 0,%r28 ; signal "unhandled"
+ add,ev %r0,$num,$num ; is $num even?
+ b L\$abort
+ nop
+ or $ap,$np,$ti1
+ extru,= $ti1,31,3,%r0 ; are ap and np 64-bit aligned?
+ b L\$abort
+ nop
+ nop ; alignment
+ nop
+
+ fldws 0($n0),${fn0}
+ fldws,ma 4($bp),${fbi} ; bp[0]
+___
+$code.=<<___ if ($BN_SZ==8);
+ comib,> 3,$num,L\$abort ; are vectors long enough?
+ ldi 0,%r28 ; signal "unhandled"
+ addl $num,$num,$num ; I operate on 32-bit values
+
+ fldws 4($n0),${fn0} ; only low part of n0
+ fldws 4($bp),${fbi} ; bp[0] in flipped word order
+___
+$code.=<<___;
+ fldds 0($ap),${fai} ; ap[0,1]
+ fldds 0($np),${fni} ; np[0,1]
+
+ sh2addl $num,%r0,$arrsz
+ ldi 31,$hi0
+ ldo 36($arrsz),$hi1 ; space for tp[num+1]
+ andcm $hi1,$hi0,$hi1 ; align
+ addl $hi1,%sp,%sp
+ $PUSH $fp,-$SIZE_T(%sp)
+
+ ldo `$LOCALS+16`($fp),$xfer
+ ldo `$LOCALS+32+4`($fp),$tp
+
+ xmpyu ${fai}L,${fbi},${fab0} ; ap[0]*bp[0]
+ xmpyu ${fai}R,${fbi},${fab1} ; ap[1]*bp[0]
+ xmpyu ${fn0},${fab0}R,${fm0}
+
+ addl $arrsz,$ap,$ap ; point at the end
+ addl $arrsz,$np,$np
+ subi 0,$arrsz,$idx ; j=0
+ ldo 8($idx),$idx ; j++++
+
+ xmpyu ${fni}L,${fm0}R,${fnm0} ; np[0]*m
+ xmpyu ${fni}R,${fm0}R,${fnm1} ; np[1]*m
+ fstds ${fab0},-16($xfer)
+ fstds ${fnm0},-8($xfer)
+ fstds ${fab1},0($xfer)
+ fstds ${fnm1},8($xfer)
+ flddx $idx($ap),${fai} ; ap[2,3]
+ flddx $idx($np),${fni} ; np[2,3]
+___
+$code.=<<___ if ($BN_SZ==4);
+ mtctl $hi0,%cr11 ; $hi0 still holds 31
+ extrd,u,*= $hi0,%sar,1,$hi0 ; executes on PA-RISC 1.0
+ b L\$parisc11
+ nop
+___
+$code.=<<___; # PA-RISC 2.0 code-path
+ xmpyu ${fai}L,${fbi},${fab0} ; ap[j]*bp[0]
+ xmpyu ${fni}L,${fm0}R,${fnm0} ; np[j]*m
+ ldd -16($xfer),$ab0
+ fstds ${fab0},-16($xfer)
+
+ extrd,u $ab0,31,32,$hi0
+ extrd,u $ab0,63,32,$ab0
+ ldd -8($xfer),$nm0
+ fstds ${fnm0},-8($xfer)
+ ldo 8($idx),$idx ; j++++
+ addl $ab0,$nm0,$nm0 ; low part is discarded
+ extrd,u $nm0,31,32,$hi1
+
+L\$1st
+ xmpyu ${fai}R,${fbi},${fab1} ; ap[j+1]*bp[0]
+ xmpyu ${fni}R,${fm0}R,${fnm1} ; np[j+1]*m
+ ldd 0($xfer),$ab1
+ fstds ${fab1},0($xfer)
+ addl $hi0,$ab1,$ab1
+ extrd,u $ab1,31,32,$hi0
+ ldd 8($xfer),$nm1
+ fstds ${fnm1},8($xfer)
+ extrd,u $ab1,63,32,$ab1
+ addl $hi1,$nm1,$nm1
+ flddx $idx($ap),${fai} ; ap[j,j+1]
+ flddx $idx($np),${fni} ; np[j,j+1]
+ addl $ab1,$nm1,$nm1
+ extrd,u $nm1,31,32,$hi1
+
+ xmpyu ${fai}L,${fbi},${fab0} ; ap[j]*bp[0]
+ xmpyu ${fni}L,${fm0}R,${fnm0} ; np[j]*m
+ ldd -16($xfer),$ab0
+ fstds ${fab0},-16($xfer)
+ addl $hi0,$ab0,$ab0
+ extrd,u $ab0,31,32,$hi0
+ ldd -8($xfer),$nm0
+ fstds ${fnm0},-8($xfer)
+ extrd,u $ab0,63,32,$ab0
+ addl $hi1,$nm0,$nm0
+ stw $nm1,-4($tp) ; tp[j-1]
+ addl $ab0,$nm0,$nm0
+ stw,ma $nm0,8($tp) ; tp[j-1]
+ addib,<> 8,$idx,L\$1st ; j++++
+ extrd,u $nm0,31,32,$hi1
+
+ xmpyu ${fai}R,${fbi},${fab1} ; ap[j]*bp[0]
+ xmpyu ${fni}R,${fm0}R,${fnm1} ; np[j]*m
+ ldd 0($xfer),$ab1
+ fstds ${fab1},0($xfer)
+ addl $hi0,$ab1,$ab1
+ extrd,u $ab1,31,32,$hi0
+ ldd 8($xfer),$nm1
+ fstds ${fnm1},8($xfer)
+ extrd,u $ab1,63,32,$ab1
+ addl $hi1,$nm1,$nm1
+ ldd -16($xfer),$ab0
+ addl $ab1,$nm1,$nm1
+ ldd -8($xfer),$nm0
+ extrd,u $nm1,31,32,$hi1
+
+ addl $hi0,$ab0,$ab0
+ extrd,u $ab0,31,32,$hi0
+ stw $nm1,-4($tp) ; tp[j-1]
+ extrd,u $ab0,63,32,$ab0
+ addl $hi1,$nm0,$nm0
+ ldd 0($xfer),$ab1
+ addl $ab0,$nm0,$nm0
+ ldd,mb 8($xfer),$nm1
+ extrd,u $nm0,31,32,$hi1
+ stw,ma $nm0,8($tp) ; tp[j-1]
+
+ ldo -1($num),$num ; i--
+ subi 0,$arrsz,$idx ; j=0
+___
+$code.=<<___ if ($BN_SZ==4);
+ fldws,ma 4($bp),${fbi} ; bp[1]
+___
+$code.=<<___ if ($BN_SZ==8);
+ fldws 0($bp),${fbi} ; bp[1] in flipped word order
+___
+$code.=<<___;
+ flddx $idx($ap),${fai} ; ap[0,1]
+ flddx $idx($np),${fni} ; np[0,1]
+ fldws 8($xfer),${fti}R ; tp[0]
+ addl $hi0,$ab1,$ab1
+ extrd,u $ab1,31,32,$hi0
+ extrd,u $ab1,63,32,$ab1
+ ldo 8($idx),$idx ; j++++
+ xmpyu ${fai}L,${fbi},${fab0} ; ap[0]*bp[1]
+ xmpyu ${fai}R,${fbi},${fab1} ; ap[1]*bp[1]
+ addl $hi1,$nm1,$nm1
+ addl $ab1,$nm1,$nm1
+ extrd,u $nm1,31,32,$hi1
+ fstws,mb ${fab0}L,-8($xfer) ; save high part
+ stw $nm1,-4($tp) ; tp[j-1]
+
+ fcpy,sgl %fr0,${fti}L ; zero high part
+ fcpy,sgl %fr0,${fab0}L
+ addl $hi1,$hi0,$hi0
+ extrd,u $hi0,31,32,$hi1
+ fcnvxf,dbl,dbl ${fti},${fti} ; 32-bit unsigned int -> double
+ fcnvxf,dbl,dbl ${fab0},${fab0}
+ stw $hi0,0($tp)
+ stw $hi1,4($tp)
+
+ fadd,dbl ${fti},${fab0},${fab0} ; add tp[0]
+ fcnvfx,dbl,dbl ${fab0},${fab0} ; double -> 33-bit unsigned int
+ xmpyu ${fn0},${fab0}R,${fm0}
+ ldo `$LOCALS+32+4`($fp),$tp
+L\$outer
+ xmpyu ${fni}L,${fm0}R,${fnm0} ; np[0]*m
+ xmpyu ${fni}R,${fm0}R,${fnm1} ; np[1]*m
+ fstds ${fab0},-16($xfer) ; 33-bit value
+ fstds ${fnm0},-8($xfer)
+ flddx $idx($ap),${fai} ; ap[2]
+ flddx $idx($np),${fni} ; np[2]
+ ldo 8($idx),$idx ; j++++
+ ldd -16($xfer),$ab0 ; 33-bit value
+ ldd -8($xfer),$nm0
+ ldw 0($xfer),$hi0 ; high part
+
+ xmpyu ${fai}L,${fbi},${fab0} ; ap[j]*bp[i]
+ xmpyu ${fni}L,${fm0}R,${fnm0} ; np[j]*m
+ extrd,u $ab0,31,32,$ti0 ; carry bit
+ extrd,u $ab0,63,32,$ab0
+ fstds ${fab1},0($xfer)
+ addl $ti0,$hi0,$hi0 ; account carry bit
+ fstds ${fnm1},8($xfer)
+ addl $ab0,$nm0,$nm0 ; low part is discarded
+ ldw 0($tp),$ti1 ; tp[1]
+ extrd,u $nm0,31,32,$hi1
+ fstds ${fab0},-16($xfer)
+ fstds ${fnm0},-8($xfer)
+
+L\$inner
+ xmpyu ${fai}R,${fbi},${fab1} ; ap[j+1]*bp[i]
+ xmpyu ${fni}R,${fm0}R,${fnm1} ; np[j+1]*m
+ ldd 0($xfer),$ab1
+ fstds ${fab1},0($xfer)
+ addl $hi0,$ti1,$ti1
+ addl $ti1,$ab1,$ab1
+ ldd 8($xfer),$nm1
+ fstds ${fnm1},8($xfer)
+ extrd,u $ab1,31,32,$hi0
+ extrd,u $ab1,63,32,$ab1
+ flddx $idx($ap),${fai} ; ap[j,j+1]
+ flddx $idx($np),${fni} ; np[j,j+1]
+ addl $hi1,$nm1,$nm1
+ addl $ab1,$nm1,$nm1
+ ldw 4($tp),$ti0 ; tp[j]
+ stw $nm1,-4($tp) ; tp[j-1]
+
+ xmpyu ${fai}L,${fbi},${fab0} ; ap[j]*bp[i]
+ xmpyu ${fni}L,${fm0}R,${fnm0} ; np[j]*m
+ ldd -16($xfer),$ab0
+ fstds ${fab0},-16($xfer)
+ addl $hi0,$ti0,$ti0
+ addl $ti0,$ab0,$ab0
+ ldd -8($xfer),$nm0
+ fstds ${fnm0},-8($xfer)
+ extrd,u $ab0,31,32,$hi0
+ extrd,u $nm1,31,32,$hi1
+ ldw 8($tp),$ti1 ; tp[j]
+ extrd,u $ab0,63,32,$ab0
+ addl $hi1,$nm0,$nm0
+ addl $ab0,$nm0,$nm0
+ stw,ma $nm0,8($tp) ; tp[j-1]
+ addib,<> 8,$idx,L\$inner ; j++++
+ extrd,u $nm0,31,32,$hi1
+
+ xmpyu ${fai}R,${fbi},${fab1} ; ap[j]*bp[i]
+ xmpyu ${fni}R,${fm0}R,${fnm1} ; np[j]*m
+ ldd 0($xfer),$ab1
+ fstds ${fab1},0($xfer)
+ addl $hi0,$ti1,$ti1
+ addl $ti1,$ab1,$ab1
+ ldd 8($xfer),$nm1
+ fstds ${fnm1},8($xfer)
+ extrd,u $ab1,31,32,$hi0
+ extrd,u $ab1,63,32,$ab1
+ ldw 4($tp),$ti0 ; tp[j]
+ addl $hi1,$nm1,$nm1
+ addl $ab1,$nm1,$nm1
+ ldd -16($xfer),$ab0
+ ldd -8($xfer),$nm0
+ extrd,u $nm1,31,32,$hi1
+
+ addl $hi0,$ab0,$ab0
+ addl $ti0,$ab0,$ab0
+ stw $nm1,-4($tp) ; tp[j-1]
+ extrd,u $ab0,31,32,$hi0
+ ldw 8($tp),$ti1 ; tp[j]
+ extrd,u $ab0,63,32,$ab0
+ addl $hi1,$nm0,$nm0
+ ldd 0($xfer),$ab1
+ addl $ab0,$nm0,$nm0
+ ldd,mb 8($xfer),$nm1
+ extrd,u $nm0,31,32,$hi1
+ stw,ma $nm0,8($tp) ; tp[j-1]
+
+ addib,= -1,$num,L\$outerdone ; i--
+ subi 0,$arrsz,$idx ; j=0
+___
+$code.=<<___ if ($BN_SZ==4);
+ fldws,ma 4($bp),${fbi} ; bp[i]
+___
+$code.=<<___ if ($BN_SZ==8);
+ ldi 12,$ti0 ; bp[i] in flipped word order
+ addl,ev %r0,$num,$num
+ ldi -4,$ti0
+ addl $ti0,$bp,$bp
+ fldws 0($bp),${fbi}
+___
+$code.=<<___;
+ flddx $idx($ap),${fai} ; ap[0]
+ addl $hi0,$ab1,$ab1
+ flddx $idx($np),${fni} ; np[0]
+ fldws 8($xfer),${fti}R ; tp[0]
+ addl $ti1,$ab1,$ab1
+ extrd,u $ab1,31,32,$hi0
+ extrd,u $ab1,63,32,$ab1
+
+ ldo 8($idx),$idx ; j++++
+ xmpyu ${fai}L,${fbi},${fab0} ; ap[0]*bp[i]
+ xmpyu ${fai}R,${fbi},${fab1} ; ap[1]*bp[i]
+ ldw 4($tp),$ti0 ; tp[j]
+
+ addl $hi1,$nm1,$nm1
+ fstws,mb ${fab0}L,-8($xfer) ; save high part
+ addl $ab1,$nm1,$nm1
+ extrd,u $nm1,31,32,$hi1
+ fcpy,sgl %fr0,${fti}L ; zero high part
+ fcpy,sgl %fr0,${fab0}L
+ stw $nm1,-4($tp) ; tp[j-1]
+
+ fcnvxf,dbl,dbl ${fti},${fti} ; 32-bit unsigned int -> double
+ fcnvxf,dbl,dbl ${fab0},${fab0}
+ addl $hi1,$hi0,$hi0
+ fadd,dbl ${fti},${fab0},${fab0} ; add tp[0]
+ addl $ti0,$hi0,$hi0
+ extrd,u $hi0,31,32,$hi1
+ fcnvfx,dbl,dbl ${fab0},${fab0} ; double -> 33-bit unsigned int
+ stw $hi0,0($tp)
+ stw $hi1,4($tp)
+ xmpyu ${fn0},${fab0}R,${fm0}
+
+ b L\$outer
+ ldo `$LOCALS+32+4`($fp),$tp
+
+L\$outerdone
+ addl $hi0,$ab1,$ab1
+ addl $ti1,$ab1,$ab1
+ extrd,u $ab1,31,32,$hi0
+ extrd,u $ab1,63,32,$ab1
+
+ ldw 4($tp),$ti0 ; tp[j]
+
+ addl $hi1,$nm1,$nm1
+ addl $ab1,$nm1,$nm1
+ extrd,u $nm1,31,32,$hi1
+ stw $nm1,-4($tp) ; tp[j-1]
+
+ addl $hi1,$hi0,$hi0
+ addl $ti0,$hi0,$hi0
+ extrd,u $hi0,31,32,$hi1
+ stw $hi0,0($tp)
+ stw $hi1,4($tp)
+
+ ldo `$LOCALS+32`($fp),$tp
+ sub %r0,%r0,%r0 ; clear borrow
+___
+$code.=<<___ if ($BN_SZ==4);
+ ldws,ma 4($tp),$ti0
+ extru,= $rp,31,3,%r0 ; is rp 64-bit aligned?
+ b L\$sub_pa11
+ addl $tp,$arrsz,$tp
+L\$sub
+ ldwx $idx($np),$hi0
+ subb $ti0,$hi0,$hi1
+ ldwx $idx($tp),$ti0
+ addib,<> 4,$idx,L\$sub
+ stws,ma $hi1,4($rp)
+
+ subb $ti0,%r0,$hi1
+ ldo -4($tp),$tp
+___
+$code.=<<___ if ($BN_SZ==8);
+ ldd,ma 8($tp),$ti0
+L\$sub
+ ldd $idx($np),$hi0
+ shrpd $ti0,$ti0,32,$ti0 ; flip word order
+ std $ti0,-8($tp) ; save flipped value
+ sub,db $ti0,$hi0,$hi1
+ ldd,ma 8($tp),$ti0
+ addib,<> 8,$idx,L\$sub
+ std,ma $hi1,8($rp)
+
+ extrd,u $ti0,31,32,$ti0 ; carry in flipped word order
+ sub,db $ti0,%r0,$hi1
+ ldo -8($tp),$tp
+___
+$code.=<<___;
+ and $tp,$hi1,$ap
+ andcm $rp,$hi1,$bp
+ or $ap,$bp,$np
+
+ sub $rp,$arrsz,$rp ; rewind rp
+ subi 0,$arrsz,$idx
+ ldo `$LOCALS+32`($fp),$tp
+L\$copy
+ ldd $idx($np),$hi0
+ std,ma %r0,8($tp)
+ addib,<> 8,$idx,.-8 ; L\$copy
+ std,ma $hi0,8($rp)
+___
+
+if ($BN_SZ==4) { # PA-RISC 1.1 code-path
+$ablo=$ab0;
+$abhi=$ab1;
+$nmlo0=$nm0;
+$nmhi0=$nm1;
+$nmlo1="%r9";
+$nmhi1="%r8";
+
+$code.=<<___;
+ b L\$done
+ nop
+
+ .ALIGN 8
+L\$parisc11
+ xmpyu ${fai}L,${fbi},${fab0} ; ap[j]*bp[0]
+ xmpyu ${fni}L,${fm0}R,${fnm0} ; np[j]*m
+ ldw -12($xfer),$ablo
+ ldw -16($xfer),$hi0
+ ldw -4($xfer),$nmlo0
+ ldw -8($xfer),$nmhi0
+ fstds ${fab0},-16($xfer)
+ fstds ${fnm0},-8($xfer)
+
+ ldo 8($idx),$idx ; j++++
+ add $ablo,$nmlo0,$nmlo0 ; discarded
+ addc %r0,$nmhi0,$hi1
+ ldw 4($xfer),$ablo
+ ldw 0($xfer),$abhi
+ nop
+
+L\$1st_pa11
+ xmpyu ${fai}R,${fbi},${fab1} ; ap[j+1]*bp[0]
+ flddx $idx($ap),${fai} ; ap[j,j+1]
+ xmpyu ${fni}R,${fm0}R,${fnm1} ; np[j+1]*m
+ flddx $idx($np),${fni} ; np[j,j+1]
+ add $hi0,$ablo,$ablo
+ ldw 12($xfer),$nmlo1
+ addc %r0,$abhi,$hi0
+ ldw 8($xfer),$nmhi1
+ add $ablo,$nmlo1,$nmlo1
+ fstds ${fab1},0($xfer)
+ addc %r0,$nmhi1,$nmhi1
+ fstds ${fnm1},8($xfer)
+ add $hi1,$nmlo1,$nmlo1
+ ldw -12($xfer),$ablo
+ addc %r0,$nmhi1,$hi1
+ ldw -16($xfer),$abhi
+
+ xmpyu ${fai}L,${fbi},${fab0} ; ap[j]*bp[0]
+ ldw -4($xfer),$nmlo0
+ xmpyu ${fni}L,${fm0}R,${fnm0} ; np[j]*m
+ ldw -8($xfer),$nmhi0
+ add $hi0,$ablo,$ablo
+ stw $nmlo1,-4($tp) ; tp[j-1]
+ addc %r0,$abhi,$hi0
+ fstds ${fab0},-16($xfer)
+ add $ablo,$nmlo0,$nmlo0
+ fstds ${fnm0},-8($xfer)
+ addc %r0,$nmhi0,$nmhi0
+ ldw 0($xfer),$abhi
+ add $hi1,$nmlo0,$nmlo0
+ ldw 4($xfer),$ablo
+ stws,ma $nmlo0,8($tp) ; tp[j-1]
+ addib,<> 8,$idx,L\$1st_pa11 ; j++++
+ addc %r0,$nmhi0,$hi1
+
+ ldw 8($xfer),$nmhi1
+ ldw 12($xfer),$nmlo1
+ xmpyu ${fai}R,${fbi},${fab1} ; ap[j]*bp[0]
+ xmpyu ${fni}R,${fm0}R,${fnm1} ; np[j]*m
+ add $hi0,$ablo,$ablo
+ fstds ${fab1},0($xfer)
+ addc %r0,$abhi,$hi0
+ fstds ${fnm1},8($xfer)
+ add $ablo,$nmlo1,$nmlo1
+ ldw -16($xfer),$abhi
+ addc %r0,$nmhi1,$nmhi1
+ ldw -12($xfer),$ablo
+ add $hi1,$nmlo1,$nmlo1
+ ldw -8($xfer),$nmhi0
+ addc %r0,$nmhi1,$hi1
+ ldw -4($xfer),$nmlo0
+
+ add $hi0,$ablo,$ablo
+ stw $nmlo1,-4($tp) ; tp[j-1]
+ addc %r0,$abhi,$hi0
+ ldw 0($xfer),$abhi
+ add $ablo,$nmlo0,$nmlo0
+ ldw 4($xfer),$ablo
+ addc %r0,$nmhi0,$nmhi0
+ ldws,mb 8($xfer),$nmhi1
+ add $hi1,$nmlo0,$nmlo0
+ ldw 4($xfer),$nmlo1
+ addc %r0,$nmhi0,$hi1
+ stws,ma $nmlo0,8($tp) ; tp[j-1]
+
+ ldo -1($num),$num ; i--
+ subi 0,$arrsz,$idx ; j=0
+
+ fldws,ma 4($bp),${fbi} ; bp[1]
+ flddx $idx($ap),${fai} ; ap[0,1]
+ flddx $idx($np),${fni} ; np[0,1]
+ fldws 8($xfer),${fti}R ; tp[0]
+ add $hi0,$ablo,$ablo
+ addc %r0,$abhi,$hi0
+ ldo 8($idx),$idx ; j++++
+ xmpyu ${fai}L,${fbi},${fab0} ; ap[0]*bp[1]
+ xmpyu ${fai}R,${fbi},${fab1} ; ap[1]*bp[1]
+ add $hi1,$nmlo1,$nmlo1
+ addc %r0,$nmhi1,$nmhi1
+ add $ablo,$nmlo1,$nmlo1
+ addc %r0,$nmhi1,$hi1
+ fstws,mb ${fab0}L,-8($xfer) ; save high part
+ stw $nmlo1,-4($tp) ; tp[j-1]
+
+ fcpy,sgl %fr0,${fti}L ; zero high part
+ fcpy,sgl %fr0,${fab0}L
+ add $hi1,$hi0,$hi0
+ addc %r0,%r0,$hi1
+ fcnvxf,dbl,dbl ${fti},${fti} ; 32-bit unsigned int -> double
+ fcnvxf,dbl,dbl ${fab0},${fab0}
+ stw $hi0,0($tp)
+ stw $hi1,4($tp)
+
+ fadd,dbl ${fti},${fab0},${fab0} ; add tp[0]
+ fcnvfx,dbl,dbl ${fab0},${fab0} ; double -> 33-bit unsigned int
+ xmpyu ${fn0},${fab0}R,${fm0}
+ ldo `$LOCALS+32+4`($fp),$tp
+L\$outer_pa11
+ xmpyu ${fni}L,${fm0}R,${fnm0} ; np[0]*m
+ xmpyu ${fni}R,${fm0}R,${fnm1} ; np[1]*m
+ fstds ${fab0},-16($xfer) ; 33-bit value
+ fstds ${fnm0},-8($xfer)
+ flddx $idx($ap),${fai} ; ap[2,3]
+ flddx $idx($np),${fni} ; np[2,3]
+ ldw -16($xfer),$abhi ; carry bit actually
+ ldo 8($idx),$idx ; j++++
+ ldw -12($xfer),$ablo
+ ldw -8($xfer),$nmhi0
+ ldw -4($xfer),$nmlo0
+ ldw 0($xfer),$hi0 ; high part
+
+ xmpyu ${fai}L,${fbi},${fab0} ; ap[j]*bp[i]
+ xmpyu ${fni}L,${fm0}R,${fnm0} ; np[j]*m
+ fstds ${fab1},0($xfer)
+ addl $abhi,$hi0,$hi0 ; account carry bit
+ fstds ${fnm1},8($xfer)
+ add $ablo,$nmlo0,$nmlo0 ; discarded
+ ldw 0($tp),$ti1 ; tp[1]
+ addc %r0,$nmhi0,$hi1
+ fstds ${fab0},-16($xfer)
+ fstds ${fnm0},-8($xfer)
+ ldw 4($xfer),$ablo
+ ldw 0($xfer),$abhi
+
+L\$inner_pa11
+ xmpyu ${fai}R,${fbi},${fab1} ; ap[j+1]*bp[i]
+ flddx $idx($ap),${fai} ; ap[j,j+1]
+ xmpyu ${fni}R,${fm0}R,${fnm1} ; np[j+1]*m
+ flddx $idx($np),${fni} ; np[j,j+1]
+ add $hi0,$ablo,$ablo
+ ldw 4($tp),$ti0 ; tp[j]
+ addc %r0,$abhi,$abhi
+ ldw 12($xfer),$nmlo1
+ add $ti1,$ablo,$ablo
+ ldw 8($xfer),$nmhi1
+ addc %r0,$abhi,$hi0
+ fstds ${fab1},0($xfer)
+ add $ablo,$nmlo1,$nmlo1
+ fstds ${fnm1},8($xfer)
+ addc %r0,$nmhi1,$nmhi1
+ ldw -12($xfer),$ablo
+ add $hi1,$nmlo1,$nmlo1
+ ldw -16($xfer),$abhi
+ addc %r0,$nmhi1,$hi1
+
+ xmpyu ${fai}L,${fbi},${fab0} ; ap[j]*bp[i]
+ ldw 8($tp),$ti1 ; tp[j]
+ xmpyu ${fni}L,${fm0}R,${fnm0} ; np[j]*m
+ ldw -4($xfer),$nmlo0
+ add $hi0,$ablo,$ablo
+ ldw -8($xfer),$nmhi0
+ addc %r0,$abhi,$abhi
+ stw $nmlo1,-4($tp) ; tp[j-1]
+ add $ti0,$ablo,$ablo
+ fstds ${fab0},-16($xfer)
+ addc %r0,$abhi,$hi0
+ fstds ${fnm0},-8($xfer)
+ add $ablo,$nmlo0,$nmlo0
+ ldw 4($xfer),$ablo
+ addc %r0,$nmhi0,$nmhi0
+ ldw 0($xfer),$abhi
+ add $hi1,$nmlo0,$nmlo0
+ stws,ma $nmlo0,8($tp) ; tp[j-1]
+ addib,<> 8,$idx,L\$inner_pa11 ; j++++
+ addc %r0,$nmhi0,$hi1
+
+ xmpyu ${fai}R,${fbi},${fab1} ; ap[j]*bp[i]
+ ldw 12($xfer),$nmlo1
+ xmpyu ${fni}R,${fm0}R,${fnm1} ; np[j]*m
+ ldw 8($xfer),$nmhi1
+ add $hi0,$ablo,$ablo
+ ldw 4($tp),$ti0 ; tp[j]
+ addc %r0,$abhi,$abhi
+ fstds ${fab1},0($xfer)
+ add $ti1,$ablo,$ablo
+ fstds ${fnm1},8($xfer)
+ addc %r0,$abhi,$hi0
+ ldw -16($xfer),$abhi
+ add $ablo,$nmlo1,$nmlo1
+ ldw -12($xfer),$ablo
+ addc %r0,$nmhi1,$nmhi1
+ ldw -8($xfer),$nmhi0
+ add $hi1,$nmlo1,$nmlo1
+ ldw -4($xfer),$nmlo0
+ addc %r0,$nmhi1,$hi1
+
+ add $hi0,$ablo,$ablo
+ stw $nmlo1,-4($tp) ; tp[j-1]
+ addc %r0,$abhi,$abhi
+ add $ti0,$ablo,$ablo
+ ldw 8($tp),$ti1 ; tp[j]
+ addc %r0,$abhi,$hi0
+ ldw 0($xfer),$abhi
+ add $ablo,$nmlo0,$nmlo0
+ ldw 4($xfer),$ablo
+ addc %r0,$nmhi0,$nmhi0
+ ldws,mb 8($xfer),$nmhi1
+ add $hi1,$nmlo0,$nmlo0
+ ldw 4($xfer),$nmlo1
+ addc %r0,$nmhi0,$hi1
+ stws,ma $nmlo0,8($tp) ; tp[j-1]
+
+ addib,= -1,$num,L\$outerdone_pa11; i--
+ subi 0,$arrsz,$idx ; j=0
+
+ fldws,ma 4($bp),${fbi} ; bp[i]
+ flddx $idx($ap),${fai} ; ap[0]
+ add $hi0,$ablo,$ablo
+ addc %r0,$abhi,$abhi
+ flddx $idx($np),${fni} ; np[0]
+ fldws 8($xfer),${fti}R ; tp[0]
+ add $ti1,$ablo,$ablo
+ addc %r0,$abhi,$hi0
+
+ ldo 8($idx),$idx ; j++++
+ xmpyu ${fai}L,${fbi},${fab0} ; ap[0]*bp[i]
+ xmpyu ${fai}R,${fbi},${fab1} ; ap[1]*bp[i]
+ ldw 4($tp),$ti0 ; tp[j]
+
+ add $hi1,$nmlo1,$nmlo1
+ addc %r0,$nmhi1,$nmhi1
+ fstws,mb ${fab0}L,-8($xfer) ; save high part
+ add $ablo,$nmlo1,$nmlo1
+ addc %r0,$nmhi1,$hi1
+ fcpy,sgl %fr0,${fti}L ; zero high part
+ fcpy,sgl %fr0,${fab0}L
+ stw $nmlo1,-4($tp) ; tp[j-1]
+
+ fcnvxf,dbl,dbl ${fti},${fti} ; 32-bit unsigned int -> double
+ fcnvxf,dbl,dbl ${fab0},${fab0}
+ add $hi1,$hi0,$hi0
+ addc %r0,%r0,$hi1
+ fadd,dbl ${fti},${fab0},${fab0} ; add tp[0]
+ add $ti0,$hi0,$hi0
+ addc %r0,$hi1,$hi1
+ fcnvfx,dbl,dbl ${fab0},${fab0} ; double -> 33-bit unsigned int
+ stw $hi0,0($tp)
+ stw $hi1,4($tp)
+ xmpyu ${fn0},${fab0}R,${fm0}
+
+ b L\$outer_pa11
+ ldo `$LOCALS+32+4`($fp),$tp
+
+L\$outerdone_pa11
+ add $hi0,$ablo,$ablo
+ addc %r0,$abhi,$abhi
+ add $ti1,$ablo,$ablo
+ addc %r0,$abhi,$hi0
+
+ ldw 4($tp),$ti0 ; tp[j]
+
+ add $hi1,$nmlo1,$nmlo1
+ addc %r0,$nmhi1,$nmhi1
+ add $ablo,$nmlo1,$nmlo1
+ addc %r0,$nmhi1,$hi1
+ stw $nmlo1,-4($tp) ; tp[j-1]
+
+ add $hi1,$hi0,$hi0
+ addc %r0,%r0,$hi1
+ add $ti0,$hi0,$hi0
+ addc %r0,$hi1,$hi1
+ stw $hi0,0($tp)
+ stw $hi1,4($tp)
+
+ ldo `$LOCALS+32+4`($fp),$tp
+ sub %r0,%r0,%r0 ; clear borrow
+ ldw -4($tp),$ti0
+ addl $tp,$arrsz,$tp
+L\$sub_pa11
+ ldwx $idx($np),$hi0
+ subb $ti0,$hi0,$hi1
+ ldwx $idx($tp),$ti0
+ addib,<> 4,$idx,L\$sub_pa11
+ stws,ma $hi1,4($rp)
+
+ subb $ti0,%r0,$hi1
+ ldo -4($tp),$tp
+ and $tp,$hi1,$ap
+ andcm $rp,$hi1,$bp
+ or $ap,$bp,$np
+
+ sub $rp,$arrsz,$rp ; rewind rp
+ subi 0,$arrsz,$idx
+ ldo `$LOCALS+32`($fp),$tp
+L\$copy_pa11
+ ldwx $idx($np),$hi0
+ stws,ma %r0,4($tp)
+ addib,<> 4,$idx,L\$copy_pa11
+ stws,ma $hi0,4($rp)
+
+ nop ; alignment
+L\$done
+___
+}
+
+$code.=<<___;
+ ldi 1,%r28 ; signal "handled"
+ ldo $FRAME($fp),%sp ; destroy tp[num+1]
+
+ $POP `-$FRAME-$SAVED_RP`(%sp),%r2 ; standard epilogue
+ $POP `-$FRAME+1*$SIZE_T`(%sp),%r4
+ $POP `-$FRAME+2*$SIZE_T`(%sp),%r5
+ $POP `-$FRAME+3*$SIZE_T`(%sp),%r6
+ $POP `-$FRAME+4*$SIZE_T`(%sp),%r7
+ $POP `-$FRAME+5*$SIZE_T`(%sp),%r8
+ $POP `-$FRAME+6*$SIZE_T`(%sp),%r9
+ $POP `-$FRAME+7*$SIZE_T`(%sp),%r10
+L\$abort
+ bv (%r2)
+ .EXIT
+ $POPMB -$FRAME(%sp),%r3
+ .PROCEND
+ .STRINGZ "Montgomery Multiplication for PA-RISC, CRYPTOGAMS by <appro\@openssl.org>"
+___
+
+# Explicitly encode PA-RISC 2.0 instructions used in this module, so
+# that it can be compiled with .LEVEL 1.0. It should be noted that I
+# wouldn't have to do this, if GNU assembler understood .ALLOW 2.0
+# directive...
+
+my $ldd = sub {
+ my ($mod,$args) = @_;
+ my $orig = "ldd$mod\t$args";
+
+ if ($args =~ /%r([0-9]+)\(%r([0-9]+)\),%r([0-9]+)/) # format 4
+ { my $opcode=(0x03<<26)|($2<<21)|($1<<16)|(3<<6)|$3;
+ sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
+ }
+ elsif ($args =~ /(\-?[0-9]+)\(%r([0-9]+)\),%r([0-9]+)/) # format 5
+ { my $opcode=(0x03<<26)|($2<<21)|(1<<12)|(3<<6)|$3;
+ $opcode|=(($1&0xF)<<17)|(($1&0x10)<<12); # encode offset
+ $opcode|=(1<<5) if ($mod =~ /^,m/);
+ $opcode|=(1<<13) if ($mod =~ /^,mb/);
+ sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
+ }
+ else { "\t".$orig; }
+};
+
+my $std = sub {
+ my ($mod,$args) = @_;
+ my $orig = "std$mod\t$args";
+
+ if ($args =~ /%r([0-9]+),(\-?[0-9]+)\(%r([0-9]+)\)/) # format 6
+ { my $opcode=(0x03<<26)|($3<<21)|($1<<16)|(1<<12)|(0xB<<6);
+ $opcode|=(($2&0xF)<<1)|(($2&0x10)>>4); # encode offset
+ $opcode|=(1<<5) if ($mod =~ /^,m/);
+ $opcode|=(1<<13) if ($mod =~ /^,mb/);
+ sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
+ }
+ else { "\t".$orig; }
+};
+
+my $extrd = sub {
+ my ($mod,$args) = @_;
+ my $orig = "extrd$mod\t$args";
+
+ # I only have ",u" completer, it's implicitly encoded...
+ if ($args =~ /%r([0-9]+),([0-9]+),([0-9]+),%r([0-9]+)/) # format 15
+ { my $opcode=(0x36<<26)|($1<<21)|($4<<16);
+ my $len=32-$3;
+ $opcode |= (($2&0x20)<<6)|(($2&0x1f)<<5); # encode pos
+ $opcode |= (($len&0x20)<<7)|($len&0x1f); # encode len
+ sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
+ }
+ elsif ($args =~ /%r([0-9]+),%sar,([0-9]+),%r([0-9]+)/) # format 12
+ { my $opcode=(0x34<<26)|($1<<21)|($3<<16)|(2<<11)|(1<<9);
+ my $len=32-$2;
+ $opcode |= (($len&0x20)<<3)|($len&0x1f); # encode len
+ $opcode |= (1<<13) if ($mod =~ /,\**=/);
+ sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
+ }
+ else { "\t".$orig; }
+};
+
+my $shrpd = sub {
+ my ($mod,$args) = @_;
+ my $orig = "shrpd$mod\t$args";
+
+ if ($args =~ /%r([0-9]+),%r([0-9]+),([0-9]+),%r([0-9]+)/) # format 14
+ { my $opcode=(0x34<<26)|($2<<21)|($1<<16)|(1<<10)|$4;
+ my $cpos=63-$3;
+ $opcode |= (($cpos&0x20)<<6)|(($cpos&0x1f)<<5); # encode sa
+ sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
+ }
+ else { "\t".$orig; }
+};
+
+my $sub = sub {
+ my ($mod,$args) = @_;
+ my $orig = "sub$mod\t$args";
+
+ if ($mod eq ",db" && $args =~ /%r([0-9]+),%r([0-9]+),%r([0-9]+)/) {
+ my $opcode=(0x02<<26)|($2<<21)|($1<<16)|$3;
+ $opcode|=(1<<10); # e1
+ $opcode|=(1<<8); # e2
+ $opcode|=(1<<5); # d
+ sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig
+ }
+ else { "\t".$orig; }
+};
+
+sub assemble {
+ my ($mnemonic,$mod,$args)=@_;
+ my $opcode = eval("\$$mnemonic");
+
+ ref($opcode) eq 'CODE' ? &$opcode($mod,$args) : "\t$mnemonic$mod\t$args";
+}
+
+foreach (split("\n",$code)) {
+ s/\`([^\`]*)\`/eval $1/ge;
+ # flip word order in 64-bit mode...
+ s/(xmpyu\s+)($fai|$fni)([LR])/$1.$2.($3 eq "L"?"R":"L")/e if ($BN_SZ==8);
+ # assemble 2.0 instructions in 32-bit mode...
+ s/^\s+([a-z]+)([\S]*)\s+([\S]*)/&assemble($1,$2,$3)/e if ($BN_SZ==4);
+
+ s/\bbv\b/bve/gm if ($SIZE_T==8);
+
+ print $_,"\n";
+}
+close STDOUT;
Copied: trunk/crypto/openssl/crypto/bn/asm/ppc-mont.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/bn/asm/ppc-mont.pl)
===================================================================
--- trunk/crypto/openssl/crypto/bn/asm/ppc-mont.pl (rev 0)
+++ trunk/crypto/openssl/crypto/bn/asm/ppc-mont.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,334 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# April 2006
+
+# "Teaser" Montgomery multiplication module for PowerPC. It's possible
+# to gain a bit more by modulo-scheduling outer loop, then dedicated
+# squaring procedure should give further 20% and code can be adapted
+# for 32-bit application running on 64-bit CPU. As for the latter.
+# It won't be able to achieve "native" 64-bit performance, because in
+# 32-bit application context every addc instruction will have to be
+# expanded as addc, twice right shift by 32 and finally adde, etc.
+# So far RSA *sign* performance improvement over pre-bn_mul_mont asm
+# for 64-bit application running on PPC970/G5 is:
+#
+# 512-bit +65%
+# 1024-bit +35%
+# 2048-bit +18%
+# 4096-bit +4%
+
+$flavour = shift;
+
+if ($flavour =~ /32/) {
+ $BITS= 32;
+ $BNSZ= $BITS/8;
+ $SIZE_T=4;
+ $RZONE= 224;
+
+ $LD= "lwz"; # load
+ $LDU= "lwzu"; # load and update
+ $LDX= "lwzx"; # load indexed
+ $ST= "stw"; # store
+ $STU= "stwu"; # store and update
+ $STX= "stwx"; # store indexed
+ $STUX= "stwux"; # store indexed and update
+ $UMULL= "mullw"; # unsigned multiply low
+ $UMULH= "mulhwu"; # unsigned multiply high
+ $UCMP= "cmplw"; # unsigned compare
+ $SHRI= "srwi"; # unsigned shift right by immediate
+ $PUSH= $ST;
+ $POP= $LD;
+} elsif ($flavour =~ /64/) {
+ $BITS= 64;
+ $BNSZ= $BITS/8;
+ $SIZE_T=8;
+ $RZONE= 288;
+
+ # same as above, but 64-bit mnemonics...
+ $LD= "ld"; # load
+ $LDU= "ldu"; # load and update
+ $LDX= "ldx"; # load indexed
+ $ST= "std"; # store
+ $STU= "stdu"; # store and update
+ $STX= "stdx"; # store indexed
+ $STUX= "stdux"; # store indexed and update
+ $UMULL= "mulld"; # unsigned multiply low
+ $UMULH= "mulhdu"; # unsigned multiply high
+ $UCMP= "cmpld"; # unsigned compare
+ $SHRI= "srdi"; # unsigned shift right by immediate
+ $PUSH= $ST;
+ $POP= $LD;
+} else { die "nonsense $flavour"; }
+
+$FRAME=8*$SIZE_T+$RZONE;
+$LOCALS=8*$SIZE_T;
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}ppc-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/ppc-xlate.pl" and -f $xlate) or
+die "can't locate ppc-xlate.pl";
+
+open STDOUT,"| $^X $xlate $flavour ".shift || die "can't call $xlate: $!";
+
+$sp="r1";
+$toc="r2";
+$rp="r3"; $ovf="r3";
+$ap="r4";
+$bp="r5";
+$np="r6";
+$n0="r7";
+$num="r8";
+$rp="r9"; # $rp is reassigned
+$aj="r10";
+$nj="r11";
+$tj="r12";
+# non-volatile registers
+$i="r20";
+$j="r21";
+$tp="r22";
+$m0="r23";
+$m1="r24";
+$lo0="r25";
+$hi0="r26";
+$lo1="r27";
+$hi1="r28";
+$alo="r29";
+$ahi="r30";
+$nlo="r31";
+#
+$nhi="r0";
+
+$code=<<___;
+.machine "any"
+.text
+
+.globl .bn_mul_mont_int
+.align 4
+.bn_mul_mont_int:
+ cmpwi $num,4
+ mr $rp,r3 ; $rp is reassigned
+ li r3,0
+ bltlr
+___
+$code.=<<___ if ($BNSZ==4);
+ cmpwi $num,32 ; longer key performance is not better
+ bgelr
+___
+$code.=<<___;
+ slwi $num,$num,`log($BNSZ)/log(2)`
+ li $tj,-4096
+ addi $ovf,$num,$FRAME
+ subf $ovf,$ovf,$sp ; $sp-$ovf
+ and $ovf,$ovf,$tj ; minimize TLB usage
+ subf $ovf,$sp,$ovf ; $ovf-$sp
+ mr $tj,$sp
+ srwi $num,$num,`log($BNSZ)/log(2)`
+ $STUX $sp,$sp,$ovf
+
+ $PUSH r20,`-12*$SIZE_T`($tj)
+ $PUSH r21,`-11*$SIZE_T`($tj)
+ $PUSH r22,`-10*$SIZE_T`($tj)
+ $PUSH r23,`-9*$SIZE_T`($tj)
+ $PUSH r24,`-8*$SIZE_T`($tj)
+ $PUSH r25,`-7*$SIZE_T`($tj)
+ $PUSH r26,`-6*$SIZE_T`($tj)
+ $PUSH r27,`-5*$SIZE_T`($tj)
+ $PUSH r28,`-4*$SIZE_T`($tj)
+ $PUSH r29,`-3*$SIZE_T`($tj)
+ $PUSH r30,`-2*$SIZE_T`($tj)
+ $PUSH r31,`-1*$SIZE_T`($tj)
+
+ $LD $n0,0($n0) ; pull n0[0] value
+ addi $num,$num,-2 ; adjust $num for counter register
+
+ $LD $m0,0($bp) ; m0=bp[0]
+ $LD $aj,0($ap) ; ap[0]
+ addi $tp,$sp,$LOCALS
+ $UMULL $lo0,$aj,$m0 ; ap[0]*bp[0]
+ $UMULH $hi0,$aj,$m0
+
+ $LD $aj,$BNSZ($ap) ; ap[1]
+ $LD $nj,0($np) ; np[0]
+
+ $UMULL $m1,$lo0,$n0 ; "tp[0]"*n0
+
+ $UMULL $alo,$aj,$m0 ; ap[1]*bp[0]
+ $UMULH $ahi,$aj,$m0
+
+ $UMULL $lo1,$nj,$m1 ; np[0]*m1
+ $UMULH $hi1,$nj,$m1
+ $LD $nj,$BNSZ($np) ; np[1]
+ addc $lo1,$lo1,$lo0
+ addze $hi1,$hi1
+
+ $UMULL $nlo,$nj,$m1 ; np[1]*m1
+ $UMULH $nhi,$nj,$m1
+
+ mtctr $num
+ li $j,`2*$BNSZ`
+.align 4
+L1st:
+ $LDX $aj,$ap,$j ; ap[j]
+ addc $lo0,$alo,$hi0
+ $LDX $nj,$np,$j ; np[j]
+ addze $hi0,$ahi
+ $UMULL $alo,$aj,$m0 ; ap[j]*bp[0]
+ addc $lo1,$nlo,$hi1
+ $UMULH $ahi,$aj,$m0
+ addze $hi1,$nhi
+ $UMULL $nlo,$nj,$m1 ; np[j]*m1
+ addc $lo1,$lo1,$lo0 ; np[j]*m1+ap[j]*bp[0]
+ $UMULH $nhi,$nj,$m1
+ addze $hi1,$hi1
+ $ST $lo1,0($tp) ; tp[j-1]
+
+ addi $j,$j,$BNSZ ; j++
+ addi $tp,$tp,$BNSZ ; tp++
+ bdnz- L1st
+;L1st
+ addc $lo0,$alo,$hi0
+ addze $hi0,$ahi
+
+ addc $lo1,$nlo,$hi1
+ addze $hi1,$nhi
+ addc $lo1,$lo1,$lo0 ; np[j]*m1+ap[j]*bp[0]
+ addze $hi1,$hi1
+ $ST $lo1,0($tp) ; tp[j-1]
+
+ li $ovf,0
+ addc $hi1,$hi1,$hi0
+ addze $ovf,$ovf ; upmost overflow bit
+ $ST $hi1,$BNSZ($tp)
+
+ li $i,$BNSZ
+.align 4
+Louter:
+ $LDX $m0,$bp,$i ; m0=bp[i]
+ $LD $aj,0($ap) ; ap[0]
+ addi $tp,$sp,$LOCALS
+ $LD $tj,$LOCALS($sp); tp[0]
+ $UMULL $lo0,$aj,$m0 ; ap[0]*bp[i]
+ $UMULH $hi0,$aj,$m0
+ $LD $aj,$BNSZ($ap) ; ap[1]
+ $LD $nj,0($np) ; np[0]
+ addc $lo0,$lo0,$tj ; ap[0]*bp[i]+tp[0]
+ $UMULL $alo,$aj,$m0 ; ap[j]*bp[i]
+ addze $hi0,$hi0
+ $UMULL $m1,$lo0,$n0 ; tp[0]*n0
+ $UMULH $ahi,$aj,$m0
+ $UMULL $lo1,$nj,$m1 ; np[0]*m1
+ $UMULH $hi1,$nj,$m1
+ $LD $nj,$BNSZ($np) ; np[1]
+ addc $lo1,$lo1,$lo0
+ $UMULL $nlo,$nj,$m1 ; np[1]*m1
+ addze $hi1,$hi1
+ $UMULH $nhi,$nj,$m1
+
+ mtctr $num
+ li $j,`2*$BNSZ`
+.align 4
+Linner:
+ $LDX $aj,$ap,$j ; ap[j]
+ addc $lo0,$alo,$hi0
+ $LD $tj,$BNSZ($tp) ; tp[j]
+ addze $hi0,$ahi
+ $LDX $nj,$np,$j ; np[j]
+ addc $lo1,$nlo,$hi1
+ $UMULL $alo,$aj,$m0 ; ap[j]*bp[i]
+ addze $hi1,$nhi
+ $UMULH $ahi,$aj,$m0
+ addc $lo0,$lo0,$tj ; ap[j]*bp[i]+tp[j]
+ $UMULL $nlo,$nj,$m1 ; np[j]*m1
+ addze $hi0,$hi0
+ $UMULH $nhi,$nj,$m1
+ addc $lo1,$lo1,$lo0 ; np[j]*m1+ap[j]*bp[i]+tp[j]
+ addi $j,$j,$BNSZ ; j++
+ addze $hi1,$hi1
+ $ST $lo1,0($tp) ; tp[j-1]
+ addi $tp,$tp,$BNSZ ; tp++
+ bdnz- Linner
+;Linner
+ $LD $tj,$BNSZ($tp) ; tp[j]
+ addc $lo0,$alo,$hi0
+ addze $hi0,$ahi
+ addc $lo0,$lo0,$tj ; ap[j]*bp[i]+tp[j]
+ addze $hi0,$hi0
+
+ addc $lo1,$nlo,$hi1
+ addze $hi1,$nhi
+ addc $lo1,$lo1,$lo0 ; np[j]*m1+ap[j]*bp[i]+tp[j]
+ addze $hi1,$hi1
+ $ST $lo1,0($tp) ; tp[j-1]
+
+ addic $ovf,$ovf,-1 ; move upmost overflow to XER[CA]
+ li $ovf,0
+ adde $hi1,$hi1,$hi0
+ addze $ovf,$ovf
+ $ST $hi1,$BNSZ($tp)
+;
+ slwi $tj,$num,`log($BNSZ)/log(2)`
+ $UCMP $i,$tj
+ addi $i,$i,$BNSZ
+ ble- Louter
+
+ addi $num,$num,2 ; restore $num
+ subfc $j,$j,$j ; j=0 and "clear" XER[CA]
+ addi $tp,$sp,$LOCALS
+ mtctr $num
+
+.align 4
+Lsub: $LDX $tj,$tp,$j
+ $LDX $nj,$np,$j
+ subfe $aj,$nj,$tj ; tp[j]-np[j]
+ $STX $aj,$rp,$j
+ addi $j,$j,$BNSZ
+ bdnz- Lsub
+
+ li $j,0
+ mtctr $num
+ subfe $ovf,$j,$ovf ; handle upmost overflow bit
+ and $ap,$tp,$ovf
+ andc $np,$rp,$ovf
+ or $ap,$ap,$np ; ap=borrow?tp:rp
+
+.align 4
+Lcopy: ; copy or in-place refresh
+ $LDX $tj,$ap,$j
+ $STX $tj,$rp,$j
+ $STX $j,$tp,$j ; zap at once
+ addi $j,$j,$BNSZ
+ bdnz- Lcopy
+
+ $POP $tj,0($sp)
+ li r3,1
+ $POP r20,`-12*$SIZE_T`($tj)
+ $POP r21,`-11*$SIZE_T`($tj)
+ $POP r22,`-10*$SIZE_T`($tj)
+ $POP r23,`-9*$SIZE_T`($tj)
+ $POP r24,`-8*$SIZE_T`($tj)
+ $POP r25,`-7*$SIZE_T`($tj)
+ $POP r26,`-6*$SIZE_T`($tj)
+ $POP r27,`-5*$SIZE_T`($tj)
+ $POP r28,`-4*$SIZE_T`($tj)
+ $POP r29,`-3*$SIZE_T`($tj)
+ $POP r30,`-2*$SIZE_T`($tj)
+ $POP r31,`-1*$SIZE_T`($tj)
+ mr $sp,$tj
+ blr
+ .long 0
+ .byte 0,12,4,0,0x80,12,6,0
+ .long 0
+
+.asciz "Montgomery Multiplication for PPC, CRYPTOGAMS by <appro\@openssl.org>"
+___
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+print $code;
+close STDOUT;
Modified: trunk/crypto/openssl/crypto/bn/asm/ppc.pl
===================================================================
--- trunk/crypto/openssl/crypto/bn/asm/ppc.pl 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/bn/asm/ppc.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -100,9 +100,9 @@
# me a note at schari at us.ibm.com
#
-$opf = shift;
+$flavour = shift;
-if ($opf =~ /32\.s/) {
+if ($flavour =~ /32/) {
$BITS= 32;
$BNSZ= $BITS/8;
$ISA= "\"ppc\"";
@@ -125,7 +125,7 @@
$INSR= "insrwi"; # insert right
$ROTL= "rotlwi"; # rotate left by immediate
$TR= "tw"; # conditional trap
-} elsif ($opf =~ /64\.s/) {
+} elsif ($flavour =~ /64/) {
$BITS= 64;
$BNSZ= $BITS/8;
$ISA= "\"ppc64\"";
@@ -149,93 +149,16 @@
$INSR= "insrdi"; # insert right
$ROTL= "rotldi"; # rotate left by immediate
$TR= "td"; # conditional trap
-} else { die "nonsense $opf"; }
+} else { die "nonsense $flavour"; }
-( defined shift || open STDOUT,">$opf" ) || die "can't open $opf: $!";
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}ppc-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/ppc-xlate.pl" and -f $xlate) or
+die "can't locate ppc-xlate.pl";
-# function entry points from the AIX code
-#
-# There are other, more elegant, ways to handle this. We (IBM) chose
-# this approach as it plays well with scripts we run to 'namespace'
-# OpenSSL .i.e. we add a prefix to all the public symbols so we can
-# co-exist in the same process with other implementations of OpenSSL.
-# 'cleverer' ways of doing these substitutions tend to hide data we
-# need to be obvious.
-#
-my @items = ("bn_sqr_comba4",
- "bn_sqr_comba8",
- "bn_mul_comba4",
- "bn_mul_comba8",
- "bn_sub_words",
- "bn_add_words",
- "bn_div_words",
- "bn_sqr_words",
- "bn_mul_words",
- "bn_mul_add_words");
+open STDOUT,"| $^X $xlate $flavour ".shift || die "can't call $xlate: $!";
-if ($opf =~ /linux/) { do_linux(); }
-elsif ($opf =~ /aix/) { do_aix(); }
-elsif ($opf =~ /osx/) { do_osx(); }
-else { do_bsd(); }
-
-sub do_linux {
- $d=&data();
-
- if ($BITS==64) {
- foreach $t (@items) {
- $d =~ s/\.$t:/\
-\t.section\t".opd","aw"\
-\t.align\t3\
-\t.globl\t$t\
-$t:\
-\t.quad\t.$t,.TOC.\@tocbase,0\
-\t.size\t$t,24\
-\t.previous\n\
-\t.type\t.$t,\@function\
-\t.globl\t.$t\
-.$t:/g;
- }
- }
- else {
- foreach $t (@items) {
- $d=~s/\.$t/$t/g;
- }
- }
- # hide internal labels to avoid pollution of name table...
- $d=~s/Lppcasm_/.Lppcasm_/gm;
- print $d;
-}
-
-sub do_aix {
- # AIX assembler is smart enough to please the linker without
- # making us do something special...
- print &data();
-}
-
-# MacOSX 32 bit
-sub do_osx {
- $d=&data();
- # Change the bn symbol prefix from '.' to '_'
- foreach $t (@items) {
- $d=~s/\.$t/_$t/g;
- }
- # Change .machine to something OS X asm will accept
- $d=~s/\.machine.*/.text/g;
- $d=~s/\#/;/g; # change comment from '#' to ';'
- print $d;
-}
-
-# BSD (Untested)
-sub do_bsd {
- $d=&data();
- foreach $t (@items) {
- $d=~s/\.$t/_$t/g;
- }
- print $d;
-}
-
-sub data {
- local($data)=<<EOF;
+$data=<<EOF;
#--------------------------------------------------------------------
#
#
@@ -297,34 +220,21 @@
#
# Defines to be used in the assembly code.
#
-.set r0,0 # we use it as storage for value of 0
-.set SP,1 # preserved
-.set RTOC,2 # preserved
-.set r3,3 # 1st argument/return value
-.set r4,4 # 2nd argument/volatile register
-.set r5,5 # 3rd argument/volatile register
-.set r6,6 # ...
-.set r7,7
-.set r8,8
-.set r9,9
-.set r10,10
-.set r11,11
-.set r12,12
-.set r13,13 # not used, nor any other "below" it...
+#.set r0,0 # we use it as storage for value of 0
+#.set SP,1 # preserved
+#.set RTOC,2 # preserved
+#.set r3,3 # 1st argument/return value
+#.set r4,4 # 2nd argument/volatile register
+#.set r5,5 # 3rd argument/volatile register
+#.set r6,6 # ...
+#.set r7,7
+#.set r8,8
+#.set r9,9
+#.set r10,10
+#.set r11,11
+#.set r12,12
+#.set r13,13 # not used, nor any other "below" it...
-.set BO_IF_NOT,4
-.set BO_IF,12
-.set BO_dCTR_NZERO,16
-.set BO_dCTR_ZERO,18
-.set BO_ALWAYS,20
-.set CR0_LT,0;
-.set CR0_GT,1;
-.set CR0_EQ,2
-.set CR1_FX,4;
-.set CR1_FEX,5;
-.set CR1_VX,6
-.set LR,8
-
# Declare function names to be global
# NOTE: For gcc these names MUST be changed to remove
# the first . i.e. for example change ".bn_sqr_comba4"
@@ -344,7 +254,7 @@
# .text section
- .machine $ISA
+ .machine "any"
#
# NOTE: The following label name should be changed to
@@ -478,8 +388,10 @@
$ST r9,`6*$BNSZ`(r3) #r[6]=c1
$ST r10,`7*$BNSZ`(r3) #r[7]=c2
- bclr BO_ALWAYS,CR0_LT
- .long 0x00000000
+ blr
+ .long 0
+ .byte 0,12,0x14,0,0,0,2,0
+ .long 0
#
# NOTE: The following label name should be changed to
@@ -903,10 +815,11 @@
$ST r9, `15*$BNSZ`(r3) #r[15]=c1;
- bclr BO_ALWAYS,CR0_LT
+ blr
+ .long 0
+ .byte 0,12,0x14,0,0,0,2,0
+ .long 0
- .long 0x00000000
-
#
# NOTE: The following label name should be changed to
# "bn_mul_comba4" i.e. remove the first dot
@@ -1055,8 +968,10 @@
$ST r10,`6*$BNSZ`(r3) #r[6]=c1
$ST r11,`7*$BNSZ`(r3) #r[7]=c2
- bclr BO_ALWAYS,CR0_LT
- .long 0x00000000
+ blr
+ .long 0
+ .byte 0,12,0x14,0,0,0,3,0
+ .long 0
#
# NOTE: The following label name should be changed to
@@ -1591,8 +1506,10 @@
adde r10,r10,r9
$ST r12,`14*$BNSZ`(r3) #r[14]=c3;
$ST r10,`15*$BNSZ`(r3) #r[15]=c1;
- bclr BO_ALWAYS,CR0_LT
- .long 0x00000000
+ blr
+ .long 0
+ .byte 0,12,0x14,0,0,0,3,0
+ .long 0
#
# NOTE: The following label name should be changed to
@@ -1623,7 +1540,7 @@
subfc. r7,r0,r6 # If r6 is 0 then result is 0.
# if r6 > 0 then result !=0
# In either case carry bit is set.
- bc BO_IF,CR0_EQ,Lppcasm_sub_adios
+ beq Lppcasm_sub_adios
addi r4,r4,-$BNSZ
addi r3,r3,-$BNSZ
addi r5,r5,-$BNSZ
@@ -1635,14 +1552,15 @@
# if carry = 1 this is r7-r8. Else it
# is r7-r8 -1 as we need.
$STU r6,$BNSZ(r3)
- bc BO_dCTR_NZERO,CR0_EQ,Lppcasm_sub_mainloop
+ bdnz- Lppcasm_sub_mainloop
Lppcasm_sub_adios:
subfze r3,r0 # if carry bit is set then r3 = 0 else -1
andi. r3,r3,1 # keep only last bit.
- bclr BO_ALWAYS,CR0_LT
- .long 0x00000000
+ blr
+ .long 0
+ .byte 0,12,0x14,0,0,0,4,0
+ .long 0
-
#
# NOTE: The following label name should be changed to
# "bn_add_words" i.e. remove the first dot
@@ -1670,7 +1588,7 @@
# check for r6 = 0. Is this needed?
#
addic. r6,r6,0 #test r6 and clear carry bit.
- bc BO_IF,CR0_EQ,Lppcasm_add_adios
+ beq Lppcasm_add_adios
addi r4,r4,-$BNSZ
addi r3,r3,-$BNSZ
addi r5,r5,-$BNSZ
@@ -1680,11 +1598,13 @@
$LDU r8,$BNSZ(r5)
adde r8,r7,r8
$STU r8,$BNSZ(r3)
- bc BO_dCTR_NZERO,CR0_EQ,Lppcasm_add_mainloop
+ bdnz- Lppcasm_add_mainloop
Lppcasm_add_adios:
addze r3,r0 #return carry bit.
- bclr BO_ALWAYS,CR0_LT
- .long 0x00000000
+ blr
+ .long 0
+ .byte 0,12,0x14,0,0,0,4,0
+ .long 0
#
# NOTE: The following label name should be changed to
@@ -1707,24 +1627,24 @@
# r5 = d
$UCMPI 0,r5,0 # compare r5 and 0
- bc BO_IF_NOT,CR0_EQ,Lppcasm_div1 # proceed if d!=0
+ bne Lppcasm_div1 # proceed if d!=0
li r3,-1 # d=0 return -1
- bclr BO_ALWAYS,CR0_LT
+ blr
Lppcasm_div1:
xor r0,r0,r0 #r0=0
li r8,$BITS
$CNTLZ. r7,r5 #r7 = num leading 0s in d.
- bc BO_IF,CR0_EQ,Lppcasm_div2 #proceed if no leading zeros
+ beq Lppcasm_div2 #proceed if no leading zeros
subf r8,r7,r8 #r8 = BN_num_bits_word(d)
$SHR. r9,r3,r8 #are there any bits above r8'th?
$TR 16,r9,r0 #if there're, signal to dump core...
Lppcasm_div2:
$UCMP 0,r3,r5 #h>=d?
- bc BO_IF,CR0_LT,Lppcasm_div3 #goto Lppcasm_div3 if not
+ blt Lppcasm_div3 #goto Lppcasm_div3 if not
subf r3,r5,r3 #h-=d ;
Lppcasm_div3: #r7 = BN_BITS2-i. so r7=i
cmpi 0,0,r7,0 # is (i == 0)?
- bc BO_IF,CR0_EQ,Lppcasm_div4
+ beq Lppcasm_div4
$SHL r3,r3,r7 # h = (h<< i)
$SHR r8,r4,r8 # r8 = (l >> BN_BITS2 -i)
$SHL r5,r5,r7 # d<<=i
@@ -1741,7 +1661,7 @@
$SHRI r11,r4,`$BITS/2` #r11= (l&BN_MASK2h)>>BN_BITS4
# compute here for innerloop.
$UCMP 0,r8,r9 # is (h>>BN_BITS4)==dh
- bc BO_IF_NOT,CR0_EQ,Lppcasm_div5 # goto Lppcasm_div5 if not
+ bne Lppcasm_div5 # goto Lppcasm_div5 if not
li r8,-1
$CLRU r8,r8,`$BITS/2` #q = BN_MASK2l
@@ -1762,9 +1682,9 @@
# the following 2 instructions do that
$SHLI r7,r10,`$BITS/2` # r7 = (t<<BN_BITS4)
or r7,r7,r11 # r7|=((l&BN_MASK2h)>>BN_BITS4)
- $UCMP 1,r6,r7 # compare (tl <= r7)
- bc BO_IF_NOT,CR0_EQ,Lppcasm_divinnerexit
- bc BO_IF_NOT,CR1_FEX,Lppcasm_divinnerexit
+ $UCMP cr1,r6,r7 # compare (tl <= r7)
+ bne Lppcasm_divinnerexit
+ ble cr1,Lppcasm_divinnerexit
addi r8,r8,-1 #q--
subf r12,r9,r12 #th -=dh
$CLRU r10,r5,`$BITS/2` #r10=dl. t is no longer needed in loop.
@@ -1773,14 +1693,14 @@
Lppcasm_divinnerexit:
$SHRI r10,r6,`$BITS/2` #t=(tl>>BN_BITS4)
$SHLI r11,r6,`$BITS/2` #tl=(tl<<BN_BITS4)&BN_MASK2h;
- $UCMP 1,r4,r11 # compare l and tl
+ $UCMP cr1,r4,r11 # compare l and tl
add r12,r12,r10 # th+=t
- bc BO_IF_NOT,CR1_FX,Lppcasm_div7 # if (l>=tl) goto Lppcasm_div7
+ bge cr1,Lppcasm_div7 # if (l>=tl) goto Lppcasm_div7
addi r12,r12,1 # th++
Lppcasm_div7:
subf r11,r11,r4 #r11=l-tl
- $UCMP 1,r3,r12 #compare h and th
- bc BO_IF_NOT,CR1_FX,Lppcasm_div8 #if (h>=th) goto Lppcasm_div8
+ $UCMP cr1,r3,r12 #compare h and th
+ bge cr1,Lppcasm_div8 #if (h>=th) goto Lppcasm_div8
addi r8,r8,-1 # q--
add r3,r5,r3 # h+=d
Lppcasm_div8:
@@ -1791,13 +1711,15 @@
# the following 2 instructions will do this.
$INSR r11,r12,`$BITS/2`,`$BITS/2` # r11 is the value we want rotated $BITS/2.
$ROTL r3,r11,`$BITS/2` # rotate by $BITS/2 and store in r3
- bc BO_dCTR_ZERO,CR0_EQ,Lppcasm_div9#if (count==0) break ;
+ bdz Lppcasm_div9 #if (count==0) break ;
$SHLI r0,r8,`$BITS/2` #ret =q<<BN_BITS4
b Lppcasm_divouterloop
Lppcasm_div9:
or r3,r8,r0
- bclr BO_ALWAYS,CR0_LT
- .long 0x00000000
+ blr
+ .long 0
+ .byte 0,12,0x14,0,0,0,3,0
+ .long 0
#
# NOTE: The following label name should be changed to
@@ -1822,7 +1744,7 @@
# No unrolling done here. Not performance critical.
addic. r5,r5,0 #test r5.
- bc BO_IF,CR0_EQ,Lppcasm_sqr_adios
+ beq Lppcasm_sqr_adios
addi r4,r4,-$BNSZ
addi r3,r3,-$BNSZ
mtctr r5
@@ -1833,12 +1755,13 @@
$UMULH r8,r6,r6
$STU r7,$BNSZ(r3)
$STU r8,$BNSZ(r3)
- bc BO_dCTR_NZERO,CR0_EQ,Lppcasm_sqr_mainloop
+ bdnz- Lppcasm_sqr_mainloop
Lppcasm_sqr_adios:
- bclr BO_ALWAYS,CR0_LT
- .long 0x00000000
+ blr
+ .long 0
+ .byte 0,12,0x14,0,0,0,3,0
+ .long 0
-
#
# NOTE: The following label name should be changed to
# "bn_mul_words" i.e. remove the first dot
@@ -1858,7 +1781,7 @@
xor r0,r0,r0
xor r12,r12,r12 # used for carry
rlwinm. r7,r5,30,2,31 # num >> 2
- bc BO_IF,CR0_EQ,Lppcasm_mw_REM
+ beq Lppcasm_mw_REM
mtctr r7
Lppcasm_mw_LOOP:
#mul(rp[0],ap[0],w,c1);
@@ -1896,11 +1819,11 @@
addi r3,r3,`4*$BNSZ`
addi r4,r4,`4*$BNSZ`
- bc BO_dCTR_NZERO,CR0_EQ,Lppcasm_mw_LOOP
+ bdnz- Lppcasm_mw_LOOP
Lppcasm_mw_REM:
andi. r5,r5,0x3
- bc BO_IF,CR0_EQ,Lppcasm_mw_OVER
+ beq Lppcasm_mw_OVER
#mul(rp[0],ap[0],w,c1);
$LD r8,`0*$BNSZ`(r4)
$UMULL r9,r6,r8
@@ -1912,7 +1835,7 @@
addi r5,r5,-1
cmpli 0,0,r5,0
- bc BO_IF,CR0_EQ,Lppcasm_mw_OVER
+ beq Lppcasm_mw_OVER
#mul(rp[1],ap[1],w,c1);
@@ -1926,7 +1849,7 @@
addi r5,r5,-1
cmpli 0,0,r5,0
- bc BO_IF,CR0_EQ,Lppcasm_mw_OVER
+ beq Lppcasm_mw_OVER
#mul_add(rp[2],ap[2],w,c1);
$LD r8,`2*$BNSZ`(r4)
@@ -1939,8 +1862,10 @@
Lppcasm_mw_OVER:
addi r3,r12,0
- bclr BO_ALWAYS,CR0_LT
- .long 0x00000000
+ blr
+ .long 0
+ .byte 0,12,0x14,0,0,0,4,0
+ .long 0
#
# NOTE: The following label name should be changed to
@@ -1964,7 +1889,7 @@
xor r0,r0,r0 #r0 = 0
xor r12,r12,r12 #r12 = 0 . used for carry
rlwinm. r7,r5,30,2,31 # num >> 2
- bc BO_IF,CR0_EQ,Lppcasm_maw_leftover # if (num < 4) go LPPCASM_maw_leftover
+ beq Lppcasm_maw_leftover # if (num < 4) go LPPCASM_maw_leftover
mtctr r7
Lppcasm_maw_mainloop:
#mul_add(rp[0],ap[0],w,c1);
@@ -2017,11 +1942,11 @@
$ST r11,`3*$BNSZ`(r3)
addi r3,r3,`4*$BNSZ`
addi r4,r4,`4*$BNSZ`
- bc BO_dCTR_NZERO,CR0_EQ,Lppcasm_maw_mainloop
+ bdnz- Lppcasm_maw_mainloop
Lppcasm_maw_leftover:
andi. r5,r5,0x3
- bc BO_IF,CR0_EQ,Lppcasm_maw_adios
+ beq Lppcasm_maw_adios
addi r3,r3,-$BNSZ
addi r4,r4,-$BNSZ
#mul_add(rp[0],ap[0],w,c1);
@@ -2036,7 +1961,7 @@
addze r12,r10
$ST r9,0(r3)
- bc BO_dCTR_ZERO,CR0_EQ,Lppcasm_maw_adios
+ bdz Lppcasm_maw_adios
#mul_add(rp[1],ap[1],w,c1);
$LDU r8,$BNSZ(r4)
$UMULL r9,r6,r8
@@ -2048,7 +1973,7 @@
addze r12,r10
$ST r9,0(r3)
- bc BO_dCTR_ZERO,CR0_EQ,Lppcasm_maw_adios
+ bdz Lppcasm_maw_adios
#mul_add(rp[2],ap[2],w,c1);
$LDU r8,$BNSZ(r4)
$UMULL r9,r6,r8
@@ -2062,19 +1987,12 @@
Lppcasm_maw_adios:
addi r3,r12,0
- bclr BO_ALWAYS,CR0_LT
- .long 0x00000000
+ blr
+ .long 0
+ .byte 0,12,0x14,0,0,0,4,0
+ .long 0
.align 4
EOF
- $data =~ s/\`([^\`]*)\`/eval $1/gem;
-
- # if some assembler chokes on some simplified mnemonic,
- # this is the spot to fix it up, e.g.:
- # GNU as doesn't seem to accept cmplw, 32-bit unsigned compare
- $data =~ s/^(\s*)cmplw(\s+)([^,]+),(.*)/$1cmpl$2$3,0,$4/gm;
- # assembler X doesn't accept li, load immediate value
- #$data =~ s/^(\s*)li(\s+)([^,]+),(.*)/$1addi$2$3,0,$4/gm;
- # assembler Y chokes on apostrophes in comments
- $data =~ s/'//gm;
- return($data);
-}
+$data =~ s/\`([^\`]*)\`/eval $1/gem;
+print $data;
+close STDOUT;
Copied: trunk/crypto/openssl/crypto/bn/asm/ppc64-mont.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/bn/asm/ppc64-mont.pl)
===================================================================
--- trunk/crypto/openssl/crypto/bn/asm/ppc64-mont.pl (rev 0)
+++ trunk/crypto/openssl/crypto/bn/asm/ppc64-mont.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,1088 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# December 2007
+
+# The reason for undertaken effort is basically following. Even though
+# Power 6 CPU operates at incredible 4.7GHz clock frequency, its PKI
+# performance was observed to be less than impressive, essentially as
+# fast as 1.8GHz PPC970, or 2.6 times(!) slower than one would hope.
+# Well, it's not surprising that IBM had to make some sacrifices to
+# boost the clock frequency that much, but no overall improvement?
+# Having observed how much difference did switching to FPU make on
+# UltraSPARC, playing same stunt on Power 6 appeared appropriate...
+# Unfortunately the resulting performance improvement is not as
+# impressive, ~30%, and in absolute terms is still very far from what
+# one would expect from 4.7GHz CPU. There is a chance that I'm doing
+# something wrong, but in the lack of assembler level micro-profiling
+# data or at least decent platform guide I can't tell... Or better
+# results might be achieved with VMX... Anyway, this module provides
+# *worse* performance on other PowerPC implementations, ~40-15% slower
+# on PPC970 depending on key length and ~40% slower on Power 5 for all
+# key lengths. As it's obviously inappropriate as "best all-round"
+# alternative, it has to be complemented with run-time CPU family
+# detection. Oh! It should also be noted that unlike other PowerPC
+# implementation IALU ppc-mont.pl module performs *suboptimaly* on
+# >=1024-bit key lengths on Power 6. It should also be noted that
+# *everything* said so far applies to 64-bit builds! As far as 32-bit
+# application executed on 64-bit CPU goes, this module is likely to
+# become preferred choice, because it's easy to adapt it for such
+# case and *is* faster than 32-bit ppc-mont.pl on *all* processors.
+
+# February 2008
+
+# Micro-profiling assisted optimization results in ~15% improvement
+# over original ppc64-mont.pl version, or overall ~50% improvement
+# over ppc.pl module on Power 6. If compared to ppc-mont.pl on same
+# Power 6 CPU, this module is 5-150% faster depending on key length,
+# [hereafter] more for longer keys. But if compared to ppc-mont.pl
+# on 1.8GHz PPC970, it's only 5-55% faster. Still far from impressive
+# in absolute terms, but it's apparently the way Power 6 is...
+
+# December 2009
+
+# Adapted for 32-bit build this module delivers 25-120%, yes, more
+# than *twice* for longer keys, performance improvement over 32-bit
+# ppc-mont.pl on 1.8GHz PPC970. However! This implementation utilizes
+# even 64-bit integer operations and the trouble is that most PPC
+# operating systems don't preserve upper halves of general purpose
+# registers upon 32-bit signal delivery. They do preserve them upon
+# context switch, but not signalling:-( This means that asynchronous
+# signals have to be blocked upon entry to this subroutine. Signal
+# masking (and of course complementary unmasking) has quite an impact
+# on performance, naturally larger for shorter keys. It's so severe
+# that 512-bit key performance can be as low as 1/3 of expected one.
+# This is why this routine can be engaged for longer key operations
+# only on these OSes, see crypto/ppccap.c for further details. MacOS X
+# is an exception from this and doesn't require signal masking, and
+# that's where above improvement coefficients were collected. For
+# others alternative would be to break dependence on upper halves of
+# GPRs by sticking to 32-bit integer operations...
+
+$flavour = shift;
+
+if ($flavour =~ /32/) {
+ $SIZE_T=4;
+ $RZONE= 224;
+ $fname= "bn_mul_mont_fpu64";
+
+ $STUX= "stwux"; # store indexed and update
+ $PUSH= "stw";
+ $POP= "lwz";
+} elsif ($flavour =~ /64/) {
+ $SIZE_T=8;
+ $RZONE= 288;
+ $fname= "bn_mul_mont_fpu64";
+
+ # same as above, but 64-bit mnemonics...
+ $STUX= "stdux"; # store indexed and update
+ $PUSH= "std";
+ $POP= "ld";
+} else { die "nonsense $flavour"; }
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}ppc-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/ppc-xlate.pl" and -f $xlate) or
+die "can't locate ppc-xlate.pl";
+
+open STDOUT,"| $^X $xlate $flavour ".shift || die "can't call $xlate: $!";
+
+$FRAME=64; # padded frame header
+$TRANSFER=16*8;
+
+$carry="r0";
+$sp="r1";
+$toc="r2";
+$rp="r3"; $ovf="r3";
+$ap="r4";
+$bp="r5";
+$np="r6";
+$n0="r7";
+$num="r8";
+$rp="r9"; # $rp is reassigned
+$tp="r10";
+$j="r11";
+$i="r12";
+# non-volatile registers
+$nap_d="r22"; # interleaved ap and np in double format
+$a0="r23"; # ap[0]
+$t0="r24"; # temporary registers
+$t1="r25";
+$t2="r26";
+$t3="r27";
+$t4="r28";
+$t5="r29";
+$t6="r30";
+$t7="r31";
+
+# PPC offers enough register bank capacity to unroll inner loops twice
+#
+# ..A3A2A1A0
+# dcba
+# -----------
+# A0a
+# A0b
+# A0c
+# A0d
+# A1a
+# A1b
+# A1c
+# A1d
+# A2a
+# A2b
+# A2c
+# A2d
+# A3a
+# A3b
+# A3c
+# A3d
+# ..a
+# ..b
+#
+$ba="f0"; $bb="f1"; $bc="f2"; $bd="f3";
+$na="f4"; $nb="f5"; $nc="f6"; $nd="f7";
+$dota="f8"; $dotb="f9";
+$A0="f10"; $A1="f11"; $A2="f12"; $A3="f13";
+$N0="f20"; $N1="f21"; $N2="f22"; $N3="f23";
+$T0a="f24"; $T0b="f25";
+$T1a="f26"; $T1b="f27";
+$T2a="f28"; $T2b="f29";
+$T3a="f30"; $T3b="f31";
+
+# sp----------->+-------------------------------+
+# | saved sp |
+# +-------------------------------+
+# . .
+# +64 +-------------------------------+
+# | 16 gpr<->fpr transfer zone |
+# . .
+# . .
+# +16*8 +-------------------------------+
+# | __int64 tmp[-1] |
+# +-------------------------------+
+# | __int64 tmp[num] |
+# . .
+# . .
+# . .
+# +(num+1)*8 +-------------------------------+
+# | padding to 64 byte boundary |
+# . .
+# +X +-------------------------------+
+# | double nap_d[4*num] |
+# . .
+# . .
+# . .
+# +-------------------------------+
+# . .
+# -12*size_t +-------------------------------+
+# | 10 saved gpr, r22-r31 |
+# . .
+# . .
+# -12*8 +-------------------------------+
+# | 12 saved fpr, f20-f31 |
+# . .
+# . .
+# +-------------------------------+
+
+$code=<<___;
+.machine "any"
+.text
+
+.globl .$fname
+.align 5
+.$fname:
+ cmpwi $num,`3*8/$SIZE_T`
+ mr $rp,r3 ; $rp is reassigned
+ li r3,0 ; possible "not handled" return code
+ bltlr-
+ andi. r0,$num,`16/$SIZE_T-1` ; $num has to be "even"
+ bnelr-
+
+ slwi $num,$num,`log($SIZE_T)/log(2)` ; num*=sizeof(BN_LONG)
+ li $i,-4096
+ slwi $tp,$num,2 ; place for {an}p_{lh}[num], i.e. 4*num
+ add $tp,$tp,$num ; place for tp[num+1]
+ addi $tp,$tp,`$FRAME+$TRANSFER+8+64+$RZONE`
+ subf $tp,$tp,$sp ; $sp-$tp
+ and $tp,$tp,$i ; minimize TLB usage
+ subf $tp,$sp,$tp ; $tp-$sp
+ mr $i,$sp
+ $STUX $sp,$sp,$tp ; alloca
+
+ $PUSH r22,`-12*8-10*$SIZE_T`($i)
+ $PUSH r23,`-12*8-9*$SIZE_T`($i)
+ $PUSH r24,`-12*8-8*$SIZE_T`($i)
+ $PUSH r25,`-12*8-7*$SIZE_T`($i)
+ $PUSH r26,`-12*8-6*$SIZE_T`($i)
+ $PUSH r27,`-12*8-5*$SIZE_T`($i)
+ $PUSH r28,`-12*8-4*$SIZE_T`($i)
+ $PUSH r29,`-12*8-3*$SIZE_T`($i)
+ $PUSH r30,`-12*8-2*$SIZE_T`($i)
+ $PUSH r31,`-12*8-1*$SIZE_T`($i)
+ stfd f20,`-12*8`($i)
+ stfd f21,`-11*8`($i)
+ stfd f22,`-10*8`($i)
+ stfd f23,`-9*8`($i)
+ stfd f24,`-8*8`($i)
+ stfd f25,`-7*8`($i)
+ stfd f26,`-6*8`($i)
+ stfd f27,`-5*8`($i)
+ stfd f28,`-4*8`($i)
+ stfd f29,`-3*8`($i)
+ stfd f30,`-2*8`($i)
+ stfd f31,`-1*8`($i)
+___
+$code.=<<___ if ($SIZE_T==8);
+ ld $a0,0($ap) ; pull ap[0] value
+ ld $n0,0($n0) ; pull n0[0] value
+ ld $t3,0($bp) ; bp[0]
+___
+$code.=<<___ if ($SIZE_T==4);
+ mr $t1,$n0
+ lwz $a0,0($ap) ; pull ap[0,1] value
+ lwz $t0,4($ap)
+ lwz $n0,0($t1) ; pull n0[0,1] value
+ lwz $t1,4($t1)
+ lwz $t3,0($bp) ; bp[0,1]
+ lwz $t2,4($bp)
+ insrdi $a0,$t0,32,0
+ insrdi $n0,$t1,32,0
+ insrdi $t3,$t2,32,0
+___
+$code.=<<___;
+ addi $tp,$sp,`$FRAME+$TRANSFER+8+64`
+ li $i,-64
+ add $nap_d,$tp,$num
+ and $nap_d,$nap_d,$i ; align to 64 bytes
+
+ mulld $t7,$a0,$t3 ; ap[0]*bp[0]
+ ; nap_d is off by 1, because it's used with stfdu/lfdu
+ addi $nap_d,$nap_d,-8
+ srwi $j,$num,`3+1` ; counter register, num/2
+ mulld $t7,$t7,$n0 ; tp[0]*n0
+ addi $j,$j,-1
+ addi $tp,$sp,`$FRAME+$TRANSFER-8`
+ li $carry,0
+ mtctr $j
+
+ ; transfer bp[0] to FPU as 4x16-bit values
+ extrdi $t0,$t3,16,48
+ extrdi $t1,$t3,16,32
+ extrdi $t2,$t3,16,16
+ extrdi $t3,$t3,16,0
+ std $t0,`$FRAME+0`($sp)
+ std $t1,`$FRAME+8`($sp)
+ std $t2,`$FRAME+16`($sp)
+ std $t3,`$FRAME+24`($sp)
+ ; transfer (ap[0]*bp[0])*n0 to FPU as 4x16-bit values
+ extrdi $t4,$t7,16,48
+ extrdi $t5,$t7,16,32
+ extrdi $t6,$t7,16,16
+ extrdi $t7,$t7,16,0
+ std $t4,`$FRAME+32`($sp)
+ std $t5,`$FRAME+40`($sp)
+ std $t6,`$FRAME+48`($sp)
+ std $t7,`$FRAME+56`($sp)
+___
+$code.=<<___ if ($SIZE_T==8);
+ lwz $t0,4($ap) ; load a[j] as 32-bit word pair
+ lwz $t1,0($ap)
+ lwz $t2,12($ap) ; load a[j+1] as 32-bit word pair
+ lwz $t3,8($ap)
+ lwz $t4,4($np) ; load n[j] as 32-bit word pair
+ lwz $t5,0($np)
+ lwz $t6,12($np) ; load n[j+1] as 32-bit word pair
+ lwz $t7,8($np)
+___
+$code.=<<___ if ($SIZE_T==4);
+ lwz $t0,0($ap) ; load a[j..j+3] as 32-bit word pairs
+ lwz $t1,4($ap)
+ lwz $t2,8($ap)
+ lwz $t3,12($ap)
+ lwz $t4,0($np) ; load n[j..j+3] as 32-bit word pairs
+ lwz $t5,4($np)
+ lwz $t6,8($np)
+ lwz $t7,12($np)
+___
+$code.=<<___;
+ lfd $ba,`$FRAME+0`($sp)
+ lfd $bb,`$FRAME+8`($sp)
+ lfd $bc,`$FRAME+16`($sp)
+ lfd $bd,`$FRAME+24`($sp)
+ lfd $na,`$FRAME+32`($sp)
+ lfd $nb,`$FRAME+40`($sp)
+ lfd $nc,`$FRAME+48`($sp)
+ lfd $nd,`$FRAME+56`($sp)
+ std $t0,`$FRAME+64`($sp)
+ std $t1,`$FRAME+72`($sp)
+ std $t2,`$FRAME+80`($sp)
+ std $t3,`$FRAME+88`($sp)
+ std $t4,`$FRAME+96`($sp)
+ std $t5,`$FRAME+104`($sp)
+ std $t6,`$FRAME+112`($sp)
+ std $t7,`$FRAME+120`($sp)
+ fcfid $ba,$ba
+ fcfid $bb,$bb
+ fcfid $bc,$bc
+ fcfid $bd,$bd
+ fcfid $na,$na
+ fcfid $nb,$nb
+ fcfid $nc,$nc
+ fcfid $nd,$nd
+
+ lfd $A0,`$FRAME+64`($sp)
+ lfd $A1,`$FRAME+72`($sp)
+ lfd $A2,`$FRAME+80`($sp)
+ lfd $A3,`$FRAME+88`($sp)
+ lfd $N0,`$FRAME+96`($sp)
+ lfd $N1,`$FRAME+104`($sp)
+ lfd $N2,`$FRAME+112`($sp)
+ lfd $N3,`$FRAME+120`($sp)
+ fcfid $A0,$A0
+ fcfid $A1,$A1
+ fcfid $A2,$A2
+ fcfid $A3,$A3
+ fcfid $N0,$N0
+ fcfid $N1,$N1
+ fcfid $N2,$N2
+ fcfid $N3,$N3
+ addi $ap,$ap,16
+ addi $np,$np,16
+
+ fmul $T1a,$A1,$ba
+ fmul $T1b,$A1,$bb
+ stfd $A0,8($nap_d) ; save a[j] in double format
+ stfd $A1,16($nap_d)
+ fmul $T2a,$A2,$ba
+ fmul $T2b,$A2,$bb
+ stfd $A2,24($nap_d) ; save a[j+1] in double format
+ stfd $A3,32($nap_d)
+ fmul $T3a,$A3,$ba
+ fmul $T3b,$A3,$bb
+ stfd $N0,40($nap_d) ; save n[j] in double format
+ stfd $N1,48($nap_d)
+ fmul $T0a,$A0,$ba
+ fmul $T0b,$A0,$bb
+ stfd $N2,56($nap_d) ; save n[j+1] in double format
+ stfdu $N3,64($nap_d)
+
+ fmadd $T1a,$A0,$bc,$T1a
+ fmadd $T1b,$A0,$bd,$T1b
+ fmadd $T2a,$A1,$bc,$T2a
+ fmadd $T2b,$A1,$bd,$T2b
+ fmadd $T3a,$A2,$bc,$T3a
+ fmadd $T3b,$A2,$bd,$T3b
+ fmul $dota,$A3,$bc
+ fmul $dotb,$A3,$bd
+
+ fmadd $T1a,$N1,$na,$T1a
+ fmadd $T1b,$N1,$nb,$T1b
+ fmadd $T2a,$N2,$na,$T2a
+ fmadd $T2b,$N2,$nb,$T2b
+ fmadd $T3a,$N3,$na,$T3a
+ fmadd $T3b,$N3,$nb,$T3b
+ fmadd $T0a,$N0,$na,$T0a
+ fmadd $T0b,$N0,$nb,$T0b
+
+ fmadd $T1a,$N0,$nc,$T1a
+ fmadd $T1b,$N0,$nd,$T1b
+ fmadd $T2a,$N1,$nc,$T2a
+ fmadd $T2b,$N1,$nd,$T2b
+ fmadd $T3a,$N2,$nc,$T3a
+ fmadd $T3b,$N2,$nd,$T3b
+ fmadd $dota,$N3,$nc,$dota
+ fmadd $dotb,$N3,$nd,$dotb
+
+ fctid $T0a,$T0a
+ fctid $T0b,$T0b
+ fctid $T1a,$T1a
+ fctid $T1b,$T1b
+ fctid $T2a,$T2a
+ fctid $T2b,$T2b
+ fctid $T3a,$T3a
+ fctid $T3b,$T3b
+
+ stfd $T0a,`$FRAME+0`($sp)
+ stfd $T0b,`$FRAME+8`($sp)
+ stfd $T1a,`$FRAME+16`($sp)
+ stfd $T1b,`$FRAME+24`($sp)
+ stfd $T2a,`$FRAME+32`($sp)
+ stfd $T2b,`$FRAME+40`($sp)
+ stfd $T3a,`$FRAME+48`($sp)
+ stfd $T3b,`$FRAME+56`($sp)
+
+.align 5
+L1st:
+___
+$code.=<<___ if ($SIZE_T==8);
+ lwz $t0,4($ap) ; load a[j] as 32-bit word pair
+ lwz $t1,0($ap)
+ lwz $t2,12($ap) ; load a[j+1] as 32-bit word pair
+ lwz $t3,8($ap)
+ lwz $t4,4($np) ; load n[j] as 32-bit word pair
+ lwz $t5,0($np)
+ lwz $t6,12($np) ; load n[j+1] as 32-bit word pair
+ lwz $t7,8($np)
+___
+$code.=<<___ if ($SIZE_T==4);
+ lwz $t0,0($ap) ; load a[j..j+3] as 32-bit word pairs
+ lwz $t1,4($ap)
+ lwz $t2,8($ap)
+ lwz $t3,12($ap)
+ lwz $t4,0($np) ; load n[j..j+3] as 32-bit word pairs
+ lwz $t5,4($np)
+ lwz $t6,8($np)
+ lwz $t7,12($np)
+___
+$code.=<<___;
+ std $t0,`$FRAME+64`($sp)
+ std $t1,`$FRAME+72`($sp)
+ std $t2,`$FRAME+80`($sp)
+ std $t3,`$FRAME+88`($sp)
+ std $t4,`$FRAME+96`($sp)
+ std $t5,`$FRAME+104`($sp)
+ std $t6,`$FRAME+112`($sp)
+ std $t7,`$FRAME+120`($sp)
+ ld $t0,`$FRAME+0`($sp)
+ ld $t1,`$FRAME+8`($sp)
+ ld $t2,`$FRAME+16`($sp)
+ ld $t3,`$FRAME+24`($sp)
+ ld $t4,`$FRAME+32`($sp)
+ ld $t5,`$FRAME+40`($sp)
+ ld $t6,`$FRAME+48`($sp)
+ ld $t7,`$FRAME+56`($sp)
+ lfd $A0,`$FRAME+64`($sp)
+ lfd $A1,`$FRAME+72`($sp)
+ lfd $A2,`$FRAME+80`($sp)
+ lfd $A3,`$FRAME+88`($sp)
+ lfd $N0,`$FRAME+96`($sp)
+ lfd $N1,`$FRAME+104`($sp)
+ lfd $N2,`$FRAME+112`($sp)
+ lfd $N3,`$FRAME+120`($sp)
+ fcfid $A0,$A0
+ fcfid $A1,$A1
+ fcfid $A2,$A2
+ fcfid $A3,$A3
+ fcfid $N0,$N0
+ fcfid $N1,$N1
+ fcfid $N2,$N2
+ fcfid $N3,$N3
+ addi $ap,$ap,16
+ addi $np,$np,16
+
+ fmul $T1a,$A1,$ba
+ fmul $T1b,$A1,$bb
+ fmul $T2a,$A2,$ba
+ fmul $T2b,$A2,$bb
+ stfd $A0,8($nap_d) ; save a[j] in double format
+ stfd $A1,16($nap_d)
+ fmul $T3a,$A3,$ba
+ fmul $T3b,$A3,$bb
+ fmadd $T0a,$A0,$ba,$dota
+ fmadd $T0b,$A0,$bb,$dotb
+ stfd $A2,24($nap_d) ; save a[j+1] in double format
+ stfd $A3,32($nap_d)
+
+ fmadd $T1a,$A0,$bc,$T1a
+ fmadd $T1b,$A0,$bd,$T1b
+ fmadd $T2a,$A1,$bc,$T2a
+ fmadd $T2b,$A1,$bd,$T2b
+ stfd $N0,40($nap_d) ; save n[j] in double format
+ stfd $N1,48($nap_d)
+ fmadd $T3a,$A2,$bc,$T3a
+ fmadd $T3b,$A2,$bd,$T3b
+ add $t0,$t0,$carry ; can not overflow
+ fmul $dota,$A3,$bc
+ fmul $dotb,$A3,$bd
+ stfd $N2,56($nap_d) ; save n[j+1] in double format
+ stfdu $N3,64($nap_d)
+ srdi $carry,$t0,16
+ add $t1,$t1,$carry
+ srdi $carry,$t1,16
+
+ fmadd $T1a,$N1,$na,$T1a
+ fmadd $T1b,$N1,$nb,$T1b
+ insrdi $t0,$t1,16,32
+ fmadd $T2a,$N2,$na,$T2a
+ fmadd $T2b,$N2,$nb,$T2b
+ add $t2,$t2,$carry
+ fmadd $T3a,$N3,$na,$T3a
+ fmadd $T3b,$N3,$nb,$T3b
+ srdi $carry,$t2,16
+ fmadd $T0a,$N0,$na,$T0a
+ fmadd $T0b,$N0,$nb,$T0b
+ insrdi $t0,$t2,16,16
+ add $t3,$t3,$carry
+ srdi $carry,$t3,16
+
+ fmadd $T1a,$N0,$nc,$T1a
+ fmadd $T1b,$N0,$nd,$T1b
+ insrdi $t0,$t3,16,0 ; 0..63 bits
+ fmadd $T2a,$N1,$nc,$T2a
+ fmadd $T2b,$N1,$nd,$T2b
+ add $t4,$t4,$carry
+ fmadd $T3a,$N2,$nc,$T3a
+ fmadd $T3b,$N2,$nd,$T3b
+ srdi $carry,$t4,16
+ fmadd $dota,$N3,$nc,$dota
+ fmadd $dotb,$N3,$nd,$dotb
+ add $t5,$t5,$carry
+ srdi $carry,$t5,16
+ insrdi $t4,$t5,16,32
+
+ fctid $T0a,$T0a
+ fctid $T0b,$T0b
+ add $t6,$t6,$carry
+ fctid $T1a,$T1a
+ fctid $T1b,$T1b
+ srdi $carry,$t6,16
+ fctid $T2a,$T2a
+ fctid $T2b,$T2b
+ insrdi $t4,$t6,16,16
+ fctid $T3a,$T3a
+ fctid $T3b,$T3b
+ add $t7,$t7,$carry
+ insrdi $t4,$t7,16,0 ; 64..127 bits
+ srdi $carry,$t7,16 ; upper 33 bits
+
+ stfd $T0a,`$FRAME+0`($sp)
+ stfd $T0b,`$FRAME+8`($sp)
+ stfd $T1a,`$FRAME+16`($sp)
+ stfd $T1b,`$FRAME+24`($sp)
+ stfd $T2a,`$FRAME+32`($sp)
+ stfd $T2b,`$FRAME+40`($sp)
+ stfd $T3a,`$FRAME+48`($sp)
+ stfd $T3b,`$FRAME+56`($sp)
+ std $t0,8($tp) ; tp[j-1]
+ stdu $t4,16($tp) ; tp[j]
+ bdnz- L1st
+
+ fctid $dota,$dota
+ fctid $dotb,$dotb
+
+ ld $t0,`$FRAME+0`($sp)
+ ld $t1,`$FRAME+8`($sp)
+ ld $t2,`$FRAME+16`($sp)
+ ld $t3,`$FRAME+24`($sp)
+ ld $t4,`$FRAME+32`($sp)
+ ld $t5,`$FRAME+40`($sp)
+ ld $t6,`$FRAME+48`($sp)
+ ld $t7,`$FRAME+56`($sp)
+ stfd $dota,`$FRAME+64`($sp)
+ stfd $dotb,`$FRAME+72`($sp)
+
+ add $t0,$t0,$carry ; can not overflow
+ srdi $carry,$t0,16
+ add $t1,$t1,$carry
+ srdi $carry,$t1,16
+ insrdi $t0,$t1,16,32
+ add $t2,$t2,$carry
+ srdi $carry,$t2,16
+ insrdi $t0,$t2,16,16
+ add $t3,$t3,$carry
+ srdi $carry,$t3,16
+ insrdi $t0,$t3,16,0 ; 0..63 bits
+ add $t4,$t4,$carry
+ srdi $carry,$t4,16
+ add $t5,$t5,$carry
+ srdi $carry,$t5,16
+ insrdi $t4,$t5,16,32
+ add $t6,$t6,$carry
+ srdi $carry,$t6,16
+ insrdi $t4,$t6,16,16
+ add $t7,$t7,$carry
+ insrdi $t4,$t7,16,0 ; 64..127 bits
+ srdi $carry,$t7,16 ; upper 33 bits
+ ld $t6,`$FRAME+64`($sp)
+ ld $t7,`$FRAME+72`($sp)
+
+ std $t0,8($tp) ; tp[j-1]
+ stdu $t4,16($tp) ; tp[j]
+
+ add $t6,$t6,$carry ; can not overflow
+ srdi $carry,$t6,16
+ add $t7,$t7,$carry
+ insrdi $t6,$t7,48,0
+ srdi $ovf,$t7,48
+ std $t6,8($tp) ; tp[num-1]
+
+ slwi $t7,$num,2
+ subf $nap_d,$t7,$nap_d ; rewind pointer
+
+ li $i,8 ; i=1
+.align 5
+Louter:
+___
+$code.=<<___ if ($SIZE_T==8);
+ ldx $t3,$bp,$i ; bp[i]
+___
+$code.=<<___ if ($SIZE_T==4);
+ add $t0,$bp,$i
+ lwz $t3,0($t0) ; bp[i,i+1]
+ lwz $t0,4($t0)
+ insrdi $t3,$t0,32,0
+___
+$code.=<<___;
+ ld $t6,`$FRAME+$TRANSFER+8`($sp) ; tp[0]
+ mulld $t7,$a0,$t3 ; ap[0]*bp[i]
+
+ addi $tp,$sp,`$FRAME+$TRANSFER`
+ add $t7,$t7,$t6 ; ap[0]*bp[i]+tp[0]
+ li $carry,0
+ mulld $t7,$t7,$n0 ; tp[0]*n0
+ mtctr $j
+
+ ; transfer bp[i] to FPU as 4x16-bit values
+ extrdi $t0,$t3,16,48
+ extrdi $t1,$t3,16,32
+ extrdi $t2,$t3,16,16
+ extrdi $t3,$t3,16,0
+ std $t0,`$FRAME+0`($sp)
+ std $t1,`$FRAME+8`($sp)
+ std $t2,`$FRAME+16`($sp)
+ std $t3,`$FRAME+24`($sp)
+ ; transfer (ap[0]*bp[i]+tp[0])*n0 to FPU as 4x16-bit values
+ extrdi $t4,$t7,16,48
+ extrdi $t5,$t7,16,32
+ extrdi $t6,$t7,16,16
+ extrdi $t7,$t7,16,0
+ std $t4,`$FRAME+32`($sp)
+ std $t5,`$FRAME+40`($sp)
+ std $t6,`$FRAME+48`($sp)
+ std $t7,`$FRAME+56`($sp)
+
+ lfd $A0,8($nap_d) ; load a[j] in double format
+ lfd $A1,16($nap_d)
+ lfd $A2,24($nap_d) ; load a[j+1] in double format
+ lfd $A3,32($nap_d)
+ lfd $N0,40($nap_d) ; load n[j] in double format
+ lfd $N1,48($nap_d)
+ lfd $N2,56($nap_d) ; load n[j+1] in double format
+ lfdu $N3,64($nap_d)
+
+ lfd $ba,`$FRAME+0`($sp)
+ lfd $bb,`$FRAME+8`($sp)
+ lfd $bc,`$FRAME+16`($sp)
+ lfd $bd,`$FRAME+24`($sp)
+ lfd $na,`$FRAME+32`($sp)
+ lfd $nb,`$FRAME+40`($sp)
+ lfd $nc,`$FRAME+48`($sp)
+ lfd $nd,`$FRAME+56`($sp)
+
+ fcfid $ba,$ba
+ fcfid $bb,$bb
+ fcfid $bc,$bc
+ fcfid $bd,$bd
+ fcfid $na,$na
+ fcfid $nb,$nb
+ fcfid $nc,$nc
+ fcfid $nd,$nd
+
+ fmul $T1a,$A1,$ba
+ fmul $T1b,$A1,$bb
+ fmul $T2a,$A2,$ba
+ fmul $T2b,$A2,$bb
+ fmul $T3a,$A3,$ba
+ fmul $T3b,$A3,$bb
+ fmul $T0a,$A0,$ba
+ fmul $T0b,$A0,$bb
+
+ fmadd $T1a,$A0,$bc,$T1a
+ fmadd $T1b,$A0,$bd,$T1b
+ fmadd $T2a,$A1,$bc,$T2a
+ fmadd $T2b,$A1,$bd,$T2b
+ fmadd $T3a,$A2,$bc,$T3a
+ fmadd $T3b,$A2,$bd,$T3b
+ fmul $dota,$A3,$bc
+ fmul $dotb,$A3,$bd
+
+ fmadd $T1a,$N1,$na,$T1a
+ fmadd $T1b,$N1,$nb,$T1b
+ lfd $A0,8($nap_d) ; load a[j] in double format
+ lfd $A1,16($nap_d)
+ fmadd $T2a,$N2,$na,$T2a
+ fmadd $T2b,$N2,$nb,$T2b
+ lfd $A2,24($nap_d) ; load a[j+1] in double format
+ lfd $A3,32($nap_d)
+ fmadd $T3a,$N3,$na,$T3a
+ fmadd $T3b,$N3,$nb,$T3b
+ fmadd $T0a,$N0,$na,$T0a
+ fmadd $T0b,$N0,$nb,$T0b
+
+ fmadd $T1a,$N0,$nc,$T1a
+ fmadd $T1b,$N0,$nd,$T1b
+ fmadd $T2a,$N1,$nc,$T2a
+ fmadd $T2b,$N1,$nd,$T2b
+ fmadd $T3a,$N2,$nc,$T3a
+ fmadd $T3b,$N2,$nd,$T3b
+ fmadd $dota,$N3,$nc,$dota
+ fmadd $dotb,$N3,$nd,$dotb
+
+ fctid $T0a,$T0a
+ fctid $T0b,$T0b
+ fctid $T1a,$T1a
+ fctid $T1b,$T1b
+ fctid $T2a,$T2a
+ fctid $T2b,$T2b
+ fctid $T3a,$T3a
+ fctid $T3b,$T3b
+
+ stfd $T0a,`$FRAME+0`($sp)
+ stfd $T0b,`$FRAME+8`($sp)
+ stfd $T1a,`$FRAME+16`($sp)
+ stfd $T1b,`$FRAME+24`($sp)
+ stfd $T2a,`$FRAME+32`($sp)
+ stfd $T2b,`$FRAME+40`($sp)
+ stfd $T3a,`$FRAME+48`($sp)
+ stfd $T3b,`$FRAME+56`($sp)
+
+.align 5
+Linner:
+ fmul $T1a,$A1,$ba
+ fmul $T1b,$A1,$bb
+ fmul $T2a,$A2,$ba
+ fmul $T2b,$A2,$bb
+ lfd $N0,40($nap_d) ; load n[j] in double format
+ lfd $N1,48($nap_d)
+ fmul $T3a,$A3,$ba
+ fmul $T3b,$A3,$bb
+ fmadd $T0a,$A0,$ba,$dota
+ fmadd $T0b,$A0,$bb,$dotb
+ lfd $N2,56($nap_d) ; load n[j+1] in double format
+ lfdu $N3,64($nap_d)
+
+ fmadd $T1a,$A0,$bc,$T1a
+ fmadd $T1b,$A0,$bd,$T1b
+ fmadd $T2a,$A1,$bc,$T2a
+ fmadd $T2b,$A1,$bd,$T2b
+ lfd $A0,8($nap_d) ; load a[j] in double format
+ lfd $A1,16($nap_d)
+ fmadd $T3a,$A2,$bc,$T3a
+ fmadd $T3b,$A2,$bd,$T3b
+ fmul $dota,$A3,$bc
+ fmul $dotb,$A3,$bd
+ lfd $A2,24($nap_d) ; load a[j+1] in double format
+ lfd $A3,32($nap_d)
+
+ fmadd $T1a,$N1,$na,$T1a
+ fmadd $T1b,$N1,$nb,$T1b
+ ld $t0,`$FRAME+0`($sp)
+ ld $t1,`$FRAME+8`($sp)
+ fmadd $T2a,$N2,$na,$T2a
+ fmadd $T2b,$N2,$nb,$T2b
+ ld $t2,`$FRAME+16`($sp)
+ ld $t3,`$FRAME+24`($sp)
+ fmadd $T3a,$N3,$na,$T3a
+ fmadd $T3b,$N3,$nb,$T3b
+ add $t0,$t0,$carry ; can not overflow
+ ld $t4,`$FRAME+32`($sp)
+ ld $t5,`$FRAME+40`($sp)
+ fmadd $T0a,$N0,$na,$T0a
+ fmadd $T0b,$N0,$nb,$T0b
+ srdi $carry,$t0,16
+ add $t1,$t1,$carry
+ srdi $carry,$t1,16
+ ld $t6,`$FRAME+48`($sp)
+ ld $t7,`$FRAME+56`($sp)
+
+ fmadd $T1a,$N0,$nc,$T1a
+ fmadd $T1b,$N0,$nd,$T1b
+ insrdi $t0,$t1,16,32
+ ld $t1,8($tp) ; tp[j]
+ fmadd $T2a,$N1,$nc,$T2a
+ fmadd $T2b,$N1,$nd,$T2b
+ add $t2,$t2,$carry
+ fmadd $T3a,$N2,$nc,$T3a
+ fmadd $T3b,$N2,$nd,$T3b
+ srdi $carry,$t2,16
+ insrdi $t0,$t2,16,16
+ fmadd $dota,$N3,$nc,$dota
+ fmadd $dotb,$N3,$nd,$dotb
+ add $t3,$t3,$carry
+ ldu $t2,16($tp) ; tp[j+1]
+ srdi $carry,$t3,16
+ insrdi $t0,$t3,16,0 ; 0..63 bits
+ add $t4,$t4,$carry
+
+ fctid $T0a,$T0a
+ fctid $T0b,$T0b
+ srdi $carry,$t4,16
+ fctid $T1a,$T1a
+ fctid $T1b,$T1b
+ add $t5,$t5,$carry
+ fctid $T2a,$T2a
+ fctid $T2b,$T2b
+ srdi $carry,$t5,16
+ insrdi $t4,$t5,16,32
+ fctid $T3a,$T3a
+ fctid $T3b,$T3b
+ add $t6,$t6,$carry
+ srdi $carry,$t6,16
+ insrdi $t4,$t6,16,16
+
+ stfd $T0a,`$FRAME+0`($sp)
+ stfd $T0b,`$FRAME+8`($sp)
+ add $t7,$t7,$carry
+ addc $t3,$t0,$t1
+___
+$code.=<<___ if ($SIZE_T==4); # adjust XER[CA]
+ extrdi $t0,$t0,32,0
+ extrdi $t1,$t1,32,0
+ adde $t0,$t0,$t1
+___
+$code.=<<___;
+ stfd $T1a,`$FRAME+16`($sp)
+ stfd $T1b,`$FRAME+24`($sp)
+ insrdi $t4,$t7,16,0 ; 64..127 bits
+ srdi $carry,$t7,16 ; upper 33 bits
+ stfd $T2a,`$FRAME+32`($sp)
+ stfd $T2b,`$FRAME+40`($sp)
+ adde $t5,$t4,$t2
+___
+$code.=<<___ if ($SIZE_T==4); # adjust XER[CA]
+ extrdi $t4,$t4,32,0
+ extrdi $t2,$t2,32,0
+ adde $t4,$t4,$t2
+___
+$code.=<<___;
+ stfd $T3a,`$FRAME+48`($sp)
+ stfd $T3b,`$FRAME+56`($sp)
+ addze $carry,$carry
+ std $t3,-16($tp) ; tp[j-1]
+ std $t5,-8($tp) ; tp[j]
+ bdnz- Linner
+
+ fctid $dota,$dota
+ fctid $dotb,$dotb
+ ld $t0,`$FRAME+0`($sp)
+ ld $t1,`$FRAME+8`($sp)
+ ld $t2,`$FRAME+16`($sp)
+ ld $t3,`$FRAME+24`($sp)
+ ld $t4,`$FRAME+32`($sp)
+ ld $t5,`$FRAME+40`($sp)
+ ld $t6,`$FRAME+48`($sp)
+ ld $t7,`$FRAME+56`($sp)
+ stfd $dota,`$FRAME+64`($sp)
+ stfd $dotb,`$FRAME+72`($sp)
+
+ add $t0,$t0,$carry ; can not overflow
+ srdi $carry,$t0,16
+ add $t1,$t1,$carry
+ srdi $carry,$t1,16
+ insrdi $t0,$t1,16,32
+ add $t2,$t2,$carry
+ ld $t1,8($tp) ; tp[j]
+ srdi $carry,$t2,16
+ insrdi $t0,$t2,16,16
+ add $t3,$t3,$carry
+ ldu $t2,16($tp) ; tp[j+1]
+ srdi $carry,$t3,16
+ insrdi $t0,$t3,16,0 ; 0..63 bits
+ add $t4,$t4,$carry
+ srdi $carry,$t4,16
+ add $t5,$t5,$carry
+ srdi $carry,$t5,16
+ insrdi $t4,$t5,16,32
+ add $t6,$t6,$carry
+ srdi $carry,$t6,16
+ insrdi $t4,$t6,16,16
+ add $t7,$t7,$carry
+ insrdi $t4,$t7,16,0 ; 64..127 bits
+ srdi $carry,$t7,16 ; upper 33 bits
+ ld $t6,`$FRAME+64`($sp)
+ ld $t7,`$FRAME+72`($sp)
+
+ addc $t3,$t0,$t1
+___
+$code.=<<___ if ($SIZE_T==4); # adjust XER[CA]
+ extrdi $t0,$t0,32,0
+ extrdi $t1,$t1,32,0
+ adde $t0,$t0,$t1
+___
+$code.=<<___;
+ adde $t5,$t4,$t2
+___
+$code.=<<___ if ($SIZE_T==4); # adjust XER[CA]
+ extrdi $t4,$t4,32,0
+ extrdi $t2,$t2,32,0
+ adde $t4,$t4,$t2
+___
+$code.=<<___;
+ addze $carry,$carry
+
+ std $t3,-16($tp) ; tp[j-1]
+ std $t5,-8($tp) ; tp[j]
+
+ add $carry,$carry,$ovf ; comsume upmost overflow
+ add $t6,$t6,$carry ; can not overflow
+ srdi $carry,$t6,16
+ add $t7,$t7,$carry
+ insrdi $t6,$t7,48,0
+ srdi $ovf,$t7,48
+ std $t6,0($tp) ; tp[num-1]
+
+ slwi $t7,$num,2
+ addi $i,$i,8
+ subf $nap_d,$t7,$nap_d ; rewind pointer
+ cmpw $i,$num
+ blt- Louter
+___
+
+$code.=<<___ if ($SIZE_T==8);
+ subf $np,$num,$np ; rewind np
+ addi $j,$j,1 ; restore counter
+ subfc $i,$i,$i ; j=0 and "clear" XER[CA]
+ addi $tp,$sp,`$FRAME+$TRANSFER+8`
+ addi $t4,$sp,`$FRAME+$TRANSFER+16`
+ addi $t5,$np,8
+ addi $t6,$rp,8
+ mtctr $j
+
+.align 4
+Lsub: ldx $t0,$tp,$i
+ ldx $t1,$np,$i
+ ldx $t2,$t4,$i
+ ldx $t3,$t5,$i
+ subfe $t0,$t1,$t0 ; tp[j]-np[j]
+ subfe $t2,$t3,$t2 ; tp[j+1]-np[j+1]
+ stdx $t0,$rp,$i
+ stdx $t2,$t6,$i
+ addi $i,$i,16
+ bdnz- Lsub
+
+ li $i,0
+ subfe $ovf,$i,$ovf ; handle upmost overflow bit
+ and $ap,$tp,$ovf
+ andc $np,$rp,$ovf
+ or $ap,$ap,$np ; ap=borrow?tp:rp
+ addi $t7,$ap,8
+ mtctr $j
+
+.align 4
+Lcopy: ; copy or in-place refresh
+ ldx $t0,$ap,$i
+ ldx $t1,$t7,$i
+ std $i,8($nap_d) ; zap nap_d
+ std $i,16($nap_d)
+ std $i,24($nap_d)
+ std $i,32($nap_d)
+ std $i,40($nap_d)
+ std $i,48($nap_d)
+ std $i,56($nap_d)
+ stdu $i,64($nap_d)
+ stdx $t0,$rp,$i
+ stdx $t1,$t6,$i
+ stdx $i,$tp,$i ; zap tp at once
+ stdx $i,$t4,$i
+ addi $i,$i,16
+ bdnz- Lcopy
+___
+$code.=<<___ if ($SIZE_T==4);
+ subf $np,$num,$np ; rewind np
+ addi $j,$j,1 ; restore counter
+ subfc $i,$i,$i ; j=0 and "clear" XER[CA]
+ addi $tp,$sp,`$FRAME+$TRANSFER`
+ addi $np,$np,-4
+ addi $rp,$rp,-4
+ addi $ap,$sp,`$FRAME+$TRANSFER+4`
+ mtctr $j
+
+.align 4
+Lsub: ld $t0,8($tp) ; load tp[j..j+3] in 64-bit word order
+ ldu $t2,16($tp)
+ lwz $t4,4($np) ; load np[j..j+3] in 32-bit word order
+ lwz $t5,8($np)
+ lwz $t6,12($np)
+ lwzu $t7,16($np)
+ extrdi $t1,$t0,32,0
+ extrdi $t3,$t2,32,0
+ subfe $t4,$t4,$t0 ; tp[j]-np[j]
+ stw $t0,4($ap) ; save tp[j..j+3] in 32-bit word order
+ subfe $t5,$t5,$t1 ; tp[j+1]-np[j+1]
+ stw $t1,8($ap)
+ subfe $t6,$t6,$t2 ; tp[j+2]-np[j+2]
+ stw $t2,12($ap)
+ subfe $t7,$t7,$t3 ; tp[j+3]-np[j+3]
+ stwu $t3,16($ap)
+ stw $t4,4($rp)
+ stw $t5,8($rp)
+ stw $t6,12($rp)
+ stwu $t7,16($rp)
+ bdnz- Lsub
+
+ li $i,0
+ subfe $ovf,$i,$ovf ; handle upmost overflow bit
+ addi $tp,$sp,`$FRAME+$TRANSFER+4`
+ subf $rp,$num,$rp ; rewind rp
+ and $ap,$tp,$ovf
+ andc $np,$rp,$ovf
+ or $ap,$ap,$np ; ap=borrow?tp:rp
+ addi $tp,$sp,`$FRAME+$TRANSFER`
+ mtctr $j
+
+.align 4
+Lcopy: ; copy or in-place refresh
+ lwz $t0,4($ap)
+ lwz $t1,8($ap)
+ lwz $t2,12($ap)
+ lwzu $t3,16($ap)
+ std $i,8($nap_d) ; zap nap_d
+ std $i,16($nap_d)
+ std $i,24($nap_d)
+ std $i,32($nap_d)
+ std $i,40($nap_d)
+ std $i,48($nap_d)
+ std $i,56($nap_d)
+ stdu $i,64($nap_d)
+ stw $t0,4($rp)
+ stw $t1,8($rp)
+ stw $t2,12($rp)
+ stwu $t3,16($rp)
+ std $i,8($tp) ; zap tp at once
+ stdu $i,16($tp)
+ bdnz- Lcopy
+___
+
+$code.=<<___;
+ $POP $i,0($sp)
+ li r3,1 ; signal "handled"
+ $POP r22,`-12*8-10*$SIZE_T`($i)
+ $POP r23,`-12*8-9*$SIZE_T`($i)
+ $POP r24,`-12*8-8*$SIZE_T`($i)
+ $POP r25,`-12*8-7*$SIZE_T`($i)
+ $POP r26,`-12*8-6*$SIZE_T`($i)
+ $POP r27,`-12*8-5*$SIZE_T`($i)
+ $POP r28,`-12*8-4*$SIZE_T`($i)
+ $POP r29,`-12*8-3*$SIZE_T`($i)
+ $POP r30,`-12*8-2*$SIZE_T`($i)
+ $POP r31,`-12*8-1*$SIZE_T`($i)
+ lfd f20,`-12*8`($i)
+ lfd f21,`-11*8`($i)
+ lfd f22,`-10*8`($i)
+ lfd f23,`-9*8`($i)
+ lfd f24,`-8*8`($i)
+ lfd f25,`-7*8`($i)
+ lfd f26,`-6*8`($i)
+ lfd f27,`-5*8`($i)
+ lfd f28,`-4*8`($i)
+ lfd f29,`-3*8`($i)
+ lfd f30,`-2*8`($i)
+ lfd f31,`-1*8`($i)
+ mr $sp,$i
+ blr
+ .long 0
+ .byte 0,12,4,0,0x8c,10,6,0
+ .long 0
+
+.asciz "Montgomery Multiplication for PPC64, CRYPTOGAMS by <appro\@openssl.org>"
+___
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+print $code;
+close STDOUT;
Copied: trunk/crypto/openssl/crypto/bn/asm/s390x-gf2m.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/bn/asm/s390x-gf2m.pl)
===================================================================
--- trunk/crypto/openssl/crypto/bn/asm/s390x-gf2m.pl (rev 0)
+++ trunk/crypto/openssl/crypto/bn/asm/s390x-gf2m.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,221 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+#
+# May 2011
+#
+# The module implements bn_GF2m_mul_2x2 polynomial multiplication used
+# in bn_gf2m.c. It's kind of low-hanging mechanical port from C for
+# the time being... gcc 4.3 appeared to generate poor code, therefore
+# the effort. And indeed, the module delivers 55%-90%(*) improvement
+# on haviest ECDSA verify and ECDH benchmarks for 163- and 571-bit
+# key lengths on z990, 30%-55%(*) - on z10, and 70%-110%(*) - on z196.
+# This is for 64-bit build. In 32-bit "highgprs" case improvement is
+# even higher, for example on z990 it was measured 80%-150%. ECDSA
+# sign is modest 9%-12% faster. Keep in mind that these coefficients
+# are not ones for bn_GF2m_mul_2x2 itself, as not all CPU time is
+# burnt in it...
+#
+# (*) gcc 4.1 was observed to deliver better results than gcc 4.3,
+# so that improvement coefficients can vary from one specific
+# setup to another.
+
+$flavour = shift;
+
+if ($flavour =~ /3[12]/) {
+ $SIZE_T=4;
+ $g="";
+} else {
+ $SIZE_T=8;
+ $g="g";
+}
+
+while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
+open STDOUT,">$output";
+
+$stdframe=16*$SIZE_T+4*8;
+
+$rp="%r2";
+$a1="%r3";
+$a0="%r4";
+$b1="%r5";
+$b0="%r6";
+
+$ra="%r14";
+$sp="%r15";
+
+ at T=("%r0","%r1");
+ at i=("%r12","%r13");
+
+($a1,$a2,$a4,$a8,$a12,$a48)=map("%r$_",(6..11));
+($lo,$hi,$b)=map("%r$_",(3..5)); $a=$lo; $mask=$a8;
+
+$code.=<<___;
+.text
+
+.type _mul_1x1,\@function
+.align 16
+_mul_1x1:
+ lgr $a1,$a
+ sllg $a2,$a,1
+ sllg $a4,$a,2
+ sllg $a8,$a,3
+
+ srag $lo,$a1,63 # broadcast 63rd bit
+ nihh $a1,0x1fff
+ srag @i[0],$a2,63 # broadcast 62nd bit
+ nihh $a2,0x3fff
+ srag @i[1],$a4,63 # broadcast 61st bit
+ nihh $a4,0x7fff
+ ngr $lo,$b
+ ngr @i[0],$b
+ ngr @i[1],$b
+
+ lghi @T[0],0
+ lgr $a12,$a1
+ stg @T[0],`$stdframe+0*8`($sp) # tab[0]=0
+ xgr $a12,$a2
+ stg $a1,`$stdframe+1*8`($sp) # tab[1]=a1
+ lgr $a48,$a4
+ stg $a2,`$stdframe+2*8`($sp) # tab[2]=a2
+ xgr $a48,$a8
+ stg $a12,`$stdframe+3*8`($sp) # tab[3]=a1^a2
+ xgr $a1,$a4
+
+ stg $a4,`$stdframe+4*8`($sp) # tab[4]=a4
+ xgr $a2,$a4
+ stg $a1,`$stdframe+5*8`($sp) # tab[5]=a1^a4
+ xgr $a12,$a4
+ stg $a2,`$stdframe+6*8`($sp) # tab[6]=a2^a4
+ xgr $a1,$a48
+ stg $a12,`$stdframe+7*8`($sp) # tab[7]=a1^a2^a4
+ xgr $a2,$a48
+
+ stg $a8,`$stdframe+8*8`($sp) # tab[8]=a8
+ xgr $a12,$a48
+ stg $a1,`$stdframe+9*8`($sp) # tab[9]=a1^a8
+ xgr $a1,$a4
+ stg $a2,`$stdframe+10*8`($sp) # tab[10]=a2^a8
+ xgr $a2,$a4
+ stg $a12,`$stdframe+11*8`($sp) # tab[11]=a1^a2^a8
+
+ xgr $a12,$a4
+ stg $a48,`$stdframe+12*8`($sp) # tab[12]=a4^a8
+ srlg $hi,$lo,1
+ stg $a1,`$stdframe+13*8`($sp) # tab[13]=a1^a4^a8
+ sllg $lo,$lo,63
+ stg $a2,`$stdframe+14*8`($sp) # tab[14]=a2^a4^a8
+ srlg @T[0], at i[0],2
+ stg $a12,`$stdframe+15*8`($sp) # tab[15]=a1^a2^a4^a8
+
+ lghi $mask,`0xf<<3`
+ sllg $a1, at i[0],62
+ sllg @i[0],$b,3
+ srlg @T[1], at i[1],3
+ ngr @i[0],$mask
+ sllg $a2, at i[1],61
+ srlg @i[1],$b,4-3
+ xgr $hi, at T[0]
+ ngr @i[1],$mask
+ xgr $lo,$a1
+ xgr $hi, at T[1]
+ xgr $lo,$a2
+
+ xg $lo,$stdframe(@i[0],$sp)
+ srlg @i[0],$b,8-3
+ ngr @i[0],$mask
+___
+for($n=1;$n<14;$n++) {
+$code.=<<___;
+ lg @T[1],$stdframe(@i[1],$sp)
+ srlg @i[1],$b,`($n+2)*4`-3
+ sllg @T[0], at T[1],`$n*4`
+ ngr @i[1],$mask
+ srlg @T[1], at T[1],`64-$n*4`
+ xgr $lo, at T[0]
+ xgr $hi, at T[1]
+___
+ push(@i,shift(@i)); push(@T,shift(@T));
+}
+$code.=<<___;
+ lg @T[1],$stdframe(@i[1],$sp)
+ sllg @T[0], at T[1],`$n*4`
+ srlg @T[1], at T[1],`64-$n*4`
+ xgr $lo, at T[0]
+ xgr $hi, at T[1]
+
+ lg @T[0],$stdframe(@i[0],$sp)
+ sllg @T[1], at T[0],`($n+1)*4`
+ srlg @T[0], at T[0],`64-($n+1)*4`
+ xgr $lo, at T[1]
+ xgr $hi, at T[0]
+
+ br $ra
+.size _mul_1x1,.-_mul_1x1
+
+.globl bn_GF2m_mul_2x2
+.type bn_GF2m_mul_2x2,\@function
+.align 16
+bn_GF2m_mul_2x2:
+ stm${g} %r3,%r15,3*$SIZE_T($sp)
+
+ lghi %r1,-$stdframe-128
+ la %r0,0($sp)
+ la $sp,0(%r1,$sp) # alloca
+ st${g} %r0,0($sp) # back chain
+___
+if ($SIZE_T==8) {
+my @r=map("%r$_",(6..9));
+$code.=<<___;
+ bras $ra,_mul_1x1 # a1\xB7b1
+ stmg $lo,$hi,16($rp)
+
+ lg $a,`$stdframe+128+4*$SIZE_T`($sp)
+ lg $b,`$stdframe+128+6*$SIZE_T`($sp)
+ bras $ra,_mul_1x1 # a0\xB7b0
+ stmg $lo,$hi,0($rp)
+
+ lg $a,`$stdframe+128+3*$SIZE_T`($sp)
+ lg $b,`$stdframe+128+5*$SIZE_T`($sp)
+ xg $a,`$stdframe+128+4*$SIZE_T`($sp)
+ xg $b,`$stdframe+128+6*$SIZE_T`($sp)
+ bras $ra,_mul_1x1 # (a0+a1)\xB7(b0+b1)
+ lmg @r[0], at r[3],0($rp)
+
+ xgr $lo,$hi
+ xgr $hi, at r[1]
+ xgr $lo, at r[0]
+ xgr $hi, at r[2]
+ xgr $lo, at r[3]
+ xgr $hi, at r[3]
+ xgr $lo,$hi
+ stg $hi,16($rp)
+ stg $lo,8($rp)
+___
+} else {
+$code.=<<___;
+ sllg %r3,%r3,32
+ sllg %r5,%r5,32
+ or %r3,%r4
+ or %r5,%r6
+ bras $ra,_mul_1x1
+ rllg $lo,$lo,32
+ rllg $hi,$hi,32
+ stmg $lo,$hi,0($rp)
+___
+}
+$code.=<<___;
+ lm${g} %r6,%r15,`$stdframe+128+6*$SIZE_T`($sp)
+ br $ra
+.size bn_GF2m_mul_2x2,.-bn_GF2m_mul_2x2
+.string "GF(2^m) Multiplication for s390x, CRYPTOGAMS by <appro\@openssl.org>"
+___
+
+$code =~ s/\`([^\`]*)\`/eval($1)/gem;
+print $code;
+close STDOUT;
Copied: trunk/crypto/openssl/crypto/bn/asm/s390x-mont.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/bn/asm/s390x-mont.pl)
===================================================================
--- trunk/crypto/openssl/crypto/bn/asm/s390x-mont.pl (rev 0)
+++ trunk/crypto/openssl/crypto/bn/asm/s390x-mont.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,277 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# April 2007.
+#
+# Performance improvement over vanilla C code varies from 85% to 45%
+# depending on key length and benchmark. Unfortunately in this context
+# these are not very impressive results [for code that utilizes "wide"
+# 64x64=128-bit multiplication, which is not commonly available to C
+# programmers], at least hand-coded bn_asm.c replacement is known to
+# provide 30-40% better results for longest keys. Well, on a second
+# thought it's not very surprising, because z-CPUs are single-issue
+# and _strictly_ in-order execution, while bn_mul_mont is more or less
+# dependent on CPU ability to pipe-line instructions and have several
+# of them "in-flight" at the same time. I mean while other methods,
+# for example Karatsuba, aim to minimize amount of multiplications at
+# the cost of other operations increase, bn_mul_mont aim to neatly
+# "overlap" multiplications and the other operations [and on most
+# platforms even minimize the amount of the other operations, in
+# particular references to memory]. But it's possible to improve this
+# module performance by implementing dedicated squaring code-path and
+# possibly by unrolling loops...
+
+# January 2009.
+#
+# Reschedule to minimize/avoid Address Generation Interlock hazard,
+# make inner loops counter-based.
+
+# November 2010.
+#
+# Adapt for -m31 build. If kernel supports what's called "highgprs"
+# feature on Linux [see /proc/cpuinfo], it's possible to use 64-bit
+# instructions and achieve "64-bit" performance even in 31-bit legacy
+# application context. The feature is not specific to any particular
+# processor, as long as it's "z-CPU". Latter implies that the code
+# remains z/Architecture specific. Compatibility with 32-bit BN_ULONG
+# is achieved by swapping words after 64-bit loads, follow _dswap-s.
+# On z990 it was measured to perform 2.6-2.2 times better than
+# compiler-generated code, less for longer keys...
+
+$flavour = shift;
+
+if ($flavour =~ /3[12]/) {
+ $SIZE_T=4;
+ $g="";
+} else {
+ $SIZE_T=8;
+ $g="g";
+}
+
+while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
+open STDOUT,">$output";
+
+$stdframe=16*$SIZE_T+4*8;
+
+$mn0="%r0";
+$num="%r1";
+
+# int bn_mul_mont(
+$rp="%r2"; # BN_ULONG *rp,
+$ap="%r3"; # const BN_ULONG *ap,
+$bp="%r4"; # const BN_ULONG *bp,
+$np="%r5"; # const BN_ULONG *np,
+$n0="%r6"; # const BN_ULONG *n0,
+#$num="160(%r15)" # int num);
+
+$bi="%r2"; # zaps rp
+$j="%r7";
+
+$ahi="%r8";
+$alo="%r9";
+$nhi="%r10";
+$nlo="%r11";
+$AHI="%r12";
+$NHI="%r13";
+$count="%r14";
+$sp="%r15";
+
+$code.=<<___;
+.text
+.globl bn_mul_mont
+.type bn_mul_mont,\@function
+bn_mul_mont:
+ lgf $num,`$stdframe+$SIZE_T-4`($sp) # pull $num
+ sla $num,`log($SIZE_T)/log(2)` # $num to enumerate bytes
+ la $bp,0($num,$bp)
+
+ st${g} %r2,2*$SIZE_T($sp)
+
+ cghi $num,16 #
+ lghi %r2,0 #
+ blr %r14 # if($num<16) return 0;
+___
+$code.=<<___ if ($flavour =~ /3[12]/);
+ tmll $num,4
+ bnzr %r14 # if ($num&1) return 0;
+___
+$code.=<<___ if ($flavour !~ /3[12]/);
+ cghi $num,96 #
+ bhr %r14 # if($num>96) return 0;
+___
+$code.=<<___;
+ stm${g} %r3,%r15,3*$SIZE_T($sp)
+
+ lghi $rp,-$stdframe-8 # leave room for carry bit
+ lcgr $j,$num # -$num
+ lgr %r0,$sp
+ la $rp,0($rp,$sp)
+ la $sp,0($j,$rp) # alloca
+ st${g} %r0,0($sp) # back chain
+
+ sra $num,3 # restore $num
+ la $bp,0($j,$bp) # restore $bp
+ ahi $num,-1 # adjust $num for inner loop
+ lg $n0,0($n0) # pull n0
+ _dswap $n0
+
+ lg $bi,0($bp)
+ _dswap $bi
+ lg $alo,0($ap)
+ _dswap $alo
+ mlgr $ahi,$bi # ap[0]*bp[0]
+ lgr $AHI,$ahi
+
+ lgr $mn0,$alo # "tp[0]"*n0
+ msgr $mn0,$n0
+
+ lg $nlo,0($np) #
+ _dswap $nlo
+ mlgr $nhi,$mn0 # np[0]*m1
+ algr $nlo,$alo # +="tp[0]"
+ lghi $NHI,0
+ alcgr $NHI,$nhi
+
+ la $j,8(%r0) # j=1
+ lr $count,$num
+
+.align 16
+.L1st:
+ lg $alo,0($j,$ap)
+ _dswap $alo
+ mlgr $ahi,$bi # ap[j]*bp[0]
+ algr $alo,$AHI
+ lghi $AHI,0
+ alcgr $AHI,$ahi
+
+ lg $nlo,0($j,$np)
+ _dswap $nlo
+ mlgr $nhi,$mn0 # np[j]*m1
+ algr $nlo,$NHI
+ lghi $NHI,0
+ alcgr $nhi,$NHI # +="tp[j]"
+ algr $nlo,$alo
+ alcgr $NHI,$nhi
+
+ stg $nlo,$stdframe-8($j,$sp) # tp[j-1]=
+ la $j,8($j) # j++
+ brct $count,.L1st
+
+ algr $NHI,$AHI
+ lghi $AHI,0
+ alcgr $AHI,$AHI # upmost overflow bit
+ stg $NHI,$stdframe-8($j,$sp)
+ stg $AHI,$stdframe($j,$sp)
+ la $bp,8($bp) # bp++
+
+.Louter:
+ lg $bi,0($bp) # bp[i]
+ _dswap $bi
+ lg $alo,0($ap)
+ _dswap $alo
+ mlgr $ahi,$bi # ap[0]*bp[i]
+ alg $alo,$stdframe($sp) # +=tp[0]
+ lghi $AHI,0
+ alcgr $AHI,$ahi
+
+ lgr $mn0,$alo
+ msgr $mn0,$n0 # tp[0]*n0
+
+ lg $nlo,0($np) # np[0]
+ _dswap $nlo
+ mlgr $nhi,$mn0 # np[0]*m1
+ algr $nlo,$alo # +="tp[0]"
+ lghi $NHI,0
+ alcgr $NHI,$nhi
+
+ la $j,8(%r0) # j=1
+ lr $count,$num
+
+.align 16
+.Linner:
+ lg $alo,0($j,$ap)
+ _dswap $alo
+ mlgr $ahi,$bi # ap[j]*bp[i]
+ algr $alo,$AHI
+ lghi $AHI,0
+ alcgr $ahi,$AHI
+ alg $alo,$stdframe($j,$sp)# +=tp[j]
+ alcgr $AHI,$ahi
+
+ lg $nlo,0($j,$np)
+ _dswap $nlo
+ mlgr $nhi,$mn0 # np[j]*m1
+ algr $nlo,$NHI
+ lghi $NHI,0
+ alcgr $nhi,$NHI
+ algr $nlo,$alo # +="tp[j]"
+ alcgr $NHI,$nhi
+
+ stg $nlo,$stdframe-8($j,$sp) # tp[j-1]=
+ la $j,8($j) # j++
+ brct $count,.Linner
+
+ algr $NHI,$AHI
+ lghi $AHI,0
+ alcgr $AHI,$AHI
+ alg $NHI,$stdframe($j,$sp)# accumulate previous upmost overflow bit
+ lghi $ahi,0
+ alcgr $AHI,$ahi # new upmost overflow bit
+ stg $NHI,$stdframe-8($j,$sp)
+ stg $AHI,$stdframe($j,$sp)
+
+ la $bp,8($bp) # bp++
+ cl${g} $bp,`$stdframe+8+4*$SIZE_T`($j,$sp) # compare to &bp[num]
+ jne .Louter
+
+ l${g} $rp,`$stdframe+8+2*$SIZE_T`($j,$sp) # reincarnate rp
+ la $ap,$stdframe($sp)
+ ahi $num,1 # restore $num, incidentally clears "borrow"
+
+ la $j,0(%r0)
+ lr $count,$num
+.Lsub: lg $alo,0($j,$ap)
+ lg $nlo,0($j,$np)
+ _dswap $nlo
+ slbgr $alo,$nlo
+ stg $alo,0($j,$rp)
+ la $j,8($j)
+ brct $count,.Lsub
+ lghi $ahi,0
+ slbgr $AHI,$ahi # handle upmost carry
+
+ ngr $ap,$AHI
+ lghi $np,-1
+ xgr $np,$AHI
+ ngr $np,$rp
+ ogr $ap,$np # ap=borrow?tp:rp
+
+ la $j,0(%r0)
+ lgr $count,$num
+.Lcopy: lg $alo,0($j,$ap) # copy or in-place refresh
+ _dswap $alo
+ stg $j,$stdframe($j,$sp) # zap tp
+ stg $alo,0($j,$rp)
+ la $j,8($j)
+ brct $count,.Lcopy
+
+ la %r1,`$stdframe+8+6*$SIZE_T`($j,$sp)
+ lm${g} %r6,%r15,0(%r1)
+ lghi %r2,1 # signal "processed"
+ br %r14
+.size bn_mul_mont,.-bn_mul_mont
+.string "Montgomery Multiplication for s390x, CRYPTOGAMS by <appro\@openssl.org>"
+___
+
+foreach (split("\n",$code)) {
+ s/\`([^\`]*)\`/eval $1/ge;
+ s/_dswap\s+(%r[0-9]+)/sprintf("rllg\t%s,%s,32",$1,$1) if($SIZE_T==4)/e;
+ print $_,"\n";
+}
+close STDOUT;
Copied: trunk/crypto/openssl/crypto/bn/asm/s390x.S (from rev 7117, vendor-crypto/openssl/dist/crypto/bn/asm/s390x.S)
===================================================================
--- trunk/crypto/openssl/crypto/bn/asm/s390x.S (rev 0)
+++ trunk/crypto/openssl/crypto/bn/asm/s390x.S 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,678 @@
+.ident "s390x.S, version 1.1"
+// ====================================================================
+// Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+// project.
+//
+// Rights for redistribution and usage in source and binary forms are
+// granted according to the OpenSSL license. Warranty of any kind is
+// disclaimed.
+// ====================================================================
+
+.text
+
+#define zero %r0
+
+// BN_ULONG bn_mul_add_words(BN_ULONG *r2,BN_ULONG *r3,int r4,BN_ULONG r5);
+.globl bn_mul_add_words
+.type bn_mul_add_words, at function
+.align 4
+bn_mul_add_words:
+ lghi zero,0 // zero = 0
+ la %r1,0(%r2) // put rp aside
+ lghi %r2,0 // i=0;
+ ltgfr %r4,%r4
+ bler %r14 // if (len<=0) return 0;
+
+ stmg %r6,%r10,48(%r15)
+ lghi %r10,3
+ lghi %r8,0 // carry = 0
+ nr %r10,%r4 // len%4
+ sra %r4,2 // cnt=len/4
+ jz .Loop1_madd // carry is incidentally cleared if branch taken
+ algr zero,zero // clear carry
+
+.Loop4_madd:
+ lg %r7,0(%r2,%r3) // ap[i]
+ mlgr %r6,%r5 // *=w
+ alcgr %r7,%r8 // +=carry
+ alcgr %r6,zero
+ alg %r7,0(%r2,%r1) // +=rp[i]
+ stg %r7,0(%r2,%r1) // rp[i]=
+
+ lg %r9,8(%r2,%r3)
+ mlgr %r8,%r5
+ alcgr %r9,%r6
+ alcgr %r8,zero
+ alg %r9,8(%r2,%r1)
+ stg %r9,8(%r2,%r1)
+
+ lg %r7,16(%r2,%r3)
+ mlgr %r6,%r5
+ alcgr %r7,%r8
+ alcgr %r6,zero
+ alg %r7,16(%r2,%r1)
+ stg %r7,16(%r2,%r1)
+
+ lg %r9,24(%r2,%r3)
+ mlgr %r8,%r5
+ alcgr %r9,%r6
+ alcgr %r8,zero
+ alg %r9,24(%r2,%r1)
+ stg %r9,24(%r2,%r1)
+
+ la %r2,32(%r2) // i+=4
+ brct %r4,.Loop4_madd
+
+ la %r10,1(%r10) // see if len%4 is zero ...
+ brct %r10,.Loop1_madd // without touching condition code:-)
+
+.Lend_madd:
+ alcgr %r8,zero // collect carry bit
+ lgr %r2,%r8
+ lmg %r6,%r10,48(%r15)
+ br %r14
+
+.Loop1_madd:
+ lg %r7,0(%r2,%r3) // ap[i]
+ mlgr %r6,%r5 // *=w
+ alcgr %r7,%r8 // +=carry
+ alcgr %r6,zero
+ alg %r7,0(%r2,%r1) // +=rp[i]
+ stg %r7,0(%r2,%r1) // rp[i]=
+
+ lgr %r8,%r6
+ la %r2,8(%r2) // i++
+ brct %r10,.Loop1_madd
+
+ j .Lend_madd
+.size bn_mul_add_words,.-bn_mul_add_words
+
+// BN_ULONG bn_mul_words(BN_ULONG *r2,BN_ULONG *r3,int r4,BN_ULONG r5);
+.globl bn_mul_words
+.type bn_mul_words, at function
+.align 4
+bn_mul_words:
+ lghi zero,0 // zero = 0
+ la %r1,0(%r2) // put rp aside
+ lghi %r2,0 // i=0;
+ ltgfr %r4,%r4
+ bler %r14 // if (len<=0) return 0;
+
+ stmg %r6,%r10,48(%r15)
+ lghi %r10,3
+ lghi %r8,0 // carry = 0
+ nr %r10,%r4 // len%4
+ sra %r4,2 // cnt=len/4
+ jz .Loop1_mul // carry is incidentally cleared if branch taken
+ algr zero,zero // clear carry
+
+.Loop4_mul:
+ lg %r7,0(%r2,%r3) // ap[i]
+ mlgr %r6,%r5 // *=w
+ alcgr %r7,%r8 // +=carry
+ stg %r7,0(%r2,%r1) // rp[i]=
+
+ lg %r9,8(%r2,%r3)
+ mlgr %r8,%r5
+ alcgr %r9,%r6
+ stg %r9,8(%r2,%r1)
+
+ lg %r7,16(%r2,%r3)
+ mlgr %r6,%r5
+ alcgr %r7,%r8
+ stg %r7,16(%r2,%r1)
+
+ lg %r9,24(%r2,%r3)
+ mlgr %r8,%r5
+ alcgr %r9,%r6
+ stg %r9,24(%r2,%r1)
+
+ la %r2,32(%r2) // i+=4
+ brct %r4,.Loop4_mul
+
+ la %r10,1(%r10) // see if len%4 is zero ...
+ brct %r10,.Loop1_mul // without touching condition code:-)
+
+.Lend_mul:
+ alcgr %r8,zero // collect carry bit
+ lgr %r2,%r8
+ lmg %r6,%r10,48(%r15)
+ br %r14
+
+.Loop1_mul:
+ lg %r7,0(%r2,%r3) // ap[i]
+ mlgr %r6,%r5 // *=w
+ alcgr %r7,%r8 // +=carry
+ stg %r7,0(%r2,%r1) // rp[i]=
+
+ lgr %r8,%r6
+ la %r2,8(%r2) // i++
+ brct %r10,.Loop1_mul
+
+ j .Lend_mul
+.size bn_mul_words,.-bn_mul_words
+
+// void bn_sqr_words(BN_ULONG *r2,BN_ULONG *r2,int r4)
+.globl bn_sqr_words
+.type bn_sqr_words, at function
+.align 4
+bn_sqr_words:
+ ltgfr %r4,%r4
+ bler %r14
+
+ stmg %r6,%r7,48(%r15)
+ srag %r1,%r4,2 // cnt=len/4
+ jz .Loop1_sqr
+
+.Loop4_sqr:
+ lg %r7,0(%r3)
+ mlgr %r6,%r7
+ stg %r7,0(%r2)
+ stg %r6,8(%r2)
+
+ lg %r7,8(%r3)
+ mlgr %r6,%r7
+ stg %r7,16(%r2)
+ stg %r6,24(%r2)
+
+ lg %r7,16(%r3)
+ mlgr %r6,%r7
+ stg %r7,32(%r2)
+ stg %r6,40(%r2)
+
+ lg %r7,24(%r3)
+ mlgr %r6,%r7
+ stg %r7,48(%r2)
+ stg %r6,56(%r2)
+
+ la %r3,32(%r3)
+ la %r2,64(%r2)
+ brct %r1,.Loop4_sqr
+
+ lghi %r1,3
+ nr %r4,%r1 // cnt=len%4
+ jz .Lend_sqr
+
+.Loop1_sqr:
+ lg %r7,0(%r3)
+ mlgr %r6,%r7
+ stg %r7,0(%r2)
+ stg %r6,8(%r2)
+
+ la %r3,8(%r3)
+ la %r2,16(%r2)
+ brct %r4,.Loop1_sqr
+
+.Lend_sqr:
+ lmg %r6,%r7,48(%r15)
+ br %r14
+.size bn_sqr_words,.-bn_sqr_words
+
+// BN_ULONG bn_div_words(BN_ULONG h,BN_ULONG l,BN_ULONG d);
+.globl bn_div_words
+.type bn_div_words, at function
+.align 4
+bn_div_words:
+ dlgr %r2,%r4
+ lgr %r2,%r3
+ br %r14
+.size bn_div_words,.-bn_div_words
+
+// BN_ULONG bn_add_words(BN_ULONG *r2,BN_ULONG *r3,BN_ULONG *r4,int r5);
+.globl bn_add_words
+.type bn_add_words, at function
+.align 4
+bn_add_words:
+ la %r1,0(%r2) // put rp aside
+ lghi %r2,0 // i=0
+ ltgfr %r5,%r5
+ bler %r14 // if (len<=0) return 0;
+
+ stg %r6,48(%r15)
+ lghi %r6,3
+ nr %r6,%r5 // len%4
+ sra %r5,2 // len/4, use sra because it sets condition code
+ jz .Loop1_add // carry is incidentally cleared if branch taken
+ algr %r2,%r2 // clear carry
+
+.Loop4_add:
+ lg %r0,0(%r2,%r3)
+ alcg %r0,0(%r2,%r4)
+ stg %r0,0(%r2,%r1)
+ lg %r0,8(%r2,%r3)
+ alcg %r0,8(%r2,%r4)
+ stg %r0,8(%r2,%r1)
+ lg %r0,16(%r2,%r3)
+ alcg %r0,16(%r2,%r4)
+ stg %r0,16(%r2,%r1)
+ lg %r0,24(%r2,%r3)
+ alcg %r0,24(%r2,%r4)
+ stg %r0,24(%r2,%r1)
+
+ la %r2,32(%r2) // i+=4
+ brct %r5,.Loop4_add
+
+ la %r6,1(%r6) // see if len%4 is zero ...
+ brct %r6,.Loop1_add // without touching condition code:-)
+
+.Lexit_add:
+ lghi %r2,0
+ alcgr %r2,%r2
+ lg %r6,48(%r15)
+ br %r14
+
+.Loop1_add:
+ lg %r0,0(%r2,%r3)
+ alcg %r0,0(%r2,%r4)
+ stg %r0,0(%r2,%r1)
+
+ la %r2,8(%r2) // i++
+ brct %r6,.Loop1_add
+
+ j .Lexit_add
+.size bn_add_words,.-bn_add_words
+
+// BN_ULONG bn_sub_words(BN_ULONG *r2,BN_ULONG *r3,BN_ULONG *r4,int r5);
+.globl bn_sub_words
+.type bn_sub_words, at function
+.align 4
+bn_sub_words:
+ la %r1,0(%r2) // put rp aside
+ lghi %r2,0 // i=0
+ ltgfr %r5,%r5
+ bler %r14 // if (len<=0) return 0;
+
+ stg %r6,48(%r15)
+ lghi %r6,3
+ nr %r6,%r5 // len%4
+ sra %r5,2 // len/4, use sra because it sets condition code
+ jnz .Loop4_sub // borrow is incidentally cleared if branch taken
+ slgr %r2,%r2 // clear borrow
+
+.Loop1_sub:
+ lg %r0,0(%r2,%r3)
+ slbg %r0,0(%r2,%r4)
+ stg %r0,0(%r2,%r1)
+
+ la %r2,8(%r2) // i++
+ brct %r6,.Loop1_sub
+ j .Lexit_sub
+
+.Loop4_sub:
+ lg %r0,0(%r2,%r3)
+ slbg %r0,0(%r2,%r4)
+ stg %r0,0(%r2,%r1)
+ lg %r0,8(%r2,%r3)
+ slbg %r0,8(%r2,%r4)
+ stg %r0,8(%r2,%r1)
+ lg %r0,16(%r2,%r3)
+ slbg %r0,16(%r2,%r4)
+ stg %r0,16(%r2,%r1)
+ lg %r0,24(%r2,%r3)
+ slbg %r0,24(%r2,%r4)
+ stg %r0,24(%r2,%r1)
+
+ la %r2,32(%r2) // i+=4
+ brct %r5,.Loop4_sub
+
+ la %r6,1(%r6) // see if len%4 is zero ...
+ brct %r6,.Loop1_sub // without touching condition code:-)
+
+.Lexit_sub:
+ lghi %r2,0
+ slbgr %r2,%r2
+ lcgr %r2,%r2
+ lg %r6,48(%r15)
+ br %r14
+.size bn_sub_words,.-bn_sub_words
+
+#define c1 %r1
+#define c2 %r5
+#define c3 %r8
+
+#define mul_add_c(ai,bi,c1,c2,c3) \
+ lg %r7,ai*8(%r3); \
+ mlg %r6,bi*8(%r4); \
+ algr c1,%r7; \
+ alcgr c2,%r6; \
+ alcgr c3,zero
+
+// void bn_mul_comba8(BN_ULONG *r2,BN_ULONG *r3,BN_ULONG *r4);
+.globl bn_mul_comba8
+.type bn_mul_comba8, at function
+.align 4
+bn_mul_comba8:
+ stmg %r6,%r8,48(%r15)
+
+ lghi c1,0
+ lghi c2,0
+ lghi c3,0
+ lghi zero,0
+
+ mul_add_c(0,0,c1,c2,c3);
+ stg c1,0*8(%r2)
+ lghi c1,0
+
+ mul_add_c(0,1,c2,c3,c1);
+ mul_add_c(1,0,c2,c3,c1);
+ stg c2,1*8(%r2)
+ lghi c2,0
+
+ mul_add_c(2,0,c3,c1,c2);
+ mul_add_c(1,1,c3,c1,c2);
+ mul_add_c(0,2,c3,c1,c2);
+ stg c3,2*8(%r2)
+ lghi c3,0
+
+ mul_add_c(0,3,c1,c2,c3);
+ mul_add_c(1,2,c1,c2,c3);
+ mul_add_c(2,1,c1,c2,c3);
+ mul_add_c(3,0,c1,c2,c3);
+ stg c1,3*8(%r2)
+ lghi c1,0
+
+ mul_add_c(4,0,c2,c3,c1);
+ mul_add_c(3,1,c2,c3,c1);
+ mul_add_c(2,2,c2,c3,c1);
+ mul_add_c(1,3,c2,c3,c1);
+ mul_add_c(0,4,c2,c3,c1);
+ stg c2,4*8(%r2)
+ lghi c2,0
+
+ mul_add_c(0,5,c3,c1,c2);
+ mul_add_c(1,4,c3,c1,c2);
+ mul_add_c(2,3,c3,c1,c2);
+ mul_add_c(3,2,c3,c1,c2);
+ mul_add_c(4,1,c3,c1,c2);
+ mul_add_c(5,0,c3,c1,c2);
+ stg c3,5*8(%r2)
+ lghi c3,0
+
+ mul_add_c(6,0,c1,c2,c3);
+ mul_add_c(5,1,c1,c2,c3);
+ mul_add_c(4,2,c1,c2,c3);
+ mul_add_c(3,3,c1,c2,c3);
+ mul_add_c(2,4,c1,c2,c3);
+ mul_add_c(1,5,c1,c2,c3);
+ mul_add_c(0,6,c1,c2,c3);
+ stg c1,6*8(%r2)
+ lghi c1,0
+
+ mul_add_c(0,7,c2,c3,c1);
+ mul_add_c(1,6,c2,c3,c1);
+ mul_add_c(2,5,c2,c3,c1);
+ mul_add_c(3,4,c2,c3,c1);
+ mul_add_c(4,3,c2,c3,c1);
+ mul_add_c(5,2,c2,c3,c1);
+ mul_add_c(6,1,c2,c3,c1);
+ mul_add_c(7,0,c2,c3,c1);
+ stg c2,7*8(%r2)
+ lghi c2,0
+
+ mul_add_c(7,1,c3,c1,c2);
+ mul_add_c(6,2,c3,c1,c2);
+ mul_add_c(5,3,c3,c1,c2);
+ mul_add_c(4,4,c3,c1,c2);
+ mul_add_c(3,5,c3,c1,c2);
+ mul_add_c(2,6,c3,c1,c2);
+ mul_add_c(1,7,c3,c1,c2);
+ stg c3,8*8(%r2)
+ lghi c3,0
+
+ mul_add_c(2,7,c1,c2,c3);
+ mul_add_c(3,6,c1,c2,c3);
+ mul_add_c(4,5,c1,c2,c3);
+ mul_add_c(5,4,c1,c2,c3);
+ mul_add_c(6,3,c1,c2,c3);
+ mul_add_c(7,2,c1,c2,c3);
+ stg c1,9*8(%r2)
+ lghi c1,0
+
+ mul_add_c(7,3,c2,c3,c1);
+ mul_add_c(6,4,c2,c3,c1);
+ mul_add_c(5,5,c2,c3,c1);
+ mul_add_c(4,6,c2,c3,c1);
+ mul_add_c(3,7,c2,c3,c1);
+ stg c2,10*8(%r2)
+ lghi c2,0
+
+ mul_add_c(4,7,c3,c1,c2);
+ mul_add_c(5,6,c3,c1,c2);
+ mul_add_c(6,5,c3,c1,c2);
+ mul_add_c(7,4,c3,c1,c2);
+ stg c3,11*8(%r2)
+ lghi c3,0
+
+ mul_add_c(7,5,c1,c2,c3);
+ mul_add_c(6,6,c1,c2,c3);
+ mul_add_c(5,7,c1,c2,c3);
+ stg c1,12*8(%r2)
+ lghi c1,0
+
+
+ mul_add_c(6,7,c2,c3,c1);
+ mul_add_c(7,6,c2,c3,c1);
+ stg c2,13*8(%r2)
+ lghi c2,0
+
+ mul_add_c(7,7,c3,c1,c2);
+ stg c3,14*8(%r2)
+ stg c1,15*8(%r2)
+
+ lmg %r6,%r8,48(%r15)
+ br %r14
+.size bn_mul_comba8,.-bn_mul_comba8
+
+// void bn_mul_comba4(BN_ULONG *r2,BN_ULONG *r3,BN_ULONG *r4);
+.globl bn_mul_comba4
+.type bn_mul_comba4, at function
+.align 4
+bn_mul_comba4:
+ stmg %r6,%r8,48(%r15)
+
+ lghi c1,0
+ lghi c2,0
+ lghi c3,0
+ lghi zero,0
+
+ mul_add_c(0,0,c1,c2,c3);
+ stg c1,0*8(%r3)
+ lghi c1,0
+
+ mul_add_c(0,1,c2,c3,c1);
+ mul_add_c(1,0,c2,c3,c1);
+ stg c2,1*8(%r2)
+ lghi c2,0
+
+ mul_add_c(2,0,c3,c1,c2);
+ mul_add_c(1,1,c3,c1,c2);
+ mul_add_c(0,2,c3,c1,c2);
+ stg c3,2*8(%r2)
+ lghi c3,0
+
+ mul_add_c(0,3,c1,c2,c3);
+ mul_add_c(1,2,c1,c2,c3);
+ mul_add_c(2,1,c1,c2,c3);
+ mul_add_c(3,0,c1,c2,c3);
+ stg c1,3*8(%r2)
+ lghi c1,0
+
+ mul_add_c(3,1,c2,c3,c1);
+ mul_add_c(2,2,c2,c3,c1);
+ mul_add_c(1,3,c2,c3,c1);
+ stg c2,4*8(%r2)
+ lghi c2,0
+
+ mul_add_c(2,3,c3,c1,c2);
+ mul_add_c(3,2,c3,c1,c2);
+ stg c3,5*8(%r2)
+ lghi c3,0
+
+ mul_add_c(3,3,c1,c2,c3);
+ stg c1,6*8(%r2)
+ stg c2,7*8(%r2)
+
+ stmg %r6,%r8,48(%r15)
+ br %r14
+.size bn_mul_comba4,.-bn_mul_comba4
+
+#define sqr_add_c(ai,c1,c2,c3) \
+ lg %r7,ai*8(%r3); \
+ mlgr %r6,%r7; \
+ algr c1,%r7; \
+ alcgr c2,%r6; \
+ alcgr c3,zero
+
+#define sqr_add_c2(ai,aj,c1,c2,c3) \
+ lg %r7,ai*8(%r3); \
+ mlg %r6,aj*8(%r3); \
+ algr c1,%r7; \
+ alcgr c2,%r6; \
+ alcgr c3,zero; \
+ algr c1,%r7; \
+ alcgr c2,%r6; \
+ alcgr c3,zero
+
+// void bn_sqr_comba8(BN_ULONG *r2,BN_ULONG *r3);
+.globl bn_sqr_comba8
+.type bn_sqr_comba8, at function
+.align 4
+bn_sqr_comba8:
+ stmg %r6,%r8,48(%r15)
+
+ lghi c1,0
+ lghi c2,0
+ lghi c3,0
+ lghi zero,0
+
+ sqr_add_c(0,c1,c2,c3);
+ stg c1,0*8(%r2)
+ lghi c1,0
+
+ sqr_add_c2(1,0,c2,c3,c1);
+ stg c2,1*8(%r2)
+ lghi c2,0
+
+ sqr_add_c(1,c3,c1,c2);
+ sqr_add_c2(2,0,c3,c1,c2);
+ stg c3,2*8(%r2)
+ lghi c3,0
+
+ sqr_add_c2(3,0,c1,c2,c3);
+ sqr_add_c2(2,1,c1,c2,c3);
+ stg c1,3*8(%r2)
+ lghi c1,0
+
+ sqr_add_c(2,c2,c3,c1);
+ sqr_add_c2(3,1,c2,c3,c1);
+ sqr_add_c2(4,0,c2,c3,c1);
+ stg c2,4*8(%r2)
+ lghi c2,0
+
+ sqr_add_c2(5,0,c3,c1,c2);
+ sqr_add_c2(4,1,c3,c1,c2);
+ sqr_add_c2(3,2,c3,c1,c2);
+ stg c3,5*8(%r2)
+ lghi c3,0
+
+ sqr_add_c(3,c1,c2,c3);
+ sqr_add_c2(4,2,c1,c2,c3);
+ sqr_add_c2(5,1,c1,c2,c3);
+ sqr_add_c2(6,0,c1,c2,c3);
+ stg c1,6*8(%r2)
+ lghi c1,0
+
+ sqr_add_c2(7,0,c2,c3,c1);
+ sqr_add_c2(6,1,c2,c3,c1);
+ sqr_add_c2(5,2,c2,c3,c1);
+ sqr_add_c2(4,3,c2,c3,c1);
+ stg c2,7*8(%r2)
+ lghi c2,0
+
+ sqr_add_c(4,c3,c1,c2);
+ sqr_add_c2(5,3,c3,c1,c2);
+ sqr_add_c2(6,2,c3,c1,c2);
+ sqr_add_c2(7,1,c3,c1,c2);
+ stg c3,8*8(%r2)
+ lghi c3,0
+
+ sqr_add_c2(7,2,c1,c2,c3);
+ sqr_add_c2(6,3,c1,c2,c3);
+ sqr_add_c2(5,4,c1,c2,c3);
+ stg c1,9*8(%r2)
+ lghi c1,0
+
+ sqr_add_c(5,c2,c3,c1);
+ sqr_add_c2(6,4,c2,c3,c1);
+ sqr_add_c2(7,3,c2,c3,c1);
+ stg c2,10*8(%r2)
+ lghi c2,0
+
+ sqr_add_c2(7,4,c3,c1,c2);
+ sqr_add_c2(6,5,c3,c1,c2);
+ stg c3,11*8(%r2)
+ lghi c3,0
+
+ sqr_add_c(6,c1,c2,c3);
+ sqr_add_c2(7,5,c1,c2,c3);
+ stg c1,12*8(%r2)
+ lghi c1,0
+
+ sqr_add_c2(7,6,c2,c3,c1);
+ stg c2,13*8(%r2)
+ lghi c2,0
+
+ sqr_add_c(7,c3,c1,c2);
+ stg c3,14*8(%r2)
+ stg c1,15*8(%r2)
+
+ lmg %r6,%r8,48(%r15)
+ br %r14
+.size bn_sqr_comba8,.-bn_sqr_comba8
+
+// void bn_sqr_comba4(BN_ULONG *r2,BN_ULONG *r3);
+.globl bn_sqr_comba4
+.type bn_sqr_comba4, at function
+.align 4
+bn_sqr_comba4:
+ stmg %r6,%r8,48(%r15)
+
+ lghi c1,0
+ lghi c2,0
+ lghi c3,0
+ lghi zero,0
+
+ sqr_add_c(0,c1,c2,c3);
+ stg c1,0*8(%r2)
+ lghi c1,0
+
+ sqr_add_c2(1,0,c2,c3,c1);
+ stg c2,1*8(%r2)
+ lghi c2,0
+
+ sqr_add_c(1,c3,c1,c2);
+ sqr_add_c2(2,0,c3,c1,c2);
+ stg c3,2*8(%r2)
+ lghi c3,0
+
+ sqr_add_c2(3,0,c1,c2,c3);
+ sqr_add_c2(2,1,c1,c2,c3);
+ stg c1,3*8(%r2)
+ lghi c1,0
+
+ sqr_add_c(2,c2,c3,c1);
+ sqr_add_c2(3,1,c2,c3,c1);
+ stg c2,4*8(%r2)
+ lghi c2,0
+
+ sqr_add_c2(3,2,c3,c1,c2);
+ stg c3,5*8(%r2)
+ lghi c3,0
+
+ sqr_add_c(3,c1,c2,c3);
+ stg c1,6*8(%r2)
+ stg c2,7*8(%r2)
+
+ lmg %r6,%r8,48(%r15)
+ br %r14
+.size bn_sqr_comba4,.-bn_sqr_comba4
Modified: trunk/crypto/openssl/crypto/bn/asm/sparcv8plus.S
===================================================================
--- trunk/crypto/openssl/crypto/bn/asm/sparcv8plus.S 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/bn/asm/sparcv8plus.S 2015-07-21 23:23:45 UTC (rev 7118)
@@ -144,6 +144,19 @@
* }
*/
+#if defined(__SUNPRO_C) && defined(__sparcv9)
+ /* They've said -xarch=v9 at command line */
+ .register %g2,#scratch
+ .register %g3,#scratch
+# define FRAME_SIZE -192
+#elif defined(__GNUC__) && defined(__arch64__)
+ /* They've said -m64 at command line */
+ .register %g2,#scratch
+ .register %g3,#scratch
+# define FRAME_SIZE -192
+#else
+# define FRAME_SIZE -96
+#endif
/*
* GNU assembler can't stand stuw:-(
*/
@@ -619,8 +632,6 @@
* Andy.
*/
-#define FRAME_SIZE -96
-
/*
* Here is register usage map for *all* routines below.
*/
Copied: trunk/crypto/openssl/crypto/bn/asm/sparcv9-mont.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/bn/asm/sparcv9-mont.pl)
===================================================================
--- trunk/crypto/openssl/crypto/bn/asm/sparcv9-mont.pl (rev 0)
+++ trunk/crypto/openssl/crypto/bn/asm/sparcv9-mont.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,606 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# December 2005
+#
+# Pure SPARCv9/8+ and IALU-only bn_mul_mont implementation. The reasons
+# for undertaken effort are multiple. First of all, UltraSPARC is not
+# the whole SPARCv9 universe and other VIS-free implementations deserve
+# optimized code as much. Secondly, newly introduced UltraSPARC T1,
+# a.k.a. Niagara, has shared FPU and concurrent FPU-intensive pathes,
+# such as sparcv9a-mont, will simply sink it. Yes, T1 is equipped with
+# several integrated RSA/DSA accelerator circuits accessible through
+# kernel driver [only(*)], but having decent user-land software
+# implementation is important too. Finally, reasons like desire to
+# experiment with dedicated squaring procedure. Yes, this module
+# implements one, because it was easiest to draft it in SPARCv9
+# instructions...
+
+# (*) Engine accessing the driver in question is on my TODO list.
+# For reference, acceleator is estimated to give 6 to 10 times
+# improvement on single-threaded RSA sign. It should be noted
+# that 6-10x improvement coefficient does not actually mean
+# something extraordinary in terms of absolute [single-threaded]
+# performance, as SPARCv9 instruction set is by all means least
+# suitable for high performance crypto among other 64 bit
+# platforms. 6-10x factor simply places T1 in same performance
+# domain as say AMD64 and IA-64. Improvement of RSA verify don't
+# appear impressive at all, but it's the sign operation which is
+# far more critical/interesting.
+
+# You might notice that inner loops are modulo-scheduled:-) This has
+# essentially negligible impact on UltraSPARC performance, it's
+# Fujitsu SPARC64 V users who should notice and hopefully appreciate
+# the advantage... Currently this module surpasses sparcv9a-mont.pl
+# by ~20% on UltraSPARC-III and later cores, but recall that sparcv9a
+# module still have hidden potential [see TODO list there], which is
+# estimated to be larger than 20%...
+
+# int bn_mul_mont(
+$rp="%i0"; # BN_ULONG *rp,
+$ap="%i1"; # const BN_ULONG *ap,
+$bp="%i2"; # const BN_ULONG *bp,
+$np="%i3"; # const BN_ULONG *np,
+$n0="%i4"; # const BN_ULONG *n0,
+$num="%i5"; # int num);
+
+$bits=32;
+for (@ARGV) { $bits=64 if (/\-m64/ || /\-xarch\=v9/); }
+if ($bits==64) { $bias=2047; $frame=192; }
+else { $bias=0; $frame=128; }
+
+$car0="%o0";
+$car1="%o1";
+$car2="%o2"; # 1 bit
+$acc0="%o3";
+$acc1="%o4";
+$mask="%g1"; # 32 bits, what a waste...
+$tmp0="%g4";
+$tmp1="%g5";
+
+$i="%l0";
+$j="%l1";
+$mul0="%l2";
+$mul1="%l3";
+$tp="%l4";
+$apj="%l5";
+$npj="%l6";
+$tpj="%l7";
+
+$fname="bn_mul_mont_int";
+
+$code=<<___;
+.section ".text",#alloc,#execinstr
+
+.global $fname
+.align 32
+$fname:
+ cmp %o5,4 ! 128 bits minimum
+ bge,pt %icc,.Lenter
+ sethi %hi(0xffffffff),$mask
+ retl
+ clr %o0
+.align 32
+.Lenter:
+ save %sp,-$frame,%sp
+ sll $num,2,$num ! num*=4
+ or $mask,%lo(0xffffffff),$mask
+ ld [$n0],$n0
+ cmp $ap,$bp
+ and $num,$mask,$num
+ ld [$bp],$mul0 ! bp[0]
+ nop
+
+ add %sp,$bias,%o7 ! real top of stack
+ ld [$ap],$car0 ! ap[0] ! redundant in squaring context
+ sub %o7,$num,%o7
+ ld [$ap+4],$apj ! ap[1]
+ and %o7,-1024,%o7
+ ld [$np],$car1 ! np[0]
+ sub %o7,$bias,%sp ! alloca
+ ld [$np+4],$npj ! np[1]
+ be,pt `$bits==32?"%icc":"%xcc"`,.Lbn_sqr_mont
+ mov 12,$j
+
+ mulx $car0,$mul0,$car0 ! ap[0]*bp[0]
+ mulx $apj,$mul0,$tmp0 !prologue! ap[1]*bp[0]
+ and $car0,$mask,$acc0
+ add %sp,$bias+$frame,$tp
+ ld [$ap+8],$apj !prologue!
+
+ mulx $n0,$acc0,$mul1 ! "t[0]"*n0
+ and $mul1,$mask,$mul1
+
+ mulx $car1,$mul1,$car1 ! np[0]*"t[0]"*n0
+ mulx $npj,$mul1,$acc1 !prologue! np[1]*"t[0]"*n0
+ srlx $car0,32,$car0
+ add $acc0,$car1,$car1
+ ld [$np+8],$npj !prologue!
+ srlx $car1,32,$car1
+ mov $tmp0,$acc0 !prologue!
+
+.L1st:
+ mulx $apj,$mul0,$tmp0
+ mulx $npj,$mul1,$tmp1
+ add $acc0,$car0,$car0
+ ld [$ap+$j],$apj ! ap[j]
+ and $car0,$mask,$acc0
+ add $acc1,$car1,$car1
+ ld [$np+$j],$npj ! np[j]
+ srlx $car0,32,$car0
+ add $acc0,$car1,$car1
+ add $j,4,$j ! j++
+ mov $tmp0,$acc0
+ st $car1,[$tp]
+ cmp $j,$num
+ mov $tmp1,$acc1
+ srlx $car1,32,$car1
+ bl %icc,.L1st
+ add $tp,4,$tp ! tp++
+!.L1st
+
+ mulx $apj,$mul0,$tmp0 !epilogue!
+ mulx $npj,$mul1,$tmp1
+ add $acc0,$car0,$car0
+ and $car0,$mask,$acc0
+ add $acc1,$car1,$car1
+ srlx $car0,32,$car0
+ add $acc0,$car1,$car1
+ st $car1,[$tp]
+ srlx $car1,32,$car1
+
+ add $tmp0,$car0,$car0
+ and $car0,$mask,$acc0
+ add $tmp1,$car1,$car1
+ srlx $car0,32,$car0
+ add $acc0,$car1,$car1
+ st $car1,[$tp+4]
+ srlx $car1,32,$car1
+
+ add $car0,$car1,$car1
+ st $car1,[$tp+8]
+ srlx $car1,32,$car2
+
+ mov 4,$i ! i++
+ ld [$bp+4],$mul0 ! bp[1]
+.Louter:
+ add %sp,$bias+$frame,$tp
+ ld [$ap],$car0 ! ap[0]
+ ld [$ap+4],$apj ! ap[1]
+ ld [$np],$car1 ! np[0]
+ ld [$np+4],$npj ! np[1]
+ ld [$tp],$tmp1 ! tp[0]
+ ld [$tp+4],$tpj ! tp[1]
+ mov 12,$j
+
+ mulx $car0,$mul0,$car0
+ mulx $apj,$mul0,$tmp0 !prologue!
+ add $tmp1,$car0,$car0
+ ld [$ap+8],$apj !prologue!
+ and $car0,$mask,$acc0
+
+ mulx $n0,$acc0,$mul1
+ and $mul1,$mask,$mul1
+
+ mulx $car1,$mul1,$car1
+ mulx $npj,$mul1,$acc1 !prologue!
+ srlx $car0,32,$car0
+ add $acc0,$car1,$car1
+ ld [$np+8],$npj !prologue!
+ srlx $car1,32,$car1
+ mov $tmp0,$acc0 !prologue!
+
+.Linner:
+ mulx $apj,$mul0,$tmp0
+ mulx $npj,$mul1,$tmp1
+ add $tpj,$car0,$car0
+ ld [$ap+$j],$apj ! ap[j]
+ add $acc0,$car0,$car0
+ add $acc1,$car1,$car1
+ ld [$np+$j],$npj ! np[j]
+ and $car0,$mask,$acc0
+ ld [$tp+8],$tpj ! tp[j]
+ srlx $car0,32,$car0
+ add $acc0,$car1,$car1
+ add $j,4,$j ! j++
+ mov $tmp0,$acc0
+ st $car1,[$tp] ! tp[j-1]
+ srlx $car1,32,$car1
+ mov $tmp1,$acc1
+ cmp $j,$num
+ bl %icc,.Linner
+ add $tp,4,$tp ! tp++
+!.Linner
+
+ mulx $apj,$mul0,$tmp0 !epilogue!
+ mulx $npj,$mul1,$tmp1
+ add $tpj,$car0,$car0
+ add $acc0,$car0,$car0
+ ld [$tp+8],$tpj ! tp[j]
+ and $car0,$mask,$acc0
+ add $acc1,$car1,$car1
+ srlx $car0,32,$car0
+ add $acc0,$car1,$car1
+ st $car1,[$tp] ! tp[j-1]
+ srlx $car1,32,$car1
+
+ add $tpj,$car0,$car0
+ add $tmp0,$car0,$car0
+ and $car0,$mask,$acc0
+ add $tmp1,$car1,$car1
+ add $acc0,$car1,$car1
+ st $car1,[$tp+4] ! tp[j-1]
+ srlx $car0,32,$car0
+ add $i,4,$i ! i++
+ srlx $car1,32,$car1
+
+ add $car0,$car1,$car1
+ cmp $i,$num
+ add $car2,$car1,$car1
+ st $car1,[$tp+8]
+
+ srlx $car1,32,$car2
+ bl,a %icc,.Louter
+ ld [$bp+$i],$mul0 ! bp[i]
+!.Louter
+
+ add $tp,12,$tp
+
+.Ltail:
+ add $np,$num,$np
+ add $rp,$num,$rp
+ mov $tp,$ap
+ sub %g0,$num,%o7 ! k=-num
+ ba .Lsub
+ subcc %g0,%g0,%g0 ! clear %icc.c
+.align 16
+.Lsub:
+ ld [$tp+%o7],%o0
+ ld [$np+%o7],%o1
+ subccc %o0,%o1,%o1 ! tp[j]-np[j]
+ add $rp,%o7,$i
+ add %o7,4,%o7
+ brnz %o7,.Lsub
+ st %o1,[$i]
+ subc $car2,0,$car2 ! handle upmost overflow bit
+ and $tp,$car2,$ap
+ andn $rp,$car2,$np
+ or $ap,$np,$ap
+ sub %g0,$num,%o7
+
+.Lcopy:
+ ld [$ap+%o7],%o0 ! copy or in-place refresh
+ st %g0,[$tp+%o7] ! zap tp
+ st %o0,[$rp+%o7]
+ add %o7,4,%o7
+ brnz %o7,.Lcopy
+ nop
+ mov 1,%i0
+ ret
+ restore
+___
+
+########
+######## .Lbn_sqr_mont gives up to 20% *overall* improvement over
+######## code without following dedicated squaring procedure.
+########
+$sbit="%i2"; # re-use $bp!
+
+$code.=<<___;
+.align 32
+.Lbn_sqr_mont:
+ mulx $mul0,$mul0,$car0 ! ap[0]*ap[0]
+ mulx $apj,$mul0,$tmp0 !prologue!
+ and $car0,$mask,$acc0
+ add %sp,$bias+$frame,$tp
+ ld [$ap+8],$apj !prologue!
+
+ mulx $n0,$acc0,$mul1 ! "t[0]"*n0
+ srlx $car0,32,$car0
+ and $mul1,$mask,$mul1
+
+ mulx $car1,$mul1,$car1 ! np[0]*"t[0]"*n0
+ mulx $npj,$mul1,$acc1 !prologue!
+ and $car0,1,$sbit
+ ld [$np+8],$npj !prologue!
+ srlx $car0,1,$car0
+ add $acc0,$car1,$car1
+ srlx $car1,32,$car1
+ mov $tmp0,$acc0 !prologue!
+
+.Lsqr_1st:
+ mulx $apj,$mul0,$tmp0
+ mulx $npj,$mul1,$tmp1
+ add $acc0,$car0,$car0 ! ap[j]*a0+c0
+ add $acc1,$car1,$car1
+ ld [$ap+$j],$apj ! ap[j]
+ and $car0,$mask,$acc0
+ ld [$np+$j],$npj ! np[j]
+ srlx $car0,32,$car0
+ add $acc0,$acc0,$acc0
+ or $sbit,$acc0,$acc0
+ mov $tmp1,$acc1
+ srlx $acc0,32,$sbit
+ add $j,4,$j ! j++
+ and $acc0,$mask,$acc0
+ cmp $j,$num
+ add $acc0,$car1,$car1
+ st $car1,[$tp]
+ mov $tmp0,$acc0
+ srlx $car1,32,$car1
+ bl %icc,.Lsqr_1st
+ add $tp,4,$tp ! tp++
+!.Lsqr_1st
+
+ mulx $apj,$mul0,$tmp0 ! epilogue
+ mulx $npj,$mul1,$tmp1
+ add $acc0,$car0,$car0 ! ap[j]*a0+c0
+ add $acc1,$car1,$car1
+ and $car0,$mask,$acc0
+ srlx $car0,32,$car0
+ add $acc0,$acc0,$acc0
+ or $sbit,$acc0,$acc0
+ srlx $acc0,32,$sbit
+ and $acc0,$mask,$acc0
+ add $acc0,$car1,$car1
+ st $car1,[$tp]
+ srlx $car1,32,$car1
+
+ add $tmp0,$car0,$car0 ! ap[j]*a0+c0
+ add $tmp1,$car1,$car1
+ and $car0,$mask,$acc0
+ srlx $car0,32,$car0
+ add $acc0,$acc0,$acc0
+ or $sbit,$acc0,$acc0
+ srlx $acc0,32,$sbit
+ and $acc0,$mask,$acc0
+ add $acc0,$car1,$car1
+ st $car1,[$tp+4]
+ srlx $car1,32,$car1
+
+ add $car0,$car0,$car0
+ or $sbit,$car0,$car0
+ add $car0,$car1,$car1
+ st $car1,[$tp+8]
+ srlx $car1,32,$car2
+
+ ld [%sp+$bias+$frame],$tmp0 ! tp[0]
+ ld [%sp+$bias+$frame+4],$tmp1 ! tp[1]
+ ld [%sp+$bias+$frame+8],$tpj ! tp[2]
+ ld [$ap+4],$mul0 ! ap[1]
+ ld [$ap+8],$apj ! ap[2]
+ ld [$np],$car1 ! np[0]
+ ld [$np+4],$npj ! np[1]
+ mulx $n0,$tmp0,$mul1
+
+ mulx $mul0,$mul0,$car0
+ and $mul1,$mask,$mul1
+
+ mulx $car1,$mul1,$car1
+ mulx $npj,$mul1,$acc1
+ add $tmp0,$car1,$car1
+ and $car0,$mask,$acc0
+ ld [$np+8],$npj ! np[2]
+ srlx $car1,32,$car1
+ add $tmp1,$car1,$car1
+ srlx $car0,32,$car0
+ add $acc0,$car1,$car1
+ and $car0,1,$sbit
+ add $acc1,$car1,$car1
+ srlx $car0,1,$car0
+ mov 12,$j
+ st $car1,[%sp+$bias+$frame] ! tp[0]=
+ srlx $car1,32,$car1
+ add %sp,$bias+$frame+4,$tp
+
+.Lsqr_2nd:
+ mulx $apj,$mul0,$acc0
+ mulx $npj,$mul1,$acc1
+ add $acc0,$car0,$car0
+ add $tpj,$car1,$car1
+ ld [$ap+$j],$apj ! ap[j]
+ and $car0,$mask,$acc0
+ ld [$np+$j],$npj ! np[j]
+ srlx $car0,32,$car0
+ add $acc1,$car1,$car1
+ ld [$tp+8],$tpj ! tp[j]
+ add $acc0,$acc0,$acc0
+ add $j,4,$j ! j++
+ or $sbit,$acc0,$acc0
+ srlx $acc0,32,$sbit
+ and $acc0,$mask,$acc0
+ cmp $j,$num
+ add $acc0,$car1,$car1
+ st $car1,[$tp] ! tp[j-1]
+ srlx $car1,32,$car1
+ bl %icc,.Lsqr_2nd
+ add $tp,4,$tp ! tp++
+!.Lsqr_2nd
+
+ mulx $apj,$mul0,$acc0
+ mulx $npj,$mul1,$acc1
+ add $acc0,$car0,$car0
+ add $tpj,$car1,$car1
+ and $car0,$mask,$acc0
+ srlx $car0,32,$car0
+ add $acc1,$car1,$car1
+ add $acc0,$acc0,$acc0
+ or $sbit,$acc0,$acc0
+ srlx $acc0,32,$sbit
+ and $acc0,$mask,$acc0
+ add $acc0,$car1,$car1
+ st $car1,[$tp] ! tp[j-1]
+ srlx $car1,32,$car1
+
+ add $car0,$car0,$car0
+ or $sbit,$car0,$car0
+ add $car0,$car1,$car1
+ add $car2,$car1,$car1
+ st $car1,[$tp+4]
+ srlx $car1,32,$car2
+
+ ld [%sp+$bias+$frame],$tmp1 ! tp[0]
+ ld [%sp+$bias+$frame+4],$tpj ! tp[1]
+ ld [$ap+8],$mul0 ! ap[2]
+ ld [$np],$car1 ! np[0]
+ ld [$np+4],$npj ! np[1]
+ mulx $n0,$tmp1,$mul1
+ and $mul1,$mask,$mul1
+ mov 8,$i
+
+ mulx $mul0,$mul0,$car0
+ mulx $car1,$mul1,$car1
+ and $car0,$mask,$acc0
+ add $tmp1,$car1,$car1
+ srlx $car0,32,$car0
+ add %sp,$bias+$frame,$tp
+ srlx $car1,32,$car1
+ and $car0,1,$sbit
+ srlx $car0,1,$car0
+ mov 4,$j
+
+.Lsqr_outer:
+.Lsqr_inner1:
+ mulx $npj,$mul1,$acc1
+ add $tpj,$car1,$car1
+ add $j,4,$j
+ ld [$tp+8],$tpj
+ cmp $j,$i
+ add $acc1,$car1,$car1
+ ld [$np+$j],$npj
+ st $car1,[$tp]
+ srlx $car1,32,$car1
+ bl %icc,.Lsqr_inner1
+ add $tp,4,$tp
+!.Lsqr_inner1
+
+ add $j,4,$j
+ ld [$ap+$j],$apj ! ap[j]
+ mulx $npj,$mul1,$acc1
+ add $tpj,$car1,$car1
+ ld [$np+$j],$npj ! np[j]
+ add $acc0,$car1,$car1
+ ld [$tp+8],$tpj ! tp[j]
+ add $acc1,$car1,$car1
+ st $car1,[$tp]
+ srlx $car1,32,$car1
+
+ add $j,4,$j
+ cmp $j,$num
+ be,pn %icc,.Lsqr_no_inner2
+ add $tp,4,$tp
+
+.Lsqr_inner2:
+ mulx $apj,$mul0,$acc0
+ mulx $npj,$mul1,$acc1
+ add $tpj,$car1,$car1
+ add $acc0,$car0,$car0
+ ld [$ap+$j],$apj ! ap[j]
+ and $car0,$mask,$acc0
+ ld [$np+$j],$npj ! np[j]
+ srlx $car0,32,$car0
+ add $acc0,$acc0,$acc0
+ ld [$tp+8],$tpj ! tp[j]
+ or $sbit,$acc0,$acc0
+ add $j,4,$j ! j++
+ srlx $acc0,32,$sbit
+ and $acc0,$mask,$acc0
+ cmp $j,$num
+ add $acc0,$car1,$car1
+ add $acc1,$car1,$car1
+ st $car1,[$tp] ! tp[j-1]
+ srlx $car1,32,$car1
+ bl %icc,.Lsqr_inner2
+ add $tp,4,$tp ! tp++
+
+.Lsqr_no_inner2:
+ mulx $apj,$mul0,$acc0
+ mulx $npj,$mul1,$acc1
+ add $tpj,$car1,$car1
+ add $acc0,$car0,$car0
+ and $car0,$mask,$acc0
+ srlx $car0,32,$car0
+ add $acc0,$acc0,$acc0
+ or $sbit,$acc0,$acc0
+ srlx $acc0,32,$sbit
+ and $acc0,$mask,$acc0
+ add $acc0,$car1,$car1
+ add $acc1,$car1,$car1
+ st $car1,[$tp] ! tp[j-1]
+ srlx $car1,32,$car1
+
+ add $car0,$car0,$car0
+ or $sbit,$car0,$car0
+ add $car0,$car1,$car1
+ add $car2,$car1,$car1
+ st $car1,[$tp+4]
+ srlx $car1,32,$car2
+
+ add $i,4,$i ! i++
+ ld [%sp+$bias+$frame],$tmp1 ! tp[0]
+ ld [%sp+$bias+$frame+4],$tpj ! tp[1]
+ ld [$ap+$i],$mul0 ! ap[j]
+ ld [$np],$car1 ! np[0]
+ ld [$np+4],$npj ! np[1]
+ mulx $n0,$tmp1,$mul1
+ and $mul1,$mask,$mul1
+ add $i,4,$tmp0
+
+ mulx $mul0,$mul0,$car0
+ mulx $car1,$mul1,$car1
+ and $car0,$mask,$acc0
+ add $tmp1,$car1,$car1
+ srlx $car0,32,$car0
+ add %sp,$bias+$frame,$tp
+ srlx $car1,32,$car1
+ and $car0,1,$sbit
+ srlx $car0,1,$car0
+
+ cmp $tmp0,$num ! i<num-1
+ bl %icc,.Lsqr_outer
+ mov 4,$j
+
+.Lsqr_last:
+ mulx $npj,$mul1,$acc1
+ add $tpj,$car1,$car1
+ add $j,4,$j
+ ld [$tp+8],$tpj
+ cmp $j,$i
+ add $acc1,$car1,$car1
+ ld [$np+$j],$npj
+ st $car1,[$tp]
+ srlx $car1,32,$car1
+ bl %icc,.Lsqr_last
+ add $tp,4,$tp
+!.Lsqr_last
+
+ mulx $npj,$mul1,$acc1
+ add $tpj,$car1,$car1
+ add $acc0,$car1,$car1
+ add $acc1,$car1,$car1
+ st $car1,[$tp]
+ srlx $car1,32,$car1
+
+ add $car0,$car0,$car0 ! recover $car0
+ or $sbit,$car0,$car0
+ add $car0,$car1,$car1
+ add $car2,$car1,$car1
+ st $car1,[$tp+4]
+ srlx $car1,32,$car2
+
+ ba .Ltail
+ add $tp,8,$tp
+.type $fname,#function
+.size $fname,(.-$fname)
+.asciz "Montgomery Multipltication for SPARCv9, CRYPTOGAMS by <appro\@openssl.org>"
+.align 32
+___
+$code =~ s/\`([^\`]*)\`/eval($1)/gem;
+print $code;
+close STDOUT;
Copied: trunk/crypto/openssl/crypto/bn/asm/sparcv9a-mont.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/bn/asm/sparcv9a-mont.pl)
===================================================================
--- trunk/crypto/openssl/crypto/bn/asm/sparcv9a-mont.pl (rev 0)
+++ trunk/crypto/openssl/crypto/bn/asm/sparcv9a-mont.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,882 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# October 2005
+#
+# "Teaser" Montgomery multiplication module for UltraSPARC. Why FPU?
+# Because unlike integer multiplier, which simply stalls whole CPU,
+# FPU is fully pipelined and can effectively emit 48 bit partial
+# product every cycle. Why not blended SPARC v9? One can argue that
+# making this module dependent on UltraSPARC VIS extension limits its
+# binary compatibility. Well yes, it does exclude SPARC64 prior-V(!)
+# implementations from compatibility matrix. But the rest, whole Sun
+# UltraSPARC family and brand new Fujitsu's SPARC64 V, all support
+# VIS extension instructions used in this module. This is considered
+# good enough to not care about HAL SPARC64 users [if any] who have
+# integer-only pure SPARCv9 module to "fall down" to.
+
+# USI&II cores currently exhibit uniform 2x improvement [over pre-
+# bn_mul_mont codebase] for all key lengths and benchmarks. On USIII
+# performance improves few percents for shorter keys and worsens few
+# percents for longer keys. This is because USIII integer multiplier
+# is >3x faster than USI&II one, which is harder to match [but see
+# TODO list below]. It should also be noted that SPARC64 V features
+# out-of-order execution, which *might* mean that integer multiplier
+# is pipelined, which in turn *might* be impossible to match... On
+# additional note, SPARC64 V implements FP Multiply-Add instruction,
+# which is perfectly usable in this context... In other words, as far
+# as Fujitsu SPARC64 V goes, talk to the author:-)
+
+# The implementation implies following "non-natural" limitations on
+# input arguments:
+# - num may not be less than 4;
+# - num has to be even;
+# Failure to meet either condition has no fatal effects, simply
+# doesn't give any performance gain.
+
+# TODO:
+# - modulo-schedule inner loop for better performance (on in-order
+# execution core such as UltraSPARC this shall result in further
+# noticeable(!) improvement);
+# - dedicated squaring procedure[?];
+
+######################################################################
+# November 2006
+#
+# Modulo-scheduled inner loops allow to interleave floating point and
+# integer instructions and minimize Read-After-Write penalties. This
+# results in *further* 20-50% perfromance improvement [depending on
+# key length, more for longer keys] on USI&II cores and 30-80% - on
+# USIII&IV.
+
+$fname="bn_mul_mont_fpu";
+$bits=32;
+for (@ARGV) { $bits=64 if (/\-m64/ || /\-xarch\=v9/); }
+
+if ($bits==64) {
+ $bias=2047;
+ $frame=192;
+} else {
+ $bias=0;
+ $frame=128; # 96 rounded up to largest known cache-line
+}
+$locals=64;
+
+# In order to provide for 32-/64-bit ABI duality, I keep integers wider
+# than 32 bit in %g1-%g4 and %o0-%o5. %l0-%l7 and %i0-%i5 are used
+# exclusively for pointers, indexes and other small values...
+# int bn_mul_mont(
+$rp="%i0"; # BN_ULONG *rp,
+$ap="%i1"; # const BN_ULONG *ap,
+$bp="%i2"; # const BN_ULONG *bp,
+$np="%i3"; # const BN_ULONG *np,
+$n0="%i4"; # const BN_ULONG *n0,
+$num="%i5"; # int num);
+
+$tp="%l0"; # t[num]
+$ap_l="%l1"; # a[num],n[num] are smashed to 32-bit words and saved
+$ap_h="%l2"; # to these four vectors as double-precision FP values.
+$np_l="%l3"; # This way a bunch of fxtods are eliminated in second
+$np_h="%l4"; # loop and L1-cache aliasing is minimized...
+$i="%l5";
+$j="%l6";
+$mask="%l7"; # 16-bit mask, 0xffff
+
+$n0="%g4"; # reassigned(!) to "64-bit" register
+$carry="%i4"; # %i4 reused(!) for a carry bit
+
+# FP register naming chart
+#
+# ..HILO
+# dcba
+# --------
+# LOa
+# LOb
+# LOc
+# LOd
+# HIa
+# HIb
+# HIc
+# HId
+# ..a
+# ..b
+$ba="%f0"; $bb="%f2"; $bc="%f4"; $bd="%f6";
+$na="%f8"; $nb="%f10"; $nc="%f12"; $nd="%f14";
+$alo="%f16"; $alo_="%f17"; $ahi="%f18"; $ahi_="%f19";
+$nlo="%f20"; $nlo_="%f21"; $nhi="%f22"; $nhi_="%f23";
+
+$dota="%f24"; $dotb="%f26";
+
+$aloa="%f32"; $alob="%f34"; $aloc="%f36"; $alod="%f38";
+$ahia="%f40"; $ahib="%f42"; $ahic="%f44"; $ahid="%f46";
+$nloa="%f48"; $nlob="%f50"; $nloc="%f52"; $nlod="%f54";
+$nhia="%f56"; $nhib="%f58"; $nhic="%f60"; $nhid="%f62";
+
+$ASI_FL16_P=0xD2; # magic ASI value to engage 16-bit FP load
+
+$code=<<___;
+.section ".text",#alloc,#execinstr
+
+.global $fname
+.align 32
+$fname:
+ save %sp,-$frame-$locals,%sp
+
+ cmp $num,4
+ bl,a,pn %icc,.Lret
+ clr %i0
+ andcc $num,1,%g0 ! $num has to be even...
+ bnz,a,pn %icc,.Lret
+ clr %i0 ! signal "unsupported input value"
+
+ srl $num,1,$num
+ sethi %hi(0xffff),$mask
+ ld [%i4+0],$n0 ! $n0 reassigned, remember?
+ or $mask,%lo(0xffff),$mask
+ ld [%i4+4],%o0
+ sllx %o0,32,%o0
+ or %o0,$n0,$n0 ! $n0=n0[1].n0[0]
+
+ sll $num,3,$num ! num*=8
+
+ add %sp,$bias,%o0 ! real top of stack
+ sll $num,2,%o1
+ add %o1,$num,%o1 ! %o1=num*5
+ sub %o0,%o1,%o0
+ and %o0,-2048,%o0 ! optimize TLB utilization
+ sub %o0,$bias,%sp ! alloca(5*num*8)
+
+ rd %asi,%o7 ! save %asi
+ add %sp,$bias+$frame+$locals,$tp
+ add $tp,$num,$ap_l
+ add $ap_l,$num,$ap_l ! [an]p_[lh] point at the vectors' ends !
+ add $ap_l,$num,$ap_h
+ add $ap_h,$num,$np_l
+ add $np_l,$num,$np_h
+
+ wr %g0,$ASI_FL16_P,%asi ! setup %asi for 16-bit FP loads
+
+ add $rp,$num,$rp ! readjust input pointers to point
+ add $ap,$num,$ap ! at the ends too...
+ add $bp,$num,$bp
+ add $np,$num,$np
+
+ stx %o7,[%sp+$bias+$frame+48] ! save %asi
+
+ sub %g0,$num,$i ! i=-num
+ sub %g0,$num,$j ! j=-num
+
+ add $ap,$j,%o3
+ add $bp,$i,%o4
+
+ ld [%o3+4],%g1 ! bp[0]
+ ld [%o3+0],%o0
+ ld [%o4+4],%g5 ! ap[0]
+ sllx %g1,32,%g1
+ ld [%o4+0],%o1
+ sllx %g5,32,%g5
+ or %g1,%o0,%o0
+ or %g5,%o1,%o1
+
+ add $np,$j,%o5
+
+ mulx %o1,%o0,%o0 ! ap[0]*bp[0]
+ mulx $n0,%o0,%o0 ! ap[0]*bp[0]*n0
+ stx %o0,[%sp+$bias+$frame+0]
+
+ ld [%o3+0],$alo_ ! load a[j] as pair of 32-bit words
+ fzeros $alo
+ ld [%o3+4],$ahi_
+ fzeros $ahi
+ ld [%o5+0],$nlo_ ! load n[j] as pair of 32-bit words
+ fzeros $nlo
+ ld [%o5+4],$nhi_
+ fzeros $nhi
+
+ ! transfer b[i] to FPU as 4x16-bit values
+ ldda [%o4+2]%asi,$ba
+ fxtod $alo,$alo
+ ldda [%o4+0]%asi,$bb
+ fxtod $ahi,$ahi
+ ldda [%o4+6]%asi,$bc
+ fxtod $nlo,$nlo
+ ldda [%o4+4]%asi,$bd
+ fxtod $nhi,$nhi
+
+ ! transfer ap[0]*b[0]*n0 to FPU as 4x16-bit values
+ ldda [%sp+$bias+$frame+6]%asi,$na
+ fxtod $ba,$ba
+ ldda [%sp+$bias+$frame+4]%asi,$nb
+ fxtod $bb,$bb
+ ldda [%sp+$bias+$frame+2]%asi,$nc
+ fxtod $bc,$bc
+ ldda [%sp+$bias+$frame+0]%asi,$nd
+ fxtod $bd,$bd
+
+ std $alo,[$ap_l+$j] ! save smashed ap[j] in double format
+ fxtod $na,$na
+ std $ahi,[$ap_h+$j]
+ fxtod $nb,$nb
+ std $nlo,[$np_l+$j] ! save smashed np[j] in double format
+ fxtod $nc,$nc
+ std $nhi,[$np_h+$j]
+ fxtod $nd,$nd
+
+ fmuld $alo,$ba,$aloa
+ fmuld $nlo,$na,$nloa
+ fmuld $alo,$bb,$alob
+ fmuld $nlo,$nb,$nlob
+ fmuld $alo,$bc,$aloc
+ faddd $aloa,$nloa,$nloa
+ fmuld $nlo,$nc,$nloc
+ fmuld $alo,$bd,$alod
+ faddd $alob,$nlob,$nlob
+ fmuld $nlo,$nd,$nlod
+ fmuld $ahi,$ba,$ahia
+ faddd $aloc,$nloc,$nloc
+ fmuld $nhi,$na,$nhia
+ fmuld $ahi,$bb,$ahib
+ faddd $alod,$nlod,$nlod
+ fmuld $nhi,$nb,$nhib
+ fmuld $ahi,$bc,$ahic
+ faddd $ahia,$nhia,$nhia
+ fmuld $nhi,$nc,$nhic
+ fmuld $ahi,$bd,$ahid
+ faddd $ahib,$nhib,$nhib
+ fmuld $nhi,$nd,$nhid
+
+ faddd $ahic,$nhic,$dota ! $nhic
+ faddd $ahid,$nhid,$dotb ! $nhid
+
+ faddd $nloc,$nhia,$nloc
+ faddd $nlod,$nhib,$nlod
+
+ fdtox $nloa,$nloa
+ fdtox $nlob,$nlob
+ fdtox $nloc,$nloc
+ fdtox $nlod,$nlod
+
+ std $nloa,[%sp+$bias+$frame+0]
+ add $j,8,$j
+ std $nlob,[%sp+$bias+$frame+8]
+ add $ap,$j,%o4
+ std $nloc,[%sp+$bias+$frame+16]
+ add $np,$j,%o5
+ std $nlod,[%sp+$bias+$frame+24]
+
+ ld [%o4+0],$alo_ ! load a[j] as pair of 32-bit words
+ fzeros $alo
+ ld [%o4+4],$ahi_
+ fzeros $ahi
+ ld [%o5+0],$nlo_ ! load n[j] as pair of 32-bit words
+ fzeros $nlo
+ ld [%o5+4],$nhi_
+ fzeros $nhi
+
+ fxtod $alo,$alo
+ fxtod $ahi,$ahi
+ fxtod $nlo,$nlo
+ fxtod $nhi,$nhi
+
+ ldx [%sp+$bias+$frame+0],%o0
+ fmuld $alo,$ba,$aloa
+ ldx [%sp+$bias+$frame+8],%o1
+ fmuld $nlo,$na,$nloa
+ ldx [%sp+$bias+$frame+16],%o2
+ fmuld $alo,$bb,$alob
+ ldx [%sp+$bias+$frame+24],%o3
+ fmuld $nlo,$nb,$nlob
+
+ srlx %o0,16,%o7
+ std $alo,[$ap_l+$j] ! save smashed ap[j] in double format
+ fmuld $alo,$bc,$aloc
+ add %o7,%o1,%o1
+ std $ahi,[$ap_h+$j]
+ faddd $aloa,$nloa,$nloa
+ fmuld $nlo,$nc,$nloc
+ srlx %o1,16,%o7
+ std $nlo,[$np_l+$j] ! save smashed np[j] in double format
+ fmuld $alo,$bd,$alod
+ add %o7,%o2,%o2
+ std $nhi,[$np_h+$j]
+ faddd $alob,$nlob,$nlob
+ fmuld $nlo,$nd,$nlod
+ srlx %o2,16,%o7
+ fmuld $ahi,$ba,$ahia
+ add %o7,%o3,%o3 ! %o3.%o2[0..15].%o1[0..15].%o0[0..15]
+ faddd $aloc,$nloc,$nloc
+ fmuld $nhi,$na,$nhia
+ !and %o0,$mask,%o0
+ !and %o1,$mask,%o1
+ !and %o2,$mask,%o2
+ !sllx %o1,16,%o1
+ !sllx %o2,32,%o2
+ !sllx %o3,48,%o7
+ !or %o1,%o0,%o0
+ !or %o2,%o0,%o0
+ !or %o7,%o0,%o0 ! 64-bit result
+ srlx %o3,16,%g1 ! 34-bit carry
+ fmuld $ahi,$bb,$ahib
+
+ faddd $alod,$nlod,$nlod
+ fmuld $nhi,$nb,$nhib
+ fmuld $ahi,$bc,$ahic
+ faddd $ahia,$nhia,$nhia
+ fmuld $nhi,$nc,$nhic
+ fmuld $ahi,$bd,$ahid
+ faddd $ahib,$nhib,$nhib
+ fmuld $nhi,$nd,$nhid
+
+ faddd $dota,$nloa,$nloa
+ faddd $dotb,$nlob,$nlob
+ faddd $ahic,$nhic,$dota ! $nhic
+ faddd $ahid,$nhid,$dotb ! $nhid
+
+ faddd $nloc,$nhia,$nloc
+ faddd $nlod,$nhib,$nlod
+
+ fdtox $nloa,$nloa
+ fdtox $nlob,$nlob
+ fdtox $nloc,$nloc
+ fdtox $nlod,$nlod
+
+ std $nloa,[%sp+$bias+$frame+0]
+ std $nlob,[%sp+$bias+$frame+8]
+ addcc $j,8,$j
+ std $nloc,[%sp+$bias+$frame+16]
+ bz,pn %icc,.L1stskip
+ std $nlod,[%sp+$bias+$frame+24]
+
+.align 32 ! incidentally already aligned !
+.L1st:
+ add $ap,$j,%o4
+ add $np,$j,%o5
+ ld [%o4+0],$alo_ ! load a[j] as pair of 32-bit words
+ fzeros $alo
+ ld [%o4+4],$ahi_
+ fzeros $ahi
+ ld [%o5+0],$nlo_ ! load n[j] as pair of 32-bit words
+ fzeros $nlo
+ ld [%o5+4],$nhi_
+ fzeros $nhi
+
+ fxtod $alo,$alo
+ fxtod $ahi,$ahi
+ fxtod $nlo,$nlo
+ fxtod $nhi,$nhi
+
+ ldx [%sp+$bias+$frame+0],%o0
+ fmuld $alo,$ba,$aloa
+ ldx [%sp+$bias+$frame+8],%o1
+ fmuld $nlo,$na,$nloa
+ ldx [%sp+$bias+$frame+16],%o2
+ fmuld $alo,$bb,$alob
+ ldx [%sp+$bias+$frame+24],%o3
+ fmuld $nlo,$nb,$nlob
+
+ srlx %o0,16,%o7
+ std $alo,[$ap_l+$j] ! save smashed ap[j] in double format
+ fmuld $alo,$bc,$aloc
+ add %o7,%o1,%o1
+ std $ahi,[$ap_h+$j]
+ faddd $aloa,$nloa,$nloa
+ fmuld $nlo,$nc,$nloc
+ srlx %o1,16,%o7
+ std $nlo,[$np_l+$j] ! save smashed np[j] in double format
+ fmuld $alo,$bd,$alod
+ add %o7,%o2,%o2
+ std $nhi,[$np_h+$j]
+ faddd $alob,$nlob,$nlob
+ fmuld $nlo,$nd,$nlod
+ srlx %o2,16,%o7
+ fmuld $ahi,$ba,$ahia
+ add %o7,%o3,%o3 ! %o3.%o2[0..15].%o1[0..15].%o0[0..15]
+ and %o0,$mask,%o0
+ faddd $aloc,$nloc,$nloc
+ fmuld $nhi,$na,$nhia
+ and %o1,$mask,%o1
+ and %o2,$mask,%o2
+ fmuld $ahi,$bb,$ahib
+ sllx %o1,16,%o1
+ faddd $alod,$nlod,$nlod
+ fmuld $nhi,$nb,$nhib
+ sllx %o2,32,%o2
+ fmuld $ahi,$bc,$ahic
+ sllx %o3,48,%o7
+ or %o1,%o0,%o0
+ faddd $ahia,$nhia,$nhia
+ fmuld $nhi,$nc,$nhic
+ or %o2,%o0,%o0
+ fmuld $ahi,$bd,$ahid
+ or %o7,%o0,%o0 ! 64-bit result
+ faddd $ahib,$nhib,$nhib
+ fmuld $nhi,$nd,$nhid
+ addcc %g1,%o0,%o0
+ faddd $dota,$nloa,$nloa
+ srlx %o3,16,%g1 ! 34-bit carry
+ faddd $dotb,$nlob,$nlob
+ bcs,a %xcc,.+8
+ add %g1,1,%g1
+
+ stx %o0,[$tp] ! tp[j-1]=
+
+ faddd $ahic,$nhic,$dota ! $nhic
+ faddd $ahid,$nhid,$dotb ! $nhid
+
+ faddd $nloc,$nhia,$nloc
+ faddd $nlod,$nhib,$nlod
+
+ fdtox $nloa,$nloa
+ fdtox $nlob,$nlob
+ fdtox $nloc,$nloc
+ fdtox $nlod,$nlod
+
+ std $nloa,[%sp+$bias+$frame+0]
+ std $nlob,[%sp+$bias+$frame+8]
+ std $nloc,[%sp+$bias+$frame+16]
+ std $nlod,[%sp+$bias+$frame+24]
+
+ addcc $j,8,$j
+ bnz,pt %icc,.L1st
+ add $tp,8,$tp
+
+.L1stskip:
+ fdtox $dota,$dota
+ fdtox $dotb,$dotb
+
+ ldx [%sp+$bias+$frame+0],%o0
+ ldx [%sp+$bias+$frame+8],%o1
+ ldx [%sp+$bias+$frame+16],%o2
+ ldx [%sp+$bias+$frame+24],%o3
+
+ srlx %o0,16,%o7
+ std $dota,[%sp+$bias+$frame+32]
+ add %o7,%o1,%o1
+ std $dotb,[%sp+$bias+$frame+40]
+ srlx %o1,16,%o7
+ add %o7,%o2,%o2
+ srlx %o2,16,%o7
+ add %o7,%o3,%o3 ! %o3.%o2[0..15].%o1[0..15].%o0[0..15]
+ and %o0,$mask,%o0
+ and %o1,$mask,%o1
+ and %o2,$mask,%o2
+ sllx %o1,16,%o1
+ sllx %o2,32,%o2
+ sllx %o3,48,%o7
+ or %o1,%o0,%o0
+ or %o2,%o0,%o0
+ or %o7,%o0,%o0 ! 64-bit result
+ ldx [%sp+$bias+$frame+32],%o4
+ addcc %g1,%o0,%o0
+ ldx [%sp+$bias+$frame+40],%o5
+ srlx %o3,16,%g1 ! 34-bit carry
+ bcs,a %xcc,.+8
+ add %g1,1,%g1
+
+ stx %o0,[$tp] ! tp[j-1]=
+ add $tp,8,$tp
+
+ srlx %o4,16,%o7
+ add %o7,%o5,%o5
+ and %o4,$mask,%o4
+ sllx %o5,16,%o7
+ or %o7,%o4,%o4
+ addcc %g1,%o4,%o4
+ srlx %o5,48,%g1
+ bcs,a %xcc,.+8
+ add %g1,1,%g1
+
+ mov %g1,$carry
+ stx %o4,[$tp] ! tp[num-1]=
+
+ ba .Louter
+ add $i,8,$i
+.align 32
+.Louter:
+ sub %g0,$num,$j ! j=-num
+ add %sp,$bias+$frame+$locals,$tp
+
+ add $ap,$j,%o3
+ add $bp,$i,%o4
+
+ ld [%o3+4],%g1 ! bp[i]
+ ld [%o3+0],%o0
+ ld [%o4+4],%g5 ! ap[0]
+ sllx %g1,32,%g1
+ ld [%o4+0],%o1
+ sllx %g5,32,%g5
+ or %g1,%o0,%o0
+ or %g5,%o1,%o1
+
+ ldx [$tp],%o2 ! tp[0]
+ mulx %o1,%o0,%o0
+ addcc %o2,%o0,%o0
+ mulx $n0,%o0,%o0 ! (ap[0]*bp[i]+t[0])*n0
+ stx %o0,[%sp+$bias+$frame+0]
+
+ ! transfer b[i] to FPU as 4x16-bit values
+ ldda [%o4+2]%asi,$ba
+ ldda [%o4+0]%asi,$bb
+ ldda [%o4+6]%asi,$bc
+ ldda [%o4+4]%asi,$bd
+
+ ! transfer (ap[0]*b[i]+t[0])*n0 to FPU as 4x16-bit values
+ ldda [%sp+$bias+$frame+6]%asi,$na
+ fxtod $ba,$ba
+ ldda [%sp+$bias+$frame+4]%asi,$nb
+ fxtod $bb,$bb
+ ldda [%sp+$bias+$frame+2]%asi,$nc
+ fxtod $bc,$bc
+ ldda [%sp+$bias+$frame+0]%asi,$nd
+ fxtod $bd,$bd
+ ldd [$ap_l+$j],$alo ! load a[j] in double format
+ fxtod $na,$na
+ ldd [$ap_h+$j],$ahi
+ fxtod $nb,$nb
+ ldd [$np_l+$j],$nlo ! load n[j] in double format
+ fxtod $nc,$nc
+ ldd [$np_h+$j],$nhi
+ fxtod $nd,$nd
+
+ fmuld $alo,$ba,$aloa
+ fmuld $nlo,$na,$nloa
+ fmuld $alo,$bb,$alob
+ fmuld $nlo,$nb,$nlob
+ fmuld $alo,$bc,$aloc
+ faddd $aloa,$nloa,$nloa
+ fmuld $nlo,$nc,$nloc
+ fmuld $alo,$bd,$alod
+ faddd $alob,$nlob,$nlob
+ fmuld $nlo,$nd,$nlod
+ fmuld $ahi,$ba,$ahia
+ faddd $aloc,$nloc,$nloc
+ fmuld $nhi,$na,$nhia
+ fmuld $ahi,$bb,$ahib
+ faddd $alod,$nlod,$nlod
+ fmuld $nhi,$nb,$nhib
+ fmuld $ahi,$bc,$ahic
+ faddd $ahia,$nhia,$nhia
+ fmuld $nhi,$nc,$nhic
+ fmuld $ahi,$bd,$ahid
+ faddd $ahib,$nhib,$nhib
+ fmuld $nhi,$nd,$nhid
+
+ faddd $ahic,$nhic,$dota ! $nhic
+ faddd $ahid,$nhid,$dotb ! $nhid
+
+ faddd $nloc,$nhia,$nloc
+ faddd $nlod,$nhib,$nlod
+
+ fdtox $nloa,$nloa
+ fdtox $nlob,$nlob
+ fdtox $nloc,$nloc
+ fdtox $nlod,$nlod
+
+ std $nloa,[%sp+$bias+$frame+0]
+ std $nlob,[%sp+$bias+$frame+8]
+ std $nloc,[%sp+$bias+$frame+16]
+ add $j,8,$j
+ std $nlod,[%sp+$bias+$frame+24]
+
+ ldd [$ap_l+$j],$alo ! load a[j] in double format
+ ldd [$ap_h+$j],$ahi
+ ldd [$np_l+$j],$nlo ! load n[j] in double format
+ ldd [$np_h+$j],$nhi
+
+ fmuld $alo,$ba,$aloa
+ fmuld $nlo,$na,$nloa
+ fmuld $alo,$bb,$alob
+ fmuld $nlo,$nb,$nlob
+ fmuld $alo,$bc,$aloc
+ ldx [%sp+$bias+$frame+0],%o0
+ faddd $aloa,$nloa,$nloa
+ fmuld $nlo,$nc,$nloc
+ ldx [%sp+$bias+$frame+8],%o1
+ fmuld $alo,$bd,$alod
+ ldx [%sp+$bias+$frame+16],%o2
+ faddd $alob,$nlob,$nlob
+ fmuld $nlo,$nd,$nlod
+ ldx [%sp+$bias+$frame+24],%o3
+ fmuld $ahi,$ba,$ahia
+
+ srlx %o0,16,%o7
+ faddd $aloc,$nloc,$nloc
+ fmuld $nhi,$na,$nhia
+ add %o7,%o1,%o1
+ fmuld $ahi,$bb,$ahib
+ srlx %o1,16,%o7
+ faddd $alod,$nlod,$nlod
+ fmuld $nhi,$nb,$nhib
+ add %o7,%o2,%o2
+ fmuld $ahi,$bc,$ahic
+ srlx %o2,16,%o7
+ faddd $ahia,$nhia,$nhia
+ fmuld $nhi,$nc,$nhic
+ add %o7,%o3,%o3 ! %o3.%o2[0..15].%o1[0..15].%o0[0..15]
+ ! why?
+ and %o0,$mask,%o0
+ fmuld $ahi,$bd,$ahid
+ and %o1,$mask,%o1
+ and %o2,$mask,%o2
+ faddd $ahib,$nhib,$nhib
+ fmuld $nhi,$nd,$nhid
+ sllx %o1,16,%o1
+ faddd $dota,$nloa,$nloa
+ sllx %o2,32,%o2
+ faddd $dotb,$nlob,$nlob
+ sllx %o3,48,%o7
+ or %o1,%o0,%o0
+ faddd $ahic,$nhic,$dota ! $nhic
+ or %o2,%o0,%o0
+ faddd $ahid,$nhid,$dotb ! $nhid
+ or %o7,%o0,%o0 ! 64-bit result
+ ldx [$tp],%o7
+ faddd $nloc,$nhia,$nloc
+ addcc %o7,%o0,%o0
+ ! end-of-why?
+ faddd $nlod,$nhib,$nlod
+ srlx %o3,16,%g1 ! 34-bit carry
+ fdtox $nloa,$nloa
+ bcs,a %xcc,.+8
+ add %g1,1,%g1
+
+ fdtox $nlob,$nlob
+ fdtox $nloc,$nloc
+ fdtox $nlod,$nlod
+
+ std $nloa,[%sp+$bias+$frame+0]
+ std $nlob,[%sp+$bias+$frame+8]
+ addcc $j,8,$j
+ std $nloc,[%sp+$bias+$frame+16]
+ bz,pn %icc,.Linnerskip
+ std $nlod,[%sp+$bias+$frame+24]
+
+ ba .Linner
+ nop
+.align 32
+.Linner:
+ ldd [$ap_l+$j],$alo ! load a[j] in double format
+ ldd [$ap_h+$j],$ahi
+ ldd [$np_l+$j],$nlo ! load n[j] in double format
+ ldd [$np_h+$j],$nhi
+
+ fmuld $alo,$ba,$aloa
+ fmuld $nlo,$na,$nloa
+ fmuld $alo,$bb,$alob
+ fmuld $nlo,$nb,$nlob
+ fmuld $alo,$bc,$aloc
+ ldx [%sp+$bias+$frame+0],%o0
+ faddd $aloa,$nloa,$nloa
+ fmuld $nlo,$nc,$nloc
+ ldx [%sp+$bias+$frame+8],%o1
+ fmuld $alo,$bd,$alod
+ ldx [%sp+$bias+$frame+16],%o2
+ faddd $alob,$nlob,$nlob
+ fmuld $nlo,$nd,$nlod
+ ldx [%sp+$bias+$frame+24],%o3
+ fmuld $ahi,$ba,$ahia
+
+ srlx %o0,16,%o7
+ faddd $aloc,$nloc,$nloc
+ fmuld $nhi,$na,$nhia
+ add %o7,%o1,%o1
+ fmuld $ahi,$bb,$ahib
+ srlx %o1,16,%o7
+ faddd $alod,$nlod,$nlod
+ fmuld $nhi,$nb,$nhib
+ add %o7,%o2,%o2
+ fmuld $ahi,$bc,$ahic
+ srlx %o2,16,%o7
+ faddd $ahia,$nhia,$nhia
+ fmuld $nhi,$nc,$nhic
+ add %o7,%o3,%o3 ! %o3.%o2[0..15].%o1[0..15].%o0[0..15]
+ and %o0,$mask,%o0
+ fmuld $ahi,$bd,$ahid
+ and %o1,$mask,%o1
+ and %o2,$mask,%o2
+ faddd $ahib,$nhib,$nhib
+ fmuld $nhi,$nd,$nhid
+ sllx %o1,16,%o1
+ faddd $dota,$nloa,$nloa
+ sllx %o2,32,%o2
+ faddd $dotb,$nlob,$nlob
+ sllx %o3,48,%o7
+ or %o1,%o0,%o0
+ faddd $ahic,$nhic,$dota ! $nhic
+ or %o2,%o0,%o0
+ faddd $ahid,$nhid,$dotb ! $nhid
+ or %o7,%o0,%o0 ! 64-bit result
+ faddd $nloc,$nhia,$nloc
+ addcc %g1,%o0,%o0
+ ldx [$tp+8],%o7 ! tp[j]
+ faddd $nlod,$nhib,$nlod
+ srlx %o3,16,%g1 ! 34-bit carry
+ fdtox $nloa,$nloa
+ bcs,a %xcc,.+8
+ add %g1,1,%g1
+ fdtox $nlob,$nlob
+ addcc %o7,%o0,%o0
+ fdtox $nloc,$nloc
+ bcs,a %xcc,.+8
+ add %g1,1,%g1
+
+ stx %o0,[$tp] ! tp[j-1]
+ fdtox $nlod,$nlod
+
+ std $nloa,[%sp+$bias+$frame+0]
+ std $nlob,[%sp+$bias+$frame+8]
+ std $nloc,[%sp+$bias+$frame+16]
+ addcc $j,8,$j
+ std $nlod,[%sp+$bias+$frame+24]
+ bnz,pt %icc,.Linner
+ add $tp,8,$tp
+
+.Linnerskip:
+ fdtox $dota,$dota
+ fdtox $dotb,$dotb
+
+ ldx [%sp+$bias+$frame+0],%o0
+ ldx [%sp+$bias+$frame+8],%o1
+ ldx [%sp+$bias+$frame+16],%o2
+ ldx [%sp+$bias+$frame+24],%o3
+
+ srlx %o0,16,%o7
+ std $dota,[%sp+$bias+$frame+32]
+ add %o7,%o1,%o1
+ std $dotb,[%sp+$bias+$frame+40]
+ srlx %o1,16,%o7
+ add %o7,%o2,%o2
+ srlx %o2,16,%o7
+ add %o7,%o3,%o3 ! %o3.%o2[0..15].%o1[0..15].%o0[0..15]
+ and %o0,$mask,%o0
+ and %o1,$mask,%o1
+ and %o2,$mask,%o2
+ sllx %o1,16,%o1
+ sllx %o2,32,%o2
+ sllx %o3,48,%o7
+ or %o1,%o0,%o0
+ or %o2,%o0,%o0
+ ldx [%sp+$bias+$frame+32],%o4
+ or %o7,%o0,%o0 ! 64-bit result
+ ldx [%sp+$bias+$frame+40],%o5
+ addcc %g1,%o0,%o0
+ ldx [$tp+8],%o7 ! tp[j]
+ srlx %o3,16,%g1 ! 34-bit carry
+ bcs,a %xcc,.+8
+ add %g1,1,%g1
+
+ addcc %o7,%o0,%o0
+ bcs,a %xcc,.+8
+ add %g1,1,%g1
+
+ stx %o0,[$tp] ! tp[j-1]
+ add $tp,8,$tp
+
+ srlx %o4,16,%o7
+ add %o7,%o5,%o5
+ and %o4,$mask,%o4
+ sllx %o5,16,%o7
+ or %o7,%o4,%o4
+ addcc %g1,%o4,%o4
+ srlx %o5,48,%g1
+ bcs,a %xcc,.+8
+ add %g1,1,%g1
+
+ addcc $carry,%o4,%o4
+ stx %o4,[$tp] ! tp[num-1]
+ mov %g1,$carry
+ bcs,a %xcc,.+8
+ add $carry,1,$carry
+
+ addcc $i,8,$i
+ bnz %icc,.Louter
+ nop
+
+ add $tp,8,$tp ! adjust tp to point at the end
+ orn %g0,%g0,%g4
+ sub %g0,$num,%o7 ! n=-num
+ ba .Lsub
+ subcc %g0,%g0,%g0 ! clear %icc.c
+
+.align 32
+.Lsub:
+ ldx [$tp+%o7],%o0
+ add $np,%o7,%g1
+ ld [%g1+0],%o2
+ ld [%g1+4],%o3
+ srlx %o0,32,%o1
+ subccc %o0,%o2,%o2
+ add $rp,%o7,%g1
+ subccc %o1,%o3,%o3
+ st %o2,[%g1+0]
+ add %o7,8,%o7
+ brnz,pt %o7,.Lsub
+ st %o3,[%g1+4]
+ subc $carry,0,%g4
+ sub %g0,$num,%o7 ! n=-num
+ ba .Lcopy
+ nop
+
+.align 32
+.Lcopy:
+ ldx [$tp+%o7],%o0
+ add $rp,%o7,%g1
+ ld [%g1+0],%o2
+ ld [%g1+4],%o3
+ stx %g0,[$tp+%o7]
+ and %o0,%g4,%o0
+ srlx %o0,32,%o1
+ andn %o2,%g4,%o2
+ andn %o3,%g4,%o3
+ or %o2,%o0,%o0
+ or %o3,%o1,%o1
+ st %o0,[%g1+0]
+ add %o7,8,%o7
+ brnz,pt %o7,.Lcopy
+ st %o1,[%g1+4]
+ sub %g0,$num,%o7 ! n=-num
+
+.Lzap:
+ stx %g0,[$ap_l+%o7]
+ stx %g0,[$ap_h+%o7]
+ stx %g0,[$np_l+%o7]
+ stx %g0,[$np_h+%o7]
+ add %o7,8,%o7
+ brnz,pt %o7,.Lzap
+ nop
+
+ ldx [%sp+$bias+$frame+48],%o7
+ wr %g0,%o7,%asi ! restore %asi
+
+ mov 1,%i0
+.Lret:
+ ret
+ restore
+.type $fname,#function
+.size $fname,(.-$fname)
+.asciz "Montgomery Multipltication for UltraSPARC, CRYPTOGAMS by <appro\@openssl.org>"
+.align 32
+___
+
+$code =~ s/\`([^\`]*)\`/eval($1)/gem;
+
+# Below substitution makes it possible to compile without demanding
+# VIS extentions on command line, e.g. -xarch=v9 vs. -xarch=v9a. I
+# dare to do this, because VIS capability is detected at run-time now
+# and this routine is not called on CPU not capable to execute it. Do
+# note that fzeros is not the only VIS dependency! Another dependency
+# is implicit and is just _a_ numerical value loaded to %asi register,
+# which assembler can't recognize as VIS specific...
+$code =~ s/fzeros\s+%f([0-9]+)/
+ sprintf(".word\t0x%x\t! fzeros %%f%d",0x81b00c20|($1<<25),$1)
+ /gem;
+
+print $code;
+# flush
+close STDOUT;
Copied: trunk/crypto/openssl/crypto/bn/asm/via-mont.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/bn/asm/via-mont.pl)
===================================================================
--- trunk/crypto/openssl/crypto/bn/asm/via-mont.pl (rev 0)
+++ trunk/crypto/openssl/crypto/bn/asm/via-mont.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,242 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+#
+# Wrapper around 'rep montmul', VIA-specific instruction accessing
+# PadLock Montgomery Multiplier. The wrapper is designed as drop-in
+# replacement for OpenSSL bn_mul_mont [first implemented in 0.9.9].
+#
+# Below are interleaved outputs from 'openssl speed rsa dsa' for 4
+# different software configurations on 1.5GHz VIA Esther processor.
+# Lines marked with "software integer" denote performance of hand-
+# coded integer-only assembler found in OpenSSL 0.9.7. "Software SSE2"
+# refers to hand-coded SSE2 Montgomery multiplication procedure found
+# OpenSSL 0.9.9. "Hardware VIA SDK" refers to padlock_pmm routine from
+# Padlock SDK 2.0.1 available for download from VIA, which naturally
+# utilizes the magic 'repz montmul' instruction. And finally "hardware
+# this" refers to *this* implementation which also uses 'repz montmul'
+#
+# sign verify sign/s verify/s
+# rsa 512 bits 0.001720s 0.000140s 581.4 7149.7 software integer
+# rsa 512 bits 0.000690s 0.000086s 1450.3 11606.0 software SSE2
+# rsa 512 bits 0.006136s 0.000201s 163.0 4974.5 hardware VIA SDK
+# rsa 512 bits 0.000712s 0.000050s 1404.9 19858.5 hardware this
+#
+# rsa 1024 bits 0.008518s 0.000413s 117.4 2420.8 software integer
+# rsa 1024 bits 0.004275s 0.000277s 233.9 3609.7 software SSE2
+# rsa 1024 bits 0.012136s 0.000260s 82.4 3844.5 hardware VIA SDK
+# rsa 1024 bits 0.002522s 0.000116s 396.5 8650.9 hardware this
+#
+# rsa 2048 bits 0.050101s 0.001371s 20.0 729.6 software integer
+# rsa 2048 bits 0.030273s 0.001008s 33.0 991.9 software SSE2
+# rsa 2048 bits 0.030833s 0.000976s 32.4 1025.1 hardware VIA SDK
+# rsa 2048 bits 0.011879s 0.000342s 84.2 2921.7 hardware this
+#
+# rsa 4096 bits 0.327097s 0.004859s 3.1 205.8 software integer
+# rsa 4096 bits 0.229318s 0.003859s 4.4 259.2 software SSE2
+# rsa 4096 bits 0.233953s 0.003274s 4.3 305.4 hardware VIA SDK
+# rsa 4096 bits 0.070493s 0.001166s 14.2 857.6 hardware this
+#
+# dsa 512 bits 0.001342s 0.001651s 745.2 605.7 software integer
+# dsa 512 bits 0.000844s 0.000987s 1185.3 1013.1 software SSE2
+# dsa 512 bits 0.001902s 0.002247s 525.6 444.9 hardware VIA SDK
+# dsa 512 bits 0.000458s 0.000524s 2182.2 1909.1 hardware this
+#
+# dsa 1024 bits 0.003964s 0.004926s 252.3 203.0 software integer
+# dsa 1024 bits 0.002686s 0.003166s 372.3 315.8 software SSE2
+# dsa 1024 bits 0.002397s 0.002823s 417.1 354.3 hardware VIA SDK
+# dsa 1024 bits 0.000978s 0.001170s 1022.2 855.0 hardware this
+#
+# dsa 2048 bits 0.013280s 0.016518s 75.3 60.5 software integer
+# dsa 2048 bits 0.009911s 0.011522s 100.9 86.8 software SSE2
+# dsa 2048 bits 0.009542s 0.011763s 104.8 85.0 hardware VIA SDK
+# dsa 2048 bits 0.002884s 0.003352s 346.8 298.3 hardware this
+#
+# To give you some other reference point here is output for 2.4GHz P4
+# running hand-coded SSE2 bn_mul_mont found in 0.9.9, i.e. "software
+# SSE2" in above terms.
+#
+# rsa 512 bits 0.000407s 0.000047s 2454.2 21137.0
+# rsa 1024 bits 0.002426s 0.000141s 412.1 7100.0
+# rsa 2048 bits 0.015046s 0.000491s 66.5 2034.9
+# rsa 4096 bits 0.109770s 0.002379s 9.1 420.3
+# dsa 512 bits 0.000438s 0.000525s 2281.1 1904.1
+# dsa 1024 bits 0.001346s 0.001595s 742.7 627.0
+# dsa 2048 bits 0.004745s 0.005582s 210.7 179.1
+#
+# Conclusions:
+# - VIA SDK leaves a *lot* of room for improvement (which this
+# implementation successfully fills:-);
+# - 'rep montmul' gives up to >3x performance improvement depending on
+# key length;
+# - in terms of absolute performance it delivers approximately as much
+# as modern out-of-order 32-bit cores [again, for longer keys].
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
+require "x86asm.pl";
+
+&asm_init($ARGV[0],"via-mont.pl");
+
+# int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_ULONG *np,const BN_ULONG *n0, int num);
+$func="bn_mul_mont_padlock";
+
+$pad=16*1; # amount of reserved bytes on top of every vector
+
+# stack layout
+$mZeroPrime=&DWP(0,"esp"); # these are specified by VIA
+$A=&DWP(4,"esp");
+$B=&DWP(8,"esp");
+$T=&DWP(12,"esp");
+$M=&DWP(16,"esp");
+$scratch=&DWP(20,"esp");
+$rp=&DWP(24,"esp"); # these are mine
+$sp=&DWP(28,"esp");
+# &DWP(32,"esp") # 32 byte scratch area
+# &DWP(64+(4*$num+$pad)*0,"esp") # padded tp[num]
+# &DWP(64+(4*$num+$pad)*1,"esp") # padded copy of ap[num]
+# &DWP(64+(4*$num+$pad)*2,"esp") # padded copy of bp[num]
+# &DWP(64+(4*$num+$pad)*3,"esp") # padded copy of np[num]
+# Note that SDK suggests to unconditionally allocate 2K per vector. This
+# has quite an impact on performance. It naturally depends on key length,
+# but to give an example 1024 bit private RSA key operations suffer >30%
+# penalty. I allocate only as much as actually required...
+
+&function_begin($func);
+ &xor ("eax","eax");
+ &mov ("ecx",&wparam(5)); # num
+ # meet VIA's limitations for num [note that the specification
+ # expresses them in bits, while we work with amount of 32-bit words]
+ &test ("ecx",3);
+ &jnz (&label("leave")); # num % 4 != 0
+ &cmp ("ecx",8);
+ &jb (&label("leave")); # num < 8
+ &cmp ("ecx",1024);
+ &ja (&label("leave")); # num > 1024
+
+ &pushf ();
+ &cld ();
+
+ &mov ("edi",&wparam(0)); # rp
+ &mov ("eax",&wparam(1)); # ap
+ &mov ("ebx",&wparam(2)); # bp
+ &mov ("edx",&wparam(3)); # np
+ &mov ("esi",&wparam(4)); # n0
+ &mov ("esi",&DWP(0,"esi")); # *n0
+
+ &lea ("ecx",&DWP($pad,"","ecx",4)); # ecx becomes vector size in bytes
+ &lea ("ebp",&DWP(64,"","ecx",4)); # allocate 4 vectors + 64 bytes
+ &neg ("ebp");
+ &add ("ebp","esp");
+ &and ("ebp",-64); # align to cache-line
+ &xchg ("ebp","esp"); # alloca
+
+ &mov ($rp,"edi"); # save rp
+ &mov ($sp,"ebp"); # save esp
+
+ &mov ($mZeroPrime,"esi");
+ &lea ("esi",&DWP(64,"esp")); # tp
+ &mov ($T,"esi");
+ &lea ("edi",&DWP(32,"esp")); # scratch area
+ &mov ($scratch,"edi");
+ &mov ("esi","eax");
+
+ &lea ("ebp",&DWP(-$pad,"ecx"));
+ &shr ("ebp",2); # restore original num value in ebp
+
+ &xor ("eax","eax");
+
+ &mov ("ecx","ebp");
+ &lea ("ecx",&DWP((32+$pad)/4,"ecx"));# padded tp + scratch
+ &data_byte(0xf3,0xab); # rep stosl, bzero
+
+ &mov ("ecx","ebp");
+ &lea ("edi",&DWP(64+$pad,"esp","ecx",4));# pointer to ap copy
+ &mov ($A,"edi");
+ &data_byte(0xf3,0xa5); # rep movsl, memcpy
+ &mov ("ecx",$pad/4);
+ &data_byte(0xf3,0xab); # rep stosl, bzero pad
+ # edi points at the end of padded ap copy...
+
+ &mov ("ecx","ebp");
+ &mov ("esi","ebx");
+ &mov ($B,"edi");
+ &data_byte(0xf3,0xa5); # rep movsl, memcpy
+ &mov ("ecx",$pad/4);
+ &data_byte(0xf3,0xab); # rep stosl, bzero pad
+ # edi points at the end of padded bp copy...
+
+ &mov ("ecx","ebp");
+ &mov ("esi","edx");
+ &mov ($M,"edi");
+ &data_byte(0xf3,0xa5); # rep movsl, memcpy
+ &mov ("ecx",$pad/4);
+ &data_byte(0xf3,0xab); # rep stosl, bzero pad
+ # edi points at the end of padded np copy...
+
+ # let magic happen...
+ &mov ("ecx","ebp");
+ &mov ("esi","esp");
+ &shl ("ecx",5); # convert word counter to bit counter
+ &align (4);
+ &data_byte(0xf3,0x0f,0xa6,0xc0);# rep montmul
+
+ &mov ("ecx","ebp");
+ &lea ("esi",&DWP(64,"esp")); # tp
+ # edi still points at the end of padded np copy...
+ &neg ("ebp");
+ &lea ("ebp",&DWP(-$pad,"edi","ebp",4)); # so just "rewind"
+ &mov ("edi",$rp); # restore rp
+ &xor ("edx","edx"); # i=0 and clear CF
+
+&set_label("sub",8);
+ &mov ("eax",&DWP(0,"esi","edx",4));
+ &sbb ("eax",&DWP(0,"ebp","edx",4));
+ &mov (&DWP(0,"edi","edx",4),"eax"); # rp[i]=tp[i]-np[i]
+ &lea ("edx",&DWP(1,"edx")); # i++
+ &loop (&label("sub")); # doesn't affect CF!
+
+ &mov ("eax",&DWP(0,"esi","edx",4)); # upmost overflow bit
+ &sbb ("eax",0);
+ &and ("esi","eax");
+ ¬ ("eax");
+ &mov ("ebp","edi");
+ &and ("ebp","eax");
+ &or ("esi","ebp"); # tp=carry?tp:rp
+
+ &mov ("ecx","edx"); # num
+ &xor ("edx","edx"); # i=0
+
+&set_label("copy",8);
+ &mov ("eax",&DWP(0,"esi","edx",4));
+ &mov (&DWP(64,"esp","edx",4),"ecx"); # zap tp
+ &mov (&DWP(0,"edi","edx",4),"eax");
+ &lea ("edx",&DWP(1,"edx")); # i++
+ &loop (&label("copy"));
+
+ &mov ("ebp",$sp);
+ &xor ("eax","eax");
+
+ &mov ("ecx",64/4);
+ &mov ("edi","esp"); # zap frame including scratch area
+ &data_byte(0xf3,0xab); # rep stosl, bzero
+
+ # zap copies of ap, bp and np
+ &lea ("edi",&DWP(64+$pad,"esp","edx",4));# pointer to ap
+ &lea ("ecx",&DWP(3*$pad/4,"edx","edx",2));
+ &data_byte(0xf3,0xab); # rep stosl, bzero
+
+ &mov ("esp","ebp");
+ &inc ("eax"); # signal "done"
+ &popf ();
+&set_label("leave");
+&function_end($func);
+
+&asciz("Padlock Montgomery Multiplication, CRYPTOGAMS by <appro\@openssl.org>");
+
+&asm_finish();
Copied: trunk/crypto/openssl/crypto/bn/asm/x86-gf2m.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/bn/asm/x86-gf2m.pl)
===================================================================
--- trunk/crypto/openssl/crypto/bn/asm/x86-gf2m.pl (rev 0)
+++ trunk/crypto/openssl/crypto/bn/asm/x86-gf2m.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,313 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+#
+# May 2011
+#
+# The module implements bn_GF2m_mul_2x2 polynomial multiplication used
+# in bn_gf2m.c. It's kind of low-hanging mechanical port from C for
+# the time being... Except that it has three code paths: pure integer
+# code suitable for any x86 CPU, MMX code suitable for PIII and later
+# and PCLMULQDQ suitable for Westmere and later. Improvement varies
+# from one benchmark and \xB5-arch to another. Below are interval values
+# for 163- and 571-bit ECDH benchmarks relative to compiler-generated
+# code:
+#
+# PIII 16%-30%
+# P4 12%-12%
+# Opteron 18%-40%
+# Core2 19%-44%
+# Atom 38%-64%
+# Westmere 53%-121%(PCLMULQDQ)/20%-32%(MMX)
+# Sandy Bridge 72%-127%(PCLMULQDQ)/27%-23%(MMX)
+#
+# Note that above improvement coefficients are not coefficients for
+# bn_GF2m_mul_2x2 itself. For example 120% ECDH improvement is result
+# of bn_GF2m_mul_2x2 being >4x faster. As it gets faster, benchmark
+# is more and more dominated by other subroutines, most notably by
+# BN_GF2m_mod[_mul]_arr...
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
+require "x86asm.pl";
+
+&asm_init($ARGV[0],$0,$x86only = $ARGV[$#ARGV] eq "386");
+
+$sse2=0;
+for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); }
+
+&external_label("OPENSSL_ia32cap_P") if ($sse2);
+
+$a="eax";
+$b="ebx";
+($a1,$a2,$a4)=("ecx","edx","ebp");
+
+$R="mm0";
+ at T=("mm1","mm2");
+($A,$B,$B30,$B31)=("mm2","mm3","mm4","mm5");
+ at i=("esi","edi");
+
+ if (!$x86only) {
+&function_begin_B("_mul_1x1_mmx");
+ &sub ("esp",32+4);
+ &mov ($a1,$a);
+ &lea ($a2,&DWP(0,$a,$a));
+ &and ($a1,0x3fffffff);
+ &lea ($a4,&DWP(0,$a2,$a2));
+ &mov (&DWP(0*4,"esp"),0);
+ &and ($a2,0x7fffffff);
+ &movd ($A,$a);
+ &movd ($B,$b);
+ &mov (&DWP(1*4,"esp"),$a1); # a1
+ &xor ($a1,$a2); # a1^a2
+ &pxor ($B31,$B31);
+ &pxor ($B30,$B30);
+ &mov (&DWP(2*4,"esp"),$a2); # a2
+ &xor ($a2,$a4); # a2^a4
+ &mov (&DWP(3*4,"esp"),$a1); # a1^a2
+ &pcmpgtd($B31,$A); # broadcast 31st bit
+ &paddd ($A,$A); # $A<<=1
+ &xor ($a1,$a2); # a1^a4=a1^a2^a2^a4
+ &mov (&DWP(4*4,"esp"),$a4); # a4
+ &xor ($a4,$a2); # a2=a4^a2^a4
+ &pand ($B31,$B);
+ &pcmpgtd($B30,$A); # broadcast 30th bit
+ &mov (&DWP(5*4,"esp"),$a1); # a1^a4
+ &xor ($a4,$a1); # a1^a2^a4
+ &psllq ($B31,31);
+ &pand ($B30,$B);
+ &mov (&DWP(6*4,"esp"),$a2); # a2^a4
+ &mov (@i[0],0x7);
+ &mov (&DWP(7*4,"esp"),$a4); # a1^a2^a4
+ &mov ($a4, at i[0]);
+ &and (@i[0],$b);
+ &shr ($b,3);
+ &mov (@i[1],$a4);
+ &psllq ($B30,30);
+ &and (@i[1],$b);
+ &shr ($b,3);
+ &movd ($R,&DWP(0,"esp", at i[0],4));
+ &mov (@i[0],$a4);
+ &and (@i[0],$b);
+ &shr ($b,3);
+ for($n=1;$n<9;$n++) {
+ &movd (@T[1],&DWP(0,"esp", at i[1],4));
+ &mov (@i[1],$a4);
+ &psllq (@T[1],3*$n);
+ &and (@i[1],$b);
+ &shr ($b,3);
+ &pxor ($R, at T[1]);
+
+ push(@i,shift(@i)); push(@T,shift(@T));
+ }
+ &movd (@T[1],&DWP(0,"esp", at i[1],4));
+ &pxor ($R,$B30);
+ &psllq (@T[1],3*$n++);
+ &pxor ($R, at T[1]);
+
+ &movd (@T[0],&DWP(0,"esp", at i[0],4));
+ &pxor ($R,$B31);
+ &psllq (@T[0],3*$n);
+ &add ("esp",32+4);
+ &pxor ($R, at T[0]);
+ &ret ();
+&function_end_B("_mul_1x1_mmx");
+ }
+
+($lo,$hi)=("eax","edx");
+ at T=("ecx","ebp");
+
+&function_begin_B("_mul_1x1_ialu");
+ &sub ("esp",32+4);
+ &mov ($a1,$a);
+ &lea ($a2,&DWP(0,$a,$a));
+ &lea ($a4,&DWP(0,"",$a,4));
+ &and ($a1,0x3fffffff);
+ &lea (@i[1],&DWP(0,$lo,$lo));
+ &sar ($lo,31); # broadcast 31st bit
+ &mov (&DWP(0*4,"esp"),0);
+ &and ($a2,0x7fffffff);
+ &mov (&DWP(1*4,"esp"),$a1); # a1
+ &xor ($a1,$a2); # a1^a2
+ &mov (&DWP(2*4,"esp"),$a2); # a2
+ &xor ($a2,$a4); # a2^a4
+ &mov (&DWP(3*4,"esp"),$a1); # a1^a2
+ &xor ($a1,$a2); # a1^a4=a1^a2^a2^a4
+ &mov (&DWP(4*4,"esp"),$a4); # a4
+ &xor ($a4,$a2); # a2=a4^a2^a4
+ &mov (&DWP(5*4,"esp"),$a1); # a1^a4
+ &xor ($a4,$a1); # a1^a2^a4
+ &sar (@i[1],31); # broardcast 30th bit
+ &and ($lo,$b);
+ &mov (&DWP(6*4,"esp"),$a2); # a2^a4
+ &and (@i[1],$b);
+ &mov (&DWP(7*4,"esp"),$a4); # a1^a2^a4
+ &mov ($hi,$lo);
+ &shl ($lo,31);
+ &mov (@T[0], at i[1]);
+ &shr ($hi,1);
+
+ &mov (@i[0],0x7);
+ &shl (@i[1],30);
+ &and (@i[0],$b);
+ &shr (@T[0],2);
+ &xor ($lo, at i[1]);
+
+ &shr ($b,3);
+ &mov (@i[1],0x7); # 5-byte instruction!?
+ &and (@i[1],$b);
+ &shr ($b,3);
+ &xor ($hi, at T[0]);
+ &xor ($lo,&DWP(0,"esp", at i[0],4));
+ &mov (@i[0],0x7);
+ &and (@i[0],$b);
+ &shr ($b,3);
+ for($n=1;$n<9;$n++) {
+ &mov (@T[1],&DWP(0,"esp", at i[1],4));
+ &mov (@i[1],0x7);
+ &mov (@T[0], at T[1]);
+ &shl (@T[1],3*$n);
+ &and (@i[1],$b);
+ &shr (@T[0],32-3*$n);
+ &xor ($lo, at T[1]);
+ &shr ($b,3);
+ &xor ($hi, at T[0]);
+
+ push(@i,shift(@i)); push(@T,shift(@T));
+ }
+ &mov (@T[1],&DWP(0,"esp", at i[1],4));
+ &mov (@T[0], at T[1]);
+ &shl (@T[1],3*$n);
+ &mov (@i[1],&DWP(0,"esp", at i[0],4));
+ &shr (@T[0],32-3*$n); $n++;
+ &mov (@i[0], at i[1]);
+ &xor ($lo, at T[1]);
+ &shl (@i[1],3*$n);
+ &xor ($hi, at T[0]);
+ &shr (@i[0],32-3*$n);
+ &xor ($lo, at i[1]);
+ &xor ($hi, at i[0]);
+
+ &add ("esp",32+4);
+ &ret ();
+&function_end_B("_mul_1x1_ialu");
+
+# void bn_GF2m_mul_2x2(BN_ULONG *r, BN_ULONG a1, BN_ULONG a0, BN_ULONG b1, BN_ULONG b0);
+&function_begin_B("bn_GF2m_mul_2x2");
+if (!$x86only) {
+ &picmeup("edx","OPENSSL_ia32cap_P");
+ &mov ("eax",&DWP(0,"edx"));
+ &mov ("edx",&DWP(4,"edx"));
+ &test ("eax",1<<23); # check MMX bit
+ &jz (&label("ialu"));
+if ($sse2) {
+ &test ("eax",1<<24); # check FXSR bit
+ &jz (&label("mmx"));
+ &test ("edx",1<<1); # check PCLMULQDQ bit
+ &jz (&label("mmx"));
+
+ &movups ("xmm0",&QWP(8,"esp"));
+ &shufps ("xmm0","xmm0",0b10110001);
+ &pclmulqdq ("xmm0","xmm0",1);
+ &mov ("eax",&DWP(4,"esp"));
+ &movups (&QWP(0,"eax"),"xmm0");
+ &ret ();
+
+&set_label("mmx",16);
+}
+ &push ("ebp");
+ &push ("ebx");
+ &push ("esi");
+ &push ("edi");
+ &mov ($a,&wparam(1));
+ &mov ($b,&wparam(3));
+ &call ("_mul_1x1_mmx"); # a1\xB7b1
+ &movq ("mm7",$R);
+
+ &mov ($a,&wparam(2));
+ &mov ($b,&wparam(4));
+ &call ("_mul_1x1_mmx"); # a0\xB7b0
+ &movq ("mm6",$R);
+
+ &mov ($a,&wparam(1));
+ &mov ($b,&wparam(3));
+ &xor ($a,&wparam(2));
+ &xor ($b,&wparam(4));
+ &call ("_mul_1x1_mmx"); # (a0+a1)\xB7(b0+b1)
+ &pxor ($R,"mm7");
+ &mov ($a,&wparam(0));
+ &pxor ($R,"mm6"); # (a0+a1)\xB7(b0+b1)-a1\xB7b1-a0\xB7b0
+
+ &movq ($A,$R);
+ &psllq ($R,32);
+ &pop ("edi");
+ &psrlq ($A,32);
+ &pop ("esi");
+ &pxor ($R,"mm6");
+ &pop ("ebx");
+ &pxor ($A,"mm7");
+ &movq (&QWP(0,$a),$R);
+ &pop ("ebp");
+ &movq (&QWP(8,$a),$A);
+ &emms ();
+ &ret ();
+&set_label("ialu",16);
+}
+ &push ("ebp");
+ &push ("ebx");
+ &push ("esi");
+ &push ("edi");
+ &stack_push(4+1);
+
+ &mov ($a,&wparam(1));
+ &mov ($b,&wparam(3));
+ &call ("_mul_1x1_ialu"); # a1\xB7b1
+ &mov (&DWP(8,"esp"),$lo);
+ &mov (&DWP(12,"esp"),$hi);
+
+ &mov ($a,&wparam(2));
+ &mov ($b,&wparam(4));
+ &call ("_mul_1x1_ialu"); # a0\xB7b0
+ &mov (&DWP(0,"esp"),$lo);
+ &mov (&DWP(4,"esp"),$hi);
+
+ &mov ($a,&wparam(1));
+ &mov ($b,&wparam(3));
+ &xor ($a,&wparam(2));
+ &xor ($b,&wparam(4));
+ &call ("_mul_1x1_ialu"); # (a0+a1)\xB7(b0+b1)
+
+ &mov ("ebp",&wparam(0));
+ @r=("ebx","ecx","edi","esi");
+ &mov (@r[0],&DWP(0,"esp"));
+ &mov (@r[1],&DWP(4,"esp"));
+ &mov (@r[2],&DWP(8,"esp"));
+ &mov (@r[3],&DWP(12,"esp"));
+
+ &xor ($lo,$hi);
+ &xor ($hi, at r[1]);
+ &xor ($lo, at r[0]);
+ &mov (&DWP(0,"ebp"), at r[0]);
+ &xor ($hi, at r[2]);
+ &mov (&DWP(12,"ebp"), at r[3]);
+ &xor ($lo, at r[3]);
+ &stack_pop(4+1);
+ &xor ($hi, at r[3]);
+ &pop ("edi");
+ &xor ($lo,$hi);
+ &pop ("esi");
+ &mov (&DWP(8,"ebp"),$hi);
+ &pop ("ebx");
+ &mov (&DWP(4,"ebp"),$lo);
+ &pop ("ebp");
+ &ret ();
+&function_end_B("bn_GF2m_mul_2x2");
+
+&asciz ("GF(2^m) Multiplication for x86, CRYPTOGAMS by <appro\@openssl.org>");
+
+&asm_finish();
Copied: trunk/crypto/openssl/crypto/bn/asm/x86-mont.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/bn/asm/x86-mont.pl)
===================================================================
--- trunk/crypto/openssl/crypto/bn/asm/x86-mont.pl (rev 0)
+++ trunk/crypto/openssl/crypto/bn/asm/x86-mont.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,593 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# October 2005
+#
+# This is a "teaser" code, as it can be improved in several ways...
+# First of all non-SSE2 path should be implemented (yes, for now it
+# performs Montgomery multiplication/convolution only on SSE2-capable
+# CPUs such as P4, others fall down to original code). Then inner loop
+# can be unrolled and modulo-scheduled to improve ILP and possibly
+# moved to 128-bit XMM register bank (though it would require input
+# rearrangement and/or increase bus bandwidth utilization). Dedicated
+# squaring procedure should give further performance improvement...
+# Yet, for being draft, the code improves rsa512 *sign* benchmark by
+# 110%(!), rsa1024 one - by 70% and rsa4096 - by 20%:-)
+
+# December 2006
+#
+# Modulo-scheduling SSE2 loops results in further 15-20% improvement.
+# Integer-only code [being equipped with dedicated squaring procedure]
+# gives ~40% on rsa512 sign benchmark...
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
+require "x86asm.pl";
+
+&asm_init($ARGV[0],$0);
+
+$sse2=0;
+for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); }
+
+&external_label("OPENSSL_ia32cap_P") if ($sse2);
+
+&function_begin("bn_mul_mont");
+
+$i="edx";
+$j="ecx";
+$ap="esi"; $tp="esi"; # overlapping variables!!!
+$rp="edi"; $bp="edi"; # overlapping variables!!!
+$np="ebp";
+$num="ebx";
+
+$_num=&DWP(4*0,"esp"); # stack top layout
+$_rp=&DWP(4*1,"esp");
+$_ap=&DWP(4*2,"esp");
+$_bp=&DWP(4*3,"esp");
+$_np=&DWP(4*4,"esp");
+$_n0=&DWP(4*5,"esp"); $_n0q=&QWP(4*5,"esp");
+$_sp=&DWP(4*6,"esp");
+$_bpend=&DWP(4*7,"esp");
+$frame=32; # size of above frame rounded up to 16n
+
+ &xor ("eax","eax");
+ &mov ("edi",&wparam(5)); # int num
+ &cmp ("edi",4);
+ &jl (&label("just_leave"));
+
+ &lea ("esi",&wparam(0)); # put aside pointer to argument block
+ &lea ("edx",&wparam(1)); # load ap
+ &mov ("ebp","esp"); # saved stack pointer!
+ &add ("edi",2); # extra two words on top of tp
+ &neg ("edi");
+ &lea ("esp",&DWP(-$frame,"esp","edi",4)); # alloca($frame+4*(num+2))
+ &neg ("edi");
+
+ # minimize cache contention by arraning 2K window between stack
+ # pointer and ap argument [np is also position sensitive vector,
+ # but it's assumed to be near ap, as it's allocated at ~same
+ # time].
+ &mov ("eax","esp");
+ &sub ("eax","edx");
+ &and ("eax",2047);
+ &sub ("esp","eax"); # this aligns sp and ap modulo 2048
+
+ &xor ("edx","esp");
+ &and ("edx",2048);
+ &xor ("edx",2048);
+ &sub ("esp","edx"); # this splits them apart modulo 4096
+
+ &and ("esp",-64); # align to cache line
+
+ ################################# load argument block...
+ &mov ("eax",&DWP(0*4,"esi"));# BN_ULONG *rp
+ &mov ("ebx",&DWP(1*4,"esi"));# const BN_ULONG *ap
+ &mov ("ecx",&DWP(2*4,"esi"));# const BN_ULONG *bp
+ &mov ("edx",&DWP(3*4,"esi"));# const BN_ULONG *np
+ &mov ("esi",&DWP(4*4,"esi"));# const BN_ULONG *n0
+ #&mov ("edi",&DWP(5*4,"esi"));# int num
+
+ &mov ("esi",&DWP(0,"esi")); # pull n0[0]
+ &mov ($_rp,"eax"); # ... save a copy of argument block
+ &mov ($_ap,"ebx");
+ &mov ($_bp,"ecx");
+ &mov ($_np,"edx");
+ &mov ($_n0,"esi");
+ &lea ($num,&DWP(-3,"edi")); # num=num-1 to assist modulo-scheduling
+ #&mov ($_num,$num); # redundant as $num is not reused
+ &mov ($_sp,"ebp"); # saved stack pointer!
+
+if($sse2) {
+$acc0="mm0"; # mmx register bank layout
+$acc1="mm1";
+$car0="mm2";
+$car1="mm3";
+$mul0="mm4";
+$mul1="mm5";
+$temp="mm6";
+$mask="mm7";
+
+ &picmeup("eax","OPENSSL_ia32cap_P");
+ &bt (&DWP(0,"eax"),26);
+ &jnc (&label("non_sse2"));
+
+ &mov ("eax",-1);
+ &movd ($mask,"eax"); # mask 32 lower bits
+
+ &mov ($ap,$_ap); # load input pointers
+ &mov ($bp,$_bp);
+ &mov ($np,$_np);
+
+ &xor ($i,$i); # i=0
+ &xor ($j,$j); # j=0
+
+ &movd ($mul0,&DWP(0,$bp)); # bp[0]
+ &movd ($mul1,&DWP(0,$ap)); # ap[0]
+ &movd ($car1,&DWP(0,$np)); # np[0]
+
+ &pmuludq($mul1,$mul0); # ap[0]*bp[0]
+ &movq ($car0,$mul1);
+ &movq ($acc0,$mul1); # I wish movd worked for
+ &pand ($acc0,$mask); # inter-register transfers
+
+ &pmuludq($mul1,$_n0q); # *=n0
+
+ &pmuludq($car1,$mul1); # "t[0]"*np[0]*n0
+ &paddq ($car1,$acc0);
+
+ &movd ($acc1,&DWP(4,$np)); # np[1]
+ &movd ($acc0,&DWP(4,$ap)); # ap[1]
+
+ &psrlq ($car0,32);
+ &psrlq ($car1,32);
+
+ &inc ($j); # j++
+&set_label("1st",16);
+ &pmuludq($acc0,$mul0); # ap[j]*bp[0]
+ &pmuludq($acc1,$mul1); # np[j]*m1
+ &paddq ($car0,$acc0); # +=c0
+ &paddq ($car1,$acc1); # +=c1
+
+ &movq ($acc0,$car0);
+ &pand ($acc0,$mask);
+ &movd ($acc1,&DWP(4,$np,$j,4)); # np[j+1]
+ &paddq ($car1,$acc0); # +=ap[j]*bp[0];
+ &movd ($acc0,&DWP(4,$ap,$j,4)); # ap[j+1]
+ &psrlq ($car0,32);
+ &movd (&DWP($frame-4,"esp",$j,4),$car1); # tp[j-1]=
+ &psrlq ($car1,32);
+
+ &lea ($j,&DWP(1,$j));
+ &cmp ($j,$num);
+ &jl (&label("1st"));
+
+ &pmuludq($acc0,$mul0); # ap[num-1]*bp[0]
+ &pmuludq($acc1,$mul1); # np[num-1]*m1
+ &paddq ($car0,$acc0); # +=c0
+ &paddq ($car1,$acc1); # +=c1
+
+ &movq ($acc0,$car0);
+ &pand ($acc0,$mask);
+ &paddq ($car1,$acc0); # +=ap[num-1]*bp[0];
+ &movd (&DWP($frame-4,"esp",$j,4),$car1); # tp[num-2]=
+
+ &psrlq ($car0,32);
+ &psrlq ($car1,32);
+
+ &paddq ($car1,$car0);
+ &movq (&QWP($frame,"esp",$num,4),$car1); # tp[num].tp[num-1]
+
+ &inc ($i); # i++
+&set_label("outer");
+ &xor ($j,$j); # j=0
+
+ &movd ($mul0,&DWP(0,$bp,$i,4)); # bp[i]
+ &movd ($mul1,&DWP(0,$ap)); # ap[0]
+ &movd ($temp,&DWP($frame,"esp")); # tp[0]
+ &movd ($car1,&DWP(0,$np)); # np[0]
+ &pmuludq($mul1,$mul0); # ap[0]*bp[i]
+
+ &paddq ($mul1,$temp); # +=tp[0]
+ &movq ($acc0,$mul1);
+ &movq ($car0,$mul1);
+ &pand ($acc0,$mask);
+
+ &pmuludq($mul1,$_n0q); # *=n0
+
+ &pmuludq($car1,$mul1);
+ &paddq ($car1,$acc0);
+
+ &movd ($temp,&DWP($frame+4,"esp")); # tp[1]
+ &movd ($acc1,&DWP(4,$np)); # np[1]
+ &movd ($acc0,&DWP(4,$ap)); # ap[1]
+
+ &psrlq ($car0,32);
+ &psrlq ($car1,32);
+ &paddq ($car0,$temp); # +=tp[1]
+
+ &inc ($j); # j++
+ &dec ($num);
+&set_label("inner");
+ &pmuludq($acc0,$mul0); # ap[j]*bp[i]
+ &pmuludq($acc1,$mul1); # np[j]*m1
+ &paddq ($car0,$acc0); # +=c0
+ &paddq ($car1,$acc1); # +=c1
+
+ &movq ($acc0,$car0);
+ &movd ($temp,&DWP($frame+4,"esp",$j,4));# tp[j+1]
+ &pand ($acc0,$mask);
+ &movd ($acc1,&DWP(4,$np,$j,4)); # np[j+1]
+ &paddq ($car1,$acc0); # +=ap[j]*bp[i]+tp[j]
+ &movd ($acc0,&DWP(4,$ap,$j,4)); # ap[j+1]
+ &psrlq ($car0,32);
+ &movd (&DWP($frame-4,"esp",$j,4),$car1);# tp[j-1]=
+ &psrlq ($car1,32);
+ &paddq ($car0,$temp); # +=tp[j+1]
+
+ &dec ($num);
+ &lea ($j,&DWP(1,$j)); # j++
+ &jnz (&label("inner"));
+
+ &mov ($num,$j);
+ &pmuludq($acc0,$mul0); # ap[num-1]*bp[i]
+ &pmuludq($acc1,$mul1); # np[num-1]*m1
+ &paddq ($car0,$acc0); # +=c0
+ &paddq ($car1,$acc1); # +=c1
+
+ &movq ($acc0,$car0);
+ &pand ($acc0,$mask);
+ &paddq ($car1,$acc0); # +=ap[num-1]*bp[i]+tp[num-1]
+ &movd (&DWP($frame-4,"esp",$j,4),$car1); # tp[num-2]=
+ &psrlq ($car0,32);
+ &psrlq ($car1,32);
+
+ &movd ($temp,&DWP($frame+4,"esp",$num,4)); # += tp[num]
+ &paddq ($car1,$car0);
+ &paddq ($car1,$temp);
+ &movq (&QWP($frame,"esp",$num,4),$car1); # tp[num].tp[num-1]
+
+ &lea ($i,&DWP(1,$i)); # i++
+ &cmp ($i,$num);
+ &jle (&label("outer"));
+
+ &emms (); # done with mmx bank
+ &jmp (&label("common_tail"));
+
+&set_label("non_sse2",16);
+}
+
+if (0) {
+ &mov ("esp",$_sp);
+ &xor ("eax","eax"); # signal "not fast enough [yet]"
+ &jmp (&label("just_leave"));
+ # While the below code provides competitive performance for
+ # all key lengthes on modern Intel cores, it's still more
+ # than 10% slower for 4096-bit key elsewhere:-( "Competitive"
+ # means compared to the original integer-only assembler.
+ # 512-bit RSA sign is better by ~40%, but that's about all
+ # one can say about all CPUs...
+} else {
+$inp="esi"; # integer path uses these registers differently
+$word="edi";
+$carry="ebp";
+
+ &mov ($inp,$_ap);
+ &lea ($carry,&DWP(1,$num));
+ &mov ($word,$_bp);
+ &xor ($j,$j); # j=0
+ &mov ("edx",$inp);
+ &and ($carry,1); # see if num is even
+ &sub ("edx",$word); # see if ap==bp
+ &lea ("eax",&DWP(4,$word,$num,4)); # &bp[num]
+ &or ($carry,"edx");
+ &mov ($word,&DWP(0,$word)); # bp[0]
+ &jz (&label("bn_sqr_mont"));
+ &mov ($_bpend,"eax");
+ &mov ("eax",&DWP(0,$inp));
+ &xor ("edx","edx");
+
+&set_label("mull",16);
+ &mov ($carry,"edx");
+ &mul ($word); # ap[j]*bp[0]
+ &add ($carry,"eax");
+ &lea ($j,&DWP(1,$j));
+ &adc ("edx",0);
+ &mov ("eax",&DWP(0,$inp,$j,4)); # ap[j+1]
+ &cmp ($j,$num);
+ &mov (&DWP($frame-4,"esp",$j,4),$carry); # tp[j]=
+ &jl (&label("mull"));
+
+ &mov ($carry,"edx");
+ &mul ($word); # ap[num-1]*bp[0]
+ &mov ($word,$_n0);
+ &add ("eax",$carry);
+ &mov ($inp,$_np);
+ &adc ("edx",0);
+ &imul ($word,&DWP($frame,"esp")); # n0*tp[0]
+
+ &mov (&DWP($frame,"esp",$num,4),"eax"); # tp[num-1]=
+ &xor ($j,$j);
+ &mov (&DWP($frame+4,"esp",$num,4),"edx"); # tp[num]=
+ &mov (&DWP($frame+8,"esp",$num,4),$j); # tp[num+1]=
+
+ &mov ("eax",&DWP(0,$inp)); # np[0]
+ &mul ($word); # np[0]*m
+ &add ("eax",&DWP($frame,"esp")); # +=tp[0]
+ &mov ("eax",&DWP(4,$inp)); # np[1]
+ &adc ("edx",0);
+ &inc ($j);
+
+ &jmp (&label("2ndmadd"));
+
+&set_label("1stmadd",16);
+ &mov ($carry,"edx");
+ &mul ($word); # ap[j]*bp[i]
+ &add ($carry,&DWP($frame,"esp",$j,4)); # +=tp[j]
+ &lea ($j,&DWP(1,$j));
+ &adc ("edx",0);
+ &add ($carry,"eax");
+ &mov ("eax",&DWP(0,$inp,$j,4)); # ap[j+1]
+ &adc ("edx",0);
+ &cmp ($j,$num);
+ &mov (&DWP($frame-4,"esp",$j,4),$carry); # tp[j]=
+ &jl (&label("1stmadd"));
+
+ &mov ($carry,"edx");
+ &mul ($word); # ap[num-1]*bp[i]
+ &add ("eax",&DWP($frame,"esp",$num,4)); # +=tp[num-1]
+ &mov ($word,$_n0);
+ &adc ("edx",0);
+ &mov ($inp,$_np);
+ &add ($carry,"eax");
+ &adc ("edx",0);
+ &imul ($word,&DWP($frame,"esp")); # n0*tp[0]
+
+ &xor ($j,$j);
+ &add ("edx",&DWP($frame+4,"esp",$num,4)); # carry+=tp[num]
+ &mov (&DWP($frame,"esp",$num,4),$carry); # tp[num-1]=
+ &adc ($j,0);
+ &mov ("eax",&DWP(0,$inp)); # np[0]
+ &mov (&DWP($frame+4,"esp",$num,4),"edx"); # tp[num]=
+ &mov (&DWP($frame+8,"esp",$num,4),$j); # tp[num+1]=
+
+ &mul ($word); # np[0]*m
+ &add ("eax",&DWP($frame,"esp")); # +=tp[0]
+ &mov ("eax",&DWP(4,$inp)); # np[1]
+ &adc ("edx",0);
+ &mov ($j,1);
+
+&set_label("2ndmadd",16);
+ &mov ($carry,"edx");
+ &mul ($word); # np[j]*m
+ &add ($carry,&DWP($frame,"esp",$j,4)); # +=tp[j]
+ &lea ($j,&DWP(1,$j));
+ &adc ("edx",0);
+ &add ($carry,"eax");
+ &mov ("eax",&DWP(0,$inp,$j,4)); # np[j+1]
+ &adc ("edx",0);
+ &cmp ($j,$num);
+ &mov (&DWP($frame-8,"esp",$j,4),$carry); # tp[j-1]=
+ &jl (&label("2ndmadd"));
+
+ &mov ($carry,"edx");
+ &mul ($word); # np[j]*m
+ &add ($carry,&DWP($frame,"esp",$num,4)); # +=tp[num-1]
+ &adc ("edx",0);
+ &add ($carry,"eax");
+ &adc ("edx",0);
+ &mov (&DWP($frame-4,"esp",$num,4),$carry); # tp[num-2]=
+
+ &xor ("eax","eax");
+ &mov ($j,$_bp); # &bp[i]
+ &add ("edx",&DWP($frame+4,"esp",$num,4)); # carry+=tp[num]
+ &adc ("eax",&DWP($frame+8,"esp",$num,4)); # +=tp[num+1]
+ &lea ($j,&DWP(4,$j));
+ &mov (&DWP($frame,"esp",$num,4),"edx"); # tp[num-1]=
+ &cmp ($j,$_bpend);
+ &mov (&DWP($frame+4,"esp",$num,4),"eax"); # tp[num]=
+ &je (&label("common_tail"));
+
+ &mov ($word,&DWP(0,$j)); # bp[i+1]
+ &mov ($inp,$_ap);
+ &mov ($_bp,$j); # &bp[++i]
+ &xor ($j,$j);
+ &xor ("edx","edx");
+ &mov ("eax",&DWP(0,$inp));
+ &jmp (&label("1stmadd"));
+
+&set_label("bn_sqr_mont",16);
+$sbit=$num;
+ &mov ($_num,$num);
+ &mov ($_bp,$j); # i=0
+
+ &mov ("eax",$word); # ap[0]
+ &mul ($word); # ap[0]*ap[0]
+ &mov (&DWP($frame,"esp"),"eax"); # tp[0]=
+ &mov ($sbit,"edx");
+ &shr ("edx",1);
+ &and ($sbit,1);
+ &inc ($j);
+&set_label("sqr",16);
+ &mov ("eax",&DWP(0,$inp,$j,4)); # ap[j]
+ &mov ($carry,"edx");
+ &mul ($word); # ap[j]*ap[0]
+ &add ("eax",$carry);
+ &lea ($j,&DWP(1,$j));
+ &adc ("edx",0);
+ &lea ($carry,&DWP(0,$sbit,"eax",2));
+ &shr ("eax",31);
+ &cmp ($j,$_num);
+ &mov ($sbit,"eax");
+ &mov (&DWP($frame-4,"esp",$j,4),$carry); # tp[j]=
+ &jl (&label("sqr"));
+
+ &mov ("eax",&DWP(0,$inp,$j,4)); # ap[num-1]
+ &mov ($carry,"edx");
+ &mul ($word); # ap[num-1]*ap[0]
+ &add ("eax",$carry);
+ &mov ($word,$_n0);
+ &adc ("edx",0);
+ &mov ($inp,$_np);
+ &lea ($carry,&DWP(0,$sbit,"eax",2));
+ &imul ($word,&DWP($frame,"esp")); # n0*tp[0]
+ &shr ("eax",31);
+ &mov (&DWP($frame,"esp",$j,4),$carry); # tp[num-1]=
+
+ &lea ($carry,&DWP(0,"eax","edx",2));
+ &mov ("eax",&DWP(0,$inp)); # np[0]
+ &shr ("edx",31);
+ &mov (&DWP($frame+4,"esp",$j,4),$carry); # tp[num]=
+ &mov (&DWP($frame+8,"esp",$j,4),"edx"); # tp[num+1]=
+
+ &mul ($word); # np[0]*m
+ &add ("eax",&DWP($frame,"esp")); # +=tp[0]
+ &mov ($num,$j);
+ &adc ("edx",0);
+ &mov ("eax",&DWP(4,$inp)); # np[1]
+ &mov ($j,1);
+
+&set_label("3rdmadd",16);
+ &mov ($carry,"edx");
+ &mul ($word); # np[j]*m
+ &add ($carry,&DWP($frame,"esp",$j,4)); # +=tp[j]
+ &adc ("edx",0);
+ &add ($carry,"eax");
+ &mov ("eax",&DWP(4,$inp,$j,4)); # np[j+1]
+ &adc ("edx",0);
+ &mov (&DWP($frame-4,"esp",$j,4),$carry); # tp[j-1]=
+
+ &mov ($carry,"edx");
+ &mul ($word); # np[j+1]*m
+ &add ($carry,&DWP($frame+4,"esp",$j,4)); # +=tp[j+1]
+ &lea ($j,&DWP(2,$j));
+ &adc ("edx",0);
+ &add ($carry,"eax");
+ &mov ("eax",&DWP(0,$inp,$j,4)); # np[j+2]
+ &adc ("edx",0);
+ &cmp ($j,$num);
+ &mov (&DWP($frame-8,"esp",$j,4),$carry); # tp[j]=
+ &jl (&label("3rdmadd"));
+
+ &mov ($carry,"edx");
+ &mul ($word); # np[j]*m
+ &add ($carry,&DWP($frame,"esp",$num,4)); # +=tp[num-1]
+ &adc ("edx",0);
+ &add ($carry,"eax");
+ &adc ("edx",0);
+ &mov (&DWP($frame-4,"esp",$num,4),$carry); # tp[num-2]=
+
+ &mov ($j,$_bp); # i
+ &xor ("eax","eax");
+ &mov ($inp,$_ap);
+ &add ("edx",&DWP($frame+4,"esp",$num,4)); # carry+=tp[num]
+ &adc ("eax",&DWP($frame+8,"esp",$num,4)); # +=tp[num+1]
+ &mov (&DWP($frame,"esp",$num,4),"edx"); # tp[num-1]=
+ &cmp ($j,$num);
+ &mov (&DWP($frame+4,"esp",$num,4),"eax"); # tp[num]=
+ &je (&label("common_tail"));
+
+ &mov ($word,&DWP(4,$inp,$j,4)); # ap[i]
+ &lea ($j,&DWP(1,$j));
+ &mov ("eax",$word);
+ &mov ($_bp,$j); # ++i
+ &mul ($word); # ap[i]*ap[i]
+ &add ("eax",&DWP($frame,"esp",$j,4)); # +=tp[i]
+ &adc ("edx",0);
+ &mov (&DWP($frame,"esp",$j,4),"eax"); # tp[i]=
+ &xor ($carry,$carry);
+ &cmp ($j,$num);
+ &lea ($j,&DWP(1,$j));
+ &je (&label("sqrlast"));
+
+ &mov ($sbit,"edx"); # zaps $num
+ &shr ("edx",1);
+ &and ($sbit,1);
+&set_label("sqradd",16);
+ &mov ("eax",&DWP(0,$inp,$j,4)); # ap[j]
+ &mov ($carry,"edx");
+ &mul ($word); # ap[j]*ap[i]
+ &add ("eax",$carry);
+ &lea ($carry,&DWP(0,"eax","eax"));
+ &adc ("edx",0);
+ &shr ("eax",31);
+ &add ($carry,&DWP($frame,"esp",$j,4)); # +=tp[j]
+ &lea ($j,&DWP(1,$j));
+ &adc ("eax",0);
+ &add ($carry,$sbit);
+ &adc ("eax",0);
+ &cmp ($j,$_num);
+ &mov (&DWP($frame-4,"esp",$j,4),$carry); # tp[j]=
+ &mov ($sbit,"eax");
+ &jle (&label("sqradd"));
+
+ &mov ($carry,"edx");
+ &add ("edx","edx");
+ &shr ($carry,31);
+ &add ("edx",$sbit);
+ &adc ($carry,0);
+&set_label("sqrlast");
+ &mov ($word,$_n0);
+ &mov ($inp,$_np);
+ &imul ($word,&DWP($frame,"esp")); # n0*tp[0]
+
+ &add ("edx",&DWP($frame,"esp",$j,4)); # +=tp[num]
+ &mov ("eax",&DWP(0,$inp)); # np[0]
+ &adc ($carry,0);
+ &mov (&DWP($frame,"esp",$j,4),"edx"); # tp[num]=
+ &mov (&DWP($frame+4,"esp",$j,4),$carry); # tp[num+1]=
+
+ &mul ($word); # np[0]*m
+ &add ("eax",&DWP($frame,"esp")); # +=tp[0]
+ &lea ($num,&DWP(-1,$j));
+ &adc ("edx",0);
+ &mov ($j,1);
+ &mov ("eax",&DWP(4,$inp)); # np[1]
+
+ &jmp (&label("3rdmadd"));
+}
+
+&set_label("common_tail",16);
+ &mov ($np,$_np); # load modulus pointer
+ &mov ($rp,$_rp); # load result pointer
+ &lea ($tp,&DWP($frame,"esp")); # [$ap and $bp are zapped]
+
+ &mov ("eax",&DWP(0,$tp)); # tp[0]
+ &mov ($j,$num); # j=num-1
+ &xor ($i,$i); # i=0 and clear CF!
+
+&set_label("sub",16);
+ &sbb ("eax",&DWP(0,$np,$i,4));
+ &mov (&DWP(0,$rp,$i,4),"eax"); # rp[i]=tp[i]-np[i]
+ &dec ($j); # doesn't affect CF!
+ &mov ("eax",&DWP(4,$tp,$i,4)); # tp[i+1]
+ &lea ($i,&DWP(1,$i)); # i++
+ &jge (&label("sub"));
+
+ &sbb ("eax",0); # handle upmost overflow bit
+ &and ($tp,"eax");
+ ¬ ("eax");
+ &mov ($np,$rp);
+ &and ($np,"eax");
+ &or ($tp,$np); # tp=carry?tp:rp
+
+&set_label("copy",16); # copy or in-place refresh
+ &mov ("eax",&DWP(0,$tp,$num,4));
+ &mov (&DWP(0,$rp,$num,4),"eax"); # rp[i]=tp[i]
+ &mov (&DWP($frame,"esp",$num,4),$j); # zap temporary vector
+ &dec ($num);
+ &jge (&label("copy"));
+
+ &mov ("esp",$_sp); # pull saved stack pointer
+ &mov ("eax",1);
+&set_label("just_leave");
+&function_end("bn_mul_mont");
+
+&asciz("Montgomery Multiplication for x86, CRYPTOGAMS by <appro\@openssl.org>");
+
+&asm_finish();
Modified: trunk/crypto/openssl/crypto/bn/asm/x86_64-gcc.c
===================================================================
--- trunk/crypto/openssl/crypto/bn/asm/x86_64-gcc.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/bn/asm/x86_64-gcc.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,5 +1,5 @@
#include "../bn_lcl.h"
-#ifdef __SUNPRO_C
+#if !(defined(__GNUC__) && __GNUC__>=2)
# include "../bn_asm.c" /* kind of dirty hack for Sun Studio */
#else
/*-
@@ -55,7 +55,11 @@
* machine.
*/
-# define BN_ULONG unsigned long
+# ifdef _WIN64
+# define BN_ULONG unsigned long long
+# else
+# define BN_ULONG unsigned long
+# endif
# undef mul
# undef mul_add
@@ -206,7 +210,7 @@
return 0;
asm volatile (" subq %2,%2 \n"
- ".align 16 \n"
+ ".p2align 4 \n"
"1: movq (%4,%2,8),%0 \n"
" adcq (%5,%2,8),%0 \n"
" movq %0,(%3,%2,8) \n"
@@ -230,7 +234,7 @@
return 0;
asm volatile (" subq %2,%2 \n"
- ".align 16 \n"
+ ".p2align 4 \n"
"1: movq (%4,%2,8),%0 \n"
" sbbq (%5,%2,8),%0 \n"
" movq %0,(%3,%2,8) \n"
Copied: trunk/crypto/openssl/crypto/bn/asm/x86_64-gf2m.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/bn/asm/x86_64-gf2m.pl)
===================================================================
--- trunk/crypto/openssl/crypto/bn/asm/x86_64-gf2m.pl (rev 0)
+++ trunk/crypto/openssl/crypto/bn/asm/x86_64-gf2m.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,390 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+#
+# May 2011
+#
+# The module implements bn_GF2m_mul_2x2 polynomial multiplication used
+# in bn_gf2m.c. It's kind of low-hanging mechanical port from C for
+# the time being... Except that it has two code paths: code suitable
+# for any x86_64 CPU and PCLMULQDQ one suitable for Westmere and
+# later. Improvement varies from one benchmark and \xB5-arch to another.
+# Vanilla code path is at most 20% faster than compiler-generated code
+# [not very impressive], while PCLMULQDQ - whole 85%-160% better on
+# 163- and 571-bit ECDH benchmarks on Intel CPUs. Keep in mind that
+# these coefficients are not ones for bn_GF2m_mul_2x2 itself, as not
+# all CPU time is burnt in it...
+
+$flavour = shift;
+$output = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+
+$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
+die "can't locate x86_64-xlate.pl";
+
+open OUT,"| \"$^X\" $xlate $flavour $output";
+*STDOUT=*OUT;
+
+($lo,$hi)=("%rax","%rdx"); $a=$lo;
+($i0,$i1)=("%rsi","%rdi");
+($t0,$t1)=("%rbx","%rcx");
+($b,$mask)=("%rbp","%r8");
+($a1,$a2,$a4,$a8,$a12,$a48)=map("%r$_",(9..15));
+($R,$Tx)=("%xmm0","%xmm1");
+
+$code.=<<___;
+.text
+
+.type _mul_1x1,\@abi-omnipotent
+.align 16
+_mul_1x1:
+ sub \$128+8,%rsp
+ mov \$-1,$a1
+ lea ($a,$a),$i0
+ shr \$3,$a1
+ lea (,$a,4),$i1
+ and $a,$a1 # a1=a&0x1fffffffffffffff
+ lea (,$a,8),$a8
+ sar \$63,$a # broadcast 63rd bit
+ lea ($a1,$a1),$a2
+ sar \$63,$i0 # broadcast 62nd bit
+ lea (,$a1,4),$a4
+ and $b,$a
+ sar \$63,$i1 # boardcast 61st bit
+ mov $a,$hi # $a is $lo
+ shl \$63,$lo
+ and $b,$i0
+ shr \$1,$hi
+ mov $i0,$t1
+ shl \$62,$i0
+ and $b,$i1
+ shr \$2,$t1
+ xor $i0,$lo
+ mov $i1,$t0
+ shl \$61,$i1
+ xor $t1,$hi
+ shr \$3,$t0
+ xor $i1,$lo
+ xor $t0,$hi
+
+ mov $a1,$a12
+ movq \$0,0(%rsp) # tab[0]=0
+ xor $a2,$a12 # a1^a2
+ mov $a1,8(%rsp) # tab[1]=a1
+ mov $a4,$a48
+ mov $a2,16(%rsp) # tab[2]=a2
+ xor $a8,$a48 # a4^a8
+ mov $a12,24(%rsp) # tab[3]=a1^a2
+
+ xor $a4,$a1
+ mov $a4,32(%rsp) # tab[4]=a4
+ xor $a4,$a2
+ mov $a1,40(%rsp) # tab[5]=a1^a4
+ xor $a4,$a12
+ mov $a2,48(%rsp) # tab[6]=a2^a4
+ xor $a48,$a1 # a1^a4^a4^a8=a1^a8
+ mov $a12,56(%rsp) # tab[7]=a1^a2^a4
+ xor $a48,$a2 # a2^a4^a4^a8=a1^a8
+
+ mov $a8,64(%rsp) # tab[8]=a8
+ xor $a48,$a12 # a1^a2^a4^a4^a8=a1^a2^a8
+ mov $a1,72(%rsp) # tab[9]=a1^a8
+ xor $a4,$a1 # a1^a8^a4
+ mov $a2,80(%rsp) # tab[10]=a2^a8
+ xor $a4,$a2 # a2^a8^a4
+ mov $a12,88(%rsp) # tab[11]=a1^a2^a8
+
+ xor $a4,$a12 # a1^a2^a8^a4
+ mov $a48,96(%rsp) # tab[12]=a4^a8
+ mov $mask,$i0
+ mov $a1,104(%rsp) # tab[13]=a1^a4^a8
+ and $b,$i0
+ mov $a2,112(%rsp) # tab[14]=a2^a4^a8
+ shr \$4,$b
+ mov $a12,120(%rsp) # tab[15]=a1^a2^a4^a8
+ mov $mask,$i1
+ and $b,$i1
+ shr \$4,$b
+
+ movq (%rsp,$i0,8),$R # half of calculations is done in SSE2
+ mov $mask,$i0
+ and $b,$i0
+ shr \$4,$b
+___
+ for ($n=1;$n<8;$n++) {
+ $code.=<<___;
+ mov (%rsp,$i1,8),$t1
+ mov $mask,$i1
+ mov $t1,$t0
+ shl \$`8*$n-4`,$t1
+ and $b,$i1
+ movq (%rsp,$i0,8),$Tx
+ shr \$`64-(8*$n-4)`,$t0
+ xor $t1,$lo
+ pslldq \$$n,$Tx
+ mov $mask,$i0
+ shr \$4,$b
+ xor $t0,$hi
+ and $b,$i0
+ shr \$4,$b
+ pxor $Tx,$R
+___
+ }
+$code.=<<___;
+ mov (%rsp,$i1,8),$t1
+ mov $t1,$t0
+ shl \$`8*$n-4`,$t1
+ movq $R,$i0
+ shr \$`64-(8*$n-4)`,$t0
+ xor $t1,$lo
+ psrldq \$8,$R
+ xor $t0,$hi
+ movq $R,$i1
+ xor $i0,$lo
+ xor $i1,$hi
+
+ add \$128+8,%rsp
+ ret
+.Lend_mul_1x1:
+.size _mul_1x1,.-_mul_1x1
+___
+
+($rp,$a1,$a0,$b1,$b0) = $win64? ("%rcx","%rdx","%r8", "%r9","%r10") : # Win64 order
+ ("%rdi","%rsi","%rdx","%rcx","%r8"); # Unix order
+
+$code.=<<___;
+.extern OPENSSL_ia32cap_P
+.globl bn_GF2m_mul_2x2
+.type bn_GF2m_mul_2x2,\@abi-omnipotent
+.align 16
+bn_GF2m_mul_2x2:
+ mov OPENSSL_ia32cap_P(%rip),%rax
+ bt \$33,%rax
+ jnc .Lvanilla_mul_2x2
+
+ movq $a1,%xmm0
+ movq $b1,%xmm1
+ movq $a0,%xmm2
+___
+$code.=<<___ if ($win64);
+ movq 40(%rsp),%xmm3
+___
+$code.=<<___ if (!$win64);
+ movq $b0,%xmm3
+___
+$code.=<<___;
+ movdqa %xmm0,%xmm4
+ movdqa %xmm1,%xmm5
+ pclmulqdq \$0,%xmm1,%xmm0 # a1\xB7b1
+ pxor %xmm2,%xmm4
+ pxor %xmm3,%xmm5
+ pclmulqdq \$0,%xmm3,%xmm2 # a0\xB7b0
+ pclmulqdq \$0,%xmm5,%xmm4 # (a0+a1)\xB7(b0+b1)
+ xorps %xmm0,%xmm4
+ xorps %xmm2,%xmm4 # (a0+a1)\xB7(b0+b1)-a0\xB7b0-a1\xB7b1
+ movdqa %xmm4,%xmm5
+ pslldq \$8,%xmm4
+ psrldq \$8,%xmm5
+ pxor %xmm4,%xmm2
+ pxor %xmm5,%xmm0
+ movdqu %xmm2,0($rp)
+ movdqu %xmm0,16($rp)
+ ret
+
+.align 16
+.Lvanilla_mul_2x2:
+ lea -8*17(%rsp),%rsp
+___
+$code.=<<___ if ($win64);
+ mov `8*17+40`(%rsp),$b0
+ mov %rdi,8*15(%rsp)
+ mov %rsi,8*16(%rsp)
+___
+$code.=<<___;
+ mov %r14,8*10(%rsp)
+ mov %r13,8*11(%rsp)
+ mov %r12,8*12(%rsp)
+ mov %rbp,8*13(%rsp)
+ mov %rbx,8*14(%rsp)
+.Lbody_mul_2x2:
+ mov $rp,32(%rsp) # save the arguments
+ mov $a1,40(%rsp)
+ mov $a0,48(%rsp)
+ mov $b1,56(%rsp)
+ mov $b0,64(%rsp)
+
+ mov \$0xf,$mask
+ mov $a1,$a
+ mov $b1,$b
+ call _mul_1x1 # a1\xB7b1
+ mov $lo,16(%rsp)
+ mov $hi,24(%rsp)
+
+ mov 48(%rsp),$a
+ mov 64(%rsp),$b
+ call _mul_1x1 # a0\xB7b0
+ mov $lo,0(%rsp)
+ mov $hi,8(%rsp)
+
+ mov 40(%rsp),$a
+ mov 56(%rsp),$b
+ xor 48(%rsp),$a
+ xor 64(%rsp),$b
+ call _mul_1x1 # (a0+a1)\xB7(b0+b1)
+___
+ @r=("%rbx","%rcx","%rdi","%rsi");
+$code.=<<___;
+ mov 0(%rsp), at r[0]
+ mov 8(%rsp), at r[1]
+ mov 16(%rsp), at r[2]
+ mov 24(%rsp), at r[3]
+ mov 32(%rsp),%rbp
+
+ xor $hi,$lo
+ xor @r[1],$hi
+ xor @r[0],$lo
+ mov @r[0],0(%rbp)
+ xor @r[2],$hi
+ mov @r[3],24(%rbp)
+ xor @r[3],$lo
+ xor @r[3],$hi
+ xor $hi,$lo
+ mov $hi,16(%rbp)
+ mov $lo,8(%rbp)
+
+ mov 8*10(%rsp),%r14
+ mov 8*11(%rsp),%r13
+ mov 8*12(%rsp),%r12
+ mov 8*13(%rsp),%rbp
+ mov 8*14(%rsp),%rbx
+___
+$code.=<<___ if ($win64);
+ mov 8*15(%rsp),%rdi
+ mov 8*16(%rsp),%rsi
+___
+$code.=<<___;
+ lea 8*17(%rsp),%rsp
+ ret
+.Lend_mul_2x2:
+.size bn_GF2m_mul_2x2,.-bn_GF2m_mul_2x2
+.asciz "GF(2^m) Multiplication for x86_64, CRYPTOGAMS by <appro\@openssl.org>"
+.align 16
+___
+
+# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
+# CONTEXT *context,DISPATCHER_CONTEXT *disp)
+if ($win64) {
+$rec="%rcx";
+$frame="%rdx";
+$context="%r8";
+$disp="%r9";
+
+$code.=<<___;
+.extern __imp_RtlVirtualUnwind
+
+.type se_handler,\@abi-omnipotent
+.align 16
+se_handler:
+ push %rsi
+ push %rdi
+ push %rbx
+ push %rbp
+ push %r12
+ push %r13
+ push %r14
+ push %r15
+ pushfq
+ sub \$64,%rsp
+
+ mov 152($context),%rax # pull context->Rsp
+ mov 248($context),%rbx # pull context->Rip
+
+ lea .Lbody_mul_2x2(%rip),%r10
+ cmp %r10,%rbx # context->Rip<"prologue" label
+ jb .Lin_prologue
+
+ mov 8*10(%rax),%r14 # mimic epilogue
+ mov 8*11(%rax),%r13
+ mov 8*12(%rax),%r12
+ mov 8*13(%rax),%rbp
+ mov 8*14(%rax),%rbx
+ mov 8*15(%rax),%rdi
+ mov 8*16(%rax),%rsi
+
+ mov %rbx,144($context) # restore context->Rbx
+ mov %rbp,160($context) # restore context->Rbp
+ mov %rsi,168($context) # restore context->Rsi
+ mov %rdi,176($context) # restore context->Rdi
+ mov %r12,216($context) # restore context->R12
+ mov %r13,224($context) # restore context->R13
+ mov %r14,232($context) # restore context->R14
+
+.Lin_prologue:
+ lea 8*17(%rax),%rax
+ mov %rax,152($context) # restore context->Rsp
+
+ mov 40($disp),%rdi # disp->ContextRecord
+ mov $context,%rsi # context
+ mov \$154,%ecx # sizeof(CONTEXT)
+ .long 0xa548f3fc # cld; rep movsq
+
+ mov $disp,%rsi
+ xor %rcx,%rcx # arg1, UNW_FLAG_NHANDLER
+ mov 8(%rsi),%rdx # arg2, disp->ImageBase
+ mov 0(%rsi),%r8 # arg3, disp->ControlPc
+ mov 16(%rsi),%r9 # arg4, disp->FunctionEntry
+ mov 40(%rsi),%r10 # disp->ContextRecord
+ lea 56(%rsi),%r11 # &disp->HandlerData
+ lea 24(%rsi),%r12 # &disp->EstablisherFrame
+ mov %r10,32(%rsp) # arg5
+ mov %r11,40(%rsp) # arg6
+ mov %r12,48(%rsp) # arg7
+ mov %rcx,56(%rsp) # arg8, (NULL)
+ call *__imp_RtlVirtualUnwind(%rip)
+
+ mov \$1,%eax # ExceptionContinueSearch
+ add \$64,%rsp
+ popfq
+ pop %r15
+ pop %r14
+ pop %r13
+ pop %r12
+ pop %rbp
+ pop %rbx
+ pop %rdi
+ pop %rsi
+ ret
+.size se_handler,.-se_handler
+
+.section .pdata
+.align 4
+ .rva _mul_1x1
+ .rva .Lend_mul_1x1
+ .rva .LSEH_info_1x1
+
+ .rva .Lvanilla_mul_2x2
+ .rva .Lend_mul_2x2
+ .rva .LSEH_info_2x2
+.section .xdata
+.align 8
+.LSEH_info_1x1:
+ .byte 0x01,0x07,0x02,0x00
+ .byte 0x07,0x01,0x11,0x00 # sub rsp,128+8
+.LSEH_info_2x2:
+ .byte 9,0,0,0
+ .rva se_handler
+___
+}
+
+$code =~ s/\`([^\`]*)\`/eval($1)/gem;
+print $code;
+close STDOUT;
Modified: trunk/crypto/openssl/crypto/bn/asm/x86_64-mont.pl
===================================================================
--- trunk/crypto/openssl/crypto/bn/asm/x86_64-mont.pl 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/bn/asm/x86_64-mont.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,7 +1,7 @@
#!/usr/bin/env perl
# ====================================================================
-# Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+# Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
# project. The module is, however, dual licensed under OpenSSL and
# CRYPTOGAMS licenses depending on where you obtain it. For further
# details see http://www.openssl.org/~appro/cryptogams/.
@@ -15,14 +15,33 @@
# respectful 50%. It remains to be seen if loop unrolling and
# dedicated squaring routine can provide further improvement...
-$output=shift;
+# July 2011.
+#
+# Add dedicated squaring procedure. Performance improvement varies
+# from platform to platform, but in average it's ~5%/15%/25%/33%
+# for 512-/1024-/2048-/4096-bit RSA *sign* benchmarks respectively.
+# August 2011.
+#
+# Unroll and modulo-schedule inner loops in such manner that they
+# are "fallen through" for input lengths of 8, which is critical for
+# 1024-bit RSA *sign*. Average performance improvement in comparison
+# to *initial* version of this module from 2005 is ~0%/30%/40%/45%
+# for 512-/1024-/2048-/4096-bit RSA *sign* benchmarks respectively.
+
+$flavour = shift;
+$output = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+
+$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
+
$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
die "can't locate x86_64-xlate.pl";
-open STDOUT,"| $^X $xlate $output";
+open OUT,"| \"$^X\" $xlate $flavour $output";
+*STDOUT=*OUT;
# int bn_mul_mont(
$rp="%rdi"; # BN_ULONG *rp,
@@ -33,7 +52,6 @@
$num="%r9"; # int num);
$lo0="%r10";
$hi0="%r11";
-$bp="%r12"; # reassign $bp
$hi1="%r13";
$i="%r14";
$j="%r15";
@@ -47,6 +65,16 @@
.type bn_mul_mont,\@function,6
.align 16
bn_mul_mont:
+ test \$3,${num}d
+ jnz .Lmul_enter
+ cmp \$8,${num}d
+ jb .Lmul_enter
+ cmp $ap,$bp
+ jne .Lmul4x_enter
+ jmp .Lsqr4x_enter
+
+.align 16
+.Lmul_enter:
push %rbx
push %rbp
push %r12
@@ -55,54 +83,73 @@
push %r15
mov ${num}d,${num}d
- lea 2($num),%rax
- mov %rsp,%rbp
- neg %rax
- lea (%rsp,%rax,8),%rsp # tp=alloca(8*(num+2))
+ lea 2($num),%r10
+ mov %rsp,%r11
+ neg %r10
+ lea (%rsp,%r10,8),%rsp # tp=alloca(8*(num+2))
and \$-1024,%rsp # minimize TLB usage
- mov %rbp,8(%rsp,$num,8) # tp[num+1]=%rsp
- mov %rdx,$bp # $bp reassigned, remember?
-
+ mov %r11,8(%rsp,$num,8) # tp[num+1]=%rsp
+.Lmul_body:
+ mov $bp,%r12 # reassign $bp
+___
+ $bp="%r12";
+$code.=<<___;
mov ($n0),$n0 # pull n0[0] value
+ mov ($bp),$m0 # m0=bp[0]
+ mov ($ap),%rax
xor $i,$i # i=0
xor $j,$j # j=0
- mov ($bp),$m0 # m0=bp[0]
- mov ($ap),%rax
+ mov $n0,$m1
mulq $m0 # ap[0]*bp[0]
mov %rax,$lo0
+ mov ($np),%rax
+
+ imulq $lo0,$m1 # "tp[0]"*n0
mov %rdx,$hi0
- imulq $n0,%rax # "tp[0]"*n0
- mov %rax,$m1
-
- mulq ($np) # np[0]*m1
- add $lo0,%rax # discarded
+ mulq $m1 # np[0]*m1
+ add %rax,$lo0 # discarded
+ mov 8($ap),%rax
adc \$0,%rdx
mov %rdx,$hi1
lea 1($j),$j # j++
+ jmp .L1st_enter
+
+.align 16
.L1st:
+ add %rax,$hi1
mov ($ap,$j,8),%rax
+ adc \$0,%rdx
+ add $hi0,$hi1 # np[j]*m1+ap[j]*bp[0]
+ mov $lo0,$hi0
+ adc \$0,%rdx
+ mov $hi1,-16(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$hi1
+
+.L1st_enter:
mulq $m0 # ap[j]*bp[0]
- add $hi0,%rax
+ add %rax,$hi0
+ mov ($np,$j,8),%rax
adc \$0,%rdx
- mov %rax,$lo0
- mov ($np,$j,8),%rax
- mov %rdx,$hi0
+ lea 1($j),$j # j++
+ mov %rdx,$lo0
mulq $m1 # np[j]*m1
- add $hi1,%rax
- lea 1($j),$j # j++
+ cmp $num,$j
+ jne .L1st
+
+ add %rax,$hi1
+ mov ($ap),%rax # ap[0]
adc \$0,%rdx
- add $lo0,%rax # np[j]*m1+ap[j]*bp[0]
+ add $hi0,$hi1 # np[j]*m1+ap[j]*bp[0]
adc \$0,%rdx
- mov %rax,-16(%rsp,$j,8) # tp[j-1]
- cmp $num,$j
+ mov $hi1,-16(%rsp,$j,8) # tp[j-1]
mov %rdx,$hi1
- jl .L1st
+ mov $lo0,$hi0
xor %rdx,%rdx
add $hi0,$hi1
@@ -111,50 +158,64 @@
mov %rdx,(%rsp,$num,8) # store upmost overflow bit
lea 1($i),$i # i++
-.align 4
+ jmp .Louter
+.align 16
.Louter:
+ mov ($bp,$i,8),$m0 # m0=bp[i]
xor $j,$j # j=0
-
- mov ($bp,$i,8),$m0 # m0=bp[i]
- mov ($ap),%rax # ap[0]
+ mov $n0,$m1
+ mov (%rsp),$lo0
mulq $m0 # ap[0]*bp[i]
- add (%rsp),%rax # ap[0]*bp[i]+tp[0]
+ add %rax,$lo0 # ap[0]*bp[i]+tp[0]
+ mov ($np),%rax
adc \$0,%rdx
- mov %rax,$lo0
+
+ imulq $lo0,$m1 # tp[0]*n0
mov %rdx,$hi0
- imulq $n0,%rax # tp[0]*n0
- mov %rax,$m1
-
- mulq ($np,$j,8) # np[0]*m1
- add $lo0,%rax # discarded
+ mulq $m1 # np[0]*m1
+ add %rax,$lo0 # discarded
+ mov 8($ap),%rax
+ adc \$0,%rdx
mov 8(%rsp),$lo0 # tp[1]
- adc \$0,%rdx
mov %rdx,$hi1
lea 1($j),$j # j++
-.align 4
+ jmp .Linner_enter
+
+.align 16
.Linner:
+ add %rax,$hi1
mov ($ap,$j,8),%rax
+ adc \$0,%rdx
+ add $lo0,$hi1 # np[j]*m1+ap[j]*bp[i]+tp[j]
+ mov (%rsp,$j,8),$lo0
+ adc \$0,%rdx
+ mov $hi1,-16(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$hi1
+
+.Linner_enter:
mulq $m0 # ap[j]*bp[i]
- add $hi0,%rax
- adc \$0,%rdx
- add %rax,$lo0 # ap[j]*bp[i]+tp[j]
+ add %rax,$hi0
mov ($np,$j,8),%rax
adc \$0,%rdx
+ add $hi0,$lo0 # ap[j]*bp[i]+tp[j]
mov %rdx,$hi0
+ adc \$0,$hi0
+ lea 1($j),$j # j++
mulq $m1 # np[j]*m1
- add $hi1,%rax
- lea 1($j),$j # j++
+ cmp $num,$j
+ jne .Linner
+
+ add %rax,$hi1
+ mov ($ap),%rax # ap[0]
adc \$0,%rdx
- add $lo0,%rax # np[j]*m1+ap[j]*bp[i]+tp[j]
+ add $lo0,$hi1 # np[j]*m1+ap[j]*bp[i]+tp[j]
+ mov (%rsp,$j,8),$lo0
adc \$0,%rdx
- mov (%rsp,$j,8),$lo0
- cmp $num,$j
- mov %rax,-16(%rsp,$j,8) # tp[j-1]
+ mov $hi1,-16(%rsp,$j,8) # tp[j-1]
mov %rdx,$hi1
- jl .Linner
xor %rdx,%rdx
add $hi0,$hi1
@@ -168,37 +229,1413 @@
cmp $num,$i
jl .Louter
+ xor $i,$i # i=0 and clear CF!
+ mov (%rsp),%rax # tp[0]
lea (%rsp),$ap # borrow ap for tp
- lea -1($num),$j # j=num-1
-
- mov ($ap),%rax # tp[0]
- xor $i,$i # i=0 and clear CF!
+ mov $num,$j # j=num
jmp .Lsub
.align 16
.Lsub: sbb ($np,$i,8),%rax
mov %rax,($rp,$i,8) # rp[i]=tp[i]-np[i]
- dec $j # doesn't affect CF!
mov 8($ap,$i,8),%rax # tp[i+1]
lea 1($i),$i # i++
- jge .Lsub
+ dec $j # doesnn't affect CF!
+ jnz .Lsub
sbb \$0,%rax # handle upmost overflow bit
+ xor $i,$i
and %rax,$ap
not %rax
mov $rp,$np
and %rax,$np
- lea -1($num),$j
+ mov $num,$j # j=num
or $np,$ap # ap=borrow?tp:rp
.align 16
.Lcopy: # copy or in-place refresh
+ mov ($ap,$i,8),%rax
+ mov $i,(%rsp,$i,8) # zap temporary vector
+ mov %rax,($rp,$i,8) # rp[i]=tp[i]
+ lea 1($i),$i
+ sub \$1,$j
+ jnz .Lcopy
+
+ mov 8(%rsp,$num,8),%rsi # restore %rsp
+ mov \$1,%rax
+ mov (%rsi),%r15
+ mov 8(%rsi),%r14
+ mov 16(%rsi),%r13
+ mov 24(%rsi),%r12
+ mov 32(%rsi),%rbp
+ mov 40(%rsi),%rbx
+ lea 48(%rsi),%rsp
+.Lmul_epilogue:
+ ret
+.size bn_mul_mont,.-bn_mul_mont
+___
+{{{
+my @A=("%r10","%r11");
+my @N=("%r13","%rdi");
+$code.=<<___;
+.type bn_mul4x_mont,\@function,6
+.align 16
+bn_mul4x_mont:
+.Lmul4x_enter:
+ push %rbx
+ push %rbp
+ push %r12
+ push %r13
+ push %r14
+ push %r15
+
+ mov ${num}d,${num}d
+ lea 4($num),%r10
+ mov %rsp,%r11
+ neg %r10
+ lea (%rsp,%r10,8),%rsp # tp=alloca(8*(num+4))
+ and \$-1024,%rsp # minimize TLB usage
+
+ mov %r11,8(%rsp,$num,8) # tp[num+1]=%rsp
+.Lmul4x_body:
+ mov $rp,16(%rsp,$num,8) # tp[num+2]=$rp
+ mov %rdx,%r12 # reassign $bp
+___
+ $bp="%r12";
+$code.=<<___;
+ mov ($n0),$n0 # pull n0[0] value
+ mov ($bp),$m0 # m0=bp[0]
+ mov ($ap),%rax
+
+ xor $i,$i # i=0
+ xor $j,$j # j=0
+
+ mov $n0,$m1
+ mulq $m0 # ap[0]*bp[0]
+ mov %rax,$A[0]
+ mov ($np),%rax
+
+ imulq $A[0],$m1 # "tp[0]"*n0
+ mov %rdx,$A[1]
+
+ mulq $m1 # np[0]*m1
+ add %rax,$A[0] # discarded
+ mov 8($ap),%rax
+ adc \$0,%rdx
+ mov %rdx,$N[1]
+
+ mulq $m0
+ add %rax,$A[1]
+ mov 8($np),%rax
+ adc \$0,%rdx
+ mov %rdx,$A[0]
+
+ mulq $m1
+ add %rax,$N[1]
+ mov 16($ap),%rax
+ adc \$0,%rdx
+ add $A[1],$N[1]
+ lea 4($j),$j # j++
+ adc \$0,%rdx
+ mov $N[1],(%rsp)
+ mov %rdx,$N[0]
+ jmp .L1st4x
+.align 16
+.L1st4x:
+ mulq $m0 # ap[j]*bp[0]
+ add %rax,$A[0]
+ mov -16($np,$j,8),%rax
+ adc \$0,%rdx
+ mov %rdx,$A[1]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[0]
+ mov -8($ap,$j,8),%rax
+ adc \$0,%rdx
+ add $A[0],$N[0] # np[j]*m1+ap[j]*bp[0]
+ adc \$0,%rdx
+ mov $N[0],-24(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[1]
+
+ mulq $m0 # ap[j]*bp[0]
+ add %rax,$A[1]
+ mov -8($np,$j,8),%rax
+ adc \$0,%rdx
+ mov %rdx,$A[0]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[1]
mov ($ap,$j,8),%rax
- mov %rax,($rp,$j,8) # rp[i]=tp[i]
- mov $i,(%rsp,$j,8) # zap temporary vector
+ adc \$0,%rdx
+ add $A[1],$N[1] # np[j]*m1+ap[j]*bp[0]
+ adc \$0,%rdx
+ mov $N[1],-16(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[0]
+
+ mulq $m0 # ap[j]*bp[0]
+ add %rax,$A[0]
+ mov ($np,$j,8),%rax
+ adc \$0,%rdx
+ mov %rdx,$A[1]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[0]
+ mov 8($ap,$j,8),%rax
+ adc \$0,%rdx
+ add $A[0],$N[0] # np[j]*m1+ap[j]*bp[0]
+ adc \$0,%rdx
+ mov $N[0],-8(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[1]
+
+ mulq $m0 # ap[j]*bp[0]
+ add %rax,$A[1]
+ mov 8($np,$j,8),%rax
+ adc \$0,%rdx
+ lea 4($j),$j # j++
+ mov %rdx,$A[0]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[1]
+ mov -16($ap,$j,8),%rax
+ adc \$0,%rdx
+ add $A[1],$N[1] # np[j]*m1+ap[j]*bp[0]
+ adc \$0,%rdx
+ mov $N[1],-32(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[0]
+ cmp $num,$j
+ jl .L1st4x
+
+ mulq $m0 # ap[j]*bp[0]
+ add %rax,$A[0]
+ mov -16($np,$j,8),%rax
+ adc \$0,%rdx
+ mov %rdx,$A[1]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[0]
+ mov -8($ap,$j,8),%rax
+ adc \$0,%rdx
+ add $A[0],$N[0] # np[j]*m1+ap[j]*bp[0]
+ adc \$0,%rdx
+ mov $N[0],-24(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[1]
+
+ mulq $m0 # ap[j]*bp[0]
+ add %rax,$A[1]
+ mov -8($np,$j,8),%rax
+ adc \$0,%rdx
+ mov %rdx,$A[0]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[1]
+ mov ($ap),%rax # ap[0]
+ adc \$0,%rdx
+ add $A[1],$N[1] # np[j]*m1+ap[j]*bp[0]
+ adc \$0,%rdx
+ mov $N[1],-16(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[0]
+
+ xor $N[1],$N[1]
+ add $A[0],$N[0]
+ adc \$0,$N[1]
+ mov $N[0],-8(%rsp,$j,8)
+ mov $N[1],(%rsp,$j,8) # store upmost overflow bit
+
+ lea 1($i),$i # i++
+.align 4
+.Louter4x:
+ mov ($bp,$i,8),$m0 # m0=bp[i]
+ xor $j,$j # j=0
+ mov (%rsp),$A[0]
+ mov $n0,$m1
+ mulq $m0 # ap[0]*bp[i]
+ add %rax,$A[0] # ap[0]*bp[i]+tp[0]
+ mov ($np),%rax
+ adc \$0,%rdx
+
+ imulq $A[0],$m1 # tp[0]*n0
+ mov %rdx,$A[1]
+
+ mulq $m1 # np[0]*m1
+ add %rax,$A[0] # "$N[0]", discarded
+ mov 8($ap),%rax
+ adc \$0,%rdx
+ mov %rdx,$N[1]
+
+ mulq $m0 # ap[j]*bp[i]
+ add %rax,$A[1]
+ mov 8($np),%rax
+ adc \$0,%rdx
+ add 8(%rsp),$A[1] # +tp[1]
+ adc \$0,%rdx
+ mov %rdx,$A[0]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[1]
+ mov 16($ap),%rax
+ adc \$0,%rdx
+ add $A[1],$N[1] # np[j]*m1+ap[j]*bp[i]+tp[j]
+ lea 4($j),$j # j+=2
+ adc \$0,%rdx
+ mov $N[1],(%rsp) # tp[j-1]
+ mov %rdx,$N[0]
+ jmp .Linner4x
+.align 16
+.Linner4x:
+ mulq $m0 # ap[j]*bp[i]
+ add %rax,$A[0]
+ mov -16($np,$j,8),%rax
+ adc \$0,%rdx
+ add -16(%rsp,$j,8),$A[0] # ap[j]*bp[i]+tp[j]
+ adc \$0,%rdx
+ mov %rdx,$A[1]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[0]
+ mov -8($ap,$j,8),%rax
+ adc \$0,%rdx
+ add $A[0],$N[0]
+ adc \$0,%rdx
+ mov $N[0],-24(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[1]
+
+ mulq $m0 # ap[j]*bp[i]
+ add %rax,$A[1]
+ mov -8($np,$j,8),%rax
+ adc \$0,%rdx
+ add -8(%rsp,$j,8),$A[1]
+ adc \$0,%rdx
+ mov %rdx,$A[0]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[1]
+ mov ($ap,$j,8),%rax
+ adc \$0,%rdx
+ add $A[1],$N[1]
+ adc \$0,%rdx
+ mov $N[1],-16(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[0]
+
+ mulq $m0 # ap[j]*bp[i]
+ add %rax,$A[0]
+ mov ($np,$j,8),%rax
+ adc \$0,%rdx
+ add (%rsp,$j,8),$A[0] # ap[j]*bp[i]+tp[j]
+ adc \$0,%rdx
+ mov %rdx,$A[1]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[0]
+ mov 8($ap,$j,8),%rax
+ adc \$0,%rdx
+ add $A[0],$N[0]
+ adc \$0,%rdx
+ mov $N[0],-8(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[1]
+
+ mulq $m0 # ap[j]*bp[i]
+ add %rax,$A[1]
+ mov 8($np,$j,8),%rax
+ adc \$0,%rdx
+ add 8(%rsp,$j,8),$A[1]
+ adc \$0,%rdx
+ lea 4($j),$j # j++
+ mov %rdx,$A[0]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[1]
+ mov -16($ap,$j,8),%rax
+ adc \$0,%rdx
+ add $A[1],$N[1]
+ adc \$0,%rdx
+ mov $N[1],-32(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[0]
+ cmp $num,$j
+ jl .Linner4x
+
+ mulq $m0 # ap[j]*bp[i]
+ add %rax,$A[0]
+ mov -16($np,$j,8),%rax
+ adc \$0,%rdx
+ add -16(%rsp,$j,8),$A[0] # ap[j]*bp[i]+tp[j]
+ adc \$0,%rdx
+ mov %rdx,$A[1]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[0]
+ mov -8($ap,$j,8),%rax
+ adc \$0,%rdx
+ add $A[0],$N[0]
+ adc \$0,%rdx
+ mov $N[0],-24(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[1]
+
+ mulq $m0 # ap[j]*bp[i]
+ add %rax,$A[1]
+ mov -8($np,$j,8),%rax
+ adc \$0,%rdx
+ add -8(%rsp,$j,8),$A[1]
+ adc \$0,%rdx
+ lea 1($i),$i # i++
+ mov %rdx,$A[0]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[1]
+ mov ($ap),%rax # ap[0]
+ adc \$0,%rdx
+ add $A[1],$N[1]
+ adc \$0,%rdx
+ mov $N[1],-16(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[0]
+
+ xor $N[1],$N[1]
+ add $A[0],$N[0]
+ adc \$0,$N[1]
+ add (%rsp,$num,8),$N[0] # pull upmost overflow bit
+ adc \$0,$N[1]
+ mov $N[0],-8(%rsp,$j,8)
+ mov $N[1],(%rsp,$j,8) # store upmost overflow bit
+
+ cmp $num,$i
+ jl .Louter4x
+___
+{
+my @ri=("%rax","%rdx",$m0,$m1);
+$code.=<<___;
+ mov 16(%rsp,$num,8),$rp # restore $rp
+ mov 0(%rsp), at ri[0] # tp[0]
+ pxor %xmm0,%xmm0
+ mov 8(%rsp), at ri[1] # tp[1]
+ shr \$2,$num # num/=4
+ lea (%rsp),$ap # borrow ap for tp
+ xor $i,$i # i=0 and clear CF!
+
+ sub 0($np), at ri[0]
+ mov 16($ap), at ri[2] # tp[2]
+ mov 24($ap), at ri[3] # tp[3]
+ sbb 8($np), at ri[1]
+ lea -1($num),$j # j=num/4-1
+ jmp .Lsub4x
+.align 16
+.Lsub4x:
+ mov @ri[0],0($rp,$i,8) # rp[i]=tp[i]-np[i]
+ mov @ri[1],8($rp,$i,8) # rp[i]=tp[i]-np[i]
+ sbb 16($np,$i,8), at ri[2]
+ mov 32($ap,$i,8), at ri[0] # tp[i+1]
+ mov 40($ap,$i,8), at ri[1]
+ sbb 24($np,$i,8), at ri[3]
+ mov @ri[2],16($rp,$i,8) # rp[i]=tp[i]-np[i]
+ mov @ri[3],24($rp,$i,8) # rp[i]=tp[i]-np[i]
+ sbb 32($np,$i,8), at ri[0]
+ mov 48($ap,$i,8), at ri[2]
+ mov 56($ap,$i,8), at ri[3]
+ sbb 40($np,$i,8), at ri[1]
+ lea 4($i),$i # i++
+ dec $j # doesnn't affect CF!
+ jnz .Lsub4x
+
+ mov @ri[0],0($rp,$i,8) # rp[i]=tp[i]-np[i]
+ mov 32($ap,$i,8), at ri[0] # load overflow bit
+ sbb 16($np,$i,8), at ri[2]
+ mov @ri[1],8($rp,$i,8) # rp[i]=tp[i]-np[i]
+ sbb 24($np,$i,8), at ri[3]
+ mov @ri[2],16($rp,$i,8) # rp[i]=tp[i]-np[i]
+
+ sbb \$0, at ri[0] # handle upmost overflow bit
+ mov @ri[3],24($rp,$i,8) # rp[i]=tp[i]-np[i]
+ xor $i,$i # i=0
+ and @ri[0],$ap
+ not @ri[0]
+ mov $rp,$np
+ and @ri[0],$np
+ lea -1($num),$j
+ or $np,$ap # ap=borrow?tp:rp
+
+ movdqu ($ap),%xmm1
+ movdqa %xmm0,(%rsp)
+ movdqu %xmm1,($rp)
+ jmp .Lcopy4x
+.align 16
+.Lcopy4x: # copy or in-place refresh
+ movdqu 16($ap,$i),%xmm2
+ movdqu 32($ap,$i),%xmm1
+ movdqa %xmm0,16(%rsp,$i)
+ movdqu %xmm2,16($rp,$i)
+ movdqa %xmm0,32(%rsp,$i)
+ movdqu %xmm1,32($rp,$i)
+ lea 32($i),$i
dec $j
- jge .Lcopy
+ jnz .Lcopy4x
- mov 8(%rsp,$num,8),%rsp # restore %rsp
+ shl \$2,$num
+ movdqu 16($ap,$i),%xmm2
+ movdqa %xmm0,16(%rsp,$i)
+ movdqu %xmm2,16($rp,$i)
+___
+}
+$code.=<<___;
+ mov 8(%rsp,$num,8),%rsi # restore %rsp
mov \$1,%rax
+ mov (%rsi),%r15
+ mov 8(%rsi),%r14
+ mov 16(%rsi),%r13
+ mov 24(%rsi),%r12
+ mov 32(%rsi),%rbp
+ mov 40(%rsi),%rbx
+ lea 48(%rsi),%rsp
+.Lmul4x_epilogue:
+ ret
+.size bn_mul4x_mont,.-bn_mul4x_mont
+___
+}}}
+
{{{
+######################################################################
+# void bn_sqr4x_mont(
+my $rptr="%rdi"; # const BN_ULONG *rptr,
+my $aptr="%rsi"; # const BN_ULONG *aptr,
+my $bptr="%rdx"; # not used
+my $nptr="%rcx"; # const BN_ULONG *nptr,
+my $n0 ="%r8"; # const BN_ULONG *n0);
+my $num ="%r9"; # int num, has to be divisible by 4 and
+ # not less than 8
+
+my ($i,$j,$tptr)=("%rbp","%rcx",$rptr);
+my @A0=("%r10","%r11");
+my @A1=("%r12","%r13");
+my ($a0,$a1,$ai)=("%r14","%r15","%rbx");
+
+$code.=<<___;
+.type bn_sqr4x_mont,\@function,6
+.align 16
+bn_sqr4x_mont:
+.Lsqr4x_enter:
+ push %rbx
+ push %rbp
+ push %r12
+ push %r13
+ push %r14
+ push %r15
+
+ shl \$3,${num}d # convert $num to bytes
+ xor %r10,%r10
+ mov %rsp,%r11 # put aside %rsp
+ sub $num,%r10 # -$num
+ mov ($n0),$n0 # *n0
+ lea -72(%rsp,%r10,2),%rsp # alloca(frame+2*$num)
+ and \$-1024,%rsp # minimize TLB usage
+ ##############################################################
+ # Stack layout
+ #
+ # +0 saved $num, used in reduction section
+ # +8 &t[2*$num], used in reduction section
+ # +32 saved $rptr
+ # +40 saved $nptr
+ # +48 saved *n0
+ # +56 saved %rsp
+ # +64 t[2*$num]
+ #
+ mov $rptr,32(%rsp) # save $rptr
+ mov $nptr,40(%rsp)
+ mov $n0, 48(%rsp)
+ mov %r11, 56(%rsp) # save original %rsp
+.Lsqr4x_body:
+ ##############################################################
+ # Squaring part:
+ #
+ # a) multiply-n-add everything but a[i]*a[i];
+ # b) shift result of a) by 1 to the left and accumulate
+ # a[i]*a[i] products;
+ #
+ lea 32(%r10),$i # $i=-($num-32)
+ lea ($aptr,$num),$aptr # end of a[] buffer, ($aptr,$i)=&ap[2]
+
+ mov $num,$j # $j=$num
+
+ # comments apply to $num==8 case
+ mov -32($aptr,$i),$a0 # a[0]
+ lea 64(%rsp,$num,2),$tptr # end of tp[] buffer, &tp[2*$num]
+ mov -24($aptr,$i),%rax # a[1]
+ lea -32($tptr,$i),$tptr # end of tp[] window, &tp[2*$num-"$i"]
+ mov -16($aptr,$i),$ai # a[2]
+ mov %rax,$a1
+
+ mul $a0 # a[1]*a[0]
+ mov %rax,$A0[0] # a[1]*a[0]
+ mov $ai,%rax # a[2]
+ mov %rdx,$A0[1]
+ mov $A0[0],-24($tptr,$i) # t[1]
+
+ xor $A0[0],$A0[0]
+ mul $a0 # a[2]*a[0]
+ add %rax,$A0[1]
+ mov $ai,%rax
+ adc %rdx,$A0[0]
+ mov $A0[1],-16($tptr,$i) # t[2]
+
+ lea -16($i),$j # j=-16
+
+
+ mov 8($aptr,$j),$ai # a[3]
+ mul $a1 # a[2]*a[1]
+ mov %rax,$A1[0] # a[2]*a[1]+t[3]
+ mov $ai,%rax
+ mov %rdx,$A1[1]
+
+ xor $A0[1],$A0[1]
+ add $A1[0],$A0[0]
+ lea 16($j),$j
+ adc \$0,$A0[1]
+ mul $a0 # a[3]*a[0]
+ add %rax,$A0[0] # a[3]*a[0]+a[2]*a[1]+t[3]
+ mov $ai,%rax
+ adc %rdx,$A0[1]
+ mov $A0[0],-8($tptr,$j) # t[3]
+ jmp .Lsqr4x_1st
+
+.align 16
+.Lsqr4x_1st:
+ mov ($aptr,$j),$ai # a[4]
+ xor $A1[0],$A1[0]
+ mul $a1 # a[3]*a[1]
+ add %rax,$A1[1] # a[3]*a[1]+t[4]
+ mov $ai,%rax
+ adc %rdx,$A1[0]
+
+ xor $A0[0],$A0[0]
+ add $A1[1],$A0[1]
+ adc \$0,$A0[0]
+ mul $a0 # a[4]*a[0]
+ add %rax,$A0[1] # a[4]*a[0]+a[3]*a[1]+t[4]
+ mov $ai,%rax # a[3]
+ adc %rdx,$A0[0]
+ mov $A0[1],($tptr,$j) # t[4]
+
+
+ mov 8($aptr,$j),$ai # a[5]
+ xor $A1[1],$A1[1]
+ mul $a1 # a[4]*a[3]
+ add %rax,$A1[0] # a[4]*a[3]+t[5]
+ mov $ai,%rax
+ adc %rdx,$A1[1]
+
+ xor $A0[1],$A0[1]
+ add $A1[0],$A0[0]
+ adc \$0,$A0[1]
+ mul $a0 # a[5]*a[2]
+ add %rax,$A0[0] # a[5]*a[2]+a[4]*a[3]+t[5]
+ mov $ai,%rax
+ adc %rdx,$A0[1]
+ mov $A0[0],8($tptr,$j) # t[5]
+
+ mov 16($aptr,$j),$ai # a[6]
+ xor $A1[0],$A1[0]
+ mul $a1 # a[5]*a[3]
+ add %rax,$A1[1] # a[5]*a[3]+t[6]
+ mov $ai,%rax
+ adc %rdx,$A1[0]
+
+ xor $A0[0],$A0[0]
+ add $A1[1],$A0[1]
+ adc \$0,$A0[0]
+ mul $a0 # a[6]*a[2]
+ add %rax,$A0[1] # a[6]*a[2]+a[5]*a[3]+t[6]
+ mov $ai,%rax # a[3]
+ adc %rdx,$A0[0]
+ mov $A0[1],16($tptr,$j) # t[6]
+
+
+ mov 24($aptr,$j),$ai # a[7]
+ xor $A1[1],$A1[1]
+ mul $a1 # a[6]*a[5]
+ add %rax,$A1[0] # a[6]*a[5]+t[7]
+ mov $ai,%rax
+ adc %rdx,$A1[1]
+
+ xor $A0[1],$A0[1]
+ add $A1[0],$A0[0]
+ lea 32($j),$j
+ adc \$0,$A0[1]
+ mul $a0 # a[7]*a[4]
+ add %rax,$A0[0] # a[7]*a[4]+a[6]*a[5]+t[6]
+ mov $ai,%rax
+ adc %rdx,$A0[1]
+ mov $A0[0],-8($tptr,$j) # t[7]
+
+ cmp \$0,$j
+ jne .Lsqr4x_1st
+
+ xor $A1[0],$A1[0]
+ add $A0[1],$A1[1]
+ adc \$0,$A1[0]
+ mul $a1 # a[7]*a[5]
+ add %rax,$A1[1]
+ adc %rdx,$A1[0]
+
+ mov $A1[1],($tptr) # t[8]
+ lea 16($i),$i
+ mov $A1[0],8($tptr) # t[9]
+ jmp .Lsqr4x_outer
+
+.align 16
+.Lsqr4x_outer: # comments apply to $num==6 case
+ mov -32($aptr,$i),$a0 # a[0]
+ lea 64(%rsp,$num,2),$tptr # end of tp[] buffer, &tp[2*$num]
+ mov -24($aptr,$i),%rax # a[1]
+ lea -32($tptr,$i),$tptr # end of tp[] window, &tp[2*$num-"$i"]
+ mov -16($aptr,$i),$ai # a[2]
+ mov %rax,$a1
+
+ mov -24($tptr,$i),$A0[0] # t[1]
+ xor $A0[1],$A0[1]
+ mul $a0 # a[1]*a[0]
+ add %rax,$A0[0] # a[1]*a[0]+t[1]
+ mov $ai,%rax # a[2]
+ adc %rdx,$A0[1]
+ mov $A0[0],-24($tptr,$i) # t[1]
+
+ xor $A0[0],$A0[0]
+ add -16($tptr,$i),$A0[1] # a[2]*a[0]+t[2]
+ adc \$0,$A0[0]
+ mul $a0 # a[2]*a[0]
+ add %rax,$A0[1]
+ mov $ai,%rax
+ adc %rdx,$A0[0]
+ mov $A0[1],-16($tptr,$i) # t[2]
+
+ lea -16($i),$j # j=-16
+ xor $A1[0],$A1[0]
+
+
+ mov 8($aptr,$j),$ai # a[3]
+ xor $A1[1],$A1[1]
+ add 8($tptr,$j),$A1[0]
+ adc \$0,$A1[1]
+ mul $a1 # a[2]*a[1]
+ add %rax,$A1[0] # a[2]*a[1]+t[3]
+ mov $ai,%rax
+ adc %rdx,$A1[1]
+
+ xor $A0[1],$A0[1]
+ add $A1[0],$A0[0]
+ adc \$0,$A0[1]
+ mul $a0 # a[3]*a[0]
+ add %rax,$A0[0] # a[3]*a[0]+a[2]*a[1]+t[3]
+ mov $ai,%rax
+ adc %rdx,$A0[1]
+ mov $A0[0],8($tptr,$j) # t[3]
+
+ lea 16($j),$j
+ jmp .Lsqr4x_inner
+
+.align 16
+.Lsqr4x_inner:
+ mov ($aptr,$j),$ai # a[4]
+ xor $A1[0],$A1[0]
+ add ($tptr,$j),$A1[1]
+ adc \$0,$A1[0]
+ mul $a1 # a[3]*a[1]
+ add %rax,$A1[1] # a[3]*a[1]+t[4]
+ mov $ai,%rax
+ adc %rdx,$A1[0]
+
+ xor $A0[0],$A0[0]
+ add $A1[1],$A0[1]
+ adc \$0,$A0[0]
+ mul $a0 # a[4]*a[0]
+ add %rax,$A0[1] # a[4]*a[0]+a[3]*a[1]+t[4]
+ mov $ai,%rax # a[3]
+ adc %rdx,$A0[0]
+ mov $A0[1],($tptr,$j) # t[4]
+
+ mov 8($aptr,$j),$ai # a[5]
+ xor $A1[1],$A1[1]
+ add 8($tptr,$j),$A1[0]
+ adc \$0,$A1[1]
+ mul $a1 # a[4]*a[3]
+ add %rax,$A1[0] # a[4]*a[3]+t[5]
+ mov $ai,%rax
+ adc %rdx,$A1[1]
+
+ xor $A0[1],$A0[1]
+ add $A1[0],$A0[0]
+ lea 16($j),$j # j++
+ adc \$0,$A0[1]
+ mul $a0 # a[5]*a[2]
+ add %rax,$A0[0] # a[5]*a[2]+a[4]*a[3]+t[5]
+ mov $ai,%rax
+ adc %rdx,$A0[1]
+ mov $A0[0],-8($tptr,$j) # t[5], "preloaded t[1]" below
+
+ cmp \$0,$j
+ jne .Lsqr4x_inner
+
+ xor $A1[0],$A1[0]
+ add $A0[1],$A1[1]
+ adc \$0,$A1[0]
+ mul $a1 # a[5]*a[3]
+ add %rax,$A1[1]
+ adc %rdx,$A1[0]
+
+ mov $A1[1],($tptr) # t[6], "preloaded t[2]" below
+ mov $A1[0],8($tptr) # t[7], "preloaded t[3]" below
+
+ add \$16,$i
+ jnz .Lsqr4x_outer
+
+ # comments apply to $num==4 case
+ mov -32($aptr),$a0 # a[0]
+ lea 64(%rsp,$num,2),$tptr # end of tp[] buffer, &tp[2*$num]
+ mov -24($aptr),%rax # a[1]
+ lea -32($tptr,$i),$tptr # end of tp[] window, &tp[2*$num-"$i"]
+ mov -16($aptr),$ai # a[2]
+ mov %rax,$a1
+
+ xor $A0[1],$A0[1]
+ mul $a0 # a[1]*a[0]
+ add %rax,$A0[0] # a[1]*a[0]+t[1], preloaded t[1]
+ mov $ai,%rax # a[2]
+ adc %rdx,$A0[1]
+ mov $A0[0],-24($tptr) # t[1]
+
+ xor $A0[0],$A0[0]
+ add $A1[1],$A0[1] # a[2]*a[0]+t[2], preloaded t[2]
+ adc \$0,$A0[0]
+ mul $a0 # a[2]*a[0]
+ add %rax,$A0[1]
+ mov $ai,%rax
+ adc %rdx,$A0[0]
+ mov $A0[1],-16($tptr) # t[2]
+
+ mov -8($aptr),$ai # a[3]
+ mul $a1 # a[2]*a[1]
+ add %rax,$A1[0] # a[2]*a[1]+t[3], preloaded t[3]
+ mov $ai,%rax
+ adc \$0,%rdx
+
+ xor $A0[1],$A0[1]
+ add $A1[0],$A0[0]
+ mov %rdx,$A1[1]
+ adc \$0,$A0[1]
+ mul $a0 # a[3]*a[0]
+ add %rax,$A0[0] # a[3]*a[0]+a[2]*a[1]+t[3]
+ mov $ai,%rax
+ adc %rdx,$A0[1]
+ mov $A0[0],-8($tptr) # t[3]
+
+ xor $A1[0],$A1[0]
+ add $A0[1],$A1[1]
+ adc \$0,$A1[0]
+ mul $a1 # a[3]*a[1]
+ add %rax,$A1[1]
+ mov -16($aptr),%rax # a[2]
+ adc %rdx,$A1[0]
+
+ mov $A1[1],($tptr) # t[4]
+ mov $A1[0],8($tptr) # t[5]
+
+ mul $ai # a[2]*a[3]
+___
+{
+my ($shift,$carry)=($a0,$a1);
+my @S=(@A1,$ai,$n0);
+$code.=<<___;
+ add \$16,$i
+ xor $shift,$shift
+ sub $num,$i # $i=16-$num
+ xor $carry,$carry
+
+ add $A1[0],%rax # t[5]
+ adc \$0,%rdx
+ mov %rax,8($tptr) # t[5]
+ mov %rdx,16($tptr) # t[6]
+ mov $carry,24($tptr) # t[7]
+
+ mov -16($aptr,$i),%rax # a[0]
+ lea 64(%rsp,$num,2),$tptr
+ xor $A0[0],$A0[0] # t[0]
+ mov -24($tptr,$i,2),$A0[1] # t[1]
+
+ lea ($shift,$A0[0],2),$S[0] # t[2*i]<<1 | shift
+ shr \$63,$A0[0]
+ lea ($j,$A0[1],2),$S[1] # t[2*i+1]<<1 |
+ shr \$63,$A0[1]
+ or $A0[0],$S[1] # | t[2*i]>>63
+ mov -16($tptr,$i,2),$A0[0] # t[2*i+2] # prefetch
+ mov $A0[1],$shift # shift=t[2*i+1]>>63
+ mul %rax # a[i]*a[i]
+ neg $carry # mov $carry,cf
+ mov -8($tptr,$i,2),$A0[1] # t[2*i+2+1] # prefetch
+ adc %rax,$S[0]
+ mov -8($aptr,$i),%rax # a[i+1] # prefetch
+ mov $S[0],-32($tptr,$i,2)
+ adc %rdx,$S[1]
+
+ lea ($shift,$A0[0],2),$S[2] # t[2*i]<<1 | shift
+ mov $S[1],-24($tptr,$i,2)
+ sbb $carry,$carry # mov cf,$carry
+ shr \$63,$A0[0]
+ lea ($j,$A0[1],2),$S[3] # t[2*i+1]<<1 |
+ shr \$63,$A0[1]
+ or $A0[0],$S[3] # | t[2*i]>>63
+ mov 0($tptr,$i,2),$A0[0] # t[2*i+2] # prefetch
+ mov $A0[1],$shift # shift=t[2*i+1]>>63
+ mul %rax # a[i]*a[i]
+ neg $carry # mov $carry,cf
+ mov 8($tptr,$i,2),$A0[1] # t[2*i+2+1] # prefetch
+ adc %rax,$S[2]
+ mov 0($aptr,$i),%rax # a[i+1] # prefetch
+ mov $S[2],-16($tptr,$i,2)
+ adc %rdx,$S[3]
+ lea 16($i),$i
+ mov $S[3],-40($tptr,$i,2)
+ sbb $carry,$carry # mov cf,$carry
+ jmp .Lsqr4x_shift_n_add
+
+.align 16
+.Lsqr4x_shift_n_add:
+ lea ($shift,$A0[0],2),$S[0] # t[2*i]<<1 | shift
+ shr \$63,$A0[0]
+ lea ($j,$A0[1],2),$S[1] # t[2*i+1]<<1 |
+ shr \$63,$A0[1]
+ or $A0[0],$S[1] # | t[2*i]>>63
+ mov -16($tptr,$i,2),$A0[0] # t[2*i+2] # prefetch
+ mov $A0[1],$shift # shift=t[2*i+1]>>63
+ mul %rax # a[i]*a[i]
+ neg $carry # mov $carry,cf
+ mov -8($tptr,$i,2),$A0[1] # t[2*i+2+1] # prefetch
+ adc %rax,$S[0]
+ mov -8($aptr,$i),%rax # a[i+1] # prefetch
+ mov $S[0],-32($tptr,$i,2)
+ adc %rdx,$S[1]
+
+ lea ($shift,$A0[0],2),$S[2] # t[2*i]<<1 | shift
+ mov $S[1],-24($tptr,$i,2)
+ sbb $carry,$carry # mov cf,$carry
+ shr \$63,$A0[0]
+ lea ($j,$A0[1],2),$S[3] # t[2*i+1]<<1 |
+ shr \$63,$A0[1]
+ or $A0[0],$S[3] # | t[2*i]>>63
+ mov 0($tptr,$i,2),$A0[0] # t[2*i+2] # prefetch
+ mov $A0[1],$shift # shift=t[2*i+1]>>63
+ mul %rax # a[i]*a[i]
+ neg $carry # mov $carry,cf
+ mov 8($tptr,$i,2),$A0[1] # t[2*i+2+1] # prefetch
+ adc %rax,$S[2]
+ mov 0($aptr,$i),%rax # a[i+1] # prefetch
+ mov $S[2],-16($tptr,$i,2)
+ adc %rdx,$S[3]
+
+ lea ($shift,$A0[0],2),$S[0] # t[2*i]<<1 | shift
+ mov $S[3],-8($tptr,$i,2)
+ sbb $carry,$carry # mov cf,$carry
+ shr \$63,$A0[0]
+ lea ($j,$A0[1],2),$S[1] # t[2*i+1]<<1 |
+ shr \$63,$A0[1]
+ or $A0[0],$S[1] # | t[2*i]>>63
+ mov 16($tptr,$i,2),$A0[0] # t[2*i+2] # prefetch
+ mov $A0[1],$shift # shift=t[2*i+1]>>63
+ mul %rax # a[i]*a[i]
+ neg $carry # mov $carry,cf
+ mov 24($tptr,$i,2),$A0[1] # t[2*i+2+1] # prefetch
+ adc %rax,$S[0]
+ mov 8($aptr,$i),%rax # a[i+1] # prefetch
+ mov $S[0],0($tptr,$i,2)
+ adc %rdx,$S[1]
+
+ lea ($shift,$A0[0],2),$S[2] # t[2*i]<<1 | shift
+ mov $S[1],8($tptr,$i,2)
+ sbb $carry,$carry # mov cf,$carry
+ shr \$63,$A0[0]
+ lea ($j,$A0[1],2),$S[3] # t[2*i+1]<<1 |
+ shr \$63,$A0[1]
+ or $A0[0],$S[3] # | t[2*i]>>63
+ mov 32($tptr,$i,2),$A0[0] # t[2*i+2] # prefetch
+ mov $A0[1],$shift # shift=t[2*i+1]>>63
+ mul %rax # a[i]*a[i]
+ neg $carry # mov $carry,cf
+ mov 40($tptr,$i,2),$A0[1] # t[2*i+2+1] # prefetch
+ adc %rax,$S[2]
+ mov 16($aptr,$i),%rax # a[i+1] # prefetch
+ mov $S[2],16($tptr,$i,2)
+ adc %rdx,$S[3]
+ mov $S[3],24($tptr,$i,2)
+ sbb $carry,$carry # mov cf,$carry
+ add \$32,$i
+ jnz .Lsqr4x_shift_n_add
+
+ lea ($shift,$A0[0],2),$S[0] # t[2*i]<<1 | shift
+ shr \$63,$A0[0]
+ lea ($j,$A0[1],2),$S[1] # t[2*i+1]<<1 |
+ shr \$63,$A0[1]
+ or $A0[0],$S[1] # | t[2*i]>>63
+ mov -16($tptr),$A0[0] # t[2*i+2] # prefetch
+ mov $A0[1],$shift # shift=t[2*i+1]>>63
+ mul %rax # a[i]*a[i]
+ neg $carry # mov $carry,cf
+ mov -8($tptr),$A0[1] # t[2*i+2+1] # prefetch
+ adc %rax,$S[0]
+ mov -8($aptr),%rax # a[i+1] # prefetch
+ mov $S[0],-32($tptr)
+ adc %rdx,$S[1]
+
+ lea ($shift,$A0[0],2),$S[2] # t[2*i]<<1|shift
+ mov $S[1],-24($tptr)
+ sbb $carry,$carry # mov cf,$carry
+ shr \$63,$A0[0]
+ lea ($j,$A0[1],2),$S[3] # t[2*i+1]<<1 |
+ shr \$63,$A0[1]
+ or $A0[0],$S[3] # | t[2*i]>>63
+ mul %rax # a[i]*a[i]
+ neg $carry # mov $carry,cf
+ adc %rax,$S[2]
+ adc %rdx,$S[3]
+ mov $S[2],-16($tptr)
+ mov $S[3],-8($tptr)
+___
+}
+##############################################################
+# Montgomery reduction part, "word-by-word" algorithm.
+#
+{
+my ($topbit,$nptr)=("%rbp",$aptr);
+my ($m0,$m1)=($a0,$a1);
+my @Ni=("%rbx","%r9");
+$code.=<<___;
+ mov 40(%rsp),$nptr # restore $nptr
+ mov 48(%rsp),$n0 # restore *n0
+ xor $j,$j
+ mov $num,0(%rsp) # save $num
+ sub $num,$j # $j=-$num
+ mov 64(%rsp),$A0[0] # t[0] # modsched #
+ mov $n0,$m0 # # modsched #
+ lea 64(%rsp,$num,2),%rax # end of t[] buffer
+ lea 64(%rsp,$num),$tptr # end of t[] window
+ mov %rax,8(%rsp) # save end of t[] buffer
+ lea ($nptr,$num),$nptr # end of n[] buffer
+ xor $topbit,$topbit # $topbit=0
+
+ mov 0($nptr,$j),%rax # n[0] # modsched #
+ mov 8($nptr,$j),$Ni[1] # n[1] # modsched #
+ imulq $A0[0],$m0 # m0=t[0]*n0 # modsched #
+ mov %rax,$Ni[0] # # modsched #
+ jmp .Lsqr4x_mont_outer
+
+.align 16
+.Lsqr4x_mont_outer:
+ xor $A0[1],$A0[1]
+ mul $m0 # n[0]*m0
+ add %rax,$A0[0] # n[0]*m0+t[0]
+ mov $Ni[1],%rax
+ adc %rdx,$A0[1]
+ mov $n0,$m1
+
+ xor $A0[0],$A0[0]
+ add 8($tptr,$j),$A0[1]
+ adc \$0,$A0[0]
+ mul $m0 # n[1]*m0
+ add %rax,$A0[1] # n[1]*m0+t[1]
+ mov $Ni[0],%rax
+ adc %rdx,$A0[0]
+
+ imulq $A0[1],$m1
+
+ mov 16($nptr,$j),$Ni[0] # n[2]
+ xor $A1[1],$A1[1]
+ add $A0[1],$A1[0]
+ adc \$0,$A1[1]
+ mul $m1 # n[0]*m1
+ add %rax,$A1[0] # n[0]*m1+"t[1]"
+ mov $Ni[0],%rax
+ adc %rdx,$A1[1]
+ mov $A1[0],8($tptr,$j) # "t[1]"
+
+ xor $A0[1],$A0[1]
+ add 16($tptr,$j),$A0[0]
+ adc \$0,$A0[1]
+ mul $m0 # n[2]*m0
+ add %rax,$A0[0] # n[2]*m0+t[2]
+ mov $Ni[1],%rax
+ adc %rdx,$A0[1]
+
+ mov 24($nptr,$j),$Ni[1] # n[3]
+ xor $A1[0],$A1[0]
+ add $A0[0],$A1[1]
+ adc \$0,$A1[0]
+ mul $m1 # n[1]*m1
+ add %rax,$A1[1] # n[1]*m1+"t[2]"
+ mov $Ni[1],%rax
+ adc %rdx,$A1[0]
+ mov $A1[1],16($tptr,$j) # "t[2]"
+
+ xor $A0[0],$A0[0]
+ add 24($tptr,$j),$A0[1]
+ lea 32($j),$j
+ adc \$0,$A0[0]
+ mul $m0 # n[3]*m0
+ add %rax,$A0[1] # n[3]*m0+t[3]
+ mov $Ni[0],%rax
+ adc %rdx,$A0[0]
+ jmp .Lsqr4x_mont_inner
+
+.align 16
+.Lsqr4x_mont_inner:
+ mov ($nptr,$j),$Ni[0] # n[4]
+ xor $A1[1],$A1[1]
+ add $A0[1],$A1[0]
+ adc \$0,$A1[1]
+ mul $m1 # n[2]*m1
+ add %rax,$A1[0] # n[2]*m1+"t[3]"
+ mov $Ni[0],%rax
+ adc %rdx,$A1[1]
+ mov $A1[0],-8($tptr,$j) # "t[3]"
+
+ xor $A0[1],$A0[1]
+ add ($tptr,$j),$A0[0]
+ adc \$0,$A0[1]
+ mul $m0 # n[4]*m0
+ add %rax,$A0[0] # n[4]*m0+t[4]
+ mov $Ni[1],%rax
+ adc %rdx,$A0[1]
+
+ mov 8($nptr,$j),$Ni[1] # n[5]
+ xor $A1[0],$A1[0]
+ add $A0[0],$A1[1]
+ adc \$0,$A1[0]
+ mul $m1 # n[3]*m1
+ add %rax,$A1[1] # n[3]*m1+"t[4]"
+ mov $Ni[1],%rax
+ adc %rdx,$A1[0]
+ mov $A1[1],($tptr,$j) # "t[4]"
+
+ xor $A0[0],$A0[0]
+ add 8($tptr,$j),$A0[1]
+ adc \$0,$A0[0]
+ mul $m0 # n[5]*m0
+ add %rax,$A0[1] # n[5]*m0+t[5]
+ mov $Ni[0],%rax
+ adc %rdx,$A0[0]
+
+
+ mov 16($nptr,$j),$Ni[0] # n[6]
+ xor $A1[1],$A1[1]
+ add $A0[1],$A1[0]
+ adc \$0,$A1[1]
+ mul $m1 # n[4]*m1
+ add %rax,$A1[0] # n[4]*m1+"t[5]"
+ mov $Ni[0],%rax
+ adc %rdx,$A1[1]
+ mov $A1[0],8($tptr,$j) # "t[5]"
+
+ xor $A0[1],$A0[1]
+ add 16($tptr,$j),$A0[0]
+ adc \$0,$A0[1]
+ mul $m0 # n[6]*m0
+ add %rax,$A0[0] # n[6]*m0+t[6]
+ mov $Ni[1],%rax
+ adc %rdx,$A0[1]
+
+ mov 24($nptr,$j),$Ni[1] # n[7]
+ xor $A1[0],$A1[0]
+ add $A0[0],$A1[1]
+ adc \$0,$A1[0]
+ mul $m1 # n[5]*m1
+ add %rax,$A1[1] # n[5]*m1+"t[6]"
+ mov $Ni[1],%rax
+ adc %rdx,$A1[0]
+ mov $A1[1],16($tptr,$j) # "t[6]"
+
+ xor $A0[0],$A0[0]
+ add 24($tptr,$j),$A0[1]
+ lea 32($j),$j
+ adc \$0,$A0[0]
+ mul $m0 # n[7]*m0
+ add %rax,$A0[1] # n[7]*m0+t[7]
+ mov $Ni[0],%rax
+ adc %rdx,$A0[0]
+ cmp \$0,$j
+ jne .Lsqr4x_mont_inner
+
+ sub 0(%rsp),$j # $j=-$num # modsched #
+ mov $n0,$m0 # # modsched #
+
+ xor $A1[1],$A1[1]
+ add $A0[1],$A1[0]
+ adc \$0,$A1[1]
+ mul $m1 # n[6]*m1
+ add %rax,$A1[0] # n[6]*m1+"t[7]"
+ mov $Ni[1],%rax
+ adc %rdx,$A1[1]
+ mov $A1[0],-8($tptr) # "t[7]"
+
+ xor $A0[1],$A0[1]
+ add ($tptr),$A0[0] # +t[8]
+ adc \$0,$A0[1]
+ mov 0($nptr,$j),$Ni[0] # n[0] # modsched #
+ add $topbit,$A0[0]
+ adc \$0,$A0[1]
+
+ imulq 16($tptr,$j),$m0 # m0=t[0]*n0 # modsched #
+ xor $A1[0],$A1[0]
+ mov 8($nptr,$j),$Ni[1] # n[1] # modsched #
+ add $A0[0],$A1[1]
+ mov 16($tptr,$j),$A0[0] # t[0] # modsched #
+ adc \$0,$A1[0]
+ mul $m1 # n[7]*m1
+ add %rax,$A1[1] # n[7]*m1+"t[8]"
+ mov $Ni[0],%rax # # modsched #
+ adc %rdx,$A1[0]
+ mov $A1[1],($tptr) # "t[8]"
+
+ xor $topbit,$topbit
+ add 8($tptr),$A1[0] # +t[9]
+ adc $topbit,$topbit
+ add $A0[1],$A1[0]
+ lea 16($tptr),$tptr # "t[$num]>>128"
+ adc \$0,$topbit
+ mov $A1[0],-8($tptr) # "t[9]"
+ cmp 8(%rsp),$tptr # are we done?
+ jb .Lsqr4x_mont_outer
+
+ mov 0(%rsp),$num # restore $num
+ mov $topbit,($tptr) # save $topbit
+___
+}
+##############################################################
+# Post-condition, 4x unrolled copy from bn_mul_mont
+#
+{
+my ($tptr,$nptr)=("%rbx",$aptr);
+my @ri=("%rax","%rdx","%r10","%r11");
+$code.=<<___;
+ mov 64(%rsp,$num), at ri[0] # tp[0]
+ lea 64(%rsp,$num),$tptr # upper half of t[2*$num] holds result
+ mov 40(%rsp),$nptr # restore $nptr
+ shr \$5,$num # num/4
+ mov 8($tptr), at ri[1] # t[1]
+ xor $i,$i # i=0 and clear CF!
+
+ mov 32(%rsp),$rptr # restore $rptr
+ sub 0($nptr), at ri[0]
+ mov 16($tptr), at ri[2] # t[2]
+ mov 24($tptr), at ri[3] # t[3]
+ sbb 8($nptr), at ri[1]
+ lea -1($num),$j # j=num/4-1
+ jmp .Lsqr4x_sub
+.align 16
+.Lsqr4x_sub:
+ mov @ri[0],0($rptr,$i,8) # rp[i]=tp[i]-np[i]
+ mov @ri[1],8($rptr,$i,8) # rp[i]=tp[i]-np[i]
+ sbb 16($nptr,$i,8), at ri[2]
+ mov 32($tptr,$i,8), at ri[0] # tp[i+1]
+ mov 40($tptr,$i,8), at ri[1]
+ sbb 24($nptr,$i,8), at ri[3]
+ mov @ri[2],16($rptr,$i,8) # rp[i]=tp[i]-np[i]
+ mov @ri[3],24($rptr,$i,8) # rp[i]=tp[i]-np[i]
+ sbb 32($nptr,$i,8), at ri[0]
+ mov 48($tptr,$i,8), at ri[2]
+ mov 56($tptr,$i,8), at ri[3]
+ sbb 40($nptr,$i,8), at ri[1]
+ lea 4($i),$i # i++
+ dec $j # doesn't affect CF!
+ jnz .Lsqr4x_sub
+
+ mov @ri[0],0($rptr,$i,8) # rp[i]=tp[i]-np[i]
+ mov 32($tptr,$i,8), at ri[0] # load overflow bit
+ sbb 16($nptr,$i,8), at ri[2]
+ mov @ri[1],8($rptr,$i,8) # rp[i]=tp[i]-np[i]
+ sbb 24($nptr,$i,8), at ri[3]
+ mov @ri[2],16($rptr,$i,8) # rp[i]=tp[i]-np[i]
+
+ sbb \$0, at ri[0] # handle upmost overflow bit
+ mov @ri[3],24($rptr,$i,8) # rp[i]=tp[i]-np[i]
+ xor $i,$i # i=0
+ and @ri[0],$tptr
+ not @ri[0]
+ mov $rptr,$nptr
+ and @ri[0],$nptr
+ lea -1($num),$j
+ or $nptr,$tptr # tp=borrow?tp:rp
+
+ pxor %xmm0,%xmm0
+ lea 64(%rsp,$num,8),$nptr
+ movdqu ($tptr),%xmm1
+ lea ($nptr,$num,8),$nptr
+ movdqa %xmm0,64(%rsp) # zap lower half of temporary vector
+ movdqa %xmm0,($nptr) # zap upper half of temporary vector
+ movdqu %xmm1,($rptr)
+ jmp .Lsqr4x_copy
+.align 16
+.Lsqr4x_copy: # copy or in-place refresh
+ movdqu 16($tptr,$i),%xmm2
+ movdqu 32($tptr,$i),%xmm1
+ movdqa %xmm0,80(%rsp,$i) # zap lower half of temporary vector
+ movdqa %xmm0,96(%rsp,$i) # zap lower half of temporary vector
+ movdqa %xmm0,16($nptr,$i) # zap upper half of temporary vector
+ movdqa %xmm0,32($nptr,$i) # zap upper half of temporary vector
+ movdqu %xmm2,16($rptr,$i)
+ movdqu %xmm1,32($rptr,$i)
+ lea 32($i),$i
+ dec $j
+ jnz .Lsqr4x_copy
+
+ movdqu 16($tptr,$i),%xmm2
+ movdqa %xmm0,80(%rsp,$i) # zap lower half of temporary vector
+ movdqa %xmm0,16($nptr,$i) # zap upper half of temporary vector
+ movdqu %xmm2,16($rptr,$i)
+___
+}
+$code.=<<___;
+ mov 56(%rsp),%rsi # restore %rsp
+ mov \$1,%rax
+ mov 0(%rsi),%r15
+ mov 8(%rsi),%r14
+ mov 16(%rsi),%r13
+ mov 24(%rsi),%r12
+ mov 32(%rsi),%rbp
+ mov 40(%rsi),%rbx
+ lea 48(%rsi),%rsp
+.Lsqr4x_epilogue:
+ ret
+.size bn_sqr4x_mont,.-bn_sqr4x_mont
+___
+}}}
+$code.=<<___;
+.asciz "Montgomery Multiplication for x86_64, CRYPTOGAMS by <appro\@openssl.org>"
+.align 16
+___
+
+# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
+# CONTEXT *context,DISPATCHER_CONTEXT *disp)
+if ($win64) {
+$rec="%rcx";
+$frame="%rdx";
+$context="%r8";
+$disp="%r9";
+
+$code.=<<___;
+.extern __imp_RtlVirtualUnwind
+.type mul_handler,\@abi-omnipotent
+.align 16
+mul_handler:
+ push %rsi
+ push %rdi
+ push %rbx
+ push %rbp
+ push %r12
+ push %r13
+ push %r14
+ push %r15
+ pushfq
+ sub \$64,%rsp
+
+ mov 120($context),%rax # pull context->Rax
+ mov 248($context),%rbx # pull context->Rip
+
+ mov 8($disp),%rsi # disp->ImageBase
+ mov 56($disp),%r11 # disp->HandlerData
+
+ mov 0(%r11),%r10d # HandlerData[0]
+ lea (%rsi,%r10),%r10 # end of prologue label
+ cmp %r10,%rbx # context->Rip<end of prologue label
+ jb .Lcommon_seh_tail
+
+ mov 152($context),%rax # pull context->Rsp
+
+ mov 4(%r11),%r10d # HandlerData[1]
+ lea (%rsi,%r10),%r10 # epilogue label
+ cmp %r10,%rbx # context->Rip>=epilogue label
+ jae .Lcommon_seh_tail
+
+ mov 192($context),%r10 # pull $num
+ mov 8(%rax,%r10,8),%rax # pull saved stack pointer
+ lea 48(%rax),%rax
+
+ mov -8(%rax),%rbx
+ mov -16(%rax),%rbp
+ mov -24(%rax),%r12
+ mov -32(%rax),%r13
+ mov -40(%rax),%r14
+ mov -48(%rax),%r15
+ mov %rbx,144($context) # restore context->Rbx
+ mov %rbp,160($context) # restore context->Rbp
+ mov %r12,216($context) # restore context->R12
+ mov %r13,224($context) # restore context->R13
+ mov %r14,232($context) # restore context->R14
+ mov %r15,240($context) # restore context->R15
+
+ jmp .Lcommon_seh_tail
+.size mul_handler,.-mul_handler
+
+.type sqr_handler,\@abi-omnipotent
+.align 16
+sqr_handler:
+ push %rsi
+ push %rdi
+ push %rbx
+ push %rbp
+ push %r12
+ push %r13
+ push %r14
+ push %r15
+ pushfq
+ sub \$64,%rsp
+
+ mov 120($context),%rax # pull context->Rax
+ mov 248($context),%rbx # pull context->Rip
+
+ lea .Lsqr4x_body(%rip),%r10
+ cmp %r10,%rbx # context->Rip<.Lsqr_body
+ jb .Lcommon_seh_tail
+
+ mov 152($context),%rax # pull context->Rsp
+
+ lea .Lsqr4x_epilogue(%rip),%r10
+ cmp %r10,%rbx # context->Rip>=.Lsqr_epilogue
+ jae .Lcommon_seh_tail
+
+ mov 56(%rax),%rax # pull saved stack pointer
+ lea 48(%rax),%rax
+
+ mov -8(%rax),%rbx
+ mov -16(%rax),%rbp
+ mov -24(%rax),%r12
+ mov -32(%rax),%r13
+ mov -40(%rax),%r14
+ mov -48(%rax),%r15
+ mov %rbx,144($context) # restore context->Rbx
+ mov %rbp,160($context) # restore context->Rbp
+ mov %r12,216($context) # restore context->R12
+ mov %r13,224($context) # restore context->R13
+ mov %r14,232($context) # restore context->R14
+ mov %r15,240($context) # restore context->R15
+
+.Lcommon_seh_tail:
+ mov 8(%rax),%rdi
+ mov 16(%rax),%rsi
+ mov %rax,152($context) # restore context->Rsp
+ mov %rsi,168($context) # restore context->Rsi
+ mov %rdi,176($context) # restore context->Rdi
+
+ mov 40($disp),%rdi # disp->ContextRecord
+ mov $context,%rsi # context
+ mov \$154,%ecx # sizeof(CONTEXT)
+ .long 0xa548f3fc # cld; rep movsq
+
+ mov $disp,%rsi
+ xor %rcx,%rcx # arg1, UNW_FLAG_NHANDLER
+ mov 8(%rsi),%rdx # arg2, disp->ImageBase
+ mov 0(%rsi),%r8 # arg3, disp->ControlPc
+ mov 16(%rsi),%r9 # arg4, disp->FunctionEntry
+ mov 40(%rsi),%r10 # disp->ContextRecord
+ lea 56(%rsi),%r11 # &disp->HandlerData
+ lea 24(%rsi),%r12 # &disp->EstablisherFrame
+ mov %r10,32(%rsp) # arg5
+ mov %r11,40(%rsp) # arg6
+ mov %r12,48(%rsp) # arg7
+ mov %rcx,56(%rsp) # arg8, (NULL)
+ call *__imp_RtlVirtualUnwind(%rip)
+
+ mov \$1,%eax # ExceptionContinueSearch
+ add \$64,%rsp
+ popfq
pop %r15
pop %r14
pop %r13
@@ -205,10 +1642,40 @@
pop %r12
pop %rbp
pop %rbx
+ pop %rdi
+ pop %rsi
ret
-.size bn_mul_mont,.-bn_mul_mont
-.asciz "Montgomery Multiplication for x86_64, CRYPTOGAMS by <appro\@openssl.org>"
+.size sqr_handler,.-sqr_handler
+
+.section .pdata
+.align 4
+ .rva .LSEH_begin_bn_mul_mont
+ .rva .LSEH_end_bn_mul_mont
+ .rva .LSEH_info_bn_mul_mont
+
+ .rva .LSEH_begin_bn_mul4x_mont
+ .rva .LSEH_end_bn_mul4x_mont
+ .rva .LSEH_info_bn_mul4x_mont
+
+ .rva .LSEH_begin_bn_sqr4x_mont
+ .rva .LSEH_end_bn_sqr4x_mont
+ .rva .LSEH_info_bn_sqr4x_mont
+
+.section .xdata
+.align 8
+.LSEH_info_bn_mul_mont:
+ .byte 9,0,0,0
+ .rva mul_handler
+ .rva .Lmul_body,.Lmul_epilogue # HandlerData[]
+.LSEH_info_bn_mul4x_mont:
+ .byte 9,0,0,0
+ .rva mul_handler
+ .rva .Lmul4x_body,.Lmul4x_epilogue # HandlerData[]
+.LSEH_info_bn_sqr4x_mont:
+ .byte 9,0,0,0
+ .rva sqr_handler
___
+}
print $code;
close STDOUT;
Copied: trunk/crypto/openssl/crypto/bn/asm/x86_64-mont5.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/bn/asm/x86_64-mont5.pl)
===================================================================
--- trunk/crypto/openssl/crypto/bn/asm/x86_64-mont5.pl (rev 0)
+++ trunk/crypto/openssl/crypto/bn/asm/x86_64-mont5.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,1071 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# August 2011.
+#
+# Companion to x86_64-mont.pl that optimizes cache-timing attack
+# countermeasures. The subroutines are produced by replacing bp[i]
+# references in their x86_64-mont.pl counterparts with cache-neutral
+# references to powers table computed in BN_mod_exp_mont_consttime.
+# In addition subroutine that scatters elements of the powers table
+# is implemented, so that scatter-/gathering can be tuned without
+# bn_exp.c modifications.
+
+$flavour = shift;
+$output = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+
+$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
+die "can't locate x86_64-xlate.pl";
+
+open OUT,"| \"$^X\" $xlate $flavour $output";
+*STDOUT=*OUT;
+
+# int bn_mul_mont_gather5(
+$rp="%rdi"; # BN_ULONG *rp,
+$ap="%rsi"; # const BN_ULONG *ap,
+$bp="%rdx"; # const BN_ULONG *bp,
+$np="%rcx"; # const BN_ULONG *np,
+$n0="%r8"; # const BN_ULONG *n0,
+$num="%r9"; # int num,
+ # int idx); # 0 to 2^5-1, "index" in $bp holding
+ # pre-computed powers of a', interlaced
+ # in such manner that b[0] is $bp[idx],
+ # b[1] is [2^5+idx], etc.
+$lo0="%r10";
+$hi0="%r11";
+$hi1="%r13";
+$i="%r14";
+$j="%r15";
+$m0="%rbx";
+$m1="%rbp";
+
+$code=<<___;
+.text
+
+.globl bn_mul_mont_gather5
+.type bn_mul_mont_gather5,\@function,6
+.align 64
+bn_mul_mont_gather5:
+ test \$3,${num}d
+ jnz .Lmul_enter
+ cmp \$8,${num}d
+ jb .Lmul_enter
+ jmp .Lmul4x_enter
+
+.align 16
+.Lmul_enter:
+ mov ${num}d,${num}d
+ mov `($win64?56:8)`(%rsp),%r10d # load 7th argument
+ push %rbx
+ push %rbp
+ push %r12
+ push %r13
+ push %r14
+ push %r15
+___
+$code.=<<___ if ($win64);
+ lea -0x28(%rsp),%rsp
+ movaps %xmm6,(%rsp)
+ movaps %xmm7,0x10(%rsp)
+.Lmul_alloca:
+___
+$code.=<<___;
+ mov %rsp,%rax
+ lea 2($num),%r11
+ neg %r11
+ lea (%rsp,%r11,8),%rsp # tp=alloca(8*(num+2))
+ and \$-1024,%rsp # minimize TLB usage
+
+ mov %rax,8(%rsp,$num,8) # tp[num+1]=%rsp
+.Lmul_body:
+ mov $bp,%r12 # reassign $bp
+___
+ $bp="%r12";
+ $STRIDE=2**5*8; # 5 is "window size"
+ $N=$STRIDE/4; # should match cache line size
+$code.=<<___;
+ mov %r10,%r11
+ shr \$`log($N/8)/log(2)`,%r10
+ and \$`$N/8-1`,%r11
+ not %r10
+ lea .Lmagic_masks(%rip),%rax
+ and \$`2**5/($N/8)-1`,%r10 # 5 is "window size"
+ lea 96($bp,%r11,8),$bp # pointer within 1st cache line
+ movq 0(%rax,%r10,8),%xmm4 # set of masks denoting which
+ movq 8(%rax,%r10,8),%xmm5 # cache line contains element
+ movq 16(%rax,%r10,8),%xmm6 # denoted by 7th argument
+ movq 24(%rax,%r10,8),%xmm7
+
+ movq `0*$STRIDE/4-96`($bp),%xmm0
+ movq `1*$STRIDE/4-96`($bp),%xmm1
+ pand %xmm4,%xmm0
+ movq `2*$STRIDE/4-96`($bp),%xmm2
+ pand %xmm5,%xmm1
+ movq `3*$STRIDE/4-96`($bp),%xmm3
+ pand %xmm6,%xmm2
+ por %xmm1,%xmm0
+ pand %xmm7,%xmm3
+ por %xmm2,%xmm0
+ lea $STRIDE($bp),$bp
+ por %xmm3,%xmm0
+
+ movq %xmm0,$m0 # m0=bp[0]
+
+ mov ($n0),$n0 # pull n0[0] value
+ mov ($ap),%rax
+
+ xor $i,$i # i=0
+ xor $j,$j # j=0
+
+ movq `0*$STRIDE/4-96`($bp),%xmm0
+ movq `1*$STRIDE/4-96`($bp),%xmm1
+ pand %xmm4,%xmm0
+ movq `2*$STRIDE/4-96`($bp),%xmm2
+ pand %xmm5,%xmm1
+
+ mov $n0,$m1
+ mulq $m0 # ap[0]*bp[0]
+ mov %rax,$lo0
+ mov ($np),%rax
+
+ movq `3*$STRIDE/4-96`($bp),%xmm3
+ pand %xmm6,%xmm2
+ por %xmm1,%xmm0
+ pand %xmm7,%xmm3
+
+ imulq $lo0,$m1 # "tp[0]"*n0
+ mov %rdx,$hi0
+
+ por %xmm2,%xmm0
+ lea $STRIDE($bp),$bp
+ por %xmm3,%xmm0
+
+ mulq $m1 # np[0]*m1
+ add %rax,$lo0 # discarded
+ mov 8($ap),%rax
+ adc \$0,%rdx
+ mov %rdx,$hi1
+
+ lea 1($j),$j # j++
+ jmp .L1st_enter
+
+.align 16
+.L1st:
+ add %rax,$hi1
+ mov ($ap,$j,8),%rax
+ adc \$0,%rdx
+ add $hi0,$hi1 # np[j]*m1+ap[j]*bp[0]
+ mov $lo0,$hi0
+ adc \$0,%rdx
+ mov $hi1,-16(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$hi1
+
+.L1st_enter:
+ mulq $m0 # ap[j]*bp[0]
+ add %rax,$hi0
+ mov ($np,$j,8),%rax
+ adc \$0,%rdx
+ lea 1($j),$j # j++
+ mov %rdx,$lo0
+
+ mulq $m1 # np[j]*m1
+ cmp $num,$j
+ jne .L1st
+
+ movq %xmm0,$m0 # bp[1]
+
+ add %rax,$hi1
+ mov ($ap),%rax # ap[0]
+ adc \$0,%rdx
+ add $hi0,$hi1 # np[j]*m1+ap[j]*bp[0]
+ adc \$0,%rdx
+ mov $hi1,-16(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$hi1
+ mov $lo0,$hi0
+
+ xor %rdx,%rdx
+ add $hi0,$hi1
+ adc \$0,%rdx
+ mov $hi1,-8(%rsp,$num,8)
+ mov %rdx,(%rsp,$num,8) # store upmost overflow bit
+
+ lea 1($i),$i # i++
+ jmp .Louter
+.align 16
+.Louter:
+ xor $j,$j # j=0
+ mov $n0,$m1
+ mov (%rsp),$lo0
+
+ movq `0*$STRIDE/4-96`($bp),%xmm0
+ movq `1*$STRIDE/4-96`($bp),%xmm1
+ pand %xmm4,%xmm0
+ movq `2*$STRIDE/4-96`($bp),%xmm2
+ pand %xmm5,%xmm1
+
+ mulq $m0 # ap[0]*bp[i]
+ add %rax,$lo0 # ap[0]*bp[i]+tp[0]
+ mov ($np),%rax
+ adc \$0,%rdx
+
+ movq `3*$STRIDE/4-96`($bp),%xmm3
+ pand %xmm6,%xmm2
+ por %xmm1,%xmm0
+ pand %xmm7,%xmm3
+
+ imulq $lo0,$m1 # tp[0]*n0
+ mov %rdx,$hi0
+
+ por %xmm2,%xmm0
+ lea $STRIDE($bp),$bp
+ por %xmm3,%xmm0
+
+ mulq $m1 # np[0]*m1
+ add %rax,$lo0 # discarded
+ mov 8($ap),%rax
+ adc \$0,%rdx
+ mov 8(%rsp),$lo0 # tp[1]
+ mov %rdx,$hi1
+
+ lea 1($j),$j # j++
+ jmp .Linner_enter
+
+.align 16
+.Linner:
+ add %rax,$hi1
+ mov ($ap,$j,8),%rax
+ adc \$0,%rdx
+ add $lo0,$hi1 # np[j]*m1+ap[j]*bp[i]+tp[j]
+ mov (%rsp,$j,8),$lo0
+ adc \$0,%rdx
+ mov $hi1,-16(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$hi1
+
+.Linner_enter:
+ mulq $m0 # ap[j]*bp[i]
+ add %rax,$hi0
+ mov ($np,$j,8),%rax
+ adc \$0,%rdx
+ add $hi0,$lo0 # ap[j]*bp[i]+tp[j]
+ mov %rdx,$hi0
+ adc \$0,$hi0
+ lea 1($j),$j # j++
+
+ mulq $m1 # np[j]*m1
+ cmp $num,$j
+ jne .Linner
+
+ movq %xmm0,$m0 # bp[i+1]
+
+ add %rax,$hi1
+ mov ($ap),%rax # ap[0]
+ adc \$0,%rdx
+ add $lo0,$hi1 # np[j]*m1+ap[j]*bp[i]+tp[j]
+ mov (%rsp,$j,8),$lo0
+ adc \$0,%rdx
+ mov $hi1,-16(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$hi1
+
+ xor %rdx,%rdx
+ add $hi0,$hi1
+ adc \$0,%rdx
+ add $lo0,$hi1 # pull upmost overflow bit
+ adc \$0,%rdx
+ mov $hi1,-8(%rsp,$num,8)
+ mov %rdx,(%rsp,$num,8) # store upmost overflow bit
+
+ lea 1($i),$i # i++
+ cmp $num,$i
+ jl .Louter
+
+ xor $i,$i # i=0 and clear CF!
+ mov (%rsp),%rax # tp[0]
+ lea (%rsp),$ap # borrow ap for tp
+ mov $num,$j # j=num
+ jmp .Lsub
+.align 16
+.Lsub: sbb ($np,$i,8),%rax
+ mov %rax,($rp,$i,8) # rp[i]=tp[i]-np[i]
+ mov 8($ap,$i,8),%rax # tp[i+1]
+ lea 1($i),$i # i++
+ dec $j # doesnn't affect CF!
+ jnz .Lsub
+
+ sbb \$0,%rax # handle upmost overflow bit
+ xor $i,$i
+ and %rax,$ap
+ not %rax
+ mov $rp,$np
+ and %rax,$np
+ mov $num,$j # j=num
+ or $np,$ap # ap=borrow?tp:rp
+.align 16
+.Lcopy: # copy or in-place refresh
+ mov ($ap,$i,8),%rax
+ mov $i,(%rsp,$i,8) # zap temporary vector
+ mov %rax,($rp,$i,8) # rp[i]=tp[i]
+ lea 1($i),$i
+ sub \$1,$j
+ jnz .Lcopy
+
+ mov 8(%rsp,$num,8),%rsi # restore %rsp
+ mov \$1,%rax
+___
+$code.=<<___ if ($win64);
+ movaps (%rsi),%xmm6
+ movaps 0x10(%rsi),%xmm7
+ lea 0x28(%rsi),%rsi
+___
+$code.=<<___;
+ mov (%rsi),%r15
+ mov 8(%rsi),%r14
+ mov 16(%rsi),%r13
+ mov 24(%rsi),%r12
+ mov 32(%rsi),%rbp
+ mov 40(%rsi),%rbx
+ lea 48(%rsi),%rsp
+.Lmul_epilogue:
+ ret
+.size bn_mul_mont_gather5,.-bn_mul_mont_gather5
+___
+{{{
+my @A=("%r10","%r11");
+my @N=("%r13","%rdi");
+$code.=<<___;
+.type bn_mul4x_mont_gather5,\@function,6
+.align 16
+bn_mul4x_mont_gather5:
+.Lmul4x_enter:
+ mov ${num}d,${num}d
+ mov `($win64?56:8)`(%rsp),%r10d # load 7th argument
+ push %rbx
+ push %rbp
+ push %r12
+ push %r13
+ push %r14
+ push %r15
+___
+$code.=<<___ if ($win64);
+ lea -0x28(%rsp),%rsp
+ movaps %xmm6,(%rsp)
+ movaps %xmm7,0x10(%rsp)
+.Lmul4x_alloca:
+___
+$code.=<<___;
+ mov %rsp,%rax
+ lea 4($num),%r11
+ neg %r11
+ lea (%rsp,%r11,8),%rsp # tp=alloca(8*(num+4))
+ and \$-1024,%rsp # minimize TLB usage
+
+ mov %rax,8(%rsp,$num,8) # tp[num+1]=%rsp
+.Lmul4x_body:
+ mov $rp,16(%rsp,$num,8) # tp[num+2]=$rp
+ mov %rdx,%r12 # reassign $bp
+___
+ $bp="%r12";
+ $STRIDE=2**5*8; # 5 is "window size"
+ $N=$STRIDE/4; # should match cache line size
+$code.=<<___;
+ mov %r10,%r11
+ shr \$`log($N/8)/log(2)`,%r10
+ and \$`$N/8-1`,%r11
+ not %r10
+ lea .Lmagic_masks(%rip),%rax
+ and \$`2**5/($N/8)-1`,%r10 # 5 is "window size"
+ lea 96($bp,%r11,8),$bp # pointer within 1st cache line
+ movq 0(%rax,%r10,8),%xmm4 # set of masks denoting which
+ movq 8(%rax,%r10,8),%xmm5 # cache line contains element
+ movq 16(%rax,%r10,8),%xmm6 # denoted by 7th argument
+ movq 24(%rax,%r10,8),%xmm7
+
+ movq `0*$STRIDE/4-96`($bp),%xmm0
+ movq `1*$STRIDE/4-96`($bp),%xmm1
+ pand %xmm4,%xmm0
+ movq `2*$STRIDE/4-96`($bp),%xmm2
+ pand %xmm5,%xmm1
+ movq `3*$STRIDE/4-96`($bp),%xmm3
+ pand %xmm6,%xmm2
+ por %xmm1,%xmm0
+ pand %xmm7,%xmm3
+ por %xmm2,%xmm0
+ lea $STRIDE($bp),$bp
+ por %xmm3,%xmm0
+
+ movq %xmm0,$m0 # m0=bp[0]
+ mov ($n0),$n0 # pull n0[0] value
+ mov ($ap),%rax
+
+ xor $i,$i # i=0
+ xor $j,$j # j=0
+
+ movq `0*$STRIDE/4-96`($bp),%xmm0
+ movq `1*$STRIDE/4-96`($bp),%xmm1
+ pand %xmm4,%xmm0
+ movq `2*$STRIDE/4-96`($bp),%xmm2
+ pand %xmm5,%xmm1
+
+ mov $n0,$m1
+ mulq $m0 # ap[0]*bp[0]
+ mov %rax,$A[0]
+ mov ($np),%rax
+
+ movq `3*$STRIDE/4-96`($bp),%xmm3
+ pand %xmm6,%xmm2
+ por %xmm1,%xmm0
+ pand %xmm7,%xmm3
+
+ imulq $A[0],$m1 # "tp[0]"*n0
+ mov %rdx,$A[1]
+
+ por %xmm2,%xmm0
+ lea $STRIDE($bp),$bp
+ por %xmm3,%xmm0
+
+ mulq $m1 # np[0]*m1
+ add %rax,$A[0] # discarded
+ mov 8($ap),%rax
+ adc \$0,%rdx
+ mov %rdx,$N[1]
+
+ mulq $m0
+ add %rax,$A[1]
+ mov 8($np),%rax
+ adc \$0,%rdx
+ mov %rdx,$A[0]
+
+ mulq $m1
+ add %rax,$N[1]
+ mov 16($ap),%rax
+ adc \$0,%rdx
+ add $A[1],$N[1]
+ lea 4($j),$j # j++
+ adc \$0,%rdx
+ mov $N[1],(%rsp)
+ mov %rdx,$N[0]
+ jmp .L1st4x
+.align 16
+.L1st4x:
+ mulq $m0 # ap[j]*bp[0]
+ add %rax,$A[0]
+ mov -16($np,$j,8),%rax
+ adc \$0,%rdx
+ mov %rdx,$A[1]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[0]
+ mov -8($ap,$j,8),%rax
+ adc \$0,%rdx
+ add $A[0],$N[0] # np[j]*m1+ap[j]*bp[0]
+ adc \$0,%rdx
+ mov $N[0],-24(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[1]
+
+ mulq $m0 # ap[j]*bp[0]
+ add %rax,$A[1]
+ mov -8($np,$j,8),%rax
+ adc \$0,%rdx
+ mov %rdx,$A[0]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[1]
+ mov ($ap,$j,8),%rax
+ adc \$0,%rdx
+ add $A[1],$N[1] # np[j]*m1+ap[j]*bp[0]
+ adc \$0,%rdx
+ mov $N[1],-16(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[0]
+
+ mulq $m0 # ap[j]*bp[0]
+ add %rax,$A[0]
+ mov ($np,$j,8),%rax
+ adc \$0,%rdx
+ mov %rdx,$A[1]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[0]
+ mov 8($ap,$j,8),%rax
+ adc \$0,%rdx
+ add $A[0],$N[0] # np[j]*m1+ap[j]*bp[0]
+ adc \$0,%rdx
+ mov $N[0],-8(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[1]
+
+ mulq $m0 # ap[j]*bp[0]
+ add %rax,$A[1]
+ mov 8($np,$j,8),%rax
+ adc \$0,%rdx
+ lea 4($j),$j # j++
+ mov %rdx,$A[0]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[1]
+ mov -16($ap,$j,8),%rax
+ adc \$0,%rdx
+ add $A[1],$N[1] # np[j]*m1+ap[j]*bp[0]
+ adc \$0,%rdx
+ mov $N[1],-32(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[0]
+ cmp $num,$j
+ jl .L1st4x
+
+ mulq $m0 # ap[j]*bp[0]
+ add %rax,$A[0]
+ mov -16($np,$j,8),%rax
+ adc \$0,%rdx
+ mov %rdx,$A[1]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[0]
+ mov -8($ap,$j,8),%rax
+ adc \$0,%rdx
+ add $A[0],$N[0] # np[j]*m1+ap[j]*bp[0]
+ adc \$0,%rdx
+ mov $N[0],-24(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[1]
+
+ mulq $m0 # ap[j]*bp[0]
+ add %rax,$A[1]
+ mov -8($np,$j,8),%rax
+ adc \$0,%rdx
+ mov %rdx,$A[0]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[1]
+ mov ($ap),%rax # ap[0]
+ adc \$0,%rdx
+ add $A[1],$N[1] # np[j]*m1+ap[j]*bp[0]
+ adc \$0,%rdx
+ mov $N[1],-16(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[0]
+
+ movq %xmm0,$m0 # bp[1]
+
+ xor $N[1],$N[1]
+ add $A[0],$N[0]
+ adc \$0,$N[1]
+ mov $N[0],-8(%rsp,$j,8)
+ mov $N[1],(%rsp,$j,8) # store upmost overflow bit
+
+ lea 1($i),$i # i++
+.align 4
+.Louter4x:
+ xor $j,$j # j=0
+ movq `0*$STRIDE/4-96`($bp),%xmm0
+ movq `1*$STRIDE/4-96`($bp),%xmm1
+ pand %xmm4,%xmm0
+ movq `2*$STRIDE/4-96`($bp),%xmm2
+ pand %xmm5,%xmm1
+
+ mov (%rsp),$A[0]
+ mov $n0,$m1
+ mulq $m0 # ap[0]*bp[i]
+ add %rax,$A[0] # ap[0]*bp[i]+tp[0]
+ mov ($np),%rax
+ adc \$0,%rdx
+
+ movq `3*$STRIDE/4-96`($bp),%xmm3
+ pand %xmm6,%xmm2
+ por %xmm1,%xmm0
+ pand %xmm7,%xmm3
+
+ imulq $A[0],$m1 # tp[0]*n0
+ mov %rdx,$A[1]
+
+ por %xmm2,%xmm0
+ lea $STRIDE($bp),$bp
+ por %xmm3,%xmm0
+
+ mulq $m1 # np[0]*m1
+ add %rax,$A[0] # "$N[0]", discarded
+ mov 8($ap),%rax
+ adc \$0,%rdx
+ mov %rdx,$N[1]
+
+ mulq $m0 # ap[j]*bp[i]
+ add %rax,$A[1]
+ mov 8($np),%rax
+ adc \$0,%rdx
+ add 8(%rsp),$A[1] # +tp[1]
+ adc \$0,%rdx
+ mov %rdx,$A[0]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[1]
+ mov 16($ap),%rax
+ adc \$0,%rdx
+ add $A[1],$N[1] # np[j]*m1+ap[j]*bp[i]+tp[j]
+ lea 4($j),$j # j+=2
+ adc \$0,%rdx
+ mov %rdx,$N[0]
+ jmp .Linner4x
+.align 16
+.Linner4x:
+ mulq $m0 # ap[j]*bp[i]
+ add %rax,$A[0]
+ mov -16($np,$j,8),%rax
+ adc \$0,%rdx
+ add -16(%rsp,$j,8),$A[0] # ap[j]*bp[i]+tp[j]
+ adc \$0,%rdx
+ mov %rdx,$A[1]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[0]
+ mov -8($ap,$j,8),%rax
+ adc \$0,%rdx
+ add $A[0],$N[0]
+ adc \$0,%rdx
+ mov $N[1],-32(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[1]
+
+ mulq $m0 # ap[j]*bp[i]
+ add %rax,$A[1]
+ mov -8($np,$j,8),%rax
+ adc \$0,%rdx
+ add -8(%rsp,$j,8),$A[1]
+ adc \$0,%rdx
+ mov %rdx,$A[0]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[1]
+ mov ($ap,$j,8),%rax
+ adc \$0,%rdx
+ add $A[1],$N[1]
+ adc \$0,%rdx
+ mov $N[0],-24(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[0]
+
+ mulq $m0 # ap[j]*bp[i]
+ add %rax,$A[0]
+ mov ($np,$j,8),%rax
+ adc \$0,%rdx
+ add (%rsp,$j,8),$A[0] # ap[j]*bp[i]+tp[j]
+ adc \$0,%rdx
+ mov %rdx,$A[1]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[0]
+ mov 8($ap,$j,8),%rax
+ adc \$0,%rdx
+ add $A[0],$N[0]
+ adc \$0,%rdx
+ mov $N[1],-16(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[1]
+
+ mulq $m0 # ap[j]*bp[i]
+ add %rax,$A[1]
+ mov 8($np,$j,8),%rax
+ adc \$0,%rdx
+ add 8(%rsp,$j,8),$A[1]
+ adc \$0,%rdx
+ lea 4($j),$j # j++
+ mov %rdx,$A[0]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[1]
+ mov -16($ap,$j,8),%rax
+ adc \$0,%rdx
+ add $A[1],$N[1]
+ adc \$0,%rdx
+ mov $N[0],-40(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[0]
+ cmp $num,$j
+ jl .Linner4x
+
+ mulq $m0 # ap[j]*bp[i]
+ add %rax,$A[0]
+ mov -16($np,$j,8),%rax
+ adc \$0,%rdx
+ add -16(%rsp,$j,8),$A[0] # ap[j]*bp[i]+tp[j]
+ adc \$0,%rdx
+ mov %rdx,$A[1]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[0]
+ mov -8($ap,$j,8),%rax
+ adc \$0,%rdx
+ add $A[0],$N[0]
+ adc \$0,%rdx
+ mov $N[1],-32(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[1]
+
+ mulq $m0 # ap[j]*bp[i]
+ add %rax,$A[1]
+ mov -8($np,$j,8),%rax
+ adc \$0,%rdx
+ add -8(%rsp,$j,8),$A[1]
+ adc \$0,%rdx
+ lea 1($i),$i # i++
+ mov %rdx,$A[0]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[1]
+ mov ($ap),%rax # ap[0]
+ adc \$0,%rdx
+ add $A[1],$N[1]
+ adc \$0,%rdx
+ mov $N[0],-24(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[0]
+
+ movq %xmm0,$m0 # bp[i+1]
+ mov $N[1],-16(%rsp,$j,8) # tp[j-1]
+
+ xor $N[1],$N[1]
+ add $A[0],$N[0]
+ adc \$0,$N[1]
+ add (%rsp,$num,8),$N[0] # pull upmost overflow bit
+ adc \$0,$N[1]
+ mov $N[0],-8(%rsp,$j,8)
+ mov $N[1],(%rsp,$j,8) # store upmost overflow bit
+
+ cmp $num,$i
+ jl .Louter4x
+___
+{
+my @ri=("%rax","%rdx",$m0,$m1);
+$code.=<<___;
+ mov 16(%rsp,$num,8),$rp # restore $rp
+ mov 0(%rsp), at ri[0] # tp[0]
+ pxor %xmm0,%xmm0
+ mov 8(%rsp), at ri[1] # tp[1]
+ shr \$2,$num # num/=4
+ lea (%rsp),$ap # borrow ap for tp
+ xor $i,$i # i=0 and clear CF!
+
+ sub 0($np), at ri[0]
+ mov 16($ap), at ri[2] # tp[2]
+ mov 24($ap), at ri[3] # tp[3]
+ sbb 8($np), at ri[1]
+ lea -1($num),$j # j=num/4-1
+ jmp .Lsub4x
+.align 16
+.Lsub4x:
+ mov @ri[0],0($rp,$i,8) # rp[i]=tp[i]-np[i]
+ mov @ri[1],8($rp,$i,8) # rp[i]=tp[i]-np[i]
+ sbb 16($np,$i,8), at ri[2]
+ mov 32($ap,$i,8), at ri[0] # tp[i+1]
+ mov 40($ap,$i,8), at ri[1]
+ sbb 24($np,$i,8), at ri[3]
+ mov @ri[2],16($rp,$i,8) # rp[i]=tp[i]-np[i]
+ mov @ri[3],24($rp,$i,8) # rp[i]=tp[i]-np[i]
+ sbb 32($np,$i,8), at ri[0]
+ mov 48($ap,$i,8), at ri[2]
+ mov 56($ap,$i,8), at ri[3]
+ sbb 40($np,$i,8), at ri[1]
+ lea 4($i),$i # i++
+ dec $j # doesnn't affect CF!
+ jnz .Lsub4x
+
+ mov @ri[0],0($rp,$i,8) # rp[i]=tp[i]-np[i]
+ mov 32($ap,$i,8), at ri[0] # load overflow bit
+ sbb 16($np,$i,8), at ri[2]
+ mov @ri[1],8($rp,$i,8) # rp[i]=tp[i]-np[i]
+ sbb 24($np,$i,8), at ri[3]
+ mov @ri[2],16($rp,$i,8) # rp[i]=tp[i]-np[i]
+
+ sbb \$0, at ri[0] # handle upmost overflow bit
+ mov @ri[3],24($rp,$i,8) # rp[i]=tp[i]-np[i]
+ xor $i,$i # i=0
+ and @ri[0],$ap
+ not @ri[0]
+ mov $rp,$np
+ and @ri[0],$np
+ lea -1($num),$j
+ or $np,$ap # ap=borrow?tp:rp
+
+ movdqu ($ap),%xmm1
+ movdqa %xmm0,(%rsp)
+ movdqu %xmm1,($rp)
+ jmp .Lcopy4x
+.align 16
+.Lcopy4x: # copy or in-place refresh
+ movdqu 16($ap,$i),%xmm2
+ movdqu 32($ap,$i),%xmm1
+ movdqa %xmm0,16(%rsp,$i)
+ movdqu %xmm2,16($rp,$i)
+ movdqa %xmm0,32(%rsp,$i)
+ movdqu %xmm1,32($rp,$i)
+ lea 32($i),$i
+ dec $j
+ jnz .Lcopy4x
+
+ shl \$2,$num
+ movdqu 16($ap,$i),%xmm2
+ movdqa %xmm0,16(%rsp,$i)
+ movdqu %xmm2,16($rp,$i)
+___
+}
+$code.=<<___;
+ mov 8(%rsp,$num,8),%rsi # restore %rsp
+ mov \$1,%rax
+___
+$code.=<<___ if ($win64);
+ movaps (%rsi),%xmm6
+ movaps 0x10(%rsi),%xmm7
+ lea 0x28(%rsi),%rsi
+___
+$code.=<<___;
+ mov (%rsi),%r15
+ mov 8(%rsi),%r14
+ mov 16(%rsi),%r13
+ mov 24(%rsi),%r12
+ mov 32(%rsi),%rbp
+ mov 40(%rsi),%rbx
+ lea 48(%rsi),%rsp
+.Lmul4x_epilogue:
+ ret
+.size bn_mul4x_mont_gather5,.-bn_mul4x_mont_gather5
+___
+}}}
+
+{
+my ($inp,$num,$tbl,$idx)=$win64?("%rcx","%rdx","%r8", "%r9") : # Win64 order
+ ("%rdi","%rsi","%rdx","%rcx"); # Unix order
+my $out=$inp;
+my $STRIDE=2**5*8;
+my $N=$STRIDE/4;
+
+$code.=<<___;
+.globl bn_scatter5
+.type bn_scatter5,\@abi-omnipotent
+.align 16
+bn_scatter5:
+ cmp \$0, $num
+ jz .Lscatter_epilogue
+ lea ($tbl,$idx,8),$tbl
+.Lscatter:
+ mov ($inp),%rax
+ lea 8($inp),$inp
+ mov %rax,($tbl)
+ lea 32*8($tbl),$tbl
+ sub \$1,$num
+ jnz .Lscatter
+.Lscatter_epilogue:
+ ret
+.size bn_scatter5,.-bn_scatter5
+
+.globl bn_gather5
+.type bn_gather5,\@abi-omnipotent
+.align 16
+bn_gather5:
+___
+$code.=<<___ if ($win64);
+.LSEH_begin_bn_gather5:
+ # I can't trust assembler to use specific encoding:-(
+ .byte 0x48,0x83,0xec,0x28 #sub \$0x28,%rsp
+ .byte 0x0f,0x29,0x34,0x24 #movaps %xmm6,(%rsp)
+ .byte 0x0f,0x29,0x7c,0x24,0x10 #movdqa %xmm7,0x10(%rsp)
+___
+$code.=<<___;
+ mov $idx,%r11
+ shr \$`log($N/8)/log(2)`,$idx
+ and \$`$N/8-1`,%r11
+ not $idx
+ lea .Lmagic_masks(%rip),%rax
+ and \$`2**5/($N/8)-1`,$idx # 5 is "window size"
+ lea 96($tbl,%r11,8),$tbl # pointer within 1st cache line
+ movq 0(%rax,$idx,8),%xmm4 # set of masks denoting which
+ movq 8(%rax,$idx,8),%xmm5 # cache line contains element
+ movq 16(%rax,$idx,8),%xmm6 # denoted by 7th argument
+ movq 24(%rax,$idx,8),%xmm7
+ jmp .Lgather
+.align 16
+.Lgather:
+ movq `0*$STRIDE/4-96`($tbl),%xmm0
+ movq `1*$STRIDE/4-96`($tbl),%xmm1
+ pand %xmm4,%xmm0
+ movq `2*$STRIDE/4-96`($tbl),%xmm2
+ pand %xmm5,%xmm1
+ movq `3*$STRIDE/4-96`($tbl),%xmm3
+ pand %xmm6,%xmm2
+ por %xmm1,%xmm0
+ pand %xmm7,%xmm3
+ por %xmm2,%xmm0
+ lea $STRIDE($tbl),$tbl
+ por %xmm3,%xmm0
+
+ movq %xmm0,($out) # m0=bp[0]
+ lea 8($out),$out
+ sub \$1,$num
+ jnz .Lgather
+___
+$code.=<<___ if ($win64);
+ movaps (%rsp),%xmm6
+ movaps 0x10(%rsp),%xmm7
+ lea 0x28(%rsp),%rsp
+___
+$code.=<<___;
+ ret
+.LSEH_end_bn_gather5:
+.size bn_gather5,.-bn_gather5
+___
+}
+$code.=<<___;
+.align 64
+.Lmagic_masks:
+ .long 0,0, 0,0, 0,0, -1,-1
+ .long 0,0, 0,0, 0,0, 0,0
+.asciz "Montgomery Multiplication with scatter/gather for x86_64, CRYPTOGAMS by <appro\@openssl.org>"
+___
+
+# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
+# CONTEXT *context,DISPATCHER_CONTEXT *disp)
+if ($win64) {
+$rec="%rcx";
+$frame="%rdx";
+$context="%r8";
+$disp="%r9";
+
+$code.=<<___;
+.extern __imp_RtlVirtualUnwind
+.type mul_handler,\@abi-omnipotent
+.align 16
+mul_handler:
+ push %rsi
+ push %rdi
+ push %rbx
+ push %rbp
+ push %r12
+ push %r13
+ push %r14
+ push %r15
+ pushfq
+ sub \$64,%rsp
+
+ mov 120($context),%rax # pull context->Rax
+ mov 248($context),%rbx # pull context->Rip
+
+ mov 8($disp),%rsi # disp->ImageBase
+ mov 56($disp),%r11 # disp->HandlerData
+
+ mov 0(%r11),%r10d # HandlerData[0]
+ lea (%rsi,%r10),%r10 # end of prologue label
+ cmp %r10,%rbx # context->Rip<end of prologue label
+ jb .Lcommon_seh_tail
+
+ lea `40+48`(%rax),%rax
+
+ mov 4(%r11),%r10d # HandlerData[1]
+ lea (%rsi,%r10),%r10 # end of alloca label
+ cmp %r10,%rbx # context->Rip<end of alloca label
+ jb .Lcommon_seh_tail
+
+ mov 152($context),%rax # pull context->Rsp
+
+ mov 8(%r11),%r10d # HandlerData[2]
+ lea (%rsi,%r10),%r10 # epilogue label
+ cmp %r10,%rbx # context->Rip>=epilogue label
+ jae .Lcommon_seh_tail
+
+ mov 192($context),%r10 # pull $num
+ mov 8(%rax,%r10,8),%rax # pull saved stack pointer
+
+ movaps (%rax),%xmm0
+ movaps 16(%rax),%xmm1
+ lea `40+48`(%rax),%rax
+
+ mov -8(%rax),%rbx
+ mov -16(%rax),%rbp
+ mov -24(%rax),%r12
+ mov -32(%rax),%r13
+ mov -40(%rax),%r14
+ mov -48(%rax),%r15
+ mov %rbx,144($context) # restore context->Rbx
+ mov %rbp,160($context) # restore context->Rbp
+ mov %r12,216($context) # restore context->R12
+ mov %r13,224($context) # restore context->R13
+ mov %r14,232($context) # restore context->R14
+ mov %r15,240($context) # restore context->R15
+ movups %xmm0,512($context) # restore context->Xmm6
+ movups %xmm1,528($context) # restore context->Xmm7
+
+.Lcommon_seh_tail:
+ mov 8(%rax),%rdi
+ mov 16(%rax),%rsi
+ mov %rax,152($context) # restore context->Rsp
+ mov %rsi,168($context) # restore context->Rsi
+ mov %rdi,176($context) # restore context->Rdi
+
+ mov 40($disp),%rdi # disp->ContextRecord
+ mov $context,%rsi # context
+ mov \$154,%ecx # sizeof(CONTEXT)
+ .long 0xa548f3fc # cld; rep movsq
+
+ mov $disp,%rsi
+ xor %rcx,%rcx # arg1, UNW_FLAG_NHANDLER
+ mov 8(%rsi),%rdx # arg2, disp->ImageBase
+ mov 0(%rsi),%r8 # arg3, disp->ControlPc
+ mov 16(%rsi),%r9 # arg4, disp->FunctionEntry
+ mov 40(%rsi),%r10 # disp->ContextRecord
+ lea 56(%rsi),%r11 # &disp->HandlerData
+ lea 24(%rsi),%r12 # &disp->EstablisherFrame
+ mov %r10,32(%rsp) # arg5
+ mov %r11,40(%rsp) # arg6
+ mov %r12,48(%rsp) # arg7
+ mov %rcx,56(%rsp) # arg8, (NULL)
+ call *__imp_RtlVirtualUnwind(%rip)
+
+ mov \$1,%eax # ExceptionContinueSearch
+ add \$64,%rsp
+ popfq
+ pop %r15
+ pop %r14
+ pop %r13
+ pop %r12
+ pop %rbp
+ pop %rbx
+ pop %rdi
+ pop %rsi
+ ret
+.size mul_handler,.-mul_handler
+
+.section .pdata
+.align 4
+ .rva .LSEH_begin_bn_mul_mont_gather5
+ .rva .LSEH_end_bn_mul_mont_gather5
+ .rva .LSEH_info_bn_mul_mont_gather5
+
+ .rva .LSEH_begin_bn_mul4x_mont_gather5
+ .rva .LSEH_end_bn_mul4x_mont_gather5
+ .rva .LSEH_info_bn_mul4x_mont_gather5
+
+ .rva .LSEH_begin_bn_gather5
+ .rva .LSEH_end_bn_gather5
+ .rva .LSEH_info_bn_gather5
+
+.section .xdata
+.align 8
+.LSEH_info_bn_mul_mont_gather5:
+ .byte 9,0,0,0
+ .rva mul_handler
+ .rva .Lmul_alloca,.Lmul_body,.Lmul_epilogue # HandlerData[]
+.align 8
+.LSEH_info_bn_mul4x_mont_gather5:
+ .byte 9,0,0,0
+ .rva mul_handler
+ .rva .Lmul4x_alloca,.Lmul4x_body,.Lmul4x_epilogue # HandlerData[]
+.align 8
+.LSEH_info_bn_gather5:
+ .byte 0x01,0x0d,0x05,0x00
+ .byte 0x0d,0x78,0x01,0x00 #movaps 0x10(rsp),xmm7
+ .byte 0x08,0x68,0x00,0x00 #movaps (rsp),xmm6
+ .byte 0x04,0x42,0x00,0x00 #sub rsp,0x28
+.align 8
+___
+}
+
+$code =~ s/\`([^\`]*)\`/eval($1)/gem;
+
+print $code;
+close STDOUT;
Modified: trunk/crypto/openssl/crypto/bn/bn.h
===================================================================
--- trunk/crypto/openssl/crypto/bn/bn.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/bn/bn.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -56,6 +56,59 @@
* [including the GNU Public Licence.]
*/
/* ====================================================================
+ * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+/* ====================================================================
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
*
* Portions of the attached software ("Contribution") are developed by
@@ -77,6 +130,7 @@
# include <stdio.h> /* FILE */
# endif
# include <openssl/ossl_typ.h>
+# include <openssl/crypto.h>
#ifdef __cplusplus
extern "C" {
@@ -94,9 +148,11 @@
/* #define BN_DEBUG */
/* #define BN_DEBUG_RAND */
-# define BN_MUL_COMBA
-# define BN_SQR_COMBA
-# define BN_RECURSION
+# ifndef OPENSSL_SMALL_FOOTPRINT
+# define BN_MUL_COMBA
+# define BN_SQR_COMBA
+# define BN_RECURSION
+# endif
/*
* This next option uses the C libraries (2 word)/(1 word) function. If it is
@@ -139,6 +195,8 @@
# define BN_DEC_FMT1 "%lu"
# define BN_DEC_FMT2 "%019lu"
# define BN_DEC_NUM 19
+# define BN_HEX_FMT1 "%lX"
+# define BN_HEX_FMT2 "%016lX"
# endif
/*
@@ -165,28 +223,26 @@
# define BN_DEC_FMT1 "%llu"
# define BN_DEC_FMT2 "%019llu"
# define BN_DEC_NUM 19
+# define BN_HEX_FMT1 "%llX"
+# define BN_HEX_FMT2 "%016llX"
# endif
# ifdef THIRTY_TWO_BIT
# ifdef BN_LLONG
-# if defined(OPENSSL_SYS_WIN32) && !defined(__GNUC__)
+# if defined(_WIN32) && !defined(__GNUC__)
# define BN_ULLONG unsigned __int64
+# define BN_MASK (0xffffffffffffffffI64)
# else
# define BN_ULLONG unsigned long long
+# define BN_MASK (0xffffffffffffffffLL)
# endif
# endif
-# define BN_ULONG unsigned long
-# define BN_LONG long
+# define BN_ULONG unsigned int
+# define BN_LONG int
# define BN_BITS 64
# define BN_BYTES 4
# define BN_BITS2 32
# define BN_BITS4 16
-# ifdef OPENSSL_SYS_WIN32
-/* VC++ doesn't like the LL suffix */
-# define BN_MASK (0xffffffffffffffffL)
-# else
-# define BN_MASK (0xffffffffffffffffLL)
-# endif
# define BN_MASK2 (0xffffffffL)
# define BN_MASK2l (0xffff)
# define BN_MASK2h1 (0xffff8000L)
@@ -193,57 +249,31 @@
# define BN_MASK2h (0xffff0000L)
# define BN_TBIT (0x80000000L)
# define BN_DEC_CONV (1000000000L)
-# define BN_DEC_FMT1 "%lu"
-# define BN_DEC_FMT2 "%09lu"
+# define BN_DEC_FMT1 "%u"
+# define BN_DEC_FMT2 "%09u"
# define BN_DEC_NUM 9
+# define BN_HEX_FMT1 "%X"
+# define BN_HEX_FMT2 "%08X"
# endif
-# ifdef SIXTEEN_BIT
-# ifndef BN_DIV2W
-# define BN_DIV2W
-# endif
-# define BN_ULLONG unsigned long
-# define BN_ULONG unsigned short
-# define BN_LONG short
-# define BN_BITS 32
-# define BN_BYTES 2
-# define BN_BITS2 16
-# define BN_BITS4 8
-# define BN_MASK (0xffffffff)
-# define BN_MASK2 (0xffff)
-# define BN_MASK2l (0xff)
-# define BN_MASK2h1 (0xff80)
-# define BN_MASK2h (0xff00)
-# define BN_TBIT (0x8000)
-# define BN_DEC_CONV (100000)
-# define BN_DEC_FMT1 "%u"
-# define BN_DEC_FMT2 "%05u"
-# define BN_DEC_NUM 5
-# endif
+/*
+ * 2011-02-22 SMS. In various places, a size_t variable or a type cast to
+ * size_t was used to perform integer-only operations on pointers. This
+ * failed on VMS with 64-bit pointers (CC /POINTER_SIZE = 64) because size_t
+ * is still only 32 bits. What's needed in these cases is an integer type
+ * with the same size as a pointer, which size_t is not certain to be. The
+ * only fix here is VMS-specific.
+ */
+# if defined(OPENSSL_SYS_VMS)
+# if __INITIAL_POINTER_SIZE == 64
+# define PTR_SIZE_INT long long
+# else /* __INITIAL_POINTER_SIZE == 64 */
+# define PTR_SIZE_INT int
+# endif /* __INITIAL_POINTER_SIZE == 64 [else] */
+# else /* defined(OPENSSL_SYS_VMS) */
+# define PTR_SIZE_INT size_t
+# endif /* defined(OPENSSL_SYS_VMS) [else] */
-# ifdef EIGHT_BIT
-# ifndef BN_DIV2W
-# define BN_DIV2W
-# endif
-# define BN_ULLONG unsigned short
-# define BN_ULONG unsigned char
-# define BN_LONG char
-# define BN_BITS 16
-# define BN_BYTES 1
-# define BN_BITS2 8
-# define BN_BITS4 4
-# define BN_MASK (0xffff)
-# define BN_MASK2 (0xff)
-# define BN_MASK2l (0xf)
-# define BN_MASK2h1 (0xf8)
-# define BN_MASK2h (0xf0)
-# define BN_TBIT (0x80)
-# define BN_DEC_CONV (100)
-# define BN_DEC_FMT1 "%u"
-# define BN_DEC_FMT2 "%02u"
-# define BN_DEC_NUM 2
-# endif
-
# define BN_DEFAULT_BITS 1280
# define BN_FLG_MALLOCED 0x01
@@ -314,12 +344,9 @@
BIGNUM N; /* The modulus */
BIGNUM Ni; /* R*(1/R mod N) - N*Ni = 1 (Ni is only
* stored for bignum algorithm) */
-# if 0
- /* OpenSSL 0.9.9 preview: */
- BN_ULONG n0[2]; /* least significant word(s) of Ni */
-# else
- BN_ULONG n0; /* least significant word of Ni */
-# endif
+ BN_ULONG n0[2]; /* least significant word(s) of Ni; (type
+ * changed with 0.9.9, was "BN_ULONG n0;"
+ * before) */
int flags;
};
@@ -522,6 +549,7 @@
char *BN_bn2dec(const BIGNUM *a);
int BN_hex2bn(BIGNUM **a, const char *str);
int BN_dec2bn(BIGNUM **a, const char *str);
+int BN_asc2bn(BIGNUM **a, const char *str);
int BN_gcd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
int BN_kronecker(const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); /* returns
* -2 for
@@ -589,8 +617,11 @@
int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *);
int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b,
BN_CTX *);
+# ifndef OPENSSL_NO_DEPRECATED
unsigned long BN_BLINDING_get_thread_id(const BN_BLINDING *);
void BN_BLINDING_set_thread_id(BN_BLINDING *, unsigned long);
+# endif
+CRYPTO_THREADID *BN_BLINDING_thread_id(BN_BLINDING *);
unsigned long BN_BLINDING_get_flags(const BN_BLINDING *);
void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long);
BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
@@ -619,6 +650,8 @@
int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m,
BN_RECP_CTX *recp, BN_CTX *ctx);
+# ifndef OPENSSL_NO_EC2M
+
/*
* Functions for arithmetic over binary polynomials represented by BIGNUMs.
* The BIGNUM::neg property of BIGNUMs representing binary polynomials is
@@ -630,7 +663,7 @@
* r = a + b
*/
int BN_GF2m_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
-# define BN_GF2m_sub(r, a, b) BN_GF2m_add(r, a, b)
+# define BN_GF2m_sub(r, a, b) BN_GF2m_add(r, a, b)
/*
* r=a mod p
*/
@@ -654,7 +687,7 @@
/* r^2 + r = a mod p */
int BN_GF2m_mod_solve_quad(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
BN_CTX *ctx);
-# define BN_GF2m_cmp(a, b) BN_ucmp((a), (b))
+# define BN_GF2m_cmp(a, b) BN_ucmp((a), (b))
/*-
* Some functions allow for representation of the irreducible polynomials
* as an unsigned int[], say p. The irreducible f(t) is then of the form:
@@ -662,31 +695,33 @@
* where m = p[0] > p[1] > ... > p[k] = 0.
*/
/* r = a mod p */
-int BN_GF2m_mod_arr(BIGNUM *r, const BIGNUM *a, const unsigned int p[]);
+int BN_GF2m_mod_arr(BIGNUM *r, const BIGNUM *a, const int p[]);
/* r = (a * b) mod p */
int BN_GF2m_mod_mul_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
- const unsigned int p[], BN_CTX *ctx);
+ const int p[], BN_CTX *ctx);
/* r = (a * a) mod p */
-int BN_GF2m_mod_sqr_arr(BIGNUM *r, const BIGNUM *a, const unsigned int p[],
+int BN_GF2m_mod_sqr_arr(BIGNUM *r, const BIGNUM *a, const int p[],
BN_CTX *ctx);
/* r = (1 / b) mod p */
-int BN_GF2m_mod_inv_arr(BIGNUM *r, const BIGNUM *b, const unsigned int p[],
+int BN_GF2m_mod_inv_arr(BIGNUM *r, const BIGNUM *b, const int p[],
BN_CTX *ctx);
/* r = (a / b) mod p */
int BN_GF2m_mod_div_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
- const unsigned int p[], BN_CTX *ctx);
+ const int p[], BN_CTX *ctx);
/* r = (a ^ b) mod p */
int BN_GF2m_mod_exp_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
- const unsigned int p[], BN_CTX *ctx);
+ const int p[], BN_CTX *ctx);
/* r = sqrt(a) mod p */
int BN_GF2m_mod_sqrt_arr(BIGNUM *r, const BIGNUM *a,
- const unsigned int p[], BN_CTX *ctx);
+ const int p[], BN_CTX *ctx);
/* r^2 + r = a mod p */
int BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a,
- const unsigned int p[], BN_CTX *ctx);
-int BN_GF2m_poly2arr(const BIGNUM *a, unsigned int p[], int max);
-int BN_GF2m_arr2poly(const unsigned int p[], BIGNUM *a);
+ const int p[], BN_CTX *ctx);
+int BN_GF2m_poly2arr(const BIGNUM *a, int p[], int max);
+int BN_GF2m_arr2poly(const int p[], BIGNUM *a);
+# endif
+
/*
* faster mod functions for the 'NIST primes' 0 <= a < p^2
*/
@@ -762,6 +797,7 @@
* wouldn't be constructed with top!=dmax. */ \
BN_ULONG *_not_const; \
memcpy(&_not_const, &_bnum1->d, sizeof(BN_ULONG*)); \
+ /* Debug only - safe to ignore error return */ \
RAND_pseudo_bytes(&_tmp_char, 1); \
memset((unsigned char *)(_not_const + _bnum1->top), _tmp_char, \
(_bnum1->dmax - _bnum1->top) * sizeof(BN_ULONG)); \
@@ -789,7 +825,9 @@
# define bn_wcheck_size(bn, words) \
do { \
const BIGNUM *_bnum2 = (bn); \
- assert(words <= (_bnum2)->dmax && words >= (_bnum2)->top); \
+ assert((words) <= (_bnum2)->dmax && (words) >= (_bnum2)->top); \
+ /* avoid unused variable warning with NDEBUG */ \
+ (void)(_bnum2); \
} while(0)
# else /* !BN_DEBUG */
@@ -805,10 +843,12 @@
# define bn_correct_top(a) \
{ \
BN_ULONG *ftl; \
- if ((a)->top > 0) \
+ int tmp_top = (a)->top; \
+ if (tmp_top > 0) \
{ \
- for (ftl= &((a)->d[(a)->top-1]); (a)->top > 0; (a)->top--) \
- if (*(ftl--)) break; \
+ for (ftl= &((a)->d[tmp_top-1]); tmp_top > 0; tmp_top--) \
+ if (*(ftl--)) break; \
+ (a)->top = tmp_top; \
} \
bn_pollute(a); \
}
Modified: trunk/crypto/openssl/crypto/bn/bn_asm.c
===================================================================
--- trunk/crypto/openssl/crypto/bn/bn_asm.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/bn/bn_asm.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -77,6 +77,7 @@
if (num <= 0)
return (c1);
+# ifndef OPENSSL_SMALL_FOOTPRINT
while (num & ~3) {
mul_add(rp[0], ap[0], w, c1);
mul_add(rp[1], ap[1], w, c1);
@@ -86,15 +87,12 @@
rp += 4;
num -= 4;
}
- if (num) {
+# endif
+ while (num) {
mul_add(rp[0], ap[0], w, c1);
- if (--num == 0)
- return c1;
- mul_add(rp[1], ap[1], w, c1);
- if (--num == 0)
- return c1;
- mul_add(rp[2], ap[2], w, c1);
- return c1;
+ ap++;
+ rp++;
+ num--;
}
return (c1);
@@ -108,6 +106,7 @@
if (num <= 0)
return (c1);
+# ifndef OPENSSL_SMALL_FOOTPRINT
while (num & ~3) {
mul(rp[0], ap[0], w, c1);
mul(rp[1], ap[1], w, c1);
@@ -117,14 +116,12 @@
rp += 4;
num -= 4;
}
- if (num) {
+# endif
+ while (num) {
mul(rp[0], ap[0], w, c1);
- if (--num == 0)
- return c1;
- mul(rp[1], ap[1], w, c1);
- if (--num == 0)
- return c1;
- mul(rp[2], ap[2], w, c1);
+ ap++;
+ rp++;
+ num--;
}
return (c1);
}
@@ -134,6 +131,8 @@
assert(n >= 0);
if (n <= 0)
return;
+
+# ifndef OPENSSL_SMALL_FOOTPRINT
while (n & ~3) {
sqr(r[0], r[1], a[0]);
sqr(r[2], r[3], a[1]);
@@ -143,14 +142,12 @@
r += 8;
n -= 4;
}
- if (n) {
+# endif
+ while (n) {
sqr(r[0], r[1], a[0]);
- if (--n == 0)
- return;
- sqr(r[2], r[3], a[1]);
- if (--n == 0)
- return;
- sqr(r[4], r[5], a[2]);
+ a++;
+ r += 2;
+ n--;
}
}
@@ -170,22 +167,23 @@
bl = LBITS(w);
bh = HBITS(w);
- for (;;) {
+# ifndef OPENSSL_SMALL_FOOTPRINT
+ while (num & ~3) {
mul_add(rp[0], ap[0], bl, bh, c);
- if (--num == 0)
- break;
mul_add(rp[1], ap[1], bl, bh, c);
- if (--num == 0)
- break;
mul_add(rp[2], ap[2], bl, bh, c);
- if (--num == 0)
- break;
mul_add(rp[3], ap[3], bl, bh, c);
- if (--num == 0)
- break;
ap += 4;
rp += 4;
+ num -= 4;
}
+# endif
+ while (num) {
+ mul_add(rp[0], ap[0], bl, bh, c);
+ ap++;
+ rp++;
+ num--;
+ }
return (c);
}
@@ -201,22 +199,23 @@
bl = LBITS(w);
bh = HBITS(w);
- for (;;) {
+# ifndef OPENSSL_SMALL_FOOTPRINT
+ while (num & ~3) {
mul(rp[0], ap[0], bl, bh, carry);
- if (--num == 0)
- break;
mul(rp[1], ap[1], bl, bh, carry);
- if (--num == 0)
- break;
mul(rp[2], ap[2], bl, bh, carry);
- if (--num == 0)
- break;
mul(rp[3], ap[3], bl, bh, carry);
- if (--num == 0)
- break;
ap += 4;
rp += 4;
+ num -= 4;
}
+# endif
+ while (num) {
+ mul(rp[0], ap[0], bl, bh, carry);
+ ap++;
+ rp++;
+ num--;
+ }
return (carry);
}
@@ -225,26 +224,24 @@
assert(n >= 0);
if (n <= 0)
return;
- for (;;) {
+
+# ifndef OPENSSL_SMALL_FOOTPRINT
+ while (n & ~3) {
sqr64(r[0], r[1], a[0]);
- if (--n == 0)
- break;
-
sqr64(r[2], r[3], a[1]);
- if (--n == 0)
- break;
-
sqr64(r[4], r[5], a[2]);
- if (--n == 0)
- break;
-
sqr64(r[6], r[7], a[3]);
- if (--n == 0)
- break;
-
a += 4;
r += 8;
+ n -= 4;
}
+# endif
+ while (n) {
+ sqr64(r[0], r[1], a[0]);
+ a++;
+ r += 2;
+ n--;
+ }
}
#endif /* !(defined(BN_LLONG) ||
@@ -335,35 +332,35 @@
if (n <= 0)
return ((BN_ULONG)0);
- for (;;) {
+# ifndef OPENSSL_SMALL_FOOTPRINT
+ while (n & ~3) {
ll += (BN_ULLONG) a[0] + b[0];
r[0] = (BN_ULONG)ll & BN_MASK2;
ll >>= BN_BITS2;
- if (--n <= 0)
- break;
-
ll += (BN_ULLONG) a[1] + b[1];
r[1] = (BN_ULONG)ll & BN_MASK2;
ll >>= BN_BITS2;
- if (--n <= 0)
- break;
-
ll += (BN_ULLONG) a[2] + b[2];
r[2] = (BN_ULONG)ll & BN_MASK2;
ll >>= BN_BITS2;
- if (--n <= 0)
- break;
-
ll += (BN_ULLONG) a[3] + b[3];
r[3] = (BN_ULONG)ll & BN_MASK2;
ll >>= BN_BITS2;
- if (--n <= 0)
- break;
-
a += 4;
b += 4;
r += 4;
+ n -= 4;
}
+# endif
+ while (n) {
+ ll += (BN_ULLONG) a[0] + b[0];
+ r[0] = (BN_ULONG)ll & BN_MASK2;
+ ll >>= BN_BITS2;
+ a++;
+ b++;
+ r++;
+ n--;
+ }
return ((BN_ULONG)ll);
}
#else /* !BN_LLONG */
@@ -377,7 +374,8 @@
return ((BN_ULONG)0);
c = 0;
- for (;;) {
+# ifndef OPENSSL_SMALL_FOOTPRINT
+ while (n & ~3) {
t = a[0];
t = (t + c) & BN_MASK2;
c = (t < c);
@@ -384,9 +382,6 @@
l = (t + b[0]) & BN_MASK2;
c += (l < t);
r[0] = l;
- if (--n <= 0)
- break;
-
t = a[1];
t = (t + c) & BN_MASK2;
c = (t < c);
@@ -393,9 +388,6 @@
l = (t + b[1]) & BN_MASK2;
c += (l < t);
r[1] = l;
- if (--n <= 0)
- break;
-
t = a[2];
t = (t + c) & BN_MASK2;
c = (t < c);
@@ -402,9 +394,6 @@
l = (t + b[2]) & BN_MASK2;
c += (l < t);
r[2] = l;
- if (--n <= 0)
- break;
-
t = a[3];
t = (t + c) & BN_MASK2;
c = (t < c);
@@ -411,13 +400,24 @@
l = (t + b[3]) & BN_MASK2;
c += (l < t);
r[3] = l;
- if (--n <= 0)
- break;
-
a += 4;
b += 4;
r += 4;
+ n -= 4;
}
+# endif
+ while (n) {
+ t = a[0];
+ t = (t + c) & BN_MASK2;
+ c = (t < c);
+ l = (t + b[0]) & BN_MASK2;
+ c += (l < t);
+ r[0] = l;
+ a++;
+ b++;
+ r++;
+ n--;
+ }
return ((BN_ULONG)c);
}
#endif /* !BN_LLONG */
@@ -432,47 +432,49 @@
if (n <= 0)
return ((BN_ULONG)0);
- for (;;) {
+#ifndef OPENSSL_SMALL_FOOTPRINT
+ while (n & ~3) {
t1 = a[0];
t2 = b[0];
r[0] = (t1 - t2 - c) & BN_MASK2;
if (t1 != t2)
c = (t1 < t2);
- if (--n <= 0)
- break;
-
t1 = a[1];
t2 = b[1];
r[1] = (t1 - t2 - c) & BN_MASK2;
if (t1 != t2)
c = (t1 < t2);
- if (--n <= 0)
- break;
-
t1 = a[2];
t2 = b[2];
r[2] = (t1 - t2 - c) & BN_MASK2;
if (t1 != t2)
c = (t1 < t2);
- if (--n <= 0)
- break;
-
t1 = a[3];
t2 = b[3];
r[3] = (t1 - t2 - c) & BN_MASK2;
if (t1 != t2)
c = (t1 < t2);
- if (--n <= 0)
- break;
-
a += 4;
b += 4;
r += 4;
+ n -= 4;
}
+#endif
+ while (n) {
+ t1 = a[0];
+ t2 = b[0];
+ r[0] = (t1 - t2 - c) & BN_MASK2;
+ if (t1 != t2)
+ c = (t1 < t2);
+ a++;
+ b++;
+ r++;
+ n--;
+ }
return (c);
}
-#ifdef BN_MUL_COMBA
+#if defined(BN_MUL_COMBA) && !defined(OPENSSL_SMALL_FOOTPRINT)
# undef bn_mul_comba8
# undef bn_mul_comba4
@@ -880,11 +882,131 @@
r[6] = c1;
r[7] = c2;
}
+
+# ifdef OPENSSL_NO_ASM
+# ifdef OPENSSL_BN_ASM_MONT
+# include <alloca.h>
+/*
+ * This is essentially reference implementation, which may or may not
+ * result in performance improvement. E.g. on IA-32 this routine was
+ * observed to give 40% faster rsa1024 private key operations and 10%
+ * faster rsa4096 ones, while on AMD64 it improves rsa1024 sign only
+ * by 10% and *worsens* rsa4096 sign by 15%. Once again, it's a
+ * reference implementation, one to be used as starting point for
+ * platform-specific assembler. Mentioned numbers apply to compiler
+ * generated code compiled with and without -DOPENSSL_BN_ASM_MONT and
+ * can vary not only from platform to platform, but even for compiler
+ * versions. Assembler vs. assembler improvement coefficients can
+ * [and are known to] differ and are to be documented elsewhere.
+ */
+int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
+ const BN_ULONG *np, const BN_ULONG *n0p, int num)
+{
+ BN_ULONG c0, c1, ml, *tp, n0;
+# ifdef mul64
+ BN_ULONG mh;
+# endif
+ volatile BN_ULONG *vp;
+ int i = 0, j;
+
+# if 0 /* template for platform-specific
+ * implementation */
+ if (ap == bp)
+ return bn_sqr_mont(rp, ap, np, n0p, num);
+# endif
+ vp = tp = alloca((num + 2) * sizeof(BN_ULONG));
+
+ n0 = *n0p;
+
+ c0 = 0;
+ ml = bp[0];
+# ifdef mul64
+ mh = HBITS(ml);
+ ml = LBITS(ml);
+ for (j = 0; j < num; ++j)
+ mul(tp[j], ap[j], ml, mh, c0);
+# else
+ for (j = 0; j < num; ++j)
+ mul(tp[j], ap[j], ml, c0);
+# endif
+
+ tp[num] = c0;
+ tp[num + 1] = 0;
+ goto enter;
+
+ for (i = 0; i < num; i++) {
+ c0 = 0;
+ ml = bp[i];
+# ifdef mul64
+ mh = HBITS(ml);
+ ml = LBITS(ml);
+ for (j = 0; j < num; ++j)
+ mul_add(tp[j], ap[j], ml, mh, c0);
+# else
+ for (j = 0; j < num; ++j)
+ mul_add(tp[j], ap[j], ml, c0);
+# endif
+ c1 = (tp[num] + c0) & BN_MASK2;
+ tp[num] = c1;
+ tp[num + 1] = (c1 < c0 ? 1 : 0);
+ enter:
+ c1 = tp[0];
+ ml = (c1 * n0) & BN_MASK2;
+ c0 = 0;
+# ifdef mul64
+ mh = HBITS(ml);
+ ml = LBITS(ml);
+ mul_add(c1, np[0], ml, mh, c0);
+# else
+ mul_add(c1, ml, np[0], c0);
+# endif
+ for (j = 1; j < num; j++) {
+ c1 = tp[j];
+# ifdef mul64
+ mul_add(c1, np[j], ml, mh, c0);
+# else
+ mul_add(c1, ml, np[j], c0);
+# endif
+ tp[j - 1] = c1 & BN_MASK2;
+ }
+ c1 = (tp[num] + c0) & BN_MASK2;
+ tp[num - 1] = c1;
+ tp[num] = tp[num + 1] + (c1 < c0 ? 1 : 0);
+ }
+
+ if (tp[num] != 0 || tp[num - 1] >= np[num - 1]) {
+ c0 = bn_sub_words(rp, tp, np, num);
+ if (tp[num] != 0 || c0 == 0) {
+ for (i = 0; i < num + 2; i++)
+ vp[i] = 0;
+ return 1;
+ }
+ }
+ for (i = 0; i < num; i++)
+ rp[i] = tp[i], vp[i] = 0;
+ vp[num] = 0;
+ vp[num + 1] = 0;
+ return 1;
+}
+# else
+/*
+ * Return value of 0 indicates that multiplication/convolution was not
+ * performed to signal the caller to fall down to alternative/original
+ * code-path.
+ */
+int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
+ const BN_ULONG *np, const BN_ULONG *n0, int num)
+{
+ return 0;
+}
+# endif /* OPENSSL_BN_ASM_MONT */
+# endif
+
#else /* !BN_MUL_COMBA */
/* hmm... is it faster just to do a multiply? */
# undef bn_sqr_comba4
-void bn_sqr_comba4(BN_ULONG *r, BN_ULONG *a)
+void bn_sqr_comba4(BN_ULONG *r, const BN_ULONG *a)
{
BN_ULONG t[8];
bn_sqr_normal(r, a, 4, t);
@@ -891,7 +1013,7 @@
}
# undef bn_sqr_comba8
-void bn_sqr_comba8(BN_ULONG *r, BN_ULONG *a)
+void bn_sqr_comba8(BN_ULONG *r, const BN_ULONG *a)
{
BN_ULONG t[16];
bn_sqr_normal(r, a, 8, t);
@@ -917,4 +1039,56 @@
r[15] = bn_mul_add_words(&(r[7]), a, 8, b[7]);
}
+# ifdef OPENSSL_NO_ASM
+# ifdef OPENSSL_BN_ASM_MONT
+# include <alloca.h>
+int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
+ const BN_ULONG *np, const BN_ULONG *n0p, int num)
+{
+ BN_ULONG c0, c1, *tp, n0 = *n0p;
+ volatile BN_ULONG *vp;
+ int i = 0, j;
+
+ vp = tp = alloca((num + 2) * sizeof(BN_ULONG));
+
+ for (i = 0; i <= num; i++)
+ tp[i] = 0;
+
+ for (i = 0; i < num; i++) {
+ c0 = bn_mul_add_words(tp, ap, num, bp[i]);
+ c1 = (tp[num] + c0) & BN_MASK2;
+ tp[num] = c1;
+ tp[num + 1] = (c1 < c0 ? 1 : 0);
+
+ c0 = bn_mul_add_words(tp, np, num, tp[0] * n0);
+ c1 = (tp[num] + c0) & BN_MASK2;
+ tp[num] = c1;
+ tp[num + 1] += (c1 < c0 ? 1 : 0);
+ for (j = 0; j <= num; j++)
+ tp[j] = tp[j + 1];
+ }
+
+ if (tp[num] != 0 || tp[num - 1] >= np[num - 1]) {
+ c0 = bn_sub_words(rp, tp, np, num);
+ if (tp[num] != 0 || c0 == 0) {
+ for (i = 0; i < num + 2; i++)
+ vp[i] = 0;
+ return 1;
+ }
+ }
+ for (i = 0; i < num; i++)
+ rp[i] = tp[i], vp[i] = 0;
+ vp[num] = 0;
+ vp[num + 1] = 0;
+ return 1;
+}
+# else
+int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
+ const BN_ULONG *np, const BN_ULONG *n0, int num)
+{
+ return 0;
+}
+# endif /* OPENSSL_BN_ASM_MONT */
+# endif
+
#endif /* !BN_MUL_COMBA */
Modified: trunk/crypto/openssl/crypto/bn/bn_blind.c
===================================================================
--- trunk/crypto/openssl/crypto/bn/bn_blind.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/bn/bn_blind.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,6 +1,6 @@
/* crypto/bn/bn_blind.c */
/* ====================================================================
- * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -120,8 +120,11 @@
BIGNUM *Ai;
BIGNUM *e;
BIGNUM *mod; /* just a reference */
+#ifndef OPENSSL_NO_DEPRECATED
unsigned long thread_id; /* added in OpenSSL 0.9.6j and 0.9.7b; used
* only by crypto/rsa/rsa_eay.c, rsa_lib.c */
+#endif
+ CRYPTO_THREADID tid;
int counter;
unsigned long flags;
BN_MONT_CTX *m_ctx;
@@ -161,6 +164,7 @@
* use.
*/
ret->counter = -1;
+ CRYPTO_THREADID_current(&ret->tid);
return (ret);
err:
if (ret != NULL)
@@ -274,6 +278,7 @@
return (ret);
}
+#ifndef OPENSSL_NO_DEPRECATED
unsigned long BN_BLINDING_get_thread_id(const BN_BLINDING *b)
{
return b->thread_id;
@@ -283,7 +288,13 @@
{
b->thread_id = n;
}
+#endif
+CRYPTO_THREADID *BN_BLINDING_thread_id(BN_BLINDING *b)
+{
+ return &b->tid;
+}
+
unsigned long BN_BLINDING_get_flags(const BN_BLINDING *b)
{
return b->flags;
Modified: trunk/crypto/openssl/crypto/bn/bn_ctx.c
===================================================================
--- trunk/crypto/openssl/crypto/bn/bn_ctx.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/bn/bn_ctx.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -155,9 +155,9 @@
unsigned int bnidx = 0, fpidx = 0;
BN_POOL_ITEM *item = ctx->pool.head;
BN_STACK *stack = &ctx->stack;
- fprintf(stderr, "(%08x): ", (unsigned int)ctx);
+ fprintf(stderr, "(%16p): ", ctx);
while (bnidx < ctx->used) {
- fprintf(stderr, "%02x ", item->vals[bnidx++ % BN_CTX_POOL_SIZE].dmax);
+ fprintf(stderr, "%03x ", item->vals[bnidx++ % BN_CTX_POOL_SIZE].dmax);
if (!(bnidx % BN_CTX_POOL_SIZE))
item = item->next;
}
@@ -166,8 +166,8 @@
fprintf(stderr, " : ");
while (fpidx < stack->depth) {
while (bnidx++ < stack->indexes[fpidx])
- fprintf(stderr, " ");
- fprintf(stderr, "^^ ");
+ fprintf(stderr, " ");
+ fprintf(stderr, "^^^ ");
bnidx++;
fpidx++;
}
Modified: trunk/crypto/openssl/crypto/bn/bn_div.c
===================================================================
--- trunk/crypto/openssl/crypto/bn/bn_div.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/bn/bn_div.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -150,6 +150,7 @@
*
* <appro at fy.chalmers.se>
*/
+# undef bn_div_words
# define bn_div_words(n0,n1,d0) \
({ asm volatile ( \
"divl %4" \
@@ -164,6 +165,7 @@
* Same story here, but it's 128-bit by 64-bit division. Wow!
* <appro at fy.chalmers.se>
*/
+# undef bn_div_words
# define bn_div_words(n0,n1,d0) \
({ asm volatile ( \
"divq %4" \
@@ -178,7 +180,7 @@
# endif /* OPENSSL_NO_ASM */
/*-
- * BN_div[_no_branch] computes dv := num / divisor, rounding towards
+ * BN_div computes dv := num / divisor, rounding towards
* zero, and sets up rm such that dv*divisor + rm = num holds.
* Thus:
* dv->neg == num->neg ^ divisor->neg (unless the result is zero)
@@ -185,8 +187,6 @@
* rm->neg == num->neg (unless the remainder is zero)
* If 'dv' or 'rm' is NULL, the respective value is not returned.
*/
-static int BN_div_no_branch(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num,
- const BIGNUM *divisor, BN_CTX *ctx);
int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor,
BN_CTX *ctx)
{
@@ -195,22 +195,25 @@
BN_ULONG *resp, *wnump;
BN_ULONG d0, d1;
int num_n, div_n;
+ int no_branch = 0;
/*
- * Invalid zero-padding would have particularly bad consequences in the
- * case of 'num', so don't just rely on bn_check_top() for this one
- * (bn_check_top() works only for BN_DEBUG builds)
+ * Invalid zero-padding would have particularly bad consequences so don't
+ * just rely on bn_check_top() here (bn_check_top() works only for
+ * BN_DEBUG builds)
*/
- if (num->top > 0 && num->d[num->top - 1] == 0) {
+ if ((num->top > 0 && num->d[num->top - 1] == 0) ||
+ (divisor->top > 0 && divisor->d[divisor->top - 1] == 0)) {
BNerr(BN_F_BN_DIV, BN_R_NOT_INITIALIZED);
return 0;
}
bn_check_top(num);
+ bn_check_top(divisor);
if ((BN_get_flags(num, BN_FLG_CONSTTIME) != 0)
|| (BN_get_flags(divisor, BN_FLG_CONSTTIME) != 0)) {
- return BN_div_no_branch(dv, rm, num, divisor, ctx);
+ no_branch = 1;
}
bn_check_top(dv);
@@ -218,7 +221,9 @@
/*- bn_check_top(num); *//*
* 'num' has been checked already
*/
- bn_check_top(divisor);
+ /*- bn_check_top(divisor); *//*
+ * 'divisor' has been checked already
+ */
if (BN_is_zero(divisor)) {
BNerr(BN_F_BN_DIV, BN_R_DIV_BY_ZERO);
@@ -225,7 +230,7 @@
return (0);
}
- if (BN_ucmp(num, divisor) < 0) {
+ if (!no_branch && BN_ucmp(num, divisor) < 0) {
if (rm != NULL) {
if (BN_copy(rm, num) == NULL)
return (0);
@@ -255,259 +260,26 @@
if (!(BN_lshift(snum, num, norm_shift)))
goto err;
snum->neg = 0;
- div_n = sdiv->top;
- num_n = snum->top;
- loop = num_n - div_n;
- /*
- * Lets setup a 'window' into snum This is the part that corresponds to
- * the current 'area' being divided
- */
- wnum.neg = 0;
- wnum.d = &(snum->d[loop]);
- wnum.top = div_n;
- /*
- * only needed when BN_ucmp messes up the values between top and max
- */
- wnum.dmax = snum->dmax - loop; /* so we don't step out of bounds */
- /* Get the top 2 words of sdiv */
- /* div_n=sdiv->top; */
- d0 = sdiv->d[div_n - 1];
- d1 = (div_n == 1) ? 0 : sdiv->d[div_n - 2];
-
- /* pointer to the 'top' of snum */
- wnump = &(snum->d[num_n - 1]);
-
- /* Setup to 'res' */
- res->neg = (num->neg ^ divisor->neg);
- if (!bn_wexpand(res, (loop + 1)))
- goto err;
- res->top = loop;
- resp = &(res->d[loop - 1]);
-
- /* space for temp */
- if (!bn_wexpand(tmp, (div_n + 1)))
- goto err;
-
- if (BN_ucmp(&wnum, sdiv) >= 0) {
+ if (no_branch) {
/*
- * If BN_DEBUG_RAND is defined BN_ucmp changes (via bn_pollute) the
- * const bignum arguments => clean the values between top and max
- * again
+ * Since we don't know whether snum is larger than sdiv, we pad snum
+ * with enough zeroes without changing its value.
*/
- bn_clear_top2max(&wnum);
- bn_sub_words(wnum.d, wnum.d, sdiv->d, div_n);
- *resp = 1;
- } else
- res->top--;
- /*
- * if res->top == 0 then clear the neg value otherwise decrease the resp
- * pointer
- */
- if (res->top == 0)
- res->neg = 0;
- else
- resp--;
-
- for (i = 0; i < loop - 1; i++, wnump--, resp--) {
- BN_ULONG q, l0;
- /*
- * the first part of the loop uses the top two words of snum and sdiv
- * to calculate a BN_ULONG q such that | wnum - sdiv * q | < sdiv
- */
-# if defined(BN_DIV3W) && !defined(OPENSSL_NO_ASM)
- BN_ULONG bn_div_3_words(BN_ULONG *, BN_ULONG, BN_ULONG);
- q = bn_div_3_words(wnump, d1, d0);
-# else
- BN_ULONG n0, n1, rem = 0;
-
- n0 = wnump[0];
- n1 = wnump[-1];
- if (n0 == d0)
- q = BN_MASK2;
- else { /* n0 < d0 */
-
-# ifdef BN_LLONG
- BN_ULLONG t2;
-
-# if defined(BN_LLONG) && defined(BN_DIV2W) && !defined(bn_div_words)
- q = (BN_ULONG)(((((BN_ULLONG) n0) << BN_BITS2) | n1) / d0);
-# else
- q = bn_div_words(n0, n1, d0);
-# ifdef BN_DEBUG_LEVITTE
- fprintf(stderr, "DEBUG: bn_div_words(0x%08X,0x%08X,0x%08\
-X) -> 0x%08X\n", n0, n1, d0, q);
-# endif
-# endif
-
-# ifndef REMAINDER_IS_ALREADY_CALCULATED
- /*
- * rem doesn't have to be BN_ULLONG. The least we
- * know it's less that d0, isn't it?
- */
- rem = (n1 - q * d0) & BN_MASK2;
-# endif
- t2 = (BN_ULLONG) d1 *q;
-
- for (;;) {
- if (t2 <= ((((BN_ULLONG) rem) << BN_BITS2) | wnump[-2]))
- break;
- q--;
- rem += d0;
- if (rem < d0)
- break; /* don't let rem overflow */
- t2 -= d1;
- }
-# else /* !BN_LLONG */
- BN_ULONG t2l, t2h;
-# if !defined(BN_UMULT_LOHI) && !defined(BN_UMULT_HIGH)
- BN_ULONG ql, qh;
-# endif
-
- q = bn_div_words(n0, n1, d0);
-# ifdef BN_DEBUG_LEVITTE
- fprintf(stderr, "DEBUG: bn_div_words(0x%08X,0x%08X,0x%08\
-X) -> 0x%08X\n", n0, n1, d0, q);
-# endif
-# ifndef REMAINDER_IS_ALREADY_CALCULATED
- rem = (n1 - q * d0) & BN_MASK2;
-# endif
-
-# if defined(BN_UMULT_LOHI)
- BN_UMULT_LOHI(t2l, t2h, d1, q);
-# elif defined(BN_UMULT_HIGH)
- t2l = d1 * q;
- t2h = BN_UMULT_HIGH(d1, q);
-# else
- t2l = LBITS(d1);
- t2h = HBITS(d1);
- ql = LBITS(q);
- qh = HBITS(q);
- mul64(t2l, t2h, ql, qh); /* t2=(BN_ULLONG)d1*q; */
-# endif
-
- for (;;) {
- if ((t2h < rem) || ((t2h == rem) && (t2l <= wnump[-2])))
- break;
- q--;
- rem += d0;
- if (rem < d0)
- break; /* don't let rem overflow */
- if (t2l < d1)
- t2h--;
- t2l -= d1;
- }
-# endif /* !BN_LLONG */
+ if (snum->top <= sdiv->top + 1) {
+ if (bn_wexpand(snum, sdiv->top + 2) == NULL)
+ goto err;
+ for (i = snum->top; i < sdiv->top + 2; i++)
+ snum->d[i] = 0;
+ snum->top = sdiv->top + 2;
+ } else {
+ if (bn_wexpand(snum, snum->top + 1) == NULL)
+ goto err;
+ snum->d[snum->top] = 0;
+ snum->top++;
}
-# endif /* !BN_DIV3W */
-
- l0 = bn_mul_words(tmp->d, sdiv->d, div_n, q);
- tmp->d[div_n] = l0;
- wnum.d--;
- /*
- * ingore top values of the bignums just sub the two BN_ULONG arrays
- * with bn_sub_words
- */
- if (bn_sub_words(wnum.d, wnum.d, tmp->d, div_n + 1)) {
- /*
- * Note: As we have considered only the leading two BN_ULONGs in
- * the calculation of q, sdiv * q might be greater than wnum (but
- * then (q-1) * sdiv is less or equal than wnum)
- */
- q--;
- if (bn_add_words(wnum.d, wnum.d, sdiv->d, div_n))
- /*
- * we can't have an overflow here (assuming that q != 0, but
- * if q == 0 then tmp is zero anyway)
- */
- (*wnump)++;
- }
- /* store part of the result */
- *resp = q;
}
- bn_correct_top(snum);
- if (rm != NULL) {
- /*
- * Keep a copy of the neg flag in num because if rm==num BN_rshift()
- * will overwrite it.
- */
- int neg = num->neg;
- BN_rshift(rm, snum, norm_shift);
- if (!BN_is_zero(rm))
- rm->neg = neg;
- bn_check_top(rm);
- }
- BN_CTX_end(ctx);
- return (1);
- err:
- bn_check_top(rm);
- BN_CTX_end(ctx);
- return (0);
-}
-/*
- * BN_div_no_branch is a special version of BN_div. It does not contain
- * branches that may leak sensitive information.
- */
-static int BN_div_no_branch(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num,
- const BIGNUM *divisor, BN_CTX *ctx)
-{
- int norm_shift, i, loop;
- BIGNUM *tmp, wnum, *snum, *sdiv, *res;
- BN_ULONG *resp, *wnump;
- BN_ULONG d0, d1;
- int num_n, div_n;
-
- bn_check_top(dv);
- bn_check_top(rm);
- /*- bn_check_top(num); *//*
- * 'num' has been checked in BN_div()
- */
- bn_check_top(divisor);
-
- if (BN_is_zero(divisor)) {
- BNerr(BN_F_BN_DIV_NO_BRANCH, BN_R_DIV_BY_ZERO);
- return (0);
- }
-
- BN_CTX_start(ctx);
- tmp = BN_CTX_get(ctx);
- snum = BN_CTX_get(ctx);
- sdiv = BN_CTX_get(ctx);
- if (dv == NULL)
- res = BN_CTX_get(ctx);
- else
- res = dv;
- if (sdiv == NULL || res == NULL)
- goto err;
-
- /* First we normalise the numbers */
- norm_shift = BN_BITS2 - ((BN_num_bits(divisor)) % BN_BITS2);
- if (!(BN_lshift(sdiv, divisor, norm_shift)))
- goto err;
- sdiv->neg = 0;
- norm_shift += BN_BITS2;
- if (!(BN_lshift(snum, num, norm_shift)))
- goto err;
- snum->neg = 0;
-
- /*
- * Since we don't know whether snum is larger than sdiv, we pad snum with
- * enough zeroes without changing its value.
- */
- if (snum->top <= sdiv->top + 1) {
- if (bn_wexpand(snum, sdiv->top + 2) == NULL)
- goto err;
- for (i = snum->top; i < sdiv->top + 2; i++)
- snum->d[i] = 0;
- snum->top = sdiv->top + 2;
- } else {
- if (bn_wexpand(snum, snum->top + 1) == NULL)
- goto err;
- snum->d[snum->top] = 0;
- snum->top++;
- }
-
div_n = sdiv->top;
num_n = snum->top;
loop = num_n - div_n;
@@ -535,7 +307,7 @@
res->neg = (num->neg ^ divisor->neg);
if (!bn_wexpand(res, (loop + 1)))
goto err;
- res->top = loop - 1;
+ res->top = loop - no_branch;
resp = &(res->d[loop - 1]);
/* space for temp */
@@ -542,6 +314,20 @@
if (!bn_wexpand(tmp, (div_n + 1)))
goto err;
+ if (!no_branch) {
+ if (BN_ucmp(&wnum, sdiv) >= 0) {
+ /*
+ * If BN_DEBUG_RAND is defined BN_ucmp changes (via bn_pollute)
+ * the const bignum arguments => clean the values between top and
+ * max again
+ */
+ bn_clear_top2max(&wnum);
+ bn_sub_words(wnum.d, wnum.d, sdiv->d, div_n);
+ *resp = 1;
+ } else
+ res->top--;
+ }
+
/*
* if res->top == 0 then clear the neg value otherwise decrease the resp
* pointer
@@ -602,9 +388,6 @@
}
# else /* !BN_LLONG */
BN_ULONG t2l, t2h;
-# if !defined(BN_UMULT_LOHI) && !defined(BN_UMULT_HIGH)
- BN_ULONG ql, qh;
-# endif
q = bn_div_words(n0, n1, d0);
# ifdef BN_DEBUG_LEVITTE
@@ -621,11 +404,14 @@
t2l = d1 * q;
t2h = BN_UMULT_HIGH(d1, q);
# else
- t2l = LBITS(d1);
- t2h = HBITS(d1);
- ql = LBITS(q);
- qh = HBITS(q);
- mul64(t2l, t2h, ql, qh); /* t2=(BN_ULLONG)d1*q; */
+ {
+ BN_ULONG ql, qh;
+ t2l = LBITS(d1);
+ t2h = HBITS(d1);
+ ql = LBITS(q);
+ qh = HBITS(q);
+ mul64(t2l, t2h, ql, qh); /* t2=(BN_ULLONG)d1*q; */
+ }
# endif
for (;;) {
@@ -679,7 +465,8 @@
rm->neg = neg;
bn_check_top(rm);
}
- bn_correct_top(res);
+ if (no_branch)
+ bn_correct_top(res);
BN_CTX_end(ctx);
return (1);
err:
@@ -687,5 +474,4 @@
BN_CTX_end(ctx);
return (0);
}
-
#endif
Modified: trunk/crypto/openssl/crypto/bn/bn_exp.c
===================================================================
--- trunk/crypto/openssl/crypto/bn/bn_exp.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/bn/bn_exp.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -112,6 +112,18 @@
#include "cryptlib.h"
#include "bn_lcl.h"
+#include <stdlib.h>
+#ifdef _WIN32
+# include <malloc.h>
+# ifndef alloca
+# define alloca _alloca
+# endif
+#elif defined(__GNUC__)
+# ifndef alloca
+# define alloca(s) __builtin_alloca((s))
+# endif
+#endif
+
/* maximum precomputation table size for *variable* sliding windows */
#define TABLE_SIZE 32
@@ -156,10 +168,10 @@
goto err;
}
}
+ if (r != rr)
+ BN_copy(r, rr);
ret = 1;
err:
- if (r != rr)
- BN_copy(r, rr);
BN_CTX_end(ctx);
bn_check_top(r);
return (ret);
@@ -521,23 +533,19 @@
* used to transfer a BIGNUM from/to that table.
*/
-static int MOD_EXP_CTIME_COPY_TO_PREBUF(BIGNUM *b, int top,
+static int MOD_EXP_CTIME_COPY_TO_PREBUF(const BIGNUM *b, int top,
unsigned char *buf, int idx,
int width)
{
size_t i, j;
- if (bn_wexpand(b, top) == NULL)
- return 0;
- while (b->top < top) {
- b->d[b->top++] = 0;
- }
-
+ if (top > b->top)
+ top = b->top; /* this works because 'buf' is explicitly
+ * zeroed */
for (i = 0, j = idx; i < top * sizeof b->d[0]; i++, j += width) {
buf[j] = ((unsigned char *)b->d)[i];
}
- bn_correct_top(b);
return 1;
}
@@ -564,7 +572,7 @@
* multiple.
*/
#define MOD_EXP_CTIME_ALIGN(x_) \
- ((unsigned char*)(x_) + (MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH - (((BN_ULONG)(x_)) & (MOD_EXP_CTIME_MIN_CACHE_LINE_MASK))))
+ ((unsigned char*)(x_) + (MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH - (((size_t)(x_)) & (MOD_EXP_CTIME_MIN_CACHE_LINE_MASK))))
/*
* This variant of BN_mod_exp_mont() uses fixed windows and the special
@@ -577,10 +585,8 @@
const BIGNUM *m, BN_CTX *ctx,
BN_MONT_CTX *in_mont)
{
- int i, bits, ret = 0, idx, window, wvalue;
+ int i, bits, ret = 0, window, wvalue;
int top;
- BIGNUM *r;
- const BIGNUM *aa;
BN_MONT_CTX *mont = NULL;
int numPowers;
@@ -587,7 +593,7 @@
unsigned char *powerbufFree = NULL;
int powerbufLen = 0;
unsigned char *powerbuf = NULL;
- BIGNUM *computeTemp = NULL, *am = NULL;
+ BIGNUM tmp, am;
bn_check_top(a);
bn_check_top(p);
@@ -605,11 +611,7 @@
return ret;
}
- /* Initialize BIGNUM context and allocate intermediate result */
BN_CTX_start(ctx);
- r = BN_CTX_get(ctx);
- if (r == NULL)
- goto err;
/*
* Allocate a montgomery context if it was not supplied by the caller. If
@@ -626,109 +628,223 @@
/* Get the window size to use with size of p. */
window = BN_window_bits_for_ctime_exponent_size(bits);
+#if defined(OPENSSL_BN_ASM_MONT5)
+ if (window == 6 && bits <= 1024)
+ window = 5; /* ~5% improvement of 2048-bit RSA sign */
+#endif
/*
* Allocate a buffer large enough to hold all of the pre-computed powers
- * of a.
+ * of am, am itself and tmp.
*/
numPowers = 1 << window;
- powerbufLen = sizeof(m->d[0]) * top * numPowers;
- if ((powerbufFree =
- (unsigned char *)OPENSSL_malloc(powerbufLen +
- MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH))
- == NULL)
+ powerbufLen = sizeof(m->d[0]) * (top * numPowers +
+ ((2 * top) >
+ numPowers ? (2 * top) : numPowers));
+#ifdef alloca
+ if (powerbufLen < 3072)
+ powerbufFree =
+ alloca(powerbufLen + MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH);
+ else
+#endif
+ if ((powerbufFree =
+ (unsigned char *)OPENSSL_malloc(powerbufLen +
+ MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH))
+ == NULL)
goto err;
powerbuf = MOD_EXP_CTIME_ALIGN(powerbufFree);
memset(powerbuf, 0, powerbufLen);
- /*
- * Initialize the intermediate result. Do this early to save double
- * conversion, once each for a^0 and intermediate result.
- */
- if (!BN_to_montgomery(r, BN_value_one(), mont, ctx))
- goto err;
- if (!MOD_EXP_CTIME_COPY_TO_PREBUF(r, top, powerbuf, 0, numPowers))
- goto err;
+#ifdef alloca
+ if (powerbufLen < 3072)
+ powerbufFree = NULL;
+#endif
- /* Initialize computeTemp as a^1 with montgomery precalcs */
- computeTemp = BN_CTX_get(ctx);
- am = BN_CTX_get(ctx);
- if (computeTemp == NULL || am == NULL)
+ /* lay down tmp and am right after powers table */
+ tmp.d = (BN_ULONG *)(powerbuf + sizeof(m->d[0]) * top * numPowers);
+ am.d = tmp.d + top;
+ tmp.top = am.top = 0;
+ tmp.dmax = am.dmax = top;
+ tmp.neg = am.neg = 0;
+ tmp.flags = am.flags = BN_FLG_STATIC_DATA;
+
+ /* prepare a^0 in Montgomery domain */
+#if 1
+ if (!BN_to_montgomery(&tmp, BN_value_one(), mont, ctx))
goto err;
+#else
+ tmp.d[0] = (0 - m->d[0]) & BN_MASK2; /* 2^(top*BN_BITS2) - m */
+ for (i = 1; i < top; i++)
+ tmp.d[i] = (~m->d[i]) & BN_MASK2;
+ tmp.top = top;
+#endif
+ /* prepare a^1 in Montgomery domain */
if (a->neg || BN_ucmp(a, m) >= 0) {
- if (!BN_mod(am, a, m, ctx))
+ if (!BN_mod(&am, a, m, ctx))
goto err;
- aa = am;
- } else
- aa = a;
- if (!BN_to_montgomery(am, aa, mont, ctx))
+ if (!BN_to_montgomery(&am, &am, mont, ctx))
+ goto err;
+ } else if (!BN_to_montgomery(&am, a, mont, ctx))
goto err;
- if (!BN_copy(computeTemp, am))
- goto err;
- if (!MOD_EXP_CTIME_COPY_TO_PREBUF(am, top, powerbuf, 1, numPowers))
- goto err;
- /*
- * If the window size is greater than 1, then calculate
- * val[i=2..2^winsize-1]. Powers are computed as a*a^(i-1) (even powers
- * could instead be computed as (a^(i/2))^2 to use the slight performance
- * advantage of sqr over mul).
- */
- if (window > 1) {
- for (i = 2; i < numPowers; i++) {
+#if defined(OPENSSL_BN_ASM_MONT5)
+ if (window == 5 && top > 1) {
+ /*
+ * This optimization uses ideas from http://eprint.iacr.org/2011/239,
+ * specifically optimization of cache-timing attack countermeasures
+ * and pre-computation optimization.
+ */
+
+ /*
+ * Dedicated window==4 case improves 512-bit RSA sign by ~15%, but as
+ * 512-bit RSA is hardly relevant, we omit it to spare size...
+ */
+ void bn_mul_mont_gather5(BN_ULONG *rp, const BN_ULONG *ap,
+ const void *table, const BN_ULONG *np,
+ const BN_ULONG *n0, int num, int power);
+ void bn_scatter5(const BN_ULONG *inp, size_t num,
+ void *table, size_t power);
+ void bn_gather5(BN_ULONG *out, size_t num, void *table, size_t power);
+
+ BN_ULONG *np = mont->N.d, *n0 = mont->n0;
+
+ /*
+ * BN_to_montgomery can contaminate words above .top [in
+ * BN_DEBUG[_DEBUG] build]...
+ */
+ for (i = am.top; i < top; i++)
+ am.d[i] = 0;
+ for (i = tmp.top; i < top; i++)
+ tmp.d[i] = 0;
+
+ bn_scatter5(tmp.d, top, powerbuf, 0);
+ bn_scatter5(am.d, am.top, powerbuf, 1);
+ bn_mul_mont(tmp.d, am.d, am.d, np, n0, top);
+ bn_scatter5(tmp.d, top, powerbuf, 2);
+
+# if 0
+ for (i = 3; i < 32; i++) {
/* Calculate a^i = a^(i-1) * a */
- if (!BN_mod_mul_montgomery
- (computeTemp, am, computeTemp, mont, ctx))
- goto err;
- if (!MOD_EXP_CTIME_COPY_TO_PREBUF
- (computeTemp, top, powerbuf, i, numPowers))
- goto err;
+ bn_mul_mont_gather5(tmp.d, am.d, powerbuf, np, n0, top, i - 1);
+ bn_scatter5(tmp.d, top, powerbuf, i);
}
- }
+# else
+ /* same as above, but uses squaring for 1/2 of operations */
+ for (i = 4; i < 32; i *= 2) {
+ bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top);
+ bn_scatter5(tmp.d, top, powerbuf, i);
+ }
+ for (i = 3; i < 8; i += 2) {
+ int j;
+ bn_mul_mont_gather5(tmp.d, am.d, powerbuf, np, n0, top, i - 1);
+ bn_scatter5(tmp.d, top, powerbuf, i);
+ for (j = 2 * i; j < 32; j *= 2) {
+ bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top);
+ bn_scatter5(tmp.d, top, powerbuf, j);
+ }
+ }
+ for (; i < 16; i += 2) {
+ bn_mul_mont_gather5(tmp.d, am.d, powerbuf, np, n0, top, i - 1);
+ bn_scatter5(tmp.d, top, powerbuf, i);
+ bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top);
+ bn_scatter5(tmp.d, top, powerbuf, 2 * i);
+ }
+ for (; i < 32; i += 2) {
+ bn_mul_mont_gather5(tmp.d, am.d, powerbuf, np, n0, top, i - 1);
+ bn_scatter5(tmp.d, top, powerbuf, i);
+ }
+# endif
+ bits--;
+ for (wvalue = 0, i = bits % 5; i >= 0; i--, bits--)
+ wvalue = (wvalue << 1) + BN_is_bit_set(p, bits);
+ bn_gather5(tmp.d, top, powerbuf, wvalue);
- /*
- * Adjust the number of bits up to a multiple of the window size. If the
- * exponent length is not a multiple of the window size, then this pads
- * the most significant bits with zeros to normalize the scanning loop to
- * there's no special cases. * NOTE: Making the window size a power of
- * two less than the native * word size ensures that the padded bits
- * won't go past the last * word in the internal BIGNUM structure. Going
- * past the end will * still produce the correct result, but causes a
- * different branch * to be taken in the BN_is_bit_set function.
- */
- bits = ((bits + window - 1) / window) * window;
- idx = bits - 1; /* The top bit of the window */
+ /*
+ * Scan the exponent one window at a time starting from the most
+ * significant bits.
+ */
+ while (bits >= 0) {
+ for (wvalue = 0, i = 0; i < 5; i++, bits--)
+ wvalue = (wvalue << 1) + BN_is_bit_set(p, bits);
- /*
- * Scan the exponent one window at a time starting from the most
- * significant bits.
- */
- while (idx >= 0) {
- wvalue = 0; /* The 'value' of the window */
+ bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top);
+ bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top);
+ bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top);
+ bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top);
+ bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top);
+ bn_mul_mont_gather5(tmp.d, tmp.d, powerbuf, np, n0, top, wvalue);
+ }
- /* Scan the window, squaring the result as we go */
- for (i = 0; i < window; i++, idx--) {
- if (!BN_mod_mul_montgomery(r, r, r, mont, ctx))
+ tmp.top = top;
+ bn_correct_top(&tmp);
+ } else
+#endif
+ {
+ if (!MOD_EXP_CTIME_COPY_TO_PREBUF(&tmp, top, powerbuf, 0, numPowers))
+ goto err;
+ if (!MOD_EXP_CTIME_COPY_TO_PREBUF(&am, top, powerbuf, 1, numPowers))
+ goto err;
+
+ /*
+ * If the window size is greater than 1, then calculate
+ * val[i=2..2^winsize-1]. Powers are computed as a*a^(i-1) (even
+ * powers could instead be computed as (a^(i/2))^2 to use the slight
+ * performance advantage of sqr over mul).
+ */
+ if (window > 1) {
+ if (!BN_mod_mul_montgomery(&tmp, &am, &am, mont, ctx))
goto err;
- wvalue = (wvalue << 1) + BN_is_bit_set(p, idx);
+ if (!MOD_EXP_CTIME_COPY_TO_PREBUF
+ (&tmp, top, powerbuf, 2, numPowers))
+ goto err;
+ for (i = 3; i < numPowers; i++) {
+ /* Calculate a^i = a^(i-1) * a */
+ if (!BN_mod_mul_montgomery(&tmp, &am, &tmp, mont, ctx))
+ goto err;
+ if (!MOD_EXP_CTIME_COPY_TO_PREBUF
+ (&tmp, top, powerbuf, i, numPowers))
+ goto err;
+ }
}
- /*
- * Fetch the appropriate pre-computed value from the pre-buf
- */
+ bits--;
+ for (wvalue = 0, i = bits % window; i >= 0; i--, bits--)
+ wvalue = (wvalue << 1) + BN_is_bit_set(p, bits);
if (!MOD_EXP_CTIME_COPY_FROM_PREBUF
- (computeTemp, top, powerbuf, wvalue, numPowers))
+ (&tmp, top, powerbuf, wvalue, numPowers))
goto err;
- /* Multiply the result into the intermediate result */
- if (!BN_mod_mul_montgomery(r, r, computeTemp, mont, ctx))
- goto err;
+ /*
+ * Scan the exponent one window at a time starting from the most
+ * significant bits.
+ */
+ while (bits >= 0) {
+ wvalue = 0; /* The 'value' of the window */
+
+ /* Scan the window, squaring the result as we go */
+ for (i = 0; i < window; i++, bits--) {
+ if (!BN_mod_mul_montgomery(&tmp, &tmp, &tmp, mont, ctx))
+ goto err;
+ wvalue = (wvalue << 1) + BN_is_bit_set(p, bits);
+ }
+
+ /*
+ * Fetch the appropriate pre-computed value from the pre-buf
+ */
+ if (!MOD_EXP_CTIME_COPY_FROM_PREBUF
+ (&am, top, powerbuf, wvalue, numPowers))
+ goto err;
+
+ /* Multiply the result into the intermediate result */
+ if (!BN_mod_mul_montgomery(&tmp, &tmp, &am, mont, ctx))
+ goto err;
+ }
}
/* Convert the final result from montgomery to standard format */
- if (!BN_from_montgomery(rr, r, mont, ctx))
+ if (!BN_from_montgomery(rr, &tmp, mont, ctx))
goto err;
ret = 1;
err:
@@ -736,12 +852,9 @@
BN_MONT_CTX_free(mont);
if (powerbuf != NULL) {
OPENSSL_cleanse(powerbuf, powerbufLen);
- OPENSSL_free(powerbufFree);
+ if (powerbufFree)
+ OPENSSL_free(powerbufFree);
}
- if (am != NULL)
- BN_clear(am);
- if (computeTemp != NULL)
- BN_clear(computeTemp);
BN_CTX_end(ctx);
return (ret);
}
Modified: trunk/crypto/openssl/crypto/bn/bn_gcd.c
===================================================================
--- trunk/crypto/openssl/crypto/bn/bn_gcd.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/bn/bn_gcd.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -222,8 +222,9 @@
static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *in,
const BIGNUM *a, const BIGNUM *n,
BN_CTX *ctx);
-BIGNUM *BN_mod_inverse(BIGNUM *in, const BIGNUM *a, const BIGNUM *n,
- BN_CTX *ctx)
+
+BIGNUM *BN_mod_inverse(BIGNUM *in,
+ const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx)
{
BIGNUM *A, *B, *X, *Y, *M, *D, *T, *R = NULL;
BIGNUM *ret = NULL;
Modified: trunk/crypto/openssl/crypto/bn/bn_gf2m.c
===================================================================
--- trunk/crypto/openssl/crypto/bn/bn_gf2m.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/bn/bn_gf2m.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -95,11 +95,13 @@
#include "cryptlib.h"
#include "bn_lcl.h"
+#ifndef OPENSSL_NO_EC2M
+
/*
* Maximum number of iterations before BN_GF2m_mod_solve_quad_arr should
* fail.
*/
-#define MAX_ITERATIONS 50
+# define MAX_ITERATIONS 50
static const BN_ULONG SQR_tb[16] = { 0, 1, 4, 5, 16, 17, 20, 21,
64, 65, 68, 69, 80, 81, 84, 85
@@ -106,139 +108,38 @@
};
/* Platform-specific macros to accelerate squaring. */
-#if defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG)
-# define SQR1(w) \
+# if defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG)
+# define SQR1(w) \
SQR_tb[(w) >> 60 & 0xF] << 56 | SQR_tb[(w) >> 56 & 0xF] << 48 | \
SQR_tb[(w) >> 52 & 0xF] << 40 | SQR_tb[(w) >> 48 & 0xF] << 32 | \
SQR_tb[(w) >> 44 & 0xF] << 24 | SQR_tb[(w) >> 40 & 0xF] << 16 | \
SQR_tb[(w) >> 36 & 0xF] << 8 | SQR_tb[(w) >> 32 & 0xF]
-# define SQR0(w) \
+# define SQR0(w) \
SQR_tb[(w) >> 28 & 0xF] << 56 | SQR_tb[(w) >> 24 & 0xF] << 48 | \
SQR_tb[(w) >> 20 & 0xF] << 40 | SQR_tb[(w) >> 16 & 0xF] << 32 | \
SQR_tb[(w) >> 12 & 0xF] << 24 | SQR_tb[(w) >> 8 & 0xF] << 16 | \
SQR_tb[(w) >> 4 & 0xF] << 8 | SQR_tb[(w) & 0xF]
-#endif
-#ifdef THIRTY_TWO_BIT
-# define SQR1(w) \
+# endif
+# ifdef THIRTY_TWO_BIT
+# define SQR1(w) \
SQR_tb[(w) >> 28 & 0xF] << 24 | SQR_tb[(w) >> 24 & 0xF] << 16 | \
SQR_tb[(w) >> 20 & 0xF] << 8 | SQR_tb[(w) >> 16 & 0xF]
-# define SQR0(w) \
+# define SQR0(w) \
SQR_tb[(w) >> 12 & 0xF] << 24 | SQR_tb[(w) >> 8 & 0xF] << 16 | \
SQR_tb[(w) >> 4 & 0xF] << 8 | SQR_tb[(w) & 0xF]
-#endif
-#ifdef SIXTEEN_BIT
-# define SQR1(w) \
- SQR_tb[(w) >> 12 & 0xF] << 8 | SQR_tb[(w) >> 8 & 0xF]
-# define SQR0(w) \
- SQR_tb[(w) >> 4 & 0xF] << 8 | SQR_tb[(w) & 0xF]
-#endif
-#ifdef EIGHT_BIT
-# define SQR1(w) \
- SQR_tb[(w) >> 4 & 0xF]
-# define SQR0(w) \
- SQR_tb[(w) & 15]
-#endif
+# endif
+# if !defined(OPENSSL_BN_ASM_GF2m)
/*
* Product of two polynomials a, b each with degree < BN_BITS2 - 1, result is
* a polynomial r with degree < 2 * BN_BITS - 1 The caller MUST ensure that
* the variables have the right amount of space allocated.
*/
-#ifdef EIGHT_BIT
+# ifdef THIRTY_TWO_BIT
static void bn_GF2m_mul_1x1(BN_ULONG *r1, BN_ULONG *r0, const BN_ULONG a,
const BN_ULONG b)
{
register BN_ULONG h, l, s;
- BN_ULONG tab[4], top1b = a >> 7;
- register BN_ULONG a1, a2;
-
- a1 = a & (0x7F);
- a2 = a1 << 1;
-
- tab[0] = 0;
- tab[1] = a1;
- tab[2] = a2;
- tab[3] = a1 ^ a2;
-
- s = tab[b & 0x3];
- l = s;
- s = tab[b >> 2 & 0x3];
- l ^= s << 2;
- h = s >> 6;
- s = tab[b >> 4 & 0x3];
- l ^= s << 4;
- h ^= s >> 4;
- s = tab[b >> 6];
- l ^= s << 6;
- h ^= s >> 2;
-
- /* compensate for the top bit of a */
-
- if (top1b & 01) {
- l ^= b << 7;
- h ^= b >> 1;
- }
-
- *r1 = h;
- *r0 = l;
-}
-#endif
-#ifdef SIXTEEN_BIT
-static void bn_GF2m_mul_1x1(BN_ULONG *r1, BN_ULONG *r0, const BN_ULONG a,
- const BN_ULONG b)
-{
- register BN_ULONG h, l, s;
- BN_ULONG tab[4], top1b = a >> 15;
- register BN_ULONG a1, a2;
-
- a1 = a & (0x7FFF);
- a2 = a1 << 1;
-
- tab[0] = 0;
- tab[1] = a1;
- tab[2] = a2;
- tab[3] = a1 ^ a2;
-
- s = tab[b & 0x3];
- l = s;
- s = tab[b >> 2 & 0x3];
- l ^= s << 2;
- h = s >> 14;
- s = tab[b >> 4 & 0x3];
- l ^= s << 4;
- h ^= s >> 12;
- s = tab[b >> 6 & 0x3];
- l ^= s << 6;
- h ^= s >> 10;
- s = tab[b >> 8 & 0x3];
- l ^= s << 8;
- h ^= s >> 8;
- s = tab[b >> 10 & 0x3];
- l ^= s << 10;
- h ^= s >> 6;
- s = tab[b >> 12 & 0x3];
- l ^= s << 12;
- h ^= s >> 4;
- s = tab[b >> 14];
- l ^= s << 14;
- h ^= s >> 2;
-
- /* compensate for the top bit of a */
-
- if (top1b & 01) {
- l ^= b << 15;
- h ^= b >> 1;
- }
-
- *r1 = h;
- *r0 = l;
-}
-#endif
-#ifdef THIRTY_TWO_BIT
-static void bn_GF2m_mul_1x1(BN_ULONG *r1, BN_ULONG *r0, const BN_ULONG a,
- const BN_ULONG b)
-{
- register BN_ULONG h, l, s;
BN_ULONG tab[8], top2b = a >> 30;
register BN_ULONG a1, a2, a4;
@@ -302,8 +203,8 @@
*r1 = h;
*r0 = l;
}
-#endif
-#if defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG)
+# endif
+# if defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG)
static void bn_GF2m_mul_1x1(BN_ULONG *r1, BN_ULONG *r0, const BN_ULONG a,
const BN_ULONG b)
{
@@ -399,7 +300,7 @@
*r1 = h;
*r0 = l;
}
-#endif
+# endif
/*
* Product of two polynomials a, b each with degree < 2 * BN_BITS2 - 1,
@@ -418,6 +319,10 @@
r[2] ^= m1 ^ r[1] ^ r[3]; /* h0 ^= m1 ^ l1 ^ h1; */
r[1] = r[3] ^ r[2] ^ r[0] ^ m1 ^ m0; /* l1 ^= l0 ^ h0 ^ m0; */
}
+# else
+void bn_GF2m_mul_2x2(BN_ULONG *r, BN_ULONG a1, BN_ULONG a0, BN_ULONG b1,
+ BN_ULONG b0);
+# endif
/*
* Add polynomials a and b and store result in r; r could be a or b, a and b
@@ -463,7 +368,7 @@
*/
/* Performs modular reduction of a and store result in r. r could be a. */
-int BN_GF2m_mod_arr(BIGNUM *r, const BIGNUM *a, const unsigned int p[])
+int BN_GF2m_mod_arr(BIGNUM *r, const BIGNUM *a, const int p[])
{
int j, k;
int n, dN, d0, d1;
@@ -565,23 +470,16 @@
int BN_GF2m_mod(BIGNUM *r, const BIGNUM *a, const BIGNUM *p)
{
int ret = 0;
- const int max = BN_num_bits(p);
- unsigned int *arr = NULL;
+ int arr[6];
bn_check_top(a);
bn_check_top(p);
- if ((arr =
- (unsigned int *)OPENSSL_malloc(sizeof(unsigned int) * max)) == NULL)
- goto err;
- ret = BN_GF2m_poly2arr(p, arr, max);
- if (!ret || ret > max) {
+ ret = BN_GF2m_poly2arr(p, arr, sizeof(arr) / sizeof(arr[0]));
+ if (!ret || ret > (int)(sizeof(arr) / sizeof(arr[0]))) {
BNerr(BN_F_BN_GF2M_MOD, BN_R_INVALID_LENGTH);
- goto err;
+ return 0;
}
ret = BN_GF2m_mod_arr(r, a, arr);
bn_check_top(r);
- err:
- if (arr)
- OPENSSL_free(arr);
return ret;
}
@@ -590,7 +488,7 @@
* the result in r. r could be a or b; a could be b.
*/
int BN_GF2m_mod_mul_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
- const unsigned int p[], BN_CTX *ctx)
+ const int p[], BN_CTX *ctx)
{
int zlen, i, j, k, ret = 0;
BIGNUM *s;
@@ -648,13 +546,12 @@
const BIGNUM *p, BN_CTX *ctx)
{
int ret = 0;
- const int max = BN_num_bits(p);
- unsigned int *arr = NULL;
+ const int max = BN_num_bits(p) + 1;
+ int *arr = NULL;
bn_check_top(a);
bn_check_top(b);
bn_check_top(p);
- if ((arr =
- (unsigned int *)OPENSSL_malloc(sizeof(unsigned int) * max)) == NULL)
+ if ((arr = (int *)OPENSSL_malloc(sizeof(int) * max)) == NULL)
goto err;
ret = BN_GF2m_poly2arr(p, arr, max);
if (!ret || ret > max) {
@@ -670,7 +567,7 @@
}
/* Square a, reduce the result mod p, and store it in a. r could be a. */
-int BN_GF2m_mod_sqr_arr(BIGNUM *r, const BIGNUM *a, const unsigned int p[],
+int BN_GF2m_mod_sqr_arr(BIGNUM *r, const BIGNUM *a, const int p[],
BN_CTX *ctx)
{
int i, ret = 0;
@@ -708,13 +605,12 @@
int BN_GF2m_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
{
int ret = 0;
- const int max = BN_num_bits(p);
- unsigned int *arr = NULL;
+ const int max = BN_num_bits(p) + 1;
+ int *arr = NULL;
bn_check_top(a);
bn_check_top(p);
- if ((arr =
- (unsigned int *)OPENSSL_malloc(sizeof(unsigned int) * max)) == NULL)
+ if ((arr = (int *)OPENSSL_malloc(sizeof(int) * max)) == NULL)
goto err;
ret = BN_GF2m_poly2arr(p, arr, max);
if (!ret || ret > max) {
@@ -737,7 +633,7 @@
*/
int BN_GF2m_mod_inv(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
{
- BIGNUM *b, *c, *u, *v, *tmp;
+ BIGNUM *b, *c = NULL, *u = NULL, *v = NULL, *tmp;
int ret = 0;
bn_check_top(a);
@@ -745,23 +641,26 @@
BN_CTX_start(ctx);
- b = BN_CTX_get(ctx);
- c = BN_CTX_get(ctx);
- u = BN_CTX_get(ctx);
- v = BN_CTX_get(ctx);
- if (v == NULL)
+ if ((b = BN_CTX_get(ctx)) == NULL)
goto err;
-
- if (!BN_one(b))
+ if ((c = BN_CTX_get(ctx)) == NULL)
goto err;
- if (!BN_GF2m_mod(u, a, p))
+ if ((u = BN_CTX_get(ctx)) == NULL)
goto err;
- if (!BN_copy(v, p))
+ if ((v = BN_CTX_get(ctx)) == NULL)
goto err;
+ if (!BN_GF2m_mod(u, a, p))
+ goto err;
if (BN_is_zero(u))
goto err;
+ if (!BN_copy(v, p))
+ goto err;
+# if 0
+ if (!BN_one(b))
+ goto err;
+
while (1) {
while (!BN_is_odd(u)) {
if (BN_is_zero(u))
@@ -793,7 +692,94 @@
if (!BN_GF2m_add(b, b, c))
goto err;
}
+# else
+ {
+ int i;
+ int ubits = BN_num_bits(u);
+ int vbits = BN_num_bits(v); /* v is copy of p */
+ int top = p->top;
+ BN_ULONG *udp, *bdp, *vdp, *cdp;
+ bn_wexpand(u, top);
+ udp = u->d;
+ for (i = u->top; i < top; i++)
+ udp[i] = 0;
+ u->top = top;
+ bn_wexpand(b, top);
+ bdp = b->d;
+ bdp[0] = 1;
+ for (i = 1; i < top; i++)
+ bdp[i] = 0;
+ b->top = top;
+ bn_wexpand(c, top);
+ cdp = c->d;
+ for (i = 0; i < top; i++)
+ cdp[i] = 0;
+ c->top = top;
+ vdp = v->d; /* It pays off to "cache" *->d pointers,
+ * because it allows optimizer to be more
+ * aggressive. But we don't have to "cache"
+ * p->d, because *p is declared 'const'... */
+ while (1) {
+ while (ubits && !(udp[0] & 1)) {
+ BN_ULONG u0, u1, b0, b1, mask;
+
+ u0 = udp[0];
+ b0 = bdp[0];
+ mask = (BN_ULONG)0 - (b0 & 1);
+ b0 ^= p->d[0] & mask;
+ for (i = 0; i < top - 1; i++) {
+ u1 = udp[i + 1];
+ udp[i] = ((u0 >> 1) | (u1 << (BN_BITS2 - 1))) & BN_MASK2;
+ u0 = u1;
+ b1 = bdp[i + 1] ^ (p->d[i + 1] & mask);
+ bdp[i] = ((b0 >> 1) | (b1 << (BN_BITS2 - 1))) & BN_MASK2;
+ b0 = b1;
+ }
+ udp[i] = u0 >> 1;
+ bdp[i] = b0 >> 1;
+ ubits--;
+ }
+
+ if (ubits <= BN_BITS2) {
+ if (udp[0] == 0) /* poly was reducible */
+ goto err;
+ if (udp[0] == 1)
+ break;
+ }
+
+ if (ubits < vbits) {
+ i = ubits;
+ ubits = vbits;
+ vbits = i;
+ tmp = u;
+ u = v;
+ v = tmp;
+ tmp = b;
+ b = c;
+ c = tmp;
+ udp = vdp;
+ vdp = v->d;
+ bdp = cdp;
+ cdp = c->d;
+ }
+ for (i = 0; i < top; i++) {
+ udp[i] ^= vdp[i];
+ bdp[i] ^= cdp[i];
+ }
+ if (ubits == vbits) {
+ BN_ULONG ul;
+ int utop = (ubits - 1) / BN_BITS2;
+
+ while ((ul = udp[utop]) == 0 && utop)
+ utop--;
+ ubits = utop * BN_BITS2 + BN_num_bits_word(ul);
+ }
+ }
+ bn_correct_top(b);
+ }
+# endif
+
if (!BN_copy(r, b))
goto err;
bn_check_top(r);
@@ -800,6 +786,12 @@
ret = 1;
err:
+# ifdef BN_DEBUG /* BN_CTX_end would complain about the
+ * expanded form */
+ bn_correct_top(c);
+ bn_correct_top(u);
+ bn_correct_top(v);
+# endif
BN_CTX_end(ctx);
return ret;
}
@@ -810,7 +802,7 @@
* wrapper function is only provided for convenience; for best performance,
* use the BN_GF2m_mod_inv function.
*/
-int BN_GF2m_mod_inv_arr(BIGNUM *r, const BIGNUM *xx, const unsigned int p[],
+int BN_GF2m_mod_inv_arr(BIGNUM *r, const BIGNUM *xx, const int p[],
BN_CTX *ctx)
{
BIGNUM *field;
@@ -831,7 +823,7 @@
return ret;
}
-#ifndef OPENSSL_SUN_GF2M_DIV
+# ifndef OPENSSL_SUN_GF2M_DIV
/*
* Divide y by x, reduce modulo p, and store the result in r. r could be x
* or y, x could equal y.
@@ -862,7 +854,7 @@
BN_CTX_end(ctx);
return ret;
}
-#else
+# else
/*
* Divide y by x, reduce modulo p, and store the result in r. r could be x
* or y, x could equal y. Uses algorithm Modular_Division_GF(2^m) from
@@ -949,7 +941,7 @@
BN_CTX_end(ctx);
return ret;
}
-#endif
+# endif
/*
* Divide yy by xx, reduce modulo p, and store the result in r. r could be xx
@@ -958,7 +950,7 @@
* convenience; for best performance, use the BN_GF2m_mod_div function.
*/
int BN_GF2m_mod_div_arr(BIGNUM *r, const BIGNUM *yy, const BIGNUM *xx,
- const unsigned int p[], BN_CTX *ctx)
+ const int p[], BN_CTX *ctx)
{
BIGNUM *field;
int ret = 0;
@@ -986,7 +978,7 @@
* P1363.
*/
int BN_GF2m_mod_exp_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
- const unsigned int p[], BN_CTX *ctx)
+ const int p[], BN_CTX *ctx)
{
int ret = 0, i, n;
BIGNUM *u;
@@ -1035,13 +1027,12 @@
const BIGNUM *p, BN_CTX *ctx)
{
int ret = 0;
- const int max = BN_num_bits(p);
- unsigned int *arr = NULL;
+ const int max = BN_num_bits(p) + 1;
+ int *arr = NULL;
bn_check_top(a);
bn_check_top(b);
bn_check_top(p);
- if ((arr =
- (unsigned int *)OPENSSL_malloc(sizeof(unsigned int) * max)) == NULL)
+ if ((arr = (int *)OPENSSL_malloc(sizeof(int) * max)) == NULL)
goto err;
ret = BN_GF2m_poly2arr(p, arr, max);
if (!ret || ret > max) {
@@ -1060,7 +1051,7 @@
* Compute the square root of a, reduce modulo p, and store the result in r.
* r could be a. Uses exponentiation as in algorithm A.4.1 from IEEE P1363.
*/
-int BN_GF2m_mod_sqrt_arr(BIGNUM *r, const BIGNUM *a, const unsigned int p[],
+int BN_GF2m_mod_sqrt_arr(BIGNUM *r, const BIGNUM *a, const int p[],
BN_CTX *ctx)
{
int ret = 0;
@@ -1097,12 +1088,11 @@
int BN_GF2m_mod_sqrt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
{
int ret = 0;
- const int max = BN_num_bits(p);
- unsigned int *arr = NULL;
+ const int max = BN_num_bits(p) + 1;
+ int *arr = NULL;
bn_check_top(a);
bn_check_top(p);
- if ((arr =
- (unsigned int *)OPENSSL_malloc(sizeof(unsigned int) * max)) == NULL)
+ if ((arr = (int *)OPENSSL_malloc(sizeof(int) * max)) == NULL)
goto err;
ret = BN_GF2m_poly2arr(p, arr, max);
if (!ret || ret > max) {
@@ -1121,11 +1111,10 @@
* Find r such that r^2 + r = a mod p. r could be a. If no r exists returns
* 0. Uses algorithms A.4.7 and A.4.6 from IEEE P1363.
*/
-int BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a_,
- const unsigned int p[], BN_CTX *ctx)
+int BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a_, const int p[],
+ BN_CTX *ctx)
{
- int ret = 0, count = 0;
- unsigned int j;
+ int ret = 0, count = 0, j;
BIGNUM *a, *z, *rho, *w, *w2, *tmp;
bn_check_top(a_);
@@ -1230,12 +1219,11 @@
BN_CTX *ctx)
{
int ret = 0;
- const int max = BN_num_bits(p);
- unsigned int *arr = NULL;
+ const int max = BN_num_bits(p) + 1;
+ int *arr = NULL;
bn_check_top(a);
bn_check_top(p);
- if ((arr = (unsigned int *)OPENSSL_malloc(sizeof(unsigned int) *
- max)) == NULL)
+ if ((arr = (int *)OPENSSL_malloc(sizeof(int) * max)) == NULL)
goto err;
ret = BN_GF2m_poly2arr(p, arr, max);
if (!ret || ret > max) {
@@ -1252,21 +1240,17 @@
/*
* Convert the bit-string representation of a polynomial ( \sum_{i=0}^n a_i *
- * x^i , where a_0 is *not* zero) into an array of integers corresponding to
- * the bits with non-zero coefficient. Up to max elements of the array will
- * be filled. Return value is total number of coefficients that would be
- * extracted if array was large enough.
+ * x^i) into an array of integers corresponding to the bits with non-zero
+ * coefficient. Array is terminated with -1. Up to max elements of the array
+ * will be filled. Return value is total number of array elements that would
+ * be filled if array was large enough.
*/
-int BN_GF2m_poly2arr(const BIGNUM *a, unsigned int p[], int max)
+int BN_GF2m_poly2arr(const BIGNUM *a, int p[], int max)
{
int i, j, k = 0;
BN_ULONG mask;
- if (BN_is_zero(a) || !BN_is_bit_set(a, 0))
- /*
- * a_0 == 0 => return error (the unsigned int array must be
- * terminated by 0)
- */
+ if (BN_is_zero(a))
return 0;
for (i = a->top - 1; i >= 0; i--) {
@@ -1284,86 +1268,31 @@
}
}
+ if (k < max) {
+ p[k] = -1;
+ k++;
+ }
+
return k;
}
/*
* Convert the coefficient array representation of a polynomial to a
- * bit-string. The array must be terminated by 0.
+ * bit-string. The array must be terminated by -1.
*/
-int BN_GF2m_arr2poly(const unsigned int p[], BIGNUM *a)
+int BN_GF2m_arr2poly(const int p[], BIGNUM *a)
{
int i;
bn_check_top(a);
BN_zero(a);
- for (i = 0; p[i] != 0; i++) {
+ for (i = 0; p[i] != -1; i++) {
if (BN_set_bit(a, p[i]) == 0)
return 0;
}
- BN_set_bit(a, 0);
bn_check_top(a);
return 1;
}
-/*
- * Constant-time conditional swap of a and b.
- * a and b are swapped if condition is not 0. The code assumes that at most one bit of condition is set.
- * nwords is the number of words to swap. The code assumes that at least nwords are allocated in both a and b,
- * and that no more than nwords are used by either a or b.
- * a and b cannot be the same number
- */
-void BN_consttime_swap(BN_ULONG condition, BIGNUM *a, BIGNUM *b, int nwords)
-{
- BN_ULONG t;
- int i;
-
- bn_wcheck_size(a, nwords);
- bn_wcheck_size(b, nwords);
-
- assert(a != b);
- assert((condition & (condition - 1)) == 0);
- assert(sizeof(BN_ULONG) >= sizeof(int));
-
- condition = ((condition - 1) >> (BN_BITS2 - 1)) - 1;
-
- t = (a->top ^ b->top) & condition;
- a->top ^= t;
- b->top ^= t;
-
-#define BN_CONSTTIME_SWAP(ind) \
- do { \
- t = (a->d[ind] ^ b->d[ind]) & condition; \
- a->d[ind] ^= t; \
- b->d[ind] ^= t; \
- } while (0)
-
- switch (nwords) {
- default:
- for (i = 10; i < nwords; i++)
- BN_CONSTTIME_SWAP(i);
- /* Fallthrough */
- case 10:
- BN_CONSTTIME_SWAP(9); /* Fallthrough */
- case 9:
- BN_CONSTTIME_SWAP(8); /* Fallthrough */
- case 8:
- BN_CONSTTIME_SWAP(7); /* Fallthrough */
- case 7:
- BN_CONSTTIME_SWAP(6); /* Fallthrough */
- case 6:
- BN_CONSTTIME_SWAP(5); /* Fallthrough */
- case 5:
- BN_CONSTTIME_SWAP(4); /* Fallthrough */
- case 4:
- BN_CONSTTIME_SWAP(3); /* Fallthrough */
- case 3:
- BN_CONSTTIME_SWAP(2); /* Fallthrough */
- case 2:
- BN_CONSTTIME_SWAP(1); /* Fallthrough */
- case 1:
- BN_CONSTTIME_SWAP(0);
- }
-#undef BN_CONSTTIME_SWAP
-}
+#endif
Modified: trunk/crypto/openssl/crypto/bn/bn_lcl.h
===================================================================
--- trunk/crypto/openssl/crypto/bn/bn_lcl.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/bn/bn_lcl.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -232,7 +232,7 @@
# if defined(__DECC)
# include <c_asm.h>
# define BN_UMULT_HIGH(a,b) (BN_ULONG)asm("umulh %a0,%a1,%v0",(a),(b))
-# elif defined(__GNUC__)
+# elif defined(__GNUC__) && __GNUC__>=2
# define BN_UMULT_HIGH(a,b) ({ \
register BN_ULONG ret; \
asm ("umulh %1,%2,%0" \
@@ -241,7 +241,7 @@
ret; })
# endif /* compiler */
# elif defined(_ARCH_PPC) && defined(__64BIT__) && defined(SIXTY_FOUR_BIT_LONG)
-# if defined(__GNUC__)
+# if defined(__GNUC__) && __GNUC__>=2
# define BN_UMULT_HIGH(a,b) ({ \
register BN_ULONG ret; \
asm ("mulhdu %0,%1,%2" \
@@ -249,8 +249,9 @@
: "r"(a), "r"(b)); \
ret; })
# endif /* compiler */
-# elif defined(__x86_64) && defined(SIXTY_FOUR_BIT_LONG)
-# if defined(__GNUC__)
+# elif (defined(__x86_64) || defined(__x86_64__)) && \
+ (defined(SIXTY_FOUR_BIT_LONG) || defined(SIXTY_FOUR_BIT))
+# if defined(__GNUC__) && __GNUC__>=2
# define BN_UMULT_HIGH(a,b) ({ \
register BN_ULONG ret,discard; \
asm ("mulq %3" \
@@ -273,6 +274,27 @@
# define BN_UMULT_HIGH(a,b) __umulh((a),(b))
# define BN_UMULT_LOHI(low,high,a,b) ((low)=_umul128((a),(b),&(high)))
# endif
+# elif defined(__mips) && (defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG))
+# if defined(__GNUC__) && __GNUC__>=2
+# if __GNUC__>4 || (__GNUC__>=4 && __GNUC_MINOR__>=4)
+ /* "h" constraint is no more since 4.4 */
+# define BN_UMULT_HIGH(a,b) (((__uint128_t)(a)*(b))>>64)
+# define BN_UMULT_LOHI(low,high,a,b) ({ \
+ __uint128_t ret=(__uint128_t)(a)*(b); \
+ (high)=ret>>64; (low)=ret; })
+# else
+# define BN_UMULT_HIGH(a,b) ({ \
+ register BN_ULONG ret; \
+ asm ("dmultu %1,%2" \
+ : "=h"(ret) \
+ : "r"(a), "r"(b) : "l"); \
+ ret; })
+# define BN_UMULT_LOHI(low,high,a,b)\
+ asm ("dmultu %2,%3" \
+ : "=l"(low),"=h"(high) \
+ : "r"(a), "r"(b));
+# endif
+# endif
# endif /* cpu */
# endif /* OPENSSL_NO_ASM */
@@ -452,6 +474,10 @@
}
# endif /* !BN_LLONG */
+# if defined(OPENSSL_DOING_MAKEDEPEND) && defined(OPENSSL_FIPS)
+# undef bn_div_words
+# endif
+
void bn_mul_normal(BN_ULONG *r, BN_ULONG *a, int na, BN_ULONG *b, int nb);
void bn_mul_comba8(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b);
void bn_mul_comba4(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b);
Modified: trunk/crypto/openssl/crypto/bn/bn_lib.c
===================================================================
--- trunk/crypto/openssl/crypto/bn/bn_lib.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/bn/bn_lib.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -135,8 +135,9 @@
const BIGNUM *BN_value_one(void)
{
- static BN_ULONG data_one = 1L;
- static BIGNUM const_one = { &data_one, 1, 1, 0, BN_FLG_STATIC_DATA };
+ static const BN_ULONG data_one = 1L;
+ static const BIGNUM const_one =
+ { (BN_ULONG *)&data_one, 1, 1, 0, BN_FLG_STATIC_DATA };
return (&const_one);
}
@@ -143,7 +144,7 @@
int BN_num_bits_word(BN_ULONG l)
{
- static const char bits[256] = {
+ static const unsigned char bits[256] = {
0, 1, 2, 2, 3, 3, 3, 3, 4, 4, 4, 4, 4, 4, 4, 4,
5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5,
6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6,
@@ -203,7 +204,7 @@
} else
#endif
{
-#if defined(SIXTEEN_BIT) || defined(THIRTY_TWO_BIT) || defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG)
+#if defined(THIRTY_TWO_BIT) || defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG)
if (l & 0xff00L)
return (bits[(int)(l >> 8)] + 8);
else
@@ -773,7 +774,7 @@
j = n % BN_BITS2;
if (a->top <= i)
return 0;
- return (((a->d[i]) >> j) & ((BN_ULONG)1));
+ return (int)(((a->d[i]) >> j) & ((BN_ULONG)1));
}
int BN_mask_bits(BIGNUM *a, int n)
@@ -852,3 +853,64 @@
}
return bn_cmp_words(a, b, cl);
}
+
+/*
+ * Constant-time conditional swap of a and b.
+ * a and b are swapped if condition is not 0. The code assumes that at most one bit of condition is set.
+ * nwords is the number of words to swap. The code assumes that at least nwords are allocated in both a and b,
+ * and that no more than nwords are used by either a or b.
+ * a and b cannot be the same number
+ */
+void BN_consttime_swap(BN_ULONG condition, BIGNUM *a, BIGNUM *b, int nwords)
+{
+ BN_ULONG t;
+ int i;
+
+ bn_wcheck_size(a, nwords);
+ bn_wcheck_size(b, nwords);
+
+ assert(a != b);
+ assert((condition & (condition - 1)) == 0);
+ assert(sizeof(BN_ULONG) >= sizeof(int));
+
+ condition = ((condition - 1) >> (BN_BITS2 - 1)) - 1;
+
+ t = (a->top ^ b->top) & condition;
+ a->top ^= t;
+ b->top ^= t;
+
+#define BN_CONSTTIME_SWAP(ind) \
+ do { \
+ t = (a->d[ind] ^ b->d[ind]) & condition; \
+ a->d[ind] ^= t; \
+ b->d[ind] ^= t; \
+ } while (0)
+
+ switch (nwords) {
+ default:
+ for (i = 10; i < nwords; i++)
+ BN_CONSTTIME_SWAP(i);
+ /* Fallthrough */
+ case 10:
+ BN_CONSTTIME_SWAP(9); /* Fallthrough */
+ case 9:
+ BN_CONSTTIME_SWAP(8); /* Fallthrough */
+ case 8:
+ BN_CONSTTIME_SWAP(7); /* Fallthrough */
+ case 7:
+ BN_CONSTTIME_SWAP(6); /* Fallthrough */
+ case 6:
+ BN_CONSTTIME_SWAP(5); /* Fallthrough */
+ case 5:
+ BN_CONSTTIME_SWAP(4); /* Fallthrough */
+ case 4:
+ BN_CONSTTIME_SWAP(3); /* Fallthrough */
+ case 3:
+ BN_CONSTTIME_SWAP(2); /* Fallthrough */
+ case 2:
+ BN_CONSTTIME_SWAP(1); /* Fallthrough */
+ case 1:
+ BN_CONSTTIME_SWAP(0);
+ }
+#undef BN_CONSTTIME_SWAP
+}
Modified: trunk/crypto/openssl/crypto/bn/bn_mont.c
===================================================================
--- trunk/crypto/openssl/crypto/bn/bn_mont.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/bn/bn_mont.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -122,20 +122,7 @@
#define MONT_WORD /* use the faster word-based algorithm */
-#if defined(MONT_WORD) && defined(OPENSSL_BN_ASM_MONT) && (BN_BITS2<=32)
-/*
- * This condition means we have a specific non-default build: In the 0.9.8
- * branch, OPENSSL_BN_ASM_MONT is normally not set for any BN_BITS2<=32
- * platform; an explicit "enable-montasm" is required. I.e., if we are here,
- * the user intentionally deviates from the normal stable build to get better
- * Montgomery performance from the 0.9.9-dev backport. In this case only, we
- * also enable BN_from_montgomery_word() (another non-stable feature from
- * 0.9.9-dev).
- */
-# define MONT_FROM_WORD___NON_DEFAULT_0_9_8_BUILD
-#endif
-
-#ifdef MONT_FROM_WORD___NON_DEFAULT_0_9_8_BUILD
+#ifdef MONT_WORD
static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont);
#endif
@@ -150,12 +137,7 @@
if (num > 1 && a->top == num && b->top == num) {
if (bn_wexpand(r, num) == NULL)
return (0);
-# if 0 /* for OpenSSL 0.9.9 mont->n0 */
- if (bn_mul_mont(r->d, a->d, b->d, mont->N.d, mont->n0, num))
-# else
- if (bn_mul_mont(r->d, a->d, b->d, mont->N.d, &mont->n0, num))
-# endif
- {
+ if (bn_mul_mont(r->d, a->d, b->d, mont->N.d, mont->n0, num)) {
r->neg = a->neg ^ b->neg;
r->top = num;
bn_correct_top(r);
@@ -178,7 +160,7 @@
goto err;
}
/* reduce from aRR to aR */
-#ifdef MONT_FROM_WORD___NON_DEFAULT_0_9_8_BUILD
+#ifdef MONT_WORD
if (!BN_from_montgomery_word(r, tmp, mont))
goto err;
#else
@@ -192,26 +174,21 @@
return (ret);
}
-#ifdef MONT_FROM_WORD___NON_DEFAULT_0_9_8_BUILD
+#ifdef MONT_WORD
static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont)
{
BIGNUM *n;
- BN_ULONG *ap, *np, *rp, n0, v, *nrp;
- int al, nl, max, i, x, ri;
+ BN_ULONG *ap, *np, *rp, n0, v, carry;
+ int nl, max, i;
n = &(mont->N);
- /*
- * mont->ri is the size of mont->N in bits (rounded up to the word size)
- */
- al = ri = mont->ri / BN_BITS2;
-
nl = n->top;
- if ((al == 0) || (nl == 0)) {
+ if (nl == 0) {
ret->top = 0;
return (1);
}
- max = (nl + al + 1); /* allow for overflow (no?) XXX */
+ max = (2 * nl); /* carry is stored separately */
if (bn_wexpand(r, max) == NULL)
return (0);
@@ -218,23 +195,22 @@
r->neg ^= n->neg;
np = n->d;
rp = r->d;
- nrp = &(r->d[nl]);
/* clear the top words of T */
+# if 1
for (i = r->top; i < max; i++) /* memset? XXX */
- r->d[i] = 0;
+ rp[i] = 0;
+# else
+ memset(&(rp[r->top]), 0, (max - r->top) * sizeof(BN_ULONG));
+# endif
r->top = max;
-# if 0 /* for OpenSSL 0.9.9 mont->n0 */
n0 = mont->n0[0];
-# else
- n0 = mont->n0;
-# endif
# ifdef BN_COUNT
fprintf(stderr, "word BN_from_montgomery_word %d * %d\n", nl, nl);
# endif
- for (i = 0; i < nl; i++) {
+ for (carry = 0, i = 0; i < nl; i++, rp++) {
# ifdef __TANDEM
{
long long t1;
@@ -251,84 +227,58 @@
# else
v = bn_mul_add_words(rp, np, nl, (rp[0] * n0) & BN_MASK2);
# endif
- nrp++;
- rp++;
- if (((nrp[-1] += v) & BN_MASK2) >= v)
- continue;
- else {
- if (((++nrp[0]) & BN_MASK2) != 0)
- continue;
- if (((++nrp[1]) & BN_MASK2) != 0)
- continue;
- for (x = 2; (((++nrp[x]) & BN_MASK2) == 0); x++) ;
- }
+ v = (v + carry + rp[nl]) & BN_MASK2;
+ carry |= (v != rp[nl]);
+ carry &= (v <= rp[nl]);
+ rp[nl] = v;
}
- bn_correct_top(r);
- /*
- * mont->ri will be a multiple of the word size and below code is kind of
- * BN_rshift(ret,r,mont->ri) equivalent
- */
- if (r->top <= ri) {
- ret->top = 0;
- return (1);
- }
- al = r->top - ri;
-
- if (bn_wexpand(ret, ri) == NULL)
+ if (bn_wexpand(ret, nl) == NULL)
return (0);
- x = 0 - (((al - ri) >> (sizeof(al) * 8 - 1)) & 1);
- ret->top = x = (ri & ~x) | (al & x); /* min(ri,al) */
+ ret->top = nl;
ret->neg = r->neg;
rp = ret->d;
- ap = &(r->d[ri]);
+ ap = &(r->d[nl]);
+# define BRANCH_FREE 1
+# if BRANCH_FREE
{
- size_t m1, m2;
+ BN_ULONG *nrp;
+ size_t m;
- v = bn_sub_words(rp, ap, np, ri);
+ v = bn_sub_words(rp, ap, np, nl) - carry;
/*
- * this ----------------^^ works even in al<ri case thanks to zealous
- * zeroing of top of the vector in the beginning.
+ * if subtraction result is real, then trick unconditional memcpy
+ * below to perform in-place "refresh" instead of actual copy.
*/
+ m = (0 - (size_t)v);
+ nrp =
+ (BN_ULONG *)(((PTR_SIZE_INT) rp & ~m) | ((PTR_SIZE_INT) ap & m));
- /* if (al==ri && !v) || al>ri) nrp=rp; else nrp=ap; */
- /*
- * in other words if subtraction result is real, then trick
- * unconditional memcpy below to perform in-place "refresh" instead
- * of actual copy.
- */
- m1 = 0 - (size_t)(((al - ri) >> (sizeof(al) * 8 - 1)) & 1); /* al<ri */
- m2 = 0 - (size_t)(((ri - al) >> (sizeof(al) * 8 - 1)) & 1); /* al>ri */
- m1 |= m2; /* (al!=ri) */
- m1 |= (0 - (size_t)v); /* (al!=ri || v) */
- m1 &= ~m2; /* (al!=ri || v) && !al>ri */
- nrp = (BN_ULONG *)(((size_t)rp & ~m1) | ((size_t)ap & m1));
- }
+ for (i = 0, nl -= 4; i < nl; i += 4) {
+ BN_ULONG t1, t2, t3, t4;
- /*
- * 'i<ri' is chosen to eliminate dependency on input data, even though it
- * results in redundant copy in al<ri case.
- */
- for (i = 0, ri -= 4; i < ri; i += 4) {
- BN_ULONG t1, t2, t3, t4;
-
- t1 = nrp[i + 0];
- t2 = nrp[i + 1];
- t3 = nrp[i + 2];
- ap[i + 0] = 0;
- t4 = nrp[i + 3];
- ap[i + 1] = 0;
- rp[i + 0] = t1;
- ap[i + 2] = 0;
- rp[i + 1] = t2;
- ap[i + 3] = 0;
- rp[i + 2] = t3;
- rp[i + 3] = t4;
+ t1 = nrp[i + 0];
+ t2 = nrp[i + 1];
+ t3 = nrp[i + 2];
+ ap[i + 0] = 0;
+ t4 = nrp[i + 3];
+ ap[i + 1] = 0;
+ rp[i + 0] = t1;
+ ap[i + 2] = 0;
+ rp[i + 1] = t2;
+ ap[i + 3] = 0;
+ rp[i + 2] = t3;
+ rp[i + 3] = t4;
+ }
+ for (nl += 4; i < nl; i++)
+ rp[i] = nrp[i], ap[i] = 0;
}
- for (ri += 4; i < ri; i++)
- rp[i] = nrp[i], ap[i] = 0;
+# else
+ if (bn_sub_words(rp, ap, np, nl) - carry)
+ memcpy(rp, ap, nl * sizeof(BN_ULONG));
+# endif
bn_correct_top(r);
bn_correct_top(ret);
bn_check_top(ret);
@@ -335,11 +285,13 @@
return (1);
}
+#endif /* MONT_WORD */
int BN_from_montgomery(BIGNUM *ret, const BIGNUM *a, BN_MONT_CTX *mont,
BN_CTX *ctx)
{
int retn = 0;
+#ifdef MONT_WORD
BIGNUM *t;
BN_CTX_start(ctx);
@@ -346,190 +298,7 @@
if ((t = BN_CTX_get(ctx)) && BN_copy(t, a))
retn = BN_from_montgomery_word(ret, t, mont);
BN_CTX_end(ctx);
- return retn;
-}
-
-#else /* !MONT_FROM_WORD___NON_DEFAULT_0_9_8_BUILD */
-
-int BN_from_montgomery(BIGNUM *ret, const BIGNUM *a, BN_MONT_CTX *mont,
- BN_CTX *ctx)
-{
- int retn = 0;
-
-# ifdef MONT_WORD
- BIGNUM *n, *r;
- BN_ULONG *ap, *np, *rp, n0, v, *nrp;
- int al, nl, max, i, x, ri;
-
- BN_CTX_start(ctx);
- if ((r = BN_CTX_get(ctx)) == NULL)
- goto err;
-
- if (!BN_copy(r, a))
- goto err;
- n = &(mont->N);
-
- ap = a->d;
- /*
- * mont->ri is the size of mont->N in bits (rounded up to the word size)
- */
- al = ri = mont->ri / BN_BITS2;
-
- nl = n->top;
- if ((al == 0) || (nl == 0)) {
- r->top = 0;
- return (1);
- }
-
- max = (nl + al + 1); /* allow for overflow (no?) XXX */
- if (bn_wexpand(r, max) == NULL)
- goto err;
-
- r->neg = a->neg ^ n->neg;
- np = n->d;
- rp = r->d;
- nrp = &(r->d[nl]);
-
- /* clear the top words of T */
-# if 1
- for (i = r->top; i < max; i++) /* memset? XXX */
- r->d[i] = 0;
-# else
- memset(&(r->d[r->top]), 0, (max - r->top) * sizeof(BN_ULONG));
-# endif
-
- r->top = max;
- n0 = mont->n0;
-
-# ifdef BN_COUNT
- fprintf(stderr, "word BN_from_montgomery %d * %d\n", nl, nl);
-# endif
- for (i = 0; i < nl; i++) {
-# ifdef __TANDEM
- {
- long long t1;
- long long t2;
- long long t3;
- t1 = rp[0] * (n0 & 0177777);
- t2 = 037777600000l;
- t2 = n0 & t2;
- t3 = rp[0] & 0177777;
- t2 = (t3 * t2) & BN_MASK2;
- t1 = t1 + t2;
- v = bn_mul_add_words(rp, np, nl, (BN_ULONG)t1);
- }
-# else
- v = bn_mul_add_words(rp, np, nl, (rp[0] * n0) & BN_MASK2);
-# endif
- nrp++;
- rp++;
- if (((nrp[-1] += v) & BN_MASK2) >= v)
- continue;
- else {
- if (((++nrp[0]) & BN_MASK2) != 0)
- continue;
- if (((++nrp[1]) & BN_MASK2) != 0)
- continue;
- for (x = 2; (((++nrp[x]) & BN_MASK2) == 0); x++) ;
- }
- }
- bn_correct_top(r);
-
- /*
- * mont->ri will be a multiple of the word size and below code is kind of
- * BN_rshift(ret,r,mont->ri) equivalent
- */
- if (r->top <= ri) {
- ret->top = 0;
- retn = 1;
- goto err;
- }
- al = r->top - ri;
-
-# define BRANCH_FREE 1
-# if BRANCH_FREE
- if (bn_wexpand(ret, ri) == NULL)
- goto err;
- x = 0 - (((al - ri) >> (sizeof(al) * 8 - 1)) & 1);
- ret->top = x = (ri & ~x) | (al & x); /* min(ri,al) */
- ret->neg = r->neg;
-
- rp = ret->d;
- ap = &(r->d[ri]);
-
- {
- size_t m1, m2;
-
- v = bn_sub_words(rp, ap, np, ri);
- /*
- * this ----------------^^ works even in al<ri case thanks to zealous
- * zeroing of top of the vector in the beginning.
- */
-
- /* if (al==ri && !v) || al>ri) nrp=rp; else nrp=ap; */
- /*
- * in other words if subtraction result is real, then trick
- * unconditional memcpy below to perform in-place "refresh" instead
- * of actual copy.
- */
- m1 = 0 - (size_t)(((al - ri) >> (sizeof(al) * 8 - 1)) & 1); /* al<ri */
- m2 = 0 - (size_t)(((ri - al) >> (sizeof(al) * 8 - 1)) & 1); /* al>ri */
- m1 |= m2; /* (al!=ri) */
- m1 |= (0 - (size_t)v); /* (al!=ri || v) */
- m1 &= ~m2; /* (al!=ri || v) && !al>ri */
- nrp = (BN_ULONG *)(((size_t)rp & ~m1) | ((size_t)ap & m1));
- }
-
- /*
- * 'i<ri' is chosen to eliminate dependency on input data, even though it
- * results in redundant copy in al<ri case.
- */
- for (i = 0, ri -= 4; i < ri; i += 4) {
- BN_ULONG t1, t2, t3, t4;
-
- t1 = nrp[i + 0];
- t2 = nrp[i + 1];
- t3 = nrp[i + 2];
- ap[i + 0] = 0;
- t4 = nrp[i + 3];
- ap[i + 1] = 0;
- rp[i + 0] = t1;
- ap[i + 2] = 0;
- rp[i + 1] = t2;
- ap[i + 3] = 0;
- rp[i + 2] = t3;
- rp[i + 3] = t4;
- }
- for (ri += 4; i < ri; i++)
- rp[i] = nrp[i], ap[i] = 0;
- bn_correct_top(r);
- bn_correct_top(ret);
-# else
- if (bn_wexpand(ret, al) == NULL)
- goto err;
- ret->top = al;
- ret->neg = r->neg;
-
- rp = ret->d;
- ap = &(r->d[ri]);
- al -= 4;
- for (i = 0; i < al; i += 4) {
- BN_ULONG t1, t2, t3, t4;
-
- t1 = ap[i + 0];
- t2 = ap[i + 1];
- t3 = ap[i + 2];
- t4 = ap[i + 3];
- rp[i + 0] = t1;
- rp[i + 1] = t2;
- rp[i + 2] = t3;
- rp[i + 3] = t4;
- }
- al += 4;
- for (; i < al; i++)
- rp[i] = ap[i];
-# endif
-# else /* !MONT_WORD */
+#else /* !MONT_WORD */
BIGNUM *t1, *t2;
BN_CTX_start(ctx);
@@ -552,21 +321,18 @@
goto err;
if (!BN_rshift(ret, t2, mont->ri))
goto err;
-# endif /* MONT_WORD */
-# if !defined(BRANCH_FREE) || BRANCH_FREE==0
if (BN_ucmp(ret, &(mont->N)) >= 0) {
if (!BN_usub(ret, ret, &(mont->N)))
goto err;
}
-# endif
retn = 1;
bn_check_top(ret);
err:
BN_CTX_end(ctx);
+#endif /* MONT_WORD */
return (retn);
}
-#endif /* MONT_FROM_WORD___NON_DEFAULT_0_9_8_BUILD */
BN_MONT_CTX *BN_MONT_CTX_new(void)
{
@@ -586,11 +352,7 @@
BN_init(&(ctx->RR));
BN_init(&(ctx->N));
BN_init(&(ctx->Ni));
-#if 0 /* for OpenSSL 0.9.9 mont->n0 */
ctx->n0[0] = ctx->n0[1] = 0;
-#else
- ctx->n0 = 0;
-#endif
ctx->flags = 0;
}
@@ -624,32 +386,25 @@
BIGNUM tmod;
BN_ULONG buf[2];
- mont->ri = (BN_num_bits(mod) + (BN_BITS2 - 1)) / BN_BITS2 * BN_BITS2;
- BN_zero(R);
-# if 0 /* for OpenSSL 0.9.9 mont->n0, would be "#if
- * defined(OPENSSL_BN_ASM_MONT) &&
- * (BN_BITS2<=32)", only certain BN_BITS2<=32
- * platforms actually need this */
- if (!(BN_set_bit(R, 2 * BN_BITS2)))
- goto err; /* R */
-# else
- if (!(BN_set_bit(R, BN_BITS2)))
- goto err; /* R */
-# endif
-
- buf[0] = mod->d[0]; /* tmod = N mod word size */
- buf[1] = 0;
-
BN_init(&tmod);
tmod.d = buf;
- tmod.top = buf[0] != 0 ? 1 : 0;
tmod.dmax = 2;
tmod.neg = 0;
-# if 0 /* for OpenSSL 0.9.9 mont->n0, would be "#if
- * defined(OPENSSL_BN_ASM_MONT) &&
- * (BN_BITS2<=32)"; only certain BN_BITS2<=32
- * platforms actually need this */
+ mont->ri = (BN_num_bits(mod) + (BN_BITS2 - 1)) / BN_BITS2 * BN_BITS2;
+
+# if defined(OPENSSL_BN_ASM_MONT) && (BN_BITS2<=32)
+ /*
+ * Only certain BN_BITS2<=32 platforms actually make use of n0[1],
+ * and we could use the #else case (with a shorter R value) for the
+ * others. However, currently only the assembler files do know which
+ * is which.
+ */
+
+ BN_zero(R);
+ if (!(BN_set_bit(R, 2 * BN_BITS2)))
+ goto err;
+
tmod.top = 0;
if ((buf[0] = mod->d[0]))
tmod.top = 1;
@@ -681,6 +436,13 @@
mont->n0[0] = (Ri->top > 0) ? Ri->d[0] : 0;
mont->n0[1] = (Ri->top > 1) ? Ri->d[1] : 0;
# else
+ BN_zero(R);
+ if (!(BN_set_bit(R, BN_BITS2)))
+ goto err; /* R */
+
+ buf[0] = mod->d[0]; /* tmod = N mod word size */
+ buf[1] = 0;
+ tmod.top = buf[0] != 0 ? 1 : 0;
/* Ri = R^-1 mod N */
if ((BN_mod_inverse(Ri, R, &tmod, ctx)) == NULL)
goto err;
@@ -699,12 +461,8 @@
/*
* Ni = (R*Ri-1)/N, keep only least significant word:
*/
-# if 0 /* for OpenSSL 0.9.9 mont->n0 */
mont->n0[0] = (Ri->top > 0) ? Ri->d[0] : 0;
mont->n0[1] = 0;
-# else
- mont->n0 = (Ri->top > 0) ? Ri->d[0] : 0;
-# endif
# endif
}
#else /* !MONT_WORD */
@@ -753,12 +511,8 @@
if (!BN_copy(&(to->Ni), &(from->Ni)))
return NULL;
to->ri = from->ri;
-#if 0 /* for OpenSSL 0.9.9 mont->n0 */
to->n0[0] = from->n0[0];
to->n0[1] = from->n0[1];
-#else
- to->n0 = from->n0;
-#endif
return (to);
}
Modified: trunk/crypto/openssl/crypto/bn/bn_nist.c
===================================================================
--- trunk/crypto/openssl/crypto/bn/bn_nist.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/bn/bn_nist.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -298,26 +298,25 @@
return &_bignum_nist_p_521;
}
-static void nist_cp_bn_0(BN_ULONG *buf, BN_ULONG *a, int top, int max)
+static void nist_cp_bn_0(BN_ULONG *dst, const BN_ULONG *src, int top, int max)
{
int i;
- BN_ULONG *_tmp1 = (buf), *_tmp2 = (a);
#ifdef BN_DEBUG
OPENSSL_assert(top <= max);
#endif
- for (i = (top); i != 0; i--)
- *_tmp1++ = *_tmp2++;
- for (i = (max) - (top); i != 0; i--)
- *_tmp1++ = (BN_ULONG)0;
+ for (i = 0; i < top; i++)
+ dst[i] = src[i];
+ for (; i < max; i++)
+ dst[i] = 0;
}
-static void nist_cp_bn(BN_ULONG *buf, BN_ULONG *a, int top)
+static void nist_cp_bn(BN_ULONG *dst, const BN_ULONG *src, int top)
{
int i;
- BN_ULONG *_tmp1 = (buf), *_tmp2 = (a);
- for (i = (top); i != 0; i--)
- *_tmp1++ = *_tmp2++;
+
+ for (i = 0; i < top; i++)
+ dst[i] = src[i];
}
#if BN_BITS2 == 64
@@ -331,6 +330,13 @@
:(to[(n)/2] =((m)&1)?(from[(m)/2]>>32):(from[(m)/2]&BN_MASK2l)))
# define bn_32_set_0(to, n) (((n)&1)?(to[(n)/2]&=BN_MASK2l):(to[(n)/2]=0));
# define bn_cp_32(to,n,from,m) ((m)>=0)?bn_cp_32_naked(to,n,from,m):bn_32_set_0(to,n)
+# if defined(L_ENDIAN)
+# if defined(__arch64__)
+# define NIST_INT64 long
+# else
+# define NIST_INT64 long long
+# endif
+# endif
#else
# define bn_cp_64(to, n, from, m) \
{ \
@@ -342,9 +348,12 @@
bn_32_set_0(to, (n)*2); \
bn_32_set_0(to, (n)*2+1); \
}
-# if BN_BITS2 == 32
-# define bn_cp_32(to, n, from, m) (to)[n] = (m>=0)?((from)[m]):0;
-# define bn_32_set_0(to, n) (to)[n] = (BN_ULONG)0;
+# define bn_cp_32(to, n, from, m) (to)[n] = (m>=0)?((from)[m]):0;
+# define bn_32_set_0(to, n) (to)[n] = (BN_ULONG)0;
+# if defined(_WIN32) && !defined(__GNUC__)
+# define NIST_INT64 __int64
+# elif defined(BN_LLONG)
+# define NIST_INT64 long long
# endif
#endif /* BN_BITS2 != 64 */
@@ -361,9 +370,13 @@
int top = a->top, i;
int carry;
register BN_ULONG *r_d, *a_d = a->d;
- BN_ULONG t_d[BN_NIST_192_TOP],
- buf[BN_NIST_192_TOP], c_d[BN_NIST_192_TOP], *res;
- size_t mask;
+ union {
+ BN_ULONG bn[BN_NIST_192_TOP];
+ unsigned int ui[BN_NIST_192_TOP * sizeof(BN_ULONG) /
+ sizeof(unsigned int)];
+ } buf;
+ BN_ULONG c_d[BN_NIST_192_TOP], *res;
+ PTR_SIZE_INT mask;
static const BIGNUM _bignum_nist_p_192_sqr = {
(BN_ULONG *)_nist_p_192_sqr,
sizeof(_nist_p_192_sqr) / sizeof(_nist_p_192_sqr[0]),
@@ -391,16 +404,66 @@
} else
r_d = a_d;
- nist_cp_bn_0(buf, a_d + BN_NIST_192_TOP, top - BN_NIST_192_TOP,
+ nist_cp_bn_0(buf.bn, a_d + BN_NIST_192_TOP, top - BN_NIST_192_TOP,
BN_NIST_192_TOP);
- nist_set_192(t_d, buf, 0, 3, 3);
- carry = (int)bn_add_words(r_d, r_d, t_d, BN_NIST_192_TOP);
- nist_set_192(t_d, buf, 4, 4, 0);
- carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_192_TOP);
- nist_set_192(t_d, buf, 5, 5, 5)
+#if defined(NIST_INT64)
+ {
+ NIST_INT64 acc; /* accumulator */
+ unsigned int *rp = (unsigned int *)r_d;
+ const unsigned int *bp = (const unsigned int *)buf.ui;
+
+ acc = rp[0];
+ acc += bp[3 * 2 - 6];
+ acc += bp[5 * 2 - 6];
+ rp[0] = (unsigned int)acc;
+ acc >>= 32;
+
+ acc += rp[1];
+ acc += bp[3 * 2 - 5];
+ acc += bp[5 * 2 - 5];
+ rp[1] = (unsigned int)acc;
+ acc >>= 32;
+
+ acc += rp[2];
+ acc += bp[3 * 2 - 6];
+ acc += bp[4 * 2 - 6];
+ acc += bp[5 * 2 - 6];
+ rp[2] = (unsigned int)acc;
+ acc >>= 32;
+
+ acc += rp[3];
+ acc += bp[3 * 2 - 5];
+ acc += bp[4 * 2 - 5];
+ acc += bp[5 * 2 - 5];
+ rp[3] = (unsigned int)acc;
+ acc >>= 32;
+
+ acc += rp[4];
+ acc += bp[4 * 2 - 6];
+ acc += bp[5 * 2 - 6];
+ rp[4] = (unsigned int)acc;
+ acc >>= 32;
+
+ acc += rp[5];
+ acc += bp[4 * 2 - 5];
+ acc += bp[5 * 2 - 5];
+ rp[5] = (unsigned int)acc;
+
+ carry = (int)(acc >> 32);
+ }
+#else
+ {
+ BN_ULONG t_d[BN_NIST_192_TOP];
+
+ nist_set_192(t_d, buf.bn, 0, 3, 3);
+ carry = (int)bn_add_words(r_d, r_d, t_d, BN_NIST_192_TOP);
+ nist_set_192(t_d, buf.bn, 4, 4, 0);
carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_192_TOP);
-
+ nist_set_192(t_d, buf.bn, 5, 5, 5)
+ carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_192_TOP);
+ }
+#endif
if (carry > 0)
carry =
(int)bn_sub_words(r_d, r_d, _nist_p_192[carry - 1],
@@ -415,9 +478,12 @@
* this is what happens below, but without explicit if:-) a.
*/
mask =
- 0 - (size_t)bn_sub_words(c_d, r_d, _nist_p_192[0], BN_NIST_192_TOP);
- mask &= 0 - (size_t)carry;
- res = (BN_ULONG *)(((size_t)c_d & ~mask) | ((size_t)r_d & mask));
+ 0 - (PTR_SIZE_INT) bn_sub_words(c_d, r_d, _nist_p_192[0],
+ BN_NIST_192_TOP);
+ mask &= 0 - (PTR_SIZE_INT) carry;
+ res = c_d;
+ res = (BN_ULONG *)
+ (((PTR_SIZE_INT) res & ~mask) | ((PTR_SIZE_INT) r_d & mask));
nist_cp_bn(r_d, res, BN_NIST_192_TOP);
r->top = BN_NIST_192_TOP;
bn_correct_top(r);
@@ -445,12 +511,16 @@
int top = a->top, i;
int carry;
BN_ULONG *r_d, *a_d = a->d;
- BN_ULONG t_d[BN_NIST_224_TOP],
- buf[BN_NIST_224_TOP], c_d[BN_NIST_224_TOP], *res;
- size_t mask;
union {
+ BN_ULONG bn[BN_NIST_224_TOP];
+ unsigned int ui[BN_NIST_224_TOP * sizeof(BN_ULONG) /
+ sizeof(unsigned int)];
+ } buf;
+ BN_ULONG c_d[BN_NIST_224_TOP], *res;
+ PTR_SIZE_INT mask;
+ union {
bn_addsub_f f;
- size_t p;
+ PTR_SIZE_INT p;
} u;
static const BIGNUM _bignum_nist_p_224_sqr = {
(BN_ULONG *)_nist_p_224_sqr,
@@ -481,27 +551,89 @@
#if BN_BITS2==64
/* copy upper 256 bits of 448 bit number ... */
- nist_cp_bn_0(t_d, a_d + (BN_NIST_224_TOP - 1),
+ nist_cp_bn_0(c_d, a_d + (BN_NIST_224_TOP - 1),
top - (BN_NIST_224_TOP - 1), BN_NIST_224_TOP);
/* ... and right shift by 32 to obtain upper 224 bits */
- nist_set_224(buf, t_d, 14, 13, 12, 11, 10, 9, 8);
+ nist_set_224(buf.bn, c_d, 14, 13, 12, 11, 10, 9, 8);
/* truncate lower part to 224 bits too */
r_d[BN_NIST_224_TOP - 1] &= BN_MASK2l;
#else
- nist_cp_bn_0(buf, a_d + BN_NIST_224_TOP, top - BN_NIST_224_TOP,
+ nist_cp_bn_0(buf.bn, a_d + BN_NIST_224_TOP, top - BN_NIST_224_TOP,
BN_NIST_224_TOP);
#endif
- nist_set_224(t_d, buf, 10, 9, 8, 7, 0, 0, 0);
- carry = (int)bn_add_words(r_d, r_d, t_d, BN_NIST_224_TOP);
- nist_set_224(t_d, buf, 0, 13, 12, 11, 0, 0, 0);
- carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_224_TOP);
- nist_set_224(t_d, buf, 13, 12, 11, 10, 9, 8, 7);
- carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_224_TOP);
- nist_set_224(t_d, buf, 0, 0, 0, 0, 13, 12, 11);
- carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_224_TOP);
-#if BN_BITS2==64
- carry = (int)(r_d[BN_NIST_224_TOP - 1] >> 32);
+#if defined(NIST_INT64) && BN_BITS2!=64
+ {
+ NIST_INT64 acc; /* accumulator */
+ unsigned int *rp = (unsigned int *)r_d;
+ const unsigned int *bp = (const unsigned int *)buf.ui;
+
+ acc = rp[0];
+ acc -= bp[7 - 7];
+ acc -= bp[11 - 7];
+ rp[0] = (unsigned int)acc;
+ acc >>= 32;
+
+ acc += rp[1];
+ acc -= bp[8 - 7];
+ acc -= bp[12 - 7];
+ rp[1] = (unsigned int)acc;
+ acc >>= 32;
+
+ acc += rp[2];
+ acc -= bp[9 - 7];
+ acc -= bp[13 - 7];
+ rp[2] = (unsigned int)acc;
+ acc >>= 32;
+
+ acc += rp[3];
+ acc += bp[7 - 7];
+ acc += bp[11 - 7];
+ acc -= bp[10 - 7];
+ rp[3] = (unsigned int)acc;
+ acc >>= 32;
+
+ acc += rp[4];
+ acc += bp[8 - 7];
+ acc += bp[12 - 7];
+ acc -= bp[11 - 7];
+ rp[4] = (unsigned int)acc;
+ acc >>= 32;
+
+ acc += rp[5];
+ acc += bp[9 - 7];
+ acc += bp[13 - 7];
+ acc -= bp[12 - 7];
+ rp[5] = (unsigned int)acc;
+ acc >>= 32;
+
+ acc += rp[6];
+ acc += bp[10 - 7];
+ acc -= bp[13 - 7];
+ rp[6] = (unsigned int)acc;
+
+ carry = (int)(acc >> 32);
+# if BN_BITS2==64
+ rp[7] = carry;
+# endif
+ }
+#else
+ {
+ BN_ULONG t_d[BN_NIST_224_TOP];
+
+ nist_set_224(t_d, buf.bn, 10, 9, 8, 7, 0, 0, 0);
+ carry = (int)bn_add_words(r_d, r_d, t_d, BN_NIST_224_TOP);
+ nist_set_224(t_d, buf.bn, 0, 13, 12, 11, 0, 0, 0);
+ carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_224_TOP);
+ nist_set_224(t_d, buf.bn, 13, 12, 11, 10, 9, 8, 7);
+ carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_224_TOP);
+ nist_set_224(t_d, buf.bn, 0, 0, 0, 0, 13, 12, 11);
+ carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_224_TOP);
+
+# if BN_BITS2==64
+ carry = (int)(r_d[BN_NIST_224_TOP - 1] >> 32);
+# endif
+ }
#endif
u.f = bn_sub_words;
if (carry > 0) {
@@ -522,15 +654,19 @@
carry =
(int)bn_add_words(r_d, r_d, _nist_p_224[-carry - 1],
BN_NIST_224_TOP);
- mask = 0 - (size_t)carry;
- u.p = ((size_t)bn_sub_words & mask) | ((size_t)bn_add_words & ~mask);
+ mask = 0 - (PTR_SIZE_INT) carry;
+ u.p = ((PTR_SIZE_INT) bn_sub_words & mask) |
+ ((PTR_SIZE_INT) bn_add_words & ~mask);
} else
carry = 1;
/* otherwise it's effectively same as in BN_nist_mod_192... */
- mask = 0 - (size_t)(*u.f) (c_d, r_d, _nist_p_224[0], BN_NIST_224_TOP);
- mask &= 0 - (size_t)carry;
- res = (BN_ULONG *)(((size_t)c_d & ~mask) | ((size_t)r_d & mask));
+ mask =
+ 0 - (PTR_SIZE_INT) (*u.f) (c_d, r_d, _nist_p_224[0], BN_NIST_224_TOP);
+ mask &= 0 - (PTR_SIZE_INT) carry;
+ res = c_d;
+ res = (BN_ULONG *)(((PTR_SIZE_INT) res & ~mask) |
+ ((PTR_SIZE_INT) r_d & mask));
nist_cp_bn(r_d, res, BN_NIST_224_TOP);
r->top = BN_NIST_224_TOP;
bn_correct_top(r);
@@ -556,12 +692,16 @@
int i, top = a->top;
int carry = 0;
register BN_ULONG *a_d = a->d, *r_d;
- BN_ULONG t_d[BN_NIST_256_TOP],
- buf[BN_NIST_256_TOP], c_d[BN_NIST_256_TOP], *res;
- size_t mask;
union {
+ BN_ULONG bn[BN_NIST_256_TOP];
+ unsigned int ui[BN_NIST_256_TOP * sizeof(BN_ULONG) /
+ sizeof(unsigned int)];
+ } buf;
+ BN_ULONG c_d[BN_NIST_256_TOP], *res;
+ PTR_SIZE_INT mask;
+ union {
bn_addsub_f f;
- size_t p;
+ PTR_SIZE_INT p;
} u;
static const BIGNUM _bignum_nist_p_256_sqr = {
(BN_ULONG *)_nist_p_256_sqr,
@@ -590,63 +730,163 @@
} else
r_d = a_d;
- nist_cp_bn_0(buf, a_d + BN_NIST_256_TOP, top - BN_NIST_256_TOP,
+ nist_cp_bn_0(buf.bn, a_d + BN_NIST_256_TOP, top - BN_NIST_256_TOP,
BN_NIST_256_TOP);
- /*
- * S1
- */
- nist_set_256(t_d, buf, 15, 14, 13, 12, 11, 0, 0, 0);
- /*
- * S2
- */
- nist_set_256(c_d, buf, 0, 15, 14, 13, 12, 0, 0, 0);
- carry = (int)bn_add_words(t_d, t_d, c_d, BN_NIST_256_TOP);
- /* left shift */
+#if defined(NIST_INT64)
{
- register BN_ULONG *ap, t, c;
- ap = t_d;
- c = 0;
- for (i = BN_NIST_256_TOP; i != 0; --i) {
- t = *ap;
- *(ap++) = ((t << 1) | c) & BN_MASK2;
- c = (t & BN_TBIT) ? 1 : 0;
+ NIST_INT64 acc; /* accumulator */
+ unsigned int *rp = (unsigned int *)r_d;
+ const unsigned int *bp = (const unsigned int *)buf.ui;
+
+ acc = rp[0];
+ acc += bp[8 - 8];
+ acc += bp[9 - 8];
+ acc -= bp[11 - 8];
+ acc -= bp[12 - 8];
+ acc -= bp[13 - 8];
+ acc -= bp[14 - 8];
+ rp[0] = (unsigned int)acc;
+ acc >>= 32;
+
+ acc += rp[1];
+ acc += bp[9 - 8];
+ acc += bp[10 - 8];
+ acc -= bp[12 - 8];
+ acc -= bp[13 - 8];
+ acc -= bp[14 - 8];
+ acc -= bp[15 - 8];
+ rp[1] = (unsigned int)acc;
+ acc >>= 32;
+
+ acc += rp[2];
+ acc += bp[10 - 8];
+ acc += bp[11 - 8];
+ acc -= bp[13 - 8];
+ acc -= bp[14 - 8];
+ acc -= bp[15 - 8];
+ rp[2] = (unsigned int)acc;
+ acc >>= 32;
+
+ acc += rp[3];
+ acc += bp[11 - 8];
+ acc += bp[11 - 8];
+ acc += bp[12 - 8];
+ acc += bp[12 - 8];
+ acc += bp[13 - 8];
+ acc -= bp[15 - 8];
+ acc -= bp[8 - 8];
+ acc -= bp[9 - 8];
+ rp[3] = (unsigned int)acc;
+ acc >>= 32;
+
+ acc += rp[4];
+ acc += bp[12 - 8];
+ acc += bp[12 - 8];
+ acc += bp[13 - 8];
+ acc += bp[13 - 8];
+ acc += bp[14 - 8];
+ acc -= bp[9 - 8];
+ acc -= bp[10 - 8];
+ rp[4] = (unsigned int)acc;
+ acc >>= 32;
+
+ acc += rp[5];
+ acc += bp[13 - 8];
+ acc += bp[13 - 8];
+ acc += bp[14 - 8];
+ acc += bp[14 - 8];
+ acc += bp[15 - 8];
+ acc -= bp[10 - 8];
+ acc -= bp[11 - 8];
+ rp[5] = (unsigned int)acc;
+ acc >>= 32;
+
+ acc += rp[6];
+ acc += bp[14 - 8];
+ acc += bp[14 - 8];
+ acc += bp[15 - 8];
+ acc += bp[15 - 8];
+ acc += bp[14 - 8];
+ acc += bp[13 - 8];
+ acc -= bp[8 - 8];
+ acc -= bp[9 - 8];
+ rp[6] = (unsigned int)acc;
+ acc >>= 32;
+
+ acc += rp[7];
+ acc += bp[15 - 8];
+ acc += bp[15 - 8];
+ acc += bp[15 - 8];
+ acc += bp[8 - 8];
+ acc -= bp[10 - 8];
+ acc -= bp[11 - 8];
+ acc -= bp[12 - 8];
+ acc -= bp[13 - 8];
+ rp[7] = (unsigned int)acc;
+
+ carry = (int)(acc >> 32);
+ }
+#else
+ {
+ BN_ULONG t_d[BN_NIST_256_TOP];
+
+ /*
+ * S1
+ */
+ nist_set_256(t_d, buf.bn, 15, 14, 13, 12, 11, 0, 0, 0);
+ /*
+ * S2
+ */
+ nist_set_256(c_d, buf.bn, 0, 15, 14, 13, 12, 0, 0, 0);
+ carry = (int)bn_add_words(t_d, t_d, c_d, BN_NIST_256_TOP);
+ /* left shift */
+ {
+ register BN_ULONG *ap, t, c;
+ ap = t_d;
+ c = 0;
+ for (i = BN_NIST_256_TOP; i != 0; --i) {
+ t = *ap;
+ *(ap++) = ((t << 1) | c) & BN_MASK2;
+ c = (t & BN_TBIT) ? 1 : 0;
+ }
+ carry <<= 1;
+ carry |= c;
}
- carry <<= 1;
- carry |= c;
+ carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_256_TOP);
+ /*
+ * S3
+ */
+ nist_set_256(t_d, buf.bn, 15, 14, 0, 0, 0, 10, 9, 8);
+ carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_256_TOP);
+ /*
+ * S4
+ */
+ nist_set_256(t_d, buf.bn, 8, 13, 15, 14, 13, 11, 10, 9);
+ carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_256_TOP);
+ /*
+ * D1
+ */
+ nist_set_256(t_d, buf.bn, 10, 8, 0, 0, 0, 13, 12, 11);
+ carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_256_TOP);
+ /*
+ * D2
+ */
+ nist_set_256(t_d, buf.bn, 11, 9, 0, 0, 15, 14, 13, 12);
+ carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_256_TOP);
+ /*
+ * D3
+ */
+ nist_set_256(t_d, buf.bn, 12, 0, 10, 9, 8, 15, 14, 13);
+ carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_256_TOP);
+ /*
+ * D4
+ */
+ nist_set_256(t_d, buf.bn, 13, 0, 11, 10, 9, 0, 15, 14);
+ carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_256_TOP);
+
}
- carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_256_TOP);
- /*
- * S3
- */
- nist_set_256(t_d, buf, 15, 14, 0, 0, 0, 10, 9, 8);
- carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_256_TOP);
- /*
- * S4
- */
- nist_set_256(t_d, buf, 8, 13, 15, 14, 13, 11, 10, 9);
- carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_256_TOP);
- /*
- * D1
- */
- nist_set_256(t_d, buf, 10, 8, 0, 0, 0, 13, 12, 11);
- carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_256_TOP);
- /*
- * D2
- */
- nist_set_256(t_d, buf, 11, 9, 0, 0, 15, 14, 13, 12);
- carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_256_TOP);
- /*
- * D3
- */
- nist_set_256(t_d, buf, 12, 0, 10, 9, 8, 15, 14, 13);
- carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_256_TOP);
- /*
- * D4
- */
- nist_set_256(t_d, buf, 13, 0, 11, 10, 9, 0, 15, 14);
- carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_256_TOP);
-
+#endif
/* see BN_nist_mod_224 for explanation */
u.f = bn_sub_words;
if (carry > 0)
@@ -657,14 +897,18 @@
carry =
(int)bn_add_words(r_d, r_d, _nist_p_256[-carry - 1],
BN_NIST_256_TOP);
- mask = 0 - (size_t)carry;
- u.p = ((size_t)bn_sub_words & mask) | ((size_t)bn_add_words & ~mask);
+ mask = 0 - (PTR_SIZE_INT) carry;
+ u.p = ((PTR_SIZE_INT) bn_sub_words & mask) |
+ ((PTR_SIZE_INT) bn_add_words & ~mask);
} else
carry = 1;
- mask = 0 - (size_t)(*u.f) (c_d, r_d, _nist_p_256[0], BN_NIST_256_TOP);
- mask &= 0 - (size_t)carry;
- res = (BN_ULONG *)(((size_t)c_d & ~mask) | ((size_t)r_d & mask));
+ mask =
+ 0 - (PTR_SIZE_INT) (*u.f) (c_d, r_d, _nist_p_256[0], BN_NIST_256_TOP);
+ mask &= 0 - (PTR_SIZE_INT) carry;
+ res = c_d;
+ res = (BN_ULONG *)(((PTR_SIZE_INT) res & ~mask) |
+ ((PTR_SIZE_INT) r_d & mask));
nist_cp_bn(r_d, res, BN_NIST_256_TOP);
r->top = BN_NIST_256_TOP;
bn_correct_top(r);
@@ -694,12 +938,16 @@
int i, top = a->top;
int carry = 0;
register BN_ULONG *r_d, *a_d = a->d;
- BN_ULONG t_d[BN_NIST_384_TOP],
- buf[BN_NIST_384_TOP], c_d[BN_NIST_384_TOP], *res;
- size_t mask;
union {
+ BN_ULONG bn[BN_NIST_384_TOP];
+ unsigned int ui[BN_NIST_384_TOP * sizeof(BN_ULONG) /
+ sizeof(unsigned int)];
+ } buf;
+ BN_ULONG c_d[BN_NIST_384_TOP], *res;
+ PTR_SIZE_INT mask;
+ union {
bn_addsub_f f;
- size_t p;
+ PTR_SIZE_INT p;
} u;
static const BIGNUM _bignum_nist_p_384_sqr = {
(BN_ULONG *)_nist_p_384_sqr,
@@ -728,67 +976,198 @@
} else
r_d = a_d;
- nist_cp_bn_0(buf, a_d + BN_NIST_384_TOP, top - BN_NIST_384_TOP,
+ nist_cp_bn_0(buf.bn, a_d + BN_NIST_384_TOP, top - BN_NIST_384_TOP,
BN_NIST_384_TOP);
- /*
- * S1
- */
- nist_set_256(t_d, buf, 0, 0, 0, 0, 0, 23 - 4, 22 - 4, 21 - 4);
- /* left shift */
+#if defined(NIST_INT64)
{
- register BN_ULONG *ap, t, c;
- ap = t_d;
- c = 0;
- for (i = 3; i != 0; --i) {
- t = *ap;
- *(ap++) = ((t << 1) | c) & BN_MASK2;
- c = (t & BN_TBIT) ? 1 : 0;
+ NIST_INT64 acc; /* accumulator */
+ unsigned int *rp = (unsigned int *)r_d;
+ const unsigned int *bp = (const unsigned int *)buf.ui;
+
+ acc = rp[0];
+ acc += bp[12 - 12];
+ acc += bp[21 - 12];
+ acc += bp[20 - 12];
+ acc -= bp[23 - 12];
+ rp[0] = (unsigned int)acc;
+ acc >>= 32;
+
+ acc += rp[1];
+ acc += bp[13 - 12];
+ acc += bp[22 - 12];
+ acc += bp[23 - 12];
+ acc -= bp[12 - 12];
+ acc -= bp[20 - 12];
+ rp[1] = (unsigned int)acc;
+ acc >>= 32;
+
+ acc += rp[2];
+ acc += bp[14 - 12];
+ acc += bp[23 - 12];
+ acc -= bp[13 - 12];
+ acc -= bp[21 - 12];
+ rp[2] = (unsigned int)acc;
+ acc >>= 32;
+
+ acc += rp[3];
+ acc += bp[15 - 12];
+ acc += bp[12 - 12];
+ acc += bp[20 - 12];
+ acc += bp[21 - 12];
+ acc -= bp[14 - 12];
+ acc -= bp[22 - 12];
+ acc -= bp[23 - 12];
+ rp[3] = (unsigned int)acc;
+ acc >>= 32;
+
+ acc += rp[4];
+ acc += bp[21 - 12];
+ acc += bp[21 - 12];
+ acc += bp[16 - 12];
+ acc += bp[13 - 12];
+ acc += bp[12 - 12];
+ acc += bp[20 - 12];
+ acc += bp[22 - 12];
+ acc -= bp[15 - 12];
+ acc -= bp[23 - 12];
+ acc -= bp[23 - 12];
+ rp[4] = (unsigned int)acc;
+ acc >>= 32;
+
+ acc += rp[5];
+ acc += bp[22 - 12];
+ acc += bp[22 - 12];
+ acc += bp[17 - 12];
+ acc += bp[14 - 12];
+ acc += bp[13 - 12];
+ acc += bp[21 - 12];
+ acc += bp[23 - 12];
+ acc -= bp[16 - 12];
+ rp[5] = (unsigned int)acc;
+ acc >>= 32;
+
+ acc += rp[6];
+ acc += bp[23 - 12];
+ acc += bp[23 - 12];
+ acc += bp[18 - 12];
+ acc += bp[15 - 12];
+ acc += bp[14 - 12];
+ acc += bp[22 - 12];
+ acc -= bp[17 - 12];
+ rp[6] = (unsigned int)acc;
+ acc >>= 32;
+
+ acc += rp[7];
+ acc += bp[19 - 12];
+ acc += bp[16 - 12];
+ acc += bp[15 - 12];
+ acc += bp[23 - 12];
+ acc -= bp[18 - 12];
+ rp[7] = (unsigned int)acc;
+ acc >>= 32;
+
+ acc += rp[8];
+ acc += bp[20 - 12];
+ acc += bp[17 - 12];
+ acc += bp[16 - 12];
+ acc -= bp[19 - 12];
+ rp[8] = (unsigned int)acc;
+ acc >>= 32;
+
+ acc += rp[9];
+ acc += bp[21 - 12];
+ acc += bp[18 - 12];
+ acc += bp[17 - 12];
+ acc -= bp[20 - 12];
+ rp[9] = (unsigned int)acc;
+ acc >>= 32;
+
+ acc += rp[10];
+ acc += bp[22 - 12];
+ acc += bp[19 - 12];
+ acc += bp[18 - 12];
+ acc -= bp[21 - 12];
+ rp[10] = (unsigned int)acc;
+ acc >>= 32;
+
+ acc += rp[11];
+ acc += bp[23 - 12];
+ acc += bp[20 - 12];
+ acc += bp[19 - 12];
+ acc -= bp[22 - 12];
+ rp[11] = (unsigned int)acc;
+
+ carry = (int)(acc >> 32);
+ }
+#else
+ {
+ BN_ULONG t_d[BN_NIST_384_TOP];
+
+ /*
+ * S1
+ */
+ nist_set_256(t_d, buf.bn, 0, 0, 0, 0, 0, 23 - 4, 22 - 4, 21 - 4);
+ /* left shift */
+ {
+ register BN_ULONG *ap, t, c;
+ ap = t_d;
+ c = 0;
+ for (i = 3; i != 0; --i) {
+ t = *ap;
+ *(ap++) = ((t << 1) | c) & BN_MASK2;
+ c = (t & BN_TBIT) ? 1 : 0;
+ }
+ *ap = c;
}
- *ap = c;
- }
- carry = (int)bn_add_words(r_d + (128 / BN_BITS2), r_d + (128 / BN_BITS2),
+ carry =
+ (int)bn_add_words(r_d + (128 / BN_BITS2), r_d + (128 / BN_BITS2),
t_d, BN_NIST_256_TOP);
- /*
- * S2
- */
- carry += (int)bn_add_words(r_d, r_d, buf, BN_NIST_384_TOP);
- /*
- * S3
- */
- nist_set_384(t_d, buf, 20, 19, 18, 17, 16, 15, 14, 13, 12, 23, 22, 21);
- carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_384_TOP);
- /*
- * S4
- */
- nist_set_384(t_d, buf, 19, 18, 17, 16, 15, 14, 13, 12, 20, 0, 23, 0);
- carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_384_TOP);
- /*
- * S5
- */
- nist_set_384(t_d, buf, 0, 0, 0, 0, 23, 22, 21, 20, 0, 0, 0, 0);
- carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_384_TOP);
- /*
- * S6
- */
- nist_set_384(t_d, buf, 0, 0, 0, 0, 0, 0, 23, 22, 21, 0, 0, 20);
- carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_384_TOP);
- /*
- * D1
- */
- nist_set_384(t_d, buf, 22, 21, 20, 19, 18, 17, 16, 15, 14, 13, 12, 23);
- carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_384_TOP);
- /*
- * D2
- */
- nist_set_384(t_d, buf, 0, 0, 0, 0, 0, 0, 0, 23, 22, 21, 20, 0);
- carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_384_TOP);
- /*
- * D3
- */
- nist_set_384(t_d, buf, 0, 0, 0, 0, 0, 0, 0, 23, 23, 0, 0, 0);
- carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_384_TOP);
+ /*
+ * S2
+ */
+ carry += (int)bn_add_words(r_d, r_d, buf.bn, BN_NIST_384_TOP);
+ /*
+ * S3
+ */
+ nist_set_384(t_d, buf.bn, 20, 19, 18, 17, 16, 15, 14, 13, 12, 23, 22,
+ 21);
+ carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_384_TOP);
+ /*
+ * S4
+ */
+ nist_set_384(t_d, buf.bn, 19, 18, 17, 16, 15, 14, 13, 12, 20, 0, 23,
+ 0);
+ carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_384_TOP);
+ /*
+ * S5
+ */
+ nist_set_384(t_d, buf.bn, 0, 0, 0, 0, 23, 22, 21, 20, 0, 0, 0, 0);
+ carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_384_TOP);
+ /*
+ * S6
+ */
+ nist_set_384(t_d, buf.bn, 0, 0, 0, 0, 0, 0, 23, 22, 21, 0, 0, 20);
+ carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_384_TOP);
+ /*
+ * D1
+ */
+ nist_set_384(t_d, buf.bn, 22, 21, 20, 19, 18, 17, 16, 15, 14, 13, 12,
+ 23);
+ carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_384_TOP);
+ /*
+ * D2
+ */
+ nist_set_384(t_d, buf.bn, 0, 0, 0, 0, 0, 0, 0, 23, 22, 21, 20, 0);
+ carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_384_TOP);
+ /*
+ * D3
+ */
+ nist_set_384(t_d, buf.bn, 0, 0, 0, 0, 0, 0, 0, 23, 23, 0, 0, 0);
+ carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_384_TOP);
+ }
+#endif
/* see BN_nist_mod_224 for explanation */
u.f = bn_sub_words;
if (carry > 0)
@@ -799,14 +1178,18 @@
carry =
(int)bn_add_words(r_d, r_d, _nist_p_384[-carry - 1],
BN_NIST_384_TOP);
- mask = 0 - (size_t)carry;
- u.p = ((size_t)bn_sub_words & mask) | ((size_t)bn_add_words & ~mask);
+ mask = 0 - (PTR_SIZE_INT) carry;
+ u.p = ((PTR_SIZE_INT) bn_sub_words & mask) |
+ ((PTR_SIZE_INT) bn_add_words & ~mask);
} else
carry = 1;
- mask = 0 - (size_t)(*u.f) (c_d, r_d, _nist_p_384[0], BN_NIST_384_TOP);
- mask &= 0 - (size_t)carry;
- res = (BN_ULONG *)(((size_t)c_d & ~mask) | ((size_t)r_d & mask));
+ mask =
+ 0 - (PTR_SIZE_INT) (*u.f) (c_d, r_d, _nist_p_384[0], BN_NIST_384_TOP);
+ mask &= 0 - (PTR_SIZE_INT) carry;
+ res = c_d;
+ res = (BN_ULONG *)(((PTR_SIZE_INT) res & ~mask) |
+ ((PTR_SIZE_INT) r_d & mask));
nist_cp_bn(r_d, res, BN_NIST_384_TOP);
r->top = BN_NIST_384_TOP;
bn_correct_top(r);
@@ -823,7 +1206,7 @@
{
int top = a->top, i;
BN_ULONG *r_d, *a_d = a->d, t_d[BN_NIST_521_TOP], val, tmp, *res;
- size_t mask;
+ PTR_SIZE_INT mask;
static const BIGNUM _bignum_nist_p_521_sqr = {
(BN_ULONG *)_nist_p_521_sqr,
sizeof(_nist_p_521_sqr) / sizeof(_nist_p_521_sqr[0]),
@@ -856,9 +1239,9 @@
top - (BN_NIST_521_TOP - 1), BN_NIST_521_TOP);
/* ... and right shift */
for (val = t_d[0], i = 0; i < BN_NIST_521_TOP - 1; i++) {
- tmp = val >> BN_NIST_521_RSHIFT;
- val = t_d[i + 1];
- t_d[i] = (tmp | val << BN_NIST_521_LSHIFT) & BN_MASK2;
+ t_d[i] = (val >> BN_NIST_521_RSHIFT |
+ (tmp = t_d[i + 1]) << BN_NIST_521_LSHIFT) & BN_MASK2;
+ val = tmp;
}
t_d[i] = val >> BN_NIST_521_RSHIFT;
/* lower 521 bits */
@@ -865,8 +1248,12 @@
r_d[i] &= BN_NIST_521_TOP_MASK;
bn_add_words(r_d, r_d, t_d, BN_NIST_521_TOP);
- mask = 0 - (size_t)bn_sub_words(t_d, r_d, _nist_p_521, BN_NIST_521_TOP);
- res = (BN_ULONG *)(((size_t)t_d & ~mask) | ((size_t)r_d & mask));
+ mask =
+ 0 - (PTR_SIZE_INT) bn_sub_words(t_d, r_d, _nist_p_521,
+ BN_NIST_521_TOP);
+ res = t_d;
+ res = (BN_ULONG *)(((PTR_SIZE_INT) res & ~mask) |
+ ((PTR_SIZE_INT) r_d & mask));
nist_cp_bn(r_d, res, BN_NIST_521_TOP);
r->top = BN_NIST_521_TOP;
bn_correct_top(r);
Modified: trunk/crypto/openssl/crypto/bn/bn_print.c
===================================================================
--- trunk/crypto/openssl/crypto/bn/bn_print.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/bn/bn_print.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -309,6 +309,24 @@
return (0);
}
+int BN_asc2bn(BIGNUM **bn, const char *a)
+{
+ const char *p = a;
+ if (*p == '-')
+ p++;
+
+ if (p[0] == '0' && (p[1] == 'X' || p[1] == 'x')) {
+ if (!BN_hex2bn(bn, p + 2))
+ return 0;
+ } else {
+ if (!BN_dec2bn(bn, p))
+ return 0;
+ }
+ if (*a == '-')
+ (*bn)->neg = 1;
+ return 1;
+}
+
#ifndef OPENSSL_NO_BIO
# ifndef OPENSSL_NO_FP_API
int BN_print_fp(FILE *fp, const BIGNUM *a)
@@ -350,3 +368,21 @@
return (ret);
}
#endif
+
+char *BN_options(void)
+{
+ static int init = 0;
+ static char data[16];
+
+ if (!init) {
+ init++;
+#ifdef BN_LLONG
+ BIO_snprintf(data, sizeof data, "bn(%d,%d)",
+ (int)sizeof(BN_ULLONG) * 8, (int)sizeof(BN_ULONG) * 8);
+#else
+ BIO_snprintf(data, sizeof data, "bn(%d,%d)",
+ (int)sizeof(BN_ULONG) * 8, (int)sizeof(BN_ULONG) * 8);
+#endif
+ }
+ return (data);
+}
Modified: trunk/crypto/openssl/crypto/bn/bn_rand.c
===================================================================
--- trunk/crypto/openssl/crypto/bn/bn_rand.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/bn/bn_rand.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -162,7 +162,8 @@
unsigned char c;
for (i = 0; i < bytes; i++) {
- RAND_pseudo_bytes(&c, 1);
+ if (RAND_pseudo_bytes(&c, 1) < 0)
+ goto err;
if (c >= 128 && i > 0)
buf[i] = buf[i - 1];
else if (c < 42)
Modified: trunk/crypto/openssl/crypto/bn/bn_shift.c
===================================================================
--- trunk/crypto/openssl/crypto/bn/bn_shift.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/bn/bn_shift.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -96,7 +96,7 @@
int BN_rshift1(BIGNUM *r, const BIGNUM *a)
{
BN_ULONG *ap, *rp, t, c;
- int i;
+ int i, j;
bn_check_top(r);
bn_check_top(a);
@@ -105,21 +105,25 @@
BN_zero(r);
return (1);
}
+ i = a->top;
+ ap = a->d;
+ j = i - (ap[i - 1] == 1);
if (a != r) {
- if (bn_wexpand(r, a->top) == NULL)
+ if (bn_wexpand(r, j) == NULL)
return (0);
- r->top = a->top;
r->neg = a->neg;
}
- ap = a->d;
rp = r->d;
- c = 0;
- for (i = a->top - 1; i >= 0; i--) {
- t = ap[i];
+ t = ap[--i];
+ c = (t & 1) ? BN_TBIT : 0;
+ if (t >>= 1)
+ rp[i] = t;
+ while (i > 0) {
+ t = ap[--i];
rp[i] = ((t >> 1) & BN_MASK2) | c;
c = (t & 1) ? BN_TBIT : 0;
}
- bn_correct_top(r);
+ r->top = j;
bn_check_top(r);
return (1);
}
@@ -187,9 +191,10 @@
BN_zero(r);
return (1);
}
+ i = (BN_num_bits(a) - n + (BN_BITS2 - 1)) / BN_BITS2;
if (r != a) {
r->neg = a->neg;
- if (bn_wexpand(r, a->top - nw + 1) == NULL)
+ if (bn_wexpand(r, i) == NULL)
return (0);
} else {
if (n == 0)
@@ -199,7 +204,7 @@
f = &(a->d[nw]);
t = r->d;
j = a->top - nw;
- r->top = j;
+ r->top = i;
if (rb == 0) {
for (i = j; i != 0; i--)
@@ -211,9 +216,9 @@
l = *(f++);
*(t++) = (tmp | (l << lb)) & BN_MASK2;
}
- *(t++) = (l >> rb) & BN_MASK2;
+ if ((l = (l >> rb) & BN_MASK2))
+ *(t) = l;
}
- bn_correct_top(r);
bn_check_top(r);
return (1);
}
Modified: trunk/crypto/openssl/crypto/bn/bntest.c
===================================================================
--- trunk/crypto/openssl/crypto/bn/bntest.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/bn/bntest.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -109,6 +109,7 @@
int test_mod_mul(BIO *bp, BN_CTX *ctx);
int test_mod_exp(BIO *bp, BN_CTX *ctx);
int test_mod_exp_mont_consttime(BIO *bp, BN_CTX *ctx);
+int test_mod_exp_mont5(BIO *bp, BN_CTX *ctx);
int test_exp(BIO *bp, BN_CTX *ctx);
int test_gf2m_add(BIO *bp);
int test_gf2m_mod(BIO *bp);
@@ -265,6 +266,8 @@
message(out, "BN_mod_exp_mont_consttime");
if (!test_mod_exp_mont_consttime(out, ctx))
goto err;
+ if (!test_mod_exp_mont5(out, ctx))
+ goto err;
(void)BIO_flush(out);
message(out, "BN_exp");
@@ -281,7 +284,7 @@
if (!test_sqrt(out, ctx))
goto err;
(void)BIO_flush(out);
-
+#ifndef OPENSSL_NO_EC2M
message(out, "BN_GF2m_add");
if (!test_gf2m_add(out))
goto err;
@@ -326,7 +329,7 @@
if (!test_gf2m_mod_solve_quad(out, ctx))
goto err;
(void)BIO_flush(out);
-
+#endif
BN_CTX_free(ctx);
BIO_free(out);
@@ -497,7 +500,7 @@
return;
}
#endif
- BIO_printf(bp, "%lX", w);
+ BIO_printf(bp, BN_HEX_FMT1, w);
}
int test_div_word(BIO *bp)
@@ -722,15 +725,7 @@
if (BN_cmp(c, d)) {
fprintf(stderr, "Square test failed: BN_sqr and BN_mul produce "
"different results!\n");
-#ifdef OPENSSL_FIPS
- /*
- * This test fails if we are linked to the FIPS module. Unfortunately
- * that can't be fixed so we print out the error but continue anyway.
- */
- fprintf(stderr, " FIPS build: ignoring.\n");
-#else
goto err;
-#endif
}
/* Regression test for a BN_sqr overflow bug. */
@@ -783,6 +778,8 @@
BN_init(&n);
mont = BN_MONT_CTX_new();
+ if (mont == NULL)
+ return 0;
BN_bntest_rand(&a, 100, 0, 0);
BN_bntest_rand(&b, 100, 0, 0);
@@ -1038,6 +1035,78 @@
return (1);
}
+/*
+ * Test constant-time modular exponentiation with 1024-bit inputs, which on
+ * x86_64 cause a different code branch to be taken.
+ */
+int test_mod_exp_mont5(BIO *bp, BN_CTX *ctx)
+{
+ BIGNUM *a, *p, *m, *d, *e;
+
+ BN_MONT_CTX *mont;
+
+ a = BN_new();
+ p = BN_new();
+ m = BN_new();
+ d = BN_new();
+ e = BN_new();
+
+ mont = BN_MONT_CTX_new();
+
+ BN_bntest_rand(m, 1024, 0, 1); /* must be odd for montgomery */
+ /* Zero exponent */
+ BN_bntest_rand(a, 1024, 0, 0);
+ BN_zero(p);
+ if (!BN_mod_exp_mont_consttime(d, a, p, m, ctx, NULL))
+ return 0;
+ if (!BN_is_one(d)) {
+ fprintf(stderr, "Modular exponentiation test failed!\n");
+ return 0;
+ }
+ /* Zero input */
+ BN_bntest_rand(p, 1024, 0, 0);
+ BN_zero(a);
+ if (!BN_mod_exp_mont_consttime(d, a, p, m, ctx, NULL))
+ return 0;
+ if (!BN_is_zero(d)) {
+ fprintf(stderr, "Modular exponentiation test failed!\n");
+ return 0;
+ }
+ /*
+ * Craft an input whose Montgomery representation is 1, i.e., shorter
+ * than the modulus m, in order to test the const time precomputation
+ * scattering/gathering.
+ */
+ BN_one(a);
+ BN_MONT_CTX_set(mont, m, ctx);
+ if (!BN_from_montgomery(e, a, mont, ctx))
+ return 0;
+ if (!BN_mod_exp_mont_consttime(d, e, p, m, ctx, NULL))
+ return 0;
+ if (!BN_mod_exp_simple(a, e, p, m, ctx))
+ return 0;
+ if (BN_cmp(a, d) != 0) {
+ fprintf(stderr, "Modular exponentiation test failed!\n");
+ return 0;
+ }
+ /* Finally, some regular test vectors. */
+ BN_bntest_rand(e, 1024, 0, 0);
+ if (!BN_mod_exp_mont_consttime(d, e, p, m, ctx, NULL))
+ return 0;
+ if (!BN_mod_exp_simple(a, e, p, m, ctx))
+ return 0;
+ if (BN_cmp(a, d) != 0) {
+ fprintf(stderr, "Modular exponentiation test failed!\n");
+ return 0;
+ }
+ BN_free(a);
+ BN_free(p);
+ BN_free(m);
+ BN_free(d);
+ BN_free(e);
+ return (1);
+}
+
int test_exp(BIO *bp, BN_CTX *ctx)
{
BIGNUM *a, *b, *d, *e, *one;
@@ -1084,6 +1153,7 @@
return (1);
}
+#ifndef OPENSSL_NO_EC2M
int test_gf2m_add(BIO *bp)
{
BIGNUM a, b, c;
@@ -1099,7 +1169,7 @@
a.neg = rand_neg();
b.neg = rand_neg();
BN_GF2m_add(&c, &a, &b);
-#if 0 /* make test uses ouput in bc but bc can't
+# if 0 /* make test uses ouput in bc but bc can't
* handle GF(2^m) arithmetic */
if (bp != NULL) {
if (!results) {
@@ -1111,7 +1181,7 @@
BN_print(bp, &c);
BIO_puts(bp, "\n");
}
-#endif
+# endif
/* Test that two added values have the correct parity. */
if ((BN_is_odd(&a) && BN_is_odd(&c))
|| (!BN_is_odd(&a) && !BN_is_odd(&c))) {
@@ -1137,8 +1207,8 @@
{
BIGNUM *a, *b[2], *c, *d, *e;
int i, j, ret = 0;
- unsigned int p0[] = { 163, 7, 6, 3, 0 };
- unsigned int p1[] = { 193, 15, 0 };
+ int p0[] = { 163, 7, 6, 3, 0, -1 };
+ int p1[] = { 193, 15, 0, -1 };
a = BN_new();
b[0] = BN_new();
@@ -1154,7 +1224,7 @@
BN_bntest_rand(a, 1024, 0, 0);
for (j = 0; j < 2; j++) {
BN_GF2m_mod(c, a, b[j]);
-#if 0 /* make test uses ouput in bc but bc can't
+# if 0 /* make test uses ouput in bc but bc can't
* handle GF(2^m) arithmetic */
if (bp != NULL) {
if (!results) {
@@ -1166,7 +1236,7 @@
BIO_puts(bp, "\n");
}
}
-#endif
+# endif
BN_GF2m_add(d, a, c);
BN_GF2m_mod(e, d, b[j]);
/* Test that a + (a mod p) mod p == 0. */
@@ -1191,8 +1261,8 @@
{
BIGNUM *a, *b[2], *c, *d, *e, *f, *g, *h;
int i, j, ret = 0;
- unsigned int p0[] = { 163, 7, 6, 3, 0 };
- unsigned int p1[] = { 193, 15, 0 };
+ int p0[] = { 163, 7, 6, 3, 0, -1 };
+ int p1[] = { 193, 15, 0, -1 };
a = BN_new();
b[0] = BN_new();
@@ -1213,7 +1283,7 @@
BN_bntest_rand(d, 1024, 0, 0);
for (j = 0; j < 2; j++) {
BN_GF2m_mod_mul(e, a, c, b[j], ctx);
-#if 0 /* make test uses ouput in bc but bc can't
+# if 0 /* make test uses ouput in bc but bc can't
* handle GF(2^m) arithmetic */
if (bp != NULL) {
if (!results) {
@@ -1227,7 +1297,7 @@
BIO_puts(bp, "\n");
}
}
-#endif
+# endif
BN_GF2m_add(f, a, d);
BN_GF2m_mod_mul(g, f, c, b[j], ctx);
BN_GF2m_mod_mul(h, d, c, b[j], ctx);
@@ -1259,8 +1329,8 @@
{
BIGNUM *a, *b[2], *c, *d;
int i, j, ret = 0;
- unsigned int p0[] = { 163, 7, 6, 3, 0 };
- unsigned int p1[] = { 193, 15, 0 };
+ int p0[] = { 163, 7, 6, 3, 0, -1 };
+ int p1[] = { 193, 15, 0, -1 };
a = BN_new();
b[0] = BN_new();
@@ -1277,7 +1347,7 @@
BN_GF2m_mod_sqr(c, a, b[j], ctx);
BN_copy(d, a);
BN_GF2m_mod_mul(d, a, d, b[j], ctx);
-#if 0 /* make test uses ouput in bc but bc can't
+# if 0 /* make test uses ouput in bc but bc can't
* handle GF(2^m) arithmetic */
if (bp != NULL) {
if (!results) {
@@ -1291,7 +1361,7 @@
BIO_puts(bp, "\n");
}
}
-#endif
+# endif
BN_GF2m_add(d, c, d);
/* Test that a*a = a^2. */
if (!BN_is_zero(d)) {
@@ -1314,8 +1384,8 @@
{
BIGNUM *a, *b[2], *c, *d;
int i, j, ret = 0;
- unsigned int p0[] = { 163, 7, 6, 3, 0 };
- unsigned int p1[] = { 193, 15, 0 };
+ int p0[] = { 163, 7, 6, 3, 0, -1 };
+ int p1[] = { 193, 15, 0, -1 };
a = BN_new();
b[0] = BN_new();
@@ -1331,7 +1401,7 @@
for (j = 0; j < 2; j++) {
BN_GF2m_mod_inv(c, a, b[j], ctx);
BN_GF2m_mod_mul(d, a, c, b[j], ctx);
-#if 0 /* make test uses ouput in bc but bc can't
+# if 0 /* make test uses ouput in bc but bc can't
* handle GF(2^m) arithmetic */
if (bp != NULL) {
if (!results) {
@@ -1343,7 +1413,7 @@
BIO_puts(bp, "\n");
}
}
-#endif
+# endif
/* Test that ((1/a)*a) = 1. */
if (!BN_is_one(d)) {
fprintf(stderr, "GF(2^m) modular inversion test failed!\n");
@@ -1365,8 +1435,8 @@
{
BIGNUM *a, *b[2], *c, *d, *e, *f;
int i, j, ret = 0;
- unsigned int p0[] = { 163, 7, 6, 3, 0 };
- unsigned int p1[] = { 193, 15, 0 };
+ int p0[] = { 163, 7, 6, 3, 0, -1 };
+ int p1[] = { 193, 15, 0, -1 };
a = BN_new();
b[0] = BN_new();
@@ -1386,7 +1456,7 @@
BN_GF2m_mod_div(d, a, c, b[j], ctx);
BN_GF2m_mod_mul(e, d, c, b[j], ctx);
BN_GF2m_mod_div(f, a, e, b[j], ctx);
-#if 0 /* make test uses ouput in bc but bc can't
+# if 0 /* make test uses ouput in bc but bc can't
* handle GF(2^m) arithmetic */
if (bp != NULL) {
if (!results) {
@@ -1400,7 +1470,7 @@
BIO_puts(bp, "\n");
}
}
-#endif
+# endif
/* Test that ((a/c)*c)/a = 1. */
if (!BN_is_one(f)) {
fprintf(stderr, "GF(2^m) modular division test failed!\n");
@@ -1424,8 +1494,8 @@
{
BIGNUM *a, *b[2], *c, *d, *e, *f;
int i, j, ret = 0;
- unsigned int p0[] = { 163, 7, 6, 3, 0 };
- unsigned int p1[] = { 193, 15, 0 };
+ int p0[] = { 163, 7, 6, 3, 0, -1 };
+ int p1[] = { 193, 15, 0, -1 };
a = BN_new();
b[0] = BN_new();
@@ -1448,7 +1518,7 @@
BN_GF2m_mod_mul(e, e, f, b[j], ctx);
BN_add(f, c, d);
BN_GF2m_mod_exp(f, a, f, b[j], ctx);
-#if 0 /* make test uses ouput in bc but bc can't
+# if 0 /* make test uses ouput in bc but bc can't
* handle GF(2^m) arithmetic */
if (bp != NULL) {
if (!results) {
@@ -1466,7 +1536,7 @@
BIO_puts(bp, "\n");
}
}
-#endif
+# endif
BN_GF2m_add(f, e, f);
/* Test that a^(c+d)=a^c*a^d. */
if (!BN_is_zero(f)) {
@@ -1492,8 +1562,8 @@
{
BIGNUM *a, *b[2], *c, *d, *e, *f;
int i, j, ret = 0;
- unsigned int p0[] = { 163, 7, 6, 3, 0 };
- unsigned int p1[] = { 193, 15, 0 };
+ int p0[] = { 163, 7, 6, 3, 0, -1 };
+ int p1[] = { 193, 15, 0, -1 };
a = BN_new();
b[0] = BN_new();
@@ -1512,7 +1582,7 @@
BN_GF2m_mod(c, a, b[j]);
BN_GF2m_mod_sqrt(d, a, b[j], ctx);
BN_GF2m_mod_sqr(e, d, b[j], ctx);
-#if 0 /* make test uses ouput in bc but bc can't
+# if 0 /* make test uses ouput in bc but bc can't
* handle GF(2^m) arithmetic */
if (bp != NULL) {
if (!results) {
@@ -1522,7 +1592,7 @@
BIO_puts(bp, "\n");
}
}
-#endif
+# endif
BN_GF2m_add(f, c, e);
/* Test that d^2 = a, where d = sqrt(a). */
if (!BN_is_zero(f)) {
@@ -1547,8 +1617,8 @@
{
BIGNUM *a, *b[2], *c, *d, *e;
int i, j, s = 0, t, ret = 0;
- unsigned int p0[] = { 163, 7, 6, 3, 0 };
- unsigned int p1[] = { 193, 15, 0 };
+ int p0[] = { 163, 7, 6, 3, 0, -1 };
+ int p1[] = { 193, 15, 0, -1 };
a = BN_new();
b[0] = BN_new();
@@ -1569,7 +1639,7 @@
BN_GF2m_mod_sqr(d, c, b[j], ctx);
BN_GF2m_add(d, c, d);
BN_GF2m_mod(e, a, b[j]);
-#if 0 /* make test uses ouput in bc but bc can't
+# if 0 /* make test uses ouput in bc but bc can't
* handle GF(2^m) arithmetic */
if (bp != NULL) {
if (!results) {
@@ -1581,7 +1651,7 @@
BIO_puts(bp, "\n");
}
}
-#endif
+# endif
BN_GF2m_add(e, e, d);
/*
* Test that solution of quadratic c satisfies c^2 + c = a.
@@ -1593,7 +1663,7 @@
}
} else {
-#if 0 /* make test uses ouput in bc but bc can't
+# if 0 /* make test uses ouput in bc but bc can't
* handle GF(2^m) arithmetic */
if (bp != NULL) {
if (!results) {
@@ -1604,7 +1674,7 @@
BIO_puts(bp, "\n");
}
}
-#endif
+# endif
}
}
}
@@ -1626,7 +1696,7 @@
BN_free(e);
return ret;
}
-
+#endif
static int genprime_cb(int p, int n, BN_GENCB *arg)
{
char c = '*';
Modified: trunk/crypto/openssl/crypto/bn/exptest.c
===================================================================
--- trunk/crypto/openssl/crypto/bn/exptest.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/bn/exptest.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -73,11 +73,6 @@
"string to make the random number generator think it has entropy";
/*
- * Disabled for FIPS capable builds because they use the FIPS BIGNUM library
- * which will fail this test.
- */
-#ifndef OPENSSL_FIPS
-/*
* test_exp_mod_zero tests that x**0 mod 1 == 0. It returns zero on success.
*/
static int test_exp_mod_zero()
@@ -115,7 +110,7 @@
return ret;
}
-#endif
+
int main(int argc, char *argv[])
{
BN_CTX *ctx;
@@ -201,7 +196,7 @@
} else {
if (BN_cmp(r_simple, r_mont) != 0)
printf("\nsimple and mont results differ\n");
- if (BN_cmp(r_simple, r_mont) != 0)
+ if (BN_cmp(r_simple, r_mont_const) != 0)
printf("\nsimple and mont const time results differ\n");
if (BN_cmp(r_simple, r_recp) != 0)
printf("\nsimple and recp results differ\n");
@@ -232,14 +227,14 @@
BN_free(b);
BN_free(m);
BN_CTX_free(ctx);
- ERR_remove_state(0);
+ ERR_remove_thread_state(NULL);
CRYPTO_mem_leaks(out);
BIO_free(out);
printf("\n");
-#ifndef OPENSSL_FIPS
+
if (test_exp_mod_zero() != 0)
goto err;
-#endif
+
printf("done\n");
EXIT(0);
Modified: trunk/crypto/openssl/crypto/buffer/Makefile
===================================================================
--- trunk/crypto/openssl/crypto/buffer/Makefile 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/buffer/Makefile 2015-07-21 23:23:45 UTC (rev 7118)
@@ -33,7 +33,7 @@
all: lib
lib: $(LIBOBJ)
- $(ARX) $(LIB) $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
@@ -61,6 +61,8 @@
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
+update: depend
+
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
Modified: trunk/crypto/openssl/crypto/buffer/buf_err.c
===================================================================
--- trunk/crypto/openssl/crypto/buffer/buf_err.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/buffer/buf_err.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,6 +1,6 @@
/* crypto/buffer/buf_err.c */
/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
Modified: trunk/crypto/openssl/crypto/buffer/buf_str.c
===================================================================
--- trunk/crypto/openssl/crypto/buffer/buf_str.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/buffer/buf_str.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,56 +1,59 @@
-/* crypto/buffer/buf_str.c */
-/* ====================================================================
- * Copyright (c) 2007 The OpenSSL Project. All rights reserved.
+/* crypto/buffer/buffer.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
*
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
- *
- * 1. Redistributions of source code must retain the above copyright
+ * 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
- *
* 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
*
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
*
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
*/
#include <stdio.h>
Modified: trunk/crypto/openssl/crypto/buffer/buffer.c
===================================================================
--- trunk/crypto/openssl/crypto/buffer/buffer.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/buffer/buffer.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -88,21 +88,17 @@
return;
if (a->data != NULL) {
- memset(a->data, 0, (unsigned int)a->max);
+ OPENSSL_cleanse(a->data, a->max);
OPENSSL_free(a->data);
}
OPENSSL_free(a);
}
-int BUF_MEM_grow(BUF_MEM *str, int len)
+int BUF_MEM_grow(BUF_MEM *str, size_t len)
{
char *ret;
- unsigned int n;
+ size_t n;
- if (len < 0) {
- BUFerr(BUF_F_BUF_MEM_GROW, ERR_R_MALLOC_FAILURE);
- return 0;
- }
if (str->length >= len) {
str->length = len;
return (len);
@@ -134,15 +130,11 @@
return (len);
}
-int BUF_MEM_grow_clean(BUF_MEM *str, int len)
+int BUF_MEM_grow_clean(BUF_MEM *str, size_t len)
{
char *ret;
- unsigned int n;
+ size_t n;
- if (len < 0) {
- BUFerr(BUF_F_BUF_MEM_GROW_CLEAN, ERR_R_MALLOC_FAILURE);
- return 0;
- }
if (str->length >= len) {
memset(&str->data[len], 0, str->length - len);
str->length = len;
@@ -174,3 +166,22 @@
}
return (len);
}
+
+void BUF_reverse(unsigned char *out, const unsigned char *in, size_t size)
+{
+ size_t i;
+ if (in) {
+ out += size - 1;
+ for (i = 0; i < size; i++)
+ *out-- = *in++;
+ } else {
+ unsigned char *q;
+ char c;
+ q = out + size - 1;
+ for (i = 0; i < size / 2; i++) {
+ c = *q;
+ *q-- = *out;
+ *out++ = c;
+ }
+ }
+}
Modified: trunk/crypto/openssl/crypto/buffer/buffer.h
===================================================================
--- trunk/crypto/openssl/crypto/buffer/buffer.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/buffer/buffer.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -75,18 +75,19 @@
/* typedef struct buf_mem_st BUF_MEM; */
struct buf_mem_st {
- int length; /* current number of bytes */
+ size_t length; /* current number of bytes */
char *data;
- int max; /* size of buffer */
+ size_t max; /* size of buffer */
};
BUF_MEM *BUF_MEM_new(void);
void BUF_MEM_free(BUF_MEM *a);
-int BUF_MEM_grow(BUF_MEM *str, int len);
-int BUF_MEM_grow_clean(BUF_MEM *str, int len);
+int BUF_MEM_grow(BUF_MEM *str, size_t len);
+int BUF_MEM_grow_clean(BUF_MEM *str, size_t len);
char *BUF_strdup(const char *str);
char *BUF_strndup(const char *str, size_t siz);
void *BUF_memdup(const void *data, size_t siz);
+void BUF_reverse(unsigned char *out, const unsigned char *in, size_t siz);
/* safe string functions */
size_t BUF_strlcpy(char *dst, const char *src, size_t siz);
Modified: trunk/crypto/openssl/crypto/camellia/Makefile
===================================================================
--- trunk/crypto/openssl/crypto/camellia/Makefile 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/camellia/Makefile 2015-07-21 23:23:45 UTC (rev 7118)
@@ -11,7 +11,7 @@
MAKEFILE= Makefile
AR= ar r
-CAMELLIA_ASM_OBJ=
+CMLL_ENC= camellia.o cmll_misc.o cmll_cbc.o
CFLAGS= $(INCLUDES) $(CFLAG)
ASFLAGS= $(INCLUDES) $(ASFLAG)
@@ -23,10 +23,9 @@
LIB=$(TOP)/libcrypto.a
LIBSRC=camellia.c cmll_misc.c cmll_ecb.c cmll_cbc.c cmll_ofb.c \
- cmll_cfb.c cmll_ctr.c
+ cmll_cfb.c cmll_ctr.c cmll_utl.c
-LIBOBJ= camellia.o cmll_misc.o cmll_ecb.o cmll_cbc.o cmll_ofb.o \
- cmll_cfb.o cmll_ctr.o $(CAMELLIA_ASM_OBJ)
+LIBOBJ= cmll_ecb.o cmll_ofb.o cmll_cfb.o cmll_ctr.o cmll_utl.o $(CMLL_ENC)
SRC= $(LIBSRC)
@@ -41,13 +40,15 @@
all: lib
lib: $(LIBOBJ)
- $(ARX) $(LIB) $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
-$(LIBOBJ): $(LIBSRC)
+cmll-x86.s: asm/cmll-x86.pl ../perlasm/x86asm.pl
+ $(PERL) asm/cmll-x86.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+cmll-x86_64.s: asm/cmll-x86_64.pl
+ $(PERL) asm/cmll-x86_64.pl $(PERLASM_SCHEME) > $@
-
files:
$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
@@ -72,6 +73,8 @@
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
+update: depend
+
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
@@ -85,22 +88,25 @@
# DO NOT DELETE THIS LINE -- make depend depends on it.
-camellia.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-camellia.o: camellia.c camellia.h cmll_locl.h
-cmll_cbc.o: ../../include/openssl/camellia.h ../../include/openssl/e_os2.h
-cmll_cbc.o: ../../include/openssl/opensslconf.h cmll_cbc.c cmll_locl.h
-cmll_cfb.o: ../../e_os.h ../../include/openssl/camellia.h
-cmll_cfb.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-cmll_cfb.o: cmll_cfb.c cmll_locl.h
-cmll_ctr.o: ../../include/openssl/camellia.h ../../include/openssl/e_os2.h
-cmll_ctr.o: ../../include/openssl/opensslconf.h cmll_ctr.c cmll_locl.h
-cmll_ecb.o: ../../include/openssl/camellia.h ../../include/openssl/e_os2.h
+camellia.o: ../../include/openssl/opensslconf.h camellia.c camellia.h
+camellia.o: cmll_locl.h
+cmll_cbc.o: ../../include/openssl/camellia.h ../../include/openssl/modes.h
+cmll_cbc.o: ../../include/openssl/opensslconf.h cmll_cbc.c
+cmll_cfb.o: ../../include/openssl/camellia.h ../../include/openssl/modes.h
+cmll_cfb.o: ../../include/openssl/opensslconf.h cmll_cfb.c
+cmll_ctr.o: ../../include/openssl/camellia.h ../../include/openssl/modes.h
+cmll_ctr.o: ../../include/openssl/opensslconf.h cmll_ctr.c
+cmll_ecb.o: ../../include/openssl/camellia.h
cmll_ecb.o: ../../include/openssl/opensslconf.h cmll_ecb.c cmll_locl.h
cmll_misc.o: ../../include/openssl/camellia.h ../../include/openssl/crypto.h
-cmll_misc.o: ../../include/openssl/e_os2.h ../../include/openssl/fips.h
-cmll_misc.o: ../../include/openssl/opensslconf.h
+cmll_misc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
cmll_misc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
cmll_misc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
cmll_misc.o: ../../include/openssl/symhacks.h cmll_locl.h cmll_misc.c
-cmll_ofb.o: ../../include/openssl/camellia.h ../../include/openssl/e_os2.h
-cmll_ofb.o: ../../include/openssl/opensslconf.h cmll_locl.h cmll_ofb.c
+cmll_ofb.o: ../../include/openssl/camellia.h ../../include/openssl/modes.h
+cmll_ofb.o: ../../include/openssl/opensslconf.h cmll_ofb.c
+cmll_utl.o: ../../include/openssl/camellia.h ../../include/openssl/crypto.h
+cmll_utl.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+cmll_utl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cmll_utl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+cmll_utl.o: ../../include/openssl/symhacks.h cmll_locl.h cmll_utl.c
Modified: trunk/crypto/openssl/crypto/camellia/camellia.c
===================================================================
--- trunk/crypto/openssl/crypto/camellia/camellia.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/camellia/camellia.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -70,1599 +70,515 @@
* http://info.isl.llia/specicrypt/eng/camellia/specifications.html
*/
-#include <string.h>
-#include <stdlib.h>
+/*
+ * This release balances code size and performance. In particular key
+ * schedule setup is fully unrolled, because doing so *significantly*
+ * reduces amount of instructions per setup round and code increase is
+ * justifiable. In block functions on the other hand only inner loops
+ * are unrolled, as full unroll gives only nominal performance boost,
+ * while code size grows 4 or 7 times. Also, unlike previous versions
+ * this one "encourages" compiler to keep intermediate variables in
+ * registers, which should give better "all round" results, in other
+ * words reasonable performance even with not so modern compilers.
+ */
#include "camellia.h"
#include "cmll_locl.h"
+#include <string.h>
+#include <stdlib.h>
-/* key constants */
-#define CAMELLIA_SIGMA1L (0xA09E667FL)
-#define CAMELLIA_SIGMA1R (0x3BCC908BL)
-#define CAMELLIA_SIGMA2L (0xB67AE858L)
-#define CAMELLIA_SIGMA2R (0x4CAA73B2L)
-#define CAMELLIA_SIGMA3L (0xC6EF372FL)
-#define CAMELLIA_SIGMA3R (0xE94F82BEL)
-#define CAMELLIA_SIGMA4L (0x54FF53A5L)
-#define CAMELLIA_SIGMA4R (0xF1D36F1CL)
-#define CAMELLIA_SIGMA5L (0x10E527FAL)
-#define CAMELLIA_SIGMA5R (0xDE682D1DL)
-#define CAMELLIA_SIGMA6L (0xB05688C2L)
-#define CAMELLIA_SIGMA6R (0xB3E6C1FDL)
+/* 32-bit rotations */
+#if !defined(PEDANTIC) && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
+# if defined(_MSC_VER) && (defined(_M_IX86) || defined(_M_AMD64) || defined(_M_X64))
+# define RightRotate(x, s) _lrotr(x, s)
+# define LeftRotate(x, s) _lrotl(x, s)
+# if _MSC_VER >= 1400
+# define SWAP(x) _byteswap_ulong(x)
+# else
+# define SWAP(x) (_lrotl(x, 8) & 0x00ff00ff | _lrotr(x, 8) & 0xff00ff00)
+# endif
+# define GETU32(p) SWAP(*((u32 *)(p)))
+# define PUTU32(p,v) (*((u32 *)(p)) = SWAP((v)))
+# elif defined(__GNUC__) && __GNUC__>=2
+# if defined(__i386) || defined(__x86_64)
+# define RightRotate(x,s) ({u32 ret; asm ("rorl %1,%0":"=r"(ret):"I"(s),"0"(x):"cc"); ret; })
+# define LeftRotate(x,s) ({u32 ret; asm ("roll %1,%0":"=r"(ret):"I"(s),"0"(x):"cc"); ret; })
+# if defined(B_ENDIAN) /* stratus.com does it */
+# define GETU32(p) (*(u32 *)(p))
+# define PUTU32(p,v) (*(u32 *)(p)=(v))
+# else
+# define GETU32(p) ({u32 r=*(const u32 *)(p); asm("bswapl %0":"=r"(r):"0"(r)); r; })
+# define PUTU32(p,v) ({u32 r=(v); asm("bswapl %0":"=r"(r):"0"(r)); *(u32 *)(p)=r; })
+# endif
+# elif defined(_ARCH_PPC) || defined(_ARCH_PPC64) || \
+ defined(__powerpc) || defined(__ppc__) || defined(__powerpc64__)
+# define LeftRotate(x,s) ({u32 ret; asm ("rlwinm %0,%1,%2,0,31":"=r"(ret):"r"(x),"I"(s)); ret; })
+# define RightRotate(x,s) LeftRotate(x,(32-s))
+# elif defined(__s390x__)
+# define LeftRotate(x,s) ({u32 ret; asm ("rll %0,%1,%2":"=r"(ret):"r"(x),"I"(s)); ret; })
+# define RightRotate(x,s) LeftRotate(x,(32-s))
+# define GETU32(p) (*(u32 *)(p))
+# define PUTU32(p,v) (*(u32 *)(p)=(v))
+# endif
+# endif
+#endif
-/*
- * macros
- */
+#if !defined(RightRotate) && !defined(LeftRotate)
+# define RightRotate(x, s) ( ((x) >> (s)) + ((x) << (32 - s)) )
+# define LeftRotate(x, s) ( ((x) << (s)) + ((x) >> (32 - s)) )
+#endif
-/* e is pointer of subkey */
-#define CamelliaSubkeyL(INDEX) (subkey[(INDEX)*2])
-#define CamelliaSubkeyR(INDEX) (subkey[(INDEX)*2 + 1])
+#if !defined(GETU32) && !defined(PUTU32)
+# define GETU32(p) (((u32)(p)[0] << 24) ^ ((u32)(p)[1] << 16) ^ ((u32)(p)[2] << 8) ^ ((u32)(p)[3]))
+# define PUTU32(p,v) ((p)[0] = (u8)((v) >> 24), (p)[1] = (u8)((v) >> 16), (p)[2] = (u8)((v) >> 8), (p)[3] = (u8)(v))
+#endif
-/* rotation right shift 1byte */
-#define CAMELLIA_RR8(x) (((x) >> 8) + ((x) << 24))
-/* rotation left shift 1bit */
-#define CAMELLIA_RL1(x) (((x) << 1) + ((x) >> 31))
-/* rotation left shift 1byte */
-#define CAMELLIA_RL8(x) (((x) << 8) + ((x) >> 24))
+/* S-box data */
+#define SBOX1_1110 Camellia_SBOX[0]
+#define SBOX4_4404 Camellia_SBOX[1]
+#define SBOX2_0222 Camellia_SBOX[2]
+#define SBOX3_3033 Camellia_SBOX[3]
+static const u32 Camellia_SBOX[][256] = {
+ {0x70707000, 0x82828200, 0x2c2c2c00, 0xececec00, 0xb3b3b300, 0x27272700,
+ 0xc0c0c000, 0xe5e5e500, 0xe4e4e400, 0x85858500, 0x57575700, 0x35353500,
+ 0xeaeaea00, 0x0c0c0c00, 0xaeaeae00, 0x41414100, 0x23232300, 0xefefef00,
+ 0x6b6b6b00, 0x93939300, 0x45454500, 0x19191900, 0xa5a5a500, 0x21212100,
+ 0xededed00, 0x0e0e0e00, 0x4f4f4f00, 0x4e4e4e00, 0x1d1d1d00, 0x65656500,
+ 0x92929200, 0xbdbdbd00, 0x86868600, 0xb8b8b800, 0xafafaf00, 0x8f8f8f00,
+ 0x7c7c7c00, 0xebebeb00, 0x1f1f1f00, 0xcecece00, 0x3e3e3e00, 0x30303000,
+ 0xdcdcdc00, 0x5f5f5f00, 0x5e5e5e00, 0xc5c5c500, 0x0b0b0b00, 0x1a1a1a00,
+ 0xa6a6a600, 0xe1e1e100, 0x39393900, 0xcacaca00, 0xd5d5d500, 0x47474700,
+ 0x5d5d5d00, 0x3d3d3d00, 0xd9d9d900, 0x01010100, 0x5a5a5a00, 0xd6d6d600,
+ 0x51515100, 0x56565600, 0x6c6c6c00, 0x4d4d4d00, 0x8b8b8b00, 0x0d0d0d00,
+ 0x9a9a9a00, 0x66666600, 0xfbfbfb00, 0xcccccc00, 0xb0b0b000, 0x2d2d2d00,
+ 0x74747400, 0x12121200, 0x2b2b2b00, 0x20202000, 0xf0f0f000, 0xb1b1b100,
+ 0x84848400, 0x99999900, 0xdfdfdf00, 0x4c4c4c00, 0xcbcbcb00, 0xc2c2c200,
+ 0x34343400, 0x7e7e7e00, 0x76767600, 0x05050500, 0x6d6d6d00, 0xb7b7b700,
+ 0xa9a9a900, 0x31313100, 0xd1d1d100, 0x17171700, 0x04040400, 0xd7d7d700,
+ 0x14141400, 0x58585800, 0x3a3a3a00, 0x61616100, 0xdedede00, 0x1b1b1b00,
+ 0x11111100, 0x1c1c1c00, 0x32323200, 0x0f0f0f00, 0x9c9c9c00, 0x16161600,
+ 0x53535300, 0x18181800, 0xf2f2f200, 0x22222200, 0xfefefe00, 0x44444400,
+ 0xcfcfcf00, 0xb2b2b200, 0xc3c3c300, 0xb5b5b500, 0x7a7a7a00, 0x91919100,
+ 0x24242400, 0x08080800, 0xe8e8e800, 0xa8a8a800, 0x60606000, 0xfcfcfc00,
+ 0x69696900, 0x50505000, 0xaaaaaa00, 0xd0d0d000, 0xa0a0a000, 0x7d7d7d00,
+ 0xa1a1a100, 0x89898900, 0x62626200, 0x97979700, 0x54545400, 0x5b5b5b00,
+ 0x1e1e1e00, 0x95959500, 0xe0e0e000, 0xffffff00, 0x64646400, 0xd2d2d200,
+ 0x10101000, 0xc4c4c400, 0x00000000, 0x48484800, 0xa3a3a300, 0xf7f7f700,
+ 0x75757500, 0xdbdbdb00, 0x8a8a8a00, 0x03030300, 0xe6e6e600, 0xdadada00,
+ 0x09090900, 0x3f3f3f00, 0xdddddd00, 0x94949400, 0x87878700, 0x5c5c5c00,
+ 0x83838300, 0x02020200, 0xcdcdcd00, 0x4a4a4a00, 0x90909000, 0x33333300,
+ 0x73737300, 0x67676700, 0xf6f6f600, 0xf3f3f300, 0x9d9d9d00, 0x7f7f7f00,
+ 0xbfbfbf00, 0xe2e2e200, 0x52525200, 0x9b9b9b00, 0xd8d8d800, 0x26262600,
+ 0xc8c8c800, 0x37373700, 0xc6c6c600, 0x3b3b3b00, 0x81818100, 0x96969600,
+ 0x6f6f6f00, 0x4b4b4b00, 0x13131300, 0xbebebe00, 0x63636300, 0x2e2e2e00,
+ 0xe9e9e900, 0x79797900, 0xa7a7a700, 0x8c8c8c00, 0x9f9f9f00, 0x6e6e6e00,
+ 0xbcbcbc00, 0x8e8e8e00, 0x29292900, 0xf5f5f500, 0xf9f9f900, 0xb6b6b600,
+ 0x2f2f2f00, 0xfdfdfd00, 0xb4b4b400, 0x59595900, 0x78787800, 0x98989800,
+ 0x06060600, 0x6a6a6a00, 0xe7e7e700, 0x46464600, 0x71717100, 0xbababa00,
+ 0xd4d4d400, 0x25252500, 0xababab00, 0x42424200, 0x88888800, 0xa2a2a200,
+ 0x8d8d8d00, 0xfafafa00, 0x72727200, 0x07070700, 0xb9b9b900, 0x55555500,
+ 0xf8f8f800, 0xeeeeee00, 0xacacac00, 0x0a0a0a00, 0x36363600, 0x49494900,
+ 0x2a2a2a00, 0x68686800, 0x3c3c3c00, 0x38383800, 0xf1f1f100, 0xa4a4a400,
+ 0x40404000, 0x28282800, 0xd3d3d300, 0x7b7b7b00, 0xbbbbbb00, 0xc9c9c900,
+ 0x43434300, 0xc1c1c100, 0x15151500, 0xe3e3e300, 0xadadad00, 0xf4f4f400,
+ 0x77777700, 0xc7c7c700, 0x80808000, 0x9e9e9e00},
+ {0x70700070, 0x2c2c002c, 0xb3b300b3, 0xc0c000c0, 0xe4e400e4, 0x57570057,
+ 0xeaea00ea, 0xaeae00ae, 0x23230023, 0x6b6b006b, 0x45450045, 0xa5a500a5,
+ 0xeded00ed, 0x4f4f004f, 0x1d1d001d, 0x92920092, 0x86860086, 0xafaf00af,
+ 0x7c7c007c, 0x1f1f001f, 0x3e3e003e, 0xdcdc00dc, 0x5e5e005e, 0x0b0b000b,
+ 0xa6a600a6, 0x39390039, 0xd5d500d5, 0x5d5d005d, 0xd9d900d9, 0x5a5a005a,
+ 0x51510051, 0x6c6c006c, 0x8b8b008b, 0x9a9a009a, 0xfbfb00fb, 0xb0b000b0,
+ 0x74740074, 0x2b2b002b, 0xf0f000f0, 0x84840084, 0xdfdf00df, 0xcbcb00cb,
+ 0x34340034, 0x76760076, 0x6d6d006d, 0xa9a900a9, 0xd1d100d1, 0x04040004,
+ 0x14140014, 0x3a3a003a, 0xdede00de, 0x11110011, 0x32320032, 0x9c9c009c,
+ 0x53530053, 0xf2f200f2, 0xfefe00fe, 0xcfcf00cf, 0xc3c300c3, 0x7a7a007a,
+ 0x24240024, 0xe8e800e8, 0x60600060, 0x69690069, 0xaaaa00aa, 0xa0a000a0,
+ 0xa1a100a1, 0x62620062, 0x54540054, 0x1e1e001e, 0xe0e000e0, 0x64640064,
+ 0x10100010, 0x00000000, 0xa3a300a3, 0x75750075, 0x8a8a008a, 0xe6e600e6,
+ 0x09090009, 0xdddd00dd, 0x87870087, 0x83830083, 0xcdcd00cd, 0x90900090,
+ 0x73730073, 0xf6f600f6, 0x9d9d009d, 0xbfbf00bf, 0x52520052, 0xd8d800d8,
+ 0xc8c800c8, 0xc6c600c6, 0x81810081, 0x6f6f006f, 0x13130013, 0x63630063,
+ 0xe9e900e9, 0xa7a700a7, 0x9f9f009f, 0xbcbc00bc, 0x29290029, 0xf9f900f9,
+ 0x2f2f002f, 0xb4b400b4, 0x78780078, 0x06060006, 0xe7e700e7, 0x71710071,
+ 0xd4d400d4, 0xabab00ab, 0x88880088, 0x8d8d008d, 0x72720072, 0xb9b900b9,
+ 0xf8f800f8, 0xacac00ac, 0x36360036, 0x2a2a002a, 0x3c3c003c, 0xf1f100f1,
+ 0x40400040, 0xd3d300d3, 0xbbbb00bb, 0x43430043, 0x15150015, 0xadad00ad,
+ 0x77770077, 0x80800080, 0x82820082, 0xecec00ec, 0x27270027, 0xe5e500e5,
+ 0x85850085, 0x35350035, 0x0c0c000c, 0x41410041, 0xefef00ef, 0x93930093,
+ 0x19190019, 0x21210021, 0x0e0e000e, 0x4e4e004e, 0x65650065, 0xbdbd00bd,
+ 0xb8b800b8, 0x8f8f008f, 0xebeb00eb, 0xcece00ce, 0x30300030, 0x5f5f005f,
+ 0xc5c500c5, 0x1a1a001a, 0xe1e100e1, 0xcaca00ca, 0x47470047, 0x3d3d003d,
+ 0x01010001, 0xd6d600d6, 0x56560056, 0x4d4d004d, 0x0d0d000d, 0x66660066,
+ 0xcccc00cc, 0x2d2d002d, 0x12120012, 0x20200020, 0xb1b100b1, 0x99990099,
+ 0x4c4c004c, 0xc2c200c2, 0x7e7e007e, 0x05050005, 0xb7b700b7, 0x31310031,
+ 0x17170017, 0xd7d700d7, 0x58580058, 0x61610061, 0x1b1b001b, 0x1c1c001c,
+ 0x0f0f000f, 0x16160016, 0x18180018, 0x22220022, 0x44440044, 0xb2b200b2,
+ 0xb5b500b5, 0x91910091, 0x08080008, 0xa8a800a8, 0xfcfc00fc, 0x50500050,
+ 0xd0d000d0, 0x7d7d007d, 0x89890089, 0x97970097, 0x5b5b005b, 0x95950095,
+ 0xffff00ff, 0xd2d200d2, 0xc4c400c4, 0x48480048, 0xf7f700f7, 0xdbdb00db,
+ 0x03030003, 0xdada00da, 0x3f3f003f, 0x94940094, 0x5c5c005c, 0x02020002,
+ 0x4a4a004a, 0x33330033, 0x67670067, 0xf3f300f3, 0x7f7f007f, 0xe2e200e2,
+ 0x9b9b009b, 0x26260026, 0x37370037, 0x3b3b003b, 0x96960096, 0x4b4b004b,
+ 0xbebe00be, 0x2e2e002e, 0x79790079, 0x8c8c008c, 0x6e6e006e, 0x8e8e008e,
+ 0xf5f500f5, 0xb6b600b6, 0xfdfd00fd, 0x59590059, 0x98980098, 0x6a6a006a,
+ 0x46460046, 0xbaba00ba, 0x25250025, 0x42420042, 0xa2a200a2, 0xfafa00fa,
+ 0x07070007, 0x55550055, 0xeeee00ee, 0x0a0a000a, 0x49490049, 0x68680068,
+ 0x38380038, 0xa4a400a4, 0x28280028, 0x7b7b007b, 0xc9c900c9, 0xc1c100c1,
+ 0xe3e300e3, 0xf4f400f4, 0xc7c700c7, 0x9e9e009e},
+ {0x00e0e0e0, 0x00050505, 0x00585858, 0x00d9d9d9, 0x00676767, 0x004e4e4e,
+ 0x00818181, 0x00cbcbcb, 0x00c9c9c9, 0x000b0b0b, 0x00aeaeae, 0x006a6a6a,
+ 0x00d5d5d5, 0x00181818, 0x005d5d5d, 0x00828282, 0x00464646, 0x00dfdfdf,
+ 0x00d6d6d6, 0x00272727, 0x008a8a8a, 0x00323232, 0x004b4b4b, 0x00424242,
+ 0x00dbdbdb, 0x001c1c1c, 0x009e9e9e, 0x009c9c9c, 0x003a3a3a, 0x00cacaca,
+ 0x00252525, 0x007b7b7b, 0x000d0d0d, 0x00717171, 0x005f5f5f, 0x001f1f1f,
+ 0x00f8f8f8, 0x00d7d7d7, 0x003e3e3e, 0x009d9d9d, 0x007c7c7c, 0x00606060,
+ 0x00b9b9b9, 0x00bebebe, 0x00bcbcbc, 0x008b8b8b, 0x00161616, 0x00343434,
+ 0x004d4d4d, 0x00c3c3c3, 0x00727272, 0x00959595, 0x00ababab, 0x008e8e8e,
+ 0x00bababa, 0x007a7a7a, 0x00b3b3b3, 0x00020202, 0x00b4b4b4, 0x00adadad,
+ 0x00a2a2a2, 0x00acacac, 0x00d8d8d8, 0x009a9a9a, 0x00171717, 0x001a1a1a,
+ 0x00353535, 0x00cccccc, 0x00f7f7f7, 0x00999999, 0x00616161, 0x005a5a5a,
+ 0x00e8e8e8, 0x00242424, 0x00565656, 0x00404040, 0x00e1e1e1, 0x00636363,
+ 0x00090909, 0x00333333, 0x00bfbfbf, 0x00989898, 0x00979797, 0x00858585,
+ 0x00686868, 0x00fcfcfc, 0x00ececec, 0x000a0a0a, 0x00dadada, 0x006f6f6f,
+ 0x00535353, 0x00626262, 0x00a3a3a3, 0x002e2e2e, 0x00080808, 0x00afafaf,
+ 0x00282828, 0x00b0b0b0, 0x00747474, 0x00c2c2c2, 0x00bdbdbd, 0x00363636,
+ 0x00222222, 0x00383838, 0x00646464, 0x001e1e1e, 0x00393939, 0x002c2c2c,
+ 0x00a6a6a6, 0x00303030, 0x00e5e5e5, 0x00444444, 0x00fdfdfd, 0x00888888,
+ 0x009f9f9f, 0x00656565, 0x00878787, 0x006b6b6b, 0x00f4f4f4, 0x00232323,
+ 0x00484848, 0x00101010, 0x00d1d1d1, 0x00515151, 0x00c0c0c0, 0x00f9f9f9,
+ 0x00d2d2d2, 0x00a0a0a0, 0x00555555, 0x00a1a1a1, 0x00414141, 0x00fafafa,
+ 0x00434343, 0x00131313, 0x00c4c4c4, 0x002f2f2f, 0x00a8a8a8, 0x00b6b6b6,
+ 0x003c3c3c, 0x002b2b2b, 0x00c1c1c1, 0x00ffffff, 0x00c8c8c8, 0x00a5a5a5,
+ 0x00202020, 0x00898989, 0x00000000, 0x00909090, 0x00474747, 0x00efefef,
+ 0x00eaeaea, 0x00b7b7b7, 0x00151515, 0x00060606, 0x00cdcdcd, 0x00b5b5b5,
+ 0x00121212, 0x007e7e7e, 0x00bbbbbb, 0x00292929, 0x000f0f0f, 0x00b8b8b8,
+ 0x00070707, 0x00040404, 0x009b9b9b, 0x00949494, 0x00212121, 0x00666666,
+ 0x00e6e6e6, 0x00cecece, 0x00ededed, 0x00e7e7e7, 0x003b3b3b, 0x00fefefe,
+ 0x007f7f7f, 0x00c5c5c5, 0x00a4a4a4, 0x00373737, 0x00b1b1b1, 0x004c4c4c,
+ 0x00919191, 0x006e6e6e, 0x008d8d8d, 0x00767676, 0x00030303, 0x002d2d2d,
+ 0x00dedede, 0x00969696, 0x00262626, 0x007d7d7d, 0x00c6c6c6, 0x005c5c5c,
+ 0x00d3d3d3, 0x00f2f2f2, 0x004f4f4f, 0x00191919, 0x003f3f3f, 0x00dcdcdc,
+ 0x00797979, 0x001d1d1d, 0x00525252, 0x00ebebeb, 0x00f3f3f3, 0x006d6d6d,
+ 0x005e5e5e, 0x00fbfbfb, 0x00696969, 0x00b2b2b2, 0x00f0f0f0, 0x00313131,
+ 0x000c0c0c, 0x00d4d4d4, 0x00cfcfcf, 0x008c8c8c, 0x00e2e2e2, 0x00757575,
+ 0x00a9a9a9, 0x004a4a4a, 0x00575757, 0x00848484, 0x00111111, 0x00454545,
+ 0x001b1b1b, 0x00f5f5f5, 0x00e4e4e4, 0x000e0e0e, 0x00737373, 0x00aaaaaa,
+ 0x00f1f1f1, 0x00dddddd, 0x00595959, 0x00141414, 0x006c6c6c, 0x00929292,
+ 0x00545454, 0x00d0d0d0, 0x00787878, 0x00707070, 0x00e3e3e3, 0x00494949,
+ 0x00808080, 0x00505050, 0x00a7a7a7, 0x00f6f6f6, 0x00777777, 0x00939393,
+ 0x00868686, 0x00838383, 0x002a2a2a, 0x00c7c7c7, 0x005b5b5b, 0x00e9e9e9,
+ 0x00eeeeee, 0x008f8f8f, 0x00010101, 0x003d3d3d},
+ {0x38003838, 0x41004141, 0x16001616, 0x76007676, 0xd900d9d9, 0x93009393,
+ 0x60006060, 0xf200f2f2, 0x72007272, 0xc200c2c2, 0xab00abab, 0x9a009a9a,
+ 0x75007575, 0x06000606, 0x57005757, 0xa000a0a0, 0x91009191, 0xf700f7f7,
+ 0xb500b5b5, 0xc900c9c9, 0xa200a2a2, 0x8c008c8c, 0xd200d2d2, 0x90009090,
+ 0xf600f6f6, 0x07000707, 0xa700a7a7, 0x27002727, 0x8e008e8e, 0xb200b2b2,
+ 0x49004949, 0xde00dede, 0x43004343, 0x5c005c5c, 0xd700d7d7, 0xc700c7c7,
+ 0x3e003e3e, 0xf500f5f5, 0x8f008f8f, 0x67006767, 0x1f001f1f, 0x18001818,
+ 0x6e006e6e, 0xaf00afaf, 0x2f002f2f, 0xe200e2e2, 0x85008585, 0x0d000d0d,
+ 0x53005353, 0xf000f0f0, 0x9c009c9c, 0x65006565, 0xea00eaea, 0xa300a3a3,
+ 0xae00aeae, 0x9e009e9e, 0xec00ecec, 0x80008080, 0x2d002d2d, 0x6b006b6b,
+ 0xa800a8a8, 0x2b002b2b, 0x36003636, 0xa600a6a6, 0xc500c5c5, 0x86008686,
+ 0x4d004d4d, 0x33003333, 0xfd00fdfd, 0x66006666, 0x58005858, 0x96009696,
+ 0x3a003a3a, 0x09000909, 0x95009595, 0x10001010, 0x78007878, 0xd800d8d8,
+ 0x42004242, 0xcc00cccc, 0xef00efef, 0x26002626, 0xe500e5e5, 0x61006161,
+ 0x1a001a1a, 0x3f003f3f, 0x3b003b3b, 0x82008282, 0xb600b6b6, 0xdb00dbdb,
+ 0xd400d4d4, 0x98009898, 0xe800e8e8, 0x8b008b8b, 0x02000202, 0xeb00ebeb,
+ 0x0a000a0a, 0x2c002c2c, 0x1d001d1d, 0xb000b0b0, 0x6f006f6f, 0x8d008d8d,
+ 0x88008888, 0x0e000e0e, 0x19001919, 0x87008787, 0x4e004e4e, 0x0b000b0b,
+ 0xa900a9a9, 0x0c000c0c, 0x79007979, 0x11001111, 0x7f007f7f, 0x22002222,
+ 0xe700e7e7, 0x59005959, 0xe100e1e1, 0xda00dada, 0x3d003d3d, 0xc800c8c8,
+ 0x12001212, 0x04000404, 0x74007474, 0x54005454, 0x30003030, 0x7e007e7e,
+ 0xb400b4b4, 0x28002828, 0x55005555, 0x68006868, 0x50005050, 0xbe00bebe,
+ 0xd000d0d0, 0xc400c4c4, 0x31003131, 0xcb00cbcb, 0x2a002a2a, 0xad00adad,
+ 0x0f000f0f, 0xca00caca, 0x70007070, 0xff00ffff, 0x32003232, 0x69006969,
+ 0x08000808, 0x62006262, 0x00000000, 0x24002424, 0xd100d1d1, 0xfb00fbfb,
+ 0xba00baba, 0xed00eded, 0x45004545, 0x81008181, 0x73007373, 0x6d006d6d,
+ 0x84008484, 0x9f009f9f, 0xee00eeee, 0x4a004a4a, 0xc300c3c3, 0x2e002e2e,
+ 0xc100c1c1, 0x01000101, 0xe600e6e6, 0x25002525, 0x48004848, 0x99009999,
+ 0xb900b9b9, 0xb300b3b3, 0x7b007b7b, 0xf900f9f9, 0xce00cece, 0xbf00bfbf,
+ 0xdf00dfdf, 0x71007171, 0x29002929, 0xcd00cdcd, 0x6c006c6c, 0x13001313,
+ 0x64006464, 0x9b009b9b, 0x63006363, 0x9d009d9d, 0xc000c0c0, 0x4b004b4b,
+ 0xb700b7b7, 0xa500a5a5, 0x89008989, 0x5f005f5f, 0xb100b1b1, 0x17001717,
+ 0xf400f4f4, 0xbc00bcbc, 0xd300d3d3, 0x46004646, 0xcf00cfcf, 0x37003737,
+ 0x5e005e5e, 0x47004747, 0x94009494, 0xfa00fafa, 0xfc00fcfc, 0x5b005b5b,
+ 0x97009797, 0xfe00fefe, 0x5a005a5a, 0xac00acac, 0x3c003c3c, 0x4c004c4c,
+ 0x03000303, 0x35003535, 0xf300f3f3, 0x23002323, 0xb800b8b8, 0x5d005d5d,
+ 0x6a006a6a, 0x92009292, 0xd500d5d5, 0x21002121, 0x44004444, 0x51005151,
+ 0xc600c6c6, 0x7d007d7d, 0x39003939, 0x83008383, 0xdc00dcdc, 0xaa00aaaa,
+ 0x7c007c7c, 0x77007777, 0x56005656, 0x05000505, 0x1b001b1b, 0xa400a4a4,
+ 0x15001515, 0x34003434, 0x1e001e1e, 0x1c001c1c, 0xf800f8f8, 0x52005252,
+ 0x20002020, 0x14001414, 0xe900e9e9, 0xbd00bdbd, 0xdd00dddd, 0xe400e4e4,
+ 0xa100a1a1, 0xe000e0e0, 0x8a008a8a, 0xf100f1f1, 0xd600d6d6, 0x7a007a7a,
+ 0xbb00bbbb, 0xe300e3e3, 0x40004040, 0x4f004f4f}
+};
-#define CAMELLIA_ROLDQ(ll, lr, rl, rr, w0, w1, bits) \
-do \
- { \
- w0 = ll; \
- ll = (ll << bits) + (lr >> (32 - bits)); \
- lr = (lr << bits) + (rl >> (32 - bits)); \
- rl = (rl << bits) + (rr >> (32 - bits)); \
- rr = (rr << bits) + (w0 >> (32 - bits)); \
- } while(0)
+/* Key generation constants */
+static const u32 SIGMA[] = {
+ 0xa09e667f, 0x3bcc908b, 0xb67ae858, 0x4caa73b2, 0xc6ef372f, 0xe94f82be,
+ 0x54ff53a5, 0xf1d36f1c, 0x10e527fa, 0xde682d1d, 0xb05688c2, 0xb3e6c1fd
+};
-#define CAMELLIA_ROLDQo32(ll, lr, rl, rr, w0, w1, bits) \
-do \
- { \
- w0 = ll; \
- w1 = lr; \
- ll = (lr << (bits - 32)) + (rl >> (64 - bits)); \
- lr = (rl << (bits - 32)) + (rr >> (64 - bits)); \
- rl = (rr << (bits - 32)) + (w0 >> (64 - bits)); \
- rr = (w0 << (bits - 32)) + (w1 >> (64 - bits)); \
- } while(0)
-
-#define CAMELLIA_SP1110(INDEX) (camellia_sp1110[(INDEX)])
-#define CAMELLIA_SP0222(INDEX) (camellia_sp0222[(INDEX)])
-#define CAMELLIA_SP3033(INDEX) (camellia_sp3033[(INDEX)])
-#define CAMELLIA_SP4404(INDEX) (camellia_sp4404[(INDEX)])
-
-#define CAMELLIA_F(xl, xr, kl, kr, yl, yr, il, ir, t0, t1) \
-do \
- { \
- il = xl ^ kl; \
- ir = xr ^ kr; \
- t0 = il >> 16; \
- t1 = ir >> 16; \
- yl = CAMELLIA_SP1110(ir & 0xff) \
- ^ CAMELLIA_SP0222((t1 >> 8) & 0xff) \
- ^ CAMELLIA_SP3033(t1 & 0xff) \
- ^ CAMELLIA_SP4404((ir >> 8) & 0xff); \
- yr = CAMELLIA_SP1110((t0 >> 8) & 0xff) \
- ^ CAMELLIA_SP0222(t0 & 0xff) \
- ^ CAMELLIA_SP3033((il >> 8) & 0xff) \
- ^ CAMELLIA_SP4404(il & 0xff); \
- yl ^= yr; \
- yr = CAMELLIA_RR8(yr); \
- yr ^= yl; \
- } while(0)
-
+/* The phi algorithm given in C.2.7 of the Camellia spec document. */
/*
- * for speed up
- *
+ * This version does not attempt to minimize amount of temporary
+ * variables, but instead explicitly exposes algorithm's parallelism.
+ * It is therefore most appropriate for platforms with not less than
+ * ~16 registers. For platforms with less registers [well, x86 to be
+ * specific] assembler version should be/is provided anyway...
*/
-#define CAMELLIA_FLS(ll, lr, rl, rr, kll, klr, krl, krr, t0, t1, t2, t3) \
-do \
- { \
- t0 = kll; \
- t0 &= ll; \
- lr ^= CAMELLIA_RL1(t0); \
- t1 = klr; \
- t1 |= lr; \
- ll ^= t1; \
- \
- t2 = krr; \
- t2 |= rr; \
- rl ^= t2; \
- t3 = krl; \
- t3 &= rl; \
- rr ^= CAMELLIA_RL1(t3); \
- } while(0)
+#define Camellia_Feistel(_s0,_s1,_s2,_s3,_key) do {\
+ register u32 _t0,_t1,_t2,_t3;\
+\
+ _t0 = _s0 ^ (_key)[0];\
+ _t3 = SBOX4_4404[_t0&0xff];\
+ _t1 = _s1 ^ (_key)[1];\
+ _t3 ^= SBOX3_3033[(_t0 >> 8)&0xff];\
+ _t2 = SBOX1_1110[_t1&0xff];\
+ _t3 ^= SBOX2_0222[(_t0 >> 16)&0xff];\
+ _t2 ^= SBOX4_4404[(_t1 >> 8)&0xff];\
+ _t3 ^= SBOX1_1110[(_t0 >> 24)];\
+ _t2 ^= _t3;\
+ _t3 = RightRotate(_t3,8);\
+ _t2 ^= SBOX3_3033[(_t1 >> 16)&0xff];\
+ _s3 ^= _t3;\
+ _t2 ^= SBOX2_0222[(_t1 >> 24)];\
+ _s2 ^= _t2; \
+ _s3 ^= _t2;\
+} while(0)
-#define CAMELLIA_ROUNDSM(xl, xr, kl, kr, yl, yr, il, ir, t0, t1) \
-do \
- { \
- il = xl; \
- ir = xr; \
- t0 = il >> 16; \
- t1 = ir >> 16; \
- ir = CAMELLIA_SP1110(ir & 0xff) \
- ^ CAMELLIA_SP0222((t1 >> 8) & 0xff) \
- ^ CAMELLIA_SP3033(t1 & 0xff) \
- ^ CAMELLIA_SP4404((ir >> 8) & 0xff); \
- il = CAMELLIA_SP1110((t0 >> 8) & 0xff) \
- ^ CAMELLIA_SP0222(t0 & 0xff) \
- ^ CAMELLIA_SP3033((il >> 8) & 0xff) \
- ^ CAMELLIA_SP4404(il & 0xff); \
- il ^= kl; \
- ir ^= kr; \
- ir ^= il; \
- il = CAMELLIA_RR8(il); \
- il ^= ir; \
- yl ^= ir; \
- yr ^= il; \
- } while(0)
-
-static const u32 camellia_sp1110[256] = {
- 0x70707000, 0x82828200, 0x2c2c2c00, 0xececec00,
- 0xb3b3b300, 0x27272700, 0xc0c0c000, 0xe5e5e500,
- 0xe4e4e400, 0x85858500, 0x57575700, 0x35353500,
- 0xeaeaea00, 0x0c0c0c00, 0xaeaeae00, 0x41414100,
- 0x23232300, 0xefefef00, 0x6b6b6b00, 0x93939300,
- 0x45454500, 0x19191900, 0xa5a5a500, 0x21212100,
- 0xededed00, 0x0e0e0e00, 0x4f4f4f00, 0x4e4e4e00,
- 0x1d1d1d00, 0x65656500, 0x92929200, 0xbdbdbd00,
- 0x86868600, 0xb8b8b800, 0xafafaf00, 0x8f8f8f00,
- 0x7c7c7c00, 0xebebeb00, 0x1f1f1f00, 0xcecece00,
- 0x3e3e3e00, 0x30303000, 0xdcdcdc00, 0x5f5f5f00,
- 0x5e5e5e00, 0xc5c5c500, 0x0b0b0b00, 0x1a1a1a00,
- 0xa6a6a600, 0xe1e1e100, 0x39393900, 0xcacaca00,
- 0xd5d5d500, 0x47474700, 0x5d5d5d00, 0x3d3d3d00,
- 0xd9d9d900, 0x01010100, 0x5a5a5a00, 0xd6d6d600,
- 0x51515100, 0x56565600, 0x6c6c6c00, 0x4d4d4d00,
- 0x8b8b8b00, 0x0d0d0d00, 0x9a9a9a00, 0x66666600,
- 0xfbfbfb00, 0xcccccc00, 0xb0b0b000, 0x2d2d2d00,
- 0x74747400, 0x12121200, 0x2b2b2b00, 0x20202000,
- 0xf0f0f000, 0xb1b1b100, 0x84848400, 0x99999900,
- 0xdfdfdf00, 0x4c4c4c00, 0xcbcbcb00, 0xc2c2c200,
- 0x34343400, 0x7e7e7e00, 0x76767600, 0x05050500,
- 0x6d6d6d00, 0xb7b7b700, 0xa9a9a900, 0x31313100,
- 0xd1d1d100, 0x17171700, 0x04040400, 0xd7d7d700,
- 0x14141400, 0x58585800, 0x3a3a3a00, 0x61616100,
- 0xdedede00, 0x1b1b1b00, 0x11111100, 0x1c1c1c00,
- 0x32323200, 0x0f0f0f00, 0x9c9c9c00, 0x16161600,
- 0x53535300, 0x18181800, 0xf2f2f200, 0x22222200,
- 0xfefefe00, 0x44444400, 0xcfcfcf00, 0xb2b2b200,
- 0xc3c3c300, 0xb5b5b500, 0x7a7a7a00, 0x91919100,
- 0x24242400, 0x08080800, 0xe8e8e800, 0xa8a8a800,
- 0x60606000, 0xfcfcfc00, 0x69696900, 0x50505000,
- 0xaaaaaa00, 0xd0d0d000, 0xa0a0a000, 0x7d7d7d00,
- 0xa1a1a100, 0x89898900, 0x62626200, 0x97979700,
- 0x54545400, 0x5b5b5b00, 0x1e1e1e00, 0x95959500,
- 0xe0e0e000, 0xffffff00, 0x64646400, 0xd2d2d200,
- 0x10101000, 0xc4c4c400, 0x00000000, 0x48484800,
- 0xa3a3a300, 0xf7f7f700, 0x75757500, 0xdbdbdb00,
- 0x8a8a8a00, 0x03030300, 0xe6e6e600, 0xdadada00,
- 0x09090900, 0x3f3f3f00, 0xdddddd00, 0x94949400,
- 0x87878700, 0x5c5c5c00, 0x83838300, 0x02020200,
- 0xcdcdcd00, 0x4a4a4a00, 0x90909000, 0x33333300,
- 0x73737300, 0x67676700, 0xf6f6f600, 0xf3f3f300,
- 0x9d9d9d00, 0x7f7f7f00, 0xbfbfbf00, 0xe2e2e200,
- 0x52525200, 0x9b9b9b00, 0xd8d8d800, 0x26262600,
- 0xc8c8c800, 0x37373700, 0xc6c6c600, 0x3b3b3b00,
- 0x81818100, 0x96969600, 0x6f6f6f00, 0x4b4b4b00,
- 0x13131300, 0xbebebe00, 0x63636300, 0x2e2e2e00,
- 0xe9e9e900, 0x79797900, 0xa7a7a700, 0x8c8c8c00,
- 0x9f9f9f00, 0x6e6e6e00, 0xbcbcbc00, 0x8e8e8e00,
- 0x29292900, 0xf5f5f500, 0xf9f9f900, 0xb6b6b600,
- 0x2f2f2f00, 0xfdfdfd00, 0xb4b4b400, 0x59595900,
- 0x78787800, 0x98989800, 0x06060600, 0x6a6a6a00,
- 0xe7e7e700, 0x46464600, 0x71717100, 0xbababa00,
- 0xd4d4d400, 0x25252500, 0xababab00, 0x42424200,
- 0x88888800, 0xa2a2a200, 0x8d8d8d00, 0xfafafa00,
- 0x72727200, 0x07070700, 0xb9b9b900, 0x55555500,
- 0xf8f8f800, 0xeeeeee00, 0xacacac00, 0x0a0a0a00,
- 0x36363600, 0x49494900, 0x2a2a2a00, 0x68686800,
- 0x3c3c3c00, 0x38383800, 0xf1f1f100, 0xa4a4a400,
- 0x40404000, 0x28282800, 0xd3d3d300, 0x7b7b7b00,
- 0xbbbbbb00, 0xc9c9c900, 0x43434300, 0xc1c1c100,
- 0x15151500, 0xe3e3e300, 0xadadad00, 0xf4f4f400,
- 0x77777700, 0xc7c7c700, 0x80808000, 0x9e9e9e00,
-};
-
-static const u32 camellia_sp0222[256] = {
- 0x00e0e0e0, 0x00050505, 0x00585858, 0x00d9d9d9,
- 0x00676767, 0x004e4e4e, 0x00818181, 0x00cbcbcb,
- 0x00c9c9c9, 0x000b0b0b, 0x00aeaeae, 0x006a6a6a,
- 0x00d5d5d5, 0x00181818, 0x005d5d5d, 0x00828282,
- 0x00464646, 0x00dfdfdf, 0x00d6d6d6, 0x00272727,
- 0x008a8a8a, 0x00323232, 0x004b4b4b, 0x00424242,
- 0x00dbdbdb, 0x001c1c1c, 0x009e9e9e, 0x009c9c9c,
- 0x003a3a3a, 0x00cacaca, 0x00252525, 0x007b7b7b,
- 0x000d0d0d, 0x00717171, 0x005f5f5f, 0x001f1f1f,
- 0x00f8f8f8, 0x00d7d7d7, 0x003e3e3e, 0x009d9d9d,
- 0x007c7c7c, 0x00606060, 0x00b9b9b9, 0x00bebebe,
- 0x00bcbcbc, 0x008b8b8b, 0x00161616, 0x00343434,
- 0x004d4d4d, 0x00c3c3c3, 0x00727272, 0x00959595,
- 0x00ababab, 0x008e8e8e, 0x00bababa, 0x007a7a7a,
- 0x00b3b3b3, 0x00020202, 0x00b4b4b4, 0x00adadad,
- 0x00a2a2a2, 0x00acacac, 0x00d8d8d8, 0x009a9a9a,
- 0x00171717, 0x001a1a1a, 0x00353535, 0x00cccccc,
- 0x00f7f7f7, 0x00999999, 0x00616161, 0x005a5a5a,
- 0x00e8e8e8, 0x00242424, 0x00565656, 0x00404040,
- 0x00e1e1e1, 0x00636363, 0x00090909, 0x00333333,
- 0x00bfbfbf, 0x00989898, 0x00979797, 0x00858585,
- 0x00686868, 0x00fcfcfc, 0x00ececec, 0x000a0a0a,
- 0x00dadada, 0x006f6f6f, 0x00535353, 0x00626262,
- 0x00a3a3a3, 0x002e2e2e, 0x00080808, 0x00afafaf,
- 0x00282828, 0x00b0b0b0, 0x00747474, 0x00c2c2c2,
- 0x00bdbdbd, 0x00363636, 0x00222222, 0x00383838,
- 0x00646464, 0x001e1e1e, 0x00393939, 0x002c2c2c,
- 0x00a6a6a6, 0x00303030, 0x00e5e5e5, 0x00444444,
- 0x00fdfdfd, 0x00888888, 0x009f9f9f, 0x00656565,
- 0x00878787, 0x006b6b6b, 0x00f4f4f4, 0x00232323,
- 0x00484848, 0x00101010, 0x00d1d1d1, 0x00515151,
- 0x00c0c0c0, 0x00f9f9f9, 0x00d2d2d2, 0x00a0a0a0,
- 0x00555555, 0x00a1a1a1, 0x00414141, 0x00fafafa,
- 0x00434343, 0x00131313, 0x00c4c4c4, 0x002f2f2f,
- 0x00a8a8a8, 0x00b6b6b6, 0x003c3c3c, 0x002b2b2b,
- 0x00c1c1c1, 0x00ffffff, 0x00c8c8c8, 0x00a5a5a5,
- 0x00202020, 0x00898989, 0x00000000, 0x00909090,
- 0x00474747, 0x00efefef, 0x00eaeaea, 0x00b7b7b7,
- 0x00151515, 0x00060606, 0x00cdcdcd, 0x00b5b5b5,
- 0x00121212, 0x007e7e7e, 0x00bbbbbb, 0x00292929,
- 0x000f0f0f, 0x00b8b8b8, 0x00070707, 0x00040404,
- 0x009b9b9b, 0x00949494, 0x00212121, 0x00666666,
- 0x00e6e6e6, 0x00cecece, 0x00ededed, 0x00e7e7e7,
- 0x003b3b3b, 0x00fefefe, 0x007f7f7f, 0x00c5c5c5,
- 0x00a4a4a4, 0x00373737, 0x00b1b1b1, 0x004c4c4c,
- 0x00919191, 0x006e6e6e, 0x008d8d8d, 0x00767676,
- 0x00030303, 0x002d2d2d, 0x00dedede, 0x00969696,
- 0x00262626, 0x007d7d7d, 0x00c6c6c6, 0x005c5c5c,
- 0x00d3d3d3, 0x00f2f2f2, 0x004f4f4f, 0x00191919,
- 0x003f3f3f, 0x00dcdcdc, 0x00797979, 0x001d1d1d,
- 0x00525252, 0x00ebebeb, 0x00f3f3f3, 0x006d6d6d,
- 0x005e5e5e, 0x00fbfbfb, 0x00696969, 0x00b2b2b2,
- 0x00f0f0f0, 0x00313131, 0x000c0c0c, 0x00d4d4d4,
- 0x00cfcfcf, 0x008c8c8c, 0x00e2e2e2, 0x00757575,
- 0x00a9a9a9, 0x004a4a4a, 0x00575757, 0x00848484,
- 0x00111111, 0x00454545, 0x001b1b1b, 0x00f5f5f5,
- 0x00e4e4e4, 0x000e0e0e, 0x00737373, 0x00aaaaaa,
- 0x00f1f1f1, 0x00dddddd, 0x00595959, 0x00141414,
- 0x006c6c6c, 0x00929292, 0x00545454, 0x00d0d0d0,
- 0x00787878, 0x00707070, 0x00e3e3e3, 0x00494949,
- 0x00808080, 0x00505050, 0x00a7a7a7, 0x00f6f6f6,
- 0x00777777, 0x00939393, 0x00868686, 0x00838383,
- 0x002a2a2a, 0x00c7c7c7, 0x005b5b5b, 0x00e9e9e9,
- 0x00eeeeee, 0x008f8f8f, 0x00010101, 0x003d3d3d,
-};
-
-static const u32 camellia_sp3033[256] = {
- 0x38003838, 0x41004141, 0x16001616, 0x76007676,
- 0xd900d9d9, 0x93009393, 0x60006060, 0xf200f2f2,
- 0x72007272, 0xc200c2c2, 0xab00abab, 0x9a009a9a,
- 0x75007575, 0x06000606, 0x57005757, 0xa000a0a0,
- 0x91009191, 0xf700f7f7, 0xb500b5b5, 0xc900c9c9,
- 0xa200a2a2, 0x8c008c8c, 0xd200d2d2, 0x90009090,
- 0xf600f6f6, 0x07000707, 0xa700a7a7, 0x27002727,
- 0x8e008e8e, 0xb200b2b2, 0x49004949, 0xde00dede,
- 0x43004343, 0x5c005c5c, 0xd700d7d7, 0xc700c7c7,
- 0x3e003e3e, 0xf500f5f5, 0x8f008f8f, 0x67006767,
- 0x1f001f1f, 0x18001818, 0x6e006e6e, 0xaf00afaf,
- 0x2f002f2f, 0xe200e2e2, 0x85008585, 0x0d000d0d,
- 0x53005353, 0xf000f0f0, 0x9c009c9c, 0x65006565,
- 0xea00eaea, 0xa300a3a3, 0xae00aeae, 0x9e009e9e,
- 0xec00ecec, 0x80008080, 0x2d002d2d, 0x6b006b6b,
- 0xa800a8a8, 0x2b002b2b, 0x36003636, 0xa600a6a6,
- 0xc500c5c5, 0x86008686, 0x4d004d4d, 0x33003333,
- 0xfd00fdfd, 0x66006666, 0x58005858, 0x96009696,
- 0x3a003a3a, 0x09000909, 0x95009595, 0x10001010,
- 0x78007878, 0xd800d8d8, 0x42004242, 0xcc00cccc,
- 0xef00efef, 0x26002626, 0xe500e5e5, 0x61006161,
- 0x1a001a1a, 0x3f003f3f, 0x3b003b3b, 0x82008282,
- 0xb600b6b6, 0xdb00dbdb, 0xd400d4d4, 0x98009898,
- 0xe800e8e8, 0x8b008b8b, 0x02000202, 0xeb00ebeb,
- 0x0a000a0a, 0x2c002c2c, 0x1d001d1d, 0xb000b0b0,
- 0x6f006f6f, 0x8d008d8d, 0x88008888, 0x0e000e0e,
- 0x19001919, 0x87008787, 0x4e004e4e, 0x0b000b0b,
- 0xa900a9a9, 0x0c000c0c, 0x79007979, 0x11001111,
- 0x7f007f7f, 0x22002222, 0xe700e7e7, 0x59005959,
- 0xe100e1e1, 0xda00dada, 0x3d003d3d, 0xc800c8c8,
- 0x12001212, 0x04000404, 0x74007474, 0x54005454,
- 0x30003030, 0x7e007e7e, 0xb400b4b4, 0x28002828,
- 0x55005555, 0x68006868, 0x50005050, 0xbe00bebe,
- 0xd000d0d0, 0xc400c4c4, 0x31003131, 0xcb00cbcb,
- 0x2a002a2a, 0xad00adad, 0x0f000f0f, 0xca00caca,
- 0x70007070, 0xff00ffff, 0x32003232, 0x69006969,
- 0x08000808, 0x62006262, 0x00000000, 0x24002424,
- 0xd100d1d1, 0xfb00fbfb, 0xba00baba, 0xed00eded,
- 0x45004545, 0x81008181, 0x73007373, 0x6d006d6d,
- 0x84008484, 0x9f009f9f, 0xee00eeee, 0x4a004a4a,
- 0xc300c3c3, 0x2e002e2e, 0xc100c1c1, 0x01000101,
- 0xe600e6e6, 0x25002525, 0x48004848, 0x99009999,
- 0xb900b9b9, 0xb300b3b3, 0x7b007b7b, 0xf900f9f9,
- 0xce00cece, 0xbf00bfbf, 0xdf00dfdf, 0x71007171,
- 0x29002929, 0xcd00cdcd, 0x6c006c6c, 0x13001313,
- 0x64006464, 0x9b009b9b, 0x63006363, 0x9d009d9d,
- 0xc000c0c0, 0x4b004b4b, 0xb700b7b7, 0xa500a5a5,
- 0x89008989, 0x5f005f5f, 0xb100b1b1, 0x17001717,
- 0xf400f4f4, 0xbc00bcbc, 0xd300d3d3, 0x46004646,
- 0xcf00cfcf, 0x37003737, 0x5e005e5e, 0x47004747,
- 0x94009494, 0xfa00fafa, 0xfc00fcfc, 0x5b005b5b,
- 0x97009797, 0xfe00fefe, 0x5a005a5a, 0xac00acac,
- 0x3c003c3c, 0x4c004c4c, 0x03000303, 0x35003535,
- 0xf300f3f3, 0x23002323, 0xb800b8b8, 0x5d005d5d,
- 0x6a006a6a, 0x92009292, 0xd500d5d5, 0x21002121,
- 0x44004444, 0x51005151, 0xc600c6c6, 0x7d007d7d,
- 0x39003939, 0x83008383, 0xdc00dcdc, 0xaa00aaaa,
- 0x7c007c7c, 0x77007777, 0x56005656, 0x05000505,
- 0x1b001b1b, 0xa400a4a4, 0x15001515, 0x34003434,
- 0x1e001e1e, 0x1c001c1c, 0xf800f8f8, 0x52005252,
- 0x20002020, 0x14001414, 0xe900e9e9, 0xbd00bdbd,
- 0xdd00dddd, 0xe400e4e4, 0xa100a1a1, 0xe000e0e0,
- 0x8a008a8a, 0xf100f1f1, 0xd600d6d6, 0x7a007a7a,
- 0xbb00bbbb, 0xe300e3e3, 0x40004040, 0x4f004f4f,
-};
-
-static const u32 camellia_sp4404[256] = {
- 0x70700070, 0x2c2c002c, 0xb3b300b3, 0xc0c000c0,
- 0xe4e400e4, 0x57570057, 0xeaea00ea, 0xaeae00ae,
- 0x23230023, 0x6b6b006b, 0x45450045, 0xa5a500a5,
- 0xeded00ed, 0x4f4f004f, 0x1d1d001d, 0x92920092,
- 0x86860086, 0xafaf00af, 0x7c7c007c, 0x1f1f001f,
- 0x3e3e003e, 0xdcdc00dc, 0x5e5e005e, 0x0b0b000b,
- 0xa6a600a6, 0x39390039, 0xd5d500d5, 0x5d5d005d,
- 0xd9d900d9, 0x5a5a005a, 0x51510051, 0x6c6c006c,
- 0x8b8b008b, 0x9a9a009a, 0xfbfb00fb, 0xb0b000b0,
- 0x74740074, 0x2b2b002b, 0xf0f000f0, 0x84840084,
- 0xdfdf00df, 0xcbcb00cb, 0x34340034, 0x76760076,
- 0x6d6d006d, 0xa9a900a9, 0xd1d100d1, 0x04040004,
- 0x14140014, 0x3a3a003a, 0xdede00de, 0x11110011,
- 0x32320032, 0x9c9c009c, 0x53530053, 0xf2f200f2,
- 0xfefe00fe, 0xcfcf00cf, 0xc3c300c3, 0x7a7a007a,
- 0x24240024, 0xe8e800e8, 0x60600060, 0x69690069,
- 0xaaaa00aa, 0xa0a000a0, 0xa1a100a1, 0x62620062,
- 0x54540054, 0x1e1e001e, 0xe0e000e0, 0x64640064,
- 0x10100010, 0x00000000, 0xa3a300a3, 0x75750075,
- 0x8a8a008a, 0xe6e600e6, 0x09090009, 0xdddd00dd,
- 0x87870087, 0x83830083, 0xcdcd00cd, 0x90900090,
- 0x73730073, 0xf6f600f6, 0x9d9d009d, 0xbfbf00bf,
- 0x52520052, 0xd8d800d8, 0xc8c800c8, 0xc6c600c6,
- 0x81810081, 0x6f6f006f, 0x13130013, 0x63630063,
- 0xe9e900e9, 0xa7a700a7, 0x9f9f009f, 0xbcbc00bc,
- 0x29290029, 0xf9f900f9, 0x2f2f002f, 0xb4b400b4,
- 0x78780078, 0x06060006, 0xe7e700e7, 0x71710071,
- 0xd4d400d4, 0xabab00ab, 0x88880088, 0x8d8d008d,
- 0x72720072, 0xb9b900b9, 0xf8f800f8, 0xacac00ac,
- 0x36360036, 0x2a2a002a, 0x3c3c003c, 0xf1f100f1,
- 0x40400040, 0xd3d300d3, 0xbbbb00bb, 0x43430043,
- 0x15150015, 0xadad00ad, 0x77770077, 0x80800080,
- 0x82820082, 0xecec00ec, 0x27270027, 0xe5e500e5,
- 0x85850085, 0x35350035, 0x0c0c000c, 0x41410041,
- 0xefef00ef, 0x93930093, 0x19190019, 0x21210021,
- 0x0e0e000e, 0x4e4e004e, 0x65650065, 0xbdbd00bd,
- 0xb8b800b8, 0x8f8f008f, 0xebeb00eb, 0xcece00ce,
- 0x30300030, 0x5f5f005f, 0xc5c500c5, 0x1a1a001a,
- 0xe1e100e1, 0xcaca00ca, 0x47470047, 0x3d3d003d,
- 0x01010001, 0xd6d600d6, 0x56560056, 0x4d4d004d,
- 0x0d0d000d, 0x66660066, 0xcccc00cc, 0x2d2d002d,
- 0x12120012, 0x20200020, 0xb1b100b1, 0x99990099,
- 0x4c4c004c, 0xc2c200c2, 0x7e7e007e, 0x05050005,
- 0xb7b700b7, 0x31310031, 0x17170017, 0xd7d700d7,
- 0x58580058, 0x61610061, 0x1b1b001b, 0x1c1c001c,
- 0x0f0f000f, 0x16160016, 0x18180018, 0x22220022,
- 0x44440044, 0xb2b200b2, 0xb5b500b5, 0x91910091,
- 0x08080008, 0xa8a800a8, 0xfcfc00fc, 0x50500050,
- 0xd0d000d0, 0x7d7d007d, 0x89890089, 0x97970097,
- 0x5b5b005b, 0x95950095, 0xffff00ff, 0xd2d200d2,
- 0xc4c400c4, 0x48480048, 0xf7f700f7, 0xdbdb00db,
- 0x03030003, 0xdada00da, 0x3f3f003f, 0x94940094,
- 0x5c5c005c, 0x02020002, 0x4a4a004a, 0x33330033,
- 0x67670067, 0xf3f300f3, 0x7f7f007f, 0xe2e200e2,
- 0x9b9b009b, 0x26260026, 0x37370037, 0x3b3b003b,
- 0x96960096, 0x4b4b004b, 0xbebe00be, 0x2e2e002e,
- 0x79790079, 0x8c8c008c, 0x6e6e006e, 0x8e8e008e,
- 0xf5f500f5, 0xb6b600b6, 0xfdfd00fd, 0x59590059,
- 0x98980098, 0x6a6a006a, 0x46460046, 0xbaba00ba,
- 0x25250025, 0x42420042, 0xa2a200a2, 0xfafa00fa,
- 0x07070007, 0x55550055, 0xeeee00ee, 0x0a0a000a,
- 0x49490049, 0x68680068, 0x38380038, 0xa4a400a4,
- 0x28280028, 0x7b7b007b, 0xc9c900c9, 0xc1c100c1,
- 0xe3e300e3, 0xf4f400f4, 0xc7c700c7, 0x9e9e009e,
-};
-
-/**
- * Stuff related to the Camellia key schedule
+/*
+ * Note that n has to be less than 32. Rotations for larger amount
+ * of bits are achieved by "rotating" order of s-elements and
+ * adjusting n accordingly, e.g. RotLeft128(s1,s2,s3,s0,n-32).
*/
-#define subl(x) subL[(x)]
-#define subr(x) subR[(x)]
+#define RotLeft128(_s0,_s1,_s2,_s3,_n) do {\
+ u32 _t0=_s0>>(32-_n);\
+ _s0 = (_s0<<_n) | (_s1>>(32-_n));\
+ _s1 = (_s1<<_n) | (_s2>>(32-_n));\
+ _s2 = (_s2<<_n) | (_s3>>(32-_n));\
+ _s3 = (_s3<<_n) | _t0;\
+} while (0)
-void camellia_setup128(const u8 *key, u32 *subkey)
+int Camellia_Ekeygen(int keyBitLength, const u8 *rawKey, KEY_TABLE_TYPE k)
{
- u32 kll, klr, krl, krr;
- u32 il, ir, t0, t1, w0, w1;
- u32 kw4l, kw4r, dw, tl, tr;
- u32 subL[26];
- u32 subR[26];
+ register u32 s0, s1, s2, s3;
- /**
- * k == kll || klr || krl || krr (|| is concatination)
- */
- kll = GETU32(key);
- klr = GETU32(key + 4);
- krl = GETU32(key + 8);
- krr = GETU32(key + 12);
- /**
- * generate KL dependent subkeys
- */
- /* kw1 */
- subl(0) = kll;
- subr(0) = klr;
- /* kw2 */
- subl(1) = krl;
- subr(1) = krr;
- /* rotation left shift 15bit */
- CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15);
- /* k3 */
- subl(4) = kll;
- subr(4) = klr;
- /* k4 */
- subl(5) = krl;
- subr(5) = krr;
- /* rotation left shift 15+30bit */
- CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 30);
- /* k7 */
- subl(10) = kll;
- subr(10) = klr;
- /* k8 */
- subl(11) = krl;
- subr(11) = krr;
- /* rotation left shift 15+30+15bit */
- CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15);
- /* k10 */
- subl(13) = krl;
- subr(13) = krr;
- /* rotation left shift 15+30+15+17 bit */
- CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17);
- /* kl3 */
- subl(16) = kll;
- subr(16) = klr;
- /* kl4 */
- subl(17) = krl;
- subr(17) = krr;
- /* rotation left shift 15+30+15+17+17 bit */
- CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17);
- /* k13 */
- subl(18) = kll;
- subr(18) = klr;
- /* k14 */
- subl(19) = krl;
- subr(19) = krr;
- /* rotation left shift 15+30+15+17+17+17 bit */
- CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17);
- /* k17 */
- subl(22) = kll;
- subr(22) = klr;
- /* k18 */
- subl(23) = krl;
- subr(23) = krr;
+ k[0] = s0 = GETU32(rawKey);
+ k[1] = s1 = GETU32(rawKey + 4);
+ k[2] = s2 = GETU32(rawKey + 8);
+ k[3] = s3 = GETU32(rawKey + 12);
- /* generate KA */
- kll = subl(0);
- klr = subr(0);
- krl = subl(1);
- krr = subr(1);
- CAMELLIA_F(kll, klr,
- CAMELLIA_SIGMA1L, CAMELLIA_SIGMA1R, w0, w1, il, ir, t0, t1);
- krl ^= w0;
- krr ^= w1;
- CAMELLIA_F(krl, krr,
- CAMELLIA_SIGMA2L, CAMELLIA_SIGMA2R, kll, klr, il, ir, t0, t1);
- /* current status == (kll, klr, w0, w1) */
- CAMELLIA_F(kll, klr,
- CAMELLIA_SIGMA3L, CAMELLIA_SIGMA3R, krl, krr, il, ir, t0, t1);
- krl ^= w0;
- krr ^= w1;
- CAMELLIA_F(krl, krr,
- CAMELLIA_SIGMA4L, CAMELLIA_SIGMA4R, w0, w1, il, ir, t0, t1);
- kll ^= w0;
- klr ^= w1;
+ if (keyBitLength != 128) {
+ k[8] = s0 = GETU32(rawKey + 16);
+ k[9] = s1 = GETU32(rawKey + 20);
+ if (keyBitLength == 192) {
+ k[10] = s2 = ~s0;
+ k[11] = s3 = ~s1;
+ } else {
+ k[10] = s2 = GETU32(rawKey + 24);
+ k[11] = s3 = GETU32(rawKey + 28);
+ }
+ s0 ^= k[0], s1 ^= k[1], s2 ^= k[2], s3 ^= k[3];
+ }
- /* generate KA dependent subkeys */
- /* k1, k2 */
- subl(2) = kll;
- subr(2) = klr;
- subl(3) = krl;
- subr(3) = krr;
- CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15);
- /* k5,k6 */
- subl(6) = kll;
- subr(6) = klr;
- subl(7) = krl;
- subr(7) = krr;
- CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15);
- /* kl1, kl2 */
- subl(8) = kll;
- subr(8) = klr;
- subl(9) = krl;
- subr(9) = krr;
- CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15);
- /* k9 */
- subl(12) = kll;
- subr(12) = klr;
- CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15);
- /* k11, k12 */
- subl(14) = kll;
- subr(14) = klr;
- subl(15) = krl;
- subr(15) = krr;
- CAMELLIA_ROLDQo32(kll, klr, krl, krr, w0, w1, 34);
- /* k15, k16 */
- subl(20) = kll;
- subr(20) = klr;
- subl(21) = krl;
- subr(21) = krr;
- CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17);
- /* kw3, kw4 */
- subl(24) = kll;
- subr(24) = klr;
- subl(25) = krl;
- subr(25) = krr;
+ /* Use the Feistel routine to scramble the key material */
+ Camellia_Feistel(s0, s1, s2, s3, SIGMA + 0);
+ Camellia_Feistel(s2, s3, s0, s1, SIGMA + 2);
- /* absorb kw2 to other subkeys */
-/* round 2 */
- subl(3) ^= subl(1);
- subr(3) ^= subr(1);
-/* round 4 */
- subl(5) ^= subl(1);
- subr(5) ^= subr(1);
-/* round 6 */
- subl(7) ^= subl(1);
- subr(7) ^= subr(1);
- subl(1) ^= subr(1) & ~subr(9);
- dw = subl(1) & subl(9), subr(1) ^= CAMELLIA_RL1(dw); /* modified for
- * FLinv(kl2) */
-/* round 8 */
- subl(11) ^= subl(1);
- subr(11) ^= subr(1);
-/* round 10 */
- subl(13) ^= subl(1);
- subr(13) ^= subr(1);
-/* round 12 */
- subl(15) ^= subl(1);
- subr(15) ^= subr(1);
- subl(1) ^= subr(1) & ~subr(17);
- dw = subl(1) & subl(17), subr(1) ^= CAMELLIA_RL1(dw); /* modified for
- * FLinv(kl4) */
-/* round 14 */
- subl(19) ^= subl(1);
- subr(19) ^= subr(1);
-/* round 16 */
- subl(21) ^= subl(1);
- subr(21) ^= subr(1);
-/* round 18 */
- subl(23) ^= subl(1);
- subr(23) ^= subr(1);
-/* kw3 */
- subl(24) ^= subl(1);
- subr(24) ^= subr(1);
+ s0 ^= k[0], s1 ^= k[1], s2 ^= k[2], s3 ^= k[3];
+ Camellia_Feistel(s0, s1, s2, s3, SIGMA + 4);
+ Camellia_Feistel(s2, s3, s0, s1, SIGMA + 6);
- /* absorb kw4 to other subkeys */
- kw4l = subl(25);
- kw4r = subr(25);
-/* round 17 */
- subl(22) ^= kw4l;
- subr(22) ^= kw4r;
-/* round 15 */
- subl(20) ^= kw4l;
- subr(20) ^= kw4r;
-/* round 13 */
- subl(18) ^= kw4l;
- subr(18) ^= kw4r;
- kw4l ^= kw4r & ~subr(16);
- dw = kw4l & subl(16), kw4r ^= CAMELLIA_RL1(dw); /* modified for FL(kl3) */
-/* round 11 */
- subl(14) ^= kw4l;
- subr(14) ^= kw4r;
-/* round 9 */
- subl(12) ^= kw4l;
- subr(12) ^= kw4r;
-/* round 7 */
- subl(10) ^= kw4l;
- subr(10) ^= kw4r;
- kw4l ^= kw4r & ~subr(8);
- dw = kw4l & subl(8), kw4r ^= CAMELLIA_RL1(dw); /* modified for FL(kl1) */
-/* round 5 */
- subl(6) ^= kw4l;
- subr(6) ^= kw4r;
-/* round 3 */
- subl(4) ^= kw4l;
- subr(4) ^= kw4r;
-/* round 1 */
- subl(2) ^= kw4l;
- subr(2) ^= kw4r;
-/* kw1 */
- subl(0) ^= kw4l;
- subr(0) ^= kw4r;
+ /* Fill the keyTable. Requires many block rotations. */
+ if (keyBitLength == 128) {
+ k[4] = s0, k[5] = s1, k[6] = s2, k[7] = s3;
+ RotLeft128(s0, s1, s2, s3, 15); /* KA <<< 15 */
+ k[12] = s0, k[13] = s1, k[14] = s2, k[15] = s3;
+ RotLeft128(s0, s1, s2, s3, 15); /* KA <<< 30 */
+ k[16] = s0, k[17] = s1, k[18] = s2, k[19] = s3;
+ RotLeft128(s0, s1, s2, s3, 15); /* KA <<< 45 */
+ k[24] = s0, k[25] = s1;
+ RotLeft128(s0, s1, s2, s3, 15); /* KA <<< 60 */
+ k[28] = s0, k[29] = s1, k[30] = s2, k[31] = s3;
+ RotLeft128(s1, s2, s3, s0, 2); /* KA <<< 94 */
+ k[40] = s1, k[41] = s2, k[42] = s3, k[43] = s0;
+ RotLeft128(s1, s2, s3, s0, 17); /* KA <<<111 */
+ k[48] = s1, k[49] = s2, k[50] = s3, k[51] = s0;
- /* key XOR is end of F-function */
- CamelliaSubkeyL(0) = subl(0) ^ subl(2); /* kw1 */
- CamelliaSubkeyR(0) = subr(0) ^ subr(2);
- CamelliaSubkeyL(2) = subl(3); /* round 1 */
- CamelliaSubkeyR(2) = subr(3);
- CamelliaSubkeyL(3) = subl(2) ^ subl(4); /* round 2 */
- CamelliaSubkeyR(3) = subr(2) ^ subr(4);
- CamelliaSubkeyL(4) = subl(3) ^ subl(5); /* round 3 */
- CamelliaSubkeyR(4) = subr(3) ^ subr(5);
- CamelliaSubkeyL(5) = subl(4) ^ subl(6); /* round 4 */
- CamelliaSubkeyR(5) = subr(4) ^ subr(6);
- CamelliaSubkeyL(6) = subl(5) ^ subl(7); /* round 5 */
- CamelliaSubkeyR(6) = subr(5) ^ subr(7);
- tl = subl(10) ^ (subr(10) & ~subr(8));
- dw = tl & subl(8), /* FL(kl1) */
- tr = subr(10) ^ CAMELLIA_RL1(dw);
- CamelliaSubkeyL(7) = subl(6) ^ tl; /* round 6 */
- CamelliaSubkeyR(7) = subr(6) ^ tr;
- CamelliaSubkeyL(8) = subl(8); /* FL(kl1) */
- CamelliaSubkeyR(8) = subr(8);
- CamelliaSubkeyL(9) = subl(9); /* FLinv(kl2) */
- CamelliaSubkeyR(9) = subr(9);
- tl = subl(7) ^ (subr(7) & ~subr(9));
- dw = tl & subl(9), /* FLinv(kl2) */
- tr = subr(7) ^ CAMELLIA_RL1(dw);
- CamelliaSubkeyL(10) = tl ^ subl(11); /* round 7 */
- CamelliaSubkeyR(10) = tr ^ subr(11);
- CamelliaSubkeyL(11) = subl(10) ^ subl(12); /* round 8 */
- CamelliaSubkeyR(11) = subr(10) ^ subr(12);
- CamelliaSubkeyL(12) = subl(11) ^ subl(13); /* round 9 */
- CamelliaSubkeyR(12) = subr(11) ^ subr(13);
- CamelliaSubkeyL(13) = subl(12) ^ subl(14); /* round 10 */
- CamelliaSubkeyR(13) = subr(12) ^ subr(14);
- CamelliaSubkeyL(14) = subl(13) ^ subl(15); /* round 11 */
- CamelliaSubkeyR(14) = subr(13) ^ subr(15);
- tl = subl(18) ^ (subr(18) & ~subr(16));
- dw = tl & subl(16), /* FL(kl3) */
- tr = subr(18) ^ CAMELLIA_RL1(dw);
- CamelliaSubkeyL(15) = subl(14) ^ tl; /* round 12 */
- CamelliaSubkeyR(15) = subr(14) ^ tr;
- CamelliaSubkeyL(16) = subl(16); /* FL(kl3) */
- CamelliaSubkeyR(16) = subr(16);
- CamelliaSubkeyL(17) = subl(17); /* FLinv(kl4) */
- CamelliaSubkeyR(17) = subr(17);
- tl = subl(15) ^ (subr(15) & ~subr(17));
- dw = tl & subl(17), /* FLinv(kl4) */
- tr = subr(15) ^ CAMELLIA_RL1(dw);
- CamelliaSubkeyL(18) = tl ^ subl(19); /* round 13 */
- CamelliaSubkeyR(18) = tr ^ subr(19);
- CamelliaSubkeyL(19) = subl(18) ^ subl(20); /* round 14 */
- CamelliaSubkeyR(19) = subr(18) ^ subr(20);
- CamelliaSubkeyL(20) = subl(19) ^ subl(21); /* round 15 */
- CamelliaSubkeyR(20) = subr(19) ^ subr(21);
- CamelliaSubkeyL(21) = subl(20) ^ subl(22); /* round 16 */
- CamelliaSubkeyR(21) = subr(20) ^ subr(22);
- CamelliaSubkeyL(22) = subl(21) ^ subl(23); /* round 17 */
- CamelliaSubkeyR(22) = subr(21) ^ subr(23);
- CamelliaSubkeyL(23) = subl(22); /* round 18 */
- CamelliaSubkeyR(23) = subr(22);
- CamelliaSubkeyL(24) = subl(24) ^ subl(23); /* kw3 */
- CamelliaSubkeyR(24) = subr(24) ^ subr(23);
+ s0 = k[0], s1 = k[1], s2 = k[2], s3 = k[3];
+ RotLeft128(s0, s1, s2, s3, 15); /* KL <<< 15 */
+ k[8] = s0, k[9] = s1, k[10] = s2, k[11] = s3;
+ RotLeft128(s0, s1, s2, s3, 30); /* KL <<< 45 */
+ k[20] = s0, k[21] = s1, k[22] = s2, k[23] = s3;
+ RotLeft128(s0, s1, s2, s3, 15); /* KL <<< 60 */
+ k[26] = s2, k[27] = s3;
+ RotLeft128(s0, s1, s2, s3, 17); /* KL <<< 77 */
+ k[32] = s0, k[33] = s1, k[34] = s2, k[35] = s3;
+ RotLeft128(s0, s1, s2, s3, 17); /* KL <<< 94 */
+ k[36] = s0, k[37] = s1, k[38] = s2, k[39] = s3;
+ RotLeft128(s0, s1, s2, s3, 17); /* KL <<<111 */
+ k[44] = s0, k[45] = s1, k[46] = s2, k[47] = s3;
- /* apply the inverse of the last half of P-function */
- /* round 1 */
- dw = CamelliaSubkeyL(2) ^ CamelliaSubkeyR(2), dw = CAMELLIA_RL8(dw);
- CamelliaSubkeyR(2) = CamelliaSubkeyL(2) ^ dw, CamelliaSubkeyL(2) = dw;
- /* round 2 */
- dw = CamelliaSubkeyL(3) ^ CamelliaSubkeyR(3), dw = CAMELLIA_RL8(dw);
- CamelliaSubkeyR(3) = CamelliaSubkeyL(3) ^ dw, CamelliaSubkeyL(3) = dw;
- /* round 3 */
- dw = CamelliaSubkeyL(4) ^ CamelliaSubkeyR(4), dw = CAMELLIA_RL8(dw);
- CamelliaSubkeyR(4) = CamelliaSubkeyL(4) ^ dw, CamelliaSubkeyL(4) = dw;
- /* round 4 */
- dw = CamelliaSubkeyL(5) ^ CamelliaSubkeyR(5), dw = CAMELLIA_RL8(dw);
- CamelliaSubkeyR(5) = CamelliaSubkeyL(5) ^ dw, CamelliaSubkeyL(5) = dw;
- /* round 5 */
- dw = CamelliaSubkeyL(6) ^ CamelliaSubkeyR(6), dw = CAMELLIA_RL8(dw);
- CamelliaSubkeyR(6) = CamelliaSubkeyL(6) ^ dw, CamelliaSubkeyL(6) = dw;
- /* round 6 */
- dw = CamelliaSubkeyL(7) ^ CamelliaSubkeyR(7), dw = CAMELLIA_RL8(dw);
- CamelliaSubkeyR(7) = CamelliaSubkeyL(7) ^ dw, CamelliaSubkeyL(7) = dw;
- /* round 7 */
- dw = CamelliaSubkeyL(10) ^ CamelliaSubkeyR(10), dw = CAMELLIA_RL8(dw);
- CamelliaSubkeyR(10) = CamelliaSubkeyL(10) ^ dw, CamelliaSubkeyL(10) = dw;
- /* round 8 */
- dw = CamelliaSubkeyL(11) ^ CamelliaSubkeyR(11), dw = CAMELLIA_RL8(dw);
- CamelliaSubkeyR(11) = CamelliaSubkeyL(11) ^ dw, CamelliaSubkeyL(11) = dw;
- /* round 9 */
- dw = CamelliaSubkeyL(12) ^ CamelliaSubkeyR(12), dw = CAMELLIA_RL8(dw);
- CamelliaSubkeyR(12) = CamelliaSubkeyL(12) ^ dw, CamelliaSubkeyL(12) = dw;
- /* round 10 */
- dw = CamelliaSubkeyL(13) ^ CamelliaSubkeyR(13), dw = CAMELLIA_RL8(dw);
- CamelliaSubkeyR(13) = CamelliaSubkeyL(13) ^ dw, CamelliaSubkeyL(13) = dw;
- /* round 11 */
- dw = CamelliaSubkeyL(14) ^ CamelliaSubkeyR(14), dw = CAMELLIA_RL8(dw);
- CamelliaSubkeyR(14) = CamelliaSubkeyL(14) ^ dw, CamelliaSubkeyL(14) = dw;
- /* round 12 */
- dw = CamelliaSubkeyL(15) ^ CamelliaSubkeyR(15), dw = CAMELLIA_RL8(dw);
- CamelliaSubkeyR(15) = CamelliaSubkeyL(15) ^ dw, CamelliaSubkeyL(15) = dw;
- /* round 13 */
- dw = CamelliaSubkeyL(18) ^ CamelliaSubkeyR(18), dw = CAMELLIA_RL8(dw);
- CamelliaSubkeyR(18) = CamelliaSubkeyL(18) ^ dw, CamelliaSubkeyL(18) = dw;
- /* round 14 */
- dw = CamelliaSubkeyL(19) ^ CamelliaSubkeyR(19), dw = CAMELLIA_RL8(dw);
- CamelliaSubkeyR(19) = CamelliaSubkeyL(19) ^ dw, CamelliaSubkeyL(19) = dw;
- /* round 15 */
- dw = CamelliaSubkeyL(20) ^ CamelliaSubkeyR(20), dw = CAMELLIA_RL8(dw);
- CamelliaSubkeyR(20) = CamelliaSubkeyL(20) ^ dw, CamelliaSubkeyL(20) = dw;
- /* round 16 */
- dw = CamelliaSubkeyL(21) ^ CamelliaSubkeyR(21), dw = CAMELLIA_RL8(dw);
- CamelliaSubkeyR(21) = CamelliaSubkeyL(21) ^ dw, CamelliaSubkeyL(21) = dw;
- /* round 17 */
- dw = CamelliaSubkeyL(22) ^ CamelliaSubkeyR(22), dw = CAMELLIA_RL8(dw);
- CamelliaSubkeyR(22) = CamelliaSubkeyL(22) ^ dw, CamelliaSubkeyL(22) = dw;
- /* round 18 */
- dw = CamelliaSubkeyL(23) ^ CamelliaSubkeyR(23), dw = CAMELLIA_RL8(dw);
- CamelliaSubkeyR(23) = CamelliaSubkeyL(23) ^ dw, CamelliaSubkeyL(23) = dw;
+ return 3; /* grand rounds */
+ } else {
+ k[12] = s0, k[13] = s1, k[14] = s2, k[15] = s3;
+ s0 ^= k[8], s1 ^= k[9], s2 ^= k[10], s3 ^= k[11];
+ Camellia_Feistel(s0, s1, s2, s3, (SIGMA + 8));
+ Camellia_Feistel(s2, s3, s0, s1, (SIGMA + 10));
- return;
-}
+ k[4] = s0, k[5] = s1, k[6] = s2, k[7] = s3;
+ RotLeft128(s0, s1, s2, s3, 30); /* KB <<< 30 */
+ k[20] = s0, k[21] = s1, k[22] = s2, k[23] = s3;
+ RotLeft128(s0, s1, s2, s3, 30); /* KB <<< 60 */
+ k[40] = s0, k[41] = s1, k[42] = s2, k[43] = s3;
+ RotLeft128(s1, s2, s3, s0, 19); /* KB <<<111 */
+ k[64] = s1, k[65] = s2, k[66] = s3, k[67] = s0;
-void camellia_setup256(const u8 *key, u32 *subkey)
-{
- u32 kll, klr, krl, krr; /* left half of key */
- u32 krll, krlr, krrl, krrr; /* right half of key */
- u32 il, ir, t0, t1, w0, w1; /* temporary variables */
- u32 kw4l, kw4r, dw, tl, tr;
- u32 subL[34];
- u32 subR[34];
+ s0 = k[8], s1 = k[9], s2 = k[10], s3 = k[11];
+ RotLeft128(s0, s1, s2, s3, 15); /* KR <<< 15 */
+ k[8] = s0, k[9] = s1, k[10] = s2, k[11] = s3;
+ RotLeft128(s0, s1, s2, s3, 15); /* KR <<< 30 */
+ k[16] = s0, k[17] = s1, k[18] = s2, k[19] = s3;
+ RotLeft128(s0, s1, s2, s3, 30); /* KR <<< 60 */
+ k[36] = s0, k[37] = s1, k[38] = s2, k[39] = s3;
+ RotLeft128(s1, s2, s3, s0, 2); /* KR <<< 94 */
+ k[52] = s1, k[53] = s2, k[54] = s3, k[55] = s0;
- /**
- * key = (kll || klr || krl || krr || krll || krlr || krrl || krrr)
- * (|| is concatination)
- */
+ s0 = k[12], s1 = k[13], s2 = k[14], s3 = k[15];
+ RotLeft128(s0, s1, s2, s3, 15); /* KA <<< 15 */
+ k[12] = s0, k[13] = s1, k[14] = s2, k[15] = s3;
+ RotLeft128(s0, s1, s2, s3, 30); /* KA <<< 45 */
+ k[28] = s0, k[29] = s1, k[30] = s2, k[31] = s3;
+ /* KA <<< 77 */
+ k[48] = s1, k[49] = s2, k[50] = s3, k[51] = s0;
+ RotLeft128(s1, s2, s3, s0, 17); /* KA <<< 94 */
+ k[56] = s1, k[57] = s2, k[58] = s3, k[59] = s0;
- kll = GETU32(key);
- klr = GETU32(key + 4);
- krl = GETU32(key + 8);
- krr = GETU32(key + 12);
- krll = GETU32(key + 16);
- krlr = GETU32(key + 20);
- krrl = GETU32(key + 24);
- krrr = GETU32(key + 28);
+ s0 = k[0], s1 = k[1], s2 = k[2], s3 = k[3];
+ RotLeft128(s1, s2, s3, s0, 13); /* KL <<< 45 */
+ k[24] = s1, k[25] = s2, k[26] = s3, k[27] = s0;
+ RotLeft128(s1, s2, s3, s0, 15); /* KL <<< 60 */
+ k[32] = s1, k[33] = s2, k[34] = s3, k[35] = s0;
+ RotLeft128(s1, s2, s3, s0, 17); /* KL <<< 77 */
+ k[44] = s1, k[45] = s2, k[46] = s3, k[47] = s0;
+ RotLeft128(s2, s3, s0, s1, 2); /* KL <<<111 */
+ k[60] = s2, k[61] = s3, k[62] = s0, k[63] = s1;
- /* generate KL dependent subkeys */
- /* kw1 */
- subl(0) = kll;
- subr(0) = klr;
- /* kw2 */
- subl(1) = krl;
- subr(1) = krr;
- CAMELLIA_ROLDQo32(kll, klr, krl, krr, w0, w1, 45);
- /* k9 */
- subl(12) = kll;
- subr(12) = klr;
- /* k10 */
- subl(13) = krl;
- subr(13) = krr;
- CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15);
- /* kl3 */
- subl(16) = kll;
- subr(16) = klr;
- /* kl4 */
- subl(17) = krl;
- subr(17) = krr;
- CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17);
- /* k17 */
- subl(22) = kll;
- subr(22) = klr;
- /* k18 */
- subl(23) = krl;
- subr(23) = krr;
- CAMELLIA_ROLDQo32(kll, klr, krl, krr, w0, w1, 34);
- /* k23 */
- subl(30) = kll;
- subr(30) = klr;
- /* k24 */
- subl(31) = krl;
- subr(31) = krr;
-
- /* generate KR dependent subkeys */
- CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 15);
- /* k3 */
- subl(4) = krll;
- subr(4) = krlr;
- /* k4 */
- subl(5) = krrl;
- subr(5) = krrr;
- CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 15);
- /* kl1 */
- subl(8) = krll;
- subr(8) = krlr;
- /* kl2 */
- subl(9) = krrl;
- subr(9) = krrr;
- CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 30);
- /* k13 */
- subl(18) = krll;
- subr(18) = krlr;
- /* k14 */
- subl(19) = krrl;
- subr(19) = krrr;
- CAMELLIA_ROLDQo32(krll, krlr, krrl, krrr, w0, w1, 34);
- /* k19 */
- subl(26) = krll;
- subr(26) = krlr;
- /* k20 */
- subl(27) = krrl;
- subr(27) = krrr;
- CAMELLIA_ROLDQo32(krll, krlr, krrl, krrr, w0, w1, 34);
-
- /* generate KA */
- kll = subl(0) ^ krll;
- klr = subr(0) ^ krlr;
- krl = subl(1) ^ krrl;
- krr = subr(1) ^ krrr;
- CAMELLIA_F(kll, klr,
- CAMELLIA_SIGMA1L, CAMELLIA_SIGMA1R, w0, w1, il, ir, t0, t1);
- krl ^= w0;
- krr ^= w1;
- CAMELLIA_F(krl, krr,
- CAMELLIA_SIGMA2L, CAMELLIA_SIGMA2R, kll, klr, il, ir, t0, t1);
- kll ^= krll;
- klr ^= krlr;
- CAMELLIA_F(kll, klr,
- CAMELLIA_SIGMA3L, CAMELLIA_SIGMA3R, krl, krr, il, ir, t0, t1);
- krl ^= w0 ^ krrl;
- krr ^= w1 ^ krrr;
- CAMELLIA_F(krl, krr,
- CAMELLIA_SIGMA4L, CAMELLIA_SIGMA4R, w0, w1, il, ir, t0, t1);
- kll ^= w0;
- klr ^= w1;
-
- /* generate KB */
- krll ^= kll;
- krlr ^= klr;
- krrl ^= krl;
- krrr ^= krr;
- CAMELLIA_F(krll, krlr,
- CAMELLIA_SIGMA5L, CAMELLIA_SIGMA5R, w0, w1, il, ir, t0, t1);
- krrl ^= w0;
- krrr ^= w1;
- CAMELLIA_F(krrl, krrr,
- CAMELLIA_SIGMA6L, CAMELLIA_SIGMA6R, w0, w1, il, ir, t0, t1);
- krll ^= w0;
- krlr ^= w1;
-
- /* generate KA dependent subkeys */
- CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15);
- /* k5 */
- subl(6) = kll;
- subr(6) = klr;
- /* k6 */
- subl(7) = krl;
- subr(7) = krr;
- CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 30);
- /* k11 */
- subl(14) = kll;
- subr(14) = klr;
- /* k12 */
- subl(15) = krl;
- subr(15) = krr;
- /* rotation left shift 32bit */
- /* kl5 */
- subl(24) = klr;
- subr(24) = krl;
- /* kl6 */
- subl(25) = krr;
- subr(25) = kll;
- /* rotation left shift 49 from k11,k12 -> k21,k22 */
- CAMELLIA_ROLDQo32(kll, klr, krl, krr, w0, w1, 49);
- /* k21 */
- subl(28) = kll;
- subr(28) = klr;
- /* k22 */
- subl(29) = krl;
- subr(29) = krr;
-
- /* generate KB dependent subkeys */
- /* k1 */
- subl(2) = krll;
- subr(2) = krlr;
- /* k2 */
- subl(3) = krrl;
- subr(3) = krrr;
- CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 30);
- /* k7 */
- subl(10) = krll;
- subr(10) = krlr;
- /* k8 */
- subl(11) = krrl;
- subr(11) = krrr;
- CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 30);
- /* k15 */
- subl(20) = krll;
- subr(20) = krlr;
- /* k16 */
- subl(21) = krrl;
- subr(21) = krrr;
- CAMELLIA_ROLDQo32(krll, krlr, krrl, krrr, w0, w1, 51);
- /* kw3 */
- subl(32) = krll;
- subr(32) = krlr;
- /* kw4 */
- subl(33) = krrl;
- subr(33) = krrr;
-
- /* absorb kw2 to other subkeys */
-/* round 2 */
- subl(3) ^= subl(1);
- subr(3) ^= subr(1);
-/* round 4 */
- subl(5) ^= subl(1);
- subr(5) ^= subr(1);
-/* round 6 */
- subl(7) ^= subl(1);
- subr(7) ^= subr(1);
- subl(1) ^= subr(1) & ~subr(9);
- dw = subl(1) & subl(9), subr(1) ^= CAMELLIA_RL1(dw); /* modified for
- * FLinv(kl2) */
-/* round 8 */
- subl(11) ^= subl(1);
- subr(11) ^= subr(1);
-/* round 10 */
- subl(13) ^= subl(1);
- subr(13) ^= subr(1);
-/* round 12 */
- subl(15) ^= subl(1);
- subr(15) ^= subr(1);
- subl(1) ^= subr(1) & ~subr(17);
- dw = subl(1) & subl(17), subr(1) ^= CAMELLIA_RL1(dw); /* modified for
- * FLinv(kl4) */
-/* round 14 */
- subl(19) ^= subl(1);
- subr(19) ^= subr(1);
-/* round 16 */
- subl(21) ^= subl(1);
- subr(21) ^= subr(1);
-/* round 18 */
- subl(23) ^= subl(1);
- subr(23) ^= subr(1);
- subl(1) ^= subr(1) & ~subr(25);
- dw = subl(1) & subl(25), subr(1) ^= CAMELLIA_RL1(dw); /* modified for
- * FLinv(kl6) */
-/* round 20 */
- subl(27) ^= subl(1);
- subr(27) ^= subr(1);
-/* round 22 */
- subl(29) ^= subl(1);
- subr(29) ^= subr(1);
-/* round 24 */
- subl(31) ^= subl(1);
- subr(31) ^= subr(1);
-/* kw3 */
- subl(32) ^= subl(1);
- subr(32) ^= subr(1);
-
- /* absorb kw4 to other subkeys */
- kw4l = subl(33);
- kw4r = subr(33);
-/* round 23 */
- subl(30) ^= kw4l;
- subr(30) ^= kw4r;
-/* round 21 */
- subl(28) ^= kw4l;
- subr(28) ^= kw4r;
-/* round 19 */
- subl(26) ^= kw4l;
- subr(26) ^= kw4r;
- kw4l ^= kw4r & ~subr(24);
- dw = kw4l & subl(24), kw4r ^= CAMELLIA_RL1(dw); /* modified for FL(kl5) */
-/* round 17 */
- subl(22) ^= kw4l;
- subr(22) ^= kw4r;
-/* round 15 */
- subl(20) ^= kw4l;
- subr(20) ^= kw4r;
-/* round 13 */
- subl(18) ^= kw4l;
- subr(18) ^= kw4r;
- kw4l ^= kw4r & ~subr(16);
- dw = kw4l & subl(16), kw4r ^= CAMELLIA_RL1(dw); /* modified for FL(kl3) */
-/* round 11 */
- subl(14) ^= kw4l;
- subr(14) ^= kw4r;
-/* round 9 */
- subl(12) ^= kw4l;
- subr(12) ^= kw4r;
-/* round 7 */
- subl(10) ^= kw4l;
- subr(10) ^= kw4r;
- kw4l ^= kw4r & ~subr(8);
- dw = kw4l & subl(8), kw4r ^= CAMELLIA_RL1(dw); /* modified for FL(kl1) */
-/* round 5 */
- subl(6) ^= kw4l;
- subr(6) ^= kw4r;
-/* round 3 */
- subl(4) ^= kw4l;
- subr(4) ^= kw4r;
-/* round 1 */
- subl(2) ^= kw4l;
- subr(2) ^= kw4r;
-/* kw1 */
- subl(0) ^= kw4l;
- subr(0) ^= kw4r;
-
- /* key XOR is end of F-function */
- CamelliaSubkeyL(0) = subl(0) ^ subl(2); /* kw1 */
- CamelliaSubkeyR(0) = subr(0) ^ subr(2);
- CamelliaSubkeyL(2) = subl(3); /* round 1 */
- CamelliaSubkeyR(2) = subr(3);
- CamelliaSubkeyL(3) = subl(2) ^ subl(4); /* round 2 */
- CamelliaSubkeyR(3) = subr(2) ^ subr(4);
- CamelliaSubkeyL(4) = subl(3) ^ subl(5); /* round 3 */
- CamelliaSubkeyR(4) = subr(3) ^ subr(5);
- CamelliaSubkeyL(5) = subl(4) ^ subl(6); /* round 4 */
- CamelliaSubkeyR(5) = subr(4) ^ subr(6);
- CamelliaSubkeyL(6) = subl(5) ^ subl(7); /* round 5 */
- CamelliaSubkeyR(6) = subr(5) ^ subr(7);
- tl = subl(10) ^ (subr(10) & ~subr(8));
- dw = tl & subl(8), /* FL(kl1) */
- tr = subr(10) ^ CAMELLIA_RL1(dw);
- CamelliaSubkeyL(7) = subl(6) ^ tl; /* round 6 */
- CamelliaSubkeyR(7) = subr(6) ^ tr;
- CamelliaSubkeyL(8) = subl(8); /* FL(kl1) */
- CamelliaSubkeyR(8) = subr(8);
- CamelliaSubkeyL(9) = subl(9); /* FLinv(kl2) */
- CamelliaSubkeyR(9) = subr(9);
- tl = subl(7) ^ (subr(7) & ~subr(9));
- dw = tl & subl(9), /* FLinv(kl2) */
- tr = subr(7) ^ CAMELLIA_RL1(dw);
- CamelliaSubkeyL(10) = tl ^ subl(11); /* round 7 */
- CamelliaSubkeyR(10) = tr ^ subr(11);
- CamelliaSubkeyL(11) = subl(10) ^ subl(12); /* round 8 */
- CamelliaSubkeyR(11) = subr(10) ^ subr(12);
- CamelliaSubkeyL(12) = subl(11) ^ subl(13); /* round 9 */
- CamelliaSubkeyR(12) = subr(11) ^ subr(13);
- CamelliaSubkeyL(13) = subl(12) ^ subl(14); /* round 10 */
- CamelliaSubkeyR(13) = subr(12) ^ subr(14);
- CamelliaSubkeyL(14) = subl(13) ^ subl(15); /* round 11 */
- CamelliaSubkeyR(14) = subr(13) ^ subr(15);
- tl = subl(18) ^ (subr(18) & ~subr(16));
- dw = tl & subl(16), /* FL(kl3) */
- tr = subr(18) ^ CAMELLIA_RL1(dw);
- CamelliaSubkeyL(15) = subl(14) ^ tl; /* round 12 */
- CamelliaSubkeyR(15) = subr(14) ^ tr;
- CamelliaSubkeyL(16) = subl(16); /* FL(kl3) */
- CamelliaSubkeyR(16) = subr(16);
- CamelliaSubkeyL(17) = subl(17); /* FLinv(kl4) */
- CamelliaSubkeyR(17) = subr(17);
- tl = subl(15) ^ (subr(15) & ~subr(17));
- dw = tl & subl(17), /* FLinv(kl4) */
- tr = subr(15) ^ CAMELLIA_RL1(dw);
- CamelliaSubkeyL(18) = tl ^ subl(19); /* round 13 */
- CamelliaSubkeyR(18) = tr ^ subr(19);
- CamelliaSubkeyL(19) = subl(18) ^ subl(20); /* round 14 */
- CamelliaSubkeyR(19) = subr(18) ^ subr(20);
- CamelliaSubkeyL(20) = subl(19) ^ subl(21); /* round 15 */
- CamelliaSubkeyR(20) = subr(19) ^ subr(21);
- CamelliaSubkeyL(21) = subl(20) ^ subl(22); /* round 16 */
- CamelliaSubkeyR(21) = subr(20) ^ subr(22);
- CamelliaSubkeyL(22) = subl(21) ^ subl(23); /* round 17 */
- CamelliaSubkeyR(22) = subr(21) ^ subr(23);
- tl = subl(26) ^ (subr(26)
- & ~subr(24));
- dw = tl & subl(24), /* FL(kl5) */
- tr = subr(26) ^ CAMELLIA_RL1(dw);
- CamelliaSubkeyL(23) = subl(22) ^ tl; /* round 18 */
- CamelliaSubkeyR(23) = subr(22) ^ tr;
- CamelliaSubkeyL(24) = subl(24); /* FL(kl5) */
- CamelliaSubkeyR(24) = subr(24);
- CamelliaSubkeyL(25) = subl(25); /* FLinv(kl6) */
- CamelliaSubkeyR(25) = subr(25);
- tl = subl(23) ^ (subr(23) & ~subr(25));
- dw = tl & subl(25), /* FLinv(kl6) */
- tr = subr(23) ^ CAMELLIA_RL1(dw);
- CamelliaSubkeyL(26) = tl ^ subl(27); /* round 19 */
- CamelliaSubkeyR(26) = tr ^ subr(27);
- CamelliaSubkeyL(27) = subl(26) ^ subl(28); /* round 20 */
- CamelliaSubkeyR(27) = subr(26) ^ subr(28);
- CamelliaSubkeyL(28) = subl(27) ^ subl(29); /* round 21 */
- CamelliaSubkeyR(28) = subr(27) ^ subr(29);
- CamelliaSubkeyL(29) = subl(28) ^ subl(30); /* round 22 */
- CamelliaSubkeyR(29) = subr(28) ^ subr(30);
- CamelliaSubkeyL(30) = subl(29) ^ subl(31); /* round 23 */
- CamelliaSubkeyR(30) = subr(29) ^ subr(31);
- CamelliaSubkeyL(31) = subl(30); /* round 24 */
- CamelliaSubkeyR(31) = subr(30);
- CamelliaSubkeyL(32) = subl(32) ^ subl(31); /* kw3 */
- CamelliaSubkeyR(32) = subr(32) ^ subr(31);
-
- /* apply the inverse of the last half of P-function */
- /* round 1 */
- dw = CamelliaSubkeyL(2) ^ CamelliaSubkeyR(2), dw = CAMELLIA_RL8(dw);
- CamelliaSubkeyR(2) = CamelliaSubkeyL(2) ^ dw, CamelliaSubkeyL(2) = dw;
- /* round 2 */
- dw = CamelliaSubkeyL(3) ^ CamelliaSubkeyR(3), dw = CAMELLIA_RL8(dw);
- CamelliaSubkeyR(3) = CamelliaSubkeyL(3) ^ dw, CamelliaSubkeyL(3) = dw;
- /* round 3 */
- dw = CamelliaSubkeyL(4) ^ CamelliaSubkeyR(4), dw = CAMELLIA_RL8(dw);
- CamelliaSubkeyR(4) = CamelliaSubkeyL(4) ^ dw, CamelliaSubkeyL(4) = dw;
- /* round 4 */
- dw = CamelliaSubkeyL(5) ^ CamelliaSubkeyR(5), dw = CAMELLIA_RL8(dw);
- CamelliaSubkeyR(5) = CamelliaSubkeyL(5) ^ dw, CamelliaSubkeyL(5) = dw;
- /* round 5 */
- dw = CamelliaSubkeyL(6) ^ CamelliaSubkeyR(6), dw = CAMELLIA_RL8(dw);
- CamelliaSubkeyR(6) = CamelliaSubkeyL(6) ^ dw, CamelliaSubkeyL(6) = dw;
- /* round 6 */
- dw = CamelliaSubkeyL(7) ^ CamelliaSubkeyR(7), dw = CAMELLIA_RL8(dw);
- CamelliaSubkeyR(7) = CamelliaSubkeyL(7) ^ dw, CamelliaSubkeyL(7) = dw;
- /* round 7 */
- dw = CamelliaSubkeyL(10) ^ CamelliaSubkeyR(10), dw = CAMELLIA_RL8(dw);
- CamelliaSubkeyR(10) = CamelliaSubkeyL(10) ^ dw, CamelliaSubkeyL(10) = dw;
- /* round 8 */
- dw = CamelliaSubkeyL(11) ^ CamelliaSubkeyR(11), dw = CAMELLIA_RL8(dw);
- CamelliaSubkeyR(11) = CamelliaSubkeyL(11) ^ dw, CamelliaSubkeyL(11) = dw;
- /* round 9 */
- dw = CamelliaSubkeyL(12) ^ CamelliaSubkeyR(12), dw = CAMELLIA_RL8(dw);
- CamelliaSubkeyR(12) = CamelliaSubkeyL(12) ^ dw, CamelliaSubkeyL(12) = dw;
- /* round 10 */
- dw = CamelliaSubkeyL(13) ^ CamelliaSubkeyR(13), dw = CAMELLIA_RL8(dw);
- CamelliaSubkeyR(13) = CamelliaSubkeyL(13) ^ dw, CamelliaSubkeyL(13) = dw;
- /* round 11 */
- dw = CamelliaSubkeyL(14) ^ CamelliaSubkeyR(14), dw = CAMELLIA_RL8(dw);
- CamelliaSubkeyR(14) = CamelliaSubkeyL(14) ^ dw, CamelliaSubkeyL(14) = dw;
- /* round 12 */
- dw = CamelliaSubkeyL(15) ^ CamelliaSubkeyR(15), dw = CAMELLIA_RL8(dw);
- CamelliaSubkeyR(15) = CamelliaSubkeyL(15) ^ dw, CamelliaSubkeyL(15) = dw;
- /* round 13 */
- dw = CamelliaSubkeyL(18) ^ CamelliaSubkeyR(18), dw = CAMELLIA_RL8(dw);
- CamelliaSubkeyR(18) = CamelliaSubkeyL(18) ^ dw, CamelliaSubkeyL(18) = dw;
- /* round 14 */
- dw = CamelliaSubkeyL(19) ^ CamelliaSubkeyR(19), dw = CAMELLIA_RL8(dw);
- CamelliaSubkeyR(19) = CamelliaSubkeyL(19) ^ dw, CamelliaSubkeyL(19) = dw;
- /* round 15 */
- dw = CamelliaSubkeyL(20) ^ CamelliaSubkeyR(20), dw = CAMELLIA_RL8(dw);
- CamelliaSubkeyR(20) = CamelliaSubkeyL(20) ^ dw, CamelliaSubkeyL(20) = dw;
- /* round 16 */
- dw = CamelliaSubkeyL(21) ^ CamelliaSubkeyR(21), dw = CAMELLIA_RL8(dw);
- CamelliaSubkeyR(21) = CamelliaSubkeyL(21) ^ dw, CamelliaSubkeyL(21) = dw;
- /* round 17 */
- dw = CamelliaSubkeyL(22) ^ CamelliaSubkeyR(22), dw = CAMELLIA_RL8(dw);
- CamelliaSubkeyR(22) = CamelliaSubkeyL(22) ^ dw, CamelliaSubkeyL(22) = dw;
- /* round 18 */
- dw = CamelliaSubkeyL(23) ^ CamelliaSubkeyR(23), dw = CAMELLIA_RL8(dw);
- CamelliaSubkeyR(23) = CamelliaSubkeyL(23) ^ dw, CamelliaSubkeyL(23) = dw;
- /* round 19 */
- dw = CamelliaSubkeyL(26) ^ CamelliaSubkeyR(26), dw = CAMELLIA_RL8(dw);
- CamelliaSubkeyR(26) = CamelliaSubkeyL(26) ^ dw, CamelliaSubkeyL(26) = dw;
- /* round 20 */
- dw = CamelliaSubkeyL(27) ^ CamelliaSubkeyR(27), dw = CAMELLIA_RL8(dw);
- CamelliaSubkeyR(27) = CamelliaSubkeyL(27) ^ dw, CamelliaSubkeyL(27) = dw;
- /* round 21 */
- dw = CamelliaSubkeyL(28) ^ CamelliaSubkeyR(28), dw = CAMELLIA_RL8(dw);
- CamelliaSubkeyR(28) = CamelliaSubkeyL(28) ^ dw, CamelliaSubkeyL(28) = dw;
- /* round 22 */
- dw = CamelliaSubkeyL(29) ^ CamelliaSubkeyR(29), dw = CAMELLIA_RL8(dw);
- CamelliaSubkeyR(29) = CamelliaSubkeyL(29) ^ dw, CamelliaSubkeyL(29) = dw;
- /* round 23 */
- dw = CamelliaSubkeyL(30) ^ CamelliaSubkeyR(30), dw = CAMELLIA_RL8(dw);
- CamelliaSubkeyR(30) = CamelliaSubkeyL(30) ^ dw, CamelliaSubkeyL(30) = dw;
- /* round 24 */
- dw = CamelliaSubkeyL(31) ^ CamelliaSubkeyR(31), dw = CAMELLIA_RL8(dw);
- CamelliaSubkeyR(31) = CamelliaSubkeyL(31) ^ dw, CamelliaSubkeyL(31) = dw;
-
- return;
+ return 4; /* grand rounds */
+ }
+ /*
+ * It is possible to perform certain precalculations, which
+ * would spare few cycles in block procedure. It's not done,
+ * because it upsets the performance balance between key
+ * setup and block procedures, negatively affecting overall
+ * throughput in applications operating on short messages
+ * and volatile keys.
+ */
}
-void camellia_setup192(const u8 *key, u32 *subkey)
+void Camellia_EncryptBlock_Rounds(int grandRounds, const u8 plaintext[],
+ const KEY_TABLE_TYPE keyTable,
+ u8 ciphertext[])
{
- u8 kk[32];
- u32 krll, krlr, krrl, krrr;
+ register u32 s0, s1, s2, s3;
+ const u32 *k = keyTable, *kend = keyTable + grandRounds * 16;
- memcpy(kk, key, 24);
- memcpy((u8 *)&krll, key + 16, 4);
- memcpy((u8 *)&krlr, key + 20, 4);
- krrl = ~krll;
- krrr = ~krlr;
- memcpy(kk + 24, (u8 *)&krrl, 4);
- memcpy(kk + 28, (u8 *)&krrr, 4);
- camellia_setup256(kk, subkey);
- return;
-}
+ s0 = GETU32(plaintext) ^ k[0];
+ s1 = GETU32(plaintext + 4) ^ k[1];
+ s2 = GETU32(plaintext + 8) ^ k[2];
+ s3 = GETU32(plaintext + 12) ^ k[3];
+ k += 4;
-/**
- * Stuff related to camellia encryption/decryption
- */
-void camellia_encrypt128(const u32 *subkey, u32 *io)
-{
- u32 il, ir, t0, t1;
+ while (1) {
+ /* Camellia makes 6 Feistel rounds */
+ Camellia_Feistel(s0, s1, s2, s3, k + 0);
+ Camellia_Feistel(s2, s3, s0, s1, k + 2);
+ Camellia_Feistel(s0, s1, s2, s3, k + 4);
+ Camellia_Feistel(s2, s3, s0, s1, k + 6);
+ Camellia_Feistel(s0, s1, s2, s3, k + 8);
+ Camellia_Feistel(s2, s3, s0, s1, k + 10);
+ k += 12;
- /* pre whitening but absorb kw2 */
- io[0] ^= CamelliaSubkeyL(0);
- io[1] ^= CamelliaSubkeyR(0);
- /* main iteration */
+ if (k == kend)
+ break;
- CAMELLIA_ROUNDSM(io[0], io[1],
- CamelliaSubkeyL(2), CamelliaSubkeyR(2),
- io[2], io[3], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[2], io[3],
- CamelliaSubkeyL(3), CamelliaSubkeyR(3),
- io[0], io[1], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[0], io[1],
- CamelliaSubkeyL(4), CamelliaSubkeyR(4),
- io[2], io[3], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[2], io[3],
- CamelliaSubkeyL(5), CamelliaSubkeyR(5),
- io[0], io[1], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[0], io[1],
- CamelliaSubkeyL(6), CamelliaSubkeyR(6),
- io[2], io[3], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[2], io[3],
- CamelliaSubkeyL(7), CamelliaSubkeyR(7),
- io[0], io[1], il, ir, t0, t1);
+ /*
+ * This is the same function as the diffusion function D of the
+ * accompanying documentation. See section 3.2 for properties of the
+ * FLlayer function.
+ */
+ s1 ^= LeftRotate(s0 & k[0], 1);
+ s2 ^= s3 | k[3];
+ s0 ^= s1 | k[1];
+ s3 ^= LeftRotate(s2 & k[2], 1);
+ k += 4;
+ }
- CAMELLIA_FLS(io[0], io[1], io[2], io[3],
- CamelliaSubkeyL(8), CamelliaSubkeyR(8),
- CamelliaSubkeyL(9), CamelliaSubkeyR(9), t0, t1, il, ir);
+ s2 ^= k[0], s3 ^= k[1], s0 ^= k[2], s1 ^= k[3];
- CAMELLIA_ROUNDSM(io[0], io[1],
- CamelliaSubkeyL(10), CamelliaSubkeyR(10),
- io[2], io[3], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[2], io[3],
- CamelliaSubkeyL(11), CamelliaSubkeyR(11),
- io[0], io[1], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[0], io[1],
- CamelliaSubkeyL(12), CamelliaSubkeyR(12),
- io[2], io[3], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[2], io[3],
- CamelliaSubkeyL(13), CamelliaSubkeyR(13),
- io[0], io[1], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[0], io[1],
- CamelliaSubkeyL(14), CamelliaSubkeyR(14),
- io[2], io[3], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[2], io[3],
- CamelliaSubkeyL(15), CamelliaSubkeyR(15),
- io[0], io[1], il, ir, t0, t1);
-
- CAMELLIA_FLS(io[0], io[1], io[2], io[3],
- CamelliaSubkeyL(16), CamelliaSubkeyR(16),
- CamelliaSubkeyL(17), CamelliaSubkeyR(17), t0, t1, il, ir);
-
- CAMELLIA_ROUNDSM(io[0], io[1],
- CamelliaSubkeyL(18), CamelliaSubkeyR(18),
- io[2], io[3], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[2], io[3],
- CamelliaSubkeyL(19), CamelliaSubkeyR(19),
- io[0], io[1], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[0], io[1],
- CamelliaSubkeyL(20), CamelliaSubkeyR(20),
- io[2], io[3], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[2], io[3],
- CamelliaSubkeyL(21), CamelliaSubkeyR(21),
- io[0], io[1], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[0], io[1],
- CamelliaSubkeyL(22), CamelliaSubkeyR(22),
- io[2], io[3], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[2], io[3],
- CamelliaSubkeyL(23), CamelliaSubkeyR(23),
- io[0], io[1], il, ir, t0, t1);
-
- /* post whitening but kw4 */
- io[2] ^= CamelliaSubkeyL(24);
- io[3] ^= CamelliaSubkeyR(24);
-
- t0 = io[0];
- t1 = io[1];
- io[0] = io[2];
- io[1] = io[3];
- io[2] = t0;
- io[3] = t1;
-
- return;
+ PUTU32(ciphertext, s2);
+ PUTU32(ciphertext + 4, s3);
+ PUTU32(ciphertext + 8, s0);
+ PUTU32(ciphertext + 12, s1);
}
-void camellia_decrypt128(const u32 *subkey, u32 *io)
+void Camellia_EncryptBlock(int keyBitLength, const u8 plaintext[],
+ const KEY_TABLE_TYPE keyTable, u8 ciphertext[])
{
- u32 il, ir, t0, t1; /* temporary valiables */
-
- /* pre whitening but absorb kw2 */
- io[0] ^= CamelliaSubkeyL(24);
- io[1] ^= CamelliaSubkeyR(24);
-
- /* main iteration */
- CAMELLIA_ROUNDSM(io[0], io[1],
- CamelliaSubkeyL(23), CamelliaSubkeyR(23),
- io[2], io[3], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[2], io[3],
- CamelliaSubkeyL(22), CamelliaSubkeyR(22),
- io[0], io[1], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[0], io[1],
- CamelliaSubkeyL(21), CamelliaSubkeyR(21),
- io[2], io[3], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[2], io[3],
- CamelliaSubkeyL(20), CamelliaSubkeyR(20),
- io[0], io[1], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[0], io[1],
- CamelliaSubkeyL(19), CamelliaSubkeyR(19),
- io[2], io[3], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[2], io[3],
- CamelliaSubkeyL(18), CamelliaSubkeyR(18),
- io[0], io[1], il, ir, t0, t1);
-
- CAMELLIA_FLS(io[0], io[1], io[2], io[3],
- CamelliaSubkeyL(17), CamelliaSubkeyR(17),
- CamelliaSubkeyL(16), CamelliaSubkeyR(16), t0, t1, il, ir);
-
- CAMELLIA_ROUNDSM(io[0], io[1],
- CamelliaSubkeyL(15), CamelliaSubkeyR(15),
- io[2], io[3], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[2], io[3],
- CamelliaSubkeyL(14), CamelliaSubkeyR(14),
- io[0], io[1], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[0], io[1],
- CamelliaSubkeyL(13), CamelliaSubkeyR(13),
- io[2], io[3], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[2], io[3],
- CamelliaSubkeyL(12), CamelliaSubkeyR(12),
- io[0], io[1], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[0], io[1],
- CamelliaSubkeyL(11), CamelliaSubkeyR(11),
- io[2], io[3], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[2], io[3],
- CamelliaSubkeyL(10), CamelliaSubkeyR(10),
- io[0], io[1], il, ir, t0, t1);
-
- CAMELLIA_FLS(io[0], io[1], io[2], io[3],
- CamelliaSubkeyL(9), CamelliaSubkeyR(9),
- CamelliaSubkeyL(8), CamelliaSubkeyR(8), t0, t1, il, ir);
-
- CAMELLIA_ROUNDSM(io[0], io[1],
- CamelliaSubkeyL(7), CamelliaSubkeyR(7),
- io[2], io[3], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[2], io[3],
- CamelliaSubkeyL(6), CamelliaSubkeyR(6),
- io[0], io[1], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[0], io[1],
- CamelliaSubkeyL(5), CamelliaSubkeyR(5),
- io[2], io[3], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[2], io[3],
- CamelliaSubkeyL(4), CamelliaSubkeyR(4),
- io[0], io[1], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[0], io[1],
- CamelliaSubkeyL(3), CamelliaSubkeyR(3),
- io[2], io[3], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[2], io[3],
- CamelliaSubkeyL(2), CamelliaSubkeyR(2),
- io[0], io[1], il, ir, t0, t1);
-
- /* post whitening but kw4 */
- io[2] ^= CamelliaSubkeyL(0);
- io[3] ^= CamelliaSubkeyR(0);
-
- t0 = io[0];
- t1 = io[1];
- io[0] = io[2];
- io[1] = io[3];
- io[2] = t0;
- io[3] = t1;
-
- return;
+ Camellia_EncryptBlock_Rounds(keyBitLength == 128 ? 3 : 4,
+ plaintext, keyTable, ciphertext);
}
-/**
- * stuff for 192 and 256bit encryption/decryption
- */
-void camellia_encrypt256(const u32 *subkey, u32 *io)
+void Camellia_DecryptBlock_Rounds(int grandRounds, const u8 ciphertext[],
+ const KEY_TABLE_TYPE keyTable,
+ u8 plaintext[])
{
- u32 il, ir, t0, t1; /* temporary valiables */
+ u32 s0, s1, s2, s3;
+ const u32 *k = keyTable + grandRounds * 16, *kend = keyTable + 4;
- /* pre whitening but absorb kw2 */
- io[0] ^= CamelliaSubkeyL(0);
- io[1] ^= CamelliaSubkeyR(0);
+ s0 = GETU32(ciphertext) ^ k[0];
+ s1 = GETU32(ciphertext + 4) ^ k[1];
+ s2 = GETU32(ciphertext + 8) ^ k[2];
+ s3 = GETU32(ciphertext + 12) ^ k[3];
- /* main iteration */
- CAMELLIA_ROUNDSM(io[0], io[1],
- CamelliaSubkeyL(2), CamelliaSubkeyR(2),
- io[2], io[3], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[2], io[3],
- CamelliaSubkeyL(3), CamelliaSubkeyR(3),
- io[0], io[1], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[0], io[1],
- CamelliaSubkeyL(4), CamelliaSubkeyR(4),
- io[2], io[3], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[2], io[3],
- CamelliaSubkeyL(5), CamelliaSubkeyR(5),
- io[0], io[1], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[0], io[1],
- CamelliaSubkeyL(6), CamelliaSubkeyR(6),
- io[2], io[3], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[2], io[3],
- CamelliaSubkeyL(7), CamelliaSubkeyR(7),
- io[0], io[1], il, ir, t0, t1);
+ while (1) {
+ /* Camellia makes 6 Feistel rounds */
+ k -= 12;
+ Camellia_Feistel(s0, s1, s2, s3, k + 10);
+ Camellia_Feistel(s2, s3, s0, s1, k + 8);
+ Camellia_Feistel(s0, s1, s2, s3, k + 6);
+ Camellia_Feistel(s2, s3, s0, s1, k + 4);
+ Camellia_Feistel(s0, s1, s2, s3, k + 2);
+ Camellia_Feistel(s2, s3, s0, s1, k + 0);
- CAMELLIA_FLS(io[0], io[1], io[2], io[3],
- CamelliaSubkeyL(8), CamelliaSubkeyR(8),
- CamelliaSubkeyL(9), CamelliaSubkeyR(9), t0, t1, il, ir);
+ if (k == kend)
+ break;
- CAMELLIA_ROUNDSM(io[0], io[1],
- CamelliaSubkeyL(10), CamelliaSubkeyR(10),
- io[2], io[3], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[2], io[3],
- CamelliaSubkeyL(11), CamelliaSubkeyR(11),
- io[0], io[1], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[0], io[1],
- CamelliaSubkeyL(12), CamelliaSubkeyR(12),
- io[2], io[3], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[2], io[3],
- CamelliaSubkeyL(13), CamelliaSubkeyR(13),
- io[0], io[1], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[0], io[1],
- CamelliaSubkeyL(14), CamelliaSubkeyR(14),
- io[2], io[3], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[2], io[3],
- CamelliaSubkeyL(15), CamelliaSubkeyR(15),
- io[0], io[1], il, ir, t0, t1);
+ /*
+ * This is the same function as the diffusion function D of the
+ * accompanying documentation. See section 3.2 for properties of the
+ * FLlayer function.
+ */
+ k -= 4;
+ s1 ^= LeftRotate(s0 & k[2], 1);
+ s2 ^= s3 | k[1];
+ s0 ^= s1 | k[3];
+ s3 ^= LeftRotate(s2 & k[0], 1);
+ }
- CAMELLIA_FLS(io[0], io[1], io[2], io[3],
- CamelliaSubkeyL(16), CamelliaSubkeyR(16),
- CamelliaSubkeyL(17), CamelliaSubkeyR(17), t0, t1, il, ir);
+ k -= 4;
+ s2 ^= k[0], s3 ^= k[1], s0 ^= k[2], s1 ^= k[3];
- CAMELLIA_ROUNDSM(io[0], io[1],
- CamelliaSubkeyL(18), CamelliaSubkeyR(18),
- io[2], io[3], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[2], io[3],
- CamelliaSubkeyL(19), CamelliaSubkeyR(19),
- io[0], io[1], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[0], io[1],
- CamelliaSubkeyL(20), CamelliaSubkeyR(20),
- io[2], io[3], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[2], io[3],
- CamelliaSubkeyL(21), CamelliaSubkeyR(21),
- io[0], io[1], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[0], io[1],
- CamelliaSubkeyL(22), CamelliaSubkeyR(22),
- io[2], io[3], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[2], io[3],
- CamelliaSubkeyL(23), CamelliaSubkeyR(23),
- io[0], io[1], il, ir, t0, t1);
-
- CAMELLIA_FLS(io[0], io[1], io[2], io[3],
- CamelliaSubkeyL(24), CamelliaSubkeyR(24),
- CamelliaSubkeyL(25), CamelliaSubkeyR(25), t0, t1, il, ir);
-
- CAMELLIA_ROUNDSM(io[0], io[1],
- CamelliaSubkeyL(26), CamelliaSubkeyR(26),
- io[2], io[3], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[2], io[3],
- CamelliaSubkeyL(27), CamelliaSubkeyR(27),
- io[0], io[1], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[0], io[1],
- CamelliaSubkeyL(28), CamelliaSubkeyR(28),
- io[2], io[3], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[2], io[3],
- CamelliaSubkeyL(29), CamelliaSubkeyR(29),
- io[0], io[1], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[0], io[1],
- CamelliaSubkeyL(30), CamelliaSubkeyR(30),
- io[2], io[3], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[2], io[3],
- CamelliaSubkeyL(31), CamelliaSubkeyR(31),
- io[0], io[1], il, ir, t0, t1);
-
- /* post whitening but kw4 */
- io[2] ^= CamelliaSubkeyL(32);
- io[3] ^= CamelliaSubkeyR(32);
-
- t0 = io[0];
- t1 = io[1];
- io[0] = io[2];
- io[1] = io[3];
- io[2] = t0;
- io[3] = t1;
-
- return;
+ PUTU32(plaintext, s2);
+ PUTU32(plaintext + 4, s3);
+ PUTU32(plaintext + 8, s0);
+ PUTU32(plaintext + 12, s1);
}
-void camellia_decrypt256(const u32 *subkey, u32 *io)
+void Camellia_DecryptBlock(int keyBitLength, const u8 plaintext[],
+ const KEY_TABLE_TYPE keyTable, u8 ciphertext[])
{
- u32 il, ir, t0, t1; /* temporary valiables */
-
- /* pre whitening but absorb kw2 */
- io[0] ^= CamelliaSubkeyL(32);
- io[1] ^= CamelliaSubkeyR(32);
-
- /* main iteration */
- CAMELLIA_ROUNDSM(io[0], io[1],
- CamelliaSubkeyL(31), CamelliaSubkeyR(31),
- io[2], io[3], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[2], io[3],
- CamelliaSubkeyL(30), CamelliaSubkeyR(30),
- io[0], io[1], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[0], io[1],
- CamelliaSubkeyL(29), CamelliaSubkeyR(29),
- io[2], io[3], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[2], io[3],
- CamelliaSubkeyL(28), CamelliaSubkeyR(28),
- io[0], io[1], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[0], io[1],
- CamelliaSubkeyL(27), CamelliaSubkeyR(27),
- io[2], io[3], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[2], io[3],
- CamelliaSubkeyL(26), CamelliaSubkeyR(26),
- io[0], io[1], il, ir, t0, t1);
-
- CAMELLIA_FLS(io[0], io[1], io[2], io[3],
- CamelliaSubkeyL(25), CamelliaSubkeyR(25),
- CamelliaSubkeyL(24), CamelliaSubkeyR(24), t0, t1, il, ir);
-
- CAMELLIA_ROUNDSM(io[0], io[1],
- CamelliaSubkeyL(23), CamelliaSubkeyR(23),
- io[2], io[3], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[2], io[3],
- CamelliaSubkeyL(22), CamelliaSubkeyR(22),
- io[0], io[1], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[0], io[1],
- CamelliaSubkeyL(21), CamelliaSubkeyR(21),
- io[2], io[3], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[2], io[3],
- CamelliaSubkeyL(20), CamelliaSubkeyR(20),
- io[0], io[1], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[0], io[1],
- CamelliaSubkeyL(19), CamelliaSubkeyR(19),
- io[2], io[3], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[2], io[3],
- CamelliaSubkeyL(18), CamelliaSubkeyR(18),
- io[0], io[1], il, ir, t0, t1);
-
- CAMELLIA_FLS(io[0], io[1], io[2], io[3],
- CamelliaSubkeyL(17), CamelliaSubkeyR(17),
- CamelliaSubkeyL(16), CamelliaSubkeyR(16), t0, t1, il, ir);
-
- CAMELLIA_ROUNDSM(io[0], io[1],
- CamelliaSubkeyL(15), CamelliaSubkeyR(15),
- io[2], io[3], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[2], io[3],
- CamelliaSubkeyL(14), CamelliaSubkeyR(14),
- io[0], io[1], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[0], io[1],
- CamelliaSubkeyL(13), CamelliaSubkeyR(13),
- io[2], io[3], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[2], io[3],
- CamelliaSubkeyL(12), CamelliaSubkeyR(12),
- io[0], io[1], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[0], io[1],
- CamelliaSubkeyL(11), CamelliaSubkeyR(11),
- io[2], io[3], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[2], io[3],
- CamelliaSubkeyL(10), CamelliaSubkeyR(10),
- io[0], io[1], il, ir, t0, t1);
-
- CAMELLIA_FLS(io[0], io[1], io[2], io[3],
- CamelliaSubkeyL(9), CamelliaSubkeyR(9),
- CamelliaSubkeyL(8), CamelliaSubkeyR(8), t0, t1, il, ir);
-
- CAMELLIA_ROUNDSM(io[0], io[1],
- CamelliaSubkeyL(7), CamelliaSubkeyR(7),
- io[2], io[3], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[2], io[3],
- CamelliaSubkeyL(6), CamelliaSubkeyR(6),
- io[0], io[1], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[0], io[1],
- CamelliaSubkeyL(5), CamelliaSubkeyR(5),
- io[2], io[3], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[2], io[3],
- CamelliaSubkeyL(4), CamelliaSubkeyR(4),
- io[0], io[1], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[0], io[1],
- CamelliaSubkeyL(3), CamelliaSubkeyR(3),
- io[2], io[3], il, ir, t0, t1);
- CAMELLIA_ROUNDSM(io[2], io[3],
- CamelliaSubkeyL(2), CamelliaSubkeyR(2),
- io[0], io[1], il, ir, t0, t1);
-
- /* post whitening but kw4 */
- io[2] ^= CamelliaSubkeyL(0);
- io[3] ^= CamelliaSubkeyR(0);
-
- t0 = io[0];
- t1 = io[1];
- io[0] = io[2];
- io[1] = io[3];
- io[2] = t0;
- io[3] = t1;
-
- return;
+ Camellia_DecryptBlock_Rounds(keyBitLength == 128 ? 3 : 4,
+ plaintext, keyTable, ciphertext);
}
Modified: trunk/crypto/openssl/crypto/camellia/camellia.h
===================================================================
--- trunk/crypto/openssl/crypto/camellia/camellia.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/camellia/camellia.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -58,6 +58,8 @@
# error CAMELLIA is disabled.
# endif
+# include <stddef.h>
+
# define CAMELLIA_ENCRYPT 1
# define CAMELLIA_DECRYPT 0
@@ -76,16 +78,16 @@
# define CAMELLIA_TABLE_BYTE_LEN 272
# define CAMELLIA_TABLE_WORD_LEN (CAMELLIA_TABLE_BYTE_LEN / 4)
- /* to match with WORD */
-typedef unsigned int KEY_TABLE_TYPE[CAMELLIA_TABLE_WORD_LEN];
+typedef unsigned int KEY_TABLE_TYPE[CAMELLIA_TABLE_WORD_LEN]; /* to match
+ * with WORD */
struct camellia_key_st {
- KEY_TABLE_TYPE rd_key;
- int bitLength;
- void (*enc) (const unsigned int *subkey, unsigned int *io);
- void (*dec) (const unsigned int *subkey, unsigned int *io);
+ union {
+ double d; /* ensures 64-bit align */
+ KEY_TABLE_TYPE rd_key;
+ } u;
+ int grand_rounds;
};
-
typedef struct camellia_key_st CAMELLIA_KEY;
# ifdef OPENSSL_FIPS
@@ -92,7 +94,6 @@
int private_Camellia_set_key(const unsigned char *userKey, const int bits,
CAMELLIA_KEY *key);
# endif
-
int Camellia_set_key(const unsigned char *userKey, const int bits,
CAMELLIA_KEY *key);
@@ -104,30 +105,22 @@
void Camellia_ecb_encrypt(const unsigned char *in, unsigned char *out,
const CAMELLIA_KEY *key, const int enc);
void Camellia_cbc_encrypt(const unsigned char *in, unsigned char *out,
- const unsigned long length, const CAMELLIA_KEY *key,
+ size_t length, const CAMELLIA_KEY *key,
unsigned char *ivec, const int enc);
void Camellia_cfb128_encrypt(const unsigned char *in, unsigned char *out,
- const unsigned long length,
- const CAMELLIA_KEY *key, unsigned char *ivec,
- int *num, const int enc);
+ size_t length, const CAMELLIA_KEY *key,
+ unsigned char *ivec, int *num, const int enc);
void Camellia_cfb1_encrypt(const unsigned char *in, unsigned char *out,
- const unsigned long length,
- const CAMELLIA_KEY *key, unsigned char *ivec,
- int *num, const int enc);
+ size_t length, const CAMELLIA_KEY *key,
+ unsigned char *ivec, int *num, const int enc);
void Camellia_cfb8_encrypt(const unsigned char *in, unsigned char *out,
- const unsigned long length,
- const CAMELLIA_KEY *key, unsigned char *ivec,
- int *num, const int enc);
-void Camellia_cfbr_encrypt_block(const unsigned char *in, unsigned char *out,
- const int nbits, const CAMELLIA_KEY *key,
- unsigned char *ivec, const int enc);
+ size_t length, const CAMELLIA_KEY *key,
+ unsigned char *ivec, int *num, const int enc);
void Camellia_ofb128_encrypt(const unsigned char *in, unsigned char *out,
- const unsigned long length,
- const CAMELLIA_KEY *key, unsigned char *ivec,
- int *num);
+ size_t length, const CAMELLIA_KEY *key,
+ unsigned char *ivec, int *num);
void Camellia_ctr128_encrypt(const unsigned char *in, unsigned char *out,
- const unsigned long length,
- const CAMELLIA_KEY *key,
+ size_t length, const CAMELLIA_KEY *key,
unsigned char ivec[CAMELLIA_BLOCK_SIZE],
unsigned char ecount_buf[CAMELLIA_BLOCK_SIZE],
unsigned int *num);
Modified: trunk/crypto/openssl/crypto/camellia/cmll_cbc.c
===================================================================
--- trunk/crypto/openssl/crypto/camellia/cmll_cbc.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/camellia/cmll_cbc.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -49,208 +49,18 @@
*
*/
-#ifndef CAMELLIA_DEBUG
-# ifndef NDEBUG
-# define NDEBUG
-# endif
-#endif
-#include <assert.h>
-#include <stdio.h>
-#include <string.h>
-
#include <openssl/camellia.h>
-#include "cmll_locl.h"
+#include <openssl/modes.h>
void Camellia_cbc_encrypt(const unsigned char *in, unsigned char *out,
- const unsigned long length, const CAMELLIA_KEY *key,
+ size_t len, const CAMELLIA_KEY *key,
unsigned char *ivec, const int enc)
{
- unsigned long n;
- unsigned long len = length;
- const unsigned char *iv = ivec;
- union {
- u32 t32[CAMELLIA_BLOCK_SIZE / sizeof(u32)];
- u8 t8[CAMELLIA_BLOCK_SIZE];
- } tmp;
- const union {
- long one;
- char little;
- } camellia_endian = {
- 1
- };
-
- assert(in && out && key && ivec);
- assert((CAMELLIA_ENCRYPT == enc) || (CAMELLIA_DECRYPT == enc));
-
- if (((size_t)in | (size_t)out | (size_t)ivec) % sizeof(u32) == 0) {
- if (CAMELLIA_ENCRYPT == enc) {
- while (len >= CAMELLIA_BLOCK_SIZE) {
- XOR4WORD2((u32 *)out, (u32 *)in, (u32 *)iv);
- if (camellia_endian.little)
- SWAP4WORD((u32 *)out);
- key->enc(key->rd_key, (u32 *)out);
- if (camellia_endian.little)
- SWAP4WORD((u32 *)out);
- iv = out;
- len -= CAMELLIA_BLOCK_SIZE;
- in += CAMELLIA_BLOCK_SIZE;
- out += CAMELLIA_BLOCK_SIZE;
- }
- if (len) {
- for (n = 0; n < len; ++n)
- out[n] = in[n] ^ iv[n];
- for (n = len; n < CAMELLIA_BLOCK_SIZE; ++n)
- out[n] = iv[n];
- if (camellia_endian.little)
- SWAP4WORD((u32 *)out);
- key->enc(key->rd_key, (u32 *)out);
- if (camellia_endian.little)
- SWAP4WORD((u32 *)out);
- iv = out;
- }
- memcpy(ivec, iv, CAMELLIA_BLOCK_SIZE);
- } else if (in != out) {
- while (len >= CAMELLIA_BLOCK_SIZE) {
- memcpy(out, in, CAMELLIA_BLOCK_SIZE);
- if (camellia_endian.little)
- SWAP4WORD((u32 *)out);
- key->dec(key->rd_key, (u32 *)out);
- if (camellia_endian.little)
- SWAP4WORD((u32 *)out);
- XOR4WORD((u32 *)out, (u32 *)iv);
- iv = in;
- len -= CAMELLIA_BLOCK_SIZE;
- in += CAMELLIA_BLOCK_SIZE;
- out += CAMELLIA_BLOCK_SIZE;
- }
- if (len) {
- memcpy(tmp.t8, in, CAMELLIA_BLOCK_SIZE);
- if (camellia_endian.little)
- SWAP4WORD(tmp.t32);
- key->dec(key->rd_key, tmp.t32);
- if (camellia_endian.little)
- SWAP4WORD(tmp.t32);
- for (n = 0; n < len; ++n)
- out[n] = tmp.t8[n] ^ iv[n];
- iv = in;
- }
- memcpy(ivec, iv, CAMELLIA_BLOCK_SIZE);
- } else { /* in == out */
-
- while (len >= CAMELLIA_BLOCK_SIZE) {
- memcpy(tmp.t8, in, CAMELLIA_BLOCK_SIZE);
- if (camellia_endian.little)
- SWAP4WORD((u32 *)out);
- key->dec(key->rd_key, (u32 *)out);
- if (camellia_endian.little)
- SWAP4WORD((u32 *)out);
- XOR4WORD((u32 *)out, (u32 *)ivec);
- memcpy(ivec, tmp.t8, CAMELLIA_BLOCK_SIZE);
- len -= CAMELLIA_BLOCK_SIZE;
- in += CAMELLIA_BLOCK_SIZE;
- out += CAMELLIA_BLOCK_SIZE;
- }
- if (len) {
- memcpy(tmp.t8, in, CAMELLIA_BLOCK_SIZE);
- if (camellia_endian.little)
- SWAP4WORD((u32 *)out);
- key->dec(key->rd_key, (u32 *)out);
- if (camellia_endian.little)
- SWAP4WORD((u32 *)out);
- for (n = 0; n < len; ++n)
- out[n] ^= ivec[n];
- for (n = len; n < CAMELLIA_BLOCK_SIZE; ++n)
- out[n] = tmp.t8[n];
- memcpy(ivec, tmp.t8, CAMELLIA_BLOCK_SIZE);
- }
- }
- } else { /* no aligned */
-
- if (CAMELLIA_ENCRYPT == enc) {
- while (len >= CAMELLIA_BLOCK_SIZE) {
- for (n = 0; n < CAMELLIA_BLOCK_SIZE; ++n)
- tmp.t8[n] = in[n] ^ iv[n];
- if (camellia_endian.little)
- SWAP4WORD(tmp.t32);
- key->enc(key->rd_key, tmp.t32);
- if (camellia_endian.little)
- SWAP4WORD(tmp.t32);
- memcpy(out, tmp.t8, CAMELLIA_BLOCK_SIZE);
- iv = out;
- len -= CAMELLIA_BLOCK_SIZE;
- in += CAMELLIA_BLOCK_SIZE;
- out += CAMELLIA_BLOCK_SIZE;
- }
- if (len) {
- for (n = 0; n < len; ++n)
- tmp.t8[n] = in[n] ^ iv[n];
- for (n = len; n < CAMELLIA_BLOCK_SIZE; ++n)
- tmp.t8[n] = iv[n];
- if (camellia_endian.little)
- SWAP4WORD(tmp.t32);
- key->enc(key->rd_key, tmp.t32);
- if (camellia_endian.little)
- SWAP4WORD(tmp.t32);
- memcpy(out, tmp.t8, CAMELLIA_BLOCK_SIZE);
- iv = out;
- }
- memcpy(ivec, iv, CAMELLIA_BLOCK_SIZE);
- } else if (in != out) {
- while (len >= CAMELLIA_BLOCK_SIZE) {
- memcpy(tmp.t8, in, CAMELLIA_BLOCK_SIZE);
- if (camellia_endian.little)
- SWAP4WORD(tmp.t32);
- key->dec(key->rd_key, tmp.t32);
- if (camellia_endian.little)
- SWAP4WORD(tmp.t32);
- for (n = 0; n < CAMELLIA_BLOCK_SIZE; ++n)
- out[n] = tmp.t8[n] ^ iv[n];
- iv = in;
- len -= CAMELLIA_BLOCK_SIZE;
- in += CAMELLIA_BLOCK_SIZE;
- out += CAMELLIA_BLOCK_SIZE;
- }
- if (len) {
- memcpy(tmp.t8, in, CAMELLIA_BLOCK_SIZE);
- if (camellia_endian.little)
- SWAP4WORD(tmp.t32);
- key->dec(key->rd_key, tmp.t32);
- if (camellia_endian.little)
- SWAP4WORD(tmp.t32);
- for (n = 0; n < len; ++n)
- out[n] = tmp.t8[n] ^ iv[n];
- iv = in;
- }
- memcpy(ivec, iv, CAMELLIA_BLOCK_SIZE);
- } else {
- while (len >= CAMELLIA_BLOCK_SIZE) {
- memcpy(tmp.t8, in, CAMELLIA_BLOCK_SIZE);
- if (camellia_endian.little)
- SWAP4WORD(tmp.t32);
- key->dec(key->rd_key, tmp.t32);
- if (camellia_endian.little)
- SWAP4WORD(tmp.t32);
- for (n = 0; n < CAMELLIA_BLOCK_SIZE; ++n)
- tmp.t8[n] ^= ivec[n];
- memcpy(ivec, in, CAMELLIA_BLOCK_SIZE);
- memcpy(out, tmp.t8, CAMELLIA_BLOCK_SIZE);
- len -= CAMELLIA_BLOCK_SIZE;
- in += CAMELLIA_BLOCK_SIZE;
- out += CAMELLIA_BLOCK_SIZE;
- }
- if (len) {
- memcpy(tmp.t8, in, CAMELLIA_BLOCK_SIZE);
- if (camellia_endian.little)
- SWAP4WORD(tmp.t32);
- key->dec(key->rd_key, tmp.t32);
- if (camellia_endian.little)
- SWAP4WORD(tmp.t32);
- for (n = 0; n < len; ++n)
- tmp.t8[n] ^= ivec[n];
- memcpy(ivec, in, CAMELLIA_BLOCK_SIZE);
- memcpy(out, tmp.t8, len);
- }
- }
- }
+ if (enc)
+ CRYPTO_cbc128_encrypt(in, out, len, key, ivec,
+ (block128_f) Camellia_encrypt);
+ else
+ CRYPTO_cbc128_decrypt(in, out, len, key, ivec,
+ (block128_f) Camellia_decrypt);
}
Modified: trunk/crypto/openssl/crypto/camellia/cmll_cfb.c
===================================================================
--- trunk/crypto/openssl/crypto/camellia/cmll_cfb.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/camellia/cmll_cfb.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -105,17 +105,8 @@
* [including the GNU Public Licence.]
*/
-#ifndef CAMELLIA_DEBUG
-# ifndef NDEBUG
-# define NDEBUG
-# endif
-#endif
-#include <assert.h>
-#include <string.h>
-
#include <openssl/camellia.h>
-#include "cmll_locl.h"
-#include "e_os.h"
+#include <openssl/modes.h>
/*
* The input and output encrypted as though 128bit cfb mode is being used.
@@ -124,110 +115,27 @@
*/
void Camellia_cfb128_encrypt(const unsigned char *in, unsigned char *out,
- const unsigned long length,
- const CAMELLIA_KEY *key, unsigned char *ivec,
- int *num, const int enc)
+ size_t length, const CAMELLIA_KEY *key,
+ unsigned char *ivec, int *num, const int enc)
{
- unsigned int n;
- unsigned long l = length;
- unsigned char c;
-
- assert(in && out && key && ivec && num);
-
- n = *num;
-
- if (enc) {
- while (l--) {
- if (n == 0) {
- Camellia_encrypt(ivec, ivec, key);
- }
- ivec[n] = *(out++) = *(in++) ^ ivec[n];
- n = (n + 1) % CAMELLIA_BLOCK_SIZE;
- }
- } else {
- while (l--) {
- if (n == 0) {
- Camellia_encrypt(ivec, ivec, key);
- }
- c = *(in);
- *(out++) = *(in++) ^ ivec[n];
- ivec[n] = c;
- n = (n + 1) % CAMELLIA_BLOCK_SIZE;
- }
- }
-
- *num = n;
+ CRYPTO_cfb128_encrypt(in, out, length, key, ivec, num, enc,
+ (block128_f) Camellia_encrypt);
}
-/*
- * This expects a single block of size nbits for both in and out. Note that
- * it corrupts any extra bits in the last byte of out
- */
-void Camellia_cfbr_encrypt_block(const unsigned char *in, unsigned char *out,
- const int nbits, const CAMELLIA_KEY *key,
- unsigned char *ivec, const int enc)
-{
- int n, rem, num;
- unsigned char ovec[CAMELLIA_BLOCK_SIZE * 2];
-
- if (nbits <= 0 || nbits > 128)
- return;
-
- /* fill in the first half of the new IV with the current IV */
- memcpy(ovec, ivec, CAMELLIA_BLOCK_SIZE);
- /* construct the new IV */
- Camellia_encrypt(ivec, ivec, key);
- num = (nbits + 7) / 8;
- if (enc) /* encrypt the input */
- for (n = 0; n < num; ++n)
- out[n] = (ovec[CAMELLIA_BLOCK_SIZE + n] = in[n] ^ ivec[n]);
- else /* decrypt the input */
- for (n = 0; n < num; ++n)
- out[n] = (ovec[CAMELLIA_BLOCK_SIZE + n] = in[n]) ^ ivec[n];
- /* shift ovec left... */
- rem = nbits % 8;
- num = nbits / 8;
- if (rem == 0)
- memcpy(ivec, ovec + num, CAMELLIA_BLOCK_SIZE);
- else
- for (n = 0; n < CAMELLIA_BLOCK_SIZE; ++n)
- ivec[n] = ovec[n + num] << rem | ovec[n + num + 1] >> (8 - rem);
-
- /* it is not necessary to cleanse ovec, since the IV is not secret */
-}
-
/* N.B. This expects the input to be packed, MS bit first */
void Camellia_cfb1_encrypt(const unsigned char *in, unsigned char *out,
- const unsigned long length,
- const CAMELLIA_KEY *key, unsigned char *ivec,
- int *num, const int enc)
+ size_t length, const CAMELLIA_KEY *key,
+ unsigned char *ivec, int *num, const int enc)
{
- unsigned int n;
- unsigned char c[1], d[1];
-
- assert(in && out && key && ivec && num);
- assert(*num == 0);
-
- memset(out, 0, (length + 7) / 8);
- for (n = 0; n < length; ++n) {
- c[0] = (in[n / 8] & (1 << (7 - n % 8))) ? 0x80 : 0;
- Camellia_cfbr_encrypt_block(c, d, 1, key, ivec, enc);
- out[n / 8] =
- (out[n / 8] & ~(1 << (7 - n % 8))) | ((d[0] & 0x80) >> (n % 8));
- }
+ CRYPTO_cfb128_1_encrypt(in, out, length, key, ivec, num, enc,
+ (block128_f) Camellia_encrypt);
}
void Camellia_cfb8_encrypt(const unsigned char *in, unsigned char *out,
- const unsigned long length,
- const CAMELLIA_KEY *key, unsigned char *ivec,
- int *num, const int enc)
+ size_t length, const CAMELLIA_KEY *key,
+ unsigned char *ivec, int *num, const int enc)
{
- unsigned int n;
-
- assert(in && out && key && ivec && num);
- assert(*num == 0);
-
- for (n = 0; n < length; ++n)
- Camellia_cfbr_encrypt_block(&in[n], &out[n], 8, key, ivec, enc);
+ CRYPTO_cfb128_8_encrypt(in, out, length, key, ivec, num, enc,
+ (block128_f) Camellia_encrypt);
}
Modified: trunk/crypto/openssl/crypto/camellia/cmll_ctr.c
===================================================================
--- trunk/crypto/openssl/crypto/camellia/cmll_ctr.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/camellia/cmll_ctr.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -49,97 +49,16 @@
*
*/
-#ifndef CAMELLIA_DEBUG
-# ifndef NDEBUG
-# define NDEBUG
-# endif
-#endif
-#include <assert.h>
-
#include <openssl/camellia.h>
-#include "cmll_locl.h"
+#include <openssl/modes.h>
-/*
- * NOTE: the IV/counter CTR mode is big-endian. The rest of the Camellia
- * code is endian-neutral.
- */
-/* increment counter (128-bit int) by 1 */
-static void Camellia_ctr128_inc(unsigned char *counter)
-{
- unsigned long c;
-
- /* Grab bottom dword of counter and increment */
- c = GETU32(counter + 12);
- c++;
- c &= 0xFFFFFFFF;
- PUTU32(counter + 12, c);
-
- /* if no overflow, we're done */
- if (c)
- return;
-
- /* Grab 1st dword of counter and increment */
- c = GETU32(counter + 8);
- c++;
- c &= 0xFFFFFFFF;
- PUTU32(counter + 8, c);
-
- /* if no overflow, we're done */
- if (c)
- return;
-
- /* Grab 2nd dword of counter and increment */
- c = GETU32(counter + 4);
- c++;
- c &= 0xFFFFFFFF;
- PUTU32(counter + 4, c);
-
- /* if no overflow, we're done */
- if (c)
- return;
-
- /* Grab top dword of counter and increment */
- c = GETU32(counter + 0);
- c++;
- c &= 0xFFFFFFFF;
- PUTU32(counter + 0, c);
-}
-
-/*
- * The input encrypted as though 128bit counter mode is being used. The
- * extra state information to record how much of the 128bit block we have
- * used is contained in *num, and the encrypted counter is kept in
- * ecount_buf. Both *num and ecount_buf must be initialised with zeros
- * before the first call to Camellia_ctr128_encrypt(). This algorithm
- * assumes that the counter is in the x lower bits of the IV (ivec), and that
- * the application has full control over overflow and the rest of the IV.
- * This implementation takes NO responsability for checking that the counter
- * doesn't overflow into the rest of the IV when incremented.
- */
void Camellia_ctr128_encrypt(const unsigned char *in, unsigned char *out,
- const unsigned long length,
- const CAMELLIA_KEY *key,
+ size_t length, const CAMELLIA_KEY *key,
unsigned char ivec[CAMELLIA_BLOCK_SIZE],
unsigned char ecount_buf[CAMELLIA_BLOCK_SIZE],
unsigned int *num)
{
- unsigned int n;
- unsigned long l = length;
-
- assert(in && out && key && counter && num);
- assert(*num < CAMELLIA_BLOCK_SIZE);
-
- n = *num;
-
- while (l--) {
- if (n == 0) {
- Camellia_encrypt(ivec, ecount_buf, key);
- Camellia_ctr128_inc(ivec);
- }
- *(out++) = *(in++) ^ ecount_buf[n];
- n = (n + 1) % CAMELLIA_BLOCK_SIZE;
- }
-
- *num = n;
+ CRYPTO_ctr128_encrypt(in, out, length, key, ivec, ecount_buf, num,
+ (block128_f) Camellia_encrypt);
}
Modified: trunk/crypto/openssl/crypto/camellia/cmll_locl.h
===================================================================
--- trunk/crypto/openssl/crypto/camellia/cmll_locl.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/camellia/cmll_locl.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -68,96 +68,21 @@
#ifndef HEADER_CAMELLIA_LOCL_H
# define HEADER_CAMELLIA_LOCL_H
-# include "openssl/e_os2.h"
-# include <stdio.h>
-# include <stdlib.h>
-# include <string.h>
-
+typedef unsigned int u32;
typedef unsigned char u8;
-typedef unsigned int u32;
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-# if defined(_MSC_VER) && (defined(_M_IX86) || defined(_M_AMD64) || defined(_M_X64))
-# define SWAP(x) ( _lrotl(x, 8) & 0x00ff00ff | _lrotr(x, 8) & 0xff00ff00 )
-# define GETU32(p) SWAP(*((u32 *)(p)))
-# define PUTU32(ct, st) { *((u32 *)(ct)) = SWAP((st)); }
-# define CAMELLIA_SWAP4(x) (x = ( _lrotl(x, 8) & 0x00ff00ff | _lrotr(x, 8) & 0xff00ff00) )
-
-# else /* not windows */
-# define GETU32(pt) (((u32)(pt)[0] << 24) \
- ^ ((u32)(pt)[1] << 16) \
- ^ ((u32)(pt)[2] << 8) \
- ^ ((u32)(pt)[3]))
-
-# define PUTU32(ct, st) { (ct)[0] = (u8)((st) >> 24); \
- (ct)[1] = (u8)((st) >> 16); \
- (ct)[2] = (u8)((st) >> 8); \
- (ct)[3] = (u8)(st); }
-
-# if (defined (__GNUC__) && (defined(__x86_64__) || defined(__x86_64)))
-# define CAMELLIA_SWAP4(x) \
- do{\
- asm("bswap %1" : "+r" (x));\
- }while(0)
-# else
-# define CAMELLIA_SWAP4(x) \
- do{\
- x = ((u32)x << 16) + ((u32)x >> 16);\
- x = (((u32)x & 0xff00ff) << 8) + (((u32)x >> 8) & 0xff00ff);\
- } while(0)
-# endif
-# endif
-
-# define COPY4WORD(dst, src) \
- do \
- { \
- (dst)[0]=(src)[0]; \
- (dst)[1]=(src)[1]; \
- (dst)[2]=(src)[2]; \
- (dst)[3]=(src)[3]; \
- }while(0)
-
-# define SWAP4WORD(word) \
- do \
- { \
- CAMELLIA_SWAP4((word)[0]); \
- CAMELLIA_SWAP4((word)[1]); \
- CAMELLIA_SWAP4((word)[2]); \
- CAMELLIA_SWAP4((word)[3]); \
- }while(0)
-
-# define XOR4WORD(a, b)/* a = a ^ b */ \
- do \
- { \
- (a)[0]^=(b)[0]; \
- (a)[1]^=(b)[1]; \
- (a)[2]^=(b)[2]; \
- (a)[3]^=(b)[3]; \
- }while(0)
-
-# define XOR4WORD2(a, b, c)/* a = b ^ c */ \
- do \
- { \
- (a)[0]=(b)[0]^(c)[0]; \
- (a)[1]=(b)[1]^(c)[1]; \
- (a)[2]=(b)[2]^(c)[2]; \
- (a)[3]=(b)[3]^(c)[3]; \
- }while(0)
-
-void camellia_setup128(const u8 *key, u32 *subkey);
-void camellia_setup192(const u8 *key, u32 *subkey);
-void camellia_setup256(const u8 *key, u32 *subkey);
-
-void camellia_encrypt128(const u32 *subkey, u32 *io);
-void camellia_decrypt128(const u32 *subkey, u32 *io);
-void camellia_encrypt256(const u32 *subkey, u32 *io);
-void camellia_decrypt256(const u32 *subkey, u32 *io);
-
-#ifdef __cplusplus
-}
-#endif
-
+int Camellia_Ekeygen(int keyBitLength, const u8 *rawKey,
+ KEY_TABLE_TYPE keyTable);
+void Camellia_EncryptBlock_Rounds(int grandRounds, const u8 plaintext[],
+ const KEY_TABLE_TYPE keyTable,
+ u8 ciphertext[]);
+void Camellia_DecryptBlock_Rounds(int grandRounds, const u8 ciphertext[],
+ const KEY_TABLE_TYPE keyTable,
+ u8 plaintext[]);
+void Camellia_EncryptBlock(int keyBitLength, const u8 plaintext[],
+ const KEY_TABLE_TYPE keyTable, u8 ciphertext[]);
+void Camellia_DecryptBlock(int keyBitLength, const u8 ciphertext[],
+ const KEY_TABLE_TYPE keyTable, u8 plaintext[]);
+int private_Camellia_set_key(const unsigned char *userKey, const int bits,
+ CAMELLIA_KEY *key);
#endif /* #ifndef HEADER_CAMELLIA_LOCL_H */
Modified: trunk/crypto/openssl/crypto/camellia/cmll_misc.c
===================================================================
--- trunk/crypto/openssl/crypto/camellia/cmll_misc.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/camellia/cmll_misc.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -50,53 +50,20 @@
*/
#include <openssl/opensslv.h>
+#include <openssl/crypto.h>
#include <openssl/camellia.h>
#include "cmll_locl.h"
-#include <openssl/crypto.h>
-#ifdef OPENSSL_FIPS
-# include <openssl/fips.h>
-#endif
const char CAMELLIA_version[] = "CAMELLIA" OPENSSL_VERSION_PTEXT;
-int Camellia_set_key(const unsigned char *userKey, const int bits,
- CAMELLIA_KEY *key)
-#ifdef OPENSSL_FIPS
-{
- if (FIPS_mode())
- FIPS_BAD_ABORT(CAMELLIA)
- return private_Camellia_set_key(userKey, bits, key);
-}
-
int private_Camellia_set_key(const unsigned char *userKey, const int bits,
CAMELLIA_KEY *key)
-#endif
{
- if (!userKey || !key) {
+ if (!userKey || !key)
return -1;
- }
-
- switch (bits) {
- case 128:
- camellia_setup128(userKey, (unsigned int *)key->rd_key);
- key->enc = camellia_encrypt128;
- key->dec = camellia_decrypt128;
- break;
- case 192:
- camellia_setup192(userKey, (unsigned int *)key->rd_key);
- key->enc = camellia_encrypt256;
- key->dec = camellia_decrypt256;
- break;
- case 256:
- camellia_setup256(userKey, (unsigned int *)key->rd_key);
- key->enc = camellia_encrypt256;
- key->dec = camellia_decrypt256;
- break;
- default:
+ if (bits != 128 && bits != 192 && bits != 256)
return -2;
- }
-
- key->bitLength = bits;
+ key->grand_rounds = Camellia_Ekeygen(bits, userKey, key->u.rd_key);
return 0;
}
@@ -103,39 +70,11 @@
void Camellia_encrypt(const unsigned char *in, unsigned char *out,
const CAMELLIA_KEY *key)
{
- u32 tmp[CAMELLIA_BLOCK_SIZE / sizeof(u32)];
- const union {
- long one;
- char little;
- } camellia_endian = {
- 1
- };
-
- memcpy(tmp, in, CAMELLIA_BLOCK_SIZE);
- if (camellia_endian.little)
- SWAP4WORD(tmp);
- key->enc(key->rd_key, tmp);
- if (camellia_endian.little)
- SWAP4WORD(tmp);
- memcpy(out, tmp, CAMELLIA_BLOCK_SIZE);
+ Camellia_EncryptBlock_Rounds(key->grand_rounds, in, key->u.rd_key, out);
}
void Camellia_decrypt(const unsigned char *in, unsigned char *out,
const CAMELLIA_KEY *key)
{
- u32 tmp[CAMELLIA_BLOCK_SIZE / sizeof(u32)];
- const union {
- long one;
- char little;
- } camellia_endian = {
- 1
- };
-
- memcpy(tmp, in, CAMELLIA_BLOCK_SIZE);
- if (camellia_endian.little)
- SWAP4WORD(tmp);
- key->dec(key->rd_key, tmp);
- if (camellia_endian.little)
- SWAP4WORD(tmp);
- memcpy(out, tmp, CAMELLIA_BLOCK_SIZE);
+ Camellia_DecryptBlock_Rounds(key->grand_rounds, in, key->u.rd_key, out);
}
Modified: trunk/crypto/openssl/crypto/camellia/cmll_ofb.c
===================================================================
--- trunk/crypto/openssl/crypto/camellia/cmll_ofb.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/camellia/cmll_ofb.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -105,14 +105,8 @@
* [including the GNU Public Licence.]
*/
-#ifndef CAMELLIA_DEBUG
-# ifndef NDEBUG
-# define NDEBUG
-# endif
-#endif
-#include <assert.h>
#include <openssl/camellia.h>
-#include "cmll_locl.h"
+#include <openssl/modes.h>
/*
* The input and output encrypted as though 128bit ofb mode is being used.
@@ -120,25 +114,9 @@
* used is contained in *num;
*/
void Camellia_ofb128_encrypt(const unsigned char *in, unsigned char *out,
- const unsigned long length,
- const CAMELLIA_KEY *key, unsigned char *ivec,
- int *num)
+ size_t length, const CAMELLIA_KEY *key,
+ unsigned char *ivec, int *num)
{
-
- unsigned int n;
- unsigned long l = length;
-
- assert(in && out && key && ivec && num);
-
- n = *num;
-
- while (l--) {
- if (n == 0) {
- Camellia_encrypt(ivec, ivec, key);
- }
- *(out++) = *(in++) ^ ivec[n];
- n = (n + 1) % CAMELLIA_BLOCK_SIZE;
- }
-
- *num = n;
+ CRYPTO_ofb128_encrypt(in, out, length, key, ivec, num,
+ (block128_f) Camellia_encrypt);
}
Copied: trunk/crypto/openssl/crypto/camellia/cmll_utl.c (from rev 7117, vendor-crypto/openssl/dist/crypto/camellia/cmll_utl.c)
===================================================================
--- trunk/crypto/openssl/crypto/camellia/cmll_utl.c (rev 0)
+++ trunk/crypto/openssl/crypto/camellia/cmll_utl.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,64 @@
+/* crypto/camellia/cmll_utl.c -*- mode:C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright (c) 2011 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include <openssl/opensslv.h>
+#include <openssl/crypto.h>
+#include <openssl/camellia.h>
+#include "cmll_locl.h"
+
+int Camellia_set_key(const unsigned char *userKey, const int bits,
+ CAMELLIA_KEY *key)
+{
+#ifdef OPENSSL_FIPS
+ fips_cipher_abort(Camellia);
+#endif
+ return private_Camellia_set_key(userKey, bits, key);
+}
Modified: trunk/crypto/openssl/crypto/cast/Makefile
===================================================================
--- trunk/crypto/openssl/crypto/cast/Makefile 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/cast/Makefile 2015-07-21 23:23:45 UTC (rev 7118)
@@ -38,19 +38,12 @@
all: lib
lib: $(LIBOBJ)
- $(ARX) $(LIB) $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
-# ELF
-cx86-elf.s: asm/cast-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
- (cd asm; $(PERL) cast-586.pl elf $(CLAGS) $(PROCESSOR) > ../$@)
-# COFF
-cx86-cof.s: asm/cast-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
- (cd asm; $(PERL) cast-586.pl coff $(CLAGS) $(PROCESSOR) > ../$@)
-# a.out
-cx86-out.s: asm/cast-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
- (cd asm; $(PERL) cast-586.pl a.out $(CLAGS) $(PROCESSOR) > ../$@)
+cast-586.s: asm/cast-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
+ $(PERL) asm/cast-586.pl $(PERLASM_SCHEME) $(CLAGS) $(PROCESSOR) > $@
files:
$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
@@ -76,6 +69,8 @@
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
+update: depend
+
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
@@ -103,7 +98,7 @@
c_ofb64.o: c_ofb64.c cast_lcl.h
c_skey.o: ../../e_os.h ../../include/openssl/cast.h
c_skey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-c_skey.o: ../../include/openssl/fips.h ../../include/openssl/opensslconf.h
-c_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-c_skey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-c_skey.o: ../../include/openssl/symhacks.h c_skey.c cast_lcl.h cast_s.h
+c_skey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+c_skey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+c_skey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+c_skey.o: c_skey.c cast_lcl.h cast_s.h
Modified: trunk/crypto/openssl/crypto/cast/asm/cast-586.pl
===================================================================
--- trunk/crypto/openssl/crypto/cast/asm/cast-586.pl 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/cast/asm/cast-586.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -3,7 +3,8 @@
# define for pentium pro friendly version
$ppro=1;
-push(@INC,"perlasm","../../perlasm");
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
require "x86asm.pl";
require "cbc.pl";
Modified: trunk/crypto/openssl/crypto/cast/c_skey.c
===================================================================
--- trunk/crypto/openssl/crypto/cast/c_skey.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/cast/c_skey.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -56,12 +56,8 @@
* [including the GNU Public Licence.]
*/
+#include <openssl/crypto.h>
#include <openssl/cast.h>
-#include <openssl/crypto.h>
-#ifdef OPENSSL_FIPS
-# include <openssl/fips.h>
-#endif
-
#include "cast_lcl.h"
#include "cast_s.h"
@@ -76,8 +72,15 @@
#define S5 CAST_S_table5
#define S6 CAST_S_table6
#define S7 CAST_S_table7
+void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data)
+#ifdef OPENSSL_FIPS
+{
+ fips_cipher_abort(CAST);
+ private_CAST_set_key(key, len, data);
+}
-FIPS_NON_FIPS_VCIPHER_Init(CAST)
+void private_CAST_set_key(CAST_KEY *key, int len, const unsigned char *data)
+#endif
{
CAST_LONG x[16];
CAST_LONG z[16];
Modified: trunk/crypto/openssl/crypto/cast/cast.h
===================================================================
--- trunk/crypto/openssl/crypto/cast/cast.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/cast/cast.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -72,7 +72,7 @@
# define CAST_ENCRYPT 1
# define CAST_DECRYPT 0
-# define CAST_LONG unsigned long
+# define CAST_LONG unsigned int
# define CAST_BLOCK 8
# define CAST_KEY_LENGTH 16
Modified: trunk/crypto/openssl/crypto/cms/Makefile
===================================================================
--- trunk/crypto/openssl/crypto/cms/Makefile 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/cms/Makefile 2015-07-21 23:23:45 UTC (rev 7118)
@@ -18,9 +18,11 @@
LIB=$(TOP)/libcrypto.a
LIBSRC= cms_lib.c cms_asn1.c cms_att.c cms_io.c cms_smime.c cms_err.c \
- cms_sd.c cms_dd.c cms_cd.c cms_env.c cms_enc.c cms_ess.c
+ cms_sd.c cms_dd.c cms_cd.c cms_env.c cms_enc.c cms_ess.c \
+ cms_pwri.c
LIBOBJ= cms_lib.o cms_asn1.o cms_att.o cms_io.o cms_smime.o cms_err.o \
- cms_sd.o cms_dd.o cms_cd.o cms_env.o cms_enc.o cms_ess.o
+ cms_sd.o cms_dd.o cms_cd.o cms_env.o cms_enc.o cms_ess.o \
+ cms_pwri.o
SRC= $(LIBSRC)
@@ -37,7 +39,7 @@
all: lib
lib: $(LIBOBJ)
- $(ARX) $(LIB) $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
@@ -65,6 +67,8 @@
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
+update: depend
+
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
@@ -108,6 +112,71 @@
cms_att.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
cms_att.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
cms_att.o: cms.h cms_att.c cms_lcl.h
+cms_cd.o: ../../e_os.h ../../include/openssl/asn1.h
+cms_cd.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+cms_cd.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
+cms_cd.o: ../../include/openssl/comp.h ../../include/openssl/conf.h
+cms_cd.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+cms_cd.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+cms_cd.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
+cms_cd.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+cms_cd.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+cms_cd.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+cms_cd.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
+cms_cd.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
+cms_cd.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+cms_cd.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cms_cd.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+cms_cd.o: ../../include/openssl/x509v3.h ../cryptlib.h cms_cd.c cms_lcl.h
+cms_dd.o: ../../e_os.h ../../include/openssl/asn1.h
+cms_dd.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+cms_dd.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
+cms_dd.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+cms_dd.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+cms_dd.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+cms_dd.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+cms_dd.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+cms_dd.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+cms_dd.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cms_dd.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+cms_dd.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+cms_dd.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+cms_dd.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+cms_dd.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+cms_dd.o: ../cryptlib.h cms_dd.c cms_lcl.h
+cms_enc.o: ../../e_os.h ../../include/openssl/asn1.h
+cms_enc.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+cms_enc.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
+cms_enc.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+cms_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+cms_enc.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+cms_enc.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+cms_enc.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+cms_enc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+cms_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cms_enc.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+cms_enc.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+cms_enc.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+cms_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cms_enc.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+cms_enc.o: ../../include/openssl/x509v3.h ../cryptlib.h cms_enc.c cms_lcl.h
+cms_env.o: ../../e_os.h ../../include/openssl/aes.h
+cms_env.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+cms_env.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+cms_env.o: ../../include/openssl/cms.h ../../include/openssl/conf.h
+cms_env.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+cms_env.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+cms_env.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
+cms_env.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+cms_env.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+cms_env.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+cms_env.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
+cms_env.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
+cms_env.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+cms_env.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+cms_env.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+cms_env.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+cms_env.o: ../asn1/asn1_locl.h ../cryptlib.h cms_env.c cms_lcl.h
cms_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
cms_err.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
cms_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
@@ -121,6 +190,22 @@
cms_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
cms_err.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
cms_err.o: cms_err.c
+cms_ess.o: ../../e_os.h ../../include/openssl/asn1.h
+cms_ess.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+cms_ess.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
+cms_ess.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+cms_ess.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+cms_ess.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+cms_ess.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+cms_ess.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+cms_ess.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+cms_ess.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cms_ess.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+cms_ess.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+cms_ess.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+cms_ess.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cms_ess.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+cms_ess.o: ../../include/openssl/x509v3.h ../cryptlib.h cms_ess.c cms_lcl.h
cms_io.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
cms_io.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
cms_io.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
@@ -149,6 +234,24 @@
cms_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
cms_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h cms.h
cms_lib.o: cms_lcl.h cms_lib.c
+cms_pwri.o: ../../e_os.h ../../include/openssl/aes.h
+cms_pwri.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+cms_pwri.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+cms_pwri.o: ../../include/openssl/cms.h ../../include/openssl/conf.h
+cms_pwri.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+cms_pwri.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+cms_pwri.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
+cms_pwri.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+cms_pwri.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+cms_pwri.o: ../../include/openssl/opensslconf.h
+cms_pwri.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cms_pwri.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+cms_pwri.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+cms_pwri.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+cms_pwri.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cms_pwri.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+cms_pwri.o: ../../include/openssl/x509v3.h ../asn1/asn1_locl.h ../cryptlib.h
+cms_pwri.o: cms_lcl.h cms_pwri.c
cms_sd.o: ../../e_os.h ../../include/openssl/asn1.h
cms_sd.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
cms_sd.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
@@ -164,7 +267,7 @@
cms_sd.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
cms_sd.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
cms_sd.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-cms_sd.o: ../cryptlib.h cms_lcl.h cms_sd.c
+cms_sd.o: ../asn1/asn1_locl.h ../cryptlib.h cms_lcl.h cms_sd.c
cms_smime.o: ../../e_os.h ../../include/openssl/asn1.h
cms_smime.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
cms_smime.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
Modified: trunk/crypto/openssl/crypto/cms/cms.h
===================================================================
--- trunk/crypto/openssl/crypto/cms/cms.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/cms/cms.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -75,8 +75,9 @@
DECLARE_STACK_OF(CMS_SignerInfo)
DECLARE_STACK_OF(GENERAL_NAMES)
-DECLARE_ASN1_FUNCTIONS_const(CMS_ContentInfo)
-DECLARE_ASN1_FUNCTIONS_const(CMS_ReceiptRequest)
+DECLARE_ASN1_FUNCTIONS(CMS_ContentInfo)
+DECLARE_ASN1_FUNCTIONS(CMS_ReceiptRequest)
+DECLARE_ASN1_PRINT_FUNCTION(CMS_ContentInfo)
# define CMS_SIGNERINFO_ISSUER_SERIAL 0
# define CMS_SIGNERINFO_KEYIDENTIFIER 1
@@ -123,9 +124,14 @@
# ifdef HEADER_PEM_H
DECLARE_PEM_rw_const(CMS, CMS_ContentInfo)
# endif
+int CMS_stream(unsigned char ***boundary, CMS_ContentInfo *cms);
CMS_ContentInfo *d2i_CMS_bio(BIO *bp, CMS_ContentInfo **cms);
int i2d_CMS_bio(BIO *bp, CMS_ContentInfo *cms);
+BIO *BIO_new_CMS(BIO *out, CMS_ContentInfo *cms);
+int i2d_CMS_bio_stream(BIO *out, CMS_ContentInfo *cms, BIO *in, int flags);
+int PEM_write_bio_CMS_stream(BIO *out, CMS_ContentInfo *cms, BIO *in,
+ int flags);
CMS_ContentInfo *SMIME_read_CMS(BIO *bio, BIO **bcont);
int SMIME_write_CMS(BIO *bio, CMS_ContentInfo *cms, BIO *data, int flags);
@@ -178,6 +184,8 @@
int CMS_decrypt_set1_key(CMS_ContentInfo *cms,
unsigned char *key, size_t keylen,
unsigned char *id, size_t idlen);
+int CMS_decrypt_set1_password(CMS_ContentInfo *cms,
+ unsigned char *pass, ossl_ssize_t passlen);
STACK_OF(CMS_RecipientInfo) *CMS_get0_RecipientInfos(CMS_ContentInfo *cms);
int CMS_RecipientInfo_type(CMS_RecipientInfo *ri);
@@ -214,6 +222,17 @@
int CMS_RecipientInfo_kekri_id_cmp(CMS_RecipientInfo *ri,
const unsigned char *id, size_t idlen);
+int CMS_RecipientInfo_set0_password(CMS_RecipientInfo *ri,
+ unsigned char *pass,
+ ossl_ssize_t passlen);
+
+CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms,
+ int iter, int wrap_nid,
+ int pbe_nid,
+ unsigned char *pass,
+ ossl_ssize_t passlen,
+ const EVP_CIPHER *kekciph);
+
int CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);
int CMS_uncompress(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
@@ -230,6 +249,7 @@
CMS_RevocationInfoChoice *CMS_add0_RevocationInfoChoice(CMS_ContentInfo *cms);
int CMS_add0_crl(CMS_ContentInfo *cms, X509_CRL *crl);
+int CMS_add1_crl(CMS_ContentInfo *cms, X509_CRL *crl);
STACK_OF(X509_CRL) *CMS_get1_crls(CMS_ContentInfo *cms);
int CMS_SignedData_init(CMS_ContentInfo *cms);
@@ -327,6 +347,7 @@
# define CMS_F_CHECK_CONTENT 99
# define CMS_F_CMS_ADD0_CERT 164
# define CMS_F_CMS_ADD0_RECIPIENT_KEY 100
+# define CMS_F_CMS_ADD0_RECIPIENT_PASSWORD 165
# define CMS_F_CMS_ADD1_RECEIPTREQUEST 158
# define CMS_F_CMS_ADD1_RECIPIENT_CERT 101
# define CMS_F_CMS_ADD1_SIGNER 102
@@ -341,6 +362,7 @@
# define CMS_F_CMS_DATAINIT 111
# define CMS_F_CMS_DECRYPT 112
# define CMS_F_CMS_DECRYPT_SET1_KEY 113
+# define CMS_F_CMS_DECRYPT_SET1_PASSWORD 166
# define CMS_F_CMS_DECRYPT_SET1_PKEY 114
# define CMS_F_CMS_DIGESTALGORITHM_FIND_CTX 115
# define CMS_F_CMS_DIGESTALGORITHM_INIT_BIO 116
@@ -375,7 +397,9 @@
# define CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT 141
# define CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_ALGS 142
# define CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_SIGNER_ID 143
+# define CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT 167
# define CMS_F_CMS_RECIPIENTINFO_SET0_KEY 144
+# define CMS_F_CMS_RECIPIENTINFO_SET0_PASSWORD 168
# define CMS_F_CMS_RECIPIENTINFO_SET0_PKEY 145
# define CMS_F_CMS_SET1_SIGNERIDENTIFIER 146
# define CMS_F_CMS_SET_DETACHED 147
@@ -416,6 +440,7 @@
# define CMS_R_ERROR_SETTING_KEY 115
# define CMS_R_ERROR_SETTING_RECIPIENTINFO 116
# define CMS_R_INVALID_ENCRYPTED_KEY_LENGTH 117
+# define CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER 176
# define CMS_R_INVALID_KEY_LENGTH 118
# define CMS_R_MD_BIO_INIT_ERROR 119
# define CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH 120
@@ -428,6 +453,7 @@
# define CMS_R_NOT_ENCRYPTED_DATA 122
# define CMS_R_NOT_KEK 123
# define CMS_R_NOT_KEY_TRANSPORT 124
+# define CMS_R_NOT_PWRI 177
# define CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE 125
# define CMS_R_NO_CIPHER 126
# define CMS_R_NO_CONTENT 127
@@ -440,6 +466,7 @@
# define CMS_R_NO_MATCHING_RECIPIENT 132
# define CMS_R_NO_MATCHING_SIGNATURE 166
# define CMS_R_NO_MSGSIGDIGEST 167
+# define CMS_R_NO_PASSWORD 178
# define CMS_R_NO_PRIVATE_KEY 133
# define CMS_R_NO_PUBLIC_KEY 134
# define CMS_R_NO_RECEIPT_REQUEST 168
@@ -463,10 +490,12 @@
# define CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM 151
# define CMS_R_UNSUPPORTED_CONTENT_TYPE 152
# define CMS_R_UNSUPPORTED_KEK_ALGORITHM 153
+# define CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM 179
# define CMS_R_UNSUPPORTED_RECIPIENT_TYPE 154
# define CMS_R_UNSUPPORTED_RECPIENTINFO_TYPE 155
# define CMS_R_UNSUPPORTED_TYPE 156
# define CMS_R_UNWRAP_ERROR 157
+# define CMS_R_UNWRAP_FAILURE 180
# define CMS_R_VERIFICATION_FAILURE 158
# define CMS_R_WRAP_ERROR 159
Modified: trunk/crypto/openssl/crypto/cms/cms_asn1.c
===================================================================
--- trunk/crypto/openssl/crypto/cms/cms_asn1.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/cms/cms_asn1.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -88,7 +88,8 @@
} ASN1_NDEF_SEQUENCE_END(CMS_EncapsulatedContentInfo)
/* Minor tweak to operation: free up signer key, cert */
-static int cms_si_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
+static int cms_si_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+ void *exarg)
{
if (operation == ASN1_OP_FREE_POST) {
CMS_SignerInfo *si = (CMS_SignerInfo *)*pval;
@@ -213,7 +214,8 @@
} ASN1_SEQUENCE_END(CMS_OtherRecipientInfo)
/* Free up RecipientInfo additional data */
-static int cms_ri_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
+static int cms_ri_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+ void *exarg)
{
if (operation == ASN1_OP_FREE_PRE) {
CMS_RecipientInfo *ri = (CMS_RecipientInfo *)*pval;
@@ -229,6 +231,12 @@
OPENSSL_cleanse(kekri->key, kekri->keylen);
OPENSSL_free(kekri->key);
}
+ } else if (ri->type == CMS_RECIPINFO_PASS) {
+ CMS_PasswordRecipientInfo *pwri = ri->d.pwri;
+ if (pwri->pass) {
+ OPENSSL_cleanse(pwri->pass, pwri->passlen);
+ OPENSSL_free(pwri->pass);
+ }
}
}
return 1;
@@ -295,10 +303,41 @@
ADB_ENTRY(NID_id_smime_ct_compressedData, ASN1_NDEF_EXP(CMS_ContentInfo, d.compressedData, CMS_CompressedData, 0)),
} ASN1_ADB_END(CMS_ContentInfo, 0, contentType, 0, &cms_default_tt, NULL);
-ASN1_NDEF_SEQUENCE(CMS_ContentInfo) = {
+/* CMS streaming support */
+static int cms_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+ void *exarg)
+{
+ ASN1_STREAM_ARG *sarg = exarg;
+ CMS_ContentInfo *cms = NULL;
+ if (pval)
+ cms = (CMS_ContentInfo *)*pval;
+ else
+ return 1;
+ switch (operation) {
+
+ case ASN1_OP_STREAM_PRE:
+ if (CMS_stream(&sarg->boundary, cms) <= 0)
+ return 0;
+ case ASN1_OP_DETACHED_PRE:
+ sarg->ndef_bio = CMS_dataInit(cms, sarg->out);
+ if (!sarg->ndef_bio)
+ return 0;
+ break;
+
+ case ASN1_OP_STREAM_POST:
+ case ASN1_OP_DETACHED_POST:
+ if (CMS_dataFinal(cms, sarg->ndef_bio) <= 0)
+ return 0;
+ break;
+
+ }
+ return 1;
+}
+
+ASN1_NDEF_SEQUENCE_cb(CMS_ContentInfo, cms_cb) = {
ASN1_SIMPLE(CMS_ContentInfo, contentType, ASN1_OBJECT),
ASN1_ADB_OBJECT(CMS_ContentInfo)
-} ASN1_NDEF_SEQUENCE_END(CMS_ContentInfo)
+} ASN1_NDEF_SEQUENCE_END_cb(CMS_ContentInfo, CMS_ContentInfo)
/* Specials for signed attributes */
Modified: trunk/crypto/openssl/crypto/cms/cms_enc.c
===================================================================
--- trunk/crypto/openssl/crypto/cms/cms_enc.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/cms/cms_enc.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -75,7 +75,7 @@
X509_ALGOR *calg = ec->contentEncryptionAlgorithm;
unsigned char iv[EVP_MAX_IV_LENGTH], *piv = NULL;
unsigned char *tkey = NULL;
- size_t tkeylen;
+ size_t tkeylen = 0;
int ok = 0;
Modified: trunk/crypto/openssl/crypto/cms/cms_env.c
===================================================================
--- trunk/crypto/openssl/crypto/cms/cms_env.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/cms/cms_env.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -61,11 +61,11 @@
#include <openssl/rand.h>
#include <openssl/aes.h>
#include "cms_lcl.h"
+#include "asn1_locl.h"
/* CMS EnvelopedData Utilities */
DECLARE_ASN1_ITEM(CMS_EnvelopedData)
-DECLARE_ASN1_ITEM(CMS_RecipientInfo)
DECLARE_ASN1_ITEM(CMS_KeyTransRecipientInfo)
DECLARE_ASN1_ITEM(CMS_KEKRecipientInfo)
DECLARE_ASN1_ITEM(CMS_OtherKeyAttribute)
@@ -72,7 +72,7 @@
DECLARE_STACK_OF(CMS_RecipientInfo)
-static CMS_EnvelopedData *cms_get0_enveloped(CMS_ContentInfo *cms)
+CMS_EnvelopedData *cms_get0_enveloped(CMS_ContentInfo *cms)
{
if (OBJ_obj2nid(cms->contentType) != NID_pkcs7_enveloped) {
CMSerr(CMS_F_CMS_GET0_ENVELOPED,
@@ -149,7 +149,7 @@
CMS_KeyTransRecipientInfo *ktri;
CMS_EnvelopedData *env;
EVP_PKEY *pk = NULL;
- int type;
+ int i, type;
env = cms_get0_enveloped(cms);
if (!env)
goto err;
@@ -196,18 +196,17 @@
if (!cms_set1_SignerIdentifier(ktri->rid, recip, type))
goto err;
- /*
- * Since we have no EVP_PKEY_ASN1_METHOD in OpenSSL 0.9.8, hard code
- * algorithm parameters.
- */
-
- if (pk->type == EVP_PKEY_RSA) {
- X509_ALGOR_set0(ktri->keyEncryptionAlgorithm,
- OBJ_nid2obj(NID_rsaEncryption), V_ASN1_NULL, 0);
- } else {
- CMSerr(CMS_F_CMS_ADD1_RECIPIENT_CERT,
- CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE);
- goto err;
+ if (pk->ameth && pk->ameth->pkey_ctrl) {
+ i = pk->ameth->pkey_ctrl(pk, ASN1_PKEY_CTRL_CMS_ENVELOPE, 0, ri);
+ if (i == -2) {
+ CMSerr(CMS_F_CMS_ADD1_RECIPIENT_CERT,
+ CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE);
+ goto err;
+ }
+ if (i <= 0) {
+ CMSerr(CMS_F_CMS_ADD1_RECIPIENT_CERT, CMS_R_CTRL_FAILURE);
+ goto err;
+ }
}
if (!sk_CMS_RecipientInfo_push(env->recipientInfos, ri))
@@ -289,8 +288,9 @@
{
CMS_KeyTransRecipientInfo *ktri;
CMS_EncryptedContentInfo *ec;
+ EVP_PKEY_CTX *pctx = NULL;
unsigned char *ek = NULL;
- int eklen;
+ size_t eklen;
int ret = 0;
@@ -301,8 +301,22 @@
ktri = ri->d.ktri;
ec = cms->d.envelopedData->encryptedContentInfo;
- eklen = EVP_PKEY_size(ktri->pkey);
+ pctx = EVP_PKEY_CTX_new(ktri->pkey, NULL);
+ if (!pctx)
+ return 0;
+ if (EVP_PKEY_encrypt_init(pctx) <= 0)
+ goto err;
+
+ if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_ENCRYPT,
+ EVP_PKEY_CTRL_CMS_ENCRYPT, 0, ri) <= 0) {
+ CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT, CMS_R_CTRL_ERROR);
+ goto err;
+ }
+
+ if (EVP_PKEY_encrypt(pctx, NULL, &eklen, ec->key, ec->keylen) <= 0)
+ goto err;
+
ek = OPENSSL_malloc(eklen);
if (ek == NULL) {
@@ -310,9 +324,7 @@
goto err;
}
- eklen = EVP_PKEY_encrypt(ek, ec->key, ec->keylen, ktri->pkey);
-
- if (eklen <= 0)
+ if (EVP_PKEY_encrypt(pctx, ek, &eklen, ec->key, ec->keylen) <= 0)
goto err;
ASN1_STRING_set0(ktri->encryptedKey, ek, eklen);
@@ -321,6 +333,8 @@
ret = 1;
err:
+ if (pctx)
+ EVP_PKEY_CTX_free(pctx);
if (ek)
OPENSSL_free(ek);
return ret;
@@ -333,8 +347,9 @@
CMS_RecipientInfo *ri)
{
CMS_KeyTransRecipientInfo *ktri = ri->d.ktri;
+ EVP_PKEY_CTX *pctx = NULL;
unsigned char *ek = NULL;
- int eklen;
+ size_t eklen;
int ret = 0;
CMS_EncryptedContentInfo *ec;
ec = cms->d.envelopedData->encryptedContentInfo;
@@ -344,8 +359,24 @@
return 0;
}
- eklen = EVP_PKEY_size(ktri->pkey);
+ pctx = EVP_PKEY_CTX_new(ktri->pkey, NULL);
+ if (!pctx)
+ return 0;
+ if (EVP_PKEY_decrypt_init(pctx) <= 0)
+ goto err;
+
+ if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DECRYPT,
+ EVP_PKEY_CTRL_CMS_DECRYPT, 0, ri) <= 0) {
+ CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT, CMS_R_CTRL_ERROR);
+ goto err;
+ }
+
+ if (EVP_PKEY_decrypt(pctx, NULL, &eklen,
+ ktri->encryptedKey->data,
+ ktri->encryptedKey->length) <= 0)
+ goto err;
+
ek = OPENSSL_malloc(eklen);
if (ek == NULL) {
@@ -353,10 +384,9 @@
goto err;
}
- eklen = EVP_PKEY_decrypt(ek,
- ktri->encryptedKey->data,
- ktri->encryptedKey->length, ktri->pkey);
- if (eklen <= 0) {
+ if (EVP_PKEY_decrypt(pctx, ek, &eklen,
+ ktri->encryptedKey->data,
+ ktri->encryptedKey->length) <= 0) {
CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT, CMS_R_CMS_LIB);
goto err;
}
@@ -372,6 +402,8 @@
ec->keylen = eklen;
err:
+ if (pctx)
+ EVP_PKEY_CTX_free(pctx);
if (!ret && ek)
OPENSSL_free(ek);
@@ -703,6 +735,9 @@
case CMS_RECIPINFO_KEK:
return cms_RecipientInfo_kekri_decrypt(cms, ri);
+ case CMS_RECIPINFO_PASS:
+ return cms_RecipientInfo_pwri_crypt(cms, ri, 0);
+
default:
CMSerr(CMS_F_CMS_RECIPIENTINFO_DECRYPT,
CMS_R_UNSUPPORTED_RECPIENTINFO_TYPE);
@@ -744,6 +779,10 @@
r = cms_RecipientInfo_kekri_encrypt(cms, ri);
break;
+ case CMS_RECIPINFO_PASS:
+ r = cms_RecipientInfo_pwri_crypt(cms, ri, 1);
+ break;
+
default:
CMSerr(CMS_F_CMS_ENVELOPEDDATA_INIT_BIO,
CMS_R_UNSUPPORTED_RECIPIENT_TYPE);
Modified: trunk/crypto/openssl/crypto/cms/cms_err.c
===================================================================
--- trunk/crypto/openssl/crypto/cms/cms_err.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/cms/cms_err.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,6 +1,6 @@
/* crypto/cms/cms_err.c */
/* ====================================================================
- * Copyright (c) 1999-2008 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2009 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -73,6 +73,8 @@
{ERR_FUNC(CMS_F_CHECK_CONTENT), "CHECK_CONTENT"},
{ERR_FUNC(CMS_F_CMS_ADD0_CERT), "CMS_add0_cert"},
{ERR_FUNC(CMS_F_CMS_ADD0_RECIPIENT_KEY), "CMS_add0_recipient_key"},
+ {ERR_FUNC(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD),
+ "CMS_add0_recipient_password"},
{ERR_FUNC(CMS_F_CMS_ADD1_RECEIPTREQUEST), "CMS_add1_ReceiptRequest"},
{ERR_FUNC(CMS_F_CMS_ADD1_RECIPIENT_CERT), "CMS_add1_recipient_cert"},
{ERR_FUNC(CMS_F_CMS_ADD1_SIGNER), "CMS_add1_signer"},
@@ -88,6 +90,7 @@
{ERR_FUNC(CMS_F_CMS_DATAINIT), "CMS_dataInit"},
{ERR_FUNC(CMS_F_CMS_DECRYPT), "CMS_decrypt"},
{ERR_FUNC(CMS_F_CMS_DECRYPT_SET1_KEY), "CMS_decrypt_set1_key"},
+ {ERR_FUNC(CMS_F_CMS_DECRYPT_SET1_PASSWORD), "CMS_decrypt_set1_password"},
{ERR_FUNC(CMS_F_CMS_DECRYPT_SET1_PKEY), "CMS_decrypt_set1_pkey"},
{ERR_FUNC(CMS_F_CMS_DIGESTALGORITHM_FIND_CTX),
"cms_DigestAlgorithm_find_ctx"},
@@ -112,7 +115,7 @@
"CMS_GET0_CERTIFICATE_CHOICES"},
{ERR_FUNC(CMS_F_CMS_GET0_CONTENT), "CMS_get0_content"},
{ERR_FUNC(CMS_F_CMS_GET0_ECONTENT_TYPE), "CMS_GET0_ECONTENT_TYPE"},
- {ERR_FUNC(CMS_F_CMS_GET0_ENVELOPED), "CMS_GET0_ENVELOPED"},
+ {ERR_FUNC(CMS_F_CMS_GET0_ENVELOPED), "cms_get0_enveloped"},
{ERR_FUNC(CMS_F_CMS_GET0_REVOCATION_CHOICES),
"CMS_GET0_REVOCATION_CHOICES"},
{ERR_FUNC(CMS_F_CMS_GET0_SIGNED), "CMS_GET0_SIGNED"},
@@ -139,8 +142,12 @@
"CMS_RecipientInfo_ktri_get0_algs"},
{ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_SIGNER_ID),
"CMS_RecipientInfo_ktri_get0_signer_id"},
+ {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT),
+ "cms_RecipientInfo_pwri_crypt"},
{ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_SET0_KEY),
"CMS_RecipientInfo_set0_key"},
+ {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_SET0_PASSWORD),
+ "CMS_RecipientInfo_set0_password"},
{ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_SET0_PKEY),
"CMS_RecipientInfo_set0_pkey"},
{ERR_FUNC(CMS_F_CMS_SET1_SIGNERIDENTIFIER), "cms_set1_SignerIdentifier"},
@@ -156,7 +163,7 @@
{ERR_FUNC(CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT),
"CMS_SignerInfo_verify_content"},
{ERR_FUNC(CMS_F_CMS_SIGN_RECEIPT), "CMS_sign_receipt"},
- {ERR_FUNC(CMS_F_CMS_STREAM), "CMS_STREAM"},
+ {ERR_FUNC(CMS_F_CMS_STREAM), "CMS_stream"},
{ERR_FUNC(CMS_F_CMS_UNCOMPRESS), "CMS_uncompress"},
{ERR_FUNC(CMS_F_CMS_VERIFY), "CMS_verify"},
{0, NULL}
@@ -197,6 +204,8 @@
"error setting recipientinfo"},
{ERR_REASON(CMS_R_INVALID_ENCRYPTED_KEY_LENGTH),
"invalid encrypted key length"},
+ {ERR_REASON(CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER),
+ "invalid key encryption parameter"},
{ERR_REASON(CMS_R_INVALID_KEY_LENGTH), "invalid key length"},
{ERR_REASON(CMS_R_MD_BIO_INIT_ERROR), "md bio init error"},
{ERR_REASON(CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH),
@@ -213,6 +222,7 @@
{ERR_REASON(CMS_R_NOT_ENCRYPTED_DATA), "not encrypted data"},
{ERR_REASON(CMS_R_NOT_KEK), "not kek"},
{ERR_REASON(CMS_R_NOT_KEY_TRANSPORT), "not key transport"},
+ {ERR_REASON(CMS_R_NOT_PWRI), "not pwri"},
{ERR_REASON(CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE),
"not supported for this key type"},
{ERR_REASON(CMS_R_NO_CIPHER), "no cipher"},
@@ -226,6 +236,7 @@
{ERR_REASON(CMS_R_NO_MATCHING_RECIPIENT), "no matching recipient"},
{ERR_REASON(CMS_R_NO_MATCHING_SIGNATURE), "no matching signature"},
{ERR_REASON(CMS_R_NO_MSGSIGDIGEST), "no msgsigdigest"},
+ {ERR_REASON(CMS_R_NO_PASSWORD), "no password"},
{ERR_REASON(CMS_R_NO_PRIVATE_KEY), "no private key"},
{ERR_REASON(CMS_R_NO_PUBLIC_KEY), "no public key"},
{ERR_REASON(CMS_R_NO_RECEIPT_REQUEST), "no receipt request"},
@@ -254,6 +265,8 @@
{ERR_REASON(CMS_R_UNSUPPORTED_CONTENT_TYPE), "unsupported content type"},
{ERR_REASON(CMS_R_UNSUPPORTED_KEK_ALGORITHM),
"unsupported kek algorithm"},
+ {ERR_REASON(CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM),
+ "unsupported key encryption algorithm"},
{ERR_REASON(CMS_R_UNSUPPORTED_RECIPIENT_TYPE),
"unsupported recipient type"},
{ERR_REASON(CMS_R_UNSUPPORTED_RECPIENTINFO_TYPE),
@@ -260,6 +273,7 @@
"unsupported recpientinfo type"},
{ERR_REASON(CMS_R_UNSUPPORTED_TYPE), "unsupported type"},
{ERR_REASON(CMS_R_UNWRAP_ERROR), "unwrap error"},
+ {ERR_REASON(CMS_R_UNWRAP_FAILURE), "unwrap failure"},
{ERR_REASON(CMS_R_VERIFICATION_FAILURE), "verification failure"},
{ERR_REASON(CMS_R_WRAP_ERROR), "wrap error"},
{0, NULL}
Modified: trunk/crypto/openssl/crypto/cms/cms_ess.c
===================================================================
--- trunk/crypto/openssl/crypto/cms/cms_ess.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/cms/cms_ess.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -64,7 +64,7 @@
DECLARE_ASN1_ITEM(CMS_ReceiptRequest)
DECLARE_ASN1_ITEM(CMS_Receipt)
-IMPLEMENT_ASN1_FUNCTIONS_const(CMS_ReceiptRequest)
+IMPLEMENT_ASN1_FUNCTIONS(CMS_ReceiptRequest)
/* ESS services: for now just Signed Receipt related */
Modified: trunk/crypto/openssl/crypto/cms/cms_io.c
===================================================================
--- trunk/crypto/openssl/crypto/cms/cms_io.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/cms/cms_io.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -59,6 +59,24 @@
#include "cms.h"
#include "cms_lcl.h"
+int CMS_stream(unsigned char ***boundary, CMS_ContentInfo *cms)
+{
+ ASN1_OCTET_STRING **pos;
+ pos = CMS_get0_content(cms);
+ if (!pos)
+ return 0;
+ if (!*pos)
+ *pos = ASN1_OCTET_STRING_new();
+ if (*pos) {
+ (*pos)->flags |= ASN1_STRING_FLAG_NDEF;
+ (*pos)->flags &= ~ASN1_STRING_FLAG_CONT;
+ *boundary = &(*pos)->data;
+ return 1;
+ }
+ CMSerr(CMS_F_CMS_STREAM, ERR_R_MALLOC_FAILURE);
+ return 0;
+}
+
CMS_ContentInfo *d2i_CMS_bio(BIO *bp, CMS_ContentInfo **cms)
{
return ASN1_item_d2i_bio(ASN1_ITEM_rptr(CMS_ContentInfo), bp, cms);
@@ -71,47 +89,25 @@
IMPLEMENT_PEM_rw_const(CMS, CMS_ContentInfo, PEM_STRING_CMS, CMS_ContentInfo)
-/* Callback for int_smime_write_ASN1 */
-static int cms_output_data(BIO *out, BIO *data, ASN1_VALUE *val, int flags,
- const ASN1_ITEM *it)
+BIO *BIO_new_CMS(BIO *out, CMS_ContentInfo *cms)
{
- CMS_ContentInfo *cms = (CMS_ContentInfo *)val;
- BIO *tmpbio, *cmsbio;
- int r = 0;
+ return BIO_new_NDEF(out, (ASN1_VALUE *)cms,
+ ASN1_ITEM_rptr(CMS_ContentInfo));
+}
- if (!(flags & SMIME_DETACHED)) {
- SMIME_crlf_copy(data, out, flags);
- return 1;
- }
+/* CMS wrappers round generalised stream and MIME routines */
- /* Let CMS code prepend any needed BIOs */
+int i2d_CMS_bio_stream(BIO *out, CMS_ContentInfo *cms, BIO *in, int flags)
+{
+ return i2d_ASN1_bio_stream(out, (ASN1_VALUE *)cms, in, flags,
+ ASN1_ITEM_rptr(CMS_ContentInfo));
+}
- cmsbio = CMS_dataInit(cms, out);
-
- if (!cmsbio)
- return 0;
-
- /* Copy data across, passing through filter BIOs for processing */
- SMIME_crlf_copy(data, cmsbio, flags);
-
- /* Finalize structure */
- if (CMS_dataFinal(cms, cmsbio) <= 0)
- goto err;
-
- r = 1;
-
- err:
-
- /* Now remove any digests prepended to the BIO */
-
- while (cmsbio != out) {
- tmpbio = BIO_pop(cmsbio);
- BIO_free(cmsbio);
- cmsbio = tmpbio;
- }
-
- return r;
-
+int PEM_write_bio_CMS_stream(BIO *out, CMS_ContentInfo *cms, BIO *in,
+ int flags)
+{
+ return PEM_write_bio_ASN1_stream(out, (ASN1_VALUE *)cms, in, flags,
+ "CMS", ASN1_ITEM_rptr(CMS_ContentInfo));
}
int SMIME_write_CMS(BIO *bio, CMS_ContentInfo *cms, BIO *data, int flags)
@@ -124,10 +120,9 @@
else
mdalgs = NULL;
- return int_smime_write_ASN1(bio, (ASN1_VALUE *)cms, data, flags,
- ctype_nid, econt_nid, mdalgs,
- cms_output_data,
- ASN1_ITEM_rptr(CMS_ContentInfo));
+ return SMIME_write_ASN1(bio, (ASN1_VALUE *)cms, data, flags,
+ ctype_nid, econt_nid, mdalgs,
+ ASN1_ITEM_rptr(CMS_ContentInfo));
}
CMS_ContentInfo *SMIME_read_CMS(BIO *bio, BIO **bcont)
Modified: trunk/crypto/openssl/crypto/cms/cms_lcl.h
===================================================================
--- trunk/crypto/openssl/crypto/cms/cms_lcl.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/cms/cms_lcl.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -258,6 +258,9 @@
X509_ALGOR *keyDerivationAlgorithm;
X509_ALGOR *keyEncryptionAlgorithm;
ASN1_OCTET_STRING *encryptedKey;
+ /* Extra info: password to use */
+ unsigned char *pass;
+ size_t passlen;
};
struct CMS_OtherRecipientInfo_st {
@@ -376,10 +379,13 @@
ASN1_OCTET_STRING *originatorSignatureValue;
};
+DECLARE_ASN1_FUNCTIONS(CMS_ContentInfo)
DECLARE_ASN1_ITEM(CMS_SignerInfo)
DECLARE_ASN1_ITEM(CMS_IssuerAndSerialNumber)
DECLARE_ASN1_ITEM(CMS_Attributes_Sign)
DECLARE_ASN1_ITEM(CMS_Attributes_Verify)
+DECLARE_ASN1_ITEM(CMS_RecipientInfo)
+DECLARE_ASN1_ITEM(CMS_PasswordRecipientInfo)
DECLARE_ASN1_ALLOC_FUNCTIONS(CMS_IssuerAndSerialNumber)
# define CMS_SIGNERINFO_ISSUER_SERIAL 0
@@ -425,7 +431,12 @@
ASN1_OCTET_STRING *cms_encode_Receipt(CMS_SignerInfo *si);
BIO *cms_EnvelopedData_init_bio(CMS_ContentInfo *cms);
+CMS_EnvelopedData *cms_get0_enveloped(CMS_ContentInfo *cms);
+/* PWRI routines */
+int cms_RecipientInfo_pwri_crypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri,
+ int en_de);
+
#ifdef __cplusplus
}
#endif
Modified: trunk/crypto/openssl/crypto/cms/cms_lib.c
===================================================================
--- trunk/crypto/openssl/crypto/cms/cms_lib.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/cms/cms_lib.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -61,7 +61,8 @@
#include "cms.h"
#include "cms_lcl.h"
-IMPLEMENT_ASN1_FUNCTIONS_const(CMS_ContentInfo)
+IMPLEMENT_ASN1_FUNCTIONS(CMS_ContentInfo)
+IMPLEMENT_ASN1_PRINT_FUNCTION(CMS_ContentInfo)
DECLARE_ASN1_ITEM(CMS_CertificateChoices)
DECLARE_ASN1_ITEM(CMS_RevocationInfoChoice)
@@ -338,19 +339,10 @@
{
int param_type;
- switch (EVP_MD_type(md)) {
- case NID_sha1:
- case NID_sha224:
- case NID_sha256:
- case NID_sha384:
- case NID_sha512:
+ if (md->flags & EVP_MD_FLAG_DIGALGID_ABSENT)
param_type = V_ASN1_UNDEF;
- break;
-
- default:
+ else
param_type = V_ASN1_NULL;
- break;
- }
X509_ALGOR_set0(alg, OBJ_nid2obj(EVP_MD_type(md)), param_type, NULL);
@@ -406,10 +398,8 @@
* Workaround for broken implementations that use signature
* algorithm OID instead of digest.
*/
- || EVP_MD_pkey_type(EVP_MD_CTX_md(mtmp)) == nid) {
- EVP_MD_CTX_copy_ex(mctx, mtmp);
- return 1;
- }
+ || EVP_MD_pkey_type(EVP_MD_CTX_md(mtmp)) == nid)
+ return EVP_MD_CTX_copy_ex(mctx, mtmp);
chain = BIO_next(chain);
}
}
@@ -540,6 +530,15 @@
return 1;
}
+int CMS_add1_crl(CMS_ContentInfo *cms, X509_CRL *crl)
+{
+ int r;
+ r = CMS_add0_crl(cms, crl);
+ if (r > 0)
+ CRYPTO_add(&crl->references, 1, CRYPTO_LOCK_X509_CRL);
+ return r;
+}
+
STACK_OF(X509) *CMS_get1_certs(CMS_ContentInfo *cms)
{
STACK_OF(X509) *certs = NULL;
Copied: trunk/crypto/openssl/crypto/cms/cms_pwri.c (from rev 7117, vendor-crypto/openssl/dist/crypto/cms/cms_pwri.c)
===================================================================
--- trunk/crypto/openssl/crypto/cms/cms_pwri.c (rev 0)
+++ trunk/crypto/openssl/crypto/cms/cms_pwri.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,432 @@
+/* crypto/cms/cms_pwri.c */
+/*
+ * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2009 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/pem.h>
+#include <openssl/x509v3.h>
+#include <openssl/err.h>
+#include <openssl/cms.h>
+#include <openssl/rand.h>
+#include <openssl/aes.h>
+#include "cms_lcl.h"
+#include "asn1_locl.h"
+
+int CMS_RecipientInfo_set0_password(CMS_RecipientInfo *ri,
+ unsigned char *pass, ossl_ssize_t passlen)
+{
+ CMS_PasswordRecipientInfo *pwri;
+ if (ri->type != CMS_RECIPINFO_PASS) {
+ CMSerr(CMS_F_CMS_RECIPIENTINFO_SET0_PASSWORD, CMS_R_NOT_PWRI);
+ return 0;
+ }
+
+ pwri = ri->d.pwri;
+ pwri->pass = pass;
+ if (pass && passlen < 0)
+ passlen = strlen((char *)pass);
+ pwri->passlen = passlen;
+ return 1;
+}
+
+CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms,
+ int iter, int wrap_nid,
+ int pbe_nid,
+ unsigned char *pass,
+ ossl_ssize_t passlen,
+ const EVP_CIPHER *kekciph)
+{
+ CMS_RecipientInfo *ri = NULL;
+ CMS_EnvelopedData *env;
+ CMS_PasswordRecipientInfo *pwri;
+ EVP_CIPHER_CTX ctx;
+ X509_ALGOR *encalg = NULL;
+ unsigned char iv[EVP_MAX_IV_LENGTH];
+ int ivlen;
+
+ env = cms_get0_enveloped(cms);
+ if (!env)
+ return NULL;
+
+ if (wrap_nid <= 0)
+ wrap_nid = NID_id_alg_PWRI_KEK;
+
+ if (pbe_nid <= 0)
+ pbe_nid = NID_id_pbkdf2;
+
+ /* Get from enveloped data */
+ if (kekciph == NULL)
+ kekciph = env->encryptedContentInfo->cipher;
+
+ if (kekciph == NULL) {
+ CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD, CMS_R_NO_CIPHER);
+ return NULL;
+ }
+ if (wrap_nid != NID_id_alg_PWRI_KEK) {
+ CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD,
+ CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM);
+ return NULL;
+ }
+
+ /* Setup algorithm identifier for cipher */
+ encalg = X509_ALGOR_new();
+ EVP_CIPHER_CTX_init(&ctx);
+
+ if (EVP_EncryptInit_ex(&ctx, kekciph, NULL, NULL, NULL) <= 0) {
+ CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD, ERR_R_EVP_LIB);
+ goto err;
+ }
+
+ ivlen = EVP_CIPHER_CTX_iv_length(&ctx);
+
+ if (ivlen > 0) {
+ if (RAND_pseudo_bytes(iv, ivlen) <= 0)
+ goto err;
+ if (EVP_EncryptInit_ex(&ctx, NULL, NULL, NULL, iv) <= 0) {
+ CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD, ERR_R_EVP_LIB);
+ goto err;
+ }
+ encalg->parameter = ASN1_TYPE_new();
+ if (!encalg->parameter) {
+ CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ if (EVP_CIPHER_param_to_asn1(&ctx, encalg->parameter) <= 0) {
+ CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD,
+ CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
+ goto err;
+ }
+ }
+
+ encalg->algorithm = OBJ_nid2obj(EVP_CIPHER_CTX_type(&ctx));
+
+ EVP_CIPHER_CTX_cleanup(&ctx);
+
+ /* Initialize recipient info */
+ ri = M_ASN1_new_of(CMS_RecipientInfo);
+ if (!ri)
+ goto merr;
+
+ ri->d.pwri = M_ASN1_new_of(CMS_PasswordRecipientInfo);
+ if (!ri->d.pwri)
+ goto merr;
+ ri->type = CMS_RECIPINFO_PASS;
+
+ pwri = ri->d.pwri;
+ /* Since this is overwritten, free up empty structure already there */
+ X509_ALGOR_free(pwri->keyEncryptionAlgorithm);
+ pwri->keyEncryptionAlgorithm = X509_ALGOR_new();
+ if (!pwri->keyEncryptionAlgorithm)
+ goto merr;
+ pwri->keyEncryptionAlgorithm->algorithm = OBJ_nid2obj(wrap_nid);
+ pwri->keyEncryptionAlgorithm->parameter = ASN1_TYPE_new();
+ if (!pwri->keyEncryptionAlgorithm->parameter)
+ goto merr;
+
+ if (!ASN1_item_pack(encalg, ASN1_ITEM_rptr(X509_ALGOR),
+ &pwri->keyEncryptionAlgorithm->parameter->
+ value.sequence))
+ goto merr;
+ pwri->keyEncryptionAlgorithm->parameter->type = V_ASN1_SEQUENCE;
+
+ X509_ALGOR_free(encalg);
+ encalg = NULL;
+
+ /* Setup PBE algorithm */
+
+ pwri->keyDerivationAlgorithm = PKCS5_pbkdf2_set(iter, NULL, 0, -1, -1);
+
+ if (!pwri->keyDerivationAlgorithm)
+ goto err;
+
+ CMS_RecipientInfo_set0_password(ri, pass, passlen);
+ pwri->version = 0;
+
+ if (!sk_CMS_RecipientInfo_push(env->recipientInfos, ri))
+ goto merr;
+
+ return ri;
+
+ merr:
+ CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD, ERR_R_MALLOC_FAILURE);
+ err:
+ EVP_CIPHER_CTX_cleanup(&ctx);
+ if (ri)
+ M_ASN1_free_of(ri, CMS_RecipientInfo);
+ if (encalg)
+ X509_ALGOR_free(encalg);
+ return NULL;
+
+}
+
+/*
+ * This is an implementation of the key wrapping mechanism in RFC3211, at
+ * some point this should go into EVP.
+ */
+
+static int kek_unwrap_key(unsigned char *out, size_t *outlen,
+ const unsigned char *in, size_t inlen,
+ EVP_CIPHER_CTX *ctx)
+{
+ size_t blocklen = EVP_CIPHER_CTX_block_size(ctx);
+ unsigned char *tmp;
+ int outl, rv = 0;
+ if (inlen < 2 * blocklen) {
+ /* too small */
+ return 0;
+ }
+ if (inlen % blocklen) {
+ /* Invalid size */
+ return 0;
+ }
+ tmp = OPENSSL_malloc(inlen);
+ if (!tmp)
+ return 0;
+ /* setup IV by decrypting last two blocks */
+ EVP_DecryptUpdate(ctx, tmp + inlen - 2 * blocklen, &outl,
+ in + inlen - 2 * blocklen, blocklen * 2);
+ /*
+ * Do a decrypt of last decrypted block to set IV to correct value output
+ * it to start of buffer so we don't corrupt decrypted block this works
+ * because buffer is at least two block lengths long.
+ */
+ EVP_DecryptUpdate(ctx, tmp, &outl, tmp + inlen - blocklen, blocklen);
+ /* Can now decrypt first n - 1 blocks */
+ EVP_DecryptUpdate(ctx, tmp, &outl, in, inlen - blocklen);
+
+ /* Reset IV to original value */
+ EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, NULL);
+ /* Decrypt again */
+ EVP_DecryptUpdate(ctx, tmp, &outl, tmp, inlen);
+ /* Check check bytes */
+ if (((tmp[1] ^ tmp[4]) & (tmp[2] ^ tmp[5]) & (tmp[3] ^ tmp[6])) != 0xff) {
+ /* Check byte failure */
+ goto err;
+ }
+ if (inlen < (size_t)(tmp[0] - 4)) {
+ /* Invalid length value */
+ goto err;
+ }
+ *outlen = (size_t)tmp[0];
+ memcpy(out, tmp + 4, *outlen);
+ rv = 1;
+ err:
+ OPENSSL_cleanse(tmp, inlen);
+ OPENSSL_free(tmp);
+ return rv;
+
+}
+
+static int kek_wrap_key(unsigned char *out, size_t *outlen,
+ const unsigned char *in, size_t inlen,
+ EVP_CIPHER_CTX *ctx)
+{
+ size_t blocklen = EVP_CIPHER_CTX_block_size(ctx);
+ size_t olen;
+ int dummy;
+ /*
+ * First decide length of output buffer: need header and round up to
+ * multiple of block length.
+ */
+ olen = (inlen + 4 + blocklen - 1) / blocklen;
+ olen *= blocklen;
+ if (olen < 2 * blocklen) {
+ /* Key too small */
+ return 0;
+ }
+ if (inlen > 0xFF) {
+ /* Key too large */
+ return 0;
+ }
+ if (out) {
+ /* Set header */
+ out[0] = (unsigned char)inlen;
+ out[1] = in[0] ^ 0xFF;
+ out[2] = in[1] ^ 0xFF;
+ out[3] = in[2] ^ 0xFF;
+ memcpy(out + 4, in, inlen);
+ /* Add random padding to end */
+ if (olen > inlen + 4
+ && RAND_pseudo_bytes(out + 4 + inlen, olen - 4 - inlen) < 0)
+ return 0;
+ /* Encrypt twice */
+ EVP_EncryptUpdate(ctx, out, &dummy, out, olen);
+ EVP_EncryptUpdate(ctx, out, &dummy, out, olen);
+ }
+
+ *outlen = olen;
+
+ return 1;
+}
+
+/* Encrypt/Decrypt content key in PWRI recipient info */
+
+int cms_RecipientInfo_pwri_crypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri,
+ int en_de)
+{
+ CMS_EncryptedContentInfo *ec;
+ CMS_PasswordRecipientInfo *pwri;
+ const unsigned char *p = NULL;
+ int plen;
+ int r = 0;
+ X509_ALGOR *algtmp, *kekalg = NULL;
+ EVP_CIPHER_CTX kekctx;
+ const EVP_CIPHER *kekcipher;
+ unsigned char *key = NULL;
+ size_t keylen;
+
+ ec = cms->d.envelopedData->encryptedContentInfo;
+
+ pwri = ri->d.pwri;
+ EVP_CIPHER_CTX_init(&kekctx);
+
+ if (!pwri->pass) {
+ CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, CMS_R_NO_PASSWORD);
+ return 0;
+ }
+ algtmp = pwri->keyEncryptionAlgorithm;
+
+ if (!algtmp || OBJ_obj2nid(algtmp->algorithm) != NID_id_alg_PWRI_KEK) {
+ CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT,
+ CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM);
+ return 0;
+ }
+
+ if (algtmp->parameter->type == V_ASN1_SEQUENCE) {
+ p = algtmp->parameter->value.sequence->data;
+ plen = algtmp->parameter->value.sequence->length;
+ kekalg = d2i_X509_ALGOR(NULL, &p, plen);
+ }
+ if (kekalg == NULL) {
+ CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT,
+ CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER);
+ return 0;
+ }
+
+ kekcipher = EVP_get_cipherbyobj(kekalg->algorithm);
+
+ if (!kekcipher) {
+ CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, CMS_R_UNKNOWN_CIPHER);
+ goto err;
+ }
+
+ /* Fixup cipher based on AlgorithmIdentifier to set IV etc */
+ if (!EVP_CipherInit_ex(&kekctx, kekcipher, NULL, NULL, NULL, en_de))
+ goto err;
+ EVP_CIPHER_CTX_set_padding(&kekctx, 0);
+ if (EVP_CIPHER_asn1_to_param(&kekctx, kekalg->parameter) < 0) {
+ CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT,
+ CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
+ goto err;
+ }
+
+ algtmp = pwri->keyDerivationAlgorithm;
+
+ /* Finish password based key derivation to setup key in "ctx" */
+
+ if (EVP_PBE_CipherInit(algtmp->algorithm,
+ (char *)pwri->pass, pwri->passlen,
+ algtmp->parameter, &kekctx, en_de) < 0) {
+ CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, ERR_R_EVP_LIB);
+ goto err;
+ }
+
+ /* Finally wrap/unwrap the key */
+
+ if (en_de) {
+
+ if (!kek_wrap_key(NULL, &keylen, ec->key, ec->keylen, &kekctx))
+ goto err;
+
+ key = OPENSSL_malloc(keylen);
+
+ if (!key)
+ goto err;
+
+ if (!kek_wrap_key(key, &keylen, ec->key, ec->keylen, &kekctx))
+ goto err;
+ pwri->encryptedKey->data = key;
+ pwri->encryptedKey->length = keylen;
+ } else {
+ key = OPENSSL_malloc(pwri->encryptedKey->length);
+
+ if (!key) {
+ CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ if (!kek_unwrap_key(key, &keylen,
+ pwri->encryptedKey->data,
+ pwri->encryptedKey->length, &kekctx)) {
+ CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, CMS_R_UNWRAP_FAILURE);
+ goto err;
+ }
+
+ ec->key = key;
+ ec->keylen = keylen;
+
+ }
+
+ r = 1;
+
+ err:
+
+ EVP_CIPHER_CTX_cleanup(&kekctx);
+
+ if (!r && key)
+ OPENSSL_free(key);
+ X509_ALGOR_free(kekalg);
+
+ return r;
+
+}
Modified: trunk/crypto/openssl/crypto/cms/cms_sd.c
===================================================================
--- trunk/crypto/openssl/crypto/cms/cms_sd.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/cms/cms_sd.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -59,6 +59,7 @@
#include <openssl/err.h>
#include <openssl/cms.h>
#include "cms_lcl.h"
+#include "asn1_locl.h"
/* CMS SignedData Utilities */
@@ -203,10 +204,8 @@
if (!X509_NAME_set(&sid->d.issuerAndSerialNumber->issuer,
X509_get_issuer_name(cert)))
goto merr;
- ASN1_STRING_free(sid->d.issuerAndSerialNumber->serialNumber);
- sid->d.issuerAndSerialNumber->serialNumber =
- ASN1_STRING_dup(X509_get_serialNumber(cert));
- if (!sid->d.issuerAndSerialNumber->serialNumber)
+ if (!ASN1_STRING_copy(sid->d.issuerAndSerialNumber->serialNumber,
+ X509_get_serialNumber(cert)))
goto merr;
break;
@@ -313,14 +312,19 @@
if (!cms_set1_SignerIdentifier(si->sid, signer, type))
goto err;
- /* Since no EVP_PKEY_METHOD in 0.9.8 hard code SHA1 as default */
- if (md == NULL)
- md = EVP_sha1();
+ if (md == NULL) {
+ int def_nid;
+ if (EVP_PKEY_get_default_digest_nid(pk, &def_nid) <= 0)
+ goto err;
+ md = EVP_get_digestbynid(def_nid);
+ if (md == NULL) {
+ CMSerr(CMS_F_CMS_ADD1_SIGNER, CMS_R_NO_DEFAULT_DIGEST);
+ goto err;
+ }
+ }
- /* OpenSSL 0.9.8 only supports SHA1 with non-RSA keys */
-
- if ((pk->type != EVP_PKEY_RSA) && (EVP_MD_type(md) != NID_sha1)) {
- CMSerr(CMS_F_CMS_ADD1_SIGNER, CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE);
+ if (!md) {
+ CMSerr(CMS_F_CMS_ADD1_SIGNER, CMS_R_NO_DIGEST_SET);
goto err;
}
@@ -346,32 +350,17 @@
}
}
- /*
- * Since we have no EVP_PKEY_ASN1_METHOD in OpenSSL 0.9.8, hard code
- * algorithm parameters.
- */
-
- switch (pk->type) {
-
- case EVP_PKEY_RSA:
- X509_ALGOR_set0(si->signatureAlgorithm,
- OBJ_nid2obj(NID_rsaEncryption), V_ASN1_NULL, 0);
- break;
-
- case EVP_PKEY_DSA:
- X509_ALGOR_set0(si->signatureAlgorithm,
- OBJ_nid2obj(NID_dsaWithSHA1), V_ASN1_UNDEF, 0);
- break;
-
- case EVP_PKEY_EC:
- X509_ALGOR_set0(si->signatureAlgorithm,
- OBJ_nid2obj(NID_ecdsa_with_SHA1), V_ASN1_UNDEF, 0);
- break;
-
- default:
- CMSerr(CMS_F_CMS_ADD1_SIGNER, CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE);
- goto err;
-
+ if (pk->ameth && pk->ameth->pkey_ctrl) {
+ i = pk->ameth->pkey_ctrl(pk, ASN1_PKEY_CTRL_CMS_SIGN, 0, si);
+ if (i == -2) {
+ CMSerr(CMS_F_CMS_ADD1_SIGNER,
+ CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE);
+ goto err;
+ }
+ if (i <= 0) {
+ CMSerr(CMS_F_CMS_ADD1_SIGNER, CMS_R_CTRL_FAILURE);
+ goto err;
+ }
}
if (!(flags & CMS_NOATTR)) {
@@ -572,26 +561,6 @@
*psig = si->signatureAlgorithm;
}
-/*
- * In OpenSSL 0.9.8 we have the link between digest types and public key
- * types so we need to fixup the digest type if the public key type is not
- * appropriate.
- */
-
-static void cms_fixup_mctx(EVP_MD_CTX *mctx, EVP_PKEY *pkey)
-{
- if (EVP_MD_CTX_type(mctx) != NID_sha1)
- return;
-#ifndef OPENSSL_NO_DSA
- if (pkey->type == EVP_PKEY_DSA)
- mctx->digest = EVP_dss1();
-#endif
-#ifndef OPENSSL_NO_ECDSA
- if (pkey->type == EVP_PKEY_EC)
- mctx->digest = EVP_ecdsa();
-#endif
-}
-
static int cms_SignerInfo_content_sign(CMS_ContentInfo *cms,
CMS_SignerInfo *si, BIO *chain)
{
@@ -616,7 +585,8 @@
cms->d.signedData->encapContentInfo->eContentType;
unsigned char md[EVP_MAX_MD_SIZE];
unsigned int mdlen;
- EVP_DigestFinal_ex(&mctx, md, &mdlen);
+ if (!EVP_DigestFinal_ex(&mctx, md, &mdlen))
+ goto err;
if (!CMS_signed_add1_attr_by_NID(si, NID_pkcs9_messageDigest,
V_ASN1_OCTET_STRING, md, mdlen))
goto err;
@@ -634,7 +604,6 @@
CMSerr(CMS_F_CMS_SIGNERINFO_CONTENT_SIGN, ERR_R_MALLOC_FAILURE);
goto err;
}
- cms_fixup_mctx(&mctx, si->pkey);
if (!EVP_SignFinal(&mctx, sig, &siglen, si->pkey)) {
CMSerr(CMS_F_CMS_SIGNERINFO_CONTENT_SIGN, CMS_R_SIGNFINAL_ERROR);
OPENSSL_free(sig);
@@ -669,9 +638,10 @@
int CMS_SignerInfo_sign(CMS_SignerInfo *si)
{
EVP_MD_CTX mctx;
+ EVP_PKEY_CTX *pctx;
unsigned char *abuf = NULL;
int alen;
- unsigned int siglen;
+ size_t siglen;
const EVP_MD *md = NULL;
md = EVP_get_digestbyobj(si->digestAlgorithm->algorithm);
@@ -685,38 +655,36 @@
goto err;
}
- if (EVP_SignInit_ex(&mctx, md, NULL) <= 0)
+ if (EVP_DigestSignInit(&mctx, &pctx, md, NULL, si->pkey) <= 0)
goto err;
-#if 0
if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN,
EVP_PKEY_CTRL_CMS_SIGN, 0, si) <= 0) {
CMSerr(CMS_F_CMS_SIGNERINFO_SIGN, CMS_R_CTRL_ERROR);
goto err;
}
-#endif
alen = ASN1_item_i2d((ASN1_VALUE *)si->signedAttrs, &abuf,
ASN1_ITEM_rptr(CMS_Attributes_Sign));
if (!abuf)
goto err;
- if (EVP_SignUpdate(&mctx, abuf, alen) <= 0)
+ if (EVP_DigestSignUpdate(&mctx, abuf, alen) <= 0)
goto err;
- siglen = EVP_PKEY_size(si->pkey);
+ if (EVP_DigestSignFinal(&mctx, NULL, &siglen) <= 0)
+ goto err;
OPENSSL_free(abuf);
abuf = OPENSSL_malloc(siglen);
if (!abuf)
goto err;
- cms_fixup_mctx(&mctx, si->pkey);
- if (EVP_SignFinal(&mctx, abuf, &siglen, si->pkey) <= 0)
+ if (EVP_DigestSignFinal(&mctx, abuf, &siglen) <= 0)
goto err;
-#if 0
+
if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN,
EVP_PKEY_CTRL_CMS_SIGN, 1, si) <= 0) {
CMSerr(CMS_F_CMS_SIGNERINFO_SIGN, CMS_R_CTRL_ERROR);
goto err;
}
-#endif
+
EVP_MD_CTX_cleanup(&mctx);
ASN1_STRING_set0(si->signature, abuf, siglen);
@@ -734,6 +702,7 @@
int CMS_SignerInfo_verify(CMS_SignerInfo *si)
{
EVP_MD_CTX mctx;
+ EVP_PKEY_CTX *pctx;
unsigned char *abuf = NULL;
int alen, r = -1;
const EVP_MD *md = NULL;
@@ -747,7 +716,7 @@
if (md == NULL)
return -1;
EVP_MD_CTX_init(&mctx);
- if (EVP_VerifyInit_ex(&mctx, md, NULL) <= 0)
+ if (EVP_DigestVerifyInit(&mctx, &pctx, md, NULL, si->pkey) <= 0)
goto err;
alen = ASN1_item_i2d((ASN1_VALUE *)si->signedAttrs, &abuf,
@@ -754,15 +723,14 @@
ASN1_ITEM_rptr(CMS_Attributes_Verify));
if (!abuf)
goto err;
- r = EVP_VerifyUpdate(&mctx, abuf, alen);
+ r = EVP_DigestVerifyUpdate(&mctx, abuf, alen);
OPENSSL_free(abuf);
if (r <= 0) {
r = -1;
goto err;
}
- cms_fixup_mctx(&mctx, si->pkey);
- r = EVP_VerifyFinal(&mctx,
- si->signature->data, si->signature->length, si->pkey);
+ r = EVP_DigestVerifyFinal(&mctx,
+ si->signature->data, si->signature->length);
if (r <= 0)
CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY, CMS_R_VERIFICATION_FAILURE);
err:
@@ -845,7 +813,6 @@
} else
r = 1;
} else {
- cms_fixup_mctx(&mctx, si->pkey);
r = EVP_VerifyFinal(&mctx, si->signature->data,
si->signature->length, si->pkey);
if (r <= 0) {
@@ -911,7 +878,6 @@
return 1;
}
-#if 0
static int cms_add_digest_smcap(STACK_OF(X509_ALGOR) **sk, int nid, int arg)
{
if (EVP_get_digestbynid(nid))
@@ -918,10 +884,12 @@
return CMS_add_simple_smimecap(sk, nid, arg);
return 1;
}
-#endif
+
int CMS_add_standard_smimecap(STACK_OF(X509_ALGOR) **smcap)
{
if (!cms_add_cipher_smcap(smcap, NID_aes_256_cbc, -1)
+ || !cms_add_digest_smcap(smcap, NID_id_GostR3411_94, -1)
+ || !cms_add_cipher_smcap(smcap, NID_id_Gost28147_89, -1)
|| !cms_add_cipher_smcap(smcap, NID_aes_192_cbc, -1)
|| !cms_add_cipher_smcap(smcap, NID_aes_128_cbc, -1)
|| !cms_add_cipher_smcap(smcap, NID_des_ede3_cbc, -1)
Modified: trunk/crypto/openssl/crypto/cms/cms_smime.c
===================================================================
--- trunk/crypto/openssl/crypto/cms/cms_smime.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/cms/cms_smime.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -159,7 +159,7 @@
if (!cms)
return NULL;
- if (CMS_final(cms, in, NULL, flags))
+ if ((flags & CMS_STREAM) || CMS_final(cms, in, NULL, flags))
return cms;
CMS_ContentInfo_free(cms);
@@ -200,10 +200,8 @@
if (!cms)
return NULL;
- if (!(flags & CMS_DETACHED)) {
- flags &= ~CMS_STREAM;
+ if (!(flags & CMS_DETACHED))
CMS_set_detached(cms, 0);
- }
if ((flags & CMS_STREAM) || CMS_final(cms, in, NULL, flags))
return cms;
@@ -252,10 +250,8 @@
if (!CMS_EncryptedData_set1_key(cms, cipher, key, keylen))
return NULL;
- if (!(flags & CMS_DETACHED)) {
- flags &= ~CMS_STREAM;
+ if (!(flags & CMS_DETACHED))
CMS_set_detached(cms, 0);
- }
if ((flags & (CMS_STREAM | CMS_PARTIAL))
|| CMS_final(cms, in, NULL, flags))
@@ -421,6 +417,7 @@
X509_STORE *store, unsigned int flags)
{
int r;
+ flags &= ~(CMS_DETACHED | CMS_TEXT);
r = CMS_verify(rcms, certs, store, NULL, NULL, flags);
if (r <= 0)
return r;
@@ -449,10 +446,8 @@
goto merr;
}
- if (!(flags & CMS_DETACHED)) {
- flags &= ~CMS_STREAM;
+ if (!(flags & CMS_DETACHED))
CMS_set_detached(cms, 0);
- }
if ((flags & (CMS_STREAM | CMS_PARTIAL))
|| CMS_final(cms, data, NULL, flags))
@@ -479,7 +474,7 @@
BIO *rct_cont = NULL;
int r = 0;
- flags &= ~CMS_STREAM;
+ flags &= ~(CMS_STREAM | CMS_TEXT);
/* Not really detached but avoids content being allocated */
flags |= CMS_PARTIAL | CMS_BINARY | CMS_DETACHED;
if (!pkey || !signcert) {
@@ -555,10 +550,8 @@
}
}
- if (!(flags & CMS_DETACHED)) {
- flags &= ~CMS_STREAM;
+ if (!(flags & CMS_DETACHED))
CMS_set_detached(cms, 0);
- }
if ((flags & (CMS_STREAM | CMS_PARTIAL))
|| CMS_final(cms, data, NULL, flags))
@@ -666,6 +659,29 @@
}
+int CMS_decrypt_set1_password(CMS_ContentInfo *cms,
+ unsigned char *pass, ossl_ssize_t passlen)
+{
+ STACK_OF(CMS_RecipientInfo) *ris;
+ CMS_RecipientInfo *ri;
+ int i, r;
+ ris = CMS_get0_RecipientInfos(cms);
+ for (i = 0; i < sk_CMS_RecipientInfo_num(ris); i++) {
+ ri = sk_CMS_RecipientInfo_value(ris, i);
+ if (CMS_RecipientInfo_type(ri) != CMS_RECIPINFO_PASS)
+ continue;
+ CMS_RecipientInfo_set0_password(ri, pass, passlen);
+ r = CMS_RecipientInfo_decrypt(cms, ri);
+ CMS_RecipientInfo_set0_password(ri, NULL, 0);
+ if (r > 0)
+ return 1;
+ }
+
+ CMSerr(CMS_F_CMS_DECRYPT_SET1_PASSWORD, CMS_R_NO_MATCHING_RECIPIENT);
+ return 0;
+
+}
+
int CMS_decrypt(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert,
BIO *dcont, BIO *out, unsigned int flags)
{
@@ -752,12 +768,10 @@
if (!cms)
return NULL;
- if (!(flags & CMS_DETACHED)) {
- flags &= ~CMS_STREAM;
+ if (!(flags & CMS_DETACHED))
CMS_set_detached(cms, 0);
- }
- if (CMS_final(cms, in, NULL, flags))
+ if ((flags & CMS_STREAM) || CMS_final(cms, in, NULL, flags))
return cms;
CMS_ContentInfo_free(cms);
Modified: trunk/crypto/openssl/crypto/comp/Makefile
===================================================================
--- trunk/crypto/openssl/crypto/comp/Makefile 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/comp/Makefile 2015-07-21 23:23:45 UTC (rev 7118)
@@ -36,7 +36,7 @@
all: lib
lib: $(LIBOBJ)
- $(ARX) $(LIB) $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
@@ -64,6 +64,8 @@
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
+update: depend
+
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC)
Modified: trunk/crypto/openssl/crypto/comp/c_rle.c
===================================================================
--- trunk/crypto/openssl/crypto/comp/c_rle.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/comp/c_rle.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -33,7 +33,7 @@
{
/* int i; */
- if (olen < (ilen + 1)) {
+ if (ilen == 0 || olen < (ilen - 1)) {
/* ZZZZZZZZZZZZZZZZZZZZZZ */
return (-1);
}
@@ -49,7 +49,7 @@
{
int i;
- if (ilen == 0 || olen < (ilen - 1)) {
+ if (olen < (ilen - 1)) {
/* ZZZZZZZZZZZZZZZZZZZZZZ */
return (-1);
}
Modified: trunk/crypto/openssl/crypto/comp/c_zlib.c
===================================================================
--- trunk/crypto/openssl/crypto/comp/c_zlib.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/comp/c_zlib.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -746,6 +746,7 @@
default:
ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
break;
+
}
return ret;
Modified: trunk/crypto/openssl/crypto/comp/comp_err.c
===================================================================
--- trunk/crypto/openssl/crypto/comp/comp_err.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/comp/comp_err.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,6 +1,6 @@
/* crypto/comp/comp_err.c */
/* ====================================================================
- * Copyright (c) 1999-2008 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
Modified: trunk/crypto/openssl/crypto/conf/Makefile
===================================================================
--- trunk/crypto/openssl/crypto/conf/Makefile 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/conf/Makefile 2015-07-21 23:23:45 UTC (rev 7118)
@@ -36,7 +36,7 @@
all: lib
lib: $(LIBOBJ)
- $(ARX) $(LIB) $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
@@ -64,6 +64,8 @@
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
+update: depend
+
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC)
@@ -114,8 +116,8 @@
conf_mall.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
conf_mall.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
conf_mall.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-conf_mall.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-conf_mall.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+conf_mall.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+conf_mall.o: ../../include/openssl/objects.h
conf_mall.o: ../../include/openssl/opensslconf.h
conf_mall.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
conf_mall.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
@@ -128,9 +130,9 @@
conf_mod.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
conf_mod.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
conf_mod.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-conf_mod.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-conf_mod.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-conf_mod.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+conf_mod.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+conf_mod.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+conf_mod.o: ../../include/openssl/opensslconf.h
conf_mod.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
conf_mod.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
conf_mod.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
@@ -143,9 +145,8 @@
conf_sap.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
conf_sap.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
conf_sap.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-conf_sap.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-conf_sap.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-conf_sap.o: ../../include/openssl/opensslconf.h
+conf_sap.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+conf_sap.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
conf_sap.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
conf_sap.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
conf_sap.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
Modified: trunk/crypto/openssl/crypto/conf/README
===================================================================
--- trunk/crypto/openssl/crypto/conf/README 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/conf/README 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,8 +1,3 @@
-WARNING WARNING WARNING!!!
-
-This stuff is experimental, may change radically or be deleted altogether
-before OpenSSL 0.9.7 release. You have been warned!
-
Configuration modules. These are a set of modules which can perform
various configuration functions.
@@ -13,7 +8,7 @@
-----
#default section
-openssl_init=init_section
+openssl_conf=init_section
[init_section]
@@ -30,18 +25,17 @@
other_stuff=other_value
----
-When this file is loaded a configuration module with the specified
-string (module* in the above example) is looked up and its init
-function called as:
+When this file is loaded a configuration module with the specified string
+(module* in the above example) is looked up and its init function called as:
int conf_init_func(CONF_IMODULE *md, CONF *cnf);
-The function can then take whatever action is appropriate, for example
-further lookups based on the value. Multiple instances of the same
-config module can be loaded.
+The function can then take whatever action is appropriate, for example further
+lookups based on the value. Multiple instances of the same config module can be
+loaded.
-When the application closes down the modules are cleaned up by calling
-an optional finish function:
+When the application closes down the modules are cleaned up by calling an
+optional finish function:
void conf_finish_func(CONF_IMODULE *md);
@@ -48,11 +42,10 @@
The finish functions are called in reverse order: that is the last module
loaded is the first one cleaned up.
-If no module exists with a given name then an attempt is made to load
-a DSO with the supplied name. This might mean that "module3" attempts
-to load a DSO called libmodule3.so or module3.dll for example. An explicit
-DSO name can be given by including a separate section as in the module4 example
-above.
+If no module exists with a given name then an attempt is made to load a DSO
+with the supplied name. This might mean that "module3" attempts to load a DSO
+called libmodule3.so or module3.dll for example. An explicit DSO name can be
+given by including a separate section as in the module4 example above.
The DSO is expected to at least contain an initialization function:
@@ -64,15 +57,17 @@
Static modules can also be added using,
-int CONF_module_add(char *name, dso_mod_init_func *ifunc, dso_mod_finish_func *ffunc);
+int CONF_module_add(char *name, dso_mod_init_func *ifunc, dso_mod_finish_func
+*ffunc);
-where "name" is the name in the configuration file this function corresponds to.
+where "name" is the name in the configuration file this function corresponds
+to.
-A set of builtin modules (currently only an ASN1 non functional test module) can be
-added by calling OPENSSL_load_builtin_modules().
+A set of builtin modules (currently only an ASN1 non functional test module)
+can be added by calling OPENSSL_load_builtin_modules().
-The function OPENSSL_config() is intended as a simple configuration function that
-any application can call to perform various default configuration tasks. It uses the
-file openssl.cnf in the usual locations.
+The function OPENSSL_config() is intended as a simple configuration function
+that any application can call to perform various default configuration tasks.
+It uses the file openssl.cnf in the usual locations.
Modified: trunk/crypto/openssl/crypto/conf/conf.h
===================================================================
--- trunk/crypto/openssl/crypto/conf/conf.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/conf/conf.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -78,8 +78,7 @@
} CONF_VALUE;
DECLARE_STACK_OF(CONF_VALUE)
-DECLARE_STACK_OF(CONF_MODULE)
-DECLARE_STACK_OF(CONF_IMODULE)
+DECLARE_LHASH_OF(CONF_VALUE);
struct conf_st;
struct conf_method_st;
@@ -103,6 +102,9 @@
typedef struct conf_imodule_st CONF_IMODULE;
typedef struct conf_module_st CONF_MODULE;
+DECLARE_STACK_OF(CONF_MODULE)
+DECLARE_STACK_OF(CONF_IMODULE)
+
/* DSO module function typedefs */
typedef int conf_init_func (CONF_IMODULE *md, const CONF *cnf);
typedef void conf_finish_func (CONF_IMODULE *md);
@@ -115,18 +117,24 @@
# define CONF_MFLAGS_DEFAULT_SECTION 0x20
int CONF_set_default_method(CONF_METHOD *meth);
-void CONF_set_nconf(CONF *conf, LHASH *hash);
-LHASH *CONF_load(LHASH *conf, const char *file, long *eline);
+void CONF_set_nconf(CONF *conf, LHASH_OF(CONF_VALUE) *hash);
+LHASH_OF(CONF_VALUE) *CONF_load(LHASH_OF(CONF_VALUE) *conf, const char *file,
+ long *eline);
# ifndef OPENSSL_NO_FP_API
-LHASH *CONF_load_fp(LHASH *conf, FILE *fp, long *eline);
+LHASH_OF(CONF_VALUE) *CONF_load_fp(LHASH_OF(CONF_VALUE) *conf, FILE *fp,
+ long *eline);
# endif
-LHASH *CONF_load_bio(LHASH *conf, BIO *bp, long *eline);
-STACK_OF(CONF_VALUE) *CONF_get_section(LHASH *conf, const char *section);
-char *CONF_get_string(LHASH *conf, const char *group, const char *name);
-long CONF_get_number(LHASH *conf, const char *group, const char *name);
-void CONF_free(LHASH *conf);
-int CONF_dump_fp(LHASH *conf, FILE *out);
-int CONF_dump_bio(LHASH *conf, BIO *out);
+LHASH_OF(CONF_VALUE) *CONF_load_bio(LHASH_OF(CONF_VALUE) *conf, BIO *bp,
+ long *eline);
+STACK_OF(CONF_VALUE) *CONF_get_section(LHASH_OF(CONF_VALUE) *conf,
+ const char *section);
+char *CONF_get_string(LHASH_OF(CONF_VALUE) *conf, const char *group,
+ const char *name);
+long CONF_get_number(LHASH_OF(CONF_VALUE) *conf, const char *group,
+ const char *name);
+void CONF_free(LHASH_OF(CONF_VALUE) *conf);
+int CONF_dump_fp(LHASH_OF(CONF_VALUE) *conf, FILE *out);
+int CONF_dump_bio(LHASH_OF(CONF_VALUE) *conf, BIO *out);
void OPENSSL_config(const char *config_name);
void OPENSSL_no_config(void);
@@ -139,7 +147,7 @@
struct conf_st {
CONF_METHOD *meth;
void *meth_data;
- LHASH *data;
+ LHASH_OF(CONF_VALUE) *data;
};
CONF *NCONF_new(CONF_METHOD *meth);
@@ -217,6 +225,7 @@
# define CONF_F_CONF_LOAD_BIO 102
# define CONF_F_CONF_LOAD_FP 103
# define CONF_F_CONF_MODULES_LOAD 116
+# define CONF_F_CONF_PARSE_LIST 119
# define CONF_F_DEF_LOAD 120
# define CONF_F_DEF_LOAD_BIO 121
# define CONF_F_MODULE_INIT 115
@@ -236,6 +245,7 @@
/* Reason codes. */
# define CONF_R_ERROR_LOADING_DSO 110
+# define CONF_R_LIST_CANNOT_BE_NULL 115
# define CONF_R_MISSING_CLOSE_SQUARE_BRACKET 100
# define CONF_R_MISSING_EQUAL_SIGN 101
# define CONF_R_MISSING_FINISH_FUNCTION 111
Modified: trunk/crypto/openssl/crypto/conf/conf_api.c
===================================================================
--- trunk/crypto/openssl/crypto/conf/conf_api.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/conf/conf_api.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -70,18 +70,12 @@
#include <openssl/conf_api.h>
#include "e_os.h"
-static void value_free_hash(CONF_VALUE *a, LHASH *conf);
-static void value_free_stack(CONF_VALUE *a, LHASH *conf);
-static IMPLEMENT_LHASH_DOALL_ARG_FN(value_free_hash, CONF_VALUE *, LHASH *)
-static IMPLEMENT_LHASH_DOALL_ARG_FN(value_free_stack, CONF_VALUE *, LHASH *)
-/*
- * We don't use function pointer casting or wrapper functions - but cast each
- * callback parameter inside the callback functions.
- */
-/* static unsigned long hash(CONF_VALUE *v); */
-static unsigned long hash(const void *v_void);
-/* static int cmp_conf(CONF_VALUE *a,CONF_VALUE *b); */
-static int cmp_conf(const void *a_void, const void *b_void);
+static void value_free_hash_doall_arg(CONF_VALUE *a,
+ LHASH_OF(CONF_VALUE) *conf);
+static void value_free_stack_doall(CONF_VALUE *a);
+static IMPLEMENT_LHASH_DOALL_ARG_FN(value_free_hash, CONF_VALUE,
+ LHASH_OF(CONF_VALUE))
+static IMPLEMENT_LHASH_DOALL_FN(value_free_stack, CONF_VALUE)
/* Up until OpenSSL 0.9.5a, this was get_section */
CONF_VALUE *_CONF_get_section(const CONF *conf, const char *section)
@@ -92,7 +86,7 @@
return (NULL);
vv.name = NULL;
vv.section = (char *)section;
- v = (CONF_VALUE *)lh_retrieve(conf->data, &vv);
+ v = lh_CONF_VALUE_retrieve(conf->data, &vv);
return (v);
}
@@ -121,7 +115,7 @@
return 0;
}
- v = (CONF_VALUE *)lh_insert(conf->data, value);
+ v = lh_CONF_VALUE_insert(conf->data, value);
if (v != NULL) {
(void)sk_CONF_VALUE_delete_ptr(ts, v);
OPENSSL_free(v->name);
@@ -143,11 +137,11 @@
if (section != NULL) {
vv.name = (char *)name;
vv.section = (char *)section;
- v = (CONF_VALUE *)lh_retrieve(conf->data, &vv);
+ v = lh_CONF_VALUE_retrieve(conf->data, &vv);
if (v != NULL)
return (v->value);
if (strcmp(section, "ENV") == 0) {
- p = Getenv(name);
+ p = getenv(name);
if (p != NULL)
return (p);
}
@@ -154,13 +148,13 @@
}
vv.section = "default";
vv.name = (char *)name;
- v = (CONF_VALUE *)lh_retrieve(conf->data, &vv);
+ v = lh_CONF_VALUE_retrieve(conf->data, &vv);
if (v != NULL)
return (v->value);
else
return (NULL);
} else
- return (Getenv(name));
+ return (getenv(name));
}
#if 0 /* There's no way to provide error checking
@@ -185,6 +179,34 @@
}
#endif
+static unsigned long conf_value_hash(const CONF_VALUE *v)
+{
+ return (lh_strhash(v->section) << 2) ^ lh_strhash(v->name);
+}
+
+static IMPLEMENT_LHASH_HASH_FN(conf_value, CONF_VALUE)
+
+static int conf_value_cmp(const CONF_VALUE *a, const CONF_VALUE *b)
+{
+ int i;
+
+ if (a->section != b->section) {
+ i = strcmp(a->section, b->section);
+ if (i)
+ return (i);
+ }
+
+ if ((a->name != NULL) && (b->name != NULL)) {
+ i = strcmp(a->name, b->name);
+ return (i);
+ } else if (a->name == b->name)
+ return (0);
+ else
+ return ((a->name == NULL) ? -1 : 1);
+}
+
+static IMPLEMENT_LHASH_COMP_FN(conf_value, CONF_VALUE)
+
int _CONF_new_data(CONF *conf)
{
if (conf == NULL) {
@@ -191,7 +213,7 @@
return 0;
}
if (conf->data == NULL)
- if ((conf->data = lh_new(hash, cmp_conf)) == NULL) {
+ if ((conf->data = lh_CONF_VALUE_new()) == NULL) {
return 0;
}
return 1;
@@ -202,9 +224,12 @@
if (conf == NULL || conf->data == NULL)
return;
- conf->data->down_load = 0; /* evil thing to make sure the
- * 'OPENSSL_free()' works as expected */
- lh_doall_arg(conf->data, LHASH_DOALL_ARG_FN(value_free_hash), conf->data);
+ lh_CONF_VALUE_down_load(conf->data) = 0; /* evil thing to make * sure the
+ * 'OPENSSL_free()' works as *
+ * expected */
+ lh_CONF_VALUE_doall_arg(conf->data,
+ LHASH_DOALL_ARG_FN(value_free_hash),
+ LHASH_OF(CONF_VALUE), conf->data);
/*
* We now have only 'section' entries in the hash table. Due to problems
@@ -211,82 +236,52 @@
* with
*/
- lh_doall_arg(conf->data, LHASH_DOALL_ARG_FN(value_free_stack),
- conf->data);
- lh_free(conf->data);
+ lh_CONF_VALUE_doall(conf->data, LHASH_DOALL_FN(value_free_stack));
+ lh_CONF_VALUE_free(conf->data);
}
-static void value_free_hash(CONF_VALUE *a, LHASH *conf)
+static void value_free_hash_doall_arg(CONF_VALUE *a,
+ LHASH_OF(CONF_VALUE) *conf)
{
- if (a->name != NULL) {
- a = (CONF_VALUE *)lh_delete(conf, a);
- }
+ if (a->name != NULL)
+ (void)lh_CONF_VALUE_delete(conf, a);
}
-static void value_free_stack(CONF_VALUE *a, LHASH *conf)
+static void value_free_stack_doall(CONF_VALUE *a)
{
CONF_VALUE *vv;
- STACK *sk;
+ STACK_OF(CONF_VALUE) *sk;
int i;
if (a->name != NULL)
return;
- sk = (STACK *) a->value;
- for (i = sk_num(sk) - 1; i >= 0; i--) {
- vv = (CONF_VALUE *)sk_value(sk, i);
+ sk = (STACK_OF(CONF_VALUE) *)a->value;
+ for (i = sk_CONF_VALUE_num(sk) - 1; i >= 0; i--) {
+ vv = sk_CONF_VALUE_value(sk, i);
OPENSSL_free(vv->value);
OPENSSL_free(vv->name);
OPENSSL_free(vv);
}
if (sk != NULL)
- sk_free(sk);
+ sk_CONF_VALUE_free(sk);
OPENSSL_free(a->section);
OPENSSL_free(a);
}
-/* static unsigned long hash(CONF_VALUE *v) */
-static unsigned long hash(const void *v_void)
-{
- CONF_VALUE *v = (CONF_VALUE *)v_void;
- return ((lh_strhash(v->section) << 2) ^ lh_strhash(v->name));
-}
-
-/* static int cmp_conf(CONF_VALUE *a, CONF_VALUE *b) */
-static int cmp_conf(const void *a_void, const void *b_void)
-{
- int i;
- CONF_VALUE *a = (CONF_VALUE *)a_void;
- CONF_VALUE *b = (CONF_VALUE *)b_void;
-
- if (a->section != b->section) {
- i = strcmp(a->section, b->section);
- if (i)
- return (i);
- }
-
- if ((a->name != NULL) && (b->name != NULL)) {
- i = strcmp(a->name, b->name);
- return (i);
- } else if (a->name == b->name)
- return (0);
- else
- return ((a->name == NULL) ? -1 : 1);
-}
-
/* Up until OpenSSL 0.9.5a, this was new_section */
CONF_VALUE *_CONF_new_section(CONF *conf, const char *section)
{
- STACK *sk = NULL;
+ STACK_OF(CONF_VALUE) *sk = NULL;
int ok = 0, i;
CONF_VALUE *v = NULL, *vv;
- if ((sk = sk_new_null()) == NULL)
+ if ((sk = sk_CONF_VALUE_new_null()) == NULL)
goto err;
- if ((v = (CONF_VALUE *)OPENSSL_malloc(sizeof(CONF_VALUE))) == NULL)
+ if ((v = OPENSSL_malloc(sizeof(CONF_VALUE))) == NULL)
goto err;
i = strlen(section) + 1;
- if ((v->section = (char *)OPENSSL_malloc(i)) == NULL)
+ if ((v->section = OPENSSL_malloc(i)) == NULL)
goto err;
memcpy(v->section, section, i);
@@ -293,13 +288,13 @@
v->name = NULL;
v->value = (char *)sk;
- vv = (CONF_VALUE *)lh_insert(conf->data, v);
+ vv = lh_CONF_VALUE_insert(conf->data, v);
OPENSSL_assert(vv == NULL);
ok = 1;
err:
if (!ok) {
if (sk != NULL)
- sk_free(sk);
+ sk_CONF_VALUE_free(sk);
if (v != NULL)
OPENSSL_free(v);
v = NULL;
Modified: trunk/crypto/openssl/crypto/conf/conf_def.c
===================================================================
--- trunk/crypto/openssl/crypto/conf/conf_def.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/conf/conf_def.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -130,7 +130,7 @@
{
CONF *ret;
- ret = (CONF *)OPENSSL_malloc(sizeof(CONF) + sizeof(unsigned short *));
+ ret = OPENSSL_malloc(sizeof(CONF) + sizeof(unsigned short *));
if (ret)
if (meth->init(ret) == 0) {
OPENSSL_free(ret);
@@ -145,7 +145,7 @@
return 0;
conf->meth = &default_method;
- conf->meth_data = (void *)CONF_type_default;
+ conf->meth_data = CONF_type_default;
conf->data = NULL;
return 1;
@@ -217,8 +217,6 @@
CONF_VALUE *v = NULL, *tv;
CONF_VALUE *sv = NULL;
char *section = NULL, *buf;
-/* STACK_OF(CONF_VALUE) *section_sk=NULL;*/
-/* STACK_OF(CONF_VALUE) *ts=NULL;*/
char *start, *psection, *pname;
void *h = (void *)(conf->data);
@@ -244,7 +242,6 @@
CONFerr(CONF_F_DEF_LOAD_BIO, CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
goto err;
}
-/* section_sk=(STACK_OF(CONF_VALUE) *)sv->value;*/
bufnum = 0;
again = 0;
@@ -332,7 +329,6 @@
CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
goto err;
}
-/* section_sk=(STACK_OF(CONF_VALUE) *)sv->value;*/
continue;
} else {
pname = s;
@@ -386,11 +382,8 @@
CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
goto err;
}
-/* ts=(STACK_OF(CONF_VALUE) *)tv->value;*/
- } else {
+ } else
tv = sv;
-/* ts=section_sk;*/
- }
#if 1
if (_CONF_add_string(conf, tv, v) == 0) {
CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE);
@@ -592,7 +585,11 @@
CONFerr(CONF_F_STR_COPY, CONF_R_VARIABLE_HAS_NO_VALUE);
goto err;
}
- BUF_MEM_grow_clean(buf, (strlen(p) + buf->length - (e - from)));
+ if (!BUF_MEM_grow_clean(buf,
+ (strlen(p) + buf->length - (e - from)))) {
+ CONFerr(CONF_F_STR_COPY, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
while (*p)
buf->data[to++] = *(p++);
@@ -682,7 +679,7 @@
return (p);
}
-static void dump_value(CONF_VALUE *a, BIO *out)
+static void dump_value_doall_arg(CONF_VALUE *a, BIO *out)
{
if (a->name)
BIO_printf(out, "[%s] %s=%s\n", a->section, a->name, a->value);
@@ -690,11 +687,12 @@
BIO_printf(out, "[[%s]]\n", a->section);
}
-static IMPLEMENT_LHASH_DOALL_ARG_FN(dump_value, CONF_VALUE *, BIO *)
+static IMPLEMENT_LHASH_DOALL_ARG_FN(dump_value, CONF_VALUE, BIO)
static int def_dump(const CONF *conf, BIO *out)
{
- lh_doall_arg(conf->data, LHASH_DOALL_ARG_FN(dump_value), out);
+ lh_CONF_VALUE_doall_arg(conf->data, LHASH_DOALL_ARG_FN(dump_value),
+ BIO, out);
return 1;
}
Modified: trunk/crypto/openssl/crypto/conf/conf_err.c
===================================================================
--- trunk/crypto/openssl/crypto/conf/conf_err.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/conf/conf_err.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,6 +1,6 @@
/* crypto/conf/conf_err.c */
/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -75,6 +75,7 @@
{ERR_FUNC(CONF_F_CONF_LOAD_BIO), "CONF_load_bio"},
{ERR_FUNC(CONF_F_CONF_LOAD_FP), "CONF_load_fp"},
{ERR_FUNC(CONF_F_CONF_MODULES_LOAD), "CONF_modules_load"},
+ {ERR_FUNC(CONF_F_CONF_PARSE_LIST), "CONF_parse_list"},
{ERR_FUNC(CONF_F_DEF_LOAD), "DEF_LOAD"},
{ERR_FUNC(CONF_F_DEF_LOAD_BIO), "DEF_LOAD_BIO"},
{ERR_FUNC(CONF_F_MODULE_INIT), "MODULE_INIT"},
@@ -96,6 +97,7 @@
static ERR_STRING_DATA CONF_str_reasons[] = {
{ERR_REASON(CONF_R_ERROR_LOADING_DSO), "error loading dso"},
+ {ERR_REASON(CONF_R_LIST_CANNOT_BE_NULL), "list cannot be null"},
{ERR_REASON(CONF_R_MISSING_CLOSE_SQUARE_BRACKET),
"missing close square bracket"},
{ERR_REASON(CONF_R_MISSING_EQUAL_SIGN), "missing equal sign"},
Modified: trunk/crypto/openssl/crypto/conf/conf_lib.c
===================================================================
--- trunk/crypto/openssl/crypto/conf/conf_lib.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/conf/conf_lib.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -70,7 +70,7 @@
/* Init a 'CONF' structure from an old LHASH */
-void CONF_set_nconf(CONF *conf, LHASH *hash)
+void CONF_set_nconf(CONF *conf, LHASH_OF(CONF_VALUE) *hash)
{
if (default_CONF_method == NULL)
default_CONF_method = NCONF_default();
@@ -90,9 +90,10 @@
return 1;
}
-LHASH *CONF_load(LHASH *conf, const char *file, long *eline)
+LHASH_OF(CONF_VALUE) *CONF_load(LHASH_OF(CONF_VALUE) *conf, const char *file,
+ long *eline)
{
- LHASH *ltmp;
+ LHASH_OF(CONF_VALUE) *ltmp;
BIO *in = NULL;
#ifdef OPENSSL_SYS_VMS
@@ -112,10 +113,11 @@
}
#ifndef OPENSSL_NO_FP_API
-LHASH *CONF_load_fp(LHASH *conf, FILE *fp, long *eline)
+LHASH_OF(CONF_VALUE) *CONF_load_fp(LHASH_OF(CONF_VALUE) *conf, FILE *fp,
+ long *eline)
{
BIO *btmp;
- LHASH *ltmp;
+ LHASH_OF(CONF_VALUE) *ltmp;
if (!(btmp = BIO_new_fp(fp, BIO_NOCLOSE))) {
CONFerr(CONF_F_CONF_LOAD_FP, ERR_R_BUF_LIB);
return NULL;
@@ -126,7 +128,8 @@
}
#endif
-LHASH *CONF_load_bio(LHASH *conf, BIO *bp, long *eline)
+LHASH_OF(CONF_VALUE) *CONF_load_bio(LHASH_OF(CONF_VALUE) *conf, BIO *bp,
+ long *eline)
{
CONF ctmp;
int ret;
@@ -139,7 +142,8 @@
return NULL;
}
-STACK_OF(CONF_VALUE) *CONF_get_section(LHASH *conf, const char *section)
+STACK_OF(CONF_VALUE) *CONF_get_section(LHASH_OF(CONF_VALUE) *conf,
+ const char *section)
{
if (conf == NULL) {
return NULL;
@@ -150,7 +154,8 @@
}
}
-char *CONF_get_string(LHASH *conf, const char *group, const char *name)
+char *CONF_get_string(LHASH_OF(CONF_VALUE) *conf, const char *group,
+ const char *name)
{
if (conf == NULL) {
return NCONF_get_string(NULL, group, name);
@@ -161,7 +166,8 @@
}
}
-long CONF_get_number(LHASH *conf, const char *group, const char *name)
+long CONF_get_number(LHASH_OF(CONF_VALUE) *conf, const char *group,
+ const char *name)
{
int status;
long result = 0;
@@ -181,7 +187,7 @@
return result;
}
-void CONF_free(LHASH *conf)
+void CONF_free(LHASH_OF(CONF_VALUE) *conf)
{
CONF ctmp;
CONF_set_nconf(&ctmp, conf);
@@ -189,7 +195,7 @@
}
#ifndef OPENSSL_NO_FP_API
-int CONF_dump_fp(LHASH *conf, FILE *out)
+int CONF_dump_fp(LHASH_OF(CONF_VALUE) *conf, FILE *out)
{
BIO *btmp;
int ret;
@@ -204,7 +210,7 @@
}
#endif
-int CONF_dump_bio(LHASH *conf, BIO *out)
+int CONF_dump_bio(LHASH_OF(CONF_VALUE) *conf, BIO *out)
{
CONF ctmp;
CONF_set_nconf(&ctmp, conf);
Modified: trunk/crypto/openssl/crypto/conf/conf_mall.c
===================================================================
--- trunk/crypto/openssl/crypto/conf/conf_mall.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/conf/conf_mall.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -64,7 +64,6 @@
#include <openssl/dso.h>
#include <openssl/x509.h>
#include <openssl/asn1.h>
-#include <openssl/evp.h>
#ifndef OPENSSL_NO_ENGINE
# include <openssl/engine.h>
#endif
Modified: trunk/crypto/openssl/crypto/conf/conf_mod.c
===================================================================
--- trunk/crypto/openssl/crypto/conf/conf_mod.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/conf/conf_mod.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -562,8 +562,13 @@
{
int ret;
const char *lstart, *tmpend, *p;
+
+ if (list_ == NULL) {
+ CONFerr(CONF_F_CONF_PARSE_LIST, CONF_R_LIST_CANNOT_BE_NULL);
+ return 0;
+ }
+
lstart = list_;
-
for (;;) {
if (nospc) {
while (*lstart && isspace((unsigned char)*lstart))
Modified: trunk/crypto/openssl/crypto/conf/conf_sap.c
===================================================================
--- trunk/crypto/openssl/crypto/conf/conf_sap.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/conf/conf_sap.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -86,23 +86,10 @@
/* Need to load ENGINEs */
ENGINE_load_builtin_engines();
#endif
- /* Add others here? */
-
ERR_clear_error();
- if (CONF_modules_load_file(NULL, config_name,
+ CONF_modules_load_file(NULL, config_name,
CONF_MFLAGS_DEFAULT_SECTION |
- CONF_MFLAGS_IGNORE_MISSING_FILE) <= 0) {
- BIO *bio_err;
- ERR_load_crypto_strings();
- if ((bio_err = BIO_new_fp(stderr, BIO_NOCLOSE)) != NULL) {
- BIO_printf(bio_err, "Auto configuration failed\n");
- ERR_print_errors(bio_err);
- BIO_free(bio_err);
- }
- exit(1);
- }
-
- return;
+ CONF_MFLAGS_IGNORE_MISSING_FILE);
}
void OPENSSL_no_config()
Modified: trunk/crypto/openssl/crypto/cpt_err.c
===================================================================
--- trunk/crypto/openssl/crypto/cpt_err.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/cpt_err.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,6 +1,6 @@
/* crypto/cpt_err.c */
/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -76,6 +76,7 @@
{ERR_FUNC(CRYPTO_F_CRYPTO_SET_EX_DATA), "CRYPTO_set_ex_data"},
{ERR_FUNC(CRYPTO_F_DEF_ADD_INDEX), "DEF_ADD_INDEX"},
{ERR_FUNC(CRYPTO_F_DEF_GET_CLASS), "DEF_GET_CLASS"},
+ {ERR_FUNC(CRYPTO_F_FIPS_MODE_SET), "FIPS_mode_set"},
{ERR_FUNC(CRYPTO_F_INT_DUP_EX_DATA), "INT_DUP_EX_DATA"},
{ERR_FUNC(CRYPTO_F_INT_FREE_EX_DATA), "INT_FREE_EX_DATA"},
{ERR_FUNC(CRYPTO_F_INT_NEW_EX_DATA), "INT_NEW_EX_DATA"},
@@ -83,6 +84,7 @@
};
static ERR_STRING_DATA CRYPTO_str_reasons[] = {
+ {ERR_REASON(CRYPTO_R_FIPS_MODE_NOT_SUPPORTED), "fips mode not supported"},
{ERR_REASON(CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK),
"no dynlock create callback"},
{0, NULL}
Modified: trunk/crypto/openssl/crypto/cryptlib.c
===================================================================
--- trunk/crypto/openssl/crypto/cryptlib.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/cryptlib.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,6 +1,6 @@
/* crypto/cryptlib.c */
/* ====================================================================
- * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -121,18 +121,277 @@
static double SSLeay_MSVC5_hack = 0.0; /* and for VC1.5 */
#endif
+DECLARE_STACK_OF(CRYPTO_dynlock)
+
+/* real #defines in crypto.h, keep these upto date */
+static const char *const lock_names[CRYPTO_NUM_LOCKS] = {
+ "<<ERROR>>",
+ "err",
+ "ex_data",
+ "x509",
+ "x509_info",
+ "x509_pkey",
+ "x509_crl",
+ "x509_req",
+ "dsa",
+ "rsa",
+ "evp_pkey",
+ "x509_store",
+ "ssl_ctx",
+ "ssl_cert",
+ "ssl_session",
+ "ssl_sess_cert",
+ "ssl",
+ "ssl_method",
+ "rand",
+ "rand2",
+ "debug_malloc",
+ "BIO",
+ "gethostbyname",
+ "getservbyname",
+ "readdir",
+ "RSA_blinding",
+ "dh",
+ "debug_malloc2",
+ "dso",
+ "dynlock",
+ "engine",
+ "ui",
+ "ecdsa",
+ "ec",
+ "ecdh",
+ "bn",
+ "ec_pre_comp",
+ "store",
+ "comp",
+ "fips",
+ "fips2",
+#if CRYPTO_NUM_LOCKS != 41
+# error "Inconsistency between crypto.h and cryptlib.c"
+#endif
+};
+
+/*
+ * This is for applications to allocate new type names in the non-dynamic
+ * array of lock names. These are numbered with positive numbers.
+ */
+static STACK_OF(OPENSSL_STRING) *app_locks = NULL;
+
+/*
+ * For applications that want a more dynamic way of handling threads, the
+ * following stack is used. These are externally numbered with negative
+ * numbers.
+ */
+static STACK_OF(CRYPTO_dynlock) *dyn_locks = NULL;
+
static void (MS_FAR *locking_callback) (int mode, int type,
- const char *file, int line) = NULL;
+ const char *file, int line) = 0;
static int (MS_FAR *add_lock_callback) (int *pointer, int amount,
int type, const char *file,
- int line) = NULL;
-static unsigned long (MS_FAR *id_callback) (void) = NULL;
+ int line) = 0;
+#ifndef OPENSSL_NO_DEPRECATED
+static unsigned long (MS_FAR *id_callback) (void) = 0;
+#endif
+static void (MS_FAR *threadid_callback) (CRYPTO_THREADID *) = 0;
+static struct CRYPTO_dynlock_value *(MS_FAR *dynlock_create_callback)
+ (const char *file, int line) = 0;
+static void (MS_FAR *dynlock_lock_callback) (int mode,
+ struct CRYPTO_dynlock_value *l,
+ const char *file, int line) = 0;
+static void (MS_FAR *dynlock_destroy_callback) (struct CRYPTO_dynlock_value
+ *l, const char *file,
+ int line) = 0;
+int CRYPTO_get_new_lockid(char *name)
+{
+ char *str;
+ int i;
+
+#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN16)
+ /*
+ * A hack to make Visual C++ 5.0 work correctly when linking as a DLL
+ * using /MT. Without this, the application cannot use any floating point
+ * printf's. It also seems to be needed for Visual C 1.5 (win16)
+ */
+ SSLeay_MSVC5_hack = (double)name[0] * (double)name[1];
+#endif
+
+ if ((app_locks == NULL)
+ && ((app_locks = sk_OPENSSL_STRING_new_null()) == NULL)) {
+ CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_LOCKID, ERR_R_MALLOC_FAILURE);
+ return (0);
+ }
+ if ((str = BUF_strdup(name)) == NULL) {
+ CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_LOCKID, ERR_R_MALLOC_FAILURE);
+ return (0);
+ }
+ i = sk_OPENSSL_STRING_push(app_locks, str);
+ if (!i)
+ OPENSSL_free(str);
+ else
+ i += CRYPTO_NUM_LOCKS; /* gap of one :-) */
+ return (i);
+}
+
int CRYPTO_num_locks(void)
{
return CRYPTO_NUM_LOCKS;
}
+int CRYPTO_get_new_dynlockid(void)
+{
+ int i = 0;
+ CRYPTO_dynlock *pointer = NULL;
+
+ if (dynlock_create_callback == NULL) {
+ CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,
+ CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK);
+ return (0);
+ }
+ CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK);
+ if ((dyn_locks == NULL)
+ && ((dyn_locks = sk_CRYPTO_dynlock_new_null()) == NULL)) {
+ CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
+ CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID, ERR_R_MALLOC_FAILURE);
+ return (0);
+ }
+ CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
+
+ pointer = (CRYPTO_dynlock *) OPENSSL_malloc(sizeof(CRYPTO_dynlock));
+ if (pointer == NULL) {
+ CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID, ERR_R_MALLOC_FAILURE);
+ return (0);
+ }
+ pointer->references = 1;
+ pointer->data = dynlock_create_callback(__FILE__, __LINE__);
+ if (pointer->data == NULL) {
+ OPENSSL_free(pointer);
+ CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID, ERR_R_MALLOC_FAILURE);
+ return (0);
+ }
+
+ CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK);
+ /* First, try to find an existing empty slot */
+ i = sk_CRYPTO_dynlock_find(dyn_locks, NULL);
+ /* If there was none, push, thereby creating a new one */
+ if (i == -1)
+ /*
+ * Since sk_push() returns the number of items on the stack, not the
+ * location of the pushed item, we need to transform the returned
+ * number into a position, by decreasing it.
+ */
+ i = sk_CRYPTO_dynlock_push(dyn_locks, pointer) - 1;
+ else
+ /*
+ * If we found a place with a NULL pointer, put our pointer in it.
+ */
+ (void)sk_CRYPTO_dynlock_set(dyn_locks, i, pointer);
+ CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
+
+ if (i == -1) {
+ dynlock_destroy_callback(pointer->data, __FILE__, __LINE__);
+ OPENSSL_free(pointer);
+ } else
+ i += 1; /* to avoid 0 */
+ return -i;
+}
+
+void CRYPTO_destroy_dynlockid(int i)
+{
+ CRYPTO_dynlock *pointer = NULL;
+ if (i)
+ i = -i - 1;
+ if (dynlock_destroy_callback == NULL)
+ return;
+
+ CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK);
+
+ if (dyn_locks == NULL || i >= sk_CRYPTO_dynlock_num(dyn_locks)) {
+ CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
+ return;
+ }
+ pointer = sk_CRYPTO_dynlock_value(dyn_locks, i);
+ if (pointer != NULL) {
+ --pointer->references;
+#ifdef REF_CHECK
+ if (pointer->references < 0) {
+ fprintf(stderr,
+ "CRYPTO_destroy_dynlockid, bad reference count\n");
+ abort();
+ } else
+#endif
+ if (pointer->references <= 0) {
+ (void)sk_CRYPTO_dynlock_set(dyn_locks, i, NULL);
+ } else
+ pointer = NULL;
+ }
+ CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
+
+ if (pointer) {
+ dynlock_destroy_callback(pointer->data, __FILE__, __LINE__);
+ OPENSSL_free(pointer);
+ }
+}
+
+struct CRYPTO_dynlock_value *CRYPTO_get_dynlock_value(int i)
+{
+ CRYPTO_dynlock *pointer = NULL;
+ if (i)
+ i = -i - 1;
+
+ CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK);
+
+ if (dyn_locks != NULL && i < sk_CRYPTO_dynlock_num(dyn_locks))
+ pointer = sk_CRYPTO_dynlock_value(dyn_locks, i);
+ if (pointer)
+ pointer->references++;
+
+ CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
+
+ if (pointer)
+ return pointer->data;
+ return NULL;
+}
+
+struct CRYPTO_dynlock_value *(*CRYPTO_get_dynlock_create_callback(void))
+ (const char *file, int line) {
+ return (dynlock_create_callback);
+}
+
+void (*CRYPTO_get_dynlock_lock_callback(void)) (int mode,
+ struct CRYPTO_dynlock_value
+ *l, const char *file,
+ int line) {
+ return (dynlock_lock_callback);
+}
+
+void (*CRYPTO_get_dynlock_destroy_callback(void))
+ (struct CRYPTO_dynlock_value *l, const char *file, int line) {
+ return (dynlock_destroy_callback);
+}
+
+void CRYPTO_set_dynlock_create_callback(struct CRYPTO_dynlock_value *(*func)
+ (const char *file, int line))
+{
+ dynlock_create_callback = func;
+}
+
+void CRYPTO_set_dynlock_lock_callback(void (*func) (int mode,
+ struct
+ CRYPTO_dynlock_value *l,
+ const char *file,
+ int line))
+{
+ dynlock_lock_callback = func;
+}
+
+void CRYPTO_set_dynlock_destroy_callback(void (*func)
+ (struct CRYPTO_dynlock_value *l,
+ const char *file, int line))
+{
+ dynlock_destroy_callback = func;
+}
+
void (*CRYPTO_get_locking_callback(void)) (int mode, int type,
const char *file, int line) {
return (locking_callback);
@@ -146,6 +405,11 @@
void CRYPTO_set_locking_callback(void (*func) (int mode, int type,
const char *file, int line))
{
+ /*
+ * Calling this here ensures initialisation before any threads are
+ * started.
+ */
+ OPENSSL_init();
locking_callback = func;
}
@@ -155,6 +419,110 @@
add_lock_callback = func;
}
+/*
+ * the memset() here and in set_pointer() seem overkill, but for the sake of
+ * CRYPTO_THREADID_cmp() this avoids any platform silliness that might cause
+ * two "equal" THREADID structs to not be memcmp()-identical.
+ */
+void CRYPTO_THREADID_set_numeric(CRYPTO_THREADID *id, unsigned long val)
+{
+ memset(id, 0, sizeof(*id));
+ id->val = val;
+}
+
+static const unsigned char hash_coeffs[] = { 3, 5, 7, 11, 13, 17, 19, 23 };
+
+void CRYPTO_THREADID_set_pointer(CRYPTO_THREADID *id, void *ptr)
+{
+ unsigned char *dest = (void *)&id->val;
+ unsigned int accum = 0;
+ unsigned char dnum = sizeof(id->val);
+
+ memset(id, 0, sizeof(*id));
+ id->ptr = ptr;
+ if (sizeof(id->val) >= sizeof(id->ptr)) {
+ /*
+ * 'ptr' can be embedded in 'val' without loss of uniqueness
+ */
+ id->val = (unsigned long)id->ptr;
+ return;
+ }
+ /*
+ * hash ptr ==> val. Each byte of 'val' gets the mod-256 total of a
+ * linear function over the bytes in 'ptr', the co-efficients of which
+ * are a sequence of low-primes (hash_coeffs is an 8-element cycle) - the
+ * starting prime for the sequence varies for each byte of 'val' (unique
+ * polynomials unless pointers are >64-bit). For added spice, the totals
+ * accumulate rather than restarting from zero, and the index of the
+ * 'val' byte is added each time (position dependence). If I was a
+ * black-belt, I'd scan big-endian pointers in reverse to give low-order
+ * bits more play, but this isn't crypto and I'd prefer nobody mistake it
+ * as such. Plus I'm lazy.
+ */
+ while (dnum--) {
+ const unsigned char *src = (void *)&id->ptr;
+ unsigned char snum = sizeof(id->ptr);
+ while (snum--)
+ accum += *(src++) * hash_coeffs[(snum + dnum) & 7];
+ accum += dnum;
+ *(dest++) = accum & 255;
+ }
+}
+
+int CRYPTO_THREADID_set_callback(void (*func) (CRYPTO_THREADID *))
+{
+ if (threadid_callback)
+ return 0;
+ threadid_callback = func;
+ return 1;
+}
+
+void (*CRYPTO_THREADID_get_callback(void)) (CRYPTO_THREADID *) {
+ return threadid_callback;
+}
+
+void CRYPTO_THREADID_current(CRYPTO_THREADID *id)
+{
+ if (threadid_callback) {
+ threadid_callback(id);
+ return;
+ }
+#ifndef OPENSSL_NO_DEPRECATED
+ /* If the deprecated callback was set, fall back to that */
+ if (id_callback) {
+ CRYPTO_THREADID_set_numeric(id, id_callback());
+ return;
+ }
+#endif
+ /* Else pick a backup */
+#ifdef OPENSSL_SYS_WIN16
+ CRYPTO_THREADID_set_numeric(id, (unsigned long)GetCurrentTask());
+#elif defined(OPENSSL_SYS_WIN32)
+ CRYPTO_THREADID_set_numeric(id, (unsigned long)GetCurrentThreadId());
+#elif defined(OPENSSL_SYS_BEOS)
+ CRYPTO_THREADID_set_numeric(id, (unsigned long)find_thread(NULL));
+#else
+ /* For everything else, default to using the address of 'errno' */
+ CRYPTO_THREADID_set_pointer(id, (void *)&errno);
+#endif
+}
+
+int CRYPTO_THREADID_cmp(const CRYPTO_THREADID *a, const CRYPTO_THREADID *b)
+{
+ return memcmp(a, b, sizeof(*a));
+}
+
+void CRYPTO_THREADID_cpy(CRYPTO_THREADID *dest, const CRYPTO_THREADID *src)
+{
+ memcpy(dest, src, sizeof(*src));
+}
+
+unsigned long CRYPTO_THREADID_hash(const CRYPTO_THREADID *id)
+{
+ return id->val;
+}
+
+#ifndef OPENSSL_NO_DEPRECATED
unsigned long (*CRYPTO_get_id_callback(void)) (void) {
return (id_callback);
}
@@ -169,33 +537,28 @@
unsigned long ret = 0;
if (id_callback == NULL) {
-#ifdef OPENSSL_SYS_WIN16
+# ifdef OPENSSL_SYS_WIN16
ret = (unsigned long)GetCurrentTask();
-#elif defined(OPENSSL_SYS_WIN32)
+# elif defined(OPENSSL_SYS_WIN32)
ret = (unsigned long)GetCurrentThreadId();
-#elif defined(GETPID_IS_MEANINGLESS)
+# elif defined(GETPID_IS_MEANINGLESS)
ret = 1L;
-#else
+# elif defined(OPENSSL_SYS_BEOS)
+ ret = (unsigned long)find_thread(NULL);
+# else
ret = (unsigned long)getpid();
-#endif
+# endif
} else
ret = id_callback();
return (ret);
}
+#endif
-static void (*do_dynlock_cb) (int mode, int type, const char *file, int line);
-
-void int_CRYPTO_set_do_dynlock_callback(void (*dyn_cb)
- (int mode, int type,
- const char *file, int line))
-{
- do_dynlock_cb = dyn_cb;
-}
-
void CRYPTO_lock(int mode, int type, const char *file, int line)
{
#ifdef LOCK_DEBUG
{
+ CRYPTO_THREADID id;
char *rw_text, *operation_text;
if (mode & CRYPTO_LOCK)
@@ -212,14 +575,23 @@
else
rw_text = "ERROR";
+ CRYPTO_THREADID_current(&id);
fprintf(stderr, "lock:%08lx:(%s)%s %-18s %s:%d\n",
- CRYPTO_thread_id(), rw_text, operation_text,
+ CRYPTO_THREADID_hash(&id), rw_text, operation_text,
CRYPTO_get_lock_name(type), file, line);
}
#endif
if (type < 0) {
- if (do_dynlock_cb)
- do_dynlock_cb(mode, type, file, line);
+ if (dynlock_lock_callback != NULL) {
+ struct CRYPTO_dynlock_value *pointer
+ = CRYPTO_get_dynlock_value(type);
+
+ OPENSSL_assert(pointer != NULL);
+
+ dynlock_lock_callback(mode, pointer, file, line);
+
+ CRYPTO_destroy_dynlockid(type);
+ }
} else if (locking_callback != NULL)
locking_callback(mode, type, file, line);
}
@@ -236,9 +608,13 @@
ret = add_lock_callback(pointer, amount, type, file, line);
#ifdef LOCK_DEBUG
- fprintf(stderr, "ladd:%08lx:%2d+%2d->%2d %-18s %s:%d\n",
- CRYPTO_thread_id(),
- before, amount, ret, CRYPTO_get_lock_name(type), file, line);
+ {
+ CRYPTO_THREADID id;
+ CRYPTO_THREADID_current(&id);
+ fprintf(stderr, "ladd:%08lx:%2d+%2d->%2d %-18s %s:%d\n",
+ CRYPTO_THREADID_hash(&id), before, amount, ret,
+ CRYPTO_get_lock_name(type), file, line);
+ }
#endif
} else {
CRYPTO_lock(CRYPTO_LOCK | CRYPTO_WRITE, type, file, line);
@@ -245,10 +621,14 @@
ret = *pointer + amount;
#ifdef LOCK_DEBUG
- fprintf(stderr, "ladd:%08lx:%2d+%2d->%2d %-18s %s:%d\n",
- CRYPTO_thread_id(),
- *pointer, amount, ret,
- CRYPTO_get_lock_name(type), file, line);
+ {
+ CRYPTO_THREADID id;
+ CRYPTO_THREADID_current(&id);
+ fprintf(stderr, "ladd:%08lx:%2d+%2d->%2d %-18s %s:%d\n",
+ CRYPTO_THREADID_hash(&id),
+ *pointer, amount, ret,
+ CRYPTO_get_lock_name(type), file, line);
+ }
#endif
*pointer = ret;
CRYPTO_lock(CRYPTO_UNLOCK | CRYPTO_WRITE, type, file, line);
@@ -256,23 +636,48 @@
return (ret);
}
+const char *CRYPTO_get_lock_name(int type)
+{
+ if (type < 0)
+ return ("dynamic");
+ else if (type < CRYPTO_NUM_LOCKS)
+ return (lock_names[type]);
+ else if (type - CRYPTO_NUM_LOCKS > sk_OPENSSL_STRING_num(app_locks))
+ return ("ERROR");
+ else
+ return (sk_OPENSSL_STRING_value(app_locks, type - CRYPTO_NUM_LOCKS));
+}
+
#if defined(__i386) || defined(__i386__) || defined(_M_IX86) || \
defined(__INTEL__) || \
defined(__x86_64) || defined(__x86_64__) || \
defined(_M_AMD64) || defined(_M_X64)
-unsigned long OPENSSL_ia32cap_P = 0;
+unsigned int OPENSSL_ia32cap_P[2];
unsigned long *OPENSSL_ia32cap_loc(void)
{
- return &OPENSSL_ia32cap_P;
+ if (sizeof(long) == 4)
+ /*
+ * If 32-bit application pulls address of OPENSSL_ia32cap_P[0]
+ * clear second element to maintain the illusion that vector
+ * is 32-bit.
+ */
+ OPENSSL_ia32cap_P[1] = 0;
+ return (unsigned long *)OPENSSL_ia32cap_P;
}
# if defined(OPENSSL_CPUID_OBJ) && !defined(OPENSSL_NO_ASM) && !defined(I386_ONLY)
# define OPENSSL_CPUID_SETUP
+# if defined(_WIN32)
+typedef unsigned __int64 IA32CAP;
+# else
+typedef unsigned long long IA32CAP;
+# endif
void OPENSSL_cpuid_setup(void)
{
static int trigger = 0;
- unsigned long OPENSSL_ia32_cpuid(void);
+ IA32CAP OPENSSL_ia32_cpuid(void);
+ IA32CAP vec;
char *env;
if (trigger)
@@ -279,15 +684,27 @@
return;
trigger = 1;
- if ((env = getenv("OPENSSL_ia32cap")))
- OPENSSL_ia32cap_P = strtoul(env, NULL, 0) | (1 << 10);
- else
- OPENSSL_ia32cap_P = OPENSSL_ia32_cpuid() | (1 << 10);
+ if ((env = getenv("OPENSSL_ia32cap"))) {
+ int off = (env[0] == '~') ? 1 : 0;
+# if defined(_WIN32)
+ if (!sscanf(env + off, "%I64i", &vec))
+ vec = strtoul(env + off, NULL, 0);
+# else
+ if (!sscanf(env + off, "%lli", (long long *)&vec))
+ vec = strtoul(env + off, NULL, 0);
+# endif
+ if (off)
+ vec = OPENSSL_ia32_cpuid() & ~vec;
+ } else
+ vec = OPENSSL_ia32_cpuid();
+
/*
* |(1<<10) sets a reserved bit to signal that variable
* was initialized already... This is to avoid interference
* with cpuid snippets in ELF .init segment.
*/
+ OPENSSL_ia32cap_P[0] = (unsigned int)vec | (1 << 10);
+ OPENSSL_ia32cap_P[1] = (unsigned int)(vec >> 32);
}
# endif
@@ -298,7 +715,7 @@
}
#endif
int OPENSSL_NONPIC_relocated = 0;
-#if !defined(OPENSSL_CPUID_SETUP)
+#if !defined(OPENSSL_CPUID_SETUP) && !defined(OPENSSL_CPUID_OBJ)
void OPENSSL_cpuid_setup(void)
{
}
@@ -305,70 +722,14 @@
#endif
#if (defined(_WIN32) || defined(__CYGWIN__)) && defined(_WINDLL)
-
-# ifdef OPENSSL_FIPS
-
-# include <tlhelp32.h>
-# if defined(__GNUC__) && __GNUC__>=2
-static int DllInit(void) __attribute__ ((constructor));
-# elif defined(_MSC_VER)
-static int DllInit(void);
-# ifdef _WIN64
-# pragma section(".CRT$XCU",read)
-__declspec(allocate(".CRT$XCU"))
-# else
-# pragma data_seg(".CRT$XCU")
-# endif
-static int (*p) (void) = DllInit;
-# pragma data_seg()
-# endif
-
-static int DllInit(void)
-{
-# if defined(_WIN32_WINNT)
- union {
- int (*f) (void);
- BYTE *p;
- } t = {
- DllInit
- };
- HANDLE hModuleSnap = INVALID_HANDLE_VALUE;
- IMAGE_DOS_HEADER *dos_header;
- IMAGE_NT_HEADERS *nt_headers;
- MODULEENTRY32 me32 = { sizeof(me32) };
-
- hModuleSnap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, 0);
- if (hModuleSnap != INVALID_HANDLE_VALUE &&
- Module32First(hModuleSnap, &me32))
- do {
- if (t.p >= me32.modBaseAddr &&
- t.p < me32.modBaseAddr + me32.modBaseSize) {
- dos_header = (IMAGE_DOS_HEADER *) me32.modBaseAddr;
- if (dos_header->e_magic == IMAGE_DOS_SIGNATURE) {
- nt_headers = (IMAGE_NT_HEADERS *)
- ((BYTE *) dos_header + dos_header->e_lfanew);
- if (nt_headers->Signature == IMAGE_NT_SIGNATURE &&
- me32.modBaseAddr !=
- (BYTE *) nt_headers->OptionalHeader.ImageBase)
- OPENSSL_NONPIC_relocated = 1;
- }
- break;
- }
- } while (Module32Next(hModuleSnap, &me32));
-
- if (hModuleSnap != INVALID_HANDLE_VALUE)
- CloseHandle(hModuleSnap);
-# endif
- OPENSSL_cpuid_setup();
- return 0;
-}
-
-# else
-
-# ifdef __CYGWIN__
+# ifdef __CYGWIN__
/* pick DLL_[PROCESS|THREAD]_[ATTACH|DETACH] definitions */
-# include <windows.h>
-# endif
+# include <windows.h>
+/*
+ * this has side-effect of _WIN32 getting defined, which otherwise is
+ * mutually exclusive with __CYGWIN__...
+ */
+# endif
/*
* All we really need to do is remove the 'error' state when a thread
@@ -380,7 +741,7 @@
switch (fdwReason) {
case DLL_PROCESS_ATTACH:
OPENSSL_cpuid_setup();
-# if defined(_WIN32_WINNT)
+# if defined(_WIN32_WINNT)
{
IMAGE_DOS_HEADER *dos_header = (IMAGE_DOS_HEADER *) hinstDLL;
IMAGE_NT_HEADERS *nt_headers;
@@ -394,7 +755,7 @@
OPENSSL_NONPIC_relocated = 1;
}
}
-# endif
+# endif
break;
case DLL_THREAD_ATTACH:
break;
@@ -405,12 +766,21 @@
}
return (TRUE);
}
-# endif
-
#endif
#if defined(_WIN32) && !defined(__CYGWIN__)
# include <tchar.h>
+# include <signal.h>
+# ifdef __WATCOMC__
+# if defined(_UNICODE) || defined(__UNICODE__)
+# define _vsntprintf _vsnwprintf
+# else
+# define _vsntprintf _vsnprintf
+# endif
+# endif
+# ifdef _MSC_VER
+# define alloca _alloca
+# endif
# if defined(_WIN32_WINNT) && _WIN32_WINNT>=0x0333
int OPENSSL_isservice(void)
@@ -418,9 +788,24 @@
HWINSTA h;
DWORD len;
WCHAR *name;
+ static union {
+ void *p;
+ int (*f) (void);
+ } _OPENSSL_isservice = {
+ NULL
+ };
- (void)GetDesktopWindow(); /* return value is ignored */
+ if (_OPENSSL_isservice.p == NULL) {
+ HANDLE h = GetModuleHandle(NULL);
+ if (h != NULL)
+ _OPENSSL_isservice.p = GetProcAddress(h, "_OPENSSL_isservice");
+ if (_OPENSSL_isservice.p == NULL)
+ _OPENSSL_isservice.p = (void *)-1;
+ }
+ if (_OPENSSL_isservice.p != (void *)-1)
+ return (*_OPENSSL_isservice.f) ();
+
h = GetProcessWindowStation();
if (h == NULL)
return -1;
@@ -432,11 +817,7 @@
if (len > 512)
return -1; /* paranoia */
len++, len &= ~1; /* paranoia */
-# ifdef _MSC_VER
- name = (WCHAR *)_alloca(len + sizeof(WCHAR));
-# else
name = (WCHAR *)alloca(len + sizeof(WCHAR));
-# endif
if (!GetUserObjectInformationW(h, UOI_NAME, name, len, &len))
return -1;
@@ -491,11 +872,7 @@
size_t len_0 = strlen(fmta) + 1, i;
WCHAR *fmtw;
-# ifdef _MSC_VER
- fmtw = (WCHAR *)_alloca(len_0 * sizeof(WCHAR));
-# else
fmtw = (WCHAR *)alloca(len_0 * sizeof(WCHAR));
-# endif
if (fmtw == NULL) {
fmt = (const TCHAR *)L"no stack?";
break;
@@ -582,7 +959,15 @@
OPENSSL_showfatal
("%s(%d): OpenSSL internal error, assertion failed: %s\n", file, line,
assertion);
+#if !defined(_WIN32) || defined(__CYGWIN__)
abort();
+#else
+ /*
+ * Win32 abort() customarily shows a dialog, but we just did that...
+ */
+ raise(SIGABRT);
+ _exit(3);
+#endif
}
void *OPENSSL_stderr(void)
@@ -590,8 +975,6 @@
return stderr;
}
-#ifndef OPENSSL_FIPS
-
int CRYPTO_memcmp(const void *in_a, const void *in_b, size_t len)
{
size_t i;
@@ -604,4 +987,3 @@
return x;
}
-#endif
Modified: trunk/crypto/openssl/crypto/cryptlib.h
===================================================================
--- trunk/crypto/openssl/crypto/cryptlib.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/cryptlib.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -99,8 +99,8 @@
# define HEX_SIZE(type) (sizeof(type)*2)
void OPENSSL_cpuid_setup(void);
-extern unsigned long OPENSSL_ia32cap_P;
-void OPENSSL_showfatal(const char *, ...);
+extern unsigned int OPENSSL_ia32cap_P[];
+void OPENSSL_showfatal(const char *fmta, ...);
void *OPENSSL_stderr(void);
extern int OPENSSL_NONPIC_relocated;
Modified: trunk/crypto/openssl/crypto/crypto-lib.com
===================================================================
--- trunk/crypto/openssl/crypto/crypto-lib.com 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/crypto-lib.com 2015-07-21 23:23:45 UTC (rev 7118)
@@ -47,11 +47,33 @@
$! WARNING: this should only be done to recompile some part of an already
$! fully compiled library.
$!
+$! P7, if defined, specifies the C pointer size. Ignored on VAX.
+$! ("64=ARGV" gives more efficient code with HP C V7.3 or newer.)
+$! Supported values are:
$!
+$! "" Compile with default (/NOPOINTER_SIZE)
+$! 32 Compile with /POINTER_SIZE=32 (SHORT)
+$! 64 Compile with /POINTER_SIZE=64[=ARGV] (LONG[=ARGV]).
+$! (Automatically select ARGV if compiler supports it.)
+$! 64= Compile with /POINTER_SIZE=64 (LONG).
+$! 64=ARGV Compile with /POINTER_SIZE=64=ARGV (LONG=ARGV).
+$!
+$! P8, if defined, specifies a directory where ZLIB files (zlib.h,
+$! libz.olb) may be found. Optionally, a non-default object library
+$! name may be included ("dev:[dir]libz_64.olb", for example).
+$!
+$!
+$! Announce/identify.
+$!
+$ proc = f$environment( "procedure")
+$ write sys$output "@@@ "+ -
+ f$parse( proc, , , "name")+ f$parse( proc, , , "type")
+$!
$! Define A TCP/IP Library That We Will Need To Link To.
$! (That Is, If We Need To Link To One.)
$!
$ TCPIP_LIB = ""
+$ ZLIB_LIB = ""
$!
$! Check Which Architecture We Are Using.
$!
@@ -60,7 +82,7 @@
$!
$! The Architecture Is VAX
$!
-$ ARCH := VAX
+$ ARCH = "VAX"
$!
$! Else...
$!
@@ -75,32 +97,51 @@
$!
$ ENDIF
$!
+$ ARCHD = ARCH
+$ LIB32 = "32"
+$ OPT_FILE = ""
+$ POINTER_SIZE = ""
+$!
$! Define The Different Encryption Types.
$! NOTE: Some might think this list ugly. However, it's made this way to
$! reflect the SDIRS variable in [-]Makefile.org as closely as possible,
$! thereby making it fairly easy to verify that the lists are the same.
$!
+$ ET_WHIRLPOOL = "WHRLPOOL"
+$ IF ARCH .EQS. "VAX" THEN ET_WHIRLPOOL = ""
$ ENCRYPT_TYPES = "Basic,"+ -
"OBJECTS,"+ -
- "MD2,MD4,MD5,SHA,MDC2,HMAC,RIPEMD,"+ -
- "DES,RC2,RC4,RC5,IDEA,BF,CAST,CAMELLIA,SEED,"+ -
- "BN,EC,RSA,DSA,ECDSA,DH,ECDH,DSO,ENGINE,AES,"+ -
+ "MD4,MD5,SHA,MDC2,HMAC,RIPEMD,"+ET_WHIRLPOOL+","+ -
+ "DES,AES,RC2,RC4,IDEA,BF,CAST,CAMELLIA,SEED,MODES,"+ -
+ "BN,EC,RSA,DSA,ECDSA,DH,ECDH,DSO,ENGINE,"+ -
"BUFFER,BIO,STACK,LHASH,RAND,ERR,"+ -
- "EVP,EVP_2,ASN1,ASN1_2,PEM,X509,X509V3,"+ -
+ "EVP,EVP_2,EVP_3,ASN1,ASN1_2,PEM,X509,X509V3,"+ -
"CONF,TXT_DB,PKCS7,PKCS12,COMP,OCSP,UI,KRB5,"+ -
- "STORE,CMS,PQUEUE,JPAKE"
-$! Define The OBJ Directory.
+ "CMS,PQUEUE,TS,JPAKE,SRP,STORE,CMAC"
$!
-$ OBJ_DIR := SYS$DISK:[-.'ARCH'.OBJ.CRYPTO]
+$! Check To Make Sure We Have Valid Command Line Parameters.
$!
-$! Define The EXE Directory.
+$ GOSUB CHECK_OPTIONS
$!
-$ EXE_DIR := SYS$DISK:[-.'ARCH'.EXE.CRYPTO]
+$! Define The OBJ and EXE Directories.
$!
-$! Check To Make Sure We Have Valid Command Line Parameters.
+$ OBJ_DIR := SYS$DISK:[-.'ARCHD'.OBJ.CRYPTO]
+$ EXE_DIR := SYS$DISK:[-.'ARCHD'.EXE.CRYPTO]
$!
-$ GOSUB CHECK_OPTIONS
+$! Specify the destination directory in any /MAP option.
$!
+$ if (LINKMAP .eqs. "MAP")
+$ then
+$ LINKMAP = LINKMAP+ "=''EXE_DIR'"
+$ endif
+$!
+$! Add the location prefix to the linker options file name.
+$!
+$ if (OPT_FILE .nes. "")
+$ then
+$ OPT_FILE = EXE_DIR+ OPT_FILE
+$ endif
+$!
$! Initialise logical names and such
$!
$ GOSUB INITIALISE
@@ -107,7 +148,7 @@
$!
$! Tell The User What Kind of Machine We Run On.
$!
-$ WRITE SYS$OUTPUT "Compiling On A ",ARCH," Machine."
+$ WRITE SYS$OUTPUT "Host system architecture: ''ARCHD'"
$!
$!
$! Check To See If The Architecture Specific OBJ Directory Exists.
@@ -138,11 +179,11 @@
$!
$! Define The Library Name.
$!
-$ LIB_NAME := 'EXE_DIR'LIBCRYPTO.OLB
+$ LIB_NAME := 'EXE_DIR'SSL_LIBCRYPTO'LIB32'.OLB
$!
$! Define The CRYPTO-LIB We Are To Use.
$!
-$ CRYPTO_LIB := 'EXE_DIR'LIBCRYPTO.OLB
+$ CRYPTO_LIB := 'EXE_DIR'SSL_LIBCRYPTO'LIB32'.OLB
$!
$! Check To See If We Already Have A "[.xxx.EXE.CRYPTO]LIBCRYPTO.OLB" Library...
$!
@@ -163,18 +204,27 @@
$!
$! Define The Different Encryption "library" Strings.
$!
-$ APPS_DES = "DES/DES,CBC3_ENC"
-$ APPS_PKCS7 = "ENC/ENC;DEC/DEC;SIGN/SIGN;VERIFY/VERIFY,EXAMPLE"
+$!!! Test apps disabled, as they aren't supported at all,
+$!!! not even in the unix build
+$!!! APPS_DES = "DES/DES,CBC3_ENC"
+$!!! APPS_PKCS7 = "ENC/ENC;DEC/DEC;SIGN/SIGN;VERIFY/VERIFY,EXAMPLE"
$
-$ LIB_ = "cryptlib,dyn_lck,mem,mem_clr,mem_dbg,cversion,ex_data,tmdiff,cpt_err,ebcdic,uid,o_time,o_str,o_dir,o_init,fips_err"
+$! These variables are ordered as the SDIRS variable from the top Makefile.org
+$! The contents of these variables are copied from the LIBOBJ variable in the
+$! corresponding Makefile from each corresponding subdirectory, with .o stripped
+$! and spaces replaced with commas.
+$ LIB_ = "cryptlib,mem,mem_dbg,cversion,ex_data,cpt_err,ebcdic,"+ -
+ "uid,o_time,o_str,o_dir,o_fips.c,o_init,fips_ers,mem_clr"
+$ LIB_OBJECTS = "o_names,obj_dat,obj_lib,obj_err,obj_xref"
$ LIB_MD2 = "md2_dgst,md2_one"
$ LIB_MD4 = "md4_dgst,md4_one"
$ LIB_MD5 = "md5_dgst,md5_one"
$ LIB_SHA = "sha_dgst,sha1dgst,sha_one,sha1_one,sha256,sha512"
$ LIB_MDC2 = "mdc2dgst,mdc2_one"
-$ LIB_HMAC = "hmac"
+$ LIB_HMAC = "hmac,hm_ameth,hm_pmeth"
$ LIB_RIPEMD = "rmd_dgst,rmd_one"
-$ LIB_DES = "des_lib,set_key,ecb_enc,cbc_enc,"+ -
+$ LIB_WHRLPOOL = "wp_dgst,wp_block"
+$ LIB_DES = "set_key,ecb_enc,cbc_enc,"+ -
"ecb3_enc,cfb64enc,cfb64ede,cfb_enc,ofb64ede,"+ -
"enc_read,enc_writ,ofb64enc,"+ -
"ofb_enc,str2key,pcbc_enc,qud_cksm,rand_key,"+ -
@@ -182,14 +232,16 @@
"fcrypt,xcbc_enc,rpc_enc,cbc_cksm,"+ -
"ede_cbcm_enc,des_old,des_old2,read2pwd"
$ LIB_RC2 = "rc2_ecb,rc2_skey,rc2_cbc,rc2cfb64,rc2ofb64"
-$ LIB_RC4 = "rc4_skey,rc4_enc"
+$ LIB_RC4 = "rc4_enc,rc4_skey,rc4_utl"
$ LIB_RC5 = "rc5_skey,rc5_ecb,rc5_enc,rc5cfb64,rc5ofb64"
$ LIB_IDEA = "i_cbc,i_cfb64,i_ofb64,i_ecb,i_skey"
$ LIB_BF = "bf_skey,bf_ecb,bf_enc,bf_cfb64,bf_ofb64"
$ LIB_CAST = "c_skey,c_ecb,c_enc,c_cfb64,c_ofb64"
-$ LIB_CAMELLIA = "camellia,cmll_misc,cmll_ecb,cmll_cbc,cmll_ofb,"+ -
- "cmll_cfb,cmll_ctr"
-$ LIB_SEED = "seed,seed_cbc,seed_ecb,seed_cfb,seed_ofb"
+$ LIB_CAMELLIA = "cmll_ecb,cmll_ofb,cmll_cfb,cmll_ctr,cmll_utl,"+ -
+ "camellia,cmll_misc,cmll_cbc"
+$ LIB_SEED = "seed,seed_ecb,seed_cbc,seed_cfb,seed_ofb"
+$ LIB_MODES = "cbc128,ctr128,cts128,cfb128,ofb128,gcm128,"+ -
+ "ccm128,xts128"
$ LIB_BN_ASM = "[.asm]vms.mar,vms-helper"
$ IF F$TRNLNM("OPENSSL_NO_ASM") .OR. ARCH .NES. "VAX" THEN -
LIB_BN_ASM = "bn_asm"
@@ -197,66 +249,72 @@
"bn_print,bn_rand,bn_shift,bn_word,bn_blind,"+ -
"bn_kron,bn_sqrt,bn_gcd,bn_prime,bn_err,bn_sqr,"+LIB_BN_ASM+","+ -
"bn_recp,bn_mont,bn_mpi,bn_exp2,bn_gf2m,bn_nist,"+ -
- "bn_depr,bn_x931p,bn_const,bn_opt"
+ "bn_depr,bn_const,bn_x931p"
$ LIB_EC = "ec_lib,ecp_smpl,ecp_mont,ecp_nist,ec_cvt,ec_mult,"+ -
"ec_err,ec_curve,ec_check,ec_print,ec_asn1,ec_key,"+ -
- "ec2_smpl,ec2_mult"
+ "ec2_smpl,ec2_mult,ec_ameth,ec_pmeth,eck_prn,"+ -
+ "ecp_nistp224,ecp_nistp256,ecp_nistp521,ecp_nistputil,"+ -
+ "ecp_oct,ec2_oct,ec_oct"
$ LIB_RSA = "rsa_eay,rsa_gen,rsa_lib,rsa_sign,rsa_saos,rsa_err,"+ -
"rsa_pk1,rsa_ssl,rsa_none,rsa_oaep,rsa_chk,rsa_null,"+ -
- "rsa_pss,rsa_x931,rsa_x931g,rsa_asn1,rsa_depr,rsa_eng"
+ "rsa_pss,rsa_x931,rsa_asn1,rsa_depr,rsa_ameth,rsa_prn,"+ -
+ "rsa_pmeth,rsa_crpt"
$ LIB_DSA = "dsa_gen,dsa_key,dsa_lib,dsa_asn1,dsa_vrf,dsa_sign,"+ -
- "dsa_err,dsa_ossl,dsa_depr,dsa_utl"
+ "dsa_err,dsa_ossl,dsa_depr,dsa_ameth,dsa_pmeth,dsa_prn"
$ LIB_ECDSA = "ecs_lib,ecs_asn1,ecs_ossl,ecs_sign,ecs_vrf,ecs_err"
-$ LIB_DH = "dh_asn1,dh_gen,dh_key,dh_lib,dh_check,dh_err,dh_depr"
+$ LIB_DH = "dh_asn1,dh_gen,dh_key,dh_lib,dh_check,dh_err,dh_depr,"+ -
+ "dh_ameth,dh_pmeth,dh_prn"
$ LIB_ECDH = "ech_lib,ech_ossl,ech_key,ech_err"
$ LIB_DSO = "dso_dl,dso_dlfcn,dso_err,dso_lib,dso_null,"+ -
- "dso_openssl,dso_win32,dso_vms"
+ "dso_openssl,dso_win32,dso_vms,dso_beos"
$ LIB_ENGINE = "eng_err,eng_lib,eng_list,eng_init,eng_ctrl,"+ -
"eng_table,eng_pkey,eng_fat,eng_all,"+ -
"tb_rsa,tb_dsa,tb_ecdsa,tb_dh,tb_ecdh,tb_rand,tb_store,"+ -
- "tb_cipher,tb_digest,"+ -
- "eng_openssl,eng_dyn,eng_cnf,eng_cryptodev,eng_padlock"
-$ LIB_AES = "aes_core,aes_misc,aes_ecb,aes_cbc,aes_cfb,aes_ofb,"+ -
- "aes_ctr,aes_ige,aes_wrap"
+ "tb_cipher,tb_digest,tb_pkmeth,tb_asnmth,"+ -
+ "eng_openssl,eng_cnf,eng_dyn,eng_cryptodev,"+ -
+ "eng_rsax,eng_rdrand"
+$ LIB_AES = "aes_misc,aes_ecb,aes_cfb,aes_ofb,aes_ctr,aes_ige,aes_wrap,"+ -
+ "aes_core,aes_cbc"
$ LIB_BUFFER = "buffer,buf_str,buf_err"
$ LIB_BIO = "bio_lib,bio_cb,bio_err,"+ -
"bss_mem,bss_null,bss_fd,"+ -
"bss_file,bss_sock,bss_conn,"+ -
"bf_null,bf_buff,b_print,b_dump,"+ -
- "b_sock,bss_acpt,bf_nbio,bss_rtcp,bss_bio,bss_log,"+ -
+ "b_sock,bss_acpt,bf_nbio,bss_log,bss_bio,"+ -
"bss_dgram,"+ -
- "bf_lbuf"
+ "bf_lbuf,bss_rtcp" ! The last two are VMS specific
$ LIB_STACK = "stack"
$ LIB_LHASH = "lhash,lh_stats"
$ LIB_RAND = "md_rand,randfile,rand_lib,rand_err,rand_egd,"+ -
- "rand_vms"
-$ LIB_ERR = "err,err_def,err_all,err_prn,err_str,err_bio"
-$ LIB_OBJECTS = "o_names,obj_dat,obj_lib,obj_err"
-$ LIB_EVP = "encode,digest,dig_eng,evp_enc,evp_key,evp_acnf,evp_cnf,"+ -
+ "rand_vms" ! The last one is VMS specific
+$ LIB_ERR = "err,err_all,err_prn"
+$ LIB_EVP = "encode,digest,evp_enc,evp_key,evp_acnf,evp_cnf,"+ -
"e_des,e_bf,e_idea,e_des3,e_camellia,"+ -
"e_rc4,e_aes,names,e_seed,"+ -
- "e_xcbc_d,e_rc2,e_cast,e_rc5,enc_min"
-$ LIB_EVP_2 = "m_null,m_md2,m_md4,m_md5,m_sha,m_sha1," + -
+ "e_xcbc_d,e_rc2,e_cast,e_rc5"
+$ LIB_EVP_2 = "m_null,m_md2,m_md4,m_md5,m_sha,m_sha1,m_wp," + -
"m_dss,m_dss1,m_mdc2,m_ripemd,m_ecdsa,"+ -
"p_open,p_seal,p_sign,p_verify,p_lib,p_enc,p_dec,"+ -
"bio_md,bio_b64,bio_enc,evp_err,e_null,"+ -
"c_all,c_allc,c_alld,evp_lib,bio_ok,"+-
"evp_pkey,evp_pbe,p5_crpt,p5_crpt2"
-$ LIB_EVP_3 = "e_old"
+$ LIB_EVP_3 = "e_old,pmeth_lib,pmeth_fn,pmeth_gn,m_sigver,evp_fips,"+ -
+ "e_aes_cbc_hmac_sha1,e_rc4_hmac_md5"
$ LIB_ASN1 = "a_object,a_bitstr,a_utctm,a_gentm,a_time,a_int,a_octet,"+ -
"a_print,a_type,a_set,a_dup,a_d2i_fp,a_i2d_fp,"+ -
"a_enum,a_utf8,a_sign,a_digest,a_verify,a_mbstr,a_strex,"+ -
"x_algor,x_val,x_pubkey,x_sig,x_req,x_attrib,x_bignum,"+ -
"x_long,x_name,x_x509,x_x509a,x_crl,x_info,x_spki,nsseq,"+ -
- "d2i_pu,d2i_pr,i2d_pu,i2d_pr"
+ "x_nx509,d2i_pu,d2i_pr,i2d_pu,i2d_pr"
$ LIB_ASN1_2 = "t_req,t_x509,t_x509a,t_crl,t_pkey,t_spki,t_bitst,"+ -
"tasn_new,tasn_fre,tasn_enc,tasn_dec,tasn_utl,tasn_typ,"+ -
+ "tasn_prn,ameth_lib,"+ -
"f_int,f_string,n_pkey,"+ -
- "f_enum,a_hdr,x_pkey,a_bool,x_exten,asn_mime,"+ -
- "asn1_gen,asn1_par,asn1_lib,asn1_err,a_meth,a_bytes,a_strnid,"+ -
+ "f_enum,x_pkey,a_bool,x_exten,bio_asn1,bio_ndef,asn_mime,"+ -
+ "asn1_gen,asn1_par,asn1_lib,asn1_err,a_bytes,a_strnid,"+ -
"evp_asn1,asn_pack,p5_pbe,p5_pbev2,p8_pkey,asn_moid"
$ LIB_PEM = "pem_sign,pem_seal,pem_info,pem_lib,pem_all,pem_err,"+ -
- "pem_x509,pem_xaux,pem_oth,pem_pk8,pem_pkey"
+ "pem_x509,pem_xaux,pem_oth,pem_pk8,pem_pkey,pvkfmt"
$ LIB_X509 = "x509_def,x509_d2,x509_r2x,x509_cmp,"+ -
"x509_obj,x509_req,x509spki,x509_vfy,"+ -
"x509_set,x509cset,x509rset,x509_err,"+ -
@@ -272,7 +330,7 @@
$ LIB_CONF = "conf_err,conf_lib,conf_api,conf_def,conf_mod,conf_mall,conf_sap"
$ LIB_TXT_DB = "txt_db"
$ LIB_PKCS7 = "pk7_asn1,pk7_lib,pkcs7err,pk7_doit,pk7_smime,pk7_attr,"+ -
- "pk7_mime"
+ "pk7_mime,bio_pk7"
$ LIB_PKCS12 = "p12_add,p12_asn,p12_attr,p12_crpt,p12_crt,p12_decr,"+ -
"p12_init,p12_key,p12_kiss,p12_mutl,"+ -
"p12_utl,p12_npas,pk12err,p12_p8d,p12_p8e"
@@ -283,23 +341,37 @@
$ LIB_UI_COMPAT = ",ui_compat"
$ LIB_UI = "ui_err,ui_lib,ui_openssl,ui_util"+LIB_UI_COMPAT
$ LIB_KRB5 = "krb5_asn"
-$ LIB_STORE = "str_err,str_lib,str_meth,str_mem"
$ LIB_CMS = "cms_lib,cms_asn1,cms_att,cms_io,cms_smime,cms_err,"+ -
- "cms_sd,cms_dd,cms_cd,cms_env,cms_enc,cms_ess"
+ "cms_sd,cms_dd,cms_cd,cms_env,cms_enc,cms_ess,"+ -
+ "cms_pwri"
$ LIB_PQUEUE = "pqueue"
+$ LIB_TS = "ts_err,ts_req_utils,ts_req_print,ts_rsp_utils,ts_rsp_print,"+ -
+ "ts_rsp_sign,ts_rsp_verify,ts_verify_ctx,ts_lib,ts_conf,"+ -
+ "ts_asn1"
$ LIB_JPAKE = "jpake,jpake_err"
+$ LIB_SRP = "srp_lib,srp_vfy"
+$ LIB_STORE = "str_err,str_lib,str_meth,str_mem"
+$ LIB_CMAC = "cmac,cm_ameth,cm_pmeth"
$!
$! Setup exceptional compilations
$!
-$ ! Add definitions for no threads on OpenVMS 7.1 and higher
+$ CC3_SHOWN = 0
+$ CC4_SHOWN = 0
+$ CC5_SHOWN = 0
+$ CC6_SHOWN = 0
+$!
+$! The following lists must have leading and trailing commas, and no
+$! embedded spaces. (They are scanned for ",name,".)
+$!
+$ ! Add definitions for no threads on OpenVMS 7.1 and higher.
$ COMPILEWITH_CC3 = ",bss_rtcp,"
-$ ! Disable the DOLLARID warning
-$ COMPILEWITH_CC4 = ",a_utctm,bss_log,o_time,o_dir"
-$ ! Disable disjoint optimization
+$ ! Disable the DOLLARID warning. Not needed with /STANDARD=RELAXED.
+$ COMPILEWITH_CC4 = "" !!! ",a_utctm,bss_log,o_time,o_dir,"
+$ ! Disable disjoint optimization on VAX with DECC.
$ COMPILEWITH_CC5 = ",md2_dgst,md4_dgst,md5_dgst,mdc2dgst," + -
"seed,sha_dgst,sha1dgst,rmd_dgst,bf_enc,"
-$ ! Disable the MIXLINKAGE warning
-$ COMPILEWITH_CC6 = ",enc_read,set_key,"
+$ ! Disable the MIXLINKAGE warning.
+$ COMPILEWITH_CC6 = "" !!! ",enc_read,set_key,"
$!
$! Figure Out What Other Modules We Are To Build.
$!
@@ -315,7 +387,7 @@
$!
$! Extract The Module Name From The Encryption List.
$!
-$ MODULE_NAME = F$ELEMENT(MODULE_COUNTER,",",ENCRYPT_TYPES)
+$ MODULE_NAME = F$EDIT(F$ELEMENT(MODULE_COUNTER,",",ENCRYPT_TYPES),"COLLAPSE")
$ IF MODULE_NAME.EQS."Basic" THEN MODULE_NAME = ""
$ MODULE_NAME1 = MODULE_NAME
$!
@@ -359,7 +431,7 @@
$ IF F$TYPE('LIB_MODULE') .EQS. ""
$ THEN
$ WRITE SYS$ERROR ""
-$ WRITE SYS$ERROR "The module ",MODULE_NAME," does not exist. Continuing..."
+$ WRITE SYS$ERROR "The module ",MODULE_NAME1," does not exist. Continuing..."
$ WRITE SYS$ERROR ""
$ GOTO MODULE_NEXT
$ ENDIF
@@ -399,7 +471,7 @@
$!
$! O.K, Extract The File Name From The File List.
$!
-$ FILE_NAME = F$ELEMENT(FILE_COUNTER,",",'LIB_MODULE')
+$ FILE_NAME = F$EDIT(F$ELEMENT(FILE_COUNTER,",",'LIB_MODULE'),"COLLAPSE")
$!
$! else
$!
@@ -426,7 +498,7 @@
$!
$ IF APPLICATION .NES. ";"
$ THEN
-$ FILE_NAME = F$ELEMENT(FILE_COUNTER,",",APPLICATION_OBJECTS)
+$ FILE_NAME = F$EDIT(F$ELEMENT(FILE_COUNTER,",",APPLICATION_OBJECTS),"COLLAPSE")
$ IF FILE_NAME .EQS. ","
$ THEN
$ APPLICATION = ""
@@ -505,13 +577,13 @@
$ ENDIF
$ IF (MODULE_NAME.NES."")
$ THEN
-$ WRITE SYS$OUTPUT " ",FILE_NAME,""
+$ WRITE SYS$OUTPUT " ",FILE_NAME,""
$ ENDIF
$!
$! Compile The File.
$!
$ ON ERROR THEN GOTO NEXT_FILE
-$ FILE_NAME0 = F$ELEMENT(0,".",FILE_NAME)
+$ FILE_NAME0 = ","+ F$ELEMENT(0,".",FILE_NAME)+ ","
$ IF FILE_NAME - ".mar" .NES. FILE_NAME
$ THEN
$ MACRO/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
@@ -518,18 +590,47 @@
$ ELSE
$ IF COMPILEWITH_CC3 - FILE_NAME0 .NES. COMPILEWITH_CC3
$ THEN
+$ write sys$output " \Using special rule (3)"
+$ if (.not. CC3_SHOWN)
+$ then
+$ CC3_SHOWN = 1
+$ x = " "+ CC3
+$ write /symbol sys$output x
+$ endif
$ CC3/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
$ ELSE
$ IF COMPILEWITH_CC4 - FILE_NAME0 .NES. COMPILEWITH_CC4
$ THEN
+$ write /symbol sys$output " \Using special rule (4)"
+$ if (.not. CC4_SHOWN)
+$ then
+$ CC4_SHOWN = 1
+$ x = " "+ CC4
+$ write /symbol sys$output x
+$ endif
$ CC4/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
$ ELSE
-$ IF COMPILEWITH_CC5 - FILE_NAME0 .NES. COMPILEWITH_CC5
+$ IF CC5_DIFFERENT .AND. -
+ (COMPILEWITH_CC5 - FILE_NAME0 .NES. COMPILEWITH_CC5)
$ THEN
+$ write sys$output " \Using special rule (5)"
+$ if (.not. CC5_SHOWN)
+$ then
+$ CC5_SHOWN = 1
+$ x = " "+ CC5
+$ write /symbol sys$output x
+$ endif
$ CC5/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
$ ELSE
$ IF COMPILEWITH_CC6 - FILE_NAME0 .NES. COMPILEWITH_CC6
$ THEN
+$ write sys$output " \Using special rule (6)"
+$ if (.not. CC6_SHOWN)
+$ then
+$ CC6_SHOWN = 1
+$ x = " "+ CC6
+$ write /symbol sys$output x
+$ endif
$ CC6/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
$ ELSE
$ CC/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
@@ -576,38 +677,22 @@
$!
$! Tell the user what happens
$!
-$ WRITE SYS$OUTPUT " ",APPLICATION,".exe"
+$ WRITE SYS$OUTPUT " ",APPLICATION,".exe"
$!
$! Link The Program.
$!
$ ON ERROR THEN GOTO NEXT_APPLICATION
$!
-$! Check To See If We Are To Link With A Specific TCP/IP Library.
+$! Link With A TCP/IP Library.
$!
-$ IF (TCPIP_LIB.NES."")
-$ THEN
+$ LINK /'DEBUGGER' /'LINKMAP' /'TRACEBACK' -
+ /EXE='EXE_DIR''APPLICATION'.EXE -
+ 'OBJ_DIR''APPLICATION_OBJECTS', -
+ 'CRYPTO_LIB'/LIBRARY -
+ 'TCPIP_LIB' -
+ 'ZLIB_LIB' -
+ ,'OPT_FILE' /OPTIONS
$!
-$! Link With A TCP/IP Library.
-$!
-$ LINK/'DEBUGGER'/'TRACEBACK'/EXE='EXE_DIR''APPLICATION'.EXE -
- 'OBJ_DIR''APPLICATION_OBJECTS', -
- 'CRYPTO_LIB'/LIBRARY, -
- 'TCPIP_LIB','OPT_FILE'/OPTION
-$!
-$! Else...
-$!
-$ ELSE
-$!
-$! Don't Link With A TCP/IP Library.
-$!
-$ LINK/'DEBUGGER'/'TRACEBACK'/EXE='EXE_DIR''APPLICATION'.EXE -
- 'OBJ_DIR''APPLICATION_OBJECTS',-
- 'CRYPTO_LIB'/LIBRARY, -
- 'OPT_FILE'/OPTION
-$!
-$! End The TCP/IP Library Check.
-$!
-$ ENDIF
$ GOTO NEXT_APPLICATION
$ APPLICATION_DONE:
$ ENDIF
@@ -646,7 +731,7 @@
$ CREATE 'OPT_FILE'
$DECK
!
-! Default System Options File To Link Agianst
+! Default System Options File To Link Against
! The Sharable VAX C Runtime Library.
!
SYS$SHARE:VAXCRTL.EXE/SHARE
@@ -675,7 +760,7 @@
$ CREATE 'OPT_FILE'
$DECK
!
-! Default System Options File To Link Agianst
+! Default System Options File To Link Against
! The Sharable C Runtime Library.
!
GNU_CC:[000000]GCCLIB/LIBRARY
@@ -710,7 +795,7 @@
$ CREATE 'OPT_FILE'
$DECK
!
-! Default System Options File To Link Agianst
+! Default System Options File To Link Against
! The Sharable DEC C Runtime Library.
!
SYS$SHARE:DECC$SHR.EXE/SHARE
@@ -725,7 +810,7 @@
$ CREATE 'OPT_FILE'
$DECK
!
-! Default System Options File For non-VAX To Link Agianst
+! Default System Options File For non-VAX To Link Against
! The Sharable C Runtime Library.
!
SYS$SHARE:CMA$OPEN_LIB_SHR/SHARE
@@ -746,7 +831,7 @@
$!
$! Tell The User What Linker Option File We Are Using.
$!
-$ WRITE SYS$OUTPUT "Using Linker Option File ",OPT_FILE,"."
+$ WRITE SYS$OUTPUT "Using Linker Option File ",OPT_FILE,"."
$!
$! Time To RETURN.
$!
@@ -769,12 +854,12 @@
$!
$ ELSE
$!
-$! Else, Check To See If P1 Has A Valid Arguement.
+$! Else, Check To See If P1 Has A Valid Argument.
$!
$ IF (P1.EQS."LIBRARY").OR.(P1.EQS."APPS")
$ THEN
$!
-$! A Valid Arguement.
+$! A Valid Argument.
$!
$ BUILDALL = P1
$!
@@ -793,8 +878,8 @@
$ WRITE SYS$OUTPUT ""
$ WRITE SYS$OUTPUT " Where 'xxx' Stands For:"
$ WRITE SYS$OUTPUT ""
-$ WRITE SYS$OUTPUT " ALPHA : Alpha Architecture."
-$ WRITE SYS$OUTPUT " IA64 : IA64 Architecture."
+$ WRITE SYS$OUTPUT " ALPHA[64]: Alpha Architecture."
+$ WRITE SYS$OUTPUT " IA64[64] : IA64 Architecture."
$ WRITE SYS$OUTPUT " VAX : VAX Architecture."
$ WRITE SYS$OUTPUT ""
$!
@@ -802,7 +887,7 @@
$!
$ EXIT
$!
-$! End The Valid Arguement Check.
+$! End The Valid Argument Check.
$!
$ ENDIF
$!
@@ -815,15 +900,16 @@
$ IF (P2.EQS."NODEBUG")
$ THEN
$!
-$! P2 Is NODEBUG, So Compile Without The Debugger Information.
+$! P2 Is NODEBUG, So Compile Without The Debugger Information.
$!
-$ DEBUGGER = "NODEBUG"
-$ TRACEBACK = "NOTRACEBACK"
-$ GCC_OPTIMIZE = "OPTIMIZE"
-$ CC_OPTIMIZE = "OPTIMIZE"
-$ MACRO_OPTIMIZE = "OPTIMIZE"
-$ WRITE SYS$OUTPUT "No Debugger Information Will Be Produced During Compile."
-$ WRITE SYS$OUTPUT "Compiling With Compiler Optimization."
+$ DEBUGGER = "NODEBUG"
+$ LINKMAP = "NOMAP"
+$ TRACEBACK = "NOTRACEBACK"
+$ GCC_OPTIMIZE = "OPTIMIZE"
+$ CC_OPTIMIZE = "OPTIMIZE"
+$ MACRO_OPTIMIZE = "OPTIMIZE"
+$ WRITE SYS$OUTPUT "No Debugger Information Will Be Produced During Compile."
+$ WRITE SYS$OUTPUT "Compiling With Compiler Optimization."
$ ELSE
$!
$! Check To See If We Are To Compile With Debugger Information.
@@ -834,6 +920,7 @@
$! Compile With Debugger Information.
$!
$ DEBUGGER = "DEBUG"
+$ LINKMAP = "MAP"
$ TRACEBACK = "TRACEBACK"
$ GCC_OPTIMIZE = "NOOPTIMIZE"
$ CC_OPTIMIZE = "NOOPTIMIZE"
@@ -842,7 +929,7 @@
$ WRITE SYS$OUTPUT "Compiling Without Compiler Optimization."
$ ELSE
$!
-$! They Entered An Invalid Option..
+$! They Entered An Invalid Option.
$!
$ WRITE SYS$OUTPUT ""
$ WRITE SYS$OUTPUT "The Option ",P2," Is Invalid. The Valid Options Are:"
@@ -855,7 +942,7 @@
$!
$ EXIT
$!
-$! End The Valid Arguement Check.
+$! End The Valid Argument Check.
$!
$ ENDIF
$!
@@ -897,6 +984,60 @@
$!
$ ENDIF
$!
+$! Check P7 (POINTER_SIZE).
+$!
+$ IF (P7 .NES. "") .AND. (ARCH .NES. "VAX")
+$ THEN
+$!
+$ IF (P7 .EQS. "32")
+$ THEN
+$ POINTER_SIZE = " /POINTER_SIZE=32"
+$ ELSE
+$ POINTER_SIZE = F$EDIT( P7, "COLLAPSE, UPCASE")
+$ IF ((POINTER_SIZE .EQS. "64") .OR. -
+ (POINTER_SIZE .EQS. "64=") .OR. -
+ (POINTER_SIZE .EQS. "64=ARGV"))
+$ THEN
+$ ARCHD = ARCH+ "_64"
+$ LIB32 = ""
+$ POINTER_SIZE = " /POINTER_SIZE=64"
+$ ELSE
+$!
+$! Tell The User Entered An Invalid Option.
+$!
+$ WRITE SYS$OUTPUT ""
+$ WRITE SYS$OUTPUT "The Option ", P7, -
+ " Is Invalid. The Valid Options Are:"
+$ WRITE SYS$OUTPUT ""
+$ WRITE SYS$OUTPUT -
+ " """" : Compile with default (short) pointers."
+$ WRITE SYS$OUTPUT -
+ " 32 : Compile with 32-bit (short) pointers."
+$ WRITE SYS$OUTPUT -
+ " 64 : Compile with 64-bit (long) pointers (auto ARGV)."
+$ WRITE SYS$OUTPUT -
+ " 64= : Compile with 64-bit (long) pointers (no ARGV)."
+$ WRITE SYS$OUTPUT -
+ " 64=ARGV : Compile with 64-bit (long) pointers (ARGV)."
+$ WRITE SYS$OUTPUT ""
+$!
+$! Time To EXIT.
+$!
+$ EXIT
+$!
+$ ENDIF
+$!
+$ ENDIF
+$!
+$! End The P7 (POINTER_SIZE) Check.
+$!
+$ ENDIF
+$!
+$! Set basic C compiler /INCLUDE directories.
+$!
+$ CC_INCLUDES = "SYS$DISK:[.''ARCHD'],SYS$DISK:[],SYS$DISK:[-],"+ -
+ "SYS$DISK:[.ENGINE.VENDOR_DEFNS],SYS$DISK:[.MODES],SYS$DISK:[.ASN1],SYS$DISK:[.EVP]"
+$!
$! Check To See If P3 Is Blank.
$!
$ IF (P3.EQS."")
@@ -997,12 +1138,68 @@
$ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS
$ CCEXTRAFLAGS = ""
$ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS
-$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX,FOUNDCR"
-$ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN -
- CCDISABLEWARNINGS = CCDISABLEWARNINGS + "," + USER_CCDISABLEWARNINGS
+$ CCDISABLEWARNINGS = "" !!! "MAYLOSEDATA3" !!! "LONGLONGTYPE,LONGLONGSUFX,FOUNDCR"
+$ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. ""
+$ THEN
+$ IF CCDISABLEWARNINGS .NES. "" THEN CCDISABLEWARNINGS = CCDISABLEWARNINGS + ","
+$ CCDISABLEWARNINGS = CCDISABLEWARNINGS + USER_CCDISABLEWARNINGS
+$ ENDIF
$!
-$! Check To See If The User Entered A Valid Paramter.
+$! Check To See If We Have A ZLIB Option.
$!
+$ ZLIB = P8
+$ IF (ZLIB .NES. "")
+$ THEN
+$!
+$! Check for expected ZLIB files.
+$!
+$ err = 0
+$ file1 = f$parse( "zlib.h", ZLIB, , , "SYNTAX_ONLY")
+$ if (f$search( file1) .eqs. "")
+$ then
+$ WRITE SYS$OUTPUT ""
+$ WRITE SYS$OUTPUT "The Option ", ZLIB, " Is Invalid."
+$ WRITE SYS$OUTPUT " Can't find header: ''file1'"
+$ err = 1
+$ endif
+$ file1 = f$parse( "A.;", ZLIB)- "A.;"
+$!
+$ file2 = f$parse( ZLIB, "libz.olb", , , "SYNTAX_ONLY")
+$ if (f$search( file2) .eqs. "")
+$ then
+$ if (err .eq. 0)
+$ then
+$ WRITE SYS$OUTPUT ""
+$ WRITE SYS$OUTPUT "The Option ", ZLIB, " Is Invalid."
+$ endif
+$ WRITE SYS$OUTPUT " Can't find library: ''file2'"
+$ WRITE SYS$OUTPUT ""
+$ err = err+ 2
+$ endif
+$ if (err .eq. 1)
+$ then
+$ WRITE SYS$OUTPUT ""
+$ endif
+$!
+$ if (err .ne. 0)
+$ then
+$ EXIT
+$ endif
+$!
+$ CCDEFS = """ZLIB=1"", "+ CCDEFS
+$ CC_INCLUDES = CC_INCLUDES+ ", "+ file1
+$ ZLIB_LIB = ", ''file2' /library"
+$!
+$! Print info
+$!
+$ WRITE SYS$OUTPUT "ZLIB library spec: ", file2
+$!
+$! End The ZLIB Check.
+$!
+$ ENDIF
+$!
+$! Check To See If The User Entered A Valid Parameter.
+$!
$ IF (P3.EQS."VAXC").OR.(P3.EQS."DECC").OR.(P3.EQS."GNUC")
$ THEN
$!
@@ -1024,14 +1221,14 @@
$ CC = "CC"
$ IF ARCH.EQS."VAX" .AND. F$TRNLNM("DECC$CC_DEFAULT").NES."/DECC" -
THEN CC = "CC/DECC"
-$ CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/STANDARD=ANSI89" + -
- "/NOLIST/PREFIX=ALL" + -
- "/INCLUDE=(SYS$DISK:[],SYS$DISK:[._''ARCH'],SYS$DISK:[-],SYS$DISK:[.ENGINE.VENDOR_DEFNS],SYS$DISK:[.EVP])" + -
- CCEXTRAFLAGS
+$ CC = CC + " /''CC_OPTIMIZE' /''DEBUGGER' /STANDARD=RELAXED"+ -
+ "''POINTER_SIZE' /NOLIST /PREFIX=ALL" + -
+ " /INCLUDE=(''CC_INCLUDES')"+ -
+ CCEXTRAFLAGS
$!
$! Define The Linker Options File Name.
$!
-$ OPT_FILE = "''EXE_DIR'VAX_DECC_OPTIONS.OPT"
+$ OPT_FILE = "VAX_DECC_OPTIONS.OPT"
$!
$! End DECC Check.
$!
@@ -1060,7 +1257,7 @@
$ ENDIF
$ IF F$TRNLNM("DECC$CC_DEFAULT").EQS."/DECC" THEN CC = "CC/VAXC"
$ CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/NOLIST" + -
- "/INCLUDE=(SYS$DISK:[],SYS$DISK:[._''ARCH'],SYS$DISK:[-],SYS$DISK:[.ENGINE.VENDOR_DEFNS])" + -
+ "/INCLUDE=(''CC_INCLUDES')"+ -
CCEXTRAFLAGS
$ CCDEFS = """VAXC""," + CCDEFS
$!
@@ -1070,7 +1267,7 @@
$!
$! Define The Linker Options File Name.
$!
-$ OPT_FILE = "''EXE_DIR'VAX_VAXC_OPTIONS.OPT"
+$ OPT_FILE = "VAX_VAXC_OPTIONS.OPT"
$!
$! End VAXC Check
$!
@@ -1092,12 +1289,12 @@
$! Use GNU C...
$!
$ CC = "GCC/NOCASE_HACK/''GCC_OPTIMIZE'/''DEBUGGER'/NOLIST" + -
- "/INCLUDE=(SYS$DISK:[],SYS$DISK:[._''ARCH'],SYS$DISK:[-],SYS$DISK:[.ENGINE.VENDOR_DEFNS])" + -
+ "/INCLUDE=(''CC_INCLUDES')"+ -
CCEXTRAFLAGS
$!
$! Define The Linker Options File Name.
$!
-$ OPT_FILE = "''EXE_DIR'VAX_GNUC_OPTIONS.OPT"
+$ OPT_FILE = "VAX_GNUC_OPTIONS.OPT"
$!
$! End The GNU C Check.
$!
@@ -1111,6 +1308,18 @@
$!
$ IF COMPILER .EQS. "DECC"
$ THEN
+$! Not all compiler versions support MAYLOSEDATA3.
+$ OPT_TEST = "MAYLOSEDATA3"
+$ DEFINE /USER_MODE SYS$ERROR NL:
+$ DEFINE /USER_MODE SYS$OUTPUT NL:
+$ 'CC' /NOCROSS_REFERENCE /NOLIST /NOOBJECT -
+ /WARNINGS = DISABLE = ('OPT_TEST', EMPTYFILE) NL:
+$ IF ($SEVERITY)
+$ THEN
+$ IF CCDISABLEWARNINGS .NES. "" THEN -
+ CCDISABLEWARNINGS = CCDISABLEWARNINGS+ ","
+$ CCDISABLEWARNINGS = CCDISABLEWARNINGS+ OPT_TEST
+$ ENDIF
$ IF CCDISABLEWARNINGS .EQS. ""
$ THEN
$ CC4DISABLEWARNINGS = "DOLLARID"
@@ -1118,22 +1327,24 @@
$ ELSE
$ CC4DISABLEWARNINGS = CCDISABLEWARNINGS + ",DOLLARID"
$ CC6DISABLEWARNINGS = CCDISABLEWARNINGS + ",MIXLINKAGE"
-$ CCDISABLEWARNINGS = "/WARNING=(DISABLE=(" + CCDISABLEWARNINGS + "))"
+$ CCDISABLEWARNINGS = " /WARNING=(DISABLE=(" + CCDISABLEWARNINGS + "))"
$ ENDIF
-$ CC4DISABLEWARNINGS = "/WARNING=(DISABLE=(" + CC4DISABLEWARNINGS + "))"
-$ CC6DISABLEWARNINGS = "/WARNING=(DISABLE=(" + CC6DISABLEWARNINGS + "))"
+$ CC4DISABLEWARNINGS = " /WARNING=(DISABLE=(" + CC4DISABLEWARNINGS + "))"
+$ CC6DISABLEWARNINGS = " /WARNING=(DISABLE=(" + CC6DISABLEWARNINGS + "))"
$ ELSE
$ CCDISABLEWARNINGS = ""
$ CC4DISABLEWARNINGS = ""
$ CC6DISABLEWARNINGS = ""
$ ENDIF
-$ CC3 = CC + "/DEFINE=(" + CCDEFS + ISSEVEN + ")" + CCDISABLEWARNINGS
-$ CC = CC + "/DEFINE=(" + CCDEFS + ")" + CCDISABLEWARNINGS
+$ CC3 = CC + " /DEFINE=(" + CCDEFS + ISSEVEN + ")" + CCDISABLEWARNINGS
+$ CC = CC + " /DEFINE=(" + CCDEFS + ")" + CCDISABLEWARNINGS
$ IF ARCH .EQS. "VAX" .AND. COMPILER .EQS. "DECC" .AND. P2 .NES. "DEBUG"
$ THEN
-$ CC5 = CC + "/OPTIMIZE=NODISJOINT"
+$ CC5 = CC + " /OPTIMIZE=NODISJOINT"
+$ CC5_DIFFERENT = 1
$ ELSE
-$ CC5 = CC + "/NOOPTIMIZE"
+$ CC5 = CC
+$ CC5_DIFFERENT = 0
$ ENDIF
$ CC4 = CC - CCDISABLEWARNINGS + CC4DISABLEWARNINGS
$ CC6 = CC - CCDISABLEWARNINGS + CC6DISABLEWARNINGS
@@ -1142,7 +1353,7 @@
$!
$ WRITE/SYMBOL SYS$OUTPUT "Main C Compiling Command: ",CC
$!
-$! Else The User Entered An Invalid Arguement.
+$! Else The User Entered An Invalid Argument.
$!
$ ELSE
$!
@@ -1160,7 +1371,7 @@
$!
$ EXIT
$!
-$! End The Valid Arguement Check.
+$! End The Valid Argument Check.
$!
$ ENDIF
$!
@@ -1186,7 +1397,7 @@
$!
$! Set the library to use SOCKETSHR
$!
-$ TCPIP_LIB = "SYS$DISK:[-.VMS]SOCKETSHR_SHR.OPT/OPT"
+$ TCPIP_LIB = ",SYS$DISK:[-.VMS]SOCKETSHR_SHR.OPT /OPTIONS"
$!
$! Done with SOCKETSHR
$!
@@ -1212,13 +1423,13 @@
$!
$! Set the library to use UCX.
$!
-$ TCPIP_LIB = "SYS$DISK:[-.VMS]UCX_SHR_DECC.OPT/OPT"
+$ TCPIP_LIB = ",SYS$DISK:[-.VMS]UCX_SHR_DECC.OPT /OPTIONS"
$ IF F$TRNLNM("UCX$IPC_SHR") .NES. ""
$ THEN
-$ TCPIP_LIB = "SYS$DISK:[-.VMS]UCX_SHR_DECC_LOG.OPT/OPT"
+$ TCPIP_LIB = ",SYS$DISK:[-.VMS]UCX_SHR_DECC_LOG.OPT /OPTIONS"
$ ELSE
$ IF COMPILER .NES. "DECC" .AND. ARCH .EQS. "VAX" THEN -
- TCPIP_LIB = "SYS$DISK:[-.VMS]UCX_SHR_VAXC.OPT/OPT"
+ TCPIP_LIB = ",SYS$DISK:[-.VMS]UCX_SHR_VAXC.OPT /OPTIONS"
$ ENDIF
$!
$! Done with UCX
@@ -1232,7 +1443,7 @@
$!
$! Set the library to use TCPIP (post UCX).
$!
-$ TCPIP_LIB = "SYS$DISK:[-.VMS]TCPIP_SHR_DECC.OPT/OPT"
+$ TCPIP_LIB = ",SYS$DISK:[-.VMS]TCPIP_SHR_DECC.OPT /OPTIONS"
$!
$! Done with TCPIP
$!
@@ -1253,9 +1464,9 @@
$!
$! Print info
$!
-$ WRITE SYS$OUTPUT "TCP/IP library spec: ", TCPIP_LIB
+$ WRITE SYS$OUTPUT "TCP/IP library spec: ", TCPIP_LIB- ","
$!
-$! Else The User Entered An Invalid Arguement.
+$! Else The User Entered An Invalid Argument.
$!
$ ELSE
$!
Modified: trunk/crypto/openssl/crypto/crypto.h
===================================================================
--- trunk/crypto/openssl/crypto/crypto.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/crypto.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,6 +1,6 @@
/* crypto/crypto.h */
/* ====================================================================
- * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -223,13 +223,9 @@
# define CRYPTO_LOCK_EC_PRE_COMP 36
# define CRYPTO_LOCK_STORE 37
# define CRYPTO_LOCK_COMP 38
-# ifndef OPENSSL_FIPS
-# define CRYPTO_NUM_LOCKS 39
-# else
-# define CRYPTO_LOCK_FIPS 39
-# define CRYPTO_LOCK_FIPS2 40
-# define CRYPTO_NUM_LOCKS 41
-# endif
+# define CRYPTO_LOCK_FIPS 39
+# define CRYPTO_LOCK_FIPS2 40
+# define CRYPTO_NUM_LOCKS 41
# define CRYPTO_LOCK 1
# define CRYPTO_UNLOCK 2
@@ -294,10 +290,11 @@
typedef struct bio_st BIO_dummy;
struct crypto_ex_data_st {
- STACK *sk;
+ STACK_OF(void) *sk;
/* gcc is screwing up this data structure :-( */
int dummy;
};
+DECLARE_STACK_OF(void)
/*
* This stuff is basically class callback functions The current classes are
@@ -360,7 +357,14 @@
* Set standard debugging functions (not done by default unless CRYPTO_MDEBUG
* is defined)
*/
-void CRYPTO_malloc_debug_init(void);
+# define CRYPTO_malloc_debug_init() do {\
+ CRYPTO_set_mem_debug_functions(\
+ CRYPTO_dbg_malloc,\
+ CRYPTO_dbg_realloc,\
+ CRYPTO_dbg_free,\
+ CRYPTO_dbg_set_options,\
+ CRYPTO_dbg_get_options);\
+ } while(0)
int CRYPTO_mem_ctrl(int mode);
int CRYPTO_is_mem_check_on(void);
@@ -439,17 +443,31 @@
const char *file, int line));
int (*CRYPTO_get_add_lock_callback(void)) (int *num, int mount, int type,
const char *file, int line);
+
+/* Don't use this structure directly. */
+typedef struct crypto_threadid_st {
+ void *ptr;
+ unsigned long val;
+} CRYPTO_THREADID;
+/* Only use CRYPTO_THREADID_set_[numeric|pointer]() within callbacks */
+void CRYPTO_THREADID_set_numeric(CRYPTO_THREADID *id, unsigned long val);
+void CRYPTO_THREADID_set_pointer(CRYPTO_THREADID *id, void *ptr);
+int CRYPTO_THREADID_set_callback(void (*threadid_func) (CRYPTO_THREADID *));
+void (*CRYPTO_THREADID_get_callback(void)) (CRYPTO_THREADID *);
+void CRYPTO_THREADID_current(CRYPTO_THREADID *id);
+int CRYPTO_THREADID_cmp(const CRYPTO_THREADID *a, const CRYPTO_THREADID *b);
+void CRYPTO_THREADID_cpy(CRYPTO_THREADID *dest, const CRYPTO_THREADID *src);
+unsigned long CRYPTO_THREADID_hash(const CRYPTO_THREADID *id);
+# ifndef OPENSSL_NO_DEPRECATED
void CRYPTO_set_id_callback(unsigned long (*func) (void));
unsigned long (*CRYPTO_get_id_callback(void)) (void);
unsigned long CRYPTO_thread_id(void);
+# endif
+
const char *CRYPTO_get_lock_name(int type);
int CRYPTO_add_lock(int *pointer, int amount, int type, const char *file,
int line);
-void int_CRYPTO_set_do_dynlock_callback(void (*do_dynlock_cb)
- (int mode, int type,
- const char *file, int line));
-
int CRYPTO_get_new_dynlockid(void);
void CRYPTO_destroy_dynlockid(int i);
struct CRYPTO_dynlock_value *CRYPTO_get_dynlock_value(int i);
@@ -493,10 +511,6 @@
const char *, int, int),
void (*f) (void *, int), void (*so) (long),
long (*go) (void));
-void CRYPTO_set_mem_info_functions(int (*push_info_fn)
- (const char *info, const char *file,
- int line), int (*pop_info_fn) (void),
- int (*remove_all_info_fn) (void));
void CRYPTO_get_mem_functions(void *(**m) (size_t),
void *(**r) (void *, size_t),
void (**f) (void *));
@@ -516,10 +530,10 @@
void (**so) (long), long (**go) (void));
void *CRYPTO_malloc_locked(int num, const char *file, int line);
-void CRYPTO_free_locked(void *);
+void CRYPTO_free_locked(void *ptr);
void *CRYPTO_malloc(int num, const char *file, int line);
char *CRYPTO_strdup(const char *str, const char *file, int line);
-void CRYPTO_free(void *);
+void CRYPTO_free(void *ptr);
void *CRYPTO_realloc(void *addr, int num, const char *file, int line);
void *CRYPTO_realloc_clean(void *addr, int old_num, int num, const char *file,
int line);
@@ -563,10 +577,6 @@
void CRYPTO_dbg_set_options(long bits);
long CRYPTO_dbg_get_options(void);
-int CRYPTO_dbg_push_info(const char *info, const char *file, int line);
-int CRYPTO_dbg_pop_info(void);
-int CRYPTO_dbg_remove_all_info(void);
-
# ifndef OPENSSL_NO_FP_API
void CRYPTO_mem_leaks_fp(FILE *);
# endif
@@ -584,64 +594,33 @@
# define OPENSSL_ia32cap (*(OPENSSL_ia32cap_loc()))
int OPENSSL_isservice(void);
-# ifdef OPENSSL_FIPS
-# define FIPS_ERROR_IGNORED(alg) OpenSSLDie(__FILE__, __LINE__, \
- alg " previous FIPS forbidden algorithm error ignored");
+int FIPS_mode(void);
+int FIPS_mode_set(int r);
-# define FIPS_BAD_ABORT(alg) OpenSSLDie(__FILE__, __LINE__, \
- #alg " Algorithm forbidden in FIPS mode");
+void OPENSSL_init(void);
-# ifdef OPENSSL_FIPS_STRICT
-# define FIPS_BAD_ALGORITHM(alg) FIPS_BAD_ABORT(alg)
-# else
-# define FIPS_BAD_ALGORITHM(alg) \
+# define fips_md_init(alg) fips_md_init_ctx(alg, alg)
+
+# ifdef OPENSSL_FIPS
+# define fips_md_init_ctx(alg, cx) \
+ int alg##_Init(cx##_CTX *c) \
{ \
- FIPSerr(FIPS_F_HASH_FINAL,FIPS_R_NON_FIPS_METHOD); \
- ERR_add_error_data(2, "Algorithm=", #alg); \
- return 0; \
- }
-# endif
+ if (FIPS_mode()) OpenSSLDie(__FILE__, __LINE__, \
+ "Low level API call to digest " #alg " forbidden in FIPS mode!"); \
+ return private_##alg##_Init(c); \
+ } \
+ int private_##alg##_Init(cx##_CTX *c)
-/* Low level digest API blocking macro */
+# define fips_cipher_abort(alg) \
+ if (FIPS_mode()) OpenSSLDie(__FILE__, __LINE__, \
+ "Low level API call to cipher " #alg " forbidden in FIPS mode!")
-# define FIPS_NON_FIPS_MD_Init(alg) \
- int alg##_Init(alg##_CTX *c) \
- { \
- if (FIPS_mode()) \
- FIPS_BAD_ALGORITHM(alg) \
- return private_##alg##_Init(c); \
- } \
- int private_##alg##_Init(alg##_CTX *c)
-
-/*
- * For ciphers the API often varies from cipher to cipher and each needs to
- * be treated as a special case. Variable key length ciphers (Blowfish, RC4,
- * CAST) however are very similar and can use a blocking macro.
- */
-
-# define FIPS_NON_FIPS_VCIPHER_Init(alg) \
- void alg##_set_key(alg##_KEY *key, int len, const unsigned char *data) \
- { \
- if (FIPS_mode()) \
- FIPS_BAD_ABORT(alg) \
- private_##alg##_set_key(key, len, data); \
- } \
- void private_##alg##_set_key(alg##_KEY *key, int len, \
- const unsigned char *data)
-
# else
+# define fips_md_init_ctx(alg, cx) \
+ int alg##_Init(cx##_CTX *c)
+# define fips_cipher_abort(alg) while(0)
+# endif
-# define FIPS_NON_FIPS_VCIPHER_Init(alg) \
- void alg##_set_key(alg##_KEY *key, int len, const unsigned char *data)
-
-# define FIPS_NON_FIPS_MD_Init(alg) \
- int alg##_Init(alg##_CTX *c)
-
-# endif /* def OPENSSL_FIPS */
-
-# define OPENSSL_HAVE_INIT 1
-void OPENSSL_init(void);
-
/*
* CRYPTO_memcmp returns zero iff the |len| bytes at |a| and |b| are equal.
* It takes an amount of time dependent on |len|, but independent of the
@@ -667,11 +646,13 @@
# define CRYPTO_F_CRYPTO_SET_EX_DATA 102
# define CRYPTO_F_DEF_ADD_INDEX 104
# define CRYPTO_F_DEF_GET_CLASS 105
+# define CRYPTO_F_FIPS_MODE_SET 109
# define CRYPTO_F_INT_DUP_EX_DATA 106
# define CRYPTO_F_INT_FREE_EX_DATA 107
# define CRYPTO_F_INT_NEW_EX_DATA 108
/* Reason codes. */
+# define CRYPTO_R_FIPS_MODE_NOT_SUPPORTED 101
# define CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK 100
#ifdef __cplusplus
Modified: trunk/crypto/openssl/crypto/cversion.c
===================================================================
--- trunk/crypto/openssl/crypto/cversion.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/cversion.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -68,10 +68,7 @@
return OPENSSL_VERSION_TEXT;
if (t == SSLEAY_BUILT_ON) {
#ifdef DATE
- static char buf[sizeof(DATE) + 11];
-
- BIO_snprintf(buf, sizeof buf, "built on: %s", DATE);
- return (buf);
+ return (DATE);
#else
return ("built on: date not available");
#endif
@@ -78,10 +75,7 @@
}
if (t == SSLEAY_CFLAGS) {
#ifdef CFLAGS
- static char buf[sizeof(CFLAGS) + 11];
-
- BIO_snprintf(buf, sizeof buf, "compiler: %s", CFLAGS);
- return (buf);
+ return (CFLAGS);
#else
return ("compiler: information not available");
#endif
@@ -88,10 +82,7 @@
}
if (t == SSLEAY_PLATFORM) {
#ifdef PLATFORM
- static char buf[sizeof(PLATFORM) + 11];
-
- BIO_snprintf(buf, sizeof buf, "platform: %s", PLATFORM);
- return (buf);
+ return (PLATFORM);
#else
return ("platform: information not available");
#endif
Modified: trunk/crypto/openssl/crypto/des/Makefile
===================================================================
--- trunk/crypto/openssl/crypto/des/Makefile 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/des/Makefile 2015-07-21 23:23:45 UTC (rev 7118)
@@ -12,8 +12,6 @@
AR= ar r
RANLIB= ranlib
DES_ENC= des_enc.o fcrypt_b.o
-# or use
-#DES_ENC= dx86-elf.o yx86-elf.o
CFLAGS= $(INCLUDES) $(CFLAG)
ASFLAGS= $(INCLUDES) $(ASFLAG)
@@ -24,7 +22,7 @@
APPS=
LIB=$(TOP)/libcrypto.a
-LIBSRC= des_lib.c cbc_cksm.c cbc_enc.c cfb64enc.c cfb_enc.c \
+LIBSRC= cbc_cksm.c cbc_enc.c cfb64enc.c cfb_enc.c \
ecb3_enc.c ecb_enc.c enc_read.c enc_writ.c \
fcrypt.c ofb64enc.c ofb_enc.c pcbc_enc.c \
qud_cksm.c rand_key.c rpc_enc.c set_key.c \
@@ -33,7 +31,7 @@
str2key.c cfb64ede.c ofb64ede.c ede_cbcm_enc.c des_old.c des_old2.c \
read2pwd.c
-LIBOBJ= des_lib.o set_key.o ecb_enc.o cbc_enc.o \
+LIBOBJ= set_key.o ecb_enc.o cbc_enc.o \
ecb3_enc.o cfb64enc.o cfb64ede.o cfb_enc.o ofb64ede.o \
enc_read.o enc_writ.o ofb64enc.o \
ofb_enc.o str2key.o pcbc_enc.o qud_cksm.o rand_key.o \
@@ -54,7 +52,7 @@
all: lib
lib: $(LIBOBJ)
- $(ARX) $(LIB) $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
@@ -64,21 +62,10 @@
des_enc-sparc.S: asm/des_enc.m4
m4 -B 8192 asm/des_enc.m4 > des_enc-sparc.S
-# ELF
-dx86-elf.s: asm/des-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
- (cd asm; $(PERL) des-586.pl elf $(CFLAGS) > ../$@)
-yx86-elf.s: asm/crypt586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
- (cd asm; $(PERL) crypt586.pl elf $(CFLAGS) > ../$@)
-# COFF
-dx86-cof.s: asm/des-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
- (cd asm; $(PERL) des-586.pl coff $(CFLAGS) > ../$@)
-yx86-cof.s: asm/crypt586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
- (cd asm; $(PERL) crypt586.pl coff $(CFLAGS) > ../$@)
-# a.out
-dx86-out.s: asm/des-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
- (cd asm; $(PERL) des-586.pl a.out $(CFLAGS) > ../$@)
-yx86-out.s: asm/crypt586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
- (cd asm; $(PERL) crypt586.pl a.out $(CFLAGS) > ../$@)
+des-586.s: asm/des-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
+ $(PERL) asm/des-586.pl $(PERLASM_SCHEME) $(CFLAGS) > $@
+crypt586.s: asm/crypt586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
+ $(PERL) asm/crypt586.pl $(PERLASM_SCHEME) $(CFLAGS) > $@
files:
$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
@@ -107,6 +94,8 @@
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
+update: depend
+
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
@@ -156,14 +145,7 @@
des_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
des_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
des_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-des_enc.o: des_enc.c des_locl.h ncbc_enc.c
-des_lib.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
-des_lib.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-des_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-des_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-des_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-des_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-des_lib.o: ../../include/openssl/ui_compat.h des_lib.c des_locl.h des_ver.h
+des_enc.o: des_enc.c des_locl.h ncbc_enc.c spr.h
des_old.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
des_old.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
des_old.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
@@ -182,12 +164,13 @@
ecb3_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
ecb3_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
ecb3_enc.o: des_locl.h ecb3_enc.c
+ecb_enc.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
ecb_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
ecb_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-ecb_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-ecb_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-ecb_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-ecb_enc.o: des_locl.h ecb_enc.c spr.h
+ecb_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ecb_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ecb_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+ecb_enc.o: ../../include/openssl/ui_compat.h des_locl.h des_ver.h ecb_enc.c
ede_cbcm_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
ede_cbcm_enc.o: ../../include/openssl/e_os2.h
ede_cbcm_enc.o: ../../include/openssl/opensslconf.h
@@ -276,12 +259,13 @@
rpc_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
rpc_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
rpc_enc.o: des_locl.h des_ver.h rpc_des.h rpc_enc.c
-set_key.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-set_key.o: ../../include/openssl/e_os2.h ../../include/openssl/fips.h
-set_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/ossl_typ.h
-set_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-set_key.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-set_key.o: ../../include/openssl/ui_compat.h des_locl.h set_key.c
+set_key.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+set_key.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+set_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+set_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+set_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+set_key.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+set_key.o: des_locl.h set_key.c
str2key.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
str2key.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
str2key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
Modified: trunk/crypto/openssl/crypto/des/asm/crypt586.pl
===================================================================
--- trunk/crypto/openssl/crypto/des/asm/crypt586.pl 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/des/asm/crypt586.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -6,7 +6,8 @@
# things perfect.
#
-push(@INC,"perlasm","../../perlasm");
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
require "x86asm.pl";
&asm_init($ARGV[0],"crypt586.pl");
@@ -22,7 +23,7 @@
{
local($name,$do_ip)=@_;
- &function_begin($name,"EXTRN _DES_SPtrans:DWORD");
+ &function_begin($name);
&comment("");
&comment("Load the 2 words");
Modified: trunk/crypto/openssl/crypto/des/asm/des-586.pl
===================================================================
--- trunk/crypto/openssl/crypto/des/asm/des-586.pl 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/des/asm/des-586.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -4,7 +4,8 @@
# Svend Olaf Mikkelsen <svolaf at inet.uni-c.dk>
#
-push(@INC,"perlasm","../../perlasm");
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
require "x86asm.pl";
require "cbc.pl";
require "desboth.pl";
@@ -18,8 +19,15 @@
$L="edi";
$R="esi";
+$trans="ebp";
+$small_footprint=1 if (grep(/\-DOPENSSL_SMALL_FOOTPRINT/, at ARGV));
+# one can discuss setting this variable to 1 unconditionally, as
+# the folded loop is only 3% slower than unrolled, but >7 times smaller
-&external_label("DES_SPtrans");
+&public_label("DES_SPtrans");
+
+&DES_encrypt_internal();
+&DES_decrypt_internal();
&DES_encrypt("DES_encrypt1",1);
&DES_encrypt("DES_encrypt2",0);
&DES_encrypt3("DES_encrypt3",1);
@@ -26,14 +34,89 @@
&DES_encrypt3("DES_decrypt3",0);
&cbc("DES_ncbc_encrypt","DES_encrypt1","DES_encrypt1",0,4,5,3,5,-1);
&cbc("DES_ede3_cbc_encrypt","DES_encrypt3","DES_decrypt3",0,6,7,3,4,5);
+&DES_SPtrans();
&asm_finish();
+sub DES_encrypt_internal()
+ {
+ &function_begin_B("_x86_DES_encrypt");
+
+ if ($small_footprint)
+ {
+ &lea("edx",&DWP(128,"ecx"));
+ &push("edx");
+ &push("ecx");
+ &set_label("eloop");
+ &D_ENCRYPT(0,$L,$R,0,$trans,"eax","ebx","ecx","edx",&swtmp(0));
+ &comment("");
+ &D_ENCRYPT(1,$R,$L,2,$trans,"eax","ebx","ecx","edx",&swtmp(0));
+ &comment("");
+ &add("ecx",16);
+ &cmp("ecx",&swtmp(1));
+ &mov(&swtmp(0),"ecx");
+ &jb(&label("eloop"));
+ &add("esp",8);
+ }
+ else
+ {
+ &push("ecx");
+ for ($i=0; $i<16; $i+=2)
+ {
+ &comment("Round $i");
+ &D_ENCRYPT($i,$L,$R,$i*2,$trans,"eax","ebx","ecx","edx",&swtmp(0));
+ &comment("Round ".sprintf("%d",$i+1));
+ &D_ENCRYPT($i+1,$R,$L,($i+1)*2,$trans,"eax","ebx","ecx","edx",&swtmp(0));
+ }
+ &add("esp",4);
+ }
+ &ret();
+
+ &function_end_B("_x86_DES_encrypt");
+ }
+
+sub DES_decrypt_internal()
+ {
+ &function_begin_B("_x86_DES_decrypt");
+
+ if ($small_footprint)
+ {
+ &push("ecx");
+ &lea("ecx",&DWP(128,"ecx"));
+ &push("ecx");
+ &set_label("dloop");
+ &D_ENCRYPT(0,$L,$R,-2,$trans,"eax","ebx","ecx","edx",&swtmp(0));
+ &comment("");
+ &D_ENCRYPT(1,$R,$L,-4,$trans,"eax","ebx","ecx","edx",&swtmp(0));
+ &comment("");
+ &sub("ecx",16);
+ &cmp("ecx",&swtmp(1));
+ &mov(&swtmp(0),"ecx");
+ &ja(&label("dloop"));
+ &add("esp",8);
+ }
+ else
+ {
+ &push("ecx");
+ for ($i=15; $i>0; $i-=2)
+ {
+ &comment("Round $i");
+ &D_ENCRYPT(15-$i,$L,$R,$i*2,$trans,"eax","ebx","ecx","edx",&swtmp(0));
+ &comment("Round ".sprintf("%d",$i-1));
+ &D_ENCRYPT(15-$i+1,$R,$L,($i-1)*2,$trans,"eax","ebx","ecx","edx",&swtmp(0));
+ }
+ &add("esp",4);
+ }
+ &ret();
+
+ &function_end_B("_x86_DES_decrypt");
+ }
+
sub DES_encrypt
{
local($name,$do_ip)=@_;
- &function_begin_B($name,"EXTRN _DES_SPtrans:DWORD");
+ &function_begin_B($name);
&push("esi");
&push("edi");
@@ -40,7 +123,6 @@
&comment("");
&comment("Load the 2 words");
- $trans="ebp";
if ($do_ip)
{
@@ -73,40 +155,21 @@
}
# PIC-ification:-)
- &picmeup($trans,"DES_SPtrans");
- #if ($cpp) { &picmeup($trans,"DES_SPtrans"); }
- #else { &lea($trans,&DWP("DES_SPtrans")); }
+ &call (&label("pic_point"));
+ &set_label("pic_point");
+ &blindpop($trans);
+ &lea ($trans,&DWP(&label("DES_SPtrans")."-".&label("pic_point"),$trans));
&mov( "ecx", &wparam(1) );
+
&cmp("ebx","0");
- &je(&label("start_decrypt"));
+ &je(&label("decrypt"));
+ &call("_x86_DES_encrypt");
+ &jmp(&label("done"));
+ &set_label("decrypt");
+ &call("_x86_DES_decrypt");
+ &set_label("done");
- for ($i=0; $i<16; $i+=2)
- {
- &comment("");
- &comment("Round $i");
- &D_ENCRYPT($i,$L,$R,$i*2,$trans,"eax","ebx","ecx","edx");
-
- &comment("");
- &comment("Round ".sprintf("%d",$i+1));
- &D_ENCRYPT($i+1,$R,$L,($i+1)*2,$trans,"eax","ebx","ecx","edx");
- }
- &jmp(&label("end"));
-
- &set_label("start_decrypt");
-
- for ($i=15; $i>0; $i-=2)
- {
- &comment("");
- &comment("Round $i");
- &D_ENCRYPT(15-$i,$L,$R,$i*2,$trans,"eax","ebx","ecx","edx");
- &comment("");
- &comment("Round ".sprintf("%d",$i-1));
- &D_ENCRYPT(15-$i+1,$R,$L,($i-1)*2,$trans,"eax","ebx","ecx","edx");
- }
-
- &set_label("end");
-
if ($do_ip)
{
&comment("");
@@ -139,7 +202,7 @@
sub D_ENCRYPT
{
- local($r,$L,$R,$S,$trans,$u,$tmp1,$tmp2,$t)=@_;
+ local($r,$L,$R,$S,$trans,$u,$tmp1,$tmp2,$t,$wp1)=@_;
&mov( $u, &DWP(&n2a($S*4),$tmp2,"",0));
&xor( $tmp1, $tmp1);
@@ -166,7 +229,7 @@
&and( $t, "0xff" );
&xor( $L, &DWP("0x600",$trans,$tmp1,0));
&xor( $L, &DWP("0x700",$trans,$tmp2,0));
- &mov( $tmp2, &wparam(1) );
+ &mov( $tmp2, $wp1 );
&xor( $L, &DWP("0x400",$trans,$u,0));
&xor( $L, &DWP("0x500",$trans,$t,0));
}
@@ -249,3 +312,142 @@
&rotr($tt , 4);
}
+sub DES_SPtrans
+ {
+ &set_label("DES_SPtrans",64);
+ &data_word(0x02080800, 0x00080000, 0x02000002, 0x02080802);
+ &data_word(0x02000000, 0x00080802, 0x00080002, 0x02000002);
+ &data_word(0x00080802, 0x02080800, 0x02080000, 0x00000802);
+ &data_word(0x02000802, 0x02000000, 0x00000000, 0x00080002);
+ &data_word(0x00080000, 0x00000002, 0x02000800, 0x00080800);
+ &data_word(0x02080802, 0x02080000, 0x00000802, 0x02000800);
+ &data_word(0x00000002, 0x00000800, 0x00080800, 0x02080002);
+ &data_word(0x00000800, 0x02000802, 0x02080002, 0x00000000);
+ &data_word(0x00000000, 0x02080802, 0x02000800, 0x00080002);
+ &data_word(0x02080800, 0x00080000, 0x00000802, 0x02000800);
+ &data_word(0x02080002, 0x00000800, 0x00080800, 0x02000002);
+ &data_word(0x00080802, 0x00000002, 0x02000002, 0x02080000);
+ &data_word(0x02080802, 0x00080800, 0x02080000, 0x02000802);
+ &data_word(0x02000000, 0x00000802, 0x00080002, 0x00000000);
+ &data_word(0x00080000, 0x02000000, 0x02000802, 0x02080800);
+ &data_word(0x00000002, 0x02080002, 0x00000800, 0x00080802);
+ # nibble 1
+ &data_word(0x40108010, 0x00000000, 0x00108000, 0x40100000);
+ &data_word(0x40000010, 0x00008010, 0x40008000, 0x00108000);
+ &data_word(0x00008000, 0x40100010, 0x00000010, 0x40008000);
+ &data_word(0x00100010, 0x40108000, 0x40100000, 0x00000010);
+ &data_word(0x00100000, 0x40008010, 0x40100010, 0x00008000);
+ &data_word(0x00108010, 0x40000000, 0x00000000, 0x00100010);
+ &data_word(0x40008010, 0x00108010, 0x40108000, 0x40000010);
+ &data_word(0x40000000, 0x00100000, 0x00008010, 0x40108010);
+ &data_word(0x00100010, 0x40108000, 0x40008000, 0x00108010);
+ &data_word(0x40108010, 0x00100010, 0x40000010, 0x00000000);
+ &data_word(0x40000000, 0x00008010, 0x00100000, 0x40100010);
+ &data_word(0x00008000, 0x40000000, 0x00108010, 0x40008010);
+ &data_word(0x40108000, 0x00008000, 0x00000000, 0x40000010);
+ &data_word(0x00000010, 0x40108010, 0x00108000, 0x40100000);
+ &data_word(0x40100010, 0x00100000, 0x00008010, 0x40008000);
+ &data_word(0x40008010, 0x00000010, 0x40100000, 0x00108000);
+ # nibble 2
+ &data_word(0x04000001, 0x04040100, 0x00000100, 0x04000101);
+ &data_word(0x00040001, 0x04000000, 0x04000101, 0x00040100);
+ &data_word(0x04000100, 0x00040000, 0x04040000, 0x00000001);
+ &data_word(0x04040101, 0x00000101, 0x00000001, 0x04040001);
+ &data_word(0x00000000, 0x00040001, 0x04040100, 0x00000100);
+ &data_word(0x00000101, 0x04040101, 0x00040000, 0x04000001);
+ &data_word(0x04040001, 0x04000100, 0x00040101, 0x04040000);
+ &data_word(0x00040100, 0x00000000, 0x04000000, 0x00040101);
+ &data_word(0x04040100, 0x00000100, 0x00000001, 0x00040000);
+ &data_word(0x00000101, 0x00040001, 0x04040000, 0x04000101);
+ &data_word(0x00000000, 0x04040100, 0x00040100, 0x04040001);
+ &data_word(0x00040001, 0x04000000, 0x04040101, 0x00000001);
+ &data_word(0x00040101, 0x04000001, 0x04000000, 0x04040101);
+ &data_word(0x00040000, 0x04000100, 0x04000101, 0x00040100);
+ &data_word(0x04000100, 0x00000000, 0x04040001, 0x00000101);
+ &data_word(0x04000001, 0x00040101, 0x00000100, 0x04040000);
+ # nibble 3
+ &data_word(0x00401008, 0x10001000, 0x00000008, 0x10401008);
+ &data_word(0x00000000, 0x10400000, 0x10001008, 0x00400008);
+ &data_word(0x10401000, 0x10000008, 0x10000000, 0x00001008);
+ &data_word(0x10000008, 0x00401008, 0x00400000, 0x10000000);
+ &data_word(0x10400008, 0x00401000, 0x00001000, 0x00000008);
+ &data_word(0x00401000, 0x10001008, 0x10400000, 0x00001000);
+ &data_word(0x00001008, 0x00000000, 0x00400008, 0x10401000);
+ &data_word(0x10001000, 0x10400008, 0x10401008, 0x00400000);
+ &data_word(0x10400008, 0x00001008, 0x00400000, 0x10000008);
+ &data_word(0x00401000, 0x10001000, 0x00000008, 0x10400000);
+ &data_word(0x10001008, 0x00000000, 0x00001000, 0x00400008);
+ &data_word(0x00000000, 0x10400008, 0x10401000, 0x00001000);
+ &data_word(0x10000000, 0x10401008, 0x00401008, 0x00400000);
+ &data_word(0x10401008, 0x00000008, 0x10001000, 0x00401008);
+ &data_word(0x00400008, 0x00401000, 0x10400000, 0x10001008);
+ &data_word(0x00001008, 0x10000000, 0x10000008, 0x10401000);
+ # nibble 4
+ &data_word(0x08000000, 0x00010000, 0x00000400, 0x08010420);
+ &data_word(0x08010020, 0x08000400, 0x00010420, 0x08010000);
+ &data_word(0x00010000, 0x00000020, 0x08000020, 0x00010400);
+ &data_word(0x08000420, 0x08010020, 0x08010400, 0x00000000);
+ &data_word(0x00010400, 0x08000000, 0x00010020, 0x00000420);
+ &data_word(0x08000400, 0x00010420, 0x00000000, 0x08000020);
+ &data_word(0x00000020, 0x08000420, 0x08010420, 0x00010020);
+ &data_word(0x08010000, 0x00000400, 0x00000420, 0x08010400);
+ &data_word(0x08010400, 0x08000420, 0x00010020, 0x08010000);
+ &data_word(0x00010000, 0x00000020, 0x08000020, 0x08000400);
+ &data_word(0x08000000, 0x00010400, 0x08010420, 0x00000000);
+ &data_word(0x00010420, 0x08000000, 0x00000400, 0x00010020);
+ &data_word(0x08000420, 0x00000400, 0x00000000, 0x08010420);
+ &data_word(0x08010020, 0x08010400, 0x00000420, 0x00010000);
+ &data_word(0x00010400, 0x08010020, 0x08000400, 0x00000420);
+ &data_word(0x00000020, 0x00010420, 0x08010000, 0x08000020);
+ # nibble 5
+ &data_word(0x80000040, 0x00200040, 0x00000000, 0x80202000);
+ &data_word(0x00200040, 0x00002000, 0x80002040, 0x00200000);
+ &data_word(0x00002040, 0x80202040, 0x00202000, 0x80000000);
+ &data_word(0x80002000, 0x80000040, 0x80200000, 0x00202040);
+ &data_word(0x00200000, 0x80002040, 0x80200040, 0x00000000);
+ &data_word(0x00002000, 0x00000040, 0x80202000, 0x80200040);
+ &data_word(0x80202040, 0x80200000, 0x80000000, 0x00002040);
+ &data_word(0x00000040, 0x00202000, 0x00202040, 0x80002000);
+ &data_word(0x00002040, 0x80000000, 0x80002000, 0x00202040);
+ &data_word(0x80202000, 0x00200040, 0x00000000, 0x80002000);
+ &data_word(0x80000000, 0x00002000, 0x80200040, 0x00200000);
+ &data_word(0x00200040, 0x80202040, 0x00202000, 0x00000040);
+ &data_word(0x80202040, 0x00202000, 0x00200000, 0x80002040);
+ &data_word(0x80000040, 0x80200000, 0x00202040, 0x00000000);
+ &data_word(0x00002000, 0x80000040, 0x80002040, 0x80202000);
+ &data_word(0x80200000, 0x00002040, 0x00000040, 0x80200040);
+ # nibble 6
+ &data_word(0x00004000, 0x00000200, 0x01000200, 0x01000004);
+ &data_word(0x01004204, 0x00004004, 0x00004200, 0x00000000);
+ &data_word(0x01000000, 0x01000204, 0x00000204, 0x01004000);
+ &data_word(0x00000004, 0x01004200, 0x01004000, 0x00000204);
+ &data_word(0x01000204, 0x00004000, 0x00004004, 0x01004204);
+ &data_word(0x00000000, 0x01000200, 0x01000004, 0x00004200);
+ &data_word(0x01004004, 0x00004204, 0x01004200, 0x00000004);
+ &data_word(0x00004204, 0x01004004, 0x00000200, 0x01000000);
+ &data_word(0x00004204, 0x01004000, 0x01004004, 0x00000204);
+ &data_word(0x00004000, 0x00000200, 0x01000000, 0x01004004);
+ &data_word(0x01000204, 0x00004204, 0x00004200, 0x00000000);
+ &data_word(0x00000200, 0x01000004, 0x00000004, 0x01000200);
+ &data_word(0x00000000, 0x01000204, 0x01000200, 0x00004200);
+ &data_word(0x00000204, 0x00004000, 0x01004204, 0x01000000);
+ &data_word(0x01004200, 0x00000004, 0x00004004, 0x01004204);
+ &data_word(0x01000004, 0x01004200, 0x01004000, 0x00004004);
+ # nibble 7
+ &data_word(0x20800080, 0x20820000, 0x00020080, 0x00000000);
+ &data_word(0x20020000, 0x00800080, 0x20800000, 0x20820080);
+ &data_word(0x00000080, 0x20000000, 0x00820000, 0x00020080);
+ &data_word(0x00820080, 0x20020080, 0x20000080, 0x20800000);
+ &data_word(0x00020000, 0x00820080, 0x00800080, 0x20020000);
+ &data_word(0x20820080, 0x20000080, 0x00000000, 0x00820000);
+ &data_word(0x20000000, 0x00800000, 0x20020080, 0x20800080);
+ &data_word(0x00800000, 0x00020000, 0x20820000, 0x00000080);
+ &data_word(0x00800000, 0x00020000, 0x20000080, 0x20820080);
+ &data_word(0x00020080, 0x20000000, 0x00000000, 0x00820000);
+ &data_word(0x20800080, 0x20020080, 0x20020000, 0x00800080);
+ &data_word(0x20820000, 0x00000080, 0x00800080, 0x20020000);
+ &data_word(0x20820080, 0x00800000, 0x20800000, 0x20000080);
+ &data_word(0x00820000, 0x00020080, 0x20020080, 0x20800000);
+ &data_word(0x00000080, 0x20820000, 0x00820080, 0x00000000);
+ &data_word(0x20000000, 0x20800080, 0x00020000, 0x00820080);
+ }
Modified: trunk/crypto/openssl/crypto/des/asm/des_enc.m4
===================================================================
--- trunk/crypto/openssl/crypto/des/asm/des_enc.m4 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/des/asm/des_enc.m4 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1954,9 +1954,11 @@
.word LOOPS ! 280
.word 0x0000FC00 ! 284
- .type .PIC.DES_SPtrans,#object
- .size .PIC.DES_SPtrans,2048
+ .global DES_SPtrans
+ .type DES_SPtrans,#object
+ .size DES_SPtrans,2048
.align 64
+DES_SPtrans:
.PIC.DES_SPtrans:
! nibble 0
.word 0x02080800, 0x00080000, 0x02000002, 0x02080802
Modified: trunk/crypto/openssl/crypto/des/des-lib.com
===================================================================
--- trunk/crypto/openssl/crypto/des/des-lib.com 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/des/des-lib.com 2015-07-21 23:23:45 UTC (rev 7118)
@@ -659,13 +659,13 @@
$!
$ ELSE
$!
-$! Else, Check To See If P1 Has A Valid Arguement.
+$! Else, Check To See If P1 Has A Valid Argument.
$!
$ IF (P1.EQS."LIBRARY").OR.(P1.EQS."DESTEST").OR.(P1.EQS."SPEED") -
.OR.(P1.EQS."RPW").OR.(P1.EQS."DES").OR.(P1.EQS."DES_OPTS")
$ THEN
$!
-$! A Valid Arguement.
+$! A Valid Argument.
$!
$ BUILDALL = P1
$!
@@ -678,7 +678,7 @@
$ WRITE SYS$OUTPUT ""
$ WRITE SYS$OUTPUT "The Option ",P1," Is Invalid. The Valid Options Are:"
$ WRITE SYS$OUTPUT ""
-$ WRITE SYS$OUTPUT " ALL : Just Build Everything.
+$ WRITE SYS$OUTPUT " ALL : Just Build Everything."
$ WRITE SYS$OUTPUT " LIBRARY : To Compile Just The [.xxx.EXE.CRYPTO.DES]LIBDES.OLB Library."
$ WRITE SYS$OUTPUT " DESTEST : To Compile Just The [.xxx.EXE.CRYPTO.DES]DESTEST.EXE Program."
$ WRITE SYS$OUTPUT " SPEED : To Compile Just The [.xxx.EXE.CRYPTO.DES]SPEED.EXE Program."
@@ -697,7 +697,7 @@
$!
$ EXIT
$!
-$! End The Valid Arguement Check.
+$! End The Valid Argument Check.
$!
$ ENDIF
$!
@@ -754,7 +754,7 @@
$!
$ EXIT
$!
-$! End The Valid Arguement Check.
+$! End The Valid Argument Check.
$!
$ ENDIF
$!
@@ -978,7 +978,7 @@
$!
$ WRITE SYS$OUTPUT "Main Compiling Command: ",CC
$!
-$! Else The User Entered An Invalid Arguement.
+$! Else The User Entered An Invalid Argument.
$!
$ ELSE
$!
Modified: trunk/crypto/openssl/crypto/des/des.c
===================================================================
--- trunk/crypto/openssl/crypto/des/des.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/des/des.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -455,8 +455,10 @@
rem = l % 8;
len = l - rem;
if (feof(DES_IN)) {
- for (i = 7 - rem; i > 0; i--)
- RAND_pseudo_bytes(buf + l++, 1);
+ for (i = 7 - rem; i > 0; i--) {
+ if (RAND_pseudo_bytes(buf + l++, 1) < 0)
+ goto problems;
+ }
buf[l++] = rem;
ex = 1;
len += rem;
Modified: trunk/crypto/openssl/crypto/des/des.h
===================================================================
--- trunk/crypto/openssl/crypto/des/des.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/des/des.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -231,6 +231,10 @@
int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule);
int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule);
void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule);
+# ifdef OPENSSL_FIPS
+void private_DES_set_key_unchecked(const_DES_cblock *key,
+ DES_key_schedule *schedule);
+# endif
void DES_string_to_key(const char *str, DES_cblock *key);
void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2);
void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
Modified: trunk/crypto/openssl/crypto/des/des_enc.c
===================================================================
--- trunk/crypto/openssl/crypto/des/des_enc.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/des/des_enc.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -57,6 +57,7 @@
*/
#include "des_locl.h"
+#include "spr.h"
void DES_encrypt1(DES_LONG *data, DES_key_schedule *ks, int enc)
{
@@ -109,11 +110,9 @@
D_ENCRYPT(l, r, 28); /* 15 */
D_ENCRYPT(r, l, 30); /* 16 */
#else
- for (i = 0; i < 32; i += 8) {
+ for (i = 0; i < 32; i += 4) {
D_ENCRYPT(l, r, i + 0); /* 1 */
D_ENCRYPT(r, l, i + 2); /* 2 */
- D_ENCRYPT(l, r, i + 4); /* 3 */
- D_ENCRYPT(r, l, i + 6); /* 4 */
}
#endif
} else {
@@ -135,11 +134,9 @@
D_ENCRYPT(l, r, 2); /* 2 */
D_ENCRYPT(r, l, 0); /* 1 */
#else
- for (i = 30; i > 0; i -= 8) {
+ for (i = 30; i > 0; i -= 4) {
D_ENCRYPT(l, r, i - 0); /* 16 */
D_ENCRYPT(r, l, i - 2); /* 15 */
- D_ENCRYPT(l, r, i - 4); /* 14 */
- D_ENCRYPT(r, l, i - 6); /* 13 */
}
#endif
}
@@ -203,11 +200,9 @@
D_ENCRYPT(l, r, 28); /* 15 */
D_ENCRYPT(r, l, 30); /* 16 */
#else
- for (i = 0; i < 32; i += 8) {
+ for (i = 0; i < 32; i += 4) {
D_ENCRYPT(l, r, i + 0); /* 1 */
D_ENCRYPT(r, l, i + 2); /* 2 */
- D_ENCRYPT(l, r, i + 4); /* 3 */
- D_ENCRYPT(r, l, i + 6); /* 4 */
}
#endif
} else {
@@ -229,11 +224,9 @@
D_ENCRYPT(l, r, 2); /* 2 */
D_ENCRYPT(r, l, 0); /* 1 */
#else
- for (i = 30; i > 0; i -= 8) {
+ for (i = 30; i > 0; i -= 4) {
D_ENCRYPT(l, r, i - 0); /* 16 */
D_ENCRYPT(r, l, i - 2); /* 15 */
- D_ENCRYPT(l, r, i - 4); /* 14 */
- D_ENCRYPT(r, l, i - 6); /* 13 */
}
#endif
}
@@ -285,11 +278,9 @@
#ifndef DES_DEFAULT_OPTIONS
-# if !defined(OPENSSL_FIPS_DES_ASM)
+# undef CBC_ENC_C__DONT_UPDATE_IV
+# include "ncbc_enc.c" /* DES_ncbc_encrypt */
-# undef CBC_ENC_C__DONT_UPDATE_IV
-# include "ncbc_enc.c" /* DES_ncbc_encrypt */
-
void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output,
long length, DES_key_schedule *ks1,
DES_key_schedule *ks2, DES_key_schedule *ks3,
@@ -395,6 +386,4 @@
tin[0] = tin[1] = 0;
}
-# endif
-
#endif /* DES_DEFAULT_OPTIONS */
Modified: trunk/crypto/openssl/crypto/des/des_locl.h
===================================================================
--- trunk/crypto/openssl/crypto/des/des_locl.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/des/des_locl.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -61,7 +61,7 @@
# include <openssl/e_os2.h>
-# if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN16)
+# if defined(OPENSSL_SYS_WIN32)
# ifndef OPENSSL_SYS_MSDOS
# define OPENSSL_SYS_MSDOS
# endif
@@ -434,4 +434,8 @@
void fcrypt_body(DES_LONG *out, DES_key_schedule *ks,
DES_LONG Eswap0, DES_LONG Eswap1);
+
+# ifdef OPENSSL_SMALL_FOOTPRINT
+# undef DES_UNROLL
+# endif
#endif
Modified: trunk/crypto/openssl/crypto/des/ecb_enc.c
===================================================================
--- trunk/crypto/openssl/crypto/des/ecb_enc.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/des/ecb_enc.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -57,8 +57,52 @@
*/
#include "des_locl.h"
-#include "spr.h"
+#include "des_ver.h"
+#include <openssl/opensslv.h>
+#include <openssl/bio.h>
+OPENSSL_GLOBAL const char libdes_version[] = "libdes" OPENSSL_VERSION_PTEXT;
+OPENSSL_GLOBAL const char DES_version[] = "DES" OPENSSL_VERSION_PTEXT;
+
+const char *DES_options(void)
+{
+ static int init = 1;
+ static char buf[32];
+
+ if (init) {
+ const char *ptr, *unroll, *risc, *size;
+
+#ifdef DES_PTR
+ ptr = "ptr";
+#else
+ ptr = "idx";
+#endif
+#if defined(DES_RISC1) || defined(DES_RISC2)
+# ifdef DES_RISC1
+ risc = "risc1";
+# endif
+# ifdef DES_RISC2
+ risc = "risc2";
+# endif
+#else
+ risc = "cisc";
+#endif
+#ifdef DES_UNROLL
+ unroll = "16";
+#else
+ unroll = "2";
+#endif
+ if (sizeof(DES_LONG) != sizeof(long))
+ size = "int";
+ else
+ size = "long";
+ BIO_snprintf(buf, sizeof buf, "des(%s,%s,%s,%s)", ptr, risc, unroll,
+ size);
+ init = 0;
+ }
+ return (buf);
+}
+
void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
DES_key_schedule *ks, int enc)
{
Modified: trunk/crypto/openssl/crypto/des/enc_read.c
===================================================================
--- trunk/crypto/openssl/crypto/des/enc_read.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/des/enc_read.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -65,7 +65,7 @@
/*
* extern int errno;
*/
-OPENSSL_IMPLEMENT_GLOBAL(int, DES_rw_mode) = DES_PCBC_MODE;
+OPENSSL_IMPLEMENT_GLOBAL(int, DES_rw_mode, DES_PCBC_MODE)
/*-
* WARNINGS:
@@ -83,10 +83,12 @@
* - This function uses an internal state and thus cannot be
* used on multiple files.
*/
-
int DES_enc_read(int fd, void *buf, int len, DES_key_schedule *sched,
DES_cblock *iv)
{
+#if defined(OPENSSL_NO_POSIX_IO)
+ return (0);
+#else
/* data to be unencrypted */
int net_num = 0;
static unsigned char *net = NULL;
@@ -145,15 +147,15 @@
/* first - get the length */
while (net_num < HDRSIZE) {
-#ifndef _WIN32
+# ifndef OPENSSL_SYS_WIN32
i = read(fd, (void *)&(net[net_num]), HDRSIZE - net_num);
-#else
+# else
i = _read(fd, (void *)&(net[net_num]), HDRSIZE - net_num);
-#endif
-#ifdef EINTR
+# endif
+# ifdef EINTR
if ((i == -1) && (errno == EINTR))
continue;
-#endif
+# endif
if (i <= 0)
return (0);
net_num += i;
@@ -173,11 +175,15 @@
net_num = 0;
while (net_num < rnum) {
+# ifndef OPENSSL_SYS_WIN32
i = read(fd, (void *)&(net[net_num]), rnum - net_num);
-#ifdef EINTR
+# else
+ i = _read(fd, (void *)&(net[net_num]), rnum - net_num);
+# endif
+# ifdef EINTR
if ((i == -1) && (errno == EINTR))
continue;
-#endif
+# endif
if (i <= 0)
return (0);
net_num += i;
@@ -225,4 +231,5 @@
}
}
return num;
+#endif /* OPENSSL_NO_POSIX_IO */
}
Modified: trunk/crypto/openssl/crypto/des/enc_writ.c
===================================================================
--- trunk/crypto/openssl/crypto/des/enc_writ.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/des/enc_writ.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -80,10 +80,13 @@
int DES_enc_write(int fd, const void *_buf, int len,
DES_key_schedule *sched, DES_cblock *iv)
{
-#ifdef _LIBC
+#if defined(OPENSSL_NO_POSIX_IO)
+ return (-1);
+#else
+# ifdef _LIBC
extern unsigned long time();
extern int write();
-#endif
+# endif
const unsigned char *buf = _buf;
long rnum;
int i, j, k, outnum;
@@ -93,6 +96,9 @@
const unsigned char *cp;
static int start = 1;
+ if (len < 0)
+ return -1;
+
if (outbuf == NULL) {
outbuf = OPENSSL_malloc(BSIZE + HDRSIZE);
if (outbuf == NULL)
@@ -129,7 +135,9 @@
if (len < 8) {
cp = shortbuf;
memcpy(shortbuf, buf, len);
- RAND_pseudo_bytes(shortbuf + len, 8 - len);
+ if (RAND_pseudo_bytes(shortbuf + len, 8 - len) < 0) {
+ return -1;
+ }
rnum = 8;
} else {
cp = buf;
@@ -150,17 +158,17 @@
/*
* eay 26/08/92 I was not doing writing from where we got up to.
*/
-#ifndef _WIN32
+# ifndef _WIN32
i = write(fd, (void *)&(outbuf[j]), outnum - j);
-#else
+# else
i = _write(fd, (void *)&(outbuf[j]), outnum - j);
-#endif
+# endif
if (i == -1) {
-#ifdef EINTR
+# ifdef EINTR
if (errno == EINTR)
i = 0;
else
-#endif
+# endif
/*
* This is really a bad error - very bad It will stuff-up
* both ends.
@@ -170,4 +178,5 @@
}
return (len);
+#endif /* OPENSSL_NO_POSIX_IO */
}
Modified: trunk/crypto/openssl/crypto/des/fcrypt_b.c
===================================================================
--- trunk/crypto/openssl/crypto/des/fcrypt_b.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/des/fcrypt_b.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -99,11 +99,9 @@
#ifndef DES_UNROLL
register int i;
- for (i = 0; i < 32; i += 8) {
+ for (i = 0; i < 32; i += 4) {
D_ENCRYPT(l, r, i + 0); /* 1 */
D_ENCRYPT(r, l, i + 2); /* 2 */
- D_ENCRYPT(l, r, i + 4); /* 1 */
- D_ENCRYPT(r, l, i + 6); /* 2 */
}
#else
D_ENCRYPT(l, r, 0); /* 1 */
Modified: trunk/crypto/openssl/crypto/des/set_key.c
===================================================================
--- trunk/crypto/openssl/crypto/des/set_key.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/des/set_key.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -64,13 +64,13 @@
* 1.1 added norm_expand_bits
* 1.0 First working version
*/
+#include <openssl/crypto.h>
#include "des_locl.h"
-#ifdef OPENSSL_FIPS
-# include <openssl/fips.h>
-#endif
-OPENSSL_IMPLEMENT_GLOBAL(int, DES_check_key); /* defaults to false */
-
+OPENSSL_IMPLEMENT_GLOBAL(int, DES_check_key, 0)
+ /*
+ * defaults to false
+ */
static const unsigned char odd_parity[256] = {
1, 1, 2, 2, 4, 4, 7, 7, 8, 8, 11, 11, 13, 13, 14, 14,
16, 16, 19, 19, 21, 21, 22, 22, 25, 25, 26, 26, 28, 28, 31, 31,
@@ -359,8 +359,17 @@
}
void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule)
+#ifdef OPENSSL_FIPS
{
- static int shifts2[16] =
+ fips_cipher_abort(DES);
+ private_DES_set_key_unchecked(key, schedule);
+}
+
+void private_DES_set_key_unchecked(const_DES_cblock *key,
+ DES_key_schedule *schedule)
+#endif
+{
+ static const int shifts2[16] =
{ 0, 0, 1, 1, 1, 1, 1, 1, 0, 1, 1, 1, 1, 1, 1, 0 };
register DES_LONG c, d, t, s, t2;
register const unsigned char *in;
@@ -374,10 +383,6 @@
k = &schedule->ks->deslong[0];
in = &(*key)[0];
-#ifdef OPENSSL_FIPS
- FIPS_selftest_check();
-#endif
-
c2l(in, c);
c2l(in, d);
Modified: trunk/crypto/openssl/crypto/des/str2key.c
===================================================================
--- trunk/crypto/openssl/crypto/des/str2key.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/des/str2key.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -56,8 +56,8 @@
* [including the GNU Public Licence.]
*/
+#include <openssl/crypto.h>
#include "des_locl.h"
-#include <openssl/crypto.h>
void DES_string_to_key(const char *str, DES_cblock *key)
{
Modified: trunk/crypto/openssl/crypto/des/xcbc_enc.c
===================================================================
--- trunk/crypto/openssl/crypto/des/xcbc_enc.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/des/xcbc_enc.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -62,7 +62,7 @@
#if 0 /* broken code, preserved just in case anyone
* specifically looks for this */
-static unsigned char desx_white_in2out[256] = {
+static const unsigned char desx_white_in2out[256] = {
0xBD, 0x56, 0xEA, 0xF2, 0xA2, 0xF1, 0xAC, 0x2A, 0xB0, 0x93, 0xD1, 0x9C,
0x1B, 0x33, 0xFD, 0xD0,
0x30, 0x04, 0xB6, 0xDC, 0x7D, 0xDF, 0x32, 0x4B, 0xF7, 0xCB, 0x45, 0x9B,
Modified: trunk/crypto/openssl/crypto/dh/Makefile
===================================================================
--- trunk/crypto/openssl/crypto/dh/Makefile 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/dh/Makefile 2015-07-21 23:23:45 UTC (rev 7118)
@@ -17,8 +17,10 @@
APPS=
LIB=$(TOP)/libcrypto.a
-LIBSRC= dh_asn1.c dh_gen.c dh_key.c dh_lib.c dh_check.c dh_err.c dh_depr.c
-LIBOBJ= dh_asn1.o dh_gen.o dh_key.o dh_lib.o dh_check.o dh_err.o dh_depr.o
+LIBSRC= dh_asn1.c dh_gen.c dh_key.c dh_lib.c dh_check.c dh_err.c dh_depr.c \
+ dh_ameth.c dh_pmeth.c dh_prn.c
+LIBOBJ= dh_asn1.o dh_gen.o dh_key.o dh_lib.o dh_check.o dh_err.o dh_depr.o \
+ dh_ameth.o dh_pmeth.o dh_prn.o
SRC= $(LIBSRC)
@@ -33,7 +35,7 @@
all: lib
lib: $(LIBOBJ)
- $(ARX) $(LIB) $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
@@ -61,6 +63,8 @@
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
+update: depend
+
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
@@ -74,6 +78,21 @@
# DO NOT DELETE THIS LINE -- make depend depends on it.
+dh_ameth.o: ../../e_os.h ../../include/openssl/asn1.h
+dh_ameth.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+dh_ameth.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dh_ameth.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h
+dh_ameth.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+dh_ameth.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
+dh_ameth.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+dh_ameth.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+dh_ameth.o: ../../include/openssl/opensslconf.h
+dh_ameth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dh_ameth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+dh_ameth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+dh_ameth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+dh_ameth.o: ../../include/openssl/x509_vfy.h ../asn1/asn1_locl.h ../cryptlib.h
+dh_ameth.o: dh_ameth.c
dh_asn1.o: ../../e_os.h ../../include/openssl/asn1.h
dh_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
dh_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
@@ -129,11 +148,35 @@
dh_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
dh_lib.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
dh_lib.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-dh_lib.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-dh_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-dh_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-dh_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-dh_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-dh_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-dh_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-dh_lib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h dh_lib.c
+dh_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+dh_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+dh_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+dh_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+dh_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+dh_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+dh_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+dh_lib.o: ../cryptlib.h dh_lib.c
+dh_pmeth.o: ../../e_os.h ../../include/openssl/asn1.h
+dh_pmeth.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+dh_pmeth.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+dh_pmeth.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+dh_pmeth.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+dh_pmeth.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+dh_pmeth.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+dh_pmeth.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+dh_pmeth.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+dh_pmeth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dh_pmeth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+dh_pmeth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+dh_pmeth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+dh_pmeth.o: ../../include/openssl/x509_vfy.h ../cryptlib.h ../evp/evp_locl.h
+dh_pmeth.o: dh_pmeth.c
+dh_prn.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+dh_prn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dh_prn.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h
+dh_prn.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+dh_prn.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+dh_prn.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+dh_prn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dh_prn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+dh_prn.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_prn.c
Modified: trunk/crypto/openssl/crypto/dh/dh.h
===================================================================
--- trunk/crypto/openssl/crypto/dh/dh.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/dh/dh.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -77,8 +77,6 @@
# define OPENSSL_DH_MAX_MODULUS_BITS 10000
# endif
-# define OPENSSL_DH_FIPS_MIN_MODULUS_BITS 1024
-
# define DH_FLAG_CACHE_MONT_P 0x01
/*
@@ -91,6 +89,23 @@
*/
# define DH_FLAG_NO_EXP_CONSTTIME 0x02
+/*
+ * If this flag is set the DH method is FIPS compliant and can be used in
+ * FIPS mode. This is set in the validated module method. If an application
+ * sets this flag in its own methods it is its reposibility to ensure the
+ * result is compliant.
+ */
+
+# define DH_FLAG_FIPS_METHOD 0x0400
+
+/*
+ * If this flag is set the operations normally disabled in FIPS mode are
+ * permitted it is then the applications responsibility to ensure that the
+ * usage is compliant.
+ */
+
+# define DH_FLAG_NON_FIPS_ALLOW 0x0400
+
#ifdef __cplusplus
extern "C" {
#endif
@@ -163,7 +178,6 @@
*/
# define DH_CHECK_P_NOT_STRONG_PRIME DH_CHECK_P_NOT_SAFE_PRIME
-# define DHparams_dup(x) ASN1_dup_of_const(DH,i2d_DHparams,d2i_DHparams,x)
# define d2i_DHparams_fp(fp,x) (DH *)ASN1_d2i_fp((char *(*)())DH_new, \
(char *(*)())d2i_DHparams,(fp),(unsigned char **)(x))
# define i2d_DHparams_fp(fp,x) ASN1_i2d_fp(i2d_DHparams,(fp), \
@@ -171,13 +185,10 @@
# define d2i_DHparams_bio(bp,x) ASN1_d2i_bio_of(DH,DH_new,d2i_DHparams,bp,x)
# define i2d_DHparams_bio(bp,x) ASN1_i2d_bio_of_const(DH,i2d_DHparams,bp,x)
+DH *DHparams_dup(DH *);
+
const DH_METHOD *DH_OpenSSL(void);
-# ifdef OPENSSL_FIPS
-DH *FIPS_dh_new(void);
-void FIPS_dh_free(DH *dh);
-# endif
-
void DH_set_default_method(const DH_METHOD *meth);
const DH_METHOD *DH_get_default_method(void);
int DH_set_method(DH *dh, const DH_METHOD *meth);
@@ -217,6 +228,17 @@
int DHparams_print(char *bp, const DH *x);
# endif
+# define EVP_PKEY_CTX_set_dh_paramgen_prime_len(ctx, len) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
+ EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN, len, NULL)
+
+# define EVP_PKEY_CTX_set_dh_paramgen_generator(ctx, gen) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
+ EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR, gen, NULL)
+
+# define EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN (EVP_PKEY_ALG_CTRL + 1)
+# define EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR (EVP_PKEY_ALG_CTRL + 2)
+
/* BEGIN ERROR CODES */
/*
* The following lines are auto generated by the script mkerr.pl. Any changes
@@ -228,22 +250,36 @@
/* Function codes. */
# define DH_F_COMPUTE_KEY 102
-# define DH_F_DHPARAMS_PRINT 100
# define DH_F_DHPARAMS_PRINT_FP 101
# define DH_F_DH_BUILTIN_GENPARAMS 106
-# define DH_F_DH_COMPUTE_KEY 107
-# define DH_F_DH_GENERATE_KEY 108
-# define DH_F_DH_GENERATE_PARAMETERS 109
+# define DH_F_DH_COMPUTE_KEY 114
+# define DH_F_DH_GENERATE_KEY 115
+# define DH_F_DH_GENERATE_PARAMETERS_EX 116
# define DH_F_DH_NEW_METHOD 105
+# define DH_F_DH_PARAM_DECODE 107
+# define DH_F_DH_PRIV_DECODE 110
+# define DH_F_DH_PRIV_ENCODE 111
+# define DH_F_DH_PUB_DECODE 108
+# define DH_F_DH_PUB_ENCODE 109
+# define DH_F_DO_DH_PRINT 100
# define DH_F_GENERATE_KEY 103
# define DH_F_GENERATE_PARAMETERS 104
+# define DH_F_PKEY_DH_DERIVE 112
+# define DH_F_PKEY_DH_KEYGEN 113
/* Reason codes. */
# define DH_R_BAD_GENERATOR 101
+# define DH_R_BN_DECODE_ERROR 109
+# define DH_R_BN_ERROR 106
+# define DH_R_DECODE_ERROR 104
# define DH_R_INVALID_PUBKEY 102
-# define DH_R_KEY_SIZE_TOO_SMALL 104
+# define DH_R_KEYS_NOT_SET 108
+# define DH_R_KEY_SIZE_TOO_SMALL 110
# define DH_R_MODULUS_TOO_LARGE 103
+# define DH_R_NON_FIPS_METHOD 111
+# define DH_R_NO_PARAMETERS_SET 107
# define DH_R_NO_PRIVATE_VALUE 100
+# define DH_R_PARAMETER_ENCODING_ERROR 105
#ifdef __cplusplus
}
Copied: trunk/crypto/openssl/crypto/dh/dh_ameth.c (from rev 7117, vendor-crypto/openssl/dist/crypto/dh/dh_ameth.c)
===================================================================
--- trunk/crypto/openssl/crypto/dh/dh_ameth.c (rev 0)
+++ trunk/crypto/openssl/crypto/dh/dh_ameth.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,492 @@
+/*
+ * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+ * 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/x509.h>
+#include <openssl/asn1.h>
+#include <openssl/dh.h>
+#include <openssl/bn.h>
+#include "asn1_locl.h"
+
+static void int_dh_free(EVP_PKEY *pkey)
+{
+ DH_free(pkey->pkey.dh);
+}
+
+static int dh_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
+{
+ const unsigned char *p, *pm;
+ int pklen, pmlen;
+ int ptype;
+ void *pval;
+ ASN1_STRING *pstr;
+ X509_ALGOR *palg;
+ ASN1_INTEGER *public_key = NULL;
+
+ DH *dh = NULL;
+
+ if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, &palg, pubkey))
+ return 0;
+ X509_ALGOR_get0(NULL, &ptype, &pval, palg);
+
+ if (ptype != V_ASN1_SEQUENCE) {
+ DHerr(DH_F_DH_PUB_DECODE, DH_R_PARAMETER_ENCODING_ERROR);
+ goto err;
+ }
+
+ pstr = pval;
+ pm = pstr->data;
+ pmlen = pstr->length;
+
+ if (!(dh = d2i_DHparams(NULL, &pm, pmlen))) {
+ DHerr(DH_F_DH_PUB_DECODE, DH_R_DECODE_ERROR);
+ goto err;
+ }
+
+ if (!(public_key = d2i_ASN1_INTEGER(NULL, &p, pklen))) {
+ DHerr(DH_F_DH_PUB_DECODE, DH_R_DECODE_ERROR);
+ goto err;
+ }
+
+ /* We have parameters now set public key */
+ if (!(dh->pub_key = ASN1_INTEGER_to_BN(public_key, NULL))) {
+ DHerr(DH_F_DH_PUB_DECODE, DH_R_BN_DECODE_ERROR);
+ goto err;
+ }
+
+ ASN1_INTEGER_free(public_key);
+ EVP_PKEY_assign_DH(pkey, dh);
+ return 1;
+
+ err:
+ if (public_key)
+ ASN1_INTEGER_free(public_key);
+ if (dh)
+ DH_free(dh);
+ return 0;
+
+}
+
+static int dh_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
+{
+ DH *dh;
+ int ptype;
+ unsigned char *penc = NULL;
+ int penclen;
+ ASN1_STRING *str;
+ ASN1_INTEGER *pub_key = NULL;
+
+ dh = pkey->pkey.dh;
+
+ str = ASN1_STRING_new();
+ if (!str) {
+ DHerr(DH_F_DH_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ str->length = i2d_DHparams(dh, &str->data);
+ if (str->length <= 0) {
+ DHerr(DH_F_DH_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ ptype = V_ASN1_SEQUENCE;
+
+ pub_key = BN_to_ASN1_INTEGER(dh->pub_key, NULL);
+ if (!pub_key)
+ goto err;
+
+ penclen = i2d_ASN1_INTEGER(pub_key, &penc);
+
+ ASN1_INTEGER_free(pub_key);
+
+ if (penclen <= 0) {
+ DHerr(DH_F_DH_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_DH),
+ ptype, str, penc, penclen))
+ return 1;
+
+ err:
+ if (penc)
+ OPENSSL_free(penc);
+ if (str)
+ ASN1_STRING_free(str);
+
+ return 0;
+}
+
+/*
+ * PKCS#8 DH is defined in PKCS#11 of all places. It is similar to DH in that
+ * the AlgorithmIdentifier contains the paramaters, the private key is
+ * explcitly included and the pubkey must be recalculated.
+ */
+
+static int dh_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
+{
+ const unsigned char *p, *pm;
+ int pklen, pmlen;
+ int ptype;
+ void *pval;
+ ASN1_STRING *pstr;
+ X509_ALGOR *palg;
+ ASN1_INTEGER *privkey = NULL;
+
+ DH *dh = NULL;
+
+ if (!PKCS8_pkey_get0(NULL, &p, &pklen, &palg, p8))
+ return 0;
+
+ X509_ALGOR_get0(NULL, &ptype, &pval, palg);
+
+ if (ptype != V_ASN1_SEQUENCE)
+ goto decerr;
+
+ if (!(privkey = d2i_ASN1_INTEGER(NULL, &p, pklen)))
+ goto decerr;
+
+ pstr = pval;
+ pm = pstr->data;
+ pmlen = pstr->length;
+ if (!(dh = d2i_DHparams(NULL, &pm, pmlen)))
+ goto decerr;
+ /* We have parameters now set private key */
+ if (!(dh->priv_key = ASN1_INTEGER_to_BN(privkey, NULL))) {
+ DHerr(DH_F_DH_PRIV_DECODE, DH_R_BN_ERROR);
+ goto dherr;
+ }
+ /* Calculate public key */
+ if (!DH_generate_key(dh))
+ goto dherr;
+
+ EVP_PKEY_assign_DH(pkey, dh);
+
+ ASN1_STRING_clear_free(privkey);
+
+ return 1;
+
+ decerr:
+ DHerr(DH_F_DH_PRIV_DECODE, EVP_R_DECODE_ERROR);
+ dherr:
+ DH_free(dh);
+ ASN1_STRING_clear_free(privkey);
+ return 0;
+}
+
+static int dh_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
+{
+ ASN1_STRING *params = NULL;
+ ASN1_INTEGER *prkey = NULL;
+ unsigned char *dp = NULL;
+ int dplen;
+
+ params = ASN1_STRING_new();
+
+ if (!params) {
+ DHerr(DH_F_DH_PRIV_ENCODE, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ params->length = i2d_DHparams(pkey->pkey.dh, ¶ms->data);
+ if (params->length <= 0) {
+ DHerr(DH_F_DH_PRIV_ENCODE, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ params->type = V_ASN1_SEQUENCE;
+
+ /* Get private key into integer */
+ prkey = BN_to_ASN1_INTEGER(pkey->pkey.dh->priv_key, NULL);
+
+ if (!prkey) {
+ DHerr(DH_F_DH_PRIV_ENCODE, DH_R_BN_ERROR);
+ goto err;
+ }
+
+ dplen = i2d_ASN1_INTEGER(prkey, &dp);
+
+ ASN1_STRING_clear_free(prkey);
+ prkey = NULL;
+
+ if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_dhKeyAgreement), 0,
+ V_ASN1_SEQUENCE, params, dp, dplen))
+ goto err;
+
+ return 1;
+
+ err:
+ if (dp != NULL)
+ OPENSSL_free(dp);
+ if (params != NULL)
+ ASN1_STRING_free(params);
+ if (prkey != NULL)
+ ASN1_STRING_clear_free(prkey);
+ return 0;
+}
+
+static void update_buflen(const BIGNUM *b, size_t *pbuflen)
+{
+ size_t i;
+ if (!b)
+ return;
+ if (*pbuflen < (i = (size_t)BN_num_bytes(b)))
+ *pbuflen = i;
+}
+
+static int dh_param_decode(EVP_PKEY *pkey,
+ const unsigned char **pder, int derlen)
+{
+ DH *dh;
+ if (!(dh = d2i_DHparams(NULL, pder, derlen))) {
+ DHerr(DH_F_DH_PARAM_DECODE, ERR_R_DH_LIB);
+ return 0;
+ }
+ EVP_PKEY_assign_DH(pkey, dh);
+ return 1;
+}
+
+static int dh_param_encode(const EVP_PKEY *pkey, unsigned char **pder)
+{
+ return i2d_DHparams(pkey->pkey.dh, pder);
+}
+
+static int do_dh_print(BIO *bp, const DH *x, int indent,
+ ASN1_PCTX *ctx, int ptype)
+{
+ unsigned char *m = NULL;
+ int reason = ERR_R_BUF_LIB, ret = 0;
+ size_t buf_len = 0;
+
+ const char *ktype = NULL;
+
+ BIGNUM *priv_key, *pub_key;
+
+ if (ptype == 2)
+ priv_key = x->priv_key;
+ else
+ priv_key = NULL;
+
+ if (ptype > 0)
+ pub_key = x->pub_key;
+ else
+ pub_key = NULL;
+
+ update_buflen(x->p, &buf_len);
+
+ if (buf_len == 0) {
+ reason = ERR_R_PASSED_NULL_PARAMETER;
+ goto err;
+ }
+
+ update_buflen(x->g, &buf_len);
+ update_buflen(pub_key, &buf_len);
+ update_buflen(priv_key, &buf_len);
+
+ if (ptype == 2)
+ ktype = "PKCS#3 DH Private-Key";
+ else if (ptype == 1)
+ ktype = "PKCS#3 DH Public-Key";
+ else
+ ktype = "PKCS#3 DH Parameters";
+
+ m = OPENSSL_malloc(buf_len + 10);
+ if (m == NULL) {
+ reason = ERR_R_MALLOC_FAILURE;
+ goto err;
+ }
+
+ BIO_indent(bp, indent, 128);
+ if (BIO_printf(bp, "%s: (%d bit)\n", ktype, BN_num_bits(x->p)) <= 0)
+ goto err;
+ indent += 4;
+
+ if (!ASN1_bn_print(bp, "private-key:", priv_key, m, indent))
+ goto err;
+ if (!ASN1_bn_print(bp, "public-key:", pub_key, m, indent))
+ goto err;
+
+ if (!ASN1_bn_print(bp, "prime:", x->p, m, indent))
+ goto err;
+ if (!ASN1_bn_print(bp, "generator:", x->g, m, indent))
+ goto err;
+ if (x->length != 0) {
+ BIO_indent(bp, indent, 128);
+ if (BIO_printf(bp, "recommended-private-length: %d bits\n",
+ (int)x->length) <= 0)
+ goto err;
+ }
+
+ ret = 1;
+ if (0) {
+ err:
+ DHerr(DH_F_DO_DH_PRINT, reason);
+ }
+ if (m != NULL)
+ OPENSSL_free(m);
+ return (ret);
+}
+
+static int int_dh_size(const EVP_PKEY *pkey)
+{
+ return (DH_size(pkey->pkey.dh));
+}
+
+static int dh_bits(const EVP_PKEY *pkey)
+{
+ return BN_num_bits(pkey->pkey.dh->p);
+}
+
+static int dh_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
+{
+ if (BN_cmp(a->pkey.dh->p, b->pkey.dh->p) ||
+ BN_cmp(a->pkey.dh->g, b->pkey.dh->g))
+ return 0;
+ else
+ return 1;
+}
+
+static int dh_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
+{
+ BIGNUM *a;
+
+ if ((a = BN_dup(from->pkey.dh->p)) == NULL)
+ return 0;
+ if (to->pkey.dh->p != NULL)
+ BN_free(to->pkey.dh->p);
+ to->pkey.dh->p = a;
+
+ if ((a = BN_dup(from->pkey.dh->g)) == NULL)
+ return 0;
+ if (to->pkey.dh->g != NULL)
+ BN_free(to->pkey.dh->g);
+ to->pkey.dh->g = a;
+
+ return 1;
+}
+
+static int dh_missing_parameters(const EVP_PKEY *a)
+{
+ if (!a->pkey.dh->p || !a->pkey.dh->g)
+ return 1;
+ return 0;
+}
+
+static int dh_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
+{
+ if (dh_cmp_parameters(a, b) == 0)
+ return 0;
+ if (BN_cmp(b->pkey.dh->pub_key, a->pkey.dh->pub_key) != 0)
+ return 0;
+ else
+ return 1;
+}
+
+static int dh_param_print(BIO *bp, const EVP_PKEY *pkey, int indent,
+ ASN1_PCTX *ctx)
+{
+ return do_dh_print(bp, pkey->pkey.dh, indent, ctx, 0);
+}
+
+static int dh_public_print(BIO *bp, const EVP_PKEY *pkey, int indent,
+ ASN1_PCTX *ctx)
+{
+ return do_dh_print(bp, pkey->pkey.dh, indent, ctx, 1);
+}
+
+static int dh_private_print(BIO *bp, const EVP_PKEY *pkey, int indent,
+ ASN1_PCTX *ctx)
+{
+ return do_dh_print(bp, pkey->pkey.dh, indent, ctx, 2);
+}
+
+int DHparams_print(BIO *bp, const DH *x)
+{
+ return do_dh_print(bp, x, 4, NULL, 0);
+}
+
+const EVP_PKEY_ASN1_METHOD dh_asn1_meth = {
+ EVP_PKEY_DH,
+ EVP_PKEY_DH,
+ 0,
+
+ "DH",
+ "OpenSSL PKCS#3 DH method",
+
+ dh_pub_decode,
+ dh_pub_encode,
+ dh_pub_cmp,
+ dh_public_print,
+
+ dh_priv_decode,
+ dh_priv_encode,
+ dh_private_print,
+
+ int_dh_size,
+ dh_bits,
+
+ dh_param_decode,
+ dh_param_encode,
+ dh_missing_parameters,
+ dh_copy_parameters,
+ dh_cmp_parameters,
+ dh_param_print,
+ 0,
+
+ int_dh_free,
+ 0
+};
Modified: trunk/crypto/openssl/crypto/dh/dh_asn1.c
===================================================================
--- trunk/crypto/openssl/crypto/dh/dh_asn1.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/dh/dh_asn1.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -4,7 +4,7 @@
* 2000.
*/
/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -65,7 +65,8 @@
#include <openssl/asn1t.h>
/* Override the default free and new methods */
-static int dh_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
+static int dh_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+ void *exarg)
{
if (operation == ASN1_OP_NEW_PRE) {
*pval = (ASN1_VALUE *)DH_new();
@@ -87,3 +88,8 @@
} ASN1_SEQUENCE_END_cb(DH, DHparams)
IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DH, DHparams, DHparams)
+
+DH *DHparams_dup(DH *dh)
+{
+ return ASN1_item_dup(ASN1_ITEM_rptr(DHparams), dh);
+}
Modified: trunk/crypto/openssl/crypto/dh/dh_check.c
===================================================================
--- trunk/crypto/openssl/crypto/dh/dh_check.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/dh/dh_check.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -71,8 +71,6 @@
* should hold.
*/
-#ifndef OPENSSL_FIPS
-
int DH_check(const DH *dh, int *ret)
{
int ok = 0;
@@ -93,13 +91,13 @@
if (l != 11)
*ret |= DH_NOT_SUITABLE_GENERATOR;
}
-# if 0
+#if 0
else if (BN_is_word(dh->g, DH_GENERATOR_3)) {
l = BN_mod_word(dh->p, 12);
if (l != 5)
*ret |= DH_NOT_SUITABLE_GENERATOR;
}
-# endif
+#endif
else if (BN_is_word(dh->g, DH_GENERATOR_5)) {
l = BN_mod_word(dh->p, 10);
if ((l != 3) && (l != 7))
@@ -147,5 +145,3 @@
BN_free(q);
return (ok);
}
-
-#endif
Modified: trunk/crypto/openssl/crypto/dh/dh_err.c
===================================================================
--- trunk/crypto/openssl/crypto/dh/dh_err.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/dh/dh_err.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,6 +1,6 @@
/* crypto/dh/dh_err.c */
/* ====================================================================
- * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -71,24 +71,38 @@
static ERR_STRING_DATA DH_str_functs[] = {
{ERR_FUNC(DH_F_COMPUTE_KEY), "COMPUTE_KEY"},
- {ERR_FUNC(DH_F_DHPARAMS_PRINT), "DHparams_print"},
{ERR_FUNC(DH_F_DHPARAMS_PRINT_FP), "DHparams_print_fp"},
{ERR_FUNC(DH_F_DH_BUILTIN_GENPARAMS), "DH_BUILTIN_GENPARAMS"},
{ERR_FUNC(DH_F_DH_COMPUTE_KEY), "DH_compute_key"},
{ERR_FUNC(DH_F_DH_GENERATE_KEY), "DH_generate_key"},
- {ERR_FUNC(DH_F_DH_GENERATE_PARAMETERS), "DH_generate_parameters"},
+ {ERR_FUNC(DH_F_DH_GENERATE_PARAMETERS_EX), "DH_generate_parameters_ex"},
{ERR_FUNC(DH_F_DH_NEW_METHOD), "DH_new_method"},
+ {ERR_FUNC(DH_F_DH_PARAM_DECODE), "DH_PARAM_DECODE"},
+ {ERR_FUNC(DH_F_DH_PRIV_DECODE), "DH_PRIV_DECODE"},
+ {ERR_FUNC(DH_F_DH_PRIV_ENCODE), "DH_PRIV_ENCODE"},
+ {ERR_FUNC(DH_F_DH_PUB_DECODE), "DH_PUB_DECODE"},
+ {ERR_FUNC(DH_F_DH_PUB_ENCODE), "DH_PUB_ENCODE"},
+ {ERR_FUNC(DH_F_DO_DH_PRINT), "DO_DH_PRINT"},
{ERR_FUNC(DH_F_GENERATE_KEY), "GENERATE_KEY"},
{ERR_FUNC(DH_F_GENERATE_PARAMETERS), "GENERATE_PARAMETERS"},
+ {ERR_FUNC(DH_F_PKEY_DH_DERIVE), "PKEY_DH_DERIVE"},
+ {ERR_FUNC(DH_F_PKEY_DH_KEYGEN), "PKEY_DH_KEYGEN"},
{0, NULL}
};
static ERR_STRING_DATA DH_str_reasons[] = {
{ERR_REASON(DH_R_BAD_GENERATOR), "bad generator"},
+ {ERR_REASON(DH_R_BN_DECODE_ERROR), "bn decode error"},
+ {ERR_REASON(DH_R_BN_ERROR), "bn error"},
+ {ERR_REASON(DH_R_DECODE_ERROR), "decode error"},
{ERR_REASON(DH_R_INVALID_PUBKEY), "invalid public key"},
+ {ERR_REASON(DH_R_KEYS_NOT_SET), "keys not set"},
{ERR_REASON(DH_R_KEY_SIZE_TOO_SMALL), "key size too small"},
{ERR_REASON(DH_R_MODULUS_TOO_LARGE), "modulus too large"},
+ {ERR_REASON(DH_R_NON_FIPS_METHOD), "non fips method"},
+ {ERR_REASON(DH_R_NO_PARAMETERS_SET), "no parameters set"},
{ERR_REASON(DH_R_NO_PRIVATE_VALUE), "no private value"},
+ {ERR_REASON(DH_R_PARAMETER_ENCODING_ERROR), "parameter encoding error"},
{0, NULL}
};
Modified: trunk/crypto/openssl/crypto/dh/dh_gen.c
===================================================================
--- trunk/crypto/openssl/crypto/dh/dh_gen.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/dh/dh_gen.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -66,7 +66,9 @@
#include <openssl/bn.h>
#include <openssl/dh.h>
-#ifndef OPENSSL_FIPS
+#ifdef OPENSSL_FIPS
+# include <openssl/fips.h>
+#endif
static int dh_builtin_genparams(DH *ret, int prime_len, int generator,
BN_GENCB *cb);
@@ -74,8 +76,19 @@
int DH_generate_parameters_ex(DH *ret, int prime_len, int generator,
BN_GENCB *cb)
{
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode() && !(ret->meth->flags & DH_FLAG_FIPS_METHOD)
+ && !(ret->flags & DH_FLAG_NON_FIPS_ALLOW)) {
+ DHerr(DH_F_DH_GENERATE_PARAMETERS_EX, DH_R_NON_FIPS_METHOD);
+ return 0;
+ }
+#endif
if (ret->meth->generate_params)
return ret->meth->generate_params(ret, prime_len, generator, cb);
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode())
+ return FIPS_dh_generate_parameters_ex(ret, prime_len, generator, cb);
+#endif
return dh_builtin_genparams(ret, prime_len, generator, cb);
}
@@ -139,7 +152,7 @@
goto err;
g = 2;
}
-# if 0 /* does not work for safe primes */
+#if 0 /* does not work for safe primes */
else if (generator == DH_GENERATOR_3) {
if (!BN_set_word(t1, 12))
goto err;
@@ -147,7 +160,7 @@
goto err;
g = 3;
}
-# endif
+#endif
else if (generator == DH_GENERATOR_5) {
if (!BN_set_word(t1, 10))
goto err;
@@ -189,5 +202,3 @@
}
return ok;
}
-
-#endif
Modified: trunk/crypto/openssl/crypto/dh/dh_key.c
===================================================================
--- trunk/crypto/openssl/crypto/dh/dh_key.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/dh/dh_key.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -62,8 +62,6 @@
#include <openssl/rand.h>
#include <openssl/dh.h>
-#ifndef OPENSSL_FIPS
-
static int generate_key(DH *dh);
static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh);
static int dh_bn_mod_exp(const DH *dh, BIGNUM *r,
@@ -74,11 +72,25 @@
int DH_generate_key(DH *dh)
{
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode() && !(dh->meth->flags & DH_FLAG_FIPS_METHOD)
+ && !(dh->flags & DH_FLAG_NON_FIPS_ALLOW)) {
+ DHerr(DH_F_DH_GENERATE_KEY, DH_R_NON_FIPS_METHOD);
+ return 0;
+ }
+#endif
return dh->meth->generate_key(dh);
}
int DH_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
{
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode() && !(dh->meth->flags & DH_FLAG_FIPS_METHOD)
+ && !(dh->flags & DH_FLAG_NON_FIPS_ALLOW)) {
+ DHerr(DH_F_DH_COMPUTE_KEY, DH_R_NON_FIPS_METHOD);
+ return 0;
+ }
+#endif
return dh->meth->compute_key(key, pub_key, dh);
}
@@ -135,11 +147,18 @@
}
if (generate_new_key) {
- l = dh->length ? dh->length : BN_num_bits(dh->p) - 1; /* secret
- * exponent
- * length */
- if (!BN_rand(priv_key, l, 0, 0))
- goto err;
+ if (dh->q) {
+ do {
+ if (!BN_rand_range(priv_key, dh->q))
+ goto err;
+ }
+ while (BN_is_zero(priv_key) || BN_is_one(priv_key));
+ } else {
+ /* secret exponent length */
+ l = dh->length ? dh->length : BN_num_bits(dh->p) - 1;
+ if (!BN_rand(priv_key, l, 0, 0))
+ goto err;
+ }
}
{
@@ -254,5 +273,3 @@
BN_MONT_CTX_free(dh->method_mont_p);
return (1);
}
-
-#endif
Modified: trunk/crypto/openssl/crypto/dh/dh_lib.c
===================================================================
--- trunk/crypto/openssl/crypto/dh/dh_lib.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/dh/dh_lib.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -64,6 +64,10 @@
# include <openssl/engine.h>
#endif
+#ifdef OPENSSL_FIPS
+# include <openssl/fips.h>
+#endif
+
const char DH_version[] = "Diffie-Hellman" OPENSSL_VERSION_PTEXT;
static const DH_METHOD *default_DH_method = NULL;
@@ -75,8 +79,16 @@
const DH_METHOD *DH_get_default_method(void)
{
- if (!default_DH_method)
+ if (!default_DH_method) {
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode())
+ return FIPS_dh_openssl();
+ else
+ return DH_OpenSSL();
+#else
default_DH_method = DH_OpenSSL();
+#endif
+ }
return default_DH_method;
}
@@ -153,7 +165,7 @@
ret->counter = NULL;
ret->method_mont_p = NULL;
ret->references = 1;
- ret->flags = ret->meth->flags;
+ ret->flags = ret->meth->flags & ~DH_FLAG_NON_FIPS_ALLOW;
CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data);
if ((ret->meth->init != NULL) && !ret->meth->init(ret)) {
#ifndef OPENSSL_NO_ENGINE
Copied: trunk/crypto/openssl/crypto/dh/dh_pmeth.c (from rev 7117, vendor-crypto/openssl/dist/crypto/dh/dh_pmeth.c)
===================================================================
--- trunk/crypto/openssl/crypto/dh/dh_pmeth.c (rev 0)
+++ trunk/crypto/openssl/crypto/dh/dh_pmeth.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,245 @@
+/*
+ * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+ * 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/x509.h>
+#include <openssl/evp.h>
+#include <openssl/dh.h>
+#include <openssl/bn.h>
+#include "evp_locl.h"
+
+/* DH pkey context structure */
+
+typedef struct {
+ /* Parameter gen parameters */
+ int prime_len;
+ int generator;
+ int use_dsa;
+ /* Keygen callback info */
+ int gentmp[2];
+ /* message digest */
+} DH_PKEY_CTX;
+
+static int pkey_dh_init(EVP_PKEY_CTX *ctx)
+{
+ DH_PKEY_CTX *dctx;
+ dctx = OPENSSL_malloc(sizeof(DH_PKEY_CTX));
+ if (!dctx)
+ return 0;
+ dctx->prime_len = 1024;
+ dctx->generator = 2;
+ dctx->use_dsa = 0;
+
+ ctx->data = dctx;
+ ctx->keygen_info = dctx->gentmp;
+ ctx->keygen_info_count = 2;
+
+ return 1;
+}
+
+static int pkey_dh_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
+{
+ DH_PKEY_CTX *dctx, *sctx;
+ if (!pkey_dh_init(dst))
+ return 0;
+ sctx = src->data;
+ dctx = dst->data;
+ dctx->prime_len = sctx->prime_len;
+ dctx->generator = sctx->generator;
+ dctx->use_dsa = sctx->use_dsa;
+ return 1;
+}
+
+static void pkey_dh_cleanup(EVP_PKEY_CTX *ctx)
+{
+ DH_PKEY_CTX *dctx = ctx->data;
+ if (dctx)
+ OPENSSL_free(dctx);
+}
+
+static int pkey_dh_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
+{
+ DH_PKEY_CTX *dctx = ctx->data;
+ switch (type) {
+ case EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN:
+ if (p1 < 256)
+ return -2;
+ dctx->prime_len = p1;
+ return 1;
+
+ case EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR:
+ dctx->generator = p1;
+ return 1;
+
+ case EVP_PKEY_CTRL_PEER_KEY:
+ /* Default behaviour is OK */
+ return 1;
+
+ default:
+ return -2;
+
+ }
+}
+
+static int pkey_dh_ctrl_str(EVP_PKEY_CTX *ctx,
+ const char *type, const char *value)
+{
+ if (!strcmp(type, "dh_paramgen_prime_len")) {
+ int len;
+ len = atoi(value);
+ return EVP_PKEY_CTX_set_dh_paramgen_prime_len(ctx, len);
+ }
+ if (!strcmp(type, "dh_paramgen_generator")) {
+ int len;
+ len = atoi(value);
+ return EVP_PKEY_CTX_set_dh_paramgen_generator(ctx, len);
+ }
+ return -2;
+}
+
+static int pkey_dh_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
+{
+ DH *dh = NULL;
+ DH_PKEY_CTX *dctx = ctx->data;
+ BN_GENCB *pcb, cb;
+ int ret;
+ if (ctx->pkey_gencb) {
+ pcb = &cb;
+ evp_pkey_set_cb_translate(pcb, ctx);
+ } else
+ pcb = NULL;
+ dh = DH_new();
+ if (!dh)
+ return 0;
+ ret = DH_generate_parameters_ex(dh,
+ dctx->prime_len, dctx->generator, pcb);
+ if (ret)
+ EVP_PKEY_assign_DH(pkey, dh);
+ else
+ DH_free(dh);
+ return ret;
+}
+
+static int pkey_dh_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
+{
+ DH *dh = NULL;
+ if (ctx->pkey == NULL) {
+ DHerr(DH_F_PKEY_DH_KEYGEN, DH_R_NO_PARAMETERS_SET);
+ return 0;
+ }
+ dh = DH_new();
+ if (!dh)
+ return 0;
+ EVP_PKEY_assign_DH(pkey, dh);
+ /* Note: if error return, pkey is freed by parent routine */
+ if (!EVP_PKEY_copy_parameters(pkey, ctx->pkey))
+ return 0;
+ return DH_generate_key(pkey->pkey.dh);
+}
+
+static int pkey_dh_derive(EVP_PKEY_CTX *ctx, unsigned char *key,
+ size_t *keylen)
+{
+ int ret;
+ if (!ctx->pkey || !ctx->peerkey) {
+ DHerr(DH_F_PKEY_DH_DERIVE, DH_R_KEYS_NOT_SET);
+ return 0;
+ }
+ ret = DH_compute_key(key, ctx->peerkey->pkey.dh->pub_key,
+ ctx->pkey->pkey.dh);
+ if (ret < 0)
+ return ret;
+ *keylen = ret;
+ return 1;
+}
+
+const EVP_PKEY_METHOD dh_pkey_meth = {
+ EVP_PKEY_DH,
+ EVP_PKEY_FLAG_AUTOARGLEN,
+ pkey_dh_init,
+ pkey_dh_copy,
+ pkey_dh_cleanup,
+
+ 0,
+ pkey_dh_paramgen,
+
+ 0,
+ pkey_dh_keygen,
+
+ 0,
+ 0,
+
+ 0,
+ 0,
+
+ 0, 0,
+
+ 0, 0, 0, 0,
+
+ 0, 0,
+
+ 0, 0,
+
+ 0,
+ pkey_dh_derive,
+
+ pkey_dh_ctrl,
+ pkey_dh_ctrl_str
+};
Copied: trunk/crypto/openssl/crypto/dh/dh_prn.c (from rev 7117, vendor-crypto/openssl/dist/crypto/dh/dh_prn.c)
===================================================================
--- trunk/crypto/openssl/crypto/dh/dh_prn.c (rev 0)
+++ trunk/crypto/openssl/crypto/dh/dh_prn.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,79 @@
+/* crypto/asn1/t_pkey.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/evp.h>
+#include <openssl/dh.h>
+
+#ifndef OPENSSL_NO_FP_API
+int DHparams_print_fp(FILE *fp, const DH *x)
+{
+ BIO *b;
+ int ret;
+
+ if ((b = BIO_new(BIO_s_file())) == NULL) {
+ DHerr(DH_F_DHPARAMS_PRINT_FP, ERR_R_BUF_LIB);
+ return (0);
+ }
+ BIO_set_fp(b, fp, BIO_NOCLOSE);
+ ret = DHparams_print(b, x);
+ BIO_free(b);
+ return (ret);
+}
+#endif
Modified: trunk/crypto/openssl/crypto/dsa/Makefile
===================================================================
--- trunk/crypto/openssl/crypto/dsa/Makefile 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/dsa/Makefile 2015-07-21 23:23:45 UTC (rev 7118)
@@ -18,14 +18,14 @@
LIB=$(TOP)/libcrypto.a
LIBSRC= dsa_gen.c dsa_key.c dsa_lib.c dsa_asn1.c dsa_vrf.c dsa_sign.c \
- dsa_err.c dsa_ossl.c dsa_depr.c dsa_utl.c
+ dsa_err.c dsa_ossl.c dsa_depr.c dsa_ameth.c dsa_pmeth.c dsa_prn.c
LIBOBJ= dsa_gen.o dsa_key.o dsa_lib.o dsa_asn1.o dsa_vrf.o dsa_sign.o \
- dsa_err.o dsa_ossl.o dsa_depr.o dsa_utl.o
+ dsa_err.o dsa_ossl.o dsa_depr.o dsa_ameth.o dsa_pmeth.o dsa_prn.o
SRC= $(LIBSRC)
EXHEADER= dsa.h
-HEADER= $(EXHEADER)
+HEADER= dsa_locl.h $(EXHEADER)
ALL= $(GENERAL) $(SRC) $(HEADER)
@@ -35,7 +35,7 @@
all: lib
lib: $(LIBOBJ)
- $(ARX) $(LIB) $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
@@ -63,6 +63,8 @@
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
+update: depend
+
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
@@ -76,12 +78,27 @@
# DO NOT DELETE THIS LINE -- make depend depends on it.
+dsa_ameth.o: ../../e_os.h ../../include/openssl/asn1.h
+dsa_ameth.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+dsa_ameth.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
+dsa_ameth.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
+dsa_ameth.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+dsa_ameth.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+dsa_ameth.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+dsa_ameth.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+dsa_ameth.o: ../../include/openssl/objects.h
+dsa_ameth.o: ../../include/openssl/opensslconf.h
+dsa_ameth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dsa_ameth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+dsa_ameth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+dsa_ameth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+dsa_ameth.o: ../../include/openssl/x509_vfy.h ../asn1/asn1_locl.h ../cryptlib.h
+dsa_ameth.o: dsa_ameth.c
dsa_asn1.o: ../../e_os.h ../../include/openssl/asn1.h
dsa_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-dsa_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-dsa_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
-dsa_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-dsa_asn1.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
+dsa_asn1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dsa_asn1.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+dsa_asn1.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
dsa_asn1.o: ../../include/openssl/opensslconf.h
dsa_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
dsa_asn1.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
@@ -92,9 +109,8 @@
dsa_depr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
dsa_depr.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
dsa_depr.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-dsa_depr.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-dsa_depr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-dsa_depr.o: ../../include/openssl/opensslconf.h
+dsa_depr.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+dsa_depr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
dsa_depr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
dsa_depr.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
dsa_depr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
@@ -111,13 +127,12 @@
dsa_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
dsa_gen.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
dsa_gen.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-dsa_gen.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-dsa_gen.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-dsa_gen.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-dsa_gen.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
-dsa_gen.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-dsa_gen.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-dsa_gen.o: ../cryptlib.h dsa_gen.c
+dsa_gen.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+dsa_gen.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+dsa_gen.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dsa_gen.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+dsa_gen.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+dsa_gen.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_gen.c dsa_locl.h
dsa_key.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
dsa_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
dsa_key.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
@@ -133,14 +148,14 @@
dsa_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
dsa_lib.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
dsa_lib.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-dsa_lib.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-dsa_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-dsa_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-dsa_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-dsa_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-dsa_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-dsa_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-dsa_lib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h dsa_lib.c
+dsa_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+dsa_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+dsa_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+dsa_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+dsa_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+dsa_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+dsa_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+dsa_lib.o: ../cryptlib.h dsa_lib.c
dsa_ossl.o: ../../e_os.h ../../include/openssl/asn1.h
dsa_ossl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
dsa_ossl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
@@ -149,40 +164,48 @@
dsa_ossl.o: ../../include/openssl/opensslconf.h
dsa_ossl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
dsa_ossl.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
-dsa_ossl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-dsa_ossl.o: ../cryptlib.h dsa_ossl.c
-dsa_sign.o: ../../e_os.h ../../include/openssl/asn1.h
-dsa_sign.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+dsa_ossl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+dsa_ossl.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_ossl.c
+dsa_pmeth.o: ../../e_os.h ../../include/openssl/asn1.h
+dsa_pmeth.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+dsa_pmeth.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+dsa_pmeth.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
+dsa_pmeth.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+dsa_pmeth.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+dsa_pmeth.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+dsa_pmeth.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+dsa_pmeth.o: ../../include/openssl/objects.h
+dsa_pmeth.o: ../../include/openssl/opensslconf.h
+dsa_pmeth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dsa_pmeth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+dsa_pmeth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+dsa_pmeth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+dsa_pmeth.o: ../../include/openssl/x509_vfy.h ../cryptlib.h ../evp/evp_locl.h
+dsa_pmeth.o: dsa_locl.h dsa_pmeth.c
+dsa_prn.o: ../../e_os.h ../../include/openssl/asn1.h
+dsa_prn.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+dsa_prn.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
+dsa_prn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+dsa_prn.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+dsa_prn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+dsa_prn.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+dsa_prn.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+dsa_prn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+dsa_prn.o: ../cryptlib.h dsa_prn.c
+dsa_sign.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
dsa_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
dsa_sign.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-dsa_sign.o: ../../include/openssl/err.h ../../include/openssl/fips.h
-dsa_sign.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+dsa_sign.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dsa_sign.o: ../../include/openssl/opensslconf.h
dsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
dsa_sign.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
dsa_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
dsa_sign.o: ../cryptlib.h dsa_sign.c
-dsa_utl.o: ../../e_os.h ../../include/openssl/asn1.h
-dsa_utl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-dsa_utl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-dsa_utl.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-dsa_utl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-dsa_utl.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-dsa_utl.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-dsa_utl.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-dsa_utl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-dsa_utl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-dsa_utl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-dsa_utl.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-dsa_utl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-dsa_utl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-dsa_utl.o: ../../include/openssl/x509_vfy.h ../cryptlib.h dsa_utl.c
-dsa_vrf.o: ../../e_os.h ../../include/openssl/asn1.h
-dsa_vrf.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
-dsa_vrf.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-dsa_vrf.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
-dsa_vrf.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-dsa_vrf.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
+dsa_vrf.o: ../../e_os.h ../../include/openssl/bio.h
+dsa_vrf.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dsa_vrf.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+dsa_vrf.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
dsa_vrf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-dsa_vrf.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
-dsa_vrf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-dsa_vrf.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_vrf.c
+dsa_vrf.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+dsa_vrf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+dsa_vrf.o: ../cryptlib.h dsa_vrf.c
Modified: trunk/crypto/openssl/crypto/dsa/dsa.h
===================================================================
--- trunk/crypto/openssl/crypto/dsa/dsa.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/dsa/dsa.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -88,8 +88,6 @@
# define OPENSSL_DSA_MAX_MODULUS_BITS 10000
# endif
-# define OPENSSL_DSA_FIPS_MIN_MODULUS_BITS 1024
-
# define DSA_FLAG_CACHE_MONT_P 0x01
/*
* new with 0.9.7h; the built-in DSA implementation now uses constant time
@@ -115,10 +113,6 @@
# define DSA_FLAG_NON_FIPS_ALLOW 0x0400
-# ifdef OPENSSL_FIPS
-# define FIPS_DSA_SIZE_T int
-# endif
-
#ifdef __cplusplus
extern "C" {
#endif
@@ -151,7 +145,7 @@
char *app_data;
/* If this is non-NULL, it is used to generate DSA parameters */
int (*dsa_paramgen) (DSA *dsa, int bits,
- unsigned char *seed, int seed_len,
+ const unsigned char *seed, int seed_len,
int *counter_ret, unsigned long *h_ret,
BN_GENCB *cb);
/* If this is non-NULL, it is used to generate DSA keys */
@@ -183,7 +177,6 @@
ENGINE *engine;
};
-# define DSAparams_dup(x) ASN1_dup_of_const(DSA,i2d_DSAparams,d2i_DSAparams,x)
# define d2i_DSAparams_fp(fp,x) (DSA *)ASN1_d2i_fp((char *(*)())DSA_new, \
(char *(*)())d2i_DSAparams,(fp),(unsigned char **)(x))
# define i2d_DSAparams_fp(fp,x) ASN1_i2d_fp(i2d_DSAparams,(fp), \
@@ -191,6 +184,7 @@
# define d2i_DSAparams_bio(bp,x) ASN1_d2i_bio_of(DSA,DSA_new,d2i_DSAparams,bp,x)
# define i2d_DSAparams_bio(bp,x) ASN1_i2d_bio_of_const(DSA,i2d_DSAparams,bp,x)
+DSA *DSAparams_dup(DSA *x);
DSA_SIG *DSA_SIG_new(void);
void DSA_SIG_free(DSA_SIG *a);
int i2d_DSA_SIG(const DSA_SIG *a, unsigned char **pp);
@@ -206,11 +200,6 @@
const DSA_METHOD *DSA_get_default_method(void);
int DSA_set_method(DSA *dsa, const DSA_METHOD *);
-# ifdef OPENSSL_FIPS
-DSA *FIPS_dsa_new(void);
-void FIPS_dsa_free(DSA *r);
-# endif
-
DSA *DSA_new(void);
DSA *DSA_new_method(ENGINE *engine);
void DSA_free(DSA *r);
@@ -242,7 +231,7 @@
/* New version */
int DSA_generate_parameters_ex(DSA *dsa, int bits,
- unsigned char *seed, int seed_len,
+ const unsigned char *seed, int seed_len,
int *counter_ret, unsigned long *h_ret,
BN_GENCB *cb);
@@ -276,11 +265,14 @@
DH *DSA_dup_DH(const DSA *r);
# endif
-# ifdef OPENSSL_FIPS
-int FIPS_dsa_sig_encode(unsigned char *out, DSA_SIG *sig);
-int FIPS_dsa_sig_decode(DSA_SIG *sig, const unsigned char *in, int inlen);
-# endif
+# define EVP_PKEY_CTX_set_dsa_paramgen_bits(ctx, nbits) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN, \
+ EVP_PKEY_CTRL_DSA_PARAMGEN_BITS, nbits, NULL)
+# define EVP_PKEY_CTRL_DSA_PARAMGEN_BITS (EVP_PKEY_ALG_CTRL + 1)
+# define EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS (EVP_PKEY_ALG_CTRL + 2)
+# define EVP_PKEY_CTRL_DSA_PARAMGEN_MD (EVP_PKEY_ALG_CTRL + 3)
+
/* BEGIN ERROR CODES */
/*
* The following lines are auto generated by the script mkerr.pl. Any changes
@@ -292,33 +284,44 @@
/* Function codes. */
# define DSA_F_D2I_DSA_SIG 110
+# define DSA_F_DO_DSA_PRINT 104
# define DSA_F_DSAPARAMS_PRINT 100
# define DSA_F_DSAPARAMS_PRINT_FP 101
-# define DSA_F_DSA_BUILTIN_KEYGEN 119
-# define DSA_F_DSA_BUILTIN_PARAMGEN 118
# define DSA_F_DSA_DO_SIGN 112
# define DSA_F_DSA_DO_VERIFY 113
-# define DSA_F_DSA_GENERATE_PARAMETERS 117
+# define DSA_F_DSA_GENERATE_KEY 124
+# define DSA_F_DSA_GENERATE_PARAMETERS_EX 123
# define DSA_F_DSA_NEW_METHOD 103
-# define DSA_F_DSA_PRINT 104
+# define DSA_F_DSA_PARAM_DECODE 119
# define DSA_F_DSA_PRINT_FP 105
-# define DSA_F_DSA_SET_DEFAULT_METHOD 115
-# define DSA_F_DSA_SET_METHOD 116
+# define DSA_F_DSA_PRIV_DECODE 115
+# define DSA_F_DSA_PRIV_ENCODE 116
+# define DSA_F_DSA_PUB_DECODE 117
+# define DSA_F_DSA_PUB_ENCODE 118
# define DSA_F_DSA_SIGN 106
# define DSA_F_DSA_SIGN_SETUP 107
# define DSA_F_DSA_SIG_NEW 109
+# define DSA_F_DSA_SIG_PRINT 125
# define DSA_F_DSA_VERIFY 108
# define DSA_F_I2D_DSA_SIG 111
+# define DSA_F_OLD_DSA_PRIV_DECODE 122
+# define DSA_F_PKEY_DSA_CTRL 120
+# define DSA_F_PKEY_DSA_KEYGEN 121
# define DSA_F_SIG_CB 114
/* Reason codes. */
# define DSA_R_BAD_Q_VALUE 102
+# define DSA_R_BN_DECODE_ERROR 108
+# define DSA_R_BN_ERROR 109
# define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 100
-# define DSA_R_KEY_SIZE_TOO_SMALL 106
+# define DSA_R_DECODE_ERROR 104
+# define DSA_R_INVALID_DIGEST_TYPE 106
# define DSA_R_MISSING_PARAMETERS 101
# define DSA_R_MODULUS_TOO_LARGE 103
-# define DSA_R_NON_FIPS_METHOD 104
-# define DSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE 105
+# define DSA_R_NEED_NEW_SETUP_VALUES 110
+# define DSA_R_NON_FIPS_DSA_METHOD 111
+# define DSA_R_NO_PARAMETERS_SET 107
+# define DSA_R_PARAMETER_ENCODING_ERROR 105
#ifdef __cplusplus
}
Copied: trunk/crypto/openssl/crypto/dsa/dsa_ameth.c (from rev 7117, vendor-crypto/openssl/dist/crypto/dsa/dsa_ameth.c)
===================================================================
--- trunk/crypto/openssl/crypto/dsa/dsa_ameth.c (rev 0)
+++ trunk/crypto/openssl/crypto/dsa/dsa_ameth.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,673 @@
+/*
+ * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+ * 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/x509.h>
+#include <openssl/asn1.h>
+#include <openssl/dsa.h>
+#include <openssl/bn.h>
+#ifndef OPENSSL_NO_CMS
+# include <openssl/cms.h>
+#endif
+#include "asn1_locl.h"
+
+static int dsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
+{
+ const unsigned char *p, *pm;
+ int pklen, pmlen;
+ int ptype;
+ void *pval;
+ ASN1_STRING *pstr;
+ X509_ALGOR *palg;
+ ASN1_INTEGER *public_key = NULL;
+
+ DSA *dsa = NULL;
+
+ if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, &palg, pubkey))
+ return 0;
+ X509_ALGOR_get0(NULL, &ptype, &pval, palg);
+
+ if (ptype == V_ASN1_SEQUENCE) {
+ pstr = pval;
+ pm = pstr->data;
+ pmlen = pstr->length;
+
+ if (!(dsa = d2i_DSAparams(NULL, &pm, pmlen))) {
+ DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_DECODE_ERROR);
+ goto err;
+ }
+
+ } else if ((ptype == V_ASN1_NULL) || (ptype == V_ASN1_UNDEF)) {
+ if (!(dsa = DSA_new())) {
+ DSAerr(DSA_F_DSA_PUB_DECODE, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ } else {
+ DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_PARAMETER_ENCODING_ERROR);
+ goto err;
+ }
+
+ if (!(public_key = d2i_ASN1_INTEGER(NULL, &p, pklen))) {
+ DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_DECODE_ERROR);
+ goto err;
+ }
+
+ if (!(dsa->pub_key = ASN1_INTEGER_to_BN(public_key, NULL))) {
+ DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_BN_DECODE_ERROR);
+ goto err;
+ }
+
+ ASN1_INTEGER_free(public_key);
+ EVP_PKEY_assign_DSA(pkey, dsa);
+ return 1;
+
+ err:
+ if (public_key)
+ ASN1_INTEGER_free(public_key);
+ if (dsa)
+ DSA_free(dsa);
+ return 0;
+
+}
+
+static int dsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
+{
+ DSA *dsa;
+ int ptype;
+ unsigned char *penc = NULL;
+ int penclen;
+ ASN1_STRING *str = NULL;
+
+ dsa = pkey->pkey.dsa;
+ if (pkey->save_parameters && dsa->p && dsa->q && dsa->g) {
+ str = ASN1_STRING_new();
+ if (!str) {
+ DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ str->length = i2d_DSAparams(dsa, &str->data);
+ if (str->length <= 0) {
+ DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ ptype = V_ASN1_SEQUENCE;
+ } else
+ ptype = V_ASN1_UNDEF;
+
+ dsa->write_params = 0;
+
+ penclen = i2d_DSAPublicKey(dsa, &penc);
+
+ if (penclen <= 0) {
+ DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_DSA),
+ ptype, str, penc, penclen))
+ return 1;
+
+ err:
+ if (penc)
+ OPENSSL_free(penc);
+ if (str)
+ ASN1_STRING_free(str);
+
+ return 0;
+}
+
+/*
+ * In PKCS#8 DSA: you just get a private key integer and parameters in the
+ * AlgorithmIdentifier the pubkey must be recalculated.
+ */
+
+static int dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
+{
+ const unsigned char *p, *pm;
+ int pklen, pmlen;
+ int ptype;
+ void *pval;
+ ASN1_STRING *pstr;
+ X509_ALGOR *palg;
+ ASN1_INTEGER *privkey = NULL;
+ BN_CTX *ctx = NULL;
+
+ STACK_OF(ASN1_TYPE) *ndsa = NULL;
+ DSA *dsa = NULL;
+
+ if (!PKCS8_pkey_get0(NULL, &p, &pklen, &palg, p8))
+ return 0;
+ X509_ALGOR_get0(NULL, &ptype, &pval, palg);
+
+ /* Check for broken DSA PKCS#8, UGH! */
+ if (*p == (V_ASN1_SEQUENCE | V_ASN1_CONSTRUCTED)) {
+ ASN1_TYPE *t1, *t2;
+ if (!(ndsa = d2i_ASN1_SEQUENCE_ANY(NULL, &p, pklen)))
+ goto decerr;
+ if (sk_ASN1_TYPE_num(ndsa) != 2)
+ goto decerr;
+ /*-
+ * Handle Two broken types:
+ * SEQUENCE {parameters, priv_key}
+ * SEQUENCE {pub_key, priv_key}
+ */
+
+ t1 = sk_ASN1_TYPE_value(ndsa, 0);
+ t2 = sk_ASN1_TYPE_value(ndsa, 1);
+ if (t1->type == V_ASN1_SEQUENCE) {
+ p8->broken = PKCS8_EMBEDDED_PARAM;
+ pval = t1->value.ptr;
+ } else if (ptype == V_ASN1_SEQUENCE)
+ p8->broken = PKCS8_NS_DB;
+ else
+ goto decerr;
+
+ if (t2->type != V_ASN1_INTEGER)
+ goto decerr;
+
+ privkey = t2->value.integer;
+ } else {
+ const unsigned char *q = p;
+ if (!(privkey = d2i_ASN1_INTEGER(NULL, &p, pklen)))
+ goto decerr;
+ if (privkey->type == V_ASN1_NEG_INTEGER) {
+ p8->broken = PKCS8_NEG_PRIVKEY;
+ ASN1_STRING_clear_free(privkey);
+ if (!(privkey = d2i_ASN1_UINTEGER(NULL, &q, pklen)))
+ goto decerr;
+ }
+ if (ptype != V_ASN1_SEQUENCE)
+ goto decerr;
+ }
+
+ pstr = pval;
+ pm = pstr->data;
+ pmlen = pstr->length;
+ if (!(dsa = d2i_DSAparams(NULL, &pm, pmlen)))
+ goto decerr;
+ /* We have parameters now set private key */
+ if (!(dsa->priv_key = ASN1_INTEGER_to_BN(privkey, NULL))) {
+ DSAerr(DSA_F_DSA_PRIV_DECODE, DSA_R_BN_ERROR);
+ goto dsaerr;
+ }
+ /* Calculate public key */
+ if (!(dsa->pub_key = BN_new())) {
+ DSAerr(DSA_F_DSA_PRIV_DECODE, ERR_R_MALLOC_FAILURE);
+ goto dsaerr;
+ }
+ if (!(ctx = BN_CTX_new())) {
+ DSAerr(DSA_F_DSA_PRIV_DECODE, ERR_R_MALLOC_FAILURE);
+ goto dsaerr;
+ }
+
+ if (!BN_mod_exp(dsa->pub_key, dsa->g, dsa->priv_key, dsa->p, ctx)) {
+ DSAerr(DSA_F_DSA_PRIV_DECODE, DSA_R_BN_ERROR);
+ goto dsaerr;
+ }
+
+ EVP_PKEY_assign_DSA(pkey, dsa);
+ BN_CTX_free(ctx);
+ if (ndsa)
+ sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
+ else
+ ASN1_STRING_clear_free(privkey);
+
+ return 1;
+
+ decerr:
+ DSAerr(DSA_F_DSA_PRIV_DECODE, EVP_R_DECODE_ERROR);
+ dsaerr:
+ BN_CTX_free(ctx);
+ if (privkey)
+ ASN1_STRING_clear_free(privkey);
+ sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
+ DSA_free(dsa);
+ return 0;
+}
+
+static int dsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
+{
+ ASN1_STRING *params = NULL;
+ ASN1_INTEGER *prkey = NULL;
+ unsigned char *dp = NULL;
+ int dplen;
+
+ if (!pkey->pkey.dsa || !pkey->pkey.dsa->priv_key) {
+ DSAerr(DSA_F_DSA_PRIV_ENCODE, DSA_R_MISSING_PARAMETERS);
+ goto err;
+ }
+
+ params = ASN1_STRING_new();
+
+ if (!params) {
+ DSAerr(DSA_F_DSA_PRIV_ENCODE, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ params->length = i2d_DSAparams(pkey->pkey.dsa, ¶ms->data);
+ if (params->length <= 0) {
+ DSAerr(DSA_F_DSA_PRIV_ENCODE, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ params->type = V_ASN1_SEQUENCE;
+
+ /* Get private key into integer */
+ prkey = BN_to_ASN1_INTEGER(pkey->pkey.dsa->priv_key, NULL);
+
+ if (!prkey) {
+ DSAerr(DSA_F_DSA_PRIV_ENCODE, DSA_R_BN_ERROR);
+ goto err;
+ }
+
+ dplen = i2d_ASN1_INTEGER(prkey, &dp);
+
+ ASN1_STRING_clear_free(prkey);
+
+ if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_dsa), 0,
+ V_ASN1_SEQUENCE, params, dp, dplen))
+ goto err;
+
+ return 1;
+
+ err:
+ if (dp != NULL)
+ OPENSSL_free(dp);
+ if (params != NULL)
+ ASN1_STRING_free(params);
+ if (prkey != NULL)
+ ASN1_STRING_clear_free(prkey);
+ return 0;
+}
+
+static int int_dsa_size(const EVP_PKEY *pkey)
+{
+ return (DSA_size(pkey->pkey.dsa));
+}
+
+static int dsa_bits(const EVP_PKEY *pkey)
+{
+ return BN_num_bits(pkey->pkey.dsa->p);
+}
+
+static int dsa_missing_parameters(const EVP_PKEY *pkey)
+{
+ DSA *dsa;
+ dsa = pkey->pkey.dsa;
+ if ((dsa->p == NULL) || (dsa->q == NULL) || (dsa->g == NULL))
+ return 1;
+ return 0;
+}
+
+static int dsa_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
+{
+ BIGNUM *a;
+
+ if ((a = BN_dup(from->pkey.dsa->p)) == NULL)
+ return 0;
+ if (to->pkey.dsa->p != NULL)
+ BN_free(to->pkey.dsa->p);
+ to->pkey.dsa->p = a;
+
+ if ((a = BN_dup(from->pkey.dsa->q)) == NULL)
+ return 0;
+ if (to->pkey.dsa->q != NULL)
+ BN_free(to->pkey.dsa->q);
+ to->pkey.dsa->q = a;
+
+ if ((a = BN_dup(from->pkey.dsa->g)) == NULL)
+ return 0;
+ if (to->pkey.dsa->g != NULL)
+ BN_free(to->pkey.dsa->g);
+ to->pkey.dsa->g = a;
+ return 1;
+}
+
+static int dsa_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
+{
+ if (BN_cmp(a->pkey.dsa->p, b->pkey.dsa->p) ||
+ BN_cmp(a->pkey.dsa->q, b->pkey.dsa->q) ||
+ BN_cmp(a->pkey.dsa->g, b->pkey.dsa->g))
+ return 0;
+ else
+ return 1;
+}
+
+static int dsa_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
+{
+ if (BN_cmp(b->pkey.dsa->pub_key, a->pkey.dsa->pub_key) != 0)
+ return 0;
+ else
+ return 1;
+}
+
+static void int_dsa_free(EVP_PKEY *pkey)
+{
+ DSA_free(pkey->pkey.dsa);
+}
+
+static void update_buflen(const BIGNUM *b, size_t *pbuflen)
+{
+ size_t i;
+ if (!b)
+ return;
+ if (*pbuflen < (i = (size_t)BN_num_bytes(b)))
+ *pbuflen = i;
+}
+
+static int do_dsa_print(BIO *bp, const DSA *x, int off, int ptype)
+{
+ unsigned char *m = NULL;
+ int ret = 0;
+ size_t buf_len = 0;
+ const char *ktype = NULL;
+
+ const BIGNUM *priv_key, *pub_key;
+
+ if (ptype == 2)
+ priv_key = x->priv_key;
+ else
+ priv_key = NULL;
+
+ if (ptype > 0)
+ pub_key = x->pub_key;
+ else
+ pub_key = NULL;
+
+ if (ptype == 2)
+ ktype = "Private-Key";
+ else if (ptype == 1)
+ ktype = "Public-Key";
+ else
+ ktype = "DSA-Parameters";
+
+ update_buflen(x->p, &buf_len);
+ update_buflen(x->q, &buf_len);
+ update_buflen(x->g, &buf_len);
+ update_buflen(priv_key, &buf_len);
+ update_buflen(pub_key, &buf_len);
+
+ m = (unsigned char *)OPENSSL_malloc(buf_len + 10);
+ if (m == NULL) {
+ DSAerr(DSA_F_DO_DSA_PRINT, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ if (priv_key) {
+ if (!BIO_indent(bp, off, 128))
+ goto err;
+ if (BIO_printf(bp, "%s: (%d bit)\n", ktype, BN_num_bits(x->p))
+ <= 0)
+ goto err;
+ }
+
+ if (!ASN1_bn_print(bp, "priv:", priv_key, m, off))
+ goto err;
+ if (!ASN1_bn_print(bp, "pub: ", pub_key, m, off))
+ goto err;
+ if (!ASN1_bn_print(bp, "P: ", x->p, m, off))
+ goto err;
+ if (!ASN1_bn_print(bp, "Q: ", x->q, m, off))
+ goto err;
+ if (!ASN1_bn_print(bp, "G: ", x->g, m, off))
+ goto err;
+ ret = 1;
+ err:
+ if (m != NULL)
+ OPENSSL_free(m);
+ return (ret);
+}
+
+static int dsa_param_decode(EVP_PKEY *pkey,
+ const unsigned char **pder, int derlen)
+{
+ DSA *dsa;
+ if (!(dsa = d2i_DSAparams(NULL, pder, derlen))) {
+ DSAerr(DSA_F_DSA_PARAM_DECODE, ERR_R_DSA_LIB);
+ return 0;
+ }
+ EVP_PKEY_assign_DSA(pkey, dsa);
+ return 1;
+}
+
+static int dsa_param_encode(const EVP_PKEY *pkey, unsigned char **pder)
+{
+ return i2d_DSAparams(pkey->pkey.dsa, pder);
+}
+
+static int dsa_param_print(BIO *bp, const EVP_PKEY *pkey, int indent,
+ ASN1_PCTX *ctx)
+{
+ return do_dsa_print(bp, pkey->pkey.dsa, indent, 0);
+}
+
+static int dsa_pub_print(BIO *bp, const EVP_PKEY *pkey, int indent,
+ ASN1_PCTX *ctx)
+{
+ return do_dsa_print(bp, pkey->pkey.dsa, indent, 1);
+}
+
+static int dsa_priv_print(BIO *bp, const EVP_PKEY *pkey, int indent,
+ ASN1_PCTX *ctx)
+{
+ return do_dsa_print(bp, pkey->pkey.dsa, indent, 2);
+}
+
+static int old_dsa_priv_decode(EVP_PKEY *pkey,
+ const unsigned char **pder, int derlen)
+{
+ DSA *dsa;
+ if (!(dsa = d2i_DSAPrivateKey(NULL, pder, derlen))) {
+ DSAerr(DSA_F_OLD_DSA_PRIV_DECODE, ERR_R_DSA_LIB);
+ return 0;
+ }
+ EVP_PKEY_assign_DSA(pkey, dsa);
+ return 1;
+}
+
+static int old_dsa_priv_encode(const EVP_PKEY *pkey, unsigned char **pder)
+{
+ return i2d_DSAPrivateKey(pkey->pkey.dsa, pder);
+}
+
+static int dsa_sig_print(BIO *bp, const X509_ALGOR *sigalg,
+ const ASN1_STRING *sig, int indent, ASN1_PCTX *pctx)
+{
+ DSA_SIG *dsa_sig;
+ const unsigned char *p;
+ if (!sig) {
+ if (BIO_puts(bp, "\n") <= 0)
+ return 0;
+ else
+ return 1;
+ }
+ p = sig->data;
+ dsa_sig = d2i_DSA_SIG(NULL, &p, sig->length);
+ if (dsa_sig) {
+ int rv = 0;
+ size_t buf_len = 0;
+ unsigned char *m = NULL;
+ update_buflen(dsa_sig->r, &buf_len);
+ update_buflen(dsa_sig->s, &buf_len);
+ m = OPENSSL_malloc(buf_len + 10);
+ if (m == NULL) {
+ DSAerr(DSA_F_DSA_SIG_PRINT, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ if (BIO_write(bp, "\n", 1) != 1)
+ goto err;
+
+ if (!ASN1_bn_print(bp, "r: ", dsa_sig->r, m, indent))
+ goto err;
+ if (!ASN1_bn_print(bp, "s: ", dsa_sig->s, m, indent))
+ goto err;
+ rv = 1;
+ err:
+ if (m)
+ OPENSSL_free(m);
+ DSA_SIG_free(dsa_sig);
+ return rv;
+ }
+ return X509_signature_dump(bp, sig, indent);
+}
+
+static int dsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
+{
+ switch (op) {
+ case ASN1_PKEY_CTRL_PKCS7_SIGN:
+ if (arg1 == 0) {
+ int snid, hnid;
+ X509_ALGOR *alg1, *alg2;
+ PKCS7_SIGNER_INFO_get0_algs(arg2, NULL, &alg1, &alg2);
+ if (alg1 == NULL || alg1->algorithm == NULL)
+ return -1;
+ hnid = OBJ_obj2nid(alg1->algorithm);
+ if (hnid == NID_undef)
+ return -1;
+ if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey)))
+ return -1;
+ X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0);
+ }
+ return 1;
+#ifndef OPENSSL_NO_CMS
+ case ASN1_PKEY_CTRL_CMS_SIGN:
+ if (arg1 == 0) {
+ int snid, hnid;
+ X509_ALGOR *alg1, *alg2;
+ CMS_SignerInfo_get0_algs(arg2, NULL, NULL, &alg1, &alg2);
+ if (alg1 == NULL || alg1->algorithm == NULL)
+ return -1;
+ hnid = OBJ_obj2nid(alg1->algorithm);
+ if (hnid == NID_undef)
+ return -1;
+ if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey)))
+ return -1;
+ X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0);
+ }
+ return 1;
+#endif
+
+ case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
+ *(int *)arg2 = NID_sha1;
+ return 2;
+
+ default:
+ return -2;
+
+ }
+
+}
+
+/* NB these are sorted in pkey_id order, lowest first */
+
+const EVP_PKEY_ASN1_METHOD dsa_asn1_meths[] = {
+
+ {
+ EVP_PKEY_DSA2,
+ EVP_PKEY_DSA,
+ ASN1_PKEY_ALIAS},
+
+ {
+ EVP_PKEY_DSA1,
+ EVP_PKEY_DSA,
+ ASN1_PKEY_ALIAS},
+
+ {
+ EVP_PKEY_DSA4,
+ EVP_PKEY_DSA,
+ ASN1_PKEY_ALIAS},
+
+ {
+ EVP_PKEY_DSA3,
+ EVP_PKEY_DSA,
+ ASN1_PKEY_ALIAS},
+
+ {
+ EVP_PKEY_DSA,
+ EVP_PKEY_DSA,
+ 0,
+
+ "DSA",
+ "OpenSSL DSA method",
+
+ dsa_pub_decode,
+ dsa_pub_encode,
+ dsa_pub_cmp,
+ dsa_pub_print,
+
+ dsa_priv_decode,
+ dsa_priv_encode,
+ dsa_priv_print,
+
+ int_dsa_size,
+ dsa_bits,
+
+ dsa_param_decode,
+ dsa_param_encode,
+ dsa_missing_parameters,
+ dsa_copy_parameters,
+ dsa_cmp_parameters,
+ dsa_param_print,
+ dsa_sig_print,
+
+ int_dsa_free,
+ dsa_pkey_ctrl,
+ old_dsa_priv_decode,
+ old_dsa_priv_encode}
+};
Modified: trunk/crypto/openssl/crypto/dsa/dsa_asn1.c
===================================================================
--- trunk/crypto/openssl/crypto/dsa/dsa_asn1.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/dsa/dsa_asn1.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -4,7 +4,7 @@
* 2000.
*/
/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -62,25 +62,23 @@
#include <openssl/dsa.h>
#include <openssl/asn1.h>
#include <openssl/asn1t.h>
-#include <openssl/bn.h>
#include <openssl/rand.h>
-#ifdef OPENSSL_FIPS
-# include <openssl/fips.h>
-#endif
/* Override the default new methods */
-static int sig_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
+static int sig_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+ void *exarg)
{
if (operation == ASN1_OP_NEW_PRE) {
DSA_SIG *sig;
sig = OPENSSL_malloc(sizeof(DSA_SIG));
+ if (!sig) {
+ DSAerr(DSA_F_SIG_CB, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
sig->r = NULL;
sig->s = NULL;
*pval = (ASN1_VALUE *)sig;
- if (sig)
- return 2;
- DSAerr(DSA_F_SIG_CB, ERR_R_MALLOC_FAILURE);
- return 0;
+ return 2;
}
return 1;
}
@@ -90,10 +88,11 @@
ASN1_SIMPLE(DSA_SIG, s, CBIGNUM)
} ASN1_SEQUENCE_END_cb(DSA_SIG, DSA_SIG)
-IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA_SIG,DSA_SIG,DSA_SIG)
+IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA_SIG, DSA_SIG, DSA_SIG)
/* Override the default free and new methods */
-static int dsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
+static int dsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+ void *exarg)
{
if (operation == ASN1_OP_NEW_PRE) {
*pval = (ASN1_VALUE *)DSA_new();
@@ -147,16 +146,15 @@
IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA, DSAPublicKey, DSAPublicKey)
+DSA *DSAparams_dup(DSA *dsa)
+{
+ return ASN1_item_dup(ASN1_ITEM_rptr(DSAparams), dsa);
+}
+
int DSA_sign(int type, const unsigned char *dgst, int dlen,
unsigned char *sig, unsigned int *siglen, DSA *dsa)
{
DSA_SIG *s;
-#ifdef OPENSSL_FIPS
- if (FIPS_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW)) {
- DSAerr(DSA_F_DSA_SIGN, DSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE);
- return 0;
- }
-#endif
RAND_seed(dgst, dlen);
s = DSA_do_sign(dgst, dlen, dsa);
if (s == NULL) {
@@ -168,32 +166,12 @@
return (1);
}
-int DSA_size(const DSA *r)
-{
- int ret, i;
- ASN1_INTEGER bs;
- unsigned char buf[4]; /* 4 bytes looks really small. However,
- * i2d_ASN1_INTEGER() will not look beyond
- * the first byte, as long as the second
- * parameter is NULL. */
-
- i = BN_num_bits(r->q);
- bs.length = (i + 7) / 8;
- bs.data = buf;
- bs.type = V_ASN1_INTEGER;
- /* If the top bit is set the asn1 encoding is 1 larger. */
- buf[0] = 0xff;
-
- i = i2d_ASN1_INTEGER(&bs, NULL);
- i += i; /* r and s */
- ret = ASN1_object_size(1, i, V_ASN1_SEQUENCE);
- return (ret);
-}
-
+/* data has already been hashed (probably with SHA or SHA-1). */
/*-
- * data has already been hashed (probably with SHA or SHA-1). */
-/*
- * returns 1: correct signature 0: incorrect signature -1: error
+ * returns
+ * 1: correct signature
+ * 0: incorrect signature
+ * -1: error
*/
int DSA_verify(int type, const unsigned char *dgst, int dgst_len,
const unsigned char *sigbuf, int siglen, DSA *dsa)
@@ -204,13 +182,6 @@
int derlen = -1;
int ret = -1;
-#ifdef OPENSSL_FIPS
- if (FIPS_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW)) {
- DSAerr(DSA_F_DSA_VERIFY, DSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE);
- return 0;
- }
-#endif
-
s = DSA_SIG_new();
if (s == NULL)
return (ret);
Modified: trunk/crypto/openssl/crypto/dsa/dsa_err.c
===================================================================
--- trunk/crypto/openssl/crypto/dsa/dsa_err.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/dsa/dsa_err.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,6 +1,6 @@
/* crypto/dsa/dsa_err.c */
/* ====================================================================
- * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -71,23 +71,30 @@
static ERR_STRING_DATA DSA_str_functs[] = {
{ERR_FUNC(DSA_F_D2I_DSA_SIG), "d2i_DSA_SIG"},
+ {ERR_FUNC(DSA_F_DO_DSA_PRINT), "DO_DSA_PRINT"},
{ERR_FUNC(DSA_F_DSAPARAMS_PRINT), "DSAparams_print"},
{ERR_FUNC(DSA_F_DSAPARAMS_PRINT_FP), "DSAparams_print_fp"},
- {ERR_FUNC(DSA_F_DSA_BUILTIN_KEYGEN), "DSA_BUILTIN_KEYGEN"},
- {ERR_FUNC(DSA_F_DSA_BUILTIN_PARAMGEN), "DSA_BUILTIN_PARAMGEN"},
{ERR_FUNC(DSA_F_DSA_DO_SIGN), "DSA_do_sign"},
{ERR_FUNC(DSA_F_DSA_DO_VERIFY), "DSA_do_verify"},
- {ERR_FUNC(DSA_F_DSA_GENERATE_PARAMETERS), "DSA_generate_parameters"},
+ {ERR_FUNC(DSA_F_DSA_GENERATE_KEY), "DSA_generate_key"},
+ {ERR_FUNC(DSA_F_DSA_GENERATE_PARAMETERS_EX),
+ "DSA_generate_parameters_ex"},
{ERR_FUNC(DSA_F_DSA_NEW_METHOD), "DSA_new_method"},
- {ERR_FUNC(DSA_F_DSA_PRINT), "DSA_print"},
+ {ERR_FUNC(DSA_F_DSA_PARAM_DECODE), "DSA_PARAM_DECODE"},
{ERR_FUNC(DSA_F_DSA_PRINT_FP), "DSA_print_fp"},
- {ERR_FUNC(DSA_F_DSA_SET_DEFAULT_METHOD), "DSA_set_default_method"},
- {ERR_FUNC(DSA_F_DSA_SET_METHOD), "DSA_set_method"},
+ {ERR_FUNC(DSA_F_DSA_PRIV_DECODE), "DSA_PRIV_DECODE"},
+ {ERR_FUNC(DSA_F_DSA_PRIV_ENCODE), "DSA_PRIV_ENCODE"},
+ {ERR_FUNC(DSA_F_DSA_PUB_DECODE), "DSA_PUB_DECODE"},
+ {ERR_FUNC(DSA_F_DSA_PUB_ENCODE), "DSA_PUB_ENCODE"},
{ERR_FUNC(DSA_F_DSA_SIGN), "DSA_sign"},
{ERR_FUNC(DSA_F_DSA_SIGN_SETUP), "DSA_sign_setup"},
{ERR_FUNC(DSA_F_DSA_SIG_NEW), "DSA_SIG_new"},
+ {ERR_FUNC(DSA_F_DSA_SIG_PRINT), "DSA_SIG_PRINT"},
{ERR_FUNC(DSA_F_DSA_VERIFY), "DSA_verify"},
{ERR_FUNC(DSA_F_I2D_DSA_SIG), "i2d_DSA_SIG"},
+ {ERR_FUNC(DSA_F_OLD_DSA_PRIV_DECODE), "OLD_DSA_PRIV_DECODE"},
+ {ERR_FUNC(DSA_F_PKEY_DSA_CTRL), "PKEY_DSA_CTRL"},
+ {ERR_FUNC(DSA_F_PKEY_DSA_KEYGEN), "PKEY_DSA_KEYGEN"},
{ERR_FUNC(DSA_F_SIG_CB), "SIG_CB"},
{0, NULL}
};
@@ -94,14 +101,18 @@
static ERR_STRING_DATA DSA_str_reasons[] = {
{ERR_REASON(DSA_R_BAD_Q_VALUE), "bad q value"},
+ {ERR_REASON(DSA_R_BN_DECODE_ERROR), "bn decode error"},
+ {ERR_REASON(DSA_R_BN_ERROR), "bn error"},
{ERR_REASON(DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE),
"data too large for key size"},
- {ERR_REASON(DSA_R_KEY_SIZE_TOO_SMALL), "key size too small"},
+ {ERR_REASON(DSA_R_DECODE_ERROR), "decode error"},
+ {ERR_REASON(DSA_R_INVALID_DIGEST_TYPE), "invalid digest type"},
{ERR_REASON(DSA_R_MISSING_PARAMETERS), "missing parameters"},
{ERR_REASON(DSA_R_MODULUS_TOO_LARGE), "modulus too large"},
- {ERR_REASON(DSA_R_NON_FIPS_METHOD), "non fips method"},
- {ERR_REASON(DSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE),
- "operation not allowed in fips mode"},
+ {ERR_REASON(DSA_R_NEED_NEW_SETUP_VALUES), "need new setup values"},
+ {ERR_REASON(DSA_R_NON_FIPS_DSA_METHOD), "non fips dsa method"},
+ {ERR_REASON(DSA_R_NO_PARAMETERS_SET), "no parameters set"},
+ {ERR_REASON(DSA_R_PARAMETER_ENCODING_ERROR), "parameter encoding error"},
{0, NULL}
};
Modified: trunk/crypto/openssl/crypto/dsa/dsa_gen.c
===================================================================
--- trunk/crypto/openssl/crypto/dsa/dsa_gen.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/dsa/dsa_gen.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -78,53 +78,87 @@
#ifndef OPENSSL_NO_SHA
# include <stdio.h>
-# include <time.h>
# include "cryptlib.h"
# include <openssl/evp.h>
# include <openssl/bn.h>
-# include <openssl/dsa.h>
# include <openssl/rand.h>
# include <openssl/sha.h>
+# include "dsa_locl.h"
-# ifndef OPENSSL_FIPS
+# ifdef OPENSSL_FIPS
+# include <openssl/fips.h>
+# endif
-static int dsa_builtin_paramgen(DSA *ret, int bits,
- unsigned char *seed_in, int seed_len,
- int *counter_ret, unsigned long *h_ret,
- BN_GENCB *cb);
-
int DSA_generate_parameters_ex(DSA *ret, int bits,
- unsigned char *seed_in, int seed_len,
+ const unsigned char *seed_in, int seed_len,
int *counter_ret, unsigned long *h_ret,
BN_GENCB *cb)
{
+# ifdef OPENSSL_FIPS
+ if (FIPS_mode() && !(ret->meth->flags & DSA_FLAG_FIPS_METHOD)
+ && !(ret->flags & DSA_FLAG_NON_FIPS_ALLOW)) {
+ DSAerr(DSA_F_DSA_GENERATE_PARAMETERS_EX, DSA_R_NON_FIPS_DSA_METHOD);
+ return 0;
+ }
+# endif
if (ret->meth->dsa_paramgen)
return ret->meth->dsa_paramgen(ret, bits, seed_in, seed_len,
counter_ret, h_ret, cb);
- return dsa_builtin_paramgen(ret, bits, seed_in, seed_len,
- counter_ret, h_ret, cb);
+# ifdef OPENSSL_FIPS
+ else if (FIPS_mode()) {
+ return FIPS_dsa_generate_parameters_ex(ret, bits,
+ seed_in, seed_len,
+ counter_ret, h_ret, cb);
+ }
+# endif
+ else {
+ const EVP_MD *evpmd;
+ size_t qbits = bits >= 2048 ? 256 : 160;
+
+ if (bits >= 2048) {
+ qbits = 256;
+ evpmd = EVP_sha256();
+ } else {
+ qbits = 160;
+ evpmd = EVP_sha1();
+ }
+
+ return dsa_builtin_paramgen(ret, bits, qbits, evpmd,
+ seed_in, seed_len, NULL, counter_ret,
+ h_ret, cb);
+ }
}
-static int dsa_builtin_paramgen(DSA *ret, int bits,
- unsigned char *seed_in, int seed_len,
- int *counter_ret, unsigned long *h_ret,
- BN_GENCB *cb)
+int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
+ const EVP_MD *evpmd, const unsigned char *seed_in,
+ size_t seed_len, unsigned char *seed_out,
+ int *counter_ret, unsigned long *h_ret, BN_GENCB *cb)
{
int ok = 0;
- unsigned char seed[SHA_DIGEST_LENGTH];
- unsigned char md[SHA_DIGEST_LENGTH];
- unsigned char buf[SHA_DIGEST_LENGTH], buf2[SHA_DIGEST_LENGTH];
+ unsigned char seed[SHA256_DIGEST_LENGTH];
+ unsigned char md[SHA256_DIGEST_LENGTH];
+ unsigned char buf[SHA256_DIGEST_LENGTH], buf2[SHA256_DIGEST_LENGTH];
BIGNUM *r0, *W, *X, *c, *test;
BIGNUM *g = NULL, *q = NULL, *p = NULL;
BN_MONT_CTX *mont = NULL;
- int k, n = 0, i, m = 0;
+ int i, k, n = 0, m = 0, qsize = qbits >> 3;
int counter = 0;
int r = 0;
BN_CTX *ctx = NULL;
unsigned int h = 2;
+ if (qsize != SHA_DIGEST_LENGTH && qsize != SHA224_DIGEST_LENGTH &&
+ qsize != SHA256_DIGEST_LENGTH)
+ /* invalid q size */
+ return 0;
+
+ if (evpmd == NULL)
+ /* use SHA1 as default */
+ evpmd = EVP_sha1();
+
if (bits < 512)
bits = 512;
+
bits = (bits + 63) / 64 * 64;
/*
@@ -131,17 +165,14 @@
* NB: seed_len == 0 is special case: copy generated seed to seed_in if
* it is not NULL.
*/
- if (seed_len && (seed_len < 20))
+ if (seed_len && (seed_len < (size_t)qsize))
seed_in = NULL; /* seed buffer too small -- ignore */
- if (seed_len > 20)
- seed_len = 20; /* App. 2.2 of FIPS PUB 186 allows larger
+ if (seed_len > (size_t)qsize)
+ seed_len = qsize; /* App. 2.2 of FIPS PUB 186 allows larger
* SEED, but our internal buffers are
* restricted to 160 bits */
- if ((seed_in != NULL) && (seed_len == 20)) {
+ if (seed_in != NULL)
memcpy(seed, seed_in, seed_len);
- /* set seed_in to NULL to avoid it being copied back */
- seed_in = NULL;
- }
if ((ctx = BN_CTX_new()) == NULL)
goto err;
@@ -171,7 +202,8 @@
goto err;
if (!seed_len) {
- RAND_pseudo_bytes(seed, SHA_DIGEST_LENGTH);
+ if (RAND_pseudo_bytes(seed, qsize) < 0)
+ goto err;
seed_is_random = 1;
} else {
seed_is_random = 0;
@@ -178,10 +210,10 @@
seed_len = 0; /* use random seed if 'seed_in' turns out to
* be bad */
}
- memcpy(buf, seed, SHA_DIGEST_LENGTH);
- memcpy(buf2, seed, SHA_DIGEST_LENGTH);
+ memcpy(buf, seed, qsize);
+ memcpy(buf2, seed, qsize);
/* precompute "SEED + 1" for step 7: */
- for (i = SHA_DIGEST_LENGTH - 1; i >= 0; i--) {
+ for (i = qsize - 1; i >= 0; i--) {
buf[i]++;
if (buf[i] != 0)
break;
@@ -188,15 +220,17 @@
}
/* step 2 */
- EVP_Digest(seed, SHA_DIGEST_LENGTH, md, NULL, HASH, NULL);
- EVP_Digest(buf, SHA_DIGEST_LENGTH, buf2, NULL, HASH, NULL);
- for (i = 0; i < SHA_DIGEST_LENGTH; i++)
+ if (!EVP_Digest(seed, qsize, md, NULL, evpmd, NULL))
+ goto err;
+ if (!EVP_Digest(buf, qsize, buf2, NULL, evpmd, NULL))
+ goto err;
+ for (i = 0; i < qsize; i++)
md[i] ^= buf2[i];
/* step 3 */
md[0] |= 0x80;
- md[SHA_DIGEST_LENGTH - 1] |= 0x01;
- if (!BN_bin2bn(md, SHA_DIGEST_LENGTH, q))
+ md[qsize - 1] |= 0x01;
+ if (!BN_bin2bn(md, qsize, q))
goto err;
/* step 4 */
@@ -233,18 +267,19 @@
/*
* obtain "SEED + offset + k" by incrementing:
*/
- for (i = SHA_DIGEST_LENGTH - 1; i >= 0; i--) {
+ for (i = qsize - 1; i >= 0; i--) {
buf[i]++;
if (buf[i] != 0)
break;
}
- EVP_Digest(buf, SHA_DIGEST_LENGTH, md, NULL, HASH, NULL);
+ if (!EVP_Digest(buf, qsize, md, NULL, evpmd, NULL))
+ goto err;
/* step 8 */
- if (!BN_bin2bn(md, SHA_DIGEST_LENGTH, r0))
+ if (!BN_bin2bn(md, qsize, r0))
goto err;
- if (!BN_lshift(r0, r0, 160 * k))
+ if (!BN_lshift(r0, r0, (qsize << 3) * k))
goto err;
if (!BN_add(W, W, r0))
goto err;
@@ -333,12 +368,12 @@
ok = 0;
goto err;
}
- if (seed_in != NULL)
- memcpy(seed_in, seed, 20);
if (counter_ret != NULL)
*counter_ret = counter;
if (h_ret != NULL)
*h_ret = h;
+ if (seed_out)
+ memcpy(seed_out, seed, qsize);
}
if (ctx) {
BN_CTX_end(ctx);
@@ -348,5 +383,4 @@
BN_MONT_CTX_free(mont);
return ok;
}
-# endif
#endif
Modified: trunk/crypto/openssl/crypto/dsa/dsa_key.c
===================================================================
--- trunk/crypto/openssl/crypto/dsa/dsa_key.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/dsa/dsa_key.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -64,14 +64,27 @@
# include <openssl/dsa.h>
# include <openssl/rand.h>
-# ifndef OPENSSL_FIPS
+# ifdef OPENSSL_FIPS
+# include <openssl/fips.h>
+# endif
static int dsa_builtin_keygen(DSA *dsa);
int DSA_generate_key(DSA *dsa)
{
+# ifdef OPENSSL_FIPS
+ if (FIPS_mode() && !(dsa->meth->flags & DSA_FLAG_FIPS_METHOD)
+ && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW)) {
+ DSAerr(DSA_F_DSA_GENERATE_KEY, DSA_R_NON_FIPS_DSA_METHOD);
+ return 0;
+ }
+# endif
if (dsa->meth->dsa_keygen)
return dsa->meth->dsa_keygen(dsa);
+# ifdef OPENSSL_FIPS
+ if (FIPS_mode())
+ return FIPS_dsa_generate_key(dsa);
+# endif
return dsa_builtin_keygen(dsa);
}
@@ -129,6 +142,4 @@
BN_CTX_free(ctx);
return (ok);
}
-# endif
-
#endif
Modified: trunk/crypto/openssl/crypto/dsa/dsa_lib.c
===================================================================
--- trunk/crypto/openssl/crypto/dsa/dsa_lib.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/dsa/dsa_lib.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -70,6 +70,10 @@
# include <openssl/dh.h>
#endif
+#ifdef OPENSSL_FIPS
+# include <openssl/fips.h>
+#endif
+
const char DSA_version[] = "DSA" OPENSSL_VERSION_PTEXT;
static const DSA_METHOD *default_DSA_method = NULL;
@@ -76,20 +80,21 @@
void DSA_set_default_method(const DSA_METHOD *meth)
{
-#ifdef OPENSSL_FIPS
- if (FIPS_mode() && !(meth->flags & DSA_FLAG_FIPS_METHOD)) {
- DSAerr(DSA_F_DSA_SET_DEFAULT_METHOD, DSA_R_NON_FIPS_METHOD);
- return;
- }
-#endif
-
default_DSA_method = meth;
}
const DSA_METHOD *DSA_get_default_method(void)
{
- if (!default_DSA_method)
+ if (!default_DSA_method) {
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode())
+ return FIPS_dsa_openssl();
+ else
+ return DSA_OpenSSL();
+#else
default_DSA_method = DSA_OpenSSL();
+#endif
+ }
return default_DSA_method;
}
@@ -105,12 +110,6 @@
* to deal with which ENGINE it comes from.
*/
const DSA_METHOD *mtmp;
-#ifdef OPENSSL_FIPS
- if (FIPS_mode() && !(meth->flags & DSA_FLAG_FIPS_METHOD)) {
- DSAerr(DSA_F_DSA_SET_METHOD, DSA_R_NON_FIPS_METHOD);
- return 0;
- }
-#endif
mtmp = dsa->meth;
if (mtmp->finish)
mtmp->finish(dsa);
@@ -156,17 +155,6 @@
}
}
#endif
-#ifdef OPENSSL_FIPS
- if (FIPS_mode() && !(ret->meth->flags & DSA_FLAG_FIPS_METHOD)) {
- DSAerr(DSA_F_DSA_NEW_METHOD, DSA_R_NON_FIPS_METHOD);
-# ifndef OPENSSL_NO_ENGINE
- if (ret->engine)
- ENGINE_finish(ret->engine);
-# endif
- OPENSSL_free(ret);
- return NULL;
- }
-#endif
ret->pad = 0;
ret->version = 0;
@@ -259,6 +247,28 @@
return ((i > 1) ? 1 : 0);
}
+int DSA_size(const DSA *r)
+{
+ int ret, i;
+ ASN1_INTEGER bs;
+ unsigned char buf[4]; /* 4 bytes looks really small. However,
+ * i2d_ASN1_INTEGER() will not look beyond
+ * the first byte, as long as the second
+ * parameter is NULL. */
+
+ i = BN_num_bits(r->q);
+ bs.length = (i + 7) / 8;
+ bs.data = buf;
+ bs.type = V_ASN1_INTEGER;
+ /* If the top bit is set the asn1 encoding is 1 larger. */
+ buf[0] = 0xff;
+
+ i = i2d_ASN1_INTEGER(&bs, NULL);
+ i += i; /* r and s */
+ ret = ASN1_object_size(1, i, V_ASN1_SEQUENCE);
+ return (ret);
+}
+
int DSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
{
@@ -281,7 +291,7 @@
{
/*
* DSA has p, q, g, optional pub_key, optional priv_key. DH has p,
- * optional length, g, optional pub_key, optional priv_key.
+ * optional length, g, optional pub_key, optional priv_key, optional q.
*/
DH *ret = NULL;
@@ -294,8 +304,11 @@
if (r->p != NULL)
if ((ret->p = BN_dup(r->p)) == NULL)
goto err;
- if (r->q != NULL)
+ if (r->q != NULL) {
ret->length = BN_num_bits(r->q);
+ if ((ret->q = BN_dup(r->q)) == NULL)
+ goto err;
+ }
if (r->g != NULL)
if ((ret->g = BN_dup(r->g)) == NULL)
goto err;
Copied: trunk/crypto/openssl/crypto/dsa/dsa_locl.h (from rev 7117, vendor-crypto/openssl/dist/crypto/dsa/dsa_locl.h)
===================================================================
--- trunk/crypto/openssl/crypto/dsa/dsa_locl.h (rev 0)
+++ trunk/crypto/openssl/crypto/dsa/dsa_locl.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,61 @@
+/* ====================================================================
+ * Copyright (c) 2007 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <openssl/dsa.h>
+
+int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
+ const EVP_MD *evpmd, const unsigned char *seed_in,
+ size_t seed_len, unsigned char *seed_out,
+ int *counter_ret, unsigned long *h_ret,
+ BN_GENCB *cb);
Modified: trunk/crypto/openssl/crypto/dsa/dsa_ossl.c
===================================================================
--- trunk/crypto/openssl/crypto/dsa/dsa_ossl.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/dsa/dsa_ossl.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -61,12 +61,11 @@
#include <stdio.h>
#include "cryptlib.h"
#include <openssl/bn.h>
+#include <openssl/sha.h>
#include <openssl/dsa.h>
#include <openssl/rand.h>
#include <openssl/asn1.h>
-#ifndef OPENSSL_FIPS
-
static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
BIGNUM **rp);
@@ -104,7 +103,7 @@
* dsa->method_mont_p);
*/
-# define DSA_MOD_EXP(err_instr,dsa,rr,a1,p1,a2,p2,m,ctx,in_mont) \
+#define DSA_MOD_EXP(err_instr,dsa,rr,a1,p1,a2,p2,m,ctx,in_mont) \
do { \
int _tmp_res53; \
if ((dsa)->meth->dsa_mod_exp) \
@@ -115,7 +114,7 @@
(m), (ctx), (in_mont)); \
if (!_tmp_res53) err_instr; \
} while(0)
-# define DSA_BN_MOD_EXP(err_instr,dsa,r,a,p,m,ctx,m_ctx) \
+#define DSA_BN_MOD_EXP(err_instr,dsa,r,a,p,m,ctx,m_ctx) \
do { \
int _tmp_res53; \
if ((dsa)->meth->bn_mod_exp) \
@@ -137,8 +136,9 @@
BIGNUM m;
BIGNUM xr;
BN_CTX *ctx = NULL;
- int i, reason = ERR_R_BN_LIB;
+ int reason = ERR_R_BN_LIB;
DSA_SIG *ret = NULL;
+ int noredo = 0;
BN_init(&m);
BN_init(&xr);
@@ -151,17 +151,10 @@
s = BN_new();
if (s == NULL)
goto err;
-
- i = BN_num_bytes(dsa->q); /* should be 20 */
- if ((dlen > i) || (dlen > 50)) {
- reason = DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE;
- goto err;
- }
-
ctx = BN_CTX_new();
if (ctx == NULL)
goto err;
-
+ redo:
if ((dsa->kinv == NULL) || (dsa->r == NULL)) {
if (!DSA_sign_setup(dsa, ctx, &kinv, &r))
goto err;
@@ -170,8 +163,16 @@
dsa->kinv = NULL;
r = dsa->r;
dsa->r = NULL;
+ noredo = 1;
}
+ if (dlen > BN_num_bytes(dsa->q))
+ /*
+ * if the digest length is greater than the size of q use the
+ * BN_num_bits(dsa->q) leftmost bits of the digest, see fips 186-3,
+ * 4.2
+ */
+ dlen = BN_num_bytes(dsa->q);
if (BN_bin2bn(dgst, dlen, &m) == NULL)
goto err;
@@ -189,6 +190,17 @@
ret = DSA_SIG_new();
if (ret == NULL)
goto err;
+ /*
+ * Redo if r or s is zero as required by FIPS 186-3: this is very
+ * unlikely.
+ */
+ if (BN_is_zero(r) || BN_is_zero(s)) {
+ if (noredo) {
+ reason = DSA_R_NEED_NEW_SETUP_VALUES;
+ goto err;
+ }
+ goto redo;
+ }
ret->r = r;
ret->s = s;
@@ -290,15 +302,11 @@
err:
if (!ret) {
DSAerr(DSA_F_DSA_SIGN_SETUP, ERR_R_BN_LIB);
- if (kinv != NULL)
- BN_clear_free(kinv);
if (r != NULL)
BN_clear_free(r);
}
if (ctx_in == NULL)
BN_CTX_free(ctx);
- if (kinv != NULL)
- BN_clear_free(kinv);
BN_clear_free(&k);
BN_clear_free(&kq);
return (ret);
@@ -310,13 +318,15 @@
BN_CTX *ctx;
BIGNUM u1, u2, t1;
BN_MONT_CTX *mont = NULL;
- int ret = -1;
+ int ret = -1, i;
if (!dsa->p || !dsa->q || !dsa->g) {
DSAerr(DSA_F_DSA_DO_VERIFY, DSA_R_MISSING_PARAMETERS);
return -1;
}
- if (BN_num_bits(dsa->q) != 160) {
+ i = BN_num_bits(dsa->q);
+ /* fips 186-3 allows only different sizes for q */
+ if (i != 160 && i != 224 && i != 256) {
DSAerr(DSA_F_DSA_DO_VERIFY, DSA_R_BAD_Q_VALUE);
return -1;
}
@@ -325,7 +335,6 @@
DSAerr(DSA_F_DSA_DO_VERIFY, DSA_R_MODULUS_TOO_LARGE);
return -1;
}
-
BN_init(&u1);
BN_init(&u2);
BN_init(&t1);
@@ -351,6 +360,13 @@
goto err;
/* save M in u1 */
+ if (dgst_len > (i >> 3))
+ /*
+ * if the digest length is greater than the size of q use the
+ * BN_num_bits(dsa->q) leftmost bits of the digest, see fips 186-3,
+ * 4.2
+ */
+ dgst_len = (i >> 3);
if (BN_bin2bn(dgst, dgst_len, &u1) == NULL)
goto err;
@@ -408,5 +424,3 @@
BN_MONT_CTX_free(dsa->method_mont_p);
return (1);
}
-
-#endif
Copied: trunk/crypto/openssl/crypto/dsa/dsa_pmeth.c (from rev 7117, vendor-crypto/openssl/dist/crypto/dsa/dsa_pmeth.c)
===================================================================
--- trunk/crypto/openssl/crypto/dsa/dsa_pmeth.c (rev 0)
+++ trunk/crypto/openssl/crypto/dsa/dsa_pmeth.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,308 @@
+/*
+ * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+ * 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/x509.h>
+#include <openssl/evp.h>
+#include <openssl/bn.h>
+#include "evp_locl.h"
+#include "dsa_locl.h"
+
+/* DSA pkey context structure */
+
+typedef struct {
+ /* Parameter gen parameters */
+ int nbits; /* size of p in bits (default: 1024) */
+ int qbits; /* size of q in bits (default: 160) */
+ const EVP_MD *pmd; /* MD for parameter generation */
+ /* Keygen callback info */
+ int gentmp[2];
+ /* message digest */
+ const EVP_MD *md; /* MD for the signature */
+} DSA_PKEY_CTX;
+
+static int pkey_dsa_init(EVP_PKEY_CTX *ctx)
+{
+ DSA_PKEY_CTX *dctx;
+ dctx = OPENSSL_malloc(sizeof(DSA_PKEY_CTX));
+ if (!dctx)
+ return 0;
+ dctx->nbits = 1024;
+ dctx->qbits = 160;
+ dctx->pmd = NULL;
+ dctx->md = NULL;
+
+ ctx->data = dctx;
+ ctx->keygen_info = dctx->gentmp;
+ ctx->keygen_info_count = 2;
+
+ return 1;
+}
+
+static int pkey_dsa_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
+{
+ DSA_PKEY_CTX *dctx, *sctx;
+ if (!pkey_dsa_init(dst))
+ return 0;
+ sctx = src->data;
+ dctx = dst->data;
+ dctx->nbits = sctx->nbits;
+ dctx->qbits = sctx->qbits;
+ dctx->pmd = sctx->pmd;
+ dctx->md = sctx->md;
+ return 1;
+}
+
+static void pkey_dsa_cleanup(EVP_PKEY_CTX *ctx)
+{
+ DSA_PKEY_CTX *dctx = ctx->data;
+ if (dctx)
+ OPENSSL_free(dctx);
+}
+
+static int pkey_dsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig,
+ size_t *siglen, const unsigned char *tbs,
+ size_t tbslen)
+{
+ int ret, type;
+ unsigned int sltmp;
+ DSA_PKEY_CTX *dctx = ctx->data;
+ DSA *dsa = ctx->pkey->pkey.dsa;
+
+ if (dctx->md)
+ type = EVP_MD_type(dctx->md);
+ else
+ type = NID_sha1;
+
+ ret = DSA_sign(type, tbs, tbslen, sig, &sltmp, dsa);
+
+ if (ret <= 0)
+ return ret;
+ *siglen = sltmp;
+ return 1;
+}
+
+static int pkey_dsa_verify(EVP_PKEY_CTX *ctx,
+ const unsigned char *sig, size_t siglen,
+ const unsigned char *tbs, size_t tbslen)
+{
+ int ret, type;
+ DSA_PKEY_CTX *dctx = ctx->data;
+ DSA *dsa = ctx->pkey->pkey.dsa;
+
+ if (dctx->md)
+ type = EVP_MD_type(dctx->md);
+ else
+ type = NID_sha1;
+
+ ret = DSA_verify(type, tbs, tbslen, sig, siglen, dsa);
+
+ return ret;
+}
+
+static int pkey_dsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
+{
+ DSA_PKEY_CTX *dctx = ctx->data;
+ switch (type) {
+ case EVP_PKEY_CTRL_DSA_PARAMGEN_BITS:
+ if (p1 < 256)
+ return -2;
+ dctx->nbits = p1;
+ return 1;
+
+ case EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS:
+ if (p1 != 160 && p1 != 224 && p1 && p1 != 256)
+ return -2;
+ dctx->qbits = p1;
+ return 1;
+
+ case EVP_PKEY_CTRL_DSA_PARAMGEN_MD:
+ if (EVP_MD_type((const EVP_MD *)p2) != NID_sha1 &&
+ EVP_MD_type((const EVP_MD *)p2) != NID_sha224 &&
+ EVP_MD_type((const EVP_MD *)p2) != NID_sha256) {
+ DSAerr(DSA_F_PKEY_DSA_CTRL, DSA_R_INVALID_DIGEST_TYPE);
+ return 0;
+ }
+ dctx->md = p2;
+ return 1;
+
+ case EVP_PKEY_CTRL_MD:
+ if (EVP_MD_type((const EVP_MD *)p2) != NID_sha1 &&
+ EVP_MD_type((const EVP_MD *)p2) != NID_dsa &&
+ EVP_MD_type((const EVP_MD *)p2) != NID_dsaWithSHA &&
+ EVP_MD_type((const EVP_MD *)p2) != NID_sha224 &&
+ EVP_MD_type((const EVP_MD *)p2) != NID_sha256 &&
+ EVP_MD_type((const EVP_MD *)p2) != NID_sha384 &&
+ EVP_MD_type((const EVP_MD *)p2) != NID_sha512) {
+ DSAerr(DSA_F_PKEY_DSA_CTRL, DSA_R_INVALID_DIGEST_TYPE);
+ return 0;
+ }
+ dctx->md = p2;
+ return 1;
+
+ case EVP_PKEY_CTRL_DIGESTINIT:
+ case EVP_PKEY_CTRL_PKCS7_SIGN:
+ case EVP_PKEY_CTRL_CMS_SIGN:
+ return 1;
+
+ case EVP_PKEY_CTRL_PEER_KEY:
+ DSAerr(DSA_F_PKEY_DSA_CTRL,
+ EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+ return -2;
+ default:
+ return -2;
+
+ }
+}
+
+static int pkey_dsa_ctrl_str(EVP_PKEY_CTX *ctx,
+ const char *type, const char *value)
+{
+ if (!strcmp(type, "dsa_paramgen_bits")) {
+ int nbits;
+ nbits = atoi(value);
+ return EVP_PKEY_CTX_set_dsa_paramgen_bits(ctx, nbits);
+ }
+ if (!strcmp(type, "dsa_paramgen_q_bits")) {
+ int qbits = atoi(value);
+ return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN,
+ EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS, qbits,
+ NULL);
+ }
+ if (!strcmp(type, "dsa_paramgen_md")) {
+ return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN,
+ EVP_PKEY_CTRL_DSA_PARAMGEN_MD, 0,
+ (void *)EVP_get_digestbyname(value));
+ }
+ return -2;
+}
+
+static int pkey_dsa_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
+{
+ DSA *dsa = NULL;
+ DSA_PKEY_CTX *dctx = ctx->data;
+ BN_GENCB *pcb, cb;
+ int ret;
+ if (ctx->pkey_gencb) {
+ pcb = &cb;
+ evp_pkey_set_cb_translate(pcb, ctx);
+ } else
+ pcb = NULL;
+ dsa = DSA_new();
+ if (!dsa)
+ return 0;
+ ret = dsa_builtin_paramgen(dsa, dctx->nbits, dctx->qbits, dctx->pmd,
+ NULL, 0, NULL, NULL, NULL, pcb);
+ if (ret)
+ EVP_PKEY_assign_DSA(pkey, dsa);
+ else
+ DSA_free(dsa);
+ return ret;
+}
+
+static int pkey_dsa_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
+{
+ DSA *dsa = NULL;
+ if (ctx->pkey == NULL) {
+ DSAerr(DSA_F_PKEY_DSA_KEYGEN, DSA_R_NO_PARAMETERS_SET);
+ return 0;
+ }
+ dsa = DSA_new();
+ if (!dsa)
+ return 0;
+ EVP_PKEY_assign_DSA(pkey, dsa);
+ /* Note: if error return, pkey is freed by parent routine */
+ if (!EVP_PKEY_copy_parameters(pkey, ctx->pkey))
+ return 0;
+ return DSA_generate_key(pkey->pkey.dsa);
+}
+
+const EVP_PKEY_METHOD dsa_pkey_meth = {
+ EVP_PKEY_DSA,
+ EVP_PKEY_FLAG_AUTOARGLEN,
+ pkey_dsa_init,
+ pkey_dsa_copy,
+ pkey_dsa_cleanup,
+
+ 0,
+ pkey_dsa_paramgen,
+
+ 0,
+ pkey_dsa_keygen,
+
+ 0,
+ pkey_dsa_sign,
+
+ 0,
+ pkey_dsa_verify,
+
+ 0, 0,
+
+ 0, 0, 0, 0,
+
+ 0, 0,
+
+ 0, 0,
+
+ 0, 0,
+
+ pkey_dsa_ctrl,
+ pkey_dsa_ctrl_str
+};
Copied: trunk/crypto/openssl/crypto/dsa/dsa_prn.c (from rev 7117, vendor-crypto/openssl/dist/crypto/dsa/dsa_prn.c)
===================================================================
--- trunk/crypto/openssl/crypto/dsa/dsa_prn.c (rev 0)
+++ trunk/crypto/openssl/crypto/dsa/dsa_prn.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,119 @@
+/* crypto/dsa/dsa_prn.c */
+/*
+ * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+ * 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/evp.h>
+#include <openssl/dsa.h>
+
+#ifndef OPENSSL_NO_FP_API
+int DSA_print_fp(FILE *fp, const DSA *x, int off)
+{
+ BIO *b;
+ int ret;
+
+ if ((b = BIO_new(BIO_s_file())) == NULL) {
+ DSAerr(DSA_F_DSA_PRINT_FP, ERR_R_BUF_LIB);
+ return (0);
+ }
+ BIO_set_fp(b, fp, BIO_NOCLOSE);
+ ret = DSA_print(b, x, off);
+ BIO_free(b);
+ return (ret);
+}
+
+int DSAparams_print_fp(FILE *fp, const DSA *x)
+{
+ BIO *b;
+ int ret;
+
+ if ((b = BIO_new(BIO_s_file())) == NULL) {
+ DSAerr(DSA_F_DSAPARAMS_PRINT_FP, ERR_R_BUF_LIB);
+ return (0);
+ }
+ BIO_set_fp(b, fp, BIO_NOCLOSE);
+ ret = DSAparams_print(b, x);
+ BIO_free(b);
+ return (ret);
+}
+#endif
+
+int DSA_print(BIO *bp, const DSA *x, int off)
+{
+ EVP_PKEY *pk;
+ int ret;
+ pk = EVP_PKEY_new();
+ if (!pk || !EVP_PKEY_set1_DSA(pk, (DSA *)x))
+ return 0;
+ ret = EVP_PKEY_print_private(bp, pk, off, NULL);
+ EVP_PKEY_free(pk);
+ return ret;
+}
+
+int DSAparams_print(BIO *bp, const DSA *x)
+{
+ EVP_PKEY *pk;
+ int ret;
+ pk = EVP_PKEY_new();
+ if (!pk || !EVP_PKEY_set1_DSA(pk, (DSA *)x))
+ return 0;
+ ret = EVP_PKEY_print_params(bp, pk, 4, NULL);
+ EVP_PKEY_free(pk);
+ return ret;
+}
Modified: trunk/crypto/openssl/crypto/dsa/dsa_sign.c
===================================================================
--- trunk/crypto/openssl/crypto/dsa/dsa_sign.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/dsa/dsa_sign.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -58,21 +58,17 @@
/* Original version from Steven Schoch <schoch at sheba.arc.nasa.gov> */
-#include <stdio.h>
#include "cryptlib.h"
-#include <openssl/bn.h>
#include <openssl/dsa.h>
#include <openssl/rand.h>
-#include <openssl/asn1.h>
-#ifdef OPENSSL_FIPS
-# include <openssl/fips.h>
-#endif
+#include <openssl/bn.h>
DSA_SIG *DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
{
#ifdef OPENSSL_FIPS
- if (FIPS_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW)) {
- DSAerr(DSA_F_DSA_DO_SIGN, DSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE);
+ if (FIPS_mode() && !(dsa->meth->flags & DSA_FLAG_FIPS_METHOD)
+ && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW)) {
+ DSAerr(DSA_F_DSA_DO_SIGN, DSA_R_NON_FIPS_DSA_METHOD);
return NULL;
}
#endif
@@ -82,11 +78,33 @@
int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
{
#ifdef OPENSSL_FIPS
- if (FIPS_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW)) {
- DSAerr(DSA_F_DSA_SIGN_SETUP,
- DSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE);
+ if (FIPS_mode() && !(dsa->meth->flags & DSA_FLAG_FIPS_METHOD)
+ && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW)) {
+ DSAerr(DSA_F_DSA_SIGN_SETUP, DSA_R_NON_FIPS_DSA_METHOD);
return 0;
}
#endif
return dsa->meth->dsa_sign_setup(dsa, ctx_in, kinvp, rp);
}
+
+DSA_SIG *DSA_SIG_new(void)
+{
+ DSA_SIG *sig;
+ sig = OPENSSL_malloc(sizeof(DSA_SIG));
+ if (!sig)
+ return NULL;
+ sig->r = NULL;
+ sig->s = NULL;
+ return sig;
+}
+
+void DSA_SIG_free(DSA_SIG *sig)
+{
+ if (sig) {
+ if (sig->r)
+ BN_free(sig->r);
+ if (sig->s)
+ BN_free(sig->s);
+ OPENSSL_free(sig);
+ }
+}
Deleted: trunk/crypto/openssl/crypto/dsa/dsa_utl.c
===================================================================
--- trunk/crypto/openssl/crypto/dsa/dsa_utl.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/dsa/dsa_utl.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,93 +0,0 @@
-/* crypto/dsa/dsa_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay at cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh at cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay at cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* Original version from Steven Schoch <schoch at sheba.arc.nasa.gov> */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/dsa.h>
-#include <openssl/asn1.h>
-#ifndef OPENSSL_NO_ENGINE
-# include <openssl/engine.h>
-#endif
-#ifndef OPENSSL_NO_DH
-# include <openssl/dh.h>
-#endif
-
-DSA_SIG *DSA_SIG_new(void)
-{
- DSA_SIG *sig;
- sig = OPENSSL_malloc(sizeof(DSA_SIG));
- if (!sig)
- return NULL;
- sig->r = NULL;
- sig->s = NULL;
- return sig;
-}
-
-void DSA_SIG_free(DSA_SIG *sig)
-{
- if (sig) {
- if (sig->r)
- BN_free(sig->r);
- if (sig->s)
- BN_free(sig->s);
- OPENSSL_free(sig);
- }
-}
Modified: trunk/crypto/openssl/crypto/dsa/dsa_vrf.c
===================================================================
--- trunk/crypto/openssl/crypto/dsa/dsa_vrf.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/dsa/dsa_vrf.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -58,25 +58,17 @@
/* Original version from Steven Schoch <schoch at sheba.arc.nasa.gov> */
-#include <stdio.h>
#include "cryptlib.h"
-#include <openssl/bn.h>
#include <openssl/dsa.h>
-#include <openssl/rand.h>
-#include <openssl/asn1.h>
-#ifdef OPENSSL_FIPS
-# include <openssl/fips.h>
-#endif
-#include <openssl/asn1_mac.h>
-
int DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
DSA *dsa)
{
#ifdef OPENSSL_FIPS
- if (FIPS_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW)) {
- DSAerr(DSA_F_DSA_DO_VERIFY, DSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE);
- return 0;
+ if (FIPS_mode() && !(dsa->meth->flags & DSA_FLAG_FIPS_METHOD)
+ && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW)) {
+ DSAerr(DSA_F_DSA_DO_VERIFY, DSA_R_NON_FIPS_DSA_METHOD);
+ return -1;
}
#endif
return dsa->meth->dsa_do_verify(dgst, dgst_len, sig, dsa);
Modified: trunk/crypto/openssl/crypto/dsa/dsatest.c
===================================================================
--- trunk/crypto/openssl/crypto/dsa/dsatest.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/dsa/dsatest.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -175,8 +175,6 @@
}
BIO_printf(bio_err, "\ncounter=%d h=%ld\n", counter, h);
- if (dsa == NULL)
- goto end;
DSA_print(bio_err, dsa, 0);
if (counter != 105) {
BIO_printf(bio_err, "counter should be 105\n");
@@ -226,7 +224,7 @@
if (dsa != NULL)
DSA_free(dsa);
CRYPTO_cleanup_all_ex_data();
- ERR_remove_state(0);
+ ERR_remove_thread_state(NULL);
ERR_free_strings();
CRYPTO_mem_leaks(bio_err);
if (bio_err != NULL) {
Modified: trunk/crypto/openssl/crypto/dso/Makefile
===================================================================
--- trunk/crypto/openssl/crypto/dso/Makefile 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/dso/Makefile 2015-07-21 23:23:45 UTC (rev 7118)
@@ -18,9 +18,9 @@
LIB=$(TOP)/libcrypto.a
LIBSRC= dso_dl.c dso_dlfcn.c dso_err.c dso_lib.c dso_null.c \
- dso_openssl.c dso_win32.c dso_vms.c
+ dso_openssl.c dso_win32.c dso_vms.c dso_beos.c
LIBOBJ= dso_dl.o dso_dlfcn.o dso_err.o dso_lib.o dso_null.o \
- dso_openssl.o dso_win32.o dso_vms.o
+ dso_openssl.o dso_win32.o dso_vms.o dso_beos.o
SRC= $(LIBSRC)
@@ -35,7 +35,7 @@
all: lib
lib: $(LIBOBJ)
- $(ARX) $(LIB) $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
@@ -63,6 +63,8 @@
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
+update: depend
+
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
@@ -76,6 +78,14 @@
# DO NOT DELETE THIS LINE -- make depend depends on it.
+dso_beos.o: ../../e_os.h ../../include/openssl/bio.h
+dso_beos.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dso_beos.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+dso_beos.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dso_beos.o: ../../include/openssl/opensslconf.h
+dso_beos.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dso_beos.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+dso_beos.o: ../../include/openssl/symhacks.h ../cryptlib.h dso_beos.c
dso_dl.o: ../../e_os.h ../../include/openssl/bio.h
dso_dl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
dso_dl.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
Modified: trunk/crypto/openssl/crypto/dso/dso.h
===================================================================
--- trunk/crypto/openssl/crypto/dso/dso.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/dso/dso.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -182,6 +182,10 @@
/* [De]Initialisation handlers. */
int (*init) (DSO *dso);
int (*finish) (DSO *dso);
+ /* Return pathname of the module containing location */
+ int (*pathbyaddr) (void *addr, char *path, int sz);
+ /* Perform global symbol lookup, i.e. among *all* modules */
+ void *(*globallookup) (const char *symname);
} DSO_METHOD;
/**********************************************************************/
@@ -195,7 +199,7 @@
* handler. All in all, let each method control its own destiny.
* "Handles" and such go in a STACK.
*/
- STACK *meth_data;
+ STACK_OF(void) *meth_data;
int references;
int flags;
/*
@@ -337,6 +341,31 @@
/* If VMS is defined, use shared images. If not, return NULL. */
DSO_METHOD *DSO_METHOD_vms(void);
+/*
+ * This function writes null-terminated pathname of DSO module containing
+ * 'addr' into 'sz' large caller-provided 'path' and returns the number of
+ * characters [including trailing zero] written to it. If 'sz' is 0 or
+ * negative, 'path' is ignored and required amount of charachers [including
+ * trailing zero] to accomodate pathname is returned. If 'addr' is NULL, then
+ * pathname of cryptolib itself is returned. Negative or zero return value
+ * denotes error.
+ */
+int DSO_pathbyaddr(void *addr, char *path, int sz);
+
+/*
+ * This function should be used with caution! It looks up symbols in *all*
+ * loaded modules and if module gets unloaded by somebody else attempt to
+ * dereference the pointer is doomed to have fatal consequences. Primary
+ * usage for this function is to probe *core* system functionality, e.g.
+ * check if getnameinfo(3) is available at run-time without bothering about
+ * OS-specific details such as libc.so.versioning or where does it actually
+ * reside: in libc itself or libsocket.
+ */
+void *DSO_global_lookup(const char *name);
+
+/* If BeOS is defined, use shared images. If not, return NULL. */
+DSO_METHOD *DSO_METHOD_beos(void);
+
/* BEGIN ERROR CODES */
/*
* The following lines are auto generated by the script mkerr.pl. Any changes
@@ -347,6 +376,11 @@
/* Error codes for the DSO functions. */
/* Function codes. */
+# define DSO_F_BEOS_BIND_FUNC 144
+# define DSO_F_BEOS_BIND_VAR 145
+# define DSO_F_BEOS_LOAD 146
+# define DSO_F_BEOS_NAME_CONVERTER 147
+# define DSO_F_BEOS_UNLOAD 148
# define DSO_F_DLFCN_BIND_FUNC 100
# define DSO_F_DLFCN_BIND_VAR 101
# define DSO_F_DLFCN_LOAD 102
@@ -366,12 +400,16 @@
# define DSO_F_DSO_FREE 111
# define DSO_F_DSO_GET_FILENAME 127
# define DSO_F_DSO_GET_LOADED_FILENAME 128
+# define DSO_F_DSO_GLOBAL_LOOKUP 139
# define DSO_F_DSO_LOAD 112
# define DSO_F_DSO_MERGE 132
# define DSO_F_DSO_NEW_METHOD 113
+# define DSO_F_DSO_PATHBYADDR 140
# define DSO_F_DSO_SET_FILENAME 129
# define DSO_F_DSO_SET_NAME_CONVERTER 122
# define DSO_F_DSO_UP_REF 114
+# define DSO_F_GLOBAL_LOOKUP_FUNC 138
+# define DSO_F_PATHBYADDR 137
# define DSO_F_VMS_BIND_SYM 115
# define DSO_F_VMS_LOAD 116
# define DSO_F_VMS_MERGER 133
@@ -378,10 +416,13 @@
# define DSO_F_VMS_UNLOAD 117
# define DSO_F_WIN32_BIND_FUNC 118
# define DSO_F_WIN32_BIND_VAR 119
+# define DSO_F_WIN32_GLOBALLOOKUP 142
+# define DSO_F_WIN32_GLOBALLOOKUP_FUNC 143
# define DSO_F_WIN32_JOINER 135
# define DSO_F_WIN32_LOAD 120
# define DSO_F_WIN32_MERGER 134
# define DSO_F_WIN32_NAME_CONVERTER 125
+# define DSO_F_WIN32_PATHBYADDR 141
# define DSO_F_WIN32_SPLITTER 136
# define DSO_F_WIN32_UNLOAD 121
Copied: trunk/crypto/openssl/crypto/dso/dso_beos.c (from rev 7117, vendor-crypto/openssl/dist/crypto/dso/dso_beos.c)
===================================================================
--- trunk/crypto/openssl/crypto/dso/dso_beos.c (rev 0)
+++ trunk/crypto/openssl/crypto/dso/dso_beos.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,253 @@
+/* dso_beos.c */
+/*
+ * Written by Marcin Konicki (ahwayakchih at neoni.net) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include "cryptlib.h"
+#include <openssl/dso.h>
+
+#if !defined(OPENSSL_SYS_BEOS)
+DSO_METHOD *DSO_METHOD_beos(void)
+{
+ return NULL;
+}
+#else
+
+# include <kernel/image.h>
+
+static int beos_load(DSO *dso);
+static int beos_unload(DSO *dso);
+static void *beos_bind_var(DSO *dso, const char *symname);
+static DSO_FUNC_TYPE beos_bind_func(DSO *dso, const char *symname);
+# if 0
+static int beos_unbind_var(DSO *dso, char *symname, void *symptr);
+static int beos_unbind_func(DSO *dso, char *symname, DSO_FUNC_TYPE symptr);
+static int beos_init(DSO *dso);
+static int beos_finish(DSO *dso);
+static long beos_ctrl(DSO *dso, int cmd, long larg, void *parg);
+# endif
+static char *beos_name_converter(DSO *dso, const char *filename);
+
+static DSO_METHOD dso_meth_beos = {
+ "OpenSSL 'beos' shared library method",
+ beos_load,
+ beos_unload,
+ beos_bind_var,
+ beos_bind_func,
+/* For now, "unbind" doesn't exist */
+# if 0
+ NULL, /* unbind_var */
+ NULL, /* unbind_func */
+# endif
+ NULL, /* ctrl */
+ beos_name_converter,
+ NULL, /* init */
+ NULL /* finish */
+};
+
+DSO_METHOD *DSO_METHOD_beos(void)
+{
+ return (&dso_meth_beos);
+}
+
+/*
+ * For this DSO_METHOD, our meth_data STACK will contain; (i) a pointer to
+ * the handle (image_id) returned from load_add_on().
+ */
+
+static int beos_load(DSO *dso)
+{
+ image_id id;
+ /* See applicable comments from dso_dl.c */
+ char *filename = DSO_convert_filename(dso, NULL);
+
+ if (filename == NULL) {
+ DSOerr(DSO_F_BEOS_LOAD, DSO_R_NO_FILENAME);
+ goto err;
+ }
+ id = load_add_on(filename);
+ if (id < 1) {
+ DSOerr(DSO_F_BEOS_LOAD, DSO_R_LOAD_FAILED);
+ ERR_add_error_data(3, "filename(", filename, ")");
+ goto err;
+ }
+ if (!sk_push(dso->meth_data, (char *)id)) {
+ DSOerr(DSO_F_BEOS_LOAD, DSO_R_STACK_ERROR);
+ goto err;
+ }
+ /* Success */
+ dso->loaded_filename = filename;
+ return (1);
+ err:
+ /* Cleanup ! */
+ if (filename != NULL)
+ OPENSSL_free(filename);
+ if (id > 0)
+ unload_add_on(id);
+ return (0);
+}
+
+static int beos_unload(DSO *dso)
+{
+ image_id id;
+ if (dso == NULL) {
+ DSOerr(DSO_F_BEOS_UNLOAD, ERR_R_PASSED_NULL_PARAMETER);
+ return (0);
+ }
+ if (sk_num(dso->meth_data) < 1)
+ return (1);
+ id = (image_id) sk_pop(dso->meth_data);
+ if (id < 1) {
+ DSOerr(DSO_F_BEOS_UNLOAD, DSO_R_NULL_HANDLE);
+ return (0);
+ }
+ if (unload_add_on(id) != B_OK) {
+ DSOerr(DSO_F_BEOS_UNLOAD, DSO_R_UNLOAD_FAILED);
+ /*
+ * We should push the value back onto the stack in case of a retry.
+ */
+ sk_push(dso->meth_data, (char *)id);
+ return (0);
+ }
+ return (1);
+}
+
+static void *beos_bind_var(DSO *dso, const char *symname)
+{
+ image_id id;
+ void *sym;
+
+ if ((dso == NULL) || (symname == NULL)) {
+ DSOerr(DSO_F_BEOS_BIND_VAR, ERR_R_PASSED_NULL_PARAMETER);
+ return (NULL);
+ }
+ if (sk_num(dso->meth_data) < 1) {
+ DSOerr(DSO_F_BEOS_BIND_VAR, DSO_R_STACK_ERROR);
+ return (NULL);
+ }
+ id = (image_id) sk_value(dso->meth_data, sk_num(dso->meth_data) - 1);
+ if (id < 1) {
+ DSOerr(DSO_F_BEOS_BIND_VAR, DSO_R_NULL_HANDLE);
+ return (NULL);
+ }
+ if (get_image_symbol(id, symname, B_SYMBOL_TYPE_DATA, &sym) != B_OK) {
+ DSOerr(DSO_F_BEOS_BIND_VAR, DSO_R_SYM_FAILURE);
+ ERR_add_error_data(3, "symname(", symname, ")");
+ return (NULL);
+ }
+ return (sym);
+}
+
+static DSO_FUNC_TYPE beos_bind_func(DSO *dso, const char *symname)
+{
+ image_id id;
+ void *sym;
+
+ if ((dso == NULL) || (symname == NULL)) {
+ DSOerr(DSO_F_BEOS_BIND_FUNC, ERR_R_PASSED_NULL_PARAMETER);
+ return (NULL);
+ }
+ if (sk_num(dso->meth_data) < 1) {
+ DSOerr(DSO_F_BEOS_BIND_FUNC, DSO_R_STACK_ERROR);
+ return (NULL);
+ }
+ id = (image_id) sk_value(dso->meth_data, sk_num(dso->meth_data) - 1);
+ if (id < 1) {
+ DSOerr(DSO_F_BEOS_BIND_FUNC, DSO_R_NULL_HANDLE);
+ return (NULL);
+ }
+ if (get_image_symbol(id, symname, B_SYMBOL_TYPE_TEXT, &sym) != B_OK) {
+ DSOerr(DSO_F_BEOS_BIND_FUNC, DSO_R_SYM_FAILURE);
+ ERR_add_error_data(3, "symname(", symname, ")");
+ return (NULL);
+ }
+ return ((DSO_FUNC_TYPE)sym);
+}
+
+/* This one is the same as the one in dlfcn */
+static char *beos_name_converter(DSO *dso, const char *filename)
+{
+ char *translated;
+ int len, rsize, transform;
+
+ len = strlen(filename);
+ rsize = len + 1;
+ transform = (strstr(filename, "/") == NULL);
+ if (transform) {
+ /* We will convert this to "%s.so" or "lib%s.so" */
+ rsize += 3; /* The length of ".so" */
+ if ((DSO_flags(dso) & DSO_FLAG_NAME_TRANSLATION_EXT_ONLY) == 0)
+ rsize += 3; /* The length of "lib" */
+ }
+ translated = OPENSSL_malloc(rsize);
+ if (translated == NULL) {
+ DSOerr(DSO_F_BEOS_NAME_CONVERTER, DSO_R_NAME_TRANSLATION_FAILED);
+ return (NULL);
+ }
+ if (transform) {
+ if ((DSO_flags(dso) & DSO_FLAG_NAME_TRANSLATION_EXT_ONLY) == 0)
+ sprintf(translated, "lib%s.so", filename);
+ else
+ sprintf(translated, "%s.so", filename);
+ } else
+ sprintf(translated, "%s", filename);
+ return (translated);
+}
+
+#endif
Modified: trunk/crypto/openssl/crypto/dso/dso_dl.c
===================================================================
--- trunk/crypto/openssl/crypto/dso/dso_dl.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/dso/dso_dl.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -87,6 +87,8 @@
static char *dl_name_converter(DSO *dso, const char *filename);
static char *dl_merger(DSO *dso, const char *filespec1,
const char *filespec2);
+static int dl_pathbyaddr(void *addr, char *path, int sz);
+static void *dl_globallookup(const char *name);
static DSO_METHOD dso_meth_dl = {
"OpenSSL 'dl' shared library method",
@@ -103,7 +105,9 @@
dl_name_converter,
dl_merger,
NULL, /* init */
- NULL /* finish */
+ NULL, /* finish */
+ dl_pathbyaddr,
+ dl_globallookup
};
DSO_METHOD *DSO_METHOD_dl(void)
@@ -334,4 +338,43 @@
return (translated);
}
+static int dl_pathbyaddr(void *addr, char *path, int sz)
+{
+ struct shl_descriptor inf;
+ int i, len;
+
+ if (addr == NULL) {
+ union {
+ int (*f) (void *, char *, int);
+ void *p;
+ } t = {
+ dl_pathbyaddr
+ };
+ addr = t.p;
+ }
+
+ for (i = -1; shl_get_r(i, &inf) == 0; i++) {
+ if (((size_t)addr >= inf.tstart && (size_t)addr < inf.tend) ||
+ ((size_t)addr >= inf.dstart && (size_t)addr < inf.dend)) {
+ len = (int)strlen(inf.filename);
+ if (sz <= 0)
+ return len + 1;
+ if (len >= sz)
+ len = sz - 1;
+ memcpy(path, inf.filename, len);
+ path[len++] = 0;
+ return len;
+ }
+ }
+
+ return -1;
+}
+
+static void *dl_globallookup(const char *name)
+{
+ void *ret;
+ shl_t h = NULL;
+
+ return shl_findsym(&h, name, TYPE_UNDEFINED, &ret) ? NULL : ret;
+}
#endif /* DSO_DL */
Modified: trunk/crypto/openssl/crypto/dso/dso_dlfcn.c
===================================================================
--- trunk/crypto/openssl/crypto/dso/dso_dlfcn.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/dso/dso_dlfcn.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -57,6 +57,15 @@
*
*/
+/*
+ * We need to do this early, because stdio.h includes the header files that
+ * handle _GNU_SOURCE and other similar macros. Defining it later is simply
+ * too late, because those headers are protected from re- inclusion.
+ */
+#ifndef _GNU_SOURCE
+# define _GNU_SOURCE /* make sure dladdr is declared */
+#endif
+
#include <stdio.h>
#include "cryptlib.h"
#include <openssl/dso.h>
@@ -69,7 +78,18 @@
#else
# ifdef HAVE_DLFCN_H
+# ifdef __osf__
+# define __EXTENSIONS__
+# endif
# include <dlfcn.h>
+# define HAVE_DLINFO 1
+# if defined(_AIX) || defined(__CYGWIN__) || \
+ defined(__SCO_VERSION__) || defined(_SCO_ELF) || \
+ (defined(__osf__) && !defined(RTLD_NEXT)) || \
+ (defined(__OpenBSD__) && !defined(RTLD_SELF)) || \
+ defined(__ANDROID__)
+# undef HAVE_DLINFO
+# endif
# endif
/* Part of the hack in "dlfcn_load" ... */
@@ -88,6 +108,8 @@
static char *dlfcn_name_converter(DSO *dso, const char *filename);
static char *dlfcn_merger(DSO *dso, const char *filespec1,
const char *filespec2);
+static int dlfcn_pathbyaddr(void *addr, char *path, int sz);
+static void *dlfcn_globallookup(const char *name);
static DSO_METHOD dso_meth_dlfcn = {
"OpenSSL 'dlfcn' shared library method",
@@ -104,7 +126,9 @@
dlfcn_name_converter,
dlfcn_merger,
NULL, /* init */
- NULL /* finish */
+ NULL, /* finish */
+ dlfcn_pathbyaddr,
+ dlfcn_globallookup
};
DSO_METHOD *DSO_METHOD_dlfcn(void)
@@ -164,7 +188,7 @@
ERR_add_error_data(4, "filename(", filename, "): ", dlerror());
goto err;
}
- if (!sk_push(dso->meth_data, (char *)ptr)) {
+ if (!sk_void_push(dso->meth_data, (char *)ptr)) {
DSOerr(DSO_F_DLFCN_LOAD, DSO_R_STACK_ERROR);
goto err;
}
@@ -187,15 +211,15 @@
DSOerr(DSO_F_DLFCN_UNLOAD, ERR_R_PASSED_NULL_PARAMETER);
return (0);
}
- if (sk_num(dso->meth_data) < 1)
+ if (sk_void_num(dso->meth_data) < 1)
return (1);
- ptr = (void *)sk_pop(dso->meth_data);
+ ptr = sk_void_pop(dso->meth_data);
if (ptr == NULL) {
DSOerr(DSO_F_DLFCN_UNLOAD, DSO_R_NULL_HANDLE);
/*
* Should push the value back onto the stack in case of a retry.
*/
- sk_push(dso->meth_data, (char *)ptr);
+ sk_void_push(dso->meth_data, ptr);
return (0);
}
/* For now I'm not aware of any errors associated with dlclose() */
@@ -211,11 +235,11 @@
DSOerr(DSO_F_DLFCN_BIND_VAR, ERR_R_PASSED_NULL_PARAMETER);
return (NULL);
}
- if (sk_num(dso->meth_data) < 1) {
+ if (sk_void_num(dso->meth_data) < 1) {
DSOerr(DSO_F_DLFCN_BIND_VAR, DSO_R_STACK_ERROR);
return (NULL);
}
- ptr = (void *)sk_value(dso->meth_data, sk_num(dso->meth_data) - 1);
+ ptr = sk_void_value(dso->meth_data, sk_void_num(dso->meth_data) - 1);
if (ptr == NULL) {
DSOerr(DSO_F_DLFCN_BIND_VAR, DSO_R_NULL_HANDLE);
return (NULL);
@@ -241,11 +265,11 @@
DSOerr(DSO_F_DLFCN_BIND_FUNC, ERR_R_PASSED_NULL_PARAMETER);
return (NULL);
}
- if (sk_num(dso->meth_data) < 1) {
+ if (sk_void_num(dso->meth_data) < 1) {
DSOerr(DSO_F_DLFCN_BIND_FUNC, DSO_R_STACK_ERROR);
return (NULL);
}
- ptr = (void *)sk_value(dso->meth_data, sk_num(dso->meth_data) - 1);
+ ptr = sk_void_value(dso->meth_data, sk_void_num(dso->meth_data) - 1);
if (ptr == NULL) {
DSOerr(DSO_F_DLFCN_BIND_FUNC, DSO_R_NULL_HANDLE);
return (NULL);
@@ -272,7 +296,7 @@
* If the first file specification is a rooted path, it rules. same goes
* if the second file specification is missing.
*/
- if (!filespec2 || filespec1[0] == '/') {
+ if (!filespec2 || (filespec1 != NULL && filespec1[0] == '/')) {
merged = OPENSSL_malloc(strlen(filespec1) + 1);
if (!merged) {
DSOerr(DSO_F_DLFCN_MERGER, ERR_R_MALLOC_FAILURE);
@@ -290,7 +314,7 @@
return (NULL);
}
strcpy(merged, filespec2);
- } else
+ } else {
/*
* This part isn't as trivial as it looks. It assumes that the
* second file specification really is a directory, and makes no
@@ -298,13 +322,12 @@
* concatenation of filespec2 followed by a slash followed by
* filespec1.
*/
- {
int spec2len, len;
- spec2len = (filespec2 ? strlen(filespec2) : 0);
- len = spec2len + (filespec1 ? strlen(filespec1) : 0);
+ spec2len = strlen(filespec2);
+ len = spec2len + strlen(filespec1);
- if (filespec2 && filespec2[spec2len - 1] == '/') {
+ if (spec2len && filespec2[spec2len - 1] == '/') {
spec2len--;
len--;
}
@@ -357,4 +380,86 @@
return (translated);
}
+# ifdef __sgi
+/*-
+This is a quote from IRIX manual for dladdr(3c):
+
+ <dlfcn.h> does not contain a prototype for dladdr or definition of
+ Dl_info. The #include <dlfcn.h> in the SYNOPSIS line is traditional,
+ but contains no dladdr prototype and no IRIX library contains an
+ implementation. Write your own declaration based on the code below.
+
+ The following code is dependent on internal interfaces that are not
+ part of the IRIX compatibility guarantee; however, there is no future
+ intention to change this interface, so on a practical level, the code
+ below is safe to use on IRIX.
+*/
+# include <rld_interface.h>
+# ifndef _RLD_INTERFACE_DLFCN_H_DLADDR
+# define _RLD_INTERFACE_DLFCN_H_DLADDR
+typedef struct Dl_info {
+ const char *dli_fname;
+ void *dli_fbase;
+ const char *dli_sname;
+ void *dli_saddr;
+ int dli_version;
+ int dli_reserved1;
+ long dli_reserved[4];
+} Dl_info;
+# else
+typedef struct Dl_info Dl_info;
+# endif
+# define _RLD_DLADDR 14
+
+static int dladdr(void *address, Dl_info *dl)
+{
+ void *v;
+ v = _rld_new_interface(_RLD_DLADDR, address, dl);
+ return (int)v;
+}
+# endif /* __sgi */
+
+static int dlfcn_pathbyaddr(void *addr, char *path, int sz)
+{
+# ifdef HAVE_DLINFO
+ Dl_info dli;
+ int len;
+
+ if (addr == NULL) {
+ union {
+ int (*f) (void *, char *, int);
+ void *p;
+ } t = {
+ dlfcn_pathbyaddr
+ };
+ addr = t.p;
+ }
+
+ if (dladdr(addr, &dli)) {
+ len = (int)strlen(dli.dli_fname);
+ if (sz <= 0)
+ return len + 1;
+ if (len >= sz)
+ len = sz - 1;
+ memcpy(path, dli.dli_fname, len);
+ path[len++] = 0;
+ return len;
+ }
+
+ ERR_add_error_data(2, "dlfcn_pathbyaddr(): ", dlerror());
+# endif
+ return -1;
+}
+
+static void *dlfcn_globallookup(const char *name)
+{
+ void *ret = NULL, *handle = dlopen(NULL, RTLD_LAZY);
+
+ if (handle) {
+ ret = dlsym(handle, name);
+ dlclose(handle);
+ }
+
+ return ret;
+}
#endif /* DSO_DLFCN */
Modified: trunk/crypto/openssl/crypto/dso/dso_err.c
===================================================================
--- trunk/crypto/openssl/crypto/dso/dso_err.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/dso/dso_err.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,6 +1,6 @@
/* crypto/dso/dso_err.c */
/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -70,6 +70,11 @@
# define ERR_REASON(reason) ERR_PACK(ERR_LIB_DSO,0,reason)
static ERR_STRING_DATA DSO_str_functs[] = {
+ {ERR_FUNC(DSO_F_BEOS_BIND_FUNC), "BEOS_BIND_FUNC"},
+ {ERR_FUNC(DSO_F_BEOS_BIND_VAR), "BEOS_BIND_VAR"},
+ {ERR_FUNC(DSO_F_BEOS_LOAD), "BEOS_LOAD"},
+ {ERR_FUNC(DSO_F_BEOS_NAME_CONVERTER), "BEOS_NAME_CONVERTER"},
+ {ERR_FUNC(DSO_F_BEOS_UNLOAD), "BEOS_UNLOAD"},
{ERR_FUNC(DSO_F_DLFCN_BIND_FUNC), "DLFCN_BIND_FUNC"},
{ERR_FUNC(DSO_F_DLFCN_BIND_VAR), "DLFCN_BIND_VAR"},
{ERR_FUNC(DSO_F_DLFCN_LOAD), "DLFCN_LOAD"},
@@ -89,12 +94,16 @@
{ERR_FUNC(DSO_F_DSO_FREE), "DSO_free"},
{ERR_FUNC(DSO_F_DSO_GET_FILENAME), "DSO_get_filename"},
{ERR_FUNC(DSO_F_DSO_GET_LOADED_FILENAME), "DSO_get_loaded_filename"},
+ {ERR_FUNC(DSO_F_DSO_GLOBAL_LOOKUP), "DSO_global_lookup"},
{ERR_FUNC(DSO_F_DSO_LOAD), "DSO_load"},
{ERR_FUNC(DSO_F_DSO_MERGE), "DSO_merge"},
{ERR_FUNC(DSO_F_DSO_NEW_METHOD), "DSO_new_method"},
+ {ERR_FUNC(DSO_F_DSO_PATHBYADDR), "DSO_pathbyaddr"},
{ERR_FUNC(DSO_F_DSO_SET_FILENAME), "DSO_set_filename"},
{ERR_FUNC(DSO_F_DSO_SET_NAME_CONVERTER), "DSO_set_name_converter"},
{ERR_FUNC(DSO_F_DSO_UP_REF), "DSO_up_ref"},
+ {ERR_FUNC(DSO_F_GLOBAL_LOOKUP_FUNC), "GLOBAL_LOOKUP_FUNC"},
+ {ERR_FUNC(DSO_F_PATHBYADDR), "PATHBYADDR"},
{ERR_FUNC(DSO_F_VMS_BIND_SYM), "VMS_BIND_SYM"},
{ERR_FUNC(DSO_F_VMS_LOAD), "VMS_LOAD"},
{ERR_FUNC(DSO_F_VMS_MERGER), "VMS_MERGER"},
@@ -101,10 +110,13 @@
{ERR_FUNC(DSO_F_VMS_UNLOAD), "VMS_UNLOAD"},
{ERR_FUNC(DSO_F_WIN32_BIND_FUNC), "WIN32_BIND_FUNC"},
{ERR_FUNC(DSO_F_WIN32_BIND_VAR), "WIN32_BIND_VAR"},
+ {ERR_FUNC(DSO_F_WIN32_GLOBALLOOKUP), "WIN32_GLOBALLOOKUP"},
+ {ERR_FUNC(DSO_F_WIN32_GLOBALLOOKUP_FUNC), "WIN32_GLOBALLOOKUP_FUNC"},
{ERR_FUNC(DSO_F_WIN32_JOINER), "WIN32_JOINER"},
{ERR_FUNC(DSO_F_WIN32_LOAD), "WIN32_LOAD"},
{ERR_FUNC(DSO_F_WIN32_MERGER), "WIN32_MERGER"},
{ERR_FUNC(DSO_F_WIN32_NAME_CONVERTER), "WIN32_NAME_CONVERTER"},
+ {ERR_FUNC(DSO_F_WIN32_PATHBYADDR), "WIN32_PATHBYADDR"},
{ERR_FUNC(DSO_F_WIN32_SPLITTER), "WIN32_SPLITTER"},
{ERR_FUNC(DSO_F_WIN32_UNLOAD), "WIN32_UNLOAD"},
{0, NULL}
Modified: trunk/crypto/openssl/crypto/dso/dso_lib.c
===================================================================
--- trunk/crypto/openssl/crypto/dso/dso_lib.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/dso/dso_lib.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -109,7 +109,7 @@
return (NULL);
}
memset(ret, 0, sizeof(DSO));
- ret->meth_data = sk_new_null();
+ ret->meth_data = sk_void_new_null();
if (ret->meth_data == NULL) {
/* sk_new doesn't generate any errors so we do */
DSOerr(DSO_F_DSO_NEW_METHOD, ERR_R_MALLOC_FAILURE);
@@ -160,7 +160,7 @@
return (0);
}
- sk_free(dso->meth_data);
+ sk_void_free(dso->meth_data);
if (dso->filename != NULL)
OPENSSL_free(dso->filename);
if (dso->loaded_filename != NULL)
@@ -373,12 +373,6 @@
DSOerr(DSO_F_DSO_MERGE, ERR_R_PASSED_NULL_PARAMETER);
return (NULL);
}
- if (filespec1 == NULL)
- filespec1 = dso->filename;
- if (filespec1 == NULL) {
- DSOerr(DSO_F_DSO_MERGE, DSO_R_NO_FILE_SPECIFICATION);
- return (NULL);
- }
if ((dso->flags & DSO_FLAG_NO_NAME_TRANSLATION) == 0) {
if (dso->merger != NULL)
result = dso->merger(dso, filespec1, filespec2);
@@ -427,3 +421,27 @@
}
return (dso->loaded_filename);
}
+
+int DSO_pathbyaddr(void *addr, char *path, int sz)
+{
+ DSO_METHOD *meth = default_DSO_meth;
+ if (meth == NULL)
+ meth = DSO_METHOD_openssl();
+ if (meth->pathbyaddr == NULL) {
+ DSOerr(DSO_F_DSO_PATHBYADDR, DSO_R_UNSUPPORTED);
+ return -1;
+ }
+ return (*meth->pathbyaddr) (addr, path, sz);
+}
+
+void *DSO_global_lookup(const char *name)
+{
+ DSO_METHOD *meth = default_DSO_meth;
+ if (meth == NULL)
+ meth = DSO_METHOD_openssl();
+ if (meth->globallookup == NULL) {
+ DSOerr(DSO_F_DSO_GLOBAL_LOOKUP, DSO_R_UNSUPPORTED);
+ return NULL;
+ }
+ return (*meth->globallookup) (name);
+}
Modified: trunk/crypto/openssl/crypto/dso/dso_null.c
===================================================================
--- trunk/crypto/openssl/crypto/dso/dso_null.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/dso/dso_null.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -81,7 +81,9 @@
NULL, /* dso_name_converter */
NULL, /* dso_merger */
NULL, /* init */
- NULL /* finish */
+ NULL, /* finish */
+ NULL, /* pathbyaddr */
+ NULL /* globallookup */
};
DSO_METHOD *DSO_METHOD_null(void)
Modified: trunk/crypto/openssl/crypto/dso/dso_openssl.c
===================================================================
--- trunk/crypto/openssl/crypto/dso/dso_openssl.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/dso/dso_openssl.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -75,6 +75,8 @@
return (DSO_METHOD_win32());
#elif defined(DSO_VMS)
return (DSO_METHOD_vms());
+#elif defined(DSO_BEOS)
+ return (DSO_METHOD_beos());
#else
return (DSO_METHOD_null());
#endif
Modified: trunk/crypto/openssl/crypto/dso/dso_vms.c
===================================================================
--- trunk/crypto/openssl/crypto/dso/dso_vms.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/dso/dso_vms.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -62,14 +62,6 @@
#include <errno.h>
#include "cryptlib.h"
#include <openssl/dso.h>
-#ifdef OPENSSL_SYS_VMS
-# pragma message disable DOLLARID
-# include <rms.h>
-# include <lib$routines.h>
-# include <stsdef.h>
-# include <descrip.h>
-# include <starlet.h>
-#endif
#ifndef OPENSSL_SYS_VMS
DSO_METHOD *DSO_METHOD_vms(void)
@@ -77,8 +69,28 @@
return NULL;
}
#else
+
# pragma message disable DOLLARID
+# include <rms.h>
+# include <lib$routines.h>
+# include <stsdef.h>
+# include <descrip.h>
+# include <starlet.h>
+# include "vms_rms.h"
+/* Some compiler options may mask the declaration of "_malloc32". */
+# if __INITIAL_POINTER_SIZE && defined _ANSI_C_SOURCE
+# if __INITIAL_POINTER_SIZE == 64
+# pragma pointer_size save
+# pragma pointer_size 32
+void *_malloc32(__size_t);
+# pragma pointer_size restore
+# endif /* __INITIAL_POINTER_SIZE == 64 */
+# endif /* __INITIAL_POINTER_SIZE && defined
+ * _ANSI_C_SOURCE */
+
+# pragma message disable DOLLARID
+
static int vms_load(DSO *dso);
static int vms_unload(DSO *dso);
static void *vms_bind_var(DSO *dso, const char *symname);
@@ -124,13 +136,13 @@
* but a name.
*/
struct dsc$descriptor_s filename_dsc;
- char filename[FILENAME_MAX + 1];
+ char filename[NAMX_MAXRSS + 1];
/*
* This contains whatever is not in filename, if needed. Normally not
* defined.
*/
struct dsc$descriptor_s imagename_dsc;
- char imagename[FILENAME_MAX + 1];
+ char imagename[NAMX_MAXRSS + 1];
} DSO_VMS_INTERNAL;
DSO_METHOD *DSO_METHOD_vms(void)
@@ -143,8 +155,24 @@
void *ptr = NULL;
/* See applicable comments in dso_dl.c */
char *filename = DSO_convert_filename(dso, NULL);
- DSO_VMS_INTERNAL *p;
+
+/* Ensure 32-bit pointer for "p", and appropriate malloc() function. */
+# if __INITIAL_POINTER_SIZE == 64
+# define DSO_MALLOC _malloc32
+# pragma pointer_size save
+# pragma pointer_size 32
+# else /* __INITIAL_POINTER_SIZE == 64 */
+# define DSO_MALLOC OPENSSL_malloc
+# endif /* __INITIAL_POINTER_SIZE == 64 [else] */
+
+ DSO_VMS_INTERNAL *p = NULL;
+
+# if __INITIAL_POINTER_SIZE == 64
+# pragma pointer_size restore
+# endif /* __INITIAL_POINTER_SIZE == 64 */
+
const char *sp1, *sp2; /* Search result */
+ const char *ext = NULL; /* possible extension to add */
if (filename == NULL) {
DSOerr(DSO_F_VMS_LOAD, DSO_R_NO_FILENAME);
@@ -187,11 +215,19 @@
/* Now, let's see if there's a type, and save the position in sp2 */
sp2 = strchr(sp1, '.');
/*
+ * If there is a period and the next character is a semi-colon,
+ * we need to add an extension
+ */
+ if (sp2 != NULL && sp2[1] == ';')
+ ext = ".EXE";
+ /*
* If we found it, that's where we'll cut. Otherwise, look for a version
* number and save the position in sp2
*/
- if (sp2 == NULL)
+ if (sp2 == NULL) {
sp2 = strchr(sp1, ';');
+ ext = ".EXE";
+ }
/*
* If there was still nothing to find, set sp2 to point at the end of the
* string
@@ -206,7 +242,7 @@
goto err;
}
- p = (DSO_VMS_INTERNAL *)OPENSSL_malloc(sizeof(DSO_VMS_INTERNAL));
+ p = DSO_MALLOC(sizeof(DSO_VMS_INTERNAL));
if (p == NULL) {
DSOerr(DSO_F_VMS_LOAD, ERR_R_MALLOC_FAILURE);
goto err;
@@ -217,6 +253,11 @@
strncpy(p->imagename, filename, sp1 - filename);
p->imagename[sp1 - filename] = '\0';
+ if (ext) {
+ strcat(p->imagename, ext);
+ if (*sp2 == '.')
+ sp2++;
+ }
strcat(p->imagename, sp2);
p->filename_dsc.dsc$w_length = strlen(p->filename);
@@ -228,7 +269,7 @@
p->imagename_dsc.dsc$b_class = DSC$K_CLASS_S;
p->imagename_dsc.dsc$a_pointer = p->imagename;
- if (!sk_push(dso->meth_data, (char *)p)) {
+ if (!sk_void_push(dso->meth_data, (char *)p)) {
DSOerr(DSO_F_VMS_LOAD, DSO_R_STACK_ERROR);
goto err;
}
@@ -257,9 +298,9 @@
DSOerr(DSO_F_VMS_UNLOAD, ERR_R_PASSED_NULL_PARAMETER);
return (0);
}
- if (sk_num(dso->meth_data) < 1)
+ if (sk_void_num(dso->meth_data) < 1)
return (1);
- p = (DSO_VMS_INTERNAL *)sk_pop(dso->meth_data);
+ p = (DSO_VMS_INTERNAL *)sk_void_pop(dso->meth_data);
if (p == NULL) {
DSOerr(DSO_F_VMS_UNLOAD, DSO_R_NULL_HANDLE);
return (0);
@@ -304,23 +345,42 @@
int flags = 0;
# endif
struct dsc$descriptor_s symname_dsc;
+
+/* Arrange 32-bit pointer to (copied) string storage, if needed. */
+# if __INITIAL_POINTER_SIZE == 64
+# define SYMNAME symname_32p
+# pragma pointer_size save
+# pragma pointer_size 32
+ char *symname_32p;
+# pragma pointer_size restore
+ char symname_32[NAMX_MAXRSS + 1];
+# else /* __INITIAL_POINTER_SIZE == 64 */
+# define SYMNAME ((char *) symname)
+# endif /* __INITIAL_POINTER_SIZE == 64 [else] */
+
*sym = NULL;
- symname_dsc.dsc$w_length = strlen(symname);
- symname_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
- symname_dsc.dsc$b_class = DSC$K_CLASS_S;
- symname_dsc.dsc$a_pointer = (char *)symname; /* The cast is needed */
-
if ((dso == NULL) || (symname == NULL)) {
DSOerr(DSO_F_VMS_BIND_SYM, ERR_R_PASSED_NULL_PARAMETER);
return;
}
- if (sk_num(dso->meth_data) < 1) {
+# if __INITIAL_POINTER_SIZE == 64
+ /* Copy the symbol name to storage with a 32-bit pointer. */
+ symname_32p = symname_32;
+ strcpy(symname_32p, symname);
+# endif /* __INITIAL_POINTER_SIZE == 64 [else] */
+
+ symname_dsc.dsc$w_length = strlen(SYMNAME);
+ symname_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
+ symname_dsc.dsc$b_class = DSC$K_CLASS_S;
+ symname_dsc.dsc$a_pointer = SYMNAME;
+
+ if (sk_void_num(dso->meth_data) < 1) {
DSOerr(DSO_F_VMS_BIND_SYM, DSO_R_STACK_ERROR);
return;
}
- ptr = (DSO_VMS_INTERNAL *)sk_value(dso->meth_data,
- sk_num(dso->meth_data) - 1);
+ ptr = (DSO_VMS_INTERNAL *)sk_void_value(dso->meth_data,
+ sk_void_num(dso->meth_data) - 1);
if (ptr == NULL) {
DSOerr(DSO_F_VMS_BIND_SYM, DSO_R_NULL_HANDLE);
return;
@@ -387,15 +447,26 @@
int status;
int filespec1len, filespec2len;
struct FAB fab;
-# ifdef NAML$C_MAXRSS
- struct NAML nam;
- char esa[NAML$C_MAXRSS];
-# else
- struct NAM nam;
- char esa[NAM$C_MAXRSS];
-# endif
+ struct NAMX_STRUCT nam;
+ char esa[NAMX_MAXRSS + 1];
char *merged;
+/* Arrange 32-bit pointer to (copied) string storage, if needed. */
+# if __INITIAL_POINTER_SIZE == 64
+# define FILESPEC1 filespec1_32p;
+# define FILESPEC2 filespec2_32p;
+# pragma pointer_size save
+# pragma pointer_size 32
+ char *filespec1_32p;
+ char *filespec2_32p;
+# pragma pointer_size restore
+ char filespec1_32[NAMX_MAXRSS + 1];
+ char filespec2_32[NAMX_MAXRSS + 1];
+# else /* __INITIAL_POINTER_SIZE == 64 */
+# define FILESPEC1 ((char *) filespec1)
+# define FILESPEC2 ((char *) filespec2)
+# endif /* __INITIAL_POINTER_SIZE == 64 [else] */
+
if (!filespec1)
filespec1 = "";
if (!filespec2)
@@ -403,44 +474,30 @@
filespec1len = strlen(filespec1);
filespec2len = strlen(filespec2);
+# if __INITIAL_POINTER_SIZE == 64
+ /* Copy the file names to storage with a 32-bit pointer. */
+ filespec1_32p = filespec1_32;
+ filespec2_32p = filespec2_32;
+ strcpy(filespec1_32p, filespec1);
+ strcpy(filespec2_32p, filespec2);
+# endif /* __INITIAL_POINTER_SIZE == 64 [else] */
+
fab = cc$rms_fab;
-# ifdef NAML$C_MAXRSS
- nam = cc$rms_naml;
-# else
- nam = cc$rms_nam;
-# endif
+ nam = CC_RMS_NAMX;
- fab.fab$l_fna = (char *)filespec1;
- fab.fab$b_fns = filespec1len;
- fab.fab$l_dna = (char *)filespec2;
- fab.fab$b_dns = filespec2len;
-# ifdef NAML$C_MAXRSS
- if (filespec1len > NAM$C_MAXRSS) {
- fab.fab$l_fna = 0;
- fab.fab$b_fns = 0;
- nam.naml$l_long_filename = (char *)filespec1;
- nam.naml$l_long_filename_size = filespec1len;
- }
- if (filespec2len > NAM$C_MAXRSS) {
- fab.fab$l_dna = 0;
- fab.fab$b_dns = 0;
- nam.naml$l_long_defname = (char *)filespec2;
- nam.naml$l_long_defname_size = filespec2len;
- }
- nam.naml$l_esa = esa;
- nam.naml$b_ess = NAM$C_MAXRSS;
- nam.naml$l_long_expand = esa;
- nam.naml$l_long_expand_alloc = sizeof(esa);
- nam.naml$b_nop = NAM$M_SYNCHK | NAM$M_PWD;
- nam.naml$v_no_short_upcase = 1;
- fab.fab$l_naml = &nam;
-# else
- nam.nam$l_esa = esa;
- nam.nam$b_ess = NAM$C_MAXRSS;
- nam.nam$b_nop = NAM$M_SYNCHK | NAM$M_PWD;
- fab.fab$l_nam = &nam;
-# endif
+ FAB_OR_NAML(fab, nam).FAB_OR_NAML_FNA = FILESPEC1;
+ FAB_OR_NAML(fab, nam).FAB_OR_NAML_FNS = filespec1len;
+ FAB_OR_NAML(fab, nam).FAB_OR_NAML_DNA = FILESPEC2;
+ FAB_OR_NAML(fab, nam).FAB_OR_NAML_DNS = filespec2len;
+ NAMX_DNA_FNA_SET(fab)
+ nam.NAMX_ESA = esa;
+ nam.NAMX_ESS = NAMX_MAXRSS;
+ nam.NAMX_NOP = NAM$M_SYNCHK | NAM$M_PWD;
+ SET_NAMX_NO_SHORT_UPCASE(nam);
+
+ fab.FAB_NAMX = &nam;
+
status = sys$parse(&fab, 0, 0);
if (!$VMS_STATUS_SUCCESS(status)) {
@@ -467,27 +524,12 @@
}
return (NULL);
}
-# ifdef NAML$C_MAXRSS
- if (nam.naml$l_long_expand_size) {
- merged = OPENSSL_malloc(nam.naml$l_long_expand_size + 1);
- if (!merged)
- goto malloc_err;
- strncpy(merged, nam.naml$l_long_expand, nam.naml$l_long_expand_size);
- merged[nam.naml$l_long_expand_size] = '\0';
- } else {
- merged = OPENSSL_malloc(nam.naml$b_esl + 1);
- if (!merged)
- goto malloc_err;
- strncpy(merged, nam.naml$l_esa, nam.naml$b_esl);
- merged[nam.naml$b_esl] = '\0';
- }
-# else
- merged = OPENSSL_malloc(nam.nam$b_esl + 1);
+
+ merged = OPENSSL_malloc(nam.NAMX_ESL + 1);
if (!merged)
goto malloc_err;
- strncpy(merged, nam.nam$l_esa, nam.nam$b_esl);
- merged[nam.nam$b_esl] = '\0';
-# endif
+ strncpy(merged, nam.NAMX_ESA, nam.NAMX_ESL);
+ merged[nam.NAMX_ESL] = '\0';
return (merged);
malloc_err:
DSOerr(DSO_F_VMS_MERGER, ERR_R_MALLOC_FAILURE);
@@ -497,7 +539,8 @@
{
int len = strlen(filename);
char *not_translated = OPENSSL_malloc(len + 1);
- strcpy(not_translated, filename);
+ if (not_translated)
+ strcpy(not_translated, filename);
return (not_translated);
}
Modified: trunk/crypto/openssl/crypto/dso/dso_win32.c
===================================================================
--- trunk/crypto/openssl/crypto/dso/dso_win32.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/dso/dso_win32.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -98,9 +98,10 @@
# else
fnamw = (WCHAR *)alloca(len_0 * sizeof(WCHAR));
# endif
- if (fnamw == NULL)
+ if (fnamw == NULL) {
+ SetLastError(ERROR_NOT_ENOUGH_MEMORY);
return NULL;
-
+ }
# if defined(_WIN32_WCE) && _WIN32_WCE>=101
if (!MultiByteToWideChar(CP_ACP, 0, lpLibFileName, len_0, fnamw, len_0))
# endif
@@ -128,6 +129,8 @@
static char *win32_name_converter(DSO *dso, const char *filename);
static char *win32_merger(DSO *dso, const char *filespec1,
const char *filespec2);
+static int win32_pathbyaddr(void *addr, char *path, int sz);
+static void *win32_globallookup(const char *name);
static const char *openssl_strnchr(const char *string, int c, size_t len);
@@ -146,7 +149,9 @@
win32_name_converter,
win32_merger,
NULL, /* init */
- NULL /* finish */
+ NULL, /* finish */
+ win32_pathbyaddr,
+ win32_globallookup
};
DSO_METHOD *DSO_METHOD_win32(void)
@@ -181,7 +186,7 @@
goto err;
}
*p = h;
- if (!sk_push(dso->meth_data, (char *)p)) {
+ if (!sk_void_push(dso->meth_data, p)) {
DSOerr(DSO_F_WIN32_LOAD, DSO_R_STACK_ERROR);
goto err;
}
@@ -206,9 +211,9 @@
DSOerr(DSO_F_WIN32_UNLOAD, ERR_R_PASSED_NULL_PARAMETER);
return (0);
}
- if (sk_num(dso->meth_data) < 1)
+ if (sk_void_num(dso->meth_data) < 1)
return (1);
- p = (HINSTANCE *) sk_pop(dso->meth_data);
+ p = sk_void_pop(dso->meth_data);
if (p == NULL) {
DSOerr(DSO_F_WIN32_UNLOAD, DSO_R_NULL_HANDLE);
return (0);
@@ -218,7 +223,7 @@
/*
* We should push the value back onto the stack in case of a retry.
*/
- sk_push(dso->meth_data, (char *)p);
+ sk_void_push(dso->meth_data, p);
return (0);
}
/* Cleanup */
@@ -239,11 +244,11 @@
DSOerr(DSO_F_WIN32_BIND_VAR, ERR_R_PASSED_NULL_PARAMETER);
return (NULL);
}
- if (sk_num(dso->meth_data) < 1) {
+ if (sk_void_num(dso->meth_data) < 1) {
DSOerr(DSO_F_WIN32_BIND_VAR, DSO_R_STACK_ERROR);
return (NULL);
}
- ptr = (HINSTANCE *) sk_value(dso->meth_data, sk_num(dso->meth_data) - 1);
+ ptr = sk_void_value(dso->meth_data, sk_void_num(dso->meth_data) - 1);
if (ptr == NULL) {
DSOerr(DSO_F_WIN32_BIND_VAR, DSO_R_NULL_HANDLE);
return (NULL);
@@ -266,11 +271,11 @@
DSOerr(DSO_F_WIN32_BIND_FUNC, ERR_R_PASSED_NULL_PARAMETER);
return (NULL);
}
- if (sk_num(dso->meth_data) < 1) {
+ if (sk_void_num(dso->meth_data) < 1) {
DSOerr(DSO_F_WIN32_BIND_FUNC, DSO_R_STACK_ERROR);
return (NULL);
}
- ptr = (HINSTANCE *) sk_value(dso->meth_data, sk_num(dso->meth_data) - 1);
+ ptr = sk_void_value(dso->meth_data, sk_void_num(dso->meth_data) - 1);
if (ptr == NULL) {
DSOerr(DSO_F_WIN32_BIND_FUNC, DSO_R_NULL_HANDLE);
return (NULL);
@@ -343,7 +348,7 @@
return (NULL);
}
result->device = start;
- result->devicelen = filename - start;
+ result->devicelen = (int)(filename - start);
position = IN_FILE;
start = ++filename;
result->dir = start;
@@ -351,7 +356,7 @@
case '\\':
case '/':
if (position == IN_NODE) {
- result->nodelen = filename - start;
+ result->nodelen = (int)(filename - start);
position = IN_FILE;
start = ++filename;
result->dir = start;
@@ -359,17 +364,17 @@
position = IN_FILE;
filename++;
result->dir = start;
- result->dirlen = filename - start;
+ result->dirlen = (int)(filename - start);
start = filename;
} else {
filename++;
- result->dirlen += filename - start;
+ result->dirlen += (int)(filename - start);
start = filename;
}
break;
case '\0':
if (position == IN_NODE) {
- result->nodelen = filename - start;
+ result->nodelen = (int)(filename - start);
} else {
if (filename - start > 0) {
if (assume_last_is_dir) {
@@ -377,10 +382,10 @@
result->dir = start;
result->dirlen = 0;
}
- result->dirlen += filename - start;
+ result->dirlen += (int)(filename - start);
} else {
result->file = start;
- result->filelen = filename - start;
+ result->filelen = (int)(filename - start);
}
}
}
@@ -466,7 +471,7 @@
end = start
+ file_split->predirlen - (start - file_split->predir);
strncpy(&result[offset], start, end - start);
- offset += end - start;
+ offset += (int)(end - start);
result[offset] = '\\';
offset++;
start = end + 1;
@@ -486,7 +491,7 @@
if (!end)
end = start + file_split->dirlen - (start - file_split->dir);
strncpy(&result[offset], start, end - start);
- offset += end - start;
+ offset += (int)(end - start);
result[offset] = '\\';
offset++;
start = end + 1;
@@ -606,4 +611,175 @@
return NULL;
}
-#endif /* OPENSSL_SYS_WIN32 */
+# include <tlhelp32.h>
+# ifdef _WIN32_WCE
+# define DLLNAME "TOOLHELP.DLL"
+# else
+# ifdef MODULEENTRY32
+# undef MODULEENTRY32 /* unmask the ASCII version! */
+# endif
+# define DLLNAME "KERNEL32.DLL"
+# endif
+
+typedef HANDLE(WINAPI *CREATETOOLHELP32SNAPSHOT) (DWORD, DWORD);
+typedef BOOL(WINAPI *CLOSETOOLHELP32SNAPSHOT) (HANDLE);
+typedef BOOL(WINAPI *MODULE32) (HANDLE, MODULEENTRY32 *);
+
+static int win32_pathbyaddr(void *addr, char *path, int sz)
+{
+ HMODULE dll;
+ HANDLE hModuleSnap = INVALID_HANDLE_VALUE;
+ MODULEENTRY32 me32;
+ CREATETOOLHELP32SNAPSHOT create_snap;
+ CLOSETOOLHELP32SNAPSHOT close_snap;
+ MODULE32 module_first, module_next;
+ int len;
+
+ if (addr == NULL) {
+ union {
+ int (*f) (void *, char *, int);
+ void *p;
+ } t = {
+ win32_pathbyaddr
+ };
+ addr = t.p;
+ }
+
+ dll = LoadLibrary(TEXT(DLLNAME));
+ if (dll == NULL) {
+ DSOerr(DSO_F_WIN32_PATHBYADDR, DSO_R_UNSUPPORTED);
+ return -1;
+ }
+
+ create_snap = (CREATETOOLHELP32SNAPSHOT)
+ GetProcAddress(dll, "CreateToolhelp32Snapshot");
+ if (create_snap == NULL) {
+ FreeLibrary(dll);
+ DSOerr(DSO_F_WIN32_PATHBYADDR, DSO_R_UNSUPPORTED);
+ return -1;
+ }
+ /* We take the rest for granted... */
+# ifdef _WIN32_WCE
+ close_snap = (CLOSETOOLHELP32SNAPSHOT)
+ GetProcAddress(dll, "CloseToolhelp32Snapshot");
+# else
+ close_snap = (CLOSETOOLHELP32SNAPSHOT) CloseHandle;
+# endif
+ module_first = (MODULE32) GetProcAddress(dll, "Module32First");
+ module_next = (MODULE32) GetProcAddress(dll, "Module32Next");
+
+ hModuleSnap = (*create_snap) (TH32CS_SNAPMODULE, 0);
+ if (hModuleSnap == INVALID_HANDLE_VALUE) {
+ FreeLibrary(dll);
+ DSOerr(DSO_F_WIN32_PATHBYADDR, DSO_R_UNSUPPORTED);
+ return -1;
+ }
+
+ me32.dwSize = sizeof(me32);
+
+ if (!(*module_first) (hModuleSnap, &me32)) {
+ (*close_snap) (hModuleSnap);
+ FreeLibrary(dll);
+ DSOerr(DSO_F_WIN32_PATHBYADDR, DSO_R_FAILURE);
+ return -1;
+ }
+
+ do {
+ if ((BYTE *) addr >= me32.modBaseAddr &&
+ (BYTE *) addr < me32.modBaseAddr + me32.modBaseSize) {
+ (*close_snap) (hModuleSnap);
+ FreeLibrary(dll);
+# ifdef _WIN32_WCE
+# if _WIN32_WCE >= 101
+ return WideCharToMultiByte(CP_ACP, 0, me32.szExePath, -1,
+ path, sz, NULL, NULL);
+# else
+ len = (int)wcslen(me32.szExePath);
+ if (sz <= 0)
+ return len + 1;
+ if (len >= sz)
+ len = sz - 1;
+ for (i = 0; i < len; i++)
+ path[i] = (char)me32.szExePath[i];
+ path[len++] = 0;
+ return len;
+# endif
+# else
+ len = (int)strlen(me32.szExePath);
+ if (sz <= 0)
+ return len + 1;
+ if (len >= sz)
+ len = sz - 1;
+ memcpy(path, me32.szExePath, len);
+ path[len++] = 0;
+ return len;
+# endif
+ }
+ } while ((*module_next) (hModuleSnap, &me32));
+
+ (*close_snap) (hModuleSnap);
+ FreeLibrary(dll);
+ return 0;
+}
+
+static void *win32_globallookup(const char *name)
+{
+ HMODULE dll;
+ HANDLE hModuleSnap = INVALID_HANDLE_VALUE;
+ MODULEENTRY32 me32;
+ CREATETOOLHELP32SNAPSHOT create_snap;
+ CLOSETOOLHELP32SNAPSHOT close_snap;
+ MODULE32 module_first, module_next;
+ FARPROC ret = NULL;
+
+ dll = LoadLibrary(TEXT(DLLNAME));
+ if (dll == NULL) {
+ DSOerr(DSO_F_WIN32_GLOBALLOOKUP, DSO_R_UNSUPPORTED);
+ return NULL;
+ }
+
+ create_snap = (CREATETOOLHELP32SNAPSHOT)
+ GetProcAddress(dll, "CreateToolhelp32Snapshot");
+ if (create_snap == NULL) {
+ FreeLibrary(dll);
+ DSOerr(DSO_F_WIN32_GLOBALLOOKUP, DSO_R_UNSUPPORTED);
+ return NULL;
+ }
+ /* We take the rest for granted... */
+# ifdef _WIN32_WCE
+ close_snap = (CLOSETOOLHELP32SNAPSHOT)
+ GetProcAddress(dll, "CloseToolhelp32Snapshot");
+# else
+ close_snap = (CLOSETOOLHELP32SNAPSHOT) CloseHandle;
+# endif
+ module_first = (MODULE32) GetProcAddress(dll, "Module32First");
+ module_next = (MODULE32) GetProcAddress(dll, "Module32Next");
+
+ hModuleSnap = (*create_snap) (TH32CS_SNAPMODULE, 0);
+ if (hModuleSnap == INVALID_HANDLE_VALUE) {
+ FreeLibrary(dll);
+ DSOerr(DSO_F_WIN32_GLOBALLOOKUP, DSO_R_UNSUPPORTED);
+ return NULL;
+ }
+
+ me32.dwSize = sizeof(me32);
+
+ if (!(*module_first) (hModuleSnap, &me32)) {
+ (*close_snap) (hModuleSnap);
+ FreeLibrary(dll);
+ return NULL;
+ }
+
+ do {
+ if ((ret = GetProcAddress(me32.hModule, name))) {
+ (*close_snap) (hModuleSnap);
+ FreeLibrary(dll);
+ return ret;
+ }
+ } while ((*module_next) (hModuleSnap, &me32));
+
+ (*close_snap) (hModuleSnap);
+ FreeLibrary(dll);
+ return NULL;
+}
+#endif /* DSO_WIN32 */
Modified: trunk/crypto/openssl/crypto/ebcdic.h
===================================================================
--- trunk/crypto/openssl/crypto/ebcdic.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/ebcdic.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -5,6 +5,10 @@
# include <sys/types.h>
+#ifdef __cplusplus
+extern "C" {
+#endif
+
/* Avoid name clashes with other applications */
# define os_toascii _openssl_os_toascii
# define os_toebcdic _openssl_os_toebcdic
@@ -16,4 +20,7 @@
void *ebcdic2ascii(void *dest, const void *srce, size_t count);
void *ascii2ebcdic(void *dest, const void *srce, size_t count);
+#ifdef __cplusplus
+}
#endif
+#endif
Modified: trunk/crypto/openssl/crypto/ec/Makefile
===================================================================
--- trunk/crypto/openssl/crypto/ec/Makefile 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/ec/Makefile 2015-07-21 23:23:45 UTC (rev 7118)
@@ -19,11 +19,15 @@
LIB=$(TOP)/libcrypto.a
LIBSRC= ec_lib.c ecp_smpl.c ecp_mont.c ecp_nist.c ec_cvt.c ec_mult.c\
ec_err.c ec_curve.c ec_check.c ec_print.c ec_asn1.c ec_key.c\
- ec2_smpl.c ec2_smpt.c ec2_mult.c
+ ec2_smpl.c ec2_mult.c ec_ameth.c ec_pmeth.c eck_prn.c \
+ ecp_nistp224.c ecp_nistp256.c ecp_nistp521.c ecp_nistputil.c \
+ ecp_oct.c ec2_oct.c ec_oct.c
LIBOBJ= ec_lib.o ecp_smpl.o ecp_mont.o ecp_nist.o ec_cvt.o ec_mult.o\
ec_err.o ec_curve.o ec_check.o ec_print.o ec_asn1.o ec_key.o\
- ec2_smpl.o ec2_mult.o
+ ec2_smpl.o ec2_mult.o ec_ameth.o ec_pmeth.o eck_prn.o \
+ ecp_nistp224.o ecp_nistp256.o ecp_nistp521.o ecp_nistputil.o \
+ ecp_oct.o ec2_oct.o ec_oct.o
SRC= $(LIBSRC)
@@ -38,7 +42,7 @@
all: lib
lib: $(LIBOBJ)
- $(ARX) $(LIB) $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
@@ -66,6 +70,8 @@
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
+update: depend
+
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
@@ -87,6 +93,14 @@
ec2_mult.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
ec2_mult.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
ec2_mult.o: ../../include/openssl/symhacks.h ec2_mult.c ec_lcl.h
+ec2_oct.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ec2_oct.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+ec2_oct.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ec2_oct.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+ec2_oct.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
+ec2_oct.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ec2_oct.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ec2_oct.o: ../../include/openssl/symhacks.h ec2_oct.c ec_lcl.h
ec2_smpl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
ec2_smpl.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
ec2_smpl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
@@ -94,8 +108,22 @@
ec2_smpl.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
ec2_smpl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
ec2_smpl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-ec2_smpl.o: ../../include/openssl/symhacks.h ec2_smpl.c ec2_smpt.c ec_lcl.h
-ec2_smpt.o: ec2_smpt.c
+ec2_smpl.o: ../../include/openssl/symhacks.h ec2_smpl.c ec_lcl.h
+ec_ameth.o: ../../e_os.h ../../include/openssl/asn1.h
+ec_ameth.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+ec_ameth.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
+ec_ameth.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ec_ameth.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+ec_ameth.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
+ec_ameth.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+ec_ameth.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+ec_ameth.o: ../../include/openssl/opensslconf.h
+ec_ameth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ec_ameth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+ec_ameth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ec_ameth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+ec_ameth.o: ../../include/openssl/x509_vfy.h ../asn1/asn1_locl.h ../cryptlib.h
+ec_ameth.o: ec_ameth.c
ec_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
ec_asn1.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
ec_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
@@ -160,6 +188,28 @@
ec_mult.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
ec_mult.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
ec_mult.o: ../../include/openssl/symhacks.h ec_lcl.h ec_mult.c
+ec_oct.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ec_oct.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+ec_oct.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ec_oct.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+ec_oct.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
+ec_oct.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ec_oct.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ec_oct.o: ../../include/openssl/symhacks.h ec_lcl.h ec_oct.c
+ec_pmeth.o: ../../e_os.h ../../include/openssl/asn1.h
+ec_pmeth.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+ec_pmeth.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+ec_pmeth.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ec_pmeth.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+ec_pmeth.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+ec_pmeth.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+ec_pmeth.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+ec_pmeth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ec_pmeth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+ec_pmeth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ec_pmeth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+ec_pmeth.o: ../../include/openssl/x509_vfy.h ../cryptlib.h ../evp/evp_locl.h
+ec_pmeth.o: ec_pmeth.c
ec_print.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
ec_print.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
ec_print.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
@@ -167,6 +217,16 @@
ec_print.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
ec_print.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
ec_print.o: ../../include/openssl/symhacks.h ec_lcl.h ec_print.c
+eck_prn.o: ../../e_os.h ../../include/openssl/asn1.h
+eck_prn.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+eck_prn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+eck_prn.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+eck_prn.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+eck_prn.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+eck_prn.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+eck_prn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+eck_prn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+eck_prn.o: ../../include/openssl/symhacks.h ../cryptlib.h eck_prn.c
ecp_mont.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
ecp_mont.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
ecp_mont.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
@@ -183,6 +243,18 @@
ecp_nist.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
ecp_nist.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
ecp_nist.o: ../../include/openssl/symhacks.h ec_lcl.h ecp_nist.c
+ecp_nistp224.o: ../../include/openssl/opensslconf.h ecp_nistp224.c
+ecp_nistp256.o: ../../include/openssl/opensslconf.h ecp_nistp256.c
+ecp_nistp521.o: ../../include/openssl/opensslconf.h ecp_nistp521.c
+ecp_nistputil.o: ../../include/openssl/opensslconf.h ecp_nistputil.c
+ecp_oct.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ecp_oct.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+ecp_oct.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ecp_oct.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+ecp_oct.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
+ecp_oct.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ecp_oct.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ecp_oct.o: ../../include/openssl/symhacks.h ec_lcl.h ecp_oct.c
ecp_smpl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
ecp_smpl.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
ecp_smpl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
Modified: trunk/crypto/openssl/crypto/ec/ec.h
===================================================================
--- trunk/crypto/openssl/crypto/ec/ec.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/ec/ec.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -2,8 +2,12 @@
/*
* Originally written by Bodo Moeller for the OpenSSL project.
*/
+/**
+ * \file crypto/ec/ec.h Include file for the OpenSSL EC functions
+ * \author Originally written by Bodo Moeller for the OpenSSL project
+ */
/* ====================================================================
- * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -96,10 +100,16 @@
# define OPENSSL_ECC_MAX_FIELD_BITS 661
# endif
+/** Enum for the point conversion form as defined in X9.62 (ECDSA)
+ * for the encoding of a elliptic curve point (x,y) */
typedef enum {
- /* values as defined in X9.62 (ECDSA) and elsewhere */
+ /** the point is encoded as z||x, where the octet z specifies
+ * which solution of the quadratic equation y is */
POINT_CONVERSION_COMPRESSED = 2,
+ /** the point is encoded as z||x||y, where z is the octet 0x02 */
POINT_CONVERSION_UNCOMPRESSED = 4,
+ /** the point is encoded as z||x||y, where the octet z specifies
+ * which solution of the quadratic equation y is */
POINT_CONVERSION_HYBRID = 6
} point_conversion_form_t;
@@ -118,89 +128,274 @@
typedef struct ec_point_st EC_POINT;
-/*
- * EC_METHODs for curves over GF(p). EC_GFp_simple_method provides the basis
- * for the optimized methods.
+/********************************************************************/
+/* EC_METHODs for curves over GF(p) */
+/********************************************************************/
+
+/** Returns the basic GFp ec methods which provides the basis for the
+ * optimized methods.
+ * \return EC_METHOD object
*/
const EC_METHOD *EC_GFp_simple_method(void);
+
+/** Returns GFp methods using montgomery multiplication.
+ * \return EC_METHOD object
+ */
const EC_METHOD *EC_GFp_mont_method(void);
+
+/** Returns GFp methods using optimized methods for NIST recommended curves
+ * \return EC_METHOD object
+ */
const EC_METHOD *EC_GFp_nist_method(void);
-/*
- * EC_METHOD for curves over GF(2^m).
+# ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
+/** Returns 64-bit optimized methods for nistp224
+ * \return EC_METHOD object
*/
+const EC_METHOD *EC_GFp_nistp224_method(void);
+
+/** Returns 64-bit optimized methods for nistp256
+ * \return EC_METHOD object
+ */
+const EC_METHOD *EC_GFp_nistp256_method(void);
+
+/** Returns 64-bit optimized methods for nistp521
+ * \return EC_METHOD object
+ */
+const EC_METHOD *EC_GFp_nistp521_method(void);
+# endif
+
+# ifndef OPENSSL_NO_EC2M
+/********************************************************************/
+/* EC_METHOD for curves over GF(2^m) */
+/********************************************************************/
+
+/** Returns the basic GF2m ec method
+ * \return EC_METHOD object
+ */
const EC_METHOD *EC_GF2m_simple_method(void);
-EC_GROUP *EC_GROUP_new(const EC_METHOD *);
-void EC_GROUP_free(EC_GROUP *);
-void EC_GROUP_clear_free(EC_GROUP *);
-int EC_GROUP_copy(EC_GROUP *, const EC_GROUP *);
-EC_GROUP *EC_GROUP_dup(const EC_GROUP *);
+# endif
-const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *);
-int EC_METHOD_get_field_type(const EC_METHOD *);
+/********************************************************************/
+/* EC_GROUP functions */
+/********************************************************************/
-int EC_GROUP_set_generator(EC_GROUP *, const EC_POINT *generator,
+/** Creates a new EC_GROUP object
+ * \param meth EC_METHOD to use
+ * \return newly created EC_GROUP object or NULL in case of an error.
+ */
+EC_GROUP *EC_GROUP_new(const EC_METHOD *meth);
+
+/** Frees a EC_GROUP object
+ * \param group EC_GROUP object to be freed.
+ */
+void EC_GROUP_free(EC_GROUP *group);
+
+/** Clears and frees a EC_GROUP object
+ * \param group EC_GROUP object to be cleared and freed.
+ */
+void EC_GROUP_clear_free(EC_GROUP *group);
+
+/** Copies EC_GROUP objects. Note: both EC_GROUPs must use the same EC_METHOD.
+ * \param dst destination EC_GROUP object
+ * \param src source EC_GROUP object
+ * \return 1 on success and 0 if an error occurred.
+ */
+int EC_GROUP_copy(EC_GROUP *dst, const EC_GROUP *src);
+
+/** Creates a new EC_GROUP object and copies the copies the content
+ * form src to the newly created EC_KEY object
+ * \param src source EC_GROUP object
+ * \return newly created EC_GROUP object or NULL in case of an error.
+ */
+EC_GROUP *EC_GROUP_dup(const EC_GROUP *src);
+
+/** Returns the EC_METHOD of the EC_GROUP object.
+ * \param group EC_GROUP object
+ * \return EC_METHOD used in this EC_GROUP object.
+ */
+const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group);
+
+/** Returns the field type of the EC_METHOD.
+ * \param meth EC_METHOD object
+ * \return NID of the underlying field type OID.
+ */
+int EC_METHOD_get_field_type(const EC_METHOD *meth);
+
+/** Sets the generator and it's order/cofactor of a EC_GROUP object.
+ * \param group EC_GROUP object
+ * \param generator EC_POINT object with the generator.
+ * \param order the order of the group generated by the generator.
+ * \param cofactor the index of the sub-group generated by the generator
+ * in the group of all points on the elliptic curve.
+ * \return 1 on success and 0 if an error occured
+ */
+int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator,
const BIGNUM *order, const BIGNUM *cofactor);
-const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *);
-int EC_GROUP_get_order(const EC_GROUP *, BIGNUM *order, BN_CTX *);
-int EC_GROUP_get_cofactor(const EC_GROUP *, BIGNUM *cofactor, BN_CTX *);
-void EC_GROUP_set_curve_name(EC_GROUP *, int nid);
-int EC_GROUP_get_curve_name(const EC_GROUP *);
+/** Returns the generator of a EC_GROUP object.
+ * \param group EC_GROUP object
+ * \return the currently used generator (possibly NULL).
+ */
+const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group);
-void EC_GROUP_set_asn1_flag(EC_GROUP *, int flag);
-int EC_GROUP_get_asn1_flag(const EC_GROUP *);
+/** Gets the order of a EC_GROUP
+ * \param group EC_GROUP object
+ * \param order BIGNUM to which the order is copied
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occured
+ */
+int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx);
-void EC_GROUP_set_point_conversion_form(EC_GROUP *, point_conversion_form_t);
+/** Gets the cofactor of a EC_GROUP
+ * \param group EC_GROUP object
+ * \param cofactor BIGNUM to which the cofactor is copied
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occured
+ */
+int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor,
+ BN_CTX *ctx);
+
+/** Sets the name of a EC_GROUP object
+ * \param group EC_GROUP object
+ * \param nid NID of the curve name OID
+ */
+void EC_GROUP_set_curve_name(EC_GROUP *group, int nid);
+
+/** Returns the curve name of a EC_GROUP object
+ * \param group EC_GROUP object
+ * \return NID of the curve name OID or 0 if not set.
+ */
+int EC_GROUP_get_curve_name(const EC_GROUP *group);
+
+void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag);
+int EC_GROUP_get_asn1_flag(const EC_GROUP *group);
+
+void EC_GROUP_set_point_conversion_form(EC_GROUP *group,
+ point_conversion_form_t form);
point_conversion_form_t EC_GROUP_get_point_conversion_form(const EC_GROUP *);
-unsigned char *EC_GROUP_get0_seed(const EC_GROUP *);
+unsigned char *EC_GROUP_get0_seed(const EC_GROUP *x);
size_t EC_GROUP_get_seed_len(const EC_GROUP *);
size_t EC_GROUP_set_seed(EC_GROUP *, const unsigned char *, size_t len);
-int EC_GROUP_set_curve_GFp(EC_GROUP *, const BIGNUM *p, const BIGNUM *a,
- const BIGNUM *b, BN_CTX *);
-int EC_GROUP_get_curve_GFp(const EC_GROUP *, BIGNUM *p, BIGNUM *a, BIGNUM *b,
- BN_CTX *);
-int EC_GROUP_set_curve_GF2m(EC_GROUP *, const BIGNUM *p, const BIGNUM *a,
- const BIGNUM *b, BN_CTX *);
-int EC_GROUP_get_curve_GF2m(const EC_GROUP *, BIGNUM *p, BIGNUM *a, BIGNUM *b,
- BN_CTX *);
+/** Sets the parameter of a ec over GFp defined by y^2 = x^3 + a*x + b
+ * \param group EC_GROUP object
+ * \param p BIGNUM with the prime number
+ * \param a BIGNUM with parameter a of the equation
+ * \param b BIGNUM with parameter b of the equation
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occured
+ */
+int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a,
+ const BIGNUM *b, BN_CTX *ctx);
-/* returns the number of bits needed to represent a field element */
-int EC_GROUP_get_degree(const EC_GROUP *);
+/** Gets the parameter of the ec over GFp defined by y^2 = x^3 + a*x + b
+ * \param group EC_GROUP object
+ * \param p BIGNUM for the prime number
+ * \param a BIGNUM for parameter a of the equation
+ * \param b BIGNUM for parameter b of the equation
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occured
+ */
+int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p, BIGNUM *a,
+ BIGNUM *b, BN_CTX *ctx);
-/* EC_GROUP_check() returns 1 if 'group' defines a valid group, 0 otherwise */
+# ifndef OPENSSL_NO_EC2M
+/** Sets the parameter of a ec over GF2m defined by y^2 + x*y = x^3 + a*x^2 + b
+ * \param group EC_GROUP object
+ * \param p BIGNUM with the polynomial defining the underlying field
+ * \param a BIGNUM with parameter a of the equation
+ * \param b BIGNUM with parameter b of the equation
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occured
+ */
+int EC_GROUP_set_curve_GF2m(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a,
+ const BIGNUM *b, BN_CTX *ctx);
+
+/** Gets the parameter of the ec over GF2m defined by y^2 + x*y = x^3 + a*x^2 + b
+ * \param group EC_GROUP object
+ * \param p BIGNUM for the polynomial defining the underlying field
+ * \param a BIGNUM for parameter a of the equation
+ * \param b BIGNUM for parameter b of the equation
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occured
+ */
+int EC_GROUP_get_curve_GF2m(const EC_GROUP *group, BIGNUM *p, BIGNUM *a,
+ BIGNUM *b, BN_CTX *ctx);
+# endif
+/** Returns the number of bits needed to represent a field element
+ * \param group EC_GROUP object
+ * \return number of bits needed to represent a field element
+ */
+int EC_GROUP_get_degree(const EC_GROUP *group);
+
+/** Checks whether the parameter in the EC_GROUP define a valid ec group
+ * \param group EC_GROUP object
+ * \param ctx BN_CTX object (optional)
+ * \return 1 if group is a valid ec group and 0 otherwise
+ */
int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx);
-/*
- * EC_GROUP_check_discriminant() returns 1 if the discriminant of the
- * elliptic curve is not zero, 0 otherwise
+
+/** Checks whether the discriminant of the elliptic curve is zero or not
+ * \param group EC_GROUP object
+ * \param ctx BN_CTX object (optional)
+ * \return 1 if the discriminant is not zero and 0 otherwise
*/
-int EC_GROUP_check_discriminant(const EC_GROUP *, BN_CTX *);
+int EC_GROUP_check_discriminant(const EC_GROUP *group, BN_CTX *ctx);
-/* EC_GROUP_cmp() returns 0 if both groups are equal and 1 otherwise */
-int EC_GROUP_cmp(const EC_GROUP *, const EC_GROUP *, BN_CTX *);
+/** Compares two EC_GROUP objects
+ * \param a first EC_GROUP object
+ * \param b second EC_GROUP object
+ * \param ctx BN_CTX object (optional)
+ * \return 0 if both groups are equal and 1 otherwise
+ */
+int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx);
/*
* EC_GROUP_new_GF*() calls EC_GROUP_new() and EC_GROUP_set_GF*() after
* choosing an appropriate EC_METHOD
*/
+
+/** Creates a new EC_GROUP object with the specified parameters defined
+ * over GFp (defined by the equation y^2 = x^3 + a*x + b)
+ * \param p BIGNUM with the prime number
+ * \param a BIGNUM with the parameter a of the equation
+ * \param b BIGNUM with the parameter b of the equation
+ * \param ctx BN_CTX object (optional)
+ * \return newly created EC_GROUP object with the specified parameters
+ */
EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a,
- const BIGNUM *b, BN_CTX *);
+ const BIGNUM *b, BN_CTX *ctx);
+# ifndef OPENSSL_NO_EC2M
+/** Creates a new EC_GROUP object with the specified parameters defined
+ * over GF2m (defined by the equation y^2 + x*y = x^3 + a*x^2 + b)
+ * \param p BIGNUM with the polynomial defining the underlying field
+ * \param a BIGNUM with the parameter a of the equation
+ * \param b BIGNUM with the parameter b of the equation
+ * \param ctx BN_CTX object (optional)
+ * \return newly created EC_GROUP object with the specified parameters
+ */
EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a,
- const BIGNUM *b, BN_CTX *);
-
-/*
- * EC_GROUP_new_by_curve_name() creates a EC_GROUP structure specified by a
- * curve name (in form of a NID)
+ const BIGNUM *b, BN_CTX *ctx);
+# endif
+/** Creates a EC_GROUP object with a curve specified by a NID
+ * \param nid NID of the OID of the curve name
+ * \return newly created EC_GROUP object with specified curve or NULL
+ * if an error occurred
*/
EC_GROUP *EC_GROUP_new_by_curve_name(int nid);
-/* handling of internal curves */
+
+/********************************************************************/
+/* handling of internal curves */
+/********************************************************************/
+
typedef struct {
int nid;
const char *comment;
} EC_builtin_curve;
+
/*
* EC_builtin_curves(EC_builtin_curve *r, size_t size) returns number of all
* available curves or zero if a error occurred. In case r ist not zero
@@ -209,47 +404,179 @@
*/
size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems);
-/* EC_POINT functions */
+/********************************************************************/
+/* EC_POINT functions */
+/********************************************************************/
-EC_POINT *EC_POINT_new(const EC_GROUP *);
-void EC_POINT_free(EC_POINT *);
-void EC_POINT_clear_free(EC_POINT *);
-int EC_POINT_copy(EC_POINT *, const EC_POINT *);
-EC_POINT *EC_POINT_dup(const EC_POINT *, const EC_GROUP *);
+/** Creates a new EC_POINT object for the specified EC_GROUP
+ * \param group EC_GROUP the underlying EC_GROUP object
+ * \return newly created EC_POINT object or NULL if an error occurred
+ */
+EC_POINT *EC_POINT_new(const EC_GROUP *group);
-const EC_METHOD *EC_POINT_method_of(const EC_POINT *);
+/** Frees a EC_POINT object
+ * \param point EC_POINT object to be freed
+ */
+void EC_POINT_free(EC_POINT *point);
-int EC_POINT_set_to_infinity(const EC_GROUP *, EC_POINT *);
-int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *, EC_POINT *,
- const BIGNUM *x, const BIGNUM *y,
- const BIGNUM *z, BN_CTX *);
-int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *,
- const EC_POINT *, BIGNUM *x,
- BIGNUM *y, BIGNUM *z, BN_CTX *);
-int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *, EC_POINT *,
+/** Clears and frees a EC_POINT object
+ * \param point EC_POINT object to be cleared and freed
+ */
+void EC_POINT_clear_free(EC_POINT *point);
+
+/** Copies EC_POINT object
+ * \param dst destination EC_POINT object
+ * \param src source EC_POINT object
+ * \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_copy(EC_POINT *dst, const EC_POINT *src);
+
+/** Creates a new EC_POINT object and copies the content of the supplied
+ * EC_POINT
+ * \param src source EC_POINT object
+ * \param group underlying the EC_GROUP object
+ * \return newly created EC_POINT object or NULL if an error occurred
+ */
+EC_POINT *EC_POINT_dup(const EC_POINT *src, const EC_GROUP *group);
+
+/** Returns the EC_METHOD used in EC_POINT object
+ * \param point EC_POINT object
+ * \return the EC_METHOD used
+ */
+const EC_METHOD *EC_POINT_method_of(const EC_POINT *point);
+
+/** Sets a point to infinity (neutral element)
+ * \param group underlying EC_GROUP object
+ * \param point EC_POINT to set to infinity
+ * \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point);
+
+/** Sets the jacobian projective coordinates of a EC_POINT over GFp
+ * \param group underlying EC_GROUP object
+ * \param p EC_POINT object
+ * \param x BIGNUM with the x-coordinate
+ * \param y BIGNUM with the y-coordinate
+ * \param z BIGNUM with the z-coordinate
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group,
+ EC_POINT *p, const BIGNUM *x,
+ const BIGNUM *y, const BIGNUM *z,
+ BN_CTX *ctx);
+
+/** Gets the jacobian projective coordinates of a EC_POINT over GFp
+ * \param group underlying EC_GROUP object
+ * \param p EC_POINT object
+ * \param x BIGNUM for the x-coordinate
+ * \param y BIGNUM for the y-coordinate
+ * \param z BIGNUM for the z-coordinate
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
+ const EC_POINT *p, BIGNUM *x,
+ BIGNUM *y, BIGNUM *z,
+ BN_CTX *ctx);
+
+/** Sets the affine coordinates of a EC_POINT over GFp
+ * \param group underlying EC_GROUP object
+ * \param p EC_POINT object
+ * \param x BIGNUM with the x-coordinate
+ * \param y BIGNUM with the y-coordinate
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
const BIGNUM *x, const BIGNUM *y,
- BN_CTX *);
-int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *, const EC_POINT *,
- BIGNUM *x, BIGNUM *y, BN_CTX *);
-int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *, EC_POINT *,
- const BIGNUM *x, int y_bit,
- BN_CTX *);
+ BN_CTX *ctx);
-int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *, EC_POINT *,
+/** Gets the affine coordinates of a EC_POINT over GFp
+ * \param group underlying EC_GROUP object
+ * \param p EC_POINT object
+ * \param x BIGNUM for the x-coordinate
+ * \param y BIGNUM for the y-coordinate
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
+ const EC_POINT *p, BIGNUM *x,
+ BIGNUM *y, BN_CTX *ctx);
+
+/** Sets the x9.62 compressed coordinates of a EC_POINT over GFp
+ * \param group underlying EC_GROUP object
+ * \param p EC_POINT object
+ * \param x BIGNUM with x-coordinate
+ * \param y_bit integer with the y-Bit (either 0 or 1)
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group,
+ EC_POINT *p, const BIGNUM *x,
+ int y_bit, BN_CTX *ctx);
+# ifndef OPENSSL_NO_EC2M
+/** Sets the affine coordinates of a EC_POINT over GF2m
+ * \param group underlying EC_GROUP object
+ * \param p EC_POINT object
+ * \param x BIGNUM with the x-coordinate
+ * \param y BIGNUM with the y-coordinate
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
const BIGNUM *x, const BIGNUM *y,
- BN_CTX *);
-int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *, const EC_POINT *,
- BIGNUM *x, BIGNUM *y, BN_CTX *);
-int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *, EC_POINT *,
- const BIGNUM *x, int y_bit,
- BN_CTX *);
+ BN_CTX *ctx);
-size_t EC_POINT_point2oct(const EC_GROUP *, const EC_POINT *,
- point_conversion_form_t form, unsigned char *buf,
- size_t len, BN_CTX *);
-int EC_POINT_oct2point(const EC_GROUP *, EC_POINT *, const unsigned char *buf,
- size_t len, BN_CTX *);
+/** Gets the affine coordinates of a EC_POINT over GF2m
+ * \param group underlying EC_GROUP object
+ * \param p EC_POINT object
+ * \param x BIGNUM for the x-coordinate
+ * \param y BIGNUM for the y-coordinate
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
+ const EC_POINT *p, BIGNUM *x,
+ BIGNUM *y, BN_CTX *ctx);
+/** Sets the x9.62 compressed coordinates of a EC_POINT over GF2m
+ * \param group underlying EC_GROUP object
+ * \param p EC_POINT object
+ * \param x BIGNUM with x-coordinate
+ * \param y_bit integer with the y-Bit (either 0 or 1)
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group,
+ EC_POINT *p, const BIGNUM *x,
+ int y_bit, BN_CTX *ctx);
+# endif
+/** Encodes a EC_POINT object to a octet string
+ * \param group underlying EC_GROUP object
+ * \param p EC_POINT object
+ * \param form point conversion form
+ * \param buf memory buffer for the result. If NULL the function returns
+ * required buffer size.
+ * \param len length of the memory buffer
+ * \param ctx BN_CTX object (optional)
+ * \return the length of the encoded octet string or 0 if an error occurred
+ */
+size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *p,
+ point_conversion_form_t form,
+ unsigned char *buf, size_t len, BN_CTX *ctx);
+
+/** Decodes a EC_POINT from a octet string
+ * \param group underlying EC_GROUP object
+ * \param p EC_POINT object
+ * \param buf memory buffer with the encoded ec point
+ * \param len length of the encoded ec point
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *p,
+ const unsigned char *buf, size_t len, BN_CTX *ctx);
+
/* other interfaces to point2oct/oct2point: */
BIGNUM *EC_POINT_point2bn(const EC_GROUP *, const EC_POINT *,
point_conversion_form_t form, BIGNUM *, BN_CTX *);
@@ -260,46 +587,122 @@
EC_POINT *EC_POINT_hex2point(const EC_GROUP *, const char *,
EC_POINT *, BN_CTX *);
-int EC_POINT_add(const EC_GROUP *, EC_POINT *r, const EC_POINT *a,
- const EC_POINT *b, BN_CTX *);
-int EC_POINT_dbl(const EC_GROUP *, EC_POINT *r, const EC_POINT *a, BN_CTX *);
-int EC_POINT_invert(const EC_GROUP *, EC_POINT *, BN_CTX *);
+/********************************************************************/
+/* functions for doing EC_POINT arithmetic */
+/********************************************************************/
-int EC_POINT_is_at_infinity(const EC_GROUP *, const EC_POINT *);
-int EC_POINT_is_on_curve(const EC_GROUP *, const EC_POINT *, BN_CTX *);
-int EC_POINT_cmp(const EC_GROUP *, const EC_POINT *a, const EC_POINT *b,
- BN_CTX *);
+/** Computes the sum of two EC_POINT
+ * \param group underlying EC_GROUP object
+ * \param r EC_POINT object for the result (r = a + b)
+ * \param a EC_POINT object with the first summand
+ * \param b EC_POINT object with the second summand
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
+ const EC_POINT *b, BN_CTX *ctx);
-int EC_POINT_make_affine(const EC_GROUP *, EC_POINT *, BN_CTX *);
-int EC_POINTs_make_affine(const EC_GROUP *, size_t num, EC_POINT *[],
- BN_CTX *);
+/** Computes the double of a EC_POINT
+ * \param group underlying EC_GROUP object
+ * \param r EC_POINT object for the result (r = 2 * a)
+ * \param a EC_POINT object
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
+ BN_CTX *ctx);
-int EC_POINTs_mul(const EC_GROUP *, EC_POINT *r, const BIGNUM *, size_t num,
- const EC_POINT *[], const BIGNUM *[], BN_CTX *);
-int EC_POINT_mul(const EC_GROUP *, EC_POINT *r, const BIGNUM *,
- const EC_POINT *, const BIGNUM *, BN_CTX *);
+/** Computes the inverse of a EC_POINT
+ * \param group underlying EC_GROUP object
+ * \param a EC_POINT object to be inverted (it's used for the result as well)
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_invert(const EC_GROUP *group, EC_POINT *a, BN_CTX *ctx);
-/*
- * EC_GROUP_precompute_mult() stores multiples of generator for faster point
- * multiplication
+/** Checks whether the point is the neutral element of the group
+ * \param group the underlying EC_GROUP object
+ * \param p EC_POINT object
+ * \return 1 if the point is the neutral element and 0 otherwise
*/
-int EC_GROUP_precompute_mult(EC_GROUP *, BN_CTX *);
-/*
- * EC_GROUP_have_precompute_mult() reports whether such precomputation has
- * been done
+int EC_POINT_is_at_infinity(const EC_GROUP *group, const EC_POINT *p);
+
+/** Checks whether the point is on the curve
+ * \param group underlying EC_GROUP object
+ * \param point EC_POINT object to check
+ * \param ctx BN_CTX object (optional)
+ * \return 1 if point if on the curve and 0 otherwise
*/
-int EC_GROUP_have_precompute_mult(const EC_GROUP *);
+int EC_POINT_is_on_curve(const EC_GROUP *group, const EC_POINT *point,
+ BN_CTX *ctx);
-/* ASN1 stuff */
+/** Compares two EC_POINTs
+ * \param group underlying EC_GROUP object
+ * \param a first EC_POINT object
+ * \param b second EC_POINT object
+ * \param ctx BN_CTX object (optional)
+ * \return 0 if both points are equal and a value != 0 otherwise
+ */
+int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b,
+ BN_CTX *ctx);
+int EC_POINT_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx);
+int EC_POINTs_make_affine(const EC_GROUP *group, size_t num,
+ EC_POINT *points[], BN_CTX *ctx);
+
+/** Computes r = generator * n sum_{i=0}^{num-1} p[i] * m[i]
+ * \param group underlying EC_GROUP object
+ * \param r EC_POINT object for the result
+ * \param n BIGNUM with the multiplier for the group generator (optional)
+ * \param num number futher summands
+ * \param p array of size num of EC_POINT objects
+ * \param m array of size num of BIGNUM objects
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occured
+ */
+int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n,
+ size_t num, const EC_POINT *p[], const BIGNUM *m[],
+ BN_CTX *ctx);
+
+/** Computes r = generator * n + q * m
+ * \param group underlying EC_GROUP object
+ * \param r EC_POINT object for the result
+ * \param n BIGNUM with the multiplier for the group generator (optional)
+ * \param q EC_POINT object with the first factor of the second summand
+ * \param m BIGNUM with the second factor of the second summand
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n,
+ const EC_POINT *q, const BIGNUM *m, BN_CTX *ctx);
+
+/** Stores multiples of generator for faster point multiplication
+ * \param group EC_GROUP object
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occured
+ */
+int EC_GROUP_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
+
+/** Reports whether a precomputation has been done
+ * \param group EC_GROUP object
+ * \return 1 if a pre-computation has been done and 0 otherwise
+ */
+int EC_GROUP_have_precompute_mult(const EC_GROUP *group);
+
+/********************************************************************/
+/* ASN1 stuff */
+/********************************************************************/
+
/*
* EC_GROUP_get_basis_type() returns the NID of the basis type used to
* represent the field elements
*/
int EC_GROUP_get_basis_type(const EC_GROUP *);
+# ifndef OPENSSL_NO_EC2M
int EC_GROUP_get_trinomial_basis(const EC_GROUP *, unsigned int *k);
int EC_GROUP_get_pentanomial_basis(const EC_GROUP *, unsigned int *k1,
unsigned int *k2, unsigned int *k3);
+# endif
# define OPENSSL_EC_NAMED_CURVE 0x001
@@ -322,7 +725,10 @@
int ECPKParameters_print_fp(FILE *fp, const EC_GROUP *x, int off);
# endif
-/* the EC_KEY stuff */
+/********************************************************************/
+/* EC_KEY functions */
+/********************************************************************/
+
typedef struct ec_key_st EC_KEY;
/* some values for the encoding_flag */
@@ -329,26 +735,100 @@
# define EC_PKEY_NO_PARAMETERS 0x001
# define EC_PKEY_NO_PUBKEY 0x002
+/* some values for the flags field */
+# define EC_FLAG_NON_FIPS_ALLOW 0x1
+# define EC_FLAG_FIPS_CHECKED 0x2
+
+/** Creates a new EC_KEY object.
+ * \return EC_KEY object or NULL if an error occurred.
+ */
EC_KEY *EC_KEY_new(void);
+
+int EC_KEY_get_flags(const EC_KEY *key);
+
+void EC_KEY_set_flags(EC_KEY *key, int flags);
+
+void EC_KEY_clear_flags(EC_KEY *key, int flags);
+
+/** Creates a new EC_KEY object using a named curve as underlying
+ * EC_GROUP object.
+ * \param nid NID of the named curve.
+ * \return EC_KEY object or NULL if an error occurred.
+ */
EC_KEY *EC_KEY_new_by_curve_name(int nid);
-void EC_KEY_free(EC_KEY *);
-EC_KEY *EC_KEY_copy(EC_KEY *, const EC_KEY *);
-EC_KEY *EC_KEY_dup(const EC_KEY *);
-int EC_KEY_up_ref(EC_KEY *);
+/** Frees a EC_KEY object.
+ * \param key EC_KEY object to be freed.
+ */
+void EC_KEY_free(EC_KEY *key);
-const EC_GROUP *EC_KEY_get0_group(const EC_KEY *);
-int EC_KEY_set_group(EC_KEY *, const EC_GROUP *);
-const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *);
-int EC_KEY_set_private_key(EC_KEY *, const BIGNUM *);
-const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *);
-int EC_KEY_set_public_key(EC_KEY *, const EC_POINT *);
-unsigned EC_KEY_get_enc_flags(const EC_KEY *);
-void EC_KEY_set_enc_flags(EC_KEY *, unsigned int);
-point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *);
-void EC_KEY_set_conv_form(EC_KEY *, point_conversion_form_t);
+/** Copies a EC_KEY object.
+ * \param dst destination EC_KEY object
+ * \param src src EC_KEY object
+ * \return dst or NULL if an error occurred.
+ */
+EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src);
+
+/** Creates a new EC_KEY object and copies the content from src to it.
+ * \param src the source EC_KEY object
+ * \return newly created EC_KEY object or NULL if an error occurred.
+ */
+EC_KEY *EC_KEY_dup(const EC_KEY *src);
+
+/** Increases the internal reference count of a EC_KEY object.
+ * \param key EC_KEY object
+ * \return 1 on success and 0 if an error occurred.
+ */
+int EC_KEY_up_ref(EC_KEY *key);
+
+/** Returns the EC_GROUP object of a EC_KEY object
+ * \param key EC_KEY object
+ * \return the EC_GROUP object (possibly NULL).
+ */
+const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key);
+
+/** Sets the EC_GROUP of a EC_KEY object.
+ * \param key EC_KEY object
+ * \param group EC_GROUP to use in the EC_KEY object (note: the EC_KEY
+ * object will use an own copy of the EC_GROUP).
+ * \return 1 on success and 0 if an error occurred.
+ */
+int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group);
+
+/** Returns the private key of a EC_KEY object.
+ * \param key EC_KEY object
+ * \return a BIGNUM with the private key (possibly NULL).
+ */
+const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key);
+
+/** Sets the private key of a EC_KEY object.
+ * \param key EC_KEY object
+ * \param prv BIGNUM with the private key (note: the EC_KEY object
+ * will use an own copy of the BIGNUM).
+ * \return 1 on success and 0 if an error occurred.
+ */
+int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *prv);
+
+/** Returns the public key of a EC_KEY object.
+ * \param key the EC_KEY object
+ * \return a EC_POINT object with the public key (possibly NULL)
+ */
+const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key);
+
+/** Sets the public key of a EC_KEY object.
+ * \param key EC_KEY object
+ * \param pub EC_POINT object with the public key (note: the EC_KEY object
+ * will use an own copy of the EC_POINT object).
+ * \return 1 on success and 0 if an error occurred.
+ */
+int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub);
+
+unsigned EC_KEY_get_enc_flags(const EC_KEY *key);
+void EC_KEY_set_enc_flags(EC_KEY *eckey, unsigned int flags);
+point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key);
+void EC_KEY_set_conv_form(EC_KEY *eckey, point_conversion_form_t cform);
/* functions to set/get method specific data */
-void *EC_KEY_get_key_method_data(EC_KEY *,
+void *EC_KEY_get_key_method_data(EC_KEY *key,
void *(*dup_func) (void *),
void (*free_func) (void *),
void (*clear_free_func) (void *));
@@ -365,34 +845,134 @@
void (*free_func) (void *),
void (*clear_free_func) (void *));
/* wrapper functions for the underlying EC_GROUP object */
-void EC_KEY_set_asn1_flag(EC_KEY *, int);
-int EC_KEY_precompute_mult(EC_KEY *, BN_CTX *ctx);
+void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag);
-/* EC_KEY_generate_key() creates a ec private (public) key */
-int EC_KEY_generate_key(EC_KEY *);
-/* EC_KEY_check_key() */
-int EC_KEY_check_key(const EC_KEY *);
+/** Creates a table of pre-computed multiples of the generator to
+ * accelerate further EC_KEY operations.
+ * \param key EC_KEY object
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occurred.
+ */
+int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx);
-/* de- and encoding functions for SEC1 ECPrivateKey */
-EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len);
-int i2d_ECPrivateKey(EC_KEY *a, unsigned char **out);
-/* de- and encoding functions for EC parameters */
-EC_KEY *d2i_ECParameters(EC_KEY **a, const unsigned char **in, long len);
-int i2d_ECParameters(EC_KEY *a, unsigned char **out);
-/*
- * de- and encoding functions for EC public key (octet string, not DER --
- * hence 'o2i' and 'i2o')
+/** Creates a new ec private (and optional a new public) key.
+ * \param key EC_KEY object
+ * \return 1 on success and 0 if an error occurred.
*/
-EC_KEY *o2i_ECPublicKey(EC_KEY **a, const unsigned char **in, long len);
-int i2o_ECPublicKey(EC_KEY *a, unsigned char **out);
+int EC_KEY_generate_key(EC_KEY *key);
+/** Verifies that a private and/or public key is valid.
+ * \param key the EC_KEY object
+ * \return 1 on success and 0 otherwise.
+ */
+int EC_KEY_check_key(const EC_KEY *key);
+
+/** Sets a public key from affine coordindates performing
+ * neccessary NIST PKV tests.
+ * \param key the EC_KEY object
+ * \param x public key x coordinate
+ * \param y public key y coordinate
+ * \return 1 on success and 0 otherwise.
+ */
+int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x,
+ BIGNUM *y);
+
+/********************************************************************/
+/* de- and encoding functions for SEC1 ECPrivateKey */
+/********************************************************************/
+
+/** Decodes a private key from a memory buffer.
+ * \param key a pointer to a EC_KEY object which should be used (or NULL)
+ * \param in pointer to memory with the DER encoded private key
+ * \param len length of the DER encoded private key
+ * \return the decoded private key or NULL if an error occurred.
+ */
+EC_KEY *d2i_ECPrivateKey(EC_KEY **key, const unsigned char **in, long len);
+
+/** Encodes a private key object and stores the result in a buffer.
+ * \param key the EC_KEY object to encode
+ * \param out the buffer for the result (if NULL the function returns number
+ * of bytes needed).
+ * \return 1 on success and 0 if an error occurred.
+ */
+int i2d_ECPrivateKey(EC_KEY *key, unsigned char **out);
+
+/********************************************************************/
+/* de- and encoding functions for EC parameters */
+/********************************************************************/
+
+/** Decodes ec parameter from a memory buffer.
+ * \param key a pointer to a EC_KEY object which should be used (or NULL)
+ * \param in pointer to memory with the DER encoded ec parameters
+ * \param len length of the DER encoded ec parameters
+ * \return a EC_KEY object with the decoded parameters or NULL if an error
+ * occurred.
+ */
+EC_KEY *d2i_ECParameters(EC_KEY **key, const unsigned char **in, long len);
+
+/** Encodes ec parameter and stores the result in a buffer.
+ * \param key the EC_KEY object with ec paramters to encode
+ * \param out the buffer for the result (if NULL the function returns number
+ * of bytes needed).
+ * \return 1 on success and 0 if an error occurred.
+ */
+int i2d_ECParameters(EC_KEY *key, unsigned char **out);
+
+/********************************************************************/
+/* de- and encoding functions for EC public key */
+/* (octet string, not DER -- hence 'o2i' and 'i2o') */
+/********************************************************************/
+
+/** Decodes a ec public key from a octet string.
+ * \param key a pointer to a EC_KEY object which should be used
+ * \param in memory buffer with the encoded public key
+ * \param len length of the encoded public key
+ * \return EC_KEY object with decoded public key or NULL if an error
+ * occurred.
+ */
+EC_KEY *o2i_ECPublicKey(EC_KEY **key, const unsigned char **in, long len);
+
+/** Encodes a ec public key in an octet string.
+ * \param key the EC_KEY object with the public key
+ * \param out the buffer for the result (if NULL the function returns number
+ * of bytes needed).
+ * \return 1 on success and 0 if an error occurred
+ */
+int i2o_ECPublicKey(EC_KEY *key, unsigned char **out);
+
# ifndef OPENSSL_NO_BIO
-int ECParameters_print(BIO *bp, const EC_KEY *x);
-int EC_KEY_print(BIO *bp, const EC_KEY *x, int off);
+/** Prints out the ec parameters on human readable form.
+ * \param bp BIO object to which the information is printed
+ * \param key EC_KEY object
+ * \return 1 on success and 0 if an error occurred
+ */
+int ECParameters_print(BIO *bp, const EC_KEY *key);
+
+/** Prints out the contents of a EC_KEY object
+ * \param bp BIO object to which the information is printed
+ * \param key EC_KEY object
+ * \param off line offset
+ * \return 1 on success and 0 if an error occurred
+ */
+int EC_KEY_print(BIO *bp, const EC_KEY *key, int off);
+
# endif
# ifndef OPENSSL_NO_FP_API
-int ECParameters_print_fp(FILE *fp, const EC_KEY *x);
-int EC_KEY_print_fp(FILE *fp, const EC_KEY *x, int off);
+/** Prints out the ec parameters on human readable form.
+ * \param fp file descriptor to which the information is printed
+ * \param key EC_KEY object
+ * \return 1 on success and 0 if an error occurred
+ */
+int ECParameters_print_fp(FILE *fp, const EC_KEY *key);
+
+/** Prints out the contents of a EC_KEY object
+ * \param fp file descriptor to which the information is printed
+ * \param key EC_KEY object
+ * \param off line offset
+ * \return 1 on success and 0 if an error occurred
+ */
+int EC_KEY_print_fp(FILE *fp, const EC_KEY *key, int off);
+
# endif
# define ECParameters_dup(x) ASN1_dup_of(EC_KEY,i2d_ECParameters,d2i_ECParameters,x)
@@ -405,6 +985,12 @@
# endif
# endif
+# define EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx, nid) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, EVP_PKEY_OP_PARAMGEN, \
+ EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID, nid, NULL)
+
+# define EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID (EVP_PKEY_ALG_CTRL + 1)
+
/* BEGIN ERROR CODES */
/*
* The following lines are auto generated by the script mkerr.pl. Any changes
@@ -415,10 +1001,19 @@
/* Error codes for the EC functions. */
/* Function codes. */
+# define EC_F_BN_TO_FELEM 224
# define EC_F_COMPUTE_WNAF 143
# define EC_F_D2I_ECPARAMETERS 144
# define EC_F_D2I_ECPKPARAMETERS 145
# define EC_F_D2I_ECPRIVATEKEY 146
+# define EC_F_DO_EC_KEY_PRINT 221
+# define EC_F_ECKEY_PARAM2TYPE 223
+# define EC_F_ECKEY_PARAM_DECODE 212
+# define EC_F_ECKEY_PRIV_DECODE 213
+# define EC_F_ECKEY_PRIV_ENCODE 214
+# define EC_F_ECKEY_PUB_DECODE 215
+# define EC_F_ECKEY_PUB_ENCODE 216
+# define EC_F_ECKEY_TYPE2PARAM 220
# define EC_F_ECPARAMETERS_PRINT 147
# define EC_F_ECPARAMETERS_PRINT_FP 148
# define EC_F_ECPKPARAMETERS_PRINT 149
@@ -449,6 +1044,15 @@
# define EC_F_EC_GFP_MONT_FIELD_SQR 132
# define EC_F_EC_GFP_MONT_GROUP_SET_CURVE 189
# define EC_F_EC_GFP_MONT_GROUP_SET_CURVE_GFP 135
+# define EC_F_EC_GFP_NISTP224_GROUP_SET_CURVE 225
+# define EC_F_EC_GFP_NISTP224_POINTS_MUL 228
+# define EC_F_EC_GFP_NISTP224_POINT_GET_AFFINE_COORDINATES 226
+# define EC_F_EC_GFP_NISTP256_GROUP_SET_CURVE 230
+# define EC_F_EC_GFP_NISTP256_POINTS_MUL 231
+# define EC_F_EC_GFP_NISTP256_POINT_GET_AFFINE_COORDINATES 232
+# define EC_F_EC_GFP_NISTP521_GROUP_SET_CURVE 233
+# define EC_F_EC_GFP_NISTP521_POINTS_MUL 234
+# define EC_F_EC_GFP_NISTP521_POINT_GET_AFFINE_COORDINATES 235
# define EC_F_EC_GFP_NIST_FIELD_MUL 200
# define EC_F_EC_GFP_NIST_FIELD_SQR 201
# define EC_F_EC_GFP_NIST_GROUP_SET_CURVE 202
@@ -491,8 +1095,8 @@
# define EC_F_EC_KEY_NEW 182
# define EC_F_EC_KEY_PRINT 180
# define EC_F_EC_KEY_PRINT_FP 181
+# define EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES 229
# define EC_F_EC_POINTS_MAKE_AFFINE 136
-# define EC_F_EC_POINTS_MUL 138
# define EC_F_EC_POINT_ADD 112
# define EC_F_EC_POINT_CMP 113
# define EC_F_EC_POINT_COPY 114
@@ -522,16 +1126,30 @@
# define EC_F_I2D_ECPKPARAMETERS 191
# define EC_F_I2D_ECPRIVATEKEY 192
# define EC_F_I2O_ECPUBLICKEY 151
+# define EC_F_NISTP224_PRE_COMP_NEW 227
+# define EC_F_NISTP256_PRE_COMP_NEW 236
+# define EC_F_NISTP521_PRE_COMP_NEW 237
# define EC_F_O2I_ECPUBLICKEY 152
+# define EC_F_OLD_EC_PRIV_DECODE 222
+# define EC_F_PKEY_EC_CTRL 197
+# define EC_F_PKEY_EC_CTRL_STR 198
+# define EC_F_PKEY_EC_DERIVE 217
+# define EC_F_PKEY_EC_KEYGEN 199
+# define EC_F_PKEY_EC_PARAMGEN 219
+# define EC_F_PKEY_EC_SIGN 218
/* Reason codes. */
# define EC_R_ASN1_ERROR 115
# define EC_R_ASN1_UNKNOWN_FIELD 116
+# define EC_R_BIGNUM_OUT_OF_RANGE 144
# define EC_R_BUFFER_TOO_SMALL 100
+# define EC_R_COORDINATES_OUT_OF_RANGE 146
# define EC_R_D2I_ECPKPARAMETERS_FAILURE 117
+# define EC_R_DECODE_ERROR 142
# define EC_R_DISCRIMINANT_IS_ZERO 118
# define EC_R_EC_GROUP_NEW_BY_NAME_FAILURE 119
-# define EC_R_FIELD_TOO_LARGE 138
+# define EC_R_FIELD_TOO_LARGE 143
+# define EC_R_GF2M_NOT_SUPPORTED 147
# define EC_R_GROUP2PKPARAMETERS_FAILURE 120
# define EC_R_I2D_ECPKPARAMETERS_FAILURE 121
# define EC_R_INCOMPATIBLE_OBJECTS 101
@@ -538,6 +1156,8 @@
# define EC_R_INVALID_ARGUMENT 112
# define EC_R_INVALID_COMPRESSED_POINT 110
# define EC_R_INVALID_COMPRESSION_BIT 109
+# define EC_R_INVALID_CURVE 141
+# define EC_R_INVALID_DIGEST_TYPE 138
# define EC_R_INVALID_ENCODING 102
# define EC_R_INVALID_FIELD 103
# define EC_R_INVALID_FORM 104
@@ -545,6 +1165,7 @@
# define EC_R_INVALID_PENTANOMIAL_BASIS 132
# define EC_R_INVALID_PRIVATE_KEY 123
# define EC_R_INVALID_TRINOMIAL_BASIS 137
+# define EC_R_KEYS_NOT_SET 140
# define EC_R_MISSING_PARAMETERS 124
# define EC_R_MISSING_PRIVATE_KEY 125
# define EC_R_NOT_A_NIST_PRIME 135
@@ -552,6 +1173,7 @@
# define EC_R_NOT_IMPLEMENTED 126
# define EC_R_NOT_INITIALIZED 111
# define EC_R_NO_FIELD_MOD 133
+# define EC_R_NO_PARAMETERS_SET 139
# define EC_R_PASSED_NULL_PARAMETER 134
# define EC_R_PKPARAMETERS2GROUP_FAILURE 127
# define EC_R_POINT_AT_INFINITY 106
@@ -562,6 +1184,7 @@
# define EC_R_UNKNOWN_GROUP 129
# define EC_R_UNKNOWN_ORDER 114
# define EC_R_UNSUPPORTED_FIELD 131
+# define EC_R_WRONG_CURVE_PARAMETERS 145
# define EC_R_WRONG_ORDER 130
#ifdef __cplusplus
Modified: trunk/crypto/openssl/crypto/ec/ec2_mult.c
===================================================================
--- trunk/crypto/openssl/crypto/ec/ec2_mult.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/ec/ec2_mult.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -71,12 +71,14 @@
#include "ec_lcl.h"
+#ifndef OPENSSL_NO_EC2M
+
/*-
* Compute the x-coordinate x/z for the point 2*(x/z) in Montgomery projective
* coordinates.
* Uses algorithm Mdouble in appendix of
* Lopez, J. and Dahab, R. "Fast multiplication on elliptic curves over
- * GF(2^m) without precomputation".
+ * GF(2^m) without precomputation" (CHES '99, LNCS 1717).
* modified to not require precomputation of c=b^{2^{m-1}}.
*/
static int gf2m_Mdouble(const EC_GROUP *group, BIGNUM *x, BIGNUM *z,
@@ -117,8 +119,8 @@
* Compute the x-coordinate x1/z1 for the point (x1/z1)+(x2/x2) in Montgomery
* projective coordinates.
* Uses algorithm Madd in appendix of
- * Lopex, J. and Dahab, R. "Fast multiplication on elliptic curves over
- * GF(2^m) without precomputation".
+ * Lopez, J. and Dahab, R. "Fast multiplication on elliptic curves over
+ * GF(2^m) without precomputation" (CHES '99, LNCS 1717).
*/
static int gf2m_Madd(const EC_GROUP *group, const BIGNUM *x, BIGNUM *x1,
BIGNUM *z1, const BIGNUM *x2, const BIGNUM *z2,
@@ -161,8 +163,8 @@
/*-
* Compute the x, y affine coordinates from the point (x1, z1) (x2, z2)
* using Montgomery point multiplication algorithm Mxy() in appendix of
- * Lopex, J. and Dahab, R. "Fast multiplication on elliptic curves over
- * GF(2^m) without precomputation".
+ * Lopez, J. and Dahab, R. "Fast multiplication on elliptic curves over
+ * GF(2^m) without precomputation" (CHES '99, LNCS 1717).
* Returns:
* 0 on error
* 1 if return value should be the point at infinity
@@ -252,11 +254,11 @@
* Computes scalar*point and stores the result in r.
* point can not equal r.
* Uses a modified algorithm 2P of
- * Lopex, J. and Dahab, R. "Fast multiplication on elliptic curves over
- * GF(2^m) without precomputation".
+ * Lopez, J. and Dahab, R. "Fast multiplication on elliptic curves over
+ * GF(2^m) without precomputation" (CHES '99, LNCS 1717).
*
- * To protect against side-channel attack the function uses constant time
- * swap avoiding conditional branches.
+ * To protect against side-channel attack the function uses constant time swap,
+ * avoiding conditional branches.
*/
static int ec_GF2m_montgomery_point_multiply(const EC_GROUP *group,
EC_POINT *r,
@@ -265,8 +267,8 @@
BN_CTX *ctx)
{
BIGNUM *x1, *x2, *z1, *z2;
- int ret = 0, i, j;
- BN_ULONG mask;
+ int ret = 0, i;
+ BN_ULONG mask, word;
if (r == point) {
ECerr(EC_F_EC_GF2M_MONTGOMERY_POINT_MULTIPLY, EC_R_INVALID_ARGUMENT);
@@ -313,34 +315,30 @@
/* find top most bit and go one past it */
i = scalar->top - 1;
- j = BN_BITS2 - 1;
mask = BN_TBIT;
- while (!(scalar->d[i] & mask)) {
+ word = scalar->d[i];
+ while (!(word & mask))
mask >>= 1;
- j--;
- }
mask >>= 1;
- j--;
/* if top most bit was at word break, go to next word */
if (!mask) {
i--;
- j = BN_BITS2 - 1;
mask = BN_TBIT;
}
for (; i >= 0; i--) {
- for (; j >= 0; j--) {
- BN_consttime_swap(scalar->d[i] & mask, x1, x2, group->field.top);
- BN_consttime_swap(scalar->d[i] & mask, z1, z2, group->field.top);
+ word = scalar->d[i];
+ while (mask) {
+ BN_consttime_swap(word & mask, x1, x2, group->field.top);
+ BN_consttime_swap(word & mask, z1, z2, group->field.top);
if (!gf2m_Madd(group, &point->X, x2, z2, x1, z1, ctx))
goto err;
if (!gf2m_Mdouble(group, x1, z1, ctx))
goto err;
- BN_consttime_swap(scalar->d[i] & mask, x1, x2, group->field.top);
- BN_consttime_swap(scalar->d[i] & mask, z1, z2, group->field.top);
+ BN_consttime_swap(word & mask, x1, x2, group->field.top);
+ BN_consttime_swap(word & mask, z1, z2, group->field.top);
mask >>= 1;
}
- j = BN_BITS2 - 1;
mask = BN_TBIT;
}
@@ -461,3 +459,5 @@
{
return ec_wNAF_have_precompute_mult(group);
}
+
+#endif
Copied: trunk/crypto/openssl/crypto/ec/ec2_oct.c (from rev 7117, vendor-crypto/openssl/dist/crypto/ec/ec2_oct.c)
===================================================================
--- trunk/crypto/openssl/crypto/ec/ec2_oct.c (rev 0)
+++ trunk/crypto/openssl/crypto/ec/ec2_oct.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,403 @@
+/* crypto/ec/ec2_oct.c */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+ * The Elliptic Curve Public-Key Crypto Library (ECC Code) included
+ * herein is developed by SUN MICROSYSTEMS, INC., and is contributed
+ * to the OpenSSL project.
+ *
+ * The ECC Code is licensed pursuant to the OpenSSL open source
+ * license provided below.
+ *
+ * The software is originally written by Sheueling Chang Shantz and
+ * Douglas Stebila of Sun Microsystems Laboratories.
+ *
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <openssl/err.h>
+
+#include "ec_lcl.h"
+
+#ifndef OPENSSL_NO_EC2M
+
+/*-
+ * Calculates and sets the affine coordinates of an EC_POINT from the given
+ * compressed coordinates. Uses algorithm 2.3.4 of SEC 1.
+ * Note that the simple implementation only uses affine coordinates.
+ *
+ * The method is from the following publication:
+ *
+ * Harper, Menezes, Vanstone:
+ * "Public-Key Cryptosystems with Very Small Key Lengths",
+ * EUROCRYPT '92, Springer-Verlag LNCS 658,
+ * published February 1993
+ *
+ * US Patents 6,141,420 and 6,618,483 (Vanstone, Mullin, Agnew) describe
+ * the same method, but claim no priority date earlier than July 29, 1994
+ * (and additionally fail to cite the EUROCRYPT '92 publication as prior art).
+ */
+int ec_GF2m_simple_set_compressed_coordinates(const EC_GROUP *group,
+ EC_POINT *point,
+ const BIGNUM *x_, int y_bit,
+ BN_CTX *ctx)
+{
+ BN_CTX *new_ctx = NULL;
+ BIGNUM *tmp, *x, *y, *z;
+ int ret = 0, z0;
+
+ /* clear error queue */
+ ERR_clear_error();
+
+ if (ctx == NULL) {
+ ctx = new_ctx = BN_CTX_new();
+ if (ctx == NULL)
+ return 0;
+ }
+
+ y_bit = (y_bit != 0) ? 1 : 0;
+
+ BN_CTX_start(ctx);
+ tmp = BN_CTX_get(ctx);
+ x = BN_CTX_get(ctx);
+ y = BN_CTX_get(ctx);
+ z = BN_CTX_get(ctx);
+ if (z == NULL)
+ goto err;
+
+ if (!BN_GF2m_mod_arr(x, x_, group->poly))
+ goto err;
+ if (BN_is_zero(x)) {
+ if (!BN_GF2m_mod_sqrt_arr(y, &group->b, group->poly, ctx))
+ goto err;
+ } else {
+ if (!group->meth->field_sqr(group, tmp, x, ctx))
+ goto err;
+ if (!group->meth->field_div(group, tmp, &group->b, tmp, ctx))
+ goto err;
+ if (!BN_GF2m_add(tmp, &group->a, tmp))
+ goto err;
+ if (!BN_GF2m_add(tmp, x, tmp))
+ goto err;
+ if (!BN_GF2m_mod_solve_quad_arr(z, tmp, group->poly, ctx)) {
+ unsigned long err = ERR_peek_last_error();
+
+ if (ERR_GET_LIB(err) == ERR_LIB_BN
+ && ERR_GET_REASON(err) == BN_R_NO_SOLUTION) {
+ ERR_clear_error();
+ ECerr(EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES,
+ EC_R_INVALID_COMPRESSED_POINT);
+ } else
+ ECerr(EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES,
+ ERR_R_BN_LIB);
+ goto err;
+ }
+ z0 = (BN_is_odd(z)) ? 1 : 0;
+ if (!group->meth->field_mul(group, y, x, z, ctx))
+ goto err;
+ if (z0 != y_bit) {
+ if (!BN_GF2m_add(y, y, x))
+ goto err;
+ }
+ }
+
+ if (!EC_POINT_set_affine_coordinates_GF2m(group, point, x, y, ctx))
+ goto err;
+
+ ret = 1;
+
+ err:
+ BN_CTX_end(ctx);
+ if (new_ctx != NULL)
+ BN_CTX_free(new_ctx);
+ return ret;
+}
+
+/*
+ * Converts an EC_POINT to an octet string. If buf is NULL, the encoded
+ * length will be returned. If the length len of buf is smaller than required
+ * an error will be returned.
+ */
+size_t ec_GF2m_simple_point2oct(const EC_GROUP *group, const EC_POINT *point,
+ point_conversion_form_t form,
+ unsigned char *buf, size_t len, BN_CTX *ctx)
+{
+ size_t ret;
+ BN_CTX *new_ctx = NULL;
+ int used_ctx = 0;
+ BIGNUM *x, *y, *yxi;
+ size_t field_len, i, skip;
+
+ if ((form != POINT_CONVERSION_COMPRESSED)
+ && (form != POINT_CONVERSION_UNCOMPRESSED)
+ && (form != POINT_CONVERSION_HYBRID)) {
+ ECerr(EC_F_EC_GF2M_SIMPLE_POINT2OCT, EC_R_INVALID_FORM);
+ goto err;
+ }
+
+ if (EC_POINT_is_at_infinity(group, point)) {
+ /* encodes to a single 0 octet */
+ if (buf != NULL) {
+ if (len < 1) {
+ ECerr(EC_F_EC_GF2M_SIMPLE_POINT2OCT, EC_R_BUFFER_TOO_SMALL);
+ return 0;
+ }
+ buf[0] = 0;
+ }
+ return 1;
+ }
+
+ /* ret := required output buffer length */
+ field_len = (EC_GROUP_get_degree(group) + 7) / 8;
+ ret =
+ (form ==
+ POINT_CONVERSION_COMPRESSED) ? 1 + field_len : 1 + 2 * field_len;
+
+ /* if 'buf' is NULL, just return required length */
+ if (buf != NULL) {
+ if (len < ret) {
+ ECerr(EC_F_EC_GF2M_SIMPLE_POINT2OCT, EC_R_BUFFER_TOO_SMALL);
+ goto err;
+ }
+
+ if (ctx == NULL) {
+ ctx = new_ctx = BN_CTX_new();
+ if (ctx == NULL)
+ return 0;
+ }
+
+ BN_CTX_start(ctx);
+ used_ctx = 1;
+ x = BN_CTX_get(ctx);
+ y = BN_CTX_get(ctx);
+ yxi = BN_CTX_get(ctx);
+ if (yxi == NULL)
+ goto err;
+
+ if (!EC_POINT_get_affine_coordinates_GF2m(group, point, x, y, ctx))
+ goto err;
+
+ buf[0] = form;
+ if ((form != POINT_CONVERSION_UNCOMPRESSED) && !BN_is_zero(x)) {
+ if (!group->meth->field_div(group, yxi, y, x, ctx))
+ goto err;
+ if (BN_is_odd(yxi))
+ buf[0]++;
+ }
+
+ i = 1;
+
+ skip = field_len - BN_num_bytes(x);
+ if (skip > field_len) {
+ ECerr(EC_F_EC_GF2M_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+ while (skip > 0) {
+ buf[i++] = 0;
+ skip--;
+ }
+ skip = BN_bn2bin(x, buf + i);
+ i += skip;
+ if (i != 1 + field_len) {
+ ECerr(EC_F_EC_GF2M_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+
+ if (form == POINT_CONVERSION_UNCOMPRESSED
+ || form == POINT_CONVERSION_HYBRID) {
+ skip = field_len - BN_num_bytes(y);
+ if (skip > field_len) {
+ ECerr(EC_F_EC_GF2M_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+ while (skip > 0) {
+ buf[i++] = 0;
+ skip--;
+ }
+ skip = BN_bn2bin(y, buf + i);
+ i += skip;
+ }
+
+ if (i != ret) {
+ ECerr(EC_F_EC_GF2M_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+ }
+
+ if (used_ctx)
+ BN_CTX_end(ctx);
+ if (new_ctx != NULL)
+ BN_CTX_free(new_ctx);
+ return ret;
+
+ err:
+ if (used_ctx)
+ BN_CTX_end(ctx);
+ if (new_ctx != NULL)
+ BN_CTX_free(new_ctx);
+ return 0;
+}
+
+/*
+ * Converts an octet string representation to an EC_POINT. Note that the
+ * simple implementation only uses affine coordinates.
+ */
+int ec_GF2m_simple_oct2point(const EC_GROUP *group, EC_POINT *point,
+ const unsigned char *buf, size_t len,
+ BN_CTX *ctx)
+{
+ point_conversion_form_t form;
+ int y_bit;
+ BN_CTX *new_ctx = NULL;
+ BIGNUM *x, *y, *yxi;
+ size_t field_len, enc_len;
+ int ret = 0;
+
+ if (len == 0) {
+ ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_BUFFER_TOO_SMALL);
+ return 0;
+ }
+ form = buf[0];
+ y_bit = form & 1;
+ form = form & ~1U;
+ if ((form != 0) && (form != POINT_CONVERSION_COMPRESSED)
+ && (form != POINT_CONVERSION_UNCOMPRESSED)
+ && (form != POINT_CONVERSION_HYBRID)) {
+ ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
+ return 0;
+ }
+ if ((form == 0 || form == POINT_CONVERSION_UNCOMPRESSED) && y_bit) {
+ ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
+ return 0;
+ }
+
+ if (form == 0) {
+ if (len != 1) {
+ ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
+ return 0;
+ }
+
+ return EC_POINT_set_to_infinity(group, point);
+ }
+
+ field_len = (EC_GROUP_get_degree(group) + 7) / 8;
+ enc_len =
+ (form ==
+ POINT_CONVERSION_COMPRESSED) ? 1 + field_len : 1 + 2 * field_len;
+
+ if (len != enc_len) {
+ ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
+ return 0;
+ }
+
+ if (ctx == NULL) {
+ ctx = new_ctx = BN_CTX_new();
+ if (ctx == NULL)
+ return 0;
+ }
+
+ BN_CTX_start(ctx);
+ x = BN_CTX_get(ctx);
+ y = BN_CTX_get(ctx);
+ yxi = BN_CTX_get(ctx);
+ if (yxi == NULL)
+ goto err;
+
+ if (!BN_bin2bn(buf + 1, field_len, x))
+ goto err;
+ if (BN_ucmp(x, &group->field) >= 0) {
+ ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
+ goto err;
+ }
+
+ if (form == POINT_CONVERSION_COMPRESSED) {
+ if (!EC_POINT_set_compressed_coordinates_GF2m
+ (group, point, x, y_bit, ctx))
+ goto err;
+ } else {
+ if (!BN_bin2bn(buf + 1 + field_len, field_len, y))
+ goto err;
+ if (BN_ucmp(y, &group->field) >= 0) {
+ ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
+ goto err;
+ }
+ if (form == POINT_CONVERSION_HYBRID) {
+ if (!group->meth->field_div(group, yxi, y, x, ctx))
+ goto err;
+ if (y_bit != BN_is_odd(yxi)) {
+ ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
+ goto err;
+ }
+ }
+
+ if (!EC_POINT_set_affine_coordinates_GF2m(group, point, x, y, ctx))
+ goto err;
+ }
+
+ /* test required by X9.62 */
+ if (EC_POINT_is_on_curve(group, point, ctx) <= 0) {
+ ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_POINT_IS_NOT_ON_CURVE);
+ goto err;
+ }
+
+ ret = 1;
+
+ err:
+ BN_CTX_end(ctx);
+ if (new_ctx != NULL)
+ BN_CTX_free(new_ctx);
+ return ret;
+}
+#endif
Modified: trunk/crypto/openssl/crypto/ec/ec2_smpl.c
===================================================================
--- trunk/crypto/openssl/crypto/ec/ec2_smpl.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/ec/ec2_smpl.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -14,7 +14,7 @@
*
*/
/* ====================================================================
- * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -71,9 +71,16 @@
#include "ec_lcl.h"
+#ifndef OPENSSL_NO_EC2M
+
+# ifdef OPENSSL_FIPS
+# include <openssl/fips.h>
+# endif
+
const EC_METHOD *EC_GF2m_simple_method(void)
{
static const EC_METHOD ret = {
+ EC_FLAGS_DEFAULT_OCT,
NID_X9_62_characteristic_two_field,
ec_GF2m_simple_group_init,
ec_GF2m_simple_group_finish,
@@ -92,9 +99,7 @@
0 /* get_Jprojective_coordinates_GFp */ ,
ec_GF2m_simple_point_set_affine_coordinates,
ec_GF2m_simple_point_get_affine_coordinates,
- ec_GF2m_simple_set_compressed_coordinates,
- ec_GF2m_simple_point2oct,
- ec_GF2m_simple_oct2point,
+ 0, 0, 0,
ec_GF2m_simple_add,
ec_GF2m_simple_dbl,
ec_GF2m_simple_invert,
@@ -119,6 +124,11 @@
0 /* field_set_to_one */
};
+# ifdef OPENSSL_FIPS
+ if (FIPS_mode())
+ return fips_ec_gf2m_simple_method();
+# endif
+
return &ret;
}
@@ -159,6 +169,7 @@
group->poly[2] = 0;
group->poly[3] = 0;
group->poly[4] = 0;
+ group->poly[5] = -1;
}
/*
@@ -179,6 +190,7 @@
dest->poly[2] = src->poly[2];
dest->poly[3] = src->poly[3];
dest->poly[4] = src->poly[4];
+ dest->poly[5] = src->poly[5];
if (bn_wexpand(&dest->a, (int)(dest->poly[0] + BN_BITS2 - 1) / BN_BITS2)
== NULL)
return 0;
@@ -202,7 +214,7 @@
/* group->field */
if (!BN_copy(&group->field, p))
goto err;
- i = BN_GF2m_poly2arr(&group->field, group->poly, 5);
+ i = BN_GF2m_poly2arr(&group->field, group->poly, 6) - 1;
if ((i != 5) && (i != 3)) {
ECerr(EC_F_EC_GF2M_SIMPLE_GROUP_SET_CURVE, EC_R_UNSUPPORTED_FIELD);
goto err;
@@ -439,259 +451,7 @@
return ret;
}
-/* Include patented algorithms. */
-#include "ec2_smpt.c"
-
/*
- * Converts an EC_POINT to an octet string. If buf is NULL, the encoded
- * length will be returned. If the length len of buf is smaller than required
- * an error will be returned. The point compression section of this function
- * is patented by Certicom Corp. under US Patent 6,141,420. Point
- * compression is disabled by default and can be enabled by defining the
- * preprocessor macro OPENSSL_EC_BIN_PT_COMP at Configure-time.
- */
-size_t ec_GF2m_simple_point2oct(const EC_GROUP *group, const EC_POINT *point,
- point_conversion_form_t form,
- unsigned char *buf, size_t len, BN_CTX *ctx)
-{
- size_t ret;
- BN_CTX *new_ctx = NULL;
- int used_ctx = 0;
- BIGNUM *x, *y, *yxi;
- size_t field_len, i, skip;
-
-#ifndef OPENSSL_EC_BIN_PT_COMP
- if ((form == POINT_CONVERSION_COMPRESSED)
- || (form == POINT_CONVERSION_HYBRID)) {
- ECerr(EC_F_EC_GF2M_SIMPLE_POINT2OCT, ERR_R_DISABLED);
- goto err;
- }
-#endif
-
- if ((form != POINT_CONVERSION_COMPRESSED)
- && (form != POINT_CONVERSION_UNCOMPRESSED)
- && (form != POINT_CONVERSION_HYBRID)) {
- ECerr(EC_F_EC_GF2M_SIMPLE_POINT2OCT, EC_R_INVALID_FORM);
- goto err;
- }
-
- if (EC_POINT_is_at_infinity(group, point)) {
- /* encodes to a single 0 octet */
- if (buf != NULL) {
- if (len < 1) {
- ECerr(EC_F_EC_GF2M_SIMPLE_POINT2OCT, EC_R_BUFFER_TOO_SMALL);
- return 0;
- }
- buf[0] = 0;
- }
- return 1;
- }
-
- /* ret := required output buffer length */
- field_len = (EC_GROUP_get_degree(group) + 7) / 8;
- ret =
- (form ==
- POINT_CONVERSION_COMPRESSED) ? 1 + field_len : 1 + 2 * field_len;
-
- /* if 'buf' is NULL, just return required length */
- if (buf != NULL) {
- if (len < ret) {
- ECerr(EC_F_EC_GF2M_SIMPLE_POINT2OCT, EC_R_BUFFER_TOO_SMALL);
- goto err;
- }
-
- if (ctx == NULL) {
- ctx = new_ctx = BN_CTX_new();
- if (ctx == NULL)
- return 0;
- }
-
- BN_CTX_start(ctx);
- used_ctx = 1;
- x = BN_CTX_get(ctx);
- y = BN_CTX_get(ctx);
- yxi = BN_CTX_get(ctx);
- if (yxi == NULL)
- goto err;
-
- if (!EC_POINT_get_affine_coordinates_GF2m(group, point, x, y, ctx))
- goto err;
-
- buf[0] = form;
-#ifdef OPENSSL_EC_BIN_PT_COMP
- if ((form != POINT_CONVERSION_UNCOMPRESSED) && !BN_is_zero(x)) {
- if (!group->meth->field_div(group, yxi, y, x, ctx))
- goto err;
- if (BN_is_odd(yxi))
- buf[0]++;
- }
-#endif
-
- i = 1;
-
- skip = field_len - BN_num_bytes(x);
- if (skip > field_len) {
- ECerr(EC_F_EC_GF2M_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR);
- goto err;
- }
- while (skip > 0) {
- buf[i++] = 0;
- skip--;
- }
- skip = BN_bn2bin(x, buf + i);
- i += skip;
- if (i != 1 + field_len) {
- ECerr(EC_F_EC_GF2M_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR);
- goto err;
- }
-
- if (form == POINT_CONVERSION_UNCOMPRESSED
- || form == POINT_CONVERSION_HYBRID) {
- skip = field_len - BN_num_bytes(y);
- if (skip > field_len) {
- ECerr(EC_F_EC_GF2M_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR);
- goto err;
- }
- while (skip > 0) {
- buf[i++] = 0;
- skip--;
- }
- skip = BN_bn2bin(y, buf + i);
- i += skip;
- }
-
- if (i != ret) {
- ECerr(EC_F_EC_GF2M_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR);
- goto err;
- }
- }
-
- if (used_ctx)
- BN_CTX_end(ctx);
- if (new_ctx != NULL)
- BN_CTX_free(new_ctx);
- return ret;
-
- err:
- if (used_ctx)
- BN_CTX_end(ctx);
- if (new_ctx != NULL)
- BN_CTX_free(new_ctx);
- return 0;
-}
-
-/*
- * Converts an octet string representation to an EC_POINT. Note that the
- * simple implementation only uses affine coordinates.
- */
-int ec_GF2m_simple_oct2point(const EC_GROUP *group, EC_POINT *point,
- const unsigned char *buf, size_t len,
- BN_CTX *ctx)
-{
- point_conversion_form_t form;
- int y_bit;
- BN_CTX *new_ctx = NULL;
- BIGNUM *x, *y, *yxi;
- size_t field_len, enc_len;
- int ret = 0;
-
- if (len == 0) {
- ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_BUFFER_TOO_SMALL);
- return 0;
- }
- form = buf[0];
- y_bit = form & 1;
- form = form & ~1U;
- if ((form != 0) && (form != POINT_CONVERSION_COMPRESSED)
- && (form != POINT_CONVERSION_UNCOMPRESSED)
- && (form != POINT_CONVERSION_HYBRID)) {
- ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
- return 0;
- }
- if ((form == 0 || form == POINT_CONVERSION_UNCOMPRESSED) && y_bit) {
- ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
- return 0;
- }
-
- if (form == 0) {
- if (len != 1) {
- ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
- return 0;
- }
-
- return EC_POINT_set_to_infinity(group, point);
- }
-
- field_len = (EC_GROUP_get_degree(group) + 7) / 8;
- enc_len =
- (form ==
- POINT_CONVERSION_COMPRESSED) ? 1 + field_len : 1 + 2 * field_len;
-
- if (len != enc_len) {
- ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
- return 0;
- }
-
- if (ctx == NULL) {
- ctx = new_ctx = BN_CTX_new();
- if (ctx == NULL)
- return 0;
- }
-
- BN_CTX_start(ctx);
- x = BN_CTX_get(ctx);
- y = BN_CTX_get(ctx);
- yxi = BN_CTX_get(ctx);
- if (yxi == NULL)
- goto err;
-
- if (!BN_bin2bn(buf + 1, field_len, x))
- goto err;
- if (BN_ucmp(x, &group->field) >= 0) {
- ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
- goto err;
- }
-
- if (form == POINT_CONVERSION_COMPRESSED) {
- if (!EC_POINT_set_compressed_coordinates_GF2m
- (group, point, x, y_bit, ctx))
- goto err;
- } else {
- if (!BN_bin2bn(buf + 1 + field_len, field_len, y))
- goto err;
- if (BN_ucmp(y, &group->field) >= 0) {
- ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
- goto err;
- }
- if (form == POINT_CONVERSION_HYBRID) {
- if (!group->meth->field_div(group, yxi, y, x, ctx))
- goto err;
- if (y_bit != BN_is_odd(yxi)) {
- ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
- goto err;
- }
- }
-
- if (!EC_POINT_set_affine_coordinates_GF2m(group, point, x, y, ctx))
- goto err;
- }
-
- /* test required by X9.62 */
- if (EC_POINT_is_on_curve(group, point, ctx) <= 0) {
- ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_POINT_IS_NOT_ON_CURVE);
- goto err;
- }
-
- ret = 1;
-
- err:
- BN_CTX_end(ctx);
- if (new_ctx != NULL)
- BN_CTX_free(new_ctx);
- return ret;
-}
-
-/*
* Computes a + b and stores the result in r. r could be a or b, a could be
* b. Uses algorithm A.10.2 of IEEE P1363.
*/
@@ -1033,3 +793,5 @@
{
return BN_GF2m_mod_div(r, a, b, &group->field, ctx);
}
+
+#endif
Copied: trunk/crypto/openssl/crypto/ec/ec_ameth.c (from rev 7117, vendor-crypto/openssl/dist/crypto/ec/ec_ameth.c)
===================================================================
--- trunk/crypto/openssl/crypto/ec/ec_ameth.c (rev 0)
+++ trunk/crypto/openssl/crypto/ec/ec_ameth.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,627 @@
+/*
+ * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+ * 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/x509.h>
+#include <openssl/ec.h>
+#include <openssl/bn.h>
+#ifndef OPENSSL_NO_CMS
+# include <openssl/cms.h>
+#endif
+#include "asn1_locl.h"
+
+static int eckey_param2type(int *pptype, void **ppval, EC_KEY *ec_key)
+{
+ const EC_GROUP *group;
+ int nid;
+ if (ec_key == NULL || (group = EC_KEY_get0_group(ec_key)) == NULL) {
+ ECerr(EC_F_ECKEY_PARAM2TYPE, EC_R_MISSING_PARAMETERS);
+ return 0;
+ }
+ if (EC_GROUP_get_asn1_flag(group)
+ && (nid = EC_GROUP_get_curve_name(group)))
+ /* we have a 'named curve' => just set the OID */
+ {
+ *ppval = OBJ_nid2obj(nid);
+ *pptype = V_ASN1_OBJECT;
+ } else { /* explicit parameters */
+
+ ASN1_STRING *pstr = NULL;
+ pstr = ASN1_STRING_new();
+ if (!pstr)
+ return 0;
+ pstr->length = i2d_ECParameters(ec_key, &pstr->data);
+ if (pstr->length <= 0) {
+ ASN1_STRING_free(pstr);
+ ECerr(EC_F_ECKEY_PARAM2TYPE, ERR_R_EC_LIB);
+ return 0;
+ }
+ *ppval = pstr;
+ *pptype = V_ASN1_SEQUENCE;
+ }
+ return 1;
+}
+
+static int eckey_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
+{
+ EC_KEY *ec_key = pkey->pkey.ec;
+ void *pval = NULL;
+ int ptype;
+ unsigned char *penc = NULL, *p;
+ int penclen;
+
+ if (!eckey_param2type(&ptype, &pval, ec_key)) {
+ ECerr(EC_F_ECKEY_PUB_ENCODE, ERR_R_EC_LIB);
+ return 0;
+ }
+ penclen = i2o_ECPublicKey(ec_key, NULL);
+ if (penclen <= 0)
+ goto err;
+ penc = OPENSSL_malloc(penclen);
+ if (!penc)
+ goto err;
+ p = penc;
+ penclen = i2o_ECPublicKey(ec_key, &p);
+ if (penclen <= 0)
+ goto err;
+ if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_EC),
+ ptype, pval, penc, penclen))
+ return 1;
+ err:
+ if (ptype == V_ASN1_OBJECT)
+ ASN1_OBJECT_free(pval);
+ else
+ ASN1_STRING_free(pval);
+ if (penc)
+ OPENSSL_free(penc);
+ return 0;
+}
+
+static EC_KEY *eckey_type2param(int ptype, void *pval)
+{
+ EC_KEY *eckey = NULL;
+ if (ptype == V_ASN1_SEQUENCE) {
+ ASN1_STRING *pstr = pval;
+ const unsigned char *pm = NULL;
+ int pmlen;
+ pm = pstr->data;
+ pmlen = pstr->length;
+ if (!(eckey = d2i_ECParameters(NULL, &pm, pmlen))) {
+ ECerr(EC_F_ECKEY_TYPE2PARAM, EC_R_DECODE_ERROR);
+ goto ecerr;
+ }
+ } else if (ptype == V_ASN1_OBJECT) {
+ ASN1_OBJECT *poid = pval;
+ EC_GROUP *group;
+
+ /*
+ * type == V_ASN1_OBJECT => the parameters are given by an asn1 OID
+ */
+ if ((eckey = EC_KEY_new()) == NULL) {
+ ECerr(EC_F_ECKEY_TYPE2PARAM, ERR_R_MALLOC_FAILURE);
+ goto ecerr;
+ }
+ group = EC_GROUP_new_by_curve_name(OBJ_obj2nid(poid));
+ if (group == NULL)
+ goto ecerr;
+ EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE);
+ if (EC_KEY_set_group(eckey, group) == 0)
+ goto ecerr;
+ EC_GROUP_free(group);
+ } else {
+ ECerr(EC_F_ECKEY_TYPE2PARAM, EC_R_DECODE_ERROR);
+ goto ecerr;
+ }
+
+ return eckey;
+
+ ecerr:
+ if (eckey)
+ EC_KEY_free(eckey);
+ return NULL;
+}
+
+static int eckey_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
+{
+ const unsigned char *p = NULL;
+ void *pval;
+ int ptype, pklen;
+ EC_KEY *eckey = NULL;
+ X509_ALGOR *palg;
+
+ if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, &palg, pubkey))
+ return 0;
+ X509_ALGOR_get0(NULL, &ptype, &pval, palg);
+
+ eckey = eckey_type2param(ptype, pval);
+
+ if (!eckey) {
+ ECerr(EC_F_ECKEY_PUB_DECODE, ERR_R_EC_LIB);
+ return 0;
+ }
+
+ /* We have parameters now set public key */
+ if (!o2i_ECPublicKey(&eckey, &p, pklen)) {
+ ECerr(EC_F_ECKEY_PUB_DECODE, EC_R_DECODE_ERROR);
+ goto ecerr;
+ }
+
+ EVP_PKEY_assign_EC_KEY(pkey, eckey);
+ return 1;
+
+ ecerr:
+ if (eckey)
+ EC_KEY_free(eckey);
+ return 0;
+}
+
+static int eckey_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
+{
+ int r;
+ const EC_GROUP *group = EC_KEY_get0_group(b->pkey.ec);
+ const EC_POINT *pa = EC_KEY_get0_public_key(a->pkey.ec),
+ *pb = EC_KEY_get0_public_key(b->pkey.ec);
+ r = EC_POINT_cmp(group, pa, pb, NULL);
+ if (r == 0)
+ return 1;
+ if (r == 1)
+ return 0;
+ return -2;
+}
+
+static int eckey_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
+{
+ const unsigned char *p = NULL;
+ void *pval;
+ int ptype, pklen;
+ EC_KEY *eckey = NULL;
+ X509_ALGOR *palg;
+
+ if (!PKCS8_pkey_get0(NULL, &p, &pklen, &palg, p8))
+ return 0;
+ X509_ALGOR_get0(NULL, &ptype, &pval, palg);
+
+ eckey = eckey_type2param(ptype, pval);
+
+ if (!eckey)
+ goto ecliberr;
+
+ /* We have parameters now set private key */
+ if (!d2i_ECPrivateKey(&eckey, &p, pklen)) {
+ ECerr(EC_F_ECKEY_PRIV_DECODE, EC_R_DECODE_ERROR);
+ goto ecerr;
+ }
+
+ /* calculate public key (if necessary) */
+ if (EC_KEY_get0_public_key(eckey) == NULL) {
+ const BIGNUM *priv_key;
+ const EC_GROUP *group;
+ EC_POINT *pub_key;
+ /*
+ * the public key was not included in the SEC1 private key =>
+ * calculate the public key
+ */
+ group = EC_KEY_get0_group(eckey);
+ pub_key = EC_POINT_new(group);
+ if (pub_key == NULL) {
+ ECerr(EC_F_ECKEY_PRIV_DECODE, ERR_R_EC_LIB);
+ goto ecliberr;
+ }
+ if (!EC_POINT_copy(pub_key, EC_GROUP_get0_generator(group))) {
+ EC_POINT_free(pub_key);
+ ECerr(EC_F_ECKEY_PRIV_DECODE, ERR_R_EC_LIB);
+ goto ecliberr;
+ }
+ priv_key = EC_KEY_get0_private_key(eckey);
+ if (!EC_POINT_mul(group, pub_key, priv_key, NULL, NULL, NULL)) {
+ EC_POINT_free(pub_key);
+ ECerr(EC_F_ECKEY_PRIV_DECODE, ERR_R_EC_LIB);
+ goto ecliberr;
+ }
+ if (EC_KEY_set_public_key(eckey, pub_key) == 0) {
+ EC_POINT_free(pub_key);
+ ECerr(EC_F_ECKEY_PRIV_DECODE, ERR_R_EC_LIB);
+ goto ecliberr;
+ }
+ EC_POINT_free(pub_key);
+ }
+
+ EVP_PKEY_assign_EC_KEY(pkey, eckey);
+ return 1;
+
+ ecliberr:
+ ECerr(EC_F_ECKEY_PRIV_DECODE, ERR_R_EC_LIB);
+ ecerr:
+ if (eckey)
+ EC_KEY_free(eckey);
+ return 0;
+}
+
+static int eckey_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
+{
+ EC_KEY *ec_key;
+ unsigned char *ep, *p;
+ int eplen, ptype;
+ void *pval;
+ unsigned int tmp_flags, old_flags;
+
+ ec_key = pkey->pkey.ec;
+
+ if (!eckey_param2type(&ptype, &pval, ec_key)) {
+ ECerr(EC_F_ECKEY_PRIV_ENCODE, EC_R_DECODE_ERROR);
+ return 0;
+ }
+
+ /* set the private key */
+
+ /*
+ * do not include the parameters in the SEC1 private key see PKCS#11
+ * 12.11
+ */
+ old_flags = EC_KEY_get_enc_flags(ec_key);
+ tmp_flags = old_flags | EC_PKEY_NO_PARAMETERS;
+ EC_KEY_set_enc_flags(ec_key, tmp_flags);
+ eplen = i2d_ECPrivateKey(ec_key, NULL);
+ if (!eplen) {
+ EC_KEY_set_enc_flags(ec_key, old_flags);
+ ECerr(EC_F_ECKEY_PRIV_ENCODE, ERR_R_EC_LIB);
+ return 0;
+ }
+ ep = (unsigned char *)OPENSSL_malloc(eplen);
+ if (!ep) {
+ EC_KEY_set_enc_flags(ec_key, old_flags);
+ ECerr(EC_F_ECKEY_PRIV_ENCODE, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+ p = ep;
+ if (!i2d_ECPrivateKey(ec_key, &p)) {
+ EC_KEY_set_enc_flags(ec_key, old_flags);
+ OPENSSL_free(ep);
+ ECerr(EC_F_ECKEY_PRIV_ENCODE, ERR_R_EC_LIB);
+ return 0;
+ }
+ /* restore old encoding flags */
+ EC_KEY_set_enc_flags(ec_key, old_flags);
+
+ if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_X9_62_id_ecPublicKey), 0,
+ ptype, pval, ep, eplen))
+ return 0;
+
+ return 1;
+}
+
+static int int_ec_size(const EVP_PKEY *pkey)
+{
+ return ECDSA_size(pkey->pkey.ec);
+}
+
+static int ec_bits(const EVP_PKEY *pkey)
+{
+ BIGNUM *order = BN_new();
+ const EC_GROUP *group;
+ int ret;
+
+ if (!order) {
+ ERR_clear_error();
+ return 0;
+ }
+ group = EC_KEY_get0_group(pkey->pkey.ec);
+ if (!EC_GROUP_get_order(group, order, NULL)) {
+ ERR_clear_error();
+ return 0;
+ }
+
+ ret = BN_num_bits(order);
+ BN_free(order);
+ return ret;
+}
+
+static int ec_missing_parameters(const EVP_PKEY *pkey)
+{
+ if (EC_KEY_get0_group(pkey->pkey.ec) == NULL)
+ return 1;
+ return 0;
+}
+
+static int ec_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
+{
+ EC_GROUP *group = EC_GROUP_dup(EC_KEY_get0_group(from->pkey.ec));
+ if (group == NULL)
+ return 0;
+ if (EC_KEY_set_group(to->pkey.ec, group) == 0)
+ return 0;
+ EC_GROUP_free(group);
+ return 1;
+}
+
+static int ec_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
+{
+ const EC_GROUP *group_a = EC_KEY_get0_group(a->pkey.ec),
+ *group_b = EC_KEY_get0_group(b->pkey.ec);
+ if (EC_GROUP_cmp(group_a, group_b, NULL))
+ return 0;
+ else
+ return 1;
+}
+
+static void int_ec_free(EVP_PKEY *pkey)
+{
+ EC_KEY_free(pkey->pkey.ec);
+}
+
+static int do_EC_KEY_print(BIO *bp, const EC_KEY *x, int off, int ktype)
+{
+ unsigned char *buffer = NULL;
+ const char *ecstr;
+ size_t buf_len = 0, i;
+ int ret = 0, reason = ERR_R_BIO_LIB;
+ BIGNUM *pub_key = NULL, *order = NULL;
+ BN_CTX *ctx = NULL;
+ const EC_GROUP *group;
+ const EC_POINT *public_key;
+ const BIGNUM *priv_key;
+
+ if (x == NULL || (group = EC_KEY_get0_group(x)) == NULL) {
+ reason = ERR_R_PASSED_NULL_PARAMETER;
+ goto err;
+ }
+
+ ctx = BN_CTX_new();
+ if (ctx == NULL) {
+ reason = ERR_R_MALLOC_FAILURE;
+ goto err;
+ }
+
+ if (ktype > 0) {
+ public_key = EC_KEY_get0_public_key(x);
+ if (public_key != NULL) {
+ if ((pub_key = EC_POINT_point2bn(group, public_key,
+ EC_KEY_get_conv_form(x), NULL,
+ ctx)) == NULL) {
+ reason = ERR_R_EC_LIB;
+ goto err;
+ }
+ buf_len = (size_t)BN_num_bytes(pub_key);
+ }
+ }
+
+ if (ktype == 2) {
+ priv_key = EC_KEY_get0_private_key(x);
+ if (priv_key && (i = (size_t)BN_num_bytes(priv_key)) > buf_len)
+ buf_len = i;
+ } else
+ priv_key = NULL;
+
+ if (ktype > 0) {
+ buf_len += 10;
+ if ((buffer = OPENSSL_malloc(buf_len)) == NULL) {
+ reason = ERR_R_MALLOC_FAILURE;
+ goto err;
+ }
+ }
+ if (ktype == 2)
+ ecstr = "Private-Key";
+ else if (ktype == 1)
+ ecstr = "Public-Key";
+ else
+ ecstr = "ECDSA-Parameters";
+
+ if (!BIO_indent(bp, off, 128))
+ goto err;
+ if ((order = BN_new()) == NULL)
+ goto err;
+ if (!EC_GROUP_get_order(group, order, NULL))
+ goto err;
+ if (BIO_printf(bp, "%s: (%d bit)\n", ecstr, BN_num_bits(order)) <= 0)
+ goto err;
+
+ if ((priv_key != NULL) && !ASN1_bn_print(bp, "priv:", priv_key,
+ buffer, off))
+ goto err;
+ if ((pub_key != NULL) && !ASN1_bn_print(bp, "pub: ", pub_key,
+ buffer, off))
+ goto err;
+ if (!ECPKParameters_print(bp, group, off))
+ goto err;
+ ret = 1;
+ err:
+ if (!ret)
+ ECerr(EC_F_DO_EC_KEY_PRINT, reason);
+ if (pub_key)
+ BN_free(pub_key);
+ if (order)
+ BN_free(order);
+ if (ctx)
+ BN_CTX_free(ctx);
+ if (buffer != NULL)
+ OPENSSL_free(buffer);
+ return (ret);
+}
+
+static int eckey_param_decode(EVP_PKEY *pkey,
+ const unsigned char **pder, int derlen)
+{
+ EC_KEY *eckey;
+ if (!(eckey = d2i_ECParameters(NULL, pder, derlen))) {
+ ECerr(EC_F_ECKEY_PARAM_DECODE, ERR_R_EC_LIB);
+ return 0;
+ }
+ EVP_PKEY_assign_EC_KEY(pkey, eckey);
+ return 1;
+}
+
+static int eckey_param_encode(const EVP_PKEY *pkey, unsigned char **pder)
+{
+ return i2d_ECParameters(pkey->pkey.ec, pder);
+}
+
+static int eckey_param_print(BIO *bp, const EVP_PKEY *pkey, int indent,
+ ASN1_PCTX *ctx)
+{
+ return do_EC_KEY_print(bp, pkey->pkey.ec, indent, 0);
+}
+
+static int eckey_pub_print(BIO *bp, const EVP_PKEY *pkey, int indent,
+ ASN1_PCTX *ctx)
+{
+ return do_EC_KEY_print(bp, pkey->pkey.ec, indent, 1);
+}
+
+static int eckey_priv_print(BIO *bp, const EVP_PKEY *pkey, int indent,
+ ASN1_PCTX *ctx)
+{
+ return do_EC_KEY_print(bp, pkey->pkey.ec, indent, 2);
+}
+
+static int old_ec_priv_decode(EVP_PKEY *pkey,
+ const unsigned char **pder, int derlen)
+{
+ EC_KEY *ec;
+ if (!(ec = d2i_ECPrivateKey(NULL, pder, derlen))) {
+ ECerr(EC_F_OLD_EC_PRIV_DECODE, EC_R_DECODE_ERROR);
+ return 0;
+ }
+ EVP_PKEY_assign_EC_KEY(pkey, ec);
+ return 1;
+}
+
+static int old_ec_priv_encode(const EVP_PKEY *pkey, unsigned char **pder)
+{
+ return i2d_ECPrivateKey(pkey->pkey.ec, pder);
+}
+
+static int ec_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
+{
+ switch (op) {
+ case ASN1_PKEY_CTRL_PKCS7_SIGN:
+ if (arg1 == 0) {
+ int snid, hnid;
+ X509_ALGOR *alg1, *alg2;
+ PKCS7_SIGNER_INFO_get0_algs(arg2, NULL, &alg1, &alg2);
+ if (alg1 == NULL || alg1->algorithm == NULL)
+ return -1;
+ hnid = OBJ_obj2nid(alg1->algorithm);
+ if (hnid == NID_undef)
+ return -1;
+ if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey)))
+ return -1;
+ X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0);
+ }
+ return 1;
+#ifndef OPENSSL_NO_CMS
+ case ASN1_PKEY_CTRL_CMS_SIGN:
+ if (arg1 == 0) {
+ int snid, hnid;
+ X509_ALGOR *alg1, *alg2;
+ CMS_SignerInfo_get0_algs(arg2, NULL, NULL, &alg1, &alg2);
+ if (alg1 == NULL || alg1->algorithm == NULL)
+ return -1;
+ hnid = OBJ_obj2nid(alg1->algorithm);
+ if (hnid == NID_undef)
+ return -1;
+ if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey)))
+ return -1;
+ X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0);
+ }
+ return 1;
+#endif
+
+ case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
+ *(int *)arg2 = NID_sha1;
+ return 2;
+
+ default:
+ return -2;
+
+ }
+
+}
+
+const EVP_PKEY_ASN1_METHOD eckey_asn1_meth = {
+ EVP_PKEY_EC,
+ EVP_PKEY_EC,
+ 0,
+ "EC",
+ "OpenSSL EC algorithm",
+
+ eckey_pub_decode,
+ eckey_pub_encode,
+ eckey_pub_cmp,
+ eckey_pub_print,
+
+ eckey_priv_decode,
+ eckey_priv_encode,
+ eckey_priv_print,
+
+ int_ec_size,
+ ec_bits,
+
+ eckey_param_decode,
+ eckey_param_encode,
+ ec_missing_parameters,
+ ec_copy_parameters,
+ ec_cmp_parameters,
+ eckey_param_print,
+ 0,
+
+ int_ec_free,
+ ec_pkey_ctrl,
+ old_ec_priv_decode,
+ old_ec_priv_encode
+};
Modified: trunk/crypto/openssl/crypto/ec/ec_asn1.c
===================================================================
--- trunk/crypto/openssl/crypto/ec/ec_asn1.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/ec/ec_asn1.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -83,15 +83,16 @@
return 0;
}
+#ifndef OPENSSL_NO_EC2M
int EC_GROUP_get_trinomial_basis(const EC_GROUP *group, unsigned int *k)
{
if (group == NULL)
return 0;
- if (EC_GROUP_method_of(group)->group_set_curve !=
- ec_GF2m_simple_group_set_curve || !((group->poly[0] != 0)
- && (group->poly[1] != 0)
- && (group->poly[2] == 0))) {
+ if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) !=
+ NID_X9_62_characteristic_two_field
+ || !((group->poly[0] != 0) && (group->poly[1] != 0)
+ && (group->poly[2] == 0))) {
ECerr(EC_F_EC_GROUP_GET_TRINOMIAL_BASIS,
ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return 0;
@@ -109,12 +110,11 @@
if (group == NULL)
return 0;
- if (EC_GROUP_method_of(group)->group_set_curve !=
- ec_GF2m_simple_group_set_curve || !((group->poly[0] != 0)
- && (group->poly[1] != 0)
- && (group->poly[2] != 0)
- && (group->poly[3] != 0)
- && (group->poly[4] == 0))) {
+ if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) !=
+ NID_X9_62_characteristic_two_field
+ || !((group->poly[0] != 0) && (group->poly[1] != 0)
+ && (group->poly[2] != 0) && (group->poly[3] != 0)
+ && (group->poly[4] == 0))) {
ECerr(EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS,
ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return 0;
@@ -129,6 +129,7 @@
return 1;
}
+#endif
/* some structures needed for the asn1 encoding */
typedef struct x9_62_pentanomial_st {
@@ -344,8 +345,14 @@
ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_ASN1_LIB);
goto err;
}
- } else { /* nid == NID_X9_62_characteristic_two_field */
-
+ } else /* nid == NID_X9_62_characteristic_two_field */
+#ifdef OPENSSL_NO_EC2M
+ {
+ ECerr(EC_F_EC_ASN1_GROUP2FIELDID, EC_R_GF2M_NOT_SUPPORTED);
+ goto err;
+ }
+#else
+ {
int field_type;
X9_62_CHARACTERISTIC_TWO *char_two;
@@ -412,6 +419,7 @@
}
}
}
+#endif
ok = 1;
@@ -445,7 +453,9 @@
ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_EC_LIB);
goto err;
}
- } else { /* nid == NID_X9_62_characteristic_two_field */
+ }
+#ifndef OPENSSL_NO_EC2M
+ else { /* nid == NID_X9_62_characteristic_two_field */
if (!EC_GROUP_get_curve_GF2m(group, NULL, tmp_1, tmp_2, NULL)) {
ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_EC_LIB);
@@ -452,7 +462,7 @@
goto err;
}
}
-
+#endif
len_1 = (size_t)BN_num_bytes(tmp_1);
len_2 = (size_t)BN_num_bytes(tmp_2);
@@ -711,8 +721,14 @@
/* get the field parameters */
tmp = OBJ_obj2nid(params->fieldID->fieldType);
-
- if (tmp == NID_X9_62_characteristic_two_field) {
+ if (tmp == NID_X9_62_characteristic_two_field)
+#ifdef OPENSSL_NO_EC2M
+ {
+ ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_GF2M_NOT_SUPPORTED);
+ goto err;
+ }
+#else
+ {
X9_62_CHARACTERISTIC_TWO *char_two;
char_two = params->fieldID->p.char_two;
@@ -793,7 +809,9 @@
/* create the EC_GROUP structure */
ret = EC_GROUP_new_curve_GF2m(p, a, b, NULL);
- } else if (tmp == NID_X9_62_prime_field) {
+ }
+#endif
+ else if (tmp == NID_X9_62_prime_field) {
/* we have a curve over a prime field */
/* extract the prime number */
if (!params->fieldID->p.prime) {
@@ -961,6 +979,7 @@
if ((group = ec_asn1_pkparameters2group(params)) == NULL) {
ECerr(EC_F_D2I_ECPKPARAMETERS, EC_R_PKPARAMETERS2GROUP_FAILURE);
+ ECPKPARAMETERS_free(params);
return NULL;
}
@@ -998,14 +1017,8 @@
EC_KEY *ret = NULL;
EC_PRIVATEKEY *priv_key = NULL;
- if ((priv_key = EC_PRIVATEKEY_new()) == NULL) {
- ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_MALLOC_FAILURE);
- return NULL;
- }
-
- if ((priv_key = d2i_EC_PRIVATEKEY(&priv_key, in, len)) == NULL) {
+ if ((priv_key = d2i_EC_PRIVATEKEY(NULL, in, len)) == NULL) {
ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
- EC_PRIVATEKEY_free(priv_key);
return NULL;
}
@@ -1043,26 +1056,42 @@
goto err;
}
+ if (ret->pub_key)
+ EC_POINT_clear_free(ret->pub_key);
+ ret->pub_key = EC_POINT_new(ret->group);
+ if (ret->pub_key == NULL) {
+ ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
+ goto err;
+ }
+
if (priv_key->publicKey) {
const unsigned char *pub_oct;
- size_t pub_oct_len;
+ int pub_oct_len;
- if (ret->pub_key)
- EC_POINT_clear_free(ret->pub_key);
- ret->pub_key = EC_POINT_new(ret->group);
- if (ret->pub_key == NULL) {
- ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
+ pub_oct = M_ASN1_STRING_data(priv_key->publicKey);
+ pub_oct_len = M_ASN1_STRING_length(priv_key->publicKey);
+ /*
+ * The first byte - point conversion form - must be present.
+ */
+ if (pub_oct_len <= 0) {
+ ECerr(EC_F_D2I_ECPRIVATEKEY, EC_R_BUFFER_TOO_SMALL);
goto err;
}
- pub_oct = M_ASN1_STRING_data(priv_key->publicKey);
- pub_oct_len = M_ASN1_STRING_length(priv_key->publicKey);
- /* save the point conversion form */
+ /* Save the point conversion form. */
ret->conv_form = (point_conversion_form_t) (pub_oct[0] & ~0x01);
if (!EC_POINT_oct2point(ret->group, ret->pub_key,
- pub_oct, pub_oct_len, NULL)) {
+ pub_oct, (size_t)(pub_oct_len), NULL)) {
ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
goto err;
}
+ } else {
+ if (!EC_POINT_mul
+ (ret->group, ret->pub_key, ret->priv_key, NULL, NULL, NULL)) {
+ ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
+ goto err;
+ }
+ /* Remember the original private-key-only encoding. */
+ ret->enc_flag |= EC_PKEY_NO_PUBKEY;
}
if (a)
@@ -1085,10 +1114,11 @@
{
int ret = 0, ok = 0;
unsigned char *buffer = NULL;
- size_t buf_len = 0, tmp_len;
+ size_t buf_len = 0, tmp_len, bn_len;
EC_PRIVATEKEY *priv_key = NULL;
- if (a == NULL || a->group == NULL || a->priv_key == NULL) {
+ if (a == NULL || a->group == NULL || a->priv_key == NULL ||
+ (!(a->enc_flag & EC_PKEY_NO_PUBKEY) && a->pub_key == NULL)) {
ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_PASSED_NULL_PARAMETER);
goto err;
}
@@ -1100,7 +1130,17 @@
priv_key->version = a->version;
- buf_len = (size_t)BN_num_bytes(a->priv_key);
+ bn_len = (size_t)BN_num_bytes(a->priv_key);
+
+ /* Octetstring may need leading zeros if BN is to short */
+
+ buf_len = (EC_GROUP_get_degree(a->group) + 7) / 8;
+
+ if (bn_len > buf_len) {
+ ECerr(EC_F_I2D_ECPRIVATEKEY, EC_R_BUFFER_TOO_SMALL);
+ goto err;
+ }
+
buffer = OPENSSL_malloc(buf_len);
if (buffer == NULL) {
ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_MALLOC_FAILURE);
@@ -1107,11 +1147,15 @@
goto err;
}
- if (!BN_bn2bin(a->priv_key, buffer)) {
+ if (!BN_bn2bin(a->priv_key, buffer + buf_len - bn_len)) {
ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_BN_LIB);
goto err;
}
+ if (buf_len - bn_len > 0) {
+ memset(buffer, 0, buf_len - bn_len);
+ }
+
if (!M_ASN1_OCTET_STRING_set(priv_key->privateKey, buffer, buf_len)) {
ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_ASN1_LIB);
goto err;
@@ -1266,8 +1310,10 @@
if (!EC_POINT_point2oct(a->group, a->pub_key, a->conv_form,
*out, buf_len, NULL)) {
ECerr(EC_F_I2O_ECPUBLICKEY, ERR_R_EC_LIB);
- OPENSSL_free(*out);
- *out = NULL;
+ if (new_buffer) {
+ OPENSSL_free(*out);
+ *out = NULL;
+ }
return 0;
}
if (!new_buffer)
Modified: trunk/crypto/openssl/crypto/ec/ec_curve.c
===================================================================
--- trunk/crypto/openssl/crypto/ec/ec_curve.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/ec/ec_curve.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -3,7 +3,7 @@
* Written by Nils Larsch for the OpenSSL project.
*/
/* ====================================================================
- * Copyright (c) 1998-2004 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1998-2010 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -72,1008 +72,2143 @@
#include "ec_lcl.h"
#include <openssl/err.h>
#include <openssl/obj_mac.h>
+#include <openssl/opensslconf.h>
-typedef struct ec_curve_data_st {
- int field_type; /* either NID_X9_62_prime_field or
+typedef struct {
+ int field_type, /* either NID_X9_62_prime_field or
* NID_X9_62_characteristic_two_field */
- const char *p; /* either a prime number or a polynomial */
- const char *a;
- const char *b;
- const char *x; /* the x coordinate of the generator */
- const char *y; /* the y coordinate of the generator */
- const char *order; /* the order of the group generated by the
- * generator */
- const BN_ULONG cofactor; /* the cofactor */
- const unsigned char *seed; /* the seed (optional) */
- size_t seed_len;
- const char *comment; /* a short description of the curve */
+ seed_len, param_len;
+ unsigned int cofactor; /* promoted to BN_ULONG */
} EC_CURVE_DATA;
/* the nist prime curves */
-static const unsigned char _EC_NIST_PRIME_192_SEED[] = {
- 0x30, 0x45, 0xAE, 0x6F, 0xC8, 0x42, 0x2F, 0x64, 0xED, 0x57,
- 0x95, 0x28, 0xD3, 0x81, 0x20, 0xEA, 0xE1, 0x21, 0x96, 0xD5
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[20 + 24 * 6];
+} _EC_NIST_PRIME_192 = {
+ {
+ NID_X9_62_prime_field, 20, 24, 1
+ },
+ {
+ /* seed */
+ 0x30, 0x45, 0xAE, 0x6F, 0xC8, 0x42, 0x2F, 0x64, 0xED, 0x57, 0x95, 0x28,
+ 0xD3, 0x81, 0x20, 0xEA, 0xE1, 0x21, 0x96, 0xD5,
+ /* p */
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ /* a */
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC,
+ /* b */
+ 0x64, 0x21, 0x05, 0x19, 0xE5, 0x9C, 0x80, 0xE7, 0x0F, 0xA7, 0xE9, 0xAB,
+ 0x72, 0x24, 0x30, 0x49, 0xFE, 0xB8, 0xDE, 0xEC, 0xC1, 0x46, 0xB9, 0xB1,
+ /* x */
+ 0x18, 0x8D, 0xA8, 0x0E, 0xB0, 0x30, 0x90, 0xF6, 0x7C, 0xBF, 0x20, 0xEB,
+ 0x43, 0xA1, 0x88, 0x00, 0xF4, 0xFF, 0x0A, 0xFD, 0x82, 0xFF, 0x10, 0x12,
+ /* y */
+ 0x07, 0x19, 0x2b, 0x95, 0xff, 0xc8, 0xda, 0x78, 0x63, 0x10, 0x11, 0xed,
+ 0x6b, 0x24, 0xcd, 0xd5, 0x73, 0xf9, 0x77, 0xa1, 0x1e, 0x79, 0x48, 0x11,
+ /* order */
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0x99, 0xDE, 0xF8, 0x36, 0x14, 0x6B, 0xC9, 0xB1, 0xB4, 0xD2, 0x28, 0x31
+ }
};
-static const EC_CURVE_DATA _EC_NIST_PRIME_192 = {
- NID_X9_62_prime_field,
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF",
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC",
- "64210519E59C80E70FA7E9AB72243049FEB8DEECC146B9B1",
- "188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF1012",
- "07192b95ffc8da78631011ed6b24cdd573f977a11e794811",
- "FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831", 1,
- _EC_NIST_PRIME_192_SEED, 20,
- "NIST/X9.62/SECG curve over a 192 bit prime field"
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[20 + 28 * 6];
+} _EC_NIST_PRIME_224 = {
+ {
+ NID_X9_62_prime_field, 20, 28, 1
+ },
+ {
+ /* seed */
+ 0xBD, 0x71, 0x34, 0x47, 0x99, 0xD5, 0xC7, 0xFC, 0xDC, 0x45, 0xB5, 0x9F,
+ 0xA3, 0xB9, 0xAB, 0x8F, 0x6A, 0x94, 0x8B, 0xC5,
+ /* p */
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x01,
+ /* a */
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFE,
+ /* b */
+ 0xB4, 0x05, 0x0A, 0x85, 0x0C, 0x04, 0xB3, 0xAB, 0xF5, 0x41, 0x32, 0x56,
+ 0x50, 0x44, 0xB0, 0xB7, 0xD7, 0xBF, 0xD8, 0xBA, 0x27, 0x0B, 0x39, 0x43,
+ 0x23, 0x55, 0xFF, 0xB4,
+ /* x */
+ 0xB7, 0x0E, 0x0C, 0xBD, 0x6B, 0xB4, 0xBF, 0x7F, 0x32, 0x13, 0x90, 0xB9,
+ 0x4A, 0x03, 0xC1, 0xD3, 0x56, 0xC2, 0x11, 0x22, 0x34, 0x32, 0x80, 0xD6,
+ 0x11, 0x5C, 0x1D, 0x21,
+ /* y */
+ 0xbd, 0x37, 0x63, 0x88, 0xb5, 0xf7, 0x23, 0xfb, 0x4c, 0x22, 0xdf, 0xe6,
+ 0xcd, 0x43, 0x75, 0xa0, 0x5a, 0x07, 0x47, 0x64, 0x44, 0xd5, 0x81, 0x99,
+ 0x85, 0x00, 0x7e, 0x34,
+ /* order */
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0x16, 0xA2, 0xE0, 0xB8, 0xF0, 0x3E, 0x13, 0xDD, 0x29, 0x45,
+ 0x5C, 0x5C, 0x2A, 0x3D
+ }
};
-static const unsigned char _EC_NIST_PRIME_224_SEED[] = {
- 0xBD, 0x71, 0x34, 0x47, 0x99, 0xD5, 0xC7, 0xFC, 0xDC, 0x45,
- 0xB5, 0x9F, 0xA3, 0xB9, 0xAB, 0x8F, 0x6A, 0x94, 0x8B, 0xC5
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[20 + 48 * 6];
+} _EC_NIST_PRIME_384 = {
+ {
+ NID_X9_62_prime_field, 20, 48, 1
+ },
+ {
+ /* seed */
+ 0xA3, 0x35, 0x92, 0x6A, 0xA3, 0x19, 0xA2, 0x7A, 0x1D, 0x00, 0x89, 0x6A,
+ 0x67, 0x73, 0xA4, 0x82, 0x7A, 0xCD, 0xAC, 0x73,
+ /* p */
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF,
+ /* a */
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFC,
+ /* b */
+ 0xB3, 0x31, 0x2F, 0xA7, 0xE2, 0x3E, 0xE7, 0xE4, 0x98, 0x8E, 0x05, 0x6B,
+ 0xE3, 0xF8, 0x2D, 0x19, 0x18, 0x1D, 0x9C, 0x6E, 0xFE, 0x81, 0x41, 0x12,
+ 0x03, 0x14, 0x08, 0x8F, 0x50, 0x13, 0x87, 0x5A, 0xC6, 0x56, 0x39, 0x8D,
+ 0x8A, 0x2E, 0xD1, 0x9D, 0x2A, 0x85, 0xC8, 0xED, 0xD3, 0xEC, 0x2A, 0xEF,
+ /* x */
+ 0xAA, 0x87, 0xCA, 0x22, 0xBE, 0x8B, 0x05, 0x37, 0x8E, 0xB1, 0xC7, 0x1E,
+ 0xF3, 0x20, 0xAD, 0x74, 0x6E, 0x1D, 0x3B, 0x62, 0x8B, 0xA7, 0x9B, 0x98,
+ 0x59, 0xF7, 0x41, 0xE0, 0x82, 0x54, 0x2A, 0x38, 0x55, 0x02, 0xF2, 0x5D,
+ 0xBF, 0x55, 0x29, 0x6C, 0x3A, 0x54, 0x5E, 0x38, 0x72, 0x76, 0x0A, 0xB7,
+ /* y */
+ 0x36, 0x17, 0xde, 0x4a, 0x96, 0x26, 0x2c, 0x6f, 0x5d, 0x9e, 0x98, 0xbf,
+ 0x92, 0x92, 0xdc, 0x29, 0xf8, 0xf4, 0x1d, 0xbd, 0x28, 0x9a, 0x14, 0x7c,
+ 0xe9, 0xda, 0x31, 0x13, 0xb5, 0xf0, 0xb8, 0xc0, 0x0a, 0x60, 0xb1, 0xce,
+ 0x1d, 0x7e, 0x81, 0x9d, 0x7a, 0x43, 0x1d, 0x7c, 0x90, 0xea, 0x0e, 0x5f,
+ /* order */
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xC7, 0x63, 0x4D, 0x81, 0xF4, 0x37, 0x2D, 0xDF, 0x58, 0x1A, 0x0D, 0xB2,
+ 0x48, 0xB0, 0xA7, 0x7A, 0xEC, 0xEC, 0x19, 0x6A, 0xCC, 0xC5, 0x29, 0x73
+ }
};
-static const EC_CURVE_DATA _EC_NIST_PRIME_224 = {
- NID_X9_62_prime_field,
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001",
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE",
- "B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4",
- "B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21",
- "bd376388b5f723fb4c22dfe6cd4375a05a07476444d5819985007e34",
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D", 1,
- _EC_NIST_PRIME_224_SEED, 20,
- "NIST/SECG curve over a 224 bit prime field"
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[20 + 66 * 6];
+} _EC_NIST_PRIME_521 = {
+ {
+ NID_X9_62_prime_field, 20, 66, 1
+ },
+ {
+ /* seed */
+ 0xD0, 0x9E, 0x88, 0x00, 0x29, 0x1C, 0xB8, 0x53, 0x96, 0xCC, 0x67, 0x17,
+ 0x39, 0x32, 0x84, 0xAA, 0xA0, 0xDA, 0x64, 0xBA,
+ /* p */
+ 0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ /* a */
+ 0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC,
+ /* b */
+ 0x00, 0x51, 0x95, 0x3E, 0xB9, 0x61, 0x8E, 0x1C, 0x9A, 0x1F, 0x92, 0x9A,
+ 0x21, 0xA0, 0xB6, 0x85, 0x40, 0xEE, 0xA2, 0xDA, 0x72, 0x5B, 0x99, 0xB3,
+ 0x15, 0xF3, 0xB8, 0xB4, 0x89, 0x91, 0x8E, 0xF1, 0x09, 0xE1, 0x56, 0x19,
+ 0x39, 0x51, 0xEC, 0x7E, 0x93, 0x7B, 0x16, 0x52, 0xC0, 0xBD, 0x3B, 0xB1,
+ 0xBF, 0x07, 0x35, 0x73, 0xDF, 0x88, 0x3D, 0x2C, 0x34, 0xF1, 0xEF, 0x45,
+ 0x1F, 0xD4, 0x6B, 0x50, 0x3F, 0x00,
+ /* x */
+ 0x00, 0xC6, 0x85, 0x8E, 0x06, 0xB7, 0x04, 0x04, 0xE9, 0xCD, 0x9E, 0x3E,
+ 0xCB, 0x66, 0x23, 0x95, 0xB4, 0x42, 0x9C, 0x64, 0x81, 0x39, 0x05, 0x3F,
+ 0xB5, 0x21, 0xF8, 0x28, 0xAF, 0x60, 0x6B, 0x4D, 0x3D, 0xBA, 0xA1, 0x4B,
+ 0x5E, 0x77, 0xEF, 0xE7, 0x59, 0x28, 0xFE, 0x1D, 0xC1, 0x27, 0xA2, 0xFF,
+ 0xA8, 0xDE, 0x33, 0x48, 0xB3, 0xC1, 0x85, 0x6A, 0x42, 0x9B, 0xF9, 0x7E,
+ 0x7E, 0x31, 0xC2, 0xE5, 0xBD, 0x66,
+ /* y */
+ 0x01, 0x18, 0x39, 0x29, 0x6a, 0x78, 0x9a, 0x3b, 0xc0, 0x04, 0x5c, 0x8a,
+ 0x5f, 0xb4, 0x2c, 0x7d, 0x1b, 0xd9, 0x98, 0xf5, 0x44, 0x49, 0x57, 0x9b,
+ 0x44, 0x68, 0x17, 0xaf, 0xbd, 0x17, 0x27, 0x3e, 0x66, 0x2c, 0x97, 0xee,
+ 0x72, 0x99, 0x5e, 0xf4, 0x26, 0x40, 0xc5, 0x50, 0xb9, 0x01, 0x3f, 0xad,
+ 0x07, 0x61, 0x35, 0x3c, 0x70, 0x86, 0xa2, 0x72, 0xc2, 0x40, 0x88, 0xbe,
+ 0x94, 0x76, 0x9f, 0xd1, 0x66, 0x50,
+ /* order */
+ 0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFA, 0x51, 0x86,
+ 0x87, 0x83, 0xBF, 0x2F, 0x96, 0x6B, 0x7F, 0xCC, 0x01, 0x48, 0xF7, 0x09,
+ 0xA5, 0xD0, 0x3B, 0xB5, 0xC9, 0xB8, 0x89, 0x9C, 0x47, 0xAE, 0xBB, 0x6F,
+ 0xB7, 0x1E, 0x91, 0x38, 0x64, 0x09
+ }
};
-static const unsigned char _EC_NIST_PRIME_384_SEED[] = {
- 0xA3, 0x35, 0x92, 0x6A, 0xA3, 0x19, 0xA2, 0x7A, 0x1D, 0x00,
- 0x89, 0x6A, 0x67, 0x73, 0xA4, 0x82, 0x7A, 0xCD, 0xAC, 0x73
-};
-
-static const EC_CURVE_DATA _EC_NIST_PRIME_384 = {
- NID_X9_62_prime_field,
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFF"
- "FFF0000000000000000FFFFFFFF",
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFF"
- "FFF0000000000000000FFFFFFFC",
- "B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141120314088F5013875AC6563"
- "98D8A2ED19D2A85C8EDD3EC2AEF",
- "AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B9859F741E082542A385502F"
- "25DBF55296C3A545E3872760AB7",
- "3617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b"
- "1ce1d7e819d7a431d7c90ea0e5f",
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC7634D81F4372DDF581A0"
- "DB248B0A77AECEC196ACCC52973", 1,
- _EC_NIST_PRIME_384_SEED, 20,
- "NIST/SECG curve over a 384 bit prime field"
-};
-
-static const unsigned char _EC_NIST_PRIME_521_SEED[] = {
- 0xD0, 0x9E, 0x88, 0x00, 0x29, 0x1C, 0xB8, 0x53, 0x96, 0xCC,
- 0x67, 0x17, 0x39, 0x32, 0x84, 0xAA, 0xA0, 0xDA, 0x64, 0xBA
-};
-
-static const EC_CURVE_DATA _EC_NIST_PRIME_521 = {
- NID_X9_62_prime_field,
- "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF",
- "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC",
- "051953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B315F3B8B489918EF109E156"
- "193951EC7E937B1652C0BD3BB1BF073573DF883D2C34F1EF451FD46B503F00",
- "C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14"
- "B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66",
- "011839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c9"
- "7ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650",
- "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFA51"
- "868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E91386409", 1,
- _EC_NIST_PRIME_521_SEED, 20,
- "NIST/SECG curve over a 521 bit prime field"
-};
-
/* the x9.62 prime curves (minus the nist prime curves) */
-static const unsigned char _EC_X9_62_PRIME_192V2_SEED[] = {
- 0x31, 0xA9, 0x2E, 0xE2, 0x02, 0x9F, 0xD1, 0x0D, 0x90, 0x1B,
- 0x11, 0x3E, 0x99, 0x07, 0x10, 0xF0, 0xD2, 0x1A, 0xC6, 0xB6
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[20 + 24 * 6];
+} _EC_X9_62_PRIME_192V2 = {
+ {
+ NID_X9_62_prime_field, 20, 24, 1
+ },
+ {
+ /* seed */
+ 0x31, 0xA9, 0x2E, 0xE2, 0x02, 0x9F, 0xD1, 0x0D, 0x90, 0x1B, 0x11, 0x3E,
+ 0x99, 0x07, 0x10, 0xF0, 0xD2, 0x1A, 0xC6, 0xB6,
+ /* p */
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ /* a */
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC,
+ /* b */
+ 0xCC, 0x22, 0xD6, 0xDF, 0xB9, 0x5C, 0x6B, 0x25, 0xE4, 0x9C, 0x0D, 0x63,
+ 0x64, 0xA4, 0xE5, 0x98, 0x0C, 0x39, 0x3A, 0xA2, 0x16, 0x68, 0xD9, 0x53,
+ /* x */
+ 0xEE, 0xA2, 0xBA, 0xE7, 0xE1, 0x49, 0x78, 0x42, 0xF2, 0xDE, 0x77, 0x69,
+ 0xCF, 0xE9, 0xC9, 0x89, 0xC0, 0x72, 0xAD, 0x69, 0x6F, 0x48, 0x03, 0x4A,
+ /* y */
+ 0x65, 0x74, 0xd1, 0x1d, 0x69, 0xb6, 0xec, 0x7a, 0x67, 0x2b, 0xb8, 0x2a,
+ 0x08, 0x3d, 0xf2, 0xf2, 0xb0, 0x84, 0x7d, 0xe9, 0x70, 0xb2, 0xde, 0x15,
+ /* order */
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE,
+ 0x5F, 0xB1, 0xA7, 0x24, 0xDC, 0x80, 0x41, 0x86, 0x48, 0xD8, 0xDD, 0x31
+ }
};
-static const EC_CURVE_DATA _EC_X9_62_PRIME_192V2 = {
- NID_X9_62_prime_field,
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF",
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC",
- "CC22D6DFB95C6B25E49C0D6364A4E5980C393AA21668D953",
- "EEA2BAE7E1497842F2DE7769CFE9C989C072AD696F48034A",
- "6574d11d69b6ec7a672bb82a083df2f2b0847de970b2de15",
- "FFFFFFFFFFFFFFFFFFFFFFFE5FB1A724DC80418648D8DD31", 1,
- _EC_X9_62_PRIME_192V2_SEED, 20,
- "X9.62 curve over a 192 bit prime field"
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[20 + 24 * 6];
+} _EC_X9_62_PRIME_192V3 = {
+ {
+ NID_X9_62_prime_field, 20, 24, 1
+ },
+ {
+ /* seed */
+ 0xC4, 0x69, 0x68, 0x44, 0x35, 0xDE, 0xB3, 0x78, 0xC4, 0xB6, 0x5C, 0xA9,
+ 0x59, 0x1E, 0x2A, 0x57, 0x63, 0x05, 0x9A, 0x2E,
+ /* p */
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ /* a */
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC,
+ /* b */
+ 0x22, 0x12, 0x3D, 0xC2, 0x39, 0x5A, 0x05, 0xCA, 0xA7, 0x42, 0x3D, 0xAE,
+ 0xCC, 0xC9, 0x47, 0x60, 0xA7, 0xD4, 0x62, 0x25, 0x6B, 0xD5, 0x69, 0x16,
+ /* x */
+ 0x7D, 0x29, 0x77, 0x81, 0x00, 0xC6, 0x5A, 0x1D, 0xA1, 0x78, 0x37, 0x16,
+ 0x58, 0x8D, 0xCE, 0x2B, 0x8B, 0x4A, 0xEE, 0x8E, 0x22, 0x8F, 0x18, 0x96,
+ /* y */
+ 0x38, 0xa9, 0x0f, 0x22, 0x63, 0x73, 0x37, 0x33, 0x4b, 0x49, 0xdc, 0xb6,
+ 0x6a, 0x6d, 0xc8, 0xf9, 0x97, 0x8a, 0xca, 0x76, 0x48, 0xa9, 0x43, 0xb0,
+ /* order */
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0x7A, 0x62, 0xD0, 0x31, 0xC8, 0x3F, 0x42, 0x94, 0xF6, 0x40, 0xEC, 0x13
+ }
};
-static const unsigned char _EC_X9_62_PRIME_192V3_SEED[] = {
- 0xC4, 0x69, 0x68, 0x44, 0x35, 0xDE, 0xB3, 0x78, 0xC4, 0xB6,
- 0x5C, 0xA9, 0x59, 0x1E, 0x2A, 0x57, 0x63, 0x05, 0x9A, 0x2E
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[20 + 30 * 6];
+} _EC_X9_62_PRIME_239V1 = {
+ {
+ NID_X9_62_prime_field, 20, 30, 1
+ },
+ {
+ /* seed */
+ 0xE4, 0x3B, 0xB4, 0x60, 0xF0, 0xB8, 0x0C, 0xC0, 0xC0, 0xB0, 0x75, 0x79,
+ 0x8E, 0x94, 0x80, 0x60, 0xF8, 0x32, 0x1B, 0x7D,
+ /* p */
+ 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ /* a */
+ 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC,
+ /* b */
+ 0x6B, 0x01, 0x6C, 0x3B, 0xDC, 0xF1, 0x89, 0x41, 0xD0, 0xD6, 0x54, 0x92,
+ 0x14, 0x75, 0xCA, 0x71, 0xA9, 0xDB, 0x2F, 0xB2, 0x7D, 0x1D, 0x37, 0x79,
+ 0x61, 0x85, 0xC2, 0x94, 0x2C, 0x0A,
+ /* x */
+ 0x0F, 0xFA, 0x96, 0x3C, 0xDC, 0xA8, 0x81, 0x6C, 0xCC, 0x33, 0xB8, 0x64,
+ 0x2B, 0xED, 0xF9, 0x05, 0xC3, 0xD3, 0x58, 0x57, 0x3D, 0x3F, 0x27, 0xFB,
+ 0xBD, 0x3B, 0x3C, 0xB9, 0xAA, 0xAF,
+ /* y */
+ 0x7d, 0xeb, 0xe8, 0xe4, 0xe9, 0x0a, 0x5d, 0xae, 0x6e, 0x40, 0x54, 0xca,
+ 0x53, 0x0b, 0xa0, 0x46, 0x54, 0xb3, 0x68, 0x18, 0xce, 0x22, 0x6b, 0x39,
+ 0xfc, 0xcb, 0x7b, 0x02, 0xf1, 0xae,
+ /* order */
+ 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0x7F, 0xFF, 0xFF, 0x9E, 0x5E, 0x9A, 0x9F, 0x5D, 0x90, 0x71, 0xFB, 0xD1,
+ 0x52, 0x26, 0x88, 0x90, 0x9D, 0x0B
+ }
};
-static const EC_CURVE_DATA _EC_X9_62_PRIME_192V3 = {
- NID_X9_62_prime_field,
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF",
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC",
- "22123DC2395A05CAA7423DAECCC94760A7D462256BD56916",
- "7D29778100C65A1DA1783716588DCE2B8B4AEE8E228F1896",
- "38a90f22637337334b49dcb66a6dc8f9978aca7648a943b0",
- "FFFFFFFFFFFFFFFFFFFFFFFF7A62D031C83F4294F640EC13", 1,
- _EC_X9_62_PRIME_192V3_SEED, 20,
- "X9.62 curve over a 192 bit prime field"
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[20 + 30 * 6];
+} _EC_X9_62_PRIME_239V2 = {
+ {
+ NID_X9_62_prime_field, 20, 30, 1
+ },
+ {
+ /* seed */
+ 0xE8, 0xB4, 0x01, 0x16, 0x04, 0x09, 0x53, 0x03, 0xCA, 0x3B, 0x80, 0x99,
+ 0x98, 0x2B, 0xE0, 0x9F, 0xCB, 0x9A, 0xE6, 0x16,
+ /* p */
+ 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ /* a */
+ 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC,
+ /* b */
+ 0x61, 0x7F, 0xAB, 0x68, 0x32, 0x57, 0x6C, 0xBB, 0xFE, 0xD5, 0x0D, 0x99,
+ 0xF0, 0x24, 0x9C, 0x3F, 0xEE, 0x58, 0xB9, 0x4B, 0xA0, 0x03, 0x8C, 0x7A,
+ 0xE8, 0x4C, 0x8C, 0x83, 0x2F, 0x2C,
+ /* x */
+ 0x38, 0xAF, 0x09, 0xD9, 0x87, 0x27, 0x70, 0x51, 0x20, 0xC9, 0x21, 0xBB,
+ 0x5E, 0x9E, 0x26, 0x29, 0x6A, 0x3C, 0xDC, 0xF2, 0xF3, 0x57, 0x57, 0xA0,
+ 0xEA, 0xFD, 0x87, 0xB8, 0x30, 0xE7,
+ /* y */
+ 0x5b, 0x01, 0x25, 0xe4, 0xdb, 0xea, 0x0e, 0xc7, 0x20, 0x6d, 0xa0, 0xfc,
+ 0x01, 0xd9, 0xb0, 0x81, 0x32, 0x9f, 0xb5, 0x55, 0xde, 0x6e, 0xf4, 0x60,
+ 0x23, 0x7d, 0xff, 0x8b, 0xe4, 0xba,
+ /* order */
+ 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0x80, 0x00, 0x00, 0xCF, 0xA7, 0xE8, 0x59, 0x43, 0x77, 0xD4, 0x14, 0xC0,
+ 0x38, 0x21, 0xBC, 0x58, 0x20, 0x63
+ }
};
-static const unsigned char _EC_X9_62_PRIME_239V1_SEED[] = {
- 0xE4, 0x3B, 0xB4, 0x60, 0xF0, 0xB8, 0x0C, 0xC0, 0xC0, 0xB0,
- 0x75, 0x79, 0x8E, 0x94, 0x80, 0x60, 0xF8, 0x32, 0x1B, 0x7D
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[20 + 30 * 6];
+} _EC_X9_62_PRIME_239V3 = {
+ {
+ NID_X9_62_prime_field, 20, 30, 1
+ },
+ {
+ /* seed */
+ 0x7D, 0x73, 0x74, 0x16, 0x8F, 0xFE, 0x34, 0x71, 0xB6, 0x0A, 0x85, 0x76,
+ 0x86, 0xA1, 0x94, 0x75, 0xD3, 0xBF, 0xA2, 0xFF,
+ /* p */
+ 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ /* a */
+ 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC,
+ /* b */
+ 0x25, 0x57, 0x05, 0xFA, 0x2A, 0x30, 0x66, 0x54, 0xB1, 0xF4, 0xCB, 0x03,
+ 0xD6, 0xA7, 0x50, 0xA3, 0x0C, 0x25, 0x01, 0x02, 0xD4, 0x98, 0x87, 0x17,
+ 0xD9, 0xBA, 0x15, 0xAB, 0x6D, 0x3E,
+ /* x */
+ 0x67, 0x68, 0xAE, 0x8E, 0x18, 0xBB, 0x92, 0xCF, 0xCF, 0x00, 0x5C, 0x94,
+ 0x9A, 0xA2, 0xC6, 0xD9, 0x48, 0x53, 0xD0, 0xE6, 0x60, 0xBB, 0xF8, 0x54,
+ 0xB1, 0xC9, 0x50, 0x5F, 0xE9, 0x5A,
+ /* y */
+ 0x16, 0x07, 0xe6, 0x89, 0x8f, 0x39, 0x0c, 0x06, 0xbc, 0x1d, 0x55, 0x2b,
+ 0xad, 0x22, 0x6f, 0x3b, 0x6f, 0xcf, 0xe4, 0x8b, 0x6e, 0x81, 0x84, 0x99,
+ 0xaf, 0x18, 0xe3, 0xed, 0x6c, 0xf3,
+ /* order */
+ 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0x7F, 0xFF, 0xFF, 0x97, 0x5D, 0xEB, 0x41, 0xB3, 0xA6, 0x05, 0x7C, 0x3C,
+ 0x43, 0x21, 0x46, 0x52, 0x65, 0x51
+ }
};
-static const EC_CURVE_DATA _EC_X9_62_PRIME_239V1 = {
- NID_X9_62_prime_field,
- "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFF",
- "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFC",
- "6B016C3BDCF18941D0D654921475CA71A9DB2FB27D1D37796185C2942C0A",
- "0FFA963CDCA8816CCC33B8642BEDF905C3D358573D3F27FBBD3B3CB9AAAF",
- "7debe8e4e90a5dae6e4054ca530ba04654b36818ce226b39fccb7b02f1ae",
- "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFF9E5E9A9F5D9071FBD1522688909D0B", 1,
- _EC_X9_62_PRIME_239V1_SEED, 20,
- "X9.62 curve over a 239 bit prime field"
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[20 + 32 * 6];
+} _EC_X9_62_PRIME_256V1 = {
+ {
+ NID_X9_62_prime_field, 20, 32, 1
+ },
+ {
+ /* seed */
+ 0xC4, 0x9D, 0x36, 0x08, 0x86, 0xE7, 0x04, 0x93, 0x6A, 0x66, 0x78, 0xE1,
+ 0x13, 0x9D, 0x26, 0xB7, 0x81, 0x9F, 0x7E, 0x90,
+ /* p */
+ 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ /* a */
+ 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC,
+ /* b */
+ 0x5A, 0xC6, 0x35, 0xD8, 0xAA, 0x3A, 0x93, 0xE7, 0xB3, 0xEB, 0xBD, 0x55,
+ 0x76, 0x98, 0x86, 0xBC, 0x65, 0x1D, 0x06, 0xB0, 0xCC, 0x53, 0xB0, 0xF6,
+ 0x3B, 0xCE, 0x3C, 0x3E, 0x27, 0xD2, 0x60, 0x4B,
+ /* x */
+ 0x6B, 0x17, 0xD1, 0xF2, 0xE1, 0x2C, 0x42, 0x47, 0xF8, 0xBC, 0xE6, 0xE5,
+ 0x63, 0xA4, 0x40, 0xF2, 0x77, 0x03, 0x7D, 0x81, 0x2D, 0xEB, 0x33, 0xA0,
+ 0xF4, 0xA1, 0x39, 0x45, 0xD8, 0x98, 0xC2, 0x96,
+ /* y */
+ 0x4f, 0xe3, 0x42, 0xe2, 0xfe, 0x1a, 0x7f, 0x9b, 0x8e, 0xe7, 0xeb, 0x4a,
+ 0x7c, 0x0f, 0x9e, 0x16, 0x2b, 0xce, 0x33, 0x57, 0x6b, 0x31, 0x5e, 0xce,
+ 0xcb, 0xb6, 0x40, 0x68, 0x37, 0xbf, 0x51, 0xf5,
+ /* order */
+ 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84,
+ 0xF3, 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51
+ }
};
-static const unsigned char _EC_X9_62_PRIME_239V2_SEED[] = {
- 0xE8, 0xB4, 0x01, 0x16, 0x04, 0x09, 0x53, 0x03, 0xCA, 0x3B,
- 0x80, 0x99, 0x98, 0x2B, 0xE0, 0x9F, 0xCB, 0x9A, 0xE6, 0x16
-};
-
-static const EC_CURVE_DATA _EC_X9_62_PRIME_239V2 = {
- NID_X9_62_prime_field,
- "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFF",
- "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFC",
- "617FAB6832576CBBFED50D99F0249C3FEE58B94BA0038C7AE84C8C832F2C",
- "38AF09D98727705120C921BB5E9E26296A3CDCF2F35757A0EAFD87B830E7",
- "5b0125e4dbea0ec7206da0fc01d9b081329fb555de6ef460237dff8be4ba",
- "7FFFFFFFFFFFFFFFFFFFFFFF800000CFA7E8594377D414C03821BC582063", 1,
- _EC_X9_62_PRIME_239V2_SEED, 20,
- "X9.62 curve over a 239 bit prime field"
-};
-
-static const unsigned char _EC_X9_62_PRIME_239V3_SEED[] = {
- 0x7D, 0x73, 0x74, 0x16, 0x8F, 0xFE, 0x34, 0x71, 0xB6, 0x0A,
- 0x85, 0x76, 0x86, 0xA1, 0x94, 0x75, 0xD3, 0xBF, 0xA2, 0xFF
-};
-
-static const EC_CURVE_DATA _EC_X9_62_PRIME_239V3 = {
- NID_X9_62_prime_field,
- "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFF",
- "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFC",
- "255705FA2A306654B1F4CB03D6A750A30C250102D4988717D9BA15AB6D3E",
- "6768AE8E18BB92CFCF005C949AA2C6D94853D0E660BBF854B1C9505FE95A",
- "1607e6898f390c06bc1d552bad226f3b6fcfe48b6e818499af18e3ed6cf3",
- "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFF975DEB41B3A6057C3C432146526551", 1,
- _EC_X9_62_PRIME_239V3_SEED, 20,
- "X9.62 curve over a 239 bit prime field"
-};
-
-static const unsigned char _EC_X9_62_PRIME_256V1_SEED[] = {
- 0xC4, 0x9D, 0x36, 0x08, 0x86, 0xE7, 0x04, 0x93, 0x6A, 0x66,
- 0x78, 0xE1, 0x13, 0x9D, 0x26, 0xB7, 0x81, 0x9F, 0x7E, 0x90
-};
-
-static const EC_CURVE_DATA _EC_X9_62_PRIME_256V1 = {
- NID_X9_62_prime_field,
- "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF",
- "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC",
- "5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B",
- "6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296",
- "4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5",
- "FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551", 1,
- _EC_X9_62_PRIME_256V1_SEED, 20,
- "X9.62/SECG curve over a 256 bit prime field"
-};
-
/* the secg prime curves (minus the nist and x9.62 prime curves) */
-static const unsigned char _EC_SECG_PRIME_112R1_SEED[] = {
- 0x00, 0xF5, 0x0B, 0x02, 0x8E, 0x4D, 0x69, 0x6E, 0x67, 0x68,
- 0x75, 0x61, 0x51, 0x75, 0x29, 0x04, 0x72, 0x78, 0x3F, 0xB1
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[20 + 14 * 6];
+} _EC_SECG_PRIME_112R1 = {
+ {
+ NID_X9_62_prime_field, 20, 14, 1
+ },
+ {
+ /* seed */
+ 0x00, 0xF5, 0x0B, 0x02, 0x8E, 0x4D, 0x69, 0x6E, 0x67, 0x68, 0x75, 0x61,
+ 0x51, 0x75, 0x29, 0x04, 0x72, 0x78, 0x3F, 0xB1,
+ /* p */
+ 0xDB, 0x7C, 0x2A, 0xBF, 0x62, 0xE3, 0x5E, 0x66, 0x80, 0x76, 0xBE, 0xAD,
+ 0x20, 0x8B,
+ /* a */
+ 0xDB, 0x7C, 0x2A, 0xBF, 0x62, 0xE3, 0x5E, 0x66, 0x80, 0x76, 0xBE, 0xAD,
+ 0x20, 0x88,
+ /* b */
+ 0x65, 0x9E, 0xF8, 0xBA, 0x04, 0x39, 0x16, 0xEE, 0xDE, 0x89, 0x11, 0x70,
+ 0x2B, 0x22,
+ /* x */
+ 0x09, 0x48, 0x72, 0x39, 0x99, 0x5A, 0x5E, 0xE7, 0x6B, 0x55, 0xF9, 0xC2,
+ 0xF0, 0x98,
+ /* y */
+ 0xa8, 0x9c, 0xe5, 0xaf, 0x87, 0x24, 0xc0, 0xa2, 0x3e, 0x0e, 0x0f, 0xf7,
+ 0x75, 0x00,
+ /* order */
+ 0xDB, 0x7C, 0x2A, 0xBF, 0x62, 0xE3, 0x5E, 0x76, 0x28, 0xDF, 0xAC, 0x65,
+ 0x61, 0xC5
+ }
};
-static const EC_CURVE_DATA _EC_SECG_PRIME_112R1 = {
- NID_X9_62_prime_field,
- "DB7C2ABF62E35E668076BEAD208B",
- "DB7C2ABF62E35E668076BEAD2088",
- "659EF8BA043916EEDE8911702B22",
- "09487239995A5EE76B55F9C2F098",
- "a89ce5af8724c0a23e0e0ff77500",
- "DB7C2ABF62E35E7628DFAC6561C5", 1,
- _EC_SECG_PRIME_112R1_SEED, 20,
- "SECG/WTLS curve over a 112 bit prime field"
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[20 + 14 * 6];
+} _EC_SECG_PRIME_112R2 = {
+ {
+ NID_X9_62_prime_field, 20, 14, 4
+ },
+ {
+ /* seed */
+ 0x00, 0x27, 0x57, 0xA1, 0x11, 0x4D, 0x69, 0x6E, 0x67, 0x68, 0x75, 0x61,
+ 0x51, 0x75, 0x53, 0x16, 0xC0, 0x5E, 0x0B, 0xD4,
+ /* p */
+ 0xDB, 0x7C, 0x2A, 0xBF, 0x62, 0xE3, 0x5E, 0x66, 0x80, 0x76, 0xBE, 0xAD,
+ 0x20, 0x8B,
+ /* a */
+ 0x61, 0x27, 0xC2, 0x4C, 0x05, 0xF3, 0x8A, 0x0A, 0xAA, 0xF6, 0x5C, 0x0E,
+ 0xF0, 0x2C,
+ /* b */
+ 0x51, 0xDE, 0xF1, 0x81, 0x5D, 0xB5, 0xED, 0x74, 0xFC, 0xC3, 0x4C, 0x85,
+ 0xD7, 0x09,
+ /* x */
+ 0x4B, 0xA3, 0x0A, 0xB5, 0xE8, 0x92, 0xB4, 0xE1, 0x64, 0x9D, 0xD0, 0x92,
+ 0x86, 0x43,
+ /* y */
+ 0xad, 0xcd, 0x46, 0xf5, 0x88, 0x2e, 0x37, 0x47, 0xde, 0xf3, 0x6e, 0x95,
+ 0x6e, 0x97,
+ /* order */
+ 0x36, 0xDF, 0x0A, 0xAF, 0xD8, 0xB8, 0xD7, 0x59, 0x7C, 0xA1, 0x05, 0x20,
+ 0xD0, 0x4B
+ }
};
-static const unsigned char _EC_SECG_PRIME_112R2_SEED[] = {
- 0x00, 0x27, 0x57, 0xA1, 0x11, 0x4D, 0x69, 0x6E, 0x67, 0x68,
- 0x75, 0x61, 0x51, 0x75, 0x53, 0x16, 0xC0, 0x5E, 0x0B, 0xD4
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[20 + 16 * 6];
+} _EC_SECG_PRIME_128R1 = {
+ {
+ NID_X9_62_prime_field, 20, 16, 1
+ },
+ {
+ /* seed */
+ 0x00, 0x0E, 0x0D, 0x4D, 0x69, 0x6E, 0x67, 0x68, 0x75, 0x61, 0x51, 0x75,
+ 0x0C, 0xC0, 0x3A, 0x44, 0x73, 0xD0, 0x36, 0x79,
+ /* p */
+ 0xFF, 0xFF, 0xFF, 0xFD, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF,
+ /* a */
+ 0xFF, 0xFF, 0xFF, 0xFD, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFC,
+ /* b */
+ 0xE8, 0x75, 0x79, 0xC1, 0x10, 0x79, 0xF4, 0x3D, 0xD8, 0x24, 0x99, 0x3C,
+ 0x2C, 0xEE, 0x5E, 0xD3,
+ /* x */
+ 0x16, 0x1F, 0xF7, 0x52, 0x8B, 0x89, 0x9B, 0x2D, 0x0C, 0x28, 0x60, 0x7C,
+ 0xA5, 0x2C, 0x5B, 0x86,
+ /* y */
+ 0xcf, 0x5a, 0xc8, 0x39, 0x5b, 0xaf, 0xeb, 0x13, 0xc0, 0x2d, 0xa2, 0x92,
+ 0xdd, 0xed, 0x7a, 0x83,
+ /* order */
+ 0xFF, 0xFF, 0xFF, 0xFE, 0x00, 0x00, 0x00, 0x00, 0x75, 0xA3, 0x0D, 0x1B,
+ 0x90, 0x38, 0xA1, 0x15
+ }
};
-static const EC_CURVE_DATA _EC_SECG_PRIME_112R2 = {
- NID_X9_62_prime_field,
- "DB7C2ABF62E35E668076BEAD208B",
- "6127C24C05F38A0AAAF65C0EF02C",
- "51DEF1815DB5ED74FCC34C85D709",
- "4BA30AB5E892B4E1649DD0928643",
- "adcd46f5882e3747def36e956e97",
- "36DF0AAFD8B8D7597CA10520D04B", 4,
- _EC_SECG_PRIME_112R2_SEED, 20,
- "SECG curve over a 112 bit prime field"
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[20 + 16 * 6];
+} _EC_SECG_PRIME_128R2 = {
+ {
+ NID_X9_62_prime_field, 20, 16, 4
+ },
+ {
+ /* seed */
+ 0x00, 0x4D, 0x69, 0x6E, 0x67, 0x68, 0x75, 0x61, 0x51, 0x75, 0x12, 0xD8,
+ 0xF0, 0x34, 0x31, 0xFC, 0xE6, 0x3B, 0x88, 0xF4,
+ /* p */
+ 0xFF, 0xFF, 0xFF, 0xFD, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF,
+ /* a */
+ 0xD6, 0x03, 0x19, 0x98, 0xD1, 0xB3, 0xBB, 0xFE, 0xBF, 0x59, 0xCC, 0x9B,
+ 0xBF, 0xF9, 0xAE, 0xE1,
+ /* b */
+ 0x5E, 0xEE, 0xFC, 0xA3, 0x80, 0xD0, 0x29, 0x19, 0xDC, 0x2C, 0x65, 0x58,
+ 0xBB, 0x6D, 0x8A, 0x5D,
+ /* x */
+ 0x7B, 0x6A, 0xA5, 0xD8, 0x5E, 0x57, 0x29, 0x83, 0xE6, 0xFB, 0x32, 0xA7,
+ 0xCD, 0xEB, 0xC1, 0x40,
+ /* y */
+ 0x27, 0xb6, 0x91, 0x6a, 0x89, 0x4d, 0x3a, 0xee, 0x71, 0x06, 0xfe, 0x80,
+ 0x5f, 0xc3, 0x4b, 0x44,
+ /* order */
+ 0x3F, 0xFF, 0xFF, 0xFF, 0x7F, 0xFF, 0xFF, 0xFF, 0xBE, 0x00, 0x24, 0x72,
+ 0x06, 0x13, 0xB5, 0xA3
+ }
};
-static const unsigned char _EC_SECG_PRIME_128R1_SEED[] = {
- 0x00, 0x0E, 0x0D, 0x4D, 0x69, 0x6E, 0x67, 0x68, 0x75, 0x61,
- 0x51, 0x75, 0x0C, 0xC0, 0x3A, 0x44, 0x73, 0xD0, 0x36, 0x79
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[0 + 21 * 6];
+} _EC_SECG_PRIME_160K1 = {
+ {
+ NID_X9_62_prime_field, 0, 21, 1
+ },
+ {
+ /* no seed */
+ /* p */
+ 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xAC, 0x73,
+ /* a */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ /* b */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x07,
+ /* x */
+ 0x00, 0x3B, 0x4C, 0x38, 0x2C, 0xE3, 0x7A, 0xA1, 0x92, 0xA4, 0x01, 0x9E,
+ 0x76, 0x30, 0x36, 0xF4, 0xF5, 0xDD, 0x4D, 0x7E, 0xBB,
+ /* y */
+ 0x00, 0x93, 0x8c, 0xf9, 0x35, 0x31, 0x8f, 0xdc, 0xed, 0x6b, 0xc2, 0x82,
+ 0x86, 0x53, 0x17, 0x33, 0xc3, 0xf0, 0x3c, 0x4f, 0xee,
+ /* order */
+ 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0xB8,
+ 0xFA, 0x16, 0xDF, 0xAB, 0x9A, 0xCA, 0x16, 0xB6, 0xB3
+ }
};
-static const EC_CURVE_DATA _EC_SECG_PRIME_128R1 = {
- NID_X9_62_prime_field,
- "FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFF",
- "FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFC",
- "E87579C11079F43DD824993C2CEE5ED3",
- "161FF7528B899B2D0C28607CA52C5B86",
- "cf5ac8395bafeb13c02da292dded7a83",
- "FFFFFFFE0000000075A30D1B9038A115", 1,
- _EC_SECG_PRIME_128R1_SEED, 20,
- "SECG curve over a 128 bit prime field"
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[20 + 21 * 6];
+} _EC_SECG_PRIME_160R1 = {
+ {
+ NID_X9_62_prime_field, 20, 21, 1
+ },
+ {
+ /* seed */
+ 0x10, 0x53, 0xCD, 0xE4, 0x2C, 0x14, 0xD6, 0x96, 0xE6, 0x76, 0x87, 0x56,
+ 0x15, 0x17, 0x53, 0x3B, 0xF3, 0xF8, 0x33, 0x45,
+ /* p */
+ 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x7F, 0xFF, 0xFF, 0xFF,
+ /* a */
+ 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x7F, 0xFF, 0xFF, 0xFC,
+ /* b */
+ 0x00, 0x1C, 0x97, 0xBE, 0xFC, 0x54, 0xBD, 0x7A, 0x8B, 0x65, 0xAC, 0xF8,
+ 0x9F, 0x81, 0xD4, 0xD4, 0xAD, 0xC5, 0x65, 0xFA, 0x45,
+ /* x */
+ 0x00, 0x4A, 0x96, 0xB5, 0x68, 0x8E, 0xF5, 0x73, 0x28, 0x46, 0x64, 0x69,
+ 0x89, 0x68, 0xC3, 0x8B, 0xB9, 0x13, 0xCB, 0xFC, 0x82,
+ /* y */
+ 0x00, 0x23, 0xa6, 0x28, 0x55, 0x31, 0x68, 0x94, 0x7d, 0x59, 0xdc, 0xc9,
+ 0x12, 0x04, 0x23, 0x51, 0x37, 0x7a, 0xc5, 0xfb, 0x32,
+ /* order */
+ 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0xF4,
+ 0xC8, 0xF9, 0x27, 0xAE, 0xD3, 0xCA, 0x75, 0x22, 0x57
+ }
};
-static const unsigned char _EC_SECG_PRIME_128R2_SEED[] = {
- 0x00, 0x4D, 0x69, 0x6E, 0x67, 0x68, 0x75, 0x61, 0x51, 0x75,
- 0x12, 0xD8, 0xF0, 0x34, 0x31, 0xFC, 0xE6, 0x3B, 0x88, 0xF4
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[20 + 21 * 6];
+} _EC_SECG_PRIME_160R2 = {
+ {
+ NID_X9_62_prime_field, 20, 21, 1
+ },
+ {
+ /* seed */
+ 0xB9, 0x9B, 0x99, 0xB0, 0x99, 0xB3, 0x23, 0xE0, 0x27, 0x09, 0xA4, 0xD6,
+ 0x96, 0xE6, 0x76, 0x87, 0x56, 0x15, 0x17, 0x51,
+ /* p */
+ 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xAC, 0x73,
+ /* a */
+ 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xAC, 0x70,
+ /* b */
+ 0x00, 0xB4, 0xE1, 0x34, 0xD3, 0xFB, 0x59, 0xEB, 0x8B, 0xAB, 0x57, 0x27,
+ 0x49, 0x04, 0x66, 0x4D, 0x5A, 0xF5, 0x03, 0x88, 0xBA,
+ /* x */
+ 0x00, 0x52, 0xDC, 0xB0, 0x34, 0x29, 0x3A, 0x11, 0x7E, 0x1F, 0x4F, 0xF1,
+ 0x1B, 0x30, 0xF7, 0x19, 0x9D, 0x31, 0x44, 0xCE, 0x6D,
+ /* y */
+ 0x00, 0xfe, 0xaf, 0xfe, 0xf2, 0xe3, 0x31, 0xf2, 0x96, 0xe0, 0x71, 0xfa,
+ 0x0d, 0xf9, 0x98, 0x2c, 0xfe, 0xa7, 0xd4, 0x3f, 0x2e,
+ /* order */
+ 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x35,
+ 0x1E, 0xE7, 0x86, 0xA8, 0x18, 0xF3, 0xA1, 0xA1, 0x6B
+ }
};
-static const EC_CURVE_DATA _EC_SECG_PRIME_128R2 = {
- NID_X9_62_prime_field,
- "FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFF",
- "D6031998D1B3BBFEBF59CC9BBFF9AEE1",
- "5EEEFCA380D02919DC2C6558BB6D8A5D",
- "7B6AA5D85E572983E6FB32A7CDEBC140",
- "27b6916a894d3aee7106fe805fc34b44",
- "3FFFFFFF7FFFFFFFBE0024720613B5A3", 4,
- _EC_SECG_PRIME_128R2_SEED, 20,
- "SECG curve over a 128 bit prime field"
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[0 + 24 * 6];
+} _EC_SECG_PRIME_192K1 = {
+ {
+ NID_X9_62_prime_field, 0, 24, 1
+ },
+ {
+ /* no seed */
+ /* p */
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xEE, 0x37,
+ /* a */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ /* b */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x03,
+ /* x */
+ 0xDB, 0x4F, 0xF1, 0x0E, 0xC0, 0x57, 0xE9, 0xAE, 0x26, 0xB0, 0x7D, 0x02,
+ 0x80, 0xB7, 0xF4, 0x34, 0x1D, 0xA5, 0xD1, 0xB1, 0xEA, 0xE0, 0x6C, 0x7D,
+ /* y */
+ 0x9b, 0x2f, 0x2f, 0x6d, 0x9c, 0x56, 0x28, 0xa7, 0x84, 0x41, 0x63, 0xd0,
+ 0x15, 0xbe, 0x86, 0x34, 0x40, 0x82, 0xaa, 0x88, 0xd9, 0x5e, 0x2f, 0x9d,
+ /* order */
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE,
+ 0x26, 0xF2, 0xFC, 0x17, 0x0F, 0x69, 0x46, 0x6A, 0x74, 0xDE, 0xFD, 0x8D
+ }
};
-static const EC_CURVE_DATA _EC_SECG_PRIME_160K1 = {
- NID_X9_62_prime_field,
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC73",
- "0",
- "7",
- "3B4C382CE37AA192A4019E763036F4F5DD4D7EBB",
- "938cf935318fdced6bc28286531733c3f03c4fee",
- "0100000000000000000001B8FA16DFAB9ACA16B6B3", 1,
- NULL, 0,
- "SECG curve over a 160 bit prime field"
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[0 + 29 * 6];
+} _EC_SECG_PRIME_224K1 = {
+ {
+ NID_X9_62_prime_field, 0, 29, 1
+ },
+ {
+ /* no seed */
+ /* p */
+ 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFE, 0xFF, 0xFF, 0xE5, 0x6D,
+ /* a */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00,
+ /* b */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x05,
+ /* x */
+ 0x00, 0xA1, 0x45, 0x5B, 0x33, 0x4D, 0xF0, 0x99, 0xDF, 0x30, 0xFC, 0x28,
+ 0xA1, 0x69, 0xA4, 0x67, 0xE9, 0xE4, 0x70, 0x75, 0xA9, 0x0F, 0x7E, 0x65,
+ 0x0E, 0xB6, 0xB7, 0xA4, 0x5C,
+ /* y */
+ 0x00, 0x7e, 0x08, 0x9f, 0xed, 0x7f, 0xba, 0x34, 0x42, 0x82, 0xca, 0xfb,
+ 0xd6, 0xf7, 0xe3, 0x19, 0xf7, 0xc0, 0xb0, 0xbd, 0x59, 0xe2, 0xca, 0x4b,
+ 0xdb, 0x55, 0x6d, 0x61, 0xa5,
+ /* order */
+ 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x01, 0xDC, 0xE8, 0xD2, 0xEC, 0x61, 0x84, 0xCA, 0xF0, 0xA9,
+ 0x71, 0x76, 0x9F, 0xB1, 0xF7
+ }
};
-static const unsigned char _EC_SECG_PRIME_160R1_SEED[] = {
- 0x10, 0x53, 0xCD, 0xE4, 0x2C, 0x14, 0xD6, 0x96, 0xE6, 0x76,
- 0x87, 0x56, 0x15, 0x17, 0x53, 0x3B, 0xF3, 0xF8, 0x33, 0x45
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[0 + 32 * 6];
+} _EC_SECG_PRIME_256K1 = {
+ {
+ NID_X9_62_prime_field, 0, 32, 1
+ },
+ {
+ /* no seed */
+ /* p */
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFC, 0x2F,
+ /* a */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ /* b */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x07,
+ /* x */
+ 0x79, 0xBE, 0x66, 0x7E, 0xF9, 0xDC, 0xBB, 0xAC, 0x55, 0xA0, 0x62, 0x95,
+ 0xCE, 0x87, 0x0B, 0x07, 0x02, 0x9B, 0xFC, 0xDB, 0x2D, 0xCE, 0x28, 0xD9,
+ 0x59, 0xF2, 0x81, 0x5B, 0x16, 0xF8, 0x17, 0x98,
+ /* y */
+ 0x48, 0x3a, 0xda, 0x77, 0x26, 0xa3, 0xc4, 0x65, 0x5d, 0xa4, 0xfb, 0xfc,
+ 0x0e, 0x11, 0x08, 0xa8, 0xfd, 0x17, 0xb4, 0x48, 0xa6, 0x85, 0x54, 0x19,
+ 0x9c, 0x47, 0xd0, 0x8f, 0xfb, 0x10, 0xd4, 0xb8,
+ /* order */
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFE, 0xBA, 0xAE, 0xDC, 0xE6, 0xAF, 0x48, 0xA0, 0x3B,
+ 0xBF, 0xD2, 0x5E, 0x8C, 0xD0, 0x36, 0x41, 0x41
+ }
};
-static const EC_CURVE_DATA _EC_SECG_PRIME_160R1 = {
- NID_X9_62_prime_field,
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFF",
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFC",
- "1C97BEFC54BD7A8B65ACF89F81D4D4ADC565FA45",
- "4A96B5688EF573284664698968C38BB913CBFC82",
- "23a628553168947d59dcc912042351377ac5fb32",
- "0100000000000000000001F4C8F927AED3CA752257", 1,
- _EC_SECG_PRIME_160R1_SEED, 20,
- "SECG curve over a 160 bit prime field"
+/* some wap/wtls curves */
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[0 + 15 * 6];
+} _EC_WTLS_8 = {
+ {
+ NID_X9_62_prime_field, 0, 15, 1
+ },
+ {
+ /* no seed */
+ /* p */
+ 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFD, 0xE7,
+ /* a */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00,
+ /* b */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x03,
+ /* x */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x01,
+ /* y */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x02,
+ /* order */
+ 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0xEC, 0xEA, 0x55, 0x1A,
+ 0xD8, 0x37, 0xE9
+ }
};
-static const unsigned char _EC_SECG_PRIME_160R2_SEED[] = {
- 0xB9, 0x9B, 0x99, 0xB0, 0x99, 0xB3, 0x23, 0xE0, 0x27, 0x09,
- 0xA4, 0xD6, 0x96, 0xE6, 0x76, 0x87, 0x56, 0x15, 0x17, 0x51
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[0 + 21 * 6];
+} _EC_WTLS_9 = {
+ {
+ NID_X9_62_prime_field, 0, 21, 1
+ },
+ {
+ /* no seed */
+ /* p */
+ 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC, 0x80, 0x8F,
+ /* a */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ /* b */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x03,
+ /* x */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
+ /* y */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02,
+ /* order */
+ 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0xCD,
+ 0xC9, 0x8A, 0xE0, 0xE2, 0xDE, 0x57, 0x4A, 0xBF, 0x33
+ }
};
-static const EC_CURVE_DATA _EC_SECG_PRIME_160R2 = {
- NID_X9_62_prime_field,
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC73",
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC70",
- "B4E134D3FB59EB8BAB57274904664D5AF50388BA",
- "52DCB034293A117E1F4FF11B30F7199D3144CE6D",
- "feaffef2e331f296e071fa0df9982cfea7d43f2e",
- "0100000000000000000000351EE786A818F3A1A16B", 1,
- _EC_SECG_PRIME_160R2_SEED, 20,
- "SECG/WTLS curve over a 160 bit prime field"
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[0 + 28 * 6];
+} _EC_WTLS_12 = {
+ {
+ NID_X9_62_prime_field, 0, 28, 1
+ },
+ {
+ /* no seed */
+ /* p */
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x01,
+ /* a */
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFE,
+ /* b */
+ 0xB4, 0x05, 0x0A, 0x85, 0x0C, 0x04, 0xB3, 0xAB, 0xF5, 0x41, 0x32, 0x56,
+ 0x50, 0x44, 0xB0, 0xB7, 0xD7, 0xBF, 0xD8, 0xBA, 0x27, 0x0B, 0x39, 0x43,
+ 0x23, 0x55, 0xFF, 0xB4,
+ /* x */
+ 0xB7, 0x0E, 0x0C, 0xBD, 0x6B, 0xB4, 0xBF, 0x7F, 0x32, 0x13, 0x90, 0xB9,
+ 0x4A, 0x03, 0xC1, 0xD3, 0x56, 0xC2, 0x11, 0x22, 0x34, 0x32, 0x80, 0xD6,
+ 0x11, 0x5C, 0x1D, 0x21,
+ /* y */
+ 0xbd, 0x37, 0x63, 0x88, 0xb5, 0xf7, 0x23, 0xfb, 0x4c, 0x22, 0xdf, 0xe6,
+ 0xcd, 0x43, 0x75, 0xa0, 0x5a, 0x07, 0x47, 0x64, 0x44, 0xd5, 0x81, 0x99,
+ 0x85, 0x00, 0x7e, 0x34,
+ /* order */
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0x16, 0xA2, 0xE0, 0xB8, 0xF0, 0x3E, 0x13, 0xDD, 0x29, 0x45,
+ 0x5C, 0x5C, 0x2A, 0x3D
+ }
};
-static const EC_CURVE_DATA _EC_SECG_PRIME_192K1 = {
- NID_X9_62_prime_field,
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFEE37",
- "0",
- "3",
- "DB4FF10EC057E9AE26B07D0280B7F4341DA5D1B1EAE06C7D",
- "9b2f2f6d9c5628a7844163d015be86344082aa88d95e2f9d",
- "FFFFFFFFFFFFFFFFFFFFFFFE26F2FC170F69466A74DEFD8D", 1,
- NULL, 20,
- "SECG curve over a 192 bit prime field"
-};
+#ifndef OPENSSL_NO_EC2M
-static const EC_CURVE_DATA _EC_SECG_PRIME_224K1 = {
- NID_X9_62_prime_field,
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFE56D",
- "0",
- "5",
- "A1455B334DF099DF30FC28A169A467E9E47075A90F7E650EB6B7A45C",
- "7e089fed7fba344282cafbd6f7e319f7c0b0bd59e2ca4bdb556d61a5",
- "010000000000000000000000000001DCE8D2EC6184CAF0A971769FB1F7", 1,
- NULL, 20,
- "SECG curve over a 224 bit prime field"
-};
-
-static const EC_CURVE_DATA _EC_SECG_PRIME_256K1 = {
- NID_X9_62_prime_field,
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F",
- "0",
- "7",
- "79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798",
- "483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8",
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141", 1,
- NULL, 20,
- "SECG curve over a 256 bit prime field"
-};
-
-/* some wap/wtls curves */
-static const EC_CURVE_DATA _EC_WTLS_8 = {
- NID_X9_62_prime_field,
- "FFFFFFFFFFFFFFFFFFFFFFFFFDE7",
- "0",
- "3",
- "1",
- "2",
- "0100000000000001ECEA551AD837E9", 1,
- NULL, 20,
- "WTLS curve over a 112 bit prime field"
-};
-
-static const EC_CURVE_DATA _EC_WTLS_9 = {
- NID_X9_62_prime_field,
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC808F",
- "0",
- "3",
- "1",
- "2",
- "0100000000000000000001CDC98AE0E2DE574ABF33", 1,
- NULL, 20,
- "WTLS curve over a 160 bit prime field"
-};
-
-static const EC_CURVE_DATA _EC_WTLS_12 = {
- NID_X9_62_prime_field,
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001",
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE",
- "B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4",
- "B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21",
- "bd376388b5f723fb4c22dfe6cd4375a05a07476444d5819985007e34",
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D", 1,
- NULL, 0,
- "WTLS curvs over a 224 bit prime field"
-};
-
/* characteristic two curves */
-static const unsigned char _EC_SECG_CHAR2_113R1_SEED[] = {
- 0x10, 0xE7, 0x23, 0xAB, 0x14, 0xD6, 0x96, 0xE6, 0x76, 0x87,
- 0x56, 0x15, 0x17, 0x56, 0xFE, 0xBF, 0x8F, 0xCB, 0x49, 0xA9
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[20 + 15 * 6];
+} _EC_SECG_CHAR2_113R1 = {
+ {
+ NID_X9_62_characteristic_two_field, 20, 15, 2
+ },
+ {
+ /* seed */
+ 0x10, 0xE7, 0x23, 0xAB, 0x14, 0xD6, 0x96, 0xE6, 0x76, 0x87, 0x56, 0x15,
+ 0x17, 0x56, 0xFE, 0xBF, 0x8F, 0xCB, 0x49, 0xA9,
+ /* p */
+ 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x02, 0x01,
+ /* a */
+ 0x00, 0x30, 0x88, 0x25, 0x0C, 0xA6, 0xE7, 0xC7, 0xFE, 0x64, 0x9C, 0xE8,
+ 0x58, 0x20, 0xF7,
+ /* b */
+ 0x00, 0xE8, 0xBE, 0xE4, 0xD3, 0xE2, 0x26, 0x07, 0x44, 0x18, 0x8B, 0xE0,
+ 0xE9, 0xC7, 0x23,
+ /* x */
+ 0x00, 0x9D, 0x73, 0x61, 0x6F, 0x35, 0xF4, 0xAB, 0x14, 0x07, 0xD7, 0x35,
+ 0x62, 0xC1, 0x0F,
+ /* y */
+ 0x00, 0xA5, 0x28, 0x30, 0x27, 0x79, 0x58, 0xEE, 0x84, 0xD1, 0x31, 0x5E,
+ 0xD3, 0x18, 0x86,
+ /* order */
+ 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xD9, 0xCC, 0xEC, 0x8A,
+ 0x39, 0xE5, 0x6F
+ }
};
-static const EC_CURVE_DATA _EC_SECG_CHAR2_113R1 = {
- NID_X9_62_characteristic_two_field,
- "020000000000000000000000000201",
- "003088250CA6E7C7FE649CE85820F7",
- "00E8BEE4D3E2260744188BE0E9C723",
- "009D73616F35F4AB1407D73562C10F",
- "00A52830277958EE84D1315ED31886",
- "0100000000000000D9CCEC8A39E56F", 2,
- _EC_SECG_CHAR2_113R1_SEED, 20,
- "SECG curve over a 113 bit binary field"
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[20 + 15 * 6];
+} _EC_SECG_CHAR2_113R2 = {
+ {
+ NID_X9_62_characteristic_two_field, 20, 15, 2
+ },
+ {
+ /* seed */
+ 0x10, 0xC0, 0xFB, 0x15, 0x76, 0x08, 0x60, 0xDE, 0xF1, 0xEE, 0xF4, 0xD6,
+ 0x96, 0xE6, 0x76, 0x87, 0x56, 0x15, 0x17, 0x5D,
+ /* p */
+ 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x02, 0x01,
+ /* a */
+ 0x00, 0x68, 0x99, 0x18, 0xDB, 0xEC, 0x7E, 0x5A, 0x0D, 0xD6, 0xDF, 0xC0,
+ 0xAA, 0x55, 0xC7,
+ /* b */
+ 0x00, 0x95, 0xE9, 0xA9, 0xEC, 0x9B, 0x29, 0x7B, 0xD4, 0xBF, 0x36, 0xE0,
+ 0x59, 0x18, 0x4F,
+ /* x */
+ 0x01, 0xA5, 0x7A, 0x6A, 0x7B, 0x26, 0xCA, 0x5E, 0xF5, 0x2F, 0xCD, 0xB8,
+ 0x16, 0x47, 0x97,
+ /* y */
+ 0x00, 0xB3, 0xAD, 0xC9, 0x4E, 0xD1, 0xFE, 0x67, 0x4C, 0x06, 0xE6, 0x95,
+ 0xBA, 0xBA, 0x1D,
+ /* order */
+ 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x08, 0x78, 0x9B, 0x24,
+ 0x96, 0xAF, 0x93
+ }
};
-static const unsigned char _EC_SECG_CHAR2_113R2_SEED[] = {
- 0x10, 0xC0, 0xFB, 0x15, 0x76, 0x08, 0x60, 0xDE, 0xF1, 0xEE,
- 0xF4, 0xD6, 0x96, 0xE6, 0x76, 0x87, 0x56, 0x15, 0x17, 0x5D
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[20 + 17 * 6];
+} _EC_SECG_CHAR2_131R1 = {
+ {
+ NID_X9_62_characteristic_two_field, 20, 17, 2
+ },
+ {
+ /* seed */
+ 0x4D, 0x69, 0x6E, 0x67, 0x68, 0x75, 0x61, 0x51, 0x75, 0x98, 0x5B, 0xD3,
+ 0xAD, 0xBA, 0xDA, 0x21, 0xB4, 0x3A, 0x97, 0xE2,
+ /* p */
+ 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x01, 0x0D,
+ /* a */
+ 0x07, 0xA1, 0x1B, 0x09, 0xA7, 0x6B, 0x56, 0x21, 0x44, 0x41, 0x8F, 0xF3,
+ 0xFF, 0x8C, 0x25, 0x70, 0xB8,
+ /* b */
+ 0x02, 0x17, 0xC0, 0x56, 0x10, 0x88, 0x4B, 0x63, 0xB9, 0xC6, 0xC7, 0x29,
+ 0x16, 0x78, 0xF9, 0xD3, 0x41,
+ /* x */
+ 0x00, 0x81, 0xBA, 0xF9, 0x1F, 0xDF, 0x98, 0x33, 0xC4, 0x0F, 0x9C, 0x18,
+ 0x13, 0x43, 0x63, 0x83, 0x99,
+ /* y */
+ 0x07, 0x8C, 0x6E, 0x7E, 0xA3, 0x8C, 0x00, 0x1F, 0x73, 0xC8, 0x13, 0x4B,
+ 0x1B, 0x4E, 0xF9, 0xE1, 0x50,
+ /* order */
+ 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x31, 0x23, 0x95,
+ 0x3A, 0x94, 0x64, 0xB5, 0x4D
+ }
};
-static const EC_CURVE_DATA _EC_SECG_CHAR2_113R2 = {
- NID_X9_62_characteristic_two_field,
- "020000000000000000000000000201",
- "00689918DBEC7E5A0DD6DFC0AA55C7",
- "0095E9A9EC9B297BD4BF36E059184F",
- "01A57A6A7B26CA5EF52FCDB8164797",
- "00B3ADC94ED1FE674C06E695BABA1D",
- "010000000000000108789B2496AF93", 2,
- _EC_SECG_CHAR2_113R2_SEED, 20,
- "SECG curve over a 113 bit binary field"
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[20 + 17 * 6];
+} _EC_SECG_CHAR2_131R2 = {
+ {
+ NID_X9_62_characteristic_two_field, 20, 17, 2
+ },
+ {
+ /* seed */
+ 0x98, 0x5B, 0xD3, 0xAD, 0xBA, 0xD4, 0xD6, 0x96, 0xE6, 0x76, 0x87, 0x56,
+ 0x15, 0x17, 0x5A, 0x21, 0xB4, 0x3A, 0x97, 0xE3,
+ /* p */
+ 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x01, 0x0D,
+ /* a */
+ 0x03, 0xE5, 0xA8, 0x89, 0x19, 0xD7, 0xCA, 0xFC, 0xBF, 0x41, 0x5F, 0x07,
+ 0xC2, 0x17, 0x65, 0x73, 0xB2,
+ /* b */
+ 0x04, 0xB8, 0x26, 0x6A, 0x46, 0xC5, 0x56, 0x57, 0xAC, 0x73, 0x4C, 0xE3,
+ 0x8F, 0x01, 0x8F, 0x21, 0x92,
+ /* x */
+ 0x03, 0x56, 0xDC, 0xD8, 0xF2, 0xF9, 0x50, 0x31, 0xAD, 0x65, 0x2D, 0x23,
+ 0x95, 0x1B, 0xB3, 0x66, 0xA8,
+ /* y */
+ 0x06, 0x48, 0xF0, 0x6D, 0x86, 0x79, 0x40, 0xA5, 0x36, 0x6D, 0x9E, 0x26,
+ 0x5D, 0xE9, 0xEB, 0x24, 0x0F,
+ /* order */
+ 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x69, 0x54, 0xA2,
+ 0x33, 0x04, 0x9B, 0xA9, 0x8F
+ }
};
-static const unsigned char _EC_SECG_CHAR2_131R1_SEED[] = {
- 0x4D, 0x69, 0x6E, 0x67, 0x68, 0x75, 0x61, 0x51, 0x75, 0x98,
- 0x5B, 0xD3, 0xAD, 0xBA, 0xDA, 0x21, 0xB4, 0x3A, 0x97, 0xE2
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[0 + 21 * 6];
+} _EC_NIST_CHAR2_163K = {
+ {
+ NID_X9_62_characteristic_two_field, 0, 21, 2
+ },
+ {
+ /* no seed */
+ /* p */
+ 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xC9,
+ /* a */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
+ /* b */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
+ /* x */
+ 0x02, 0xFE, 0x13, 0xC0, 0x53, 0x7B, 0xBC, 0x11, 0xAC, 0xAA, 0x07, 0xD7,
+ 0x93, 0xDE, 0x4E, 0x6D, 0x5E, 0x5C, 0x94, 0xEE, 0xE8,
+ /* y */
+ 0x02, 0x89, 0x07, 0x0F, 0xB0, 0x5D, 0x38, 0xFF, 0x58, 0x32, 0x1F, 0x2E,
+ 0x80, 0x05, 0x36, 0xD5, 0x38, 0xCC, 0xDA, 0xA3, 0xD9,
+ /* order */
+ 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x01,
+ 0x08, 0xA2, 0xE0, 0xCC, 0x0D, 0x99, 0xF8, 0xA5, 0xEF
+ }
};
-static const EC_CURVE_DATA _EC_SECG_CHAR2_131R1 = {
- NID_X9_62_characteristic_two_field,
- "080000000000000000000000000000010D",
- "07A11B09A76B562144418FF3FF8C2570B8",
- "0217C05610884B63B9C6C7291678F9D341",
- "0081BAF91FDF9833C40F9C181343638399",
- "078C6E7EA38C001F73C8134B1B4EF9E150",
- "0400000000000000023123953A9464B54D", 2,
- _EC_SECG_CHAR2_131R1_SEED, 20,
- "SECG/WTLS curve over a 131 bit binary field"
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[0 + 21 * 6];
+} _EC_SECG_CHAR2_163R1 = {
+ {
+ NID_X9_62_characteristic_two_field, 0, 21, 2
+ },
+ {
+ /* no seed */
+# if 0
+ /*
+ * The algorithm used to derive the curve parameters from the seed
+ * used here is slightly different than the algorithm described in
+ * X9.62 .
+ */
+ 0x24, 0xB7, 0xB1, 0x37, 0xC8, 0xA1, 0x4D, 0x69, 0x6E, 0x67, 0x68, 0x75,
+ 0x61, 0x51, 0x75, 0x6F, 0xD0, 0xDA, 0x2E, 0x5C,
+# endif
+ /* p */
+ 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xC9,
+ /* a */
+ 0x07, 0xB6, 0x88, 0x2C, 0xAA, 0xEF, 0xA8, 0x4F, 0x95, 0x54, 0xFF, 0x84,
+ 0x28, 0xBD, 0x88, 0xE2, 0x46, 0xD2, 0x78, 0x2A, 0xE2,
+ /* b */
+ 0x07, 0x13, 0x61, 0x2D, 0xCD, 0xDC, 0xB4, 0x0A, 0xAB, 0x94, 0x6B, 0xDA,
+ 0x29, 0xCA, 0x91, 0xF7, 0x3A, 0xF9, 0x58, 0xAF, 0xD9,
+ /* x */
+ 0x03, 0x69, 0x97, 0x96, 0x97, 0xAB, 0x43, 0x89, 0x77, 0x89, 0x56, 0x67,
+ 0x89, 0x56, 0x7F, 0x78, 0x7A, 0x78, 0x76, 0xA6, 0x54,
+ /* y */
+ 0x00, 0x43, 0x5E, 0xDB, 0x42, 0xEF, 0xAF, 0xB2, 0x98, 0x9D, 0x51, 0xFE,
+ 0xFC, 0xE3, 0xC8, 0x09, 0x88, 0xF4, 0x1F, 0xF8, 0x83,
+ /* order */
+ 0x03, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x48,
+ 0xAA, 0xB6, 0x89, 0xC2, 0x9C, 0xA7, 0x10, 0x27, 0x9B
+ }
};
-static const unsigned char _EC_SECG_CHAR2_131R2_SEED[] = {
- 0x98, 0x5B, 0xD3, 0xAD, 0xBA, 0xD4, 0xD6, 0x96, 0xE6, 0x76,
- 0x87, 0x56, 0x15, 0x17, 0x5A, 0x21, 0xB4, 0x3A, 0x97, 0xE3
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[0 + 21 * 6];
+} _EC_NIST_CHAR2_163B = {
+ {
+ NID_X9_62_characteristic_two_field, 0, 21, 2
+ },
+ {
+ /* no seed */
+# if 0
+ /*
+ * The seed here was used to created the curve parameters in normal
+ * basis representation (and not the polynomial representation used
+ * here)
+ */
+ 0x85, 0xE2, 0x5B, 0xFE, 0x5C, 0x86, 0x22, 0x6C, 0xDB, 0x12, 0x01, 0x6F,
+ 0x75, 0x53, 0xF9, 0xD0, 0xE6, 0x93, 0xA2, 0x68,
+# endif
+ /* p */
+ 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xC9,
+ /* a */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
+ /* b */
+ 0x02, 0x0A, 0x60, 0x19, 0x07, 0xB8, 0xC9, 0x53, 0xCA, 0x14, 0x81, 0xEB,
+ 0x10, 0x51, 0x2F, 0x78, 0x74, 0x4A, 0x32, 0x05, 0xFD,
+ /* x */
+ 0x03, 0xF0, 0xEB, 0xA1, 0x62, 0x86, 0xA2, 0xD5, 0x7E, 0xA0, 0x99, 0x11,
+ 0x68, 0xD4, 0x99, 0x46, 0x37, 0xE8, 0x34, 0x3E, 0x36,
+ /* y */
+ 0x00, 0xD5, 0x1F, 0xBC, 0x6C, 0x71, 0xA0, 0x09, 0x4F, 0xA2, 0xCD, 0xD5,
+ 0x45, 0xB1, 0x1C, 0x5C, 0x0C, 0x79, 0x73, 0x24, 0xF1,
+ /* order */
+ 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x92,
+ 0xFE, 0x77, 0xE7, 0x0C, 0x12, 0xA4, 0x23, 0x4C, 0x33
+ }
};
-static const EC_CURVE_DATA _EC_SECG_CHAR2_131R2 = {
- NID_X9_62_characteristic_two_field,
- "080000000000000000000000000000010D",
- "03E5A88919D7CAFCBF415F07C2176573B2",
- "04B8266A46C55657AC734CE38F018F2192",
- "0356DCD8F2F95031AD652D23951BB366A8",
- "0648F06D867940A5366D9E265DE9EB240F",
- "0400000000000000016954A233049BA98F", 2,
- _EC_SECG_CHAR2_131R2_SEED, 20,
- "SECG curve over a 131 bit binary field"
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[20 + 25 * 6];
+} _EC_SECG_CHAR2_193R1 = {
+ {
+ NID_X9_62_characteristic_two_field, 20, 25, 2
+ },
+ {
+ /* seed */
+ 0x10, 0x3F, 0xAE, 0xC7, 0x4D, 0x69, 0x6E, 0x67, 0x68, 0x75, 0x61, 0x51,
+ 0x75, 0x77, 0x7F, 0xC5, 0xB1, 0x91, 0xEF, 0x30,
+ /* p */
+ 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x80,
+ 0x01,
+ /* a */
+ 0x00, 0x17, 0x85, 0x8F, 0xEB, 0x7A, 0x98, 0x97, 0x51, 0x69, 0xE1, 0x71,
+ 0xF7, 0x7B, 0x40, 0x87, 0xDE, 0x09, 0x8A, 0xC8, 0xA9, 0x11, 0xDF, 0x7B,
+ 0x01,
+ /* b */
+ 0x00, 0xFD, 0xFB, 0x49, 0xBF, 0xE6, 0xC3, 0xA8, 0x9F, 0xAC, 0xAD, 0xAA,
+ 0x7A, 0x1E, 0x5B, 0xBC, 0x7C, 0xC1, 0xC2, 0xE5, 0xD8, 0x31, 0x47, 0x88,
+ 0x14,
+ /* x */
+ 0x01, 0xF4, 0x81, 0xBC, 0x5F, 0x0F, 0xF8, 0x4A, 0x74, 0xAD, 0x6C, 0xDF,
+ 0x6F, 0xDE, 0xF4, 0xBF, 0x61, 0x79, 0x62, 0x53, 0x72, 0xD8, 0xC0, 0xC5,
+ 0xE1,
+ /* y */
+ 0x00, 0x25, 0xE3, 0x99, 0xF2, 0x90, 0x37, 0x12, 0xCC, 0xF3, 0xEA, 0x9E,
+ 0x3A, 0x1A, 0xD1, 0x7F, 0xB0, 0xB3, 0x20, 0x1B, 0x6A, 0xF7, 0xCE, 0x1B,
+ 0x05,
+ /* order */
+ 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0xC7, 0xF3, 0x4A, 0x77, 0x8F, 0x44, 0x3A, 0xCC, 0x92, 0x0E, 0xBA,
+ 0x49
+ }
};
-static const EC_CURVE_DATA _EC_NIST_CHAR2_163K = {
- NID_X9_62_characteristic_two_field,
- "0800000000000000000000000000000000000000C9",
- "1",
- "1",
- "02FE13C0537BBC11ACAA07D793DE4E6D5E5C94EEE8",
- "0289070FB05D38FF58321F2E800536D538CCDAA3D9",
- "04000000000000000000020108A2E0CC0D99F8A5EF", 2,
- NULL, 0,
- "NIST/SECG/WTLS curve over a 163 bit binary field"
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[20 + 25 * 6];
+} _EC_SECG_CHAR2_193R2 = {
+ {
+ NID_X9_62_characteristic_two_field, 20, 25, 2
+ },
+ {
+ /* seed */
+ 0x10, 0xB7, 0xB4, 0xD6, 0x96, 0xE6, 0x76, 0x87, 0x56, 0x15, 0x17, 0x51,
+ 0x37, 0xC8, 0xA1, 0x6F, 0xD0, 0xDA, 0x22, 0x11,
+ /* p */
+ 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x80,
+ 0x01,
+ /* a */
+ 0x01, 0x63, 0xF3, 0x5A, 0x51, 0x37, 0xC2, 0xCE, 0x3E, 0xA6, 0xED, 0x86,
+ 0x67, 0x19, 0x0B, 0x0B, 0xC4, 0x3E, 0xCD, 0x69, 0x97, 0x77, 0x02, 0x70,
+ 0x9B,
+ /* b */
+ 0x00, 0xC9, 0xBB, 0x9E, 0x89, 0x27, 0xD4, 0xD6, 0x4C, 0x37, 0x7E, 0x2A,
+ 0xB2, 0x85, 0x6A, 0x5B, 0x16, 0xE3, 0xEF, 0xB7, 0xF6, 0x1D, 0x43, 0x16,
+ 0xAE,
+ /* x */
+ 0x00, 0xD9, 0xB6, 0x7D, 0x19, 0x2E, 0x03, 0x67, 0xC8, 0x03, 0xF3, 0x9E,
+ 0x1A, 0x7E, 0x82, 0xCA, 0x14, 0xA6, 0x51, 0x35, 0x0A, 0xAE, 0x61, 0x7E,
+ 0x8F,
+ /* y */
+ 0x01, 0xCE, 0x94, 0x33, 0x56, 0x07, 0xC3, 0x04, 0xAC, 0x29, 0xE7, 0xDE,
+ 0xFB, 0xD9, 0xCA, 0x01, 0xF5, 0x96, 0xF9, 0x27, 0x22, 0x4C, 0xDE, 0xCF,
+ 0x6C,
+ /* order */
+ 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x01, 0x5A, 0xAB, 0x56, 0x1B, 0x00, 0x54, 0x13, 0xCC, 0xD4, 0xEE, 0x99,
+ 0xD5
+ }
};
-static const unsigned char _EC_SECG_CHAR2_163R1_SEED[] = {
- 0x24, 0xB7, 0xB1, 0x37, 0xC8, 0xA1, 0x4D, 0x69, 0x6E, 0x67,
- 0x68, 0x75, 0x61, 0x51, 0x75, 0x6F, 0xD0, 0xDA, 0x2E, 0x5C
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[0 + 30 * 6];
+} _EC_NIST_CHAR2_233K = {
+ {
+ NID_X9_62_characteristic_two_field, 0, 30, 4
+ },
+ {
+ /* no seed */
+ 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
+ /* a */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ /* b */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
+ /* x */
+ 0x01, 0x72, 0x32, 0xBA, 0x85, 0x3A, 0x7E, 0x73, 0x1A, 0xF1, 0x29, 0xF2,
+ 0x2F, 0xF4, 0x14, 0x95, 0x63, 0xA4, 0x19, 0xC2, 0x6B, 0xF5, 0x0A, 0x4C,
+ 0x9D, 0x6E, 0xEF, 0xAD, 0x61, 0x26,
+ /* y */
+ 0x01, 0xDB, 0x53, 0x7D, 0xEC, 0xE8, 0x19, 0xB7, 0xF7, 0x0F, 0x55, 0x5A,
+ 0x67, 0xC4, 0x27, 0xA8, 0xCD, 0x9B, 0xF1, 0x8A, 0xEB, 0x9B, 0x56, 0xE0,
+ 0xC1, 0x10, 0x56, 0xFA, 0xE6, 0xA3,
+ /* order */
+ 0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x06, 0x9D, 0x5B, 0xB9, 0x15, 0xBC, 0xD4, 0x6E, 0xFB,
+ 0x1A, 0xD5, 0xF1, 0x73, 0xAB, 0xDF
+ }
};
-static const EC_CURVE_DATA _EC_SECG_CHAR2_163R1 = {
- NID_X9_62_characteristic_two_field,
- "0800000000000000000000000000000000000000C9",
- "07B6882CAAEFA84F9554FF8428BD88E246D2782AE2",
- "0713612DCDDCB40AAB946BDA29CA91F73AF958AFD9",
- "0369979697AB43897789566789567F787A7876A654",
- "00435EDB42EFAFB2989D51FEFCE3C80988F41FF883",
- "03FFFFFFFFFFFFFFFFFFFF48AAB689C29CA710279B", 2,
- /*
- * The algorithm used to derive the curve parameters from the seed used
- * here is slightly different than the algorithm described in X9.62 .
- */
-#if 0
- _EC_SECG_CHAR2_163R1_SEED, 20,
-#else
- NULL, 0,
-#endif
- "SECG curve over a 163 bit binary field"
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[20 + 30 * 6];
+} _EC_NIST_CHAR2_233B = {
+ {
+ NID_X9_62_characteristic_two_field, 20, 30, 2
+ },
+ {
+ /* seed */
+ 0x74, 0xD5, 0x9F, 0xF0, 0x7F, 0x6B, 0x41, 0x3D, 0x0E, 0xA1, 0x4B, 0x34,
+ 0x4B, 0x20, 0xA2, 0xDB, 0x04, 0x9B, 0x50, 0xC3,
+ /* p */
+ 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
+ /* a */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
+ /* b */
+ 0x00, 0x66, 0x64, 0x7E, 0xDE, 0x6C, 0x33, 0x2C, 0x7F, 0x8C, 0x09, 0x23,
+ 0xBB, 0x58, 0x21, 0x3B, 0x33, 0x3B, 0x20, 0xE9, 0xCE, 0x42, 0x81, 0xFE,
+ 0x11, 0x5F, 0x7D, 0x8F, 0x90, 0xAD,
+ /* x */
+ 0x00, 0xFA, 0xC9, 0xDF, 0xCB, 0xAC, 0x83, 0x13, 0xBB, 0x21, 0x39, 0xF1,
+ 0xBB, 0x75, 0x5F, 0xEF, 0x65, 0xBC, 0x39, 0x1F, 0x8B, 0x36, 0xF8, 0xF8,
+ 0xEB, 0x73, 0x71, 0xFD, 0x55, 0x8B,
+ /* y */
+ 0x01, 0x00, 0x6A, 0x08, 0xA4, 0x19, 0x03, 0x35, 0x06, 0x78, 0xE5, 0x85,
+ 0x28, 0xBE, 0xBF, 0x8A, 0x0B, 0xEF, 0xF8, 0x67, 0xA7, 0xCA, 0x36, 0x71,
+ 0x6F, 0x7E, 0x01, 0xF8, 0x10, 0x52,
+ /* order */
+ 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x13, 0xE9, 0x74, 0xE7, 0x2F, 0x8A, 0x69, 0x22, 0x03,
+ 0x1D, 0x26, 0x03, 0xCF, 0xE0, 0xD7
+ }
};
-static const unsigned char _EC_NIST_CHAR2_163B_SEED[] = {
- 0x85, 0xE2, 0x5B, 0xFE, 0x5C, 0x86, 0x22, 0x6C, 0xDB, 0x12,
- 0x01, 0x6F, 0x75, 0x53, 0xF9, 0xD0, 0xE6, 0x93, 0xA2, 0x68
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[0 + 30 * 6];
+} _EC_SECG_CHAR2_239K1 = {
+ {
+ NID_X9_62_characteristic_two_field, 0, 30, 4
+ },
+ {
+ /* no seed */
+ 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x40, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
+ /* a */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ /* b */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
+ /* x */
+ 0x29, 0xA0, 0xB6, 0xA8, 0x87, 0xA9, 0x83, 0xE9, 0x73, 0x09, 0x88, 0xA6,
+ 0x87, 0x27, 0xA8, 0xB2, 0xD1, 0x26, 0xC4, 0x4C, 0xC2, 0xCC, 0x7B, 0x2A,
+ 0x65, 0x55, 0x19, 0x30, 0x35, 0xDC,
+ /* y */
+ 0x76, 0x31, 0x08, 0x04, 0xF1, 0x2E, 0x54, 0x9B, 0xDB, 0x01, 0x1C, 0x10,
+ 0x30, 0x89, 0xE7, 0x35, 0x10, 0xAC, 0xB2, 0x75, 0xFC, 0x31, 0x2A, 0x5D,
+ 0xC6, 0xB7, 0x65, 0x53, 0xF0, 0xCA,
+ /* order */
+ 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x5A, 0x79, 0xFE, 0xC6, 0x7C, 0xB6, 0xE9, 0x1F, 0x1C,
+ 0x1D, 0xA8, 0x00, 0xE4, 0x78, 0xA5
+ }
};
-static const EC_CURVE_DATA _EC_NIST_CHAR2_163B = {
- NID_X9_62_characteristic_two_field,
- "0800000000000000000000000000000000000000C9",
- "1",
- "020A601907B8C953CA1481EB10512F78744A3205FD",
- "03F0EBA16286A2D57EA0991168D4994637E8343E36",
- "00D51FBC6C71A0094FA2CDD545B11C5C0C797324F1",
- "040000000000000000000292FE77E70C12A4234C33", 2,
- /*
- * The seed here was used to created the curve parameters in normal basis
- * representation (and not the polynomial representation used here)
- */
-#if 0
- _EC_NIST_CHAR2_163B_SEED, 20,
-#else
- NULL, 0,
-#endif
- "NIST/SECG curve over a 163 bit binary field"
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[0 + 36 * 6];
+} _EC_NIST_CHAR2_283K = {
+ {
+ NID_X9_62_characteristic_two_field, 0, 36, 4
+ },
+ {
+ /* no seed */
+ 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10, 0xA1,
+ /* a */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ /* b */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
+ /* x */
+ 0x05, 0x03, 0x21, 0x3F, 0x78, 0xCA, 0x44, 0x88, 0x3F, 0x1A, 0x3B, 0x81,
+ 0x62, 0xF1, 0x88, 0xE5, 0x53, 0xCD, 0x26, 0x5F, 0x23, 0xC1, 0x56, 0x7A,
+ 0x16, 0x87, 0x69, 0x13, 0xB0, 0xC2, 0xAC, 0x24, 0x58, 0x49, 0x28, 0x36,
+ /* y */
+ 0x01, 0xCC, 0xDA, 0x38, 0x0F, 0x1C, 0x9E, 0x31, 0x8D, 0x90, 0xF9, 0x5D,
+ 0x07, 0xE5, 0x42, 0x6F, 0xE8, 0x7E, 0x45, 0xC0, 0xE8, 0x18, 0x46, 0x98,
+ 0xE4, 0x59, 0x62, 0x36, 0x4E, 0x34, 0x11, 0x61, 0x77, 0xDD, 0x22, 0x59,
+ /* order */
+ 0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xE9, 0xAE, 0x2E, 0xD0, 0x75, 0x77,
+ 0x26, 0x5D, 0xFF, 0x7F, 0x94, 0x45, 0x1E, 0x06, 0x1E, 0x16, 0x3C, 0x61
+ }
};
-static const unsigned char _EC_SECG_CHAR2_193R1_SEED[] = {
- 0x10, 0x3F, 0xAE, 0xC7, 0x4D, 0x69, 0x6E, 0x67, 0x68, 0x75,
- 0x61, 0x51, 0x75, 0x77, 0x7F, 0xC5, 0xB1, 0x91, 0xEF, 0x30
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[20 + 36 * 6];
+} _EC_NIST_CHAR2_283B = {
+ {
+ NID_X9_62_characteristic_two_field, 20, 36, 2
+ },
+ {
+ /* no seed */
+ 0x77, 0xE2, 0xB0, 0x73, 0x70, 0xEB, 0x0F, 0x83, 0x2A, 0x6D, 0xD5, 0xB6,
+ 0x2D, 0xFC, 0x88, 0xCD, 0x06, 0xBB, 0x84, 0xBE,
+ /* p */
+ 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10, 0xA1,
+ /* a */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
+ /* b */
+ 0x02, 0x7B, 0x68, 0x0A, 0xC8, 0xB8, 0x59, 0x6D, 0xA5, 0xA4, 0xAF, 0x8A,
+ 0x19, 0xA0, 0x30, 0x3F, 0xCA, 0x97, 0xFD, 0x76, 0x45, 0x30, 0x9F, 0xA2,
+ 0xA5, 0x81, 0x48, 0x5A, 0xF6, 0x26, 0x3E, 0x31, 0x3B, 0x79, 0xA2, 0xF5,
+ /* x */
+ 0x05, 0xF9, 0x39, 0x25, 0x8D, 0xB7, 0xDD, 0x90, 0xE1, 0x93, 0x4F, 0x8C,
+ 0x70, 0xB0, 0xDF, 0xEC, 0x2E, 0xED, 0x25, 0xB8, 0x55, 0x7E, 0xAC, 0x9C,
+ 0x80, 0xE2, 0xE1, 0x98, 0xF8, 0xCD, 0xBE, 0xCD, 0x86, 0xB1, 0x20, 0x53,
+ /* y */
+ 0x03, 0x67, 0x68, 0x54, 0xFE, 0x24, 0x14, 0x1C, 0xB9, 0x8F, 0xE6, 0xD4,
+ 0xB2, 0x0D, 0x02, 0xB4, 0x51, 0x6F, 0xF7, 0x02, 0x35, 0x0E, 0xDD, 0xB0,
+ 0x82, 0x67, 0x79, 0xC8, 0x13, 0xF0, 0xDF, 0x45, 0xBE, 0x81, 0x12, 0xF4,
+ /* order */
+ 0x03, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xEF, 0x90, 0x39, 0x96, 0x60, 0xFC,
+ 0x93, 0x8A, 0x90, 0x16, 0x5B, 0x04, 0x2A, 0x7C, 0xEF, 0xAD, 0xB3, 0x07
+ }
};
-static const EC_CURVE_DATA _EC_SECG_CHAR2_193R1 = {
- NID_X9_62_characteristic_two_field,
- "02000000000000000000000000000000000000000000008001",
- "0017858FEB7A98975169E171F77B4087DE098AC8A911DF7B01",
- "00FDFB49BFE6C3A89FACADAA7A1E5BBC7CC1C2E5D831478814",
- "01F481BC5F0FF84A74AD6CDF6FDEF4BF6179625372D8C0C5E1",
- "0025E399F2903712CCF3EA9E3A1AD17FB0B3201B6AF7CE1B05",
- "01000000000000000000000000C7F34A778F443ACC920EBA49", 2,
- _EC_SECG_CHAR2_193R1_SEED, 20,
- "SECG curve over a 193 bit binary field"
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[0 + 52 * 6];
+} _EC_NIST_CHAR2_409K = {
+ {
+ NID_X9_62_characteristic_two_field, 0, 52, 4
+ },
+ {
+ /* no seed */
+ /* p */
+ 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x01,
+ /* a */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00,
+ /* b */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x01,
+ /* x */
+ 0x00, 0x60, 0xF0, 0x5F, 0x65, 0x8F, 0x49, 0xC1, 0xAD, 0x3A, 0xB1, 0x89,
+ 0x0F, 0x71, 0x84, 0x21, 0x0E, 0xFD, 0x09, 0x87, 0xE3, 0x07, 0xC8, 0x4C,
+ 0x27, 0xAC, 0xCF, 0xB8, 0xF9, 0xF6, 0x7C, 0xC2, 0xC4, 0x60, 0x18, 0x9E,
+ 0xB5, 0xAA, 0xAA, 0x62, 0xEE, 0x22, 0x2E, 0xB1, 0xB3, 0x55, 0x40, 0xCF,
+ 0xE9, 0x02, 0x37, 0x46,
+ /* y */
+ 0x01, 0xE3, 0x69, 0x05, 0x0B, 0x7C, 0x4E, 0x42, 0xAC, 0xBA, 0x1D, 0xAC,
+ 0xBF, 0x04, 0x29, 0x9C, 0x34, 0x60, 0x78, 0x2F, 0x91, 0x8E, 0xA4, 0x27,
+ 0xE6, 0x32, 0x51, 0x65, 0xE9, 0xEA, 0x10, 0xE3, 0xDA, 0x5F, 0x6C, 0x42,
+ 0xE9, 0xC5, 0x52, 0x15, 0xAA, 0x9C, 0xA2, 0x7A, 0x58, 0x63, 0xEC, 0x48,
+ 0xD8, 0xE0, 0x28, 0x6B,
+ /* order */
+ 0x00, 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFE, 0x5F, 0x83, 0xB2, 0xD4, 0xEA, 0x20, 0x40, 0x0E, 0xC4,
+ 0x55, 0x7D, 0x5E, 0xD3, 0xE3, 0xE7, 0xCA, 0x5B, 0x4B, 0x5C, 0x83, 0xB8,
+ 0xE0, 0x1E, 0x5F, 0xCF
+ }
};
-static const unsigned char _EC_SECG_CHAR2_193R2_SEED[] = {
- 0x10, 0xB7, 0xB4, 0xD6, 0x96, 0xE6, 0x76, 0x87, 0x56, 0x15,
- 0x17, 0x51, 0x37, 0xC8, 0xA1, 0x6F, 0xD0, 0xDA, 0x22, 0x11
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[20 + 52 * 6];
+} _EC_NIST_CHAR2_409B = {
+ {
+ NID_X9_62_characteristic_two_field, 20, 52, 2
+ },
+ {
+ /* seed */
+ 0x40, 0x99, 0xB5, 0xA4, 0x57, 0xF9, 0xD6, 0x9F, 0x79, 0x21, 0x3D, 0x09,
+ 0x4C, 0x4B, 0xCD, 0x4D, 0x42, 0x62, 0x21, 0x0B,
+ /* p */
+ 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x01,
+ /* a */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x01,
+ /* b */
+ 0x00, 0x21, 0xA5, 0xC2, 0xC8, 0xEE, 0x9F, 0xEB, 0x5C, 0x4B, 0x9A, 0x75,
+ 0x3B, 0x7B, 0x47, 0x6B, 0x7F, 0xD6, 0x42, 0x2E, 0xF1, 0xF3, 0xDD, 0x67,
+ 0x47, 0x61, 0xFA, 0x99, 0xD6, 0xAC, 0x27, 0xC8, 0xA9, 0xA1, 0x97, 0xB2,
+ 0x72, 0x82, 0x2F, 0x6C, 0xD5, 0x7A, 0x55, 0xAA, 0x4F, 0x50, 0xAE, 0x31,
+ 0x7B, 0x13, 0x54, 0x5F,
+ /* x */
+ 0x01, 0x5D, 0x48, 0x60, 0xD0, 0x88, 0xDD, 0xB3, 0x49, 0x6B, 0x0C, 0x60,
+ 0x64, 0x75, 0x62, 0x60, 0x44, 0x1C, 0xDE, 0x4A, 0xF1, 0x77, 0x1D, 0x4D,
+ 0xB0, 0x1F, 0xFE, 0x5B, 0x34, 0xE5, 0x97, 0x03, 0xDC, 0x25, 0x5A, 0x86,
+ 0x8A, 0x11, 0x80, 0x51, 0x56, 0x03, 0xAE, 0xAB, 0x60, 0x79, 0x4E, 0x54,
+ 0xBB, 0x79, 0x96, 0xA7,
+ /* y */
+ 0x00, 0x61, 0xB1, 0xCF, 0xAB, 0x6B, 0xE5, 0xF3, 0x2B, 0xBF, 0xA7, 0x83,
+ 0x24, 0xED, 0x10, 0x6A, 0x76, 0x36, 0xB9, 0xC5, 0xA7, 0xBD, 0x19, 0x8D,
+ 0x01, 0x58, 0xAA, 0x4F, 0x54, 0x88, 0xD0, 0x8F, 0x38, 0x51, 0x4F, 0x1F,
+ 0xDF, 0x4B, 0x4F, 0x40, 0xD2, 0x18, 0x1B, 0x36, 0x81, 0xC3, 0x64, 0xBA,
+ 0x02, 0x73, 0xC7, 0x06,
+ /* order */
+ 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x01, 0xE2, 0xAA, 0xD6, 0xA6, 0x12, 0xF3, 0x33, 0x07, 0xBE,
+ 0x5F, 0xA4, 0x7C, 0x3C, 0x9E, 0x05, 0x2F, 0x83, 0x81, 0x64, 0xCD, 0x37,
+ 0xD9, 0xA2, 0x11, 0x73
+ }
};
-static const EC_CURVE_DATA _EC_SECG_CHAR2_193R2 = {
- NID_X9_62_characteristic_two_field,
- "02000000000000000000000000000000000000000000008001",
- "0163F35A5137C2CE3EA6ED8667190B0BC43ECD69977702709B",
- "00C9BB9E8927D4D64C377E2AB2856A5B16E3EFB7F61D4316AE",
- "00D9B67D192E0367C803F39E1A7E82CA14A651350AAE617E8F",
- "01CE94335607C304AC29E7DEFBD9CA01F596F927224CDECF6C",
- "010000000000000000000000015AAB561B005413CCD4EE99D5", 2,
- _EC_SECG_CHAR2_193R2_SEED, 20,
- "SECG curve over a 193 bit binary field"
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[0 + 72 * 6];
+} _EC_NIST_CHAR2_571K = {
+ {
+ NID_X9_62_characteristic_two_field, 0, 72, 4
+ },
+ {
+ /* no seed */
+ /* p */
+ 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x04, 0x25,
+ /* a */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ /* b */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
+ /* x */
+ 0x02, 0x6E, 0xB7, 0xA8, 0x59, 0x92, 0x3F, 0xBC, 0x82, 0x18, 0x96, 0x31,
+ 0xF8, 0x10, 0x3F, 0xE4, 0xAC, 0x9C, 0xA2, 0x97, 0x00, 0x12, 0xD5, 0xD4,
+ 0x60, 0x24, 0x80, 0x48, 0x01, 0x84, 0x1C, 0xA4, 0x43, 0x70, 0x95, 0x84,
+ 0x93, 0xB2, 0x05, 0xE6, 0x47, 0xDA, 0x30, 0x4D, 0xB4, 0xCE, 0xB0, 0x8C,
+ 0xBB, 0xD1, 0xBA, 0x39, 0x49, 0x47, 0x76, 0xFB, 0x98, 0x8B, 0x47, 0x17,
+ 0x4D, 0xCA, 0x88, 0xC7, 0xE2, 0x94, 0x52, 0x83, 0xA0, 0x1C, 0x89, 0x72,
+ /* y */
+ 0x03, 0x49, 0xDC, 0x80, 0x7F, 0x4F, 0xBF, 0x37, 0x4F, 0x4A, 0xEA, 0xDE,
+ 0x3B, 0xCA, 0x95, 0x31, 0x4D, 0xD5, 0x8C, 0xEC, 0x9F, 0x30, 0x7A, 0x54,
+ 0xFF, 0xC6, 0x1E, 0xFC, 0x00, 0x6D, 0x8A, 0x2C, 0x9D, 0x49, 0x79, 0xC0,
+ 0xAC, 0x44, 0xAE, 0xA7, 0x4F, 0xBE, 0xBB, 0xB9, 0xF7, 0x72, 0xAE, 0xDC,
+ 0xB6, 0x20, 0xB0, 0x1A, 0x7B, 0xA7, 0xAF, 0x1B, 0x32, 0x04, 0x30, 0xC8,
+ 0x59, 0x19, 0x84, 0xF6, 0x01, 0xCD, 0x4C, 0x14, 0x3E, 0xF1, 0xC7, 0xA3,
+ /* order */
+ 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x13, 0x18, 0x50, 0xE1, 0xF1, 0x9A, 0x63, 0xE4, 0xB3, 0x91, 0xA8, 0xDB,
+ 0x91, 0x7F, 0x41, 0x38, 0xB6, 0x30, 0xD8, 0x4B, 0xE5, 0xD6, 0x39, 0x38,
+ 0x1E, 0x91, 0xDE, 0xB4, 0x5C, 0xFE, 0x77, 0x8F, 0x63, 0x7C, 0x10, 0x01
+ }
};
-static const EC_CURVE_DATA _EC_NIST_CHAR2_233K = {
- NID_X9_62_characteristic_two_field,
- "020000000000000000000000000000000000000004000000000000000001",
- "0",
- "1",
- "017232BA853A7E731AF129F22FF4149563A419C26BF50A4C9D6EEFAD6126",
- "01DB537DECE819B7F70F555A67C427A8CD9BF18AEB9B56E0C11056FAE6A3",
- "008000000000000000000000000000069D5BB915BCD46EFB1AD5F173ABDF", 4,
- NULL, 0,
- "NIST/SECG/WTLS curve over a 233 bit binary field"
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[20 + 72 * 6];
+} _EC_NIST_CHAR2_571B = {
+ {
+ NID_X9_62_characteristic_two_field, 20, 72, 2
+ },
+ {
+ /* seed */
+ 0x2A, 0xA0, 0x58, 0xF7, 0x3A, 0x0E, 0x33, 0xAB, 0x48, 0x6B, 0x0F, 0x61,
+ 0x04, 0x10, 0xC5, 0x3A, 0x7F, 0x13, 0x23, 0x10,
+ /* p */
+ 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x04, 0x25,
+ /* a */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
+ /* b */
+ 0x02, 0xF4, 0x0E, 0x7E, 0x22, 0x21, 0xF2, 0x95, 0xDE, 0x29, 0x71, 0x17,
+ 0xB7, 0xF3, 0xD6, 0x2F, 0x5C, 0x6A, 0x97, 0xFF, 0xCB, 0x8C, 0xEF, 0xF1,
+ 0xCD, 0x6B, 0xA8, 0xCE, 0x4A, 0x9A, 0x18, 0xAD, 0x84, 0xFF, 0xAB, 0xBD,
+ 0x8E, 0xFA, 0x59, 0x33, 0x2B, 0xE7, 0xAD, 0x67, 0x56, 0xA6, 0x6E, 0x29,
+ 0x4A, 0xFD, 0x18, 0x5A, 0x78, 0xFF, 0x12, 0xAA, 0x52, 0x0E, 0x4D, 0xE7,
+ 0x39, 0xBA, 0xCA, 0x0C, 0x7F, 0xFE, 0xFF, 0x7F, 0x29, 0x55, 0x72, 0x7A,
+ /* x */
+ 0x03, 0x03, 0x00, 0x1D, 0x34, 0xB8, 0x56, 0x29, 0x6C, 0x16, 0xC0, 0xD4,
+ 0x0D, 0x3C, 0xD7, 0x75, 0x0A, 0x93, 0xD1, 0xD2, 0x95, 0x5F, 0xA8, 0x0A,
+ 0xA5, 0xF4, 0x0F, 0xC8, 0xDB, 0x7B, 0x2A, 0xBD, 0xBD, 0xE5, 0x39, 0x50,
+ 0xF4, 0xC0, 0xD2, 0x93, 0xCD, 0xD7, 0x11, 0xA3, 0x5B, 0x67, 0xFB, 0x14,
+ 0x99, 0xAE, 0x60, 0x03, 0x86, 0x14, 0xF1, 0x39, 0x4A, 0xBF, 0xA3, 0xB4,
+ 0xC8, 0x50, 0xD9, 0x27, 0xE1, 0xE7, 0x76, 0x9C, 0x8E, 0xEC, 0x2D, 0x19,
+ /* y */
+ 0x03, 0x7B, 0xF2, 0x73, 0x42, 0xDA, 0x63, 0x9B, 0x6D, 0xCC, 0xFF, 0xFE,
+ 0xB7, 0x3D, 0x69, 0xD7, 0x8C, 0x6C, 0x27, 0xA6, 0x00, 0x9C, 0xBB, 0xCA,
+ 0x19, 0x80, 0xF8, 0x53, 0x39, 0x21, 0xE8, 0xA6, 0x84, 0x42, 0x3E, 0x43,
+ 0xBA, 0xB0, 0x8A, 0x57, 0x62, 0x91, 0xAF, 0x8F, 0x46, 0x1B, 0xB2, 0xA8,
+ 0xB3, 0x53, 0x1D, 0x2F, 0x04, 0x85, 0xC1, 0x9B, 0x16, 0xE2, 0xF1, 0x51,
+ 0x6E, 0x23, 0xDD, 0x3C, 0x1A, 0x48, 0x27, 0xAF, 0x1B, 0x8A, 0xC1, 0x5B,
+ /* order */
+ 0x03, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xE6, 0x61, 0xCE, 0x18, 0xFF, 0x55, 0x98, 0x73, 0x08, 0x05, 0x9B, 0x18,
+ 0x68, 0x23, 0x85, 0x1E, 0xC7, 0xDD, 0x9C, 0xA1, 0x16, 0x1D, 0xE9, 0x3D,
+ 0x51, 0x74, 0xD6, 0x6E, 0x83, 0x82, 0xE9, 0xBB, 0x2F, 0xE8, 0x4E, 0x47
+ }
};
-static const unsigned char _EC_NIST_CHAR2_233B_SEED[] = {
- 0x74, 0xD5, 0x9F, 0xF0, 0x7F, 0x6B, 0x41, 0x3D, 0x0E, 0xA1,
- 0x4B, 0x34, 0x4B, 0x20, 0xA2, 0xDB, 0x04, 0x9B, 0x50, 0xC3
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[20 + 21 * 6];
+} _EC_X9_62_CHAR2_163V1 = {
+ {
+ NID_X9_62_characteristic_two_field, 20, 21, 2
+ },
+ {
+ /* seed */
+ 0xD2, 0xC0, 0xFB, 0x15, 0x76, 0x08, 0x60, 0xDE, 0xF1, 0xEE, 0xF4, 0xD6,
+ 0x96, 0xE6, 0x76, 0x87, 0x56, 0x15, 0x17, 0x54,
+ /* p */
+ 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x07,
+ /* a */
+ 0x07, 0x25, 0x46, 0xB5, 0x43, 0x52, 0x34, 0xA4, 0x22, 0xE0, 0x78, 0x96,
+ 0x75, 0xF4, 0x32, 0xC8, 0x94, 0x35, 0xDE, 0x52, 0x42,
+ /* b */
+ 0x00, 0xC9, 0x51, 0x7D, 0x06, 0xD5, 0x24, 0x0D, 0x3C, 0xFF, 0x38, 0xC7,
+ 0x4B, 0x20, 0xB6, 0xCD, 0x4D, 0x6F, 0x9D, 0xD4, 0xD9,
+ /* x */
+ 0x07, 0xAF, 0x69, 0x98, 0x95, 0x46, 0x10, 0x3D, 0x79, 0x32, 0x9F, 0xCC,
+ 0x3D, 0x74, 0x88, 0x0F, 0x33, 0xBB, 0xE8, 0x03, 0xCB,
+ /* y */
+ 0x01, 0xEC, 0x23, 0x21, 0x1B, 0x59, 0x66, 0xAD, 0xEA, 0x1D, 0x3F, 0x87,
+ 0xF7, 0xEA, 0x58, 0x48, 0xAE, 0xF0, 0xB7, 0xCA, 0x9F,
+ /* order */
+ 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0xE6,
+ 0x0F, 0xC8, 0x82, 0x1C, 0xC7, 0x4D, 0xAE, 0xAF, 0xC1
+ }
};
-static const EC_CURVE_DATA _EC_NIST_CHAR2_233B = {
- NID_X9_62_characteristic_two_field,
- "020000000000000000000000000000000000000004000000000000000001",
- "000000000000000000000000000000000000000000000000000000000001",
- "0066647EDE6C332C7F8C0923BB58213B333B20E9CE4281FE115F7D8F90AD",
- "00FAC9DFCBAC8313BB2139F1BB755FEF65BC391F8B36F8F8EB7371FD558B",
- "01006A08A41903350678E58528BEBF8A0BEFF867A7CA36716F7E01F81052",
- "01000000000000000000000000000013E974E72F8A6922031D2603CFE0D7", 2,
- _EC_NIST_CHAR2_233B_SEED, 20,
- "NIST/SECG/WTLS curve over a 233 bit binary field"
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[20 + 21 * 6];
+} _EC_X9_62_CHAR2_163V2 = {
+ {
+ NID_X9_62_characteristic_two_field, 20, 21, 2
+ },
+ {
+ /* seed */
+ 0x53, 0x81, 0x4C, 0x05, 0x0D, 0x44, 0xD6, 0x96, 0xE6, 0x76, 0x87, 0x56,
+ 0x15, 0x17, 0x58, 0x0C, 0xA4, 0xE2, 0x9F, 0xFD,
+ /* p */
+ 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x07,
+ /* a */
+ 0x01, 0x08, 0xB3, 0x9E, 0x77, 0xC4, 0xB1, 0x08, 0xBE, 0xD9, 0x81, 0xED,
+ 0x0E, 0x89, 0x0E, 0x11, 0x7C, 0x51, 0x1C, 0xF0, 0x72,
+ /* b */
+ 0x06, 0x67, 0xAC, 0xEB, 0x38, 0xAF, 0x4E, 0x48, 0x8C, 0x40, 0x74, 0x33,
+ 0xFF, 0xAE, 0x4F, 0x1C, 0x81, 0x16, 0x38, 0xDF, 0x20,
+ /* x */
+ 0x00, 0x24, 0x26, 0x6E, 0x4E, 0xB5, 0x10, 0x6D, 0x0A, 0x96, 0x4D, 0x92,
+ 0xC4, 0x86, 0x0E, 0x26, 0x71, 0xDB, 0x9B, 0x6C, 0xC5,
+ /* y */
+ 0x07, 0x9F, 0x68, 0x4D, 0xDF, 0x66, 0x84, 0xC5, 0xCD, 0x25, 0x8B, 0x38,
+ 0x90, 0x02, 0x1B, 0x23, 0x86, 0xDF, 0xD1, 0x9F, 0xC5,
+ /* order */
+ 0x03, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFD, 0xF6,
+ 0x4D, 0xE1, 0x15, 0x1A, 0xDB, 0xB7, 0x8F, 0x10, 0xA7
+ }
};
-static const EC_CURVE_DATA _EC_SECG_CHAR2_239K1 = {
- NID_X9_62_characteristic_two_field,
- "800000000000000000004000000000000000000000000000000000000001",
- "0",
- "1",
- "29A0B6A887A983E9730988A68727A8B2D126C44CC2CC7B2A6555193035DC",
- "76310804F12E549BDB011C103089E73510ACB275FC312A5DC6B76553F0CA",
- "2000000000000000000000000000005A79FEC67CB6E91F1C1DA800E478A5", 4,
- NULL, 0,
- "SECG curve over a 239 bit binary field"
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[20 + 21 * 6];
+} _EC_X9_62_CHAR2_163V3 = {
+ {
+ NID_X9_62_characteristic_two_field, 20, 21, 2
+ },
+ {
+ /* seed */
+ 0x50, 0xCB, 0xF1, 0xD9, 0x5C, 0xA9, 0x4D, 0x69, 0x6E, 0x67, 0x68, 0x75,
+ 0x61, 0x51, 0x75, 0xF1, 0x6A, 0x36, 0xA3, 0xB8,
+ /* p */
+ 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x07,
+ /* a */
+ 0x07, 0xA5, 0x26, 0xC6, 0x3D, 0x3E, 0x25, 0xA2, 0x56, 0xA0, 0x07, 0x69,
+ 0x9F, 0x54, 0x47, 0xE3, 0x2A, 0xE4, 0x56, 0xB5, 0x0E,
+ /* b */
+ 0x03, 0xF7, 0x06, 0x17, 0x98, 0xEB, 0x99, 0xE2, 0x38, 0xFD, 0x6F, 0x1B,
+ 0xF9, 0x5B, 0x48, 0xFE, 0xEB, 0x48, 0x54, 0x25, 0x2B,
+ /* x */
+ 0x02, 0xF9, 0xF8, 0x7B, 0x7C, 0x57, 0x4D, 0x0B, 0xDE, 0xCF, 0x8A, 0x22,
+ 0xE6, 0x52, 0x47, 0x75, 0xF9, 0x8C, 0xDE, 0xBD, 0xCB,
+ /* y */
+ 0x05, 0xB9, 0x35, 0x59, 0x0C, 0x15, 0x5E, 0x17, 0xEA, 0x48, 0xEB, 0x3F,
+ 0xF3, 0x71, 0x8B, 0x89, 0x3D, 0xF5, 0x9A, 0x05, 0xD0,
+ /* order */
+ 0x03, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0x1A,
+ 0xEE, 0x14, 0x0F, 0x11, 0x0A, 0xFF, 0x96, 0x13, 0x09
+ }
};
-static const EC_CURVE_DATA _EC_NIST_CHAR2_283K = {
- NID_X9_62_characteristic_two_field,
- "080000000000000000000000000000000000000000000000000000000000000000001"
- "0A1",
- "0",
- "1",
- "0503213F78CA44883F1A3B8162F188E553CD265F23C1567A16876913B0C2AC2458492"
- "836",
- "01CCDA380F1C9E318D90F95D07E5426FE87E45C0E8184698E45962364E34116177DD2"
- "259",
- "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE9AE2ED07577265DFF7F94451E061E163"
- "C61", 4,
- NULL, 20,
- "NIST/SECG curve over a 283 bit binary field"
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[0 + 23 * 6];
+} _EC_X9_62_CHAR2_176V1 = {
+ {
+ NID_X9_62_characteristic_two_field, 0, 23, 0xFF6E
+ },
+ {
+ /* no seed */
+ /* p */
+ 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x08, 0x00, 0x00, 0x00, 0x00, 0x07,
+ /* a */
+ 0x00, 0xE4, 0xE6, 0xDB, 0x29, 0x95, 0x06, 0x5C, 0x40, 0x7D, 0x9D, 0x39,
+ 0xB8, 0xD0, 0x96, 0x7B, 0x96, 0x70, 0x4B, 0xA8, 0xE9, 0xC9, 0x0B,
+ /* b */
+ 0x00, 0x5D, 0xDA, 0x47, 0x0A, 0xBE, 0x64, 0x14, 0xDE, 0x8E, 0xC1, 0x33,
+ 0xAE, 0x28, 0xE9, 0xBB, 0xD7, 0xFC, 0xEC, 0x0A, 0xE0, 0xFF, 0xF2,
+ /* x */
+ 0x00, 0x8D, 0x16, 0xC2, 0x86, 0x67, 0x98, 0xB6, 0x00, 0xF9, 0xF0, 0x8B,
+ 0xB4, 0xA8, 0xE8, 0x60, 0xF3, 0x29, 0x8C, 0xE0, 0x4A, 0x57, 0x98,
+ /* y */
+ 0x00, 0x6F, 0xA4, 0x53, 0x9C, 0x2D, 0xAD, 0xDD, 0xD6, 0xBA, 0xB5, 0x16,
+ 0x7D, 0x61, 0xB4, 0x36, 0xE1, 0xD9, 0x2B, 0xB1, 0x6A, 0x56, 0x2C,
+ /* order */
+ 0x00, 0x00, 0x01, 0x00, 0x92, 0x53, 0x73, 0x97, 0xEC, 0xA4, 0xF6, 0x14,
+ 0x57, 0x99, 0xD6, 0x2B, 0x0A, 0x19, 0xCE, 0x06, 0xFE, 0x26, 0xAD
+ }
};
-static const unsigned char _EC_NIST_CHAR2_283B_SEED[] = {
- 0x77, 0xE2, 0xB0, 0x73, 0x70, 0xEB, 0x0F, 0x83, 0x2A, 0x6D,
- 0xD5, 0xB6, 0x2D, 0xFC, 0x88, 0xCD, 0x06, 0xBB, 0x84, 0xBE
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[20 + 24 * 6];
+} _EC_X9_62_CHAR2_191V1 = {
+ {
+ NID_X9_62_characteristic_two_field, 20, 24, 2
+ },
+ {
+ /* seed */
+ 0x4E, 0x13, 0xCA, 0x54, 0x27, 0x44, 0xD6, 0x96, 0xE6, 0x76, 0x87, 0x56,
+ 0x15, 0x17, 0x55, 0x2F, 0x27, 0x9A, 0x8C, 0x84,
+ /* p */
+ 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x01,
+ /* a */
+ 0x28, 0x66, 0x53, 0x7B, 0x67, 0x67, 0x52, 0x63, 0x6A, 0x68, 0xF5, 0x65,
+ 0x54, 0xE1, 0x26, 0x40, 0x27, 0x6B, 0x64, 0x9E, 0xF7, 0x52, 0x62, 0x67,
+ /* b */
+ 0x2E, 0x45, 0xEF, 0x57, 0x1F, 0x00, 0x78, 0x6F, 0x67, 0xB0, 0x08, 0x1B,
+ 0x94, 0x95, 0xA3, 0xD9, 0x54, 0x62, 0xF5, 0xDE, 0x0A, 0xA1, 0x85, 0xEC,
+ /* x */
+ 0x36, 0xB3, 0xDA, 0xF8, 0xA2, 0x32, 0x06, 0xF9, 0xC4, 0xF2, 0x99, 0xD7,
+ 0xB2, 0x1A, 0x9C, 0x36, 0x91, 0x37, 0xF2, 0xC8, 0x4A, 0xE1, 0xAA, 0x0D,
+ /* y */
+ 0x76, 0x5B, 0xE7, 0x34, 0x33, 0xB3, 0xF9, 0x5E, 0x33, 0x29, 0x32, 0xE7,
+ 0x0E, 0xA2, 0x45, 0xCA, 0x24, 0x18, 0xEA, 0x0E, 0xF9, 0x80, 0x18, 0xFB,
+ /* order */
+ 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x04, 0xA2, 0x0E, 0x90, 0xC3, 0x90, 0x67, 0xC8, 0x93, 0xBB, 0xB9, 0xA5
+ }
};
-static const EC_CURVE_DATA _EC_NIST_CHAR2_283B = {
- NID_X9_62_characteristic_two_field,
- "080000000000000000000000000000000000000000000000000000000000000000001"
- "0A1",
- "000000000000000000000000000000000000000000000000000000000000000000000"
- "001",
- "027B680AC8B8596DA5A4AF8A19A0303FCA97FD7645309FA2A581485AF6263E313B79A"
- "2F5",
- "05F939258DB7DD90E1934F8C70B0DFEC2EED25B8557EAC9C80E2E198F8CDBECD86B12"
- "053",
- "03676854FE24141CB98FE6D4B20D02B4516FF702350EDDB0826779C813F0DF45BE811"
- "2F4",
- "03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEF90399660FC938A90165B042A7CEFADB"
- "307", 2,
- _EC_NIST_CHAR2_283B_SEED, 20,
- "NIST/SECG curve over a 283 bit binary field"
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[20 + 24 * 6];
+} _EC_X9_62_CHAR2_191V2 = {
+ {
+ NID_X9_62_characteristic_two_field, 20, 24, 4
+ },
+ {
+ /* seed */
+ 0x08, 0x71, 0xEF, 0x2F, 0xEF, 0x24, 0xD6, 0x96, 0xE6, 0x76, 0x87, 0x56,
+ 0x15, 0x17, 0x58, 0xBE, 0xE0, 0xD9, 0x5C, 0x15,
+ /* p */
+ 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x01,
+ /* a */
+ 0x40, 0x10, 0x28, 0x77, 0x4D, 0x77, 0x77, 0xC7, 0xB7, 0x66, 0x6D, 0x13,
+ 0x66, 0xEA, 0x43, 0x20, 0x71, 0x27, 0x4F, 0x89, 0xFF, 0x01, 0xE7, 0x18,
+ /* b */
+ 0x06, 0x20, 0x04, 0x8D, 0x28, 0xBC, 0xBD, 0x03, 0xB6, 0x24, 0x9C, 0x99,
+ 0x18, 0x2B, 0x7C, 0x8C, 0xD1, 0x97, 0x00, 0xC3, 0x62, 0xC4, 0x6A, 0x01,
+ /* x */
+ 0x38, 0x09, 0xB2, 0xB7, 0xCC, 0x1B, 0x28, 0xCC, 0x5A, 0x87, 0x92, 0x6A,
+ 0xAD, 0x83, 0xFD, 0x28, 0x78, 0x9E, 0x81, 0xE2, 0xC9, 0xE3, 0xBF, 0x10,
+ /* y */
+ 0x17, 0x43, 0x43, 0x86, 0x62, 0x6D, 0x14, 0xF3, 0xDB, 0xF0, 0x17, 0x60,
+ 0xD9, 0x21, 0x3A, 0x3E, 0x1C, 0xF3, 0x7A, 0xEC, 0x43, 0x7D, 0x66, 0x8A,
+ /* order */
+ 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x50, 0x50, 0x8C, 0xB8, 0x9F, 0x65, 0x28, 0x24, 0xE0, 0x6B, 0x81, 0x73
+ }
};
-static const EC_CURVE_DATA _EC_NIST_CHAR2_409K = {
- NID_X9_62_characteristic_two_field,
- "020000000000000000000000000000000000000000000000000000000000000000000"
- "00000000000008000000000000000000001",
- "0",
- "1",
- "0060F05F658F49C1AD3AB1890F7184210EFD0987E307C84C27ACCFB8F9F67CC2C4601"
- "89EB5AAAA62EE222EB1B35540CFE9023746",
- "01E369050B7C4E42ACBA1DACBF04299C3460782F918EA427E6325165E9EA10E3DA5F6"
- "C42E9C55215AA9CA27A5863EC48D8E0286B",
- "007FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE5F83B2D4EA20400"
- "EC4557D5ED3E3E7CA5B4B5C83B8E01E5FCF", 4,
- NULL, 0,
- "NIST/SECG curve over a 409 bit binary field"
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[20 + 24 * 6];
+} _EC_X9_62_CHAR2_191V3 = {
+ {
+ NID_X9_62_characteristic_two_field, 20, 24, 6
+ },
+ {
+ /* seed */
+ 0xE0, 0x53, 0x51, 0x2D, 0xC6, 0x84, 0xD6, 0x96, 0xE6, 0x76, 0x87, 0x56,
+ 0x15, 0x17, 0x50, 0x67, 0xAE, 0x78, 0x6D, 0x1F,
+ /* p */
+ 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x01,
+ /* a */
+ 0x6C, 0x01, 0x07, 0x47, 0x56, 0x09, 0x91, 0x22, 0x22, 0x10, 0x56, 0x91,
+ 0x1C, 0x77, 0xD7, 0x7E, 0x77, 0xA7, 0x77, 0xE7, 0xE7, 0xE7, 0x7F, 0xCB,
+ /* b */
+ 0x71, 0xFE, 0x1A, 0xF9, 0x26, 0xCF, 0x84, 0x79, 0x89, 0xEF, 0xEF, 0x8D,
+ 0xB4, 0x59, 0xF6, 0x63, 0x94, 0xD9, 0x0F, 0x32, 0xAD, 0x3F, 0x15, 0xE8,
+ /* x */
+ 0x37, 0x5D, 0x4C, 0xE2, 0x4F, 0xDE, 0x43, 0x44, 0x89, 0xDE, 0x87, 0x46,
+ 0xE7, 0x17, 0x86, 0x01, 0x50, 0x09, 0xE6, 0x6E, 0x38, 0xA9, 0x26, 0xDD,
+ /* y */
+ 0x54, 0x5A, 0x39, 0x17, 0x61, 0x96, 0x57, 0x5D, 0x98, 0x59, 0x99, 0x36,
+ 0x6E, 0x6A, 0xD3, 0x4C, 0xE0, 0xA7, 0x7C, 0xD7, 0x12, 0x7B, 0x06, 0xBE,
+ /* order */
+ 0x15, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55,
+ 0x61, 0x0C, 0x0B, 0x19, 0x68, 0x12, 0xBF, 0xB6, 0x28, 0x8A, 0x3E, 0xA3
+ }
};
-static const unsigned char _EC_NIST_CHAR2_409B_SEED[] = {
- 0x40, 0x99, 0xB5, 0xA4, 0x57, 0xF9, 0xD6, 0x9F, 0x79, 0x21,
- 0x3D, 0x09, 0x4C, 0x4B, 0xCD, 0x4D, 0x42, 0x62, 0x21, 0x0B
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[0 + 27 * 6];
+} _EC_X9_62_CHAR2_208W1 = {
+ {
+ NID_X9_62_characteristic_two_field, 0, 27, 0xFE48
+ },
+ {
+ /* no seed */
+ /* p */
+ 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x07,
+ /* a */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00,
+ /* b */
+ 0x00, 0xC8, 0x61, 0x9E, 0xD4, 0x5A, 0x62, 0xE6, 0x21, 0x2E, 0x11, 0x60,
+ 0x34, 0x9E, 0x2B, 0xFA, 0x84, 0x44, 0x39, 0xFA, 0xFC, 0x2A, 0x3F, 0xD1,
+ 0x63, 0x8F, 0x9E,
+ /* x */
+ 0x00, 0x89, 0xFD, 0xFB, 0xE4, 0xAB, 0xE1, 0x93, 0xDF, 0x95, 0x59, 0xEC,
+ 0xF0, 0x7A, 0xC0, 0xCE, 0x78, 0x55, 0x4E, 0x27, 0x84, 0xEB, 0x8C, 0x1E,
+ 0xD1, 0xA5, 0x7A,
+ /* y */
+ 0x00, 0x0F, 0x55, 0xB5, 0x1A, 0x06, 0xE7, 0x8E, 0x9A, 0xC3, 0x8A, 0x03,
+ 0x5F, 0xF5, 0x20, 0xD8, 0xB0, 0x17, 0x81, 0xBE, 0xB1, 0xA6, 0xBB, 0x08,
+ 0x61, 0x7D, 0xE3,
+ /* order */
+ 0x00, 0x00, 0x01, 0x01, 0xBA, 0xF9, 0x5C, 0x97, 0x23, 0xC5, 0x7B, 0x6C,
+ 0x21, 0xDA, 0x2E, 0xFF, 0x2D, 0x5E, 0xD5, 0x88, 0xBD, 0xD5, 0x71, 0x7E,
+ 0x21, 0x2F, 0x9D
+ }
};
-static const EC_CURVE_DATA _EC_NIST_CHAR2_409B = {
- NID_X9_62_characteristic_two_field,
- "020000000000000000000000000000000000000000000000000000000000000000000"
- "00000000000008000000000000000000001",
- "000000000000000000000000000000000000000000000000000000000000000000000"
- "00000000000000000000000000000000001",
- "0021A5C2C8EE9FEB5C4B9A753B7B476B7FD6422EF1F3DD674761FA99D6AC27C8A9A19"
- "7B272822F6CD57A55AA4F50AE317B13545F",
- "015D4860D088DDB3496B0C6064756260441CDE4AF1771D4DB01FFE5B34E59703DC255"
- "A868A1180515603AEAB60794E54BB7996A7",
- "0061B1CFAB6BE5F32BBFA78324ED106A7636B9C5A7BD198D0158AA4F5488D08F38514"
- "F1FDF4B4F40D2181B3681C364BA0273C706",
- "010000000000000000000000000000000000000000000000000001E2AAD6A612F3330"
- "7BE5FA47C3C9E052F838164CD37D9A21173", 2,
- _EC_NIST_CHAR2_409B_SEED, 20,
- "NIST/SECG curve over a 409 bit binary field"
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[20 + 30 * 6];
+} _EC_X9_62_CHAR2_239V1 = {
+ {
+ NID_X9_62_characteristic_two_field, 20, 30, 4
+ },
+ {
+ /* seed */
+ 0xD3, 0x4B, 0x9A, 0x4D, 0x69, 0x6E, 0x67, 0x68, 0x75, 0x61, 0x51, 0x75,
+ 0xCA, 0x71, 0xB9, 0x20, 0xBF, 0xEF, 0xB0, 0x5D,
+ /* p */
+ 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x10, 0x00, 0x00, 0x00, 0x01,
+ /* a */
+ 0x32, 0x01, 0x08, 0x57, 0x07, 0x7C, 0x54, 0x31, 0x12, 0x3A, 0x46, 0xB8,
+ 0x08, 0x90, 0x67, 0x56, 0xF5, 0x43, 0x42, 0x3E, 0x8D, 0x27, 0x87, 0x75,
+ 0x78, 0x12, 0x57, 0x78, 0xAC, 0x76,
+ /* b */
+ 0x79, 0x04, 0x08, 0xF2, 0xEE, 0xDA, 0xF3, 0x92, 0xB0, 0x12, 0xED, 0xEF,
+ 0xB3, 0x39, 0x2F, 0x30, 0xF4, 0x32, 0x7C, 0x0C, 0xA3, 0xF3, 0x1F, 0xC3,
+ 0x83, 0xC4, 0x22, 0xAA, 0x8C, 0x16,
+ /* x */
+ 0x57, 0x92, 0x70, 0x98, 0xFA, 0x93, 0x2E, 0x7C, 0x0A, 0x96, 0xD3, 0xFD,
+ 0x5B, 0x70, 0x6E, 0xF7, 0xE5, 0xF5, 0xC1, 0x56, 0xE1, 0x6B, 0x7E, 0x7C,
+ 0x86, 0x03, 0x85, 0x52, 0xE9, 0x1D,
+ /* y */
+ 0x61, 0xD8, 0xEE, 0x50, 0x77, 0xC3, 0x3F, 0xEC, 0xF6, 0xF1, 0xA1, 0x6B,
+ 0x26, 0x8D, 0xE4, 0x69, 0xC3, 0xC7, 0x74, 0x4E, 0xA9, 0xA9, 0x71, 0x64,
+ 0x9F, 0xC7, 0xA9, 0x61, 0x63, 0x05,
+ /* order */
+ 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x0F, 0x4D, 0x42, 0xFF, 0xE1, 0x49, 0x2A, 0x49, 0x93,
+ 0xF1, 0xCA, 0xD6, 0x66, 0xE4, 0x47
+ }
};
-static const EC_CURVE_DATA _EC_NIST_CHAR2_571K = {
- NID_X9_62_characteristic_two_field,
- "800000000000000000000000000000000000000000000000000000000000000000000"
- "000000000000000000000000000000000000000000000000000000000000000000000"
- "00425",
- "0",
- "1",
- "026EB7A859923FBC82189631F8103FE4AC9CA2970012D5D46024804801841CA443709"
- "58493B205E647DA304DB4CEB08CBBD1BA39494776FB988B47174DCA88C7E2945283A0"
- "1C8972",
- "0349DC807F4FBF374F4AEADE3BCA95314DD58CEC9F307A54FFC61EFC006D8A2C9D497"
- "9C0AC44AEA74FBEBBB9F772AEDCB620B01A7BA7AF1B320430C8591984F601CD4C143E"
- "F1C7A3",
- "020000000000000000000000000000000000000000000000000000000000000000000"
- "000131850E1F19A63E4B391A8DB917F4138B630D84BE5D639381E91DEB45CFE778F63"
- "7C1001", 4,
- NULL, 0,
- "NIST/SECG curve over a 571 bit binary field"
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[20 + 30 * 6];
+} _EC_X9_62_CHAR2_239V2 = {
+ {
+ NID_X9_62_characteristic_two_field, 20, 30, 6
+ },
+ {
+ /* seed */
+ 0x2A, 0xA6, 0x98, 0x2F, 0xDF, 0xA4, 0xD6, 0x96, 0xE6, 0x76, 0x87, 0x56,
+ 0x15, 0x17, 0x5D, 0x26, 0x67, 0x27, 0x27, 0x7D,
+ /* p */
+ 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x10, 0x00, 0x00, 0x00, 0x01,
+ /* a */
+ 0x42, 0x30, 0x01, 0x77, 0x57, 0xA7, 0x67, 0xFA, 0xE4, 0x23, 0x98, 0x56,
+ 0x9B, 0x74, 0x63, 0x25, 0xD4, 0x53, 0x13, 0xAF, 0x07, 0x66, 0x26, 0x64,
+ 0x79, 0xB7, 0x56, 0x54, 0xE6, 0x5F,
+ /* b */
+ 0x50, 0x37, 0xEA, 0x65, 0x41, 0x96, 0xCF, 0xF0, 0xCD, 0x82, 0xB2, 0xC1,
+ 0x4A, 0x2F, 0xCF, 0x2E, 0x3F, 0xF8, 0x77, 0x52, 0x85, 0xB5, 0x45, 0x72,
+ 0x2F, 0x03, 0xEA, 0xCD, 0xB7, 0x4B,
+ /* x */
+ 0x28, 0xF9, 0xD0, 0x4E, 0x90, 0x00, 0x69, 0xC8, 0xDC, 0x47, 0xA0, 0x85,
+ 0x34, 0xFE, 0x76, 0xD2, 0xB9, 0x00, 0xB7, 0xD7, 0xEF, 0x31, 0xF5, 0x70,
+ 0x9F, 0x20, 0x0C, 0x4C, 0xA2, 0x05,
+ /* y */
+ 0x56, 0x67, 0x33, 0x4C, 0x45, 0xAF, 0xF3, 0xB5, 0xA0, 0x3B, 0xAD, 0x9D,
+ 0xD7, 0x5E, 0x2C, 0x71, 0xA9, 0x93, 0x62, 0x56, 0x7D, 0x54, 0x53, 0xF7,
+ 0xFA, 0x6E, 0x22, 0x7E, 0xC8, 0x33,
+ /* order */
+ 0x15, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55,
+ 0x55, 0x55, 0x55, 0x3C, 0x6F, 0x28, 0x85, 0x25, 0x9C, 0x31, 0xE3, 0xFC,
+ 0xDF, 0x15, 0x46, 0x24, 0x52, 0x2D
+ }
};
-static const unsigned char _EC_NIST_CHAR2_571B_SEED[] = {
- 0x2A, 0xA0, 0x58, 0xF7, 0x3A, 0x0E, 0x33, 0xAB, 0x48, 0x6B,
- 0x0F, 0x61, 0x04, 0x10, 0xC5, 0x3A, 0x7F, 0x13, 0x23, 0x10
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[20 + 30 * 6];
+} _EC_X9_62_CHAR2_239V3 = {
+ {
+ NID_X9_62_characteristic_two_field, 20, 30, 0xA
+ },
+ {
+ /* seed */
+ 0x9E, 0x07, 0x6F, 0x4D, 0x69, 0x6E, 0x67, 0x68, 0x75, 0x61, 0x51, 0x75,
+ 0xE1, 0x1E, 0x9F, 0xDD, 0x77, 0xF9, 0x20, 0x41,
+ /* p */
+ 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x10, 0x00, 0x00, 0x00, 0x01,
+ /* a */
+ 0x01, 0x23, 0x87, 0x74, 0x66, 0x6A, 0x67, 0x76, 0x6D, 0x66, 0x76, 0xF7,
+ 0x78, 0xE6, 0x76, 0xB6, 0x69, 0x99, 0x17, 0x66, 0x66, 0xE6, 0x87, 0x66,
+ 0x6D, 0x87, 0x66, 0xC6, 0x6A, 0x9F,
+ /* b */
+ 0x6A, 0x94, 0x19, 0x77, 0xBA, 0x9F, 0x6A, 0x43, 0x51, 0x99, 0xAC, 0xFC,
+ 0x51, 0x06, 0x7E, 0xD5, 0x87, 0xF5, 0x19, 0xC5, 0xEC, 0xB5, 0x41, 0xB8,
+ 0xE4, 0x41, 0x11, 0xDE, 0x1D, 0x40,
+ /* x */
+ 0x70, 0xF6, 0xE9, 0xD0, 0x4D, 0x28, 0x9C, 0x4E, 0x89, 0x91, 0x3C, 0xE3,
+ 0x53, 0x0B, 0xFD, 0xE9, 0x03, 0x97, 0x7D, 0x42, 0xB1, 0x46, 0xD5, 0x39,
+ 0xBF, 0x1B, 0xDE, 0x4E, 0x9C, 0x92,
+ /* y */
+ 0x2E, 0x5A, 0x0E, 0xAF, 0x6E, 0x5E, 0x13, 0x05, 0xB9, 0x00, 0x4D, 0xCE,
+ 0x5C, 0x0E, 0xD7, 0xFE, 0x59, 0xA3, 0x56, 0x08, 0xF3, 0x38, 0x37, 0xC8,
+ 0x16, 0xD8, 0x0B, 0x79, 0xF4, 0x61,
+ /* order */
+ 0x0C, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xAC, 0x49, 0x12, 0xD2, 0xD9, 0xDF, 0x90, 0x3E, 0xF9,
+ 0x88, 0x8B, 0x8A, 0x0E, 0x4C, 0xFF
+ }
};
-static const EC_CURVE_DATA _EC_NIST_CHAR2_571B = {
- NID_X9_62_characteristic_two_field,
- "800000000000000000000000000000000000000000000000000000000000000000000"
- "000000000000000000000000000000000000000000000000000000000000000000000"
- "00425",
- "000000000000000000000000000000000000000000000000000000000000000000000"
- "000000000000000000000000000000000000000000000000000000000000000000000"
- "000001",
- "02F40E7E2221F295DE297117B7F3D62F5C6A97FFCB8CEFF1CD6BA8CE4A9A18AD84FFA"
- "BBD8EFA59332BE7AD6756A66E294AFD185A78FF12AA520E4DE739BACA0C7FFEFF7F29"
- "55727A",
- "0303001D34B856296C16C0D40D3CD7750A93D1D2955FA80AA5F40FC8DB7B2ABDBDE53"
- "950F4C0D293CDD711A35B67FB1499AE60038614F1394ABFA3B4C850D927E1E7769C8E"
- "EC2D19",
- "037BF27342DA639B6DCCFFFEB73D69D78C6C27A6009CBBCA1980F8533921E8A684423"
- "E43BAB08A576291AF8F461BB2A8B3531D2F0485C19B16E2F1516E23DD3C1A4827AF1B"
- "8AC15B",
- "03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
- "FFFE661CE18FF55987308059B186823851EC7DD9CA1161DE93D5174D66E8382E9BB2F"
- "E84E47", 2,
- _EC_NIST_CHAR2_571B_SEED, 20,
- "NIST/SECG curve over a 571 bit binary field"
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[0 + 35 * 6];
+} _EC_X9_62_CHAR2_272W1 = {
+ {
+ NID_X9_62_characteristic_two_field, 0, 35, 0xFF06
+ },
+ {
+ /* no seed */
+ /* p */
+ 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0B,
+ /* a */
+ 0x00, 0x91, 0xA0, 0x91, 0xF0, 0x3B, 0x5F, 0xBA, 0x4A, 0xB2, 0xCC, 0xF4,
+ 0x9C, 0x4E, 0xDD, 0x22, 0x0F, 0xB0, 0x28, 0x71, 0x2D, 0x42, 0xBE, 0x75,
+ 0x2B, 0x2C, 0x40, 0x09, 0x4D, 0xBA, 0xCD, 0xB5, 0x86, 0xFB, 0x20,
+ /* b */
+ 0x00, 0x71, 0x67, 0xEF, 0xC9, 0x2B, 0xB2, 0xE3, 0xCE, 0x7C, 0x8A, 0xAA,
+ 0xFF, 0x34, 0xE1, 0x2A, 0x9C, 0x55, 0x70, 0x03, 0xD7, 0xC7, 0x3A, 0x6F,
+ 0xAF, 0x00, 0x3F, 0x99, 0xF6, 0xCC, 0x84, 0x82, 0xE5, 0x40, 0xF7,
+ /* x */
+ 0x00, 0x61, 0x08, 0xBA, 0xBB, 0x2C, 0xEE, 0xBC, 0xF7, 0x87, 0x05, 0x8A,
+ 0x05, 0x6C, 0xBE, 0x0C, 0xFE, 0x62, 0x2D, 0x77, 0x23, 0xA2, 0x89, 0xE0,
+ 0x8A, 0x07, 0xAE, 0x13, 0xEF, 0x0D, 0x10, 0xD1, 0x71, 0xDD, 0x8D,
+ /* y */
+ 0x00, 0x10, 0xC7, 0x69, 0x57, 0x16, 0x85, 0x1E, 0xEF, 0x6B, 0xA7, 0xF6,
+ 0x87, 0x2E, 0x61, 0x42, 0xFB, 0xD2, 0x41, 0xB8, 0x30, 0xFF, 0x5E, 0xFC,
+ 0xAC, 0xEC, 0xCA, 0xB0, 0x5E, 0x02, 0x00, 0x5D, 0xDE, 0x9D, 0x23,
+ /* order */
+ 0x00, 0x00, 0x01, 0x00, 0xFA, 0xF5, 0x13, 0x54, 0xE0, 0xE3, 0x9E, 0x48,
+ 0x92, 0xDF, 0x6E, 0x31, 0x9C, 0x72, 0xC8, 0x16, 0x16, 0x03, 0xFA, 0x45,
+ 0xAA, 0x7B, 0x99, 0x8A, 0x16, 0x7B, 0x8F, 0x1E, 0x62, 0x95, 0x21
+ }
};
-static const unsigned char _EC_X9_62_CHAR2_163V1_SEED[] = {
- 0xD2, 0xC0, 0xFB, 0x15, 0x76, 0x08, 0x60, 0xDE, 0xF1, 0xEE,
- 0xF4, 0xD6, 0x96, 0xE6, 0x76, 0x87, 0x56, 0x15, 0x17, 0x54
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[0 + 39 * 6];
+} _EC_X9_62_CHAR2_304W1 = {
+ {
+ NID_X9_62_characteristic_two_field, 0, 39, 0xFE2E
+ },
+ {
+ /* no seed */
+ /* p */
+ 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x08, 0x07,
+ /* a */
+ 0x00, 0xFD, 0x0D, 0x69, 0x31, 0x49, 0xA1, 0x18, 0xF6, 0x51, 0xE6, 0xDC,
+ 0xE6, 0x80, 0x20, 0x85, 0x37, 0x7E, 0x5F, 0x88, 0x2D, 0x1B, 0x51, 0x0B,
+ 0x44, 0x16, 0x00, 0x74, 0xC1, 0x28, 0x80, 0x78, 0x36, 0x5A, 0x03, 0x96,
+ 0xC8, 0xE6, 0x81,
+ /* b */
+ 0x00, 0xBD, 0xDB, 0x97, 0xE5, 0x55, 0xA5, 0x0A, 0x90, 0x8E, 0x43, 0xB0,
+ 0x1C, 0x79, 0x8E, 0xA5, 0xDA, 0xA6, 0x78, 0x8F, 0x1E, 0xA2, 0x79, 0x4E,
+ 0xFC, 0xF5, 0x71, 0x66, 0xB8, 0xC1, 0x40, 0x39, 0x60, 0x1E, 0x55, 0x82,
+ 0x73, 0x40, 0xBE,
+ /* x */
+ 0x00, 0x19, 0x7B, 0x07, 0x84, 0x5E, 0x9B, 0xE2, 0xD9, 0x6A, 0xDB, 0x0F,
+ 0x5F, 0x3C, 0x7F, 0x2C, 0xFF, 0xBD, 0x7A, 0x3E, 0xB8, 0xB6, 0xFE, 0xC3,
+ 0x5C, 0x7F, 0xD6, 0x7F, 0x26, 0xDD, 0xF6, 0x28, 0x5A, 0x64, 0x4F, 0x74,
+ 0x0A, 0x26, 0x14,
+ /* y */
+ 0x00, 0xE1, 0x9F, 0xBE, 0xB7, 0x6E, 0x0D, 0xA1, 0x71, 0x51, 0x7E, 0xCF,
+ 0x40, 0x1B, 0x50, 0x28, 0x9B, 0xF0, 0x14, 0x10, 0x32, 0x88, 0x52, 0x7A,
+ 0x9B, 0x41, 0x6A, 0x10, 0x5E, 0x80, 0x26, 0x0B, 0x54, 0x9F, 0xDC, 0x1B,
+ 0x92, 0xC0, 0x3B,
+ /* order */
+ 0x00, 0x00, 0x01, 0x01, 0xD5, 0x56, 0x57, 0x2A, 0xAB, 0xAC, 0x80, 0x01,
+ 0x01, 0xD5, 0x56, 0x57, 0x2A, 0xAB, 0xAC, 0x80, 0x01, 0x02, 0x2D, 0x5C,
+ 0x91, 0xDD, 0x17, 0x3F, 0x8F, 0xB5, 0x61, 0xDA, 0x68, 0x99, 0x16, 0x44,
+ 0x43, 0x05, 0x1D
+ }
};
-static const EC_CURVE_DATA _EC_X9_62_CHAR2_163V1 = {
- NID_X9_62_characteristic_two_field,
- "080000000000000000000000000000000000000107",
- "072546B5435234A422E0789675F432C89435DE5242",
- "00C9517D06D5240D3CFF38C74B20B6CD4D6F9DD4D9",
- "07AF69989546103D79329FCC3D74880F33BBE803CB",
- "01EC23211B5966ADEA1D3F87F7EA5848AEF0B7CA9F",
- "0400000000000000000001E60FC8821CC74DAEAFC1", 2,
- _EC_X9_62_CHAR2_163V1_SEED, 20,
- "X9.62 curve over a 163 bit binary field"
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[20 + 45 * 6];
+} _EC_X9_62_CHAR2_359V1 = {
+ {
+ NID_X9_62_characteristic_two_field, 20, 45, 0x4C
+ },
+ {
+ /* seed */
+ 0x2B, 0x35, 0x49, 0x20, 0xB7, 0x24, 0xD6, 0x96, 0xE6, 0x76, 0x87, 0x56,
+ 0x15, 0x17, 0x58, 0x5B, 0xA1, 0x33, 0x2D, 0xC6,
+ /* p */
+ 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
+ /* a */
+ 0x56, 0x67, 0x67, 0x6A, 0x65, 0x4B, 0x20, 0x75, 0x4F, 0x35, 0x6E, 0xA9,
+ 0x20, 0x17, 0xD9, 0x46, 0x56, 0x7C, 0x46, 0x67, 0x55, 0x56, 0xF1, 0x95,
+ 0x56, 0xA0, 0x46, 0x16, 0xB5, 0x67, 0xD2, 0x23, 0xA5, 0xE0, 0x56, 0x56,
+ 0xFB, 0x54, 0x90, 0x16, 0xA9, 0x66, 0x56, 0xA5, 0x57,
+ /* b */
+ 0x24, 0x72, 0xE2, 0xD0, 0x19, 0x7C, 0x49, 0x36, 0x3F, 0x1F, 0xE7, 0xF5,
+ 0xB6, 0xDB, 0x07, 0x5D, 0x52, 0xB6, 0x94, 0x7D, 0x13, 0x5D, 0x8C, 0xA4,
+ 0x45, 0x80, 0x5D, 0x39, 0xBC, 0x34, 0x56, 0x26, 0x08, 0x96, 0x87, 0x74,
+ 0x2B, 0x63, 0x29, 0xE7, 0x06, 0x80, 0x23, 0x19, 0x88,
+ /* x */
+ 0x3C, 0x25, 0x8E, 0xF3, 0x04, 0x77, 0x67, 0xE7, 0xED, 0xE0, 0xF1, 0xFD,
+ 0xAA, 0x79, 0xDA, 0xEE, 0x38, 0x41, 0x36, 0x6A, 0x13, 0x2E, 0x16, 0x3A,
+ 0xCE, 0xD4, 0xED, 0x24, 0x01, 0xDF, 0x9C, 0x6B, 0xDC, 0xDE, 0x98, 0xE8,
+ 0xE7, 0x07, 0xC0, 0x7A, 0x22, 0x39, 0xB1, 0xB0, 0x97,
+ /* y */
+ 0x53, 0xD7, 0xE0, 0x85, 0x29, 0x54, 0x70, 0x48, 0x12, 0x1E, 0x9C, 0x95,
+ 0xF3, 0x79, 0x1D, 0xD8, 0x04, 0x96, 0x39, 0x48, 0xF3, 0x4F, 0xAE, 0x7B,
+ 0xF4, 0x4E, 0xA8, 0x23, 0x65, 0xDC, 0x78, 0x68, 0xFE, 0x57, 0xE4, 0xAE,
+ 0x2D, 0xE2, 0x11, 0x30, 0x5A, 0x40, 0x71, 0x04, 0xBD,
+ /* order */
+ 0x01, 0xAF, 0x28, 0x6B, 0xCA, 0x1A, 0xF2, 0x86, 0xBC, 0xA1, 0xAF, 0x28,
+ 0x6B, 0xCA, 0x1A, 0xF2, 0x86, 0xBC, 0xA1, 0xAF, 0x28, 0x6B, 0xC9, 0xFB,
+ 0x8F, 0x6B, 0x85, 0xC5, 0x56, 0x89, 0x2C, 0x20, 0xA7, 0xEB, 0x96, 0x4F,
+ 0xE7, 0x71, 0x9E, 0x74, 0xF4, 0x90, 0x75, 0x8D, 0x3B
+ }
};
-static const unsigned char _EC_X9_62_CHAR2_163V2_SEED[] = {
- 0x53, 0x81, 0x4C, 0x05, 0x0D, 0x44, 0xD6, 0x96, 0xE6, 0x76,
- 0x87, 0x56, 0x15, 0x17, 0x58, 0x0C, 0xA4, 0xE2, 0x9F, 0xFD
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[0 + 47 * 6];
+} _EC_X9_62_CHAR2_368W1 = {
+ {
+ NID_X9_62_characteristic_two_field, 0, 47, 0xFF70
+ },
+ {
+ /* no seed */
+ /* p */
+ 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x07,
+ /* a */
+ 0x00, 0xE0, 0xD2, 0xEE, 0x25, 0x09, 0x52, 0x06, 0xF5, 0xE2, 0xA4, 0xF9,
+ 0xED, 0x22, 0x9F, 0x1F, 0x25, 0x6E, 0x79, 0xA0, 0xE2, 0xB4, 0x55, 0x97,
+ 0x0D, 0x8D, 0x0D, 0x86, 0x5B, 0xD9, 0x47, 0x78, 0xC5, 0x76, 0xD6, 0x2F,
+ 0x0A, 0xB7, 0x51, 0x9C, 0xCD, 0x2A, 0x1A, 0x90, 0x6A, 0xE3, 0x0D,
+ /* b */
+ 0x00, 0xFC, 0x12, 0x17, 0xD4, 0x32, 0x0A, 0x90, 0x45, 0x2C, 0x76, 0x0A,
+ 0x58, 0xED, 0xCD, 0x30, 0xC8, 0xDD, 0x06, 0x9B, 0x3C, 0x34, 0x45, 0x38,
+ 0x37, 0xA3, 0x4E, 0xD5, 0x0C, 0xB5, 0x49, 0x17, 0xE1, 0xC2, 0x11, 0x2D,
+ 0x84, 0xD1, 0x64, 0xF4, 0x44, 0xF8, 0xF7, 0x47, 0x86, 0x04, 0x6A,
+ /* x */
+ 0x00, 0x10, 0x85, 0xE2, 0x75, 0x53, 0x81, 0xDC, 0xCC, 0xE3, 0xC1, 0x55,
+ 0x7A, 0xFA, 0x10, 0xC2, 0xF0, 0xC0, 0xC2, 0x82, 0x56, 0x46, 0xC5, 0xB3,
+ 0x4A, 0x39, 0x4C, 0xBC, 0xFA, 0x8B, 0xC1, 0x6B, 0x22, 0xE7, 0xE7, 0x89,
+ 0xE9, 0x27, 0xBE, 0x21, 0x6F, 0x02, 0xE1, 0xFB, 0x13, 0x6A, 0x5F,
+ /* y */
+ 0x00, 0x7B, 0x3E, 0xB1, 0xBD, 0xDC, 0xBA, 0x62, 0xD5, 0xD8, 0xB2, 0x05,
+ 0x9B, 0x52, 0x57, 0x97, 0xFC, 0x73, 0x82, 0x2C, 0x59, 0x05, 0x9C, 0x62,
+ 0x3A, 0x45, 0xFF, 0x38, 0x43, 0xCE, 0xE8, 0xF8, 0x7C, 0xD1, 0x85, 0x5A,
+ 0xDA, 0xA8, 0x1E, 0x2A, 0x07, 0x50, 0xB8, 0x0F, 0xDA, 0x23, 0x10,
+ /* order */
+ 0x00, 0x00, 0x01, 0x00, 0x90, 0x51, 0x2D, 0xA9, 0xAF, 0x72, 0xB0, 0x83,
+ 0x49, 0xD9, 0x8A, 0x5D, 0xD4, 0xC7, 0xB0, 0x53, 0x2E, 0xCA, 0x51, 0xCE,
+ 0x03, 0xE2, 0xD1, 0x0F, 0x3B, 0x7A, 0xC5, 0x79, 0xBD, 0x87, 0xE9, 0x09,
+ 0xAE, 0x40, 0xA6, 0xF1, 0x31, 0xE9, 0xCF, 0xCE, 0x5B, 0xD9, 0x67
+ }
};
-static const EC_CURVE_DATA _EC_X9_62_CHAR2_163V2 = {
- NID_X9_62_characteristic_two_field,
- "080000000000000000000000000000000000000107",
- "0108B39E77C4B108BED981ED0E890E117C511CF072",
- "0667ACEB38AF4E488C407433FFAE4F1C811638DF20",
- "0024266E4EB5106D0A964D92C4860E2671DB9B6CC5",
- "079F684DDF6684C5CD258B3890021B2386DFD19FC5",
- "03FFFFFFFFFFFFFFFFFFFDF64DE1151ADBB78F10A7", 2,
- _EC_X9_62_CHAR2_163V2_SEED, 20,
- "X9.62 curve over a 163 bit binary field"
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[0 + 54 * 6];
+} _EC_X9_62_CHAR2_431R1 = {
+ {
+ NID_X9_62_characteristic_two_field, 0, 54, 0x2760
+ },
+ {
+ /* no seed */
+ /* p */
+ 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
+ /* a */
+ 0x1A, 0x82, 0x7E, 0xF0, 0x0D, 0xD6, 0xFC, 0x0E, 0x23, 0x4C, 0xAF, 0x04,
+ 0x6C, 0x6A, 0x5D, 0x8A, 0x85, 0x39, 0x5B, 0x23, 0x6C, 0xC4, 0xAD, 0x2C,
+ 0xF3, 0x2A, 0x0C, 0xAD, 0xBD, 0xC9, 0xDD, 0xF6, 0x20, 0xB0, 0xEB, 0x99,
+ 0x06, 0xD0, 0x95, 0x7F, 0x6C, 0x6F, 0xEA, 0xCD, 0x61, 0x54, 0x68, 0xDF,
+ 0x10, 0x4D, 0xE2, 0x96, 0xCD, 0x8F,
+ /* b */
+ 0x10, 0xD9, 0xB4, 0xA3, 0xD9, 0x04, 0x7D, 0x8B, 0x15, 0x43, 0x59, 0xAB,
+ 0xFB, 0x1B, 0x7F, 0x54, 0x85, 0xB0, 0x4C, 0xEB, 0x86, 0x82, 0x37, 0xDD,
+ 0xC9, 0xDE, 0xDA, 0x98, 0x2A, 0x67, 0x9A, 0x5A, 0x91, 0x9B, 0x62, 0x6D,
+ 0x4E, 0x50, 0xA8, 0xDD, 0x73, 0x1B, 0x10, 0x7A, 0x99, 0x62, 0x38, 0x1F,
+ 0xB5, 0xD8, 0x07, 0xBF, 0x26, 0x18,
+ /* x */
+ 0x12, 0x0F, 0xC0, 0x5D, 0x3C, 0x67, 0xA9, 0x9D, 0xE1, 0x61, 0xD2, 0xF4,
+ 0x09, 0x26, 0x22, 0xFE, 0xCA, 0x70, 0x1B, 0xE4, 0xF5, 0x0F, 0x47, 0x58,
+ 0x71, 0x4E, 0x8A, 0x87, 0xBB, 0xF2, 0xA6, 0x58, 0xEF, 0x8C, 0x21, 0xE7,
+ 0xC5, 0xEF, 0xE9, 0x65, 0x36, 0x1F, 0x6C, 0x29, 0x99, 0xC0, 0xC2, 0x47,
+ 0xB0, 0xDB, 0xD7, 0x0C, 0xE6, 0xB7,
+ /* y */
+ 0x20, 0xD0, 0xAF, 0x89, 0x03, 0xA9, 0x6F, 0x8D, 0x5F, 0xA2, 0xC2, 0x55,
+ 0x74, 0x5D, 0x3C, 0x45, 0x1B, 0x30, 0x2C, 0x93, 0x46, 0xD9, 0xB7, 0xE4,
+ 0x85, 0xE7, 0xBC, 0xE4, 0x1F, 0x6B, 0x59, 0x1F, 0x3E, 0x8F, 0x6A, 0xDD,
+ 0xCB, 0xB0, 0xBC, 0x4C, 0x2F, 0x94, 0x7A, 0x7D, 0xE1, 0xA8, 0x9B, 0x62,
+ 0x5D, 0x6A, 0x59, 0x8B, 0x37, 0x60,
+ /* order */
+ 0x00, 0x03, 0x40, 0x34, 0x03, 0x40, 0x34, 0x03, 0x40, 0x34, 0x03, 0x40,
+ 0x34, 0x03, 0x40, 0x34, 0x03, 0x40, 0x34, 0x03, 0x40, 0x34, 0x03, 0x40,
+ 0x34, 0x03, 0x40, 0x34, 0x03, 0x23, 0xC3, 0x13, 0xFA, 0xB5, 0x05, 0x89,
+ 0x70, 0x3B, 0x5E, 0xC6, 0x8D, 0x35, 0x87, 0xFE, 0xC6, 0x0D, 0x16, 0x1C,
+ 0xC1, 0x49, 0xC1, 0xAD, 0x4A, 0x91
+ }
};
-static const unsigned char _EC_X9_62_CHAR2_163V3_SEED[] = {
- 0x50, 0xCB, 0xF1, 0xD9, 0x5C, 0xA9, 0x4D, 0x69, 0x6E, 0x67,
- 0x68, 0x75, 0x61, 0x51, 0x75, 0xF1, 0x6A, 0x36, 0xA3, 0xB8
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[0 + 15 * 6];
+} _EC_WTLS_1 = {
+ {
+ NID_X9_62_characteristic_two_field, 0, 15, 2
+ },
+ {
+ /* no seed */
+ /* p */
+ 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x02, 0x01,
+ /* a */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x01,
+ /* b */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x01,
+ /* x */
+ 0x01, 0x66, 0x79, 0x79, 0xA4, 0x0B, 0xA4, 0x97, 0xE5, 0xD5, 0xC2, 0x70,
+ 0x78, 0x06, 0x17,
+ /* y */
+ 0x00, 0xF4, 0x4B, 0x4A, 0xF1, 0xEC, 0xC2, 0x63, 0x0E, 0x08, 0x78, 0x5C,
+ 0xEB, 0xCC, 0x15,
+ /* order */
+ 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFD, 0xBF, 0x91, 0xAF,
+ 0x6D, 0xEA, 0x73
+ }
};
-static const EC_CURVE_DATA _EC_X9_62_CHAR2_163V3 = {
- NID_X9_62_characteristic_two_field,
- "080000000000000000000000000000000000000107",
- "07A526C63D3E25A256A007699F5447E32AE456B50E",
- "03F7061798EB99E238FD6F1BF95B48FEEB4854252B",
- "02F9F87B7C574D0BDECF8A22E6524775F98CDEBDCB",
- "05B935590C155E17EA48EB3FF3718B893DF59A05D0",
- "03FFFFFFFFFFFFFFFFFFFE1AEE140F110AFF961309", 2,
- _EC_X9_62_CHAR2_163V3_SEED, 20,
- "X9.62 curve over a 163 bit binary field"
-};
-
-static const EC_CURVE_DATA _EC_X9_62_CHAR2_176V1 = {
- NID_X9_62_characteristic_two_field,
- "0100000000000000000000000000000000080000000007",
- "E4E6DB2995065C407D9D39B8D0967B96704BA8E9C90B",
- "5DDA470ABE6414DE8EC133AE28E9BBD7FCEC0AE0FFF2",
- "8D16C2866798B600F9F08BB4A8E860F3298CE04A5798",
- "6FA4539C2DADDDD6BAB5167D61B436E1D92BB16A562C",
- "00010092537397ECA4F6145799D62B0A19CE06FE26AD", 0xFF6E,
- NULL, 0,
- "X9.62 curve over a 176 bit binary field"
-};
-
-static const unsigned char _EC_X9_62_CHAR2_191V1_SEED[] = {
- 0x4E, 0x13, 0xCA, 0x54, 0x27, 0x44, 0xD6, 0x96, 0xE6, 0x76,
- 0x87, 0x56, 0x15, 0x17, 0x55, 0x2F, 0x27, 0x9A, 0x8C, 0x84
-};
-
-static const EC_CURVE_DATA _EC_X9_62_CHAR2_191V1 = {
- NID_X9_62_characteristic_two_field,
- "800000000000000000000000000000000000000000000201",
- "2866537B676752636A68F56554E12640276B649EF7526267",
- "2E45EF571F00786F67B0081B9495A3D95462F5DE0AA185EC",
- "36B3DAF8A23206F9C4F299D7B21A9C369137F2C84AE1AA0D",
- "765BE73433B3F95E332932E70EA245CA2418EA0EF98018FB",
- "40000000000000000000000004A20E90C39067C893BBB9A5", 2,
- _EC_X9_62_CHAR2_191V1_SEED, 20,
- "X9.62 curve over a 191 bit binary field"
-};
-
-static const unsigned char _EC_X9_62_CHAR2_191V2_SEED[] = {
- 0x08, 0x71, 0xEF, 0x2F, 0xEF, 0x24, 0xD6, 0x96, 0xE6, 0x76,
- 0x87, 0x56, 0x15, 0x17, 0x58, 0xBE, 0xE0, 0xD9, 0x5C, 0x15
-};
-
-static const EC_CURVE_DATA _EC_X9_62_CHAR2_191V2 = {
- NID_X9_62_characteristic_two_field,
- "800000000000000000000000000000000000000000000201",
- "401028774D7777C7B7666D1366EA432071274F89FF01E718",
- "0620048D28BCBD03B6249C99182B7C8CD19700C362C46A01",
- "3809B2B7CC1B28CC5A87926AAD83FD28789E81E2C9E3BF10",
- "17434386626D14F3DBF01760D9213A3E1CF37AEC437D668A",
- "20000000000000000000000050508CB89F652824E06B8173", 4,
- _EC_X9_62_CHAR2_191V2_SEED, 20,
- "X9.62 curve over a 191 bit binary field"
-};
-
-static const unsigned char _EC_X9_62_CHAR2_191V3_SEED[] = {
- 0xE0, 0x53, 0x51, 0x2D, 0xC6, 0x84, 0xD6, 0x96, 0xE6, 0x76,
- 0x87, 0x56, 0x15, 0x17, 0x50, 0x67, 0xAE, 0x78, 0x6D, 0x1F
-};
-
-static const EC_CURVE_DATA _EC_X9_62_CHAR2_191V3 = {
- NID_X9_62_characteristic_two_field,
- "800000000000000000000000000000000000000000000201",
- "6C01074756099122221056911C77D77E77A777E7E7E77FCB",
- "71FE1AF926CF847989EFEF8DB459F66394D90F32AD3F15E8",
- "375D4CE24FDE434489DE8746E71786015009E66E38A926DD",
- "545A39176196575D985999366E6AD34CE0A77CD7127B06BE",
- "155555555555555555555555610C0B196812BFB6288A3EA3", 6,
- _EC_X9_62_CHAR2_191V3_SEED, 20,
- "X9.62 curve over a 191 bit binary field"
-};
-
-static const EC_CURVE_DATA _EC_X9_62_CHAR2_208W1 = {
- NID_X9_62_characteristic_two_field,
- "010000000000000000000000000000000800000000000000000007",
- "0000000000000000000000000000000000000000000000000000",
- "C8619ED45A62E6212E1160349E2BFA844439FAFC2A3FD1638F9E",
- "89FDFBE4ABE193DF9559ECF07AC0CE78554E2784EB8C1ED1A57A",
- "0F55B51A06E78E9AC38A035FF520D8B01781BEB1A6BB08617DE3",
- "000101BAF95C9723C57B6C21DA2EFF2D5ED588BDD5717E212F9D", 0xFE48,
- NULL, 0,
- "X9.62 curve over a 208 bit binary field"
-};
-
-static const unsigned char _EC_X9_62_CHAR2_239V1_SEED[] = {
- 0xD3, 0x4B, 0x9A, 0x4D, 0x69, 0x6E, 0x67, 0x68, 0x75, 0x61,
- 0x51, 0x75, 0xCA, 0x71, 0xB9, 0x20, 0xBF, 0xEF, 0xB0, 0x5D
-};
-
-static const EC_CURVE_DATA _EC_X9_62_CHAR2_239V1 = {
- NID_X9_62_characteristic_two_field,
- "800000000000000000000000000000000000000000000000001000000001",
- "32010857077C5431123A46B808906756F543423E8D27877578125778AC76",
- "790408F2EEDAF392B012EDEFB3392F30F4327C0CA3F31FC383C422AA8C16",
- "57927098FA932E7C0A96D3FD5B706EF7E5F5C156E16B7E7C86038552E91D",
- "61D8EE5077C33FECF6F1A16B268DE469C3C7744EA9A971649FC7A9616305",
- "2000000000000000000000000000000F4D42FFE1492A4993F1CAD666E447", 4,
- _EC_X9_62_CHAR2_239V1_SEED, 20,
- "X9.62 curve over a 239 bit binary field"
-};
-
-static const unsigned char _EC_X9_62_CHAR2_239V2_SEED[] = {
- 0x2A, 0xA6, 0x98, 0x2F, 0xDF, 0xA4, 0xD6, 0x96, 0xE6, 0x76,
- 0x87, 0x56, 0x15, 0x17, 0x5D, 0x26, 0x67, 0x27, 0x27, 0x7D
-};
-
-static const EC_CURVE_DATA _EC_X9_62_CHAR2_239V2 = {
- NID_X9_62_characteristic_two_field,
- "800000000000000000000000000000000000000000000000001000000001",
- "4230017757A767FAE42398569B746325D45313AF0766266479B75654E65F",
- "5037EA654196CFF0CD82B2C14A2FCF2E3FF8775285B545722F03EACDB74B",
- "28F9D04E900069C8DC47A08534FE76D2B900B7D7EF31F5709F200C4CA205",
- "5667334C45AFF3B5A03BAD9DD75E2C71A99362567D5453F7FA6E227EC833",
- "1555555555555555555555555555553C6F2885259C31E3FCDF154624522D", 6,
- _EC_X9_62_CHAR2_239V2_SEED, 20,
- "X9.62 curve over a 239 bit binary field"
-};
-
-static const unsigned char _EC_X9_62_CHAR2_239V3_SEED[] = {
- 0x9E, 0x07, 0x6F, 0x4D, 0x69, 0x6E, 0x67, 0x68, 0x75, 0x61,
- 0x51, 0x75, 0xE1, 0x1E, 0x9F, 0xDD, 0x77, 0xF9, 0x20, 0x41
-};
-
-static const EC_CURVE_DATA _EC_X9_62_CHAR2_239V3 = {
- NID_X9_62_characteristic_two_field,
- "800000000000000000000000000000000000000000000000001000000001",
- "01238774666A67766D6676F778E676B66999176666E687666D8766C66A9F",
- "6A941977BA9F6A435199ACFC51067ED587F519C5ECB541B8E44111DE1D40",
- "70F6E9D04D289C4E89913CE3530BFDE903977D42B146D539BF1BDE4E9C92",
- "2E5A0EAF6E5E1305B9004DCE5C0ED7FE59A35608F33837C816D80B79F461",
- "0CCCCCCCCCCCCCCCCCCCCCCCCCCCCCAC4912D2D9DF903EF9888B8A0E4CFF", 0xA,
- _EC_X9_62_CHAR2_239V3_SEED, 20,
- "X9.62 curve over a 239 bit binary field"
-};
-
-static const EC_CURVE_DATA _EC_X9_62_CHAR2_272W1 = {
- NID_X9_62_characteristic_two_field,
- "010000000000000000000000000000000000000000000000000000010000000000000"
- "B",
- "91A091F03B5FBA4AB2CCF49C4EDD220FB028712D42BE752B2C40094DBACDB586FB20",
- "7167EFC92BB2E3CE7C8AAAFF34E12A9C557003D7C73A6FAF003F99F6CC8482E540F7",
- "6108BABB2CEEBCF787058A056CBE0CFE622D7723A289E08A07AE13EF0D10D171DD8D",
- "10C7695716851EEF6BA7F6872E6142FBD241B830FF5EFCACECCAB05E02005DDE9D23",
- "000100FAF51354E0E39E4892DF6E319C72C8161603FA45AA7B998A167B8F1E629521",
- 0xFF06,
- NULL, 0,
- "X9.62 curve over a 272 bit binary field"
-};
-
-static const EC_CURVE_DATA _EC_X9_62_CHAR2_304W1 = {
- NID_X9_62_characteristic_two_field,
- "010000000000000000000000000000000000000000000000000000000000000000000"
- "000000807",
- "FD0D693149A118F651E6DCE6802085377E5F882D1B510B44160074C1288078365A039"
- "6C8E681",
- "BDDB97E555A50A908E43B01C798EA5DAA6788F1EA2794EFCF57166B8C14039601E558"
- "27340BE",
- "197B07845E9BE2D96ADB0F5F3C7F2CFFBD7A3EB8B6FEC35C7FD67F26DDF6285A644F7"
- "40A2614",
- "E19FBEB76E0DA171517ECF401B50289BF014103288527A9B416A105E80260B549FDC1"
- "B92C03B",
- "000101D556572AABAC800101D556572AABAC8001022D5C91DD173F8FB561DA6899164"
- "443051D", 0xFE2E,
- NULL, 0,
- "X9.62 curve over a 304 bit binary field"
-};
-
-static const unsigned char _EC_X9_62_CHAR2_359V1_SEED[] = {
- 0x2B, 0x35, 0x49, 0x20, 0xB7, 0x24, 0xD6, 0x96, 0xE6, 0x76,
- 0x87, 0x56, 0x15, 0x17, 0x58, 0x5B, 0xA1, 0x33, 0x2D, 0xC6
-};
-
-static const EC_CURVE_DATA _EC_X9_62_CHAR2_359V1 = {
- NID_X9_62_characteristic_two_field,
- "800000000000000000000000000000000000000000000000000000000000000000000"
- "000100000000000000001",
- "5667676A654B20754F356EA92017D946567C46675556F19556A04616B567D223A5E05"
- "656FB549016A96656A557",
- "2472E2D0197C49363F1FE7F5B6DB075D52B6947D135D8CA445805D39BC34562608968"
- "7742B6329E70680231988",
- "3C258EF3047767E7EDE0F1FDAA79DAEE3841366A132E163ACED4ED2401DF9C6BDCDE9"
- "8E8E707C07A2239B1B097",
- "53D7E08529547048121E9C95F3791DD804963948F34FAE7BF44EA82365DC7868FE57E"
- "4AE2DE211305A407104BD",
- "01AF286BCA1AF286BCA1AF286BCA1AF286BCA1AF286BC9FB8F6B85C556892C20A7EB9"
- "64FE7719E74F490758D3B", 0x4C,
- _EC_X9_62_CHAR2_359V1_SEED, 20,
- "X9.62 curve over a 359 bit binary field"
-};
-
-static const EC_CURVE_DATA _EC_X9_62_CHAR2_368W1 = {
- NID_X9_62_characteristic_two_field,
- "010000000000000000000000000000000000000000000000000000000000000000000"
- "0002000000000000000000007",
- "E0D2EE25095206F5E2A4F9ED229F1F256E79A0E2B455970D8D0D865BD94778C576D62"
- "F0AB7519CCD2A1A906AE30D",
- "FC1217D4320A90452C760A58EDCD30C8DD069B3C34453837A34ED50CB54917E1C2112"
- "D84D164F444F8F74786046A",
- "1085E2755381DCCCE3C1557AFA10C2F0C0C2825646C5B34A394CBCFA8BC16B22E7E78"
- "9E927BE216F02E1FB136A5F",
- "7B3EB1BDDCBA62D5D8B2059B525797FC73822C59059C623A45FF3843CEE8F87CD1855"
- "ADAA81E2A0750B80FDA2310",
- "00010090512DA9AF72B08349D98A5DD4C7B0532ECA51CE03E2D10F3B7AC579BD87E90"
- "9AE40A6F131E9CFCE5BD967", 0xFF70,
- NULL, 0,
- "X9.62 curve over a 368 bit binary field"
-};
-
-static const EC_CURVE_DATA _EC_X9_62_CHAR2_431R1 = {
- NID_X9_62_characteristic_two_field,
- "800000000000000000000000000000000000000000000000000000000000000000000"
- "000000001000000000000000000000000000001",
- "1A827EF00DD6FC0E234CAF046C6A5D8A85395B236CC4AD2CF32A0CADBDC9DDF620B0E"
- "B9906D0957F6C6FEACD615468DF104DE296CD8F",
- "10D9B4A3D9047D8B154359ABFB1B7F5485B04CEB868237DDC9DEDA982A679A5A919B6"
- "26D4E50A8DD731B107A9962381FB5D807BF2618",
- "120FC05D3C67A99DE161D2F4092622FECA701BE4F50F4758714E8A87BBF2A658EF8C2"
- "1E7C5EFE965361F6C2999C0C247B0DBD70CE6B7",
- "20D0AF8903A96F8D5FA2C255745D3C451B302C9346D9B7E485E7BCE41F6B591F3E8F6"
- "ADDCBB0BC4C2F947A7DE1A89B625D6A598B3760",
- "0340340340340340340340340340340340340340340340340340340323C313FAB5058"
- "9703B5EC68D3587FEC60D161CC149C1AD4A91", 0x2760,
- NULL, 0,
- "X9.62 curve over a 431 bit binary field"
-};
-
-static const EC_CURVE_DATA _EC_WTLS_1 = {
- NID_X9_62_characteristic_two_field,
- "020000000000000000000000000201",
- "1",
- "1",
- "01667979A40BA497E5D5C270780617",
- "00F44B4AF1ECC2630E08785CEBCC15",
- "00FFFFFFFFFFFFFFFDBF91AF6DEA73", 2,
- NULL, 0,
- "WTLS curve over a 113 bit binary field"
-};
-
/* IPSec curves */
/*
* NOTE: The of curves over a extension field of non prime degree is not
@@ -1080,17 +2215,34 @@
* recommended (Weil-descent). As the group order is not a prime this curve
* is not suitable for ECDSA.
*/
-static const EC_CURVE_DATA _EC_IPSEC_155_ID3 = {
- NID_X9_62_characteristic_two_field,
- "0800000000000000000000004000000000000001",
- "0",
- "07338f",
- "7b",
- "1c8",
- "2AAAAAAAAAAAAAAAAAAC7F3C7881BD0868FA86C", 3,
- NULL, 0,
- "\n\tIPSec/IKE/Oakley curve #3 over a 155 bit binary field.\n"
- "\tNot suitable for ECDSA.\n\tQuestionable extension field!"
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[0 + 20 * 6];
+} _EC_IPSEC_155_ID3 = {
+ {
+ NID_X9_62_characteristic_two_field, 0, 20, 3
+ },
+ {
+ /* no seed */
+ /* p */
+ 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
+ /* a */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ /* b */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x07, 0x33, 0x8f,
+ /* x */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x7b,
+ /* y */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0xc8,
+ /* order */
+ 0x02, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xC7, 0xF3,
+ 0xC7, 0x88, 0x1B, 0xD0, 0x86, 0x8F, 0xA8, 0x6C
+ }
};
/*
@@ -1098,111 +2250,221 @@
* recommended (Weil-descent). As the group order is not a prime this curve
* is not suitable for ECDSA.
*/
-static const EC_CURVE_DATA _EC_IPSEC_185_ID4 = {
- NID_X9_62_characteristic_two_field,
- "020000000000000000000000000000200000000000000001",
- "0",
- "1ee9",
- "18",
- "0d",
- "FFFFFFFFFFFFFFFFFFFFFFEDF97C44DB9F2420BAFCA75E", 2,
- NULL, 0,
- "\n\tIPSec/IKE/Oakley curve #4 over a 185 bit binary field.\n"
- "\tNot suitable for ECDSA.\n\tQuestionable extension field!"
+static const struct {
+ EC_CURVE_DATA h;
+ unsigned char data[0 + 24 * 6];
+} _EC_IPSEC_185_ID4 = {
+ {
+ NID_X9_62_characteristic_two_field, 0, 24, 2
+ },
+ {
+ /* no seed */
+ /* p */
+ 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
+ /* a */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ /* b */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x1e, 0xe9,
+ /* x */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x18,
+ /* y */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0d,
+ /* order */
+ 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xED, 0xF9, 0x7C, 0x44, 0xDB, 0x9F, 0x24, 0x20, 0xBA, 0xFC, 0xA7, 0x5E
+ }
};
+#endif
+
typedef struct _ec_list_element_st {
int nid;
const EC_CURVE_DATA *data;
+ const EC_METHOD *(*meth) (void);
+ const char *comment;
} ec_list_element;
static const ec_list_element curve_list[] = {
/* prime field curves */
/* secg curves */
- {NID_secp112r1, &_EC_SECG_PRIME_112R1},
- {NID_secp112r2, &_EC_SECG_PRIME_112R2},
- {NID_secp128r1, &_EC_SECG_PRIME_128R1},
- {NID_secp128r2, &_EC_SECG_PRIME_128R2},
- {NID_secp160k1, &_EC_SECG_PRIME_160K1},
- {NID_secp160r1, &_EC_SECG_PRIME_160R1},
- {NID_secp160r2, &_EC_SECG_PRIME_160R2},
+ {NID_secp112r1, &_EC_SECG_PRIME_112R1.h, 0,
+ "SECG/WTLS curve over a 112 bit prime field"},
+ {NID_secp112r2, &_EC_SECG_PRIME_112R2.h, 0,
+ "SECG curve over a 112 bit prime field"},
+ {NID_secp128r1, &_EC_SECG_PRIME_128R1.h, 0,
+ "SECG curve over a 128 bit prime field"},
+ {NID_secp128r2, &_EC_SECG_PRIME_128R2.h, 0,
+ "SECG curve over a 128 bit prime field"},
+ {NID_secp160k1, &_EC_SECG_PRIME_160K1.h, 0,
+ "SECG curve over a 160 bit prime field"},
+ {NID_secp160r1, &_EC_SECG_PRIME_160R1.h, 0,
+ "SECG curve over a 160 bit prime field"},
+ {NID_secp160r2, &_EC_SECG_PRIME_160R2.h, 0,
+ "SECG/WTLS curve over a 160 bit prime field"},
/* SECG secp192r1 is the same as X9.62 prime192v1 and hence omitted */
- {NID_secp192k1, &_EC_SECG_PRIME_192K1},
- {NID_secp224k1, &_EC_SECG_PRIME_224K1},
- {NID_secp224r1, &_EC_NIST_PRIME_224},
- {NID_secp256k1, &_EC_SECG_PRIME_256K1},
+ {NID_secp192k1, &_EC_SECG_PRIME_192K1.h, 0,
+ "SECG curve over a 192 bit prime field"},
+ {NID_secp224k1, &_EC_SECG_PRIME_224K1.h, 0,
+ "SECG curve over a 224 bit prime field"},
+#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
+ {NID_secp224r1, &_EC_NIST_PRIME_224.h, EC_GFp_nistp224_method,
+ "NIST/SECG curve over a 224 bit prime field"},
+#else
+ {NID_secp224r1, &_EC_NIST_PRIME_224.h, 0,
+ "NIST/SECG curve over a 224 bit prime field"},
+#endif
+ {NID_secp256k1, &_EC_SECG_PRIME_256K1.h, 0,
+ "SECG curve over a 256 bit prime field"},
/* SECG secp256r1 is the same as X9.62 prime256v1 and hence omitted */
- {NID_secp384r1, &_EC_NIST_PRIME_384},
- {NID_secp521r1, &_EC_NIST_PRIME_521},
+ {NID_secp384r1, &_EC_NIST_PRIME_384.h, 0,
+ "NIST/SECG curve over a 384 bit prime field"},
+#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
+ {NID_secp521r1, &_EC_NIST_PRIME_521.h, EC_GFp_nistp521_method,
+ "NIST/SECG curve over a 521 bit prime field"},
+#else
+ {NID_secp521r1, &_EC_NIST_PRIME_521.h, 0,
+ "NIST/SECG curve over a 521 bit prime field"},
+#endif
/* X9.62 curves */
- {NID_X9_62_prime192v1, &_EC_NIST_PRIME_192},
- {NID_X9_62_prime192v2, &_EC_X9_62_PRIME_192V2},
- {NID_X9_62_prime192v3, &_EC_X9_62_PRIME_192V3},
- {NID_X9_62_prime239v1, &_EC_X9_62_PRIME_239V1},
- {NID_X9_62_prime239v2, &_EC_X9_62_PRIME_239V2},
- {NID_X9_62_prime239v3, &_EC_X9_62_PRIME_239V3},
- {NID_X9_62_prime256v1, &_EC_X9_62_PRIME_256V1},
+ {NID_X9_62_prime192v1, &_EC_NIST_PRIME_192.h, 0,
+ "NIST/X9.62/SECG curve over a 192 bit prime field"},
+ {NID_X9_62_prime192v2, &_EC_X9_62_PRIME_192V2.h, 0,
+ "X9.62 curve over a 192 bit prime field"},
+ {NID_X9_62_prime192v3, &_EC_X9_62_PRIME_192V3.h, 0,
+ "X9.62 curve over a 192 bit prime field"},
+ {NID_X9_62_prime239v1, &_EC_X9_62_PRIME_239V1.h, 0,
+ "X9.62 curve over a 239 bit prime field"},
+ {NID_X9_62_prime239v2, &_EC_X9_62_PRIME_239V2.h, 0,
+ "X9.62 curve over a 239 bit prime field"},
+ {NID_X9_62_prime239v3, &_EC_X9_62_PRIME_239V3.h, 0,
+ "X9.62 curve over a 239 bit prime field"},
+#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
+ {NID_X9_62_prime256v1, &_EC_X9_62_PRIME_256V1.h, EC_GFp_nistp256_method,
+ "X9.62/SECG curve over a 256 bit prime field"},
+#else
+ {NID_X9_62_prime256v1, &_EC_X9_62_PRIME_256V1.h, 0,
+ "X9.62/SECG curve over a 256 bit prime field"},
+#endif
+#ifndef OPENSSL_NO_EC2M
/* characteristic two field curves */
/* NIST/SECG curves */
- {NID_sect113r1, &_EC_SECG_CHAR2_113R1},
- {NID_sect113r2, &_EC_SECG_CHAR2_113R2},
- {NID_sect131r1, &_EC_SECG_CHAR2_131R1},
- {NID_sect131r2, &_EC_SECG_CHAR2_131R2},
- {NID_sect163k1, &_EC_NIST_CHAR2_163K},
- {NID_sect163r1, &_EC_SECG_CHAR2_163R1},
- {NID_sect163r2, &_EC_NIST_CHAR2_163B},
- {NID_sect193r1, &_EC_SECG_CHAR2_193R1},
- {NID_sect193r2, &_EC_SECG_CHAR2_193R2},
- {NID_sect233k1, &_EC_NIST_CHAR2_233K},
- {NID_sect233r1, &_EC_NIST_CHAR2_233B},
- {NID_sect239k1, &_EC_SECG_CHAR2_239K1},
- {NID_sect283k1, &_EC_NIST_CHAR2_283K},
- {NID_sect283r1, &_EC_NIST_CHAR2_283B},
- {NID_sect409k1, &_EC_NIST_CHAR2_409K},
- {NID_sect409r1, &_EC_NIST_CHAR2_409B},
- {NID_sect571k1, &_EC_NIST_CHAR2_571K},
- {NID_sect571r1, &_EC_NIST_CHAR2_571B},
+ {NID_sect113r1, &_EC_SECG_CHAR2_113R1.h, 0,
+ "SECG curve over a 113 bit binary field"},
+ {NID_sect113r2, &_EC_SECG_CHAR2_113R2.h, 0,
+ "SECG curve over a 113 bit binary field"},
+ {NID_sect131r1, &_EC_SECG_CHAR2_131R1.h, 0,
+ "SECG/WTLS curve over a 131 bit binary field"},
+ {NID_sect131r2, &_EC_SECG_CHAR2_131R2.h, 0,
+ "SECG curve over a 131 bit binary field"},
+ {NID_sect163k1, &_EC_NIST_CHAR2_163K.h, 0,
+ "NIST/SECG/WTLS curve over a 163 bit binary field"},
+ {NID_sect163r1, &_EC_SECG_CHAR2_163R1.h, 0,
+ "SECG curve over a 163 bit binary field"},
+ {NID_sect163r2, &_EC_NIST_CHAR2_163B.h, 0,
+ "NIST/SECG curve over a 163 bit binary field"},
+ {NID_sect193r1, &_EC_SECG_CHAR2_193R1.h, 0,
+ "SECG curve over a 193 bit binary field"},
+ {NID_sect193r2, &_EC_SECG_CHAR2_193R2.h, 0,
+ "SECG curve over a 193 bit binary field"},
+ {NID_sect233k1, &_EC_NIST_CHAR2_233K.h, 0,
+ "NIST/SECG/WTLS curve over a 233 bit binary field"},
+ {NID_sect233r1, &_EC_NIST_CHAR2_233B.h, 0,
+ "NIST/SECG/WTLS curve over a 233 bit binary field"},
+ {NID_sect239k1, &_EC_SECG_CHAR2_239K1.h, 0,
+ "SECG curve over a 239 bit binary field"},
+ {NID_sect283k1, &_EC_NIST_CHAR2_283K.h, 0,
+ "NIST/SECG curve over a 283 bit binary field"},
+ {NID_sect283r1, &_EC_NIST_CHAR2_283B.h, 0,
+ "NIST/SECG curve over a 283 bit binary field"},
+ {NID_sect409k1, &_EC_NIST_CHAR2_409K.h, 0,
+ "NIST/SECG curve over a 409 bit binary field"},
+ {NID_sect409r1, &_EC_NIST_CHAR2_409B.h, 0,
+ "NIST/SECG curve over a 409 bit binary field"},
+ {NID_sect571k1, &_EC_NIST_CHAR2_571K.h, 0,
+ "NIST/SECG curve over a 571 bit binary field"},
+ {NID_sect571r1, &_EC_NIST_CHAR2_571B.h, 0,
+ "NIST/SECG curve over a 571 bit binary field"},
/* X9.62 curves */
- {NID_X9_62_c2pnb163v1, &_EC_X9_62_CHAR2_163V1},
- {NID_X9_62_c2pnb163v2, &_EC_X9_62_CHAR2_163V2},
- {NID_X9_62_c2pnb163v3, &_EC_X9_62_CHAR2_163V3},
- {NID_X9_62_c2pnb176v1, &_EC_X9_62_CHAR2_176V1},
- {NID_X9_62_c2tnb191v1, &_EC_X9_62_CHAR2_191V1},
- {NID_X9_62_c2tnb191v2, &_EC_X9_62_CHAR2_191V2},
- {NID_X9_62_c2tnb191v3, &_EC_X9_62_CHAR2_191V3},
- {NID_X9_62_c2pnb208w1, &_EC_X9_62_CHAR2_208W1},
- {NID_X9_62_c2tnb239v1, &_EC_X9_62_CHAR2_239V1},
- {NID_X9_62_c2tnb239v2, &_EC_X9_62_CHAR2_239V2},
- {NID_X9_62_c2tnb239v3, &_EC_X9_62_CHAR2_239V3},
- {NID_X9_62_c2pnb272w1, &_EC_X9_62_CHAR2_272W1},
- {NID_X9_62_c2pnb304w1, &_EC_X9_62_CHAR2_304W1},
- {NID_X9_62_c2tnb359v1, &_EC_X9_62_CHAR2_359V1},
- {NID_X9_62_c2pnb368w1, &_EC_X9_62_CHAR2_368W1},
- {NID_X9_62_c2tnb431r1, &_EC_X9_62_CHAR2_431R1},
+ {NID_X9_62_c2pnb163v1, &_EC_X9_62_CHAR2_163V1.h, 0,
+ "X9.62 curve over a 163 bit binary field"},
+ {NID_X9_62_c2pnb163v2, &_EC_X9_62_CHAR2_163V2.h, 0,
+ "X9.62 curve over a 163 bit binary field"},
+ {NID_X9_62_c2pnb163v3, &_EC_X9_62_CHAR2_163V3.h, 0,
+ "X9.62 curve over a 163 bit binary field"},
+ {NID_X9_62_c2pnb176v1, &_EC_X9_62_CHAR2_176V1.h, 0,
+ "X9.62 curve over a 176 bit binary field"},
+ {NID_X9_62_c2tnb191v1, &_EC_X9_62_CHAR2_191V1.h, 0,
+ "X9.62 curve over a 191 bit binary field"},
+ {NID_X9_62_c2tnb191v2, &_EC_X9_62_CHAR2_191V2.h, 0,
+ "X9.62 curve over a 191 bit binary field"},
+ {NID_X9_62_c2tnb191v3, &_EC_X9_62_CHAR2_191V3.h, 0,
+ "X9.62 curve over a 191 bit binary field"},
+ {NID_X9_62_c2pnb208w1, &_EC_X9_62_CHAR2_208W1.h, 0,
+ "X9.62 curve over a 208 bit binary field"},
+ {NID_X9_62_c2tnb239v1, &_EC_X9_62_CHAR2_239V1.h, 0,
+ "X9.62 curve over a 239 bit binary field"},
+ {NID_X9_62_c2tnb239v2, &_EC_X9_62_CHAR2_239V2.h, 0,
+ "X9.62 curve over a 239 bit binary field"},
+ {NID_X9_62_c2tnb239v3, &_EC_X9_62_CHAR2_239V3.h, 0,
+ "X9.62 curve over a 239 bit binary field"},
+ {NID_X9_62_c2pnb272w1, &_EC_X9_62_CHAR2_272W1.h, 0,
+ "X9.62 curve over a 272 bit binary field"},
+ {NID_X9_62_c2pnb304w1, &_EC_X9_62_CHAR2_304W1.h, 0,
+ "X9.62 curve over a 304 bit binary field"},
+ {NID_X9_62_c2tnb359v1, &_EC_X9_62_CHAR2_359V1.h, 0,
+ "X9.62 curve over a 359 bit binary field"},
+ {NID_X9_62_c2pnb368w1, &_EC_X9_62_CHAR2_368W1.h, 0,
+ "X9.62 curve over a 368 bit binary field"},
+ {NID_X9_62_c2tnb431r1, &_EC_X9_62_CHAR2_431R1.h, 0,
+ "X9.62 curve over a 431 bit binary field"},
/*
* the WAP/WTLS curves [unlike SECG, spec has its own OIDs for curves
* from X9.62]
*/
- {NID_wap_wsg_idm_ecid_wtls1, &_EC_WTLS_1},
- {NID_wap_wsg_idm_ecid_wtls3, &_EC_NIST_CHAR2_163K},
- {NID_wap_wsg_idm_ecid_wtls4, &_EC_SECG_CHAR2_113R1},
- {NID_wap_wsg_idm_ecid_wtls5, &_EC_X9_62_CHAR2_163V1},
- {NID_wap_wsg_idm_ecid_wtls6, &_EC_SECG_PRIME_112R1},
- {NID_wap_wsg_idm_ecid_wtls7, &_EC_SECG_PRIME_160R2},
- {NID_wap_wsg_idm_ecid_wtls8, &_EC_WTLS_8},
- {NID_wap_wsg_idm_ecid_wtls9, &_EC_WTLS_9},
- {NID_wap_wsg_idm_ecid_wtls10, &_EC_NIST_CHAR2_233K},
- {NID_wap_wsg_idm_ecid_wtls11, &_EC_NIST_CHAR2_233B},
- {NID_wap_wsg_idm_ecid_wtls12, &_EC_WTLS_12},
+ {NID_wap_wsg_idm_ecid_wtls1, &_EC_WTLS_1.h, 0,
+ "WTLS curve over a 113 bit binary field"},
+ {NID_wap_wsg_idm_ecid_wtls3, &_EC_NIST_CHAR2_163K.h, 0,
+ "NIST/SECG/WTLS curve over a 163 bit binary field"},
+ {NID_wap_wsg_idm_ecid_wtls4, &_EC_SECG_CHAR2_113R1.h, 0,
+ "SECG curve over a 113 bit binary field"},
+ {NID_wap_wsg_idm_ecid_wtls5, &_EC_X9_62_CHAR2_163V1.h, 0,
+ "X9.62 curve over a 163 bit binary field"},
+#endif
+ {NID_wap_wsg_idm_ecid_wtls6, &_EC_SECG_PRIME_112R1.h, 0,
+ "SECG/WTLS curve over a 112 bit prime field"},
+ {NID_wap_wsg_idm_ecid_wtls7, &_EC_SECG_PRIME_160R2.h, 0,
+ "SECG/WTLS curve over a 160 bit prime field"},
+ {NID_wap_wsg_idm_ecid_wtls8, &_EC_WTLS_8.h, 0,
+ "WTLS curve over a 112 bit prime field"},
+ {NID_wap_wsg_idm_ecid_wtls9, &_EC_WTLS_9.h, 0,
+ "WTLS curve over a 160 bit prime field"},
+#ifndef OPENSSL_NO_EC2M
+ {NID_wap_wsg_idm_ecid_wtls10, &_EC_NIST_CHAR2_233K.h, 0,
+ "NIST/SECG/WTLS curve over a 233 bit binary field"},
+ {NID_wap_wsg_idm_ecid_wtls11, &_EC_NIST_CHAR2_233B.h, 0,
+ "NIST/SECG/WTLS curve over a 233 bit binary field"},
+#endif
+ {NID_wap_wsg_idm_ecid_wtls12, &_EC_WTLS_12.h, 0,
+ "WTLS curvs over a 224 bit prime field"},
+#ifndef OPENSSL_NO_EC2M
/* IPSec curves */
- {NID_ipsec3, &_EC_IPSEC_155_ID3},
- {NID_ipsec4, &_EC_IPSEC_185_ID4},
+ {NID_ipsec3, &_EC_IPSEC_155_ID3.h, 0,
+ "\n\tIPSec/IKE/Oakley curve #3 over a 155 bit binary field.\n"
+ "\tNot suitable for ECDSA.\n\tQuestionable extension field!"},
+ {NID_ipsec4, &_EC_IPSEC_185_ID4.h, 0,
+ "\n\tIPSec/IKE/Oakley curve #4 over a 185 bit binary field.\n"
+ "\tNot suitable for ECDSA.\n\tQuestionable extension field!"},
+#endif
};
-static size_t curve_list_length =
- sizeof(curve_list) / sizeof(ec_list_element);
+#define curve_list_length (sizeof(curve_list)/sizeof(ec_list_element))
-static EC_GROUP *ec_group_new_from_data(const EC_CURVE_DATA * data)
+static EC_GROUP *ec_group_new_from_data(const ec_list_element curve)
{
EC_GROUP *group = NULL;
EC_POINT *P = NULL;
@@ -1210,36 +2472,52 @@
BIGNUM *p = NULL, *a = NULL, *b = NULL, *x = NULL, *y = NULL, *order =
NULL;
int ok = 0;
+ int seed_len, param_len;
+ const EC_METHOD *meth;
+ const EC_CURVE_DATA *data;
+ const unsigned char *params;
if ((ctx = BN_CTX_new()) == NULL) {
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_MALLOC_FAILURE);
goto err;
}
- if ((p = BN_new()) == NULL || (a = BN_new()) == NULL ||
- (b = BN_new()) == NULL || (x = BN_new()) == NULL ||
- (y = BN_new()) == NULL || (order = BN_new()) == NULL) {
- ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- if (!BN_hex2bn(&p, data->p) || !BN_hex2bn(&a, data->a)
- || !BN_hex2bn(&b, data->b)) {
+ data = curve.data;
+ seed_len = data->seed_len;
+ param_len = data->param_len;
+ params = (const unsigned char *)(data + 1); /* skip header */
+ params += seed_len; /* skip seed */
+
+ if (!(p = BN_bin2bn(params + 0 * param_len, param_len, NULL))
+ || !(a = BN_bin2bn(params + 1 * param_len, param_len, NULL))
+ || !(b = BN_bin2bn(params + 2 * param_len, param_len, NULL))) {
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_BN_LIB);
goto err;
}
- if (data->field_type == NID_X9_62_prime_field) {
+ if (curve.meth != 0) {
+ meth = curve.meth();
+ if (((group = EC_GROUP_new(meth)) == NULL) ||
+ (!(group->meth->group_set_curve(group, p, a, b, ctx)))) {
+ ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
+ goto err;
+ }
+ } else if (data->field_type == NID_X9_62_prime_field) {
if ((group = EC_GROUP_new_curve_GFp(p, a, b, ctx)) == NULL) {
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
goto err;
}
- } else { /* field_type ==
+ }
+#ifndef OPENSSL_NO_EC2M
+ else { /* field_type ==
* NID_X9_62_characteristic_two_field */
+
if ((group = EC_GROUP_new_curve_GF2m(p, a, b, ctx)) == NULL) {
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
goto err;
}
}
+#endif
if ((P = EC_POINT_new(group)) == NULL) {
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
@@ -1246,15 +2524,17 @@
goto err;
}
- if (!BN_hex2bn(&x, data->x) || !BN_hex2bn(&y, data->y)) {
+ if (!(x = BN_bin2bn(params + 3 * param_len, param_len, NULL))
+ || !(y = BN_bin2bn(params + 4 * param_len, param_len, NULL))) {
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_BN_LIB);
goto err;
}
- if (!EC_POINT_set_affine_coordinates_GF2m(group, P, x, y, ctx)) {
+ if (!EC_POINT_set_affine_coordinates_GFp(group, P, x, y, ctx)) {
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
goto err;
}
- if (!BN_hex2bn(&order, data->order) || !BN_set_word(x, data->cofactor)) {
+ if (!(order = BN_bin2bn(params + 5 * param_len, param_len, NULL))
+ || !BN_set_word(x, (BN_ULONG)data->cofactor)) {
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_BN_LIB);
goto err;
}
@@ -1262,8 +2542,8 @@
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
goto err;
}
- if (data->seed) {
- if (!EC_GROUP_set_seed(group, data->seed, data->seed_len)) {
+ if (seed_len) {
+ if (!EC_GROUP_set_seed(group, params - seed_len, seed_len)) {
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
goto err;
}
@@ -1303,7 +2583,7 @@
for (i = 0; i < curve_list_length; i++)
if (curve_list[i].nid == nid) {
- ret = ec_group_new_from_data(curve_list[i].data);
+ ret = ec_group_new_from_data(curve_list[i]);
break;
}
@@ -1328,7 +2608,7 @@
for (i = 0; i < min; i++) {
r[i].nid = curve_list[i].nid;
- r[i].comment = curve_list[i].data->comment;
+ r[i].comment = curve_list[i].comment;
}
return curve_list_length;
Modified: trunk/crypto/openssl/crypto/ec/ec_cvt.c
===================================================================
--- trunk/crypto/openssl/crypto/ec/ec_cvt.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/ec/ec_cvt.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -78,7 +78,32 @@
const EC_METHOD *meth;
EC_GROUP *ret;
+#if defined(OPENSSL_BN_ASM_MONT)
+ /*
+ * This might appear controversial, but the fact is that generic
+ * prime method was observed to deliver better performance even
+ * for NIST primes on a range of platforms, e.g.: 60%-15%
+ * improvement on IA-64, ~25% on ARM, 30%-90% on P4, 20%-25%
+ * in 32-bit build and 35%--12% in 64-bit build on Core2...
+ * Coefficients are relative to optimized bn_nist.c for most
+ * intensive ECDSA verify and ECDH operations for 192- and 521-
+ * bit keys respectively. Choice of these boundary values is
+ * arguable, because the dependency of improvement coefficient
+ * from key length is not a "monotone" curve. For example while
+ * 571-bit result is 23% on ARM, 384-bit one is -1%. But it's
+ * generally faster, sometimes "respectfully" faster, sometimes
+ * "tolerably" slower... What effectively happens is that loop
+ * with bn_mul_add_words is put against bn_mul_mont, and the
+ * latter "wins" on short vectors. Correct solution should be
+ * implementing dedicated NxN multiplication subroutines for
+ * small N. But till it materializes, let's stick to generic
+ * prime method...
+ * <appro>
+ */
+ meth = EC_GFp_mont_method();
+#else
meth = EC_GFp_nist_method();
+#endif
ret = EC_GROUP_new(meth);
if (ret == NULL)
@@ -120,6 +145,7 @@
return ret;
}
+#ifndef OPENSSL_NO_EC2M
EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a,
const BIGNUM *b, BN_CTX *ctx)
{
@@ -139,3 +165,4 @@
return ret;
}
+#endif
Modified: trunk/crypto/openssl/crypto/ec/ec_err.c
===================================================================
--- trunk/crypto/openssl/crypto/ec/ec_err.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/ec/ec_err.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,6 +1,6 @@
/* crypto/ec/ec_err.c */
/* ====================================================================
- * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -70,10 +70,19 @@
# define ERR_REASON(reason) ERR_PACK(ERR_LIB_EC,0,reason)
static ERR_STRING_DATA EC_str_functs[] = {
+ {ERR_FUNC(EC_F_BN_TO_FELEM), "BN_TO_FELEM"},
{ERR_FUNC(EC_F_COMPUTE_WNAF), "COMPUTE_WNAF"},
{ERR_FUNC(EC_F_D2I_ECPARAMETERS), "d2i_ECParameters"},
{ERR_FUNC(EC_F_D2I_ECPKPARAMETERS), "d2i_ECPKParameters"},
{ERR_FUNC(EC_F_D2I_ECPRIVATEKEY), "d2i_ECPrivateKey"},
+ {ERR_FUNC(EC_F_DO_EC_KEY_PRINT), "DO_EC_KEY_PRINT"},
+ {ERR_FUNC(EC_F_ECKEY_PARAM2TYPE), "ECKEY_PARAM2TYPE"},
+ {ERR_FUNC(EC_F_ECKEY_PARAM_DECODE), "ECKEY_PARAM_DECODE"},
+ {ERR_FUNC(EC_F_ECKEY_PRIV_DECODE), "ECKEY_PRIV_DECODE"},
+ {ERR_FUNC(EC_F_ECKEY_PRIV_ENCODE), "ECKEY_PRIV_ENCODE"},
+ {ERR_FUNC(EC_F_ECKEY_PUB_DECODE), "ECKEY_PUB_DECODE"},
+ {ERR_FUNC(EC_F_ECKEY_PUB_ENCODE), "ECKEY_PUB_ENCODE"},
+ {ERR_FUNC(EC_F_ECKEY_TYPE2PARAM), "ECKEY_TYPE2PARAM"},
{ERR_FUNC(EC_F_ECPARAMETERS_PRINT), "ECParameters_print"},
{ERR_FUNC(EC_F_ECPARAMETERS_PRINT_FP), "ECParameters_print_fp"},
{ERR_FUNC(EC_F_ECPKPARAMETERS_PRINT), "ECPKParameters_print"},
@@ -113,6 +122,21 @@
"ec_GFp_mont_group_set_curve"},
{ERR_FUNC(EC_F_EC_GFP_MONT_GROUP_SET_CURVE_GFP),
"EC_GFP_MONT_GROUP_SET_CURVE_GFP"},
+ {ERR_FUNC(EC_F_EC_GFP_NISTP224_GROUP_SET_CURVE),
+ "ec_GFp_nistp224_group_set_curve"},
+ {ERR_FUNC(EC_F_EC_GFP_NISTP224_POINTS_MUL), "ec_GFp_nistp224_points_mul"},
+ {ERR_FUNC(EC_F_EC_GFP_NISTP224_POINT_GET_AFFINE_COORDINATES),
+ "ec_GFp_nistp224_point_get_affine_coordinates"},
+ {ERR_FUNC(EC_F_EC_GFP_NISTP256_GROUP_SET_CURVE),
+ "ec_GFp_nistp256_group_set_curve"},
+ {ERR_FUNC(EC_F_EC_GFP_NISTP256_POINTS_MUL), "ec_GFp_nistp256_points_mul"},
+ {ERR_FUNC(EC_F_EC_GFP_NISTP256_POINT_GET_AFFINE_COORDINATES),
+ "ec_GFp_nistp256_point_get_affine_coordinates"},
+ {ERR_FUNC(EC_F_EC_GFP_NISTP521_GROUP_SET_CURVE),
+ "ec_GFp_nistp521_group_set_curve"},
+ {ERR_FUNC(EC_F_EC_GFP_NISTP521_POINTS_MUL), "ec_GFp_nistp521_points_mul"},
+ {ERR_FUNC(EC_F_EC_GFP_NISTP521_POINT_GET_AFFINE_COORDINATES),
+ "ec_GFp_nistp521_point_get_affine_coordinates"},
{ERR_FUNC(EC_F_EC_GFP_NIST_FIELD_MUL), "ec_GFp_nist_field_mul"},
{ERR_FUNC(EC_F_EC_GFP_NIST_FIELD_SQR), "ec_GFp_nist_field_sqr"},
{ERR_FUNC(EC_F_EC_GFP_NIST_GROUP_SET_CURVE),
@@ -170,8 +194,9 @@
{ERR_FUNC(EC_F_EC_KEY_NEW), "EC_KEY_new"},
{ERR_FUNC(EC_F_EC_KEY_PRINT), "EC_KEY_print"},
{ERR_FUNC(EC_F_EC_KEY_PRINT_FP), "EC_KEY_print_fp"},
+ {ERR_FUNC(EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES),
+ "EC_KEY_set_public_key_affine_coordinates"},
{ERR_FUNC(EC_F_EC_POINTS_MAKE_AFFINE), "EC_POINTs_make_affine"},
- {ERR_FUNC(EC_F_EC_POINTS_MUL), "EC_POINTs_mul"},
{ERR_FUNC(EC_F_EC_POINT_ADD), "EC_POINT_add"},
{ERR_FUNC(EC_F_EC_POINT_CMP), "EC_POINT_cmp"},
{ERR_FUNC(EC_F_EC_POINT_COPY), "EC_POINT_copy"},
@@ -209,7 +234,17 @@
{ERR_FUNC(EC_F_I2D_ECPKPARAMETERS), "i2d_ECPKParameters"},
{ERR_FUNC(EC_F_I2D_ECPRIVATEKEY), "i2d_ECPrivateKey"},
{ERR_FUNC(EC_F_I2O_ECPUBLICKEY), "i2o_ECPublicKey"},
+ {ERR_FUNC(EC_F_NISTP224_PRE_COMP_NEW), "NISTP224_PRE_COMP_NEW"},
+ {ERR_FUNC(EC_F_NISTP256_PRE_COMP_NEW), "NISTP256_PRE_COMP_NEW"},
+ {ERR_FUNC(EC_F_NISTP521_PRE_COMP_NEW), "NISTP521_PRE_COMP_NEW"},
{ERR_FUNC(EC_F_O2I_ECPUBLICKEY), "o2i_ECPublicKey"},
+ {ERR_FUNC(EC_F_OLD_EC_PRIV_DECODE), "OLD_EC_PRIV_DECODE"},
+ {ERR_FUNC(EC_F_PKEY_EC_CTRL), "PKEY_EC_CTRL"},
+ {ERR_FUNC(EC_F_PKEY_EC_CTRL_STR), "PKEY_EC_CTRL_STR"},
+ {ERR_FUNC(EC_F_PKEY_EC_DERIVE), "PKEY_EC_DERIVE"},
+ {ERR_FUNC(EC_F_PKEY_EC_KEYGEN), "PKEY_EC_KEYGEN"},
+ {ERR_FUNC(EC_F_PKEY_EC_PARAMGEN), "PKEY_EC_PARAMGEN"},
+ {ERR_FUNC(EC_F_PKEY_EC_SIGN), "PKEY_EC_SIGN"},
{0, NULL}
};
@@ -216,13 +251,17 @@
static ERR_STRING_DATA EC_str_reasons[] = {
{ERR_REASON(EC_R_ASN1_ERROR), "asn1 error"},
{ERR_REASON(EC_R_ASN1_UNKNOWN_FIELD), "asn1 unknown field"},
+ {ERR_REASON(EC_R_BIGNUM_OUT_OF_RANGE), "bignum out of range"},
{ERR_REASON(EC_R_BUFFER_TOO_SMALL), "buffer too small"},
+ {ERR_REASON(EC_R_COORDINATES_OUT_OF_RANGE), "coordinates out of range"},
{ERR_REASON(EC_R_D2I_ECPKPARAMETERS_FAILURE),
"d2i ecpkparameters failure"},
+ {ERR_REASON(EC_R_DECODE_ERROR), "decode error"},
{ERR_REASON(EC_R_DISCRIMINANT_IS_ZERO), "discriminant is zero"},
{ERR_REASON(EC_R_EC_GROUP_NEW_BY_NAME_FAILURE),
"ec group new by name failure"},
{ERR_REASON(EC_R_FIELD_TOO_LARGE), "field too large"},
+ {ERR_REASON(EC_R_GF2M_NOT_SUPPORTED), "gf2m not supported"},
{ERR_REASON(EC_R_GROUP2PKPARAMETERS_FAILURE),
"group2pkparameters failure"},
{ERR_REASON(EC_R_I2D_ECPKPARAMETERS_FAILURE),
@@ -231,6 +270,8 @@
{ERR_REASON(EC_R_INVALID_ARGUMENT), "invalid argument"},
{ERR_REASON(EC_R_INVALID_COMPRESSED_POINT), "invalid compressed point"},
{ERR_REASON(EC_R_INVALID_COMPRESSION_BIT), "invalid compression bit"},
+ {ERR_REASON(EC_R_INVALID_CURVE), "invalid curve"},
+ {ERR_REASON(EC_R_INVALID_DIGEST_TYPE), "invalid digest type"},
{ERR_REASON(EC_R_INVALID_ENCODING), "invalid encoding"},
{ERR_REASON(EC_R_INVALID_FIELD), "invalid field"},
{ERR_REASON(EC_R_INVALID_FORM), "invalid form"},
@@ -238,6 +279,7 @@
{ERR_REASON(EC_R_INVALID_PENTANOMIAL_BASIS), "invalid pentanomial basis"},
{ERR_REASON(EC_R_INVALID_PRIVATE_KEY), "invalid private key"},
{ERR_REASON(EC_R_INVALID_TRINOMIAL_BASIS), "invalid trinomial basis"},
+ {ERR_REASON(EC_R_KEYS_NOT_SET), "keys not set"},
{ERR_REASON(EC_R_MISSING_PARAMETERS), "missing parameters"},
{ERR_REASON(EC_R_MISSING_PRIVATE_KEY), "missing private key"},
{ERR_REASON(EC_R_NOT_A_NIST_PRIME), "not a NIST prime"},
@@ -246,6 +288,7 @@
{ERR_REASON(EC_R_NOT_IMPLEMENTED), "not implemented"},
{ERR_REASON(EC_R_NOT_INITIALIZED), "not initialized"},
{ERR_REASON(EC_R_NO_FIELD_MOD), "no field mod"},
+ {ERR_REASON(EC_R_NO_PARAMETERS_SET), "no parameters set"},
{ERR_REASON(EC_R_PASSED_NULL_PARAMETER), "passed null parameter"},
{ERR_REASON(EC_R_PKPARAMETERS2GROUP_FAILURE),
"pkparameters2group failure"},
@@ -257,6 +300,7 @@
{ERR_REASON(EC_R_UNKNOWN_GROUP), "unknown group"},
{ERR_REASON(EC_R_UNKNOWN_ORDER), "unknown order"},
{ERR_REASON(EC_R_UNSUPPORTED_FIELD), "unsupported field"},
+ {ERR_REASON(EC_R_WRONG_CURVE_PARAMETERS), "wrong curve parameters"},
{ERR_REASON(EC_R_WRONG_ORDER), "wrong order"},
{0, NULL}
};
Modified: trunk/crypto/openssl/crypto/ec/ec_key.c
===================================================================
--- trunk/crypto/openssl/crypto/ec/ec_key.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/ec/ec_key.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -64,6 +64,9 @@
#include <string.h>
#include "ec_lcl.h"
#include <openssl/err.h>
+#ifdef OPENSSL_FIPS
+# include <openssl/fips.h>
+#endif
EC_KEY *EC_KEY_new(void)
{
@@ -76,6 +79,7 @@
}
ret->version = 1;
+ ret->flags = 0;
ret->group = NULL;
ret->pub_key = NULL;
ret->priv_key = NULL;
@@ -191,6 +195,7 @@
dest->enc_flag = src->enc_flag;
dest->conv_form = src->conv_form;
dest->version = src->version;
+ dest->flags = src->flags;
return dest;
}
@@ -229,6 +234,11 @@
BIGNUM *priv_key = NULL, *order = NULL;
EC_POINT *pub_key = NULL;
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode())
+ return FIPS_ec_key_generate_key(eckey);
+#endif
+
if (!eckey || !eckey->group) {
ECerr(EC_F_EC_KEY_GENERATE_KEY, ERR_R_PASSED_NULL_PARAMETER);
return 0;
@@ -350,6 +360,80 @@
return (ok);
}
+int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x,
+ BIGNUM *y)
+{
+ BN_CTX *ctx = NULL;
+ BIGNUM *tx, *ty;
+ EC_POINT *point = NULL;
+ int ok = 0, tmp_nid, is_char_two = 0;
+
+ if (!key || !key->group || !x || !y) {
+ ECerr(EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES,
+ ERR_R_PASSED_NULL_PARAMETER);
+ return 0;
+ }
+ ctx = BN_CTX_new();
+ if (!ctx)
+ goto err;
+
+ point = EC_POINT_new(key->group);
+
+ if (!point)
+ goto err;
+
+ tmp_nid = EC_METHOD_get_field_type(EC_GROUP_method_of(key->group));
+
+ if (tmp_nid == NID_X9_62_characteristic_two_field)
+ is_char_two = 1;
+
+ tx = BN_CTX_get(ctx);
+ ty = BN_CTX_get(ctx);
+#ifndef OPENSSL_NO_EC2M
+ if (is_char_two) {
+ if (!EC_POINT_set_affine_coordinates_GF2m(key->group, point,
+ x, y, ctx))
+ goto err;
+ if (!EC_POINT_get_affine_coordinates_GF2m(key->group, point,
+ tx, ty, ctx))
+ goto err;
+ } else
+#endif
+ {
+ if (!EC_POINT_set_affine_coordinates_GFp(key->group, point,
+ x, y, ctx))
+ goto err;
+ if (!EC_POINT_get_affine_coordinates_GFp(key->group, point,
+ tx, ty, ctx))
+ goto err;
+ }
+ /*
+ * Check if retrieved coordinates match originals: if not values are out
+ * of range.
+ */
+ if (BN_cmp(x, tx) || BN_cmp(y, ty)) {
+ ECerr(EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES,
+ EC_R_COORDINATES_OUT_OF_RANGE);
+ goto err;
+ }
+
+ if (!EC_KEY_set_public_key(key, point))
+ goto err;
+
+ if (EC_KEY_check_key(key) == 0)
+ goto err;
+
+ ok = 1;
+
+ err:
+ if (ctx)
+ BN_CTX_free(ctx);
+ if (point)
+ EC_POINT_free(point);
+ return ok;
+
+}
+
const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key)
{
return key->group;
@@ -458,3 +542,18 @@
return 0;
return EC_GROUP_precompute_mult(key->group, ctx);
}
+
+int EC_KEY_get_flags(const EC_KEY *key)
+{
+ return key->flags;
+}
+
+void EC_KEY_set_flags(EC_KEY *key, int flags)
+{
+ key->flags |= flags;
+}
+
+void EC_KEY_clear_flags(EC_KEY *key, int flags)
+{
+ key->flags &= ~flags;
+}
Modified: trunk/crypto/openssl/crypto/ec/ec_lcl.h
===================================================================
--- trunk/crypto/openssl/crypto/ec/ec_lcl.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/ec/ec_lcl.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -3,7 +3,7 @@
* Originally written by Bodo Moeller for the OpenSSL project.
*/
/* ====================================================================
- * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1998-2010 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -81,6 +81,9 @@
# endif
#endif
+/* Use default functions for poin2oct, oct2point and compressed coordinates */
+#define EC_FLAGS_DEFAULT_OCT 0x1
+
/*
* Structure details are not part of the exported interface, so all this may
* change in future versions.
@@ -87,6 +90,8 @@
*/
struct ec_method_st {
+ /* Various method flags */
+ int flags;
/* used by EC_METHOD_get_field_type: */
int field_type; /* a NID */
/*
@@ -225,9 +230,11 @@
/*
* Field specification for curves over GF(2^m). The irreducible f(t) is
* then of the form: t^poly[0] + t^poly[1] + ... + t^poly[k] where m =
- * poly[0] > poly[1] > ... > poly[k] = 0.
+ * poly[0] > poly[1] > ... > poly[k] = 0. The array is terminated with
+ * poly[k+1]=-1. All elliptic curve irreducibles have at most 5 non-zero
+ * terms.
*/
- unsigned int poly[5];
+ int poly[6];
/*
* Curve coefficients. (Here the assumption is that BIGNUMs can be used
* or abused for all kinds of fields, not just GF(p).) For characteristic
@@ -255,6 +262,7 @@
unsigned int enc_flag;
point_conversion_form_t conv_form;
int references;
+ int flags;
EC_EXTRA_DATA *method_data;
} /* EC_KEY */ ;
@@ -442,3 +450,94 @@
BN_CTX *);
int ec_GF2m_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
int ec_GF2m_have_precompute_mult(const EC_GROUP *group);
+
+#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
+/* method functions in ecp_nistp224.c */
+int ec_GFp_nistp224_group_init(EC_GROUP *group);
+int ec_GFp_nistp224_group_set_curve(EC_GROUP *group, const BIGNUM *p,
+ const BIGNUM *a, const BIGNUM *n,
+ BN_CTX *);
+int ec_GFp_nistp224_point_get_affine_coordinates(const EC_GROUP *group,
+ const EC_POINT *point,
+ BIGNUM *x, BIGNUM *y,
+ BN_CTX *ctx);
+int ec_GFp_nistp224_mul(const EC_GROUP *group, EC_POINT *r,
+ const BIGNUM *scalar, size_t num,
+ const EC_POINT *points[], const BIGNUM *scalars[],
+ BN_CTX *);
+int ec_GFp_nistp224_points_mul(const EC_GROUP *group, EC_POINT *r,
+ const BIGNUM *scalar, size_t num,
+ const EC_POINT *points[],
+ const BIGNUM *scalars[], BN_CTX *ctx);
+int ec_GFp_nistp224_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
+int ec_GFp_nistp224_have_precompute_mult(const EC_GROUP *group);
+
+/* method functions in ecp_nistp256.c */
+int ec_GFp_nistp256_group_init(EC_GROUP *group);
+int ec_GFp_nistp256_group_set_curve(EC_GROUP *group, const BIGNUM *p,
+ const BIGNUM *a, const BIGNUM *n,
+ BN_CTX *);
+int ec_GFp_nistp256_point_get_affine_coordinates(const EC_GROUP *group,
+ const EC_POINT *point,
+ BIGNUM *x, BIGNUM *y,
+ BN_CTX *ctx);
+int ec_GFp_nistp256_mul(const EC_GROUP *group, EC_POINT *r,
+ const BIGNUM *scalar, size_t num,
+ const EC_POINT *points[], const BIGNUM *scalars[],
+ BN_CTX *);
+int ec_GFp_nistp256_points_mul(const EC_GROUP *group, EC_POINT *r,
+ const BIGNUM *scalar, size_t num,
+ const EC_POINT *points[],
+ const BIGNUM *scalars[], BN_CTX *ctx);
+int ec_GFp_nistp256_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
+int ec_GFp_nistp256_have_precompute_mult(const EC_GROUP *group);
+
+/* method functions in ecp_nistp521.c */
+int ec_GFp_nistp521_group_init(EC_GROUP *group);
+int ec_GFp_nistp521_group_set_curve(EC_GROUP *group, const BIGNUM *p,
+ const BIGNUM *a, const BIGNUM *n,
+ BN_CTX *);
+int ec_GFp_nistp521_point_get_affine_coordinates(const EC_GROUP *group,
+ const EC_POINT *point,
+ BIGNUM *x, BIGNUM *y,
+ BN_CTX *ctx);
+int ec_GFp_nistp521_mul(const EC_GROUP *group, EC_POINT *r,
+ const BIGNUM *scalar, size_t num,
+ const EC_POINT *points[], const BIGNUM *scalars[],
+ BN_CTX *);
+int ec_GFp_nistp521_points_mul(const EC_GROUP *group, EC_POINT *r,
+ const BIGNUM *scalar, size_t num,
+ const EC_POINT *points[],
+ const BIGNUM *scalars[], BN_CTX *ctx);
+int ec_GFp_nistp521_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
+int ec_GFp_nistp521_have_precompute_mult(const EC_GROUP *group);
+
+/* utility functions in ecp_nistputil.c */
+void ec_GFp_nistp_points_make_affine_internal(size_t num, void *point_array,
+ size_t felem_size,
+ void *tmp_felems,
+ void (*felem_one) (void *out),
+ int (*felem_is_zero) (const void
+ *in),
+ void (*felem_assign) (void *out,
+ const void
+ *in),
+ void (*felem_square) (void *out,
+ const void
+ *in),
+ void (*felem_mul) (void *out,
+ const void
+ *in1,
+ const void
+ *in2),
+ void (*felem_inv) (void *out,
+ const void
+ *in),
+ void (*felem_contract) (void
+ *out,
+ const
+ void
+ *in));
+void ec_GFp_nistp_recode_scalar_bits(unsigned char *sign,
+ unsigned char *digit, unsigned char in);
+#endif
Modified: trunk/crypto/openssl/crypto/ec/ec_lib.c
===================================================================
--- trunk/crypto/openssl/crypto/ec/ec_lib.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/ec/ec_lib.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -68,7 +68,7 @@
#include "ec_lcl.h"
-static const char EC_version[] = "EC" OPENSSL_VERSION_PTEXT;
+const char EC_version[] = "EC" OPENSSL_VERSION_PTEXT;
/* functions for EC_GROUP objects */
@@ -77,7 +77,7 @@
EC_GROUP *ret;
if (meth == NULL) {
- ECerr(EC_F_EC_GROUP_NEW, ERR_R_PASSED_NULL_PARAMETER);
+ ECerr(EC_F_EC_GROUP_NEW, EC_R_SLOT_FULL);
return NULL;
}
if (meth->group_init == 0) {
@@ -401,6 +401,7 @@
return group->meth->group_get_curve(group, p, a, b, ctx);
}
+#ifndef OPENSSL_NO_EC2M
int EC_GROUP_set_curve_GF2m(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a,
const BIGNUM *b, BN_CTX *ctx)
{
@@ -422,6 +423,7 @@
}
return group->meth->group_get_curve(group, p, a, b, ctx);
}
+#endif
int EC_GROUP_get_degree(const EC_GROUP *group)
{
@@ -707,7 +709,7 @@
if (point->meth->point_clear_finish != 0)
point->meth->point_clear_finish(point);
- else if (point->meth != NULL && point->meth->point_finish != 0)
+ else if (point->meth->point_finish != 0)
point->meth->point_finish(point);
OPENSSL_cleanse(point, sizeof *point);
OPENSSL_free(point);
@@ -821,6 +823,7 @@
return group->meth->point_set_affine_coordinates(group, point, x, y, ctx);
}
+#ifndef OPENSSL_NO_EC2M
int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group,
EC_POINT *point, const BIGNUM *x,
const BIGNUM *y, BN_CTX *ctx)
@@ -837,6 +840,7 @@
}
return group->meth->point_set_affine_coordinates(group, point, x, y, ctx);
}
+#endif
int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
const EC_POINT *point, BIGNUM *x,
@@ -855,6 +859,7 @@
return group->meth->point_get_affine_coordinates(group, point, x, y, ctx);
}
+#ifndef OPENSSL_NO_EC2M
int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
const EC_POINT *point, BIGNUM *x,
BIGNUM *y, BN_CTX *ctx)
@@ -871,72 +876,8 @@
}
return group->meth->point_get_affine_coordinates(group, point, x, y, ctx);
}
+#endif
-int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group,
- EC_POINT *point, const BIGNUM *x,
- int y_bit, BN_CTX *ctx)
-{
- if (group->meth->point_set_compressed_coordinates == 0) {
- ECerr(EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP,
- ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
- return 0;
- }
- if (group->meth != point->meth) {
- ECerr(EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP,
- EC_R_INCOMPATIBLE_OBJECTS);
- return 0;
- }
- return group->meth->point_set_compressed_coordinates(group, point, x,
- y_bit, ctx);
-}
-
-int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group,
- EC_POINT *point, const BIGNUM *x,
- int y_bit, BN_CTX *ctx)
-{
- if (group->meth->point_set_compressed_coordinates == 0) {
- ECerr(EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GF2M,
- ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
- return 0;
- }
- if (group->meth != point->meth) {
- ECerr(EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GF2M,
- EC_R_INCOMPATIBLE_OBJECTS);
- return 0;
- }
- return group->meth->point_set_compressed_coordinates(group, point, x,
- y_bit, ctx);
-}
-
-size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *point,
- point_conversion_form_t form, unsigned char *buf,
- size_t len, BN_CTX *ctx)
-{
- if (group->meth->point2oct == 0) {
- ECerr(EC_F_EC_POINT_POINT2OCT, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
- return 0;
- }
- if (group->meth != point->meth) {
- ECerr(EC_F_EC_POINT_POINT2OCT, EC_R_INCOMPATIBLE_OBJECTS);
- return 0;
- }
- return group->meth->point2oct(group, point, form, buf, len, ctx);
-}
-
-int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *point,
- const unsigned char *buf, size_t len, BN_CTX *ctx)
-{
- if (group->meth->oct2point == 0) {
- ECerr(EC_F_EC_POINT_OCT2POINT, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
- return 0;
- }
- if (group->meth != point->meth) {
- ECerr(EC_F_EC_POINT_OCT2POINT, EC_R_INCOMPATIBLE_OBJECTS);
- return 0;
- }
- return group->meth->oct2point(group, point, buf, len, ctx);
-}
-
int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
const EC_POINT *b, BN_CTX *ctx)
{
Modified: trunk/crypto/openssl/crypto/ec/ec_mult.c
===================================================================
--- trunk/crypto/openssl/crypto/ec/ec_mult.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/ec/ec_mult.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -215,6 +215,11 @@
sign = -1;
}
+ if (scalar->d == NULL || scalar->top == 0) {
+ ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+
len = BN_num_bits(scalar);
r = OPENSSL_malloc(len + 1); /* modified wNAF may be one digit longer
* than binary representation (*ret_len will
@@ -224,11 +229,6 @@
ECerr(EC_F_COMPUTE_WNAF, ERR_R_MALLOC_FAILURE);
goto err;
}
-
- if (scalar->d == NULL || scalar->top == 0) {
- ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
- goto err;
- }
window_val = scalar->d[0] & mask;
j = 0;
while ((window_val != 0) || (j + w + 1 < len)) { /* if j+w+1 >= len,
@@ -408,7 +408,7 @@
if (numblocks > pre_comp->numblocks)
numblocks = pre_comp->numblocks;
- pre_points_per_block = 1u << (pre_comp->w - 1);
+ pre_points_per_block = (size_t)1 << (pre_comp->w - 1);
/* check that pre_comp looks sane */
if (pre_comp->num != (pre_comp->numblocks * pre_points_per_block)) {
@@ -432,13 +432,15 @@
* for pivot */
val_sub = OPENSSL_malloc(totalnum * sizeof val_sub[0]);
+ /* Ensure wNAF is initialised in case we end up going to err */
+ if (wNAF)
+ wNAF[0] = NULL; /* preliminary pivot */
+
if (!wsize || !wNAF_len || !wNAF || !val_sub) {
ECerr(EC_F_EC_WNAF_MUL, ERR_R_MALLOC_FAILURE);
goto err;
}
- wNAF[0] = NULL; /* preliminary pivot */
-
/*
* num_val will be the total number of temporarily precomputed points
*/
@@ -449,7 +451,7 @@
bits = i < num ? BN_num_bits(scalars[i]) : BN_num_bits(scalar);
wsize[i] = EC_window_bits_for_scalar_size(bits);
- num_val += 1u << (wsize[i] - 1);
+ num_val += (size_t)1 << (wsize[i] - 1);
wNAF[i + 1] = NULL; /* make sure we always have a pivot */
wNAF[i] =
compute_wNAF((i < num ? scalars[i] : scalar), wsize[i],
@@ -585,7 +587,7 @@
v = val;
for (i = 0; i < num + num_scalar; i++) {
val_sub[i] = v;
- for (j = 0; j < (1u << (wsize[i] - 1)); j++) {
+ for (j = 0; j < ((size_t)1 << (wsize[i] - 1)); j++) {
*v = EC_POINT_new(group);
if (*v == NULL)
goto err;
@@ -619,7 +621,7 @@
if (wsize[i] > 1) {
if (!EC_POINT_dbl(group, tmp, val_sub[i][0], ctx))
goto err;
- for (j = 1; j < (1u << (wsize[i] - 1)); j++) {
+ for (j = 1; j < ((size_t)1 << (wsize[i] - 1)); j++) {
if (!EC_POINT_add
(group, val_sub[i][j], val_sub[i][j - 1], tmp, ctx))
goto err;
@@ -796,7 +798,7 @@
* to use for wNAF
* splitting */
- pre_points_per_block = 1u << (w - 1);
+ pre_points_per_block = (size_t)1 << (w - 1);
num = pre_points_per_block * numblocks; /* number of points to compute
* and store */
Copied: trunk/crypto/openssl/crypto/ec/ec_oct.c (from rev 7117, vendor-crypto/openssl/dist/crypto/ec/ec_oct.c)
===================================================================
--- trunk/crypto/openssl/crypto/ec/ec_oct.c (rev 0)
+++ trunk/crypto/openssl/crypto/ec/ec_oct.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,192 @@
+/* crypto/ec/ec_lib.c */
+/*
+ * Originally written by Bodo Moeller for the OpenSSL project.
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * Binary polynomial ECC support in OpenSSL originally developed by
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
+
+#include <string.h>
+
+#include <openssl/err.h>
+#include <openssl/opensslv.h>
+
+#include "ec_lcl.h"
+
+int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group,
+ EC_POINT *point, const BIGNUM *x,
+ int y_bit, BN_CTX *ctx)
+{
+ if (group->meth->point_set_compressed_coordinates == 0
+ && !(group->meth->flags & EC_FLAGS_DEFAULT_OCT)) {
+ ECerr(EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP,
+ ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ return 0;
+ }
+ if (group->meth != point->meth) {
+ ECerr(EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP,
+ EC_R_INCOMPATIBLE_OBJECTS);
+ return 0;
+ }
+ if (group->meth->flags & EC_FLAGS_DEFAULT_OCT) {
+ if (group->meth->field_type == NID_X9_62_prime_field)
+ return ec_GFp_simple_set_compressed_coordinates(group, point, x,
+ y_bit, ctx);
+ else
+#ifdef OPENSSL_NO_EC2M
+ {
+ ECerr(EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP,
+ EC_R_GF2M_NOT_SUPPORTED);
+ return 0;
+ }
+#else
+ return ec_GF2m_simple_set_compressed_coordinates(group, point, x,
+ y_bit, ctx);
+#endif
+ }
+ return group->meth->point_set_compressed_coordinates(group, point, x,
+ y_bit, ctx);
+}
+
+#ifndef OPENSSL_NO_EC2M
+int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group,
+ EC_POINT *point, const BIGNUM *x,
+ int y_bit, BN_CTX *ctx)
+{
+ if (group->meth->point_set_compressed_coordinates == 0
+ && !(group->meth->flags & EC_FLAGS_DEFAULT_OCT)) {
+ ECerr(EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GF2M,
+ ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ return 0;
+ }
+ if (group->meth != point->meth) {
+ ECerr(EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GF2M,
+ EC_R_INCOMPATIBLE_OBJECTS);
+ return 0;
+ }
+ if (group->meth->flags & EC_FLAGS_DEFAULT_OCT) {
+ if (group->meth->field_type == NID_X9_62_prime_field)
+ return ec_GFp_simple_set_compressed_coordinates(group, point, x,
+ y_bit, ctx);
+ else
+ return ec_GF2m_simple_set_compressed_coordinates(group, point, x,
+ y_bit, ctx);
+ }
+ return group->meth->point_set_compressed_coordinates(group, point, x,
+ y_bit, ctx);
+}
+#endif
+
+size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *point,
+ point_conversion_form_t form, unsigned char *buf,
+ size_t len, BN_CTX *ctx)
+{
+ if (group->meth->point2oct == 0
+ && !(group->meth->flags & EC_FLAGS_DEFAULT_OCT)) {
+ ECerr(EC_F_EC_POINT_POINT2OCT, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ return 0;
+ }
+ if (group->meth != point->meth) {
+ ECerr(EC_F_EC_POINT_POINT2OCT, EC_R_INCOMPATIBLE_OBJECTS);
+ return 0;
+ }
+ if (group->meth->flags & EC_FLAGS_DEFAULT_OCT) {
+ if (group->meth->field_type == NID_X9_62_prime_field)
+ return ec_GFp_simple_point2oct(group, point, form, buf, len, ctx);
+ else
+#ifdef OPENSSL_NO_EC2M
+ {
+ ECerr(EC_F_EC_POINT_POINT2OCT, EC_R_GF2M_NOT_SUPPORTED);
+ return 0;
+ }
+#else
+ return ec_GF2m_simple_point2oct(group, point,
+ form, buf, len, ctx);
+#endif
+ }
+
+ return group->meth->point2oct(group, point, form, buf, len, ctx);
+}
+
+int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *point,
+ const unsigned char *buf, size_t len, BN_CTX *ctx)
+{
+ if (group->meth->oct2point == 0
+ && !(group->meth->flags & EC_FLAGS_DEFAULT_OCT)) {
+ ECerr(EC_F_EC_POINT_OCT2POINT, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ return 0;
+ }
+ if (group->meth != point->meth) {
+ ECerr(EC_F_EC_POINT_OCT2POINT, EC_R_INCOMPATIBLE_OBJECTS);
+ return 0;
+ }
+ if (group->meth->flags & EC_FLAGS_DEFAULT_OCT) {
+ if (group->meth->field_type == NID_X9_62_prime_field)
+ return ec_GFp_simple_oct2point(group, point, buf, len, ctx);
+ else
+#ifdef OPENSSL_NO_EC2M
+ {
+ ECerr(EC_F_EC_POINT_OCT2POINT, EC_R_GF2M_NOT_SUPPORTED);
+ return 0;
+ }
+#else
+ return ec_GF2m_simple_oct2point(group, point, buf, len, ctx);
+#endif
+ }
+ return group->meth->oct2point(group, point, buf, len, ctx);
+}
Copied: trunk/crypto/openssl/crypto/ec/ec_pmeth.c (from rev 7117, vendor-crypto/openssl/dist/crypto/ec/ec_pmeth.c)
===================================================================
--- trunk/crypto/openssl/crypto/ec/ec_pmeth.c (rev 0)
+++ trunk/crypto/openssl/crypto/ec/ec_pmeth.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,332 @@
+/*
+ * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+ * 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/x509.h>
+#include <openssl/ec.h>
+#include <openssl/ecdsa.h>
+#include <openssl/evp.h>
+#include "evp_locl.h"
+
+/* EC pkey context structure */
+
+typedef struct {
+ /* Key and paramgen group */
+ EC_GROUP *gen_group;
+ /* message digest */
+ const EVP_MD *md;
+} EC_PKEY_CTX;
+
+static int pkey_ec_init(EVP_PKEY_CTX *ctx)
+{
+ EC_PKEY_CTX *dctx;
+ dctx = OPENSSL_malloc(sizeof(EC_PKEY_CTX));
+ if (!dctx)
+ return 0;
+ dctx->gen_group = NULL;
+ dctx->md = NULL;
+
+ ctx->data = dctx;
+
+ return 1;
+}
+
+static int pkey_ec_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
+{
+ EC_PKEY_CTX *dctx, *sctx;
+ if (!pkey_ec_init(dst))
+ return 0;
+ sctx = src->data;
+ dctx = dst->data;
+ if (sctx->gen_group) {
+ dctx->gen_group = EC_GROUP_dup(sctx->gen_group);
+ if (!dctx->gen_group)
+ return 0;
+ }
+ dctx->md = sctx->md;
+ return 1;
+}
+
+static void pkey_ec_cleanup(EVP_PKEY_CTX *ctx)
+{
+ EC_PKEY_CTX *dctx = ctx->data;
+ if (dctx) {
+ if (dctx->gen_group)
+ EC_GROUP_free(dctx->gen_group);
+ OPENSSL_free(dctx);
+ }
+}
+
+static int pkey_ec_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+ const unsigned char *tbs, size_t tbslen)
+{
+ int ret, type;
+ unsigned int sltmp;
+ EC_PKEY_CTX *dctx = ctx->data;
+ EC_KEY *ec = ctx->pkey->pkey.ec;
+
+ if (!sig) {
+ *siglen = ECDSA_size(ec);
+ return 1;
+ } else if (*siglen < (size_t)ECDSA_size(ec)) {
+ ECerr(EC_F_PKEY_EC_SIGN, EC_R_BUFFER_TOO_SMALL);
+ return 0;
+ }
+
+ if (dctx->md)
+ type = EVP_MD_type(dctx->md);
+ else
+ type = NID_sha1;
+
+ ret = ECDSA_sign(type, tbs, tbslen, sig, &sltmp, ec);
+
+ if (ret <= 0)
+ return ret;
+ *siglen = (size_t)sltmp;
+ return 1;
+}
+
+static int pkey_ec_verify(EVP_PKEY_CTX *ctx,
+ const unsigned char *sig, size_t siglen,
+ const unsigned char *tbs, size_t tbslen)
+{
+ int ret, type;
+ EC_PKEY_CTX *dctx = ctx->data;
+ EC_KEY *ec = ctx->pkey->pkey.ec;
+
+ if (dctx->md)
+ type = EVP_MD_type(dctx->md);
+ else
+ type = NID_sha1;
+
+ ret = ECDSA_verify(type, tbs, tbslen, sig, siglen, ec);
+
+ return ret;
+}
+
+#ifndef OPENSSL_NO_ECDH
+static int pkey_ec_derive(EVP_PKEY_CTX *ctx, unsigned char *key,
+ size_t *keylen)
+{
+ int ret;
+ size_t outlen;
+ const EC_POINT *pubkey = NULL;
+ if (!ctx->pkey || !ctx->peerkey) {
+ ECerr(EC_F_PKEY_EC_DERIVE, EC_R_KEYS_NOT_SET);
+ return 0;
+ }
+
+ if (!key) {
+ const EC_GROUP *group;
+ group = EC_KEY_get0_group(ctx->pkey->pkey.ec);
+ *keylen = (EC_GROUP_get_degree(group) + 7) / 8;
+ return 1;
+ }
+
+ pubkey = EC_KEY_get0_public_key(ctx->peerkey->pkey.ec);
+
+ /*
+ * NB: unlike PKCS#3 DH, if *outlen is less than maximum size this is not
+ * an error, the result is truncated.
+ */
+
+ outlen = *keylen;
+
+ ret = ECDH_compute_key(key, outlen, pubkey, ctx->pkey->pkey.ec, 0);
+ if (ret < 0)
+ return ret;
+ *keylen = ret;
+ return 1;
+}
+#endif
+
+static int pkey_ec_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
+{
+ EC_PKEY_CTX *dctx = ctx->data;
+ EC_GROUP *group;
+ switch (type) {
+ case EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID:
+ group = EC_GROUP_new_by_curve_name(p1);
+ if (group == NULL) {
+ ECerr(EC_F_PKEY_EC_CTRL, EC_R_INVALID_CURVE);
+ return 0;
+ }
+ if (dctx->gen_group)
+ EC_GROUP_free(dctx->gen_group);
+ dctx->gen_group = group;
+ return 1;
+
+ case EVP_PKEY_CTRL_MD:
+ if (EVP_MD_type((const EVP_MD *)p2) != NID_sha1 &&
+ EVP_MD_type((const EVP_MD *)p2) != NID_ecdsa_with_SHA1 &&
+ EVP_MD_type((const EVP_MD *)p2) != NID_sha224 &&
+ EVP_MD_type((const EVP_MD *)p2) != NID_sha256 &&
+ EVP_MD_type((const EVP_MD *)p2) != NID_sha384 &&
+ EVP_MD_type((const EVP_MD *)p2) != NID_sha512) {
+ ECerr(EC_F_PKEY_EC_CTRL, EC_R_INVALID_DIGEST_TYPE);
+ return 0;
+ }
+ dctx->md = p2;
+ return 1;
+
+ case EVP_PKEY_CTRL_PEER_KEY:
+ /* Default behaviour is OK */
+ case EVP_PKEY_CTRL_DIGESTINIT:
+ case EVP_PKEY_CTRL_PKCS7_SIGN:
+ case EVP_PKEY_CTRL_CMS_SIGN:
+ return 1;
+
+ default:
+ return -2;
+
+ }
+}
+
+static int pkey_ec_ctrl_str(EVP_PKEY_CTX *ctx,
+ const char *type, const char *value)
+{
+ if (!strcmp(type, "ec_paramgen_curve")) {
+ int nid;
+ nid = OBJ_sn2nid(value);
+ if (nid == NID_undef)
+ nid = OBJ_ln2nid(value);
+ if (nid == NID_undef) {
+ ECerr(EC_F_PKEY_EC_CTRL_STR, EC_R_INVALID_CURVE);
+ return 0;
+ }
+ return EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx, nid);
+ }
+ return -2;
+}
+
+static int pkey_ec_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
+{
+ EC_KEY *ec = NULL;
+ EC_PKEY_CTX *dctx = ctx->data;
+ int ret = 0;
+ if (dctx->gen_group == NULL) {
+ ECerr(EC_F_PKEY_EC_PARAMGEN, EC_R_NO_PARAMETERS_SET);
+ return 0;
+ }
+ ec = EC_KEY_new();
+ if (!ec)
+ return 0;
+ ret = EC_KEY_set_group(ec, dctx->gen_group);
+ if (ret)
+ EVP_PKEY_assign_EC_KEY(pkey, ec);
+ else
+ EC_KEY_free(ec);
+ return ret;
+}
+
+static int pkey_ec_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
+{
+ EC_KEY *ec = NULL;
+ if (ctx->pkey == NULL) {
+ ECerr(EC_F_PKEY_EC_KEYGEN, EC_R_NO_PARAMETERS_SET);
+ return 0;
+ }
+ ec = EC_KEY_new();
+ if (!ec)
+ return 0;
+ EVP_PKEY_assign_EC_KEY(pkey, ec);
+ /* Note: if error return, pkey is freed by parent routine */
+ if (!EVP_PKEY_copy_parameters(pkey, ctx->pkey))
+ return 0;
+ return EC_KEY_generate_key(pkey->pkey.ec);
+}
+
+const EVP_PKEY_METHOD ec_pkey_meth = {
+ EVP_PKEY_EC,
+ 0,
+ pkey_ec_init,
+ pkey_ec_copy,
+ pkey_ec_cleanup,
+
+ 0,
+ pkey_ec_paramgen,
+
+ 0,
+ pkey_ec_keygen,
+
+ 0,
+ pkey_ec_sign,
+
+ 0,
+ pkey_ec_verify,
+
+ 0, 0,
+
+ 0, 0, 0, 0,
+
+ 0, 0,
+
+ 0, 0,
+
+ 0,
+#ifndef OPENSSL_NO_ECDH
+ pkey_ec_derive,
+#else
+ 0,
+#endif
+
+ pkey_ec_ctrl,
+ pkey_ec_ctrl_str
+};
Copied: trunk/crypto/openssl/crypto/ec/eck_prn.c (from rev 7117, vendor-crypto/openssl/dist/crypto/ec/eck_prn.c)
===================================================================
--- trunk/crypto/openssl/crypto/ec/eck_prn.c (rev 0)
+++ trunk/crypto/openssl/crypto/ec/eck_prn.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,369 @@
+/* crypto/ec/eck_prn.c */
+/*
+ * Written by Nils Larsch for the OpenSSL project.
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * Portions originally developed by SUN MICROSYSTEMS, INC., and
+ * contributed to the OpenSSL project.
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/evp.h>
+#include <openssl/ec.h>
+#include <openssl/bn.h>
+
+#ifndef OPENSSL_NO_FP_API
+int ECPKParameters_print_fp(FILE *fp, const EC_GROUP *x, int off)
+{
+ BIO *b;
+ int ret;
+
+ if ((b = BIO_new(BIO_s_file())) == NULL) {
+ ECerr(EC_F_ECPKPARAMETERS_PRINT_FP, ERR_R_BUF_LIB);
+ return (0);
+ }
+ BIO_set_fp(b, fp, BIO_NOCLOSE);
+ ret = ECPKParameters_print(b, x, off);
+ BIO_free(b);
+ return (ret);
+}
+
+int EC_KEY_print_fp(FILE *fp, const EC_KEY *x, int off)
+{
+ BIO *b;
+ int ret;
+
+ if ((b = BIO_new(BIO_s_file())) == NULL) {
+ ECerr(EC_F_EC_KEY_PRINT_FP, ERR_R_BIO_LIB);
+ return (0);
+ }
+ BIO_set_fp(b, fp, BIO_NOCLOSE);
+ ret = EC_KEY_print(b, x, off);
+ BIO_free(b);
+ return (ret);
+}
+
+int ECParameters_print_fp(FILE *fp, const EC_KEY *x)
+{
+ BIO *b;
+ int ret;
+
+ if ((b = BIO_new(BIO_s_file())) == NULL) {
+ ECerr(EC_F_ECPARAMETERS_PRINT_FP, ERR_R_BIO_LIB);
+ return (0);
+ }
+ BIO_set_fp(b, fp, BIO_NOCLOSE);
+ ret = ECParameters_print(b, x);
+ BIO_free(b);
+ return (ret);
+}
+#endif
+
+int EC_KEY_print(BIO *bp, const EC_KEY *x, int off)
+{
+ EVP_PKEY *pk;
+ int ret;
+ pk = EVP_PKEY_new();
+ if (!pk || !EVP_PKEY_set1_EC_KEY(pk, (EC_KEY *)x))
+ return 0;
+ ret = EVP_PKEY_print_private(bp, pk, off, NULL);
+ EVP_PKEY_free(pk);
+ return ret;
+}
+
+int ECParameters_print(BIO *bp, const EC_KEY *x)
+{
+ EVP_PKEY *pk;
+ int ret;
+ pk = EVP_PKEY_new();
+ if (!pk || !EVP_PKEY_set1_EC_KEY(pk, (EC_KEY *)x))
+ return 0;
+ ret = EVP_PKEY_print_params(bp, pk, 4, NULL);
+ EVP_PKEY_free(pk);
+ return ret;
+}
+
+static int print_bin(BIO *fp, const char *str, const unsigned char *num,
+ size_t len, int off);
+
+int ECPKParameters_print(BIO *bp, const EC_GROUP *x, int off)
+{
+ unsigned char *buffer = NULL;
+ size_t buf_len = 0, i;
+ int ret = 0, reason = ERR_R_BIO_LIB;
+ BN_CTX *ctx = NULL;
+ const EC_POINT *point = NULL;
+ BIGNUM *p = NULL, *a = NULL, *b = NULL, *gen = NULL,
+ *order = NULL, *cofactor = NULL;
+ const unsigned char *seed;
+ size_t seed_len = 0;
+
+ static const char *gen_compressed = "Generator (compressed):";
+ static const char *gen_uncompressed = "Generator (uncompressed):";
+ static const char *gen_hybrid = "Generator (hybrid):";
+
+ if (!x) {
+ reason = ERR_R_PASSED_NULL_PARAMETER;
+ goto err;
+ }
+
+ ctx = BN_CTX_new();
+ if (ctx == NULL) {
+ reason = ERR_R_MALLOC_FAILURE;
+ goto err;
+ }
+
+ if (EC_GROUP_get_asn1_flag(x)) {
+ /* the curve parameter are given by an asn1 OID */
+ int nid;
+
+ if (!BIO_indent(bp, off, 128))
+ goto err;
+
+ nid = EC_GROUP_get_curve_name(x);
+ if (nid == 0)
+ goto err;
+
+ if (BIO_printf(bp, "ASN1 OID: %s", OBJ_nid2sn(nid)) <= 0)
+ goto err;
+ if (BIO_printf(bp, "\n") <= 0)
+ goto err;
+ } else {
+ /* explicit parameters */
+ int is_char_two = 0;
+ point_conversion_form_t form;
+ int tmp_nid = EC_METHOD_get_field_type(EC_GROUP_method_of(x));
+
+ if (tmp_nid == NID_X9_62_characteristic_two_field)
+ is_char_two = 1;
+
+ if ((p = BN_new()) == NULL || (a = BN_new()) == NULL ||
+ (b = BN_new()) == NULL || (order = BN_new()) == NULL ||
+ (cofactor = BN_new()) == NULL) {
+ reason = ERR_R_MALLOC_FAILURE;
+ goto err;
+ }
+#ifndef OPENSSL_NO_EC2M
+ if (is_char_two) {
+ if (!EC_GROUP_get_curve_GF2m(x, p, a, b, ctx)) {
+ reason = ERR_R_EC_LIB;
+ goto err;
+ }
+ } else /* prime field */
+#endif
+ {
+ if (!EC_GROUP_get_curve_GFp(x, p, a, b, ctx)) {
+ reason = ERR_R_EC_LIB;
+ goto err;
+ }
+ }
+
+ if ((point = EC_GROUP_get0_generator(x)) == NULL) {
+ reason = ERR_R_EC_LIB;
+ goto err;
+ }
+ if (!EC_GROUP_get_order(x, order, NULL) ||
+ !EC_GROUP_get_cofactor(x, cofactor, NULL)) {
+ reason = ERR_R_EC_LIB;
+ goto err;
+ }
+
+ form = EC_GROUP_get_point_conversion_form(x);
+
+ if ((gen = EC_POINT_point2bn(x, point, form, NULL, ctx)) == NULL) {
+ reason = ERR_R_EC_LIB;
+ goto err;
+ }
+
+ buf_len = (size_t)BN_num_bytes(p);
+ if (buf_len < (i = (size_t)BN_num_bytes(a)))
+ buf_len = i;
+ if (buf_len < (i = (size_t)BN_num_bytes(b)))
+ buf_len = i;
+ if (buf_len < (i = (size_t)BN_num_bytes(gen)))
+ buf_len = i;
+ if (buf_len < (i = (size_t)BN_num_bytes(order)))
+ buf_len = i;
+ if (buf_len < (i = (size_t)BN_num_bytes(cofactor)))
+ buf_len = i;
+
+ if ((seed = EC_GROUP_get0_seed(x)) != NULL)
+ seed_len = EC_GROUP_get_seed_len(x);
+
+ buf_len += 10;
+ if ((buffer = OPENSSL_malloc(buf_len)) == NULL) {
+ reason = ERR_R_MALLOC_FAILURE;
+ goto err;
+ }
+
+ if (!BIO_indent(bp, off, 128))
+ goto err;
+
+ /* print the 'short name' of the field type */
+ if (BIO_printf(bp, "Field Type: %s\n", OBJ_nid2sn(tmp_nid))
+ <= 0)
+ goto err;
+
+ if (is_char_two) {
+ /* print the 'short name' of the base type OID */
+ int basis_type = EC_GROUP_get_basis_type(x);
+ if (basis_type == 0)
+ goto err;
+
+ if (!BIO_indent(bp, off, 128))
+ goto err;
+
+ if (BIO_printf(bp, "Basis Type: %s\n",
+ OBJ_nid2sn(basis_type)) <= 0)
+ goto err;
+
+ /* print the polynomial */
+ if ((p != NULL) && !ASN1_bn_print(bp, "Polynomial:", p, buffer,
+ off))
+ goto err;
+ } else {
+ if ((p != NULL) && !ASN1_bn_print(bp, "Prime:", p, buffer, off))
+ goto err;
+ }
+ if ((a != NULL) && !ASN1_bn_print(bp, "A: ", a, buffer, off))
+ goto err;
+ if ((b != NULL) && !ASN1_bn_print(bp, "B: ", b, buffer, off))
+ goto err;
+ if (form == POINT_CONVERSION_COMPRESSED) {
+ if ((gen != NULL) && !ASN1_bn_print(bp, gen_compressed, gen,
+ buffer, off))
+ goto err;
+ } else if (form == POINT_CONVERSION_UNCOMPRESSED) {
+ if ((gen != NULL) && !ASN1_bn_print(bp, gen_uncompressed, gen,
+ buffer, off))
+ goto err;
+ } else { /* form == POINT_CONVERSION_HYBRID */
+
+ if ((gen != NULL) && !ASN1_bn_print(bp, gen_hybrid, gen,
+ buffer, off))
+ goto err;
+ }
+ if ((order != NULL) && !ASN1_bn_print(bp, "Order: ", order,
+ buffer, off))
+ goto err;
+ if ((cofactor != NULL) && !ASN1_bn_print(bp, "Cofactor: ", cofactor,
+ buffer, off))
+ goto err;
+ if (seed && !print_bin(bp, "Seed:", seed, seed_len, off))
+ goto err;
+ }
+ ret = 1;
+ err:
+ if (!ret)
+ ECerr(EC_F_ECPKPARAMETERS_PRINT, reason);
+ if (p)
+ BN_free(p);
+ if (a)
+ BN_free(a);
+ if (b)
+ BN_free(b);
+ if (gen)
+ BN_free(gen);
+ if (order)
+ BN_free(order);
+ if (cofactor)
+ BN_free(cofactor);
+ if (ctx)
+ BN_CTX_free(ctx);
+ if (buffer != NULL)
+ OPENSSL_free(buffer);
+ return (ret);
+}
+
+static int print_bin(BIO *fp, const char *name, const unsigned char *buf,
+ size_t len, int off)
+{
+ size_t i;
+ char str[128];
+
+ if (buf == NULL)
+ return 1;
+ if (off > 0) {
+ if (off > 128)
+ off = 128;
+ memset(str, ' ', off);
+ if (BIO_write(fp, str, off) <= 0)
+ return 0;
+ } else {
+ off = 0;
+ }
+
+ if (BIO_printf(fp, "%s", name) <= 0)
+ return 0;
+
+ for (i = 0; i < len; i++) {
+ if ((i % 15) == 0) {
+ str[0] = '\n';
+ memset(&(str[1]), ' ', off + 4);
+ if (BIO_write(fp, str, off + 1 + 4) <= 0)
+ return 0;
+ }
+ if (BIO_printf(fp, "%02x%s", buf[i], ((i + 1) == len) ? "" : ":") <=
+ 0)
+ return 0;
+ }
+ if (BIO_write(fp, "\n", 1) <= 0)
+ return 0;
+
+ return 1;
+}
Modified: trunk/crypto/openssl/crypto/ec/ecp_mont.c
===================================================================
--- trunk/crypto/openssl/crypto/ec/ecp_mont.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/ec/ecp_mont.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -63,11 +63,16 @@
#include <openssl/err.h>
+#ifdef OPENSSL_FIPS
+# include <openssl/fips.h>
+#endif
+
#include "ec_lcl.h"
const EC_METHOD *EC_GFp_mont_method(void)
{
static const EC_METHOD ret = {
+ EC_FLAGS_DEFAULT_OCT,
NID_X9_62_prime_field,
ec_GFp_mont_group_init,
ec_GFp_mont_group_finish,
@@ -86,9 +91,7 @@
ec_GFp_simple_get_Jprojective_coordinates_GFp,
ec_GFp_simple_point_set_affine_coordinates,
ec_GFp_simple_point_get_affine_coordinates,
- ec_GFp_simple_set_compressed_coordinates,
- ec_GFp_simple_point2oct,
- ec_GFp_simple_oct2point,
+ 0, 0, 0,
ec_GFp_simple_add,
ec_GFp_simple_dbl,
ec_GFp_simple_invert,
@@ -108,6 +111,11 @@
ec_GFp_mont_field_set_to_one
};
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode())
+ return fips_ec_gfp_mont_method();
+#endif
+
return &ret;
}
Modified: trunk/crypto/openssl/crypto/ec/ecp_nist.c
===================================================================
--- trunk/crypto/openssl/crypto/ec/ecp_nist.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/ec/ecp_nist.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -67,9 +67,14 @@
#include <openssl/obj_mac.h>
#include "ec_lcl.h"
+#ifdef OPENSSL_FIPS
+# include <openssl/fips.h>
+#endif
+
const EC_METHOD *EC_GFp_nist_method(void)
{
static const EC_METHOD ret = {
+ EC_FLAGS_DEFAULT_OCT,
NID_X9_62_prime_field,
ec_GFp_simple_group_init,
ec_GFp_simple_group_finish,
@@ -88,9 +93,7 @@
ec_GFp_simple_get_Jprojective_coordinates_GFp,
ec_GFp_simple_point_set_affine_coordinates,
ec_GFp_simple_point_get_affine_coordinates,
- ec_GFp_simple_set_compressed_coordinates,
- ec_GFp_simple_point2oct,
- ec_GFp_simple_oct2point,
+ 0, 0, 0,
ec_GFp_simple_add,
ec_GFp_simple_dbl,
ec_GFp_simple_invert,
@@ -110,13 +113,14 @@
0 /* field_set_to_one */
};
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode())
+ return fips_ec_gfp_nist_method();
+#endif
+
return &ret;
}
-#if BN_BITS2 == 64
-# define NO_32_BIT_TYPE
-#endif
-
int ec_GFp_nist_group_copy(EC_GROUP *dest, const EC_GROUP *src)
{
dest->field_mod_func = src->field_mod_func;
@@ -141,32 +145,13 @@
if (BN_ucmp(BN_get0_nist_prime_192(), p) == 0)
group->field_mod_func = BN_nist_mod_192;
- else if (BN_ucmp(BN_get0_nist_prime_224(), p) == 0) {
-#ifndef NO_32_BIT_TYPE
+ else if (BN_ucmp(BN_get0_nist_prime_224(), p) == 0)
group->field_mod_func = BN_nist_mod_224;
-#else
- ECerr(EC_F_EC_GFP_NIST_GROUP_SET_CURVE,
- EC_R_NOT_A_SUPPORTED_NIST_PRIME);
- goto err;
-#endif
- } else if (BN_ucmp(BN_get0_nist_prime_256(), p) == 0) {
-#ifndef NO_32_BIT_TYPE
+ else if (BN_ucmp(BN_get0_nist_prime_256(), p) == 0)
group->field_mod_func = BN_nist_mod_256;
-#else
- ECerr(EC_F_EC_GFP_NIST_GROUP_SET_CURVE,
- EC_R_NOT_A_SUPPORTED_NIST_PRIME);
- goto err;
-#endif
- } else if (BN_ucmp(BN_get0_nist_prime_384(), p) == 0) {
-#ifndef NO_32_BIT_TYPE
+ else if (BN_ucmp(BN_get0_nist_prime_384(), p) == 0)
group->field_mod_func = BN_nist_mod_384;
-#else
- ECerr(EC_F_EC_GFP_NIST_GROUP_SET_CURVE,
- EC_R_NOT_A_SUPPORTED_NIST_PRIME);
- goto err;
-#endif
- } else if (BN_ucmp(BN_get0_nist_prime_521(), p) == 0)
- /* this one works in the NO_32_BIT_TYPE case */
+ else if (BN_ucmp(BN_get0_nist_prime_521(), p) == 0)
group->field_mod_func = BN_nist_mod_521;
else {
ECerr(EC_F_EC_GFP_NIST_GROUP_SET_CURVE, EC_R_NOT_A_NIST_PRIME);
Copied: trunk/crypto/openssl/crypto/ec/ecp_nistp224.c (from rev 7117, vendor-crypto/openssl/dist/crypto/ec/ecp_nistp224.c)
===================================================================
--- trunk/crypto/openssl/crypto/ec/ecp_nistp224.c (rev 0)
+++ trunk/crypto/openssl/crypto/ec/ecp_nistp224.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,1769 @@
+/* crypto/ec/ecp_nistp224.c */
+/*
+ * Written by Emilia Kasper (Google) for the OpenSSL project.
+ */
+/* Copyright 2011 Google Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ *
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/*
+ * A 64-bit implementation of the NIST P-224 elliptic curve point multiplication
+ *
+ * Inspired by Daniel J. Bernstein's public domain nistp224 implementation
+ * and Adam Langley's public domain 64-bit C implementation of curve25519
+ */
+
+#include <openssl/opensslconf.h>
+#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
+
+# ifndef OPENSSL_SYS_VMS
+# include <stdint.h>
+# else
+# include <inttypes.h>
+# endif
+
+# include <string.h>
+# include <openssl/err.h>
+# include "ec_lcl.h"
+
+# if defined(__GNUC__) && (__GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ >= 1))
+ /* even with gcc, the typedef won't work for 32-bit platforms */
+typedef __uint128_t uint128_t; /* nonstandard; implemented by gcc on 64-bit
+ * platforms */
+# else
+# error "Need GCC 3.1 or later to define type uint128_t"
+# endif
+
+typedef uint8_t u8;
+typedef uint64_t u64;
+typedef int64_t s64;
+
+/******************************************************************************/
+/*-
+ * INTERNAL REPRESENTATION OF FIELD ELEMENTS
+ *
+ * Field elements are represented as a_0 + 2^56*a_1 + 2^112*a_2 + 2^168*a_3
+ * using 64-bit coefficients called 'limbs',
+ * and sometimes (for multiplication results) as
+ * b_0 + 2^56*b_1 + 2^112*b_2 + 2^168*b_3 + 2^224*b_4 + 2^280*b_5 + 2^336*b_6
+ * using 128-bit coefficients called 'widelimbs'.
+ * A 4-limb representation is an 'felem';
+ * a 7-widelimb representation is a 'widefelem'.
+ * Even within felems, bits of adjacent limbs overlap, and we don't always
+ * reduce the representations: we ensure that inputs to each felem
+ * multiplication satisfy a_i < 2^60, so outputs satisfy b_i < 4*2^60*2^60,
+ * and fit into a 128-bit word without overflow. The coefficients are then
+ * again partially reduced to obtain an felem satisfying a_i < 2^57.
+ * We only reduce to the unique minimal representation at the end of the
+ * computation.
+ */
+
+typedef uint64_t limb;
+typedef uint128_t widelimb;
+
+typedef limb felem[4];
+typedef widelimb widefelem[7];
+
+/*
+ * Field element represented as a byte arrary. 28*8 = 224 bits is also the
+ * group order size for the elliptic curve, and we also use this type for
+ * scalars for point multiplication.
+ */
+typedef u8 felem_bytearray[28];
+
+static const felem_bytearray nistp224_curve_params[5] = {
+ {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, /* p */
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01},
+ {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, /* a */
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE},
+ {0xB4, 0x05, 0x0A, 0x85, 0x0C, 0x04, 0xB3, 0xAB, 0xF5, 0x41, /* b */
+ 0x32, 0x56, 0x50, 0x44, 0xB0, 0xB7, 0xD7, 0xBF, 0xD8, 0xBA,
+ 0x27, 0x0B, 0x39, 0x43, 0x23, 0x55, 0xFF, 0xB4},
+ {0xB7, 0x0E, 0x0C, 0xBD, 0x6B, 0xB4, 0xBF, 0x7F, 0x32, 0x13, /* x */
+ 0x90, 0xB9, 0x4A, 0x03, 0xC1, 0xD3, 0x56, 0xC2, 0x11, 0x22,
+ 0x34, 0x32, 0x80, 0xD6, 0x11, 0x5C, 0x1D, 0x21},
+ {0xbd, 0x37, 0x63, 0x88, 0xb5, 0xf7, 0x23, 0xfb, 0x4c, 0x22, /* y */
+ 0xdf, 0xe6, 0xcd, 0x43, 0x75, 0xa0, 0x5a, 0x07, 0x47, 0x64,
+ 0x44, 0xd5, 0x81, 0x99, 0x85, 0x00, 0x7e, 0x34}
+};
+
+/*-
+ * Precomputed multiples of the standard generator
+ * Points are given in coordinates (X, Y, Z) where Z normally is 1
+ * (0 for the point at infinity).
+ * For each field element, slice a_0 is word 0, etc.
+ *
+ * The table has 2 * 16 elements, starting with the following:
+ * index | bits | point
+ * ------+---------+------------------------------
+ * 0 | 0 0 0 0 | 0G
+ * 1 | 0 0 0 1 | 1G
+ * 2 | 0 0 1 0 | 2^56G
+ * 3 | 0 0 1 1 | (2^56 + 1)G
+ * 4 | 0 1 0 0 | 2^112G
+ * 5 | 0 1 0 1 | (2^112 + 1)G
+ * 6 | 0 1 1 0 | (2^112 + 2^56)G
+ * 7 | 0 1 1 1 | (2^112 + 2^56 + 1)G
+ * 8 | 1 0 0 0 | 2^168G
+ * 9 | 1 0 0 1 | (2^168 + 1)G
+ * 10 | 1 0 1 0 | (2^168 + 2^56)G
+ * 11 | 1 0 1 1 | (2^168 + 2^56 + 1)G
+ * 12 | 1 1 0 0 | (2^168 + 2^112)G
+ * 13 | 1 1 0 1 | (2^168 + 2^112 + 1)G
+ * 14 | 1 1 1 0 | (2^168 + 2^112 + 2^56)G
+ * 15 | 1 1 1 1 | (2^168 + 2^112 + 2^56 + 1)G
+ * followed by a copy of this with each element multiplied by 2^28.
+ *
+ * The reason for this is so that we can clock bits into four different
+ * locations when doing simple scalar multiplies against the base point,
+ * and then another four locations using the second 16 elements.
+ */
+static const felem gmul[2][16][3] = { {{{0, 0, 0, 0},
+ {0, 0, 0, 0},
+ {0, 0, 0, 0}},
+ {{0x3280d6115c1d21, 0xc1d356c2112234,
+ 0x7f321390b94a03, 0xb70e0cbd6bb4bf},
+ {0xd5819985007e34, 0x75a05a07476444,
+ 0xfb4c22dfe6cd43, 0xbd376388b5f723},
+ {1, 0, 0, 0}},
+ {{0xfd9675666ebbe9, 0xbca7664d40ce5e,
+ 0x2242df8d8a2a43, 0x1f49bbb0f99bc5},
+ {0x29e0b892dc9c43, 0xece8608436e662,
+ 0xdc858f185310d0, 0x9812dd4eb8d321},
+ {1, 0, 0, 0}},
+ {{0x6d3e678d5d8eb8, 0x559eed1cb362f1,
+ 0x16e9a3bbce8a3f, 0xeedcccd8c2a748},
+ {0xf19f90ed50266d, 0xabf2b4bf65f9df,
+ 0x313865468fafec, 0x5cb379ba910a17},
+ {1, 0, 0, 0}},
+ {{0x0641966cab26e3, 0x91fb2991fab0a0,
+ 0xefec27a4e13a0b, 0x0499aa8a5f8ebe},
+ {0x7510407766af5d, 0x84d929610d5450,
+ 0x81d77aae82f706, 0x6916f6d4338c5b},
+ {1, 0, 0, 0}},
+ {{0xea95ac3b1f15c6, 0x086000905e82d4,
+ 0xdd323ae4d1c8b1, 0x932b56be7685a3},
+ {0x9ef93dea25dbbf, 0x41665960f390f0,
+ 0xfdec76dbe2a8a7, 0x523e80f019062a},
+ {1, 0, 0, 0}},
+ {{0x822fdd26732c73, 0xa01c83531b5d0f,
+ 0x363f37347c1ba4, 0xc391b45c84725c},
+ {0xbbd5e1b2d6ad24, 0xddfbcde19dfaec,
+ 0xc393da7e222a7f, 0x1efb7890ede244},
+ {1, 0, 0, 0}},
+ {{0x4c9e90ca217da1, 0xd11beca79159bb,
+ 0xff8d33c2c98b7c, 0x2610b39409f849},
+ {0x44d1352ac64da0, 0xcdbb7b2c46b4fb,
+ 0x966c079b753c89, 0xfe67e4e820b112},
+ {1, 0, 0, 0}},
+ {{0xe28cae2df5312d, 0xc71b61d16f5c6e,
+ 0x79b7619a3e7c4c, 0x05c73240899b47},
+ {0x9f7f6382c73e3a, 0x18615165c56bda,
+ 0x641fab2116fd56, 0x72855882b08394},
+ {1, 0, 0, 0}},
+ {{0x0469182f161c09, 0x74a98ca8d00fb5,
+ 0xb89da93489a3e0, 0x41c98768fb0c1d},
+ {0xe5ea05fb32da81, 0x3dce9ffbca6855,
+ 0x1cfe2d3fbf59e6, 0x0e5e03408738a7},
+ {1, 0, 0, 0}},
+ {{0xdab22b2333e87f, 0x4430137a5dd2f6,
+ 0xe03ab9f738beb8, 0xcb0c5d0dc34f24},
+ {0x764a7df0c8fda5, 0x185ba5c3fa2044,
+ 0x9281d688bcbe50, 0xc40331df893881},
+ {1, 0, 0, 0}},
+ {{0xb89530796f0f60, 0xade92bd26909a3,
+ 0x1a0c83fb4884da, 0x1765bf22a5a984},
+ {0x772a9ee75db09e, 0x23bc6c67cec16f,
+ 0x4c1edba8b14e2f, 0xe2a215d9611369},
+ {1, 0, 0, 0}},
+ {{0x571e509fb5efb3, 0xade88696410552,
+ 0xc8ae85fada74fe, 0x6c7e4be83bbde3},
+ {0xff9f51160f4652, 0xb47ce2495a6539,
+ 0xa2946c53b582f4, 0x286d2db3ee9a60},
+ {1, 0, 0, 0}},
+ {{0x40bbd5081a44af, 0x0995183b13926c,
+ 0xbcefba6f47f6d0, 0x215619e9cc0057},
+ {0x8bc94d3b0df45e, 0xf11c54a3694f6f,
+ 0x8631b93cdfe8b5, 0xe7e3f4b0982db9},
+ {1, 0, 0, 0}},
+ {{0xb17048ab3e1c7b, 0xac38f36ff8a1d8,
+ 0x1c29819435d2c6, 0xc813132f4c07e9},
+ {0x2891425503b11f, 0x08781030579fea,
+ 0xf5426ba5cc9674, 0x1e28ebf18562bc},
+ {1, 0, 0, 0}},
+ {{0x9f31997cc864eb, 0x06cd91d28b5e4c,
+ 0xff17036691a973, 0xf1aef351497c58},
+ {0xdd1f2d600564ff, 0xdead073b1402db,
+ 0x74a684435bd693, 0xeea7471f962558},
+ {1, 0, 0, 0}}},
+{{{0, 0, 0, 0},
+ {0, 0, 0, 0},
+ {0, 0, 0, 0}},
+ {{0x9665266dddf554, 0x9613d78b60ef2d, 0xce27a34cdba417, 0xd35ab74d6afc31},
+ {0x85ccdd22deb15e, 0x2137e5783a6aab, 0xa141cffd8c93c6, 0x355a1830e90f2d},
+ {1, 0, 0, 0}},
+ {{0x1a494eadaade65, 0xd6da4da77fe53c, 0xe7992996abec86, 0x65c3553c6090e3},
+ {0xfa610b1fb09346, 0xf1c6540b8a4aaf, 0xc51a13ccd3cbab, 0x02995b1b18c28a},
+ {1, 0, 0, 0}},
+ {{0x7874568e7295ef, 0x86b419fbe38d04, 0xdc0690a7550d9a, 0xd3966a44beac33},
+ {0x2b7280ec29132f, 0xbeaa3b6a032df3, 0xdc7dd88ae41200, 0xd25e2513e3a100},
+ {1, 0, 0, 0}},
+ {{0x924857eb2efafd, 0xac2bce41223190, 0x8edaa1445553fc, 0x825800fd3562d5},
+ {0x8d79148ea96621, 0x23a01c3dd9ed8d, 0xaf8b219f9416b5, 0xd8db0cc277daea},
+ {1, 0, 0, 0}},
+ {{0x76a9c3b1a700f0, 0xe9acd29bc7e691, 0x69212d1a6b0327, 0x6322e97fe154be},
+ {0x469fc5465d62aa, 0x8d41ed18883b05, 0x1f8eae66c52b88, 0xe4fcbe9325be51},
+ {1, 0, 0, 0}},
+ {{0x825fdf583cac16, 0x020b857c7b023a, 0x683c17744b0165, 0x14ffd0a2daf2f1},
+ {0x323b36184218f9, 0x4944ec4e3b47d4, 0xc15b3080841acf, 0x0bced4b01a28bb},
+ {1, 0, 0, 0}},
+ {{0x92ac22230df5c4, 0x52f33b4063eda8, 0xcb3f19870c0c93, 0x40064f2ba65233},
+ {0xfe16f0924f8992, 0x012da25af5b517, 0x1a57bb24f723a6, 0x06f8bc76760def},
+ {1, 0, 0, 0}},
+ {{0x4a7084f7817cb9, 0xbcab0738ee9a78, 0x3ec11e11d9c326, 0xdc0fe90e0f1aae},
+ {0xcf639ea5f98390, 0x5c350aa22ffb74, 0x9afae98a4047b7, 0x956ec2d617fc45},
+ {1, 0, 0, 0}},
+ {{0x4306d648c1be6a, 0x9247cd8bc9a462, 0xf5595e377d2f2e, 0xbd1c3caff1a52e},
+ {0x045e14472409d0, 0x29f3e17078f773, 0x745a602b2d4f7d, 0x191837685cdfbb},
+ {1, 0, 0, 0}},
+ {{0x5b6ee254a8cb79, 0x4953433f5e7026, 0xe21faeb1d1def4, 0xc4c225785c09de},
+ {0x307ce7bba1e518, 0x31b125b1036db8, 0x47e91868839e8f, 0xc765866e33b9f3},
+ {1, 0, 0, 0}},
+ {{0x3bfece24f96906, 0x4794da641e5093, 0xde5df64f95db26, 0x297ecd89714b05},
+ {0x701bd3ebb2c3aa, 0x7073b4f53cb1d5, 0x13c5665658af16, 0x9895089d66fe58},
+ {1, 0, 0, 0}},
+ {{0x0fef05f78c4790, 0x2d773633b05d2e, 0x94229c3a951c94, 0xbbbd70df4911bb},
+ {0xb2c6963d2c1168, 0x105f47a72b0d73, 0x9fdf6111614080, 0x7b7e94b39e67b0},
+ {1, 0, 0, 0}},
+ {{0xad1a7d6efbe2b3, 0xf012482c0da69d, 0x6b3bdf12438345, 0x40d7558d7aa4d9},
+ {0x8a09fffb5c6d3d, 0x9a356e5d9ffd38, 0x5973f15f4f9b1c, 0xdcd5f59f63c3ea},
+ {1, 0, 0, 0}},
+ {{0xacf39f4c5ca7ab, 0x4c8071cc5fd737, 0xc64e3602cd1184, 0x0acd4644c9abba},
+ {0x6c011a36d8bf6e, 0xfecd87ba24e32a, 0x19f6f56574fad8, 0x050b204ced9405},
+ {1, 0, 0, 0}},
+ {{0xed4f1cae7d9a96, 0x5ceef7ad94c40a, 0x778e4a3bf3ef9b, 0x7405783dc3b55e},
+ {0x32477c61b6e8c6, 0xb46a97570f018b, 0x91176d0a7e95d1, 0x3df90fbc4c7d0e},
+ {1, 0, 0, 0}}}
+};
+
+/* Precomputation for the group generator. */
+typedef struct {
+ felem g_pre_comp[2][16][3];
+ int references;
+} NISTP224_PRE_COMP;
+
+const EC_METHOD *EC_GFp_nistp224_method(void)
+{
+ static const EC_METHOD ret = {
+ EC_FLAGS_DEFAULT_OCT,
+ NID_X9_62_prime_field,
+ ec_GFp_nistp224_group_init,
+ ec_GFp_simple_group_finish,
+ ec_GFp_simple_group_clear_finish,
+ ec_GFp_nist_group_copy,
+ ec_GFp_nistp224_group_set_curve,
+ ec_GFp_simple_group_get_curve,
+ ec_GFp_simple_group_get_degree,
+ ec_GFp_simple_group_check_discriminant,
+ ec_GFp_simple_point_init,
+ ec_GFp_simple_point_finish,
+ ec_GFp_simple_point_clear_finish,
+ ec_GFp_simple_point_copy,
+ ec_GFp_simple_point_set_to_infinity,
+ ec_GFp_simple_set_Jprojective_coordinates_GFp,
+ ec_GFp_simple_get_Jprojective_coordinates_GFp,
+ ec_GFp_simple_point_set_affine_coordinates,
+ ec_GFp_nistp224_point_get_affine_coordinates,
+ 0 /* point_set_compressed_coordinates */ ,
+ 0 /* point2oct */ ,
+ 0 /* oct2point */ ,
+ ec_GFp_simple_add,
+ ec_GFp_simple_dbl,
+ ec_GFp_simple_invert,
+ ec_GFp_simple_is_at_infinity,
+ ec_GFp_simple_is_on_curve,
+ ec_GFp_simple_cmp,
+ ec_GFp_simple_make_affine,
+ ec_GFp_simple_points_make_affine,
+ ec_GFp_nistp224_points_mul,
+ ec_GFp_nistp224_precompute_mult,
+ ec_GFp_nistp224_have_precompute_mult,
+ ec_GFp_nist_field_mul,
+ ec_GFp_nist_field_sqr,
+ 0 /* field_div */ ,
+ 0 /* field_encode */ ,
+ 0 /* field_decode */ ,
+ 0 /* field_set_to_one */
+ };
+
+ return &ret;
+}
+
+/*
+ * Helper functions to convert field elements to/from internal representation
+ */
+static void bin28_to_felem(felem out, const u8 in[28])
+{
+ out[0] = *((const uint64_t *)(in)) & 0x00ffffffffffffff;
+ out[1] = (*((const uint64_t *)(in + 7))) & 0x00ffffffffffffff;
+ out[2] = (*((const uint64_t *)(in + 14))) & 0x00ffffffffffffff;
+ out[3] = (*((const uint64_t *)(in+20))) >> 8;
+}
+
+static void felem_to_bin28(u8 out[28], const felem in)
+{
+ unsigned i;
+ for (i = 0; i < 7; ++i) {
+ out[i] = in[0] >> (8 * i);
+ out[i + 7] = in[1] >> (8 * i);
+ out[i + 14] = in[2] >> (8 * i);
+ out[i + 21] = in[3] >> (8 * i);
+ }
+}
+
+/* To preserve endianness when using BN_bn2bin and BN_bin2bn */
+static void flip_endian(u8 *out, const u8 *in, unsigned len)
+{
+ unsigned i;
+ for (i = 0; i < len; ++i)
+ out[i] = in[len - 1 - i];
+}
+
+/* From OpenSSL BIGNUM to internal representation */
+static int BN_to_felem(felem out, const BIGNUM *bn)
+{
+ felem_bytearray b_in;
+ felem_bytearray b_out;
+ unsigned num_bytes;
+
+ /* BN_bn2bin eats leading zeroes */
+ memset(b_out, 0, sizeof b_out);
+ num_bytes = BN_num_bytes(bn);
+ if (num_bytes > sizeof b_out) {
+ ECerr(EC_F_BN_TO_FELEM, EC_R_BIGNUM_OUT_OF_RANGE);
+ return 0;
+ }
+ if (BN_is_negative(bn)) {
+ ECerr(EC_F_BN_TO_FELEM, EC_R_BIGNUM_OUT_OF_RANGE);
+ return 0;
+ }
+ num_bytes = BN_bn2bin(bn, b_in);
+ flip_endian(b_out, b_in, num_bytes);
+ bin28_to_felem(out, b_out);
+ return 1;
+}
+
+/* From internal representation to OpenSSL BIGNUM */
+static BIGNUM *felem_to_BN(BIGNUM *out, const felem in)
+{
+ felem_bytearray b_in, b_out;
+ felem_to_bin28(b_in, in);
+ flip_endian(b_out, b_in, sizeof b_out);
+ return BN_bin2bn(b_out, sizeof b_out, out);
+}
+
+/******************************************************************************/
+/*-
+ * FIELD OPERATIONS
+ *
+ * Field operations, using the internal representation of field elements.
+ * NB! These operations are specific to our point multiplication and cannot be
+ * expected to be correct in general - e.g., multiplication with a large scalar
+ * will cause an overflow.
+ *
+ */
+
+static void felem_one(felem out)
+{
+ out[0] = 1;
+ out[1] = 0;
+ out[2] = 0;
+ out[3] = 0;
+}
+
+static void felem_assign(felem out, const felem in)
+{
+ out[0] = in[0];
+ out[1] = in[1];
+ out[2] = in[2];
+ out[3] = in[3];
+}
+
+/* Sum two field elements: out += in */
+static void felem_sum(felem out, const felem in)
+{
+ out[0] += in[0];
+ out[1] += in[1];
+ out[2] += in[2];
+ out[3] += in[3];
+}
+
+/* Get negative value: out = -in */
+/* Assumes in[i] < 2^57 */
+static void felem_neg(felem out, const felem in)
+{
+ static const limb two58p2 = (((limb) 1) << 58) + (((limb) 1) << 2);
+ static const limb two58m2 = (((limb) 1) << 58) - (((limb) 1) << 2);
+ static const limb two58m42m2 = (((limb) 1) << 58) -
+ (((limb) 1) << 42) - (((limb) 1) << 2);
+
+ /* Set to 0 mod 2^224-2^96+1 to ensure out > in */
+ out[0] = two58p2 - in[0];
+ out[1] = two58m42m2 - in[1];
+ out[2] = two58m2 - in[2];
+ out[3] = two58m2 - in[3];
+}
+
+/* Subtract field elements: out -= in */
+/* Assumes in[i] < 2^57 */
+static void felem_diff(felem out, const felem in)
+{
+ static const limb two58p2 = (((limb) 1) << 58) + (((limb) 1) << 2);
+ static const limb two58m2 = (((limb) 1) << 58) - (((limb) 1) << 2);
+ static const limb two58m42m2 = (((limb) 1) << 58) -
+ (((limb) 1) << 42) - (((limb) 1) << 2);
+
+ /* Add 0 mod 2^224-2^96+1 to ensure out > in */
+ out[0] += two58p2;
+ out[1] += two58m42m2;
+ out[2] += two58m2;
+ out[3] += two58m2;
+
+ out[0] -= in[0];
+ out[1] -= in[1];
+ out[2] -= in[2];
+ out[3] -= in[3];
+}
+
+/* Subtract in unreduced 128-bit mode: out -= in */
+/* Assumes in[i] < 2^119 */
+static void widefelem_diff(widefelem out, const widefelem in)
+{
+ static const widelimb two120 = ((widelimb) 1) << 120;
+ static const widelimb two120m64 = (((widelimb) 1) << 120) -
+ (((widelimb) 1) << 64);
+ static const widelimb two120m104m64 = (((widelimb) 1) << 120) -
+ (((widelimb) 1) << 104) - (((widelimb) 1) << 64);
+
+ /* Add 0 mod 2^224-2^96+1 to ensure out > in */
+ out[0] += two120;
+ out[1] += two120m64;
+ out[2] += two120m64;
+ out[3] += two120;
+ out[4] += two120m104m64;
+ out[5] += two120m64;
+ out[6] += two120m64;
+
+ out[0] -= in[0];
+ out[1] -= in[1];
+ out[2] -= in[2];
+ out[3] -= in[3];
+ out[4] -= in[4];
+ out[5] -= in[5];
+ out[6] -= in[6];
+}
+
+/* Subtract in mixed mode: out128 -= in64 */
+/* in[i] < 2^63 */
+static void felem_diff_128_64(widefelem out, const felem in)
+{
+ static const widelimb two64p8 = (((widelimb) 1) << 64) +
+ (((widelimb) 1) << 8);
+ static const widelimb two64m8 = (((widelimb) 1) << 64) -
+ (((widelimb) 1) << 8);
+ static const widelimb two64m48m8 = (((widelimb) 1) << 64) -
+ (((widelimb) 1) << 48) - (((widelimb) 1) << 8);
+
+ /* Add 0 mod 2^224-2^96+1 to ensure out > in */
+ out[0] += two64p8;
+ out[1] += two64m48m8;
+ out[2] += two64m8;
+ out[3] += two64m8;
+
+ out[0] -= in[0];
+ out[1] -= in[1];
+ out[2] -= in[2];
+ out[3] -= in[3];
+}
+
+/*
+ * Multiply a field element by a scalar: out = out * scalar The scalars we
+ * actually use are small, so results fit without overflow
+ */
+static void felem_scalar(felem out, const limb scalar)
+{
+ out[0] *= scalar;
+ out[1] *= scalar;
+ out[2] *= scalar;
+ out[3] *= scalar;
+}
+
+/*
+ * Multiply an unreduced field element by a scalar: out = out * scalar The
+ * scalars we actually use are small, so results fit without overflow
+ */
+static void widefelem_scalar(widefelem out, const widelimb scalar)
+{
+ out[0] *= scalar;
+ out[1] *= scalar;
+ out[2] *= scalar;
+ out[3] *= scalar;
+ out[4] *= scalar;
+ out[5] *= scalar;
+ out[6] *= scalar;
+}
+
+/* Square a field element: out = in^2 */
+static void felem_square(widefelem out, const felem in)
+{
+ limb tmp0, tmp1, tmp2;
+ tmp0 = 2 * in[0];
+ tmp1 = 2 * in[1];
+ tmp2 = 2 * in[2];
+ out[0] = ((widelimb) in[0]) * in[0];
+ out[1] = ((widelimb) in[0]) * tmp1;
+ out[2] = ((widelimb) in[0]) * tmp2 + ((widelimb) in[1]) * in[1];
+ out[3] = ((widelimb) in[3]) * tmp0 + ((widelimb) in[1]) * tmp2;
+ out[4] = ((widelimb) in[3]) * tmp1 + ((widelimb) in[2]) * in[2];
+ out[5] = ((widelimb) in[3]) * tmp2;
+ out[6] = ((widelimb) in[3]) * in[3];
+}
+
+/* Multiply two field elements: out = in1 * in2 */
+static void felem_mul(widefelem out, const felem in1, const felem in2)
+{
+ out[0] = ((widelimb) in1[0]) * in2[0];
+ out[1] = ((widelimb) in1[0]) * in2[1] + ((widelimb) in1[1]) * in2[0];
+ out[2] = ((widelimb) in1[0]) * in2[2] + ((widelimb) in1[1]) * in2[1] +
+ ((widelimb) in1[2]) * in2[0];
+ out[3] = ((widelimb) in1[0]) * in2[3] + ((widelimb) in1[1]) * in2[2] +
+ ((widelimb) in1[2]) * in2[1] + ((widelimb) in1[3]) * in2[0];
+ out[4] = ((widelimb) in1[1]) * in2[3] + ((widelimb) in1[2]) * in2[2] +
+ ((widelimb) in1[3]) * in2[1];
+ out[5] = ((widelimb) in1[2]) * in2[3] + ((widelimb) in1[3]) * in2[2];
+ out[6] = ((widelimb) in1[3]) * in2[3];
+}
+
+/*-
+ * Reduce seven 128-bit coefficients to four 64-bit coefficients.
+ * Requires in[i] < 2^126,
+ * ensures out[0] < 2^56, out[1] < 2^56, out[2] < 2^56, out[3] <= 2^56 + 2^16 */
+static void felem_reduce(felem out, const widefelem in)
+{
+ static const widelimb two127p15 = (((widelimb) 1) << 127) +
+ (((widelimb) 1) << 15);
+ static const widelimb two127m71 = (((widelimb) 1) << 127) -
+ (((widelimb) 1) << 71);
+ static const widelimb two127m71m55 = (((widelimb) 1) << 127) -
+ (((widelimb) 1) << 71) - (((widelimb) 1) << 55);
+ widelimb output[5];
+
+ /* Add 0 mod 2^224-2^96+1 to ensure all differences are positive */
+ output[0] = in[0] + two127p15;
+ output[1] = in[1] + two127m71m55;
+ output[2] = in[2] + two127m71;
+ output[3] = in[3];
+ output[4] = in[4];
+
+ /* Eliminate in[4], in[5], in[6] */
+ output[4] += in[6] >> 16;
+ output[3] += (in[6] & 0xffff) << 40;
+ output[2] -= in[6];
+
+ output[3] += in[5] >> 16;
+ output[2] += (in[5] & 0xffff) << 40;
+ output[1] -= in[5];
+
+ output[2] += output[4] >> 16;
+ output[1] += (output[4] & 0xffff) << 40;
+ output[0] -= output[4];
+
+ /* Carry 2 -> 3 -> 4 */
+ output[3] += output[2] >> 56;
+ output[2] &= 0x00ffffffffffffff;
+
+ output[4] = output[3] >> 56;
+ output[3] &= 0x00ffffffffffffff;
+
+ /* Now output[2] < 2^56, output[3] < 2^56, output[4] < 2^72 */
+
+ /* Eliminate output[4] */
+ output[2] += output[4] >> 16;
+ /* output[2] < 2^56 + 2^56 = 2^57 */
+ output[1] += (output[4] & 0xffff) << 40;
+ output[0] -= output[4];
+
+ /* Carry 0 -> 1 -> 2 -> 3 */
+ output[1] += output[0] >> 56;
+ out[0] = output[0] & 0x00ffffffffffffff;
+
+ output[2] += output[1] >> 56;
+ /* output[2] < 2^57 + 2^72 */
+ out[1] = output[1] & 0x00ffffffffffffff;
+ output[3] += output[2] >> 56;
+ /* output[3] <= 2^56 + 2^16 */
+ out[2] = output[2] & 0x00ffffffffffffff;
+
+ /*-
+ * out[0] < 2^56, out[1] < 2^56, out[2] < 2^56,
+ * out[3] <= 2^56 + 2^16 (due to final carry),
+ * so out < 2*p
+ */
+ out[3] = output[3];
+}
+
+static void felem_square_reduce(felem out, const felem in)
+{
+ widefelem tmp;
+ felem_square(tmp, in);
+ felem_reduce(out, tmp);
+}
+
+static void felem_mul_reduce(felem out, const felem in1, const felem in2)
+{
+ widefelem tmp;
+ felem_mul(tmp, in1, in2);
+ felem_reduce(out, tmp);
+}
+
+/*
+ * Reduce to unique minimal representation. Requires 0 <= in < 2*p (always
+ * call felem_reduce first)
+ */
+static void felem_contract(felem out, const felem in)
+{
+ static const int64_t two56 = ((limb) 1) << 56;
+ /* 0 <= in < 2*p, p = 2^224 - 2^96 + 1 */
+ /* if in > p , reduce in = in - 2^224 + 2^96 - 1 */
+ int64_t tmp[4], a;
+ tmp[0] = in[0];
+ tmp[1] = in[1];
+ tmp[2] = in[2];
+ tmp[3] = in[3];
+ /* Case 1: a = 1 iff in >= 2^224 */
+ a = (in[3] >> 56);
+ tmp[0] -= a;
+ tmp[1] += a << 40;
+ tmp[3] &= 0x00ffffffffffffff;
+ /*
+ * Case 2: a = 0 iff p <= in < 2^224, i.e., the high 128 bits are all 1
+ * and the lower part is non-zero
+ */
+ a = ((in[3] & in[2] & (in[1] | 0x000000ffffffffff)) + 1) |
+ (((int64_t) (in[0] + (in[1] & 0x000000ffffffffff)) - 1) >> 63);
+ a &= 0x00ffffffffffffff;
+ /* turn a into an all-one mask (if a = 0) or an all-zero mask */
+ a = (a - 1) >> 63;
+ /* subtract 2^224 - 2^96 + 1 if a is all-one */
+ tmp[3] &= a ^ 0xffffffffffffffff;
+ tmp[2] &= a ^ 0xffffffffffffffff;
+ tmp[1] &= (a ^ 0xffffffffffffffff) | 0x000000ffffffffff;
+ tmp[0] -= 1 & a;
+
+ /*
+ * eliminate negative coefficients: if tmp[0] is negative, tmp[1] must be
+ * non-zero, so we only need one step
+ */
+ a = tmp[0] >> 63;
+ tmp[0] += two56 & a;
+ tmp[1] -= 1 & a;
+
+ /* carry 1 -> 2 -> 3 */
+ tmp[2] += tmp[1] >> 56;
+ tmp[1] &= 0x00ffffffffffffff;
+
+ tmp[3] += tmp[2] >> 56;
+ tmp[2] &= 0x00ffffffffffffff;
+
+ /* Now 0 <= out < p */
+ out[0] = tmp[0];
+ out[1] = tmp[1];
+ out[2] = tmp[2];
+ out[3] = tmp[3];
+}
+
+/*
+ * Zero-check: returns 1 if input is 0, and 0 otherwise. We know that field
+ * elements are reduced to in < 2^225, so we only need to check three cases:
+ * 0, 2^224 - 2^96 + 1, and 2^225 - 2^97 + 2
+ */
+static limb felem_is_zero(const felem in)
+{
+ limb zero, two224m96p1, two225m97p2;
+
+ zero = in[0] | in[1] | in[2] | in[3];
+ zero = (((int64_t) (zero) - 1) >> 63) & 1;
+ two224m96p1 = (in[0] ^ 1) | (in[1] ^ 0x00ffff0000000000)
+ | (in[2] ^ 0x00ffffffffffffff) | (in[3] ^ 0x00ffffffffffffff);
+ two224m96p1 = (((int64_t) (two224m96p1) - 1) >> 63) & 1;
+ two225m97p2 = (in[0] ^ 2) | (in[1] ^ 0x00fffe0000000000)
+ | (in[2] ^ 0x00ffffffffffffff) | (in[3] ^ 0x01ffffffffffffff);
+ two225m97p2 = (((int64_t) (two225m97p2) - 1) >> 63) & 1;
+ return (zero | two224m96p1 | two225m97p2);
+}
+
+static limb felem_is_zero_int(const felem in)
+{
+ return (int)(felem_is_zero(in) & ((limb) 1));
+}
+
+/* Invert a field element */
+/* Computation chain copied from djb's code */
+static void felem_inv(felem out, const felem in)
+{
+ felem ftmp, ftmp2, ftmp3, ftmp4;
+ widefelem tmp;
+ unsigned i;
+
+ felem_square(tmp, in);
+ felem_reduce(ftmp, tmp); /* 2 */
+ felem_mul(tmp, in, ftmp);
+ felem_reduce(ftmp, tmp); /* 2^2 - 1 */
+ felem_square(tmp, ftmp);
+ felem_reduce(ftmp, tmp); /* 2^3 - 2 */
+ felem_mul(tmp, in, ftmp);
+ felem_reduce(ftmp, tmp); /* 2^3 - 1 */
+ felem_square(tmp, ftmp);
+ felem_reduce(ftmp2, tmp); /* 2^4 - 2 */
+ felem_square(tmp, ftmp2);
+ felem_reduce(ftmp2, tmp); /* 2^5 - 4 */
+ felem_square(tmp, ftmp2);
+ felem_reduce(ftmp2, tmp); /* 2^6 - 8 */
+ felem_mul(tmp, ftmp2, ftmp);
+ felem_reduce(ftmp, tmp); /* 2^6 - 1 */
+ felem_square(tmp, ftmp);
+ felem_reduce(ftmp2, tmp); /* 2^7 - 2 */
+ for (i = 0; i < 5; ++i) { /* 2^12 - 2^6 */
+ felem_square(tmp, ftmp2);
+ felem_reduce(ftmp2, tmp);
+ }
+ felem_mul(tmp, ftmp2, ftmp);
+ felem_reduce(ftmp2, tmp); /* 2^12 - 1 */
+ felem_square(tmp, ftmp2);
+ felem_reduce(ftmp3, tmp); /* 2^13 - 2 */
+ for (i = 0; i < 11; ++i) { /* 2^24 - 2^12 */
+ felem_square(tmp, ftmp3);
+ felem_reduce(ftmp3, tmp);
+ }
+ felem_mul(tmp, ftmp3, ftmp2);
+ felem_reduce(ftmp2, tmp); /* 2^24 - 1 */
+ felem_square(tmp, ftmp2);
+ felem_reduce(ftmp3, tmp); /* 2^25 - 2 */
+ for (i = 0; i < 23; ++i) { /* 2^48 - 2^24 */
+ felem_square(tmp, ftmp3);
+ felem_reduce(ftmp3, tmp);
+ }
+ felem_mul(tmp, ftmp3, ftmp2);
+ felem_reduce(ftmp3, tmp); /* 2^48 - 1 */
+ felem_square(tmp, ftmp3);
+ felem_reduce(ftmp4, tmp); /* 2^49 - 2 */
+ for (i = 0; i < 47; ++i) { /* 2^96 - 2^48 */
+ felem_square(tmp, ftmp4);
+ felem_reduce(ftmp4, tmp);
+ }
+ felem_mul(tmp, ftmp3, ftmp4);
+ felem_reduce(ftmp3, tmp); /* 2^96 - 1 */
+ felem_square(tmp, ftmp3);
+ felem_reduce(ftmp4, tmp); /* 2^97 - 2 */
+ for (i = 0; i < 23; ++i) { /* 2^120 - 2^24 */
+ felem_square(tmp, ftmp4);
+ felem_reduce(ftmp4, tmp);
+ }
+ felem_mul(tmp, ftmp2, ftmp4);
+ felem_reduce(ftmp2, tmp); /* 2^120 - 1 */
+ for (i = 0; i < 6; ++i) { /* 2^126 - 2^6 */
+ felem_square(tmp, ftmp2);
+ felem_reduce(ftmp2, tmp);
+ }
+ felem_mul(tmp, ftmp2, ftmp);
+ felem_reduce(ftmp, tmp); /* 2^126 - 1 */
+ felem_square(tmp, ftmp);
+ felem_reduce(ftmp, tmp); /* 2^127 - 2 */
+ felem_mul(tmp, ftmp, in);
+ felem_reduce(ftmp, tmp); /* 2^127 - 1 */
+ for (i = 0; i < 97; ++i) { /* 2^224 - 2^97 */
+ felem_square(tmp, ftmp);
+ felem_reduce(ftmp, tmp);
+ }
+ felem_mul(tmp, ftmp, ftmp3);
+ felem_reduce(out, tmp); /* 2^224 - 2^96 - 1 */
+}
+
+/*
+ * Copy in constant time: if icopy == 1, copy in to out, if icopy == 0, copy
+ * out to itself.
+ */
+static void copy_conditional(felem out, const felem in, limb icopy)
+{
+ unsigned i;
+ /*
+ * icopy is a (64-bit) 0 or 1, so copy is either all-zero or all-one
+ */
+ const limb copy = -icopy;
+ for (i = 0; i < 4; ++i) {
+ const limb tmp = copy & (in[i] ^ out[i]);
+ out[i] ^= tmp;
+ }
+}
+
+/******************************************************************************/
+/*-
+ * ELLIPTIC CURVE POINT OPERATIONS
+ *
+ * Points are represented in Jacobian projective coordinates:
+ * (X, Y, Z) corresponds to the affine point (X/Z^2, Y/Z^3),
+ * or to the point at infinity if Z == 0.
+ *
+ */
+
+/*-
+ * Double an elliptic curve point:
+ * (X', Y', Z') = 2 * (X, Y, Z), where
+ * X' = (3 * (X - Z^2) * (X + Z^2))^2 - 8 * X * Y^2
+ * Y' = 3 * (X - Z^2) * (X + Z^2) * (4 * X * Y^2 - X') - 8 * Y^2
+ * Z' = (Y + Z)^2 - Y^2 - Z^2 = 2 * Y * Z
+ * Outputs can equal corresponding inputs, i.e., x_out == x_in is allowed,
+ * while x_out == y_in is not (maybe this works, but it's not tested).
+ */
+static void
+point_double(felem x_out, felem y_out, felem z_out,
+ const felem x_in, const felem y_in, const felem z_in)
+{
+ widefelem tmp, tmp2;
+ felem delta, gamma, beta, alpha, ftmp, ftmp2;
+
+ felem_assign(ftmp, x_in);
+ felem_assign(ftmp2, x_in);
+
+ /* delta = z^2 */
+ felem_square(tmp, z_in);
+ felem_reduce(delta, tmp);
+
+ /* gamma = y^2 */
+ felem_square(tmp, y_in);
+ felem_reduce(gamma, tmp);
+
+ /* beta = x*gamma */
+ felem_mul(tmp, x_in, gamma);
+ felem_reduce(beta, tmp);
+
+ /* alpha = 3*(x-delta)*(x+delta) */
+ felem_diff(ftmp, delta);
+ /* ftmp[i] < 2^57 + 2^58 + 2 < 2^59 */
+ felem_sum(ftmp2, delta);
+ /* ftmp2[i] < 2^57 + 2^57 = 2^58 */
+ felem_scalar(ftmp2, 3);
+ /* ftmp2[i] < 3 * 2^58 < 2^60 */
+ felem_mul(tmp, ftmp, ftmp2);
+ /* tmp[i] < 2^60 * 2^59 * 4 = 2^121 */
+ felem_reduce(alpha, tmp);
+
+ /* x' = alpha^2 - 8*beta */
+ felem_square(tmp, alpha);
+ /* tmp[i] < 4 * 2^57 * 2^57 = 2^116 */
+ felem_assign(ftmp, beta);
+ felem_scalar(ftmp, 8);
+ /* ftmp[i] < 8 * 2^57 = 2^60 */
+ felem_diff_128_64(tmp, ftmp);
+ /* tmp[i] < 2^116 + 2^64 + 8 < 2^117 */
+ felem_reduce(x_out, tmp);
+
+ /* z' = (y + z)^2 - gamma - delta */
+ felem_sum(delta, gamma);
+ /* delta[i] < 2^57 + 2^57 = 2^58 */
+ felem_assign(ftmp, y_in);
+ felem_sum(ftmp, z_in);
+ /* ftmp[i] < 2^57 + 2^57 = 2^58 */
+ felem_square(tmp, ftmp);
+ /* tmp[i] < 4 * 2^58 * 2^58 = 2^118 */
+ felem_diff_128_64(tmp, delta);
+ /* tmp[i] < 2^118 + 2^64 + 8 < 2^119 */
+ felem_reduce(z_out, tmp);
+
+ /* y' = alpha*(4*beta - x') - 8*gamma^2 */
+ felem_scalar(beta, 4);
+ /* beta[i] < 4 * 2^57 = 2^59 */
+ felem_diff(beta, x_out);
+ /* beta[i] < 2^59 + 2^58 + 2 < 2^60 */
+ felem_mul(tmp, alpha, beta);
+ /* tmp[i] < 4 * 2^57 * 2^60 = 2^119 */
+ felem_square(tmp2, gamma);
+ /* tmp2[i] < 4 * 2^57 * 2^57 = 2^116 */
+ widefelem_scalar(tmp2, 8);
+ /* tmp2[i] < 8 * 2^116 = 2^119 */
+ widefelem_diff(tmp, tmp2);
+ /* tmp[i] < 2^119 + 2^120 < 2^121 */
+ felem_reduce(y_out, tmp);
+}
+
+/*-
+ * Add two elliptic curve points:
+ * (X_1, Y_1, Z_1) + (X_2, Y_2, Z_2) = (X_3, Y_3, Z_3), where
+ * X_3 = (Z_1^3 * Y_2 - Z_2^3 * Y_1)^2 - (Z_1^2 * X_2 - Z_2^2 * X_1)^3 -
+ * 2 * Z_2^2 * X_1 * (Z_1^2 * X_2 - Z_2^2 * X_1)^2
+ * Y_3 = (Z_1^3 * Y_2 - Z_2^3 * Y_1) * (Z_2^2 * X_1 * (Z_1^2 * X_2 - Z_2^2 * X_1)^2 - X_3) -
+ * Z_2^3 * Y_1 * (Z_1^2 * X_2 - Z_2^2 * X_1)^3
+ * Z_3 = (Z_1^2 * X_2 - Z_2^2 * X_1) * (Z_1 * Z_2)
+ *
+ * This runs faster if 'mixed' is set, which requires Z_2 = 1 or Z_2 = 0.
+ */
+
+/*
+ * This function is not entirely constant-time: it includes a branch for
+ * checking whether the two input points are equal, (while not equal to the
+ * point at infinity). This case never happens during single point
+ * multiplication, so there is no timing leak for ECDH or ECDSA signing.
+ */
+static void point_add(felem x3, felem y3, felem z3,
+ const felem x1, const felem y1, const felem z1,
+ const int mixed, const felem x2, const felem y2,
+ const felem z2)
+{
+ felem ftmp, ftmp2, ftmp3, ftmp4, ftmp5, x_out, y_out, z_out;
+ widefelem tmp, tmp2;
+ limb z1_is_zero, z2_is_zero, x_equal, y_equal;
+
+ if (!mixed) {
+ /* ftmp2 = z2^2 */
+ felem_square(tmp, z2);
+ felem_reduce(ftmp2, tmp);
+
+ /* ftmp4 = z2^3 */
+ felem_mul(tmp, ftmp2, z2);
+ felem_reduce(ftmp4, tmp);
+
+ /* ftmp4 = z2^3*y1 */
+ felem_mul(tmp2, ftmp4, y1);
+ felem_reduce(ftmp4, tmp2);
+
+ /* ftmp2 = z2^2*x1 */
+ felem_mul(tmp2, ftmp2, x1);
+ felem_reduce(ftmp2, tmp2);
+ } else {
+ /*
+ * We'll assume z2 = 1 (special case z2 = 0 is handled later)
+ */
+
+ /* ftmp4 = z2^3*y1 */
+ felem_assign(ftmp4, y1);
+
+ /* ftmp2 = z2^2*x1 */
+ felem_assign(ftmp2, x1);
+ }
+
+ /* ftmp = z1^2 */
+ felem_square(tmp, z1);
+ felem_reduce(ftmp, tmp);
+
+ /* ftmp3 = z1^3 */
+ felem_mul(tmp, ftmp, z1);
+ felem_reduce(ftmp3, tmp);
+
+ /* tmp = z1^3*y2 */
+ felem_mul(tmp, ftmp3, y2);
+ /* tmp[i] < 4 * 2^57 * 2^57 = 2^116 */
+
+ /* ftmp3 = z1^3*y2 - z2^3*y1 */
+ felem_diff_128_64(tmp, ftmp4);
+ /* tmp[i] < 2^116 + 2^64 + 8 < 2^117 */
+ felem_reduce(ftmp3, tmp);
+
+ /* tmp = z1^2*x2 */
+ felem_mul(tmp, ftmp, x2);
+ /* tmp[i] < 4 * 2^57 * 2^57 = 2^116 */
+
+ /* ftmp = z1^2*x2 - z2^2*x1 */
+ felem_diff_128_64(tmp, ftmp2);
+ /* tmp[i] < 2^116 + 2^64 + 8 < 2^117 */
+ felem_reduce(ftmp, tmp);
+
+ /*
+ * the formulae are incorrect if the points are equal so we check for
+ * this and do doubling if this happens
+ */
+ x_equal = felem_is_zero(ftmp);
+ y_equal = felem_is_zero(ftmp3);
+ z1_is_zero = felem_is_zero(z1);
+ z2_is_zero = felem_is_zero(z2);
+ /* In affine coordinates, (X_1, Y_1) == (X_2, Y_2) */
+ if (x_equal && y_equal && !z1_is_zero && !z2_is_zero) {
+ point_double(x3, y3, z3, x1, y1, z1);
+ return;
+ }
+
+ /* ftmp5 = z1*z2 */
+ if (!mixed) {
+ felem_mul(tmp, z1, z2);
+ felem_reduce(ftmp5, tmp);
+ } else {
+ /* special case z2 = 0 is handled later */
+ felem_assign(ftmp5, z1);
+ }
+
+ /* z_out = (z1^2*x2 - z2^2*x1)*(z1*z2) */
+ felem_mul(tmp, ftmp, ftmp5);
+ felem_reduce(z_out, tmp);
+
+ /* ftmp = (z1^2*x2 - z2^2*x1)^2 */
+ felem_assign(ftmp5, ftmp);
+ felem_square(tmp, ftmp);
+ felem_reduce(ftmp, tmp);
+
+ /* ftmp5 = (z1^2*x2 - z2^2*x1)^3 */
+ felem_mul(tmp, ftmp, ftmp5);
+ felem_reduce(ftmp5, tmp);
+
+ /* ftmp2 = z2^2*x1*(z1^2*x2 - z2^2*x1)^2 */
+ felem_mul(tmp, ftmp2, ftmp);
+ felem_reduce(ftmp2, tmp);
+
+ /* tmp = z2^3*y1*(z1^2*x2 - z2^2*x1)^3 */
+ felem_mul(tmp, ftmp4, ftmp5);
+ /* tmp[i] < 4 * 2^57 * 2^57 = 2^116 */
+
+ /* tmp2 = (z1^3*y2 - z2^3*y1)^2 */
+ felem_square(tmp2, ftmp3);
+ /* tmp2[i] < 4 * 2^57 * 2^57 < 2^116 */
+
+ /* tmp2 = (z1^3*y2 - z2^3*y1)^2 - (z1^2*x2 - z2^2*x1)^3 */
+ felem_diff_128_64(tmp2, ftmp5);
+ /* tmp2[i] < 2^116 + 2^64 + 8 < 2^117 */
+
+ /* ftmp5 = 2*z2^2*x1*(z1^2*x2 - z2^2*x1)^2 */
+ felem_assign(ftmp5, ftmp2);
+ felem_scalar(ftmp5, 2);
+ /* ftmp5[i] < 2 * 2^57 = 2^58 */
+
+ /*-
+ * x_out = (z1^3*y2 - z2^3*y1)^2 - (z1^2*x2 - z2^2*x1)^3 -
+ * 2*z2^2*x1*(z1^2*x2 - z2^2*x1)^2
+ */
+ felem_diff_128_64(tmp2, ftmp5);
+ /* tmp2[i] < 2^117 + 2^64 + 8 < 2^118 */
+ felem_reduce(x_out, tmp2);
+
+ /* ftmp2 = z2^2*x1*(z1^2*x2 - z2^2*x1)^2 - x_out */
+ felem_diff(ftmp2, x_out);
+ /* ftmp2[i] < 2^57 + 2^58 + 2 < 2^59 */
+
+ /*
+ * tmp2 = (z1^3*y2 - z2^3*y1)*(z2^2*x1*(z1^2*x2 - z2^2*x1)^2 - x_out)
+ */
+ felem_mul(tmp2, ftmp3, ftmp2);
+ /* tmp2[i] < 4 * 2^57 * 2^59 = 2^118 */
+
+ /*-
+ * y_out = (z1^3*y2 - z2^3*y1)*(z2^2*x1*(z1^2*x2 - z2^2*x1)^2 - x_out) -
+ * z2^3*y1*(z1^2*x2 - z2^2*x1)^3
+ */
+ widefelem_diff(tmp2, tmp);
+ /* tmp2[i] < 2^118 + 2^120 < 2^121 */
+ felem_reduce(y_out, tmp2);
+
+ /*
+ * the result (x_out, y_out, z_out) is incorrect if one of the inputs is
+ * the point at infinity, so we need to check for this separately
+ */
+
+ /*
+ * if point 1 is at infinity, copy point 2 to output, and vice versa
+ */
+ copy_conditional(x_out, x2, z1_is_zero);
+ copy_conditional(x_out, x1, z2_is_zero);
+ copy_conditional(y_out, y2, z1_is_zero);
+ copy_conditional(y_out, y1, z2_is_zero);
+ copy_conditional(z_out, z2, z1_is_zero);
+ copy_conditional(z_out, z1, z2_is_zero);
+ felem_assign(x3, x_out);
+ felem_assign(y3, y_out);
+ felem_assign(z3, z_out);
+}
+
+/*
+ * select_point selects the |idx|th point from a precomputation table and
+ * copies it to out.
+ * The pre_comp array argument should be size of |size| argument
+ */
+static void select_point(const u64 idx, unsigned int size,
+ const felem pre_comp[][3], felem out[3])
+{
+ unsigned i, j;
+ limb *outlimbs = &out[0][0];
+ memset(outlimbs, 0, 3 * sizeof(felem));
+
+ for (i = 0; i < size; i++) {
+ const limb *inlimbs = &pre_comp[i][0][0];
+ u64 mask = i ^ idx;
+ mask |= mask >> 4;
+ mask |= mask >> 2;
+ mask |= mask >> 1;
+ mask &= 1;
+ mask--;
+ for (j = 0; j < 4 * 3; j++)
+ outlimbs[j] |= inlimbs[j] & mask;
+ }
+}
+
+/* get_bit returns the |i|th bit in |in| */
+static char get_bit(const felem_bytearray in, unsigned i)
+{
+ if (i >= 224)
+ return 0;
+ return (in[i >> 3] >> (i & 7)) & 1;
+}
+
+/*
+ * Interleaved point multiplication using precomputed point multiples: The
+ * small point multiples 0*P, 1*P, ..., 16*P are in pre_comp[], the scalars
+ * in scalars[]. If g_scalar is non-NULL, we also add this multiple of the
+ * generator, using certain (large) precomputed multiples in g_pre_comp.
+ * Output point (X, Y, Z) is stored in x_out, y_out, z_out
+ */
+static void batch_mul(felem x_out, felem y_out, felem z_out,
+ const felem_bytearray scalars[],
+ const unsigned num_points, const u8 *g_scalar,
+ const int mixed, const felem pre_comp[][17][3],
+ const felem g_pre_comp[2][16][3])
+{
+ int i, skip;
+ unsigned num;
+ unsigned gen_mul = (g_scalar != NULL);
+ felem nq[3], tmp[4];
+ u64 bits;
+ u8 sign, digit;
+
+ /* set nq to the point at infinity */
+ memset(nq, 0, 3 * sizeof(felem));
+
+ /*
+ * Loop over all scalars msb-to-lsb, interleaving additions of multiples
+ * of the generator (two in each of the last 28 rounds) and additions of
+ * other points multiples (every 5th round).
+ */
+ skip = 1; /* save two point operations in the first
+ * round */
+ for (i = (num_points ? 220 : 27); i >= 0; --i) {
+ /* double */
+ if (!skip)
+ point_double(nq[0], nq[1], nq[2], nq[0], nq[1], nq[2]);
+
+ /* add multiples of the generator */
+ if (gen_mul && (i <= 27)) {
+ /* first, look 28 bits upwards */
+ bits = get_bit(g_scalar, i + 196) << 3;
+ bits |= get_bit(g_scalar, i + 140) << 2;
+ bits |= get_bit(g_scalar, i + 84) << 1;
+ bits |= get_bit(g_scalar, i + 28);
+ /* select the point to add, in constant time */
+ select_point(bits, 16, g_pre_comp[1], tmp);
+
+ if (!skip) {
+ /* value 1 below is argument for "mixed" */
+ point_add(nq[0], nq[1], nq[2],
+ nq[0], nq[1], nq[2], 1, tmp[0], tmp[1], tmp[2]);
+ } else {
+ memcpy(nq, tmp, 3 * sizeof(felem));
+ skip = 0;
+ }
+
+ /* second, look at the current position */
+ bits = get_bit(g_scalar, i + 168) << 3;
+ bits |= get_bit(g_scalar, i + 112) << 2;
+ bits |= get_bit(g_scalar, i + 56) << 1;
+ bits |= get_bit(g_scalar, i);
+ /* select the point to add, in constant time */
+ select_point(bits, 16, g_pre_comp[0], tmp);
+ point_add(nq[0], nq[1], nq[2],
+ nq[0], nq[1], nq[2],
+ 1 /* mixed */ , tmp[0], tmp[1], tmp[2]);
+ }
+
+ /* do other additions every 5 doublings */
+ if (num_points && (i % 5 == 0)) {
+ /* loop over all scalars */
+ for (num = 0; num < num_points; ++num) {
+ bits = get_bit(scalars[num], i + 4) << 5;
+ bits |= get_bit(scalars[num], i + 3) << 4;
+ bits |= get_bit(scalars[num], i + 2) << 3;
+ bits |= get_bit(scalars[num], i + 1) << 2;
+ bits |= get_bit(scalars[num], i) << 1;
+ bits |= get_bit(scalars[num], i - 1);
+ ec_GFp_nistp_recode_scalar_bits(&sign, &digit, bits);
+
+ /* select the point to add or subtract */
+ select_point(digit, 17, pre_comp[num], tmp);
+ felem_neg(tmp[3], tmp[1]); /* (X, -Y, Z) is the negative
+ * point */
+ copy_conditional(tmp[1], tmp[3], sign);
+
+ if (!skip) {
+ point_add(nq[0], nq[1], nq[2],
+ nq[0], nq[1], nq[2],
+ mixed, tmp[0], tmp[1], tmp[2]);
+ } else {
+ memcpy(nq, tmp, 3 * sizeof(felem));
+ skip = 0;
+ }
+ }
+ }
+ }
+ felem_assign(x_out, nq[0]);
+ felem_assign(y_out, nq[1]);
+ felem_assign(z_out, nq[2]);
+}
+
+/******************************************************************************/
+/*
+ * FUNCTIONS TO MANAGE PRECOMPUTATION
+ */
+
+static NISTP224_PRE_COMP *nistp224_pre_comp_new()
+{
+ NISTP224_PRE_COMP *ret = NULL;
+ ret = (NISTP224_PRE_COMP *) OPENSSL_malloc(sizeof *ret);
+ if (!ret) {
+ ECerr(EC_F_NISTP224_PRE_COMP_NEW, ERR_R_MALLOC_FAILURE);
+ return ret;
+ }
+ memset(ret->g_pre_comp, 0, sizeof(ret->g_pre_comp));
+ ret->references = 1;
+ return ret;
+}
+
+static void *nistp224_pre_comp_dup(void *src_)
+{
+ NISTP224_PRE_COMP *src = src_;
+
+ /* no need to actually copy, these objects never change! */
+ CRYPTO_add(&src->references, 1, CRYPTO_LOCK_EC_PRE_COMP);
+
+ return src_;
+}
+
+static void nistp224_pre_comp_free(void *pre_)
+{
+ int i;
+ NISTP224_PRE_COMP *pre = pre_;
+
+ if (!pre)
+ return;
+
+ i = CRYPTO_add(&pre->references, -1, CRYPTO_LOCK_EC_PRE_COMP);
+ if (i > 0)
+ return;
+
+ OPENSSL_free(pre);
+}
+
+static void nistp224_pre_comp_clear_free(void *pre_)
+{
+ int i;
+ NISTP224_PRE_COMP *pre = pre_;
+
+ if (!pre)
+ return;
+
+ i = CRYPTO_add(&pre->references, -1, CRYPTO_LOCK_EC_PRE_COMP);
+ if (i > 0)
+ return;
+
+ OPENSSL_cleanse(pre, sizeof *pre);
+ OPENSSL_free(pre);
+}
+
+/******************************************************************************/
+/*
+ * OPENSSL EC_METHOD FUNCTIONS
+ */
+
+int ec_GFp_nistp224_group_init(EC_GROUP *group)
+{
+ int ret;
+ ret = ec_GFp_simple_group_init(group);
+ group->a_is_minus3 = 1;
+ return ret;
+}
+
+int ec_GFp_nistp224_group_set_curve(EC_GROUP *group, const BIGNUM *p,
+ const BIGNUM *a, const BIGNUM *b,
+ BN_CTX *ctx)
+{
+ int ret = 0;
+ BN_CTX *new_ctx = NULL;
+ BIGNUM *curve_p, *curve_a, *curve_b;
+
+ if (ctx == NULL)
+ if ((ctx = new_ctx = BN_CTX_new()) == NULL)
+ return 0;
+ BN_CTX_start(ctx);
+ if (((curve_p = BN_CTX_get(ctx)) == NULL) ||
+ ((curve_a = BN_CTX_get(ctx)) == NULL) ||
+ ((curve_b = BN_CTX_get(ctx)) == NULL))
+ goto err;
+ BN_bin2bn(nistp224_curve_params[0], sizeof(felem_bytearray), curve_p);
+ BN_bin2bn(nistp224_curve_params[1], sizeof(felem_bytearray), curve_a);
+ BN_bin2bn(nistp224_curve_params[2], sizeof(felem_bytearray), curve_b);
+ if ((BN_cmp(curve_p, p)) || (BN_cmp(curve_a, a)) || (BN_cmp(curve_b, b))) {
+ ECerr(EC_F_EC_GFP_NISTP224_GROUP_SET_CURVE,
+ EC_R_WRONG_CURVE_PARAMETERS);
+ goto err;
+ }
+ group->field_mod_func = BN_nist_mod_224;
+ ret = ec_GFp_simple_group_set_curve(group, p, a, b, ctx);
+ err:
+ BN_CTX_end(ctx);
+ if (new_ctx != NULL)
+ BN_CTX_free(new_ctx);
+ return ret;
+}
+
+/*
+ * Takes the Jacobian coordinates (X, Y, Z) of a point and returns (X', Y') =
+ * (X/Z^2, Y/Z^3)
+ */
+int ec_GFp_nistp224_point_get_affine_coordinates(const EC_GROUP *group,
+ const EC_POINT *point,
+ BIGNUM *x, BIGNUM *y,
+ BN_CTX *ctx)
+{
+ felem z1, z2, x_in, y_in, x_out, y_out;
+ widefelem tmp;
+
+ if (EC_POINT_is_at_infinity(group, point)) {
+ ECerr(EC_F_EC_GFP_NISTP224_POINT_GET_AFFINE_COORDINATES,
+ EC_R_POINT_AT_INFINITY);
+ return 0;
+ }
+ if ((!BN_to_felem(x_in, &point->X)) || (!BN_to_felem(y_in, &point->Y)) ||
+ (!BN_to_felem(z1, &point->Z)))
+ return 0;
+ felem_inv(z2, z1);
+ felem_square(tmp, z2);
+ felem_reduce(z1, tmp);
+ felem_mul(tmp, x_in, z1);
+ felem_reduce(x_in, tmp);
+ felem_contract(x_out, x_in);
+ if (x != NULL) {
+ if (!felem_to_BN(x, x_out)) {
+ ECerr(EC_F_EC_GFP_NISTP224_POINT_GET_AFFINE_COORDINATES,
+ ERR_R_BN_LIB);
+ return 0;
+ }
+ }
+ felem_mul(tmp, z1, z2);
+ felem_reduce(z1, tmp);
+ felem_mul(tmp, y_in, z1);
+ felem_reduce(y_in, tmp);
+ felem_contract(y_out, y_in);
+ if (y != NULL) {
+ if (!felem_to_BN(y, y_out)) {
+ ECerr(EC_F_EC_GFP_NISTP224_POINT_GET_AFFINE_COORDINATES,
+ ERR_R_BN_LIB);
+ return 0;
+ }
+ }
+ return 1;
+}
+
+static void make_points_affine(size_t num, felem points[ /* num */ ][3],
+ felem tmp_felems[ /* num+1 */ ])
+{
+ /*
+ * Runs in constant time, unless an input is the point at infinity (which
+ * normally shouldn't happen).
+ */
+ ec_GFp_nistp_points_make_affine_internal(num,
+ points,
+ sizeof(felem),
+ tmp_felems,
+ (void (*)(void *))felem_one,
+ (int (*)(const void *))
+ felem_is_zero_int,
+ (void (*)(void *, const void *))
+ felem_assign,
+ (void (*)(void *, const void *))
+ felem_square_reduce, (void (*)
+ (void *,
+ const void
+ *,
+ const void
+ *))
+ felem_mul_reduce,
+ (void (*)(void *, const void *))
+ felem_inv,
+ (void (*)(void *, const void *))
+ felem_contract);
+}
+
+/*
+ * Computes scalar*generator + \sum scalars[i]*points[i], ignoring NULL
+ * values Result is stored in r (r can equal one of the inputs).
+ */
+int ec_GFp_nistp224_points_mul(const EC_GROUP *group, EC_POINT *r,
+ const BIGNUM *scalar, size_t num,
+ const EC_POINT *points[],
+ const BIGNUM *scalars[], BN_CTX *ctx)
+{
+ int ret = 0;
+ int j;
+ unsigned i;
+ int mixed = 0;
+ BN_CTX *new_ctx = NULL;
+ BIGNUM *x, *y, *z, *tmp_scalar;
+ felem_bytearray g_secret;
+ felem_bytearray *secrets = NULL;
+ felem(*pre_comp)[17][3] = NULL;
+ felem *tmp_felems = NULL;
+ felem_bytearray tmp;
+ unsigned num_bytes;
+ int have_pre_comp = 0;
+ size_t num_points = num;
+ felem x_in, y_in, z_in, x_out, y_out, z_out;
+ NISTP224_PRE_COMP *pre = NULL;
+ const felem(*g_pre_comp)[16][3] = NULL;
+ EC_POINT *generator = NULL;
+ const EC_POINT *p = NULL;
+ const BIGNUM *p_scalar = NULL;
+
+ if (ctx == NULL)
+ if ((ctx = new_ctx = BN_CTX_new()) == NULL)
+ return 0;
+ BN_CTX_start(ctx);
+ if (((x = BN_CTX_get(ctx)) == NULL) ||
+ ((y = BN_CTX_get(ctx)) == NULL) ||
+ ((z = BN_CTX_get(ctx)) == NULL) ||
+ ((tmp_scalar = BN_CTX_get(ctx)) == NULL))
+ goto err;
+
+ if (scalar != NULL) {
+ pre = EC_EX_DATA_get_data(group->extra_data,
+ nistp224_pre_comp_dup,
+ nistp224_pre_comp_free,
+ nistp224_pre_comp_clear_free);
+ if (pre)
+ /* we have precomputation, try to use it */
+ g_pre_comp = (const felem(*)[16][3])pre->g_pre_comp;
+ else
+ /* try to use the standard precomputation */
+ g_pre_comp = &gmul[0];
+ generator = EC_POINT_new(group);
+ if (generator == NULL)
+ goto err;
+ /* get the generator from precomputation */
+ if (!felem_to_BN(x, g_pre_comp[0][1][0]) ||
+ !felem_to_BN(y, g_pre_comp[0][1][1]) ||
+ !felem_to_BN(z, g_pre_comp[0][1][2])) {
+ ECerr(EC_F_EC_GFP_NISTP224_POINTS_MUL, ERR_R_BN_LIB);
+ goto err;
+ }
+ if (!EC_POINT_set_Jprojective_coordinates_GFp(group,
+ generator, x, y, z,
+ ctx))
+ goto err;
+ if (0 == EC_POINT_cmp(group, generator, group->generator, ctx))
+ /* precomputation matches generator */
+ have_pre_comp = 1;
+ else
+ /*
+ * we don't have valid precomputation: treat the generator as a
+ * random point
+ */
+ num_points = num_points + 1;
+ }
+
+ if (num_points > 0) {
+ if (num_points >= 3) {
+ /*
+ * unless we precompute multiples for just one or two points,
+ * converting those into affine form is time well spent
+ */
+ mixed = 1;
+ }
+ secrets = OPENSSL_malloc(num_points * sizeof(felem_bytearray));
+ pre_comp = OPENSSL_malloc(num_points * 17 * 3 * sizeof(felem));
+ if (mixed)
+ tmp_felems =
+ OPENSSL_malloc((num_points * 17 + 1) * sizeof(felem));
+ if ((secrets == NULL) || (pre_comp == NULL)
+ || (mixed && (tmp_felems == NULL))) {
+ ECerr(EC_F_EC_GFP_NISTP224_POINTS_MUL, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ /*
+ * we treat NULL scalars as 0, and NULL points as points at infinity,
+ * i.e., they contribute nothing to the linear combination
+ */
+ memset(secrets, 0, num_points * sizeof(felem_bytearray));
+ memset(pre_comp, 0, num_points * 17 * 3 * sizeof(felem));
+ for (i = 0; i < num_points; ++i) {
+ if (i == num)
+ /* the generator */
+ {
+ p = EC_GROUP_get0_generator(group);
+ p_scalar = scalar;
+ } else
+ /* the i^th point */
+ {
+ p = points[i];
+ p_scalar = scalars[i];
+ }
+ if ((p_scalar != NULL) && (p != NULL)) {
+ /* reduce scalar to 0 <= scalar < 2^224 */
+ if ((BN_num_bits(p_scalar) > 224)
+ || (BN_is_negative(p_scalar))) {
+ /*
+ * this is an unusual input, and we don't guarantee
+ * constant-timeness
+ */
+ if (!BN_nnmod(tmp_scalar, p_scalar, &group->order, ctx)) {
+ ECerr(EC_F_EC_GFP_NISTP224_POINTS_MUL, ERR_R_BN_LIB);
+ goto err;
+ }
+ num_bytes = BN_bn2bin(tmp_scalar, tmp);
+ } else
+ num_bytes = BN_bn2bin(p_scalar, tmp);
+ flip_endian(secrets[i], tmp, num_bytes);
+ /* precompute multiples */
+ if ((!BN_to_felem(x_out, &p->X)) ||
+ (!BN_to_felem(y_out, &p->Y)) ||
+ (!BN_to_felem(z_out, &p->Z)))
+ goto err;
+ felem_assign(pre_comp[i][1][0], x_out);
+ felem_assign(pre_comp[i][1][1], y_out);
+ felem_assign(pre_comp[i][1][2], z_out);
+ for (j = 2; j <= 16; ++j) {
+ if (j & 1) {
+ point_add(pre_comp[i][j][0], pre_comp[i][j][1],
+ pre_comp[i][j][2], pre_comp[i][1][0],
+ pre_comp[i][1][1], pre_comp[i][1][2], 0,
+ pre_comp[i][j - 1][0],
+ pre_comp[i][j - 1][1],
+ pre_comp[i][j - 1][2]);
+ } else {
+ point_double(pre_comp[i][j][0], pre_comp[i][j][1],
+ pre_comp[i][j][2], pre_comp[i][j / 2][0],
+ pre_comp[i][j / 2][1],
+ pre_comp[i][j / 2][2]);
+ }
+ }
+ }
+ }
+ if (mixed)
+ make_points_affine(num_points * 17, pre_comp[0], tmp_felems);
+ }
+
+ /* the scalar for the generator */
+ if ((scalar != NULL) && (have_pre_comp)) {
+ memset(g_secret, 0, sizeof g_secret);
+ /* reduce scalar to 0 <= scalar < 2^224 */
+ if ((BN_num_bits(scalar) > 224) || (BN_is_negative(scalar))) {
+ /*
+ * this is an unusual input, and we don't guarantee
+ * constant-timeness
+ */
+ if (!BN_nnmod(tmp_scalar, scalar, &group->order, ctx)) {
+ ECerr(EC_F_EC_GFP_NISTP224_POINTS_MUL, ERR_R_BN_LIB);
+ goto err;
+ }
+ num_bytes = BN_bn2bin(tmp_scalar, tmp);
+ } else
+ num_bytes = BN_bn2bin(scalar, tmp);
+ flip_endian(g_secret, tmp, num_bytes);
+ /* do the multiplication with generator precomputation */
+ batch_mul(x_out, y_out, z_out,
+ (const felem_bytearray(*))secrets, num_points,
+ g_secret,
+ mixed, (const felem(*)[17][3])pre_comp, g_pre_comp);
+ } else
+ /* do the multiplication without generator precomputation */
+ batch_mul(x_out, y_out, z_out,
+ (const felem_bytearray(*))secrets, num_points,
+ NULL, mixed, (const felem(*)[17][3])pre_comp, NULL);
+ /* reduce the output to its unique minimal representation */
+ felem_contract(x_in, x_out);
+ felem_contract(y_in, y_out);
+ felem_contract(z_in, z_out);
+ if ((!felem_to_BN(x, x_in)) || (!felem_to_BN(y, y_in)) ||
+ (!felem_to_BN(z, z_in))) {
+ ECerr(EC_F_EC_GFP_NISTP224_POINTS_MUL, ERR_R_BN_LIB);
+ goto err;
+ }
+ ret = EC_POINT_set_Jprojective_coordinates_GFp(group, r, x, y, z, ctx);
+
+ err:
+ BN_CTX_end(ctx);
+ if (generator != NULL)
+ EC_POINT_free(generator);
+ if (new_ctx != NULL)
+ BN_CTX_free(new_ctx);
+ if (secrets != NULL)
+ OPENSSL_free(secrets);
+ if (pre_comp != NULL)
+ OPENSSL_free(pre_comp);
+ if (tmp_felems != NULL)
+ OPENSSL_free(tmp_felems);
+ return ret;
+}
+
+int ec_GFp_nistp224_precompute_mult(EC_GROUP *group, BN_CTX *ctx)
+{
+ int ret = 0;
+ NISTP224_PRE_COMP *pre = NULL;
+ int i, j;
+ BN_CTX *new_ctx = NULL;
+ BIGNUM *x, *y;
+ EC_POINT *generator = NULL;
+ felem tmp_felems[32];
+
+ /* throw away old precomputation */
+ EC_EX_DATA_free_data(&group->extra_data, nistp224_pre_comp_dup,
+ nistp224_pre_comp_free,
+ nistp224_pre_comp_clear_free);
+ if (ctx == NULL)
+ if ((ctx = new_ctx = BN_CTX_new()) == NULL)
+ return 0;
+ BN_CTX_start(ctx);
+ if (((x = BN_CTX_get(ctx)) == NULL) || ((y = BN_CTX_get(ctx)) == NULL))
+ goto err;
+ /* get the generator */
+ if (group->generator == NULL)
+ goto err;
+ generator = EC_POINT_new(group);
+ if (generator == NULL)
+ goto err;
+ BN_bin2bn(nistp224_curve_params[3], sizeof(felem_bytearray), x);
+ BN_bin2bn(nistp224_curve_params[4], sizeof(felem_bytearray), y);
+ if (!EC_POINT_set_affine_coordinates_GFp(group, generator, x, y, ctx))
+ goto err;
+ if ((pre = nistp224_pre_comp_new()) == NULL)
+ goto err;
+ /*
+ * if the generator is the standard one, use built-in precomputation
+ */
+ if (0 == EC_POINT_cmp(group, generator, group->generator, ctx)) {
+ memcpy(pre->g_pre_comp, gmul, sizeof(pre->g_pre_comp));
+ ret = 1;
+ goto err;
+ }
+ if ((!BN_to_felem(pre->g_pre_comp[0][1][0], &group->generator->X)) ||
+ (!BN_to_felem(pre->g_pre_comp[0][1][1], &group->generator->Y)) ||
+ (!BN_to_felem(pre->g_pre_comp[0][1][2], &group->generator->Z)))
+ goto err;
+ /*
+ * compute 2^56*G, 2^112*G, 2^168*G for the first table, 2^28*G, 2^84*G,
+ * 2^140*G, 2^196*G for the second one
+ */
+ for (i = 1; i <= 8; i <<= 1) {
+ point_double(pre->g_pre_comp[1][i][0], pre->g_pre_comp[1][i][1],
+ pre->g_pre_comp[1][i][2], pre->g_pre_comp[0][i][0],
+ pre->g_pre_comp[0][i][1], pre->g_pre_comp[0][i][2]);
+ for (j = 0; j < 27; ++j) {
+ point_double(pre->g_pre_comp[1][i][0], pre->g_pre_comp[1][i][1],
+ pre->g_pre_comp[1][i][2], pre->g_pre_comp[1][i][0],
+ pre->g_pre_comp[1][i][1], pre->g_pre_comp[1][i][2]);
+ }
+ if (i == 8)
+ break;
+ point_double(pre->g_pre_comp[0][2 * i][0],
+ pre->g_pre_comp[0][2 * i][1],
+ pre->g_pre_comp[0][2 * i][2], pre->g_pre_comp[1][i][0],
+ pre->g_pre_comp[1][i][1], pre->g_pre_comp[1][i][2]);
+ for (j = 0; j < 27; ++j) {
+ point_double(pre->g_pre_comp[0][2 * i][0],
+ pre->g_pre_comp[0][2 * i][1],
+ pre->g_pre_comp[0][2 * i][2],
+ pre->g_pre_comp[0][2 * i][0],
+ pre->g_pre_comp[0][2 * i][1],
+ pre->g_pre_comp[0][2 * i][2]);
+ }
+ }
+ for (i = 0; i < 2; i++) {
+ /* g_pre_comp[i][0] is the point at infinity */
+ memset(pre->g_pre_comp[i][0], 0, sizeof(pre->g_pre_comp[i][0]));
+ /* the remaining multiples */
+ /* 2^56*G + 2^112*G resp. 2^84*G + 2^140*G */
+ point_add(pre->g_pre_comp[i][6][0], pre->g_pre_comp[i][6][1],
+ pre->g_pre_comp[i][6][2], pre->g_pre_comp[i][4][0],
+ pre->g_pre_comp[i][4][1], pre->g_pre_comp[i][4][2],
+ 0, pre->g_pre_comp[i][2][0], pre->g_pre_comp[i][2][1],
+ pre->g_pre_comp[i][2][2]);
+ /* 2^56*G + 2^168*G resp. 2^84*G + 2^196*G */
+ point_add(pre->g_pre_comp[i][10][0], pre->g_pre_comp[i][10][1],
+ pre->g_pre_comp[i][10][2], pre->g_pre_comp[i][8][0],
+ pre->g_pre_comp[i][8][1], pre->g_pre_comp[i][8][2],
+ 0, pre->g_pre_comp[i][2][0], pre->g_pre_comp[i][2][1],
+ pre->g_pre_comp[i][2][2]);
+ /* 2^112*G + 2^168*G resp. 2^140*G + 2^196*G */
+ point_add(pre->g_pre_comp[i][12][0], pre->g_pre_comp[i][12][1],
+ pre->g_pre_comp[i][12][2], pre->g_pre_comp[i][8][0],
+ pre->g_pre_comp[i][8][1], pre->g_pre_comp[i][8][2],
+ 0, pre->g_pre_comp[i][4][0], pre->g_pre_comp[i][4][1],
+ pre->g_pre_comp[i][4][2]);
+ /*
+ * 2^56*G + 2^112*G + 2^168*G resp. 2^84*G + 2^140*G + 2^196*G
+ */
+ point_add(pre->g_pre_comp[i][14][0], pre->g_pre_comp[i][14][1],
+ pre->g_pre_comp[i][14][2], pre->g_pre_comp[i][12][0],
+ pre->g_pre_comp[i][12][1], pre->g_pre_comp[i][12][2],
+ 0, pre->g_pre_comp[i][2][0], pre->g_pre_comp[i][2][1],
+ pre->g_pre_comp[i][2][2]);
+ for (j = 1; j < 8; ++j) {
+ /* odd multiples: add G resp. 2^28*G */
+ point_add(pre->g_pre_comp[i][2 * j + 1][0],
+ pre->g_pre_comp[i][2 * j + 1][1],
+ pre->g_pre_comp[i][2 * j + 1][2],
+ pre->g_pre_comp[i][2 * j][0],
+ pre->g_pre_comp[i][2 * j][1],
+ pre->g_pre_comp[i][2 * j][2], 0,
+ pre->g_pre_comp[i][1][0], pre->g_pre_comp[i][1][1],
+ pre->g_pre_comp[i][1][2]);
+ }
+ }
+ make_points_affine(31, &(pre->g_pre_comp[0][1]), tmp_felems);
+
+ if (!EC_EX_DATA_set_data(&group->extra_data, pre, nistp224_pre_comp_dup,
+ nistp224_pre_comp_free,
+ nistp224_pre_comp_clear_free))
+ goto err;
+ ret = 1;
+ pre = NULL;
+ err:
+ BN_CTX_end(ctx);
+ if (generator != NULL)
+ EC_POINT_free(generator);
+ if (new_ctx != NULL)
+ BN_CTX_free(new_ctx);
+ if (pre)
+ nistp224_pre_comp_free(pre);
+ return ret;
+}
+
+int ec_GFp_nistp224_have_precompute_mult(const EC_GROUP *group)
+{
+ if (EC_EX_DATA_get_data(group->extra_data, nistp224_pre_comp_dup,
+ nistp224_pre_comp_free,
+ nistp224_pre_comp_clear_free)
+ != NULL)
+ return 1;
+ else
+ return 0;
+}
+
+#else
+static void *dummy = &dummy;
+#endif
Copied: trunk/crypto/openssl/crypto/ec/ecp_nistp256.c (from rev 7117, vendor-crypto/openssl/dist/crypto/ec/ecp_nistp256.c)
===================================================================
--- trunk/crypto/openssl/crypto/ec/ecp_nistp256.c (rev 0)
+++ trunk/crypto/openssl/crypto/ec/ecp_nistp256.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,2369 @@
+/* crypto/ec/ecp_nistp256.c */
+/*
+ * Written by Adam Langley (Google) for the OpenSSL project
+ */
+/* Copyright 2011 Google Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ *
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/*
+ * A 64-bit implementation of the NIST P-256 elliptic curve point multiplication
+ *
+ * OpenSSL integration was taken from Emilia Kasper's work in ecp_nistp224.c.
+ * Otherwise based on Emilia's P224 work, which was inspired by my curve25519
+ * work which got its smarts from Daniel J. Bernstein's work on the same.
+ */
+
+#include <openssl/opensslconf.h>
+#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
+
+# ifndef OPENSSL_SYS_VMS
+# include <stdint.h>
+# else
+# include <inttypes.h>
+# endif
+
+# include <string.h>
+# include <openssl/err.h>
+# include "ec_lcl.h"
+
+# if defined(__GNUC__) && (__GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ >= 1))
+ /* even with gcc, the typedef won't work for 32-bit platforms */
+typedef __uint128_t uint128_t; /* nonstandard; implemented by gcc on 64-bit
+ * platforms */
+typedef __int128_t int128_t;
+# else
+# error "Need GCC 3.1 or later to define type uint128_t"
+# endif
+
+typedef uint8_t u8;
+typedef uint32_t u32;
+typedef uint64_t u64;
+typedef int64_t s64;
+
+/*
+ * The underlying field. P256 operates over GF(2^256-2^224+2^192+2^96-1). We
+ * can serialise an element of this field into 32 bytes. We call this an
+ * felem_bytearray.
+ */
+
+typedef u8 felem_bytearray[32];
+
+/*
+ * These are the parameters of P256, taken from FIPS 186-3, page 86. These
+ * values are big-endian.
+ */
+static const felem_bytearray nistp256_curve_params[5] = {
+ {0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x01, /* p */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
+ {0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x01, /* a = -3 */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfc}, /* b */
+ {0x5a, 0xc6, 0x35, 0xd8, 0xaa, 0x3a, 0x93, 0xe7,
+ 0xb3, 0xeb, 0xbd, 0x55, 0x76, 0x98, 0x86, 0xbc,
+ 0x65, 0x1d, 0x06, 0xb0, 0xcc, 0x53, 0xb0, 0xf6,
+ 0x3b, 0xce, 0x3c, 0x3e, 0x27, 0xd2, 0x60, 0x4b},
+ {0x6b, 0x17, 0xd1, 0xf2, 0xe1, 0x2c, 0x42, 0x47, /* x */
+ 0xf8, 0xbc, 0xe6, 0xe5, 0x63, 0xa4, 0x40, 0xf2,
+ 0x77, 0x03, 0x7d, 0x81, 0x2d, 0xeb, 0x33, 0xa0,
+ 0xf4, 0xa1, 0x39, 0x45, 0xd8, 0x98, 0xc2, 0x96},
+ {0x4f, 0xe3, 0x42, 0xe2, 0xfe, 0x1a, 0x7f, 0x9b, /* y */
+ 0x8e, 0xe7, 0xeb, 0x4a, 0x7c, 0x0f, 0x9e, 0x16,
+ 0x2b, 0xce, 0x33, 0x57, 0x6b, 0x31, 0x5e, 0xce,
+ 0xcb, 0xb6, 0x40, 0x68, 0x37, 0xbf, 0x51, 0xf5}
+};
+
+/*-
+ * The representation of field elements.
+ * ------------------------------------
+ *
+ * We represent field elements with either four 128-bit values, eight 128-bit
+ * values, or four 64-bit values. The field element represented is:
+ * v[0]*2^0 + v[1]*2^64 + v[2]*2^128 + v[3]*2^192 (mod p)
+ * or:
+ * v[0]*2^0 + v[1]*2^64 + v[2]*2^128 + ... + v[8]*2^512 (mod p)
+ *
+ * 128-bit values are called 'limbs'. Since the limbs are spaced only 64 bits
+ * apart, but are 128-bits wide, the most significant bits of each limb overlap
+ * with the least significant bits of the next.
+ *
+ * A field element with four limbs is an 'felem'. One with eight limbs is a
+ * 'longfelem'
+ *
+ * A field element with four, 64-bit values is called a 'smallfelem'. Small
+ * values are used as intermediate values before multiplication.
+ */
+
+# define NLIMBS 4
+
+typedef uint128_t limb;
+typedef limb felem[NLIMBS];
+typedef limb longfelem[NLIMBS * 2];
+typedef u64 smallfelem[NLIMBS];
+
+/* This is the value of the prime as four 64-bit words, little-endian. */
+static const u64 kPrime[4] =
+ { 0xfffffffffffffffful, 0xffffffff, 0, 0xffffffff00000001ul };
+static const u64 bottom63bits = 0x7ffffffffffffffful;
+
+/*
+ * bin32_to_felem takes a little-endian byte array and converts it into felem
+ * form. This assumes that the CPU is little-endian.
+ */
+static void bin32_to_felem(felem out, const u8 in[32])
+{
+ out[0] = *((u64 *)&in[0]);
+ out[1] = *((u64 *)&in[8]);
+ out[2] = *((u64 *)&in[16]);
+ out[3] = *((u64 *)&in[24]);
+}
+
+/*
+ * smallfelem_to_bin32 takes a smallfelem and serialises into a little
+ * endian, 32 byte array. This assumes that the CPU is little-endian.
+ */
+static void smallfelem_to_bin32(u8 out[32], const smallfelem in)
+{
+ *((u64 *)&out[0]) = in[0];
+ *((u64 *)&out[8]) = in[1];
+ *((u64 *)&out[16]) = in[2];
+ *((u64 *)&out[24]) = in[3];
+}
+
+/* To preserve endianness when using BN_bn2bin and BN_bin2bn */
+static void flip_endian(u8 *out, const u8 *in, unsigned len)
+{
+ unsigned i;
+ for (i = 0; i < len; ++i)
+ out[i] = in[len - 1 - i];
+}
+
+/* BN_to_felem converts an OpenSSL BIGNUM into an felem */
+static int BN_to_felem(felem out, const BIGNUM *bn)
+{
+ felem_bytearray b_in;
+ felem_bytearray b_out;
+ unsigned num_bytes;
+
+ /* BN_bn2bin eats leading zeroes */
+ memset(b_out, 0, sizeof b_out);
+ num_bytes = BN_num_bytes(bn);
+ if (num_bytes > sizeof b_out) {
+ ECerr(EC_F_BN_TO_FELEM, EC_R_BIGNUM_OUT_OF_RANGE);
+ return 0;
+ }
+ if (BN_is_negative(bn)) {
+ ECerr(EC_F_BN_TO_FELEM, EC_R_BIGNUM_OUT_OF_RANGE);
+ return 0;
+ }
+ num_bytes = BN_bn2bin(bn, b_in);
+ flip_endian(b_out, b_in, num_bytes);
+ bin32_to_felem(out, b_out);
+ return 1;
+}
+
+/* felem_to_BN converts an felem into an OpenSSL BIGNUM */
+static BIGNUM *smallfelem_to_BN(BIGNUM *out, const smallfelem in)
+{
+ felem_bytearray b_in, b_out;
+ smallfelem_to_bin32(b_in, in);
+ flip_endian(b_out, b_in, sizeof b_out);
+ return BN_bin2bn(b_out, sizeof b_out, out);
+}
+
+/*-
+ * Field operations
+ * ----------------
+ */
+
+static void smallfelem_one(smallfelem out)
+{
+ out[0] = 1;
+ out[1] = 0;
+ out[2] = 0;
+ out[3] = 0;
+}
+
+static void smallfelem_assign(smallfelem out, const smallfelem in)
+{
+ out[0] = in[0];
+ out[1] = in[1];
+ out[2] = in[2];
+ out[3] = in[3];
+}
+
+static void felem_assign(felem out, const felem in)
+{
+ out[0] = in[0];
+ out[1] = in[1];
+ out[2] = in[2];
+ out[3] = in[3];
+}
+
+/* felem_sum sets out = out + in. */
+static void felem_sum(felem out, const felem in)
+{
+ out[0] += in[0];
+ out[1] += in[1];
+ out[2] += in[2];
+ out[3] += in[3];
+}
+
+/* felem_small_sum sets out = out + in. */
+static void felem_small_sum(felem out, const smallfelem in)
+{
+ out[0] += in[0];
+ out[1] += in[1];
+ out[2] += in[2];
+ out[3] += in[3];
+}
+
+/* felem_scalar sets out = out * scalar */
+static void felem_scalar(felem out, const u64 scalar)
+{
+ out[0] *= scalar;
+ out[1] *= scalar;
+ out[2] *= scalar;
+ out[3] *= scalar;
+}
+
+/* longfelem_scalar sets out = out * scalar */
+static void longfelem_scalar(longfelem out, const u64 scalar)
+{
+ out[0] *= scalar;
+ out[1] *= scalar;
+ out[2] *= scalar;
+ out[3] *= scalar;
+ out[4] *= scalar;
+ out[5] *= scalar;
+ out[6] *= scalar;
+ out[7] *= scalar;
+}
+
+# define two105m41m9 (((limb)1) << 105) - (((limb)1) << 41) - (((limb)1) << 9)
+# define two105 (((limb)1) << 105)
+# define two105m41p9 (((limb)1) << 105) - (((limb)1) << 41) + (((limb)1) << 9)
+
+/* zero105 is 0 mod p */
+static const felem zero105 =
+ { two105m41m9, two105, two105m41p9, two105m41p9 };
+
+/*-
+ * smallfelem_neg sets |out| to |-small|
+ * On exit:
+ * out[i] < out[i] + 2^105
+ */
+static void smallfelem_neg(felem out, const smallfelem small)
+{
+ /* In order to prevent underflow, we subtract from 0 mod p. */
+ out[0] = zero105[0] - small[0];
+ out[1] = zero105[1] - small[1];
+ out[2] = zero105[2] - small[2];
+ out[3] = zero105[3] - small[3];
+}
+
+/*-
+ * felem_diff subtracts |in| from |out|
+ * On entry:
+ * in[i] < 2^104
+ * On exit:
+ * out[i] < out[i] + 2^105
+ */
+static void felem_diff(felem out, const felem in)
+{
+ /*
+ * In order to prevent underflow, we add 0 mod p before subtracting.
+ */
+ out[0] += zero105[0];
+ out[1] += zero105[1];
+ out[2] += zero105[2];
+ out[3] += zero105[3];
+
+ out[0] -= in[0];
+ out[1] -= in[1];
+ out[2] -= in[2];
+ out[3] -= in[3];
+}
+
+# define two107m43m11 (((limb)1) << 107) - (((limb)1) << 43) - (((limb)1) << 11)
+# define two107 (((limb)1) << 107)
+# define two107m43p11 (((limb)1) << 107) - (((limb)1) << 43) + (((limb)1) << 11)
+
+/* zero107 is 0 mod p */
+static const felem zero107 =
+ { two107m43m11, two107, two107m43p11, two107m43p11 };
+
+/*-
+ * An alternative felem_diff for larger inputs |in|
+ * felem_diff_zero107 subtracts |in| from |out|
+ * On entry:
+ * in[i] < 2^106
+ * On exit:
+ * out[i] < out[i] + 2^107
+ */
+static void felem_diff_zero107(felem out, const felem in)
+{
+ /*
+ * In order to prevent underflow, we add 0 mod p before subtracting.
+ */
+ out[0] += zero107[0];
+ out[1] += zero107[1];
+ out[2] += zero107[2];
+ out[3] += zero107[3];
+
+ out[0] -= in[0];
+ out[1] -= in[1];
+ out[2] -= in[2];
+ out[3] -= in[3];
+}
+
+/*-
+ * longfelem_diff subtracts |in| from |out|
+ * On entry:
+ * in[i] < 7*2^67
+ * On exit:
+ * out[i] < out[i] + 2^70 + 2^40
+ */
+static void longfelem_diff(longfelem out, const longfelem in)
+{
+ static const limb two70m8p6 =
+ (((limb) 1) << 70) - (((limb) 1) << 8) + (((limb) 1) << 6);
+ static const limb two70p40 = (((limb) 1) << 70) + (((limb) 1) << 40);
+ static const limb two70 = (((limb) 1) << 70);
+ static const limb two70m40m38p6 =
+ (((limb) 1) << 70) - (((limb) 1) << 40) - (((limb) 1) << 38) +
+ (((limb) 1) << 6);
+ static const limb two70m6 = (((limb) 1) << 70) - (((limb) 1) << 6);
+
+ /* add 0 mod p to avoid underflow */
+ out[0] += two70m8p6;
+ out[1] += two70p40;
+ out[2] += two70;
+ out[3] += two70m40m38p6;
+ out[4] += two70m6;
+ out[5] += two70m6;
+ out[6] += two70m6;
+ out[7] += two70m6;
+
+ /* in[i] < 7*2^67 < 2^70 - 2^40 - 2^38 + 2^6 */
+ out[0] -= in[0];
+ out[1] -= in[1];
+ out[2] -= in[2];
+ out[3] -= in[3];
+ out[4] -= in[4];
+ out[5] -= in[5];
+ out[6] -= in[6];
+ out[7] -= in[7];
+}
+
+# define two64m0 (((limb)1) << 64) - 1
+# define two110p32m0 (((limb)1) << 110) + (((limb)1) << 32) - 1
+# define two64m46 (((limb)1) << 64) - (((limb)1) << 46)
+# define two64m32 (((limb)1) << 64) - (((limb)1) << 32)
+
+/* zero110 is 0 mod p */
+static const felem zero110 = { two64m0, two110p32m0, two64m46, two64m32 };
+
+/*-
+ * felem_shrink converts an felem into a smallfelem. The result isn't quite
+ * minimal as the value may be greater than p.
+ *
+ * On entry:
+ * in[i] < 2^109
+ * On exit:
+ * out[i] < 2^64
+ */
+static void felem_shrink(smallfelem out, const felem in)
+{
+ felem tmp;
+ u64 a, b, mask;
+ s64 high, low;
+ static const u64 kPrime3Test = 0x7fffffff00000001ul; /* 2^63 - 2^32 + 1 */
+
+ /* Carry 2->3 */
+ tmp[3] = zero110[3] + in[3] + ((u64)(in[2] >> 64));
+ /* tmp[3] < 2^110 */
+
+ tmp[2] = zero110[2] + (u64)in[2];
+ tmp[0] = zero110[0] + in[0];
+ tmp[1] = zero110[1] + in[1];
+ /* tmp[0] < 2**110, tmp[1] < 2^111, tmp[2] < 2**65 */
+
+ /*
+ * We perform two partial reductions where we eliminate the high-word of
+ * tmp[3]. We don't update the other words till the end.
+ */
+ a = tmp[3] >> 64; /* a < 2^46 */
+ tmp[3] = (u64)tmp[3];
+ tmp[3] -= a;
+ tmp[3] += ((limb) a) << 32;
+ /* tmp[3] < 2^79 */
+
+ b = a;
+ a = tmp[3] >> 64; /* a < 2^15 */
+ b += a; /* b < 2^46 + 2^15 < 2^47 */
+ tmp[3] = (u64)tmp[3];
+ tmp[3] -= a;
+ tmp[3] += ((limb) a) << 32;
+ /* tmp[3] < 2^64 + 2^47 */
+
+ /*
+ * This adjusts the other two words to complete the two partial
+ * reductions.
+ */
+ tmp[0] += b;
+ tmp[1] -= (((limb) b) << 32);
+
+ /*
+ * In order to make space in tmp[3] for the carry from 2 -> 3, we
+ * conditionally subtract kPrime if tmp[3] is large enough.
+ */
+ high = tmp[3] >> 64;
+ /* As tmp[3] < 2^65, high is either 1 or 0 */
+ high <<= 63;
+ high >>= 63;
+ /*-
+ * high is:
+ * all ones if the high word of tmp[3] is 1
+ * all zeros if the high word of tmp[3] if 0 */
+ low = tmp[3];
+ mask = low >> 63;
+ /*-
+ * mask is:
+ * all ones if the MSB of low is 1
+ * all zeros if the MSB of low if 0 */
+ low &= bottom63bits;
+ low -= kPrime3Test;
+ /* if low was greater than kPrime3Test then the MSB is zero */
+ low = ~low;
+ low >>= 63;
+ /*-
+ * low is:
+ * all ones if low was > kPrime3Test
+ * all zeros if low was <= kPrime3Test */
+ mask = (mask & low) | high;
+ tmp[0] -= mask & kPrime[0];
+ tmp[1] -= mask & kPrime[1];
+ /* kPrime[2] is zero, so omitted */
+ tmp[3] -= mask & kPrime[3];
+ /* tmp[3] < 2**64 - 2**32 + 1 */
+
+ tmp[1] += ((u64)(tmp[0] >> 64));
+ tmp[0] = (u64)tmp[0];
+ tmp[2] += ((u64)(tmp[1] >> 64));
+ tmp[1] = (u64)tmp[1];
+ tmp[3] += ((u64)(tmp[2] >> 64));
+ tmp[2] = (u64)tmp[2];
+ /* tmp[i] < 2^64 */
+
+ out[0] = tmp[0];
+ out[1] = tmp[1];
+ out[2] = tmp[2];
+ out[3] = tmp[3];
+}
+
+/* smallfelem_expand converts a smallfelem to an felem */
+static void smallfelem_expand(felem out, const smallfelem in)
+{
+ out[0] = in[0];
+ out[1] = in[1];
+ out[2] = in[2];
+ out[3] = in[3];
+}
+
+/*-
+ * smallfelem_square sets |out| = |small|^2
+ * On entry:
+ * small[i] < 2^64
+ * On exit:
+ * out[i] < 7 * 2^64 < 2^67
+ */
+static void smallfelem_square(longfelem out, const smallfelem small)
+{
+ limb a;
+ u64 high, low;
+
+ a = ((uint128_t) small[0]) * small[0];
+ low = a;
+ high = a >> 64;
+ out[0] = low;
+ out[1] = high;
+
+ a = ((uint128_t) small[0]) * small[1];
+ low = a;
+ high = a >> 64;
+ out[1] += low;
+ out[1] += low;
+ out[2] = high;
+
+ a = ((uint128_t) small[0]) * small[2];
+ low = a;
+ high = a >> 64;
+ out[2] += low;
+ out[2] *= 2;
+ out[3] = high;
+
+ a = ((uint128_t) small[0]) * small[3];
+ low = a;
+ high = a >> 64;
+ out[3] += low;
+ out[4] = high;
+
+ a = ((uint128_t) small[1]) * small[2];
+ low = a;
+ high = a >> 64;
+ out[3] += low;
+ out[3] *= 2;
+ out[4] += high;
+
+ a = ((uint128_t) small[1]) * small[1];
+ low = a;
+ high = a >> 64;
+ out[2] += low;
+ out[3] += high;
+
+ a = ((uint128_t) small[1]) * small[3];
+ low = a;
+ high = a >> 64;
+ out[4] += low;
+ out[4] *= 2;
+ out[5] = high;
+
+ a = ((uint128_t) small[2]) * small[3];
+ low = a;
+ high = a >> 64;
+ out[5] += low;
+ out[5] *= 2;
+ out[6] = high;
+ out[6] += high;
+
+ a = ((uint128_t) small[2]) * small[2];
+ low = a;
+ high = a >> 64;
+ out[4] += low;
+ out[5] += high;
+
+ a = ((uint128_t) small[3]) * small[3];
+ low = a;
+ high = a >> 64;
+ out[6] += low;
+ out[7] = high;
+}
+
+/*-
+ * felem_square sets |out| = |in|^2
+ * On entry:
+ * in[i] < 2^109
+ * On exit:
+ * out[i] < 7 * 2^64 < 2^67
+ */
+static void felem_square(longfelem out, const felem in)
+{
+ u64 small[4];
+ felem_shrink(small, in);
+ smallfelem_square(out, small);
+}
+
+/*-
+ * smallfelem_mul sets |out| = |small1| * |small2|
+ * On entry:
+ * small1[i] < 2^64
+ * small2[i] < 2^64
+ * On exit:
+ * out[i] < 7 * 2^64 < 2^67
+ */
+static void smallfelem_mul(longfelem out, const smallfelem small1,
+ const smallfelem small2)
+{
+ limb a;
+ u64 high, low;
+
+ a = ((uint128_t) small1[0]) * small2[0];
+ low = a;
+ high = a >> 64;
+ out[0] = low;
+ out[1] = high;
+
+ a = ((uint128_t) small1[0]) * small2[1];
+ low = a;
+ high = a >> 64;
+ out[1] += low;
+ out[2] = high;
+
+ a = ((uint128_t) small1[1]) * small2[0];
+ low = a;
+ high = a >> 64;
+ out[1] += low;
+ out[2] += high;
+
+ a = ((uint128_t) small1[0]) * small2[2];
+ low = a;
+ high = a >> 64;
+ out[2] += low;
+ out[3] = high;
+
+ a = ((uint128_t) small1[1]) * small2[1];
+ low = a;
+ high = a >> 64;
+ out[2] += low;
+ out[3] += high;
+
+ a = ((uint128_t) small1[2]) * small2[0];
+ low = a;
+ high = a >> 64;
+ out[2] += low;
+ out[3] += high;
+
+ a = ((uint128_t) small1[0]) * small2[3];
+ low = a;
+ high = a >> 64;
+ out[3] += low;
+ out[4] = high;
+
+ a = ((uint128_t) small1[1]) * small2[2];
+ low = a;
+ high = a >> 64;
+ out[3] += low;
+ out[4] += high;
+
+ a = ((uint128_t) small1[2]) * small2[1];
+ low = a;
+ high = a >> 64;
+ out[3] += low;
+ out[4] += high;
+
+ a = ((uint128_t) small1[3]) * small2[0];
+ low = a;
+ high = a >> 64;
+ out[3] += low;
+ out[4] += high;
+
+ a = ((uint128_t) small1[1]) * small2[3];
+ low = a;
+ high = a >> 64;
+ out[4] += low;
+ out[5] = high;
+
+ a = ((uint128_t) small1[2]) * small2[2];
+ low = a;
+ high = a >> 64;
+ out[4] += low;
+ out[5] += high;
+
+ a = ((uint128_t) small1[3]) * small2[1];
+ low = a;
+ high = a >> 64;
+ out[4] += low;
+ out[5] += high;
+
+ a = ((uint128_t) small1[2]) * small2[3];
+ low = a;
+ high = a >> 64;
+ out[5] += low;
+ out[6] = high;
+
+ a = ((uint128_t) small1[3]) * small2[2];
+ low = a;
+ high = a >> 64;
+ out[5] += low;
+ out[6] += high;
+
+ a = ((uint128_t) small1[3]) * small2[3];
+ low = a;
+ high = a >> 64;
+ out[6] += low;
+ out[7] = high;
+}
+
+/*-
+ * felem_mul sets |out| = |in1| * |in2|
+ * On entry:
+ * in1[i] < 2^109
+ * in2[i] < 2^109
+ * On exit:
+ * out[i] < 7 * 2^64 < 2^67
+ */
+static void felem_mul(longfelem out, const felem in1, const felem in2)
+{
+ smallfelem small1, small2;
+ felem_shrink(small1, in1);
+ felem_shrink(small2, in2);
+ smallfelem_mul(out, small1, small2);
+}
+
+/*-
+ * felem_small_mul sets |out| = |small1| * |in2|
+ * On entry:
+ * small1[i] < 2^64
+ * in2[i] < 2^109
+ * On exit:
+ * out[i] < 7 * 2^64 < 2^67
+ */
+static void felem_small_mul(longfelem out, const smallfelem small1,
+ const felem in2)
+{
+ smallfelem small2;
+ felem_shrink(small2, in2);
+ smallfelem_mul(out, small1, small2);
+}
+
+# define two100m36m4 (((limb)1) << 100) - (((limb)1) << 36) - (((limb)1) << 4)
+# define two100 (((limb)1) << 100)
+# define two100m36p4 (((limb)1) << 100) - (((limb)1) << 36) + (((limb)1) << 4)
+/* zero100 is 0 mod p */
+static const felem zero100 =
+ { two100m36m4, two100, two100m36p4, two100m36p4 };
+
+/*-
+ * Internal function for the different flavours of felem_reduce.
+ * felem_reduce_ reduces the higher coefficients in[4]-in[7].
+ * On entry:
+ * out[0] >= in[6] + 2^32*in[6] + in[7] + 2^32*in[7]
+ * out[1] >= in[7] + 2^32*in[4]
+ * out[2] >= in[5] + 2^32*in[5]
+ * out[3] >= in[4] + 2^32*in[5] + 2^32*in[6]
+ * On exit:
+ * out[0] <= out[0] + in[4] + 2^32*in[5]
+ * out[1] <= out[1] + in[5] + 2^33*in[6]
+ * out[2] <= out[2] + in[7] + 2*in[6] + 2^33*in[7]
+ * out[3] <= out[3] + 2^32*in[4] + 3*in[7]
+ */
+static void felem_reduce_(felem out, const longfelem in)
+{
+ int128_t c;
+ /* combine common terms from below */
+ c = in[4] + (in[5] << 32);
+ out[0] += c;
+ out[3] -= c;
+
+ c = in[5] - in[7];
+ out[1] += c;
+ out[2] -= c;
+
+ /* the remaining terms */
+ /* 256: [(0,1),(96,-1),(192,-1),(224,1)] */
+ out[1] -= (in[4] << 32);
+ out[3] += (in[4] << 32);
+
+ /* 320: [(32,1),(64,1),(128,-1),(160,-1),(224,-1)] */
+ out[2] -= (in[5] << 32);
+
+ /* 384: [(0,-1),(32,-1),(96,2),(128,2),(224,-1)] */
+ out[0] -= in[6];
+ out[0] -= (in[6] << 32);
+ out[1] += (in[6] << 33);
+ out[2] += (in[6] * 2);
+ out[3] -= (in[6] << 32);
+
+ /* 448: [(0,-1),(32,-1),(64,-1),(128,1),(160,2),(192,3)] */
+ out[0] -= in[7];
+ out[0] -= (in[7] << 32);
+ out[2] += (in[7] << 33);
+ out[3] += (in[7] * 3);
+}
+
+/*-
+ * felem_reduce converts a longfelem into an felem.
+ * To be called directly after felem_square or felem_mul.
+ * On entry:
+ * in[0] < 2^64, in[1] < 3*2^64, in[2] < 5*2^64, in[3] < 7*2^64
+ * in[4] < 7*2^64, in[5] < 5*2^64, in[6] < 3*2^64, in[7] < 2*64
+ * On exit:
+ * out[i] < 2^101
+ */
+static void felem_reduce(felem out, const longfelem in)
+{
+ out[0] = zero100[0] + in[0];
+ out[1] = zero100[1] + in[1];
+ out[2] = zero100[2] + in[2];
+ out[3] = zero100[3] + in[3];
+
+ felem_reduce_(out, in);
+
+ /*-
+ * out[0] > 2^100 - 2^36 - 2^4 - 3*2^64 - 3*2^96 - 2^64 - 2^96 > 0
+ * out[1] > 2^100 - 2^64 - 7*2^96 > 0
+ * out[2] > 2^100 - 2^36 + 2^4 - 5*2^64 - 5*2^96 > 0
+ * out[3] > 2^100 - 2^36 + 2^4 - 7*2^64 - 5*2^96 - 3*2^96 > 0
+ *
+ * out[0] < 2^100 + 2^64 + 7*2^64 + 5*2^96 < 2^101
+ * out[1] < 2^100 + 3*2^64 + 5*2^64 + 3*2^97 < 2^101
+ * out[2] < 2^100 + 5*2^64 + 2^64 + 3*2^65 + 2^97 < 2^101
+ * out[3] < 2^100 + 7*2^64 + 7*2^96 + 3*2^64 < 2^101
+ */
+}
+
+/*-
+ * felem_reduce_zero105 converts a larger longfelem into an felem.
+ * On entry:
+ * in[0] < 2^71
+ * On exit:
+ * out[i] < 2^106
+ */
+static void felem_reduce_zero105(felem out, const longfelem in)
+{
+ out[0] = zero105[0] + in[0];
+ out[1] = zero105[1] + in[1];
+ out[2] = zero105[2] + in[2];
+ out[3] = zero105[3] + in[3];
+
+ felem_reduce_(out, in);
+
+ /*-
+ * out[0] > 2^105 - 2^41 - 2^9 - 2^71 - 2^103 - 2^71 - 2^103 > 0
+ * out[1] > 2^105 - 2^71 - 2^103 > 0
+ * out[2] > 2^105 - 2^41 + 2^9 - 2^71 - 2^103 > 0
+ * out[3] > 2^105 - 2^41 + 2^9 - 2^71 - 2^103 - 2^103 > 0
+ *
+ * out[0] < 2^105 + 2^71 + 2^71 + 2^103 < 2^106
+ * out[1] < 2^105 + 2^71 + 2^71 + 2^103 < 2^106
+ * out[2] < 2^105 + 2^71 + 2^71 + 2^71 + 2^103 < 2^106
+ * out[3] < 2^105 + 2^71 + 2^103 + 2^71 < 2^106
+ */
+}
+
+/*
+ * subtract_u64 sets *result = *result - v and *carry to one if the
+ * subtraction underflowed.
+ */
+static void subtract_u64(u64 *result, u64 *carry, u64 v)
+{
+ uint128_t r = *result;
+ r -= v;
+ *carry = (r >> 64) & 1;
+ *result = (u64)r;
+}
+
+/*
+ * felem_contract converts |in| to its unique, minimal representation. On
+ * entry: in[i] < 2^109
+ */
+static void felem_contract(smallfelem out, const felem in)
+{
+ unsigned i;
+ u64 all_equal_so_far = 0, result = 0, carry;
+
+ felem_shrink(out, in);
+ /* small is minimal except that the value might be > p */
+
+ all_equal_so_far--;
+ /*
+ * We are doing a constant time test if out >= kPrime. We need to compare
+ * each u64, from most-significant to least significant. For each one, if
+ * all words so far have been equal (m is all ones) then a non-equal
+ * result is the answer. Otherwise we continue.
+ */
+ for (i = 3; i < 4; i--) {
+ u64 equal;
+ uint128_t a = ((uint128_t) kPrime[i]) - out[i];
+ /*
+ * if out[i] > kPrime[i] then a will underflow and the high 64-bits
+ * will all be set.
+ */
+ result |= all_equal_so_far & ((u64)(a >> 64));
+
+ /*
+ * if kPrime[i] == out[i] then |equal| will be all zeros and the
+ * decrement will make it all ones.
+ */
+ equal = kPrime[i] ^ out[i];
+ equal--;
+ equal &= equal << 32;
+ equal &= equal << 16;
+ equal &= equal << 8;
+ equal &= equal << 4;
+ equal &= equal << 2;
+ equal &= equal << 1;
+ equal = ((s64) equal) >> 63;
+
+ all_equal_so_far &= equal;
+ }
+
+ /*
+ * if all_equal_so_far is still all ones then the two values are equal
+ * and so out >= kPrime is true.
+ */
+ result |= all_equal_so_far;
+
+ /* if out >= kPrime then we subtract kPrime. */
+ subtract_u64(&out[0], &carry, result & kPrime[0]);
+ subtract_u64(&out[1], &carry, carry);
+ subtract_u64(&out[2], &carry, carry);
+ subtract_u64(&out[3], &carry, carry);
+
+ subtract_u64(&out[1], &carry, result & kPrime[1]);
+ subtract_u64(&out[2], &carry, carry);
+ subtract_u64(&out[3], &carry, carry);
+
+ subtract_u64(&out[2], &carry, result & kPrime[2]);
+ subtract_u64(&out[3], &carry, carry);
+
+ subtract_u64(&out[3], &carry, result & kPrime[3]);
+}
+
+static void smallfelem_square_contract(smallfelem out, const smallfelem in)
+{
+ longfelem longtmp;
+ felem tmp;
+
+ smallfelem_square(longtmp, in);
+ felem_reduce(tmp, longtmp);
+ felem_contract(out, tmp);
+}
+
+static void smallfelem_mul_contract(smallfelem out, const smallfelem in1,
+ const smallfelem in2)
+{
+ longfelem longtmp;
+ felem tmp;
+
+ smallfelem_mul(longtmp, in1, in2);
+ felem_reduce(tmp, longtmp);
+ felem_contract(out, tmp);
+}
+
+/*-
+ * felem_is_zero returns a limb with all bits set if |in| == 0 (mod p) and 0
+ * otherwise.
+ * On entry:
+ * small[i] < 2^64
+ */
+static limb smallfelem_is_zero(const smallfelem small)
+{
+ limb result;
+ u64 is_p;
+
+ u64 is_zero = small[0] | small[1] | small[2] | small[3];
+ is_zero--;
+ is_zero &= is_zero << 32;
+ is_zero &= is_zero << 16;
+ is_zero &= is_zero << 8;
+ is_zero &= is_zero << 4;
+ is_zero &= is_zero << 2;
+ is_zero &= is_zero << 1;
+ is_zero = ((s64) is_zero) >> 63;
+
+ is_p = (small[0] ^ kPrime[0]) |
+ (small[1] ^ kPrime[1]) |
+ (small[2] ^ kPrime[2]) | (small[3] ^ kPrime[3]);
+ is_p--;
+ is_p &= is_p << 32;
+ is_p &= is_p << 16;
+ is_p &= is_p << 8;
+ is_p &= is_p << 4;
+ is_p &= is_p << 2;
+ is_p &= is_p << 1;
+ is_p = ((s64) is_p) >> 63;
+
+ is_zero |= is_p;
+
+ result = is_zero;
+ result |= ((limb) is_zero) << 64;
+ return result;
+}
+
+static int smallfelem_is_zero_int(const smallfelem small)
+{
+ return (int)(smallfelem_is_zero(small) & ((limb) 1));
+}
+
+/*-
+ * felem_inv calculates |out| = |in|^{-1}
+ *
+ * Based on Fermat's Little Theorem:
+ * a^p = a (mod p)
+ * a^{p-1} = 1 (mod p)
+ * a^{p-2} = a^{-1} (mod p)
+ */
+static void felem_inv(felem out, const felem in)
+{
+ felem ftmp, ftmp2;
+ /* each e_I will hold |in|^{2^I - 1} */
+ felem e2, e4, e8, e16, e32, e64;
+ longfelem tmp;
+ unsigned i;
+
+ felem_square(tmp, in);
+ felem_reduce(ftmp, tmp); /* 2^1 */
+ felem_mul(tmp, in, ftmp);
+ felem_reduce(ftmp, tmp); /* 2^2 - 2^0 */
+ felem_assign(e2, ftmp);
+ felem_square(tmp, ftmp);
+ felem_reduce(ftmp, tmp); /* 2^3 - 2^1 */
+ felem_square(tmp, ftmp);
+ felem_reduce(ftmp, tmp); /* 2^4 - 2^2 */
+ felem_mul(tmp, ftmp, e2);
+ felem_reduce(ftmp, tmp); /* 2^4 - 2^0 */
+ felem_assign(e4, ftmp);
+ felem_square(tmp, ftmp);
+ felem_reduce(ftmp, tmp); /* 2^5 - 2^1 */
+ felem_square(tmp, ftmp);
+ felem_reduce(ftmp, tmp); /* 2^6 - 2^2 */
+ felem_square(tmp, ftmp);
+ felem_reduce(ftmp, tmp); /* 2^7 - 2^3 */
+ felem_square(tmp, ftmp);
+ felem_reduce(ftmp, tmp); /* 2^8 - 2^4 */
+ felem_mul(tmp, ftmp, e4);
+ felem_reduce(ftmp, tmp); /* 2^8 - 2^0 */
+ felem_assign(e8, ftmp);
+ for (i = 0; i < 8; i++) {
+ felem_square(tmp, ftmp);
+ felem_reduce(ftmp, tmp);
+ } /* 2^16 - 2^8 */
+ felem_mul(tmp, ftmp, e8);
+ felem_reduce(ftmp, tmp); /* 2^16 - 2^0 */
+ felem_assign(e16, ftmp);
+ for (i = 0; i < 16; i++) {
+ felem_square(tmp, ftmp);
+ felem_reduce(ftmp, tmp);
+ } /* 2^32 - 2^16 */
+ felem_mul(tmp, ftmp, e16);
+ felem_reduce(ftmp, tmp); /* 2^32 - 2^0 */
+ felem_assign(e32, ftmp);
+ for (i = 0; i < 32; i++) {
+ felem_square(tmp, ftmp);
+ felem_reduce(ftmp, tmp);
+ } /* 2^64 - 2^32 */
+ felem_assign(e64, ftmp);
+ felem_mul(tmp, ftmp, in);
+ felem_reduce(ftmp, tmp); /* 2^64 - 2^32 + 2^0 */
+ for (i = 0; i < 192; i++) {
+ felem_square(tmp, ftmp);
+ felem_reduce(ftmp, tmp);
+ } /* 2^256 - 2^224 + 2^192 */
+
+ felem_mul(tmp, e64, e32);
+ felem_reduce(ftmp2, tmp); /* 2^64 - 2^0 */
+ for (i = 0; i < 16; i++) {
+ felem_square(tmp, ftmp2);
+ felem_reduce(ftmp2, tmp);
+ } /* 2^80 - 2^16 */
+ felem_mul(tmp, ftmp2, e16);
+ felem_reduce(ftmp2, tmp); /* 2^80 - 2^0 */
+ for (i = 0; i < 8; i++) {
+ felem_square(tmp, ftmp2);
+ felem_reduce(ftmp2, tmp);
+ } /* 2^88 - 2^8 */
+ felem_mul(tmp, ftmp2, e8);
+ felem_reduce(ftmp2, tmp); /* 2^88 - 2^0 */
+ for (i = 0; i < 4; i++) {
+ felem_square(tmp, ftmp2);
+ felem_reduce(ftmp2, tmp);
+ } /* 2^92 - 2^4 */
+ felem_mul(tmp, ftmp2, e4);
+ felem_reduce(ftmp2, tmp); /* 2^92 - 2^0 */
+ felem_square(tmp, ftmp2);
+ felem_reduce(ftmp2, tmp); /* 2^93 - 2^1 */
+ felem_square(tmp, ftmp2);
+ felem_reduce(ftmp2, tmp); /* 2^94 - 2^2 */
+ felem_mul(tmp, ftmp2, e2);
+ felem_reduce(ftmp2, tmp); /* 2^94 - 2^0 */
+ felem_square(tmp, ftmp2);
+ felem_reduce(ftmp2, tmp); /* 2^95 - 2^1 */
+ felem_square(tmp, ftmp2);
+ felem_reduce(ftmp2, tmp); /* 2^96 - 2^2 */
+ felem_mul(tmp, ftmp2, in);
+ felem_reduce(ftmp2, tmp); /* 2^96 - 3 */
+
+ felem_mul(tmp, ftmp2, ftmp);
+ felem_reduce(out, tmp); /* 2^256 - 2^224 + 2^192 + 2^96 - 3 */
+}
+
+static void smallfelem_inv_contract(smallfelem out, const smallfelem in)
+{
+ felem tmp;
+
+ smallfelem_expand(tmp, in);
+ felem_inv(tmp, tmp);
+ felem_contract(out, tmp);
+}
+
+/*-
+ * Group operations
+ * ----------------
+ *
+ * Building on top of the field operations we have the operations on the
+ * elliptic curve group itself. Points on the curve are represented in Jacobian
+ * coordinates
+ */
+
+/*-
+ * point_double calculates 2*(x_in, y_in, z_in)
+ *
+ * The method is taken from:
+ * http://hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-3.html#doubling-dbl-2001-b
+ *
+ * Outputs can equal corresponding inputs, i.e., x_out == x_in is allowed.
+ * while x_out == y_in is not (maybe this works, but it's not tested).
+ */
+static void
+point_double(felem x_out, felem y_out, felem z_out,
+ const felem x_in, const felem y_in, const felem z_in)
+{
+ longfelem tmp, tmp2;
+ felem delta, gamma, beta, alpha, ftmp, ftmp2;
+ smallfelem small1, small2;
+
+ felem_assign(ftmp, x_in);
+ /* ftmp[i] < 2^106 */
+ felem_assign(ftmp2, x_in);
+ /* ftmp2[i] < 2^106 */
+
+ /* delta = z^2 */
+ felem_square(tmp, z_in);
+ felem_reduce(delta, tmp);
+ /* delta[i] < 2^101 */
+
+ /* gamma = y^2 */
+ felem_square(tmp, y_in);
+ felem_reduce(gamma, tmp);
+ /* gamma[i] < 2^101 */
+ felem_shrink(small1, gamma);
+
+ /* beta = x*gamma */
+ felem_small_mul(tmp, small1, x_in);
+ felem_reduce(beta, tmp);
+ /* beta[i] < 2^101 */
+
+ /* alpha = 3*(x-delta)*(x+delta) */
+ felem_diff(ftmp, delta);
+ /* ftmp[i] < 2^105 + 2^106 < 2^107 */
+ felem_sum(ftmp2, delta);
+ /* ftmp2[i] < 2^105 + 2^106 < 2^107 */
+ felem_scalar(ftmp2, 3);
+ /* ftmp2[i] < 3 * 2^107 < 2^109 */
+ felem_mul(tmp, ftmp, ftmp2);
+ felem_reduce(alpha, tmp);
+ /* alpha[i] < 2^101 */
+ felem_shrink(small2, alpha);
+
+ /* x' = alpha^2 - 8*beta */
+ smallfelem_square(tmp, small2);
+ felem_reduce(x_out, tmp);
+ felem_assign(ftmp, beta);
+ felem_scalar(ftmp, 8);
+ /* ftmp[i] < 8 * 2^101 = 2^104 */
+ felem_diff(x_out, ftmp);
+ /* x_out[i] < 2^105 + 2^101 < 2^106 */
+
+ /* z' = (y + z)^2 - gamma - delta */
+ felem_sum(delta, gamma);
+ /* delta[i] < 2^101 + 2^101 = 2^102 */
+ felem_assign(ftmp, y_in);
+ felem_sum(ftmp, z_in);
+ /* ftmp[i] < 2^106 + 2^106 = 2^107 */
+ felem_square(tmp, ftmp);
+ felem_reduce(z_out, tmp);
+ felem_diff(z_out, delta);
+ /* z_out[i] < 2^105 + 2^101 < 2^106 */
+
+ /* y' = alpha*(4*beta - x') - 8*gamma^2 */
+ felem_scalar(beta, 4);
+ /* beta[i] < 4 * 2^101 = 2^103 */
+ felem_diff_zero107(beta, x_out);
+ /* beta[i] < 2^107 + 2^103 < 2^108 */
+ felem_small_mul(tmp, small2, beta);
+ /* tmp[i] < 7 * 2^64 < 2^67 */
+ smallfelem_square(tmp2, small1);
+ /* tmp2[i] < 7 * 2^64 */
+ longfelem_scalar(tmp2, 8);
+ /* tmp2[i] < 8 * 7 * 2^64 = 7 * 2^67 */
+ longfelem_diff(tmp, tmp2);
+ /* tmp[i] < 2^67 + 2^70 + 2^40 < 2^71 */
+ felem_reduce_zero105(y_out, tmp);
+ /* y_out[i] < 2^106 */
+}
+
+/*
+ * point_double_small is the same as point_double, except that it operates on
+ * smallfelems
+ */
+static void
+point_double_small(smallfelem x_out, smallfelem y_out, smallfelem z_out,
+ const smallfelem x_in, const smallfelem y_in,
+ const smallfelem z_in)
+{
+ felem felem_x_out, felem_y_out, felem_z_out;
+ felem felem_x_in, felem_y_in, felem_z_in;
+
+ smallfelem_expand(felem_x_in, x_in);
+ smallfelem_expand(felem_y_in, y_in);
+ smallfelem_expand(felem_z_in, z_in);
+ point_double(felem_x_out, felem_y_out, felem_z_out,
+ felem_x_in, felem_y_in, felem_z_in);
+ felem_shrink(x_out, felem_x_out);
+ felem_shrink(y_out, felem_y_out);
+ felem_shrink(z_out, felem_z_out);
+}
+
+/* copy_conditional copies in to out iff mask is all ones. */
+static void copy_conditional(felem out, const felem in, limb mask)
+{
+ unsigned i;
+ for (i = 0; i < NLIMBS; ++i) {
+ const limb tmp = mask & (in[i] ^ out[i]);
+ out[i] ^= tmp;
+ }
+}
+
+/* copy_small_conditional copies in to out iff mask is all ones. */
+static void copy_small_conditional(felem out, const smallfelem in, limb mask)
+{
+ unsigned i;
+ const u64 mask64 = mask;
+ for (i = 0; i < NLIMBS; ++i) {
+ out[i] = ((limb) (in[i] & mask64)) | (out[i] & ~mask);
+ }
+}
+
+/*-
+ * point_add calcuates (x1, y1, z1) + (x2, y2, z2)
+ *
+ * The method is taken from:
+ * http://hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-3.html#addition-add-2007-bl,
+ * adapted for mixed addition (z2 = 1, or z2 = 0 for the point at infinity).
+ *
+ * This function includes a branch for checking whether the two input points
+ * are equal, (while not equal to the point at infinity). This case never
+ * happens during single point multiplication, so there is no timing leak for
+ * ECDH or ECDSA signing.
+ */
+static void point_add(felem x3, felem y3, felem z3,
+ const felem x1, const felem y1, const felem z1,
+ const int mixed, const smallfelem x2,
+ const smallfelem y2, const smallfelem z2)
+{
+ felem ftmp, ftmp2, ftmp3, ftmp4, ftmp5, ftmp6, x_out, y_out, z_out;
+ longfelem tmp, tmp2;
+ smallfelem small1, small2, small3, small4, small5;
+ limb x_equal, y_equal, z1_is_zero, z2_is_zero;
+
+ felem_shrink(small3, z1);
+
+ z1_is_zero = smallfelem_is_zero(small3);
+ z2_is_zero = smallfelem_is_zero(z2);
+
+ /* ftmp = z1z1 = z1**2 */
+ smallfelem_square(tmp, small3);
+ felem_reduce(ftmp, tmp);
+ /* ftmp[i] < 2^101 */
+ felem_shrink(small1, ftmp);
+
+ if (!mixed) {
+ /* ftmp2 = z2z2 = z2**2 */
+ smallfelem_square(tmp, z2);
+ felem_reduce(ftmp2, tmp);
+ /* ftmp2[i] < 2^101 */
+ felem_shrink(small2, ftmp2);
+
+ felem_shrink(small5, x1);
+
+ /* u1 = ftmp3 = x1*z2z2 */
+ smallfelem_mul(tmp, small5, small2);
+ felem_reduce(ftmp3, tmp);
+ /* ftmp3[i] < 2^101 */
+
+ /* ftmp5 = z1 + z2 */
+ felem_assign(ftmp5, z1);
+ felem_small_sum(ftmp5, z2);
+ /* ftmp5[i] < 2^107 */
+
+ /* ftmp5 = (z1 + z2)**2 - (z1z1 + z2z2) = 2z1z2 */
+ felem_square(tmp, ftmp5);
+ felem_reduce(ftmp5, tmp);
+ /* ftmp2 = z2z2 + z1z1 */
+ felem_sum(ftmp2, ftmp);
+ /* ftmp2[i] < 2^101 + 2^101 = 2^102 */
+ felem_diff(ftmp5, ftmp2);
+ /* ftmp5[i] < 2^105 + 2^101 < 2^106 */
+
+ /* ftmp2 = z2 * z2z2 */
+ smallfelem_mul(tmp, small2, z2);
+ felem_reduce(ftmp2, tmp);
+
+ /* s1 = ftmp2 = y1 * z2**3 */
+ felem_mul(tmp, y1, ftmp2);
+ felem_reduce(ftmp6, tmp);
+ /* ftmp6[i] < 2^101 */
+ } else {
+ /*
+ * We'll assume z2 = 1 (special case z2 = 0 is handled later)
+ */
+
+ /* u1 = ftmp3 = x1*z2z2 */
+ felem_assign(ftmp3, x1);
+ /* ftmp3[i] < 2^106 */
+
+ /* ftmp5 = 2z1z2 */
+ felem_assign(ftmp5, z1);
+ felem_scalar(ftmp5, 2);
+ /* ftmp5[i] < 2*2^106 = 2^107 */
+
+ /* s1 = ftmp2 = y1 * z2**3 */
+ felem_assign(ftmp6, y1);
+ /* ftmp6[i] < 2^106 */
+ }
+
+ /* u2 = x2*z1z1 */
+ smallfelem_mul(tmp, x2, small1);
+ felem_reduce(ftmp4, tmp);
+
+ /* h = ftmp4 = u2 - u1 */
+ felem_diff_zero107(ftmp4, ftmp3);
+ /* ftmp4[i] < 2^107 + 2^101 < 2^108 */
+ felem_shrink(small4, ftmp4);
+
+ x_equal = smallfelem_is_zero(small4);
+
+ /* z_out = ftmp5 * h */
+ felem_small_mul(tmp, small4, ftmp5);
+ felem_reduce(z_out, tmp);
+ /* z_out[i] < 2^101 */
+
+ /* ftmp = z1 * z1z1 */
+ smallfelem_mul(tmp, small1, small3);
+ felem_reduce(ftmp, tmp);
+
+ /* s2 = tmp = y2 * z1**3 */
+ felem_small_mul(tmp, y2, ftmp);
+ felem_reduce(ftmp5, tmp);
+
+ /* r = ftmp5 = (s2 - s1)*2 */
+ felem_diff_zero107(ftmp5, ftmp6);
+ /* ftmp5[i] < 2^107 + 2^107 = 2^108 */
+ felem_scalar(ftmp5, 2);
+ /* ftmp5[i] < 2^109 */
+ felem_shrink(small1, ftmp5);
+ y_equal = smallfelem_is_zero(small1);
+
+ if (x_equal && y_equal && !z1_is_zero && !z2_is_zero) {
+ point_double(x3, y3, z3, x1, y1, z1);
+ return;
+ }
+
+ /* I = ftmp = (2h)**2 */
+ felem_assign(ftmp, ftmp4);
+ felem_scalar(ftmp, 2);
+ /* ftmp[i] < 2*2^108 = 2^109 */
+ felem_square(tmp, ftmp);
+ felem_reduce(ftmp, tmp);
+
+ /* J = ftmp2 = h * I */
+ felem_mul(tmp, ftmp4, ftmp);
+ felem_reduce(ftmp2, tmp);
+
+ /* V = ftmp4 = U1 * I */
+ felem_mul(tmp, ftmp3, ftmp);
+ felem_reduce(ftmp4, tmp);
+
+ /* x_out = r**2 - J - 2V */
+ smallfelem_square(tmp, small1);
+ felem_reduce(x_out, tmp);
+ felem_assign(ftmp3, ftmp4);
+ felem_scalar(ftmp4, 2);
+ felem_sum(ftmp4, ftmp2);
+ /* ftmp4[i] < 2*2^101 + 2^101 < 2^103 */
+ felem_diff(x_out, ftmp4);
+ /* x_out[i] < 2^105 + 2^101 */
+
+ /* y_out = r(V-x_out) - 2 * s1 * J */
+ felem_diff_zero107(ftmp3, x_out);
+ /* ftmp3[i] < 2^107 + 2^101 < 2^108 */
+ felem_small_mul(tmp, small1, ftmp3);
+ felem_mul(tmp2, ftmp6, ftmp2);
+ longfelem_scalar(tmp2, 2);
+ /* tmp2[i] < 2*2^67 = 2^68 */
+ longfelem_diff(tmp, tmp2);
+ /* tmp[i] < 2^67 + 2^70 + 2^40 < 2^71 */
+ felem_reduce_zero105(y_out, tmp);
+ /* y_out[i] < 2^106 */
+
+ copy_small_conditional(x_out, x2, z1_is_zero);
+ copy_conditional(x_out, x1, z2_is_zero);
+ copy_small_conditional(y_out, y2, z1_is_zero);
+ copy_conditional(y_out, y1, z2_is_zero);
+ copy_small_conditional(z_out, z2, z1_is_zero);
+ copy_conditional(z_out, z1, z2_is_zero);
+ felem_assign(x3, x_out);
+ felem_assign(y3, y_out);
+ felem_assign(z3, z_out);
+}
+
+/*
+ * point_add_small is the same as point_add, except that it operates on
+ * smallfelems
+ */
+static void point_add_small(smallfelem x3, smallfelem y3, smallfelem z3,
+ smallfelem x1, smallfelem y1, smallfelem z1,
+ smallfelem x2, smallfelem y2, smallfelem z2)
+{
+ felem felem_x3, felem_y3, felem_z3;
+ felem felem_x1, felem_y1, felem_z1;
+ smallfelem_expand(felem_x1, x1);
+ smallfelem_expand(felem_y1, y1);
+ smallfelem_expand(felem_z1, z1);
+ point_add(felem_x3, felem_y3, felem_z3, felem_x1, felem_y1, felem_z1, 0,
+ x2, y2, z2);
+ felem_shrink(x3, felem_x3);
+ felem_shrink(y3, felem_y3);
+ felem_shrink(z3, felem_z3);
+}
+
+/*-
+ * Base point pre computation
+ * --------------------------
+ *
+ * Two different sorts of precomputed tables are used in the following code.
+ * Each contain various points on the curve, where each point is three field
+ * elements (x, y, z).
+ *
+ * For the base point table, z is usually 1 (0 for the point at infinity).
+ * This table has 2 * 16 elements, starting with the following:
+ * index | bits | point
+ * ------+---------+------------------------------
+ * 0 | 0 0 0 0 | 0G
+ * 1 | 0 0 0 1 | 1G
+ * 2 | 0 0 1 0 | 2^64G
+ * 3 | 0 0 1 1 | (2^64 + 1)G
+ * 4 | 0 1 0 0 | 2^128G
+ * 5 | 0 1 0 1 | (2^128 + 1)G
+ * 6 | 0 1 1 0 | (2^128 + 2^64)G
+ * 7 | 0 1 1 1 | (2^128 + 2^64 + 1)G
+ * 8 | 1 0 0 0 | 2^192G
+ * 9 | 1 0 0 1 | (2^192 + 1)G
+ * 10 | 1 0 1 0 | (2^192 + 2^64)G
+ * 11 | 1 0 1 1 | (2^192 + 2^64 + 1)G
+ * 12 | 1 1 0 0 | (2^192 + 2^128)G
+ * 13 | 1 1 0 1 | (2^192 + 2^128 + 1)G
+ * 14 | 1 1 1 0 | (2^192 + 2^128 + 2^64)G
+ * 15 | 1 1 1 1 | (2^192 + 2^128 + 2^64 + 1)G
+ * followed by a copy of this with each element multiplied by 2^32.
+ *
+ * The reason for this is so that we can clock bits into four different
+ * locations when doing simple scalar multiplies against the base point,
+ * and then another four locations using the second 16 elements.
+ *
+ * Tables for other points have table[i] = iG for i in 0 .. 16. */
+
+/* gmul is the table of precomputed base points */
+static const smallfelem gmul[2][16][3] = {
+ {{{0, 0, 0, 0},
+ {0, 0, 0, 0},
+ {0, 0, 0, 0}},
+ {{0xf4a13945d898c296, 0x77037d812deb33a0, 0xf8bce6e563a440f2,
+ 0x6b17d1f2e12c4247},
+ {0xcbb6406837bf51f5, 0x2bce33576b315ece, 0x8ee7eb4a7c0f9e16,
+ 0x4fe342e2fe1a7f9b},
+ {1, 0, 0, 0}},
+ {{0x90e75cb48e14db63, 0x29493baaad651f7e, 0x8492592e326e25de,
+ 0x0fa822bc2811aaa5},
+ {0xe41124545f462ee7, 0x34b1a65050fe82f5, 0x6f4ad4bcb3df188b,
+ 0xbff44ae8f5dba80d},
+ {1, 0, 0, 0}},
+ {{0x93391ce2097992af, 0xe96c98fd0d35f1fa, 0xb257c0de95e02789,
+ 0x300a4bbc89d6726f},
+ {0xaa54a291c08127a0, 0x5bb1eeada9d806a5, 0x7f1ddb25ff1e3c6f,
+ 0x72aac7e0d09b4644},
+ {1, 0, 0, 0}},
+ {{0x57c84fc9d789bd85, 0xfc35ff7dc297eac3, 0xfb982fd588c6766e,
+ 0x447d739beedb5e67},
+ {0x0c7e33c972e25b32, 0x3d349b95a7fae500, 0xe12e9d953a4aaff7,
+ 0x2d4825ab834131ee},
+ {1, 0, 0, 0}},
+ {{0x13949c932a1d367f, 0xef7fbd2b1a0a11b7, 0xddc6068bb91dfc60,
+ 0xef9519328a9c72ff},
+ {0x196035a77376d8a8, 0x23183b0895ca1740, 0xc1ee9807022c219c,
+ 0x611e9fc37dbb2c9b},
+ {1, 0, 0, 0}},
+ {{0xcae2b1920b57f4bc, 0x2936df5ec6c9bc36, 0x7dea6482e11238bf,
+ 0x550663797b51f5d8},
+ {0x44ffe216348a964c, 0x9fb3d576dbdefbe1, 0x0afa40018d9d50e5,
+ 0x157164848aecb851},
+ {1, 0, 0, 0}},
+ {{0xe48ecafffc5cde01, 0x7ccd84e70d715f26, 0xa2e8f483f43e4391,
+ 0xeb5d7745b21141ea},
+ {0xcac917e2731a3479, 0x85f22cfe2844b645, 0x0990e6a158006cee,
+ 0xeafd72ebdbecc17b},
+ {1, 0, 0, 0}},
+ {{0x6cf20ffb313728be, 0x96439591a3c6b94a, 0x2736ff8344315fc5,
+ 0xa6d39677a7849276},
+ {0xf2bab833c357f5f4, 0x824a920c2284059b, 0x66b8babd2d27ecdf,
+ 0x674f84749b0b8816},
+ {1, 0, 0, 0}},
+ {{0x2df48c04677c8a3e, 0x74e02f080203a56b, 0x31855f7db8c7fedb,
+ 0x4e769e7672c9ddad},
+ {0xa4c36165b824bbb0, 0xfb9ae16f3b9122a5, 0x1ec0057206947281,
+ 0x42b99082de830663},
+ {1, 0, 0, 0}},
+ {{0x6ef95150dda868b9, 0xd1f89e799c0ce131, 0x7fdc1ca008a1c478,
+ 0x78878ef61c6ce04d},
+ {0x9c62b9121fe0d976, 0x6ace570ebde08d4f, 0xde53142c12309def,
+ 0xb6cb3f5d7b72c321},
+ {1, 0, 0, 0}},
+ {{0x7f991ed2c31a3573, 0x5b82dd5bd54fb496, 0x595c5220812ffcae,
+ 0x0c88bc4d716b1287},
+ {0x3a57bf635f48aca8, 0x7c8181f4df2564f3, 0x18d1b5b39c04e6aa,
+ 0xdd5ddea3f3901dc6},
+ {1, 0, 0, 0}},
+ {{0xe96a79fb3e72ad0c, 0x43a0a28c42ba792f, 0xefe0a423083e49f3,
+ 0x68f344af6b317466},
+ {0xcdfe17db3fb24d4a, 0x668bfc2271f5c626, 0x604ed93c24d67ff3,
+ 0x31b9c405f8540a20},
+ {1, 0, 0, 0}},
+ {{0xd36b4789a2582e7f, 0x0d1a10144ec39c28, 0x663c62c3edbad7a0,
+ 0x4052bf4b6f461db9},
+ {0x235a27c3188d25eb, 0xe724f33999bfcc5b, 0x862be6bd71d70cc8,
+ 0xfecf4d5190b0fc61},
+ {1, 0, 0, 0}},
+ {{0x74346c10a1d4cfac, 0xafdf5cc08526a7a4, 0x123202a8f62bff7a,
+ 0x1eddbae2c802e41a},
+ {0x8fa0af2dd603f844, 0x36e06b7e4c701917, 0x0c45f45273db33a0,
+ 0x43104d86560ebcfc},
+ {1, 0, 0, 0}},
+ {{0x9615b5110d1d78e5, 0x66b0de3225c4744b, 0x0a4a46fb6aaf363a,
+ 0xb48e26b484f7a21c},
+ {0x06ebb0f621a01b2d, 0xc004e4048b7b0f98, 0x64131bcdfed6f668,
+ 0xfac015404d4d3dab},
+ {1, 0, 0, 0}}},
+ {{{0, 0, 0, 0},
+ {0, 0, 0, 0},
+ {0, 0, 0, 0}},
+ {{0x3a5a9e22185a5943, 0x1ab919365c65dfb6, 0x21656b32262c71da,
+ 0x7fe36b40af22af89},
+ {0xd50d152c699ca101, 0x74b3d5867b8af212, 0x9f09f40407dca6f1,
+ 0xe697d45825b63624},
+ {1, 0, 0, 0}},
+ {{0xa84aa9397512218e, 0xe9a521b074ca0141, 0x57880b3a18a2e902,
+ 0x4a5b506612a677a6},
+ {0x0beada7a4c4f3840, 0x626db15419e26d9d, 0xc42604fbe1627d40,
+ 0xeb13461ceac089f1},
+ {1, 0, 0, 0}},
+ {{0xf9faed0927a43281, 0x5e52c4144103ecbc, 0xc342967aa815c857,
+ 0x0781b8291c6a220a},
+ {0x5a8343ceeac55f80, 0x88f80eeee54a05e3, 0x97b2a14f12916434,
+ 0x690cde8df0151593},
+ {1, 0, 0, 0}},
+ {{0xaee9c75df7f82f2a, 0x9e4c35874afdf43a, 0xf5622df437371326,
+ 0x8a535f566ec73617},
+ {0xc5f9a0ac223094b7, 0xcde533864c8c7669, 0x37e02819085a92bf,
+ 0x0455c08468b08bd7},
+ {1, 0, 0, 0}},
+ {{0x0c0a6e2c9477b5d9, 0xf9a4bf62876dc444, 0x5050a949b6cdc279,
+ 0x06bada7ab77f8276},
+ {0xc8b4aed1ea48dac9, 0xdebd8a4b7ea1070f, 0x427d49101366eb70,
+ 0x5b476dfd0e6cb18a},
+ {1, 0, 0, 0}},
+ {{0x7c5c3e44278c340a, 0x4d54606812d66f3b, 0x29a751b1ae23c5d8,
+ 0x3e29864e8a2ec908},
+ {0x142d2a6626dbb850, 0xad1744c4765bd780, 0x1f150e68e322d1ed,
+ 0x239b90ea3dc31e7e},
+ {1, 0, 0, 0}},
+ {{0x78c416527a53322a, 0x305dde6709776f8e, 0xdbcab759f8862ed4,
+ 0x820f4dd949f72ff7},
+ {0x6cc544a62b5debd4, 0x75be5d937b4e8cc4, 0x1b481b1b215c14d3,
+ 0x140406ec783a05ec},
+ {1, 0, 0, 0}},
+ {{0x6a703f10e895df07, 0xfd75f3fa01876bd8, 0xeb5b06e70ce08ffe,
+ 0x68f6b8542783dfee},
+ {0x90c76f8a78712655, 0xcf5293d2f310bf7f, 0xfbc8044dfda45028,
+ 0xcbe1feba92e40ce6},
+ {1, 0, 0, 0}},
+ {{0xe998ceea4396e4c1, 0xfc82ef0b6acea274, 0x230f729f2250e927,
+ 0xd0b2f94d2f420109},
+ {0x4305adddb38d4966, 0x10b838f8624c3b45, 0x7db2636658954e7a,
+ 0x971459828b0719e5},
+ {1, 0, 0, 0}},
+ {{0x4bd6b72623369fc9, 0x57f2929e53d0b876, 0xc2d5cba4f2340687,
+ 0x961610004a866aba},
+ {0x49997bcd2e407a5e, 0x69ab197d92ddcb24, 0x2cf1f2438fe5131c,
+ 0x7acb9fadcee75e44},
+ {1, 0, 0, 0}},
+ {{0x254e839423d2d4c0, 0xf57f0c917aea685b, 0xa60d880f6f75aaea,
+ 0x24eb9acca333bf5b},
+ {0xe3de4ccb1cda5dea, 0xfeef9341c51a6b4f, 0x743125f88bac4c4d,
+ 0x69f891c5acd079cc},
+ {1, 0, 0, 0}},
+ {{0xeee44b35702476b5, 0x7ed031a0e45c2258, 0xb422d1e7bd6f8514,
+ 0xe51f547c5972a107},
+ {0xa25bcd6fc9cf343d, 0x8ca922ee097c184e, 0xa62f98b3a9fe9a06,
+ 0x1c309a2b25bb1387},
+ {1, 0, 0, 0}},
+ {{0x9295dbeb1967c459, 0xb00148833472c98e, 0xc504977708011828,
+ 0x20b87b8aa2c4e503},
+ {0x3063175de057c277, 0x1bd539338fe582dd, 0x0d11adef5f69a044,
+ 0xf5c6fa49919776be},
+ {1, 0, 0, 0}},
+ {{0x8c944e760fd59e11, 0x3876cba1102fad5f, 0xa454c3fad83faa56,
+ 0x1ed7d1b9332010b9},
+ {0xa1011a270024b889, 0x05e4d0dcac0cd344, 0x52b520f0eb6a2a24,
+ 0x3a2b03f03217257a},
+ {1, 0, 0, 0}},
+ {{0xf20fc2afdf1d043d, 0xf330240db58d5a62, 0xfc7d229ca0058c3b,
+ 0x15fee545c78dd9f6},
+ {0x501e82885bc98cda, 0x41ef80e5d046ac04, 0x557d9f49461210fb,
+ 0x4ab5b6b2b8753f81},
+ {1, 0, 0, 0}}}
+};
+
+/*
+ * select_point selects the |idx|th point from a precomputation table and
+ * copies it to out.
+ */
+static void select_point(const u64 idx, unsigned int size,
+ const smallfelem pre_comp[16][3], smallfelem out[3])
+{
+ unsigned i, j;
+ u64 *outlimbs = &out[0][0];
+ memset(outlimbs, 0, 3 * sizeof(smallfelem));
+
+ for (i = 0; i < size; i++) {
+ const u64 *inlimbs = (u64 *)&pre_comp[i][0][0];
+ u64 mask = i ^ idx;
+ mask |= mask >> 4;
+ mask |= mask >> 2;
+ mask |= mask >> 1;
+ mask &= 1;
+ mask--;
+ for (j = 0; j < NLIMBS * 3; j++)
+ outlimbs[j] |= inlimbs[j] & mask;
+ }
+}
+
+/* get_bit returns the |i|th bit in |in| */
+static char get_bit(const felem_bytearray in, int i)
+{
+ if ((i < 0) || (i >= 256))
+ return 0;
+ return (in[i >> 3] >> (i & 7)) & 1;
+}
+
+/*
+ * Interleaved point multiplication using precomputed point multiples: The
+ * small point multiples 0*P, 1*P, ..., 17*P are in pre_comp[], the scalars
+ * in scalars[]. If g_scalar is non-NULL, we also add this multiple of the
+ * generator, using certain (large) precomputed multiples in g_pre_comp.
+ * Output point (X, Y, Z) is stored in x_out, y_out, z_out
+ */
+static void batch_mul(felem x_out, felem y_out, felem z_out,
+ const felem_bytearray scalars[],
+ const unsigned num_points, const u8 *g_scalar,
+ const int mixed, const smallfelem pre_comp[][17][3],
+ const smallfelem g_pre_comp[2][16][3])
+{
+ int i, skip;
+ unsigned num, gen_mul = (g_scalar != NULL);
+ felem nq[3], ftmp;
+ smallfelem tmp[3];
+ u64 bits;
+ u8 sign, digit;
+
+ /* set nq to the point at infinity */
+ memset(nq, 0, 3 * sizeof(felem));
+
+ /*
+ * Loop over all scalars msb-to-lsb, interleaving additions of multiples
+ * of the generator (two in each of the last 32 rounds) and additions of
+ * other points multiples (every 5th round).
+ */
+ skip = 1; /* save two point operations in the first
+ * round */
+ for (i = (num_points ? 255 : 31); i >= 0; --i) {
+ /* double */
+ if (!skip)
+ point_double(nq[0], nq[1], nq[2], nq[0], nq[1], nq[2]);
+
+ /* add multiples of the generator */
+ if (gen_mul && (i <= 31)) {
+ /* first, look 32 bits upwards */
+ bits = get_bit(g_scalar, i + 224) << 3;
+ bits |= get_bit(g_scalar, i + 160) << 2;
+ bits |= get_bit(g_scalar, i + 96) << 1;
+ bits |= get_bit(g_scalar, i + 32);
+ /* select the point to add, in constant time */
+ select_point(bits, 16, g_pre_comp[1], tmp);
+
+ if (!skip) {
+ /* Arg 1 below is for "mixed" */
+ point_add(nq[0], nq[1], nq[2],
+ nq[0], nq[1], nq[2], 1, tmp[0], tmp[1], tmp[2]);
+ } else {
+ smallfelem_expand(nq[0], tmp[0]);
+ smallfelem_expand(nq[1], tmp[1]);
+ smallfelem_expand(nq[2], tmp[2]);
+ skip = 0;
+ }
+
+ /* second, look at the current position */
+ bits = get_bit(g_scalar, i + 192) << 3;
+ bits |= get_bit(g_scalar, i + 128) << 2;
+ bits |= get_bit(g_scalar, i + 64) << 1;
+ bits |= get_bit(g_scalar, i);
+ /* select the point to add, in constant time */
+ select_point(bits, 16, g_pre_comp[0], tmp);
+ /* Arg 1 below is for "mixed" */
+ point_add(nq[0], nq[1], nq[2],
+ nq[0], nq[1], nq[2], 1, tmp[0], tmp[1], tmp[2]);
+ }
+
+ /* do other additions every 5 doublings */
+ if (num_points && (i % 5 == 0)) {
+ /* loop over all scalars */
+ for (num = 0; num < num_points; ++num) {
+ bits = get_bit(scalars[num], i + 4) << 5;
+ bits |= get_bit(scalars[num], i + 3) << 4;
+ bits |= get_bit(scalars[num], i + 2) << 3;
+ bits |= get_bit(scalars[num], i + 1) << 2;
+ bits |= get_bit(scalars[num], i) << 1;
+ bits |= get_bit(scalars[num], i - 1);
+ ec_GFp_nistp_recode_scalar_bits(&sign, &digit, bits);
+
+ /*
+ * select the point to add or subtract, in constant time
+ */
+ select_point(digit, 17, pre_comp[num], tmp);
+ smallfelem_neg(ftmp, tmp[1]); /* (X, -Y, Z) is the negative
+ * point */
+ copy_small_conditional(ftmp, tmp[1], (((limb) sign) - 1));
+ felem_contract(tmp[1], ftmp);
+
+ if (!skip) {
+ point_add(nq[0], nq[1], nq[2],
+ nq[0], nq[1], nq[2],
+ mixed, tmp[0], tmp[1], tmp[2]);
+ } else {
+ smallfelem_expand(nq[0], tmp[0]);
+ smallfelem_expand(nq[1], tmp[1]);
+ smallfelem_expand(nq[2], tmp[2]);
+ skip = 0;
+ }
+ }
+ }
+ }
+ felem_assign(x_out, nq[0]);
+ felem_assign(y_out, nq[1]);
+ felem_assign(z_out, nq[2]);
+}
+
+/* Precomputation for the group generator. */
+typedef struct {
+ smallfelem g_pre_comp[2][16][3];
+ int references;
+} NISTP256_PRE_COMP;
+
+const EC_METHOD *EC_GFp_nistp256_method(void)
+{
+ static const EC_METHOD ret = {
+ EC_FLAGS_DEFAULT_OCT,
+ NID_X9_62_prime_field,
+ ec_GFp_nistp256_group_init,
+ ec_GFp_simple_group_finish,
+ ec_GFp_simple_group_clear_finish,
+ ec_GFp_nist_group_copy,
+ ec_GFp_nistp256_group_set_curve,
+ ec_GFp_simple_group_get_curve,
+ ec_GFp_simple_group_get_degree,
+ ec_GFp_simple_group_check_discriminant,
+ ec_GFp_simple_point_init,
+ ec_GFp_simple_point_finish,
+ ec_GFp_simple_point_clear_finish,
+ ec_GFp_simple_point_copy,
+ ec_GFp_simple_point_set_to_infinity,
+ ec_GFp_simple_set_Jprojective_coordinates_GFp,
+ ec_GFp_simple_get_Jprojective_coordinates_GFp,
+ ec_GFp_simple_point_set_affine_coordinates,
+ ec_GFp_nistp256_point_get_affine_coordinates,
+ 0 /* point_set_compressed_coordinates */ ,
+ 0 /* point2oct */ ,
+ 0 /* oct2point */ ,
+ ec_GFp_simple_add,
+ ec_GFp_simple_dbl,
+ ec_GFp_simple_invert,
+ ec_GFp_simple_is_at_infinity,
+ ec_GFp_simple_is_on_curve,
+ ec_GFp_simple_cmp,
+ ec_GFp_simple_make_affine,
+ ec_GFp_simple_points_make_affine,
+ ec_GFp_nistp256_points_mul,
+ ec_GFp_nistp256_precompute_mult,
+ ec_GFp_nistp256_have_precompute_mult,
+ ec_GFp_nist_field_mul,
+ ec_GFp_nist_field_sqr,
+ 0 /* field_div */ ,
+ 0 /* field_encode */ ,
+ 0 /* field_decode */ ,
+ 0 /* field_set_to_one */
+ };
+
+ return &ret;
+}
+
+/******************************************************************************/
+/*
+ * FUNCTIONS TO MANAGE PRECOMPUTATION
+ */
+
+static NISTP256_PRE_COMP *nistp256_pre_comp_new()
+{
+ NISTP256_PRE_COMP *ret = NULL;
+ ret = (NISTP256_PRE_COMP *) OPENSSL_malloc(sizeof *ret);
+ if (!ret) {
+ ECerr(EC_F_NISTP256_PRE_COMP_NEW, ERR_R_MALLOC_FAILURE);
+ return ret;
+ }
+ memset(ret->g_pre_comp, 0, sizeof(ret->g_pre_comp));
+ ret->references = 1;
+ return ret;
+}
+
+static void *nistp256_pre_comp_dup(void *src_)
+{
+ NISTP256_PRE_COMP *src = src_;
+
+ /* no need to actually copy, these objects never change! */
+ CRYPTO_add(&src->references, 1, CRYPTO_LOCK_EC_PRE_COMP);
+
+ return src_;
+}
+
+static void nistp256_pre_comp_free(void *pre_)
+{
+ int i;
+ NISTP256_PRE_COMP *pre = pre_;
+
+ if (!pre)
+ return;
+
+ i = CRYPTO_add(&pre->references, -1, CRYPTO_LOCK_EC_PRE_COMP);
+ if (i > 0)
+ return;
+
+ OPENSSL_free(pre);
+}
+
+static void nistp256_pre_comp_clear_free(void *pre_)
+{
+ int i;
+ NISTP256_PRE_COMP *pre = pre_;
+
+ if (!pre)
+ return;
+
+ i = CRYPTO_add(&pre->references, -1, CRYPTO_LOCK_EC_PRE_COMP);
+ if (i > 0)
+ return;
+
+ OPENSSL_cleanse(pre, sizeof *pre);
+ OPENSSL_free(pre);
+}
+
+/******************************************************************************/
+/*
+ * OPENSSL EC_METHOD FUNCTIONS
+ */
+
+int ec_GFp_nistp256_group_init(EC_GROUP *group)
+{
+ int ret;
+ ret = ec_GFp_simple_group_init(group);
+ group->a_is_minus3 = 1;
+ return ret;
+}
+
+int ec_GFp_nistp256_group_set_curve(EC_GROUP *group, const BIGNUM *p,
+ const BIGNUM *a, const BIGNUM *b,
+ BN_CTX *ctx)
+{
+ int ret = 0;
+ BN_CTX *new_ctx = NULL;
+ BIGNUM *curve_p, *curve_a, *curve_b;
+
+ if (ctx == NULL)
+ if ((ctx = new_ctx = BN_CTX_new()) == NULL)
+ return 0;
+ BN_CTX_start(ctx);
+ if (((curve_p = BN_CTX_get(ctx)) == NULL) ||
+ ((curve_a = BN_CTX_get(ctx)) == NULL) ||
+ ((curve_b = BN_CTX_get(ctx)) == NULL))
+ goto err;
+ BN_bin2bn(nistp256_curve_params[0], sizeof(felem_bytearray), curve_p);
+ BN_bin2bn(nistp256_curve_params[1], sizeof(felem_bytearray), curve_a);
+ BN_bin2bn(nistp256_curve_params[2], sizeof(felem_bytearray), curve_b);
+ if ((BN_cmp(curve_p, p)) || (BN_cmp(curve_a, a)) || (BN_cmp(curve_b, b))) {
+ ECerr(EC_F_EC_GFP_NISTP256_GROUP_SET_CURVE,
+ EC_R_WRONG_CURVE_PARAMETERS);
+ goto err;
+ }
+ group->field_mod_func = BN_nist_mod_256;
+ ret = ec_GFp_simple_group_set_curve(group, p, a, b, ctx);
+ err:
+ BN_CTX_end(ctx);
+ if (new_ctx != NULL)
+ BN_CTX_free(new_ctx);
+ return ret;
+}
+
+/*
+ * Takes the Jacobian coordinates (X, Y, Z) of a point and returns (X', Y') =
+ * (X/Z^2, Y/Z^3)
+ */
+int ec_GFp_nistp256_point_get_affine_coordinates(const EC_GROUP *group,
+ const EC_POINT *point,
+ BIGNUM *x, BIGNUM *y,
+ BN_CTX *ctx)
+{
+ felem z1, z2, x_in, y_in;
+ smallfelem x_out, y_out;
+ longfelem tmp;
+
+ if (EC_POINT_is_at_infinity(group, point)) {
+ ECerr(EC_F_EC_GFP_NISTP256_POINT_GET_AFFINE_COORDINATES,
+ EC_R_POINT_AT_INFINITY);
+ return 0;
+ }
+ if ((!BN_to_felem(x_in, &point->X)) || (!BN_to_felem(y_in, &point->Y)) ||
+ (!BN_to_felem(z1, &point->Z)))
+ return 0;
+ felem_inv(z2, z1);
+ felem_square(tmp, z2);
+ felem_reduce(z1, tmp);
+ felem_mul(tmp, x_in, z1);
+ felem_reduce(x_in, tmp);
+ felem_contract(x_out, x_in);
+ if (x != NULL) {
+ if (!smallfelem_to_BN(x, x_out)) {
+ ECerr(EC_F_EC_GFP_NISTP256_POINT_GET_AFFINE_COORDINATES,
+ ERR_R_BN_LIB);
+ return 0;
+ }
+ }
+ felem_mul(tmp, z1, z2);
+ felem_reduce(z1, tmp);
+ felem_mul(tmp, y_in, z1);
+ felem_reduce(y_in, tmp);
+ felem_contract(y_out, y_in);
+ if (y != NULL) {
+ if (!smallfelem_to_BN(y, y_out)) {
+ ECerr(EC_F_EC_GFP_NISTP256_POINT_GET_AFFINE_COORDINATES,
+ ERR_R_BN_LIB);
+ return 0;
+ }
+ }
+ return 1;
+}
+
+/* points below is of size |num|, and tmp_smallfelems is of size |num+1| */
+static void make_points_affine(size_t num, smallfelem points[][3],
+ smallfelem tmp_smallfelems[])
+{
+ /*
+ * Runs in constant time, unless an input is the point at infinity (which
+ * normally shouldn't happen).
+ */
+ ec_GFp_nistp_points_make_affine_internal(num,
+ points,
+ sizeof(smallfelem),
+ tmp_smallfelems,
+ (void (*)(void *))smallfelem_one,
+ (int (*)(const void *))
+ smallfelem_is_zero_int,
+ (void (*)(void *, const void *))
+ smallfelem_assign,
+ (void (*)(void *, const void *))
+ smallfelem_square_contract,
+ (void (*)
+ (void *, const void *,
+ const void *))
+ smallfelem_mul_contract,
+ (void (*)(void *, const void *))
+ smallfelem_inv_contract,
+ /* nothing to contract */
+ (void (*)(void *, const void *))
+ smallfelem_assign);
+}
+
+/*
+ * Computes scalar*generator + \sum scalars[i]*points[i], ignoring NULL
+ * values Result is stored in r (r can equal one of the inputs).
+ */
+int ec_GFp_nistp256_points_mul(const EC_GROUP *group, EC_POINT *r,
+ const BIGNUM *scalar, size_t num,
+ const EC_POINT *points[],
+ const BIGNUM *scalars[], BN_CTX *ctx)
+{
+ int ret = 0;
+ int j;
+ int mixed = 0;
+ BN_CTX *new_ctx = NULL;
+ BIGNUM *x, *y, *z, *tmp_scalar;
+ felem_bytearray g_secret;
+ felem_bytearray *secrets = NULL;
+ smallfelem(*pre_comp)[17][3] = NULL;
+ smallfelem *tmp_smallfelems = NULL;
+ felem_bytearray tmp;
+ unsigned i, num_bytes;
+ int have_pre_comp = 0;
+ size_t num_points = num;
+ smallfelem x_in, y_in, z_in;
+ felem x_out, y_out, z_out;
+ NISTP256_PRE_COMP *pre = NULL;
+ const smallfelem(*g_pre_comp)[16][3] = NULL;
+ EC_POINT *generator = NULL;
+ const EC_POINT *p = NULL;
+ const BIGNUM *p_scalar = NULL;
+
+ if (ctx == NULL)
+ if ((ctx = new_ctx = BN_CTX_new()) == NULL)
+ return 0;
+ BN_CTX_start(ctx);
+ if (((x = BN_CTX_get(ctx)) == NULL) ||
+ ((y = BN_CTX_get(ctx)) == NULL) ||
+ ((z = BN_CTX_get(ctx)) == NULL) ||
+ ((tmp_scalar = BN_CTX_get(ctx)) == NULL))
+ goto err;
+
+ if (scalar != NULL) {
+ pre = EC_EX_DATA_get_data(group->extra_data,
+ nistp256_pre_comp_dup,
+ nistp256_pre_comp_free,
+ nistp256_pre_comp_clear_free);
+ if (pre)
+ /* we have precomputation, try to use it */
+ g_pre_comp = (const smallfelem(*)[16][3])pre->g_pre_comp;
+ else
+ /* try to use the standard precomputation */
+ g_pre_comp = &gmul[0];
+ generator = EC_POINT_new(group);
+ if (generator == NULL)
+ goto err;
+ /* get the generator from precomputation */
+ if (!smallfelem_to_BN(x, g_pre_comp[0][1][0]) ||
+ !smallfelem_to_BN(y, g_pre_comp[0][1][1]) ||
+ !smallfelem_to_BN(z, g_pre_comp[0][1][2])) {
+ ECerr(EC_F_EC_GFP_NISTP256_POINTS_MUL, ERR_R_BN_LIB);
+ goto err;
+ }
+ if (!EC_POINT_set_Jprojective_coordinates_GFp(group,
+ generator, x, y, z,
+ ctx))
+ goto err;
+ if (0 == EC_POINT_cmp(group, generator, group->generator, ctx))
+ /* precomputation matches generator */
+ have_pre_comp = 1;
+ else
+ /*
+ * we don't have valid precomputation: treat the generator as a
+ * random point
+ */
+ num_points++;
+ }
+ if (num_points > 0) {
+ if (num_points >= 3) {
+ /*
+ * unless we precompute multiples for just one or two points,
+ * converting those into affine form is time well spent
+ */
+ mixed = 1;
+ }
+ secrets = OPENSSL_malloc(num_points * sizeof(felem_bytearray));
+ pre_comp = OPENSSL_malloc(num_points * 17 * 3 * sizeof(smallfelem));
+ if (mixed)
+ tmp_smallfelems =
+ OPENSSL_malloc((num_points * 17 + 1) * sizeof(smallfelem));
+ if ((secrets == NULL) || (pre_comp == NULL)
+ || (mixed && (tmp_smallfelems == NULL))) {
+ ECerr(EC_F_EC_GFP_NISTP256_POINTS_MUL, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ /*
+ * we treat NULL scalars as 0, and NULL points as points at infinity,
+ * i.e., they contribute nothing to the linear combination
+ */
+ memset(secrets, 0, num_points * sizeof(felem_bytearray));
+ memset(pre_comp, 0, num_points * 17 * 3 * sizeof(smallfelem));
+ for (i = 0; i < num_points; ++i) {
+ if (i == num)
+ /*
+ * we didn't have a valid precomputation, so we pick the
+ * generator
+ */
+ {
+ p = EC_GROUP_get0_generator(group);
+ p_scalar = scalar;
+ } else
+ /* the i^th point */
+ {
+ p = points[i];
+ p_scalar = scalars[i];
+ }
+ if ((p_scalar != NULL) && (p != NULL)) {
+ /* reduce scalar to 0 <= scalar < 2^256 */
+ if ((BN_num_bits(p_scalar) > 256)
+ || (BN_is_negative(p_scalar))) {
+ /*
+ * this is an unusual input, and we don't guarantee
+ * constant-timeness
+ */
+ if (!BN_nnmod(tmp_scalar, p_scalar, &group->order, ctx)) {
+ ECerr(EC_F_EC_GFP_NISTP256_POINTS_MUL, ERR_R_BN_LIB);
+ goto err;
+ }
+ num_bytes = BN_bn2bin(tmp_scalar, tmp);
+ } else
+ num_bytes = BN_bn2bin(p_scalar, tmp);
+ flip_endian(secrets[i], tmp, num_bytes);
+ /* precompute multiples */
+ if ((!BN_to_felem(x_out, &p->X)) ||
+ (!BN_to_felem(y_out, &p->Y)) ||
+ (!BN_to_felem(z_out, &p->Z)))
+ goto err;
+ felem_shrink(pre_comp[i][1][0], x_out);
+ felem_shrink(pre_comp[i][1][1], y_out);
+ felem_shrink(pre_comp[i][1][2], z_out);
+ for (j = 2; j <= 16; ++j) {
+ if (j & 1) {
+ point_add_small(pre_comp[i][j][0], pre_comp[i][j][1],
+ pre_comp[i][j][2], pre_comp[i][1][0],
+ pre_comp[i][1][1], pre_comp[i][1][2],
+ pre_comp[i][j - 1][0],
+ pre_comp[i][j - 1][1],
+ pre_comp[i][j - 1][2]);
+ } else {
+ point_double_small(pre_comp[i][j][0],
+ pre_comp[i][j][1],
+ pre_comp[i][j][2],
+ pre_comp[i][j / 2][0],
+ pre_comp[i][j / 2][1],
+ pre_comp[i][j / 2][2]);
+ }
+ }
+ }
+ }
+ if (mixed)
+ make_points_affine(num_points * 17, pre_comp[0], tmp_smallfelems);
+ }
+
+ /* the scalar for the generator */
+ if ((scalar != NULL) && (have_pre_comp)) {
+ memset(g_secret, 0, sizeof(g_secret));
+ /* reduce scalar to 0 <= scalar < 2^256 */
+ if ((BN_num_bits(scalar) > 256) || (BN_is_negative(scalar))) {
+ /*
+ * this is an unusual input, and we don't guarantee
+ * constant-timeness
+ */
+ if (!BN_nnmod(tmp_scalar, scalar, &group->order, ctx)) {
+ ECerr(EC_F_EC_GFP_NISTP256_POINTS_MUL, ERR_R_BN_LIB);
+ goto err;
+ }
+ num_bytes = BN_bn2bin(tmp_scalar, tmp);
+ } else
+ num_bytes = BN_bn2bin(scalar, tmp);
+ flip_endian(g_secret, tmp, num_bytes);
+ /* do the multiplication with generator precomputation */
+ batch_mul(x_out, y_out, z_out,
+ (const felem_bytearray(*))secrets, num_points,
+ g_secret,
+ mixed, (const smallfelem(*)[17][3])pre_comp, g_pre_comp);
+ } else
+ /* do the multiplication without generator precomputation */
+ batch_mul(x_out, y_out, z_out,
+ (const felem_bytearray(*))secrets, num_points,
+ NULL, mixed, (const smallfelem(*)[17][3])pre_comp, NULL);
+ /* reduce the output to its unique minimal representation */
+ felem_contract(x_in, x_out);
+ felem_contract(y_in, y_out);
+ felem_contract(z_in, z_out);
+ if ((!smallfelem_to_BN(x, x_in)) || (!smallfelem_to_BN(y, y_in)) ||
+ (!smallfelem_to_BN(z, z_in))) {
+ ECerr(EC_F_EC_GFP_NISTP256_POINTS_MUL, ERR_R_BN_LIB);
+ goto err;
+ }
+ ret = EC_POINT_set_Jprojective_coordinates_GFp(group, r, x, y, z, ctx);
+
+ err:
+ BN_CTX_end(ctx);
+ if (generator != NULL)
+ EC_POINT_free(generator);
+ if (new_ctx != NULL)
+ BN_CTX_free(new_ctx);
+ if (secrets != NULL)
+ OPENSSL_free(secrets);
+ if (pre_comp != NULL)
+ OPENSSL_free(pre_comp);
+ if (tmp_smallfelems != NULL)
+ OPENSSL_free(tmp_smallfelems);
+ return ret;
+}
+
+int ec_GFp_nistp256_precompute_mult(EC_GROUP *group, BN_CTX *ctx)
+{
+ int ret = 0;
+ NISTP256_PRE_COMP *pre = NULL;
+ int i, j;
+ BN_CTX *new_ctx = NULL;
+ BIGNUM *x, *y;
+ EC_POINT *generator = NULL;
+ smallfelem tmp_smallfelems[32];
+ felem x_tmp, y_tmp, z_tmp;
+
+ /* throw away old precomputation */
+ EC_EX_DATA_free_data(&group->extra_data, nistp256_pre_comp_dup,
+ nistp256_pre_comp_free,
+ nistp256_pre_comp_clear_free);
+ if (ctx == NULL)
+ if ((ctx = new_ctx = BN_CTX_new()) == NULL)
+ return 0;
+ BN_CTX_start(ctx);
+ if (((x = BN_CTX_get(ctx)) == NULL) || ((y = BN_CTX_get(ctx)) == NULL))
+ goto err;
+ /* get the generator */
+ if (group->generator == NULL)
+ goto err;
+ generator = EC_POINT_new(group);
+ if (generator == NULL)
+ goto err;
+ BN_bin2bn(nistp256_curve_params[3], sizeof(felem_bytearray), x);
+ BN_bin2bn(nistp256_curve_params[4], sizeof(felem_bytearray), y);
+ if (!EC_POINT_set_affine_coordinates_GFp(group, generator, x, y, ctx))
+ goto err;
+ if ((pre = nistp256_pre_comp_new()) == NULL)
+ goto err;
+ /*
+ * if the generator is the standard one, use built-in precomputation
+ */
+ if (0 == EC_POINT_cmp(group, generator, group->generator, ctx)) {
+ memcpy(pre->g_pre_comp, gmul, sizeof(pre->g_pre_comp));
+ ret = 1;
+ goto err;
+ }
+ if ((!BN_to_felem(x_tmp, &group->generator->X)) ||
+ (!BN_to_felem(y_tmp, &group->generator->Y)) ||
+ (!BN_to_felem(z_tmp, &group->generator->Z)))
+ goto err;
+ felem_shrink(pre->g_pre_comp[0][1][0], x_tmp);
+ felem_shrink(pre->g_pre_comp[0][1][1], y_tmp);
+ felem_shrink(pre->g_pre_comp[0][1][2], z_tmp);
+ /*
+ * compute 2^64*G, 2^128*G, 2^192*G for the first table, 2^32*G, 2^96*G,
+ * 2^160*G, 2^224*G for the second one
+ */
+ for (i = 1; i <= 8; i <<= 1) {
+ point_double_small(pre->g_pre_comp[1][i][0], pre->g_pre_comp[1][i][1],
+ pre->g_pre_comp[1][i][2], pre->g_pre_comp[0][i][0],
+ pre->g_pre_comp[0][i][1],
+ pre->g_pre_comp[0][i][2]);
+ for (j = 0; j < 31; ++j) {
+ point_double_small(pre->g_pre_comp[1][i][0],
+ pre->g_pre_comp[1][i][1],
+ pre->g_pre_comp[1][i][2],
+ pre->g_pre_comp[1][i][0],
+ pre->g_pre_comp[1][i][1],
+ pre->g_pre_comp[1][i][2]);
+ }
+ if (i == 8)
+ break;
+ point_double_small(pre->g_pre_comp[0][2 * i][0],
+ pre->g_pre_comp[0][2 * i][1],
+ pre->g_pre_comp[0][2 * i][2],
+ pre->g_pre_comp[1][i][0], pre->g_pre_comp[1][i][1],
+ pre->g_pre_comp[1][i][2]);
+ for (j = 0; j < 31; ++j) {
+ point_double_small(pre->g_pre_comp[0][2 * i][0],
+ pre->g_pre_comp[0][2 * i][1],
+ pre->g_pre_comp[0][2 * i][2],
+ pre->g_pre_comp[0][2 * i][0],
+ pre->g_pre_comp[0][2 * i][1],
+ pre->g_pre_comp[0][2 * i][2]);
+ }
+ }
+ for (i = 0; i < 2; i++) {
+ /* g_pre_comp[i][0] is the point at infinity */
+ memset(pre->g_pre_comp[i][0], 0, sizeof(pre->g_pre_comp[i][0]));
+ /* the remaining multiples */
+ /* 2^64*G + 2^128*G resp. 2^96*G + 2^160*G */
+ point_add_small(pre->g_pre_comp[i][6][0], pre->g_pre_comp[i][6][1],
+ pre->g_pre_comp[i][6][2], pre->g_pre_comp[i][4][0],
+ pre->g_pre_comp[i][4][1], pre->g_pre_comp[i][4][2],
+ pre->g_pre_comp[i][2][0], pre->g_pre_comp[i][2][1],
+ pre->g_pre_comp[i][2][2]);
+ /* 2^64*G + 2^192*G resp. 2^96*G + 2^224*G */
+ point_add_small(pre->g_pre_comp[i][10][0], pre->g_pre_comp[i][10][1],
+ pre->g_pre_comp[i][10][2], pre->g_pre_comp[i][8][0],
+ pre->g_pre_comp[i][8][1], pre->g_pre_comp[i][8][2],
+ pre->g_pre_comp[i][2][0], pre->g_pre_comp[i][2][1],
+ pre->g_pre_comp[i][2][2]);
+ /* 2^128*G + 2^192*G resp. 2^160*G + 2^224*G */
+ point_add_small(pre->g_pre_comp[i][12][0], pre->g_pre_comp[i][12][1],
+ pre->g_pre_comp[i][12][2], pre->g_pre_comp[i][8][0],
+ pre->g_pre_comp[i][8][1], pre->g_pre_comp[i][8][2],
+ pre->g_pre_comp[i][4][0], pre->g_pre_comp[i][4][1],
+ pre->g_pre_comp[i][4][2]);
+ /*
+ * 2^64*G + 2^128*G + 2^192*G resp. 2^96*G + 2^160*G + 2^224*G
+ */
+ point_add_small(pre->g_pre_comp[i][14][0], pre->g_pre_comp[i][14][1],
+ pre->g_pre_comp[i][14][2], pre->g_pre_comp[i][12][0],
+ pre->g_pre_comp[i][12][1], pre->g_pre_comp[i][12][2],
+ pre->g_pre_comp[i][2][0], pre->g_pre_comp[i][2][1],
+ pre->g_pre_comp[i][2][2]);
+ for (j = 1; j < 8; ++j) {
+ /* odd multiples: add G resp. 2^32*G */
+ point_add_small(pre->g_pre_comp[i][2 * j + 1][0],
+ pre->g_pre_comp[i][2 * j + 1][1],
+ pre->g_pre_comp[i][2 * j + 1][2],
+ pre->g_pre_comp[i][2 * j][0],
+ pre->g_pre_comp[i][2 * j][1],
+ pre->g_pre_comp[i][2 * j][2],
+ pre->g_pre_comp[i][1][0],
+ pre->g_pre_comp[i][1][1],
+ pre->g_pre_comp[i][1][2]);
+ }
+ }
+ make_points_affine(31, &(pre->g_pre_comp[0][1]), tmp_smallfelems);
+
+ if (!EC_EX_DATA_set_data(&group->extra_data, pre, nistp256_pre_comp_dup,
+ nistp256_pre_comp_free,
+ nistp256_pre_comp_clear_free))
+ goto err;
+ ret = 1;
+ pre = NULL;
+ err:
+ BN_CTX_end(ctx);
+ if (generator != NULL)
+ EC_POINT_free(generator);
+ if (new_ctx != NULL)
+ BN_CTX_free(new_ctx);
+ if (pre)
+ nistp256_pre_comp_free(pre);
+ return ret;
+}
+
+int ec_GFp_nistp256_have_precompute_mult(const EC_GROUP *group)
+{
+ if (EC_EX_DATA_get_data(group->extra_data, nistp256_pre_comp_dup,
+ nistp256_pre_comp_free,
+ nistp256_pre_comp_clear_free)
+ != NULL)
+ return 1;
+ else
+ return 0;
+}
+#else
+static void *dummy = &dummy;
+#endif
Copied: trunk/crypto/openssl/crypto/ec/ecp_nistp521.c (from rev 7117, vendor-crypto/openssl/dist/crypto/ec/ecp_nistp521.c)
===================================================================
--- trunk/crypto/openssl/crypto/ec/ecp_nistp521.c (rev 0)
+++ trunk/crypto/openssl/crypto/ec/ecp_nistp521.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,2148 @@
+/* crypto/ec/ecp_nistp521.c */
+/*
+ * Written by Adam Langley (Google) for the OpenSSL project
+ */
+/* Copyright 2011 Google Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ *
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/*
+ * A 64-bit implementation of the NIST P-521 elliptic curve point multiplication
+ *
+ * OpenSSL integration was taken from Emilia Kasper's work in ecp_nistp224.c.
+ * Otherwise based on Emilia's P224 work, which was inspired by my curve25519
+ * work which got its smarts from Daniel J. Bernstein's work on the same.
+ */
+
+#include <openssl/opensslconf.h>
+#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
+
+# ifndef OPENSSL_SYS_VMS
+# include <stdint.h>
+# else
+# include <inttypes.h>
+# endif
+
+# include <string.h>
+# include <openssl/err.h>
+# include "ec_lcl.h"
+
+# if defined(__GNUC__) && (__GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ >= 1))
+ /* even with gcc, the typedef won't work for 32-bit platforms */
+typedef __uint128_t uint128_t; /* nonstandard; implemented by gcc on 64-bit
+ * platforms */
+# else
+# error "Need GCC 3.1 or later to define type uint128_t"
+# endif
+
+typedef uint8_t u8;
+typedef uint64_t u64;
+typedef int64_t s64;
+
+/*
+ * The underlying field. P521 operates over GF(2^521-1). We can serialise an
+ * element of this field into 66 bytes where the most significant byte
+ * contains only a single bit. We call this an felem_bytearray.
+ */
+
+typedef u8 felem_bytearray[66];
+
+/*
+ * These are the parameters of P521, taken from FIPS 186-3, section D.1.2.5.
+ * These values are big-endian.
+ */
+static const felem_bytearray nistp521_curve_params[5] = {
+ {0x01, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, /* p */
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff},
+ {0x01, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, /* a = -3 */
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xfc},
+ {0x00, 0x51, 0x95, 0x3e, 0xb9, 0x61, 0x8e, 0x1c, /* b */
+ 0x9a, 0x1f, 0x92, 0x9a, 0x21, 0xa0, 0xb6, 0x85,
+ 0x40, 0xee, 0xa2, 0xda, 0x72, 0x5b, 0x99, 0xb3,
+ 0x15, 0xf3, 0xb8, 0xb4, 0x89, 0x91, 0x8e, 0xf1,
+ 0x09, 0xe1, 0x56, 0x19, 0x39, 0x51, 0xec, 0x7e,
+ 0x93, 0x7b, 0x16, 0x52, 0xc0, 0xbd, 0x3b, 0xb1,
+ 0xbf, 0x07, 0x35, 0x73, 0xdf, 0x88, 0x3d, 0x2c,
+ 0x34, 0xf1, 0xef, 0x45, 0x1f, 0xd4, 0x6b, 0x50,
+ 0x3f, 0x00},
+ {0x00, 0xc6, 0x85, 0x8e, 0x06, 0xb7, 0x04, 0x04, /* x */
+ 0xe9, 0xcd, 0x9e, 0x3e, 0xcb, 0x66, 0x23, 0x95,
+ 0xb4, 0x42, 0x9c, 0x64, 0x81, 0x39, 0x05, 0x3f,
+ 0xb5, 0x21, 0xf8, 0x28, 0xaf, 0x60, 0x6b, 0x4d,
+ 0x3d, 0xba, 0xa1, 0x4b, 0x5e, 0x77, 0xef, 0xe7,
+ 0x59, 0x28, 0xfe, 0x1d, 0xc1, 0x27, 0xa2, 0xff,
+ 0xa8, 0xde, 0x33, 0x48, 0xb3, 0xc1, 0x85, 0x6a,
+ 0x42, 0x9b, 0xf9, 0x7e, 0x7e, 0x31, 0xc2, 0xe5,
+ 0xbd, 0x66},
+ {0x01, 0x18, 0x39, 0x29, 0x6a, 0x78, 0x9a, 0x3b, /* y */
+ 0xc0, 0x04, 0x5c, 0x8a, 0x5f, 0xb4, 0x2c, 0x7d,
+ 0x1b, 0xd9, 0x98, 0xf5, 0x44, 0x49, 0x57, 0x9b,
+ 0x44, 0x68, 0x17, 0xaf, 0xbd, 0x17, 0x27, 0x3e,
+ 0x66, 0x2c, 0x97, 0xee, 0x72, 0x99, 0x5e, 0xf4,
+ 0x26, 0x40, 0xc5, 0x50, 0xb9, 0x01, 0x3f, 0xad,
+ 0x07, 0x61, 0x35, 0x3c, 0x70, 0x86, 0xa2, 0x72,
+ 0xc2, 0x40, 0x88, 0xbe, 0x94, 0x76, 0x9f, 0xd1,
+ 0x66, 0x50}
+};
+
+/*-
+ * The representation of field elements.
+ * ------------------------------------
+ *
+ * We represent field elements with nine values. These values are either 64 or
+ * 128 bits and the field element represented is:
+ * v[0]*2^0 + v[1]*2^58 + v[2]*2^116 + ... + v[8]*2^464 (mod p)
+ * Each of the nine values is called a 'limb'. Since the limbs are spaced only
+ * 58 bits apart, but are greater than 58 bits in length, the most significant
+ * bits of each limb overlap with the least significant bits of the next.
+ *
+ * A field element with 64-bit limbs is an 'felem'. One with 128-bit limbs is a
+ * 'largefelem' */
+
+# define NLIMBS 9
+
+typedef uint64_t limb;
+typedef limb felem[NLIMBS];
+typedef uint128_t largefelem[NLIMBS];
+
+static const limb bottom57bits = 0x1ffffffffffffff;
+static const limb bottom58bits = 0x3ffffffffffffff;
+
+/*
+ * bin66_to_felem takes a little-endian byte array and converts it into felem
+ * form. This assumes that the CPU is little-endian.
+ */
+static void bin66_to_felem(felem out, const u8 in[66])
+{
+ out[0] = (*((limb *) & in[0])) & bottom58bits;
+ out[1] = (*((limb *) & in[7]) >> 2) & bottom58bits;
+ out[2] = (*((limb *) & in[14]) >> 4) & bottom58bits;
+ out[3] = (*((limb *) & in[21]) >> 6) & bottom58bits;
+ out[4] = (*((limb *) & in[29])) & bottom58bits;
+ out[5] = (*((limb *) & in[36]) >> 2) & bottom58bits;
+ out[6] = (*((limb *) & in[43]) >> 4) & bottom58bits;
+ out[7] = (*((limb *) & in[50]) >> 6) & bottom58bits;
+ out[8] = (*((limb *) & in[58])) & bottom57bits;
+}
+
+/*
+ * felem_to_bin66 takes an felem and serialises into a little endian, 66 byte
+ * array. This assumes that the CPU is little-endian.
+ */
+static void felem_to_bin66(u8 out[66], const felem in)
+{
+ memset(out, 0, 66);
+ (*((limb *) & out[0])) = in[0];
+ (*((limb *) & out[7])) |= in[1] << 2;
+ (*((limb *) & out[14])) |= in[2] << 4;
+ (*((limb *) & out[21])) |= in[3] << 6;
+ (*((limb *) & out[29])) = in[4];
+ (*((limb *) & out[36])) |= in[5] << 2;
+ (*((limb *) & out[43])) |= in[6] << 4;
+ (*((limb *) & out[50])) |= in[7] << 6;
+ (*((limb *) & out[58])) = in[8];
+}
+
+/* To preserve endianness when using BN_bn2bin and BN_bin2bn */
+static void flip_endian(u8 *out, const u8 *in, unsigned len)
+{
+ unsigned i;
+ for (i = 0; i < len; ++i)
+ out[i] = in[len - 1 - i];
+}
+
+/* BN_to_felem converts an OpenSSL BIGNUM into an felem */
+static int BN_to_felem(felem out, const BIGNUM *bn)
+{
+ felem_bytearray b_in;
+ felem_bytearray b_out;
+ unsigned num_bytes;
+
+ /* BN_bn2bin eats leading zeroes */
+ memset(b_out, 0, sizeof b_out);
+ num_bytes = BN_num_bytes(bn);
+ if (num_bytes > sizeof b_out) {
+ ECerr(EC_F_BN_TO_FELEM, EC_R_BIGNUM_OUT_OF_RANGE);
+ return 0;
+ }
+ if (BN_is_negative(bn)) {
+ ECerr(EC_F_BN_TO_FELEM, EC_R_BIGNUM_OUT_OF_RANGE);
+ return 0;
+ }
+ num_bytes = BN_bn2bin(bn, b_in);
+ flip_endian(b_out, b_in, num_bytes);
+ bin66_to_felem(out, b_out);
+ return 1;
+}
+
+/* felem_to_BN converts an felem into an OpenSSL BIGNUM */
+static BIGNUM *felem_to_BN(BIGNUM *out, const felem in)
+{
+ felem_bytearray b_in, b_out;
+ felem_to_bin66(b_in, in);
+ flip_endian(b_out, b_in, sizeof b_out);
+ return BN_bin2bn(b_out, sizeof b_out, out);
+}
+
+/*-
+ * Field operations
+ * ----------------
+ */
+
+static void felem_one(felem out)
+{
+ out[0] = 1;
+ out[1] = 0;
+ out[2] = 0;
+ out[3] = 0;
+ out[4] = 0;
+ out[5] = 0;
+ out[6] = 0;
+ out[7] = 0;
+ out[8] = 0;
+}
+
+static void felem_assign(felem out, const felem in)
+{
+ out[0] = in[0];
+ out[1] = in[1];
+ out[2] = in[2];
+ out[3] = in[3];
+ out[4] = in[4];
+ out[5] = in[5];
+ out[6] = in[6];
+ out[7] = in[7];
+ out[8] = in[8];
+}
+
+/* felem_sum64 sets out = out + in. */
+static void felem_sum64(felem out, const felem in)
+{
+ out[0] += in[0];
+ out[1] += in[1];
+ out[2] += in[2];
+ out[3] += in[3];
+ out[4] += in[4];
+ out[5] += in[5];
+ out[6] += in[6];
+ out[7] += in[7];
+ out[8] += in[8];
+}
+
+/* felem_scalar sets out = in * scalar */
+static void felem_scalar(felem out, const felem in, limb scalar)
+{
+ out[0] = in[0] * scalar;
+ out[1] = in[1] * scalar;
+ out[2] = in[2] * scalar;
+ out[3] = in[3] * scalar;
+ out[4] = in[4] * scalar;
+ out[5] = in[5] * scalar;
+ out[6] = in[6] * scalar;
+ out[7] = in[7] * scalar;
+ out[8] = in[8] * scalar;
+}
+
+/* felem_scalar64 sets out = out * scalar */
+static void felem_scalar64(felem out, limb scalar)
+{
+ out[0] *= scalar;
+ out[1] *= scalar;
+ out[2] *= scalar;
+ out[3] *= scalar;
+ out[4] *= scalar;
+ out[5] *= scalar;
+ out[6] *= scalar;
+ out[7] *= scalar;
+ out[8] *= scalar;
+}
+
+/* felem_scalar128 sets out = out * scalar */
+static void felem_scalar128(largefelem out, limb scalar)
+{
+ out[0] *= scalar;
+ out[1] *= scalar;
+ out[2] *= scalar;
+ out[3] *= scalar;
+ out[4] *= scalar;
+ out[5] *= scalar;
+ out[6] *= scalar;
+ out[7] *= scalar;
+ out[8] *= scalar;
+}
+
+/*-
+ * felem_neg sets |out| to |-in|
+ * On entry:
+ * in[i] < 2^59 + 2^14
+ * On exit:
+ * out[i] < 2^62
+ */
+static void felem_neg(felem out, const felem in)
+{
+ /* In order to prevent underflow, we subtract from 0 mod p. */
+ static const limb two62m3 = (((limb) 1) << 62) - (((limb) 1) << 5);
+ static const limb two62m2 = (((limb) 1) << 62) - (((limb) 1) << 4);
+
+ out[0] = two62m3 - in[0];
+ out[1] = two62m2 - in[1];
+ out[2] = two62m2 - in[2];
+ out[3] = two62m2 - in[3];
+ out[4] = two62m2 - in[4];
+ out[5] = two62m2 - in[5];
+ out[6] = two62m2 - in[6];
+ out[7] = two62m2 - in[7];
+ out[8] = two62m2 - in[8];
+}
+
+/*-
+ * felem_diff64 subtracts |in| from |out|
+ * On entry:
+ * in[i] < 2^59 + 2^14
+ * On exit:
+ * out[i] < out[i] + 2^62
+ */
+static void felem_diff64(felem out, const felem in)
+{
+ /*
+ * In order to prevent underflow, we add 0 mod p before subtracting.
+ */
+ static const limb two62m3 = (((limb) 1) << 62) - (((limb) 1) << 5);
+ static const limb two62m2 = (((limb) 1) << 62) - (((limb) 1) << 4);
+
+ out[0] += two62m3 - in[0];
+ out[1] += two62m2 - in[1];
+ out[2] += two62m2 - in[2];
+ out[3] += two62m2 - in[3];
+ out[4] += two62m2 - in[4];
+ out[5] += two62m2 - in[5];
+ out[6] += two62m2 - in[6];
+ out[7] += two62m2 - in[7];
+ out[8] += two62m2 - in[8];
+}
+
+/*-
+ * felem_diff_128_64 subtracts |in| from |out|
+ * On entry:
+ * in[i] < 2^62 + 2^17
+ * On exit:
+ * out[i] < out[i] + 2^63
+ */
+static void felem_diff_128_64(largefelem out, const felem in)
+{
+ /*
+ * In order to prevent underflow, we add 0 mod p before subtracting.
+ */
+ static const limb two63m6 = (((limb) 1) << 62) - (((limb) 1) << 5);
+ static const limb two63m5 = (((limb) 1) << 62) - (((limb) 1) << 4);
+
+ out[0] += two63m6 - in[0];
+ out[1] += two63m5 - in[1];
+ out[2] += two63m5 - in[2];
+ out[3] += two63m5 - in[3];
+ out[4] += two63m5 - in[4];
+ out[5] += two63m5 - in[5];
+ out[6] += two63m5 - in[6];
+ out[7] += two63m5 - in[7];
+ out[8] += two63m5 - in[8];
+}
+
+/*-
+ * felem_diff_128_64 subtracts |in| from |out|
+ * On entry:
+ * in[i] < 2^126
+ * On exit:
+ * out[i] < out[i] + 2^127 - 2^69
+ */
+static void felem_diff128(largefelem out, const largefelem in)
+{
+ /*
+ * In order to prevent underflow, we add 0 mod p before subtracting.
+ */
+ static const uint128_t two127m70 =
+ (((uint128_t) 1) << 127) - (((uint128_t) 1) << 70);
+ static const uint128_t two127m69 =
+ (((uint128_t) 1) << 127) - (((uint128_t) 1) << 69);
+
+ out[0] += (two127m70 - in[0]);
+ out[1] += (two127m69 - in[1]);
+ out[2] += (two127m69 - in[2]);
+ out[3] += (two127m69 - in[3]);
+ out[4] += (two127m69 - in[4]);
+ out[5] += (two127m69 - in[5]);
+ out[6] += (two127m69 - in[6]);
+ out[7] += (two127m69 - in[7]);
+ out[8] += (two127m69 - in[8]);
+}
+
+/*-
+ * felem_square sets |out| = |in|^2
+ * On entry:
+ * in[i] < 2^62
+ * On exit:
+ * out[i] < 17 * max(in[i]) * max(in[i])
+ */
+static void felem_square(largefelem out, const felem in)
+{
+ felem inx2, inx4;
+ felem_scalar(inx2, in, 2);
+ felem_scalar(inx4, in, 4);
+
+ /*-
+ * We have many cases were we want to do
+ * in[x] * in[y] +
+ * in[y] * in[x]
+ * This is obviously just
+ * 2 * in[x] * in[y]
+ * However, rather than do the doubling on the 128 bit result, we
+ * double one of the inputs to the multiplication by reading from
+ * |inx2|
+ */
+
+ out[0] = ((uint128_t) in[0]) * in[0];
+ out[1] = ((uint128_t) in[0]) * inx2[1];
+ out[2] = ((uint128_t) in[0]) * inx2[2] + ((uint128_t) in[1]) * in[1];
+ out[3] = ((uint128_t) in[0]) * inx2[3] + ((uint128_t) in[1]) * inx2[2];
+ out[4] = ((uint128_t) in[0]) * inx2[4] +
+ ((uint128_t) in[1]) * inx2[3] + ((uint128_t) in[2]) * in[2];
+ out[5] = ((uint128_t) in[0]) * inx2[5] +
+ ((uint128_t) in[1]) * inx2[4] + ((uint128_t) in[2]) * inx2[3];
+ out[6] = ((uint128_t) in[0]) * inx2[6] +
+ ((uint128_t) in[1]) * inx2[5] +
+ ((uint128_t) in[2]) * inx2[4] + ((uint128_t) in[3]) * in[3];
+ out[7] = ((uint128_t) in[0]) * inx2[7] +
+ ((uint128_t) in[1]) * inx2[6] +
+ ((uint128_t) in[2]) * inx2[5] + ((uint128_t) in[3]) * inx2[4];
+ out[8] = ((uint128_t) in[0]) * inx2[8] +
+ ((uint128_t) in[1]) * inx2[7] +
+ ((uint128_t) in[2]) * inx2[6] +
+ ((uint128_t) in[3]) * inx2[5] + ((uint128_t) in[4]) * in[4];
+
+ /*
+ * The remaining limbs fall above 2^521, with the first falling at 2^522.
+ * They correspond to locations one bit up from the limbs produced above
+ * so we would have to multiply by two to align them. Again, rather than
+ * operate on the 128-bit result, we double one of the inputs to the
+ * multiplication. If we want to double for both this reason, and the
+ * reason above, then we end up multiplying by four.
+ */
+
+ /* 9 */
+ out[0] += ((uint128_t) in[1]) * inx4[8] +
+ ((uint128_t) in[2]) * inx4[7] +
+ ((uint128_t) in[3]) * inx4[6] + ((uint128_t) in[4]) * inx4[5];
+
+ /* 10 */
+ out[1] += ((uint128_t) in[2]) * inx4[8] +
+ ((uint128_t) in[3]) * inx4[7] +
+ ((uint128_t) in[4]) * inx4[6] + ((uint128_t) in[5]) * inx2[5];
+
+ /* 11 */
+ out[2] += ((uint128_t) in[3]) * inx4[8] +
+ ((uint128_t) in[4]) * inx4[7] + ((uint128_t) in[5]) * inx4[6];
+
+ /* 12 */
+ out[3] += ((uint128_t) in[4]) * inx4[8] +
+ ((uint128_t) in[5]) * inx4[7] + ((uint128_t) in[6]) * inx2[6];
+
+ /* 13 */
+ out[4] += ((uint128_t) in[5]) * inx4[8] + ((uint128_t) in[6]) * inx4[7];
+
+ /* 14 */
+ out[5] += ((uint128_t) in[6]) * inx4[8] + ((uint128_t) in[7]) * inx2[7];
+
+ /* 15 */
+ out[6] += ((uint128_t) in[7]) * inx4[8];
+
+ /* 16 */
+ out[7] += ((uint128_t) in[8]) * inx2[8];
+}
+
+/*-
+ * felem_mul sets |out| = |in1| * |in2|
+ * On entry:
+ * in1[i] < 2^64
+ * in2[i] < 2^63
+ * On exit:
+ * out[i] < 17 * max(in1[i]) * max(in2[i])
+ */
+static void felem_mul(largefelem out, const felem in1, const felem in2)
+{
+ felem in2x2;
+ felem_scalar(in2x2, in2, 2);
+
+ out[0] = ((uint128_t) in1[0]) * in2[0];
+
+ out[1] = ((uint128_t) in1[0]) * in2[1] + ((uint128_t) in1[1]) * in2[0];
+
+ out[2] = ((uint128_t) in1[0]) * in2[2] +
+ ((uint128_t) in1[1]) * in2[1] + ((uint128_t) in1[2]) * in2[0];
+
+ out[3] = ((uint128_t) in1[0]) * in2[3] +
+ ((uint128_t) in1[1]) * in2[2] +
+ ((uint128_t) in1[2]) * in2[1] + ((uint128_t) in1[3]) * in2[0];
+
+ out[4] = ((uint128_t) in1[0]) * in2[4] +
+ ((uint128_t) in1[1]) * in2[3] +
+ ((uint128_t) in1[2]) * in2[2] +
+ ((uint128_t) in1[3]) * in2[1] + ((uint128_t) in1[4]) * in2[0];
+
+ out[5] = ((uint128_t) in1[0]) * in2[5] +
+ ((uint128_t) in1[1]) * in2[4] +
+ ((uint128_t) in1[2]) * in2[3] +
+ ((uint128_t) in1[3]) * in2[2] +
+ ((uint128_t) in1[4]) * in2[1] + ((uint128_t) in1[5]) * in2[0];
+
+ out[6] = ((uint128_t) in1[0]) * in2[6] +
+ ((uint128_t) in1[1]) * in2[5] +
+ ((uint128_t) in1[2]) * in2[4] +
+ ((uint128_t) in1[3]) * in2[3] +
+ ((uint128_t) in1[4]) * in2[2] +
+ ((uint128_t) in1[5]) * in2[1] + ((uint128_t) in1[6]) * in2[0];
+
+ out[7] = ((uint128_t) in1[0]) * in2[7] +
+ ((uint128_t) in1[1]) * in2[6] +
+ ((uint128_t) in1[2]) * in2[5] +
+ ((uint128_t) in1[3]) * in2[4] +
+ ((uint128_t) in1[4]) * in2[3] +
+ ((uint128_t) in1[5]) * in2[2] +
+ ((uint128_t) in1[6]) * in2[1] + ((uint128_t) in1[7]) * in2[0];
+
+ out[8] = ((uint128_t) in1[0]) * in2[8] +
+ ((uint128_t) in1[1]) * in2[7] +
+ ((uint128_t) in1[2]) * in2[6] +
+ ((uint128_t) in1[3]) * in2[5] +
+ ((uint128_t) in1[4]) * in2[4] +
+ ((uint128_t) in1[5]) * in2[3] +
+ ((uint128_t) in1[6]) * in2[2] +
+ ((uint128_t) in1[7]) * in2[1] + ((uint128_t) in1[8]) * in2[0];
+
+ /* See comment in felem_square about the use of in2x2 here */
+
+ out[0] += ((uint128_t) in1[1]) * in2x2[8] +
+ ((uint128_t) in1[2]) * in2x2[7] +
+ ((uint128_t) in1[3]) * in2x2[6] +
+ ((uint128_t) in1[4]) * in2x2[5] +
+ ((uint128_t) in1[5]) * in2x2[4] +
+ ((uint128_t) in1[6]) * in2x2[3] +
+ ((uint128_t) in1[7]) * in2x2[2] + ((uint128_t) in1[8]) * in2x2[1];
+
+ out[1] += ((uint128_t) in1[2]) * in2x2[8] +
+ ((uint128_t) in1[3]) * in2x2[7] +
+ ((uint128_t) in1[4]) * in2x2[6] +
+ ((uint128_t) in1[5]) * in2x2[5] +
+ ((uint128_t) in1[6]) * in2x2[4] +
+ ((uint128_t) in1[7]) * in2x2[3] + ((uint128_t) in1[8]) * in2x2[2];
+
+ out[2] += ((uint128_t) in1[3]) * in2x2[8] +
+ ((uint128_t) in1[4]) * in2x2[7] +
+ ((uint128_t) in1[5]) * in2x2[6] +
+ ((uint128_t) in1[6]) * in2x2[5] +
+ ((uint128_t) in1[7]) * in2x2[4] + ((uint128_t) in1[8]) * in2x2[3];
+
+ out[3] += ((uint128_t) in1[4]) * in2x2[8] +
+ ((uint128_t) in1[5]) * in2x2[7] +
+ ((uint128_t) in1[6]) * in2x2[6] +
+ ((uint128_t) in1[7]) * in2x2[5] + ((uint128_t) in1[8]) * in2x2[4];
+
+ out[4] += ((uint128_t) in1[5]) * in2x2[8] +
+ ((uint128_t) in1[6]) * in2x2[7] +
+ ((uint128_t) in1[7]) * in2x2[6] + ((uint128_t) in1[8]) * in2x2[5];
+
+ out[5] += ((uint128_t) in1[6]) * in2x2[8] +
+ ((uint128_t) in1[7]) * in2x2[7] + ((uint128_t) in1[8]) * in2x2[6];
+
+ out[6] += ((uint128_t) in1[7]) * in2x2[8] +
+ ((uint128_t) in1[8]) * in2x2[7];
+
+ out[7] += ((uint128_t) in1[8]) * in2x2[8];
+}
+
+static const limb bottom52bits = 0xfffffffffffff;
+
+/*-
+ * felem_reduce converts a largefelem to an felem.
+ * On entry:
+ * in[i] < 2^128
+ * On exit:
+ * out[i] < 2^59 + 2^14
+ */
+static void felem_reduce(felem out, const largefelem in)
+{
+ u64 overflow1, overflow2;
+
+ out[0] = ((limb) in[0]) & bottom58bits;
+ out[1] = ((limb) in[1]) & bottom58bits;
+ out[2] = ((limb) in[2]) & bottom58bits;
+ out[3] = ((limb) in[3]) & bottom58bits;
+ out[4] = ((limb) in[4]) & bottom58bits;
+ out[5] = ((limb) in[5]) & bottom58bits;
+ out[6] = ((limb) in[6]) & bottom58bits;
+ out[7] = ((limb) in[7]) & bottom58bits;
+ out[8] = ((limb) in[8]) & bottom58bits;
+
+ /* out[i] < 2^58 */
+
+ out[1] += ((limb) in[0]) >> 58;
+ out[1] += (((limb) (in[0] >> 64)) & bottom52bits) << 6;
+ /*-
+ * out[1] < 2^58 + 2^6 + 2^58
+ * = 2^59 + 2^6
+ */
+ out[2] += ((limb) (in[0] >> 64)) >> 52;
+
+ out[2] += ((limb) in[1]) >> 58;
+ out[2] += (((limb) (in[1] >> 64)) & bottom52bits) << 6;
+ out[3] += ((limb) (in[1] >> 64)) >> 52;
+
+ out[3] += ((limb) in[2]) >> 58;
+ out[3] += (((limb) (in[2] >> 64)) & bottom52bits) << 6;
+ out[4] += ((limb) (in[2] >> 64)) >> 52;
+
+ out[4] += ((limb) in[3]) >> 58;
+ out[4] += (((limb) (in[3] >> 64)) & bottom52bits) << 6;
+ out[5] += ((limb) (in[3] >> 64)) >> 52;
+
+ out[5] += ((limb) in[4]) >> 58;
+ out[5] += (((limb) (in[4] >> 64)) & bottom52bits) << 6;
+ out[6] += ((limb) (in[4] >> 64)) >> 52;
+
+ out[6] += ((limb) in[5]) >> 58;
+ out[6] += (((limb) (in[5] >> 64)) & bottom52bits) << 6;
+ out[7] += ((limb) (in[5] >> 64)) >> 52;
+
+ out[7] += ((limb) in[6]) >> 58;
+ out[7] += (((limb) (in[6] >> 64)) & bottom52bits) << 6;
+ out[8] += ((limb) (in[6] >> 64)) >> 52;
+
+ out[8] += ((limb) in[7]) >> 58;
+ out[8] += (((limb) (in[7] >> 64)) & bottom52bits) << 6;
+ /*-
+ * out[x > 1] < 2^58 + 2^6 + 2^58 + 2^12
+ * < 2^59 + 2^13
+ */
+ overflow1 = ((limb) (in[7] >> 64)) >> 52;
+
+ overflow1 += ((limb) in[8]) >> 58;
+ overflow1 += (((limb) (in[8] >> 64)) & bottom52bits) << 6;
+ overflow2 = ((limb) (in[8] >> 64)) >> 52;
+
+ overflow1 <<= 1; /* overflow1 < 2^13 + 2^7 + 2^59 */
+ overflow2 <<= 1; /* overflow2 < 2^13 */
+
+ out[0] += overflow1; /* out[0] < 2^60 */
+ out[1] += overflow2; /* out[1] < 2^59 + 2^6 + 2^13 */
+
+ out[1] += out[0] >> 58;
+ out[0] &= bottom58bits;
+ /*-
+ * out[0] < 2^58
+ * out[1] < 2^59 + 2^6 + 2^13 + 2^2
+ * < 2^59 + 2^14
+ */
+}
+
+static void felem_square_reduce(felem out, const felem in)
+{
+ largefelem tmp;
+ felem_square(tmp, in);
+ felem_reduce(out, tmp);
+}
+
+static void felem_mul_reduce(felem out, const felem in1, const felem in2)
+{
+ largefelem tmp;
+ felem_mul(tmp, in1, in2);
+ felem_reduce(out, tmp);
+}
+
+/*-
+ * felem_inv calculates |out| = |in|^{-1}
+ *
+ * Based on Fermat's Little Theorem:
+ * a^p = a (mod p)
+ * a^{p-1} = 1 (mod p)
+ * a^{p-2} = a^{-1} (mod p)
+ */
+static void felem_inv(felem out, const felem in)
+{
+ felem ftmp, ftmp2, ftmp3, ftmp4;
+ largefelem tmp;
+ unsigned i;
+
+ felem_square(tmp, in);
+ felem_reduce(ftmp, tmp); /* 2^1 */
+ felem_mul(tmp, in, ftmp);
+ felem_reduce(ftmp, tmp); /* 2^2 - 2^0 */
+ felem_assign(ftmp2, ftmp);
+ felem_square(tmp, ftmp);
+ felem_reduce(ftmp, tmp); /* 2^3 - 2^1 */
+ felem_mul(tmp, in, ftmp);
+ felem_reduce(ftmp, tmp); /* 2^3 - 2^0 */
+ felem_square(tmp, ftmp);
+ felem_reduce(ftmp, tmp); /* 2^4 - 2^1 */
+
+ felem_square(tmp, ftmp2);
+ felem_reduce(ftmp3, tmp); /* 2^3 - 2^1 */
+ felem_square(tmp, ftmp3);
+ felem_reduce(ftmp3, tmp); /* 2^4 - 2^2 */
+ felem_mul(tmp, ftmp3, ftmp2);
+ felem_reduce(ftmp3, tmp); /* 2^4 - 2^0 */
+
+ felem_assign(ftmp2, ftmp3);
+ felem_square(tmp, ftmp3);
+ felem_reduce(ftmp3, tmp); /* 2^5 - 2^1 */
+ felem_square(tmp, ftmp3);
+ felem_reduce(ftmp3, tmp); /* 2^6 - 2^2 */
+ felem_square(tmp, ftmp3);
+ felem_reduce(ftmp3, tmp); /* 2^7 - 2^3 */
+ felem_square(tmp, ftmp3);
+ felem_reduce(ftmp3, tmp); /* 2^8 - 2^4 */
+ felem_assign(ftmp4, ftmp3);
+ felem_mul(tmp, ftmp3, ftmp);
+ felem_reduce(ftmp4, tmp); /* 2^8 - 2^1 */
+ felem_square(tmp, ftmp4);
+ felem_reduce(ftmp4, tmp); /* 2^9 - 2^2 */
+ felem_mul(tmp, ftmp3, ftmp2);
+ felem_reduce(ftmp3, tmp); /* 2^8 - 2^0 */
+ felem_assign(ftmp2, ftmp3);
+
+ for (i = 0; i < 8; i++) {
+ felem_square(tmp, ftmp3);
+ felem_reduce(ftmp3, tmp); /* 2^16 - 2^8 */
+ }
+ felem_mul(tmp, ftmp3, ftmp2);
+ felem_reduce(ftmp3, tmp); /* 2^16 - 2^0 */
+ felem_assign(ftmp2, ftmp3);
+
+ for (i = 0; i < 16; i++) {
+ felem_square(tmp, ftmp3);
+ felem_reduce(ftmp3, tmp); /* 2^32 - 2^16 */
+ }
+ felem_mul(tmp, ftmp3, ftmp2);
+ felem_reduce(ftmp3, tmp); /* 2^32 - 2^0 */
+ felem_assign(ftmp2, ftmp3);
+
+ for (i = 0; i < 32; i++) {
+ felem_square(tmp, ftmp3);
+ felem_reduce(ftmp3, tmp); /* 2^64 - 2^32 */
+ }
+ felem_mul(tmp, ftmp3, ftmp2);
+ felem_reduce(ftmp3, tmp); /* 2^64 - 2^0 */
+ felem_assign(ftmp2, ftmp3);
+
+ for (i = 0; i < 64; i++) {
+ felem_square(tmp, ftmp3);
+ felem_reduce(ftmp3, tmp); /* 2^128 - 2^64 */
+ }
+ felem_mul(tmp, ftmp3, ftmp2);
+ felem_reduce(ftmp3, tmp); /* 2^128 - 2^0 */
+ felem_assign(ftmp2, ftmp3);
+
+ for (i = 0; i < 128; i++) {
+ felem_square(tmp, ftmp3);
+ felem_reduce(ftmp3, tmp); /* 2^256 - 2^128 */
+ }
+ felem_mul(tmp, ftmp3, ftmp2);
+ felem_reduce(ftmp3, tmp); /* 2^256 - 2^0 */
+ felem_assign(ftmp2, ftmp3);
+
+ for (i = 0; i < 256; i++) {
+ felem_square(tmp, ftmp3);
+ felem_reduce(ftmp3, tmp); /* 2^512 - 2^256 */
+ }
+ felem_mul(tmp, ftmp3, ftmp2);
+ felem_reduce(ftmp3, tmp); /* 2^512 - 2^0 */
+
+ for (i = 0; i < 9; i++) {
+ felem_square(tmp, ftmp3);
+ felem_reduce(ftmp3, tmp); /* 2^521 - 2^9 */
+ }
+ felem_mul(tmp, ftmp3, ftmp4);
+ felem_reduce(ftmp3, tmp); /* 2^512 - 2^2 */
+ felem_mul(tmp, ftmp3, in);
+ felem_reduce(out, tmp); /* 2^512 - 3 */
+}
+
+/* This is 2^521-1, expressed as an felem */
+static const felem kPrime = {
+ 0x03ffffffffffffff, 0x03ffffffffffffff, 0x03ffffffffffffff,
+ 0x03ffffffffffffff, 0x03ffffffffffffff, 0x03ffffffffffffff,
+ 0x03ffffffffffffff, 0x03ffffffffffffff, 0x01ffffffffffffff
+};
+
+/*-
+ * felem_is_zero returns a limb with all bits set if |in| == 0 (mod p) and 0
+ * otherwise.
+ * On entry:
+ * in[i] < 2^59 + 2^14
+ */
+static limb felem_is_zero(const felem in)
+{
+ felem ftmp;
+ limb is_zero, is_p;
+ felem_assign(ftmp, in);
+
+ ftmp[0] += ftmp[8] >> 57;
+ ftmp[8] &= bottom57bits;
+ /* ftmp[8] < 2^57 */
+ ftmp[1] += ftmp[0] >> 58;
+ ftmp[0] &= bottom58bits;
+ ftmp[2] += ftmp[1] >> 58;
+ ftmp[1] &= bottom58bits;
+ ftmp[3] += ftmp[2] >> 58;
+ ftmp[2] &= bottom58bits;
+ ftmp[4] += ftmp[3] >> 58;
+ ftmp[3] &= bottom58bits;
+ ftmp[5] += ftmp[4] >> 58;
+ ftmp[4] &= bottom58bits;
+ ftmp[6] += ftmp[5] >> 58;
+ ftmp[5] &= bottom58bits;
+ ftmp[7] += ftmp[6] >> 58;
+ ftmp[6] &= bottom58bits;
+ ftmp[8] += ftmp[7] >> 58;
+ ftmp[7] &= bottom58bits;
+ /* ftmp[8] < 2^57 + 4 */
+
+ /*
+ * The ninth limb of 2*(2^521-1) is 0x03ffffffffffffff, which is greater
+ * than our bound for ftmp[8]. Therefore we only have to check if the
+ * zero is zero or 2^521-1.
+ */
+
+ is_zero = 0;
+ is_zero |= ftmp[0];
+ is_zero |= ftmp[1];
+ is_zero |= ftmp[2];
+ is_zero |= ftmp[3];
+ is_zero |= ftmp[4];
+ is_zero |= ftmp[5];
+ is_zero |= ftmp[6];
+ is_zero |= ftmp[7];
+ is_zero |= ftmp[8];
+
+ is_zero--;
+ /*
+ * We know that ftmp[i] < 2^63, therefore the only way that the top bit
+ * can be set is if is_zero was 0 before the decrement.
+ */
+ is_zero = ((s64) is_zero) >> 63;
+
+ is_p = ftmp[0] ^ kPrime[0];
+ is_p |= ftmp[1] ^ kPrime[1];
+ is_p |= ftmp[2] ^ kPrime[2];
+ is_p |= ftmp[3] ^ kPrime[3];
+ is_p |= ftmp[4] ^ kPrime[4];
+ is_p |= ftmp[5] ^ kPrime[5];
+ is_p |= ftmp[6] ^ kPrime[6];
+ is_p |= ftmp[7] ^ kPrime[7];
+ is_p |= ftmp[8] ^ kPrime[8];
+
+ is_p--;
+ is_p = ((s64) is_p) >> 63;
+
+ is_zero |= is_p;
+ return is_zero;
+}
+
+static int felem_is_zero_int(const felem in)
+{
+ return (int)(felem_is_zero(in) & ((limb) 1));
+}
+
+/*-
+ * felem_contract converts |in| to its unique, minimal representation.
+ * On entry:
+ * in[i] < 2^59 + 2^14
+ */
+static void felem_contract(felem out, const felem in)
+{
+ limb is_p, is_greater, sign;
+ static const limb two58 = ((limb) 1) << 58;
+
+ felem_assign(out, in);
+
+ out[0] += out[8] >> 57;
+ out[8] &= bottom57bits;
+ /* out[8] < 2^57 */
+ out[1] += out[0] >> 58;
+ out[0] &= bottom58bits;
+ out[2] += out[1] >> 58;
+ out[1] &= bottom58bits;
+ out[3] += out[2] >> 58;
+ out[2] &= bottom58bits;
+ out[4] += out[3] >> 58;
+ out[3] &= bottom58bits;
+ out[5] += out[4] >> 58;
+ out[4] &= bottom58bits;
+ out[6] += out[5] >> 58;
+ out[5] &= bottom58bits;
+ out[7] += out[6] >> 58;
+ out[6] &= bottom58bits;
+ out[8] += out[7] >> 58;
+ out[7] &= bottom58bits;
+ /* out[8] < 2^57 + 4 */
+
+ /*
+ * If the value is greater than 2^521-1 then we have to subtract 2^521-1
+ * out. See the comments in felem_is_zero regarding why we don't test for
+ * other multiples of the prime.
+ */
+
+ /*
+ * First, if |out| is equal to 2^521-1, we subtract it out to get zero.
+ */
+
+ is_p = out[0] ^ kPrime[0];
+ is_p |= out[1] ^ kPrime[1];
+ is_p |= out[2] ^ kPrime[2];
+ is_p |= out[3] ^ kPrime[3];
+ is_p |= out[4] ^ kPrime[4];
+ is_p |= out[5] ^ kPrime[5];
+ is_p |= out[6] ^ kPrime[6];
+ is_p |= out[7] ^ kPrime[7];
+ is_p |= out[8] ^ kPrime[8];
+
+ is_p--;
+ is_p &= is_p << 32;
+ is_p &= is_p << 16;
+ is_p &= is_p << 8;
+ is_p &= is_p << 4;
+ is_p &= is_p << 2;
+ is_p &= is_p << 1;
+ is_p = ((s64) is_p) >> 63;
+ is_p = ~is_p;
+
+ /* is_p is 0 iff |out| == 2^521-1 and all ones otherwise */
+
+ out[0] &= is_p;
+ out[1] &= is_p;
+ out[2] &= is_p;
+ out[3] &= is_p;
+ out[4] &= is_p;
+ out[5] &= is_p;
+ out[6] &= is_p;
+ out[7] &= is_p;
+ out[8] &= is_p;
+
+ /*
+ * In order to test that |out| >= 2^521-1 we need only test if out[8] >>
+ * 57 is greater than zero as (2^521-1) + x >= 2^522
+ */
+ is_greater = out[8] >> 57;
+ is_greater |= is_greater << 32;
+ is_greater |= is_greater << 16;
+ is_greater |= is_greater << 8;
+ is_greater |= is_greater << 4;
+ is_greater |= is_greater << 2;
+ is_greater |= is_greater << 1;
+ is_greater = ((s64) is_greater) >> 63;
+
+ out[0] -= kPrime[0] & is_greater;
+ out[1] -= kPrime[1] & is_greater;
+ out[2] -= kPrime[2] & is_greater;
+ out[3] -= kPrime[3] & is_greater;
+ out[4] -= kPrime[4] & is_greater;
+ out[5] -= kPrime[5] & is_greater;
+ out[6] -= kPrime[6] & is_greater;
+ out[7] -= kPrime[7] & is_greater;
+ out[8] -= kPrime[8] & is_greater;
+
+ /* Eliminate negative coefficients */
+ sign = -(out[0] >> 63);
+ out[0] += (two58 & sign);
+ out[1] -= (1 & sign);
+ sign = -(out[1] >> 63);
+ out[1] += (two58 & sign);
+ out[2] -= (1 & sign);
+ sign = -(out[2] >> 63);
+ out[2] += (two58 & sign);
+ out[3] -= (1 & sign);
+ sign = -(out[3] >> 63);
+ out[3] += (two58 & sign);
+ out[4] -= (1 & sign);
+ sign = -(out[4] >> 63);
+ out[4] += (two58 & sign);
+ out[5] -= (1 & sign);
+ sign = -(out[0] >> 63);
+ out[5] += (two58 & sign);
+ out[6] -= (1 & sign);
+ sign = -(out[6] >> 63);
+ out[6] += (two58 & sign);
+ out[7] -= (1 & sign);
+ sign = -(out[7] >> 63);
+ out[7] += (two58 & sign);
+ out[8] -= (1 & sign);
+ sign = -(out[5] >> 63);
+ out[5] += (two58 & sign);
+ out[6] -= (1 & sign);
+ sign = -(out[6] >> 63);
+ out[6] += (two58 & sign);
+ out[7] -= (1 & sign);
+ sign = -(out[7] >> 63);
+ out[7] += (two58 & sign);
+ out[8] -= (1 & sign);
+}
+
+/*-
+ * Group operations
+ * ----------------
+ *
+ * Building on top of the field operations we have the operations on the
+ * elliptic curve group itself. Points on the curve are represented in Jacobian
+ * coordinates */
+
+/*-
+ * point_double calcuates 2*(x_in, y_in, z_in)
+ *
+ * The method is taken from:
+ * http://hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-3.html#doubling-dbl-2001-b
+ *
+ * Outputs can equal corresponding inputs, i.e., x_out == x_in is allowed.
+ * while x_out == y_in is not (maybe this works, but it's not tested). */
+static void
+point_double(felem x_out, felem y_out, felem z_out,
+ const felem x_in, const felem y_in, const felem z_in)
+{
+ largefelem tmp, tmp2;
+ felem delta, gamma, beta, alpha, ftmp, ftmp2;
+
+ felem_assign(ftmp, x_in);
+ felem_assign(ftmp2, x_in);
+
+ /* delta = z^2 */
+ felem_square(tmp, z_in);
+ felem_reduce(delta, tmp); /* delta[i] < 2^59 + 2^14 */
+
+ /* gamma = y^2 */
+ felem_square(tmp, y_in);
+ felem_reduce(gamma, tmp); /* gamma[i] < 2^59 + 2^14 */
+
+ /* beta = x*gamma */
+ felem_mul(tmp, x_in, gamma);
+ felem_reduce(beta, tmp); /* beta[i] < 2^59 + 2^14 */
+
+ /* alpha = 3*(x-delta)*(x+delta) */
+ felem_diff64(ftmp, delta);
+ /* ftmp[i] < 2^61 */
+ felem_sum64(ftmp2, delta);
+ /* ftmp2[i] < 2^60 + 2^15 */
+ felem_scalar64(ftmp2, 3);
+ /* ftmp2[i] < 3*2^60 + 3*2^15 */
+ felem_mul(tmp, ftmp, ftmp2);
+ /*-
+ * tmp[i] < 17(3*2^121 + 3*2^76)
+ * = 61*2^121 + 61*2^76
+ * < 64*2^121 + 64*2^76
+ * = 2^127 + 2^82
+ * < 2^128
+ */
+ felem_reduce(alpha, tmp);
+
+ /* x' = alpha^2 - 8*beta */
+ felem_square(tmp, alpha);
+ /*
+ * tmp[i] < 17*2^120 < 2^125
+ */
+ felem_assign(ftmp, beta);
+ felem_scalar64(ftmp, 8);
+ /* ftmp[i] < 2^62 + 2^17 */
+ felem_diff_128_64(tmp, ftmp);
+ /* tmp[i] < 2^125 + 2^63 + 2^62 + 2^17 */
+ felem_reduce(x_out, tmp);
+
+ /* z' = (y + z)^2 - gamma - delta */
+ felem_sum64(delta, gamma);
+ /* delta[i] < 2^60 + 2^15 */
+ felem_assign(ftmp, y_in);
+ felem_sum64(ftmp, z_in);
+ /* ftmp[i] < 2^60 + 2^15 */
+ felem_square(tmp, ftmp);
+ /*
+ * tmp[i] < 17(2^122) < 2^127
+ */
+ felem_diff_128_64(tmp, delta);
+ /* tmp[i] < 2^127 + 2^63 */
+ felem_reduce(z_out, tmp);
+
+ /* y' = alpha*(4*beta - x') - 8*gamma^2 */
+ felem_scalar64(beta, 4);
+ /* beta[i] < 2^61 + 2^16 */
+ felem_diff64(beta, x_out);
+ /* beta[i] < 2^61 + 2^60 + 2^16 */
+ felem_mul(tmp, alpha, beta);
+ /*-
+ * tmp[i] < 17*((2^59 + 2^14)(2^61 + 2^60 + 2^16))
+ * = 17*(2^120 + 2^75 + 2^119 + 2^74 + 2^75 + 2^30)
+ * = 17*(2^120 + 2^119 + 2^76 + 2^74 + 2^30)
+ * < 2^128
+ */
+ felem_square(tmp2, gamma);
+ /*-
+ * tmp2[i] < 17*(2^59 + 2^14)^2
+ * = 17*(2^118 + 2^74 + 2^28)
+ */
+ felem_scalar128(tmp2, 8);
+ /*-
+ * tmp2[i] < 8*17*(2^118 + 2^74 + 2^28)
+ * = 2^125 + 2^121 + 2^81 + 2^77 + 2^35 + 2^31
+ * < 2^126
+ */
+ felem_diff128(tmp, tmp2);
+ /*-
+ * tmp[i] < 2^127 - 2^69 + 17(2^120 + 2^119 + 2^76 + 2^74 + 2^30)
+ * = 2^127 + 2^124 + 2^122 + 2^120 + 2^118 + 2^80 + 2^78 + 2^76 +
+ * 2^74 + 2^69 + 2^34 + 2^30
+ * < 2^128
+ */
+ felem_reduce(y_out, tmp);
+}
+
+/* copy_conditional copies in to out iff mask is all ones. */
+static void copy_conditional(felem out, const felem in, limb mask)
+{
+ unsigned i;
+ for (i = 0; i < NLIMBS; ++i) {
+ const limb tmp = mask & (in[i] ^ out[i]);
+ out[i] ^= tmp;
+ }
+}
+
+/*-
+ * point_add calcuates (x1, y1, z1) + (x2, y2, z2)
+ *
+ * The method is taken from
+ * http://hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-3.html#addition-add-2007-bl,
+ * adapted for mixed addition (z2 = 1, or z2 = 0 for the point at infinity).
+ *
+ * This function includes a branch for checking whether the two input points
+ * are equal (while not equal to the point at infinity). This case never
+ * happens during single point multiplication, so there is no timing leak for
+ * ECDH or ECDSA signing. */
+static void point_add(felem x3, felem y3, felem z3,
+ const felem x1, const felem y1, const felem z1,
+ const int mixed, const felem x2, const felem y2,
+ const felem z2)
+{
+ felem ftmp, ftmp2, ftmp3, ftmp4, ftmp5, ftmp6, x_out, y_out, z_out;
+ largefelem tmp, tmp2;
+ limb x_equal, y_equal, z1_is_zero, z2_is_zero;
+
+ z1_is_zero = felem_is_zero(z1);
+ z2_is_zero = felem_is_zero(z2);
+
+ /* ftmp = z1z1 = z1**2 */
+ felem_square(tmp, z1);
+ felem_reduce(ftmp, tmp);
+
+ if (!mixed) {
+ /* ftmp2 = z2z2 = z2**2 */
+ felem_square(tmp, z2);
+ felem_reduce(ftmp2, tmp);
+
+ /* u1 = ftmp3 = x1*z2z2 */
+ felem_mul(tmp, x1, ftmp2);
+ felem_reduce(ftmp3, tmp);
+
+ /* ftmp5 = z1 + z2 */
+ felem_assign(ftmp5, z1);
+ felem_sum64(ftmp5, z2);
+ /* ftmp5[i] < 2^61 */
+
+ /* ftmp5 = (z1 + z2)**2 - z1z1 - z2z2 = 2*z1z2 */
+ felem_square(tmp, ftmp5);
+ /* tmp[i] < 17*2^122 */
+ felem_diff_128_64(tmp, ftmp);
+ /* tmp[i] < 17*2^122 + 2^63 */
+ felem_diff_128_64(tmp, ftmp2);
+ /* tmp[i] < 17*2^122 + 2^64 */
+ felem_reduce(ftmp5, tmp);
+
+ /* ftmp2 = z2 * z2z2 */
+ felem_mul(tmp, ftmp2, z2);
+ felem_reduce(ftmp2, tmp);
+
+ /* s1 = ftmp6 = y1 * z2**3 */
+ felem_mul(tmp, y1, ftmp2);
+ felem_reduce(ftmp6, tmp);
+ } else {
+ /*
+ * We'll assume z2 = 1 (special case z2 = 0 is handled later)
+ */
+
+ /* u1 = ftmp3 = x1*z2z2 */
+ felem_assign(ftmp3, x1);
+
+ /* ftmp5 = 2*z1z2 */
+ felem_scalar(ftmp5, z1, 2);
+
+ /* s1 = ftmp6 = y1 * z2**3 */
+ felem_assign(ftmp6, y1);
+ }
+
+ /* u2 = x2*z1z1 */
+ felem_mul(tmp, x2, ftmp);
+ /* tmp[i] < 17*2^120 */
+
+ /* h = ftmp4 = u2 - u1 */
+ felem_diff_128_64(tmp, ftmp3);
+ /* tmp[i] < 17*2^120 + 2^63 */
+ felem_reduce(ftmp4, tmp);
+
+ x_equal = felem_is_zero(ftmp4);
+
+ /* z_out = ftmp5 * h */
+ felem_mul(tmp, ftmp5, ftmp4);
+ felem_reduce(z_out, tmp);
+
+ /* ftmp = z1 * z1z1 */
+ felem_mul(tmp, ftmp, z1);
+ felem_reduce(ftmp, tmp);
+
+ /* s2 = tmp = y2 * z1**3 */
+ felem_mul(tmp, y2, ftmp);
+ /* tmp[i] < 17*2^120 */
+
+ /* r = ftmp5 = (s2 - s1)*2 */
+ felem_diff_128_64(tmp, ftmp6);
+ /* tmp[i] < 17*2^120 + 2^63 */
+ felem_reduce(ftmp5, tmp);
+ y_equal = felem_is_zero(ftmp5);
+ felem_scalar64(ftmp5, 2);
+ /* ftmp5[i] < 2^61 */
+
+ if (x_equal && y_equal && !z1_is_zero && !z2_is_zero) {
+ point_double(x3, y3, z3, x1, y1, z1);
+ return;
+ }
+
+ /* I = ftmp = (2h)**2 */
+ felem_assign(ftmp, ftmp4);
+ felem_scalar64(ftmp, 2);
+ /* ftmp[i] < 2^61 */
+ felem_square(tmp, ftmp);
+ /* tmp[i] < 17*2^122 */
+ felem_reduce(ftmp, tmp);
+
+ /* J = ftmp2 = h * I */
+ felem_mul(tmp, ftmp4, ftmp);
+ felem_reduce(ftmp2, tmp);
+
+ /* V = ftmp4 = U1 * I */
+ felem_mul(tmp, ftmp3, ftmp);
+ felem_reduce(ftmp4, tmp);
+
+ /* x_out = r**2 - J - 2V */
+ felem_square(tmp, ftmp5);
+ /* tmp[i] < 17*2^122 */
+ felem_diff_128_64(tmp, ftmp2);
+ /* tmp[i] < 17*2^122 + 2^63 */
+ felem_assign(ftmp3, ftmp4);
+ felem_scalar64(ftmp4, 2);
+ /* ftmp4[i] < 2^61 */
+ felem_diff_128_64(tmp, ftmp4);
+ /* tmp[i] < 17*2^122 + 2^64 */
+ felem_reduce(x_out, tmp);
+
+ /* y_out = r(V-x_out) - 2 * s1 * J */
+ felem_diff64(ftmp3, x_out);
+ /*
+ * ftmp3[i] < 2^60 + 2^60 = 2^61
+ */
+ felem_mul(tmp, ftmp5, ftmp3);
+ /* tmp[i] < 17*2^122 */
+ felem_mul(tmp2, ftmp6, ftmp2);
+ /* tmp2[i] < 17*2^120 */
+ felem_scalar128(tmp2, 2);
+ /* tmp2[i] < 17*2^121 */
+ felem_diff128(tmp, tmp2);
+ /*-
+ * tmp[i] < 2^127 - 2^69 + 17*2^122
+ * = 2^126 - 2^122 - 2^6 - 2^2 - 1
+ * < 2^127
+ */
+ felem_reduce(y_out, tmp);
+
+ copy_conditional(x_out, x2, z1_is_zero);
+ copy_conditional(x_out, x1, z2_is_zero);
+ copy_conditional(y_out, y2, z1_is_zero);
+ copy_conditional(y_out, y1, z2_is_zero);
+ copy_conditional(z_out, z2, z1_is_zero);
+ copy_conditional(z_out, z1, z2_is_zero);
+ felem_assign(x3, x_out);
+ felem_assign(y3, y_out);
+ felem_assign(z3, z_out);
+}
+
+/*-
+ * Base point pre computation
+ * --------------------------
+ *
+ * Two different sorts of precomputed tables are used in the following code.
+ * Each contain various points on the curve, where each point is three field
+ * elements (x, y, z).
+ *
+ * For the base point table, z is usually 1 (0 for the point at infinity).
+ * This table has 16 elements:
+ * index | bits | point
+ * ------+---------+------------------------------
+ * 0 | 0 0 0 0 | 0G
+ * 1 | 0 0 0 1 | 1G
+ * 2 | 0 0 1 0 | 2^130G
+ * 3 | 0 0 1 1 | (2^130 + 1)G
+ * 4 | 0 1 0 0 | 2^260G
+ * 5 | 0 1 0 1 | (2^260 + 1)G
+ * 6 | 0 1 1 0 | (2^260 + 2^130)G
+ * 7 | 0 1 1 1 | (2^260 + 2^130 + 1)G
+ * 8 | 1 0 0 0 | 2^390G
+ * 9 | 1 0 0 1 | (2^390 + 1)G
+ * 10 | 1 0 1 0 | (2^390 + 2^130)G
+ * 11 | 1 0 1 1 | (2^390 + 2^130 + 1)G
+ * 12 | 1 1 0 0 | (2^390 + 2^260)G
+ * 13 | 1 1 0 1 | (2^390 + 2^260 + 1)G
+ * 14 | 1 1 1 0 | (2^390 + 2^260 + 2^130)G
+ * 15 | 1 1 1 1 | (2^390 + 2^260 + 2^130 + 1)G
+ *
+ * The reason for this is so that we can clock bits into four different
+ * locations when doing simple scalar multiplies against the base point.
+ *
+ * Tables for other points have table[i] = iG for i in 0 .. 16. */
+
+/* gmul is the table of precomputed base points */
+static const felem gmul[16][3] = { {{0, 0, 0, 0, 0, 0, 0, 0, 0},
+ {0, 0, 0, 0, 0, 0, 0, 0, 0},
+ {0, 0, 0, 0, 0, 0, 0, 0, 0}},
+{{0x017e7e31c2e5bd66, 0x022cf0615a90a6fe, 0x00127a2ffa8de334,
+ 0x01dfbf9d64a3f877, 0x006b4d3dbaa14b5e, 0x014fed487e0a2bd8,
+ 0x015b4429c6481390, 0x03a73678fb2d988e, 0x00c6858e06b70404},
+ {0x00be94769fd16650, 0x031c21a89cb09022, 0x039013fad0761353,
+ 0x02657bd099031542, 0x03273e662c97ee72, 0x01e6d11a05ebef45,
+ 0x03d1bd998f544495, 0x03001172297ed0b1, 0x011839296a789a3b},
+ {1, 0, 0, 0, 0, 0, 0, 0, 0}},
+{{0x0373faacbc875bae, 0x00f325023721c671, 0x00f666fd3dbde5ad,
+ 0x01a6932363f88ea7, 0x01fc6d9e13f9c47b, 0x03bcbffc2bbf734e,
+ 0x013ee3c3647f3a92, 0x029409fefe75d07d, 0x00ef9199963d85e5},
+ {0x011173743ad5b178, 0x02499c7c21bf7d46, 0x035beaeabb8b1a58,
+ 0x00f989c4752ea0a3, 0x0101e1de48a9c1a3, 0x01a20076be28ba6c,
+ 0x02f8052e5eb2de95, 0x01bfe8f82dea117c, 0x0160074d3c36ddb7},
+ {1, 0, 0, 0, 0, 0, 0, 0, 0}},
+{{0x012f3fc373393b3b, 0x03d3d6172f1419fa, 0x02adc943c0b86873,
+ 0x00d475584177952b, 0x012a4d1673750ee2, 0x00512517a0f13b0c,
+ 0x02b184671a7b1734, 0x0315b84236f1a50a, 0x00a4afc472edbdb9},
+ {0x00152a7077f385c4, 0x03044007d8d1c2ee, 0x0065829d61d52b52,
+ 0x00494ff6b6631d0d, 0x00a11d94d5f06bcf, 0x02d2f89474d9282e,
+ 0x0241c5727c06eeb9, 0x0386928710fbdb9d, 0x01f883f727b0dfbe},
+ {1, 0, 0, 0, 0, 0, 0, 0, 0}},
+{{0x019b0c3c9185544d, 0x006243a37c9d97db, 0x02ee3cbe030a2ad2,
+ 0x00cfdd946bb51e0d, 0x0271c00932606b91, 0x03f817d1ec68c561,
+ 0x03f37009806a369c, 0x03c1f30baf184fd5, 0x01091022d6d2f065},
+ {0x0292c583514c45ed, 0x0316fca51f9a286c, 0x00300af507c1489a,
+ 0x0295f69008298cf1, 0x02c0ed8274943d7b, 0x016509b9b47a431e,
+ 0x02bc9de9634868ce, 0x005b34929bffcb09, 0x000c1a0121681524},
+ {1, 0, 0, 0, 0, 0, 0, 0, 0}},
+{{0x0286abc0292fb9f2, 0x02665eee9805b3f7, 0x01ed7455f17f26d6,
+ 0x0346355b83175d13, 0x006284944cd0a097, 0x0191895bcdec5e51,
+ 0x02e288370afda7d9, 0x03b22312bfefa67a, 0x01d104d3fc0613fe},
+ {0x0092421a12f7e47f, 0x0077a83fa373c501, 0x03bd25c5f696bd0d,
+ 0x035c41e4d5459761, 0x01ca0d1742b24f53, 0x00aaab27863a509c,
+ 0x018b6de47df73917, 0x025c0b771705cd01, 0x01fd51d566d760a7},
+ {1, 0, 0, 0, 0, 0, 0, 0, 0}},
+{{0x01dd92ff6b0d1dbd, 0x039c5e2e8f8afa69, 0x0261ed13242c3b27,
+ 0x0382c6e67026e6a0, 0x01d60b10be2089f9, 0x03c15f3dce86723f,
+ 0x03c764a32d2a062d, 0x017307eac0fad056, 0x018207c0b96c5256},
+ {0x0196a16d60e13154, 0x03e6ce74c0267030, 0x00ddbf2b4e52a5aa,
+ 0x012738241bbf31c8, 0x00ebe8dc04685a28, 0x024c2ad6d380d4a2,
+ 0x035ee062a6e62d0e, 0x0029ed74af7d3a0f, 0x00eef32aec142ebd},
+ {1, 0, 0, 0, 0, 0, 0, 0, 0}},
+{{0x00c31ec398993b39, 0x03a9f45bcda68253, 0x00ac733c24c70890,
+ 0x00872b111401ff01, 0x01d178c23195eafb, 0x03bca2c816b87f74,
+ 0x0261a9af46fbad7a, 0x0324b2a8dd3d28f9, 0x00918121d8f24e23},
+ {0x032bc8c1ca983cd7, 0x00d869dfb08fc8c6, 0x01693cb61fce1516,
+ 0x012a5ea68f4e88a8, 0x010869cab88d7ae3, 0x009081ad277ceee1,
+ 0x033a77166d064cdc, 0x03955235a1fb3a95, 0x01251a4a9b25b65e},
+ {1, 0, 0, 0, 0, 0, 0, 0, 0}},
+{{0x00148a3a1b27f40b, 0x0123186df1b31fdc, 0x00026e7beaad34ce,
+ 0x01db446ac1d3dbba, 0x0299c1a33437eaec, 0x024540610183cbb7,
+ 0x0173bb0e9ce92e46, 0x02b937e43921214b, 0x01ab0436a9bf01b5},
+ {0x0383381640d46948, 0x008dacbf0e7f330f, 0x03602122bcc3f318,
+ 0x01ee596b200620d6, 0x03bd0585fda430b3, 0x014aed77fd123a83,
+ 0x005ace749e52f742, 0x0390fe041da2b842, 0x0189a8ceb3299242},
+ {1, 0, 0, 0, 0, 0, 0, 0, 0}},
+{{0x012a19d6b3282473, 0x00c0915918b423ce, 0x023a954eb94405ae,
+ 0x00529f692be26158, 0x0289fa1b6fa4b2aa, 0x0198ae4ceea346ef,
+ 0x0047d8cdfbdedd49, 0x00cc8c8953f0f6b8, 0x001424abbff49203},
+ {0x0256732a1115a03a, 0x0351bc38665c6733, 0x03f7b950fb4a6447,
+ 0x000afffa94c22155, 0x025763d0a4dab540, 0x000511e92d4fc283,
+ 0x030a7e9eda0ee96c, 0x004c3cd93a28bf0a, 0x017edb3a8719217f},
+ {1, 0, 0, 0, 0, 0, 0, 0, 0}},
+{{0x011de5675a88e673, 0x031d7d0f5e567fbe, 0x0016b2062c970ae5,
+ 0x03f4a2be49d90aa7, 0x03cef0bd13822866, 0x03f0923dcf774a6c,
+ 0x0284bebc4f322f72, 0x016ab2645302bb2c, 0x01793f95dace0e2a},
+ {0x010646e13527a28f, 0x01ca1babd59dc5e7, 0x01afedfd9a5595df,
+ 0x01f15785212ea6b1, 0x0324e5d64f6ae3f4, 0x02d680f526d00645,
+ 0x0127920fadf627a7, 0x03b383f75df4f684, 0x0089e0057e783b0a},
+ {1, 0, 0, 0, 0, 0, 0, 0, 0}},
+{{0x00f334b9eb3c26c6, 0x0298fdaa98568dce, 0x01c2d24843a82292,
+ 0x020bcb24fa1b0711, 0x02cbdb3d2b1875e6, 0x0014907598f89422,
+ 0x03abe3aa43b26664, 0x02cbf47f720bc168, 0x0133b5e73014b79b},
+ {0x034aab5dab05779d, 0x00cdc5d71fee9abb, 0x0399f16bd4bd9d30,
+ 0x03582fa592d82647, 0x02be1cdfb775b0e9, 0x0034f7cea32e94cb,
+ 0x0335a7f08f56f286, 0x03b707e9565d1c8b, 0x0015c946ea5b614f},
+ {1, 0, 0, 0, 0, 0, 0, 0, 0}},
+{{0x024676f6cff72255, 0x00d14625cac96378, 0x00532b6008bc3767,
+ 0x01fc16721b985322, 0x023355ea1b091668, 0x029de7afdc0317c3,
+ 0x02fc8a7ca2da037c, 0x02de1217d74a6f30, 0x013f7173175b73bf},
+ {0x0344913f441490b5, 0x0200f9e272b61eca, 0x0258a246b1dd55d2,
+ 0x03753db9ea496f36, 0x025e02937a09c5ef, 0x030cbd3d14012692,
+ 0x01793a67e70dc72a, 0x03ec1d37048a662e, 0x006550f700c32a8d},
+ {1, 0, 0, 0, 0, 0, 0, 0, 0}},
+{{0x00d3f48a347eba27, 0x008e636649b61bd8, 0x00d3b93716778fb3,
+ 0x004d1915757bd209, 0x019d5311a3da44e0, 0x016d1afcbbe6aade,
+ 0x0241bf5f73265616, 0x0384672e5d50d39b, 0x005009fee522b684},
+ {0x029b4fab064435fe, 0x018868ee095bbb07, 0x01ea3d6936cc92b8,
+ 0x000608b00f78a2f3, 0x02db911073d1c20f, 0x018205938470100a,
+ 0x01f1e4964cbe6ff2, 0x021a19a29eed4663, 0x01414485f42afa81},
+ {1, 0, 0, 0, 0, 0, 0, 0, 0}},
+{{0x01612b3a17f63e34, 0x03813992885428e6, 0x022b3c215b5a9608,
+ 0x029b4057e19f2fcb, 0x0384059a587af7e6, 0x02d6400ace6fe610,
+ 0x029354d896e8e331, 0x00c047ee6dfba65e, 0x0037720542e9d49d},
+ {0x02ce9eed7c5e9278, 0x0374ed703e79643b, 0x01316c54c4072006,
+ 0x005aaa09054b2ee8, 0x002824000c840d57, 0x03d4eba24771ed86,
+ 0x0189c50aabc3bdae, 0x0338c01541e15510, 0x00466d56e38eed42},
+ {1, 0, 0, 0, 0, 0, 0, 0, 0}},
+{{0x007efd8330ad8bd6, 0x02465ed48047710b, 0x0034c6606b215e0c,
+ 0x016ae30c53cbf839, 0x01fa17bd37161216, 0x018ead4e61ce8ab9,
+ 0x005482ed5f5dee46, 0x037543755bba1d7f, 0x005e5ac7e70a9d0f},
+ {0x0117e1bb2fdcb2a2, 0x03deea36249f40c4, 0x028d09b4a6246cb7,
+ 0x03524b8855bcf756, 0x023d7d109d5ceb58, 0x0178e43e3223ef9c,
+ 0x0154536a0c6e966a, 0x037964d1286ee9fe, 0x0199bcd90e125055},
+ {1, 0, 0, 0, 0, 0, 0, 0, 0}}
+};
+
+/*
+ * select_point selects the |idx|th point from a precomputation table and
+ * copies it to out.
+ */
+ /* pre_comp below is of the size provided in |size| */
+static void select_point(const limb idx, unsigned int size,
+ const felem pre_comp[][3], felem out[3])
+{
+ unsigned i, j;
+ limb *outlimbs = &out[0][0];
+ memset(outlimbs, 0, 3 * sizeof(felem));
+
+ for (i = 0; i < size; i++) {
+ const limb *inlimbs = &pre_comp[i][0][0];
+ limb mask = i ^ idx;
+ mask |= mask >> 4;
+ mask |= mask >> 2;
+ mask |= mask >> 1;
+ mask &= 1;
+ mask--;
+ for (j = 0; j < NLIMBS * 3; j++)
+ outlimbs[j] |= inlimbs[j] & mask;
+ }
+}
+
+/* get_bit returns the |i|th bit in |in| */
+static char get_bit(const felem_bytearray in, int i)
+{
+ if (i < 0)
+ return 0;
+ return (in[i >> 3] >> (i & 7)) & 1;
+}
+
+/*
+ * Interleaved point multiplication using precomputed point multiples: The
+ * small point multiples 0*P, 1*P, ..., 16*P are in pre_comp[], the scalars
+ * in scalars[]. If g_scalar is non-NULL, we also add this multiple of the
+ * generator, using certain (large) precomputed multiples in g_pre_comp.
+ * Output point (X, Y, Z) is stored in x_out, y_out, z_out
+ */
+static void batch_mul(felem x_out, felem y_out, felem z_out,
+ const felem_bytearray scalars[],
+ const unsigned num_points, const u8 *g_scalar,
+ const int mixed, const felem pre_comp[][17][3],
+ const felem g_pre_comp[16][3])
+{
+ int i, skip;
+ unsigned num, gen_mul = (g_scalar != NULL);
+ felem nq[3], tmp[4];
+ limb bits;
+ u8 sign, digit;
+
+ /* set nq to the point at infinity */
+ memset(nq, 0, 3 * sizeof(felem));
+
+ /*
+ * Loop over all scalars msb-to-lsb, interleaving additions of multiples
+ * of the generator (last quarter of rounds) and additions of other
+ * points multiples (every 5th round).
+ */
+ skip = 1; /* save two point operations in the first
+ * round */
+ for (i = (num_points ? 520 : 130); i >= 0; --i) {
+ /* double */
+ if (!skip)
+ point_double(nq[0], nq[1], nq[2], nq[0], nq[1], nq[2]);
+
+ /* add multiples of the generator */
+ if (gen_mul && (i <= 130)) {
+ bits = get_bit(g_scalar, i + 390) << 3;
+ if (i < 130) {
+ bits |= get_bit(g_scalar, i + 260) << 2;
+ bits |= get_bit(g_scalar, i + 130) << 1;
+ bits |= get_bit(g_scalar, i);
+ }
+ /* select the point to add, in constant time */
+ select_point(bits, 16, g_pre_comp, tmp);
+ if (!skip) {
+ /* The 1 argument below is for "mixed" */
+ point_add(nq[0], nq[1], nq[2],
+ nq[0], nq[1], nq[2], 1, tmp[0], tmp[1], tmp[2]);
+ } else {
+ memcpy(nq, tmp, 3 * sizeof(felem));
+ skip = 0;
+ }
+ }
+
+ /* do other additions every 5 doublings */
+ if (num_points && (i % 5 == 0)) {
+ /* loop over all scalars */
+ for (num = 0; num < num_points; ++num) {
+ bits = get_bit(scalars[num], i + 4) << 5;
+ bits |= get_bit(scalars[num], i + 3) << 4;
+ bits |= get_bit(scalars[num], i + 2) << 3;
+ bits |= get_bit(scalars[num], i + 1) << 2;
+ bits |= get_bit(scalars[num], i) << 1;
+ bits |= get_bit(scalars[num], i - 1);
+ ec_GFp_nistp_recode_scalar_bits(&sign, &digit, bits);
+
+ /*
+ * select the point to add or subtract, in constant time
+ */
+ select_point(digit, 17, pre_comp[num], tmp);
+ felem_neg(tmp[3], tmp[1]); /* (X, -Y, Z) is the negative
+ * point */
+ copy_conditional(tmp[1], tmp[3], (-(limb) sign));
+
+ if (!skip) {
+ point_add(nq[0], nq[1], nq[2],
+ nq[0], nq[1], nq[2],
+ mixed, tmp[0], tmp[1], tmp[2]);
+ } else {
+ memcpy(nq, tmp, 3 * sizeof(felem));
+ skip = 0;
+ }
+ }
+ }
+ }
+ felem_assign(x_out, nq[0]);
+ felem_assign(y_out, nq[1]);
+ felem_assign(z_out, nq[2]);
+}
+
+/* Precomputation for the group generator. */
+typedef struct {
+ felem g_pre_comp[16][3];
+ int references;
+} NISTP521_PRE_COMP;
+
+const EC_METHOD *EC_GFp_nistp521_method(void)
+{
+ static const EC_METHOD ret = {
+ EC_FLAGS_DEFAULT_OCT,
+ NID_X9_62_prime_field,
+ ec_GFp_nistp521_group_init,
+ ec_GFp_simple_group_finish,
+ ec_GFp_simple_group_clear_finish,
+ ec_GFp_nist_group_copy,
+ ec_GFp_nistp521_group_set_curve,
+ ec_GFp_simple_group_get_curve,
+ ec_GFp_simple_group_get_degree,
+ ec_GFp_simple_group_check_discriminant,
+ ec_GFp_simple_point_init,
+ ec_GFp_simple_point_finish,
+ ec_GFp_simple_point_clear_finish,
+ ec_GFp_simple_point_copy,
+ ec_GFp_simple_point_set_to_infinity,
+ ec_GFp_simple_set_Jprojective_coordinates_GFp,
+ ec_GFp_simple_get_Jprojective_coordinates_GFp,
+ ec_GFp_simple_point_set_affine_coordinates,
+ ec_GFp_nistp521_point_get_affine_coordinates,
+ 0 /* point_set_compressed_coordinates */ ,
+ 0 /* point2oct */ ,
+ 0 /* oct2point */ ,
+ ec_GFp_simple_add,
+ ec_GFp_simple_dbl,
+ ec_GFp_simple_invert,
+ ec_GFp_simple_is_at_infinity,
+ ec_GFp_simple_is_on_curve,
+ ec_GFp_simple_cmp,
+ ec_GFp_simple_make_affine,
+ ec_GFp_simple_points_make_affine,
+ ec_GFp_nistp521_points_mul,
+ ec_GFp_nistp521_precompute_mult,
+ ec_GFp_nistp521_have_precompute_mult,
+ ec_GFp_nist_field_mul,
+ ec_GFp_nist_field_sqr,
+ 0 /* field_div */ ,
+ 0 /* field_encode */ ,
+ 0 /* field_decode */ ,
+ 0 /* field_set_to_one */
+ };
+
+ return &ret;
+}
+
+/******************************************************************************/
+/*
+ * FUNCTIONS TO MANAGE PRECOMPUTATION
+ */
+
+static NISTP521_PRE_COMP *nistp521_pre_comp_new()
+{
+ NISTP521_PRE_COMP *ret = NULL;
+ ret = (NISTP521_PRE_COMP *) OPENSSL_malloc(sizeof(NISTP521_PRE_COMP));
+ if (!ret) {
+ ECerr(EC_F_NISTP521_PRE_COMP_NEW, ERR_R_MALLOC_FAILURE);
+ return ret;
+ }
+ memset(ret->g_pre_comp, 0, sizeof(ret->g_pre_comp));
+ ret->references = 1;
+ return ret;
+}
+
+static void *nistp521_pre_comp_dup(void *src_)
+{
+ NISTP521_PRE_COMP *src = src_;
+
+ /* no need to actually copy, these objects never change! */
+ CRYPTO_add(&src->references, 1, CRYPTO_LOCK_EC_PRE_COMP);
+
+ return src_;
+}
+
+static void nistp521_pre_comp_free(void *pre_)
+{
+ int i;
+ NISTP521_PRE_COMP *pre = pre_;
+
+ if (!pre)
+ return;
+
+ i = CRYPTO_add(&pre->references, -1, CRYPTO_LOCK_EC_PRE_COMP);
+ if (i > 0)
+ return;
+
+ OPENSSL_free(pre);
+}
+
+static void nistp521_pre_comp_clear_free(void *pre_)
+{
+ int i;
+ NISTP521_PRE_COMP *pre = pre_;
+
+ if (!pre)
+ return;
+
+ i = CRYPTO_add(&pre->references, -1, CRYPTO_LOCK_EC_PRE_COMP);
+ if (i > 0)
+ return;
+
+ OPENSSL_cleanse(pre, sizeof(*pre));
+ OPENSSL_free(pre);
+}
+
+/******************************************************************************/
+/*
+ * OPENSSL EC_METHOD FUNCTIONS
+ */
+
+int ec_GFp_nistp521_group_init(EC_GROUP *group)
+{
+ int ret;
+ ret = ec_GFp_simple_group_init(group);
+ group->a_is_minus3 = 1;
+ return ret;
+}
+
+int ec_GFp_nistp521_group_set_curve(EC_GROUP *group, const BIGNUM *p,
+ const BIGNUM *a, const BIGNUM *b,
+ BN_CTX *ctx)
+{
+ int ret = 0;
+ BN_CTX *new_ctx = NULL;
+ BIGNUM *curve_p, *curve_a, *curve_b;
+
+ if (ctx == NULL)
+ if ((ctx = new_ctx = BN_CTX_new()) == NULL)
+ return 0;
+ BN_CTX_start(ctx);
+ if (((curve_p = BN_CTX_get(ctx)) == NULL) ||
+ ((curve_a = BN_CTX_get(ctx)) == NULL) ||
+ ((curve_b = BN_CTX_get(ctx)) == NULL))
+ goto err;
+ BN_bin2bn(nistp521_curve_params[0], sizeof(felem_bytearray), curve_p);
+ BN_bin2bn(nistp521_curve_params[1], sizeof(felem_bytearray), curve_a);
+ BN_bin2bn(nistp521_curve_params[2], sizeof(felem_bytearray), curve_b);
+ if ((BN_cmp(curve_p, p)) || (BN_cmp(curve_a, a)) || (BN_cmp(curve_b, b))) {
+ ECerr(EC_F_EC_GFP_NISTP521_GROUP_SET_CURVE,
+ EC_R_WRONG_CURVE_PARAMETERS);
+ goto err;
+ }
+ group->field_mod_func = BN_nist_mod_521;
+ ret = ec_GFp_simple_group_set_curve(group, p, a, b, ctx);
+ err:
+ BN_CTX_end(ctx);
+ if (new_ctx != NULL)
+ BN_CTX_free(new_ctx);
+ return ret;
+}
+
+/*
+ * Takes the Jacobian coordinates (X, Y, Z) of a point and returns (X', Y') =
+ * (X/Z^2, Y/Z^3)
+ */
+int ec_GFp_nistp521_point_get_affine_coordinates(const EC_GROUP *group,
+ const EC_POINT *point,
+ BIGNUM *x, BIGNUM *y,
+ BN_CTX *ctx)
+{
+ felem z1, z2, x_in, y_in, x_out, y_out;
+ largefelem tmp;
+
+ if (EC_POINT_is_at_infinity(group, point)) {
+ ECerr(EC_F_EC_GFP_NISTP521_POINT_GET_AFFINE_COORDINATES,
+ EC_R_POINT_AT_INFINITY);
+ return 0;
+ }
+ if ((!BN_to_felem(x_in, &point->X)) || (!BN_to_felem(y_in, &point->Y)) ||
+ (!BN_to_felem(z1, &point->Z)))
+ return 0;
+ felem_inv(z2, z1);
+ felem_square(tmp, z2);
+ felem_reduce(z1, tmp);
+ felem_mul(tmp, x_in, z1);
+ felem_reduce(x_in, tmp);
+ felem_contract(x_out, x_in);
+ if (x != NULL) {
+ if (!felem_to_BN(x, x_out)) {
+ ECerr(EC_F_EC_GFP_NISTP521_POINT_GET_AFFINE_COORDINATES,
+ ERR_R_BN_LIB);
+ return 0;
+ }
+ }
+ felem_mul(tmp, z1, z2);
+ felem_reduce(z1, tmp);
+ felem_mul(tmp, y_in, z1);
+ felem_reduce(y_in, tmp);
+ felem_contract(y_out, y_in);
+ if (y != NULL) {
+ if (!felem_to_BN(y, y_out)) {
+ ECerr(EC_F_EC_GFP_NISTP521_POINT_GET_AFFINE_COORDINATES,
+ ERR_R_BN_LIB);
+ return 0;
+ }
+ }
+ return 1;
+}
+
+/* points below is of size |num|, and tmp_felems is of size |num+1/ */
+static void make_points_affine(size_t num, felem points[][3],
+ felem tmp_felems[])
+{
+ /*
+ * Runs in constant time, unless an input is the point at infinity (which
+ * normally shouldn't happen).
+ */
+ ec_GFp_nistp_points_make_affine_internal(num,
+ points,
+ sizeof(felem),
+ tmp_felems,
+ (void (*)(void *))felem_one,
+ (int (*)(const void *))
+ felem_is_zero_int,
+ (void (*)(void *, const void *))
+ felem_assign,
+ (void (*)(void *, const void *))
+ felem_square_reduce, (void (*)
+ (void *,
+ const void
+ *,
+ const void
+ *))
+ felem_mul_reduce,
+ (void (*)(void *, const void *))
+ felem_inv,
+ (void (*)(void *, const void *))
+ felem_contract);
+}
+
+/*
+ * Computes scalar*generator + \sum scalars[i]*points[i], ignoring NULL
+ * values Result is stored in r (r can equal one of the inputs).
+ */
+int ec_GFp_nistp521_points_mul(const EC_GROUP *group, EC_POINT *r,
+ const BIGNUM *scalar, size_t num,
+ const EC_POINT *points[],
+ const BIGNUM *scalars[], BN_CTX *ctx)
+{
+ int ret = 0;
+ int j;
+ int mixed = 0;
+ BN_CTX *new_ctx = NULL;
+ BIGNUM *x, *y, *z, *tmp_scalar;
+ felem_bytearray g_secret;
+ felem_bytearray *secrets = NULL;
+ felem(*pre_comp)[17][3] = NULL;
+ felem *tmp_felems = NULL;
+ felem_bytearray tmp;
+ unsigned i, num_bytes;
+ int have_pre_comp = 0;
+ size_t num_points = num;
+ felem x_in, y_in, z_in, x_out, y_out, z_out;
+ NISTP521_PRE_COMP *pre = NULL;
+ felem(*g_pre_comp)[3] = NULL;
+ EC_POINT *generator = NULL;
+ const EC_POINT *p = NULL;
+ const BIGNUM *p_scalar = NULL;
+
+ if (ctx == NULL)
+ if ((ctx = new_ctx = BN_CTX_new()) == NULL)
+ return 0;
+ BN_CTX_start(ctx);
+ if (((x = BN_CTX_get(ctx)) == NULL) ||
+ ((y = BN_CTX_get(ctx)) == NULL) ||
+ ((z = BN_CTX_get(ctx)) == NULL) ||
+ ((tmp_scalar = BN_CTX_get(ctx)) == NULL))
+ goto err;
+
+ if (scalar != NULL) {
+ pre = EC_EX_DATA_get_data(group->extra_data,
+ nistp521_pre_comp_dup,
+ nistp521_pre_comp_free,
+ nistp521_pre_comp_clear_free);
+ if (pre)
+ /* we have precomputation, try to use it */
+ g_pre_comp = &pre->g_pre_comp[0];
+ else
+ /* try to use the standard precomputation */
+ g_pre_comp = (felem(*)[3]) gmul;
+ generator = EC_POINT_new(group);
+ if (generator == NULL)
+ goto err;
+ /* get the generator from precomputation */
+ if (!felem_to_BN(x, g_pre_comp[1][0]) ||
+ !felem_to_BN(y, g_pre_comp[1][1]) ||
+ !felem_to_BN(z, g_pre_comp[1][2])) {
+ ECerr(EC_F_EC_GFP_NISTP521_POINTS_MUL, ERR_R_BN_LIB);
+ goto err;
+ }
+ if (!EC_POINT_set_Jprojective_coordinates_GFp(group,
+ generator, x, y, z,
+ ctx))
+ goto err;
+ if (0 == EC_POINT_cmp(group, generator, group->generator, ctx))
+ /* precomputation matches generator */
+ have_pre_comp = 1;
+ else
+ /*
+ * we don't have valid precomputation: treat the generator as a
+ * random point
+ */
+ num_points++;
+ }
+
+ if (num_points > 0) {
+ if (num_points >= 2) {
+ /*
+ * unless we precompute multiples for just one point, converting
+ * those into affine form is time well spent
+ */
+ mixed = 1;
+ }
+ secrets = OPENSSL_malloc(num_points * sizeof(felem_bytearray));
+ pre_comp = OPENSSL_malloc(num_points * 17 * 3 * sizeof(felem));
+ if (mixed)
+ tmp_felems =
+ OPENSSL_malloc((num_points * 17 + 1) * sizeof(felem));
+ if ((secrets == NULL) || (pre_comp == NULL)
+ || (mixed && (tmp_felems == NULL))) {
+ ECerr(EC_F_EC_GFP_NISTP521_POINTS_MUL, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ /*
+ * we treat NULL scalars as 0, and NULL points as points at infinity,
+ * i.e., they contribute nothing to the linear combination
+ */
+ memset(secrets, 0, num_points * sizeof(felem_bytearray));
+ memset(pre_comp, 0, num_points * 17 * 3 * sizeof(felem));
+ for (i = 0; i < num_points; ++i) {
+ if (i == num)
+ /*
+ * we didn't have a valid precomputation, so we pick the
+ * generator
+ */
+ {
+ p = EC_GROUP_get0_generator(group);
+ p_scalar = scalar;
+ } else
+ /* the i^th point */
+ {
+ p = points[i];
+ p_scalar = scalars[i];
+ }
+ if ((p_scalar != NULL) && (p != NULL)) {
+ /* reduce scalar to 0 <= scalar < 2^521 */
+ if ((BN_num_bits(p_scalar) > 521)
+ || (BN_is_negative(p_scalar))) {
+ /*
+ * this is an unusual input, and we don't guarantee
+ * constant-timeness
+ */
+ if (!BN_nnmod(tmp_scalar, p_scalar, &group->order, ctx)) {
+ ECerr(EC_F_EC_GFP_NISTP521_POINTS_MUL, ERR_R_BN_LIB);
+ goto err;
+ }
+ num_bytes = BN_bn2bin(tmp_scalar, tmp);
+ } else
+ num_bytes = BN_bn2bin(p_scalar, tmp);
+ flip_endian(secrets[i], tmp, num_bytes);
+ /* precompute multiples */
+ if ((!BN_to_felem(x_out, &p->X)) ||
+ (!BN_to_felem(y_out, &p->Y)) ||
+ (!BN_to_felem(z_out, &p->Z)))
+ goto err;
+ memcpy(pre_comp[i][1][0], x_out, sizeof(felem));
+ memcpy(pre_comp[i][1][1], y_out, sizeof(felem));
+ memcpy(pre_comp[i][1][2], z_out, sizeof(felem));
+ for (j = 2; j <= 16; ++j) {
+ if (j & 1) {
+ point_add(pre_comp[i][j][0], pre_comp[i][j][1],
+ pre_comp[i][j][2], pre_comp[i][1][0],
+ pre_comp[i][1][1], pre_comp[i][1][2], 0,
+ pre_comp[i][j - 1][0],
+ pre_comp[i][j - 1][1],
+ pre_comp[i][j - 1][2]);
+ } else {
+ point_double(pre_comp[i][j][0], pre_comp[i][j][1],
+ pre_comp[i][j][2], pre_comp[i][j / 2][0],
+ pre_comp[i][j / 2][1],
+ pre_comp[i][j / 2][2]);
+ }
+ }
+ }
+ }
+ if (mixed)
+ make_points_affine(num_points * 17, pre_comp[0], tmp_felems);
+ }
+
+ /* the scalar for the generator */
+ if ((scalar != NULL) && (have_pre_comp)) {
+ memset(g_secret, 0, sizeof(g_secret));
+ /* reduce scalar to 0 <= scalar < 2^521 */
+ if ((BN_num_bits(scalar) > 521) || (BN_is_negative(scalar))) {
+ /*
+ * this is an unusual input, and we don't guarantee
+ * constant-timeness
+ */
+ if (!BN_nnmod(tmp_scalar, scalar, &group->order, ctx)) {
+ ECerr(EC_F_EC_GFP_NISTP521_POINTS_MUL, ERR_R_BN_LIB);
+ goto err;
+ }
+ num_bytes = BN_bn2bin(tmp_scalar, tmp);
+ } else
+ num_bytes = BN_bn2bin(scalar, tmp);
+ flip_endian(g_secret, tmp, num_bytes);
+ /* do the multiplication with generator precomputation */
+ batch_mul(x_out, y_out, z_out,
+ (const felem_bytearray(*))secrets, num_points,
+ g_secret,
+ mixed, (const felem(*)[17][3])pre_comp,
+ (const felem(*)[3])g_pre_comp);
+ } else
+ /* do the multiplication without generator precomputation */
+ batch_mul(x_out, y_out, z_out,
+ (const felem_bytearray(*))secrets, num_points,
+ NULL, mixed, (const felem(*)[17][3])pre_comp, NULL);
+ /* reduce the output to its unique minimal representation */
+ felem_contract(x_in, x_out);
+ felem_contract(y_in, y_out);
+ felem_contract(z_in, z_out);
+ if ((!felem_to_BN(x, x_in)) || (!felem_to_BN(y, y_in)) ||
+ (!felem_to_BN(z, z_in))) {
+ ECerr(EC_F_EC_GFP_NISTP521_POINTS_MUL, ERR_R_BN_LIB);
+ goto err;
+ }
+ ret = EC_POINT_set_Jprojective_coordinates_GFp(group, r, x, y, z, ctx);
+
+ err:
+ BN_CTX_end(ctx);
+ if (generator != NULL)
+ EC_POINT_free(generator);
+ if (new_ctx != NULL)
+ BN_CTX_free(new_ctx);
+ if (secrets != NULL)
+ OPENSSL_free(secrets);
+ if (pre_comp != NULL)
+ OPENSSL_free(pre_comp);
+ if (tmp_felems != NULL)
+ OPENSSL_free(tmp_felems);
+ return ret;
+}
+
+int ec_GFp_nistp521_precompute_mult(EC_GROUP *group, BN_CTX *ctx)
+{
+ int ret = 0;
+ NISTP521_PRE_COMP *pre = NULL;
+ int i, j;
+ BN_CTX *new_ctx = NULL;
+ BIGNUM *x, *y;
+ EC_POINT *generator = NULL;
+ felem tmp_felems[16];
+
+ /* throw away old precomputation */
+ EC_EX_DATA_free_data(&group->extra_data, nistp521_pre_comp_dup,
+ nistp521_pre_comp_free,
+ nistp521_pre_comp_clear_free);
+ if (ctx == NULL)
+ if ((ctx = new_ctx = BN_CTX_new()) == NULL)
+ return 0;
+ BN_CTX_start(ctx);
+ if (((x = BN_CTX_get(ctx)) == NULL) || ((y = BN_CTX_get(ctx)) == NULL))
+ goto err;
+ /* get the generator */
+ if (group->generator == NULL)
+ goto err;
+ generator = EC_POINT_new(group);
+ if (generator == NULL)
+ goto err;
+ BN_bin2bn(nistp521_curve_params[3], sizeof(felem_bytearray), x);
+ BN_bin2bn(nistp521_curve_params[4], sizeof(felem_bytearray), y);
+ if (!EC_POINT_set_affine_coordinates_GFp(group, generator, x, y, ctx))
+ goto err;
+ if ((pre = nistp521_pre_comp_new()) == NULL)
+ goto err;
+ /*
+ * if the generator is the standard one, use built-in precomputation
+ */
+ if (0 == EC_POINT_cmp(group, generator, group->generator, ctx)) {
+ memcpy(pre->g_pre_comp, gmul, sizeof(pre->g_pre_comp));
+ ret = 1;
+ goto err;
+ }
+ if ((!BN_to_felem(pre->g_pre_comp[1][0], &group->generator->X)) ||
+ (!BN_to_felem(pre->g_pre_comp[1][1], &group->generator->Y)) ||
+ (!BN_to_felem(pre->g_pre_comp[1][2], &group->generator->Z)))
+ goto err;
+ /* compute 2^130*G, 2^260*G, 2^390*G */
+ for (i = 1; i <= 4; i <<= 1) {
+ point_double(pre->g_pre_comp[2 * i][0], pre->g_pre_comp[2 * i][1],
+ pre->g_pre_comp[2 * i][2], pre->g_pre_comp[i][0],
+ pre->g_pre_comp[i][1], pre->g_pre_comp[i][2]);
+ for (j = 0; j < 129; ++j) {
+ point_double(pre->g_pre_comp[2 * i][0],
+ pre->g_pre_comp[2 * i][1],
+ pre->g_pre_comp[2 * i][2],
+ pre->g_pre_comp[2 * i][0],
+ pre->g_pre_comp[2 * i][1],
+ pre->g_pre_comp[2 * i][2]);
+ }
+ }
+ /* g_pre_comp[0] is the point at infinity */
+ memset(pre->g_pre_comp[0], 0, sizeof(pre->g_pre_comp[0]));
+ /* the remaining multiples */
+ /* 2^130*G + 2^260*G */
+ point_add(pre->g_pre_comp[6][0], pre->g_pre_comp[6][1],
+ pre->g_pre_comp[6][2], pre->g_pre_comp[4][0],
+ pre->g_pre_comp[4][1], pre->g_pre_comp[4][2],
+ 0, pre->g_pre_comp[2][0], pre->g_pre_comp[2][1],
+ pre->g_pre_comp[2][2]);
+ /* 2^130*G + 2^390*G */
+ point_add(pre->g_pre_comp[10][0], pre->g_pre_comp[10][1],
+ pre->g_pre_comp[10][2], pre->g_pre_comp[8][0],
+ pre->g_pre_comp[8][1], pre->g_pre_comp[8][2],
+ 0, pre->g_pre_comp[2][0], pre->g_pre_comp[2][1],
+ pre->g_pre_comp[2][2]);
+ /* 2^260*G + 2^390*G */
+ point_add(pre->g_pre_comp[12][0], pre->g_pre_comp[12][1],
+ pre->g_pre_comp[12][2], pre->g_pre_comp[8][0],
+ pre->g_pre_comp[8][1], pre->g_pre_comp[8][2],
+ 0, pre->g_pre_comp[4][0], pre->g_pre_comp[4][1],
+ pre->g_pre_comp[4][2]);
+ /* 2^130*G + 2^260*G + 2^390*G */
+ point_add(pre->g_pre_comp[14][0], pre->g_pre_comp[14][1],
+ pre->g_pre_comp[14][2], pre->g_pre_comp[12][0],
+ pre->g_pre_comp[12][1], pre->g_pre_comp[12][2],
+ 0, pre->g_pre_comp[2][0], pre->g_pre_comp[2][1],
+ pre->g_pre_comp[2][2]);
+ for (i = 1; i < 8; ++i) {
+ /* odd multiples: add G */
+ point_add(pre->g_pre_comp[2 * i + 1][0],
+ pre->g_pre_comp[2 * i + 1][1],
+ pre->g_pre_comp[2 * i + 1][2], pre->g_pre_comp[2 * i][0],
+ pre->g_pre_comp[2 * i][1], pre->g_pre_comp[2 * i][2], 0,
+ pre->g_pre_comp[1][0], pre->g_pre_comp[1][1],
+ pre->g_pre_comp[1][2]);
+ }
+ make_points_affine(15, &(pre->g_pre_comp[1]), tmp_felems);
+
+ if (!EC_EX_DATA_set_data(&group->extra_data, pre, nistp521_pre_comp_dup,
+ nistp521_pre_comp_free,
+ nistp521_pre_comp_clear_free))
+ goto err;
+ ret = 1;
+ pre = NULL;
+ err:
+ BN_CTX_end(ctx);
+ if (generator != NULL)
+ EC_POINT_free(generator);
+ if (new_ctx != NULL)
+ BN_CTX_free(new_ctx);
+ if (pre)
+ nistp521_pre_comp_free(pre);
+ return ret;
+}
+
+int ec_GFp_nistp521_have_precompute_mult(const EC_GROUP *group)
+{
+ if (EC_EX_DATA_get_data(group->extra_data, nistp521_pre_comp_dup,
+ nistp521_pre_comp_free,
+ nistp521_pre_comp_clear_free)
+ != NULL)
+ return 1;
+ else
+ return 0;
+}
+
+#else
+static void *dummy = &dummy;
+#endif
Copied: trunk/crypto/openssl/crypto/ec/ecp_nistputil.c (from rev 7117, vendor-crypto/openssl/dist/crypto/ec/ecp_nistputil.c)
===================================================================
--- trunk/crypto/openssl/crypto/ec/ecp_nistputil.c (rev 0)
+++ trunk/crypto/openssl/crypto/ec/ecp_nistputil.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,218 @@
+/* crypto/ec/ecp_nistputil.c */
+/*
+ * Written by Bodo Moeller for the OpenSSL project.
+ */
+/* Copyright 2011 Google Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ *
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <openssl/opensslconf.h>
+#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
+
+/*
+ * Common utility functions for ecp_nistp224.c, ecp_nistp256.c, ecp_nistp521.c.
+ */
+
+# include <stddef.h>
+# include "ec_lcl.h"
+
+/*
+ * Convert an array of points into affine coordinates. (If the point at
+ * infinity is found (Z = 0), it remains unchanged.) This function is
+ * essentially an equivalent to EC_POINTs_make_affine(), but works with the
+ * internal representation of points as used by ecp_nistp###.c rather than
+ * with (BIGNUM-based) EC_POINT data structures. point_array is the
+ * input/output buffer ('num' points in projective form, i.e. three
+ * coordinates each), based on an internal representation of field elements
+ * of size 'felem_size'. tmp_felems needs to point to a temporary array of
+ * 'num'+1 field elements for storage of intermediate values.
+ */
+void ec_GFp_nistp_points_make_affine_internal(size_t num, void *point_array,
+ size_t felem_size,
+ void *tmp_felems,
+ void (*felem_one) (void *out),
+ int (*felem_is_zero) (const void
+ *in),
+ void (*felem_assign) (void *out,
+ const void
+ *in),
+ void (*felem_square) (void *out,
+ const void
+ *in),
+ void (*felem_mul) (void *out,
+ const void
+ *in1,
+ const void
+ *in2),
+ void (*felem_inv) (void *out,
+ const void
+ *in),
+ void (*felem_contract) (void
+ *out,
+ const
+ void
+ *in))
+{
+ int i = 0;
+
+# define tmp_felem(I) (&((char *)tmp_felems)[(I) * felem_size])
+# define X(I) (&((char *)point_array)[3*(I) * felem_size])
+# define Y(I) (&((char *)point_array)[(3*(I) + 1) * felem_size])
+# define Z(I) (&((char *)point_array)[(3*(I) + 2) * felem_size])
+
+ if (!felem_is_zero(Z(0)))
+ felem_assign(tmp_felem(0), Z(0));
+ else
+ felem_one(tmp_felem(0));
+ for (i = 1; i < (int)num; i++) {
+ if (!felem_is_zero(Z(i)))
+ felem_mul(tmp_felem(i), tmp_felem(i - 1), Z(i));
+ else
+ felem_assign(tmp_felem(i), tmp_felem(i - 1));
+ }
+ /*
+ * Now each tmp_felem(i) is the product of Z(0) .. Z(i), skipping any
+ * zero-valued factors: if Z(i) = 0, we essentially pretend that Z(i) = 1
+ */
+
+ felem_inv(tmp_felem(num - 1), tmp_felem(num - 1));
+ for (i = num - 1; i >= 0; i--) {
+ if (i > 0)
+ /*
+ * tmp_felem(i-1) is the product of Z(0) .. Z(i-1), tmp_felem(i)
+ * is the inverse of the product of Z(0) .. Z(i)
+ */
+ /* 1/Z(i) */
+ felem_mul(tmp_felem(num), tmp_felem(i - 1), tmp_felem(i));
+ else
+ felem_assign(tmp_felem(num), tmp_felem(0)); /* 1/Z(0) */
+
+ if (!felem_is_zero(Z(i))) {
+ if (i > 0)
+ /*
+ * For next iteration, replace tmp_felem(i-1) by its inverse
+ */
+ felem_mul(tmp_felem(i - 1), tmp_felem(i), Z(i));
+
+ /*
+ * Convert point (X, Y, Z) into affine form (X/(Z^2), Y/(Z^3), 1)
+ */
+ felem_square(Z(i), tmp_felem(num)); /* 1/(Z^2) */
+ felem_mul(X(i), X(i), Z(i)); /* X/(Z^2) */
+ felem_mul(Z(i), Z(i), tmp_felem(num)); /* 1/(Z^3) */
+ felem_mul(Y(i), Y(i), Z(i)); /* Y/(Z^3) */
+ felem_contract(X(i), X(i));
+ felem_contract(Y(i), Y(i));
+ felem_one(Z(i));
+ } else {
+ if (i > 0)
+ /*
+ * For next iteration, replace tmp_felem(i-1) by its inverse
+ */
+ felem_assign(tmp_felem(i - 1), tmp_felem(i));
+ }
+ }
+}
+
+/*-
+ * This function looks at 5+1 scalar bits (5 current, 1 adjacent less
+ * significant bit), and recodes them into a signed digit for use in fast point
+ * multiplication: the use of signed rather than unsigned digits means that
+ * fewer points need to be precomputed, given that point inversion is easy
+ * (a precomputed point dP makes -dP available as well).
+ *
+ * BACKGROUND:
+ *
+ * Signed digits for multiplication were introduced by Booth ("A signed binary
+ * multiplication technique", Quart. Journ. Mech. and Applied Math., vol. IV,
+ * pt. 2 (1951), pp. 236-240), in that case for multiplication of integers.
+ * Booth's original encoding did not generally improve the density of nonzero
+ * digits over the binary representation, and was merely meant to simplify the
+ * handling of signed factors given in two's complement; but it has since been
+ * shown to be the basis of various signed-digit representations that do have
+ * further advantages, including the wNAF, using the following general approach:
+ *
+ * (1) Given a binary representation
+ *
+ * b_k ... b_2 b_1 b_0,
+ *
+ * of a nonnegative integer (b_k in {0, 1}), rewrite it in digits 0, 1, -1
+ * by using bit-wise subtraction as follows:
+ *
+ * b_k b_(k-1) ... b_2 b_1 b_0
+ * - b_k ... b_3 b_2 b_1 b_0
+ * -------------------------------------
+ * s_k b_(k-1) ... s_3 s_2 s_1 s_0
+ *
+ * A left-shift followed by subtraction of the original value yields a new
+ * representation of the same value, using signed bits s_i = b_(i+1) - b_i.
+ * This representation from Booth's paper has since appeared in the
+ * literature under a variety of different names including "reversed binary
+ * form", "alternating greedy expansion", "mutual opposite form", and
+ * "sign-alternating {+-1}-representation".
+ *
+ * An interesting property is that among the nonzero bits, values 1 and -1
+ * strictly alternate.
+ *
+ * (2) Various window schemes can be applied to the Booth representation of
+ * integers: for example, right-to-left sliding windows yield the wNAF
+ * (a signed-digit encoding independently discovered by various researchers
+ * in the 1990s), and left-to-right sliding windows yield a left-to-right
+ * equivalent of the wNAF (independently discovered by various researchers
+ * around 2004).
+ *
+ * To prevent leaking information through side channels in point multiplication,
+ * we need to recode the given integer into a regular pattern: sliding windows
+ * as in wNAFs won't do, we need their fixed-window equivalent -- which is a few
+ * decades older: we'll be using the so-called "modified Booth encoding" due to
+ * MacSorley ("High-speed arithmetic in binary computers", Proc. IRE, vol. 49
+ * (1961), pp. 67-91), in a radix-2^5 setting. That is, we always combine five
+ * signed bits into a signed digit:
+ *
+ * s_(4j + 4) s_(4j + 3) s_(4j + 2) s_(4j + 1) s_(4j)
+ *
+ * The sign-alternating property implies that the resulting digit values are
+ * integers from -16 to 16.
+ *
+ * Of course, we don't actually need to compute the signed digits s_i as an
+ * intermediate step (that's just a nice way to see how this scheme relates
+ * to the wNAF): a direct computation obtains the recoded digit from the
+ * six bits b_(4j + 4) ... b_(4j - 1).
+ *
+ * This function takes those five bits as an integer (0 .. 63), writing the
+ * recoded digit to *sign (0 for positive, 1 for negative) and *digit (absolute
+ * value, in the range 0 .. 8). Note that this integer essentially provides the
+ * input bits "shifted to the left" by one position: for example, the input to
+ * compute the least significant recoded digit, given that there's no bit b_-1,
+ * has to be b_4 b_3 b_2 b_1 b_0 0.
+ *
+ */
+void ec_GFp_nistp_recode_scalar_bits(unsigned char *sign,
+ unsigned char *digit, unsigned char in)
+{
+ unsigned char s, d;
+
+ s = ~((in >> 5) - 1); /* sets all bits to MSB(in), 'in' seen as
+ * 6-bit value */
+ d = (1 << 6) - in - 1;
+ d = (d & s) | (in & ~s);
+ d = (d >> 1) + (d & 1);
+
+ *sign = s & 1;
+ *digit = d;
+}
+#else
+static void *dummy = &dummy;
+#endif
Copied: trunk/crypto/openssl/crypto/ec/ecp_oct.c (from rev 7117, vendor-crypto/openssl/dist/crypto/ec/ecp_oct.c)
===================================================================
--- trunk/crypto/openssl/crypto/ec/ecp_oct.c (rev 0)
+++ trunk/crypto/openssl/crypto/ec/ecp_oct.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,428 @@
+/* crypto/ec/ecp_oct.c */
+/*
+ * Includes code written by Lenka Fibikova <fibikova at exp-math.uni-essen.de>
+ * for the OpenSSL project. Includes code written by Bodo Moeller for the
+ * OpenSSL project.
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * Portions of this software developed by SUN MICROSYSTEMS, INC.,
+ * and contributed to the OpenSSL project.
+ */
+
+#include <openssl/err.h>
+#include <openssl/symhacks.h>
+
+#include "ec_lcl.h"
+
+int ec_GFp_simple_set_compressed_coordinates(const EC_GROUP *group,
+ EC_POINT *point,
+ const BIGNUM *x_, int y_bit,
+ BN_CTX *ctx)
+{
+ BN_CTX *new_ctx = NULL;
+ BIGNUM *tmp1, *tmp2, *x, *y;
+ int ret = 0;
+
+ /* clear error queue */
+ ERR_clear_error();
+
+ if (ctx == NULL) {
+ ctx = new_ctx = BN_CTX_new();
+ if (ctx == NULL)
+ return 0;
+ }
+
+ y_bit = (y_bit != 0);
+
+ BN_CTX_start(ctx);
+ tmp1 = BN_CTX_get(ctx);
+ tmp2 = BN_CTX_get(ctx);
+ x = BN_CTX_get(ctx);
+ y = BN_CTX_get(ctx);
+ if (y == NULL)
+ goto err;
+
+ /*-
+ * Recover y. We have a Weierstrass equation
+ * y^2 = x^3 + a*x + b,
+ * so y is one of the square roots of x^3 + a*x + b.
+ */
+
+ /* tmp1 := x^3 */
+ if (!BN_nnmod(x, x_, &group->field, ctx))
+ goto err;
+ if (group->meth->field_decode == 0) {
+ /* field_{sqr,mul} work on standard representation */
+ if (!group->meth->field_sqr(group, tmp2, x_, ctx))
+ goto err;
+ if (!group->meth->field_mul(group, tmp1, tmp2, x_, ctx))
+ goto err;
+ } else {
+ if (!BN_mod_sqr(tmp2, x_, &group->field, ctx))
+ goto err;
+ if (!BN_mod_mul(tmp1, tmp2, x_, &group->field, ctx))
+ goto err;
+ }
+
+ /* tmp1 := tmp1 + a*x */
+ if (group->a_is_minus3) {
+ if (!BN_mod_lshift1_quick(tmp2, x, &group->field))
+ goto err;
+ if (!BN_mod_add_quick(tmp2, tmp2, x, &group->field))
+ goto err;
+ if (!BN_mod_sub_quick(tmp1, tmp1, tmp2, &group->field))
+ goto err;
+ } else {
+ if (group->meth->field_decode) {
+ if (!group->meth->field_decode(group, tmp2, &group->a, ctx))
+ goto err;
+ if (!BN_mod_mul(tmp2, tmp2, x, &group->field, ctx))
+ goto err;
+ } else {
+ /* field_mul works on standard representation */
+ if (!group->meth->field_mul(group, tmp2, &group->a, x, ctx))
+ goto err;
+ }
+
+ if (!BN_mod_add_quick(tmp1, tmp1, tmp2, &group->field))
+ goto err;
+ }
+
+ /* tmp1 := tmp1 + b */
+ if (group->meth->field_decode) {
+ if (!group->meth->field_decode(group, tmp2, &group->b, ctx))
+ goto err;
+ if (!BN_mod_add_quick(tmp1, tmp1, tmp2, &group->field))
+ goto err;
+ } else {
+ if (!BN_mod_add_quick(tmp1, tmp1, &group->b, &group->field))
+ goto err;
+ }
+
+ if (!BN_mod_sqrt(y, tmp1, &group->field, ctx)) {
+ unsigned long err = ERR_peek_last_error();
+
+ if (ERR_GET_LIB(err) == ERR_LIB_BN
+ && ERR_GET_REASON(err) == BN_R_NOT_A_SQUARE) {
+ ERR_clear_error();
+ ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES,
+ EC_R_INVALID_COMPRESSED_POINT);
+ } else
+ ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES,
+ ERR_R_BN_LIB);
+ goto err;
+ }
+
+ if (y_bit != BN_is_odd(y)) {
+ if (BN_is_zero(y)) {
+ int kron;
+
+ kron = BN_kronecker(x, &group->field, ctx);
+ if (kron == -2)
+ goto err;
+
+ if (kron == 1)
+ ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES,
+ EC_R_INVALID_COMPRESSION_BIT);
+ else
+ /*
+ * BN_mod_sqrt() should have cought this error (not a square)
+ */
+ ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES,
+ EC_R_INVALID_COMPRESSED_POINT);
+ goto err;
+ }
+ if (!BN_usub(y, &group->field, y))
+ goto err;
+ }
+ if (y_bit != BN_is_odd(y)) {
+ ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES,
+ ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+
+ if (!EC_POINT_set_affine_coordinates_GFp(group, point, x, y, ctx))
+ goto err;
+
+ ret = 1;
+
+ err:
+ BN_CTX_end(ctx);
+ if (new_ctx != NULL)
+ BN_CTX_free(new_ctx);
+ return ret;
+}
+
+size_t ec_GFp_simple_point2oct(const EC_GROUP *group, const EC_POINT *point,
+ point_conversion_form_t form,
+ unsigned char *buf, size_t len, BN_CTX *ctx)
+{
+ size_t ret;
+ BN_CTX *new_ctx = NULL;
+ int used_ctx = 0;
+ BIGNUM *x, *y;
+ size_t field_len, i, skip;
+
+ if ((form != POINT_CONVERSION_COMPRESSED)
+ && (form != POINT_CONVERSION_UNCOMPRESSED)
+ && (form != POINT_CONVERSION_HYBRID)) {
+ ECerr(EC_F_EC_GFP_SIMPLE_POINT2OCT, EC_R_INVALID_FORM);
+ goto err;
+ }
+
+ if (EC_POINT_is_at_infinity(group, point)) {
+ /* encodes to a single 0 octet */
+ if (buf != NULL) {
+ if (len < 1) {
+ ECerr(EC_F_EC_GFP_SIMPLE_POINT2OCT, EC_R_BUFFER_TOO_SMALL);
+ return 0;
+ }
+ buf[0] = 0;
+ }
+ return 1;
+ }
+
+ /* ret := required output buffer length */
+ field_len = BN_num_bytes(&group->field);
+ ret =
+ (form ==
+ POINT_CONVERSION_COMPRESSED) ? 1 + field_len : 1 + 2 * field_len;
+
+ /* if 'buf' is NULL, just return required length */
+ if (buf != NULL) {
+ if (len < ret) {
+ ECerr(EC_F_EC_GFP_SIMPLE_POINT2OCT, EC_R_BUFFER_TOO_SMALL);
+ goto err;
+ }
+
+ if (ctx == NULL) {
+ ctx = new_ctx = BN_CTX_new();
+ if (ctx == NULL)
+ return 0;
+ }
+
+ BN_CTX_start(ctx);
+ used_ctx = 1;
+ x = BN_CTX_get(ctx);
+ y = BN_CTX_get(ctx);
+ if (y == NULL)
+ goto err;
+
+ if (!EC_POINT_get_affine_coordinates_GFp(group, point, x, y, ctx))
+ goto err;
+
+ if ((form == POINT_CONVERSION_COMPRESSED
+ || form == POINT_CONVERSION_HYBRID) && BN_is_odd(y))
+ buf[0] = form + 1;
+ else
+ buf[0] = form;
+
+ i = 1;
+
+ skip = field_len - BN_num_bytes(x);
+ if (skip > field_len) {
+ ECerr(EC_F_EC_GFP_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+ while (skip > 0) {
+ buf[i++] = 0;
+ skip--;
+ }
+ skip = BN_bn2bin(x, buf + i);
+ i += skip;
+ if (i != 1 + field_len) {
+ ECerr(EC_F_EC_GFP_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+
+ if (form == POINT_CONVERSION_UNCOMPRESSED
+ || form == POINT_CONVERSION_HYBRID) {
+ skip = field_len - BN_num_bytes(y);
+ if (skip > field_len) {
+ ECerr(EC_F_EC_GFP_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+ while (skip > 0) {
+ buf[i++] = 0;
+ skip--;
+ }
+ skip = BN_bn2bin(y, buf + i);
+ i += skip;
+ }
+
+ if (i != ret) {
+ ECerr(EC_F_EC_GFP_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+ }
+
+ if (used_ctx)
+ BN_CTX_end(ctx);
+ if (new_ctx != NULL)
+ BN_CTX_free(new_ctx);
+ return ret;
+
+ err:
+ if (used_ctx)
+ BN_CTX_end(ctx);
+ if (new_ctx != NULL)
+ BN_CTX_free(new_ctx);
+ return 0;
+}
+
+int ec_GFp_simple_oct2point(const EC_GROUP *group, EC_POINT *point,
+ const unsigned char *buf, size_t len, BN_CTX *ctx)
+{
+ point_conversion_form_t form;
+ int y_bit;
+ BN_CTX *new_ctx = NULL;
+ BIGNUM *x, *y;
+ size_t field_len, enc_len;
+ int ret = 0;
+
+ if (len == 0) {
+ ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_BUFFER_TOO_SMALL);
+ return 0;
+ }
+ form = buf[0];
+ y_bit = form & 1;
+ form = form & ~1U;
+ if ((form != 0) && (form != POINT_CONVERSION_COMPRESSED)
+ && (form != POINT_CONVERSION_UNCOMPRESSED)
+ && (form != POINT_CONVERSION_HYBRID)) {
+ ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
+ return 0;
+ }
+ if ((form == 0 || form == POINT_CONVERSION_UNCOMPRESSED) && y_bit) {
+ ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
+ return 0;
+ }
+
+ if (form == 0) {
+ if (len != 1) {
+ ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
+ return 0;
+ }
+
+ return EC_POINT_set_to_infinity(group, point);
+ }
+
+ field_len = BN_num_bytes(&group->field);
+ enc_len =
+ (form ==
+ POINT_CONVERSION_COMPRESSED) ? 1 + field_len : 1 + 2 * field_len;
+
+ if (len != enc_len) {
+ ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
+ return 0;
+ }
+
+ if (ctx == NULL) {
+ ctx = new_ctx = BN_CTX_new();
+ if (ctx == NULL)
+ return 0;
+ }
+
+ BN_CTX_start(ctx);
+ x = BN_CTX_get(ctx);
+ y = BN_CTX_get(ctx);
+ if (y == NULL)
+ goto err;
+
+ if (!BN_bin2bn(buf + 1, field_len, x))
+ goto err;
+ if (BN_ucmp(x, &group->field) >= 0) {
+ ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
+ goto err;
+ }
+
+ if (form == POINT_CONVERSION_COMPRESSED) {
+ if (!EC_POINT_set_compressed_coordinates_GFp
+ (group, point, x, y_bit, ctx))
+ goto err;
+ } else {
+ if (!BN_bin2bn(buf + 1 + field_len, field_len, y))
+ goto err;
+ if (BN_ucmp(y, &group->field) >= 0) {
+ ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
+ goto err;
+ }
+ if (form == POINT_CONVERSION_HYBRID) {
+ if (y_bit != BN_is_odd(y)) {
+ ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
+ goto err;
+ }
+ }
+
+ if (!EC_POINT_set_affine_coordinates_GFp(group, point, x, y, ctx))
+ goto err;
+ }
+
+ /* test required by X9.62 */
+ if (EC_POINT_is_on_curve(group, point, ctx) <= 0) {
+ ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_POINT_IS_NOT_ON_CURVE);
+ goto err;
+ }
+
+ ret = 1;
+
+ err:
+ BN_CTX_end(ctx);
+ if (new_ctx != NULL)
+ BN_CTX_free(new_ctx);
+ return ret;
+}
Modified: trunk/crypto/openssl/crypto/ec/ecp_smpl.c
===================================================================
--- trunk/crypto/openssl/crypto/ec/ecp_smpl.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/ec/ecp_smpl.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -66,11 +66,16 @@
#include <openssl/err.h>
#include <openssl/symhacks.h>
+#ifdef OPENSSL_FIPS
+# include <openssl/fips.h>
+#endif
+
#include "ec_lcl.h"
const EC_METHOD *EC_GFp_simple_method(void)
{
static const EC_METHOD ret = {
+ EC_FLAGS_DEFAULT_OCT,
NID_X9_62_prime_field,
ec_GFp_simple_group_init,
ec_GFp_simple_group_finish,
@@ -89,9 +94,7 @@
ec_GFp_simple_get_Jprojective_coordinates_GFp,
ec_GFp_simple_point_set_affine_coordinates,
ec_GFp_simple_point_get_affine_coordinates,
- ec_GFp_simple_set_compressed_coordinates,
- ec_GFp_simple_point2oct,
- ec_GFp_simple_oct2point,
+ 0, 0, 0,
ec_GFp_simple_add,
ec_GFp_simple_dbl,
ec_GFp_simple_invert,
@@ -111,6 +114,11 @@
0 /* field_set_to_one */
};
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode())
+ return fips_ec_gfp_simple_method();
+#endif
+
return &ret;
}
@@ -640,365 +648,6 @@
return ret;
}
-int ec_GFp_simple_set_compressed_coordinates(const EC_GROUP *group,
- EC_POINT *point,
- const BIGNUM *x_, int y_bit,
- BN_CTX *ctx)
-{
- BN_CTX *new_ctx = NULL;
- BIGNUM *tmp1, *tmp2, *x, *y;
- int ret = 0;
-
- /* clear error queue */
- ERR_clear_error();
-
- if (ctx == NULL) {
- ctx = new_ctx = BN_CTX_new();
- if (ctx == NULL)
- return 0;
- }
-
- y_bit = (y_bit != 0);
-
- BN_CTX_start(ctx);
- tmp1 = BN_CTX_get(ctx);
- tmp2 = BN_CTX_get(ctx);
- x = BN_CTX_get(ctx);
- y = BN_CTX_get(ctx);
- if (y == NULL)
- goto err;
-
- /*-
- * Recover y. We have a Weierstrass equation
- * y^2 = x^3 + a*x + b,
- * so y is one of the square roots of x^3 + a*x + b.
- */
-
- /* tmp1 := x^3 */
- if (!BN_nnmod(x, x_, &group->field, ctx))
- goto err;
- if (group->meth->field_decode == 0) {
- /* field_{sqr,mul} work on standard representation */
- if (!group->meth->field_sqr(group, tmp2, x_, ctx))
- goto err;
- if (!group->meth->field_mul(group, tmp1, tmp2, x_, ctx))
- goto err;
- } else {
- if (!BN_mod_sqr(tmp2, x_, &group->field, ctx))
- goto err;
- if (!BN_mod_mul(tmp1, tmp2, x_, &group->field, ctx))
- goto err;
- }
-
- /* tmp1 := tmp1 + a*x */
- if (group->a_is_minus3) {
- if (!BN_mod_lshift1_quick(tmp2, x, &group->field))
- goto err;
- if (!BN_mod_add_quick(tmp2, tmp2, x, &group->field))
- goto err;
- if (!BN_mod_sub_quick(tmp1, tmp1, tmp2, &group->field))
- goto err;
- } else {
- if (group->meth->field_decode) {
- if (!group->meth->field_decode(group, tmp2, &group->a, ctx))
- goto err;
- if (!BN_mod_mul(tmp2, tmp2, x, &group->field, ctx))
- goto err;
- } else {
- /* field_mul works on standard representation */
- if (!group->meth->field_mul(group, tmp2, &group->a, x, ctx))
- goto err;
- }
-
- if (!BN_mod_add_quick(tmp1, tmp1, tmp2, &group->field))
- goto err;
- }
-
- /* tmp1 := tmp1 + b */
- if (group->meth->field_decode) {
- if (!group->meth->field_decode(group, tmp2, &group->b, ctx))
- goto err;
- if (!BN_mod_add_quick(tmp1, tmp1, tmp2, &group->field))
- goto err;
- } else {
- if (!BN_mod_add_quick(tmp1, tmp1, &group->b, &group->field))
- goto err;
- }
-
- if (!BN_mod_sqrt(y, tmp1, &group->field, ctx)) {
- unsigned long err = ERR_peek_last_error();
-
- if (ERR_GET_LIB(err) == ERR_LIB_BN
- && ERR_GET_REASON(err) == BN_R_NOT_A_SQUARE) {
- ERR_clear_error();
- ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES,
- EC_R_INVALID_COMPRESSED_POINT);
- } else
- ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES,
- ERR_R_BN_LIB);
- goto err;
- }
-
- if (y_bit != BN_is_odd(y)) {
- if (BN_is_zero(y)) {
- int kron;
-
- kron = BN_kronecker(x, &group->field, ctx);
- if (kron == -2)
- goto err;
-
- if (kron == 1)
- ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES,
- EC_R_INVALID_COMPRESSION_BIT);
- else
- /*
- * BN_mod_sqrt() should have cought this error (not a square)
- */
- ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES,
- EC_R_INVALID_COMPRESSED_POINT);
- goto err;
- }
- if (!BN_usub(y, &group->field, y))
- goto err;
- }
- if (y_bit != BN_is_odd(y)) {
- ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES,
- ERR_R_INTERNAL_ERROR);
- goto err;
- }
-
- if (!EC_POINT_set_affine_coordinates_GFp(group, point, x, y, ctx))
- goto err;
-
- ret = 1;
-
- err:
- BN_CTX_end(ctx);
- if (new_ctx != NULL)
- BN_CTX_free(new_ctx);
- return ret;
-}
-
-size_t ec_GFp_simple_point2oct(const EC_GROUP *group, const EC_POINT *point,
- point_conversion_form_t form,
- unsigned char *buf, size_t len, BN_CTX *ctx)
-{
- size_t ret;
- BN_CTX *new_ctx = NULL;
- int used_ctx = 0;
- BIGNUM *x, *y;
- size_t field_len, i, skip;
-
- if ((form != POINT_CONVERSION_COMPRESSED)
- && (form != POINT_CONVERSION_UNCOMPRESSED)
- && (form != POINT_CONVERSION_HYBRID)) {
- ECerr(EC_F_EC_GFP_SIMPLE_POINT2OCT, EC_R_INVALID_FORM);
- goto err;
- }
-
- if (EC_POINT_is_at_infinity(group, point)) {
- /* encodes to a single 0 octet */
- if (buf != NULL) {
- if (len < 1) {
- ECerr(EC_F_EC_GFP_SIMPLE_POINT2OCT, EC_R_BUFFER_TOO_SMALL);
- return 0;
- }
- buf[0] = 0;
- }
- return 1;
- }
-
- /* ret := required output buffer length */
- field_len = BN_num_bytes(&group->field);
- ret =
- (form ==
- POINT_CONVERSION_COMPRESSED) ? 1 + field_len : 1 + 2 * field_len;
-
- /* if 'buf' is NULL, just return required length */
- if (buf != NULL) {
- if (len < ret) {
- ECerr(EC_F_EC_GFP_SIMPLE_POINT2OCT, EC_R_BUFFER_TOO_SMALL);
- goto err;
- }
-
- if (ctx == NULL) {
- ctx = new_ctx = BN_CTX_new();
- if (ctx == NULL)
- return 0;
- }
-
- BN_CTX_start(ctx);
- used_ctx = 1;
- x = BN_CTX_get(ctx);
- y = BN_CTX_get(ctx);
- if (y == NULL)
- goto err;
-
- if (!EC_POINT_get_affine_coordinates_GFp(group, point, x, y, ctx))
- goto err;
-
- if ((form == POINT_CONVERSION_COMPRESSED
- || form == POINT_CONVERSION_HYBRID) && BN_is_odd(y))
- buf[0] = form + 1;
- else
- buf[0] = form;
-
- i = 1;
-
- skip = field_len - BN_num_bytes(x);
- if (skip > field_len) {
- ECerr(EC_F_EC_GFP_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR);
- goto err;
- }
- while (skip > 0) {
- buf[i++] = 0;
- skip--;
- }
- skip = BN_bn2bin(x, buf + i);
- i += skip;
- if (i != 1 + field_len) {
- ECerr(EC_F_EC_GFP_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR);
- goto err;
- }
-
- if (form == POINT_CONVERSION_UNCOMPRESSED
- || form == POINT_CONVERSION_HYBRID) {
- skip = field_len - BN_num_bytes(y);
- if (skip > field_len) {
- ECerr(EC_F_EC_GFP_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR);
- goto err;
- }
- while (skip > 0) {
- buf[i++] = 0;
- skip--;
- }
- skip = BN_bn2bin(y, buf + i);
- i += skip;
- }
-
- if (i != ret) {
- ECerr(EC_F_EC_GFP_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR);
- goto err;
- }
- }
-
- if (used_ctx)
- BN_CTX_end(ctx);
- if (new_ctx != NULL)
- BN_CTX_free(new_ctx);
- return ret;
-
- err:
- if (used_ctx)
- BN_CTX_end(ctx);
- if (new_ctx != NULL)
- BN_CTX_free(new_ctx);
- return 0;
-}
-
-int ec_GFp_simple_oct2point(const EC_GROUP *group, EC_POINT *point,
- const unsigned char *buf, size_t len, BN_CTX *ctx)
-{
- point_conversion_form_t form;
- int y_bit;
- BN_CTX *new_ctx = NULL;
- BIGNUM *x, *y;
- size_t field_len, enc_len;
- int ret = 0;
-
- if (len == 0) {
- ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_BUFFER_TOO_SMALL);
- return 0;
- }
- form = buf[0];
- y_bit = form & 1;
- form = form & ~1U;
- if ((form != 0) && (form != POINT_CONVERSION_COMPRESSED)
- && (form != POINT_CONVERSION_UNCOMPRESSED)
- && (form != POINT_CONVERSION_HYBRID)) {
- ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
- return 0;
- }
- if ((form == 0 || form == POINT_CONVERSION_UNCOMPRESSED) && y_bit) {
- ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
- return 0;
- }
-
- if (form == 0) {
- if (len != 1) {
- ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
- return 0;
- }
-
- return EC_POINT_set_to_infinity(group, point);
- }
-
- field_len = BN_num_bytes(&group->field);
- enc_len =
- (form ==
- POINT_CONVERSION_COMPRESSED) ? 1 + field_len : 1 + 2 * field_len;
-
- if (len != enc_len) {
- ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
- return 0;
- }
-
- if (ctx == NULL) {
- ctx = new_ctx = BN_CTX_new();
- if (ctx == NULL)
- return 0;
- }
-
- BN_CTX_start(ctx);
- x = BN_CTX_get(ctx);
- y = BN_CTX_get(ctx);
- if (y == NULL)
- goto err;
-
- if (!BN_bin2bn(buf + 1, field_len, x))
- goto err;
- if (BN_ucmp(x, &group->field) >= 0) {
- ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
- goto err;
- }
-
- if (form == POINT_CONVERSION_COMPRESSED) {
- if (!EC_POINT_set_compressed_coordinates_GFp
- (group, point, x, y_bit, ctx))
- goto err;
- } else {
- if (!BN_bin2bn(buf + 1 + field_len, field_len, y))
- goto err;
- if (BN_ucmp(y, &group->field) >= 0) {
- ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
- goto err;
- }
- if (form == POINT_CONVERSION_HYBRID) {
- if (y_bit != BN_is_odd(y)) {
- ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
- goto err;
- }
- }
-
- if (!EC_POINT_set_affine_coordinates_GFp(group, point, x, y, ctx))
- goto err;
- }
-
- /* test required by X9.62 */
- if (EC_POINT_is_on_curve(group, point, ctx) <= 0) {
- ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_POINT_IS_NOT_ON_CURVE);
- goto err;
- }
-
- ret = 1;
-
- err:
- BN_CTX_end(ctx);
- if (new_ctx != NULL)
- BN_CTX_free(new_ctx);
- return ret;
-}
-
int ec_GFp_simple_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
const EC_POINT *b, BN_CTX *ctx)
{
Modified: trunk/crypto/openssl/crypto/ec/ectest.c
===================================================================
--- trunk/crypto/openssl/crypto/ec/ectest.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/ec/ectest.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -96,6 +96,7 @@
# include <openssl/objects.h>
# include <openssl/rand.h>
# include <openssl/bn.h>
+# include <openssl/opensslconf.h>
# if defined(_MSC_VER) && defined(_MIPS_) && (_MSC_VER/100==12)
/* suppress "too big too optimize" warning */
@@ -109,10 +110,6 @@
EXIT(1); \
} while (0)
-void prime_field_tests(void);
-void char2_field_tests(void);
-void internal_curve_test(void);
-
# define TIMING_BASE_PT 0
# define TIMING_RAND_PT 1
# define TIMING_SIMUL 2
@@ -208,8 +205,120 @@
}
# endif
-void prime_field_tests()
+/* test multiplication with group order, long and negative scalars */
+static void group_order_tests(EC_GROUP *group)
{
+ BIGNUM *n1, *n2, *order;
+ EC_POINT *P = EC_POINT_new(group);
+ EC_POINT *Q = EC_POINT_new(group);
+ BN_CTX *ctx = BN_CTX_new();
+ int i;
+
+ n1 = BN_new();
+ n2 = BN_new();
+ order = BN_new();
+ fprintf(stdout, "verify group order ...");
+ fflush(stdout);
+ if (!EC_GROUP_get_order(group, order, ctx))
+ ABORT;
+ if (!EC_POINT_mul(group, Q, order, NULL, NULL, ctx))
+ ABORT;
+ if (!EC_POINT_is_at_infinity(group, Q))
+ ABORT;
+ fprintf(stdout, ".");
+ fflush(stdout);
+ if (!EC_GROUP_precompute_mult(group, ctx))
+ ABORT;
+ if (!EC_POINT_mul(group, Q, order, NULL, NULL, ctx))
+ ABORT;
+ if (!EC_POINT_is_at_infinity(group, Q))
+ ABORT;
+ fprintf(stdout, " ok\n");
+ fprintf(stdout, "long/negative scalar tests ");
+ for (i = 1; i <= 2; i++) {
+ const BIGNUM *scalars[6];
+ const EC_POINT *points[6];
+
+ fprintf(stdout, i == 1 ?
+ "allowing precomputation ... " :
+ "without precomputation ... ");
+ if (!BN_set_word(n1, i))
+ ABORT;
+ /*
+ * If i == 1, P will be the predefined generator for which
+ * EC_GROUP_precompute_mult has set up precomputation.
+ */
+ if (!EC_POINT_mul(group, P, n1, NULL, NULL, ctx))
+ ABORT;
+
+ if (!BN_one(n1))
+ ABORT;
+ /* n1 = 1 - order */
+ if (!BN_sub(n1, n1, order))
+ ABORT;
+ if (!EC_POINT_mul(group, Q, NULL, P, n1, ctx))
+ ABORT;
+ if (0 != EC_POINT_cmp(group, Q, P, ctx))
+ ABORT;
+
+ /* n2 = 1 + order */
+ if (!BN_add(n2, order, BN_value_one()))
+ ABORT;
+ if (!EC_POINT_mul(group, Q, NULL, P, n2, ctx))
+ ABORT;
+ if (0 != EC_POINT_cmp(group, Q, P, ctx))
+ ABORT;
+
+ /* n2 = (1 - order) * (1 + order) = 1 - order^2 */
+ if (!BN_mul(n2, n1, n2, ctx))
+ ABORT;
+ if (!EC_POINT_mul(group, Q, NULL, P, n2, ctx))
+ ABORT;
+ if (0 != EC_POINT_cmp(group, Q, P, ctx))
+ ABORT;
+
+ /* n2 = order^2 - 1 */
+ BN_set_negative(n2, 0);
+ if (!EC_POINT_mul(group, Q, NULL, P, n2, ctx))
+ ABORT;
+ /* Add P to verify the result. */
+ if (!EC_POINT_add(group, Q, Q, P, ctx))
+ ABORT;
+ if (!EC_POINT_is_at_infinity(group, Q))
+ ABORT;
+
+ /* Exercise EC_POINTs_mul, including corner cases. */
+ if (EC_POINT_is_at_infinity(group, P))
+ ABORT;
+ scalars[0] = n1;
+ points[0] = Q; /* => infinity */
+ scalars[1] = n2;
+ points[1] = P; /* => -P */
+ scalars[2] = n1;
+ points[2] = Q; /* => infinity */
+ scalars[3] = n2;
+ points[3] = Q; /* => infinity */
+ scalars[4] = n1;
+ points[4] = P; /* => P */
+ scalars[5] = n2;
+ points[5] = Q; /* => infinity */
+ if (!EC_POINTs_mul(group, P, NULL, 6, points, scalars, ctx))
+ ABORT;
+ if (!EC_POINT_is_at_infinity(group, P))
+ ABORT;
+ }
+ fprintf(stdout, "ok\n");
+
+ EC_POINT_free(P);
+ EC_POINT_free(Q);
+ BN_free(n1);
+ BN_free(n2);
+ BN_free(order);
+ BN_CTX_free(ctx);
+}
+
+static void prime_field_tests(void)
+{
BN_CTX *ctx = NULL;
BIGNUM *p, *a, *b;
EC_GROUP *group;
@@ -367,7 +476,7 @@
ABORT;
if (0 != EC_POINT_cmp(group, P, Q, ctx))
ABORT;
- fprintf(stdout, "Generator as octect string, compressed form:\n ");
+ fprintf(stdout, "Generator as octet string, compressed form:\n ");
for (i = 0; i < len; i++)
fprintf(stdout, "%02X", buf[i]);
@@ -380,8 +489,7 @@
ABORT;
if (0 != EC_POINT_cmp(group, P, Q, ctx))
ABORT;
- fprintf(stdout,
- "\nGenerator as octect string, uncompressed form:\n ");
+ fprintf(stdout, "\nGenerator as octet string, uncompressed form:\n ");
for (i = 0; i < len; i++)
fprintf(stdout, "%02X", buf[i]);
@@ -394,7 +502,7 @@
ABORT;
if (0 != EC_POINT_cmp(group, P, Q, ctx))
ABORT;
- fprintf(stdout, "\nGenerator as octect string, hybrid form:\n ");
+ fprintf(stdout, "\nGenerator as octet string, hybrid form:\n ");
for (i = 0; i < len; i++)
fprintf(stdout, "%02X", buf[i]);
@@ -461,23 +569,7 @@
ABORT;
fprintf(stdout, " ok\n");
- fprintf(stdout, "verify group order ...");
- fflush(stdout);
- if (!EC_GROUP_get_order(group, z, ctx))
- ABORT;
- if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx))
- ABORT;
- if (!EC_POINT_is_at_infinity(group, Q))
- ABORT;
- fprintf(stdout, ".");
- fflush(stdout);
- if (!EC_GROUP_precompute_mult(group, ctx))
- ABORT;
- if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx))
- ABORT;
- if (!EC_POINT_is_at_infinity(group, Q))
- ABORT;
- fprintf(stdout, " ok\n");
+ group_order_tests(group);
if (!(P_160 = EC_GROUP_new(EC_GROUP_method_of(group))))
ABORT;
@@ -526,25 +618,7 @@
ABORT;
fprintf(stdout, " ok\n");
- fprintf(stdout, "verify group order ...");
- fflush(stdout);
- if (!EC_GROUP_get_order(group, z, ctx))
- ABORT;
- if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx))
- ABORT;
- if (!EC_POINT_is_at_infinity(group, Q))
- ABORT;
- fprintf(stdout, ".");
- fflush(stdout);
-# if 0
- if (!EC_GROUP_precompute_mult(group, ctx))
- ABORT;
-# endif
- if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx))
- ABORT;
- if (!EC_POINT_is_at_infinity(group, Q))
- ABORT;
- fprintf(stdout, " ok\n");
+ group_order_tests(group);
if (!(P_192 = EC_GROUP_new(EC_GROUP_method_of(group))))
ABORT;
@@ -599,25 +673,7 @@
ABORT;
fprintf(stdout, " ok\n");
- fprintf(stdout, "verify group order ...");
- fflush(stdout);
- if (!EC_GROUP_get_order(group, z, ctx))
- ABORT;
- if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx))
- ABORT;
- if (!EC_POINT_is_at_infinity(group, Q))
- ABORT;
- fprintf(stdout, ".");
- fflush(stdout);
-# if 0
- if (!EC_GROUP_precompute_mult(group, ctx))
- ABORT;
-# endif
- if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx))
- ABORT;
- if (!EC_POINT_is_at_infinity(group, Q))
- ABORT;
- fprintf(stdout, " ok\n");
+ group_order_tests(group);
if (!(P_224 = EC_GROUP_new(EC_GROUP_method_of(group))))
ABORT;
@@ -677,25 +733,7 @@
ABORT;
fprintf(stdout, " ok\n");
- fprintf(stdout, "verify group order ...");
- fflush(stdout);
- if (!EC_GROUP_get_order(group, z, ctx))
- ABORT;
- if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx))
- ABORT;
- if (!EC_POINT_is_at_infinity(group, Q))
- ABORT;
- fprintf(stdout, ".");
- fflush(stdout);
-# if 0
- if (!EC_GROUP_precompute_mult(group, ctx))
- ABORT;
-# endif
- if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx))
- ABORT;
- if (!EC_POINT_is_at_infinity(group, Q))
- ABORT;
- fprintf(stdout, " ok\n");
+ group_order_tests(group);
if (!(P_256 = EC_GROUP_new(EC_GROUP_method_of(group))))
ABORT;
@@ -750,25 +788,7 @@
ABORT;
fprintf(stdout, " ok\n");
- fprintf(stdout, "verify group order ...");
- fflush(stdout);
- if (!EC_GROUP_get_order(group, z, ctx))
- ABORT;
- if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx))
- ABORT;
- if (!EC_POINT_is_at_infinity(group, Q))
- ABORT;
- fprintf(stdout, ".");
- fflush(stdout);
-# if 0
- if (!EC_GROUP_precompute_mult(group, ctx))
- ABORT;
-# endif
- if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx))
- ABORT;
- if (!EC_POINT_is_at_infinity(group, Q))
- ABORT;
- fprintf(stdout, " ok\n");
+ group_order_tests(group);
if (!(P_384 = EC_GROUP_new(EC_GROUP_method_of(group))))
ABORT;
@@ -829,25 +849,7 @@
ABORT;
fprintf(stdout, " ok\n");
- fprintf(stdout, "verify group order ...");
- fflush(stdout);
- if (!EC_GROUP_get_order(group, z, ctx))
- ABORT;
- if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx))
- ABORT;
- if (!EC_POINT_is_at_infinity(group, Q))
- ABORT;
- fprintf(stdout, ".");
- fflush(stdout);
-# if 0
- if (!EC_GROUP_precompute_mult(group, ctx))
- ABORT;
-# endif
- if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx))
- ABORT;
- if (!EC_POINT_is_at_infinity(group, Q))
- ABORT;
- fprintf(stdout, " ok\n");
+ group_order_tests(group);
if (!(P_521 = EC_GROUP_new(EC_GROUP_method_of(group))))
ABORT;
@@ -886,6 +888,8 @@
points[2] = Q;
points[3] = Q;
+ if (!EC_GROUP_get_order(group, z, ctx))
+ ABORT;
if (!BN_add(y, z, BN_value_one()))
ABORT;
if (BN_is_odd(y))
@@ -1042,21 +1046,13 @@
fprintf(stdout, "verify degree ..."); \
if (EC_GROUP_get_degree(group) != _degree) ABORT; \
fprintf(stdout, " ok\n"); \
- fprintf(stdout, "verify group order ..."); \
- fflush(stdout); \
- if (!EC_GROUP_get_order(group, z, ctx)) ABORT; \
- if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT; \
- if (!EC_POINT_is_at_infinity(group, Q)) ABORT; \
- fprintf(stdout, "."); \
- fflush(stdout); \
- /* if (!EC_GROUP_precompute_mult(group, ctx)) ABORT; */ \
- if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT; \
- if (!EC_POINT_is_at_infinity(group, Q)) ABORT; \
- fprintf(stdout, " ok\n"); \
+ group_order_tests(group); \
if (!(_variable = EC_GROUP_new(EC_GROUP_method_of(group)))) ABORT; \
- if (!EC_GROUP_copy(_variable, group)) ABORT;
+ if (!EC_GROUP_copy(_variable, group)) ABORT; \
-void char2_field_tests()
+# ifndef OPENSSL_NO_EC2M
+
+static void char2_field_tests(void)
{
BN_CTX *ctx = NULL;
BIGNUM *p, *a, *b;
@@ -1071,11 +1067,11 @@
size_t i, len;
int k;
-# if 1 /* optional */
+# if 1 /* optional */
ctx = BN_CTX_new();
if (!ctx)
ABORT;
-# endif
+# endif
p = BN_new();
a = BN_new();
@@ -1152,21 +1148,21 @@
if (!BN_hex2bn(&x, "6"))
ABORT;
/* Change test based on whether binary point compression is enabled or not. */
-# ifdef OPENSSL_EC_BIN_PT_COMP
+# ifdef OPENSSL_EC_BIN_PT_COMP
if (!EC_POINT_set_compressed_coordinates_GF2m(group, Q, x, 1, ctx))
ABORT;
-# else
+# else
if (!BN_hex2bn(&y, "8"))
ABORT;
if (!EC_POINT_set_affine_coordinates_GF2m(group, Q, x, y, ctx))
ABORT;
-# endif
+# endif
if (EC_POINT_is_on_curve(group, Q, ctx) <= 0) {
/* Change test based on whether binary point compression is enabled or not. */
-# ifdef OPENSSL_EC_BIN_PT_COMP
+# ifdef OPENSSL_EC_BIN_PT_COMP
if (!EC_POINT_get_affine_coordinates_GF2m(group, Q, x, y, ctx))
ABORT;
-# endif
+# endif
fprintf(stderr, "Point is not on curve: x = 0x");
BN_print_fp(stderr, x);
fprintf(stderr, ", y = 0x");
@@ -1207,7 +1203,7 @@
ABORT;
/* Change test based on whether binary point compression is enabled or not. */
-# ifdef OPENSSL_EC_BIN_PT_COMP
+# ifdef OPENSSL_EC_BIN_PT_COMP
len =
EC_POINT_point2oct(group, Q, POINT_CONVERSION_COMPRESSED, buf,
sizeof buf, ctx);
@@ -1220,7 +1216,7 @@
fprintf(stdout, "Generator as octet string, compressed form:\n ");
for (i = 0; i < len; i++)
fprintf(stdout, "%02X", buf[i]);
-# endif
+# endif
len =
EC_POINT_point2oct(group, Q, POINT_CONVERSION_UNCOMPRESSED, buf,
@@ -1236,7 +1232,7 @@
fprintf(stdout, "%02X", buf[i]);
/* Change test based on whether binary point compression is enabled or not. */
-# ifdef OPENSSL_EC_BIN_PT_COMP
+# ifdef OPENSSL_EC_BIN_PT_COMP
len =
EC_POINT_point2oct(group, Q, POINT_CONVERSION_HYBRID, buf, sizeof buf,
ctx);
@@ -1249,7 +1245,7 @@
fprintf(stdout, "\nGenerator as octet string, hybrid form:\n ");
for (i = 0; i < len; i++)
fprintf(stdout, "%02X", buf[i]);
-# endif
+# endif
fprintf(stdout, "\n");
@@ -1462,7 +1458,7 @@
fprintf(stdout, " ok\n\n");
}
-# if 0
+# if 0
timings(C2_K163, TIMING_BASE_PT, ctx);
timings(C2_K163, TIMING_RAND_PT, ctx);
timings(C2_K163, TIMING_SIMUL, ctx);
@@ -1493,7 +1489,7 @@
timings(C2_B571, TIMING_BASE_PT, ctx);
timings(C2_B571, TIMING_RAND_PT, ctx);
timings(C2_B571, TIMING_SIMUL, ctx);
-# endif
+# endif
if (ctx)
BN_CTX_free(ctx);
@@ -1531,8 +1527,9 @@
EC_GROUP_free(C2_B571);
}
+# endif
-void internal_curve_test(void)
+static void internal_curve_test(void)
{
EC_builtin_curve *curves = NULL;
size_t crv_len = 0, n = 0;
@@ -1575,13 +1572,251 @@
EC_GROUP_free(group);
}
if (ok)
- fprintf(stdout, " ok\n");
- else
- fprintf(stdout, " failed\n");
+ fprintf(stdout, " ok\n\n");
+ else {
+ fprintf(stdout, " failed\n\n");
+ ABORT;
+ }
OPENSSL_free(curves);
return;
}
+# ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
+/*
+ * nistp_test_params contains magic numbers for testing our optimized
+ * implementations of several NIST curves with characteristic > 3.
+ */
+struct nistp_test_params {
+ const EC_METHOD *(*meth) ();
+ int degree;
+ /*
+ * Qx, Qy and D are taken from
+ * http://csrcdocut.gov/groups/ST/toolkit/documents/Examples/ECDSA_Prime.pdf
+ * Otherwise, values are standard curve parameters from FIPS 180-3
+ */
+ const char *p, *a, *b, *Qx, *Qy, *Gx, *Gy, *order, *d;
+};
+
+static const struct nistp_test_params nistp_tests_params[] = {
+ {
+ /* P-224 */
+ EC_GFp_nistp224_method,
+ 224,
+ /* p */
+ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001",
+ /* a */
+ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE",
+ /* b */
+ "B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4",
+ /* Qx */
+ "E84FB0B8E7000CB657D7973CF6B42ED78B301674276DF744AF130B3E",
+ /* Qy */
+ "4376675C6FC5612C21A0FF2D2A89D2987DF7A2BC52183B5982298555",
+ /* Gx */
+ "B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21",
+ /* Gy */
+ "BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34",
+ /* order */
+ "FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D",
+ /* d */
+ "3F0C488E987C80BE0FEE521F8D90BE6034EC69AE11CA72AA777481E8",
+ },
+ {
+ /* P-256 */
+ EC_GFp_nistp256_method,
+ 256,
+ /* p */
+ "ffffffff00000001000000000000000000000000ffffffffffffffffffffffff",
+ /* a */
+ "ffffffff00000001000000000000000000000000fffffffffffffffffffffffc",
+ /* b */
+ "5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b",
+ /* Qx */
+ "b7e08afdfe94bad3f1dc8c734798ba1c62b3a0ad1e9ea2a38201cd0889bc7a19",
+ /* Qy */
+ "3603f747959dbf7a4bb226e41928729063adc7ae43529e61b563bbc606cc5e09",
+ /* Gx */
+ "6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296",
+ /* Gy */
+ "4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5",
+ /* order */
+ "ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551",
+ /* d */
+ "c477f9f65c22cce20657faa5b2d1d8122336f851a508a1ed04e479c34985bf96",
+ },
+ {
+ /* P-521 */
+ EC_GFp_nistp521_method,
+ 521,
+ /* p */
+ "1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff",
+ /* a */
+ "1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc",
+ /* b */
+ "051953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f00",
+ /* Qx */
+ "0098e91eef9a68452822309c52fab453f5f117c1da8ed796b255e9ab8f6410cca16e59df403a6bdc6ca467a37056b1e54b3005d8ac030decfeb68df18b171885d5c4",
+ /* Qy */
+ "0164350c321aecfc1cca1ba4364c9b15656150b4b78d6a48d7d28e7f31985ef17be8554376b72900712c4b83ad668327231526e313f5f092999a4632fd50d946bc2e",
+ /* Gx */
+ "c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66",
+ /* Gy */
+ "11839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650",
+ /* order */
+ "1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409",
+ /* d */
+ "0100085f47b8e1b8b11b7eb33028c0b2888e304bfc98501955b45bba1478dc184eeedf09b86a5f7c21994406072787205e69a63709fe35aa93ba333514b24f961722",
+ },
+};
+
+static void nistp_single_test(const struct nistp_test_params *test)
+{
+ BN_CTX *ctx;
+ BIGNUM *p, *a, *b, *x, *y, *n, *m, *order;
+ EC_GROUP *NISTP;
+ EC_POINT *G, *P, *Q, *Q_CHECK;
+
+ fprintf(stdout, "\nNIST curve P-%d (optimised implementation):\n",
+ test->degree);
+ ctx = BN_CTX_new();
+ p = BN_new();
+ a = BN_new();
+ b = BN_new();
+ x = BN_new();
+ y = BN_new();
+ m = BN_new();
+ n = BN_new();
+ order = BN_new();
+
+ NISTP = EC_GROUP_new(test->meth());
+ if (!NISTP)
+ ABORT;
+ if (!BN_hex2bn(&p, test->p))
+ ABORT;
+ if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL))
+ ABORT;
+ if (!BN_hex2bn(&a, test->a))
+ ABORT;
+ if (!BN_hex2bn(&b, test->b))
+ ABORT;
+ if (!EC_GROUP_set_curve_GFp(NISTP, p, a, b, ctx))
+ ABORT;
+ G = EC_POINT_new(NISTP);
+ P = EC_POINT_new(NISTP);
+ Q = EC_POINT_new(NISTP);
+ Q_CHECK = EC_POINT_new(NISTP);
+ if (!BN_hex2bn(&x, test->Qx))
+ ABORT;
+ if (!BN_hex2bn(&y, test->Qy))
+ ABORT;
+ if (!EC_POINT_set_affine_coordinates_GFp(NISTP, Q_CHECK, x, y, ctx))
+ ABORT;
+ if (!BN_hex2bn(&x, test->Gx))
+ ABORT;
+ if (!BN_hex2bn(&y, test->Gy))
+ ABORT;
+ if (!EC_POINT_set_affine_coordinates_GFp(NISTP, G, x, y, ctx))
+ ABORT;
+ if (!BN_hex2bn(&order, test->order))
+ ABORT;
+ if (!EC_GROUP_set_generator(NISTP, G, order, BN_value_one()))
+ ABORT;
+
+ fprintf(stdout, "verify degree ... ");
+ if (EC_GROUP_get_degree(NISTP) != test->degree)
+ ABORT;
+ fprintf(stdout, "ok\n");
+
+ fprintf(stdout, "NIST test vectors ... ");
+ if (!BN_hex2bn(&n, test->d))
+ ABORT;
+ /* fixed point multiplication */
+ EC_POINT_mul(NISTP, Q, n, NULL, NULL, ctx);
+ if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
+ ABORT;
+ /* random point multiplication */
+ EC_POINT_mul(NISTP, Q, NULL, G, n, ctx);
+ if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
+ ABORT;
+
+ /* set generator to P = 2*G, where G is the standard generator */
+ if (!EC_POINT_dbl(NISTP, P, G, ctx))
+ ABORT;
+ if (!EC_GROUP_set_generator(NISTP, P, order, BN_value_one()))
+ ABORT;
+ /* set the scalar to m=n/2, where n is the NIST test scalar */
+ if (!BN_rshift(m, n, 1))
+ ABORT;
+
+ /* test the non-standard generator */
+ /* fixed point multiplication */
+ EC_POINT_mul(NISTP, Q, m, NULL, NULL, ctx);
+ if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
+ ABORT;
+ /* random point multiplication */
+ EC_POINT_mul(NISTP, Q, NULL, P, m, ctx);
+ if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
+ ABORT;
+
+ /* now repeat all tests with precomputation */
+ if (!EC_GROUP_precompute_mult(NISTP, ctx))
+ ABORT;
+
+ /* fixed point multiplication */
+ EC_POINT_mul(NISTP, Q, m, NULL, NULL, ctx);
+ if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
+ ABORT;
+ /* random point multiplication */
+ EC_POINT_mul(NISTP, Q, NULL, P, m, ctx);
+ if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
+ ABORT;
+
+ /* reset generator */
+ if (!EC_GROUP_set_generator(NISTP, G, order, BN_value_one()))
+ ABORT;
+ /* fixed point multiplication */
+ EC_POINT_mul(NISTP, Q, n, NULL, NULL, ctx);
+ if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
+ ABORT;
+ /* random point multiplication */
+ EC_POINT_mul(NISTP, Q, NULL, G, n, ctx);
+ if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
+ ABORT;
+
+ fprintf(stdout, "ok\n");
+ group_order_tests(NISTP);
+# if 0
+ timings(NISTP, TIMING_BASE_PT, ctx);
+ timings(NISTP, TIMING_RAND_PT, ctx);
+# endif
+ EC_GROUP_free(NISTP);
+ EC_POINT_free(G);
+ EC_POINT_free(P);
+ EC_POINT_free(Q);
+ EC_POINT_free(Q_CHECK);
+ BN_free(n);
+ BN_free(m);
+ BN_free(p);
+ BN_free(a);
+ BN_free(b);
+ BN_free(x);
+ BN_free(y);
+ BN_free(order);
+ BN_CTX_free(ctx);
+}
+
+static void nistp_tests()
+{
+ unsigned i;
+
+ for (i = 0;
+ i < sizeof(nistp_tests_params) / sizeof(struct nistp_test_params);
+ i++) {
+ nistp_single_test(&nistp_tests_params[i]);
+ }
+}
+# endif
+
static const char rnd_seed[] =
"string to make the random number generator think it has entropy";
@@ -1604,7 +1839,12 @@
prime_field_tests();
puts("");
+# ifndef OPENSSL_NO_EC2M
char2_field_tests();
+# endif
+# ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
+ nistp_tests();
+# endif
/* test the internal curves */
internal_curve_test();
@@ -1613,7 +1853,7 @@
# endif
CRYPTO_cleanup_all_ex_data();
ERR_free_strings();
- ERR_remove_state(0);
+ ERR_remove_thread_state(NULL);
CRYPTO_mem_leaks_fp(stderr);
return 0;
Modified: trunk/crypto/openssl/crypto/ecdh/Makefile
===================================================================
--- trunk/crypto/openssl/crypto/ecdh/Makefile 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/ecdh/Makefile 2015-07-21 23:23:45 UTC (rev 7118)
@@ -34,7 +34,7 @@
all: lib
lib: $(LIBOBJ)
- $(ARX) $(LIB) $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
@@ -62,6 +62,8 @@
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
+update: depend
+
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
@@ -84,17 +86,11 @@
ech_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
ech_err.o: ech_err.c
ech_key.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-ech_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-ech_key.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-ech_key.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-ech_key.o: ../../include/openssl/engine.h ../../include/openssl/evp.h
-ech_key.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-ech_key.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+ech_key.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ech_key.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
ech_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-ech_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-ech_key.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+ech_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
ech_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-ech_key.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
ech_key.o: ech_key.c ech_locl.h
ech_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
ech_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
@@ -101,14 +97,14 @@
ech_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
ech_lib.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
ech_lib.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-ech_lib.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-ech_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-ech_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-ech_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-ech_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-ech_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-ech_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-ech_lib.o: ../../include/openssl/x509_vfy.h ech_lib.c ech_locl.h
+ech_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+ech_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+ech_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+ech_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+ech_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+ech_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ech_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+ech_lib.o: ech_lib.c ech_locl.h
ech_ossl.o: ../../e_os.h ../../include/openssl/asn1.h
ech_ossl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
ech_ossl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
Modified: trunk/crypto/openssl/crypto/ecdh/ecdh.h
===================================================================
--- trunk/crypto/openssl/crypto/ecdh/ecdh.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/ecdh/ecdh.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -111,11 +111,13 @@
/* Error codes for the ECDH functions. */
/* Function codes. */
+# define ECDH_F_ECDH_CHECK 102
# define ECDH_F_ECDH_COMPUTE_KEY 100
# define ECDH_F_ECDH_DATA_NEW_METHOD 101
/* Reason codes. */
# define ECDH_R_KDF_FAILED 102
+# define ECDH_R_NON_FIPS_METHOD 103
# define ECDH_R_NO_PRIVATE_VALUE 100
# define ECDH_R_POINT_ARITHMETIC_FAILURE 101
Modified: trunk/crypto/openssl/crypto/ecdh/ecdhtest.c
===================================================================
--- trunk/crypto/openssl/crypto/ecdh/ecdhtest.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/ecdh/ecdhtest.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -162,12 +162,15 @@
if (!EC_POINT_get_affine_coordinates_GFp
(group, EC_KEY_get0_public_key(a), x_a, y_a, ctx))
goto err;
- } else {
+ }
+# ifndef OPENSSL_NO_EC2M
+ else {
if (!EC_POINT_get_affine_coordinates_GF2m(group,
EC_KEY_get0_public_key(a),
x_a, y_a, ctx))
goto err;
}
+# endif
# ifdef NOISY
BIO_puts(out, " pri 1=");
BN_print(out, a->priv_key);
@@ -189,12 +192,15 @@
if (!EC_POINT_get_affine_coordinates_GFp
(group, EC_KEY_get0_public_key(b), x_b, y_b, ctx))
goto err;
- } else {
+ }
+# ifndef OPENSSL_NO_EC2M
+ else {
if (!EC_POINT_get_affine_coordinates_GF2m(group,
EC_KEY_get0_public_key(b),
x_b, y_b, ctx))
goto err;
}
+# endif
# ifdef NOISY
BIO_puts(out, " pri 2=");
@@ -343,6 +349,7 @@
goto err;
if (!test_ecdh_curve(NID_secp521r1, "NIST Prime-Curve P-521", ctx, out))
goto err;
+# ifndef OPENSSL_NO_EC2M
/* NIST BINARY CURVES TESTS */
if (!test_ecdh_curve(NID_sect163k1, "NIST Binary-Curve K-163", ctx, out))
goto err;
@@ -364,6 +371,7 @@
goto err;
if (!test_ecdh_curve(NID_sect571r1, "NIST Binary-Curve B-571", ctx, out))
goto err;
+# endif
ret = 0;
@@ -373,7 +381,7 @@
BN_CTX_free(ctx);
BIO_free(out);
CRYPTO_cleanup_all_ex_data();
- ERR_remove_state(0);
+ ERR_remove_thread_state(NULL);
CRYPTO_mem_leaks_fp(stderr);
EXIT(ret);
return (ret);
Modified: trunk/crypto/openssl/crypto/ecdh/ech_err.c
===================================================================
--- trunk/crypto/openssl/crypto/ecdh/ech_err.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/ecdh/ech_err.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,6 +1,6 @@
/* crypto/ecdh/ech_err.c */
/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -70,13 +70,15 @@
# define ERR_REASON(reason) ERR_PACK(ERR_LIB_ECDH,0,reason)
static ERR_STRING_DATA ECDH_str_functs[] = {
+ {ERR_FUNC(ECDH_F_ECDH_CHECK), "ECDH_CHECK"},
{ERR_FUNC(ECDH_F_ECDH_COMPUTE_KEY), "ECDH_compute_key"},
- {ERR_FUNC(ECDH_F_ECDH_DATA_NEW_METHOD), "ECDH_DATA_NEW_METHOD"},
+ {ERR_FUNC(ECDH_F_ECDH_DATA_NEW_METHOD), "ECDH_DATA_new_method"},
{0, NULL}
};
static ERR_STRING_DATA ECDH_str_reasons[] = {
{ERR_REASON(ECDH_R_KDF_FAILED), "KDF failed"},
+ {ERR_REASON(ECDH_R_NON_FIPS_METHOD), "non fips method"},
{ERR_REASON(ECDH_R_NO_PRIVATE_VALUE), "no private value"},
{ERR_REASON(ECDH_R_POINT_ARITHMETIC_FAILURE), "point arithmetic failure"},
{0, NULL}
Modified: trunk/crypto/openssl/crypto/ecdh/ech_key.c
===================================================================
--- trunk/crypto/openssl/crypto/ecdh/ech_key.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/ecdh/ech_key.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -68,9 +68,6 @@
*/
#include "ech_locl.h"
-#ifndef OPENSSL_NO_ENGINE
-# include <openssl/engine.h>
-#endif
int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
EC_KEY *eckey,
Modified: trunk/crypto/openssl/crypto/ecdh/ech_lib.c
===================================================================
--- trunk/crypto/openssl/crypto/ecdh/ech_lib.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/ecdh/ech_lib.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -73,6 +73,9 @@
# include <openssl/engine.h>
#endif
#include <openssl/err.h>
+#ifdef OPENSSL_FIPS
+# include <openssl/fips.h>
+#endif
const char ECDH_version[] = "ECDH" OPENSSL_VERSION_PTEXT;
@@ -89,8 +92,16 @@
const ECDH_METHOD *ECDH_get_default_method(void)
{
- if (!default_ECDH_method)
+ if (!default_ECDH_method) {
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode())
+ return FIPS_ecdh_openssl();
+ else
+ return ECDH_OpenSSL();
+#else
default_ECDH_method = ECDH_OpenSSL();
+#endif
+ }
return default_ECDH_method;
}
@@ -103,6 +114,11 @@
if (ecdh == NULL)
return 0;
+#if 0
+ mtmp = ecdh->meth;
+ if (mtmp->finish)
+ mtmp->finish(eckey);
+#endif
#ifndef OPENSSL_NO_ENGINE
if (ecdh->engine) {
ENGINE_finish(ecdh->engine);
@@ -212,6 +228,13 @@
}
} else
ecdh_data = (ECDH_DATA *)data;
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode() && !(ecdh_data->flags & ECDH_FLAG_FIPS_METHOD)
+ && !(EC_KEY_get_flags(key) & EC_FLAG_NON_FIPS_ALLOW)) {
+ ECDHerr(ECDH_F_ECDH_CHECK, ECDH_R_NON_FIPS_METHOD);
+ return NULL;
+ }
+#endif
return ecdh_data;
}
Modified: trunk/crypto/openssl/crypto/ecdh/ech_locl.h
===================================================================
--- trunk/crypto/openssl/crypto/ecdh/ech_locl.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/ecdh/ech_locl.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -76,6 +76,15 @@
char *app_data;
};
+/*
+ * If this flag is set the ECDH method is FIPS compliant and can be used in
+ * FIPS mode. This is set in the validated module method. If an application
+ * sets this flag in its own methods it is its responsibility to ensure the
+ * result is compliant.
+ */
+
+# define ECDH_FLAG_FIPS_METHOD 0x1
+
typedef struct ecdh_data_st {
/* EC_KEY_METH_DATA part */
int (*init) (EC_KEY *);
Modified: trunk/crypto/openssl/crypto/ecdh/ech_ossl.c
===================================================================
--- trunk/crypto/openssl/crypto/ecdh/ech_ossl.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/ecdh/ech_ossl.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -154,12 +154,15 @@
ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ECDH_R_POINT_ARITHMETIC_FAILURE);
goto err;
}
- } else {
+ }
+#ifndef OPENSSL_NO_EC2M
+ else {
if (!EC_POINT_get_affine_coordinates_GF2m(group, tmp, x, y, ctx)) {
ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ECDH_R_POINT_ARITHMETIC_FAILURE);
goto err;
}
}
+#endif
buflen = (EC_GROUP_get_degree(group) + 7) / 8;
len = BN_num_bytes(x);
Modified: trunk/crypto/openssl/crypto/ecdsa/Makefile
===================================================================
--- trunk/crypto/openssl/crypto/ecdsa/Makefile 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/ecdsa/Makefile 2015-07-21 23:23:45 UTC (rev 7118)
@@ -34,7 +34,7 @@
all: lib
lib: $(LIBOBJ)
- $(ARX) $(LIB) $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
@@ -62,6 +62,8 @@
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
+update: depend
+
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
@@ -97,14 +99,13 @@
ecs_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
ecs_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
ecs_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-ecs_lib.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-ecs_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-ecs_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-ecs_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-ecs_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-ecs_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-ecs_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-ecs_lib.o: ecs_lib.c ecs_locl.h
+ecs_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+ecs_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+ecs_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ecs_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+ecs_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ecs_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+ecs_lib.o: ../../include/openssl/x509_vfy.h ecs_lib.c ecs_locl.h
ecs_ossl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
ecs_ossl.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
ecs_ossl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
@@ -119,9 +120,8 @@
ecs_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
ecs_sign.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
ecs_sign.o: ../../include/openssl/engine.h ../../include/openssl/evp.h
-ecs_sign.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-ecs_sign.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-ecs_sign.o: ../../include/openssl/opensslconf.h
+ecs_sign.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+ecs_sign.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
ecs_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
ecs_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
ecs_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
@@ -133,11 +133,10 @@
ecs_vrf.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
ecs_vrf.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
ecs_vrf.o: ../../include/openssl/engine.h ../../include/openssl/evp.h
-ecs_vrf.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-ecs_vrf.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-ecs_vrf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-ecs_vrf.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-ecs_vrf.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-ecs_vrf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-ecs_vrf.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-ecs_vrf.o: ecs_locl.h ecs_vrf.c
+ecs_vrf.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+ecs_vrf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+ecs_vrf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ecs_vrf.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+ecs_vrf.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ecs_vrf.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+ecs_vrf.o: ../../include/openssl/x509_vfy.h ecs_locl.h ecs_vrf.c
Modified: trunk/crypto/openssl/crypto/ecdsa/ecdsa.h
===================================================================
--- trunk/crypto/openssl/crypto/ecdsa/ecdsa.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/ecdsa/ecdsa.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -4,7 +4,7 @@
* \author Written by Nils Larsch for the OpenSSL project
*/
/* ====================================================================
- * Copyright (c) 2000-2003 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -80,71 +80,65 @@
BIGNUM *s;
} ECDSA_SIG;
-/** ECDSA_SIG *ECDSA_SIG_new(void)
- * allocates and initialize a ECDSA_SIG structure
- * \return pointer to a ECDSA_SIG structure or NULL if an error occurred
+/** Allocates and initialize a ECDSA_SIG structure
+ * \return pointer to a ECDSA_SIG structure or NULL if an error occurred
*/
ECDSA_SIG *ECDSA_SIG_new(void);
-/** ECDSA_SIG_free
- * frees a ECDSA_SIG structure
- * \param a pointer to the ECDSA_SIG structure
+/** frees a ECDSA_SIG structure
+ * \param sig pointer to the ECDSA_SIG structure
*/
-void ECDSA_SIG_free(ECDSA_SIG *a);
+void ECDSA_SIG_free(ECDSA_SIG *sig);
-/** i2d_ECDSA_SIG
- * DER encode content of ECDSA_SIG object (note: this function modifies *pp
- * (*pp += length of the DER encoded signature)).
- * \param a pointer to the ECDSA_SIG object
- * \param pp pointer to a unsigned char pointer for the output or NULL
- * \return the length of the DER encoded ECDSA_SIG object or 0
+/** DER encode content of ECDSA_SIG object (note: this function modifies *pp
+ * (*pp += length of the DER encoded signature)).
+ * \param sig pointer to the ECDSA_SIG object
+ * \param pp pointer to a unsigned char pointer for the output or NULL
+ * \return the length of the DER encoded ECDSA_SIG object or 0
*/
-int i2d_ECDSA_SIG(const ECDSA_SIG *a, unsigned char **pp);
+int i2d_ECDSA_SIG(const ECDSA_SIG *sig, unsigned char **pp);
-/** d2i_ECDSA_SIG
- * decodes a DER encoded ECDSA signature (note: this function changes *pp
- * (*pp += len)).
- * \param v pointer to ECDSA_SIG pointer (may be NULL)
- * \param pp buffer with the DER encoded signature
- * \param len bufferlength
- * \return pointer to the decoded ECDSA_SIG structure (or NULL)
+/** Decodes a DER encoded ECDSA signature (note: this function changes *pp
+ * (*pp += len)).
+ * \param sig pointer to ECDSA_SIG pointer (may be NULL)
+ * \param pp memory buffer with the DER encoded signature
+ * \param len length of the buffer
+ * \return pointer to the decoded ECDSA_SIG structure (or NULL)
*/
-ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **v, const unsigned char **pp, long len);
+ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **sig, const unsigned char **pp, long len);
-/** ECDSA_do_sign
- * computes the ECDSA signature of the given hash value using
- * the supplied private key and returns the created signature.
- * \param dgst pointer to the hash value
- * \param dgst_len length of the hash value
- * \param eckey pointer to the EC_KEY object containing a private EC key
- * \return pointer to a ECDSA_SIG structure or NULL
+/** Computes the ECDSA signature of the given hash value using
+ * the supplied private key and returns the created signature.
+ * \param dgst pointer to the hash value
+ * \param dgst_len length of the hash value
+ * \param eckey EC_KEY object containing a private EC key
+ * \return pointer to a ECDSA_SIG structure or NULL if an error occurred
*/
ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dgst_len,
EC_KEY *eckey);
-/** ECDSA_do_sign_ex
- * computes ECDSA signature of a given hash value using the supplied
- * private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
- * \param dgst pointer to the hash value to sign
- * \param dgstlen length of the hash value
- * \param kinv optional pointer to a pre-computed inverse k
- * \param rp optional pointer to the pre-computed rp value (see
- * ECDSA_sign_setup
- * \param eckey pointer to the EC_KEY object containing a private EC key
- * \return pointer to a ECDSA_SIG structure or NULL
+/** Computes ECDSA signature of a given hash value using the supplied
+ * private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
+ * \param dgst pointer to the hash value to sign
+ * \param dgstlen length of the hash value
+ * \param kinv BIGNUM with a pre-computed inverse k (optional)
+ * \param rp BIGNUM with a pre-computed rp value (optioanl),
+ * see ECDSA_sign_setup
+ * \param eckey EC_KEY object containing a private EC key
+ * \return pointer to a ECDSA_SIG structure or NULL if an error occurred
*/
ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst, int dgstlen,
const BIGNUM *kinv, const BIGNUM *rp,
EC_KEY *eckey);
-/** ECDSA_do_verify
- * verifies that the supplied signature is a valid ECDSA
- * signature of the supplied hash value using the supplied public key.
- * \param dgst pointer to the hash value
- * \param dgst_len length of the hash value
- * \param sig pointer to the ECDSA_SIG structure
- * \param eckey pointer to the EC_KEY object containing a public EC key
- * \return 1 if the signature is valid, 0 if the signature is invalid and -1 on error
+/** Verifies that the supplied signature is a valid ECDSA
+ * signature of the supplied hash value using the supplied public key.
+ * \param dgst pointer to the hash value
+ * \param dgst_len length of the hash value
+ * \param sig ECDSA_SIG structure
+ * \param eckey EC_KEY object containing a public EC key
+ * \return 1 if the signature is valid, 0 if the signature is invalid
+ * and -1 on error
*/
int ECDSA_do_verify(const unsigned char *dgst, int dgst_len,
const ECDSA_SIG *sig, EC_KEY *eckey);
@@ -151,85 +145,78 @@
const ECDSA_METHOD *ECDSA_OpenSSL(void);
-/** ECDSA_set_default_method
- * sets the default ECDSA method
- * \param meth the new default ECDSA_METHOD
+/** Sets the default ECDSA method
+ * \param meth new default ECDSA_METHOD
*/
void ECDSA_set_default_method(const ECDSA_METHOD *meth);
-/** ECDSA_get_default_method
- * returns the default ECDSA method
- * \return pointer to ECDSA_METHOD structure containing the default method
+/** Returns the default ECDSA method
+ * \return pointer to ECDSA_METHOD structure containing the default method
*/
const ECDSA_METHOD *ECDSA_get_default_method(void);
-/** ECDSA_set_method
- * sets method to be used for the ECDSA operations
- * \param eckey pointer to the EC_KEY object
- * \param meth pointer to the new method
- * \return 1 on success and 0 otherwise
+/** Sets method to be used for the ECDSA operations
+ * \param eckey EC_KEY object
+ * \param meth new method
+ * \return 1 on success and 0 otherwise
*/
int ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth);
-/** ECDSA_size
- * returns the maximum length of the DER encoded signature
- * \param eckey pointer to a EC_KEY object
- * \return numbers of bytes required for the DER encoded signature
+/** Returns the maximum length of the DER encoded signature
+ * \param eckey EC_KEY object
+ * \return numbers of bytes required for the DER encoded signature
*/
int ECDSA_size(const EC_KEY *eckey);
-/** ECDSA_sign_setup
- * precompute parts of the signing operation.
- * \param eckey pointer to the EC_KEY object containing a private EC key
- * \param ctx pointer to a BN_CTX object (may be NULL)
- * \param kinv pointer to a BIGNUM pointer for the inverse of k
- * \param rp pointer to a BIGNUM pointer for x coordinate of k * generator
- * \return 1 on success and 0 otherwise
+/** Precompute parts of the signing operation
+ * \param eckey EC_KEY object containing a private EC key
+ * \param ctx BN_CTX object (optional)
+ * \param kinv BIGNUM pointer for the inverse of k
+ * \param rp BIGNUM pointer for x coordinate of k * generator
+ * \return 1 on success and 0 otherwise
*/
int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv, BIGNUM **rp);
-/** ECDSA_sign
- * computes ECDSA signature of a given hash value using the supplied
- * private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
- * \param type this parameter is ignored
- * \param dgst pointer to the hash value to sign
- * \param dgstlen length of the hash value
- * \param sig buffer to hold the DER encoded signature
- * \param siglen pointer to the length of the returned signature
- * \param eckey pointer to the EC_KEY object containing a private EC key
- * \return 1 on success and 0 otherwise
+/** Computes ECDSA signature of a given hash value using the supplied
+ * private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
+ * \param type this parameter is ignored
+ * \param dgst pointer to the hash value to sign
+ * \param dgstlen length of the hash value
+ * \param sig memory for the DER encoded created signature
+ * \param siglen pointer to the length of the returned signature
+ * \param eckey EC_KEY object containing a private EC key
+ * \return 1 on success and 0 otherwise
*/
int ECDSA_sign(int type, const unsigned char *dgst, int dgstlen,
unsigned char *sig, unsigned int *siglen, EC_KEY *eckey);
-/** ECDSA_sign_ex
- * computes ECDSA signature of a given hash value using the supplied
- * private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
- * \param type this parameter is ignored
- * \param dgst pointer to the hash value to sign
- * \param dgstlen length of the hash value
- * \param sig buffer to hold the DER encoded signature
- * \param siglen pointer to the length of the returned signature
- * \param kinv optional pointer to a pre-computed inverse k
- * \param rp optional pointer to the pre-computed rp value (see
- * ECDSA_sign_setup
- * \param eckey pointer to the EC_KEY object containing a private EC key
- * \return 1 on success and 0 otherwise
+/** Computes ECDSA signature of a given hash value using the supplied
+ * private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
+ * \param type this parameter is ignored
+ * \param dgst pointer to the hash value to sign
+ * \param dgstlen length of the hash value
+ * \param sig buffer to hold the DER encoded signature
+ * \param siglen pointer to the length of the returned signature
+ * \param kinv BIGNUM with a pre-computed inverse k (optional)
+ * \param rp BIGNUM with a pre-computed rp value (optioanl),
+ * see ECDSA_sign_setup
+ * \param eckey EC_KEY object containing a private EC key
+ * \return 1 on success and 0 otherwise
*/
int ECDSA_sign_ex(int type, const unsigned char *dgst, int dgstlen,
unsigned char *sig, unsigned int *siglen,
const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *eckey);
-/** ECDSA_verify
- * verifies that the given signature is valid ECDSA signature
- * of the supplied hash value using the specified public key.
- * \param type this parameter is ignored
- * \param dgst pointer to the hash value
- * \param dgstlen length of the hash value
- * \param sig pointer to the DER encoded signature
- * \param siglen length of the DER encoded signature
- * \param eckey pointer to the EC_KEY object containing a public EC key
- * \return 1 if the signature is valid, 0 if the signature is invalid and -1 on error
+/** Verifies that the given signature is valid ECDSA signature
+ * of the supplied hash value using the specified public key.
+ * \param type this parameter is ignored
+ * \param dgst pointer to the hash value
+ * \param dgstlen length of the hash value
+ * \param sig pointer to the DER encoded signature
+ * \param siglen length of the DER encoded signature
+ * \param eckey EC_KEY object containing a public EC key
+ * \return 1 if the signature is valid, 0 if the signature is invalid
+ * and -1 on error
*/
int ECDSA_verify(int type, const unsigned char *dgst, int dgstlen,
const unsigned char *sig, int siglen, EC_KEY *eckey);
@@ -251,6 +238,7 @@
/* Error codes for the ECDSA functions. */
/* Function codes. */
+# define ECDSA_F_ECDSA_CHECK 104
# define ECDSA_F_ECDSA_DATA_NEW_METHOD 100
# define ECDSA_F_ECDSA_DO_SIGN 101
# define ECDSA_F_ECDSA_DO_VERIFY 102
@@ -262,6 +250,7 @@
# define ECDSA_R_ERR_EC_LIB 102
# define ECDSA_R_MISSING_PARAMETERS 103
# define ECDSA_R_NEED_NEW_SETUP_VALUES 106
+# define ECDSA_R_NON_FIPS_METHOD 107
# define ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED 104
# define ECDSA_R_SIGNATURE_MALLOC_FAILED 105
Modified: trunk/crypto/openssl/crypto/ecdsa/ecdsatest.c
===================================================================
--- trunk/crypto/openssl/crypto/ecdsa/ecdsatest.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/ecdsa/ecdsatest.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -261,6 +261,7 @@
"3238135532097973577080787768312505059318910517550078427819"
"78505179448783"))
goto x962_err;
+# ifndef OPENSSL_NO_EC2M
if (!x9_62_test_internal(out, NID_X9_62_c2tnb191v1,
"87194383164871543355722284926904419997237591535066528048",
"308992691965804947361541664549085895292153777025772063598"))
@@ -271,7 +272,7 @@
"1970303740007316867383349976549972270528498040721988191026"
"49413465737174"))
goto x962_err;
-
+# endif
ret = 1;
x962_err:
if (!restore_rand())
@@ -295,8 +296,8 @@
int nid, ret = 0;
/* fill digest values with some random data */
- if (!RAND_pseudo_bytes(digest, 20) ||
- !RAND_pseudo_bytes(wrong_digest, 20)) {
+ if (RAND_pseudo_bytes(digest, 20) <= 0 ||
+ RAND_pseudo_bytes(wrong_digest, 20) <= 0) {
BIO_printf(out, "ERROR: unable to get random data\n");
goto builtin_err;
}
@@ -545,7 +546,7 @@
if (ret)
ERR_print_errors(out);
CRYPTO_cleanup_all_ex_data();
- ERR_remove_state(0);
+ ERR_remove_thread_state(NULL);
ERR_free_strings();
CRYPTO_mem_leaks(out);
if (out != NULL)
Modified: trunk/crypto/openssl/crypto/ecdsa/ecs_err.c
===================================================================
--- trunk/crypto/openssl/crypto/ecdsa/ecs_err.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/ecdsa/ecs_err.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,6 +1,6 @@
/* crypto/ecdsa/ecs_err.c */
/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -70,6 +70,7 @@
# define ERR_REASON(reason) ERR_PACK(ERR_LIB_ECDSA,0,reason)
static ERR_STRING_DATA ECDSA_str_functs[] = {
+ {ERR_FUNC(ECDSA_F_ECDSA_CHECK), "ECDSA_CHECK"},
{ERR_FUNC(ECDSA_F_ECDSA_DATA_NEW_METHOD), "ECDSA_DATA_NEW_METHOD"},
{ERR_FUNC(ECDSA_F_ECDSA_DO_SIGN), "ECDSA_do_sign"},
{ERR_FUNC(ECDSA_F_ECDSA_DO_VERIFY), "ECDSA_do_verify"},
@@ -84,6 +85,7 @@
{ERR_REASON(ECDSA_R_ERR_EC_LIB), "err ec lib"},
{ERR_REASON(ECDSA_R_MISSING_PARAMETERS), "missing parameters"},
{ERR_REASON(ECDSA_R_NEED_NEW_SETUP_VALUES), "need new setup values"},
+ {ERR_REASON(ECDSA_R_NON_FIPS_METHOD), "non fips method"},
{ERR_REASON(ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED),
"random number generation failed"},
{ERR_REASON(ECDSA_R_SIGNATURE_MALLOC_FAILED), "signature malloc failed"},
Modified: trunk/crypto/openssl/crypto/ecdsa/ecs_lib.c
===================================================================
--- trunk/crypto/openssl/crypto/ecdsa/ecs_lib.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/ecdsa/ecs_lib.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -60,6 +60,9 @@
#endif
#include <openssl/err.h>
#include <openssl/bn.h>
+#ifdef OPENSSL_FIPS
+# include <openssl/fips.h>
+#endif
const char ECDSA_version[] = "ECDSA" OPENSSL_VERSION_PTEXT;
@@ -76,8 +79,16 @@
const ECDSA_METHOD *ECDSA_get_default_method(void)
{
- if (!default_ECDSA_method)
+ if (!default_ECDSA_method) {
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode())
+ return FIPS_ecdsa_openssl();
+ else
+ return ECDSA_OpenSSL();
+#else
default_ECDSA_method = ECDSA_OpenSSL();
+#endif
+ }
return default_ECDSA_method;
}
@@ -195,6 +206,13 @@
}
} else
ecdsa_data = (ECDSA_DATA *)data;
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode() && !(ecdsa_data->flags & ECDSA_FLAG_FIPS_METHOD)
+ && !(EC_KEY_get_flags(key) & EC_FLAG_NON_FIPS_ALLOW)) {
+ ECDSAerr(ECDSA_F_ECDSA_CHECK, ECDSA_R_NON_FIPS_METHOD);
+ return NULL;
+ }
+#endif
return ecdsa_data;
}
Modified: trunk/crypto/openssl/crypto/ecdsa/ecs_locl.h
===================================================================
--- trunk/crypto/openssl/crypto/ecdsa/ecs_locl.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/ecdsa/ecs_locl.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -82,6 +82,15 @@
char *app_data;
};
+/*
+ * If this flag is set the ECDSA method is FIPS compliant and can be used in
+ * FIPS mode. This is set in the validated module method. If an application
+ * sets this flag in its own methods it is its responsibility to ensure the
+ * result is compliant.
+ */
+
+# define ECDSA_FLAG_FIPS_METHOD 0x1
+
typedef struct ecdsa_data_st {
/* EC_KEY_METH_DATA part */
int (*init) (EC_KEY *);
Modified: trunk/crypto/openssl/crypto/ecdsa/ecs_ossl.c
===================================================================
--- trunk/crypto/openssl/crypto/ecdsa/ecs_ossl.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/ecdsa/ecs_ossl.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -159,7 +159,9 @@
ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB);
goto err;
}
- } else { /* NID_X9_62_characteristic_two_field */
+ }
+#ifndef OPENSSL_NO_EC2M
+ else { /* NID_X9_62_characteristic_two_field */
if (!EC_POINT_get_affine_coordinates_GF2m(group,
tmp_point, X, NULL,
@@ -168,6 +170,7 @@
goto err;
}
}
+#endif
if (!BN_nnmod(r, X, order, ctx)) {
ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_BN_LIB);
goto err;
@@ -414,7 +417,9 @@
ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB);
goto err;
}
- } else { /* NID_X9_62_characteristic_two_field */
+ }
+#ifndef OPENSSL_NO_EC2M
+ else { /* NID_X9_62_characteristic_two_field */
if (!EC_POINT_get_affine_coordinates_GF2m(group, point, X, NULL, ctx)) {
ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB);
@@ -421,7 +426,7 @@
goto err;
}
}
-
+#endif
if (!BN_nnmod(u1, X, order, ctx)) {
ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB);
goto err;
Modified: trunk/crypto/openssl/crypto/engine/Makefile
===================================================================
--- trunk/crypto/openssl/crypto/engine/Makefile 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/engine/Makefile 2015-07-21 23:23:45 UTC (rev 7118)
@@ -20,13 +20,15 @@
LIBSRC= eng_err.c eng_lib.c eng_list.c eng_init.c eng_ctrl.c \
eng_table.c eng_pkey.c eng_fat.c eng_all.c \
tb_rsa.c tb_dsa.c tb_ecdsa.c tb_dh.c tb_ecdh.c tb_rand.c tb_store.c \
- tb_cipher.c tb_digest.c \
- eng_openssl.c eng_cnf.c eng_dyn.c eng_cryptodev.c eng_padlock.c
+ tb_cipher.c tb_digest.c tb_pkmeth.c tb_asnmth.c \
+ eng_openssl.c eng_cnf.c eng_dyn.c eng_cryptodev.c \
+ eng_rsax.c eng_rdrand.c
LIBOBJ= eng_err.o eng_lib.o eng_list.o eng_init.o eng_ctrl.o \
eng_table.o eng_pkey.o eng_fat.o eng_all.o \
tb_rsa.o tb_dsa.o tb_ecdsa.o tb_dh.o tb_ecdh.o tb_rand.o tb_store.o \
- tb_cipher.o tb_digest.o \
- eng_openssl.o eng_cnf.o eng_dyn.o eng_cryptodev.o eng_padlock.o
+ tb_cipher.o tb_digest.o tb_pkmeth.o tb_asnmth.o \
+ eng_openssl.o eng_cnf.o eng_dyn.o eng_cryptodev.o \
+ eng_rsax.o eng_rdrand.o
SRC= $(LIBSRC)
@@ -41,7 +43,7 @@
all: lib
lib: $(LIBOBJ)
- $(ARX) $(LIB) $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
@@ -69,6 +71,8 @@
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
+update: depend
+
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
@@ -88,14 +92,13 @@
eng_all.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
eng_all.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
eng_all.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-eng_all.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-eng_all.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-eng_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-eng_all.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-eng_all.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-eng_all.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-eng_all.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-eng_all.o: ../cryptlib.h eng_all.c eng_int.h
+eng_all.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+eng_all.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+eng_all.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+eng_all.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+eng_all.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+eng_all.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+eng_all.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_all.c eng_int.h
eng_cnf.o: ../../e_os.h ../../include/openssl/asn1.h
eng_cnf.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
eng_cnf.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
@@ -102,31 +105,29 @@
eng_cnf.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
eng_cnf.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
eng_cnf.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-eng_cnf.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-eng_cnf.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-eng_cnf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-eng_cnf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-eng_cnf.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-eng_cnf.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-eng_cnf.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-eng_cnf.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_cnf.c eng_int.h
+eng_cnf.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+eng_cnf.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+eng_cnf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+eng_cnf.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+eng_cnf.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+eng_cnf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+eng_cnf.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+eng_cnf.o: ../cryptlib.h eng_cnf.c eng_int.h
eng_cryptodev.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
eng_cryptodev.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-eng_cryptodev.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
-eng_cryptodev.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+eng_cryptodev.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
eng_cryptodev.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
eng_cryptodev.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
-eng_cryptodev.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-eng_cryptodev.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
+eng_cryptodev.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
eng_cryptodev.o: ../../include/openssl/obj_mac.h
eng_cryptodev.o: ../../include/openssl/objects.h
eng_cryptodev.o: ../../include/openssl/opensslconf.h
eng_cryptodev.o: ../../include/openssl/opensslv.h
eng_cryptodev.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-eng_cryptodev.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-eng_cryptodev.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-eng_cryptodev.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-eng_cryptodev.o: ../../include/openssl/x509_vfy.h eng_cryptodev.c
+eng_cryptodev.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+eng_cryptodev.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+eng_cryptodev.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+eng_cryptodev.o: eng_cryptodev.c
eng_ctrl.o: ../../e_os.h ../../include/openssl/asn1.h
eng_ctrl.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
eng_ctrl.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
@@ -133,9 +134,8 @@
eng_ctrl.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
eng_ctrl.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
eng_ctrl.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-eng_ctrl.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-eng_ctrl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-eng_ctrl.o: ../../include/openssl/opensslconf.h
+eng_ctrl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+eng_ctrl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
eng_ctrl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
eng_ctrl.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
eng_ctrl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
@@ -147,27 +147,27 @@
eng_dyn.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
eng_dyn.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
eng_dyn.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-eng_dyn.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-eng_dyn.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-eng_dyn.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-eng_dyn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-eng_dyn.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-eng_dyn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-eng_dyn.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-eng_dyn.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_dyn.c eng_int.h
+eng_dyn.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+eng_dyn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+eng_dyn.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+eng_dyn.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+eng_dyn.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+eng_dyn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+eng_dyn.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+eng_dyn.o: ../cryptlib.h eng_dyn.c eng_int.h
eng_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
eng_err.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
eng_err.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
eng_err.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
eng_err.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-eng_err.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-eng_err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-eng_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-eng_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-eng_err.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-eng_err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-eng_err.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-eng_err.o: ../../include/openssl/x509_vfy.h eng_err.c
+eng_err.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+eng_err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+eng_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+eng_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+eng_err.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+eng_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+eng_err.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+eng_err.o: eng_err.c
eng_fat.o: ../../e_os.h ../../include/openssl/asn1.h
eng_fat.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
eng_fat.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
@@ -174,14 +174,14 @@
eng_fat.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
eng_fat.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
eng_fat.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-eng_fat.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-eng_fat.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-eng_fat.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-eng_fat.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-eng_fat.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-eng_fat.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-eng_fat.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-eng_fat.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_fat.c eng_int.h
+eng_fat.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+eng_fat.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+eng_fat.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+eng_fat.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+eng_fat.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+eng_fat.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+eng_fat.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+eng_fat.o: ../cryptlib.h eng_fat.c eng_int.h
eng_init.o: ../../e_os.h ../../include/openssl/asn1.h
eng_init.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
eng_init.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
@@ -188,9 +188,8 @@
eng_init.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
eng_init.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
eng_init.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-eng_init.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-eng_init.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-eng_init.o: ../../include/openssl/opensslconf.h
+eng_init.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+eng_init.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
eng_init.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
eng_init.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
eng_init.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
@@ -202,14 +201,14 @@
eng_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
eng_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
eng_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-eng_lib.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-eng_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-eng_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-eng_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-eng_lib.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
-eng_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-eng_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-eng_lib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_int.h eng_lib.c
+eng_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+eng_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+eng_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+eng_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+eng_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+eng_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+eng_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+eng_lib.o: ../cryptlib.h eng_int.h eng_lib.c
eng_list.o: ../../e_os.h ../../include/openssl/asn1.h
eng_list.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
eng_list.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
@@ -216,9 +215,8 @@
eng_list.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
eng_list.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
eng_list.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-eng_list.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-eng_list.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-eng_list.o: ../../include/openssl/opensslconf.h
+eng_list.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+eng_list.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
eng_list.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
eng_list.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
eng_list.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
@@ -231,9 +229,8 @@
eng_openssl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
eng_openssl.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
eng_openssl.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-eng_openssl.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-eng_openssl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-eng_openssl.o: ../../include/openssl/objects.h
+eng_openssl.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+eng_openssl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
eng_openssl.o: ../../include/openssl/opensslconf.h
eng_openssl.o: ../../include/openssl/opensslv.h
eng_openssl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
@@ -243,22 +240,6 @@
eng_openssl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
eng_openssl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
eng_openssl.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_openssl.c
-eng_padlock.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
-eng_padlock.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-eng_padlock.o: ../../include/openssl/crypto.h ../../include/openssl/dso.h
-eng_padlock.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-eng_padlock.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-eng_padlock.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-eng_padlock.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-eng_padlock.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-eng_padlock.o: ../../include/openssl/objects.h
-eng_padlock.o: ../../include/openssl/opensslconf.h
-eng_padlock.o: ../../include/openssl/opensslv.h
-eng_padlock.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-eng_padlock.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
-eng_padlock.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-eng_padlock.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-eng_padlock.o: ../../include/openssl/x509_vfy.h eng_padlock.c
eng_pkey.o: ../../e_os.h ../../include/openssl/asn1.h
eng_pkey.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
eng_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
@@ -265,14 +246,41 @@
eng_pkey.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
eng_pkey.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
eng_pkey.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-eng_pkey.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-eng_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-eng_pkey.o: ../../include/openssl/opensslconf.h
+eng_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+eng_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
eng_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
eng_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
eng_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
eng_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
eng_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_int.h eng_pkey.c
+eng_rdrand.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+eng_rdrand.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+eng_rdrand.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+eng_rdrand.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+eng_rdrand.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+eng_rdrand.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+eng_rdrand.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+eng_rdrand.o: ../../include/openssl/opensslconf.h
+eng_rdrand.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+eng_rdrand.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+eng_rdrand.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+eng_rdrand.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+eng_rdrand.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+eng_rdrand.o: eng_rdrand.c
+eng_rsax.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+eng_rsax.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+eng_rsax.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+eng_rsax.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+eng_rsax.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+eng_rsax.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+eng_rsax.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+eng_rsax.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+eng_rsax.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+eng_rsax.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+eng_rsax.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+eng_rsax.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+eng_rsax.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+eng_rsax.o: eng_rsax.c
eng_table.o: ../../e_os.h ../../include/openssl/asn1.h
eng_table.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
eng_table.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
@@ -279,8 +287,8 @@
eng_table.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
eng_table.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
eng_table.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-eng_table.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-eng_table.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+eng_table.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+eng_table.o: ../../include/openssl/objects.h
eng_table.o: ../../include/openssl/opensslconf.h
eng_table.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
eng_table.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
@@ -288,6 +296,21 @@
eng_table.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
eng_table.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_int.h
eng_table.o: eng_table.c
+tb_asnmth.o: ../../e_os.h ../../include/openssl/asn1.h
+tb_asnmth.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+tb_asnmth.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+tb_asnmth.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+tb_asnmth.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+tb_asnmth.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+tb_asnmth.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+tb_asnmth.o: ../../include/openssl/objects.h
+tb_asnmth.o: ../../include/openssl/opensslconf.h
+tb_asnmth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+tb_asnmth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+tb_asnmth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+tb_asnmth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+tb_asnmth.o: ../../include/openssl/x509_vfy.h ../asn1/asn1_locl.h ../cryptlib.h
+tb_asnmth.o: eng_int.h tb_asnmth.c
tb_cipher.o: ../../e_os.h ../../include/openssl/asn1.h
tb_cipher.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
tb_cipher.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
@@ -294,8 +317,8 @@
tb_cipher.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
tb_cipher.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
tb_cipher.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-tb_cipher.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-tb_cipher.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+tb_cipher.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+tb_cipher.o: ../../include/openssl/objects.h
tb_cipher.o: ../../include/openssl/opensslconf.h
tb_cipher.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
tb_cipher.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
@@ -308,14 +331,14 @@
tb_dh.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
tb_dh.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
tb_dh.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-tb_dh.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-tb_dh.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-tb_dh.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-tb_dh.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-tb_dh.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-tb_dh.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-tb_dh.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-tb_dh.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_int.h tb_dh.c
+tb_dh.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+tb_dh.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+tb_dh.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+tb_dh.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+tb_dh.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+tb_dh.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+tb_dh.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+tb_dh.o: ../cryptlib.h eng_int.h tb_dh.c
tb_digest.o: ../../e_os.h ../../include/openssl/asn1.h
tb_digest.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
tb_digest.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
@@ -322,8 +345,8 @@
tb_digest.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
tb_digest.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
tb_digest.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-tb_digest.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-tb_digest.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+tb_digest.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+tb_digest.o: ../../include/openssl/objects.h
tb_digest.o: ../../include/openssl/opensslconf.h
tb_digest.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
tb_digest.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
@@ -336,14 +359,14 @@
tb_dsa.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
tb_dsa.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
tb_dsa.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-tb_dsa.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-tb_dsa.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-tb_dsa.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-tb_dsa.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-tb_dsa.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-tb_dsa.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-tb_dsa.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-tb_dsa.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_int.h tb_dsa.c
+tb_dsa.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+tb_dsa.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+tb_dsa.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+tb_dsa.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+tb_dsa.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+tb_dsa.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+tb_dsa.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+tb_dsa.o: ../cryptlib.h eng_int.h tb_dsa.c
tb_ecdh.o: ../../e_os.h ../../include/openssl/asn1.h
tb_ecdh.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
tb_ecdh.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
@@ -350,14 +373,13 @@
tb_ecdh.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
tb_ecdh.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
tb_ecdh.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-tb_ecdh.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-tb_ecdh.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-tb_ecdh.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-tb_ecdh.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-tb_ecdh.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-tb_ecdh.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-tb_ecdh.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-tb_ecdh.o: ../cryptlib.h eng_int.h tb_ecdh.c
+tb_ecdh.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+tb_ecdh.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+tb_ecdh.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+tb_ecdh.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+tb_ecdh.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+tb_ecdh.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+tb_ecdh.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_int.h tb_ecdh.c
tb_ecdsa.o: ../../e_os.h ../../include/openssl/asn1.h
tb_ecdsa.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
tb_ecdsa.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
@@ -364,14 +386,28 @@
tb_ecdsa.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
tb_ecdsa.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
tb_ecdsa.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-tb_ecdsa.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-tb_ecdsa.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-tb_ecdsa.o: ../../include/openssl/opensslconf.h
+tb_ecdsa.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+tb_ecdsa.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
tb_ecdsa.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
tb_ecdsa.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
tb_ecdsa.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
tb_ecdsa.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
tb_ecdsa.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_int.h tb_ecdsa.c
+tb_pkmeth.o: ../../e_os.h ../../include/openssl/asn1.h
+tb_pkmeth.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+tb_pkmeth.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+tb_pkmeth.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+tb_pkmeth.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+tb_pkmeth.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+tb_pkmeth.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+tb_pkmeth.o: ../../include/openssl/objects.h
+tb_pkmeth.o: ../../include/openssl/opensslconf.h
+tb_pkmeth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+tb_pkmeth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+tb_pkmeth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+tb_pkmeth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+tb_pkmeth.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_int.h
+tb_pkmeth.o: tb_pkmeth.c
tb_rand.o: ../../e_os.h ../../include/openssl/asn1.h
tb_rand.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
tb_rand.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
@@ -378,27 +414,26 @@
tb_rand.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
tb_rand.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
tb_rand.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-tb_rand.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-tb_rand.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-tb_rand.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-tb_rand.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-tb_rand.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-tb_rand.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-tb_rand.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-tb_rand.o: ../cryptlib.h eng_int.h tb_rand.c
+tb_rand.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+tb_rand.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+tb_rand.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+tb_rand.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+tb_rand.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+tb_rand.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+tb_rand.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_int.h tb_rand.c
tb_rsa.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
tb_rsa.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
tb_rsa.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
tb_rsa.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
tb_rsa.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-tb_rsa.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-tb_rsa.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-tb_rsa.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-tb_rsa.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-tb_rsa.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-tb_rsa.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-tb_rsa.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-tb_rsa.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_int.h tb_rsa.c
+tb_rsa.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+tb_rsa.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+tb_rsa.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+tb_rsa.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+tb_rsa.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+tb_rsa.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+tb_rsa.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+tb_rsa.o: ../cryptlib.h eng_int.h tb_rsa.c
tb_store.o: ../../e_os.h ../../include/openssl/asn1.h
tb_store.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
tb_store.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
@@ -405,9 +440,8 @@
tb_store.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
tb_store.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
tb_store.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-tb_store.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-tb_store.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-tb_store.o: ../../include/openssl/opensslconf.h
+tb_store.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+tb_store.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
tb_store.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
tb_store.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
tb_store.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
Modified: trunk/crypto/openssl/crypto/engine/eng_all.c
===================================================================
--- trunk/crypto/openssl/crypto/engine/eng_all.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/engine/eng_all.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -62,6 +62,9 @@
void ENGINE_load_builtin_engines(void)
{
+ /* Some ENGINEs need this */
+ OPENSSL_cpuid_setup();
+#if 0
/*
* There's no longer any need for an "openssl" ENGINE unless, one day, it
* is the *only* way for standard builtin implementations to be be
@@ -68,12 +71,17 @@
* accessed (ie. it would be possible to statically link binaries with
* *no* builtin implementations).
*/
-#if 0
ENGINE_load_openssl();
#endif
-#if !defined(OPENSSL_NO_HW) && !defined(OPENSSL_NO_HW_PADLOCK)
- ENGINE_load_padlock();
+#if !defined(OPENSSL_NO_HW) && (defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV))
+ ENGINE_load_cryptodev();
#endif
+#ifndef OPENSSL_NO_RSAX
+ ENGINE_load_rsax();
+#endif
+#ifndef OPENSSL_NO_RDRAND
+ ENGINE_load_rdrand();
+#endif
ENGINE_load_dynamic();
#ifndef OPENSSL_NO_STATIC_ENGINE
# ifndef OPENSSL_NO_HW
@@ -101,8 +109,14 @@
# ifndef OPENSSL_NO_HW_UBSEC
ENGINE_load_ubsec();
# endif
+# ifndef OPENSSL_NO_HW_PADLOCK
+ ENGINE_load_padlock();
+# endif
# endif
-# if !defined(OPENSSL_NO_GMP) && !defined(OPENSSL_NO_HW_GMP)
+# ifndef OPENSSL_NO_GOST
+ ENGINE_load_gost();
+# endif
+# ifndef OPENSSL_NO_GMP
ENGINE_load_gmp();
# endif
# if defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_NO_CAPIENG)
@@ -109,14 +123,10 @@
ENGINE_load_capi();
# endif
#endif
-#ifndef OPENSSL_NO_HW
-# if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV)
- ENGINE_load_cryptodev();
-# endif
-#endif
+ ENGINE_register_all_complete();
}
-#if defined(__OpenBSD__) || defined(__FreeBSD__)
+#if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV)
void ENGINE_setup_bsd_cryptodev(void)
{
static int bsd_cryptodev_default_loaded = 0;
Modified: trunk/crypto/openssl/crypto/engine/eng_cryptodev.c
===================================================================
--- trunk/crypto/openssl/crypto/engine/eng_cryptodev.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/engine/eng_cryptodev.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -30,10 +30,6 @@
#include <openssl/engine.h>
#include <openssl/evp.h>
#include <openssl/bn.h>
-#include <openssl/dsa.h>
-#include <openssl/rsa.h>
-#include <openssl/dh.h>
-#include <openssl/err.h>
#if (defined(__unix__) || defined(unix)) && !defined(USG) && \
(defined(OpenBSD) || defined(__FreeBSD__))
@@ -58,6 +54,10 @@
# include <sys/types.h>
# include <crypto/cryptodev.h>
+# include <crypto/dh/dh.h>
+# include <crypto/dsa/dsa.h>
+# include <crypto/err/err.h>
+# include <crypto/rsa/rsa.h>
# include <sys/ioctl.h>
# include <errno.h>
# include <stdio.h>
@@ -71,6 +71,12 @@
struct dev_crypto_state {
struct session_op d_sess;
int d_fd;
+# ifdef USE_CRYPTODEV_DIGESTS
+ char dummy_mac_key[HASH_MAX_LEN];
+ unsigned char digest_res[HASH_MAX_LEN];
+ char *mac_data;
+ int mac_len;
+# endif
};
static u_int32_t cryptodev_asymfeat = 0;
@@ -78,17 +84,14 @@
static int get_asym_dev_crypto(void);
static int open_dev_crypto(void);
static int get_dev_crypto(void);
-static int cryptodev_max_iv(int cipher);
-static int cryptodev_key_length_valid(int cipher, int len);
-static int cipher_nid_to_cryptodev(int nid);
static int get_cryptodev_ciphers(const int **cnids);
-/*
- * static int get_cryptodev_digests(const int **cnids);
- */
+# ifdef USE_CRYPTODEV_DIGESTS
+static int get_cryptodev_digests(const int **cnids);
+# endif
static int cryptodev_usable_ciphers(const int **nids);
static int cryptodev_usable_digests(const int **nids);
static int cryptodev_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, unsigned int inl);
+ const unsigned char *in, size_t inl);
static int cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc);
static int cryptodev_cleanup(EVP_CIPHER_CTX *ctx);
@@ -125,7 +128,8 @@
BN_MONT_CTX *m_ctx);
static int cryptodev_dh_compute_key(unsigned char *key, const BIGNUM *pub_key,
DH *dh);
-static int cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) ());
+static int cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p,
+ void (*f) (void));
void ENGINE_load_cryptodev(void);
static const ENGINE_CMD_DEFN cryptodev_defns[] = {
@@ -139,6 +143,9 @@
int keylen;
} ciphers[] = {
{
+ CRYPTO_ARC4, NID_rc4, 0, 16,
+ },
+ {
CRYPTO_DES_CBC, NID_des_cbc, 8, 8,
},
{
@@ -148,6 +155,12 @@
CRYPTO_AES_CBC, NID_aes_128_cbc, 16, 16,
},
{
+ CRYPTO_AES_CBC, NID_aes_192_cbc, 16, 24,
+ },
+ {
+ CRYPTO_AES_CBC, NID_aes_256_cbc, 16, 32,
+ },
+ {
CRYPTO_BLF_CBC, NID_bf_cbc, 8, 16,
},
{
@@ -161,32 +174,37 @@
},
};
-# if 0
+# ifdef USE_CRYPTODEV_DIGESTS
static struct {
int id;
int nid;
+ int keylen;
} digests[] = {
{
- CRYPTO_SHA1_HMAC, NID_hmacWithSHA1,
+ CRYPTO_MD5_HMAC, NID_hmacWithMD5, 16
},
{
- CRYPTO_RIPEMD160_HMAC, NID_ripemd160,
+ CRYPTO_SHA1_HMAC, NID_hmacWithSHA1, 20
},
{
- CRYPTO_MD5_KPDK, NID_undef,
+ CRYPTO_RIPEMD160_HMAC, NID_ripemd160, 16
+ /* ? */
},
{
- CRYPTO_SHA1_KPDK, NID_undef,
+ CRYPTO_MD5_KPDK, NID_undef, 0
},
{
- CRYPTO_MD5, NID_md5,
+ CRYPTO_SHA1_KPDK, NID_undef, 0
},
{
- CRYPTO_SHA1, NID_undef,
+ CRYPTO_MD5, NID_md5, 16
},
{
- 0, NID_undef,
+ CRYPTO_SHA1, NID_sha1, 20
},
+ {
+ 0, NID_undef, 0
+ },
};
# endif
@@ -216,6 +234,7 @@
if ((fd = open_dev_crypto()) == -1)
return (-1);
+# ifndef CRIOGET_NOT_NEEDED
if (ioctl(fd, CRIOGET, &retfd) == -1)
return (-1);
@@ -224,9 +243,19 @@
close(retfd);
return (-1);
}
+# else
+ retfd = fd;
+# endif
return (retfd);
}
+static void put_dev_crypto(int fd)
+{
+# ifndef CRIOGET_NOT_NEEDED
+ close(fd);
+# endif
+}
+
/* Caching version for asym operations */
static int get_asym_dev_crypto(void)
{
@@ -238,47 +267,6 @@
}
/*
- * XXXX this needs to be set for each alg - and determined from
- * a running card.
- */
-static int cryptodev_max_iv(int cipher)
-{
- int i;
-
- for (i = 0; ciphers[i].id; i++)
- if (ciphers[i].id == cipher)
- return (ciphers[i].ivmax);
- return (0);
-}
-
-/*
- * XXXX this needs to be set for each alg - and determined from
- * a running card. For now, fake it out - but most of these
- * for real devices should return 1 for the supported key
- * sizes the device can handle.
- */
-static int cryptodev_key_length_valid(int cipher, int len)
-{
- int i;
-
- for (i = 0; ciphers[i].id; i++)
- if (ciphers[i].id == cipher)
- return (ciphers[i].keylen == len);
- return (0);
-}
-
-/* convert libcrypto nids to cryptodev */
-static int cipher_nid_to_cryptodev(int nid)
-{
- int i;
-
- for (i = 0; ciphers[i].id; i++)
- if (ciphers[i].nid == nid)
- return (ciphers[i].id);
- return (0);
-}
-
-/*
* Find out what ciphers /dev/crypto will let us have a session for.
* XXX note, that some of these openssl doesn't deal with yet!
* returning them here is harmless, as long as we return NULL
@@ -295,7 +283,7 @@
return (0);
}
memset(&sess, 0, sizeof(sess));
- sess.key = (caddr_t) "123456781234567812345678";
+ sess.key = (caddr_t) "123456789abcdefghijklmno";
for (i = 0; ciphers[i].id && count < CRYPTO_ALGORITHM_MAX; i++) {
if (ciphers[i].nid == NID_undef)
@@ -307,7 +295,7 @@
ioctl(fd, CIOCFSESSION, &sess.ses) != -1)
nids[count++] = ciphers[i].nid;
}
- close(fd);
+ put_dev_crypto(fd);
if (count > 0)
*cnids = nids;
@@ -316,7 +304,7 @@
return (count);
}
-# if 0 /* unused */
+# ifdef USE_CRYPTODEV_DIGESTS
/*
* Find out what digests /dev/crypto will let us have a session for.
* XXX note, that some of these openssl doesn't deal with yet!
@@ -334,16 +322,18 @@
return (0);
}
memset(&sess, 0, sizeof(sess));
+ sess.mackey = (caddr_t) "123456789abcdefghijklmno";
for (i = 0; digests[i].id && count < CRYPTO_ALGORITHM_MAX; i++) {
if (digests[i].nid == NID_undef)
continue;
sess.mac = digests[i].id;
+ sess.mackeylen = digests[i].keylen;
sess.cipher = 0;
if (ioctl(fd, CIOCGSESSION, &sess) != -1 &&
ioctl(fd, CIOCFSESSION, &sess.ses) != -1)
nids[count++] = digests[i].nid;
}
- close(fd);
+ put_dev_crypto(fd);
if (count > 0)
*cnids = nids;
@@ -351,9 +341,8 @@
*cnids = NULL;
return (count);
}
+# endif /* 0 */
-# endif
-
/*
* Find the useable ciphers|digests from dev/crypto - this is the first
* thing called by the engine init crud which determines what it
@@ -382,6 +371,9 @@
static int cryptodev_usable_digests(const int **nids)
{
+# ifdef USE_CRYPTODEV_DIGESTS
+ return (get_cryptodev_digests(nids));
+# else
/*
* XXXX just disable all digests for now, because it sucks.
* we need a better way to decide this - i.e. I may not
@@ -396,11 +388,12 @@
*/
*nids = NULL;
return (0);
+# endif
}
static int
cryptodev_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, unsigned int inl)
+ const unsigned char *in, size_t inl)
{
struct crypt_op cryp;
struct dev_crypto_state *state = ctx->cipher_data;
@@ -459,28 +452,32 @@
{
struct dev_crypto_state *state = ctx->cipher_data;
struct session_op *sess = &state->d_sess;
- int cipher;
+ int cipher = -1, i;
- if ((cipher = cipher_nid_to_cryptodev(ctx->cipher->nid)) == NID_undef)
- return (0);
+ for (i = 0; ciphers[i].id; i++)
+ if (ctx->cipher->nid == ciphers[i].nid &&
+ ctx->cipher->iv_len <= ciphers[i].ivmax &&
+ ctx->key_len == ciphers[i].keylen) {
+ cipher = ciphers[i].id;
+ break;
+ }
- if (ctx->cipher->iv_len > cryptodev_max_iv(cipher))
+ if (!ciphers[i].id) {
+ state->d_fd = -1;
return (0);
+ }
- if (!cryptodev_key_length_valid(cipher, ctx->key_len))
- return (0);
-
memset(sess, 0, sizeof(struct session_op));
if ((state->d_fd = get_dev_crypto()) < 0)
return (0);
- sess->key = (char *)key;
+ sess->key = (caddr_t) key;
sess->keylen = ctx->key_len;
sess->cipher = cipher;
if (ioctl(state->d_fd, CIOCGSESSION, sess) == -1) {
- close(state->d_fd);
+ put_dev_crypto(state->d_fd);
state->d_fd = -1;
return (0);
}
@@ -515,7 +512,7 @@
} else {
ret = 1;
}
- close(state->d_fd);
+ put_dev_crypto(state->d_fd);
state->d_fd = -1;
return (ret);
@@ -526,6 +523,20 @@
* gets called when libcrypto requests a cipher NID.
*/
+/* RC4 */
+const EVP_CIPHER cryptodev_rc4 = {
+ NID_rc4,
+ 1, 16, 0,
+ EVP_CIPH_VARIABLE_LENGTH,
+ cryptodev_init_key,
+ cryptodev_cipher,
+ cryptodev_cleanup,
+ sizeof(struct dev_crypto_state),
+ NULL,
+ NULL,
+ NULL
+};
+
/* DES CBC EVP */
const EVP_CIPHER cryptodev_des_cbc = {
NID_des_cbc,
@@ -593,6 +604,32 @@
NULL
};
+const EVP_CIPHER cryptodev_aes_192_cbc = {
+ NID_aes_192_cbc,
+ 16, 24, 16,
+ EVP_CIPH_CBC_MODE,
+ cryptodev_init_key,
+ cryptodev_cipher,
+ cryptodev_cleanup,
+ sizeof(struct dev_crypto_state),
+ EVP_CIPHER_set_asn1_iv,
+ EVP_CIPHER_get_asn1_iv,
+ NULL
+};
+
+const EVP_CIPHER cryptodev_aes_256_cbc = {
+ NID_aes_256_cbc,
+ 16, 32, 16,
+ EVP_CIPH_CBC_MODE,
+ cryptodev_init_key,
+ cryptodev_cipher,
+ cryptodev_cleanup,
+ sizeof(struct dev_crypto_state),
+ EVP_CIPHER_set_asn1_iv,
+ EVP_CIPHER_get_asn1_iv,
+ NULL
+};
+
/*
* Registered by the ENGINE when used to find out how to deal with
* a particular NID in the ENGINE. this says what we'll do at the
@@ -606,6 +643,9 @@
return (cryptodev_usable_ciphers(nids));
switch (nid) {
+ case NID_rc4:
+ *cipher = &cryptodev_rc4;
+ break;
case NID_des_ede3_cbc:
*cipher = &cryptodev_3des_cbc;
break;
@@ -621,6 +661,12 @@
case NID_aes_128_cbc:
*cipher = &cryptodev_aes_cbc;
break;
+ case NID_aes_192_cbc:
+ *cipher = &cryptodev_aes_192_cbc;
+ break;
+ case NID_aes_256_cbc:
+ *cipher = &cryptodev_aes_256_cbc;
+ break;
default:
*cipher = NULL;
break;
@@ -628,6 +674,247 @@
return (*cipher != NULL);
}
+# ifdef USE_CRYPTODEV_DIGESTS
+
+/* convert digest type to cryptodev */
+static int digest_nid_to_cryptodev(int nid)
+{
+ int i;
+
+ for (i = 0; digests[i].id; i++)
+ if (digests[i].nid == nid)
+ return (digests[i].id);
+ return (0);
+}
+
+static int digest_key_length(int nid)
+{
+ int i;
+
+ for (i = 0; digests[i].id; i++)
+ if (digests[i].nid == nid)
+ return digests[i].keylen;
+ return (0);
+}
+
+static int cryptodev_digest_init(EVP_MD_CTX *ctx)
+{
+ struct dev_crypto_state *state = ctx->md_data;
+ struct session_op *sess = &state->d_sess;
+ int digest;
+
+ if ((digest = digest_nid_to_cryptodev(ctx->digest->type)) == NID_undef) {
+ printf("cryptodev_digest_init: Can't get digest \n");
+ return (0);
+ }
+
+ memset(state, 0, sizeof(struct dev_crypto_state));
+
+ if ((state->d_fd = get_dev_crypto()) < 0) {
+ printf("cryptodev_digest_init: Can't get Dev \n");
+ return (0);
+ }
+
+ sess->mackey = state->dummy_mac_key;
+ sess->mackeylen = digest_key_length(ctx->digest->type);
+ sess->mac = digest;
+
+ if (ioctl(state->d_fd, CIOCGSESSION, sess) < 0) {
+ put_dev_crypto(state->d_fd);
+ state->d_fd = -1;
+ printf("cryptodev_digest_init: Open session failed\n");
+ return (0);
+ }
+
+ return (1);
+}
+
+static int cryptodev_digest_update(EVP_MD_CTX *ctx, const void *data,
+ size_t count)
+{
+ struct crypt_op cryp;
+ struct dev_crypto_state *state = ctx->md_data;
+ struct session_op *sess = &state->d_sess;
+
+ if (!data || state->d_fd < 0) {
+ printf("cryptodev_digest_update: illegal inputs \n");
+ return (0);
+ }
+
+ if (!count) {
+ return (0);
+ }
+
+ if (!(ctx->flags & EVP_MD_CTX_FLAG_ONESHOT)) {
+ /* if application doesn't support one buffer */
+ state->mac_data =
+ OPENSSL_realloc(state->mac_data, state->mac_len + count);
+
+ if (!state->mac_data) {
+ printf("cryptodev_digest_update: realloc failed\n");
+ return (0);
+ }
+
+ memcpy(state->mac_data + state->mac_len, data, count);
+ state->mac_len += count;
+
+ return (1);
+ }
+
+ memset(&cryp, 0, sizeof(cryp));
+
+ cryp.ses = sess->ses;
+ cryp.flags = 0;
+ cryp.len = count;
+ cryp.src = (caddr_t) data;
+ cryp.dst = NULL;
+ cryp.mac = (caddr_t) state->digest_res;
+ if (ioctl(state->d_fd, CIOCCRYPT, &cryp) < 0) {
+ printf("cryptodev_digest_update: digest failed\n");
+ return (0);
+ }
+ return (1);
+}
+
+static int cryptodev_digest_final(EVP_MD_CTX *ctx, unsigned char *md)
+{
+ struct crypt_op cryp;
+ struct dev_crypto_state *state = ctx->md_data;
+ struct session_op *sess = &state->d_sess;
+
+ int ret = 1;
+
+ if (!md || state->d_fd < 0) {
+ printf("cryptodev_digest_final: illegal input\n");
+ return (0);
+ }
+
+ if (!(ctx->flags & EVP_MD_CTX_FLAG_ONESHOT)) {
+ /* if application doesn't support one buffer */
+ memset(&cryp, 0, sizeof(cryp));
+ cryp.ses = sess->ses;
+ cryp.flags = 0;
+ cryp.len = state->mac_len;
+ cryp.src = state->mac_data;
+ cryp.dst = NULL;
+ cryp.mac = (caddr_t) md;
+ if (ioctl(state->d_fd, CIOCCRYPT, &cryp) < 0) {
+ printf("cryptodev_digest_final: digest failed\n");
+ return (0);
+ }
+
+ return 1;
+ }
+
+ memcpy(md, state->digest_res, ctx->digest->md_size);
+
+ return (ret);
+}
+
+static int cryptodev_digest_cleanup(EVP_MD_CTX *ctx)
+{
+ int ret = 1;
+ struct dev_crypto_state *state = ctx->md_data;
+ struct session_op *sess = &state->d_sess;
+
+ if (state == NULL)
+ return 0;
+
+ if (state->d_fd < 0) {
+ printf("cryptodev_digest_cleanup: illegal input\n");
+ return (0);
+ }
+
+ if (state->mac_data) {
+ OPENSSL_free(state->mac_data);
+ state->mac_data = NULL;
+ state->mac_len = 0;
+ }
+
+ if (ioctl(state->d_fd, CIOCFSESSION, &sess->ses) < 0) {
+ printf("cryptodev_digest_cleanup: failed to close session\n");
+ ret = 0;
+ } else {
+ ret = 1;
+ }
+ put_dev_crypto(state->d_fd);
+ state->d_fd = -1;
+
+ return (ret);
+}
+
+static int cryptodev_digest_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from)
+{
+ struct dev_crypto_state *fstate = from->md_data;
+ struct dev_crypto_state *dstate = to->md_data;
+ struct session_op *sess;
+ int digest;
+
+ if (dstate == NULL || fstate == NULL)
+ return 1;
+
+ memcpy(dstate, fstate, sizeof(struct dev_crypto_state));
+
+ sess = &dstate->d_sess;
+
+ digest = digest_nid_to_cryptodev(to->digest->type);
+
+ sess->mackey = dstate->dummy_mac_key;
+ sess->mackeylen = digest_key_length(to->digest->type);
+ sess->mac = digest;
+
+ dstate->d_fd = get_dev_crypto();
+
+ if (ioctl(dstate->d_fd, CIOCGSESSION, sess) < 0) {
+ put_dev_crypto(dstate->d_fd);
+ dstate->d_fd = -1;
+ printf("cryptodev_digest_init: Open session failed\n");
+ return (0);
+ }
+
+ if (fstate->mac_len != 0) {
+ if (fstate->mac_data != NULL) {
+ dstate->mac_data = OPENSSL_malloc(fstate->mac_len);
+ memcpy(dstate->mac_data, fstate->mac_data, fstate->mac_len);
+ dstate->mac_len = fstate->mac_len;
+ }
+ }
+
+ return 1;
+}
+
+const EVP_MD cryptodev_sha1 = {
+ NID_sha1,
+ NID_undef,
+ SHA_DIGEST_LENGTH,
+ EVP_MD_FLAG_ONESHOT,
+ cryptodev_digest_init,
+ cryptodev_digest_update,
+ cryptodev_digest_final,
+ cryptodev_digest_copy,
+ cryptodev_digest_cleanup,
+ EVP_PKEY_NULL_method,
+ SHA_CBLOCK,
+ sizeof(struct dev_crypto_state),
+};
+
+const EVP_MD cryptodev_md5 = {
+ NID_md5,
+ NID_undef,
+ 16 /* MD5_DIGEST_LENGTH */ ,
+ EVP_MD_FLAG_ONESHOT,
+ cryptodev_digest_init,
+ cryptodev_digest_update,
+ cryptodev_digest_final,
+ cryptodev_digest_copy,
+ cryptodev_digest_cleanup,
+ EVP_PKEY_NULL_method,
+ 64 /* MD5_CBLOCK */ ,
+ sizeof(struct dev_crypto_state),
+};
+
+# endif /* USE_CRYPTODEV_DIGESTS */
+
static int
cryptodev_engine_digests(ENGINE *e, const EVP_MD **digest,
const int **nids, int nid)
@@ -636,10 +923,15 @@
return (cryptodev_usable_digests(nids));
switch (nid) {
+# ifdef USE_CRYPTODEV_DIGESTS
case NID_md5:
- *digest = NULL; /* need to make a clean md5 critter */
+ *digest = &cryptodev_md5;
break;
+ case NID_sha1:
+ *digest = &cryptodev_sha1;
+ break;
default:
+# endif /* USE_CRYPTODEV_DIGESTS */
*digest = NULL;
break;
}
@@ -666,8 +958,9 @@
b = malloc(bytes);
if (b == NULL)
return (1);
+ memset(b, 0, bytes);
- crp->crp_p = (char *)b;
+ crp->crp_p = (caddr_t) b;
crp->crp_nbits = bits;
for (i = 0, j = 0; i < a->top; i++) {
@@ -708,7 +1001,7 @@
{
int i;
- for (i = 0; i <= kop->crk_iparams + kop->crk_oparams; i++) {
+ for (i = 0; i < kop->crk_iparams + kop->crk_oparams; i++) {
if (kop->crk_param[i].crp_p)
free(kop->crk_param[i].crp_p);
kop->crk_param[i].crp_p = NULL;
@@ -798,8 +1091,9 @@
BN_CTX *ctx)
{
int r;
-
+ ctx = BN_CTX_new();
r = cryptodev_bn_mod_exp(r0, I, rsa->d, rsa->n, ctx, NULL);
+ BN_CTX_free(ctx);
return (r);
}
@@ -1042,7 +1336,7 @@
goto err;
kop.crk_iparams = 3;
- kop.crk_param[3].crp_p = (char *)key;
+ kop.crk_param[3].crp_p = (caddr_t) key;
kop.crk_param[3].crp_nbits = keylen * 8;
kop.crk_oparams = 1;
@@ -1072,7 +1366,8 @@
* ctrl right now is just a wrapper that doesn't do much
* but I expect we'll want some options soon.
*/
-static int cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) ())
+static int
+cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void))
{
# ifdef HAVE_SYSLOG_R
struct syslog_data sd = SYSLOG_DATA_INIT;
@@ -1106,11 +1401,11 @@
* find out what asymmetric crypto algorithms we support
*/
if (ioctl(fd, CIOCASYMFEAT, &cryptodev_asymfeat) == -1) {
- close(fd);
+ put_dev_crypto(fd);
ENGINE_free(engine);
return;
}
- close(fd);
+ put_dev_crypto(fd);
if (!ENGINE_set_id(engine, "cryptodev") ||
!ENGINE_set_name(engine, "BSD cryptodev engine") ||
Modified: trunk/crypto/openssl/crypto/engine/eng_dyn.c
===================================================================
--- trunk/crypto/openssl/crypto/engine/eng_dyn.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/engine/eng_dyn.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -119,10 +119,6 @@
{0, NULL, NULL, 0}
};
-static const ENGINE_CMD_DEFN dynamic_cmd_defns_empty[] = {
- {0, NULL, NULL, 0}
-};
-
/*
* Loading code stores state inside the ENGINE structure via the "ex_data"
* element. We load all our state into a single structure and use that as a
@@ -161,7 +157,7 @@
*/
int dir_load;
/* A stack of directories from which ENGINEs could be loaded */
- STACK *dirs;
+ STACK_OF(OPENSSL_STRING) *dirs;
};
/*
@@ -170,7 +166,7 @@
*/
static int dynamic_ex_data_idx = -1;
-static void int_free_str(void *s)
+static void int_free_str(char *s)
{
OPENSSL_free(s);
}
@@ -197,7 +193,7 @@
if (ctx->engine_id)
OPENSSL_free((void *)ctx->engine_id);
if (ctx->dirs)
- sk_pop_free(ctx->dirs, int_free_str);
+ sk_OPENSSL_STRING_pop_free(ctx->dirs, int_free_str);
OPENSSL_free(ctx);
}
}
@@ -227,7 +223,7 @@
c->DYNAMIC_F1 = "v_check";
c->DYNAMIC_F2 = "bind_engine";
c->dir_load = 1;
- c->dirs = sk_new_null();
+ c->dirs = sk_OPENSSL_STRING_new_null();
if (!c->dirs) {
ENGINEerr(ENGINE_F_DYNAMIC_SET_DATA_CTX, ERR_R_MALLOC_FAILURE);
OPENSSL_free(c);
@@ -416,7 +412,7 @@
ENGINEerr(ENGINE_F_DYNAMIC_CTRL, ERR_R_MALLOC_FAILURE);
return 0;
}
- sk_insert(ctx->dirs, tmp_str, -1);
+ sk_OPENSSL_STRING_insert(ctx->dirs, tmp_str, -1);
}
return 1;
default:
@@ -435,10 +431,10 @@
0)) != NULL)
return 1;
/* If we're not allowed to use 'dirs' or we have none, fail */
- if (!ctx->dir_load || ((num = sk_num(ctx->dirs)) < 1))
+ if (!ctx->dir_load || (num = sk_OPENSSL_STRING_num(ctx->dirs)) < 1)
return 0;
for (loop = 0; loop < num; loop++) {
- const char *s = sk_value(ctx->dirs, loop);
+ const char *s = sk_OPENSSL_STRING_value(ctx->dirs, loop);
char *merge = DSO_merge(ctx->dynamic_dso, ctx->DYNAMIC_LIBNAME, s);
if (!merge)
return 0;
Modified: trunk/crypto/openssl/crypto/engine/eng_err.c
===================================================================
--- trunk/crypto/openssl/crypto/engine/eng_err.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/engine/eng_err.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -86,6 +86,9 @@
{ERR_FUNC(ENGINE_F_ENGINE_GET_DEFAULT_TYPE), "ENGINE_GET_DEFAULT_TYPE"},
{ERR_FUNC(ENGINE_F_ENGINE_GET_DIGEST), "ENGINE_get_digest"},
{ERR_FUNC(ENGINE_F_ENGINE_GET_NEXT), "ENGINE_get_next"},
+ {ERR_FUNC(ENGINE_F_ENGINE_GET_PKEY_ASN1_METH),
+ "ENGINE_get_pkey_asn1_meth"},
+ {ERR_FUNC(ENGINE_F_ENGINE_GET_PKEY_METH), "ENGINE_get_pkey_meth"},
{ERR_FUNC(ENGINE_F_ENGINE_GET_PREV), "ENGINE_get_prev"},
{ERR_FUNC(ENGINE_F_ENGINE_INIT), "ENGINE_init"},
{ERR_FUNC(ENGINE_F_ENGINE_LIST_ADD), "ENGINE_LIST_ADD"},
@@ -158,6 +161,8 @@
{ERR_REASON(ENGINE_R_RSA_NOT_IMPLEMENTED), "rsa not implemented"},
{ERR_REASON(ENGINE_R_UNIMPLEMENTED_CIPHER), "unimplemented cipher"},
{ERR_REASON(ENGINE_R_UNIMPLEMENTED_DIGEST), "unimplemented digest"},
+ {ERR_REASON(ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD),
+ "unimplemented public key method"},
{ERR_REASON(ENGINE_R_VERSION_INCOMPATIBILITY), "version incompatibility"},
{0, NULL}
};
Modified: trunk/crypto/openssl/crypto/engine/eng_fat.c
===================================================================
--- trunk/crypto/openssl/crypto/engine/eng_fat.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/engine/eng_fat.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -89,6 +89,12 @@
#endif
if ((flags & ENGINE_METHOD_RAND) && !ENGINE_set_default_RAND(e))
return 0;
+ if ((flags & ENGINE_METHOD_PKEY_METHS)
+ && !ENGINE_set_default_pkey_meths(e))
+ return 0;
+ if ((flags & ENGINE_METHOD_PKEY_ASN1_METHS)
+ && !ENGINE_set_default_pkey_asn1_meths(e))
+ return 0;
return 1;
}
@@ -97,6 +103,8 @@
static int int_def_cb(const char *alg, int len, void *arg)
{
unsigned int *pflags = arg;
+ if (alg == NULL)
+ return 0;
if (!strncmp(alg, "ALL", len))
*pflags |= ENGINE_METHOD_ALL;
else if (!strncmp(alg, "RSA", len))
@@ -115,6 +123,12 @@
*pflags |= ENGINE_METHOD_CIPHERS;
else if (!strncmp(alg, "DIGESTS", len))
*pflags |= ENGINE_METHOD_DIGESTS;
+ else if (!strncmp(alg, "PKEY", len))
+ *pflags |= ENGINE_METHOD_PKEY_METHS | ENGINE_METHOD_PKEY_ASN1_METHS;
+ else if (!strncmp(alg, "PKEY_CRYPTO", len))
+ *pflags |= ENGINE_METHOD_PKEY_METHS;
+ else if (!strncmp(alg, "PKEY_ASN1", len))
+ *pflags |= ENGINE_METHOD_PKEY_ASN1_METHS;
else
return 0;
return 1;
@@ -152,6 +166,7 @@
ENGINE_register_ECDSA(e);
#endif
ENGINE_register_RAND(e);
+ ENGINE_register_pkey_meths(e);
return 1;
}
@@ -160,6 +175,7 @@
ENGINE *e;
for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
- ENGINE_register_complete(e);
+ if (!(e->flags & ENGINE_FLAGS_NO_REGISTER_ALL))
+ ENGINE_register_complete(e);
return 1;
}
Modified: trunk/crypto/openssl/crypto/engine/eng_int.h
===================================================================
--- trunk/crypto/openssl/crypto/engine/eng_int.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/engine/eng_int.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -138,6 +138,10 @@
int l);
# define engine_table_select(t,n) engine_table_select_tmp(t,n,__FILE__,__LINE__)
# endif
+typedef void (engine_table_doall_cb) (int nid, STACK_OF(ENGINE) *sk,
+ ENGINE *def, void *arg);
+void engine_table_doall(ENGINE_TABLE *table, engine_table_doall_cb *cb,
+ void *arg);
/*
* Internal versions of API functions that have control over locking. These
@@ -160,6 +164,11 @@
* exposed in engine.h.
*/
+/* Free up dynamically allocated public key methods associated with ENGINE */
+
+void engine_pkey_meths_free(ENGINE *e);
+void engine_pkey_asn1_meths_free(ENGINE *e);
+
/*
* This is a structure for storing implementations of various crypto
* algorithms and functions.
@@ -178,6 +187,10 @@
ENGINE_CIPHERS_PTR ciphers;
/* Digest handling is via this callback */
ENGINE_DIGESTS_PTR digests;
+ /* Public key handling via this callback */
+ ENGINE_PKEY_METHS_PTR pkey_meths;
+ /* ASN1 public key handling via this callback */
+ ENGINE_PKEY_ASN1_METHS_PTR pkey_asn1_meths;
ENGINE_GEN_INT_FUNC_PTR destroy;
ENGINE_GEN_INT_FUNC_PTR init;
ENGINE_GEN_INT_FUNC_PTR finish;
Modified: trunk/crypto/openssl/crypto/engine/eng_lib.c
===================================================================
--- trunk/crypto/openssl/crypto/engine/eng_lib.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/engine/eng_lib.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -125,6 +125,9 @@
abort();
}
#endif
+ /* Free up any dynamically allocated public key methods */
+ engine_pkey_meths_free(e);
+ engine_pkey_asn1_meths_free(e);
/*
* Give the ENGINE a chance to do any structural cleanup corresponding to
* allocation it did in its constructor (eg. unload error strings)
Modified: trunk/crypto/openssl/crypto/engine/eng_list.c
===================================================================
--- trunk/crypto/openssl/crypto/engine/eng_list.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/engine/eng_list.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -310,6 +310,7 @@
dest->store_meth = src->store_meth;
dest->ciphers = src->ciphers;
dest->digests = src->digests;
+ dest->pkey_meths = src->pkey_meths;
dest->destroy = src->destroy;
dest->init = src->init;
dest->finish = src->finish;
@@ -378,6 +379,7 @@
!ENGINE_ctrl_cmd_string(iterator, "DIR_LOAD", "2", 0) ||
!ENGINE_ctrl_cmd_string(iterator, "DIR_ADD",
load_dir, 0) ||
+ !ENGINE_ctrl_cmd_string(iterator, "LIST_ADD", "1", 0) ||
!ENGINE_ctrl_cmd_string(iterator, "LOAD", NULL, 0))
goto notfound;
return iterator;
Modified: trunk/crypto/openssl/crypto/engine/eng_openssl.c
===================================================================
--- trunk/crypto/openssl/crypto/engine/eng_openssl.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/engine/eng_openssl.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -253,7 +253,7 @@
}
static int test_rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, unsigned int inl)
+ const unsigned char *in, size_t inl)
{
# ifdef TEST_ENG_OPENSSL_RC4_P_CIPHER
fprintf(stderr, "(TEST_ENG_OPENSSL_RC4) test_cipher() called\n");
Copied: trunk/crypto/openssl/crypto/engine/eng_rdrand.c (from rev 7117, vendor-crypto/openssl/dist/crypto/engine/eng_rdrand.c)
===================================================================
--- trunk/crypto/openssl/crypto/engine/eng_rdrand.c (rev 0)
+++ trunk/crypto/openssl/crypto/engine/eng_rdrand.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,149 @@
+/* ====================================================================
+ * Copyright (c) 2011 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#include <openssl/opensslconf.h>
+
+#include <stdio.h>
+#include <string.h>
+#include <openssl/engine.h>
+#include <openssl/rand.h>
+#include <openssl/err.h>
+
+#if (defined(__i386) || defined(__i386__) || defined(_M_IX86) || \
+ defined(__x86_64) || defined(__x86_64__) || \
+ defined(_M_AMD64) || defined (_M_X64)) && defined(OPENSSL_CPUID_OBJ)
+
+size_t OPENSSL_ia32_rdrand(void);
+
+static int get_random_bytes(unsigned char *buf, int num)
+{
+ size_t rnd;
+
+ while (num >= (int)sizeof(size_t)) {
+ if ((rnd = OPENSSL_ia32_rdrand()) == 0)
+ return 0;
+
+ *((size_t *)buf) = rnd;
+ buf += sizeof(size_t);
+ num -= sizeof(size_t);
+ }
+ if (num) {
+ if ((rnd = OPENSSL_ia32_rdrand()) == 0)
+ return 0;
+
+ memcpy(buf, &rnd, num);
+ }
+
+ return 1;
+}
+
+static int random_status(void)
+{
+ return 1;
+}
+
+static RAND_METHOD rdrand_meth = {
+ NULL, /* seed */
+ get_random_bytes,
+ NULL, /* cleanup */
+ NULL, /* add */
+ get_random_bytes,
+ random_status,
+};
+
+static int rdrand_init(ENGINE *e)
+{
+ return 1;
+}
+
+static const char *engine_e_rdrand_id = "rdrand";
+static const char *engine_e_rdrand_name = "Intel RDRAND engine";
+
+static int bind_helper(ENGINE *e)
+{
+ if (!ENGINE_set_id(e, engine_e_rdrand_id) ||
+ !ENGINE_set_name(e, engine_e_rdrand_name) ||
+ !ENGINE_set_flags(e, ENGINE_FLAGS_NO_REGISTER_ALL) ||
+ !ENGINE_set_init_function(e, rdrand_init) ||
+ !ENGINE_set_RAND(e, &rdrand_meth))
+ return 0;
+
+ return 1;
+}
+
+static ENGINE *ENGINE_rdrand(void)
+{
+ ENGINE *ret = ENGINE_new();
+ if (!ret)
+ return NULL;
+ if (!bind_helper(ret)) {
+ ENGINE_free(ret);
+ return NULL;
+ }
+ return ret;
+}
+
+void ENGINE_load_rdrand(void)
+{
+ extern unsigned int OPENSSL_ia32cap_P[];
+
+ if (OPENSSL_ia32cap_P[1] & (1 << (62 - 32))) {
+ ENGINE *toadd = ENGINE_rdrand();
+ if (!toadd)
+ return;
+ ENGINE_add(toadd);
+ ENGINE_free(toadd);
+ ERR_clear_error();
+ }
+}
+#else
+void ENGINE_load_rdrand(void)
+{
+}
+#endif
Copied: trunk/crypto/openssl/crypto/engine/eng_rsax.c (from rev 7117, vendor-crypto/openssl/dist/crypto/engine/eng_rsax.c)
===================================================================
--- trunk/crypto/openssl/crypto/engine/eng_rsax.c (rev 0)
+++ trunk/crypto/openssl/crypto/engine/eng_rsax.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,701 @@
+/* crypto/engine/eng_rsax.c */
+/* Copyright (c) 2010-2010 Intel Corp.
+ * Author: Vinodh.Gopal at intel.com
+ * Jim Guilford
+ * Erdinc.Ozturk at intel.com
+ * Maxim.Perminov at intel.com
+ * Ying.Huang at intel.com
+ *
+ * More information about algorithm used can be found at:
+ * http://www.cse.buffalo.edu/srds2009/escs2009_submission_Gopal.pdf
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ */
+
+#include <openssl/opensslconf.h>
+
+#include <stdio.h>
+#include <string.h>
+#include <openssl/crypto.h>
+#include <openssl/buffer.h>
+#include <openssl/engine.h>
+#ifndef OPENSSL_NO_RSA
+# include <openssl/rsa.h>
+#endif
+#include <openssl/bn.h>
+#include <openssl/err.h>
+
+/* RSAX is available **ONLY* on x86_64 CPUs */
+#undef COMPILE_RSAX
+
+#if (defined(__x86_64) || defined(__x86_64__) || \
+ defined(_M_AMD64) || defined (_M_X64)) && !defined(OPENSSL_NO_ASM)
+# define COMPILE_RSAX
+static ENGINE *ENGINE_rsax(void);
+#endif
+
+void ENGINE_load_rsax(void)
+{
+/* On non-x86 CPUs it just returns. */
+#ifdef COMPILE_RSAX
+ ENGINE *toadd = ENGINE_rsax();
+ if (!toadd)
+ return;
+ ENGINE_add(toadd);
+ ENGINE_free(toadd);
+ ERR_clear_error();
+#endif
+}
+
+#ifdef COMPILE_RSAX
+# define E_RSAX_LIB_NAME "rsax engine"
+
+static int e_rsax_destroy(ENGINE *e);
+static int e_rsax_init(ENGINE *e);
+static int e_rsax_finish(ENGINE *e);
+static int e_rsax_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void));
+
+# ifndef OPENSSL_NO_RSA
+/* RSA stuff */
+static int e_rsax_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa,
+ BN_CTX *ctx);
+static int e_rsax_rsa_finish(RSA *r);
+# endif
+
+static const ENGINE_CMD_DEFN e_rsax_cmd_defns[] = {
+ {0, NULL, NULL, 0}
+};
+
+# ifndef OPENSSL_NO_RSA
+/* Our internal RSA_METHOD that we provide pointers to */
+static RSA_METHOD e_rsax_rsa = {
+ "Intel RSA-X method",
+ NULL,
+ NULL,
+ NULL,
+ NULL,
+ e_rsax_rsa_mod_exp,
+ NULL,
+ NULL,
+ e_rsax_rsa_finish,
+ RSA_FLAG_CACHE_PUBLIC | RSA_FLAG_CACHE_PRIVATE,
+ NULL,
+ NULL,
+ NULL
+};
+# endif
+
+/* Constants used when creating the ENGINE */
+static const char *engine_e_rsax_id = "rsax";
+static const char *engine_e_rsax_name = "RSAX engine support";
+
+/* This internal function is used by ENGINE_rsax() */
+static int bind_helper(ENGINE *e)
+{
+# ifndef OPENSSL_NO_RSA
+ const RSA_METHOD *meth1;
+# endif
+ if (!ENGINE_set_id(e, engine_e_rsax_id) ||
+ !ENGINE_set_name(e, engine_e_rsax_name) ||
+# ifndef OPENSSL_NO_RSA
+ !ENGINE_set_RSA(e, &e_rsax_rsa) ||
+# endif
+ !ENGINE_set_destroy_function(e, e_rsax_destroy) ||
+ !ENGINE_set_init_function(e, e_rsax_init) ||
+ !ENGINE_set_finish_function(e, e_rsax_finish) ||
+ !ENGINE_set_ctrl_function(e, e_rsax_ctrl) ||
+ !ENGINE_set_cmd_defns(e, e_rsax_cmd_defns))
+ return 0;
+
+# ifndef OPENSSL_NO_RSA
+ meth1 = RSA_PKCS1_SSLeay();
+ e_rsax_rsa.rsa_pub_enc = meth1->rsa_pub_enc;
+ e_rsax_rsa.rsa_pub_dec = meth1->rsa_pub_dec;
+ e_rsax_rsa.rsa_priv_enc = meth1->rsa_priv_enc;
+ e_rsax_rsa.rsa_priv_dec = meth1->rsa_priv_dec;
+ e_rsax_rsa.bn_mod_exp = meth1->bn_mod_exp;
+# endif
+ return 1;
+}
+
+static ENGINE *ENGINE_rsax(void)
+{
+ ENGINE *ret = ENGINE_new();
+ if (!ret)
+ return NULL;
+ if (!bind_helper(ret)) {
+ ENGINE_free(ret);
+ return NULL;
+ }
+ return ret;
+}
+
+# ifndef OPENSSL_NO_RSA
+/* Used to attach our own key-data to an RSA structure */
+static int rsax_ex_data_idx = -1;
+# endif
+
+static int e_rsax_destroy(ENGINE *e)
+{
+ return 1;
+}
+
+/* (de)initialisation functions. */
+static int e_rsax_init(ENGINE *e)
+{
+# ifndef OPENSSL_NO_RSA
+ if (rsax_ex_data_idx == -1)
+ rsax_ex_data_idx = RSA_get_ex_new_index(0, NULL, NULL, NULL, NULL);
+# endif
+ if (rsax_ex_data_idx == -1)
+ return 0;
+ return 1;
+}
+
+static int e_rsax_finish(ENGINE *e)
+{
+ return 1;
+}
+
+static int e_rsax_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void))
+{
+ int to_return = 1;
+
+ switch (cmd) {
+ /* The command isn't understood by this engine */
+ default:
+ to_return = 0;
+ break;
+ }
+
+ return to_return;
+}
+
+# ifndef OPENSSL_NO_RSA
+
+# ifdef _WIN32
+typedef unsigned __int64 UINT64;
+# else
+typedef unsigned long long UINT64;
+# endif
+typedef unsigned short UINT16;
+
+/*
+ * Table t is interleaved in the following manner: The order in memory is
+ * t[0][0], t[0][1], ..., t[0][7], t[1][0], ... A particular 512-bit value is
+ * stored in t[][index] rather than the more normal t[index][]; i.e. the
+ * qwords of a particular entry in t are not adjacent in memory
+ */
+
+/* Init BIGNUM b from the interleaved UINT64 array */
+static int interleaved_array_to_bn_512(BIGNUM *b, UINT64 *array);
+
+/*
+ * Extract array elements from BIGNUM b To set the whole array from b, call
+ * with n=8
+ */
+static int bn_extract_to_array_512(const BIGNUM *b, unsigned int n,
+ UINT64 *array);
+
+struct mod_ctx_512 {
+ UINT64 t[8][8];
+ UINT64 m[8];
+ UINT64 m1[8]; /* 2^278 % m */
+ UINT64 m2[8]; /* 2^640 % m */
+ UINT64 k1[2]; /* (- 1/m) % 2^128 */
+};
+
+static int mod_exp_pre_compute_data_512(UINT64 *m, struct mod_ctx_512 *data);
+
+void mod_exp_512(UINT64 *result, /* 512 bits, 8 qwords */
+ UINT64 *g, /* 512 bits, 8 qwords */
+ UINT64 *exp, /* 512 bits, 8 qwords */
+ struct mod_ctx_512 *data);
+
+typedef struct st_e_rsax_mod_ctx {
+ UINT64 type;
+ union {
+ struct mod_ctx_512 b512;
+ } ctx;
+
+} E_RSAX_MOD_CTX;
+
+static E_RSAX_MOD_CTX *e_rsax_get_ctx(RSA *rsa, int idx, BIGNUM *m)
+{
+ E_RSAX_MOD_CTX *hptr;
+
+ if (idx < 0 || idx > 2)
+ return NULL;
+
+ hptr = RSA_get_ex_data(rsa, rsax_ex_data_idx);
+ if (!hptr) {
+ hptr = OPENSSL_malloc(3 * sizeof(E_RSAX_MOD_CTX));
+ if (!hptr)
+ return NULL;
+ hptr[2].type = hptr[1].type = hptr[0].type = 0;
+ RSA_set_ex_data(rsa, rsax_ex_data_idx, hptr);
+ }
+
+ if (hptr[idx].type == (UINT64)BN_num_bits(m))
+ return hptr + idx;
+
+ if (BN_num_bits(m) == 512) {
+ UINT64 _m[8];
+ bn_extract_to_array_512(m, 8, _m);
+ memset(&hptr[idx].ctx.b512, 0, sizeof(struct mod_ctx_512));
+ mod_exp_pre_compute_data_512(_m, &hptr[idx].ctx.b512);
+ }
+
+ hptr[idx].type = BN_num_bits(m);
+ return hptr + idx;
+}
+
+static int e_rsax_rsa_finish(RSA *rsa)
+{
+ E_RSAX_MOD_CTX *hptr = RSA_get_ex_data(rsa, rsax_ex_data_idx);
+ if (hptr) {
+ OPENSSL_free(hptr);
+ RSA_set_ex_data(rsa, rsax_ex_data_idx, NULL);
+ }
+ if (rsa->_method_mod_n)
+ BN_MONT_CTX_free(rsa->_method_mod_n);
+ if (rsa->_method_mod_p)
+ BN_MONT_CTX_free(rsa->_method_mod_p);
+ if (rsa->_method_mod_q)
+ BN_MONT_CTX_free(rsa->_method_mod_q);
+ return 1;
+}
+
+static int e_rsax_bn_mod_exp(BIGNUM *r, const BIGNUM *g, const BIGNUM *e,
+ const BIGNUM *m, BN_CTX *ctx,
+ BN_MONT_CTX *in_mont,
+ E_RSAX_MOD_CTX *rsax_mod_ctx)
+{
+ if (rsax_mod_ctx && BN_get_flags(e, BN_FLG_CONSTTIME) != 0) {
+ if (BN_num_bits(m) == 512) {
+ UINT64 _r[8];
+ UINT64 _g[8];
+ UINT64 _e[8];
+
+ /* Init the arrays from the BIGNUMs */
+ bn_extract_to_array_512(g, 8, _g);
+ bn_extract_to_array_512(e, 8, _e);
+
+ mod_exp_512(_r, _g, _e, &rsax_mod_ctx->ctx.b512);
+ /* Return the result in the BIGNUM */
+ interleaved_array_to_bn_512(r, _r);
+ return 1;
+ }
+ }
+
+ return BN_mod_exp_mont(r, g, e, m, ctx, in_mont);
+}
+
+/*
+ * Declares for the Intel CIAP 512-bit / CRT / 1024 bit RSA modular
+ * exponentiation routine precalculations and a structure to hold the
+ * necessary values. These files are meant to live in crypto/rsa/ in the
+ * target openssl.
+ */
+
+/*
+ * Local method: extracts a piece from a BIGNUM, to fit it into
+ * an array. Call with n=8 to extract an entire 512-bit BIGNUM
+ */
+static int bn_extract_to_array_512(const BIGNUM *b, unsigned int n,
+ UINT64 *array)
+{
+ int i;
+ UINT64 tmp;
+ unsigned char bn_buff[64];
+ memset(bn_buff, 0, 64);
+ if (BN_num_bytes(b) > 64) {
+ printf("Can't support this byte size\n");
+ return 0;
+ }
+ if (BN_num_bytes(b) != 0) {
+ if (!BN_bn2bin(b, bn_buff + (64 - BN_num_bytes(b)))) {
+ printf("Error's in bn2bin\n");
+ /* We have to error, here */
+ return 0;
+ }
+ }
+ while (n-- > 0) {
+ array[n] = 0;
+ for (i = 7; i >= 0; i--) {
+ tmp = bn_buff[63 - (n * 8 + i)];
+ array[n] |= tmp << (8 * i);
+ }
+ }
+ return 1;
+}
+
+/* Init a 512-bit BIGNUM from the UINT64*_ (8 * 64) interleaved array */
+static int interleaved_array_to_bn_512(BIGNUM *b, UINT64 *array)
+{
+ unsigned char tmp[64];
+ int n = 8;
+ int i;
+ while (n-- > 0) {
+ for (i = 7; i >= 0; i--) {
+ tmp[63 - (n * 8 + i)] = (unsigned char)(array[n] >> (8 * i));
+ }}
+ BN_bin2bn(tmp, 64, b);
+ return 0;
+}
+
+/* The main 512bit precompute call */
+static int mod_exp_pre_compute_data_512(UINT64 *m, struct mod_ctx_512 *data)
+{
+ BIGNUM two_768, two_640, two_128, two_512, tmp, _m, tmp2;
+
+ /* We need a BN_CTX for the modulo functions */
+ BN_CTX *ctx;
+ /* Some tmps */
+ UINT64 _t[8];
+ int i, j, ret = 0;
+
+ /* Init _m with m */
+ BN_init(&_m);
+ interleaved_array_to_bn_512(&_m, m);
+ memset(_t, 0, 64);
+
+ /* Inits */
+ BN_init(&two_768);
+ BN_init(&two_640);
+ BN_init(&two_128);
+ BN_init(&two_512);
+ BN_init(&tmp);
+ BN_init(&tmp2);
+
+ /* Create our context */
+ if ((ctx = BN_CTX_new()) == NULL) {
+ goto err;
+ }
+ BN_CTX_start(ctx);
+
+ /*
+ * For production, if you care, these only need to be set once,
+ * and may be made constants.
+ */
+ BN_lshift(&two_768, BN_value_one(), 768);
+ BN_lshift(&two_640, BN_value_one(), 640);
+ BN_lshift(&two_128, BN_value_one(), 128);
+ BN_lshift(&two_512, BN_value_one(), 512);
+
+ if (0 == (m[7] & 0x8000000000000000)) {
+ goto err;
+ }
+ if (0 == (m[0] & 0x1)) { /* Odd modulus required for Mont */
+ goto err;
+ }
+
+ /* Precompute m1 */
+ BN_mod(&tmp, &two_768, &_m, ctx);
+ if (!bn_extract_to_array_512(&tmp, 8, &data->m1[0])) {
+ goto err;
+ }
+
+ /* Precompute m2 */
+ BN_mod(&tmp, &two_640, &_m, ctx);
+ if (!bn_extract_to_array_512(&tmp, 8, &data->m2[0])) {
+ goto err;
+ }
+
+ /*
+ * Precompute k1, a 128b number = ((-1)* m-1 ) mod 2128; k1 should
+ * be non-negative.
+ */
+ BN_mod_inverse(&tmp, &_m, &two_128, ctx);
+ if (!BN_is_zero(&tmp)) {
+ BN_sub(&tmp, &two_128, &tmp);
+ }
+ if (!bn_extract_to_array_512(&tmp, 2, &data->k1[0])) {
+ goto err;
+ }
+
+ /* Precompute t */
+ for (i = 0; i < 8; i++) {
+ BN_zero(&tmp);
+ if (i & 1) {
+ BN_add(&tmp, &two_512, &tmp);
+ }
+ if (i & 2) {
+ BN_add(&tmp, &two_512, &tmp);
+ }
+ if (i & 4) {
+ BN_add(&tmp, &two_640, &tmp);
+ }
+
+ BN_nnmod(&tmp2, &tmp, &_m, ctx);
+ if (!bn_extract_to_array_512(&tmp2, 8, _t)) {
+ goto err;
+ }
+ for (j = 0; j < 8; j++)
+ data->t[j][i] = _t[j];
+ }
+
+ /* Precompute m */
+ for (i = 0; i < 8; i++) {
+ data->m[i] = m[i];
+ }
+
+ ret = 1;
+
+ err:
+ /* Cleanup */
+ if (ctx != NULL) {
+ BN_CTX_end(ctx);
+ BN_CTX_free(ctx);
+ }
+ BN_free(&two_768);
+ BN_free(&two_640);
+ BN_free(&two_128);
+ BN_free(&two_512);
+ BN_free(&tmp);
+ BN_free(&tmp2);
+ BN_free(&_m);
+
+ return ret;
+}
+
+static int e_rsax_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa,
+ BN_CTX *ctx)
+{
+ BIGNUM *r1, *m1, *vrfy;
+ BIGNUM local_dmp1, local_dmq1, local_c, local_r1;
+ BIGNUM *dmp1, *dmq1, *c, *pr1;
+ int ret = 0;
+
+ BN_CTX_start(ctx);
+ r1 = BN_CTX_get(ctx);
+ m1 = BN_CTX_get(ctx);
+ vrfy = BN_CTX_get(ctx);
+
+ {
+ BIGNUM local_p, local_q;
+ BIGNUM *p = NULL, *q = NULL;
+ int error = 0;
+
+ /*
+ * Make sure BN_mod_inverse in Montgomery intialization uses the
+ * BN_FLG_CONSTTIME flag (unless RSA_FLAG_NO_CONSTTIME is set)
+ */
+ if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
+ BN_init(&local_p);
+ p = &local_p;
+ BN_with_flags(p, rsa->p, BN_FLG_CONSTTIME);
+
+ BN_init(&local_q);
+ q = &local_q;
+ BN_with_flags(q, rsa->q, BN_FLG_CONSTTIME);
+ } else {
+ p = rsa->p;
+ q = rsa->q;
+ }
+
+ if (rsa->flags & RSA_FLAG_CACHE_PRIVATE) {
+ if (!BN_MONT_CTX_set_locked
+ (&rsa->_method_mod_p, CRYPTO_LOCK_RSA, p, ctx))
+ error = 1;
+ if (!BN_MONT_CTX_set_locked
+ (&rsa->_method_mod_q, CRYPTO_LOCK_RSA, q, ctx))
+ error = 1;
+ }
+
+ /* clean up */
+ if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
+ BN_free(&local_p);
+ BN_free(&local_q);
+ }
+ if (error)
+ goto err;
+ }
+
+ if (rsa->flags & RSA_FLAG_CACHE_PUBLIC)
+ if (!BN_MONT_CTX_set_locked
+ (&rsa->_method_mod_n, CRYPTO_LOCK_RSA, rsa->n, ctx))
+ goto err;
+
+ /* compute I mod q */
+ if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
+ c = &local_c;
+ BN_with_flags(c, I, BN_FLG_CONSTTIME);
+ if (!BN_mod(r1, c, rsa->q, ctx))
+ goto err;
+ } else {
+ if (!BN_mod(r1, I, rsa->q, ctx))
+ goto err;
+ }
+
+ /* compute r1^dmq1 mod q */
+ if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
+ dmq1 = &local_dmq1;
+ BN_with_flags(dmq1, rsa->dmq1, BN_FLG_CONSTTIME);
+ } else
+ dmq1 = rsa->dmq1;
+
+ if (!e_rsax_bn_mod_exp(m1, r1, dmq1, rsa->q, ctx,
+ rsa->_method_mod_q, e_rsax_get_ctx(rsa, 0,
+ rsa->q)))
+ goto err;
+
+ /* compute I mod p */
+ if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
+ c = &local_c;
+ BN_with_flags(c, I, BN_FLG_CONSTTIME);
+ if (!BN_mod(r1, c, rsa->p, ctx))
+ goto err;
+ } else {
+ if (!BN_mod(r1, I, rsa->p, ctx))
+ goto err;
+ }
+
+ /* compute r1^dmp1 mod p */
+ if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
+ dmp1 = &local_dmp1;
+ BN_with_flags(dmp1, rsa->dmp1, BN_FLG_CONSTTIME);
+ } else
+ dmp1 = rsa->dmp1;
+
+ if (!e_rsax_bn_mod_exp(r0, r1, dmp1, rsa->p, ctx,
+ rsa->_method_mod_p, e_rsax_get_ctx(rsa, 1,
+ rsa->p)))
+ goto err;
+
+ if (!BN_sub(r0, r0, m1))
+ goto err;
+ /*
+ * This will help stop the size of r0 increasing, which does affect the
+ * multiply if it optimised for a power of 2 size
+ */
+ if (BN_is_negative(r0))
+ if (!BN_add(r0, r0, rsa->p))
+ goto err;
+
+ if (!BN_mul(r1, r0, rsa->iqmp, ctx))
+ goto err;
+
+ /* Turn BN_FLG_CONSTTIME flag on before division operation */
+ if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
+ pr1 = &local_r1;
+ BN_with_flags(pr1, r1, BN_FLG_CONSTTIME);
+ } else
+ pr1 = r1;
+ if (!BN_mod(r0, pr1, rsa->p, ctx))
+ goto err;
+
+ /*
+ * If p < q it is occasionally possible for the correction of adding 'p'
+ * if r0 is negative above to leave the result still negative. This can
+ * break the private key operations: the following second correction
+ * should *always* correct this rare occurrence. This will *never* happen
+ * with OpenSSL generated keys because they ensure p > q [steve]
+ */
+ if (BN_is_negative(r0))
+ if (!BN_add(r0, r0, rsa->p))
+ goto err;
+ if (!BN_mul(r1, r0, rsa->q, ctx))
+ goto err;
+ if (!BN_add(r0, r1, m1))
+ goto err;
+
+ if (rsa->e && rsa->n) {
+ if (!e_rsax_bn_mod_exp
+ (vrfy, r0, rsa->e, rsa->n, ctx, rsa->_method_mod_n,
+ e_rsax_get_ctx(rsa, 2, rsa->n)))
+ goto err;
+
+ /*
+ * If 'I' was greater than (or equal to) rsa->n, the operation will
+ * be equivalent to using 'I mod n'. However, the result of the
+ * verify will *always* be less than 'n' so we don't check for
+ * absolute equality, just congruency.
+ */
+ if (!BN_sub(vrfy, vrfy, I))
+ goto err;
+ if (!BN_mod(vrfy, vrfy, rsa->n, ctx))
+ goto err;
+ if (BN_is_negative(vrfy))
+ if (!BN_add(vrfy, vrfy, rsa->n))
+ goto err;
+ if (!BN_is_zero(vrfy)) {
+ /*
+ * 'I' and 'vrfy' aren't congruent mod n. Don't leak
+ * miscalculated CRT output, just do a raw (slower) mod_exp and
+ * return that instead.
+ */
+
+ BIGNUM local_d;
+ BIGNUM *d = NULL;
+
+ if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
+ d = &local_d;
+ BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME);
+ } else
+ d = rsa->d;
+ if (!e_rsax_bn_mod_exp(r0, I, d, rsa->n, ctx,
+ rsa->_method_mod_n, e_rsax_get_ctx(rsa, 2,
+ rsa->n)))
+ goto err;
+ }
+ }
+ ret = 1;
+
+ err:
+ BN_CTX_end(ctx);
+
+ return ret;
+}
+# endif /* !OPENSSL_NO_RSA */
+#endif /* !COMPILE_RSAX */
Modified: trunk/crypto/openssl/crypto/engine/eng_table.c
===================================================================
--- trunk/crypto/openssl/crypto/engine/eng_table.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/engine/eng_table.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -71,11 +71,18 @@
int uptodate;
} ENGINE_PILE;
+DECLARE_LHASH_OF(ENGINE_PILE);
+
/* The type exposed in eng_int.h */
struct st_engine_table {
- LHASH piles;
+ LHASH_OF(ENGINE_PILE) piles;
}; /* ENGINE_TABLE */
+typedef struct st_engine_pile_doall {
+ engine_table_doall_cb *cb;
+ void *arg;
+} ENGINE_PILE_DOALL;
+
/* Global flags (ENGINE_TABLE_FLAG_***). */
static unsigned int table_flags = 0;
@@ -101,17 +108,18 @@
return a->nid - b->nid;
}
-static IMPLEMENT_LHASH_HASH_FN(engine_pile_hash, const ENGINE_PILE *)
-static IMPLEMENT_LHASH_COMP_FN(engine_pile_cmp, const ENGINE_PILE *)
+static IMPLEMENT_LHASH_HASH_FN(engine_pile, ENGINE_PILE)
+static IMPLEMENT_LHASH_COMP_FN(engine_pile, ENGINE_PILE)
+
static int int_table_check(ENGINE_TABLE **t, int create)
{
- LHASH *lh;
+ LHASH_OF(ENGINE_PILE) *lh;
+
if (*t)
return 1;
if (!create)
return 0;
- if ((lh = lh_new(LHASH_HASH_FN(engine_pile_hash),
- LHASH_COMP_FN(engine_pile_cmp))) == NULL)
+ if ((lh = lh_ENGINE_PILE_new()) == NULL)
return 0;
*t = (ENGINE_TABLE *)lh;
return 1;
@@ -137,7 +145,7 @@
engine_cleanup_add_first(cleanup);
while (num_nids--) {
tmplate.nid = *nids;
- fnd = lh_retrieve(&(*table)->piles, &tmplate);
+ fnd = lh_ENGINE_PILE_retrieve(&(*table)->piles, &tmplate);
if (!fnd) {
fnd = OPENSSL_malloc(sizeof(ENGINE_PILE));
if (!fnd)
@@ -150,7 +158,7 @@
goto end;
}
fnd->funct = NULL;
- lh_insert(&(*table)->piles, fnd);
+ (void)lh_ENGINE_PILE_insert(&(*table)->piles, fnd);
}
/* A registration shouldn't add duplciate entries */
(void)sk_ENGINE_delete_ptr(fnd->sk, e);
@@ -180,7 +188,7 @@
return ret;
}
-static void int_unregister_cb(ENGINE_PILE *pile, ENGINE *e)
+static void int_unregister_cb_doall_arg(ENGINE_PILE *pile, ENGINE *e)
{
int n;
/* Iterate the 'c->sk' stack removing any occurance of 'e' */
@@ -194,18 +202,19 @@
}
}
-static IMPLEMENT_LHASH_DOALL_ARG_FN(int_unregister_cb, ENGINE_PILE *,
- ENGINE *)
+static IMPLEMENT_LHASH_DOALL_ARG_FN(int_unregister_cb, ENGINE_PILE, ENGINE)
+
void engine_table_unregister(ENGINE_TABLE **table, ENGINE *e)
{
CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
if (int_table_check(table, 0))
- lh_doall_arg(&(*table)->piles,
- LHASH_DOALL_ARG_FN(int_unregister_cb), e);
+ lh_ENGINE_PILE_doall_arg(&(*table)->piles,
+ LHASH_DOALL_ARG_FN(int_unregister_cb),
+ ENGINE, e);
CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
}
-static void int_cleanup_cb(ENGINE_PILE *p)
+static void int_cleanup_cb_doall(ENGINE_PILE *p)
{
sk_ENGINE_free(p->sk);
if (p->funct)
@@ -213,13 +222,15 @@
OPENSSL_free(p);
}
-static IMPLEMENT_LHASH_DOALL_FN(int_cleanup_cb, ENGINE_PILE *)
+static IMPLEMENT_LHASH_DOALL_FN(int_cleanup_cb, ENGINE_PILE)
+
void engine_table_cleanup(ENGINE_TABLE **table)
{
CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
if (*table) {
- lh_doall(&(*table)->piles, LHASH_DOALL_FN(int_cleanup_cb));
- lh_free(&(*table)->piles);
+ lh_ENGINE_PILE_doall(&(*table)->piles,
+ LHASH_DOALL_FN(int_cleanup_cb));
+ lh_ENGINE_PILE_free(&(*table)->piles);
*table = NULL;
}
CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
@@ -253,7 +264,7 @@
if (!int_table_check(table, 0))
goto end;
tmplate.nid = nid;
- fnd = lh_retrieve(&(*table)->piles, &tmplate);
+ fnd = lh_ENGINE_PILE_retrieve(&(*table)->piles, &tmplate);
if (!fnd)
goto end;
if (fnd->funct && engine_unlocked_init(fnd->funct)) {
@@ -324,3 +335,24 @@
ERR_pop_to_mark();
return ret;
}
+
+/* Table enumeration */
+
+static void int_cb_doall_arg(ENGINE_PILE *pile, ENGINE_PILE_DOALL *dall)
+{
+ dall->cb(pile->nid, pile->sk, pile->funct, dall->arg);
+}
+
+static IMPLEMENT_LHASH_DOALL_ARG_FN(int_cb, ENGINE_PILE, ENGINE_PILE_DOALL)
+
+void engine_table_doall(ENGINE_TABLE *table, engine_table_doall_cb *cb,
+ void *arg)
+{
+ ENGINE_PILE_DOALL dall;
+ dall.cb = cb;
+ dall.arg = arg;
+ if (table)
+ lh_ENGINE_PILE_doall_arg(&table->piles,
+ LHASH_DOALL_ARG_FN(int_cb),
+ ENGINE_PILE_DOALL, &dall);
+}
Modified: trunk/crypto/openssl/crypto/engine/engine.h
===================================================================
--- trunk/crypto/openssl/crypto/engine/engine.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/engine/engine.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -89,16 +89,15 @@
# include <openssl/ecdsa.h>
# endif
# include <openssl/rand.h>
-# include <openssl/store.h>
# include <openssl/ui.h>
# include <openssl/err.h>
# endif
-# include <openssl/x509.h>
-
# include <openssl/ossl_typ.h>
# include <openssl/symhacks.h>
+# include <openssl/x509.h>
+
#ifdef __cplusplus
extern "C" {
#endif
@@ -116,6 +115,8 @@
# define ENGINE_METHOD_CIPHERS (unsigned int)0x0040
# define ENGINE_METHOD_DIGESTS (unsigned int)0x0080
# define ENGINE_METHOD_STORE (unsigned int)0x0100
+# define ENGINE_METHOD_PKEY_METHS (unsigned int)0x0200
+# define ENGINE_METHOD_PKEY_ASN1_METHS (unsigned int)0x0400
/* Obvious all-or-nothing cases. */
# define ENGINE_METHOD_ALL (unsigned int)0xFFFF
# define ENGINE_METHOD_NONE (unsigned int)0x0000
@@ -153,6 +154,14 @@
# define ENGINE_FLAGS_BY_ID_COPY (int)0x0004
/*
+ * This flag if for an ENGINE that does not want its methods registered as
+ * part of ENGINE_register_all_complete() for example if the methods are not
+ * usable as default methods.
+ */
+
+# define ENGINE_FLAGS_NO_REGISTER_ALL (int)0x0008
+
+/*
* ENGINEs can support their own command types, and these flags are used in
* ENGINE_CTRL_GET_CMD_FLAGS to indicate to the caller what kind of input
* each command expects. Currently only numeric and string input is
@@ -354,7 +363,10 @@
const int **, int);
typedef int (*ENGINE_DIGESTS_PTR) (ENGINE *, const EVP_MD **, const int **,
int);
-
+typedef int (*ENGINE_PKEY_METHS_PTR) (ENGINE *, EVP_PKEY_METHOD **,
+ const int **, int);
+typedef int (*ENGINE_PKEY_ASN1_METHS_PTR) (ENGINE *, EVP_PKEY_ASN1_METHOD **,
+ const int **, int);
/*
* STRUCTURE functions ... all of these functions deal with pointers to
* ENGINE structures where the pointers have a "structural reference". This
@@ -388,20 +400,21 @@
void ENGINE_load_atalla(void);
void ENGINE_load_chil(void);
void ENGINE_load_cswift(void);
-# ifndef OPENSSL_NO_GMP
-void ENGINE_load_gmp(void);
-# endif
void ENGINE_load_nuron(void);
void ENGINE_load_sureware(void);
void ENGINE_load_ubsec(void);
-# ifdef OPENSSL_SYS_WIN32
-# ifndef OPENSSL_NO_CAPIENG
+void ENGINE_load_padlock(void);
void ENGINE_load_capi(void);
-# endif
+# ifndef OPENSSL_NO_GMP
+void ENGINE_load_gmp(void);
# endif
+# ifndef OPENSSL_NO_GOST
+void ENGINE_load_gost(void);
+# endif
# endif
void ENGINE_load_cryptodev(void);
-void ENGINE_load_padlock(void);
+void ENGINE_load_rsax(void);
+void ENGINE_load_rdrand(void);
void ENGINE_load_builtin_engines(void);
/*
@@ -456,6 +469,14 @@
void ENGINE_unregister_digests(ENGINE *e);
void ENGINE_register_all_digests(void);
+int ENGINE_register_pkey_meths(ENGINE *e);
+void ENGINE_unregister_pkey_meths(ENGINE *e);
+void ENGINE_register_all_pkey_meths(void);
+
+int ENGINE_register_pkey_asn1_meths(ENGINE *e);
+void ENGINE_unregister_pkey_asn1_meths(ENGINE *e);
+void ENGINE_register_all_pkey_asn1_meths(void);
+
/*
* These functions register all support from the above categories. Note, use
* of these functions can result in static linkage of code your application
@@ -551,6 +572,8 @@
loadssl_f);
int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+int ENGINE_set_pkey_meths(ENGINE *e, ENGINE_PKEY_METHS_PTR f);
+int ENGINE_set_pkey_asn1_meths(ENGINE *e, ENGINE_PKEY_ASN1_METHS_PTR f);
int ENGINE_set_flags(ENGINE *e, int flags);
int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
/* These functions allow control over any per-structure ENGINE data. */
@@ -593,8 +616,18 @@
*e);
ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ENGINE_PKEY_METHS_PTR ENGINE_get_pkey_meths(const ENGINE *e);
+ENGINE_PKEY_ASN1_METHS_PTR ENGINE_get_pkey_asn1_meths(const ENGINE *e);
const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+const EVP_PKEY_METHOD *ENGINE_get_pkey_meth(ENGINE *e, int nid);
+const EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth(ENGINE *e, int nid);
+const EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth_str(ENGINE *e,
+ const char *str,
+ int len);
+const EVP_PKEY_ASN1_METHOD *ENGINE_pkey_asn1_find_str(ENGINE **pe,
+ const char *str,
+ int len);
const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
int ENGINE_get_flags(const ENGINE *e);
@@ -657,6 +690,8 @@
*/
ENGINE *ENGINE_get_cipher_engine(int nid);
ENGINE *ENGINE_get_digest_engine(int nid);
+ENGINE *ENGINE_get_pkey_meth_engine(int nid);
+ENGINE *ENGINE_get_pkey_asn1_meth_engine(int nid);
/*
* This sets a new default ENGINE structure for performing RSA operations. If
@@ -674,6 +709,8 @@
int ENGINE_set_default_RAND(ENGINE *e);
int ENGINE_set_default_ciphers(ENGINE *e);
int ENGINE_set_default_digests(ENGINE *e);
+int ENGINE_set_default_pkey_meths(ENGINE *e);
+int ENGINE_set_default_pkey_asn1_meths(ENGINE *e);
/*
* The combination "set" - the flags are bitwise "OR"d from the
@@ -762,6 +799,7 @@
*/
typedef unsigned long (*dynamic_v_check_fn) (unsigned long ossl_version);
# define IMPLEMENT_DYNAMIC_CHECK_FN() \
+ OPENSSL_EXPORT unsigned long v_check(unsigned long v); \
OPENSSL_EXPORT unsigned long v_check(unsigned long v) { \
if(v >= OSSL_DYNAMIC_OLDEST) return OSSL_DYNAMIC_VERSION; \
return 0; }
@@ -788,6 +826,8 @@
const dynamic_fns *fns);
# define IMPLEMENT_DYNAMIC_BIND_FN(fn) \
OPENSSL_EXPORT \
+ int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns); \
+ OPENSSL_EXPORT \
int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns) { \
if(ENGINE_get_static_state() == fns->static_state) goto skip_cbs; \
if(!CRYPTO_set_mem_functions(fns->mem_fns.malloc_cb, \
@@ -818,7 +858,7 @@
*/
void *ENGINE_get_static_state(void);
-# if defined(__OpenBSD__) || defined(__FreeBSD__)
+# if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV)
void ENGINE_setup_bsd_cryptodev(void);
# endif
@@ -848,6 +888,8 @@
# define ENGINE_F_ENGINE_GET_DEFAULT_TYPE 177
# define ENGINE_F_ENGINE_GET_DIGEST 186
# define ENGINE_F_ENGINE_GET_NEXT 115
+# define ENGINE_F_ENGINE_GET_PKEY_ASN1_METH 193
+# define ENGINE_F_ENGINE_GET_PKEY_METH 192
# define ENGINE_F_ENGINE_GET_PREV 116
# define ENGINE_F_ENGINE_INIT 119
# define ENGINE_F_ENGINE_LIST_ADD 120
@@ -854,7 +896,7 @@
# define ENGINE_F_ENGINE_LIST_REMOVE 121
# define ENGINE_F_ENGINE_LOAD_PRIVATE_KEY 150
# define ENGINE_F_ENGINE_LOAD_PUBLIC_KEY 151
-# define ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT 192
+# define ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT 194
# define ENGINE_F_ENGINE_NEW 122
# define ENGINE_F_ENGINE_REMOVE 123
# define ENGINE_F_ENGINE_SET_DEFAULT_STRING 189
@@ -883,7 +925,7 @@
# define ENGINE_R_DSO_FAILURE 104
# define ENGINE_R_DSO_NOT_FOUND 132
# define ENGINE_R_ENGINES_SECTION_ERROR 148
-# define ENGINE_R_ENGINE_CONFIGURATION_ERROR 101
+# define ENGINE_R_ENGINE_CONFIGURATION_ERROR 102
# define ENGINE_R_ENGINE_IS_NOT_IN_LIST 105
# define ENGINE_R_ENGINE_SECTION_ERROR 149
# define ENGINE_R_FAILED_LOADING_PRIVATE_KEY 128
@@ -910,6 +952,7 @@
# define ENGINE_R_RSA_NOT_IMPLEMENTED 141
# define ENGINE_R_UNIMPLEMENTED_CIPHER 146
# define ENGINE_R_UNIMPLEMENTED_DIGEST 147
+# define ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD 101
# define ENGINE_R_VERSION_INCOMPATIBILITY 145
#ifdef __cplusplus
Modified: trunk/crypto/openssl/crypto/engine/enginetest.c
===================================================================
--- trunk/crypto/openssl/crypto/engine/enginetest.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/engine/enginetest.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -262,7 +262,7 @@
ENGINE_cleanup();
CRYPTO_cleanup_all_ex_data();
ERR_free_strings();
- ERR_remove_state(0);
+ ERR_remove_thread_state(NULL);
CRYPTO_mem_leaks_fp(stderr);
return to_return;
}
Copied: trunk/crypto/openssl/crypto/engine/tb_asnmth.c (from rev 7117, vendor-crypto/openssl/dist/crypto/engine/tb_asnmth.c)
===================================================================
--- trunk/crypto/openssl/crypto/engine/tb_asnmth.c (rev 0)
+++ trunk/crypto/openssl/crypto/engine/tb_asnmth.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,246 @@
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include "eng_int.h"
+#include "asn1_locl.h"
+#include <openssl/evp.h>
+
+/*
+ * If this symbol is defined then ENGINE_get_pkey_asn1_meth_engine(), the
+ * function that is used by EVP to hook in pkey_asn1_meth code and cache
+ * defaults (etc), will display brief debugging summaries to stderr with the
+ * 'nid'.
+ */
+/* #define ENGINE_PKEY_ASN1_METH_DEBUG */
+
+static ENGINE_TABLE *pkey_asn1_meth_table = NULL;
+
+void ENGINE_unregister_pkey_asn1_meths(ENGINE *e)
+{
+ engine_table_unregister(&pkey_asn1_meth_table, e);
+}
+
+static void engine_unregister_all_pkey_asn1_meths(void)
+{
+ engine_table_cleanup(&pkey_asn1_meth_table);
+}
+
+int ENGINE_register_pkey_asn1_meths(ENGINE *e)
+{
+ if (e->pkey_asn1_meths) {
+ const int *nids;
+ int num_nids = e->pkey_asn1_meths(e, NULL, &nids, 0);
+ if (num_nids > 0)
+ return engine_table_register(&pkey_asn1_meth_table,
+ engine_unregister_all_pkey_asn1_meths,
+ e, nids, num_nids, 0);
+ }
+ return 1;
+}
+
+void ENGINE_register_all_pkey_asn1_meths(void)
+{
+ ENGINE *e;
+
+ for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
+ ENGINE_register_pkey_asn1_meths(e);
+}
+
+int ENGINE_set_default_pkey_asn1_meths(ENGINE *e)
+{
+ if (e->pkey_asn1_meths) {
+ const int *nids;
+ int num_nids = e->pkey_asn1_meths(e, NULL, &nids, 0);
+ if (num_nids > 0)
+ return engine_table_register(&pkey_asn1_meth_table,
+ engine_unregister_all_pkey_asn1_meths,
+ e, nids, num_nids, 1);
+ }
+ return 1;
+}
+
+/*
+ * Exposed API function to get a functional reference from the implementation
+ * table (ie. try to get a functional reference from the tabled structural
+ * references) for a given pkey_asn1_meth 'nid'
+ */
+ENGINE *ENGINE_get_pkey_asn1_meth_engine(int nid)
+{
+ return engine_table_select(&pkey_asn1_meth_table, nid);
+}
+
+/*
+ * Obtains a pkey_asn1_meth implementation from an ENGINE functional
+ * reference
+ */
+const EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth(ENGINE *e, int nid)
+{
+ EVP_PKEY_ASN1_METHOD *ret;
+ ENGINE_PKEY_ASN1_METHS_PTR fn = ENGINE_get_pkey_asn1_meths(e);
+ if (!fn || !fn(e, &ret, NULL, nid)) {
+ ENGINEerr(ENGINE_F_ENGINE_GET_PKEY_ASN1_METH,
+ ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD);
+ return NULL;
+ }
+ return ret;
+}
+
+/* Gets the pkey_asn1_meth callback from an ENGINE structure */
+ENGINE_PKEY_ASN1_METHS_PTR ENGINE_get_pkey_asn1_meths(const ENGINE *e)
+{
+ return e->pkey_asn1_meths;
+}
+
+/* Sets the pkey_asn1_meth callback in an ENGINE structure */
+int ENGINE_set_pkey_asn1_meths(ENGINE *e, ENGINE_PKEY_ASN1_METHS_PTR f)
+{
+ e->pkey_asn1_meths = f;
+ return 1;
+}
+
+/*
+ * Internal function to free up EVP_PKEY_ASN1_METHOD structures before an
+ * ENGINE is destroyed
+ */
+
+void engine_pkey_asn1_meths_free(ENGINE *e)
+{
+ int i;
+ EVP_PKEY_ASN1_METHOD *pkm;
+ if (e->pkey_asn1_meths) {
+ const int *pknids;
+ int npknids;
+ npknids = e->pkey_asn1_meths(e, NULL, &pknids, 0);
+ for (i = 0; i < npknids; i++) {
+ if (e->pkey_asn1_meths(e, &pkm, NULL, pknids[i])) {
+ EVP_PKEY_asn1_free(pkm);
+ }
+ }
+ }
+}
+
+/*
+ * Find a method based on a string. This does a linear search through all
+ * implemented algorithms. This is OK in practice because only a small number
+ * of algorithms are likely to be implemented in an engine and it is not used
+ * for speed critical operations.
+ */
+
+const EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth_str(ENGINE *e,
+ const char *str,
+ int len)
+{
+ int i, nidcount;
+ const int *nids;
+ EVP_PKEY_ASN1_METHOD *ameth;
+ if (!e->pkey_asn1_meths)
+ return NULL;
+ if (len == -1)
+ len = strlen(str);
+ nidcount = e->pkey_asn1_meths(e, NULL, &nids, 0);
+ for (i = 0; i < nidcount; i++) {
+ e->pkey_asn1_meths(e, &ameth, NULL, nids[i]);
+ if (((int)strlen(ameth->pem_str) == len) &&
+ !strncasecmp(ameth->pem_str, str, len))
+ return ameth;
+ }
+ return NULL;
+}
+
+typedef struct {
+ ENGINE *e;
+ const EVP_PKEY_ASN1_METHOD *ameth;
+ const char *str;
+ int len;
+} ENGINE_FIND_STR;
+
+static void look_str_cb(int nid, STACK_OF(ENGINE) *sk, ENGINE *def, void *arg)
+{
+ ENGINE_FIND_STR *lk = arg;
+ int i;
+ if (lk->ameth)
+ return;
+ for (i = 0; i < sk_ENGINE_num(sk); i++) {
+ ENGINE *e = sk_ENGINE_value(sk, i);
+ EVP_PKEY_ASN1_METHOD *ameth;
+ e->pkey_asn1_meths(e, &ameth, NULL, nid);
+ if (((int)strlen(ameth->pem_str) == lk->len) &&
+ !strncasecmp(ameth->pem_str, lk->str, lk->len)) {
+ lk->e = e;
+ lk->ameth = ameth;
+ return;
+ }
+ }
+}
+
+const EVP_PKEY_ASN1_METHOD *ENGINE_pkey_asn1_find_str(ENGINE **pe,
+ const char *str,
+ int len)
+{
+ ENGINE_FIND_STR fstr;
+ fstr.e = NULL;
+ fstr.ameth = NULL;
+ fstr.str = str;
+ fstr.len = len;
+ CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+ engine_table_doall(pkey_asn1_meth_table, look_str_cb, &fstr);
+ /* If found obtain a structural reference to engine */
+ if (fstr.e) {
+ fstr.e->struct_ref++;
+ engine_ref_debug(fstr.e, 0, 1)
+ }
+ *pe = fstr.e;
+ CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+ return fstr.ameth;
+}
Copied: trunk/crypto/openssl/crypto/engine/tb_pkmeth.c (from rev 7117, vendor-crypto/openssl/dist/crypto/engine/tb_pkmeth.c)
===================================================================
--- trunk/crypto/openssl/crypto/engine/tb_pkmeth.c (rev 0)
+++ trunk/crypto/openssl/crypto/engine/tb_pkmeth.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,166 @@
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include "eng_int.h"
+#include <openssl/evp.h>
+
+/*
+ * If this symbol is defined then ENGINE_get_pkey_meth_engine(), the function
+ * that is used by EVP to hook in pkey_meth code and cache defaults (etc),
+ * will display brief debugging summaries to stderr with the 'nid'.
+ */
+/* #define ENGINE_PKEY_METH_DEBUG */
+
+static ENGINE_TABLE *pkey_meth_table = NULL;
+
+void ENGINE_unregister_pkey_meths(ENGINE *e)
+{
+ engine_table_unregister(&pkey_meth_table, e);
+}
+
+static void engine_unregister_all_pkey_meths(void)
+{
+ engine_table_cleanup(&pkey_meth_table);
+}
+
+int ENGINE_register_pkey_meths(ENGINE *e)
+{
+ if (e->pkey_meths) {
+ const int *nids;
+ int num_nids = e->pkey_meths(e, NULL, &nids, 0);
+ if (num_nids > 0)
+ return engine_table_register(&pkey_meth_table,
+ engine_unregister_all_pkey_meths, e,
+ nids, num_nids, 0);
+ }
+ return 1;
+}
+
+void ENGINE_register_all_pkey_meths()
+{
+ ENGINE *e;
+
+ for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
+ ENGINE_register_pkey_meths(e);
+}
+
+int ENGINE_set_default_pkey_meths(ENGINE *e)
+{
+ if (e->pkey_meths) {
+ const int *nids;
+ int num_nids = e->pkey_meths(e, NULL, &nids, 0);
+ if (num_nids > 0)
+ return engine_table_register(&pkey_meth_table,
+ engine_unregister_all_pkey_meths, e,
+ nids, num_nids, 1);
+ }
+ return 1;
+}
+
+/*
+ * Exposed API function to get a functional reference from the implementation
+ * table (ie. try to get a functional reference from the tabled structural
+ * references) for a given pkey_meth 'nid'
+ */
+ENGINE *ENGINE_get_pkey_meth_engine(int nid)
+{
+ return engine_table_select(&pkey_meth_table, nid);
+}
+
+/* Obtains a pkey_meth implementation from an ENGINE functional reference */
+const EVP_PKEY_METHOD *ENGINE_get_pkey_meth(ENGINE *e, int nid)
+{
+ EVP_PKEY_METHOD *ret;
+ ENGINE_PKEY_METHS_PTR fn = ENGINE_get_pkey_meths(e);
+ if (!fn || !fn(e, &ret, NULL, nid)) {
+ ENGINEerr(ENGINE_F_ENGINE_GET_PKEY_METH,
+ ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD);
+ return NULL;
+ }
+ return ret;
+}
+
+/* Gets the pkey_meth callback from an ENGINE structure */
+ENGINE_PKEY_METHS_PTR ENGINE_get_pkey_meths(const ENGINE *e)
+{
+ return e->pkey_meths;
+}
+
+/* Sets the pkey_meth callback in an ENGINE structure */
+int ENGINE_set_pkey_meths(ENGINE *e, ENGINE_PKEY_METHS_PTR f)
+{
+ e->pkey_meths = f;
+ return 1;
+}
+
+/*
+ * Internal function to free up EVP_PKEY_METHOD structures before an ENGINE
+ * is destroyed
+ */
+
+void engine_pkey_meths_free(ENGINE *e)
+{
+ int i;
+ EVP_PKEY_METHOD *pkm;
+ if (e->pkey_meths) {
+ const int *pknids;
+ int npknids;
+ npknids = e->pkey_meths(e, NULL, &pknids, 0);
+ for (i = 0; i < npknids; i++) {
+ if (e->pkey_meths(e, &pkm, NULL, pknids[i])) {
+ EVP_PKEY_meth_free(pkm);
+ }
+ }
+ }
+}
Modified: trunk/crypto/openssl/crypto/err/Makefile
===================================================================
--- trunk/crypto/openssl/crypto/err/Makefile 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/err/Makefile 2015-07-21 23:23:45 UTC (rev 7118)
@@ -17,8 +17,8 @@
APPS=
LIB=$(TOP)/libcrypto.a
-LIBSRC=err.c err_def.c err_all.c err_prn.c err_str.c err_bio.c
-LIBOBJ=err.o err_def.o err_all.o err_prn.o err_str.o err_bio.o
+LIBSRC=err.c err_all.c err_prn.c
+LIBOBJ=err.o err_all.o err_prn.o
SRC= $(LIBSRC)
@@ -33,7 +33,7 @@
all: lib
lib: $(LIBOBJ)
- $(ARX) $(LIB) $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
@@ -61,6 +61,8 @@
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
+update: depend
+
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
@@ -83,13 +85,13 @@
err.o: ../cryptlib.h err.c
err_all.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
err_all.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-err_all.o: ../../include/openssl/comp.h ../../include/openssl/conf.h
-err_all.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
-err_all.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h
-err_all.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-err_all.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-err_all.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-err_all.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
+err_all.o: ../../include/openssl/cms.h ../../include/openssl/comp.h
+err_all.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+err_all.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+err_all.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+err_all.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+err_all.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+err_all.o: ../../include/openssl/err.h ../../include/openssl/evp.h
err_all.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
err_all.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h
err_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
@@ -98,23 +100,9 @@
err_all.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
err_all.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
err_all.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-err_all.o: ../../include/openssl/ui.h ../../include/openssl/x509.h
-err_all.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-err_all.o: err_all.c
-err_bio.o: ../../e_os.h ../../include/openssl/bio.h
-err_bio.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-err_bio.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-err_bio.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-err_bio.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-err_bio.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-err_bio.o: ../../include/openssl/symhacks.h ../cryptlib.h err_bio.c
-err_def.o: ../../e_os.h ../../include/openssl/bio.h
-err_def.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-err_def.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-err_def.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-err_def.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-err_def.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-err_def.o: ../../include/openssl/symhacks.h ../cryptlib.h err_def.c
+err_all.o: ../../include/openssl/ts.h ../../include/openssl/ui.h
+err_all.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+err_all.o: ../../include/openssl/x509v3.h err_all.c
err_prn.o: ../../e_os.h ../../include/openssl/bio.h
err_prn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
err_prn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
@@ -122,10 +110,3 @@
err_prn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
err_prn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
err_prn.o: ../../include/openssl/symhacks.h ../cryptlib.h err_prn.c
-err_str.o: ../../e_os.h ../../include/openssl/bio.h
-err_str.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-err_str.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-err_str.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-err_str.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-err_str.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-err_str.o: ../../include/openssl/symhacks.h ../cryptlib.h err_str.c
Modified: trunk/crypto/openssl/crypto/err/err.c
===================================================================
--- trunk/crypto/openssl/crypto/err/err.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/err/err.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -56,7 +56,7 @@
* [including the GNU Public Licence.]
*/
/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -119,10 +119,508 @@
#include <openssl/bio.h>
#include <openssl/err.h>
-static unsigned long get_error_values(int inc, int top,
- const char **file, int *line,
- const char **data, int *flags);
+DECLARE_LHASH_OF(ERR_STRING_DATA);
+DECLARE_LHASH_OF(ERR_STATE);
+static void err_load_strings(int lib, ERR_STRING_DATA *str);
+
+static void ERR_STATE_free(ERR_STATE *s);
+#ifndef OPENSSL_NO_ERR
+static ERR_STRING_DATA ERR_str_libraries[] = {
+ {ERR_PACK(ERR_LIB_NONE, 0, 0), "unknown library"},
+ {ERR_PACK(ERR_LIB_SYS, 0, 0), "system library"},
+ {ERR_PACK(ERR_LIB_BN, 0, 0), "bignum routines"},
+ {ERR_PACK(ERR_LIB_RSA, 0, 0), "rsa routines"},
+ {ERR_PACK(ERR_LIB_DH, 0, 0), "Diffie-Hellman routines"},
+ {ERR_PACK(ERR_LIB_EVP, 0, 0), "digital envelope routines"},
+ {ERR_PACK(ERR_LIB_BUF, 0, 0), "memory buffer routines"},
+ {ERR_PACK(ERR_LIB_OBJ, 0, 0), "object identifier routines"},
+ {ERR_PACK(ERR_LIB_PEM, 0, 0), "PEM routines"},
+ {ERR_PACK(ERR_LIB_DSA, 0, 0), "dsa routines"},
+ {ERR_PACK(ERR_LIB_X509, 0, 0), "x509 certificate routines"},
+ {ERR_PACK(ERR_LIB_ASN1, 0, 0), "asn1 encoding routines"},
+ {ERR_PACK(ERR_LIB_CONF, 0, 0), "configuration file routines"},
+ {ERR_PACK(ERR_LIB_CRYPTO, 0, 0), "common libcrypto routines"},
+ {ERR_PACK(ERR_LIB_EC, 0, 0), "elliptic curve routines"},
+ {ERR_PACK(ERR_LIB_SSL, 0, 0), "SSL routines"},
+ {ERR_PACK(ERR_LIB_BIO, 0, 0), "BIO routines"},
+ {ERR_PACK(ERR_LIB_PKCS7, 0, 0), "PKCS7 routines"},
+ {ERR_PACK(ERR_LIB_X509V3, 0, 0), "X509 V3 routines"},
+ {ERR_PACK(ERR_LIB_PKCS12, 0, 0), "PKCS12 routines"},
+ {ERR_PACK(ERR_LIB_RAND, 0, 0), "random number generator"},
+ {ERR_PACK(ERR_LIB_DSO, 0, 0), "DSO support routines"},
+ {ERR_PACK(ERR_LIB_TS, 0, 0), "time stamp routines"},
+ {ERR_PACK(ERR_LIB_ENGINE, 0, 0), "engine routines"},
+ {ERR_PACK(ERR_LIB_OCSP, 0, 0), "OCSP routines"},
+ {ERR_PACK(ERR_LIB_FIPS, 0, 0), "FIPS routines"},
+ {ERR_PACK(ERR_LIB_CMS, 0, 0), "CMS routines"},
+ {ERR_PACK(ERR_LIB_HMAC, 0, 0), "HMAC routines"},
+ {0, NULL},
+};
+
+static ERR_STRING_DATA ERR_str_functs[] = {
+ {ERR_PACK(0, SYS_F_FOPEN, 0), "fopen"},
+ {ERR_PACK(0, SYS_F_CONNECT, 0), "connect"},
+ {ERR_PACK(0, SYS_F_GETSERVBYNAME, 0), "getservbyname"},
+ {ERR_PACK(0, SYS_F_SOCKET, 0), "socket"},
+ {ERR_PACK(0, SYS_F_IOCTLSOCKET, 0), "ioctlsocket"},
+ {ERR_PACK(0, SYS_F_BIND, 0), "bind"},
+ {ERR_PACK(0, SYS_F_LISTEN, 0), "listen"},
+ {ERR_PACK(0, SYS_F_ACCEPT, 0), "accept"},
+# ifdef OPENSSL_SYS_WINDOWS
+ {ERR_PACK(0, SYS_F_WSASTARTUP, 0), "WSAstartup"},
+# endif
+ {ERR_PACK(0, SYS_F_OPENDIR, 0), "opendir"},
+ {ERR_PACK(0, SYS_F_FREAD, 0), "fread"},
+ {0, NULL},
+};
+
+static ERR_STRING_DATA ERR_str_reasons[] = {
+ {ERR_R_SYS_LIB, "system lib"},
+ {ERR_R_BN_LIB, "BN lib"},
+ {ERR_R_RSA_LIB, "RSA lib"},
+ {ERR_R_DH_LIB, "DH lib"},
+ {ERR_R_EVP_LIB, "EVP lib"},
+ {ERR_R_BUF_LIB, "BUF lib"},
+ {ERR_R_OBJ_LIB, "OBJ lib"},
+ {ERR_R_PEM_LIB, "PEM lib"},
+ {ERR_R_DSA_LIB, "DSA lib"},
+ {ERR_R_X509_LIB, "X509 lib"},
+ {ERR_R_ASN1_LIB, "ASN1 lib"},
+ {ERR_R_CONF_LIB, "CONF lib"},
+ {ERR_R_CRYPTO_LIB, "CRYPTO lib"},
+ {ERR_R_EC_LIB, "EC lib"},
+ {ERR_R_SSL_LIB, "SSL lib"},
+ {ERR_R_BIO_LIB, "BIO lib"},
+ {ERR_R_PKCS7_LIB, "PKCS7 lib"},
+ {ERR_R_X509V3_LIB, "X509V3 lib"},
+ {ERR_R_PKCS12_LIB, "PKCS12 lib"},
+ {ERR_R_RAND_LIB, "RAND lib"},
+ {ERR_R_DSO_LIB, "DSO lib"},
+ {ERR_R_ENGINE_LIB, "ENGINE lib"},
+ {ERR_R_OCSP_LIB, "OCSP lib"},
+ {ERR_R_TS_LIB, "TS lib"},
+
+ {ERR_R_NESTED_ASN1_ERROR, "nested asn1 error"},
+ {ERR_R_BAD_ASN1_OBJECT_HEADER, "bad asn1 object header"},
+ {ERR_R_BAD_GET_ASN1_OBJECT_CALL, "bad get asn1 object call"},
+ {ERR_R_EXPECTING_AN_ASN1_SEQUENCE, "expecting an asn1 sequence"},
+ {ERR_R_ASN1_LENGTH_MISMATCH, "asn1 length mismatch"},
+ {ERR_R_MISSING_ASN1_EOS, "missing asn1 eos"},
+
+ {ERR_R_FATAL, "fatal"},
+ {ERR_R_MALLOC_FAILURE, "malloc failure"},
+ {ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED,
+ "called a function you should not call"},
+ {ERR_R_PASSED_NULL_PARAMETER, "passed a null parameter"},
+ {ERR_R_INTERNAL_ERROR, "internal error"},
+ {ERR_R_DISABLED, "called a function that was disabled at compile-time"},
+
+ {0, NULL},
+};
+#endif
+
+/* Define the predeclared (but externally opaque) "ERR_FNS" type */
+struct st_ERR_FNS {
+ /* Works on the "error_hash" string table */
+ LHASH_OF(ERR_STRING_DATA) *(*cb_err_get) (int create);
+ void (*cb_err_del) (void);
+ ERR_STRING_DATA *(*cb_err_get_item) (const ERR_STRING_DATA *);
+ ERR_STRING_DATA *(*cb_err_set_item) (ERR_STRING_DATA *);
+ ERR_STRING_DATA *(*cb_err_del_item) (ERR_STRING_DATA *);
+ /* Works on the "thread_hash" error-state table */
+ LHASH_OF(ERR_STATE) *(*cb_thread_get) (int create);
+ void (*cb_thread_release) (LHASH_OF(ERR_STATE) **hash);
+ ERR_STATE *(*cb_thread_get_item) (const ERR_STATE *);
+ ERR_STATE *(*cb_thread_set_item) (ERR_STATE *);
+ void (*cb_thread_del_item) (const ERR_STATE *);
+ /* Returns the next available error "library" numbers */
+ int (*cb_get_next_lib) (void);
+};
+
+/* Predeclarations of the "err_defaults" functions */
+static LHASH_OF(ERR_STRING_DATA) *int_err_get(int create);
+static void int_err_del(void);
+static ERR_STRING_DATA *int_err_get_item(const ERR_STRING_DATA *);
+static ERR_STRING_DATA *int_err_set_item(ERR_STRING_DATA *);
+static ERR_STRING_DATA *int_err_del_item(ERR_STRING_DATA *);
+static LHASH_OF(ERR_STATE) *int_thread_get(int create);
+static void int_thread_release(LHASH_OF(ERR_STATE) **hash);
+static ERR_STATE *int_thread_get_item(const ERR_STATE *);
+static ERR_STATE *int_thread_set_item(ERR_STATE *);
+static void int_thread_del_item(const ERR_STATE *);
+static int int_err_get_next_lib(void);
+/* The static ERR_FNS table using these defaults functions */
+static const ERR_FNS err_defaults = {
+ int_err_get,
+ int_err_del,
+ int_err_get_item,
+ int_err_set_item,
+ int_err_del_item,
+ int_thread_get,
+ int_thread_release,
+ int_thread_get_item,
+ int_thread_set_item,
+ int_thread_del_item,
+ int_err_get_next_lib
+};
+
+/* The replacable table of ERR_FNS functions we use at run-time */
+static const ERR_FNS *err_fns = NULL;
+
+/* Eg. rather than using "err_get()", use "ERRFN(err_get)()". */
+#define ERRFN(a) err_fns->cb_##a
+
+/*
+ * The internal state used by "err_defaults" - as such, the setting, reading,
+ * creating, and deleting of this data should only be permitted via the
+ * "err_defaults" functions. This way, a linked module can completely defer
+ * all ERR state operation (together with requisite locking) to the
+ * implementations and state in the loading application.
+ */
+static LHASH_OF(ERR_STRING_DATA) *int_error_hash = NULL;
+static LHASH_OF(ERR_STATE) *int_thread_hash = NULL;
+static int int_thread_hash_references = 0;
+static int int_err_library_number = ERR_LIB_USER;
+
+/*
+ * Internal function that checks whether "err_fns" is set and if not, sets it
+ * to the defaults.
+ */
+static void err_fns_check(void)
+{
+ if (err_fns)
+ return;
+
+ CRYPTO_w_lock(CRYPTO_LOCK_ERR);
+ if (!err_fns)
+ err_fns = &err_defaults;
+ CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
+}
+
+/* API functions to get or set the underlying ERR functions. */
+
+const ERR_FNS *ERR_get_implementation(void)
+{
+ err_fns_check();
+ return err_fns;
+}
+
+int ERR_set_implementation(const ERR_FNS *fns)
+{
+ int ret = 0;
+
+ CRYPTO_w_lock(CRYPTO_LOCK_ERR);
+ /*
+ * It's too late if 'err_fns' is non-NULL. BTW: not much point setting an
+ * error is there?!
+ */
+ if (!err_fns) {
+ err_fns = fns;
+ ret = 1;
+ }
+ CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
+ return ret;
+}
+
+/*
+ * These are the callbacks provided to "lh_new()" when creating the LHASH
+ * tables internal to the "err_defaults" implementation.
+ */
+
+static unsigned long get_error_values(int inc, int top, const char **file,
+ int *line, const char **data,
+ int *flags);
+
+/* The internal functions used in the "err_defaults" implementation */
+
+static unsigned long err_string_data_hash(const ERR_STRING_DATA *a)
+{
+ unsigned long ret, l;
+
+ l = a->error;
+ ret = l ^ ERR_GET_LIB(l) ^ ERR_GET_FUNC(l);
+ return (ret ^ ret % 19 * 13);
+}
+
+static IMPLEMENT_LHASH_HASH_FN(err_string_data, ERR_STRING_DATA)
+
+static int err_string_data_cmp(const ERR_STRING_DATA *a,
+ const ERR_STRING_DATA *b)
+{
+ return (int)(a->error - b->error);
+}
+
+static IMPLEMENT_LHASH_COMP_FN(err_string_data, ERR_STRING_DATA)
+
+static LHASH_OF(ERR_STRING_DATA) *int_err_get(int create)
+{
+ LHASH_OF(ERR_STRING_DATA) *ret = NULL;
+
+ CRYPTO_w_lock(CRYPTO_LOCK_ERR);
+ if (!int_error_hash && create) {
+ CRYPTO_push_info("int_err_get (err.c)");
+ int_error_hash = lh_ERR_STRING_DATA_new();
+ CRYPTO_pop_info();
+ }
+ if (int_error_hash)
+ ret = int_error_hash;
+ CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
+
+ return ret;
+}
+
+static void int_err_del(void)
+{
+ CRYPTO_w_lock(CRYPTO_LOCK_ERR);
+ if (int_error_hash) {
+ lh_ERR_STRING_DATA_free(int_error_hash);
+ int_error_hash = NULL;
+ }
+ CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
+}
+
+static ERR_STRING_DATA *int_err_get_item(const ERR_STRING_DATA *d)
+{
+ ERR_STRING_DATA *p;
+ LHASH_OF(ERR_STRING_DATA) *hash;
+
+ err_fns_check();
+ hash = ERRFN(err_get) (0);
+ if (!hash)
+ return NULL;
+
+ CRYPTO_r_lock(CRYPTO_LOCK_ERR);
+ p = lh_ERR_STRING_DATA_retrieve(hash, d);
+ CRYPTO_r_unlock(CRYPTO_LOCK_ERR);
+
+ return p;
+}
+
+static ERR_STRING_DATA *int_err_set_item(ERR_STRING_DATA *d)
+{
+ ERR_STRING_DATA *p;
+ LHASH_OF(ERR_STRING_DATA) *hash;
+
+ err_fns_check();
+ hash = ERRFN(err_get) (1);
+ if (!hash)
+ return NULL;
+
+ CRYPTO_w_lock(CRYPTO_LOCK_ERR);
+ p = lh_ERR_STRING_DATA_insert(hash, d);
+ CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
+
+ return p;
+}
+
+static ERR_STRING_DATA *int_err_del_item(ERR_STRING_DATA *d)
+{
+ ERR_STRING_DATA *p;
+ LHASH_OF(ERR_STRING_DATA) *hash;
+
+ err_fns_check();
+ hash = ERRFN(err_get) (0);
+ if (!hash)
+ return NULL;
+
+ CRYPTO_w_lock(CRYPTO_LOCK_ERR);
+ p = lh_ERR_STRING_DATA_delete(hash, d);
+ CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
+
+ return p;
+}
+
+static unsigned long err_state_hash(const ERR_STATE *a)
+{
+ return CRYPTO_THREADID_hash(&a->tid) * 13;
+}
+
+static IMPLEMENT_LHASH_HASH_FN(err_state, ERR_STATE)
+
+static int err_state_cmp(const ERR_STATE *a, const ERR_STATE *b)
+{
+ return CRYPTO_THREADID_cmp(&a->tid, &b->tid);
+}
+
+static IMPLEMENT_LHASH_COMP_FN(err_state, ERR_STATE)
+
+static LHASH_OF(ERR_STATE) *int_thread_get(int create)
+{
+ LHASH_OF(ERR_STATE) *ret = NULL;
+
+ CRYPTO_w_lock(CRYPTO_LOCK_ERR);
+ if (!int_thread_hash && create) {
+ CRYPTO_push_info("int_thread_get (err.c)");
+ int_thread_hash = lh_ERR_STATE_new();
+ CRYPTO_pop_info();
+ }
+ if (int_thread_hash) {
+ int_thread_hash_references++;
+ ret = int_thread_hash;
+ }
+ CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
+ return ret;
+}
+
+static void int_thread_release(LHASH_OF(ERR_STATE) **hash)
+{
+ int i;
+
+ if (hash == NULL || *hash == NULL)
+ return;
+
+ i = CRYPTO_add(&int_thread_hash_references, -1, CRYPTO_LOCK_ERR);
+
+#ifdef REF_PRINT
+ fprintf(stderr, "%4d:%s\n", int_thread_hash_references, "ERR");
+#endif
+ if (i > 0)
+ return;
+#ifdef REF_CHECK
+ if (i < 0) {
+ fprintf(stderr, "int_thread_release, bad reference count\n");
+ abort(); /* ok */
+ }
+#endif
+ *hash = NULL;
+}
+
+static ERR_STATE *int_thread_get_item(const ERR_STATE *d)
+{
+ ERR_STATE *p;
+ LHASH_OF(ERR_STATE) *hash;
+
+ err_fns_check();
+ hash = ERRFN(thread_get) (0);
+ if (!hash)
+ return NULL;
+
+ CRYPTO_r_lock(CRYPTO_LOCK_ERR);
+ p = lh_ERR_STATE_retrieve(hash, d);
+ CRYPTO_r_unlock(CRYPTO_LOCK_ERR);
+
+ ERRFN(thread_release) (&hash);
+ return p;
+}
+
+static ERR_STATE *int_thread_set_item(ERR_STATE *d)
+{
+ ERR_STATE *p;
+ LHASH_OF(ERR_STATE) *hash;
+
+ err_fns_check();
+ hash = ERRFN(thread_get) (1);
+ if (!hash)
+ return NULL;
+
+ CRYPTO_w_lock(CRYPTO_LOCK_ERR);
+ p = lh_ERR_STATE_insert(hash, d);
+ CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
+
+ ERRFN(thread_release) (&hash);
+ return p;
+}
+
+static void int_thread_del_item(const ERR_STATE *d)
+{
+ ERR_STATE *p;
+ LHASH_OF(ERR_STATE) *hash;
+
+ err_fns_check();
+ hash = ERRFN(thread_get) (0);
+ if (!hash)
+ return;
+
+ CRYPTO_w_lock(CRYPTO_LOCK_ERR);
+ p = lh_ERR_STATE_delete(hash, d);
+ /* make sure we don't leak memory */
+ if (int_thread_hash_references == 1
+ && int_thread_hash && lh_ERR_STATE_num_items(int_thread_hash) == 0) {
+ lh_ERR_STATE_free(int_thread_hash);
+ int_thread_hash = NULL;
+ }
+ CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
+
+ ERRFN(thread_release) (&hash);
+ if (p)
+ ERR_STATE_free(p);
+}
+
+static int int_err_get_next_lib(void)
+{
+ int ret;
+
+ CRYPTO_w_lock(CRYPTO_LOCK_ERR);
+ ret = int_err_library_number++;
+ CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
+
+ return ret;
+}
+
+#ifndef OPENSSL_NO_ERR
+# define NUM_SYS_STR_REASONS 127
+# define LEN_SYS_STR_REASON 32
+
+static ERR_STRING_DATA SYS_str_reasons[NUM_SYS_STR_REASONS + 1];
+/*
+ * SYS_str_reasons is filled with copies of strerror() results at
+ * initialization. 'errno' values up to 127 should cover all usual errors,
+ * others will be displayed numerically by ERR_error_string. It is crucial
+ * that we have something for each reason code that occurs in
+ * ERR_str_reasons, or bogus reason strings will be returned for SYSerr(),
+ * which always gets an errno value and never one of those 'standard' reason
+ * codes.
+ */
+
+static void build_SYS_str_reasons(void)
+{
+ /* OPENSSL_malloc cannot be used here, use static storage instead */
+ static char strerror_tab[NUM_SYS_STR_REASONS][LEN_SYS_STR_REASON];
+ int i;
+ static int init = 1;
+
+ CRYPTO_r_lock(CRYPTO_LOCK_ERR);
+ if (!init) {
+ CRYPTO_r_unlock(CRYPTO_LOCK_ERR);
+ return;
+ }
+
+ CRYPTO_r_unlock(CRYPTO_LOCK_ERR);
+ CRYPTO_w_lock(CRYPTO_LOCK_ERR);
+ if (!init) {
+ CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
+ return;
+ }
+
+ for (i = 1; i <= NUM_SYS_STR_REASONS; i++) {
+ ERR_STRING_DATA *str = &SYS_str_reasons[i - 1];
+
+ str->error = (unsigned long)i;
+ if (str->string == NULL) {
+ char (*dest)[LEN_SYS_STR_REASON] = &(strerror_tab[i - 1]);
+ char *src = strerror(i);
+ if (src != NULL) {
+ strncpy(*dest, src, sizeof *dest);
+ (*dest)[sizeof *dest - 1] = '\0';
+ str->string = *dest;
+ }
+ }
+ if (str->string == NULL)
+ str->string = "unknown";
+ }
+
+ /*
+ * Now we still have SYS_str_reasons[NUM_SYS_STR_REASONS] = {0, NULL}, as
+ * required by ERR_load_strings.
+ */
+
+ init = 0;
+
+ CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
+}
+#endif
+
#define err_clear_data(p,i) \
do { \
if (((p)->err_data[i] != NULL) && \
@@ -143,6 +641,65 @@
(p)->err_line[i]= -1; \
} while(0)
+static void ERR_STATE_free(ERR_STATE *s)
+{
+ int i;
+
+ if (s == NULL)
+ return;
+
+ for (i = 0; i < ERR_NUM_ERRORS; i++) {
+ err_clear_data(s, i);
+ }
+ OPENSSL_free(s);
+}
+
+void ERR_load_ERR_strings(void)
+{
+ err_fns_check();
+#ifndef OPENSSL_NO_ERR
+ err_load_strings(0, ERR_str_libraries);
+ err_load_strings(0, ERR_str_reasons);
+ err_load_strings(ERR_LIB_SYS, ERR_str_functs);
+ build_SYS_str_reasons();
+ err_load_strings(ERR_LIB_SYS, SYS_str_reasons);
+#endif
+}
+
+static void err_load_strings(int lib, ERR_STRING_DATA *str)
+{
+ while (str->error) {
+ if (lib)
+ str->error |= ERR_PACK(lib, 0, 0);
+ ERRFN(err_set_item) (str);
+ str++;
+ }
+}
+
+void ERR_load_strings(int lib, ERR_STRING_DATA *str)
+{
+ ERR_load_ERR_strings();
+ err_load_strings(lib, str);
+}
+
+void ERR_unload_strings(int lib, ERR_STRING_DATA *str)
+{
+ while (str->error) {
+ if (lib)
+ str->error |= ERR_PACK(lib, 0, 0);
+ ERRFN(err_del_item) (str);
+ str++;
+ }
+}
+
+void ERR_free_strings(void)
+{
+ err_fns_check();
+ ERRFN(err_del) ();
+}
+
+/********************************************************/
+
void ERR_put_error(int lib, int func, int reason, const char *file, int line)
{
ERR_STATE *es;
@@ -305,6 +862,200 @@
return ret;
}
+void ERR_error_string_n(unsigned long e, char *buf, size_t len)
+{
+ char lsbuf[64], fsbuf[64], rsbuf[64];
+ const char *ls, *fs, *rs;
+ unsigned long l, f, r;
+
+ l = ERR_GET_LIB(e);
+ f = ERR_GET_FUNC(e);
+ r = ERR_GET_REASON(e);
+
+ ls = ERR_lib_error_string(e);
+ fs = ERR_func_error_string(e);
+ rs = ERR_reason_error_string(e);
+
+ if (ls == NULL)
+ BIO_snprintf(lsbuf, sizeof(lsbuf), "lib(%lu)", l);
+ if (fs == NULL)
+ BIO_snprintf(fsbuf, sizeof(fsbuf), "func(%lu)", f);
+ if (rs == NULL)
+ BIO_snprintf(rsbuf, sizeof(rsbuf), "reason(%lu)", r);
+
+ BIO_snprintf(buf, len, "error:%08lX:%s:%s:%s", e, ls ? ls : lsbuf,
+ fs ? fs : fsbuf, rs ? rs : rsbuf);
+ if (strlen(buf) == len - 1) {
+ /*
+ * output may be truncated; make sure we always have 5
+ * colon-separated fields, i.e. 4 colons ...
+ */
+#define NUM_COLONS 4
+ if (len > NUM_COLONS) { /* ... if possible */
+ int i;
+ char *s = buf;
+
+ for (i = 0; i < NUM_COLONS; i++) {
+ char *colon = strchr(s, ':');
+ if (colon == NULL || colon > &buf[len - 1] - NUM_COLONS + i) {
+ /*
+ * set colon no. i at last possible position (buf[len-1]
+ * is the terminating 0)
+ */
+ colon = &buf[len - 1] - NUM_COLONS + i;
+ *colon = ':';
+ }
+ s = colon + 1;
+ }
+ }
+ }
+}
+
+/* BAD for multi-threading: uses a local buffer if ret == NULL */
+/*
+ * ERR_error_string_n should be used instead for ret != NULL as
+ * ERR_error_string cannot know how large the buffer is
+ */
+char *ERR_error_string(unsigned long e, char *ret)
+{
+ static char buf[256];
+
+ if (ret == NULL)
+ ret = buf;
+ ERR_error_string_n(e, ret, 256);
+
+ return ret;
+}
+
+LHASH_OF(ERR_STRING_DATA) *ERR_get_string_table(void)
+{
+ err_fns_check();
+ return ERRFN(err_get) (0);
+}
+
+LHASH_OF(ERR_STATE) *ERR_get_err_state_table(void)
+{
+ err_fns_check();
+ return ERRFN(thread_get) (0);
+}
+
+void ERR_release_err_state_table(LHASH_OF(ERR_STATE) **hash)
+{
+ err_fns_check();
+ ERRFN(thread_release) (hash);
+}
+
+const char *ERR_lib_error_string(unsigned long e)
+{
+ ERR_STRING_DATA d, *p;
+ unsigned long l;
+
+ err_fns_check();
+ l = ERR_GET_LIB(e);
+ d.error = ERR_PACK(l, 0, 0);
+ p = ERRFN(err_get_item) (&d);
+ return ((p == NULL) ? NULL : p->string);
+}
+
+const char *ERR_func_error_string(unsigned long e)
+{
+ ERR_STRING_DATA d, *p;
+ unsigned long l, f;
+
+ err_fns_check();
+ l = ERR_GET_LIB(e);
+ f = ERR_GET_FUNC(e);
+ d.error = ERR_PACK(l, f, 0);
+ p = ERRFN(err_get_item) (&d);
+ return ((p == NULL) ? NULL : p->string);
+}
+
+const char *ERR_reason_error_string(unsigned long e)
+{
+ ERR_STRING_DATA d, *p = NULL;
+ unsigned long l, r;
+
+ err_fns_check();
+ l = ERR_GET_LIB(e);
+ r = ERR_GET_REASON(e);
+ d.error = ERR_PACK(l, 0, r);
+ p = ERRFN(err_get_item) (&d);
+ if (!p) {
+ d.error = ERR_PACK(0, 0, r);
+ p = ERRFN(err_get_item) (&d);
+ }
+ return ((p == NULL) ? NULL : p->string);
+}
+
+void ERR_remove_thread_state(const CRYPTO_THREADID *id)
+{
+ ERR_STATE tmp;
+
+ if (id)
+ CRYPTO_THREADID_cpy(&tmp.tid, id);
+ else
+ CRYPTO_THREADID_current(&tmp.tid);
+ err_fns_check();
+ /*
+ * thread_del_item automatically destroys the LHASH if the number of
+ * items reaches zero.
+ */
+ ERRFN(thread_del_item) (&tmp);
+}
+
+#ifndef OPENSSL_NO_DEPRECATED
+void ERR_remove_state(unsigned long pid)
+{
+ ERR_remove_thread_state(NULL);
+}
+#endif
+
+ERR_STATE *ERR_get_state(void)
+{
+ static ERR_STATE fallback;
+ ERR_STATE *ret, tmp, *tmpp = NULL;
+ int i;
+ CRYPTO_THREADID tid;
+
+ err_fns_check();
+ CRYPTO_THREADID_current(&tid);
+ CRYPTO_THREADID_cpy(&tmp.tid, &tid);
+ ret = ERRFN(thread_get_item) (&tmp);
+
+ /* ret == the error state, if NULL, make a new one */
+ if (ret == NULL) {
+ ret = (ERR_STATE *)OPENSSL_malloc(sizeof(ERR_STATE));
+ if (ret == NULL)
+ return (&fallback);
+ CRYPTO_THREADID_cpy(&ret->tid, &tid);
+ ret->top = 0;
+ ret->bottom = 0;
+ for (i = 0; i < ERR_NUM_ERRORS; i++) {
+ ret->err_data[i] = NULL;
+ ret->err_data_flags[i] = 0;
+ }
+ tmpp = ERRFN(thread_set_item) (ret);
+ /* To check if insertion failed, do a get. */
+ if (ERRFN(thread_get_item) (ret) != ret) {
+ ERR_STATE_free(ret); /* could not insert it */
+ return (&fallback);
+ }
+ /*
+ * If a race occured in this function and we came second, tmpp is the
+ * first one that we just replaced.
+ */
+ if (tmpp)
+ ERR_STATE_free(tmpp);
+ }
+ return ret;
+}
+
+int ERR_get_next_error_library(void)
+{
+ err_fns_check();
+ return ERRFN(get_next_lib) ();
+}
+
void ERR_set_error_data(char *data, int flags)
{
ERR_STATE *es;
@@ -324,6 +1075,13 @@
void ERR_add_error_data(int num, ...)
{
va_list args;
+ va_start(args, num);
+ ERR_add_error_vdata(num, args);
+ va_end(args);
+}
+
+void ERR_add_error_vdata(int num, va_list args)
+{
int i, n, s;
char *str, *p, *a;
@@ -333,7 +1091,6 @@
return;
str[0] = '\0';
- va_start(args, num);
n = 0;
for (i = 0; i < num; i++) {
a = va_arg(args, char *);
@@ -345,7 +1102,7 @@
p = OPENSSL_realloc(str, s + 1);
if (p == NULL) {
OPENSSL_free(str);
- goto err;
+ return;
} else
str = p;
}
@@ -353,9 +1110,6 @@
}
}
ERR_set_error_data(str, ERR_TXT_MALLOCED | ERR_TXT_STRING);
-
- err:
- va_end(args);
}
int ERR_set_mark(void)
@@ -389,34 +1143,3 @@
es->err_flags[es->top] &= ~ERR_FLAG_MARK;
return 1;
}
-
-#ifdef OPENSSL_FIPS
-
-static ERR_STATE *fget_state(void)
-{
- static ERR_STATE fstate;
- return &fstate;
-}
-
-ERR_STATE *(*get_state_func) (void) = fget_state;
-void (*remove_state_func) (unsigned long pid);
-
-ERR_STATE *ERR_get_state(void)
-{
- return get_state_func();
-}
-
-void int_ERR_set_state_func(ERR_STATE *(*get_func) (void),
- void (*remove_func) (unsigned long pid))
-{
- get_state_func = get_func;
- remove_state_func = remove_func;
-}
-
-void ERR_remove_state(unsigned long pid)
-{
- if (remove_state_func)
- remove_state_func(pid);
-}
-
-#endif
Modified: trunk/crypto/openssl/crypto/err/err.h
===================================================================
--- trunk/crypto/openssl/crypto/err/err.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/err/err.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -55,6 +55,59 @@
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
+/* ====================================================================
+ * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
#ifndef HEADER_ERR_H
# define HEADER_ERR_H
@@ -93,7 +146,7 @@
# define ERR_NUM_ERRORS 16
typedef struct err_state_st {
- unsigned long pid;
+ CRYPTO_THREADID tid;
int err_flags[ERR_NUM_ERRORS];
unsigned long err_buffer[ERR_NUM_ERRORS];
char *err_data[ERR_NUM_ERRORS];
@@ -141,7 +194,9 @@
# define ERR_LIB_STORE 44
# define ERR_LIB_FIPS 45
# define ERR_LIB_CMS 46
-# define ERR_LIB_JPAKE 47
+# define ERR_LIB_TS 47
+# define ERR_LIB_HMAC 48
+# define ERR_LIB_JPAKE 49
# define ERR_LIB_USER 128
@@ -175,6 +230,8 @@
# define STOREerr(f,r) ERR_PUT_error(ERR_LIB_STORE,(f),(r),__FILE__,__LINE__)
# define FIPSerr(f,r) ERR_PUT_error(ERR_LIB_FIPS,(f),(r),__FILE__,__LINE__)
# define CMSerr(f,r) ERR_PUT_error(ERR_LIB_CMS,(f),(r),__FILE__,__LINE__)
+# define TSerr(f,r) ERR_PUT_error(ERR_LIB_TS,(f),(r),__FILE__,__LINE__)
+# define HMACerr(f,r) ERR_PUT_error(ERR_LIB_HMAC,(f),(r),__FILE__,__LINE__)
# define JPAKEerr(f,r) ERR_PUT_error(ERR_LIB_JPAKE,(f),(r),__FILE__,__LINE__)
/*
@@ -231,6 +288,7 @@
# define ERR_R_ECDSA_LIB ERR_LIB_ECDSA/* 42 */
# define ERR_R_ECDH_LIB ERR_LIB_ECDH/* 43 */
# define ERR_R_STORE_LIB ERR_LIB_STORE/* 44 */
+# define ERR_R_TS_LIB ERR_LIB_TS/* 45 */
# define ERR_R_NESTED_ASN1_ERROR 58
# define ERR_R_BAD_ASN1_OBJECT_HEADER 59
@@ -285,8 +343,9 @@
# endif
# ifndef OPENSSL_NO_BIO
void ERR_print_errors(BIO *bp);
+# endif
void ERR_add_error_data(int num, ...);
-# endif
+void ERR_add_error_vdata(int num, va_list args);
void ERR_load_strings(int lib, ERR_STRING_DATA str[]);
void ERR_unload_strings(int lib, ERR_STRING_DATA str[]);
void ERR_load_ERR_strings(void);
@@ -293,13 +352,16 @@
void ERR_load_crypto_strings(void);
void ERR_free_strings(void);
+void ERR_remove_thread_state(const CRYPTO_THREADID *tid);
+# ifndef OPENSSL_NO_DEPRECATED
void ERR_remove_state(unsigned long pid); /* if zero we look it up */
+# endif
ERR_STATE *ERR_get_state(void);
# ifndef OPENSSL_NO_LHASH
-LHASH *ERR_get_string_table(void);
-LHASH *ERR_get_err_state_table(void);
-void ERR_release_err_state_table(LHASH **hash);
+LHASH_OF(ERR_STRING_DATA) *ERR_get_string_table(void);
+LHASH_OF(ERR_STATE) *ERR_get_err_state_table(void);
+void ERR_release_err_state_table(LHASH_OF(ERR_STATE) **hash);
# endif
int ERR_get_next_error_library(void);
@@ -307,12 +369,6 @@
int ERR_set_mark(void);
int ERR_pop_to_mark(void);
-# ifdef OPENSSL_FIPS
-void int_ERR_set_state_func(ERR_STATE *(*get_func) (void),
- void (*remove_func) (unsigned long pid));
-void int_ERR_lib_init(void);
-# endif
-
/* Already defined in ossl_typ.h */
/* typedef struct st_ERR_FNS ERR_FNS; */
/*
Modified: trunk/crypto/openssl/crypto/err/err_all.c
===================================================================
--- trunk/crypto/openssl/crypto/err/err_all.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/err/err_all.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -64,6 +64,9 @@
#endif
#include <openssl/buffer.h>
#include <openssl/bio.h>
+#ifndef OPENSSL_NO_COMP
+# include <openssl/comp.h>
+#endif
#ifndef OPENSSL_NO_RSA
# include <openssl/rsa.h>
#endif
@@ -97,7 +100,7 @@
#ifdef OPENSSL_FIPS
# include <openssl/fips.h>
#endif
-
+#include <openssl/ts.h>
#ifndef OPENSSL_NO_CMS
# include <openssl/cms.h>
#endif
@@ -104,9 +107,6 @@
#ifndef OPENSSL_NO_JPAKE
# include <openssl/jpake.h>
#endif
-#ifndef OPENSSL_NO_COMP
-# include <openssl/comp.h>
-#endif
void ERR_load_crypto_strings(void)
{
@@ -130,6 +130,9 @@
ERR_load_ASN1_strings();
ERR_load_CONF_strings();
ERR_load_CRYPTO_strings();
+# ifndef OPENSSL_NO_COMP
+ ERR_load_COMP_strings();
+# endif
# ifndef OPENSSL_NO_EC
ERR_load_EC_strings();
# endif
@@ -146,6 +149,7 @@
ERR_load_PKCS12_strings();
ERR_load_RAND_strings();
ERR_load_DSO_strings();
+ ERR_load_TS_strings();
# ifndef OPENSSL_NO_ENGINE
ERR_load_ENGINE_strings();
# endif
@@ -160,6 +164,5 @@
# ifndef OPENSSL_NO_JPAKE
ERR_load_JPAKE_strings();
# endif
- ERR_load_COMP_strings();
#endif
}
Modified: trunk/crypto/openssl/crypto/err/err_prn.c
===================================================================
--- trunk/crypto/openssl/crypto/err/err_prn.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/err/err_prn.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -72,8 +72,10 @@
const char *file, *data;
int line, flags;
unsigned long es;
+ CRYPTO_THREADID cur;
- es = CRYPTO_thread_id();
+ CRYPTO_THREADID_current(&cur);
+ es = CRYPTO_THREADID_hash(&cur);
while ((l = ERR_get_error_line_data(&file, &line, &data, &flags)) != 0) {
ERR_error_string_n(l, buf, sizeof buf);
BIO_snprintf(buf2, sizeof(buf2), "%lu:%s:%s:%d:%s\n", es, buf,
@@ -100,67 +102,12 @@
}
#endif
-void ERR_error_string_n(unsigned long e, char *buf, size_t len)
+static int print_bio(const char *str, size_t len, void *bp)
{
- char lsbuf[64], fsbuf[64], rsbuf[64];
- const char *ls, *fs, *rs;
- unsigned long l, f, r;
-
- l = ERR_GET_LIB(e);
- f = ERR_GET_FUNC(e);
- r = ERR_GET_REASON(e);
-
- ls = ERR_lib_error_string(e);
- fs = ERR_func_error_string(e);
- rs = ERR_reason_error_string(e);
-
- if (ls == NULL)
- BIO_snprintf(lsbuf, sizeof(lsbuf), "lib(%lu)", l);
- if (fs == NULL)
- BIO_snprintf(fsbuf, sizeof(fsbuf), "func(%lu)", f);
- if (rs == NULL)
- BIO_snprintf(rsbuf, sizeof(rsbuf), "reason(%lu)", r);
-
- BIO_snprintf(buf, len, "error:%08lX:%s:%s:%s", e, ls ? ls : lsbuf,
- fs ? fs : fsbuf, rs ? rs : rsbuf);
- if (strlen(buf) == len - 1) {
- /*
- * output may be truncated; make sure we always have 5
- * colon-separated fields, i.e. 4 colons ...
- */
-#define NUM_COLONS 4
- if (len > NUM_COLONS) { /* ... if possible */
- int i;
- char *s = buf;
-
- for (i = 0; i < NUM_COLONS; i++) {
- char *colon = strchr(s, ':');
- if (colon == NULL || colon > &buf[len - 1] - NUM_COLONS + i) {
- /*
- * set colon no. i at last possible position (buf[len-1]
- * is the terminating 0)
- */
- colon = &buf[len - 1] - NUM_COLONS + i;
- *colon = ':';
- }
- s = colon + 1;
- }
- }
- }
+ return BIO_write((BIO *)bp, str, len);
}
-/* BAD for multi-threading: uses a local buffer if ret == NULL */
-/*
- * ERR_error_string_n should be used instead for ret != NULL as
- * ERR_error_string cannot know how large the buffer is
- */
-char *ERR_error_string(unsigned long e, char *ret)
+void ERR_print_errors(BIO *bp)
{
- static char buf[256];
-
- if (ret == NULL)
- ret = buf;
- ERR_error_string_n(e, ret, 256);
-
- return ret;
+ ERR_print_errors_cb(print_bio, bp);
}
Modified: trunk/crypto/openssl/crypto/err/openssl.ec
===================================================================
--- trunk/crypto/openssl/crypto/err/openssl.ec 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/err/openssl.ec 2015-07-21 23:23:45 UTC (rev 7118)
@@ -31,7 +31,8 @@
L ECDSA crypto/ecdsa/ecdsa.h crypto/ecdsa/ecs_err.c
L ECDH crypto/ecdh/ecdh.h crypto/ecdh/ech_err.c
L STORE crypto/store/store.h crypto/store/str_err.c
-L FIPS fips/fips.h crypto/fips_err.h
+L TS crypto/ts/ts.h crypto/ts/ts_err.c
+L HMAC crypto/hmac/hmac.h crypto/hmac/hmac_err.c
L CMS crypto/cms/cms.h crypto/cms/cms_err.c
L JPAKE crypto/jpake/jpake.h crypto/jpake/jpake_err.c
@@ -38,6 +39,7 @@
# additional header files to be scanned for function names
L NONE crypto/x509/x509_vfy.h NONE
L NONE crypto/ec/ec_lcl.h NONE
+L NONE crypto/asn1/asn_lcl.h NONE
L NONE crypto/cms/cms_lcl.h NONE
Modified: trunk/crypto/openssl/crypto/evp/Makefile
===================================================================
--- trunk/crypto/openssl/crypto/evp/Makefile 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/evp/Makefile 2015-07-21 23:23:45 UTC (rev 7118)
@@ -13,39 +13,41 @@
CFLAGS= $(INCLUDES) $(CFLAG)
GENERAL=Makefile
-TEST=evp_test.c
+TEST=evp_test.c evp_extra_test.c
TESTDATA=evptests.txt
APPS=
LIB=$(TOP)/libcrypto.a
-LIBSRC= encode.c digest.c dig_eng.c evp_enc.c evp_key.c evp_acnf.c evp_cnf.c \
+LIBSRC= encode.c digest.c evp_enc.c evp_key.c evp_acnf.c evp_cnf.c \
e_des.c e_bf.c e_idea.c e_des3.c e_camellia.c\
e_rc4.c e_aes.c names.c e_seed.c \
- e_xcbc_d.c e_rc2.c e_cast.c e_rc5.c enc_min.c \
- m_null.c m_md2.c m_md4.c m_md5.c m_sha.c m_sha1.c \
+ e_xcbc_d.c e_rc2.c e_cast.c e_rc5.c \
+ m_null.c m_md2.c m_md4.c m_md5.c m_sha.c m_sha1.c m_wp.c \
m_dss.c m_dss1.c m_mdc2.c m_ripemd.c m_ecdsa.c\
p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c \
bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c \
c_all.c c_allc.c c_alld.c evp_lib.c bio_ok.c \
evp_pkey.c evp_pbe.c p5_crpt.c p5_crpt2.c \
- e_old.c
+ e_old.c pmeth_lib.c pmeth_fn.c pmeth_gn.c m_sigver.c evp_fips.c \
+ e_aes_cbc_hmac_sha1.c e_rc4_hmac_md5.c
-LIBOBJ= encode.o digest.o dig_eng.o evp_enc.o evp_key.o evp_acnf.o evp_cnf.o \
+LIBOBJ= encode.o digest.o evp_enc.o evp_key.o evp_acnf.o evp_cnf.o \
e_des.o e_bf.o e_idea.o e_des3.o e_camellia.o\
e_rc4.o e_aes.o names.o e_seed.o \
- e_xcbc_d.o e_rc2.o e_cast.o e_rc5.o enc_min.o \
- m_null.o m_md2.o m_md4.o m_md5.o m_sha.o m_sha1.o \
+ e_xcbc_d.o e_rc2.o e_cast.o e_rc5.o \
+ m_null.o m_md2.o m_md4.o m_md5.o m_sha.o m_sha1.o m_wp.o \
m_dss.o m_dss1.o m_mdc2.o m_ripemd.o m_ecdsa.o\
p_open.o p_seal.o p_sign.o p_verify.o p_lib.o p_enc.o p_dec.o \
bio_md.o bio_b64.o bio_enc.o evp_err.o e_null.o \
c_all.o c_allc.o c_alld.o evp_lib.o bio_ok.o \
evp_pkey.o evp_pbe.o p5_crpt.o p5_crpt2.o \
- e_old.o
+ e_old.o pmeth_lib.o pmeth_fn.o pmeth_gn.o m_sigver.o evp_fips.o \
+ e_aes_cbc_hmac_sha1.o e_rc4_hmac_md5.o
SRC= $(LIBSRC)
EXHEADER= evp.h
-HEADER= $(EXHEADER)
+HEADER= evp_locl.h $(EXHEADER)
ALL= $(GENERAL) $(SRC) $(HEADER)
@@ -55,7 +57,7 @@
all: lib
lib: $(LIBOBJ)
- $(ARX) $(LIB) $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
@@ -65,7 +67,7 @@
links:
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
- cp $(TESTDATA) ../../test
+ @[ -f $(TESTDATA) ] && cp $(TESTDATA) ../../test && echo "$(TESTDATA) -> ../../test/$(TESTDATA)"
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
install:
@@ -84,6 +86,8 @@
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
+update: depend
+
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC)
@@ -101,201 +105,212 @@
bio_b64.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
bio_b64.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
bio_b64.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-bio_b64.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-bio_b64.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-bio_b64.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-bio_b64.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-bio_b64.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bio_b64.o: ../cryptlib.h bio_b64.c
+bio_b64.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+bio_b64.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+bio_b64.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bio_b64.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bio_b64.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_b64.c
bio_enc.o: ../../e_os.h ../../include/openssl/asn1.h
bio_enc.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
bio_enc.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
bio_enc.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-bio_enc.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-bio_enc.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-bio_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-bio_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-bio_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bio_enc.o: ../cryptlib.h bio_enc.c
+bio_enc.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+bio_enc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+bio_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bio_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bio_enc.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_enc.c
bio_md.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
bio_md.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
bio_md.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bio_md.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-bio_md.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-bio_md.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-bio_md.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bio_md.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bio_md.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_md.c
+bio_md.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+bio_md.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+bio_md.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+bio_md.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+bio_md.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bio_md.o: ../cryptlib.h bio_md.c
bio_ok.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
bio_ok.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
bio_ok.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bio_ok.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-bio_ok.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-bio_ok.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-bio_ok.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bio_ok.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
-bio_ok.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bio_ok.o: ../cryptlib.h bio_ok.c
+bio_ok.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+bio_ok.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+bio_ok.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+bio_ok.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+bio_ok.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bio_ok.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_ok.c
c_all.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
c_all.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
c_all.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
c_all.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
c_all.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-c_all.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-c_all.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-c_all.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-c_all.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-c_all.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-c_all.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-c_all.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-c_all.o: ../../include/openssl/x509_vfy.h ../cryptlib.h c_all.c
+c_all.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+c_all.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+c_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+c_all.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+c_all.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+c_all.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+c_all.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+c_all.o: ../cryptlib.h c_all.c
c_allc.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
c_allc.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
c_allc.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
c_allc.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
c_allc.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-c_allc.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-c_allc.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-c_allc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-c_allc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h
-c_allc.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-c_allc.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-c_allc.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-c_allc.o: ../../include/openssl/x509_vfy.h ../cryptlib.h c_allc.c
+c_allc.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+c_allc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+c_allc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+c_allc.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+c_allc.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+c_allc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+c_allc.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+c_allc.o: ../cryptlib.h c_allc.c
c_alld.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
c_alld.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
c_alld.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
c_alld.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
c_alld.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-c_alld.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-c_alld.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-c_alld.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-c_alld.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h
-c_alld.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-c_alld.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-c_alld.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-c_alld.o: ../../include/openssl/x509_vfy.h ../cryptlib.h c_alld.c
-dig_eng.o: ../../e_os.h ../../include/openssl/asn1.h
-dig_eng.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-dig_eng.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-dig_eng.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-dig_eng.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
-dig_eng.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-dig_eng.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-dig_eng.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-dig_eng.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-dig_eng.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-dig_eng.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-dig_eng.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-dig_eng.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-dig_eng.o: ../cryptlib.h dig_eng.c evp_locl.h
+c_alld.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+c_alld.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+c_alld.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+c_alld.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+c_alld.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+c_alld.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+c_alld.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+c_alld.o: ../cryptlib.h c_alld.c
digest.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
digest.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
digest.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
digest.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
digest.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-digest.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-digest.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-digest.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-digest.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-digest.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-digest.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-digest.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-digest.o: ../../include/openssl/x509_vfy.h ../cryptlib.h digest.c evp_locl.h
+digest.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+digest.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+digest.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+digest.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+digest.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+digest.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+digest.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+digest.o: ../cryptlib.h digest.c
e_aes.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
e_aes.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
e_aes.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-e_aes.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-e_aes.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+e_aes.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+e_aes.o: ../../include/openssl/modes.h ../../include/openssl/obj_mac.h
e_aes.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
e_aes.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-e_aes.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-e_aes.o: ../../include/openssl/symhacks.h e_aes.c evp_locl.h
+e_aes.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+e_aes.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+e_aes.o: ../modes/modes_lcl.h e_aes.c evp_locl.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/bio.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/crypto.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/e_os2.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/evp.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/obj_mac.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/objects.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/opensslconf.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/opensslv.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/ossl_typ.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/safestack.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/sha.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/stack.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/symhacks.h e_aes_cbc_hmac_sha1.c
+e_aes_cbc_hmac_sha1.o: evp_locl.h
e_bf.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
e_bf.o: ../../include/openssl/blowfish.h ../../include/openssl/buffer.h
e_bf.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
e_bf.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-e_bf.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-e_bf.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-e_bf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-e_bf.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-e_bf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-e_bf.o: ../cryptlib.h e_bf.c evp_locl.h
-e_camellia.o: ../../include/openssl/opensslconf.h e_camellia.c
+e_bf.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+e_bf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+e_bf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+e_bf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+e_bf.o: ../../include/openssl/symhacks.h ../cryptlib.h e_bf.c evp_locl.h
+e_camellia.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+e_camellia.o: ../../include/openssl/camellia.h ../../include/openssl/crypto.h
+e_camellia.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+e_camellia.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+e_camellia.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+e_camellia.o: ../../include/openssl/opensslconf.h
+e_camellia.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+e_camellia.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+e_camellia.o: ../../include/openssl/symhacks.h e_camellia.c evp_locl.h
e_cast.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
e_cast.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
e_cast.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
e_cast.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-e_cast.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-e_cast.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-e_cast.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-e_cast.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-e_cast.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-e_cast.o: ../cryptlib.h e_cast.c evp_locl.h
+e_cast.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+e_cast.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+e_cast.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+e_cast.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+e_cast.o: ../../include/openssl/symhacks.h ../cryptlib.h e_cast.c evp_locl.h
e_des.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
e_des.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
e_des.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
e_des.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-e_des.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-e_des.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-e_des.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-e_des.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-e_des.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
-e_des.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-e_des.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-e_des.o: ../cryptlib.h e_des.c evp_locl.h
+e_des.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+e_des.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+e_des.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+e_des.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+e_des.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+e_des.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+e_des.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_des.c evp_locl.h
e_des3.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
e_des3.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
e_des3.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
e_des3.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-e_des3.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-e_des3.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-e_des3.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-e_des3.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-e_des3.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
-e_des3.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-e_des3.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-e_des3.o: ../cryptlib.h e_des3.c evp_locl.h
+e_des3.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+e_des3.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+e_des3.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+e_des3.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+e_des3.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+e_des3.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+e_des3.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_des3.c evp_locl.h
e_idea.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
e_idea.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
e_idea.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-e_idea.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-e_idea.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-e_idea.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-e_idea.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-e_idea.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-e_idea.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-e_idea.o: ../cryptlib.h e_idea.c evp_locl.h
+e_idea.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+e_idea.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+e_idea.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+e_idea.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+e_idea.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+e_idea.o: ../../include/openssl/symhacks.h ../cryptlib.h e_idea.c evp_locl.h
e_null.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
e_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
e_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-e_null.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-e_null.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-e_null.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-e_null.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-e_null.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-e_null.o: ../../include/openssl/symhacks.h ../cryptlib.h e_null.c
+e_null.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+e_null.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+e_null.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+e_null.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+e_null.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+e_null.o: ../cryptlib.h e_null.c
e_old.o: e_old.c
e_rc2.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
e_rc2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
e_rc2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-e_rc2.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-e_rc2.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-e_rc2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-e_rc2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-e_rc2.o: ../../include/openssl/rc2.h ../../include/openssl/safestack.h
-e_rc2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-e_rc2.o: ../cryptlib.h e_rc2.c evp_locl.h
+e_rc2.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+e_rc2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+e_rc2.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+e_rc2.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h
+e_rc2.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+e_rc2.o: ../../include/openssl/symhacks.h ../cryptlib.h e_rc2.c evp_locl.h
e_rc4.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
e_rc4.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
e_rc4.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-e_rc4.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-e_rc4.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-e_rc4.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-e_rc4.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-e_rc4.o: ../../include/openssl/rc4.h ../../include/openssl/safestack.h
-e_rc4.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-e_rc4.o: ../cryptlib.h e_rc4.c evp_locl.h
+e_rc4.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+e_rc4.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+e_rc4.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+e_rc4.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc4.h
+e_rc4.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+e_rc4.o: ../../include/openssl/symhacks.h ../cryptlib.h e_rc4.c evp_locl.h
+e_rc4_hmac_md5.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+e_rc4_hmac_md5.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+e_rc4_hmac_md5.o: ../../include/openssl/evp.h ../../include/openssl/md5.h
+e_rc4_hmac_md5.o: ../../include/openssl/obj_mac.h
+e_rc4_hmac_md5.o: ../../include/openssl/objects.h
+e_rc4_hmac_md5.o: ../../include/openssl/opensslconf.h
+e_rc4_hmac_md5.o: ../../include/openssl/opensslv.h
+e_rc4_hmac_md5.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc4.h
+e_rc4_hmac_md5.o: ../../include/openssl/safestack.h
+e_rc4_hmac_md5.o: ../../include/openssl/stack.h
+e_rc4_hmac_md5.o: ../../include/openssl/symhacks.h e_rc4_hmac_md5.c
e_rc5.o: ../../e_os.h ../../include/openssl/bio.h
e_rc5.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
e_rc5.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
@@ -306,54 +321,40 @@
e_seed.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
e_seed.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
e_seed.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-e_seed.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-e_seed.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-e_seed.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-e_seed.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+e_seed.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+e_seed.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+e_seed.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+e_seed.o: ../../include/openssl/safestack.h ../../include/openssl/seed.h
e_seed.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-e_seed.o: e_seed.c
+e_seed.o: e_seed.c evp_locl.h
e_xcbc_d.o: ../../e_os.h ../../include/openssl/asn1.h
e_xcbc_d.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
e_xcbc_d.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
e_xcbc_d.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
e_xcbc_d.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-e_xcbc_d.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-e_xcbc_d.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-e_xcbc_d.o: ../../include/openssl/opensslconf.h
+e_xcbc_d.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+e_xcbc_d.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
e_xcbc_d.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
e_xcbc_d.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
e_xcbc_d.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
e_xcbc_d.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_xcbc_d.c
-enc_min.o: ../../e_os.h ../../include/openssl/asn1.h
-enc_min.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-enc_min.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-enc_min.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-enc_min.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
-enc_min.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-enc_min.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-enc_min.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-enc_min.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-enc_min.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-enc_min.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
-enc_min.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-enc_min.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-enc_min.o: ../../include/openssl/x509_vfy.h ../cryptlib.h enc_min.c evp_locl.h
+e_xcbc_d.o: evp_locl.h
encode.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
encode.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
encode.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-encode.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-encode.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-encode.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-encode.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-encode.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-encode.o: ../../include/openssl/symhacks.h ../cryptlib.h encode.c
+encode.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+encode.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+encode.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+encode.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+encode.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+encode.o: ../cryptlib.h encode.c
evp_acnf.o: ../../e_os.h ../../include/openssl/asn1.h
evp_acnf.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
evp_acnf.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
evp_acnf.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-evp_acnf.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-evp_acnf.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-evp_acnf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+evp_acnf.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+evp_acnf.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+evp_acnf.o: ../../include/openssl/opensslconf.h
evp_acnf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
evp_acnf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
evp_acnf.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_acnf.c
@@ -363,15 +364,14 @@
evp_cnf.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
evp_cnf.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
evp_cnf.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-evp_cnf.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-evp_cnf.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-evp_cnf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-evp_cnf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-evp_cnf.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-evp_cnf.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-evp_cnf.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-evp_cnf.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-evp_cnf.o: ../cryptlib.h evp_cnf.c
+evp_cnf.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+evp_cnf.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+evp_cnf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+evp_cnf.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+evp_cnf.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+evp_cnf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+evp_cnf.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+evp_cnf.o: ../../include/openssl/x509v3.h ../cryptlib.h evp_cnf.c
evp_enc.o: ../../e_os.h ../../include/openssl/asn1.h
evp_enc.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
evp_enc.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
@@ -378,284 +378,301 @@
evp_enc.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
evp_enc.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
evp_enc.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-evp_enc.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-evp_enc.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-evp_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-evp_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-evp_enc.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
-evp_enc.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-evp_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-evp_enc.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_enc.c evp_locl.h
+evp_enc.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+evp_enc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+evp_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+evp_enc.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+evp_enc.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+evp_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+evp_enc.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+evp_enc.o: ../cryptlib.h evp_enc.c evp_locl.h
evp_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
evp_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
evp_err.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-evp_err.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-evp_err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-evp_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-evp_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-evp_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-evp_err.o: evp_err.c
+evp_err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+evp_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+evp_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+evp_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+evp_err.o: ../../include/openssl/symhacks.h evp_err.c
+evp_fips.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+evp_fips.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+evp_fips.o: ../../include/openssl/evp.h ../../include/openssl/obj_mac.h
+evp_fips.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+evp_fips.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+evp_fips.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+evp_fips.o: ../../include/openssl/symhacks.h evp_fips.c
evp_key.o: ../../e_os.h ../../include/openssl/asn1.h
evp_key.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
evp_key.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
evp_key.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
evp_key.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-evp_key.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-evp_key.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-evp_key.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-evp_key.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-evp_key.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-evp_key.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-evp_key.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-evp_key.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-evp_key.o: ../cryptlib.h evp_key.c
+evp_key.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+evp_key.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+evp_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+evp_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+evp_key.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+evp_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+evp_key.o: ../../include/openssl/ui.h ../../include/openssl/x509.h
+evp_key.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_key.c
evp_lib.o: ../../e_os.h ../../include/openssl/asn1.h
evp_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
evp_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
evp_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-evp_lib.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-evp_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-evp_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-evp_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-evp_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-evp_lib.o: ../cryptlib.h evp_lib.c
+evp_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+evp_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+evp_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+evp_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+evp_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_lib.c
evp_pbe.o: ../../e_os.h ../../include/openssl/asn1.h
evp_pbe.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
evp_pbe.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
evp_pbe.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
evp_pbe.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-evp_pbe.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-evp_pbe.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-evp_pbe.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-evp_pbe.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+evp_pbe.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+evp_pbe.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+evp_pbe.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+evp_pbe.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h
evp_pbe.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
evp_pbe.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
evp_pbe.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-evp_pbe.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_pbe.c
+evp_pbe.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_locl.h evp_pbe.c
evp_pkey.o: ../../e_os.h ../../include/openssl/asn1.h
-evp_pkey.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-evp_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-evp_pkey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+evp_pkey.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+evp_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
evp_pkey.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
evp_pkey.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-evp_pkey.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-evp_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-evp_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+evp_pkey.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+evp_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+evp_pkey.o: ../../include/openssl/opensslconf.h
evp_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
evp_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-evp_pkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-evp_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-evp_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-evp_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_pkey.c
+evp_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+evp_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+evp_pkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+evp_pkey.o: ../asn1/asn1_locl.h ../cryptlib.h evp_pkey.c
m_dss.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
m_dss.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
m_dss.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-m_dss.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-m_dss.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-m_dss.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
+m_dss.o: ../../include/openssl/err.h ../../include/openssl/evp.h
m_dss.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
m_dss.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
m_dss.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-m_dss.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-m_dss.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-m_dss.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-m_dss.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_dss.c
+m_dss.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+m_dss.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+m_dss.o: ../cryptlib.h m_dss.c
m_dss1.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
m_dss1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
m_dss1.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-m_dss1.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-m_dss1.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-m_dss1.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
+m_dss1.o: ../../include/openssl/err.h ../../include/openssl/evp.h
m_dss1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
m_dss1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
m_dss1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-m_dss1.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-m_dss1.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-m_dss1.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-m_dss1.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_dss1.c
+m_dss1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+m_dss1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+m_dss1.o: ../cryptlib.h m_dss1.c
m_ecdsa.o: ../../e_os.h ../../include/openssl/asn1.h
m_ecdsa.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
m_ecdsa.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
m_ecdsa.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
m_ecdsa.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-m_ecdsa.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-m_ecdsa.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-m_ecdsa.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-m_ecdsa.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-m_ecdsa.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-m_ecdsa.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-m_ecdsa.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-m_ecdsa.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_ecdsa.c
-m_md2.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+m_ecdsa.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+m_ecdsa.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+m_ecdsa.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+m_ecdsa.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+m_ecdsa.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+m_ecdsa.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+m_ecdsa.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+m_ecdsa.o: ../cryptlib.h m_ecdsa.c
+m_md2.o: ../../e_os.h ../../include/openssl/bio.h
m_md2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-m_md2.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-m_md2.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-m_md2.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-m_md2.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-m_md2.o: ../../include/openssl/md2.h ../../include/openssl/obj_mac.h
-m_md2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+m_md2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+m_md2.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
m_md2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-m_md2.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
-m_md2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-m_md2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-m_md2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-m_md2.o: ../cryptlib.h evp_locl.h m_md2.c
+m_md2.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+m_md2.o: ../../include/openssl/symhacks.h ../cryptlib.h m_md2.c
m_md4.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
m_md4.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
m_md4.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
m_md4.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
m_md4.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-m_md4.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-m_md4.o: ../../include/openssl/md4.h ../../include/openssl/obj_mac.h
-m_md4.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-m_md4.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-m_md4.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
-m_md4.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-m_md4.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-m_md4.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-m_md4.o: ../cryptlib.h evp_locl.h m_md4.c
+m_md4.o: ../../include/openssl/lhash.h ../../include/openssl/md4.h
+m_md4.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+m_md4.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+m_md4.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+m_md4.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+m_md4.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+m_md4.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+m_md4.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_locl.h m_md4.c
m_md5.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
m_md5.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
m_md5.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
m_md5.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
m_md5.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-m_md5.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-m_md5.o: ../../include/openssl/md5.h ../../include/openssl/obj_mac.h
-m_md5.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-m_md5.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-m_md5.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
-m_md5.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-m_md5.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-m_md5.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-m_md5.o: ../cryptlib.h evp_locl.h m_md5.c
-m_mdc2.o: ../../e_os.h ../../include/openssl/bio.h
+m_md5.o: ../../include/openssl/lhash.h ../../include/openssl/md5.h
+m_md5.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+m_md5.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+m_md5.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+m_md5.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+m_md5.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+m_md5.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+m_md5.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_locl.h m_md5.c
+m_mdc2.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
m_mdc2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-m_mdc2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-m_mdc2.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-m_mdc2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-m_mdc2.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-m_mdc2.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_locl.h m_mdc2.c
+m_mdc2.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+m_mdc2.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+m_mdc2.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+m_mdc2.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+m_mdc2.o: ../../include/openssl/lhash.h ../../include/openssl/mdc2.h
+m_mdc2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+m_mdc2.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+m_mdc2.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+m_mdc2.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+m_mdc2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+m_mdc2.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+m_mdc2.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+m_mdc2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_locl.h m_mdc2.c
m_null.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
m_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
m_null.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
m_null.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
m_null.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-m_null.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-m_null.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-m_null.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-m_null.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-m_null.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-m_null.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-m_null.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-m_null.o: ../cryptlib.h m_null.c
+m_null.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+m_null.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+m_null.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+m_null.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+m_null.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+m_null.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+m_null.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_null.c
m_ripemd.o: ../../e_os.h ../../include/openssl/asn1.h
m_ripemd.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
m_ripemd.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
m_ripemd.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
m_ripemd.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-m_ripemd.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-m_ripemd.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-m_ripemd.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+m_ripemd.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+m_ripemd.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+m_ripemd.o: ../../include/openssl/opensslconf.h
m_ripemd.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
m_ripemd.o: ../../include/openssl/pkcs7.h ../../include/openssl/ripemd.h
m_ripemd.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
m_ripemd.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
m_ripemd.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-m_ripemd.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_ripemd.c
+m_ripemd.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_locl.h
+m_ripemd.o: m_ripemd.c
m_sha.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
m_sha.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
m_sha.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
m_sha.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
m_sha.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-m_sha.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-m_sha.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-m_sha.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-m_sha.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-m_sha.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-m_sha.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-m_sha.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-m_sha.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_locl.h m_sha.c
+m_sha.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+m_sha.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+m_sha.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+m_sha.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+m_sha.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+m_sha.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+m_sha.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+m_sha.o: ../cryptlib.h evp_locl.h m_sha.c
m_sha1.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
m_sha1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-m_sha1.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-m_sha1.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-m_sha1.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-m_sha1.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
+m_sha1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+m_sha1.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
m_sha1.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
m_sha1.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-m_sha1.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-m_sha1.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-m_sha1.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-m_sha1.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-m_sha1.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_sha1.c
+m_sha1.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rsa.h
+m_sha1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+m_sha1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+m_sha1.o: ../cryptlib.h m_sha1.c
+m_sigver.o: ../../e_os.h ../../include/openssl/asn1.h
+m_sigver.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+m_sigver.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+m_sigver.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+m_sigver.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
+m_sigver.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+m_sigver.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+m_sigver.o: ../../include/openssl/opensslconf.h
+m_sigver.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+m_sigver.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+m_sigver.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+m_sigver.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+m_sigver.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_locl.h
+m_sigver.o: m_sigver.c
+m_wp.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+m_wp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+m_wp.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+m_wp.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+m_wp.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+m_wp.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+m_wp.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+m_wp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+m_wp.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+m_wp.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+m_wp.o: ../../include/openssl/symhacks.h ../../include/openssl/whrlpool.h
+m_wp.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+m_wp.o: ../cryptlib.h evp_locl.h m_wp.c
names.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
names.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
names.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
names.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
names.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-names.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-names.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-names.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-names.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-names.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-names.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-names.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-names.o: ../cryptlib.h names.c
+names.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+names.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+names.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+names.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+names.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+names.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+names.o: ../../include/openssl/x509_vfy.h ../cryptlib.h names.c
p5_crpt.o: ../../e_os.h ../../include/openssl/asn1.h
p5_crpt.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
p5_crpt.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
p5_crpt.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
p5_crpt.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-p5_crpt.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-p5_crpt.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-p5_crpt.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p5_crpt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-p5_crpt.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-p5_crpt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p5_crpt.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p5_crpt.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p5_crpt.c
+p5_crpt.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+p5_crpt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p5_crpt.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+p5_crpt.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+p5_crpt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p5_crpt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p5_crpt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p5_crpt.o: ../cryptlib.h p5_crpt.c
p5_crpt2.o: ../../e_os.h ../../include/openssl/asn1.h
p5_crpt2.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
p5_crpt2.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
p5_crpt2.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
p5_crpt2.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-p5_crpt2.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-p5_crpt2.o: ../../include/openssl/hmac.h ../../include/openssl/lhash.h
-p5_crpt2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p5_crpt2.o: ../../include/openssl/opensslconf.h
+p5_crpt2.o: ../../include/openssl/evp.h ../../include/openssl/hmac.h
+p5_crpt2.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p5_crpt2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
p5_crpt2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
p5_crpt2.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
p5_crpt2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
p5_crpt2.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p5_crpt2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p5_crpt2.c
+p5_crpt2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_locl.h
+p5_crpt2.o: p5_crpt2.c
p_dec.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
p_dec.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
p_dec.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
p_dec.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
p_dec.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p_dec.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-p_dec.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p_dec.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-p_dec.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-p_dec.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
-p_dec.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p_dec.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p_dec.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p_dec.o: ../cryptlib.h p_dec.c
+p_dec.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p_dec.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p_dec.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p_dec.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+p_dec.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+p_dec.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+p_dec.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+p_dec.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_dec.c
p_enc.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
p_enc.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
p_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
p_enc.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
p_enc.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p_enc.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-p_enc.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-p_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-p_enc.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
-p_enc.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p_enc.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p_enc.o: ../cryptlib.h p_enc.c
+p_enc.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p_enc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p_enc.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+p_enc.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+p_enc.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+p_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+p_enc.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_enc.c
p_lib.o: ../../e_os.h ../../include/openssl/asn1.h
p_lib.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
p_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
@@ -662,8 +679,8 @@
p_lib.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
p_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
p_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-p_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-p_lib.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
+p_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+p_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
p_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
p_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
p_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
@@ -671,57 +688,91 @@
p_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
p_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
p_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p_lib.o: ../cryptlib.h p_lib.c
+p_lib.o: ../asn1/asn1_locl.h ../cryptlib.h p_lib.c
p_open.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
p_open.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
p_open.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
p_open.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
p_open.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p_open.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-p_open.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p_open.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-p_open.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-p_open.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p_open.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p_open.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p_open.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_open.c
+p_open.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p_open.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p_open.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p_open.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+p_open.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p_open.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p_open.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p_open.o: ../cryptlib.h p_open.c
p_seal.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
p_seal.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
p_seal.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
p_seal.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
p_seal.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p_seal.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-p_seal.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p_seal.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-p_seal.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-p_seal.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
-p_seal.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p_seal.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p_seal.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p_seal.o: ../cryptlib.h p_seal.c
+p_seal.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p_seal.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p_seal.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p_seal.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+p_seal.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+p_seal.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+p_seal.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+p_seal.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_seal.c
p_sign.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
p_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
p_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
p_sign.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
p_sign.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p_sign.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-p_sign.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p_sign.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-p_sign.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-p_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p_sign.o: ../cryptlib.h p_sign.c
+p_sign.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p_sign.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+p_sign.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+p_sign.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+p_sign.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_sign.c
p_verify.o: ../../e_os.h ../../include/openssl/asn1.h
p_verify.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
p_verify.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
p_verify.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
p_verify.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-p_verify.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-p_verify.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-p_verify.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p_verify.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+p_verify.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p_verify.o: ../../include/openssl/opensslconf.h
p_verify.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
p_verify.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
p_verify.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
p_verify.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
p_verify.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_verify.c
+pmeth_fn.o: ../../e_os.h ../../include/openssl/asn1.h
+pmeth_fn.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pmeth_fn.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+pmeth_fn.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pmeth_fn.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pmeth_fn.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+pmeth_fn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pmeth_fn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+pmeth_fn.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_locl.h
+pmeth_fn.o: pmeth_fn.c
+pmeth_gn.o: ../../e_os.h ../../include/openssl/asn1.h
+pmeth_gn.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+pmeth_gn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+pmeth_gn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pmeth_gn.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+pmeth_gn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pmeth_gn.o: ../../include/openssl/opensslconf.h
+pmeth_gn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pmeth_gn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+pmeth_gn.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_locl.h
+pmeth_gn.o: pmeth_gn.c
+pmeth_lib.o: ../../e_os.h ../../include/openssl/asn1.h
+pmeth_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pmeth_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+pmeth_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+pmeth_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+pmeth_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pmeth_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pmeth_lib.o: ../../include/openssl/objects.h
+pmeth_lib.o: ../../include/openssl/opensslconf.h
+pmeth_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pmeth_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+pmeth_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pmeth_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+pmeth_lib.o: ../../include/openssl/x509_vfy.h ../asn1/asn1_locl.h ../cryptlib.h
+pmeth_lib.o: evp_locl.h pmeth_lib.c
Modified: trunk/crypto/openssl/crypto/evp/bio_enc.c
===================================================================
--- trunk/crypto/openssl/crypto/evp/bio_enc.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/evp/bio_enc.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -360,8 +360,10 @@
case BIO_CTRL_DUP:
dbio = (BIO *)ptr;
dctx = (BIO_ENC_CTX *)dbio->ptr;
- memcpy(&(dctx->cipher), &(ctx->cipher), sizeof(ctx->cipher));
- dbio->init = 1;
+ EVP_CIPHER_CTX_init(&dctx->cipher);
+ ret = EVP_CIPHER_CTX_copy(&dctx->cipher, &ctx->cipher);
+ if (ret)
+ dbio->init = 1;
break;
default:
ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
Modified: trunk/crypto/openssl/crypto/evp/bio_md.c
===================================================================
--- trunk/crypto/openssl/crypto/evp/bio_md.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/evp/bio_md.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -134,7 +134,9 @@
ret = BIO_read(b->next_bio, out, outl);
if (b->init) {
if (ret > 0) {
- EVP_DigestUpdate(ctx, (unsigned char *)out, (unsigned int)ret);
+ if (EVP_DigestUpdate(ctx, (unsigned char *)out,
+ (unsigned int)ret) <= 0)
+ return (-1);
}
}
BIO_clear_retry_flags(b);
@@ -155,12 +157,17 @@
ret = BIO_write(b->next_bio, in, inl);
if (b->init) {
if (ret > 0) {
- EVP_DigestUpdate(ctx, (const unsigned char *)in,
- (unsigned int)ret);
+ if (!EVP_DigestUpdate(ctx, (const unsigned char *)in,
+ (unsigned int)ret)) {
+ BIO_clear_retry_flags(b);
+ return 0;
+ }
}
}
- BIO_clear_retry_flags(b);
- BIO_copy_next_retry(b);
+ if (b->next_bio != NULL) {
+ BIO_clear_retry_flags(b);
+ BIO_copy_next_retry(b);
+ }
return (ret);
}
@@ -193,6 +200,7 @@
case BIO_C_GET_MD_CTX:
pctx = ptr;
*pctx = ctx;
+ b->init = 1;
break;
case BIO_C_SET_MD_CTX:
if (b->init)
@@ -215,7 +223,8 @@
case BIO_CTRL_DUP:
dbio = ptr;
dctx = dbio->ptr;
- EVP_MD_CTX_copy_ex(dctx, ctx);
+ if (!EVP_MD_CTX_copy_ex(dctx, ctx))
+ return 0;
b->init = 1;
break;
default:
@@ -247,7 +256,9 @@
ctx = bp->ptr;
if (size < ctx->digest->md_size)
return (0);
- EVP_DigestFinal_ex(ctx, (unsigned char *)buf, &ret);
+ if (EVP_DigestFinal_ex(ctx, (unsigned char *)buf, &ret) <= 0)
+ return -1;
+
return ((int)ret);
}
Modified: trunk/crypto/openssl/crypto/evp/bio_ok.c
===================================================================
--- trunk/crypto/openssl/crypto/evp/bio_ok.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/evp/bio_ok.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -133,10 +133,10 @@
static int ok_free(BIO *data);
static long ok_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
-static void sig_out(BIO *b);
-static void sig_in(BIO *b);
-static void block_out(BIO *b);
-static void block_in(BIO *b);
+static int sig_out(BIO *b);
+static int sig_in(BIO *b);
+static int block_out(BIO *b);
+static int block_in(BIO *b);
#define OK_BLOCK_SIZE (1024*4)
#define OK_BLOCK_BLOCK 4
#define IOBS (OK_BLOCK_SIZE+ OK_BLOCK_BLOCK+ 3*EVP_MAX_MD_SIZE)
@@ -267,12 +267,20 @@
ctx->buf_len += i;
/* no signature yet -- check if we got one */
- if (ctx->sigio == 1)
- sig_in(b);
+ if (ctx->sigio == 1) {
+ if (!sig_in(b)) {
+ BIO_clear_retry_flags(b);
+ return 0;
+ }
+ }
/* signature ok -- check if we got block */
- if (ctx->sigio == 0)
- block_in(b);
+ if (ctx->sigio == 0) {
+ if (!block_in(b)) {
+ BIO_clear_retry_flags(b);
+ return 0;
+ }
+ }
/* invalid block -- cancel */
if (ctx->cont <= 0)
@@ -299,8 +307,8 @@
if ((ctx == NULL) || (b->next_bio == NULL) || (b->init == 0))
return (0);
- if (ctx->sigio)
- sig_out(b);
+ if (ctx->sigio && !sig_out(b))
+ return 0;
do {
BIO_clear_retry_flags(b);
@@ -337,7 +345,10 @@
in += n;
if (ctx->buf_len >= OK_BLOCK_SIZE + OK_BLOCK_BLOCK) {
- block_out(b);
+ if (!block_out(b)) {
+ BIO_clear_retry_flags(b);
+ return 0;
+ }
}
} while (inl > 0);
@@ -383,7 +394,8 @@
case BIO_CTRL_FLUSH:
/* do a final write */
if (ctx->blockout == 0)
- block_out(b);
+ if (!block_out(b))
+ return 0;
while (ctx->blockout) {
i = ok_write(b, NULL, 0);
@@ -410,7 +422,8 @@
break;
case BIO_C_SET_MD:
md = ptr;
- EVP_DigestInit_ex(&ctx->md, md, NULL);
+ if (!EVP_DigestInit_ex(&ctx->md, md, NULL))
+ return 0;
b->init = 1;
break;
case BIO_C_GET_MD:
@@ -461,7 +474,7 @@
}
}
-static void sig_out(BIO *b)
+static int sig_out(BIO *b)
{
BIO_OK_CTX *ctx;
EVP_MD_CTX *md;
@@ -470,26 +483,34 @@
md = &ctx->md;
if (ctx->buf_len + 2 * md->digest->md_size > OK_BLOCK_SIZE)
- return;
+ return 1;
- EVP_DigestInit_ex(md, md->digest, NULL);
+ if (!EVP_DigestInit_ex(md, md->digest, NULL))
+ goto berr;
/*
* FIXME: there's absolutely no guarantee this makes any sense at all,
* particularly now EVP_MD_CTX has been restructured.
*/
- RAND_pseudo_bytes(md->md_data, md->digest->md_size);
+ if (RAND_pseudo_bytes(md->md_data, md->digest->md_size) < 0)
+ goto berr;
memcpy(&(ctx->buf[ctx->buf_len]), md->md_data, md->digest->md_size);
longswap(&(ctx->buf[ctx->buf_len]), md->digest->md_size);
ctx->buf_len += md->digest->md_size;
- EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN));
- EVP_DigestFinal_ex(md, &(ctx->buf[ctx->buf_len]), NULL);
+ if (!EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN)))
+ goto berr;
+ if (!EVP_DigestFinal_ex(md, &(ctx->buf[ctx->buf_len]), NULL))
+ goto berr;
ctx->buf_len += md->digest->md_size;
ctx->blockout = 1;
ctx->sigio = 0;
+ return 1;
+ berr:
+ BIO_clear_retry_flags(b);
+ return 0;
}
-static void sig_in(BIO *b)
+static int sig_in(BIO *b)
{
BIO_OK_CTX *ctx;
EVP_MD_CTX *md;
@@ -500,15 +521,18 @@
md = &ctx->md;
if ((int)(ctx->buf_len - ctx->buf_off) < 2 * md->digest->md_size)
- return;
+ return 1;
- EVP_DigestInit_ex(md, md->digest, NULL);
+ if (!EVP_DigestInit_ex(md, md->digest, NULL))
+ goto berr;
memcpy(md->md_data, &(ctx->buf[ctx->buf_off]), md->digest->md_size);
longswap(md->md_data, md->digest->md_size);
ctx->buf_off += md->digest->md_size;
- EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN));
- EVP_DigestFinal_ex(md, tmp, NULL);
+ if (!EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN)))
+ goto berr;
+ if (!EVP_DigestFinal_ex(md, tmp, NULL))
+ goto berr;
ret = memcmp(&(ctx->buf[ctx->buf_off]), tmp, md->digest->md_size) == 0;
ctx->buf_off += md->digest->md_size;
if (ret == 1) {
@@ -522,9 +546,13 @@
} else {
ctx->cont = 0;
}
+ return 1;
+ berr:
+ BIO_clear_retry_flags(b);
+ return 0;
}
-static void block_out(BIO *b)
+static int block_out(BIO *b)
{
BIO_OK_CTX *ctx;
EVP_MD_CTX *md;
@@ -538,13 +566,20 @@
ctx->buf[1] = (unsigned char)(tl >> 16);
ctx->buf[2] = (unsigned char)(tl >> 8);
ctx->buf[3] = (unsigned char)(tl);
- EVP_DigestUpdate(md, (unsigned char *)&(ctx->buf[OK_BLOCK_BLOCK]), tl);
- EVP_DigestFinal_ex(md, &(ctx->buf[ctx->buf_len]), NULL);
+ if (!EVP_DigestUpdate(md,
+ (unsigned char *)&(ctx->buf[OK_BLOCK_BLOCK]), tl))
+ goto berr;
+ if (!EVP_DigestFinal_ex(md, &(ctx->buf[ctx->buf_len]), NULL))
+ goto berr;
ctx->buf_len += md->digest->md_size;
ctx->blockout = 1;
+ return 1;
+ berr:
+ BIO_clear_retry_flags(b);
+ return 0;
}
-static void block_in(BIO *b)
+static int block_in(BIO *b)
{
BIO_OK_CTX *ctx;
EVP_MD_CTX *md;
@@ -564,10 +599,13 @@
tl |= ctx->buf[3];
if (ctx->buf_len < tl + OK_BLOCK_BLOCK + md->digest->md_size)
- return;
+ return 1;
- EVP_DigestUpdate(md, (unsigned char *)&(ctx->buf[OK_BLOCK_BLOCK]), tl);
- EVP_DigestFinal_ex(md, tmp, NULL);
+ if (!EVP_DigestUpdate(md,
+ (unsigned char *)&(ctx->buf[OK_BLOCK_BLOCK]), tl))
+ goto berr;
+ if (!EVP_DigestFinal_ex(md, tmp, NULL))
+ goto berr;
if (memcmp(&(ctx->buf[tl + OK_BLOCK_BLOCK]), tmp, md->digest->md_size) ==
0) {
/* there might be parts from next block lurking around ! */
@@ -579,4 +617,8 @@
} else {
ctx->cont = 0;
}
+ return 1;
+ berr:
+ BIO_clear_retry_flags(b);
+ return 0;
}
Modified: trunk/crypto/openssl/crypto/evp/c_all.c
===================================================================
--- trunk/crypto/openssl/crypto/evp/c_all.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/evp/c_all.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -83,7 +83,7 @@
OpenSSL_add_all_ciphers();
OpenSSL_add_all_digests();
#ifndef OPENSSL_NO_ENGINE
-# if defined(__OpenBSD__) || defined(__FreeBSD__)
+# if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV)
ENGINE_setup_bsd_cryptodev();
# endif
#endif
Modified: trunk/crypto/openssl/crypto/evp/c_allc.c
===================================================================
--- trunk/crypto/openssl/crypto/evp/c_allc.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/evp/c_allc.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -98,6 +98,9 @@
#ifndef OPENSSL_NO_RC4
EVP_add_cipher(EVP_rc4());
EVP_add_cipher(EVP_rc4_40());
+# ifndef OPENSSL_NO_MD5
+ EVP_add_cipher(EVP_rc4_hmac_md5());
+# endif
#endif
#ifndef OPENSSL_NO_IDEA
@@ -166,9 +169,9 @@
EVP_add_cipher(EVP_aes_128_cfb1());
EVP_add_cipher(EVP_aes_128_cfb8());
EVP_add_cipher(EVP_aes_128_ofb());
-# if 0
EVP_add_cipher(EVP_aes_128_ctr());
-# endif
+ EVP_add_cipher(EVP_aes_128_gcm());
+ EVP_add_cipher(EVP_aes_128_xts());
EVP_add_cipher_alias(SN_aes_128_cbc, "AES128");
EVP_add_cipher_alias(SN_aes_128_cbc, "aes128");
EVP_add_cipher(EVP_aes_192_ecb());
@@ -177,9 +180,8 @@
EVP_add_cipher(EVP_aes_192_cfb1());
EVP_add_cipher(EVP_aes_192_cfb8());
EVP_add_cipher(EVP_aes_192_ofb());
-# if 0
EVP_add_cipher(EVP_aes_192_ctr());
-# endif
+ EVP_add_cipher(EVP_aes_192_gcm());
EVP_add_cipher_alias(SN_aes_192_cbc, "AES192");
EVP_add_cipher_alias(SN_aes_192_cbc, "aes192");
EVP_add_cipher(EVP_aes_256_ecb());
@@ -188,11 +190,15 @@
EVP_add_cipher(EVP_aes_256_cfb1());
EVP_add_cipher(EVP_aes_256_cfb8());
EVP_add_cipher(EVP_aes_256_ofb());
-# if 0
EVP_add_cipher(EVP_aes_256_ctr());
-# endif
+ EVP_add_cipher(EVP_aes_256_gcm());
+ EVP_add_cipher(EVP_aes_256_xts());
EVP_add_cipher_alias(SN_aes_256_cbc, "AES256");
EVP_add_cipher_alias(SN_aes_256_cbc, "aes256");
+# if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
+ EVP_add_cipher(EVP_aes_128_cbc_hmac_sha1());
+ EVP_add_cipher(EVP_aes_256_cbc_hmac_sha1());
+# endif
#endif
#ifndef OPENSSL_NO_CAMELLIA
@@ -221,7 +227,4 @@
EVP_add_cipher_alias(SN_camellia_256_cbc, "CAMELLIA256");
EVP_add_cipher_alias(SN_camellia_256_cbc, "camellia256");
#endif
-
- PKCS12_PBE_add();
- PKCS5_PBE_add();
}
Modified: trunk/crypto/openssl/crypto/evp/c_alld.c
===================================================================
--- trunk/crypto/openssl/crypto/evp/c_alld.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/evp/c_alld.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -78,7 +78,7 @@
EVP_add_digest(EVP_dss());
# endif
#endif
-#ifndef OPENSSL_NO_SHA
+#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
EVP_add_digest(EVP_sha1());
EVP_add_digest_alias(SN_sha1, "ssl3-sha1");
EVP_add_digest_alias(SN_sha1WithRSAEncryption, SN_sha1WithRSA);
@@ -108,4 +108,7 @@
EVP_add_digest(EVP_sha384());
EVP_add_digest(EVP_sha512());
#endif
+#ifndef OPENSSL_NO_WHIRLPOOL
+ EVP_add_digest(EVP_whirlpool());
+#endif
}
Modified: trunk/crypto/openssl/crypto/evp/digest.c
===================================================================
--- trunk/crypto/openssl/crypto/evp/digest.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/evp/digest.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -116,8 +116,11 @@
#ifndef OPENSSL_NO_ENGINE
# include <openssl/engine.h>
#endif
-#include "evp_locl.h"
+#ifdef OPENSSL_FIPS
+# include <openssl/fips.h>
+#endif
+
void EVP_MD_CTX_init(EVP_MD_CTX *ctx)
{
memset(ctx, '\0', sizeof *ctx);
@@ -139,93 +142,22 @@
return EVP_DigestInit_ex(ctx, type, NULL);
}
-#ifdef OPENSSL_FIPS
-
-/*
- * The purpose of these is to trap programs that attempt to use non FIPS
- * algorithms in FIPS mode and ignore the errors.
- */
-
-static int bad_init(EVP_MD_CTX *ctx)
+int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
{
- FIPS_ERROR_IGNORED("Digest init");
- return 0;
-}
-
-static int bad_update(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
- FIPS_ERROR_IGNORED("Digest update");
- return 0;
-}
-
-static int bad_final(EVP_MD_CTX *ctx, unsigned char *md)
-{
- FIPS_ERROR_IGNORED("Digest Final");
- return 0;
-}
-
-static const EVP_MD bad_md = {
- 0,
- 0,
- 0,
- 0,
- bad_init,
- bad_update,
- bad_final,
- NULL,
- NULL,
- NULL,
- 0,
- {0, 0, 0, 0},
-};
-
-#endif
-
+ EVP_MD_CTX_clear_flags(ctx, EVP_MD_CTX_FLAG_CLEANED);
#ifndef OPENSSL_NO_ENGINE
-
-# ifdef OPENSSL_FIPS
-
-static int do_engine_null(ENGINE *impl)
-{
- return 0;
-}
-
-static int do_evp_md_engine_null(EVP_MD_CTX *ctx,
- const EVP_MD **ptype, ENGINE *impl)
-{
- return 1;
-}
-
-static int (*do_engine_init) (ENGINE *impl)
- = do_engine_null;
-
-static int (*do_engine_finish) (ENGINE *impl)
- = do_engine_null;
-
-static int (*do_evp_md_engine)
- (EVP_MD_CTX *ctx, const EVP_MD **ptype, ENGINE *impl)
- = do_evp_md_engine_null;
-
-void int_EVP_MD_set_engine_callbacks(int (*eng_md_init) (ENGINE *impl),
- int (*eng_md_fin) (ENGINE *impl),
- int (*eng_md_evp)
- (EVP_MD_CTX *ctx, const EVP_MD **ptype,
- ENGINE *impl))
-{
- do_engine_init = eng_md_init;
- do_engine_finish = eng_md_fin;
- do_evp_md_engine = eng_md_evp;
-}
-
-# else
-
-# define do_engine_init ENGINE_init
-# define do_engine_finish ENGINE_finish
-
-static int do_evp_md_engine(EVP_MD_CTX *ctx, const EVP_MD **ptype,
- ENGINE *impl)
-{
- if (*ptype) {
+ /*
+ * Whether it's nice or not, "Inits" can be used on "Final"'d contexts so
+ * this context may already have an ENGINE! Try to avoid releasing the
+ * previous handle, re-querying for an ENGINE, and having a
+ * reinitialisation, when it may all be unecessary.
+ */
+ if (ctx->engine && ctx->digest && (!type ||
+ (type
+ && (type->type ==
+ ctx->digest->type))))
+ goto skip_to_init;
+ if (type) {
/*
* Ensure an ENGINE left lying around from last time is cleared (the
* previous check attempted to avoid this if the same ENGINE and
@@ -235,23 +167,23 @@
ENGINE_finish(ctx->engine);
if (impl) {
if (!ENGINE_init(impl)) {
- EVPerr(EVP_F_DO_EVP_MD_ENGINE, EVP_R_INITIALIZATION_ERROR);
+ EVPerr(EVP_F_EVP_DIGESTINIT_EX, EVP_R_INITIALIZATION_ERROR);
return 0;
}
} else
/* Ask if an ENGINE is reserved for this job */
- impl = ENGINE_get_digest_engine((*ptype)->type);
+ impl = ENGINE_get_digest_engine(type->type);
if (impl) {
/* There's an ENGINE for this job ... (apparently) */
- const EVP_MD *d = ENGINE_get_digest(impl, (*ptype)->type);
+ const EVP_MD *d = ENGINE_get_digest(impl, type->type);
if (!d) {
/* Same comment from evp_enc.c */
- EVPerr(EVP_F_DO_EVP_MD_ENGINE, EVP_R_INITIALIZATION_ERROR);
+ EVPerr(EVP_F_EVP_DIGESTINIT_EX, EVP_R_INITIALIZATION_ERROR);
ENGINE_finish(impl);
return 0;
}
/* We'll use the ENGINE's private digest definition */
- *ptype = d;
+ type = d;
/*
* Store the ENGINE functional reference so we know 'type' came
* from an ENGINE and we need to release it when done.
@@ -259,59 +191,22 @@
ctx->engine = impl;
} else
ctx->engine = NULL;
- } else if (!ctx->digest) {
- EVPerr(EVP_F_DO_EVP_MD_ENGINE, EVP_R_NO_DIGEST_SET);
- return 0;
+ } else {
+ if (!ctx->digest) {
+ EVPerr(EVP_F_EVP_DIGESTINIT_EX, EVP_R_NO_DIGEST_SET);
+ return 0;
+ }
+ type = ctx->digest;
}
- return 1;
-}
-
-# endif
-
#endif
-
-int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
-{
- M_EVP_MD_CTX_clear_flags(ctx, EVP_MD_CTX_FLAG_CLEANED);
-#ifdef OPENSSL_FIPS
- if (FIPS_selftest_failed()) {
- FIPSerr(FIPS_F_EVP_DIGESTINIT_EX, FIPS_R_FIPS_SELFTEST_FAILED);
- ctx->digest = &bad_md;
- return 0;
- }
-#endif
-#ifndef OPENSSL_NO_ENGINE
- /*
- * Whether it's nice or not, "Inits" can be used on "Final"'d contexts so
- * this context may already have an ENGINE! Try to avoid releasing the
- * previous handle, re-querying for an ENGINE, and having a
- * reinitialisation, when it may all be unecessary.
- */
- if (ctx->engine && ctx->digest && (!type ||
- (type
- && (type->type ==
- ctx->digest->type))))
- goto skip_to_init;
- if (!do_evp_md_engine(ctx, &type, impl))
- return 0;
-#endif
if (ctx->digest != type) {
-#ifdef OPENSSL_FIPS
- if (FIPS_mode()) {
- if (!(type->flags & EVP_MD_FLAG_FIPS)
- && !(ctx->flags & EVP_MD_CTX_FLAG_NON_FIPS_ALLOW)) {
- EVPerr(EVP_F_EVP_DIGESTINIT_EX, EVP_R_DISABLED_FOR_FIPS);
- ctx->digest = &bad_md;
- return 0;
- }
- }
-#endif
if (ctx->digest && ctx->digest->ctx_size)
OPENSSL_free(ctx->md_data);
ctx->digest = type;
- if (type->ctx_size) {
+ if (!(ctx->flags & EVP_MD_CTX_FLAG_NO_INIT) && type->ctx_size) {
+ ctx->update = type->update;
ctx->md_data = OPENSSL_malloc(type->ctx_size);
- if (!ctx->md_data) {
+ if (ctx->md_data == NULL) {
EVPerr(EVP_F_EVP_DIGESTINIT_EX, ERR_R_MALLOC_FAILURE);
return 0;
}
@@ -320,6 +215,24 @@
#ifndef OPENSSL_NO_ENGINE
skip_to_init:
#endif
+ if (ctx->pctx) {
+ int r;
+ r = EVP_PKEY_CTX_ctrl(ctx->pctx, -1, EVP_PKEY_OP_TYPE_SIG,
+ EVP_PKEY_CTRL_DIGESTINIT, 0, ctx);
+ if (r <= 0 && (r != -2))
+ return 0;
+ }
+ if (ctx->flags & EVP_MD_CTX_FLAG_NO_INIT)
+ return 1;
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode()) {
+ if (FIPS_digestinit(ctx, type))
+ return 1;
+ OPENSSL_free(ctx->md_data);
+ ctx->md_data = NULL;
+ return 0;
+ }
+#endif
return ctx->digest->init(ctx);
}
@@ -326,9 +239,10 @@
int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t count)
{
#ifdef OPENSSL_FIPS
- FIPS_selftest_check();
+ return FIPS_digestupdate(ctx, data, count);
+#else
+ return ctx->update(ctx, data, count);
#endif
- return ctx->digest->update(ctx, data, count);
}
/* The caller can assume that this removes any secret data from the context */
@@ -343,10 +257,10 @@
/* The caller can assume that this removes any secret data from the context */
int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
{
+#ifdef OPENSSL_FIPS
+ return FIPS_digestfinal(ctx, md, size);
+#else
int ret;
-#ifdef OPENSSL_FIPS
- FIPS_selftest_check();
-#endif
OPENSSL_assert(ctx->digest->md_size <= EVP_MAX_MD_SIZE);
ret = ctx->digest->final(ctx, md);
@@ -354,10 +268,11 @@
*size = ctx->digest->md_size;
if (ctx->digest->cleanup) {
ctx->digest->cleanup(ctx);
- M_EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_CLEANED);
+ EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_CLEANED);
}
memset(ctx->md_data, 0, ctx->digest->ctx_size);
return ret;
+#endif
}
int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in)
@@ -375,7 +290,7 @@
}
#ifndef OPENSSL_NO_ENGINE
/* Make sure it's safe to copy a digest context using an ENGINE */
- if (in->engine && !do_engine_init(in->engine)) {
+ if (in->engine && !ENGINE_init(in->engine)) {
EVPerr(EVP_F_EVP_MD_CTX_COPY_EX, ERR_R_ENGINE_LIB);
return 0;
}
@@ -383,13 +298,13 @@
if (out->digest == in->digest) {
tmp_buf = out->md_data;
- M_EVP_MD_CTX_set_flags(out, EVP_MD_CTX_FLAG_REUSE);
+ EVP_MD_CTX_set_flags(out, EVP_MD_CTX_FLAG_REUSE);
} else
tmp_buf = NULL;
EVP_MD_CTX_cleanup(out);
memcpy(out, in, sizeof *out);
- if (out->digest->ctx_size) {
+ if (in->md_data && out->digest->ctx_size) {
if (tmp_buf)
out->md_data = tmp_buf;
else {
@@ -402,6 +317,16 @@
memcpy(out->md_data, in->md_data, out->digest->ctx_size);
}
+ out->update = in->update;
+
+ if (in->pctx) {
+ out->pctx = EVP_PKEY_CTX_dup(in->pctx);
+ if (!out->pctx) {
+ EVP_MD_CTX_cleanup(out);
+ return 0;
+ }
+ }
+
if (out->digest->copy)
return out->digest->copy(out, in);
@@ -416,7 +341,7 @@
int ret;
EVP_MD_CTX_init(&ctx);
- M_EVP_MD_CTX_set_flags(&ctx, EVP_MD_CTX_FLAG_ONESHOT);
+ EVP_MD_CTX_set_flags(&ctx, EVP_MD_CTX_FLAG_ONESHOT);
ret = EVP_DigestInit_ex(&ctx, type, impl)
&& EVP_DigestUpdate(&ctx, data, count)
&& EVP_DigestFinal_ex(&ctx, md, size);
@@ -427,25 +352,31 @@
void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx)
{
- EVP_MD_CTX_cleanup(ctx);
- OPENSSL_free(ctx);
+ if (ctx) {
+ EVP_MD_CTX_cleanup(ctx);
+ OPENSSL_free(ctx);
+ }
}
/* This call frees resources associated with the context */
int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
{
+#ifndef OPENSSL_FIPS
/*
* Don't assume ctx->md_data was cleaned in EVP_Digest_Final, because
* sometimes only copies of the context are ever finalised.
*/
if (ctx->digest && ctx->digest->cleanup
- && !M_EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_CLEANED))
+ && !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_CLEANED))
ctx->digest->cleanup(ctx);
if (ctx->digest && ctx->digest->ctx_size && ctx->md_data
- && !M_EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE)) {
+ && !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE)) {
OPENSSL_cleanse(ctx->md_data, ctx->digest->ctx_size);
OPENSSL_free(ctx->md_data);
}
+#endif
+ if (ctx->pctx)
+ EVP_PKEY_CTX_free(ctx->pctx);
#ifndef OPENSSL_NO_ENGINE
if (ctx->engine)
/*
@@ -452,8 +383,11 @@
* The EVP_MD we used belongs to an ENGINE, release the functional
* reference we held for this reason.
*/
- do_engine_finish(ctx->engine);
+ ENGINE_finish(ctx->engine);
#endif
+#ifdef OPENSSL_FIPS
+ FIPS_md_ctx_cleanup(ctx);
+#endif
memset(ctx, '\0', sizeof *ctx);
return 1;
Modified: trunk/crypto/openssl/crypto/evp/e_aes.c
===================================================================
--- trunk/crypto/openssl/crypto/evp/e_aes.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/evp/e_aes.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,5 +1,5 @@
/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 2001-2011 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -50,6 +50,7 @@
#include <openssl/opensslconf.h>
#ifndef OPENSSL_NO_AES
+#include <openssl/crypto.h>
# include <openssl/evp.h>
# include <openssl/err.h>
# include <string.h>
@@ -56,47 +57,474 @@
# include <assert.h>
# include <openssl/aes.h>
# include "evp_locl.h"
+# ifndef OPENSSL_FIPS
+# include "modes_lcl.h"
+# include <openssl/rand.h>
-static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
- const unsigned char *iv, int enc);
-
typedef struct {
AES_KEY ks;
+ block128_f block;
+ union {
+ cbc128_f cbc;
+ ctr128_f ctr;
+ } stream;
} EVP_AES_KEY;
-# define data(ctx) EVP_C_DATA(EVP_AES_KEY,ctx)
+typedef struct {
+ AES_KEY ks; /* AES key schedule to use */
+ int key_set; /* Set if key initialised */
+ int iv_set; /* Set if an iv is set */
+ GCM128_CONTEXT gcm;
+ unsigned char *iv; /* Temporary IV store */
+ int ivlen; /* IV length */
+ int taglen;
+ int iv_gen; /* It is OK to generate IVs */
+ int tls_aad_len; /* TLS AAD length */
+ ctr128_f ctr;
+} EVP_AES_GCM_CTX;
-IMPLEMENT_BLOCK_CIPHER(aes_128, ks, AES, EVP_AES_KEY,
- NID_aes_128, 16, 16, 16, 128,
- EVP_CIPH_FLAG_FIPS | EVP_CIPH_FLAG_DEFAULT_ASN1,
- aes_init_key, NULL, NULL, NULL, NULL)
- IMPLEMENT_BLOCK_CIPHER(aes_192, ks, AES, EVP_AES_KEY,
- NID_aes_192, 16, 24, 16, 128,
- EVP_CIPH_FLAG_FIPS | EVP_CIPH_FLAG_DEFAULT_ASN1,
- aes_init_key, NULL, NULL, NULL, NULL)
- IMPLEMENT_BLOCK_CIPHER(aes_256, ks, AES, EVP_AES_KEY,
- NID_aes_256, 16, 32, 16, 128,
- EVP_CIPH_FLAG_FIPS | EVP_CIPH_FLAG_DEFAULT_ASN1,
- aes_init_key, NULL, NULL, NULL, NULL)
-# define IMPLEMENT_AES_CFBR(ksize,cbits,flags) IMPLEMENT_CFBR(aes,AES,EVP_AES_KEY,ks,ksize,cbits,16,flags)
- IMPLEMENT_AES_CFBR(128, 1, EVP_CIPH_FLAG_FIPS)
- IMPLEMENT_AES_CFBR(192, 1, EVP_CIPH_FLAG_FIPS)
- IMPLEMENT_AES_CFBR(256, 1, EVP_CIPH_FLAG_FIPS)
+typedef struct {
+ AES_KEY ks1, ks2; /* AES key schedules to use */
+ XTS128_CONTEXT xts;
+ void (*stream) (const unsigned char *in,
+ unsigned char *out, size_t length,
+ const AES_KEY *key1, const AES_KEY *key2,
+ const unsigned char iv[16]);
+} EVP_AES_XTS_CTX;
- IMPLEMENT_AES_CFBR(128, 8, EVP_CIPH_FLAG_FIPS)
- IMPLEMENT_AES_CFBR(192, 8, EVP_CIPH_FLAG_FIPS)
- IMPLEMENT_AES_CFBR(256, 8, EVP_CIPH_FLAG_FIPS)
+typedef struct {
+ AES_KEY ks; /* AES key schedule to use */
+ int key_set; /* Set if key initialised */
+ int iv_set; /* Set if an iv is set */
+ int tag_set; /* Set if tag is valid */
+ int len_set; /* Set if message length set */
+ int L, M; /* L and M parameters from RFC3610 */
+ CCM128_CONTEXT ccm;
+ ccm128_f str;
+} EVP_AES_CCM_CTX;
+# define MAXBITCHUNK ((size_t)1<<(sizeof(size_t)*8-4))
+
+# ifdef VPAES_ASM
+int vpaes_set_encrypt_key(const unsigned char *userKey, int bits,
+ AES_KEY *key);
+int vpaes_set_decrypt_key(const unsigned char *userKey, int bits,
+ AES_KEY *key);
+
+void vpaes_encrypt(const unsigned char *in, unsigned char *out,
+ const AES_KEY *key);
+void vpaes_decrypt(const unsigned char *in, unsigned char *out,
+ const AES_KEY *key);
+
+void vpaes_cbc_encrypt(const unsigned char *in,
+ unsigned char *out,
+ size_t length,
+ const AES_KEY *key, unsigned char *ivec, int enc);
+# endif
+# ifdef BSAES_ASM
+void bsaes_cbc_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const AES_KEY *key,
+ unsigned char ivec[16], int enc);
+void bsaes_ctr32_encrypt_blocks(const unsigned char *in, unsigned char *out,
+ size_t len, const AES_KEY *key,
+ const unsigned char ivec[16]);
+void bsaes_xts_encrypt(const unsigned char *inp, unsigned char *out,
+ size_t len, const AES_KEY *key1,
+ const AES_KEY *key2, const unsigned char iv[16]);
+void bsaes_xts_decrypt(const unsigned char *inp, unsigned char *out,
+ size_t len, const AES_KEY *key1,
+ const AES_KEY *key2, const unsigned char iv[16]);
+# endif
+# ifdef AES_CTR_ASM
+void AES_ctr32_encrypt(const unsigned char *in, unsigned char *out,
+ size_t blocks, const AES_KEY *key,
+ const unsigned char ivec[AES_BLOCK_SIZE]);
+# endif
+# ifdef AES_XTS_ASM
+void AES_xts_encrypt(const char *inp, char *out, size_t len,
+ const AES_KEY *key1, const AES_KEY *key2,
+ const unsigned char iv[16]);
+void AES_xts_decrypt(const char *inp, char *out, size_t len,
+ const AES_KEY *key1, const AES_KEY *key2,
+ const unsigned char iv[16]);
+# endif
+
+# if defined(AES_ASM) && !defined(I386_ONLY) && ( \
+ ((defined(__i386) || defined(__i386__) || \
+ defined(_M_IX86)) && defined(OPENSSL_IA32_SSE2))|| \
+ defined(__x86_64) || defined(__x86_64__) || \
+ defined(_M_AMD64) || defined(_M_X64) || \
+ defined(__INTEL__) )
+
+extern unsigned int OPENSSL_ia32cap_P[2];
+
+# ifdef VPAES_ASM
+# define VPAES_CAPABLE (OPENSSL_ia32cap_P[1]&(1<<(41-32)))
+# endif
+# ifdef BSAES_ASM
+# define BSAES_CAPABLE (OPENSSL_ia32cap_P[1]&(1<<(41-32)))
+# endif
+/*
+ * AES-NI section
+ */
+# define AESNI_CAPABLE (OPENSSL_ia32cap_P[1]&(1<<(57-32)))
+
+int aesni_set_encrypt_key(const unsigned char *userKey, int bits,
+ AES_KEY *key);
+int aesni_set_decrypt_key(const unsigned char *userKey, int bits,
+ AES_KEY *key);
+
+void aesni_encrypt(const unsigned char *in, unsigned char *out,
+ const AES_KEY *key);
+void aesni_decrypt(const unsigned char *in, unsigned char *out,
+ const AES_KEY *key);
+
+void aesni_ecb_encrypt(const unsigned char *in,
+ unsigned char *out,
+ size_t length, const AES_KEY *key, int enc);
+void aesni_cbc_encrypt(const unsigned char *in,
+ unsigned char *out,
+ size_t length,
+ const AES_KEY *key, unsigned char *ivec, int enc);
+
+void aesni_ctr32_encrypt_blocks(const unsigned char *in,
+ unsigned char *out,
+ size_t blocks,
+ const void *key, const unsigned char *ivec);
+
+void aesni_xts_encrypt(const unsigned char *in,
+ unsigned char *out,
+ size_t length,
+ const AES_KEY *key1, const AES_KEY *key2,
+ const unsigned char iv[16]);
+
+void aesni_xts_decrypt(const unsigned char *in,
+ unsigned char *out,
+ size_t length,
+ const AES_KEY *key1, const AES_KEY *key2,
+ const unsigned char iv[16]);
+
+void aesni_ccm64_encrypt_blocks(const unsigned char *in,
+ unsigned char *out,
+ size_t blocks,
+ const void *key,
+ const unsigned char ivec[16],
+ unsigned char cmac[16]);
+
+void aesni_ccm64_decrypt_blocks(const unsigned char *in,
+ unsigned char *out,
+ size_t blocks,
+ const void *key,
+ const unsigned char ivec[16],
+ unsigned char cmac[16]);
+
+static int aesni_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+ const unsigned char *iv, int enc)
+{
+ int ret, mode;
+ EVP_AES_KEY *dat = (EVP_AES_KEY *) ctx->cipher_data;
+
+ mode = ctx->cipher->flags & EVP_CIPH_MODE;
+ if ((mode == EVP_CIPH_ECB_MODE || mode == EVP_CIPH_CBC_MODE)
+ && !enc) {
+ ret = aesni_set_decrypt_key(key, ctx->key_len * 8, ctx->cipher_data);
+ dat->block = (block128_f) aesni_decrypt;
+ dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
+ (cbc128_f) aesni_cbc_encrypt : NULL;
+ } else {
+ ret = aesni_set_encrypt_key(key, ctx->key_len * 8, ctx->cipher_data);
+ dat->block = (block128_f) aesni_encrypt;
+ if (mode == EVP_CIPH_CBC_MODE)
+ dat->stream.cbc = (cbc128_f) aesni_cbc_encrypt;
+ else if (mode == EVP_CIPH_CTR_MODE)
+ dat->stream.ctr = (ctr128_f) aesni_ctr32_encrypt_blocks;
+ else
+ dat->stream.cbc = NULL;
+ }
+
+ if (ret < 0) {
+ EVPerr(EVP_F_AESNI_INIT_KEY, EVP_R_AES_KEY_SETUP_FAILED);
+ return 0;
+ }
+
+ return 1;
+}
+
+static int aesni_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t len)
+{
+ aesni_cbc_encrypt(in, out, len, ctx->cipher_data, ctx->iv, ctx->encrypt);
+
+ return 1;
+}
+
+static int aesni_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t len)
+{
+ size_t bl = ctx->cipher->block_size;
+
+ if (len < bl)
+ return 1;
+
+ aesni_ecb_encrypt(in, out, len, ctx->cipher_data, ctx->encrypt);
+
+ return 1;
+}
+
+# define aesni_ofb_cipher aes_ofb_cipher
+static int aesni_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t len);
+
+# define aesni_cfb_cipher aes_cfb_cipher
+static int aesni_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t len);
+
+# define aesni_cfb8_cipher aes_cfb8_cipher
+static int aesni_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t len);
+
+# define aesni_cfb1_cipher aes_cfb1_cipher
+static int aesni_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t len);
+
+# define aesni_ctr_cipher aes_ctr_cipher
+static int aesni_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t len);
+
+static int aesni_gcm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+ const unsigned char *iv, int enc)
+{
+ EVP_AES_GCM_CTX *gctx = ctx->cipher_data;
+ if (!iv && !key)
+ return 1;
+ if (key) {
+ aesni_set_encrypt_key(key, ctx->key_len * 8, &gctx->ks);
+ CRYPTO_gcm128_init(&gctx->gcm, &gctx->ks, (block128_f) aesni_encrypt);
+ gctx->ctr = (ctr128_f) aesni_ctr32_encrypt_blocks;
+ /*
+ * If we have an iv can set it directly, otherwise use saved IV.
+ */
+ if (iv == NULL && gctx->iv_set)
+ iv = gctx->iv;
+ if (iv) {
+ CRYPTO_gcm128_setiv(&gctx->gcm, iv, gctx->ivlen);
+ gctx->iv_set = 1;
+ }
+ gctx->key_set = 1;
+ } else {
+ /* If key set use IV, otherwise copy */
+ if (gctx->key_set)
+ CRYPTO_gcm128_setiv(&gctx->gcm, iv, gctx->ivlen);
+ else
+ memcpy(gctx->iv, iv, gctx->ivlen);
+ gctx->iv_set = 1;
+ gctx->iv_gen = 0;
+ }
+ return 1;
+}
+
+# define aesni_gcm_cipher aes_gcm_cipher
+static int aesni_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t len);
+
+static int aesni_xts_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+ const unsigned char *iv, int enc)
+{
+ EVP_AES_XTS_CTX *xctx = ctx->cipher_data;
+ if (!iv && !key)
+ return 1;
+
+ if (key) {
+ /* key_len is two AES keys */
+ if (enc) {
+ aesni_set_encrypt_key(key, ctx->key_len * 4, &xctx->ks1);
+ xctx->xts.block1 = (block128_f) aesni_encrypt;
+ xctx->stream = aesni_xts_encrypt;
+ } else {
+ aesni_set_decrypt_key(key, ctx->key_len * 4, &xctx->ks1);
+ xctx->xts.block1 = (block128_f) aesni_decrypt;
+ xctx->stream = aesni_xts_decrypt;
+ }
+
+ aesni_set_encrypt_key(key + ctx->key_len / 2,
+ ctx->key_len * 4, &xctx->ks2);
+ xctx->xts.block2 = (block128_f) aesni_encrypt;
+
+ xctx->xts.key1 = &xctx->ks1;
+ }
+
+ if (iv) {
+ xctx->xts.key2 = &xctx->ks2;
+ memcpy(ctx->iv, iv, 16);
+ }
+
+ return 1;
+}
+
+# define aesni_xts_cipher aes_xts_cipher
+static int aesni_xts_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t len);
+
+static int aesni_ccm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+ const unsigned char *iv, int enc)
+{
+ EVP_AES_CCM_CTX *cctx = ctx->cipher_data;
+ if (!iv && !key)
+ return 1;
+ if (key) {
+ aesni_set_encrypt_key(key, ctx->key_len * 8, &cctx->ks);
+ CRYPTO_ccm128_init(&cctx->ccm, cctx->M, cctx->L,
+ &cctx->ks, (block128_f) aesni_encrypt);
+ cctx->str = enc ? (ccm128_f) aesni_ccm64_encrypt_blocks :
+ (ccm128_f) aesni_ccm64_decrypt_blocks;
+ cctx->key_set = 1;
+ }
+ if (iv) {
+ memcpy(ctx->iv, iv, 15 - cctx->L);
+ cctx->iv_set = 1;
+ }
+ return 1;
+}
+
+# define aesni_ccm_cipher aes_ccm_cipher
+static int aesni_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t len);
+
+# define BLOCK_CIPHER_generic(nid,keylen,blocksize,ivlen,nmode,mode,MODE,flags) \
+static const EVP_CIPHER aesni_##keylen##_##mode = { \
+ nid##_##keylen##_##nmode,blocksize,keylen/8,ivlen, \
+ flags|EVP_CIPH_##MODE##_MODE, \
+ aesni_init_key, \
+ aesni_##mode##_cipher, \
+ NULL, \
+ sizeof(EVP_AES_KEY), \
+ NULL,NULL,NULL,NULL }; \
+static const EVP_CIPHER aes_##keylen##_##mode = { \
+ nid##_##keylen##_##nmode,blocksize, \
+ keylen/8,ivlen, \
+ flags|EVP_CIPH_##MODE##_MODE, \
+ aes_init_key, \
+ aes_##mode##_cipher, \
+ NULL, \
+ sizeof(EVP_AES_KEY), \
+ NULL,NULL,NULL,NULL }; \
+const EVP_CIPHER *EVP_aes_##keylen##_##mode(void) \
+{ return AESNI_CAPABLE?&aesni_##keylen##_##mode:&aes_##keylen##_##mode; }
+
+# define BLOCK_CIPHER_custom(nid,keylen,blocksize,ivlen,mode,MODE,flags) \
+static const EVP_CIPHER aesni_##keylen##_##mode = { \
+ nid##_##keylen##_##mode,blocksize, \
+ (EVP_CIPH_##MODE##_MODE==EVP_CIPH_XTS_MODE?2:1)*keylen/8, ivlen, \
+ flags|EVP_CIPH_##MODE##_MODE, \
+ aesni_##mode##_init_key, \
+ aesni_##mode##_cipher, \
+ aes_##mode##_cleanup, \
+ sizeof(EVP_AES_##MODE##_CTX), \
+ NULL,NULL,aes_##mode##_ctrl,NULL }; \
+static const EVP_CIPHER aes_##keylen##_##mode = { \
+ nid##_##keylen##_##mode,blocksize, \
+ (EVP_CIPH_##MODE##_MODE==EVP_CIPH_XTS_MODE?2:1)*keylen/8, ivlen, \
+ flags|EVP_CIPH_##MODE##_MODE, \
+ aes_##mode##_init_key, \
+ aes_##mode##_cipher, \
+ aes_##mode##_cleanup, \
+ sizeof(EVP_AES_##MODE##_CTX), \
+ NULL,NULL,aes_##mode##_ctrl,NULL }; \
+const EVP_CIPHER *EVP_aes_##keylen##_##mode(void) \
+{ return AESNI_CAPABLE?&aesni_##keylen##_##mode:&aes_##keylen##_##mode; }
+
+# else
+
+# define BLOCK_CIPHER_generic(nid,keylen,blocksize,ivlen,nmode,mode,MODE,flags) \
+static const EVP_CIPHER aes_##keylen##_##mode = { \
+ nid##_##keylen##_##nmode,blocksize,keylen/8,ivlen, \
+ flags|EVP_CIPH_##MODE##_MODE, \
+ aes_init_key, \
+ aes_##mode##_cipher, \
+ NULL, \
+ sizeof(EVP_AES_KEY), \
+ NULL,NULL,NULL,NULL }; \
+const EVP_CIPHER *EVP_aes_##keylen##_##mode(void) \
+{ return &aes_##keylen##_##mode; }
+
+# define BLOCK_CIPHER_custom(nid,keylen,blocksize,ivlen,mode,MODE,flags) \
+static const EVP_CIPHER aes_##keylen##_##mode = { \
+ nid##_##keylen##_##mode,blocksize, \
+ (EVP_CIPH_##MODE##_MODE==EVP_CIPH_XTS_MODE?2:1)*keylen/8, ivlen, \
+ flags|EVP_CIPH_##MODE##_MODE, \
+ aes_##mode##_init_key, \
+ aes_##mode##_cipher, \
+ aes_##mode##_cleanup, \
+ sizeof(EVP_AES_##MODE##_CTX), \
+ NULL,NULL,aes_##mode##_ctrl,NULL }; \
+const EVP_CIPHER *EVP_aes_##keylen##_##mode(void) \
+{ return &aes_##keylen##_##mode; }
+# endif
+
+# define BLOCK_CIPHER_generic_pack(nid,keylen,flags) \
+ BLOCK_CIPHER_generic(nid,keylen,16,16,cbc,cbc,CBC,flags|EVP_CIPH_FLAG_DEFAULT_ASN1) \
+ BLOCK_CIPHER_generic(nid,keylen,16,0,ecb,ecb,ECB,flags|EVP_CIPH_FLAG_DEFAULT_ASN1) \
+ BLOCK_CIPHER_generic(nid,keylen,1,16,ofb128,ofb,OFB,flags|EVP_CIPH_FLAG_DEFAULT_ASN1) \
+ BLOCK_CIPHER_generic(nid,keylen,1,16,cfb128,cfb,CFB,flags|EVP_CIPH_FLAG_DEFAULT_ASN1) \
+ BLOCK_CIPHER_generic(nid,keylen,1,16,cfb1,cfb1,CFB,flags) \
+ BLOCK_CIPHER_generic(nid,keylen,1,16,cfb8,cfb8,CFB,flags) \
+ BLOCK_CIPHER_generic(nid,keylen,1,16,ctr,ctr,CTR,flags)
+
static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc)
{
- int ret;
+ int ret, mode;
+ EVP_AES_KEY *dat = (EVP_AES_KEY *) ctx->cipher_data;
- if ((ctx->cipher->flags & EVP_CIPH_MODE) == EVP_CIPH_CFB_MODE
- || (ctx->cipher->flags & EVP_CIPH_MODE) == EVP_CIPH_OFB_MODE || enc)
- ret = AES_set_encrypt_key(key, ctx->key_len * 8, ctx->cipher_data);
- else
- ret = AES_set_decrypt_key(key, ctx->key_len * 8, ctx->cipher_data);
+ mode = ctx->cipher->flags & EVP_CIPH_MODE;
+ if ((mode == EVP_CIPH_ECB_MODE || mode == EVP_CIPH_CBC_MODE)
+ && !enc)
+# ifdef BSAES_CAPABLE
+ if (BSAES_CAPABLE && mode == EVP_CIPH_CBC_MODE) {
+ ret = AES_set_decrypt_key(key, ctx->key_len * 8, &dat->ks);
+ dat->block = (block128_f) AES_decrypt;
+ dat->stream.cbc = (cbc128_f) bsaes_cbc_encrypt;
+ } else
+# endif
+# ifdef VPAES_CAPABLE
+ if (VPAES_CAPABLE) {
+ ret = vpaes_set_decrypt_key(key, ctx->key_len * 8, &dat->ks);
+ dat->block = (block128_f) vpaes_decrypt;
+ dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
+ (cbc128_f) vpaes_cbc_encrypt : NULL;
+ } else
+# endif
+ {
+ ret = AES_set_decrypt_key(key, ctx->key_len * 8, &dat->ks);
+ dat->block = (block128_f) AES_decrypt;
+ dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
+ (cbc128_f) AES_cbc_encrypt : NULL;
+ } else
+# ifdef BSAES_CAPABLE
+ if (BSAES_CAPABLE && mode == EVP_CIPH_CTR_MODE) {
+ ret = AES_set_encrypt_key(key, ctx->key_len * 8, &dat->ks);
+ dat->block = (block128_f) AES_encrypt;
+ dat->stream.ctr = (ctr128_f) bsaes_ctr32_encrypt_blocks;
+ } else
+# endif
+# ifdef VPAES_CAPABLE
+ if (VPAES_CAPABLE) {
+ ret = vpaes_set_encrypt_key(key, ctx->key_len * 8, &dat->ks);
+ dat->block = (block128_f) vpaes_encrypt;
+ dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
+ (cbc128_f) vpaes_cbc_encrypt : NULL;
+ } else
+# endif
+ {
+ ret = AES_set_encrypt_key(key, ctx->key_len * 8, &dat->ks);
+ dat->block = (block128_f) AES_encrypt;
+ dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
+ (cbc128_f) AES_cbc_encrypt : NULL;
+# ifdef AES_CTR_ASM
+ if (mode == EVP_CIPH_CTR_MODE)
+ dat->stream.ctr = (ctr128_f) AES_ctr32_encrypt;
+# endif
+ }
if (ret < 0) {
EVPerr(EVP_F_AES_INIT_KEY, EVP_R_AES_KEY_SETUP_FAILED);
@@ -106,4 +534,753 @@
return 1;
}
+static int aes_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t len)
+{
+ EVP_AES_KEY *dat = (EVP_AES_KEY *) ctx->cipher_data;
+
+ if (dat->stream.cbc)
+ (*dat->stream.cbc) (in, out, len, &dat->ks, ctx->iv, ctx->encrypt);
+ else if (ctx->encrypt)
+ CRYPTO_cbc128_encrypt(in, out, len, &dat->ks, ctx->iv, dat->block);
+ else
+ CRYPTO_cbc128_encrypt(in, out, len, &dat->ks, ctx->iv, dat->block);
+
+ return 1;
+}
+
+static int aes_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t len)
+{
+ size_t bl = ctx->cipher->block_size;
+ size_t i;
+ EVP_AES_KEY *dat = (EVP_AES_KEY *) ctx->cipher_data;
+
+ if (len < bl)
+ return 1;
+
+ for (i = 0, len -= bl; i <= len; i += bl)
+ (*dat->block) (in + i, out + i, &dat->ks);
+
+ return 1;
+}
+
+static int aes_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t len)
+{
+ EVP_AES_KEY *dat = (EVP_AES_KEY *) ctx->cipher_data;
+
+ CRYPTO_ofb128_encrypt(in, out, len, &dat->ks,
+ ctx->iv, &ctx->num, dat->block);
+ return 1;
+}
+
+static int aes_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t len)
+{
+ EVP_AES_KEY *dat = (EVP_AES_KEY *) ctx->cipher_data;
+
+ CRYPTO_cfb128_encrypt(in, out, len, &dat->ks,
+ ctx->iv, &ctx->num, ctx->encrypt, dat->block);
+ return 1;
+}
+
+static int aes_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t len)
+{
+ EVP_AES_KEY *dat = (EVP_AES_KEY *) ctx->cipher_data;
+
+ CRYPTO_cfb128_8_encrypt(in, out, len, &dat->ks,
+ ctx->iv, &ctx->num, ctx->encrypt, dat->block);
+ return 1;
+}
+
+static int aes_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t len)
+{
+ EVP_AES_KEY *dat = (EVP_AES_KEY *) ctx->cipher_data;
+
+ if (ctx->flags & EVP_CIPH_FLAG_LENGTH_BITS) {
+ CRYPTO_cfb128_1_encrypt(in, out, len, &dat->ks,
+ ctx->iv, &ctx->num, ctx->encrypt, dat->block);
+ return 1;
+ }
+
+ while (len >= MAXBITCHUNK) {
+ CRYPTO_cfb128_1_encrypt(in, out, MAXBITCHUNK * 8, &dat->ks,
+ ctx->iv, &ctx->num, ctx->encrypt, dat->block);
+ len -= MAXBITCHUNK;
+ }
+ if (len)
+ CRYPTO_cfb128_1_encrypt(in, out, len * 8, &dat->ks,
+ ctx->iv, &ctx->num, ctx->encrypt, dat->block);
+
+ return 1;
+}
+
+static int aes_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t len)
+{
+ unsigned int num = ctx->num;
+ EVP_AES_KEY *dat = (EVP_AES_KEY *) ctx->cipher_data;
+
+ if (dat->stream.ctr)
+ CRYPTO_ctr128_encrypt_ctr32(in, out, len, &dat->ks,
+ ctx->iv, ctx->buf, &num, dat->stream.ctr);
+ else
+ CRYPTO_ctr128_encrypt(in, out, len, &dat->ks,
+ ctx->iv, ctx->buf, &num, dat->block);
+ ctx->num = (size_t)num;
+ return 1;
+}
+
+BLOCK_CIPHER_generic_pack(NID_aes, 128, EVP_CIPH_FLAG_FIPS)
+ BLOCK_CIPHER_generic_pack(NID_aes, 192, EVP_CIPH_FLAG_FIPS)
+ BLOCK_CIPHER_generic_pack(NID_aes, 256, EVP_CIPH_FLAG_FIPS)
+
+static int aes_gcm_cleanup(EVP_CIPHER_CTX *c)
+{
+ EVP_AES_GCM_CTX *gctx = c->cipher_data;
+ OPENSSL_cleanse(&gctx->gcm, sizeof(gctx->gcm));
+ if (gctx->iv != c->iv)
+ OPENSSL_free(gctx->iv);
+ return 1;
+}
+
+/* increment counter (64-bit int) by 1 */
+static void ctr64_inc(unsigned char *counter)
+{
+ int n = 8;
+ unsigned char c;
+
+ do {
+ --n;
+ c = counter[n];
+ ++c;
+ counter[n] = c;
+ if (c)
+ return;
+ } while (n);
+}
+
+static int aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
+{
+ EVP_AES_GCM_CTX *gctx = c->cipher_data;
+ switch (type) {
+ case EVP_CTRL_INIT:
+ gctx->key_set = 0;
+ gctx->iv_set = 0;
+ gctx->ivlen = c->cipher->iv_len;
+ gctx->iv = c->iv;
+ gctx->taglen = -1;
+ gctx->iv_gen = 0;
+ gctx->tls_aad_len = -1;
+ return 1;
+
+ case EVP_CTRL_GCM_SET_IVLEN:
+ if (arg <= 0)
+ return 0;
+# ifdef OPENSSL_FIPS
+ if (FIPS_module_mode() && !(c->flags & EVP_CIPH_FLAG_NON_FIPS_ALLOW)
+ && arg < 12)
+ return 0;
+# endif
+ /* Allocate memory for IV if needed */
+ if ((arg > EVP_MAX_IV_LENGTH) && (arg > gctx->ivlen)) {
+ if (gctx->iv != c->iv)
+ OPENSSL_free(gctx->iv);
+ gctx->iv = OPENSSL_malloc(arg);
+ if (!gctx->iv)
+ return 0;
+ }
+ gctx->ivlen = arg;
+ return 1;
+
+ case EVP_CTRL_GCM_SET_TAG:
+ if (arg <= 0 || arg > 16 || c->encrypt)
+ return 0;
+ memcpy(c->buf, ptr, arg);
+ gctx->taglen = arg;
+ return 1;
+
+ case EVP_CTRL_GCM_GET_TAG:
+ if (arg <= 0 || arg > 16 || !c->encrypt || gctx->taglen < 0)
+ return 0;
+ memcpy(ptr, c->buf, arg);
+ return 1;
+
+ case EVP_CTRL_GCM_SET_IV_FIXED:
+ /* Special case: -1 length restores whole IV */
+ if (arg == -1) {
+ memcpy(gctx->iv, ptr, gctx->ivlen);
+ gctx->iv_gen = 1;
+ return 1;
+ }
+ /*
+ * Fixed field must be at least 4 bytes and invocation field at least
+ * 8.
+ */
+ if ((arg < 4) || (gctx->ivlen - arg) < 8)
+ return 0;
+ if (arg)
+ memcpy(gctx->iv, ptr, arg);
+ if (c->encrypt && RAND_bytes(gctx->iv + arg, gctx->ivlen - arg) <= 0)
+ return 0;
+ gctx->iv_gen = 1;
+ return 1;
+
+ case EVP_CTRL_GCM_IV_GEN:
+ if (gctx->iv_gen == 0 || gctx->key_set == 0)
+ return 0;
+ CRYPTO_gcm128_setiv(&gctx->gcm, gctx->iv, gctx->ivlen);
+ if (arg <= 0 || arg > gctx->ivlen)
+ arg = gctx->ivlen;
+ memcpy(ptr, gctx->iv + gctx->ivlen - arg, arg);
+ /*
+ * Invocation field will be at least 8 bytes in size and so no need
+ * to check wrap around or increment more than last 8 bytes.
+ */
+ ctr64_inc(gctx->iv + gctx->ivlen - 8);
+ gctx->iv_set = 1;
+ return 1;
+
+ case EVP_CTRL_GCM_SET_IV_INV:
+ if (gctx->iv_gen == 0 || gctx->key_set == 0 || c->encrypt)
+ return 0;
+ memcpy(gctx->iv + gctx->ivlen - arg, ptr, arg);
+ CRYPTO_gcm128_setiv(&gctx->gcm, gctx->iv, gctx->ivlen);
+ gctx->iv_set = 1;
+ return 1;
+
+ case EVP_CTRL_AEAD_TLS1_AAD:
+ /* Save the AAD for later use */
+ if (arg != EVP_AEAD_TLS1_AAD_LEN)
+ return 0;
+ memcpy(c->buf, ptr, arg);
+ gctx->tls_aad_len = arg;
+ {
+ unsigned int len = c->buf[arg - 2] << 8 | c->buf[arg - 1];
+ /* Correct length for explicit IV */
+ len -= EVP_GCM_TLS_EXPLICIT_IV_LEN;
+ /* If decrypting correct for tag too */
+ if (!c->encrypt)
+ len -= EVP_GCM_TLS_TAG_LEN;
+ c->buf[arg - 2] = len >> 8;
+ c->buf[arg - 1] = len & 0xff;
+ }
+ /* Extra padding: tag appended to record */
+ return EVP_GCM_TLS_TAG_LEN;
+
+ case EVP_CTRL_COPY:
+ {
+ EVP_CIPHER_CTX *out = ptr;
+ EVP_AES_GCM_CTX *gctx_out = out->cipher_data;
+ if (gctx->gcm.key) {
+ if (gctx->gcm.key != &gctx->ks)
+ return 0;
+ gctx_out->gcm.key = &gctx_out->ks;
+ }
+ if (gctx->iv == c->iv)
+ gctx_out->iv = out->iv;
+ else {
+ gctx_out->iv = OPENSSL_malloc(gctx->ivlen);
+ if (!gctx_out->iv)
+ return 0;
+ memcpy(gctx_out->iv, gctx->iv, gctx->ivlen);
+ }
+ return 1;
+ }
+
+ default:
+ return -1;
+
+ }
+}
+
+static int aes_gcm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+ const unsigned char *iv, int enc)
+{
+ EVP_AES_GCM_CTX *gctx = ctx->cipher_data;
+ if (!iv && !key)
+ return 1;
+ if (key) {
+ do {
+# ifdef BSAES_CAPABLE
+ if (BSAES_CAPABLE) {
+ AES_set_encrypt_key(key, ctx->key_len * 8, &gctx->ks);
+ CRYPTO_gcm128_init(&gctx->gcm, &gctx->ks,
+ (block128_f) AES_encrypt);
+ gctx->ctr = (ctr128_f) bsaes_ctr32_encrypt_blocks;
+ break;
+ } else
+# endif
+# ifdef VPAES_CAPABLE
+ if (VPAES_CAPABLE) {
+ vpaes_set_encrypt_key(key, ctx->key_len * 8, &gctx->ks);
+ CRYPTO_gcm128_init(&gctx->gcm, &gctx->ks,
+ (block128_f) vpaes_encrypt);
+ gctx->ctr = NULL;
+ break;
+ } else
+# endif
+ (void)0; /* terminate potentially open 'else' */
+
+ AES_set_encrypt_key(key, ctx->key_len * 8, &gctx->ks);
+ CRYPTO_gcm128_init(&gctx->gcm, &gctx->ks,
+ (block128_f) AES_encrypt);
+# ifdef AES_CTR_ASM
+ gctx->ctr = (ctr128_f) AES_ctr32_encrypt;
+# else
+ gctx->ctr = NULL;
+# endif
+ } while (0);
+
+ /*
+ * If we have an iv can set it directly, otherwise use saved IV.
+ */
+ if (iv == NULL && gctx->iv_set)
+ iv = gctx->iv;
+ if (iv) {
+ CRYPTO_gcm128_setiv(&gctx->gcm, iv, gctx->ivlen);
+ gctx->iv_set = 1;
+ }
+ gctx->key_set = 1;
+ } else {
+ /* If key set use IV, otherwise copy */
+ if (gctx->key_set)
+ CRYPTO_gcm128_setiv(&gctx->gcm, iv, gctx->ivlen);
+ else
+ memcpy(gctx->iv, iv, gctx->ivlen);
+ gctx->iv_set = 1;
+ gctx->iv_gen = 0;
+ }
+ return 1;
+}
+
+/*
+ * Handle TLS GCM packet format. This consists of the last portion of the IV
+ * followed by the payload and finally the tag. On encrypt generate IV,
+ * encrypt payload and write the tag. On verify retrieve IV, decrypt payload
+ * and verify tag.
+ */
+
+static int aes_gcm_tls_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t len)
+{
+ EVP_AES_GCM_CTX *gctx = ctx->cipher_data;
+ int rv = -1;
+ /* Encrypt/decrypt must be performed in place */
+ if (out != in
+ || len < (EVP_GCM_TLS_EXPLICIT_IV_LEN + EVP_GCM_TLS_TAG_LEN))
+ return -1;
+ /*
+ * Set IV from start of buffer or generate IV and write to start of
+ * buffer.
+ */
+ if (EVP_CIPHER_CTX_ctrl(ctx, ctx->encrypt ?
+ EVP_CTRL_GCM_IV_GEN : EVP_CTRL_GCM_SET_IV_INV,
+ EVP_GCM_TLS_EXPLICIT_IV_LEN, out) <= 0)
+ goto err;
+ /* Use saved AAD */
+ if (CRYPTO_gcm128_aad(&gctx->gcm, ctx->buf, gctx->tls_aad_len))
+ goto err;
+ /* Fix buffer and length to point to payload */
+ in += EVP_GCM_TLS_EXPLICIT_IV_LEN;
+ out += EVP_GCM_TLS_EXPLICIT_IV_LEN;
+ len -= EVP_GCM_TLS_EXPLICIT_IV_LEN + EVP_GCM_TLS_TAG_LEN;
+ if (ctx->encrypt) {
+ /* Encrypt payload */
+ if (gctx->ctr) {
+ if (CRYPTO_gcm128_encrypt_ctr32(&gctx->gcm,
+ in, out, len, gctx->ctr))
+ goto err;
+ } else {
+ if (CRYPTO_gcm128_encrypt(&gctx->gcm, in, out, len))
+ goto err;
+ }
+ out += len;
+ /* Finally write tag */
+ CRYPTO_gcm128_tag(&gctx->gcm, out, EVP_GCM_TLS_TAG_LEN);
+ rv = len + EVP_GCM_TLS_EXPLICIT_IV_LEN + EVP_GCM_TLS_TAG_LEN;
+ } else {
+ /* Decrypt */
+ if (gctx->ctr) {
+ if (CRYPTO_gcm128_decrypt_ctr32(&gctx->gcm,
+ in, out, len, gctx->ctr))
+ goto err;
+ } else {
+ if (CRYPTO_gcm128_decrypt(&gctx->gcm, in, out, len))
+ goto err;
+ }
+ /* Retrieve tag */
+ CRYPTO_gcm128_tag(&gctx->gcm, ctx->buf, EVP_GCM_TLS_TAG_LEN);
+ /* If tag mismatch wipe buffer */
+ if (CRYPTO_memcmp(ctx->buf, in + len, EVP_GCM_TLS_TAG_LEN)) {
+ OPENSSL_cleanse(out, len);
+ goto err;
+ }
+ rv = len;
+ }
+
+ err:
+ gctx->iv_set = 0;
+ gctx->tls_aad_len = -1;
+ return rv;
+}
+
+static int aes_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t len)
+{
+ EVP_AES_GCM_CTX *gctx = ctx->cipher_data;
+ /* If not set up, return error */
+ if (!gctx->key_set)
+ return -1;
+
+ if (gctx->tls_aad_len >= 0)
+ return aes_gcm_tls_cipher(ctx, out, in, len);
+
+ if (!gctx->iv_set)
+ return -1;
+ if (in) {
+ if (out == NULL) {
+ if (CRYPTO_gcm128_aad(&gctx->gcm, in, len))
+ return -1;
+ } else if (ctx->encrypt) {
+ if (gctx->ctr) {
+ if (CRYPTO_gcm128_encrypt_ctr32(&gctx->gcm,
+ in, out, len, gctx->ctr))
+ return -1;
+ } else {
+ if (CRYPTO_gcm128_encrypt(&gctx->gcm, in, out, len))
+ return -1;
+ }
+ } else {
+ if (gctx->ctr) {
+ if (CRYPTO_gcm128_decrypt_ctr32(&gctx->gcm,
+ in, out, len, gctx->ctr))
+ return -1;
+ } else {
+ if (CRYPTO_gcm128_decrypt(&gctx->gcm, in, out, len))
+ return -1;
+ }
+ }
+ return len;
+ } else {
+ if (!ctx->encrypt) {
+ if (gctx->taglen < 0)
+ return -1;
+ if (CRYPTO_gcm128_finish(&gctx->gcm, ctx->buf, gctx->taglen) != 0)
+ return -1;
+ gctx->iv_set = 0;
+ return 0;
+ }
+ CRYPTO_gcm128_tag(&gctx->gcm, ctx->buf, 16);
+ gctx->taglen = 16;
+ /* Don't reuse the IV */
+ gctx->iv_set = 0;
+ return 0;
+ }
+
+}
+
+# define CUSTOM_FLAGS (EVP_CIPH_FLAG_DEFAULT_ASN1 \
+ | EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_CUSTOM_CIPHER \
+ | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT \
+ | EVP_CIPH_CUSTOM_COPY)
+
+BLOCK_CIPHER_custom(NID_aes, 128, 1, 12, gcm, GCM,
+ EVP_CIPH_FLAG_FIPS | EVP_CIPH_FLAG_AEAD_CIPHER |
+ CUSTOM_FLAGS)
+ BLOCK_CIPHER_custom(NID_aes, 192, 1, 12, gcm, GCM,
+ EVP_CIPH_FLAG_FIPS | EVP_CIPH_FLAG_AEAD_CIPHER |
+ CUSTOM_FLAGS)
+ BLOCK_CIPHER_custom(NID_aes, 256, 1, 12, gcm, GCM,
+ EVP_CIPH_FLAG_FIPS | EVP_CIPH_FLAG_AEAD_CIPHER |
+ CUSTOM_FLAGS)
+
+static int aes_xts_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
+{
+ EVP_AES_XTS_CTX *xctx = c->cipher_data;
+ if (type == EVP_CTRL_COPY) {
+ EVP_CIPHER_CTX *out = ptr;
+ EVP_AES_XTS_CTX *xctx_out = out->cipher_data;
+ if (xctx->xts.key1) {
+ if (xctx->xts.key1 != &xctx->ks1)
+ return 0;
+ xctx_out->xts.key1 = &xctx_out->ks1;
+ }
+ if (xctx->xts.key2) {
+ if (xctx->xts.key2 != &xctx->ks2)
+ return 0;
+ xctx_out->xts.key2 = &xctx_out->ks2;
+ }
+ return 1;
+ } else if (type != EVP_CTRL_INIT)
+ return -1;
+ /* key1 and key2 are used as an indicator both key and IV are set */
+ xctx->xts.key1 = NULL;
+ xctx->xts.key2 = NULL;
+ return 1;
+}
+
+static int aes_xts_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+ const unsigned char *iv, int enc)
+{
+ EVP_AES_XTS_CTX *xctx = ctx->cipher_data;
+ if (!iv && !key)
+ return 1;
+
+ if (key)
+ do {
+# ifdef AES_XTS_ASM
+ xctx->stream = enc ? AES_xts_encrypt : AES_xts_decrypt;
+# else
+ xctx->stream = NULL;
+# endif
+ /* key_len is two AES keys */
+# ifdef BSAES_CAPABLE
+ if (BSAES_CAPABLE)
+ xctx->stream = enc ? bsaes_xts_encrypt : bsaes_xts_decrypt;
+ else
+# endif
+# ifdef VPAES_CAPABLE
+ if (VPAES_CAPABLE) {
+ if (enc) {
+ vpaes_set_encrypt_key(key, ctx->key_len * 4, &xctx->ks1);
+ xctx->xts.block1 = (block128_f) vpaes_encrypt;
+ } else {
+ vpaes_set_decrypt_key(key, ctx->key_len * 4, &xctx->ks1);
+ xctx->xts.block1 = (block128_f) vpaes_decrypt;
+ }
+
+ vpaes_set_encrypt_key(key + ctx->key_len / 2,
+ ctx->key_len * 4, &xctx->ks2);
+ xctx->xts.block2 = (block128_f) vpaes_encrypt;
+
+ xctx->xts.key1 = &xctx->ks1;
+ break;
+ } else
+# endif
+ (void)0; /* terminate potentially open 'else' */
+
+ if (enc) {
+ AES_set_encrypt_key(key, ctx->key_len * 4, &xctx->ks1);
+ xctx->xts.block1 = (block128_f) AES_encrypt;
+ } else {
+ AES_set_decrypt_key(key, ctx->key_len * 4, &xctx->ks1);
+ xctx->xts.block1 = (block128_f) AES_decrypt;
+ }
+
+ AES_set_encrypt_key(key + ctx->key_len / 2,
+ ctx->key_len * 4, &xctx->ks2);
+ xctx->xts.block2 = (block128_f) AES_encrypt;
+
+ xctx->xts.key1 = &xctx->ks1;
+ } while (0);
+
+ if (iv) {
+ xctx->xts.key2 = &xctx->ks2;
+ memcpy(ctx->iv, iv, 16);
+ }
+
+ return 1;
+}
+
+static int aes_xts_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t len)
+{
+ EVP_AES_XTS_CTX *xctx = ctx->cipher_data;
+ if (!xctx->xts.key1 || !xctx->xts.key2)
+ return 0;
+ if (!out || !in || len < AES_BLOCK_SIZE)
+ return 0;
+# ifdef OPENSSL_FIPS
+ /* Requirement of SP800-38E */
+ if (FIPS_module_mode() && !(ctx->flags & EVP_CIPH_FLAG_NON_FIPS_ALLOW) &&
+ (len > (1UL << 20) * 16)) {
+ EVPerr(EVP_F_AES_XTS_CIPHER, EVP_R_TOO_LARGE);
+ return 0;
+ }
+# endif
+ if (xctx->stream)
+ (*xctx->stream) (in, out, len,
+ xctx->xts.key1, xctx->xts.key2, ctx->iv);
+ else if (CRYPTO_xts128_encrypt(&xctx->xts, ctx->iv, in, out, len,
+ ctx->encrypt))
+ return 0;
+ return 1;
+}
+
+# define aes_xts_cleanup NULL
+
+# define XTS_FLAGS (EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_CUSTOM_IV \
+ | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT \
+ | EVP_CIPH_CUSTOM_COPY)
+
+BLOCK_CIPHER_custom(NID_aes, 128, 1, 16, xts, XTS,
+ EVP_CIPH_FLAG_FIPS | XTS_FLAGS)
+ BLOCK_CIPHER_custom(NID_aes, 256, 1, 16, xts, XTS,
+ EVP_CIPH_FLAG_FIPS | XTS_FLAGS)
+
+static int aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
+{
+ EVP_AES_CCM_CTX *cctx = c->cipher_data;
+ switch (type) {
+ case EVP_CTRL_INIT:
+ cctx->key_set = 0;
+ cctx->iv_set = 0;
+ cctx->L = 8;
+ cctx->M = 12;
+ cctx->tag_set = 0;
+ cctx->len_set = 0;
+ return 1;
+
+ case EVP_CTRL_CCM_SET_IVLEN:
+ arg = 15 - arg;
+ case EVP_CTRL_CCM_SET_L:
+ if (arg < 2 || arg > 8)
+ return 0;
+ cctx->L = arg;
+ return 1;
+
+ case EVP_CTRL_CCM_SET_TAG:
+ if ((arg & 1) || arg < 4 || arg > 16)
+ return 0;
+ if ((c->encrypt && ptr) || (!c->encrypt && !ptr))
+ return 0;
+ if (ptr) {
+ cctx->tag_set = 1;
+ memcpy(c->buf, ptr, arg);
+ }
+ cctx->M = arg;
+ return 1;
+
+ case EVP_CTRL_CCM_GET_TAG:
+ if (!c->encrypt || !cctx->tag_set)
+ return 0;
+ if (!CRYPTO_ccm128_tag(&cctx->ccm, ptr, (size_t)arg))
+ return 0;
+ cctx->tag_set = 0;
+ cctx->iv_set = 0;
+ cctx->len_set = 0;
+ return 1;
+
+ case EVP_CTRL_COPY:
+ {
+ EVP_CIPHER_CTX *out = ptr;
+ EVP_AES_CCM_CTX *cctx_out = out->cipher_data;
+ if (cctx->ccm.key) {
+ if (cctx->ccm.key != &cctx->ks)
+ return 0;
+ cctx_out->ccm.key = &cctx_out->ks;
+ }
+ return 1;
+ }
+
+ default:
+ return -1;
+
+ }
+}
+
+static int aes_ccm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+ const unsigned char *iv, int enc)
+{
+ EVP_AES_CCM_CTX *cctx = ctx->cipher_data;
+ if (!iv && !key)
+ return 1;
+ if (key)
+ do {
+# ifdef VPAES_CAPABLE
+ if (VPAES_CAPABLE) {
+ vpaes_set_encrypt_key(key, ctx->key_len * 8, &cctx->ks);
+ CRYPTO_ccm128_init(&cctx->ccm, cctx->M, cctx->L,
+ &cctx->ks, (block128_f) vpaes_encrypt);
+ cctx->str = NULL;
+ cctx->key_set = 1;
+ break;
+ }
+# endif
+ AES_set_encrypt_key(key, ctx->key_len * 8, &cctx->ks);
+ CRYPTO_ccm128_init(&cctx->ccm, cctx->M, cctx->L,
+ &cctx->ks, (block128_f) AES_encrypt);
+ cctx->str = NULL;
+ cctx->key_set = 1;
+ } while (0);
+ if (iv) {
+ memcpy(ctx->iv, iv, 15 - cctx->L);
+ cctx->iv_set = 1;
+ }
+ return 1;
+}
+
+static int aes_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t len)
+{
+ EVP_AES_CCM_CTX *cctx = ctx->cipher_data;
+ CCM128_CONTEXT *ccm = &cctx->ccm;
+ /* If not set up, return error */
+ if (!cctx->iv_set && !cctx->key_set)
+ return -1;
+ if (!ctx->encrypt && !cctx->tag_set)
+ return -1;
+ if (!out) {
+ if (!in) {
+ if (CRYPTO_ccm128_setiv(ccm, ctx->iv, 15 - cctx->L, len))
+ return -1;
+ cctx->len_set = 1;
+ return len;
+ }
+ /* If have AAD need message length */
+ if (!cctx->len_set && len)
+ return -1;
+ CRYPTO_ccm128_aad(ccm, in, len);
+ return len;
+ }
+ /* EVP_*Final() doesn't return any data */
+ if (!in)
+ return 0;
+ /* If not set length yet do it */
+ if (!cctx->len_set) {
+ if (CRYPTO_ccm128_setiv(ccm, ctx->iv, 15 - cctx->L, len))
+ return -1;
+ cctx->len_set = 1;
+ }
+ if (ctx->encrypt) {
+ if (cctx->str ? CRYPTO_ccm128_encrypt_ccm64(ccm, in, out, len,
+ cctx->str) :
+ CRYPTO_ccm128_encrypt(ccm, in, out, len))
+ return -1;
+ cctx->tag_set = 1;
+ return len;
+ } else {
+ int rv = -1;
+ if (cctx->str ? !CRYPTO_ccm128_decrypt_ccm64(ccm, in, out, len,
+ cctx->str) :
+ !CRYPTO_ccm128_decrypt(ccm, in, out, len)) {
+ unsigned char tag[16];
+ if (CRYPTO_ccm128_tag(ccm, tag, cctx->M)) {
+ if (!CRYPTO_memcmp(tag, ctx->buf, cctx->M))
+ rv = len;
+ }
+ }
+ if (rv == -1)
+ OPENSSL_cleanse(out, len);
+ cctx->iv_set = 0;
+ cctx->tag_set = 0;
+ cctx->len_set = 0;
+ return rv;
+ }
+
+}
+
+# define aes_ccm_cleanup NULL
+
+BLOCK_CIPHER_custom(NID_aes, 128, 1, 12, ccm, CCM,
+ EVP_CIPH_FLAG_FIPS | CUSTOM_FLAGS)
+ BLOCK_CIPHER_custom(NID_aes, 192, 1, 12, ccm, CCM,
+ EVP_CIPH_FLAG_FIPS | CUSTOM_FLAGS)
+ BLOCK_CIPHER_custom(NID_aes, 256, 1, 12, ccm, CCM,
+ EVP_CIPH_FLAG_FIPS | CUSTOM_FLAGS)
+# endif
#endif
Copied: trunk/crypto/openssl/crypto/evp/e_aes_cbc_hmac_sha1.c (from rev 7117, vendor-crypto/openssl/dist/crypto/evp/e_aes_cbc_hmac_sha1.c)
===================================================================
--- trunk/crypto/openssl/crypto/evp/e_aes_cbc_hmac_sha1.c (rev 0)
+++ trunk/crypto/openssl/crypto/evp/e_aes_cbc_hmac_sha1.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,599 @@
+/* ====================================================================
+ * Copyright (c) 2011-2013 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#include <openssl/opensslconf.h>
+
+#include <stdio.h>
+#include <string.h>
+
+#if !defined(OPENSSL_NO_AES) && !defined(OPENSSL_NO_SHA1)
+
+# include <openssl/evp.h>
+# include <openssl/objects.h>
+# include <openssl/aes.h>
+# include <openssl/sha.h>
+# include "evp_locl.h"
+
+# ifndef EVP_CIPH_FLAG_AEAD_CIPHER
+# define EVP_CIPH_FLAG_AEAD_CIPHER 0x200000
+# define EVP_CTRL_AEAD_TLS1_AAD 0x16
+# define EVP_CTRL_AEAD_SET_MAC_KEY 0x17
+# endif
+
+# if !defined(EVP_CIPH_FLAG_DEFAULT_ASN1)
+# define EVP_CIPH_FLAG_DEFAULT_ASN1 0
+# endif
+
+# define TLS1_1_VERSION 0x0302
+
+typedef struct {
+ AES_KEY ks;
+ SHA_CTX head, tail, md;
+ size_t payload_length; /* AAD length in decrypt case */
+ union {
+ unsigned int tls_ver;
+ unsigned char tls_aad[16]; /* 13 used */
+ } aux;
+} EVP_AES_HMAC_SHA1;
+
+# define NO_PAYLOAD_LENGTH ((size_t)-1)
+
+# if defined(AES_ASM) && ( \
+ defined(__x86_64) || defined(__x86_64__) || \
+ defined(_M_AMD64) || defined(_M_X64) || \
+ defined(__INTEL__) )
+
+# if defined(__GNUC__) && __GNUC__>=2 && !defined(PEDANTIC)
+# define BSWAP(x) ({ unsigned int r=(x); asm ("bswapl %0":"=r"(r):"0"(r)); r; })
+# endif
+
+extern unsigned int OPENSSL_ia32cap_P[2];
+# define AESNI_CAPABLE (1<<(57-32))
+
+int aesni_set_encrypt_key(const unsigned char *userKey, int bits,
+ AES_KEY *key);
+int aesni_set_decrypt_key(const unsigned char *userKey, int bits,
+ AES_KEY *key);
+
+void aesni_cbc_encrypt(const unsigned char *in,
+ unsigned char *out,
+ size_t length,
+ const AES_KEY *key, unsigned char *ivec, int enc);
+
+void aesni_cbc_sha1_enc(const void *inp, void *out, size_t blocks,
+ const AES_KEY *key, unsigned char iv[16],
+ SHA_CTX *ctx, const void *in0);
+
+# define data(ctx) ((EVP_AES_HMAC_SHA1 *)(ctx)->cipher_data)
+
+static int aesni_cbc_hmac_sha1_init_key(EVP_CIPHER_CTX *ctx,
+ const unsigned char *inkey,
+ const unsigned char *iv, int enc)
+{
+ EVP_AES_HMAC_SHA1 *key = data(ctx);
+ int ret;
+
+ if (enc)
+ ret = aesni_set_encrypt_key(inkey, ctx->key_len * 8, &key->ks);
+ else
+ ret = aesni_set_decrypt_key(inkey, ctx->key_len * 8, &key->ks);
+
+ SHA1_Init(&key->head); /* handy when benchmarking */
+ key->tail = key->head;
+ key->md = key->head;
+
+ key->payload_length = NO_PAYLOAD_LENGTH;
+
+ return ret < 0 ? 0 : 1;
+}
+
+# define STITCHED_CALL
+
+# if !defined(STITCHED_CALL)
+# define aes_off 0
+# endif
+
+void sha1_block_data_order(void *c, const void *p, size_t len);
+
+static void sha1_update(SHA_CTX *c, const void *data, size_t len)
+{
+ const unsigned char *ptr = data;
+ size_t res;
+
+ if ((res = c->num)) {
+ res = SHA_CBLOCK - res;
+ if (len < res)
+ res = len;
+ SHA1_Update(c, ptr, res);
+ ptr += res;
+ len -= res;
+ }
+
+ res = len % SHA_CBLOCK;
+ len -= res;
+
+ if (len) {
+ sha1_block_data_order(c, ptr, len / SHA_CBLOCK);
+
+ ptr += len;
+ c->Nh += len >> 29;
+ c->Nl += len <<= 3;
+ if (c->Nl < (unsigned int)len)
+ c->Nh++;
+ }
+
+ if (res)
+ SHA1_Update(c, ptr, res);
+}
+
+# ifdef SHA1_Update
+# undef SHA1_Update
+# endif
+# define SHA1_Update sha1_update
+
+static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t len)
+{
+ EVP_AES_HMAC_SHA1 *key = data(ctx);
+ unsigned int l;
+ size_t plen = key->payload_length, iv = 0, /* explicit IV in TLS 1.1 and
+ * later */
+ sha_off = 0;
+# if defined(STITCHED_CALL)
+ size_t aes_off = 0, blocks;
+
+ sha_off = SHA_CBLOCK - key->md.num;
+# endif
+
+ key->payload_length = NO_PAYLOAD_LENGTH;
+
+ if (len % AES_BLOCK_SIZE)
+ return 0;
+
+ if (ctx->encrypt) {
+ if (plen == NO_PAYLOAD_LENGTH)
+ plen = len;
+ else if (len !=
+ ((plen + SHA_DIGEST_LENGTH +
+ AES_BLOCK_SIZE) & -AES_BLOCK_SIZE))
+ return 0;
+ else if (key->aux.tls_ver >= TLS1_1_VERSION)
+ iv = AES_BLOCK_SIZE;
+
+# if defined(STITCHED_CALL)
+ if (plen > (sha_off + iv)
+ && (blocks = (plen - (sha_off + iv)) / SHA_CBLOCK)) {
+ SHA1_Update(&key->md, in + iv, sha_off);
+
+ aesni_cbc_sha1_enc(in, out, blocks, &key->ks,
+ ctx->iv, &key->md, in + iv + sha_off);
+ blocks *= SHA_CBLOCK;
+ aes_off += blocks;
+ sha_off += blocks;
+ key->md.Nh += blocks >> 29;
+ key->md.Nl += blocks <<= 3;
+ if (key->md.Nl < (unsigned int)blocks)
+ key->md.Nh++;
+ } else {
+ sha_off = 0;
+ }
+# endif
+ sha_off += iv;
+ SHA1_Update(&key->md, in + sha_off, plen - sha_off);
+
+ if (plen != len) { /* "TLS" mode of operation */
+ if (in != out)
+ memcpy(out + aes_off, in + aes_off, plen - aes_off);
+
+ /* calculate HMAC and append it to payload */
+ SHA1_Final(out + plen, &key->md);
+ key->md = key->tail;
+ SHA1_Update(&key->md, out + plen, SHA_DIGEST_LENGTH);
+ SHA1_Final(out + plen, &key->md);
+
+ /* pad the payload|hmac */
+ plen += SHA_DIGEST_LENGTH;
+ for (l = len - plen - 1; plen < len; plen++)
+ out[plen] = l;
+ /* encrypt HMAC|padding at once */
+ aesni_cbc_encrypt(out + aes_off, out + aes_off, len - aes_off,
+ &key->ks, ctx->iv, 1);
+ } else {
+ aesni_cbc_encrypt(in + aes_off, out + aes_off, len - aes_off,
+ &key->ks, ctx->iv, 1);
+ }
+ } else {
+ union {
+ unsigned int u[SHA_DIGEST_LENGTH / sizeof(unsigned int)];
+ unsigned char c[32 + SHA_DIGEST_LENGTH];
+ } mac, *pmac;
+
+ /* arrange cache line alignment */
+ pmac = (void *)(((size_t)mac.c + 31) & ((size_t)0 - 32));
+
+ /* decrypt HMAC|padding at once */
+ aesni_cbc_encrypt(in, out, len, &key->ks, ctx->iv, 0);
+
+ if (plen) { /* "TLS" mode of operation */
+ size_t inp_len, mask, j, i;
+ unsigned int res, maxpad, pad, bitlen;
+ int ret = 1;
+ union {
+ unsigned int u[SHA_LBLOCK];
+ unsigned char c[SHA_CBLOCK];
+ } *data = (void *)key->md.data;
+
+ if ((key->aux.tls_aad[plen - 4] << 8 | key->aux.tls_aad[plen - 3])
+ >= TLS1_1_VERSION)
+ iv = AES_BLOCK_SIZE;
+
+ if (len < (iv + SHA_DIGEST_LENGTH + 1))
+ return 0;
+
+ /* omit explicit iv */
+ out += iv;
+ len -= iv;
+
+ /* figure out payload length */
+ pad = out[len - 1];
+ maxpad = len - (SHA_DIGEST_LENGTH + 1);
+ maxpad |= (255 - maxpad) >> (sizeof(maxpad) * 8 - 8);
+ maxpad &= 255;
+
+ inp_len = len - (SHA_DIGEST_LENGTH + pad + 1);
+ mask = (0 - ((inp_len - len) >> (sizeof(inp_len) * 8 - 1)));
+ inp_len &= mask;
+ ret &= (int)mask;
+
+ key->aux.tls_aad[plen - 2] = inp_len >> 8;
+ key->aux.tls_aad[plen - 1] = inp_len;
+
+ /* calculate HMAC */
+ key->md = key->head;
+ SHA1_Update(&key->md, key->aux.tls_aad, plen);
+
+# if 1
+ len -= SHA_DIGEST_LENGTH; /* amend mac */
+ if (len >= (256 + SHA_CBLOCK)) {
+ j = (len - (256 + SHA_CBLOCK)) & (0 - SHA_CBLOCK);
+ j += SHA_CBLOCK - key->md.num;
+ SHA1_Update(&key->md, out, j);
+ out += j;
+ len -= j;
+ inp_len -= j;
+ }
+
+ /* but pretend as if we hashed padded payload */
+ bitlen = key->md.Nl + (inp_len << 3); /* at most 18 bits */
+# ifdef BSWAP
+ bitlen = BSWAP(bitlen);
+# else
+ mac.c[0] = 0;
+ mac.c[1] = (unsigned char)(bitlen >> 16);
+ mac.c[2] = (unsigned char)(bitlen >> 8);
+ mac.c[3] = (unsigned char)bitlen;
+ bitlen = mac.u[0];
+# endif
+
+ pmac->u[0] = 0;
+ pmac->u[1] = 0;
+ pmac->u[2] = 0;
+ pmac->u[3] = 0;
+ pmac->u[4] = 0;
+
+ for (res = key->md.num, j = 0; j < len; j++) {
+ size_t c = out[j];
+ mask = (j - inp_len) >> (sizeof(j) * 8 - 8);
+ c &= mask;
+ c |= 0x80 & ~mask & ~((inp_len - j) >> (sizeof(j) * 8 - 8));
+ data->c[res++] = (unsigned char)c;
+
+ if (res != SHA_CBLOCK)
+ continue;
+
+ /* j is not incremented yet */
+ mask = 0 - ((inp_len + 7 - j) >> (sizeof(j) * 8 - 1));
+ data->u[SHA_LBLOCK - 1] |= bitlen & mask;
+ sha1_block_data_order(&key->md, data, 1);
+ mask &= 0 - ((j - inp_len - 72) >> (sizeof(j) * 8 - 1));
+ pmac->u[0] |= key->md.h0 & mask;
+ pmac->u[1] |= key->md.h1 & mask;
+ pmac->u[2] |= key->md.h2 & mask;
+ pmac->u[3] |= key->md.h3 & mask;
+ pmac->u[4] |= key->md.h4 & mask;
+ res = 0;
+ }
+
+ for (i = res; i < SHA_CBLOCK; i++, j++)
+ data->c[i] = 0;
+
+ if (res > SHA_CBLOCK - 8) {
+ mask = 0 - ((inp_len + 8 - j) >> (sizeof(j) * 8 - 1));
+ data->u[SHA_LBLOCK - 1] |= bitlen & mask;
+ sha1_block_data_order(&key->md, data, 1);
+ mask &= 0 - ((j - inp_len - 73) >> (sizeof(j) * 8 - 1));
+ pmac->u[0] |= key->md.h0 & mask;
+ pmac->u[1] |= key->md.h1 & mask;
+ pmac->u[2] |= key->md.h2 & mask;
+ pmac->u[3] |= key->md.h3 & mask;
+ pmac->u[4] |= key->md.h4 & mask;
+
+ memset(data, 0, SHA_CBLOCK);
+ j += 64;
+ }
+ data->u[SHA_LBLOCK - 1] = bitlen;
+ sha1_block_data_order(&key->md, data, 1);
+ mask = 0 - ((j - inp_len - 73) >> (sizeof(j) * 8 - 1));
+ pmac->u[0] |= key->md.h0 & mask;
+ pmac->u[1] |= key->md.h1 & mask;
+ pmac->u[2] |= key->md.h2 & mask;
+ pmac->u[3] |= key->md.h3 & mask;
+ pmac->u[4] |= key->md.h4 & mask;
+
+# ifdef BSWAP
+ pmac->u[0] = BSWAP(pmac->u[0]);
+ pmac->u[1] = BSWAP(pmac->u[1]);
+ pmac->u[2] = BSWAP(pmac->u[2]);
+ pmac->u[3] = BSWAP(pmac->u[3]);
+ pmac->u[4] = BSWAP(pmac->u[4]);
+# else
+ for (i = 0; i < 5; i++) {
+ res = pmac->u[i];
+ pmac->c[4 * i + 0] = (unsigned char)(res >> 24);
+ pmac->c[4 * i + 1] = (unsigned char)(res >> 16);
+ pmac->c[4 * i + 2] = (unsigned char)(res >> 8);
+ pmac->c[4 * i + 3] = (unsigned char)res;
+ }
+# endif
+ len += SHA_DIGEST_LENGTH;
+# else
+ SHA1_Update(&key->md, out, inp_len);
+ res = key->md.num;
+ SHA1_Final(pmac->c, &key->md);
+
+ {
+ unsigned int inp_blocks, pad_blocks;
+
+ /* but pretend as if we hashed padded payload */
+ inp_blocks =
+ 1 + ((SHA_CBLOCK - 9 - res) >> (sizeof(res) * 8 - 1));
+ res += (unsigned int)(len - inp_len);
+ pad_blocks = res / SHA_CBLOCK;
+ res %= SHA_CBLOCK;
+ pad_blocks +=
+ 1 + ((SHA_CBLOCK - 9 - res) >> (sizeof(res) * 8 - 1));
+ for (; inp_blocks < pad_blocks; inp_blocks++)
+ sha1_block_data_order(&key->md, data, 1);
+ }
+# endif
+ key->md = key->tail;
+ SHA1_Update(&key->md, pmac->c, SHA_DIGEST_LENGTH);
+ SHA1_Final(pmac->c, &key->md);
+
+ /* verify HMAC */
+ out += inp_len;
+ len -= inp_len;
+# if 1
+ {
+ unsigned char *p = out + len - 1 - maxpad - SHA_DIGEST_LENGTH;
+ size_t off = out - p;
+ unsigned int c, cmask;
+
+ maxpad += SHA_DIGEST_LENGTH;
+ for (res = 0, i = 0, j = 0; j < maxpad; j++) {
+ c = p[j];
+ cmask =
+ ((int)(j - off - SHA_DIGEST_LENGTH)) >> (sizeof(int) *
+ 8 - 1);
+ res |= (c ^ pad) & ~cmask; /* ... and padding */
+ cmask &= ((int)(off - 1 - j)) >> (sizeof(int) * 8 - 1);
+ res |= (c ^ pmac->c[i]) & cmask;
+ i += 1 & cmask;
+ }
+ maxpad -= SHA_DIGEST_LENGTH;
+
+ res = 0 - ((0 - res) >> (sizeof(res) * 8 - 1));
+ ret &= (int)~res;
+ }
+# else
+ for (res = 0, i = 0; i < SHA_DIGEST_LENGTH; i++)
+ res |= out[i] ^ pmac->c[i];
+ res = 0 - ((0 - res) >> (sizeof(res) * 8 - 1));
+ ret &= (int)~res;
+
+ /* verify padding */
+ pad = (pad & ~res) | (maxpad & res);
+ out = out + len - 1 - pad;
+ for (res = 0, i = 0; i < pad; i++)
+ res |= out[i] ^ pad;
+
+ res = (0 - res) >> (sizeof(res) * 8 - 1);
+ ret &= (int)~res;
+# endif
+ return ret;
+ } else {
+ SHA1_Update(&key->md, out, len);
+ }
+ }
+
+ return 1;
+}
+
+static int aesni_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg,
+ void *ptr)
+{
+ EVP_AES_HMAC_SHA1 *key = data(ctx);
+
+ switch (type) {
+ case EVP_CTRL_AEAD_SET_MAC_KEY:
+ {
+ unsigned int i;
+ unsigned char hmac_key[64];
+
+ memset(hmac_key, 0, sizeof(hmac_key));
+
+ if (arg > (int)sizeof(hmac_key)) {
+ SHA1_Init(&key->head);
+ SHA1_Update(&key->head, ptr, arg);
+ SHA1_Final(hmac_key, &key->head);
+ } else {
+ memcpy(hmac_key, ptr, arg);
+ }
+
+ for (i = 0; i < sizeof(hmac_key); i++)
+ hmac_key[i] ^= 0x36; /* ipad */
+ SHA1_Init(&key->head);
+ SHA1_Update(&key->head, hmac_key, sizeof(hmac_key));
+
+ for (i = 0; i < sizeof(hmac_key); i++)
+ hmac_key[i] ^= 0x36 ^ 0x5c; /* opad */
+ SHA1_Init(&key->tail);
+ SHA1_Update(&key->tail, hmac_key, sizeof(hmac_key));
+
+ OPENSSL_cleanse(hmac_key, sizeof(hmac_key));
+
+ return 1;
+ }
+ case EVP_CTRL_AEAD_TLS1_AAD:
+ {
+ unsigned char *p = ptr;
+ unsigned int len;
+
+ if (arg != EVP_AEAD_TLS1_AAD_LEN)
+ return -1;
+
+ len = p[arg - 2] << 8 | p[arg - 1];
+
+ if (ctx->encrypt) {
+ key->payload_length = len;
+ if ((key->aux.tls_ver =
+ p[arg - 4] << 8 | p[arg - 3]) >= TLS1_1_VERSION) {
+ len -= AES_BLOCK_SIZE;
+ p[arg - 2] = len >> 8;
+ p[arg - 1] = len;
+ }
+ key->md = key->head;
+ SHA1_Update(&key->md, p, arg);
+
+ return (int)(((len + SHA_DIGEST_LENGTH +
+ AES_BLOCK_SIZE) & -AES_BLOCK_SIZE)
+ - len);
+ } else {
+ memcpy(key->aux.tls_aad, ptr, arg);
+ key->payload_length = arg;
+
+ return SHA_DIGEST_LENGTH;
+ }
+ }
+ default:
+ return -1;
+ }
+}
+
+static EVP_CIPHER aesni_128_cbc_hmac_sha1_cipher = {
+# ifdef NID_aes_128_cbc_hmac_sha1
+ NID_aes_128_cbc_hmac_sha1,
+# else
+ NID_undef,
+# endif
+ 16, 16, 16,
+ EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_DEFAULT_ASN1 |
+ EVP_CIPH_FLAG_AEAD_CIPHER,
+ aesni_cbc_hmac_sha1_init_key,
+ aesni_cbc_hmac_sha1_cipher,
+ NULL,
+ sizeof(EVP_AES_HMAC_SHA1),
+ EVP_CIPH_FLAG_DEFAULT_ASN1 ? NULL : EVP_CIPHER_set_asn1_iv,
+ EVP_CIPH_FLAG_DEFAULT_ASN1 ? NULL : EVP_CIPHER_get_asn1_iv,
+ aesni_cbc_hmac_sha1_ctrl,
+ NULL
+};
+
+static EVP_CIPHER aesni_256_cbc_hmac_sha1_cipher = {
+# ifdef NID_aes_256_cbc_hmac_sha1
+ NID_aes_256_cbc_hmac_sha1,
+# else
+ NID_undef,
+# endif
+ 16, 32, 16,
+ EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_DEFAULT_ASN1 |
+ EVP_CIPH_FLAG_AEAD_CIPHER,
+ aesni_cbc_hmac_sha1_init_key,
+ aesni_cbc_hmac_sha1_cipher,
+ NULL,
+ sizeof(EVP_AES_HMAC_SHA1),
+ EVP_CIPH_FLAG_DEFAULT_ASN1 ? NULL : EVP_CIPHER_set_asn1_iv,
+ EVP_CIPH_FLAG_DEFAULT_ASN1 ? NULL : EVP_CIPHER_get_asn1_iv,
+ aesni_cbc_hmac_sha1_ctrl,
+ NULL
+};
+
+const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha1(void)
+{
+ return (OPENSSL_ia32cap_P[1] & AESNI_CAPABLE ?
+ &aesni_128_cbc_hmac_sha1_cipher : NULL);
+}
+
+const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha1(void)
+{
+ return (OPENSSL_ia32cap_P[1] & AESNI_CAPABLE ?
+ &aesni_256_cbc_hmac_sha1_cipher : NULL);
+}
+# else
+const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha1(void)
+{
+ return NULL;
+}
+
+const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha1(void)
+{
+ return NULL;
+}
+# endif
+#endif
Modified: trunk/crypto/openssl/crypto/evp/e_camellia.c
===================================================================
--- trunk/crypto/openssl/crypto/evp/e_camellia.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/evp/e_camellia.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -85,7 +85,7 @@
NID_camellia_256, 16, 32, 16, 128,
0, camellia_init_key, NULL,
EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL)
-# define IMPLEMENT_CAMELLIA_CFBR(ksize,cbits) IMPLEMENT_CFBR(camellia,Camellia,EVP_CAMELLIA_KEY,ks,ksize,cbits,16,0)
+# define IMPLEMENT_CAMELLIA_CFBR(ksize,cbits) IMPLEMENT_CFBR(camellia,Camellia,EVP_CAMELLIA_KEY,ks,ksize,cbits,16)
IMPLEMENT_CAMELLIA_CFBR(128, 1)
IMPLEMENT_CAMELLIA_CFBR(192, 1)
IMPLEMENT_CAMELLIA_CFBR(256, 1)
Modified: trunk/crypto/openssl/crypto/evp/e_des.c
===================================================================
--- trunk/crypto/openssl/crypto/evp/e_des.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/evp/e_des.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -75,7 +75,7 @@
*/
static int des_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, unsigned int inl)
+ const unsigned char *in, size_t inl)
{
BLOCK_CIPHER_ecb_loop()
DES_ecb_encrypt((DES_cblock *)(in + i), (DES_cblock *)(out + i),
@@ -84,26 +84,50 @@
}
static int des_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, unsigned int inl)
+ const unsigned char *in, size_t inl)
{
- DES_ofb64_encrypt(in, out, (long)inl, ctx->cipher_data,
- (DES_cblock *)ctx->iv, &ctx->num);
+ while (inl >= EVP_MAXCHUNK) {
+ DES_ofb64_encrypt(in, out, (long)EVP_MAXCHUNK, ctx->cipher_data,
+ (DES_cblock *)ctx->iv, &ctx->num);
+ inl -= EVP_MAXCHUNK;
+ in += EVP_MAXCHUNK;
+ out += EVP_MAXCHUNK;
+ }
+ if (inl)
+ DES_ofb64_encrypt(in, out, (long)inl, ctx->cipher_data,
+ (DES_cblock *)ctx->iv, &ctx->num);
return 1;
}
static int des_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, unsigned int inl)
+ const unsigned char *in, size_t inl)
{
- DES_ncbc_encrypt(in, out, (long)inl, ctx->cipher_data,
- (DES_cblock *)ctx->iv, ctx->encrypt);
+ while (inl >= EVP_MAXCHUNK) {
+ DES_ncbc_encrypt(in, out, (long)EVP_MAXCHUNK, ctx->cipher_data,
+ (DES_cblock *)ctx->iv, ctx->encrypt);
+ inl -= EVP_MAXCHUNK;
+ in += EVP_MAXCHUNK;
+ out += EVP_MAXCHUNK;
+ }
+ if (inl)
+ DES_ncbc_encrypt(in, out, (long)inl, ctx->cipher_data,
+ (DES_cblock *)ctx->iv, ctx->encrypt);
return 1;
}
static int des_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, unsigned int inl)
+ const unsigned char *in, size_t inl)
{
- DES_cfb64_encrypt(in, out, (long)inl, ctx->cipher_data,
- (DES_cblock *)ctx->iv, &ctx->num, ctx->encrypt);
+ while (inl >= EVP_MAXCHUNK) {
+ DES_cfb64_encrypt(in, out, (long)EVP_MAXCHUNK, ctx->cipher_data,
+ (DES_cblock *)ctx->iv, &ctx->num, ctx->encrypt);
+ inl -= EVP_MAXCHUNK;
+ in += EVP_MAXCHUNK;
+ out += EVP_MAXCHUNK;
+ }
+ if (inl)
+ DES_cfb64_encrypt(in, out, (long)inl, ctx->cipher_data,
+ (DES_cblock *)ctx->iv, &ctx->num, ctx->encrypt);
return 1;
}
@@ -112,43 +136,60 @@
* way, so wrap it here
*/
static int des_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, unsigned int inl)
+ const unsigned char *in, size_t inl)
{
- unsigned int n;
+ size_t n, chunk = EVP_MAXCHUNK / 8;
unsigned char c[1], d[1];
- for (n = 0; n < inl; ++n) {
- c[0] = (in[n / 8] & (1 << (7 - n % 8))) ? 0x80 : 0;
- DES_cfb_encrypt(c, d, 1, 1, ctx->cipher_data, (DES_cblock *)ctx->iv,
- ctx->encrypt);
- out[n / 8] =
- (out[n / 8] & ~(0x80 >> (n % 8))) | ((d[0] & 0x80) >> (n % 8));
+ if (inl < chunk)
+ chunk = inl;
+
+ while (inl && inl >= chunk) {
+ for (n = 0; n < chunk * 8; ++n) {
+ c[0] = (in[n / 8] & (1 << (7 - n % 8))) ? 0x80 : 0;
+ DES_cfb_encrypt(c, d, 1, 1, ctx->cipher_data,
+ (DES_cblock *)ctx->iv, ctx->encrypt);
+ out[n / 8] =
+ (out[n / 8] & ~(0x80 >> (unsigned int)(n % 8))) |
+ ((d[0] & 0x80) >> (unsigned int)(n % 8));
+ }
+ inl -= chunk;
+ in += chunk;
+ out += chunk;
+ if (inl < chunk)
+ chunk = inl;
}
+
return 1;
}
static int des_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, unsigned int inl)
+ const unsigned char *in, size_t inl)
{
- DES_cfb_encrypt(in, out, 8, inl, ctx->cipher_data, (DES_cblock *)ctx->iv,
- ctx->encrypt);
+ while (inl >= EVP_MAXCHUNK) {
+ DES_cfb_encrypt(in, out, 8, (long)EVP_MAXCHUNK, ctx->cipher_data,
+ (DES_cblock *)ctx->iv, ctx->encrypt);
+ inl -= EVP_MAXCHUNK;
+ in += EVP_MAXCHUNK;
+ out += EVP_MAXCHUNK;
+ }
+ if (inl)
+ DES_cfb_encrypt(in, out, 8, (long)inl, ctx->cipher_data,
+ (DES_cblock *)ctx->iv, ctx->encrypt);
return 1;
}
BLOCK_CIPHER_defs(des, DES_key_schedule, NID_des, 8, 8, 8, 64,
- EVP_CIPH_RAND_KEY,
- des_init_key, NULL,
+ EVP_CIPH_RAND_KEY, des_init_key, NULL,
EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, des_ctrl)
BLOCK_CIPHER_def_cfb(des, DES_key_schedule, NID_des, 8, 8, 1,
- EVP_CIPH_RAND_KEY,
- des_init_key, NULL,
+ EVP_CIPH_RAND_KEY, des_init_key, NULL,
EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, des_ctrl)
BLOCK_CIPHER_def_cfb(des, DES_key_schedule, NID_des, 8, 8, 8,
- EVP_CIPH_RAND_KEY,
- des_init_key, NULL,
+ EVP_CIPH_RAND_KEY, des_init_key, NULL,
EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, des_ctrl)
static int des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
Modified: trunk/crypto/openssl/crypto/evp/e_des3.c
===================================================================
--- trunk/crypto/openssl/crypto/evp/e_des3.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/evp/e_des3.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -65,6 +65,8 @@
# include <openssl/des.h>
# include <openssl/rand.h>
+# ifndef OPENSSL_FIPS
+
static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc);
@@ -79,7 +81,7 @@
DES_key_schedule ks3; /* key schedule (for ede3) */
} DES_EDE_KEY;
-# define data(ctx) ((DES_EDE_KEY *)(ctx)->cipher_data)
+# define data(ctx) ((DES_EDE_KEY *)(ctx)->cipher_data)
/*
* Because of various casts and different args can't use
@@ -87,7 +89,7 @@
*/
static int des_ede_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, unsigned int inl)
+ const unsigned char *in, size_t inl)
{
BLOCK_CIPHER_ecb_loop()
DES_ecb3_encrypt((const_DES_cblock *)(in + i),
@@ -98,40 +100,74 @@
}
static int des_ede_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, unsigned int inl)
+ const unsigned char *in, size_t inl)
{
- DES_ede3_ofb64_encrypt(in, out, (long)inl,
- &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
- (DES_cblock *)ctx->iv, &ctx->num);
+ while (inl >= EVP_MAXCHUNK) {
+ DES_ede3_ofb64_encrypt(in, out, (long)EVP_MAXCHUNK,
+ &data(ctx)->ks1, &data(ctx)->ks2,
+ &data(ctx)->ks3, (DES_cblock *)ctx->iv,
+ &ctx->num);
+ inl -= EVP_MAXCHUNK;
+ in += EVP_MAXCHUNK;
+ out += EVP_MAXCHUNK;
+ }
+ if (inl)
+ DES_ede3_ofb64_encrypt(in, out, (long)inl,
+ &data(ctx)->ks1, &data(ctx)->ks2,
+ &data(ctx)->ks3, (DES_cblock *)ctx->iv,
+ &ctx->num);
+
return 1;
}
static int des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, unsigned int inl)
+ const unsigned char *in, size_t inl)
{
-# ifdef KSSL_DEBUG
+# ifdef KSSL_DEBUG
{
int i;
- printf("des_ede_cbc_cipher(ctx=%lx, buflen=%d)\n", (unsigned long)ctx,
- ctx->buf_len);
- printf("\t iv= ");
+ fprintf(stderr, "des_ede_cbc_cipher(ctx=%p, buflen=%d)\n", ctx,
+ ctx->buf_len);
+ fprintf(stderr, "\t iv= ");
for (i = 0; i < 8; i++)
- printf("%02X", ctx->iv[i]);
- printf("\n");
+ fprintf(stderr, "%02X", ctx->iv[i]);
+ fprintf(stderr, "\n");
}
-# endif /* KSSL_DEBUG */
- DES_ede3_cbc_encrypt(in, out, (long)inl,
- &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
- (DES_cblock *)ctx->iv, ctx->encrypt);
+# endif /* KSSL_DEBUG */
+ while (inl >= EVP_MAXCHUNK) {
+ DES_ede3_cbc_encrypt(in, out, (long)EVP_MAXCHUNK,
+ &data(ctx)->ks1, &data(ctx)->ks2,
+ &data(ctx)->ks3, (DES_cblock *)ctx->iv,
+ ctx->encrypt);
+ inl -= EVP_MAXCHUNK;
+ in += EVP_MAXCHUNK;
+ out += EVP_MAXCHUNK;
+ }
+ if (inl)
+ DES_ede3_cbc_encrypt(in, out, (long)inl,
+ &data(ctx)->ks1, &data(ctx)->ks2,
+ &data(ctx)->ks3, (DES_cblock *)ctx->iv,
+ ctx->encrypt);
return 1;
}
static int des_ede_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, unsigned int inl)
+ const unsigned char *in, size_t inl)
{
- DES_ede3_cfb64_encrypt(in, out, (long)inl,
- &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
- (DES_cblock *)ctx->iv, &ctx->num, ctx->encrypt);
+ while (inl >= EVP_MAXCHUNK) {
+ DES_ede3_cfb64_encrypt(in, out, (long)EVP_MAXCHUNK,
+ &data(ctx)->ks1, &data(ctx)->ks2,
+ &data(ctx)->ks3, (DES_cblock *)ctx->iv,
+ &ctx->num, ctx->encrypt);
+ inl -= EVP_MAXCHUNK;
+ in += EVP_MAXCHUNK;
+ out += EVP_MAXCHUNK;
+ }
+ if (inl)
+ DES_ede3_cfb64_encrypt(in, out, (long)inl,
+ &data(ctx)->ks1, &data(ctx)->ks2,
+ &data(ctx)->ks3, (DES_cblock *)ctx->iv,
+ &ctx->num, ctx->encrypt);
return 1;
}
@@ -140,9 +176,9 @@
* right way, so wrap it here
*/
static int des_ede3_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, unsigned int inl)
+ const unsigned char *in, size_t inl)
{
- unsigned int n;
+ size_t n;
unsigned char c[1], d[1];
for (n = 0; n < inl; ++n) {
@@ -151,8 +187,8 @@
&data(ctx)->ks1, &data(ctx)->ks2,
&data(ctx)->ks3, (DES_cblock *)ctx->iv,
ctx->encrypt);
- out[n / 8] =
- (out[n / 8] & ~(0x80 >> (n % 8))) | ((d[0] & 0x80) >> (n % 8));
+ out[n / 8] = (out[n / 8] & ~(0x80 >> (unsigned int)(n % 8)))
+ | ((d[0] & 0x80) >> (unsigned int)(n % 8));
}
return 1;
@@ -159,49 +195,58 @@
}
static int des_ede3_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, unsigned int inl)
+ const unsigned char *in, size_t inl)
{
- DES_ede3_cfb_encrypt(in, out, 8, inl,
- &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
- (DES_cblock *)ctx->iv, ctx->encrypt);
+ while (inl >= EVP_MAXCHUNK) {
+ DES_ede3_cfb_encrypt(in, out, 8, (long)EVP_MAXCHUNK,
+ &data(ctx)->ks1, &data(ctx)->ks2,
+ &data(ctx)->ks3, (DES_cblock *)ctx->iv,
+ ctx->encrypt);
+ inl -= EVP_MAXCHUNK;
+ in += EVP_MAXCHUNK;
+ out += EVP_MAXCHUNK;
+ }
+ if (inl)
+ DES_ede3_cfb_encrypt(in, out, 8, (long)inl,
+ &data(ctx)->ks1, &data(ctx)->ks2,
+ &data(ctx)->ks3, (DES_cblock *)ctx->iv,
+ ctx->encrypt);
return 1;
}
BLOCK_CIPHER_defs(des_ede, DES_EDE_KEY, NID_des_ede, 8, 16, 8, 64,
- EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_FIPS |
- EVP_CIPH_FLAG_DEFAULT_ASN1, des_ede_init_key, NULL, NULL,
- NULL, des3_ctrl)
-# define des_ede3_cfb64_cipher des_ede_cfb64_cipher
-# define des_ede3_ofb_cipher des_ede_ofb_cipher
-# define des_ede3_cbc_cipher des_ede_cbc_cipher
-# define des_ede3_ecb_cipher des_ede_ecb_cipher
+ EVP_CIPH_RAND_KEY, des_ede_init_key, NULL,
+ EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, des3_ctrl)
+# define des_ede3_cfb64_cipher des_ede_cfb64_cipher
+# define des_ede3_ofb_cipher des_ede_ofb_cipher
+# define des_ede3_cbc_cipher des_ede_cbc_cipher
+# define des_ede3_ecb_cipher des_ede_ecb_cipher
BLOCK_CIPHER_defs(des_ede3, DES_EDE_KEY, NID_des_ede3, 8, 24, 8, 64,
- EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_FIPS |
- EVP_CIPH_FLAG_DEFAULT_ASN1, des_ede3_init_key, NULL, NULL, NULL,
- des3_ctrl)
+ EVP_CIPH_RAND_KEY, des_ede3_init_key, NULL,
+ EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, des3_ctrl)
BLOCK_CIPHER_def_cfb(des_ede3, DES_EDE_KEY, NID_des_ede3, 24, 8, 1,
- EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_FIPS |
- EVP_CIPH_FLAG_DEFAULT_ASN1, des_ede3_init_key, NULL, NULL,
- NULL, des3_ctrl)
+ EVP_CIPH_RAND_KEY, des_ede3_init_key, NULL,
+ EVP_CIPHER_set_asn1_iv,
+ EVP_CIPHER_get_asn1_iv, des3_ctrl)
BLOCK_CIPHER_def_cfb(des_ede3, DES_EDE_KEY, NID_des_ede3, 24, 8, 8,
- EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_FIPS |
- EVP_CIPH_FLAG_DEFAULT_ASN1, des_ede3_init_key, NULL, NULL,
- NULL, des3_ctrl)
+ EVP_CIPH_RAND_KEY, des_ede3_init_key, NULL,
+ EVP_CIPHER_set_asn1_iv,
+ EVP_CIPHER_get_asn1_iv, des3_ctrl)
static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc)
{
DES_cblock *deskey = (DES_cblock *)key;
-# ifdef EVP_CHECK_DES_KEY
+# ifdef EVP_CHECK_DES_KEY
if (DES_set_key_checked(&deskey[0], &data(ctx)->ks1)
! !DES_set_key_checked(&deskey[1], &data(ctx)->ks2))
return 0;
-# else
+# else
DES_set_key_unchecked(&deskey[0], &data(ctx)->ks1);
DES_set_key_unchecked(&deskey[1], &data(ctx)->ks2);
-# endif
+# endif
memcpy(&data(ctx)->ks3, &data(ctx)->ks1, sizeof(data(ctx)->ks1));
return 1;
}
@@ -210,31 +255,33 @@
const unsigned char *iv, int enc)
{
DES_cblock *deskey = (DES_cblock *)key;
-# ifdef KSSL_DEBUG
+# ifdef KSSL_DEBUG
{
int i;
- printf("des_ede3_init_key(ctx=%lx)\n", (unsigned long)ctx);
- printf("\tKEY= ");
+ fprintf(stderr, "des_ede3_init_key(ctx=%p)\n", ctx);
+ fprintf(stderr, "\tKEY= ");
for (i = 0; i < 24; i++)
- printf("%02X", key[i]);
- printf("\n");
- printf("\t IV= ");
- for (i = 0; i < 8; i++)
- printf("%02X", iv[i]);
- printf("\n");
+ fprintf(stderr, "%02X", key[i]);
+ fprintf(stderr, "\n");
+ if (iv) {
+ fprintf(stderr, "\t IV= ");
+ for (i = 0; i < 8; i++)
+ fprintf(stderr, "%02X", iv[i]);
+ fprintf(stderr, "\n");
+ }
}
-# endif /* KSSL_DEBUG */
+# endif /* KSSL_DEBUG */
-# ifdef EVP_CHECK_DES_KEY
+# ifdef EVP_CHECK_DES_KEY
if (DES_set_key_checked(&deskey[0], &data(ctx)->ks1)
|| DES_set_key_checked(&deskey[1], &data(ctx)->ks2)
|| DES_set_key_checked(&deskey[2], &data(ctx)->ks3))
return 0;
-# else
+# else
DES_set_key_unchecked(&deskey[0], &data(ctx)->ks1);
DES_set_key_unchecked(&deskey[1], &data(ctx)->ks2);
DES_set_key_unchecked(&deskey[2], &data(ctx)->ks3);
-# endif
+# endif
return 1;
}
@@ -268,4 +315,5 @@
{
return &des_ede3_ecb;
}
+# endif
#endif
Modified: trunk/crypto/openssl/crypto/evp/e_idea.c
===================================================================
--- trunk/crypto/openssl/crypto/evp/e_idea.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/evp/e_idea.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -74,7 +74,7 @@
*/
static int idea_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, unsigned int inl)
+ const unsigned char *in, size_t inl)
{
BLOCK_CIPHER_ecb_loop()
idea_ecb_encrypt(in + i, out + i, ctx->cipher_data);
Modified: trunk/crypto/openssl/crypto/evp/e_null.c
===================================================================
--- trunk/crypto/openssl/crypto/evp/e_null.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/evp/e_null.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -61,14 +61,16 @@
#include <openssl/evp.h>
#include <openssl/objects.h>
+#ifndef OPENSSL_FIPS
+
static int null_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc);
static int null_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, unsigned int inl);
+ const unsigned char *in, size_t inl);
static const EVP_CIPHER n_cipher = {
NID_undef,
1, 0, 0,
- EVP_CIPH_FLAG_FIPS,
+ 0,
null_init_key,
null_cipher,
NULL,
@@ -92,9 +94,10 @@
}
static int null_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, unsigned int inl)
+ const unsigned char *in, size_t inl)
{
if (in != out)
- memcpy((char *)out, (const char *)in, (size_t)inl);
+ memcpy((char *)out, (const char *)in, inl);
return 1;
}
+#endif
Modified: trunk/crypto/openssl/crypto/evp/e_rc2.c
===================================================================
--- trunk/crypto/openssl/crypto/evp/e_rc2.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/evp/e_rc2.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -183,8 +183,8 @@
key_bits = rc2_magic_to_meth((int)num);
if (!key_bits)
return (-1);
- if (i > 0)
- EVP_CipherInit_ex(c, NULL, NULL, NULL, iv, -1);
+ if (i > 0 && !EVP_CipherInit_ex(c, NULL, NULL, NULL, iv, -1))
+ return -1;
EVP_CIPHER_CTX_ctrl(c, EVP_CTRL_SET_RC2_KEY_BITS, key_bits, NULL);
EVP_CIPHER_CTX_set_key_length(c, key_bits / 8);
}
@@ -221,6 +221,11 @@
return 1;
}
return 0;
+# ifdef PBE_PRF_TEST
+ case EVP_CTRL_PBE_PRF_NID:
+ *(int *)ptr = NID_hmacWithMD5;
+ return 1;
+# endif
default:
return -1;
Modified: trunk/crypto/openssl/crypto/evp/e_rc4.c
===================================================================
--- trunk/crypto/openssl/crypto/evp/e_rc4.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/evp/e_rc4.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -62,9 +62,9 @@
#ifndef OPENSSL_NO_RC4
# include <openssl/evp.h>
+# include "evp_locl.h"
# include <openssl/objects.h>
# include <openssl/rc4.h>
-# include "evp_locl.h"
/* FIXME: surely this is available elsewhere? */
# define EVP_RC4_KEY_SIZE 16
@@ -78,7 +78,7 @@
static int rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc);
static int rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, unsigned int inl);
+ const unsigned char *in, size_t inl);
static const EVP_CIPHER r4_cipher = {
NID_rc4,
1, EVP_RC4_KEY_SIZE, 0,
@@ -125,7 +125,7 @@
}
static int rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, unsigned int inl)
+ const unsigned char *in, size_t inl)
{
RC4(&data(ctx)->ks, inl, in, out);
return 1;
Copied: trunk/crypto/openssl/crypto/evp/e_rc4_hmac_md5.c (from rev 7117, vendor-crypto/openssl/dist/crypto/evp/e_rc4_hmac_md5.c)
===================================================================
--- trunk/crypto/openssl/crypto/evp/e_rc4_hmac_md5.c (rev 0)
+++ trunk/crypto/openssl/crypto/evp/e_rc4_hmac_md5.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,308 @@
+/* ====================================================================
+ * Copyright (c) 2011 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#include <openssl/opensslconf.h>
+
+#include <stdio.h>
+#include <string.h>
+
+#if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_MD5)
+
+# include <openssl/crypto.h>
+# include <openssl/evp.h>
+# include <openssl/objects.h>
+# include <openssl/rc4.h>
+# include <openssl/md5.h>
+
+# ifndef EVP_CIPH_FLAG_AEAD_CIPHER
+# define EVP_CIPH_FLAG_AEAD_CIPHER 0x200000
+# define EVP_CTRL_AEAD_TLS1_AAD 0x16
+# define EVP_CTRL_AEAD_SET_MAC_KEY 0x17
+# endif
+
+/* FIXME: surely this is available elsewhere? */
+# define EVP_RC4_KEY_SIZE 16
+
+typedef struct {
+ RC4_KEY ks;
+ MD5_CTX head, tail, md;
+ size_t payload_length;
+} EVP_RC4_HMAC_MD5;
+
+# define NO_PAYLOAD_LENGTH ((size_t)-1)
+
+void rc4_md5_enc(RC4_KEY *key, const void *in0, void *out,
+ MD5_CTX *ctx, const void *inp, size_t blocks);
+
+# define data(ctx) ((EVP_RC4_HMAC_MD5 *)(ctx)->cipher_data)
+
+static int rc4_hmac_md5_init_key(EVP_CIPHER_CTX *ctx,
+ const unsigned char *inkey,
+ const unsigned char *iv, int enc)
+{
+ EVP_RC4_HMAC_MD5 *key = data(ctx);
+
+ RC4_set_key(&key->ks, EVP_CIPHER_CTX_key_length(ctx), inkey);
+
+ MD5_Init(&key->head); /* handy when benchmarking */
+ key->tail = key->head;
+ key->md = key->head;
+
+ key->payload_length = NO_PAYLOAD_LENGTH;
+
+ return 1;
+}
+
+# if !defined(OPENSSL_NO_ASM) && ( \
+ defined(__x86_64) || defined(__x86_64__) || \
+ defined(_M_AMD64) || defined(_M_X64) || \
+ defined(__INTEL__) ) && \
+ !(defined(__APPLE__) && defined(__MACH__))
+# define STITCHED_CALL
+# endif
+
+# if !defined(STITCHED_CALL)
+# define rc4_off 0
+# define md5_off 0
+# endif
+
+static int rc4_hmac_md5_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t len)
+{
+ EVP_RC4_HMAC_MD5 *key = data(ctx);
+# if defined(STITCHED_CALL)
+ size_t rc4_off = 32 - 1 - (key->ks.x & (32 - 1)), /* 32 is $MOD from
+ * rc4_md5-x86_64.pl */
+ md5_off = MD5_CBLOCK - key->md.num, blocks;
+ unsigned int l;
+ extern unsigned int OPENSSL_ia32cap_P[];
+# endif
+ size_t plen = key->payload_length;
+
+ if (plen != NO_PAYLOAD_LENGTH && len != (plen + MD5_DIGEST_LENGTH))
+ return 0;
+
+ if (ctx->encrypt) {
+ if (plen == NO_PAYLOAD_LENGTH)
+ plen = len;
+# if defined(STITCHED_CALL)
+ /* cipher has to "fall behind" */
+ if (rc4_off > md5_off)
+ md5_off += MD5_CBLOCK;
+
+ if (plen > md5_off && (blocks = (plen - md5_off) / MD5_CBLOCK) &&
+ (OPENSSL_ia32cap_P[0] & (1 << 20)) == 0) {
+ MD5_Update(&key->md, in, md5_off);
+ RC4(&key->ks, rc4_off, in, out);
+
+ rc4_md5_enc(&key->ks, in + rc4_off, out + rc4_off,
+ &key->md, in + md5_off, blocks);
+ blocks *= MD5_CBLOCK;
+ rc4_off += blocks;
+ md5_off += blocks;
+ key->md.Nh += blocks >> 29;
+ key->md.Nl += blocks <<= 3;
+ if (key->md.Nl < (unsigned int)blocks)
+ key->md.Nh++;
+ } else {
+ rc4_off = 0;
+ md5_off = 0;
+ }
+# endif
+ MD5_Update(&key->md, in + md5_off, plen - md5_off);
+
+ if (plen != len) { /* "TLS" mode of operation */
+ if (in != out)
+ memcpy(out + rc4_off, in + rc4_off, plen - rc4_off);
+
+ /* calculate HMAC and append it to payload */
+ MD5_Final(out + plen, &key->md);
+ key->md = key->tail;
+ MD5_Update(&key->md, out + plen, MD5_DIGEST_LENGTH);
+ MD5_Final(out + plen, &key->md);
+ /* encrypt HMAC at once */
+ RC4(&key->ks, len - rc4_off, out + rc4_off, out + rc4_off);
+ } else {
+ RC4(&key->ks, len - rc4_off, in + rc4_off, out + rc4_off);
+ }
+ } else {
+ unsigned char mac[MD5_DIGEST_LENGTH];
+# if defined(STITCHED_CALL)
+ /* digest has to "fall behind" */
+ if (md5_off > rc4_off)
+ rc4_off += 2 * MD5_CBLOCK;
+ else
+ rc4_off += MD5_CBLOCK;
+
+ if (len > rc4_off && (blocks = (len - rc4_off) / MD5_CBLOCK) &&
+ (OPENSSL_ia32cap_P[0] & (1 << 20)) == 0) {
+ RC4(&key->ks, rc4_off, in, out);
+ MD5_Update(&key->md, out, md5_off);
+
+ rc4_md5_enc(&key->ks, in + rc4_off, out + rc4_off,
+ &key->md, out + md5_off, blocks);
+ blocks *= MD5_CBLOCK;
+ rc4_off += blocks;
+ md5_off += blocks;
+ l = (key->md.Nl + (blocks << 3)) & 0xffffffffU;
+ if (l < key->md.Nl)
+ key->md.Nh++;
+ key->md.Nl = l;
+ key->md.Nh += blocks >> 29;
+ } else {
+ md5_off = 0;
+ rc4_off = 0;
+ }
+# endif
+ /* decrypt HMAC at once */
+ RC4(&key->ks, len - rc4_off, in + rc4_off, out + rc4_off);
+ if (plen != NO_PAYLOAD_LENGTH) { /* "TLS" mode of operation */
+ MD5_Update(&key->md, out + md5_off, plen - md5_off);
+
+ /* calculate HMAC and verify it */
+ MD5_Final(mac, &key->md);
+ key->md = key->tail;
+ MD5_Update(&key->md, mac, MD5_DIGEST_LENGTH);
+ MD5_Final(mac, &key->md);
+
+ if (CRYPTO_memcmp(out + plen, mac, MD5_DIGEST_LENGTH))
+ return 0;
+ } else {
+ MD5_Update(&key->md, out + md5_off, len - md5_off);
+ }
+ }
+
+ key->payload_length = NO_PAYLOAD_LENGTH;
+
+ return 1;
+}
+
+static int rc4_hmac_md5_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg,
+ void *ptr)
+{
+ EVP_RC4_HMAC_MD5 *key = data(ctx);
+
+ switch (type) {
+ case EVP_CTRL_AEAD_SET_MAC_KEY:
+ {
+ unsigned int i;
+ unsigned char hmac_key[64];
+
+ memset(hmac_key, 0, sizeof(hmac_key));
+
+ if (arg > (int)sizeof(hmac_key)) {
+ MD5_Init(&key->head);
+ MD5_Update(&key->head, ptr, arg);
+ MD5_Final(hmac_key, &key->head);
+ } else {
+ memcpy(hmac_key, ptr, arg);
+ }
+
+ for (i = 0; i < sizeof(hmac_key); i++)
+ hmac_key[i] ^= 0x36; /* ipad */
+ MD5_Init(&key->head);
+ MD5_Update(&key->head, hmac_key, sizeof(hmac_key));
+
+ for (i = 0; i < sizeof(hmac_key); i++)
+ hmac_key[i] ^= 0x36 ^ 0x5c; /* opad */
+ MD5_Init(&key->tail);
+ MD5_Update(&key->tail, hmac_key, sizeof(hmac_key));
+
+ return 1;
+ }
+ case EVP_CTRL_AEAD_TLS1_AAD:
+ {
+ unsigned char *p = ptr;
+ unsigned int len;
+
+ if (arg != EVP_AEAD_TLS1_AAD_LEN)
+ return -1;
+
+ len = p[arg - 2] << 8 | p[arg - 1];
+
+ if (!ctx->encrypt) {
+ len -= MD5_DIGEST_LENGTH;
+ p[arg - 2] = len >> 8;
+ p[arg - 1] = len;
+ }
+ key->payload_length = len;
+ key->md = key->head;
+ MD5_Update(&key->md, p, arg);
+
+ return MD5_DIGEST_LENGTH;
+ }
+ default:
+ return -1;
+ }
+}
+
+static EVP_CIPHER r4_hmac_md5_cipher = {
+# ifdef NID_rc4_hmac_md5
+ NID_rc4_hmac_md5,
+# else
+ NID_undef,
+# endif
+ 1, EVP_RC4_KEY_SIZE, 0,
+ EVP_CIPH_STREAM_CIPHER | EVP_CIPH_VARIABLE_LENGTH |
+ EVP_CIPH_FLAG_AEAD_CIPHER,
+ rc4_hmac_md5_init_key,
+ rc4_hmac_md5_cipher,
+ NULL,
+ sizeof(EVP_RC4_HMAC_MD5),
+ NULL,
+ NULL,
+ rc4_hmac_md5_ctrl,
+ NULL
+};
+
+const EVP_CIPHER *EVP_rc4_hmac_md5(void)
+{
+ return (&r4_hmac_md5_cipher);
+}
+#endif
Modified: trunk/crypto/openssl/crypto/evp/e_seed.c
===================================================================
--- trunk/crypto/openssl/crypto/evp/e_seed.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/evp/e_seed.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -54,11 +54,11 @@
*/
#include <openssl/opensslconf.h>
-#include <openssl/evp.h>
-#include <openssl/err.h>
-#include <string.h>
-#include <assert.h>
#ifndef OPENSSL_NO_SEED
+# include <openssl/evp.h>
+# include <openssl/err.h>
+# include <string.h>
+# include <assert.h>
# include <openssl/seed.h>
# include "evp_locl.h"
Modified: trunk/crypto/openssl/crypto/evp/e_xcbc_d.c
===================================================================
--- trunk/crypto/openssl/crypto/evp/e_xcbc_d.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/evp/e_xcbc_d.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -63,12 +63,13 @@
# include <openssl/evp.h>
# include <openssl/objects.h>
+# include "evp_locl.h"
# include <openssl/des.h>
static int desx_cbc_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc);
static int desx_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, unsigned int inl);
+ const unsigned char *in, size_t inl);
typedef struct {
DES_key_schedule ks; /* key schedule */
@@ -110,11 +111,20 @@
}
static int desx_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, unsigned int inl)
+ const unsigned char *in, size_t inl)
{
- DES_xcbc_encrypt(in, out, inl, &data(ctx)->ks,
- (DES_cblock *)&(ctx->iv[0]),
- &data(ctx)->inw, &data(ctx)->outw, ctx->encrypt);
+ while (inl >= EVP_MAXCHUNK) {
+ DES_xcbc_encrypt(in, out, (long)EVP_MAXCHUNK, &data(ctx)->ks,
+ (DES_cblock *)&(ctx->iv[0]),
+ &data(ctx)->inw, &data(ctx)->outw, ctx->encrypt);
+ inl -= EVP_MAXCHUNK;
+ in += EVP_MAXCHUNK;
+ out += EVP_MAXCHUNK;
+ }
+ if (inl)
+ DES_xcbc_encrypt(in, out, (long)inl, &data(ctx)->ks,
+ (DES_cblock *)&(ctx->iv[0]),
+ &data(ctx)->inw, &data(ctx)->outw, ctx->encrypt);
return 1;
}
#endif
Modified: trunk/crypto/openssl/crypto/evp/encode.c
===================================================================
--- trunk/crypto/openssl/crypto/evp/encode.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/evp/encode.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -86,7 +86,7 @@
#define CHUNKS_PER_LINE (64/4)
#define CHAR_PER_LINE (64+1)
-static unsigned char data_bin2ascii[65] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ\
+static const unsigned char data_bin2ascii[65] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ\
abcdefghijklmnopqrstuvwxyz0123456789+/";
/*-
@@ -104,7 +104,7 @@
#define B64_ERROR 0xFF
#define B64_NOT_BASE64(a) (((a)|0x13) == 0xF3)
-static unsigned char data_ascii2bin[128] = {
+static const unsigned char data_ascii2bin[128] = {
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
0xFF, 0xE0, 0xF0, 0xFF, 0xFF, 0xF1, 0xFF, 0xFF,
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
@@ -137,7 +137,7 @@
unsigned int total = 0;
*outl = 0;
- if (inl == 0)
+ if (inl <= 0)
return;
OPENSSL_assert(ctx->length <= (int)sizeof(ctx->enc_data));
if ((ctx->num + inl) < ctx->length) {
Modified: trunk/crypto/openssl/crypto/evp/evp.h
===================================================================
--- trunk/crypto/openssl/crypto/evp/evp.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/evp/evp.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -75,10 +75,6 @@
# include <openssl/bio.h>
# endif
-# ifdef OPENSSL_FIPS
-# include <openssl/fips.h>
-# endif
-
/*-
#define EVP_RC2_KEY_SIZE 16
#define EVP_RC4_KEY_SIZE 16
@@ -87,7 +83,7 @@
#define EVP_RC5_32_12_16_KEY_SIZE 16
*/
# define EVP_MAX_MD_SIZE 64/* longest known is SHA512 */
-# define EVP_MAX_KEY_LENGTH 32
+# define EVP_MAX_KEY_LENGTH 64
# define EVP_MAX_IV_LENGTH 16
# define EVP_MAX_BLOCK_LENGTH 32
@@ -107,7 +103,6 @@
# define EVP_PKS_RSA 0x0100
# define EVP_PKS_DSA 0x0200
# define EVP_PKS_EC 0x0400
-# define EVP_PKT_EXP 0x1000 /* <= 512 bit key */
# define EVP_PKEY_NONE NID_undef
# define EVP_PKEY_RSA NID_rsaEncryption
@@ -119,6 +114,8 @@
# define EVP_PKEY_DSA4 NID_dsaWithSHA1_2
# define EVP_PKEY_DH NID_dhKeyAgreement
# define EVP_PKEY_EC NID_X9_62_id_ecPublicKey
+# define EVP_PKEY_HMAC NID_hmac
+# define EVP_PKEY_CMAC NID_cmac
#ifdef __cplusplus
extern "C" {
@@ -132,6 +129,8 @@
int type;
int save_type;
int references;
+ const EVP_PKEY_ASN1_METHOD *ameth;
+ ENGINE *engine;
union {
char *ptr;
# ifndef OPENSSL_NO_RSA
@@ -156,70 +155,6 @@
# define EVP_PKEY_MO_ENCRYPT 0x0004
# define EVP_PKEY_MO_DECRYPT 0x0008
-# if 0
-/*
- * This structure is required to tie the message digest and signing together.
- * The lookup can be done by md/pkey_method, oid, oid/pkey_method, or oid, md
- * and pkey. This is required because for various smart-card perform the
- * digest and signing/verification on-board. To handle this case, the
- * specific EVP_MD and EVP_PKEY_METHODs need to be closely associated. When a
- * PKEY is created, it will have a EVP_PKEY_METHOD associated with it. This
- * can either be software or a token to provide the required low level
- * routines.
- */
-typedef struct evp_pkey_md_st {
- int oid;
- EVP_MD *md;
- EVP_PKEY_METHOD *pkey;
-} EVP_PKEY_MD;
-
-# define EVP_rsa_md2() \
- EVP_PKEY_MD_add(NID_md2WithRSAEncryption,\
- EVP_rsa_pkcs1(),EVP_md2())
-# define EVP_rsa_md5() \
- EVP_PKEY_MD_add(NID_md5WithRSAEncryption,\
- EVP_rsa_pkcs1(),EVP_md5())
-# define EVP_rsa_sha0() \
- EVP_PKEY_MD_add(NID_shaWithRSAEncryption,\
- EVP_rsa_pkcs1(),EVP_sha())
-# define EVP_rsa_sha1() \
- EVP_PKEY_MD_add(NID_sha1WithRSAEncryption,\
- EVP_rsa_pkcs1(),EVP_sha1())
-# define EVP_rsa_ripemd160() \
- EVP_PKEY_MD_add(NID_ripemd160WithRSA,\
- EVP_rsa_pkcs1(),EVP_ripemd160())
-# define EVP_rsa_mdc2() \
- EVP_PKEY_MD_add(NID_mdc2WithRSA,\
- EVP_rsa_octet_string(),EVP_mdc2())
-# define EVP_dsa_sha() \
- EVP_PKEY_MD_add(NID_dsaWithSHA,\
- EVP_dsa(),EVP_sha())
-# define EVP_dsa_sha1() \
- EVP_PKEY_MD_add(NID_dsaWithSHA1,\
- EVP_dsa(),EVP_sha1())
-
-typedef struct evp_pkey_method_st {
- char *name;
- int flags;
- int type; /* RSA, DSA, an SSLeay specific constant */
- int oid; /* For the pub-key type */
- int encrypt_oid; /* pub/priv key encryption */
- int (*sign) ();
- int (*verify) ();
- struct {
- int (*set) (); /* get and/or set the underlying type */
- int (*get) ();
- int (*encrypt) ();
- int (*decrypt) ();
- int (*i2d) ();
- int (*d2i) ();
- int (*dup) ();
- } pub, priv;
- int (*set_asn1_parameters) ();
- int (*get_asn1_parameters) ();
-} EVP_PKEY_METHOD;
-# endif
-
# ifndef EVP_MD
struct env_md_st {
int type;
@@ -240,6 +175,8 @@
int required_pkey_type[5]; /* EVP_PKEY_xxx */
int block_size;
int ctx_size; /* how big does the ctx->md_data need to be */
+ /* control function */
+ int (*md_ctrl) (EVP_MD_CTX *ctx, int cmd, int p1, void *p2);
} /* EVP_MD */ ;
typedef int evp_sign_method(int type, const unsigned char *m,
@@ -250,20 +187,49 @@
const unsigned char *sigbuf,
unsigned int siglen, void *key);
-typedef struct {
- EVP_MD_CTX *mctx;
- void *key;
-} EVP_MD_SVCTX;
-
/* digest can only handle a single block */
# define EVP_MD_FLAG_ONESHOT 0x0001
+/*
+ * digest is a "clone" digest used
+ * which is a copy of an existing
+ * one for a specific public key type.
+ * EVP_dss1() etc
+ */
+# define EVP_MD_FLAG_PKEY_DIGEST 0x0002
+
+/* Digest uses EVP_PKEY_METHOD for signing instead of MD specific signing */
+
+# define EVP_MD_FLAG_PKEY_METHOD_SIGNATURE 0x0004
+
+/* DigestAlgorithmIdentifier flags... */
+
+# define EVP_MD_FLAG_DIGALGID_MASK 0x0018
+
+/* NULL or absent parameter accepted. Use NULL */
+
+# define EVP_MD_FLAG_DIGALGID_NULL 0x0000
+
+/* NULL or absent parameter accepted. Use NULL for PKCS#1 otherwise absent */
+
+# define EVP_MD_FLAG_DIGALGID_ABSENT 0x0008
+
+/* Custom handling via ctrl */
+
+# define EVP_MD_FLAG_DIGALGID_CUSTOM 0x0018
+
/* Note if suitable for use in FIPS mode */
# define EVP_MD_FLAG_FIPS 0x0400
-# define EVP_MD_FLAG_SVCTX 0x0800
- /* pass EVP_MD_SVCTX to sign/verify */
+/* Digest ctrls */
+# define EVP_MD_CTRL_DIGALGID 0x1
+# define EVP_MD_CTRL_MICALG 0x2
+
+/* Minimum Algorithm specific ctrl value */
+
+# define EVP_MD_CTRL_ALG_CTRL 0x1000
+
# define EVP_PKEY_NULL_method NULL,NULL,{0,0,0,0}
# ifndef OPENSSL_NO_DSA
@@ -304,6 +270,10 @@
* ENGINE-provided */
unsigned long flags;
void *md_data;
+ /* Public key context for sign/verify */
+ EVP_PKEY_CTX *pctx;
+ /* Update function: usually copied from EVP_MD */
+ int (*update) (EVP_MD_CTX *ctx, const void *data, size_t count);
} /* EVP_MD_CTX */ ;
/* values for EVP_MD_CTX flags */
@@ -314,18 +284,26 @@
* cleaned */
# define EVP_MD_CTX_FLAG_REUSE 0x0004/* Don't free up ctx->md_data
* in EVP_MD_CTX_cleanup */
+/*
+ * FIPS and pad options are ignored in 1.0.0, definitions are here so we
+ * don't accidentally reuse the values for other purposes.
+ */
+
# define EVP_MD_CTX_FLAG_NON_FIPS_ALLOW 0x0008/* Allow use of non FIPS
* digest in FIPS mode */
+/*
+ * The following PAD options are also currently ignored in 1.0.0, digest
+ * parameters are handled through EVP_DigestSign*() and EVP_DigestVerify*()
+ * instead.
+ */
# define EVP_MD_CTX_FLAG_PAD_MASK 0xF0/* RSA mode to use */
# define EVP_MD_CTX_FLAG_PAD_PKCS1 0x00/* PKCS#1 v1.5 mode */
# define EVP_MD_CTX_FLAG_PAD_X931 0x10/* X9.31 mode */
# define EVP_MD_CTX_FLAG_PAD_PSS 0x20/* PSS mode */
-# define M_EVP_MD_CTX_FLAG_PSS_SALT(ctx) \
- ((ctx->flags>>16) &0xFFFF) /* seed length */
-# define EVP_MD_CTX_FLAG_PSS_MDLEN 0xFFFF/* salt len same as digest */
-# define EVP_MD_CTX_FLAG_PSS_MREC 0xFFFE/* salt max or auto recovered */
+# define EVP_MD_CTX_FLAG_NO_INIT 0x0100/* Don't initialize md_data */
+
struct evp_cipher_st {
int nid;
int block_size;
@@ -339,7 +317,7 @@
const unsigned char *iv, int enc);
/* encrypt/decrypt data */
int (*do_cipher) (EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, unsigned int inl);
+ const unsigned char *in, size_t inl);
/* cleanup ctx */
int (*cleanup) (EVP_CIPHER_CTX *);
/* how big ctx->cipher_data needs to be */
@@ -363,7 +341,11 @@
# define EVP_CIPH_CBC_MODE 0x2
# define EVP_CIPH_CFB_MODE 0x3
# define EVP_CIPH_OFB_MODE 0x4
-# define EVP_CIPH_MODE 0x7
+# define EVP_CIPH_CTR_MODE 0x5
+# define EVP_CIPH_GCM_MODE 0x6
+# define EVP_CIPH_CCM_MODE 0x7
+# define EVP_CIPH_XTS_MODE 0x10001
+# define EVP_CIPH_MODE 0xF0007
/* Set if variable length cipher */
# define EVP_CIPH_VARIABLE_LENGTH 0x8
/* Set if the iv handling should be done by the cipher itself */
@@ -378,14 +360,21 @@
# define EVP_CIPH_NO_PADDING 0x100
/* cipher handles random key generation */
# define EVP_CIPH_RAND_KEY 0x200
-/* Note if suitable for use in FIPS mode */
-# define EVP_CIPH_FLAG_FIPS 0x400
-/* Allow non FIPS cipher in FIPS mode */
-# define EVP_CIPH_FLAG_NON_FIPS_ALLOW 0x800
+/* cipher has its own additional copying logic */
+# define EVP_CIPH_CUSTOM_COPY 0x400
/* Allow use default ASN1 get/set iv */
# define EVP_CIPH_FLAG_DEFAULT_ASN1 0x1000
/* Buffer length in bits not bytes: CFB1 mode only */
# define EVP_CIPH_FLAG_LENGTH_BITS 0x2000
+/* Note if suitable for use in FIPS mode */
+# define EVP_CIPH_FLAG_FIPS 0x4000
+/* Allow non FIPS cipher in FIPS mode */
+# define EVP_CIPH_FLAG_NON_FIPS_ALLOW 0x8000
+/*
+ * Cipher handles any and all padding logic as well as finalisation.
+ */
+# define EVP_CIPH_FLAG_CUSTOM_CIPHER 0x100000
+# define EVP_CIPH_FLAG_AEAD_CIPHER 0x200000
/* ctrl() values */
@@ -396,7 +385,40 @@
# define EVP_CTRL_GET_RC5_ROUNDS 0x4
# define EVP_CTRL_SET_RC5_ROUNDS 0x5
# define EVP_CTRL_RAND_KEY 0x6
+# define EVP_CTRL_PBE_PRF_NID 0x7
+# define EVP_CTRL_COPY 0x8
+# define EVP_CTRL_GCM_SET_IVLEN 0x9
+# define EVP_CTRL_GCM_GET_TAG 0x10
+# define EVP_CTRL_GCM_SET_TAG 0x11
+# define EVP_CTRL_GCM_SET_IV_FIXED 0x12
+# define EVP_CTRL_GCM_IV_GEN 0x13
+# define EVP_CTRL_CCM_SET_IVLEN EVP_CTRL_GCM_SET_IVLEN
+# define EVP_CTRL_CCM_GET_TAG EVP_CTRL_GCM_GET_TAG
+# define EVP_CTRL_CCM_SET_TAG EVP_CTRL_GCM_SET_TAG
+# define EVP_CTRL_CCM_SET_L 0x14
+# define EVP_CTRL_CCM_SET_MSGLEN 0x15
+/*
+ * AEAD cipher deduces payload length and returns number of bytes required to
+ * store MAC and eventual padding. Subsequent call to EVP_Cipher even
+ * appends/verifies MAC.
+ */
+# define EVP_CTRL_AEAD_TLS1_AAD 0x16
+/* Used by composite AEAD ciphers, no-op in GCM, CCM... */
+# define EVP_CTRL_AEAD_SET_MAC_KEY 0x17
+/* Set the GCM invocation field, decrypt only */
+# define EVP_CTRL_GCM_SET_IV_INV 0x18
+/* RFC 5246 defines additional data to be 13 bytes in length */
+# define EVP_AEAD_TLS1_AAD_LEN 13
+
+/* GCM TLS constants */
+/* Length of fixed part of IV derived from PRF */
+# define EVP_GCM_TLS_FIXED_IV_LEN 4
+/* Length of explicit part of IV part of TLS records */
+# define EVP_GCM_TLS_EXPLICIT_IV_LEN 8
+/* Length of tag for TLS */
+# define EVP_GCM_TLS_TAG_LEN 16
+
typedef struct evp_cipher_info_st {
const EVP_CIPHER *cipher;
unsigned char iv[EVP_MAX_IV_LENGTH];
@@ -411,7 +433,7 @@
unsigned char oiv[EVP_MAX_IV_LENGTH]; /* original iv */
unsigned char iv[EVP_MAX_IV_LENGTH]; /* working iv */
unsigned char buf[EVP_MAX_BLOCK_LENGTH]; /* saved partial block */
- int num; /* used by cfb/ofb mode */
+ int num; /* used by cfb/ofb/ctr mode */
void *app_data; /* application stuff */
int key_len; /* May change for variable length cipher */
unsigned long flags; /* Various flags */
@@ -469,18 +491,6 @@
# define EVP_get_cipherbynid(a) EVP_get_cipherbyname(OBJ_nid2sn(a))
# define EVP_get_cipherbyobj(a) EVP_get_cipherbynid(OBJ_obj2nid(a))
-/* Macros to reduce FIPS dependencies: do NOT use in applications */
-# define M_EVP_MD_size(e) ((e)->md_size)
-# define M_EVP_MD_block_size(e) ((e)->block_size)
-# define M_EVP_MD_CTX_set_flags(ctx,flgs) ((ctx)->flags|=(flgs))
-# define M_EVP_MD_CTX_clear_flags(ctx,flgs) ((ctx)->flags&=~(flgs))
-# define M_EVP_MD_CTX_test_flags(ctx,flgs) ((ctx)->flags&(flgs))
-# define M_EVP_MD_type(e) ((e)->type)
-# define M_EVP_MD_CTX_type(e) M_EVP_MD_type(M_EVP_MD_CTX_md(e))
-# define M_EVP_MD_CTX_md(e) ((e)->digest)
-
-# define M_EVP_CIPHER_CTX_set_flags(ctx,flgs) ((ctx)->flags|=(flgs))
-
int EVP_MD_type(const EVP_MD *md);
# define EVP_MD_nid(e) EVP_MD_type(e)
# define EVP_MD_name(e) OBJ_nid2sn(EVP_MD_nid(e))
@@ -487,6 +497,7 @@
int EVP_MD_pkey_type(const EVP_MD *md);
int EVP_MD_size(const EVP_MD *md);
int EVP_MD_block_size(const EVP_MD *md);
+unsigned long EVP_MD_flags(const EVP_MD *md);
const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx);
# define EVP_MD_CTX_size(e) EVP_MD_size(EVP_MD_CTX_md(e))
@@ -506,6 +517,7 @@
int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
+int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in);
void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
void EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data);
# define EVP_CIPHER_CTX_type(c) EVP_CIPHER_type(EVP_CIPHER_CTX_cipher(c))
@@ -523,6 +535,8 @@
# define EVP_VerifyUpdate(a,b,c) EVP_DigestUpdate(a,b,c)
# define EVP_OpenUpdate(a,b,c,d,e) EVP_DecryptUpdate(a,b,c,d,e)
# define EVP_SealUpdate(a,b,c,d,e) EVP_EncryptUpdate(a,b,c,d,e)
+# define EVP_DigestSignUpdate(a,b,c) EVP_DigestUpdate(a,b,c)
+# define EVP_DigestVerifyUpdate(a,b,c) EVP_DigestUpdate(a,b,c)
# ifdef CONST_STRICT
void BIO_set_md(BIO *, const EVP_MD *md);
@@ -567,6 +581,8 @@
int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
int EVP_read_pw_string(char *buf, int length, const char *prompt, int verify);
+int EVP_read_pw_string_min(char *buf, int minlen, int maxlen,
+ const char *prompt, int verify);
void EVP_set_pw_prompt(const char *prompt);
char *EVP_get_pw_prompt(void);
@@ -616,6 +632,15 @@
int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
unsigned int siglen, EVP_PKEY *pkey);
+int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
+ const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
+int EVP_DigestSignFinal(EVP_MD_CTX *ctx,
+ unsigned char *sigret, size_t *siglen);
+
+int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
+ const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
+int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, unsigned char *sig, size_t siglen);
+
int EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
const unsigned char *ek, int ekl, const unsigned char *iv,
EVP_PKEY *priv);
@@ -688,6 +713,9 @@
# ifndef OPENSSL_NO_RIPEMD
const EVP_MD *EVP_ripemd160(void);
# endif
+# ifndef OPENSSL_NO_WHIRLPOOL
+const EVP_MD *EVP_whirlpool(void);
+# endif
const EVP_CIPHER *EVP_enc_null(void); /* does nothing :-) */
# ifndef OPENSSL_NO_DES
const EVP_CIPHER *EVP_des_ecb(void);
@@ -732,6 +760,9 @@
# ifndef OPENSSL_NO_RC4
const EVP_CIPHER *EVP_rc4(void);
const EVP_CIPHER *EVP_rc4_40(void);
+# ifndef OPENSSL_NO_MD5
+const EVP_CIPHER *EVP_rc4_hmac_md5(void);
+# endif
# endif
# ifndef OPENSSL_NO_IDEA
const EVP_CIPHER *EVP_idea_ecb(void);
@@ -778,9 +809,10 @@
const EVP_CIPHER *EVP_aes_128_cfb128(void);
# define EVP_aes_128_cfb EVP_aes_128_cfb128
const EVP_CIPHER *EVP_aes_128_ofb(void);
-# if 0
const EVP_CIPHER *EVP_aes_128_ctr(void);
-# endif
+const EVP_CIPHER *EVP_aes_128_ccm(void);
+const EVP_CIPHER *EVP_aes_128_gcm(void);
+const EVP_CIPHER *EVP_aes_128_xts(void);
const EVP_CIPHER *EVP_aes_192_ecb(void);
const EVP_CIPHER *EVP_aes_192_cbc(void);
const EVP_CIPHER *EVP_aes_192_cfb1(void);
@@ -788,9 +820,9 @@
const EVP_CIPHER *EVP_aes_192_cfb128(void);
# define EVP_aes_192_cfb EVP_aes_192_cfb128
const EVP_CIPHER *EVP_aes_192_ofb(void);
-# if 0
const EVP_CIPHER *EVP_aes_192_ctr(void);
-# endif
+const EVP_CIPHER *EVP_aes_192_ccm(void);
+const EVP_CIPHER *EVP_aes_192_gcm(void);
const EVP_CIPHER *EVP_aes_256_ecb(void);
const EVP_CIPHER *EVP_aes_256_cbc(void);
const EVP_CIPHER *EVP_aes_256_cfb1(void);
@@ -798,8 +830,13 @@
const EVP_CIPHER *EVP_aes_256_cfb128(void);
# define EVP_aes_256_cfb EVP_aes_256_cfb128
const EVP_CIPHER *EVP_aes_256_ofb(void);
-# if 0
const EVP_CIPHER *EVP_aes_256_ctr(void);
+const EVP_CIPHER *EVP_aes_256_ccm(void);
+const EVP_CIPHER *EVP_aes_256_gcm(void);
+const EVP_CIPHER *EVP_aes_256_xts(void);
+# if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
+const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha1(void);
+const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha1(void);
# endif
# endif
# ifndef OPENSSL_NO_CAMELLIA
@@ -858,16 +895,35 @@
const EVP_MD *EVP_get_digestbyname(const char *name);
void EVP_cleanup(void);
-int EVP_PKEY_decrypt(unsigned char *dec_key,
- const unsigned char *enc_key, int enc_key_len,
- EVP_PKEY *private_key);
-int EVP_PKEY_encrypt(unsigned char *enc_key,
- const unsigned char *key, int key_len,
- EVP_PKEY *pub_key);
+void EVP_CIPHER_do_all(void (*fn) (const EVP_CIPHER *ciph,
+ const char *from, const char *to, void *x),
+ void *arg);
+void EVP_CIPHER_do_all_sorted(void (*fn)
+ (const EVP_CIPHER *ciph, const char *from,
+ const char *to, void *x), void *arg);
+
+void EVP_MD_do_all(void (*fn) (const EVP_MD *ciph,
+ const char *from, const char *to, void *x),
+ void *arg);
+void EVP_MD_do_all_sorted(void (*fn)
+ (const EVP_MD *ciph, const char *from,
+ const char *to, void *x), void *arg);
+
+int EVP_PKEY_decrypt_old(unsigned char *dec_key,
+ const unsigned char *enc_key, int enc_key_len,
+ EVP_PKEY *private_key);
+int EVP_PKEY_encrypt_old(unsigned char *enc_key,
+ const unsigned char *key, int key_len,
+ EVP_PKEY *pub_key);
int EVP_PKEY_type(int type);
+int EVP_PKEY_id(const EVP_PKEY *pkey);
+int EVP_PKEY_base_id(const EVP_PKEY *pkey);
int EVP_PKEY_bits(EVP_PKEY *pkey);
int EVP_PKEY_size(EVP_PKEY *pkey);
-int EVP_PKEY_assign(EVP_PKEY *pkey, int type, char *key);
+int EVP_PKEY_set_type(EVP_PKEY *pkey, int type);
+int EVP_PKEY_set_type_str(EVP_PKEY *pkey, const char *str, int len);
+int EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key);
+void *EVP_PKEY_get0(EVP_PKEY *pkey);
# ifndef OPENSSL_NO_RSA
struct rsa_st;
@@ -910,6 +966,15 @@
int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b);
+int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey,
+ int indent, ASN1_PCTX *pctx);
+int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey,
+ int indent, ASN1_PCTX *pctx);
+int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey,
+ int indent, ASN1_PCTX *pctx);
+
+int EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid);
+
int EVP_CIPHER_type(const EVP_CIPHER *ctx);
/* calls methods */
@@ -927,6 +992,9 @@
int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
const unsigned char *salt, int saltlen, int iter,
int keylen, unsigned char *out);
+int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
+ const unsigned char *salt, int saltlen, int iter,
+ const EVP_MD *digest, int keylen, unsigned char *out);
int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
ASN1_TYPE *param, const EVP_CIPHER *cipher,
const EVP_MD *md, int en_de);
@@ -935,27 +1003,315 @@
int EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de);
+
+/* PBE type */
+
+/* Can appear as the outermost AlgorithmIdentifier */
+# define EVP_PBE_TYPE_OUTER 0x0
+/* Is an PRF type OID */
+# define EVP_PBE_TYPE_PRF 0x1
+
+int EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid,
+ int md_nid, EVP_PBE_KEYGEN *keygen);
int EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md,
EVP_PBE_KEYGEN *keygen);
+int EVP_PBE_find(int type, int pbe_nid, int *pcnid, int *pmnid,
+ EVP_PBE_KEYGEN **pkeygen);
void EVP_PBE_cleanup(void);
-# ifdef OPENSSL_FIPS
-# ifndef OPENSSL_NO_ENGINE
-void int_EVP_MD_set_engine_callbacks(int (*eng_md_init) (ENGINE *impl),
- int (*eng_md_fin) (ENGINE *impl),
- int (*eng_md_evp)
- (EVP_MD_CTX *ctx, const EVP_MD **ptype,
- ENGINE *impl));
-void int_EVP_MD_init_engine_callbacks(void);
-void int_EVP_CIPHER_set_engine_callbacks(int (*eng_ciph_fin) (ENGINE *impl),
- int (*eng_ciph_evp)
- (EVP_CIPHER_CTX *ctx,
- const EVP_CIPHER **pciph,
- ENGINE *impl));
-void int_EVP_CIPHER_init_engine_callbacks(void);
-# endif
-# endif
+# define ASN1_PKEY_ALIAS 0x1
+# define ASN1_PKEY_DYNAMIC 0x2
+# define ASN1_PKEY_SIGPARAM_NULL 0x4
+# define ASN1_PKEY_CTRL_PKCS7_SIGN 0x1
+# define ASN1_PKEY_CTRL_PKCS7_ENCRYPT 0x2
+# define ASN1_PKEY_CTRL_DEFAULT_MD_NID 0x3
+# define ASN1_PKEY_CTRL_CMS_SIGN 0x5
+# define ASN1_PKEY_CTRL_CMS_ENVELOPE 0x7
+
+int EVP_PKEY_asn1_get_count(void);
+const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_get0(int idx);
+const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find(ENGINE **pe, int type);
+const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find_str(ENGINE **pe,
+ const char *str, int len);
+int EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth);
+int EVP_PKEY_asn1_add_alias(int to, int from);
+int EVP_PKEY_asn1_get0_info(int *ppkey_id, int *pkey_base_id,
+ int *ppkey_flags, const char **pinfo,
+ const char **ppem_str,
+ const EVP_PKEY_ASN1_METHOD *ameth);
+
+const EVP_PKEY_ASN1_METHOD *EVP_PKEY_get0_asn1(EVP_PKEY *pkey);
+EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_new(int id, int flags,
+ const char *pem_str,
+ const char *info);
+void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst,
+ const EVP_PKEY_ASN1_METHOD *src);
+void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth);
+void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth,
+ int (*pub_decode) (EVP_PKEY *pk,
+ X509_PUBKEY *pub),
+ int (*pub_encode) (X509_PUBKEY *pub,
+ const EVP_PKEY *pk),
+ int (*pub_cmp) (const EVP_PKEY *a,
+ const EVP_PKEY *b),
+ int (*pub_print) (BIO *out,
+ const EVP_PKEY *pkey,
+ int indent, ASN1_PCTX *pctx),
+ int (*pkey_size) (const EVP_PKEY *pk),
+ int (*pkey_bits) (const EVP_PKEY *pk));
+void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth,
+ int (*priv_decode) (EVP_PKEY *pk,
+ PKCS8_PRIV_KEY_INFO
+ *p8inf),
+ int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8,
+ const EVP_PKEY *pk),
+ int (*priv_print) (BIO *out,
+ const EVP_PKEY *pkey,
+ int indent,
+ ASN1_PCTX *pctx));
+void EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth,
+ int (*param_decode) (EVP_PKEY *pkey,
+ const unsigned char **pder,
+ int derlen),
+ int (*param_encode) (const EVP_PKEY *pkey,
+ unsigned char **pder),
+ int (*param_missing) (const EVP_PKEY *pk),
+ int (*param_copy) (EVP_PKEY *to,
+ const EVP_PKEY *from),
+ int (*param_cmp) (const EVP_PKEY *a,
+ const EVP_PKEY *b),
+ int (*param_print) (BIO *out,
+ const EVP_PKEY *pkey,
+ int indent,
+ ASN1_PCTX *pctx));
+
+void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth,
+ void (*pkey_free) (EVP_PKEY *pkey));
+void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
+ int (*pkey_ctrl) (EVP_PKEY *pkey, int op,
+ long arg1, void *arg2));
+
+# define EVP_PKEY_OP_UNDEFINED 0
+# define EVP_PKEY_OP_PARAMGEN (1<<1)
+# define EVP_PKEY_OP_KEYGEN (1<<2)
+# define EVP_PKEY_OP_SIGN (1<<3)
+# define EVP_PKEY_OP_VERIFY (1<<4)
+# define EVP_PKEY_OP_VERIFYRECOVER (1<<5)
+# define EVP_PKEY_OP_SIGNCTX (1<<6)
+# define EVP_PKEY_OP_VERIFYCTX (1<<7)
+# define EVP_PKEY_OP_ENCRYPT (1<<8)
+# define EVP_PKEY_OP_DECRYPT (1<<9)
+# define EVP_PKEY_OP_DERIVE (1<<10)
+
+# define EVP_PKEY_OP_TYPE_SIG \
+ (EVP_PKEY_OP_SIGN | EVP_PKEY_OP_VERIFY | EVP_PKEY_OP_VERIFYRECOVER \
+ | EVP_PKEY_OP_SIGNCTX | EVP_PKEY_OP_VERIFYCTX)
+
+# define EVP_PKEY_OP_TYPE_CRYPT \
+ (EVP_PKEY_OP_ENCRYPT | EVP_PKEY_OP_DECRYPT)
+
+# define EVP_PKEY_OP_TYPE_NOGEN \
+ (EVP_PKEY_OP_SIG | EVP_PKEY_OP_CRYPT | EVP_PKEY_OP_DERIVE)
+
+# define EVP_PKEY_OP_TYPE_GEN \
+ (EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN)
+
+# define EVP_PKEY_CTX_set_signature_md(ctx, md) \
+ EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_TYPE_SIG, \
+ EVP_PKEY_CTRL_MD, 0, (void *)md)
+
+# define EVP_PKEY_CTRL_MD 1
+# define EVP_PKEY_CTRL_PEER_KEY 2
+
+# define EVP_PKEY_CTRL_PKCS7_ENCRYPT 3
+# define EVP_PKEY_CTRL_PKCS7_DECRYPT 4
+
+# define EVP_PKEY_CTRL_PKCS7_SIGN 5
+
+# define EVP_PKEY_CTRL_SET_MAC_KEY 6
+
+# define EVP_PKEY_CTRL_DIGESTINIT 7
+
+/* Used by GOST key encryption in TLS */
+# define EVP_PKEY_CTRL_SET_IV 8
+
+# define EVP_PKEY_CTRL_CMS_ENCRYPT 9
+# define EVP_PKEY_CTRL_CMS_DECRYPT 10
+# define EVP_PKEY_CTRL_CMS_SIGN 11
+
+# define EVP_PKEY_CTRL_CIPHER 12
+
+# define EVP_PKEY_ALG_CTRL 0x1000
+
+# define EVP_PKEY_FLAG_AUTOARGLEN 2
+/*
+ * Method handles all operations: don't assume any digest related defaults.
+ */
+# define EVP_PKEY_FLAG_SIGCTX_CUSTOM 4
+
+const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
+EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
+void EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags,
+ const EVP_PKEY_METHOD *meth);
+void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
+void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
+int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
+
+EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e);
+EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e);
+EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *ctx);
+void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx);
+
+int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+ int cmd, int p1, void *p2);
+int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+ const char *value);
+
+int EVP_PKEY_CTX_get_operation(EVP_PKEY_CTX *ctx);
+void EVP_PKEY_CTX_set0_keygen_info(EVP_PKEY_CTX *ctx, int *dat, int datlen);
+
+EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e,
+ const unsigned char *key, int keylen);
+
+void EVP_PKEY_CTX_set_data(EVP_PKEY_CTX *ctx, void *data);
+void *EVP_PKEY_CTX_get_data(EVP_PKEY_CTX *ctx);
+EVP_PKEY *EVP_PKEY_CTX_get0_pkey(EVP_PKEY_CTX *ctx);
+
+EVP_PKEY *EVP_PKEY_CTX_get0_peerkey(EVP_PKEY_CTX *ctx);
+
+void EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX *ctx, void *data);
+void *EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx);
+
+int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_sign(EVP_PKEY_CTX *ctx,
+ unsigned char *sig, size_t *siglen,
+ const unsigned char *tbs, size_t tbslen);
+int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_verify(EVP_PKEY_CTX *ctx,
+ const unsigned char *sig, size_t siglen,
+ const unsigned char *tbs, size_t tbslen);
+int EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx,
+ unsigned char *rout, size_t *routlen,
+ const unsigned char *sig, size_t siglen);
+int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx,
+ unsigned char *out, size_t *outlen,
+ const unsigned char *in, size_t inlen);
+int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx,
+ unsigned char *out, size_t *outlen,
+ const unsigned char *in, size_t inlen);
+
+int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer);
+int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);
+
+typedef int EVP_PKEY_gen_cb (EVP_PKEY_CTX *ctx);
+
+int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
+int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
+
+void EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX *ctx, EVP_PKEY_gen_cb *cb);
+EVP_PKEY_gen_cb *EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx);
+
+int EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx);
+
+void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
+ int (*init) (EVP_PKEY_CTX *ctx));
+
+void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
+ int (*copy) (EVP_PKEY_CTX *dst,
+ EVP_PKEY_CTX *src));
+
+void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
+ void (*cleanup) (EVP_PKEY_CTX *ctx));
+
+void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
+ int (*paramgen_init) (EVP_PKEY_CTX *ctx),
+ int (*paramgen) (EVP_PKEY_CTX *ctx,
+ EVP_PKEY *pkey));
+
+void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
+ int (*keygen_init) (EVP_PKEY_CTX *ctx),
+ int (*keygen) (EVP_PKEY_CTX *ctx,
+ EVP_PKEY *pkey));
+
+void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
+ int (*sign_init) (EVP_PKEY_CTX *ctx),
+ int (*sign) (EVP_PKEY_CTX *ctx,
+ unsigned char *sig, size_t *siglen,
+ const unsigned char *tbs,
+ size_t tbslen));
+
+void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
+ int (*verify_init) (EVP_PKEY_CTX *ctx),
+ int (*verify) (EVP_PKEY_CTX *ctx,
+ const unsigned char *sig,
+ size_t siglen,
+ const unsigned char *tbs,
+ size_t tbslen));
+
+void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
+ int (*verify_recover_init) (EVP_PKEY_CTX
+ *ctx),
+ int (*verify_recover) (EVP_PKEY_CTX
+ *ctx,
+ unsigned char
+ *sig,
+ size_t *siglen,
+ const unsigned
+ char *tbs,
+ size_t tbslen));
+
+void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
+ int (*signctx_init) (EVP_PKEY_CTX *ctx,
+ EVP_MD_CTX *mctx),
+ int (*signctx) (EVP_PKEY_CTX *ctx,
+ unsigned char *sig,
+ size_t *siglen,
+ EVP_MD_CTX *mctx));
+
+void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
+ int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
+ EVP_MD_CTX *mctx),
+ int (*verifyctx) (EVP_PKEY_CTX *ctx,
+ const unsigned char *sig,
+ int siglen,
+ EVP_MD_CTX *mctx));
+
+void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
+ int (*encrypt_init) (EVP_PKEY_CTX *ctx),
+ int (*encryptfn) (EVP_PKEY_CTX *ctx,
+ unsigned char *out,
+ size_t *outlen,
+ const unsigned char *in,
+ size_t inlen));
+
+void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
+ int (*decrypt_init) (EVP_PKEY_CTX *ctx),
+ int (*decrypt) (EVP_PKEY_CTX *ctx,
+ unsigned char *out,
+ size_t *outlen,
+ const unsigned char *in,
+ size_t inlen));
+
+void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
+ int (*derive_init) (EVP_PKEY_CTX *ctx),
+ int (*derive) (EVP_PKEY_CTX *ctx,
+ unsigned char *key,
+ size_t *keylen));
+
+void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
+ int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+ void *p2),
+ int (*ctrl_str) (EVP_PKEY_CTX *ctx,
+ const char *type,
+ const char *value));
+
void EVP_add_alg_module(void);
/* BEGIN ERROR CODES */
@@ -968,51 +1324,86 @@
/* Error codes for the EVP functions. */
/* Function codes. */
+# define EVP_F_AESNI_INIT_KEY 165
+# define EVP_F_AESNI_XTS_CIPHER 176
# define EVP_F_AES_INIT_KEY 133
-# define EVP_F_ALG_MODULE_INIT 138
+# define EVP_F_AES_XTS 172
+# define EVP_F_AES_XTS_CIPHER 175
+# define EVP_F_ALG_MODULE_INIT 177
# define EVP_F_CAMELLIA_INIT_KEY 159
+# define EVP_F_CMAC_INIT 173
# define EVP_F_D2I_PKEY 100
-# define EVP_F_DO_EVP_ENC_ENGINE 140
-# define EVP_F_DO_EVP_ENC_ENGINE_FULL 141
-# define EVP_F_DO_EVP_MD_ENGINE 139
-# define EVP_F_DO_EVP_MD_ENGINE_FULL 142
+# define EVP_F_DO_SIGVER_INIT 161
# define EVP_F_DSAPKEY2PKCS8 134
# define EVP_F_DSA_PKEY2PKCS8 135
# define EVP_F_ECDSA_PKEY2PKCS8 129
# define EVP_F_ECKEY_PKEY2PKCS8 132
-# define EVP_F_EVP_CIPHERINIT 137
# define EVP_F_EVP_CIPHERINIT_EX 123
+# define EVP_F_EVP_CIPHER_CTX_COPY 163
# define EVP_F_EVP_CIPHER_CTX_CTRL 124
# define EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH 122
# define EVP_F_EVP_DECRYPTFINAL_EX 101
-# define EVP_F_EVP_DIGESTINIT 136
# define EVP_F_EVP_DIGESTINIT_EX 128
# define EVP_F_EVP_ENCRYPTFINAL_EX 127
# define EVP_F_EVP_MD_CTX_COPY_EX 110
+# define EVP_F_EVP_MD_SIZE 162
# define EVP_F_EVP_OPENINIT 102
# define EVP_F_EVP_PBE_ALG_ADD 115
+# define EVP_F_EVP_PBE_ALG_ADD_TYPE 160
# define EVP_F_EVP_PBE_CIPHERINIT 116
# define EVP_F_EVP_PKCS82PKEY 111
+# define EVP_F_EVP_PKCS82PKEY_BROKEN 136
# define EVP_F_EVP_PKEY2PKCS8_BROKEN 113
# define EVP_F_EVP_PKEY_COPY_PARAMETERS 103
+# define EVP_F_EVP_PKEY_CTX_CTRL 137
+# define EVP_F_EVP_PKEY_CTX_CTRL_STR 150
+# define EVP_F_EVP_PKEY_CTX_DUP 156
# define EVP_F_EVP_PKEY_DECRYPT 104
+# define EVP_F_EVP_PKEY_DECRYPT_INIT 138
+# define EVP_F_EVP_PKEY_DECRYPT_OLD 151
+# define EVP_F_EVP_PKEY_DERIVE 153
+# define EVP_F_EVP_PKEY_DERIVE_INIT 154
+# define EVP_F_EVP_PKEY_DERIVE_SET_PEER 155
# define EVP_F_EVP_PKEY_ENCRYPT 105
+# define EVP_F_EVP_PKEY_ENCRYPT_INIT 139
+# define EVP_F_EVP_PKEY_ENCRYPT_OLD 152
# define EVP_F_EVP_PKEY_GET1_DH 119
# define EVP_F_EVP_PKEY_GET1_DSA 120
# define EVP_F_EVP_PKEY_GET1_ECDSA 130
# define EVP_F_EVP_PKEY_GET1_EC_KEY 131
# define EVP_F_EVP_PKEY_GET1_RSA 121
+# define EVP_F_EVP_PKEY_KEYGEN 146
+# define EVP_F_EVP_PKEY_KEYGEN_INIT 147
# define EVP_F_EVP_PKEY_NEW 106
+# define EVP_F_EVP_PKEY_PARAMGEN 148
+# define EVP_F_EVP_PKEY_PARAMGEN_INIT 149
+# define EVP_F_EVP_PKEY_SIGN 140
+# define EVP_F_EVP_PKEY_SIGN_INIT 141
+# define EVP_F_EVP_PKEY_VERIFY 142
+# define EVP_F_EVP_PKEY_VERIFY_INIT 143
+# define EVP_F_EVP_PKEY_VERIFY_RECOVER 144
+# define EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT 145
# define EVP_F_EVP_RIJNDAEL 126
# define EVP_F_EVP_SIGNFINAL 107
# define EVP_F_EVP_VERIFYFINAL 108
+# define EVP_F_FIPS_CIPHERINIT 166
+# define EVP_F_FIPS_CIPHER_CTX_COPY 170
+# define EVP_F_FIPS_CIPHER_CTX_CTRL 167
+# define EVP_F_FIPS_CIPHER_CTX_SET_KEY_LENGTH 171
+# define EVP_F_FIPS_DIGESTINIT 168
+# define EVP_F_FIPS_MD_CTX_COPY 169
+# define EVP_F_HMAC_INIT_EX 174
+# define EVP_F_INT_CTX_NEW 157
# define EVP_F_PKCS5_PBE_KEYIVGEN 117
# define EVP_F_PKCS5_V2_PBE_KEYIVGEN 118
+# define EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN 164
# define EVP_F_PKCS8_SET_BROKEN 112
+# define EVP_F_PKEY_SET_TYPE 158
# define EVP_F_RC2_MAGIC_TO_METH 109
# define EVP_F_RC5_CTRL 125
/* Reason codes. */
+# define EVP_R_AES_IV_SETUP_FAILED 162
# define EVP_R_AES_KEY_SETUP_FAILED 143
# define EVP_R_ASN1_LIB 140
# define EVP_R_BAD_BLOCK_LENGTH 136
@@ -1020,17 +1411,20 @@
# define EVP_R_BAD_KEY_LENGTH 137
# define EVP_R_BN_DECODE_ERROR 112
# define EVP_R_BN_PUBKEY_ERROR 113
+# define EVP_R_BUFFER_TOO_SMALL 155
# define EVP_R_CAMELLIA_KEY_SETUP_FAILED 157
# define EVP_R_CIPHER_PARAMETER_ERROR 122
+# define EVP_R_COMMAND_NOT_SUPPORTED 147
# define EVP_R_CTRL_NOT_IMPLEMENTED 132
# define EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED 133
# define EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH 138
# define EVP_R_DECODE_ERROR 114
# define EVP_R_DIFFERENT_KEY_TYPES 101
-# define EVP_R_DISABLED_FOR_FIPS 144
+# define EVP_R_DIFFERENT_PARAMETERS 153
+# define EVP_R_DISABLED_FOR_FIPS 163
# define EVP_R_ENCODE_ERROR 115
-# define EVP_R_ERROR_LOADING_SECTION 145
-# define EVP_R_ERROR_SETTING_FIPS_MODE 146
+# define EVP_R_ERROR_LOADING_SECTION 165
+# define EVP_R_ERROR_SETTING_FIPS_MODE 166
# define EVP_R_EVP_PBE_CIPHERINIT_ERROR 119
# define EVP_R_EXPECTING_AN_RSA_KEY 127
# define EVP_R_EXPECTING_A_DH_KEY 128
@@ -1037,24 +1431,39 @@
# define EVP_R_EXPECTING_A_DSA_KEY 129
# define EVP_R_EXPECTING_A_ECDSA_KEY 141
# define EVP_R_EXPECTING_A_EC_KEY 142
-# define EVP_R_FIPS_MODE_NOT_SUPPORTED 147
+# define EVP_R_FIPS_MODE_NOT_SUPPORTED 167
# define EVP_R_INITIALIZATION_ERROR 134
# define EVP_R_INPUT_NOT_INITIALIZED 111
-# define EVP_R_INVALID_FIPS_MODE 148
+# define EVP_R_INVALID_DIGEST 152
+# define EVP_R_INVALID_FIPS_MODE 168
# define EVP_R_INVALID_KEY_LENGTH 130
+# define EVP_R_INVALID_OPERATION 148
# define EVP_R_IV_TOO_LARGE 102
# define EVP_R_KEYGEN_FAILURE 120
+# define EVP_R_MESSAGE_DIGEST_IS_NULL 159
+# define EVP_R_METHOD_NOT_SUPPORTED 144
# define EVP_R_MISSING_PARAMETERS 103
# define EVP_R_NO_CIPHER_SET 131
+# define EVP_R_NO_DEFAULT_DIGEST 158
# define EVP_R_NO_DIGEST_SET 139
# define EVP_R_NO_DSA_PARAMETERS 116
+# define EVP_R_NO_KEY_SET 154
+# define EVP_R_NO_OPERATION_SET 149
# define EVP_R_NO_SIGN_FUNCTION_CONFIGURED 104
# define EVP_R_NO_VERIFY_FUNCTION_CONFIGURED 105
+# define EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 150
+# define EVP_R_OPERATON_NOT_INITIALIZED 151
# define EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE 117
+# define EVP_R_PRIVATE_KEY_DECODE_ERROR 145
+# define EVP_R_PRIVATE_KEY_ENCODE_ERROR 146
# define EVP_R_PUBLIC_KEY_NOT_RSA 106
-# define EVP_R_UNKNOWN_OPTION 149
+# define EVP_R_TOO_LARGE 164
+# define EVP_R_UNKNOWN_CIPHER 160
+# define EVP_R_UNKNOWN_DIGEST 161
+# define EVP_R_UNKNOWN_OPTION 169
# define EVP_R_UNKNOWN_PBE_ALGORITHM 121
# define EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS 135
+# define EVP_R_UNSUPPORTED_ALGORITHM 156
# define EVP_R_UNSUPPORTED_CIPHER 107
# define EVP_R_UNSUPPORTED_KEYLENGTH 123
# define EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION 124
@@ -1064,7 +1473,6 @@
# define EVP_R_UNSUPPORTED_SALT_TYPE 126
# define EVP_R_WRONG_FINAL_BLOCK_LENGTH 109
# define EVP_R_WRONG_PUBLIC_KEY_TYPE 110
-# define EVP_R_SEED_KEY_SETUP_FAILED 162
#ifdef __cplusplus
}
Modified: trunk/crypto/openssl/crypto/evp/evp_enc.c
===================================================================
--- trunk/crypto/openssl/crypto/evp/evp_enc.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/evp/evp_enc.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -64,18 +64,25 @@
#ifndef OPENSSL_NO_ENGINE
# include <openssl/engine.h>
#endif
+#ifdef OPENSSL_FIPS
+# include <openssl/fips.h>
+#endif
#include "evp_locl.h"
#ifdef OPENSSL_FIPS
-# define M_do_cipher(ctx, out, in, inl) \
- EVP_Cipher(ctx,out,in,inl)
+# define M_do_cipher(ctx, out, in, inl) FIPS_cipher(ctx, out, in, inl)
#else
-# define M_do_cipher(ctx, out, in, inl) \
- ctx->cipher->do_cipher(ctx,out,in,inl)
+# define M_do_cipher(ctx, out, in, inl) ctx->cipher->do_cipher(ctx, out, in, inl)
#endif
const char EVP_version[] = "EVP" OPENSSL_VERSION_PTEXT;
+void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx)
+{
+ memset(ctx, 0, sizeof(EVP_CIPHER_CTX));
+ /* ctx->cipher=NULL; */
+}
+
EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void)
{
EVP_CIPHER_CTX *ctx = OPENSSL_malloc(sizeof *ctx);
@@ -92,6 +99,158 @@
return EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, enc);
}
+int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
+ ENGINE *impl, const unsigned char *key,
+ const unsigned char *iv, int enc)
+{
+ if (enc == -1)
+ enc = ctx->encrypt;
+ else {
+ if (enc)
+ enc = 1;
+ ctx->encrypt = enc;
+ }
+#ifndef OPENSSL_NO_ENGINE
+ /*
+ * Whether it's nice or not, "Inits" can be used on "Final"'d contexts so
+ * this context may already have an ENGINE! Try to avoid releasing the
+ * previous handle, re-querying for an ENGINE, and having a
+ * reinitialisation, when it may all be unecessary.
+ */
+ if (ctx->engine && ctx->cipher && (!cipher ||
+ (cipher
+ && (cipher->nid ==
+ ctx->cipher->nid))))
+ goto skip_to_init;
+#endif
+ if (cipher) {
+ /*
+ * Ensure a context left lying around from last time is cleared (the
+ * previous check attempted to avoid this if the same ENGINE and
+ * EVP_CIPHER could be used).
+ */
+ if (ctx->cipher) {
+ unsigned long flags = ctx->flags;
+ EVP_CIPHER_CTX_cleanup(ctx);
+ /* Restore encrypt and flags */
+ ctx->encrypt = enc;
+ ctx->flags = flags;
+ }
+#ifndef OPENSSL_NO_ENGINE
+ if (impl) {
+ if (!ENGINE_init(impl)) {
+ EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR);
+ return 0;
+ }
+ } else
+ /* Ask if an ENGINE is reserved for this job */
+ impl = ENGINE_get_cipher_engine(cipher->nid);
+ if (impl) {
+ /* There's an ENGINE for this job ... (apparently) */
+ const EVP_CIPHER *c = ENGINE_get_cipher(impl, cipher->nid);
+ if (!c) {
+ /*
+ * One positive side-effect of US's export control history,
+ * is that we should at least be able to avoid using US
+ * mispellings of "initialisation"?
+ */
+ EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR);
+ return 0;
+ }
+ /* We'll use the ENGINE's private cipher definition */
+ cipher = c;
+ /*
+ * Store the ENGINE functional reference so we know 'cipher' came
+ * from an ENGINE and we need to release it when done.
+ */
+ ctx->engine = impl;
+ } else
+ ctx->engine = NULL;
+#endif
+
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode())
+ return FIPS_cipherinit(ctx, cipher, key, iv, enc);
+#endif
+ ctx->cipher = cipher;
+ if (ctx->cipher->ctx_size) {
+ ctx->cipher_data = OPENSSL_malloc(ctx->cipher->ctx_size);
+ if (!ctx->cipher_data) {
+ EVPerr(EVP_F_EVP_CIPHERINIT_EX, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+ } else {
+ ctx->cipher_data = NULL;
+ }
+ ctx->key_len = cipher->key_len;
+ ctx->flags = 0;
+ if (ctx->cipher->flags & EVP_CIPH_CTRL_INIT) {
+ if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL)) {
+ EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR);
+ return 0;
+ }
+ }
+ } else if (!ctx->cipher) {
+ EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_NO_CIPHER_SET);
+ return 0;
+ }
+#ifndef OPENSSL_NO_ENGINE
+ skip_to_init:
+#endif
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode())
+ return FIPS_cipherinit(ctx, cipher, key, iv, enc);
+#endif
+ /* we assume block size is a power of 2 in *cryptUpdate */
+ OPENSSL_assert(ctx->cipher->block_size == 1
+ || ctx->cipher->block_size == 8
+ || ctx->cipher->block_size == 16);
+
+ if (!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_CUSTOM_IV)) {
+ switch (EVP_CIPHER_CTX_mode(ctx)) {
+
+ case EVP_CIPH_STREAM_CIPHER:
+ case EVP_CIPH_ECB_MODE:
+ break;
+
+ case EVP_CIPH_CFB_MODE:
+ case EVP_CIPH_OFB_MODE:
+
+ ctx->num = 0;
+ /* fall-through */
+
+ case EVP_CIPH_CBC_MODE:
+
+ OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) <=
+ (int)sizeof(ctx->iv));
+ if (iv)
+ memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
+ memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
+ break;
+
+ case EVP_CIPH_CTR_MODE:
+ ctx->num = 0;
+ /* Don't reuse IV for CTR mode */
+ if (iv)
+ memcpy(ctx->iv, iv, EVP_CIPHER_CTX_iv_length(ctx));
+ break;
+
+ default:
+ return 0;
+ break;
+ }
+ }
+
+ if (key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT)) {
+ if (!ctx->cipher->init(ctx, key, iv, enc))
+ return 0;
+ }
+ ctx->buf_len = 0;
+ ctx->final_used = 0;
+ ctx->block_mask = ctx->cipher->block_size - 1;
+ return 1;
+}
+
int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
const unsigned char *in, int inl)
{
@@ -148,6 +307,15 @@
{
int i, j, bl;
+ if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
+ i = M_do_cipher(ctx, out, in, inl);
+ if (i < 0)
+ return 0;
+ else
+ *outl = i;
+ return 1;
+ }
+
if (inl <= 0) {
*outl = 0;
return inl == 0;
@@ -209,6 +377,15 @@
int n, ret;
unsigned int i, b, bl;
+ if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
+ ret = M_do_cipher(ctx, out, NULL, 0);
+ if (ret < 0)
+ return 0;
+ else
+ *outl = ret;
+ return 1;
+ }
+
b = ctx->cipher->block_size;
OPENSSL_assert(b <= sizeof ctx->buf);
if (b == 1) {
@@ -243,6 +420,16 @@
int fix_len;
unsigned int b;
+ if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
+ fix_len = M_do_cipher(ctx, out, in, inl);
+ if (fix_len < 0) {
+ *outl = 0;
+ return 0;
+ } else
+ *outl = fix_len;
+ return 1;
+ }
+
if (inl <= 0) {
*outl = 0;
return inl == 0;
@@ -292,8 +479,17 @@
{
int i, n;
unsigned int b;
+ *outl = 0;
- *outl = 0;
+ if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
+ i = M_do_cipher(ctx, out, NULL, 0);
+ if (i < 0)
+ return 0;
+ else
+ *outl = i;
+ return 1;
+ }
+
b = ctx->cipher->block_size;
if (ctx->flags & EVP_CIPH_NO_PADDING) {
if (ctx->buf_len) {
@@ -310,6 +506,11 @@
return (0);
}
OPENSSL_assert(b <= sizeof ctx->final);
+
+ /*
+ * The following assumes that the ciphertext has been authenticated.
+ * Otherwise it provides a padding oracle.
+ */
n = ctx->final[b - 1];
if (n == 0 || n > (int)b) {
EVPerr(EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_BAD_DECRYPT);
@@ -338,6 +539,34 @@
}
}
+int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c)
+{
+#ifndef OPENSSL_FIPS
+ if (c->cipher != NULL) {
+ if (c->cipher->cleanup && !c->cipher->cleanup(c))
+ return 0;
+ /* Cleanse cipher context data */
+ if (c->cipher_data)
+ OPENSSL_cleanse(c->cipher_data, c->cipher->ctx_size);
+ }
+ if (c->cipher_data)
+ OPENSSL_free(c->cipher_data);
+#endif
+#ifndef OPENSSL_NO_ENGINE
+ if (c->engine)
+ /*
+ * The EVP_CIPHER we used belongs to an ENGINE, release the
+ * functional reference we held for this reason.
+ */
+ ENGINE_finish(c->engine);
+#endif
+#ifdef OPENSSL_FIPS
+ FIPS_cipher_ctx_cleanup(c);
+#endif
+ memset(c, 0, sizeof(EVP_CIPHER_CTX));
+ return 1;
+}
+
int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int keylen)
{
if (c->cipher->flags & EVP_CIPH_CUSTOM_KEY_LENGTH)
@@ -361,6 +590,28 @@
return 1;
}
+int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
+{
+ int ret;
+ if (!ctx->cipher) {
+ EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_NO_CIPHER_SET);
+ return 0;
+ }
+
+ if (!ctx->cipher->ctrl) {
+ EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_CTRL_NOT_IMPLEMENTED);
+ return 0;
+ }
+
+ ret = ctx->cipher->ctrl(ctx, type, arg, ptr);
+ if (ret == -1) {
+ EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL,
+ EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED);
+ return 0;
+ }
+ return ret;
+}
+
int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key)
{
if (ctx->cipher->flags & EVP_CIPH_RAND_KEY)
@@ -370,51 +621,33 @@
return 1;
}
+int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in)
+{
+ if ((in == NULL) || (in->cipher == NULL)) {
+ EVPerr(EVP_F_EVP_CIPHER_CTX_COPY, EVP_R_INPUT_NOT_INITIALIZED);
+ return 0;
+ }
#ifndef OPENSSL_NO_ENGINE
+ /* Make sure it's safe to copy a cipher context using an ENGINE */
+ if (in->engine && !ENGINE_init(in->engine)) {
+ EVPerr(EVP_F_EVP_CIPHER_CTX_COPY, ERR_R_ENGINE_LIB);
+ return 0;
+ }
+#endif
-# ifdef OPENSSL_FIPS
+ EVP_CIPHER_CTX_cleanup(out);
+ memcpy(out, in, sizeof *out);
-static int do_evp_enc_engine_full(EVP_CIPHER_CTX *ctx,
- const EVP_CIPHER **pcipher, ENGINE *impl)
-{
- if (impl) {
- if (!ENGINE_init(impl)) {
- EVPerr(EVP_F_DO_EVP_ENC_ENGINE_FULL, EVP_R_INITIALIZATION_ERROR);
+ if (in->cipher_data && in->cipher->ctx_size) {
+ out->cipher_data = OPENSSL_malloc(in->cipher->ctx_size);
+ if (!out->cipher_data) {
+ EVPerr(EVP_F_EVP_CIPHER_CTX_COPY, ERR_R_MALLOC_FAILURE);
return 0;
}
- } else
- /* Ask if an ENGINE is reserved for this job */
- impl = ENGINE_get_cipher_engine((*pcipher)->nid);
- if (impl) {
- /* There's an ENGINE for this job ... (apparently) */
- const EVP_CIPHER *c = ENGINE_get_cipher(impl, (*pcipher)->nid);
- if (!c) {
- /*
- * One positive side-effect of US's export control history, is
- * that we should at least be able to avoid using US mispellings
- * of "initialisation"?
- */
- EVPerr(EVP_F_DO_EVP_ENC_ENGINE_FULL, EVP_R_INITIALIZATION_ERROR);
- return 0;
- }
- /* We'll use the ENGINE's private cipher definition */
- *pcipher = c;
- /*
- * Store the ENGINE functional reference so we know 'cipher' came
- * from an ENGINE and we need to release it when done.
- */
- ctx->engine = impl;
- } else
- ctx->engine = NULL;
+ memcpy(out->cipher_data, in->cipher_data, in->cipher->ctx_size);
+ }
+
+ if (in->cipher->flags & EVP_CIPH_CUSTOM_COPY)
+ return in->cipher->ctrl((EVP_CIPHER_CTX *)in, EVP_CTRL_COPY, 0, out);
return 1;
}
-
-void int_EVP_CIPHER_init_engine_callbacks(void)
-{
- int_EVP_CIPHER_set_engine_callbacks(ENGINE_finish,
- do_evp_enc_engine_full);
-}
-
-# endif
-
-#endif
Modified: trunk/crypto/openssl/crypto/evp/evp_err.c
===================================================================
--- trunk/crypto/openssl/crypto/evp/evp_err.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/evp/evp_err.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,6 +1,6 @@
/* crypto/evp/evp_err.c */
/* ====================================================================
- * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -70,48 +70,84 @@
# define ERR_REASON(reason) ERR_PACK(ERR_LIB_EVP,0,reason)
static ERR_STRING_DATA EVP_str_functs[] = {
+ {ERR_FUNC(EVP_F_AESNI_INIT_KEY), "AESNI_INIT_KEY"},
+ {ERR_FUNC(EVP_F_AESNI_XTS_CIPHER), "AESNI_XTS_CIPHER"},
{ERR_FUNC(EVP_F_AES_INIT_KEY), "AES_INIT_KEY"},
+ {ERR_FUNC(EVP_F_AES_XTS), "AES_XTS"},
+ {ERR_FUNC(EVP_F_AES_XTS_CIPHER), "AES_XTS_CIPHER"},
{ERR_FUNC(EVP_F_ALG_MODULE_INIT), "ALG_MODULE_INIT"},
{ERR_FUNC(EVP_F_CAMELLIA_INIT_KEY), "CAMELLIA_INIT_KEY"},
+ {ERR_FUNC(EVP_F_CMAC_INIT), "CMAC_INIT"},
{ERR_FUNC(EVP_F_D2I_PKEY), "D2I_PKEY"},
- {ERR_FUNC(EVP_F_DO_EVP_ENC_ENGINE), "DO_EVP_ENC_ENGINE"},
- {ERR_FUNC(EVP_F_DO_EVP_ENC_ENGINE_FULL), "DO_EVP_ENC_ENGINE_FULL"},
- {ERR_FUNC(EVP_F_DO_EVP_MD_ENGINE), "DO_EVP_MD_ENGINE"},
- {ERR_FUNC(EVP_F_DO_EVP_MD_ENGINE_FULL), "DO_EVP_MD_ENGINE_FULL"},
+ {ERR_FUNC(EVP_F_DO_SIGVER_INIT), "DO_SIGVER_INIT"},
{ERR_FUNC(EVP_F_DSAPKEY2PKCS8), "DSAPKEY2PKCS8"},
{ERR_FUNC(EVP_F_DSA_PKEY2PKCS8), "DSA_PKEY2PKCS8"},
{ERR_FUNC(EVP_F_ECDSA_PKEY2PKCS8), "ECDSA_PKEY2PKCS8"},
{ERR_FUNC(EVP_F_ECKEY_PKEY2PKCS8), "ECKEY_PKEY2PKCS8"},
- {ERR_FUNC(EVP_F_EVP_CIPHERINIT), "EVP_CipherInit"},
{ERR_FUNC(EVP_F_EVP_CIPHERINIT_EX), "EVP_CipherInit_ex"},
+ {ERR_FUNC(EVP_F_EVP_CIPHER_CTX_COPY), "EVP_CIPHER_CTX_copy"},
{ERR_FUNC(EVP_F_EVP_CIPHER_CTX_CTRL), "EVP_CIPHER_CTX_ctrl"},
{ERR_FUNC(EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH),
"EVP_CIPHER_CTX_set_key_length"},
{ERR_FUNC(EVP_F_EVP_DECRYPTFINAL_EX), "EVP_DecryptFinal_ex"},
- {ERR_FUNC(EVP_F_EVP_DIGESTINIT), "EVP_DigestInit"},
{ERR_FUNC(EVP_F_EVP_DIGESTINIT_EX), "EVP_DigestInit_ex"},
{ERR_FUNC(EVP_F_EVP_ENCRYPTFINAL_EX), "EVP_EncryptFinal_ex"},
{ERR_FUNC(EVP_F_EVP_MD_CTX_COPY_EX), "EVP_MD_CTX_copy_ex"},
+ {ERR_FUNC(EVP_F_EVP_MD_SIZE), "EVP_MD_size"},
{ERR_FUNC(EVP_F_EVP_OPENINIT), "EVP_OpenInit"},
{ERR_FUNC(EVP_F_EVP_PBE_ALG_ADD), "EVP_PBE_alg_add"},
+ {ERR_FUNC(EVP_F_EVP_PBE_ALG_ADD_TYPE), "EVP_PBE_alg_add_type"},
{ERR_FUNC(EVP_F_EVP_PBE_CIPHERINIT), "EVP_PBE_CipherInit"},
{ERR_FUNC(EVP_F_EVP_PKCS82PKEY), "EVP_PKCS82PKEY"},
+ {ERR_FUNC(EVP_F_EVP_PKCS82PKEY_BROKEN), "EVP_PKCS82PKEY_BROKEN"},
{ERR_FUNC(EVP_F_EVP_PKEY2PKCS8_BROKEN), "EVP_PKEY2PKCS8_broken"},
{ERR_FUNC(EVP_F_EVP_PKEY_COPY_PARAMETERS), "EVP_PKEY_copy_parameters"},
+ {ERR_FUNC(EVP_F_EVP_PKEY_CTX_CTRL), "EVP_PKEY_CTX_ctrl"},
+ {ERR_FUNC(EVP_F_EVP_PKEY_CTX_CTRL_STR), "EVP_PKEY_CTX_ctrl_str"},
+ {ERR_FUNC(EVP_F_EVP_PKEY_CTX_DUP), "EVP_PKEY_CTX_dup"},
{ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT), "EVP_PKEY_decrypt"},
+ {ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT_INIT), "EVP_PKEY_decrypt_init"},
+ {ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT_OLD), "EVP_PKEY_decrypt_old"},
+ {ERR_FUNC(EVP_F_EVP_PKEY_DERIVE), "EVP_PKEY_derive"},
+ {ERR_FUNC(EVP_F_EVP_PKEY_DERIVE_INIT), "EVP_PKEY_derive_init"},
+ {ERR_FUNC(EVP_F_EVP_PKEY_DERIVE_SET_PEER), "EVP_PKEY_derive_set_peer"},
{ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT), "EVP_PKEY_encrypt"},
+ {ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT_INIT), "EVP_PKEY_encrypt_init"},
+ {ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT_OLD), "EVP_PKEY_encrypt_old"},
{ERR_FUNC(EVP_F_EVP_PKEY_GET1_DH), "EVP_PKEY_get1_DH"},
{ERR_FUNC(EVP_F_EVP_PKEY_GET1_DSA), "EVP_PKEY_get1_DSA"},
{ERR_FUNC(EVP_F_EVP_PKEY_GET1_ECDSA), "EVP_PKEY_GET1_ECDSA"},
{ERR_FUNC(EVP_F_EVP_PKEY_GET1_EC_KEY), "EVP_PKEY_get1_EC_KEY"},
{ERR_FUNC(EVP_F_EVP_PKEY_GET1_RSA), "EVP_PKEY_get1_RSA"},
+ {ERR_FUNC(EVP_F_EVP_PKEY_KEYGEN), "EVP_PKEY_keygen"},
+ {ERR_FUNC(EVP_F_EVP_PKEY_KEYGEN_INIT), "EVP_PKEY_keygen_init"},
{ERR_FUNC(EVP_F_EVP_PKEY_NEW), "EVP_PKEY_new"},
+ {ERR_FUNC(EVP_F_EVP_PKEY_PARAMGEN), "EVP_PKEY_paramgen"},
+ {ERR_FUNC(EVP_F_EVP_PKEY_PARAMGEN_INIT), "EVP_PKEY_paramgen_init"},
+ {ERR_FUNC(EVP_F_EVP_PKEY_SIGN), "EVP_PKEY_sign"},
+ {ERR_FUNC(EVP_F_EVP_PKEY_SIGN_INIT), "EVP_PKEY_sign_init"},
+ {ERR_FUNC(EVP_F_EVP_PKEY_VERIFY), "EVP_PKEY_verify"},
+ {ERR_FUNC(EVP_F_EVP_PKEY_VERIFY_INIT), "EVP_PKEY_verify_init"},
+ {ERR_FUNC(EVP_F_EVP_PKEY_VERIFY_RECOVER), "EVP_PKEY_verify_recover"},
+ {ERR_FUNC(EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT),
+ "EVP_PKEY_verify_recover_init"},
{ERR_FUNC(EVP_F_EVP_RIJNDAEL), "EVP_RIJNDAEL"},
{ERR_FUNC(EVP_F_EVP_SIGNFINAL), "EVP_SignFinal"},
{ERR_FUNC(EVP_F_EVP_VERIFYFINAL), "EVP_VerifyFinal"},
+ {ERR_FUNC(EVP_F_FIPS_CIPHERINIT), "FIPS_CIPHERINIT"},
+ {ERR_FUNC(EVP_F_FIPS_CIPHER_CTX_COPY), "FIPS_CIPHER_CTX_COPY"},
+ {ERR_FUNC(EVP_F_FIPS_CIPHER_CTX_CTRL), "FIPS_CIPHER_CTX_CTRL"},
+ {ERR_FUNC(EVP_F_FIPS_CIPHER_CTX_SET_KEY_LENGTH),
+ "FIPS_CIPHER_CTX_SET_KEY_LENGTH"},
+ {ERR_FUNC(EVP_F_FIPS_DIGESTINIT), "FIPS_DIGESTINIT"},
+ {ERR_FUNC(EVP_F_FIPS_MD_CTX_COPY), "FIPS_MD_CTX_COPY"},
+ {ERR_FUNC(EVP_F_HMAC_INIT_EX), "HMAC_Init_ex"},
+ {ERR_FUNC(EVP_F_INT_CTX_NEW), "INT_CTX_NEW"},
{ERR_FUNC(EVP_F_PKCS5_PBE_KEYIVGEN), "PKCS5_PBE_keyivgen"},
{ERR_FUNC(EVP_F_PKCS5_V2_PBE_KEYIVGEN), "PKCS5_v2_PBE_keyivgen"},
+ {ERR_FUNC(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN), "PKCS5_V2_PBKDF2_KEYIVGEN"},
{ERR_FUNC(EVP_F_PKCS8_SET_BROKEN), "PKCS8_set_broken"},
+ {ERR_FUNC(EVP_F_PKEY_SET_TYPE), "PKEY_SET_TYPE"},
{ERR_FUNC(EVP_F_RC2_MAGIC_TO_METH), "RC2_MAGIC_TO_METH"},
{ERR_FUNC(EVP_F_RC5_CTRL), "RC5_CTRL"},
{0, NULL}
@@ -118,6 +154,7 @@
};
static ERR_STRING_DATA EVP_str_reasons[] = {
+ {ERR_REASON(EVP_R_AES_IV_SETUP_FAILED), "aes iv setup failed"},
{ERR_REASON(EVP_R_AES_KEY_SETUP_FAILED), "aes key setup failed"},
{ERR_REASON(EVP_R_ASN1_LIB), "asn1 lib"},
{ERR_REASON(EVP_R_BAD_BLOCK_LENGTH), "bad block length"},
@@ -125,9 +162,11 @@
{ERR_REASON(EVP_R_BAD_KEY_LENGTH), "bad key length"},
{ERR_REASON(EVP_R_BN_DECODE_ERROR), "bn decode error"},
{ERR_REASON(EVP_R_BN_PUBKEY_ERROR), "bn pubkey error"},
+ {ERR_REASON(EVP_R_BUFFER_TOO_SMALL), "buffer too small"},
{ERR_REASON(EVP_R_CAMELLIA_KEY_SETUP_FAILED),
"camellia key setup failed"},
{ERR_REASON(EVP_R_CIPHER_PARAMETER_ERROR), "cipher parameter error"},
+ {ERR_REASON(EVP_R_COMMAND_NOT_SUPPORTED), "command not supported"},
{ERR_REASON(EVP_R_CTRL_NOT_IMPLEMENTED), "ctrl not implemented"},
{ERR_REASON(EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED),
"ctrl operation not implemented"},
@@ -135,6 +174,7 @@
"data not multiple of block length"},
{ERR_REASON(EVP_R_DECODE_ERROR), "decode error"},
{ERR_REASON(EVP_R_DIFFERENT_KEY_TYPES), "different key types"},
+ {ERR_REASON(EVP_R_DIFFERENT_PARAMETERS), "different parameters"},
{ERR_REASON(EVP_R_DISABLED_FOR_FIPS), "disabled for fips"},
{ERR_REASON(EVP_R_ENCODE_ERROR), "encode error"},
{ERR_REASON(EVP_R_ERROR_LOADING_SECTION), "error loading section"},
@@ -148,26 +188,41 @@
{ERR_REASON(EVP_R_FIPS_MODE_NOT_SUPPORTED), "fips mode not supported"},
{ERR_REASON(EVP_R_INITIALIZATION_ERROR), "initialization error"},
{ERR_REASON(EVP_R_INPUT_NOT_INITIALIZED), "input not initialized"},
+ {ERR_REASON(EVP_R_INVALID_DIGEST), "invalid digest"},
{ERR_REASON(EVP_R_INVALID_FIPS_MODE), "invalid fips mode"},
{ERR_REASON(EVP_R_INVALID_KEY_LENGTH), "invalid key length"},
+ {ERR_REASON(EVP_R_INVALID_OPERATION), "invalid operation"},
{ERR_REASON(EVP_R_IV_TOO_LARGE), "iv too large"},
{ERR_REASON(EVP_R_KEYGEN_FAILURE), "keygen failure"},
+ {ERR_REASON(EVP_R_MESSAGE_DIGEST_IS_NULL), "message digest is null"},
+ {ERR_REASON(EVP_R_METHOD_NOT_SUPPORTED), "method not supported"},
{ERR_REASON(EVP_R_MISSING_PARAMETERS), "missing parameters"},
{ERR_REASON(EVP_R_NO_CIPHER_SET), "no cipher set"},
+ {ERR_REASON(EVP_R_NO_DEFAULT_DIGEST), "no default digest"},
{ERR_REASON(EVP_R_NO_DIGEST_SET), "no digest set"},
{ERR_REASON(EVP_R_NO_DSA_PARAMETERS), "no dsa parameters"},
+ {ERR_REASON(EVP_R_NO_KEY_SET), "no key set"},
+ {ERR_REASON(EVP_R_NO_OPERATION_SET), "no operation set"},
{ERR_REASON(EVP_R_NO_SIGN_FUNCTION_CONFIGURED),
"no sign function configured"},
{ERR_REASON(EVP_R_NO_VERIFY_FUNCTION_CONFIGURED),
"no verify function configured"},
+ {ERR_REASON(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE),
+ "operation not supported for this keytype"},
+ {ERR_REASON(EVP_R_OPERATON_NOT_INITIALIZED), "operaton not initialized"},
{ERR_REASON(EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE),
"pkcs8 unknown broken type"},
+ {ERR_REASON(EVP_R_PRIVATE_KEY_DECODE_ERROR), "private key decode error"},
+ {ERR_REASON(EVP_R_PRIVATE_KEY_ENCODE_ERROR), "private key encode error"},
{ERR_REASON(EVP_R_PUBLIC_KEY_NOT_RSA), "public key not rsa"},
- {ERR_REASON(EVP_R_SEED_KEY_SETUP_FAILED), "seed key setup failed"},
+ {ERR_REASON(EVP_R_TOO_LARGE), "too large"},
+ {ERR_REASON(EVP_R_UNKNOWN_CIPHER), "unknown cipher"},
+ {ERR_REASON(EVP_R_UNKNOWN_DIGEST), "unknown digest"},
{ERR_REASON(EVP_R_UNKNOWN_OPTION), "unknown option"},
{ERR_REASON(EVP_R_UNKNOWN_PBE_ALGORITHM), "unknown pbe algorithm"},
{ERR_REASON(EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS),
"unsuported number of rounds"},
+ {ERR_REASON(EVP_R_UNSUPPORTED_ALGORITHM), "unsupported algorithm"},
{ERR_REASON(EVP_R_UNSUPPORTED_CIPHER), "unsupported cipher"},
{ERR_REASON(EVP_R_UNSUPPORTED_KEYLENGTH), "unsupported keylength"},
{ERR_REASON(EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION),
Copied: trunk/crypto/openssl/crypto/evp/evp_extra_test.c (from rev 7117, vendor-crypto/openssl/dist/crypto/evp/evp_extra_test.c)
===================================================================
--- trunk/crypto/openssl/crypto/evp/evp_extra_test.c (rev 0)
+++ trunk/crypto/openssl/crypto/evp/evp_extra_test.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,489 @@
+/* Copyright (c) 2014, Google Inc.
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+ * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+ * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+ * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2015 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <openssl/bio.h>
+#include <openssl/crypto.h>
+#include <openssl/err.h>
+#include <openssl/evp.h>
+#include <openssl/rsa.h>
+#include <openssl/x509.h>
+
+/*
+ * kExampleRSAKeyDER is an RSA private key in ASN.1, DER format. Of course, you
+ * should never use this key anywhere but in an example.
+ */
+static const unsigned char kExampleRSAKeyDER[] = {
+ 0x30, 0x82, 0x02, 0x5c, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 0x00, 0xf8,
+ 0xb8, 0x6c, 0x83, 0xb4, 0xbc, 0xd9, 0xa8, 0x57, 0xc0, 0xa5, 0xb4, 0x59,
+ 0x76, 0x8c, 0x54, 0x1d, 0x79, 0xeb, 0x22, 0x52, 0x04, 0x7e, 0xd3, 0x37,
+ 0xeb, 0x41, 0xfd, 0x83, 0xf9, 0xf0, 0xa6, 0x85, 0x15, 0x34, 0x75, 0x71,
+ 0x5a, 0x84, 0xa8, 0x3c, 0xd2, 0xef, 0x5a, 0x4e, 0xd3, 0xde, 0x97, 0x8a,
+ 0xdd, 0xff, 0xbb, 0xcf, 0x0a, 0xaa, 0x86, 0x92, 0xbe, 0xb8, 0x50, 0xe4,
+ 0xcd, 0x6f, 0x80, 0x33, 0x30, 0x76, 0x13, 0x8f, 0xca, 0x7b, 0xdc, 0xec,
+ 0x5a, 0xca, 0x63, 0xc7, 0x03, 0x25, 0xef, 0xa8, 0x8a, 0x83, 0x58, 0x76,
+ 0x20, 0xfa, 0x16, 0x77, 0xd7, 0x79, 0x92, 0x63, 0x01, 0x48, 0x1a, 0xd8,
+ 0x7b, 0x67, 0xf1, 0x52, 0x55, 0x49, 0x4e, 0xd6, 0x6e, 0x4a, 0x5c, 0xd7,
+ 0x7a, 0x37, 0x36, 0x0c, 0xde, 0xdd, 0x8f, 0x44, 0xe8, 0xc2, 0xa7, 0x2c,
+ 0x2b, 0xb5, 0xaf, 0x64, 0x4b, 0x61, 0x07, 0x02, 0x03, 0x01, 0x00, 0x01,
+ 0x02, 0x81, 0x80, 0x74, 0x88, 0x64, 0x3f, 0x69, 0x45, 0x3a, 0x6d, 0xc7,
+ 0x7f, 0xb9, 0xa3, 0xc0, 0x6e, 0xec, 0xdc, 0xd4, 0x5a, 0xb5, 0x32, 0x85,
+ 0x5f, 0x19, 0xd4, 0xf8, 0xd4, 0x3f, 0x3c, 0xfa, 0xc2, 0xf6, 0x5f, 0xee,
+ 0xe6, 0xba, 0x87, 0x74, 0x2e, 0xc7, 0x0c, 0xd4, 0x42, 0xb8, 0x66, 0x85,
+ 0x9c, 0x7b, 0x24, 0x61, 0xaa, 0x16, 0x11, 0xf6, 0xb5, 0xb6, 0xa4, 0x0a,
+ 0xc9, 0x55, 0x2e, 0x81, 0xa5, 0x47, 0x61, 0xcb, 0x25, 0x8f, 0xc2, 0x15,
+ 0x7b, 0x0e, 0x7c, 0x36, 0x9f, 0x3a, 0xda, 0x58, 0x86, 0x1c, 0x5b, 0x83,
+ 0x79, 0xe6, 0x2b, 0xcc, 0xe6, 0xfa, 0x2c, 0x61, 0xf2, 0x78, 0x80, 0x1b,
+ 0xe2, 0xf3, 0x9d, 0x39, 0x2b, 0x65, 0x57, 0x91, 0x3d, 0x71, 0x99, 0x73,
+ 0xa5, 0xc2, 0x79, 0x20, 0x8c, 0x07, 0x4f, 0xe5, 0xb4, 0x60, 0x1f, 0x99,
+ 0xa2, 0xb1, 0x4f, 0x0c, 0xef, 0xbc, 0x59, 0x53, 0x00, 0x7d, 0xb1, 0x02,
+ 0x41, 0x00, 0xfc, 0x7e, 0x23, 0x65, 0x70, 0xf8, 0xce, 0xd3, 0x40, 0x41,
+ 0x80, 0x6a, 0x1d, 0x01, 0xd6, 0x01, 0xff, 0xb6, 0x1b, 0x3d, 0x3d, 0x59,
+ 0x09, 0x33, 0x79, 0xc0, 0x4f, 0xde, 0x96, 0x27, 0x4b, 0x18, 0xc6, 0xd9,
+ 0x78, 0xf1, 0xf4, 0x35, 0x46, 0xe9, 0x7c, 0x42, 0x7a, 0x5d, 0x9f, 0xef,
+ 0x54, 0xb8, 0xf7, 0x9f, 0xc4, 0x33, 0x6c, 0xf3, 0x8c, 0x32, 0x46, 0x87,
+ 0x67, 0x30, 0x7b, 0xa7, 0xac, 0xe3, 0x02, 0x41, 0x00, 0xfc, 0x2c, 0xdf,
+ 0x0c, 0x0d, 0x88, 0xf5, 0xb1, 0x92, 0xa8, 0x93, 0x47, 0x63, 0x55, 0xf5,
+ 0xca, 0x58, 0x43, 0xba, 0x1c, 0xe5, 0x9e, 0xb6, 0x95, 0x05, 0xcd, 0xb5,
+ 0x82, 0xdf, 0xeb, 0x04, 0x53, 0x9d, 0xbd, 0xc2, 0x38, 0x16, 0xb3, 0x62,
+ 0xdd, 0xa1, 0x46, 0xdb, 0x6d, 0x97, 0x93, 0x9f, 0x8a, 0xc3, 0x9b, 0x64,
+ 0x7e, 0x42, 0xe3, 0x32, 0x57, 0x19, 0x1b, 0xd5, 0x6e, 0x85, 0xfa, 0xb8,
+ 0x8d, 0x02, 0x41, 0x00, 0xbc, 0x3d, 0xde, 0x6d, 0xd6, 0x97, 0xe8, 0xba,
+ 0x9e, 0x81, 0x37, 0x17, 0xe5, 0xa0, 0x64, 0xc9, 0x00, 0xb7, 0xe7, 0xfe,
+ 0xf4, 0x29, 0xd9, 0x2e, 0x43, 0x6b, 0x19, 0x20, 0xbd, 0x99, 0x75, 0xe7,
+ 0x76, 0xf8, 0xd3, 0xae, 0xaf, 0x7e, 0xb8, 0xeb, 0x81, 0xf4, 0x9d, 0xfe,
+ 0x07, 0x2b, 0x0b, 0x63, 0x0b, 0x5a, 0x55, 0x90, 0x71, 0x7d, 0xf1, 0xdb,
+ 0xd9, 0xb1, 0x41, 0x41, 0x68, 0x2f, 0x4e, 0x39, 0x02, 0x40, 0x5a, 0x34,
+ 0x66, 0xd8, 0xf5, 0xe2, 0x7f, 0x18, 0xb5, 0x00, 0x6e, 0x26, 0x84, 0x27,
+ 0x14, 0x93, 0xfb, 0xfc, 0xc6, 0x0f, 0x5e, 0x27, 0xe6, 0xe1, 0xe9, 0xc0,
+ 0x8a, 0xe4, 0x34, 0xda, 0xe9, 0xa2, 0x4b, 0x73, 0xbc, 0x8c, 0xb9, 0xba,
+ 0x13, 0x6c, 0x7a, 0x2b, 0x51, 0x84, 0xa3, 0x4a, 0xe0, 0x30, 0x10, 0x06,
+ 0x7e, 0xed, 0x17, 0x5a, 0x14, 0x00, 0xc9, 0xef, 0x85, 0xea, 0x52, 0x2c,
+ 0xbc, 0x65, 0x02, 0x40, 0x51, 0xe3, 0xf2, 0x83, 0x19, 0x9b, 0xc4, 0x1e,
+ 0x2f, 0x50, 0x3d, 0xdf, 0x5a, 0xa2, 0x18, 0xca, 0x5f, 0x2e, 0x49, 0xaf,
+ 0x6f, 0xcc, 0xfa, 0x65, 0x77, 0x94, 0xb5, 0xa1, 0x0a, 0xa9, 0xd1, 0x8a,
+ 0x39, 0x37, 0xf4, 0x0b, 0xa0, 0xd7, 0x82, 0x27, 0x5e, 0xae, 0x17, 0x17,
+ 0xa1, 0x1e, 0x54, 0x34, 0xbf, 0x6e, 0xc4, 0x8e, 0x99, 0x5d, 0x08, 0xf1,
+ 0x2d, 0x86, 0x9d, 0xa5, 0x20, 0x1b, 0xe5, 0xdf,
+};
+
+static const unsigned char kMsg[] = { 1, 2, 3, 4 };
+
+static const unsigned char kSignature[] = {
+ 0xa5, 0xf0, 0x8a, 0x47, 0x5d, 0x3c, 0xb3, 0xcc, 0xa9, 0x79, 0xaf, 0x4d,
+ 0x8c, 0xae, 0x4c, 0x14, 0xef, 0xc2, 0x0b, 0x34, 0x36, 0xde, 0xf4, 0x3e,
+ 0x3d, 0xbb, 0x4a, 0x60, 0x5c, 0xc8, 0x91, 0x28, 0xda, 0xfb, 0x7e, 0x04,
+ 0x96, 0x7e, 0x63, 0x13, 0x90, 0xce, 0xb9, 0xb4, 0x62, 0x7a, 0xfd, 0x09,
+ 0x3d, 0xc7, 0x67, 0x78, 0x54, 0x04, 0xeb, 0x52, 0x62, 0x6e, 0x24, 0x67,
+ 0xb4, 0x40, 0xfc, 0x57, 0x62, 0xc6, 0xf1, 0x67, 0xc1, 0x97, 0x8f, 0x6a,
+ 0xa8, 0xae, 0x44, 0x46, 0x5e, 0xab, 0x67, 0x17, 0x53, 0x19, 0x3a, 0xda,
+ 0x5a, 0xc8, 0x16, 0x3e, 0x86, 0xd5, 0xc5, 0x71, 0x2f, 0xfc, 0x23, 0x48,
+ 0xd9, 0x0b, 0x13, 0xdd, 0x7b, 0x5a, 0x25, 0x79, 0xef, 0xa5, 0x7b, 0x04,
+ 0xed, 0x44, 0xf6, 0x18, 0x55, 0xe4, 0x0a, 0xe9, 0x57, 0x79, 0x5d, 0xd7,
+ 0x55, 0xa7, 0xab, 0x45, 0x02, 0x97, 0x60, 0x42,
+};
+
+/*
+ * kExampleRSAKeyPKCS8 is kExampleRSAKeyDER encoded in a PKCS #8
+ * PrivateKeyInfo.
+ */
+static const unsigned char kExampleRSAKeyPKCS8[] = {
+ 0x30, 0x82, 0x02, 0x76, 0x02, 0x01, 0x00, 0x30, 0x0d, 0x06, 0x09, 0x2a,
+ 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x82,
+ 0x02, 0x60, 0x30, 0x82, 0x02, 0x5c, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81,
+ 0x00, 0xf8, 0xb8, 0x6c, 0x83, 0xb4, 0xbc, 0xd9, 0xa8, 0x57, 0xc0, 0xa5,
+ 0xb4, 0x59, 0x76, 0x8c, 0x54, 0x1d, 0x79, 0xeb, 0x22, 0x52, 0x04, 0x7e,
+ 0xd3, 0x37, 0xeb, 0x41, 0xfd, 0x83, 0xf9, 0xf0, 0xa6, 0x85, 0x15, 0x34,
+ 0x75, 0x71, 0x5a, 0x84, 0xa8, 0x3c, 0xd2, 0xef, 0x5a, 0x4e, 0xd3, 0xde,
+ 0x97, 0x8a, 0xdd, 0xff, 0xbb, 0xcf, 0x0a, 0xaa, 0x86, 0x92, 0xbe, 0xb8,
+ 0x50, 0xe4, 0xcd, 0x6f, 0x80, 0x33, 0x30, 0x76, 0x13, 0x8f, 0xca, 0x7b,
+ 0xdc, 0xec, 0x5a, 0xca, 0x63, 0xc7, 0x03, 0x25, 0xef, 0xa8, 0x8a, 0x83,
+ 0x58, 0x76, 0x20, 0xfa, 0x16, 0x77, 0xd7, 0x79, 0x92, 0x63, 0x01, 0x48,
+ 0x1a, 0xd8, 0x7b, 0x67, 0xf1, 0x52, 0x55, 0x49, 0x4e, 0xd6, 0x6e, 0x4a,
+ 0x5c, 0xd7, 0x7a, 0x37, 0x36, 0x0c, 0xde, 0xdd, 0x8f, 0x44, 0xe8, 0xc2,
+ 0xa7, 0x2c, 0x2b, 0xb5, 0xaf, 0x64, 0x4b, 0x61, 0x07, 0x02, 0x03, 0x01,
+ 0x00, 0x01, 0x02, 0x81, 0x80, 0x74, 0x88, 0x64, 0x3f, 0x69, 0x45, 0x3a,
+ 0x6d, 0xc7, 0x7f, 0xb9, 0xa3, 0xc0, 0x6e, 0xec, 0xdc, 0xd4, 0x5a, 0xb5,
+ 0x32, 0x85, 0x5f, 0x19, 0xd4, 0xf8, 0xd4, 0x3f, 0x3c, 0xfa, 0xc2, 0xf6,
+ 0x5f, 0xee, 0xe6, 0xba, 0x87, 0x74, 0x2e, 0xc7, 0x0c, 0xd4, 0x42, 0xb8,
+ 0x66, 0x85, 0x9c, 0x7b, 0x24, 0x61, 0xaa, 0x16, 0x11, 0xf6, 0xb5, 0xb6,
+ 0xa4, 0x0a, 0xc9, 0x55, 0x2e, 0x81, 0xa5, 0x47, 0x61, 0xcb, 0x25, 0x8f,
+ 0xc2, 0x15, 0x7b, 0x0e, 0x7c, 0x36, 0x9f, 0x3a, 0xda, 0x58, 0x86, 0x1c,
+ 0x5b, 0x83, 0x79, 0xe6, 0x2b, 0xcc, 0xe6, 0xfa, 0x2c, 0x61, 0xf2, 0x78,
+ 0x80, 0x1b, 0xe2, 0xf3, 0x9d, 0x39, 0x2b, 0x65, 0x57, 0x91, 0x3d, 0x71,
+ 0x99, 0x73, 0xa5, 0xc2, 0x79, 0x20, 0x8c, 0x07, 0x4f, 0xe5, 0xb4, 0x60,
+ 0x1f, 0x99, 0xa2, 0xb1, 0x4f, 0x0c, 0xef, 0xbc, 0x59, 0x53, 0x00, 0x7d,
+ 0xb1, 0x02, 0x41, 0x00, 0xfc, 0x7e, 0x23, 0x65, 0x70, 0xf8, 0xce, 0xd3,
+ 0x40, 0x41, 0x80, 0x6a, 0x1d, 0x01, 0xd6, 0x01, 0xff, 0xb6, 0x1b, 0x3d,
+ 0x3d, 0x59, 0x09, 0x33, 0x79, 0xc0, 0x4f, 0xde, 0x96, 0x27, 0x4b, 0x18,
+ 0xc6, 0xd9, 0x78, 0xf1, 0xf4, 0x35, 0x46, 0xe9, 0x7c, 0x42, 0x7a, 0x5d,
+ 0x9f, 0xef, 0x54, 0xb8, 0xf7, 0x9f, 0xc4, 0x33, 0x6c, 0xf3, 0x8c, 0x32,
+ 0x46, 0x87, 0x67, 0x30, 0x7b, 0xa7, 0xac, 0xe3, 0x02, 0x41, 0x00, 0xfc,
+ 0x2c, 0xdf, 0x0c, 0x0d, 0x88, 0xf5, 0xb1, 0x92, 0xa8, 0x93, 0x47, 0x63,
+ 0x55, 0xf5, 0xca, 0x58, 0x43, 0xba, 0x1c, 0xe5, 0x9e, 0xb6, 0x95, 0x05,
+ 0xcd, 0xb5, 0x82, 0xdf, 0xeb, 0x04, 0x53, 0x9d, 0xbd, 0xc2, 0x38, 0x16,
+ 0xb3, 0x62, 0xdd, 0xa1, 0x46, 0xdb, 0x6d, 0x97, 0x93, 0x9f, 0x8a, 0xc3,
+ 0x9b, 0x64, 0x7e, 0x42, 0xe3, 0x32, 0x57, 0x19, 0x1b, 0xd5, 0x6e, 0x85,
+ 0xfa, 0xb8, 0x8d, 0x02, 0x41, 0x00, 0xbc, 0x3d, 0xde, 0x6d, 0xd6, 0x97,
+ 0xe8, 0xba, 0x9e, 0x81, 0x37, 0x17, 0xe5, 0xa0, 0x64, 0xc9, 0x00, 0xb7,
+ 0xe7, 0xfe, 0xf4, 0x29, 0xd9, 0x2e, 0x43, 0x6b, 0x19, 0x20, 0xbd, 0x99,
+ 0x75, 0xe7, 0x76, 0xf8, 0xd3, 0xae, 0xaf, 0x7e, 0xb8, 0xeb, 0x81, 0xf4,
+ 0x9d, 0xfe, 0x07, 0x2b, 0x0b, 0x63, 0x0b, 0x5a, 0x55, 0x90, 0x71, 0x7d,
+ 0xf1, 0xdb, 0xd9, 0xb1, 0x41, 0x41, 0x68, 0x2f, 0x4e, 0x39, 0x02, 0x40,
+ 0x5a, 0x34, 0x66, 0xd8, 0xf5, 0xe2, 0x7f, 0x18, 0xb5, 0x00, 0x6e, 0x26,
+ 0x84, 0x27, 0x14, 0x93, 0xfb, 0xfc, 0xc6, 0x0f, 0x5e, 0x27, 0xe6, 0xe1,
+ 0xe9, 0xc0, 0x8a, 0xe4, 0x34, 0xda, 0xe9, 0xa2, 0x4b, 0x73, 0xbc, 0x8c,
+ 0xb9, 0xba, 0x13, 0x6c, 0x7a, 0x2b, 0x51, 0x84, 0xa3, 0x4a, 0xe0, 0x30,
+ 0x10, 0x06, 0x7e, 0xed, 0x17, 0x5a, 0x14, 0x00, 0xc9, 0xef, 0x85, 0xea,
+ 0x52, 0x2c, 0xbc, 0x65, 0x02, 0x40, 0x51, 0xe3, 0xf2, 0x83, 0x19, 0x9b,
+ 0xc4, 0x1e, 0x2f, 0x50, 0x3d, 0xdf, 0x5a, 0xa2, 0x18, 0xca, 0x5f, 0x2e,
+ 0x49, 0xaf, 0x6f, 0xcc, 0xfa, 0x65, 0x77, 0x94, 0xb5, 0xa1, 0x0a, 0xa9,
+ 0xd1, 0x8a, 0x39, 0x37, 0xf4, 0x0b, 0xa0, 0xd7, 0x82, 0x27, 0x5e, 0xae,
+ 0x17, 0x17, 0xa1, 0x1e, 0x54, 0x34, 0xbf, 0x6e, 0xc4, 0x8e, 0x99, 0x5d,
+ 0x08, 0xf1, 0x2d, 0x86, 0x9d, 0xa5, 0x20, 0x1b, 0xe5, 0xdf,
+};
+
+#ifndef OPENSSL_NO_EC
+/*
+ * kExampleECKeyDER is a sample EC private key encoded as an ECPrivateKey
+ * structure.
+ */
+static const unsigned char kExampleECKeyDER[] = {
+ 0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0x07, 0x0f, 0x08, 0x72, 0x7a,
+ 0xd4, 0xa0, 0x4a, 0x9c, 0xdd, 0x59, 0xc9, 0x4d, 0x89, 0x68, 0x77, 0x08,
+ 0xb5, 0x6f, 0xc9, 0x5d, 0x30, 0x77, 0x0e, 0xe8, 0xd1, 0xc9, 0xce, 0x0a,
+ 0x8b, 0xb4, 0x6a, 0xa0, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d,
+ 0x03, 0x01, 0x07, 0xa1, 0x44, 0x03, 0x42, 0x00, 0x04, 0xe6, 0x2b, 0x69,
+ 0xe2, 0xbf, 0x65, 0x9f, 0x97, 0xbe, 0x2f, 0x1e, 0x0d, 0x94, 0x8a, 0x4c,
+ 0xd5, 0x97, 0x6b, 0xb7, 0xa9, 0x1e, 0x0d, 0x46, 0xfb, 0xdd, 0xa9, 0xa9,
+ 0x1e, 0x9d, 0xdc, 0xba, 0x5a, 0x01, 0xe7, 0xd6, 0x97, 0xa8, 0x0a, 0x18,
+ 0xf9, 0xc3, 0xc4, 0xa3, 0x1e, 0x56, 0xe2, 0x7c, 0x83, 0x48, 0xdb, 0x16,
+ 0x1a, 0x1c, 0xf5, 0x1d, 0x7e, 0xf1, 0x94, 0x2d, 0x4b, 0xcf, 0x72, 0x22,
+ 0xc1,
+};
+
+/*
+ * kExampleBadECKeyDER is a sample EC private key encoded as an ECPrivateKey
+ * structure. The private key is equal to the order and will fail to import
+ */
+static const unsigned char kExampleBadECKeyDER[] = {
+ 0x30, 0x66, 0x02, 0x01, 0x00, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48,
+ 0xCE, 0x3D, 0x02, 0x01, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03,
+ 0x01, 0x07, 0x04, 0x4C, 0x30, 0x4A, 0x02, 0x01, 0x01, 0x04, 0x20, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84, 0xF3,
+ 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51, 0xA1, 0x23, 0x03, 0x21, 0x00,
+ 0x00, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84,
+ 0xF3, 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51
+};
+#endif
+
+static EVP_PKEY *load_example_rsa_key(void)
+{
+ EVP_PKEY *ret = NULL;
+ const unsigned char *derp = kExampleRSAKeyDER;
+ EVP_PKEY *pkey = NULL;
+ RSA *rsa = NULL;
+
+ if (!d2i_RSAPrivateKey(&rsa, &derp, sizeof(kExampleRSAKeyDER))) {
+ return NULL;
+ }
+
+ pkey = EVP_PKEY_new();
+ if (pkey == NULL || !EVP_PKEY_set1_RSA(pkey, rsa)) {
+ goto out;
+ }
+
+ ret = pkey;
+ pkey = NULL;
+
+ out:
+ if (pkey) {
+ EVP_PKEY_free(pkey);
+ }
+ if (rsa) {
+ RSA_free(rsa);
+ }
+
+ return ret;
+}
+
+static int test_EVP_DigestSignInit(void)
+{
+ int ret = 0;
+ EVP_PKEY *pkey = NULL;
+ unsigned char *sig = NULL;
+ size_t sig_len = 0;
+ EVP_MD_CTX md_ctx, md_ctx_verify;
+
+ EVP_MD_CTX_init(&md_ctx);
+ EVP_MD_CTX_init(&md_ctx_verify);
+
+ pkey = load_example_rsa_key();
+ if (pkey == NULL ||
+ !EVP_DigestSignInit(&md_ctx, NULL, EVP_sha256(), NULL, pkey) ||
+ !EVP_DigestSignUpdate(&md_ctx, kMsg, sizeof(kMsg))) {
+ goto out;
+ }
+ /* Determine the size of the signature. */
+ if (!EVP_DigestSignFinal(&md_ctx, NULL, &sig_len)) {
+ goto out;
+ }
+ /* Sanity check for testing. */
+ if (sig_len != (size_t)EVP_PKEY_size(pkey)) {
+ fprintf(stderr, "sig_len mismatch\n");
+ goto out;
+ }
+
+ sig = OPENSSL_malloc(sig_len);
+ if (sig == NULL || !EVP_DigestSignFinal(&md_ctx, sig, &sig_len)) {
+ goto out;
+ }
+
+ /* Ensure that the signature round-trips. */
+ if (!EVP_DigestVerifyInit(&md_ctx_verify, NULL, EVP_sha256(), NULL, pkey)
+ || !EVP_DigestVerifyUpdate(&md_ctx_verify, kMsg, sizeof(kMsg))
+ || !EVP_DigestVerifyFinal(&md_ctx_verify, sig, sig_len)) {
+ goto out;
+ }
+
+ ret = 1;
+
+ out:
+ if (!ret) {
+ ERR_print_errors_fp(stderr);
+ }
+
+ EVP_MD_CTX_cleanup(&md_ctx);
+ EVP_MD_CTX_cleanup(&md_ctx_verify);
+ if (pkey) {
+ EVP_PKEY_free(pkey);
+ }
+ if (sig) {
+ OPENSSL_free(sig);
+ }
+
+ return ret;
+}
+
+static int test_EVP_DigestVerifyInit(void)
+{
+ int ret = 0;
+ EVP_PKEY *pkey = NULL;
+ EVP_MD_CTX md_ctx;
+
+ EVP_MD_CTX_init(&md_ctx);
+
+ pkey = load_example_rsa_key();
+ if (pkey == NULL ||
+ !EVP_DigestVerifyInit(&md_ctx, NULL, EVP_sha256(), NULL, pkey) ||
+ !EVP_DigestVerifyUpdate(&md_ctx, kMsg, sizeof(kMsg)) ||
+ !EVP_DigestVerifyFinal(&md_ctx, (unsigned char *)kSignature, sizeof(kSignature))) {
+ goto out;
+ }
+ ret = 1;
+
+ out:
+ if (!ret) {
+ ERR_print_errors_fp(stderr);
+ }
+
+ EVP_MD_CTX_cleanup(&md_ctx);
+ if (pkey) {
+ EVP_PKEY_free(pkey);
+ }
+
+ return ret;
+}
+
+static int test_d2i_AutoPrivateKey(const unsigned char *input,
+ size_t input_len, int expected_id)
+{
+ int ret = 0;
+ const unsigned char *p;
+ EVP_PKEY *pkey = NULL;
+
+ p = input;
+ pkey = d2i_AutoPrivateKey(NULL, &p, input_len);
+ if (pkey == NULL || p != input + input_len) {
+ fprintf(stderr, "d2i_AutoPrivateKey failed\n");
+ goto done;
+ }
+
+ if (EVP_PKEY_id(pkey) != expected_id) {
+ fprintf(stderr, "Did not decode expected type\n");
+ goto done;
+ }
+
+ ret = 1;
+
+ done:
+ if (!ret) {
+ ERR_print_errors_fp(stderr);
+ }
+
+ if (pkey != NULL) {
+ EVP_PKEY_free(pkey);
+ }
+ return ret;
+}
+
+#ifndef OPENSSL_NO_EC
+/* Tests loading a bad key in PKCS8 format */
+static int test_EVP_PKCS82PKEY(void)
+{
+ int ret = 0;
+ const unsigned char *derp = kExampleBadECKeyDER;
+ PKCS8_PRIV_KEY_INFO *p8inf = NULL;
+ EVP_PKEY *pkey = NULL;
+
+ p8inf = d2i_PKCS8_PRIV_KEY_INFO(NULL, &derp, sizeof(kExampleBadECKeyDER));
+
+ if (!p8inf || derp != kExampleBadECKeyDER + sizeof(kExampleBadECKeyDER)) {
+ fprintf(stderr, "Failed to parse key\n");
+ goto done;
+ }
+
+ pkey = EVP_PKCS82PKEY(p8inf);
+ if (pkey) {
+ fprintf(stderr, "Imported invalid EC key\n");
+ goto done;
+ }
+
+ ret = 1;
+
+ done:
+ if (p8inf != NULL) {
+ PKCS8_PRIV_KEY_INFO_free(p8inf);
+ }
+
+ if (pkey != NULL) {
+ EVP_PKEY_free(pkey);
+ }
+
+ return ret;
+}
+#endif
+
+int main(void)
+{
+ CRYPTO_malloc_debug_init();
+ CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
+ CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+
+ ERR_load_crypto_strings();
+ /* Load up the software EVP_CIPHER and EVP_MD definitions */
+ OpenSSL_add_all_ciphers();
+ OpenSSL_add_all_digests();
+
+ if (!test_EVP_DigestSignInit()) {
+ fprintf(stderr, "EVP_DigestSignInit failed\n");
+ return 1;
+ }
+
+ if (!test_EVP_DigestVerifyInit()) {
+ fprintf(stderr, "EVP_DigestVerifyInit failed\n");
+ return 1;
+ }
+
+ if (!test_d2i_AutoPrivateKey(kExampleRSAKeyDER, sizeof(kExampleRSAKeyDER),
+ EVP_PKEY_RSA)) {
+ fprintf(stderr, "d2i_AutoPrivateKey(kExampleRSAKeyDER) failed\n");
+ return 1;
+ }
+
+ if (!test_d2i_AutoPrivateKey
+ (kExampleRSAKeyPKCS8, sizeof(kExampleRSAKeyPKCS8), EVP_PKEY_RSA)) {
+ fprintf(stderr, "d2i_AutoPrivateKey(kExampleRSAKeyPKCS8) failed\n");
+ return 1;
+ }
+
+#ifndef OPENSSL_NO_EC
+ if (!test_d2i_AutoPrivateKey(kExampleECKeyDER, sizeof(kExampleECKeyDER),
+ EVP_PKEY_EC)) {
+ fprintf(stderr, "d2i_AutoPrivateKey(kExampleECKeyDER) failed\n");
+ return 1;
+ }
+
+ if (!test_EVP_PKCS82PKEY()) {
+ fprintf(stderr, "test_EVP_PKCS82PKEY failed\n");
+ return 1;
+ }
+#endif
+
+ EVP_cleanup();
+ CRYPTO_cleanup_all_ex_data();
+ ERR_remove_thread_state(NULL);
+ ERR_free_strings();
+ CRYPTO_mem_leaks_fp(stderr);
+
+ printf("PASS\n");
+ return 0;
+}
Copied: trunk/crypto/openssl/crypto/evp/evp_fips.c (from rev 7117, vendor-crypto/openssl/dist/crypto/evp/evp_fips.c)
===================================================================
--- trunk/crypto/openssl/crypto/evp/evp_fips.c (rev 0)
+++ trunk/crypto/openssl/crypto/evp/evp_fips.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,310 @@
+/* crypto/evp/evp_fips.c */
+/*
+ * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2011 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#include <openssl/evp.h>
+
+#ifdef OPENSSL_FIPS
+# include <openssl/fips.h>
+
+const EVP_CIPHER *EVP_aes_128_cbc(void)
+{
+ return FIPS_evp_aes_128_cbc();
+}
+
+const EVP_CIPHER *EVP_aes_128_ccm(void)
+{
+ return FIPS_evp_aes_128_ccm();
+}
+
+const EVP_CIPHER *EVP_aes_128_cfb1(void)
+{
+ return FIPS_evp_aes_128_cfb1();
+}
+
+const EVP_CIPHER *EVP_aes_128_cfb128(void)
+{
+ return FIPS_evp_aes_128_cfb128();
+}
+
+const EVP_CIPHER *EVP_aes_128_cfb8(void)
+{
+ return FIPS_evp_aes_128_cfb8();
+}
+
+const EVP_CIPHER *EVP_aes_128_ctr(void)
+{
+ return FIPS_evp_aes_128_ctr();
+}
+
+const EVP_CIPHER *EVP_aes_128_ecb(void)
+{
+ return FIPS_evp_aes_128_ecb();
+}
+
+const EVP_CIPHER *EVP_aes_128_gcm(void)
+{
+ return FIPS_evp_aes_128_gcm();
+}
+
+const EVP_CIPHER *EVP_aes_128_ofb(void)
+{
+ return FIPS_evp_aes_128_ofb();
+}
+
+const EVP_CIPHER *EVP_aes_128_xts(void)
+{
+ return FIPS_evp_aes_128_xts();
+}
+
+const EVP_CIPHER *EVP_aes_192_cbc(void)
+{
+ return FIPS_evp_aes_192_cbc();
+}
+
+const EVP_CIPHER *EVP_aes_192_ccm(void)
+{
+ return FIPS_evp_aes_192_ccm();
+}
+
+const EVP_CIPHER *EVP_aes_192_cfb1(void)
+{
+ return FIPS_evp_aes_192_cfb1();
+}
+
+const EVP_CIPHER *EVP_aes_192_cfb128(void)
+{
+ return FIPS_evp_aes_192_cfb128();
+}
+
+const EVP_CIPHER *EVP_aes_192_cfb8(void)
+{
+ return FIPS_evp_aes_192_cfb8();
+}
+
+const EVP_CIPHER *EVP_aes_192_ctr(void)
+{
+ return FIPS_evp_aes_192_ctr();
+}
+
+const EVP_CIPHER *EVP_aes_192_ecb(void)
+{
+ return FIPS_evp_aes_192_ecb();
+}
+
+const EVP_CIPHER *EVP_aes_192_gcm(void)
+{
+ return FIPS_evp_aes_192_gcm();
+}
+
+const EVP_CIPHER *EVP_aes_192_ofb(void)
+{
+ return FIPS_evp_aes_192_ofb();
+}
+
+const EVP_CIPHER *EVP_aes_256_cbc(void)
+{
+ return FIPS_evp_aes_256_cbc();
+}
+
+const EVP_CIPHER *EVP_aes_256_ccm(void)
+{
+ return FIPS_evp_aes_256_ccm();
+}
+
+const EVP_CIPHER *EVP_aes_256_cfb1(void)
+{
+ return FIPS_evp_aes_256_cfb1();
+}
+
+const EVP_CIPHER *EVP_aes_256_cfb128(void)
+{
+ return FIPS_evp_aes_256_cfb128();
+}
+
+const EVP_CIPHER *EVP_aes_256_cfb8(void)
+{
+ return FIPS_evp_aes_256_cfb8();
+}
+
+const EVP_CIPHER *EVP_aes_256_ctr(void)
+{
+ return FIPS_evp_aes_256_ctr();
+}
+
+const EVP_CIPHER *EVP_aes_256_ecb(void)
+{
+ return FIPS_evp_aes_256_ecb();
+}
+
+const EVP_CIPHER *EVP_aes_256_gcm(void)
+{
+ return FIPS_evp_aes_256_gcm();
+}
+
+const EVP_CIPHER *EVP_aes_256_ofb(void)
+{
+ return FIPS_evp_aes_256_ofb();
+}
+
+const EVP_CIPHER *EVP_aes_256_xts(void)
+{
+ return FIPS_evp_aes_256_xts();
+}
+
+const EVP_CIPHER *EVP_des_ede(void)
+{
+ return FIPS_evp_des_ede();
+}
+
+const EVP_CIPHER *EVP_des_ede3(void)
+{
+ return FIPS_evp_des_ede3();
+}
+
+const EVP_CIPHER *EVP_des_ede3_cbc(void)
+{
+ return FIPS_evp_des_ede3_cbc();
+}
+
+const EVP_CIPHER *EVP_des_ede3_cfb1(void)
+{
+ return FIPS_evp_des_ede3_cfb1();
+}
+
+const EVP_CIPHER *EVP_des_ede3_cfb64(void)
+{
+ return FIPS_evp_des_ede3_cfb64();
+}
+
+const EVP_CIPHER *EVP_des_ede3_cfb8(void)
+{
+ return FIPS_evp_des_ede3_cfb8();
+}
+
+const EVP_CIPHER *EVP_des_ede3_ecb(void)
+{
+ return FIPS_evp_des_ede3_ecb();
+}
+
+const EVP_CIPHER *EVP_des_ede3_ofb(void)
+{
+ return FIPS_evp_des_ede3_ofb();
+}
+
+const EVP_CIPHER *EVP_des_ede_cbc(void)
+{
+ return FIPS_evp_des_ede_cbc();
+}
+
+const EVP_CIPHER *EVP_des_ede_cfb64(void)
+{
+ return FIPS_evp_des_ede_cfb64();
+}
+
+const EVP_CIPHER *EVP_des_ede_ecb(void)
+{
+ return FIPS_evp_des_ede_ecb();
+}
+
+const EVP_CIPHER *EVP_des_ede_ofb(void)
+{
+ return FIPS_evp_des_ede_ofb();
+}
+
+const EVP_CIPHER *EVP_enc_null(void)
+{
+ return FIPS_evp_enc_null();
+}
+
+const EVP_MD *EVP_sha1(void)
+{
+ return FIPS_evp_sha1();
+}
+
+const EVP_MD *EVP_sha224(void)
+{
+ return FIPS_evp_sha224();
+}
+
+const EVP_MD *EVP_sha256(void)
+{
+ return FIPS_evp_sha256();
+}
+
+const EVP_MD *EVP_sha384(void)
+{
+ return FIPS_evp_sha384();
+}
+
+const EVP_MD *EVP_sha512(void)
+{
+ return FIPS_evp_sha512();
+}
+
+const EVP_MD *EVP_dss(void)
+{
+ return FIPS_evp_dss();
+}
+
+const EVP_MD *EVP_dss1(void)
+{
+ return FIPS_evp_dss1();
+}
+
+const EVP_MD *EVP_ecdsa(void)
+{
+ return FIPS_evp_ecdsa();
+}
+
+#endif
Modified: trunk/crypto/openssl/crypto/evp/evp_key.c
===================================================================
--- trunk/crypto/openssl/crypto/evp/evp_key.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/evp/evp_key.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -91,6 +91,12 @@
*/
int EVP_read_pw_string(char *buf, int len, const char *prompt, int verify)
{
+ return EVP_read_pw_string_min(buf, 0, len, prompt, verify);
+}
+
+int EVP_read_pw_string_min(char *buf, int min, int len, const char *prompt,
+ int verify)
+{
int ret;
char buff[BUFSIZ];
UI *ui;
@@ -98,11 +104,11 @@
if ((prompt == NULL) && (prompt_string[0] != '\0'))
prompt = prompt_string;
ui = UI_new();
- UI_add_input_string(ui, prompt, 0, buf, 0,
+ UI_add_input_string(ui, prompt, 0, buf, min,
(len >= BUFSIZ) ? BUFSIZ - 1 : len);
if (verify)
UI_add_verify_string(ui, prompt, 0,
- buff, 0, (len >= BUFSIZ) ? BUFSIZ - 1 : len,
+ buff, min, (len >= BUFSIZ) ? BUFSIZ - 1 : len,
buf);
ret = UI_process(ui);
UI_free(ui);
@@ -119,7 +125,7 @@
unsigned char md_buf[EVP_MAX_MD_SIZE];
int niv, nkey, addmd = 0;
unsigned int mds = 0, i;
-
+ int rv = 0;
nkey = type->key_len;
niv = type->iv_len;
OPENSSL_assert(nkey <= EVP_MAX_KEY_LENGTH);
@@ -133,16 +139,23 @@
if (!EVP_DigestInit_ex(&c, md, NULL))
return 0;
if (addmd++)
- EVP_DigestUpdate(&c, &(md_buf[0]), mds);
- EVP_DigestUpdate(&c, data, datal);
+ if (!EVP_DigestUpdate(&c, &(md_buf[0]), mds))
+ goto err;
+ if (!EVP_DigestUpdate(&c, data, datal))
+ goto err;
if (salt != NULL)
- EVP_DigestUpdate(&c, salt, PKCS5_SALT_LEN);
- EVP_DigestFinal_ex(&c, &(md_buf[0]), &mds);
+ if (!EVP_DigestUpdate(&c, salt, PKCS5_SALT_LEN))
+ goto err;
+ if (!EVP_DigestFinal_ex(&c, &(md_buf[0]), &mds))
+ goto err;
for (i = 1; i < (unsigned int)count; i++) {
- EVP_DigestInit_ex(&c, md, NULL);
- EVP_DigestUpdate(&c, &(md_buf[0]), mds);
- EVP_DigestFinal_ex(&c, &(md_buf[0]), &mds);
+ if (!EVP_DigestInit_ex(&c, md, NULL))
+ goto err;
+ if (!EVP_DigestUpdate(&c, &(md_buf[0]), mds))
+ goto err;
+ if (!EVP_DigestFinal_ex(&c, &(md_buf[0]), &mds))
+ goto err;
}
i = 0;
if (nkey) {
@@ -172,7 +185,9 @@
if ((nkey == 0) && (niv == 0))
break;
}
+ rv = type->key_len;
+ err:
EVP_MD_CTX_cleanup(&c);
OPENSSL_cleanse(&(md_buf[0]), EVP_MAX_MD_SIZE);
- return (type->key_len);
+ return rv;
}
Modified: trunk/crypto/openssl/crypto/evp/evp_lib.c
===================================================================
--- trunk/crypto/openssl/crypto/evp/evp_lib.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/evp/evp_lib.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -187,6 +187,12 @@
return ctx->cipher->block_size;
}
+int EVP_Cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, unsigned int inl)
+{
+ return ctx->cipher->do_cipher(ctx, out, in, inl);
+}
+
const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx)
{
return ctx->cipher;
@@ -197,6 +203,11 @@
return cipher->flags;
}
+unsigned long EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx)
+{
+ return ctx->cipher->flags;
+}
+
void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx)
{
return ctx->app_data;
@@ -212,6 +223,11 @@
return cipher->iv_len;
}
+int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx)
+{
+ return ctx->cipher->iv_len;
+}
+
int EVP_CIPHER_key_length(const EVP_CIPHER *cipher)
{
return cipher->key_len;
@@ -222,6 +238,11 @@
return ctx->key_len;
}
+int EVP_CIPHER_nid(const EVP_CIPHER *cipher)
+{
+ return cipher->nid;
+}
+
int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx)
{
return ctx->cipher->nid;
@@ -244,11 +265,22 @@
int EVP_MD_size(const EVP_MD *md)
{
+ if (!md) {
+ EVPerr(EVP_F_EVP_MD_SIZE, EVP_R_MESSAGE_DIGEST_IS_NULL);
+ return -1;
+ }
return md->md_size;
}
+unsigned long EVP_MD_flags(const EVP_MD *md)
+{
+ return md->flags;
+}
+
const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx)
{
+ if (!ctx)
+ return NULL;
return ctx->digest;
}
Modified: trunk/crypto/openssl/crypto/evp/evp_locl.h
===================================================================
--- trunk/crypto/openssl/crypto/evp/evp_locl.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/evp/evp_locl.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -62,7 +62,7 @@
/* Wrapper functions for each cipher mode */
#define BLOCK_CIPHER_ecb_loop() \
- unsigned int i, bl; \
+ size_t i, bl; \
bl = ctx->cipher->block_size;\
if(inl < bl) return 1;\
inl -= bl; \
@@ -69,7 +69,7 @@
for(i=0; i <= inl; i+=bl)
#define BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \
-static int cname##_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \
+static int cname##_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
{\
BLOCK_CIPHER_ecb_loop() \
cprefix##_ecb_encrypt(in + i, out + i, &((kstruct *)ctx->cipher_data)->ksched, ctx->encrypt);\
@@ -76,24 +76,52 @@
return 1;\
}
+#define EVP_MAXCHUNK ((size_t)1<<(sizeof(long)*8-2))
+
#define BLOCK_CIPHER_func_ofb(cname, cprefix, cbits, kstruct, ksched) \
-static int cname##_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \
+static int cname##_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
{\
- cprefix##_ofb##cbits##_encrypt(in, out, (long)inl, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num);\
+ while(inl>=EVP_MAXCHUNK)\
+ {\
+ cprefix##_ofb##cbits##_encrypt(in, out, (long)EVP_MAXCHUNK, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num);\
+ inl-=EVP_MAXCHUNK;\
+ in +=EVP_MAXCHUNK;\
+ out+=EVP_MAXCHUNK;\
+ }\
+ if (inl)\
+ cprefix##_ofb##cbits##_encrypt(in, out, (long)inl, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num);\
return 1;\
}
#define BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \
-static int cname##_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \
+static int cname##_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
{\
- cprefix##_cbc_encrypt(in, out, (long)inl, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, ctx->encrypt);\
+ while(inl>=EVP_MAXCHUNK) \
+ {\
+ cprefix##_cbc_encrypt(in, out, (long)EVP_MAXCHUNK, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, ctx->encrypt);\
+ inl-=EVP_MAXCHUNK;\
+ in +=EVP_MAXCHUNK;\
+ out+=EVP_MAXCHUNK;\
+ }\
+ if (inl)\
+ cprefix##_cbc_encrypt(in, out, (long)inl, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, ctx->encrypt);\
return 1;\
}
#define BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \
-static int cname##_cfb##cbits##_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \
+static int cname##_cfb##cbits##_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
{\
- cprefix##_cfb##cbits##_encrypt(in, out, (long)((cbits==1) && !(ctx->flags & EVP_CIPH_FLAG_LENGTH_BITS) ?inl*8:inl), &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num, ctx->encrypt);\
+ size_t chunk=EVP_MAXCHUNK;\
+ if (cbits==1) chunk>>=3;\
+ if (inl<chunk) chunk=inl;\
+ while(inl && inl>=chunk)\
+ {\
+ cprefix##_cfb##cbits##_encrypt(in, out, (long)((cbits==1) && !(ctx->flags & EVP_CIPH_FLAG_LENGTH_BITS) ?inl*8:inl), &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num, ctx->encrypt);\
+ inl-=chunk;\
+ in +=chunk;\
+ out+=chunk;\
+ if(inl<chunk) chunk=inl;\
+ }\
return 1;\
}
@@ -226,26 +254,117 @@
#define EVP_C_DATA(kstruct, ctx) ((kstruct *)(ctx)->cipher_data)
-#define IMPLEMENT_CFBR(cipher,cprefix,kstruct,ksched,keysize,cbits,iv_len,fl) \
+#define IMPLEMENT_CFBR(cipher,cprefix,kstruct,ksched,keysize,cbits,iv_len) \
BLOCK_CIPHER_func_cfb(cipher##_##keysize,cprefix,cbits,kstruct,ksched) \
BLOCK_CIPHER_def_cfb(cipher##_##keysize,kstruct, \
NID_##cipher##_##keysize, keysize/8, iv_len, cbits, \
- (fl)|EVP_CIPH_FLAG_DEFAULT_ASN1, \
- cipher##_init_key, NULL, NULL, NULL, NULL)
+ 0, cipher##_init_key, NULL, \
+ EVP_CIPHER_set_asn1_iv, \
+ EVP_CIPHER_get_asn1_iv, \
+ NULL)
+struct evp_pkey_ctx_st {
+ /* Method associated with this operation */
+ const EVP_PKEY_METHOD *pmeth;
+ /* Engine that implements this method or NULL if builtin */
+ ENGINE *engine;
+ /* Key: may be NULL */
+ EVP_PKEY *pkey;
+ /* Peer key for key agreement, may be NULL */
+ EVP_PKEY *peerkey;
+ /* Actual operation */
+ int operation;
+ /* Algorithm specific data */
+ void *data;
+ /* Application specific data */
+ void *app_data;
+ /* Keygen callback */
+ EVP_PKEY_gen_cb *pkey_gencb;
+ /* implementation specific keygen data */
+ int *keygen_info;
+ int keygen_info_count;
+} /* EVP_PKEY_CTX */ ;
+
+#define EVP_PKEY_FLAG_DYNAMIC 1
+
+struct evp_pkey_method_st {
+ int pkey_id;
+ int flags;
+ int (*init) (EVP_PKEY_CTX *ctx);
+ int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
+ void (*cleanup) (EVP_PKEY_CTX *ctx);
+ int (*paramgen_init) (EVP_PKEY_CTX *ctx);
+ int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);
+ int (*keygen_init) (EVP_PKEY_CTX *ctx);
+ int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);
+ int (*sign_init) (EVP_PKEY_CTX *ctx);
+ int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+ const unsigned char *tbs, size_t tbslen);
+ int (*verify_init) (EVP_PKEY_CTX *ctx);
+ int (*verify) (EVP_PKEY_CTX *ctx,
+ const unsigned char *sig, size_t siglen,
+ const unsigned char *tbs, size_t tbslen);
+ int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
+ int (*verify_recover) (EVP_PKEY_CTX *ctx,
+ unsigned char *rout, size_t *routlen,
+ const unsigned char *sig, size_t siglen);
+ int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+ EVP_MD_CTX *mctx);
+ int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
+ EVP_MD_CTX *mctx);
+ int (*encrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+ const unsigned char *in, size_t inlen);
+ int (*decrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+ const unsigned char *in, size_t inlen);
+ int (*derive_init) (EVP_PKEY_CTX *ctx);
+ int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);
+ int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
+ int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);
+} /* EVP_PKEY_METHOD */ ;
+
+void evp_pkey_set_cb_translate(BN_GENCB *cb, EVP_PKEY_CTX *ctx);
+
+int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass,
+ int passlen, ASN1_TYPE *param,
+ const EVP_CIPHER *c, const EVP_MD *md,
+ int en_de);
+
#ifdef OPENSSL_FIPS
-# define RC2_set_key private_RC2_set_key
-# define RC4_set_key private_RC4_set_key
-# define CAST_set_key private_CAST_set_key
-# define RC5_32_set_key private_RC5_32_set_key
-# define BF_set_key private_BF_set_key
-# define Camellia_set_key private_Camellia_set_key
-# define idea_set_encrypt_key private_idea_set_encrypt_key
+# ifdef OPENSSL_DOING_MAKEDEPEND
+# undef SHA1_Init
+# undef SHA1_Update
+# undef SHA224_Init
+# undef SHA256_Init
+# undef SHA384_Init
+# undef SHA512_Init
+# undef DES_set_key_unchecked
+# endif
+
+# define RIPEMD160_Init private_RIPEMD160_Init
+# define WHIRLPOOL_Init private_WHIRLPOOL_Init
# define MD5_Init private_MD5_Init
# define MD4_Init private_MD4_Init
# define MD2_Init private_MD2_Init
# define MDC2_Init private_MDC2_Init
# define SHA_Init private_SHA_Init
+# define SHA1_Init private_SHA1_Init
+# define SHA224_Init private_SHA224_Init
+# define SHA256_Init private_SHA256_Init
+# define SHA384_Init private_SHA384_Init
+# define SHA512_Init private_SHA512_Init
+# define BF_set_key private_BF_set_key
+# define CAST_set_key private_CAST_set_key
+# define idea_set_encrypt_key private_idea_set_encrypt_key
+# define SEED_set_key private_SEED_set_key
+# define RC2_set_key private_RC2_set_key
+# define RC4_set_key private_RC4_set_key
+# define DES_set_key_unchecked private_DES_set_key_unchecked
+# define Camellia_set_key private_Camellia_set_key
+
#endif
Modified: trunk/crypto/openssl/crypto/evp/evp_pbe.c
===================================================================
--- trunk/crypto/openssl/crypto/evp/evp_pbe.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/evp/evp_pbe.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -4,7 +4,7 @@
* 1999.
*/
/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -60,34 +60,104 @@
#include <stdio.h>
#include "cryptlib.h"
#include <openssl/evp.h>
+#include <openssl/pkcs12.h>
#include <openssl/x509.h>
+#include "evp_locl.h"
/* Password based encryption (PBE) functions */
-static STACK *pbe_algs;
+DECLARE_STACK_OF(EVP_PBE_CTL)
+static STACK_OF(EVP_PBE_CTL) *pbe_algs;
/* Setup a cipher context from a PBE algorithm */
typedef struct {
+ int pbe_type;
int pbe_nid;
- const EVP_CIPHER *cipher;
- const EVP_MD *md;
+ int cipher_nid;
+ int md_nid;
EVP_PBE_KEYGEN *keygen;
} EVP_PBE_CTL;
+static const EVP_PBE_CTL builtin_pbe[] = {
+ {EVP_PBE_TYPE_OUTER, NID_pbeWithMD2AndDES_CBC,
+ NID_des_cbc, NID_md2, PKCS5_PBE_keyivgen},
+ {EVP_PBE_TYPE_OUTER, NID_pbeWithMD5AndDES_CBC,
+ NID_des_cbc, NID_md5, PKCS5_PBE_keyivgen},
+ {EVP_PBE_TYPE_OUTER, NID_pbeWithSHA1AndRC2_CBC,
+ NID_rc2_64_cbc, NID_sha1, PKCS5_PBE_keyivgen},
+
+#ifndef OPENSSL_NO_HMAC
+ {EVP_PBE_TYPE_OUTER, NID_id_pbkdf2, -1, -1, PKCS5_v2_PBKDF2_keyivgen},
+#endif
+
+ {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And128BitRC4,
+ NID_rc4, NID_sha1, PKCS12_PBE_keyivgen},
+ {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And40BitRC4,
+ NID_rc4_40, NID_sha1, PKCS12_PBE_keyivgen},
+ {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And3_Key_TripleDES_CBC,
+ NID_des_ede3_cbc, NID_sha1, PKCS12_PBE_keyivgen},
+ {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And2_Key_TripleDES_CBC,
+ NID_des_ede_cbc, NID_sha1, PKCS12_PBE_keyivgen},
+ {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And128BitRC2_CBC,
+ NID_rc2_cbc, NID_sha1, PKCS12_PBE_keyivgen},
+ {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And40BitRC2_CBC,
+ NID_rc2_40_cbc, NID_sha1, PKCS12_PBE_keyivgen},
+
+#ifndef OPENSSL_NO_HMAC
+ {EVP_PBE_TYPE_OUTER, NID_pbes2, -1, -1, PKCS5_v2_PBE_keyivgen},
+#endif
+ {EVP_PBE_TYPE_OUTER, NID_pbeWithMD2AndRC2_CBC,
+ NID_rc2_64_cbc, NID_md2, PKCS5_PBE_keyivgen},
+ {EVP_PBE_TYPE_OUTER, NID_pbeWithMD5AndRC2_CBC,
+ NID_rc2_64_cbc, NID_md5, PKCS5_PBE_keyivgen},
+ {EVP_PBE_TYPE_OUTER, NID_pbeWithSHA1AndDES_CBC,
+ NID_des_cbc, NID_sha1, PKCS5_PBE_keyivgen},
+
+ {EVP_PBE_TYPE_PRF, NID_hmacWithSHA1, -1, NID_sha1, 0},
+ {EVP_PBE_TYPE_PRF, NID_hmacWithMD5, -1, NID_md5, 0},
+ {EVP_PBE_TYPE_PRF, NID_hmacWithSHA224, -1, NID_sha224, 0},
+ {EVP_PBE_TYPE_PRF, NID_hmacWithSHA256, -1, NID_sha256, 0},
+ {EVP_PBE_TYPE_PRF, NID_hmacWithSHA384, -1, NID_sha384, 0},
+ {EVP_PBE_TYPE_PRF, NID_hmacWithSHA512, -1, NID_sha512, 0},
+ {EVP_PBE_TYPE_PRF, NID_id_HMACGostR3411_94, -1, NID_id_GostR3411_94, 0},
+};
+
+#ifdef TEST
+int main(int argc, char **argv)
+{
+ int i, nid_md, nid_cipher;
+ EVP_PBE_CTL *tpbe, *tpbe2;
+ /*
+ * OpenSSL_add_all_algorithms();
+ */
+
+ for (i = 0; i < sizeof(builtin_pbe) / sizeof(EVP_PBE_CTL); i++) {
+ tpbe = builtin_pbe + i;
+ fprintf(stderr, "%d %d %s ", tpbe->pbe_type, tpbe->pbe_nid,
+ OBJ_nid2sn(tpbe->pbe_nid));
+ if (EVP_PBE_find(tpbe->pbe_type, tpbe->pbe_nid,
+ &nid_cipher, &nid_md, 0))
+ fprintf(stderr, "Found %s %s\n",
+ OBJ_nid2sn(nid_cipher), OBJ_nid2sn(nid_md));
+ else
+ fprintf(stderr, "Find ERROR!!\n");
+ }
+
+ return 0;
+}
+#endif
+
int EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de)
{
+ const EVP_CIPHER *cipher;
+ const EVP_MD *md;
+ int cipher_nid, md_nid;
+ EVP_PBE_KEYGEN *keygen;
- EVP_PBE_CTL *pbetmp, pbelu;
- int i;
- pbelu.pbe_nid = OBJ_obj2nid(pbe_obj);
- if (pbelu.pbe_nid != NID_undef)
- i = sk_find(pbe_algs, (char *)&pbelu);
- else
- i = -1;
-
- if (i == -1) {
+ if (!EVP_PBE_find(EVP_PBE_TYPE_OUTER, OBJ_obj2nid(pbe_obj),
+ &cipher_nid, &md_nid, &keygen)) {
char obj_tmp[80];
EVPerr(EVP_F_EVP_PBE_CIPHERINIT, EVP_R_UNKNOWN_PBE_ALGORITHM);
if (!pbe_obj)
@@ -97,14 +167,33 @@
ERR_add_error_data(2, "TYPE=", obj_tmp);
return 0;
}
+
if (!pass)
passlen = 0;
else if (passlen == -1)
passlen = strlen(pass);
- pbetmp = (EVP_PBE_CTL *)sk_value(pbe_algs, i);
- i = (*pbetmp->keygen) (ctx, pass, passlen, param, pbetmp->cipher,
- pbetmp->md, en_de);
- if (!i) {
+
+ if (cipher_nid == -1)
+ cipher = NULL;
+ else {
+ cipher = EVP_get_cipherbynid(cipher_nid);
+ if (!cipher) {
+ EVPerr(EVP_F_EVP_PBE_CIPHERINIT, EVP_R_UNKNOWN_CIPHER);
+ return 0;
+ }
+ }
+
+ if (md_nid == -1)
+ md = NULL;
+ else {
+ md = EVP_get_digestbynid(md_nid);
+ if (!md) {
+ EVPerr(EVP_F_EVP_PBE_CIPHERINIT, EVP_R_UNKNOWN_DIGEST);
+ return 0;
+ }
+ }
+
+ if (!keygen(ctx, pass, passlen, param, cipher, md, en_de)) {
EVPerr(EVP_F_EVP_PBE_CIPHERINIT, EVP_R_KEYGEN_FAILURE);
return 0;
}
@@ -111,59 +200,105 @@
return 1;
}
-static int pbe_cmp(const char *const *a, const char *const *b)
+DECLARE_OBJ_BSEARCH_CMP_FN(EVP_PBE_CTL, EVP_PBE_CTL, pbe2);
+
+static int pbe2_cmp(const EVP_PBE_CTL *pbe1, const EVP_PBE_CTL *pbe2)
{
- const EVP_PBE_CTL *const *pbe1 = (const EVP_PBE_CTL *const *)a,
- *const *pbe2 = (const EVP_PBE_CTL *const *)b;
- return ((*pbe1)->pbe_nid - (*pbe2)->pbe_nid);
+ int ret = pbe1->pbe_type - pbe2->pbe_type;
+ if (ret)
+ return ret;
+ else
+ return pbe1->pbe_nid - pbe2->pbe_nid;
}
+IMPLEMENT_OBJ_BSEARCH_CMP_FN(EVP_PBE_CTL, EVP_PBE_CTL, pbe2);
+
+static int pbe_cmp(const EVP_PBE_CTL *const *a, const EVP_PBE_CTL *const *b)
+{
+ int ret = (*a)->pbe_type - (*b)->pbe_type;
+ if (ret)
+ return ret;
+ else
+ return (*a)->pbe_nid - (*b)->pbe_nid;
+}
+
/* Add a PBE algorithm */
+int EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid,
+ int md_nid, EVP_PBE_KEYGEN *keygen)
+{
+ EVP_PBE_CTL *pbe_tmp;
+ if (!pbe_algs)
+ pbe_algs = sk_EVP_PBE_CTL_new(pbe_cmp);
+ if (!(pbe_tmp = (EVP_PBE_CTL *)OPENSSL_malloc(sizeof(EVP_PBE_CTL)))) {
+ EVPerr(EVP_F_EVP_PBE_ALG_ADD_TYPE, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+ pbe_tmp->pbe_type = pbe_type;
+ pbe_tmp->pbe_nid = pbe_nid;
+ pbe_tmp->cipher_nid = cipher_nid;
+ pbe_tmp->md_nid = md_nid;
+ pbe_tmp->keygen = keygen;
+
+ sk_EVP_PBE_CTL_push(pbe_algs, pbe_tmp);
+ return 1;
+}
+
int EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md,
EVP_PBE_KEYGEN *keygen)
{
- EVP_PBE_CTL *pbe_tmp = NULL, pbelu;
+ int cipher_nid, md_nid;
+ if (cipher)
+ cipher_nid = EVP_CIPHER_nid(cipher);
+ else
+ cipher_nid = -1;
+ if (md)
+ md_nid = EVP_MD_type(md);
+ else
+ md_nid = -1;
+
+ return EVP_PBE_alg_add_type(EVP_PBE_TYPE_OUTER, nid,
+ cipher_nid, md_nid, keygen);
+}
+
+int EVP_PBE_find(int type, int pbe_nid,
+ int *pcnid, int *pmnid, EVP_PBE_KEYGEN **pkeygen)
+{
+ EVP_PBE_CTL *pbetmp = NULL, pbelu;
int i;
- if (!pbe_algs) {
- pbe_algs = sk_new(pbe_cmp);
- if (!pbe_algs) {
- EVPerr(EVP_F_EVP_PBE_ALG_ADD, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- } else {
- /* Check if already present */
- pbelu.pbe_nid = nid;
- i = sk_find(pbe_algs, (char *)&pbelu);
- if (i >= 0) {
- pbe_tmp = (EVP_PBE_CTL *)sk_value(pbe_algs, i);
- /* If everything identical leave alone */
- if (pbe_tmp->cipher == cipher
- && pbe_tmp->md == md && pbe_tmp->keygen == keygen)
- return 1;
- }
- }
+ if (pbe_nid == NID_undef)
+ return 0;
- if (!pbe_tmp) {
- pbe_tmp = OPENSSL_malloc(sizeof(EVP_PBE_CTL));
- if (!pbe_tmp) {
- EVPerr(EVP_F_EVP_PBE_ALG_ADD, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- /* If adding a new PBE, set nid, append and sort */
- pbe_tmp->pbe_nid = nid;
- sk_push(pbe_algs, (char *)pbe_tmp);
- sk_sort(pbe_algs);
+ pbelu.pbe_type = type;
+ pbelu.pbe_nid = pbe_nid;
+
+ if (pbe_algs) {
+ i = sk_EVP_PBE_CTL_find(pbe_algs, &pbelu);
+ if (i != -1)
+ pbetmp = sk_EVP_PBE_CTL_value(pbe_algs, i);
}
-
- pbe_tmp->cipher = cipher;
- pbe_tmp->md = md;
- pbe_tmp->keygen = keygen;
+ if (pbetmp == NULL) {
+ pbetmp = OBJ_bsearch_pbe2(&pbelu, builtin_pbe,
+ sizeof(builtin_pbe) / sizeof(EVP_PBE_CTL));
+ }
+ if (pbetmp == NULL)
+ return 0;
+ if (pcnid)
+ *pcnid = pbetmp->cipher_nid;
+ if (pmnid)
+ *pmnid = pbetmp->md_nid;
+ if (pkeygen)
+ *pkeygen = pbetmp->keygen;
return 1;
}
+static void free_evp_pbe_ctl(EVP_PBE_CTL *pbe)
+{
+ OPENSSL_freeFunc(pbe);
+}
+
void EVP_PBE_cleanup(void)
{
- sk_pop_free(pbe_algs, OPENSSL_freeFunc);
+ sk_EVP_PBE_CTL_pop_free(pbe_algs, free_evp_pbe_ctl);
pbe_algs = NULL;
}
Modified: trunk/crypto/openssl/crypto/evp/evp_pkey.c
===================================================================
--- trunk/crypto/openssl/crypto/evp/evp_pkey.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/evp/evp_pkey.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -4,7 +4,7 @@
* 1999.
*/
/* ====================================================================
- * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -62,281 +62,46 @@
#include "cryptlib.h"
#include <openssl/x509.h>
#include <openssl/rand.h>
-#ifndef OPENSSL_NO_RSA
-# include <openssl/rsa.h>
-#endif
-#ifndef OPENSSL_NO_DSA
-# include <openssl/dsa.h>
-#endif
-#include <openssl/bn.h>
+#include "asn1_locl.h"
-#ifndef OPENSSL_NO_DSA
-static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8inf, EVP_PKEY *pkey);
-#endif
-#ifndef OPENSSL_NO_EC
-static int eckey_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8inf, EVP_PKEY *pkey);
-#endif
-
/* Extract a private key from a PKCS8 structure */
EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8)
{
EVP_PKEY *pkey = NULL;
-#ifndef OPENSSL_NO_RSA
- RSA *rsa = NULL;
-#endif
-#ifndef OPENSSL_NO_DSA
- DSA *dsa = NULL;
- ASN1_TYPE *t1, *t2;
- ASN1_INTEGER *privkey;
- STACK_OF(ASN1_TYPE) *ndsa = NULL;
-#endif
-#ifndef OPENSSL_NO_EC
- EC_KEY *eckey = NULL;
- const unsigned char *p_tmp;
-#endif
-#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_EC)
- ASN1_TYPE *param = NULL;
- BN_CTX *ctx = NULL;
- int plen;
-#endif
- X509_ALGOR *a;
- const unsigned char *p;
- const unsigned char *cp;
- int pkeylen;
- int nid;
+ ASN1_OBJECT *algoid;
char obj_tmp[80];
- if (p8->pkey->type == V_ASN1_OCTET_STRING) {
- p8->broken = PKCS8_OK;
- p = p8->pkey->value.octet_string->data;
- pkeylen = p8->pkey->value.octet_string->length;
- } else {
- p8->broken = PKCS8_NO_OCTET;
- p = p8->pkey->value.sequence->data;
- pkeylen = p8->pkey->value.sequence->length;
- }
+ if (!PKCS8_pkey_get0(&algoid, NULL, NULL, NULL, p8))
+ return NULL;
+
if (!(pkey = EVP_PKEY_new())) {
EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_MALLOC_FAILURE);
return NULL;
}
- a = p8->pkeyalg;
- nid = OBJ_obj2nid(a->algorithm);
- switch (nid) {
-#ifndef OPENSSL_NO_RSA
- case NID_rsaEncryption:
- cp = p;
- if (!(rsa = d2i_RSAPrivateKey(NULL, &cp, pkeylen))) {
- EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
- return NULL;
- }
- EVP_PKEY_assign_RSA(pkey, rsa);
- break;
-#endif
-#ifndef OPENSSL_NO_DSA
- case NID_dsa:
- /*
- * PKCS#8 DSA is weird: you just get a private key integer and
- * parameters in the AlgorithmIdentifier the pubkey must be
- * recalculated.
- */
- /* Check for broken DSA PKCS#8, UGH! */
- if (*p == (V_ASN1_SEQUENCE | V_ASN1_CONSTRUCTED)) {
- if (!(ndsa = ASN1_seq_unpack_ASN1_TYPE(p, pkeylen,
- d2i_ASN1_TYPE,
- ASN1_TYPE_free))) {
- EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
- goto dsaerr;
- }
- if (sk_ASN1_TYPE_num(ndsa) != 2) {
- EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
- goto dsaerr;
- }
- /*
- * Handle Two broken types: SEQUENCE {parameters, priv_key}
- * SEQUENCE {pub_key, priv_key}
- */
+ if (!EVP_PKEY_set_type(pkey, OBJ_obj2nid(algoid))) {
+ EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM);
+ i2t_ASN1_OBJECT(obj_tmp, 80, algoid);
+ ERR_add_error_data(2, "TYPE=", obj_tmp);
+ goto error;
+ }
- t1 = sk_ASN1_TYPE_value(ndsa, 0);
- t2 = sk_ASN1_TYPE_value(ndsa, 1);
- if (t1->type == V_ASN1_SEQUENCE) {
- p8->broken = PKCS8_EMBEDDED_PARAM;
- param = t1;
- } else if (a->parameter->type == V_ASN1_SEQUENCE) {
- p8->broken = PKCS8_NS_DB;
- param = a->parameter;
- } else {
- EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
- goto dsaerr;
- }
-
- if (t2->type != V_ASN1_INTEGER) {
- EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
- goto dsaerr;
- }
- privkey = t2->value.integer;
- } else {
- if (!(privkey = d2i_ASN1_INTEGER(NULL, &p, pkeylen))) {
- EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
- goto dsaerr;
- }
- param = p8->pkeyalg->parameter;
+ if (pkey->ameth->priv_decode) {
+ if (!pkey->ameth->priv_decode(pkey, p8)) {
+ EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_PRIVATE_KEY_DECODE_ERROR);
+ goto error;
}
- if (!param || (param->type != V_ASN1_SEQUENCE)) {
- EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
- goto dsaerr;
- }
- cp = p = param->value.sequence->data;
- plen = param->value.sequence->length;
- if (!(dsa = d2i_DSAparams(NULL, &cp, plen))) {
- EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
- goto dsaerr;
- }
- /* We have parameters now set private key */
- if (!(dsa->priv_key = ASN1_INTEGER_to_BN(privkey, NULL))) {
- EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_BN_DECODE_ERROR);
- goto dsaerr;
- }
- /* Calculate public key (ouch!) */
- if (!(dsa->pub_key = BN_new())) {
- EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_MALLOC_FAILURE);
- goto dsaerr;
- }
- if (!(ctx = BN_CTX_new())) {
- EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_MALLOC_FAILURE);
- goto dsaerr;
- }
+ } else {
+ EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_METHOD_NOT_SUPPORTED);
+ goto error;
+ }
- if (!BN_mod_exp(dsa->pub_key, dsa->g, dsa->priv_key, dsa->p, ctx)) {
+ return pkey;
- EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_BN_PUBKEY_ERROR);
- goto dsaerr;
- }
-
- EVP_PKEY_assign_DSA(pkey, dsa);
- BN_CTX_free(ctx);
- if (ndsa)
- sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
- else
- ASN1_INTEGER_free(privkey);
- break;
- dsaerr:
- BN_CTX_free(ctx);
- sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
- DSA_free(dsa);
- EVP_PKEY_free(pkey);
- return NULL;
- break;
-#endif
-#ifndef OPENSSL_NO_EC
- case NID_X9_62_id_ecPublicKey:
- p_tmp = p;
- /* extract the ec parameters */
- param = p8->pkeyalg->parameter;
-
- if (!param || ((param->type != V_ASN1_SEQUENCE) &&
- (param->type != V_ASN1_OBJECT))) {
- EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
- goto ecerr;
- }
-
- if (param->type == V_ASN1_SEQUENCE) {
- cp = p = param->value.sequence->data;
- plen = param->value.sequence->length;
-
- if (!(eckey = d2i_ECParameters(NULL, &cp, plen))) {
- EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
- goto ecerr;
- }
- } else {
- EC_GROUP *group;
- cp = p = param->value.object->data;
- plen = param->value.object->length;
-
- /*
- * type == V_ASN1_OBJECT => the parameters are given by an asn1
- * OID
- */
- if ((eckey = EC_KEY_new()) == NULL) {
- EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_MALLOC_FAILURE);
- goto ecerr;
- }
- group =
- EC_GROUP_new_by_curve_name(OBJ_obj2nid
- (a->parameter->value.object));
- if (group == NULL)
- goto ecerr;
- EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE);
- if (EC_KEY_set_group(eckey, group) == 0)
- goto ecerr;
- EC_GROUP_free(group);
- }
-
- /* We have parameters now set private key */
- if (!d2i_ECPrivateKey(&eckey, &p_tmp, pkeylen)) {
- EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
- goto ecerr;
- }
-
- /* calculate public key (if necessary) */
- if (EC_KEY_get0_public_key(eckey) == NULL) {
- const BIGNUM *priv_key;
- const EC_GROUP *group;
- EC_POINT *pub_key;
- /*
- * the public key was not included in the SEC1 private key =>
- * calculate the public key
- */
- group = EC_KEY_get0_group(eckey);
- pub_key = EC_POINT_new(group);
- if (pub_key == NULL) {
- EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB);
- goto ecerr;
- }
- if (!EC_POINT_copy(pub_key, EC_GROUP_get0_generator(group))) {
- EC_POINT_free(pub_key);
- EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB);
- goto ecerr;
- }
- priv_key = EC_KEY_get0_private_key(eckey);
- if (!EC_POINT_mul(group, pub_key, priv_key, NULL, NULL, ctx)) {
- EC_POINT_free(pub_key);
- EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB);
- goto ecerr;
- }
- if (EC_KEY_set_public_key(eckey, pub_key) == 0) {
- EC_POINT_free(pub_key);
- EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB);
- goto ecerr;
- }
- EC_POINT_free(pub_key);
- }
-
- EVP_PKEY_assign_EC_KEY(pkey, eckey);
- if (ctx)
- BN_CTX_free(ctx);
- break;
- ecerr:
- if (ctx)
- BN_CTX_free(ctx);
- if (eckey)
- EC_KEY_free(eckey);
- if (pkey)
- EVP_PKEY_free(pkey);
- return NULL;
-#endif
- default:
- EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM);
- if (!a->algorithm)
- BUF_strlcpy(obj_tmp, "NULL", sizeof obj_tmp);
- else
- i2t_ASN1_OBJECT(obj_tmp, 80, a->algorithm);
- ERR_add_error_data(2, "TYPE=", obj_tmp);
- EVP_PKEY_free(pkey);
- return NULL;
- }
- return pkey;
+ error:
+ EVP_PKEY_free(pkey);
+ return NULL;
}
PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey)
@@ -355,60 +120,29 @@
return NULL;
}
p8->broken = broken;
- if (!ASN1_INTEGER_set(p8->version, 0)) {
- EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN, ERR_R_MALLOC_FAILURE);
- PKCS8_PRIV_KEY_INFO_free(p8);
- return NULL;
- }
- if (!(p8->pkeyalg->parameter = ASN1_TYPE_new())) {
- EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN, ERR_R_MALLOC_FAILURE);
- PKCS8_PRIV_KEY_INFO_free(p8);
- return NULL;
- }
- p8->pkey->type = V_ASN1_OCTET_STRING;
- switch (EVP_PKEY_type(pkey->type)) {
-#ifndef OPENSSL_NO_RSA
- case EVP_PKEY_RSA:
- if (p8->broken == PKCS8_NO_OCTET)
- p8->pkey->type = V_ASN1_SEQUENCE;
-
- p8->pkeyalg->algorithm = OBJ_nid2obj(NID_rsaEncryption);
- p8->pkeyalg->parameter->type = V_ASN1_NULL;
- if (!ASN1_pack_string_of(EVP_PKEY, pkey, i2d_PrivateKey,
- &p8->pkey->value.octet_string)) {
- EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN, ERR_R_MALLOC_FAILURE);
- PKCS8_PRIV_KEY_INFO_free(p8);
- return NULL;
+ if (pkey->ameth) {
+ if (pkey->ameth->priv_encode) {
+ if (!pkey->ameth->priv_encode(p8, pkey)) {
+ EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN,
+ EVP_R_PRIVATE_KEY_ENCODE_ERROR);
+ goto error;
+ }
+ } else {
+ EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN, EVP_R_METHOD_NOT_SUPPORTED);
+ goto error;
}
- break;
-#endif
-#ifndef OPENSSL_NO_DSA
- case EVP_PKEY_DSA:
- if (!dsa_pkey2pkcs8(p8, pkey)) {
- PKCS8_PRIV_KEY_INFO_free(p8);
- return NULL;
- }
-
- break;
-#endif
-#ifndef OPENSSL_NO_EC
- case EVP_PKEY_EC:
- if (!eckey_pkey2pkcs8(p8, pkey)) {
- PKCS8_PRIV_KEY_INFO_free(p8);
- return (NULL);
- }
- break;
-#endif
- default:
+ } else {
EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN,
EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM);
- PKCS8_PRIV_KEY_INFO_free(p8);
- return NULL;
+ goto error;
}
RAND_add(p8->pkey->value.octet_string->data,
p8->pkey->value.octet_string->length, 0.0);
return p8;
+ error:
+ PKCS8_PRIV_KEY_INFO_free(p8);
+ return NULL;
}
PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken)
@@ -432,293 +166,6 @@
}
}
-#ifndef OPENSSL_NO_DSA
-static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey)
-{
- ASN1_STRING *params = NULL;
- ASN1_INTEGER *prkey = NULL;
- ASN1_TYPE *ttmp = NULL;
- STACK_OF(ASN1_TYPE) *ndsa = NULL;
- unsigned char *p = NULL, *q;
- int len;
-
- p8->pkeyalg->algorithm = OBJ_nid2obj(NID_dsa);
- len = i2d_DSAparams(pkey->pkey.dsa, NULL);
- if (!(p = OPENSSL_malloc(len))) {
- EVPerr(EVP_F_DSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- q = p;
- i2d_DSAparams(pkey->pkey.dsa, &q);
- if (!(params = ASN1_STRING_new())) {
- EVPerr(EVP_F_DSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- if (!ASN1_STRING_set(params, p, len)) {
- EVPerr(EVP_F_DSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- OPENSSL_free(p);
- p = NULL;
- /* Get private key into integer */
- if (!(prkey = BN_to_ASN1_INTEGER(pkey->pkey.dsa->priv_key, NULL))) {
- EVPerr(EVP_F_DSA_PKEY2PKCS8, EVP_R_ENCODE_ERROR);
- goto err;
- }
-
- switch (p8->broken) {
-
- case PKCS8_OK:
- case PKCS8_NO_OCTET:
-
- if (!ASN1_pack_string_of(ASN1_INTEGER, prkey, i2d_ASN1_INTEGER,
- &p8->pkey->value.octet_string)) {
- EVPerr(EVP_F_DSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- M_ASN1_INTEGER_free(prkey);
- prkey = NULL;
- p8->pkeyalg->parameter->value.sequence = params;
- params = NULL;
- p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE;
-
- break;
-
- case PKCS8_NS_DB:
-
- p8->pkeyalg->parameter->value.sequence = params;
- params = NULL;
- p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE;
- if (!(ndsa = sk_ASN1_TYPE_new_null())) {
- EVPerr(EVP_F_DSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- if (!(ttmp = ASN1_TYPE_new())) {
- EVPerr(EVP_F_DSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- if (!(ttmp->value.integer =
- BN_to_ASN1_INTEGER(pkey->pkey.dsa->pub_key, NULL))) {
- EVPerr(EVP_F_DSA_PKEY2PKCS8, EVP_R_ENCODE_ERROR);
- goto err;
- }
- ttmp->type = V_ASN1_INTEGER;
- if (!sk_ASN1_TYPE_push(ndsa, ttmp)) {
- EVPerr(EVP_F_DSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- if (!(ttmp = ASN1_TYPE_new())) {
- EVPerr(EVP_F_DSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- ttmp->value.integer = prkey;
- prkey = NULL;
- ttmp->type = V_ASN1_INTEGER;
- if (!sk_ASN1_TYPE_push(ndsa, ttmp)) {
- EVPerr(EVP_F_DSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- ttmp = NULL;
-
- if (!(p8->pkey->value.octet_string = ASN1_OCTET_STRING_new())) {
- EVPerr(EVP_F_DSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- if (!ASN1_seq_pack_ASN1_TYPE(ndsa, i2d_ASN1_TYPE,
- &p8->pkey->value.octet_string->data,
- &p8->pkey->value.octet_string->length)) {
-
- EVPerr(EVP_F_DSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
- break;
-
- case PKCS8_EMBEDDED_PARAM:
-
- p8->pkeyalg->parameter->type = V_ASN1_NULL;
- if (!(ndsa = sk_ASN1_TYPE_new_null())) {
- EVPerr(EVP_F_DSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- if (!(ttmp = ASN1_TYPE_new())) {
- EVPerr(EVP_F_DSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- ttmp->value.sequence = params;
- params = NULL;
- ttmp->type = V_ASN1_SEQUENCE;
- if (!sk_ASN1_TYPE_push(ndsa, ttmp)) {
- EVPerr(EVP_F_DSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- if (!(ttmp = ASN1_TYPE_new())) {
- EVPerr(EVP_F_DSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- ttmp->value.integer = prkey;
- prkey = NULL;
- ttmp->type = V_ASN1_INTEGER;
- if (!sk_ASN1_TYPE_push(ndsa, ttmp)) {
- EVPerr(EVP_F_DSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- ttmp = NULL;
-
- if (!(p8->pkey->value.octet_string = ASN1_OCTET_STRING_new())) {
- EVPerr(EVP_F_DSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- if (!ASN1_seq_pack_ASN1_TYPE(ndsa, i2d_ASN1_TYPE,
- &p8->pkey->value.octet_string->data,
- &p8->pkey->value.octet_string->length)) {
-
- EVPerr(EVP_F_DSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
- break;
- }
- return 1;
- err:
- if (p != NULL)
- OPENSSL_free(p);
- if (params != NULL)
- ASN1_STRING_free(params);
- if (prkey != NULL)
- M_ASN1_INTEGER_free(prkey);
- if (ttmp != NULL)
- ASN1_TYPE_free(ttmp);
- if (ndsa != NULL)
- sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
- return 0;
-}
-#endif
-
-#ifndef OPENSSL_NO_EC
-static int eckey_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey)
-{
- EC_KEY *ec_key;
- const EC_GROUP *group;
- unsigned char *p, *pp;
- int nid, i, ret = 0;
- unsigned int tmp_flags, old_flags;
-
- ec_key = pkey->pkey.ec;
- if (ec_key == NULL || (group = EC_KEY_get0_group(ec_key)) == NULL) {
- EVPerr(EVP_F_ECKEY_PKEY2PKCS8, EVP_R_MISSING_PARAMETERS);
- return 0;
- }
-
- /* set the ec parameters OID */
- if (p8->pkeyalg->algorithm)
- ASN1_OBJECT_free(p8->pkeyalg->algorithm);
-
- p8->pkeyalg->algorithm = OBJ_nid2obj(NID_X9_62_id_ecPublicKey);
-
- /* set the ec parameters */
-
- if (p8->pkeyalg->parameter) {
- ASN1_TYPE_free(p8->pkeyalg->parameter);
- p8->pkeyalg->parameter = NULL;
- }
-
- if ((p8->pkeyalg->parameter = ASN1_TYPE_new()) == NULL) {
- EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
- return 0;
- }
-
- if (EC_GROUP_get_asn1_flag(group)
- && (nid = EC_GROUP_get_curve_name(group))) {
- /* we have a 'named curve' => just set the OID */
- p8->pkeyalg->parameter->type = V_ASN1_OBJECT;
- p8->pkeyalg->parameter->value.object = OBJ_nid2obj(nid);
- } else { /* explicit parameters */
-
- if ((i = i2d_ECParameters(ec_key, NULL)) == 0) {
- EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_EC_LIB);
- return 0;
- }
- if ((p = (unsigned char *)OPENSSL_malloc(i)) == NULL) {
- EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- pp = p;
- if (!i2d_ECParameters(ec_key, &pp)) {
- EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_EC_LIB);
- OPENSSL_free(p);
- return 0;
- }
- p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE;
- if ((p8->pkeyalg->parameter->value.sequence
- = ASN1_STRING_new()) == NULL) {
- EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_ASN1_LIB);
- OPENSSL_free(p);
- return 0;
- }
- ASN1_STRING_set(p8->pkeyalg->parameter->value.sequence, p, i);
- OPENSSL_free(p);
- }
-
- /* set the private key */
-
- /*
- * do not include the parameters in the SEC1 private key see PKCS#11
- * 12.11
- */
- old_flags = EC_KEY_get_enc_flags(pkey->pkey.ec);
- tmp_flags = old_flags | EC_PKEY_NO_PARAMETERS;
- EC_KEY_set_enc_flags(pkey->pkey.ec, tmp_flags);
- i = i2d_ECPrivateKey(pkey->pkey.ec, NULL);
- if (!i) {
- EC_KEY_set_enc_flags(pkey->pkey.ec, old_flags);
- EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_EC_LIB);
- return 0;
- }
- p = (unsigned char *)OPENSSL_malloc(i);
- if (!p) {
- EC_KEY_set_enc_flags(pkey->pkey.ec, old_flags);
- EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- pp = p;
- if (!i2d_ECPrivateKey(pkey->pkey.ec, &pp)) {
- EC_KEY_set_enc_flags(pkey->pkey.ec, old_flags);
- EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_EC_LIB);
- OPENSSL_free(p);
- return 0;
- }
- /* restore old encoding flags */
- EC_KEY_set_enc_flags(pkey->pkey.ec, old_flags);
-
- switch (p8->broken) {
-
- case PKCS8_OK:
- p8->pkey->value.octet_string = ASN1_OCTET_STRING_new();
- if (!p8->pkey->value.octet_string ||
- !M_ASN1_OCTET_STRING_set(p8->pkey->value.octet_string,
- (const void *)p, i)) {
- EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
- } else
- ret = 1;
- break;
- case PKCS8_NO_OCTET: /* RSA specific */
- case PKCS8_NS_DB: /* DSA specific */
- case PKCS8_EMBEDDED_PARAM: /* DSA specific */
- default:
- EVPerr(EVP_F_ECKEY_PKEY2PKCS8, EVP_R_ENCODE_ERROR);
- }
- OPENSSL_cleanse(p, (size_t)i);
- OPENSSL_free(p);
- return ret;
-}
-#endif
-
/* EVP_PKEY attribute functions */
int EVP_PKEY_get_attr_count(const EVP_PKEY *key)
Modified: trunk/crypto/openssl/crypto/evp/evp_test.c
===================================================================
--- trunk/crypto/openssl/crypto/evp/evp_test.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/evp/evp_test.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -149,8 +149,8 @@
hexdump(stdout, "Ciphertext", ciphertext, cn);
if (kn != c->key_len) {
- fprintf(stderr, "Key length doesn't match, got %d expected %d\n", kn,
- c->key_len);
+ fprintf(stderr, "Key length doesn't match, got %d expected %lu\n", kn,
+ (unsigned long)c->key_len);
test1_exit(5);
}
EVP_CIPHER_CTX_init(&ctx);
@@ -416,7 +416,7 @@
#endif
EVP_cleanup();
CRYPTO_cleanup_all_ex_data();
- ERR_remove_state(0);
+ ERR_remove_thread_state(NULL);
ERR_free_strings();
CRYPTO_mem_leaks_fp(stderr);
Modified: trunk/crypto/openssl/crypto/evp/evptests.txt
===================================================================
--- trunk/crypto/openssl/crypto/evp/evptests.txt 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/evp/evptests.txt 2015-07-21 23:23:45 UTC (rev 7118)
@@ -158,6 +158,19 @@
AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E1C656305ED1A7A6563805746FE03EDC:30C81C46A35CE411E5FBC1191A0A52EF:71AB47A086E86EEDF39D1C5BBA97C408:0
AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:41635BE625B48AFC1666DD42A09D96E7:F69F2445DF4F9B17AD2B417BE66C3710:0126141D67F37BE8538F5A8BE740E484:0
+# AES Counter test vectors from RFC3686
+aes-128-ctr:AE6852F8121067CC4BF7A5765577F39E:00000030000000000000000000000001:53696E676C6520626C6F636B206D7367:E4095D4FB7A7B3792D6175A3261311B8:1
+aes-128-ctr:7E24067817FAE0D743D6CE1F32539163:006CB6DBC0543B59DA48D90B00000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F:5104A106168A72D9790D41EE8EDAD388EB2E1EFC46DA57C8FCE630DF9141BE28:1
+aes-128-ctr:7691BE035E5020A8AC6E618529F9A0DC:00E0017B27777F3F4A1786F000000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223:C1CF48A89F2FFDD9CF4652E9EFDB72D74540A42BDE6D7836D59A5CEAAEF3105325B2072F:1
+
+aes-192-ctr:16AF5B145FC9F579C175F93E3BFB0EED863D06CCFDB78515:0000004836733C147D6D93CB00000001:53696E676C6520626C6F636B206D7367:4B55384FE259C9C84E7935A003CBE928:1
+aes-192-ctr:7C5CB2401B3DC33C19E7340819E0F69C678C3DB8E6F6A91A:0096B03B020C6EADC2CB500D00000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F:453243FC609B23327EDFAAFA7131CD9F8490701C5AD4A79CFC1FE0FF42F4FB00:1
+aes-192-ctr:02BF391EE8ECB159B959617B0965279BF59B60A786D3E0FE:0007BDFD5CBD60278DCC091200000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223:96893FC55E5C722F540B7DD1DDF7E758D288BC95C69165884536C811662F2188ABEE0935:1
+
+aes-256-ctr:776BEFF2851DB06F4C8A0542C8696F6C6A81AF1EEC96B4D37FC1D689E6C1C104:00000060DB5672C97AA8F0B200000001:53696E676C6520626C6F636B206D7367:145AD01DBF824EC7560863DC71E3E0C0:1
+aes-256-ctr:F6D66D6BD52D59BB0796365879EFF886C66DD51A5B6A99744B50590C87A23884:00FAAC24C1585EF15A43D87500000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F:F05E231B3894612C49EE000B804EB2A9B8306B508F839D6A5530831D9344AF1C:1
+aes-256-ctr:FF7A617CE69148E4F1726E2F43581DE2AA62D9F805532EDFF1EED687FB54153D:001CC5B751A51D70A1C1114800000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223:EB6C52821D0BBBF7CE7594462ACA4FAAB407DF866569FD07F48CC0B583D6071F1EC0E6B8:1
+
# DES ECB tests (from destest)
DES-ECB:0000000000000000::0000000000000000:8CA64DE9C1B123A7
Modified: trunk/crypto/openssl/crypto/evp/m_dss.c
===================================================================
--- trunk/crypto/openssl/crypto/evp/m_dss.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/evp/m_dss.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -60,12 +60,13 @@
#include "cryptlib.h"
#include <openssl/evp.h>
#include <openssl/objects.h>
-#include <openssl/x509.h>
+#include <openssl/sha.h>
#ifndef OPENSSL_NO_DSA
# include <openssl/dsa.h>
#endif
#ifndef OPENSSL_NO_SHA
+# ifndef OPENSSL_FIPS
static int init(EVP_MD_CTX *ctx)
{
@@ -86,7 +87,7 @@
NID_dsaWithSHA,
NID_dsaWithSHA,
SHA_DIGEST_LENGTH,
- EVP_MD_FLAG_FIPS,
+ EVP_MD_FLAG_PKEY_DIGEST,
init,
update,
final,
@@ -101,4 +102,5 @@
{
return (&dsa_md);
}
+# endif
#endif
Modified: trunk/crypto/openssl/crypto/evp/m_dss1.c
===================================================================
--- trunk/crypto/openssl/crypto/evp/m_dss1.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/evp/m_dss1.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -63,7 +63,7 @@
# include <openssl/evp.h>
# include <openssl/objects.h>
-# include <openssl/x509.h>
+# include <openssl/sha.h>
# ifndef OPENSSL_NO_DSA
# include <openssl/dsa.h>
# endif
@@ -89,7 +89,7 @@
NID_dsa,
NID_dsaWithSHA1,
SHA_DIGEST_LENGTH,
- 0,
+ EVP_MD_FLAG_PKEY_DIGEST,
init,
update,
final,
Modified: trunk/crypto/openssl/crypto/evp/m_ecdsa.c
===================================================================
--- trunk/crypto/openssl/crypto/evp/m_ecdsa.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/evp/m_ecdsa.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -116,6 +116,8 @@
#include <openssl/x509.h>
#ifndef OPENSSL_NO_SHA
+# ifndef OPENSSL_FIPS
+
static int init(EVP_MD_CTX *ctx)
{
return SHA1_Init(ctx->md_data);
@@ -135,7 +137,7 @@
NID_ecdsa_with_SHA1,
NID_ecdsa_with_SHA1,
SHA_DIGEST_LENGTH,
- 0,
+ EVP_MD_FLAG_PKEY_DIGEST,
init,
update,
final,
@@ -150,4 +152,5 @@
{
return (&ecdsa_md);
}
+# endif
#endif
Modified: trunk/crypto/openssl/crypto/evp/m_md2.c
===================================================================
--- trunk/crypto/openssl/crypto/evp/m_md2.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/evp/m_md2.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -58,7 +58,6 @@
#include <stdio.h>
#include "cryptlib.h"
-#include "evp_locl.h"
#ifndef OPENSSL_NO_MD2
Modified: trunk/crypto/openssl/crypto/evp/m_md4.c
===================================================================
--- trunk/crypto/openssl/crypto/evp/m_md4.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/evp/m_md4.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -58,7 +58,6 @@
#include <stdio.h>
#include "cryptlib.h"
-#include "evp_locl.h"
#ifndef OPENSSL_NO_MD4
@@ -70,6 +69,8 @@
# include <openssl/rsa.h>
# endif
+# include "evp_locl.h"
+
static int init(EVP_MD_CTX *ctx)
{
return MD4_Init(ctx->md_data);
Modified: trunk/crypto/openssl/crypto/evp/m_md5.c
===================================================================
--- trunk/crypto/openssl/crypto/evp/m_md5.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/evp/m_md5.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -62,7 +62,6 @@
#ifndef OPENSSL_NO_MD5
# include <openssl/evp.h>
-# include "evp_locl.h"
# include <openssl/objects.h>
# include <openssl/x509.h>
# include <openssl/md5.h>
@@ -69,6 +68,7 @@
# ifndef OPENSSL_NO_RSA
# include <openssl/rsa.h>
# endif
+# include "evp_locl.h"
static int init(EVP_MD_CTX *ctx)
{
Modified: trunk/crypto/openssl/crypto/evp/m_mdc2.c
===================================================================
--- trunk/crypto/openssl/crypto/evp/m_mdc2.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/evp/m_mdc2.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -58,7 +58,6 @@
#include <stdio.h>
#include "cryptlib.h"
-#include "evp_locl.h"
#ifndef OPENSSL_NO_MDC2
@@ -66,8 +65,12 @@
# include <openssl/objects.h>
# include <openssl/x509.h>
# include <openssl/mdc2.h>
-# include <openssl/rsa.h>
+# ifndef OPENSSL_NO_RSA
+# include <openssl/rsa.h>
+# endif
+# include "evp_locl.h"
+
static int init(EVP_MD_CTX *ctx)
{
return MDC2_Init(ctx->md_data);
Modified: trunk/crypto/openssl/crypto/evp/m_ripemd.c
===================================================================
--- trunk/crypto/openssl/crypto/evp/m_ripemd.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/evp/m_ripemd.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -68,6 +68,7 @@
# ifndef OPENSSL_NO_RSA
# include <openssl/rsa.h>
# endif
+# include "evp_locl.h"
static int init(EVP_MD_CTX *ctx)
{
Modified: trunk/crypto/openssl/crypto/evp/m_sha.c
===================================================================
--- trunk/crypto/openssl/crypto/evp/m_sha.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/evp/m_sha.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -58,7 +58,6 @@
#include <stdio.h>
#include "cryptlib.h"
-#include "evp_locl.h"
#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA0)
@@ -68,6 +67,7 @@
# ifndef OPENSSL_NO_RSA
# include <openssl/rsa.h>
# endif
+# include "evp_locl.h"
static int init(EVP_MD_CTX *ctx)
{
Modified: trunk/crypto/openssl/crypto/evp/m_sha1.c
===================================================================
--- trunk/crypto/openssl/crypto/evp/m_sha1.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/evp/m_sha1.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -59,16 +59,16 @@
#include <stdio.h>
#include "cryptlib.h"
-#ifndef OPENSSL_NO_SHA
+#ifndef OPENSSL_FIPS
-# include <openssl/evp.h>
-# include <openssl/objects.h>
-# include <openssl/x509.h>
-# ifndef OPENSSL_NO_RSA
-# include <openssl/rsa.h>
-# endif
+# ifndef OPENSSL_NO_SHA
-# ifndef OPENSSL_FIPS
+# include <openssl/evp.h>
+# include <openssl/objects.h>
+# include <openssl/sha.h>
+# ifndef OPENSSL_NO_RSA
+# include <openssl/rsa.h>
+# endif
static int init(EVP_MD_CTX *ctx)
{
@@ -89,7 +89,7 @@
NID_sha1,
NID_sha1WithRSAEncryption,
SHA_DIGEST_LENGTH,
- 0,
+ EVP_MD_FLAG_PKEY_METHOD_SIGNATURE | EVP_MD_FLAG_DIGALGID_ABSENT,
init,
update,
final,
@@ -104,8 +104,9 @@
{
return (&sha1_md);
}
+# endif
-# ifndef OPENSSL_NO_SHA256
+# ifndef OPENSSL_NO_SHA256
static int init224(EVP_MD_CTX *ctx)
{
return SHA224_Init(ctx->md_data);
@@ -135,7 +136,7 @@
NID_sha224,
NID_sha224WithRSAEncryption,
SHA224_DIGEST_LENGTH,
- 0,
+ EVP_MD_FLAG_PKEY_METHOD_SIGNATURE | EVP_MD_FLAG_DIGALGID_ABSENT,
init224,
update256,
final256,
@@ -155,7 +156,7 @@
NID_sha256,
NID_sha256WithRSAEncryption,
SHA256_DIGEST_LENGTH,
- 0,
+ EVP_MD_FLAG_PKEY_METHOD_SIGNATURE | EVP_MD_FLAG_DIGALGID_ABSENT,
init256,
update256,
final256,
@@ -170,9 +171,9 @@
{
return (&sha256_md);
}
-# endif /* ifndef OPENSSL_NO_SHA256 */
+# endif /* ifndef OPENSSL_NO_SHA256 */
-# ifndef OPENSSL_NO_SHA512
+# ifndef OPENSSL_NO_SHA512
static int init384(EVP_MD_CTX *ctx)
{
return SHA384_Init(ctx->md_data);
@@ -198,7 +199,7 @@
NID_sha384,
NID_sha384WithRSAEncryption,
SHA384_DIGEST_LENGTH,
- 0,
+ EVP_MD_FLAG_PKEY_METHOD_SIGNATURE | EVP_MD_FLAG_DIGALGID_ABSENT,
init384,
update512,
final512,
@@ -218,7 +219,7 @@
NID_sha512,
NID_sha512WithRSAEncryption,
SHA512_DIGEST_LENGTH,
- 0,
+ EVP_MD_FLAG_PKEY_METHOD_SIGNATURE | EVP_MD_FLAG_DIGALGID_ABSENT,
init512,
update512,
final512,
@@ -233,8 +234,6 @@
{
return (&sha512_md);
}
-# endif /* ifndef OPENSSL_NO_SHA512 */
+# endif /* ifndef OPENSSL_NO_SHA512 */
-# endif
-
#endif
Copied: trunk/crypto/openssl/crypto/evp/m_sigver.c (from rev 7117, vendor-crypto/openssl/dist/crypto/evp/m_sigver.c)
===================================================================
--- trunk/crypto/openssl/crypto/evp/m_sigver.c (rev 0)
+++ trunk/crypto/openssl/crypto/evp/m_sigver.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,187 @@
+/* m_sigver.c */
+/*
+ * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+ * 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006,2007 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/evp.h>
+#include <openssl/objects.h>
+#include <openssl/x509.h>
+#include "evp_locl.h"
+
+static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
+ const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey,
+ int ver)
+{
+ if (ctx->pctx == NULL)
+ ctx->pctx = EVP_PKEY_CTX_new(pkey, e);
+ if (ctx->pctx == NULL)
+ return 0;
+
+ if (type == NULL) {
+ int def_nid;
+ if (EVP_PKEY_get_default_digest_nid(pkey, &def_nid) > 0)
+ type = EVP_get_digestbynid(def_nid);
+ }
+
+ if (type == NULL) {
+ EVPerr(EVP_F_DO_SIGVER_INIT, EVP_R_NO_DEFAULT_DIGEST);
+ return 0;
+ }
+
+ if (ver) {
+ if (ctx->pctx->pmeth->verifyctx_init) {
+ if (ctx->pctx->pmeth->verifyctx_init(ctx->pctx, ctx) <= 0)
+ return 0;
+ ctx->pctx->operation = EVP_PKEY_OP_VERIFYCTX;
+ } else if (EVP_PKEY_verify_init(ctx->pctx) <= 0)
+ return 0;
+ } else {
+ if (ctx->pctx->pmeth->signctx_init) {
+ if (ctx->pctx->pmeth->signctx_init(ctx->pctx, ctx) <= 0)
+ return 0;
+ ctx->pctx->operation = EVP_PKEY_OP_SIGNCTX;
+ } else if (EVP_PKEY_sign_init(ctx->pctx) <= 0)
+ return 0;
+ }
+ if (EVP_PKEY_CTX_set_signature_md(ctx->pctx, type) <= 0)
+ return 0;
+ if (pctx)
+ *pctx = ctx->pctx;
+ if (!EVP_DigestInit_ex(ctx, type, e))
+ return 0;
+ return 1;
+}
+
+int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
+ const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey)
+{
+ return do_sigver_init(ctx, pctx, type, e, pkey, 0);
+}
+
+int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
+ const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey)
+{
+ return do_sigver_init(ctx, pctx, type, e, pkey, 1);
+}
+
+int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
+ size_t *siglen)
+{
+ int sctx, r = 0;
+ if (ctx->pctx->pmeth->signctx)
+ sctx = 1;
+ else
+ sctx = 0;
+ if (sigret) {
+ EVP_MD_CTX tmp_ctx;
+ unsigned char md[EVP_MAX_MD_SIZE];
+ unsigned int mdlen;
+ EVP_MD_CTX_init(&tmp_ctx);
+ if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx))
+ return 0;
+ if (sctx)
+ r = tmp_ctx.pctx->pmeth->signctx(tmp_ctx.pctx,
+ sigret, siglen, &tmp_ctx);
+ else
+ r = EVP_DigestFinal_ex(&tmp_ctx, md, &mdlen);
+ EVP_MD_CTX_cleanup(&tmp_ctx);
+ if (sctx || !r)
+ return r;
+ if (EVP_PKEY_sign(ctx->pctx, sigret, siglen, md, mdlen) <= 0)
+ return 0;
+ } else {
+ if (sctx) {
+ if (ctx->pctx->pmeth->signctx(ctx->pctx, sigret, siglen, ctx) <=
+ 0)
+ return 0;
+ } else {
+ int s = EVP_MD_size(ctx->digest);
+ if (s < 0
+ || EVP_PKEY_sign(ctx->pctx, sigret, siglen, NULL, s) <= 0)
+ return 0;
+ }
+ }
+ return 1;
+}
+
+int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, unsigned char *sig, size_t siglen)
+{
+ EVP_MD_CTX tmp_ctx;
+ unsigned char md[EVP_MAX_MD_SIZE];
+ int r;
+ unsigned int mdlen;
+ int vctx;
+
+ if (ctx->pctx->pmeth->verifyctx)
+ vctx = 1;
+ else
+ vctx = 0;
+ EVP_MD_CTX_init(&tmp_ctx);
+ if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx))
+ return -1;
+ if (vctx) {
+ r = tmp_ctx.pctx->pmeth->verifyctx(tmp_ctx.pctx,
+ sig, siglen, &tmp_ctx);
+ } else
+ r = EVP_DigestFinal_ex(&tmp_ctx, md, &mdlen);
+ EVP_MD_CTX_cleanup(&tmp_ctx);
+ if (vctx || !r)
+ return r;
+ return EVP_PKEY_verify(ctx->pctx, sig, siglen, md, mdlen);
+}
Copied: trunk/crypto/openssl/crypto/evp/m_wp.c (from rev 7117, vendor-crypto/openssl/dist/crypto/evp/m_wp.c)
===================================================================
--- trunk/crypto/openssl/crypto/evp/m_wp.c (rev 0)
+++ trunk/crypto/openssl/crypto/evp/m_wp.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,48 @@
+/* crypto/evp/m_wp.c */
+
+#include <stdio.h>
+#include "cryptlib.h"
+
+#ifndef OPENSSL_NO_WHIRLPOOL
+
+# include <openssl/evp.h>
+# include <openssl/objects.h>
+# include <openssl/x509.h>
+# include <openssl/whrlpool.h>
+# include "evp_locl.h"
+
+static int init(EVP_MD_CTX *ctx)
+{
+ return WHIRLPOOL_Init(ctx->md_data);
+}
+
+static int update(EVP_MD_CTX *ctx, const void *data, size_t count)
+{
+ return WHIRLPOOL_Update(ctx->md_data, data, count);
+}
+
+static int final(EVP_MD_CTX *ctx, unsigned char *md)
+{
+ return WHIRLPOOL_Final(md, ctx->md_data);
+}
+
+static const EVP_MD whirlpool_md = {
+ NID_whirlpool,
+ 0,
+ WHIRLPOOL_DIGEST_LENGTH,
+ 0,
+ init,
+ update,
+ final,
+ NULL,
+ NULL,
+ EVP_PKEY_NULL_method,
+ WHIRLPOOL_BBLOCK / 8,
+ sizeof(EVP_MD *) + sizeof(WHIRLPOOL_CTX),
+};
+
+const EVP_MD *EVP_whirlpool(void)
+{
+ return (&whirlpool_md);
+}
+#endif
Modified: trunk/crypto/openssl/crypto/evp/names.c
===================================================================
--- trunk/crypto/openssl/crypto/evp/names.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/evp/names.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -66,14 +66,16 @@
{
int r;
-#ifdef OPENSSL_FIPS
+ if (c == NULL)
+ return 0;
+
OPENSSL_init();
-#endif
r = OBJ_NAME_add(OBJ_nid2sn(c->nid), OBJ_NAME_TYPE_CIPHER_METH,
(const char *)c);
if (r == 0)
return (0);
+ check_defer(c->nid);
r = OBJ_NAME_add(OBJ_nid2ln(c->nid), OBJ_NAME_TYPE_CIPHER_METH,
(const char *)c);
return (r);
@@ -83,14 +85,13 @@
{
int r;
const char *name;
+ OPENSSL_init();
-#ifdef OPENSSL_FIPS
- OPENSSL_init();
-#endif
name = OBJ_nid2sn(md->type);
r = OBJ_NAME_add(name, OBJ_NAME_TYPE_MD_METH, (const char *)md);
if (r == 0)
return (0);
+ check_defer(md->type);
r = OBJ_NAME_add(OBJ_nid2ln(md->type), OBJ_NAME_TYPE_MD_METH,
(const char *)md);
if (r == 0)
@@ -101,6 +102,7 @@
OBJ_NAME_TYPE_MD_METH | OBJ_NAME_ALIAS, name);
if (r == 0)
return (0);
+ check_defer(md->pkey_type);
r = OBJ_NAME_add(OBJ_nid2ln(md->pkey_type),
OBJ_NAME_TYPE_MD_METH | OBJ_NAME_ALIAS, name);
}
@@ -135,4 +137,79 @@
OBJ_NAME_cleanup(-1);
EVP_PBE_cleanup();
+ if (obj_cleanup_defer == 2) {
+ obj_cleanup_defer = 0;
+ OBJ_cleanup();
+ }
+ OBJ_sigid_free();
}
+
+struct doall_cipher {
+ void *arg;
+ void (*fn) (const EVP_CIPHER *ciph,
+ const char *from, const char *to, void *arg);
+};
+
+static void do_all_cipher_fn(const OBJ_NAME *nm, void *arg)
+{
+ struct doall_cipher *dc = arg;
+ if (nm->alias)
+ dc->fn(NULL, nm->name, nm->data, dc->arg);
+ else
+ dc->fn((const EVP_CIPHER *)nm->data, nm->name, NULL, dc->arg);
+}
+
+void EVP_CIPHER_do_all(void (*fn) (const EVP_CIPHER *ciph,
+ const char *from, const char *to, void *x),
+ void *arg)
+{
+ struct doall_cipher dc;
+ dc.fn = fn;
+ dc.arg = arg;
+ OBJ_NAME_do_all(OBJ_NAME_TYPE_CIPHER_METH, do_all_cipher_fn, &dc);
+}
+
+void EVP_CIPHER_do_all_sorted(void (*fn) (const EVP_CIPHER *ciph,
+ const char *from, const char *to,
+ void *x), void *arg)
+{
+ struct doall_cipher dc;
+ dc.fn = fn;
+ dc.arg = arg;
+ OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_CIPHER_METH, do_all_cipher_fn, &dc);
+}
+
+struct doall_md {
+ void *arg;
+ void (*fn) (const EVP_MD *ciph,
+ const char *from, const char *to, void *arg);
+};
+
+static void do_all_md_fn(const OBJ_NAME *nm, void *arg)
+{
+ struct doall_md *dc = arg;
+ if (nm->alias)
+ dc->fn(NULL, nm->name, nm->data, dc->arg);
+ else
+ dc->fn((const EVP_MD *)nm->data, nm->name, NULL, dc->arg);
+}
+
+void EVP_MD_do_all(void (*fn) (const EVP_MD *md,
+ const char *from, const char *to, void *x),
+ void *arg)
+{
+ struct doall_md dc;
+ dc.fn = fn;
+ dc.arg = arg;
+ OBJ_NAME_do_all(OBJ_NAME_TYPE_MD_METH, do_all_md_fn, &dc);
+}
+
+void EVP_MD_do_all_sorted(void (*fn) (const EVP_MD *md,
+ const char *from, const char *to,
+ void *x), void *arg)
+{
+ struct doall_md dc;
+ dc.fn = fn;
+ dc.arg = arg;
+ OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_MD_METH, do_all_md_fn, &dc);
+}
Modified: trunk/crypto/openssl/crypto/evp/p5_crpt.c
===================================================================
--- trunk/crypto/openssl/crypto/evp/p5_crpt.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/evp/p5_crpt.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -64,42 +64,11 @@
#include <openssl/evp.h>
/*
- * PKCS#5 v1.5 compatible PBE functions: see PKCS#5 v2.0 for more info.
+ * Doesn't do anything now: Builtin PBE algorithms in static table.
*/
void PKCS5_PBE_add(void)
{
-#ifndef OPENSSL_NO_DES
-# ifndef OPENSSL_NO_MD5
- EVP_PBE_alg_add(NID_pbeWithMD5AndDES_CBC, EVP_des_cbc(), EVP_md5(),
- PKCS5_PBE_keyivgen);
-# endif
-# ifndef OPENSSL_NO_MD2
- EVP_PBE_alg_add(NID_pbeWithMD2AndDES_CBC, EVP_des_cbc(), EVP_md2(),
- PKCS5_PBE_keyivgen);
-# endif
-# ifndef OPENSSL_NO_SHA
- EVP_PBE_alg_add(NID_pbeWithSHA1AndDES_CBC, EVP_des_cbc(), EVP_sha1(),
- PKCS5_PBE_keyivgen);
-# endif
-#endif
-#ifndef OPENSSL_NO_RC2
-# ifndef OPENSSL_NO_MD5
- EVP_PBE_alg_add(NID_pbeWithMD5AndRC2_CBC, EVP_rc2_64_cbc(), EVP_md5(),
- PKCS5_PBE_keyivgen);
-# endif
-# ifndef OPENSSL_NO_MD2
- EVP_PBE_alg_add(NID_pbeWithMD2AndRC2_CBC, EVP_rc2_64_cbc(), EVP_md2(),
- PKCS5_PBE_keyivgen);
-# endif
-# ifndef OPENSSL_NO_SHA
- EVP_PBE_alg_add(NID_pbeWithSHA1AndRC2_CBC, EVP_rc2_64_cbc(), EVP_sha1(),
- PKCS5_PBE_keyivgen);
-# endif
-#endif
-#ifndef OPENSSL_NO_HMAC
- EVP_PBE_alg_add(NID_pbes2, NULL, NULL, PKCS5_v2_PBE_keyivgen);
-#endif
}
int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
@@ -114,6 +83,9 @@
int saltlen, iter;
unsigned char *salt;
const unsigned char *pbuf;
+ int mdsize;
+ int rv = 0;
+ EVP_MD_CTX_init(&ctx);
/* Extract useful info from parameter */
if (param == NULL || param->type != V_ASN1_SEQUENCE ||
@@ -140,26 +112,38 @@
else if (passlen == -1)
passlen = strlen(pass);
- EVP_MD_CTX_init(&ctx);
- EVP_DigestInit_ex(&ctx, md, NULL);
- EVP_DigestUpdate(&ctx, pass, passlen);
- EVP_DigestUpdate(&ctx, salt, saltlen);
+ if (!EVP_DigestInit_ex(&ctx, md, NULL))
+ goto err;
+ if (!EVP_DigestUpdate(&ctx, pass, passlen))
+ goto err;
+ if (!EVP_DigestUpdate(&ctx, salt, saltlen))
+ goto err;
PBEPARAM_free(pbe);
- EVP_DigestFinal_ex(&ctx, md_tmp, NULL);
+ if (!EVP_DigestFinal_ex(&ctx, md_tmp, NULL))
+ goto err;
+ mdsize = EVP_MD_size(md);
+ if (mdsize < 0)
+ return 0;
for (i = 1; i < iter; i++) {
- EVP_DigestInit_ex(&ctx, md, NULL);
- EVP_DigestUpdate(&ctx, md_tmp, EVP_MD_size(md));
- EVP_DigestFinal_ex(&ctx, md_tmp, NULL);
+ if (!EVP_DigestInit_ex(&ctx, md, NULL))
+ goto err;
+ if (!EVP_DigestUpdate(&ctx, md_tmp, mdsize))
+ goto err;
+ if (!EVP_DigestFinal_ex(&ctx, md_tmp, NULL))
+ goto err;
}
- EVP_MD_CTX_cleanup(&ctx);
OPENSSL_assert(EVP_CIPHER_key_length(cipher) <= (int)sizeof(md_tmp));
memcpy(key, md_tmp, EVP_CIPHER_key_length(cipher));
OPENSSL_assert(EVP_CIPHER_iv_length(cipher) <= 16);
memcpy(iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)),
EVP_CIPHER_iv_length(cipher));
- EVP_CipherInit_ex(cctx, cipher, NULL, key, iv, en_de);
+ if (!EVP_CipherInit_ex(cctx, cipher, NULL, key, iv, en_de))
+ goto err;
OPENSSL_cleanse(md_tmp, EVP_MAX_MD_SIZE);
OPENSSL_cleanse(key, EVP_MAX_KEY_LENGTH);
OPENSSL_cleanse(iv, EVP_MAX_IV_LENGTH);
- return 1;
+ rv = 1;
+ err:
+ EVP_MD_CTX_cleanup(&ctx);
+ return rv;
}
Modified: trunk/crypto/openssl/crypto/evp/p5_crpt2.c
===================================================================
--- trunk/crypto/openssl/crypto/evp/p5_crpt2.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/evp/p5_crpt2.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -4,7 +4,7 @@
* 1999.
*/
/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -63,6 +63,7 @@
# include <openssl/x509.h>
# include <openssl/evp.h>
# include <openssl/hmac.h>
+# include "evp_locl.h"
/* set this to print out info about the keygen algorithm */
/* #define DEBUG_PKCS5V2 */
@@ -73,22 +74,25 @@
/*
* This is an implementation of PKCS#5 v2.0 password based encryption key
- * derivation function PBKDF2 using the only currently defined function HMAC
- * with SHA1. Verified against test vectors posted by Peter Gutmann
- * <pgut001 at cs.auckland.ac.nz> to the PKCS-TNG <pkcs-tng at rsa.com> mailing
- * list.
+ * derivation function PBKDF2. SHA1 version verified against test vectors
+ * posted by Peter Gutmann <pgut001 at cs.auckland.ac.nz> to the PKCS-TNG
+ * <pkcs-tng at rsa.com> mailing list.
*/
-int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
- const unsigned char *salt, int saltlen, int iter,
- int keylen, unsigned char *out)
+int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
+ const unsigned char *salt, int saltlen, int iter,
+ const EVP_MD *digest, int keylen, unsigned char *out)
{
- unsigned char digtmp[SHA_DIGEST_LENGTH], *p, itmp[4];
- int cplen, j, k, tkeylen;
+ unsigned char digtmp[EVP_MAX_MD_SIZE], *p, itmp[4];
+ int cplen, j, k, tkeylen, mdlen;
unsigned long i = 1;
- HMAC_CTX hctx;
+ HMAC_CTX hctx_tpl, hctx;
- HMAC_CTX_init(&hctx);
+ mdlen = EVP_MD_size(digest);
+ if (mdlen < 0)
+ return 0;
+
+ HMAC_CTX_init(&hctx_tpl);
p = out;
tkeylen = keylen;
if (!pass)
@@ -95,9 +99,13 @@
passlen = 0;
else if (passlen == -1)
passlen = strlen(pass);
+ if (!HMAC_Init_ex(&hctx_tpl, pass, passlen, digest, NULL)) {
+ HMAC_CTX_cleanup(&hctx_tpl);
+ return 0;
+ }
while (tkeylen) {
- if (tkeylen > SHA_DIGEST_LENGTH)
- cplen = SHA_DIGEST_LENGTH;
+ if (tkeylen > mdlen)
+ cplen = mdlen;
else
cplen = tkeylen;
/*
@@ -108,14 +116,31 @@
itmp[1] = (unsigned char)((i >> 16) & 0xff);
itmp[2] = (unsigned char)((i >> 8) & 0xff);
itmp[3] = (unsigned char)(i & 0xff);
- HMAC_Init_ex(&hctx, pass, passlen, EVP_sha1(), NULL);
- HMAC_Update(&hctx, salt, saltlen);
- HMAC_Update(&hctx, itmp, 4);
- HMAC_Final(&hctx, digtmp, NULL);
+ if (!HMAC_CTX_copy(&hctx, &hctx_tpl)) {
+ HMAC_CTX_cleanup(&hctx_tpl);
+ return 0;
+ }
+ if (!HMAC_Update(&hctx, salt, saltlen)
+ || !HMAC_Update(&hctx, itmp, 4)
+ || !HMAC_Final(&hctx, digtmp, NULL)) {
+ HMAC_CTX_cleanup(&hctx_tpl);
+ HMAC_CTX_cleanup(&hctx);
+ return 0;
+ }
+ HMAC_CTX_cleanup(&hctx);
memcpy(p, digtmp, cplen);
for (j = 1; j < iter; j++) {
- HMAC(EVP_sha1(), pass, passlen,
- digtmp, SHA_DIGEST_LENGTH, digtmp, NULL);
+ if (!HMAC_CTX_copy(&hctx, &hctx_tpl)) {
+ HMAC_CTX_cleanup(&hctx_tpl);
+ return 0;
+ }
+ if (!HMAC_Update(&hctx, digtmp, mdlen)
+ || !HMAC_Final(&hctx, digtmp, NULL)) {
+ HMAC_CTX_cleanup(&hctx_tpl);
+ HMAC_CTX_cleanup(&hctx);
+ return 0;
+ }
+ HMAC_CTX_cleanup(&hctx);
for (k = 0; k < cplen; k++)
p[k] ^= digtmp[k];
}
@@ -123,7 +148,7 @@
i++;
p += cplen;
}
- HMAC_CTX_cleanup(&hctx);
+ HMAC_CTX_cleanup(&hctx_tpl);
# ifdef DEBUG_PKCS5V2
fprintf(stderr, "Password:\n");
h__dump(pass, passlen);
@@ -136,6 +161,14 @@
return 1;
}
+int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
+ const unsigned char *salt, int saltlen, int iter,
+ int keylen, unsigned char *out)
+{
+ return PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, iter, EVP_sha1(),
+ keylen, out);
+}
+
# ifdef DO_TEST
main()
{
@@ -158,18 +191,17 @@
ASN1_TYPE *param, const EVP_CIPHER *c,
const EVP_MD *md, int en_de)
{
- unsigned char *salt, key[EVP_MAX_KEY_LENGTH];
const unsigned char *pbuf;
- int saltlen, iter, plen;
- unsigned int keylen;
+ int plen;
PBE2PARAM *pbe2 = NULL;
const EVP_CIPHER *cipher;
- PBKDF2PARAM *kdf = NULL;
+ int rv = 0;
+
if (param == NULL || param->type != V_ASN1_SEQUENCE ||
param->value.sequence == NULL) {
EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_DECODE_ERROR);
- return 0;
+ goto err;
}
pbuf = param->value.sequence->data;
@@ -176,7 +208,7 @@
plen = param->value.sequence->length;
if (!(pbe2 = d2i_PBE2PARAM(NULL, &pbuf, plen))) {
EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_DECODE_ERROR);
- return 0;
+ goto err;
}
/* See if we recognise the key derivation function */
@@ -191,9 +223,7 @@
* lets see if we recognise the encryption algorithm.
*/
- cipher =
- EVP_get_cipherbyname(OBJ_nid2sn
- (OBJ_obj2nid(pbe2->encryption->algorithm)));
+ cipher = EVP_get_cipherbyobj(pbe2->encryption->algorithm);
if (!cipher) {
EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_UNSUPPORTED_CIPHER);
@@ -201,46 +231,81 @@
}
/* Fixup cipher based on AlgorithmIdentifier */
- EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, en_de);
+ if (!EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, en_de))
+ goto err;
if (EVP_CIPHER_asn1_to_param(ctx, pbe2->encryption->parameter) < 0) {
EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_CIPHER_PARAMETER_ERROR);
goto err;
}
+ rv = PKCS5_v2_PBKDF2_keyivgen(ctx, pass, passlen,
+ pbe2->keyfunc->parameter, c, md, en_de);
+ err:
+ PBE2PARAM_free(pbe2);
+ return rv;
+}
+
+int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass,
+ int passlen, ASN1_TYPE *param,
+ const EVP_CIPHER *c, const EVP_MD *md, int en_de)
+{
+ unsigned char *salt, key[EVP_MAX_KEY_LENGTH];
+ const unsigned char *pbuf;
+ int saltlen, iter, plen;
+ int rv = 0;
+ unsigned int keylen = 0;
+ int prf_nid, hmac_md_nid;
+ PBKDF2PARAM *kdf = NULL;
+ const EVP_MD *prfmd;
+
+ if (EVP_CIPHER_CTX_cipher(ctx) == NULL) {
+ EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_NO_CIPHER_SET);
+ goto err;
+ }
keylen = EVP_CIPHER_CTX_key_length(ctx);
OPENSSL_assert(keylen <= sizeof key);
- /* Now decode key derivation function */
+ /* Decode parameter */
- if (!pbe2->keyfunc->parameter ||
- (pbe2->keyfunc->parameter->type != V_ASN1_SEQUENCE)) {
- EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_DECODE_ERROR);
+ if (!param || (param->type != V_ASN1_SEQUENCE)) {
+ EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_DECODE_ERROR);
goto err;
}
- pbuf = pbe2->keyfunc->parameter->value.sequence->data;
- plen = pbe2->keyfunc->parameter->value.sequence->length;
+ pbuf = param->value.sequence->data;
+ plen = param->value.sequence->length;
+
if (!(kdf = d2i_PBKDF2PARAM(NULL, &pbuf, plen))) {
- EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_DECODE_ERROR);
+ EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_DECODE_ERROR);
goto err;
}
- PBE2PARAM_free(pbe2);
- pbe2 = NULL;
+ keylen = EVP_CIPHER_CTX_key_length(ctx);
/* Now check the parameters of the kdf */
if (kdf->keylength && (ASN1_INTEGER_get(kdf->keylength) != (int)keylen)) {
- EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_UNSUPPORTED_KEYLENGTH);
+ EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_UNSUPPORTED_KEYLENGTH);
goto err;
}
- if (kdf->prf && (OBJ_obj2nid(kdf->prf->algorithm) != NID_hmacWithSHA1)) {
- EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_UNSUPPORTED_PRF);
+ if (kdf->prf)
+ prf_nid = OBJ_obj2nid(kdf->prf->algorithm);
+ else
+ prf_nid = NID_hmacWithSHA1;
+
+ if (!EVP_PBE_find(EVP_PBE_TYPE_PRF, prf_nid, NULL, &hmac_md_nid, 0)) {
+ EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_UNSUPPORTED_PRF);
goto err;
}
+ prfmd = EVP_get_digestbynid(hmac_md_nid);
+ if (prfmd == NULL) {
+ EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_UNSUPPORTED_PRF);
+ goto err;
+ }
+
if (kdf->salt->type != V_ASN1_OCTET_STRING) {
- EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_UNSUPPORTED_SALT_TYPE);
+ EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_UNSUPPORTED_SALT_TYPE);
goto err;
}
@@ -248,16 +313,14 @@
salt = kdf->salt->value.octet_string->data;
saltlen = kdf->salt->value.octet_string->length;
iter = ASN1_INTEGER_get(kdf->iter);
- PKCS5_PBKDF2_HMAC_SHA1(pass, passlen, salt, saltlen, iter, keylen, key);
- EVP_CipherInit_ex(ctx, NULL, NULL, key, NULL, en_de);
+ if (!PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, iter, prfmd,
+ keylen, key))
+ goto err;
+ rv = EVP_CipherInit_ex(ctx, NULL, NULL, key, NULL, en_de);
+ err:
OPENSSL_cleanse(key, keylen);
PBKDF2PARAM_free(kdf);
- return 1;
-
- err:
- PBE2PARAM_free(pbe2);
- PBKDF2PARAM_free(kdf);
- return 0;
+ return rv;
}
# ifdef DEBUG_PKCS5V2
Modified: trunk/crypto/openssl/crypto/evp/p_dec.c
===================================================================
--- trunk/crypto/openssl/crypto/evp/p_dec.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/evp/p_dec.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -66,8 +66,8 @@
#include <openssl/objects.h>
#include <openssl/x509.h>
-int EVP_PKEY_decrypt(unsigned char *key, const unsigned char *ek, int ekl,
- EVP_PKEY *priv)
+int EVP_PKEY_decrypt_old(unsigned char *key, const unsigned char *ek, int ekl,
+ EVP_PKEY *priv)
{
int ret = -1;
@@ -74,7 +74,7 @@
#ifndef OPENSSL_NO_RSA
if (priv->type != EVP_PKEY_RSA) {
#endif
- EVPerr(EVP_F_EVP_PKEY_DECRYPT, EVP_R_PUBLIC_KEY_NOT_RSA);
+ EVPerr(EVP_F_EVP_PKEY_DECRYPT_OLD, EVP_R_PUBLIC_KEY_NOT_RSA);
#ifndef OPENSSL_NO_RSA
goto err;
}
Modified: trunk/crypto/openssl/crypto/evp/p_enc.c
===================================================================
--- trunk/crypto/openssl/crypto/evp/p_enc.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/evp/p_enc.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -66,8 +66,8 @@
#include <openssl/objects.h>
#include <openssl/x509.h>
-int EVP_PKEY_encrypt(unsigned char *ek, const unsigned char *key, int key_len,
- EVP_PKEY *pubk)
+int EVP_PKEY_encrypt_old(unsigned char *ek, const unsigned char *key,
+ int key_len, EVP_PKEY *pubk)
{
int ret = 0;
@@ -74,7 +74,7 @@
#ifndef OPENSSL_NO_RSA
if (pubk->type != EVP_PKEY_RSA) {
#endif
- EVPerr(EVP_F_EVP_PKEY_ENCRYPT, EVP_R_PUBLIC_KEY_NOT_RSA);
+ EVPerr(EVP_F_EVP_PKEY_ENCRYPT_OLD, EVP_R_PUBLIC_KEY_NOT_RSA);
#ifndef OPENSSL_NO_RSA
goto err;
}
Modified: trunk/crypto/openssl/crypto/evp/p_lib.c
===================================================================
--- trunk/crypto/openssl/crypto/evp/p_lib.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/evp/p_lib.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -74,63 +74,26 @@
# include <openssl/dh.h>
#endif
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+#endif
+
+#include "asn1_locl.h"
+
static void EVP_PKEY_free_it(EVP_PKEY *x);
int EVP_PKEY_bits(EVP_PKEY *pkey)
{
- if (0)
- return 0;
-#ifndef OPENSSL_NO_RSA
- else if (pkey->type == EVP_PKEY_RSA)
- return (BN_num_bits(pkey->pkey.rsa->n));
-#endif
-#ifndef OPENSSL_NO_DSA
- else if (pkey->type == EVP_PKEY_DSA)
- return (BN_num_bits(pkey->pkey.dsa->p));
-#endif
-#ifndef OPENSSL_NO_EC
- else if (pkey->type == EVP_PKEY_EC) {
- BIGNUM *order = BN_new();
- const EC_GROUP *group;
- int ret;
-
- if (!order) {
- ERR_clear_error();
- return 0;
- }
- group = EC_KEY_get0_group(pkey->pkey.ec);
- if (!EC_GROUP_get_order(group, order, NULL)) {
- ERR_clear_error();
- return 0;
- }
-
- ret = BN_num_bits(order);
- BN_free(order);
- return ret;
- }
-#endif
- return (0);
+ if (pkey && pkey->ameth && pkey->ameth->pkey_bits)
+ return pkey->ameth->pkey_bits(pkey);
+ return 0;
}
int EVP_PKEY_size(EVP_PKEY *pkey)
{
- if (pkey == NULL)
- return (0);
-#ifndef OPENSSL_NO_RSA
- if (pkey->type == EVP_PKEY_RSA)
- return (RSA_size(pkey->pkey.rsa));
- else
-#endif
-#ifndef OPENSSL_NO_DSA
- if (pkey->type == EVP_PKEY_DSA)
- return (DSA_size(pkey->pkey.dsa));
-#endif
-#ifndef OPENSSL_NO_ECDSA
- if (pkey->type == EVP_PKEY_EC)
- return (ECDSA_size(pkey->pkey.ec));
-#endif
-
- return (0);
+ if (pkey && pkey->ameth && pkey->ameth->pkey_size)
+ return pkey->ameth->pkey_size(pkey);
+ return 0;
}
int EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode)
@@ -167,88 +130,26 @@
EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS, EVP_R_MISSING_PARAMETERS);
goto err;
}
-#ifndef OPENSSL_NO_DSA
- if (to->type == EVP_PKEY_DSA) {
- BIGNUM *a;
-
- if ((a = BN_dup(from->pkey.dsa->p)) == NULL)
- goto err;
- if (to->pkey.dsa->p != NULL)
- BN_free(to->pkey.dsa->p);
- to->pkey.dsa->p = a;
-
- if ((a = BN_dup(from->pkey.dsa->q)) == NULL)
- goto err;
- if (to->pkey.dsa->q != NULL)
- BN_free(to->pkey.dsa->q);
- to->pkey.dsa->q = a;
-
- if ((a = BN_dup(from->pkey.dsa->g)) == NULL)
- goto err;
- if (to->pkey.dsa->g != NULL)
- BN_free(to->pkey.dsa->g);
- to->pkey.dsa->g = a;
- }
-#endif
-#ifndef OPENSSL_NO_EC
- if (to->type == EVP_PKEY_EC) {
- EC_GROUP *group = EC_GROUP_dup(EC_KEY_get0_group(from->pkey.ec));
- if (group == NULL)
- goto err;
- if (EC_KEY_set_group(to->pkey.ec, group) == 0)
- goto err;
- EC_GROUP_free(group);
- }
-#endif
- return (1);
+ if (from->ameth && from->ameth->param_copy)
+ return from->ameth->param_copy(to, from);
err:
- return (0);
+ return 0;
}
int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey)
{
-#ifndef OPENSSL_NO_DSA
- if (pkey->type == EVP_PKEY_DSA) {
- DSA *dsa;
-
- dsa = pkey->pkey.dsa;
- if ((dsa->p == NULL) || (dsa->q == NULL) || (dsa->g == NULL))
- return (1);
- }
-#endif
-#ifndef OPENSSL_NO_EC
- if (pkey->type == EVP_PKEY_EC) {
- if (EC_KEY_get0_group(pkey->pkey.ec) == NULL)
- return (1);
- }
-#endif
-
- return (0);
+ if (pkey->ameth && pkey->ameth->param_missing)
+ return pkey->ameth->param_missing(pkey);
+ return 0;
}
int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
{
-#ifndef OPENSSL_NO_DSA
- if ((a->type == EVP_PKEY_DSA) && (b->type == EVP_PKEY_DSA)) {
- if (BN_cmp(a->pkey.dsa->p, b->pkey.dsa->p) ||
- BN_cmp(a->pkey.dsa->q, b->pkey.dsa->q) ||
- BN_cmp(a->pkey.dsa->g, b->pkey.dsa->g))
- return (0);
- else
- return (1);
- }
-#endif
-#ifndef OPENSSL_NO_EC
- if (a->type == EVP_PKEY_EC && b->type == EVP_PKEY_EC) {
- const EC_GROUP *group_a = EC_KEY_get0_group(a->pkey.ec),
- *group_b = EC_KEY_get0_group(b->pkey.ec);
- if (EC_GROUP_cmp(group_a, group_b, NULL))
- return 0;
- else
- return 1;
- }
-#endif
- return (-1);
+ if (a->type != b->type)
+ return -1;
+ if (a->ameth && a->ameth->param_cmp)
+ return a->ameth->param_cmp(a, b);
+ return -2;
}
int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
@@ -256,49 +157,20 @@
if (a->type != b->type)
return -1;
- if (EVP_PKEY_cmp_parameters(a, b) == 0)
- return 0;
+ if (a->ameth) {
+ int ret;
+ /* Compare parameters if the algorithm has them */
+ if (a->ameth->param_cmp) {
+ ret = a->ameth->param_cmp(a, b);
+ if (ret <= 0)
+ return ret;
+ }
- switch (a->type) {
-#ifndef OPENSSL_NO_RSA
- case EVP_PKEY_RSA:
- if (BN_cmp(b->pkey.rsa->n, a->pkey.rsa->n) != 0
- || BN_cmp(b->pkey.rsa->e, a->pkey.rsa->e) != 0)
- return 0;
- break;
-#endif
-#ifndef OPENSSL_NO_DSA
- case EVP_PKEY_DSA:
- if (BN_cmp(b->pkey.dsa->pub_key, a->pkey.dsa->pub_key) != 0)
- return 0;
- break;
-#endif
-#ifndef OPENSSL_NO_EC
- case EVP_PKEY_EC:
- {
- int r;
- const EC_GROUP *group = EC_KEY_get0_group(b->pkey.ec);
- const EC_POINT *pa = EC_KEY_get0_public_key(a->pkey.ec),
- *pb = EC_KEY_get0_public_key(b->pkey.ec);
- r = EC_POINT_cmp(group, pa, pb, NULL);
- if (r != 0) {
- if (r == 1)
- return 0;
- else
- return -2;
- }
- }
- break;
-#endif
-#ifndef OPENSSL_NO_DH
- case EVP_PKEY_DH:
- return -2;
-#endif
- default:
- return -2;
+ if (a->ameth->pub_cmp)
+ return a->ameth->pub_cmp(a, b);
}
- return 1;
+ return -2;
}
EVP_PKEY *EVP_PKEY_new(void)
@@ -311,7 +183,10 @@
return (NULL);
}
ret->type = EVP_PKEY_NONE;
+ ret->save_type = EVP_PKEY_NONE;
ret->references = 1;
+ ret->ameth = NULL;
+ ret->engine = NULL;
ret->pkey.ptr = NULL;
ret->attributes = NULL;
ret->save_parameters = 1;
@@ -318,18 +193,77 @@
return (ret);
}
-int EVP_PKEY_assign(EVP_PKEY *pkey, int type, char *key)
+/*
+ * Setup a public key ASN1 method and ENGINE from a NID or a string. If pkey
+ * is NULL just return 1 or 0 if the algorithm exists.
+ */
+
+static int pkey_set_type(EVP_PKEY *pkey, int type, const char *str, int len)
{
- if (pkey == NULL)
- return (0);
- if (pkey->pkey.ptr != NULL)
- EVP_PKEY_free_it(pkey);
- pkey->type = EVP_PKEY_type(type);
- pkey->save_type = type;
+ const EVP_PKEY_ASN1_METHOD *ameth;
+ ENGINE *e = NULL;
+ if (pkey) {
+ if (pkey->pkey.ptr)
+ EVP_PKEY_free_it(pkey);
+ /*
+ * If key type matches and a method exists then this lookup has
+ * succeeded once so just indicate success.
+ */
+ if ((type == pkey->save_type) && pkey->ameth)
+ return 1;
+#ifndef OPENSSL_NO_ENGINE
+ /* If we have an ENGINE release it */
+ if (pkey->engine) {
+ ENGINE_finish(pkey->engine);
+ pkey->engine = NULL;
+ }
+#endif
+ }
+ if (str)
+ ameth = EVP_PKEY_asn1_find_str(&e, str, len);
+ else
+ ameth = EVP_PKEY_asn1_find(&e, type);
+#ifndef OPENSSL_NO_ENGINE
+ if (!pkey && e)
+ ENGINE_finish(e);
+#endif
+ if (!ameth) {
+ EVPerr(EVP_F_PKEY_SET_TYPE, EVP_R_UNSUPPORTED_ALGORITHM);
+ return 0;
+ }
+ if (pkey) {
+ pkey->ameth = ameth;
+ pkey->engine = e;
+
+ pkey->type = pkey->ameth->pkey_id;
+ pkey->save_type = type;
+ }
+ return 1;
+}
+
+int EVP_PKEY_set_type(EVP_PKEY *pkey, int type)
+{
+ return pkey_set_type(pkey, type, NULL, -1);
+}
+
+int EVP_PKEY_set_type_str(EVP_PKEY *pkey, const char *str, int len)
+{
+ return pkey_set_type(pkey, EVP_PKEY_NONE, str, len);
+}
+
+int EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key)
+{
+ if (!EVP_PKEY_set_type(pkey, type))
+ return 0;
pkey->pkey.ptr = key;
return (key != NULL);
}
+void *EVP_PKEY_get0(EVP_PKEY *pkey)
+{
+ return pkey->pkey.ptr;
+}
+
#ifndef OPENSSL_NO_RSA
int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key)
{
@@ -414,25 +348,31 @@
int EVP_PKEY_type(int type)
{
- switch (type) {
- case EVP_PKEY_RSA:
- case EVP_PKEY_RSA2:
- return (EVP_PKEY_RSA);
- case EVP_PKEY_DSA:
- case EVP_PKEY_DSA1:
- case EVP_PKEY_DSA2:
- case EVP_PKEY_DSA3:
- case EVP_PKEY_DSA4:
- return (EVP_PKEY_DSA);
- case EVP_PKEY_DH:
- return (EVP_PKEY_DH);
- case EVP_PKEY_EC:
- return (EVP_PKEY_EC);
- default:
- return (NID_undef);
- }
+ int ret;
+ const EVP_PKEY_ASN1_METHOD *ameth;
+ ENGINE *e;
+ ameth = EVP_PKEY_asn1_find(&e, type);
+ if (ameth)
+ ret = ameth->pkey_id;
+ else
+ ret = NID_undef;
+#ifndef OPENSSL_NO_ENGINE
+ if (e)
+ ENGINE_finish(e);
+#endif
+ return ret;
}
+int EVP_PKEY_id(const EVP_PKEY *pkey)
+{
+ return pkey->type;
+}
+
+int EVP_PKEY_base_id(const EVP_PKEY *pkey)
+{
+ return EVP_PKEY_type(pkey->type);
+}
+
void EVP_PKEY_free(EVP_PKEY *x)
{
int i;
@@ -460,30 +400,57 @@
static void EVP_PKEY_free_it(EVP_PKEY *x)
{
- switch (x->type) {
-#ifndef OPENSSL_NO_RSA
- case EVP_PKEY_RSA:
- case EVP_PKEY_RSA2:
- RSA_free(x->pkey.rsa);
- break;
+ if (x->ameth && x->ameth->pkey_free) {
+ x->ameth->pkey_free(x);
+ x->pkey.ptr = NULL;
+ }
+#ifndef OPENSSL_NO_ENGINE
+ if (x->engine) {
+ ENGINE_finish(x->engine);
+ x->engine = NULL;
+ }
#endif
-#ifndef OPENSSL_NO_DSA
- case EVP_PKEY_DSA:
- case EVP_PKEY_DSA2:
- case EVP_PKEY_DSA3:
- case EVP_PKEY_DSA4:
- DSA_free(x->pkey.dsa);
- break;
-#endif
-#ifndef OPENSSL_NO_EC
- case EVP_PKEY_EC:
- EC_KEY_free(x->pkey.ec);
- break;
-#endif
-#ifndef OPENSSL_NO_DH
- case EVP_PKEY_DH:
- DH_free(x->pkey.dh);
- break;
-#endif
- }
}
+
+static int unsup_alg(BIO *out, const EVP_PKEY *pkey, int indent,
+ const char *kstr)
+{
+ BIO_indent(out, indent, 128);
+ BIO_printf(out, "%s algorithm \"%s\" unsupported\n",
+ kstr, OBJ_nid2ln(pkey->type));
+ return 1;
+}
+
+int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey,
+ int indent, ASN1_PCTX *pctx)
+{
+ if (pkey->ameth && pkey->ameth->pub_print)
+ return pkey->ameth->pub_print(out, pkey, indent, pctx);
+
+ return unsup_alg(out, pkey, indent, "Public Key");
+}
+
+int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey,
+ int indent, ASN1_PCTX *pctx)
+{
+ if (pkey->ameth && pkey->ameth->priv_print)
+ return pkey->ameth->priv_print(out, pkey, indent, pctx);
+
+ return unsup_alg(out, pkey, indent, "Private Key");
+}
+
+int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey,
+ int indent, ASN1_PCTX *pctx)
+{
+ if (pkey->ameth && pkey->ameth->param_print)
+ return pkey->ameth->param_print(out, pkey, indent, pctx);
+ return unsup_alg(out, pkey, indent, "Parameters");
+}
+
+int EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid)
+{
+ if (!pkey->ameth || !pkey->ameth->pkey_ctrl)
+ return -2;
+ return pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_DEFAULT_MD_NID,
+ 0, pnid);
+}
Modified: trunk/crypto/openssl/crypto/evp/p_open.c
===================================================================
--- trunk/crypto/openssl/crypto/evp/p_open.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/evp/p_open.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -95,7 +95,7 @@
goto err;
}
- i = EVP_PKEY_decrypt(key, ek, ekl, priv);
+ i = EVP_PKEY_decrypt_old(key, ek, ekl, priv);
if ((i <= 0) || !EVP_CIPHER_CTX_set_key_length(ctx, i)) {
/* ERROR */
goto err;
@@ -116,7 +116,8 @@
int i;
i = EVP_DecryptFinal_ex(ctx, out, outl);
- EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, NULL);
+ if (i)
+ i = EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, NULL);
return (i);
}
#else /* !OPENSSL_NO_RSA */
Modified: trunk/crypto/openssl/crypto/evp/p_seal.c
===================================================================
--- trunk/crypto/openssl/crypto/evp/p_seal.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/evp/p_seal.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -82,15 +82,17 @@
return 1;
if (EVP_CIPHER_CTX_rand_key(ctx, key) <= 0)
return 0;
- if (EVP_CIPHER_CTX_iv_length(ctx))
- RAND_pseudo_bytes(iv, EVP_CIPHER_CTX_iv_length(ctx));
+ if (EVP_CIPHER_CTX_iv_length(ctx)
+ && RAND_bytes(iv, EVP_CIPHER_CTX_iv_length(ctx)) <= 0)
+ return 0;
if (!EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv))
return 0;
for (i = 0; i < npubk; i++) {
- ekl[i] = EVP_PKEY_encrypt(ek[i], key, EVP_CIPHER_CTX_key_length(ctx),
- pubk[i]);
+ ekl[i] =
+ EVP_PKEY_encrypt_old(ek[i], key, EVP_CIPHER_CTX_key_length(ctx),
+ pubk[i]);
if (ekl[i] <= 0)
return (-1);
}
@@ -113,6 +115,7 @@
{
int i;
i = EVP_EncryptFinal_ex(ctx, out, outl);
- EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, NULL);
+ if (i)
+ i = EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, NULL);
return i;
}
Modified: trunk/crypto/openssl/crypto/evp/p_sign.c
===================================================================
--- trunk/crypto/openssl/crypto/evp/p_sign.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/evp/p_sign.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -79,10 +79,37 @@
{
unsigned char m[EVP_MAX_MD_SIZE];
unsigned int m_len;
- int i, ok = 0, v;
+ int i = 0, ok = 0, v;
EVP_MD_CTX tmp_ctx;
+ EVP_PKEY_CTX *pkctx = NULL;
*siglen = 0;
+ EVP_MD_CTX_init(&tmp_ctx);
+ if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx))
+ goto err;
+ if (!EVP_DigestFinal_ex(&tmp_ctx, &(m[0]), &m_len))
+ goto err;
+ EVP_MD_CTX_cleanup(&tmp_ctx);
+
+ if (ctx->digest->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) {
+ size_t sltmp = (size_t)EVP_PKEY_size(pkey);
+ i = 0;
+ pkctx = EVP_PKEY_CTX_new(pkey, NULL);
+ if (!pkctx)
+ goto err;
+ if (EVP_PKEY_sign_init(pkctx) <= 0)
+ goto err;
+ if (EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) <= 0)
+ goto err;
+ if (EVP_PKEY_sign(pkctx, sigret, &sltmp, m, m_len) <= 0)
+ goto err;
+ *siglen = sltmp;
+ i = 1;
+ err:
+ EVP_PKEY_CTX_free(pkctx);
+ return i;
+ }
+
for (i = 0; i < 4; i++) {
v = ctx->digest->required_pkey_type[i];
if (v == 0)
@@ -96,23 +123,11 @@
EVPerr(EVP_F_EVP_SIGNFINAL, EVP_R_WRONG_PUBLIC_KEY_TYPE);
return (0);
}
+
if (ctx->digest->sign == NULL) {
EVPerr(EVP_F_EVP_SIGNFINAL, EVP_R_NO_SIGN_FUNCTION_CONFIGURED);
return (0);
}
- EVP_MD_CTX_init(&tmp_ctx);
- EVP_MD_CTX_copy_ex(&tmp_ctx, ctx);
- if (ctx->digest->flags & EVP_MD_FLAG_SVCTX) {
- EVP_MD_SVCTX sctmp;
- sctmp.mctx = &tmp_ctx;
- sctmp.key = pkey->pkey.ptr;
- i = ctx->digest->sign(ctx->digest->type,
- NULL, -1, sigret, siglen, &sctmp);
- } else {
- EVP_DigestFinal_ex(&tmp_ctx, &(m[0]), &m_len);
- i = ctx->digest->sign(ctx->digest->type, m, m_len, sigret, siglen,
- pkey->pkey.ptr);
- }
- EVP_MD_CTX_cleanup(&tmp_ctx);
- return i;
+ return (ctx->digest->sign(ctx->digest->type, m, m_len, sigret, siglen,
+ pkey->pkey.ptr));
}
Modified: trunk/crypto/openssl/crypto/evp/p_verify.c
===================================================================
--- trunk/crypto/openssl/crypto/evp/p_verify.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/evp/p_verify.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -67,9 +67,32 @@
{
unsigned char m[EVP_MAX_MD_SIZE];
unsigned int m_len;
- int i, ok = 0, v;
+ int i = 0, ok = 0, v;
EVP_MD_CTX tmp_ctx;
+ EVP_PKEY_CTX *pkctx = NULL;
+ EVP_MD_CTX_init(&tmp_ctx);
+ if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx))
+ goto err;
+ if (!EVP_DigestFinal_ex(&tmp_ctx, &(m[0]), &m_len))
+ goto err;
+ EVP_MD_CTX_cleanup(&tmp_ctx);
+
+ if (ctx->digest->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) {
+ i = -1;
+ pkctx = EVP_PKEY_CTX_new(pkey, NULL);
+ if (!pkctx)
+ goto err;
+ if (EVP_PKEY_verify_init(pkctx) <= 0)
+ goto err;
+ if (EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) <= 0)
+ goto err;
+ i = EVP_PKEY_verify(pkctx, sigbuf, siglen, m, m_len);
+ err:
+ EVP_PKEY_CTX_free(pkctx);
+ return i;
+ }
+
for (i = 0; i < 4; i++) {
v = ctx->digest->required_pkey_type[i];
if (v == 0)
@@ -88,19 +111,6 @@
return (0);
}
- EVP_MD_CTX_init(&tmp_ctx);
- EVP_MD_CTX_copy_ex(&tmp_ctx, ctx);
- if (ctx->digest->flags & EVP_MD_FLAG_SVCTX) {
- EVP_MD_SVCTX sctmp;
- sctmp.mctx = &tmp_ctx;
- sctmp.key = pkey->pkey.ptr;
- i = ctx->digest->verify(ctx->digest->type,
- NULL, -1, sigbuf, siglen, &sctmp);
- } else {
- EVP_DigestFinal_ex(&tmp_ctx, &(m[0]), &m_len);
- i = ctx->digest->verify(ctx->digest->type, m, m_len,
- sigbuf, siglen, pkey->pkey.ptr);
- }
- EVP_MD_CTX_cleanup(&tmp_ctx);
- return i;
+ return (ctx->digest->verify(ctx->digest->type, m, m_len,
+ sigbuf, siglen, pkey->pkey.ptr));
}
Copied: trunk/crypto/openssl/crypto/evp/pmeth_fn.c (from rev 7117, vendor-crypto/openssl/dist/crypto/evp/pmeth_fn.c)
===================================================================
--- trunk/crypto/openssl/crypto/evp/pmeth_fn.c (rev 0)
+++ trunk/crypto/openssl/crypto/evp/pmeth_fn.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,346 @@
+/* pmeth_fn.c */
+/*
+ * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+ * 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "cryptlib.h"
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+#include "evp_locl.h"
+
+#define M_check_autoarg(ctx, arg, arglen, err) \
+ if (ctx->pmeth->flags & EVP_PKEY_FLAG_AUTOARGLEN) \
+ { \
+ size_t pksize = (size_t)EVP_PKEY_size(ctx->pkey); \
+ if (!arg) \
+ { \
+ *arglen = pksize; \
+ return 1; \
+ } \
+ else if (*arglen < pksize) \
+ { \
+ EVPerr(err, EVP_R_BUFFER_TOO_SMALL); /*ckerr_ignore*/\
+ return 0; \
+ } \
+ }
+
+int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx)
+{
+ int ret;
+ if (!ctx || !ctx->pmeth || !ctx->pmeth->sign) {
+ EVPerr(EVP_F_EVP_PKEY_SIGN_INIT,
+ EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+ return -2;
+ }
+ ctx->operation = EVP_PKEY_OP_SIGN;
+ if (!ctx->pmeth->sign_init)
+ return 1;
+ ret = ctx->pmeth->sign_init(ctx);
+ if (ret <= 0)
+ ctx->operation = EVP_PKEY_OP_UNDEFINED;
+ return ret;
+}
+
+int EVP_PKEY_sign(EVP_PKEY_CTX *ctx,
+ unsigned char *sig, size_t *siglen,
+ const unsigned char *tbs, size_t tbslen)
+{
+ if (!ctx || !ctx->pmeth || !ctx->pmeth->sign) {
+ EVPerr(EVP_F_EVP_PKEY_SIGN,
+ EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+ return -2;
+ }
+ if (ctx->operation != EVP_PKEY_OP_SIGN) {
+ EVPerr(EVP_F_EVP_PKEY_SIGN, EVP_R_OPERATON_NOT_INITIALIZED);
+ return -1;
+ }
+ M_check_autoarg(ctx, sig, siglen, EVP_F_EVP_PKEY_SIGN)
+ return ctx->pmeth->sign(ctx, sig, siglen, tbs, tbslen);
+}
+
+int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx)
+{
+ int ret;
+ if (!ctx || !ctx->pmeth || !ctx->pmeth->verify) {
+ EVPerr(EVP_F_EVP_PKEY_VERIFY_INIT,
+ EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+ return -2;
+ }
+ ctx->operation = EVP_PKEY_OP_VERIFY;
+ if (!ctx->pmeth->verify_init)
+ return 1;
+ ret = ctx->pmeth->verify_init(ctx);
+ if (ret <= 0)
+ ctx->operation = EVP_PKEY_OP_UNDEFINED;
+ return ret;
+}
+
+int EVP_PKEY_verify(EVP_PKEY_CTX *ctx,
+ const unsigned char *sig, size_t siglen,
+ const unsigned char *tbs, size_t tbslen)
+{
+ if (!ctx || !ctx->pmeth || !ctx->pmeth->verify) {
+ EVPerr(EVP_F_EVP_PKEY_VERIFY,
+ EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+ return -2;
+ }
+ if (ctx->operation != EVP_PKEY_OP_VERIFY) {
+ EVPerr(EVP_F_EVP_PKEY_VERIFY, EVP_R_OPERATON_NOT_INITIALIZED);
+ return -1;
+ }
+ return ctx->pmeth->verify(ctx, sig, siglen, tbs, tbslen);
+}
+
+int EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx)
+{
+ int ret;
+ if (!ctx || !ctx->pmeth || !ctx->pmeth->verify_recover) {
+ EVPerr(EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT,
+ EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+ return -2;
+ }
+ ctx->operation = EVP_PKEY_OP_VERIFYRECOVER;
+ if (!ctx->pmeth->verify_recover_init)
+ return 1;
+ ret = ctx->pmeth->verify_recover_init(ctx);
+ if (ret <= 0)
+ ctx->operation = EVP_PKEY_OP_UNDEFINED;
+ return ret;
+}
+
+int EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx,
+ unsigned char *rout, size_t *routlen,
+ const unsigned char *sig, size_t siglen)
+{
+ if (!ctx || !ctx->pmeth || !ctx->pmeth->verify_recover) {
+ EVPerr(EVP_F_EVP_PKEY_VERIFY_RECOVER,
+ EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+ return -2;
+ }
+ if (ctx->operation != EVP_PKEY_OP_VERIFYRECOVER) {
+ EVPerr(EVP_F_EVP_PKEY_VERIFY_RECOVER, EVP_R_OPERATON_NOT_INITIALIZED);
+ return -1;
+ }
+ M_check_autoarg(ctx, rout, routlen, EVP_F_EVP_PKEY_VERIFY_RECOVER)
+ return ctx->pmeth->verify_recover(ctx, rout, routlen, sig, siglen);
+}
+
+int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx)
+{
+ int ret;
+ if (!ctx || !ctx->pmeth || !ctx->pmeth->encrypt) {
+ EVPerr(EVP_F_EVP_PKEY_ENCRYPT_INIT,
+ EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+ return -2;
+ }
+ ctx->operation = EVP_PKEY_OP_ENCRYPT;
+ if (!ctx->pmeth->encrypt_init)
+ return 1;
+ ret = ctx->pmeth->encrypt_init(ctx);
+ if (ret <= 0)
+ ctx->operation = EVP_PKEY_OP_UNDEFINED;
+ return ret;
+}
+
+int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx,
+ unsigned char *out, size_t *outlen,
+ const unsigned char *in, size_t inlen)
+{
+ if (!ctx || !ctx->pmeth || !ctx->pmeth->encrypt) {
+ EVPerr(EVP_F_EVP_PKEY_ENCRYPT,
+ EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+ return -2;
+ }
+ if (ctx->operation != EVP_PKEY_OP_ENCRYPT) {
+ EVPerr(EVP_F_EVP_PKEY_ENCRYPT, EVP_R_OPERATON_NOT_INITIALIZED);
+ return -1;
+ }
+ M_check_autoarg(ctx, out, outlen, EVP_F_EVP_PKEY_ENCRYPT)
+ return ctx->pmeth->encrypt(ctx, out, outlen, in, inlen);
+}
+
+int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx)
+{
+ int ret;
+ if (!ctx || !ctx->pmeth || !ctx->pmeth->decrypt) {
+ EVPerr(EVP_F_EVP_PKEY_DECRYPT_INIT,
+ EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+ return -2;
+ }
+ ctx->operation = EVP_PKEY_OP_DECRYPT;
+ if (!ctx->pmeth->decrypt_init)
+ return 1;
+ ret = ctx->pmeth->decrypt_init(ctx);
+ if (ret <= 0)
+ ctx->operation = EVP_PKEY_OP_UNDEFINED;
+ return ret;
+}
+
+int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx,
+ unsigned char *out, size_t *outlen,
+ const unsigned char *in, size_t inlen)
+{
+ if (!ctx || !ctx->pmeth || !ctx->pmeth->decrypt) {
+ EVPerr(EVP_F_EVP_PKEY_DECRYPT,
+ EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+ return -2;
+ }
+ if (ctx->operation != EVP_PKEY_OP_DECRYPT) {
+ EVPerr(EVP_F_EVP_PKEY_DECRYPT, EVP_R_OPERATON_NOT_INITIALIZED);
+ return -1;
+ }
+ M_check_autoarg(ctx, out, outlen, EVP_F_EVP_PKEY_DECRYPT)
+ return ctx->pmeth->decrypt(ctx, out, outlen, in, inlen);
+}
+
+int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx)
+{
+ int ret;
+ if (!ctx || !ctx->pmeth || !ctx->pmeth->derive) {
+ EVPerr(EVP_F_EVP_PKEY_DERIVE_INIT,
+ EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+ return -2;
+ }
+ ctx->operation = EVP_PKEY_OP_DERIVE;
+ if (!ctx->pmeth->derive_init)
+ return 1;
+ ret = ctx->pmeth->derive_init(ctx);
+ if (ret <= 0)
+ ctx->operation = EVP_PKEY_OP_UNDEFINED;
+ return ret;
+}
+
+int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer)
+{
+ int ret;
+ if (!ctx || !ctx->pmeth
+ || !(ctx->pmeth->derive || ctx->pmeth->encrypt || ctx->pmeth->decrypt)
+ || !ctx->pmeth->ctrl) {
+ EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER,
+ EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+ return -2;
+ }
+ if (ctx->operation != EVP_PKEY_OP_DERIVE
+ && ctx->operation != EVP_PKEY_OP_ENCRYPT
+ && ctx->operation != EVP_PKEY_OP_DECRYPT) {
+ EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER,
+ EVP_R_OPERATON_NOT_INITIALIZED);
+ return -1;
+ }
+
+ ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 0, peer);
+
+ if (ret <= 0)
+ return ret;
+
+ if (ret == 2)
+ return 1;
+
+ if (!ctx->pkey) {
+ EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER, EVP_R_NO_KEY_SET);
+ return -1;
+ }
+
+ if (ctx->pkey->type != peer->type) {
+ EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER, EVP_R_DIFFERENT_KEY_TYPES);
+ return -1;
+ }
+
+ /*
+ * ran at cryptocom.ru: For clarity. The error is if parameters in peer are
+ * present (!missing) but don't match. EVP_PKEY_cmp_parameters may return
+ * 1 (match), 0 (don't match) and -2 (comparison is not defined). -1
+ * (different key types) is impossible here because it is checked earlier.
+ * -2 is OK for us here, as well as 1, so we can check for 0 only.
+ */
+ if (!EVP_PKEY_missing_parameters(peer) &&
+ !EVP_PKEY_cmp_parameters(ctx->pkey, peer)) {
+ EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER, EVP_R_DIFFERENT_PARAMETERS);
+ return -1;
+ }
+
+ if (ctx->peerkey)
+ EVP_PKEY_free(ctx->peerkey);
+ ctx->peerkey = peer;
+
+ ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 1, peer);
+
+ if (ret <= 0) {
+ ctx->peerkey = NULL;
+ return ret;
+ }
+
+ CRYPTO_add(&peer->references, 1, CRYPTO_LOCK_EVP_PKEY);
+ return 1;
+}
+
+int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *pkeylen)
+{
+ if (!ctx || !ctx->pmeth || !ctx->pmeth->derive) {
+ EVPerr(EVP_F_EVP_PKEY_DERIVE,
+ EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+ return -2;
+ }
+ if (ctx->operation != EVP_PKEY_OP_DERIVE) {
+ EVPerr(EVP_F_EVP_PKEY_DERIVE, EVP_R_OPERATON_NOT_INITIALIZED);
+ return -1;
+ }
+ M_check_autoarg(ctx, key, pkeylen, EVP_F_EVP_PKEY_DERIVE)
+ return ctx->pmeth->derive(ctx, key, pkeylen);
+}
Copied: trunk/crypto/openssl/crypto/evp/pmeth_gn.c (from rev 7117, vendor-crypto/openssl/dist/crypto/evp/pmeth_gn.c)
===================================================================
--- trunk/crypto/openssl/crypto/evp/pmeth_gn.c (rev 0)
+++ trunk/crypto/openssl/crypto/evp/pmeth_gn.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,215 @@
+/* pmeth_gn.c */
+/*
+ * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+ * 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "cryptlib.h"
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+#include <openssl/bn.h>
+#include "evp_locl.h"
+
+int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx)
+{
+ int ret;
+ if (!ctx || !ctx->pmeth || !ctx->pmeth->paramgen) {
+ EVPerr(EVP_F_EVP_PKEY_PARAMGEN_INIT,
+ EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+ return -2;
+ }
+ ctx->operation = EVP_PKEY_OP_PARAMGEN;
+ if (!ctx->pmeth->paramgen_init)
+ return 1;
+ ret = ctx->pmeth->paramgen_init(ctx);
+ if (ret <= 0)
+ ctx->operation = EVP_PKEY_OP_UNDEFINED;
+ return ret;
+}
+
+int EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey)
+{
+ int ret;
+ if (!ctx || !ctx->pmeth || !ctx->pmeth->paramgen) {
+ EVPerr(EVP_F_EVP_PKEY_PARAMGEN,
+ EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+ return -2;
+ }
+
+ if (ctx->operation != EVP_PKEY_OP_PARAMGEN) {
+ EVPerr(EVP_F_EVP_PKEY_PARAMGEN, EVP_R_OPERATON_NOT_INITIALIZED);
+ return -1;
+ }
+
+ if (!ppkey)
+ return -1;
+
+ if (!*ppkey)
+ *ppkey = EVP_PKEY_new();
+
+ ret = ctx->pmeth->paramgen(ctx, *ppkey);
+ if (ret <= 0) {
+ EVP_PKEY_free(*ppkey);
+ *ppkey = NULL;
+ }
+ return ret;
+}
+
+int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx)
+{
+ int ret;
+ if (!ctx || !ctx->pmeth || !ctx->pmeth->keygen) {
+ EVPerr(EVP_F_EVP_PKEY_KEYGEN_INIT,
+ EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+ return -2;
+ }
+ ctx->operation = EVP_PKEY_OP_KEYGEN;
+ if (!ctx->pmeth->keygen_init)
+ return 1;
+ ret = ctx->pmeth->keygen_init(ctx);
+ if (ret <= 0)
+ ctx->operation = EVP_PKEY_OP_UNDEFINED;
+ return ret;
+}
+
+int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey)
+{
+ int ret;
+
+ if (!ctx || !ctx->pmeth || !ctx->pmeth->keygen) {
+ EVPerr(EVP_F_EVP_PKEY_KEYGEN,
+ EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+ return -2;
+ }
+ if (ctx->operation != EVP_PKEY_OP_KEYGEN) {
+ EVPerr(EVP_F_EVP_PKEY_KEYGEN, EVP_R_OPERATON_NOT_INITIALIZED);
+ return -1;
+ }
+
+ if (!ppkey)
+ return -1;
+
+ if (!*ppkey)
+ *ppkey = EVP_PKEY_new();
+
+ ret = ctx->pmeth->keygen(ctx, *ppkey);
+ if (ret <= 0) {
+ EVP_PKEY_free(*ppkey);
+ *ppkey = NULL;
+ }
+ return ret;
+}
+
+void EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX *ctx, EVP_PKEY_gen_cb *cb)
+{
+ ctx->pkey_gencb = cb;
+}
+
+EVP_PKEY_gen_cb *EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx)
+{
+ return ctx->pkey_gencb;
+}
+
+/*
+ * "translation callback" to call EVP_PKEY_CTX callbacks using BN_GENCB style
+ * callbacks.
+ */
+
+static int trans_cb(int a, int b, BN_GENCB *gcb)
+{
+ EVP_PKEY_CTX *ctx = gcb->arg;
+ ctx->keygen_info[0] = a;
+ ctx->keygen_info[1] = b;
+ return ctx->pkey_gencb(ctx);
+}
+
+void evp_pkey_set_cb_translate(BN_GENCB *cb, EVP_PKEY_CTX *ctx)
+{
+ BN_GENCB_set(cb, trans_cb, ctx)
+}
+
+int EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx)
+{
+ if (idx == -1)
+ return ctx->keygen_info_count;
+ if (idx < 0 || idx > ctx->keygen_info_count)
+ return 0;
+ return ctx->keygen_info[idx];
+}
+
+EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e,
+ const unsigned char *key, int keylen)
+{
+ EVP_PKEY_CTX *mac_ctx = NULL;
+ EVP_PKEY *mac_key = NULL;
+ mac_ctx = EVP_PKEY_CTX_new_id(type, e);
+ if (!mac_ctx)
+ return NULL;
+ if (EVP_PKEY_keygen_init(mac_ctx) <= 0)
+ goto merr;
+ if (EVP_PKEY_CTX_ctrl(mac_ctx, -1, EVP_PKEY_OP_KEYGEN,
+ EVP_PKEY_CTRL_SET_MAC_KEY,
+ keylen, (void *)key) <= 0)
+ goto merr;
+ if (EVP_PKEY_keygen(mac_ctx, &mac_key) <= 0)
+ goto merr;
+ merr:
+ if (mac_ctx)
+ EVP_PKEY_CTX_free(mac_ctx);
+ return mac_key;
+}
Copied: trunk/crypto/openssl/crypto/evp/pmeth_lib.c (from rev 7117, vendor-crypto/openssl/dist/crypto/evp/pmeth_lib.c)
===================================================================
--- trunk/crypto/openssl/crypto/evp/pmeth_lib.c (rev 0)
+++ trunk/crypto/openssl/crypto/evp/pmeth_lib.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,609 @@
+/* pmeth_lib.c */
+/*
+ * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+ * 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "cryptlib.h"
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+#endif
+#include "asn1_locl.h"
+#include "evp_locl.h"
+
+typedef int sk_cmp_fn_type(const char *const *a, const char *const *b);
+
+DECLARE_STACK_OF(EVP_PKEY_METHOD)
+STACK_OF(EVP_PKEY_METHOD) *app_pkey_methods = NULL;
+
+extern const EVP_PKEY_METHOD rsa_pkey_meth, dh_pkey_meth, dsa_pkey_meth;
+extern const EVP_PKEY_METHOD ec_pkey_meth, hmac_pkey_meth, cmac_pkey_meth;
+
+static const EVP_PKEY_METHOD *standard_methods[] = {
+#ifndef OPENSSL_NO_RSA
+ &rsa_pkey_meth,
+#endif
+#ifndef OPENSSL_NO_DH
+ &dh_pkey_meth,
+#endif
+#ifndef OPENSSL_NO_DSA
+ &dsa_pkey_meth,
+#endif
+#ifndef OPENSSL_NO_EC
+ &ec_pkey_meth,
+#endif
+ &hmac_pkey_meth,
+ &cmac_pkey_meth
+};
+
+DECLARE_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_METHOD *, const EVP_PKEY_METHOD *,
+ pmeth);
+
+static int pmeth_cmp(const EVP_PKEY_METHOD *const *a,
+ const EVP_PKEY_METHOD *const *b)
+{
+ return ((*a)->pkey_id - (*b)->pkey_id);
+}
+
+IMPLEMENT_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_METHOD *, const EVP_PKEY_METHOD *,
+ pmeth);
+
+const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type)
+{
+ EVP_PKEY_METHOD tmp;
+ const EVP_PKEY_METHOD *t = &tmp, **ret;
+ tmp.pkey_id = type;
+ if (app_pkey_methods) {
+ int idx;
+ idx = sk_EVP_PKEY_METHOD_find(app_pkey_methods, &tmp);
+ if (idx >= 0)
+ return sk_EVP_PKEY_METHOD_value(app_pkey_methods, idx);
+ }
+ ret = OBJ_bsearch_pmeth(&t, standard_methods,
+ sizeof(standard_methods) /
+ sizeof(EVP_PKEY_METHOD *));
+ if (!ret || !*ret)
+ return NULL;
+ return *ret;
+}
+
+static EVP_PKEY_CTX *int_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id)
+{
+ EVP_PKEY_CTX *ret;
+ const EVP_PKEY_METHOD *pmeth;
+ if (id == -1) {
+ if (!pkey || !pkey->ameth)
+ return NULL;
+ id = pkey->ameth->pkey_id;
+ }
+#ifndef OPENSSL_NO_ENGINE
+ if (pkey && pkey->engine)
+ e = pkey->engine;
+ /* Try to find an ENGINE which implements this method */
+ if (e) {
+ if (!ENGINE_init(e)) {
+ EVPerr(EVP_F_INT_CTX_NEW, ERR_R_ENGINE_LIB);
+ return NULL;
+ }
+ } else
+ e = ENGINE_get_pkey_meth_engine(id);
+
+ /*
+ * If an ENGINE handled this method look it up. Othewise use internal
+ * tables.
+ */
+
+ if (e)
+ pmeth = ENGINE_get_pkey_meth(e, id);
+ else
+#endif
+ pmeth = EVP_PKEY_meth_find(id);
+
+ if (pmeth == NULL) {
+ EVPerr(EVP_F_INT_CTX_NEW, EVP_R_UNSUPPORTED_ALGORITHM);
+ return NULL;
+ }
+
+ ret = OPENSSL_malloc(sizeof(EVP_PKEY_CTX));
+ if (!ret) {
+#ifndef OPENSSL_NO_ENGINE
+ if (e)
+ ENGINE_finish(e);
+#endif
+ EVPerr(EVP_F_INT_CTX_NEW, ERR_R_MALLOC_FAILURE);
+ return NULL;
+ }
+ ret->engine = e;
+ ret->pmeth = pmeth;
+ ret->operation = EVP_PKEY_OP_UNDEFINED;
+ ret->pkey = pkey;
+ ret->peerkey = NULL;
+ ret->pkey_gencb = 0;
+ if (pkey)
+ CRYPTO_add(&pkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
+ ret->data = NULL;
+
+ if (pmeth->init) {
+ if (pmeth->init(ret) <= 0) {
+ EVP_PKEY_CTX_free(ret);
+ return NULL;
+ }
+ }
+
+ return ret;
+}
+
+EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags)
+{
+ EVP_PKEY_METHOD *pmeth;
+ pmeth = OPENSSL_malloc(sizeof(EVP_PKEY_METHOD));
+ if (!pmeth)
+ return NULL;
+
+ memset(pmeth, 0, sizeof(EVP_PKEY_METHOD));
+
+ pmeth->pkey_id = id;
+ pmeth->flags = flags | EVP_PKEY_FLAG_DYNAMIC;
+
+ pmeth->init = 0;
+ pmeth->copy = 0;
+ pmeth->cleanup = 0;
+ pmeth->paramgen_init = 0;
+ pmeth->paramgen = 0;
+ pmeth->keygen_init = 0;
+ pmeth->keygen = 0;
+ pmeth->sign_init = 0;
+ pmeth->sign = 0;
+ pmeth->verify_init = 0;
+ pmeth->verify = 0;
+ pmeth->verify_recover_init = 0;
+ pmeth->verify_recover = 0;
+ pmeth->signctx_init = 0;
+ pmeth->signctx = 0;
+ pmeth->verifyctx_init = 0;
+ pmeth->verifyctx = 0;
+ pmeth->encrypt_init = 0;
+ pmeth->encrypt = 0;
+ pmeth->decrypt_init = 0;
+ pmeth->decrypt = 0;
+ pmeth->derive_init = 0;
+ pmeth->derive = 0;
+ pmeth->ctrl = 0;
+ pmeth->ctrl_str = 0;
+
+ return pmeth;
+}
+
+void EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags,
+ const EVP_PKEY_METHOD *meth)
+{
+ if (ppkey_id)
+ *ppkey_id = meth->pkey_id;
+ if (pflags)
+ *pflags = meth->flags;
+}
+
+void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src)
+{
+
+ dst->init = src->init;
+ dst->copy = src->copy;
+ dst->cleanup = src->cleanup;
+
+ dst->paramgen_init = src->paramgen_init;
+ dst->paramgen = src->paramgen;
+
+ dst->keygen_init = src->keygen_init;
+ dst->keygen = src->keygen;
+
+ dst->sign_init = src->sign_init;
+ dst->sign = src->sign;
+
+ dst->verify_init = src->verify_init;
+ dst->verify = src->verify;
+
+ dst->verify_recover_init = src->verify_recover_init;
+ dst->verify_recover = src->verify_recover;
+
+ dst->signctx_init = src->signctx_init;
+ dst->signctx = src->signctx;
+
+ dst->verifyctx_init = src->verifyctx_init;
+ dst->verifyctx = src->verifyctx;
+
+ dst->encrypt_init = src->encrypt_init;
+ dst->encrypt = src->encrypt;
+
+ dst->decrypt_init = src->decrypt_init;
+ dst->decrypt = src->decrypt;
+
+ dst->derive_init = src->derive_init;
+ dst->derive = src->derive;
+
+ dst->ctrl = src->ctrl;
+ dst->ctrl_str = src->ctrl_str;
+}
+
+void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth)
+{
+ if (pmeth && (pmeth->flags & EVP_PKEY_FLAG_DYNAMIC))
+ OPENSSL_free(pmeth);
+}
+
+EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e)
+{
+ return int_ctx_new(pkey, e, -1);
+}
+
+EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e)
+{
+ return int_ctx_new(NULL, e, id);
+}
+
+EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *pctx)
+{
+ EVP_PKEY_CTX *rctx;
+ if (!pctx->pmeth || !pctx->pmeth->copy)
+ return NULL;
+#ifndef OPENSSL_NO_ENGINE
+ /* Make sure it's safe to copy a pkey context using an ENGINE */
+ if (pctx->engine && !ENGINE_init(pctx->engine)) {
+ EVPerr(EVP_F_EVP_PKEY_CTX_DUP, ERR_R_ENGINE_LIB);
+ return 0;
+ }
+#endif
+ rctx = OPENSSL_malloc(sizeof(EVP_PKEY_CTX));
+ if (!rctx)
+ return NULL;
+
+ rctx->pmeth = pctx->pmeth;
+#ifndef OPENSSL_NO_ENGINE
+ rctx->engine = pctx->engine;
+#endif
+
+ if (pctx->pkey)
+ CRYPTO_add(&pctx->pkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
+
+ rctx->pkey = pctx->pkey;
+
+ if (pctx->peerkey)
+ CRYPTO_add(&pctx->peerkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
+
+ rctx->peerkey = pctx->peerkey;
+
+ rctx->data = NULL;
+ rctx->app_data = NULL;
+ rctx->operation = pctx->operation;
+
+ if (pctx->pmeth->copy(rctx, pctx) > 0)
+ return rctx;
+
+ EVP_PKEY_CTX_free(rctx);
+ return NULL;
+
+}
+
+int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth)
+{
+ if (app_pkey_methods == NULL) {
+ app_pkey_methods = sk_EVP_PKEY_METHOD_new(pmeth_cmp);
+ if (!app_pkey_methods)
+ return 0;
+ }
+ if (!sk_EVP_PKEY_METHOD_push(app_pkey_methods, pmeth))
+ return 0;
+ sk_EVP_PKEY_METHOD_sort(app_pkey_methods);
+ return 1;
+}
+
+void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx)
+{
+ if (ctx == NULL)
+ return;
+ if (ctx->pmeth && ctx->pmeth->cleanup)
+ ctx->pmeth->cleanup(ctx);
+ if (ctx->pkey)
+ EVP_PKEY_free(ctx->pkey);
+ if (ctx->peerkey)
+ EVP_PKEY_free(ctx->peerkey);
+#ifndef OPENSSL_NO_ENGINE
+ if (ctx->engine)
+ /*
+ * The EVP_PKEY_CTX we used belongs to an ENGINE, release the
+ * functional reference we held for this reason.
+ */
+ ENGINE_finish(ctx->engine);
+#endif
+ OPENSSL_free(ctx);
+}
+
+int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+ int cmd, int p1, void *p2)
+{
+ int ret;
+ if (!ctx || !ctx->pmeth || !ctx->pmeth->ctrl) {
+ EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_COMMAND_NOT_SUPPORTED);
+ return -2;
+ }
+ if ((keytype != -1) && (ctx->pmeth->pkey_id != keytype))
+ return -1;
+
+ if (ctx->operation == EVP_PKEY_OP_UNDEFINED) {
+ EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_NO_OPERATION_SET);
+ return -1;
+ }
+
+ if ((optype != -1) && !(ctx->operation & optype)) {
+ EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_INVALID_OPERATION);
+ return -1;
+ }
+
+ ret = ctx->pmeth->ctrl(ctx, cmd, p1, p2);
+
+ if (ret == -2)
+ EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_COMMAND_NOT_SUPPORTED);
+
+ return ret;
+
+}
+
+int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx,
+ const char *name, const char *value)
+{
+ if (!ctx || !ctx->pmeth || !ctx->pmeth->ctrl_str) {
+ EVPerr(EVP_F_EVP_PKEY_CTX_CTRL_STR, EVP_R_COMMAND_NOT_SUPPORTED);
+ return -2;
+ }
+ if (!strcmp(name, "digest")) {
+ const EVP_MD *md;
+ if (!value || !(md = EVP_get_digestbyname(value))) {
+ EVPerr(EVP_F_EVP_PKEY_CTX_CTRL_STR, EVP_R_INVALID_DIGEST);
+ return 0;
+ }
+ return EVP_PKEY_CTX_set_signature_md(ctx, md);
+ }
+ return ctx->pmeth->ctrl_str(ctx, name, value);
+}
+
+int EVP_PKEY_CTX_get_operation(EVP_PKEY_CTX *ctx)
+{
+ return ctx->operation;
+}
+
+void EVP_PKEY_CTX_set0_keygen_info(EVP_PKEY_CTX *ctx, int *dat, int datlen)
+{
+ ctx->keygen_info = dat;
+ ctx->keygen_info_count = datlen;
+}
+
+void EVP_PKEY_CTX_set_data(EVP_PKEY_CTX *ctx, void *data)
+{
+ ctx->data = data;
+}
+
+void *EVP_PKEY_CTX_get_data(EVP_PKEY_CTX *ctx)
+{
+ return ctx->data;
+}
+
+EVP_PKEY *EVP_PKEY_CTX_get0_pkey(EVP_PKEY_CTX *ctx)
+{
+ return ctx->pkey;
+}
+
+EVP_PKEY *EVP_PKEY_CTX_get0_peerkey(EVP_PKEY_CTX *ctx)
+{
+ return ctx->peerkey;
+}
+
+void EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX *ctx, void *data)
+{
+ ctx->app_data = data;
+}
+
+void *EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx)
+{
+ return ctx->app_data;
+}
+
+void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
+ int (*init) (EVP_PKEY_CTX *ctx))
+{
+ pmeth->init = init;
+}
+
+void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
+ int (*copy) (EVP_PKEY_CTX *dst,
+ EVP_PKEY_CTX *src))
+{
+ pmeth->copy = copy;
+}
+
+void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
+ void (*cleanup) (EVP_PKEY_CTX *ctx))
+{
+ pmeth->cleanup = cleanup;
+}
+
+void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
+ int (*paramgen_init) (EVP_PKEY_CTX *ctx),
+ int (*paramgen) (EVP_PKEY_CTX *ctx,
+ EVP_PKEY *pkey))
+{
+ pmeth->paramgen_init = paramgen_init;
+ pmeth->paramgen = paramgen;
+}
+
+void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
+ int (*keygen_init) (EVP_PKEY_CTX *ctx),
+ int (*keygen) (EVP_PKEY_CTX *ctx,
+ EVP_PKEY *pkey))
+{
+ pmeth->keygen_init = keygen_init;
+ pmeth->keygen = keygen;
+}
+
+void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
+ int (*sign_init) (EVP_PKEY_CTX *ctx),
+ int (*sign) (EVP_PKEY_CTX *ctx,
+ unsigned char *sig, size_t *siglen,
+ const unsigned char *tbs,
+ size_t tbslen))
+{
+ pmeth->sign_init = sign_init;
+ pmeth->sign = sign;
+}
+
+void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
+ int (*verify_init) (EVP_PKEY_CTX *ctx),
+ int (*verify) (EVP_PKEY_CTX *ctx,
+ const unsigned char *sig,
+ size_t siglen,
+ const unsigned char *tbs,
+ size_t tbslen))
+{
+ pmeth->verify_init = verify_init;
+ pmeth->verify = verify;
+}
+
+void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
+ int (*verify_recover_init) (EVP_PKEY_CTX
+ *ctx),
+ int (*verify_recover) (EVP_PKEY_CTX
+ *ctx,
+ unsigned char
+ *sig,
+ size_t *siglen,
+ const unsigned
+ char *tbs,
+ size_t tbslen))
+{
+ pmeth->verify_recover_init = verify_recover_init;
+ pmeth->verify_recover = verify_recover;
+}
+
+void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
+ int (*signctx_init) (EVP_PKEY_CTX *ctx,
+ EVP_MD_CTX *mctx),
+ int (*signctx) (EVP_PKEY_CTX *ctx,
+ unsigned char *sig,
+ size_t *siglen,
+ EVP_MD_CTX *mctx))
+{
+ pmeth->signctx_init = signctx_init;
+ pmeth->signctx = signctx;
+}
+
+void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
+ int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
+ EVP_MD_CTX *mctx),
+ int (*verifyctx) (EVP_PKEY_CTX *ctx,
+ const unsigned char *sig,
+ int siglen,
+ EVP_MD_CTX *mctx))
+{
+ pmeth->verifyctx_init = verifyctx_init;
+ pmeth->verifyctx = verifyctx;
+}
+
+void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
+ int (*encrypt_init) (EVP_PKEY_CTX *ctx),
+ int (*encryptfn) (EVP_PKEY_CTX *ctx,
+ unsigned char *out,
+ size_t *outlen,
+ const unsigned char *in,
+ size_t inlen))
+{
+ pmeth->encrypt_init = encrypt_init;
+ pmeth->encrypt = encryptfn;
+}
+
+void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
+ int (*decrypt_init) (EVP_PKEY_CTX *ctx),
+ int (*decrypt) (EVP_PKEY_CTX *ctx,
+ unsigned char *out,
+ size_t *outlen,
+ const unsigned char *in,
+ size_t inlen))
+{
+ pmeth->decrypt_init = decrypt_init;
+ pmeth->decrypt = decrypt;
+}
+
+void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
+ int (*derive_init) (EVP_PKEY_CTX *ctx),
+ int (*derive) (EVP_PKEY_CTX *ctx,
+ unsigned char *key,
+ size_t *keylen))
+{
+ pmeth->derive_init = derive_init;
+ pmeth->derive = derive;
+}
+
+void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
+ int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+ void *p2),
+ int (*ctrl_str) (EVP_PKEY_CTX *ctx,
+ const char *type,
+ const char *value))
+{
+ pmeth->ctrl = ctrl;
+ pmeth->ctrl_str = ctrl_str;
+}
Modified: trunk/crypto/openssl/crypto/ex_data.c
===================================================================
--- trunk/crypto/openssl/crypto/ex_data.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/ex_data.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -250,30 +250,33 @@
static int ex_class = CRYPTO_EX_INDEX_USER;
/* The global hash table of EX_CLASS_ITEM items */
-static LHASH *ex_data = NULL;
+DECLARE_LHASH_OF(EX_CLASS_ITEM);
+static LHASH_OF(EX_CLASS_ITEM) *ex_data = NULL;
/* The callbacks required in the "ex_data" hash table */
-static unsigned long ex_hash_cb(const void *a_void)
+static unsigned long ex_class_item_hash(const EX_CLASS_ITEM *a)
{
- return ((const EX_CLASS_ITEM *)a_void)->class_index;
+ return a->class_index;
}
-static int ex_cmp_cb(const void *a_void, const void *b_void)
+static IMPLEMENT_LHASH_HASH_FN(ex_class_item, EX_CLASS_ITEM)
+
+static int ex_class_item_cmp(const EX_CLASS_ITEM *a, const EX_CLASS_ITEM *b)
{
- return (((const EX_CLASS_ITEM *)a_void)->class_index -
- ((const EX_CLASS_ITEM *)b_void)->class_index);
+ return a->class_index - b->class_index;
}
+static IMPLEMENT_LHASH_COMP_FN(ex_class_item, EX_CLASS_ITEM)
+
/*
* Internal functions used by the "impl_default" implementation to access the
* state
*/
-
static int ex_data_check(void)
{
int toret = 1;
CRYPTO_w_lock(CRYPTO_LOCK_EX_DATA);
- if (!ex_data && ((ex_data = lh_new(ex_hash_cb, ex_cmp_cb)) == NULL))
+ if (!ex_data && (ex_data = lh_EX_CLASS_ITEM_new()) == NULL)
toret = 0;
CRYPTO_w_unlock(CRYPTO_LOCK_EX_DATA);
return toret;
@@ -313,7 +316,7 @@
EX_DATA_CHECK(return NULL;)
d.class_index = class_index;
CRYPTO_w_lock(CRYPTO_LOCK_EX_DATA);
- p = lh_retrieve(ex_data, &d);
+ p = lh_EX_CLASS_ITEM_retrieve(ex_data, &d);
if (!p) {
gen = OPENSSL_malloc(sizeof(EX_CLASS_ITEM));
if (gen) {
@@ -327,7 +330,7 @@
* Because we're inside the ex_data lock, the return value
* from the insert will be NULL
*/
- lh_insert(ex_data, gen);
+ (void)lh_EX_CLASS_ITEM_insert(ex_data, gen);
p = gen;
}
}
@@ -388,8 +391,8 @@
static void int_cleanup(void)
{
EX_DATA_CHECK(return;)
- lh_doall(ex_data, def_cleanup_cb);
- lh_free(ex_data);
+ lh_EX_CLASS_ITEM_doall(ex_data, def_cleanup_cb);
+ lh_EX_CLASS_ITEM_free(ex_data);
ex_data = NULL;
impl = NULL;
}
@@ -462,7 +465,7 @@
return 0;
CRYPTO_r_lock(CRYPTO_LOCK_EX_DATA);
mx = sk_CRYPTO_EX_DATA_FUNCS_num(item->meth);
- j = sk_num(from->sk);
+ j = sk_void_num(from->sk);
if (j < mx)
mx = j;
if (mx > 0) {
@@ -497,6 +500,8 @@
EX_CLASS_ITEM *item;
void *ptr;
CRYPTO_EX_DATA_FUNCS **storage = NULL;
+ if (ex_data == NULL)
+ return;
if ((item = def_get_class(class_index)) == NULL)
return;
CRYPTO_r_lock(CRYPTO_LOCK_EX_DATA);
@@ -524,7 +529,7 @@
if (storage)
OPENSSL_free(storage);
if (ad->sk) {
- sk_free(ad->sk);
+ sk_void_free(ad->sk);
ad->sk = NULL;
}
}
@@ -606,21 +611,21 @@
int i;
if (ad->sk == NULL) {
- if ((ad->sk = sk_new_null()) == NULL) {
+ if ((ad->sk = sk_void_new_null()) == NULL) {
CRYPTOerr(CRYPTO_F_CRYPTO_SET_EX_DATA, ERR_R_MALLOC_FAILURE);
return (0);
}
}
- i = sk_num(ad->sk);
+ i = sk_void_num(ad->sk);
while (i <= idx) {
- if (!sk_push(ad->sk, NULL)) {
+ if (!sk_void_push(ad->sk, NULL)) {
CRYPTOerr(CRYPTO_F_CRYPTO_SET_EX_DATA, ERR_R_MALLOC_FAILURE);
return (0);
}
i++;
}
- sk_set(ad->sk, idx, val);
+ sk_void_set(ad->sk, idx, val);
return (1);
}
@@ -632,10 +637,10 @@
{
if (ad->sk == NULL)
return (0);
- else if (idx >= sk_num(ad->sk))
+ else if (idx >= sk_void_num(ad->sk))
return (0);
else
- return (sk_value(ad->sk, idx));
+ return (sk_void_value(ad->sk, idx));
}
IMPLEMENT_STACK_OF(CRYPTO_EX_DATA_FUNCS)
Modified: trunk/crypto/openssl/crypto/fips_err.h
===================================================================
--- trunk/crypto/openssl/crypto/fips_err.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/fips_err.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,6 +1,6 @@
/* crypto/fips_err.h */
/* ====================================================================
- * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -71,41 +71,92 @@
static ERR_STRING_DATA FIPS_str_functs[] = {
{ERR_FUNC(FIPS_F_DH_BUILTIN_GENPARAMS), "DH_BUILTIN_GENPARAMS"},
+ {ERR_FUNC(FIPS_F_DH_INIT), "DH_INIT"},
+ {ERR_FUNC(FIPS_F_DRBG_RESEED), "DRBG_RESEED"},
{ERR_FUNC(FIPS_F_DSA_BUILTIN_PARAMGEN), "DSA_BUILTIN_PARAMGEN"},
+ {ERR_FUNC(FIPS_F_DSA_BUILTIN_PARAMGEN2), "DSA_BUILTIN_PARAMGEN2"},
{ERR_FUNC(FIPS_F_DSA_DO_SIGN), "DSA_do_sign"},
{ERR_FUNC(FIPS_F_DSA_DO_VERIFY), "DSA_do_verify"},
- {ERR_FUNC(FIPS_F_EVP_CIPHERINIT_EX), "EVP_CipherInit_ex"},
- {ERR_FUNC(FIPS_F_EVP_DIGESTINIT_EX), "EVP_DigestInit_ex"},
{ERR_FUNC(FIPS_F_FIPS_CHECK_DSA), "FIPS_CHECK_DSA"},
+ {ERR_FUNC(FIPS_F_FIPS_CHECK_DSA_PRNG), "fips_check_dsa_prng"},
+ {ERR_FUNC(FIPS_F_FIPS_CHECK_EC), "FIPS_CHECK_EC"},
+ {ERR_FUNC(FIPS_F_FIPS_CHECK_EC_PRNG), "fips_check_ec_prng"},
{ERR_FUNC(FIPS_F_FIPS_CHECK_INCORE_FINGERPRINT),
- "FIPS_CHECK_INCORE_FINGERPRINT"},
- {ERR_FUNC(FIPS_F_FIPS_CHECK_RSA), "FIPS_CHECK_RSA"},
- {ERR_FUNC(FIPS_F_FIPS_DSA_CHECK), "FIPS_DSA_CHECK"},
- {ERR_FUNC(FIPS_F_FIPS_MODE_SET), "FIPS_mode_set"},
+ "FIPS_check_incore_fingerprint"},
+ {ERR_FUNC(FIPS_F_FIPS_CHECK_RSA), "fips_check_rsa"},
+ {ERR_FUNC(FIPS_F_FIPS_CHECK_RSA_PRNG), "fips_check_rsa_prng"},
+ {ERR_FUNC(FIPS_F_FIPS_CIPHER), "FIPS_cipher"},
+ {ERR_FUNC(FIPS_F_FIPS_CIPHERINIT), "FIPS_cipherinit"},
+ {ERR_FUNC(FIPS_F_FIPS_CIPHER_CTX_CTRL), "FIPS_CIPHER_CTX_CTRL"},
+ {ERR_FUNC(FIPS_F_FIPS_DIGESTFINAL), "FIPS_digestfinal"},
+ {ERR_FUNC(FIPS_F_FIPS_DIGESTINIT), "FIPS_digestinit"},
+ {ERR_FUNC(FIPS_F_FIPS_DIGESTUPDATE), "FIPS_digestupdate"},
+ {ERR_FUNC(FIPS_F_FIPS_DRBG_BYTES), "FIPS_DRBG_BYTES"},
+ {ERR_FUNC(FIPS_F_FIPS_DRBG_CHECK), "FIPS_DRBG_CHECK"},
+ {ERR_FUNC(FIPS_F_FIPS_DRBG_CPRNG_TEST), "FIPS_DRBG_CPRNG_TEST"},
+ {ERR_FUNC(FIPS_F_FIPS_DRBG_ERROR_CHECK), "FIPS_DRBG_ERROR_CHECK"},
+ {ERR_FUNC(FIPS_F_FIPS_DRBG_GENERATE), "FIPS_drbg_generate"},
+ {ERR_FUNC(FIPS_F_FIPS_DRBG_INIT), "FIPS_drbg_init"},
+ {ERR_FUNC(FIPS_F_FIPS_DRBG_INSTANTIATE), "FIPS_drbg_instantiate"},
+ {ERR_FUNC(FIPS_F_FIPS_DRBG_NEW), "FIPS_drbg_new"},
+ {ERR_FUNC(FIPS_F_FIPS_DRBG_RESEED), "FIPS_drbg_reseed"},
+ {ERR_FUNC(FIPS_F_FIPS_DRBG_SINGLE_KAT), "FIPS_DRBG_SINGLE_KAT"},
+ {ERR_FUNC(FIPS_F_FIPS_DSA_SIGN_DIGEST), "FIPS_dsa_sign_digest"},
+ {ERR_FUNC(FIPS_F_FIPS_DSA_VERIFY_DIGEST), "FIPS_dsa_verify_digest"},
+ {ERR_FUNC(FIPS_F_FIPS_GET_ENTROPY), "FIPS_GET_ENTROPY"},
+ {ERR_FUNC(FIPS_F_FIPS_MODULE_MODE_SET), "FIPS_module_mode_set"},
{ERR_FUNC(FIPS_F_FIPS_PKEY_SIGNATURE_TEST), "fips_pkey_signature_test"},
+ {ERR_FUNC(FIPS_F_FIPS_RAND_ADD), "FIPS_rand_add"},
+ {ERR_FUNC(FIPS_F_FIPS_RAND_BYTES), "FIPS_rand_bytes"},
+ {ERR_FUNC(FIPS_F_FIPS_RAND_PSEUDO_BYTES), "FIPS_rand_pseudo_bytes"},
+ {ERR_FUNC(FIPS_F_FIPS_RAND_SEED), "FIPS_rand_seed"},
+ {ERR_FUNC(FIPS_F_FIPS_RAND_SET_METHOD), "FIPS_rand_set_method"},
+ {ERR_FUNC(FIPS_F_FIPS_RAND_STATUS), "FIPS_rand_status"},
+ {ERR_FUNC(FIPS_F_FIPS_RSA_SIGN_DIGEST), "FIPS_rsa_sign_digest"},
+ {ERR_FUNC(FIPS_F_FIPS_RSA_VERIFY_DIGEST), "FIPS_rsa_verify_digest"},
{ERR_FUNC(FIPS_F_FIPS_SELFTEST_AES), "FIPS_selftest_aes"},
+ {ERR_FUNC(FIPS_F_FIPS_SELFTEST_AES_CCM), "FIPS_selftest_aes_ccm"},
+ {ERR_FUNC(FIPS_F_FIPS_SELFTEST_AES_GCM), "FIPS_selftest_aes_gcm"},
+ {ERR_FUNC(FIPS_F_FIPS_SELFTEST_AES_XTS), "FIPS_selftest_aes_xts"},
+ {ERR_FUNC(FIPS_F_FIPS_SELFTEST_CMAC), "FIPS_selftest_cmac"},
{ERR_FUNC(FIPS_F_FIPS_SELFTEST_DES), "FIPS_selftest_des"},
{ERR_FUNC(FIPS_F_FIPS_SELFTEST_DSA), "FIPS_selftest_dsa"},
+ {ERR_FUNC(FIPS_F_FIPS_SELFTEST_ECDSA), "FIPS_selftest_ecdsa"},
{ERR_FUNC(FIPS_F_FIPS_SELFTEST_HMAC), "FIPS_selftest_hmac"},
- {ERR_FUNC(FIPS_F_FIPS_SELFTEST_RNG), "FIPS_selftest_rng"},
{ERR_FUNC(FIPS_F_FIPS_SELFTEST_SHA1), "FIPS_selftest_sha1"},
+ {ERR_FUNC(FIPS_F_FIPS_SELFTEST_X931), "FIPS_selftest_x931"},
+ {ERR_FUNC(FIPS_F_FIPS_SET_PRNG_KEY), "FIPS_SET_PRNG_KEY"},
{ERR_FUNC(FIPS_F_HASH_FINAL), "HASH_FINAL"},
{ERR_FUNC(FIPS_F_RSA_BUILTIN_KEYGEN), "RSA_BUILTIN_KEYGEN"},
+ {ERR_FUNC(FIPS_F_RSA_EAY_INIT), "RSA_EAY_INIT"},
{ERR_FUNC(FIPS_F_RSA_EAY_PRIVATE_DECRYPT), "RSA_EAY_PRIVATE_DECRYPT"},
{ERR_FUNC(FIPS_F_RSA_EAY_PRIVATE_ENCRYPT), "RSA_EAY_PRIVATE_ENCRYPT"},
{ERR_FUNC(FIPS_F_RSA_EAY_PUBLIC_DECRYPT), "RSA_EAY_PUBLIC_DECRYPT"},
{ERR_FUNC(FIPS_F_RSA_EAY_PUBLIC_ENCRYPT), "RSA_EAY_PUBLIC_ENCRYPT"},
{ERR_FUNC(FIPS_F_RSA_X931_GENERATE_KEY_EX), "RSA_X931_generate_key_ex"},
- {ERR_FUNC(FIPS_F_SSLEAY_RAND_BYTES), "SSLEAY_RAND_BYTES"},
{0, NULL}
};
static ERR_STRING_DATA FIPS_str_reasons[] = {
- {ERR_REASON(FIPS_R_CANNOT_READ_EXE), "cannot read exe"},
- {ERR_REASON(FIPS_R_CANNOT_READ_EXE_DIGEST), "cannot read exe digest"},
+ {ERR_REASON(FIPS_R_ADDITIONAL_INPUT_ERROR_UNDETECTED),
+ "additional input error undetected"},
+ {ERR_REASON(FIPS_R_ADDITIONAL_INPUT_TOO_LONG),
+ "additional input too long"},
+ {ERR_REASON(FIPS_R_ALREADY_INSTANTIATED), "already instantiated"},
+ {ERR_REASON(FIPS_R_AUTHENTICATION_FAILURE), "authentication failure"},
{ERR_REASON(FIPS_R_CONTRADICTING_EVIDENCE), "contradicting evidence"},
- {ERR_REASON(FIPS_R_EXE_DIGEST_DOES_NOT_MATCH),
- "exe digest does not match"},
+ {ERR_REASON(FIPS_R_DRBG_NOT_INITIALISED), "drbg not initialised"},
+ {ERR_REASON(FIPS_R_DRBG_STUCK), "drbg stuck"},
+ {ERR_REASON(FIPS_R_ENTROPY_ERROR_UNDETECTED), "entropy error undetected"},
+ {ERR_REASON(FIPS_R_ENTROPY_NOT_REQUESTED_FOR_RESEED),
+ "entropy not requested for reseed"},
+ {ERR_REASON(FIPS_R_ENTROPY_SOURCE_STUCK), "entropy source stuck"},
+ {ERR_REASON(FIPS_R_ERROR_INITIALISING_DRBG), "error initialising drbg"},
+ {ERR_REASON(FIPS_R_ERROR_INSTANTIATING_DRBG), "error instantiating drbg"},
+ {ERR_REASON(FIPS_R_ERROR_RETRIEVING_ADDITIONAL_INPUT),
+ "error retrieving additional input"},
+ {ERR_REASON(FIPS_R_ERROR_RETRIEVING_ENTROPY), "error retrieving entropy"},
+ {ERR_REASON(FIPS_R_ERROR_RETRIEVING_NONCE), "error retrieving nonce"},
{ERR_REASON(FIPS_R_FINGERPRINT_DOES_NOT_MATCH),
"fingerprint does not match"},
{ERR_REASON(FIPS_R_FINGERPRINT_DOES_NOT_MATCH_NONPIC_RELOCATED),
@@ -114,14 +165,46 @@
"fingerprint does not match segment aliasing"},
{ERR_REASON(FIPS_R_FIPS_MODE_ALREADY_SET), "fips mode already set"},
{ERR_REASON(FIPS_R_FIPS_SELFTEST_FAILED), "fips selftest failed"},
+ {ERR_REASON(FIPS_R_FUNCTION_ERROR), "function error"},
+ {ERR_REASON(FIPS_R_GENERATE_ERROR), "generate error"},
+ {ERR_REASON(FIPS_R_GENERATE_ERROR_UNDETECTED),
+ "generate error undetected"},
+ {ERR_REASON(FIPS_R_INSTANTIATE_ERROR), "instantiate error"},
+ {ERR_REASON(FIPS_R_INSUFFICIENT_SECURITY_STRENGTH),
+ "insufficient security strength"},
+ {ERR_REASON(FIPS_R_INTERNAL_ERROR), "internal error"},
{ERR_REASON(FIPS_R_INVALID_KEY_LENGTH), "invalid key length"},
+ {ERR_REASON(FIPS_R_INVALID_PARAMETERS), "invalid parameters"},
+ {ERR_REASON(FIPS_R_IN_ERROR_STATE), "in error state"},
{ERR_REASON(FIPS_R_KEY_TOO_SHORT), "key too short"},
+ {ERR_REASON(FIPS_R_NONCE_ERROR_UNDETECTED), "nonce error undetected"},
{ERR_REASON(FIPS_R_NON_FIPS_METHOD), "non fips method"},
+ {ERR_REASON(FIPS_R_NOPR_TEST1_FAILURE), "nopr test1 failure"},
+ {ERR_REASON(FIPS_R_NOPR_TEST2_FAILURE), "nopr test2 failure"},
+ {ERR_REASON(FIPS_R_NOT_INSTANTIATED), "not instantiated"},
{ERR_REASON(FIPS_R_PAIRWISE_TEST_FAILED), "pairwise test failed"},
- {ERR_REASON(FIPS_R_RSA_DECRYPT_ERROR), "rsa decrypt error"},
- {ERR_REASON(FIPS_R_RSA_ENCRYPT_ERROR), "rsa encrypt error"},
+ {ERR_REASON(FIPS_R_PERSONALISATION_ERROR_UNDETECTED),
+ "personalisation error undetected"},
+ {ERR_REASON(FIPS_R_PERSONALISATION_STRING_TOO_LONG),
+ "personalisation string too long"},
+ {ERR_REASON(FIPS_R_PRNG_STRENGTH_TOO_LOW), "prng strength too low"},
+ {ERR_REASON(FIPS_R_PR_TEST1_FAILURE), "pr test1 failure"},
+ {ERR_REASON(FIPS_R_PR_TEST2_FAILURE), "pr test2 failure"},
+ {ERR_REASON(FIPS_R_REQUEST_LENGTH_ERROR_UNDETECTED),
+ "request length error undetected"},
+ {ERR_REASON(FIPS_R_REQUEST_TOO_LARGE_FOR_DRBG),
+ "request too large for drbg"},
+ {ERR_REASON(FIPS_R_RESEED_COUNTER_ERROR), "reseed counter error"},
+ {ERR_REASON(FIPS_R_RESEED_ERROR), "reseed error"},
{ERR_REASON(FIPS_R_SELFTEST_FAILED), "selftest failed"},
+ {ERR_REASON(FIPS_R_SELFTEST_FAILURE), "selftest failure"},
+ {ERR_REASON(FIPS_R_STRENGTH_ERROR_UNDETECTED),
+ "strength error undetected"},
{ERR_REASON(FIPS_R_TEST_FAILURE), "test failure"},
+ {ERR_REASON(FIPS_R_UNINSTANTIATE_ERROR), "uninstantiate error"},
+ {ERR_REASON(FIPS_R_UNINSTANTIATE_ZEROISE_ERROR),
+ "uninstantiate zeroise error"},
+ {ERR_REASON(FIPS_R_UNSUPPORTED_DRBG_TYPE), "unsupported drbg type"},
{ERR_REASON(FIPS_R_UNSUPPORTED_PLATFORM), "unsupported platform"},
{0, NULL}
};
Copied: trunk/crypto/openssl/crypto/fips_ers.c (from rev 7117, vendor-crypto/openssl/dist/crypto/fips_ers.c)
===================================================================
--- trunk/crypto/openssl/crypto/fips_ers.c (rev 0)
+++ trunk/crypto/openssl/crypto/fips_ers.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,7 @@
+#include <openssl/opensslconf.h>
+
+#ifdef OPENSSL_FIPS
+# include "fips_err.h"
+#else
+static void *dummy = &dummy;
+#endif
Modified: trunk/crypto/openssl/crypto/hmac/Makefile
===================================================================
--- trunk/crypto/openssl/crypto/hmac/Makefile 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/hmac/Makefile 2015-07-21 23:23:45 UTC (rev 7118)
@@ -17,8 +17,8 @@
APPS=
LIB=$(TOP)/libcrypto.a
-LIBSRC=hmac.c
-LIBOBJ=hmac.o
+LIBSRC=hmac.c hm_ameth.c hm_pmeth.c
+LIBOBJ=hmac.o hm_ameth.o hm_pmeth.o
SRC= $(LIBSRC)
@@ -33,7 +33,7 @@
all: lib
lib: $(LIBOBJ)
- $(ARX) $(LIB) $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
@@ -61,6 +61,8 @@
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
+update: depend
+
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
@@ -74,13 +76,37 @@
# DO NOT DELETE THIS LINE -- make depend depends on it.
+hm_ameth.o: ../../e_os.h ../../include/openssl/asn1.h
+hm_ameth.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+hm_ameth.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+hm_ameth.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+hm_ameth.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+hm_ameth.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+hm_ameth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+hm_ameth.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+hm_ameth.o: ../../include/openssl/symhacks.h ../asn1/asn1_locl.h ../cryptlib.h
+hm_ameth.o: hm_ameth.c
+hm_pmeth.o: ../../e_os.h ../../include/openssl/asn1.h
+hm_pmeth.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+hm_pmeth.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+hm_pmeth.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+hm_pmeth.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+hm_pmeth.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+hm_pmeth.o: ../../include/openssl/hmac.h ../../include/openssl/lhash.h
+hm_pmeth.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+hm_pmeth.o: ../../include/openssl/opensslconf.h
+hm_pmeth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+hm_pmeth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+hm_pmeth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+hm_pmeth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+hm_pmeth.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+hm_pmeth.o: ../cryptlib.h ../evp/evp_locl.h hm_pmeth.c
hmac.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
hmac.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
hmac.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-hmac.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-hmac.o: ../../include/openssl/hmac.h ../../include/openssl/lhash.h
-hmac.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-hmac.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-hmac.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-hmac.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-hmac.o: ../cryptlib.h hmac.c
+hmac.o: ../../include/openssl/evp.h ../../include/openssl/hmac.h
+hmac.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+hmac.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+hmac.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+hmac.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+hmac.o: ../../include/openssl/symhacks.h ../cryptlib.h hmac.c
Copied: trunk/crypto/openssl/crypto/hmac/hm_ameth.c (from rev 7117, vendor-crypto/openssl/dist/crypto/hmac/hm_ameth.c)
===================================================================
--- trunk/crypto/openssl/crypto/hmac/hm_ameth.c (rev 0)
+++ trunk/crypto/openssl/crypto/hmac/hm_ameth.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,162 @@
+/*
+ * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+ * 2007.
+ */
+/* ====================================================================
+ * Copyright (c) 2007 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/evp.h>
+#include "asn1_locl.h"
+
+#define HMAC_TEST_PRIVATE_KEY_FORMAT
+
+/*
+ * HMAC "ASN1" method. This is just here to indicate the maximum HMAC output
+ * length and to free up an HMAC key.
+ */
+
+static int hmac_size(const EVP_PKEY *pkey)
+{
+ return EVP_MAX_MD_SIZE;
+}
+
+static void hmac_key_free(EVP_PKEY *pkey)
+{
+ ASN1_OCTET_STRING *os = (ASN1_OCTET_STRING *)pkey->pkey.ptr;
+ if (os) {
+ if (os->data)
+ OPENSSL_cleanse(os->data, os->length);
+ ASN1_OCTET_STRING_free(os);
+ }
+}
+
+static int hmac_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
+{
+ switch (op) {
+ case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
+ *(int *)arg2 = NID_sha1;
+ return 1;
+
+ default:
+ return -2;
+ }
+}
+
+#ifdef HMAC_TEST_PRIVATE_KEY_FORMAT
+/*
+ * A bogus private key format for test purposes. This is simply the HMAC key
+ * with "HMAC PRIVATE KEY" in the headers. When enabled the genpkey utility
+ * can be used to "generate" HMAC keys.
+ */
+
+static int old_hmac_decode(EVP_PKEY *pkey,
+ const unsigned char **pder, int derlen)
+{
+ ASN1_OCTET_STRING *os;
+ os = ASN1_OCTET_STRING_new();
+ if (!os || !ASN1_OCTET_STRING_set(os, *pder, derlen))
+ return 0;
+ EVP_PKEY_assign(pkey, EVP_PKEY_HMAC, os);
+ return 1;
+}
+
+static int old_hmac_encode(const EVP_PKEY *pkey, unsigned char **pder)
+{
+ int inc;
+ ASN1_OCTET_STRING *os = (ASN1_OCTET_STRING *)pkey->pkey.ptr;
+ if (pder) {
+ if (!*pder) {
+ *pder = OPENSSL_malloc(os->length);
+ inc = 0;
+ } else
+ inc = 1;
+
+ memcpy(*pder, os->data, os->length);
+
+ if (inc)
+ *pder += os->length;
+ }
+
+ return os->length;
+}
+
+#endif
+
+const EVP_PKEY_ASN1_METHOD hmac_asn1_meth = {
+ EVP_PKEY_HMAC,
+ EVP_PKEY_HMAC,
+ 0,
+
+ "HMAC",
+ "OpenSSL HMAC method",
+
+ 0, 0, 0, 0,
+
+ 0, 0, 0,
+
+ hmac_size,
+ 0,
+ 0, 0, 0, 0, 0, 0, 0,
+
+ hmac_key_free,
+ hmac_pkey_ctrl,
+#ifdef HMAC_TEST_PRIVATE_KEY_FORMAT
+ old_hmac_decode,
+ old_hmac_encode
+#else
+ 0, 0
+#endif
+};
Copied: trunk/crypto/openssl/crypto/hmac/hm_pmeth.c (from rev 7117, vendor-crypto/openssl/dist/crypto/hmac/hm_pmeth.c)
===================================================================
--- trunk/crypto/openssl/crypto/hmac/hm_pmeth.c (rev 0)
+++ trunk/crypto/openssl/crypto/hmac/hm_pmeth.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,262 @@
+/*
+ * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+ * 2007.
+ */
+/* ====================================================================
+ * Copyright (c) 2007 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+#include <openssl/evp.h>
+#include <openssl/hmac.h>
+#include "evp_locl.h"
+
+/* HMAC pkey context structure */
+
+typedef struct {
+ const EVP_MD *md; /* MD for HMAC use */
+ ASN1_OCTET_STRING ktmp; /* Temp storage for key */
+ HMAC_CTX ctx;
+} HMAC_PKEY_CTX;
+
+static int pkey_hmac_init(EVP_PKEY_CTX *ctx)
+{
+ HMAC_PKEY_CTX *hctx;
+ hctx = OPENSSL_malloc(sizeof(HMAC_PKEY_CTX));
+ if (!hctx)
+ return 0;
+ hctx->md = NULL;
+ hctx->ktmp.data = NULL;
+ hctx->ktmp.length = 0;
+ hctx->ktmp.flags = 0;
+ hctx->ktmp.type = V_ASN1_OCTET_STRING;
+ HMAC_CTX_init(&hctx->ctx);
+
+ ctx->data = hctx;
+ ctx->keygen_info_count = 0;
+
+ return 1;
+}
+
+static int pkey_hmac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
+{
+ HMAC_PKEY_CTX *sctx, *dctx;
+ if (!pkey_hmac_init(dst))
+ return 0;
+ sctx = src->data;
+ dctx = dst->data;
+ dctx->md = sctx->md;
+ HMAC_CTX_init(&dctx->ctx);
+ if (!HMAC_CTX_copy(&dctx->ctx, &sctx->ctx))
+ return 0;
+ if (sctx->ktmp.data) {
+ if (!ASN1_OCTET_STRING_set(&dctx->ktmp,
+ sctx->ktmp.data, sctx->ktmp.length))
+ return 0;
+ }
+ return 1;
+}
+
+static void pkey_hmac_cleanup(EVP_PKEY_CTX *ctx)
+{
+ HMAC_PKEY_CTX *hctx = ctx->data;
+ HMAC_CTX_cleanup(&hctx->ctx);
+ if (hctx->ktmp.data) {
+ if (hctx->ktmp.length)
+ OPENSSL_cleanse(hctx->ktmp.data, hctx->ktmp.length);
+ OPENSSL_free(hctx->ktmp.data);
+ hctx->ktmp.data = NULL;
+ }
+ OPENSSL_free(hctx);
+}
+
+static int pkey_hmac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
+{
+ ASN1_OCTET_STRING *hkey = NULL;
+ HMAC_PKEY_CTX *hctx = ctx->data;
+ if (!hctx->ktmp.data)
+ return 0;
+ hkey = ASN1_OCTET_STRING_dup(&hctx->ktmp);
+ if (!hkey)
+ return 0;
+ EVP_PKEY_assign(pkey, EVP_PKEY_HMAC, hkey);
+
+ return 1;
+}
+
+static int int_update(EVP_MD_CTX *ctx, const void *data, size_t count)
+{
+ HMAC_PKEY_CTX *hctx = ctx->pctx->data;
+ if (!HMAC_Update(&hctx->ctx, data, count))
+ return 0;
+ return 1;
+}
+
+static int hmac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx)
+{
+ HMAC_PKEY_CTX *hctx = ctx->data;
+ HMAC_CTX_set_flags(&hctx->ctx, mctx->flags & ~EVP_MD_CTX_FLAG_NO_INIT);
+ EVP_MD_CTX_set_flags(mctx, EVP_MD_CTX_FLAG_NO_INIT);
+ mctx->update = int_update;
+ return 1;
+}
+
+static int hmac_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+ EVP_MD_CTX *mctx)
+{
+ unsigned int hlen;
+ HMAC_PKEY_CTX *hctx = ctx->data;
+ int l = EVP_MD_CTX_size(mctx);
+
+ if (l < 0)
+ return 0;
+ *siglen = l;
+ if (!sig)
+ return 1;
+
+ if (!HMAC_Final(&hctx->ctx, sig, &hlen))
+ return 0;
+ *siglen = (size_t)hlen;
+ return 1;
+}
+
+static int pkey_hmac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
+{
+ HMAC_PKEY_CTX *hctx = ctx->data;
+ ASN1_OCTET_STRING *key;
+ switch (type) {
+
+ case EVP_PKEY_CTRL_SET_MAC_KEY:
+ if ((!p2 && p1 > 0) || (p1 < -1))
+ return 0;
+ if (!ASN1_OCTET_STRING_set(&hctx->ktmp, p2, p1))
+ return 0;
+ break;
+
+ case EVP_PKEY_CTRL_MD:
+ hctx->md = p2;
+ break;
+
+ case EVP_PKEY_CTRL_DIGESTINIT:
+ key = (ASN1_OCTET_STRING *)ctx->pkey->pkey.ptr;
+ if (!HMAC_Init_ex(&hctx->ctx, key->data, key->length, hctx->md,
+ ctx->engine))
+ return 0;
+ break;
+
+ default:
+ return -2;
+
+ }
+ return 1;
+}
+
+static int pkey_hmac_ctrl_str(EVP_PKEY_CTX *ctx,
+ const char *type, const char *value)
+{
+ if (!value) {
+ return 0;
+ }
+ if (!strcmp(type, "key")) {
+ void *p = (void *)value;
+ return pkey_hmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, -1, p);
+ }
+ if (!strcmp(type, "hexkey")) {
+ unsigned char *key;
+ int r;
+ long keylen;
+ key = string_to_hex(value, &keylen);
+ if (!key)
+ return 0;
+ r = pkey_hmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, keylen, key);
+ OPENSSL_free(key);
+ return r;
+ }
+ return -2;
+}
+
+const EVP_PKEY_METHOD hmac_pkey_meth = {
+ EVP_PKEY_HMAC,
+ 0,
+ pkey_hmac_init,
+ pkey_hmac_copy,
+ pkey_hmac_cleanup,
+
+ 0, 0,
+
+ 0,
+ pkey_hmac_keygen,
+
+ 0, 0,
+
+ 0, 0,
+
+ 0, 0,
+
+ hmac_signctx_init,
+ hmac_signctx,
+
+ 0, 0,
+
+ 0, 0,
+
+ 0, 0,
+
+ 0, 0,
+
+ pkey_hmac_ctrl,
+ pkey_hmac_ctrl_str
+};
Modified: trunk/crypto/openssl/crypto/hmac/hmac.c
===================================================================
--- trunk/crypto/openssl/crypto/hmac/hmac.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/hmac/hmac.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -61,19 +61,44 @@
#include "cryptlib.h"
#include <openssl/hmac.h>
-#ifndef OPENSSL_FIPS
+#ifdef OPENSSL_FIPS
+# include <openssl/fips.h>
+#endif
-void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
- const EVP_MD *md, ENGINE *impl)
+int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
+ const EVP_MD *md, ENGINE *impl)
{
int i, j, reset = 0;
unsigned char pad[HMAC_MAX_MD_CBLOCK];
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode()) {
+ /* If we have an ENGINE need to allow non FIPS */
+ if ((impl || ctx->i_ctx.engine)
+ && !(ctx->i_ctx.flags & EVP_CIPH_FLAG_NON_FIPS_ALLOW)) {
+ EVPerr(EVP_F_HMAC_INIT_EX, EVP_R_DISABLED_FOR_FIPS);
+ return 0;
+ }
+ /*
+ * Other algorithm blocking will be done in FIPS_cmac_init, via
+ * FIPS_hmac_init_ex().
+ */
+ if (!impl && !ctx->i_ctx.engine)
+ return FIPS_hmac_init_ex(ctx, key, len, md, NULL);
+ }
+#endif
+ /* If we are changing MD then we must have a key */
+ if (md != NULL && md != ctx->md && (key == NULL || len < 0))
+ return 0;
+
if (md != NULL) {
reset = 1;
ctx->md = md;
- } else
+ } else if (ctx->md) {
md = ctx->md;
+ } else {
+ return 0;
+ }
if (key != NULL) {
reset = 1;
@@ -80,11 +105,16 @@
j = EVP_MD_block_size(md);
OPENSSL_assert(j <= (int)sizeof(ctx->key));
if (j < len) {
- EVP_DigestInit_ex(&ctx->md_ctx, md, impl);
- EVP_DigestUpdate(&ctx->md_ctx, key, len);
- EVP_DigestFinal_ex(&(ctx->md_ctx), ctx->key, &ctx->key_length);
+ if (!EVP_DigestInit_ex(&ctx->md_ctx, md, impl))
+ goto err;
+ if (!EVP_DigestUpdate(&ctx->md_ctx, key, len))
+ goto err;
+ if (!EVP_DigestFinal_ex(&(ctx->md_ctx), ctx->key,
+ &ctx->key_length))
+ goto err;
} else {
- OPENSSL_assert(len >= 0 && len <= (int)sizeof(ctx->key));
+ if (len < 0 || len > (int)sizeof(ctx->key))
+ return 0;
memcpy(ctx->key, key, len);
ctx->key_length = len;
}
@@ -96,38 +126,67 @@
if (reset) {
for (i = 0; i < HMAC_MAX_MD_CBLOCK; i++)
pad[i] = 0x36 ^ ctx->key[i];
- EVP_DigestInit_ex(&ctx->i_ctx, md, impl);
- EVP_DigestUpdate(&ctx->i_ctx, pad, EVP_MD_block_size(md));
+ if (!EVP_DigestInit_ex(&ctx->i_ctx, md, impl))
+ goto err;
+ if (!EVP_DigestUpdate(&ctx->i_ctx, pad, EVP_MD_block_size(md)))
+ goto err;
for (i = 0; i < HMAC_MAX_MD_CBLOCK; i++)
pad[i] = 0x5c ^ ctx->key[i];
- EVP_DigestInit_ex(&ctx->o_ctx, md, impl);
- EVP_DigestUpdate(&ctx->o_ctx, pad, EVP_MD_block_size(md));
+ if (!EVP_DigestInit_ex(&ctx->o_ctx, md, impl))
+ goto err;
+ if (!EVP_DigestUpdate(&ctx->o_ctx, pad, EVP_MD_block_size(md)))
+ goto err;
}
- EVP_MD_CTX_copy_ex(&ctx->md_ctx, &ctx->i_ctx);
+ if (!EVP_MD_CTX_copy_ex(&ctx->md_ctx, &ctx->i_ctx))
+ goto err;
+ return 1;
+ err:
+ return 0;
}
-void HMAC_Init(HMAC_CTX *ctx, const void *key, int len, const EVP_MD *md)
+int HMAC_Init(HMAC_CTX *ctx, const void *key, int len, const EVP_MD *md)
{
if (key && md)
HMAC_CTX_init(ctx);
- HMAC_Init_ex(ctx, key, len, md, NULL);
+ return HMAC_Init_ex(ctx, key, len, md, NULL);
}
-void HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len)
+int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len)
{
- EVP_DigestUpdate(&ctx->md_ctx, data, len);
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode() && !ctx->i_ctx.engine)
+ return FIPS_hmac_update(ctx, data, len);
+#endif
+ if (!ctx->md)
+ return 0;
+
+ return EVP_DigestUpdate(&ctx->md_ctx, data, len);
}
-void HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len)
+int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len)
{
unsigned int i;
unsigned char buf[EVP_MAX_MD_SIZE];
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode() && !ctx->i_ctx.engine)
+ return FIPS_hmac_final(ctx, md, len);
+#endif
- EVP_DigestFinal_ex(&ctx->md_ctx, buf, &i);
- EVP_MD_CTX_copy_ex(&ctx->md_ctx, &ctx->o_ctx);
- EVP_DigestUpdate(&ctx->md_ctx, buf, i);
- EVP_DigestFinal_ex(&ctx->md_ctx, md, len);
+ if (!ctx->md)
+ goto err;
+
+ if (!EVP_DigestFinal_ex(&ctx->md_ctx, buf, &i))
+ goto err;
+ if (!EVP_MD_CTX_copy_ex(&ctx->md_ctx, &ctx->o_ctx))
+ goto err;
+ if (!EVP_DigestUpdate(&ctx->md_ctx, buf, i))
+ goto err;
+ if (!EVP_DigestFinal_ex(&ctx->md_ctx, md, len))
+ goto err;
+ return 1;
+ err:
+ return 0;
}
void HMAC_CTX_init(HMAC_CTX *ctx)
@@ -135,10 +194,33 @@
EVP_MD_CTX_init(&ctx->i_ctx);
EVP_MD_CTX_init(&ctx->o_ctx);
EVP_MD_CTX_init(&ctx->md_ctx);
+ ctx->md = NULL;
}
+int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx)
+{
+ if (!EVP_MD_CTX_copy(&dctx->i_ctx, &sctx->i_ctx))
+ goto err;
+ if (!EVP_MD_CTX_copy(&dctx->o_ctx, &sctx->o_ctx))
+ goto err;
+ if (!EVP_MD_CTX_copy(&dctx->md_ctx, &sctx->md_ctx))
+ goto err;
+ memcpy(dctx->key, sctx->key, HMAC_MAX_MD_CBLOCK);
+ dctx->key_length = sctx->key_length;
+ dctx->md = sctx->md;
+ return 1;
+ err:
+ return 0;
+}
+
void HMAC_CTX_cleanup(HMAC_CTX *ctx)
{
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode() && !ctx->i_ctx.engine) {
+ FIPS_hmac_ctx_cleanup(ctx);
+ return;
+ }
+#endif
EVP_MD_CTX_cleanup(&ctx->i_ctx);
EVP_MD_CTX_cleanup(&ctx->o_ctx);
EVP_MD_CTX_cleanup(&ctx->md_ctx);
@@ -155,11 +237,17 @@
if (md == NULL)
md = m;
HMAC_CTX_init(&c);
- HMAC_Init(&c, key, key_len, evp_md);
- HMAC_Update(&c, d, n);
- HMAC_Final(&c, md, md_len);
+ if (!HMAC_Init(&c, key, key_len, evp_md))
+ goto err;
+ if (!HMAC_Update(&c, d, n))
+ goto err;
+ if (!HMAC_Final(&c, md, md_len))
+ goto err;
HMAC_CTX_cleanup(&c);
- return (md);
+ return md;
+ err:
+ HMAC_CTX_cleanup(&c);
+ return NULL;
}
void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags)
@@ -168,5 +256,3 @@
EVP_MD_CTX_set_flags(&ctx->o_ctx, flags);
EVP_MD_CTX_set_flags(&ctx->md_ctx, flags);
}
-
-#endif
Modified: trunk/crypto/openssl/crypto/hmac/hmac.h
===================================================================
--- trunk/crypto/openssl/crypto/hmac/hmac.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/hmac/hmac.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -90,14 +90,15 @@
# define HMAC_cleanup(ctx) HMAC_CTX_cleanup(ctx)
/* deprecated */
-void HMAC_Init(HMAC_CTX *ctx, const void *key, int len, const EVP_MD *md);
-void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
- const EVP_MD *md, ENGINE *impl);
-void HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len);
-void HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);
+int HMAC_Init(HMAC_CTX *ctx, const void *key, int len, const EVP_MD *md);
+int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
+ const EVP_MD *md, ENGINE *impl);
+int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len);
+int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);
unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
const unsigned char *d, size_t n, unsigned char *md,
unsigned int *md_len);
+int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx);
void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags);
Modified: trunk/crypto/openssl/crypto/hmac/hmactest.c
===================================================================
--- trunk/crypto/openssl/crypto/hmac/hmactest.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/hmac/hmactest.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -85,7 +85,7 @@
unsigned char data[64];
int data_len;
unsigned char *digest;
-} test[4] = {
+} test[8] = {
{
"", 0, "More text test vectors to stuff up EBCDIC machines :-)", 54,
(unsigned char *)"e9139d1e6ee064ef8cf514fc7dc83e86",
@@ -113,10 +113,27 @@
0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd
}, 50, (unsigned char *)"56be34521d144c88dbb8c733f0e8b3f6",
},
+ {
+ "", 0, "My test data", 12,
+ (unsigned char *)"61afdecb95429ef494d61fdee15990cabf0826fc"
+ },
+ {
+ "", 0, "My test data", 12,
+ (unsigned char *)"2274b195d90ce8e03406f4b526a47e0787a88a65479938f1a5baa3ce0f079776"
+ },
+ {
+ "123456", 6, "My test data", 12,
+ (unsigned char *)"bab53058ae861a7f191abe2d0145cbb123776a6369ee3f9d79ce455667e411dd"
+ },
+ {
+ "12345", 5, "My test data again", 12,
+ (unsigned char *)"7dbe8c764c068e3bcd6e6b0fbcd5e6fc197b15bb"
+ }
};
# endif
-static char *pt(unsigned char *md);
+static char *pt(unsigned char *md, unsigned int len);
+
int main(int argc, char *argv[])
{
# ifndef OPENSSL_NO_MD5
@@ -124,6 +141,9 @@
char *p;
# endif
int err = 0;
+ HMAC_CTX ctx, ctx2;
+ unsigned char buf[EVP_MAX_MD_SIZE];
+ unsigned int len;
# ifdef OPENSSL_NO_MD5
printf("test skipped: MD5 disabled\n");
@@ -139,10 +159,11 @@
for (i = 0; i < 4; i++) {
p = pt(HMAC(EVP_md5(),
test[i].key, test[i].key_len,
- test[i].data, test[i].data_len, NULL, NULL));
+ test[i].data, test[i].data_len, NULL, NULL),
+ MD5_DIGEST_LENGTH);
if (strcmp(p, (char *)test[i].digest) != 0) {
- printf("error calculating HMAC on %d entry'\n", i);
+ printf("Error calculating HMAC on %d entry'\n", i);
printf("got %s instead of %s\n", p, test[i].digest);
err++;
} else
@@ -149,17 +170,161 @@
printf("test %d ok\n", i);
}
# endif /* OPENSSL_NO_MD5 */
+
+/* test4 */
+ HMAC_CTX_init(&ctx);
+ if (HMAC_Init_ex(&ctx, NULL, 0, NULL, NULL)) {
+ printf("Should fail to initialise HMAC with empty MD and key (test 4)\n");
+ err++;
+ goto test5;
+ }
+ if (HMAC_Update(&ctx, test[4].data, test[4].data_len)) {
+ printf("Should fail HMAC_Update with ctx not set up (test 4)\n");
+ err++;
+ goto test5;
+ }
+ if (HMAC_Init_ex(&ctx, NULL, 0, EVP_sha1(), NULL)) {
+ printf("Should fail to initialise HMAC with empty key (test 4)\n");
+ err++;
+ goto test5;
+ }
+ if (HMAC_Update(&ctx, test[4].data, test[4].data_len)) {
+ printf("Should fail HMAC_Update with ctx not set up (test 4)\n");
+ err++;
+ goto test5;
+ }
+ printf("test 4 ok\n");
+test5:
+ HMAC_CTX_init(&ctx);
+ if (HMAC_Init_ex(&ctx, test[4].key, test[4].key_len, NULL, NULL)) {
+ printf("Should fail to initialise HMAC with empty MD (test 5)\n");
+ err++;
+ goto test6;
+ }
+ if (HMAC_Update(&ctx, test[4].data, test[4].data_len)) {
+ printf("Should fail HMAC_Update with ctx not set up (test 5)\n");
+ err++;
+ goto test6;
+ }
+ if (HMAC_Init_ex(&ctx, test[4].key, -1, EVP_sha1(), NULL)) {
+ printf("Should fail to initialise HMAC with invalid key len(test 5)\n");
+ err++;
+ goto test6;
+ }
+ if (!HMAC_Init_ex(&ctx, test[4].key, test[4].key_len, EVP_sha1(), NULL)) {
+ printf("Failed to initialise HMAC (test 5)\n");
+ err++;
+ goto test6;
+ }
+ if (!HMAC_Update(&ctx, test[4].data, test[4].data_len)) {
+ printf("Error updating HMAC with data (test 5)\n");
+ err++;
+ goto test6;
+ }
+ if (!HMAC_Final(&ctx, buf, &len)) {
+ printf("Error finalising data (test 5)\n");
+ err++;
+ goto test6;
+ }
+ p = pt(buf, len);
+ if (strcmp(p, (char *)test[4].digest) != 0) {
+ printf("Error calculating interim HMAC on test 5\n");
+ printf("got %s instead of %s\n", p, test[4].digest);
+ err++;
+ goto test6;
+ }
+ if (HMAC_Init_ex(&ctx, NULL, 0, EVP_sha256(), NULL)) {
+ printf("Should disallow changing MD without a new key (test 5)\n");
+ err++;
+ goto test6;
+ }
+ if (!HMAC_Init_ex(&ctx, test[4].key, test[4].key_len, EVP_sha256(), NULL)) {
+ printf("Failed to reinitialise HMAC (test 5)\n");
+ err++;
+ goto test6;
+ }
+ if (!HMAC_Update(&ctx, test[5].data, test[5].data_len)) {
+ printf("Error updating HMAC with data (sha256) (test 5)\n");
+ err++;
+ goto test6;
+ }
+ if (!HMAC_Final(&ctx, buf, &len)) {
+ printf("Error finalising data (sha256) (test 5)\n");
+ err++;
+ goto test6;
+ }
+ p = pt(buf, len);
+ if (strcmp(p, (char *)test[5].digest) != 0) {
+ printf("Error calculating 2nd interim HMAC on test 5\n");
+ printf("got %s instead of %s\n", p, test[5].digest);
+ err++;
+ goto test6;
+ }
+ if (!HMAC_Init_ex(&ctx, test[6].key, test[6].key_len, NULL, NULL)) {
+ printf("Failed to reinitialise HMAC with key (test 5)\n");
+ err++;
+ goto test6;
+ }
+ if (!HMAC_Update(&ctx, test[6].data, test[6].data_len)) {
+ printf("Error updating HMAC with data (new key) (test 5)\n");
+ err++;
+ goto test6;
+ }
+ if (!HMAC_Final(&ctx, buf, &len)) {
+ printf("Error finalising data (new key) (test 5)\n");
+ err++;
+ goto test6;
+ }
+ p = pt(buf, len);
+ if (strcmp(p, (char *)test[6].digest) != 0) {
+ printf("error calculating HMAC on test 5\n");
+ printf("got %s instead of %s\n", p, test[6].digest);
+ err++;
+ } else {
+ printf("test 5 ok\n");
+ }
+test6:
+ HMAC_CTX_init(&ctx);
+ if (!HMAC_Init_ex(&ctx, test[7].key, test[7].key_len, EVP_sha1(), NULL)) {
+ printf("Failed to initialise HMAC (test 6)\n");
+ err++;
+ goto end;
+ }
+ if (!HMAC_Update(&ctx, test[7].data, test[7].data_len)) {
+ printf("Error updating HMAC with data (test 6)\n");
+ err++;
+ goto end;
+ }
+ if (!HMAC_CTX_copy(&ctx2, &ctx)) {
+ printf("Failed to copy HMAC_CTX (test 6)\n");
+ err++;
+ goto end;
+ }
+ if (!HMAC_Final(&ctx2, buf, &len)) {
+ printf("Error finalising data (test 6)\n");
+ err++;
+ goto end;
+ }
+ p = pt(buf, len);
+ if (strcmp(p, (char *)test[7].digest) != 0) {
+ printf("Error calculating HMAC on test 6\n");
+ printf("got %s instead of %s\n", p, test[7].digest);
+ err++;
+ } else {
+ printf("test 6 ok\n");
+ }
+end:
EXIT(err);
return (0);
}
# ifndef OPENSSL_NO_MD5
-static char *pt(unsigned char *md)
+static char *pt(unsigned char *md, unsigned int len)
{
- int i;
+ unsigned int i;
static char buf[80];
- for (i = 0; i < MD5_DIGEST_LENGTH; i++)
+ for (i = 0; i < len; i++)
sprintf(&(buf[i * 2]), "%02x", md[i]);
return (buf);
}
Modified: trunk/crypto/openssl/crypto/ia64cpuid.S
===================================================================
--- trunk/crypto/openssl/crypto/ia64cpuid.S 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/ia64cpuid.S 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,6 +1,13 @@
// Works on all IA-64 platforms: Linux, HP-UX, Win64i...
// On Win64i compile with ias.exe.
.text
+
+.global OPENSSL_cpuid_setup#
+.proc OPENSSL_cpuid_setup#
+OPENSSL_cpuid_setup:
+{ .mib; br.ret.sptk.many b0 };;
+.endp OPENSSL_cpuid_setup#
+
.global OPENSSL_rdtsc#
.proc OPENSSL_rdtsc#
OPENSSL_rdtsc:
@@ -19,7 +26,7 @@
{ .mii; mov ar.ccv=r2
add r8=r2,r33
mov r3=r2 };;
-{ .mmi; mf
+{ .mmi; mf;;
cmpxchg4.acq r2=[r32],r8,ar.ccv
nop.i 0 };;
{ .mib; cmp.ne p6,p0=r2,r3
@@ -119,3 +126,42 @@
mov ar.lc=r3
br.ret.sptk b0 };;
.endp OPENSSL_wipe_cpu#
+
+.global OPENSSL_cleanse#
+.proc OPENSSL_cleanse#
+OPENSSL_cleanse:
+{ .mib; cmp.eq p6,p0=0,r33 // len==0
+#if defined(_HPUX_SOURCE) && !defined(_LP64)
+ addp4 r32=0,r32
+#endif
+(p6) br.ret.spnt b0 };;
+{ .mib; and r2=7,r32
+ cmp.leu p6,p0=15,r33 // len>=15
+(p6) br.cond.dptk .Lot };;
+
+.Little:
+{ .mib; st1 [r32]=r0,1
+ cmp.ltu p6,p7=1,r33 } // len>1
+{ .mbb; add r33=-1,r33 // len--
+(p6) br.cond.dptk .Little
+(p7) br.ret.sptk.many b0 };;
+
+.Lot:
+{ .mib; cmp.eq p6,p0=0,r2
+(p6) br.cond.dptk .Laligned };;
+{ .mmi; st1 [r32]=r0,1;;
+ and r2=7,r32 }
+{ .mib; add r33=-1,r33
+ br .Lot };;
+
+.Laligned:
+{ .mmi; st8 [r32]=r0,8
+ and r2=-8,r33 // len&~7
+ add r33=-8,r33 };; // len-=8
+{ .mib; cmp.ltu p6,p0=8,r2 // ((len+8)&~7)>8
+(p6) br.cond.dptk .Laligned };;
+
+{ .mbb; cmp.eq p6,p7=r0,r33
+(p7) br.cond.dpnt .Little
+(p6) br.ret.sptk.many b0 };;
+.endp OPENSSL_cleanse#
Modified: trunk/crypto/openssl/crypto/idea/Makefile
===================================================================
--- trunk/crypto/openssl/crypto/idea/Makefile 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/idea/Makefile 2015-07-21 23:23:45 UTC (rev 7118)
@@ -33,7 +33,7 @@
all: lib
lib: $(LIBOBJ)
- $(ARX) $(LIB) $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
@@ -61,6 +61,8 @@
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
+update: depend
+
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
@@ -83,8 +85,7 @@
i_ofb64.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h
i_ofb64.o: i_ofb64.c idea_lcl.h
i_skey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-i_skey.o: ../../include/openssl/fips.h ../../include/openssl/idea.h
-i_skey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-i_skey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-i_skey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-i_skey.o: i_skey.c idea_lcl.h
+i_skey.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h
+i_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+i_skey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+i_skey.o: ../../include/openssl/symhacks.h i_skey.c idea_lcl.h
Modified: trunk/crypto/openssl/crypto/idea/i_skey.c
===================================================================
--- trunk/crypto/openssl/crypto/idea/i_skey.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/idea/i_skey.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -56,28 +56,20 @@
* [including the GNU Public Licence.]
*/
+#include <openssl/crypto.h>
#include <openssl/idea.h>
-#include <openssl/crypto.h>
-#ifdef OPENSSL_FIPS
-# include <openssl/fips.h>
-#endif
-
#include "idea_lcl.h"
static IDEA_INT inverse(unsigned int xin);
-
+void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks)
#ifdef OPENSSL_FIPS
-void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks)
{
- if (FIPS_mode())
- FIPS_BAD_ABORT(IDEA)
- private_idea_set_encrypt_key(key, ks);
+ fips_cipher_abort(IDEA);
+ private_idea_set_encrypt_key(key, ks);
}
void private_idea_set_encrypt_key(const unsigned char *key,
IDEA_KEY_SCHEDULE *ks)
-#else
-void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks)
#endif
{
int i;
@@ -118,11 +110,10 @@
}
}
-void idea_set_decrypt_key(const IDEA_KEY_SCHEDULE *ek, IDEA_KEY_SCHEDULE *dk)
+void idea_set_decrypt_key(IDEA_KEY_SCHEDULE *ek, IDEA_KEY_SCHEDULE *dk)
{
int r;
- register IDEA_INT *tp, t;
- const IDEA_INT *fp;
+ register IDEA_INT *fp, *tp, t;
tp = &(dk->data[0][0]);
fp = &(ek->data[8][0]);
Modified: trunk/crypto/openssl/crypto/idea/idea.h
===================================================================
--- trunk/crypto/openssl/crypto/idea/idea.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/idea/idea.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -87,7 +87,7 @@
IDEA_KEY_SCHEDULE *ks);
# endif
void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks);
-void idea_set_decrypt_key(const IDEA_KEY_SCHEDULE *ek, IDEA_KEY_SCHEDULE *dk);
+void idea_set_decrypt_key(IDEA_KEY_SCHEDULE *ek, IDEA_KEY_SCHEDULE *dk);
void idea_cbc_encrypt(const unsigned char *in, unsigned char *out,
long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,
int enc);
Copied: trunk/crypto/openssl/crypto/install-crypto.com (from rev 7117, vendor-crypto/openssl/dist/crypto/install-crypto.com)
===================================================================
--- trunk/crypto/openssl/crypto/install-crypto.com (rev 0)
+++ trunk/crypto/openssl/crypto/install-crypto.com 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,199 @@
+$! INSTALL.COM -- Installs the files in a given directory tree
+$!
+$! Author: Richard Levitte <richard at levitte.org>
+$! Time of creation: 22-MAY-1998 10:13
+$!
+$! Changes by Zoltan Arpadffy <zoli at polarhome.com>
+$!
+$! P1 root of the directory tree
+$! P2 "64" for 64-bit pointers.
+$!
+$!
+$! Announce/identify.
+$!
+$ proc = f$environment( "procedure")
+$ write sys$output "@@@ "+ -
+ f$parse( proc, , , "name")+ f$parse( proc, , , "type")
+$!
+$ on error then goto tidy
+$ on control_c then goto tidy
+$!
+$ if (p1 .eqs. "")
+$ then
+$ write sys$output "First argument missing."
+$ write sys$output -
+ "It should be the directory where you want things installed."
+$ exit
+$ endif
+$!
+$ if (f$getsyi( "cpu") .lt. 128)
+$ then
+$ arch = "VAX"
+$ else
+$ arch = f$edit( f$getsyi( "arch_name"), "upcase")
+$ if (arch .eqs. "") then arch = "UNK"
+$ endif
+$!
+$ archd = arch
+$ lib32 = "32"
+$ shr = "_SHR32"
+$!
+$ if (p2 .nes. "")
+$ then
+$ if (p2 .eqs. "64")
+$ then
+$ archd = arch+ "_64"
+$ lib32 = ""
+$ shr = "_SHR"
+$ else
+$ if (p2 .nes. "32")
+$ then
+$ write sys$output "Second argument invalid."
+$ write sys$output "It should be "32", "64", or nothing."
+$ exit
+$ endif
+$ endif
+$ endif
+$!
+$ root = f$parse( p1, "[]A.;0", , , "syntax_only, no_conceal") - "A.;0"
+$ root_dev = f$parse( root, , , "device", "syntax_only")
+$ root_dir = f$parse( root, , , "directory", "syntax_only") - -
+ "[000000." - "][" - "[" - "]"
+$ root = root_dev + "[" + root_dir
+$!
+$ define /nolog wrk_sslroot 'root'.] /trans=conc
+$ define /nolog wrk_sslinclude wrk_sslroot:[include]
+$ define /nolog wrk_sslxlib wrk_sslroot:['arch'_lib]
+$!
+$ if f$parse("wrk_sslroot:[000000]") .eqs. "" then -
+ create /directory /log wrk_sslroot:[000000]
+$ if f$parse("wrk_sslinclude:") .eqs. "" then -
+ create /directory /log wrk_sslinclude:
+$ if f$parse("wrk_sslxlib:") .eqs. "" then -
+ create /directory /log wrk_sslxlib:
+$!
+$ sdirs := , -
+ 'archd', -
+ objects, -
+ md4, md5, sha, mdc2, hmac, ripemd, whrlpool, -
+ des, aes, rc2, rc4, idea, bf, cast, camellia, seed, -
+ bn, ec, rsa, dsa, ecdsa, dh, ecdh, dso, engine, -
+ buffer, bio, stack, lhash, rand, err, -
+ evp, asn1, pem, x509, x509v3, conf, txt_db, pkcs7, pkcs12, comp, ocsp, -
+ ui, krb5, -
+ cms, pqueue, ts, jpake, srp, store, cmac
+$!
+$ exheader_ := crypto.h, opensslv.h, ebcdic.h, symhacks.h, ossl_typ.h
+$ exheader_'archd' := opensslconf.h
+$ exheader_objects := objects.h, obj_mac.h
+$ exheader_md2 := md2.h
+$ exheader_md4 := md4.h
+$ exheader_md5 := md5.h
+$ exheader_sha := sha.h
+$ exheader_mdc2 := mdc2.h
+$ exheader_hmac := hmac.h
+$ exheader_ripemd := ripemd.h
+$ exheader_whrlpool := whrlpool.h
+$ exheader_des := des.h, des_old.h
+$ exheader_aes := aes.h
+$ exheader_rc2 := rc2.h
+$ exheader_rc4 := rc4.h
+$ exheader_rc5 := rc5.h
+$ exheader_idea := idea.h
+$ exheader_bf := blowfish.h
+$ exheader_cast := cast.h
+$ exheader_camellia := camellia.h
+$ exheader_seed := seed.h
+$ exheader_modes := modes.h
+$ exheader_bn := bn.h
+$ exheader_ec := ec.h
+$ exheader_rsa := rsa.h
+$ exheader_dsa := dsa.h
+$ exheader_ecdsa := ecdsa.h
+$ exheader_dh := dh.h
+$ exheader_ecdh := ecdh.h
+$ exheader_dso := dso.h
+$ exheader_engine := engine.h
+$ exheader_buffer := buffer.h
+$ exheader_bio := bio.h
+$ exheader_stack := stack.h, safestack.h
+$ exheader_lhash := lhash.h
+$ exheader_rand := rand.h
+$ exheader_err := err.h
+$ exheader_evp := evp.h
+$ exheader_asn1 := asn1.h, asn1_mac.h, asn1t.h
+$ exheader_pem := pem.h, pem2.h
+$ exheader_x509 := x509.h, x509_vfy.h
+$ exheader_x509v3 := x509v3.h
+$ exheader_conf := conf.h, conf_api.h
+$ exheader_txt_db := txt_db.h
+$ exheader_pkcs7 := pkcs7.h
+$ exheader_pkcs12 := pkcs12.h
+$ exheader_comp := comp.h
+$ exheader_ocsp := ocsp.h
+$ exheader_ui := ui.h, ui_compat.h
+$ exheader_krb5 := krb5_asn.h
+$! exheader_store := store.h, str_compat.h
+$ exheader_store := store.h
+$ exheader_cms := cms.h
+$ exheader_pqueue := pqueue.h
+$ exheader_ts := ts.h
+$ exheader_jpake := jpake.h
+$ exheader_srp := srp.h
+$ exheader_store := store.h
+$ exheader_cmac := cmac.h
+$ libs := ssl_libcrypto
+$!
+$ exe_dir := [-.'archd'.exe.crypto]
+$!
+$! Header files.
+$!
+$ i = 0
+$ loop_sdirs:
+$ d = f$edit( f$element( i, ",", sdirs), "trim")
+$ i = i + 1
+$ if d .eqs. "," then goto loop_sdirs_end
+$ tmp = exheader_'d'
+$ if (d .nes. "") then d = "."+ d
+$ copy /protection = w:re ['d']'tmp' wrk_sslinclude: /log
+$ goto loop_sdirs
+$ loop_sdirs_end:
+$!
+$! Object libraries, shareable images.
+$!
+$ i = 0
+$ loop_lib:
+$ e = f$edit( f$element( i, ",", libs), "trim")
+$ i = i + 1
+$ if e .eqs. "," then goto loop_lib_end
+$ set noon
+$ file = exe_dir+ e+ lib32+ ".olb"
+$ if f$search( file) .nes. ""
+$ then
+$ copy /protection = w:re 'file' wrk_sslxlib: /log
+$ endif
+$!
+$ file = exe_dir+ e+ shr+ ".exe"
+$ if f$search( file) .nes. ""
+$ then
+$ copy /protection = w:re 'file' wrk_sslxlib: /log
+$ endif
+$ set on
+$ goto loop_lib
+$ loop_lib_end:
+$!
+$ tidy:
+$!
+$ call deass wrk_sslroot
+$ call deass wrk_sslinclude
+$ call deass wrk_sslxlib
+$!
+$ exit
+$!
+$ deass: subroutine
+$ if (f$trnlnm( p1, "LNM$PROCESS") .nes. "")
+$ then
+$ deassign /process 'p1'
+$ endif
+$ endsubroutine
+$!
Deleted: trunk/crypto/openssl/crypto/install.com
===================================================================
--- trunk/crypto/openssl/crypto/install.com 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/install.com 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,145 +0,0 @@
-$! INSTALL.COM -- Installs the files in a given directory tree
-$!
-$! Author: Richard Levitte <richard at levitte.org>
-$! Time of creation: 22-MAY-1998 10:13
-$!
-$! Changes by Zoltan Arpadffy <zoli at polarhome.com>
-$!
-$! P1 root of the directory tree
-$!
-$ IF P1 .EQS. ""
-$ THEN
-$ WRITE SYS$OUTPUT "First argument missing."
-$ WRITE SYS$OUTPUT -
- "It should be the directory where you want things installed."
-$ EXIT
-$ ENDIF
-$
-$ IF (F$GETSYI("CPU").LT.128)
-$ THEN
-$ ARCH := VAX
-$ ELSE
-$ ARCH = F$EDIT( F$GETSYI( "ARCH_NAME"), "UPCASE")
-$ IF (ARCH .EQS. "") THEN ARCH = "UNK"
-$ ENDIF
-$
-$ ROOT = F$PARSE(P1,"[]A.;0",,,"SYNTAX_ONLY,NO_CONCEAL") - "A.;0"
-$ ROOT_DEV = F$PARSE(ROOT,,,"DEVICE","SYNTAX_ONLY")
-$ ROOT_DIR = F$PARSE(ROOT,,,"DIRECTORY","SYNTAX_ONLY") -
- - "[000000." - "][" - "[" - "]"
-$ ROOT = ROOT_DEV + "[" + ROOT_DIR
-$
-$ DEFINE/NOLOG WRK_SSLROOT 'ROOT'.] /TRANS=CONC
-$ DEFINE/NOLOG WRK_SSLLIB WRK_SSLROOT:['ARCH'_LIB]
-$ DEFINE/NOLOG WRK_SSLINCLUDE WRK_SSLROOT:[INCLUDE]
-$
-$ IF F$PARSE("WRK_SSLROOT:[000000]") .EQS. "" THEN -
- CREATE/DIR/LOG WRK_SSLROOT:[000000]
-$ IF F$PARSE("WRK_SSLLIB:") .EQS. "" THEN -
- CREATE/DIR/LOG WRK_SSLLIB:
-$ IF F$PARSE("WRK_SSLINCLUDE:") .EQS. "" THEN -
- CREATE/DIR/LOG WRK_SSLINCLUDE:
-$
-$ SDIRS := ,-
- OBJECTS,-
- MD2,MD4,MD5,SHA,MDC2,HMAC,RIPEMD,-
- DES,AES,RC2,RC4,RC5,IDEA,BF,CAST,CAMELLIA,SEED,-
- BN,EC,RSA,DSA,ECDSA,DH,ECDH,DSO,ENGINE,-
- BUFFER,BIO,STACK,LHASH,RAND,ERR,-
- EVP,ASN1,PEM,X509,X509V3,CONF,TXT_DB,PKCS7,PKCS12,COMP,OCSP,-
- UI,KRB5,-
- STORE,PQUEUE,JPAKE
-$ EXHEADER_ := crypto.h,tmdiff.h,opensslv.h,opensslconf.h,ebcdic.h,-
- symhacks.h,ossl_typ.h
-$ EXHEADER_OBJECTS := objects.h,obj_mac.h
-$ EXHEADER_MD2 := md2.h
-$ EXHEADER_MD4 := md4.h
-$ EXHEADER_MD5 := md5.h
-$ EXHEADER_SHA := sha.h
-$ EXHEADER_MDC2 := mdc2.h
-$ EXHEADER_HMAC := hmac.h
-$ EXHEADER_RIPEMD := ripemd.h
-$ EXHEADER_DES := des.h,des_old.h
-$ EXHEADER_AES := aes.h
-$ EXHEADER_RC2 := rc2.h
-$ EXHEADER_RC4 := rc4.h
-$ EXHEADER_RC5 := rc5.h
-$ EXHEADER_IDEA := idea.h
-$ EXHEADER_BF := blowfish.h
-$ EXHEADER_CAST := cast.h
-$ EXHEADER_CAMELLIA := camellia.h
-$ EXHEADER_SEED := seed.h
-$ EXHEADER_BN := bn.h
-$ EXHEADER_EC := ec.h
-$ EXHEADER_RSA := rsa.h
-$ EXHEADER_DSA := dsa.h
-$ EXHEADER_ECDSA := ecdsa.h
-$ EXHEADER_DH := dh.h
-$ EXHEADER_ECDH := ecdh.h
-$ EXHEADER_DSO := dso.h
-$ EXHEADER_ENGINE := engine.h
-$ EXHEADER_BUFFER := buffer.h
-$ EXHEADER_BIO := bio.h
-$ EXHEADER_STACK := stack.h,safestack.h
-$ EXHEADER_LHASH := lhash.h
-$ EXHEADER_RAND := rand.h
-$ EXHEADER_ERR := err.h
-$ EXHEADER_EVP := evp.h
-$ EXHEADER_ASN1 := asn1.h,asn1_mac.h,asn1t.h
-$ EXHEADER_PEM := pem.h,pem2.h
-$ EXHEADER_X509 := x509.h,x509_vfy.h
-$ EXHEADER_X509V3 := x509v3.h
-$ EXHEADER_CONF := conf.h,conf_api.h
-$ EXHEADER_TXT_DB := txt_db.h
-$ EXHEADER_PKCS7 := pkcs7.h
-$ EXHEADER_PKCS12 := pkcs12.h
-$ EXHEADER_COMP := comp.h
-$ EXHEADER_OCSP := ocsp.h
-$ EXHEADER_UI := ui.h,ui_compat.h
-$ EXHEADER_KRB5 := krb5_asn.h
-$! EXHEADER_STORE := store.h,str_compat.h
-$ EXHEADER_STORE := store.h
-$ EXHEADER_PQUEUE := pqueue.h,pq_compat.h
-$ EXHEADER_JPAKE := jpake.h
-$ LIBS := LIBCRYPTO
-$
-$ EXE_DIR := [-.'ARCH'.EXE.CRYPTO]
-$
-$ I = 0
-$ LOOP_SDIRS:
-$ D = F$EDIT(F$ELEMENT(I, ",", SDIRS),"TRIM")
-$ I = I + 1
-$ IF D .EQS. "," THEN GOTO LOOP_SDIRS_END
-$ tmp = EXHEADER_'D'
-$ IF D .EQS. ""
-$ THEN
-$ COPY 'tmp' WRK_SSLINCLUDE: /LOG
-$ ELSE
-$ COPY [.'D']'tmp' WRK_SSLINCLUDE: /LOG
-$ ENDIF
-$ SET FILE/PROT=WORLD:RE WRK_SSLINCLUDE:'tmp'
-$ GOTO LOOP_SDIRS
-$ LOOP_SDIRS_END:
-$
-$ I = 0
-$ LOOP_LIB:
-$ E = F$EDIT(F$ELEMENT(I, ",", LIBS),"TRIM")
-$ I = I + 1
-$ IF E .EQS. "," THEN GOTO LOOP_LIB_END
-$ SET NOON
-$ IF F$SEARCH(EXE_DIR+E+".OLB") .NES. ""
-$ THEN
-$ COPY 'EXE_DIR''E'.OLB WRK_SSLLIB:'E'.OLB/log
-$ SET FILE/PROT=W:RE WRK_SSLLIB:'E'.OLB
-$ ENDIF
-$ ! Preparing for the time when we have shareable images
-$ IF F$SEARCH(EXE_DIR+E+".EXE") .NES. ""
-$ THEN
-$ COPY 'EXE_DIR''E'.EXE WRK_SSLLIB:'E'.EXE/log
-$ SET FILE/PROT=W:RE WRK_SSLLIB:'E'.EXE
-$ ENDIF
-$ SET ON
-$ GOTO LOOP_LIB
-$ LOOP_LIB_END:
-$
-$ EXIT
Modified: trunk/crypto/openssl/crypto/jpake/Makefile
===================================================================
--- trunk/crypto/openssl/crypto/jpake/Makefile 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/jpake/Makefile 2015-07-21 23:23:45 UTC (rev 7118)
@@ -16,7 +16,7 @@
all: lib
lib: $(LIBOBJ)
- $(ARX) $(LIB) $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
@@ -32,6 +32,8 @@
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
done;
+update: depend
+
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
Modified: trunk/crypto/openssl/crypto/jpake/jpake.c
===================================================================
--- trunk/crypto/openssl/crypto/jpake/jpake.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/jpake/jpake.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -4,7 +4,6 @@
#include <openssl/sha.h>
#include <openssl/err.h>
#include <memory.h>
-#include <assert.h>
/*
* In the definition, (xa, xb, xc, xd) are Alice's (x1, x2, x3, x4) or
@@ -132,7 +131,7 @@
{
unsigned char b[2];
- assert(l <= 0xffff);
+ OPENSSL_assert(l <= 0xffff);
b[0] = l >> 8;
b[1] = l & 0xff;
SHA1_Update(sha, b, 2);
@@ -170,7 +169,7 @@
*/
SHA1_Init(&sha);
hashbn(&sha, zkpg);
- assert(!BN_is_zero(p->zkpx.gr));
+ OPENSSL_assert(!BN_is_zero(p->zkpx.gr));
hashbn(&sha, p->zkpx.gr);
hashbn(&sha, p->gx);
hashstring(&sha, proof_name);
Modified: trunk/crypto/openssl/crypto/jpake/jpaketest.c
===================================================================
--- trunk/crypto/openssl/crypto/jpake/jpaketest.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/jpake/jpaketest.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -175,7 +175,7 @@
BN_free(p);
CRYPTO_cleanup_all_ex_data();
- ERR_remove_state(0);
+ ERR_remove_thread_state(NULL);
ERR_free_strings();
CRYPTO_mem_leaks(bio_err);
Modified: trunk/crypto/openssl/crypto/krb5/Makefile
===================================================================
--- trunk/crypto/openssl/crypto/krb5/Makefile 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/krb5/Makefile 2015-07-21 23:23:45 UTC (rev 7118)
@@ -34,7 +34,7 @@
all: lib
lib: $(LIBOBJ)
- $(ARX) $(LIB) $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
@@ -62,6 +62,8 @@
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
+update: depend
+
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC)
Modified: trunk/crypto/openssl/crypto/lhash/Makefile
===================================================================
--- trunk/crypto/openssl/crypto/lhash/Makefile 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/lhash/Makefile 2015-07-21 23:23:45 UTC (rev 7118)
@@ -33,7 +33,7 @@
all: lib
lib: $(LIBOBJ)
- $(ARX) $(LIB) $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
@@ -61,6 +61,8 @@
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
+update: depend
+
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
Modified: trunk/crypto/openssl/crypto/lhash/lh_stats.c
===================================================================
--- trunk/crypto/openssl/crypto/lhash/lh_stats.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/lhash/lh_stats.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -138,7 +138,7 @@
#else
# ifndef OPENSSL_NO_FP_API
-void lh_stats(const LHASH *lh, FILE *fp)
+void lh_stats(const _LHASH *lh, FILE *fp)
{
BIO *bp;
@@ -151,7 +151,7 @@
end:;
}
-void lh_node_stats(const LHASH *lh, FILE *fp)
+void lh_node_stats(const _LHASH *lh, FILE *fp)
{
BIO *bp;
@@ -164,7 +164,7 @@
end:;
}
-void lh_node_usage_stats(const LHASH *lh, FILE *fp)
+void lh_node_usage_stats(const _LHASH *lh, FILE *fp)
{
BIO *bp;
@@ -179,7 +179,7 @@
# endif
-void lh_stats_bio(const LHASH *lh, BIO *out)
+void lh_stats_bio(const _LHASH *lh, BIO *out)
{
BIO_printf(out, "num_items = %lu\n", lh->num_items);
BIO_printf(out, "num_nodes = %u\n", lh->num_nodes);
@@ -206,7 +206,7 @@
# endif
}
-void lh_node_stats_bio(const LHASH *lh, BIO *out)
+void lh_node_stats_bio(const _LHASH *lh, BIO *out)
{
LHASH_NODE *n;
unsigned int i, num;
@@ -218,7 +218,7 @@
}
}
-void lh_node_usage_stats_bio(const LHASH *lh, BIO *out)
+void lh_node_usage_stats_bio(const _LHASH *lh, BIO *out)
{
LHASH_NODE *n;
unsigned long num;
Modified: trunk/crypto/openssl/crypto/lhash/lhash.c
===================================================================
--- trunk/crypto/openssl/crypto/lhash/lhash.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/lhash/lhash.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -108,20 +108,18 @@
#define UP_LOAD (2*LH_LOAD_MULT) /* load times 256 (default 2) */
#define DOWN_LOAD (LH_LOAD_MULT) /* load times 256 (default 1) */
-static void expand(LHASH *lh);
-static void contract(LHASH *lh);
-static LHASH_NODE **getrn(LHASH *lh, const void *data, unsigned long *rhash);
+static void expand(_LHASH *lh);
+static void contract(_LHASH *lh);
+static LHASH_NODE **getrn(_LHASH *lh, const void *data, unsigned long *rhash);
-LHASH *lh_new(LHASH_HASH_FN_TYPE h, LHASH_COMP_FN_TYPE c)
+_LHASH *lh_new(LHASH_HASH_FN_TYPE h, LHASH_COMP_FN_TYPE c)
{
- LHASH *ret;
+ _LHASH *ret;
int i;
- if ((ret = (LHASH *)OPENSSL_malloc(sizeof(LHASH))) == NULL)
+ if ((ret = OPENSSL_malloc(sizeof(_LHASH))) == NULL)
goto err0;
- if ((ret->b =
- (LHASH_NODE **)OPENSSL_malloc(sizeof(LHASH_NODE *) * MIN_NODES)) ==
- NULL)
+ if ((ret->b = OPENSSL_malloc(sizeof(LHASH_NODE *) * MIN_NODES)) == NULL)
goto err1;
for (i = 0; i < MIN_NODES; i++)
ret->b[i] = NULL;
@@ -157,7 +155,7 @@
return (NULL);
}
-void lh_free(LHASH *lh)
+void lh_free(_LHASH *lh)
{
unsigned int i;
LHASH_NODE *n, *nn;
@@ -177,7 +175,7 @@
OPENSSL_free(lh);
}
-void *lh_insert(LHASH *lh, void *data)
+void *lh_insert(_LHASH *lh, void *data)
{
unsigned long hash;
LHASH_NODE *nn, **rn;
@@ -212,7 +210,7 @@
return (ret);
}
-void *lh_delete(LHASH *lh, const void *data)
+void *lh_delete(_LHASH *lh, const void *data)
{
unsigned long hash;
LHASH_NODE *nn, **rn;
@@ -240,7 +238,7 @@
return (ret);
}
-void *lh_retrieve(LHASH *lh, const void *data)
+void *lh_retrieve(_LHASH *lh, const void *data)
{
unsigned long hash;
LHASH_NODE **rn;
@@ -259,12 +257,15 @@
return (ret);
}
-static void doall_util_fn(LHASH *lh, int use_arg, LHASH_DOALL_FN_TYPE func,
+static void doall_util_fn(_LHASH *lh, int use_arg, LHASH_DOALL_FN_TYPE func,
LHASH_DOALL_ARG_FN_TYPE func_arg, void *arg)
{
int i;
LHASH_NODE *a, *n;
+ if (lh == NULL)
+ return;
+
/*
* reverse the order so we search from 'top to bottom' We were having
* memory leaks otherwise
@@ -275,6 +276,10 @@
/*
* 28/05/91 - eay - n added so items can be deleted via lh_doall
*/
+ /*
+ * 22/05/08 - ben - eh? since a is not passed, this should not be
+ * needed
+ */
n = a->next;
if (use_arg)
func_arg(a->data, arg);
@@ -285,30 +290,50 @@
}
}
-void lh_doall(LHASH *lh, LHASH_DOALL_FN_TYPE func)
+void lh_doall(_LHASH *lh, LHASH_DOALL_FN_TYPE func)
{
doall_util_fn(lh, 0, func, (LHASH_DOALL_ARG_FN_TYPE)0, NULL);
}
-void lh_doall_arg(LHASH *lh, LHASH_DOALL_ARG_FN_TYPE func, void *arg)
+void lh_doall_arg(_LHASH *lh, LHASH_DOALL_ARG_FN_TYPE func, void *arg)
{
doall_util_fn(lh, 1, (LHASH_DOALL_FN_TYPE)0, func, arg);
}
-static void expand(LHASH *lh)
+static void expand(_LHASH *lh)
{
LHASH_NODE **n, **n1, **n2, *np;
- unsigned int p, i, j, pmax;
+ unsigned int p, i, j;
unsigned long hash, nni;
+ lh->num_nodes++;
+ lh->num_expands++;
p = (int)lh->p++;
+ n1 = &(lh->b[p]);
+ n2 = &(lh->b[p + (int)lh->pmax]);
+ *n2 = NULL; /* 27/07/92 - eay - undefined pointer bug */
nni = lh->num_alloc_nodes;
- pmax = lh->pmax;
+ for (np = *n1; np != NULL;) {
+#ifndef OPENSSL_NO_HASH_COMP
+ hash = np->hash;
+#else
+ hash = lh->hash(np->data);
+ lh->num_hash_calls++;
+#endif
+ if ((hash % nni) != p) { /* move it */
+ *n1 = (*n1)->next;
+ np->next = *n2;
+ *n2 = np;
+ } else
+ n1 = &((*n1)->next);
+ np = *n1;
+ }
+
if ((lh->p) >= lh->pmax) {
j = (int)lh->num_alloc_nodes * 2;
n = (LHASH_NODE **)OPENSSL_realloc(lh->b,
- (int)sizeof(LHASH_NODE *) * j);
+ (int)(sizeof(LHASH_NODE *) * j));
if (n == NULL) {
/* fputs("realloc error in lhash",stderr); */
lh->error++;
@@ -324,37 +349,14 @@
lh->p = 0;
lh->b = n;
}
-
- lh->num_nodes++;
- lh->num_expands++;
- n1 = &(lh->b[p]);
- n2 = &(lh->b[p + pmax]);
- *n2 = NULL; /* 27/07/92 - eay - undefined pointer bug */
-
- for (np = *n1; np != NULL;) {
-#ifndef OPENSSL_NO_HASH_COMP
- hash = np->hash;
-#else
- hash = lh->hash(np->data);
- lh->num_hash_calls++;
-#endif
- if ((hash % nni) != p) { /* move it */
- *n1 = (*n1)->next;
- np->next = *n2;
- *n2 = np;
- } else
- n1 = &((*n1)->next);
- np = *n1;
- }
-
}
-static void contract(LHASH *lh)
+static void contract(_LHASH *lh)
{
LHASH_NODE **n, *n1, *np;
- int idx = lh->p + lh->pmax - 1;
- np = lh->b[idx];
+ np = lh->b[lh->p + lh->pmax - 1];
+ lh->b[lh->p + lh->pmax - 1] = NULL; /* 24/07-92 - eay - weird but :-( */
if (lh->p == 0) {
n = (LHASH_NODE **)OPENSSL_realloc(lh->b,
(unsigned int)(sizeof(LHASH_NODE *)
@@ -372,7 +374,6 @@
} else
lh->p--;
- lh->b[idx] = NULL;
lh->num_nodes--;
lh->num_contracts++;
@@ -386,7 +387,7 @@
}
}
-static LHASH_NODE **getrn(LHASH *lh, const void *data, unsigned long *rhash)
+static LHASH_NODE **getrn(_LHASH *lh, const void *data, unsigned long *rhash)
{
LHASH_NODE **ret, *n1;
unsigned long hash, nn;
@@ -451,7 +452,7 @@
return ((ret >> 16) ^ ret);
}
-unsigned long lh_num_items(const LHASH *lh)
+unsigned long lh_num_items(const _LHASH *lh)
{
return lh ? lh->num_items : 0;
}
Modified: trunk/crypto/openssl/crypto/lhash/lhash.h
===================================================================
--- trunk/crypto/openssl/crypto/lhash/lhash.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/lhash/lhash.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -99,42 +99,42 @@
*/
/* First: "hash" functions */
-# define DECLARE_LHASH_HASH_FN(f_name,o_type) \
- unsigned long f_name##_LHASH_HASH(const void *);
-# define IMPLEMENT_LHASH_HASH_FN(f_name,o_type) \
- unsigned long f_name##_LHASH_HASH(const void *arg) { \
- o_type a = (o_type)arg; \
- return f_name(a); }
-# define LHASH_HASH_FN(f_name) f_name##_LHASH_HASH
+# define DECLARE_LHASH_HASH_FN(name, o_type) \
+ unsigned long name##_LHASH_HASH(const void *);
+# define IMPLEMENT_LHASH_HASH_FN(name, o_type) \
+ unsigned long name##_LHASH_HASH(const void *arg) { \
+ const o_type *a = arg; \
+ return name##_hash(a); }
+# define LHASH_HASH_FN(name) name##_LHASH_HASH
/* Second: "compare" functions */
-# define DECLARE_LHASH_COMP_FN(f_name,o_type) \
- int f_name##_LHASH_COMP(const void *, const void *);
-# define IMPLEMENT_LHASH_COMP_FN(f_name,o_type) \
- int f_name##_LHASH_COMP(const void *arg1, const void *arg2) { \
- o_type a = (o_type)arg1; \
- o_type b = (o_type)arg2; \
- return f_name(a,b); }
-# define LHASH_COMP_FN(f_name) f_name##_LHASH_COMP
+# define DECLARE_LHASH_COMP_FN(name, o_type) \
+ int name##_LHASH_COMP(const void *, const void *);
+# define IMPLEMENT_LHASH_COMP_FN(name, o_type) \
+ int name##_LHASH_COMP(const void *arg1, const void *arg2) { \
+ const o_type *a = arg1; \
+ const o_type *b = arg2; \
+ return name##_cmp(a,b); }
+# define LHASH_COMP_FN(name) name##_LHASH_COMP
/* Third: "doall" functions */
-# define DECLARE_LHASH_DOALL_FN(f_name,o_type) \
- void f_name##_LHASH_DOALL(void *);
-# define IMPLEMENT_LHASH_DOALL_FN(f_name,o_type) \
- void f_name##_LHASH_DOALL(void *arg) { \
- o_type a = (o_type)arg; \
- f_name(a); }
-# define LHASH_DOALL_FN(f_name) f_name##_LHASH_DOALL
+# define DECLARE_LHASH_DOALL_FN(name, o_type) \
+ void name##_LHASH_DOALL(void *);
+# define IMPLEMENT_LHASH_DOALL_FN(name, o_type) \
+ void name##_LHASH_DOALL(void *arg) { \
+ o_type *a = arg; \
+ name##_doall(a); }
+# define LHASH_DOALL_FN(name) name##_LHASH_DOALL
/* Fourth: "doall_arg" functions */
-# define DECLARE_LHASH_DOALL_ARG_FN(f_name,o_type,a_type) \
- void f_name##_LHASH_DOALL_ARG(void *, void *);
-# define IMPLEMENT_LHASH_DOALL_ARG_FN(f_name,o_type,a_type) \
- void f_name##_LHASH_DOALL_ARG(void *arg1, void *arg2) { \
- o_type a = (o_type)arg1; \
- a_type b = (a_type)arg2; \
- f_name(a,b); }
-# define LHASH_DOALL_ARG_FN(f_name) f_name##_LHASH_DOALL_ARG
+# define DECLARE_LHASH_DOALL_ARG_FN(name, o_type, a_type) \
+ void name##_LHASH_DOALL_ARG(void *, void *);
+# define IMPLEMENT_LHASH_DOALL_ARG_FN(name, o_type, a_type) \
+ void name##_LHASH_DOALL_ARG(void *arg1, void *arg2) { \
+ o_type *a = arg1; \
+ a_type *b = arg2; \
+ name##_doall_arg(a, b); }
+# define LHASH_DOALL_ARG_FN(name) name##_LHASH_DOALL_ARG
typedef struct lhash_st {
LHASH_NODE **b;
@@ -161,7 +161,8 @@
unsigned long num_retrieve_miss;
unsigned long num_hash_comps;
int error;
-} LHASH;
+} _LHASH; /* Do not use _LHASH directly, use LHASH_OF
+ * and friends */
# define LH_LOAD_MULT 256
@@ -171,27 +172,67 @@
*/
# define lh_error(lh) ((lh)->error)
-LHASH *lh_new(LHASH_HASH_FN_TYPE h, LHASH_COMP_FN_TYPE c);
-void lh_free(LHASH *lh);
-void *lh_insert(LHASH *lh, void *data);
-void *lh_delete(LHASH *lh, const void *data);
-void *lh_retrieve(LHASH *lh, const void *data);
-void lh_doall(LHASH *lh, LHASH_DOALL_FN_TYPE func);
-void lh_doall_arg(LHASH *lh, LHASH_DOALL_ARG_FN_TYPE func, void *arg);
+_LHASH *lh_new(LHASH_HASH_FN_TYPE h, LHASH_COMP_FN_TYPE c);
+void lh_free(_LHASH *lh);
+void *lh_insert(_LHASH *lh, void *data);
+void *lh_delete(_LHASH *lh, const void *data);
+void *lh_retrieve(_LHASH *lh, const void *data);
+void lh_doall(_LHASH *lh, LHASH_DOALL_FN_TYPE func);
+void lh_doall_arg(_LHASH *lh, LHASH_DOALL_ARG_FN_TYPE func, void *arg);
unsigned long lh_strhash(const char *c);
-unsigned long lh_num_items(const LHASH *lh);
+unsigned long lh_num_items(const _LHASH *lh);
# ifndef OPENSSL_NO_FP_API
-void lh_stats(const LHASH *lh, FILE *out);
-void lh_node_stats(const LHASH *lh, FILE *out);
-void lh_node_usage_stats(const LHASH *lh, FILE *out);
+void lh_stats(const _LHASH *lh, FILE *out);
+void lh_node_stats(const _LHASH *lh, FILE *out);
+void lh_node_usage_stats(const _LHASH *lh, FILE *out);
# endif
# ifndef OPENSSL_NO_BIO
-void lh_stats_bio(const LHASH *lh, BIO *out);
-void lh_node_stats_bio(const LHASH *lh, BIO *out);
-void lh_node_usage_stats_bio(const LHASH *lh, BIO *out);
+void lh_stats_bio(const _LHASH *lh, BIO *out);
+void lh_node_stats_bio(const _LHASH *lh, BIO *out);
+void lh_node_usage_stats_bio(const _LHASH *lh, BIO *out);
# endif
+
+/* Type checking... */
+
+# define LHASH_OF(type) struct lhash_st_##type
+
+# define DECLARE_LHASH_OF(type) LHASH_OF(type) { int dummy; }
+
+# define CHECKED_LHASH_OF(type,lh) \
+ ((_LHASH *)CHECKED_PTR_OF(LHASH_OF(type),lh))
+
+/* Define wrapper functions. */
+# define LHM_lh_new(type, name) \
+ ((LHASH_OF(type) *)lh_new(LHASH_HASH_FN(name), LHASH_COMP_FN(name)))
+# define LHM_lh_error(type, lh) \
+ lh_error(CHECKED_LHASH_OF(type,lh))
+# define LHM_lh_insert(type, lh, inst) \
+ ((type *)lh_insert(CHECKED_LHASH_OF(type, lh), \
+ CHECKED_PTR_OF(type, inst)))
+# define LHM_lh_retrieve(type, lh, inst) \
+ ((type *)lh_retrieve(CHECKED_LHASH_OF(type, lh), \
+ CHECKED_PTR_OF(type, inst)))
+# define LHM_lh_delete(type, lh, inst) \
+ ((type *)lh_delete(CHECKED_LHASH_OF(type, lh), \
+ CHECKED_PTR_OF(type, inst)))
+# define LHM_lh_doall(type, lh,fn) lh_doall(CHECKED_LHASH_OF(type, lh), fn)
+# define LHM_lh_doall_arg(type, lh, fn, arg_type, arg) \
+ lh_doall_arg(CHECKED_LHASH_OF(type, lh), fn, CHECKED_PTR_OF(arg_type, arg))
+# define LHM_lh_num_items(type, lh) lh_num_items(CHECKED_LHASH_OF(type, lh))
+# define LHM_lh_down_load(type, lh) (CHECKED_LHASH_OF(type, lh)->down_load)
+# define LHM_lh_node_stats_bio(type, lh, out) \
+ lh_node_stats_bio(CHECKED_LHASH_OF(type, lh), out)
+# define LHM_lh_node_usage_stats_bio(type, lh, out) \
+ lh_node_usage_stats_bio(CHECKED_LHASH_OF(type, lh), out)
+# define LHM_lh_stats_bio(type, lh, out) \
+ lh_stats_bio(CHECKED_LHASH_OF(type, lh), out)
+# define LHM_lh_free(type, lh) lh_free(CHECKED_LHASH_OF(type, lh))
+
+DECLARE_LHASH_OF(OPENSSL_STRING);
+DECLARE_LHASH_OF(OPENSSL_CSTRING);
+
#ifdef __cplusplus
}
#endif
Modified: trunk/crypto/openssl/crypto/md2/Makefile
===================================================================
--- trunk/crypto/openssl/crypto/md2/Makefile 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/md2/Makefile 2015-07-21 23:23:45 UTC (rev 7118)
@@ -33,7 +33,7 @@
all: lib
lib: $(LIBOBJ)
- $(ARX) $(LIB) $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
@@ -61,6 +61,8 @@
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
+update: depend
+
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
@@ -74,9 +76,7 @@
# DO NOT DELETE THIS LINE -- make depend depends on it.
-md2_dgst.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
-md2_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-md2_dgst.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
+md2_dgst.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
md2_dgst.o: ../../include/openssl/md2.h ../../include/openssl/opensslconf.h
md2_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
md2_dgst.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
Modified: trunk/crypto/openssl/crypto/md2/md2_dgst.c
===================================================================
--- trunk/crypto/openssl/crypto/md2/md2_dgst.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/md2/md2_dgst.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -62,12 +62,7 @@
#include <openssl/md2.h>
#include <openssl/opensslv.h>
#include <openssl/crypto.h>
-#ifdef OPENSSL_FIPS
-# include <openssl/fips.h>
-#endif
-#include <openssl/err.h>
-
const char MD2_version[] = "MD2" OPENSSL_VERSION_PTEXT;
/*
@@ -81,7 +76,7 @@
* The magic S table - I have converted it to hex since it is basically just
* a random byte string.
*/
-static MD2_INT S[256] = {
+static const MD2_INT S[256] = {
0x29, 0x2E, 0x43, 0xC9, 0xA2, 0xD8, 0x7C, 0x01,
0x3D, 0x36, 0x54, 0xA1, 0xEC, 0xF0, 0x06, 0x13,
0x62, 0xA7, 0x05, 0xF3, 0xC0, 0xC7, 0x73, 0x8C,
@@ -124,7 +119,7 @@
return ("md2(int)");
}
-FIPS_NON_FIPS_MD_Init(MD2)
+fips_md_init(MD2)
{
c->num = 0;
memset(c->state, 0, sizeof c->state);
Modified: trunk/crypto/openssl/crypto/md32_common.h
===================================================================
--- trunk/crypto/openssl/crypto/md32_common.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/md32_common.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -142,8 +142,10 @@
*/
#undef ROTATE
#ifndef PEDANTIC
-# if defined(_MSC_VER) || defined(__ICC)
+# if defined(_MSC_VER)
# define ROTATE(a,n) _lrotl(a,n)
+# elif defined(__ICC)
+# define ROTATE(a,n) _rotl(a,n)
# elif defined(__MWERKS__)
# if defined(__POWERPC__)
# define ROTATE(a,n) __rlwinm(a,n,0,31)
@@ -165,7 +167,7 @@
asm ( \
"roll %1,%0" \
: "=r"(ret) \
- : "I"(n), "0"(a) \
+ : "I"(n), "0"((unsigned int)(a)) \
: "cc"); \
ret; \
})
@@ -231,7 +233,8 @@
# define HOST_l2c(l,c) (*((c)++)=(unsigned char)(((l)>>24)&0xff), \
*((c)++)=(unsigned char)(((l)>>16)&0xff), \
*((c)++)=(unsigned char)(((l)>> 8)&0xff), \
- *((c)++)=(unsigned char)(((l) )&0xff) )
+ *((c)++)=(unsigned char)(((l) )&0xff), \
+ l)
# endif
#elif defined(DATA_ORDER_IS_LITTLE_ENDIAN)
@@ -251,8 +254,8 @@
# if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)
# ifndef B_ENDIAN
/* See comment in DATA_ORDER_IS_BIG_ENDIAN section. */
-# define HOST_c2l(c,l) ((l)=*((const unsigned int *)(c)), (c)+=4)
-# define HOST_l2c(l,c) (*((unsigned int *)(c))=(l), (c)+=4)
+# define HOST_c2l(c,l) ((l)=*((const unsigned int *)(c)), (c)+=4, l)
+# define HOST_l2c(l,c) (*((unsigned int *)(c))=(l), (c)+=4, l)
# endif
# endif
@@ -266,7 +269,8 @@
# define HOST_l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
*((c)++)=(unsigned char)(((l)>> 8)&0xff), \
*((c)++)=(unsigned char)(((l)>>16)&0xff), \
- *((c)++)=(unsigned char)(((l)>>24)&0xff) )
+ *((c)++)=(unsigned char)(((l)>>24)&0xff), \
+ l)
# endif
#endif
@@ -292,7 +296,8 @@
*/
if (l < c->Nl) /* overflow */
c->Nh++;
- c->Nh += (len >> 29); /* might cause compiler warning on 16-bit */
+ c->Nh += (HASH_LONG) (len >> 29); /* might cause compiler warning on
+ * 16-bit */
c->Nl = l;
n = c->num;
@@ -324,7 +329,7 @@
if (len != 0) {
p = (unsigned char *)c->data;
- c->num = len;
+ c->num = (unsigned int)len;
memcpy(p, data, len);
}
return 1;
@@ -373,7 +378,8 @@
}
#ifndef MD32_REG_T
-# define MD32_REG_T long
+# if defined(__alpha) || defined(__sparcv9) || defined(__mips)
+# define MD32_REG_T long
/*
* This comment was originaly written for MD5, which is why it
* discusses A-D. But it basically applies to all 32-bit digests,
@@ -390,9 +396,15 @@
* Well, to be honest it should say that this *prevents*
* performance degradation.
* <appro at fy.chalmers.se>
- * Apparently there're LP64 compilers that generate better
- * code if A-D are declared int. Most notably GCC-x86_64
- * generates better code.
+ */
+# else
+/*
+ * Above is not absolute and there are LP64 compilers that
+ * generate better code if MD32_REG_T is defined int. The above
+ * pre-processor condition reflects the circumstances under which
+ * the conclusion was made and is subject to further extension.
* <appro at fy.chalmers.se>
*/
+# define MD32_REG_T int
+# endif
#endif
Modified: trunk/crypto/openssl/crypto/md4/Makefile
===================================================================
--- trunk/crypto/openssl/crypto/md4/Makefile 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/md4/Makefile 2015-07-21 23:23:45 UTC (rev 7118)
@@ -34,7 +34,7 @@
all: lib
lib: $(LIBOBJ)
- $(ARX) $(LIB) $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
@@ -62,6 +62,8 @@
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
+update: depend
+
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
@@ -69,6 +71,7 @@
dclean:
$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
mv -f Makefile.new $(MAKEFILE)
+ rm -f ../../include/openssl/$(EXHEADER) ../../test/$(TEST) ../../apps/$(APPS)
clean:
rm -f asm/mx86unix.cpp *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
@@ -75,9 +78,7 @@
# DO NOT DELETE THIS LINE -- make depend depends on it.
-md4_dgst.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
-md4_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-md4_dgst.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
+md4_dgst.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
md4_dgst.o: ../../include/openssl/md4.h ../../include/openssl/opensslconf.h
md4_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
md4_dgst.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
Modified: trunk/crypto/openssl/crypto/md4/md4.h
===================================================================
--- trunk/crypto/openssl/crypto/md4/md4.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/md4/md4.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -77,7 +77,7 @@
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
*/
-# if defined(OPENSSL_SYS_WIN16) || defined(__LP32__)
+# if defined(__LP32__)
# define MD4_LONG unsigned long
# elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__)
# define MD4_LONG unsigned long
Modified: trunk/crypto/openssl/crypto/md4/md4_dgst.c
===================================================================
--- trunk/crypto/openssl/crypto/md4/md4_dgst.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/md4/md4_dgst.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -57,12 +57,9 @@
*/
#include <stdio.h>
+#include <openssl/opensslv.h>
+#include <openssl/crypto.h>
#include "md4_locl.h"
-#include <openssl/opensslv.h>
-#include <openssl/err.h>
-#ifdef OPENSSL_FIPS
-# include <openssl/fips.h>
-#endif
const char MD4_version[] = "MD4" OPENSSL_VERSION_PTEXT;
@@ -75,15 +72,13 @@
#define INIT_DATA_C (unsigned long)0x98badcfeL
#define INIT_DATA_D (unsigned long)0x10325476L
-FIPS_NON_FIPS_MD_Init(MD4)
+fips_md_init(MD4)
{
+ memset(c, 0, sizeof(*c));
c->A = INIT_DATA_A;
c->B = INIT_DATA_B;
c->C = INIT_DATA_C;
c->D = INIT_DATA_D;
- c->Nl = 0;
- c->Nh = 0;
- c->num = 0;
return 1;
}
@@ -111,52 +106,52 @@
D = c->D;
for (; num--;) {
- HOST_c2l(data, l);
+ (void)HOST_c2l(data, l);
X(0) = l;
- HOST_c2l(data, l);
+ (void)HOST_c2l(data, l);
X(1) = l;
/* Round 0 */
R0(A, B, C, D, X(0), 3, 0);
- HOST_c2l(data, l);
+ (void)HOST_c2l(data, l);
X(2) = l;
R0(D, A, B, C, X(1), 7, 0);
- HOST_c2l(data, l);
+ (void)HOST_c2l(data, l);
X(3) = l;
R0(C, D, A, B, X(2), 11, 0);
- HOST_c2l(data, l);
+ (void)HOST_c2l(data, l);
X(4) = l;
R0(B, C, D, A, X(3), 19, 0);
- HOST_c2l(data, l);
+ (void)HOST_c2l(data, l);
X(5) = l;
R0(A, B, C, D, X(4), 3, 0);
- HOST_c2l(data, l);
+ (void)HOST_c2l(data, l);
X(6) = l;
R0(D, A, B, C, X(5), 7, 0);
- HOST_c2l(data, l);
+ (void)HOST_c2l(data, l);
X(7) = l;
R0(C, D, A, B, X(6), 11, 0);
- HOST_c2l(data, l);
+ (void)HOST_c2l(data, l);
X(8) = l;
R0(B, C, D, A, X(7), 19, 0);
- HOST_c2l(data, l);
+ (void)HOST_c2l(data, l);
X(9) = l;
R0(A, B, C, D, X(8), 3, 0);
- HOST_c2l(data, l);
+ (void)HOST_c2l(data, l);
X(10) = l;
R0(D, A, B, C, X(9), 7, 0);
- HOST_c2l(data, l);
+ (void)HOST_c2l(data, l);
X(11) = l;
R0(C, D, A, B, X(10), 11, 0);
- HOST_c2l(data, l);
+ (void)HOST_c2l(data, l);
X(12) = l;
R0(B, C, D, A, X(11), 19, 0);
- HOST_c2l(data, l);
+ (void)HOST_c2l(data, l);
X(13) = l;
R0(A, B, C, D, X(12), 3, 0);
- HOST_c2l(data, l);
+ (void)HOST_c2l(data, l);
X(14) = l;
R0(D, A, B, C, X(13), 7, 0);
- HOST_c2l(data, l);
+ (void)HOST_c2l(data, l);
X(15) = l;
R0(C, D, A, B, X(14), 11, 0);
R0(B, C, D, A, X(15), 19, 0);
Modified: trunk/crypto/openssl/crypto/md4/md4_locl.h
===================================================================
--- trunk/crypto/openssl/crypto/md4/md4_locl.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/md4/md4_locl.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -77,10 +77,10 @@
#define HASH_FINAL MD4_Final
#define HASH_MAKE_STRING(c,s) do { \
unsigned long ll; \
- ll=(c)->A; HOST_l2c(ll,(s)); \
- ll=(c)->B; HOST_l2c(ll,(s)); \
- ll=(c)->C; HOST_l2c(ll,(s)); \
- ll=(c)->D; HOST_l2c(ll,(s)); \
+ ll=(c)->A; (void)HOST_l2c(ll,(s)); \
+ ll=(c)->B; (void)HOST_l2c(ll,(s)); \
+ ll=(c)->C; (void)HOST_l2c(ll,(s)); \
+ ll=(c)->D; (void)HOST_l2c(ll,(s)); \
} while (0)
#define HASH_BLOCK_DATA_ORDER md4_block_data_order
Modified: trunk/crypto/openssl/crypto/md5/Makefile
===================================================================
--- trunk/crypto/openssl/crypto/md5/Makefile 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/md5/Makefile 2015-07-21 23:23:45 UTC (rev 7118)
@@ -38,22 +38,20 @@
all: lib
lib: $(LIBOBJ)
- $(ARX) $(LIB) $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
-# ELF
-mx86-elf.s: asm/md5-586.pl ../perlasm/x86asm.pl
- (cd asm; $(PERL) md5-586.pl elf $(CFLAGS) > ../$@)
-# COFF
-mx86-cof.s: asm/md5-586.pl ../perlasm/x86asm.pl
- (cd asm; $(PERL) md5-586.pl coff $(CFLAGS) > ../$@)
-# a.out
-mx86-out.s: asm/md5-586.pl ../perlasm/x86asm.pl
- (cd asm; $(PERL) md5-586.pl a.out $(CFLAGS) > ../$@)
+md5-586.s: asm/md5-586.pl ../perlasm/x86asm.pl
+ $(PERL) asm/md5-586.pl $(PERLASM_SCHEME) $(CFLAGS) > $@
-md5-x86_64.s: asm/md5-x86_64.pl; $(PERL) asm/md5-x86_64.pl $@
+md5-x86_64.s: asm/md5-x86_64.pl
+ $(PERL) asm/md5-x86_64.pl $(PERLASM_SCHEME) > $@
+md5-ia64.s: asm/md5-ia64.S
+ $(CC) $(CFLAGS) -E asm/md5-ia64.S | \
+ $(PERL) -ne 's/;\s+/;\n/g; print;' > $@
+
files:
$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
@@ -78,6 +76,8 @@
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
+update: depend
+
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
@@ -91,9 +91,7 @@
# DO NOT DELETE THIS LINE -- make depend depends on it.
-md5_dgst.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
-md5_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-md5_dgst.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
+md5_dgst.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
md5_dgst.o: ../../include/openssl/md5.h ../../include/openssl/opensslconf.h
md5_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
md5_dgst.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
Modified: trunk/crypto/openssl/crypto/md5/asm/md5-586.pl
===================================================================
--- trunk/crypto/openssl/crypto/md5/asm/md5-586.pl 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/md5/asm/md5-586.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -7,7 +7,8 @@
$normal=0;
-push(@INC,"perlasm","../../perlasm");
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
require "x86asm.pl";
&asm_init($ARGV[0],$0);
Copied: trunk/crypto/openssl/crypto/md5/asm/md5-ia64.S (from rev 7117, vendor-crypto/openssl/dist/crypto/md5/asm/md5-ia64.S)
===================================================================
--- trunk/crypto/openssl/crypto/md5/asm/md5-ia64.S (rev 0)
+++ trunk/crypto/openssl/crypto/md5/asm/md5-ia64.S 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,992 @@
+/* Copyright (c) 2005 Hewlett-Packard Development Company, L.P.
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. */
+
+// Common registers are assigned as follows:
+//
+// COMMON
+//
+// t0 Const Tbl Ptr TPtr
+// t1 Round Constant TRound
+// t4 Block residual LenResid
+// t5 Residual Data DTmp
+//
+// {in,out}0 Block 0 Cycle RotateM0
+// {in,out}1 Block Value 12 M12
+// {in,out}2 Block Value 8 M8
+// {in,out}3 Block Value 4 M4
+// {in,out}4 Block Value 0 M0
+// {in,out}5 Block 1 Cycle RotateM1
+// {in,out}6 Block Value 13 M13
+// {in,out}7 Block Value 9 M9
+// {in,out}8 Block Value 5 M5
+// {in,out}9 Block Value 1 M1
+// {in,out}10 Block 2 Cycle RotateM2
+// {in,out}11 Block Value 14 M14
+// {in,out}12 Block Value 10 M10
+// {in,out}13 Block Value 6 M6
+// {in,out}14 Block Value 2 M2
+// {in,out}15 Block 3 Cycle RotateM3
+// {in,out}16 Block Value 15 M15
+// {in,out}17 Block Value 11 M11
+// {in,out}18 Block Value 7 M7
+// {in,out}19 Block Value 3 M3
+// {in,out}20 Scratch Z
+// {in,out}21 Scratch Y
+// {in,out}22 Scratch X
+// {in,out}23 Scratch W
+// {in,out}24 Digest A A
+// {in,out}25 Digest B B
+// {in,out}26 Digest C C
+// {in,out}27 Digest D D
+// {in,out}28 Active Data Ptr DPtr
+// in28 Dummy Value -
+// out28 Dummy Value -
+// bt0 Coroutine Link QUICK_RTN
+//
+/// These predicates are used for computing the padding block(s) and
+/// are shared between the driver and digest co-routines
+//
+// pt0 Extra Pad Block pExtra
+// pt1 Load next word pLoad
+// pt2 Skip next word pSkip
+// pt3 Search for Pad pNoPad
+// pt4 Pad Word 0 pPad0
+// pt5 Pad Word 1 pPad1
+// pt6 Pad Word 2 pPad2
+// pt7 Pad Word 3 pPad3
+
+#define DTmp r19
+#define LenResid r18
+#define QUICK_RTN b6
+#define TPtr r14
+#define TRound r15
+#define pExtra p6
+#define pLoad p7
+#define pNoPad p9
+#define pPad0 p10
+#define pPad1 p11
+#define pPad2 p12
+#define pPad3 p13
+#define pSkip p8
+
+#define A_ out24
+#define B_ out25
+#define C_ out26
+#define D_ out27
+#define DPtr_ out28
+#define M0_ out4
+#define M1_ out9
+#define M10_ out12
+#define M11_ out17
+#define M12_ out1
+#define M13_ out6
+#define M14_ out11
+#define M15_ out16
+#define M2_ out14
+#define M3_ out19
+#define M4_ out3
+#define M5_ out8
+#define M6_ out13
+#define M7_ out18
+#define M8_ out2
+#define M9_ out7
+#define RotateM0_ out0
+#define RotateM1_ out5
+#define RotateM2_ out10
+#define RotateM3_ out15
+#define W_ out23
+#define X_ out22
+#define Y_ out21
+#define Z_ out20
+
+#define A in24
+#define B in25
+#define C in26
+#define D in27
+#define DPtr in28
+#define M0 in4
+#define M1 in9
+#define M10 in12
+#define M11 in17
+#define M12 in1
+#define M13 in6
+#define M14 in11
+#define M15 in16
+#define M2 in14
+#define M3 in19
+#define M4 in3
+#define M5 in8
+#define M6 in13
+#define M7 in18
+#define M8 in2
+#define M9 in7
+#define RotateM0 in0
+#define RotateM1 in5
+#define RotateM2 in10
+#define RotateM3 in15
+#define W in23
+#define X in22
+#define Y in21
+#define Z in20
+
+/* register stack configuration for md5_block_asm_data_order(): */
+#define MD5_NINP 3
+#define MD5_NLOC 0
+#define MD5_NOUT 29
+#define MD5_NROT 0
+
+/* register stack configuration for helpers: */
+#define _NINPUTS MD5_NOUT
+#define _NLOCALS 0
+#define _NOUTPUT 0
+#define _NROTATE 24 /* this must be <= _NINPUTS */
+
+#if defined(_HPUX_SOURCE) && !defined(_LP64)
+#define ADDP addp4
+#else
+#define ADDP add
+#endif
+
+#if defined(_HPUX_SOURCE) || defined(B_ENDIAN)
+#define HOST_IS_BIG_ENDIAN
+#endif
+
+// Macros for getting the left and right portions of little-endian words
+
+#define GETLW(dst, src, align) dep.z dst = src, 32 - 8 * align, 8 * align
+#define GETRW(dst, src, align) extr.u dst = src, 8 * align, 32 - 8 * align
+
+// MD5 driver
+//
+// Reads an input block, then calls the digest block
+// subroutine and adds the results to the accumulated
+// digest. It allocates 32 outs which the subroutine
+// uses as it's inputs and rotating
+// registers. Initializes the round constant pointer and
+// takes care of saving/restoring ar.lc
+//
+/// INPUT
+//
+// in0 Context Ptr CtxPtr0
+// in1 Input Data Ptr DPtrIn
+// in2 Integral Blocks BlockCount
+// rp Return Address -
+//
+/// CODE
+//
+// v2 Input Align InAlign
+// t0 Shared w/digest -
+// t1 Shared w/digest -
+// t2 Shared w/digest -
+// t3 Shared w/digest -
+// t4 Shared w/digest -
+// t5 Shared w/digest -
+// t6 PFS Save PFSSave
+// t7 ar.lc Save LCSave
+// t8 Saved PR PRSave
+// t9 2nd CtxPtr CtxPtr1
+// t10 Table Base CTable
+// t11 Table[0] CTable0
+// t13 Accumulator A AccumA
+// t14 Accumulator B AccumB
+// t15 Accumulator C AccumC
+// t16 Accumulator D AccumD
+// pt0 Shared w/digest -
+// pt1 Shared w/digest -
+// pt2 Shared w/digest -
+// pt3 Shared w/digest -
+// pt4 Shared w/digest -
+// pt5 Shared w/digest -
+// pt6 Shared w/digest -
+// pt7 Shared w/digest -
+// pt8 Not Aligned pOff
+// pt8 Blocks Left pAgain
+
+#define AccumA r27
+#define AccumB r28
+#define AccumC r29
+#define AccumD r30
+#define CTable r24
+#define CTable0 r25
+#define CtxPtr0 in0
+#define CtxPtr1 r23
+#define DPtrIn in1
+#define BlockCount in2
+#define InAlign r10
+#define LCSave r21
+#define PFSSave r20
+#define PRSave r22
+#define pAgain p63
+#define pOff p63
+
+ .text
+
+/* md5_block_asm_data_order(MD5_CTX *c, const void *data, size_t num)
+
+ where:
+ c: a pointer to a structure of this type:
+
+ typedef struct MD5state_st
+ {
+ MD5_LONG A,B,C,D;
+ MD5_LONG Nl,Nh;
+ MD5_LONG data[MD5_LBLOCK];
+ unsigned int num;
+ }
+ MD5_CTX;
+
+ data: a pointer to the input data (may be misaligned)
+ num: the number of 16-byte blocks to hash (i.e., the length
+ of DATA is 16*NUM.
+
+ */
+
+ .type md5_block_asm_data_order, @function
+ .global md5_block_asm_data_order
+ .align 32
+ .proc md5_block_asm_data_order
+md5_block_asm_data_order:
+.md5_block:
+ .prologue
+{ .mmi
+ .save ar.pfs, PFSSave
+ alloc PFSSave = ar.pfs, MD5_NINP, MD5_NLOC, MD5_NOUT, MD5_NROT
+ ADDP CtxPtr1 = 8, CtxPtr0
+ mov CTable = ip
+}
+{ .mmi
+ ADDP DPtrIn = 0, DPtrIn
+ ADDP CtxPtr0 = 0, CtxPtr0
+ .save ar.lc, LCSave
+ mov LCSave = ar.lc
+}
+;;
+{ .mmi
+ add CTable = .md5_tbl_data_order#-.md5_block#, CTable
+ and InAlign = 0x3, DPtrIn
+}
+
+{ .mmi
+ ld4 AccumA = [CtxPtr0], 4
+ ld4 AccumC = [CtxPtr1], 4
+ .save pr, PRSave
+ mov PRSave = pr
+ .body
+}
+;;
+{ .mmi
+ ld4 AccumB = [CtxPtr0]
+ ld4 AccumD = [CtxPtr1]
+ dep DPtr_ = 0, DPtrIn, 0, 2
+} ;;
+#ifdef HOST_IS_BIG_ENDIAN
+ rum psr.be;; // switch to little-endian
+#endif
+{ .mmb
+ ld4 CTable0 = [CTable], 4
+ cmp.ne pOff, p0 = 0, InAlign
+(pOff) br.cond.spnt.many .md5_unaligned
+} ;;
+
+// The FF load/compute loop rotates values three times, so that
+// loading into M12 here produces the M0 value, M13 -> M1, etc.
+
+.md5_block_loop0:
+{ .mmi
+ ld4 M12_ = [DPtr_], 4
+ mov TPtr = CTable
+ mov TRound = CTable0
+} ;;
+{ .mmi
+ ld4 M13_ = [DPtr_], 4
+ mov A_ = AccumA
+ mov B_ = AccumB
+} ;;
+{ .mmi
+ ld4 M14_ = [DPtr_], 4
+ mov C_ = AccumC
+ mov D_ = AccumD
+} ;;
+{ .mmb
+ ld4 M15_ = [DPtr_], 4
+ add BlockCount = -1, BlockCount
+ br.call.sptk.many QUICK_RTN = md5_digest_block0
+} ;;
+
+// Now, we add the new digest values and do some clean-up
+// before checking if there's another full block to process
+
+{ .mmi
+ add AccumA = AccumA, A_
+ add AccumB = AccumB, B_
+ cmp.ne pAgain, p0 = 0, BlockCount
+}
+{ .mib
+ add AccumC = AccumC, C_
+ add AccumD = AccumD, D_
+(pAgain) br.cond.dptk.many .md5_block_loop0
+} ;;
+
+.md5_exit:
+#ifdef HOST_IS_BIG_ENDIAN
+ sum psr.be;; // switch back to big-endian mode
+#endif
+{ .mmi
+ st4 [CtxPtr0] = AccumB, -4
+ st4 [CtxPtr1] = AccumD, -4
+ mov pr = PRSave, 0x1ffff ;;
+}
+{ .mmi
+ st4 [CtxPtr0] = AccumA
+ st4 [CtxPtr1] = AccumC
+ mov ar.lc = LCSave
+} ;;
+{ .mib
+ mov ar.pfs = PFSSave
+ br.ret.sptk.few rp
+} ;;
+
+#define MD5UNALIGNED(offset) \
+.md5_process##offset: \
+{ .mib ; \
+ nop 0x0 ; \
+ GETRW(DTmp, DTmp, offset) ; \
+} ;; \
+.md5_block_loop##offset: \
+{ .mmi ; \
+ ld4 Y_ = [DPtr_], 4 ; \
+ mov TPtr = CTable ; \
+ mov TRound = CTable0 ; \
+} ;; \
+{ .mmi ; \
+ ld4 M13_ = [DPtr_], 4 ; \
+ mov A_ = AccumA ; \
+ mov B_ = AccumB ; \
+} ;; \
+{ .mii ; \
+ ld4 M14_ = [DPtr_], 4 ; \
+ GETLW(W_, Y_, offset) ; \
+ mov C_ = AccumC ; \
+} \
+{ .mmi ; \
+ mov D_ = AccumD ;; \
+ or M12_ = W_, DTmp ; \
+ GETRW(DTmp, Y_, offset) ; \
+} \
+{ .mib ; \
+ ld4 M15_ = [DPtr_], 4 ; \
+ add BlockCount = -1, BlockCount ; \
+ br.call.sptk.many QUICK_RTN = md5_digest_block##offset; \
+} ;; \
+{ .mmi ; \
+ add AccumA = AccumA, A_ ; \
+ add AccumB = AccumB, B_ ; \
+ cmp.ne pAgain, p0 = 0, BlockCount ; \
+} \
+{ .mib ; \
+ add AccumC = AccumC, C_ ; \
+ add AccumD = AccumD, D_ ; \
+(pAgain) br.cond.dptk.many .md5_block_loop##offset ; \
+} ;; \
+{ .mib ; \
+ nop 0x0 ; \
+ nop 0x0 ; \
+ br.cond.sptk.many .md5_exit ; \
+} ;;
+
+ .align 32
+.md5_unaligned:
+//
+// Because variable shifts are expensive, we special case each of
+// the four alignements. In practice, this won't hurt too much
+// since only one working set of code will be loaded.
+//
+{ .mib
+ ld4 DTmp = [DPtr_], 4
+ cmp.eq pOff, p0 = 1, InAlign
+(pOff) br.cond.dpnt.many .md5_process1
+} ;;
+{ .mib
+ cmp.eq pOff, p0 = 2, InAlign
+ nop 0x0
+(pOff) br.cond.dpnt.many .md5_process2
+} ;;
+ MD5UNALIGNED(3)
+ MD5UNALIGNED(1)
+ MD5UNALIGNED(2)
+
+ .endp md5_block_asm_data_order
+
+
+// MD5 Perform the F function and load
+//
+// Passed the first 4 words (M0 - M3) and initial (A, B, C, D) values,
+// computes the FF() round of functions, then branches to the common
+// digest code to finish up with GG(), HH, and II().
+//
+// INPUT
+//
+// rp Return Address -
+//
+// CODE
+//
+// v0 PFS bit bucket PFS
+// v1 Loop Trip Count LTrip
+// pt0 Load next word pMore
+
+/* For F round: */
+#define LTrip r9
+#define PFS r8
+#define pMore p6
+
+/* For GHI rounds: */
+#define T r9
+#define U r10
+#define V r11
+
+#define COMPUTE(a, b, s, M, R) \
+{ \
+ .mii ; \
+ ld4 TRound = [TPtr], 4 ; \
+ dep.z Y = Z, 32, 32 ;; \
+ shrp Z = Z, Y, 64 - s ; \
+} ;; \
+{ \
+ .mmi ; \
+ add a = Z, b ; \
+ mov R = M ; \
+ nop 0x0 ; \
+} ;;
+
+#define LOOP(a, b, s, M, R, label) \
+{ .mii ; \
+ ld4 TRound = [TPtr], 4 ; \
+ dep.z Y = Z, 32, 32 ;; \
+ shrp Z = Z, Y, 64 - s ; \
+} ;; \
+{ .mib ; \
+ add a = Z, b ; \
+ mov R = M ; \
+ br.ctop.sptk.many label ; \
+} ;;
+
+// G(B, C, D) = (B & D) | (C & ~D)
+
+#define G(a, b, c, d, M) \
+{ .mmi ; \
+ add Z = M, TRound ; \
+ and Y = b, d ; \
+ andcm X = c, d ; \
+} ;; \
+{ .mii ; \
+ add Z = Z, a ; \
+ or Y = Y, X ;; \
+ add Z = Z, Y ; \
+} ;;
+
+// H(B, C, D) = B ^ C ^ D
+
+#define H(a, b, c, d, M) \
+{ .mmi ; \
+ add Z = M, TRound ; \
+ xor Y = b, c ; \
+ nop 0x0 ; \
+} ;; \
+{ .mii ; \
+ add Z = Z, a ; \
+ xor Y = Y, d ;; \
+ add Z = Z, Y ; \
+} ;;
+
+// I(B, C, D) = C ^ (B | ~D)
+//
+// However, since we have an andcm operator, we use the fact that
+//
+// Y ^ Z == ~Y ^ ~Z
+//
+// to rewrite the expression as
+//
+// I(B, C, D) = ~C ^ (~B & D)
+
+#define I(a, b, c, d, M) \
+{ .mmi ; \
+ add Z = M, TRound ; \
+ andcm Y = d, b ; \
+ andcm X = -1, c ; \
+} ;; \
+{ .mii ; \
+ add Z = Z, a ; \
+ xor Y = Y, X ;; \
+ add Z = Z, Y ; \
+} ;;
+
+#define GG4(label) \
+ G(A, B, C, D, M0) \
+ COMPUTE(A, B, 5, M0, RotateM0) \
+ G(D, A, B, C, M1) \
+ COMPUTE(D, A, 9, M1, RotateM1) \
+ G(C, D, A, B, M2) \
+ COMPUTE(C, D, 14, M2, RotateM2) \
+ G(B, C, D, A, M3) \
+ LOOP(B, C, 20, M3, RotateM3, label)
+
+#define HH4(label) \
+ H(A, B, C, D, M0) \
+ COMPUTE(A, B, 4, M0, RotateM0) \
+ H(D, A, B, C, M1) \
+ COMPUTE(D, A, 11, M1, RotateM1) \
+ H(C, D, A, B, M2) \
+ COMPUTE(C, D, 16, M2, RotateM2) \
+ H(B, C, D, A, M3) \
+ LOOP(B, C, 23, M3, RotateM3, label)
+
+#define II4(label) \
+ I(A, B, C, D, M0) \
+ COMPUTE(A, B, 6, M0, RotateM0) \
+ I(D, A, B, C, M1) \
+ COMPUTE(D, A, 10, M1, RotateM1) \
+ I(C, D, A, B, M2) \
+ COMPUTE(C, D, 15, M2, RotateM2) \
+ I(B, C, D, A, M3) \
+ LOOP(B, C, 21, M3, RotateM3, label)
+
+#define FFLOAD(a, b, c, d, M, N, s) \
+{ .mii ; \
+(pMore) ld4 N = [DPtr], 4 ; \
+ add Z = M, TRound ; \
+ and Y = c, b ; \
+} \
+{ .mmi ; \
+ andcm X = d, b ;; \
+ add Z = Z, a ; \
+ or Y = Y, X ; \
+} ;; \
+{ .mii ; \
+ ld4 TRound = [TPtr], 4 ; \
+ add Z = Z, Y ;; \
+ dep.z Y = Z, 32, 32 ; \
+} ;; \
+{ .mii ; \
+ nop 0x0 ; \
+ shrp Z = Z, Y, 64 - s ;; \
+ add a = Z, b ; \
+} ;;
+
+#define FFLOOP(a, b, c, d, M, N, s, dest) \
+{ .mii ; \
+(pMore) ld4 N = [DPtr], 4 ; \
+ add Z = M, TRound ; \
+ and Y = c, b ; \
+} \
+{ .mmi ; \
+ andcm X = d, b ;; \
+ add Z = Z, a ; \
+ or Y = Y, X ; \
+} ;; \
+{ .mii ; \
+ ld4 TRound = [TPtr], 4 ; \
+ add Z = Z, Y ;; \
+ dep.z Y = Z, 32, 32 ; \
+} ;; \
+{ .mii ; \
+ nop 0x0 ; \
+ shrp Z = Z, Y, 64 - s ;; \
+ add a = Z, b ; \
+} \
+{ .mib ; \
+ cmp.ne pMore, p0 = 0, LTrip ; \
+ add LTrip = -1, LTrip ; \
+ br.ctop.dptk.many dest ; \
+} ;;
+
+ .type md5_digest_block0, @function
+ .align 32
+
+ .proc md5_digest_block0
+ .prologue
+md5_digest_block0:
+ .altrp QUICK_RTN
+ .body
+{ .mmi
+ alloc PFS = ar.pfs, _NINPUTS, _NLOCALS, _NOUTPUT, _NROTATE
+ mov LTrip = 2
+ mov ar.lc = 3
+} ;;
+{ .mii
+ cmp.eq pMore, p0 = r0, r0
+ mov ar.ec = 0
+ nop 0x0
+} ;;
+
+.md5_FF_round0:
+ FFLOAD(A, B, C, D, M12, RotateM0, 7)
+ FFLOAD(D, A, B, C, M13, RotateM1, 12)
+ FFLOAD(C, D, A, B, M14, RotateM2, 17)
+ FFLOOP(B, C, D, A, M15, RotateM3, 22, .md5_FF_round0)
+ //
+ // !!! Fall through to md5_digest_GHI
+ //
+ .endp md5_digest_block0
+
+ .type md5_digest_GHI, @function
+ .align 32
+
+ .proc md5_digest_GHI
+ .prologue
+ .regstk _NINPUTS, _NLOCALS, _NOUTPUT, _NROTATE
+md5_digest_GHI:
+ .altrp QUICK_RTN
+ .body
+//
+// The following sequence shuffles the block counstants round for the
+// next round:
+//
+// 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
+// 1 6 11 0 5 10 14 4 9 14 3 8 13 2 7 12
+//
+{ .mmi
+ mov Z = M0
+ mov Y = M15
+ mov ar.lc = 3
+}
+{ .mmi
+ mov X = M2
+ mov W = M9
+ mov V = M4
+} ;;
+
+{ .mmi
+ mov M0 = M1
+ mov M15 = M12
+ mov ar.ec = 1
+}
+{ .mmi
+ mov M2 = M11
+ mov M9 = M14
+ mov M4 = M5
+} ;;
+
+{ .mmi
+ mov M1 = M6
+ mov M12 = M13
+ mov U = M3
+}
+{ .mmi
+ mov M11 = M8
+ mov M14 = M7
+ mov M5 = M10
+} ;;
+
+{ .mmi
+ mov M6 = Y
+ mov M13 = X
+ mov M3 = Z
+}
+{ .mmi
+ mov M8 = W
+ mov M7 = V
+ mov M10 = U
+} ;;
+
+.md5_GG_round:
+ GG4(.md5_GG_round)
+
+// The following sequence shuffles the block constants round for the
+// next round:
+//
+// 1 6 11 0 5 10 14 4 9 14 3 8 13 2 7 12
+// 5 8 11 14 1 4 7 10 13 0 3 6 9 12 15 2
+
+{ .mmi
+ mov Z = M0
+ mov Y = M1
+ mov ar.lc = 3
+}
+{ .mmi
+ mov X = M3
+ mov W = M5
+ mov V = M6
+} ;;
+
+{ .mmi
+ mov M0 = M4
+ mov M1 = M11
+ mov ar.ec = 1
+}
+{ .mmi
+ mov M3 = M9
+ mov U = M8
+ mov T = M13
+} ;;
+
+{ .mmi
+ mov M4 = Z
+ mov M11 = Y
+ mov M5 = M7
+}
+{ .mmi
+ mov M6 = M14
+ mov M8 = M12
+ mov M13 = M15
+} ;;
+
+{ .mmi
+ mov M7 = W
+ mov M14 = V
+ nop 0x0
+}
+{ .mmi
+ mov M9 = X
+ mov M12 = U
+ mov M15 = T
+} ;;
+
+.md5_HH_round:
+ HH4(.md5_HH_round)
+
+// The following sequence shuffles the block constants round for the
+// next round:
+//
+// 5 8 11 14 1 4 7 10 13 0 3 6 9 12 15 2
+// 0 7 14 5 12 3 10 1 8 15 6 13 4 11 2 9
+
+{ .mmi
+ mov Z = M0
+ mov Y = M15
+ mov ar.lc = 3
+}
+{ .mmi
+ mov X = M10
+ mov W = M1
+ mov V = M4
+} ;;
+
+{ .mmi
+ mov M0 = M9
+ mov M15 = M12
+ mov ar.ec = 1
+}
+{ .mmi
+ mov M10 = M11
+ mov M1 = M6
+ mov M4 = M13
+} ;;
+
+{ .mmi
+ mov M9 = M14
+ mov M12 = M5
+ mov U = M3
+}
+{ .mmi
+ mov M11 = M8
+ mov M6 = M7
+ mov M13 = M2
+} ;;
+
+{ .mmi
+ mov M14 = Y
+ mov M5 = X
+ mov M3 = Z
+}
+{ .mmi
+ mov M8 = W
+ mov M7 = V
+ mov M2 = U
+} ;;
+
+.md5_II_round:
+ II4(.md5_II_round)
+
+{ .mib
+ nop 0x0
+ nop 0x0
+ br.ret.sptk.many QUICK_RTN
+} ;;
+
+ .endp md5_digest_GHI
+
+#define FFLOADU(a, b, c, d, M, P, N, s, offset) \
+{ .mii ; \
+(pMore) ld4 N = [DPtr], 4 ; \
+ add Z = M, TRound ; \
+ and Y = c, b ; \
+} \
+{ .mmi ; \
+ andcm X = d, b ;; \
+ add Z = Z, a ; \
+ or Y = Y, X ; \
+} ;; \
+{ .mii ; \
+ ld4 TRound = [TPtr], 4 ; \
+ GETLW(W, P, offset) ; \
+ add Z = Z, Y ; \
+} ;; \
+{ .mii ; \
+ or W = W, DTmp ; \
+ dep.z Y = Z, 32, 32 ;; \
+ shrp Z = Z, Y, 64 - s ; \
+} ;; \
+{ .mii ; \
+ add a = Z, b ; \
+ GETRW(DTmp, P, offset) ; \
+ mov P = W ; \
+} ;;
+
+#define FFLOOPU(a, b, c, d, M, P, N, s, offset) \
+{ .mii ; \
+(pMore) ld4 N = [DPtr], 4 ; \
+ add Z = M, TRound ; \
+ and Y = c, b ; \
+} \
+{ .mmi ; \
+ andcm X = d, b ;; \
+ add Z = Z, a ; \
+ or Y = Y, X ; \
+} ;; \
+{ .mii ; \
+ ld4 TRound = [TPtr], 4 ; \
+(pMore) GETLW(W, P, offset) ; \
+ add Z = Z, Y ; \
+} ;; \
+{ .mii ; \
+(pMore) or W = W, DTmp ; \
+ dep.z Y = Z, 32, 32 ;; \
+ shrp Z = Z, Y, 64 - s ; \
+} ;; \
+{ .mii ; \
+ add a = Z, b ; \
+(pMore) GETRW(DTmp, P, offset) ; \
+(pMore) mov P = W ; \
+} \
+{ .mib ; \
+ cmp.ne pMore, p0 = 0, LTrip ; \
+ add LTrip = -1, LTrip ; \
+ br.ctop.sptk.many .md5_FF_round##offset ; \
+} ;;
+
+#define MD5FBLOCK(offset) \
+ .type md5_digest_block##offset, @function ; \
+ \
+ .align 32 ; \
+ .proc md5_digest_block##offset ; \
+ .prologue ; \
+ .altrp QUICK_RTN ; \
+ .body ; \
+md5_digest_block##offset: \
+{ .mmi ; \
+ alloc PFS = ar.pfs, _NINPUTS, _NLOCALS, _NOUTPUT, _NROTATE ; \
+ mov LTrip = 2 ; \
+ mov ar.lc = 3 ; \
+} ;; \
+{ .mii ; \
+ cmp.eq pMore, p0 = r0, r0 ; \
+ mov ar.ec = 0 ; \
+ nop 0x0 ; \
+} ;; \
+ \
+ .pred.rel "mutex", pLoad, pSkip ; \
+.md5_FF_round##offset: \
+ FFLOADU(A, B, C, D, M12, M13, RotateM0, 7, offset) \
+ FFLOADU(D, A, B, C, M13, M14, RotateM1, 12, offset) \
+ FFLOADU(C, D, A, B, M14, M15, RotateM2, 17, offset) \
+ FFLOOPU(B, C, D, A, M15, RotateM0, RotateM3, 22, offset) \
+ \
+{ .mib ; \
+ nop 0x0 ; \
+ nop 0x0 ; \
+ br.cond.sptk.many md5_digest_GHI ; \
+} ;; \
+ .endp md5_digest_block##offset
+
+MD5FBLOCK(1)
+MD5FBLOCK(2)
+MD5FBLOCK(3)
+
+ .align 64
+ .type md5_constants, @object
+md5_constants:
+.md5_tbl_data_order: // To ensure little-endian data
+ // order, code as bytes.
+ data1 0x78, 0xa4, 0x6a, 0xd7 // 0
+ data1 0x56, 0xb7, 0xc7, 0xe8 // 1
+ data1 0xdb, 0x70, 0x20, 0x24 // 2
+ data1 0xee, 0xce, 0xbd, 0xc1 // 3
+ data1 0xaf, 0x0f, 0x7c, 0xf5 // 4
+ data1 0x2a, 0xc6, 0x87, 0x47 // 5
+ data1 0x13, 0x46, 0x30, 0xa8 // 6
+ data1 0x01, 0x95, 0x46, 0xfd // 7
+ data1 0xd8, 0x98, 0x80, 0x69 // 8
+ data1 0xaf, 0xf7, 0x44, 0x8b // 9
+ data1 0xb1, 0x5b, 0xff, 0xff // 10
+ data1 0xbe, 0xd7, 0x5c, 0x89 // 11
+ data1 0x22, 0x11, 0x90, 0x6b // 12
+ data1 0x93, 0x71, 0x98, 0xfd // 13
+ data1 0x8e, 0x43, 0x79, 0xa6 // 14
+ data1 0x21, 0x08, 0xb4, 0x49 // 15
+ data1 0x62, 0x25, 0x1e, 0xf6 // 16
+ data1 0x40, 0xb3, 0x40, 0xc0 // 17
+ data1 0x51, 0x5a, 0x5e, 0x26 // 18
+ data1 0xaa, 0xc7, 0xb6, 0xe9 // 19
+ data1 0x5d, 0x10, 0x2f, 0xd6 // 20
+ data1 0x53, 0x14, 0x44, 0x02 // 21
+ data1 0x81, 0xe6, 0xa1, 0xd8 // 22
+ data1 0xc8, 0xfb, 0xd3, 0xe7 // 23
+ data1 0xe6, 0xcd, 0xe1, 0x21 // 24
+ data1 0xd6, 0x07, 0x37, 0xc3 // 25
+ data1 0x87, 0x0d, 0xd5, 0xf4 // 26
+ data1 0xed, 0x14, 0x5a, 0x45 // 27
+ data1 0x05, 0xe9, 0xe3, 0xa9 // 28
+ data1 0xf8, 0xa3, 0xef, 0xfc // 29
+ data1 0xd9, 0x02, 0x6f, 0x67 // 30
+ data1 0x8a, 0x4c, 0x2a, 0x8d // 31
+ data1 0x42, 0x39, 0xfa, 0xff // 32
+ data1 0x81, 0xf6, 0x71, 0x87 // 33
+ data1 0x22, 0x61, 0x9d, 0x6d // 34
+ data1 0x0c, 0x38, 0xe5, 0xfd // 35
+ data1 0x44, 0xea, 0xbe, 0xa4 // 36
+ data1 0xa9, 0xcf, 0xde, 0x4b // 37
+ data1 0x60, 0x4b, 0xbb, 0xf6 // 38
+ data1 0x70, 0xbc, 0xbf, 0xbe // 39
+ data1 0xc6, 0x7e, 0x9b, 0x28 // 40
+ data1 0xfa, 0x27, 0xa1, 0xea // 41
+ data1 0x85, 0x30, 0xef, 0xd4 // 42
+ data1 0x05, 0x1d, 0x88, 0x04 // 43
+ data1 0x39, 0xd0, 0xd4, 0xd9 // 44
+ data1 0xe5, 0x99, 0xdb, 0xe6 // 45
+ data1 0xf8, 0x7c, 0xa2, 0x1f // 46
+ data1 0x65, 0x56, 0xac, 0xc4 // 47
+ data1 0x44, 0x22, 0x29, 0xf4 // 48
+ data1 0x97, 0xff, 0x2a, 0x43 // 49
+ data1 0xa7, 0x23, 0x94, 0xab // 50
+ data1 0x39, 0xa0, 0x93, 0xfc // 51
+ data1 0xc3, 0x59, 0x5b, 0x65 // 52
+ data1 0x92, 0xcc, 0x0c, 0x8f // 53
+ data1 0x7d, 0xf4, 0xef, 0xff // 54
+ data1 0xd1, 0x5d, 0x84, 0x85 // 55
+ data1 0x4f, 0x7e, 0xa8, 0x6f // 56
+ data1 0xe0, 0xe6, 0x2c, 0xfe // 57
+ data1 0x14, 0x43, 0x01, 0xa3 // 58
+ data1 0xa1, 0x11, 0x08, 0x4e // 59
+ data1 0x82, 0x7e, 0x53, 0xf7 // 60
+ data1 0x35, 0xf2, 0x3a, 0xbd // 61
+ data1 0xbb, 0xd2, 0xd7, 0x2a // 62
+ data1 0x91, 0xd3, 0x86, 0xeb // 63
+.size md5_constants#,64*4
Modified: trunk/crypto/openssl/crypto/md5/asm/md5-x86_64.pl
===================================================================
--- trunk/crypto/openssl/crypto/md5/asm/md5-x86_64.pl 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/md5/asm/md5-x86_64.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -15,11 +15,10 @@
# dst = x + ((dst + F(x,y,z) + X[k] + T_i) <<< s)
# %r10d = X[k_next]
# %r11d = z' (copy of z for the next step)
-# Each round1_step() takes about 5.71 clocks (9 instructions, 1.58 IPC)
+# Each round1_step() takes about 5.3 clocks (9 instructions, 1.7 IPC)
sub round1_step
{
my ($pos, $dst, $x, $y, $z, $k_next, $T_i, $s) = @_;
- $T_i = unpack("l",pack("l", hex($T_i))); # convert to 32-bit signed decimal
$code .= " mov 0*4(%rsi), %r10d /* (NEXT STEP) X[0] */\n" if ($pos == -1);
$code .= " mov %edx, %r11d /* (NEXT STEP) z' = %edx */\n" if ($pos == -1);
$code .= <<EOF;
@@ -38,23 +37,26 @@
# round2_step() does:
# dst = x + ((dst + G(x,y,z) + X[k] + T_i) <<< s)
# %r10d = X[k_next]
-# %r11d = y' (copy of y for the next step)
-# Each round2_step() takes about 6.22 clocks (9 instructions, 1.45 IPC)
+# %r11d = z' (copy of z for the next step)
+# %r12d = z' (copy of z for the next step)
+# Each round2_step() takes about 5.4 clocks (11 instructions, 2.0 IPC)
sub round2_step
{
my ($pos, $dst, $x, $y, $z, $k_next, $T_i, $s) = @_;
- $T_i = unpack("l",pack("l", hex($T_i))); # convert to 32-bit signed decimal
$code .= " mov 1*4(%rsi), %r10d /* (NEXT STEP) X[1] */\n" if ($pos == -1);
- $code .= " mov %ecx, %r11d /* (NEXT STEP) y' = %ecx */\n" if ($pos == -1);
+ $code .= " mov %edx, %r11d /* (NEXT STEP) z' = %edx */\n" if ($pos == -1);
+ $code .= " mov %edx, %r12d /* (NEXT STEP) z' = %edx */\n" if ($pos == -1);
$code .= <<EOF;
- xor $x, %r11d /* x ^ ... */
+ not %r11d /* not z */
lea $T_i($dst,%r10d),$dst /* Const + dst + ... */
- and $z, %r11d /* z & ... */
- xor $y, %r11d /* y ^ ... */
+ and $x, %r12d /* x & z */
+ and $y, %r11d /* y & (not z) */
mov $k_next*4(%rsi),%r10d /* (NEXT STEP) X[$k_next] */
- add %r11d, $dst /* dst += ... */
+ or %r11d, %r12d /* (y & (not z)) | (x & z) */
+ mov $y, %r11d /* (NEXT STEP) z' = $y */
+ add %r12d, $dst /* dst += ... */
+ mov $y, %r12d /* (NEXT STEP) z' = $y */
rol \$$s, $dst /* dst <<< s */
- mov $x, %r11d /* (NEXT STEP) y' = $x */
add $x, $dst /* dst += x */
EOF
}
@@ -63,11 +65,10 @@
# dst = x + ((dst + H(x,y,z) + X[k] + T_i) <<< s)
# %r10d = X[k_next]
# %r11d = y' (copy of y for the next step)
-# Each round3_step() takes about 4.26 clocks (8 instructions, 1.88 IPC)
+# Each round3_step() takes about 4.2 clocks (8 instructions, 1.9 IPC)
sub round3_step
{
my ($pos, $dst, $x, $y, $z, $k_next, $T_i, $s) = @_;
- $T_i = unpack("l",pack("l", hex($T_i))); # convert to 32-bit signed decimal
$code .= " mov 5*4(%rsi), %r10d /* (NEXT STEP) X[5] */\n" if ($pos == -1);
$code .= " mov %ecx, %r11d /* (NEXT STEP) y' = %ecx */\n" if ($pos == -1);
$code .= <<EOF;
@@ -86,11 +87,10 @@
# dst = x + ((dst + I(x,y,z) + X[k] + T_i) <<< s)
# %r10d = X[k_next]
# %r11d = not z' (copy of not z for the next step)
-# Each round4_step() takes about 5.27 clocks (9 instructions, 1.71 IPC)
+# Each round4_step() takes about 5.2 clocks (9 instructions, 1.7 IPC)
sub round4_step
{
my ($pos, $dst, $x, $y, $z, $k_next, $T_i, $s) = @_;
- $T_i = unpack("l",pack("l", hex($T_i))); # convert to 32-bit signed decimal
$code .= " mov 0*4(%rsi), %r10d /* (NEXT STEP) X[0] */\n" if ($pos == -1);
$code .= " mov \$0xffffffff, %r11d\n" if ($pos == -1);
$code .= " xor %edx, %r11d /* (NEXT STEP) not z' = not %edx*/\n"
@@ -108,9 +108,21 @@
EOF
}
-my $output = shift;
-open STDOUT,"| $^X ../perlasm/x86_64-xlate.pl $output";
+no warnings qw(uninitialized);
+my $flavour = shift;
+my $output = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+my $win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; my $dir=$1; my $xlate;
+( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
+die "can't locate x86_64-xlate.pl";
+
+open OUT,"| \"$^X\" $xlate $flavour $output";
+*STDOUT=*OUT;
+
$code .= <<EOF;
.text
.align 16
@@ -120,8 +132,10 @@
md5_block_asm_data_order:
push %rbp
push %rbx
+ push %r12
push %r14
push %r15
+.Lprologue:
# rdi = arg #1 (ctx, MD5_CTX pointer)
# rsi = arg #2 (ptr, data pointer)
@@ -236,14 +250,121 @@
mov %ecx, 2*4(%rbp) # ctx->C = C
mov %edx, 3*4(%rbp) # ctx->D = D
+ mov (%rsp),%r15
+ mov 8(%rsp),%r14
+ mov 16(%rsp),%r12
+ mov 24(%rsp),%rbx
+ mov 32(%rsp),%rbp
+ add \$40,%rsp
+.Lepilogue:
+ ret
+.size md5_block_asm_data_order,.-md5_block_asm_data_order
+EOF
+
+# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
+# CONTEXT *context,DISPATCHER_CONTEXT *disp)
+if ($win64) {
+my $rec="%rcx";
+my $frame="%rdx";
+my $context="%r8";
+my $disp="%r9";
+
+$code.=<<___;
+.extern __imp_RtlVirtualUnwind
+.type se_handler,\@abi-omnipotent
+.align 16
+se_handler:
+ push %rsi
+ push %rdi
+ push %rbx
+ push %rbp
+ push %r12
+ push %r13
+ push %r14
+ push %r15
+ pushfq
+ sub \$64,%rsp
+
+ mov 120($context),%rax # pull context->Rax
+ mov 248($context),%rbx # pull context->Rip
+
+ lea .Lprologue(%rip),%r10
+ cmp %r10,%rbx # context->Rip<.Lprologue
+ jb .Lin_prologue
+
+ mov 152($context),%rax # pull context->Rsp
+
+ lea .Lepilogue(%rip),%r10
+ cmp %r10,%rbx # context->Rip>=.Lepilogue
+ jae .Lin_prologue
+
+ lea 40(%rax),%rax
+
+ mov -8(%rax),%rbp
+ mov -16(%rax),%rbx
+ mov -24(%rax),%r12
+ mov -32(%rax),%r14
+ mov -40(%rax),%r15
+ mov %rbx,144($context) # restore context->Rbx
+ mov %rbp,160($context) # restore context->Rbp
+ mov %r12,216($context) # restore context->R12
+ mov %r14,232($context) # restore context->R14
+ mov %r15,240($context) # restore context->R15
+
+.Lin_prologue:
+ mov 8(%rax),%rdi
+ mov 16(%rax),%rsi
+ mov %rax,152($context) # restore context->Rsp
+ mov %rsi,168($context) # restore context->Rsi
+ mov %rdi,176($context) # restore context->Rdi
+
+ mov 40($disp),%rdi # disp->ContextRecord
+ mov $context,%rsi # context
+ mov \$154,%ecx # sizeof(CONTEXT)
+ .long 0xa548f3fc # cld; rep movsq
+
+ mov $disp,%rsi
+ xor %rcx,%rcx # arg1, UNW_FLAG_NHANDLER
+ mov 8(%rsi),%rdx # arg2, disp->ImageBase
+ mov 0(%rsi),%r8 # arg3, disp->ControlPc
+ mov 16(%rsi),%r9 # arg4, disp->FunctionEntry
+ mov 40(%rsi),%r10 # disp->ContextRecord
+ lea 56(%rsi),%r11 # &disp->HandlerData
+ lea 24(%rsi),%r12 # &disp->EstablisherFrame
+ mov %r10,32(%rsp) # arg5
+ mov %r11,40(%rsp) # arg6
+ mov %r12,48(%rsp) # arg7
+ mov %rcx,56(%rsp) # arg8, (NULL)
+ call *__imp_RtlVirtualUnwind(%rip)
+
+ mov \$1,%eax # ExceptionContinueSearch
+ add \$64,%rsp
+ popfq
pop %r15
pop %r14
+ pop %r13
+ pop %r12
+ pop %rbp
pop %rbx
- pop %rbp
+ pop %rdi
+ pop %rsi
ret
-.size md5_block_asm_data_order,.-md5_block_asm_data_order
-EOF
+.size se_handler,.-se_handler
+.section .pdata
+.align 4
+ .rva .LSEH_begin_md5_block_asm_data_order
+ .rva .LSEH_end_md5_block_asm_data_order
+ .rva .LSEH_info_md5_block_asm_data_order
+
+.section .xdata
+.align 8
+.LSEH_info_md5_block_asm_data_order:
+ .byte 9,0,0,0
+ .rva se_handler
+___
+}
+
print $code;
close STDOUT;
Modified: trunk/crypto/openssl/crypto/md5/md5.h
===================================================================
--- trunk/crypto/openssl/crypto/md5/md5.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/md5/md5.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -77,7 +77,7 @@
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
*/
-# if defined(OPENSSL_SYS_WIN16) || defined(__LP32__)
+# if defined(__LP32__)
# define MD5_LONG unsigned long
# elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__)
# define MD5_LONG unsigned long
Modified: trunk/crypto/openssl/crypto/md5/md5_dgst.c
===================================================================
--- trunk/crypto/openssl/crypto/md5/md5_dgst.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/md5/md5_dgst.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -59,10 +59,7 @@
#include <stdio.h>
#include "md5_locl.h"
#include <openssl/opensslv.h>
-#include <openssl/err.h>
-#ifdef OPENSSL_FIPS
-# include <openssl/fips.h>
-#endif
+#include <openssl/crypto.h>
const char MD5_version[] = "MD5" OPENSSL_VERSION_PTEXT;
@@ -75,15 +72,13 @@
#define INIT_DATA_C (unsigned long)0x98badcfeL
#define INIT_DATA_D (unsigned long)0x10325476L
-FIPS_NON_FIPS_MD_Init(MD5)
+fips_md_init(MD5)
{
+ memset(c, 0, sizeof(*c));
c->A = INIT_DATA_A;
c->B = INIT_DATA_B;
c->C = INIT_DATA_C;
c->D = INIT_DATA_D;
- c->Nl = 0;
- c->Nh = 0;
- c->num = 0;
return 1;
}
Modified: trunk/crypto/openssl/crypto/md5/md5_locl.h
===================================================================
--- trunk/crypto/openssl/crypto/md5/md5_locl.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/md5/md5_locl.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -69,6 +69,8 @@
# if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__) || \
defined(__x86_64) || defined(__x86_64__) || defined(_M_AMD64) || defined(_M_X64)
# define md5_block_data_order md5_block_asm_data_order
+# elif defined(__ia64) || defined(__ia64__) || defined(_M_IA64)
+# define md5_block_data_order md5_block_asm_data_order
# endif
#endif
@@ -84,10 +86,10 @@
#define HASH_FINAL MD5_Final
#define HASH_MAKE_STRING(c,s) do { \
unsigned long ll; \
- ll=(c)->A; HOST_l2c(ll,(s)); \
- ll=(c)->B; HOST_l2c(ll,(s)); \
- ll=(c)->C; HOST_l2c(ll,(s)); \
- ll=(c)->D; HOST_l2c(ll,(s)); \
+ ll=(c)->A; (void)HOST_l2c(ll,(s)); \
+ ll=(c)->B; (void)HOST_l2c(ll,(s)); \
+ ll=(c)->C; (void)HOST_l2c(ll,(s)); \
+ ll=(c)->D; (void)HOST_l2c(ll,(s)); \
} while (0)
#define HASH_BLOCK_DATA_ORDER md5_block_data_order
Modified: trunk/crypto/openssl/crypto/mdc2/Makefile
===================================================================
--- trunk/crypto/openssl/crypto/mdc2/Makefile 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/mdc2/Makefile 2015-07-21 23:23:45 UTC (rev 7118)
@@ -33,7 +33,7 @@
all: lib
lib: $(LIBOBJ)
- $(ARX) $(LIB) $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
@@ -61,6 +61,8 @@
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
+update: depend
+
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
@@ -84,10 +86,10 @@
mdc2_one.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
mdc2_one.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
mdc2_one.o: ../../include/openssl/ui_compat.h ../cryptlib.h mdc2_one.c
-mdc2dgst.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-mdc2dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/mdc2.h
-mdc2dgst.o: ../../include/openssl/opensslconf.h
-mdc2dgst.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-mdc2dgst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-mdc2dgst.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-mdc2dgst.o: mdc2dgst.c
+mdc2dgst.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+mdc2dgst.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+mdc2dgst.o: ../../include/openssl/mdc2.h ../../include/openssl/opensslconf.h
+mdc2dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+mdc2dgst.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+mdc2dgst.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+mdc2dgst.o: ../../include/openssl/ui_compat.h mdc2dgst.c
Modified: trunk/crypto/openssl/crypto/mdc2/mdc2dgst.c
===================================================================
--- trunk/crypto/openssl/crypto/mdc2/mdc2dgst.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/mdc2/mdc2dgst.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -59,12 +59,9 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
+#include <openssl/crypto.h>
#include <openssl/des.h>
#include <openssl/mdc2.h>
-#include <openssl/err.h>
-#ifdef OPENSSL_FIPS
-# include <openssl/fips.h>
-#endif
#undef c2l
#define c2l(c,l) (l =((DES_LONG)(*((c)++))) , \
@@ -79,7 +76,7 @@
*((c)++)=(unsigned char)(((l)>>24L)&0xff))
static void mdc2_body(MDC2_CTX *c, const unsigned char *in, size_t len);
-FIPS_NON_FIPS_MD_Init(MDC2)
+fips_md_init(MDC2)
{
c->num = 0;
c->pad_type = 1;
Modified: trunk/crypto/openssl/crypto/mem.c
===================================================================
--- trunk/crypto/openssl/crypto/mem.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/mem.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -107,7 +107,7 @@
/* may be changed as long as 'allow_customize_debug' is set */
/* XXX use correct function pointer types */
-#if defined(CRYPTO_MDEBUG) && !defined(OPENSSL_FIPS)
+#ifdef CRYPTO_MDEBUG
/* use default functions from mem_dbg.c */
static void (*malloc_debug_func) (void *, int, const char *, int, int)
= CRYPTO_dbg_malloc;
@@ -117,14 +117,6 @@
static void (*free_debug_func) (void *, int) = CRYPTO_dbg_free;
static void (*set_debug_options_func) (long) = CRYPTO_dbg_set_options;
static long (*get_debug_options_func) (void) = CRYPTO_dbg_get_options;
-
-static int (*push_info_func) (const char *info, const char *file, int line)
- = CRYPTO_dbg_push_info;
-static int (*pop_info_func) (void)
- = CRYPTO_dbg_pop_info;
-static int (*remove_all_info_func) (void)
- = CRYPTO_dbg_remove_all_info;
-
#else
/*
* applications can use CRYPTO_malloc_debug_init() to select above case at
@@ -137,17 +129,13 @@
static void (*free_debug_func) (void *, int) = NULL;
static void (*set_debug_options_func) (long) = NULL;
static long (*get_debug_options_func) (void) = NULL;
-
-static int (*push_info_func) (const char *info, const char *file, int line)
- = NULL;
-static int (*pop_info_func) (void) = NULL;
-static int (*remove_all_info_func) (void) = NULL;
-
#endif
int CRYPTO_set_mem_functions(void *(*m) (size_t), void *(*r) (void *, size_t),
void (*f) (void *))
{
+ /* Dummy call just to ensure OPENSSL_init() gets linked in */
+ OPENSSL_init();
if (!allow_customize)
return 0;
if ((m == 0) || (r == 0) || (f == 0))
@@ -216,6 +204,7 @@
{
if (!allow_customize_debug)
return 0;
+ OPENSSL_init();
malloc_debug_func = m;
realloc_debug_func = r;
free_debug_func = f;
@@ -224,16 +213,6 @@
return 1;
}
-void CRYPTO_set_mem_info_functions(int (*push_info_fn)
- (const char *info, const char *file,
- int line), int (*pop_info_fn) (void),
- int (*remove_all_info_fn) (void))
-{
- push_info_func = push_info_fn;
- pop_info_func = pop_info_fn;
- remove_all_info_func = remove_all_info_fn;
-}
-
void CRYPTO_get_mem_functions(void *(**m) (size_t),
void *(**r) (void *, size_t),
void (**f) (void *))
@@ -301,14 +280,15 @@
void *CRYPTO_malloc_locked(int num, const char *file, int line)
{
void *ret = NULL;
- extern unsigned char cleanse_ctr;
if (num <= 0)
return NULL;
- allow_customize = 0;
+ if (allow_customize)
+ allow_customize = 0;
if (malloc_debug_func != NULL) {
- allow_customize_debug = 0;
+ if (allow_customize_debug)
+ allow_customize_debug = 0;
malloc_debug_func(NULL, num, file, line, 0);
}
ret = malloc_locked_ex_func(num, file, line);
@@ -318,13 +298,17 @@
if (malloc_debug_func != NULL)
malloc_debug_func(ret, num, file, line, 1);
+#ifndef OPENSSL_CPUID_OBJ
/*
* Create a dependency on the value of 'cleanse_ctr' so our memory
* sanitisation function can't be optimised out. NB: We only do this for
* >2Kb so the overhead doesn't bother us.
*/
- if (ret && (num > 2048))
+ if (ret && (num > 2048)) {
+ extern unsigned char cleanse_ctr;
((unsigned char *)ret)[0] = cleanse_ctr;
+ }
+#endif
return ret;
}
@@ -344,14 +328,15 @@
void *CRYPTO_malloc(int num, const char *file, int line)
{
void *ret = NULL;
- extern unsigned char cleanse_ctr;
if (num <= 0)
return NULL;
- allow_customize = 0;
+ if (allow_customize)
+ allow_customize = 0;
if (malloc_debug_func != NULL) {
- allow_customize_debug = 0;
+ if (allow_customize_debug)
+ allow_customize_debug = 0;
malloc_debug_func(NULL, num, file, line, 0);
}
ret = malloc_ex_func(num, file, line);
@@ -361,17 +346,32 @@
if (malloc_debug_func != NULL)
malloc_debug_func(ret, num, file, line, 1);
+#ifndef OPENSSL_CPUID_OBJ
/*
* Create a dependency on the value of 'cleanse_ctr' so our memory
* sanitisation function can't be optimised out. NB: We only do this for
* >2Kb so the overhead doesn't bother us.
*/
- if (ret && (num > 2048))
+ if (ret && (num > 2048)) {
+ extern unsigned char cleanse_ctr;
((unsigned char *)ret)[0] = cleanse_ctr;
+ }
+#endif
return ret;
}
+char *CRYPTO_strdup(const char *str, const char *file, int line)
+{
+ char *ret = CRYPTO_malloc(strlen(str) + 1, file, line);
+
+ if (ret == NULL)
+ return NULL;
+
+ strcpy(ret, str);
+ return ret;
+}
+
void *CRYPTO_realloc(void *str, int num, const char *file, int line)
{
void *ret = NULL;
@@ -464,24 +464,3 @@
return get_debug_options_func();
return 0;
}
-
-int CRYPTO_push_info_(const char *info, const char *file, int line)
-{
- if (push_info_func)
- return push_info_func(info, file, line);
- return 1;
-}
-
-int CRYPTO_pop_info(void)
-{
- if (pop_info_func)
- return pop_info_func();
- return 1;
-}
-
-int CRYPTO_remove_all_info(void)
-{
- if (remove_all_info_func)
- return remove_all_info_func();
- return 1;
-}
Modified: trunk/crypto/openssl/crypto/mem_dbg.c
===================================================================
--- trunk/crypto/openssl/crypto/mem_dbg.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/mem_dbg.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -55,6 +55,59 @@
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
+/* ====================================================================
+ * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
#include <stdio.h>
#include <stdlib.h>
@@ -79,9 +132,11 @@
*/
static unsigned long order = 0; /* number of memory requests */
-static LHASH *mh = NULL; /* hash-table of memory requests (address as
- * key); access requires MALLOC2 lock */
+DECLARE_LHASH_OF(MEM);
+static LHASH_OF(MEM) *mh = NULL; /* hash-table of memory requests (address as
+ * key); access requires MALLOC2 lock */
+
typedef struct app_mem_info_st
/*-
* For application-defined information (static C-string `info')
@@ -92,7 +147,7 @@
* CRYPTO_remove_all_info() to pop all entries.
*/
{
- unsigned long thread;
+ CRYPTO_THREADID threadid;
const char *file;
int line;
const char *info;
@@ -102,10 +157,12 @@
static void app_info_free(APP_INFO *);
-static LHASH *amih = NULL; /* hash-table with those app_mem_info_st's
- * that are at the top of their thread's
- * stack (with `thread' as key); access
- * requires MALLOC2 lock */
+DECLARE_LHASH_OF(APP_INFO);
+static LHASH_OF(APP_INFO) *amih = NULL; /* hash-table with those
+ * app_mem_info_st's that are at the
+ * top of their thread's stack (with
+ * `thread' as key); access requires
+ * MALLOC2 lock */
typedef struct mem_st
/* memory-block description */
@@ -114,7 +171,7 @@
int num;
const char *file;
int line;
- unsigned long thread;
+ CRYPTO_THREADID threadid;
unsigned long order;
time_t time;
APP_INFO *app_info;
@@ -131,12 +188,13 @@
static unsigned int num_disable = 0; /* num_disable > 0 iff mh_mode ==
* CRYPTO_MEM_CHECK_ON (w/o ..._ENABLE) */
-static unsigned long disabling_thread = 0; /* Valid iff num_disable > 0.
- * CRYPTO_LOCK_MALLOC2 is locked
- * exactly in this case (by the
- * thread named in
- * disabling_thread). */
+/*
+ * Valid iff num_disable > 0. CRYPTO_LOCK_MALLOC2 is locked exactly in this
+ * case (by the thread named in disabling_thread).
+ */
+static CRYPTO_THREADID disabling_threadid;
+
static void app_info_free(APP_INFO *inf)
{
if (--(inf->references) <= 0) {
@@ -170,8 +228,11 @@
/* switch off temporarily (for library-internal use): */
case CRYPTO_MEM_CHECK_DISABLE: /* aka MemCheck_off() */
if (mh_mode & CRYPTO_MEM_CHECK_ON) {
- /* otherwise we already have the MALLOC2 lock */
- if (!num_disable || (disabling_thread != CRYPTO_thread_id())) {
+ CRYPTO_THREADID cur;
+ CRYPTO_THREADID_current(&cur);
+ /* see if we don't have the MALLOC2 lock already */
+ if (!num_disable
+ || CRYPTO_THREADID_cmp(&disabling_threadid, &cur)) {
/*
* Long-time lock CRYPTO_LOCK_MALLOC2 must not be claimed
* while we're holding CRYPTO_LOCK_MALLOC, or we'll deadlock
@@ -190,7 +251,7 @@
CRYPTO_w_lock(CRYPTO_LOCK_MALLOC2);
CRYPTO_w_lock(CRYPTO_LOCK_MALLOC);
mh_mode &= ~CRYPTO_MEM_CHECK_ENABLE;
- disabling_thread = CRYPTO_thread_id();
+ CRYPTO_THREADID_cpy(&disabling_threadid, &cur);
}
num_disable++;
}
@@ -219,10 +280,12 @@
int ret = 0;
if (mh_mode & CRYPTO_MEM_CHECK_ON) {
+ CRYPTO_THREADID cur;
+ CRYPTO_THREADID_current(&cur);
CRYPTO_r_lock(CRYPTO_LOCK_MALLOC);
ret = (mh_mode & CRYPTO_MEM_CHECK_ENABLE)
- || (disabling_thread != CRYPTO_thread_id());
+ || CRYPTO_THREADID_cmp(&disabling_threadid, &cur);
CRYPTO_r_unlock(CRYPTO_LOCK_MALLOC);
}
@@ -239,53 +302,56 @@
return options;
}
-/* static int mem_cmp(MEM *a, MEM *b) */
-static int mem_cmp(const void *a_void, const void *b_void)
+static int mem_cmp(const MEM *a, const MEM *b)
{
#ifdef _WIN64
- const char *a = (const char *)((const MEM *)a_void)->addr,
- *b = (const char *)((const MEM *)b_void)->addr;
- if (a == b)
+ const char *ap = (const char *)a->addr, *bp = (const char *)b->addr;
+ if (ap == bp)
return 0;
- else if (a > b)
+ else if (ap > bp)
return 1;
else
return -1;
#else
- return ((const char *)((const MEM *)a_void)->addr
- - (const char *)((const MEM *)b_void)->addr);
+ return (const char *)a->addr - (const char *)b->addr;
#endif
}
-/* static unsigned long mem_hash(MEM *a) */
-static unsigned long mem_hash(const void *a_void)
+static IMPLEMENT_LHASH_COMP_FN(mem, MEM)
+
+static unsigned long mem_hash(const MEM *a)
{
unsigned long ret;
- ret = (unsigned long)((const MEM *)a_void)->addr;
+ ret = (unsigned long)a->addr;
ret = ret * 17851 + (ret >> 14) * 7 + (ret >> 4) * 251;
return (ret);
}
+static IMPLEMENT_LHASH_HASH_FN(mem, MEM)
+
/* static int app_info_cmp(APP_INFO *a, APP_INFO *b) */
static int app_info_cmp(const void *a_void, const void *b_void)
{
- return (((const APP_INFO *)a_void)->thread
- != ((const APP_INFO *)b_void)->thread);
+ return CRYPTO_THREADID_cmp(&((const APP_INFO *)a_void)->threadid,
+ &((const APP_INFO *)b_void)->threadid);
}
-/* static unsigned long app_info_hash(APP_INFO *a) */
-static unsigned long app_info_hash(const void *a_void)
+static IMPLEMENT_LHASH_COMP_FN(app_info, APP_INFO)
+
+static unsigned long app_info_hash(const APP_INFO *a)
{
unsigned long ret;
- ret = (unsigned long)((const APP_INFO *)a_void)->thread;
-
+ ret = CRYPTO_THREADID_hash(&a->threadid);
+ /* This is left in as a "who am I to question legacy?" measure */
ret = ret * 17851 + (ret >> 14) * 7 + (ret >> 4) * 251;
return (ret);
}
+static IMPLEMENT_LHASH_HASH_FN(app_info, APP_INFO)
+
static APP_INFO *pop_info(void)
{
APP_INFO tmp;
@@ -292,19 +358,20 @@
APP_INFO *ret = NULL;
if (amih != NULL) {
- tmp.thread = CRYPTO_thread_id();
- if ((ret = (APP_INFO *)lh_delete(amih, &tmp)) != NULL) {
+ CRYPTO_THREADID_current(&tmp.threadid);
+ if ((ret = lh_APP_INFO_delete(amih, &tmp)) != NULL) {
APP_INFO *next = ret->next;
if (next != NULL) {
next->references++;
- lh_insert(amih, (char *)next);
+ (void)lh_APP_INFO_insert(amih, next);
}
#ifdef LEVITTE_DEBUG_MEM
- if (ret->thread != tmp.thread) {
+ if (CRYPTO_THREADID_cmp(&ret->threadid, &tmp.threadid)) {
fprintf(stderr,
"pop_info(): deleted info has other thread ID (%lu) than the current thread (%lu)!!!!\n",
- ret->thread, tmp.thread);
+ CRYPTO_THREADID_hash(&ret->threadid),
+ CRYPTO_THREADID_hash(&tmp.threadid));
abort();
}
#endif
@@ -319,7 +386,7 @@
return (ret);
}
-int CRYPTO_dbg_push_info(const char *info, const char *file, int line)
+int CRYPTO_push_info_(const char *info, const char *file, int line)
{
APP_INFO *ami, *amim;
int ret = 0;
@@ -332,7 +399,7 @@
goto err;
}
if (amih == NULL) {
- if ((amih = lh_new(app_info_hash, app_info_cmp)) == NULL) {
+ if ((amih = lh_APP_INFO_new()) == NULL) {
OPENSSL_free(ami);
ret = 0;
goto err;
@@ -339,7 +406,7 @@
}
}
- ami->thread = CRYPTO_thread_id();
+ CRYPTO_THREADID_current(&ami->threadid);
ami->file = file;
ami->line = line;
ami->info = info;
@@ -346,12 +413,13 @@
ami->references = 1;
ami->next = NULL;
- if ((amim = (APP_INFO *)lh_insert(amih, (char *)ami)) != NULL) {
+ if ((amim = lh_APP_INFO_insert(amih, ami)) != NULL) {
#ifdef LEVITTE_DEBUG_MEM
- if (ami->thread != amim->thread) {
+ if (CRYPTO_THREADID_cmp(&ami->threadid, &amim->threadid)) {
fprintf(stderr,
"CRYPTO_push_info(): previous info has other thread ID (%lu) than the current thread (%lu)!!!!\n",
- amim->thread, ami->thread);
+ CRYPTO_THREADID_hash(&amim->threadid),
+ CRYPTO_THREADID_hash(&ami->threadid));
abort();
}
#endif
@@ -364,7 +432,7 @@
return (ret);
}
-int CRYPTO_dbg_pop_info(void)
+int CRYPTO_pop_info(void)
{
int ret = 0;
@@ -379,7 +447,7 @@
return (ret);
}
-int CRYPTO_dbg_remove_all_info(void)
+int CRYPTO_remove_all_info(void)
{
int ret = 0;
@@ -417,7 +485,7 @@
return;
}
if (mh == NULL) {
- if ((mh = lh_new(mem_hash, mem_cmp)) == NULL) {
+ if ((mh = lh_MEM_new()) == NULL) {
OPENSSL_free(addr);
OPENSSL_free(m);
addr = NULL;
@@ -430,9 +498,9 @@
m->line = line;
m->num = num;
if (options & V_CRYPTO_MDEBUG_THREAD)
- m->thread = CRYPTO_thread_id();
+ CRYPTO_THREADID_current(&m->threadid);
else
- m->thread = 0;
+ memset(&m->threadid, 0, sizeof(m->threadid));
if (order == break_order_num) {
/* BREAK HERE */
@@ -440,7 +508,7 @@
}
m->order = order++;
#ifdef LEVITTE_DEBUG_MEM
- fprintf(stderr, "LEVITTE_DEBUG_MEM: [%5d] %c 0x%p (%d)\n",
+ fprintf(stderr, "LEVITTE_DEBUG_MEM: [%5ld] %c 0x%p (%d)\n",
m->order, (before_p & 128) ? '*' : '+', m->addr, m->num);
#endif
if (options & V_CRYPTO_MDEBUG_TIME)
@@ -448,16 +516,15 @@
else
m->time = 0;
- tmp.thread = CRYPTO_thread_id();
+ CRYPTO_THREADID_current(&tmp.threadid);
m->app_info = NULL;
if (amih != NULL
- && (amim =
- (APP_INFO *)lh_retrieve(amih, (char *)&tmp)) != NULL) {
+ && (amim = lh_APP_INFO_retrieve(amih, &tmp)) != NULL) {
m->app_info = amim;
amim->references++;
}
- if ((mm = (MEM *)lh_insert(mh, (char *)m)) != NULL) {
+ if ((mm = lh_MEM_insert(mh, m)) != NULL) {
/* Not good, but don't sweat it */
if (mm->app_info != NULL) {
mm->app_info->references--;
@@ -486,10 +553,10 @@
MemCheck_off(); /* make sure we hold MALLOC2 lock */
m.addr = addr;
- mp = (MEM *)lh_delete(mh, (char *)&m);
+ mp = lh_MEM_delete(mh, &m);
if (mp != NULL) {
#ifdef LEVITTE_DEBUG_MEM
- fprintf(stderr, "LEVITTE_DEBUG_MEM: [%5d] - 0x%p (%d)\n",
+ fprintf(stderr, "LEVITTE_DEBUG_MEM: [%5ld] - 0x%p (%d)\n",
mp->order, mp->addr, mp->num);
#endif
if (mp->app_info != NULL)
@@ -533,16 +600,16 @@
MemCheck_off(); /* make sure we hold MALLOC2 lock */
m.addr = addr1;
- mp = (MEM *)lh_delete(mh, (char *)&m);
+ mp = lh_MEM_delete(mh, &m);
if (mp != NULL) {
#ifdef LEVITTE_DEBUG_MEM
fprintf(stderr,
- "LEVITTE_DEBUG_MEM: [%5d] * 0x%p (%d) -> 0x%p (%d)\n",
+ "LEVITTE_DEBUG_MEM: [%5ld] * 0x%p (%d) -> 0x%p (%d)\n",
mp->order, mp->addr, mp->num, addr2, num);
#endif
mp->addr = addr2;
mp->num = num;
- lh_insert(mh, (char *)mp);
+ (void)lh_MEM_insert(mh, mp);
}
MemCheck_on(); /* release MALLOC2 lock if num_disabled drops
@@ -559,7 +626,7 @@
long bytes;
} MEM_LEAK;
-static void print_leak(const MEM *m, MEM_LEAK *l)
+static void print_leak_doall_arg(const MEM *m, MEM_LEAK *l)
{
char buf[1024];
char *bufp = buf;
@@ -566,7 +633,7 @@
APP_INFO *amip;
int ami_cnt;
struct tm *lcl = NULL;
- unsigned long ti;
+ CRYPTO_THREADID ti;
#define BUF_REMAIN (sizeof buf - (size_t)(bufp - buf))
@@ -586,7 +653,8 @@
bufp += strlen(bufp);
if (options & V_CRYPTO_MDEBUG_THREAD) {
- BIO_snprintf(bufp, BUF_REMAIN, "thread=%lu, ", m->thread);
+ BIO_snprintf(bufp, BUF_REMAIN, "thread=%lu, ",
+ CRYPTO_THREADID_hash(&m->threadid));
bufp += strlen(bufp);
}
@@ -603,7 +671,7 @@
ami_cnt = 0;
if (!amip)
return;
- ti = amip->thread;
+ CRYPTO_THREADID_cpy(&ti, &amip->threadid);
do {
int buf_len;
@@ -613,7 +681,8 @@
memset(buf, '>', ami_cnt);
BIO_snprintf(buf + ami_cnt, sizeof buf - ami_cnt,
" thread=%lu, file=%s, line=%d, info=\"",
- amip->thread, amip->file, amip->line);
+ CRYPTO_THREADID_hash(&amip->threadid), amip->file,
+ amip->line);
buf_len = strlen(buf);
info_len = strlen(amip->info);
if (128 - buf_len - 3 < info_len) {
@@ -629,7 +698,7 @@
amip = amip->next;
}
- while (amip && amip->thread == ti);
+ while (amip && !CRYPTO_THREADID_cmp(&amip->threadid, &ti));
#ifdef LEVITTE_DEBUG_MEM
if (amip) {
@@ -639,7 +708,7 @@
#endif
}
-static IMPLEMENT_LHASH_DOALL_ARG_FN(print_leak, const MEM *, MEM_LEAK *)
+static IMPLEMENT_LHASH_DOALL_ARG_FN(print_leak, const MEM, MEM_LEAK)
void CRYPTO_mem_leaks(BIO *b)
{
@@ -654,9 +723,12 @@
ml.bytes = 0;
ml.chunks = 0;
if (mh != NULL)
- lh_doall_arg(mh, LHASH_DOALL_ARG_FN(print_leak), (char *)&ml);
+ lh_MEM_doall_arg(mh, LHASH_DOALL_ARG_FN(print_leak), MEM_LEAK, &ml);
if (ml.chunks != 0) {
BIO_printf(b, "%ld bytes leaked in %d chunks\n", ml.bytes, ml.chunks);
+#ifdef CRYPTO_MDEBUG_ABORT
+ abort();
+#endif
} else {
/*
* Make sure that, if we found no leaks, memory-leak debugging itself
@@ -664,7 +736,7 @@
* debugging tools). (When someone enables leak checking, but does not
* call this function, we declare it to be their fault.) XXX This
* should be in CRYPTO_mem_leaks_cb, and CRYPTO_mem_leaks should be
- * implemented by using CRYPTO_mem_leaks_cb. (Also their should be a
+ * implemented by using CRYPTO_mem_leaks_cb. (Also there should be a
* variant of lh_doall_arg that takes a function pointer instead of a
* void *; this would obviate the ugly and illegal void_fn_to_char
* kludge in CRYPTO_mem_leaks_cb. Otherwise the code police will come
@@ -682,12 +754,12 @@
mh_mode = CRYPTO_MEM_CHECK_OFF;
if (mh != NULL) {
- lh_free(mh);
+ lh_MEM_free(mh);
mh = NULL;
}
if (amih != NULL) {
- if (lh_num_items(amih) == 0) {
- lh_free(amih);
+ if (lh_APP_INFO_num_items(amih) == 0) {
+ lh_APP_INFO_free(amih);
amih = NULL;
}
}
@@ -731,13 +803,21 @@
* crypto.h If this code is restructured, remove the callback type if it is
* no longer needed. -- Geoff Thorpe
*/
-static void cb_leak(const MEM *m, CRYPTO_MEM_LEAK_CB **cb)
+
+/*
+ * Can't pass CRYPTO_MEM_LEAK_CB directly to lh_MEM_doall_arg because it is a
+ * function pointer and conversion to void * is prohibited. Instead pass its
+ * address
+ */
+
+typedef CRYPTO_MEM_LEAK_CB *PCRYPTO_MEM_LEAK_CB;
+
+static void cb_leak_doall_arg(const MEM *m, PCRYPTO_MEM_LEAK_CB *cb)
{
- (**cb) (m->order, m->file, m->line, m->num, m->addr);
+ (*cb) (m->order, m->file, m->line, m->num, m->addr);
}
-static IMPLEMENT_LHASH_DOALL_ARG_FN(cb_leak, const MEM *,
- CRYPTO_MEM_LEAK_CB **)
+static IMPLEMENT_LHASH_DOALL_ARG_FN(cb_leak, const MEM, PCRYPTO_MEM_LEAK_CB)
void CRYPTO_mem_leaks_cb(CRYPTO_MEM_LEAK_CB *cb)
{
@@ -744,26 +824,7 @@
if (mh == NULL)
return;
CRYPTO_w_lock(CRYPTO_LOCK_MALLOC2);
- lh_doall_arg(mh, LHASH_DOALL_ARG_FN(cb_leak), &cb);
+ lh_MEM_doall_arg(mh, LHASH_DOALL_ARG_FN(cb_leak), PCRYPTO_MEM_LEAK_CB,
+ &cb);
CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC2);
}
-
-void CRYPTO_malloc_debug_init(void)
-{
- CRYPTO_set_mem_debug_functions(CRYPTO_dbg_malloc,
- CRYPTO_dbg_realloc,
- CRYPTO_dbg_free,
- CRYPTO_dbg_set_options,
- CRYPTO_dbg_get_options);
- CRYPTO_set_mem_info_functions(CRYPTO_dbg_push_info,
- CRYPTO_dbg_pop_info,
- CRYPTO_dbg_remove_all_info);
-}
-
-char *CRYPTO_strdup(const char *str, const char *file, int line)
-{
- char *ret = CRYPTO_malloc(strlen(str) + 1, file, line);
-
- strcpy(ret, str);
- return ret;
-}
Copied: trunk/crypto/openssl/crypto/o_fips.c (from rev 7117, vendor-crypto/openssl/dist/crypto/o_fips.c)
===================================================================
--- trunk/crypto/openssl/crypto/o_fips.c (rev 0)
+++ trunk/crypto/openssl/crypto/o_fips.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,96 @@
+/*
+ * Written by Stephen henson (steve at openssl.org) for the OpenSSL project
+ * 2011.
+ */
+/* ====================================================================
+ * Copyright (c) 2011 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include "cryptlib.h"
+#ifdef OPENSSL_FIPS
+# include <openssl/fips.h>
+# include <openssl/fips_rand.h>
+# include <openssl/rand.h>
+#endif
+
+int FIPS_mode(void)
+{
+ OPENSSL_init();
+#ifdef OPENSSL_FIPS
+ return FIPS_module_mode();
+#else
+ return 0;
+#endif
+}
+
+int FIPS_mode_set(int r)
+{
+ OPENSSL_init();
+#ifdef OPENSSL_FIPS
+# ifndef FIPS_AUTH_USER_PASS
+# define FIPS_AUTH_USER_PASS "Default FIPS Crypto User Password"
+# endif
+ if (!FIPS_module_mode_set(r, FIPS_AUTH_USER_PASS))
+ return 0;
+ if (r)
+ RAND_set_rand_method(FIPS_rand_get_method());
+ else
+ RAND_set_rand_method(NULL);
+ return 1;
+#else
+ if (r == 0)
+ return 1;
+ CRYPTOerr(CRYPTO_F_FIPS_MODE_SET, CRYPTO_R_FIPS_MODE_NOT_SUPPORTED);
+ return 0;
+#endif
+}
Modified: trunk/crypto/openssl/crypto/o_init.c
===================================================================
--- trunk/crypto/openssl/crypto/o_init.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/o_init.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -4,7 +4,7 @@
* project.
*/
/* ====================================================================
- * Copyright (c) 2007 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 2011 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -51,23 +51,13 @@
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
*/
#include <e_os.h>
#include <openssl/err.h>
-
-/* Internal only functions: only ever used here */
#ifdef OPENSSL_FIPS
-extern void int_ERR_lib_init(void);
-# ifndef OPENSSL_NO_ENGINE
-extern void int_EVP_MD_init_engine_callbacks(void);
-extern void int_EVP_CIPHER_init_engine_callbacks(void);
-extern void int_RAND_init_engine_callbacks(void);
-# endif
+# include <openssl/fips.h>
+# include <openssl/rand.h>
#endif
/*
@@ -77,35 +67,17 @@
void OPENSSL_init(void)
{
+ static int done = 0;
+ if (done)
+ return;
+ done = 1;
#ifdef OPENSSL_FIPS
- static int done = 0;
- if (!done) {
- int_ERR_lib_init();
-# ifdef CRYPTO_MDEBUG
- CRYPTO_malloc_debug_init();
-# endif
-# ifndef OPENSSL_NO_ENGINE
- int_EVP_MD_init_engine_callbacks();
- int_EVP_CIPHER_init_engine_callbacks();
- int_RAND_init_engine_callbacks();
-# endif
- done = 1;
- }
+ FIPS_set_locking_callbacks(CRYPTO_lock, CRYPTO_add_lock);
+ FIPS_set_error_callbacks(ERR_put_error, ERR_add_error_vdata);
+ FIPS_set_malloc_callbacks(CRYPTO_malloc, CRYPTO_free);
+ RAND_init_fips();
#endif
+#if 0
+ fprintf(stderr, "Called OPENSSL_init\n");
+#endif
}
-
-#ifdef OPENSSL_FIPS
-
-int CRYPTO_memcmp(const void *in_a, const void *in_b, size_t len)
-{
- size_t i;
- const unsigned char *a = in_a;
- const unsigned char *b = in_b;
- unsigned char x = 0;
-
- for (i = 0; i < len; i++)
- x |= a[i] ^ b[i];
-
- return x;
-}
-#endif
Modified: trunk/crypto/openssl/crypto/o_time.c
===================================================================
--- trunk/crypto/openssl/crypto/o_time.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/o_time.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -3,6 +3,10 @@
* Written by Richard Levitte (richard at levitte.org) for the OpenSSL project
* 2001.
*/
+/*
+ * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+ * 2008.
+ */
/* ====================================================================
* Copyright (c) 2001 The OpenSSL Project. All rights reserved.
*
@@ -62,12 +66,18 @@
#include "o_time.h"
#ifdef OPENSSL_SYS_VMS
-# include <libdtdef.h>
-# include <lib$routines.h>
-# include <lnmdef.h>
-# include <starlet.h>
-# include <descrip.h>
-# include <stdlib.h>
+# if __CRTL_VER >= 70000000 && \
+ (defined _POSIX_C_SOURCE || !defined _ANSI_C_SOURCE)
+# define VMS_GMTIME_OK
+# endif
+# ifndef VMS_GMTIME_OK
+# include <libdtdef.h>
+# include <lib$routines.h>
+# include <lnmdef.h>
+# include <starlet.h>
+# include <descrip.h>
+# include <stdlib.h>
+# endif /* ndef VMS_GMTIME_OK */
#endif
struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result)
@@ -74,7 +84,7 @@
{
struct tm *ts = NULL;
-#if defined(OPENSSL_THREADS) && !defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_SYS_OS2) && !defined(__CYGWIN32__) && (!defined(OPENSSL_SYS_VMS) || defined(gmtime_r)) && !defined(OPENSSL_SYS_MACOSX) && !defined(OPENSSL_SYS_SUNOS)
+#if defined(OPENSSL_THREADS) && !defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_SYS_OS2) && (!defined(OPENSSL_SYS_VMS) || defined(gmtime_r)) && !defined(OPENSSL_SYS_MACOSX) && !defined(OPENSSL_SYS_SUNOS)
/*
* should return &data, but doesn't on some systems, so we don't even
* look at the return value
@@ -81,7 +91,7 @@
*/
gmtime_r(timer, result);
ts = result;
-#elif !defined(OPENSSL_SYS_VMS)
+#elif !defined(OPENSSL_SYS_VMS) || defined(VMS_GMTIME_OK)
ts = gmtime(timer);
if (ts == NULL)
return NULL;
@@ -89,7 +99,7 @@
memcpy(result, ts, sizeof(struct tm));
ts = result;
#endif
-#ifdef OPENSSL_SYS_VMS
+#if defined( OPENSSL_SYS_VMS) && !defined( VMS_GMTIME_OK)
if (ts == NULL) {
static $DESCRIPTOR(tabnam, "LNM$DCL_LOGICAL");
static $DESCRIPTOR(lognam, "SYS$TIMEZONE_DIFFERENTIAL");
@@ -225,3 +235,146 @@
#endif
return ts;
}
+
+/*
+ * Take a tm structure and add an offset to it. This avoids any OS issues
+ * with restricted date types and overflows which cause the year 2038
+ * problem.
+ */
+
+#define SECS_PER_DAY (24 * 60 * 60)
+
+static long date_to_julian(int y, int m, int d);
+static void julian_to_date(long jd, int *y, int *m, int *d);
+
+int OPENSSL_gmtime_adj(struct tm *tm, int off_day, long offset_sec)
+{
+ int offset_hms, offset_day;
+ long time_jd;
+ int time_year, time_month, time_day;
+ /* split offset into days and day seconds */
+ offset_day = offset_sec / SECS_PER_DAY;
+ /* Avoid sign issues with % operator */
+ offset_hms = offset_sec - (offset_day * SECS_PER_DAY);
+ offset_day += off_day;
+ /* Add current time seconds to offset */
+ offset_hms += tm->tm_hour * 3600 + tm->tm_min * 60 + tm->tm_sec;
+ /* Adjust day seconds if overflow */
+ if (offset_hms >= SECS_PER_DAY) {
+ offset_day++;
+ offset_hms -= SECS_PER_DAY;
+ } else if (offset_hms < 0) {
+ offset_day--;
+ offset_hms += SECS_PER_DAY;
+ }
+
+ /*
+ * Convert date of time structure into a Julian day number.
+ */
+
+ time_year = tm->tm_year + 1900;
+ time_month = tm->tm_mon + 1;
+ time_day = tm->tm_mday;
+
+ time_jd = date_to_julian(time_year, time_month, time_day);
+
+ /* Work out Julian day of new date */
+ time_jd += offset_day;
+
+ if (time_jd < 0)
+ return 0;
+
+ /* Convert Julian day back to date */
+
+ julian_to_date(time_jd, &time_year, &time_month, &time_day);
+
+ if (time_year < 1900 || time_year > 9999)
+ return 0;
+
+ /* Update tm structure */
+
+ tm->tm_year = time_year - 1900;
+ tm->tm_mon = time_month - 1;
+ tm->tm_mday = time_day;
+
+ tm->tm_hour = offset_hms / 3600;
+ tm->tm_min = (offset_hms / 60) % 60;
+ tm->tm_sec = offset_hms % 60;
+
+ return 1;
+
+}
+
+/*
+ * Convert date to and from julian day Uses Fliegel & Van Flandern algorithm
+ */
+static long date_to_julian(int y, int m, int d)
+{
+ return (1461 * (y + 4800 + (m - 14) / 12)) / 4 +
+ (367 * (m - 2 - 12 * ((m - 14) / 12))) / 12 -
+ (3 * ((y + 4900 + (m - 14) / 12) / 100)) / 4 + d - 32075;
+}
+
+static void julian_to_date(long jd, int *y, int *m, int *d)
+{
+ long L = jd + 68569;
+ long n = (4 * L) / 146097;
+ long i, j;
+
+ L = L - (146097 * n + 3) / 4;
+ i = (4000 * (L + 1)) / 1461001;
+ L = L - (1461 * i) / 4 + 31;
+ j = (80 * L) / 2447;
+ *d = L - (2447 * j) / 80;
+ L = j / 11;
+ *m = j + 2 - (12 * L);
+ *y = 100 * (n - 49) + i + L;
+}
+
+#ifdef OPENSSL_TIME_TEST
+
+# include <stdio.h>
+
+/*
+ * Time checking test code. Check times are identical for a wide range of
+ * offsets. This should be run on a machine with 64 bit time_t or it will
+ * trigger the very errors the routines fix.
+ */
+
+int main(int argc, char **argv)
+{
+ long offset;
+ for (offset = 0; offset < 1000000; offset++) {
+ check_time(offset);
+ check_time(-offset);
+ check_time(offset * 1000);
+ check_time(-offset * 1000);
+ }
+}
+
+int check_time(long offset)
+{
+ struct tm tm1, tm2;
+ time_t t1, t2;
+ time(&t1);
+ t2 = t1 + offset;
+ OPENSSL_gmtime(&t2, &tm2);
+ OPENSSL_gmtime(&t1, &tm1);
+ OPENSSL_gmtime_adj(&tm1, 0, offset);
+ if ((tm1.tm_year == tm2.tm_year) &&
+ (tm1.tm_mon == tm2.tm_mon) &&
+ (tm1.tm_mday == tm2.tm_mday) &&
+ (tm1.tm_hour == tm2.tm_hour) &&
+ (tm1.tm_min == tm2.tm_min) && (tm1.tm_sec == tm2.tm_sec))
+ return 1;
+ fprintf(stderr, "TIME ERROR!!\n");
+ fprintf(stderr, "Time1: %d/%d/%d, %d:%02d:%02d\n",
+ tm2.tm_mday, tm2.tm_mon + 1, tm2.tm_year + 1900,
+ tm2.tm_hour, tm2.tm_min, tm2.tm_sec);
+ fprintf(stderr, "Time2: %d/%d/%d, %d:%02d:%02d\n",
+ tm1.tm_mday, tm1.tm_mon + 1, tm1.tm_year + 1900,
+ tm1.tm_hour, tm1.tm_min, tm1.tm_sec);
+ return 0;
+}
+
+#endif
Modified: trunk/crypto/openssl/crypto/o_time.h
===================================================================
--- trunk/crypto/openssl/crypto/o_time.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/o_time.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -63,5 +63,6 @@
# include <time.h>
struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result);
+int OPENSSL_gmtime_adj(struct tm *tm, int offset_day, long offset_sec);
#endif
Modified: trunk/crypto/openssl/crypto/objects/Makefile
===================================================================
--- trunk/crypto/openssl/crypto/objects/Makefile 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/objects/Makefile 2015-07-21 23:23:45 UTC (rev 7118)
@@ -18,13 +18,13 @@
APPS=
LIB=$(TOP)/libcrypto.a
-LIBSRC= o_names.c obj_dat.c obj_lib.c obj_err.c
-LIBOBJ= o_names.o obj_dat.o obj_lib.o obj_err.o
+LIBSRC= o_names.c obj_dat.c obj_lib.c obj_err.c obj_xref.c
+LIBOBJ= o_names.o obj_dat.o obj_lib.o obj_err.o obj_xref.o
SRC= $(LIBSRC)
EXHEADER= objects.h obj_mac.h
-HEADER= $(EXHEADER) obj_dat.h
+HEADER= $(EXHEADER) obj_dat.h obj_xref.h
ALL= $(GENERAL) $(SRC) $(HEADER)
@@ -31,10 +31,10 @@
top:
(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-all: obj_dat.h lib
+all: obj_dat.h obj_xref.h lib
lib: $(LIBOBJ)
- $(ARX) $(LIB) $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
@@ -46,6 +46,10 @@
$(PERL) objects.pl objects.txt obj_mac.num obj_mac.h
@sleep 1; touch obj_mac.h; sleep 1
+obj_xref.h: objxref.pl obj_xref.txt obj_mac.num
+ $(PERL) objxref.pl obj_mac.num obj_xref.txt > obj_xref.h
+ @sleep 1; touch obj_xref.h; sleep 1
+
files:
$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
@@ -70,6 +74,8 @@
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
+update: obj_dat.h obj_mac.h obj_xref.h depend
+
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
@@ -117,3 +123,10 @@
obj_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
obj_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
obj_lib.o: ../cryptlib.h obj_lib.c
+obj_xref.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+obj_xref.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+obj_xref.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+obj_xref.o: ../../include/openssl/opensslconf.h
+obj_xref.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+obj_xref.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+obj_xref.o: ../../include/openssl/symhacks.h obj_xref.c obj_xref.h
Modified: trunk/crypto/openssl/crypto/objects/o_names.c
===================================================================
--- trunk/crypto/openssl/crypto/objects/o_names.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/objects/o_names.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -24,7 +24,8 @@
* I use the ex_data stuff to manage the identifiers for the obj_name_types
* that applications may define. I only really use the free function field.
*/
-static LHASH *names_lh = NULL;
+DECLARE_LHASH_OF(OBJ_NAME);
+static LHASH_OF(OBJ_NAME) *names_lh = NULL;
static int names_type_num = OBJ_NAME_TYPE_NUM;
typedef struct name_funcs_st {
@@ -49,12 +50,15 @@
/* static int obj_name_cmp(OBJ_NAME *a,OBJ_NAME *b); */
static int obj_name_cmp(const void *a_void, const void *b_void);
+static IMPLEMENT_LHASH_HASH_FN(obj_name, OBJ_NAME)
+static IMPLEMENT_LHASH_COMP_FN(obj_name, OBJ_NAME)
+
int OBJ_NAME_init(void)
{
if (names_lh != NULL)
return (1);
MemCheck_off();
- names_lh = lh_new(obj_name_hash, obj_name_cmp);
+ names_lh = lh_OBJ_NAME_new();
MemCheck_on();
return (names_lh != NULL);
}
@@ -72,7 +76,7 @@
name_funcs_stack = sk_NAME_FUNCS_new_null();
MemCheck_on();
}
- if ((name_funcs_stack == NULL)) {
+ if (name_funcs_stack == NULL) {
/* ERROR */
return (0);
}
@@ -160,7 +164,7 @@
on.type = type;
for (;;) {
- ret = (OBJ_NAME *)lh_retrieve(names_lh, &on);
+ ret = lh_OBJ_NAME_retrieve(names_lh, &on);
if (ret == NULL)
return (NULL);
if ((ret->alias) && !alias) {
@@ -195,7 +199,7 @@
onp->type = type;
onp->data = data;
- ret = (OBJ_NAME *)lh_insert(names_lh, onp);
+ ret = lh_OBJ_NAME_insert(names_lh, onp);
if (ret != NULL) {
/* free things */
if ((name_funcs_stack != NULL)
@@ -210,7 +214,7 @@
}
OPENSSL_free(ret);
} else {
- if (lh_error(names_lh)) {
+ if (lh_OBJ_NAME_error(names_lh)) {
/* ERROR */
return (0);
}
@@ -228,7 +232,7 @@
type &= ~OBJ_NAME_ALIAS;
on.name = name;
on.type = type;
- ret = (OBJ_NAME *)lh_delete(names_lh, &on);
+ ret = lh_OBJ_NAME_delete(names_lh, &on);
if (ret != NULL) {
/* free things */
if ((name_funcs_stack != NULL)
@@ -253,14 +257,13 @@
void *arg;
};
-static void do_all_fn(const OBJ_NAME *name, struct doall *d)
+static void do_all_fn_doall_arg(const OBJ_NAME *name, struct doall *d)
{
if (name->type == d->type)
d->fn(name, d->arg);
}
-static IMPLEMENT_LHASH_DOALL_ARG_FN(do_all_fn, const OBJ_NAME *,
- struct doall *)
+static IMPLEMENT_LHASH_DOALL_ARG_FN(do_all_fn, const OBJ_NAME, struct doall)
void OBJ_NAME_do_all(int type, void (*fn) (const OBJ_NAME *, void *arg),
void *arg)
@@ -271,7 +274,8 @@
d.fn = fn;
d.arg = arg;
- lh_doall_arg(names_lh, LHASH_DOALL_ARG_FN(do_all_fn), &d);
+ lh_OBJ_NAME_doall_arg(names_lh, LHASH_DOALL_ARG_FN(do_all_fn),
+ struct doall, &d);
}
struct doall_sorted {
@@ -306,31 +310,34 @@
int n;
d.type = type;
- d.names = OPENSSL_malloc(lh_num_items(names_lh) * sizeof *d.names);
- d.n = 0;
- OBJ_NAME_do_all(type, do_all_sorted_fn, &d);
+ d.names =
+ OPENSSL_malloc(lh_OBJ_NAME_num_items(names_lh) * sizeof *d.names);
+ /* Really should return an error if !d.names...but its a void function! */
+ if (d.names) {
+ d.n = 0;
+ OBJ_NAME_do_all(type, do_all_sorted_fn, &d);
- qsort((void *)d.names, d.n, sizeof *d.names, do_all_sorted_cmp);
+ qsort((void *)d.names, d.n, sizeof *d.names, do_all_sorted_cmp);
- for (n = 0; n < d.n; ++n)
- fn(d.names[n], arg);
+ for (n = 0; n < d.n; ++n)
+ fn(d.names[n], arg);
- OPENSSL_free((void *)d.names);
+ OPENSSL_free((void *)d.names);
+ }
}
static int free_type;
-static void names_lh_free(OBJ_NAME *onp)
+static void names_lh_free_doall(OBJ_NAME *onp)
{
if (onp == NULL)
return;
- if ((free_type < 0) || (free_type == onp->type)) {
+ if (free_type < 0 || free_type == onp->type)
OBJ_NAME_remove(onp->name, onp->type);
- }
}
-static IMPLEMENT_LHASH_DOALL_FN(names_lh_free, OBJ_NAME *)
+static IMPLEMENT_LHASH_DOALL_FN(names_lh_free, OBJ_NAME)
static void name_funcs_free(NAME_FUNCS *ptr)
{
@@ -345,15 +352,15 @@
return;
free_type = type;
- down_load = names_lh->down_load;
- names_lh->down_load = 0;
+ down_load = lh_OBJ_NAME_down_load(names_lh);
+ lh_OBJ_NAME_down_load(names_lh) = 0;
- lh_doall(names_lh, LHASH_DOALL_FN(names_lh_free));
+ lh_OBJ_NAME_doall(names_lh, LHASH_DOALL_FN(names_lh_free));
if (type < 0) {
- lh_free(names_lh);
+ lh_OBJ_NAME_free(names_lh);
sk_NAME_FUNCS_pop_free(name_funcs_stack, name_funcs_free);
names_lh = NULL;
name_funcs_stack = NULL;
} else
- names_lh->down_load = down_load;
+ lh_OBJ_NAME_down_load(names_lh) = down_load;
}
Modified: trunk/crypto/openssl/crypto/objects/obj_dat.c
===================================================================
--- trunk/crypto/openssl/crypto/objects/obj_dat.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/objects/obj_dat.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -74,16 +74,17 @@
# define NUM_SN 0
# define NUM_LN 0
# define NUM_OBJ 0
-static unsigned char lvalues[1];
-static ASN1_OBJECT nid_objs[1];
-static ASN1_OBJECT *sn_objs[1];
-static ASN1_OBJECT *ln_objs[1];
-static ASN1_OBJECT *obj_objs[1];
+static const unsigned char lvalues[1];
+static const ASN1_OBJECT nid_objs[1];
+static const unsigned int sn_objs[1];
+static const unsigned int ln_objs[1];
+static const unsigned int obj_objs[1];
#endif
-static int sn_cmp(const void *a, const void *b);
-static int ln_cmp(const void *a, const void *b);
-static int obj_cmp(const void *a, const void *b);
+DECLARE_OBJ_BSEARCH_CMP_FN(const ASN1_OBJECT *, unsigned int, sn);
+DECLARE_OBJ_BSEARCH_CMP_FN(const ASN1_OBJECT *, unsigned int, ln);
+DECLARE_OBJ_BSEARCH_CMP_FN(const ASN1_OBJECT *, unsigned int, obj);
+
#define ADDED_DATA 0
#define ADDED_SNAME 1
#define ADDED_LNAME 2
@@ -93,30 +94,31 @@
int type;
ASN1_OBJECT *obj;
} ADDED_OBJ;
+DECLARE_LHASH_OF(ADDED_OBJ);
static int new_nid = NUM_NID;
-static LHASH *added = NULL;
+static LHASH_OF(ADDED_OBJ) *added = NULL;
-static int sn_cmp(const void *a, const void *b)
+static int sn_cmp(const ASN1_OBJECT *const *a, const unsigned int *b)
{
- const ASN1_OBJECT *const *ap = a, *const *bp = b;
- return (strcmp((*ap)->sn, (*bp)->sn));
+ return (strcmp((*a)->sn, nid_objs[*b].sn));
}
-static int ln_cmp(const void *a, const void *b)
+IMPLEMENT_OBJ_BSEARCH_CMP_FN(const ASN1_OBJECT *, unsigned int, sn);
+
+static int ln_cmp(const ASN1_OBJECT *const *a, const unsigned int *b)
{
- const ASN1_OBJECT *const *ap = a, *const *bp = b;
- return (strcmp((*ap)->ln, (*bp)->ln));
+ return (strcmp((*a)->ln, nid_objs[*b].ln));
}
-/* static unsigned long add_hash(ADDED_OBJ *ca) */
-static unsigned long add_hash(const void *ca_void)
+IMPLEMENT_OBJ_BSEARCH_CMP_FN(const ASN1_OBJECT *, unsigned int, ln);
+
+static unsigned long added_obj_hash(const ADDED_OBJ *ca)
{
const ASN1_OBJECT *a;
int i;
unsigned long ret = 0;
unsigned char *p;
- const ADDED_OBJ *ca = (const ADDED_OBJ *)ca_void;
a = ca->obj;
switch (ca->type) {
@@ -140,17 +142,16 @@
return 0;
}
ret &= 0x3fffffffL;
- ret |= ca->type << 30L;
+ ret |= ((unsigned long)ca->type) << 30L;
return (ret);
}
-/* static int add_cmp(ADDED_OBJ *ca, ADDED_OBJ *cb) */
-static int add_cmp(const void *ca_void, const void *cb_void)
+static IMPLEMENT_LHASH_HASH_FN(added_obj, ADDED_OBJ)
+
+static int added_obj_cmp(const ADDED_OBJ *ca, const ADDED_OBJ *cb)
{
ASN1_OBJECT *a, *b;
int i;
- const ADDED_OBJ *ca = (const ADDED_OBJ *)ca_void;
- const ADDED_OBJ *cb = (const ADDED_OBJ *)cb_void;
i = ca->type - cb->type;
if (i)
@@ -185,15 +186,17 @@
}
}
+static IMPLEMENT_LHASH_COMP_FN(added_obj, ADDED_OBJ)
+
static int init_added(void)
{
if (added != NULL)
return (1);
- added = lh_new(add_hash, add_cmp);
+ added = lh_ADDED_OBJ_new();
return (added != NULL);
}
-static void cleanup1(ADDED_OBJ *a)
+static void cleanup1_doall(ADDED_OBJ *a)
{
a->obj->nid = 0;
a->obj->flags |= ASN1_OBJECT_FLAG_DYNAMIC |
@@ -200,12 +203,12 @@
ASN1_OBJECT_FLAG_DYNAMIC_STRINGS | ASN1_OBJECT_FLAG_DYNAMIC_DATA;
}
-static void cleanup2(ADDED_OBJ *a)
+static void cleanup2_doall(ADDED_OBJ *a)
{
a->obj->nid++;
}
-static void cleanup3(ADDED_OBJ *a)
+static void cleanup3_doall(ADDED_OBJ *a)
{
if (--a->obj->nid == 0)
ASN1_OBJECT_free(a->obj);
@@ -212,19 +215,35 @@
OPENSSL_free(a);
}
-static IMPLEMENT_LHASH_DOALL_FN(cleanup1, ADDED_OBJ *)
-static IMPLEMENT_LHASH_DOALL_FN(cleanup2, ADDED_OBJ *)
-static IMPLEMENT_LHASH_DOALL_FN(cleanup3, ADDED_OBJ *)
+static IMPLEMENT_LHASH_DOALL_FN(cleanup1, ADDED_OBJ)
+static IMPLEMENT_LHASH_DOALL_FN(cleanup2, ADDED_OBJ)
+static IMPLEMENT_LHASH_DOALL_FN(cleanup3, ADDED_OBJ)
+/*
+ * The purpose of obj_cleanup_defer is to avoid EVP_cleanup() attempting to
+ * use freed up OIDs. If neccessary the actual freeing up of OIDs is delayed.
+ */
+int obj_cleanup_defer = 0;
+
+void check_defer(int nid)
+{
+ if (!obj_cleanup_defer && nid >= NUM_NID)
+ obj_cleanup_defer = 1;
+}
+
void OBJ_cleanup(void)
{
+ if (obj_cleanup_defer) {
+ obj_cleanup_defer = 2;
+ return;
+ }
if (added == NULL)
return;
- added->down_load = 0;
- lh_doall(added, LHASH_DOALL_FN(cleanup1)); /* zero counters */
- lh_doall(added, LHASH_DOALL_FN(cleanup2)); /* set counters */
- lh_doall(added, LHASH_DOALL_FN(cleanup3)); /* free objects */
- lh_free(added);
+ lh_ADDED_OBJ_down_load(added) = 0;
+ lh_ADDED_OBJ_doall(added, LHASH_DOALL_FN(cleanup1)); /* zero counters */
+ lh_ADDED_OBJ_doall(added, LHASH_DOALL_FN(cleanup2)); /* set counters */
+ lh_ADDED_OBJ_doall(added, LHASH_DOALL_FN(cleanup3)); /* free objects */
+ lh_ADDED_OBJ_free(added);
added = NULL;
}
@@ -269,7 +288,7 @@
if (ao[i] != NULL) {
ao[i]->type = i;
ao[i]->obj = o;
- aop = (ADDED_OBJ *)lh_insert(added, ao[i]);
+ aop = lh_ADDED_OBJ_insert(added, ao[i]);
/* memory leak, buit should not normally matter */
if (aop != NULL)
OPENSSL_free(aop);
@@ -308,7 +327,7 @@
ad.type = ADDED_NID;
ad.obj = &ob;
ob.nid = n;
- adp = (ADDED_OBJ *)lh_retrieve(added, &ad);
+ adp = lh_ADDED_OBJ_retrieve(added, &ad);
if (adp != NULL)
return (adp->obj);
else {
@@ -335,7 +354,7 @@
ad.type = ADDED_NID;
ad.obj = &ob;
ob.nid = n;
- adp = (ADDED_OBJ *)lh_retrieve(added, &ad);
+ adp = lh_ADDED_OBJ_retrieve(added, &ad);
if (adp != NULL)
return (adp->obj->sn);
else {
@@ -362,7 +381,7 @@
ad.type = ADDED_NID;
ad.obj = &ob;
ob.nid = n;
- adp = (ADDED_OBJ *)lh_retrieve(added, &ad);
+ adp = lh_ADDED_OBJ_retrieve(added, &ad);
if (adp != NULL)
return (adp->obj->ln);
else {
@@ -372,9 +391,25 @@
}
}
+static int obj_cmp(const ASN1_OBJECT *const *ap, const unsigned int *bp)
+{
+ int j;
+ const ASN1_OBJECT *a = *ap;
+ const ASN1_OBJECT *b = &nid_objs[*bp];
+
+ j = (a->length - b->length);
+ if (j)
+ return (j);
+ if (a->length == 0)
+ return 0;
+ return (memcmp(a->data, b->data, a->length));
+}
+
+IMPLEMENT_OBJ_BSEARCH_CMP_FN(const ASN1_OBJECT *, unsigned int, obj);
+
int OBJ_obj2nid(const ASN1_OBJECT *a)
{
- ASN1_OBJECT **op;
+ const unsigned int *op;
ADDED_OBJ ad, *adp;
if (a == NULL)
@@ -388,15 +423,14 @@
if (added != NULL) {
ad.type = ADDED_DATA;
ad.obj = (ASN1_OBJECT *)a; /* XXX: ugly but harmless */
- adp = (ADDED_OBJ *)lh_retrieve(added, &ad);
+ adp = lh_ADDED_OBJ_retrieve(added, &ad);
if (adp != NULL)
return (adp->obj->nid);
}
- op = (ASN1_OBJECT **)OBJ_bsearch((const char *)&a, (const char *)obj_objs,
- NUM_OBJ, sizeof(ASN1_OBJECT *), obj_cmp);
+ op = OBJ_bsearch_obj(&a, obj_objs, NUM_OBJ);
if (op == NULL)
return (NID_undef);
- return ((*op)->nid);
+ return (nid_objs[*op].nid);
}
/*
@@ -453,7 +487,7 @@
int i, n = 0, len, nid, first, use_bn;
BIGNUM *bl;
unsigned long l;
- unsigned char *p;
+ const unsigned char *p;
char tbuf[DECIMAL_SIZE(i) + DECIMAL_SIZE(l) + 2];
/* Ensure that, at every state, |buf| is NUL-terminated. */
@@ -596,66 +630,58 @@
int OBJ_ln2nid(const char *s)
{
- ASN1_OBJECT o, *oo = &o, **op;
+ ASN1_OBJECT o;
+ const ASN1_OBJECT *oo = &o;
ADDED_OBJ ad, *adp;
+ const unsigned int *op;
o.ln = s;
if (added != NULL) {
ad.type = ADDED_LNAME;
ad.obj = &o;
- adp = (ADDED_OBJ *)lh_retrieve(added, &ad);
+ adp = lh_ADDED_OBJ_retrieve(added, &ad);
if (adp != NULL)
return (adp->obj->nid);
}
- op = (ASN1_OBJECT **)OBJ_bsearch((char *)&oo, (char *)ln_objs, NUM_LN,
- sizeof(ASN1_OBJECT *), ln_cmp);
+ op = OBJ_bsearch_ln(&oo, ln_objs, NUM_LN);
if (op == NULL)
return (NID_undef);
- return ((*op)->nid);
+ return (nid_objs[*op].nid);
}
int OBJ_sn2nid(const char *s)
{
- ASN1_OBJECT o, *oo = &o, **op;
+ ASN1_OBJECT o;
+ const ASN1_OBJECT *oo = &o;
ADDED_OBJ ad, *adp;
+ const unsigned int *op;
o.sn = s;
if (added != NULL) {
ad.type = ADDED_SNAME;
ad.obj = &o;
- adp = (ADDED_OBJ *)lh_retrieve(added, &ad);
+ adp = lh_ADDED_OBJ_retrieve(added, &ad);
if (adp != NULL)
return (adp->obj->nid);
}
- op = (ASN1_OBJECT **)OBJ_bsearch((char *)&oo, (char *)sn_objs, NUM_SN,
- sizeof(ASN1_OBJECT *), sn_cmp);
+ op = OBJ_bsearch_sn(&oo, sn_objs, NUM_SN);
if (op == NULL)
return (NID_undef);
- return ((*op)->nid);
+ return (nid_objs[*op].nid);
}
-static int obj_cmp(const void *ap, const void *bp)
+const void *OBJ_bsearch_(const void *key, const void *base, int num, int size,
+ int (*cmp) (const void *, const void *))
{
- int j;
- const ASN1_OBJECT *a = *(ASN1_OBJECT *const *)ap;
- const ASN1_OBJECT *b = *(ASN1_OBJECT *const *)bp;
-
- j = (a->length - b->length);
- if (j)
- return (j);
- return (memcmp(a->data, b->data, a->length));
+ return OBJ_bsearch_ex_(key, base, num, size, cmp, 0);
}
-const char *OBJ_bsearch(const char *key, const char *base, int num, int size,
- int (*cmp) (const void *, const void *))
+const void *OBJ_bsearch_ex_(const void *key, const void *base_, int num,
+ int size,
+ int (*cmp) (const void *, const void *),
+ int flags)
{
- return OBJ_bsearch_ex(key, base, num, size, cmp, 0);
-}
-
-const char *OBJ_bsearch_ex(const char *key, const char *base, int num,
- int size, int (*cmp) (const void *, const void *),
- int flags)
-{
+ const char *base = base_;
int l, h, i = 0, c = 0;
const char *p = NULL;
Modified: trunk/crypto/openssl/crypto/objects/obj_dat.h
===================================================================
--- trunk/crypto/openssl/crypto/objects/obj_dat.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/objects/obj_dat.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -62,1896 +62,1906 @@
* [including the GNU Public Licence.]
*/
-#define NUM_NID 893
-#define NUM_SN 886
-#define NUM_LN 886
-#define NUM_OBJ 840
+#define NUM_NID 920
+#define NUM_SN 913
+#define NUM_LN 913
+#define NUM_OBJ 857
-static unsigned char lvalues[5824]={
-0x00, /* [ 0] OBJ_undef */
-0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 1] OBJ_rsadsi */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 7] OBJ_pkcs */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02, /* [ 14] OBJ_md2 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x05, /* [ 22] OBJ_md5 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x04, /* [ 30] OBJ_rc4 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x01,/* [ 38] OBJ_rsaEncryption */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x02,/* [ 47] OBJ_md2WithRSAEncryption */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x04,/* [ 56] OBJ_md5WithRSAEncryption */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x01,/* [ 65] OBJ_pbeWithMD2AndDES_CBC */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x03,/* [ 74] OBJ_pbeWithMD5AndDES_CBC */
-0x55, /* [ 83] OBJ_X500 */
-0x55,0x04, /* [ 84] OBJ_X509 */
-0x55,0x04,0x03, /* [ 86] OBJ_commonName */
-0x55,0x04,0x06, /* [ 89] OBJ_countryName */
-0x55,0x04,0x07, /* [ 92] OBJ_localityName */
-0x55,0x04,0x08, /* [ 95] OBJ_stateOrProvinceName */
-0x55,0x04,0x0A, /* [ 98] OBJ_organizationName */
-0x55,0x04,0x0B, /* [101] OBJ_organizationalUnitName */
-0x55,0x08,0x01,0x01, /* [104] OBJ_rsa */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07, /* [108] OBJ_pkcs7 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x01,/* [116] OBJ_pkcs7_data */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x02,/* [125] OBJ_pkcs7_signed */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x03,/* [134] OBJ_pkcs7_enveloped */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x04,/* [143] OBJ_pkcs7_signedAndEnveloped */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x05,/* [152] OBJ_pkcs7_digest */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x06,/* [161] OBJ_pkcs7_encrypted */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x03, /* [170] OBJ_pkcs3 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x03,0x01,/* [178] OBJ_dhKeyAgreement */
-0x2B,0x0E,0x03,0x02,0x06, /* [187] OBJ_des_ecb */
-0x2B,0x0E,0x03,0x02,0x09, /* [192] OBJ_des_cfb64 */
-0x2B,0x0E,0x03,0x02,0x07, /* [197] OBJ_des_cbc */
-0x2B,0x0E,0x03,0x02,0x11, /* [202] OBJ_des_ede_ecb */
-0x2B,0x06,0x01,0x04,0x01,0x81,0x3C,0x07,0x01,0x01,0x02,/* [207] OBJ_idea_cbc */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x02, /* [218] OBJ_rc2_cbc */
-0x2B,0x0E,0x03,0x02,0x12, /* [226] OBJ_sha */
-0x2B,0x0E,0x03,0x02,0x0F, /* [231] OBJ_shaWithRSAEncryption */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x07, /* [236] OBJ_des_ede3_cbc */
-0x2B,0x0E,0x03,0x02,0x08, /* [244] OBJ_des_ofb64 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09, /* [249] OBJ_pkcs9 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x01,/* [257] OBJ_pkcs9_emailAddress */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x02,/* [266] OBJ_pkcs9_unstructuredName */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x03,/* [275] OBJ_pkcs9_contentType */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x04,/* [284] OBJ_pkcs9_messageDigest */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x05,/* [293] OBJ_pkcs9_signingTime */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x06,/* [302] OBJ_pkcs9_countersignature */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x07,/* [311] OBJ_pkcs9_challengePassword */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x08,/* [320] OBJ_pkcs9_unstructuredAddress */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x09,/* [329] OBJ_pkcs9_extCertAttributes */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42, /* [338] OBJ_netscape */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01, /* [345] OBJ_netscape_cert_extension */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x02, /* [353] OBJ_netscape_data_type */
-0x2B,0x0E,0x03,0x02,0x1A, /* [361] OBJ_sha1 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x05,/* [366] OBJ_sha1WithRSAEncryption */
-0x2B,0x0E,0x03,0x02,0x0D, /* [375] OBJ_dsaWithSHA */
-0x2B,0x0E,0x03,0x02,0x0C, /* [380] OBJ_dsa_2 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0B,/* [385] OBJ_pbeWithSHA1AndRC2_CBC */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0C,/* [394] OBJ_id_pbkdf2 */
-0x2B,0x0E,0x03,0x02,0x1B, /* [403] OBJ_dsaWithSHA1_2 */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x01,/* [408] OBJ_netscape_cert_type */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x02,/* [417] OBJ_netscape_base_url */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x03,/* [426] OBJ_netscape_revocation_url */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x04,/* [435] OBJ_netscape_ca_revocation_url */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x07,/* [444] OBJ_netscape_renewal_url */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x08,/* [453] OBJ_netscape_ca_policy_url */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x0C,/* [462] OBJ_netscape_ssl_server_name */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x0D,/* [471] OBJ_netscape_comment */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x02,0x05,/* [480] OBJ_netscape_cert_sequence */
-0x55,0x1D, /* [489] OBJ_id_ce */
-0x55,0x1D,0x0E, /* [491] OBJ_subject_key_identifier */
-0x55,0x1D,0x0F, /* [494] OBJ_key_usage */
-0x55,0x1D,0x10, /* [497] OBJ_private_key_usage_period */
-0x55,0x1D,0x11, /* [500] OBJ_subject_alt_name */
-0x55,0x1D,0x12, /* [503] OBJ_issuer_alt_name */
-0x55,0x1D,0x13, /* [506] OBJ_basic_constraints */
-0x55,0x1D,0x14, /* [509] OBJ_crl_number */
-0x55,0x1D,0x20, /* [512] OBJ_certificate_policies */
-0x55,0x1D,0x23, /* [515] OBJ_authority_key_identifier */
-0x2B,0x06,0x01,0x04,0x01,0x97,0x55,0x01,0x02,/* [518] OBJ_bf_cbc */
-0x55,0x08,0x03,0x65, /* [527] OBJ_mdc2 */
-0x55,0x08,0x03,0x64, /* [531] OBJ_mdc2WithRSA */
-0x55,0x04,0x2A, /* [535] OBJ_givenName */
-0x55,0x04,0x04, /* [538] OBJ_surname */
-0x55,0x04,0x2B, /* [541] OBJ_initials */
-0x55,0x1D,0x1F, /* [544] OBJ_crl_distribution_points */
-0x2B,0x0E,0x03,0x02,0x03, /* [547] OBJ_md5WithRSA */
-0x55,0x04,0x05, /* [552] OBJ_serialNumber */
-0x55,0x04,0x0C, /* [555] OBJ_title */
-0x55,0x04,0x0D, /* [558] OBJ_description */
-0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x0A,/* [561] OBJ_cast5_cbc */
-0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x0C,/* [570] OBJ_pbeWithMD5AndCast5_CBC */
-0x2A,0x86,0x48,0xCE,0x38,0x04,0x03, /* [579] OBJ_dsaWithSHA1 */
-0x2B,0x0E,0x03,0x02,0x1D, /* [586] OBJ_sha1WithRSA */
-0x2A,0x86,0x48,0xCE,0x38,0x04,0x01, /* [591] OBJ_dsa */
-0x2B,0x24,0x03,0x02,0x01, /* [598] OBJ_ripemd160 */
-0x2B,0x24,0x03,0x03,0x01,0x02, /* [603] OBJ_ripemd160WithRSA */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x08, /* [609] OBJ_rc5_cbc */
-0x29,0x01,0x01,0x85,0x1A,0x01, /* [617] OBJ_rle_compression */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x08,/* [623] OBJ_zlib_compression */
-0x55,0x1D,0x25, /* [634] OBJ_ext_key_usage */
-0x2B,0x06,0x01,0x05,0x05,0x07, /* [637] OBJ_id_pkix */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03, /* [643] OBJ_id_kp */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x01, /* [650] OBJ_server_auth */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x02, /* [658] OBJ_client_auth */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x03, /* [666] OBJ_code_sign */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x04, /* [674] OBJ_email_protect */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x08, /* [682] OBJ_time_stamp */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x15,/* [690] OBJ_ms_code_ind */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x16,/* [700] OBJ_ms_code_com */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x01,/* [710] OBJ_ms_ctl_sign */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x03,/* [720] OBJ_ms_sgc */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x04,/* [730] OBJ_ms_efs */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x04,0x01,/* [740] OBJ_ns_sgc */
-0x55,0x1D,0x1B, /* [749] OBJ_delta_crl */
-0x55,0x1D,0x15, /* [752] OBJ_crl_reason */
-0x55,0x1D,0x18, /* [755] OBJ_invalidity_date */
-0x2B,0x65,0x01,0x04,0x01, /* [758] OBJ_sxnet */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x01,/* [763] OBJ_pbe_WithSHA1And128BitRC4 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x02,/* [773] OBJ_pbe_WithSHA1And40BitRC4 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x03,/* [783] OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x04,/* [793] OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x05,/* [803] OBJ_pbe_WithSHA1And128BitRC2_CBC */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x06,/* [813] OBJ_pbe_WithSHA1And40BitRC2_CBC */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x01,/* [823] OBJ_keyBag */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x02,/* [834] OBJ_pkcs8ShroudedKeyBag */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x03,/* [845] OBJ_certBag */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x04,/* [856] OBJ_crlBag */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x05,/* [867] OBJ_secretBag */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x06,/* [878] OBJ_safeContentsBag */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x14,/* [889] OBJ_friendlyName */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x15,/* [898] OBJ_localKeyID */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x16,0x01,/* [907] OBJ_x509Certificate */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x16,0x02,/* [917] OBJ_sdsiCertificate */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x17,0x01,/* [927] OBJ_x509Crl */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0D,/* [937] OBJ_pbes2 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0E,/* [946] OBJ_pbmac1 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x07, /* [955] OBJ_hmacWithSHA1 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x01, /* [963] OBJ_id_qt_cps */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x02, /* [971] OBJ_id_qt_unotice */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x0F,/* [979] OBJ_SMIMECapabilities */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x04,/* [988] OBJ_pbeWithMD2AndRC2_CBC */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x06,/* [997] OBJ_pbeWithMD5AndRC2_CBC */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0A,/* [1006] OBJ_pbeWithSHA1AndDES_CBC */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x0E,/* [1015] OBJ_ms_ext_req */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x0E,/* [1025] OBJ_ext_req */
-0x55,0x04,0x29, /* [1034] OBJ_name */
-0x55,0x04,0x2E, /* [1037] OBJ_dnQualifier */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01, /* [1040] OBJ_id_pe */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30, /* [1047] OBJ_id_ad */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x01, /* [1054] OBJ_info_access */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01, /* [1062] OBJ_ad_OCSP */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x02, /* [1070] OBJ_ad_ca_issuers */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x09, /* [1078] OBJ_OCSP_sign */
-0x28, /* [1086] OBJ_iso */
-0x2A, /* [1087] OBJ_member_body */
-0x2A,0x86,0x48, /* [1088] OBJ_ISO_US */
-0x2A,0x86,0x48,0xCE,0x38, /* [1091] OBJ_X9_57 */
-0x2A,0x86,0x48,0xCE,0x38,0x04, /* [1096] OBJ_X9cm */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01, /* [1102] OBJ_pkcs1 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05, /* [1110] OBJ_pkcs5 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,/* [1118] OBJ_SMIME */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,/* [1127] OBJ_id_smime_mod */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,/* [1137] OBJ_id_smime_ct */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,/* [1147] OBJ_id_smime_aa */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,/* [1157] OBJ_id_smime_alg */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x04,/* [1167] OBJ_id_smime_cd */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,/* [1177] OBJ_id_smime_spq */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,/* [1187] OBJ_id_smime_cti */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x01,/* [1197] OBJ_id_smime_mod_cms */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x02,/* [1208] OBJ_id_smime_mod_ess */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x03,/* [1219] OBJ_id_smime_mod_oid */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x04,/* [1230] OBJ_id_smime_mod_msg_v3 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x05,/* [1241] OBJ_id_smime_mod_ets_eSignature_88 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x06,/* [1252] OBJ_id_smime_mod_ets_eSignature_97 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x07,/* [1263] OBJ_id_smime_mod_ets_eSigPolicy_88 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x08,/* [1274] OBJ_id_smime_mod_ets_eSigPolicy_97 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x01,/* [1285] OBJ_id_smime_ct_receipt */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x02,/* [1296] OBJ_id_smime_ct_authData */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x03,/* [1307] OBJ_id_smime_ct_publishCert */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x04,/* [1318] OBJ_id_smime_ct_TSTInfo */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x05,/* [1329] OBJ_id_smime_ct_TDTInfo */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x06,/* [1340] OBJ_id_smime_ct_contentInfo */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x07,/* [1351] OBJ_id_smime_ct_DVCSRequestData */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x08,/* [1362] OBJ_id_smime_ct_DVCSResponseData */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x01,/* [1373] OBJ_id_smime_aa_receiptRequest */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x02,/* [1384] OBJ_id_smime_aa_securityLabel */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x03,/* [1395] OBJ_id_smime_aa_mlExpandHistory */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x04,/* [1406] OBJ_id_smime_aa_contentHint */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x05,/* [1417] OBJ_id_smime_aa_msgSigDigest */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x06,/* [1428] OBJ_id_smime_aa_encapContentType */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x07,/* [1439] OBJ_id_smime_aa_contentIdentifier */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x08,/* [1450] OBJ_id_smime_aa_macValue */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x09,/* [1461] OBJ_id_smime_aa_equivalentLabels */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0A,/* [1472] OBJ_id_smime_aa_contentReference */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0B,/* [1483] OBJ_id_smime_aa_encrypKeyPref */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0C,/* [1494] OBJ_id_smime_aa_signingCertificate */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0D,/* [1505] OBJ_id_smime_aa_smimeEncryptCerts */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0E,/* [1516] OBJ_id_smime_aa_timeStampToken */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0F,/* [1527] OBJ_id_smime_aa_ets_sigPolicyId */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x10,/* [1538] OBJ_id_smime_aa_ets_commitmentType */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x11,/* [1549] OBJ_id_smime_aa_ets_signerLocation */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x12,/* [1560] OBJ_id_smime_aa_ets_signerAttr */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x13,/* [1571] OBJ_id_smime_aa_ets_otherSigCert */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x14,/* [1582] OBJ_id_smime_aa_ets_contentTimestamp */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x15,/* [1593] OBJ_id_smime_aa_ets_CertificateRefs */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x16,/* [1604] OBJ_id_smime_aa_ets_RevocationRefs */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x17,/* [1615] OBJ_id_smime_aa_ets_certValues */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x18,/* [1626] OBJ_id_smime_aa_ets_revocationValues */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x19,/* [1637] OBJ_id_smime_aa_ets_escTimeStamp */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1A,/* [1648] OBJ_id_smime_aa_ets_certCRLTimestamp */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1B,/* [1659] OBJ_id_smime_aa_ets_archiveTimeStamp */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1C,/* [1670] OBJ_id_smime_aa_signatureType */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1D,/* [1681] OBJ_id_smime_aa_dvcs_dvc */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x01,/* [1692] OBJ_id_smime_alg_ESDHwith3DES */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x02,/* [1703] OBJ_id_smime_alg_ESDHwithRC2 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x03,/* [1714] OBJ_id_smime_alg_3DESwrap */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x04,/* [1725] OBJ_id_smime_alg_RC2wrap */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x05,/* [1736] OBJ_id_smime_alg_ESDH */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x06,/* [1747] OBJ_id_smime_alg_CMS3DESwrap */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x07,/* [1758] OBJ_id_smime_alg_CMSRC2wrap */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x04,0x01,/* [1769] OBJ_id_smime_cd_ldap */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,0x01,/* [1780] OBJ_id_smime_spq_ets_sqt_uri */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,0x02,/* [1791] OBJ_id_smime_spq_ets_sqt_unotice */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x01,/* [1802] OBJ_id_smime_cti_ets_proofOfOrigin */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x02,/* [1813] OBJ_id_smime_cti_ets_proofOfReceipt */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x03,/* [1824] OBJ_id_smime_cti_ets_proofOfDelivery */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x04,/* [1835] OBJ_id_smime_cti_ets_proofOfSender */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x05,/* [1846] OBJ_id_smime_cti_ets_proofOfApproval */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x06,/* [1857] OBJ_id_smime_cti_ets_proofOfCreation */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x04, /* [1868] OBJ_md4 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00, /* [1876] OBJ_id_pkix_mod */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x02, /* [1883] OBJ_id_qt */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04, /* [1890] OBJ_id_it */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05, /* [1897] OBJ_id_pkip */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x06, /* [1904] OBJ_id_alg */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07, /* [1911] OBJ_id_cmc */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x08, /* [1918] OBJ_id_on */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x09, /* [1925] OBJ_id_pda */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0A, /* [1932] OBJ_id_aca */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0B, /* [1939] OBJ_id_qcs */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0C, /* [1946] OBJ_id_cct */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x01, /* [1953] OBJ_id_pkix1_explicit_88 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x02, /* [1961] OBJ_id_pkix1_implicit_88 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x03, /* [1969] OBJ_id_pkix1_explicit_93 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x04, /* [1977] OBJ_id_pkix1_implicit_93 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x05, /* [1985] OBJ_id_mod_crmf */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x06, /* [1993] OBJ_id_mod_cmc */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x07, /* [2001] OBJ_id_mod_kea_profile_88 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x08, /* [2009] OBJ_id_mod_kea_profile_93 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x09, /* [2017] OBJ_id_mod_cmp */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0A, /* [2025] OBJ_id_mod_qualified_cert_88 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0B, /* [2033] OBJ_id_mod_qualified_cert_93 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0C, /* [2041] OBJ_id_mod_attribute_cert */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0D, /* [2049] OBJ_id_mod_timestamp_protocol */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0E, /* [2057] OBJ_id_mod_ocsp */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0F, /* [2065] OBJ_id_mod_dvcs */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x10, /* [2073] OBJ_id_mod_cmp2000 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x02, /* [2081] OBJ_biometricInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x03, /* [2089] OBJ_qcStatements */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x04, /* [2097] OBJ_ac_auditEntity */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x05, /* [2105] OBJ_ac_targeting */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x06, /* [2113] OBJ_aaControls */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x07, /* [2121] OBJ_sbgp_ipAddrBlock */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x08, /* [2129] OBJ_sbgp_autonomousSysNum */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x09, /* [2137] OBJ_sbgp_routerIdentifier */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x03, /* [2145] OBJ_textNotice */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x05, /* [2153] OBJ_ipsecEndSystem */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x06, /* [2161] OBJ_ipsecTunnel */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x07, /* [2169] OBJ_ipsecUser */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x0A, /* [2177] OBJ_dvcs */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x01, /* [2185] OBJ_id_it_caProtEncCert */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x02, /* [2193] OBJ_id_it_signKeyPairTypes */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x03, /* [2201] OBJ_id_it_encKeyPairTypes */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x04, /* [2209] OBJ_id_it_preferredSymmAlg */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x05, /* [2217] OBJ_id_it_caKeyUpdateInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x06, /* [2225] OBJ_id_it_currentCRL */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x07, /* [2233] OBJ_id_it_unsupportedOIDs */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x08, /* [2241] OBJ_id_it_subscriptionRequest */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x09, /* [2249] OBJ_id_it_subscriptionResponse */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0A, /* [2257] OBJ_id_it_keyPairParamReq */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0B, /* [2265] OBJ_id_it_keyPairParamRep */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0C, /* [2273] OBJ_id_it_revPassphrase */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0D, /* [2281] OBJ_id_it_implicitConfirm */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0E, /* [2289] OBJ_id_it_confirmWaitTime */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0F, /* [2297] OBJ_id_it_origPKIMessage */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01, /* [2305] OBJ_id_regCtrl */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02, /* [2313] OBJ_id_regInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x01,/* [2321] OBJ_id_regCtrl_regToken */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x02,/* [2330] OBJ_id_regCtrl_authenticator */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x03,/* [2339] OBJ_id_regCtrl_pkiPublicationInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x04,/* [2348] OBJ_id_regCtrl_pkiArchiveOptions */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x05,/* [2357] OBJ_id_regCtrl_oldCertID */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x06,/* [2366] OBJ_id_regCtrl_protocolEncrKey */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02,0x01,/* [2375] OBJ_id_regInfo_utf8Pairs */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02,0x02,/* [2384] OBJ_id_regInfo_certReq */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x01, /* [2393] OBJ_id_alg_des40 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x02, /* [2401] OBJ_id_alg_noSignature */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x03, /* [2409] OBJ_id_alg_dh_sig_hmac_sha1 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x04, /* [2417] OBJ_id_alg_dh_pop */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x01, /* [2425] OBJ_id_cmc_statusInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x02, /* [2433] OBJ_id_cmc_identification */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x03, /* [2441] OBJ_id_cmc_identityProof */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x04, /* [2449] OBJ_id_cmc_dataReturn */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x05, /* [2457] OBJ_id_cmc_transactionId */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x06, /* [2465] OBJ_id_cmc_senderNonce */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x07, /* [2473] OBJ_id_cmc_recipientNonce */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x08, /* [2481] OBJ_id_cmc_addExtensions */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x09, /* [2489] OBJ_id_cmc_encryptedPOP */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0A, /* [2497] OBJ_id_cmc_decryptedPOP */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0B, /* [2505] OBJ_id_cmc_lraPOPWitness */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0F, /* [2513] OBJ_id_cmc_getCert */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x10, /* [2521] OBJ_id_cmc_getCRL */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x11, /* [2529] OBJ_id_cmc_revokeRequest */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x12, /* [2537] OBJ_id_cmc_regInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x13, /* [2545] OBJ_id_cmc_responseInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x15, /* [2553] OBJ_id_cmc_queryPending */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x16, /* [2561] OBJ_id_cmc_popLinkRandom */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x17, /* [2569] OBJ_id_cmc_popLinkWitness */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x18, /* [2577] OBJ_id_cmc_confirmCertAcceptance */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x08,0x01, /* [2585] OBJ_id_on_personalData */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x01, /* [2593] OBJ_id_pda_dateOfBirth */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x02, /* [2601] OBJ_id_pda_placeOfBirth */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x03, /* [2609] OBJ_id_pda_gender */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x04, /* [2617] OBJ_id_pda_countryOfCitizenship */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x05, /* [2625] OBJ_id_pda_countryOfResidence */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x01, /* [2633] OBJ_id_aca_authenticationInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x02, /* [2641] OBJ_id_aca_accessIdentity */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x03, /* [2649] OBJ_id_aca_chargingIdentity */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x04, /* [2657] OBJ_id_aca_group */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x05, /* [2665] OBJ_id_aca_role */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0B,0x01, /* [2673] OBJ_id_qcs_pkixQCSyntax_v1 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x01, /* [2681] OBJ_id_cct_crs */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x02, /* [2689] OBJ_id_cct_PKIData */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x03, /* [2697] OBJ_id_cct_PKIResponse */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x03, /* [2705] OBJ_ad_timeStamping */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x04, /* [2713] OBJ_ad_dvcs */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x01,/* [2721] OBJ_id_pkix_OCSP_basic */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x02,/* [2730] OBJ_id_pkix_OCSP_Nonce */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x03,/* [2739] OBJ_id_pkix_OCSP_CrlID */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x04,/* [2748] OBJ_id_pkix_OCSP_acceptableResponses */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x05,/* [2757] OBJ_id_pkix_OCSP_noCheck */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x06,/* [2766] OBJ_id_pkix_OCSP_archiveCutoff */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x07,/* [2775] OBJ_id_pkix_OCSP_serviceLocator */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x08,/* [2784] OBJ_id_pkix_OCSP_extendedStatus */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x09,/* [2793] OBJ_id_pkix_OCSP_valid */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x0A,/* [2802] OBJ_id_pkix_OCSP_path */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x0B,/* [2811] OBJ_id_pkix_OCSP_trustRoot */
-0x2B,0x0E,0x03,0x02, /* [2820] OBJ_algorithm */
-0x2B,0x0E,0x03,0x02,0x0B, /* [2824] OBJ_rsaSignature */
-0x55,0x08, /* [2829] OBJ_X500algorithms */
-0x2B, /* [2831] OBJ_org */
-0x2B,0x06, /* [2832] OBJ_dod */
-0x2B,0x06,0x01, /* [2834] OBJ_iana */
-0x2B,0x06,0x01,0x01, /* [2837] OBJ_Directory */
-0x2B,0x06,0x01,0x02, /* [2841] OBJ_Management */
-0x2B,0x06,0x01,0x03, /* [2845] OBJ_Experimental */
-0x2B,0x06,0x01,0x04, /* [2849] OBJ_Private */
-0x2B,0x06,0x01,0x05, /* [2853] OBJ_Security */
-0x2B,0x06,0x01,0x06, /* [2857] OBJ_SNMPv2 */
-0x2B,0x06,0x01,0x07, /* [2861] OBJ_Mail */
-0x2B,0x06,0x01,0x04,0x01, /* [2865] OBJ_Enterprises */
-0x2B,0x06,0x01,0x04,0x01,0x8B,0x3A,0x82,0x58,/* [2870] OBJ_dcObject */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x19,/* [2879] OBJ_domainComponent */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0D,/* [2889] OBJ_Domain */
-0x00, /* [2899] OBJ_joint_iso_ccitt */
-0x55,0x01,0x05, /* [2900] OBJ_selected_attribute_types */
-0x55,0x01,0x05,0x37, /* [2903] OBJ_clearance */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x03,/* [2907] OBJ_md4WithRSAEncryption */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0A, /* [2916] OBJ_ac_proxying */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0B, /* [2924] OBJ_sinfo_access */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x06, /* [2932] OBJ_id_aca_encAttrs */
-0x55,0x04,0x48, /* [2940] OBJ_role */
-0x55,0x1D,0x24, /* [2943] OBJ_policy_constraints */
-0x55,0x1D,0x37, /* [2946] OBJ_target_information */
-0x55,0x1D,0x38, /* [2949] OBJ_no_rev_avail */
-0x00, /* [2952] OBJ_ccitt */
-0x2A,0x86,0x48,0xCE,0x3D, /* [2953] OBJ_ansi_X9_62 */
-0x2A,0x86,0x48,0xCE,0x3D,0x01,0x01, /* [2958] OBJ_X9_62_prime_field */
-0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02, /* [2965] OBJ_X9_62_characteristic_two_field */
-0x2A,0x86,0x48,0xCE,0x3D,0x02,0x01, /* [2972] OBJ_X9_62_id_ecPublicKey */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x01, /* [2979] OBJ_X9_62_prime192v1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x02, /* [2987] OBJ_X9_62_prime192v2 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x03, /* [2995] OBJ_X9_62_prime192v3 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x04, /* [3003] OBJ_X9_62_prime239v1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x05, /* [3011] OBJ_X9_62_prime239v2 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x06, /* [3019] OBJ_X9_62_prime239v3 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x07, /* [3027] OBJ_X9_62_prime256v1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x04,0x01, /* [3035] OBJ_ecdsa_with_SHA1 */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x11,0x01,/* [3042] OBJ_ms_csp_name */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x01,/* [3051] OBJ_aes_128_ecb */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x02,/* [3060] OBJ_aes_128_cbc */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x03,/* [3069] OBJ_aes_128_ofb128 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x04,/* [3078] OBJ_aes_128_cfb128 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x15,/* [3087] OBJ_aes_192_ecb */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x16,/* [3096] OBJ_aes_192_cbc */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x17,/* [3105] OBJ_aes_192_ofb128 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x18,/* [3114] OBJ_aes_192_cfb128 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x29,/* [3123] OBJ_aes_256_ecb */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2A,/* [3132] OBJ_aes_256_cbc */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2B,/* [3141] OBJ_aes_256_ofb128 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2C,/* [3150] OBJ_aes_256_cfb128 */
-0x55,0x1D,0x17, /* [3159] OBJ_hold_instruction_code */
-0x2A,0x86,0x48,0xCE,0x38,0x02,0x01, /* [3162] OBJ_hold_instruction_none */
-0x2A,0x86,0x48,0xCE,0x38,0x02,0x02, /* [3169] OBJ_hold_instruction_call_issuer */
-0x2A,0x86,0x48,0xCE,0x38,0x02,0x03, /* [3176] OBJ_hold_instruction_reject */
-0x09, /* [3183] OBJ_data */
-0x09,0x92,0x26, /* [3184] OBJ_pss */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C, /* [3187] OBJ_ucl */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64, /* [3194] OBJ_pilot */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,/* [3202] OBJ_pilotAttributeType */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,/* [3211] OBJ_pilotAttributeSyntax */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,/* [3220] OBJ_pilotObjectClass */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x0A,/* [3229] OBJ_pilotGroups */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,0x04,/* [3238] OBJ_iA5StringSyntax */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,0x05,/* [3248] OBJ_caseIgnoreIA5StringSyntax */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x03,/* [3258] OBJ_pilotObject */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x04,/* [3268] OBJ_pilotPerson */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x05,/* [3278] OBJ_account */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x06,/* [3288] OBJ_document */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x07,/* [3298] OBJ_room */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x09,/* [3308] OBJ_documentSeries */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0E,/* [3318] OBJ_rFC822localPart */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0F,/* [3328] OBJ_dNSDomain */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x11,/* [3338] OBJ_domainRelatedObject */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x12,/* [3348] OBJ_friendlyCountry */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x13,/* [3358] OBJ_simpleSecurityObject */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x14,/* [3368] OBJ_pilotOrganization */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x15,/* [3378] OBJ_pilotDSA */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x16,/* [3388] OBJ_qualityLabelledData */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x01,/* [3398] OBJ_userId */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x02,/* [3408] OBJ_textEncodedORAddress */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x03,/* [3418] OBJ_rfc822Mailbox */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x04,/* [3428] OBJ_info */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x05,/* [3438] OBJ_favouriteDrink */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x06,/* [3448] OBJ_roomNumber */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x07,/* [3458] OBJ_photo */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x08,/* [3468] OBJ_userClass */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x09,/* [3478] OBJ_host */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0A,/* [3488] OBJ_manager */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0B,/* [3498] OBJ_documentIdentifier */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0C,/* [3508] OBJ_documentTitle */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0D,/* [3518] OBJ_documentVersion */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0E,/* [3528] OBJ_documentAuthor */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0F,/* [3538] OBJ_documentLocation */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x14,/* [3548] OBJ_homeTelephoneNumber */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x15,/* [3558] OBJ_secretary */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x16,/* [3568] OBJ_otherMailbox */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x17,/* [3578] OBJ_lastModifiedTime */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x18,/* [3588] OBJ_lastModifiedBy */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1A,/* [3598] OBJ_aRecord */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1B,/* [3608] OBJ_pilotAttributeType27 */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1C,/* [3618] OBJ_mXRecord */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1D,/* [3628] OBJ_nSRecord */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1E,/* [3638] OBJ_sOARecord */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1F,/* [3648] OBJ_cNAMERecord */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x25,/* [3658] OBJ_associatedDomain */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x26,/* [3668] OBJ_associatedName */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x27,/* [3678] OBJ_homePostalAddress */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x28,/* [3688] OBJ_personalTitle */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x29,/* [3698] OBJ_mobileTelephoneNumber */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2A,/* [3708] OBJ_pagerTelephoneNumber */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2B,/* [3718] OBJ_friendlyCountryName */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2D,/* [3728] OBJ_organizationalStatus */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2E,/* [3738] OBJ_janetMailbox */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2F,/* [3748] OBJ_mailPreferenceOption */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x30,/* [3758] OBJ_buildingName */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x31,/* [3768] OBJ_dSAQuality */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x32,/* [3778] OBJ_singleLevelQuality */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x33,/* [3788] OBJ_subtreeMinimumQuality */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x34,/* [3798] OBJ_subtreeMaximumQuality */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x35,/* [3808] OBJ_personalSignature */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x36,/* [3818] OBJ_dITRedirect */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x37,/* [3828] OBJ_audio */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x38,/* [3838] OBJ_documentPublisher */
-0x55,0x04,0x2D, /* [3848] OBJ_x500UniqueIdentifier */
-0x2B,0x06,0x01,0x07,0x01, /* [3851] OBJ_mime_mhs */
-0x2B,0x06,0x01,0x07,0x01,0x01, /* [3856] OBJ_mime_mhs_headings */
-0x2B,0x06,0x01,0x07,0x01,0x02, /* [3862] OBJ_mime_mhs_bodies */
-0x2B,0x06,0x01,0x07,0x01,0x01,0x01, /* [3868] OBJ_id_hex_partial_message */
-0x2B,0x06,0x01,0x07,0x01,0x01,0x02, /* [3875] OBJ_id_hex_multipart_message */
-0x55,0x04,0x2C, /* [3882] OBJ_generationQualifier */
-0x55,0x04,0x41, /* [3885] OBJ_pseudonym */
-0x67,0x2A, /* [3888] OBJ_id_set */
-0x67,0x2A,0x00, /* [3890] OBJ_set_ctype */
-0x67,0x2A,0x01, /* [3893] OBJ_set_msgExt */
-0x67,0x2A,0x03, /* [3896] OBJ_set_attr */
-0x67,0x2A,0x05, /* [3899] OBJ_set_policy */
-0x67,0x2A,0x07, /* [3902] OBJ_set_certExt */
-0x67,0x2A,0x08, /* [3905] OBJ_set_brand */
-0x67,0x2A,0x00,0x00, /* [3908] OBJ_setct_PANData */
-0x67,0x2A,0x00,0x01, /* [3912] OBJ_setct_PANToken */
-0x67,0x2A,0x00,0x02, /* [3916] OBJ_setct_PANOnly */
-0x67,0x2A,0x00,0x03, /* [3920] OBJ_setct_OIData */
-0x67,0x2A,0x00,0x04, /* [3924] OBJ_setct_PI */
-0x67,0x2A,0x00,0x05, /* [3928] OBJ_setct_PIData */
-0x67,0x2A,0x00,0x06, /* [3932] OBJ_setct_PIDataUnsigned */
-0x67,0x2A,0x00,0x07, /* [3936] OBJ_setct_HODInput */
-0x67,0x2A,0x00,0x08, /* [3940] OBJ_setct_AuthResBaggage */
-0x67,0x2A,0x00,0x09, /* [3944] OBJ_setct_AuthRevReqBaggage */
-0x67,0x2A,0x00,0x0A, /* [3948] OBJ_setct_AuthRevResBaggage */
-0x67,0x2A,0x00,0x0B, /* [3952] OBJ_setct_CapTokenSeq */
-0x67,0x2A,0x00,0x0C, /* [3956] OBJ_setct_PInitResData */
-0x67,0x2A,0x00,0x0D, /* [3960] OBJ_setct_PI_TBS */
-0x67,0x2A,0x00,0x0E, /* [3964] OBJ_setct_PResData */
-0x67,0x2A,0x00,0x10, /* [3968] OBJ_setct_AuthReqTBS */
-0x67,0x2A,0x00,0x11, /* [3972] OBJ_setct_AuthResTBS */
-0x67,0x2A,0x00,0x12, /* [3976] OBJ_setct_AuthResTBSX */
-0x67,0x2A,0x00,0x13, /* [3980] OBJ_setct_AuthTokenTBS */
-0x67,0x2A,0x00,0x14, /* [3984] OBJ_setct_CapTokenData */
-0x67,0x2A,0x00,0x15, /* [3988] OBJ_setct_CapTokenTBS */
-0x67,0x2A,0x00,0x16, /* [3992] OBJ_setct_AcqCardCodeMsg */
-0x67,0x2A,0x00,0x17, /* [3996] OBJ_setct_AuthRevReqTBS */
-0x67,0x2A,0x00,0x18, /* [4000] OBJ_setct_AuthRevResData */
-0x67,0x2A,0x00,0x19, /* [4004] OBJ_setct_AuthRevResTBS */
-0x67,0x2A,0x00,0x1A, /* [4008] OBJ_setct_CapReqTBS */
-0x67,0x2A,0x00,0x1B, /* [4012] OBJ_setct_CapReqTBSX */
-0x67,0x2A,0x00,0x1C, /* [4016] OBJ_setct_CapResData */
-0x67,0x2A,0x00,0x1D, /* [4020] OBJ_setct_CapRevReqTBS */
-0x67,0x2A,0x00,0x1E, /* [4024] OBJ_setct_CapRevReqTBSX */
-0x67,0x2A,0x00,0x1F, /* [4028] OBJ_setct_CapRevResData */
-0x67,0x2A,0x00,0x20, /* [4032] OBJ_setct_CredReqTBS */
-0x67,0x2A,0x00,0x21, /* [4036] OBJ_setct_CredReqTBSX */
-0x67,0x2A,0x00,0x22, /* [4040] OBJ_setct_CredResData */
-0x67,0x2A,0x00,0x23, /* [4044] OBJ_setct_CredRevReqTBS */
-0x67,0x2A,0x00,0x24, /* [4048] OBJ_setct_CredRevReqTBSX */
-0x67,0x2A,0x00,0x25, /* [4052] OBJ_setct_CredRevResData */
-0x67,0x2A,0x00,0x26, /* [4056] OBJ_setct_PCertReqData */
-0x67,0x2A,0x00,0x27, /* [4060] OBJ_setct_PCertResTBS */
-0x67,0x2A,0x00,0x28, /* [4064] OBJ_setct_BatchAdminReqData */
-0x67,0x2A,0x00,0x29, /* [4068] OBJ_setct_BatchAdminResData */
-0x67,0x2A,0x00,0x2A, /* [4072] OBJ_setct_CardCInitResTBS */
-0x67,0x2A,0x00,0x2B, /* [4076] OBJ_setct_MeAqCInitResTBS */
-0x67,0x2A,0x00,0x2C, /* [4080] OBJ_setct_RegFormResTBS */
-0x67,0x2A,0x00,0x2D, /* [4084] OBJ_setct_CertReqData */
-0x67,0x2A,0x00,0x2E, /* [4088] OBJ_setct_CertReqTBS */
-0x67,0x2A,0x00,0x2F, /* [4092] OBJ_setct_CertResData */
-0x67,0x2A,0x00,0x30, /* [4096] OBJ_setct_CertInqReqTBS */
-0x67,0x2A,0x00,0x31, /* [4100] OBJ_setct_ErrorTBS */
-0x67,0x2A,0x00,0x32, /* [4104] OBJ_setct_PIDualSignedTBE */
-0x67,0x2A,0x00,0x33, /* [4108] OBJ_setct_PIUnsignedTBE */
-0x67,0x2A,0x00,0x34, /* [4112] OBJ_setct_AuthReqTBE */
-0x67,0x2A,0x00,0x35, /* [4116] OBJ_setct_AuthResTBE */
-0x67,0x2A,0x00,0x36, /* [4120] OBJ_setct_AuthResTBEX */
-0x67,0x2A,0x00,0x37, /* [4124] OBJ_setct_AuthTokenTBE */
-0x67,0x2A,0x00,0x38, /* [4128] OBJ_setct_CapTokenTBE */
-0x67,0x2A,0x00,0x39, /* [4132] OBJ_setct_CapTokenTBEX */
-0x67,0x2A,0x00,0x3A, /* [4136] OBJ_setct_AcqCardCodeMsgTBE */
-0x67,0x2A,0x00,0x3B, /* [4140] OBJ_setct_AuthRevReqTBE */
-0x67,0x2A,0x00,0x3C, /* [4144] OBJ_setct_AuthRevResTBE */
-0x67,0x2A,0x00,0x3D, /* [4148] OBJ_setct_AuthRevResTBEB */
-0x67,0x2A,0x00,0x3E, /* [4152] OBJ_setct_CapReqTBE */
-0x67,0x2A,0x00,0x3F, /* [4156] OBJ_setct_CapReqTBEX */
-0x67,0x2A,0x00,0x40, /* [4160] OBJ_setct_CapResTBE */
-0x67,0x2A,0x00,0x41, /* [4164] OBJ_setct_CapRevReqTBE */
-0x67,0x2A,0x00,0x42, /* [4168] OBJ_setct_CapRevReqTBEX */
-0x67,0x2A,0x00,0x43, /* [4172] OBJ_setct_CapRevResTBE */
-0x67,0x2A,0x00,0x44, /* [4176] OBJ_setct_CredReqTBE */
-0x67,0x2A,0x00,0x45, /* [4180] OBJ_setct_CredReqTBEX */
-0x67,0x2A,0x00,0x46, /* [4184] OBJ_setct_CredResTBE */
-0x67,0x2A,0x00,0x47, /* [4188] OBJ_setct_CredRevReqTBE */
-0x67,0x2A,0x00,0x48, /* [4192] OBJ_setct_CredRevReqTBEX */
-0x67,0x2A,0x00,0x49, /* [4196] OBJ_setct_CredRevResTBE */
-0x67,0x2A,0x00,0x4A, /* [4200] OBJ_setct_BatchAdminReqTBE */
-0x67,0x2A,0x00,0x4B, /* [4204] OBJ_setct_BatchAdminResTBE */
-0x67,0x2A,0x00,0x4C, /* [4208] OBJ_setct_RegFormReqTBE */
-0x67,0x2A,0x00,0x4D, /* [4212] OBJ_setct_CertReqTBE */
-0x67,0x2A,0x00,0x4E, /* [4216] OBJ_setct_CertReqTBEX */
-0x67,0x2A,0x00,0x4F, /* [4220] OBJ_setct_CertResTBE */
-0x67,0x2A,0x00,0x50, /* [4224] OBJ_setct_CRLNotificationTBS */
-0x67,0x2A,0x00,0x51, /* [4228] OBJ_setct_CRLNotificationResTBS */
-0x67,0x2A,0x00,0x52, /* [4232] OBJ_setct_BCIDistributionTBS */
-0x67,0x2A,0x01,0x01, /* [4236] OBJ_setext_genCrypt */
-0x67,0x2A,0x01,0x03, /* [4240] OBJ_setext_miAuth */
-0x67,0x2A,0x01,0x04, /* [4244] OBJ_setext_pinSecure */
-0x67,0x2A,0x01,0x05, /* [4248] OBJ_setext_pinAny */
-0x67,0x2A,0x01,0x07, /* [4252] OBJ_setext_track2 */
-0x67,0x2A,0x01,0x08, /* [4256] OBJ_setext_cv */
-0x67,0x2A,0x05,0x00, /* [4260] OBJ_set_policy_root */
-0x67,0x2A,0x07,0x00, /* [4264] OBJ_setCext_hashedRoot */
-0x67,0x2A,0x07,0x01, /* [4268] OBJ_setCext_certType */
-0x67,0x2A,0x07,0x02, /* [4272] OBJ_setCext_merchData */
-0x67,0x2A,0x07,0x03, /* [4276] OBJ_setCext_cCertRequired */
-0x67,0x2A,0x07,0x04, /* [4280] OBJ_setCext_tunneling */
-0x67,0x2A,0x07,0x05, /* [4284] OBJ_setCext_setExt */
-0x67,0x2A,0x07,0x06, /* [4288] OBJ_setCext_setQualf */
-0x67,0x2A,0x07,0x07, /* [4292] OBJ_setCext_PGWYcapabilities */
-0x67,0x2A,0x07,0x08, /* [4296] OBJ_setCext_TokenIdentifier */
-0x67,0x2A,0x07,0x09, /* [4300] OBJ_setCext_Track2Data */
-0x67,0x2A,0x07,0x0A, /* [4304] OBJ_setCext_TokenType */
-0x67,0x2A,0x07,0x0B, /* [4308] OBJ_setCext_IssuerCapabilities */
-0x67,0x2A,0x03,0x00, /* [4312] OBJ_setAttr_Cert */
-0x67,0x2A,0x03,0x01, /* [4316] OBJ_setAttr_PGWYcap */
-0x67,0x2A,0x03,0x02, /* [4320] OBJ_setAttr_TokenType */
-0x67,0x2A,0x03,0x03, /* [4324] OBJ_setAttr_IssCap */
-0x67,0x2A,0x03,0x00,0x00, /* [4328] OBJ_set_rootKeyThumb */
-0x67,0x2A,0x03,0x00,0x01, /* [4333] OBJ_set_addPolicy */
-0x67,0x2A,0x03,0x02,0x01, /* [4338] OBJ_setAttr_Token_EMV */
-0x67,0x2A,0x03,0x02,0x02, /* [4343] OBJ_setAttr_Token_B0Prime */
-0x67,0x2A,0x03,0x03,0x03, /* [4348] OBJ_setAttr_IssCap_CVM */
-0x67,0x2A,0x03,0x03,0x04, /* [4353] OBJ_setAttr_IssCap_T2 */
-0x67,0x2A,0x03,0x03,0x05, /* [4358] OBJ_setAttr_IssCap_Sig */
-0x67,0x2A,0x03,0x03,0x03,0x01, /* [4363] OBJ_setAttr_GenCryptgrm */
-0x67,0x2A,0x03,0x03,0x04,0x01, /* [4369] OBJ_setAttr_T2Enc */
-0x67,0x2A,0x03,0x03,0x04,0x02, /* [4375] OBJ_setAttr_T2cleartxt */
-0x67,0x2A,0x03,0x03,0x05,0x01, /* [4381] OBJ_setAttr_TokICCsig */
-0x67,0x2A,0x03,0x03,0x05,0x02, /* [4387] OBJ_setAttr_SecDevSig */
-0x67,0x2A,0x08,0x01, /* [4393] OBJ_set_brand_IATA_ATA */
-0x67,0x2A,0x08,0x1E, /* [4397] OBJ_set_brand_Diners */
-0x67,0x2A,0x08,0x22, /* [4401] OBJ_set_brand_AmericanExpress */
-0x67,0x2A,0x08,0x23, /* [4405] OBJ_set_brand_JCB */
-0x67,0x2A,0x08,0x04, /* [4409] OBJ_set_brand_Visa */
-0x67,0x2A,0x08,0x05, /* [4413] OBJ_set_brand_MasterCard */
-0x67,0x2A,0x08,0xAE,0x7B, /* [4417] OBJ_set_brand_Novus */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x0A, /* [4422] OBJ_des_cdmf */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x06,/* [4430] OBJ_rsaOAEPEncryptionSET */
-0x00, /* [4439] OBJ_itu_t */
-0x50, /* [4440] OBJ_joint_iso_itu_t */
-0x67, /* [4441] OBJ_international_organizations */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x14,0x02,0x02,/* [4442] OBJ_ms_smartcard_login */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x14,0x02,0x03,/* [4452] OBJ_ms_upn */
-0x55,0x04,0x09, /* [4462] OBJ_streetAddress */
-0x55,0x04,0x11, /* [4465] OBJ_postalCode */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x15, /* [4468] OBJ_id_ppl */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0E, /* [4475] OBJ_proxyCertInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x00, /* [4483] OBJ_id_ppl_anyLanguage */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x01, /* [4491] OBJ_id_ppl_inheritAll */
-0x55,0x1D,0x1E, /* [4499] OBJ_name_constraints */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x02, /* [4502] OBJ_Independent */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0B,/* [4510] OBJ_sha256WithRSAEncryption */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0C,/* [4519] OBJ_sha384WithRSAEncryption */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0D,/* [4528] OBJ_sha512WithRSAEncryption */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0E,/* [4537] OBJ_sha224WithRSAEncryption */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x01,/* [4546] OBJ_sha256 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x02,/* [4555] OBJ_sha384 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x03,/* [4564] OBJ_sha512 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x04,/* [4573] OBJ_sha224 */
-0x2B, /* [4582] OBJ_identified_organization */
-0x2B,0x81,0x04, /* [4583] OBJ_certicom_arc */
-0x67,0x2B, /* [4586] OBJ_wap */
-0x67,0x2B,0x01, /* [4588] OBJ_wap_wsg */
-0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03, /* [4591] OBJ_X9_62_id_characteristic_two_basis */
-0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x01,/* [4599] OBJ_X9_62_onBasis */
-0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x02,/* [4608] OBJ_X9_62_tpBasis */
-0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x03,/* [4617] OBJ_X9_62_ppBasis */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x01, /* [4626] OBJ_X9_62_c2pnb163v1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x02, /* [4634] OBJ_X9_62_c2pnb163v2 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x03, /* [4642] OBJ_X9_62_c2pnb163v3 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x04, /* [4650] OBJ_X9_62_c2pnb176v1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x05, /* [4658] OBJ_X9_62_c2tnb191v1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x06, /* [4666] OBJ_X9_62_c2tnb191v2 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x07, /* [4674] OBJ_X9_62_c2tnb191v3 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x08, /* [4682] OBJ_X9_62_c2onb191v4 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x09, /* [4690] OBJ_X9_62_c2onb191v5 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0A, /* [4698] OBJ_X9_62_c2pnb208w1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0B, /* [4706] OBJ_X9_62_c2tnb239v1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0C, /* [4714] OBJ_X9_62_c2tnb239v2 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0D, /* [4722] OBJ_X9_62_c2tnb239v3 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0E, /* [4730] OBJ_X9_62_c2onb239v4 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0F, /* [4738] OBJ_X9_62_c2onb239v5 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x10, /* [4746] OBJ_X9_62_c2pnb272w1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x11, /* [4754] OBJ_X9_62_c2pnb304w1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x12, /* [4762] OBJ_X9_62_c2tnb359v1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x13, /* [4770] OBJ_X9_62_c2pnb368w1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x14, /* [4778] OBJ_X9_62_c2tnb431r1 */
-0x2B,0x81,0x04,0x00,0x06, /* [4786] OBJ_secp112r1 */
-0x2B,0x81,0x04,0x00,0x07, /* [4791] OBJ_secp112r2 */
-0x2B,0x81,0x04,0x00,0x1C, /* [4796] OBJ_secp128r1 */
-0x2B,0x81,0x04,0x00,0x1D, /* [4801] OBJ_secp128r2 */
-0x2B,0x81,0x04,0x00,0x09, /* [4806] OBJ_secp160k1 */
-0x2B,0x81,0x04,0x00,0x08, /* [4811] OBJ_secp160r1 */
-0x2B,0x81,0x04,0x00,0x1E, /* [4816] OBJ_secp160r2 */
-0x2B,0x81,0x04,0x00,0x1F, /* [4821] OBJ_secp192k1 */
-0x2B,0x81,0x04,0x00,0x20, /* [4826] OBJ_secp224k1 */
-0x2B,0x81,0x04,0x00,0x21, /* [4831] OBJ_secp224r1 */
-0x2B,0x81,0x04,0x00,0x0A, /* [4836] OBJ_secp256k1 */
-0x2B,0x81,0x04,0x00,0x22, /* [4841] OBJ_secp384r1 */
-0x2B,0x81,0x04,0x00,0x23, /* [4846] OBJ_secp521r1 */
-0x2B,0x81,0x04,0x00,0x04, /* [4851] OBJ_sect113r1 */
-0x2B,0x81,0x04,0x00,0x05, /* [4856] OBJ_sect113r2 */
-0x2B,0x81,0x04,0x00,0x16, /* [4861] OBJ_sect131r1 */
-0x2B,0x81,0x04,0x00,0x17, /* [4866] OBJ_sect131r2 */
-0x2B,0x81,0x04,0x00,0x01, /* [4871] OBJ_sect163k1 */
-0x2B,0x81,0x04,0x00,0x02, /* [4876] OBJ_sect163r1 */
-0x2B,0x81,0x04,0x00,0x0F, /* [4881] OBJ_sect163r2 */
-0x2B,0x81,0x04,0x00,0x18, /* [4886] OBJ_sect193r1 */
-0x2B,0x81,0x04,0x00,0x19, /* [4891] OBJ_sect193r2 */
-0x2B,0x81,0x04,0x00,0x1A, /* [4896] OBJ_sect233k1 */
-0x2B,0x81,0x04,0x00,0x1B, /* [4901] OBJ_sect233r1 */
-0x2B,0x81,0x04,0x00,0x03, /* [4906] OBJ_sect239k1 */
-0x2B,0x81,0x04,0x00,0x10, /* [4911] OBJ_sect283k1 */
-0x2B,0x81,0x04,0x00,0x11, /* [4916] OBJ_sect283r1 */
-0x2B,0x81,0x04,0x00,0x24, /* [4921] OBJ_sect409k1 */
-0x2B,0x81,0x04,0x00,0x25, /* [4926] OBJ_sect409r1 */
-0x2B,0x81,0x04,0x00,0x26, /* [4931] OBJ_sect571k1 */
-0x2B,0x81,0x04,0x00,0x27, /* [4936] OBJ_sect571r1 */
-0x67,0x2B,0x01,0x04,0x01, /* [4941] OBJ_wap_wsg_idm_ecid_wtls1 */
-0x67,0x2B,0x01,0x04,0x03, /* [4946] OBJ_wap_wsg_idm_ecid_wtls3 */
-0x67,0x2B,0x01,0x04,0x04, /* [4951] OBJ_wap_wsg_idm_ecid_wtls4 */
-0x67,0x2B,0x01,0x04,0x05, /* [4956] OBJ_wap_wsg_idm_ecid_wtls5 */
-0x67,0x2B,0x01,0x04,0x06, /* [4961] OBJ_wap_wsg_idm_ecid_wtls6 */
-0x67,0x2B,0x01,0x04,0x07, /* [4966] OBJ_wap_wsg_idm_ecid_wtls7 */
-0x67,0x2B,0x01,0x04,0x08, /* [4971] OBJ_wap_wsg_idm_ecid_wtls8 */
-0x67,0x2B,0x01,0x04,0x09, /* [4976] OBJ_wap_wsg_idm_ecid_wtls9 */
-0x67,0x2B,0x01,0x04,0x0A, /* [4981] OBJ_wap_wsg_idm_ecid_wtls10 */
-0x67,0x2B,0x01,0x04,0x0B, /* [4986] OBJ_wap_wsg_idm_ecid_wtls11 */
-0x67,0x2B,0x01,0x04,0x0C, /* [4991] OBJ_wap_wsg_idm_ecid_wtls12 */
-0x55,0x1D,0x20,0x00, /* [4996] OBJ_any_policy */
-0x55,0x1D,0x21, /* [5000] OBJ_policy_mappings */
-0x55,0x1D,0x36, /* [5003] OBJ_inhibit_any_policy */
-0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x01,0x02,/* [5006] OBJ_camellia_128_cbc */
-0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x01,0x03,/* [5017] OBJ_camellia_192_cbc */
-0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x01,0x04,/* [5028] OBJ_camellia_256_cbc */
-0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x01, /* [5039] OBJ_camellia_128_ecb */
-0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x15, /* [5047] OBJ_camellia_192_ecb */
-0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x29, /* [5055] OBJ_camellia_256_ecb */
-0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x04, /* [5063] OBJ_camellia_128_cfb128 */
-0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x18, /* [5071] OBJ_camellia_192_cfb128 */
-0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x2C, /* [5079] OBJ_camellia_256_cfb128 */
-0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x03, /* [5087] OBJ_camellia_128_ofb128 */
-0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x17, /* [5095] OBJ_camellia_192_ofb128 */
-0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x2B, /* [5103] OBJ_camellia_256_ofb128 */
-0x55,0x1D,0x09, /* [5111] OBJ_subject_directory_attributes */
-0x55,0x1D,0x1C, /* [5114] OBJ_issuing_distribution_point */
-0x55,0x1D,0x1D, /* [5117] OBJ_certificate_issuer */
-0x2A,0x83,0x1A,0x8C,0x9A,0x44, /* [5120] OBJ_kisa */
-0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x03, /* [5126] OBJ_seed_ecb */
-0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x04, /* [5134] OBJ_seed_cbc */
-0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x06, /* [5142] OBJ_seed_ofb128 */
-0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x05, /* [5150] OBJ_seed_cfb128 */
-0x2B,0x06,0x01,0x05,0x05,0x08,0x01,0x01, /* [5158] OBJ_hmac_md5 */
-0x2B,0x06,0x01,0x05,0x05,0x08,0x01,0x02, /* [5166] OBJ_hmac_sha1 */
-0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x0D,/* [5174] OBJ_id_PasswordBasedMAC */
-0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x1E,/* [5183] OBJ_id_DHBasedMac */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x10, /* [5192] OBJ_id_it_suppLangTags */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x05, /* [5200] OBJ_caRepository */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x09,/* [5208] OBJ_id_smime_ct_compressedData */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x1B,/* [5219] OBJ_id_ct_asciiTextWithCRLF */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x05,/* [5230] OBJ_id_aes128_wrap */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x19,/* [5239] OBJ_id_aes192_wrap */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2D,/* [5248] OBJ_id_aes256_wrap */
-0x2A,0x86,0x48,0xCE,0x3D,0x04,0x02, /* [5257] OBJ_ecdsa_with_Recommended */
-0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03, /* [5264] OBJ_ecdsa_with_Specified */
-0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x01, /* [5271] OBJ_ecdsa_with_SHA224 */
-0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x02, /* [5279] OBJ_ecdsa_with_SHA256 */
-0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x03, /* [5287] OBJ_ecdsa_with_SHA384 */
-0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x04, /* [5295] OBJ_ecdsa_with_SHA512 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x06, /* [5303] OBJ_hmacWithMD5 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x08, /* [5311] OBJ_hmacWithSHA224 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x09, /* [5319] OBJ_hmacWithSHA256 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x0A, /* [5327] OBJ_hmacWithSHA384 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x0B, /* [5335] OBJ_hmacWithSHA512 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x03,0x01,/* [5343] OBJ_dsa_with_SHA224 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x03,0x02,/* [5352] OBJ_dsa_with_SHA256 */
-0x28,0xCF,0x06,0x03,0x00,0x37, /* [5361] OBJ_whirlpool */
-0x2A,0x85,0x03,0x02,0x02, /* [5367] OBJ_cryptopro */
-0x2A,0x85,0x03,0x02,0x09, /* [5372] OBJ_cryptocom */
-0x2A,0x85,0x03,0x02,0x02,0x03, /* [5377] OBJ_id_GostR3411_94_with_GostR3410_2001 */
-0x2A,0x85,0x03,0x02,0x02,0x04, /* [5383] OBJ_id_GostR3411_94_with_GostR3410_94 */
-0x2A,0x85,0x03,0x02,0x02,0x09, /* [5389] OBJ_id_GostR3411_94 */
-0x2A,0x85,0x03,0x02,0x02,0x0A, /* [5395] OBJ_id_HMACGostR3411_94 */
-0x2A,0x85,0x03,0x02,0x02,0x13, /* [5401] OBJ_id_GostR3410_2001 */
-0x2A,0x85,0x03,0x02,0x02,0x14, /* [5407] OBJ_id_GostR3410_94 */
-0x2A,0x85,0x03,0x02,0x02,0x15, /* [5413] OBJ_id_Gost28147_89 */
-0x2A,0x85,0x03,0x02,0x02,0x16, /* [5419] OBJ_id_Gost28147_89_MAC */
-0x2A,0x85,0x03,0x02,0x02,0x17, /* [5425] OBJ_id_GostR3411_94_prf */
-0x2A,0x85,0x03,0x02,0x02,0x62, /* [5431] OBJ_id_GostR3410_2001DH */
-0x2A,0x85,0x03,0x02,0x02,0x63, /* [5437] OBJ_id_GostR3410_94DH */
-0x2A,0x85,0x03,0x02,0x02,0x0E,0x01, /* [5443] OBJ_id_Gost28147_89_CryptoPro_KeyMeshing */
-0x2A,0x85,0x03,0x02,0x02,0x0E,0x00, /* [5450] OBJ_id_Gost28147_89_None_KeyMeshing */
-0x2A,0x85,0x03,0x02,0x02,0x1E,0x00, /* [5457] OBJ_id_GostR3411_94_TestParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x1E,0x01, /* [5464] OBJ_id_GostR3411_94_CryptoProParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x1F,0x00, /* [5471] OBJ_id_Gost28147_89_TestParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x1F,0x01, /* [5478] OBJ_id_Gost28147_89_CryptoPro_A_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x1F,0x02, /* [5485] OBJ_id_Gost28147_89_CryptoPro_B_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x1F,0x03, /* [5492] OBJ_id_Gost28147_89_CryptoPro_C_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x1F,0x04, /* [5499] OBJ_id_Gost28147_89_CryptoPro_D_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x1F,0x05, /* [5506] OBJ_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x1F,0x06, /* [5513] OBJ_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x1F,0x07, /* [5520] OBJ_id_Gost28147_89_CryptoPro_RIC_1_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x20,0x00, /* [5527] OBJ_id_GostR3410_94_TestParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x20,0x02, /* [5534] OBJ_id_GostR3410_94_CryptoPro_A_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x20,0x03, /* [5541] OBJ_id_GostR3410_94_CryptoPro_B_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x20,0x04, /* [5548] OBJ_id_GostR3410_94_CryptoPro_C_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x20,0x05, /* [5555] OBJ_id_GostR3410_94_CryptoPro_D_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x21,0x01, /* [5562] OBJ_id_GostR3410_94_CryptoPro_XchA_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x21,0x02, /* [5569] OBJ_id_GostR3410_94_CryptoPro_XchB_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x21,0x03, /* [5576] OBJ_id_GostR3410_94_CryptoPro_XchC_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x23,0x00, /* [5583] OBJ_id_GostR3410_2001_TestParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x23,0x01, /* [5590] OBJ_id_GostR3410_2001_CryptoPro_A_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x23,0x02, /* [5597] OBJ_id_GostR3410_2001_CryptoPro_B_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x23,0x03, /* [5604] OBJ_id_GostR3410_2001_CryptoPro_C_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x24,0x00, /* [5611] OBJ_id_GostR3410_2001_CryptoPro_XchA_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x24,0x01, /* [5618] OBJ_id_GostR3410_2001_CryptoPro_XchB_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x14,0x01, /* [5625] OBJ_id_GostR3410_94_a */
-0x2A,0x85,0x03,0x02,0x02,0x14,0x02, /* [5632] OBJ_id_GostR3410_94_aBis */
-0x2A,0x85,0x03,0x02,0x02,0x14,0x03, /* [5639] OBJ_id_GostR3410_94_b */
-0x2A,0x85,0x03,0x02,0x02,0x14,0x04, /* [5646] OBJ_id_GostR3410_94_bBis */
-0x2A,0x85,0x03,0x02,0x09,0x01,0x06,0x01, /* [5653] OBJ_id_Gost28147_89_cc */
-0x2A,0x85,0x03,0x02,0x09,0x01,0x05,0x03, /* [5661] OBJ_id_GostR3410_94_cc */
-0x2A,0x85,0x03,0x02,0x09,0x01,0x05,0x04, /* [5669] OBJ_id_GostR3410_2001_cc */
-0x2A,0x85,0x03,0x02,0x09,0x01,0x03,0x03, /* [5677] OBJ_id_GostR3411_94_with_GostR3410_94_cc */
-0x2A,0x85,0x03,0x02,0x09,0x01,0x03,0x04, /* [5685] OBJ_id_GostR3411_94_with_GostR3410_2001_cc */
-0x2A,0x85,0x03,0x02,0x09,0x01,0x08,0x01, /* [5693] OBJ_id_GostR3410_2001_ParamSet_cc */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x11,0x02,/* [5701] OBJ_LocalKeySet */
-0x55,0x1D,0x2E, /* [5710] OBJ_freshest_crl */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x08,0x03, /* [5713] OBJ_id_on_permanentIdentifier */
-0x55,0x04,0x0E, /* [5721] OBJ_searchGuide */
-0x55,0x04,0x0F, /* [5724] OBJ_businessCategory */
-0x55,0x04,0x10, /* [5727] OBJ_postalAddress */
-0x55,0x04,0x12, /* [5730] OBJ_postOfficeBox */
-0x55,0x04,0x13, /* [5733] OBJ_physicalDeliveryOfficeName */
-0x55,0x04,0x14, /* [5736] OBJ_telephoneNumber */
-0x55,0x04,0x15, /* [5739] OBJ_telexNumber */
-0x55,0x04,0x16, /* [5742] OBJ_teletexTerminalIdentifier */
-0x55,0x04,0x17, /* [5745] OBJ_facsimileTelephoneNumber */
-0x55,0x04,0x18, /* [5748] OBJ_x121Address */
-0x55,0x04,0x19, /* [5751] OBJ_internationaliSDNNumber */
-0x55,0x04,0x1A, /* [5754] OBJ_registeredAddress */
-0x55,0x04,0x1B, /* [5757] OBJ_destinationIndicator */
-0x55,0x04,0x1C, /* [5760] OBJ_preferredDeliveryMethod */
-0x55,0x04,0x1D, /* [5763] OBJ_presentationAddress */
-0x55,0x04,0x1E, /* [5766] OBJ_supportedApplicationContext */
-0x55,0x04,0x1F, /* [5769] OBJ_member */
-0x55,0x04,0x20, /* [5772] OBJ_owner */
-0x55,0x04,0x21, /* [5775] OBJ_roleOccupant */
-0x55,0x04,0x22, /* [5778] OBJ_seeAlso */
-0x55,0x04,0x23, /* [5781] OBJ_userPassword */
-0x55,0x04,0x24, /* [5784] OBJ_userCertificate */
-0x55,0x04,0x25, /* [5787] OBJ_cACertificate */
-0x55,0x04,0x26, /* [5790] OBJ_authorityRevocationList */
-0x55,0x04,0x27, /* [5793] OBJ_certificateRevocationList */
-0x55,0x04,0x28, /* [5796] OBJ_crossCertificatePair */
-0x55,0x04,0x2F, /* [5799] OBJ_enhancedSearchGuide */
-0x55,0x04,0x30, /* [5802] OBJ_protocolInformation */
-0x55,0x04,0x31, /* [5805] OBJ_distinguishedName */
-0x55,0x04,0x32, /* [5808] OBJ_uniqueMember */
-0x55,0x04,0x33, /* [5811] OBJ_houseIdentifier */
-0x55,0x04,0x34, /* [5814] OBJ_supportedAlgorithms */
-0x55,0x04,0x35, /* [5817] OBJ_deltaRevocationList */
-0x55,0x04,0x36, /* [5820] OBJ_dmdName */
+static const unsigned char lvalues[5974]={
+0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 0] OBJ_rsadsi */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 6] OBJ_pkcs */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02, /* [ 13] OBJ_md2 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x05, /* [ 21] OBJ_md5 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x04, /* [ 29] OBJ_rc4 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x01,/* [ 37] OBJ_rsaEncryption */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x02,/* [ 46] OBJ_md2WithRSAEncryption */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x04,/* [ 55] OBJ_md5WithRSAEncryption */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x01,/* [ 64] OBJ_pbeWithMD2AndDES_CBC */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x03,/* [ 73] OBJ_pbeWithMD5AndDES_CBC */
+0x55, /* [ 82] OBJ_X500 */
+0x55,0x04, /* [ 83] OBJ_X509 */
+0x55,0x04,0x03, /* [ 85] OBJ_commonName */
+0x55,0x04,0x06, /* [ 88] OBJ_countryName */
+0x55,0x04,0x07, /* [ 91] OBJ_localityName */
+0x55,0x04,0x08, /* [ 94] OBJ_stateOrProvinceName */
+0x55,0x04,0x0A, /* [ 97] OBJ_organizationName */
+0x55,0x04,0x0B, /* [100] OBJ_organizationalUnitName */
+0x55,0x08,0x01,0x01, /* [103] OBJ_rsa */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07, /* [107] OBJ_pkcs7 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x01,/* [115] OBJ_pkcs7_data */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x02,/* [124] OBJ_pkcs7_signed */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x03,/* [133] OBJ_pkcs7_enveloped */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x04,/* [142] OBJ_pkcs7_signedAndEnveloped */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x05,/* [151] OBJ_pkcs7_digest */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x06,/* [160] OBJ_pkcs7_encrypted */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x03, /* [169] OBJ_pkcs3 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x03,0x01,/* [177] OBJ_dhKeyAgreement */
+0x2B,0x0E,0x03,0x02,0x06, /* [186] OBJ_des_ecb */
+0x2B,0x0E,0x03,0x02,0x09, /* [191] OBJ_des_cfb64 */
+0x2B,0x0E,0x03,0x02,0x07, /* [196] OBJ_des_cbc */
+0x2B,0x0E,0x03,0x02,0x11, /* [201] OBJ_des_ede_ecb */
+0x2B,0x06,0x01,0x04,0x01,0x81,0x3C,0x07,0x01,0x01,0x02,/* [206] OBJ_idea_cbc */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x02, /* [217] OBJ_rc2_cbc */
+0x2B,0x0E,0x03,0x02,0x12, /* [225] OBJ_sha */
+0x2B,0x0E,0x03,0x02,0x0F, /* [230] OBJ_shaWithRSAEncryption */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x07, /* [235] OBJ_des_ede3_cbc */
+0x2B,0x0E,0x03,0x02,0x08, /* [243] OBJ_des_ofb64 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09, /* [248] OBJ_pkcs9 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x01,/* [256] OBJ_pkcs9_emailAddress */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x02,/* [265] OBJ_pkcs9_unstructuredName */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x03,/* [274] OBJ_pkcs9_contentType */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x04,/* [283] OBJ_pkcs9_messageDigest */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x05,/* [292] OBJ_pkcs9_signingTime */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x06,/* [301] OBJ_pkcs9_countersignature */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x07,/* [310] OBJ_pkcs9_challengePassword */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x08,/* [319] OBJ_pkcs9_unstructuredAddress */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x09,/* [328] OBJ_pkcs9_extCertAttributes */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42, /* [337] OBJ_netscape */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01, /* [344] OBJ_netscape_cert_extension */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x02, /* [352] OBJ_netscape_data_type */
+0x2B,0x0E,0x03,0x02,0x1A, /* [360] OBJ_sha1 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x05,/* [365] OBJ_sha1WithRSAEncryption */
+0x2B,0x0E,0x03,0x02,0x0D, /* [374] OBJ_dsaWithSHA */
+0x2B,0x0E,0x03,0x02,0x0C, /* [379] OBJ_dsa_2 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0B,/* [384] OBJ_pbeWithSHA1AndRC2_CBC */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0C,/* [393] OBJ_id_pbkdf2 */
+0x2B,0x0E,0x03,0x02,0x1B, /* [402] OBJ_dsaWithSHA1_2 */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x01,/* [407] OBJ_netscape_cert_type */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x02,/* [416] OBJ_netscape_base_url */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x03,/* [425] OBJ_netscape_revocation_url */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x04,/* [434] OBJ_netscape_ca_revocation_url */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x07,/* [443] OBJ_netscape_renewal_url */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x08,/* [452] OBJ_netscape_ca_policy_url */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x0C,/* [461] OBJ_netscape_ssl_server_name */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x0D,/* [470] OBJ_netscape_comment */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x02,0x05,/* [479] OBJ_netscape_cert_sequence */
+0x55,0x1D, /* [488] OBJ_id_ce */
+0x55,0x1D,0x0E, /* [490] OBJ_subject_key_identifier */
+0x55,0x1D,0x0F, /* [493] OBJ_key_usage */
+0x55,0x1D,0x10, /* [496] OBJ_private_key_usage_period */
+0x55,0x1D,0x11, /* [499] OBJ_subject_alt_name */
+0x55,0x1D,0x12, /* [502] OBJ_issuer_alt_name */
+0x55,0x1D,0x13, /* [505] OBJ_basic_constraints */
+0x55,0x1D,0x14, /* [508] OBJ_crl_number */
+0x55,0x1D,0x20, /* [511] OBJ_certificate_policies */
+0x55,0x1D,0x23, /* [514] OBJ_authority_key_identifier */
+0x2B,0x06,0x01,0x04,0x01,0x97,0x55,0x01,0x02,/* [517] OBJ_bf_cbc */
+0x55,0x08,0x03,0x65, /* [526] OBJ_mdc2 */
+0x55,0x08,0x03,0x64, /* [530] OBJ_mdc2WithRSA */
+0x55,0x04,0x2A, /* [534] OBJ_givenName */
+0x55,0x04,0x04, /* [537] OBJ_surname */
+0x55,0x04,0x2B, /* [540] OBJ_initials */
+0x55,0x1D,0x1F, /* [543] OBJ_crl_distribution_points */
+0x2B,0x0E,0x03,0x02,0x03, /* [546] OBJ_md5WithRSA */
+0x55,0x04,0x05, /* [551] OBJ_serialNumber */
+0x55,0x04,0x0C, /* [554] OBJ_title */
+0x55,0x04,0x0D, /* [557] OBJ_description */
+0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x0A,/* [560] OBJ_cast5_cbc */
+0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x0C,/* [569] OBJ_pbeWithMD5AndCast5_CBC */
+0x2A,0x86,0x48,0xCE,0x38,0x04,0x03, /* [578] OBJ_dsaWithSHA1 */
+0x2B,0x0E,0x03,0x02,0x1D, /* [585] OBJ_sha1WithRSA */
+0x2A,0x86,0x48,0xCE,0x38,0x04,0x01, /* [590] OBJ_dsa */
+0x2B,0x24,0x03,0x02,0x01, /* [597] OBJ_ripemd160 */
+0x2B,0x24,0x03,0x03,0x01,0x02, /* [602] OBJ_ripemd160WithRSA */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x08, /* [608] OBJ_rc5_cbc */
+0x29,0x01,0x01,0x85,0x1A,0x01, /* [616] OBJ_rle_compression */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x08,/* [622] OBJ_zlib_compression */
+0x55,0x1D,0x25, /* [633] OBJ_ext_key_usage */
+0x2B,0x06,0x01,0x05,0x05,0x07, /* [636] OBJ_id_pkix */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x03, /* [642] OBJ_id_kp */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x01, /* [649] OBJ_server_auth */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x02, /* [657] OBJ_client_auth */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x03, /* [665] OBJ_code_sign */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x04, /* [673] OBJ_email_protect */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x08, /* [681] OBJ_time_stamp */
+0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x15,/* [689] OBJ_ms_code_ind */
+0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x16,/* [699] OBJ_ms_code_com */
+0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x01,/* [709] OBJ_ms_ctl_sign */
+0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x03,/* [719] OBJ_ms_sgc */
+0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x04,/* [729] OBJ_ms_efs */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x04,0x01,/* [739] OBJ_ns_sgc */
+0x55,0x1D,0x1B, /* [748] OBJ_delta_crl */
+0x55,0x1D,0x15, /* [751] OBJ_crl_reason */
+0x55,0x1D,0x18, /* [754] OBJ_invalidity_date */
+0x2B,0x65,0x01,0x04,0x01, /* [757] OBJ_sxnet */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x01,/* [762] OBJ_pbe_WithSHA1And128BitRC4 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x02,/* [772] OBJ_pbe_WithSHA1And40BitRC4 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x03,/* [782] OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x04,/* [792] OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x05,/* [802] OBJ_pbe_WithSHA1And128BitRC2_CBC */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x06,/* [812] OBJ_pbe_WithSHA1And40BitRC2_CBC */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x01,/* [822] OBJ_keyBag */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x02,/* [833] OBJ_pkcs8ShroudedKeyBag */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x03,/* [844] OBJ_certBag */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x04,/* [855] OBJ_crlBag */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x05,/* [866] OBJ_secretBag */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x06,/* [877] OBJ_safeContentsBag */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x14,/* [888] OBJ_friendlyName */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x15,/* [897] OBJ_localKeyID */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x16,0x01,/* [906] OBJ_x509Certificate */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x16,0x02,/* [916] OBJ_sdsiCertificate */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x17,0x01,/* [926] OBJ_x509Crl */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0D,/* [936] OBJ_pbes2 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0E,/* [945] OBJ_pbmac1 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x07, /* [954] OBJ_hmacWithSHA1 */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x01, /* [962] OBJ_id_qt_cps */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x02, /* [970] OBJ_id_qt_unotice */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x0F,/* [978] OBJ_SMIMECapabilities */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x04,/* [987] OBJ_pbeWithMD2AndRC2_CBC */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x06,/* [996] OBJ_pbeWithMD5AndRC2_CBC */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0A,/* [1005] OBJ_pbeWithSHA1AndDES_CBC */
+0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x0E,/* [1014] OBJ_ms_ext_req */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x0E,/* [1024] OBJ_ext_req */
+0x55,0x04,0x29, /* [1033] OBJ_name */
+0x55,0x04,0x2E, /* [1036] OBJ_dnQualifier */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x01, /* [1039] OBJ_id_pe */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30, /* [1046] OBJ_id_ad */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x01, /* [1053] OBJ_info_access */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01, /* [1061] OBJ_ad_OCSP */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x02, /* [1069] OBJ_ad_ca_issuers */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x09, /* [1077] OBJ_OCSP_sign */
+0x2A, /* [1085] OBJ_member_body */
+0x2A,0x86,0x48, /* [1086] OBJ_ISO_US */
+0x2A,0x86,0x48,0xCE,0x38, /* [1089] OBJ_X9_57 */
+0x2A,0x86,0x48,0xCE,0x38,0x04, /* [1094] OBJ_X9cm */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01, /* [1100] OBJ_pkcs1 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05, /* [1108] OBJ_pkcs5 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,/* [1116] OBJ_SMIME */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,/* [1125] OBJ_id_smime_mod */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,/* [1135] OBJ_id_smime_ct */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,/* [1145] OBJ_id_smime_aa */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,/* [1155] OBJ_id_smime_alg */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x04,/* [1165] OBJ_id_smime_cd */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,/* [1175] OBJ_id_smime_spq */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,/* [1185] OBJ_id_smime_cti */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x01,/* [1195] OBJ_id_smime_mod_cms */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x02,/* [1206] OBJ_id_smime_mod_ess */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x03,/* [1217] OBJ_id_smime_mod_oid */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x04,/* [1228] OBJ_id_smime_mod_msg_v3 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x05,/* [1239] OBJ_id_smime_mod_ets_eSignature_88 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x06,/* [1250] OBJ_id_smime_mod_ets_eSignature_97 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x07,/* [1261] OBJ_id_smime_mod_ets_eSigPolicy_88 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x08,/* [1272] OBJ_id_smime_mod_ets_eSigPolicy_97 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x01,/* [1283] OBJ_id_smime_ct_receipt */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x02,/* [1294] OBJ_id_smime_ct_authData */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x03,/* [1305] OBJ_id_smime_ct_publishCert */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x04,/* [1316] OBJ_id_smime_ct_TSTInfo */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x05,/* [1327] OBJ_id_smime_ct_TDTInfo */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x06,/* [1338] OBJ_id_smime_ct_contentInfo */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x07,/* [1349] OBJ_id_smime_ct_DVCSRequestData */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x08,/* [1360] OBJ_id_smime_ct_DVCSResponseData */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x01,/* [1371] OBJ_id_smime_aa_receiptRequest */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x02,/* [1382] OBJ_id_smime_aa_securityLabel */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x03,/* [1393] OBJ_id_smime_aa_mlExpandHistory */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x04,/* [1404] OBJ_id_smime_aa_contentHint */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x05,/* [1415] OBJ_id_smime_aa_msgSigDigest */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x06,/* [1426] OBJ_id_smime_aa_encapContentType */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x07,/* [1437] OBJ_id_smime_aa_contentIdentifier */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x08,/* [1448] OBJ_id_smime_aa_macValue */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x09,/* [1459] OBJ_id_smime_aa_equivalentLabels */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0A,/* [1470] OBJ_id_smime_aa_contentReference */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0B,/* [1481] OBJ_id_smime_aa_encrypKeyPref */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0C,/* [1492] OBJ_id_smime_aa_signingCertificate */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0D,/* [1503] OBJ_id_smime_aa_smimeEncryptCerts */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0E,/* [1514] OBJ_id_smime_aa_timeStampToken */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0F,/* [1525] OBJ_id_smime_aa_ets_sigPolicyId */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x10,/* [1536] OBJ_id_smime_aa_ets_commitmentType */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x11,/* [1547] OBJ_id_smime_aa_ets_signerLocation */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x12,/* [1558] OBJ_id_smime_aa_ets_signerAttr */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x13,/* [1569] OBJ_id_smime_aa_ets_otherSigCert */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x14,/* [1580] OBJ_id_smime_aa_ets_contentTimestamp */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x15,/* [1591] OBJ_id_smime_aa_ets_CertificateRefs */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x16,/* [1602] OBJ_id_smime_aa_ets_RevocationRefs */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x17,/* [1613] OBJ_id_smime_aa_ets_certValues */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x18,/* [1624] OBJ_id_smime_aa_ets_revocationValues */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x19,/* [1635] OBJ_id_smime_aa_ets_escTimeStamp */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1A,/* [1646] OBJ_id_smime_aa_ets_certCRLTimestamp */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1B,/* [1657] OBJ_id_smime_aa_ets_archiveTimeStamp */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1C,/* [1668] OBJ_id_smime_aa_signatureType */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1D,/* [1679] OBJ_id_smime_aa_dvcs_dvc */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x01,/* [1690] OBJ_id_smime_alg_ESDHwith3DES */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x02,/* [1701] OBJ_id_smime_alg_ESDHwithRC2 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x03,/* [1712] OBJ_id_smime_alg_3DESwrap */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x04,/* [1723] OBJ_id_smime_alg_RC2wrap */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x05,/* [1734] OBJ_id_smime_alg_ESDH */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x06,/* [1745] OBJ_id_smime_alg_CMS3DESwrap */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x07,/* [1756] OBJ_id_smime_alg_CMSRC2wrap */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x04,0x01,/* [1767] OBJ_id_smime_cd_ldap */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,0x01,/* [1778] OBJ_id_smime_spq_ets_sqt_uri */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,0x02,/* [1789] OBJ_id_smime_spq_ets_sqt_unotice */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x01,/* [1800] OBJ_id_smime_cti_ets_proofOfOrigin */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x02,/* [1811] OBJ_id_smime_cti_ets_proofOfReceipt */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x03,/* [1822] OBJ_id_smime_cti_ets_proofOfDelivery */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x04,/* [1833] OBJ_id_smime_cti_ets_proofOfSender */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x05,/* [1844] OBJ_id_smime_cti_ets_proofOfApproval */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x06,/* [1855] OBJ_id_smime_cti_ets_proofOfCreation */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x04, /* [1866] OBJ_md4 */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x00, /* [1874] OBJ_id_pkix_mod */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x02, /* [1881] OBJ_id_qt */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x04, /* [1888] OBJ_id_it */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x05, /* [1895] OBJ_id_pkip */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x06, /* [1902] OBJ_id_alg */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07, /* [1909] OBJ_id_cmc */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x08, /* [1916] OBJ_id_on */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x09, /* [1923] OBJ_id_pda */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x0A, /* [1930] OBJ_id_aca */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x0B, /* [1937] OBJ_id_qcs */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x0C, /* [1944] OBJ_id_cct */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x01, /* [1951] OBJ_id_pkix1_explicit_88 */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x02, /* [1959] OBJ_id_pkix1_implicit_88 */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x03, /* [1967] OBJ_id_pkix1_explicit_93 */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x04, /* [1975] OBJ_id_pkix1_implicit_93 */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x05, /* [1983] OBJ_id_mod_crmf */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x06, /* [1991] OBJ_id_mod_cmc */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x07, /* [1999] OBJ_id_mod_kea_profile_88 */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x08, /* [2007] OBJ_id_mod_kea_profile_93 */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x09, /* [2015] OBJ_id_mod_cmp */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0A, /* [2023] OBJ_id_mod_qualified_cert_88 */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0B, /* [2031] OBJ_id_mod_qualified_cert_93 */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0C, /* [2039] OBJ_id_mod_attribute_cert */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0D, /* [2047] OBJ_id_mod_timestamp_protocol */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0E, /* [2055] OBJ_id_mod_ocsp */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0F, /* [2063] OBJ_id_mod_dvcs */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x10, /* [2071] OBJ_id_mod_cmp2000 */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x02, /* [2079] OBJ_biometricInfo */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x03, /* [2087] OBJ_qcStatements */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x04, /* [2095] OBJ_ac_auditEntity */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x05, /* [2103] OBJ_ac_targeting */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x06, /* [2111] OBJ_aaControls */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x07, /* [2119] OBJ_sbgp_ipAddrBlock */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x08, /* [2127] OBJ_sbgp_autonomousSysNum */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x09, /* [2135] OBJ_sbgp_routerIdentifier */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x03, /* [2143] OBJ_textNotice */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x05, /* [2151] OBJ_ipsecEndSystem */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x06, /* [2159] OBJ_ipsecTunnel */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x07, /* [2167] OBJ_ipsecUser */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x0A, /* [2175] OBJ_dvcs */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x01, /* [2183] OBJ_id_it_caProtEncCert */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x02, /* [2191] OBJ_id_it_signKeyPairTypes */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x03, /* [2199] OBJ_id_it_encKeyPairTypes */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x04, /* [2207] OBJ_id_it_preferredSymmAlg */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x05, /* [2215] OBJ_id_it_caKeyUpdateInfo */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x06, /* [2223] OBJ_id_it_currentCRL */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x07, /* [2231] OBJ_id_it_unsupportedOIDs */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x08, /* [2239] OBJ_id_it_subscriptionRequest */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x09, /* [2247] OBJ_id_it_subscriptionResponse */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0A, /* [2255] OBJ_id_it_keyPairParamReq */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0B, /* [2263] OBJ_id_it_keyPairParamRep */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0C, /* [2271] OBJ_id_it_revPassphrase */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0D, /* [2279] OBJ_id_it_implicitConfirm */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0E, /* [2287] OBJ_id_it_confirmWaitTime */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0F, /* [2295] OBJ_id_it_origPKIMessage */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01, /* [2303] OBJ_id_regCtrl */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02, /* [2311] OBJ_id_regInfo */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x01,/* [2319] OBJ_id_regCtrl_regToken */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x02,/* [2328] OBJ_id_regCtrl_authenticator */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x03,/* [2337] OBJ_id_regCtrl_pkiPublicationInfo */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x04,/* [2346] OBJ_id_regCtrl_pkiArchiveOptions */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x05,/* [2355] OBJ_id_regCtrl_oldCertID */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x06,/* [2364] OBJ_id_regCtrl_protocolEncrKey */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02,0x01,/* [2373] OBJ_id_regInfo_utf8Pairs */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02,0x02,/* [2382] OBJ_id_regInfo_certReq */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x01, /* [2391] OBJ_id_alg_des40 */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x02, /* [2399] OBJ_id_alg_noSignature */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x03, /* [2407] OBJ_id_alg_dh_sig_hmac_sha1 */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x04, /* [2415] OBJ_id_alg_dh_pop */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x01, /* [2423] OBJ_id_cmc_statusInfo */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x02, /* [2431] OBJ_id_cmc_identification */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x03, /* [2439] OBJ_id_cmc_identityProof */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x04, /* [2447] OBJ_id_cmc_dataReturn */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x05, /* [2455] OBJ_id_cmc_transactionId */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x06, /* [2463] OBJ_id_cmc_senderNonce */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x07, /* [2471] OBJ_id_cmc_recipientNonce */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x08, /* [2479] OBJ_id_cmc_addExtensions */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x09, /* [2487] OBJ_id_cmc_encryptedPOP */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0A, /* [2495] OBJ_id_cmc_decryptedPOP */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0B, /* [2503] OBJ_id_cmc_lraPOPWitness */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0F, /* [2511] OBJ_id_cmc_getCert */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x10, /* [2519] OBJ_id_cmc_getCRL */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x11, /* [2527] OBJ_id_cmc_revokeRequest */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x12, /* [2535] OBJ_id_cmc_regInfo */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x13, /* [2543] OBJ_id_cmc_responseInfo */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x15, /* [2551] OBJ_id_cmc_queryPending */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x16, /* [2559] OBJ_id_cmc_popLinkRandom */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x17, /* [2567] OBJ_id_cmc_popLinkWitness */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x18, /* [2575] OBJ_id_cmc_confirmCertAcceptance */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x08,0x01, /* [2583] OBJ_id_on_personalData */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x01, /* [2591] OBJ_id_pda_dateOfBirth */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x02, /* [2599] OBJ_id_pda_placeOfBirth */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x03, /* [2607] OBJ_id_pda_gender */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x04, /* [2615] OBJ_id_pda_countryOfCitizenship */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x05, /* [2623] OBJ_id_pda_countryOfResidence */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x01, /* [2631] OBJ_id_aca_authenticationInfo */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x02, /* [2639] OBJ_id_aca_accessIdentity */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x03, /* [2647] OBJ_id_aca_chargingIdentity */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x04, /* [2655] OBJ_id_aca_group */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x05, /* [2663] OBJ_id_aca_role */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x0B,0x01, /* [2671] OBJ_id_qcs_pkixQCSyntax_v1 */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x01, /* [2679] OBJ_id_cct_crs */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x02, /* [2687] OBJ_id_cct_PKIData */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x03, /* [2695] OBJ_id_cct_PKIResponse */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x03, /* [2703] OBJ_ad_timeStamping */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x04, /* [2711] OBJ_ad_dvcs */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x01,/* [2719] OBJ_id_pkix_OCSP_basic */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x02,/* [2728] OBJ_id_pkix_OCSP_Nonce */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x03,/* [2737] OBJ_id_pkix_OCSP_CrlID */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x04,/* [2746] OBJ_id_pkix_OCSP_acceptableResponses */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x05,/* [2755] OBJ_id_pkix_OCSP_noCheck */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x06,/* [2764] OBJ_id_pkix_OCSP_archiveCutoff */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x07,/* [2773] OBJ_id_pkix_OCSP_serviceLocator */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x08,/* [2782] OBJ_id_pkix_OCSP_extendedStatus */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x09,/* [2791] OBJ_id_pkix_OCSP_valid */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x0A,/* [2800] OBJ_id_pkix_OCSP_path */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x0B,/* [2809] OBJ_id_pkix_OCSP_trustRoot */
+0x2B,0x0E,0x03,0x02, /* [2818] OBJ_algorithm */
+0x2B,0x0E,0x03,0x02,0x0B, /* [2822] OBJ_rsaSignature */
+0x55,0x08, /* [2827] OBJ_X500algorithms */
+0x2B, /* [2829] OBJ_org */
+0x2B,0x06, /* [2830] OBJ_dod */
+0x2B,0x06,0x01, /* [2832] OBJ_iana */
+0x2B,0x06,0x01,0x01, /* [2835] OBJ_Directory */
+0x2B,0x06,0x01,0x02, /* [2839] OBJ_Management */
+0x2B,0x06,0x01,0x03, /* [2843] OBJ_Experimental */
+0x2B,0x06,0x01,0x04, /* [2847] OBJ_Private */
+0x2B,0x06,0x01,0x05, /* [2851] OBJ_Security */
+0x2B,0x06,0x01,0x06, /* [2855] OBJ_SNMPv2 */
+0x2B,0x06,0x01,0x07, /* [2859] OBJ_Mail */
+0x2B,0x06,0x01,0x04,0x01, /* [2863] OBJ_Enterprises */
+0x2B,0x06,0x01,0x04,0x01,0x8B,0x3A,0x82,0x58,/* [2868] OBJ_dcObject */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x19,/* [2877] OBJ_domainComponent */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0D,/* [2887] OBJ_Domain */
+0x55,0x01,0x05, /* [2897] OBJ_selected_attribute_types */
+0x55,0x01,0x05,0x37, /* [2900] OBJ_clearance */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x03,/* [2904] OBJ_md4WithRSAEncryption */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0A, /* [2913] OBJ_ac_proxying */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0B, /* [2921] OBJ_sinfo_access */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x06, /* [2929] OBJ_id_aca_encAttrs */
+0x55,0x04,0x48, /* [2937] OBJ_role */
+0x55,0x1D,0x24, /* [2940] OBJ_policy_constraints */
+0x55,0x1D,0x37, /* [2943] OBJ_target_information */
+0x55,0x1D,0x38, /* [2946] OBJ_no_rev_avail */
+0x2A,0x86,0x48,0xCE,0x3D, /* [2949] OBJ_ansi_X9_62 */
+0x2A,0x86,0x48,0xCE,0x3D,0x01,0x01, /* [2954] OBJ_X9_62_prime_field */
+0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02, /* [2961] OBJ_X9_62_characteristic_two_field */
+0x2A,0x86,0x48,0xCE,0x3D,0x02,0x01, /* [2968] OBJ_X9_62_id_ecPublicKey */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x01, /* [2975] OBJ_X9_62_prime192v1 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x02, /* [2983] OBJ_X9_62_prime192v2 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x03, /* [2991] OBJ_X9_62_prime192v3 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x04, /* [2999] OBJ_X9_62_prime239v1 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x05, /* [3007] OBJ_X9_62_prime239v2 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x06, /* [3015] OBJ_X9_62_prime239v3 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x07, /* [3023] OBJ_X9_62_prime256v1 */
+0x2A,0x86,0x48,0xCE,0x3D,0x04,0x01, /* [3031] OBJ_ecdsa_with_SHA1 */
+0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x11,0x01,/* [3038] OBJ_ms_csp_name */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x01,/* [3047] OBJ_aes_128_ecb */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x02,/* [3056] OBJ_aes_128_cbc */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x03,/* [3065] OBJ_aes_128_ofb128 */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x04,/* [3074] OBJ_aes_128_cfb128 */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x15,/* [3083] OBJ_aes_192_ecb */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x16,/* [3092] OBJ_aes_192_cbc */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x17,/* [3101] OBJ_aes_192_ofb128 */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x18,/* [3110] OBJ_aes_192_cfb128 */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x29,/* [3119] OBJ_aes_256_ecb */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2A,/* [3128] OBJ_aes_256_cbc */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2B,/* [3137] OBJ_aes_256_ofb128 */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2C,/* [3146] OBJ_aes_256_cfb128 */
+0x55,0x1D,0x17, /* [3155] OBJ_hold_instruction_code */
+0x2A,0x86,0x48,0xCE,0x38,0x02,0x01, /* [3158] OBJ_hold_instruction_none */
+0x2A,0x86,0x48,0xCE,0x38,0x02,0x02, /* [3165] OBJ_hold_instruction_call_issuer */
+0x2A,0x86,0x48,0xCE,0x38,0x02,0x03, /* [3172] OBJ_hold_instruction_reject */
+0x09, /* [3179] OBJ_data */
+0x09,0x92,0x26, /* [3180] OBJ_pss */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C, /* [3183] OBJ_ucl */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64, /* [3190] OBJ_pilot */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,/* [3198] OBJ_pilotAttributeType */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,/* [3207] OBJ_pilotAttributeSyntax */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,/* [3216] OBJ_pilotObjectClass */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x0A,/* [3225] OBJ_pilotGroups */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,0x04,/* [3234] OBJ_iA5StringSyntax */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,0x05,/* [3244] OBJ_caseIgnoreIA5StringSyntax */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x03,/* [3254] OBJ_pilotObject */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x04,/* [3264] OBJ_pilotPerson */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x05,/* [3274] OBJ_account */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x06,/* [3284] OBJ_document */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x07,/* [3294] OBJ_room */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x09,/* [3304] OBJ_documentSeries */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0E,/* [3314] OBJ_rFC822localPart */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0F,/* [3324] OBJ_dNSDomain */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x11,/* [3334] OBJ_domainRelatedObject */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x12,/* [3344] OBJ_friendlyCountry */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x13,/* [3354] OBJ_simpleSecurityObject */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x14,/* [3364] OBJ_pilotOrganization */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x15,/* [3374] OBJ_pilotDSA */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x16,/* [3384] OBJ_qualityLabelledData */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x01,/* [3394] OBJ_userId */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x02,/* [3404] OBJ_textEncodedORAddress */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x03,/* [3414] OBJ_rfc822Mailbox */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x04,/* [3424] OBJ_info */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x05,/* [3434] OBJ_favouriteDrink */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x06,/* [3444] OBJ_roomNumber */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x07,/* [3454] OBJ_photo */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x08,/* [3464] OBJ_userClass */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x09,/* [3474] OBJ_host */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0A,/* [3484] OBJ_manager */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0B,/* [3494] OBJ_documentIdentifier */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0C,/* [3504] OBJ_documentTitle */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0D,/* [3514] OBJ_documentVersion */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0E,/* [3524] OBJ_documentAuthor */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0F,/* [3534] OBJ_documentLocation */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x14,/* [3544] OBJ_homeTelephoneNumber */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x15,/* [3554] OBJ_secretary */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x16,/* [3564] OBJ_otherMailbox */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x17,/* [3574] OBJ_lastModifiedTime */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x18,/* [3584] OBJ_lastModifiedBy */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1A,/* [3594] OBJ_aRecord */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1B,/* [3604] OBJ_pilotAttributeType27 */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1C,/* [3614] OBJ_mXRecord */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1D,/* [3624] OBJ_nSRecord */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1E,/* [3634] OBJ_sOARecord */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1F,/* [3644] OBJ_cNAMERecord */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x25,/* [3654] OBJ_associatedDomain */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x26,/* [3664] OBJ_associatedName */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x27,/* [3674] OBJ_homePostalAddress */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x28,/* [3684] OBJ_personalTitle */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x29,/* [3694] OBJ_mobileTelephoneNumber */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2A,/* [3704] OBJ_pagerTelephoneNumber */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2B,/* [3714] OBJ_friendlyCountryName */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2D,/* [3724] OBJ_organizationalStatus */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2E,/* [3734] OBJ_janetMailbox */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2F,/* [3744] OBJ_mailPreferenceOption */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x30,/* [3754] OBJ_buildingName */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x31,/* [3764] OBJ_dSAQuality */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x32,/* [3774] OBJ_singleLevelQuality */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x33,/* [3784] OBJ_subtreeMinimumQuality */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x34,/* [3794] OBJ_subtreeMaximumQuality */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x35,/* [3804] OBJ_personalSignature */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x36,/* [3814] OBJ_dITRedirect */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x37,/* [3824] OBJ_audio */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x38,/* [3834] OBJ_documentPublisher */
+0x55,0x04,0x2D, /* [3844] OBJ_x500UniqueIdentifier */
+0x2B,0x06,0x01,0x07,0x01, /* [3847] OBJ_mime_mhs */
+0x2B,0x06,0x01,0x07,0x01,0x01, /* [3852] OBJ_mime_mhs_headings */
+0x2B,0x06,0x01,0x07,0x01,0x02, /* [3858] OBJ_mime_mhs_bodies */
+0x2B,0x06,0x01,0x07,0x01,0x01,0x01, /* [3864] OBJ_id_hex_partial_message */
+0x2B,0x06,0x01,0x07,0x01,0x01,0x02, /* [3871] OBJ_id_hex_multipart_message */
+0x55,0x04,0x2C, /* [3878] OBJ_generationQualifier */
+0x55,0x04,0x41, /* [3881] OBJ_pseudonym */
+0x67,0x2A, /* [3884] OBJ_id_set */
+0x67,0x2A,0x00, /* [3886] OBJ_set_ctype */
+0x67,0x2A,0x01, /* [3889] OBJ_set_msgExt */
+0x67,0x2A,0x03, /* [3892] OBJ_set_attr */
+0x67,0x2A,0x05, /* [3895] OBJ_set_policy */
+0x67,0x2A,0x07, /* [3898] OBJ_set_certExt */
+0x67,0x2A,0x08, /* [3901] OBJ_set_brand */
+0x67,0x2A,0x00,0x00, /* [3904] OBJ_setct_PANData */
+0x67,0x2A,0x00,0x01, /* [3908] OBJ_setct_PANToken */
+0x67,0x2A,0x00,0x02, /* [3912] OBJ_setct_PANOnly */
+0x67,0x2A,0x00,0x03, /* [3916] OBJ_setct_OIData */
+0x67,0x2A,0x00,0x04, /* [3920] OBJ_setct_PI */
+0x67,0x2A,0x00,0x05, /* [3924] OBJ_setct_PIData */
+0x67,0x2A,0x00,0x06, /* [3928] OBJ_setct_PIDataUnsigned */
+0x67,0x2A,0x00,0x07, /* [3932] OBJ_setct_HODInput */
+0x67,0x2A,0x00,0x08, /* [3936] OBJ_setct_AuthResBaggage */
+0x67,0x2A,0x00,0x09, /* [3940] OBJ_setct_AuthRevReqBaggage */
+0x67,0x2A,0x00,0x0A, /* [3944] OBJ_setct_AuthRevResBaggage */
+0x67,0x2A,0x00,0x0B, /* [3948] OBJ_setct_CapTokenSeq */
+0x67,0x2A,0x00,0x0C, /* [3952] OBJ_setct_PInitResData */
+0x67,0x2A,0x00,0x0D, /* [3956] OBJ_setct_PI_TBS */
+0x67,0x2A,0x00,0x0E, /* [3960] OBJ_setct_PResData */
+0x67,0x2A,0x00,0x10, /* [3964] OBJ_setct_AuthReqTBS */
+0x67,0x2A,0x00,0x11, /* [3968] OBJ_setct_AuthResTBS */
+0x67,0x2A,0x00,0x12, /* [3972] OBJ_setct_AuthResTBSX */
+0x67,0x2A,0x00,0x13, /* [3976] OBJ_setct_AuthTokenTBS */
+0x67,0x2A,0x00,0x14, /* [3980] OBJ_setct_CapTokenData */
+0x67,0x2A,0x00,0x15, /* [3984] OBJ_setct_CapTokenTBS */
+0x67,0x2A,0x00,0x16, /* [3988] OBJ_setct_AcqCardCodeMsg */
+0x67,0x2A,0x00,0x17, /* [3992] OBJ_setct_AuthRevReqTBS */
+0x67,0x2A,0x00,0x18, /* [3996] OBJ_setct_AuthRevResData */
+0x67,0x2A,0x00,0x19, /* [4000] OBJ_setct_AuthRevResTBS */
+0x67,0x2A,0x00,0x1A, /* [4004] OBJ_setct_CapReqTBS */
+0x67,0x2A,0x00,0x1B, /* [4008] OBJ_setct_CapReqTBSX */
+0x67,0x2A,0x00,0x1C, /* [4012] OBJ_setct_CapResData */
+0x67,0x2A,0x00,0x1D, /* [4016] OBJ_setct_CapRevReqTBS */
+0x67,0x2A,0x00,0x1E, /* [4020] OBJ_setct_CapRevReqTBSX */
+0x67,0x2A,0x00,0x1F, /* [4024] OBJ_setct_CapRevResData */
+0x67,0x2A,0x00,0x20, /* [4028] OBJ_setct_CredReqTBS */
+0x67,0x2A,0x00,0x21, /* [4032] OBJ_setct_CredReqTBSX */
+0x67,0x2A,0x00,0x22, /* [4036] OBJ_setct_CredResData */
+0x67,0x2A,0x00,0x23, /* [4040] OBJ_setct_CredRevReqTBS */
+0x67,0x2A,0x00,0x24, /* [4044] OBJ_setct_CredRevReqTBSX */
+0x67,0x2A,0x00,0x25, /* [4048] OBJ_setct_CredRevResData */
+0x67,0x2A,0x00,0x26, /* [4052] OBJ_setct_PCertReqData */
+0x67,0x2A,0x00,0x27, /* [4056] OBJ_setct_PCertResTBS */
+0x67,0x2A,0x00,0x28, /* [4060] OBJ_setct_BatchAdminReqData */
+0x67,0x2A,0x00,0x29, /* [4064] OBJ_setct_BatchAdminResData */
+0x67,0x2A,0x00,0x2A, /* [4068] OBJ_setct_CardCInitResTBS */
+0x67,0x2A,0x00,0x2B, /* [4072] OBJ_setct_MeAqCInitResTBS */
+0x67,0x2A,0x00,0x2C, /* [4076] OBJ_setct_RegFormResTBS */
+0x67,0x2A,0x00,0x2D, /* [4080] OBJ_setct_CertReqData */
+0x67,0x2A,0x00,0x2E, /* [4084] OBJ_setct_CertReqTBS */
+0x67,0x2A,0x00,0x2F, /* [4088] OBJ_setct_CertResData */
+0x67,0x2A,0x00,0x30, /* [4092] OBJ_setct_CertInqReqTBS */
+0x67,0x2A,0x00,0x31, /* [4096] OBJ_setct_ErrorTBS */
+0x67,0x2A,0x00,0x32, /* [4100] OBJ_setct_PIDualSignedTBE */
+0x67,0x2A,0x00,0x33, /* [4104] OBJ_setct_PIUnsignedTBE */
+0x67,0x2A,0x00,0x34, /* [4108] OBJ_setct_AuthReqTBE */
+0x67,0x2A,0x00,0x35, /* [4112] OBJ_setct_AuthResTBE */
+0x67,0x2A,0x00,0x36, /* [4116] OBJ_setct_AuthResTBEX */
+0x67,0x2A,0x00,0x37, /* [4120] OBJ_setct_AuthTokenTBE */
+0x67,0x2A,0x00,0x38, /* [4124] OBJ_setct_CapTokenTBE */
+0x67,0x2A,0x00,0x39, /* [4128] OBJ_setct_CapTokenTBEX */
+0x67,0x2A,0x00,0x3A, /* [4132] OBJ_setct_AcqCardCodeMsgTBE */
+0x67,0x2A,0x00,0x3B, /* [4136] OBJ_setct_AuthRevReqTBE */
+0x67,0x2A,0x00,0x3C, /* [4140] OBJ_setct_AuthRevResTBE */
+0x67,0x2A,0x00,0x3D, /* [4144] OBJ_setct_AuthRevResTBEB */
+0x67,0x2A,0x00,0x3E, /* [4148] OBJ_setct_CapReqTBE */
+0x67,0x2A,0x00,0x3F, /* [4152] OBJ_setct_CapReqTBEX */
+0x67,0x2A,0x00,0x40, /* [4156] OBJ_setct_CapResTBE */
+0x67,0x2A,0x00,0x41, /* [4160] OBJ_setct_CapRevReqTBE */
+0x67,0x2A,0x00,0x42, /* [4164] OBJ_setct_CapRevReqTBEX */
+0x67,0x2A,0x00,0x43, /* [4168] OBJ_setct_CapRevResTBE */
+0x67,0x2A,0x00,0x44, /* [4172] OBJ_setct_CredReqTBE */
+0x67,0x2A,0x00,0x45, /* [4176] OBJ_setct_CredReqTBEX */
+0x67,0x2A,0x00,0x46, /* [4180] OBJ_setct_CredResTBE */
+0x67,0x2A,0x00,0x47, /* [4184] OBJ_setct_CredRevReqTBE */
+0x67,0x2A,0x00,0x48, /* [4188] OBJ_setct_CredRevReqTBEX */
+0x67,0x2A,0x00,0x49, /* [4192] OBJ_setct_CredRevResTBE */
+0x67,0x2A,0x00,0x4A, /* [4196] OBJ_setct_BatchAdminReqTBE */
+0x67,0x2A,0x00,0x4B, /* [4200] OBJ_setct_BatchAdminResTBE */
+0x67,0x2A,0x00,0x4C, /* [4204] OBJ_setct_RegFormReqTBE */
+0x67,0x2A,0x00,0x4D, /* [4208] OBJ_setct_CertReqTBE */
+0x67,0x2A,0x00,0x4E, /* [4212] OBJ_setct_CertReqTBEX */
+0x67,0x2A,0x00,0x4F, /* [4216] OBJ_setct_CertResTBE */
+0x67,0x2A,0x00,0x50, /* [4220] OBJ_setct_CRLNotificationTBS */
+0x67,0x2A,0x00,0x51, /* [4224] OBJ_setct_CRLNotificationResTBS */
+0x67,0x2A,0x00,0x52, /* [4228] OBJ_setct_BCIDistributionTBS */
+0x67,0x2A,0x01,0x01, /* [4232] OBJ_setext_genCrypt */
+0x67,0x2A,0x01,0x03, /* [4236] OBJ_setext_miAuth */
+0x67,0x2A,0x01,0x04, /* [4240] OBJ_setext_pinSecure */
+0x67,0x2A,0x01,0x05, /* [4244] OBJ_setext_pinAny */
+0x67,0x2A,0x01,0x07, /* [4248] OBJ_setext_track2 */
+0x67,0x2A,0x01,0x08, /* [4252] OBJ_setext_cv */
+0x67,0x2A,0x05,0x00, /* [4256] OBJ_set_policy_root */
+0x67,0x2A,0x07,0x00, /* [4260] OBJ_setCext_hashedRoot */
+0x67,0x2A,0x07,0x01, /* [4264] OBJ_setCext_certType */
+0x67,0x2A,0x07,0x02, /* [4268] OBJ_setCext_merchData */
+0x67,0x2A,0x07,0x03, /* [4272] OBJ_setCext_cCertRequired */
+0x67,0x2A,0x07,0x04, /* [4276] OBJ_setCext_tunneling */
+0x67,0x2A,0x07,0x05, /* [4280] OBJ_setCext_setExt */
+0x67,0x2A,0x07,0x06, /* [4284] OBJ_setCext_setQualf */
+0x67,0x2A,0x07,0x07, /* [4288] OBJ_setCext_PGWYcapabilities */
+0x67,0x2A,0x07,0x08, /* [4292] OBJ_setCext_TokenIdentifier */
+0x67,0x2A,0x07,0x09, /* [4296] OBJ_setCext_Track2Data */
+0x67,0x2A,0x07,0x0A, /* [4300] OBJ_setCext_TokenType */
+0x67,0x2A,0x07,0x0B, /* [4304] OBJ_setCext_IssuerCapabilities */
+0x67,0x2A,0x03,0x00, /* [4308] OBJ_setAttr_Cert */
+0x67,0x2A,0x03,0x01, /* [4312] OBJ_setAttr_PGWYcap */
+0x67,0x2A,0x03,0x02, /* [4316] OBJ_setAttr_TokenType */
+0x67,0x2A,0x03,0x03, /* [4320] OBJ_setAttr_IssCap */
+0x67,0x2A,0x03,0x00,0x00, /* [4324] OBJ_set_rootKeyThumb */
+0x67,0x2A,0x03,0x00,0x01, /* [4329] OBJ_set_addPolicy */
+0x67,0x2A,0x03,0x02,0x01, /* [4334] OBJ_setAttr_Token_EMV */
+0x67,0x2A,0x03,0x02,0x02, /* [4339] OBJ_setAttr_Token_B0Prime */
+0x67,0x2A,0x03,0x03,0x03, /* [4344] OBJ_setAttr_IssCap_CVM */
+0x67,0x2A,0x03,0x03,0x04, /* [4349] OBJ_setAttr_IssCap_T2 */
+0x67,0x2A,0x03,0x03,0x05, /* [4354] OBJ_setAttr_IssCap_Sig */
+0x67,0x2A,0x03,0x03,0x03,0x01, /* [4359] OBJ_setAttr_GenCryptgrm */
+0x67,0x2A,0x03,0x03,0x04,0x01, /* [4365] OBJ_setAttr_T2Enc */
+0x67,0x2A,0x03,0x03,0x04,0x02, /* [4371] OBJ_setAttr_T2cleartxt */
+0x67,0x2A,0x03,0x03,0x05,0x01, /* [4377] OBJ_setAttr_TokICCsig */
+0x67,0x2A,0x03,0x03,0x05,0x02, /* [4383] OBJ_setAttr_SecDevSig */
+0x67,0x2A,0x08,0x01, /* [4389] OBJ_set_brand_IATA_ATA */
+0x67,0x2A,0x08,0x1E, /* [4393] OBJ_set_brand_Diners */
+0x67,0x2A,0x08,0x22, /* [4397] OBJ_set_brand_AmericanExpress */
+0x67,0x2A,0x08,0x23, /* [4401] OBJ_set_brand_JCB */
+0x67,0x2A,0x08,0x04, /* [4405] OBJ_set_brand_Visa */
+0x67,0x2A,0x08,0x05, /* [4409] OBJ_set_brand_MasterCard */
+0x67,0x2A,0x08,0xAE,0x7B, /* [4413] OBJ_set_brand_Novus */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x0A, /* [4418] OBJ_des_cdmf */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x06,/* [4426] OBJ_rsaOAEPEncryptionSET */
+0x67, /* [4435] OBJ_international_organizations */
+0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x14,0x02,0x02,/* [4436] OBJ_ms_smartcard_login */
+0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x14,0x02,0x03,/* [4446] OBJ_ms_upn */
+0x55,0x04,0x09, /* [4456] OBJ_streetAddress */
+0x55,0x04,0x11, /* [4459] OBJ_postalCode */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x15, /* [4462] OBJ_id_ppl */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0E, /* [4469] OBJ_proxyCertInfo */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x00, /* [4477] OBJ_id_ppl_anyLanguage */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x01, /* [4485] OBJ_id_ppl_inheritAll */
+0x55,0x1D,0x1E, /* [4493] OBJ_name_constraints */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x02, /* [4496] OBJ_Independent */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0B,/* [4504] OBJ_sha256WithRSAEncryption */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0C,/* [4513] OBJ_sha384WithRSAEncryption */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0D,/* [4522] OBJ_sha512WithRSAEncryption */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0E,/* [4531] OBJ_sha224WithRSAEncryption */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x01,/* [4540] OBJ_sha256 */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x02,/* [4549] OBJ_sha384 */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x03,/* [4558] OBJ_sha512 */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x04,/* [4567] OBJ_sha224 */
+0x2B, /* [4576] OBJ_identified_organization */
+0x2B,0x81,0x04, /* [4577] OBJ_certicom_arc */
+0x67,0x2B, /* [4580] OBJ_wap */
+0x67,0x2B,0x01, /* [4582] OBJ_wap_wsg */
+0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03, /* [4585] OBJ_X9_62_id_characteristic_two_basis */
+0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x01,/* [4593] OBJ_X9_62_onBasis */
+0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x02,/* [4602] OBJ_X9_62_tpBasis */
+0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x03,/* [4611] OBJ_X9_62_ppBasis */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x01, /* [4620] OBJ_X9_62_c2pnb163v1 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x02, /* [4628] OBJ_X9_62_c2pnb163v2 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x03, /* [4636] OBJ_X9_62_c2pnb163v3 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x04, /* [4644] OBJ_X9_62_c2pnb176v1 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x05, /* [4652] OBJ_X9_62_c2tnb191v1 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x06, /* [4660] OBJ_X9_62_c2tnb191v2 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x07, /* [4668] OBJ_X9_62_c2tnb191v3 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x08, /* [4676] OBJ_X9_62_c2onb191v4 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x09, /* [4684] OBJ_X9_62_c2onb191v5 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0A, /* [4692] OBJ_X9_62_c2pnb208w1 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0B, /* [4700] OBJ_X9_62_c2tnb239v1 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0C, /* [4708] OBJ_X9_62_c2tnb239v2 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0D, /* [4716] OBJ_X9_62_c2tnb239v3 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0E, /* [4724] OBJ_X9_62_c2onb239v4 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0F, /* [4732] OBJ_X9_62_c2onb239v5 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x10, /* [4740] OBJ_X9_62_c2pnb272w1 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x11, /* [4748] OBJ_X9_62_c2pnb304w1 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x12, /* [4756] OBJ_X9_62_c2tnb359v1 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x13, /* [4764] OBJ_X9_62_c2pnb368w1 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x14, /* [4772] OBJ_X9_62_c2tnb431r1 */
+0x2B,0x81,0x04,0x00,0x06, /* [4780] OBJ_secp112r1 */
+0x2B,0x81,0x04,0x00,0x07, /* [4785] OBJ_secp112r2 */
+0x2B,0x81,0x04,0x00,0x1C, /* [4790] OBJ_secp128r1 */
+0x2B,0x81,0x04,0x00,0x1D, /* [4795] OBJ_secp128r2 */
+0x2B,0x81,0x04,0x00,0x09, /* [4800] OBJ_secp160k1 */
+0x2B,0x81,0x04,0x00,0x08, /* [4805] OBJ_secp160r1 */
+0x2B,0x81,0x04,0x00,0x1E, /* [4810] OBJ_secp160r2 */
+0x2B,0x81,0x04,0x00,0x1F, /* [4815] OBJ_secp192k1 */
+0x2B,0x81,0x04,0x00,0x20, /* [4820] OBJ_secp224k1 */
+0x2B,0x81,0x04,0x00,0x21, /* [4825] OBJ_secp224r1 */
+0x2B,0x81,0x04,0x00,0x0A, /* [4830] OBJ_secp256k1 */
+0x2B,0x81,0x04,0x00,0x22, /* [4835] OBJ_secp384r1 */
+0x2B,0x81,0x04,0x00,0x23, /* [4840] OBJ_secp521r1 */
+0x2B,0x81,0x04,0x00,0x04, /* [4845] OBJ_sect113r1 */
+0x2B,0x81,0x04,0x00,0x05, /* [4850] OBJ_sect113r2 */
+0x2B,0x81,0x04,0x00,0x16, /* [4855] OBJ_sect131r1 */
+0x2B,0x81,0x04,0x00,0x17, /* [4860] OBJ_sect131r2 */
+0x2B,0x81,0x04,0x00,0x01, /* [4865] OBJ_sect163k1 */
+0x2B,0x81,0x04,0x00,0x02, /* [4870] OBJ_sect163r1 */
+0x2B,0x81,0x04,0x00,0x0F, /* [4875] OBJ_sect163r2 */
+0x2B,0x81,0x04,0x00,0x18, /* [4880] OBJ_sect193r1 */
+0x2B,0x81,0x04,0x00,0x19, /* [4885] OBJ_sect193r2 */
+0x2B,0x81,0x04,0x00,0x1A, /* [4890] OBJ_sect233k1 */
+0x2B,0x81,0x04,0x00,0x1B, /* [4895] OBJ_sect233r1 */
+0x2B,0x81,0x04,0x00,0x03, /* [4900] OBJ_sect239k1 */
+0x2B,0x81,0x04,0x00,0x10, /* [4905] OBJ_sect283k1 */
+0x2B,0x81,0x04,0x00,0x11, /* [4910] OBJ_sect283r1 */
+0x2B,0x81,0x04,0x00,0x24, /* [4915] OBJ_sect409k1 */
+0x2B,0x81,0x04,0x00,0x25, /* [4920] OBJ_sect409r1 */
+0x2B,0x81,0x04,0x00,0x26, /* [4925] OBJ_sect571k1 */
+0x2B,0x81,0x04,0x00,0x27, /* [4930] OBJ_sect571r1 */
+0x67,0x2B,0x01,0x04,0x01, /* [4935] OBJ_wap_wsg_idm_ecid_wtls1 */
+0x67,0x2B,0x01,0x04,0x03, /* [4940] OBJ_wap_wsg_idm_ecid_wtls3 */
+0x67,0x2B,0x01,0x04,0x04, /* [4945] OBJ_wap_wsg_idm_ecid_wtls4 */
+0x67,0x2B,0x01,0x04,0x05, /* [4950] OBJ_wap_wsg_idm_ecid_wtls5 */
+0x67,0x2B,0x01,0x04,0x06, /* [4955] OBJ_wap_wsg_idm_ecid_wtls6 */
+0x67,0x2B,0x01,0x04,0x07, /* [4960] OBJ_wap_wsg_idm_ecid_wtls7 */
+0x67,0x2B,0x01,0x04,0x08, /* [4965] OBJ_wap_wsg_idm_ecid_wtls8 */
+0x67,0x2B,0x01,0x04,0x09, /* [4970] OBJ_wap_wsg_idm_ecid_wtls9 */
+0x67,0x2B,0x01,0x04,0x0A, /* [4975] OBJ_wap_wsg_idm_ecid_wtls10 */
+0x67,0x2B,0x01,0x04,0x0B, /* [4980] OBJ_wap_wsg_idm_ecid_wtls11 */
+0x67,0x2B,0x01,0x04,0x0C, /* [4985] OBJ_wap_wsg_idm_ecid_wtls12 */
+0x55,0x1D,0x20,0x00, /* [4990] OBJ_any_policy */
+0x55,0x1D,0x21, /* [4994] OBJ_policy_mappings */
+0x55,0x1D,0x36, /* [4997] OBJ_inhibit_any_policy */
+0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x01,0x02,/* [5000] OBJ_camellia_128_cbc */
+0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x01,0x03,/* [5011] OBJ_camellia_192_cbc */
+0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x01,0x04,/* [5022] OBJ_camellia_256_cbc */
+0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x01, /* [5033] OBJ_camellia_128_ecb */
+0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x15, /* [5041] OBJ_camellia_192_ecb */
+0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x29, /* [5049] OBJ_camellia_256_ecb */
+0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x04, /* [5057] OBJ_camellia_128_cfb128 */
+0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x18, /* [5065] OBJ_camellia_192_cfb128 */
+0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x2C, /* [5073] OBJ_camellia_256_cfb128 */
+0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x03, /* [5081] OBJ_camellia_128_ofb128 */
+0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x17, /* [5089] OBJ_camellia_192_ofb128 */
+0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x2B, /* [5097] OBJ_camellia_256_ofb128 */
+0x55,0x1D,0x09, /* [5105] OBJ_subject_directory_attributes */
+0x55,0x1D,0x1C, /* [5108] OBJ_issuing_distribution_point */
+0x55,0x1D,0x1D, /* [5111] OBJ_certificate_issuer */
+0x2A,0x83,0x1A,0x8C,0x9A,0x44, /* [5114] OBJ_kisa */
+0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x03, /* [5120] OBJ_seed_ecb */
+0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x04, /* [5128] OBJ_seed_cbc */
+0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x06, /* [5136] OBJ_seed_ofb128 */
+0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x05, /* [5144] OBJ_seed_cfb128 */
+0x2B,0x06,0x01,0x05,0x05,0x08,0x01,0x01, /* [5152] OBJ_hmac_md5 */
+0x2B,0x06,0x01,0x05,0x05,0x08,0x01,0x02, /* [5160] OBJ_hmac_sha1 */
+0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x0D,/* [5168] OBJ_id_PasswordBasedMAC */
+0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x1E,/* [5177] OBJ_id_DHBasedMac */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x10, /* [5186] OBJ_id_it_suppLangTags */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x05, /* [5194] OBJ_caRepository */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x09,/* [5202] OBJ_id_smime_ct_compressedData */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x1B,/* [5213] OBJ_id_ct_asciiTextWithCRLF */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x05,/* [5224] OBJ_id_aes128_wrap */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x19,/* [5233] OBJ_id_aes192_wrap */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2D,/* [5242] OBJ_id_aes256_wrap */
+0x2A,0x86,0x48,0xCE,0x3D,0x04,0x02, /* [5251] OBJ_ecdsa_with_Recommended */
+0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03, /* [5258] OBJ_ecdsa_with_Specified */
+0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x01, /* [5265] OBJ_ecdsa_with_SHA224 */
+0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x02, /* [5273] OBJ_ecdsa_with_SHA256 */
+0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x03, /* [5281] OBJ_ecdsa_with_SHA384 */
+0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x04, /* [5289] OBJ_ecdsa_with_SHA512 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x06, /* [5297] OBJ_hmacWithMD5 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x08, /* [5305] OBJ_hmacWithSHA224 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x09, /* [5313] OBJ_hmacWithSHA256 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x0A, /* [5321] OBJ_hmacWithSHA384 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x0B, /* [5329] OBJ_hmacWithSHA512 */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x03,0x01,/* [5337] OBJ_dsa_with_SHA224 */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x03,0x02,/* [5346] OBJ_dsa_with_SHA256 */
+0x28,0xCF,0x06,0x03,0x00,0x37, /* [5355] OBJ_whirlpool */
+0x2A,0x85,0x03,0x02,0x02, /* [5361] OBJ_cryptopro */
+0x2A,0x85,0x03,0x02,0x09, /* [5366] OBJ_cryptocom */
+0x2A,0x85,0x03,0x02,0x02,0x03, /* [5371] OBJ_id_GostR3411_94_with_GostR3410_2001 */
+0x2A,0x85,0x03,0x02,0x02,0x04, /* [5377] OBJ_id_GostR3411_94_with_GostR3410_94 */
+0x2A,0x85,0x03,0x02,0x02,0x09, /* [5383] OBJ_id_GostR3411_94 */
+0x2A,0x85,0x03,0x02,0x02,0x0A, /* [5389] OBJ_id_HMACGostR3411_94 */
+0x2A,0x85,0x03,0x02,0x02,0x13, /* [5395] OBJ_id_GostR3410_2001 */
+0x2A,0x85,0x03,0x02,0x02,0x14, /* [5401] OBJ_id_GostR3410_94 */
+0x2A,0x85,0x03,0x02,0x02,0x15, /* [5407] OBJ_id_Gost28147_89 */
+0x2A,0x85,0x03,0x02,0x02,0x16, /* [5413] OBJ_id_Gost28147_89_MAC */
+0x2A,0x85,0x03,0x02,0x02,0x17, /* [5419] OBJ_id_GostR3411_94_prf */
+0x2A,0x85,0x03,0x02,0x02,0x62, /* [5425] OBJ_id_GostR3410_2001DH */
+0x2A,0x85,0x03,0x02,0x02,0x63, /* [5431] OBJ_id_GostR3410_94DH */
+0x2A,0x85,0x03,0x02,0x02,0x0E,0x01, /* [5437] OBJ_id_Gost28147_89_CryptoPro_KeyMeshing */
+0x2A,0x85,0x03,0x02,0x02,0x0E,0x00, /* [5444] OBJ_id_Gost28147_89_None_KeyMeshing */
+0x2A,0x85,0x03,0x02,0x02,0x1E,0x00, /* [5451] OBJ_id_GostR3411_94_TestParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x1E,0x01, /* [5458] OBJ_id_GostR3411_94_CryptoProParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x1F,0x00, /* [5465] OBJ_id_Gost28147_89_TestParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x1F,0x01, /* [5472] OBJ_id_Gost28147_89_CryptoPro_A_ParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x1F,0x02, /* [5479] OBJ_id_Gost28147_89_CryptoPro_B_ParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x1F,0x03, /* [5486] OBJ_id_Gost28147_89_CryptoPro_C_ParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x1F,0x04, /* [5493] OBJ_id_Gost28147_89_CryptoPro_D_ParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x1F,0x05, /* [5500] OBJ_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x1F,0x06, /* [5507] OBJ_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x1F,0x07, /* [5514] OBJ_id_Gost28147_89_CryptoPro_RIC_1_ParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x20,0x00, /* [5521] OBJ_id_GostR3410_94_TestParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x20,0x02, /* [5528] OBJ_id_GostR3410_94_CryptoPro_A_ParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x20,0x03, /* [5535] OBJ_id_GostR3410_94_CryptoPro_B_ParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x20,0x04, /* [5542] OBJ_id_GostR3410_94_CryptoPro_C_ParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x20,0x05, /* [5549] OBJ_id_GostR3410_94_CryptoPro_D_ParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x21,0x01, /* [5556] OBJ_id_GostR3410_94_CryptoPro_XchA_ParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x21,0x02, /* [5563] OBJ_id_GostR3410_94_CryptoPro_XchB_ParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x21,0x03, /* [5570] OBJ_id_GostR3410_94_CryptoPro_XchC_ParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x23,0x00, /* [5577] OBJ_id_GostR3410_2001_TestParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x23,0x01, /* [5584] OBJ_id_GostR3410_2001_CryptoPro_A_ParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x23,0x02, /* [5591] OBJ_id_GostR3410_2001_CryptoPro_B_ParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x23,0x03, /* [5598] OBJ_id_GostR3410_2001_CryptoPro_C_ParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x24,0x00, /* [5605] OBJ_id_GostR3410_2001_CryptoPro_XchA_ParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x24,0x01, /* [5612] OBJ_id_GostR3410_2001_CryptoPro_XchB_ParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x14,0x01, /* [5619] OBJ_id_GostR3410_94_a */
+0x2A,0x85,0x03,0x02,0x02,0x14,0x02, /* [5626] OBJ_id_GostR3410_94_aBis */
+0x2A,0x85,0x03,0x02,0x02,0x14,0x03, /* [5633] OBJ_id_GostR3410_94_b */
+0x2A,0x85,0x03,0x02,0x02,0x14,0x04, /* [5640] OBJ_id_GostR3410_94_bBis */
+0x2A,0x85,0x03,0x02,0x09,0x01,0x06,0x01, /* [5647] OBJ_id_Gost28147_89_cc */
+0x2A,0x85,0x03,0x02,0x09,0x01,0x05,0x03, /* [5655] OBJ_id_GostR3410_94_cc */
+0x2A,0x85,0x03,0x02,0x09,0x01,0x05,0x04, /* [5663] OBJ_id_GostR3410_2001_cc */
+0x2A,0x85,0x03,0x02,0x09,0x01,0x03,0x03, /* [5671] OBJ_id_GostR3411_94_with_GostR3410_94_cc */
+0x2A,0x85,0x03,0x02,0x09,0x01,0x03,0x04, /* [5679] OBJ_id_GostR3411_94_with_GostR3410_2001_cc */
+0x2A,0x85,0x03,0x02,0x09,0x01,0x08,0x01, /* [5687] OBJ_id_GostR3410_2001_ParamSet_cc */
+0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x11,0x02,/* [5695] OBJ_LocalKeySet */
+0x55,0x1D,0x2E, /* [5704] OBJ_freshest_crl */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x08,0x03, /* [5707] OBJ_id_on_permanentIdentifier */
+0x55,0x04,0x0E, /* [5715] OBJ_searchGuide */
+0x55,0x04,0x0F, /* [5718] OBJ_businessCategory */
+0x55,0x04,0x10, /* [5721] OBJ_postalAddress */
+0x55,0x04,0x12, /* [5724] OBJ_postOfficeBox */
+0x55,0x04,0x13, /* [5727] OBJ_physicalDeliveryOfficeName */
+0x55,0x04,0x14, /* [5730] OBJ_telephoneNumber */
+0x55,0x04,0x15, /* [5733] OBJ_telexNumber */
+0x55,0x04,0x16, /* [5736] OBJ_teletexTerminalIdentifier */
+0x55,0x04,0x17, /* [5739] OBJ_facsimileTelephoneNumber */
+0x55,0x04,0x18, /* [5742] OBJ_x121Address */
+0x55,0x04,0x19, /* [5745] OBJ_internationaliSDNNumber */
+0x55,0x04,0x1A, /* [5748] OBJ_registeredAddress */
+0x55,0x04,0x1B, /* [5751] OBJ_destinationIndicator */
+0x55,0x04,0x1C, /* [5754] OBJ_preferredDeliveryMethod */
+0x55,0x04,0x1D, /* [5757] OBJ_presentationAddress */
+0x55,0x04,0x1E, /* [5760] OBJ_supportedApplicationContext */
+0x55,0x04,0x1F, /* [5763] OBJ_member */
+0x55,0x04,0x20, /* [5766] OBJ_owner */
+0x55,0x04,0x21, /* [5769] OBJ_roleOccupant */
+0x55,0x04,0x22, /* [5772] OBJ_seeAlso */
+0x55,0x04,0x23, /* [5775] OBJ_userPassword */
+0x55,0x04,0x24, /* [5778] OBJ_userCertificate */
+0x55,0x04,0x25, /* [5781] OBJ_cACertificate */
+0x55,0x04,0x26, /* [5784] OBJ_authorityRevocationList */
+0x55,0x04,0x27, /* [5787] OBJ_certificateRevocationList */
+0x55,0x04,0x28, /* [5790] OBJ_crossCertificatePair */
+0x55,0x04,0x2F, /* [5793] OBJ_enhancedSearchGuide */
+0x55,0x04,0x30, /* [5796] OBJ_protocolInformation */
+0x55,0x04,0x31, /* [5799] OBJ_distinguishedName */
+0x55,0x04,0x32, /* [5802] OBJ_uniqueMember */
+0x55,0x04,0x33, /* [5805] OBJ_houseIdentifier */
+0x55,0x04,0x34, /* [5808] OBJ_supportedAlgorithms */
+0x55,0x04,0x35, /* [5811] OBJ_deltaRevocationList */
+0x55,0x04,0x36, /* [5814] OBJ_dmdName */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x09,/* [5817] OBJ_id_alg_PWRI_KEK */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x06,/* [5828] OBJ_aes_128_gcm */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x07,/* [5837] OBJ_aes_128_ccm */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x08,/* [5846] OBJ_id_aes128_wrap_pad */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x1A,/* [5855] OBJ_aes_192_gcm */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x1B,/* [5864] OBJ_aes_192_ccm */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x1C,/* [5873] OBJ_id_aes192_wrap_pad */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2E,/* [5882] OBJ_aes_256_gcm */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2F,/* [5891] OBJ_aes_256_ccm */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x30,/* [5900] OBJ_id_aes256_wrap_pad */
+0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x03,0x02,/* [5909] OBJ_id_camellia128_wrap */
+0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x03,0x03,/* [5920] OBJ_id_camellia192_wrap */
+0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x03,0x04,/* [5931] OBJ_id_camellia256_wrap */
+0x55,0x1D,0x25,0x00, /* [5942] OBJ_anyExtendedKeyUsage */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x08,/* [5946] OBJ_mgf1 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0A,/* [5955] OBJ_rsassaPss */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x07,/* [5964] OBJ_rsaesOaep */
};
-static ASN1_OBJECT nid_objs[NUM_NID]={
-{"UNDEF","undefined",NID_undef,1,&(lvalues[0]),0},
-{"rsadsi","RSA Data Security, Inc.",NID_rsadsi,6,&(lvalues[1]),0},
-{"pkcs","RSA Data Security, Inc. PKCS",NID_pkcs,7,&(lvalues[7]),0},
-{"MD2","md2",NID_md2,8,&(lvalues[14]),0},
-{"MD5","md5",NID_md5,8,&(lvalues[22]),0},
-{"RC4","rc4",NID_rc4,8,&(lvalues[30]),0},
-{"rsaEncryption","rsaEncryption",NID_rsaEncryption,9,&(lvalues[38]),0},
+static const ASN1_OBJECT nid_objs[NUM_NID]={
+{"UNDEF","undefined",NID_undef,0,NULL,0},
+{"rsadsi","RSA Data Security, Inc.",NID_rsadsi,6,&(lvalues[0]),0},
+{"pkcs","RSA Data Security, Inc. PKCS",NID_pkcs,7,&(lvalues[6]),0},
+{"MD2","md2",NID_md2,8,&(lvalues[13]),0},
+{"MD5","md5",NID_md5,8,&(lvalues[21]),0},
+{"RC4","rc4",NID_rc4,8,&(lvalues[29]),0},
+{"rsaEncryption","rsaEncryption",NID_rsaEncryption,9,&(lvalues[37]),0},
{"RSA-MD2","md2WithRSAEncryption",NID_md2WithRSAEncryption,9,
- &(lvalues[47]),0},
+ &(lvalues[46]),0},
{"RSA-MD5","md5WithRSAEncryption",NID_md5WithRSAEncryption,9,
- &(lvalues[56]),0},
+ &(lvalues[55]),0},
{"PBE-MD2-DES","pbeWithMD2AndDES-CBC",NID_pbeWithMD2AndDES_CBC,9,
- &(lvalues[65]),0},
+ &(lvalues[64]),0},
{"PBE-MD5-DES","pbeWithMD5AndDES-CBC",NID_pbeWithMD5AndDES_CBC,9,
- &(lvalues[74]),0},
-{"X500","directory services (X.500)",NID_X500,1,&(lvalues[83]),0},
-{"X509","X509",NID_X509,2,&(lvalues[84]),0},
-{"CN","commonName",NID_commonName,3,&(lvalues[86]),0},
-{"C","countryName",NID_countryName,3,&(lvalues[89]),0},
-{"L","localityName",NID_localityName,3,&(lvalues[92]),0},
-{"ST","stateOrProvinceName",NID_stateOrProvinceName,3,&(lvalues[95]),0},
-{"O","organizationName",NID_organizationName,3,&(lvalues[98]),0},
+ &(lvalues[73]),0},
+{"X500","directory services (X.500)",NID_X500,1,&(lvalues[82]),0},
+{"X509","X509",NID_X509,2,&(lvalues[83]),0},
+{"CN","commonName",NID_commonName,3,&(lvalues[85]),0},
+{"C","countryName",NID_countryName,3,&(lvalues[88]),0},
+{"L","localityName",NID_localityName,3,&(lvalues[91]),0},
+{"ST","stateOrProvinceName",NID_stateOrProvinceName,3,&(lvalues[94]),0},
+{"O","organizationName",NID_organizationName,3,&(lvalues[97]),0},
{"OU","organizationalUnitName",NID_organizationalUnitName,3,
- &(lvalues[101]),0},
-{"RSA","rsa",NID_rsa,4,&(lvalues[104]),0},
-{"pkcs7","pkcs7",NID_pkcs7,8,&(lvalues[108]),0},
-{"pkcs7-data","pkcs7-data",NID_pkcs7_data,9,&(lvalues[116]),0},
+ &(lvalues[100]),0},
+{"RSA","rsa",NID_rsa,4,&(lvalues[103]),0},
+{"pkcs7","pkcs7",NID_pkcs7,8,&(lvalues[107]),0},
+{"pkcs7-data","pkcs7-data",NID_pkcs7_data,9,&(lvalues[115]),0},
{"pkcs7-signedData","pkcs7-signedData",NID_pkcs7_signed,9,
- &(lvalues[125]),0},
+ &(lvalues[124]),0},
{"pkcs7-envelopedData","pkcs7-envelopedData",NID_pkcs7_enveloped,9,
- &(lvalues[134]),0},
+ &(lvalues[133]),0},
{"pkcs7-signedAndEnvelopedData","pkcs7-signedAndEnvelopedData",
- NID_pkcs7_signedAndEnveloped,9,&(lvalues[143]),0},
+ NID_pkcs7_signedAndEnveloped,9,&(lvalues[142]),0},
{"pkcs7-digestData","pkcs7-digestData",NID_pkcs7_digest,9,
- &(lvalues[152]),0},
+ &(lvalues[151]),0},
{"pkcs7-encryptedData","pkcs7-encryptedData",NID_pkcs7_encrypted,9,
- &(lvalues[161]),0},
-{"pkcs3","pkcs3",NID_pkcs3,8,&(lvalues[170]),0},
+ &(lvalues[160]),0},
+{"pkcs3","pkcs3",NID_pkcs3,8,&(lvalues[169]),0},
{"dhKeyAgreement","dhKeyAgreement",NID_dhKeyAgreement,9,
- &(lvalues[178]),0},
-{"DES-ECB","des-ecb",NID_des_ecb,5,&(lvalues[187]),0},
-{"DES-CFB","des-cfb",NID_des_cfb64,5,&(lvalues[192]),0},
-{"DES-CBC","des-cbc",NID_des_cbc,5,&(lvalues[197]),0},
-{"DES-EDE","des-ede",NID_des_ede_ecb,5,&(lvalues[202]),0},
+ &(lvalues[177]),0},
+{"DES-ECB","des-ecb",NID_des_ecb,5,&(lvalues[186]),0},
+{"DES-CFB","des-cfb",NID_des_cfb64,5,&(lvalues[191]),0},
+{"DES-CBC","des-cbc",NID_des_cbc,5,&(lvalues[196]),0},
+{"DES-EDE","des-ede",NID_des_ede_ecb,5,&(lvalues[201]),0},
{"DES-EDE3","des-ede3",NID_des_ede3_ecb,0,NULL,0},
-{"IDEA-CBC","idea-cbc",NID_idea_cbc,11,&(lvalues[207]),0},
+{"IDEA-CBC","idea-cbc",NID_idea_cbc,11,&(lvalues[206]),0},
{"IDEA-CFB","idea-cfb",NID_idea_cfb64,0,NULL,0},
{"IDEA-ECB","idea-ecb",NID_idea_ecb,0,NULL,0},
-{"RC2-CBC","rc2-cbc",NID_rc2_cbc,8,&(lvalues[218]),0},
+{"RC2-CBC","rc2-cbc",NID_rc2_cbc,8,&(lvalues[217]),0},
{"RC2-ECB","rc2-ecb",NID_rc2_ecb,0,NULL,0},
{"RC2-CFB","rc2-cfb",NID_rc2_cfb64,0,NULL,0},
{"RC2-OFB","rc2-ofb",NID_rc2_ofb64,0,NULL,0},
-{"SHA","sha",NID_sha,5,&(lvalues[226]),0},
+{"SHA","sha",NID_sha,5,&(lvalues[225]),0},
{"RSA-SHA","shaWithRSAEncryption",NID_shaWithRSAEncryption,5,
- &(lvalues[231]),0},
+ &(lvalues[230]),0},
{"DES-EDE-CBC","des-ede-cbc",NID_des_ede_cbc,0,NULL,0},
-{"DES-EDE3-CBC","des-ede3-cbc",NID_des_ede3_cbc,8,&(lvalues[236]),0},
-{"DES-OFB","des-ofb",NID_des_ofb64,5,&(lvalues[244]),0},
+{"DES-EDE3-CBC","des-ede3-cbc",NID_des_ede3_cbc,8,&(lvalues[235]),0},
+{"DES-OFB","des-ofb",NID_des_ofb64,5,&(lvalues[243]),0},
{"IDEA-OFB","idea-ofb",NID_idea_ofb64,0,NULL,0},
-{"pkcs9","pkcs9",NID_pkcs9,8,&(lvalues[249]),0},
+{"pkcs9","pkcs9",NID_pkcs9,8,&(lvalues[248]),0},
{"emailAddress","emailAddress",NID_pkcs9_emailAddress,9,
- &(lvalues[257]),0},
+ &(lvalues[256]),0},
{"unstructuredName","unstructuredName",NID_pkcs9_unstructuredName,9,
- &(lvalues[266]),0},
-{"contentType","contentType",NID_pkcs9_contentType,9,&(lvalues[275]),0},
+ &(lvalues[265]),0},
+{"contentType","contentType",NID_pkcs9_contentType,9,&(lvalues[274]),0},
{"messageDigest","messageDigest",NID_pkcs9_messageDigest,9,
- &(lvalues[284]),0},
-{"signingTime","signingTime",NID_pkcs9_signingTime,9,&(lvalues[293]),0},
+ &(lvalues[283]),0},
+{"signingTime","signingTime",NID_pkcs9_signingTime,9,&(lvalues[292]),0},
{"countersignature","countersignature",NID_pkcs9_countersignature,9,
- &(lvalues[302]),0},
+ &(lvalues[301]),0},
{"challengePassword","challengePassword",NID_pkcs9_challengePassword,
- 9,&(lvalues[311]),0},
+ 9,&(lvalues[310]),0},
{"unstructuredAddress","unstructuredAddress",
- NID_pkcs9_unstructuredAddress,9,&(lvalues[320]),0},
+ NID_pkcs9_unstructuredAddress,9,&(lvalues[319]),0},
{"extendedCertificateAttributes","extendedCertificateAttributes",
- NID_pkcs9_extCertAttributes,9,&(lvalues[329]),0},
+ NID_pkcs9_extCertAttributes,9,&(lvalues[328]),0},
{"Netscape","Netscape Communications Corp.",NID_netscape,7,
- &(lvalues[338]),0},
+ &(lvalues[337]),0},
{"nsCertExt","Netscape Certificate Extension",
- NID_netscape_cert_extension,8,&(lvalues[345]),0},
+ NID_netscape_cert_extension,8,&(lvalues[344]),0},
{"nsDataType","Netscape Data Type",NID_netscape_data_type,8,
- &(lvalues[353]),0},
+ &(lvalues[352]),0},
{"DES-EDE-CFB","des-ede-cfb",NID_des_ede_cfb64,0,NULL,0},
{"DES-EDE3-CFB","des-ede3-cfb",NID_des_ede3_cfb64,0,NULL,0},
{"DES-EDE-OFB","des-ede-ofb",NID_des_ede_ofb64,0,NULL,0},
{"DES-EDE3-OFB","des-ede3-ofb",NID_des_ede3_ofb64,0,NULL,0},
-{"SHA1","sha1",NID_sha1,5,&(lvalues[361]),0},
+{"SHA1","sha1",NID_sha1,5,&(lvalues[360]),0},
{"RSA-SHA1","sha1WithRSAEncryption",NID_sha1WithRSAEncryption,9,
- &(lvalues[366]),0},
-{"DSA-SHA","dsaWithSHA",NID_dsaWithSHA,5,&(lvalues[375]),0},
-{"DSA-old","dsaEncryption-old",NID_dsa_2,5,&(lvalues[380]),0},
+ &(lvalues[365]),0},
+{"DSA-SHA","dsaWithSHA",NID_dsaWithSHA,5,&(lvalues[374]),0},
+{"DSA-old","dsaEncryption-old",NID_dsa_2,5,&(lvalues[379]),0},
{"PBE-SHA1-RC2-64","pbeWithSHA1AndRC2-CBC",NID_pbeWithSHA1AndRC2_CBC,
- 9,&(lvalues[385]),0},
-{"PBKDF2","PBKDF2",NID_id_pbkdf2,9,&(lvalues[394]),0},
-{"DSA-SHA1-old","dsaWithSHA1-old",NID_dsaWithSHA1_2,5,&(lvalues[403]),0},
+ 9,&(lvalues[384]),0},
+{"PBKDF2","PBKDF2",NID_id_pbkdf2,9,&(lvalues[393]),0},
+{"DSA-SHA1-old","dsaWithSHA1-old",NID_dsaWithSHA1_2,5,&(lvalues[402]),0},
{"nsCertType","Netscape Cert Type",NID_netscape_cert_type,9,
- &(lvalues[408]),0},
+ &(lvalues[407]),0},
{"nsBaseUrl","Netscape Base Url",NID_netscape_base_url,9,
- &(lvalues[417]),0},
+ &(lvalues[416]),0},
{"nsRevocationUrl","Netscape Revocation Url",
- NID_netscape_revocation_url,9,&(lvalues[426]),0},
+ NID_netscape_revocation_url,9,&(lvalues[425]),0},
{"nsCaRevocationUrl","Netscape CA Revocation Url",
- NID_netscape_ca_revocation_url,9,&(lvalues[435]),0},
+ NID_netscape_ca_revocation_url,9,&(lvalues[434]),0},
{"nsRenewalUrl","Netscape Renewal Url",NID_netscape_renewal_url,9,
- &(lvalues[444]),0},
+ &(lvalues[443]),0},
{"nsCaPolicyUrl","Netscape CA Policy Url",NID_netscape_ca_policy_url,
- 9,&(lvalues[453]),0},
+ 9,&(lvalues[452]),0},
{"nsSslServerName","Netscape SSL Server Name",
- NID_netscape_ssl_server_name,9,&(lvalues[462]),0},
-{"nsComment","Netscape Comment",NID_netscape_comment,9,&(lvalues[471]),0},
+ NID_netscape_ssl_server_name,9,&(lvalues[461]),0},
+{"nsComment","Netscape Comment",NID_netscape_comment,9,&(lvalues[470]),0},
{"nsCertSequence","Netscape Certificate Sequence",
- NID_netscape_cert_sequence,9,&(lvalues[480]),0},
+ NID_netscape_cert_sequence,9,&(lvalues[479]),0},
{"DESX-CBC","desx-cbc",NID_desx_cbc,0,NULL,0},
-{"id-ce","id-ce",NID_id_ce,2,&(lvalues[489]),0},
+{"id-ce","id-ce",NID_id_ce,2,&(lvalues[488]),0},
{"subjectKeyIdentifier","X509v3 Subject Key Identifier",
- NID_subject_key_identifier,3,&(lvalues[491]),0},
-{"keyUsage","X509v3 Key Usage",NID_key_usage,3,&(lvalues[494]),0},
+ NID_subject_key_identifier,3,&(lvalues[490]),0},
+{"keyUsage","X509v3 Key Usage",NID_key_usage,3,&(lvalues[493]),0},
{"privateKeyUsagePeriod","X509v3 Private Key Usage Period",
- NID_private_key_usage_period,3,&(lvalues[497]),0},
+ NID_private_key_usage_period,3,&(lvalues[496]),0},
{"subjectAltName","X509v3 Subject Alternative Name",
- NID_subject_alt_name,3,&(lvalues[500]),0},
+ NID_subject_alt_name,3,&(lvalues[499]),0},
{"issuerAltName","X509v3 Issuer Alternative Name",NID_issuer_alt_name,
- 3,&(lvalues[503]),0},
+ 3,&(lvalues[502]),0},
{"basicConstraints","X509v3 Basic Constraints",NID_basic_constraints,
- 3,&(lvalues[506]),0},
-{"crlNumber","X509v3 CRL Number",NID_crl_number,3,&(lvalues[509]),0},
+ 3,&(lvalues[505]),0},
+{"crlNumber","X509v3 CRL Number",NID_crl_number,3,&(lvalues[508]),0},
{"certificatePolicies","X509v3 Certificate Policies",
- NID_certificate_policies,3,&(lvalues[512]),0},
+ NID_certificate_policies,3,&(lvalues[511]),0},
{"authorityKeyIdentifier","X509v3 Authority Key Identifier",
- NID_authority_key_identifier,3,&(lvalues[515]),0},
-{"BF-CBC","bf-cbc",NID_bf_cbc,9,&(lvalues[518]),0},
+ NID_authority_key_identifier,3,&(lvalues[514]),0},
+{"BF-CBC","bf-cbc",NID_bf_cbc,9,&(lvalues[517]),0},
{"BF-ECB","bf-ecb",NID_bf_ecb,0,NULL,0},
{"BF-CFB","bf-cfb",NID_bf_cfb64,0,NULL,0},
{"BF-OFB","bf-ofb",NID_bf_ofb64,0,NULL,0},
-{"MDC2","mdc2",NID_mdc2,4,&(lvalues[527]),0},
-{"RSA-MDC2","mdc2WithRSA",NID_mdc2WithRSA,4,&(lvalues[531]),0},
+{"MDC2","mdc2",NID_mdc2,4,&(lvalues[526]),0},
+{"RSA-MDC2","mdc2WithRSA",NID_mdc2WithRSA,4,&(lvalues[530]),0},
{"RC4-40","rc4-40",NID_rc4_40,0,NULL,0},
{"RC2-40-CBC","rc2-40-cbc",NID_rc2_40_cbc,0,NULL,0},
-{"GN","givenName",NID_givenName,3,&(lvalues[535]),0},
-{"SN","surname",NID_surname,3,&(lvalues[538]),0},
-{"initials","initials",NID_initials,3,&(lvalues[541]),0},
+{"GN","givenName",NID_givenName,3,&(lvalues[534]),0},
+{"SN","surname",NID_surname,3,&(lvalues[537]),0},
+{"initials","initials",NID_initials,3,&(lvalues[540]),0},
{NULL,NULL,NID_undef,0,NULL,0},
{"crlDistributionPoints","X509v3 CRL Distribution Points",
- NID_crl_distribution_points,3,&(lvalues[544]),0},
-{"RSA-NP-MD5","md5WithRSA",NID_md5WithRSA,5,&(lvalues[547]),0},
-{"serialNumber","serialNumber",NID_serialNumber,3,&(lvalues[552]),0},
-{"title","title",NID_title,3,&(lvalues[555]),0},
-{"description","description",NID_description,3,&(lvalues[558]),0},
-{"CAST5-CBC","cast5-cbc",NID_cast5_cbc,9,&(lvalues[561]),0},
+ NID_crl_distribution_points,3,&(lvalues[543]),0},
+{"RSA-NP-MD5","md5WithRSA",NID_md5WithRSA,5,&(lvalues[546]),0},
+{"serialNumber","serialNumber",NID_serialNumber,3,&(lvalues[551]),0},
+{"title","title",NID_title,3,&(lvalues[554]),0},
+{"description","description",NID_description,3,&(lvalues[557]),0},
+{"CAST5-CBC","cast5-cbc",NID_cast5_cbc,9,&(lvalues[560]),0},
{"CAST5-ECB","cast5-ecb",NID_cast5_ecb,0,NULL,0},
{"CAST5-CFB","cast5-cfb",NID_cast5_cfb64,0,NULL,0},
{"CAST5-OFB","cast5-ofb",NID_cast5_ofb64,0,NULL,0},
{"pbeWithMD5AndCast5CBC","pbeWithMD5AndCast5CBC",
- NID_pbeWithMD5AndCast5_CBC,9,&(lvalues[570]),0},
-{"DSA-SHA1","dsaWithSHA1",NID_dsaWithSHA1,7,&(lvalues[579]),0},
+ NID_pbeWithMD5AndCast5_CBC,9,&(lvalues[569]),0},
+{"DSA-SHA1","dsaWithSHA1",NID_dsaWithSHA1,7,&(lvalues[578]),0},
{"MD5-SHA1","md5-sha1",NID_md5_sha1,0,NULL,0},
-{"RSA-SHA1-2","sha1WithRSA",NID_sha1WithRSA,5,&(lvalues[586]),0},
-{"DSA","dsaEncryption",NID_dsa,7,&(lvalues[591]),0},
-{"RIPEMD160","ripemd160",NID_ripemd160,5,&(lvalues[598]),0},
+{"RSA-SHA1-2","sha1WithRSA",NID_sha1WithRSA,5,&(lvalues[585]),0},
+{"DSA","dsaEncryption",NID_dsa,7,&(lvalues[590]),0},
+{"RIPEMD160","ripemd160",NID_ripemd160,5,&(lvalues[597]),0},
{NULL,NULL,NID_undef,0,NULL,0},
{"RSA-RIPEMD160","ripemd160WithRSA",NID_ripemd160WithRSA,6,
- &(lvalues[603]),0},
-{"RC5-CBC","rc5-cbc",NID_rc5_cbc,8,&(lvalues[609]),0},
+ &(lvalues[602]),0},
+{"RC5-CBC","rc5-cbc",NID_rc5_cbc,8,&(lvalues[608]),0},
{"RC5-ECB","rc5-ecb",NID_rc5_ecb,0,NULL,0},
{"RC5-CFB","rc5-cfb",NID_rc5_cfb64,0,NULL,0},
{"RC5-OFB","rc5-ofb",NID_rc5_ofb64,0,NULL,0},
-{"RLE","run length compression",NID_rle_compression,6,&(lvalues[617]),0},
-{"ZLIB","zlib compression",NID_zlib_compression,11,&(lvalues[623]),0},
+{"RLE","run length compression",NID_rle_compression,6,&(lvalues[616]),0},
+{"ZLIB","zlib compression",NID_zlib_compression,11,&(lvalues[622]),0},
{"extendedKeyUsage","X509v3 Extended Key Usage",NID_ext_key_usage,3,
- &(lvalues[634]),0},
-{"PKIX","PKIX",NID_id_pkix,6,&(lvalues[637]),0},
-{"id-kp","id-kp",NID_id_kp,7,&(lvalues[643]),0},
+ &(lvalues[633]),0},
+{"PKIX","PKIX",NID_id_pkix,6,&(lvalues[636]),0},
+{"id-kp","id-kp",NID_id_kp,7,&(lvalues[642]),0},
{"serverAuth","TLS Web Server Authentication",NID_server_auth,8,
- &(lvalues[650]),0},
+ &(lvalues[649]),0},
{"clientAuth","TLS Web Client Authentication",NID_client_auth,8,
- &(lvalues[658]),0},
-{"codeSigning","Code Signing",NID_code_sign,8,&(lvalues[666]),0},
+ &(lvalues[657]),0},
+{"codeSigning","Code Signing",NID_code_sign,8,&(lvalues[665]),0},
{"emailProtection","E-mail Protection",NID_email_protect,8,
- &(lvalues[674]),0},
-{"timeStamping","Time Stamping",NID_time_stamp,8,&(lvalues[682]),0},
+ &(lvalues[673]),0},
+{"timeStamping","Time Stamping",NID_time_stamp,8,&(lvalues[681]),0},
{"msCodeInd","Microsoft Individual Code Signing",NID_ms_code_ind,10,
- &(lvalues[690]),0},
+ &(lvalues[689]),0},
{"msCodeCom","Microsoft Commercial Code Signing",NID_ms_code_com,10,
- &(lvalues[700]),0},
+ &(lvalues[699]),0},
{"msCTLSign","Microsoft Trust List Signing",NID_ms_ctl_sign,10,
- &(lvalues[710]),0},
-{"msSGC","Microsoft Server Gated Crypto",NID_ms_sgc,10,&(lvalues[720]),0},
+ &(lvalues[709]),0},
+{"msSGC","Microsoft Server Gated Crypto",NID_ms_sgc,10,&(lvalues[719]),0},
{"msEFS","Microsoft Encrypted File System",NID_ms_efs,10,
- &(lvalues[730]),0},
-{"nsSGC","Netscape Server Gated Crypto",NID_ns_sgc,9,&(lvalues[740]),0},
+ &(lvalues[729]),0},
+{"nsSGC","Netscape Server Gated Crypto",NID_ns_sgc,9,&(lvalues[739]),0},
{"deltaCRL","X509v3 Delta CRL Indicator",NID_delta_crl,3,
- &(lvalues[749]),0},
-{"CRLReason","X509v3 CRL Reason Code",NID_crl_reason,3,&(lvalues[752]),0},
+ &(lvalues[748]),0},
+{"CRLReason","X509v3 CRL Reason Code",NID_crl_reason,3,&(lvalues[751]),0},
{"invalidityDate","Invalidity Date",NID_invalidity_date,3,
- &(lvalues[755]),0},
-{"SXNetID","Strong Extranet ID",NID_sxnet,5,&(lvalues[758]),0},
+ &(lvalues[754]),0},
+{"SXNetID","Strong Extranet ID",NID_sxnet,5,&(lvalues[757]),0},
{"PBE-SHA1-RC4-128","pbeWithSHA1And128BitRC4",
- NID_pbe_WithSHA1And128BitRC4,10,&(lvalues[763]),0},
+ NID_pbe_WithSHA1And128BitRC4,10,&(lvalues[762]),0},
{"PBE-SHA1-RC4-40","pbeWithSHA1And40BitRC4",
- NID_pbe_WithSHA1And40BitRC4,10,&(lvalues[773]),0},
+ NID_pbe_WithSHA1And40BitRC4,10,&(lvalues[772]),0},
{"PBE-SHA1-3DES","pbeWithSHA1And3-KeyTripleDES-CBC",
- NID_pbe_WithSHA1And3_Key_TripleDES_CBC,10,&(lvalues[783]),0},
+ NID_pbe_WithSHA1And3_Key_TripleDES_CBC,10,&(lvalues[782]),0},
{"PBE-SHA1-2DES","pbeWithSHA1And2-KeyTripleDES-CBC",
- NID_pbe_WithSHA1And2_Key_TripleDES_CBC,10,&(lvalues[793]),0},
+ NID_pbe_WithSHA1And2_Key_TripleDES_CBC,10,&(lvalues[792]),0},
{"PBE-SHA1-RC2-128","pbeWithSHA1And128BitRC2-CBC",
- NID_pbe_WithSHA1And128BitRC2_CBC,10,&(lvalues[803]),0},
+ NID_pbe_WithSHA1And128BitRC2_CBC,10,&(lvalues[802]),0},
{"PBE-SHA1-RC2-40","pbeWithSHA1And40BitRC2-CBC",
- NID_pbe_WithSHA1And40BitRC2_CBC,10,&(lvalues[813]),0},
-{"keyBag","keyBag",NID_keyBag,11,&(lvalues[823]),0},
+ NID_pbe_WithSHA1And40BitRC2_CBC,10,&(lvalues[812]),0},
+{"keyBag","keyBag",NID_keyBag,11,&(lvalues[822]),0},
{"pkcs8ShroudedKeyBag","pkcs8ShroudedKeyBag",NID_pkcs8ShroudedKeyBag,
- 11,&(lvalues[834]),0},
-{"certBag","certBag",NID_certBag,11,&(lvalues[845]),0},
-{"crlBag","crlBag",NID_crlBag,11,&(lvalues[856]),0},
-{"secretBag","secretBag",NID_secretBag,11,&(lvalues[867]),0},
+ 11,&(lvalues[833]),0},
+{"certBag","certBag",NID_certBag,11,&(lvalues[844]),0},
+{"crlBag","crlBag",NID_crlBag,11,&(lvalues[855]),0},
+{"secretBag","secretBag",NID_secretBag,11,&(lvalues[866]),0},
{"safeContentsBag","safeContentsBag",NID_safeContentsBag,11,
- &(lvalues[878]),0},
-{"friendlyName","friendlyName",NID_friendlyName,9,&(lvalues[889]),0},
-{"localKeyID","localKeyID",NID_localKeyID,9,&(lvalues[898]),0},
+ &(lvalues[877]),0},
+{"friendlyName","friendlyName",NID_friendlyName,9,&(lvalues[888]),0},
+{"localKeyID","localKeyID",NID_localKeyID,9,&(lvalues[897]),0},
{"x509Certificate","x509Certificate",NID_x509Certificate,10,
- &(lvalues[907]),0},
+ &(lvalues[906]),0},
{"sdsiCertificate","sdsiCertificate",NID_sdsiCertificate,10,
- &(lvalues[917]),0},
-{"x509Crl","x509Crl",NID_x509Crl,10,&(lvalues[927]),0},
-{"PBES2","PBES2",NID_pbes2,9,&(lvalues[937]),0},
-{"PBMAC1","PBMAC1",NID_pbmac1,9,&(lvalues[946]),0},
-{"hmacWithSHA1","hmacWithSHA1",NID_hmacWithSHA1,8,&(lvalues[955]),0},
-{"id-qt-cps","Policy Qualifier CPS",NID_id_qt_cps,8,&(lvalues[963]),0},
+ &(lvalues[916]),0},
+{"x509Crl","x509Crl",NID_x509Crl,10,&(lvalues[926]),0},
+{"PBES2","PBES2",NID_pbes2,9,&(lvalues[936]),0},
+{"PBMAC1","PBMAC1",NID_pbmac1,9,&(lvalues[945]),0},
+{"hmacWithSHA1","hmacWithSHA1",NID_hmacWithSHA1,8,&(lvalues[954]),0},
+{"id-qt-cps","Policy Qualifier CPS",NID_id_qt_cps,8,&(lvalues[962]),0},
{"id-qt-unotice","Policy Qualifier User Notice",NID_id_qt_unotice,8,
- &(lvalues[971]),0},
+ &(lvalues[970]),0},
{"RC2-64-CBC","rc2-64-cbc",NID_rc2_64_cbc,0,NULL,0},
{"SMIME-CAPS","S/MIME Capabilities",NID_SMIMECapabilities,9,
- &(lvalues[979]),0},
+ &(lvalues[978]),0},
{"PBE-MD2-RC2-64","pbeWithMD2AndRC2-CBC",NID_pbeWithMD2AndRC2_CBC,9,
- &(lvalues[988]),0},
+ &(lvalues[987]),0},
{"PBE-MD5-RC2-64","pbeWithMD5AndRC2-CBC",NID_pbeWithMD5AndRC2_CBC,9,
- &(lvalues[997]),0},
+ &(lvalues[996]),0},
{"PBE-SHA1-DES","pbeWithSHA1AndDES-CBC",NID_pbeWithSHA1AndDES_CBC,9,
- &(lvalues[1006]),0},
+ &(lvalues[1005]),0},
{"msExtReq","Microsoft Extension Request",NID_ms_ext_req,10,
- &(lvalues[1015]),0},
-{"extReq","Extension Request",NID_ext_req,9,&(lvalues[1025]),0},
-{"name","name",NID_name,3,&(lvalues[1034]),0},
-{"dnQualifier","dnQualifier",NID_dnQualifier,3,&(lvalues[1037]),0},
-{"id-pe","id-pe",NID_id_pe,7,&(lvalues[1040]),0},
-{"id-ad","id-ad",NID_id_ad,7,&(lvalues[1047]),0},
+ &(lvalues[1014]),0},
+{"extReq","Extension Request",NID_ext_req,9,&(lvalues[1024]),0},
+{"name","name",NID_name,3,&(lvalues[1033]),0},
+{"dnQualifier","dnQualifier",NID_dnQualifier,3,&(lvalues[1036]),0},
+{"id-pe","id-pe",NID_id_pe,7,&(lvalues[1039]),0},
+{"id-ad","id-ad",NID_id_ad,7,&(lvalues[1046]),0},
{"authorityInfoAccess","Authority Information Access",NID_info_access,
- 8,&(lvalues[1054]),0},
-{"OCSP","OCSP",NID_ad_OCSP,8,&(lvalues[1062]),0},
-{"caIssuers","CA Issuers",NID_ad_ca_issuers,8,&(lvalues[1070]),0},
-{"OCSPSigning","OCSP Signing",NID_OCSP_sign,8,&(lvalues[1078]),0},
-{"ISO","iso",NID_iso,1,&(lvalues[1086]),0},
-{"member-body","ISO Member Body",NID_member_body,1,&(lvalues[1087]),0},
-{"ISO-US","ISO US Member Body",NID_ISO_US,3,&(lvalues[1088]),0},
-{"X9-57","X9.57",NID_X9_57,5,&(lvalues[1091]),0},
-{"X9cm","X9.57 CM ?",NID_X9cm,6,&(lvalues[1096]),0},
-{"pkcs1","pkcs1",NID_pkcs1,8,&(lvalues[1102]),0},
-{"pkcs5","pkcs5",NID_pkcs5,8,&(lvalues[1110]),0},
-{"SMIME","S/MIME",NID_SMIME,9,&(lvalues[1118]),0},
-{"id-smime-mod","id-smime-mod",NID_id_smime_mod,10,&(lvalues[1127]),0},
-{"id-smime-ct","id-smime-ct",NID_id_smime_ct,10,&(lvalues[1137]),0},
-{"id-smime-aa","id-smime-aa",NID_id_smime_aa,10,&(lvalues[1147]),0},
-{"id-smime-alg","id-smime-alg",NID_id_smime_alg,10,&(lvalues[1157]),0},
-{"id-smime-cd","id-smime-cd",NID_id_smime_cd,10,&(lvalues[1167]),0},
-{"id-smime-spq","id-smime-spq",NID_id_smime_spq,10,&(lvalues[1177]),0},
-{"id-smime-cti","id-smime-cti",NID_id_smime_cti,10,&(lvalues[1187]),0},
+ 8,&(lvalues[1053]),0},
+{"OCSP","OCSP",NID_ad_OCSP,8,&(lvalues[1061]),0},
+{"caIssuers","CA Issuers",NID_ad_ca_issuers,8,&(lvalues[1069]),0},
+{"OCSPSigning","OCSP Signing",NID_OCSP_sign,8,&(lvalues[1077]),0},
+{"ISO","iso",NID_iso,0,NULL,0},
+{"member-body","ISO Member Body",NID_member_body,1,&(lvalues[1085]),0},
+{"ISO-US","ISO US Member Body",NID_ISO_US,3,&(lvalues[1086]),0},
+{"X9-57","X9.57",NID_X9_57,5,&(lvalues[1089]),0},
+{"X9cm","X9.57 CM ?",NID_X9cm,6,&(lvalues[1094]),0},
+{"pkcs1","pkcs1",NID_pkcs1,8,&(lvalues[1100]),0},
+{"pkcs5","pkcs5",NID_pkcs5,8,&(lvalues[1108]),0},
+{"SMIME","S/MIME",NID_SMIME,9,&(lvalues[1116]),0},
+{"id-smime-mod","id-smime-mod",NID_id_smime_mod,10,&(lvalues[1125]),0},
+{"id-smime-ct","id-smime-ct",NID_id_smime_ct,10,&(lvalues[1135]),0},
+{"id-smime-aa","id-smime-aa",NID_id_smime_aa,10,&(lvalues[1145]),0},
+{"id-smime-alg","id-smime-alg",NID_id_smime_alg,10,&(lvalues[1155]),0},
+{"id-smime-cd","id-smime-cd",NID_id_smime_cd,10,&(lvalues[1165]),0},
+{"id-smime-spq","id-smime-spq",NID_id_smime_spq,10,&(lvalues[1175]),0},
+{"id-smime-cti","id-smime-cti",NID_id_smime_cti,10,&(lvalues[1185]),0},
{"id-smime-mod-cms","id-smime-mod-cms",NID_id_smime_mod_cms,11,
- &(lvalues[1197]),0},
+ &(lvalues[1195]),0},
{"id-smime-mod-ess","id-smime-mod-ess",NID_id_smime_mod_ess,11,
- &(lvalues[1208]),0},
+ &(lvalues[1206]),0},
{"id-smime-mod-oid","id-smime-mod-oid",NID_id_smime_mod_oid,11,
- &(lvalues[1219]),0},
+ &(lvalues[1217]),0},
{"id-smime-mod-msg-v3","id-smime-mod-msg-v3",NID_id_smime_mod_msg_v3,
- 11,&(lvalues[1230]),0},
+ 11,&(lvalues[1228]),0},
{"id-smime-mod-ets-eSignature-88","id-smime-mod-ets-eSignature-88",
- NID_id_smime_mod_ets_eSignature_88,11,&(lvalues[1241]),0},
+ NID_id_smime_mod_ets_eSignature_88,11,&(lvalues[1239]),0},
{"id-smime-mod-ets-eSignature-97","id-smime-mod-ets-eSignature-97",
- NID_id_smime_mod_ets_eSignature_97,11,&(lvalues[1252]),0},
+ NID_id_smime_mod_ets_eSignature_97,11,&(lvalues[1250]),0},
{"id-smime-mod-ets-eSigPolicy-88","id-smime-mod-ets-eSigPolicy-88",
- NID_id_smime_mod_ets_eSigPolicy_88,11,&(lvalues[1263]),0},
+ NID_id_smime_mod_ets_eSigPolicy_88,11,&(lvalues[1261]),0},
{"id-smime-mod-ets-eSigPolicy-97","id-smime-mod-ets-eSigPolicy-97",
- NID_id_smime_mod_ets_eSigPolicy_97,11,&(lvalues[1274]),0},
+ NID_id_smime_mod_ets_eSigPolicy_97,11,&(lvalues[1272]),0},
{"id-smime-ct-receipt","id-smime-ct-receipt",NID_id_smime_ct_receipt,
- 11,&(lvalues[1285]),0},
+ 11,&(lvalues[1283]),0},
{"id-smime-ct-authData","id-smime-ct-authData",
- NID_id_smime_ct_authData,11,&(lvalues[1296]),0},
+ NID_id_smime_ct_authData,11,&(lvalues[1294]),0},
{"id-smime-ct-publishCert","id-smime-ct-publishCert",
- NID_id_smime_ct_publishCert,11,&(lvalues[1307]),0},
+ NID_id_smime_ct_publishCert,11,&(lvalues[1305]),0},
{"id-smime-ct-TSTInfo","id-smime-ct-TSTInfo",NID_id_smime_ct_TSTInfo,
- 11,&(lvalues[1318]),0},
+ 11,&(lvalues[1316]),0},
{"id-smime-ct-TDTInfo","id-smime-ct-TDTInfo",NID_id_smime_ct_TDTInfo,
- 11,&(lvalues[1329]),0},
+ 11,&(lvalues[1327]),0},
{"id-smime-ct-contentInfo","id-smime-ct-contentInfo",
- NID_id_smime_ct_contentInfo,11,&(lvalues[1340]),0},
+ NID_id_smime_ct_contentInfo,11,&(lvalues[1338]),0},
{"id-smime-ct-DVCSRequestData","id-smime-ct-DVCSRequestData",
- NID_id_smime_ct_DVCSRequestData,11,&(lvalues[1351]),0},
+ NID_id_smime_ct_DVCSRequestData,11,&(lvalues[1349]),0},
{"id-smime-ct-DVCSResponseData","id-smime-ct-DVCSResponseData",
- NID_id_smime_ct_DVCSResponseData,11,&(lvalues[1362]),0},
+ NID_id_smime_ct_DVCSResponseData,11,&(lvalues[1360]),0},
{"id-smime-aa-receiptRequest","id-smime-aa-receiptRequest",
- NID_id_smime_aa_receiptRequest,11,&(lvalues[1373]),0},
+ NID_id_smime_aa_receiptRequest,11,&(lvalues[1371]),0},
{"id-smime-aa-securityLabel","id-smime-aa-securityLabel",
- NID_id_smime_aa_securityLabel,11,&(lvalues[1384]),0},
+ NID_id_smime_aa_securityLabel,11,&(lvalues[1382]),0},
{"id-smime-aa-mlExpandHistory","id-smime-aa-mlExpandHistory",
- NID_id_smime_aa_mlExpandHistory,11,&(lvalues[1395]),0},
+ NID_id_smime_aa_mlExpandHistory,11,&(lvalues[1393]),0},
{"id-smime-aa-contentHint","id-smime-aa-contentHint",
- NID_id_smime_aa_contentHint,11,&(lvalues[1406]),0},
+ NID_id_smime_aa_contentHint,11,&(lvalues[1404]),0},
{"id-smime-aa-msgSigDigest","id-smime-aa-msgSigDigest",
- NID_id_smime_aa_msgSigDigest,11,&(lvalues[1417]),0},
+ NID_id_smime_aa_msgSigDigest,11,&(lvalues[1415]),0},
{"id-smime-aa-encapContentType","id-smime-aa-encapContentType",
- NID_id_smime_aa_encapContentType,11,&(lvalues[1428]),0},
+ NID_id_smime_aa_encapContentType,11,&(lvalues[1426]),0},
{"id-smime-aa-contentIdentifier","id-smime-aa-contentIdentifier",
- NID_id_smime_aa_contentIdentifier,11,&(lvalues[1439]),0},
+ NID_id_smime_aa_contentIdentifier,11,&(lvalues[1437]),0},
{"id-smime-aa-macValue","id-smime-aa-macValue",
- NID_id_smime_aa_macValue,11,&(lvalues[1450]),0},
+ NID_id_smime_aa_macValue,11,&(lvalues[1448]),0},
{"id-smime-aa-equivalentLabels","id-smime-aa-equivalentLabels",
- NID_id_smime_aa_equivalentLabels,11,&(lvalues[1461]),0},
+ NID_id_smime_aa_equivalentLabels,11,&(lvalues[1459]),0},
{"id-smime-aa-contentReference","id-smime-aa-contentReference",
- NID_id_smime_aa_contentReference,11,&(lvalues[1472]),0},
+ NID_id_smime_aa_contentReference,11,&(lvalues[1470]),0},
{"id-smime-aa-encrypKeyPref","id-smime-aa-encrypKeyPref",
- NID_id_smime_aa_encrypKeyPref,11,&(lvalues[1483]),0},
+ NID_id_smime_aa_encrypKeyPref,11,&(lvalues[1481]),0},
{"id-smime-aa-signingCertificate","id-smime-aa-signingCertificate",
- NID_id_smime_aa_signingCertificate,11,&(lvalues[1494]),0},
+ NID_id_smime_aa_signingCertificate,11,&(lvalues[1492]),0},
{"id-smime-aa-smimeEncryptCerts","id-smime-aa-smimeEncryptCerts",
- NID_id_smime_aa_smimeEncryptCerts,11,&(lvalues[1505]),0},
+ NID_id_smime_aa_smimeEncryptCerts,11,&(lvalues[1503]),0},
{"id-smime-aa-timeStampToken","id-smime-aa-timeStampToken",
- NID_id_smime_aa_timeStampToken,11,&(lvalues[1516]),0},
+ NID_id_smime_aa_timeStampToken,11,&(lvalues[1514]),0},
{"id-smime-aa-ets-sigPolicyId","id-smime-aa-ets-sigPolicyId",
- NID_id_smime_aa_ets_sigPolicyId,11,&(lvalues[1527]),0},
+ NID_id_smime_aa_ets_sigPolicyId,11,&(lvalues[1525]),0},
{"id-smime-aa-ets-commitmentType","id-smime-aa-ets-commitmentType",
- NID_id_smime_aa_ets_commitmentType,11,&(lvalues[1538]),0},
+ NID_id_smime_aa_ets_commitmentType,11,&(lvalues[1536]),0},
{"id-smime-aa-ets-signerLocation","id-smime-aa-ets-signerLocation",
- NID_id_smime_aa_ets_signerLocation,11,&(lvalues[1549]),0},
+ NID_id_smime_aa_ets_signerLocation,11,&(lvalues[1547]),0},
{"id-smime-aa-ets-signerAttr","id-smime-aa-ets-signerAttr",
- NID_id_smime_aa_ets_signerAttr,11,&(lvalues[1560]),0},
+ NID_id_smime_aa_ets_signerAttr,11,&(lvalues[1558]),0},
{"id-smime-aa-ets-otherSigCert","id-smime-aa-ets-otherSigCert",
- NID_id_smime_aa_ets_otherSigCert,11,&(lvalues[1571]),0},
+ NID_id_smime_aa_ets_otherSigCert,11,&(lvalues[1569]),0},
{"id-smime-aa-ets-contentTimestamp",
"id-smime-aa-ets-contentTimestamp",
- NID_id_smime_aa_ets_contentTimestamp,11,&(lvalues[1582]),0},
+ NID_id_smime_aa_ets_contentTimestamp,11,&(lvalues[1580]),0},
{"id-smime-aa-ets-CertificateRefs","id-smime-aa-ets-CertificateRefs",
- NID_id_smime_aa_ets_CertificateRefs,11,&(lvalues[1593]),0},
+ NID_id_smime_aa_ets_CertificateRefs,11,&(lvalues[1591]),0},
{"id-smime-aa-ets-RevocationRefs","id-smime-aa-ets-RevocationRefs",
- NID_id_smime_aa_ets_RevocationRefs,11,&(lvalues[1604]),0},
+ NID_id_smime_aa_ets_RevocationRefs,11,&(lvalues[1602]),0},
{"id-smime-aa-ets-certValues","id-smime-aa-ets-certValues",
- NID_id_smime_aa_ets_certValues,11,&(lvalues[1615]),0},
+ NID_id_smime_aa_ets_certValues,11,&(lvalues[1613]),0},
{"id-smime-aa-ets-revocationValues",
"id-smime-aa-ets-revocationValues",
- NID_id_smime_aa_ets_revocationValues,11,&(lvalues[1626]),0},
+ NID_id_smime_aa_ets_revocationValues,11,&(lvalues[1624]),0},
{"id-smime-aa-ets-escTimeStamp","id-smime-aa-ets-escTimeStamp",
- NID_id_smime_aa_ets_escTimeStamp,11,&(lvalues[1637]),0},
+ NID_id_smime_aa_ets_escTimeStamp,11,&(lvalues[1635]),0},
{"id-smime-aa-ets-certCRLTimestamp",
"id-smime-aa-ets-certCRLTimestamp",
- NID_id_smime_aa_ets_certCRLTimestamp,11,&(lvalues[1648]),0},
+ NID_id_smime_aa_ets_certCRLTimestamp,11,&(lvalues[1646]),0},
{"id-smime-aa-ets-archiveTimeStamp",
"id-smime-aa-ets-archiveTimeStamp",
- NID_id_smime_aa_ets_archiveTimeStamp,11,&(lvalues[1659]),0},
+ NID_id_smime_aa_ets_archiveTimeStamp,11,&(lvalues[1657]),0},
{"id-smime-aa-signatureType","id-smime-aa-signatureType",
- NID_id_smime_aa_signatureType,11,&(lvalues[1670]),0},
+ NID_id_smime_aa_signatureType,11,&(lvalues[1668]),0},
{"id-smime-aa-dvcs-dvc","id-smime-aa-dvcs-dvc",
- NID_id_smime_aa_dvcs_dvc,11,&(lvalues[1681]),0},
+ NID_id_smime_aa_dvcs_dvc,11,&(lvalues[1679]),0},
{"id-smime-alg-ESDHwith3DES","id-smime-alg-ESDHwith3DES",
- NID_id_smime_alg_ESDHwith3DES,11,&(lvalues[1692]),0},
+ NID_id_smime_alg_ESDHwith3DES,11,&(lvalues[1690]),0},
{"id-smime-alg-ESDHwithRC2","id-smime-alg-ESDHwithRC2",
- NID_id_smime_alg_ESDHwithRC2,11,&(lvalues[1703]),0},
+ NID_id_smime_alg_ESDHwithRC2,11,&(lvalues[1701]),0},
{"id-smime-alg-3DESwrap","id-smime-alg-3DESwrap",
- NID_id_smime_alg_3DESwrap,11,&(lvalues[1714]),0},
+ NID_id_smime_alg_3DESwrap,11,&(lvalues[1712]),0},
{"id-smime-alg-RC2wrap","id-smime-alg-RC2wrap",
- NID_id_smime_alg_RC2wrap,11,&(lvalues[1725]),0},
+ NID_id_smime_alg_RC2wrap,11,&(lvalues[1723]),0},
{"id-smime-alg-ESDH","id-smime-alg-ESDH",NID_id_smime_alg_ESDH,11,
- &(lvalues[1736]),0},
+ &(lvalues[1734]),0},
{"id-smime-alg-CMS3DESwrap","id-smime-alg-CMS3DESwrap",
- NID_id_smime_alg_CMS3DESwrap,11,&(lvalues[1747]),0},
+ NID_id_smime_alg_CMS3DESwrap,11,&(lvalues[1745]),0},
{"id-smime-alg-CMSRC2wrap","id-smime-alg-CMSRC2wrap",
- NID_id_smime_alg_CMSRC2wrap,11,&(lvalues[1758]),0},
+ NID_id_smime_alg_CMSRC2wrap,11,&(lvalues[1756]),0},
{"id-smime-cd-ldap","id-smime-cd-ldap",NID_id_smime_cd_ldap,11,
- &(lvalues[1769]),0},
+ &(lvalues[1767]),0},
{"id-smime-spq-ets-sqt-uri","id-smime-spq-ets-sqt-uri",
- NID_id_smime_spq_ets_sqt_uri,11,&(lvalues[1780]),0},
+ NID_id_smime_spq_ets_sqt_uri,11,&(lvalues[1778]),0},
{"id-smime-spq-ets-sqt-unotice","id-smime-spq-ets-sqt-unotice",
- NID_id_smime_spq_ets_sqt_unotice,11,&(lvalues[1791]),0},
+ NID_id_smime_spq_ets_sqt_unotice,11,&(lvalues[1789]),0},
{"id-smime-cti-ets-proofOfOrigin","id-smime-cti-ets-proofOfOrigin",
- NID_id_smime_cti_ets_proofOfOrigin,11,&(lvalues[1802]),0},
+ NID_id_smime_cti_ets_proofOfOrigin,11,&(lvalues[1800]),0},
{"id-smime-cti-ets-proofOfReceipt","id-smime-cti-ets-proofOfReceipt",
- NID_id_smime_cti_ets_proofOfReceipt,11,&(lvalues[1813]),0},
+ NID_id_smime_cti_ets_proofOfReceipt,11,&(lvalues[1811]),0},
{"id-smime-cti-ets-proofOfDelivery",
"id-smime-cti-ets-proofOfDelivery",
- NID_id_smime_cti_ets_proofOfDelivery,11,&(lvalues[1824]),0},
+ NID_id_smime_cti_ets_proofOfDelivery,11,&(lvalues[1822]),0},
{"id-smime-cti-ets-proofOfSender","id-smime-cti-ets-proofOfSender",
- NID_id_smime_cti_ets_proofOfSender,11,&(lvalues[1835]),0},
+ NID_id_smime_cti_ets_proofOfSender,11,&(lvalues[1833]),0},
{"id-smime-cti-ets-proofOfApproval",
"id-smime-cti-ets-proofOfApproval",
- NID_id_smime_cti_ets_proofOfApproval,11,&(lvalues[1846]),0},
+ NID_id_smime_cti_ets_proofOfApproval,11,&(lvalues[1844]),0},
{"id-smime-cti-ets-proofOfCreation",
"id-smime-cti-ets-proofOfCreation",
- NID_id_smime_cti_ets_proofOfCreation,11,&(lvalues[1857]),0},
-{"MD4","md4",NID_md4,8,&(lvalues[1868]),0},
-{"id-pkix-mod","id-pkix-mod",NID_id_pkix_mod,7,&(lvalues[1876]),0},
-{"id-qt","id-qt",NID_id_qt,7,&(lvalues[1883]),0},
-{"id-it","id-it",NID_id_it,7,&(lvalues[1890]),0},
-{"id-pkip","id-pkip",NID_id_pkip,7,&(lvalues[1897]),0},
-{"id-alg","id-alg",NID_id_alg,7,&(lvalues[1904]),0},
-{"id-cmc","id-cmc",NID_id_cmc,7,&(lvalues[1911]),0},
-{"id-on","id-on",NID_id_on,7,&(lvalues[1918]),0},
-{"id-pda","id-pda",NID_id_pda,7,&(lvalues[1925]),0},
-{"id-aca","id-aca",NID_id_aca,7,&(lvalues[1932]),0},
-{"id-qcs","id-qcs",NID_id_qcs,7,&(lvalues[1939]),0},
-{"id-cct","id-cct",NID_id_cct,7,&(lvalues[1946]),0},
+ NID_id_smime_cti_ets_proofOfCreation,11,&(lvalues[1855]),0},
+{"MD4","md4",NID_md4,8,&(lvalues[1866]),0},
+{"id-pkix-mod","id-pkix-mod",NID_id_pkix_mod,7,&(lvalues[1874]),0},
+{"id-qt","id-qt",NID_id_qt,7,&(lvalues[1881]),0},
+{"id-it","id-it",NID_id_it,7,&(lvalues[1888]),0},
+{"id-pkip","id-pkip",NID_id_pkip,7,&(lvalues[1895]),0},
+{"id-alg","id-alg",NID_id_alg,7,&(lvalues[1902]),0},
+{"id-cmc","id-cmc",NID_id_cmc,7,&(lvalues[1909]),0},
+{"id-on","id-on",NID_id_on,7,&(lvalues[1916]),0},
+{"id-pda","id-pda",NID_id_pda,7,&(lvalues[1923]),0},
+{"id-aca","id-aca",NID_id_aca,7,&(lvalues[1930]),0},
+{"id-qcs","id-qcs",NID_id_qcs,7,&(lvalues[1937]),0},
+{"id-cct","id-cct",NID_id_cct,7,&(lvalues[1944]),0},
{"id-pkix1-explicit-88","id-pkix1-explicit-88",
- NID_id_pkix1_explicit_88,8,&(lvalues[1953]),0},
+ NID_id_pkix1_explicit_88,8,&(lvalues[1951]),0},
{"id-pkix1-implicit-88","id-pkix1-implicit-88",
- NID_id_pkix1_implicit_88,8,&(lvalues[1961]),0},
+ NID_id_pkix1_implicit_88,8,&(lvalues[1959]),0},
{"id-pkix1-explicit-93","id-pkix1-explicit-93",
- NID_id_pkix1_explicit_93,8,&(lvalues[1969]),0},
+ NID_id_pkix1_explicit_93,8,&(lvalues[1967]),0},
{"id-pkix1-implicit-93","id-pkix1-implicit-93",
- NID_id_pkix1_implicit_93,8,&(lvalues[1977]),0},
-{"id-mod-crmf","id-mod-crmf",NID_id_mod_crmf,8,&(lvalues[1985]),0},
-{"id-mod-cmc","id-mod-cmc",NID_id_mod_cmc,8,&(lvalues[1993]),0},
+ NID_id_pkix1_implicit_93,8,&(lvalues[1975]),0},
+{"id-mod-crmf","id-mod-crmf",NID_id_mod_crmf,8,&(lvalues[1983]),0},
+{"id-mod-cmc","id-mod-cmc",NID_id_mod_cmc,8,&(lvalues[1991]),0},
{"id-mod-kea-profile-88","id-mod-kea-profile-88",
- NID_id_mod_kea_profile_88,8,&(lvalues[2001]),0},
+ NID_id_mod_kea_profile_88,8,&(lvalues[1999]),0},
{"id-mod-kea-profile-93","id-mod-kea-profile-93",
- NID_id_mod_kea_profile_93,8,&(lvalues[2009]),0},
-{"id-mod-cmp","id-mod-cmp",NID_id_mod_cmp,8,&(lvalues[2017]),0},
+ NID_id_mod_kea_profile_93,8,&(lvalues[2007]),0},
+{"id-mod-cmp","id-mod-cmp",NID_id_mod_cmp,8,&(lvalues[2015]),0},
{"id-mod-qualified-cert-88","id-mod-qualified-cert-88",
- NID_id_mod_qualified_cert_88,8,&(lvalues[2025]),0},
+ NID_id_mod_qualified_cert_88,8,&(lvalues[2023]),0},
{"id-mod-qualified-cert-93","id-mod-qualified-cert-93",
- NID_id_mod_qualified_cert_93,8,&(lvalues[2033]),0},
+ NID_id_mod_qualified_cert_93,8,&(lvalues[2031]),0},
{"id-mod-attribute-cert","id-mod-attribute-cert",
- NID_id_mod_attribute_cert,8,&(lvalues[2041]),0},
+ NID_id_mod_attribute_cert,8,&(lvalues[2039]),0},
{"id-mod-timestamp-protocol","id-mod-timestamp-protocol",
- NID_id_mod_timestamp_protocol,8,&(lvalues[2049]),0},
-{"id-mod-ocsp","id-mod-ocsp",NID_id_mod_ocsp,8,&(lvalues[2057]),0},
-{"id-mod-dvcs","id-mod-dvcs",NID_id_mod_dvcs,8,&(lvalues[2065]),0},
+ NID_id_mod_timestamp_protocol,8,&(lvalues[2047]),0},
+{"id-mod-ocsp","id-mod-ocsp",NID_id_mod_ocsp,8,&(lvalues[2055]),0},
+{"id-mod-dvcs","id-mod-dvcs",NID_id_mod_dvcs,8,&(lvalues[2063]),0},
{"id-mod-cmp2000","id-mod-cmp2000",NID_id_mod_cmp2000,8,
- &(lvalues[2073]),0},
-{"biometricInfo","Biometric Info",NID_biometricInfo,8,&(lvalues[2081]),0},
-{"qcStatements","qcStatements",NID_qcStatements,8,&(lvalues[2089]),0},
+ &(lvalues[2071]),0},
+{"biometricInfo","Biometric Info",NID_biometricInfo,8,&(lvalues[2079]),0},
+{"qcStatements","qcStatements",NID_qcStatements,8,&(lvalues[2087]),0},
{"ac-auditEntity","ac-auditEntity",NID_ac_auditEntity,8,
- &(lvalues[2097]),0},
-{"ac-targeting","ac-targeting",NID_ac_targeting,8,&(lvalues[2105]),0},
-{"aaControls","aaControls",NID_aaControls,8,&(lvalues[2113]),0},
+ &(lvalues[2095]),0},
+{"ac-targeting","ac-targeting",NID_ac_targeting,8,&(lvalues[2103]),0},
+{"aaControls","aaControls",NID_aaControls,8,&(lvalues[2111]),0},
{"sbgp-ipAddrBlock","sbgp-ipAddrBlock",NID_sbgp_ipAddrBlock,8,
- &(lvalues[2121]),0},
+ &(lvalues[2119]),0},
{"sbgp-autonomousSysNum","sbgp-autonomousSysNum",
- NID_sbgp_autonomousSysNum,8,&(lvalues[2129]),0},
+ NID_sbgp_autonomousSysNum,8,&(lvalues[2127]),0},
{"sbgp-routerIdentifier","sbgp-routerIdentifier",
- NID_sbgp_routerIdentifier,8,&(lvalues[2137]),0},
-{"textNotice","textNotice",NID_textNotice,8,&(lvalues[2145]),0},
+ NID_sbgp_routerIdentifier,8,&(lvalues[2135]),0},
+{"textNotice","textNotice",NID_textNotice,8,&(lvalues[2143]),0},
{"ipsecEndSystem","IPSec End System",NID_ipsecEndSystem,8,
- &(lvalues[2153]),0},
-{"ipsecTunnel","IPSec Tunnel",NID_ipsecTunnel,8,&(lvalues[2161]),0},
-{"ipsecUser","IPSec User",NID_ipsecUser,8,&(lvalues[2169]),0},
-{"DVCS","dvcs",NID_dvcs,8,&(lvalues[2177]),0},
+ &(lvalues[2151]),0},
+{"ipsecTunnel","IPSec Tunnel",NID_ipsecTunnel,8,&(lvalues[2159]),0},
+{"ipsecUser","IPSec User",NID_ipsecUser,8,&(lvalues[2167]),0},
+{"DVCS","dvcs",NID_dvcs,8,&(lvalues[2175]),0},
{"id-it-caProtEncCert","id-it-caProtEncCert",NID_id_it_caProtEncCert,
- 8,&(lvalues[2185]),0},
+ 8,&(lvalues[2183]),0},
{"id-it-signKeyPairTypes","id-it-signKeyPairTypes",
- NID_id_it_signKeyPairTypes,8,&(lvalues[2193]),0},
+ NID_id_it_signKeyPairTypes,8,&(lvalues[2191]),0},
{"id-it-encKeyPairTypes","id-it-encKeyPairTypes",
- NID_id_it_encKeyPairTypes,8,&(lvalues[2201]),0},
+ NID_id_it_encKeyPairTypes,8,&(lvalues[2199]),0},
{"id-it-preferredSymmAlg","id-it-preferredSymmAlg",
- NID_id_it_preferredSymmAlg,8,&(lvalues[2209]),0},
+ NID_id_it_preferredSymmAlg,8,&(lvalues[2207]),0},
{"id-it-caKeyUpdateInfo","id-it-caKeyUpdateInfo",
- NID_id_it_caKeyUpdateInfo,8,&(lvalues[2217]),0},
+ NID_id_it_caKeyUpdateInfo,8,&(lvalues[2215]),0},
{"id-it-currentCRL","id-it-currentCRL",NID_id_it_currentCRL,8,
- &(lvalues[2225]),0},
+ &(lvalues[2223]),0},
{"id-it-unsupportedOIDs","id-it-unsupportedOIDs",
- NID_id_it_unsupportedOIDs,8,&(lvalues[2233]),0},
+ NID_id_it_unsupportedOIDs,8,&(lvalues[2231]),0},
{"id-it-subscriptionRequest","id-it-subscriptionRequest",
- NID_id_it_subscriptionRequest,8,&(lvalues[2241]),0},
+ NID_id_it_subscriptionRequest,8,&(lvalues[2239]),0},
{"id-it-subscriptionResponse","id-it-subscriptionResponse",
- NID_id_it_subscriptionResponse,8,&(lvalues[2249]),0},
+ NID_id_it_subscriptionResponse,8,&(lvalues[2247]),0},
{"id-it-keyPairParamReq","id-it-keyPairParamReq",
- NID_id_it_keyPairParamReq,8,&(lvalues[2257]),0},
+ NID_id_it_keyPairParamReq,8,&(lvalues[2255]),0},
{"id-it-keyPairParamRep","id-it-keyPairParamRep",
- NID_id_it_keyPairParamRep,8,&(lvalues[2265]),0},
+ NID_id_it_keyPairParamRep,8,&(lvalues[2263]),0},
{"id-it-revPassphrase","id-it-revPassphrase",NID_id_it_revPassphrase,
- 8,&(lvalues[2273]),0},
+ 8,&(lvalues[2271]),0},
{"id-it-implicitConfirm","id-it-implicitConfirm",
- NID_id_it_implicitConfirm,8,&(lvalues[2281]),0},
+ NID_id_it_implicitConfirm,8,&(lvalues[2279]),0},
{"id-it-confirmWaitTime","id-it-confirmWaitTime",
- NID_id_it_confirmWaitTime,8,&(lvalues[2289]),0},
+ NID_id_it_confirmWaitTime,8,&(lvalues[2287]),0},
{"id-it-origPKIMessage","id-it-origPKIMessage",
- NID_id_it_origPKIMessage,8,&(lvalues[2297]),0},
-{"id-regCtrl","id-regCtrl",NID_id_regCtrl,8,&(lvalues[2305]),0},
-{"id-regInfo","id-regInfo",NID_id_regInfo,8,&(lvalues[2313]),0},
+ NID_id_it_origPKIMessage,8,&(lvalues[2295]),0},
+{"id-regCtrl","id-regCtrl",NID_id_regCtrl,8,&(lvalues[2303]),0},
+{"id-regInfo","id-regInfo",NID_id_regInfo,8,&(lvalues[2311]),0},
{"id-regCtrl-regToken","id-regCtrl-regToken",NID_id_regCtrl_regToken,
- 9,&(lvalues[2321]),0},
+ 9,&(lvalues[2319]),0},
{"id-regCtrl-authenticator","id-regCtrl-authenticator",
- NID_id_regCtrl_authenticator,9,&(lvalues[2330]),0},
+ NID_id_regCtrl_authenticator,9,&(lvalues[2328]),0},
{"id-regCtrl-pkiPublicationInfo","id-regCtrl-pkiPublicationInfo",
- NID_id_regCtrl_pkiPublicationInfo,9,&(lvalues[2339]),0},
+ NID_id_regCtrl_pkiPublicationInfo,9,&(lvalues[2337]),0},
{"id-regCtrl-pkiArchiveOptions","id-regCtrl-pkiArchiveOptions",
- NID_id_regCtrl_pkiArchiveOptions,9,&(lvalues[2348]),0},
+ NID_id_regCtrl_pkiArchiveOptions,9,&(lvalues[2346]),0},
{"id-regCtrl-oldCertID","id-regCtrl-oldCertID",
- NID_id_regCtrl_oldCertID,9,&(lvalues[2357]),0},
+ NID_id_regCtrl_oldCertID,9,&(lvalues[2355]),0},
{"id-regCtrl-protocolEncrKey","id-regCtrl-protocolEncrKey",
- NID_id_regCtrl_protocolEncrKey,9,&(lvalues[2366]),0},
+ NID_id_regCtrl_protocolEncrKey,9,&(lvalues[2364]),0},
{"id-regInfo-utf8Pairs","id-regInfo-utf8Pairs",
- NID_id_regInfo_utf8Pairs,9,&(lvalues[2375]),0},
+ NID_id_regInfo_utf8Pairs,9,&(lvalues[2373]),0},
{"id-regInfo-certReq","id-regInfo-certReq",NID_id_regInfo_certReq,9,
- &(lvalues[2384]),0},
-{"id-alg-des40","id-alg-des40",NID_id_alg_des40,8,&(lvalues[2393]),0},
+ &(lvalues[2382]),0},
+{"id-alg-des40","id-alg-des40",NID_id_alg_des40,8,&(lvalues[2391]),0},
{"id-alg-noSignature","id-alg-noSignature",NID_id_alg_noSignature,8,
- &(lvalues[2401]),0},
+ &(lvalues[2399]),0},
{"id-alg-dh-sig-hmac-sha1","id-alg-dh-sig-hmac-sha1",
- NID_id_alg_dh_sig_hmac_sha1,8,&(lvalues[2409]),0},
-{"id-alg-dh-pop","id-alg-dh-pop",NID_id_alg_dh_pop,8,&(lvalues[2417]),0},
+ NID_id_alg_dh_sig_hmac_sha1,8,&(lvalues[2407]),0},
+{"id-alg-dh-pop","id-alg-dh-pop",NID_id_alg_dh_pop,8,&(lvalues[2415]),0},
{"id-cmc-statusInfo","id-cmc-statusInfo",NID_id_cmc_statusInfo,8,
- &(lvalues[2425]),0},
+ &(lvalues[2423]),0},
{"id-cmc-identification","id-cmc-identification",
- NID_id_cmc_identification,8,&(lvalues[2433]),0},
+ NID_id_cmc_identification,8,&(lvalues[2431]),0},
{"id-cmc-identityProof","id-cmc-identityProof",
- NID_id_cmc_identityProof,8,&(lvalues[2441]),0},
+ NID_id_cmc_identityProof,8,&(lvalues[2439]),0},
{"id-cmc-dataReturn","id-cmc-dataReturn",NID_id_cmc_dataReturn,8,
- &(lvalues[2449]),0},
+ &(lvalues[2447]),0},
{"id-cmc-transactionId","id-cmc-transactionId",
- NID_id_cmc_transactionId,8,&(lvalues[2457]),0},
+ NID_id_cmc_transactionId,8,&(lvalues[2455]),0},
{"id-cmc-senderNonce","id-cmc-senderNonce",NID_id_cmc_senderNonce,8,
- &(lvalues[2465]),0},
+ &(lvalues[2463]),0},
{"id-cmc-recipientNonce","id-cmc-recipientNonce",
- NID_id_cmc_recipientNonce,8,&(lvalues[2473]),0},
+ NID_id_cmc_recipientNonce,8,&(lvalues[2471]),0},
{"id-cmc-addExtensions","id-cmc-addExtensions",
- NID_id_cmc_addExtensions,8,&(lvalues[2481]),0},
+ NID_id_cmc_addExtensions,8,&(lvalues[2479]),0},
{"id-cmc-encryptedPOP","id-cmc-encryptedPOP",NID_id_cmc_encryptedPOP,
- 8,&(lvalues[2489]),0},
+ 8,&(lvalues[2487]),0},
{"id-cmc-decryptedPOP","id-cmc-decryptedPOP",NID_id_cmc_decryptedPOP,
- 8,&(lvalues[2497]),0},
+ 8,&(lvalues[2495]),0},
{"id-cmc-lraPOPWitness","id-cmc-lraPOPWitness",
- NID_id_cmc_lraPOPWitness,8,&(lvalues[2505]),0},
+ NID_id_cmc_lraPOPWitness,8,&(lvalues[2503]),0},
{"id-cmc-getCert","id-cmc-getCert",NID_id_cmc_getCert,8,
- &(lvalues[2513]),0},
-{"id-cmc-getCRL","id-cmc-getCRL",NID_id_cmc_getCRL,8,&(lvalues[2521]),0},
+ &(lvalues[2511]),0},
+{"id-cmc-getCRL","id-cmc-getCRL",NID_id_cmc_getCRL,8,&(lvalues[2519]),0},
{"id-cmc-revokeRequest","id-cmc-revokeRequest",
- NID_id_cmc_revokeRequest,8,&(lvalues[2529]),0},
+ NID_id_cmc_revokeRequest,8,&(lvalues[2527]),0},
{"id-cmc-regInfo","id-cmc-regInfo",NID_id_cmc_regInfo,8,
- &(lvalues[2537]),0},
+ &(lvalues[2535]),0},
{"id-cmc-responseInfo","id-cmc-responseInfo",NID_id_cmc_responseInfo,
- 8,&(lvalues[2545]),0},
+ 8,&(lvalues[2543]),0},
{"id-cmc-queryPending","id-cmc-queryPending",NID_id_cmc_queryPending,
- 8,&(lvalues[2553]),0},
+ 8,&(lvalues[2551]),0},
{"id-cmc-popLinkRandom","id-cmc-popLinkRandom",
- NID_id_cmc_popLinkRandom,8,&(lvalues[2561]),0},
+ NID_id_cmc_popLinkRandom,8,&(lvalues[2559]),0},
{"id-cmc-popLinkWitness","id-cmc-popLinkWitness",
- NID_id_cmc_popLinkWitness,8,&(lvalues[2569]),0},
+ NID_id_cmc_popLinkWitness,8,&(lvalues[2567]),0},
{"id-cmc-confirmCertAcceptance","id-cmc-confirmCertAcceptance",
- NID_id_cmc_confirmCertAcceptance,8,&(lvalues[2577]),0},
+ NID_id_cmc_confirmCertAcceptance,8,&(lvalues[2575]),0},
{"id-on-personalData","id-on-personalData",NID_id_on_personalData,8,
- &(lvalues[2585]),0},
+ &(lvalues[2583]),0},
{"id-pda-dateOfBirth","id-pda-dateOfBirth",NID_id_pda_dateOfBirth,8,
- &(lvalues[2593]),0},
+ &(lvalues[2591]),0},
{"id-pda-placeOfBirth","id-pda-placeOfBirth",NID_id_pda_placeOfBirth,
- 8,&(lvalues[2601]),0},
+ 8,&(lvalues[2599]),0},
{NULL,NULL,NID_undef,0,NULL,0},
-{"id-pda-gender","id-pda-gender",NID_id_pda_gender,8,&(lvalues[2609]),0},
+{"id-pda-gender","id-pda-gender",NID_id_pda_gender,8,&(lvalues[2607]),0},
{"id-pda-countryOfCitizenship","id-pda-countryOfCitizenship",
- NID_id_pda_countryOfCitizenship,8,&(lvalues[2617]),0},
+ NID_id_pda_countryOfCitizenship,8,&(lvalues[2615]),0},
{"id-pda-countryOfResidence","id-pda-countryOfResidence",
- NID_id_pda_countryOfResidence,8,&(lvalues[2625]),0},
+ NID_id_pda_countryOfResidence,8,&(lvalues[2623]),0},
{"id-aca-authenticationInfo","id-aca-authenticationInfo",
- NID_id_aca_authenticationInfo,8,&(lvalues[2633]),0},
+ NID_id_aca_authenticationInfo,8,&(lvalues[2631]),0},
{"id-aca-accessIdentity","id-aca-accessIdentity",
- NID_id_aca_accessIdentity,8,&(lvalues[2641]),0},
+ NID_id_aca_accessIdentity,8,&(lvalues[2639]),0},
{"id-aca-chargingIdentity","id-aca-chargingIdentity",
- NID_id_aca_chargingIdentity,8,&(lvalues[2649]),0},
-{"id-aca-group","id-aca-group",NID_id_aca_group,8,&(lvalues[2657]),0},
-{"id-aca-role","id-aca-role",NID_id_aca_role,8,&(lvalues[2665]),0},
+ NID_id_aca_chargingIdentity,8,&(lvalues[2647]),0},
+{"id-aca-group","id-aca-group",NID_id_aca_group,8,&(lvalues[2655]),0},
+{"id-aca-role","id-aca-role",NID_id_aca_role,8,&(lvalues[2663]),0},
{"id-qcs-pkixQCSyntax-v1","id-qcs-pkixQCSyntax-v1",
- NID_id_qcs_pkixQCSyntax_v1,8,&(lvalues[2673]),0},
-{"id-cct-crs","id-cct-crs",NID_id_cct_crs,8,&(lvalues[2681]),0},
+ NID_id_qcs_pkixQCSyntax_v1,8,&(lvalues[2671]),0},
+{"id-cct-crs","id-cct-crs",NID_id_cct_crs,8,&(lvalues[2679]),0},
{"id-cct-PKIData","id-cct-PKIData",NID_id_cct_PKIData,8,
- &(lvalues[2689]),0},
+ &(lvalues[2687]),0},
{"id-cct-PKIResponse","id-cct-PKIResponse",NID_id_cct_PKIResponse,8,
- &(lvalues[2697]),0},
+ &(lvalues[2695]),0},
{"ad_timestamping","AD Time Stamping",NID_ad_timeStamping,8,
- &(lvalues[2705]),0},
-{"AD_DVCS","ad dvcs",NID_ad_dvcs,8,&(lvalues[2713]),0},
+ &(lvalues[2703]),0},
+{"AD_DVCS","ad dvcs",NID_ad_dvcs,8,&(lvalues[2711]),0},
{"basicOCSPResponse","Basic OCSP Response",NID_id_pkix_OCSP_basic,9,
- &(lvalues[2721]),0},
-{"Nonce","OCSP Nonce",NID_id_pkix_OCSP_Nonce,9,&(lvalues[2730]),0},
-{"CrlID","OCSP CRL ID",NID_id_pkix_OCSP_CrlID,9,&(lvalues[2739]),0},
+ &(lvalues[2719]),0},
+{"Nonce","OCSP Nonce",NID_id_pkix_OCSP_Nonce,9,&(lvalues[2728]),0},
+{"CrlID","OCSP CRL ID",NID_id_pkix_OCSP_CrlID,9,&(lvalues[2737]),0},
{"acceptableResponses","Acceptable OCSP Responses",
- NID_id_pkix_OCSP_acceptableResponses,9,&(lvalues[2748]),0},
-{"noCheck","OCSP No Check",NID_id_pkix_OCSP_noCheck,9,&(lvalues[2757]),0},
+ NID_id_pkix_OCSP_acceptableResponses,9,&(lvalues[2746]),0},
+{"noCheck","OCSP No Check",NID_id_pkix_OCSP_noCheck,9,&(lvalues[2755]),0},
{"archiveCutoff","OCSP Archive Cutoff",NID_id_pkix_OCSP_archiveCutoff,
- 9,&(lvalues[2766]),0},
+ 9,&(lvalues[2764]),0},
{"serviceLocator","OCSP Service Locator",
- NID_id_pkix_OCSP_serviceLocator,9,&(lvalues[2775]),0},
+ NID_id_pkix_OCSP_serviceLocator,9,&(lvalues[2773]),0},
{"extendedStatus","Extended OCSP Status",
- NID_id_pkix_OCSP_extendedStatus,9,&(lvalues[2784]),0},
-{"valid","valid",NID_id_pkix_OCSP_valid,9,&(lvalues[2793]),0},
-{"path","path",NID_id_pkix_OCSP_path,9,&(lvalues[2802]),0},
+ NID_id_pkix_OCSP_extendedStatus,9,&(lvalues[2782]),0},
+{"valid","valid",NID_id_pkix_OCSP_valid,9,&(lvalues[2791]),0},
+{"path","path",NID_id_pkix_OCSP_path,9,&(lvalues[2800]),0},
{"trustRoot","Trust Root",NID_id_pkix_OCSP_trustRoot,9,
- &(lvalues[2811]),0},
-{"algorithm","algorithm",NID_algorithm,4,&(lvalues[2820]),0},
-{"rsaSignature","rsaSignature",NID_rsaSignature,5,&(lvalues[2824]),0},
+ &(lvalues[2809]),0},
+{"algorithm","algorithm",NID_algorithm,4,&(lvalues[2818]),0},
+{"rsaSignature","rsaSignature",NID_rsaSignature,5,&(lvalues[2822]),0},
{"X500algorithms","directory services - algorithms",
- NID_X500algorithms,2,&(lvalues[2829]),0},
-{"ORG","org",NID_org,1,&(lvalues[2831]),0},
-{"DOD","dod",NID_dod,2,&(lvalues[2832]),0},
-{"IANA","iana",NID_iana,3,&(lvalues[2834]),0},
-{"directory","Directory",NID_Directory,4,&(lvalues[2837]),0},
-{"mgmt","Management",NID_Management,4,&(lvalues[2841]),0},
-{"experimental","Experimental",NID_Experimental,4,&(lvalues[2845]),0},
-{"private","Private",NID_Private,4,&(lvalues[2849]),0},
-{"security","Security",NID_Security,4,&(lvalues[2853]),0},
-{"snmpv2","SNMPv2",NID_SNMPv2,4,&(lvalues[2857]),0},
-{"Mail","Mail",NID_Mail,4,&(lvalues[2861]),0},
-{"enterprises","Enterprises",NID_Enterprises,5,&(lvalues[2865]),0},
-{"dcobject","dcObject",NID_dcObject,9,&(lvalues[2870]),0},
-{"DC","domainComponent",NID_domainComponent,10,&(lvalues[2879]),0},
-{"domain","Domain",NID_Domain,10,&(lvalues[2889]),0},
-{"NULL","NULL",NID_joint_iso_ccitt,1,&(lvalues[2899]),0},
+ NID_X500algorithms,2,&(lvalues[2827]),0},
+{"ORG","org",NID_org,1,&(lvalues[2829]),0},
+{"DOD","dod",NID_dod,2,&(lvalues[2830]),0},
+{"IANA","iana",NID_iana,3,&(lvalues[2832]),0},
+{"directory","Directory",NID_Directory,4,&(lvalues[2835]),0},
+{"mgmt","Management",NID_Management,4,&(lvalues[2839]),0},
+{"experimental","Experimental",NID_Experimental,4,&(lvalues[2843]),0},
+{"private","Private",NID_Private,4,&(lvalues[2847]),0},
+{"security","Security",NID_Security,4,&(lvalues[2851]),0},
+{"snmpv2","SNMPv2",NID_SNMPv2,4,&(lvalues[2855]),0},
+{"Mail","Mail",NID_Mail,4,&(lvalues[2859]),0},
+{"enterprises","Enterprises",NID_Enterprises,5,&(lvalues[2863]),0},
+{"dcobject","dcObject",NID_dcObject,9,&(lvalues[2868]),0},
+{"DC","domainComponent",NID_domainComponent,10,&(lvalues[2877]),0},
+{"domain","Domain",NID_Domain,10,&(lvalues[2887]),0},
+{"NULL","NULL",NID_joint_iso_ccitt,0,NULL,0},
{"selected-attribute-types","Selected Attribute Types",
- NID_selected_attribute_types,3,&(lvalues[2900]),0},
-{"clearance","clearance",NID_clearance,4,&(lvalues[2903]),0},
+ NID_selected_attribute_types,3,&(lvalues[2897]),0},
+{"clearance","clearance",NID_clearance,4,&(lvalues[2900]),0},
{"RSA-MD4","md4WithRSAEncryption",NID_md4WithRSAEncryption,9,
- &(lvalues[2907]),0},
-{"ac-proxying","ac-proxying",NID_ac_proxying,8,&(lvalues[2916]),0},
+ &(lvalues[2904]),0},
+{"ac-proxying","ac-proxying",NID_ac_proxying,8,&(lvalues[2913]),0},
{"subjectInfoAccess","Subject Information Access",NID_sinfo_access,8,
- &(lvalues[2924]),0},
+ &(lvalues[2921]),0},
{"id-aca-encAttrs","id-aca-encAttrs",NID_id_aca_encAttrs,8,
- &(lvalues[2932]),0},
-{"role","role",NID_role,3,&(lvalues[2940]),0},
+ &(lvalues[2929]),0},
+{"role","role",NID_role,3,&(lvalues[2937]),0},
{"policyConstraints","X509v3 Policy Constraints",
- NID_policy_constraints,3,&(lvalues[2943]),0},
+ NID_policy_constraints,3,&(lvalues[2940]),0},
{"targetInformation","X509v3 AC Targeting",NID_target_information,3,
+ &(lvalues[2943]),0},
+{"noRevAvail","X509v3 No Revocation Available",NID_no_rev_avail,3,
&(lvalues[2946]),0},
-{"noRevAvail","X509v3 No Revocation Available",NID_no_rev_avail,3,
- &(lvalues[2949]),0},
-{"NULL","NULL",NID_ccitt,1,&(lvalues[2952]),0},
-{"ansi-X9-62","ANSI X9.62",NID_ansi_X9_62,5,&(lvalues[2953]),0},
-{"prime-field","prime-field",NID_X9_62_prime_field,7,&(lvalues[2958]),0},
+{"NULL","NULL",NID_ccitt,0,NULL,0},
+{"ansi-X9-62","ANSI X9.62",NID_ansi_X9_62,5,&(lvalues[2949]),0},
+{"prime-field","prime-field",NID_X9_62_prime_field,7,&(lvalues[2954]),0},
{"characteristic-two-field","characteristic-two-field",
- NID_X9_62_characteristic_two_field,7,&(lvalues[2965]),0},
+ NID_X9_62_characteristic_two_field,7,&(lvalues[2961]),0},
{"id-ecPublicKey","id-ecPublicKey",NID_X9_62_id_ecPublicKey,7,
- &(lvalues[2972]),0},
-{"prime192v1","prime192v1",NID_X9_62_prime192v1,8,&(lvalues[2979]),0},
-{"prime192v2","prime192v2",NID_X9_62_prime192v2,8,&(lvalues[2987]),0},
-{"prime192v3","prime192v3",NID_X9_62_prime192v3,8,&(lvalues[2995]),0},
-{"prime239v1","prime239v1",NID_X9_62_prime239v1,8,&(lvalues[3003]),0},
-{"prime239v2","prime239v2",NID_X9_62_prime239v2,8,&(lvalues[3011]),0},
-{"prime239v3","prime239v3",NID_X9_62_prime239v3,8,&(lvalues[3019]),0},
-{"prime256v1","prime256v1",NID_X9_62_prime256v1,8,&(lvalues[3027]),0},
+ &(lvalues[2968]),0},
+{"prime192v1","prime192v1",NID_X9_62_prime192v1,8,&(lvalues[2975]),0},
+{"prime192v2","prime192v2",NID_X9_62_prime192v2,8,&(lvalues[2983]),0},
+{"prime192v3","prime192v3",NID_X9_62_prime192v3,8,&(lvalues[2991]),0},
+{"prime239v1","prime239v1",NID_X9_62_prime239v1,8,&(lvalues[2999]),0},
+{"prime239v2","prime239v2",NID_X9_62_prime239v2,8,&(lvalues[3007]),0},
+{"prime239v3","prime239v3",NID_X9_62_prime239v3,8,&(lvalues[3015]),0},
+{"prime256v1","prime256v1",NID_X9_62_prime256v1,8,&(lvalues[3023]),0},
{"ecdsa-with-SHA1","ecdsa-with-SHA1",NID_ecdsa_with_SHA1,7,
- &(lvalues[3035]),0},
-{"CSPName","Microsoft CSP Name",NID_ms_csp_name,9,&(lvalues[3042]),0},
-{"AES-128-ECB","aes-128-ecb",NID_aes_128_ecb,9,&(lvalues[3051]),0},
-{"AES-128-CBC","aes-128-cbc",NID_aes_128_cbc,9,&(lvalues[3060]),0},
-{"AES-128-OFB","aes-128-ofb",NID_aes_128_ofb128,9,&(lvalues[3069]),0},
-{"AES-128-CFB","aes-128-cfb",NID_aes_128_cfb128,9,&(lvalues[3078]),0},
-{"AES-192-ECB","aes-192-ecb",NID_aes_192_ecb,9,&(lvalues[3087]),0},
-{"AES-192-CBC","aes-192-cbc",NID_aes_192_cbc,9,&(lvalues[3096]),0},
-{"AES-192-OFB","aes-192-ofb",NID_aes_192_ofb128,9,&(lvalues[3105]),0},
-{"AES-192-CFB","aes-192-cfb",NID_aes_192_cfb128,9,&(lvalues[3114]),0},
-{"AES-256-ECB","aes-256-ecb",NID_aes_256_ecb,9,&(lvalues[3123]),0},
-{"AES-256-CBC","aes-256-cbc",NID_aes_256_cbc,9,&(lvalues[3132]),0},
-{"AES-256-OFB","aes-256-ofb",NID_aes_256_ofb128,9,&(lvalues[3141]),0},
-{"AES-256-CFB","aes-256-cfb",NID_aes_256_cfb128,9,&(lvalues[3150]),0},
+ &(lvalues[3031]),0},
+{"CSPName","Microsoft CSP Name",NID_ms_csp_name,9,&(lvalues[3038]),0},
+{"AES-128-ECB","aes-128-ecb",NID_aes_128_ecb,9,&(lvalues[3047]),0},
+{"AES-128-CBC","aes-128-cbc",NID_aes_128_cbc,9,&(lvalues[3056]),0},
+{"AES-128-OFB","aes-128-ofb",NID_aes_128_ofb128,9,&(lvalues[3065]),0},
+{"AES-128-CFB","aes-128-cfb",NID_aes_128_cfb128,9,&(lvalues[3074]),0},
+{"AES-192-ECB","aes-192-ecb",NID_aes_192_ecb,9,&(lvalues[3083]),0},
+{"AES-192-CBC","aes-192-cbc",NID_aes_192_cbc,9,&(lvalues[3092]),0},
+{"AES-192-OFB","aes-192-ofb",NID_aes_192_ofb128,9,&(lvalues[3101]),0},
+{"AES-192-CFB","aes-192-cfb",NID_aes_192_cfb128,9,&(lvalues[3110]),0},
+{"AES-256-ECB","aes-256-ecb",NID_aes_256_ecb,9,&(lvalues[3119]),0},
+{"AES-256-CBC","aes-256-cbc",NID_aes_256_cbc,9,&(lvalues[3128]),0},
+{"AES-256-OFB","aes-256-ofb",NID_aes_256_ofb128,9,&(lvalues[3137]),0},
+{"AES-256-CFB","aes-256-cfb",NID_aes_256_cfb128,9,&(lvalues[3146]),0},
{"holdInstructionCode","Hold Instruction Code",
- NID_hold_instruction_code,3,&(lvalues[3159]),0},
+ NID_hold_instruction_code,3,&(lvalues[3155]),0},
{"holdInstructionNone","Hold Instruction None",
- NID_hold_instruction_none,7,&(lvalues[3162]),0},
+ NID_hold_instruction_none,7,&(lvalues[3158]),0},
{"holdInstructionCallIssuer","Hold Instruction Call Issuer",
- NID_hold_instruction_call_issuer,7,&(lvalues[3169]),0},
+ NID_hold_instruction_call_issuer,7,&(lvalues[3165]),0},
{"holdInstructionReject","Hold Instruction Reject",
- NID_hold_instruction_reject,7,&(lvalues[3176]),0},
-{"data","data",NID_data,1,&(lvalues[3183]),0},
-{"pss","pss",NID_pss,3,&(lvalues[3184]),0},
-{"ucl","ucl",NID_ucl,7,&(lvalues[3187]),0},
-{"pilot","pilot",NID_pilot,8,&(lvalues[3194]),0},
+ NID_hold_instruction_reject,7,&(lvalues[3172]),0},
+{"data","data",NID_data,1,&(lvalues[3179]),0},
+{"pss","pss",NID_pss,3,&(lvalues[3180]),0},
+{"ucl","ucl",NID_ucl,7,&(lvalues[3183]),0},
+{"pilot","pilot",NID_pilot,8,&(lvalues[3190]),0},
{"pilotAttributeType","pilotAttributeType",NID_pilotAttributeType,9,
- &(lvalues[3202]),0},
+ &(lvalues[3198]),0},
{"pilotAttributeSyntax","pilotAttributeSyntax",
- NID_pilotAttributeSyntax,9,&(lvalues[3211]),0},
+ NID_pilotAttributeSyntax,9,&(lvalues[3207]),0},
{"pilotObjectClass","pilotObjectClass",NID_pilotObjectClass,9,
- &(lvalues[3220]),0},
-{"pilotGroups","pilotGroups",NID_pilotGroups,9,&(lvalues[3229]),0},
+ &(lvalues[3216]),0},
+{"pilotGroups","pilotGroups",NID_pilotGroups,9,&(lvalues[3225]),0},
{"iA5StringSyntax","iA5StringSyntax",NID_iA5StringSyntax,10,
- &(lvalues[3238]),0},
+ &(lvalues[3234]),0},
{"caseIgnoreIA5StringSyntax","caseIgnoreIA5StringSyntax",
- NID_caseIgnoreIA5StringSyntax,10,&(lvalues[3248]),0},
-{"pilotObject","pilotObject",NID_pilotObject,10,&(lvalues[3258]),0},
-{"pilotPerson","pilotPerson",NID_pilotPerson,10,&(lvalues[3268]),0},
-{"account","account",NID_account,10,&(lvalues[3278]),0},
-{"document","document",NID_document,10,&(lvalues[3288]),0},
-{"room","room",NID_room,10,&(lvalues[3298]),0},
+ NID_caseIgnoreIA5StringSyntax,10,&(lvalues[3244]),0},
+{"pilotObject","pilotObject",NID_pilotObject,10,&(lvalues[3254]),0},
+{"pilotPerson","pilotPerson",NID_pilotPerson,10,&(lvalues[3264]),0},
+{"account","account",NID_account,10,&(lvalues[3274]),0},
+{"document","document",NID_document,10,&(lvalues[3284]),0},
+{"room","room",NID_room,10,&(lvalues[3294]),0},
{"documentSeries","documentSeries",NID_documentSeries,10,
- &(lvalues[3308]),0},
+ &(lvalues[3304]),0},
{"rFC822localPart","rFC822localPart",NID_rFC822localPart,10,
- &(lvalues[3318]),0},
-{"dNSDomain","dNSDomain",NID_dNSDomain,10,&(lvalues[3328]),0},
+ &(lvalues[3314]),0},
+{"dNSDomain","dNSDomain",NID_dNSDomain,10,&(lvalues[3324]),0},
{"domainRelatedObject","domainRelatedObject",NID_domainRelatedObject,
- 10,&(lvalues[3338]),0},
+ 10,&(lvalues[3334]),0},
{"friendlyCountry","friendlyCountry",NID_friendlyCountry,10,
- &(lvalues[3348]),0},
+ &(lvalues[3344]),0},
{"simpleSecurityObject","simpleSecurityObject",
- NID_simpleSecurityObject,10,&(lvalues[3358]),0},
+ NID_simpleSecurityObject,10,&(lvalues[3354]),0},
{"pilotOrganization","pilotOrganization",NID_pilotOrganization,10,
- &(lvalues[3368]),0},
-{"pilotDSA","pilotDSA",NID_pilotDSA,10,&(lvalues[3378]),0},
+ &(lvalues[3364]),0},
+{"pilotDSA","pilotDSA",NID_pilotDSA,10,&(lvalues[3374]),0},
{"qualityLabelledData","qualityLabelledData",NID_qualityLabelledData,
- 10,&(lvalues[3388]),0},
-{"UID","userId",NID_userId,10,&(lvalues[3398]),0},
+ 10,&(lvalues[3384]),0},
+{"UID","userId",NID_userId,10,&(lvalues[3394]),0},
{"textEncodedORAddress","textEncodedORAddress",
- NID_textEncodedORAddress,10,&(lvalues[3408]),0},
-{"mail","rfc822Mailbox",NID_rfc822Mailbox,10,&(lvalues[3418]),0},
-{"info","info",NID_info,10,&(lvalues[3428]),0},
+ NID_textEncodedORAddress,10,&(lvalues[3404]),0},
+{"mail","rfc822Mailbox",NID_rfc822Mailbox,10,&(lvalues[3414]),0},
+{"info","info",NID_info,10,&(lvalues[3424]),0},
{"favouriteDrink","favouriteDrink",NID_favouriteDrink,10,
- &(lvalues[3438]),0},
-{"roomNumber","roomNumber",NID_roomNumber,10,&(lvalues[3448]),0},
-{"photo","photo",NID_photo,10,&(lvalues[3458]),0},
-{"userClass","userClass",NID_userClass,10,&(lvalues[3468]),0},
-{"host","host",NID_host,10,&(lvalues[3478]),0},
-{"manager","manager",NID_manager,10,&(lvalues[3488]),0},
+ &(lvalues[3434]),0},
+{"roomNumber","roomNumber",NID_roomNumber,10,&(lvalues[3444]),0},
+{"photo","photo",NID_photo,10,&(lvalues[3454]),0},
+{"userClass","userClass",NID_userClass,10,&(lvalues[3464]),0},
+{"host","host",NID_host,10,&(lvalues[3474]),0},
+{"manager","manager",NID_manager,10,&(lvalues[3484]),0},
{"documentIdentifier","documentIdentifier",NID_documentIdentifier,10,
- &(lvalues[3498]),0},
-{"documentTitle","documentTitle",NID_documentTitle,10,&(lvalues[3508]),0},
+ &(lvalues[3494]),0},
+{"documentTitle","documentTitle",NID_documentTitle,10,&(lvalues[3504]),0},
{"documentVersion","documentVersion",NID_documentVersion,10,
- &(lvalues[3518]),0},
+ &(lvalues[3514]),0},
{"documentAuthor","documentAuthor",NID_documentAuthor,10,
- &(lvalues[3528]),0},
+ &(lvalues[3524]),0},
{"documentLocation","documentLocation",NID_documentLocation,10,
- &(lvalues[3538]),0},
+ &(lvalues[3534]),0},
{"homeTelephoneNumber","homeTelephoneNumber",NID_homeTelephoneNumber,
- 10,&(lvalues[3548]),0},
-{"secretary","secretary",NID_secretary,10,&(lvalues[3558]),0},
-{"otherMailbox","otherMailbox",NID_otherMailbox,10,&(lvalues[3568]),0},
+ 10,&(lvalues[3544]),0},
+{"secretary","secretary",NID_secretary,10,&(lvalues[3554]),0},
+{"otherMailbox","otherMailbox",NID_otherMailbox,10,&(lvalues[3564]),0},
{"lastModifiedTime","lastModifiedTime",NID_lastModifiedTime,10,
- &(lvalues[3578]),0},
+ &(lvalues[3574]),0},
{"lastModifiedBy","lastModifiedBy",NID_lastModifiedBy,10,
- &(lvalues[3588]),0},
-{"aRecord","aRecord",NID_aRecord,10,&(lvalues[3598]),0},
+ &(lvalues[3584]),0},
+{"aRecord","aRecord",NID_aRecord,10,&(lvalues[3594]),0},
{"pilotAttributeType27","pilotAttributeType27",
- NID_pilotAttributeType27,10,&(lvalues[3608]),0},
-{"mXRecord","mXRecord",NID_mXRecord,10,&(lvalues[3618]),0},
-{"nSRecord","nSRecord",NID_nSRecord,10,&(lvalues[3628]),0},
-{"sOARecord","sOARecord",NID_sOARecord,10,&(lvalues[3638]),0},
-{"cNAMERecord","cNAMERecord",NID_cNAMERecord,10,&(lvalues[3648]),0},
+ NID_pilotAttributeType27,10,&(lvalues[3604]),0},
+{"mXRecord","mXRecord",NID_mXRecord,10,&(lvalues[3614]),0},
+{"nSRecord","nSRecord",NID_nSRecord,10,&(lvalues[3624]),0},
+{"sOARecord","sOARecord",NID_sOARecord,10,&(lvalues[3634]),0},
+{"cNAMERecord","cNAMERecord",NID_cNAMERecord,10,&(lvalues[3644]),0},
{"associatedDomain","associatedDomain",NID_associatedDomain,10,
- &(lvalues[3658]),0},
+ &(lvalues[3654]),0},
{"associatedName","associatedName",NID_associatedName,10,
- &(lvalues[3668]),0},
+ &(lvalues[3664]),0},
{"homePostalAddress","homePostalAddress",NID_homePostalAddress,10,
- &(lvalues[3678]),0},
-{"personalTitle","personalTitle",NID_personalTitle,10,&(lvalues[3688]),0},
+ &(lvalues[3674]),0},
+{"personalTitle","personalTitle",NID_personalTitle,10,&(lvalues[3684]),0},
{"mobileTelephoneNumber","mobileTelephoneNumber",
- NID_mobileTelephoneNumber,10,&(lvalues[3698]),0},
+ NID_mobileTelephoneNumber,10,&(lvalues[3694]),0},
{"pagerTelephoneNumber","pagerTelephoneNumber",
- NID_pagerTelephoneNumber,10,&(lvalues[3708]),0},
+ NID_pagerTelephoneNumber,10,&(lvalues[3704]),0},
{"friendlyCountryName","friendlyCountryName",NID_friendlyCountryName,
- 10,&(lvalues[3718]),0},
+ 10,&(lvalues[3714]),0},
{"organizationalStatus","organizationalStatus",
- NID_organizationalStatus,10,&(lvalues[3728]),0},
-{"janetMailbox","janetMailbox",NID_janetMailbox,10,&(lvalues[3738]),0},
+ NID_organizationalStatus,10,&(lvalues[3724]),0},
+{"janetMailbox","janetMailbox",NID_janetMailbox,10,&(lvalues[3734]),0},
{"mailPreferenceOption","mailPreferenceOption",
- NID_mailPreferenceOption,10,&(lvalues[3748]),0},
-{"buildingName","buildingName",NID_buildingName,10,&(lvalues[3758]),0},
-{"dSAQuality","dSAQuality",NID_dSAQuality,10,&(lvalues[3768]),0},
+ NID_mailPreferenceOption,10,&(lvalues[3744]),0},
+{"buildingName","buildingName",NID_buildingName,10,&(lvalues[3754]),0},
+{"dSAQuality","dSAQuality",NID_dSAQuality,10,&(lvalues[3764]),0},
{"singleLevelQuality","singleLevelQuality",NID_singleLevelQuality,10,
- &(lvalues[3778]),0},
+ &(lvalues[3774]),0},
{"subtreeMinimumQuality","subtreeMinimumQuality",
- NID_subtreeMinimumQuality,10,&(lvalues[3788]),0},
+ NID_subtreeMinimumQuality,10,&(lvalues[3784]),0},
{"subtreeMaximumQuality","subtreeMaximumQuality",
- NID_subtreeMaximumQuality,10,&(lvalues[3798]),0},
+ NID_subtreeMaximumQuality,10,&(lvalues[3794]),0},
{"personalSignature","personalSignature",NID_personalSignature,10,
- &(lvalues[3808]),0},
-{"dITRedirect","dITRedirect",NID_dITRedirect,10,&(lvalues[3818]),0},
-{"audio","audio",NID_audio,10,&(lvalues[3828]),0},
+ &(lvalues[3804]),0},
+{"dITRedirect","dITRedirect",NID_dITRedirect,10,&(lvalues[3814]),0},
+{"audio","audio",NID_audio,10,&(lvalues[3824]),0},
{"documentPublisher","documentPublisher",NID_documentPublisher,10,
- &(lvalues[3838]),0},
+ &(lvalues[3834]),0},
{"x500UniqueIdentifier","x500UniqueIdentifier",
- NID_x500UniqueIdentifier,3,&(lvalues[3848]),0},
-{"mime-mhs","MIME MHS",NID_mime_mhs,5,&(lvalues[3851]),0},
+ NID_x500UniqueIdentifier,3,&(lvalues[3844]),0},
+{"mime-mhs","MIME MHS",NID_mime_mhs,5,&(lvalues[3847]),0},
{"mime-mhs-headings","mime-mhs-headings",NID_mime_mhs_headings,6,
- &(lvalues[3856]),0},
+ &(lvalues[3852]),0},
{"mime-mhs-bodies","mime-mhs-bodies",NID_mime_mhs_bodies,6,
- &(lvalues[3862]),0},
+ &(lvalues[3858]),0},
{"id-hex-partial-message","id-hex-partial-message",
- NID_id_hex_partial_message,7,&(lvalues[3868]),0},
+ NID_id_hex_partial_message,7,&(lvalues[3864]),0},
{"id-hex-multipart-message","id-hex-multipart-message",
- NID_id_hex_multipart_message,7,&(lvalues[3875]),0},
+ NID_id_hex_multipart_message,7,&(lvalues[3871]),0},
{"generationQualifier","generationQualifier",NID_generationQualifier,
- 3,&(lvalues[3882]),0},
-{"pseudonym","pseudonym",NID_pseudonym,3,&(lvalues[3885]),0},
+ 3,&(lvalues[3878]),0},
+{"pseudonym","pseudonym",NID_pseudonym,3,&(lvalues[3881]),0},
{NULL,NULL,NID_undef,0,NULL,0},
{"id-set","Secure Electronic Transactions",NID_id_set,2,
- &(lvalues[3888]),0},
-{"set-ctype","content types",NID_set_ctype,3,&(lvalues[3890]),0},
-{"set-msgExt","message extensions",NID_set_msgExt,3,&(lvalues[3893]),0},
-{"set-attr","set-attr",NID_set_attr,3,&(lvalues[3896]),0},
-{"set-policy","set-policy",NID_set_policy,3,&(lvalues[3899]),0},
+ &(lvalues[3884]),0},
+{"set-ctype","content types",NID_set_ctype,3,&(lvalues[3886]),0},
+{"set-msgExt","message extensions",NID_set_msgExt,3,&(lvalues[3889]),0},
+{"set-attr","set-attr",NID_set_attr,3,&(lvalues[3892]),0},
+{"set-policy","set-policy",NID_set_policy,3,&(lvalues[3895]),0},
{"set-certExt","certificate extensions",NID_set_certExt,3,
- &(lvalues[3902]),0},
-{"set-brand","set-brand",NID_set_brand,3,&(lvalues[3905]),0},
-{"setct-PANData","setct-PANData",NID_setct_PANData,4,&(lvalues[3908]),0},
+ &(lvalues[3898]),0},
+{"set-brand","set-brand",NID_set_brand,3,&(lvalues[3901]),0},
+{"setct-PANData","setct-PANData",NID_setct_PANData,4,&(lvalues[3904]),0},
{"setct-PANToken","setct-PANToken",NID_setct_PANToken,4,
- &(lvalues[3912]),0},
-{"setct-PANOnly","setct-PANOnly",NID_setct_PANOnly,4,&(lvalues[3916]),0},
-{"setct-OIData","setct-OIData",NID_setct_OIData,4,&(lvalues[3920]),0},
-{"setct-PI","setct-PI",NID_setct_PI,4,&(lvalues[3924]),0},
-{"setct-PIData","setct-PIData",NID_setct_PIData,4,&(lvalues[3928]),0},
+ &(lvalues[3908]),0},
+{"setct-PANOnly","setct-PANOnly",NID_setct_PANOnly,4,&(lvalues[3912]),0},
+{"setct-OIData","setct-OIData",NID_setct_OIData,4,&(lvalues[3916]),0},
+{"setct-PI","setct-PI",NID_setct_PI,4,&(lvalues[3920]),0},
+{"setct-PIData","setct-PIData",NID_setct_PIData,4,&(lvalues[3924]),0},
{"setct-PIDataUnsigned","setct-PIDataUnsigned",
- NID_setct_PIDataUnsigned,4,&(lvalues[3932]),0},
+ NID_setct_PIDataUnsigned,4,&(lvalues[3928]),0},
{"setct-HODInput","setct-HODInput",NID_setct_HODInput,4,
- &(lvalues[3936]),0},
+ &(lvalues[3932]),0},
{"setct-AuthResBaggage","setct-AuthResBaggage",
- NID_setct_AuthResBaggage,4,&(lvalues[3940]),0},
+ NID_setct_AuthResBaggage,4,&(lvalues[3936]),0},
{"setct-AuthRevReqBaggage","setct-AuthRevReqBaggage",
- NID_setct_AuthRevReqBaggage,4,&(lvalues[3944]),0},
+ NID_setct_AuthRevReqBaggage,4,&(lvalues[3940]),0},
{"setct-AuthRevResBaggage","setct-AuthRevResBaggage",
- NID_setct_AuthRevResBaggage,4,&(lvalues[3948]),0},
+ NID_setct_AuthRevResBaggage,4,&(lvalues[3944]),0},
{"setct-CapTokenSeq","setct-CapTokenSeq",NID_setct_CapTokenSeq,4,
+ &(lvalues[3948]),0},
+{"setct-PInitResData","setct-PInitResData",NID_setct_PInitResData,4,
&(lvalues[3952]),0},
-{"setct-PInitResData","setct-PInitResData",NID_setct_PInitResData,4,
- &(lvalues[3956]),0},
-{"setct-PI-TBS","setct-PI-TBS",NID_setct_PI_TBS,4,&(lvalues[3960]),0},
+{"setct-PI-TBS","setct-PI-TBS",NID_setct_PI_TBS,4,&(lvalues[3956]),0},
{"setct-PResData","setct-PResData",NID_setct_PResData,4,
+ &(lvalues[3960]),0},
+{"setct-AuthReqTBS","setct-AuthReqTBS",NID_setct_AuthReqTBS,4,
&(lvalues[3964]),0},
-{"setct-AuthReqTBS","setct-AuthReqTBS",NID_setct_AuthReqTBS,4,
+{"setct-AuthResTBS","setct-AuthResTBS",NID_setct_AuthResTBS,4,
&(lvalues[3968]),0},
-{"setct-AuthResTBS","setct-AuthResTBS",NID_setct_AuthResTBS,4,
+{"setct-AuthResTBSX","setct-AuthResTBSX",NID_setct_AuthResTBSX,4,
&(lvalues[3972]),0},
-{"setct-AuthResTBSX","setct-AuthResTBSX",NID_setct_AuthResTBSX,4,
+{"setct-AuthTokenTBS","setct-AuthTokenTBS",NID_setct_AuthTokenTBS,4,
&(lvalues[3976]),0},
-{"setct-AuthTokenTBS","setct-AuthTokenTBS",NID_setct_AuthTokenTBS,4,
+{"setct-CapTokenData","setct-CapTokenData",NID_setct_CapTokenData,4,
&(lvalues[3980]),0},
-{"setct-CapTokenData","setct-CapTokenData",NID_setct_CapTokenData,4,
+{"setct-CapTokenTBS","setct-CapTokenTBS",NID_setct_CapTokenTBS,4,
&(lvalues[3984]),0},
-{"setct-CapTokenTBS","setct-CapTokenTBS",NID_setct_CapTokenTBS,4,
- &(lvalues[3988]),0},
{"setct-AcqCardCodeMsg","setct-AcqCardCodeMsg",
- NID_setct_AcqCardCodeMsg,4,&(lvalues[3992]),0},
+ NID_setct_AcqCardCodeMsg,4,&(lvalues[3988]),0},
{"setct-AuthRevReqTBS","setct-AuthRevReqTBS",NID_setct_AuthRevReqTBS,
- 4,&(lvalues[3996]),0},
+ 4,&(lvalues[3992]),0},
{"setct-AuthRevResData","setct-AuthRevResData",
- NID_setct_AuthRevResData,4,&(lvalues[4000]),0},
+ NID_setct_AuthRevResData,4,&(lvalues[3996]),0},
{"setct-AuthRevResTBS","setct-AuthRevResTBS",NID_setct_AuthRevResTBS,
- 4,&(lvalues[4004]),0},
+ 4,&(lvalues[4000]),0},
{"setct-CapReqTBS","setct-CapReqTBS",NID_setct_CapReqTBS,4,
+ &(lvalues[4004]),0},
+{"setct-CapReqTBSX","setct-CapReqTBSX",NID_setct_CapReqTBSX,4,
&(lvalues[4008]),0},
-{"setct-CapReqTBSX","setct-CapReqTBSX",NID_setct_CapReqTBSX,4,
+{"setct-CapResData","setct-CapResData",NID_setct_CapResData,4,
&(lvalues[4012]),0},
-{"setct-CapResData","setct-CapResData",NID_setct_CapResData,4,
+{"setct-CapRevReqTBS","setct-CapRevReqTBS",NID_setct_CapRevReqTBS,4,
&(lvalues[4016]),0},
-{"setct-CapRevReqTBS","setct-CapRevReqTBS",NID_setct_CapRevReqTBS,4,
- &(lvalues[4020]),0},
{"setct-CapRevReqTBSX","setct-CapRevReqTBSX",NID_setct_CapRevReqTBSX,
+ 4,&(lvalues[4020]),0},
+{"setct-CapRevResData","setct-CapRevResData",NID_setct_CapRevResData,
4,&(lvalues[4024]),0},
-{"setct-CapRevResData","setct-CapRevResData",NID_setct_CapRevResData,
- 4,&(lvalues[4028]),0},
{"setct-CredReqTBS","setct-CredReqTBS",NID_setct_CredReqTBS,4,
+ &(lvalues[4028]),0},
+{"setct-CredReqTBSX","setct-CredReqTBSX",NID_setct_CredReqTBSX,4,
&(lvalues[4032]),0},
-{"setct-CredReqTBSX","setct-CredReqTBSX",NID_setct_CredReqTBSX,4,
+{"setct-CredResData","setct-CredResData",NID_setct_CredResData,4,
&(lvalues[4036]),0},
-{"setct-CredResData","setct-CredResData",NID_setct_CredResData,4,
- &(lvalues[4040]),0},
{"setct-CredRevReqTBS","setct-CredRevReqTBS",NID_setct_CredRevReqTBS,
- 4,&(lvalues[4044]),0},
+ 4,&(lvalues[4040]),0},
{"setct-CredRevReqTBSX","setct-CredRevReqTBSX",
- NID_setct_CredRevReqTBSX,4,&(lvalues[4048]),0},
+ NID_setct_CredRevReqTBSX,4,&(lvalues[4044]),0},
{"setct-CredRevResData","setct-CredRevResData",
- NID_setct_CredRevResData,4,&(lvalues[4052]),0},
+ NID_setct_CredRevResData,4,&(lvalues[4048]),0},
{"setct-PCertReqData","setct-PCertReqData",NID_setct_PCertReqData,4,
+ &(lvalues[4052]),0},
+{"setct-PCertResTBS","setct-PCertResTBS",NID_setct_PCertResTBS,4,
&(lvalues[4056]),0},
-{"setct-PCertResTBS","setct-PCertResTBS",NID_setct_PCertResTBS,4,
- &(lvalues[4060]),0},
{"setct-BatchAdminReqData","setct-BatchAdminReqData",
- NID_setct_BatchAdminReqData,4,&(lvalues[4064]),0},
+ NID_setct_BatchAdminReqData,4,&(lvalues[4060]),0},
{"setct-BatchAdminResData","setct-BatchAdminResData",
- NID_setct_BatchAdminResData,4,&(lvalues[4068]),0},
+ NID_setct_BatchAdminResData,4,&(lvalues[4064]),0},
{"setct-CardCInitResTBS","setct-CardCInitResTBS",
- NID_setct_CardCInitResTBS,4,&(lvalues[4072]),0},
+ NID_setct_CardCInitResTBS,4,&(lvalues[4068]),0},
{"setct-MeAqCInitResTBS","setct-MeAqCInitResTBS",
- NID_setct_MeAqCInitResTBS,4,&(lvalues[4076]),0},
+ NID_setct_MeAqCInitResTBS,4,&(lvalues[4072]),0},
{"setct-RegFormResTBS","setct-RegFormResTBS",NID_setct_RegFormResTBS,
- 4,&(lvalues[4080]),0},
+ 4,&(lvalues[4076]),0},
{"setct-CertReqData","setct-CertReqData",NID_setct_CertReqData,4,
+ &(lvalues[4080]),0},
+{"setct-CertReqTBS","setct-CertReqTBS",NID_setct_CertReqTBS,4,
&(lvalues[4084]),0},
-{"setct-CertReqTBS","setct-CertReqTBS",NID_setct_CertReqTBS,4,
+{"setct-CertResData","setct-CertResData",NID_setct_CertResData,4,
&(lvalues[4088]),0},
-{"setct-CertResData","setct-CertResData",NID_setct_CertResData,4,
- &(lvalues[4092]),0},
{"setct-CertInqReqTBS","setct-CertInqReqTBS",NID_setct_CertInqReqTBS,
- 4,&(lvalues[4096]),0},
+ 4,&(lvalues[4092]),0},
{"setct-ErrorTBS","setct-ErrorTBS",NID_setct_ErrorTBS,4,
- &(lvalues[4100]),0},
+ &(lvalues[4096]),0},
{"setct-PIDualSignedTBE","setct-PIDualSignedTBE",
- NID_setct_PIDualSignedTBE,4,&(lvalues[4104]),0},
+ NID_setct_PIDualSignedTBE,4,&(lvalues[4100]),0},
{"setct-PIUnsignedTBE","setct-PIUnsignedTBE",NID_setct_PIUnsignedTBE,
- 4,&(lvalues[4108]),0},
+ 4,&(lvalues[4104]),0},
{"setct-AuthReqTBE","setct-AuthReqTBE",NID_setct_AuthReqTBE,4,
+ &(lvalues[4108]),0},
+{"setct-AuthResTBE","setct-AuthResTBE",NID_setct_AuthResTBE,4,
&(lvalues[4112]),0},
-{"setct-AuthResTBE","setct-AuthResTBE",NID_setct_AuthResTBE,4,
+{"setct-AuthResTBEX","setct-AuthResTBEX",NID_setct_AuthResTBEX,4,
&(lvalues[4116]),0},
-{"setct-AuthResTBEX","setct-AuthResTBEX",NID_setct_AuthResTBEX,4,
+{"setct-AuthTokenTBE","setct-AuthTokenTBE",NID_setct_AuthTokenTBE,4,
&(lvalues[4120]),0},
-{"setct-AuthTokenTBE","setct-AuthTokenTBE",NID_setct_AuthTokenTBE,4,
+{"setct-CapTokenTBE","setct-CapTokenTBE",NID_setct_CapTokenTBE,4,
&(lvalues[4124]),0},
-{"setct-CapTokenTBE","setct-CapTokenTBE",NID_setct_CapTokenTBE,4,
+{"setct-CapTokenTBEX","setct-CapTokenTBEX",NID_setct_CapTokenTBEX,4,
&(lvalues[4128]),0},
-{"setct-CapTokenTBEX","setct-CapTokenTBEX",NID_setct_CapTokenTBEX,4,
- &(lvalues[4132]),0},
{"setct-AcqCardCodeMsgTBE","setct-AcqCardCodeMsgTBE",
- NID_setct_AcqCardCodeMsgTBE,4,&(lvalues[4136]),0},
+ NID_setct_AcqCardCodeMsgTBE,4,&(lvalues[4132]),0},
{"setct-AuthRevReqTBE","setct-AuthRevReqTBE",NID_setct_AuthRevReqTBE,
+ 4,&(lvalues[4136]),0},
+{"setct-AuthRevResTBE","setct-AuthRevResTBE",NID_setct_AuthRevResTBE,
4,&(lvalues[4140]),0},
-{"setct-AuthRevResTBE","setct-AuthRevResTBE",NID_setct_AuthRevResTBE,
- 4,&(lvalues[4144]),0},
{"setct-AuthRevResTBEB","setct-AuthRevResTBEB",
- NID_setct_AuthRevResTBEB,4,&(lvalues[4148]),0},
+ NID_setct_AuthRevResTBEB,4,&(lvalues[4144]),0},
{"setct-CapReqTBE","setct-CapReqTBE",NID_setct_CapReqTBE,4,
+ &(lvalues[4148]),0},
+{"setct-CapReqTBEX","setct-CapReqTBEX",NID_setct_CapReqTBEX,4,
&(lvalues[4152]),0},
-{"setct-CapReqTBEX","setct-CapReqTBEX",NID_setct_CapReqTBEX,4,
+{"setct-CapResTBE","setct-CapResTBE",NID_setct_CapResTBE,4,
&(lvalues[4156]),0},
-{"setct-CapResTBE","setct-CapResTBE",NID_setct_CapResTBE,4,
+{"setct-CapRevReqTBE","setct-CapRevReqTBE",NID_setct_CapRevReqTBE,4,
&(lvalues[4160]),0},
-{"setct-CapRevReqTBE","setct-CapRevReqTBE",NID_setct_CapRevReqTBE,4,
- &(lvalues[4164]),0},
{"setct-CapRevReqTBEX","setct-CapRevReqTBEX",NID_setct_CapRevReqTBEX,
- 4,&(lvalues[4168]),0},
+ 4,&(lvalues[4164]),0},
{"setct-CapRevResTBE","setct-CapRevResTBE",NID_setct_CapRevResTBE,4,
+ &(lvalues[4168]),0},
+{"setct-CredReqTBE","setct-CredReqTBE",NID_setct_CredReqTBE,4,
&(lvalues[4172]),0},
-{"setct-CredReqTBE","setct-CredReqTBE",NID_setct_CredReqTBE,4,
+{"setct-CredReqTBEX","setct-CredReqTBEX",NID_setct_CredReqTBEX,4,
&(lvalues[4176]),0},
-{"setct-CredReqTBEX","setct-CredReqTBEX",NID_setct_CredReqTBEX,4,
+{"setct-CredResTBE","setct-CredResTBE",NID_setct_CredResTBE,4,
&(lvalues[4180]),0},
-{"setct-CredResTBE","setct-CredResTBE",NID_setct_CredResTBE,4,
- &(lvalues[4184]),0},
{"setct-CredRevReqTBE","setct-CredRevReqTBE",NID_setct_CredRevReqTBE,
- 4,&(lvalues[4188]),0},
+ 4,&(lvalues[4184]),0},
{"setct-CredRevReqTBEX","setct-CredRevReqTBEX",
- NID_setct_CredRevReqTBEX,4,&(lvalues[4192]),0},
+ NID_setct_CredRevReqTBEX,4,&(lvalues[4188]),0},
{"setct-CredRevResTBE","setct-CredRevResTBE",NID_setct_CredRevResTBE,
- 4,&(lvalues[4196]),0},
+ 4,&(lvalues[4192]),0},
{"setct-BatchAdminReqTBE","setct-BatchAdminReqTBE",
- NID_setct_BatchAdminReqTBE,4,&(lvalues[4200]),0},
+ NID_setct_BatchAdminReqTBE,4,&(lvalues[4196]),0},
{"setct-BatchAdminResTBE","setct-BatchAdminResTBE",
- NID_setct_BatchAdminResTBE,4,&(lvalues[4204]),0},
+ NID_setct_BatchAdminResTBE,4,&(lvalues[4200]),0},
{"setct-RegFormReqTBE","setct-RegFormReqTBE",NID_setct_RegFormReqTBE,
- 4,&(lvalues[4208]),0},
+ 4,&(lvalues[4204]),0},
{"setct-CertReqTBE","setct-CertReqTBE",NID_setct_CertReqTBE,4,
+ &(lvalues[4208]),0},
+{"setct-CertReqTBEX","setct-CertReqTBEX",NID_setct_CertReqTBEX,4,
&(lvalues[4212]),0},
-{"setct-CertReqTBEX","setct-CertReqTBEX",NID_setct_CertReqTBEX,4,
+{"setct-CertResTBE","setct-CertResTBE",NID_setct_CertResTBE,4,
&(lvalues[4216]),0},
-{"setct-CertResTBE","setct-CertResTBE",NID_setct_CertResTBE,4,
- &(lvalues[4220]),0},
{"setct-CRLNotificationTBS","setct-CRLNotificationTBS",
- NID_setct_CRLNotificationTBS,4,&(lvalues[4224]),0},
+ NID_setct_CRLNotificationTBS,4,&(lvalues[4220]),0},
{"setct-CRLNotificationResTBS","setct-CRLNotificationResTBS",
- NID_setct_CRLNotificationResTBS,4,&(lvalues[4228]),0},
+ NID_setct_CRLNotificationResTBS,4,&(lvalues[4224]),0},
{"setct-BCIDistributionTBS","setct-BCIDistributionTBS",
- NID_setct_BCIDistributionTBS,4,&(lvalues[4232]),0},
+ NID_setct_BCIDistributionTBS,4,&(lvalues[4228]),0},
{"setext-genCrypt","generic cryptogram",NID_setext_genCrypt,4,
+ &(lvalues[4232]),0},
+{"setext-miAuth","merchant initiated auth",NID_setext_miAuth,4,
&(lvalues[4236]),0},
-{"setext-miAuth","merchant initiated auth",NID_setext_miAuth,4,
+{"setext-pinSecure","setext-pinSecure",NID_setext_pinSecure,4,
&(lvalues[4240]),0},
-{"setext-pinSecure","setext-pinSecure",NID_setext_pinSecure,4,
- &(lvalues[4244]),0},
-{"setext-pinAny","setext-pinAny",NID_setext_pinAny,4,&(lvalues[4248]),0},
-{"setext-track2","setext-track2",NID_setext_track2,4,&(lvalues[4252]),0},
+{"setext-pinAny","setext-pinAny",NID_setext_pinAny,4,&(lvalues[4244]),0},
+{"setext-track2","setext-track2",NID_setext_track2,4,&(lvalues[4248]),0},
{"setext-cv","additional verification",NID_setext_cv,4,
+ &(lvalues[4252]),0},
+{"set-policy-root","set-policy-root",NID_set_policy_root,4,
&(lvalues[4256]),0},
-{"set-policy-root","set-policy-root",NID_set_policy_root,4,
+{"setCext-hashedRoot","setCext-hashedRoot",NID_setCext_hashedRoot,4,
&(lvalues[4260]),0},
-{"setCext-hashedRoot","setCext-hashedRoot",NID_setCext_hashedRoot,4,
+{"setCext-certType","setCext-certType",NID_setCext_certType,4,
&(lvalues[4264]),0},
-{"setCext-certType","setCext-certType",NID_setCext_certType,4,
+{"setCext-merchData","setCext-merchData",NID_setCext_merchData,4,
&(lvalues[4268]),0},
-{"setCext-merchData","setCext-merchData",NID_setCext_merchData,4,
- &(lvalues[4272]),0},
{"setCext-cCertRequired","setCext-cCertRequired",
- NID_setCext_cCertRequired,4,&(lvalues[4276]),0},
+ NID_setCext_cCertRequired,4,&(lvalues[4272]),0},
{"setCext-tunneling","setCext-tunneling",NID_setCext_tunneling,4,
+ &(lvalues[4276]),0},
+{"setCext-setExt","setCext-setExt",NID_setCext_setExt,4,
&(lvalues[4280]),0},
-{"setCext-setExt","setCext-setExt",NID_setCext_setExt,4,
+{"setCext-setQualf","setCext-setQualf",NID_setCext_setQualf,4,
&(lvalues[4284]),0},
-{"setCext-setQualf","setCext-setQualf",NID_setCext_setQualf,4,
- &(lvalues[4288]),0},
{"setCext-PGWYcapabilities","setCext-PGWYcapabilities",
- NID_setCext_PGWYcapabilities,4,&(lvalues[4292]),0},
+ NID_setCext_PGWYcapabilities,4,&(lvalues[4288]),0},
{"setCext-TokenIdentifier","setCext-TokenIdentifier",
- NID_setCext_TokenIdentifier,4,&(lvalues[4296]),0},
+ NID_setCext_TokenIdentifier,4,&(lvalues[4292]),0},
{"setCext-Track2Data","setCext-Track2Data",NID_setCext_Track2Data,4,
+ &(lvalues[4296]),0},
+{"setCext-TokenType","setCext-TokenType",NID_setCext_TokenType,4,
&(lvalues[4300]),0},
-{"setCext-TokenType","setCext-TokenType",NID_setCext_TokenType,4,
- &(lvalues[4304]),0},
{"setCext-IssuerCapabilities","setCext-IssuerCapabilities",
- NID_setCext_IssuerCapabilities,4,&(lvalues[4308]),0},
-{"setAttr-Cert","setAttr-Cert",NID_setAttr_Cert,4,&(lvalues[4312]),0},
+ NID_setCext_IssuerCapabilities,4,&(lvalues[4304]),0},
+{"setAttr-Cert","setAttr-Cert",NID_setAttr_Cert,4,&(lvalues[4308]),0},
{"setAttr-PGWYcap","payment gateway capabilities",NID_setAttr_PGWYcap,
- 4,&(lvalues[4316]),0},
+ 4,&(lvalues[4312]),0},
{"setAttr-TokenType","setAttr-TokenType",NID_setAttr_TokenType,4,
+ &(lvalues[4316]),0},
+{"setAttr-IssCap","issuer capabilities",NID_setAttr_IssCap,4,
&(lvalues[4320]),0},
-{"setAttr-IssCap","issuer capabilities",NID_setAttr_IssCap,4,
+{"set-rootKeyThumb","set-rootKeyThumb",NID_set_rootKeyThumb,5,
&(lvalues[4324]),0},
-{"set-rootKeyThumb","set-rootKeyThumb",NID_set_rootKeyThumb,5,
- &(lvalues[4328]),0},
-{"set-addPolicy","set-addPolicy",NID_set_addPolicy,5,&(lvalues[4333]),0},
+{"set-addPolicy","set-addPolicy",NID_set_addPolicy,5,&(lvalues[4329]),0},
{"setAttr-Token-EMV","setAttr-Token-EMV",NID_setAttr_Token_EMV,5,
- &(lvalues[4338]),0},
+ &(lvalues[4334]),0},
{"setAttr-Token-B0Prime","setAttr-Token-B0Prime",
- NID_setAttr_Token_B0Prime,5,&(lvalues[4343]),0},
+ NID_setAttr_Token_B0Prime,5,&(lvalues[4339]),0},
{"setAttr-IssCap-CVM","setAttr-IssCap-CVM",NID_setAttr_IssCap_CVM,5,
- &(lvalues[4348]),0},
+ &(lvalues[4344]),0},
{"setAttr-IssCap-T2","setAttr-IssCap-T2",NID_setAttr_IssCap_T2,5,
- &(lvalues[4353]),0},
+ &(lvalues[4349]),0},
{"setAttr-IssCap-Sig","setAttr-IssCap-Sig",NID_setAttr_IssCap_Sig,5,
- &(lvalues[4358]),0},
+ &(lvalues[4354]),0},
{"setAttr-GenCryptgrm","generate cryptogram",NID_setAttr_GenCryptgrm,
- 6,&(lvalues[4363]),0},
+ 6,&(lvalues[4359]),0},
{"setAttr-T2Enc","encrypted track 2",NID_setAttr_T2Enc,6,
- &(lvalues[4369]),0},
+ &(lvalues[4365]),0},
{"setAttr-T2cleartxt","cleartext track 2",NID_setAttr_T2cleartxt,6,
- &(lvalues[4375]),0},
+ &(lvalues[4371]),0},
{"setAttr-TokICCsig","ICC or token signature",NID_setAttr_TokICCsig,6,
- &(lvalues[4381]),0},
+ &(lvalues[4377]),0},
{"setAttr-SecDevSig","secure device signature",NID_setAttr_SecDevSig,
- 6,&(lvalues[4387]),0},
+ 6,&(lvalues[4383]),0},
{"set-brand-IATA-ATA","set-brand-IATA-ATA",NID_set_brand_IATA_ATA,4,
+ &(lvalues[4389]),0},
+{"set-brand-Diners","set-brand-Diners",NID_set_brand_Diners,4,
&(lvalues[4393]),0},
-{"set-brand-Diners","set-brand-Diners",NID_set_brand_Diners,4,
- &(lvalues[4397]),0},
{"set-brand-AmericanExpress","set-brand-AmericanExpress",
- NID_set_brand_AmericanExpress,4,&(lvalues[4401]),0},
-{"set-brand-JCB","set-brand-JCB",NID_set_brand_JCB,4,&(lvalues[4405]),0},
+ NID_set_brand_AmericanExpress,4,&(lvalues[4397]),0},
+{"set-brand-JCB","set-brand-JCB",NID_set_brand_JCB,4,&(lvalues[4401]),0},
{"set-brand-Visa","set-brand-Visa",NID_set_brand_Visa,4,
- &(lvalues[4409]),0},
+ &(lvalues[4405]),0},
{"set-brand-MasterCard","set-brand-MasterCard",
- NID_set_brand_MasterCard,4,&(lvalues[4413]),0},
+ NID_set_brand_MasterCard,4,&(lvalues[4409]),0},
{"set-brand-Novus","set-brand-Novus",NID_set_brand_Novus,5,
- &(lvalues[4417]),0},
-{"DES-CDMF","des-cdmf",NID_des_cdmf,8,&(lvalues[4422]),0},
+ &(lvalues[4413]),0},
+{"DES-CDMF","des-cdmf",NID_des_cdmf,8,&(lvalues[4418]),0},
{"rsaOAEPEncryptionSET","rsaOAEPEncryptionSET",
- NID_rsaOAEPEncryptionSET,9,&(lvalues[4430]),0},
-{"ITU-T","itu-t",NID_itu_t,1,&(lvalues[4439]),0},
-{"JOINT-ISO-ITU-T","joint-iso-itu-t",NID_joint_iso_itu_t,1,
- &(lvalues[4440]),0},
+ NID_rsaOAEPEncryptionSET,9,&(lvalues[4426]),0},
+{"ITU-T","itu-t",NID_itu_t,0,NULL,0},
+{"JOINT-ISO-ITU-T","joint-iso-itu-t",NID_joint_iso_itu_t,0,NULL,0},
{"international-organizations","International Organizations",
- NID_international_organizations,1,&(lvalues[4441]),0},
+ NID_international_organizations,1,&(lvalues[4435]),0},
{"msSmartcardLogin","Microsoft Smartcardlogin",NID_ms_smartcard_login,
- 10,&(lvalues[4442]),0},
+ 10,&(lvalues[4436]),0},
{"msUPN","Microsoft Universal Principal Name",NID_ms_upn,10,
- &(lvalues[4452]),0},
+ &(lvalues[4446]),0},
{"AES-128-CFB1","aes-128-cfb1",NID_aes_128_cfb1,0,NULL,0},
{"AES-192-CFB1","aes-192-cfb1",NID_aes_192_cfb1,0,NULL,0},
{"AES-256-CFB1","aes-256-cfb1",NID_aes_256_cfb1,0,NULL,0},
@@ -1962,138 +1972,138 @@
{"DES-CFB8","des-cfb8",NID_des_cfb8,0,NULL,0},
{"DES-EDE3-CFB1","des-ede3-cfb1",NID_des_ede3_cfb1,0,NULL,0},
{"DES-EDE3-CFB8","des-ede3-cfb8",NID_des_ede3_cfb8,0,NULL,0},
-{"street","streetAddress",NID_streetAddress,3,&(lvalues[4462]),0},
-{"postalCode","postalCode",NID_postalCode,3,&(lvalues[4465]),0},
-{"id-ppl","id-ppl",NID_id_ppl,7,&(lvalues[4468]),0},
+{"street","streetAddress",NID_streetAddress,3,&(lvalues[4456]),0},
+{"postalCode","postalCode",NID_postalCode,3,&(lvalues[4459]),0},
+{"id-ppl","id-ppl",NID_id_ppl,7,&(lvalues[4462]),0},
{"proxyCertInfo","Proxy Certificate Information",NID_proxyCertInfo,8,
- &(lvalues[4475]),0},
+ &(lvalues[4469]),0},
{"id-ppl-anyLanguage","Any language",NID_id_ppl_anyLanguage,8,
- &(lvalues[4483]),0},
+ &(lvalues[4477]),0},
{"id-ppl-inheritAll","Inherit all",NID_id_ppl_inheritAll,8,
- &(lvalues[4491]),0},
+ &(lvalues[4485]),0},
{"nameConstraints","X509v3 Name Constraints",NID_name_constraints,3,
- &(lvalues[4499]),0},
-{"id-ppl-independent","Independent",NID_Independent,8,&(lvalues[4502]),0},
+ &(lvalues[4493]),0},
+{"id-ppl-independent","Independent",NID_Independent,8,&(lvalues[4496]),0},
{"RSA-SHA256","sha256WithRSAEncryption",NID_sha256WithRSAEncryption,9,
- &(lvalues[4510]),0},
+ &(lvalues[4504]),0},
{"RSA-SHA384","sha384WithRSAEncryption",NID_sha384WithRSAEncryption,9,
- &(lvalues[4519]),0},
+ &(lvalues[4513]),0},
{"RSA-SHA512","sha512WithRSAEncryption",NID_sha512WithRSAEncryption,9,
- &(lvalues[4528]),0},
+ &(lvalues[4522]),0},
{"RSA-SHA224","sha224WithRSAEncryption",NID_sha224WithRSAEncryption,9,
- &(lvalues[4537]),0},
-{"SHA256","sha256",NID_sha256,9,&(lvalues[4546]),0},
-{"SHA384","sha384",NID_sha384,9,&(lvalues[4555]),0},
-{"SHA512","sha512",NID_sha512,9,&(lvalues[4564]),0},
-{"SHA224","sha224",NID_sha224,9,&(lvalues[4573]),0},
+ &(lvalues[4531]),0},
+{"SHA256","sha256",NID_sha256,9,&(lvalues[4540]),0},
+{"SHA384","sha384",NID_sha384,9,&(lvalues[4549]),0},
+{"SHA512","sha512",NID_sha512,9,&(lvalues[4558]),0},
+{"SHA224","sha224",NID_sha224,9,&(lvalues[4567]),0},
{"identified-organization","identified-organization",
- NID_identified_organization,1,&(lvalues[4582]),0},
-{"certicom-arc","certicom-arc",NID_certicom_arc,3,&(lvalues[4583]),0},
-{"wap","wap",NID_wap,2,&(lvalues[4586]),0},
-{"wap-wsg","wap-wsg",NID_wap_wsg,3,&(lvalues[4588]),0},
+ NID_identified_organization,1,&(lvalues[4576]),0},
+{"certicom-arc","certicom-arc",NID_certicom_arc,3,&(lvalues[4577]),0},
+{"wap","wap",NID_wap,2,&(lvalues[4580]),0},
+{"wap-wsg","wap-wsg",NID_wap_wsg,3,&(lvalues[4582]),0},
{"id-characteristic-two-basis","id-characteristic-two-basis",
- NID_X9_62_id_characteristic_two_basis,8,&(lvalues[4591]),0},
-{"onBasis","onBasis",NID_X9_62_onBasis,9,&(lvalues[4599]),0},
-{"tpBasis","tpBasis",NID_X9_62_tpBasis,9,&(lvalues[4608]),0},
-{"ppBasis","ppBasis",NID_X9_62_ppBasis,9,&(lvalues[4617]),0},
-{"c2pnb163v1","c2pnb163v1",NID_X9_62_c2pnb163v1,8,&(lvalues[4626]),0},
-{"c2pnb163v2","c2pnb163v2",NID_X9_62_c2pnb163v2,8,&(lvalues[4634]),0},
-{"c2pnb163v3","c2pnb163v3",NID_X9_62_c2pnb163v3,8,&(lvalues[4642]),0},
-{"c2pnb176v1","c2pnb176v1",NID_X9_62_c2pnb176v1,8,&(lvalues[4650]),0},
-{"c2tnb191v1","c2tnb191v1",NID_X9_62_c2tnb191v1,8,&(lvalues[4658]),0},
-{"c2tnb191v2","c2tnb191v2",NID_X9_62_c2tnb191v2,8,&(lvalues[4666]),0},
-{"c2tnb191v3","c2tnb191v3",NID_X9_62_c2tnb191v3,8,&(lvalues[4674]),0},
-{"c2onb191v4","c2onb191v4",NID_X9_62_c2onb191v4,8,&(lvalues[4682]),0},
-{"c2onb191v5","c2onb191v5",NID_X9_62_c2onb191v5,8,&(lvalues[4690]),0},
-{"c2pnb208w1","c2pnb208w1",NID_X9_62_c2pnb208w1,8,&(lvalues[4698]),0},
-{"c2tnb239v1","c2tnb239v1",NID_X9_62_c2tnb239v1,8,&(lvalues[4706]),0},
-{"c2tnb239v2","c2tnb239v2",NID_X9_62_c2tnb239v2,8,&(lvalues[4714]),0},
-{"c2tnb239v3","c2tnb239v3",NID_X9_62_c2tnb239v3,8,&(lvalues[4722]),0},
-{"c2onb239v4","c2onb239v4",NID_X9_62_c2onb239v4,8,&(lvalues[4730]),0},
-{"c2onb239v5","c2onb239v5",NID_X9_62_c2onb239v5,8,&(lvalues[4738]),0},
-{"c2pnb272w1","c2pnb272w1",NID_X9_62_c2pnb272w1,8,&(lvalues[4746]),0},
-{"c2pnb304w1","c2pnb304w1",NID_X9_62_c2pnb304w1,8,&(lvalues[4754]),0},
-{"c2tnb359v1","c2tnb359v1",NID_X9_62_c2tnb359v1,8,&(lvalues[4762]),0},
-{"c2pnb368w1","c2pnb368w1",NID_X9_62_c2pnb368w1,8,&(lvalues[4770]),0},
-{"c2tnb431r1","c2tnb431r1",NID_X9_62_c2tnb431r1,8,&(lvalues[4778]),0},
-{"secp112r1","secp112r1",NID_secp112r1,5,&(lvalues[4786]),0},
-{"secp112r2","secp112r2",NID_secp112r2,5,&(lvalues[4791]),0},
-{"secp128r1","secp128r1",NID_secp128r1,5,&(lvalues[4796]),0},
-{"secp128r2","secp128r2",NID_secp128r2,5,&(lvalues[4801]),0},
-{"secp160k1","secp160k1",NID_secp160k1,5,&(lvalues[4806]),0},
-{"secp160r1","secp160r1",NID_secp160r1,5,&(lvalues[4811]),0},
-{"secp160r2","secp160r2",NID_secp160r2,5,&(lvalues[4816]),0},
-{"secp192k1","secp192k1",NID_secp192k1,5,&(lvalues[4821]),0},
-{"secp224k1","secp224k1",NID_secp224k1,5,&(lvalues[4826]),0},
-{"secp224r1","secp224r1",NID_secp224r1,5,&(lvalues[4831]),0},
-{"secp256k1","secp256k1",NID_secp256k1,5,&(lvalues[4836]),0},
-{"secp384r1","secp384r1",NID_secp384r1,5,&(lvalues[4841]),0},
-{"secp521r1","secp521r1",NID_secp521r1,5,&(lvalues[4846]),0},
-{"sect113r1","sect113r1",NID_sect113r1,5,&(lvalues[4851]),0},
-{"sect113r2","sect113r2",NID_sect113r2,5,&(lvalues[4856]),0},
-{"sect131r1","sect131r1",NID_sect131r1,5,&(lvalues[4861]),0},
-{"sect131r2","sect131r2",NID_sect131r2,5,&(lvalues[4866]),0},
-{"sect163k1","sect163k1",NID_sect163k1,5,&(lvalues[4871]),0},
-{"sect163r1","sect163r1",NID_sect163r1,5,&(lvalues[4876]),0},
-{"sect163r2","sect163r2",NID_sect163r2,5,&(lvalues[4881]),0},
-{"sect193r1","sect193r1",NID_sect193r1,5,&(lvalues[4886]),0},
-{"sect193r2","sect193r2",NID_sect193r2,5,&(lvalues[4891]),0},
-{"sect233k1","sect233k1",NID_sect233k1,5,&(lvalues[4896]),0},
-{"sect233r1","sect233r1",NID_sect233r1,5,&(lvalues[4901]),0},
-{"sect239k1","sect239k1",NID_sect239k1,5,&(lvalues[4906]),0},
-{"sect283k1","sect283k1",NID_sect283k1,5,&(lvalues[4911]),0},
-{"sect283r1","sect283r1",NID_sect283r1,5,&(lvalues[4916]),0},
-{"sect409k1","sect409k1",NID_sect409k1,5,&(lvalues[4921]),0},
-{"sect409r1","sect409r1",NID_sect409r1,5,&(lvalues[4926]),0},
-{"sect571k1","sect571k1",NID_sect571k1,5,&(lvalues[4931]),0},
-{"sect571r1","sect571r1",NID_sect571r1,5,&(lvalues[4936]),0},
+ NID_X9_62_id_characteristic_two_basis,8,&(lvalues[4585]),0},
+{"onBasis","onBasis",NID_X9_62_onBasis,9,&(lvalues[4593]),0},
+{"tpBasis","tpBasis",NID_X9_62_tpBasis,9,&(lvalues[4602]),0},
+{"ppBasis","ppBasis",NID_X9_62_ppBasis,9,&(lvalues[4611]),0},
+{"c2pnb163v1","c2pnb163v1",NID_X9_62_c2pnb163v1,8,&(lvalues[4620]),0},
+{"c2pnb163v2","c2pnb163v2",NID_X9_62_c2pnb163v2,8,&(lvalues[4628]),0},
+{"c2pnb163v3","c2pnb163v3",NID_X9_62_c2pnb163v3,8,&(lvalues[4636]),0},
+{"c2pnb176v1","c2pnb176v1",NID_X9_62_c2pnb176v1,8,&(lvalues[4644]),0},
+{"c2tnb191v1","c2tnb191v1",NID_X9_62_c2tnb191v1,8,&(lvalues[4652]),0},
+{"c2tnb191v2","c2tnb191v2",NID_X9_62_c2tnb191v2,8,&(lvalues[4660]),0},
+{"c2tnb191v3","c2tnb191v3",NID_X9_62_c2tnb191v3,8,&(lvalues[4668]),0},
+{"c2onb191v4","c2onb191v4",NID_X9_62_c2onb191v4,8,&(lvalues[4676]),0},
+{"c2onb191v5","c2onb191v5",NID_X9_62_c2onb191v5,8,&(lvalues[4684]),0},
+{"c2pnb208w1","c2pnb208w1",NID_X9_62_c2pnb208w1,8,&(lvalues[4692]),0},
+{"c2tnb239v1","c2tnb239v1",NID_X9_62_c2tnb239v1,8,&(lvalues[4700]),0},
+{"c2tnb239v2","c2tnb239v2",NID_X9_62_c2tnb239v2,8,&(lvalues[4708]),0},
+{"c2tnb239v3","c2tnb239v3",NID_X9_62_c2tnb239v3,8,&(lvalues[4716]),0},
+{"c2onb239v4","c2onb239v4",NID_X9_62_c2onb239v4,8,&(lvalues[4724]),0},
+{"c2onb239v5","c2onb239v5",NID_X9_62_c2onb239v5,8,&(lvalues[4732]),0},
+{"c2pnb272w1","c2pnb272w1",NID_X9_62_c2pnb272w1,8,&(lvalues[4740]),0},
+{"c2pnb304w1","c2pnb304w1",NID_X9_62_c2pnb304w1,8,&(lvalues[4748]),0},
+{"c2tnb359v1","c2tnb359v1",NID_X9_62_c2tnb359v1,8,&(lvalues[4756]),0},
+{"c2pnb368w1","c2pnb368w1",NID_X9_62_c2pnb368w1,8,&(lvalues[4764]),0},
+{"c2tnb431r1","c2tnb431r1",NID_X9_62_c2tnb431r1,8,&(lvalues[4772]),0},
+{"secp112r1","secp112r1",NID_secp112r1,5,&(lvalues[4780]),0},
+{"secp112r2","secp112r2",NID_secp112r2,5,&(lvalues[4785]),0},
+{"secp128r1","secp128r1",NID_secp128r1,5,&(lvalues[4790]),0},
+{"secp128r2","secp128r2",NID_secp128r2,5,&(lvalues[4795]),0},
+{"secp160k1","secp160k1",NID_secp160k1,5,&(lvalues[4800]),0},
+{"secp160r1","secp160r1",NID_secp160r1,5,&(lvalues[4805]),0},
+{"secp160r2","secp160r2",NID_secp160r2,5,&(lvalues[4810]),0},
+{"secp192k1","secp192k1",NID_secp192k1,5,&(lvalues[4815]),0},
+{"secp224k1","secp224k1",NID_secp224k1,5,&(lvalues[4820]),0},
+{"secp224r1","secp224r1",NID_secp224r1,5,&(lvalues[4825]),0},
+{"secp256k1","secp256k1",NID_secp256k1,5,&(lvalues[4830]),0},
+{"secp384r1","secp384r1",NID_secp384r1,5,&(lvalues[4835]),0},
+{"secp521r1","secp521r1",NID_secp521r1,5,&(lvalues[4840]),0},
+{"sect113r1","sect113r1",NID_sect113r1,5,&(lvalues[4845]),0},
+{"sect113r2","sect113r2",NID_sect113r2,5,&(lvalues[4850]),0},
+{"sect131r1","sect131r1",NID_sect131r1,5,&(lvalues[4855]),0},
+{"sect131r2","sect131r2",NID_sect131r2,5,&(lvalues[4860]),0},
+{"sect163k1","sect163k1",NID_sect163k1,5,&(lvalues[4865]),0},
+{"sect163r1","sect163r1",NID_sect163r1,5,&(lvalues[4870]),0},
+{"sect163r2","sect163r2",NID_sect163r2,5,&(lvalues[4875]),0},
+{"sect193r1","sect193r1",NID_sect193r1,5,&(lvalues[4880]),0},
+{"sect193r2","sect193r2",NID_sect193r2,5,&(lvalues[4885]),0},
+{"sect233k1","sect233k1",NID_sect233k1,5,&(lvalues[4890]),0},
+{"sect233r1","sect233r1",NID_sect233r1,5,&(lvalues[4895]),0},
+{"sect239k1","sect239k1",NID_sect239k1,5,&(lvalues[4900]),0},
+{"sect283k1","sect283k1",NID_sect283k1,5,&(lvalues[4905]),0},
+{"sect283r1","sect283r1",NID_sect283r1,5,&(lvalues[4910]),0},
+{"sect409k1","sect409k1",NID_sect409k1,5,&(lvalues[4915]),0},
+{"sect409r1","sect409r1",NID_sect409r1,5,&(lvalues[4920]),0},
+{"sect571k1","sect571k1",NID_sect571k1,5,&(lvalues[4925]),0},
+{"sect571r1","sect571r1",NID_sect571r1,5,&(lvalues[4930]),0},
{"wap-wsg-idm-ecid-wtls1","wap-wsg-idm-ecid-wtls1",
- NID_wap_wsg_idm_ecid_wtls1,5,&(lvalues[4941]),0},
+ NID_wap_wsg_idm_ecid_wtls1,5,&(lvalues[4935]),0},
{"wap-wsg-idm-ecid-wtls3","wap-wsg-idm-ecid-wtls3",
- NID_wap_wsg_idm_ecid_wtls3,5,&(lvalues[4946]),0},
+ NID_wap_wsg_idm_ecid_wtls3,5,&(lvalues[4940]),0},
{"wap-wsg-idm-ecid-wtls4","wap-wsg-idm-ecid-wtls4",
- NID_wap_wsg_idm_ecid_wtls4,5,&(lvalues[4951]),0},
+ NID_wap_wsg_idm_ecid_wtls4,5,&(lvalues[4945]),0},
{"wap-wsg-idm-ecid-wtls5","wap-wsg-idm-ecid-wtls5",
- NID_wap_wsg_idm_ecid_wtls5,5,&(lvalues[4956]),0},
+ NID_wap_wsg_idm_ecid_wtls5,5,&(lvalues[4950]),0},
{"wap-wsg-idm-ecid-wtls6","wap-wsg-idm-ecid-wtls6",
- NID_wap_wsg_idm_ecid_wtls6,5,&(lvalues[4961]),0},
+ NID_wap_wsg_idm_ecid_wtls6,5,&(lvalues[4955]),0},
{"wap-wsg-idm-ecid-wtls7","wap-wsg-idm-ecid-wtls7",
- NID_wap_wsg_idm_ecid_wtls7,5,&(lvalues[4966]),0},
+ NID_wap_wsg_idm_ecid_wtls7,5,&(lvalues[4960]),0},
{"wap-wsg-idm-ecid-wtls8","wap-wsg-idm-ecid-wtls8",
- NID_wap_wsg_idm_ecid_wtls8,5,&(lvalues[4971]),0},
+ NID_wap_wsg_idm_ecid_wtls8,5,&(lvalues[4965]),0},
{"wap-wsg-idm-ecid-wtls9","wap-wsg-idm-ecid-wtls9",
- NID_wap_wsg_idm_ecid_wtls9,5,&(lvalues[4976]),0},
+ NID_wap_wsg_idm_ecid_wtls9,5,&(lvalues[4970]),0},
{"wap-wsg-idm-ecid-wtls10","wap-wsg-idm-ecid-wtls10",
- NID_wap_wsg_idm_ecid_wtls10,5,&(lvalues[4981]),0},
+ NID_wap_wsg_idm_ecid_wtls10,5,&(lvalues[4975]),0},
{"wap-wsg-idm-ecid-wtls11","wap-wsg-idm-ecid-wtls11",
- NID_wap_wsg_idm_ecid_wtls11,5,&(lvalues[4986]),0},
+ NID_wap_wsg_idm_ecid_wtls11,5,&(lvalues[4980]),0},
{"wap-wsg-idm-ecid-wtls12","wap-wsg-idm-ecid-wtls12",
- NID_wap_wsg_idm_ecid_wtls12,5,&(lvalues[4991]),0},
-{"anyPolicy","X509v3 Any Policy",NID_any_policy,4,&(lvalues[4996]),0},
+ NID_wap_wsg_idm_ecid_wtls12,5,&(lvalues[4985]),0},
+{"anyPolicy","X509v3 Any Policy",NID_any_policy,4,&(lvalues[4990]),0},
{"policyMappings","X509v3 Policy Mappings",NID_policy_mappings,3,
- &(lvalues[5000]),0},
+ &(lvalues[4994]),0},
{"inhibitAnyPolicy","X509v3 Inhibit Any Policy",
- NID_inhibit_any_policy,3,&(lvalues[5003]),0},
+ NID_inhibit_any_policy,3,&(lvalues[4997]),0},
{"Oakley-EC2N-3","ipsec3",NID_ipsec3,0,NULL,0},
{"Oakley-EC2N-4","ipsec4",NID_ipsec4,0,NULL,0},
{"CAMELLIA-128-CBC","camellia-128-cbc",NID_camellia_128_cbc,11,
- &(lvalues[5006]),0},
+ &(lvalues[5000]),0},
{"CAMELLIA-192-CBC","camellia-192-cbc",NID_camellia_192_cbc,11,
- &(lvalues[5017]),0},
+ &(lvalues[5011]),0},
{"CAMELLIA-256-CBC","camellia-256-cbc",NID_camellia_256_cbc,11,
- &(lvalues[5028]),0},
+ &(lvalues[5022]),0},
{"CAMELLIA-128-ECB","camellia-128-ecb",NID_camellia_128_ecb,8,
- &(lvalues[5039]),0},
+ &(lvalues[5033]),0},
{"CAMELLIA-192-ECB","camellia-192-ecb",NID_camellia_192_ecb,8,
- &(lvalues[5047]),0},
+ &(lvalues[5041]),0},
{"CAMELLIA-256-ECB","camellia-256-ecb",NID_camellia_256_ecb,8,
- &(lvalues[5055]),0},
+ &(lvalues[5049]),0},
{"CAMELLIA-128-CFB","camellia-128-cfb",NID_camellia_128_cfb128,8,
- &(lvalues[5063]),0},
+ &(lvalues[5057]),0},
{"CAMELLIA-192-CFB","camellia-192-cfb",NID_camellia_192_cfb128,8,
- &(lvalues[5071]),0},
+ &(lvalues[5065]),0},
{"CAMELLIA-256-CFB","camellia-256-cfb",NID_camellia_256_cfb128,8,
- &(lvalues[5079]),0},
+ &(lvalues[5073]),0},
{"CAMELLIA-128-CFB1","camellia-128-cfb1",NID_camellia_128_cfb1,0,NULL,0},
{"CAMELLIA-192-CFB1","camellia-192-cfb1",NID_camellia_192_cfb1,0,NULL,0},
{"CAMELLIA-256-CFB1","camellia-256-cfb1",NID_camellia_256_cfb1,0,NULL,0},
@@ -2101,2876 +2111,2985 @@
{"CAMELLIA-192-CFB8","camellia-192-cfb8",NID_camellia_192_cfb8,0,NULL,0},
{"CAMELLIA-256-CFB8","camellia-256-cfb8",NID_camellia_256_cfb8,0,NULL,0},
{"CAMELLIA-128-OFB","camellia-128-ofb",NID_camellia_128_ofb128,8,
- &(lvalues[5087]),0},
+ &(lvalues[5081]),0},
{"CAMELLIA-192-OFB","camellia-192-ofb",NID_camellia_192_ofb128,8,
- &(lvalues[5095]),0},
+ &(lvalues[5089]),0},
{"CAMELLIA-256-OFB","camellia-256-ofb",NID_camellia_256_ofb128,8,
- &(lvalues[5103]),0},
+ &(lvalues[5097]),0},
{"subjectDirectoryAttributes","X509v3 Subject Directory Attributes",
- NID_subject_directory_attributes,3,&(lvalues[5111]),0},
+ NID_subject_directory_attributes,3,&(lvalues[5105]),0},
{"issuingDistributionPoint","X509v3 Issuing Distrubution Point",
- NID_issuing_distribution_point,3,&(lvalues[5114]),0},
+ NID_issuing_distribution_point,3,&(lvalues[5108]),0},
{"certificateIssuer","X509v3 Certificate Issuer",
- NID_certificate_issuer,3,&(lvalues[5117]),0},
+ NID_certificate_issuer,3,&(lvalues[5111]),0},
{NULL,NULL,NID_undef,0,NULL,0},
-{"KISA","kisa",NID_kisa,6,&(lvalues[5120]),0},
+{"KISA","kisa",NID_kisa,6,&(lvalues[5114]),0},
{NULL,NULL,NID_undef,0,NULL,0},
{NULL,NULL,NID_undef,0,NULL,0},
-{"SEED-ECB","seed-ecb",NID_seed_ecb,8,&(lvalues[5126]),0},
-{"SEED-CBC","seed-cbc",NID_seed_cbc,8,&(lvalues[5134]),0},
-{"SEED-OFB","seed-ofb",NID_seed_ofb128,8,&(lvalues[5142]),0},
-{"SEED-CFB","seed-cfb",NID_seed_cfb128,8,&(lvalues[5150]),0},
-{"HMAC-MD5","hmac-md5",NID_hmac_md5,8,&(lvalues[5158]),0},
-{"HMAC-SHA1","hmac-sha1",NID_hmac_sha1,8,&(lvalues[5166]),0},
+{"SEED-ECB","seed-ecb",NID_seed_ecb,8,&(lvalues[5120]),0},
+{"SEED-CBC","seed-cbc",NID_seed_cbc,8,&(lvalues[5128]),0},
+{"SEED-OFB","seed-ofb",NID_seed_ofb128,8,&(lvalues[5136]),0},
+{"SEED-CFB","seed-cfb",NID_seed_cfb128,8,&(lvalues[5144]),0},
+{"HMAC-MD5","hmac-md5",NID_hmac_md5,8,&(lvalues[5152]),0},
+{"HMAC-SHA1","hmac-sha1",NID_hmac_sha1,8,&(lvalues[5160]),0},
{"id-PasswordBasedMAC","password based MAC",NID_id_PasswordBasedMAC,9,
- &(lvalues[5174]),0},
+ &(lvalues[5168]),0},
{"id-DHBasedMac","Diffie-Hellman based MAC",NID_id_DHBasedMac,9,
- &(lvalues[5183]),0},
+ &(lvalues[5177]),0},
{"id-it-suppLangTags","id-it-suppLangTags",NID_id_it_suppLangTags,8,
- &(lvalues[5192]),0},
-{"caRepository","CA Repository",NID_caRepository,8,&(lvalues[5200]),0},
+ &(lvalues[5186]),0},
+{"caRepository","CA Repository",NID_caRepository,8,&(lvalues[5194]),0},
{"id-smime-ct-compressedData","id-smime-ct-compressedData",
- NID_id_smime_ct_compressedData,11,&(lvalues[5208]),0},
+ NID_id_smime_ct_compressedData,11,&(lvalues[5202]),0},
{"id-ct-asciiTextWithCRLF","id-ct-asciiTextWithCRLF",
- NID_id_ct_asciiTextWithCRLF,11,&(lvalues[5219]),0},
+ NID_id_ct_asciiTextWithCRLF,11,&(lvalues[5213]),0},
{"id-aes128-wrap","id-aes128-wrap",NID_id_aes128_wrap,9,
- &(lvalues[5230]),0},
+ &(lvalues[5224]),0},
{"id-aes192-wrap","id-aes192-wrap",NID_id_aes192_wrap,9,
- &(lvalues[5239]),0},
+ &(lvalues[5233]),0},
{"id-aes256-wrap","id-aes256-wrap",NID_id_aes256_wrap,9,
- &(lvalues[5248]),0},
+ &(lvalues[5242]),0},
{"ecdsa-with-Recommended","ecdsa-with-Recommended",
- NID_ecdsa_with_Recommended,7,&(lvalues[5257]),0},
+ NID_ecdsa_with_Recommended,7,&(lvalues[5251]),0},
{"ecdsa-with-Specified","ecdsa-with-Specified",
- NID_ecdsa_with_Specified,7,&(lvalues[5264]),0},
+ NID_ecdsa_with_Specified,7,&(lvalues[5258]),0},
{"ecdsa-with-SHA224","ecdsa-with-SHA224",NID_ecdsa_with_SHA224,8,
- &(lvalues[5271]),0},
+ &(lvalues[5265]),0},
{"ecdsa-with-SHA256","ecdsa-with-SHA256",NID_ecdsa_with_SHA256,8,
- &(lvalues[5279]),0},
+ &(lvalues[5273]),0},
{"ecdsa-with-SHA384","ecdsa-with-SHA384",NID_ecdsa_with_SHA384,8,
- &(lvalues[5287]),0},
+ &(lvalues[5281]),0},
{"ecdsa-with-SHA512","ecdsa-with-SHA512",NID_ecdsa_with_SHA512,8,
- &(lvalues[5295]),0},
-{"hmacWithMD5","hmacWithMD5",NID_hmacWithMD5,8,&(lvalues[5303]),0},
+ &(lvalues[5289]),0},
+{"hmacWithMD5","hmacWithMD5",NID_hmacWithMD5,8,&(lvalues[5297]),0},
{"hmacWithSHA224","hmacWithSHA224",NID_hmacWithSHA224,8,
- &(lvalues[5311]),0},
+ &(lvalues[5305]),0},
{"hmacWithSHA256","hmacWithSHA256",NID_hmacWithSHA256,8,
- &(lvalues[5319]),0},
+ &(lvalues[5313]),0},
{"hmacWithSHA384","hmacWithSHA384",NID_hmacWithSHA384,8,
- &(lvalues[5327]),0},
+ &(lvalues[5321]),0},
{"hmacWithSHA512","hmacWithSHA512",NID_hmacWithSHA512,8,
- &(lvalues[5335]),0},
+ &(lvalues[5329]),0},
{"dsa_with_SHA224","dsa_with_SHA224",NID_dsa_with_SHA224,9,
- &(lvalues[5343]),0},
+ &(lvalues[5337]),0},
{"dsa_with_SHA256","dsa_with_SHA256",NID_dsa_with_SHA256,9,
- &(lvalues[5352]),0},
-{"whirlpool","whirlpool",NID_whirlpool,6,&(lvalues[5361]),0},
-{"cryptopro","cryptopro",NID_cryptopro,5,&(lvalues[5367]),0},
-{"cryptocom","cryptocom",NID_cryptocom,5,&(lvalues[5372]),0},
+ &(lvalues[5346]),0},
+{"whirlpool","whirlpool",NID_whirlpool,6,&(lvalues[5355]),0},
+{"cryptopro","cryptopro",NID_cryptopro,5,&(lvalues[5361]),0},
+{"cryptocom","cryptocom",NID_cryptocom,5,&(lvalues[5366]),0},
{"id-GostR3411-94-with-GostR3410-2001",
"GOST R 34.11-94 with GOST R 34.10-2001",
- NID_id_GostR3411_94_with_GostR3410_2001,6,&(lvalues[5377]),0},
+ NID_id_GostR3411_94_with_GostR3410_2001,6,&(lvalues[5371]),0},
{"id-GostR3411-94-with-GostR3410-94",
"GOST R 34.11-94 with GOST R 34.10-94",
- NID_id_GostR3411_94_with_GostR3410_94,6,&(lvalues[5383]),0},
-{"md_gost94","GOST R 34.11-94",NID_id_GostR3411_94,6,&(lvalues[5389]),0},
+ NID_id_GostR3411_94_with_GostR3410_94,6,&(lvalues[5377]),0},
+{"md_gost94","GOST R 34.11-94",NID_id_GostR3411_94,6,&(lvalues[5383]),0},
{"id-HMACGostR3411-94","HMAC GOST 34.11-94",NID_id_HMACGostR3411_94,6,
+ &(lvalues[5389]),0},
+{"gost2001","GOST R 34.10-2001",NID_id_GostR3410_2001,6,
&(lvalues[5395]),0},
-{"gost2001","GOST R 34.10-2001",NID_id_GostR3410_2001,6,
- &(lvalues[5401]),0},
-{"gost94","GOST R 34.10-94",NID_id_GostR3410_94,6,&(lvalues[5407]),0},
-{"gost89","GOST 28147-89",NID_id_Gost28147_89,6,&(lvalues[5413]),0},
+{"gost94","GOST R 34.10-94",NID_id_GostR3410_94,6,&(lvalues[5401]),0},
+{"gost89","GOST 28147-89",NID_id_Gost28147_89,6,&(lvalues[5407]),0},
{"gost89-cnt","gost89-cnt",NID_gost89_cnt,0,NULL,0},
{"gost-mac","GOST 28147-89 MAC",NID_id_Gost28147_89_MAC,6,
+ &(lvalues[5413]),0},
+{"prf-gostr3411-94","GOST R 34.11-94 PRF",NID_id_GostR3411_94_prf,6,
&(lvalues[5419]),0},
-{"prf-gostr3411-94","GOST R 34.11-94 PRF",NID_id_GostR3411_94_prf,6,
- &(lvalues[5425]),0},
{"id-GostR3410-2001DH","GOST R 34.10-2001 DH",NID_id_GostR3410_2001DH,
- 6,&(lvalues[5431]),0},
+ 6,&(lvalues[5425]),0},
{"id-GostR3410-94DH","GOST R 34.10-94 DH",NID_id_GostR3410_94DH,6,
- &(lvalues[5437]),0},
+ &(lvalues[5431]),0},
{"id-Gost28147-89-CryptoPro-KeyMeshing",
"id-Gost28147-89-CryptoPro-KeyMeshing",
- NID_id_Gost28147_89_CryptoPro_KeyMeshing,7,&(lvalues[5443]),0},
+ NID_id_Gost28147_89_CryptoPro_KeyMeshing,7,&(lvalues[5437]),0},
{"id-Gost28147-89-None-KeyMeshing","id-Gost28147-89-None-KeyMeshing",
- NID_id_Gost28147_89_None_KeyMeshing,7,&(lvalues[5450]),0},
+ NID_id_Gost28147_89_None_KeyMeshing,7,&(lvalues[5444]),0},
{"id-GostR3411-94-TestParamSet","id-GostR3411-94-TestParamSet",
- NID_id_GostR3411_94_TestParamSet,7,&(lvalues[5457]),0},
+ NID_id_GostR3411_94_TestParamSet,7,&(lvalues[5451]),0},
{"id-GostR3411-94-CryptoProParamSet",
"id-GostR3411-94-CryptoProParamSet",
- NID_id_GostR3411_94_CryptoProParamSet,7,&(lvalues[5464]),0},
+ NID_id_GostR3411_94_CryptoProParamSet,7,&(lvalues[5458]),0},
{"id-Gost28147-89-TestParamSet","id-Gost28147-89-TestParamSet",
- NID_id_Gost28147_89_TestParamSet,7,&(lvalues[5471]),0},
+ NID_id_Gost28147_89_TestParamSet,7,&(lvalues[5465]),0},
{"id-Gost28147-89-CryptoPro-A-ParamSet",
"id-Gost28147-89-CryptoPro-A-ParamSet",
- NID_id_Gost28147_89_CryptoPro_A_ParamSet,7,&(lvalues[5478]),0},
+ NID_id_Gost28147_89_CryptoPro_A_ParamSet,7,&(lvalues[5472]),0},
{"id-Gost28147-89-CryptoPro-B-ParamSet",
"id-Gost28147-89-CryptoPro-B-ParamSet",
- NID_id_Gost28147_89_CryptoPro_B_ParamSet,7,&(lvalues[5485]),0},
+ NID_id_Gost28147_89_CryptoPro_B_ParamSet,7,&(lvalues[5479]),0},
{"id-Gost28147-89-CryptoPro-C-ParamSet",
"id-Gost28147-89-CryptoPro-C-ParamSet",
- NID_id_Gost28147_89_CryptoPro_C_ParamSet,7,&(lvalues[5492]),0},
+ NID_id_Gost28147_89_CryptoPro_C_ParamSet,7,&(lvalues[5486]),0},
{"id-Gost28147-89-CryptoPro-D-ParamSet",
"id-Gost28147-89-CryptoPro-D-ParamSet",
- NID_id_Gost28147_89_CryptoPro_D_ParamSet,7,&(lvalues[5499]),0},
+ NID_id_Gost28147_89_CryptoPro_D_ParamSet,7,&(lvalues[5493]),0},
{"id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet",
"id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet",
- NID_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet,7,&(lvalues[5506]),
+ NID_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet,7,&(lvalues[5500]),
0},
{"id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet",
"id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet",
- NID_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet,7,&(lvalues[5513]),
+ NID_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet,7,&(lvalues[5507]),
0},
{"id-Gost28147-89-CryptoPro-RIC-1-ParamSet",
"id-Gost28147-89-CryptoPro-RIC-1-ParamSet",
- NID_id_Gost28147_89_CryptoPro_RIC_1_ParamSet,7,&(lvalues[5520]),0},
+ NID_id_Gost28147_89_CryptoPro_RIC_1_ParamSet,7,&(lvalues[5514]),0},
{"id-GostR3410-94-TestParamSet","id-GostR3410-94-TestParamSet",
- NID_id_GostR3410_94_TestParamSet,7,&(lvalues[5527]),0},
+ NID_id_GostR3410_94_TestParamSet,7,&(lvalues[5521]),0},
{"id-GostR3410-94-CryptoPro-A-ParamSet",
"id-GostR3410-94-CryptoPro-A-ParamSet",
- NID_id_GostR3410_94_CryptoPro_A_ParamSet,7,&(lvalues[5534]),0},
+ NID_id_GostR3410_94_CryptoPro_A_ParamSet,7,&(lvalues[5528]),0},
{"id-GostR3410-94-CryptoPro-B-ParamSet",
"id-GostR3410-94-CryptoPro-B-ParamSet",
- NID_id_GostR3410_94_CryptoPro_B_ParamSet,7,&(lvalues[5541]),0},
+ NID_id_GostR3410_94_CryptoPro_B_ParamSet,7,&(lvalues[5535]),0},
{"id-GostR3410-94-CryptoPro-C-ParamSet",
"id-GostR3410-94-CryptoPro-C-ParamSet",
- NID_id_GostR3410_94_CryptoPro_C_ParamSet,7,&(lvalues[5548]),0},
+ NID_id_GostR3410_94_CryptoPro_C_ParamSet,7,&(lvalues[5542]),0},
{"id-GostR3410-94-CryptoPro-D-ParamSet",
"id-GostR3410-94-CryptoPro-D-ParamSet",
- NID_id_GostR3410_94_CryptoPro_D_ParamSet,7,&(lvalues[5555]),0},
+ NID_id_GostR3410_94_CryptoPro_D_ParamSet,7,&(lvalues[5549]),0},
{"id-GostR3410-94-CryptoPro-XchA-ParamSet",
"id-GostR3410-94-CryptoPro-XchA-ParamSet",
- NID_id_GostR3410_94_CryptoPro_XchA_ParamSet,7,&(lvalues[5562]),0},
+ NID_id_GostR3410_94_CryptoPro_XchA_ParamSet,7,&(lvalues[5556]),0},
{"id-GostR3410-94-CryptoPro-XchB-ParamSet",
"id-GostR3410-94-CryptoPro-XchB-ParamSet",
- NID_id_GostR3410_94_CryptoPro_XchB_ParamSet,7,&(lvalues[5569]),0},
+ NID_id_GostR3410_94_CryptoPro_XchB_ParamSet,7,&(lvalues[5563]),0},
{"id-GostR3410-94-CryptoPro-XchC-ParamSet",
"id-GostR3410-94-CryptoPro-XchC-ParamSet",
- NID_id_GostR3410_94_CryptoPro_XchC_ParamSet,7,&(lvalues[5576]),0},
+ NID_id_GostR3410_94_CryptoPro_XchC_ParamSet,7,&(lvalues[5570]),0},
{"id-GostR3410-2001-TestParamSet","id-GostR3410-2001-TestParamSet",
- NID_id_GostR3410_2001_TestParamSet,7,&(lvalues[5583]),0},
+ NID_id_GostR3410_2001_TestParamSet,7,&(lvalues[5577]),0},
{"id-GostR3410-2001-CryptoPro-A-ParamSet",
"id-GostR3410-2001-CryptoPro-A-ParamSet",
- NID_id_GostR3410_2001_CryptoPro_A_ParamSet,7,&(lvalues[5590]),0},
+ NID_id_GostR3410_2001_CryptoPro_A_ParamSet,7,&(lvalues[5584]),0},
{"id-GostR3410-2001-CryptoPro-B-ParamSet",
"id-GostR3410-2001-CryptoPro-B-ParamSet",
- NID_id_GostR3410_2001_CryptoPro_B_ParamSet,7,&(lvalues[5597]),0},
+ NID_id_GostR3410_2001_CryptoPro_B_ParamSet,7,&(lvalues[5591]),0},
{"id-GostR3410-2001-CryptoPro-C-ParamSet",
"id-GostR3410-2001-CryptoPro-C-ParamSet",
- NID_id_GostR3410_2001_CryptoPro_C_ParamSet,7,&(lvalues[5604]),0},
+ NID_id_GostR3410_2001_CryptoPro_C_ParamSet,7,&(lvalues[5598]),0},
{"id-GostR3410-2001-CryptoPro-XchA-ParamSet",
"id-GostR3410-2001-CryptoPro-XchA-ParamSet",
- NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet,7,&(lvalues[5611]),0},
+ NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet,7,&(lvalues[5605]),0},
{"id-GostR3410-2001-CryptoPro-XchB-ParamSet",
"id-GostR3410-2001-CryptoPro-XchB-ParamSet",
- NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet,7,&(lvalues[5618]),0},
+ NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet,7,&(lvalues[5612]),0},
{"id-GostR3410-94-a","id-GostR3410-94-a",NID_id_GostR3410_94_a,7,
- &(lvalues[5625]),0},
+ &(lvalues[5619]),0},
{"id-GostR3410-94-aBis","id-GostR3410-94-aBis",
- NID_id_GostR3410_94_aBis,7,&(lvalues[5632]),0},
+ NID_id_GostR3410_94_aBis,7,&(lvalues[5626]),0},
{"id-GostR3410-94-b","id-GostR3410-94-b",NID_id_GostR3410_94_b,7,
- &(lvalues[5639]),0},
+ &(lvalues[5633]),0},
{"id-GostR3410-94-bBis","id-GostR3410-94-bBis",
- NID_id_GostR3410_94_bBis,7,&(lvalues[5646]),0},
+ NID_id_GostR3410_94_bBis,7,&(lvalues[5640]),0},
{"id-Gost28147-89-cc","GOST 28147-89 Cryptocom ParamSet",
- NID_id_Gost28147_89_cc,8,&(lvalues[5653]),0},
+ NID_id_Gost28147_89_cc,8,&(lvalues[5647]),0},
{"gost94cc","GOST 34.10-94 Cryptocom",NID_id_GostR3410_94_cc,8,
- &(lvalues[5661]),0},
+ &(lvalues[5655]),0},
{"gost2001cc","GOST 34.10-2001 Cryptocom",NID_id_GostR3410_2001_cc,8,
- &(lvalues[5669]),0},
+ &(lvalues[5663]),0},
{"id-GostR3411-94-with-GostR3410-94-cc",
"GOST R 34.11-94 with GOST R 34.10-94 Cryptocom",
- NID_id_GostR3411_94_with_GostR3410_94_cc,8,&(lvalues[5677]),0},
+ NID_id_GostR3411_94_with_GostR3410_94_cc,8,&(lvalues[5671]),0},
{"id-GostR3411-94-with-GostR3410-2001-cc",
"GOST R 34.11-94 with GOST R 34.10-2001 Cryptocom",
- NID_id_GostR3411_94_with_GostR3410_2001_cc,8,&(lvalues[5685]),0},
+ NID_id_GostR3411_94_with_GostR3410_2001_cc,8,&(lvalues[5679]),0},
{"id-GostR3410-2001-ParamSet-cc",
"GOST R 3410-2001 Parameter Set Cryptocom",
- NID_id_GostR3410_2001_ParamSet_cc,8,&(lvalues[5693]),0},
+ NID_id_GostR3410_2001_ParamSet_cc,8,&(lvalues[5687]),0},
{"HMAC","hmac",NID_hmac,0,NULL,0},
{"LocalKeySet","Microsoft Local Key set",NID_LocalKeySet,9,
- &(lvalues[5701]),0},
+ &(lvalues[5695]),0},
{"freshestCRL","X509v3 Freshest CRL",NID_freshest_crl,3,
- &(lvalues[5710]),0},
+ &(lvalues[5704]),0},
{"id-on-permanentIdentifier","Permanent Identifier",
- NID_id_on_permanentIdentifier,8,&(lvalues[5713]),0},
-{"searchGuide","searchGuide",NID_searchGuide,3,&(lvalues[5721]),0},
+ NID_id_on_permanentIdentifier,8,&(lvalues[5707]),0},
+{"searchGuide","searchGuide",NID_searchGuide,3,&(lvalues[5715]),0},
{"businessCategory","businessCategory",NID_businessCategory,3,
- &(lvalues[5724]),0},
-{"postalAddress","postalAddress",NID_postalAddress,3,&(lvalues[5727]),0},
-{"postOfficeBox","postOfficeBox",NID_postOfficeBox,3,&(lvalues[5730]),0},
+ &(lvalues[5718]),0},
+{"postalAddress","postalAddress",NID_postalAddress,3,&(lvalues[5721]),0},
+{"postOfficeBox","postOfficeBox",NID_postOfficeBox,3,&(lvalues[5724]),0},
{"physicalDeliveryOfficeName","physicalDeliveryOfficeName",
- NID_physicalDeliveryOfficeName,3,&(lvalues[5733]),0},
+ NID_physicalDeliveryOfficeName,3,&(lvalues[5727]),0},
{"telephoneNumber","telephoneNumber",NID_telephoneNumber,3,
- &(lvalues[5736]),0},
-{"telexNumber","telexNumber",NID_telexNumber,3,&(lvalues[5739]),0},
+ &(lvalues[5730]),0},
+{"telexNumber","telexNumber",NID_telexNumber,3,&(lvalues[5733]),0},
{"teletexTerminalIdentifier","teletexTerminalIdentifier",
- NID_teletexTerminalIdentifier,3,&(lvalues[5742]),0},
+ NID_teletexTerminalIdentifier,3,&(lvalues[5736]),0},
{"facsimileTelephoneNumber","facsimileTelephoneNumber",
- NID_facsimileTelephoneNumber,3,&(lvalues[5745]),0},
-{"x121Address","x121Address",NID_x121Address,3,&(lvalues[5748]),0},
+ NID_facsimileTelephoneNumber,3,&(lvalues[5739]),0},
+{"x121Address","x121Address",NID_x121Address,3,&(lvalues[5742]),0},
{"internationaliSDNNumber","internationaliSDNNumber",
- NID_internationaliSDNNumber,3,&(lvalues[5751]),0},
+ NID_internationaliSDNNumber,3,&(lvalues[5745]),0},
{"registeredAddress","registeredAddress",NID_registeredAddress,3,
- &(lvalues[5754]),0},
+ &(lvalues[5748]),0},
{"destinationIndicator","destinationIndicator",
- NID_destinationIndicator,3,&(lvalues[5757]),0},
+ NID_destinationIndicator,3,&(lvalues[5751]),0},
{"preferredDeliveryMethod","preferredDeliveryMethod",
- NID_preferredDeliveryMethod,3,&(lvalues[5760]),0},
+ NID_preferredDeliveryMethod,3,&(lvalues[5754]),0},
{"presentationAddress","presentationAddress",NID_presentationAddress,
- 3,&(lvalues[5763]),0},
+ 3,&(lvalues[5757]),0},
{"supportedApplicationContext","supportedApplicationContext",
- NID_supportedApplicationContext,3,&(lvalues[5766]),0},
-{"member","member",NID_member,3,&(lvalues[5769]),0},
-{"owner","owner",NID_owner,3,&(lvalues[5772]),0},
-{"roleOccupant","roleOccupant",NID_roleOccupant,3,&(lvalues[5775]),0},
-{"seeAlso","seeAlso",NID_seeAlso,3,&(lvalues[5778]),0},
-{"userPassword","userPassword",NID_userPassword,3,&(lvalues[5781]),0},
+ NID_supportedApplicationContext,3,&(lvalues[5760]),0},
+{"member","member",NID_member,3,&(lvalues[5763]),0},
+{"owner","owner",NID_owner,3,&(lvalues[5766]),0},
+{"roleOccupant","roleOccupant",NID_roleOccupant,3,&(lvalues[5769]),0},
+{"seeAlso","seeAlso",NID_seeAlso,3,&(lvalues[5772]),0},
+{"userPassword","userPassword",NID_userPassword,3,&(lvalues[5775]),0},
{"userCertificate","userCertificate",NID_userCertificate,3,
- &(lvalues[5784]),0},
-{"cACertificate","cACertificate",NID_cACertificate,3,&(lvalues[5787]),0},
+ &(lvalues[5778]),0},
+{"cACertificate","cACertificate",NID_cACertificate,3,&(lvalues[5781]),0},
{"authorityRevocationList","authorityRevocationList",
- NID_authorityRevocationList,3,&(lvalues[5790]),0},
+ NID_authorityRevocationList,3,&(lvalues[5784]),0},
{"certificateRevocationList","certificateRevocationList",
- NID_certificateRevocationList,3,&(lvalues[5793]),0},
+ NID_certificateRevocationList,3,&(lvalues[5787]),0},
{"crossCertificatePair","crossCertificatePair",
- NID_crossCertificatePair,3,&(lvalues[5796]),0},
+ NID_crossCertificatePair,3,&(lvalues[5790]),0},
{"enhancedSearchGuide","enhancedSearchGuide",NID_enhancedSearchGuide,
- 3,&(lvalues[5799]),0},
+ 3,&(lvalues[5793]),0},
{"protocolInformation","protocolInformation",NID_protocolInformation,
- 3,&(lvalues[5802]),0},
+ 3,&(lvalues[5796]),0},
{"distinguishedName","distinguishedName",NID_distinguishedName,3,
+ &(lvalues[5799]),0},
+{"uniqueMember","uniqueMember",NID_uniqueMember,3,&(lvalues[5802]),0},
+{"houseIdentifier","houseIdentifier",NID_houseIdentifier,3,
&(lvalues[5805]),0},
-{"uniqueMember","uniqueMember",NID_uniqueMember,3,&(lvalues[5808]),0},
-{"houseIdentifier","houseIdentifier",NID_houseIdentifier,3,
- &(lvalues[5811]),0},
{"supportedAlgorithms","supportedAlgorithms",NID_supportedAlgorithms,
- 3,&(lvalues[5814]),0},
+ 3,&(lvalues[5808]),0},
{"deltaRevocationList","deltaRevocationList",NID_deltaRevocationList,
- 3,&(lvalues[5817]),0},
-{"dmdName","dmdName",NID_dmdName,3,&(lvalues[5820]),0},
+ 3,&(lvalues[5811]),0},
+{"dmdName","dmdName",NID_dmdName,3,&(lvalues[5814]),0},
+{"id-alg-PWRI-KEK","id-alg-PWRI-KEK",NID_id_alg_PWRI_KEK,11,
+ &(lvalues[5817]),0},
+{"CMAC","cmac",NID_cmac,0,NULL,0},
+{"id-aes128-GCM","aes-128-gcm",NID_aes_128_gcm,9,&(lvalues[5828]),0},
+{"id-aes128-CCM","aes-128-ccm",NID_aes_128_ccm,9,&(lvalues[5837]),0},
+{"id-aes128-wrap-pad","id-aes128-wrap-pad",NID_id_aes128_wrap_pad,9,
+ &(lvalues[5846]),0},
+{"id-aes192-GCM","aes-192-gcm",NID_aes_192_gcm,9,&(lvalues[5855]),0},
+{"id-aes192-CCM","aes-192-ccm",NID_aes_192_ccm,9,&(lvalues[5864]),0},
+{"id-aes192-wrap-pad","id-aes192-wrap-pad",NID_id_aes192_wrap_pad,9,
+ &(lvalues[5873]),0},
+{"id-aes256-GCM","aes-256-gcm",NID_aes_256_gcm,9,&(lvalues[5882]),0},
+{"id-aes256-CCM","aes-256-ccm",NID_aes_256_ccm,9,&(lvalues[5891]),0},
+{"id-aes256-wrap-pad","id-aes256-wrap-pad",NID_id_aes256_wrap_pad,9,
+ &(lvalues[5900]),0},
+{"AES-128-CTR","aes-128-ctr",NID_aes_128_ctr,0,NULL,0},
+{"AES-192-CTR","aes-192-ctr",NID_aes_192_ctr,0,NULL,0},
+{"AES-256-CTR","aes-256-ctr",NID_aes_256_ctr,0,NULL,0},
+{"id-camellia128-wrap","id-camellia128-wrap",NID_id_camellia128_wrap,
+ 11,&(lvalues[5909]),0},
+{"id-camellia192-wrap","id-camellia192-wrap",NID_id_camellia192_wrap,
+ 11,&(lvalues[5920]),0},
+{"id-camellia256-wrap","id-camellia256-wrap",NID_id_camellia256_wrap,
+ 11,&(lvalues[5931]),0},
+{"anyExtendedKeyUsage","Any Extended Key Usage",
+ NID_anyExtendedKeyUsage,4,&(lvalues[5942]),0},
+{"MGF1","mgf1",NID_mgf1,9,&(lvalues[5946]),0},
+{"RSASSA-PSS","rsassaPss",NID_rsassaPss,9,&(lvalues[5955]),0},
+{"AES-128-XTS","aes-128-xts",NID_aes_128_xts,0,NULL,0},
+{"AES-256-XTS","aes-256-xts",NID_aes_256_xts,0,NULL,0},
+{"RC4-HMAC-MD5","rc4-hmac-md5",NID_rc4_hmac_md5,0,NULL,0},
+{"AES-128-CBC-HMAC-SHA1","aes-128-cbc-hmac-sha1",
+ NID_aes_128_cbc_hmac_sha1,0,NULL,0},
+{"AES-192-CBC-HMAC-SHA1","aes-192-cbc-hmac-sha1",
+ NID_aes_192_cbc_hmac_sha1,0,NULL,0},
+{"AES-256-CBC-HMAC-SHA1","aes-256-cbc-hmac-sha1",
+ NID_aes_256_cbc_hmac_sha1,0,NULL,0},
+{"RSAES-OAEP","rsaesOaep",NID_rsaesOaep,9,&(lvalues[5964]),0},
};
-static ASN1_OBJECT *sn_objs[NUM_SN]={
-&(nid_objs[364]),/* "AD_DVCS" */
-&(nid_objs[419]),/* "AES-128-CBC" */
-&(nid_objs[421]),/* "AES-128-CFB" */
-&(nid_objs[650]),/* "AES-128-CFB1" */
-&(nid_objs[653]),/* "AES-128-CFB8" */
-&(nid_objs[418]),/* "AES-128-ECB" */
-&(nid_objs[420]),/* "AES-128-OFB" */
-&(nid_objs[423]),/* "AES-192-CBC" */
-&(nid_objs[425]),/* "AES-192-CFB" */
-&(nid_objs[651]),/* "AES-192-CFB1" */
-&(nid_objs[654]),/* "AES-192-CFB8" */
-&(nid_objs[422]),/* "AES-192-ECB" */
-&(nid_objs[424]),/* "AES-192-OFB" */
-&(nid_objs[427]),/* "AES-256-CBC" */
-&(nid_objs[429]),/* "AES-256-CFB" */
-&(nid_objs[652]),/* "AES-256-CFB1" */
-&(nid_objs[655]),/* "AES-256-CFB8" */
-&(nid_objs[426]),/* "AES-256-ECB" */
-&(nid_objs[428]),/* "AES-256-OFB" */
-&(nid_objs[91]),/* "BF-CBC" */
-&(nid_objs[93]),/* "BF-CFB" */
-&(nid_objs[92]),/* "BF-ECB" */
-&(nid_objs[94]),/* "BF-OFB" */
-&(nid_objs[14]),/* "C" */
-&(nid_objs[751]),/* "CAMELLIA-128-CBC" */
-&(nid_objs[757]),/* "CAMELLIA-128-CFB" */
-&(nid_objs[760]),/* "CAMELLIA-128-CFB1" */
-&(nid_objs[763]),/* "CAMELLIA-128-CFB8" */
-&(nid_objs[754]),/* "CAMELLIA-128-ECB" */
-&(nid_objs[766]),/* "CAMELLIA-128-OFB" */
-&(nid_objs[752]),/* "CAMELLIA-192-CBC" */
-&(nid_objs[758]),/* "CAMELLIA-192-CFB" */
-&(nid_objs[761]),/* "CAMELLIA-192-CFB1" */
-&(nid_objs[764]),/* "CAMELLIA-192-CFB8" */
-&(nid_objs[755]),/* "CAMELLIA-192-ECB" */
-&(nid_objs[767]),/* "CAMELLIA-192-OFB" */
-&(nid_objs[753]),/* "CAMELLIA-256-CBC" */
-&(nid_objs[759]),/* "CAMELLIA-256-CFB" */
-&(nid_objs[762]),/* "CAMELLIA-256-CFB1" */
-&(nid_objs[765]),/* "CAMELLIA-256-CFB8" */
-&(nid_objs[756]),/* "CAMELLIA-256-ECB" */
-&(nid_objs[768]),/* "CAMELLIA-256-OFB" */
-&(nid_objs[108]),/* "CAST5-CBC" */
-&(nid_objs[110]),/* "CAST5-CFB" */
-&(nid_objs[109]),/* "CAST5-ECB" */
-&(nid_objs[111]),/* "CAST5-OFB" */
-&(nid_objs[13]),/* "CN" */
-&(nid_objs[141]),/* "CRLReason" */
-&(nid_objs[417]),/* "CSPName" */
-&(nid_objs[367]),/* "CrlID" */
-&(nid_objs[391]),/* "DC" */
-&(nid_objs[31]),/* "DES-CBC" */
-&(nid_objs[643]),/* "DES-CDMF" */
-&(nid_objs[30]),/* "DES-CFB" */
-&(nid_objs[656]),/* "DES-CFB1" */
-&(nid_objs[657]),/* "DES-CFB8" */
-&(nid_objs[29]),/* "DES-ECB" */
-&(nid_objs[32]),/* "DES-EDE" */
-&(nid_objs[43]),/* "DES-EDE-CBC" */
-&(nid_objs[60]),/* "DES-EDE-CFB" */
-&(nid_objs[62]),/* "DES-EDE-OFB" */
-&(nid_objs[33]),/* "DES-EDE3" */
-&(nid_objs[44]),/* "DES-EDE3-CBC" */
-&(nid_objs[61]),/* "DES-EDE3-CFB" */
-&(nid_objs[658]),/* "DES-EDE3-CFB1" */
-&(nid_objs[659]),/* "DES-EDE3-CFB8" */
-&(nid_objs[63]),/* "DES-EDE3-OFB" */
-&(nid_objs[45]),/* "DES-OFB" */
-&(nid_objs[80]),/* "DESX-CBC" */
-&(nid_objs[380]),/* "DOD" */
-&(nid_objs[116]),/* "DSA" */
-&(nid_objs[66]),/* "DSA-SHA" */
-&(nid_objs[113]),/* "DSA-SHA1" */
-&(nid_objs[70]),/* "DSA-SHA1-old" */
-&(nid_objs[67]),/* "DSA-old" */
-&(nid_objs[297]),/* "DVCS" */
-&(nid_objs[99]),/* "GN" */
-&(nid_objs[855]),/* "HMAC" */
-&(nid_objs[780]),/* "HMAC-MD5" */
-&(nid_objs[781]),/* "HMAC-SHA1" */
-&(nid_objs[381]),/* "IANA" */
-&(nid_objs[34]),/* "IDEA-CBC" */
-&(nid_objs[35]),/* "IDEA-CFB" */
-&(nid_objs[36]),/* "IDEA-ECB" */
-&(nid_objs[46]),/* "IDEA-OFB" */
-&(nid_objs[181]),/* "ISO" */
-&(nid_objs[183]),/* "ISO-US" */
-&(nid_objs[645]),/* "ITU-T" */
-&(nid_objs[646]),/* "JOINT-ISO-ITU-T" */
-&(nid_objs[773]),/* "KISA" */
-&(nid_objs[15]),/* "L" */
-&(nid_objs[856]),/* "LocalKeySet" */
-&(nid_objs[ 3]),/* "MD2" */
-&(nid_objs[257]),/* "MD4" */
-&(nid_objs[ 4]),/* "MD5" */
-&(nid_objs[114]),/* "MD5-SHA1" */
-&(nid_objs[95]),/* "MDC2" */
-&(nid_objs[388]),/* "Mail" */
-&(nid_objs[393]),/* "NULL" */
-&(nid_objs[404]),/* "NULL" */
-&(nid_objs[57]),/* "Netscape" */
-&(nid_objs[366]),/* "Nonce" */
-&(nid_objs[17]),/* "O" */
-&(nid_objs[178]),/* "OCSP" */
-&(nid_objs[180]),/* "OCSPSigning" */
-&(nid_objs[379]),/* "ORG" */
-&(nid_objs[18]),/* "OU" */
-&(nid_objs[749]),/* "Oakley-EC2N-3" */
-&(nid_objs[750]),/* "Oakley-EC2N-4" */
-&(nid_objs[ 9]),/* "PBE-MD2-DES" */
-&(nid_objs[168]),/* "PBE-MD2-RC2-64" */
-&(nid_objs[10]),/* "PBE-MD5-DES" */
-&(nid_objs[169]),/* "PBE-MD5-RC2-64" */
-&(nid_objs[147]),/* "PBE-SHA1-2DES" */
-&(nid_objs[146]),/* "PBE-SHA1-3DES" */
-&(nid_objs[170]),/* "PBE-SHA1-DES" */
-&(nid_objs[148]),/* "PBE-SHA1-RC2-128" */
-&(nid_objs[149]),/* "PBE-SHA1-RC2-40" */
-&(nid_objs[68]),/* "PBE-SHA1-RC2-64" */
-&(nid_objs[144]),/* "PBE-SHA1-RC4-128" */
-&(nid_objs[145]),/* "PBE-SHA1-RC4-40" */
-&(nid_objs[161]),/* "PBES2" */
-&(nid_objs[69]),/* "PBKDF2" */
-&(nid_objs[162]),/* "PBMAC1" */
-&(nid_objs[127]),/* "PKIX" */
-&(nid_objs[98]),/* "RC2-40-CBC" */
-&(nid_objs[166]),/* "RC2-64-CBC" */
-&(nid_objs[37]),/* "RC2-CBC" */
-&(nid_objs[39]),/* "RC2-CFB" */
-&(nid_objs[38]),/* "RC2-ECB" */
-&(nid_objs[40]),/* "RC2-OFB" */
-&(nid_objs[ 5]),/* "RC4" */
-&(nid_objs[97]),/* "RC4-40" */
-&(nid_objs[120]),/* "RC5-CBC" */
-&(nid_objs[122]),/* "RC5-CFB" */
-&(nid_objs[121]),/* "RC5-ECB" */
-&(nid_objs[123]),/* "RC5-OFB" */
-&(nid_objs[117]),/* "RIPEMD160" */
-&(nid_objs[124]),/* "RLE" */
-&(nid_objs[19]),/* "RSA" */
-&(nid_objs[ 7]),/* "RSA-MD2" */
-&(nid_objs[396]),/* "RSA-MD4" */
-&(nid_objs[ 8]),/* "RSA-MD5" */
-&(nid_objs[96]),/* "RSA-MDC2" */
-&(nid_objs[104]),/* "RSA-NP-MD5" */
-&(nid_objs[119]),/* "RSA-RIPEMD160" */
-&(nid_objs[42]),/* "RSA-SHA" */
-&(nid_objs[65]),/* "RSA-SHA1" */
-&(nid_objs[115]),/* "RSA-SHA1-2" */
-&(nid_objs[671]),/* "RSA-SHA224" */
-&(nid_objs[668]),/* "RSA-SHA256" */
-&(nid_objs[669]),/* "RSA-SHA384" */
-&(nid_objs[670]),/* "RSA-SHA512" */
-&(nid_objs[777]),/* "SEED-CBC" */
-&(nid_objs[779]),/* "SEED-CFB" */
-&(nid_objs[776]),/* "SEED-ECB" */
-&(nid_objs[778]),/* "SEED-OFB" */
-&(nid_objs[41]),/* "SHA" */
-&(nid_objs[64]),/* "SHA1" */
-&(nid_objs[675]),/* "SHA224" */
-&(nid_objs[672]),/* "SHA256" */
-&(nid_objs[673]),/* "SHA384" */
-&(nid_objs[674]),/* "SHA512" */
-&(nid_objs[188]),/* "SMIME" */
-&(nid_objs[167]),/* "SMIME-CAPS" */
-&(nid_objs[100]),/* "SN" */
-&(nid_objs[16]),/* "ST" */
-&(nid_objs[143]),/* "SXNetID" */
-&(nid_objs[458]),/* "UID" */
-&(nid_objs[ 0]),/* "UNDEF" */
-&(nid_objs[11]),/* "X500" */
-&(nid_objs[378]),/* "X500algorithms" */
-&(nid_objs[12]),/* "X509" */
-&(nid_objs[184]),/* "X9-57" */
-&(nid_objs[185]),/* "X9cm" */
-&(nid_objs[125]),/* "ZLIB" */
-&(nid_objs[478]),/* "aRecord" */
-&(nid_objs[289]),/* "aaControls" */
-&(nid_objs[287]),/* "ac-auditEntity" */
-&(nid_objs[397]),/* "ac-proxying" */
-&(nid_objs[288]),/* "ac-targeting" */
-&(nid_objs[368]),/* "acceptableResponses" */
-&(nid_objs[446]),/* "account" */
-&(nid_objs[363]),/* "ad_timestamping" */
-&(nid_objs[376]),/* "algorithm" */
-&(nid_objs[405]),/* "ansi-X9-62" */
-&(nid_objs[746]),/* "anyPolicy" */
-&(nid_objs[370]),/* "archiveCutoff" */
-&(nid_objs[484]),/* "associatedDomain" */
-&(nid_objs[485]),/* "associatedName" */
-&(nid_objs[501]),/* "audio" */
-&(nid_objs[177]),/* "authorityInfoAccess" */
-&(nid_objs[90]),/* "authorityKeyIdentifier" */
-&(nid_objs[882]),/* "authorityRevocationList" */
-&(nid_objs[87]),/* "basicConstraints" */
-&(nid_objs[365]),/* "basicOCSPResponse" */
-&(nid_objs[285]),/* "biometricInfo" */
-&(nid_objs[494]),/* "buildingName" */
-&(nid_objs[860]),/* "businessCategory" */
-&(nid_objs[691]),/* "c2onb191v4" */
-&(nid_objs[692]),/* "c2onb191v5" */
-&(nid_objs[697]),/* "c2onb239v4" */
-&(nid_objs[698]),/* "c2onb239v5" */
-&(nid_objs[684]),/* "c2pnb163v1" */
-&(nid_objs[685]),/* "c2pnb163v2" */
-&(nid_objs[686]),/* "c2pnb163v3" */
-&(nid_objs[687]),/* "c2pnb176v1" */
-&(nid_objs[693]),/* "c2pnb208w1" */
-&(nid_objs[699]),/* "c2pnb272w1" */
-&(nid_objs[700]),/* "c2pnb304w1" */
-&(nid_objs[702]),/* "c2pnb368w1" */
-&(nid_objs[688]),/* "c2tnb191v1" */
-&(nid_objs[689]),/* "c2tnb191v2" */
-&(nid_objs[690]),/* "c2tnb191v3" */
-&(nid_objs[694]),/* "c2tnb239v1" */
-&(nid_objs[695]),/* "c2tnb239v2" */
-&(nid_objs[696]),/* "c2tnb239v3" */
-&(nid_objs[701]),/* "c2tnb359v1" */
-&(nid_objs[703]),/* "c2tnb431r1" */
-&(nid_objs[881]),/* "cACertificate" */
-&(nid_objs[483]),/* "cNAMERecord" */
-&(nid_objs[179]),/* "caIssuers" */
-&(nid_objs[785]),/* "caRepository" */
-&(nid_objs[443]),/* "caseIgnoreIA5StringSyntax" */
-&(nid_objs[152]),/* "certBag" */
-&(nid_objs[677]),/* "certicom-arc" */
-&(nid_objs[771]),/* "certificateIssuer" */
-&(nid_objs[89]),/* "certificatePolicies" */
-&(nid_objs[883]),/* "certificateRevocationList" */
-&(nid_objs[54]),/* "challengePassword" */
-&(nid_objs[407]),/* "characteristic-two-field" */
-&(nid_objs[395]),/* "clearance" */
-&(nid_objs[130]),/* "clientAuth" */
-&(nid_objs[131]),/* "codeSigning" */
-&(nid_objs[50]),/* "contentType" */
-&(nid_objs[53]),/* "countersignature" */
-&(nid_objs[153]),/* "crlBag" */
-&(nid_objs[103]),/* "crlDistributionPoints" */
-&(nid_objs[88]),/* "crlNumber" */
-&(nid_objs[884]),/* "crossCertificatePair" */
-&(nid_objs[806]),/* "cryptocom" */
-&(nid_objs[805]),/* "cryptopro" */
-&(nid_objs[500]),/* "dITRedirect" */
-&(nid_objs[451]),/* "dNSDomain" */
-&(nid_objs[495]),/* "dSAQuality" */
-&(nid_objs[434]),/* "data" */
-&(nid_objs[390]),/* "dcobject" */
-&(nid_objs[140]),/* "deltaCRL" */
-&(nid_objs[891]),/* "deltaRevocationList" */
-&(nid_objs[107]),/* "description" */
-&(nid_objs[871]),/* "destinationIndicator" */
-&(nid_objs[28]),/* "dhKeyAgreement" */
-&(nid_objs[382]),/* "directory" */
-&(nid_objs[887]),/* "distinguishedName" */
-&(nid_objs[892]),/* "dmdName" */
-&(nid_objs[174]),/* "dnQualifier" */
-&(nid_objs[447]),/* "document" */
-&(nid_objs[471]),/* "documentAuthor" */
-&(nid_objs[468]),/* "documentIdentifier" */
-&(nid_objs[472]),/* "documentLocation" */
-&(nid_objs[502]),/* "documentPublisher" */
-&(nid_objs[449]),/* "documentSeries" */
-&(nid_objs[469]),/* "documentTitle" */
-&(nid_objs[470]),/* "documentVersion" */
-&(nid_objs[392]),/* "domain" */
-&(nid_objs[452]),/* "domainRelatedObject" */
-&(nid_objs[802]),/* "dsa_with_SHA224" */
-&(nid_objs[803]),/* "dsa_with_SHA256" */
-&(nid_objs[791]),/* "ecdsa-with-Recommended" */
-&(nid_objs[416]),/* "ecdsa-with-SHA1" */
-&(nid_objs[793]),/* "ecdsa-with-SHA224" */
-&(nid_objs[794]),/* "ecdsa-with-SHA256" */
-&(nid_objs[795]),/* "ecdsa-with-SHA384" */
-&(nid_objs[796]),/* "ecdsa-with-SHA512" */
-&(nid_objs[792]),/* "ecdsa-with-Specified" */
-&(nid_objs[48]),/* "emailAddress" */
-&(nid_objs[132]),/* "emailProtection" */
-&(nid_objs[885]),/* "enhancedSearchGuide" */
-&(nid_objs[389]),/* "enterprises" */
-&(nid_objs[384]),/* "experimental" */
-&(nid_objs[172]),/* "extReq" */
-&(nid_objs[56]),/* "extendedCertificateAttributes" */
-&(nid_objs[126]),/* "extendedKeyUsage" */
-&(nid_objs[372]),/* "extendedStatus" */
-&(nid_objs[867]),/* "facsimileTelephoneNumber" */
-&(nid_objs[462]),/* "favouriteDrink" */
-&(nid_objs[857]),/* "freshestCRL" */
-&(nid_objs[453]),/* "friendlyCountry" */
-&(nid_objs[490]),/* "friendlyCountryName" */
-&(nid_objs[156]),/* "friendlyName" */
-&(nid_objs[509]),/* "generationQualifier" */
-&(nid_objs[815]),/* "gost-mac" */
-&(nid_objs[811]),/* "gost2001" */
-&(nid_objs[851]),/* "gost2001cc" */
-&(nid_objs[813]),/* "gost89" */
-&(nid_objs[814]),/* "gost89-cnt" */
-&(nid_objs[812]),/* "gost94" */
-&(nid_objs[850]),/* "gost94cc" */
-&(nid_objs[797]),/* "hmacWithMD5" */
-&(nid_objs[163]),/* "hmacWithSHA1" */
-&(nid_objs[798]),/* "hmacWithSHA224" */
-&(nid_objs[799]),/* "hmacWithSHA256" */
-&(nid_objs[800]),/* "hmacWithSHA384" */
-&(nid_objs[801]),/* "hmacWithSHA512" */
-&(nid_objs[432]),/* "holdInstructionCallIssuer" */
-&(nid_objs[430]),/* "holdInstructionCode" */
-&(nid_objs[431]),/* "holdInstructionNone" */
-&(nid_objs[433]),/* "holdInstructionReject" */
-&(nid_objs[486]),/* "homePostalAddress" */
-&(nid_objs[473]),/* "homeTelephoneNumber" */
-&(nid_objs[466]),/* "host" */
-&(nid_objs[889]),/* "houseIdentifier" */
-&(nid_objs[442]),/* "iA5StringSyntax" */
-&(nid_objs[783]),/* "id-DHBasedMac" */
-&(nid_objs[824]),/* "id-Gost28147-89-CryptoPro-A-ParamSet" */
-&(nid_objs[825]),/* "id-Gost28147-89-CryptoPro-B-ParamSet" */
-&(nid_objs[826]),/* "id-Gost28147-89-CryptoPro-C-ParamSet" */
-&(nid_objs[827]),/* "id-Gost28147-89-CryptoPro-D-ParamSet" */
-&(nid_objs[819]),/* "id-Gost28147-89-CryptoPro-KeyMeshing" */
-&(nid_objs[829]),/* "id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet" */
-&(nid_objs[828]),/* "id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet" */
-&(nid_objs[830]),/* "id-Gost28147-89-CryptoPro-RIC-1-ParamSet" */
-&(nid_objs[820]),/* "id-Gost28147-89-None-KeyMeshing" */
-&(nid_objs[823]),/* "id-Gost28147-89-TestParamSet" */
-&(nid_objs[849]),/* "id-Gost28147-89-cc" */
-&(nid_objs[840]),/* "id-GostR3410-2001-CryptoPro-A-ParamSet" */
-&(nid_objs[841]),/* "id-GostR3410-2001-CryptoPro-B-ParamSet" */
-&(nid_objs[842]),/* "id-GostR3410-2001-CryptoPro-C-ParamSet" */
-&(nid_objs[843]),/* "id-GostR3410-2001-CryptoPro-XchA-ParamSet" */
-&(nid_objs[844]),/* "id-GostR3410-2001-CryptoPro-XchB-ParamSet" */
-&(nid_objs[854]),/* "id-GostR3410-2001-ParamSet-cc" */
-&(nid_objs[839]),/* "id-GostR3410-2001-TestParamSet" */
-&(nid_objs[817]),/* "id-GostR3410-2001DH" */
-&(nid_objs[832]),/* "id-GostR3410-94-CryptoPro-A-ParamSet" */
-&(nid_objs[833]),/* "id-GostR3410-94-CryptoPro-B-ParamSet" */
-&(nid_objs[834]),/* "id-GostR3410-94-CryptoPro-C-ParamSet" */
-&(nid_objs[835]),/* "id-GostR3410-94-CryptoPro-D-ParamSet" */
-&(nid_objs[836]),/* "id-GostR3410-94-CryptoPro-XchA-ParamSet" */
-&(nid_objs[837]),/* "id-GostR3410-94-CryptoPro-XchB-ParamSet" */
-&(nid_objs[838]),/* "id-GostR3410-94-CryptoPro-XchC-ParamSet" */
-&(nid_objs[831]),/* "id-GostR3410-94-TestParamSet" */
-&(nid_objs[845]),/* "id-GostR3410-94-a" */
-&(nid_objs[846]),/* "id-GostR3410-94-aBis" */
-&(nid_objs[847]),/* "id-GostR3410-94-b" */
-&(nid_objs[848]),/* "id-GostR3410-94-bBis" */
-&(nid_objs[818]),/* "id-GostR3410-94DH" */
-&(nid_objs[822]),/* "id-GostR3411-94-CryptoProParamSet" */
-&(nid_objs[821]),/* "id-GostR3411-94-TestParamSet" */
-&(nid_objs[807]),/* "id-GostR3411-94-with-GostR3410-2001" */
-&(nid_objs[853]),/* "id-GostR3411-94-with-GostR3410-2001-cc" */
-&(nid_objs[808]),/* "id-GostR3411-94-with-GostR3410-94" */
-&(nid_objs[852]),/* "id-GostR3411-94-with-GostR3410-94-cc" */
-&(nid_objs[810]),/* "id-HMACGostR3411-94" */
-&(nid_objs[782]),/* "id-PasswordBasedMAC" */
-&(nid_objs[266]),/* "id-aca" */
-&(nid_objs[355]),/* "id-aca-accessIdentity" */
-&(nid_objs[354]),/* "id-aca-authenticationInfo" */
-&(nid_objs[356]),/* "id-aca-chargingIdentity" */
-&(nid_objs[399]),/* "id-aca-encAttrs" */
-&(nid_objs[357]),/* "id-aca-group" */
-&(nid_objs[358]),/* "id-aca-role" */
-&(nid_objs[176]),/* "id-ad" */
-&(nid_objs[788]),/* "id-aes128-wrap" */
-&(nid_objs[789]),/* "id-aes192-wrap" */
-&(nid_objs[790]),/* "id-aes256-wrap" */
-&(nid_objs[262]),/* "id-alg" */
-&(nid_objs[323]),/* "id-alg-des40" */
-&(nid_objs[326]),/* "id-alg-dh-pop" */
-&(nid_objs[325]),/* "id-alg-dh-sig-hmac-sha1" */
-&(nid_objs[324]),/* "id-alg-noSignature" */
-&(nid_objs[268]),/* "id-cct" */
-&(nid_objs[361]),/* "id-cct-PKIData" */
-&(nid_objs[362]),/* "id-cct-PKIResponse" */
-&(nid_objs[360]),/* "id-cct-crs" */
-&(nid_objs[81]),/* "id-ce" */
-&(nid_objs[680]),/* "id-characteristic-two-basis" */
-&(nid_objs[263]),/* "id-cmc" */
-&(nid_objs[334]),/* "id-cmc-addExtensions" */
-&(nid_objs[346]),/* "id-cmc-confirmCertAcceptance" */
-&(nid_objs[330]),/* "id-cmc-dataReturn" */
-&(nid_objs[336]),/* "id-cmc-decryptedPOP" */
-&(nid_objs[335]),/* "id-cmc-encryptedPOP" */
-&(nid_objs[339]),/* "id-cmc-getCRL" */
-&(nid_objs[338]),/* "id-cmc-getCert" */
-&(nid_objs[328]),/* "id-cmc-identification" */
-&(nid_objs[329]),/* "id-cmc-identityProof" */
-&(nid_objs[337]),/* "id-cmc-lraPOPWitness" */
-&(nid_objs[344]),/* "id-cmc-popLinkRandom" */
-&(nid_objs[345]),/* "id-cmc-popLinkWitness" */
-&(nid_objs[343]),/* "id-cmc-queryPending" */
-&(nid_objs[333]),/* "id-cmc-recipientNonce" */
-&(nid_objs[341]),/* "id-cmc-regInfo" */
-&(nid_objs[342]),/* "id-cmc-responseInfo" */
-&(nid_objs[340]),/* "id-cmc-revokeRequest" */
-&(nid_objs[332]),/* "id-cmc-senderNonce" */
-&(nid_objs[327]),/* "id-cmc-statusInfo" */
-&(nid_objs[331]),/* "id-cmc-transactionId" */
-&(nid_objs[787]),/* "id-ct-asciiTextWithCRLF" */
-&(nid_objs[408]),/* "id-ecPublicKey" */
-&(nid_objs[508]),/* "id-hex-multipart-message" */
-&(nid_objs[507]),/* "id-hex-partial-message" */
-&(nid_objs[260]),/* "id-it" */
-&(nid_objs[302]),/* "id-it-caKeyUpdateInfo" */
-&(nid_objs[298]),/* "id-it-caProtEncCert" */
-&(nid_objs[311]),/* "id-it-confirmWaitTime" */
-&(nid_objs[303]),/* "id-it-currentCRL" */
-&(nid_objs[300]),/* "id-it-encKeyPairTypes" */
-&(nid_objs[310]),/* "id-it-implicitConfirm" */
-&(nid_objs[308]),/* "id-it-keyPairParamRep" */
-&(nid_objs[307]),/* "id-it-keyPairParamReq" */
-&(nid_objs[312]),/* "id-it-origPKIMessage" */
-&(nid_objs[301]),/* "id-it-preferredSymmAlg" */
-&(nid_objs[309]),/* "id-it-revPassphrase" */
-&(nid_objs[299]),/* "id-it-signKeyPairTypes" */
-&(nid_objs[305]),/* "id-it-subscriptionRequest" */
-&(nid_objs[306]),/* "id-it-subscriptionResponse" */
-&(nid_objs[784]),/* "id-it-suppLangTags" */
-&(nid_objs[304]),/* "id-it-unsupportedOIDs" */
-&(nid_objs[128]),/* "id-kp" */
-&(nid_objs[280]),/* "id-mod-attribute-cert" */
-&(nid_objs[274]),/* "id-mod-cmc" */
-&(nid_objs[277]),/* "id-mod-cmp" */
-&(nid_objs[284]),/* "id-mod-cmp2000" */
-&(nid_objs[273]),/* "id-mod-crmf" */
-&(nid_objs[283]),/* "id-mod-dvcs" */
-&(nid_objs[275]),/* "id-mod-kea-profile-88" */
-&(nid_objs[276]),/* "id-mod-kea-profile-93" */
-&(nid_objs[282]),/* "id-mod-ocsp" */
-&(nid_objs[278]),/* "id-mod-qualified-cert-88" */
-&(nid_objs[279]),/* "id-mod-qualified-cert-93" */
-&(nid_objs[281]),/* "id-mod-timestamp-protocol" */
-&(nid_objs[264]),/* "id-on" */
-&(nid_objs[858]),/* "id-on-permanentIdentifier" */
-&(nid_objs[347]),/* "id-on-personalData" */
-&(nid_objs[265]),/* "id-pda" */
-&(nid_objs[352]),/* "id-pda-countryOfCitizenship" */
-&(nid_objs[353]),/* "id-pda-countryOfResidence" */
-&(nid_objs[348]),/* "id-pda-dateOfBirth" */
-&(nid_objs[351]),/* "id-pda-gender" */
-&(nid_objs[349]),/* "id-pda-placeOfBirth" */
-&(nid_objs[175]),/* "id-pe" */
-&(nid_objs[261]),/* "id-pkip" */
-&(nid_objs[258]),/* "id-pkix-mod" */
-&(nid_objs[269]),/* "id-pkix1-explicit-88" */
-&(nid_objs[271]),/* "id-pkix1-explicit-93" */
-&(nid_objs[270]),/* "id-pkix1-implicit-88" */
-&(nid_objs[272]),/* "id-pkix1-implicit-93" */
-&(nid_objs[662]),/* "id-ppl" */
-&(nid_objs[664]),/* "id-ppl-anyLanguage" */
-&(nid_objs[667]),/* "id-ppl-independent" */
-&(nid_objs[665]),/* "id-ppl-inheritAll" */
-&(nid_objs[267]),/* "id-qcs" */
-&(nid_objs[359]),/* "id-qcs-pkixQCSyntax-v1" */
-&(nid_objs[259]),/* "id-qt" */
-&(nid_objs[164]),/* "id-qt-cps" */
-&(nid_objs[165]),/* "id-qt-unotice" */
-&(nid_objs[313]),/* "id-regCtrl" */
-&(nid_objs[316]),/* "id-regCtrl-authenticator" */
-&(nid_objs[319]),/* "id-regCtrl-oldCertID" */
-&(nid_objs[318]),/* "id-regCtrl-pkiArchiveOptions" */
-&(nid_objs[317]),/* "id-regCtrl-pkiPublicationInfo" */
-&(nid_objs[320]),/* "id-regCtrl-protocolEncrKey" */
-&(nid_objs[315]),/* "id-regCtrl-regToken" */
-&(nid_objs[314]),/* "id-regInfo" */
-&(nid_objs[322]),/* "id-regInfo-certReq" */
-&(nid_objs[321]),/* "id-regInfo-utf8Pairs" */
-&(nid_objs[512]),/* "id-set" */
-&(nid_objs[191]),/* "id-smime-aa" */
-&(nid_objs[215]),/* "id-smime-aa-contentHint" */
-&(nid_objs[218]),/* "id-smime-aa-contentIdentifier" */
-&(nid_objs[221]),/* "id-smime-aa-contentReference" */
-&(nid_objs[240]),/* "id-smime-aa-dvcs-dvc" */
-&(nid_objs[217]),/* "id-smime-aa-encapContentType" */
-&(nid_objs[222]),/* "id-smime-aa-encrypKeyPref" */
-&(nid_objs[220]),/* "id-smime-aa-equivalentLabels" */
-&(nid_objs[232]),/* "id-smime-aa-ets-CertificateRefs" */
-&(nid_objs[233]),/* "id-smime-aa-ets-RevocationRefs" */
-&(nid_objs[238]),/* "id-smime-aa-ets-archiveTimeStamp" */
-&(nid_objs[237]),/* "id-smime-aa-ets-certCRLTimestamp" */
-&(nid_objs[234]),/* "id-smime-aa-ets-certValues" */
-&(nid_objs[227]),/* "id-smime-aa-ets-commitmentType" */
-&(nid_objs[231]),/* "id-smime-aa-ets-contentTimestamp" */
-&(nid_objs[236]),/* "id-smime-aa-ets-escTimeStamp" */
-&(nid_objs[230]),/* "id-smime-aa-ets-otherSigCert" */
-&(nid_objs[235]),/* "id-smime-aa-ets-revocationValues" */
-&(nid_objs[226]),/* "id-smime-aa-ets-sigPolicyId" */
-&(nid_objs[229]),/* "id-smime-aa-ets-signerAttr" */
-&(nid_objs[228]),/* "id-smime-aa-ets-signerLocation" */
-&(nid_objs[219]),/* "id-smime-aa-macValue" */
-&(nid_objs[214]),/* "id-smime-aa-mlExpandHistory" */
-&(nid_objs[216]),/* "id-smime-aa-msgSigDigest" */
-&(nid_objs[212]),/* "id-smime-aa-receiptRequest" */
-&(nid_objs[213]),/* "id-smime-aa-securityLabel" */
-&(nid_objs[239]),/* "id-smime-aa-signatureType" */
-&(nid_objs[223]),/* "id-smime-aa-signingCertificate" */
-&(nid_objs[224]),/* "id-smime-aa-smimeEncryptCerts" */
-&(nid_objs[225]),/* "id-smime-aa-timeStampToken" */
-&(nid_objs[192]),/* "id-smime-alg" */
-&(nid_objs[243]),/* "id-smime-alg-3DESwrap" */
-&(nid_objs[246]),/* "id-smime-alg-CMS3DESwrap" */
-&(nid_objs[247]),/* "id-smime-alg-CMSRC2wrap" */
-&(nid_objs[245]),/* "id-smime-alg-ESDH" */
-&(nid_objs[241]),/* "id-smime-alg-ESDHwith3DES" */
-&(nid_objs[242]),/* "id-smime-alg-ESDHwithRC2" */
-&(nid_objs[244]),/* "id-smime-alg-RC2wrap" */
-&(nid_objs[193]),/* "id-smime-cd" */
-&(nid_objs[248]),/* "id-smime-cd-ldap" */
-&(nid_objs[190]),/* "id-smime-ct" */
-&(nid_objs[210]),/* "id-smime-ct-DVCSRequestData" */
-&(nid_objs[211]),/* "id-smime-ct-DVCSResponseData" */
-&(nid_objs[208]),/* "id-smime-ct-TDTInfo" */
-&(nid_objs[207]),/* "id-smime-ct-TSTInfo" */
-&(nid_objs[205]),/* "id-smime-ct-authData" */
-&(nid_objs[786]),/* "id-smime-ct-compressedData" */
-&(nid_objs[209]),/* "id-smime-ct-contentInfo" */
-&(nid_objs[206]),/* "id-smime-ct-publishCert" */
-&(nid_objs[204]),/* "id-smime-ct-receipt" */
-&(nid_objs[195]),/* "id-smime-cti" */
-&(nid_objs[255]),/* "id-smime-cti-ets-proofOfApproval" */
-&(nid_objs[256]),/* "id-smime-cti-ets-proofOfCreation" */
-&(nid_objs[253]),/* "id-smime-cti-ets-proofOfDelivery" */
-&(nid_objs[251]),/* "id-smime-cti-ets-proofOfOrigin" */
-&(nid_objs[252]),/* "id-smime-cti-ets-proofOfReceipt" */
-&(nid_objs[254]),/* "id-smime-cti-ets-proofOfSender" */
-&(nid_objs[189]),/* "id-smime-mod" */
-&(nid_objs[196]),/* "id-smime-mod-cms" */
-&(nid_objs[197]),/* "id-smime-mod-ess" */
-&(nid_objs[202]),/* "id-smime-mod-ets-eSigPolicy-88" */
-&(nid_objs[203]),/* "id-smime-mod-ets-eSigPolicy-97" */
-&(nid_objs[200]),/* "id-smime-mod-ets-eSignature-88" */
-&(nid_objs[201]),/* "id-smime-mod-ets-eSignature-97" */
-&(nid_objs[199]),/* "id-smime-mod-msg-v3" */
-&(nid_objs[198]),/* "id-smime-mod-oid" */
-&(nid_objs[194]),/* "id-smime-spq" */
-&(nid_objs[250]),/* "id-smime-spq-ets-sqt-unotice" */
-&(nid_objs[249]),/* "id-smime-spq-ets-sqt-uri" */
-&(nid_objs[676]),/* "identified-organization" */
-&(nid_objs[461]),/* "info" */
-&(nid_objs[748]),/* "inhibitAnyPolicy" */
-&(nid_objs[101]),/* "initials" */
-&(nid_objs[647]),/* "international-organizations" */
-&(nid_objs[869]),/* "internationaliSDNNumber" */
-&(nid_objs[142]),/* "invalidityDate" */
-&(nid_objs[294]),/* "ipsecEndSystem" */
-&(nid_objs[295]),/* "ipsecTunnel" */
-&(nid_objs[296]),/* "ipsecUser" */
-&(nid_objs[86]),/* "issuerAltName" */
-&(nid_objs[770]),/* "issuingDistributionPoint" */
-&(nid_objs[492]),/* "janetMailbox" */
-&(nid_objs[150]),/* "keyBag" */
-&(nid_objs[83]),/* "keyUsage" */
-&(nid_objs[477]),/* "lastModifiedBy" */
-&(nid_objs[476]),/* "lastModifiedTime" */
-&(nid_objs[157]),/* "localKeyID" */
-&(nid_objs[480]),/* "mXRecord" */
-&(nid_objs[460]),/* "mail" */
-&(nid_objs[493]),/* "mailPreferenceOption" */
-&(nid_objs[467]),/* "manager" */
-&(nid_objs[809]),/* "md_gost94" */
-&(nid_objs[875]),/* "member" */
-&(nid_objs[182]),/* "member-body" */
-&(nid_objs[51]),/* "messageDigest" */
-&(nid_objs[383]),/* "mgmt" */
-&(nid_objs[504]),/* "mime-mhs" */
-&(nid_objs[506]),/* "mime-mhs-bodies" */
-&(nid_objs[505]),/* "mime-mhs-headings" */
-&(nid_objs[488]),/* "mobileTelephoneNumber" */
-&(nid_objs[136]),/* "msCTLSign" */
-&(nid_objs[135]),/* "msCodeCom" */
-&(nid_objs[134]),/* "msCodeInd" */
-&(nid_objs[138]),/* "msEFS" */
-&(nid_objs[171]),/* "msExtReq" */
-&(nid_objs[137]),/* "msSGC" */
-&(nid_objs[648]),/* "msSmartcardLogin" */
-&(nid_objs[649]),/* "msUPN" */
-&(nid_objs[481]),/* "nSRecord" */
-&(nid_objs[173]),/* "name" */
-&(nid_objs[666]),/* "nameConstraints" */
-&(nid_objs[369]),/* "noCheck" */
-&(nid_objs[403]),/* "noRevAvail" */
-&(nid_objs[72]),/* "nsBaseUrl" */
-&(nid_objs[76]),/* "nsCaPolicyUrl" */
-&(nid_objs[74]),/* "nsCaRevocationUrl" */
-&(nid_objs[58]),/* "nsCertExt" */
-&(nid_objs[79]),/* "nsCertSequence" */
-&(nid_objs[71]),/* "nsCertType" */
-&(nid_objs[78]),/* "nsComment" */
-&(nid_objs[59]),/* "nsDataType" */
-&(nid_objs[75]),/* "nsRenewalUrl" */
-&(nid_objs[73]),/* "nsRevocationUrl" */
-&(nid_objs[139]),/* "nsSGC" */
-&(nid_objs[77]),/* "nsSslServerName" */
-&(nid_objs[681]),/* "onBasis" */
-&(nid_objs[491]),/* "organizationalStatus" */
-&(nid_objs[475]),/* "otherMailbox" */
-&(nid_objs[876]),/* "owner" */
-&(nid_objs[489]),/* "pagerTelephoneNumber" */
-&(nid_objs[374]),/* "path" */
-&(nid_objs[112]),/* "pbeWithMD5AndCast5CBC" */
-&(nid_objs[499]),/* "personalSignature" */
-&(nid_objs[487]),/* "personalTitle" */
-&(nid_objs[464]),/* "photo" */
-&(nid_objs[863]),/* "physicalDeliveryOfficeName" */
-&(nid_objs[437]),/* "pilot" */
-&(nid_objs[439]),/* "pilotAttributeSyntax" */
-&(nid_objs[438]),/* "pilotAttributeType" */
-&(nid_objs[479]),/* "pilotAttributeType27" */
-&(nid_objs[456]),/* "pilotDSA" */
-&(nid_objs[441]),/* "pilotGroups" */
-&(nid_objs[444]),/* "pilotObject" */
-&(nid_objs[440]),/* "pilotObjectClass" */
-&(nid_objs[455]),/* "pilotOrganization" */
-&(nid_objs[445]),/* "pilotPerson" */
-&(nid_objs[ 2]),/* "pkcs" */
-&(nid_objs[186]),/* "pkcs1" */
-&(nid_objs[27]),/* "pkcs3" */
-&(nid_objs[187]),/* "pkcs5" */
-&(nid_objs[20]),/* "pkcs7" */
-&(nid_objs[21]),/* "pkcs7-data" */
-&(nid_objs[25]),/* "pkcs7-digestData" */
-&(nid_objs[26]),/* "pkcs7-encryptedData" */
-&(nid_objs[23]),/* "pkcs7-envelopedData" */
-&(nid_objs[24]),/* "pkcs7-signedAndEnvelopedData" */
-&(nid_objs[22]),/* "pkcs7-signedData" */
-&(nid_objs[151]),/* "pkcs8ShroudedKeyBag" */
-&(nid_objs[47]),/* "pkcs9" */
-&(nid_objs[401]),/* "policyConstraints" */
-&(nid_objs[747]),/* "policyMappings" */
-&(nid_objs[862]),/* "postOfficeBox" */
-&(nid_objs[861]),/* "postalAddress" */
-&(nid_objs[661]),/* "postalCode" */
-&(nid_objs[683]),/* "ppBasis" */
-&(nid_objs[872]),/* "preferredDeliveryMethod" */
-&(nid_objs[873]),/* "presentationAddress" */
-&(nid_objs[816]),/* "prf-gostr3411-94" */
-&(nid_objs[406]),/* "prime-field" */
-&(nid_objs[409]),/* "prime192v1" */
-&(nid_objs[410]),/* "prime192v2" */
-&(nid_objs[411]),/* "prime192v3" */
-&(nid_objs[412]),/* "prime239v1" */
-&(nid_objs[413]),/* "prime239v2" */
-&(nid_objs[414]),/* "prime239v3" */
-&(nid_objs[415]),/* "prime256v1" */
-&(nid_objs[385]),/* "private" */
-&(nid_objs[84]),/* "privateKeyUsagePeriod" */
-&(nid_objs[886]),/* "protocolInformation" */
-&(nid_objs[663]),/* "proxyCertInfo" */
-&(nid_objs[510]),/* "pseudonym" */
-&(nid_objs[435]),/* "pss" */
-&(nid_objs[286]),/* "qcStatements" */
-&(nid_objs[457]),/* "qualityLabelledData" */
-&(nid_objs[450]),/* "rFC822localPart" */
-&(nid_objs[870]),/* "registeredAddress" */
-&(nid_objs[400]),/* "role" */
-&(nid_objs[877]),/* "roleOccupant" */
-&(nid_objs[448]),/* "room" */
-&(nid_objs[463]),/* "roomNumber" */
-&(nid_objs[ 6]),/* "rsaEncryption" */
-&(nid_objs[644]),/* "rsaOAEPEncryptionSET" */
-&(nid_objs[377]),/* "rsaSignature" */
-&(nid_objs[ 1]),/* "rsadsi" */
-&(nid_objs[482]),/* "sOARecord" */
-&(nid_objs[155]),/* "safeContentsBag" */
-&(nid_objs[291]),/* "sbgp-autonomousSysNum" */
-&(nid_objs[290]),/* "sbgp-ipAddrBlock" */
-&(nid_objs[292]),/* "sbgp-routerIdentifier" */
-&(nid_objs[159]),/* "sdsiCertificate" */
-&(nid_objs[859]),/* "searchGuide" */
-&(nid_objs[704]),/* "secp112r1" */
-&(nid_objs[705]),/* "secp112r2" */
-&(nid_objs[706]),/* "secp128r1" */
-&(nid_objs[707]),/* "secp128r2" */
-&(nid_objs[708]),/* "secp160k1" */
-&(nid_objs[709]),/* "secp160r1" */
-&(nid_objs[710]),/* "secp160r2" */
-&(nid_objs[711]),/* "secp192k1" */
-&(nid_objs[712]),/* "secp224k1" */
-&(nid_objs[713]),/* "secp224r1" */
-&(nid_objs[714]),/* "secp256k1" */
-&(nid_objs[715]),/* "secp384r1" */
-&(nid_objs[716]),/* "secp521r1" */
-&(nid_objs[154]),/* "secretBag" */
-&(nid_objs[474]),/* "secretary" */
-&(nid_objs[717]),/* "sect113r1" */
-&(nid_objs[718]),/* "sect113r2" */
-&(nid_objs[719]),/* "sect131r1" */
-&(nid_objs[720]),/* "sect131r2" */
-&(nid_objs[721]),/* "sect163k1" */
-&(nid_objs[722]),/* "sect163r1" */
-&(nid_objs[723]),/* "sect163r2" */
-&(nid_objs[724]),/* "sect193r1" */
-&(nid_objs[725]),/* "sect193r2" */
-&(nid_objs[726]),/* "sect233k1" */
-&(nid_objs[727]),/* "sect233r1" */
-&(nid_objs[728]),/* "sect239k1" */
-&(nid_objs[729]),/* "sect283k1" */
-&(nid_objs[730]),/* "sect283r1" */
-&(nid_objs[731]),/* "sect409k1" */
-&(nid_objs[732]),/* "sect409r1" */
-&(nid_objs[733]),/* "sect571k1" */
-&(nid_objs[734]),/* "sect571r1" */
-&(nid_objs[386]),/* "security" */
-&(nid_objs[878]),/* "seeAlso" */
-&(nid_objs[394]),/* "selected-attribute-types" */
-&(nid_objs[105]),/* "serialNumber" */
-&(nid_objs[129]),/* "serverAuth" */
-&(nid_objs[371]),/* "serviceLocator" */
-&(nid_objs[625]),/* "set-addPolicy" */
-&(nid_objs[515]),/* "set-attr" */
-&(nid_objs[518]),/* "set-brand" */
-&(nid_objs[638]),/* "set-brand-AmericanExpress" */
-&(nid_objs[637]),/* "set-brand-Diners" */
-&(nid_objs[636]),/* "set-brand-IATA-ATA" */
-&(nid_objs[639]),/* "set-brand-JCB" */
-&(nid_objs[641]),/* "set-brand-MasterCard" */
-&(nid_objs[642]),/* "set-brand-Novus" */
-&(nid_objs[640]),/* "set-brand-Visa" */
-&(nid_objs[517]),/* "set-certExt" */
-&(nid_objs[513]),/* "set-ctype" */
-&(nid_objs[514]),/* "set-msgExt" */
-&(nid_objs[516]),/* "set-policy" */
-&(nid_objs[607]),/* "set-policy-root" */
-&(nid_objs[624]),/* "set-rootKeyThumb" */
-&(nid_objs[620]),/* "setAttr-Cert" */
-&(nid_objs[631]),/* "setAttr-GenCryptgrm" */
-&(nid_objs[623]),/* "setAttr-IssCap" */
-&(nid_objs[628]),/* "setAttr-IssCap-CVM" */
-&(nid_objs[630]),/* "setAttr-IssCap-Sig" */
-&(nid_objs[629]),/* "setAttr-IssCap-T2" */
-&(nid_objs[621]),/* "setAttr-PGWYcap" */
-&(nid_objs[635]),/* "setAttr-SecDevSig" */
-&(nid_objs[632]),/* "setAttr-T2Enc" */
-&(nid_objs[633]),/* "setAttr-T2cleartxt" */
-&(nid_objs[634]),/* "setAttr-TokICCsig" */
-&(nid_objs[627]),/* "setAttr-Token-B0Prime" */
-&(nid_objs[626]),/* "setAttr-Token-EMV" */
-&(nid_objs[622]),/* "setAttr-TokenType" */
-&(nid_objs[619]),/* "setCext-IssuerCapabilities" */
-&(nid_objs[615]),/* "setCext-PGWYcapabilities" */
-&(nid_objs[616]),/* "setCext-TokenIdentifier" */
-&(nid_objs[618]),/* "setCext-TokenType" */
-&(nid_objs[617]),/* "setCext-Track2Data" */
-&(nid_objs[611]),/* "setCext-cCertRequired" */
-&(nid_objs[609]),/* "setCext-certType" */
-&(nid_objs[608]),/* "setCext-hashedRoot" */
-&(nid_objs[610]),/* "setCext-merchData" */
-&(nid_objs[613]),/* "setCext-setExt" */
-&(nid_objs[614]),/* "setCext-setQualf" */
-&(nid_objs[612]),/* "setCext-tunneling" */
-&(nid_objs[540]),/* "setct-AcqCardCodeMsg" */
-&(nid_objs[576]),/* "setct-AcqCardCodeMsgTBE" */
-&(nid_objs[570]),/* "setct-AuthReqTBE" */
-&(nid_objs[534]),/* "setct-AuthReqTBS" */
-&(nid_objs[527]),/* "setct-AuthResBaggage" */
-&(nid_objs[571]),/* "setct-AuthResTBE" */
-&(nid_objs[572]),/* "setct-AuthResTBEX" */
-&(nid_objs[535]),/* "setct-AuthResTBS" */
-&(nid_objs[536]),/* "setct-AuthResTBSX" */
-&(nid_objs[528]),/* "setct-AuthRevReqBaggage" */
-&(nid_objs[577]),/* "setct-AuthRevReqTBE" */
-&(nid_objs[541]),/* "setct-AuthRevReqTBS" */
-&(nid_objs[529]),/* "setct-AuthRevResBaggage" */
-&(nid_objs[542]),/* "setct-AuthRevResData" */
-&(nid_objs[578]),/* "setct-AuthRevResTBE" */
-&(nid_objs[579]),/* "setct-AuthRevResTBEB" */
-&(nid_objs[543]),/* "setct-AuthRevResTBS" */
-&(nid_objs[573]),/* "setct-AuthTokenTBE" */
-&(nid_objs[537]),/* "setct-AuthTokenTBS" */
-&(nid_objs[600]),/* "setct-BCIDistributionTBS" */
-&(nid_objs[558]),/* "setct-BatchAdminReqData" */
-&(nid_objs[592]),/* "setct-BatchAdminReqTBE" */
-&(nid_objs[559]),/* "setct-BatchAdminResData" */
-&(nid_objs[593]),/* "setct-BatchAdminResTBE" */
-&(nid_objs[599]),/* "setct-CRLNotificationResTBS" */
-&(nid_objs[598]),/* "setct-CRLNotificationTBS" */
-&(nid_objs[580]),/* "setct-CapReqTBE" */
-&(nid_objs[581]),/* "setct-CapReqTBEX" */
-&(nid_objs[544]),/* "setct-CapReqTBS" */
-&(nid_objs[545]),/* "setct-CapReqTBSX" */
-&(nid_objs[546]),/* "setct-CapResData" */
-&(nid_objs[582]),/* "setct-CapResTBE" */
-&(nid_objs[583]),/* "setct-CapRevReqTBE" */
-&(nid_objs[584]),/* "setct-CapRevReqTBEX" */
-&(nid_objs[547]),/* "setct-CapRevReqTBS" */
-&(nid_objs[548]),/* "setct-CapRevReqTBSX" */
-&(nid_objs[549]),/* "setct-CapRevResData" */
-&(nid_objs[585]),/* "setct-CapRevResTBE" */
-&(nid_objs[538]),/* "setct-CapTokenData" */
-&(nid_objs[530]),/* "setct-CapTokenSeq" */
-&(nid_objs[574]),/* "setct-CapTokenTBE" */
-&(nid_objs[575]),/* "setct-CapTokenTBEX" */
-&(nid_objs[539]),/* "setct-CapTokenTBS" */
-&(nid_objs[560]),/* "setct-CardCInitResTBS" */
-&(nid_objs[566]),/* "setct-CertInqReqTBS" */
-&(nid_objs[563]),/* "setct-CertReqData" */
-&(nid_objs[595]),/* "setct-CertReqTBE" */
-&(nid_objs[596]),/* "setct-CertReqTBEX" */
-&(nid_objs[564]),/* "setct-CertReqTBS" */
-&(nid_objs[565]),/* "setct-CertResData" */
-&(nid_objs[597]),/* "setct-CertResTBE" */
-&(nid_objs[586]),/* "setct-CredReqTBE" */
-&(nid_objs[587]),/* "setct-CredReqTBEX" */
-&(nid_objs[550]),/* "setct-CredReqTBS" */
-&(nid_objs[551]),/* "setct-CredReqTBSX" */
-&(nid_objs[552]),/* "setct-CredResData" */
-&(nid_objs[588]),/* "setct-CredResTBE" */
-&(nid_objs[589]),/* "setct-CredRevReqTBE" */
-&(nid_objs[590]),/* "setct-CredRevReqTBEX" */
-&(nid_objs[553]),/* "setct-CredRevReqTBS" */
-&(nid_objs[554]),/* "setct-CredRevReqTBSX" */
-&(nid_objs[555]),/* "setct-CredRevResData" */
-&(nid_objs[591]),/* "setct-CredRevResTBE" */
-&(nid_objs[567]),/* "setct-ErrorTBS" */
-&(nid_objs[526]),/* "setct-HODInput" */
-&(nid_objs[561]),/* "setct-MeAqCInitResTBS" */
-&(nid_objs[522]),/* "setct-OIData" */
-&(nid_objs[519]),/* "setct-PANData" */
-&(nid_objs[521]),/* "setct-PANOnly" */
-&(nid_objs[520]),/* "setct-PANToken" */
-&(nid_objs[556]),/* "setct-PCertReqData" */
-&(nid_objs[557]),/* "setct-PCertResTBS" */
-&(nid_objs[523]),/* "setct-PI" */
-&(nid_objs[532]),/* "setct-PI-TBS" */
-&(nid_objs[524]),/* "setct-PIData" */
-&(nid_objs[525]),/* "setct-PIDataUnsigned" */
-&(nid_objs[568]),/* "setct-PIDualSignedTBE" */
-&(nid_objs[569]),/* "setct-PIUnsignedTBE" */
-&(nid_objs[531]),/* "setct-PInitResData" */
-&(nid_objs[533]),/* "setct-PResData" */
-&(nid_objs[594]),/* "setct-RegFormReqTBE" */
-&(nid_objs[562]),/* "setct-RegFormResTBS" */
-&(nid_objs[606]),/* "setext-cv" */
-&(nid_objs[601]),/* "setext-genCrypt" */
-&(nid_objs[602]),/* "setext-miAuth" */
-&(nid_objs[604]),/* "setext-pinAny" */
-&(nid_objs[603]),/* "setext-pinSecure" */
-&(nid_objs[605]),/* "setext-track2" */
-&(nid_objs[52]),/* "signingTime" */
-&(nid_objs[454]),/* "simpleSecurityObject" */
-&(nid_objs[496]),/* "singleLevelQuality" */
-&(nid_objs[387]),/* "snmpv2" */
-&(nid_objs[660]),/* "street" */
-&(nid_objs[85]),/* "subjectAltName" */
-&(nid_objs[769]),/* "subjectDirectoryAttributes" */
-&(nid_objs[398]),/* "subjectInfoAccess" */
-&(nid_objs[82]),/* "subjectKeyIdentifier" */
-&(nid_objs[498]),/* "subtreeMaximumQuality" */
-&(nid_objs[497]),/* "subtreeMinimumQuality" */
-&(nid_objs[890]),/* "supportedAlgorithms" */
-&(nid_objs[874]),/* "supportedApplicationContext" */
-&(nid_objs[402]),/* "targetInformation" */
-&(nid_objs[864]),/* "telephoneNumber" */
-&(nid_objs[866]),/* "teletexTerminalIdentifier" */
-&(nid_objs[865]),/* "telexNumber" */
-&(nid_objs[459]),/* "textEncodedORAddress" */
-&(nid_objs[293]),/* "textNotice" */
-&(nid_objs[133]),/* "timeStamping" */
-&(nid_objs[106]),/* "title" */
-&(nid_objs[682]),/* "tpBasis" */
-&(nid_objs[375]),/* "trustRoot" */
-&(nid_objs[436]),/* "ucl" */
-&(nid_objs[888]),/* "uniqueMember" */
-&(nid_objs[55]),/* "unstructuredAddress" */
-&(nid_objs[49]),/* "unstructuredName" */
-&(nid_objs[880]),/* "userCertificate" */
-&(nid_objs[465]),/* "userClass" */
-&(nid_objs[879]),/* "userPassword" */
-&(nid_objs[373]),/* "valid" */
-&(nid_objs[678]),/* "wap" */
-&(nid_objs[679]),/* "wap-wsg" */
-&(nid_objs[735]),/* "wap-wsg-idm-ecid-wtls1" */
-&(nid_objs[743]),/* "wap-wsg-idm-ecid-wtls10" */
-&(nid_objs[744]),/* "wap-wsg-idm-ecid-wtls11" */
-&(nid_objs[745]),/* "wap-wsg-idm-ecid-wtls12" */
-&(nid_objs[736]),/* "wap-wsg-idm-ecid-wtls3" */
-&(nid_objs[737]),/* "wap-wsg-idm-ecid-wtls4" */
-&(nid_objs[738]),/* "wap-wsg-idm-ecid-wtls5" */
-&(nid_objs[739]),/* "wap-wsg-idm-ecid-wtls6" */
-&(nid_objs[740]),/* "wap-wsg-idm-ecid-wtls7" */
-&(nid_objs[741]),/* "wap-wsg-idm-ecid-wtls8" */
-&(nid_objs[742]),/* "wap-wsg-idm-ecid-wtls9" */
-&(nid_objs[804]),/* "whirlpool" */
-&(nid_objs[868]),/* "x121Address" */
-&(nid_objs[503]),/* "x500UniqueIdentifier" */
-&(nid_objs[158]),/* "x509Certificate" */
-&(nid_objs[160]),/* "x509Crl" */
+static const unsigned int sn_objs[NUM_SN]={
+364, /* "AD_DVCS" */
+419, /* "AES-128-CBC" */
+916, /* "AES-128-CBC-HMAC-SHA1" */
+421, /* "AES-128-CFB" */
+650, /* "AES-128-CFB1" */
+653, /* "AES-128-CFB8" */
+904, /* "AES-128-CTR" */
+418, /* "AES-128-ECB" */
+420, /* "AES-128-OFB" */
+913, /* "AES-128-XTS" */
+423, /* "AES-192-CBC" */
+917, /* "AES-192-CBC-HMAC-SHA1" */
+425, /* "AES-192-CFB" */
+651, /* "AES-192-CFB1" */
+654, /* "AES-192-CFB8" */
+905, /* "AES-192-CTR" */
+422, /* "AES-192-ECB" */
+424, /* "AES-192-OFB" */
+427, /* "AES-256-CBC" */
+918, /* "AES-256-CBC-HMAC-SHA1" */
+429, /* "AES-256-CFB" */
+652, /* "AES-256-CFB1" */
+655, /* "AES-256-CFB8" */
+906, /* "AES-256-CTR" */
+426, /* "AES-256-ECB" */
+428, /* "AES-256-OFB" */
+914, /* "AES-256-XTS" */
+91, /* "BF-CBC" */
+93, /* "BF-CFB" */
+92, /* "BF-ECB" */
+94, /* "BF-OFB" */
+14, /* "C" */
+751, /* "CAMELLIA-128-CBC" */
+757, /* "CAMELLIA-128-CFB" */
+760, /* "CAMELLIA-128-CFB1" */
+763, /* "CAMELLIA-128-CFB8" */
+754, /* "CAMELLIA-128-ECB" */
+766, /* "CAMELLIA-128-OFB" */
+752, /* "CAMELLIA-192-CBC" */
+758, /* "CAMELLIA-192-CFB" */
+761, /* "CAMELLIA-192-CFB1" */
+764, /* "CAMELLIA-192-CFB8" */
+755, /* "CAMELLIA-192-ECB" */
+767, /* "CAMELLIA-192-OFB" */
+753, /* "CAMELLIA-256-CBC" */
+759, /* "CAMELLIA-256-CFB" */
+762, /* "CAMELLIA-256-CFB1" */
+765, /* "CAMELLIA-256-CFB8" */
+756, /* "CAMELLIA-256-ECB" */
+768, /* "CAMELLIA-256-OFB" */
+108, /* "CAST5-CBC" */
+110, /* "CAST5-CFB" */
+109, /* "CAST5-ECB" */
+111, /* "CAST5-OFB" */
+894, /* "CMAC" */
+13, /* "CN" */
+141, /* "CRLReason" */
+417, /* "CSPName" */
+367, /* "CrlID" */
+391, /* "DC" */
+31, /* "DES-CBC" */
+643, /* "DES-CDMF" */
+30, /* "DES-CFB" */
+656, /* "DES-CFB1" */
+657, /* "DES-CFB8" */
+29, /* "DES-ECB" */
+32, /* "DES-EDE" */
+43, /* "DES-EDE-CBC" */
+60, /* "DES-EDE-CFB" */
+62, /* "DES-EDE-OFB" */
+33, /* "DES-EDE3" */
+44, /* "DES-EDE3-CBC" */
+61, /* "DES-EDE3-CFB" */
+658, /* "DES-EDE3-CFB1" */
+659, /* "DES-EDE3-CFB8" */
+63, /* "DES-EDE3-OFB" */
+45, /* "DES-OFB" */
+80, /* "DESX-CBC" */
+380, /* "DOD" */
+116, /* "DSA" */
+66, /* "DSA-SHA" */
+113, /* "DSA-SHA1" */
+70, /* "DSA-SHA1-old" */
+67, /* "DSA-old" */
+297, /* "DVCS" */
+99, /* "GN" */
+855, /* "HMAC" */
+780, /* "HMAC-MD5" */
+781, /* "HMAC-SHA1" */
+381, /* "IANA" */
+34, /* "IDEA-CBC" */
+35, /* "IDEA-CFB" */
+36, /* "IDEA-ECB" */
+46, /* "IDEA-OFB" */
+181, /* "ISO" */
+183, /* "ISO-US" */
+645, /* "ITU-T" */
+646, /* "JOINT-ISO-ITU-T" */
+773, /* "KISA" */
+15, /* "L" */
+856, /* "LocalKeySet" */
+ 3, /* "MD2" */
+257, /* "MD4" */
+ 4, /* "MD5" */
+114, /* "MD5-SHA1" */
+95, /* "MDC2" */
+911, /* "MGF1" */
+388, /* "Mail" */
+393, /* "NULL" */
+404, /* "NULL" */
+57, /* "Netscape" */
+366, /* "Nonce" */
+17, /* "O" */
+178, /* "OCSP" */
+180, /* "OCSPSigning" */
+379, /* "ORG" */
+18, /* "OU" */
+749, /* "Oakley-EC2N-3" */
+750, /* "Oakley-EC2N-4" */
+ 9, /* "PBE-MD2-DES" */
+168, /* "PBE-MD2-RC2-64" */
+10, /* "PBE-MD5-DES" */
+169, /* "PBE-MD5-RC2-64" */
+147, /* "PBE-SHA1-2DES" */
+146, /* "PBE-SHA1-3DES" */
+170, /* "PBE-SHA1-DES" */
+148, /* "PBE-SHA1-RC2-128" */
+149, /* "PBE-SHA1-RC2-40" */
+68, /* "PBE-SHA1-RC2-64" */
+144, /* "PBE-SHA1-RC4-128" */
+145, /* "PBE-SHA1-RC4-40" */
+161, /* "PBES2" */
+69, /* "PBKDF2" */
+162, /* "PBMAC1" */
+127, /* "PKIX" */
+98, /* "RC2-40-CBC" */
+166, /* "RC2-64-CBC" */
+37, /* "RC2-CBC" */
+39, /* "RC2-CFB" */
+38, /* "RC2-ECB" */
+40, /* "RC2-OFB" */
+ 5, /* "RC4" */
+97, /* "RC4-40" */
+915, /* "RC4-HMAC-MD5" */
+120, /* "RC5-CBC" */
+122, /* "RC5-CFB" */
+121, /* "RC5-ECB" */
+123, /* "RC5-OFB" */
+117, /* "RIPEMD160" */
+124, /* "RLE" */
+19, /* "RSA" */
+ 7, /* "RSA-MD2" */
+396, /* "RSA-MD4" */
+ 8, /* "RSA-MD5" */
+96, /* "RSA-MDC2" */
+104, /* "RSA-NP-MD5" */
+119, /* "RSA-RIPEMD160" */
+42, /* "RSA-SHA" */
+65, /* "RSA-SHA1" */
+115, /* "RSA-SHA1-2" */
+671, /* "RSA-SHA224" */
+668, /* "RSA-SHA256" */
+669, /* "RSA-SHA384" */
+670, /* "RSA-SHA512" */
+919, /* "RSAES-OAEP" */
+912, /* "RSASSA-PSS" */
+777, /* "SEED-CBC" */
+779, /* "SEED-CFB" */
+776, /* "SEED-ECB" */
+778, /* "SEED-OFB" */
+41, /* "SHA" */
+64, /* "SHA1" */
+675, /* "SHA224" */
+672, /* "SHA256" */
+673, /* "SHA384" */
+674, /* "SHA512" */
+188, /* "SMIME" */
+167, /* "SMIME-CAPS" */
+100, /* "SN" */
+16, /* "ST" */
+143, /* "SXNetID" */
+458, /* "UID" */
+ 0, /* "UNDEF" */
+11, /* "X500" */
+378, /* "X500algorithms" */
+12, /* "X509" */
+184, /* "X9-57" */
+185, /* "X9cm" */
+125, /* "ZLIB" */
+478, /* "aRecord" */
+289, /* "aaControls" */
+287, /* "ac-auditEntity" */
+397, /* "ac-proxying" */
+288, /* "ac-targeting" */
+368, /* "acceptableResponses" */
+446, /* "account" */
+363, /* "ad_timestamping" */
+376, /* "algorithm" */
+405, /* "ansi-X9-62" */
+910, /* "anyExtendedKeyUsage" */
+746, /* "anyPolicy" */
+370, /* "archiveCutoff" */
+484, /* "associatedDomain" */
+485, /* "associatedName" */
+501, /* "audio" */
+177, /* "authorityInfoAccess" */
+90, /* "authorityKeyIdentifier" */
+882, /* "authorityRevocationList" */
+87, /* "basicConstraints" */
+365, /* "basicOCSPResponse" */
+285, /* "biometricInfo" */
+494, /* "buildingName" */
+860, /* "businessCategory" */
+691, /* "c2onb191v4" */
+692, /* "c2onb191v5" */
+697, /* "c2onb239v4" */
+698, /* "c2onb239v5" */
+684, /* "c2pnb163v1" */
+685, /* "c2pnb163v2" */
+686, /* "c2pnb163v3" */
+687, /* "c2pnb176v1" */
+693, /* "c2pnb208w1" */
+699, /* "c2pnb272w1" */
+700, /* "c2pnb304w1" */
+702, /* "c2pnb368w1" */
+688, /* "c2tnb191v1" */
+689, /* "c2tnb191v2" */
+690, /* "c2tnb191v3" */
+694, /* "c2tnb239v1" */
+695, /* "c2tnb239v2" */
+696, /* "c2tnb239v3" */
+701, /* "c2tnb359v1" */
+703, /* "c2tnb431r1" */
+881, /* "cACertificate" */
+483, /* "cNAMERecord" */
+179, /* "caIssuers" */
+785, /* "caRepository" */
+443, /* "caseIgnoreIA5StringSyntax" */
+152, /* "certBag" */
+677, /* "certicom-arc" */
+771, /* "certificateIssuer" */
+89, /* "certificatePolicies" */
+883, /* "certificateRevocationList" */
+54, /* "challengePassword" */
+407, /* "characteristic-two-field" */
+395, /* "clearance" */
+130, /* "clientAuth" */
+131, /* "codeSigning" */
+50, /* "contentType" */
+53, /* "countersignature" */
+153, /* "crlBag" */
+103, /* "crlDistributionPoints" */
+88, /* "crlNumber" */
+884, /* "crossCertificatePair" */
+806, /* "cryptocom" */
+805, /* "cryptopro" */
+500, /* "dITRedirect" */
+451, /* "dNSDomain" */
+495, /* "dSAQuality" */
+434, /* "data" */
+390, /* "dcobject" */
+140, /* "deltaCRL" */
+891, /* "deltaRevocationList" */
+107, /* "description" */
+871, /* "destinationIndicator" */
+28, /* "dhKeyAgreement" */
+382, /* "directory" */
+887, /* "distinguishedName" */
+892, /* "dmdName" */
+174, /* "dnQualifier" */
+447, /* "document" */
+471, /* "documentAuthor" */
+468, /* "documentIdentifier" */
+472, /* "documentLocation" */
+502, /* "documentPublisher" */
+449, /* "documentSeries" */
+469, /* "documentTitle" */
+470, /* "documentVersion" */
+392, /* "domain" */
+452, /* "domainRelatedObject" */
+802, /* "dsa_with_SHA224" */
+803, /* "dsa_with_SHA256" */
+791, /* "ecdsa-with-Recommended" */
+416, /* "ecdsa-with-SHA1" */
+793, /* "ecdsa-with-SHA224" */
+794, /* "ecdsa-with-SHA256" */
+795, /* "ecdsa-with-SHA384" */
+796, /* "ecdsa-with-SHA512" */
+792, /* "ecdsa-with-Specified" */
+48, /* "emailAddress" */
+132, /* "emailProtection" */
+885, /* "enhancedSearchGuide" */
+389, /* "enterprises" */
+384, /* "experimental" */
+172, /* "extReq" */
+56, /* "extendedCertificateAttributes" */
+126, /* "extendedKeyUsage" */
+372, /* "extendedStatus" */
+867, /* "facsimileTelephoneNumber" */
+462, /* "favouriteDrink" */
+857, /* "freshestCRL" */
+453, /* "friendlyCountry" */
+490, /* "friendlyCountryName" */
+156, /* "friendlyName" */
+509, /* "generationQualifier" */
+815, /* "gost-mac" */
+811, /* "gost2001" */
+851, /* "gost2001cc" */
+813, /* "gost89" */
+814, /* "gost89-cnt" */
+812, /* "gost94" */
+850, /* "gost94cc" */
+797, /* "hmacWithMD5" */
+163, /* "hmacWithSHA1" */
+798, /* "hmacWithSHA224" */
+799, /* "hmacWithSHA256" */
+800, /* "hmacWithSHA384" */
+801, /* "hmacWithSHA512" */
+432, /* "holdInstructionCallIssuer" */
+430, /* "holdInstructionCode" */
+431, /* "holdInstructionNone" */
+433, /* "holdInstructionReject" */
+486, /* "homePostalAddress" */
+473, /* "homeTelephoneNumber" */
+466, /* "host" */
+889, /* "houseIdentifier" */
+442, /* "iA5StringSyntax" */
+783, /* "id-DHBasedMac" */
+824, /* "id-Gost28147-89-CryptoPro-A-ParamSet" */
+825, /* "id-Gost28147-89-CryptoPro-B-ParamSet" */
+826, /* "id-Gost28147-89-CryptoPro-C-ParamSet" */
+827, /* "id-Gost28147-89-CryptoPro-D-ParamSet" */
+819, /* "id-Gost28147-89-CryptoPro-KeyMeshing" */
+829, /* "id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet" */
+828, /* "id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet" */
+830, /* "id-Gost28147-89-CryptoPro-RIC-1-ParamSet" */
+820, /* "id-Gost28147-89-None-KeyMeshing" */
+823, /* "id-Gost28147-89-TestParamSet" */
+849, /* "id-Gost28147-89-cc" */
+840, /* "id-GostR3410-2001-CryptoPro-A-ParamSet" */
+841, /* "id-GostR3410-2001-CryptoPro-B-ParamSet" */
+842, /* "id-GostR3410-2001-CryptoPro-C-ParamSet" */
+843, /* "id-GostR3410-2001-CryptoPro-XchA-ParamSet" */
+844, /* "id-GostR3410-2001-CryptoPro-XchB-ParamSet" */
+854, /* "id-GostR3410-2001-ParamSet-cc" */
+839, /* "id-GostR3410-2001-TestParamSet" */
+817, /* "id-GostR3410-2001DH" */
+832, /* "id-GostR3410-94-CryptoPro-A-ParamSet" */
+833, /* "id-GostR3410-94-CryptoPro-B-ParamSet" */
+834, /* "id-GostR3410-94-CryptoPro-C-ParamSet" */
+835, /* "id-GostR3410-94-CryptoPro-D-ParamSet" */
+836, /* "id-GostR3410-94-CryptoPro-XchA-ParamSet" */
+837, /* "id-GostR3410-94-CryptoPro-XchB-ParamSet" */
+838, /* "id-GostR3410-94-CryptoPro-XchC-ParamSet" */
+831, /* "id-GostR3410-94-TestParamSet" */
+845, /* "id-GostR3410-94-a" */
+846, /* "id-GostR3410-94-aBis" */
+847, /* "id-GostR3410-94-b" */
+848, /* "id-GostR3410-94-bBis" */
+818, /* "id-GostR3410-94DH" */
+822, /* "id-GostR3411-94-CryptoProParamSet" */
+821, /* "id-GostR3411-94-TestParamSet" */
+807, /* "id-GostR3411-94-with-GostR3410-2001" */
+853, /* "id-GostR3411-94-with-GostR3410-2001-cc" */
+808, /* "id-GostR3411-94-with-GostR3410-94" */
+852, /* "id-GostR3411-94-with-GostR3410-94-cc" */
+810, /* "id-HMACGostR3411-94" */
+782, /* "id-PasswordBasedMAC" */
+266, /* "id-aca" */
+355, /* "id-aca-accessIdentity" */
+354, /* "id-aca-authenticationInfo" */
+356, /* "id-aca-chargingIdentity" */
+399, /* "id-aca-encAttrs" */
+357, /* "id-aca-group" */
+358, /* "id-aca-role" */
+176, /* "id-ad" */
+896, /* "id-aes128-CCM" */
+895, /* "id-aes128-GCM" */
+788, /* "id-aes128-wrap" */
+897, /* "id-aes128-wrap-pad" */
+899, /* "id-aes192-CCM" */
+898, /* "id-aes192-GCM" */
+789, /* "id-aes192-wrap" */
+900, /* "id-aes192-wrap-pad" */
+902, /* "id-aes256-CCM" */
+901, /* "id-aes256-GCM" */
+790, /* "id-aes256-wrap" */
+903, /* "id-aes256-wrap-pad" */
+262, /* "id-alg" */
+893, /* "id-alg-PWRI-KEK" */
+323, /* "id-alg-des40" */
+326, /* "id-alg-dh-pop" */
+325, /* "id-alg-dh-sig-hmac-sha1" */
+324, /* "id-alg-noSignature" */
+907, /* "id-camellia128-wrap" */
+908, /* "id-camellia192-wrap" */
+909, /* "id-camellia256-wrap" */
+268, /* "id-cct" */
+361, /* "id-cct-PKIData" */
+362, /* "id-cct-PKIResponse" */
+360, /* "id-cct-crs" */
+81, /* "id-ce" */
+680, /* "id-characteristic-two-basis" */
+263, /* "id-cmc" */
+334, /* "id-cmc-addExtensions" */
+346, /* "id-cmc-confirmCertAcceptance" */
+330, /* "id-cmc-dataReturn" */
+336, /* "id-cmc-decryptedPOP" */
+335, /* "id-cmc-encryptedPOP" */
+339, /* "id-cmc-getCRL" */
+338, /* "id-cmc-getCert" */
+328, /* "id-cmc-identification" */
+329, /* "id-cmc-identityProof" */
+337, /* "id-cmc-lraPOPWitness" */
+344, /* "id-cmc-popLinkRandom" */
+345, /* "id-cmc-popLinkWitness" */
+343, /* "id-cmc-queryPending" */
+333, /* "id-cmc-recipientNonce" */
+341, /* "id-cmc-regInfo" */
+342, /* "id-cmc-responseInfo" */
+340, /* "id-cmc-revokeRequest" */
+332, /* "id-cmc-senderNonce" */
+327, /* "id-cmc-statusInfo" */
+331, /* "id-cmc-transactionId" */
+787, /* "id-ct-asciiTextWithCRLF" */
+408, /* "id-ecPublicKey" */
+508, /* "id-hex-multipart-message" */
+507, /* "id-hex-partial-message" */
+260, /* "id-it" */
+302, /* "id-it-caKeyUpdateInfo" */
+298, /* "id-it-caProtEncCert" */
+311, /* "id-it-confirmWaitTime" */
+303, /* "id-it-currentCRL" */
+300, /* "id-it-encKeyPairTypes" */
+310, /* "id-it-implicitConfirm" */
+308, /* "id-it-keyPairParamRep" */
+307, /* "id-it-keyPairParamReq" */
+312, /* "id-it-origPKIMessage" */
+301, /* "id-it-preferredSymmAlg" */
+309, /* "id-it-revPassphrase" */
+299, /* "id-it-signKeyPairTypes" */
+305, /* "id-it-subscriptionRequest" */
+306, /* "id-it-subscriptionResponse" */
+784, /* "id-it-suppLangTags" */
+304, /* "id-it-unsupportedOIDs" */
+128, /* "id-kp" */
+280, /* "id-mod-attribute-cert" */
+274, /* "id-mod-cmc" */
+277, /* "id-mod-cmp" */
+284, /* "id-mod-cmp2000" */
+273, /* "id-mod-crmf" */
+283, /* "id-mod-dvcs" */
+275, /* "id-mod-kea-profile-88" */
+276, /* "id-mod-kea-profile-93" */
+282, /* "id-mod-ocsp" */
+278, /* "id-mod-qualified-cert-88" */
+279, /* "id-mod-qualified-cert-93" */
+281, /* "id-mod-timestamp-protocol" */
+264, /* "id-on" */
+858, /* "id-on-permanentIdentifier" */
+347, /* "id-on-personalData" */
+265, /* "id-pda" */
+352, /* "id-pda-countryOfCitizenship" */
+353, /* "id-pda-countryOfResidence" */
+348, /* "id-pda-dateOfBirth" */
+351, /* "id-pda-gender" */
+349, /* "id-pda-placeOfBirth" */
+175, /* "id-pe" */
+261, /* "id-pkip" */
+258, /* "id-pkix-mod" */
+269, /* "id-pkix1-explicit-88" */
+271, /* "id-pkix1-explicit-93" */
+270, /* "id-pkix1-implicit-88" */
+272, /* "id-pkix1-implicit-93" */
+662, /* "id-ppl" */
+664, /* "id-ppl-anyLanguage" */
+667, /* "id-ppl-independent" */
+665, /* "id-ppl-inheritAll" */
+267, /* "id-qcs" */
+359, /* "id-qcs-pkixQCSyntax-v1" */
+259, /* "id-qt" */
+164, /* "id-qt-cps" */
+165, /* "id-qt-unotice" */
+313, /* "id-regCtrl" */
+316, /* "id-regCtrl-authenticator" */
+319, /* "id-regCtrl-oldCertID" */
+318, /* "id-regCtrl-pkiArchiveOptions" */
+317, /* "id-regCtrl-pkiPublicationInfo" */
+320, /* "id-regCtrl-protocolEncrKey" */
+315, /* "id-regCtrl-regToken" */
+314, /* "id-regInfo" */
+322, /* "id-regInfo-certReq" */
+321, /* "id-regInfo-utf8Pairs" */
+512, /* "id-set" */
+191, /* "id-smime-aa" */
+215, /* "id-smime-aa-contentHint" */
+218, /* "id-smime-aa-contentIdentifier" */
+221, /* "id-smime-aa-contentReference" */
+240, /* "id-smime-aa-dvcs-dvc" */
+217, /* "id-smime-aa-encapContentType" */
+222, /* "id-smime-aa-encrypKeyPref" */
+220, /* "id-smime-aa-equivalentLabels" */
+232, /* "id-smime-aa-ets-CertificateRefs" */
+233, /* "id-smime-aa-ets-RevocationRefs" */
+238, /* "id-smime-aa-ets-archiveTimeStamp" */
+237, /* "id-smime-aa-ets-certCRLTimestamp" */
+234, /* "id-smime-aa-ets-certValues" */
+227, /* "id-smime-aa-ets-commitmentType" */
+231, /* "id-smime-aa-ets-contentTimestamp" */
+236, /* "id-smime-aa-ets-escTimeStamp" */
+230, /* "id-smime-aa-ets-otherSigCert" */
+235, /* "id-smime-aa-ets-revocationValues" */
+226, /* "id-smime-aa-ets-sigPolicyId" */
+229, /* "id-smime-aa-ets-signerAttr" */
+228, /* "id-smime-aa-ets-signerLocation" */
+219, /* "id-smime-aa-macValue" */
+214, /* "id-smime-aa-mlExpandHistory" */
+216, /* "id-smime-aa-msgSigDigest" */
+212, /* "id-smime-aa-receiptRequest" */
+213, /* "id-smime-aa-securityLabel" */
+239, /* "id-smime-aa-signatureType" */
+223, /* "id-smime-aa-signingCertificate" */
+224, /* "id-smime-aa-smimeEncryptCerts" */
+225, /* "id-smime-aa-timeStampToken" */
+192, /* "id-smime-alg" */
+243, /* "id-smime-alg-3DESwrap" */
+246, /* "id-smime-alg-CMS3DESwrap" */
+247, /* "id-smime-alg-CMSRC2wrap" */
+245, /* "id-smime-alg-ESDH" */
+241, /* "id-smime-alg-ESDHwith3DES" */
+242, /* "id-smime-alg-ESDHwithRC2" */
+244, /* "id-smime-alg-RC2wrap" */
+193, /* "id-smime-cd" */
+248, /* "id-smime-cd-ldap" */
+190, /* "id-smime-ct" */
+210, /* "id-smime-ct-DVCSRequestData" */
+211, /* "id-smime-ct-DVCSResponseData" */
+208, /* "id-smime-ct-TDTInfo" */
+207, /* "id-smime-ct-TSTInfo" */
+205, /* "id-smime-ct-authData" */
+786, /* "id-smime-ct-compressedData" */
+209, /* "id-smime-ct-contentInfo" */
+206, /* "id-smime-ct-publishCert" */
+204, /* "id-smime-ct-receipt" */
+195, /* "id-smime-cti" */
+255, /* "id-smime-cti-ets-proofOfApproval" */
+256, /* "id-smime-cti-ets-proofOfCreation" */
+253, /* "id-smime-cti-ets-proofOfDelivery" */
+251, /* "id-smime-cti-ets-proofOfOrigin" */
+252, /* "id-smime-cti-ets-proofOfReceipt" */
+254, /* "id-smime-cti-ets-proofOfSender" */
+189, /* "id-smime-mod" */
+196, /* "id-smime-mod-cms" */
+197, /* "id-smime-mod-ess" */
+202, /* "id-smime-mod-ets-eSigPolicy-88" */
+203, /* "id-smime-mod-ets-eSigPolicy-97" */
+200, /* "id-smime-mod-ets-eSignature-88" */
+201, /* "id-smime-mod-ets-eSignature-97" */
+199, /* "id-smime-mod-msg-v3" */
+198, /* "id-smime-mod-oid" */
+194, /* "id-smime-spq" */
+250, /* "id-smime-spq-ets-sqt-unotice" */
+249, /* "id-smime-spq-ets-sqt-uri" */
+676, /* "identified-organization" */
+461, /* "info" */
+748, /* "inhibitAnyPolicy" */
+101, /* "initials" */
+647, /* "international-organizations" */
+869, /* "internationaliSDNNumber" */
+142, /* "invalidityDate" */
+294, /* "ipsecEndSystem" */
+295, /* "ipsecTunnel" */
+296, /* "ipsecUser" */
+86, /* "issuerAltName" */
+770, /* "issuingDistributionPoint" */
+492, /* "janetMailbox" */
+150, /* "keyBag" */
+83, /* "keyUsage" */
+477, /* "lastModifiedBy" */
+476, /* "lastModifiedTime" */
+157, /* "localKeyID" */
+480, /* "mXRecord" */
+460, /* "mail" */
+493, /* "mailPreferenceOption" */
+467, /* "manager" */
+809, /* "md_gost94" */
+875, /* "member" */
+182, /* "member-body" */
+51, /* "messageDigest" */
+383, /* "mgmt" */
+504, /* "mime-mhs" */
+506, /* "mime-mhs-bodies" */
+505, /* "mime-mhs-headings" */
+488, /* "mobileTelephoneNumber" */
+136, /* "msCTLSign" */
+135, /* "msCodeCom" */
+134, /* "msCodeInd" */
+138, /* "msEFS" */
+171, /* "msExtReq" */
+137, /* "msSGC" */
+648, /* "msSmartcardLogin" */
+649, /* "msUPN" */
+481, /* "nSRecord" */
+173, /* "name" */
+666, /* "nameConstraints" */
+369, /* "noCheck" */
+403, /* "noRevAvail" */
+72, /* "nsBaseUrl" */
+76, /* "nsCaPolicyUrl" */
+74, /* "nsCaRevocationUrl" */
+58, /* "nsCertExt" */
+79, /* "nsCertSequence" */
+71, /* "nsCertType" */
+78, /* "nsComment" */
+59, /* "nsDataType" */
+75, /* "nsRenewalUrl" */
+73, /* "nsRevocationUrl" */
+139, /* "nsSGC" */
+77, /* "nsSslServerName" */
+681, /* "onBasis" */
+491, /* "organizationalStatus" */
+475, /* "otherMailbox" */
+876, /* "owner" */
+489, /* "pagerTelephoneNumber" */
+374, /* "path" */
+112, /* "pbeWithMD5AndCast5CBC" */
+499, /* "personalSignature" */
+487, /* "personalTitle" */
+464, /* "photo" */
+863, /* "physicalDeliveryOfficeName" */
+437, /* "pilot" */
+439, /* "pilotAttributeSyntax" */
+438, /* "pilotAttributeType" */
+479, /* "pilotAttributeType27" */
+456, /* "pilotDSA" */
+441, /* "pilotGroups" */
+444, /* "pilotObject" */
+440, /* "pilotObjectClass" */
+455, /* "pilotOrganization" */
+445, /* "pilotPerson" */
+ 2, /* "pkcs" */
+186, /* "pkcs1" */
+27, /* "pkcs3" */
+187, /* "pkcs5" */
+20, /* "pkcs7" */
+21, /* "pkcs7-data" */
+25, /* "pkcs7-digestData" */
+26, /* "pkcs7-encryptedData" */
+23, /* "pkcs7-envelopedData" */
+24, /* "pkcs7-signedAndEnvelopedData" */
+22, /* "pkcs7-signedData" */
+151, /* "pkcs8ShroudedKeyBag" */
+47, /* "pkcs9" */
+401, /* "policyConstraints" */
+747, /* "policyMappings" */
+862, /* "postOfficeBox" */
+861, /* "postalAddress" */
+661, /* "postalCode" */
+683, /* "ppBasis" */
+872, /* "preferredDeliveryMethod" */
+873, /* "presentationAddress" */
+816, /* "prf-gostr3411-94" */
+406, /* "prime-field" */
+409, /* "prime192v1" */
+410, /* "prime192v2" */
+411, /* "prime192v3" */
+412, /* "prime239v1" */
+413, /* "prime239v2" */
+414, /* "prime239v3" */
+415, /* "prime256v1" */
+385, /* "private" */
+84, /* "privateKeyUsagePeriod" */
+886, /* "protocolInformation" */
+663, /* "proxyCertInfo" */
+510, /* "pseudonym" */
+435, /* "pss" */
+286, /* "qcStatements" */
+457, /* "qualityLabelledData" */
+450, /* "rFC822localPart" */
+870, /* "registeredAddress" */
+400, /* "role" */
+877, /* "roleOccupant" */
+448, /* "room" */
+463, /* "roomNumber" */
+ 6, /* "rsaEncryption" */
+644, /* "rsaOAEPEncryptionSET" */
+377, /* "rsaSignature" */
+ 1, /* "rsadsi" */
+482, /* "sOARecord" */
+155, /* "safeContentsBag" */
+291, /* "sbgp-autonomousSysNum" */
+290, /* "sbgp-ipAddrBlock" */
+292, /* "sbgp-routerIdentifier" */
+159, /* "sdsiCertificate" */
+859, /* "searchGuide" */
+704, /* "secp112r1" */
+705, /* "secp112r2" */
+706, /* "secp128r1" */
+707, /* "secp128r2" */
+708, /* "secp160k1" */
+709, /* "secp160r1" */
+710, /* "secp160r2" */
+711, /* "secp192k1" */
+712, /* "secp224k1" */
+713, /* "secp224r1" */
+714, /* "secp256k1" */
+715, /* "secp384r1" */
+716, /* "secp521r1" */
+154, /* "secretBag" */
+474, /* "secretary" */
+717, /* "sect113r1" */
+718, /* "sect113r2" */
+719, /* "sect131r1" */
+720, /* "sect131r2" */
+721, /* "sect163k1" */
+722, /* "sect163r1" */
+723, /* "sect163r2" */
+724, /* "sect193r1" */
+725, /* "sect193r2" */
+726, /* "sect233k1" */
+727, /* "sect233r1" */
+728, /* "sect239k1" */
+729, /* "sect283k1" */
+730, /* "sect283r1" */
+731, /* "sect409k1" */
+732, /* "sect409r1" */
+733, /* "sect571k1" */
+734, /* "sect571r1" */
+386, /* "security" */
+878, /* "seeAlso" */
+394, /* "selected-attribute-types" */
+105, /* "serialNumber" */
+129, /* "serverAuth" */
+371, /* "serviceLocator" */
+625, /* "set-addPolicy" */
+515, /* "set-attr" */
+518, /* "set-brand" */
+638, /* "set-brand-AmericanExpress" */
+637, /* "set-brand-Diners" */
+636, /* "set-brand-IATA-ATA" */
+639, /* "set-brand-JCB" */
+641, /* "set-brand-MasterCard" */
+642, /* "set-brand-Novus" */
+640, /* "set-brand-Visa" */
+517, /* "set-certExt" */
+513, /* "set-ctype" */
+514, /* "set-msgExt" */
+516, /* "set-policy" */
+607, /* "set-policy-root" */
+624, /* "set-rootKeyThumb" */
+620, /* "setAttr-Cert" */
+631, /* "setAttr-GenCryptgrm" */
+623, /* "setAttr-IssCap" */
+628, /* "setAttr-IssCap-CVM" */
+630, /* "setAttr-IssCap-Sig" */
+629, /* "setAttr-IssCap-T2" */
+621, /* "setAttr-PGWYcap" */
+635, /* "setAttr-SecDevSig" */
+632, /* "setAttr-T2Enc" */
+633, /* "setAttr-T2cleartxt" */
+634, /* "setAttr-TokICCsig" */
+627, /* "setAttr-Token-B0Prime" */
+626, /* "setAttr-Token-EMV" */
+622, /* "setAttr-TokenType" */
+619, /* "setCext-IssuerCapabilities" */
+615, /* "setCext-PGWYcapabilities" */
+616, /* "setCext-TokenIdentifier" */
+618, /* "setCext-TokenType" */
+617, /* "setCext-Track2Data" */
+611, /* "setCext-cCertRequired" */
+609, /* "setCext-certType" */
+608, /* "setCext-hashedRoot" */
+610, /* "setCext-merchData" */
+613, /* "setCext-setExt" */
+614, /* "setCext-setQualf" */
+612, /* "setCext-tunneling" */
+540, /* "setct-AcqCardCodeMsg" */
+576, /* "setct-AcqCardCodeMsgTBE" */
+570, /* "setct-AuthReqTBE" */
+534, /* "setct-AuthReqTBS" */
+527, /* "setct-AuthResBaggage" */
+571, /* "setct-AuthResTBE" */
+572, /* "setct-AuthResTBEX" */
+535, /* "setct-AuthResTBS" */
+536, /* "setct-AuthResTBSX" */
+528, /* "setct-AuthRevReqBaggage" */
+577, /* "setct-AuthRevReqTBE" */
+541, /* "setct-AuthRevReqTBS" */
+529, /* "setct-AuthRevResBaggage" */
+542, /* "setct-AuthRevResData" */
+578, /* "setct-AuthRevResTBE" */
+579, /* "setct-AuthRevResTBEB" */
+543, /* "setct-AuthRevResTBS" */
+573, /* "setct-AuthTokenTBE" */
+537, /* "setct-AuthTokenTBS" */
+600, /* "setct-BCIDistributionTBS" */
+558, /* "setct-BatchAdminReqData" */
+592, /* "setct-BatchAdminReqTBE" */
+559, /* "setct-BatchAdminResData" */
+593, /* "setct-BatchAdminResTBE" */
+599, /* "setct-CRLNotificationResTBS" */
+598, /* "setct-CRLNotificationTBS" */
+580, /* "setct-CapReqTBE" */
+581, /* "setct-CapReqTBEX" */
+544, /* "setct-CapReqTBS" */
+545, /* "setct-CapReqTBSX" */
+546, /* "setct-CapResData" */
+582, /* "setct-CapResTBE" */
+583, /* "setct-CapRevReqTBE" */
+584, /* "setct-CapRevReqTBEX" */
+547, /* "setct-CapRevReqTBS" */
+548, /* "setct-CapRevReqTBSX" */
+549, /* "setct-CapRevResData" */
+585, /* "setct-CapRevResTBE" */
+538, /* "setct-CapTokenData" */
+530, /* "setct-CapTokenSeq" */
+574, /* "setct-CapTokenTBE" */
+575, /* "setct-CapTokenTBEX" */
+539, /* "setct-CapTokenTBS" */
+560, /* "setct-CardCInitResTBS" */
+566, /* "setct-CertInqReqTBS" */
+563, /* "setct-CertReqData" */
+595, /* "setct-CertReqTBE" */
+596, /* "setct-CertReqTBEX" */
+564, /* "setct-CertReqTBS" */
+565, /* "setct-CertResData" */
+597, /* "setct-CertResTBE" */
+586, /* "setct-CredReqTBE" */
+587, /* "setct-CredReqTBEX" */
+550, /* "setct-CredReqTBS" */
+551, /* "setct-CredReqTBSX" */
+552, /* "setct-CredResData" */
+588, /* "setct-CredResTBE" */
+589, /* "setct-CredRevReqTBE" */
+590, /* "setct-CredRevReqTBEX" */
+553, /* "setct-CredRevReqTBS" */
+554, /* "setct-CredRevReqTBSX" */
+555, /* "setct-CredRevResData" */
+591, /* "setct-CredRevResTBE" */
+567, /* "setct-ErrorTBS" */
+526, /* "setct-HODInput" */
+561, /* "setct-MeAqCInitResTBS" */
+522, /* "setct-OIData" */
+519, /* "setct-PANData" */
+521, /* "setct-PANOnly" */
+520, /* "setct-PANToken" */
+556, /* "setct-PCertReqData" */
+557, /* "setct-PCertResTBS" */
+523, /* "setct-PI" */
+532, /* "setct-PI-TBS" */
+524, /* "setct-PIData" */
+525, /* "setct-PIDataUnsigned" */
+568, /* "setct-PIDualSignedTBE" */
+569, /* "setct-PIUnsignedTBE" */
+531, /* "setct-PInitResData" */
+533, /* "setct-PResData" */
+594, /* "setct-RegFormReqTBE" */
+562, /* "setct-RegFormResTBS" */
+606, /* "setext-cv" */
+601, /* "setext-genCrypt" */
+602, /* "setext-miAuth" */
+604, /* "setext-pinAny" */
+603, /* "setext-pinSecure" */
+605, /* "setext-track2" */
+52, /* "signingTime" */
+454, /* "simpleSecurityObject" */
+496, /* "singleLevelQuality" */
+387, /* "snmpv2" */
+660, /* "street" */
+85, /* "subjectAltName" */
+769, /* "subjectDirectoryAttributes" */
+398, /* "subjectInfoAccess" */
+82, /* "subjectKeyIdentifier" */
+498, /* "subtreeMaximumQuality" */
+497, /* "subtreeMinimumQuality" */
+890, /* "supportedAlgorithms" */
+874, /* "supportedApplicationContext" */
+402, /* "targetInformation" */
+864, /* "telephoneNumber" */
+866, /* "teletexTerminalIdentifier" */
+865, /* "telexNumber" */
+459, /* "textEncodedORAddress" */
+293, /* "textNotice" */
+133, /* "timeStamping" */
+106, /* "title" */
+682, /* "tpBasis" */
+375, /* "trustRoot" */
+436, /* "ucl" */
+888, /* "uniqueMember" */
+55, /* "unstructuredAddress" */
+49, /* "unstructuredName" */
+880, /* "userCertificate" */
+465, /* "userClass" */
+879, /* "userPassword" */
+373, /* "valid" */
+678, /* "wap" */
+679, /* "wap-wsg" */
+735, /* "wap-wsg-idm-ecid-wtls1" */
+743, /* "wap-wsg-idm-ecid-wtls10" */
+744, /* "wap-wsg-idm-ecid-wtls11" */
+745, /* "wap-wsg-idm-ecid-wtls12" */
+736, /* "wap-wsg-idm-ecid-wtls3" */
+737, /* "wap-wsg-idm-ecid-wtls4" */
+738, /* "wap-wsg-idm-ecid-wtls5" */
+739, /* "wap-wsg-idm-ecid-wtls6" */
+740, /* "wap-wsg-idm-ecid-wtls7" */
+741, /* "wap-wsg-idm-ecid-wtls8" */
+742, /* "wap-wsg-idm-ecid-wtls9" */
+804, /* "whirlpool" */
+868, /* "x121Address" */
+503, /* "x500UniqueIdentifier" */
+158, /* "x509Certificate" */
+160, /* "x509Crl" */
};
-static ASN1_OBJECT *ln_objs[NUM_LN]={
-&(nid_objs[363]),/* "AD Time Stamping" */
-&(nid_objs[405]),/* "ANSI X9.62" */
-&(nid_objs[368]),/* "Acceptable OCSP Responses" */
-&(nid_objs[664]),/* "Any language" */
-&(nid_objs[177]),/* "Authority Information Access" */
-&(nid_objs[365]),/* "Basic OCSP Response" */
-&(nid_objs[285]),/* "Biometric Info" */
-&(nid_objs[179]),/* "CA Issuers" */
-&(nid_objs[785]),/* "CA Repository" */
-&(nid_objs[131]),/* "Code Signing" */
-&(nid_objs[783]),/* "Diffie-Hellman based MAC" */
-&(nid_objs[382]),/* "Directory" */
-&(nid_objs[392]),/* "Domain" */
-&(nid_objs[132]),/* "E-mail Protection" */
-&(nid_objs[389]),/* "Enterprises" */
-&(nid_objs[384]),/* "Experimental" */
-&(nid_objs[372]),/* "Extended OCSP Status" */
-&(nid_objs[172]),/* "Extension Request" */
-&(nid_objs[813]),/* "GOST 28147-89" */
-&(nid_objs[849]),/* "GOST 28147-89 Cryptocom ParamSet" */
-&(nid_objs[815]),/* "GOST 28147-89 MAC" */
-&(nid_objs[851]),/* "GOST 34.10-2001 Cryptocom" */
-&(nid_objs[850]),/* "GOST 34.10-94 Cryptocom" */
-&(nid_objs[811]),/* "GOST R 34.10-2001" */
-&(nid_objs[817]),/* "GOST R 34.10-2001 DH" */
-&(nid_objs[812]),/* "GOST R 34.10-94" */
-&(nid_objs[818]),/* "GOST R 34.10-94 DH" */
-&(nid_objs[809]),/* "GOST R 34.11-94" */
-&(nid_objs[816]),/* "GOST R 34.11-94 PRF" */
-&(nid_objs[807]),/* "GOST R 34.11-94 with GOST R 34.10-2001" */
-&(nid_objs[853]),/* "GOST R 34.11-94 with GOST R 34.10-2001 Cryptocom" */
-&(nid_objs[808]),/* "GOST R 34.11-94 with GOST R 34.10-94" */
-&(nid_objs[852]),/* "GOST R 34.11-94 with GOST R 34.10-94 Cryptocom" */
-&(nid_objs[854]),/* "GOST R 3410-2001 Parameter Set Cryptocom" */
-&(nid_objs[810]),/* "HMAC GOST 34.11-94" */
-&(nid_objs[432]),/* "Hold Instruction Call Issuer" */
-&(nid_objs[430]),/* "Hold Instruction Code" */
-&(nid_objs[431]),/* "Hold Instruction None" */
-&(nid_objs[433]),/* "Hold Instruction Reject" */
-&(nid_objs[634]),/* "ICC or token signature" */
-&(nid_objs[294]),/* "IPSec End System" */
-&(nid_objs[295]),/* "IPSec Tunnel" */
-&(nid_objs[296]),/* "IPSec User" */
-&(nid_objs[182]),/* "ISO Member Body" */
-&(nid_objs[183]),/* "ISO US Member Body" */
-&(nid_objs[667]),/* "Independent" */
-&(nid_objs[665]),/* "Inherit all" */
-&(nid_objs[647]),/* "International Organizations" */
-&(nid_objs[142]),/* "Invalidity Date" */
-&(nid_objs[504]),/* "MIME MHS" */
-&(nid_objs[388]),/* "Mail" */
-&(nid_objs[383]),/* "Management" */
-&(nid_objs[417]),/* "Microsoft CSP Name" */
-&(nid_objs[135]),/* "Microsoft Commercial Code Signing" */
-&(nid_objs[138]),/* "Microsoft Encrypted File System" */
-&(nid_objs[171]),/* "Microsoft Extension Request" */
-&(nid_objs[134]),/* "Microsoft Individual Code Signing" */
-&(nid_objs[856]),/* "Microsoft Local Key set" */
-&(nid_objs[137]),/* "Microsoft Server Gated Crypto" */
-&(nid_objs[648]),/* "Microsoft Smartcardlogin" */
-&(nid_objs[136]),/* "Microsoft Trust List Signing" */
-&(nid_objs[649]),/* "Microsoft Universal Principal Name" */
-&(nid_objs[393]),/* "NULL" */
-&(nid_objs[404]),/* "NULL" */
-&(nid_objs[72]),/* "Netscape Base Url" */
-&(nid_objs[76]),/* "Netscape CA Policy Url" */
-&(nid_objs[74]),/* "Netscape CA Revocation Url" */
-&(nid_objs[71]),/* "Netscape Cert Type" */
-&(nid_objs[58]),/* "Netscape Certificate Extension" */
-&(nid_objs[79]),/* "Netscape Certificate Sequence" */
-&(nid_objs[78]),/* "Netscape Comment" */
-&(nid_objs[57]),/* "Netscape Communications Corp." */
-&(nid_objs[59]),/* "Netscape Data Type" */
-&(nid_objs[75]),/* "Netscape Renewal Url" */
-&(nid_objs[73]),/* "Netscape Revocation Url" */
-&(nid_objs[77]),/* "Netscape SSL Server Name" */
-&(nid_objs[139]),/* "Netscape Server Gated Crypto" */
-&(nid_objs[178]),/* "OCSP" */
-&(nid_objs[370]),/* "OCSP Archive Cutoff" */
-&(nid_objs[367]),/* "OCSP CRL ID" */
-&(nid_objs[369]),/* "OCSP No Check" */
-&(nid_objs[366]),/* "OCSP Nonce" */
-&(nid_objs[371]),/* "OCSP Service Locator" */
-&(nid_objs[180]),/* "OCSP Signing" */
-&(nid_objs[161]),/* "PBES2" */
-&(nid_objs[69]),/* "PBKDF2" */
-&(nid_objs[162]),/* "PBMAC1" */
-&(nid_objs[127]),/* "PKIX" */
-&(nid_objs[858]),/* "Permanent Identifier" */
-&(nid_objs[164]),/* "Policy Qualifier CPS" */
-&(nid_objs[165]),/* "Policy Qualifier User Notice" */
-&(nid_objs[385]),/* "Private" */
-&(nid_objs[663]),/* "Proxy Certificate Information" */
-&(nid_objs[ 1]),/* "RSA Data Security, Inc." */
-&(nid_objs[ 2]),/* "RSA Data Security, Inc. PKCS" */
-&(nid_objs[188]),/* "S/MIME" */
-&(nid_objs[167]),/* "S/MIME Capabilities" */
-&(nid_objs[387]),/* "SNMPv2" */
-&(nid_objs[512]),/* "Secure Electronic Transactions" */
-&(nid_objs[386]),/* "Security" */
-&(nid_objs[394]),/* "Selected Attribute Types" */
-&(nid_objs[143]),/* "Strong Extranet ID" */
-&(nid_objs[398]),/* "Subject Information Access" */
-&(nid_objs[130]),/* "TLS Web Client Authentication" */
-&(nid_objs[129]),/* "TLS Web Server Authentication" */
-&(nid_objs[133]),/* "Time Stamping" */
-&(nid_objs[375]),/* "Trust Root" */
-&(nid_objs[12]),/* "X509" */
-&(nid_objs[402]),/* "X509v3 AC Targeting" */
-&(nid_objs[746]),/* "X509v3 Any Policy" */
-&(nid_objs[90]),/* "X509v3 Authority Key Identifier" */
-&(nid_objs[87]),/* "X509v3 Basic Constraints" */
-&(nid_objs[103]),/* "X509v3 CRL Distribution Points" */
-&(nid_objs[88]),/* "X509v3 CRL Number" */
-&(nid_objs[141]),/* "X509v3 CRL Reason Code" */
-&(nid_objs[771]),/* "X509v3 Certificate Issuer" */
-&(nid_objs[89]),/* "X509v3 Certificate Policies" */
-&(nid_objs[140]),/* "X509v3 Delta CRL Indicator" */
-&(nid_objs[126]),/* "X509v3 Extended Key Usage" */
-&(nid_objs[857]),/* "X509v3 Freshest CRL" */
-&(nid_objs[748]),/* "X509v3 Inhibit Any Policy" */
-&(nid_objs[86]),/* "X509v3 Issuer Alternative Name" */
-&(nid_objs[770]),/* "X509v3 Issuing Distrubution Point" */
-&(nid_objs[83]),/* "X509v3 Key Usage" */
-&(nid_objs[666]),/* "X509v3 Name Constraints" */
-&(nid_objs[403]),/* "X509v3 No Revocation Available" */
-&(nid_objs[401]),/* "X509v3 Policy Constraints" */
-&(nid_objs[747]),/* "X509v3 Policy Mappings" */
-&(nid_objs[84]),/* "X509v3 Private Key Usage Period" */
-&(nid_objs[85]),/* "X509v3 Subject Alternative Name" */
-&(nid_objs[769]),/* "X509v3 Subject Directory Attributes" */
-&(nid_objs[82]),/* "X509v3 Subject Key Identifier" */
-&(nid_objs[184]),/* "X9.57" */
-&(nid_objs[185]),/* "X9.57 CM ?" */
-&(nid_objs[478]),/* "aRecord" */
-&(nid_objs[289]),/* "aaControls" */
-&(nid_objs[287]),/* "ac-auditEntity" */
-&(nid_objs[397]),/* "ac-proxying" */
-&(nid_objs[288]),/* "ac-targeting" */
-&(nid_objs[446]),/* "account" */
-&(nid_objs[364]),/* "ad dvcs" */
-&(nid_objs[606]),/* "additional verification" */
-&(nid_objs[419]),/* "aes-128-cbc" */
-&(nid_objs[421]),/* "aes-128-cfb" */
-&(nid_objs[650]),/* "aes-128-cfb1" */
-&(nid_objs[653]),/* "aes-128-cfb8" */
-&(nid_objs[418]),/* "aes-128-ecb" */
-&(nid_objs[420]),/* "aes-128-ofb" */
-&(nid_objs[423]),/* "aes-192-cbc" */
-&(nid_objs[425]),/* "aes-192-cfb" */
-&(nid_objs[651]),/* "aes-192-cfb1" */
-&(nid_objs[654]),/* "aes-192-cfb8" */
-&(nid_objs[422]),/* "aes-192-ecb" */
-&(nid_objs[424]),/* "aes-192-ofb" */
-&(nid_objs[427]),/* "aes-256-cbc" */
-&(nid_objs[429]),/* "aes-256-cfb" */
-&(nid_objs[652]),/* "aes-256-cfb1" */
-&(nid_objs[655]),/* "aes-256-cfb8" */
-&(nid_objs[426]),/* "aes-256-ecb" */
-&(nid_objs[428]),/* "aes-256-ofb" */
-&(nid_objs[376]),/* "algorithm" */
-&(nid_objs[484]),/* "associatedDomain" */
-&(nid_objs[485]),/* "associatedName" */
-&(nid_objs[501]),/* "audio" */
-&(nid_objs[882]),/* "authorityRevocationList" */
-&(nid_objs[91]),/* "bf-cbc" */
-&(nid_objs[93]),/* "bf-cfb" */
-&(nid_objs[92]),/* "bf-ecb" */
-&(nid_objs[94]),/* "bf-ofb" */
-&(nid_objs[494]),/* "buildingName" */
-&(nid_objs[860]),/* "businessCategory" */
-&(nid_objs[691]),/* "c2onb191v4" */
-&(nid_objs[692]),/* "c2onb191v5" */
-&(nid_objs[697]),/* "c2onb239v4" */
-&(nid_objs[698]),/* "c2onb239v5" */
-&(nid_objs[684]),/* "c2pnb163v1" */
-&(nid_objs[685]),/* "c2pnb163v2" */
-&(nid_objs[686]),/* "c2pnb163v3" */
-&(nid_objs[687]),/* "c2pnb176v1" */
-&(nid_objs[693]),/* "c2pnb208w1" */
-&(nid_objs[699]),/* "c2pnb272w1" */
-&(nid_objs[700]),/* "c2pnb304w1" */
-&(nid_objs[702]),/* "c2pnb368w1" */
-&(nid_objs[688]),/* "c2tnb191v1" */
-&(nid_objs[689]),/* "c2tnb191v2" */
-&(nid_objs[690]),/* "c2tnb191v3" */
-&(nid_objs[694]),/* "c2tnb239v1" */
-&(nid_objs[695]),/* "c2tnb239v2" */
-&(nid_objs[696]),/* "c2tnb239v3" */
-&(nid_objs[701]),/* "c2tnb359v1" */
-&(nid_objs[703]),/* "c2tnb431r1" */
-&(nid_objs[881]),/* "cACertificate" */
-&(nid_objs[483]),/* "cNAMERecord" */
-&(nid_objs[751]),/* "camellia-128-cbc" */
-&(nid_objs[757]),/* "camellia-128-cfb" */
-&(nid_objs[760]),/* "camellia-128-cfb1" */
-&(nid_objs[763]),/* "camellia-128-cfb8" */
-&(nid_objs[754]),/* "camellia-128-ecb" */
-&(nid_objs[766]),/* "camellia-128-ofb" */
-&(nid_objs[752]),/* "camellia-192-cbc" */
-&(nid_objs[758]),/* "camellia-192-cfb" */
-&(nid_objs[761]),/* "camellia-192-cfb1" */
-&(nid_objs[764]),/* "camellia-192-cfb8" */
-&(nid_objs[755]),/* "camellia-192-ecb" */
-&(nid_objs[767]),/* "camellia-192-ofb" */
-&(nid_objs[753]),/* "camellia-256-cbc" */
-&(nid_objs[759]),/* "camellia-256-cfb" */
-&(nid_objs[762]),/* "camellia-256-cfb1" */
-&(nid_objs[765]),/* "camellia-256-cfb8" */
-&(nid_objs[756]),/* "camellia-256-ecb" */
-&(nid_objs[768]),/* "camellia-256-ofb" */
-&(nid_objs[443]),/* "caseIgnoreIA5StringSyntax" */
-&(nid_objs[108]),/* "cast5-cbc" */
-&(nid_objs[110]),/* "cast5-cfb" */
-&(nid_objs[109]),/* "cast5-ecb" */
-&(nid_objs[111]),/* "cast5-ofb" */
-&(nid_objs[152]),/* "certBag" */
-&(nid_objs[677]),/* "certicom-arc" */
-&(nid_objs[517]),/* "certificate extensions" */
-&(nid_objs[883]),/* "certificateRevocationList" */
-&(nid_objs[54]),/* "challengePassword" */
-&(nid_objs[407]),/* "characteristic-two-field" */
-&(nid_objs[395]),/* "clearance" */
-&(nid_objs[633]),/* "cleartext track 2" */
-&(nid_objs[13]),/* "commonName" */
-&(nid_objs[513]),/* "content types" */
-&(nid_objs[50]),/* "contentType" */
-&(nid_objs[53]),/* "countersignature" */
-&(nid_objs[14]),/* "countryName" */
-&(nid_objs[153]),/* "crlBag" */
-&(nid_objs[884]),/* "crossCertificatePair" */
-&(nid_objs[806]),/* "cryptocom" */
-&(nid_objs[805]),/* "cryptopro" */
-&(nid_objs[500]),/* "dITRedirect" */
-&(nid_objs[451]),/* "dNSDomain" */
-&(nid_objs[495]),/* "dSAQuality" */
-&(nid_objs[434]),/* "data" */
-&(nid_objs[390]),/* "dcObject" */
-&(nid_objs[891]),/* "deltaRevocationList" */
-&(nid_objs[31]),/* "des-cbc" */
-&(nid_objs[643]),/* "des-cdmf" */
-&(nid_objs[30]),/* "des-cfb" */
-&(nid_objs[656]),/* "des-cfb1" */
-&(nid_objs[657]),/* "des-cfb8" */
-&(nid_objs[29]),/* "des-ecb" */
-&(nid_objs[32]),/* "des-ede" */
-&(nid_objs[43]),/* "des-ede-cbc" */
-&(nid_objs[60]),/* "des-ede-cfb" */
-&(nid_objs[62]),/* "des-ede-ofb" */
-&(nid_objs[33]),/* "des-ede3" */
-&(nid_objs[44]),/* "des-ede3-cbc" */
-&(nid_objs[61]),/* "des-ede3-cfb" */
-&(nid_objs[658]),/* "des-ede3-cfb1" */
-&(nid_objs[659]),/* "des-ede3-cfb8" */
-&(nid_objs[63]),/* "des-ede3-ofb" */
-&(nid_objs[45]),/* "des-ofb" */
-&(nid_objs[107]),/* "description" */
-&(nid_objs[871]),/* "destinationIndicator" */
-&(nid_objs[80]),/* "desx-cbc" */
-&(nid_objs[28]),/* "dhKeyAgreement" */
-&(nid_objs[11]),/* "directory services (X.500)" */
-&(nid_objs[378]),/* "directory services - algorithms" */
-&(nid_objs[887]),/* "distinguishedName" */
-&(nid_objs[892]),/* "dmdName" */
-&(nid_objs[174]),/* "dnQualifier" */
-&(nid_objs[447]),/* "document" */
-&(nid_objs[471]),/* "documentAuthor" */
-&(nid_objs[468]),/* "documentIdentifier" */
-&(nid_objs[472]),/* "documentLocation" */
-&(nid_objs[502]),/* "documentPublisher" */
-&(nid_objs[449]),/* "documentSeries" */
-&(nid_objs[469]),/* "documentTitle" */
-&(nid_objs[470]),/* "documentVersion" */
-&(nid_objs[380]),/* "dod" */
-&(nid_objs[391]),/* "domainComponent" */
-&(nid_objs[452]),/* "domainRelatedObject" */
-&(nid_objs[116]),/* "dsaEncryption" */
-&(nid_objs[67]),/* "dsaEncryption-old" */
-&(nid_objs[66]),/* "dsaWithSHA" */
-&(nid_objs[113]),/* "dsaWithSHA1" */
-&(nid_objs[70]),/* "dsaWithSHA1-old" */
-&(nid_objs[802]),/* "dsa_with_SHA224" */
-&(nid_objs[803]),/* "dsa_with_SHA256" */
-&(nid_objs[297]),/* "dvcs" */
-&(nid_objs[791]),/* "ecdsa-with-Recommended" */
-&(nid_objs[416]),/* "ecdsa-with-SHA1" */
-&(nid_objs[793]),/* "ecdsa-with-SHA224" */
-&(nid_objs[794]),/* "ecdsa-with-SHA256" */
-&(nid_objs[795]),/* "ecdsa-with-SHA384" */
-&(nid_objs[796]),/* "ecdsa-with-SHA512" */
-&(nid_objs[792]),/* "ecdsa-with-Specified" */
-&(nid_objs[48]),/* "emailAddress" */
-&(nid_objs[632]),/* "encrypted track 2" */
-&(nid_objs[885]),/* "enhancedSearchGuide" */
-&(nid_objs[56]),/* "extendedCertificateAttributes" */
-&(nid_objs[867]),/* "facsimileTelephoneNumber" */
-&(nid_objs[462]),/* "favouriteDrink" */
-&(nid_objs[453]),/* "friendlyCountry" */
-&(nid_objs[490]),/* "friendlyCountryName" */
-&(nid_objs[156]),/* "friendlyName" */
-&(nid_objs[631]),/* "generate cryptogram" */
-&(nid_objs[509]),/* "generationQualifier" */
-&(nid_objs[601]),/* "generic cryptogram" */
-&(nid_objs[99]),/* "givenName" */
-&(nid_objs[814]),/* "gost89-cnt" */
-&(nid_objs[855]),/* "hmac" */
-&(nid_objs[780]),/* "hmac-md5" */
-&(nid_objs[781]),/* "hmac-sha1" */
-&(nid_objs[797]),/* "hmacWithMD5" */
-&(nid_objs[163]),/* "hmacWithSHA1" */
-&(nid_objs[798]),/* "hmacWithSHA224" */
-&(nid_objs[799]),/* "hmacWithSHA256" */
-&(nid_objs[800]),/* "hmacWithSHA384" */
-&(nid_objs[801]),/* "hmacWithSHA512" */
-&(nid_objs[486]),/* "homePostalAddress" */
-&(nid_objs[473]),/* "homeTelephoneNumber" */
-&(nid_objs[466]),/* "host" */
-&(nid_objs[889]),/* "houseIdentifier" */
-&(nid_objs[442]),/* "iA5StringSyntax" */
-&(nid_objs[381]),/* "iana" */
-&(nid_objs[824]),/* "id-Gost28147-89-CryptoPro-A-ParamSet" */
-&(nid_objs[825]),/* "id-Gost28147-89-CryptoPro-B-ParamSet" */
-&(nid_objs[826]),/* "id-Gost28147-89-CryptoPro-C-ParamSet" */
-&(nid_objs[827]),/* "id-Gost28147-89-CryptoPro-D-ParamSet" */
-&(nid_objs[819]),/* "id-Gost28147-89-CryptoPro-KeyMeshing" */
-&(nid_objs[829]),/* "id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet" */
-&(nid_objs[828]),/* "id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet" */
-&(nid_objs[830]),/* "id-Gost28147-89-CryptoPro-RIC-1-ParamSet" */
-&(nid_objs[820]),/* "id-Gost28147-89-None-KeyMeshing" */
-&(nid_objs[823]),/* "id-Gost28147-89-TestParamSet" */
-&(nid_objs[840]),/* "id-GostR3410-2001-CryptoPro-A-ParamSet" */
-&(nid_objs[841]),/* "id-GostR3410-2001-CryptoPro-B-ParamSet" */
-&(nid_objs[842]),/* "id-GostR3410-2001-CryptoPro-C-ParamSet" */
-&(nid_objs[843]),/* "id-GostR3410-2001-CryptoPro-XchA-ParamSet" */
-&(nid_objs[844]),/* "id-GostR3410-2001-CryptoPro-XchB-ParamSet" */
-&(nid_objs[839]),/* "id-GostR3410-2001-TestParamSet" */
-&(nid_objs[832]),/* "id-GostR3410-94-CryptoPro-A-ParamSet" */
-&(nid_objs[833]),/* "id-GostR3410-94-CryptoPro-B-ParamSet" */
-&(nid_objs[834]),/* "id-GostR3410-94-CryptoPro-C-ParamSet" */
-&(nid_objs[835]),/* "id-GostR3410-94-CryptoPro-D-ParamSet" */
-&(nid_objs[836]),/* "id-GostR3410-94-CryptoPro-XchA-ParamSet" */
-&(nid_objs[837]),/* "id-GostR3410-94-CryptoPro-XchB-ParamSet" */
-&(nid_objs[838]),/* "id-GostR3410-94-CryptoPro-XchC-ParamSet" */
-&(nid_objs[831]),/* "id-GostR3410-94-TestParamSet" */
-&(nid_objs[845]),/* "id-GostR3410-94-a" */
-&(nid_objs[846]),/* "id-GostR3410-94-aBis" */
-&(nid_objs[847]),/* "id-GostR3410-94-b" */
-&(nid_objs[848]),/* "id-GostR3410-94-bBis" */
-&(nid_objs[822]),/* "id-GostR3411-94-CryptoProParamSet" */
-&(nid_objs[821]),/* "id-GostR3411-94-TestParamSet" */
-&(nid_objs[266]),/* "id-aca" */
-&(nid_objs[355]),/* "id-aca-accessIdentity" */
-&(nid_objs[354]),/* "id-aca-authenticationInfo" */
-&(nid_objs[356]),/* "id-aca-chargingIdentity" */
-&(nid_objs[399]),/* "id-aca-encAttrs" */
-&(nid_objs[357]),/* "id-aca-group" */
-&(nid_objs[358]),/* "id-aca-role" */
-&(nid_objs[176]),/* "id-ad" */
-&(nid_objs[788]),/* "id-aes128-wrap" */
-&(nid_objs[789]),/* "id-aes192-wrap" */
-&(nid_objs[790]),/* "id-aes256-wrap" */
-&(nid_objs[262]),/* "id-alg" */
-&(nid_objs[323]),/* "id-alg-des40" */
-&(nid_objs[326]),/* "id-alg-dh-pop" */
-&(nid_objs[325]),/* "id-alg-dh-sig-hmac-sha1" */
-&(nid_objs[324]),/* "id-alg-noSignature" */
-&(nid_objs[268]),/* "id-cct" */
-&(nid_objs[361]),/* "id-cct-PKIData" */
-&(nid_objs[362]),/* "id-cct-PKIResponse" */
-&(nid_objs[360]),/* "id-cct-crs" */
-&(nid_objs[81]),/* "id-ce" */
-&(nid_objs[680]),/* "id-characteristic-two-basis" */
-&(nid_objs[263]),/* "id-cmc" */
-&(nid_objs[334]),/* "id-cmc-addExtensions" */
-&(nid_objs[346]),/* "id-cmc-confirmCertAcceptance" */
-&(nid_objs[330]),/* "id-cmc-dataReturn" */
-&(nid_objs[336]),/* "id-cmc-decryptedPOP" */
-&(nid_objs[335]),/* "id-cmc-encryptedPOP" */
-&(nid_objs[339]),/* "id-cmc-getCRL" */
-&(nid_objs[338]),/* "id-cmc-getCert" */
-&(nid_objs[328]),/* "id-cmc-identification" */
-&(nid_objs[329]),/* "id-cmc-identityProof" */
-&(nid_objs[337]),/* "id-cmc-lraPOPWitness" */
-&(nid_objs[344]),/* "id-cmc-popLinkRandom" */
-&(nid_objs[345]),/* "id-cmc-popLinkWitness" */
-&(nid_objs[343]),/* "id-cmc-queryPending" */
-&(nid_objs[333]),/* "id-cmc-recipientNonce" */
-&(nid_objs[341]),/* "id-cmc-regInfo" */
-&(nid_objs[342]),/* "id-cmc-responseInfo" */
-&(nid_objs[340]),/* "id-cmc-revokeRequest" */
-&(nid_objs[332]),/* "id-cmc-senderNonce" */
-&(nid_objs[327]),/* "id-cmc-statusInfo" */
-&(nid_objs[331]),/* "id-cmc-transactionId" */
-&(nid_objs[787]),/* "id-ct-asciiTextWithCRLF" */
-&(nid_objs[408]),/* "id-ecPublicKey" */
-&(nid_objs[508]),/* "id-hex-multipart-message" */
-&(nid_objs[507]),/* "id-hex-partial-message" */
-&(nid_objs[260]),/* "id-it" */
-&(nid_objs[302]),/* "id-it-caKeyUpdateInfo" */
-&(nid_objs[298]),/* "id-it-caProtEncCert" */
-&(nid_objs[311]),/* "id-it-confirmWaitTime" */
-&(nid_objs[303]),/* "id-it-currentCRL" */
-&(nid_objs[300]),/* "id-it-encKeyPairTypes" */
-&(nid_objs[310]),/* "id-it-implicitConfirm" */
-&(nid_objs[308]),/* "id-it-keyPairParamRep" */
-&(nid_objs[307]),/* "id-it-keyPairParamReq" */
-&(nid_objs[312]),/* "id-it-origPKIMessage" */
-&(nid_objs[301]),/* "id-it-preferredSymmAlg" */
-&(nid_objs[309]),/* "id-it-revPassphrase" */
-&(nid_objs[299]),/* "id-it-signKeyPairTypes" */
-&(nid_objs[305]),/* "id-it-subscriptionRequest" */
-&(nid_objs[306]),/* "id-it-subscriptionResponse" */
-&(nid_objs[784]),/* "id-it-suppLangTags" */
-&(nid_objs[304]),/* "id-it-unsupportedOIDs" */
-&(nid_objs[128]),/* "id-kp" */
-&(nid_objs[280]),/* "id-mod-attribute-cert" */
-&(nid_objs[274]),/* "id-mod-cmc" */
-&(nid_objs[277]),/* "id-mod-cmp" */
-&(nid_objs[284]),/* "id-mod-cmp2000" */
-&(nid_objs[273]),/* "id-mod-crmf" */
-&(nid_objs[283]),/* "id-mod-dvcs" */
-&(nid_objs[275]),/* "id-mod-kea-profile-88" */
-&(nid_objs[276]),/* "id-mod-kea-profile-93" */
-&(nid_objs[282]),/* "id-mod-ocsp" */
-&(nid_objs[278]),/* "id-mod-qualified-cert-88" */
-&(nid_objs[279]),/* "id-mod-qualified-cert-93" */
-&(nid_objs[281]),/* "id-mod-timestamp-protocol" */
-&(nid_objs[264]),/* "id-on" */
-&(nid_objs[347]),/* "id-on-personalData" */
-&(nid_objs[265]),/* "id-pda" */
-&(nid_objs[352]),/* "id-pda-countryOfCitizenship" */
-&(nid_objs[353]),/* "id-pda-countryOfResidence" */
-&(nid_objs[348]),/* "id-pda-dateOfBirth" */
-&(nid_objs[351]),/* "id-pda-gender" */
-&(nid_objs[349]),/* "id-pda-placeOfBirth" */
-&(nid_objs[175]),/* "id-pe" */
-&(nid_objs[261]),/* "id-pkip" */
-&(nid_objs[258]),/* "id-pkix-mod" */
-&(nid_objs[269]),/* "id-pkix1-explicit-88" */
-&(nid_objs[271]),/* "id-pkix1-explicit-93" */
-&(nid_objs[270]),/* "id-pkix1-implicit-88" */
-&(nid_objs[272]),/* "id-pkix1-implicit-93" */
-&(nid_objs[662]),/* "id-ppl" */
-&(nid_objs[267]),/* "id-qcs" */
-&(nid_objs[359]),/* "id-qcs-pkixQCSyntax-v1" */
-&(nid_objs[259]),/* "id-qt" */
-&(nid_objs[313]),/* "id-regCtrl" */
-&(nid_objs[316]),/* "id-regCtrl-authenticator" */
-&(nid_objs[319]),/* "id-regCtrl-oldCertID" */
-&(nid_objs[318]),/* "id-regCtrl-pkiArchiveOptions" */
-&(nid_objs[317]),/* "id-regCtrl-pkiPublicationInfo" */
-&(nid_objs[320]),/* "id-regCtrl-protocolEncrKey" */
-&(nid_objs[315]),/* "id-regCtrl-regToken" */
-&(nid_objs[314]),/* "id-regInfo" */
-&(nid_objs[322]),/* "id-regInfo-certReq" */
-&(nid_objs[321]),/* "id-regInfo-utf8Pairs" */
-&(nid_objs[191]),/* "id-smime-aa" */
-&(nid_objs[215]),/* "id-smime-aa-contentHint" */
-&(nid_objs[218]),/* "id-smime-aa-contentIdentifier" */
-&(nid_objs[221]),/* "id-smime-aa-contentReference" */
-&(nid_objs[240]),/* "id-smime-aa-dvcs-dvc" */
-&(nid_objs[217]),/* "id-smime-aa-encapContentType" */
-&(nid_objs[222]),/* "id-smime-aa-encrypKeyPref" */
-&(nid_objs[220]),/* "id-smime-aa-equivalentLabels" */
-&(nid_objs[232]),/* "id-smime-aa-ets-CertificateRefs" */
-&(nid_objs[233]),/* "id-smime-aa-ets-RevocationRefs" */
-&(nid_objs[238]),/* "id-smime-aa-ets-archiveTimeStamp" */
-&(nid_objs[237]),/* "id-smime-aa-ets-certCRLTimestamp" */
-&(nid_objs[234]),/* "id-smime-aa-ets-certValues" */
-&(nid_objs[227]),/* "id-smime-aa-ets-commitmentType" */
-&(nid_objs[231]),/* "id-smime-aa-ets-contentTimestamp" */
-&(nid_objs[236]),/* "id-smime-aa-ets-escTimeStamp" */
-&(nid_objs[230]),/* "id-smime-aa-ets-otherSigCert" */
-&(nid_objs[235]),/* "id-smime-aa-ets-revocationValues" */
-&(nid_objs[226]),/* "id-smime-aa-ets-sigPolicyId" */
-&(nid_objs[229]),/* "id-smime-aa-ets-signerAttr" */
-&(nid_objs[228]),/* "id-smime-aa-ets-signerLocation" */
-&(nid_objs[219]),/* "id-smime-aa-macValue" */
-&(nid_objs[214]),/* "id-smime-aa-mlExpandHistory" */
-&(nid_objs[216]),/* "id-smime-aa-msgSigDigest" */
-&(nid_objs[212]),/* "id-smime-aa-receiptRequest" */
-&(nid_objs[213]),/* "id-smime-aa-securityLabel" */
-&(nid_objs[239]),/* "id-smime-aa-signatureType" */
-&(nid_objs[223]),/* "id-smime-aa-signingCertificate" */
-&(nid_objs[224]),/* "id-smime-aa-smimeEncryptCerts" */
-&(nid_objs[225]),/* "id-smime-aa-timeStampToken" */
-&(nid_objs[192]),/* "id-smime-alg" */
-&(nid_objs[243]),/* "id-smime-alg-3DESwrap" */
-&(nid_objs[246]),/* "id-smime-alg-CMS3DESwrap" */
-&(nid_objs[247]),/* "id-smime-alg-CMSRC2wrap" */
-&(nid_objs[245]),/* "id-smime-alg-ESDH" */
-&(nid_objs[241]),/* "id-smime-alg-ESDHwith3DES" */
-&(nid_objs[242]),/* "id-smime-alg-ESDHwithRC2" */
-&(nid_objs[244]),/* "id-smime-alg-RC2wrap" */
-&(nid_objs[193]),/* "id-smime-cd" */
-&(nid_objs[248]),/* "id-smime-cd-ldap" */
-&(nid_objs[190]),/* "id-smime-ct" */
-&(nid_objs[210]),/* "id-smime-ct-DVCSRequestData" */
-&(nid_objs[211]),/* "id-smime-ct-DVCSResponseData" */
-&(nid_objs[208]),/* "id-smime-ct-TDTInfo" */
-&(nid_objs[207]),/* "id-smime-ct-TSTInfo" */
-&(nid_objs[205]),/* "id-smime-ct-authData" */
-&(nid_objs[786]),/* "id-smime-ct-compressedData" */
-&(nid_objs[209]),/* "id-smime-ct-contentInfo" */
-&(nid_objs[206]),/* "id-smime-ct-publishCert" */
-&(nid_objs[204]),/* "id-smime-ct-receipt" */
-&(nid_objs[195]),/* "id-smime-cti" */
-&(nid_objs[255]),/* "id-smime-cti-ets-proofOfApproval" */
-&(nid_objs[256]),/* "id-smime-cti-ets-proofOfCreation" */
-&(nid_objs[253]),/* "id-smime-cti-ets-proofOfDelivery" */
-&(nid_objs[251]),/* "id-smime-cti-ets-proofOfOrigin" */
-&(nid_objs[252]),/* "id-smime-cti-ets-proofOfReceipt" */
-&(nid_objs[254]),/* "id-smime-cti-ets-proofOfSender" */
-&(nid_objs[189]),/* "id-smime-mod" */
-&(nid_objs[196]),/* "id-smime-mod-cms" */
-&(nid_objs[197]),/* "id-smime-mod-ess" */
-&(nid_objs[202]),/* "id-smime-mod-ets-eSigPolicy-88" */
-&(nid_objs[203]),/* "id-smime-mod-ets-eSigPolicy-97" */
-&(nid_objs[200]),/* "id-smime-mod-ets-eSignature-88" */
-&(nid_objs[201]),/* "id-smime-mod-ets-eSignature-97" */
-&(nid_objs[199]),/* "id-smime-mod-msg-v3" */
-&(nid_objs[198]),/* "id-smime-mod-oid" */
-&(nid_objs[194]),/* "id-smime-spq" */
-&(nid_objs[250]),/* "id-smime-spq-ets-sqt-unotice" */
-&(nid_objs[249]),/* "id-smime-spq-ets-sqt-uri" */
-&(nid_objs[34]),/* "idea-cbc" */
-&(nid_objs[35]),/* "idea-cfb" */
-&(nid_objs[36]),/* "idea-ecb" */
-&(nid_objs[46]),/* "idea-ofb" */
-&(nid_objs[676]),/* "identified-organization" */
-&(nid_objs[461]),/* "info" */
-&(nid_objs[101]),/* "initials" */
-&(nid_objs[869]),/* "internationaliSDNNumber" */
-&(nid_objs[749]),/* "ipsec3" */
-&(nid_objs[750]),/* "ipsec4" */
-&(nid_objs[181]),/* "iso" */
-&(nid_objs[623]),/* "issuer capabilities" */
-&(nid_objs[645]),/* "itu-t" */
-&(nid_objs[492]),/* "janetMailbox" */
-&(nid_objs[646]),/* "joint-iso-itu-t" */
-&(nid_objs[150]),/* "keyBag" */
-&(nid_objs[773]),/* "kisa" */
-&(nid_objs[477]),/* "lastModifiedBy" */
-&(nid_objs[476]),/* "lastModifiedTime" */
-&(nid_objs[157]),/* "localKeyID" */
-&(nid_objs[15]),/* "localityName" */
-&(nid_objs[480]),/* "mXRecord" */
-&(nid_objs[493]),/* "mailPreferenceOption" */
-&(nid_objs[467]),/* "manager" */
-&(nid_objs[ 3]),/* "md2" */
-&(nid_objs[ 7]),/* "md2WithRSAEncryption" */
-&(nid_objs[257]),/* "md4" */
-&(nid_objs[396]),/* "md4WithRSAEncryption" */
-&(nid_objs[ 4]),/* "md5" */
-&(nid_objs[114]),/* "md5-sha1" */
-&(nid_objs[104]),/* "md5WithRSA" */
-&(nid_objs[ 8]),/* "md5WithRSAEncryption" */
-&(nid_objs[95]),/* "mdc2" */
-&(nid_objs[96]),/* "mdc2WithRSA" */
-&(nid_objs[875]),/* "member" */
-&(nid_objs[602]),/* "merchant initiated auth" */
-&(nid_objs[514]),/* "message extensions" */
-&(nid_objs[51]),/* "messageDigest" */
-&(nid_objs[506]),/* "mime-mhs-bodies" */
-&(nid_objs[505]),/* "mime-mhs-headings" */
-&(nid_objs[488]),/* "mobileTelephoneNumber" */
-&(nid_objs[481]),/* "nSRecord" */
-&(nid_objs[173]),/* "name" */
-&(nid_objs[681]),/* "onBasis" */
-&(nid_objs[379]),/* "org" */
-&(nid_objs[17]),/* "organizationName" */
-&(nid_objs[491]),/* "organizationalStatus" */
-&(nid_objs[18]),/* "organizationalUnitName" */
-&(nid_objs[475]),/* "otherMailbox" */
-&(nid_objs[876]),/* "owner" */
-&(nid_objs[489]),/* "pagerTelephoneNumber" */
-&(nid_objs[782]),/* "password based MAC" */
-&(nid_objs[374]),/* "path" */
-&(nid_objs[621]),/* "payment gateway capabilities" */
-&(nid_objs[ 9]),/* "pbeWithMD2AndDES-CBC" */
-&(nid_objs[168]),/* "pbeWithMD2AndRC2-CBC" */
-&(nid_objs[112]),/* "pbeWithMD5AndCast5CBC" */
-&(nid_objs[10]),/* "pbeWithMD5AndDES-CBC" */
-&(nid_objs[169]),/* "pbeWithMD5AndRC2-CBC" */
-&(nid_objs[148]),/* "pbeWithSHA1And128BitRC2-CBC" */
-&(nid_objs[144]),/* "pbeWithSHA1And128BitRC4" */
-&(nid_objs[147]),/* "pbeWithSHA1And2-KeyTripleDES-CBC" */
-&(nid_objs[146]),/* "pbeWithSHA1And3-KeyTripleDES-CBC" */
-&(nid_objs[149]),/* "pbeWithSHA1And40BitRC2-CBC" */
-&(nid_objs[145]),/* "pbeWithSHA1And40BitRC4" */
-&(nid_objs[170]),/* "pbeWithSHA1AndDES-CBC" */
-&(nid_objs[68]),/* "pbeWithSHA1AndRC2-CBC" */
-&(nid_objs[499]),/* "personalSignature" */
-&(nid_objs[487]),/* "personalTitle" */
-&(nid_objs[464]),/* "photo" */
-&(nid_objs[863]),/* "physicalDeliveryOfficeName" */
-&(nid_objs[437]),/* "pilot" */
-&(nid_objs[439]),/* "pilotAttributeSyntax" */
-&(nid_objs[438]),/* "pilotAttributeType" */
-&(nid_objs[479]),/* "pilotAttributeType27" */
-&(nid_objs[456]),/* "pilotDSA" */
-&(nid_objs[441]),/* "pilotGroups" */
-&(nid_objs[444]),/* "pilotObject" */
-&(nid_objs[440]),/* "pilotObjectClass" */
-&(nid_objs[455]),/* "pilotOrganization" */
-&(nid_objs[445]),/* "pilotPerson" */
-&(nid_objs[186]),/* "pkcs1" */
-&(nid_objs[27]),/* "pkcs3" */
-&(nid_objs[187]),/* "pkcs5" */
-&(nid_objs[20]),/* "pkcs7" */
-&(nid_objs[21]),/* "pkcs7-data" */
-&(nid_objs[25]),/* "pkcs7-digestData" */
-&(nid_objs[26]),/* "pkcs7-encryptedData" */
-&(nid_objs[23]),/* "pkcs7-envelopedData" */
-&(nid_objs[24]),/* "pkcs7-signedAndEnvelopedData" */
-&(nid_objs[22]),/* "pkcs7-signedData" */
-&(nid_objs[151]),/* "pkcs8ShroudedKeyBag" */
-&(nid_objs[47]),/* "pkcs9" */
-&(nid_objs[862]),/* "postOfficeBox" */
-&(nid_objs[861]),/* "postalAddress" */
-&(nid_objs[661]),/* "postalCode" */
-&(nid_objs[683]),/* "ppBasis" */
-&(nid_objs[872]),/* "preferredDeliveryMethod" */
-&(nid_objs[873]),/* "presentationAddress" */
-&(nid_objs[406]),/* "prime-field" */
-&(nid_objs[409]),/* "prime192v1" */
-&(nid_objs[410]),/* "prime192v2" */
-&(nid_objs[411]),/* "prime192v3" */
-&(nid_objs[412]),/* "prime239v1" */
-&(nid_objs[413]),/* "prime239v2" */
-&(nid_objs[414]),/* "prime239v3" */
-&(nid_objs[415]),/* "prime256v1" */
-&(nid_objs[886]),/* "protocolInformation" */
-&(nid_objs[510]),/* "pseudonym" */
-&(nid_objs[435]),/* "pss" */
-&(nid_objs[286]),/* "qcStatements" */
-&(nid_objs[457]),/* "qualityLabelledData" */
-&(nid_objs[450]),/* "rFC822localPart" */
-&(nid_objs[98]),/* "rc2-40-cbc" */
-&(nid_objs[166]),/* "rc2-64-cbc" */
-&(nid_objs[37]),/* "rc2-cbc" */
-&(nid_objs[39]),/* "rc2-cfb" */
-&(nid_objs[38]),/* "rc2-ecb" */
-&(nid_objs[40]),/* "rc2-ofb" */
-&(nid_objs[ 5]),/* "rc4" */
-&(nid_objs[97]),/* "rc4-40" */
-&(nid_objs[120]),/* "rc5-cbc" */
-&(nid_objs[122]),/* "rc5-cfb" */
-&(nid_objs[121]),/* "rc5-ecb" */
-&(nid_objs[123]),/* "rc5-ofb" */
-&(nid_objs[870]),/* "registeredAddress" */
-&(nid_objs[460]),/* "rfc822Mailbox" */
-&(nid_objs[117]),/* "ripemd160" */
-&(nid_objs[119]),/* "ripemd160WithRSA" */
-&(nid_objs[400]),/* "role" */
-&(nid_objs[877]),/* "roleOccupant" */
-&(nid_objs[448]),/* "room" */
-&(nid_objs[463]),/* "roomNumber" */
-&(nid_objs[19]),/* "rsa" */
-&(nid_objs[ 6]),/* "rsaEncryption" */
-&(nid_objs[644]),/* "rsaOAEPEncryptionSET" */
-&(nid_objs[377]),/* "rsaSignature" */
-&(nid_objs[124]),/* "run length compression" */
-&(nid_objs[482]),/* "sOARecord" */
-&(nid_objs[155]),/* "safeContentsBag" */
-&(nid_objs[291]),/* "sbgp-autonomousSysNum" */
-&(nid_objs[290]),/* "sbgp-ipAddrBlock" */
-&(nid_objs[292]),/* "sbgp-routerIdentifier" */
-&(nid_objs[159]),/* "sdsiCertificate" */
-&(nid_objs[859]),/* "searchGuide" */
-&(nid_objs[704]),/* "secp112r1" */
-&(nid_objs[705]),/* "secp112r2" */
-&(nid_objs[706]),/* "secp128r1" */
-&(nid_objs[707]),/* "secp128r2" */
-&(nid_objs[708]),/* "secp160k1" */
-&(nid_objs[709]),/* "secp160r1" */
-&(nid_objs[710]),/* "secp160r2" */
-&(nid_objs[711]),/* "secp192k1" */
-&(nid_objs[712]),/* "secp224k1" */
-&(nid_objs[713]),/* "secp224r1" */
-&(nid_objs[714]),/* "secp256k1" */
-&(nid_objs[715]),/* "secp384r1" */
-&(nid_objs[716]),/* "secp521r1" */
-&(nid_objs[154]),/* "secretBag" */
-&(nid_objs[474]),/* "secretary" */
-&(nid_objs[717]),/* "sect113r1" */
-&(nid_objs[718]),/* "sect113r2" */
-&(nid_objs[719]),/* "sect131r1" */
-&(nid_objs[720]),/* "sect131r2" */
-&(nid_objs[721]),/* "sect163k1" */
-&(nid_objs[722]),/* "sect163r1" */
-&(nid_objs[723]),/* "sect163r2" */
-&(nid_objs[724]),/* "sect193r1" */
-&(nid_objs[725]),/* "sect193r2" */
-&(nid_objs[726]),/* "sect233k1" */
-&(nid_objs[727]),/* "sect233r1" */
-&(nid_objs[728]),/* "sect239k1" */
-&(nid_objs[729]),/* "sect283k1" */
-&(nid_objs[730]),/* "sect283r1" */
-&(nid_objs[731]),/* "sect409k1" */
-&(nid_objs[732]),/* "sect409r1" */
-&(nid_objs[733]),/* "sect571k1" */
-&(nid_objs[734]),/* "sect571r1" */
-&(nid_objs[635]),/* "secure device signature" */
-&(nid_objs[878]),/* "seeAlso" */
-&(nid_objs[777]),/* "seed-cbc" */
-&(nid_objs[779]),/* "seed-cfb" */
-&(nid_objs[776]),/* "seed-ecb" */
-&(nid_objs[778]),/* "seed-ofb" */
-&(nid_objs[105]),/* "serialNumber" */
-&(nid_objs[625]),/* "set-addPolicy" */
-&(nid_objs[515]),/* "set-attr" */
-&(nid_objs[518]),/* "set-brand" */
-&(nid_objs[638]),/* "set-brand-AmericanExpress" */
-&(nid_objs[637]),/* "set-brand-Diners" */
-&(nid_objs[636]),/* "set-brand-IATA-ATA" */
-&(nid_objs[639]),/* "set-brand-JCB" */
-&(nid_objs[641]),/* "set-brand-MasterCard" */
-&(nid_objs[642]),/* "set-brand-Novus" */
-&(nid_objs[640]),/* "set-brand-Visa" */
-&(nid_objs[516]),/* "set-policy" */
-&(nid_objs[607]),/* "set-policy-root" */
-&(nid_objs[624]),/* "set-rootKeyThumb" */
-&(nid_objs[620]),/* "setAttr-Cert" */
-&(nid_objs[628]),/* "setAttr-IssCap-CVM" */
-&(nid_objs[630]),/* "setAttr-IssCap-Sig" */
-&(nid_objs[629]),/* "setAttr-IssCap-T2" */
-&(nid_objs[627]),/* "setAttr-Token-B0Prime" */
-&(nid_objs[626]),/* "setAttr-Token-EMV" */
-&(nid_objs[622]),/* "setAttr-TokenType" */
-&(nid_objs[619]),/* "setCext-IssuerCapabilities" */
-&(nid_objs[615]),/* "setCext-PGWYcapabilities" */
-&(nid_objs[616]),/* "setCext-TokenIdentifier" */
-&(nid_objs[618]),/* "setCext-TokenType" */
-&(nid_objs[617]),/* "setCext-Track2Data" */
-&(nid_objs[611]),/* "setCext-cCertRequired" */
-&(nid_objs[609]),/* "setCext-certType" */
-&(nid_objs[608]),/* "setCext-hashedRoot" */
-&(nid_objs[610]),/* "setCext-merchData" */
-&(nid_objs[613]),/* "setCext-setExt" */
-&(nid_objs[614]),/* "setCext-setQualf" */
-&(nid_objs[612]),/* "setCext-tunneling" */
-&(nid_objs[540]),/* "setct-AcqCardCodeMsg" */
-&(nid_objs[576]),/* "setct-AcqCardCodeMsgTBE" */
-&(nid_objs[570]),/* "setct-AuthReqTBE" */
-&(nid_objs[534]),/* "setct-AuthReqTBS" */
-&(nid_objs[527]),/* "setct-AuthResBaggage" */
-&(nid_objs[571]),/* "setct-AuthResTBE" */
-&(nid_objs[572]),/* "setct-AuthResTBEX" */
-&(nid_objs[535]),/* "setct-AuthResTBS" */
-&(nid_objs[536]),/* "setct-AuthResTBSX" */
-&(nid_objs[528]),/* "setct-AuthRevReqBaggage" */
-&(nid_objs[577]),/* "setct-AuthRevReqTBE" */
-&(nid_objs[541]),/* "setct-AuthRevReqTBS" */
-&(nid_objs[529]),/* "setct-AuthRevResBaggage" */
-&(nid_objs[542]),/* "setct-AuthRevResData" */
-&(nid_objs[578]),/* "setct-AuthRevResTBE" */
-&(nid_objs[579]),/* "setct-AuthRevResTBEB" */
-&(nid_objs[543]),/* "setct-AuthRevResTBS" */
-&(nid_objs[573]),/* "setct-AuthTokenTBE" */
-&(nid_objs[537]),/* "setct-AuthTokenTBS" */
-&(nid_objs[600]),/* "setct-BCIDistributionTBS" */
-&(nid_objs[558]),/* "setct-BatchAdminReqData" */
-&(nid_objs[592]),/* "setct-BatchAdminReqTBE" */
-&(nid_objs[559]),/* "setct-BatchAdminResData" */
-&(nid_objs[593]),/* "setct-BatchAdminResTBE" */
-&(nid_objs[599]),/* "setct-CRLNotificationResTBS" */
-&(nid_objs[598]),/* "setct-CRLNotificationTBS" */
-&(nid_objs[580]),/* "setct-CapReqTBE" */
-&(nid_objs[581]),/* "setct-CapReqTBEX" */
-&(nid_objs[544]),/* "setct-CapReqTBS" */
-&(nid_objs[545]),/* "setct-CapReqTBSX" */
-&(nid_objs[546]),/* "setct-CapResData" */
-&(nid_objs[582]),/* "setct-CapResTBE" */
-&(nid_objs[583]),/* "setct-CapRevReqTBE" */
-&(nid_objs[584]),/* "setct-CapRevReqTBEX" */
-&(nid_objs[547]),/* "setct-CapRevReqTBS" */
-&(nid_objs[548]),/* "setct-CapRevReqTBSX" */
-&(nid_objs[549]),/* "setct-CapRevResData" */
-&(nid_objs[585]),/* "setct-CapRevResTBE" */
-&(nid_objs[538]),/* "setct-CapTokenData" */
-&(nid_objs[530]),/* "setct-CapTokenSeq" */
-&(nid_objs[574]),/* "setct-CapTokenTBE" */
-&(nid_objs[575]),/* "setct-CapTokenTBEX" */
-&(nid_objs[539]),/* "setct-CapTokenTBS" */
-&(nid_objs[560]),/* "setct-CardCInitResTBS" */
-&(nid_objs[566]),/* "setct-CertInqReqTBS" */
-&(nid_objs[563]),/* "setct-CertReqData" */
-&(nid_objs[595]),/* "setct-CertReqTBE" */
-&(nid_objs[596]),/* "setct-CertReqTBEX" */
-&(nid_objs[564]),/* "setct-CertReqTBS" */
-&(nid_objs[565]),/* "setct-CertResData" */
-&(nid_objs[597]),/* "setct-CertResTBE" */
-&(nid_objs[586]),/* "setct-CredReqTBE" */
-&(nid_objs[587]),/* "setct-CredReqTBEX" */
-&(nid_objs[550]),/* "setct-CredReqTBS" */
-&(nid_objs[551]),/* "setct-CredReqTBSX" */
-&(nid_objs[552]),/* "setct-CredResData" */
-&(nid_objs[588]),/* "setct-CredResTBE" */
-&(nid_objs[589]),/* "setct-CredRevReqTBE" */
-&(nid_objs[590]),/* "setct-CredRevReqTBEX" */
-&(nid_objs[553]),/* "setct-CredRevReqTBS" */
-&(nid_objs[554]),/* "setct-CredRevReqTBSX" */
-&(nid_objs[555]),/* "setct-CredRevResData" */
-&(nid_objs[591]),/* "setct-CredRevResTBE" */
-&(nid_objs[567]),/* "setct-ErrorTBS" */
-&(nid_objs[526]),/* "setct-HODInput" */
-&(nid_objs[561]),/* "setct-MeAqCInitResTBS" */
-&(nid_objs[522]),/* "setct-OIData" */
-&(nid_objs[519]),/* "setct-PANData" */
-&(nid_objs[521]),/* "setct-PANOnly" */
-&(nid_objs[520]),/* "setct-PANToken" */
-&(nid_objs[556]),/* "setct-PCertReqData" */
-&(nid_objs[557]),/* "setct-PCertResTBS" */
-&(nid_objs[523]),/* "setct-PI" */
-&(nid_objs[532]),/* "setct-PI-TBS" */
-&(nid_objs[524]),/* "setct-PIData" */
-&(nid_objs[525]),/* "setct-PIDataUnsigned" */
-&(nid_objs[568]),/* "setct-PIDualSignedTBE" */
-&(nid_objs[569]),/* "setct-PIUnsignedTBE" */
-&(nid_objs[531]),/* "setct-PInitResData" */
-&(nid_objs[533]),/* "setct-PResData" */
-&(nid_objs[594]),/* "setct-RegFormReqTBE" */
-&(nid_objs[562]),/* "setct-RegFormResTBS" */
-&(nid_objs[604]),/* "setext-pinAny" */
-&(nid_objs[603]),/* "setext-pinSecure" */
-&(nid_objs[605]),/* "setext-track2" */
-&(nid_objs[41]),/* "sha" */
-&(nid_objs[64]),/* "sha1" */
-&(nid_objs[115]),/* "sha1WithRSA" */
-&(nid_objs[65]),/* "sha1WithRSAEncryption" */
-&(nid_objs[675]),/* "sha224" */
-&(nid_objs[671]),/* "sha224WithRSAEncryption" */
-&(nid_objs[672]),/* "sha256" */
-&(nid_objs[668]),/* "sha256WithRSAEncryption" */
-&(nid_objs[673]),/* "sha384" */
-&(nid_objs[669]),/* "sha384WithRSAEncryption" */
-&(nid_objs[674]),/* "sha512" */
-&(nid_objs[670]),/* "sha512WithRSAEncryption" */
-&(nid_objs[42]),/* "shaWithRSAEncryption" */
-&(nid_objs[52]),/* "signingTime" */
-&(nid_objs[454]),/* "simpleSecurityObject" */
-&(nid_objs[496]),/* "singleLevelQuality" */
-&(nid_objs[16]),/* "stateOrProvinceName" */
-&(nid_objs[660]),/* "streetAddress" */
-&(nid_objs[498]),/* "subtreeMaximumQuality" */
-&(nid_objs[497]),/* "subtreeMinimumQuality" */
-&(nid_objs[890]),/* "supportedAlgorithms" */
-&(nid_objs[874]),/* "supportedApplicationContext" */
-&(nid_objs[100]),/* "surname" */
-&(nid_objs[864]),/* "telephoneNumber" */
-&(nid_objs[866]),/* "teletexTerminalIdentifier" */
-&(nid_objs[865]),/* "telexNumber" */
-&(nid_objs[459]),/* "textEncodedORAddress" */
-&(nid_objs[293]),/* "textNotice" */
-&(nid_objs[106]),/* "title" */
-&(nid_objs[682]),/* "tpBasis" */
-&(nid_objs[436]),/* "ucl" */
-&(nid_objs[ 0]),/* "undefined" */
-&(nid_objs[888]),/* "uniqueMember" */
-&(nid_objs[55]),/* "unstructuredAddress" */
-&(nid_objs[49]),/* "unstructuredName" */
-&(nid_objs[880]),/* "userCertificate" */
-&(nid_objs[465]),/* "userClass" */
-&(nid_objs[458]),/* "userId" */
-&(nid_objs[879]),/* "userPassword" */
-&(nid_objs[373]),/* "valid" */
-&(nid_objs[678]),/* "wap" */
-&(nid_objs[679]),/* "wap-wsg" */
-&(nid_objs[735]),/* "wap-wsg-idm-ecid-wtls1" */
-&(nid_objs[743]),/* "wap-wsg-idm-ecid-wtls10" */
-&(nid_objs[744]),/* "wap-wsg-idm-ecid-wtls11" */
-&(nid_objs[745]),/* "wap-wsg-idm-ecid-wtls12" */
-&(nid_objs[736]),/* "wap-wsg-idm-ecid-wtls3" */
-&(nid_objs[737]),/* "wap-wsg-idm-ecid-wtls4" */
-&(nid_objs[738]),/* "wap-wsg-idm-ecid-wtls5" */
-&(nid_objs[739]),/* "wap-wsg-idm-ecid-wtls6" */
-&(nid_objs[740]),/* "wap-wsg-idm-ecid-wtls7" */
-&(nid_objs[741]),/* "wap-wsg-idm-ecid-wtls8" */
-&(nid_objs[742]),/* "wap-wsg-idm-ecid-wtls9" */
-&(nid_objs[804]),/* "whirlpool" */
-&(nid_objs[868]),/* "x121Address" */
-&(nid_objs[503]),/* "x500UniqueIdentifier" */
-&(nid_objs[158]),/* "x509Certificate" */
-&(nid_objs[160]),/* "x509Crl" */
-&(nid_objs[125]),/* "zlib compression" */
+static const unsigned int ln_objs[NUM_LN]={
+363, /* "AD Time Stamping" */
+405, /* "ANSI X9.62" */
+368, /* "Acceptable OCSP Responses" */
+910, /* "Any Extended Key Usage" */
+664, /* "Any language" */
+177, /* "Authority Information Access" */
+365, /* "Basic OCSP Response" */
+285, /* "Biometric Info" */
+179, /* "CA Issuers" */
+785, /* "CA Repository" */
+131, /* "Code Signing" */
+783, /* "Diffie-Hellman based MAC" */
+382, /* "Directory" */
+392, /* "Domain" */
+132, /* "E-mail Protection" */
+389, /* "Enterprises" */
+384, /* "Experimental" */
+372, /* "Extended OCSP Status" */
+172, /* "Extension Request" */
+813, /* "GOST 28147-89" */
+849, /* "GOST 28147-89 Cryptocom ParamSet" */
+815, /* "GOST 28147-89 MAC" */
+851, /* "GOST 34.10-2001 Cryptocom" */
+850, /* "GOST 34.10-94 Cryptocom" */
+811, /* "GOST R 34.10-2001" */
+817, /* "GOST R 34.10-2001 DH" */
+812, /* "GOST R 34.10-94" */
+818, /* "GOST R 34.10-94 DH" */
+809, /* "GOST R 34.11-94" */
+816, /* "GOST R 34.11-94 PRF" */
+807, /* "GOST R 34.11-94 with GOST R 34.10-2001" */
+853, /* "GOST R 34.11-94 with GOST R 34.10-2001 Cryptocom" */
+808, /* "GOST R 34.11-94 with GOST R 34.10-94" */
+852, /* "GOST R 34.11-94 with GOST R 34.10-94 Cryptocom" */
+854, /* "GOST R 3410-2001 Parameter Set Cryptocom" */
+810, /* "HMAC GOST 34.11-94" */
+432, /* "Hold Instruction Call Issuer" */
+430, /* "Hold Instruction Code" */
+431, /* "Hold Instruction None" */
+433, /* "Hold Instruction Reject" */
+634, /* "ICC or token signature" */
+294, /* "IPSec End System" */
+295, /* "IPSec Tunnel" */
+296, /* "IPSec User" */
+182, /* "ISO Member Body" */
+183, /* "ISO US Member Body" */
+667, /* "Independent" */
+665, /* "Inherit all" */
+647, /* "International Organizations" */
+142, /* "Invalidity Date" */
+504, /* "MIME MHS" */
+388, /* "Mail" */
+383, /* "Management" */
+417, /* "Microsoft CSP Name" */
+135, /* "Microsoft Commercial Code Signing" */
+138, /* "Microsoft Encrypted File System" */
+171, /* "Microsoft Extension Request" */
+134, /* "Microsoft Individual Code Signing" */
+856, /* "Microsoft Local Key set" */
+137, /* "Microsoft Server Gated Crypto" */
+648, /* "Microsoft Smartcardlogin" */
+136, /* "Microsoft Trust List Signing" */
+649, /* "Microsoft Universal Principal Name" */
+393, /* "NULL" */
+404, /* "NULL" */
+72, /* "Netscape Base Url" */
+76, /* "Netscape CA Policy Url" */
+74, /* "Netscape CA Revocation Url" */
+71, /* "Netscape Cert Type" */
+58, /* "Netscape Certificate Extension" */
+79, /* "Netscape Certificate Sequence" */
+78, /* "Netscape Comment" */
+57, /* "Netscape Communications Corp." */
+59, /* "Netscape Data Type" */
+75, /* "Netscape Renewal Url" */
+73, /* "Netscape Revocation Url" */
+77, /* "Netscape SSL Server Name" */
+139, /* "Netscape Server Gated Crypto" */
+178, /* "OCSP" */
+370, /* "OCSP Archive Cutoff" */
+367, /* "OCSP CRL ID" */
+369, /* "OCSP No Check" */
+366, /* "OCSP Nonce" */
+371, /* "OCSP Service Locator" */
+180, /* "OCSP Signing" */
+161, /* "PBES2" */
+69, /* "PBKDF2" */
+162, /* "PBMAC1" */
+127, /* "PKIX" */
+858, /* "Permanent Identifier" */
+164, /* "Policy Qualifier CPS" */
+165, /* "Policy Qualifier User Notice" */
+385, /* "Private" */
+663, /* "Proxy Certificate Information" */
+ 1, /* "RSA Data Security, Inc." */
+ 2, /* "RSA Data Security, Inc. PKCS" */
+188, /* "S/MIME" */
+167, /* "S/MIME Capabilities" */
+387, /* "SNMPv2" */
+512, /* "Secure Electronic Transactions" */
+386, /* "Security" */
+394, /* "Selected Attribute Types" */
+143, /* "Strong Extranet ID" */
+398, /* "Subject Information Access" */
+130, /* "TLS Web Client Authentication" */
+129, /* "TLS Web Server Authentication" */
+133, /* "Time Stamping" */
+375, /* "Trust Root" */
+12, /* "X509" */
+402, /* "X509v3 AC Targeting" */
+746, /* "X509v3 Any Policy" */
+90, /* "X509v3 Authority Key Identifier" */
+87, /* "X509v3 Basic Constraints" */
+103, /* "X509v3 CRL Distribution Points" */
+88, /* "X509v3 CRL Number" */
+141, /* "X509v3 CRL Reason Code" */
+771, /* "X509v3 Certificate Issuer" */
+89, /* "X509v3 Certificate Policies" */
+140, /* "X509v3 Delta CRL Indicator" */
+126, /* "X509v3 Extended Key Usage" */
+857, /* "X509v3 Freshest CRL" */
+748, /* "X509v3 Inhibit Any Policy" */
+86, /* "X509v3 Issuer Alternative Name" */
+770, /* "X509v3 Issuing Distrubution Point" */
+83, /* "X509v3 Key Usage" */
+666, /* "X509v3 Name Constraints" */
+403, /* "X509v3 No Revocation Available" */
+401, /* "X509v3 Policy Constraints" */
+747, /* "X509v3 Policy Mappings" */
+84, /* "X509v3 Private Key Usage Period" */
+85, /* "X509v3 Subject Alternative Name" */
+769, /* "X509v3 Subject Directory Attributes" */
+82, /* "X509v3 Subject Key Identifier" */
+184, /* "X9.57" */
+185, /* "X9.57 CM ?" */
+478, /* "aRecord" */
+289, /* "aaControls" */
+287, /* "ac-auditEntity" */
+397, /* "ac-proxying" */
+288, /* "ac-targeting" */
+446, /* "account" */
+364, /* "ad dvcs" */
+606, /* "additional verification" */
+419, /* "aes-128-cbc" */
+916, /* "aes-128-cbc-hmac-sha1" */
+896, /* "aes-128-ccm" */
+421, /* "aes-128-cfb" */
+650, /* "aes-128-cfb1" */
+653, /* "aes-128-cfb8" */
+904, /* "aes-128-ctr" */
+418, /* "aes-128-ecb" */
+895, /* "aes-128-gcm" */
+420, /* "aes-128-ofb" */
+913, /* "aes-128-xts" */
+423, /* "aes-192-cbc" */
+917, /* "aes-192-cbc-hmac-sha1" */
+899, /* "aes-192-ccm" */
+425, /* "aes-192-cfb" */
+651, /* "aes-192-cfb1" */
+654, /* "aes-192-cfb8" */
+905, /* "aes-192-ctr" */
+422, /* "aes-192-ecb" */
+898, /* "aes-192-gcm" */
+424, /* "aes-192-ofb" */
+427, /* "aes-256-cbc" */
+918, /* "aes-256-cbc-hmac-sha1" */
+902, /* "aes-256-ccm" */
+429, /* "aes-256-cfb" */
+652, /* "aes-256-cfb1" */
+655, /* "aes-256-cfb8" */
+906, /* "aes-256-ctr" */
+426, /* "aes-256-ecb" */
+901, /* "aes-256-gcm" */
+428, /* "aes-256-ofb" */
+914, /* "aes-256-xts" */
+376, /* "algorithm" */
+484, /* "associatedDomain" */
+485, /* "associatedName" */
+501, /* "audio" */
+882, /* "authorityRevocationList" */
+91, /* "bf-cbc" */
+93, /* "bf-cfb" */
+92, /* "bf-ecb" */
+94, /* "bf-ofb" */
+494, /* "buildingName" */
+860, /* "businessCategory" */
+691, /* "c2onb191v4" */
+692, /* "c2onb191v5" */
+697, /* "c2onb239v4" */
+698, /* "c2onb239v5" */
+684, /* "c2pnb163v1" */
+685, /* "c2pnb163v2" */
+686, /* "c2pnb163v3" */
+687, /* "c2pnb176v1" */
+693, /* "c2pnb208w1" */
+699, /* "c2pnb272w1" */
+700, /* "c2pnb304w1" */
+702, /* "c2pnb368w1" */
+688, /* "c2tnb191v1" */
+689, /* "c2tnb191v2" */
+690, /* "c2tnb191v3" */
+694, /* "c2tnb239v1" */
+695, /* "c2tnb239v2" */
+696, /* "c2tnb239v3" */
+701, /* "c2tnb359v1" */
+703, /* "c2tnb431r1" */
+881, /* "cACertificate" */
+483, /* "cNAMERecord" */
+751, /* "camellia-128-cbc" */
+757, /* "camellia-128-cfb" */
+760, /* "camellia-128-cfb1" */
+763, /* "camellia-128-cfb8" */
+754, /* "camellia-128-ecb" */
+766, /* "camellia-128-ofb" */
+752, /* "camellia-192-cbc" */
+758, /* "camellia-192-cfb" */
+761, /* "camellia-192-cfb1" */
+764, /* "camellia-192-cfb8" */
+755, /* "camellia-192-ecb" */
+767, /* "camellia-192-ofb" */
+753, /* "camellia-256-cbc" */
+759, /* "camellia-256-cfb" */
+762, /* "camellia-256-cfb1" */
+765, /* "camellia-256-cfb8" */
+756, /* "camellia-256-ecb" */
+768, /* "camellia-256-ofb" */
+443, /* "caseIgnoreIA5StringSyntax" */
+108, /* "cast5-cbc" */
+110, /* "cast5-cfb" */
+109, /* "cast5-ecb" */
+111, /* "cast5-ofb" */
+152, /* "certBag" */
+677, /* "certicom-arc" */
+517, /* "certificate extensions" */
+883, /* "certificateRevocationList" */
+54, /* "challengePassword" */
+407, /* "characteristic-two-field" */
+395, /* "clearance" */
+633, /* "cleartext track 2" */
+894, /* "cmac" */
+13, /* "commonName" */
+513, /* "content types" */
+50, /* "contentType" */
+53, /* "countersignature" */
+14, /* "countryName" */
+153, /* "crlBag" */
+884, /* "crossCertificatePair" */
+806, /* "cryptocom" */
+805, /* "cryptopro" */
+500, /* "dITRedirect" */
+451, /* "dNSDomain" */
+495, /* "dSAQuality" */
+434, /* "data" */
+390, /* "dcObject" */
+891, /* "deltaRevocationList" */
+31, /* "des-cbc" */
+643, /* "des-cdmf" */
+30, /* "des-cfb" */
+656, /* "des-cfb1" */
+657, /* "des-cfb8" */
+29, /* "des-ecb" */
+32, /* "des-ede" */
+43, /* "des-ede-cbc" */
+60, /* "des-ede-cfb" */
+62, /* "des-ede-ofb" */
+33, /* "des-ede3" */
+44, /* "des-ede3-cbc" */
+61, /* "des-ede3-cfb" */
+658, /* "des-ede3-cfb1" */
+659, /* "des-ede3-cfb8" */
+63, /* "des-ede3-ofb" */
+45, /* "des-ofb" */
+107, /* "description" */
+871, /* "destinationIndicator" */
+80, /* "desx-cbc" */
+28, /* "dhKeyAgreement" */
+11, /* "directory services (X.500)" */
+378, /* "directory services - algorithms" */
+887, /* "distinguishedName" */
+892, /* "dmdName" */
+174, /* "dnQualifier" */
+447, /* "document" */
+471, /* "documentAuthor" */
+468, /* "documentIdentifier" */
+472, /* "documentLocation" */
+502, /* "documentPublisher" */
+449, /* "documentSeries" */
+469, /* "documentTitle" */
+470, /* "documentVersion" */
+380, /* "dod" */
+391, /* "domainComponent" */
+452, /* "domainRelatedObject" */
+116, /* "dsaEncryption" */
+67, /* "dsaEncryption-old" */
+66, /* "dsaWithSHA" */
+113, /* "dsaWithSHA1" */
+70, /* "dsaWithSHA1-old" */
+802, /* "dsa_with_SHA224" */
+803, /* "dsa_with_SHA256" */
+297, /* "dvcs" */
+791, /* "ecdsa-with-Recommended" */
+416, /* "ecdsa-with-SHA1" */
+793, /* "ecdsa-with-SHA224" */
+794, /* "ecdsa-with-SHA256" */
+795, /* "ecdsa-with-SHA384" */
+796, /* "ecdsa-with-SHA512" */
+792, /* "ecdsa-with-Specified" */
+48, /* "emailAddress" */
+632, /* "encrypted track 2" */
+885, /* "enhancedSearchGuide" */
+56, /* "extendedCertificateAttributes" */
+867, /* "facsimileTelephoneNumber" */
+462, /* "favouriteDrink" */
+453, /* "friendlyCountry" */
+490, /* "friendlyCountryName" */
+156, /* "friendlyName" */
+631, /* "generate cryptogram" */
+509, /* "generationQualifier" */
+601, /* "generic cryptogram" */
+99, /* "givenName" */
+814, /* "gost89-cnt" */
+855, /* "hmac" */
+780, /* "hmac-md5" */
+781, /* "hmac-sha1" */
+797, /* "hmacWithMD5" */
+163, /* "hmacWithSHA1" */
+798, /* "hmacWithSHA224" */
+799, /* "hmacWithSHA256" */
+800, /* "hmacWithSHA384" */
+801, /* "hmacWithSHA512" */
+486, /* "homePostalAddress" */
+473, /* "homeTelephoneNumber" */
+466, /* "host" */
+889, /* "houseIdentifier" */
+442, /* "iA5StringSyntax" */
+381, /* "iana" */
+824, /* "id-Gost28147-89-CryptoPro-A-ParamSet" */
+825, /* "id-Gost28147-89-CryptoPro-B-ParamSet" */
+826, /* "id-Gost28147-89-CryptoPro-C-ParamSet" */
+827, /* "id-Gost28147-89-CryptoPro-D-ParamSet" */
+819, /* "id-Gost28147-89-CryptoPro-KeyMeshing" */
+829, /* "id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet" */
+828, /* "id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet" */
+830, /* "id-Gost28147-89-CryptoPro-RIC-1-ParamSet" */
+820, /* "id-Gost28147-89-None-KeyMeshing" */
+823, /* "id-Gost28147-89-TestParamSet" */
+840, /* "id-GostR3410-2001-CryptoPro-A-ParamSet" */
+841, /* "id-GostR3410-2001-CryptoPro-B-ParamSet" */
+842, /* "id-GostR3410-2001-CryptoPro-C-ParamSet" */
+843, /* "id-GostR3410-2001-CryptoPro-XchA-ParamSet" */
+844, /* "id-GostR3410-2001-CryptoPro-XchB-ParamSet" */
+839, /* "id-GostR3410-2001-TestParamSet" */
+832, /* "id-GostR3410-94-CryptoPro-A-ParamSet" */
+833, /* "id-GostR3410-94-CryptoPro-B-ParamSet" */
+834, /* "id-GostR3410-94-CryptoPro-C-ParamSet" */
+835, /* "id-GostR3410-94-CryptoPro-D-ParamSet" */
+836, /* "id-GostR3410-94-CryptoPro-XchA-ParamSet" */
+837, /* "id-GostR3410-94-CryptoPro-XchB-ParamSet" */
+838, /* "id-GostR3410-94-CryptoPro-XchC-ParamSet" */
+831, /* "id-GostR3410-94-TestParamSet" */
+845, /* "id-GostR3410-94-a" */
+846, /* "id-GostR3410-94-aBis" */
+847, /* "id-GostR3410-94-b" */
+848, /* "id-GostR3410-94-bBis" */
+822, /* "id-GostR3411-94-CryptoProParamSet" */
+821, /* "id-GostR3411-94-TestParamSet" */
+266, /* "id-aca" */
+355, /* "id-aca-accessIdentity" */
+354, /* "id-aca-authenticationInfo" */
+356, /* "id-aca-chargingIdentity" */
+399, /* "id-aca-encAttrs" */
+357, /* "id-aca-group" */
+358, /* "id-aca-role" */
+176, /* "id-ad" */
+788, /* "id-aes128-wrap" */
+897, /* "id-aes128-wrap-pad" */
+789, /* "id-aes192-wrap" */
+900, /* "id-aes192-wrap-pad" */
+790, /* "id-aes256-wrap" */
+903, /* "id-aes256-wrap-pad" */
+262, /* "id-alg" */
+893, /* "id-alg-PWRI-KEK" */
+323, /* "id-alg-des40" */
+326, /* "id-alg-dh-pop" */
+325, /* "id-alg-dh-sig-hmac-sha1" */
+324, /* "id-alg-noSignature" */
+907, /* "id-camellia128-wrap" */
+908, /* "id-camellia192-wrap" */
+909, /* "id-camellia256-wrap" */
+268, /* "id-cct" */
+361, /* "id-cct-PKIData" */
+362, /* "id-cct-PKIResponse" */
+360, /* "id-cct-crs" */
+81, /* "id-ce" */
+680, /* "id-characteristic-two-basis" */
+263, /* "id-cmc" */
+334, /* "id-cmc-addExtensions" */
+346, /* "id-cmc-confirmCertAcceptance" */
+330, /* "id-cmc-dataReturn" */
+336, /* "id-cmc-decryptedPOP" */
+335, /* "id-cmc-encryptedPOP" */
+339, /* "id-cmc-getCRL" */
+338, /* "id-cmc-getCert" */
+328, /* "id-cmc-identification" */
+329, /* "id-cmc-identityProof" */
+337, /* "id-cmc-lraPOPWitness" */
+344, /* "id-cmc-popLinkRandom" */
+345, /* "id-cmc-popLinkWitness" */
+343, /* "id-cmc-queryPending" */
+333, /* "id-cmc-recipientNonce" */
+341, /* "id-cmc-regInfo" */
+342, /* "id-cmc-responseInfo" */
+340, /* "id-cmc-revokeRequest" */
+332, /* "id-cmc-senderNonce" */
+327, /* "id-cmc-statusInfo" */
+331, /* "id-cmc-transactionId" */
+787, /* "id-ct-asciiTextWithCRLF" */
+408, /* "id-ecPublicKey" */
+508, /* "id-hex-multipart-message" */
+507, /* "id-hex-partial-message" */
+260, /* "id-it" */
+302, /* "id-it-caKeyUpdateInfo" */
+298, /* "id-it-caProtEncCert" */
+311, /* "id-it-confirmWaitTime" */
+303, /* "id-it-currentCRL" */
+300, /* "id-it-encKeyPairTypes" */
+310, /* "id-it-implicitConfirm" */
+308, /* "id-it-keyPairParamRep" */
+307, /* "id-it-keyPairParamReq" */
+312, /* "id-it-origPKIMessage" */
+301, /* "id-it-preferredSymmAlg" */
+309, /* "id-it-revPassphrase" */
+299, /* "id-it-signKeyPairTypes" */
+305, /* "id-it-subscriptionRequest" */
+306, /* "id-it-subscriptionResponse" */
+784, /* "id-it-suppLangTags" */
+304, /* "id-it-unsupportedOIDs" */
+128, /* "id-kp" */
+280, /* "id-mod-attribute-cert" */
+274, /* "id-mod-cmc" */
+277, /* "id-mod-cmp" */
+284, /* "id-mod-cmp2000" */
+273, /* "id-mod-crmf" */
+283, /* "id-mod-dvcs" */
+275, /* "id-mod-kea-profile-88" */
+276, /* "id-mod-kea-profile-93" */
+282, /* "id-mod-ocsp" */
+278, /* "id-mod-qualified-cert-88" */
+279, /* "id-mod-qualified-cert-93" */
+281, /* "id-mod-timestamp-protocol" */
+264, /* "id-on" */
+347, /* "id-on-personalData" */
+265, /* "id-pda" */
+352, /* "id-pda-countryOfCitizenship" */
+353, /* "id-pda-countryOfResidence" */
+348, /* "id-pda-dateOfBirth" */
+351, /* "id-pda-gender" */
+349, /* "id-pda-placeOfBirth" */
+175, /* "id-pe" */
+261, /* "id-pkip" */
+258, /* "id-pkix-mod" */
+269, /* "id-pkix1-explicit-88" */
+271, /* "id-pkix1-explicit-93" */
+270, /* "id-pkix1-implicit-88" */
+272, /* "id-pkix1-implicit-93" */
+662, /* "id-ppl" */
+267, /* "id-qcs" */
+359, /* "id-qcs-pkixQCSyntax-v1" */
+259, /* "id-qt" */
+313, /* "id-regCtrl" */
+316, /* "id-regCtrl-authenticator" */
+319, /* "id-regCtrl-oldCertID" */
+318, /* "id-regCtrl-pkiArchiveOptions" */
+317, /* "id-regCtrl-pkiPublicationInfo" */
+320, /* "id-regCtrl-protocolEncrKey" */
+315, /* "id-regCtrl-regToken" */
+314, /* "id-regInfo" */
+322, /* "id-regInfo-certReq" */
+321, /* "id-regInfo-utf8Pairs" */
+191, /* "id-smime-aa" */
+215, /* "id-smime-aa-contentHint" */
+218, /* "id-smime-aa-contentIdentifier" */
+221, /* "id-smime-aa-contentReference" */
+240, /* "id-smime-aa-dvcs-dvc" */
+217, /* "id-smime-aa-encapContentType" */
+222, /* "id-smime-aa-encrypKeyPref" */
+220, /* "id-smime-aa-equivalentLabels" */
+232, /* "id-smime-aa-ets-CertificateRefs" */
+233, /* "id-smime-aa-ets-RevocationRefs" */
+238, /* "id-smime-aa-ets-archiveTimeStamp" */
+237, /* "id-smime-aa-ets-certCRLTimestamp" */
+234, /* "id-smime-aa-ets-certValues" */
+227, /* "id-smime-aa-ets-commitmentType" */
+231, /* "id-smime-aa-ets-contentTimestamp" */
+236, /* "id-smime-aa-ets-escTimeStamp" */
+230, /* "id-smime-aa-ets-otherSigCert" */
+235, /* "id-smime-aa-ets-revocationValues" */
+226, /* "id-smime-aa-ets-sigPolicyId" */
+229, /* "id-smime-aa-ets-signerAttr" */
+228, /* "id-smime-aa-ets-signerLocation" */
+219, /* "id-smime-aa-macValue" */
+214, /* "id-smime-aa-mlExpandHistory" */
+216, /* "id-smime-aa-msgSigDigest" */
+212, /* "id-smime-aa-receiptRequest" */
+213, /* "id-smime-aa-securityLabel" */
+239, /* "id-smime-aa-signatureType" */
+223, /* "id-smime-aa-signingCertificate" */
+224, /* "id-smime-aa-smimeEncryptCerts" */
+225, /* "id-smime-aa-timeStampToken" */
+192, /* "id-smime-alg" */
+243, /* "id-smime-alg-3DESwrap" */
+246, /* "id-smime-alg-CMS3DESwrap" */
+247, /* "id-smime-alg-CMSRC2wrap" */
+245, /* "id-smime-alg-ESDH" */
+241, /* "id-smime-alg-ESDHwith3DES" */
+242, /* "id-smime-alg-ESDHwithRC2" */
+244, /* "id-smime-alg-RC2wrap" */
+193, /* "id-smime-cd" */
+248, /* "id-smime-cd-ldap" */
+190, /* "id-smime-ct" */
+210, /* "id-smime-ct-DVCSRequestData" */
+211, /* "id-smime-ct-DVCSResponseData" */
+208, /* "id-smime-ct-TDTInfo" */
+207, /* "id-smime-ct-TSTInfo" */
+205, /* "id-smime-ct-authData" */
+786, /* "id-smime-ct-compressedData" */
+209, /* "id-smime-ct-contentInfo" */
+206, /* "id-smime-ct-publishCert" */
+204, /* "id-smime-ct-receipt" */
+195, /* "id-smime-cti" */
+255, /* "id-smime-cti-ets-proofOfApproval" */
+256, /* "id-smime-cti-ets-proofOfCreation" */
+253, /* "id-smime-cti-ets-proofOfDelivery" */
+251, /* "id-smime-cti-ets-proofOfOrigin" */
+252, /* "id-smime-cti-ets-proofOfReceipt" */
+254, /* "id-smime-cti-ets-proofOfSender" */
+189, /* "id-smime-mod" */
+196, /* "id-smime-mod-cms" */
+197, /* "id-smime-mod-ess" */
+202, /* "id-smime-mod-ets-eSigPolicy-88" */
+203, /* "id-smime-mod-ets-eSigPolicy-97" */
+200, /* "id-smime-mod-ets-eSignature-88" */
+201, /* "id-smime-mod-ets-eSignature-97" */
+199, /* "id-smime-mod-msg-v3" */
+198, /* "id-smime-mod-oid" */
+194, /* "id-smime-spq" */
+250, /* "id-smime-spq-ets-sqt-unotice" */
+249, /* "id-smime-spq-ets-sqt-uri" */
+34, /* "idea-cbc" */
+35, /* "idea-cfb" */
+36, /* "idea-ecb" */
+46, /* "idea-ofb" */
+676, /* "identified-organization" */
+461, /* "info" */
+101, /* "initials" */
+869, /* "internationaliSDNNumber" */
+749, /* "ipsec3" */
+750, /* "ipsec4" */
+181, /* "iso" */
+623, /* "issuer capabilities" */
+645, /* "itu-t" */
+492, /* "janetMailbox" */
+646, /* "joint-iso-itu-t" */
+150, /* "keyBag" */
+773, /* "kisa" */
+477, /* "lastModifiedBy" */
+476, /* "lastModifiedTime" */
+157, /* "localKeyID" */
+15, /* "localityName" */
+480, /* "mXRecord" */
+493, /* "mailPreferenceOption" */
+467, /* "manager" */
+ 3, /* "md2" */
+ 7, /* "md2WithRSAEncryption" */
+257, /* "md4" */
+396, /* "md4WithRSAEncryption" */
+ 4, /* "md5" */
+114, /* "md5-sha1" */
+104, /* "md5WithRSA" */
+ 8, /* "md5WithRSAEncryption" */
+95, /* "mdc2" */
+96, /* "mdc2WithRSA" */
+875, /* "member" */
+602, /* "merchant initiated auth" */
+514, /* "message extensions" */
+51, /* "messageDigest" */
+911, /* "mgf1" */
+506, /* "mime-mhs-bodies" */
+505, /* "mime-mhs-headings" */
+488, /* "mobileTelephoneNumber" */
+481, /* "nSRecord" */
+173, /* "name" */
+681, /* "onBasis" */
+379, /* "org" */
+17, /* "organizationName" */
+491, /* "organizationalStatus" */
+18, /* "organizationalUnitName" */
+475, /* "otherMailbox" */
+876, /* "owner" */
+489, /* "pagerTelephoneNumber" */
+782, /* "password based MAC" */
+374, /* "path" */
+621, /* "payment gateway capabilities" */
+ 9, /* "pbeWithMD2AndDES-CBC" */
+168, /* "pbeWithMD2AndRC2-CBC" */
+112, /* "pbeWithMD5AndCast5CBC" */
+10, /* "pbeWithMD5AndDES-CBC" */
+169, /* "pbeWithMD5AndRC2-CBC" */
+148, /* "pbeWithSHA1And128BitRC2-CBC" */
+144, /* "pbeWithSHA1And128BitRC4" */
+147, /* "pbeWithSHA1And2-KeyTripleDES-CBC" */
+146, /* "pbeWithSHA1And3-KeyTripleDES-CBC" */
+149, /* "pbeWithSHA1And40BitRC2-CBC" */
+145, /* "pbeWithSHA1And40BitRC4" */
+170, /* "pbeWithSHA1AndDES-CBC" */
+68, /* "pbeWithSHA1AndRC2-CBC" */
+499, /* "personalSignature" */
+487, /* "personalTitle" */
+464, /* "photo" */
+863, /* "physicalDeliveryOfficeName" */
+437, /* "pilot" */
+439, /* "pilotAttributeSyntax" */
+438, /* "pilotAttributeType" */
+479, /* "pilotAttributeType27" */
+456, /* "pilotDSA" */
+441, /* "pilotGroups" */
+444, /* "pilotObject" */
+440, /* "pilotObjectClass" */
+455, /* "pilotOrganization" */
+445, /* "pilotPerson" */
+186, /* "pkcs1" */
+27, /* "pkcs3" */
+187, /* "pkcs5" */
+20, /* "pkcs7" */
+21, /* "pkcs7-data" */
+25, /* "pkcs7-digestData" */
+26, /* "pkcs7-encryptedData" */
+23, /* "pkcs7-envelopedData" */
+24, /* "pkcs7-signedAndEnvelopedData" */
+22, /* "pkcs7-signedData" */
+151, /* "pkcs8ShroudedKeyBag" */
+47, /* "pkcs9" */
+862, /* "postOfficeBox" */
+861, /* "postalAddress" */
+661, /* "postalCode" */
+683, /* "ppBasis" */
+872, /* "preferredDeliveryMethod" */
+873, /* "presentationAddress" */
+406, /* "prime-field" */
+409, /* "prime192v1" */
+410, /* "prime192v2" */
+411, /* "prime192v3" */
+412, /* "prime239v1" */
+413, /* "prime239v2" */
+414, /* "prime239v3" */
+415, /* "prime256v1" */
+886, /* "protocolInformation" */
+510, /* "pseudonym" */
+435, /* "pss" */
+286, /* "qcStatements" */
+457, /* "qualityLabelledData" */
+450, /* "rFC822localPart" */
+98, /* "rc2-40-cbc" */
+166, /* "rc2-64-cbc" */
+37, /* "rc2-cbc" */
+39, /* "rc2-cfb" */
+38, /* "rc2-ecb" */
+40, /* "rc2-ofb" */
+ 5, /* "rc4" */
+97, /* "rc4-40" */
+915, /* "rc4-hmac-md5" */
+120, /* "rc5-cbc" */
+122, /* "rc5-cfb" */
+121, /* "rc5-ecb" */
+123, /* "rc5-ofb" */
+870, /* "registeredAddress" */
+460, /* "rfc822Mailbox" */
+117, /* "ripemd160" */
+119, /* "ripemd160WithRSA" */
+400, /* "role" */
+877, /* "roleOccupant" */
+448, /* "room" */
+463, /* "roomNumber" */
+19, /* "rsa" */
+ 6, /* "rsaEncryption" */
+644, /* "rsaOAEPEncryptionSET" */
+377, /* "rsaSignature" */
+919, /* "rsaesOaep" */
+912, /* "rsassaPss" */
+124, /* "run length compression" */
+482, /* "sOARecord" */
+155, /* "safeContentsBag" */
+291, /* "sbgp-autonomousSysNum" */
+290, /* "sbgp-ipAddrBlock" */
+292, /* "sbgp-routerIdentifier" */
+159, /* "sdsiCertificate" */
+859, /* "searchGuide" */
+704, /* "secp112r1" */
+705, /* "secp112r2" */
+706, /* "secp128r1" */
+707, /* "secp128r2" */
+708, /* "secp160k1" */
+709, /* "secp160r1" */
+710, /* "secp160r2" */
+711, /* "secp192k1" */
+712, /* "secp224k1" */
+713, /* "secp224r1" */
+714, /* "secp256k1" */
+715, /* "secp384r1" */
+716, /* "secp521r1" */
+154, /* "secretBag" */
+474, /* "secretary" */
+717, /* "sect113r1" */
+718, /* "sect113r2" */
+719, /* "sect131r1" */
+720, /* "sect131r2" */
+721, /* "sect163k1" */
+722, /* "sect163r1" */
+723, /* "sect163r2" */
+724, /* "sect193r1" */
+725, /* "sect193r2" */
+726, /* "sect233k1" */
+727, /* "sect233r1" */
+728, /* "sect239k1" */
+729, /* "sect283k1" */
+730, /* "sect283r1" */
+731, /* "sect409k1" */
+732, /* "sect409r1" */
+733, /* "sect571k1" */
+734, /* "sect571r1" */
+635, /* "secure device signature" */
+878, /* "seeAlso" */
+777, /* "seed-cbc" */
+779, /* "seed-cfb" */
+776, /* "seed-ecb" */
+778, /* "seed-ofb" */
+105, /* "serialNumber" */
+625, /* "set-addPolicy" */
+515, /* "set-attr" */
+518, /* "set-brand" */
+638, /* "set-brand-AmericanExpress" */
+637, /* "set-brand-Diners" */
+636, /* "set-brand-IATA-ATA" */
+639, /* "set-brand-JCB" */
+641, /* "set-brand-MasterCard" */
+642, /* "set-brand-Novus" */
+640, /* "set-brand-Visa" */
+516, /* "set-policy" */
+607, /* "set-policy-root" */
+624, /* "set-rootKeyThumb" */
+620, /* "setAttr-Cert" */
+628, /* "setAttr-IssCap-CVM" */
+630, /* "setAttr-IssCap-Sig" */
+629, /* "setAttr-IssCap-T2" */
+627, /* "setAttr-Token-B0Prime" */
+626, /* "setAttr-Token-EMV" */
+622, /* "setAttr-TokenType" */
+619, /* "setCext-IssuerCapabilities" */
+615, /* "setCext-PGWYcapabilities" */
+616, /* "setCext-TokenIdentifier" */
+618, /* "setCext-TokenType" */
+617, /* "setCext-Track2Data" */
+611, /* "setCext-cCertRequired" */
+609, /* "setCext-certType" */
+608, /* "setCext-hashedRoot" */
+610, /* "setCext-merchData" */
+613, /* "setCext-setExt" */
+614, /* "setCext-setQualf" */
+612, /* "setCext-tunneling" */
+540, /* "setct-AcqCardCodeMsg" */
+576, /* "setct-AcqCardCodeMsgTBE" */
+570, /* "setct-AuthReqTBE" */
+534, /* "setct-AuthReqTBS" */
+527, /* "setct-AuthResBaggage" */
+571, /* "setct-AuthResTBE" */
+572, /* "setct-AuthResTBEX" */
+535, /* "setct-AuthResTBS" */
+536, /* "setct-AuthResTBSX" */
+528, /* "setct-AuthRevReqBaggage" */
+577, /* "setct-AuthRevReqTBE" */
+541, /* "setct-AuthRevReqTBS" */
+529, /* "setct-AuthRevResBaggage" */
+542, /* "setct-AuthRevResData" */
+578, /* "setct-AuthRevResTBE" */
+579, /* "setct-AuthRevResTBEB" */
+543, /* "setct-AuthRevResTBS" */
+573, /* "setct-AuthTokenTBE" */
+537, /* "setct-AuthTokenTBS" */
+600, /* "setct-BCIDistributionTBS" */
+558, /* "setct-BatchAdminReqData" */
+592, /* "setct-BatchAdminReqTBE" */
+559, /* "setct-BatchAdminResData" */
+593, /* "setct-BatchAdminResTBE" */
+599, /* "setct-CRLNotificationResTBS" */
+598, /* "setct-CRLNotificationTBS" */
+580, /* "setct-CapReqTBE" */
+581, /* "setct-CapReqTBEX" */
+544, /* "setct-CapReqTBS" */
+545, /* "setct-CapReqTBSX" */
+546, /* "setct-CapResData" */
+582, /* "setct-CapResTBE" */
+583, /* "setct-CapRevReqTBE" */
+584, /* "setct-CapRevReqTBEX" */
+547, /* "setct-CapRevReqTBS" */
+548, /* "setct-CapRevReqTBSX" */
+549, /* "setct-CapRevResData" */
+585, /* "setct-CapRevResTBE" */
+538, /* "setct-CapTokenData" */
+530, /* "setct-CapTokenSeq" */
+574, /* "setct-CapTokenTBE" */
+575, /* "setct-CapTokenTBEX" */
+539, /* "setct-CapTokenTBS" */
+560, /* "setct-CardCInitResTBS" */
+566, /* "setct-CertInqReqTBS" */
+563, /* "setct-CertReqData" */
+595, /* "setct-CertReqTBE" */
+596, /* "setct-CertReqTBEX" */
+564, /* "setct-CertReqTBS" */
+565, /* "setct-CertResData" */
+597, /* "setct-CertResTBE" */
+586, /* "setct-CredReqTBE" */
+587, /* "setct-CredReqTBEX" */
+550, /* "setct-CredReqTBS" */
+551, /* "setct-CredReqTBSX" */
+552, /* "setct-CredResData" */
+588, /* "setct-CredResTBE" */
+589, /* "setct-CredRevReqTBE" */
+590, /* "setct-CredRevReqTBEX" */
+553, /* "setct-CredRevReqTBS" */
+554, /* "setct-CredRevReqTBSX" */
+555, /* "setct-CredRevResData" */
+591, /* "setct-CredRevResTBE" */
+567, /* "setct-ErrorTBS" */
+526, /* "setct-HODInput" */
+561, /* "setct-MeAqCInitResTBS" */
+522, /* "setct-OIData" */
+519, /* "setct-PANData" */
+521, /* "setct-PANOnly" */
+520, /* "setct-PANToken" */
+556, /* "setct-PCertReqData" */
+557, /* "setct-PCertResTBS" */
+523, /* "setct-PI" */
+532, /* "setct-PI-TBS" */
+524, /* "setct-PIData" */
+525, /* "setct-PIDataUnsigned" */
+568, /* "setct-PIDualSignedTBE" */
+569, /* "setct-PIUnsignedTBE" */
+531, /* "setct-PInitResData" */
+533, /* "setct-PResData" */
+594, /* "setct-RegFormReqTBE" */
+562, /* "setct-RegFormResTBS" */
+604, /* "setext-pinAny" */
+603, /* "setext-pinSecure" */
+605, /* "setext-track2" */
+41, /* "sha" */
+64, /* "sha1" */
+115, /* "sha1WithRSA" */
+65, /* "sha1WithRSAEncryption" */
+675, /* "sha224" */
+671, /* "sha224WithRSAEncryption" */
+672, /* "sha256" */
+668, /* "sha256WithRSAEncryption" */
+673, /* "sha384" */
+669, /* "sha384WithRSAEncryption" */
+674, /* "sha512" */
+670, /* "sha512WithRSAEncryption" */
+42, /* "shaWithRSAEncryption" */
+52, /* "signingTime" */
+454, /* "simpleSecurityObject" */
+496, /* "singleLevelQuality" */
+16, /* "stateOrProvinceName" */
+660, /* "streetAddress" */
+498, /* "subtreeMaximumQuality" */
+497, /* "subtreeMinimumQuality" */
+890, /* "supportedAlgorithms" */
+874, /* "supportedApplicationContext" */
+100, /* "surname" */
+864, /* "telephoneNumber" */
+866, /* "teletexTerminalIdentifier" */
+865, /* "telexNumber" */
+459, /* "textEncodedORAddress" */
+293, /* "textNotice" */
+106, /* "title" */
+682, /* "tpBasis" */
+436, /* "ucl" */
+ 0, /* "undefined" */
+888, /* "uniqueMember" */
+55, /* "unstructuredAddress" */
+49, /* "unstructuredName" */
+880, /* "userCertificate" */
+465, /* "userClass" */
+458, /* "userId" */
+879, /* "userPassword" */
+373, /* "valid" */
+678, /* "wap" */
+679, /* "wap-wsg" */
+735, /* "wap-wsg-idm-ecid-wtls1" */
+743, /* "wap-wsg-idm-ecid-wtls10" */
+744, /* "wap-wsg-idm-ecid-wtls11" */
+745, /* "wap-wsg-idm-ecid-wtls12" */
+736, /* "wap-wsg-idm-ecid-wtls3" */
+737, /* "wap-wsg-idm-ecid-wtls4" */
+738, /* "wap-wsg-idm-ecid-wtls5" */
+739, /* "wap-wsg-idm-ecid-wtls6" */
+740, /* "wap-wsg-idm-ecid-wtls7" */
+741, /* "wap-wsg-idm-ecid-wtls8" */
+742, /* "wap-wsg-idm-ecid-wtls9" */
+804, /* "whirlpool" */
+868, /* "x121Address" */
+503, /* "x500UniqueIdentifier" */
+158, /* "x509Certificate" */
+160, /* "x509Crl" */
+125, /* "zlib compression" */
};
-static ASN1_OBJECT *obj_objs[NUM_OBJ]={
-&(nid_objs[ 0]),/* OBJ_undef 0 */
-&(nid_objs[393]),/* OBJ_joint_iso_ccitt OBJ_joint_iso_itu_t */
-&(nid_objs[404]),/* OBJ_ccitt OBJ_itu_t */
-&(nid_objs[645]),/* OBJ_itu_t 0 */
-&(nid_objs[434]),/* OBJ_data 0 9 */
-&(nid_objs[181]),/* OBJ_iso 1 */
-&(nid_objs[182]),/* OBJ_member_body 1 2 */
-&(nid_objs[379]),/* OBJ_org 1 3 */
-&(nid_objs[676]),/* OBJ_identified_organization 1 3 */
-&(nid_objs[646]),/* OBJ_joint_iso_itu_t 2 */
-&(nid_objs[11]),/* OBJ_X500 2 5 */
-&(nid_objs[647]),/* OBJ_international_organizations 2 23 */
-&(nid_objs[380]),/* OBJ_dod 1 3 6 */
-&(nid_objs[12]),/* OBJ_X509 2 5 4 */
-&(nid_objs[378]),/* OBJ_X500algorithms 2 5 8 */
-&(nid_objs[81]),/* OBJ_id_ce 2 5 29 */
-&(nid_objs[512]),/* OBJ_id_set 2 23 42 */
-&(nid_objs[678]),/* OBJ_wap 2 23 43 */
-&(nid_objs[435]),/* OBJ_pss 0 9 2342 */
-&(nid_objs[183]),/* OBJ_ISO_US 1 2 840 */
-&(nid_objs[381]),/* OBJ_iana 1 3 6 1 */
-&(nid_objs[677]),/* OBJ_certicom_arc 1 3 132 */
-&(nid_objs[394]),/* OBJ_selected_attribute_types 2 5 1 5 */
-&(nid_objs[13]),/* OBJ_commonName 2 5 4 3 */
-&(nid_objs[100]),/* OBJ_surname 2 5 4 4 */
-&(nid_objs[105]),/* OBJ_serialNumber 2 5 4 5 */
-&(nid_objs[14]),/* OBJ_countryName 2 5 4 6 */
-&(nid_objs[15]),/* OBJ_localityName 2 5 4 7 */
-&(nid_objs[16]),/* OBJ_stateOrProvinceName 2 5 4 8 */
-&(nid_objs[660]),/* OBJ_streetAddress 2 5 4 9 */
-&(nid_objs[17]),/* OBJ_organizationName 2 5 4 10 */
-&(nid_objs[18]),/* OBJ_organizationalUnitName 2 5 4 11 */
-&(nid_objs[106]),/* OBJ_title 2 5 4 12 */
-&(nid_objs[107]),/* OBJ_description 2 5 4 13 */
-&(nid_objs[859]),/* OBJ_searchGuide 2 5 4 14 */
-&(nid_objs[860]),/* OBJ_businessCategory 2 5 4 15 */
-&(nid_objs[861]),/* OBJ_postalAddress 2 5 4 16 */
-&(nid_objs[661]),/* OBJ_postalCode 2 5 4 17 */
-&(nid_objs[862]),/* OBJ_postOfficeBox 2 5 4 18 */
-&(nid_objs[863]),/* OBJ_physicalDeliveryOfficeName 2 5 4 19 */
-&(nid_objs[864]),/* OBJ_telephoneNumber 2 5 4 20 */
-&(nid_objs[865]),/* OBJ_telexNumber 2 5 4 21 */
-&(nid_objs[866]),/* OBJ_teletexTerminalIdentifier 2 5 4 22 */
-&(nid_objs[867]),/* OBJ_facsimileTelephoneNumber 2 5 4 23 */
-&(nid_objs[868]),/* OBJ_x121Address 2 5 4 24 */
-&(nid_objs[869]),/* OBJ_internationaliSDNNumber 2 5 4 25 */
-&(nid_objs[870]),/* OBJ_registeredAddress 2 5 4 26 */
-&(nid_objs[871]),/* OBJ_destinationIndicator 2 5 4 27 */
-&(nid_objs[872]),/* OBJ_preferredDeliveryMethod 2 5 4 28 */
-&(nid_objs[873]),/* OBJ_presentationAddress 2 5 4 29 */
-&(nid_objs[874]),/* OBJ_supportedApplicationContext 2 5 4 30 */
-&(nid_objs[875]),/* OBJ_member 2 5 4 31 */
-&(nid_objs[876]),/* OBJ_owner 2 5 4 32 */
-&(nid_objs[877]),/* OBJ_roleOccupant 2 5 4 33 */
-&(nid_objs[878]),/* OBJ_seeAlso 2 5 4 34 */
-&(nid_objs[879]),/* OBJ_userPassword 2 5 4 35 */
-&(nid_objs[880]),/* OBJ_userCertificate 2 5 4 36 */
-&(nid_objs[881]),/* OBJ_cACertificate 2 5 4 37 */
-&(nid_objs[882]),/* OBJ_authorityRevocationList 2 5 4 38 */
-&(nid_objs[883]),/* OBJ_certificateRevocationList 2 5 4 39 */
-&(nid_objs[884]),/* OBJ_crossCertificatePair 2 5 4 40 */
-&(nid_objs[173]),/* OBJ_name 2 5 4 41 */
-&(nid_objs[99]),/* OBJ_givenName 2 5 4 42 */
-&(nid_objs[101]),/* OBJ_initials 2 5 4 43 */
-&(nid_objs[509]),/* OBJ_generationQualifier 2 5 4 44 */
-&(nid_objs[503]),/* OBJ_x500UniqueIdentifier 2 5 4 45 */
-&(nid_objs[174]),/* OBJ_dnQualifier 2 5 4 46 */
-&(nid_objs[885]),/* OBJ_enhancedSearchGuide 2 5 4 47 */
-&(nid_objs[886]),/* OBJ_protocolInformation 2 5 4 48 */
-&(nid_objs[887]),/* OBJ_distinguishedName 2 5 4 49 */
-&(nid_objs[888]),/* OBJ_uniqueMember 2 5 4 50 */
-&(nid_objs[889]),/* OBJ_houseIdentifier 2 5 4 51 */
-&(nid_objs[890]),/* OBJ_supportedAlgorithms 2 5 4 52 */
-&(nid_objs[891]),/* OBJ_deltaRevocationList 2 5 4 53 */
-&(nid_objs[892]),/* OBJ_dmdName 2 5 4 54 */
-&(nid_objs[510]),/* OBJ_pseudonym 2 5 4 65 */
-&(nid_objs[400]),/* OBJ_role 2 5 4 72 */
-&(nid_objs[769]),/* OBJ_subject_directory_attributes 2 5 29 9 */
-&(nid_objs[82]),/* OBJ_subject_key_identifier 2 5 29 14 */
-&(nid_objs[83]),/* OBJ_key_usage 2 5 29 15 */
-&(nid_objs[84]),/* OBJ_private_key_usage_period 2 5 29 16 */
-&(nid_objs[85]),/* OBJ_subject_alt_name 2 5 29 17 */
-&(nid_objs[86]),/* OBJ_issuer_alt_name 2 5 29 18 */
-&(nid_objs[87]),/* OBJ_basic_constraints 2 5 29 19 */
-&(nid_objs[88]),/* OBJ_crl_number 2 5 29 20 */
-&(nid_objs[141]),/* OBJ_crl_reason 2 5 29 21 */
-&(nid_objs[430]),/* OBJ_hold_instruction_code 2 5 29 23 */
-&(nid_objs[142]),/* OBJ_invalidity_date 2 5 29 24 */
-&(nid_objs[140]),/* OBJ_delta_crl 2 5 29 27 */
-&(nid_objs[770]),/* OBJ_issuing_distribution_point 2 5 29 28 */
-&(nid_objs[771]),/* OBJ_certificate_issuer 2 5 29 29 */
-&(nid_objs[666]),/* OBJ_name_constraints 2 5 29 30 */
-&(nid_objs[103]),/* OBJ_crl_distribution_points 2 5 29 31 */
-&(nid_objs[89]),/* OBJ_certificate_policies 2 5 29 32 */
-&(nid_objs[747]),/* OBJ_policy_mappings 2 5 29 33 */
-&(nid_objs[90]),/* OBJ_authority_key_identifier 2 5 29 35 */
-&(nid_objs[401]),/* OBJ_policy_constraints 2 5 29 36 */
-&(nid_objs[126]),/* OBJ_ext_key_usage 2 5 29 37 */
-&(nid_objs[857]),/* OBJ_freshest_crl 2 5 29 46 */
-&(nid_objs[748]),/* OBJ_inhibit_any_policy 2 5 29 54 */
-&(nid_objs[402]),/* OBJ_target_information 2 5 29 55 */
-&(nid_objs[403]),/* OBJ_no_rev_avail 2 5 29 56 */
-&(nid_objs[513]),/* OBJ_set_ctype 2 23 42 0 */
-&(nid_objs[514]),/* OBJ_set_msgExt 2 23 42 1 */
-&(nid_objs[515]),/* OBJ_set_attr 2 23 42 3 */
-&(nid_objs[516]),/* OBJ_set_policy 2 23 42 5 */
-&(nid_objs[517]),/* OBJ_set_certExt 2 23 42 7 */
-&(nid_objs[518]),/* OBJ_set_brand 2 23 42 8 */
-&(nid_objs[679]),/* OBJ_wap_wsg 2 23 43 1 */
-&(nid_objs[382]),/* OBJ_Directory 1 3 6 1 1 */
-&(nid_objs[383]),/* OBJ_Management 1 3 6 1 2 */
-&(nid_objs[384]),/* OBJ_Experimental 1 3 6 1 3 */
-&(nid_objs[385]),/* OBJ_Private 1 3 6 1 4 */
-&(nid_objs[386]),/* OBJ_Security 1 3 6 1 5 */
-&(nid_objs[387]),/* OBJ_SNMPv2 1 3 6 1 6 */
-&(nid_objs[388]),/* OBJ_Mail 1 3 6 1 7 */
-&(nid_objs[376]),/* OBJ_algorithm 1 3 14 3 2 */
-&(nid_objs[395]),/* OBJ_clearance 2 5 1 5 55 */
-&(nid_objs[19]),/* OBJ_rsa 2 5 8 1 1 */
-&(nid_objs[96]),/* OBJ_mdc2WithRSA 2 5 8 3 100 */
-&(nid_objs[95]),/* OBJ_mdc2 2 5 8 3 101 */
-&(nid_objs[746]),/* OBJ_any_policy 2 5 29 32 0 */
-&(nid_objs[519]),/* OBJ_setct_PANData 2 23 42 0 0 */
-&(nid_objs[520]),/* OBJ_setct_PANToken 2 23 42 0 1 */
-&(nid_objs[521]),/* OBJ_setct_PANOnly 2 23 42 0 2 */
-&(nid_objs[522]),/* OBJ_setct_OIData 2 23 42 0 3 */
-&(nid_objs[523]),/* OBJ_setct_PI 2 23 42 0 4 */
-&(nid_objs[524]),/* OBJ_setct_PIData 2 23 42 0 5 */
-&(nid_objs[525]),/* OBJ_setct_PIDataUnsigned 2 23 42 0 6 */
-&(nid_objs[526]),/* OBJ_setct_HODInput 2 23 42 0 7 */
-&(nid_objs[527]),/* OBJ_setct_AuthResBaggage 2 23 42 0 8 */
-&(nid_objs[528]),/* OBJ_setct_AuthRevReqBaggage 2 23 42 0 9 */
-&(nid_objs[529]),/* OBJ_setct_AuthRevResBaggage 2 23 42 0 10 */
-&(nid_objs[530]),/* OBJ_setct_CapTokenSeq 2 23 42 0 11 */
-&(nid_objs[531]),/* OBJ_setct_PInitResData 2 23 42 0 12 */
-&(nid_objs[532]),/* OBJ_setct_PI_TBS 2 23 42 0 13 */
-&(nid_objs[533]),/* OBJ_setct_PResData 2 23 42 0 14 */
-&(nid_objs[534]),/* OBJ_setct_AuthReqTBS 2 23 42 0 16 */
-&(nid_objs[535]),/* OBJ_setct_AuthResTBS 2 23 42 0 17 */
-&(nid_objs[536]),/* OBJ_setct_AuthResTBSX 2 23 42 0 18 */
-&(nid_objs[537]),/* OBJ_setct_AuthTokenTBS 2 23 42 0 19 */
-&(nid_objs[538]),/* OBJ_setct_CapTokenData 2 23 42 0 20 */
-&(nid_objs[539]),/* OBJ_setct_CapTokenTBS 2 23 42 0 21 */
-&(nid_objs[540]),/* OBJ_setct_AcqCardCodeMsg 2 23 42 0 22 */
-&(nid_objs[541]),/* OBJ_setct_AuthRevReqTBS 2 23 42 0 23 */
-&(nid_objs[542]),/* OBJ_setct_AuthRevResData 2 23 42 0 24 */
-&(nid_objs[543]),/* OBJ_setct_AuthRevResTBS 2 23 42 0 25 */
-&(nid_objs[544]),/* OBJ_setct_CapReqTBS 2 23 42 0 26 */
-&(nid_objs[545]),/* OBJ_setct_CapReqTBSX 2 23 42 0 27 */
-&(nid_objs[546]),/* OBJ_setct_CapResData 2 23 42 0 28 */
-&(nid_objs[547]),/* OBJ_setct_CapRevReqTBS 2 23 42 0 29 */
-&(nid_objs[548]),/* OBJ_setct_CapRevReqTBSX 2 23 42 0 30 */
-&(nid_objs[549]),/* OBJ_setct_CapRevResData 2 23 42 0 31 */
-&(nid_objs[550]),/* OBJ_setct_CredReqTBS 2 23 42 0 32 */
-&(nid_objs[551]),/* OBJ_setct_CredReqTBSX 2 23 42 0 33 */
-&(nid_objs[552]),/* OBJ_setct_CredResData 2 23 42 0 34 */
-&(nid_objs[553]),/* OBJ_setct_CredRevReqTBS 2 23 42 0 35 */
-&(nid_objs[554]),/* OBJ_setct_CredRevReqTBSX 2 23 42 0 36 */
-&(nid_objs[555]),/* OBJ_setct_CredRevResData 2 23 42 0 37 */
-&(nid_objs[556]),/* OBJ_setct_PCertReqData 2 23 42 0 38 */
-&(nid_objs[557]),/* OBJ_setct_PCertResTBS 2 23 42 0 39 */
-&(nid_objs[558]),/* OBJ_setct_BatchAdminReqData 2 23 42 0 40 */
-&(nid_objs[559]),/* OBJ_setct_BatchAdminResData 2 23 42 0 41 */
-&(nid_objs[560]),/* OBJ_setct_CardCInitResTBS 2 23 42 0 42 */
-&(nid_objs[561]),/* OBJ_setct_MeAqCInitResTBS 2 23 42 0 43 */
-&(nid_objs[562]),/* OBJ_setct_RegFormResTBS 2 23 42 0 44 */
-&(nid_objs[563]),/* OBJ_setct_CertReqData 2 23 42 0 45 */
-&(nid_objs[564]),/* OBJ_setct_CertReqTBS 2 23 42 0 46 */
-&(nid_objs[565]),/* OBJ_setct_CertResData 2 23 42 0 47 */
-&(nid_objs[566]),/* OBJ_setct_CertInqReqTBS 2 23 42 0 48 */
-&(nid_objs[567]),/* OBJ_setct_ErrorTBS 2 23 42 0 49 */
-&(nid_objs[568]),/* OBJ_setct_PIDualSignedTBE 2 23 42 0 50 */
-&(nid_objs[569]),/* OBJ_setct_PIUnsignedTBE 2 23 42 0 51 */
-&(nid_objs[570]),/* OBJ_setct_AuthReqTBE 2 23 42 0 52 */
-&(nid_objs[571]),/* OBJ_setct_AuthResTBE 2 23 42 0 53 */
-&(nid_objs[572]),/* OBJ_setct_AuthResTBEX 2 23 42 0 54 */
-&(nid_objs[573]),/* OBJ_setct_AuthTokenTBE 2 23 42 0 55 */
-&(nid_objs[574]),/* OBJ_setct_CapTokenTBE 2 23 42 0 56 */
-&(nid_objs[575]),/* OBJ_setct_CapTokenTBEX 2 23 42 0 57 */
-&(nid_objs[576]),/* OBJ_setct_AcqCardCodeMsgTBE 2 23 42 0 58 */
-&(nid_objs[577]),/* OBJ_setct_AuthRevReqTBE 2 23 42 0 59 */
-&(nid_objs[578]),/* OBJ_setct_AuthRevResTBE 2 23 42 0 60 */
-&(nid_objs[579]),/* OBJ_setct_AuthRevResTBEB 2 23 42 0 61 */
-&(nid_objs[580]),/* OBJ_setct_CapReqTBE 2 23 42 0 62 */
-&(nid_objs[581]),/* OBJ_setct_CapReqTBEX 2 23 42 0 63 */
-&(nid_objs[582]),/* OBJ_setct_CapResTBE 2 23 42 0 64 */
-&(nid_objs[583]),/* OBJ_setct_CapRevReqTBE 2 23 42 0 65 */
-&(nid_objs[584]),/* OBJ_setct_CapRevReqTBEX 2 23 42 0 66 */
-&(nid_objs[585]),/* OBJ_setct_CapRevResTBE 2 23 42 0 67 */
-&(nid_objs[586]),/* OBJ_setct_CredReqTBE 2 23 42 0 68 */
-&(nid_objs[587]),/* OBJ_setct_CredReqTBEX 2 23 42 0 69 */
-&(nid_objs[588]),/* OBJ_setct_CredResTBE 2 23 42 0 70 */
-&(nid_objs[589]),/* OBJ_setct_CredRevReqTBE 2 23 42 0 71 */
-&(nid_objs[590]),/* OBJ_setct_CredRevReqTBEX 2 23 42 0 72 */
-&(nid_objs[591]),/* OBJ_setct_CredRevResTBE 2 23 42 0 73 */
-&(nid_objs[592]),/* OBJ_setct_BatchAdminReqTBE 2 23 42 0 74 */
-&(nid_objs[593]),/* OBJ_setct_BatchAdminResTBE 2 23 42 0 75 */
-&(nid_objs[594]),/* OBJ_setct_RegFormReqTBE 2 23 42 0 76 */
-&(nid_objs[595]),/* OBJ_setct_CertReqTBE 2 23 42 0 77 */
-&(nid_objs[596]),/* OBJ_setct_CertReqTBEX 2 23 42 0 78 */
-&(nid_objs[597]),/* OBJ_setct_CertResTBE 2 23 42 0 79 */
-&(nid_objs[598]),/* OBJ_setct_CRLNotificationTBS 2 23 42 0 80 */
-&(nid_objs[599]),/* OBJ_setct_CRLNotificationResTBS 2 23 42 0 81 */
-&(nid_objs[600]),/* OBJ_setct_BCIDistributionTBS 2 23 42 0 82 */
-&(nid_objs[601]),/* OBJ_setext_genCrypt 2 23 42 1 1 */
-&(nid_objs[602]),/* OBJ_setext_miAuth 2 23 42 1 3 */
-&(nid_objs[603]),/* OBJ_setext_pinSecure 2 23 42 1 4 */
-&(nid_objs[604]),/* OBJ_setext_pinAny 2 23 42 1 5 */
-&(nid_objs[605]),/* OBJ_setext_track2 2 23 42 1 7 */
-&(nid_objs[606]),/* OBJ_setext_cv 2 23 42 1 8 */
-&(nid_objs[620]),/* OBJ_setAttr_Cert 2 23 42 3 0 */
-&(nid_objs[621]),/* OBJ_setAttr_PGWYcap 2 23 42 3 1 */
-&(nid_objs[622]),/* OBJ_setAttr_TokenType 2 23 42 3 2 */
-&(nid_objs[623]),/* OBJ_setAttr_IssCap 2 23 42 3 3 */
-&(nid_objs[607]),/* OBJ_set_policy_root 2 23 42 5 0 */
-&(nid_objs[608]),/* OBJ_setCext_hashedRoot 2 23 42 7 0 */
-&(nid_objs[609]),/* OBJ_setCext_certType 2 23 42 7 1 */
-&(nid_objs[610]),/* OBJ_setCext_merchData 2 23 42 7 2 */
-&(nid_objs[611]),/* OBJ_setCext_cCertRequired 2 23 42 7 3 */
-&(nid_objs[612]),/* OBJ_setCext_tunneling 2 23 42 7 4 */
-&(nid_objs[613]),/* OBJ_setCext_setExt 2 23 42 7 5 */
-&(nid_objs[614]),/* OBJ_setCext_setQualf 2 23 42 7 6 */
-&(nid_objs[615]),/* OBJ_setCext_PGWYcapabilities 2 23 42 7 7 */
-&(nid_objs[616]),/* OBJ_setCext_TokenIdentifier 2 23 42 7 8 */
-&(nid_objs[617]),/* OBJ_setCext_Track2Data 2 23 42 7 9 */
-&(nid_objs[618]),/* OBJ_setCext_TokenType 2 23 42 7 10 */
-&(nid_objs[619]),/* OBJ_setCext_IssuerCapabilities 2 23 42 7 11 */
-&(nid_objs[636]),/* OBJ_set_brand_IATA_ATA 2 23 42 8 1 */
-&(nid_objs[640]),/* OBJ_set_brand_Visa 2 23 42 8 4 */
-&(nid_objs[641]),/* OBJ_set_brand_MasterCard 2 23 42 8 5 */
-&(nid_objs[637]),/* OBJ_set_brand_Diners 2 23 42 8 30 */
-&(nid_objs[638]),/* OBJ_set_brand_AmericanExpress 2 23 42 8 34 */
-&(nid_objs[639]),/* OBJ_set_brand_JCB 2 23 42 8 35 */
-&(nid_objs[805]),/* OBJ_cryptopro 1 2 643 2 2 */
-&(nid_objs[806]),/* OBJ_cryptocom 1 2 643 2 9 */
-&(nid_objs[184]),/* OBJ_X9_57 1 2 840 10040 */
-&(nid_objs[405]),/* OBJ_ansi_X9_62 1 2 840 10045 */
-&(nid_objs[389]),/* OBJ_Enterprises 1 3 6 1 4 1 */
-&(nid_objs[504]),/* OBJ_mime_mhs 1 3 6 1 7 1 */
-&(nid_objs[104]),/* OBJ_md5WithRSA 1 3 14 3 2 3 */
-&(nid_objs[29]),/* OBJ_des_ecb 1 3 14 3 2 6 */
-&(nid_objs[31]),/* OBJ_des_cbc 1 3 14 3 2 7 */
-&(nid_objs[45]),/* OBJ_des_ofb64 1 3 14 3 2 8 */
-&(nid_objs[30]),/* OBJ_des_cfb64 1 3 14 3 2 9 */
-&(nid_objs[377]),/* OBJ_rsaSignature 1 3 14 3 2 11 */
-&(nid_objs[67]),/* OBJ_dsa_2 1 3 14 3 2 12 */
-&(nid_objs[66]),/* OBJ_dsaWithSHA 1 3 14 3 2 13 */
-&(nid_objs[42]),/* OBJ_shaWithRSAEncryption 1 3 14 3 2 15 */
-&(nid_objs[32]),/* OBJ_des_ede_ecb 1 3 14 3 2 17 */
-&(nid_objs[41]),/* OBJ_sha 1 3 14 3 2 18 */
-&(nid_objs[64]),/* OBJ_sha1 1 3 14 3 2 26 */
-&(nid_objs[70]),/* OBJ_dsaWithSHA1_2 1 3 14 3 2 27 */
-&(nid_objs[115]),/* OBJ_sha1WithRSA 1 3 14 3 2 29 */
-&(nid_objs[117]),/* OBJ_ripemd160 1 3 36 3 2 1 */
-&(nid_objs[143]),/* OBJ_sxnet 1 3 101 1 4 1 */
-&(nid_objs[721]),/* OBJ_sect163k1 1 3 132 0 1 */
-&(nid_objs[722]),/* OBJ_sect163r1 1 3 132 0 2 */
-&(nid_objs[728]),/* OBJ_sect239k1 1 3 132 0 3 */
-&(nid_objs[717]),/* OBJ_sect113r1 1 3 132 0 4 */
-&(nid_objs[718]),/* OBJ_sect113r2 1 3 132 0 5 */
-&(nid_objs[704]),/* OBJ_secp112r1 1 3 132 0 6 */
-&(nid_objs[705]),/* OBJ_secp112r2 1 3 132 0 7 */
-&(nid_objs[709]),/* OBJ_secp160r1 1 3 132 0 8 */
-&(nid_objs[708]),/* OBJ_secp160k1 1 3 132 0 9 */
-&(nid_objs[714]),/* OBJ_secp256k1 1 3 132 0 10 */
-&(nid_objs[723]),/* OBJ_sect163r2 1 3 132 0 15 */
-&(nid_objs[729]),/* OBJ_sect283k1 1 3 132 0 16 */
-&(nid_objs[730]),/* OBJ_sect283r1 1 3 132 0 17 */
-&(nid_objs[719]),/* OBJ_sect131r1 1 3 132 0 22 */
-&(nid_objs[720]),/* OBJ_sect131r2 1 3 132 0 23 */
-&(nid_objs[724]),/* OBJ_sect193r1 1 3 132 0 24 */
-&(nid_objs[725]),/* OBJ_sect193r2 1 3 132 0 25 */
-&(nid_objs[726]),/* OBJ_sect233k1 1 3 132 0 26 */
-&(nid_objs[727]),/* OBJ_sect233r1 1 3 132 0 27 */
-&(nid_objs[706]),/* OBJ_secp128r1 1 3 132 0 28 */
-&(nid_objs[707]),/* OBJ_secp128r2 1 3 132 0 29 */
-&(nid_objs[710]),/* OBJ_secp160r2 1 3 132 0 30 */
-&(nid_objs[711]),/* OBJ_secp192k1 1 3 132 0 31 */
-&(nid_objs[712]),/* OBJ_secp224k1 1 3 132 0 32 */
-&(nid_objs[713]),/* OBJ_secp224r1 1 3 132 0 33 */
-&(nid_objs[715]),/* OBJ_secp384r1 1 3 132 0 34 */
-&(nid_objs[716]),/* OBJ_secp521r1 1 3 132 0 35 */
-&(nid_objs[731]),/* OBJ_sect409k1 1 3 132 0 36 */
-&(nid_objs[732]),/* OBJ_sect409r1 1 3 132 0 37 */
-&(nid_objs[733]),/* OBJ_sect571k1 1 3 132 0 38 */
-&(nid_objs[734]),/* OBJ_sect571r1 1 3 132 0 39 */
-&(nid_objs[624]),/* OBJ_set_rootKeyThumb 2 23 42 3 0 0 */
-&(nid_objs[625]),/* OBJ_set_addPolicy 2 23 42 3 0 1 */
-&(nid_objs[626]),/* OBJ_setAttr_Token_EMV 2 23 42 3 2 1 */
-&(nid_objs[627]),/* OBJ_setAttr_Token_B0Prime 2 23 42 3 2 2 */
-&(nid_objs[628]),/* OBJ_setAttr_IssCap_CVM 2 23 42 3 3 3 */
-&(nid_objs[629]),/* OBJ_setAttr_IssCap_T2 2 23 42 3 3 4 */
-&(nid_objs[630]),/* OBJ_setAttr_IssCap_Sig 2 23 42 3 3 5 */
-&(nid_objs[642]),/* OBJ_set_brand_Novus 2 23 42 8 6011 */
-&(nid_objs[735]),/* OBJ_wap_wsg_idm_ecid_wtls1 2 23 43 1 4 1 */
-&(nid_objs[736]),/* OBJ_wap_wsg_idm_ecid_wtls3 2 23 43 1 4 3 */
-&(nid_objs[737]),/* OBJ_wap_wsg_idm_ecid_wtls4 2 23 43 1 4 4 */
-&(nid_objs[738]),/* OBJ_wap_wsg_idm_ecid_wtls5 2 23 43 1 4 5 */
-&(nid_objs[739]),/* OBJ_wap_wsg_idm_ecid_wtls6 2 23 43 1 4 6 */
-&(nid_objs[740]),/* OBJ_wap_wsg_idm_ecid_wtls7 2 23 43 1 4 7 */
-&(nid_objs[741]),/* OBJ_wap_wsg_idm_ecid_wtls8 2 23 43 1 4 8 */
-&(nid_objs[742]),/* OBJ_wap_wsg_idm_ecid_wtls9 2 23 43 1 4 9 */
-&(nid_objs[743]),/* OBJ_wap_wsg_idm_ecid_wtls10 2 23 43 1 4 10 */
-&(nid_objs[744]),/* OBJ_wap_wsg_idm_ecid_wtls11 2 23 43 1 4 11 */
-&(nid_objs[745]),/* OBJ_wap_wsg_idm_ecid_wtls12 2 23 43 1 4 12 */
-&(nid_objs[804]),/* OBJ_whirlpool 1 0 10118 3 0 55 */
-&(nid_objs[124]),/* OBJ_rle_compression 1 1 1 1 666 1 */
-&(nid_objs[773]),/* OBJ_kisa 1 2 410 200004 */
-&(nid_objs[807]),/* OBJ_id_GostR3411_94_with_GostR3410_2001 1 2 643 2 2 3 */
-&(nid_objs[808]),/* OBJ_id_GostR3411_94_with_GostR3410_94 1 2 643 2 2 4 */
-&(nid_objs[809]),/* OBJ_id_GostR3411_94 1 2 643 2 2 9 */
-&(nid_objs[810]),/* OBJ_id_HMACGostR3411_94 1 2 643 2 2 10 */
-&(nid_objs[811]),/* OBJ_id_GostR3410_2001 1 2 643 2 2 19 */
-&(nid_objs[812]),/* OBJ_id_GostR3410_94 1 2 643 2 2 20 */
-&(nid_objs[813]),/* OBJ_id_Gost28147_89 1 2 643 2 2 21 */
-&(nid_objs[815]),/* OBJ_id_Gost28147_89_MAC 1 2 643 2 2 22 */
-&(nid_objs[816]),/* OBJ_id_GostR3411_94_prf 1 2 643 2 2 23 */
-&(nid_objs[817]),/* OBJ_id_GostR3410_2001DH 1 2 643 2 2 98 */
-&(nid_objs[818]),/* OBJ_id_GostR3410_94DH 1 2 643 2 2 99 */
-&(nid_objs[ 1]),/* OBJ_rsadsi 1 2 840 113549 */
-&(nid_objs[185]),/* OBJ_X9cm 1 2 840 10040 4 */
-&(nid_objs[127]),/* OBJ_id_pkix 1 3 6 1 5 5 7 */
-&(nid_objs[505]),/* OBJ_mime_mhs_headings 1 3 6 1 7 1 1 */
-&(nid_objs[506]),/* OBJ_mime_mhs_bodies 1 3 6 1 7 1 2 */
-&(nid_objs[119]),/* OBJ_ripemd160WithRSA 1 3 36 3 3 1 2 */
-&(nid_objs[631]),/* OBJ_setAttr_GenCryptgrm 2 23 42 3 3 3 1 */
-&(nid_objs[632]),/* OBJ_setAttr_T2Enc 2 23 42 3 3 4 1 */
-&(nid_objs[633]),/* OBJ_setAttr_T2cleartxt 2 23 42 3 3 4 2 */
-&(nid_objs[634]),/* OBJ_setAttr_TokICCsig 2 23 42 3 3 5 1 */
-&(nid_objs[635]),/* OBJ_setAttr_SecDevSig 2 23 42 3 3 5 2 */
-&(nid_objs[436]),/* OBJ_ucl 0 9 2342 19200300 */
-&(nid_objs[820]),/* OBJ_id_Gost28147_89_None_KeyMeshing 1 2 643 2 2 14 0 */
-&(nid_objs[819]),/* OBJ_id_Gost28147_89_CryptoPro_KeyMeshing 1 2 643 2 2 14 1 */
-&(nid_objs[845]),/* OBJ_id_GostR3410_94_a 1 2 643 2 2 20 1 */
-&(nid_objs[846]),/* OBJ_id_GostR3410_94_aBis 1 2 643 2 2 20 2 */
-&(nid_objs[847]),/* OBJ_id_GostR3410_94_b 1 2 643 2 2 20 3 */
-&(nid_objs[848]),/* OBJ_id_GostR3410_94_bBis 1 2 643 2 2 20 4 */
-&(nid_objs[821]),/* OBJ_id_GostR3411_94_TestParamSet 1 2 643 2 2 30 0 */
-&(nid_objs[822]),/* OBJ_id_GostR3411_94_CryptoProParamSet 1 2 643 2 2 30 1 */
-&(nid_objs[823]),/* OBJ_id_Gost28147_89_TestParamSet 1 2 643 2 2 31 0 */
-&(nid_objs[824]),/* OBJ_id_Gost28147_89_CryptoPro_A_ParamSet 1 2 643 2 2 31 1 */
-&(nid_objs[825]),/* OBJ_id_Gost28147_89_CryptoPro_B_ParamSet 1 2 643 2 2 31 2 */
-&(nid_objs[826]),/* OBJ_id_Gost28147_89_CryptoPro_C_ParamSet 1 2 643 2 2 31 3 */
-&(nid_objs[827]),/* OBJ_id_Gost28147_89_CryptoPro_D_ParamSet 1 2 643 2 2 31 4 */
-&(nid_objs[828]),/* OBJ_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet 1 2 643 2 2 31 5 */
-&(nid_objs[829]),/* OBJ_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet 1 2 643 2 2 31 6 */
-&(nid_objs[830]),/* OBJ_id_Gost28147_89_CryptoPro_RIC_1_ParamSet 1 2 643 2 2 31 7 */
-&(nid_objs[831]),/* OBJ_id_GostR3410_94_TestParamSet 1 2 643 2 2 32 0 */
-&(nid_objs[832]),/* OBJ_id_GostR3410_94_CryptoPro_A_ParamSet 1 2 643 2 2 32 2 */
-&(nid_objs[833]),/* OBJ_id_GostR3410_94_CryptoPro_B_ParamSet 1 2 643 2 2 32 3 */
-&(nid_objs[834]),/* OBJ_id_GostR3410_94_CryptoPro_C_ParamSet 1 2 643 2 2 32 4 */
-&(nid_objs[835]),/* OBJ_id_GostR3410_94_CryptoPro_D_ParamSet 1 2 643 2 2 32 5 */
-&(nid_objs[836]),/* OBJ_id_GostR3410_94_CryptoPro_XchA_ParamSet 1 2 643 2 2 33 1 */
-&(nid_objs[837]),/* OBJ_id_GostR3410_94_CryptoPro_XchB_ParamSet 1 2 643 2 2 33 2 */
-&(nid_objs[838]),/* OBJ_id_GostR3410_94_CryptoPro_XchC_ParamSet 1 2 643 2 2 33 3 */
-&(nid_objs[839]),/* OBJ_id_GostR3410_2001_TestParamSet 1 2 643 2 2 35 0 */
-&(nid_objs[840]),/* OBJ_id_GostR3410_2001_CryptoPro_A_ParamSet 1 2 643 2 2 35 1 */
-&(nid_objs[841]),/* OBJ_id_GostR3410_2001_CryptoPro_B_ParamSet 1 2 643 2 2 35 2 */
-&(nid_objs[842]),/* OBJ_id_GostR3410_2001_CryptoPro_C_ParamSet 1 2 643 2 2 35 3 */
-&(nid_objs[843]),/* OBJ_id_GostR3410_2001_CryptoPro_XchA_ParamSet 1 2 643 2 2 36 0 */
-&(nid_objs[844]),/* OBJ_id_GostR3410_2001_CryptoPro_XchB_ParamSet 1 2 643 2 2 36 1 */
-&(nid_objs[ 2]),/* OBJ_pkcs 1 2 840 113549 1 */
-&(nid_objs[431]),/* OBJ_hold_instruction_none 1 2 840 10040 2 1 */
-&(nid_objs[432]),/* OBJ_hold_instruction_call_issuer 1 2 840 10040 2 2 */
-&(nid_objs[433]),/* OBJ_hold_instruction_reject 1 2 840 10040 2 3 */
-&(nid_objs[116]),/* OBJ_dsa 1 2 840 10040 4 1 */
-&(nid_objs[113]),/* OBJ_dsaWithSHA1 1 2 840 10040 4 3 */
-&(nid_objs[406]),/* OBJ_X9_62_prime_field 1 2 840 10045 1 1 */
-&(nid_objs[407]),/* OBJ_X9_62_characteristic_two_field 1 2 840 10045 1 2 */
-&(nid_objs[408]),/* OBJ_X9_62_id_ecPublicKey 1 2 840 10045 2 1 */
-&(nid_objs[416]),/* OBJ_ecdsa_with_SHA1 1 2 840 10045 4 1 */
-&(nid_objs[791]),/* OBJ_ecdsa_with_Recommended 1 2 840 10045 4 2 */
-&(nid_objs[792]),/* OBJ_ecdsa_with_Specified 1 2 840 10045 4 3 */
-&(nid_objs[258]),/* OBJ_id_pkix_mod 1 3 6 1 5 5 7 0 */
-&(nid_objs[175]),/* OBJ_id_pe 1 3 6 1 5 5 7 1 */
-&(nid_objs[259]),/* OBJ_id_qt 1 3 6 1 5 5 7 2 */
-&(nid_objs[128]),/* OBJ_id_kp 1 3 6 1 5 5 7 3 */
-&(nid_objs[260]),/* OBJ_id_it 1 3 6 1 5 5 7 4 */
-&(nid_objs[261]),/* OBJ_id_pkip 1 3 6 1 5 5 7 5 */
-&(nid_objs[262]),/* OBJ_id_alg 1 3 6 1 5 5 7 6 */
-&(nid_objs[263]),/* OBJ_id_cmc 1 3 6 1 5 5 7 7 */
-&(nid_objs[264]),/* OBJ_id_on 1 3 6 1 5 5 7 8 */
-&(nid_objs[265]),/* OBJ_id_pda 1 3 6 1 5 5 7 9 */
-&(nid_objs[266]),/* OBJ_id_aca 1 3 6 1 5 5 7 10 */
-&(nid_objs[267]),/* OBJ_id_qcs 1 3 6 1 5 5 7 11 */
-&(nid_objs[268]),/* OBJ_id_cct 1 3 6 1 5 5 7 12 */
-&(nid_objs[662]),/* OBJ_id_ppl 1 3 6 1 5 5 7 21 */
-&(nid_objs[176]),/* OBJ_id_ad 1 3 6 1 5 5 7 48 */
-&(nid_objs[507]),/* OBJ_id_hex_partial_message 1 3 6 1 7 1 1 1 */
-&(nid_objs[508]),/* OBJ_id_hex_multipart_message 1 3 6 1 7 1 1 2 */
-&(nid_objs[57]),/* OBJ_netscape 2 16 840 1 113730 */
-&(nid_objs[754]),/* OBJ_camellia_128_ecb 0 3 4401 5 3 1 9 1 */
-&(nid_objs[766]),/* OBJ_camellia_128_ofb128 0 3 4401 5 3 1 9 3 */
-&(nid_objs[757]),/* OBJ_camellia_128_cfb128 0 3 4401 5 3 1 9 4 */
-&(nid_objs[755]),/* OBJ_camellia_192_ecb 0 3 4401 5 3 1 9 21 */
-&(nid_objs[767]),/* OBJ_camellia_192_ofb128 0 3 4401 5 3 1 9 23 */
-&(nid_objs[758]),/* OBJ_camellia_192_cfb128 0 3 4401 5 3 1 9 24 */
-&(nid_objs[756]),/* OBJ_camellia_256_ecb 0 3 4401 5 3 1 9 41 */
-&(nid_objs[768]),/* OBJ_camellia_256_ofb128 0 3 4401 5 3 1 9 43 */
-&(nid_objs[759]),/* OBJ_camellia_256_cfb128 0 3 4401 5 3 1 9 44 */
-&(nid_objs[437]),/* OBJ_pilot 0 9 2342 19200300 100 */
-&(nid_objs[776]),/* OBJ_seed_ecb 1 2 410 200004 1 3 */
-&(nid_objs[777]),/* OBJ_seed_cbc 1 2 410 200004 1 4 */
-&(nid_objs[779]),/* OBJ_seed_cfb128 1 2 410 200004 1 5 */
-&(nid_objs[778]),/* OBJ_seed_ofb128 1 2 410 200004 1 6 */
-&(nid_objs[852]),/* OBJ_id_GostR3411_94_with_GostR3410_94_cc 1 2 643 2 9 1 3 3 */
-&(nid_objs[853]),/* OBJ_id_GostR3411_94_with_GostR3410_2001_cc 1 2 643 2 9 1 3 4 */
-&(nid_objs[850]),/* OBJ_id_GostR3410_94_cc 1 2 643 2 9 1 5 3 */
-&(nid_objs[851]),/* OBJ_id_GostR3410_2001_cc 1 2 643 2 9 1 5 4 */
-&(nid_objs[849]),/* OBJ_id_Gost28147_89_cc 1 2 643 2 9 1 6 1 */
-&(nid_objs[854]),/* OBJ_id_GostR3410_2001_ParamSet_cc 1 2 643 2 9 1 8 1 */
-&(nid_objs[186]),/* OBJ_pkcs1 1 2 840 113549 1 1 */
-&(nid_objs[27]),/* OBJ_pkcs3 1 2 840 113549 1 3 */
-&(nid_objs[187]),/* OBJ_pkcs5 1 2 840 113549 1 5 */
-&(nid_objs[20]),/* OBJ_pkcs7 1 2 840 113549 1 7 */
-&(nid_objs[47]),/* OBJ_pkcs9 1 2 840 113549 1 9 */
-&(nid_objs[ 3]),/* OBJ_md2 1 2 840 113549 2 2 */
-&(nid_objs[257]),/* OBJ_md4 1 2 840 113549 2 4 */
-&(nid_objs[ 4]),/* OBJ_md5 1 2 840 113549 2 5 */
-&(nid_objs[797]),/* OBJ_hmacWithMD5 1 2 840 113549 2 6 */
-&(nid_objs[163]),/* OBJ_hmacWithSHA1 1 2 840 113549 2 7 */
-&(nid_objs[798]),/* OBJ_hmacWithSHA224 1 2 840 113549 2 8 */
-&(nid_objs[799]),/* OBJ_hmacWithSHA256 1 2 840 113549 2 9 */
-&(nid_objs[800]),/* OBJ_hmacWithSHA384 1 2 840 113549 2 10 */
-&(nid_objs[801]),/* OBJ_hmacWithSHA512 1 2 840 113549 2 11 */
-&(nid_objs[37]),/* OBJ_rc2_cbc 1 2 840 113549 3 2 */
-&(nid_objs[ 5]),/* OBJ_rc4 1 2 840 113549 3 4 */
-&(nid_objs[44]),/* OBJ_des_ede3_cbc 1 2 840 113549 3 7 */
-&(nid_objs[120]),/* OBJ_rc5_cbc 1 2 840 113549 3 8 */
-&(nid_objs[643]),/* OBJ_des_cdmf 1 2 840 113549 3 10 */
-&(nid_objs[680]),/* OBJ_X9_62_id_characteristic_two_basis 1 2 840 10045 1 2 3 */
-&(nid_objs[684]),/* OBJ_X9_62_c2pnb163v1 1 2 840 10045 3 0 1 */
-&(nid_objs[685]),/* OBJ_X9_62_c2pnb163v2 1 2 840 10045 3 0 2 */
-&(nid_objs[686]),/* OBJ_X9_62_c2pnb163v3 1 2 840 10045 3 0 3 */
-&(nid_objs[687]),/* OBJ_X9_62_c2pnb176v1 1 2 840 10045 3 0 4 */
-&(nid_objs[688]),/* OBJ_X9_62_c2tnb191v1 1 2 840 10045 3 0 5 */
-&(nid_objs[689]),/* OBJ_X9_62_c2tnb191v2 1 2 840 10045 3 0 6 */
-&(nid_objs[690]),/* OBJ_X9_62_c2tnb191v3 1 2 840 10045 3 0 7 */
-&(nid_objs[691]),/* OBJ_X9_62_c2onb191v4 1 2 840 10045 3 0 8 */
-&(nid_objs[692]),/* OBJ_X9_62_c2onb191v5 1 2 840 10045 3 0 9 */
-&(nid_objs[693]),/* OBJ_X9_62_c2pnb208w1 1 2 840 10045 3 0 10 */
-&(nid_objs[694]),/* OBJ_X9_62_c2tnb239v1 1 2 840 10045 3 0 11 */
-&(nid_objs[695]),/* OBJ_X9_62_c2tnb239v2 1 2 840 10045 3 0 12 */
-&(nid_objs[696]),/* OBJ_X9_62_c2tnb239v3 1 2 840 10045 3 0 13 */
-&(nid_objs[697]),/* OBJ_X9_62_c2onb239v4 1 2 840 10045 3 0 14 */
-&(nid_objs[698]),/* OBJ_X9_62_c2onb239v5 1 2 840 10045 3 0 15 */
-&(nid_objs[699]),/* OBJ_X9_62_c2pnb272w1 1 2 840 10045 3 0 16 */
-&(nid_objs[700]),/* OBJ_X9_62_c2pnb304w1 1 2 840 10045 3 0 17 */
-&(nid_objs[701]),/* OBJ_X9_62_c2tnb359v1 1 2 840 10045 3 0 18 */
-&(nid_objs[702]),/* OBJ_X9_62_c2pnb368w1 1 2 840 10045 3 0 19 */
-&(nid_objs[703]),/* OBJ_X9_62_c2tnb431r1 1 2 840 10045 3 0 20 */
-&(nid_objs[409]),/* OBJ_X9_62_prime192v1 1 2 840 10045 3 1 1 */
-&(nid_objs[410]),/* OBJ_X9_62_prime192v2 1 2 840 10045 3 1 2 */
-&(nid_objs[411]),/* OBJ_X9_62_prime192v3 1 2 840 10045 3 1 3 */
-&(nid_objs[412]),/* OBJ_X9_62_prime239v1 1 2 840 10045 3 1 4 */
-&(nid_objs[413]),/* OBJ_X9_62_prime239v2 1 2 840 10045 3 1 5 */
-&(nid_objs[414]),/* OBJ_X9_62_prime239v3 1 2 840 10045 3 1 6 */
-&(nid_objs[415]),/* OBJ_X9_62_prime256v1 1 2 840 10045 3 1 7 */
-&(nid_objs[793]),/* OBJ_ecdsa_with_SHA224 1 2 840 10045 4 3 1 */
-&(nid_objs[794]),/* OBJ_ecdsa_with_SHA256 1 2 840 10045 4 3 2 */
-&(nid_objs[795]),/* OBJ_ecdsa_with_SHA384 1 2 840 10045 4 3 3 */
-&(nid_objs[796]),/* OBJ_ecdsa_with_SHA512 1 2 840 10045 4 3 4 */
-&(nid_objs[269]),/* OBJ_id_pkix1_explicit_88 1 3 6 1 5 5 7 0 1 */
-&(nid_objs[270]),/* OBJ_id_pkix1_implicit_88 1 3 6 1 5 5 7 0 2 */
-&(nid_objs[271]),/* OBJ_id_pkix1_explicit_93 1 3 6 1 5 5 7 0 3 */
-&(nid_objs[272]),/* OBJ_id_pkix1_implicit_93 1 3 6 1 5 5 7 0 4 */
-&(nid_objs[273]),/* OBJ_id_mod_crmf 1 3 6 1 5 5 7 0 5 */
-&(nid_objs[274]),/* OBJ_id_mod_cmc 1 3 6 1 5 5 7 0 6 */
-&(nid_objs[275]),/* OBJ_id_mod_kea_profile_88 1 3 6 1 5 5 7 0 7 */
-&(nid_objs[276]),/* OBJ_id_mod_kea_profile_93 1 3 6 1 5 5 7 0 8 */
-&(nid_objs[277]),/* OBJ_id_mod_cmp 1 3 6 1 5 5 7 0 9 */
-&(nid_objs[278]),/* OBJ_id_mod_qualified_cert_88 1 3 6 1 5 5 7 0 10 */
-&(nid_objs[279]),/* OBJ_id_mod_qualified_cert_93 1 3 6 1 5 5 7 0 11 */
-&(nid_objs[280]),/* OBJ_id_mod_attribute_cert 1 3 6 1 5 5 7 0 12 */
-&(nid_objs[281]),/* OBJ_id_mod_timestamp_protocol 1 3 6 1 5 5 7 0 13 */
-&(nid_objs[282]),/* OBJ_id_mod_ocsp 1 3 6 1 5 5 7 0 14 */
-&(nid_objs[283]),/* OBJ_id_mod_dvcs 1 3 6 1 5 5 7 0 15 */
-&(nid_objs[284]),/* OBJ_id_mod_cmp2000 1 3 6 1 5 5 7 0 16 */
-&(nid_objs[177]),/* OBJ_info_access 1 3 6 1 5 5 7 1 1 */
-&(nid_objs[285]),/* OBJ_biometricInfo 1 3 6 1 5 5 7 1 2 */
-&(nid_objs[286]),/* OBJ_qcStatements 1 3 6 1 5 5 7 1 3 */
-&(nid_objs[287]),/* OBJ_ac_auditEntity 1 3 6 1 5 5 7 1 4 */
-&(nid_objs[288]),/* OBJ_ac_targeting 1 3 6 1 5 5 7 1 5 */
-&(nid_objs[289]),/* OBJ_aaControls 1 3 6 1 5 5 7 1 6 */
-&(nid_objs[290]),/* OBJ_sbgp_ipAddrBlock 1 3 6 1 5 5 7 1 7 */
-&(nid_objs[291]),/* OBJ_sbgp_autonomousSysNum 1 3 6 1 5 5 7 1 8 */
-&(nid_objs[292]),/* OBJ_sbgp_routerIdentifier 1 3 6 1 5 5 7 1 9 */
-&(nid_objs[397]),/* OBJ_ac_proxying 1 3 6 1 5 5 7 1 10 */
-&(nid_objs[398]),/* OBJ_sinfo_access 1 3 6 1 5 5 7 1 11 */
-&(nid_objs[663]),/* OBJ_proxyCertInfo 1 3 6 1 5 5 7 1 14 */
-&(nid_objs[164]),/* OBJ_id_qt_cps 1 3 6 1 5 5 7 2 1 */
-&(nid_objs[165]),/* OBJ_id_qt_unotice 1 3 6 1 5 5 7 2 2 */
-&(nid_objs[293]),/* OBJ_textNotice 1 3 6 1 5 5 7 2 3 */
-&(nid_objs[129]),/* OBJ_server_auth 1 3 6 1 5 5 7 3 1 */
-&(nid_objs[130]),/* OBJ_client_auth 1 3 6 1 5 5 7 3 2 */
-&(nid_objs[131]),/* OBJ_code_sign 1 3 6 1 5 5 7 3 3 */
-&(nid_objs[132]),/* OBJ_email_protect 1 3 6 1 5 5 7 3 4 */
-&(nid_objs[294]),/* OBJ_ipsecEndSystem 1 3 6 1 5 5 7 3 5 */
-&(nid_objs[295]),/* OBJ_ipsecTunnel 1 3 6 1 5 5 7 3 6 */
-&(nid_objs[296]),/* OBJ_ipsecUser 1 3 6 1 5 5 7 3 7 */
-&(nid_objs[133]),/* OBJ_time_stamp 1 3 6 1 5 5 7 3 8 */
-&(nid_objs[180]),/* OBJ_OCSP_sign 1 3 6 1 5 5 7 3 9 */
-&(nid_objs[297]),/* OBJ_dvcs 1 3 6 1 5 5 7 3 10 */
-&(nid_objs[298]),/* OBJ_id_it_caProtEncCert 1 3 6 1 5 5 7 4 1 */
-&(nid_objs[299]),/* OBJ_id_it_signKeyPairTypes 1 3 6 1 5 5 7 4 2 */
-&(nid_objs[300]),/* OBJ_id_it_encKeyPairTypes 1 3 6 1 5 5 7 4 3 */
-&(nid_objs[301]),/* OBJ_id_it_preferredSymmAlg 1 3 6 1 5 5 7 4 4 */
-&(nid_objs[302]),/* OBJ_id_it_caKeyUpdateInfo 1 3 6 1 5 5 7 4 5 */
-&(nid_objs[303]),/* OBJ_id_it_currentCRL 1 3 6 1 5 5 7 4 6 */
-&(nid_objs[304]),/* OBJ_id_it_unsupportedOIDs 1 3 6 1 5 5 7 4 7 */
-&(nid_objs[305]),/* OBJ_id_it_subscriptionRequest 1 3 6 1 5 5 7 4 8 */
-&(nid_objs[306]),/* OBJ_id_it_subscriptionResponse 1 3 6 1 5 5 7 4 9 */
-&(nid_objs[307]),/* OBJ_id_it_keyPairParamReq 1 3 6 1 5 5 7 4 10 */
-&(nid_objs[308]),/* OBJ_id_it_keyPairParamRep 1 3 6 1 5 5 7 4 11 */
-&(nid_objs[309]),/* OBJ_id_it_revPassphrase 1 3 6 1 5 5 7 4 12 */
-&(nid_objs[310]),/* OBJ_id_it_implicitConfirm 1 3 6 1 5 5 7 4 13 */
-&(nid_objs[311]),/* OBJ_id_it_confirmWaitTime 1 3 6 1 5 5 7 4 14 */
-&(nid_objs[312]),/* OBJ_id_it_origPKIMessage 1 3 6 1 5 5 7 4 15 */
-&(nid_objs[784]),/* OBJ_id_it_suppLangTags 1 3 6 1 5 5 7 4 16 */
-&(nid_objs[313]),/* OBJ_id_regCtrl 1 3 6 1 5 5 7 5 1 */
-&(nid_objs[314]),/* OBJ_id_regInfo 1 3 6 1 5 5 7 5 2 */
-&(nid_objs[323]),/* OBJ_id_alg_des40 1 3 6 1 5 5 7 6 1 */
-&(nid_objs[324]),/* OBJ_id_alg_noSignature 1 3 6 1 5 5 7 6 2 */
-&(nid_objs[325]),/* OBJ_id_alg_dh_sig_hmac_sha1 1 3 6 1 5 5 7 6 3 */
-&(nid_objs[326]),/* OBJ_id_alg_dh_pop 1 3 6 1 5 5 7 6 4 */
-&(nid_objs[327]),/* OBJ_id_cmc_statusInfo 1 3 6 1 5 5 7 7 1 */
-&(nid_objs[328]),/* OBJ_id_cmc_identification 1 3 6 1 5 5 7 7 2 */
-&(nid_objs[329]),/* OBJ_id_cmc_identityProof 1 3 6 1 5 5 7 7 3 */
-&(nid_objs[330]),/* OBJ_id_cmc_dataReturn 1 3 6 1 5 5 7 7 4 */
-&(nid_objs[331]),/* OBJ_id_cmc_transactionId 1 3 6 1 5 5 7 7 5 */
-&(nid_objs[332]),/* OBJ_id_cmc_senderNonce 1 3 6 1 5 5 7 7 6 */
-&(nid_objs[333]),/* OBJ_id_cmc_recipientNonce 1 3 6 1 5 5 7 7 7 */
-&(nid_objs[334]),/* OBJ_id_cmc_addExtensions 1 3 6 1 5 5 7 7 8 */
-&(nid_objs[335]),/* OBJ_id_cmc_encryptedPOP 1 3 6 1 5 5 7 7 9 */
-&(nid_objs[336]),/* OBJ_id_cmc_decryptedPOP 1 3 6 1 5 5 7 7 10 */
-&(nid_objs[337]),/* OBJ_id_cmc_lraPOPWitness 1 3 6 1 5 5 7 7 11 */
-&(nid_objs[338]),/* OBJ_id_cmc_getCert 1 3 6 1 5 5 7 7 15 */
-&(nid_objs[339]),/* OBJ_id_cmc_getCRL 1 3 6 1 5 5 7 7 16 */
-&(nid_objs[340]),/* OBJ_id_cmc_revokeRequest 1 3 6 1 5 5 7 7 17 */
-&(nid_objs[341]),/* OBJ_id_cmc_regInfo 1 3 6 1 5 5 7 7 18 */
-&(nid_objs[342]),/* OBJ_id_cmc_responseInfo 1 3 6 1 5 5 7 7 19 */
-&(nid_objs[343]),/* OBJ_id_cmc_queryPending 1 3 6 1 5 5 7 7 21 */
-&(nid_objs[344]),/* OBJ_id_cmc_popLinkRandom 1 3 6 1 5 5 7 7 22 */
-&(nid_objs[345]),/* OBJ_id_cmc_popLinkWitness 1 3 6 1 5 5 7 7 23 */
-&(nid_objs[346]),/* OBJ_id_cmc_confirmCertAcceptance 1 3 6 1 5 5 7 7 24 */
-&(nid_objs[347]),/* OBJ_id_on_personalData 1 3 6 1 5 5 7 8 1 */
-&(nid_objs[858]),/* OBJ_id_on_permanentIdentifier 1 3 6 1 5 5 7 8 3 */
-&(nid_objs[348]),/* OBJ_id_pda_dateOfBirth 1 3 6 1 5 5 7 9 1 */
-&(nid_objs[349]),/* OBJ_id_pda_placeOfBirth 1 3 6 1 5 5 7 9 2 */
-&(nid_objs[351]),/* OBJ_id_pda_gender 1 3 6 1 5 5 7 9 3 */
-&(nid_objs[352]),/* OBJ_id_pda_countryOfCitizenship 1 3 6 1 5 5 7 9 4 */
-&(nid_objs[353]),/* OBJ_id_pda_countryOfResidence 1 3 6 1 5 5 7 9 5 */
-&(nid_objs[354]),/* OBJ_id_aca_authenticationInfo 1 3 6 1 5 5 7 10 1 */
-&(nid_objs[355]),/* OBJ_id_aca_accessIdentity 1 3 6 1 5 5 7 10 2 */
-&(nid_objs[356]),/* OBJ_id_aca_chargingIdentity 1 3 6 1 5 5 7 10 3 */
-&(nid_objs[357]),/* OBJ_id_aca_group 1 3 6 1 5 5 7 10 4 */
-&(nid_objs[358]),/* OBJ_id_aca_role 1 3 6 1 5 5 7 10 5 */
-&(nid_objs[399]),/* OBJ_id_aca_encAttrs 1 3 6 1 5 5 7 10 6 */
-&(nid_objs[359]),/* OBJ_id_qcs_pkixQCSyntax_v1 1 3 6 1 5 5 7 11 1 */
-&(nid_objs[360]),/* OBJ_id_cct_crs 1 3 6 1 5 5 7 12 1 */
-&(nid_objs[361]),/* OBJ_id_cct_PKIData 1 3 6 1 5 5 7 12 2 */
-&(nid_objs[362]),/* OBJ_id_cct_PKIResponse 1 3 6 1 5 5 7 12 3 */
-&(nid_objs[664]),/* OBJ_id_ppl_anyLanguage 1 3 6 1 5 5 7 21 0 */
-&(nid_objs[665]),/* OBJ_id_ppl_inheritAll 1 3 6 1 5 5 7 21 1 */
-&(nid_objs[667]),/* OBJ_Independent 1 3 6 1 5 5 7 21 2 */
-&(nid_objs[178]),/* OBJ_ad_OCSP 1 3 6 1 5 5 7 48 1 */
-&(nid_objs[179]),/* OBJ_ad_ca_issuers 1 3 6 1 5 5 7 48 2 */
-&(nid_objs[363]),/* OBJ_ad_timeStamping 1 3 6 1 5 5 7 48 3 */
-&(nid_objs[364]),/* OBJ_ad_dvcs 1 3 6 1 5 5 7 48 4 */
-&(nid_objs[785]),/* OBJ_caRepository 1 3 6 1 5 5 7 48 5 */
-&(nid_objs[780]),/* OBJ_hmac_md5 1 3 6 1 5 5 8 1 1 */
-&(nid_objs[781]),/* OBJ_hmac_sha1 1 3 6 1 5 5 8 1 2 */
-&(nid_objs[58]),/* OBJ_netscape_cert_extension 2 16 840 1 113730 1 */
-&(nid_objs[59]),/* OBJ_netscape_data_type 2 16 840 1 113730 2 */
-&(nid_objs[438]),/* OBJ_pilotAttributeType 0 9 2342 19200300 100 1 */
-&(nid_objs[439]),/* OBJ_pilotAttributeSyntax 0 9 2342 19200300 100 3 */
-&(nid_objs[440]),/* OBJ_pilotObjectClass 0 9 2342 19200300 100 4 */
-&(nid_objs[441]),/* OBJ_pilotGroups 0 9 2342 19200300 100 10 */
-&(nid_objs[108]),/* OBJ_cast5_cbc 1 2 840 113533 7 66 10 */
-&(nid_objs[112]),/* OBJ_pbeWithMD5AndCast5_CBC 1 2 840 113533 7 66 12 */
-&(nid_objs[782]),/* OBJ_id_PasswordBasedMAC 1 2 840 113533 7 66 13 */
-&(nid_objs[783]),/* OBJ_id_DHBasedMac 1 2 840 113533 7 66 30 */
-&(nid_objs[ 6]),/* OBJ_rsaEncryption 1 2 840 113549 1 1 1 */
-&(nid_objs[ 7]),/* OBJ_md2WithRSAEncryption 1 2 840 113549 1 1 2 */
-&(nid_objs[396]),/* OBJ_md4WithRSAEncryption 1 2 840 113549 1 1 3 */
-&(nid_objs[ 8]),/* OBJ_md5WithRSAEncryption 1 2 840 113549 1 1 4 */
-&(nid_objs[65]),/* OBJ_sha1WithRSAEncryption 1 2 840 113549 1 1 5 */
-&(nid_objs[644]),/* OBJ_rsaOAEPEncryptionSET 1 2 840 113549 1 1 6 */
-&(nid_objs[668]),/* OBJ_sha256WithRSAEncryption 1 2 840 113549 1 1 11 */
-&(nid_objs[669]),/* OBJ_sha384WithRSAEncryption 1 2 840 113549 1 1 12 */
-&(nid_objs[670]),/* OBJ_sha512WithRSAEncryption 1 2 840 113549 1 1 13 */
-&(nid_objs[671]),/* OBJ_sha224WithRSAEncryption 1 2 840 113549 1 1 14 */
-&(nid_objs[28]),/* OBJ_dhKeyAgreement 1 2 840 113549 1 3 1 */
-&(nid_objs[ 9]),/* OBJ_pbeWithMD2AndDES_CBC 1 2 840 113549 1 5 1 */
-&(nid_objs[10]),/* OBJ_pbeWithMD5AndDES_CBC 1 2 840 113549 1 5 3 */
-&(nid_objs[168]),/* OBJ_pbeWithMD2AndRC2_CBC 1 2 840 113549 1 5 4 */
-&(nid_objs[169]),/* OBJ_pbeWithMD5AndRC2_CBC 1 2 840 113549 1 5 6 */
-&(nid_objs[170]),/* OBJ_pbeWithSHA1AndDES_CBC 1 2 840 113549 1 5 10 */
-&(nid_objs[68]),/* OBJ_pbeWithSHA1AndRC2_CBC 1 2 840 113549 1 5 11 */
-&(nid_objs[69]),/* OBJ_id_pbkdf2 1 2 840 113549 1 5 12 */
-&(nid_objs[161]),/* OBJ_pbes2 1 2 840 113549 1 5 13 */
-&(nid_objs[162]),/* OBJ_pbmac1 1 2 840 113549 1 5 14 */
-&(nid_objs[21]),/* OBJ_pkcs7_data 1 2 840 113549 1 7 1 */
-&(nid_objs[22]),/* OBJ_pkcs7_signed 1 2 840 113549 1 7 2 */
-&(nid_objs[23]),/* OBJ_pkcs7_enveloped 1 2 840 113549 1 7 3 */
-&(nid_objs[24]),/* OBJ_pkcs7_signedAndEnveloped 1 2 840 113549 1 7 4 */
-&(nid_objs[25]),/* OBJ_pkcs7_digest 1 2 840 113549 1 7 5 */
-&(nid_objs[26]),/* OBJ_pkcs7_encrypted 1 2 840 113549 1 7 6 */
-&(nid_objs[48]),/* OBJ_pkcs9_emailAddress 1 2 840 113549 1 9 1 */
-&(nid_objs[49]),/* OBJ_pkcs9_unstructuredName 1 2 840 113549 1 9 2 */
-&(nid_objs[50]),/* OBJ_pkcs9_contentType 1 2 840 113549 1 9 3 */
-&(nid_objs[51]),/* OBJ_pkcs9_messageDigest 1 2 840 113549 1 9 4 */
-&(nid_objs[52]),/* OBJ_pkcs9_signingTime 1 2 840 113549 1 9 5 */
-&(nid_objs[53]),/* OBJ_pkcs9_countersignature 1 2 840 113549 1 9 6 */
-&(nid_objs[54]),/* OBJ_pkcs9_challengePassword 1 2 840 113549 1 9 7 */
-&(nid_objs[55]),/* OBJ_pkcs9_unstructuredAddress 1 2 840 113549 1 9 8 */
-&(nid_objs[56]),/* OBJ_pkcs9_extCertAttributes 1 2 840 113549 1 9 9 */
-&(nid_objs[172]),/* OBJ_ext_req 1 2 840 113549 1 9 14 */
-&(nid_objs[167]),/* OBJ_SMIMECapabilities 1 2 840 113549 1 9 15 */
-&(nid_objs[188]),/* OBJ_SMIME 1 2 840 113549 1 9 16 */
-&(nid_objs[156]),/* OBJ_friendlyName 1 2 840 113549 1 9 20 */
-&(nid_objs[157]),/* OBJ_localKeyID 1 2 840 113549 1 9 21 */
-&(nid_objs[681]),/* OBJ_X9_62_onBasis 1 2 840 10045 1 2 3 1 */
-&(nid_objs[682]),/* OBJ_X9_62_tpBasis 1 2 840 10045 1 2 3 2 */
-&(nid_objs[683]),/* OBJ_X9_62_ppBasis 1 2 840 10045 1 2 3 3 */
-&(nid_objs[417]),/* OBJ_ms_csp_name 1 3 6 1 4 1 311 17 1 */
-&(nid_objs[856]),/* OBJ_LocalKeySet 1 3 6 1 4 1 311 17 2 */
-&(nid_objs[390]),/* OBJ_dcObject 1 3 6 1 4 1 1466 344 */
-&(nid_objs[91]),/* OBJ_bf_cbc 1 3 6 1 4 1 3029 1 2 */
-&(nid_objs[315]),/* OBJ_id_regCtrl_regToken 1 3 6 1 5 5 7 5 1 1 */
-&(nid_objs[316]),/* OBJ_id_regCtrl_authenticator 1 3 6 1 5 5 7 5 1 2 */
-&(nid_objs[317]),/* OBJ_id_regCtrl_pkiPublicationInfo 1 3 6 1 5 5 7 5 1 3 */
-&(nid_objs[318]),/* OBJ_id_regCtrl_pkiArchiveOptions 1 3 6 1 5 5 7 5 1 4 */
-&(nid_objs[319]),/* OBJ_id_regCtrl_oldCertID 1 3 6 1 5 5 7 5 1 5 */
-&(nid_objs[320]),/* OBJ_id_regCtrl_protocolEncrKey 1 3 6 1 5 5 7 5 1 6 */
-&(nid_objs[321]),/* OBJ_id_regInfo_utf8Pairs 1 3 6 1 5 5 7 5 2 1 */
-&(nid_objs[322]),/* OBJ_id_regInfo_certReq 1 3 6 1 5 5 7 5 2 2 */
-&(nid_objs[365]),/* OBJ_id_pkix_OCSP_basic 1 3 6 1 5 5 7 48 1 1 */
-&(nid_objs[366]),/* OBJ_id_pkix_OCSP_Nonce 1 3 6 1 5 5 7 48 1 2 */
-&(nid_objs[367]),/* OBJ_id_pkix_OCSP_CrlID 1 3 6 1 5 5 7 48 1 3 */
-&(nid_objs[368]),/* OBJ_id_pkix_OCSP_acceptableResponses 1 3 6 1 5 5 7 48 1 4 */
-&(nid_objs[369]),/* OBJ_id_pkix_OCSP_noCheck 1 3 6 1 5 5 7 48 1 5 */
-&(nid_objs[370]),/* OBJ_id_pkix_OCSP_archiveCutoff 1 3 6 1 5 5 7 48 1 6 */
-&(nid_objs[371]),/* OBJ_id_pkix_OCSP_serviceLocator 1 3 6 1 5 5 7 48 1 7 */
-&(nid_objs[372]),/* OBJ_id_pkix_OCSP_extendedStatus 1 3 6 1 5 5 7 48 1 8 */
-&(nid_objs[373]),/* OBJ_id_pkix_OCSP_valid 1 3 6 1 5 5 7 48 1 9 */
-&(nid_objs[374]),/* OBJ_id_pkix_OCSP_path 1 3 6 1 5 5 7 48 1 10 */
-&(nid_objs[375]),/* OBJ_id_pkix_OCSP_trustRoot 1 3 6 1 5 5 7 48 1 11 */
-&(nid_objs[418]),/* OBJ_aes_128_ecb 2 16 840 1 101 3 4 1 1 */
-&(nid_objs[419]),/* OBJ_aes_128_cbc 2 16 840 1 101 3 4 1 2 */
-&(nid_objs[420]),/* OBJ_aes_128_ofb128 2 16 840 1 101 3 4 1 3 */
-&(nid_objs[421]),/* OBJ_aes_128_cfb128 2 16 840 1 101 3 4 1 4 */
-&(nid_objs[788]),/* OBJ_id_aes128_wrap 2 16 840 1 101 3 4 1 5 */
-&(nid_objs[422]),/* OBJ_aes_192_ecb 2 16 840 1 101 3 4 1 21 */
-&(nid_objs[423]),/* OBJ_aes_192_cbc 2 16 840 1 101 3 4 1 22 */
-&(nid_objs[424]),/* OBJ_aes_192_ofb128 2 16 840 1 101 3 4 1 23 */
-&(nid_objs[425]),/* OBJ_aes_192_cfb128 2 16 840 1 101 3 4 1 24 */
-&(nid_objs[789]),/* OBJ_id_aes192_wrap 2 16 840 1 101 3 4 1 25 */
-&(nid_objs[426]),/* OBJ_aes_256_ecb 2 16 840 1 101 3 4 1 41 */
-&(nid_objs[427]),/* OBJ_aes_256_cbc 2 16 840 1 101 3 4 1 42 */
-&(nid_objs[428]),/* OBJ_aes_256_ofb128 2 16 840 1 101 3 4 1 43 */
-&(nid_objs[429]),/* OBJ_aes_256_cfb128 2 16 840 1 101 3 4 1 44 */
-&(nid_objs[790]),/* OBJ_id_aes256_wrap 2 16 840 1 101 3 4 1 45 */
-&(nid_objs[672]),/* OBJ_sha256 2 16 840 1 101 3 4 2 1 */
-&(nid_objs[673]),/* OBJ_sha384 2 16 840 1 101 3 4 2 2 */
-&(nid_objs[674]),/* OBJ_sha512 2 16 840 1 101 3 4 2 3 */
-&(nid_objs[675]),/* OBJ_sha224 2 16 840 1 101 3 4 2 4 */
-&(nid_objs[802]),/* OBJ_dsa_with_SHA224 2 16 840 1 101 3 4 3 1 */
-&(nid_objs[803]),/* OBJ_dsa_with_SHA256 2 16 840 1 101 3 4 3 2 */
-&(nid_objs[71]),/* OBJ_netscape_cert_type 2 16 840 1 113730 1 1 */
-&(nid_objs[72]),/* OBJ_netscape_base_url 2 16 840 1 113730 1 2 */
-&(nid_objs[73]),/* OBJ_netscape_revocation_url 2 16 840 1 113730 1 3 */
-&(nid_objs[74]),/* OBJ_netscape_ca_revocation_url 2 16 840 1 113730 1 4 */
-&(nid_objs[75]),/* OBJ_netscape_renewal_url 2 16 840 1 113730 1 7 */
-&(nid_objs[76]),/* OBJ_netscape_ca_policy_url 2 16 840 1 113730 1 8 */
-&(nid_objs[77]),/* OBJ_netscape_ssl_server_name 2 16 840 1 113730 1 12 */
-&(nid_objs[78]),/* OBJ_netscape_comment 2 16 840 1 113730 1 13 */
-&(nid_objs[79]),/* OBJ_netscape_cert_sequence 2 16 840 1 113730 2 5 */
-&(nid_objs[139]),/* OBJ_ns_sgc 2 16 840 1 113730 4 1 */
-&(nid_objs[458]),/* OBJ_userId 0 9 2342 19200300 100 1 1 */
-&(nid_objs[459]),/* OBJ_textEncodedORAddress 0 9 2342 19200300 100 1 2 */
-&(nid_objs[460]),/* OBJ_rfc822Mailbox 0 9 2342 19200300 100 1 3 */
-&(nid_objs[461]),/* OBJ_info 0 9 2342 19200300 100 1 4 */
-&(nid_objs[462]),/* OBJ_favouriteDrink 0 9 2342 19200300 100 1 5 */
-&(nid_objs[463]),/* OBJ_roomNumber 0 9 2342 19200300 100 1 6 */
-&(nid_objs[464]),/* OBJ_photo 0 9 2342 19200300 100 1 7 */
-&(nid_objs[465]),/* OBJ_userClass 0 9 2342 19200300 100 1 8 */
-&(nid_objs[466]),/* OBJ_host 0 9 2342 19200300 100 1 9 */
-&(nid_objs[467]),/* OBJ_manager 0 9 2342 19200300 100 1 10 */
-&(nid_objs[468]),/* OBJ_documentIdentifier 0 9 2342 19200300 100 1 11 */
-&(nid_objs[469]),/* OBJ_documentTitle 0 9 2342 19200300 100 1 12 */
-&(nid_objs[470]),/* OBJ_documentVersion 0 9 2342 19200300 100 1 13 */
-&(nid_objs[471]),/* OBJ_documentAuthor 0 9 2342 19200300 100 1 14 */
-&(nid_objs[472]),/* OBJ_documentLocation 0 9 2342 19200300 100 1 15 */
-&(nid_objs[473]),/* OBJ_homeTelephoneNumber 0 9 2342 19200300 100 1 20 */
-&(nid_objs[474]),/* OBJ_secretary 0 9 2342 19200300 100 1 21 */
-&(nid_objs[475]),/* OBJ_otherMailbox 0 9 2342 19200300 100 1 22 */
-&(nid_objs[476]),/* OBJ_lastModifiedTime 0 9 2342 19200300 100 1 23 */
-&(nid_objs[477]),/* OBJ_lastModifiedBy 0 9 2342 19200300 100 1 24 */
-&(nid_objs[391]),/* OBJ_domainComponent 0 9 2342 19200300 100 1 25 */
-&(nid_objs[478]),/* OBJ_aRecord 0 9 2342 19200300 100 1 26 */
-&(nid_objs[479]),/* OBJ_pilotAttributeType27 0 9 2342 19200300 100 1 27 */
-&(nid_objs[480]),/* OBJ_mXRecord 0 9 2342 19200300 100 1 28 */
-&(nid_objs[481]),/* OBJ_nSRecord 0 9 2342 19200300 100 1 29 */
-&(nid_objs[482]),/* OBJ_sOARecord 0 9 2342 19200300 100 1 30 */
-&(nid_objs[483]),/* OBJ_cNAMERecord 0 9 2342 19200300 100 1 31 */
-&(nid_objs[484]),/* OBJ_associatedDomain 0 9 2342 19200300 100 1 37 */
-&(nid_objs[485]),/* OBJ_associatedName 0 9 2342 19200300 100 1 38 */
-&(nid_objs[486]),/* OBJ_homePostalAddress 0 9 2342 19200300 100 1 39 */
-&(nid_objs[487]),/* OBJ_personalTitle 0 9 2342 19200300 100 1 40 */
-&(nid_objs[488]),/* OBJ_mobileTelephoneNumber 0 9 2342 19200300 100 1 41 */
-&(nid_objs[489]),/* OBJ_pagerTelephoneNumber 0 9 2342 19200300 100 1 42 */
-&(nid_objs[490]),/* OBJ_friendlyCountryName 0 9 2342 19200300 100 1 43 */
-&(nid_objs[491]),/* OBJ_organizationalStatus 0 9 2342 19200300 100 1 45 */
-&(nid_objs[492]),/* OBJ_janetMailbox 0 9 2342 19200300 100 1 46 */
-&(nid_objs[493]),/* OBJ_mailPreferenceOption 0 9 2342 19200300 100 1 47 */
-&(nid_objs[494]),/* OBJ_buildingName 0 9 2342 19200300 100 1 48 */
-&(nid_objs[495]),/* OBJ_dSAQuality 0 9 2342 19200300 100 1 49 */
-&(nid_objs[496]),/* OBJ_singleLevelQuality 0 9 2342 19200300 100 1 50 */
-&(nid_objs[497]),/* OBJ_subtreeMinimumQuality 0 9 2342 19200300 100 1 51 */
-&(nid_objs[498]),/* OBJ_subtreeMaximumQuality 0 9 2342 19200300 100 1 52 */
-&(nid_objs[499]),/* OBJ_personalSignature 0 9 2342 19200300 100 1 53 */
-&(nid_objs[500]),/* OBJ_dITRedirect 0 9 2342 19200300 100 1 54 */
-&(nid_objs[501]),/* OBJ_audio 0 9 2342 19200300 100 1 55 */
-&(nid_objs[502]),/* OBJ_documentPublisher 0 9 2342 19200300 100 1 56 */
-&(nid_objs[442]),/* OBJ_iA5StringSyntax 0 9 2342 19200300 100 3 4 */
-&(nid_objs[443]),/* OBJ_caseIgnoreIA5StringSyntax 0 9 2342 19200300 100 3 5 */
-&(nid_objs[444]),/* OBJ_pilotObject 0 9 2342 19200300 100 4 3 */
-&(nid_objs[445]),/* OBJ_pilotPerson 0 9 2342 19200300 100 4 4 */
-&(nid_objs[446]),/* OBJ_account 0 9 2342 19200300 100 4 5 */
-&(nid_objs[447]),/* OBJ_document 0 9 2342 19200300 100 4 6 */
-&(nid_objs[448]),/* OBJ_room 0 9 2342 19200300 100 4 7 */
-&(nid_objs[449]),/* OBJ_documentSeries 0 9 2342 19200300 100 4 9 */
-&(nid_objs[392]),/* OBJ_Domain 0 9 2342 19200300 100 4 13 */
-&(nid_objs[450]),/* OBJ_rFC822localPart 0 9 2342 19200300 100 4 14 */
-&(nid_objs[451]),/* OBJ_dNSDomain 0 9 2342 19200300 100 4 15 */
-&(nid_objs[452]),/* OBJ_domainRelatedObject 0 9 2342 19200300 100 4 17 */
-&(nid_objs[453]),/* OBJ_friendlyCountry 0 9 2342 19200300 100 4 18 */
-&(nid_objs[454]),/* OBJ_simpleSecurityObject 0 9 2342 19200300 100 4 19 */
-&(nid_objs[455]),/* OBJ_pilotOrganization 0 9 2342 19200300 100 4 20 */
-&(nid_objs[456]),/* OBJ_pilotDSA 0 9 2342 19200300 100 4 21 */
-&(nid_objs[457]),/* OBJ_qualityLabelledData 0 9 2342 19200300 100 4 22 */
-&(nid_objs[189]),/* OBJ_id_smime_mod 1 2 840 113549 1 9 16 0 */
-&(nid_objs[190]),/* OBJ_id_smime_ct 1 2 840 113549 1 9 16 1 */
-&(nid_objs[191]),/* OBJ_id_smime_aa 1 2 840 113549 1 9 16 2 */
-&(nid_objs[192]),/* OBJ_id_smime_alg 1 2 840 113549 1 9 16 3 */
-&(nid_objs[193]),/* OBJ_id_smime_cd 1 2 840 113549 1 9 16 4 */
-&(nid_objs[194]),/* OBJ_id_smime_spq 1 2 840 113549 1 9 16 5 */
-&(nid_objs[195]),/* OBJ_id_smime_cti 1 2 840 113549 1 9 16 6 */
-&(nid_objs[158]),/* OBJ_x509Certificate 1 2 840 113549 1 9 22 1 */
-&(nid_objs[159]),/* OBJ_sdsiCertificate 1 2 840 113549 1 9 22 2 */
-&(nid_objs[160]),/* OBJ_x509Crl 1 2 840 113549 1 9 23 1 */
-&(nid_objs[144]),/* OBJ_pbe_WithSHA1And128BitRC4 1 2 840 113549 1 12 1 1 */
-&(nid_objs[145]),/* OBJ_pbe_WithSHA1And40BitRC4 1 2 840 113549 1 12 1 2 */
-&(nid_objs[146]),/* OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC 1 2 840 113549 1 12 1 3 */
-&(nid_objs[147]),/* OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC 1 2 840 113549 1 12 1 4 */
-&(nid_objs[148]),/* OBJ_pbe_WithSHA1And128BitRC2_CBC 1 2 840 113549 1 12 1 5 */
-&(nid_objs[149]),/* OBJ_pbe_WithSHA1And40BitRC2_CBC 1 2 840 113549 1 12 1 6 */
-&(nid_objs[171]),/* OBJ_ms_ext_req 1 3 6 1 4 1 311 2 1 14 */
-&(nid_objs[134]),/* OBJ_ms_code_ind 1 3 6 1 4 1 311 2 1 21 */
-&(nid_objs[135]),/* OBJ_ms_code_com 1 3 6 1 4 1 311 2 1 22 */
-&(nid_objs[136]),/* OBJ_ms_ctl_sign 1 3 6 1 4 1 311 10 3 1 */
-&(nid_objs[137]),/* OBJ_ms_sgc 1 3 6 1 4 1 311 10 3 3 */
-&(nid_objs[138]),/* OBJ_ms_efs 1 3 6 1 4 1 311 10 3 4 */
-&(nid_objs[648]),/* OBJ_ms_smartcard_login 1 3 6 1 4 1 311 20 2 2 */
-&(nid_objs[649]),/* OBJ_ms_upn 1 3 6 1 4 1 311 20 2 3 */
-&(nid_objs[751]),/* OBJ_camellia_128_cbc 1 2 392 200011 61 1 1 1 2 */
-&(nid_objs[752]),/* OBJ_camellia_192_cbc 1 2 392 200011 61 1 1 1 3 */
-&(nid_objs[753]),/* OBJ_camellia_256_cbc 1 2 392 200011 61 1 1 1 4 */
-&(nid_objs[196]),/* OBJ_id_smime_mod_cms 1 2 840 113549 1 9 16 0 1 */
-&(nid_objs[197]),/* OBJ_id_smime_mod_ess 1 2 840 113549 1 9 16 0 2 */
-&(nid_objs[198]),/* OBJ_id_smime_mod_oid 1 2 840 113549 1 9 16 0 3 */
-&(nid_objs[199]),/* OBJ_id_smime_mod_msg_v3 1 2 840 113549 1 9 16 0 4 */
-&(nid_objs[200]),/* OBJ_id_smime_mod_ets_eSignature_88 1 2 840 113549 1 9 16 0 5 */
-&(nid_objs[201]),/* OBJ_id_smime_mod_ets_eSignature_97 1 2 840 113549 1 9 16 0 6 */
-&(nid_objs[202]),/* OBJ_id_smime_mod_ets_eSigPolicy_88 1 2 840 113549 1 9 16 0 7 */
-&(nid_objs[203]),/* OBJ_id_smime_mod_ets_eSigPolicy_97 1 2 840 113549 1 9 16 0 8 */
-&(nid_objs[204]),/* OBJ_id_smime_ct_receipt 1 2 840 113549 1 9 16 1 1 */
-&(nid_objs[205]),/* OBJ_id_smime_ct_authData 1 2 840 113549 1 9 16 1 2 */
-&(nid_objs[206]),/* OBJ_id_smime_ct_publishCert 1 2 840 113549 1 9 16 1 3 */
-&(nid_objs[207]),/* OBJ_id_smime_ct_TSTInfo 1 2 840 113549 1 9 16 1 4 */
-&(nid_objs[208]),/* OBJ_id_smime_ct_TDTInfo 1 2 840 113549 1 9 16 1 5 */
-&(nid_objs[209]),/* OBJ_id_smime_ct_contentInfo 1 2 840 113549 1 9 16 1 6 */
-&(nid_objs[210]),/* OBJ_id_smime_ct_DVCSRequestData 1 2 840 113549 1 9 16 1 7 */
-&(nid_objs[211]),/* OBJ_id_smime_ct_DVCSResponseData 1 2 840 113549 1 9 16 1 8 */
-&(nid_objs[786]),/* OBJ_id_smime_ct_compressedData 1 2 840 113549 1 9 16 1 9 */
-&(nid_objs[787]),/* OBJ_id_ct_asciiTextWithCRLF 1 2 840 113549 1 9 16 1 27 */
-&(nid_objs[212]),/* OBJ_id_smime_aa_receiptRequest 1 2 840 113549 1 9 16 2 1 */
-&(nid_objs[213]),/* OBJ_id_smime_aa_securityLabel 1 2 840 113549 1 9 16 2 2 */
-&(nid_objs[214]),/* OBJ_id_smime_aa_mlExpandHistory 1 2 840 113549 1 9 16 2 3 */
-&(nid_objs[215]),/* OBJ_id_smime_aa_contentHint 1 2 840 113549 1 9 16 2 4 */
-&(nid_objs[216]),/* OBJ_id_smime_aa_msgSigDigest 1 2 840 113549 1 9 16 2 5 */
-&(nid_objs[217]),/* OBJ_id_smime_aa_encapContentType 1 2 840 113549 1 9 16 2 6 */
-&(nid_objs[218]),/* OBJ_id_smime_aa_contentIdentifier 1 2 840 113549 1 9 16 2 7 */
-&(nid_objs[219]),/* OBJ_id_smime_aa_macValue 1 2 840 113549 1 9 16 2 8 */
-&(nid_objs[220]),/* OBJ_id_smime_aa_equivalentLabels 1 2 840 113549 1 9 16 2 9 */
-&(nid_objs[221]),/* OBJ_id_smime_aa_contentReference 1 2 840 113549 1 9 16 2 10 */
-&(nid_objs[222]),/* OBJ_id_smime_aa_encrypKeyPref 1 2 840 113549 1 9 16 2 11 */
-&(nid_objs[223]),/* OBJ_id_smime_aa_signingCertificate 1 2 840 113549 1 9 16 2 12 */
-&(nid_objs[224]),/* OBJ_id_smime_aa_smimeEncryptCerts 1 2 840 113549 1 9 16 2 13 */
-&(nid_objs[225]),/* OBJ_id_smime_aa_timeStampToken 1 2 840 113549 1 9 16 2 14 */
-&(nid_objs[226]),/* OBJ_id_smime_aa_ets_sigPolicyId 1 2 840 113549 1 9 16 2 15 */
-&(nid_objs[227]),/* OBJ_id_smime_aa_ets_commitmentType 1 2 840 113549 1 9 16 2 16 */
-&(nid_objs[228]),/* OBJ_id_smime_aa_ets_signerLocation 1 2 840 113549 1 9 16 2 17 */
-&(nid_objs[229]),/* OBJ_id_smime_aa_ets_signerAttr 1 2 840 113549 1 9 16 2 18 */
-&(nid_objs[230]),/* OBJ_id_smime_aa_ets_otherSigCert 1 2 840 113549 1 9 16 2 19 */
-&(nid_objs[231]),/* OBJ_id_smime_aa_ets_contentTimestamp 1 2 840 113549 1 9 16 2 20 */
-&(nid_objs[232]),/* OBJ_id_smime_aa_ets_CertificateRefs 1 2 840 113549 1 9 16 2 21 */
-&(nid_objs[233]),/* OBJ_id_smime_aa_ets_RevocationRefs 1 2 840 113549 1 9 16 2 22 */
-&(nid_objs[234]),/* OBJ_id_smime_aa_ets_certValues 1 2 840 113549 1 9 16 2 23 */
-&(nid_objs[235]),/* OBJ_id_smime_aa_ets_revocationValues 1 2 840 113549 1 9 16 2 24 */
-&(nid_objs[236]),/* OBJ_id_smime_aa_ets_escTimeStamp 1 2 840 113549 1 9 16 2 25 */
-&(nid_objs[237]),/* OBJ_id_smime_aa_ets_certCRLTimestamp 1 2 840 113549 1 9 16 2 26 */
-&(nid_objs[238]),/* OBJ_id_smime_aa_ets_archiveTimeStamp 1 2 840 113549 1 9 16 2 27 */
-&(nid_objs[239]),/* OBJ_id_smime_aa_signatureType 1 2 840 113549 1 9 16 2 28 */
-&(nid_objs[240]),/* OBJ_id_smime_aa_dvcs_dvc 1 2 840 113549 1 9 16 2 29 */
-&(nid_objs[241]),/* OBJ_id_smime_alg_ESDHwith3DES 1 2 840 113549 1 9 16 3 1 */
-&(nid_objs[242]),/* OBJ_id_smime_alg_ESDHwithRC2 1 2 840 113549 1 9 16 3 2 */
-&(nid_objs[243]),/* OBJ_id_smime_alg_3DESwrap 1 2 840 113549 1 9 16 3 3 */
-&(nid_objs[244]),/* OBJ_id_smime_alg_RC2wrap 1 2 840 113549 1 9 16 3 4 */
-&(nid_objs[245]),/* OBJ_id_smime_alg_ESDH 1 2 840 113549 1 9 16 3 5 */
-&(nid_objs[246]),/* OBJ_id_smime_alg_CMS3DESwrap 1 2 840 113549 1 9 16 3 6 */
-&(nid_objs[247]),/* OBJ_id_smime_alg_CMSRC2wrap 1 2 840 113549 1 9 16 3 7 */
-&(nid_objs[125]),/* OBJ_zlib_compression 1 2 840 113549 1 9 16 3 8 */
-&(nid_objs[248]),/* OBJ_id_smime_cd_ldap 1 2 840 113549 1 9 16 4 1 */
-&(nid_objs[249]),/* OBJ_id_smime_spq_ets_sqt_uri 1 2 840 113549 1 9 16 5 1 */
-&(nid_objs[250]),/* OBJ_id_smime_spq_ets_sqt_unotice 1 2 840 113549 1 9 16 5 2 */
-&(nid_objs[251]),/* OBJ_id_smime_cti_ets_proofOfOrigin 1 2 840 113549 1 9 16 6 1 */
-&(nid_objs[252]),/* OBJ_id_smime_cti_ets_proofOfReceipt 1 2 840 113549 1 9 16 6 2 */
-&(nid_objs[253]),/* OBJ_id_smime_cti_ets_proofOfDelivery 1 2 840 113549 1 9 16 6 3 */
-&(nid_objs[254]),/* OBJ_id_smime_cti_ets_proofOfSender 1 2 840 113549 1 9 16 6 4 */
-&(nid_objs[255]),/* OBJ_id_smime_cti_ets_proofOfApproval 1 2 840 113549 1 9 16 6 5 */
-&(nid_objs[256]),/* OBJ_id_smime_cti_ets_proofOfCreation 1 2 840 113549 1 9 16 6 6 */
-&(nid_objs[150]),/* OBJ_keyBag 1 2 840 113549 1 12 10 1 1 */
-&(nid_objs[151]),/* OBJ_pkcs8ShroudedKeyBag 1 2 840 113549 1 12 10 1 2 */
-&(nid_objs[152]),/* OBJ_certBag 1 2 840 113549 1 12 10 1 3 */
-&(nid_objs[153]),/* OBJ_crlBag 1 2 840 113549 1 12 10 1 4 */
-&(nid_objs[154]),/* OBJ_secretBag 1 2 840 113549 1 12 10 1 5 */
-&(nid_objs[155]),/* OBJ_safeContentsBag 1 2 840 113549 1 12 10 1 6 */
-&(nid_objs[34]),/* OBJ_idea_cbc 1 3 6 1 4 1 188 7 1 1 2 */
+static const unsigned int obj_objs[NUM_OBJ]={
+ 0, /* OBJ_undef 0 */
+181, /* OBJ_iso 1 */
+393, /* OBJ_joint_iso_ccitt OBJ_joint_iso_itu_t */
+404, /* OBJ_ccitt OBJ_itu_t */
+645, /* OBJ_itu_t 0 */
+646, /* OBJ_joint_iso_itu_t 2 */
+434, /* OBJ_data 0 9 */
+182, /* OBJ_member_body 1 2 */
+379, /* OBJ_org 1 3 */
+676, /* OBJ_identified_organization 1 3 */
+11, /* OBJ_X500 2 5 */
+647, /* OBJ_international_organizations 2 23 */
+380, /* OBJ_dod 1 3 6 */
+12, /* OBJ_X509 2 5 4 */
+378, /* OBJ_X500algorithms 2 5 8 */
+81, /* OBJ_id_ce 2 5 29 */
+512, /* OBJ_id_set 2 23 42 */
+678, /* OBJ_wap 2 23 43 */
+435, /* OBJ_pss 0 9 2342 */
+183, /* OBJ_ISO_US 1 2 840 */
+381, /* OBJ_iana 1 3 6 1 */
+677, /* OBJ_certicom_arc 1 3 132 */
+394, /* OBJ_selected_attribute_types 2 5 1 5 */
+13, /* OBJ_commonName 2 5 4 3 */
+100, /* OBJ_surname 2 5 4 4 */
+105, /* OBJ_serialNumber 2 5 4 5 */
+14, /* OBJ_countryName 2 5 4 6 */
+15, /* OBJ_localityName 2 5 4 7 */
+16, /* OBJ_stateOrProvinceName 2 5 4 8 */
+660, /* OBJ_streetAddress 2 5 4 9 */
+17, /* OBJ_organizationName 2 5 4 10 */
+18, /* OBJ_organizationalUnitName 2 5 4 11 */
+106, /* OBJ_title 2 5 4 12 */
+107, /* OBJ_description 2 5 4 13 */
+859, /* OBJ_searchGuide 2 5 4 14 */
+860, /* OBJ_businessCategory 2 5 4 15 */
+861, /* OBJ_postalAddress 2 5 4 16 */
+661, /* OBJ_postalCode 2 5 4 17 */
+862, /* OBJ_postOfficeBox 2 5 4 18 */
+863, /* OBJ_physicalDeliveryOfficeName 2 5 4 19 */
+864, /* OBJ_telephoneNumber 2 5 4 20 */
+865, /* OBJ_telexNumber 2 5 4 21 */
+866, /* OBJ_teletexTerminalIdentifier 2 5 4 22 */
+867, /* OBJ_facsimileTelephoneNumber 2 5 4 23 */
+868, /* OBJ_x121Address 2 5 4 24 */
+869, /* OBJ_internationaliSDNNumber 2 5 4 25 */
+870, /* OBJ_registeredAddress 2 5 4 26 */
+871, /* OBJ_destinationIndicator 2 5 4 27 */
+872, /* OBJ_preferredDeliveryMethod 2 5 4 28 */
+873, /* OBJ_presentationAddress 2 5 4 29 */
+874, /* OBJ_supportedApplicationContext 2 5 4 30 */
+875, /* OBJ_member 2 5 4 31 */
+876, /* OBJ_owner 2 5 4 32 */
+877, /* OBJ_roleOccupant 2 5 4 33 */
+878, /* OBJ_seeAlso 2 5 4 34 */
+879, /* OBJ_userPassword 2 5 4 35 */
+880, /* OBJ_userCertificate 2 5 4 36 */
+881, /* OBJ_cACertificate 2 5 4 37 */
+882, /* OBJ_authorityRevocationList 2 5 4 38 */
+883, /* OBJ_certificateRevocationList 2 5 4 39 */
+884, /* OBJ_crossCertificatePair 2 5 4 40 */
+173, /* OBJ_name 2 5 4 41 */
+99, /* OBJ_givenName 2 5 4 42 */
+101, /* OBJ_initials 2 5 4 43 */
+509, /* OBJ_generationQualifier 2 5 4 44 */
+503, /* OBJ_x500UniqueIdentifier 2 5 4 45 */
+174, /* OBJ_dnQualifier 2 5 4 46 */
+885, /* OBJ_enhancedSearchGuide 2 5 4 47 */
+886, /* OBJ_protocolInformation 2 5 4 48 */
+887, /* OBJ_distinguishedName 2 5 4 49 */
+888, /* OBJ_uniqueMember 2 5 4 50 */
+889, /* OBJ_houseIdentifier 2 5 4 51 */
+890, /* OBJ_supportedAlgorithms 2 5 4 52 */
+891, /* OBJ_deltaRevocationList 2 5 4 53 */
+892, /* OBJ_dmdName 2 5 4 54 */
+510, /* OBJ_pseudonym 2 5 4 65 */
+400, /* OBJ_role 2 5 4 72 */
+769, /* OBJ_subject_directory_attributes 2 5 29 9 */
+82, /* OBJ_subject_key_identifier 2 5 29 14 */
+83, /* OBJ_key_usage 2 5 29 15 */
+84, /* OBJ_private_key_usage_period 2 5 29 16 */
+85, /* OBJ_subject_alt_name 2 5 29 17 */
+86, /* OBJ_issuer_alt_name 2 5 29 18 */
+87, /* OBJ_basic_constraints 2 5 29 19 */
+88, /* OBJ_crl_number 2 5 29 20 */
+141, /* OBJ_crl_reason 2 5 29 21 */
+430, /* OBJ_hold_instruction_code 2 5 29 23 */
+142, /* OBJ_invalidity_date 2 5 29 24 */
+140, /* OBJ_delta_crl 2 5 29 27 */
+770, /* OBJ_issuing_distribution_point 2 5 29 28 */
+771, /* OBJ_certificate_issuer 2 5 29 29 */
+666, /* OBJ_name_constraints 2 5 29 30 */
+103, /* OBJ_crl_distribution_points 2 5 29 31 */
+89, /* OBJ_certificate_policies 2 5 29 32 */
+747, /* OBJ_policy_mappings 2 5 29 33 */
+90, /* OBJ_authority_key_identifier 2 5 29 35 */
+401, /* OBJ_policy_constraints 2 5 29 36 */
+126, /* OBJ_ext_key_usage 2 5 29 37 */
+857, /* OBJ_freshest_crl 2 5 29 46 */
+748, /* OBJ_inhibit_any_policy 2 5 29 54 */
+402, /* OBJ_target_information 2 5 29 55 */
+403, /* OBJ_no_rev_avail 2 5 29 56 */
+513, /* OBJ_set_ctype 2 23 42 0 */
+514, /* OBJ_set_msgExt 2 23 42 1 */
+515, /* OBJ_set_attr 2 23 42 3 */
+516, /* OBJ_set_policy 2 23 42 5 */
+517, /* OBJ_set_certExt 2 23 42 7 */
+518, /* OBJ_set_brand 2 23 42 8 */
+679, /* OBJ_wap_wsg 2 23 43 1 */
+382, /* OBJ_Directory 1 3 6 1 1 */
+383, /* OBJ_Management 1 3 6 1 2 */
+384, /* OBJ_Experimental 1 3 6 1 3 */
+385, /* OBJ_Private 1 3 6 1 4 */
+386, /* OBJ_Security 1 3 6 1 5 */
+387, /* OBJ_SNMPv2 1 3 6 1 6 */
+388, /* OBJ_Mail 1 3 6 1 7 */
+376, /* OBJ_algorithm 1 3 14 3 2 */
+395, /* OBJ_clearance 2 5 1 5 55 */
+19, /* OBJ_rsa 2 5 8 1 1 */
+96, /* OBJ_mdc2WithRSA 2 5 8 3 100 */
+95, /* OBJ_mdc2 2 5 8 3 101 */
+746, /* OBJ_any_policy 2 5 29 32 0 */
+910, /* OBJ_anyExtendedKeyUsage 2 5 29 37 0 */
+519, /* OBJ_setct_PANData 2 23 42 0 0 */
+520, /* OBJ_setct_PANToken 2 23 42 0 1 */
+521, /* OBJ_setct_PANOnly 2 23 42 0 2 */
+522, /* OBJ_setct_OIData 2 23 42 0 3 */
+523, /* OBJ_setct_PI 2 23 42 0 4 */
+524, /* OBJ_setct_PIData 2 23 42 0 5 */
+525, /* OBJ_setct_PIDataUnsigned 2 23 42 0 6 */
+526, /* OBJ_setct_HODInput 2 23 42 0 7 */
+527, /* OBJ_setct_AuthResBaggage 2 23 42 0 8 */
+528, /* OBJ_setct_AuthRevReqBaggage 2 23 42 0 9 */
+529, /* OBJ_setct_AuthRevResBaggage 2 23 42 0 10 */
+530, /* OBJ_setct_CapTokenSeq 2 23 42 0 11 */
+531, /* OBJ_setct_PInitResData 2 23 42 0 12 */
+532, /* OBJ_setct_PI_TBS 2 23 42 0 13 */
+533, /* OBJ_setct_PResData 2 23 42 0 14 */
+534, /* OBJ_setct_AuthReqTBS 2 23 42 0 16 */
+535, /* OBJ_setct_AuthResTBS 2 23 42 0 17 */
+536, /* OBJ_setct_AuthResTBSX 2 23 42 0 18 */
+537, /* OBJ_setct_AuthTokenTBS 2 23 42 0 19 */
+538, /* OBJ_setct_CapTokenData 2 23 42 0 20 */
+539, /* OBJ_setct_CapTokenTBS 2 23 42 0 21 */
+540, /* OBJ_setct_AcqCardCodeMsg 2 23 42 0 22 */
+541, /* OBJ_setct_AuthRevReqTBS 2 23 42 0 23 */
+542, /* OBJ_setct_AuthRevResData 2 23 42 0 24 */
+543, /* OBJ_setct_AuthRevResTBS 2 23 42 0 25 */
+544, /* OBJ_setct_CapReqTBS 2 23 42 0 26 */
+545, /* OBJ_setct_CapReqTBSX 2 23 42 0 27 */
+546, /* OBJ_setct_CapResData 2 23 42 0 28 */
+547, /* OBJ_setct_CapRevReqTBS 2 23 42 0 29 */
+548, /* OBJ_setct_CapRevReqTBSX 2 23 42 0 30 */
+549, /* OBJ_setct_CapRevResData 2 23 42 0 31 */
+550, /* OBJ_setct_CredReqTBS 2 23 42 0 32 */
+551, /* OBJ_setct_CredReqTBSX 2 23 42 0 33 */
+552, /* OBJ_setct_CredResData 2 23 42 0 34 */
+553, /* OBJ_setct_CredRevReqTBS 2 23 42 0 35 */
+554, /* OBJ_setct_CredRevReqTBSX 2 23 42 0 36 */
+555, /* OBJ_setct_CredRevResData 2 23 42 0 37 */
+556, /* OBJ_setct_PCertReqData 2 23 42 0 38 */
+557, /* OBJ_setct_PCertResTBS 2 23 42 0 39 */
+558, /* OBJ_setct_BatchAdminReqData 2 23 42 0 40 */
+559, /* OBJ_setct_BatchAdminResData 2 23 42 0 41 */
+560, /* OBJ_setct_CardCInitResTBS 2 23 42 0 42 */
+561, /* OBJ_setct_MeAqCInitResTBS 2 23 42 0 43 */
+562, /* OBJ_setct_RegFormResTBS 2 23 42 0 44 */
+563, /* OBJ_setct_CertReqData 2 23 42 0 45 */
+564, /* OBJ_setct_CertReqTBS 2 23 42 0 46 */
+565, /* OBJ_setct_CertResData 2 23 42 0 47 */
+566, /* OBJ_setct_CertInqReqTBS 2 23 42 0 48 */
+567, /* OBJ_setct_ErrorTBS 2 23 42 0 49 */
+568, /* OBJ_setct_PIDualSignedTBE 2 23 42 0 50 */
+569, /* OBJ_setct_PIUnsignedTBE 2 23 42 0 51 */
+570, /* OBJ_setct_AuthReqTBE 2 23 42 0 52 */
+571, /* OBJ_setct_AuthResTBE 2 23 42 0 53 */
+572, /* OBJ_setct_AuthResTBEX 2 23 42 0 54 */
+573, /* OBJ_setct_AuthTokenTBE 2 23 42 0 55 */
+574, /* OBJ_setct_CapTokenTBE 2 23 42 0 56 */
+575, /* OBJ_setct_CapTokenTBEX 2 23 42 0 57 */
+576, /* OBJ_setct_AcqCardCodeMsgTBE 2 23 42 0 58 */
+577, /* OBJ_setct_AuthRevReqTBE 2 23 42 0 59 */
+578, /* OBJ_setct_AuthRevResTBE 2 23 42 0 60 */
+579, /* OBJ_setct_AuthRevResTBEB 2 23 42 0 61 */
+580, /* OBJ_setct_CapReqTBE 2 23 42 0 62 */
+581, /* OBJ_setct_CapReqTBEX 2 23 42 0 63 */
+582, /* OBJ_setct_CapResTBE 2 23 42 0 64 */
+583, /* OBJ_setct_CapRevReqTBE 2 23 42 0 65 */
+584, /* OBJ_setct_CapRevReqTBEX 2 23 42 0 66 */
+585, /* OBJ_setct_CapRevResTBE 2 23 42 0 67 */
+586, /* OBJ_setct_CredReqTBE 2 23 42 0 68 */
+587, /* OBJ_setct_CredReqTBEX 2 23 42 0 69 */
+588, /* OBJ_setct_CredResTBE 2 23 42 0 70 */
+589, /* OBJ_setct_CredRevReqTBE 2 23 42 0 71 */
+590, /* OBJ_setct_CredRevReqTBEX 2 23 42 0 72 */
+591, /* OBJ_setct_CredRevResTBE 2 23 42 0 73 */
+592, /* OBJ_setct_BatchAdminReqTBE 2 23 42 0 74 */
+593, /* OBJ_setct_BatchAdminResTBE 2 23 42 0 75 */
+594, /* OBJ_setct_RegFormReqTBE 2 23 42 0 76 */
+595, /* OBJ_setct_CertReqTBE 2 23 42 0 77 */
+596, /* OBJ_setct_CertReqTBEX 2 23 42 0 78 */
+597, /* OBJ_setct_CertResTBE 2 23 42 0 79 */
+598, /* OBJ_setct_CRLNotificationTBS 2 23 42 0 80 */
+599, /* OBJ_setct_CRLNotificationResTBS 2 23 42 0 81 */
+600, /* OBJ_setct_BCIDistributionTBS 2 23 42 0 82 */
+601, /* OBJ_setext_genCrypt 2 23 42 1 1 */
+602, /* OBJ_setext_miAuth 2 23 42 1 3 */
+603, /* OBJ_setext_pinSecure 2 23 42 1 4 */
+604, /* OBJ_setext_pinAny 2 23 42 1 5 */
+605, /* OBJ_setext_track2 2 23 42 1 7 */
+606, /* OBJ_setext_cv 2 23 42 1 8 */
+620, /* OBJ_setAttr_Cert 2 23 42 3 0 */
+621, /* OBJ_setAttr_PGWYcap 2 23 42 3 1 */
+622, /* OBJ_setAttr_TokenType 2 23 42 3 2 */
+623, /* OBJ_setAttr_IssCap 2 23 42 3 3 */
+607, /* OBJ_set_policy_root 2 23 42 5 0 */
+608, /* OBJ_setCext_hashedRoot 2 23 42 7 0 */
+609, /* OBJ_setCext_certType 2 23 42 7 1 */
+610, /* OBJ_setCext_merchData 2 23 42 7 2 */
+611, /* OBJ_setCext_cCertRequired 2 23 42 7 3 */
+612, /* OBJ_setCext_tunneling 2 23 42 7 4 */
+613, /* OBJ_setCext_setExt 2 23 42 7 5 */
+614, /* OBJ_setCext_setQualf 2 23 42 7 6 */
+615, /* OBJ_setCext_PGWYcapabilities 2 23 42 7 7 */
+616, /* OBJ_setCext_TokenIdentifier 2 23 42 7 8 */
+617, /* OBJ_setCext_Track2Data 2 23 42 7 9 */
+618, /* OBJ_setCext_TokenType 2 23 42 7 10 */
+619, /* OBJ_setCext_IssuerCapabilities 2 23 42 7 11 */
+636, /* OBJ_set_brand_IATA_ATA 2 23 42 8 1 */
+640, /* OBJ_set_brand_Visa 2 23 42 8 4 */
+641, /* OBJ_set_brand_MasterCard 2 23 42 8 5 */
+637, /* OBJ_set_brand_Diners 2 23 42 8 30 */
+638, /* OBJ_set_brand_AmericanExpress 2 23 42 8 34 */
+639, /* OBJ_set_brand_JCB 2 23 42 8 35 */
+805, /* OBJ_cryptopro 1 2 643 2 2 */
+806, /* OBJ_cryptocom 1 2 643 2 9 */
+184, /* OBJ_X9_57 1 2 840 10040 */
+405, /* OBJ_ansi_X9_62 1 2 840 10045 */
+389, /* OBJ_Enterprises 1 3 6 1 4 1 */
+504, /* OBJ_mime_mhs 1 3 6 1 7 1 */
+104, /* OBJ_md5WithRSA 1 3 14 3 2 3 */
+29, /* OBJ_des_ecb 1 3 14 3 2 6 */
+31, /* OBJ_des_cbc 1 3 14 3 2 7 */
+45, /* OBJ_des_ofb64 1 3 14 3 2 8 */
+30, /* OBJ_des_cfb64 1 3 14 3 2 9 */
+377, /* OBJ_rsaSignature 1 3 14 3 2 11 */
+67, /* OBJ_dsa_2 1 3 14 3 2 12 */
+66, /* OBJ_dsaWithSHA 1 3 14 3 2 13 */
+42, /* OBJ_shaWithRSAEncryption 1 3 14 3 2 15 */
+32, /* OBJ_des_ede_ecb 1 3 14 3 2 17 */
+41, /* OBJ_sha 1 3 14 3 2 18 */
+64, /* OBJ_sha1 1 3 14 3 2 26 */
+70, /* OBJ_dsaWithSHA1_2 1 3 14 3 2 27 */
+115, /* OBJ_sha1WithRSA 1 3 14 3 2 29 */
+117, /* OBJ_ripemd160 1 3 36 3 2 1 */
+143, /* OBJ_sxnet 1 3 101 1 4 1 */
+721, /* OBJ_sect163k1 1 3 132 0 1 */
+722, /* OBJ_sect163r1 1 3 132 0 2 */
+728, /* OBJ_sect239k1 1 3 132 0 3 */
+717, /* OBJ_sect113r1 1 3 132 0 4 */
+718, /* OBJ_sect113r2 1 3 132 0 5 */
+704, /* OBJ_secp112r1 1 3 132 0 6 */
+705, /* OBJ_secp112r2 1 3 132 0 7 */
+709, /* OBJ_secp160r1 1 3 132 0 8 */
+708, /* OBJ_secp160k1 1 3 132 0 9 */
+714, /* OBJ_secp256k1 1 3 132 0 10 */
+723, /* OBJ_sect163r2 1 3 132 0 15 */
+729, /* OBJ_sect283k1 1 3 132 0 16 */
+730, /* OBJ_sect283r1 1 3 132 0 17 */
+719, /* OBJ_sect131r1 1 3 132 0 22 */
+720, /* OBJ_sect131r2 1 3 132 0 23 */
+724, /* OBJ_sect193r1 1 3 132 0 24 */
+725, /* OBJ_sect193r2 1 3 132 0 25 */
+726, /* OBJ_sect233k1 1 3 132 0 26 */
+727, /* OBJ_sect233r1 1 3 132 0 27 */
+706, /* OBJ_secp128r1 1 3 132 0 28 */
+707, /* OBJ_secp128r2 1 3 132 0 29 */
+710, /* OBJ_secp160r2 1 3 132 0 30 */
+711, /* OBJ_secp192k1 1 3 132 0 31 */
+712, /* OBJ_secp224k1 1 3 132 0 32 */
+713, /* OBJ_secp224r1 1 3 132 0 33 */
+715, /* OBJ_secp384r1 1 3 132 0 34 */
+716, /* OBJ_secp521r1 1 3 132 0 35 */
+731, /* OBJ_sect409k1 1 3 132 0 36 */
+732, /* OBJ_sect409r1 1 3 132 0 37 */
+733, /* OBJ_sect571k1 1 3 132 0 38 */
+734, /* OBJ_sect571r1 1 3 132 0 39 */
+624, /* OBJ_set_rootKeyThumb 2 23 42 3 0 0 */
+625, /* OBJ_set_addPolicy 2 23 42 3 0 1 */
+626, /* OBJ_setAttr_Token_EMV 2 23 42 3 2 1 */
+627, /* OBJ_setAttr_Token_B0Prime 2 23 42 3 2 2 */
+628, /* OBJ_setAttr_IssCap_CVM 2 23 42 3 3 3 */
+629, /* OBJ_setAttr_IssCap_T2 2 23 42 3 3 4 */
+630, /* OBJ_setAttr_IssCap_Sig 2 23 42 3 3 5 */
+642, /* OBJ_set_brand_Novus 2 23 42 8 6011 */
+735, /* OBJ_wap_wsg_idm_ecid_wtls1 2 23 43 1 4 1 */
+736, /* OBJ_wap_wsg_idm_ecid_wtls3 2 23 43 1 4 3 */
+737, /* OBJ_wap_wsg_idm_ecid_wtls4 2 23 43 1 4 4 */
+738, /* OBJ_wap_wsg_idm_ecid_wtls5 2 23 43 1 4 5 */
+739, /* OBJ_wap_wsg_idm_ecid_wtls6 2 23 43 1 4 6 */
+740, /* OBJ_wap_wsg_idm_ecid_wtls7 2 23 43 1 4 7 */
+741, /* OBJ_wap_wsg_idm_ecid_wtls8 2 23 43 1 4 8 */
+742, /* OBJ_wap_wsg_idm_ecid_wtls9 2 23 43 1 4 9 */
+743, /* OBJ_wap_wsg_idm_ecid_wtls10 2 23 43 1 4 10 */
+744, /* OBJ_wap_wsg_idm_ecid_wtls11 2 23 43 1 4 11 */
+745, /* OBJ_wap_wsg_idm_ecid_wtls12 2 23 43 1 4 12 */
+804, /* OBJ_whirlpool 1 0 10118 3 0 55 */
+124, /* OBJ_rle_compression 1 1 1 1 666 1 */
+773, /* OBJ_kisa 1 2 410 200004 */
+807, /* OBJ_id_GostR3411_94_with_GostR3410_2001 1 2 643 2 2 3 */
+808, /* OBJ_id_GostR3411_94_with_GostR3410_94 1 2 643 2 2 4 */
+809, /* OBJ_id_GostR3411_94 1 2 643 2 2 9 */
+810, /* OBJ_id_HMACGostR3411_94 1 2 643 2 2 10 */
+811, /* OBJ_id_GostR3410_2001 1 2 643 2 2 19 */
+812, /* OBJ_id_GostR3410_94 1 2 643 2 2 20 */
+813, /* OBJ_id_Gost28147_89 1 2 643 2 2 21 */
+815, /* OBJ_id_Gost28147_89_MAC 1 2 643 2 2 22 */
+816, /* OBJ_id_GostR3411_94_prf 1 2 643 2 2 23 */
+817, /* OBJ_id_GostR3410_2001DH 1 2 643 2 2 98 */
+818, /* OBJ_id_GostR3410_94DH 1 2 643 2 2 99 */
+ 1, /* OBJ_rsadsi 1 2 840 113549 */
+185, /* OBJ_X9cm 1 2 840 10040 4 */
+127, /* OBJ_id_pkix 1 3 6 1 5 5 7 */
+505, /* OBJ_mime_mhs_headings 1 3 6 1 7 1 1 */
+506, /* OBJ_mime_mhs_bodies 1 3 6 1 7 1 2 */
+119, /* OBJ_ripemd160WithRSA 1 3 36 3 3 1 2 */
+631, /* OBJ_setAttr_GenCryptgrm 2 23 42 3 3 3 1 */
+632, /* OBJ_setAttr_T2Enc 2 23 42 3 3 4 1 */
+633, /* OBJ_setAttr_T2cleartxt 2 23 42 3 3 4 2 */
+634, /* OBJ_setAttr_TokICCsig 2 23 42 3 3 5 1 */
+635, /* OBJ_setAttr_SecDevSig 2 23 42 3 3 5 2 */
+436, /* OBJ_ucl 0 9 2342 19200300 */
+820, /* OBJ_id_Gost28147_89_None_KeyMeshing 1 2 643 2 2 14 0 */
+819, /* OBJ_id_Gost28147_89_CryptoPro_KeyMeshing 1 2 643 2 2 14 1 */
+845, /* OBJ_id_GostR3410_94_a 1 2 643 2 2 20 1 */
+846, /* OBJ_id_GostR3410_94_aBis 1 2 643 2 2 20 2 */
+847, /* OBJ_id_GostR3410_94_b 1 2 643 2 2 20 3 */
+848, /* OBJ_id_GostR3410_94_bBis 1 2 643 2 2 20 4 */
+821, /* OBJ_id_GostR3411_94_TestParamSet 1 2 643 2 2 30 0 */
+822, /* OBJ_id_GostR3411_94_CryptoProParamSet 1 2 643 2 2 30 1 */
+823, /* OBJ_id_Gost28147_89_TestParamSet 1 2 643 2 2 31 0 */
+824, /* OBJ_id_Gost28147_89_CryptoPro_A_ParamSet 1 2 643 2 2 31 1 */
+825, /* OBJ_id_Gost28147_89_CryptoPro_B_ParamSet 1 2 643 2 2 31 2 */
+826, /* OBJ_id_Gost28147_89_CryptoPro_C_ParamSet 1 2 643 2 2 31 3 */
+827, /* OBJ_id_Gost28147_89_CryptoPro_D_ParamSet 1 2 643 2 2 31 4 */
+828, /* OBJ_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet 1 2 643 2 2 31 5 */
+829, /* OBJ_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet 1 2 643 2 2 31 6 */
+830, /* OBJ_id_Gost28147_89_CryptoPro_RIC_1_ParamSet 1 2 643 2 2 31 7 */
+831, /* OBJ_id_GostR3410_94_TestParamSet 1 2 643 2 2 32 0 */
+832, /* OBJ_id_GostR3410_94_CryptoPro_A_ParamSet 1 2 643 2 2 32 2 */
+833, /* OBJ_id_GostR3410_94_CryptoPro_B_ParamSet 1 2 643 2 2 32 3 */
+834, /* OBJ_id_GostR3410_94_CryptoPro_C_ParamSet 1 2 643 2 2 32 4 */
+835, /* OBJ_id_GostR3410_94_CryptoPro_D_ParamSet 1 2 643 2 2 32 5 */
+836, /* OBJ_id_GostR3410_94_CryptoPro_XchA_ParamSet 1 2 643 2 2 33 1 */
+837, /* OBJ_id_GostR3410_94_CryptoPro_XchB_ParamSet 1 2 643 2 2 33 2 */
+838, /* OBJ_id_GostR3410_94_CryptoPro_XchC_ParamSet 1 2 643 2 2 33 3 */
+839, /* OBJ_id_GostR3410_2001_TestParamSet 1 2 643 2 2 35 0 */
+840, /* OBJ_id_GostR3410_2001_CryptoPro_A_ParamSet 1 2 643 2 2 35 1 */
+841, /* OBJ_id_GostR3410_2001_CryptoPro_B_ParamSet 1 2 643 2 2 35 2 */
+842, /* OBJ_id_GostR3410_2001_CryptoPro_C_ParamSet 1 2 643 2 2 35 3 */
+843, /* OBJ_id_GostR3410_2001_CryptoPro_XchA_ParamSet 1 2 643 2 2 36 0 */
+844, /* OBJ_id_GostR3410_2001_CryptoPro_XchB_ParamSet 1 2 643 2 2 36 1 */
+ 2, /* OBJ_pkcs 1 2 840 113549 1 */
+431, /* OBJ_hold_instruction_none 1 2 840 10040 2 1 */
+432, /* OBJ_hold_instruction_call_issuer 1 2 840 10040 2 2 */
+433, /* OBJ_hold_instruction_reject 1 2 840 10040 2 3 */
+116, /* OBJ_dsa 1 2 840 10040 4 1 */
+113, /* OBJ_dsaWithSHA1 1 2 840 10040 4 3 */
+406, /* OBJ_X9_62_prime_field 1 2 840 10045 1 1 */
+407, /* OBJ_X9_62_characteristic_two_field 1 2 840 10045 1 2 */
+408, /* OBJ_X9_62_id_ecPublicKey 1 2 840 10045 2 1 */
+416, /* OBJ_ecdsa_with_SHA1 1 2 840 10045 4 1 */
+791, /* OBJ_ecdsa_with_Recommended 1 2 840 10045 4 2 */
+792, /* OBJ_ecdsa_with_Specified 1 2 840 10045 4 3 */
+258, /* OBJ_id_pkix_mod 1 3 6 1 5 5 7 0 */
+175, /* OBJ_id_pe 1 3 6 1 5 5 7 1 */
+259, /* OBJ_id_qt 1 3 6 1 5 5 7 2 */
+128, /* OBJ_id_kp 1 3 6 1 5 5 7 3 */
+260, /* OBJ_id_it 1 3 6 1 5 5 7 4 */
+261, /* OBJ_id_pkip 1 3 6 1 5 5 7 5 */
+262, /* OBJ_id_alg 1 3 6 1 5 5 7 6 */
+263, /* OBJ_id_cmc 1 3 6 1 5 5 7 7 */
+264, /* OBJ_id_on 1 3 6 1 5 5 7 8 */
+265, /* OBJ_id_pda 1 3 6 1 5 5 7 9 */
+266, /* OBJ_id_aca 1 3 6 1 5 5 7 10 */
+267, /* OBJ_id_qcs 1 3 6 1 5 5 7 11 */
+268, /* OBJ_id_cct 1 3 6 1 5 5 7 12 */
+662, /* OBJ_id_ppl 1 3 6 1 5 5 7 21 */
+176, /* OBJ_id_ad 1 3 6 1 5 5 7 48 */
+507, /* OBJ_id_hex_partial_message 1 3 6 1 7 1 1 1 */
+508, /* OBJ_id_hex_multipart_message 1 3 6 1 7 1 1 2 */
+57, /* OBJ_netscape 2 16 840 1 113730 */
+754, /* OBJ_camellia_128_ecb 0 3 4401 5 3 1 9 1 */
+766, /* OBJ_camellia_128_ofb128 0 3 4401 5 3 1 9 3 */
+757, /* OBJ_camellia_128_cfb128 0 3 4401 5 3 1 9 4 */
+755, /* OBJ_camellia_192_ecb 0 3 4401 5 3 1 9 21 */
+767, /* OBJ_camellia_192_ofb128 0 3 4401 5 3 1 9 23 */
+758, /* OBJ_camellia_192_cfb128 0 3 4401 5 3 1 9 24 */
+756, /* OBJ_camellia_256_ecb 0 3 4401 5 3 1 9 41 */
+768, /* OBJ_camellia_256_ofb128 0 3 4401 5 3 1 9 43 */
+759, /* OBJ_camellia_256_cfb128 0 3 4401 5 3 1 9 44 */
+437, /* OBJ_pilot 0 9 2342 19200300 100 */
+776, /* OBJ_seed_ecb 1 2 410 200004 1 3 */
+777, /* OBJ_seed_cbc 1 2 410 200004 1 4 */
+779, /* OBJ_seed_cfb128 1 2 410 200004 1 5 */
+778, /* OBJ_seed_ofb128 1 2 410 200004 1 6 */
+852, /* OBJ_id_GostR3411_94_with_GostR3410_94_cc 1 2 643 2 9 1 3 3 */
+853, /* OBJ_id_GostR3411_94_with_GostR3410_2001_cc 1 2 643 2 9 1 3 4 */
+850, /* OBJ_id_GostR3410_94_cc 1 2 643 2 9 1 5 3 */
+851, /* OBJ_id_GostR3410_2001_cc 1 2 643 2 9 1 5 4 */
+849, /* OBJ_id_Gost28147_89_cc 1 2 643 2 9 1 6 1 */
+854, /* OBJ_id_GostR3410_2001_ParamSet_cc 1 2 643 2 9 1 8 1 */
+186, /* OBJ_pkcs1 1 2 840 113549 1 1 */
+27, /* OBJ_pkcs3 1 2 840 113549 1 3 */
+187, /* OBJ_pkcs5 1 2 840 113549 1 5 */
+20, /* OBJ_pkcs7 1 2 840 113549 1 7 */
+47, /* OBJ_pkcs9 1 2 840 113549 1 9 */
+ 3, /* OBJ_md2 1 2 840 113549 2 2 */
+257, /* OBJ_md4 1 2 840 113549 2 4 */
+ 4, /* OBJ_md5 1 2 840 113549 2 5 */
+797, /* OBJ_hmacWithMD5 1 2 840 113549 2 6 */
+163, /* OBJ_hmacWithSHA1 1 2 840 113549 2 7 */
+798, /* OBJ_hmacWithSHA224 1 2 840 113549 2 8 */
+799, /* OBJ_hmacWithSHA256 1 2 840 113549 2 9 */
+800, /* OBJ_hmacWithSHA384 1 2 840 113549 2 10 */
+801, /* OBJ_hmacWithSHA512 1 2 840 113549 2 11 */
+37, /* OBJ_rc2_cbc 1 2 840 113549 3 2 */
+ 5, /* OBJ_rc4 1 2 840 113549 3 4 */
+44, /* OBJ_des_ede3_cbc 1 2 840 113549 3 7 */
+120, /* OBJ_rc5_cbc 1 2 840 113549 3 8 */
+643, /* OBJ_des_cdmf 1 2 840 113549 3 10 */
+680, /* OBJ_X9_62_id_characteristic_two_basis 1 2 840 10045 1 2 3 */
+684, /* OBJ_X9_62_c2pnb163v1 1 2 840 10045 3 0 1 */
+685, /* OBJ_X9_62_c2pnb163v2 1 2 840 10045 3 0 2 */
+686, /* OBJ_X9_62_c2pnb163v3 1 2 840 10045 3 0 3 */
+687, /* OBJ_X9_62_c2pnb176v1 1 2 840 10045 3 0 4 */
+688, /* OBJ_X9_62_c2tnb191v1 1 2 840 10045 3 0 5 */
+689, /* OBJ_X9_62_c2tnb191v2 1 2 840 10045 3 0 6 */
+690, /* OBJ_X9_62_c2tnb191v3 1 2 840 10045 3 0 7 */
+691, /* OBJ_X9_62_c2onb191v4 1 2 840 10045 3 0 8 */
+692, /* OBJ_X9_62_c2onb191v5 1 2 840 10045 3 0 9 */
+693, /* OBJ_X9_62_c2pnb208w1 1 2 840 10045 3 0 10 */
+694, /* OBJ_X9_62_c2tnb239v1 1 2 840 10045 3 0 11 */
+695, /* OBJ_X9_62_c2tnb239v2 1 2 840 10045 3 0 12 */
+696, /* OBJ_X9_62_c2tnb239v3 1 2 840 10045 3 0 13 */
+697, /* OBJ_X9_62_c2onb239v4 1 2 840 10045 3 0 14 */
+698, /* OBJ_X9_62_c2onb239v5 1 2 840 10045 3 0 15 */
+699, /* OBJ_X9_62_c2pnb272w1 1 2 840 10045 3 0 16 */
+700, /* OBJ_X9_62_c2pnb304w1 1 2 840 10045 3 0 17 */
+701, /* OBJ_X9_62_c2tnb359v1 1 2 840 10045 3 0 18 */
+702, /* OBJ_X9_62_c2pnb368w1 1 2 840 10045 3 0 19 */
+703, /* OBJ_X9_62_c2tnb431r1 1 2 840 10045 3 0 20 */
+409, /* OBJ_X9_62_prime192v1 1 2 840 10045 3 1 1 */
+410, /* OBJ_X9_62_prime192v2 1 2 840 10045 3 1 2 */
+411, /* OBJ_X9_62_prime192v3 1 2 840 10045 3 1 3 */
+412, /* OBJ_X9_62_prime239v1 1 2 840 10045 3 1 4 */
+413, /* OBJ_X9_62_prime239v2 1 2 840 10045 3 1 5 */
+414, /* OBJ_X9_62_prime239v3 1 2 840 10045 3 1 6 */
+415, /* OBJ_X9_62_prime256v1 1 2 840 10045 3 1 7 */
+793, /* OBJ_ecdsa_with_SHA224 1 2 840 10045 4 3 1 */
+794, /* OBJ_ecdsa_with_SHA256 1 2 840 10045 4 3 2 */
+795, /* OBJ_ecdsa_with_SHA384 1 2 840 10045 4 3 3 */
+796, /* OBJ_ecdsa_with_SHA512 1 2 840 10045 4 3 4 */
+269, /* OBJ_id_pkix1_explicit_88 1 3 6 1 5 5 7 0 1 */
+270, /* OBJ_id_pkix1_implicit_88 1 3 6 1 5 5 7 0 2 */
+271, /* OBJ_id_pkix1_explicit_93 1 3 6 1 5 5 7 0 3 */
+272, /* OBJ_id_pkix1_implicit_93 1 3 6 1 5 5 7 0 4 */
+273, /* OBJ_id_mod_crmf 1 3 6 1 5 5 7 0 5 */
+274, /* OBJ_id_mod_cmc 1 3 6 1 5 5 7 0 6 */
+275, /* OBJ_id_mod_kea_profile_88 1 3 6 1 5 5 7 0 7 */
+276, /* OBJ_id_mod_kea_profile_93 1 3 6 1 5 5 7 0 8 */
+277, /* OBJ_id_mod_cmp 1 3 6 1 5 5 7 0 9 */
+278, /* OBJ_id_mod_qualified_cert_88 1 3 6 1 5 5 7 0 10 */
+279, /* OBJ_id_mod_qualified_cert_93 1 3 6 1 5 5 7 0 11 */
+280, /* OBJ_id_mod_attribute_cert 1 3 6 1 5 5 7 0 12 */
+281, /* OBJ_id_mod_timestamp_protocol 1 3 6 1 5 5 7 0 13 */
+282, /* OBJ_id_mod_ocsp 1 3 6 1 5 5 7 0 14 */
+283, /* OBJ_id_mod_dvcs 1 3 6 1 5 5 7 0 15 */
+284, /* OBJ_id_mod_cmp2000 1 3 6 1 5 5 7 0 16 */
+177, /* OBJ_info_access 1 3 6 1 5 5 7 1 1 */
+285, /* OBJ_biometricInfo 1 3 6 1 5 5 7 1 2 */
+286, /* OBJ_qcStatements 1 3 6 1 5 5 7 1 3 */
+287, /* OBJ_ac_auditEntity 1 3 6 1 5 5 7 1 4 */
+288, /* OBJ_ac_targeting 1 3 6 1 5 5 7 1 5 */
+289, /* OBJ_aaControls 1 3 6 1 5 5 7 1 6 */
+290, /* OBJ_sbgp_ipAddrBlock 1 3 6 1 5 5 7 1 7 */
+291, /* OBJ_sbgp_autonomousSysNum 1 3 6 1 5 5 7 1 8 */
+292, /* OBJ_sbgp_routerIdentifier 1 3 6 1 5 5 7 1 9 */
+397, /* OBJ_ac_proxying 1 3 6 1 5 5 7 1 10 */
+398, /* OBJ_sinfo_access 1 3 6 1 5 5 7 1 11 */
+663, /* OBJ_proxyCertInfo 1 3 6 1 5 5 7 1 14 */
+164, /* OBJ_id_qt_cps 1 3 6 1 5 5 7 2 1 */
+165, /* OBJ_id_qt_unotice 1 3 6 1 5 5 7 2 2 */
+293, /* OBJ_textNotice 1 3 6 1 5 5 7 2 3 */
+129, /* OBJ_server_auth 1 3 6 1 5 5 7 3 1 */
+130, /* OBJ_client_auth 1 3 6 1 5 5 7 3 2 */
+131, /* OBJ_code_sign 1 3 6 1 5 5 7 3 3 */
+132, /* OBJ_email_protect 1 3 6 1 5 5 7 3 4 */
+294, /* OBJ_ipsecEndSystem 1 3 6 1 5 5 7 3 5 */
+295, /* OBJ_ipsecTunnel 1 3 6 1 5 5 7 3 6 */
+296, /* OBJ_ipsecUser 1 3 6 1 5 5 7 3 7 */
+133, /* OBJ_time_stamp 1 3 6 1 5 5 7 3 8 */
+180, /* OBJ_OCSP_sign 1 3 6 1 5 5 7 3 9 */
+297, /* OBJ_dvcs 1 3 6 1 5 5 7 3 10 */
+298, /* OBJ_id_it_caProtEncCert 1 3 6 1 5 5 7 4 1 */
+299, /* OBJ_id_it_signKeyPairTypes 1 3 6 1 5 5 7 4 2 */
+300, /* OBJ_id_it_encKeyPairTypes 1 3 6 1 5 5 7 4 3 */
+301, /* OBJ_id_it_preferredSymmAlg 1 3 6 1 5 5 7 4 4 */
+302, /* OBJ_id_it_caKeyUpdateInfo 1 3 6 1 5 5 7 4 5 */
+303, /* OBJ_id_it_currentCRL 1 3 6 1 5 5 7 4 6 */
+304, /* OBJ_id_it_unsupportedOIDs 1 3 6 1 5 5 7 4 7 */
+305, /* OBJ_id_it_subscriptionRequest 1 3 6 1 5 5 7 4 8 */
+306, /* OBJ_id_it_subscriptionResponse 1 3 6 1 5 5 7 4 9 */
+307, /* OBJ_id_it_keyPairParamReq 1 3 6 1 5 5 7 4 10 */
+308, /* OBJ_id_it_keyPairParamRep 1 3 6 1 5 5 7 4 11 */
+309, /* OBJ_id_it_revPassphrase 1 3 6 1 5 5 7 4 12 */
+310, /* OBJ_id_it_implicitConfirm 1 3 6 1 5 5 7 4 13 */
+311, /* OBJ_id_it_confirmWaitTime 1 3 6 1 5 5 7 4 14 */
+312, /* OBJ_id_it_origPKIMessage 1 3 6 1 5 5 7 4 15 */
+784, /* OBJ_id_it_suppLangTags 1 3 6 1 5 5 7 4 16 */
+313, /* OBJ_id_regCtrl 1 3 6 1 5 5 7 5 1 */
+314, /* OBJ_id_regInfo 1 3 6 1 5 5 7 5 2 */
+323, /* OBJ_id_alg_des40 1 3 6 1 5 5 7 6 1 */
+324, /* OBJ_id_alg_noSignature 1 3 6 1 5 5 7 6 2 */
+325, /* OBJ_id_alg_dh_sig_hmac_sha1 1 3 6 1 5 5 7 6 3 */
+326, /* OBJ_id_alg_dh_pop 1 3 6 1 5 5 7 6 4 */
+327, /* OBJ_id_cmc_statusInfo 1 3 6 1 5 5 7 7 1 */
+328, /* OBJ_id_cmc_identification 1 3 6 1 5 5 7 7 2 */
+329, /* OBJ_id_cmc_identityProof 1 3 6 1 5 5 7 7 3 */
+330, /* OBJ_id_cmc_dataReturn 1 3 6 1 5 5 7 7 4 */
+331, /* OBJ_id_cmc_transactionId 1 3 6 1 5 5 7 7 5 */
+332, /* OBJ_id_cmc_senderNonce 1 3 6 1 5 5 7 7 6 */
+333, /* OBJ_id_cmc_recipientNonce 1 3 6 1 5 5 7 7 7 */
+334, /* OBJ_id_cmc_addExtensions 1 3 6 1 5 5 7 7 8 */
+335, /* OBJ_id_cmc_encryptedPOP 1 3 6 1 5 5 7 7 9 */
+336, /* OBJ_id_cmc_decryptedPOP 1 3 6 1 5 5 7 7 10 */
+337, /* OBJ_id_cmc_lraPOPWitness 1 3 6 1 5 5 7 7 11 */
+338, /* OBJ_id_cmc_getCert 1 3 6 1 5 5 7 7 15 */
+339, /* OBJ_id_cmc_getCRL 1 3 6 1 5 5 7 7 16 */
+340, /* OBJ_id_cmc_revokeRequest 1 3 6 1 5 5 7 7 17 */
+341, /* OBJ_id_cmc_regInfo 1 3 6 1 5 5 7 7 18 */
+342, /* OBJ_id_cmc_responseInfo 1 3 6 1 5 5 7 7 19 */
+343, /* OBJ_id_cmc_queryPending 1 3 6 1 5 5 7 7 21 */
+344, /* OBJ_id_cmc_popLinkRandom 1 3 6 1 5 5 7 7 22 */
+345, /* OBJ_id_cmc_popLinkWitness 1 3 6 1 5 5 7 7 23 */
+346, /* OBJ_id_cmc_confirmCertAcceptance 1 3 6 1 5 5 7 7 24 */
+347, /* OBJ_id_on_personalData 1 3 6 1 5 5 7 8 1 */
+858, /* OBJ_id_on_permanentIdentifier 1 3 6 1 5 5 7 8 3 */
+348, /* OBJ_id_pda_dateOfBirth 1 3 6 1 5 5 7 9 1 */
+349, /* OBJ_id_pda_placeOfBirth 1 3 6 1 5 5 7 9 2 */
+351, /* OBJ_id_pda_gender 1 3 6 1 5 5 7 9 3 */
+352, /* OBJ_id_pda_countryOfCitizenship 1 3 6 1 5 5 7 9 4 */
+353, /* OBJ_id_pda_countryOfResidence 1 3 6 1 5 5 7 9 5 */
+354, /* OBJ_id_aca_authenticationInfo 1 3 6 1 5 5 7 10 1 */
+355, /* OBJ_id_aca_accessIdentity 1 3 6 1 5 5 7 10 2 */
+356, /* OBJ_id_aca_chargingIdentity 1 3 6 1 5 5 7 10 3 */
+357, /* OBJ_id_aca_group 1 3 6 1 5 5 7 10 4 */
+358, /* OBJ_id_aca_role 1 3 6 1 5 5 7 10 5 */
+399, /* OBJ_id_aca_encAttrs 1 3 6 1 5 5 7 10 6 */
+359, /* OBJ_id_qcs_pkixQCSyntax_v1 1 3 6 1 5 5 7 11 1 */
+360, /* OBJ_id_cct_crs 1 3 6 1 5 5 7 12 1 */
+361, /* OBJ_id_cct_PKIData 1 3 6 1 5 5 7 12 2 */
+362, /* OBJ_id_cct_PKIResponse 1 3 6 1 5 5 7 12 3 */
+664, /* OBJ_id_ppl_anyLanguage 1 3 6 1 5 5 7 21 0 */
+665, /* OBJ_id_ppl_inheritAll 1 3 6 1 5 5 7 21 1 */
+667, /* OBJ_Independent 1 3 6 1 5 5 7 21 2 */
+178, /* OBJ_ad_OCSP 1 3 6 1 5 5 7 48 1 */
+179, /* OBJ_ad_ca_issuers 1 3 6 1 5 5 7 48 2 */
+363, /* OBJ_ad_timeStamping 1 3 6 1 5 5 7 48 3 */
+364, /* OBJ_ad_dvcs 1 3 6 1 5 5 7 48 4 */
+785, /* OBJ_caRepository 1 3 6 1 5 5 7 48 5 */
+780, /* OBJ_hmac_md5 1 3 6 1 5 5 8 1 1 */
+781, /* OBJ_hmac_sha1 1 3 6 1 5 5 8 1 2 */
+58, /* OBJ_netscape_cert_extension 2 16 840 1 113730 1 */
+59, /* OBJ_netscape_data_type 2 16 840 1 113730 2 */
+438, /* OBJ_pilotAttributeType 0 9 2342 19200300 100 1 */
+439, /* OBJ_pilotAttributeSyntax 0 9 2342 19200300 100 3 */
+440, /* OBJ_pilotObjectClass 0 9 2342 19200300 100 4 */
+441, /* OBJ_pilotGroups 0 9 2342 19200300 100 10 */
+108, /* OBJ_cast5_cbc 1 2 840 113533 7 66 10 */
+112, /* OBJ_pbeWithMD5AndCast5_CBC 1 2 840 113533 7 66 12 */
+782, /* OBJ_id_PasswordBasedMAC 1 2 840 113533 7 66 13 */
+783, /* OBJ_id_DHBasedMac 1 2 840 113533 7 66 30 */
+ 6, /* OBJ_rsaEncryption 1 2 840 113549 1 1 1 */
+ 7, /* OBJ_md2WithRSAEncryption 1 2 840 113549 1 1 2 */
+396, /* OBJ_md4WithRSAEncryption 1 2 840 113549 1 1 3 */
+ 8, /* OBJ_md5WithRSAEncryption 1 2 840 113549 1 1 4 */
+65, /* OBJ_sha1WithRSAEncryption 1 2 840 113549 1 1 5 */
+644, /* OBJ_rsaOAEPEncryptionSET 1 2 840 113549 1 1 6 */
+919, /* OBJ_rsaesOaep 1 2 840 113549 1 1 7 */
+911, /* OBJ_mgf1 1 2 840 113549 1 1 8 */
+912, /* OBJ_rsassaPss 1 2 840 113549 1 1 10 */
+668, /* OBJ_sha256WithRSAEncryption 1 2 840 113549 1 1 11 */
+669, /* OBJ_sha384WithRSAEncryption 1 2 840 113549 1 1 12 */
+670, /* OBJ_sha512WithRSAEncryption 1 2 840 113549 1 1 13 */
+671, /* OBJ_sha224WithRSAEncryption 1 2 840 113549 1 1 14 */
+28, /* OBJ_dhKeyAgreement 1 2 840 113549 1 3 1 */
+ 9, /* OBJ_pbeWithMD2AndDES_CBC 1 2 840 113549 1 5 1 */
+10, /* OBJ_pbeWithMD5AndDES_CBC 1 2 840 113549 1 5 3 */
+168, /* OBJ_pbeWithMD2AndRC2_CBC 1 2 840 113549 1 5 4 */
+169, /* OBJ_pbeWithMD5AndRC2_CBC 1 2 840 113549 1 5 6 */
+170, /* OBJ_pbeWithSHA1AndDES_CBC 1 2 840 113549 1 5 10 */
+68, /* OBJ_pbeWithSHA1AndRC2_CBC 1 2 840 113549 1 5 11 */
+69, /* OBJ_id_pbkdf2 1 2 840 113549 1 5 12 */
+161, /* OBJ_pbes2 1 2 840 113549 1 5 13 */
+162, /* OBJ_pbmac1 1 2 840 113549 1 5 14 */
+21, /* OBJ_pkcs7_data 1 2 840 113549 1 7 1 */
+22, /* OBJ_pkcs7_signed 1 2 840 113549 1 7 2 */
+23, /* OBJ_pkcs7_enveloped 1 2 840 113549 1 7 3 */
+24, /* OBJ_pkcs7_signedAndEnveloped 1 2 840 113549 1 7 4 */
+25, /* OBJ_pkcs7_digest 1 2 840 113549 1 7 5 */
+26, /* OBJ_pkcs7_encrypted 1 2 840 113549 1 7 6 */
+48, /* OBJ_pkcs9_emailAddress 1 2 840 113549 1 9 1 */
+49, /* OBJ_pkcs9_unstructuredName 1 2 840 113549 1 9 2 */
+50, /* OBJ_pkcs9_contentType 1 2 840 113549 1 9 3 */
+51, /* OBJ_pkcs9_messageDigest 1 2 840 113549 1 9 4 */
+52, /* OBJ_pkcs9_signingTime 1 2 840 113549 1 9 5 */
+53, /* OBJ_pkcs9_countersignature 1 2 840 113549 1 9 6 */
+54, /* OBJ_pkcs9_challengePassword 1 2 840 113549 1 9 7 */
+55, /* OBJ_pkcs9_unstructuredAddress 1 2 840 113549 1 9 8 */
+56, /* OBJ_pkcs9_extCertAttributes 1 2 840 113549 1 9 9 */
+172, /* OBJ_ext_req 1 2 840 113549 1 9 14 */
+167, /* OBJ_SMIMECapabilities 1 2 840 113549 1 9 15 */
+188, /* OBJ_SMIME 1 2 840 113549 1 9 16 */
+156, /* OBJ_friendlyName 1 2 840 113549 1 9 20 */
+157, /* OBJ_localKeyID 1 2 840 113549 1 9 21 */
+681, /* OBJ_X9_62_onBasis 1 2 840 10045 1 2 3 1 */
+682, /* OBJ_X9_62_tpBasis 1 2 840 10045 1 2 3 2 */
+683, /* OBJ_X9_62_ppBasis 1 2 840 10045 1 2 3 3 */
+417, /* OBJ_ms_csp_name 1 3 6 1 4 1 311 17 1 */
+856, /* OBJ_LocalKeySet 1 3 6 1 4 1 311 17 2 */
+390, /* OBJ_dcObject 1 3 6 1 4 1 1466 344 */
+91, /* OBJ_bf_cbc 1 3 6 1 4 1 3029 1 2 */
+315, /* OBJ_id_regCtrl_regToken 1 3 6 1 5 5 7 5 1 1 */
+316, /* OBJ_id_regCtrl_authenticator 1 3 6 1 5 5 7 5 1 2 */
+317, /* OBJ_id_regCtrl_pkiPublicationInfo 1 3 6 1 5 5 7 5 1 3 */
+318, /* OBJ_id_regCtrl_pkiArchiveOptions 1 3 6 1 5 5 7 5 1 4 */
+319, /* OBJ_id_regCtrl_oldCertID 1 3 6 1 5 5 7 5 1 5 */
+320, /* OBJ_id_regCtrl_protocolEncrKey 1 3 6 1 5 5 7 5 1 6 */
+321, /* OBJ_id_regInfo_utf8Pairs 1 3 6 1 5 5 7 5 2 1 */
+322, /* OBJ_id_regInfo_certReq 1 3 6 1 5 5 7 5 2 2 */
+365, /* OBJ_id_pkix_OCSP_basic 1 3 6 1 5 5 7 48 1 1 */
+366, /* OBJ_id_pkix_OCSP_Nonce 1 3 6 1 5 5 7 48 1 2 */
+367, /* OBJ_id_pkix_OCSP_CrlID 1 3 6 1 5 5 7 48 1 3 */
+368, /* OBJ_id_pkix_OCSP_acceptableResponses 1 3 6 1 5 5 7 48 1 4 */
+369, /* OBJ_id_pkix_OCSP_noCheck 1 3 6 1 5 5 7 48 1 5 */
+370, /* OBJ_id_pkix_OCSP_archiveCutoff 1 3 6 1 5 5 7 48 1 6 */
+371, /* OBJ_id_pkix_OCSP_serviceLocator 1 3 6 1 5 5 7 48 1 7 */
+372, /* OBJ_id_pkix_OCSP_extendedStatus 1 3 6 1 5 5 7 48 1 8 */
+373, /* OBJ_id_pkix_OCSP_valid 1 3 6 1 5 5 7 48 1 9 */
+374, /* OBJ_id_pkix_OCSP_path 1 3 6 1 5 5 7 48 1 10 */
+375, /* OBJ_id_pkix_OCSP_trustRoot 1 3 6 1 5 5 7 48 1 11 */
+418, /* OBJ_aes_128_ecb 2 16 840 1 101 3 4 1 1 */
+419, /* OBJ_aes_128_cbc 2 16 840 1 101 3 4 1 2 */
+420, /* OBJ_aes_128_ofb128 2 16 840 1 101 3 4 1 3 */
+421, /* OBJ_aes_128_cfb128 2 16 840 1 101 3 4 1 4 */
+788, /* OBJ_id_aes128_wrap 2 16 840 1 101 3 4 1 5 */
+895, /* OBJ_aes_128_gcm 2 16 840 1 101 3 4 1 6 */
+896, /* OBJ_aes_128_ccm 2 16 840 1 101 3 4 1 7 */
+897, /* OBJ_id_aes128_wrap_pad 2 16 840 1 101 3 4 1 8 */
+422, /* OBJ_aes_192_ecb 2 16 840 1 101 3 4 1 21 */
+423, /* OBJ_aes_192_cbc 2 16 840 1 101 3 4 1 22 */
+424, /* OBJ_aes_192_ofb128 2 16 840 1 101 3 4 1 23 */
+425, /* OBJ_aes_192_cfb128 2 16 840 1 101 3 4 1 24 */
+789, /* OBJ_id_aes192_wrap 2 16 840 1 101 3 4 1 25 */
+898, /* OBJ_aes_192_gcm 2 16 840 1 101 3 4 1 26 */
+899, /* OBJ_aes_192_ccm 2 16 840 1 101 3 4 1 27 */
+900, /* OBJ_id_aes192_wrap_pad 2 16 840 1 101 3 4 1 28 */
+426, /* OBJ_aes_256_ecb 2 16 840 1 101 3 4 1 41 */
+427, /* OBJ_aes_256_cbc 2 16 840 1 101 3 4 1 42 */
+428, /* OBJ_aes_256_ofb128 2 16 840 1 101 3 4 1 43 */
+429, /* OBJ_aes_256_cfb128 2 16 840 1 101 3 4 1 44 */
+790, /* OBJ_id_aes256_wrap 2 16 840 1 101 3 4 1 45 */
+901, /* OBJ_aes_256_gcm 2 16 840 1 101 3 4 1 46 */
+902, /* OBJ_aes_256_ccm 2 16 840 1 101 3 4 1 47 */
+903, /* OBJ_id_aes256_wrap_pad 2 16 840 1 101 3 4 1 48 */
+672, /* OBJ_sha256 2 16 840 1 101 3 4 2 1 */
+673, /* OBJ_sha384 2 16 840 1 101 3 4 2 2 */
+674, /* OBJ_sha512 2 16 840 1 101 3 4 2 3 */
+675, /* OBJ_sha224 2 16 840 1 101 3 4 2 4 */
+802, /* OBJ_dsa_with_SHA224 2 16 840 1 101 3 4 3 1 */
+803, /* OBJ_dsa_with_SHA256 2 16 840 1 101 3 4 3 2 */
+71, /* OBJ_netscape_cert_type 2 16 840 1 113730 1 1 */
+72, /* OBJ_netscape_base_url 2 16 840 1 113730 1 2 */
+73, /* OBJ_netscape_revocation_url 2 16 840 1 113730 1 3 */
+74, /* OBJ_netscape_ca_revocation_url 2 16 840 1 113730 1 4 */
+75, /* OBJ_netscape_renewal_url 2 16 840 1 113730 1 7 */
+76, /* OBJ_netscape_ca_policy_url 2 16 840 1 113730 1 8 */
+77, /* OBJ_netscape_ssl_server_name 2 16 840 1 113730 1 12 */
+78, /* OBJ_netscape_comment 2 16 840 1 113730 1 13 */
+79, /* OBJ_netscape_cert_sequence 2 16 840 1 113730 2 5 */
+139, /* OBJ_ns_sgc 2 16 840 1 113730 4 1 */
+458, /* OBJ_userId 0 9 2342 19200300 100 1 1 */
+459, /* OBJ_textEncodedORAddress 0 9 2342 19200300 100 1 2 */
+460, /* OBJ_rfc822Mailbox 0 9 2342 19200300 100 1 3 */
+461, /* OBJ_info 0 9 2342 19200300 100 1 4 */
+462, /* OBJ_favouriteDrink 0 9 2342 19200300 100 1 5 */
+463, /* OBJ_roomNumber 0 9 2342 19200300 100 1 6 */
+464, /* OBJ_photo 0 9 2342 19200300 100 1 7 */
+465, /* OBJ_userClass 0 9 2342 19200300 100 1 8 */
+466, /* OBJ_host 0 9 2342 19200300 100 1 9 */
+467, /* OBJ_manager 0 9 2342 19200300 100 1 10 */
+468, /* OBJ_documentIdentifier 0 9 2342 19200300 100 1 11 */
+469, /* OBJ_documentTitle 0 9 2342 19200300 100 1 12 */
+470, /* OBJ_documentVersion 0 9 2342 19200300 100 1 13 */
+471, /* OBJ_documentAuthor 0 9 2342 19200300 100 1 14 */
+472, /* OBJ_documentLocation 0 9 2342 19200300 100 1 15 */
+473, /* OBJ_homeTelephoneNumber 0 9 2342 19200300 100 1 20 */
+474, /* OBJ_secretary 0 9 2342 19200300 100 1 21 */
+475, /* OBJ_otherMailbox 0 9 2342 19200300 100 1 22 */
+476, /* OBJ_lastModifiedTime 0 9 2342 19200300 100 1 23 */
+477, /* OBJ_lastModifiedBy 0 9 2342 19200300 100 1 24 */
+391, /* OBJ_domainComponent 0 9 2342 19200300 100 1 25 */
+478, /* OBJ_aRecord 0 9 2342 19200300 100 1 26 */
+479, /* OBJ_pilotAttributeType27 0 9 2342 19200300 100 1 27 */
+480, /* OBJ_mXRecord 0 9 2342 19200300 100 1 28 */
+481, /* OBJ_nSRecord 0 9 2342 19200300 100 1 29 */
+482, /* OBJ_sOARecord 0 9 2342 19200300 100 1 30 */
+483, /* OBJ_cNAMERecord 0 9 2342 19200300 100 1 31 */
+484, /* OBJ_associatedDomain 0 9 2342 19200300 100 1 37 */
+485, /* OBJ_associatedName 0 9 2342 19200300 100 1 38 */
+486, /* OBJ_homePostalAddress 0 9 2342 19200300 100 1 39 */
+487, /* OBJ_personalTitle 0 9 2342 19200300 100 1 40 */
+488, /* OBJ_mobileTelephoneNumber 0 9 2342 19200300 100 1 41 */
+489, /* OBJ_pagerTelephoneNumber 0 9 2342 19200300 100 1 42 */
+490, /* OBJ_friendlyCountryName 0 9 2342 19200300 100 1 43 */
+491, /* OBJ_organizationalStatus 0 9 2342 19200300 100 1 45 */
+492, /* OBJ_janetMailbox 0 9 2342 19200300 100 1 46 */
+493, /* OBJ_mailPreferenceOption 0 9 2342 19200300 100 1 47 */
+494, /* OBJ_buildingName 0 9 2342 19200300 100 1 48 */
+495, /* OBJ_dSAQuality 0 9 2342 19200300 100 1 49 */
+496, /* OBJ_singleLevelQuality 0 9 2342 19200300 100 1 50 */
+497, /* OBJ_subtreeMinimumQuality 0 9 2342 19200300 100 1 51 */
+498, /* OBJ_subtreeMaximumQuality 0 9 2342 19200300 100 1 52 */
+499, /* OBJ_personalSignature 0 9 2342 19200300 100 1 53 */
+500, /* OBJ_dITRedirect 0 9 2342 19200300 100 1 54 */
+501, /* OBJ_audio 0 9 2342 19200300 100 1 55 */
+502, /* OBJ_documentPublisher 0 9 2342 19200300 100 1 56 */
+442, /* OBJ_iA5StringSyntax 0 9 2342 19200300 100 3 4 */
+443, /* OBJ_caseIgnoreIA5StringSyntax 0 9 2342 19200300 100 3 5 */
+444, /* OBJ_pilotObject 0 9 2342 19200300 100 4 3 */
+445, /* OBJ_pilotPerson 0 9 2342 19200300 100 4 4 */
+446, /* OBJ_account 0 9 2342 19200300 100 4 5 */
+447, /* OBJ_document 0 9 2342 19200300 100 4 6 */
+448, /* OBJ_room 0 9 2342 19200300 100 4 7 */
+449, /* OBJ_documentSeries 0 9 2342 19200300 100 4 9 */
+392, /* OBJ_Domain 0 9 2342 19200300 100 4 13 */
+450, /* OBJ_rFC822localPart 0 9 2342 19200300 100 4 14 */
+451, /* OBJ_dNSDomain 0 9 2342 19200300 100 4 15 */
+452, /* OBJ_domainRelatedObject 0 9 2342 19200300 100 4 17 */
+453, /* OBJ_friendlyCountry 0 9 2342 19200300 100 4 18 */
+454, /* OBJ_simpleSecurityObject 0 9 2342 19200300 100 4 19 */
+455, /* OBJ_pilotOrganization 0 9 2342 19200300 100 4 20 */
+456, /* OBJ_pilotDSA 0 9 2342 19200300 100 4 21 */
+457, /* OBJ_qualityLabelledData 0 9 2342 19200300 100 4 22 */
+189, /* OBJ_id_smime_mod 1 2 840 113549 1 9 16 0 */
+190, /* OBJ_id_smime_ct 1 2 840 113549 1 9 16 1 */
+191, /* OBJ_id_smime_aa 1 2 840 113549 1 9 16 2 */
+192, /* OBJ_id_smime_alg 1 2 840 113549 1 9 16 3 */
+193, /* OBJ_id_smime_cd 1 2 840 113549 1 9 16 4 */
+194, /* OBJ_id_smime_spq 1 2 840 113549 1 9 16 5 */
+195, /* OBJ_id_smime_cti 1 2 840 113549 1 9 16 6 */
+158, /* OBJ_x509Certificate 1 2 840 113549 1 9 22 1 */
+159, /* OBJ_sdsiCertificate 1 2 840 113549 1 9 22 2 */
+160, /* OBJ_x509Crl 1 2 840 113549 1 9 23 1 */
+144, /* OBJ_pbe_WithSHA1And128BitRC4 1 2 840 113549 1 12 1 1 */
+145, /* OBJ_pbe_WithSHA1And40BitRC4 1 2 840 113549 1 12 1 2 */
+146, /* OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC 1 2 840 113549 1 12 1 3 */
+147, /* OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC 1 2 840 113549 1 12 1 4 */
+148, /* OBJ_pbe_WithSHA1And128BitRC2_CBC 1 2 840 113549 1 12 1 5 */
+149, /* OBJ_pbe_WithSHA1And40BitRC2_CBC 1 2 840 113549 1 12 1 6 */
+171, /* OBJ_ms_ext_req 1 3 6 1 4 1 311 2 1 14 */
+134, /* OBJ_ms_code_ind 1 3 6 1 4 1 311 2 1 21 */
+135, /* OBJ_ms_code_com 1 3 6 1 4 1 311 2 1 22 */
+136, /* OBJ_ms_ctl_sign 1 3 6 1 4 1 311 10 3 1 */
+137, /* OBJ_ms_sgc 1 3 6 1 4 1 311 10 3 3 */
+138, /* OBJ_ms_efs 1 3 6 1 4 1 311 10 3 4 */
+648, /* OBJ_ms_smartcard_login 1 3 6 1 4 1 311 20 2 2 */
+649, /* OBJ_ms_upn 1 3 6 1 4 1 311 20 2 3 */
+751, /* OBJ_camellia_128_cbc 1 2 392 200011 61 1 1 1 2 */
+752, /* OBJ_camellia_192_cbc 1 2 392 200011 61 1 1 1 3 */
+753, /* OBJ_camellia_256_cbc 1 2 392 200011 61 1 1 1 4 */
+907, /* OBJ_id_camellia128_wrap 1 2 392 200011 61 1 1 3 2 */
+908, /* OBJ_id_camellia192_wrap 1 2 392 200011 61 1 1 3 3 */
+909, /* OBJ_id_camellia256_wrap 1 2 392 200011 61 1 1 3 4 */
+196, /* OBJ_id_smime_mod_cms 1 2 840 113549 1 9 16 0 1 */
+197, /* OBJ_id_smime_mod_ess 1 2 840 113549 1 9 16 0 2 */
+198, /* OBJ_id_smime_mod_oid 1 2 840 113549 1 9 16 0 3 */
+199, /* OBJ_id_smime_mod_msg_v3 1 2 840 113549 1 9 16 0 4 */
+200, /* OBJ_id_smime_mod_ets_eSignature_88 1 2 840 113549 1 9 16 0 5 */
+201, /* OBJ_id_smime_mod_ets_eSignature_97 1 2 840 113549 1 9 16 0 6 */
+202, /* OBJ_id_smime_mod_ets_eSigPolicy_88 1 2 840 113549 1 9 16 0 7 */
+203, /* OBJ_id_smime_mod_ets_eSigPolicy_97 1 2 840 113549 1 9 16 0 8 */
+204, /* OBJ_id_smime_ct_receipt 1 2 840 113549 1 9 16 1 1 */
+205, /* OBJ_id_smime_ct_authData 1 2 840 113549 1 9 16 1 2 */
+206, /* OBJ_id_smime_ct_publishCert 1 2 840 113549 1 9 16 1 3 */
+207, /* OBJ_id_smime_ct_TSTInfo 1 2 840 113549 1 9 16 1 4 */
+208, /* OBJ_id_smime_ct_TDTInfo 1 2 840 113549 1 9 16 1 5 */
+209, /* OBJ_id_smime_ct_contentInfo 1 2 840 113549 1 9 16 1 6 */
+210, /* OBJ_id_smime_ct_DVCSRequestData 1 2 840 113549 1 9 16 1 7 */
+211, /* OBJ_id_smime_ct_DVCSResponseData 1 2 840 113549 1 9 16 1 8 */
+786, /* OBJ_id_smime_ct_compressedData 1 2 840 113549 1 9 16 1 9 */
+787, /* OBJ_id_ct_asciiTextWithCRLF 1 2 840 113549 1 9 16 1 27 */
+212, /* OBJ_id_smime_aa_receiptRequest 1 2 840 113549 1 9 16 2 1 */
+213, /* OBJ_id_smime_aa_securityLabel 1 2 840 113549 1 9 16 2 2 */
+214, /* OBJ_id_smime_aa_mlExpandHistory 1 2 840 113549 1 9 16 2 3 */
+215, /* OBJ_id_smime_aa_contentHint 1 2 840 113549 1 9 16 2 4 */
+216, /* OBJ_id_smime_aa_msgSigDigest 1 2 840 113549 1 9 16 2 5 */
+217, /* OBJ_id_smime_aa_encapContentType 1 2 840 113549 1 9 16 2 6 */
+218, /* OBJ_id_smime_aa_contentIdentifier 1 2 840 113549 1 9 16 2 7 */
+219, /* OBJ_id_smime_aa_macValue 1 2 840 113549 1 9 16 2 8 */
+220, /* OBJ_id_smime_aa_equivalentLabels 1 2 840 113549 1 9 16 2 9 */
+221, /* OBJ_id_smime_aa_contentReference 1 2 840 113549 1 9 16 2 10 */
+222, /* OBJ_id_smime_aa_encrypKeyPref 1 2 840 113549 1 9 16 2 11 */
+223, /* OBJ_id_smime_aa_signingCertificate 1 2 840 113549 1 9 16 2 12 */
+224, /* OBJ_id_smime_aa_smimeEncryptCerts 1 2 840 113549 1 9 16 2 13 */
+225, /* OBJ_id_smime_aa_timeStampToken 1 2 840 113549 1 9 16 2 14 */
+226, /* OBJ_id_smime_aa_ets_sigPolicyId 1 2 840 113549 1 9 16 2 15 */
+227, /* OBJ_id_smime_aa_ets_commitmentType 1 2 840 113549 1 9 16 2 16 */
+228, /* OBJ_id_smime_aa_ets_signerLocation 1 2 840 113549 1 9 16 2 17 */
+229, /* OBJ_id_smime_aa_ets_signerAttr 1 2 840 113549 1 9 16 2 18 */
+230, /* OBJ_id_smime_aa_ets_otherSigCert 1 2 840 113549 1 9 16 2 19 */
+231, /* OBJ_id_smime_aa_ets_contentTimestamp 1 2 840 113549 1 9 16 2 20 */
+232, /* OBJ_id_smime_aa_ets_CertificateRefs 1 2 840 113549 1 9 16 2 21 */
+233, /* OBJ_id_smime_aa_ets_RevocationRefs 1 2 840 113549 1 9 16 2 22 */
+234, /* OBJ_id_smime_aa_ets_certValues 1 2 840 113549 1 9 16 2 23 */
+235, /* OBJ_id_smime_aa_ets_revocationValues 1 2 840 113549 1 9 16 2 24 */
+236, /* OBJ_id_smime_aa_ets_escTimeStamp 1 2 840 113549 1 9 16 2 25 */
+237, /* OBJ_id_smime_aa_ets_certCRLTimestamp 1 2 840 113549 1 9 16 2 26 */
+238, /* OBJ_id_smime_aa_ets_archiveTimeStamp 1 2 840 113549 1 9 16 2 27 */
+239, /* OBJ_id_smime_aa_signatureType 1 2 840 113549 1 9 16 2 28 */
+240, /* OBJ_id_smime_aa_dvcs_dvc 1 2 840 113549 1 9 16 2 29 */
+241, /* OBJ_id_smime_alg_ESDHwith3DES 1 2 840 113549 1 9 16 3 1 */
+242, /* OBJ_id_smime_alg_ESDHwithRC2 1 2 840 113549 1 9 16 3 2 */
+243, /* OBJ_id_smime_alg_3DESwrap 1 2 840 113549 1 9 16 3 3 */
+244, /* OBJ_id_smime_alg_RC2wrap 1 2 840 113549 1 9 16 3 4 */
+245, /* OBJ_id_smime_alg_ESDH 1 2 840 113549 1 9 16 3 5 */
+246, /* OBJ_id_smime_alg_CMS3DESwrap 1 2 840 113549 1 9 16 3 6 */
+247, /* OBJ_id_smime_alg_CMSRC2wrap 1 2 840 113549 1 9 16 3 7 */
+125, /* OBJ_zlib_compression 1 2 840 113549 1 9 16 3 8 */
+893, /* OBJ_id_alg_PWRI_KEK 1 2 840 113549 1 9 16 3 9 */
+248, /* OBJ_id_smime_cd_ldap 1 2 840 113549 1 9 16 4 1 */
+249, /* OBJ_id_smime_spq_ets_sqt_uri 1 2 840 113549 1 9 16 5 1 */
+250, /* OBJ_id_smime_spq_ets_sqt_unotice 1 2 840 113549 1 9 16 5 2 */
+251, /* OBJ_id_smime_cti_ets_proofOfOrigin 1 2 840 113549 1 9 16 6 1 */
+252, /* OBJ_id_smime_cti_ets_proofOfReceipt 1 2 840 113549 1 9 16 6 2 */
+253, /* OBJ_id_smime_cti_ets_proofOfDelivery 1 2 840 113549 1 9 16 6 3 */
+254, /* OBJ_id_smime_cti_ets_proofOfSender 1 2 840 113549 1 9 16 6 4 */
+255, /* OBJ_id_smime_cti_ets_proofOfApproval 1 2 840 113549 1 9 16 6 5 */
+256, /* OBJ_id_smime_cti_ets_proofOfCreation 1 2 840 113549 1 9 16 6 6 */
+150, /* OBJ_keyBag 1 2 840 113549 1 12 10 1 1 */
+151, /* OBJ_pkcs8ShroudedKeyBag 1 2 840 113549 1 12 10 1 2 */
+152, /* OBJ_certBag 1 2 840 113549 1 12 10 1 3 */
+153, /* OBJ_crlBag 1 2 840 113549 1 12 10 1 4 */
+154, /* OBJ_secretBag 1 2 840 113549 1 12 10 1 5 */
+155, /* OBJ_safeContentsBag 1 2 840 113549 1 12 10 1 6 */
+34, /* OBJ_idea_cbc 1 3 6 1 4 1 188 7 1 1 2 */
};
Modified: trunk/crypto/openssl/crypto/objects/obj_dat.pl
===================================================================
--- trunk/crypto/openssl/crypto/objects/obj_dat.pl 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/objects/obj_dat.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -2,10 +2,8 @@
# fixes bug in floating point emulation on sparc64 when
# this script produces off-by-one output on sparc64
-eval 'use integer;';
+use integer;
-print STDERR "Warning: perl module integer not found.\n" if ($@);
-
sub obj_cmp
{
local(@a, at b,$_,$r);
@@ -117,7 +115,7 @@
$out.="\"$sn\"";
$out.=","."\"$ln\"";
$out.=",NID_$nid{$i},";
- if (defined($obj{$nid{$i}}))
+ if (defined($obj{$nid{$i}}) && $objd{$obj{$nid{$i}}} =~ /,/)
{
$v=$objd{$obj{$nid{$i}}};
$v =~ s/L//g;
@@ -150,13 +148,13 @@
@a=grep(defined($sn{$nid{$_}}),0 .. $n);
foreach (sort { $sn{$nid{$a}} cmp $sn{$nid{$b}} } @a)
{
- push(@sn,sprintf("&(nid_objs[%2d]),/* \"$sn{$nid{$_}}\" */\n",$_));
+ push(@sn,sprintf("%2d,\t/* \"$sn{$nid{$_}}\" */\n",$_));
}
@a=grep(defined($ln{$nid{$_}}),0 .. $n);
foreach (sort { $ln{$nid{$a}} cmp $ln{$nid{$b}} } @a)
{
- push(@ln,sprintf("&(nid_objs[%2d]),/* \"$ln{$nid{$_}}\" */\n",$_));
+ push(@ln,sprintf("%2d,\t/* \"$ln{$nid{$_}}\" */\n",$_));
}
@a=grep(defined($obj{$nid{$_}}),0 .. $n);
@@ -166,7 +164,7 @@
$v=$objd{$m};
$v =~ s/L//g;
$v =~ s/,/ /g;
- push(@ob,sprintf("&(nid_objs[%2d]),/* %-32s %s */\n",$_,$m,$v));
+ push(@ob,sprintf("%2d,\t/* %-32s %s */\n",$_,$m,$v));
}
print OUT <<'EOF';
@@ -241,11 +239,11 @@
printf OUT "#define NUM_LN %d\n",$#ln+1;
printf OUT "#define NUM_OBJ %d\n\n",$#ob+1;
-printf OUT "static unsigned char lvalues[%d]={\n",$lvalues+1;
+printf OUT "static const unsigned char lvalues[%d]={\n",$lvalues+1;
print OUT @lvalues;
print OUT "};\n\n";
-printf OUT "static ASN1_OBJECT nid_objs[NUM_NID]={\n";
+printf OUT "static const ASN1_OBJECT nid_objs[NUM_NID]={\n";
foreach (@out)
{
if (length($_) > 75)
@@ -269,15 +267,15 @@
}
print OUT "};\n\n";
-printf OUT "static ASN1_OBJECT *sn_objs[NUM_SN]={\n";
+printf OUT "static const unsigned int sn_objs[NUM_SN]={\n";
print OUT @sn;
print OUT "};\n\n";
-printf OUT "static ASN1_OBJECT *ln_objs[NUM_LN]={\n";
+printf OUT "static const unsigned int ln_objs[NUM_LN]={\n";
print OUT @ln;
print OUT "};\n\n";
-printf OUT "static ASN1_OBJECT *obj_objs[NUM_OBJ]={\n";
+printf OUT "static const unsigned int obj_objs[NUM_OBJ]={\n";
print OUT @ob;
print OUT "};\n\n";
Modified: trunk/crypto/openssl/crypto/objects/obj_err.c
===================================================================
--- trunk/crypto/openssl/crypto/objects/obj_err.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/objects/obj_err.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,6 +1,6 @@
/* crypto/objects/obj_err.c */
/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
Modified: trunk/crypto/openssl/crypto/objects/obj_lib.c
===================================================================
--- trunk/crypto/openssl/crypto/objects/obj_lib.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/objects/obj_lib.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -66,7 +66,8 @@
{
ASN1_OBJECT *r;
int i;
- char *ln = NULL;
+ char *ln = NULL, *sn = NULL;
+ unsigned char *data = NULL;
if (o == NULL)
return (NULL);
@@ -79,30 +80,32 @@
OBJerr(OBJ_F_OBJ_DUP, ERR_R_ASN1_LIB);
return (NULL);
}
- r->data = OPENSSL_malloc(o->length);
- if (r->data == NULL)
+ data = OPENSSL_malloc(o->length);
+ if (data == NULL)
goto err;
if (o->data != NULL)
- memcpy(r->data, o->data, o->length);
+ memcpy(data, o->data, o->length);
+ /* once data attached to object it remains const */
+ r->data = data;
r->length = o->length;
r->nid = o->nid;
r->ln = r->sn = NULL;
if (o->ln != NULL) {
i = strlen(o->ln) + 1;
- r->ln = ln = OPENSSL_malloc(i);
- if (r->ln == NULL)
+ ln = OPENSSL_malloc(i);
+ if (ln == NULL)
goto err;
memcpy(ln, o->ln, i);
+ r->ln = ln;
}
if (o->sn != NULL) {
- char *s;
-
i = strlen(o->sn) + 1;
- r->sn = s = OPENSSL_malloc(i);
- if (r->sn == NULL)
+ sn = OPENSSL_malloc(i);
+ if (sn == NULL)
goto err;
- memcpy(s, o->sn, i);
+ memcpy(sn, o->sn, i);
+ r->sn = sn;
}
r->flags = o->flags | (ASN1_OBJECT_FLAG_DYNAMIC |
ASN1_OBJECT_FLAG_DYNAMIC_STRINGS |
@@ -110,13 +113,14 @@
return (r);
err:
OBJerr(OBJ_F_OBJ_DUP, ERR_R_MALLOC_FAILURE);
- if (r != NULL) {
- if (ln != NULL)
- OPENSSL_free(ln);
- if (r->data != NULL)
- OPENSSL_free(r->data);
+ if (ln != NULL)
+ OPENSSL_free(ln);
+ if (sn != NULL)
+ OPENSSL_free(sn);
+ if (data != NULL)
+ OPENSSL_free(data);
+ if (r != NULL)
OPENSSL_free(r);
- }
return (NULL);
}
Modified: trunk/crypto/openssl/crypto/objects/obj_mac.h
===================================================================
--- trunk/crypto/openssl/crypto/objects/obj_mac.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/objects/obj_mac.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -580,6 +580,21 @@
#define NID_sha1WithRSAEncryption 65
#define OBJ_sha1WithRSAEncryption OBJ_pkcs1,5L
+#define SN_rsaesOaep "RSAES-OAEP"
+#define LN_rsaesOaep "rsaesOaep"
+#define NID_rsaesOaep 919
+#define OBJ_rsaesOaep OBJ_pkcs1,7L
+
+#define SN_mgf1 "MGF1"
+#define LN_mgf1 "mgf1"
+#define NID_mgf1 911
+#define OBJ_mgf1 OBJ_pkcs1,8L
+
+#define SN_rsassaPss "RSASSA-PSS"
+#define LN_rsassaPss "rsassaPss"
+#define NID_rsassaPss 912
+#define OBJ_rsassaPss OBJ_pkcs1,10L
+
#define SN_sha256WithRSAEncryption "RSA-SHA256"
#define LN_sha256WithRSAEncryption "sha256WithRSAEncryption"
#define NID_sha256WithRSAEncryption 668
@@ -981,6 +996,10 @@
#define NID_id_smime_alg_CMSRC2wrap 247
#define OBJ_id_smime_alg_CMSRC2wrap OBJ_id_smime_alg,7L
+#define SN_id_alg_PWRI_KEK "id-alg-PWRI-KEK"
+#define NID_id_alg_PWRI_KEK 893
+#define OBJ_id_alg_PWRI_KEK OBJ_id_smime_alg,9L
+
#define SN_id_smime_cd_ldap "id-smime-cd-ldap"
#define NID_id_smime_cd_ldap 248
#define OBJ_id_smime_cd_ldap OBJ_id_smime_cd,1L
@@ -2399,6 +2418,11 @@
#define NID_no_rev_avail 403
#define OBJ_no_rev_avail OBJ_id_ce,56L
+#define SN_anyExtendedKeyUsage "anyExtendedKeyUsage"
+#define LN_anyExtendedKeyUsage "Any Extended Key Usage"
+#define NID_anyExtendedKeyUsage 910
+#define OBJ_anyExtendedKeyUsage OBJ_ext_key_usage,0L
+
#define SN_netscape "Netscape"
#define LN_netscape "Netscape Communications Corp."
#define NID_netscape 57
@@ -2586,6 +2610,24 @@
#define NID_aes_128_cfb128 421
#define OBJ_aes_128_cfb128 OBJ_aes,4L
+#define SN_id_aes128_wrap "id-aes128-wrap"
+#define NID_id_aes128_wrap 788
+#define OBJ_id_aes128_wrap OBJ_aes,5L
+
+#define SN_aes_128_gcm "id-aes128-GCM"
+#define LN_aes_128_gcm "aes-128-gcm"
+#define NID_aes_128_gcm 895
+#define OBJ_aes_128_gcm OBJ_aes,6L
+
+#define SN_aes_128_ccm "id-aes128-CCM"
+#define LN_aes_128_ccm "aes-128-ccm"
+#define NID_aes_128_ccm 896
+#define OBJ_aes_128_ccm OBJ_aes,7L
+
+#define SN_id_aes128_wrap_pad "id-aes128-wrap-pad"
+#define NID_id_aes128_wrap_pad 897
+#define OBJ_id_aes128_wrap_pad OBJ_aes,8L
+
#define SN_aes_192_ecb "AES-192-ECB"
#define LN_aes_192_ecb "aes-192-ecb"
#define NID_aes_192_ecb 422
@@ -2606,6 +2648,24 @@
#define NID_aes_192_cfb128 425
#define OBJ_aes_192_cfb128 OBJ_aes,24L
+#define SN_id_aes192_wrap "id-aes192-wrap"
+#define NID_id_aes192_wrap 789
+#define OBJ_id_aes192_wrap OBJ_aes,25L
+
+#define SN_aes_192_gcm "id-aes192-GCM"
+#define LN_aes_192_gcm "aes-192-gcm"
+#define NID_aes_192_gcm 898
+#define OBJ_aes_192_gcm OBJ_aes,26L
+
+#define SN_aes_192_ccm "id-aes192-CCM"
+#define LN_aes_192_ccm "aes-192-ccm"
+#define NID_aes_192_ccm 899
+#define OBJ_aes_192_ccm OBJ_aes,27L
+
+#define SN_id_aes192_wrap_pad "id-aes192-wrap-pad"
+#define NID_id_aes192_wrap_pad 900
+#define OBJ_id_aes192_wrap_pad OBJ_aes,28L
+
#define SN_aes_256_ecb "AES-256-ECB"
#define LN_aes_256_ecb "aes-256-ecb"
#define NID_aes_256_ecb 426
@@ -2626,6 +2686,24 @@
#define NID_aes_256_cfb128 429
#define OBJ_aes_256_cfb128 OBJ_aes,44L
+#define SN_id_aes256_wrap "id-aes256-wrap"
+#define NID_id_aes256_wrap 790
+#define OBJ_id_aes256_wrap OBJ_aes,45L
+
+#define SN_aes_256_gcm "id-aes256-GCM"
+#define LN_aes_256_gcm "aes-256-gcm"
+#define NID_aes_256_gcm 901
+#define OBJ_aes_256_gcm OBJ_aes,46L
+
+#define SN_aes_256_ccm "id-aes256-CCM"
+#define LN_aes_256_ccm "aes-256-ccm"
+#define NID_aes_256_ccm 902
+#define OBJ_aes_256_ccm OBJ_aes,47L
+
+#define SN_id_aes256_wrap_pad "id-aes256-wrap-pad"
+#define NID_id_aes256_wrap_pad 903
+#define OBJ_id_aes256_wrap_pad OBJ_aes,48L
+
#define SN_aes_128_cfb1 "AES-128-CFB1"
#define LN_aes_128_cfb1 "aes-128-cfb1"
#define NID_aes_128_cfb1 650
@@ -2650,6 +2728,26 @@
#define LN_aes_256_cfb8 "aes-256-cfb8"
#define NID_aes_256_cfb8 655
+#define SN_aes_128_ctr "AES-128-CTR"
+#define LN_aes_128_ctr "aes-128-ctr"
+#define NID_aes_128_ctr 904
+
+#define SN_aes_192_ctr "AES-192-CTR"
+#define LN_aes_192_ctr "aes-192-ctr"
+#define NID_aes_192_ctr 905
+
+#define SN_aes_256_ctr "AES-256-CTR"
+#define LN_aes_256_ctr "aes-256-ctr"
+#define NID_aes_256_ctr 906
+
+#define SN_aes_128_xts "AES-128-XTS"
+#define LN_aes_128_xts "aes-128-xts"
+#define NID_aes_128_xts 913
+
+#define SN_aes_256_xts "AES-256-XTS"
+#define LN_aes_256_xts "aes-256-xts"
+#define NID_aes_256_xts 914
+
#define SN_des_cfb1 "DES-CFB1"
#define LN_des_cfb1 "des-cfb1"
#define NID_des_cfb1 656
@@ -2666,18 +2764,6 @@
#define LN_des_ede3_cfb8 "des-ede3-cfb8"
#define NID_des_ede3_cfb8 659
-#define SN_id_aes128_wrap "id-aes128-wrap"
-#define NID_id_aes128_wrap 788
-#define OBJ_id_aes128_wrap OBJ_aes,5L
-
-#define SN_id_aes192_wrap "id-aes192-wrap"
-#define NID_id_aes192_wrap 789
-#define OBJ_id_aes192_wrap OBJ_aes,25L
-
-#define SN_id_aes256_wrap "id-aes256-wrap"
-#define NID_id_aes256_wrap 790
-#define OBJ_id_aes256_wrap OBJ_aes,45L
-
#define OBJ_nist_hashalgs OBJ_nistAlgorithms,2L
#define SN_sha256 "SHA256"
@@ -3810,6 +3896,18 @@
#define NID_camellia_256_cbc 753
#define OBJ_camellia_256_cbc 1L,2L,392L,200011L,61L,1L,1L,1L,4L
+#define SN_id_camellia128_wrap "id-camellia128-wrap"
+#define NID_id_camellia128_wrap 907
+#define OBJ_id_camellia128_wrap 1L,2L,392L,200011L,61L,1L,1L,3L,2L
+
+#define SN_id_camellia192_wrap "id-camellia192-wrap"
+#define NID_id_camellia192_wrap 908
+#define OBJ_id_camellia192_wrap 1L,2L,392L,200011L,61L,1L,1L,3L,3L
+
+#define SN_id_camellia256_wrap "id-camellia256-wrap"
+#define NID_id_camellia256_wrap 909
+#define OBJ_id_camellia256_wrap 1L,2L,392L,200011L,61L,1L,1L,3L,4L
+
#define OBJ_ntt_ds 0L,3L,4401L,5L
#define OBJ_camellia OBJ_ntt_ds,3L,1L,9L
@@ -3911,3 +4009,23 @@
#define SN_hmac "HMAC"
#define LN_hmac "hmac"
#define NID_hmac 855
+
+#define SN_cmac "CMAC"
+#define LN_cmac "cmac"
+#define NID_cmac 894
+
+#define SN_rc4_hmac_md5 "RC4-HMAC-MD5"
+#define LN_rc4_hmac_md5 "rc4-hmac-md5"
+#define NID_rc4_hmac_md5 915
+
+#define SN_aes_128_cbc_hmac_sha1 "AES-128-CBC-HMAC-SHA1"
+#define LN_aes_128_cbc_hmac_sha1 "aes-128-cbc-hmac-sha1"
+#define NID_aes_128_cbc_hmac_sha1 916
+
+#define SN_aes_192_cbc_hmac_sha1 "AES-192-CBC-HMAC-SHA1"
+#define LN_aes_192_cbc_hmac_sha1 "aes-192-cbc-hmac-sha1"
+#define NID_aes_192_cbc_hmac_sha1 917
+
+#define SN_aes_256_cbc_hmac_sha1 "AES-256-CBC-HMAC-SHA1"
+#define LN_aes_256_cbc_hmac_sha1 "aes-256-cbc-hmac-sha1"
+#define NID_aes_256_cbc_hmac_sha1 918
Modified: trunk/crypto/openssl/crypto/objects/obj_mac.num
===================================================================
--- trunk/crypto/openssl/crypto/objects/obj_mac.num 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/objects/obj_mac.num 2015-07-21 23:23:45 UTC (rev 7118)
@@ -890,3 +890,30 @@
supportedAlgorithms 890
deltaRevocationList 891
dmdName 892
+id_alg_PWRI_KEK 893
+cmac 894
+aes_128_gcm 895
+aes_128_ccm 896
+id_aes128_wrap_pad 897
+aes_192_gcm 898
+aes_192_ccm 899
+id_aes192_wrap_pad 900
+aes_256_gcm 901
+aes_256_ccm 902
+id_aes256_wrap_pad 903
+aes_128_ctr 904
+aes_192_ctr 905
+aes_256_ctr 906
+id_camellia128_wrap 907
+id_camellia192_wrap 908
+id_camellia256_wrap 909
+anyExtendedKeyUsage 910
+mgf1 911
+rsassaPss 912
+aes_128_xts 913
+aes_256_xts 914
+rc4_hmac_md5 915
+aes_128_cbc_hmac_sha1 916
+aes_192_cbc_hmac_sha1 917
+aes_256_cbc_hmac_sha1 918
+rsaesOaep 919
Copied: trunk/crypto/openssl/crypto/objects/obj_xref.c (from rev 7117, vendor-crypto/openssl/dist/crypto/objects/obj_xref.c)
===================================================================
--- trunk/crypto/openssl/crypto/objects/obj_xref.c (rev 0)
+++ trunk/crypto/openssl/crypto/objects/obj_xref.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,222 @@
+/* crypto/objects/obj_xref.c */
+/*
+ * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+ * 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <openssl/objects.h>
+#include "obj_xref.h"
+
+DECLARE_STACK_OF(nid_triple)
+STACK_OF(nid_triple) *sig_app, *sigx_app;
+
+static int sig_cmp(const nid_triple *a, const nid_triple *b)
+{
+ return a->sign_id - b->sign_id;
+}
+
+DECLARE_OBJ_BSEARCH_CMP_FN(nid_triple, nid_triple, sig);
+IMPLEMENT_OBJ_BSEARCH_CMP_FN(nid_triple, nid_triple, sig);
+
+static int sig_sk_cmp(const nid_triple *const *a, const nid_triple *const *b)
+{
+ return (*a)->sign_id - (*b)->sign_id;
+}
+
+DECLARE_OBJ_BSEARCH_CMP_FN(const nid_triple *, const nid_triple *, sigx);
+
+static int sigx_cmp(const nid_triple *const *a, const nid_triple *const *b)
+{
+ int ret;
+ ret = (*a)->hash_id - (*b)->hash_id;
+ if (ret)
+ return ret;
+ return (*a)->pkey_id - (*b)->pkey_id;
+}
+
+IMPLEMENT_OBJ_BSEARCH_CMP_FN(const nid_triple *, const nid_triple *, sigx);
+
+int OBJ_find_sigid_algs(int signid, int *pdig_nid, int *ppkey_nid)
+{
+ nid_triple tmp;
+ const nid_triple *rv = NULL;
+ tmp.sign_id = signid;
+
+ if (sig_app) {
+ int idx = sk_nid_triple_find(sig_app, &tmp);
+ if (idx >= 0)
+ rv = sk_nid_triple_value(sig_app, idx);
+ }
+#ifndef OBJ_XREF_TEST2
+ if (rv == NULL) {
+ rv = OBJ_bsearch_sig(&tmp, sigoid_srt,
+ sizeof(sigoid_srt) / sizeof(nid_triple));
+ }
+#endif
+ if (rv == NULL)
+ return 0;
+ if (pdig_nid)
+ *pdig_nid = rv->hash_id;
+ if (ppkey_nid)
+ *ppkey_nid = rv->pkey_id;
+ return 1;
+}
+
+int OBJ_find_sigid_by_algs(int *psignid, int dig_nid, int pkey_nid)
+{
+ nid_triple tmp;
+ const nid_triple *t = &tmp;
+ const nid_triple **rv = NULL;
+
+ tmp.hash_id = dig_nid;
+ tmp.pkey_id = pkey_nid;
+
+ if (sigx_app) {
+ int idx = sk_nid_triple_find(sigx_app, &tmp);
+ if (idx >= 0) {
+ t = sk_nid_triple_value(sigx_app, idx);
+ rv = &t;
+ }
+ }
+#ifndef OBJ_XREF_TEST2
+ if (rv == NULL) {
+ rv = OBJ_bsearch_sigx(&t, sigoid_srt_xref,
+ sizeof(sigoid_srt_xref) / sizeof(nid_triple *)
+ );
+ }
+#endif
+ if (rv == NULL)
+ return 0;
+ if (psignid)
+ *psignid = (*rv)->sign_id;
+ return 1;
+}
+
+int OBJ_add_sigid(int signid, int dig_id, int pkey_id)
+{
+ nid_triple *ntr;
+ if (!sig_app)
+ sig_app = sk_nid_triple_new(sig_sk_cmp);
+ if (!sig_app)
+ return 0;
+ if (!sigx_app)
+ sigx_app = sk_nid_triple_new(sigx_cmp);
+ if (!sigx_app)
+ return 0;
+ ntr = OPENSSL_malloc(sizeof(int) * 3);
+ if (!ntr)
+ return 0;
+ ntr->sign_id = signid;
+ ntr->hash_id = dig_id;
+ ntr->pkey_id = pkey_id;
+
+ if (!sk_nid_triple_push(sig_app, ntr)) {
+ OPENSSL_free(ntr);
+ return 0;
+ }
+
+ if (!sk_nid_triple_push(sigx_app, ntr))
+ return 0;
+
+ sk_nid_triple_sort(sig_app);
+ sk_nid_triple_sort(sigx_app);
+
+ return 1;
+}
+
+static void sid_free(nid_triple *tt)
+{
+ OPENSSL_free(tt);
+}
+
+void OBJ_sigid_free(void)
+{
+ if (sig_app) {
+ sk_nid_triple_pop_free(sig_app, sid_free);
+ sig_app = NULL;
+ }
+ if (sigx_app) {
+ sk_nid_triple_free(sigx_app);
+ sigx_app = NULL;
+ }
+}
+
+#ifdef OBJ_XREF_TEST
+
+main()
+{
+ int n1, n2, n3;
+
+ int i, rv;
+# ifdef OBJ_XREF_TEST2
+ for (i = 0; i < sizeof(sigoid_srt) / sizeof(nid_triple); i++) {
+ OBJ_add_sigid(sigoid_srt[i][0], sigoid_srt[i][1], sigoid_srt[i][2]);
+ }
+# endif
+
+ for (i = 0; i < sizeof(sigoid_srt) / sizeof(nid_triple); i++) {
+ n1 = sigoid_srt[i][0];
+ rv = OBJ_find_sigid_algs(n1, &n2, &n3);
+ printf("Forward: %d, %s %s %s\n", rv,
+ OBJ_nid2ln(n1), OBJ_nid2ln(n2), OBJ_nid2ln(n3));
+ n1 = 0;
+ rv = OBJ_find_sigid_by_algs(&n1, n2, n3);
+ printf("Reverse: %d, %s %s %s\n", rv,
+ OBJ_nid2ln(n1), OBJ_nid2ln(n2), OBJ_nid2ln(n3));
+ }
+}
+
+#endif
Copied: trunk/crypto/openssl/crypto/objects/obj_xref.h (from rev 7117, vendor-crypto/openssl/dist/crypto/objects/obj_xref.h)
===================================================================
--- trunk/crypto/openssl/crypto/objects/obj_xref.h (rev 0)
+++ trunk/crypto/openssl/crypto/objects/obj_xref.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,74 @@
+/* AUTOGENERATED BY objxref.pl, DO NOT EDIT */
+
+typedef struct {
+ int sign_id;
+ int hash_id;
+ int pkey_id;
+} nid_triple;
+
+static const nid_triple sigoid_srt[] = {
+ {NID_md2WithRSAEncryption, NID_md2, NID_rsaEncryption},
+ {NID_md5WithRSAEncryption, NID_md5, NID_rsaEncryption},
+ {NID_shaWithRSAEncryption, NID_sha, NID_rsaEncryption},
+ {NID_sha1WithRSAEncryption, NID_sha1, NID_rsaEncryption},
+ {NID_dsaWithSHA, NID_sha, NID_dsa},
+ {NID_dsaWithSHA1_2, NID_sha1, NID_dsa_2},
+ {NID_mdc2WithRSA, NID_mdc2, NID_rsaEncryption},
+ {NID_md5WithRSA, NID_md5, NID_rsa},
+ {NID_dsaWithSHA1, NID_sha1, NID_dsa},
+ {NID_sha1WithRSA, NID_sha1, NID_rsa},
+ {NID_ripemd160WithRSA, NID_ripemd160, NID_rsaEncryption},
+ {NID_md4WithRSAEncryption, NID_md4, NID_rsaEncryption},
+ {NID_ecdsa_with_SHA1, NID_sha1, NID_X9_62_id_ecPublicKey},
+ {NID_sha256WithRSAEncryption, NID_sha256, NID_rsaEncryption},
+ {NID_sha384WithRSAEncryption, NID_sha384, NID_rsaEncryption},
+ {NID_sha512WithRSAEncryption, NID_sha512, NID_rsaEncryption},
+ {NID_sha224WithRSAEncryption, NID_sha224, NID_rsaEncryption},
+ {NID_ecdsa_with_Recommended, NID_undef, NID_X9_62_id_ecPublicKey},
+ {NID_ecdsa_with_Specified, NID_undef, NID_X9_62_id_ecPublicKey},
+ {NID_ecdsa_with_SHA224, NID_sha224, NID_X9_62_id_ecPublicKey},
+ {NID_ecdsa_with_SHA256, NID_sha256, NID_X9_62_id_ecPublicKey},
+ {NID_ecdsa_with_SHA384, NID_sha384, NID_X9_62_id_ecPublicKey},
+ {NID_ecdsa_with_SHA512, NID_sha512, NID_X9_62_id_ecPublicKey},
+ {NID_dsa_with_SHA224, NID_sha224, NID_dsa},
+ {NID_dsa_with_SHA256, NID_sha256, NID_dsa},
+ {NID_id_GostR3411_94_with_GostR3410_2001, NID_id_GostR3411_94,
+ NID_id_GostR3410_2001},
+ {NID_id_GostR3411_94_with_GostR3410_94, NID_id_GostR3411_94,
+ NID_id_GostR3410_94},
+ {NID_id_GostR3411_94_with_GostR3410_94_cc, NID_id_GostR3411_94,
+ NID_id_GostR3410_94_cc},
+ {NID_id_GostR3411_94_with_GostR3410_2001_cc, NID_id_GostR3411_94,
+ NID_id_GostR3410_2001_cc},
+ {NID_rsassaPss, NID_undef, NID_rsaEncryption},
+};
+
+static const nid_triple *const sigoid_srt_xref[] = {
+ &sigoid_srt[0],
+ &sigoid_srt[1],
+ &sigoid_srt[7],
+ &sigoid_srt[2],
+ &sigoid_srt[4],
+ &sigoid_srt[3],
+ &sigoid_srt[9],
+ &sigoid_srt[5],
+ &sigoid_srt[8],
+ &sigoid_srt[12],
+ &sigoid_srt[6],
+ &sigoid_srt[10],
+ &sigoid_srt[11],
+ &sigoid_srt[13],
+ &sigoid_srt[24],
+ &sigoid_srt[20],
+ &sigoid_srt[14],
+ &sigoid_srt[21],
+ &sigoid_srt[15],
+ &sigoid_srt[22],
+ &sigoid_srt[16],
+ &sigoid_srt[23],
+ &sigoid_srt[19],
+ &sigoid_srt[25],
+ &sigoid_srt[26],
+ &sigoid_srt[27],
+ &sigoid_srt[28],
+};
Copied: trunk/crypto/openssl/crypto/objects/obj_xref.txt (from rev 7117, vendor-crypto/openssl/dist/crypto/objects/obj_xref.txt)
===================================================================
--- trunk/crypto/openssl/crypto/objects/obj_xref.txt (rev 0)
+++ trunk/crypto/openssl/crypto/objects/obj_xref.txt 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,46 @@
+# OID cross reference table.
+# Links signatures OIDs to their corresponding public key algorithms
+# and digests.
+
+md2WithRSAEncryption md2 rsaEncryption
+md5WithRSAEncryption md5 rsaEncryption
+shaWithRSAEncryption sha rsaEncryption
+sha1WithRSAEncryption sha1 rsaEncryption
+md4WithRSAEncryption md4 rsaEncryption
+sha256WithRSAEncryption sha256 rsaEncryption
+sha384WithRSAEncryption sha384 rsaEncryption
+sha512WithRSAEncryption sha512 rsaEncryption
+sha224WithRSAEncryption sha224 rsaEncryption
+mdc2WithRSA mdc2 rsaEncryption
+ripemd160WithRSA ripemd160 rsaEncryption
+# For PSS the digest algorithm can vary and depends on the included
+# AlgorithmIdentifier. The digest "undef" indicates the public key
+# method should handle this explicitly.
+rsassaPss undef rsaEncryption
+
+# Alternative deprecated OIDs. By using the older "rsa" OID this
+# type will be recognized by not normally used.
+
+md5WithRSA md5 rsa
+sha1WithRSA sha1 rsa
+
+dsaWithSHA sha dsa
+dsaWithSHA1 sha1 dsa
+
+dsaWithSHA1_2 sha1 dsa_2
+
+ecdsa_with_SHA1 sha1 X9_62_id_ecPublicKey
+ecdsa_with_SHA224 sha224 X9_62_id_ecPublicKey
+ecdsa_with_SHA256 sha256 X9_62_id_ecPublicKey
+ecdsa_with_SHA384 sha384 X9_62_id_ecPublicKey
+ecdsa_with_SHA512 sha512 X9_62_id_ecPublicKey
+ecdsa_with_Recommended undef X9_62_id_ecPublicKey
+ecdsa_with_Specified undef X9_62_id_ecPublicKey
+
+dsa_with_SHA224 sha224 dsa
+dsa_with_SHA256 sha256 dsa
+
+id_GostR3411_94_with_GostR3410_2001 id_GostR3411_94 id_GostR3410_2001
+id_GostR3411_94_with_GostR3410_94 id_GostR3411_94 id_GostR3410_94
+id_GostR3411_94_with_GostR3410_94_cc id_GostR3411_94 id_GostR3410_94_cc
+id_GostR3411_94_with_GostR3410_2001_cc id_GostR3411_94 id_GostR3410_2001_cc
Modified: trunk/crypto/openssl/crypto/objects/objects.README
===================================================================
--- trunk/crypto/openssl/crypto/objects/objects.README 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/objects/objects.README 2015-07-21 23:23:45 UTC (rev 7118)
@@ -8,9 +8,9 @@
1 2 3 4 : shortName : Long Name
- If the long name doesn't contain spaces, or no short name
- exists, the long name is used as basis for the base name
- in C. Otherwise, the short name is used.
+ If Long Name contains only word characters and hyphen-minus
+ (0x2D) or full stop (0x2E) then Long Name is used as basis
+ for the base name in C. Otherwise, the shortName is used.
The base name (let's call it 'base') will then be used to
create the C macros SN_base, LN_base, NID_base and OBJ_base.
@@ -22,7 +22,7 @@
!Alias foo 1 2 3 4
- This juts makes a name foo for an OID. The C macro
+ This just makes a name foo for an OID. The C macro
OBJ_foo will be created as a result.
!Cname foo
Modified: trunk/crypto/openssl/crypto/objects/objects.h
===================================================================
--- trunk/crypto/openssl/crypto/objects/objects.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/objects/objects.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1015,12 +1015,92 @@
int OBJ_ln2nid(const char *s);
int OBJ_sn2nid(const char *s);
int OBJ_cmp(const ASN1_OBJECT *a, const ASN1_OBJECT *b);
-const char *OBJ_bsearch(const char *key, const char *base, int num, int size,
- int (*cmp) (const void *, const void *));
-const char *OBJ_bsearch_ex(const char *key, const char *base, int num,
- int size, int (*cmp) (const void *, const void *),
- int flags);
+const void *OBJ_bsearch_(const void *key, const void *base, int num, int size,
+ int (*cmp) (const void *, const void *));
+const void *OBJ_bsearch_ex_(const void *key, const void *base, int num,
+ int size,
+ int (*cmp) (const void *, const void *),
+ int flags);
+# define _DECLARE_OBJ_BSEARCH_CMP_FN(scope, type1, type2, nm) \
+ static int nm##_cmp_BSEARCH_CMP_FN(const void *, const void *); \
+ static int nm##_cmp(type1 const *, type2 const *); \
+ scope type2 * OBJ_bsearch_##nm(type1 *key, type2 const *base, int num)
+
+# define DECLARE_OBJ_BSEARCH_CMP_FN(type1, type2, cmp) \
+ _DECLARE_OBJ_BSEARCH_CMP_FN(static, type1, type2, cmp)
+# define DECLARE_OBJ_BSEARCH_GLOBAL_CMP_FN(type1, type2, nm) \
+ type2 * OBJ_bsearch_##nm(type1 *key, type2 const *base, int num)
+
+/*-
+ * Unsolved problem: if a type is actually a pointer type, like
+ * nid_triple is, then its impossible to get a const where you need
+ * it. Consider:
+ *
+ * typedef int nid_triple[3];
+ * const void *a_;
+ * const nid_triple const *a = a_;
+ *
+ * The assignement discards a const because what you really want is:
+ *
+ * const int const * const *a = a_;
+ *
+ * But if you do that, you lose the fact that a is an array of 3 ints,
+ * which breaks comparison functions.
+ *
+ * Thus we end up having to cast, sadly, or unpack the
+ * declarations. Or, as I finally did in this case, delcare nid_triple
+ * to be a struct, which it should have been in the first place.
+ *
+ * Ben, August 2008.
+ *
+ * Also, strictly speaking not all types need be const, but handling
+ * the non-constness means a lot of complication, and in practice
+ * comparison routines do always not touch their arguments.
+ */
+
+# define IMPLEMENT_OBJ_BSEARCH_CMP_FN(type1, type2, nm) \
+ static int nm##_cmp_BSEARCH_CMP_FN(const void *a_, const void *b_) \
+ { \
+ type1 const *a = a_; \
+ type2 const *b = b_; \
+ return nm##_cmp(a,b); \
+ } \
+ static type2 *OBJ_bsearch_##nm(type1 *key, type2 const *base, int num) \
+ { \
+ return (type2 *)OBJ_bsearch_(key, base, num, sizeof(type2), \
+ nm##_cmp_BSEARCH_CMP_FN); \
+ } \
+ extern void dummy_prototype(void)
+
+# define IMPLEMENT_OBJ_BSEARCH_GLOBAL_CMP_FN(type1, type2, nm) \
+ static int nm##_cmp_BSEARCH_CMP_FN(const void *a_, const void *b_) \
+ { \
+ type1 const *a = a_; \
+ type2 const *b = b_; \
+ return nm##_cmp(a,b); \
+ } \
+ type2 *OBJ_bsearch_##nm(type1 *key, type2 const *base, int num) \
+ { \
+ return (type2 *)OBJ_bsearch_(key, base, num, sizeof(type2), \
+ nm##_cmp_BSEARCH_CMP_FN); \
+ } \
+ extern void dummy_prototype(void)
+
+# define OBJ_bsearch(type1,key,type2,base,num,cmp) \
+ ((type2 *)OBJ_bsearch_(CHECKED_PTR_OF(type1,key),CHECKED_PTR_OF(type2,base), \
+ num,sizeof(type2), \
+ ((void)CHECKED_PTR_OF(type1,cmp##_type_1), \
+ (void)CHECKED_PTR_OF(type2,cmp##_type_2), \
+ cmp##_BSEARCH_CMP_FN)))
+
+# define OBJ_bsearch_ex(type1,key,type2,base,num,cmp,flags) \
+ ((type2 *)OBJ_bsearch_ex_(CHECKED_PTR_OF(type1,key),CHECKED_PTR_OF(type2,base), \
+ num,sizeof(type2), \
+ ((void)CHECKED_PTR_OF(type1,cmp##_type_1), \
+ (void)type_2=CHECKED_PTR_OF(type2,cmp##_type_2), \
+ cmp##_BSEARCH_CMP_FN)),flags)
+
int OBJ_new_nid(int num);
int OBJ_add_object(const ASN1_OBJECT *obj);
int OBJ_create(const char *oid, const char *sn, const char *ln);
@@ -1027,6 +1107,14 @@
void OBJ_cleanup(void);
int OBJ_create_objects(BIO *in);
+int OBJ_find_sigid_algs(int signid, int *pdig_nid, int *ppkey_nid);
+int OBJ_find_sigid_by_algs(int *psignid, int dig_nid, int pkey_nid);
+int OBJ_add_sigid(int signid, int dig_id, int pkey_id);
+void OBJ_sigid_free(void);
+
+extern int obj_cleanup_defer;
+void check_defer(int nid);
+
/* BEGIN ERROR CODES */
/*
* The following lines are auto generated by the script mkerr.pl. Any changes
Modified: trunk/crypto/openssl/crypto/objects/objects.pl
===================================================================
--- trunk/crypto/openssl/crypto/objects/objects.pl 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/objects/objects.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -14,6 +14,8 @@
$Cname =~ s/^X//;
if (defined($nidn{$mynum}))
{ die "$ARGV[1]:$o:There's already an object with NID ",$mynum," on line ",$order{$mynum},"\n"; }
+ if (defined($nid{$Cname}))
+ { die "$ARGV[1]:$o:There's already an object with name ",$Cname," on line ",$order{$nid{$Cname}},"\n"; }
$nid{$Cname} = $mynum;
$nidn{$mynum} = $Cname;
$order{$mynum} = $o;
@@ -65,7 +67,7 @@
$myoid = &process_oid($myoid);
}
- if ($Cname eq "" && !($myln =~ / /))
+ if ($Cname eq "" && ($myln =~ /^[_A-Za-z][\w.-]*$/ ))
{
$Cname = $myln;
$Cname =~ s/\./_/g;
@@ -102,6 +104,7 @@
$max_nid++;
$nid{$Cname} = $max_nid;
$nidn{$max_nid} = $Cname;
+print STDERR "Added OID $Cname\n";
}
$Cname="";
}
Modified: trunk/crypto/openssl/crypto/objects/objects.txt
===================================================================
--- trunk/crypto/openssl/crypto/objects/objects.txt 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/objects/objects.txt 2015-07-21 23:23:45 UTC (rev 7118)
@@ -166,6 +166,10 @@
pkcs1 4 : RSA-MD5 : md5WithRSAEncryption
pkcs1 5 : RSA-SHA1 : sha1WithRSAEncryption
# According to PKCS #1 version 2.1
+pkcs1 7 : RSAES-OAEP : rsaesOaep
+pkcs1 8 : MGF1 : mgf1
+pkcs1 10 : RSASSA-PSS : rsassaPss
+
pkcs1 11 : RSA-SHA256 : sha256WithRSAEncryption
pkcs1 12 : RSA-SHA384 : sha384WithRSAEncryption
pkcs1 13 : RSA-SHA512 : sha512WithRSAEncryption
@@ -299,6 +303,7 @@
id-smime-alg 5 : id-smime-alg-ESDH
id-smime-alg 6 : id-smime-alg-CMS3DESwrap
id-smime-alg 7 : id-smime-alg-CMSRC2wrap
+id-smime-alg 9 : id-alg-PWRI-KEK
# S/MIME Certificate Distribution
id-smime-cd 1 : id-smime-cd-ldap
@@ -770,6 +775,10 @@
!Cname no-rev-avail
id-ce 56 : noRevAvail : X509v3 No Revocation Available
+# From RFC5280
+ext-key-usage 0 : anyExtendedKeyUsage : Any Extended Key Usage
+
+
!Cname netscape
2 16 840 1 113730 : Netscape : Netscape Communications Corp.
!Cname netscape-cert-extension
@@ -846,6 +855,10 @@
aes 3 : AES-128-OFB : aes-128-ofb
!Cname aes-128-cfb128
aes 4 : AES-128-CFB : aes-128-cfb
+aes 5 : id-aes128-wrap
+aes 6 : id-aes128-GCM : aes-128-gcm
+aes 7 : id-aes128-CCM : aes-128-ccm
+aes 8 : id-aes128-wrap-pad
aes 21 : AES-192-ECB : aes-192-ecb
aes 22 : AES-192-CBC : aes-192-cbc
@@ -853,6 +866,10 @@
aes 23 : AES-192-OFB : aes-192-ofb
!Cname aes-192-cfb128
aes 24 : AES-192-CFB : aes-192-cfb
+aes 25 : id-aes192-wrap
+aes 26 : id-aes192-GCM : aes-192-gcm
+aes 27 : id-aes192-CCM : aes-192-ccm
+aes 28 : id-aes192-wrap-pad
aes 41 : AES-256-ECB : aes-256-ecb
aes 42 : AES-256-CBC : aes-256-cbc
@@ -860,6 +877,10 @@
aes 43 : AES-256-OFB : aes-256-ofb
!Cname aes-256-cfb128
aes 44 : AES-256-CFB : aes-256-cfb
+aes 45 : id-aes256-wrap
+aes 46 : id-aes256-GCM : aes-256-gcm
+aes 47 : id-aes256-CCM : aes-256-ccm
+aes 48 : id-aes256-wrap-pad
# There are no OIDs for these modes...
@@ -869,15 +890,16 @@
: AES-128-CFB8 : aes-128-cfb8
: AES-192-CFB8 : aes-192-cfb8
: AES-256-CFB8 : aes-256-cfb8
+ : AES-128-CTR : aes-128-ctr
+ : AES-192-CTR : aes-192-ctr
+ : AES-256-CTR : aes-256-ctr
+ : AES-128-XTS : aes-128-xts
+ : AES-256-XTS : aes-256-xts
: DES-CFB1 : des-cfb1
: DES-CFB8 : des-cfb8
: DES-EDE3-CFB1 : des-ede3-cfb1
: DES-EDE3-CFB8 : des-ede3-cfb8
-aes 5 : id-aes128-wrap
-aes 25 : id-aes192-wrap
-aes 45 : id-aes256-wrap
-
# OIDs for SHA224, SHA256, SHA385 and SHA512, according to x9.84.
!Alias nist_hashalgs nistAlgorithms 2
nist_hashalgs 1 : SHA256 : sha256
@@ -1211,6 +1233,9 @@
1 2 392 200011 61 1 1 1 2 : CAMELLIA-128-CBC : camellia-128-cbc
1 2 392 200011 61 1 1 1 3 : CAMELLIA-192-CBC : camellia-192-cbc
1 2 392 200011 61 1 1 1 4 : CAMELLIA-256-CBC : camellia-256-cbc
+1 2 392 200011 61 1 1 3 2 : id-camellia128-wrap
+1 2 392 200011 61 1 1 3 3 : id-camellia192-wrap
+1 2 392 200011 61 1 1 3 4 : id-camellia256-wrap
# Definitions for Camellia cipher - ECB, CFB, OFB MODE
@@ -1257,3 +1282,11 @@
# There is no OID that just denotes "HMAC" oddly enough...
: HMAC : hmac
+# Nor CMAC either
+ : CMAC : cmac
+
+# Synthetic composite ciphersuites
+ : RC4-HMAC-MD5 : rc4-hmac-md5
+ : AES-128-CBC-HMAC-SHA1 : aes-128-cbc-hmac-sha1
+ : AES-192-CBC-HMAC-SHA1 : aes-192-cbc-hmac-sha1
+ : AES-256-CBC-HMAC-SHA1 : aes-256-cbc-hmac-sha1
Copied: trunk/crypto/openssl/crypto/objects/objxref.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/objects/objxref.pl)
===================================================================
--- trunk/crypto/openssl/crypto/objects/objxref.pl (rev 0)
+++ trunk/crypto/openssl/crypto/objects/objxref.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,115 @@
+#!/usr/local/bin/perl
+
+use strict;
+
+my %xref_tbl;
+my %oid_tbl;
+
+my ($mac_file, $xref_file) = @ARGV;
+
+open(IN, $mac_file) || die "Can't open $mac_file";
+
+# Read in OID nid values for a lookup table.
+
+while (<IN>)
+ {
+ chomp;
+ my ($name, $num) = /^(\S+)\s+(\S+)$/;
+ $oid_tbl{$name} = $num;
+ }
+close IN;
+
+open(IN, $xref_file) || die "Can't open $xref_file";
+
+my $ln = 1;
+
+while (<IN>)
+ {
+ chomp;
+ s/#.*$//;
+ next if (/^\S*$/);
+ my ($xr, $p1, $p2) = /^(\S+)\s+(\S+)\s+(\S+)/;
+ check_oid($xr);
+ check_oid($p1);
+ check_oid($p2);
+ $xref_tbl{$xr} = [$p1, $p2, $ln];
+ }
+
+my @xrkeys = keys %xref_tbl;
+
+my @srt1 = sort { $oid_tbl{$a} <=> $oid_tbl{$b}} @xrkeys;
+
+for(my $i = 0; $i <= $#srt1; $i++)
+ {
+ $xref_tbl{$srt1[$i]}[2] = $i;
+ }
+
+my @srt2 = sort
+ {
+ my$ap1 = $oid_tbl{$xref_tbl{$a}[0]};
+ my$bp1 = $oid_tbl{$xref_tbl{$b}[0]};
+ return $ap1 - $bp1 if ($ap1 != $bp1);
+ my$ap2 = $oid_tbl{$xref_tbl{$a}[1]};
+ my$bp2 = $oid_tbl{$xref_tbl{$b}[1]};
+
+ return $ap2 - $bp2;
+ } @xrkeys;
+
+my $pname = $0;
+
+$pname =~ s|^.[^/]/||;
+
+print <<EOF;
+/* AUTOGENERATED BY $pname, DO NOT EDIT */
+
+typedef struct {
+ int sign_id;
+ int hash_id;
+ int pkey_id;
+} nid_triple;
+
+static const nid_triple sigoid_srt[] = {
+EOF
+
+foreach (@srt1)
+ {
+ my $xr = $_;
+ my ($p1, $p2) = @{$xref_tbl{$_}};
+ my $o1 = " {NID_$xr, NID_$p1,";
+ my $o2 = "NID_$p2},";
+ if (length("$o1 $o2") < 78)
+ {
+ print "$o1 $o2\n";
+ }
+ else
+ {
+ print "$o1\n $o2\n";
+ }
+ }
+
+print "};";
+print <<EOF;
+
+
+static const nid_triple *const sigoid_srt_xref[] = {
+EOF
+
+foreach (@srt2)
+ {
+ my ($p1, $p2, $x) = @{$xref_tbl{$_}};
+ # If digest or signature algorithm is "undef" then the algorithm
+ # needs special handling and is excluded from the cross reference table.
+ next if $p1 eq "undef" || $p2 eq "undef";
+ print " \&sigoid_srt\[$x\],\n";
+ }
+
+print "};\n";
+
+sub check_oid
+ {
+ my ($chk) = @_;
+ if (!exists $oid_tbl{$chk})
+ {
+ die "Not Found \"$chk\"\n";
+ }
+ }
Modified: trunk/crypto/openssl/crypto/ocsp/Makefile
===================================================================
--- trunk/crypto/openssl/crypto/ocsp/Makefile 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/ocsp/Makefile 2015-07-21 23:23:45 UTC (rev 7118)
@@ -36,7 +36,7 @@
all: lib
lib: $(LIBOBJ)
- $(ARX) $(LIB) $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
@@ -64,6 +64,8 @@
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
+update: depend
+
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC)
@@ -82,10 +84,9 @@
ocsp_asn.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
ocsp_asn.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
ocsp_asn.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-ocsp_asn.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-ocsp_asn.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-ocsp_asn.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h
-ocsp_asn.o: ../../include/openssl/opensslconf.h
+ocsp_asn.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+ocsp_asn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+ocsp_asn.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h
ocsp_asn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
ocsp_asn.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
ocsp_asn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
@@ -98,25 +99,24 @@
ocsp_cl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
ocsp_cl.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
ocsp_cl.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-ocsp_cl.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-ocsp_cl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-ocsp_cl.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h
-ocsp_cl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-ocsp_cl.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
-ocsp_cl.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-ocsp_cl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-ocsp_cl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-ocsp_cl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-ocsp_cl.o: ../../include/openssl/x509v3.h ../cryptlib.h ocsp_cl.c
+ocsp_cl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+ocsp_cl.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h
+ocsp_cl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+ocsp_cl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
+ocsp_cl.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
+ocsp_cl.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+ocsp_cl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ocsp_cl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+ocsp_cl.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+ocsp_cl.o: ../cryptlib.h ocsp_cl.c
ocsp_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
ocsp_err.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
ocsp_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
ocsp_err.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
ocsp_err.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-ocsp_err.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-ocsp_err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-ocsp_err.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h
-ocsp_err.o: ../../include/openssl/opensslconf.h
+ocsp_err.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+ocsp_err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+ocsp_err.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h
ocsp_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
ocsp_err.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
ocsp_err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
@@ -129,9 +129,9 @@
ocsp_ext.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
ocsp_ext.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
ocsp_ext.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-ocsp_ext.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-ocsp_ext.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-ocsp_ext.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h
+ocsp_ext.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+ocsp_ext.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h
+ocsp_ext.o: ../../include/openssl/opensslconf.h
ocsp_ext.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
ocsp_ext.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
ocsp_ext.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
@@ -144,22 +144,21 @@
ocsp_ht.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
ocsp_ht.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
ocsp_ht.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-ocsp_ht.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-ocsp_ht.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-ocsp_ht.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h
-ocsp_ht.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-ocsp_ht.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-ocsp_ht.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-ocsp_ht.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-ocsp_ht.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-ocsp_ht.o: ocsp_ht.c
+ocsp_ht.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+ocsp_ht.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h
+ocsp_ht.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+ocsp_ht.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+ocsp_ht.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+ocsp_ht.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ocsp_ht.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+ocsp_ht.o: ../../include/openssl/x509v3.h ocsp_ht.c
ocsp_lib.o: ../../e_os.h ../../include/openssl/asn1.h
-ocsp_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-ocsp_lib.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-ocsp_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-ocsp_lib.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-ocsp_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-ocsp_lib.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
+ocsp_lib.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+ocsp_lib.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+ocsp_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ocsp_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+ocsp_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
+ocsp_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
ocsp_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
ocsp_lib.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h
ocsp_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
@@ -174,10 +173,9 @@
ocsp_prn.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
ocsp_prn.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
ocsp_prn.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-ocsp_prn.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-ocsp_prn.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-ocsp_prn.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h
-ocsp_prn.o: ../../include/openssl/opensslconf.h
+ocsp_prn.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+ocsp_prn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+ocsp_prn.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h
ocsp_prn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
ocsp_prn.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
ocsp_prn.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
@@ -191,9 +189,9 @@
ocsp_srv.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
ocsp_srv.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
ocsp_srv.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-ocsp_srv.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-ocsp_srv.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-ocsp_srv.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h
+ocsp_srv.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+ocsp_srv.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h
+ocsp_srv.o: ../../include/openssl/opensslconf.h
ocsp_srv.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
ocsp_srv.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
ocsp_srv.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
@@ -206,10 +204,9 @@
ocsp_vfy.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
ocsp_vfy.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
ocsp_vfy.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-ocsp_vfy.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-ocsp_vfy.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-ocsp_vfy.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h
-ocsp_vfy.o: ../../include/openssl/opensslconf.h
+ocsp_vfy.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+ocsp_vfy.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+ocsp_vfy.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h
ocsp_vfy.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
ocsp_vfy.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
ocsp_vfy.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
Modified: trunk/crypto/openssl/crypto/ocsp/ocsp.h
===================================================================
--- trunk/crypto/openssl/crypto/ocsp/ocsp.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/ocsp/ocsp.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -67,6 +67,7 @@
#ifndef HEADER_OCSP_H
# define HEADER_OCSP_H
+# include <openssl/ossl_typ.h>
# include <openssl/x509.h>
# include <openssl/x509v3.h>
# include <openssl/safestack.h>
@@ -387,17 +388,20 @@
# define ASN1_BIT_STRING_digest(data,type,md,len) \
ASN1_item_digest(ASN1_ITEM_rptr(ASN1_BIT_STRING),type,data,md,len)
-# define OCSP_CERTID_dup(cid) ASN1_dup_of(OCSP_CERTID,i2d_OCSP_CERTID,d2i_OCSP_CERTID,cid)
-
# define OCSP_CERTSTATUS_dup(cs)\
(OCSP_CERTSTATUS*)ASN1_dup((int(*)())i2d_OCSP_CERTSTATUS,\
(char *(*)())d2i_OCSP_CERTSTATUS,(char *)(cs))
+OCSP_CERTID *OCSP_CERTID_dup(OCSP_CERTID *id);
+
OCSP_RESPONSE *OCSP_sendreq_bio(BIO *b, char *path, OCSP_REQUEST *req);
OCSP_REQ_CTX *OCSP_sendreq_new(BIO *io, char *path, OCSP_REQUEST *req,
int maxline);
int OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OCSP_REQ_CTX *rctx);
void OCSP_REQ_CTX_free(OCSP_REQ_CTX *rctx);
+int OCSP_REQ_CTX_set1_req(OCSP_REQ_CTX *rctx, OCSP_REQUEST *req);
+int OCSP_REQ_CTX_add1_header(OCSP_REQ_CTX *rctx,
+ const char *name, const char *value);
OCSP_CERTID *OCSP_cert_to_id(const EVP_MD *dgst, X509 *subject, X509 *issuer);
@@ -468,11 +472,6 @@
X509 *signer, EVP_PKEY *key, const EVP_MD *dgst,
STACK_OF(X509) *certs, unsigned long flags);
-ASN1_STRING *ASN1_STRING_encode(ASN1_STRING *s, i2d_of_void *i2d,
- void *data, STACK_OF(ASN1_OBJECT) *sk);
-# define ASN1_STRING_encode_of(type,s,i2d,data,sk) \
- ASN1_STRING_encode(s, CHECKED_I2D_OF(type, i2d), data, sk)
-
X509_EXTENSION *OCSP_crlID_new(char *url, long *n, char *tim);
X509_EXTENSION *OCSP_accept_responses_new(char **oids);
@@ -549,9 +548,9 @@
DECLARE_ASN1_FUNCTIONS(OCSP_CRLID)
DECLARE_ASN1_FUNCTIONS(OCSP_SERVICELOC)
-char *OCSP_response_status_str(long s);
-char *OCSP_cert_status_str(long s);
-char *OCSP_crl_reason_str(long s);
+const char *OCSP_response_status_str(long s);
+const char *OCSP_cert_status_str(long s);
+const char *OCSP_crl_reason_str(long s);
int OCSP_REQUEST_print(BIO *bp, OCSP_REQUEST *a, unsigned long flags);
int OCSP_RESPONSE_print(BIO *bp, OCSP_RESPONSE *o, unsigned long flags);
@@ -585,7 +584,8 @@
# define OCSP_F_OCSP_REQUEST_VERIFY 116
# define OCSP_F_OCSP_RESPONSE_GET1_BASIC 111
# define OCSP_F_OCSP_SENDREQ_BIO 112
-# define OCSP_F_PARSE_HTTP_LINE1 117
+# define OCSP_F_OCSP_SENDREQ_NBIO 117
+# define OCSP_F_PARSE_HTTP_LINE1 118
# define OCSP_F_REQUEST_VERIFY 113
/* Reason codes. */
Modified: trunk/crypto/openssl/crypto/ocsp/ocsp_cl.c
===================================================================
--- trunk/crypto/openssl/crypto/ocsp/ocsp_cl.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/ocsp/ocsp_cl.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -162,8 +162,6 @@
if (!(req->optionalSignature = sig = OCSP_SIGNATURE_new()))
goto err;
- if (!dgst)
- dgst = EVP_sha1();
if (key) {
if (!X509_check_private_key(signer, key)) {
OCSPerr(OCSP_F_OCSP_REQUEST_SIGN,
Modified: trunk/crypto/openssl/crypto/ocsp/ocsp_err.c
===================================================================
--- trunk/crypto/openssl/crypto/ocsp/ocsp_err.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/ocsp/ocsp_err.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,6 +1,6 @@
/* crypto/ocsp/ocsp_err.c */
/* ====================================================================
- * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -86,6 +86,7 @@
{ERR_FUNC(OCSP_F_OCSP_REQUEST_VERIFY), "OCSP_request_verify"},
{ERR_FUNC(OCSP_F_OCSP_RESPONSE_GET1_BASIC), "OCSP_response_get1_basic"},
{ERR_FUNC(OCSP_F_OCSP_SENDREQ_BIO), "OCSP_sendreq_bio"},
+ {ERR_FUNC(OCSP_F_OCSP_SENDREQ_NBIO), "OCSP_sendreq_nbio"},
{ERR_FUNC(OCSP_F_PARSE_HTTP_LINE1), "PARSE_HTTP_LINE1"},
{ERR_FUNC(OCSP_F_REQUEST_VERIFY), "REQUEST_VERIFY"},
{0, NULL}
Modified: trunk/crypto/openssl/crypto/ocsp/ocsp_ext.c
===================================================================
--- trunk/crypto/openssl/crypto/ocsp/ocsp_ext.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/ocsp/ocsp_ext.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -287,7 +287,7 @@
}
/* also CRL Entry Extensions */
-
+#if 0
ASN1_STRING *ASN1_STRING_encode(ASN1_STRING *s, i2d_of_void *i2d,
void *data, STACK_OF(ASN1_OBJECT) *sk)
{
@@ -329,6 +329,7 @@
OPENSSL_free(b);
return NULL;
}
+#endif
/* Nonce handling functions */
@@ -360,8 +361,8 @@
ASN1_put_object(&tmpval, 0, len, V_ASN1_OCTET_STRING, V_ASN1_UNIVERSAL);
if (val)
memcpy(tmpval, val, len);
- else
- RAND_pseudo_bytes(tmpval, len);
+ else if (RAND_pseudo_bytes(tmpval, len) < 0)
+ goto err;
if (!X509V3_add1_i2d(exts, NID_id_pkix_OCSP_Nonce,
&os, 0, X509V3_ADD_REPLACE))
goto err;
@@ -476,21 +477,11 @@
if (!(ASN1_GENERALIZEDTIME_set_string(cid->crlTime, tim)))
goto err;
}
- if (!(x = X509_EXTENSION_new()))
- goto err;
- if (!(x->object = OBJ_nid2obj(NID_id_pkix_OCSP_CrlID)))
- goto err;
- if (!(ASN1_STRING_encode_of(OCSP_CRLID, x->value, i2d_OCSP_CRLID, cid,
- NULL)))
- goto err;
- OCSP_CRLID_free(cid);
- return x;
+ x = X509V3_EXT_i2d(NID_id_pkix_OCSP_CrlID, 0, cid);
err:
- if (x)
- X509_EXTENSION_free(x);
if (cid)
OCSP_CRLID_free(cid);
- return NULL;
+ return x;
}
/* AcceptableResponses ::= SEQUENCE OF OBJECT IDENTIFIER */
@@ -508,21 +499,11 @@
sk_ASN1_OBJECT_push(sk, o);
oids++;
}
- if (!(x = X509_EXTENSION_new()))
- goto err;
- if (!(x->object = OBJ_nid2obj(NID_id_pkix_OCSP_acceptableResponses)))
- goto err;
- if (!(ASN1_STRING_encode_of(ASN1_OBJECT, x->value, i2d_ASN1_OBJECT, NULL,
- sk)))
- goto err;
- sk_ASN1_OBJECT_pop_free(sk, ASN1_OBJECT_free);
- return x;
+ x = X509V3_EXT_i2d(NID_id_pkix_OCSP_acceptableResponses, 0, sk);
err:
- if (x)
- X509_EXTENSION_free(x);
if (sk)
sk_ASN1_OBJECT_pop_free(sk, ASN1_OBJECT_free);
- return NULL;
+ return x;
}
/* ArchiveCutoff ::= GeneralizedTime */
@@ -535,21 +516,11 @@
goto err;
if (!(ASN1_GENERALIZEDTIME_set_string(gt, tim)))
goto err;
- if (!(x = X509_EXTENSION_new()))
- goto err;
- if (!(x->object = OBJ_nid2obj(NID_id_pkix_OCSP_archiveCutoff)))
- goto err;
- if (!(ASN1_STRING_encode_of(ASN1_GENERALIZEDTIME, x->value,
- i2d_ASN1_GENERALIZEDTIME, gt, NULL)))
- goto err;
- ASN1_GENERALIZEDTIME_free(gt);
- return x;
+ x = X509V3_EXT_i2d(NID_id_pkix_OCSP_archiveCutoff, 0, gt);
err:
if (gt)
ASN1_GENERALIZEDTIME_free(gt);
- if (x)
- X509_EXTENSION_free(x);
- return NULL;
+ return x;
}
/*
@@ -587,19 +558,9 @@
goto err;
urls++;
}
- if (!(x = X509_EXTENSION_new()))
- goto err;
- if (!(x->object = OBJ_nid2obj(NID_id_pkix_OCSP_serviceLocator)))
- goto err;
- if (!(ASN1_STRING_encode_of(OCSP_SERVICELOC, x->value,
- i2d_OCSP_SERVICELOC, sloc, NULL)))
- goto err;
- OCSP_SERVICELOC_free(sloc);
- return x;
+ x = X509V3_EXT_i2d(NID_id_pkix_OCSP_serviceLocator, 0, sloc);
err:
- if (x)
- X509_EXTENSION_free(x);
if (sloc)
OCSP_SERVICELOC_free(sloc);
- return NULL;
+ return x;
}
Modified: trunk/crypto/openssl/crypto/ocsp/ocsp_ht.c
===================================================================
--- trunk/crypto/openssl/crypto/ocsp/ocsp_ht.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/ocsp/ocsp_ht.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -118,39 +118,71 @@
OPENSSL_free(rctx);
}
-OCSP_REQ_CTX *OCSP_sendreq_new(BIO *io, char *path, OCSP_REQUEST *req,
- int maxline)
+int OCSP_REQ_CTX_set1_req(OCSP_REQ_CTX *rctx, OCSP_REQUEST *req)
{
- static char post_hdr[] = "POST %s HTTP/1.0\r\n"
+ static const char req_hdr[] =
"Content-Type: application/ocsp-request\r\n"
"Content-Length: %d\r\n\r\n";
+ if (BIO_printf(rctx->mem, req_hdr, i2d_OCSP_REQUEST(req, NULL)) <= 0)
+ return 0;
+ if (i2d_OCSP_REQUEST_bio(rctx->mem, req) <= 0)
+ return 0;
+ rctx->state = OHS_ASN1_WRITE;
+ rctx->asn1_len = BIO_get_mem_data(rctx->mem, NULL);
+ return 1;
+}
+int OCSP_REQ_CTX_add1_header(OCSP_REQ_CTX *rctx,
+ const char *name, const char *value)
+{
+ if (!name)
+ return 0;
+ if (BIO_puts(rctx->mem, name) <= 0)
+ return 0;
+ if (value) {
+ if (BIO_write(rctx->mem, ": ", 2) != 2)
+ return 0;
+ if (BIO_puts(rctx->mem, value) <= 0)
+ return 0;
+ }
+ if (BIO_write(rctx->mem, "\r\n", 2) != 2)
+ return 0;
+ return 1;
+}
+
+OCSP_REQ_CTX *OCSP_sendreq_new(BIO *io, char *path, OCSP_REQUEST *req,
+ int maxline)
+{
+ static const char post_hdr[] = "POST %s HTTP/1.0\r\n";
+
OCSP_REQ_CTX *rctx;
rctx = OPENSSL_malloc(sizeof(OCSP_REQ_CTX));
- rctx->state = OHS_FIRSTLINE;
+ if (!rctx)
+ return NULL;
+ rctx->state = OHS_ERROR;
rctx->mem = BIO_new(BIO_s_mem());
rctx->io = io;
+ rctx->asn1_len = 0;
if (maxline > 0)
rctx->iobuflen = maxline;
else
rctx->iobuflen = OCSP_MAX_LINE_LEN;
rctx->iobuf = OPENSSL_malloc(rctx->iobuflen);
+ if (!rctx->mem || !rctx->iobuf)
+ goto err;
if (!path)
path = "/";
- if (BIO_printf(rctx->mem, post_hdr, path,
- i2d_OCSP_REQUEST(req, NULL)) <= 0) {
- rctx->state = OHS_ERROR;
- return 0;
- }
- if (i2d_OCSP_REQUEST_bio(rctx->mem, req) <= 0) {
- rctx->state = OHS_ERROR;
- return 0;
- }
- rctx->state = OHS_ASN1_WRITE;
- rctx->asn1_len = BIO_get_mem_data(rctx->mem, NULL);
+ if (BIO_printf(rctx->mem, post_hdr, path) <= 0)
+ goto err;
+ if (req && !OCSP_REQ_CTX_set1_req(rctx, req))
+ goto err;
+
return rctx;
+ err:
+ OCSP_REQ_CTX_free(rctx);
+ return NULL;
}
/*
Modified: trunk/crypto/openssl/crypto/ocsp/ocsp_lib.c
===================================================================
--- trunk/crypto/openssl/crypto/ocsp/ocsp_lib.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/ocsp/ocsp_lib.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -72,6 +72,7 @@
#include <openssl/pem.h>
#include <openssl/x509v3.h>
#include <openssl/ocsp.h>
+#include <openssl/asn1t.h>
/* Convert a certificate and its issuer to an OCSP_CERTID */
@@ -128,7 +129,8 @@
goto err;
/* Calculate the issuerKey hash, excluding tag and length */
- EVP_Digest(issuerKey->data, issuerKey->length, md, &i, dgst, NULL);
+ if (!EVP_Digest(issuerKey->data, issuerKey->length, md, &i, dgst, NULL))
+ goto err;
if (!(ASN1_OCTET_STRING_set(cid->issuerKeyHash, md, i)))
goto err;
@@ -284,3 +286,5 @@
return 0;
}
+
+IMPLEMENT_ASN1_DUP_FUNCTION(OCSP_CERTID)
Modified: trunk/crypto/openssl/crypto/ocsp/ocsp_prn.c
===================================================================
--- trunk/crypto/openssl/crypto/ocsp/ocsp_prn.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/ocsp/ocsp_prn.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -87,12 +87,12 @@
typedef struct {
long t;
- char *m;
+ const char *m;
} OCSP_TBLSTR;
-static char *table2string(long s, OCSP_TBLSTR *ts, int len)
+static const char *table2string(long s, const OCSP_TBLSTR *ts, int len)
{
- OCSP_TBLSTR *p;
+ const OCSP_TBLSTR *p;
for (p = ts; p < ts + len; p++)
if (p->t == s)
return p->m;
@@ -99,9 +99,9 @@
return "(UNKNOWN)";
}
-char *OCSP_response_status_str(long s)
+const char *OCSP_response_status_str(long s)
{
- static OCSP_TBLSTR rstat_tbl[] = {
+ static const OCSP_TBLSTR rstat_tbl[] = {
{OCSP_RESPONSE_STATUS_SUCCESSFUL, "successful"},
{OCSP_RESPONSE_STATUS_MALFORMEDREQUEST, "malformedrequest"},
{OCSP_RESPONSE_STATUS_INTERNALERROR, "internalerror"},
@@ -112,9 +112,9 @@
return table2string(s, rstat_tbl, 6);
}
-char *OCSP_cert_status_str(long s)
+const char *OCSP_cert_status_str(long s)
{
- static OCSP_TBLSTR cstat_tbl[] = {
+ static const OCSP_TBLSTR cstat_tbl[] = {
{V_OCSP_CERTSTATUS_GOOD, "good"},
{V_OCSP_CERTSTATUS_REVOKED, "revoked"},
{V_OCSP_CERTSTATUS_UNKNOWN, "unknown"}
@@ -122,9 +122,9 @@
return table2string(s, cstat_tbl, 3);
}
-char *OCSP_crl_reason_str(long s)
+const char *OCSP_crl_reason_str(long s)
{
- OCSP_TBLSTR reason_tbl[] = {
+ static const OCSP_TBLSTR reason_tbl[] = {
{OCSP_REVOKED_STATUS_UNSPECIFIED, "unspecified"},
{OCSP_REVOKED_STATUS_KEYCOMPROMISE, "keyCompromise"},
{OCSP_REVOKED_STATUS_CACOMPROMISE, "cACompromise"},
Modified: trunk/crypto/openssl/crypto/ocsp/ocsp_vfy.c
===================================================================
--- trunk/crypto/openssl/crypto/ocsp/ocsp_vfy.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/ocsp/ocsp_vfy.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -321,6 +321,8 @@
}
mdlen = EVP_MD_size(dgst);
+ if (mdlen < 0)
+ return -1;
if ((cid->issuerNameHash->length != mdlen) ||
(cid->issuerKeyHash->length != mdlen))
return 0;
@@ -329,7 +331,7 @@
return -1;
if (memcmp(md, cid->issuerNameHash->data, mdlen))
return 0;
- X509_pubkey_digest(cert, EVP_sha1(), md, NULL);
+ X509_pubkey_digest(cert, dgst, md, NULL);
if (memcmp(md, cid->issuerKeyHash->data, mdlen))
return 0;
@@ -437,8 +439,10 @@
X509 *signer;
if (!(flags & OCSP_NOINTERN)) {
signer = X509_find_by_subject(req->optionalSignature->certs, nm);
- *psigner = signer;
- return 1;
+ if (signer) {
+ *psigner = signer;
+ return 1;
+ }
}
signer = X509_find_by_subject(certs, nm);
Modified: trunk/crypto/openssl/crypto/opensslconf.h
===================================================================
--- trunk/crypto/openssl/crypto/opensslconf.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/opensslconf.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,19 +1,16 @@
/* opensslconf.h */
/* WARNING: Generated automatically from opensslconf.h.in by Configure. */
+#ifdef __cplusplus
+extern "C" {
+#endif
/* OpenSSL was configured with the following options: */
#ifndef OPENSSL_DOING_MAKEDEPEND
-#ifndef OPENSSL_NO_CAMELLIA
-# define OPENSSL_NO_CAMELLIA
+#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
+# define OPENSSL_NO_EC_NISTP_64_GCC_128
#endif
-#ifndef OPENSSL_NO_CAPIENG
-# define OPENSSL_NO_CAPIENG
-#endif
-#ifndef OPENSSL_NO_CMS
-# define OPENSSL_NO_CMS
-#endif
#ifndef OPENSSL_NO_GMP
# define OPENSSL_NO_GMP
#endif
@@ -23,8 +20,8 @@
#ifndef OPENSSL_NO_KRB5
# define OPENSSL_NO_KRB5
#endif
-#ifndef OPENSSL_NO_MDC2
-# define OPENSSL_NO_MDC2
+#ifndef OPENSSL_NO_MD2
+# define OPENSSL_NO_MD2
#endif
#ifndef OPENSSL_NO_RC5
# define OPENSSL_NO_RC5
@@ -32,9 +29,15 @@
#ifndef OPENSSL_NO_RFC3779
# define OPENSSL_NO_RFC3779
#endif
-#ifndef OPENSSL_NO_SEED
-# define OPENSSL_NO_SEED
+#ifndef OPENSSL_NO_SCTP
+# define OPENSSL_NO_SCTP
#endif
+#ifndef OPENSSL_NO_STORE
+# define OPENSSL_NO_STORE
+#endif
+#ifndef OPENSSL_NO_UNIT_TEST
+# define OPENSSL_NO_UNIT_TEST
+#endif
#endif /* OPENSSL_DOING_MAKEDEPEND */
@@ -47,15 +50,9 @@
who haven't had the time to do the appropriate changes in their
applications. */
#ifdef OPENSSL_ALGORITHM_DEFINES
-# if defined(OPENSSL_NO_CAMELLIA) && !defined(NO_CAMELLIA)
-# define NO_CAMELLIA
+# if defined(OPENSSL_NO_EC_NISTP_64_GCC_128) && !defined(NO_EC_NISTP_64_GCC_128)
+# define NO_EC_NISTP_64_GCC_128
# endif
-# if defined(OPENSSL_NO_CAPIENG) && !defined(NO_CAPIENG)
-# define NO_CAPIENG
-# endif
-# if defined(OPENSSL_NO_CMS) && !defined(NO_CMS)
-# define NO_CMS
-# endif
# if defined(OPENSSL_NO_GMP) && !defined(NO_GMP)
# define NO_GMP
# endif
@@ -65,8 +62,8 @@
# if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5)
# define NO_KRB5
# endif
-# if defined(OPENSSL_NO_MDC2) && !defined(NO_MDC2)
-# define NO_MDC2
+# if defined(OPENSSL_NO_MD2) && !defined(NO_MD2)
+# define NO_MD2
# endif
# if defined(OPENSSL_NO_RC5) && !defined(NO_RC5)
# define NO_RC5
@@ -74,28 +71,19 @@
# if defined(OPENSSL_NO_RFC3779) && !defined(NO_RFC3779)
# define NO_RFC3779
# endif
-# if defined(OPENSSL_NO_SEED) && !defined(NO_SEED)
-# define NO_SEED
+# if defined(OPENSSL_NO_SCTP) && !defined(NO_SCTP)
+# define NO_SCTP
# endif
+# if defined(OPENSSL_NO_STORE) && !defined(NO_STORE)
+# define NO_STORE
+# endif
+# if defined(OPENSSL_NO_UNIT_TEST) && !defined(NO_UNIT_TEST)
+# define NO_UNIT_TEST
+# endif
#endif
/* crypto/opensslconf.h.in */
-#ifdef OPENSSL_DOING_MAKEDEPEND
-
-/* Include any symbols here that have to be explicitly set to enable a feature
- * that should be visible to makedepend.
- *
- * [Our "make depend" doesn't actually look at this, we use actual build settings
- * instead; we want to make it easy to remove subdirectories with disabled algorithms.]
- */
-
-#ifndef OPENSSL_FIPS
-#define OPENSSL_FIPS
-#endif
-
-#endif
-
/* Generate 80386 code? */
#undef I386_ONLY
@@ -159,14 +147,9 @@
/* Should we define BN_DIV2W here? */
/* Only one for the following should be defined */
-/* The prime number generation stuff may not work when
- * EIGHT_BIT but I don't care since I've only used this mode
- * for debuging the bignum libraries */
#undef SIXTY_FOUR_BIT_LONG
#undef SIXTY_FOUR_BIT
#define THIRTY_TWO_BIT
-#undef SIXTEEN_BIT
-#undef EIGHT_BIT
#endif
#if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)
@@ -253,3 +236,6 @@
#endif /* DES_DEFAULT_OPTIONS */
#endif /* HEADER_DES_LOCL_H */
+#ifdef __cplusplus
+}
+#endif
Modified: trunk/crypto/openssl/crypto/opensslconf.h.in
===================================================================
--- trunk/crypto/openssl/crypto/opensslconf.h.in 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/opensslconf.h.in 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,20 +1,5 @@
/* crypto/opensslconf.h.in */
-#ifdef OPENSSL_DOING_MAKEDEPEND
-
-/* Include any symbols here that have to be explicitly set to enable a feature
- * that should be visible to makedepend.
- *
- * [Our "make depend" doesn't actually look at this, we use actual build settings
- * instead; we want to make it easy to remove subdirectories with disabled algorithms.]
- */
-
-#ifndef OPENSSL_FIPS
-#define OPENSSL_FIPS
-#endif
-
-#endif
-
/* Generate 80386 code? */
#undef I386_ONLY
@@ -78,14 +63,9 @@
/* Should we define BN_DIV2W here? */
/* Only one for the following should be defined */
-/* The prime number generation stuff may not work when
- * EIGHT_BIT but I don't care since I've only used this mode
- * for debuging the bignum libraries */
#undef SIXTY_FOUR_BIT_LONG
#undef SIXTY_FOUR_BIT
#define THIRTY_TWO_BIT
-#undef SIXTEEN_BIT
-#undef EIGHT_BIT
#endif
#if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)
Modified: trunk/crypto/openssl/crypto/opensslv.h
===================================================================
--- trunk/crypto/openssl/crypto/opensslv.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/opensslv.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,6 +1,10 @@
#ifndef HEADER_OPENSSLV_H
# define HEADER_OPENSSLV_H
+#ifdef __cplusplus
+extern "C" {
+#endif
+
/*-
* Numeric release version identifier:
* MNNFFPPS: major minor fix patch status
@@ -26,11 +30,11 @@
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
* major minor fix final patch/beta)
*/
-# define OPENSSL_VERSION_NUMBER 0x0090820fL
+# define OPENSSL_VERSION_NUMBER 0x100010ffL
# ifdef OPENSSL_FIPS
-# define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8zg-fips 11 Jun 2015"
+# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1o-fips 12 Jun 2015"
# else
-# define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8zg 11 Jun 2015"
+# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1o 12 Jun 2015"
# endif
# define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT
@@ -84,6 +88,10 @@
* should only keep the versions that are binary compatible with the current.
*/
# define SHLIB_VERSION_HISTORY ""
-# define SHLIB_VERSION_NUMBER "0.9.8"
+# define SHLIB_VERSION_NUMBER "1.0.0"
+
+#ifdef __cplusplus
+}
+#endif
#endif /* HEADER_OPENSSLV_H */
Modified: trunk/crypto/openssl/crypto/ossl_typ.h
===================================================================
--- trunk/crypto/openssl/crypto/ossl_typ.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/ossl_typ.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -55,6 +55,10 @@
#ifndef HEADER_OPENSSL_TYPES_H
# define HEADER_OPENSSL_TYPES_H
+#ifdef __cplusplus
+extern "C" {
+#endif
+
# include <openssl/e_os2.h>
# ifdef NO_ASN1_TYPEDEFS
@@ -91,10 +95,14 @@
typedef struct asn1_string_st ASN1_GENERALIZEDTIME;
typedef struct asn1_string_st ASN1_VISIBLESTRING;
typedef struct asn1_string_st ASN1_UTF8STRING;
+typedef struct asn1_string_st ASN1_STRING;
typedef int ASN1_BOOLEAN;
typedef int ASN1_NULL;
# endif
+typedef struct ASN1_ITEM_st ASN1_ITEM;
+typedef struct asn1_pctx_st ASN1_PCTX;
+
# ifdef OPENSSL_SYS_WIN32
# undef X509_NAME
# undef X509_EXTENSIONS
@@ -122,6 +130,11 @@
typedef struct env_md_ctx_st EVP_MD_CTX;
typedef struct evp_pkey_st EVP_PKEY;
+typedef struct evp_pkey_asn1_method_st EVP_PKEY_ASN1_METHOD;
+
+typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
+typedef struct evp_pkey_ctx_st EVP_PKEY_CTX;
+
typedef struct dh_st DH;
typedef struct dh_method DH_METHOD;
@@ -139,12 +152,15 @@
typedef struct x509_st X509;
typedef struct X509_algor_st X509_ALGOR;
typedef struct X509_crl_st X509_CRL;
+typedef struct x509_crl_method_st X509_CRL_METHOD;
+typedef struct x509_revoked_st X509_REVOKED;
typedef struct X509_name_st X509_NAME;
+typedef struct X509_pubkey_st X509_PUBKEY;
typedef struct x509_store_st X509_STORE;
typedef struct x509_store_ctx_st X509_STORE_CTX;
-typedef struct ssl_st SSL;
-typedef struct ssl_ctx_st SSL_CTX;
+typedef struct pkcs8_priv_key_info_st PKCS8_PRIV_KEY_INFO;
+
typedef struct v3_ext_ctx X509V3_CTX;
typedef struct conf_st CONF;
@@ -157,6 +173,8 @@
typedef struct st_ERR_FNS ERR_FNS;
typedef struct engine_st ENGINE;
+typedef struct ssl_st SSL;
+typedef struct ssl_ctx_st SSL_CTX;
typedef struct X509_POLICY_NODE_st X509_POLICY_NODE;
typedef struct X509_POLICY_LEVEL_st X509_POLICY_LEVEL;
@@ -163,6 +181,11 @@
typedef struct X509_POLICY_TREE_st X509_POLICY_TREE;
typedef struct X509_POLICY_CACHE_st X509_POLICY_CACHE;
+typedef struct AUTHORITY_KEYID_st AUTHORITY_KEYID;
+typedef struct DIST_POINT_st DIST_POINT;
+typedef struct ISSUING_DIST_POINT_st ISSUING_DIST_POINT;
+typedef struct NAME_CONSTRAINTS_st NAME_CONSTRAINTS;
+
/* If placed in pkcs12.h, we end up with a circular depency with pkcs7.h */
# define DECLARE_PKCS12_STACK_OF(type)/* Nothing */
# define IMPLEMENT_PKCS12_STACK_OF(type)/* Nothing */
@@ -180,4 +203,7 @@
typedef struct ocsp_response_st OCSP_RESPONSE;
typedef struct ocsp_responder_id_st OCSP_RESPID;
+#ifdef __cplusplus
+}
+#endif
#endif /* def HEADER_OPENSSL_TYPES_H */
Copied: trunk/crypto/openssl/crypto/pariscid.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/pariscid.pl)
===================================================================
--- trunk/crypto/openssl/crypto/pariscid.pl (rev 0)
+++ trunk/crypto/openssl/crypto/pariscid.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,225 @@
+#!/usr/bin/env perl
+
+$flavour = shift;
+$output = shift;
+open STDOUT,">$output";
+
+if ($flavour =~ /64/) {
+ $LEVEL ="2.0W";
+ $SIZE_T =8;
+ $ST ="std";
+} else {
+ $LEVEL ="1.1";
+ $SIZE_T =4;
+ $ST ="stw";
+}
+
+$rp="%r2";
+$sp="%r30";
+$rv="%r28";
+
+$code=<<___;
+ .LEVEL $LEVEL
+ .SPACE \$TEXT\$
+ .SUBSPA \$CODE\$,QUAD=0,ALIGN=8,ACCESS=0x2C,CODE_ONLY
+
+ .EXPORT OPENSSL_cpuid_setup,ENTRY
+ .ALIGN 8
+OPENSSL_cpuid_setup
+ .PROC
+ .CALLINFO NO_CALLS
+ .ENTRY
+ bv ($rp)
+ .EXIT
+ nop
+ .PROCEND
+
+ .EXPORT OPENSSL_rdtsc,ENTRY
+ .ALIGN 8
+OPENSSL_rdtsc
+ .PROC
+ .CALLINFO NO_CALLS
+ .ENTRY
+ mfctl %cr16,$rv
+ bv ($rp)
+ .EXIT
+ nop
+ .PROCEND
+
+ .EXPORT OPENSSL_wipe_cpu,ENTRY
+ .ALIGN 8
+OPENSSL_wipe_cpu
+ .PROC
+ .CALLINFO NO_CALLS
+ .ENTRY
+ xor %r0,%r0,%r1
+ fcpy,dbl %fr0,%fr4
+ xor %r0,%r0,%r19
+ fcpy,dbl %fr0,%fr5
+ xor %r0,%r0,%r20
+ fcpy,dbl %fr0,%fr6
+ xor %r0,%r0,%r21
+ fcpy,dbl %fr0,%fr7
+ xor %r0,%r0,%r22
+ fcpy,dbl %fr0,%fr8
+ xor %r0,%r0,%r23
+ fcpy,dbl %fr0,%fr9
+ xor %r0,%r0,%r24
+ fcpy,dbl %fr0,%fr10
+ xor %r0,%r0,%r25
+ fcpy,dbl %fr0,%fr11
+ xor %r0,%r0,%r26
+ fcpy,dbl %fr0,%fr22
+ xor %r0,%r0,%r29
+ fcpy,dbl %fr0,%fr23
+ xor %r0,%r0,%r31
+ fcpy,dbl %fr0,%fr24
+ fcpy,dbl %fr0,%fr25
+ fcpy,dbl %fr0,%fr26
+ fcpy,dbl %fr0,%fr27
+ fcpy,dbl %fr0,%fr28
+ fcpy,dbl %fr0,%fr29
+ fcpy,dbl %fr0,%fr30
+ fcpy,dbl %fr0,%fr31
+ bv ($rp)
+ .EXIT
+ ldo 0($sp),$rv
+ .PROCEND
+___
+{
+my $inp="%r26";
+my $len="%r25";
+
+$code.=<<___;
+ .EXPORT OPENSSL_cleanse,ENTRY,ARGW0=GR,ARGW1=GR
+ .ALIGN 8
+OPENSSL_cleanse
+ .PROC
+ .CALLINFO NO_CALLS
+ .ENTRY
+ cmpib,*= 0,$len,L\$done
+ nop
+ cmpib,*>>= 15,$len,L\$ittle
+ ldi $SIZE_T-1,%r1
+
+L\$align
+ and,*<> $inp,%r1,%r28
+ b,n L\$aligned
+ stb %r0,0($inp)
+ ldo -1($len),$len
+ b L\$align
+ ldo 1($inp),$inp
+
+L\$aligned
+ andcm $len,%r1,%r28
+L\$ot
+ $ST %r0,0($inp)
+ addib,*<> -$SIZE_T,%r28,L\$ot
+ ldo $SIZE_T($inp),$inp
+
+ and,*<> $len,%r1,$len
+ b,n L\$done
+L\$ittle
+ stb %r0,0($inp)
+ addib,*<> -1,$len,L\$ittle
+ ldo 1($inp),$inp
+L\$done
+ bv ($rp)
+ .EXIT
+ nop
+ .PROCEND
+___
+}
+{
+my ($out,$cnt,$max)=("%r26","%r25","%r24");
+my ($tick,$lasttick)=("%r23","%r22");
+my ($diff,$lastdiff)=("%r21","%r20");
+
+$code.=<<___;
+ .EXPORT OPENSSL_instrument_bus,ENTRY,ARGW0=GR,ARGW1=GR
+ .ALIGN 8
+OPENSSL_instrument_bus
+ .PROC
+ .CALLINFO NO_CALLS
+ .ENTRY
+ copy $cnt,$rv
+ mfctl %cr16,$tick
+ copy $tick,$lasttick
+ ldi 0,$diff
+
+ fdc 0($out)
+ ldw 0($out),$tick
+ add $diff,$tick,$tick
+ stw $tick,0($out)
+L\$oop
+ mfctl %cr16,$tick
+ sub $tick,$lasttick,$diff
+ copy $tick,$lasttick
+
+ fdc 0($out)
+ ldw 0($out),$tick
+ add $diff,$tick,$tick
+ stw $tick,0($out)
+
+ addib,<> -1,$cnt,L\$oop
+ addi 4,$out,$out
+
+ bv ($rp)
+ .EXIT
+ sub $rv,$cnt,$rv
+ .PROCEND
+
+ .EXPORT OPENSSL_instrument_bus2,ENTRY,ARGW0=GR,ARGW1=GR
+ .ALIGN 8
+OPENSSL_instrument_bus2
+ .PROC
+ .CALLINFO NO_CALLS
+ .ENTRY
+ copy $cnt,$rv
+ sub %r0,$cnt,$cnt
+
+ mfctl %cr16,$tick
+ copy $tick,$lasttick
+ ldi 0,$diff
+
+ fdc 0($out)
+ ldw 0($out),$tick
+ add $diff,$tick,$tick
+ stw $tick,0($out)
+
+ mfctl %cr16,$tick
+ sub $tick,$lasttick,$diff
+ copy $tick,$lasttick
+L\$oop2
+ copy $diff,$lastdiff
+ fdc 0($out)
+ ldw 0($out),$tick
+ add $diff,$tick,$tick
+ stw $tick,0($out)
+
+ addib,= -1,$max,L\$done2
+ nop
+
+ mfctl %cr16,$tick
+ sub $tick,$lasttick,$diff
+ copy $tick,$lasttick
+ cmpclr,<> $lastdiff,$diff,$tick
+ ldi 1,$tick
+
+ ldi 1,%r1
+ xor %r1,$tick,$tick
+ addb,<> $tick,$cnt,L\$oop2
+ shladd,l $tick,2,$out,$out
+L\$done2
+ bv ($rp)
+ .EXIT
+ add $rv,$cnt,$rv
+ .PROCEND
+___
+}
+$code =~ s/cmpib,\*/comib,/gm if ($SIZE_T==4);
+$code =~ s/,\*/,/gm if ($SIZE_T==4);
+$code =~ s/\bbv\b/bve/gm if ($SIZE_T==8);
+print $code;
+close STDOUT;
+
Modified: trunk/crypto/openssl/crypto/pem/Makefile
===================================================================
--- trunk/crypto/openssl/crypto/pem/Makefile 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/pem/Makefile 2015-07-21 23:23:45 UTC (rev 7118)
@@ -18,10 +18,10 @@
LIB=$(TOP)/libcrypto.a
LIBSRC= pem_sign.c pem_seal.c pem_info.c pem_lib.c pem_all.c pem_err.c \
- pem_x509.c pem_xaux.c pem_oth.c pem_pk8.c pem_pkey.c
+ pem_x509.c pem_xaux.c pem_oth.c pem_pk8.c pem_pkey.c pvkfmt.c
LIBOBJ= pem_sign.o pem_seal.o pem_info.o pem_lib.o pem_all.o pem_err.o \
- pem_x509.o pem_xaux.o pem_oth.o pem_pk8.o pem_pkey.o
+ pem_x509.o pem_xaux.o pem_oth.o pem_pk8.o pem_pkey.o pvkfmt.o
SRC= $(LIBSRC)
@@ -36,7 +36,7 @@
all: lib
lib: $(LIBOBJ)
- $(ARX) $(LIB) $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
@@ -64,6 +64,8 @@
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
+update: depend
+
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC)
@@ -83,30 +85,28 @@
pem_all.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
pem_all.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
pem_all.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-pem_all.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-pem_all.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-pem_all.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-pem_all.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-pem_all.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
-pem_all.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
-pem_all.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-pem_all.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-pem_all.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-pem_all.o: ../cryptlib.h pem_all.c
+pem_all.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+pem_all.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pem_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+pem_all.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
+pem_all.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
+pem_all.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+pem_all.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pem_all.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+pem_all.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_all.c
pem_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
pem_err.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
pem_err.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
pem_err.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
pem_err.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-pem_err.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-pem_err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-pem_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-pem_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
-pem_err.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
-pem_err.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-pem_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-pem_err.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-pem_err.o: pem_err.c
+pem_err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pem_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+pem_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pem_err.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+pem_err.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+pem_err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pem_err.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+pem_err.o: ../../include/openssl/x509_vfy.h pem_err.c
pem_info.o: ../../e_os.h ../../include/openssl/asn1.h
pem_info.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
pem_info.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
@@ -113,9 +113,8 @@
pem_info.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
pem_info.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
pem_info.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-pem_info.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-pem_info.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-pem_info.o: ../../include/openssl/opensslconf.h
+pem_info.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pem_info.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
pem_info.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
pem_info.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
pem_info.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
@@ -128,8 +127,8 @@
pem_lib.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
pem_lib.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
pem_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-pem_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-pem_lib.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
+pem_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+pem_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
pem_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
pem_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
pem_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
@@ -139,43 +138,43 @@
pem_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
pem_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
pem_lib.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-pem_lib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_lib.c
+pem_lib.o: ../../include/openssl/x509_vfy.h ../asn1/asn1_locl.h ../cryptlib.h
+pem_lib.o: pem_lib.c
pem_oth.o: ../../e_os.h ../../include/openssl/asn1.h
pem_oth.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
pem_oth.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
pem_oth.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
pem_oth.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-pem_oth.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-pem_oth.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-pem_oth.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-pem_oth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-pem_oth.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
-pem_oth.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-pem_oth.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-pem_oth.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-pem_oth.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-pem_oth.o: ../cryptlib.h pem_oth.c
+pem_oth.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+pem_oth.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pem_oth.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+pem_oth.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
+pem_oth.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
+pem_oth.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+pem_oth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pem_oth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+pem_oth.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_oth.c
pem_pk8.o: ../../e_os.h ../../include/openssl/asn1.h
pem_pk8.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
pem_pk8.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
pem_pk8.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
pem_pk8.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-pem_pk8.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-pem_pk8.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-pem_pk8.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-pem_pk8.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-pem_pk8.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
-pem_pk8.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
-pem_pk8.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
-pem_pk8.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-pem_pk8.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-pem_pk8.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_pk8.c
+pem_pk8.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+pem_pk8.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pem_pk8.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+pem_pk8.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
+pem_pk8.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs12.h
+pem_pk8.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+pem_pk8.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+pem_pk8.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+pem_pk8.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+pem_pk8.o: ../cryptlib.h pem_pk8.c
pem_pkey.o: ../../e_os.h ../../include/openssl/asn1.h
pem_pkey.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
pem_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
pem_pkey.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-pem_pkey.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-pem_pkey.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
+pem_pkey.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+pem_pkey.o: ../../include/openssl/err.h ../../include/openssl/evp.h
pem_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
pem_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
pem_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
@@ -184,15 +183,16 @@
pem_pkey.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
pem_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
pem_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-pem_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_pkey.c
+pem_pkey.o: ../../include/openssl/x509_vfy.h ../asn1/asn1_locl.h ../cryptlib.h
+pem_pkey.o: pem_pkey.c
pem_seal.o: ../../e_os.h ../../include/openssl/asn1.h
pem_seal.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
pem_seal.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
pem_seal.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
pem_seal.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-pem_seal.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-pem_seal.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-pem_seal.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+pem_seal.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+pem_seal.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pem_seal.o: ../../include/openssl/opensslconf.h
pem_seal.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
pem_seal.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
pem_seal.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
@@ -205,9 +205,9 @@
pem_sign.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
pem_sign.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
pem_sign.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-pem_sign.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-pem_sign.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-pem_sign.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+pem_sign.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+pem_sign.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pem_sign.o: ../../include/openssl/opensslconf.h
pem_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
pem_sign.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
pem_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
@@ -220,9 +220,9 @@
pem_x509.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
pem_x509.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
pem_x509.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-pem_x509.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-pem_x509.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-pem_x509.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+pem_x509.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+pem_x509.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pem_x509.o: ../../include/openssl/opensslconf.h
pem_x509.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
pem_x509.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
pem_x509.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
@@ -234,9 +234,9 @@
pem_xaux.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
pem_xaux.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
pem_xaux.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-pem_xaux.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-pem_xaux.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-pem_xaux.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+pem_xaux.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+pem_xaux.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pem_xaux.o: ../../include/openssl/opensslconf.h
pem_xaux.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
pem_xaux.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
pem_xaux.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
@@ -243,3 +243,18 @@
pem_xaux.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
pem_xaux.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
pem_xaux.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_xaux.c
+pvkfmt.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+pvkfmt.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+pvkfmt.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
+pvkfmt.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+pvkfmt.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+pvkfmt.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pvkfmt.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pvkfmt.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+pvkfmt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pvkfmt.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+pvkfmt.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+pvkfmt.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+pvkfmt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pvkfmt.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+pvkfmt.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pvkfmt.c
Modified: trunk/crypto/openssl/crypto/pem/pem.h
===================================================================
--- trunk/crypto/openssl/crypto/pem/pem.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/pem/pem.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -134,6 +134,7 @@
# define PEM_STRING_ECDSA_PUBLIC "ECDSA PUBLIC KEY"
# define PEM_STRING_ECPARAMETERS "EC PARAMETERS"
# define PEM_STRING_ECPRIVATEKEY "EC PRIVATE KEY"
+# define PEM_STRING_PARAMETERS "PARAMETERS"
# define PEM_STRING_CMS "CMS"
/*
@@ -181,11 +182,9 @@
int num_recipient;
PEM_USER **recipient;
-# ifndef OPENSSL_NO_STACK
- STACK *x509_chain; /* certificate chain */
-# else
- char *x509_chain; /* certificate chain */
-# endif
+/*-
+ XXX(ben): don#t think this is used!
+ STACK *x509_chain; / * certificate chain */
EVP_MD *md; /* signature type */
int md_enc; /* is the md encrypted or not? */
@@ -222,28 +221,19 @@
# define IMPLEMENT_PEM_read_fp(name, type, str, asn1) \
type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u)\
{ \
- return (type*)PEM_ASN1_read(CHECKED_D2I_OF(type, d2i_##asn1), \
- str, fp, \
- CHECKED_PPTR_OF(type, x), \
- cb, u); \
+return PEM_ASN1_read((d2i_of_void *)d2i_##asn1, str,fp,(void **)x,cb,u); \
}
# define IMPLEMENT_PEM_write_fp(name, type, str, asn1) \
int PEM_write_##name(FILE *fp, type *x) \
{ \
- return PEM_ASN1_write(CHECKED_I2D_OF(type, i2d_##asn1), \
- str, fp, \
- CHECKED_PTR_OF(type, x), \
- NULL, NULL, 0, NULL, NULL); \
+return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,x,NULL,NULL,0,NULL,NULL); \
}
# define IMPLEMENT_PEM_write_fp_const(name, type, str, asn1) \
int PEM_write_##name(FILE *fp, const type *x) \
{ \
- return PEM_ASN1_write(CHECKED_I2D_OF(const type, i2d_##asn1), \
- str, fp, \
- CHECKED_PTR_OF(const type, x), \
- NULL, NULL, 0, NULL, NULL); \
+return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,(void *)x,NULL,NULL,0,NULL,NULL); \
}
# define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) \
@@ -251,10 +241,7 @@
unsigned char *kstr, int klen, pem_password_cb *cb, \
void *u) \
{ \
- return PEM_ASN1_write(CHECKED_I2D_OF(type, i2d_##asn1), \
- str, fp, \
- CHECKED_PTR_OF(type, x), \
- enc, kstr, klen, cb, u); \
+ return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,x,enc,kstr,klen,cb,u); \
}
# define IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1) \
@@ -262,10 +249,7 @@
unsigned char *kstr, int klen, pem_password_cb *cb, \
void *u) \
{ \
- return PEM_ASN1_write(CHECKED_I2D_OF(const type, i2d_##asn1), \
- str, fp, \
- CHECKED_PTR_OF(const type, x), \
- enc, kstr, klen, cb, u); \
+ return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,x,enc,kstr,klen,cb,u); \
}
# endif
@@ -273,28 +257,19 @@
# define IMPLEMENT_PEM_read_bio(name, type, str, asn1) \
type *PEM_read_bio_##name(BIO *bp, type **x, pem_password_cb *cb, void *u)\
{ \
- return (type*)PEM_ASN1_read_bio(CHECKED_D2I_OF(type, d2i_##asn1), \
- str, bp, \
- CHECKED_PPTR_OF(type, x), \
- cb, u); \
+return PEM_ASN1_read_bio((d2i_of_void *)d2i_##asn1, str,bp,(void **)x,cb,u); \
}
# define IMPLEMENT_PEM_write_bio(name, type, str, asn1) \
int PEM_write_bio_##name(BIO *bp, type *x) \
{ \
- return PEM_ASN1_write_bio(CHECKED_I2D_OF(type, i2d_##asn1), \
- str, bp, \
- CHECKED_PTR_OF(type, x), \
- NULL, NULL, 0, NULL, NULL); \
+return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,x,NULL,NULL,0,NULL,NULL); \
}
# define IMPLEMENT_PEM_write_bio_const(name, type, str, asn1) \
int PEM_write_bio_##name(BIO *bp, const type *x) \
{ \
- return PEM_ASN1_write_bio(CHECKED_I2D_OF(const type, i2d_##asn1), \
- str, bp, \
- CHECKED_PTR_OF(const type, x), \
- NULL, NULL, 0, NULL, NULL); \
+return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,(void *)x,NULL,NULL,0,NULL,NULL); \
}
# define IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \
@@ -301,10 +276,7 @@
int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
unsigned char *kstr, int klen, pem_password_cb *cb, void *u) \
{ \
- return PEM_ASN1_write_bio(CHECKED_I2D_OF(type, i2d_##asn1), \
- str, bp, \
- CHECKED_PTR_OF(type, x), \
- enc, kstr, klen, cb, u); \
+ return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,x,enc,kstr,klen,cb,u); \
}
# define IMPLEMENT_PEM_write_cb_bio_const(name, type, str, asn1) \
@@ -311,10 +283,7 @@
int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
unsigned char *kstr, int klen, pem_password_cb *cb, void *u) \
{ \
- return PEM_ASN1_write_bio(CHECKED_I2D_OF(const type, i2d_##asn1), \
- str, bp, \
- CHECKED_PTR_OF(const type, x), \
- enc, kstr, klen, cb, u); \
+ return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,(void *)x,enc,kstr,klen,cb,u); \
}
# define IMPLEMENT_PEM_write(name, type, str, asn1) \
@@ -351,11 +320,10 @@
/* These are the same except they are for the declarations */
-# if defined(OPENSSL_SYS_WIN16) || defined(OPENSSL_NO_FP_API)
+# if defined(OPENSSL_NO_FP_API)
# define DECLARE_PEM_read_fp(name, type) /**/
# define DECLARE_PEM_write_fp(name, type) /**/
-# define DECLARE_PEM_write_fp_const(name, type) /**/
# define DECLARE_PEM_write_cb_fp(name, type) /**/
# else
@@ -416,127 +384,6 @@
# define DECLARE_PEM_rw_cb(name, type) \
DECLARE_PEM_read(name, type) \
DECLARE_PEM_write_cb(name, type)
-# ifdef SSLEAY_MACROS
-# define PEM_write_SSL_SESSION(fp,x) \
- PEM_ASN1_write((int (*)())i2d_SSL_SESSION, \
- PEM_STRING_SSL_SESSION,fp, (char *)x, NULL,NULL,0,NULL,NULL)
-# define PEM_write_X509(fp,x) \
- PEM_ASN1_write((int (*)())i2d_X509,PEM_STRING_X509,fp, \
- (char *)x, NULL,NULL,0,NULL,NULL)
-# define PEM_write_X509_REQ(fp,x) PEM_ASN1_write( \
- (int (*)())i2d_X509_REQ,PEM_STRING_X509_REQ,fp,(char *)x, \
- NULL,NULL,0,NULL,NULL)
-# define PEM_write_X509_CRL(fp,x) \
- PEM_ASN1_write((int (*)())i2d_X509_CRL,PEM_STRING_X509_CRL, \
- fp,(char *)x, NULL,NULL,0,NULL,NULL)
-# define PEM_write_RSAPrivateKey(fp,x,enc,kstr,klen,cb,u) \
- PEM_ASN1_write((int (*)())i2d_RSAPrivateKey,PEM_STRING_RSA,fp,\
- (char *)x,enc,kstr,klen,cb,u)
-# define PEM_write_RSAPublicKey(fp,x) \
- PEM_ASN1_write((int (*)())i2d_RSAPublicKey,\
- PEM_STRING_RSA_PUBLIC,fp,(char *)x,NULL,NULL,0,NULL,NULL)
-# define PEM_write_DSAPrivateKey(fp,x,enc,kstr,klen,cb,u) \
- PEM_ASN1_write((int (*)())i2d_DSAPrivateKey,PEM_STRING_DSA,fp,\
- (char *)x,enc,kstr,klen,cb,u)
-# define PEM_write_PrivateKey(bp,x,enc,kstr,klen,cb,u) \
- PEM_ASN1_write((int (*)())i2d_PrivateKey,\
- (((x)->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA),\
- bp,(char *)x,enc,kstr,klen,cb,u)
-# define PEM_write_PKCS7(fp,x) \
- PEM_ASN1_write((int (*)())i2d_PKCS7,PEM_STRING_PKCS7,fp, \
- (char *)x, NULL,NULL,0,NULL,NULL)
-# define PEM_write_DHparams(fp,x) \
- PEM_ASN1_write((int (*)())i2d_DHparams,PEM_STRING_DHPARAMS,fp,\
- (char *)x,NULL,NULL,0,NULL,NULL)
-# define PEM_write_NETSCAPE_CERT_SEQUENCE(fp,x) \
- PEM_ASN1_write((int (*)())i2d_NETSCAPE_CERT_SEQUENCE, \
- PEM_STRING_X509,fp, \
- (char *)x, NULL,NULL,0,NULL,NULL)
-# define PEM_read_SSL_SESSION(fp,x,cb,u) (SSL_SESSION *)PEM_ASN1_read( \
- (char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,fp,(char **)x,cb,u)
-# define PEM_read_X509(fp,x,cb,u) (X509 *)PEM_ASN1_read( \
- (char *(*)())d2i_X509,PEM_STRING_X509,fp,(char **)x,cb,u)
-# define PEM_read_X509_REQ(fp,x,cb,u) (X509_REQ *)PEM_ASN1_read( \
- (char *(*)())d2i_X509_REQ,PEM_STRING_X509_REQ,fp,(char **)x,cb,u)
-# define PEM_read_X509_CRL(fp,x,cb,u) (X509_CRL *)PEM_ASN1_read( \
- (char *(*)())d2i_X509_CRL,PEM_STRING_X509_CRL,fp,(char **)x,cb,u)
-# define PEM_read_RSAPrivateKey(fp,x,cb,u) (RSA *)PEM_ASN1_read( \
- (char *(*)())d2i_RSAPrivateKey,PEM_STRING_RSA,fp,(char **)x,cb,u)
-# define PEM_read_RSAPublicKey(fp,x,cb,u) (RSA *)PEM_ASN1_read( \
- (char *(*)())d2i_RSAPublicKey,PEM_STRING_RSA_PUBLIC,fp,(char **)x,cb,u)
-# define PEM_read_DSAPrivateKey(fp,x,cb,u) (DSA *)PEM_ASN1_read( \
- (char *(*)())d2i_DSAPrivateKey,PEM_STRING_DSA,fp,(char **)x,cb,u)
-# define PEM_read_PrivateKey(fp,x,cb,u) (EVP_PKEY *)PEM_ASN1_read( \
- (char *(*)())d2i_PrivateKey,PEM_STRING_EVP_PKEY,fp,(char **)x,cb,u)
-# define PEM_read_PKCS7(fp,x,cb,u) (PKCS7 *)PEM_ASN1_read( \
- (char *(*)())d2i_PKCS7,PEM_STRING_PKCS7,fp,(char **)x,cb,u)
-# define PEM_read_DHparams(fp,x,cb,u) (DH *)PEM_ASN1_read( \
- (char *(*)())d2i_DHparams,PEM_STRING_DHPARAMS,fp,(char **)x,cb,u)
-# define PEM_read_NETSCAPE_CERT_SEQUENCE(fp,x,cb,u) \
- (NETSCAPE_CERT_SEQUENCE *)PEM_ASN1_read( \
- (char *(*)())d2i_NETSCAPE_CERT_SEQUENCE,PEM_STRING_X509,fp,\
- (char **)x,cb,u)
-# define PEM_write_bio_X509(bp,x) \
- PEM_ASN1_write_bio((int (*)())i2d_X509,PEM_STRING_X509,bp, \
- (char *)x, NULL,NULL,0,NULL,NULL)
-# define PEM_write_bio_X509_REQ(bp,x) PEM_ASN1_write_bio( \
- (int (*)())i2d_X509_REQ,PEM_STRING_X509_REQ,bp,(char *)x, \
- NULL,NULL,0,NULL,NULL)
-# define PEM_write_bio_X509_CRL(bp,x) \
- PEM_ASN1_write_bio((int (*)())i2d_X509_CRL,PEM_STRING_X509_CRL,\
- bp,(char *)x, NULL,NULL,0,NULL,NULL)
-# define PEM_write_bio_RSAPrivateKey(bp,x,enc,kstr,klen,cb,u) \
- PEM_ASN1_write_bio((int (*)())i2d_RSAPrivateKey,PEM_STRING_RSA,\
- bp,(char *)x,enc,kstr,klen,cb,u)
-# define PEM_write_bio_RSAPublicKey(bp,x) \
- PEM_ASN1_write_bio((int (*)())i2d_RSAPublicKey, \
- PEM_STRING_RSA_PUBLIC,\
- bp,(char *)x,NULL,NULL,0,NULL,NULL)
-# define PEM_write_bio_DSAPrivateKey(bp,x,enc,kstr,klen,cb,u) \
- PEM_ASN1_write_bio((int (*)())i2d_DSAPrivateKey,PEM_STRING_DSA,\
- bp,(char *)x,enc,kstr,klen,cb,u)
-# define PEM_write_bio_PrivateKey(bp,x,enc,kstr,klen,cb,u) \
- PEM_ASN1_write_bio((int (*)())i2d_PrivateKey,\
- (((x)->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA),\
- bp,(char *)x,enc,kstr,klen,cb,u)
-# define PEM_write_bio_PKCS7(bp,x) \
- PEM_ASN1_write_bio((int (*)())i2d_PKCS7,PEM_STRING_PKCS7,bp, \
- (char *)x, NULL,NULL,0,NULL,NULL)
-# define PEM_write_bio_DHparams(bp,x) \
- PEM_ASN1_write_bio((int (*)())i2d_DHparams,PEM_STRING_DHPARAMS,\
- bp,(char *)x,NULL,NULL,0,NULL,NULL)
-# define PEM_write_bio_DSAparams(bp,x) \
- PEM_ASN1_write_bio((int (*)())i2d_DSAparams, \
- PEM_STRING_DSAPARAMS,bp,(char *)x,NULL,NULL,0,NULL,NULL)
-# define PEM_write_bio_NETSCAPE_CERT_SEQUENCE(bp,x) \
- PEM_ASN1_write_bio((int (*)())i2d_NETSCAPE_CERT_SEQUENCE, \
- PEM_STRING_X509,bp, \
- (char *)x, NULL,NULL,0,NULL,NULL)
-# define PEM_read_bio_X509(bp,x,cb,u) (X509 *)PEM_ASN1_read_bio( \
- (char *(*)())d2i_X509,PEM_STRING_X509,bp,(char **)x,cb,u)
-# define PEM_read_bio_X509_REQ(bp,x,cb,u) (X509_REQ *)PEM_ASN1_read_bio( \
- (char *(*)())d2i_X509_REQ,PEM_STRING_X509_REQ,bp,(char **)x,cb,u)
-# define PEM_read_bio_X509_CRL(bp,x,cb,u) (X509_CRL *)PEM_ASN1_read_bio( \
- (char *(*)())d2i_X509_CRL,PEM_STRING_X509_CRL,bp,(char **)x,cb,u)
-# define PEM_read_bio_RSAPrivateKey(bp,x,cb,u) (RSA *)PEM_ASN1_read_bio( \
- (char *(*)())d2i_RSAPrivateKey,PEM_STRING_RSA,bp,(char **)x,cb,u)
-# define PEM_read_bio_RSAPublicKey(bp,x,cb,u) (RSA *)PEM_ASN1_read_bio( \
- (char *(*)())d2i_RSAPublicKey,PEM_STRING_RSA_PUBLIC,bp,(char **)x,cb,u)
-# define PEM_read_bio_DSAPrivateKey(bp,x,cb,u) (DSA *)PEM_ASN1_read_bio( \
- (char *(*)())d2i_DSAPrivateKey,PEM_STRING_DSA,bp,(char **)x,cb,u)
-# define PEM_read_bio_PrivateKey(bp,x,cb,u) (EVP_PKEY *)PEM_ASN1_read_bio( \
- (char *(*)())d2i_PrivateKey,PEM_STRING_EVP_PKEY,bp,(char **)x,cb,u)
-# define PEM_read_bio_PKCS7(bp,x,cb,u) (PKCS7 *)PEM_ASN1_read_bio( \
- (char *(*)())d2i_PKCS7,PEM_STRING_PKCS7,bp,(char **)x,cb,u)
-# define PEM_read_bio_DHparams(bp,x,cb,u) (DH *)PEM_ASN1_read_bio( \
- (char *(*)())d2i_DHparams,PEM_STRING_DHPARAMS,bp,(char **)x,cb,u)
-# define PEM_read_bio_DSAparams(bp,x,cb,u) (DSA *)PEM_ASN1_read_bio( \
- (char *(*)())d2i_DSAparams,PEM_STRING_DSAPARAMS,bp,(char **)x,cb,u)
-# define PEM_read_bio_NETSCAPE_CERT_SEQUENCE(bp,x,cb,u) \
- (NETSCAPE_CERT_SEQUENCE *)PEM_ASN1_read_bio( \
- (char *(*)())d2i_NETSCAPE_CERT_SEQUENCE,PEM_STRING_X509,bp,\
- (char **)x,cb,u)
-# endif
# if 1
/* "userdata": new with OpenSSL 0.9.4 */
typedef int pem_password_cb (char *buf, int size, int rwflag, void *userdata);
@@ -559,23 +406,10 @@
void *u);
void *PEM_ASN1_read_bio(d2i_of_void *d2i, const char *name, BIO *bp, void **x,
pem_password_cb *cb, void *u);
-
-# define PEM_ASN1_read_bio_of(type,d2i,name,bp,x,cb,u) \
- ((type*)PEM_ASN1_read_bio(CHECKED_D2I_OF(type, d2i), \
- name, bp, \
- CHECKED_PPTR_OF(type, x), \
- cb, u))
-
-int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, char *x,
+int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, void *x,
const EVP_CIPHER *enc, unsigned char *kstr, int klen,
pem_password_cb *cb, void *u);
-# define PEM_ASN1_write_bio_of(type,i2d,name,bp,x,enc,kstr,klen,cb,u) \
- (PEM_ASN1_write_bio(CHECKED_I2D_OF(type, i2d), \
- name, bp, \
- CHECKED_PTR_OF(type, x), \
- enc, kstr, klen, cb, u))
-
STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk,
pem_password_cb *cb, void *u);
int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc,
@@ -583,7 +417,6 @@
pem_password_cb *cd, void *u);
# endif
-# ifndef OPENSSL_SYS_WIN16
int PEM_read(FILE *fp, char **name, char **header,
unsigned char **data, long *len);
int PEM_write(FILE *fp, char *name, char *hdr, unsigned char *data, long len);
@@ -590,11 +423,10 @@
void *PEM_ASN1_read(d2i_of_void *d2i, const char *name, FILE *fp, void **x,
pem_password_cb *cb, void *u);
int PEM_ASN1_write(i2d_of_void *i2d, const char *name, FILE *fp,
- char *x, const EVP_CIPHER *enc, unsigned char *kstr,
+ void *x, const EVP_CIPHER *enc, unsigned char *kstr,
int klen, pem_password_cb *callback, void *u);
STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk,
pem_password_cb *cb, void *u);
-# endif
int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type,
EVP_MD *md_type, unsigned char **ek, int *ekl,
@@ -613,10 +445,8 @@
void PEM_proc_type(char *buf, int type);
void PEM_dek_info(char *buf, const char *type, int len, char *str);
-# ifndef SSLEAY_MACROS
+# include <openssl/symhacks.h>
-# include <openssl/symhacks.h>
-
DECLARE_PEM_rw(X509, X509)
DECLARE_PEM_rw(X509_AUX, X509)
DECLARE_PEM_rw(X509_CERT_PAIR, X509_CERT_PAIR)
@@ -627,24 +457,24 @@
DECLARE_PEM_rw(NETSCAPE_CERT_SEQUENCE, NETSCAPE_CERT_SEQUENCE)
DECLARE_PEM_rw(PKCS8, X509_SIG)
DECLARE_PEM_rw(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO)
-# ifndef OPENSSL_NO_RSA
+# ifndef OPENSSL_NO_RSA
DECLARE_PEM_rw_cb(RSAPrivateKey, RSA)
DECLARE_PEM_rw_const(RSAPublicKey, RSA)
DECLARE_PEM_rw(RSA_PUBKEY, RSA)
-# endif
-# ifndef OPENSSL_NO_DSA
+# endif
+# ifndef OPENSSL_NO_DSA
DECLARE_PEM_rw_cb(DSAPrivateKey, DSA)
DECLARE_PEM_rw(DSA_PUBKEY, DSA)
DECLARE_PEM_rw_const(DSAparams, DSA)
-# endif
-# ifndef OPENSSL_NO_EC
+# endif
+# ifndef OPENSSL_NO_EC
DECLARE_PEM_rw_const(ECPKParameters, EC_GROUP)
DECLARE_PEM_rw_cb(ECPrivateKey, EC_KEY)
DECLARE_PEM_rw(EC_PUBKEY, EC_KEY)
-# endif
-# ifndef OPENSSL_NO_DH
+# endif
+# ifndef OPENSSL_NO_DH
DECLARE_PEM_rw_const(DHparams, DH)
-# endif
+# endif
DECLARE_PEM_rw_cb(PrivateKey, EVP_PKEY)
DECLARE_PEM_rw(PUBKEY, EVP_PKEY)
@@ -679,8 +509,21 @@
char *kstr, int klen, pem_password_cb *cd,
void *u);
-# endif /* SSLEAY_MACROS */
+EVP_PKEY *PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x);
+int PEM_write_bio_Parameters(BIO *bp, EVP_PKEY *x);
+EVP_PKEY *b2i_PrivateKey(const unsigned char **in, long length);
+EVP_PKEY *b2i_PublicKey(const unsigned char **in, long length);
+EVP_PKEY *b2i_PrivateKey_bio(BIO *in);
+EVP_PKEY *b2i_PublicKey_bio(BIO *in);
+int i2b_PrivateKey_bio(BIO *out, EVP_PKEY *pk);
+int i2b_PublicKey_bio(BIO *out, EVP_PKEY *pk);
+# ifndef OPENSSL_NO_RC4
+EVP_PKEY *b2i_PVK_bio(BIO *in, pem_password_cb *cb, void *u);
+int i2b_PVK_bio(BIO *out, EVP_PKEY *pk, int enclevel,
+ pem_password_cb *cb, void *u);
+# endif
+
/* BEGIN ERROR CODES */
/*
* The following lines are auto generated by the script mkerr.pl. Any changes
@@ -691,10 +534,22 @@
/* Error codes for the PEM functions. */
/* Function codes. */
+# define PEM_F_B2I_DSS 127
+# define PEM_F_B2I_PVK_BIO 128
+# define PEM_F_B2I_RSA 129
+# define PEM_F_CHECK_BITLEN_DSA 130
+# define PEM_F_CHECK_BITLEN_RSA 131
# define PEM_F_D2I_PKCS8PRIVATEKEY_BIO 120
# define PEM_F_D2I_PKCS8PRIVATEKEY_FP 121
+# define PEM_F_DO_B2I 132
+# define PEM_F_DO_B2I_BIO 133
+# define PEM_F_DO_BLOB_HEADER 134
# define PEM_F_DO_PK8PKEY 126
# define PEM_F_DO_PK8PKEY_FP 125
+# define PEM_F_DO_PVK_BODY 135
+# define PEM_F_DO_PVK_HEADER 136
+# define PEM_F_I2B_PVK 137
+# define PEM_F_I2B_PVK_BIO 138
# define PEM_F_LOAD_IV 101
# define PEM_F_PEM_ASN1_READ 102
# define PEM_F_PEM_ASN1_READ_BIO 103
@@ -707,6 +562,7 @@
# define PEM_F_PEM_PK8PKEY 119
# define PEM_F_PEM_READ 108
# define PEM_F_PEM_READ_BIO 109
+# define PEM_F_PEM_READ_BIO_PARAMETERS 140
# define PEM_F_PEM_READ_BIO_PRIVATEKEY 123
# define PEM_F_PEM_READ_PRIVATEKEY 124
# define PEM_F_PEM_SEALFINAL 110
@@ -714,6 +570,7 @@
# define PEM_F_PEM_SIGNFINAL 112
# define PEM_F_PEM_WRITE 113
# define PEM_F_PEM_WRITE_BIO 114
+# define PEM_F_PEM_WRITE_PRIVATEKEY 139
# define PEM_F_PEM_X509_INFO_READ 115
# define PEM_F_PEM_X509_INFO_READ_BIO 116
# define PEM_F_PEM_X509_INFO_WRITE_BIO 117
@@ -723,8 +580,17 @@
# define PEM_R_BAD_DECRYPT 101
# define PEM_R_BAD_END_LINE 102
# define PEM_R_BAD_IV_CHARS 103
+# define PEM_R_BAD_MAGIC_NUMBER 116
# define PEM_R_BAD_PASSWORD_READ 104
+# define PEM_R_BAD_VERSION_NUMBER 117
+# define PEM_R_BIO_WRITE_FAILURE 118
+# define PEM_R_CIPHER_IS_NULL 127
# define PEM_R_ERROR_CONVERTING_PRIVATE_KEY 115
+# define PEM_R_EXPECTING_PRIVATE_KEY_BLOB 119
+# define PEM_R_EXPECTING_PUBLIC_KEY_BLOB 120
+# define PEM_R_INCONSISTENT_HEADER 121
+# define PEM_R_KEYBLOB_HEADER_PARSE_ERROR 122
+# define PEM_R_KEYBLOB_TOO_SHORT 123
# define PEM_R_NOT_DEK_INFO 105
# define PEM_R_NOT_ENCRYPTED 106
# define PEM_R_NOT_PROC_TYPE 107
@@ -731,10 +597,13 @@
# define PEM_R_NO_START_LINE 108
# define PEM_R_PROBLEMS_GETTING_PASSWORD 109
# define PEM_R_PUBLIC_KEY_NO_RSA 110
+# define PEM_R_PVK_DATA_TOO_SHORT 124
+# define PEM_R_PVK_TOO_SHORT 125
# define PEM_R_READ_KEY 111
# define PEM_R_SHORT_HEADER 112
# define PEM_R_UNSUPPORTED_CIPHER 113
# define PEM_R_UNSUPPORTED_ENCRYPTION 114
+# define PEM_R_UNSUPPORTED_KEY_COMPONENTS 126
#ifdef __cplusplus
}
Modified: trunk/crypto/openssl/crypto/pem/pem_all.c
===================================================================
--- trunk/crypto/openssl/crypto/pem/pem_all.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/pem/pem_all.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -110,7 +110,6 @@
*/
#include <stdio.h>
-#undef SSLEAY_MACROS
#include "cryptlib.h"
#include <openssl/bio.h>
#include <openssl/evp.h>
@@ -194,16 +193,21 @@
unsigned char *kstr, int klen,
pem_password_cb *cb, void *u)
{
- EVP_PKEY *k;
- int ret;
- k = EVP_PKEY_new();
- if (!k)
- return 0;
- EVP_PKEY_set1_RSA(k, x);
+ if (FIPS_mode()) {
+ EVP_PKEY *k;
+ int ret;
+ k = EVP_PKEY_new();
+ if (!k)
+ return 0;
+ EVP_PKEY_set1_RSA(k, x);
- ret = PEM_write_bio_PrivateKey(bp, k, enc, kstr, klen, cb, u);
- EVP_PKEY_free(k);
- return ret;
+ ret = PEM_write_bio_PrivateKey(bp, k, enc, kstr, klen, cb, u);
+ EVP_PKEY_free(k);
+ return ret;
+ } else
+ return PEM_ASN1_write_bio((i2d_of_void *)i2d_RSAPrivateKey,
+ PEM_STRING_RSA, bp, x, enc, kstr, klen, cb,
+ u);
}
# ifndef OPENSSL_NO_FP_API
@@ -211,17 +215,21 @@
unsigned char *kstr, int klen,
pem_password_cb *cb, void *u)
{
- EVP_PKEY *k;
- int ret;
- k = EVP_PKEY_new();
- if (!k)
- return 0;
+ if (FIPS_mode()) {
+ EVP_PKEY *k;
+ int ret;
+ k = EVP_PKEY_new();
+ if (!k)
+ return 0;
- EVP_PKEY_set1_RSA(k, x);
+ EVP_PKEY_set1_RSA(k, x);
- ret = PEM_write_PrivateKey(fp, k, enc, kstr, klen, cb, u);
- EVP_PKEY_free(k);
- return ret;
+ ret = PEM_write_PrivateKey(fp, k, enc, kstr, klen, cb, u);
+ EVP_PKEY_free(k);
+ return ret;
+ } else
+ return PEM_ASN1_write((i2d_of_void *)i2d_RSAPrivateKey,
+ PEM_STRING_RSA, fp, x, enc, kstr, klen, cb, u);
}
# endif
@@ -257,7 +265,7 @@
{
EVP_PKEY *pktmp;
pktmp = PEM_read_bio_PrivateKey(bp, NULL, cb, u);
- return pkey_get_dsa(pktmp, dsa);
+ return pkey_get_dsa(pktmp, dsa); /* will free pktmp */
}
# ifdef OPENSSL_FIPS
@@ -266,16 +274,21 @@
unsigned char *kstr, int klen,
pem_password_cb *cb, void *u)
{
- EVP_PKEY *k;
- int ret;
- k = EVP_PKEY_new();
- if (!k)
- return 0;
- EVP_PKEY_set1_DSA(k, x);
+ if (FIPS_mode()) {
+ EVP_PKEY *k;
+ int ret;
+ k = EVP_PKEY_new();
+ if (!k)
+ return 0;
+ EVP_PKEY_set1_DSA(k, x);
- ret = PEM_write_bio_PrivateKey(bp, k, enc, kstr, klen, cb, u);
- EVP_PKEY_free(k);
- return ret;
+ ret = PEM_write_bio_PrivateKey(bp, k, enc, kstr, klen, cb, u);
+ EVP_PKEY_free(k);
+ return ret;
+ } else
+ return PEM_ASN1_write_bio((i2d_of_void *)i2d_DSAPrivateKey,
+ PEM_STRING_DSA, bp, x, enc, kstr, klen, cb,
+ u);
}
# ifndef OPENSSL_NO_FP_API
@@ -283,15 +296,19 @@
unsigned char *kstr, int klen,
pem_password_cb *cb, void *u)
{
- EVP_PKEY *k;
- int ret;
- k = EVP_PKEY_new();
- if (!k)
- return 0;
- EVP_PKEY_set1_DSA(k, x);
- ret = PEM_write_PrivateKey(fp, k, enc, kstr, klen, cb, u);
- EVP_PKEY_free(k);
- return ret;
+ if (FIPS_mode()) {
+ EVP_PKEY *k;
+ int ret;
+ k = EVP_PKEY_new();
+ if (!k)
+ return 0;
+ EVP_PKEY_set1_DSA(k, x);
+ ret = PEM_write_PrivateKey(fp, k, enc, kstr, klen, cb, u);
+ EVP_PKEY_free(k);
+ return ret;
+ } else
+ return PEM_ASN1_write((i2d_of_void *)i2d_DSAPrivateKey,
+ PEM_STRING_DSA, fp, x, enc, kstr, klen, cb, u);
}
# endif
@@ -306,7 +323,7 @@
{
EVP_PKEY *pktmp;
pktmp = PEM_read_PrivateKey(fp, NULL, cb, u);
- return pkey_get_dsa(pktmp, dsa);
+ return pkey_get_dsa(pktmp, dsa); /* will free pktmp */
}
# endif
@@ -335,7 +352,7 @@
{
EVP_PKEY *pktmp;
pktmp = PEM_read_bio_PrivateKey(bp, NULL, cb, u);
- return pkey_get_eckey(pktmp, key);
+ return pkey_get_eckey(pktmp, key); /* will free pktmp */
}
IMPLEMENT_PEM_rw_const(ECPKParameters, EC_GROUP, PEM_STRING_ECPARAMETERS,
@@ -345,16 +362,21 @@
unsigned char *kstr, int klen,
pem_password_cb *cb, void *u)
{
- EVP_PKEY *k;
- int ret;
- k = EVP_PKEY_new();
- if (!k)
- return 0;
- EVP_PKEY_set1_EC_KEY(k, x);
+ if (FIPS_mode()) {
+ EVP_PKEY *k;
+ int ret;
+ k = EVP_PKEY_new();
+ if (!k)
+ return 0;
+ EVP_PKEY_set1_EC_KEY(k, x);
- ret = PEM_write_bio_PrivateKey(bp, k, enc, kstr, klen, cb, u);
- EVP_PKEY_free(k);
- return ret;
+ ret = PEM_write_bio_PrivateKey(bp, k, enc, kstr, klen, cb, u);
+ EVP_PKEY_free(k);
+ return ret;
+ } else
+ return PEM_ASN1_write_bio((i2d_of_void *)i2d_ECPrivateKey,
+ PEM_STRING_ECPRIVATEKEY,
+ bp, x, enc, kstr, klen, cb, u);
}
# ifndef OPENSSL_NO_FP_API
@@ -362,15 +384,20 @@
unsigned char *kstr, int klen,
pem_password_cb *cb, void *u)
{
- EVP_PKEY *k;
- int ret;
- k = EVP_PKEY_new();
- if (!k)
- return 0;
- EVP_PKEY_set1_EC_KEY(k, x);
- ret = PEM_write_PrivateKey(fp, k, enc, kstr, klen, cb, u);
- EVP_PKEY_free(k);
- return ret;
+ if (FIPS_mode()) {
+ EVP_PKEY *k;
+ int ret;
+ k = EVP_PKEY_new();
+ if (!k)
+ return 0;
+ EVP_PKEY_set1_EC_KEY(k, x);
+ ret = PEM_write_PrivateKey(fp, k, enc, kstr, klen, cb, u);
+ EVP_PKEY_free(k);
+ return ret;
+ } else
+ return PEM_ASN1_write((i2d_of_void *)i2d_ECPrivateKey,
+ PEM_STRING_ECPRIVATEKEY,
+ fp, x, enc, kstr, klen, cb, u);
}
# endif
@@ -385,7 +412,7 @@
{
EVP_PKEY *pktmp;
pktmp = PEM_read_PrivateKey(fp, NULL, cb, u);
- return pkey_get_eckey(pktmp, eckey);
+ return pkey_get_eckey(pktmp, eckey); /* will free pktmp */
}
# endif
@@ -396,64 +423,4 @@
IMPLEMENT_PEM_rw_const(DHparams, DH, PEM_STRING_DHPARAMS, DHparams)
#endif
-/*-
- * The PrivateKey case is not that straightforward.
- * IMPLEMENT_PEM_rw_cb(PrivateKey, EVP_PKEY, PEM_STRING_EVP_PKEY, PrivateKey)
- * does not work, RSA and DSA keys have specific strings.
- * (When reading, parameter PEM_STRING_EVP_PKEY is a wildcard for anything
- * appropriate.)
- */
-#ifdef OPENSSL_FIPS
-static const char *pkey_str(EVP_PKEY *x)
-{
- switch (x->type) {
- case EVP_PKEY_RSA:
- return PEM_STRING_RSA;
-
- case EVP_PKEY_DSA:
- return PEM_STRING_DSA;
-
- case EVP_PKEY_EC:
- return PEM_STRING_ECPRIVATEKEY;
-
- default:
- return NULL;
- }
-}
-
-int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
- unsigned char *kstr, int klen,
- pem_password_cb *cb, void *u)
-{
- if (FIPS_mode())
- return PEM_write_bio_PKCS8PrivateKey(bp, x, enc,
- (char *)kstr, klen, cb, u);
- else
- return PEM_ASN1_write_bio((i2d_of_void *)i2d_PrivateKey,
- pkey_str(x), bp, (char *)x, enc, kstr, klen,
- cb, u);
-}
-
-# ifndef OPENSSL_NO_FP_API
-int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
- unsigned char *kstr, int klen,
- pem_password_cb *cb, void *u)
-{
- if (FIPS_mode())
- return PEM_write_PKCS8PrivateKey(fp, x, enc,
- (char *)kstr, klen, cb, u);
- else
- return PEM_ASN1_write((i2d_of_void *)i2d_PrivateKey,
- pkey_str(x), fp, (char *)x, enc, kstr, klen, cb,
- u);
-}
-# endif
-
-#else
-IMPLEMENT_PEM_write_cb(PrivateKey, EVP_PKEY,
- ((x->type ==
- EVP_PKEY_DSA) ? PEM_STRING_DSA : (x->type ==
- EVP_PKEY_RSA) ?
- PEM_STRING_RSA : PEM_STRING_ECPRIVATEKEY), PrivateKey)
-#endif
IMPLEMENT_PEM_rw(PUBKEY, EVP_PKEY, PEM_STRING_PUBLIC, PUBKEY)
Modified: trunk/crypto/openssl/crypto/pem/pem_err.c
===================================================================
--- trunk/crypto/openssl/crypto/pem/pem_err.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/pem/pem_err.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,6 +1,6 @@
/* crypto/pem/pem_err.c */
/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -70,10 +70,22 @@
# define ERR_REASON(reason) ERR_PACK(ERR_LIB_PEM,0,reason)
static ERR_STRING_DATA PEM_str_functs[] = {
+ {ERR_FUNC(PEM_F_B2I_DSS), "B2I_DSS"},
+ {ERR_FUNC(PEM_F_B2I_PVK_BIO), "b2i_PVK_bio"},
+ {ERR_FUNC(PEM_F_B2I_RSA), "B2I_RSA"},
+ {ERR_FUNC(PEM_F_CHECK_BITLEN_DSA), "CHECK_BITLEN_DSA"},
+ {ERR_FUNC(PEM_F_CHECK_BITLEN_RSA), "CHECK_BITLEN_RSA"},
{ERR_FUNC(PEM_F_D2I_PKCS8PRIVATEKEY_BIO), "d2i_PKCS8PrivateKey_bio"},
{ERR_FUNC(PEM_F_D2I_PKCS8PRIVATEKEY_FP), "d2i_PKCS8PrivateKey_fp"},
+ {ERR_FUNC(PEM_F_DO_B2I), "DO_B2I"},
+ {ERR_FUNC(PEM_F_DO_B2I_BIO), "DO_B2I_BIO"},
+ {ERR_FUNC(PEM_F_DO_BLOB_HEADER), "DO_BLOB_HEADER"},
{ERR_FUNC(PEM_F_DO_PK8PKEY), "DO_PK8PKEY"},
{ERR_FUNC(PEM_F_DO_PK8PKEY_FP), "DO_PK8PKEY_FP"},
+ {ERR_FUNC(PEM_F_DO_PVK_BODY), "DO_PVK_BODY"},
+ {ERR_FUNC(PEM_F_DO_PVK_HEADER), "DO_PVK_HEADER"},
+ {ERR_FUNC(PEM_F_I2B_PVK), "I2B_PVK"},
+ {ERR_FUNC(PEM_F_I2B_PVK_BIO), "i2b_PVK_bio"},
{ERR_FUNC(PEM_F_LOAD_IV), "LOAD_IV"},
{ERR_FUNC(PEM_F_PEM_ASN1_READ), "PEM_ASN1_read"},
{ERR_FUNC(PEM_F_PEM_ASN1_READ_BIO), "PEM_ASN1_read_bio"},
@@ -87,6 +99,7 @@
{ERR_FUNC(PEM_F_PEM_PK8PKEY), "PEM_PK8PKEY"},
{ERR_FUNC(PEM_F_PEM_READ), "PEM_read"},
{ERR_FUNC(PEM_F_PEM_READ_BIO), "PEM_read_bio"},
+ {ERR_FUNC(PEM_F_PEM_READ_BIO_PARAMETERS), "PEM_read_bio_Parameters"},
{ERR_FUNC(PEM_F_PEM_READ_BIO_PRIVATEKEY), "PEM_READ_BIO_PRIVATEKEY"},
{ERR_FUNC(PEM_F_PEM_READ_PRIVATEKEY), "PEM_READ_PRIVATEKEY"},
{ERR_FUNC(PEM_F_PEM_SEALFINAL), "PEM_SealFinal"},
@@ -94,6 +107,7 @@
{ERR_FUNC(PEM_F_PEM_SIGNFINAL), "PEM_SignFinal"},
{ERR_FUNC(PEM_F_PEM_WRITE), "PEM_write"},
{ERR_FUNC(PEM_F_PEM_WRITE_BIO), "PEM_write_bio"},
+ {ERR_FUNC(PEM_F_PEM_WRITE_PRIVATEKEY), "PEM_WRITE_PRIVATEKEY"},
{ERR_FUNC(PEM_F_PEM_X509_INFO_READ), "PEM_X509_INFO_read"},
{ERR_FUNC(PEM_F_PEM_X509_INFO_READ_BIO), "PEM_X509_INFO_read_bio"},
{ERR_FUNC(PEM_F_PEM_X509_INFO_WRITE_BIO), "PEM_X509_INFO_write_bio"},
@@ -105,9 +119,21 @@
{ERR_REASON(PEM_R_BAD_DECRYPT), "bad decrypt"},
{ERR_REASON(PEM_R_BAD_END_LINE), "bad end line"},
{ERR_REASON(PEM_R_BAD_IV_CHARS), "bad iv chars"},
+ {ERR_REASON(PEM_R_BAD_MAGIC_NUMBER), "bad magic number"},
{ERR_REASON(PEM_R_BAD_PASSWORD_READ), "bad password read"},
+ {ERR_REASON(PEM_R_BAD_VERSION_NUMBER), "bad version number"},
+ {ERR_REASON(PEM_R_BIO_WRITE_FAILURE), "bio write failure"},
+ {ERR_REASON(PEM_R_CIPHER_IS_NULL), "cipher is null"},
{ERR_REASON(PEM_R_ERROR_CONVERTING_PRIVATE_KEY),
"error converting private key"},
+ {ERR_REASON(PEM_R_EXPECTING_PRIVATE_KEY_BLOB),
+ "expecting private key blob"},
+ {ERR_REASON(PEM_R_EXPECTING_PUBLIC_KEY_BLOB),
+ "expecting public key blob"},
+ {ERR_REASON(PEM_R_INCONSISTENT_HEADER), "inconsistent header"},
+ {ERR_REASON(PEM_R_KEYBLOB_HEADER_PARSE_ERROR),
+ "keyblob header parse error"},
+ {ERR_REASON(PEM_R_KEYBLOB_TOO_SHORT), "keyblob too short"},
{ERR_REASON(PEM_R_NOT_DEK_INFO), "not dek info"},
{ERR_REASON(PEM_R_NOT_ENCRYPTED), "not encrypted"},
{ERR_REASON(PEM_R_NOT_PROC_TYPE), "not proc type"},
@@ -115,10 +141,14 @@
{ERR_REASON(PEM_R_PROBLEMS_GETTING_PASSWORD),
"problems getting password"},
{ERR_REASON(PEM_R_PUBLIC_KEY_NO_RSA), "public key no rsa"},
+ {ERR_REASON(PEM_R_PVK_DATA_TOO_SHORT), "pvk data too short"},
+ {ERR_REASON(PEM_R_PVK_TOO_SHORT), "pvk too short"},
{ERR_REASON(PEM_R_READ_KEY), "read key"},
{ERR_REASON(PEM_R_SHORT_HEADER), "short header"},
{ERR_REASON(PEM_R_UNSUPPORTED_CIPHER), "unsupported cipher"},
{ERR_REASON(PEM_R_UNSUPPORTED_ENCRYPTION), "unsupported encryption"},
+ {ERR_REASON(PEM_R_UNSUPPORTED_KEY_COMPONENTS),
+ "unsupported key components"},
{0, NULL}
};
Modified: trunk/crypto/openssl/crypto/pem/pem_info.c
===================================================================
--- trunk/crypto/openssl/crypto/pem/pem_info.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/pem/pem_info.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -99,8 +99,8 @@
long len, error = 0;
int ok = 0;
STACK_OF(X509_INFO) *ret = NULL;
- unsigned int i, raw;
- d2i_of_void *d2i;
+ unsigned int i, raw, ptype;
+ d2i_of_void *d2i = 0;
if (sk == NULL) {
if ((ret = sk_X509_INFO_new_null()) == NULL) {
@@ -114,6 +114,7 @@
goto err;
for (;;) {
raw = 0;
+ ptype = 0;
i = PEM_read_bio(bp, &name, &header, &data, &len);
if (i == 0) {
error = ERR_GET_REASON(ERR_peek_last_error());
@@ -171,10 +172,8 @@
xi->enc_len = 0;
xi->x_pkey = X509_PKEY_new();
- if ((xi->x_pkey->dec_pkey = EVP_PKEY_new()) == NULL)
- goto err;
- xi->x_pkey->dec_pkey->type = EVP_PKEY_RSA;
- pp = &(xi->x_pkey->dec_pkey->pkey.rsa);
+ ptype = EVP_PKEY_RSA;
+ pp = &xi->x_pkey->dec_pkey;
if ((int)strlen(header) > 10) /* assume encrypted */
raw = 1;
} else
@@ -194,10 +193,8 @@
xi->enc_len = 0;
xi->x_pkey = X509_PKEY_new();
- if ((xi->x_pkey->dec_pkey = EVP_PKEY_new()) == NULL)
- goto err;
- xi->x_pkey->dec_pkey->type = EVP_PKEY_DSA;
- pp = &xi->x_pkey->dec_pkey->pkey.dsa;
+ ptype = EVP_PKEY_DSA;
+ pp = &xi->x_pkey->dec_pkey;
if ((int)strlen(header) > 10) /* assume encrypted */
raw = 1;
} else
@@ -217,10 +214,8 @@
xi->enc_len = 0;
xi->x_pkey = X509_PKEY_new();
- if ((xi->x_pkey->dec_pkey = EVP_PKEY_new()) == NULL)
- goto err;
- xi->x_pkey->dec_pkey->type = EVP_PKEY_EC;
- pp = &(xi->x_pkey->dec_pkey->pkey.ec);
+ ptype = EVP_PKEY_EC;
+ pp = &xi->x_pkey->dec_pkey;
if ((int)strlen(header) > 10) /* assume encrypted */
raw = 1;
} else
@@ -239,7 +234,12 @@
if (!PEM_do_header(&cipher, data, &len, cb, u))
goto err;
p = data;
- if (d2i(pp, &p, len) == NULL) {
+ if (ptype) {
+ if (!d2i_PrivateKey(ptype, pp, &p, len)) {
+ PEMerr(PEM_F_PEM_X509_INFO_READ_BIO, ERR_R_ASN1_LIB);
+ goto err;
+ }
+ } else if (d2i(pp, &p, len) == NULL) {
PEMerr(PEM_F_PEM_X509_INFO_READ_BIO, ERR_R_ASN1_LIB);
goto err;
}
@@ -324,6 +324,11 @@
*/
if (xi->x_pkey != NULL) {
if ((xi->enc_data != NULL) && (xi->enc_len > 0)) {
+ if (enc == NULL) {
+ PEMerr(PEM_F_PEM_X509_INFO_WRITE_BIO, PEM_R_CIPHER_IS_NULL);
+ goto err;
+ }
+
/* copy from weirdo names into more normal things */
iv = xi->enc_cipher.iv;
data = (unsigned char *)xi->enc_data;
Modified: trunk/crypto/openssl/crypto/pem/pem_lib.c
===================================================================
--- trunk/crypto/openssl/crypto/pem/pem_lib.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/pem/pem_lib.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -57,6 +57,7 @@
*/
#include <stdio.h>
+#include <ctype.h>
#include "cryptlib.h"
#include <openssl/buffer.h>
#include <openssl/objects.h>
@@ -65,9 +66,13 @@
#include <openssl/x509.h>
#include <openssl/pem.h>
#include <openssl/pkcs12.h>
+#include "asn1_locl.h"
#ifndef OPENSSL_NO_DES
# include <openssl/des.h>
#endif
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+#endif
const char PEM_version[] = "PEM" OPENSSL_VERSION_PTEXT;
@@ -75,6 +80,7 @@
static int load_iv(char **fromp, unsigned char *to, int num);
static int check_pem(const char *nm, const char *name);
+int pem_check_suffix(const char *pem_str, const char *suffix);
int PEM_def_callback(char *buf, int num, int w, void *key)
{
@@ -99,7 +105,7 @@
prompt = "Enter PEM pass phrase:";
for (;;) {
- i = EVP_read_pw_string(buf, num, prompt, w);
+ i = EVP_read_pw_string_min(buf, MIN_LENGTH, num, prompt, w);
if (i != 0) {
PEMerr(PEM_F_PEM_DEF_CALLBACK, PEM_R_PROBLEMS_GETTING_PASSWORD);
memset(buf, 0, (unsigned int)num);
@@ -181,22 +187,49 @@
/* Make PEM_STRING_EVP_PKEY match any private key */
- if (!strcmp(nm, PEM_STRING_PKCS8) && !strcmp(name, PEM_STRING_EVP_PKEY))
- return 1;
+ if (!strcmp(name, PEM_STRING_EVP_PKEY)) {
+ int slen;
+ const EVP_PKEY_ASN1_METHOD *ameth;
+ if (!strcmp(nm, PEM_STRING_PKCS8))
+ return 1;
+ if (!strcmp(nm, PEM_STRING_PKCS8INF))
+ return 1;
+ slen = pem_check_suffix(nm, "PRIVATE KEY");
+ if (slen > 0) {
+ /*
+ * NB: ENGINE implementations wont contain a deprecated old
+ * private key decode function so don't look for them.
+ */
+ ameth = EVP_PKEY_asn1_find_str(NULL, nm, slen);
+ if (ameth && ameth->old_priv_decode)
+ return 1;
+ }
+ return 0;
+ }
- if (!strcmp(nm, PEM_STRING_PKCS8INF) &&
- !strcmp(name, PEM_STRING_EVP_PKEY))
- return 1;
+ if (!strcmp(name, PEM_STRING_PARAMETERS)) {
+ int slen;
+ const EVP_PKEY_ASN1_METHOD *ameth;
+ slen = pem_check_suffix(nm, "PARAMETERS");
+ if (slen > 0) {
+ ENGINE *e;
+ ameth = EVP_PKEY_asn1_find_str(&e, nm, slen);
+ if (ameth) {
+ int r;
+ if (ameth->param_decode)
+ r = 1;
+ else
+ r = 0;
+#ifndef OPENSSL_NO_ENGINE
+ if (e)
+ ENGINE_finish(e);
+#endif
+ return r;
+ }
+ }
+ return 0;
+ }
- if (!strcmp(nm, PEM_STRING_RSA) && !strcmp(name, PEM_STRING_EVP_PKEY))
- return 1;
-
- if (!strcmp(nm, PEM_STRING_DSA) && !strcmp(name, PEM_STRING_EVP_PKEY))
- return 1;
-
- if (!strcmp(nm, PEM_STRING_ECPRIVATEKEY) &&
- !strcmp(name, PEM_STRING_EVP_PKEY))
- return 1;
/* Permit older strings */
if (!strcmp(nm, PEM_STRING_X509_OLD) && !strcmp(name, PEM_STRING_X509))
@@ -223,6 +256,14 @@
!strcmp(name, PEM_STRING_PKCS7))
return 1;
+#ifndef OPENSSL_NO_CMS
+ if (!strcmp(nm, PEM_STRING_X509) && !strcmp(name, PEM_STRING_CMS))
+ return 1;
+ /* Allow CMS to be read from PKCS#7 headers */
+ if (!strcmp(nm, PEM_STRING_PKCS7) && !strcmp(name, PEM_STRING_CMS))
+ return 1;
+#endif
+
return 0;
}
@@ -272,7 +313,7 @@
#ifndef OPENSSL_NO_FP_API
int PEM_ASN1_write(i2d_of_void *i2d, const char *name, FILE *fp,
- char *x, const EVP_CIPHER *enc, unsigned char *kstr,
+ void *x, const EVP_CIPHER *enc, unsigned char *kstr,
int klen, pem_password_cb *callback, void *u)
{
BIO *b;
@@ -290,7 +331,7 @@
#endif
int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp,
- char *x, const EVP_CIPHER *enc, unsigned char *kstr,
+ void *x, const EVP_CIPHER *enc, unsigned char *kstr,
int klen, pem_password_cb *callback, void *u)
{
EVP_CIPHER_CTX ctx;
@@ -348,7 +389,8 @@
* The 'iv' is used as the iv and as a salt. It is NOT taken from
* the BytesToKey function
*/
- EVP_BytesToKey(enc, EVP_md5(), iv, kstr, klen, 1, key, NULL);
+ if (!EVP_BytesToKey(enc, EVP_md5(), iv, kstr, klen, 1, key, NULL))
+ goto err;
if (kstr == (unsigned char *)buf)
OPENSSL_cleanse(buf, PEM_BUFSIZE);
@@ -362,12 +404,15 @@
/* k=strlen(buf); */
EVP_CIPHER_CTX_init(&ctx);
- EVP_EncryptInit_ex(&ctx, enc, NULL, key, iv);
- EVP_EncryptUpdate(&ctx, data, &j, data, i);
- EVP_EncryptFinal_ex(&ctx, &(data[j]), &i);
+ ret = 1;
+ if (!EVP_EncryptInit_ex(&ctx, enc, NULL, key, iv)
+ || !EVP_EncryptUpdate(&ctx, data, &j, data, i)
+ || !EVP_EncryptFinal_ex(&ctx, &(data[j]), &i))
+ ret = 0;
EVP_CIPHER_CTX_cleanup(&ctx);
+ if (ret == 0)
+ goto err;
i += j;
- ret = 1;
} else {
ret = 1;
buf[0] = '\0';
@@ -390,7 +435,7 @@
int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen,
pem_password_cb *callback, void *u)
{
- int i, j, o, klen;
+ int i = 0, j, o, klen;
long len;
EVP_CIPHER_CTX ctx;
unsigned char key[EVP_MAX_KEY_LENGTH];
@@ -413,14 +458,17 @@
ebcdic2ascii(buf, buf, klen);
#endif
- EVP_BytesToKey(cipher->cipher, EVP_md5(), &(cipher->iv[0]),
- (unsigned char *)buf, klen, 1, key, NULL);
+ if (!EVP_BytesToKey(cipher->cipher, EVP_md5(), &(cipher->iv[0]),
+ (unsigned char *)buf, klen, 1, key, NULL))
+ return 0;
j = (int)len;
EVP_CIPHER_CTX_init(&ctx);
- EVP_DecryptInit_ex(&ctx, cipher->cipher, NULL, key, &(cipher->iv[0]));
- EVP_DecryptUpdate(&ctx, data, &i, data, j);
- o = EVP_DecryptFinal_ex(&ctx, &(data[i]), &j);
+ o = EVP_DecryptInit_ex(&ctx, cipher->cipher, NULL, key, &(cipher->iv[0]));
+ if (o)
+ o = EVP_DecryptUpdate(&ctx, data, &i, data, j);
+ if (o)
+ o = EVP_DecryptFinal_ex(&ctx, &(data[i]), &j);
EVP_CIPHER_CTX_cleanup(&ctx);
OPENSSL_cleanse((char *)buf, sizeof(buf));
OPENSSL_cleanse((char *)key, sizeof(key));
@@ -788,3 +836,25 @@
BUF_MEM_free(dataB);
return (0);
}
+
+/*
+ * Check pem string and return prefix length. If for example the pem_str ==
+ * "RSA PRIVATE KEY" and suffix = "PRIVATE KEY" the return value is 3 for the
+ * string "RSA".
+ */
+
+int pem_check_suffix(const char *pem_str, const char *suffix)
+{
+ int pem_len = strlen(pem_str);
+ int suffix_len = strlen(suffix);
+ const char *p;
+ if (suffix_len + 1 >= pem_len)
+ return 0;
+ p = pem_str + pem_len - suffix_len;
+ if (strcmp(p, suffix))
+ return 0;
+ p--;
+ if (*p != ' ')
+ return 0;
+ return p - pem_str;
+}
Modified: trunk/crypto/openssl/crypto/pem/pem_pkey.c
===================================================================
--- trunk/crypto/openssl/crypto/pem/pem_pkey.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/pem/pem_pkey.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -65,7 +65,13 @@
#include <openssl/x509.h>
#include <openssl/pkcs12.h>
#include <openssl/pem.h>
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+#endif
+#include "asn1_locl.h"
+int pem_check_suffix(const char *pem_str, const char *suffix);
+
EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb,
void *u)
{
@@ -73,6 +79,7 @@
const unsigned char *p = NULL;
unsigned char *data = NULL;
long len;
+ int slen;
EVP_PKEY *ret = NULL;
if (!PEM_bytes_read_bio(&data, &len, &nm, PEM_STRING_EVP_PKEY, bp, cb, u))
@@ -79,13 +86,7 @@
return NULL;
p = data;
- if (strcmp(nm, PEM_STRING_RSA) == 0)
- ret = d2i_PrivateKey(EVP_PKEY_RSA, x, &p, len);
- else if (strcmp(nm, PEM_STRING_DSA) == 0)
- ret = d2i_PrivateKey(EVP_PKEY_DSA, x, &p, len);
- else if (strcmp(nm, PEM_STRING_ECPRIVATEKEY) == 0)
- ret = d2i_PrivateKey(EVP_PKEY_EC, x, &p, len);
- else if (strcmp(nm, PEM_STRING_PKCS8INF) == 0) {
+ if (strcmp(nm, PEM_STRING_PKCS8INF) == 0) {
PKCS8_PRIV_KEY_INFO *p8inf;
p8inf = d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, len);
if (!p8inf)
@@ -125,6 +126,12 @@
*x = ret;
}
PKCS8_PRIV_KEY_INFO_free(p8inf);
+ } else if ((slen = pem_check_suffix(nm, "PRIVATE KEY")) > 0) {
+ const EVP_PKEY_ASN1_METHOD *ameth;
+ ameth = EVP_PKEY_asn1_find_str(NULL, nm, slen);
+ if (!ameth || !ameth->old_priv_decode)
+ goto p8err;
+ ret = d2i_PrivateKey(ameth->pkey_id, x, &p, len);
}
p8err:
if (ret == NULL)
@@ -136,6 +143,70 @@
return (ret);
}
+int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+ unsigned char *kstr, int klen,
+ pem_password_cb *cb, void *u)
+{
+ char pem_str[80];
+ if (!x->ameth || x->ameth->priv_encode)
+ return PEM_write_bio_PKCS8PrivateKey(bp, x, enc,
+ (char *)kstr, klen, cb, u);
+
+ BIO_snprintf(pem_str, 80, "%s PRIVATE KEY", x->ameth->pem_str);
+ return PEM_ASN1_write_bio((i2d_of_void *)i2d_PrivateKey,
+ pem_str, bp, x, enc, kstr, klen, cb, u);
+}
+
+EVP_PKEY *PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x)
+{
+ char *nm = NULL;
+ const unsigned char *p = NULL;
+ unsigned char *data = NULL;
+ long len;
+ int slen;
+ EVP_PKEY *ret = NULL;
+
+ if (!PEM_bytes_read_bio(&data, &len, &nm, PEM_STRING_PARAMETERS,
+ bp, 0, NULL))
+ return NULL;
+ p = data;
+
+ if ((slen = pem_check_suffix(nm, "PARAMETERS")) > 0) {
+ ret = EVP_PKEY_new();
+ if (!ret)
+ goto err;
+ if (!EVP_PKEY_set_type_str(ret, nm, slen)
+ || !ret->ameth->param_decode
+ || !ret->ameth->param_decode(ret, &p, len)) {
+ EVP_PKEY_free(ret);
+ ret = NULL;
+ goto err;
+ }
+ if (x) {
+ if (*x)
+ EVP_PKEY_free((EVP_PKEY *)*x);
+ *x = ret;
+ }
+ }
+ err:
+ if (ret == NULL)
+ PEMerr(PEM_F_PEM_READ_BIO_PARAMETERS, ERR_R_ASN1_LIB);
+ OPENSSL_free(nm);
+ OPENSSL_free(data);
+ return (ret);
+}
+
+int PEM_write_bio_Parameters(BIO *bp, EVP_PKEY *x)
+{
+ char pem_str[80];
+ if (!x->ameth || !x->ameth->param_encode)
+ return 0;
+
+ BIO_snprintf(pem_str, 80, "%s PARAMETERS", x->ameth->pem_str);
+ return PEM_ASN1_write_bio((i2d_of_void *)x->ameth->param_encode,
+ pem_str, bp, x, NULL, NULL, 0, 0, NULL);
+}
+
#ifndef OPENSSL_NO_FP_API
EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x, pem_password_cb *cb,
void *u)
@@ -152,4 +223,21 @@
BIO_free(b);
return (ret);
}
+
+int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+ unsigned char *kstr, int klen,
+ pem_password_cb *cb, void *u)
+{
+ BIO *b;
+ int ret;
+
+ if ((b = BIO_new_fp(fp, BIO_NOCLOSE)) == NULL) {
+ PEMerr(PEM_F_PEM_WRITE_PRIVATEKEY, ERR_R_BUF_LIB);
+ return 0;
+ }
+ ret = PEM_write_bio_PrivateKey(b, x, enc, kstr, klen, cb, u);
+ BIO_free(b);
+ return ret;
+}
+
#endif
Modified: trunk/crypto/openssl/crypto/pem/pem_seal.c
===================================================================
--- trunk/crypto/openssl/crypto/pem/pem_seal.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/pem/pem_seal.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -94,7 +94,8 @@
EVP_EncodeInit(&ctx->encode);
EVP_MD_CTX_init(&ctx->md);
- EVP_SignInit(&ctx->md, md_type);
+ if (!EVP_SignInit(&ctx->md, md_type))
+ goto err;
EVP_CIPHER_CTX_init(&ctx->cipher);
ret = EVP_SealInit(&ctx->cipher, type, ek, ekl, iv, pubk, npubk);
@@ -161,7 +162,8 @@
goto err;
}
- EVP_EncryptFinal_ex(&ctx->cipher, s, (int *)&i);
+ if (!EVP_EncryptFinal_ex(&ctx->cipher, s, (int *)&i))
+ goto err;
EVP_EncodeUpdate(&ctx->encode, out, &j, s, i);
*outl = j;
out += j;
Modified: trunk/crypto/openssl/crypto/pem/pem_x509.c
===================================================================
--- trunk/crypto/openssl/crypto/pem/pem_x509.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/pem/pem_x509.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -58,7 +58,6 @@
*/
#include <stdio.h>
-#undef SSLEAY_MACROS
#include "cryptlib.h"
#include <openssl/bio.h>
#include <openssl/evp.h>
Modified: trunk/crypto/openssl/crypto/pem/pem_xaux.c
===================================================================
--- trunk/crypto/openssl/crypto/pem/pem_xaux.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/pem/pem_xaux.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -58,7 +58,6 @@
*/
#include <stdio.h>
-#undef SSLEAY_MACROS
#include "cryptlib.h"
#include <openssl/bio.h>
#include <openssl/evp.h>
Copied: trunk/crypto/openssl/crypto/pem/pvkfmt.c (from rev 7117, vendor-crypto/openssl/dist/crypto/pem/pvkfmt.c)
===================================================================
--- trunk/crypto/openssl/crypto/pem/pvkfmt.c (rev 0)
+++ trunk/crypto/openssl/crypto/pem/pvkfmt.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,883 @@
+/*
+ * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+ * 2005.
+ */
+/* ====================================================================
+ * Copyright (c) 2005 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+/*
+ * Support for PVK format keys and related structures (such a PUBLICKEYBLOB
+ * and PRIVATEKEYBLOB).
+ */
+
+#include "cryptlib.h"
+#include <openssl/pem.h>
+#include <openssl/rand.h>
+#include <openssl/bn.h>
+#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DSA)
+# include <openssl/dsa.h>
+# include <openssl/rsa.h>
+
+/*
+ * Utility function: read a DWORD (4 byte unsigned integer) in little endian
+ * format
+ */
+
+static unsigned int read_ledword(const unsigned char **in)
+{
+ const unsigned char *p = *in;
+ unsigned int ret;
+ ret = *p++;
+ ret |= (*p++ << 8);
+ ret |= (*p++ << 16);
+ ret |= (*p++ << 24);
+ *in = p;
+ return ret;
+}
+
+/*
+ * Read a BIGNUM in little endian format. The docs say that this should take
+ * up bitlen/8 bytes.
+ */
+
+static int read_lebn(const unsigned char **in, unsigned int nbyte, BIGNUM **r)
+{
+ const unsigned char *p;
+ unsigned char *tmpbuf, *q;
+ unsigned int i;
+ p = *in + nbyte - 1;
+ tmpbuf = OPENSSL_malloc(nbyte);
+ if (!tmpbuf)
+ return 0;
+ q = tmpbuf;
+ for (i = 0; i < nbyte; i++)
+ *q++ = *p--;
+ *r = BN_bin2bn(tmpbuf, nbyte, NULL);
+ OPENSSL_free(tmpbuf);
+ if (*r) {
+ *in += nbyte;
+ return 1;
+ } else
+ return 0;
+}
+
+/* Convert private key blob to EVP_PKEY: RSA and DSA keys supported */
+
+# define MS_PUBLICKEYBLOB 0x6
+# define MS_PRIVATEKEYBLOB 0x7
+# define MS_RSA1MAGIC 0x31415352L
+# define MS_RSA2MAGIC 0x32415352L
+# define MS_DSS1MAGIC 0x31535344L
+# define MS_DSS2MAGIC 0x32535344L
+
+# define MS_KEYALG_RSA_KEYX 0xa400
+# define MS_KEYALG_DSS_SIGN 0x2200
+
+# define MS_KEYTYPE_KEYX 0x1
+# define MS_KEYTYPE_SIGN 0x2
+
+/* The PVK file magic number: seems to spell out "bobsfile", who is Bob? */
+# define MS_PVKMAGIC 0xb0b5f11eL
+/* Salt length for PVK files */
+# define PVK_SALTLEN 0x10
+
+static EVP_PKEY *b2i_rsa(const unsigned char **in, unsigned int length,
+ unsigned int bitlen, int ispub);
+static EVP_PKEY *b2i_dss(const unsigned char **in, unsigned int length,
+ unsigned int bitlen, int ispub);
+
+static int do_blob_header(const unsigned char **in, unsigned int length,
+ unsigned int *pmagic, unsigned int *pbitlen,
+ int *pisdss, int *pispub)
+{
+ const unsigned char *p = *in;
+ if (length < 16)
+ return 0;
+ /* bType */
+ if (*p == MS_PUBLICKEYBLOB) {
+ if (*pispub == 0) {
+ PEMerr(PEM_F_DO_BLOB_HEADER, PEM_R_EXPECTING_PRIVATE_KEY_BLOB);
+ return 0;
+ }
+ *pispub = 1;
+ } else if (*p == MS_PRIVATEKEYBLOB) {
+ if (*pispub == 1) {
+ PEMerr(PEM_F_DO_BLOB_HEADER, PEM_R_EXPECTING_PUBLIC_KEY_BLOB);
+ return 0;
+ }
+ *pispub = 0;
+ } else
+ return 0;
+ p++;
+ /* Version */
+ if (*p++ != 0x2) {
+ PEMerr(PEM_F_DO_BLOB_HEADER, PEM_R_BAD_VERSION_NUMBER);
+ return 0;
+ }
+ /* Ignore reserved, aiKeyAlg */
+ p += 6;
+ *pmagic = read_ledword(&p);
+ *pbitlen = read_ledword(&p);
+ *pisdss = 0;
+ switch (*pmagic) {
+
+ case MS_DSS1MAGIC:
+ *pisdss = 1;
+ case MS_RSA1MAGIC:
+ if (*pispub == 0) {
+ PEMerr(PEM_F_DO_BLOB_HEADER, PEM_R_EXPECTING_PRIVATE_KEY_BLOB);
+ return 0;
+ }
+ break;
+
+ case MS_DSS2MAGIC:
+ *pisdss = 1;
+ case MS_RSA2MAGIC:
+ if (*pispub == 1) {
+ PEMerr(PEM_F_DO_BLOB_HEADER, PEM_R_EXPECTING_PUBLIC_KEY_BLOB);
+ return 0;
+ }
+ break;
+
+ default:
+ PEMerr(PEM_F_DO_BLOB_HEADER, PEM_R_BAD_MAGIC_NUMBER);
+ return -1;
+ }
+ *in = p;
+ return 1;
+}
+
+static unsigned int blob_length(unsigned bitlen, int isdss, int ispub)
+{
+ unsigned int nbyte, hnbyte;
+ nbyte = (bitlen + 7) >> 3;
+ hnbyte = (bitlen + 15) >> 4;
+ if (isdss) {
+
+ /*
+ * Expected length: 20 for q + 3 components bitlen each + 24 for seed
+ * structure.
+ */
+ if (ispub)
+ return 44 + 3 * nbyte;
+ /*
+ * Expected length: 20 for q, priv, 2 bitlen components + 24 for seed
+ * structure.
+ */
+ else
+ return 64 + 2 * nbyte;
+ } else {
+ /* Expected length: 4 for 'e' + 'n' */
+ if (ispub)
+ return 4 + nbyte;
+ else
+ /*
+ * Expected length: 4 for 'e' and 7 other components. 2
+ * components are bitlen size, 5 are bitlen/2
+ */
+ return 4 + 2 * nbyte + 5 * hnbyte;
+ }
+
+}
+
+static EVP_PKEY *do_b2i(const unsigned char **in, unsigned int length,
+ int ispub)
+{
+ const unsigned char *p = *in;
+ unsigned int bitlen, magic;
+ int isdss;
+ if (do_blob_header(&p, length, &magic, &bitlen, &isdss, &ispub) <= 0) {
+ PEMerr(PEM_F_DO_B2I, PEM_R_KEYBLOB_HEADER_PARSE_ERROR);
+ return NULL;
+ }
+ length -= 16;
+ if (length < blob_length(bitlen, isdss, ispub)) {
+ PEMerr(PEM_F_DO_B2I, PEM_R_KEYBLOB_TOO_SHORT);
+ return NULL;
+ }
+ if (isdss)
+ return b2i_dss(&p, length, bitlen, ispub);
+ else
+ return b2i_rsa(&p, length, bitlen, ispub);
+}
+
+static EVP_PKEY *do_b2i_bio(BIO *in, int ispub)
+{
+ const unsigned char *p;
+ unsigned char hdr_buf[16], *buf = NULL;
+ unsigned int bitlen, magic, length;
+ int isdss;
+ EVP_PKEY *ret = NULL;
+ if (BIO_read(in, hdr_buf, 16) != 16) {
+ PEMerr(PEM_F_DO_B2I_BIO, PEM_R_KEYBLOB_TOO_SHORT);
+ return NULL;
+ }
+ p = hdr_buf;
+ if (do_blob_header(&p, 16, &magic, &bitlen, &isdss, &ispub) <= 0)
+ return NULL;
+
+ length = blob_length(bitlen, isdss, ispub);
+ buf = OPENSSL_malloc(length);
+ if (!buf) {
+ PEMerr(PEM_F_DO_B2I_BIO, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ p = buf;
+ if (BIO_read(in, buf, length) != (int)length) {
+ PEMerr(PEM_F_DO_B2I_BIO, PEM_R_KEYBLOB_TOO_SHORT);
+ goto err;
+ }
+
+ if (isdss)
+ ret = b2i_dss(&p, length, bitlen, ispub);
+ else
+ ret = b2i_rsa(&p, length, bitlen, ispub);
+
+ err:
+ if (buf)
+ OPENSSL_free(buf);
+ return ret;
+}
+
+static EVP_PKEY *b2i_dss(const unsigned char **in, unsigned int length,
+ unsigned int bitlen, int ispub)
+{
+ const unsigned char *p = *in;
+ EVP_PKEY *ret = NULL;
+ DSA *dsa = NULL;
+ BN_CTX *ctx = NULL;
+ unsigned int nbyte;
+ nbyte = (bitlen + 7) >> 3;
+
+ dsa = DSA_new();
+ ret = EVP_PKEY_new();
+ if (!dsa || !ret)
+ goto memerr;
+ if (!read_lebn(&p, nbyte, &dsa->p))
+ goto memerr;
+ if (!read_lebn(&p, 20, &dsa->q))
+ goto memerr;
+ if (!read_lebn(&p, nbyte, &dsa->g))
+ goto memerr;
+ if (ispub) {
+ if (!read_lebn(&p, nbyte, &dsa->pub_key))
+ goto memerr;
+ } else {
+ if (!read_lebn(&p, 20, &dsa->priv_key))
+ goto memerr;
+ /* Calculate public key */
+ if (!(dsa->pub_key = BN_new()))
+ goto memerr;
+ if (!(ctx = BN_CTX_new()))
+ goto memerr;
+
+ if (!BN_mod_exp(dsa->pub_key, dsa->g, dsa->priv_key, dsa->p, ctx))
+
+ goto memerr;
+ BN_CTX_free(ctx);
+ }
+
+ EVP_PKEY_set1_DSA(ret, dsa);
+ DSA_free(dsa);
+ *in = p;
+ return ret;
+
+ memerr:
+ PEMerr(PEM_F_B2I_DSS, ERR_R_MALLOC_FAILURE);
+ if (dsa)
+ DSA_free(dsa);
+ if (ret)
+ EVP_PKEY_free(ret);
+ if (ctx)
+ BN_CTX_free(ctx);
+ return NULL;
+}
+
+static EVP_PKEY *b2i_rsa(const unsigned char **in, unsigned int length,
+ unsigned int bitlen, int ispub)
+{
+ const unsigned char *p = *in;
+ EVP_PKEY *ret = NULL;
+ RSA *rsa = NULL;
+ unsigned int nbyte, hnbyte;
+ nbyte = (bitlen + 7) >> 3;
+ hnbyte = (bitlen + 15) >> 4;
+ rsa = RSA_new();
+ ret = EVP_PKEY_new();
+ if (!rsa || !ret)
+ goto memerr;
+ rsa->e = BN_new();
+ if (!rsa->e)
+ goto memerr;
+ if (!BN_set_word(rsa->e, read_ledword(&p)))
+ goto memerr;
+ if (!read_lebn(&p, nbyte, &rsa->n))
+ goto memerr;
+ if (!ispub) {
+ if (!read_lebn(&p, hnbyte, &rsa->p))
+ goto memerr;
+ if (!read_lebn(&p, hnbyte, &rsa->q))
+ goto memerr;
+ if (!read_lebn(&p, hnbyte, &rsa->dmp1))
+ goto memerr;
+ if (!read_lebn(&p, hnbyte, &rsa->dmq1))
+ goto memerr;
+ if (!read_lebn(&p, hnbyte, &rsa->iqmp))
+ goto memerr;
+ if (!read_lebn(&p, nbyte, &rsa->d))
+ goto memerr;
+ }
+
+ EVP_PKEY_set1_RSA(ret, rsa);
+ RSA_free(rsa);
+ *in = p;
+ return ret;
+ memerr:
+ PEMerr(PEM_F_B2I_RSA, ERR_R_MALLOC_FAILURE);
+ if (rsa)
+ RSA_free(rsa);
+ if (ret)
+ EVP_PKEY_free(ret);
+ return NULL;
+}
+
+EVP_PKEY *b2i_PrivateKey(const unsigned char **in, long length)
+{
+ return do_b2i(in, length, 0);
+}
+
+EVP_PKEY *b2i_PublicKey(const unsigned char **in, long length)
+{
+ return do_b2i(in, length, 1);
+}
+
+EVP_PKEY *b2i_PrivateKey_bio(BIO *in)
+{
+ return do_b2i_bio(in, 0);
+}
+
+EVP_PKEY *b2i_PublicKey_bio(BIO *in)
+{
+ return do_b2i_bio(in, 1);
+}
+
+static void write_ledword(unsigned char **out, unsigned int dw)
+{
+ unsigned char *p = *out;
+ *p++ = dw & 0xff;
+ *p++ = (dw >> 8) & 0xff;
+ *p++ = (dw >> 16) & 0xff;
+ *p++ = (dw >> 24) & 0xff;
+ *out = p;
+}
+
+static void write_lebn(unsigned char **out, const BIGNUM *bn, int len)
+{
+ int nb, i;
+ unsigned char *p = *out, *q, c;
+ nb = BN_num_bytes(bn);
+ BN_bn2bin(bn, p);
+ q = p + nb - 1;
+ /* In place byte order reversal */
+ for (i = 0; i < nb / 2; i++) {
+ c = *p;
+ *p++ = *q;
+ *q-- = c;
+ }
+ *out += nb;
+ /* Pad with zeroes if we have to */
+ if (len > 0) {
+ len -= nb;
+ if (len > 0) {
+ memset(*out, 0, len);
+ *out += len;
+ }
+ }
+}
+
+static int check_bitlen_rsa(RSA *rsa, int ispub, unsigned int *magic);
+static int check_bitlen_dsa(DSA *dsa, int ispub, unsigned int *magic);
+
+static void write_rsa(unsigned char **out, RSA *rsa, int ispub);
+static void write_dsa(unsigned char **out, DSA *dsa, int ispub);
+
+static int do_i2b(unsigned char **out, EVP_PKEY *pk, int ispub)
+{
+ unsigned char *p;
+ unsigned int bitlen, magic = 0, keyalg;
+ int outlen, noinc = 0;
+ if (pk->type == EVP_PKEY_DSA) {
+ bitlen = check_bitlen_dsa(pk->pkey.dsa, ispub, &magic);
+ keyalg = MS_KEYALG_DSS_SIGN;
+ } else if (pk->type == EVP_PKEY_RSA) {
+ bitlen = check_bitlen_rsa(pk->pkey.rsa, ispub, &magic);
+ keyalg = MS_KEYALG_RSA_KEYX;
+ } else
+ return -1;
+ if (bitlen == 0)
+ return -1;
+ outlen = 16 + blob_length(bitlen,
+ keyalg == MS_KEYALG_DSS_SIGN ? 1 : 0, ispub);
+ if (out == NULL)
+ return outlen;
+ if (*out)
+ p = *out;
+ else {
+ p = OPENSSL_malloc(outlen);
+ if (!p)
+ return -1;
+ *out = p;
+ noinc = 1;
+ }
+ if (ispub)
+ *p++ = MS_PUBLICKEYBLOB;
+ else
+ *p++ = MS_PRIVATEKEYBLOB;
+ *p++ = 0x2;
+ *p++ = 0;
+ *p++ = 0;
+ write_ledword(&p, keyalg);
+ write_ledword(&p, magic);
+ write_ledword(&p, bitlen);
+ if (keyalg == MS_KEYALG_DSS_SIGN)
+ write_dsa(&p, pk->pkey.dsa, ispub);
+ else
+ write_rsa(&p, pk->pkey.rsa, ispub);
+ if (!noinc)
+ *out += outlen;
+ return outlen;
+}
+
+static int do_i2b_bio(BIO *out, EVP_PKEY *pk, int ispub)
+{
+ unsigned char *tmp = NULL;
+ int outlen, wrlen;
+ outlen = do_i2b(&tmp, pk, ispub);
+ if (outlen < 0)
+ return -1;
+ wrlen = BIO_write(out, tmp, outlen);
+ OPENSSL_free(tmp);
+ if (wrlen == outlen)
+ return outlen;
+ return -1;
+}
+
+static int check_bitlen_dsa(DSA *dsa, int ispub, unsigned int *pmagic)
+{
+ int bitlen;
+ bitlen = BN_num_bits(dsa->p);
+ if ((bitlen & 7) || (BN_num_bits(dsa->q) != 160)
+ || (BN_num_bits(dsa->g) > bitlen))
+ goto badkey;
+ if (ispub) {
+ if (BN_num_bits(dsa->pub_key) > bitlen)
+ goto badkey;
+ *pmagic = MS_DSS1MAGIC;
+ } else {
+ if (BN_num_bits(dsa->priv_key) > 160)
+ goto badkey;
+ *pmagic = MS_DSS2MAGIC;
+ }
+
+ return bitlen;
+ badkey:
+ PEMerr(PEM_F_CHECK_BITLEN_DSA, PEM_R_UNSUPPORTED_KEY_COMPONENTS);
+ return 0;
+}
+
+static int check_bitlen_rsa(RSA *rsa, int ispub, unsigned int *pmagic)
+{
+ int nbyte, hnbyte, bitlen;
+ if (BN_num_bits(rsa->e) > 32)
+ goto badkey;
+ bitlen = BN_num_bits(rsa->n);
+ nbyte = BN_num_bytes(rsa->n);
+ hnbyte = (BN_num_bits(rsa->n) + 15) >> 4;
+ if (ispub) {
+ *pmagic = MS_RSA1MAGIC;
+ return bitlen;
+ } else {
+ *pmagic = MS_RSA2MAGIC;
+ /*
+ * For private key each component must fit within nbyte or hnbyte.
+ */
+ if (BN_num_bytes(rsa->d) > nbyte)
+ goto badkey;
+ if ((BN_num_bytes(rsa->iqmp) > hnbyte)
+ || (BN_num_bytes(rsa->p) > hnbyte)
+ || (BN_num_bytes(rsa->q) > hnbyte)
+ || (BN_num_bytes(rsa->dmp1) > hnbyte)
+ || (BN_num_bytes(rsa->dmq1) > hnbyte))
+ goto badkey;
+ }
+ return bitlen;
+ badkey:
+ PEMerr(PEM_F_CHECK_BITLEN_RSA, PEM_R_UNSUPPORTED_KEY_COMPONENTS);
+ return 0;
+}
+
+static void write_rsa(unsigned char **out, RSA *rsa, int ispub)
+{
+ int nbyte, hnbyte;
+ nbyte = BN_num_bytes(rsa->n);
+ hnbyte = (BN_num_bits(rsa->n) + 15) >> 4;
+ write_lebn(out, rsa->e, 4);
+ write_lebn(out, rsa->n, -1);
+ if (ispub)
+ return;
+ write_lebn(out, rsa->p, hnbyte);
+ write_lebn(out, rsa->q, hnbyte);
+ write_lebn(out, rsa->dmp1, hnbyte);
+ write_lebn(out, rsa->dmq1, hnbyte);
+ write_lebn(out, rsa->iqmp, hnbyte);
+ write_lebn(out, rsa->d, nbyte);
+}
+
+static void write_dsa(unsigned char **out, DSA *dsa, int ispub)
+{
+ int nbyte;
+ nbyte = BN_num_bytes(dsa->p);
+ write_lebn(out, dsa->p, nbyte);
+ write_lebn(out, dsa->q, 20);
+ write_lebn(out, dsa->g, nbyte);
+ if (ispub)
+ write_lebn(out, dsa->pub_key, nbyte);
+ else
+ write_lebn(out, dsa->priv_key, 20);
+ /* Set "invalid" for seed structure values */
+ memset(*out, 0xff, 24);
+ *out += 24;
+ return;
+}
+
+int i2b_PrivateKey_bio(BIO *out, EVP_PKEY *pk)
+{
+ return do_i2b_bio(out, pk, 0);
+}
+
+int i2b_PublicKey_bio(BIO *out, EVP_PKEY *pk)
+{
+ return do_i2b_bio(out, pk, 1);
+}
+
+# ifndef OPENSSL_NO_RC4
+
+static int do_PVK_header(const unsigned char **in, unsigned int length,
+ int skip_magic,
+ unsigned int *psaltlen, unsigned int *pkeylen)
+{
+ const unsigned char *p = *in;
+ unsigned int pvk_magic, is_encrypted;
+ if (skip_magic) {
+ if (length < 20) {
+ PEMerr(PEM_F_DO_PVK_HEADER, PEM_R_PVK_TOO_SHORT);
+ return 0;
+ }
+ length -= 20;
+ } else {
+ if (length < 24) {
+ PEMerr(PEM_F_DO_PVK_HEADER, PEM_R_PVK_TOO_SHORT);
+ return 0;
+ }
+ length -= 24;
+ pvk_magic = read_ledword(&p);
+ if (pvk_magic != MS_PVKMAGIC) {
+ PEMerr(PEM_F_DO_PVK_HEADER, PEM_R_BAD_MAGIC_NUMBER);
+ return 0;
+ }
+ }
+ /* Skip reserved */
+ p += 4;
+ /*
+ * keytype =
+ */ read_ledword(&p);
+ is_encrypted = read_ledword(&p);
+ *psaltlen = read_ledword(&p);
+ *pkeylen = read_ledword(&p);
+
+ if (is_encrypted && !*psaltlen) {
+ PEMerr(PEM_F_DO_PVK_HEADER, PEM_R_INCONSISTENT_HEADER);
+ return 0;
+ }
+
+ *in = p;
+ return 1;
+}
+
+static int derive_pvk_key(unsigned char *key,
+ const unsigned char *salt, unsigned int saltlen,
+ const unsigned char *pass, int passlen)
+{
+ EVP_MD_CTX mctx;
+ int rv = 1;
+ EVP_MD_CTX_init(&mctx);
+ if (!EVP_DigestInit_ex(&mctx, EVP_sha1(), NULL)
+ || !EVP_DigestUpdate(&mctx, salt, saltlen)
+ || !EVP_DigestUpdate(&mctx, pass, passlen)
+ || !EVP_DigestFinal_ex(&mctx, key, NULL))
+ rv = 0;
+
+ EVP_MD_CTX_cleanup(&mctx);
+ return rv;
+}
+
+static EVP_PKEY *do_PVK_body(const unsigned char **in,
+ unsigned int saltlen, unsigned int keylen,
+ pem_password_cb *cb, void *u)
+{
+ EVP_PKEY *ret = NULL;
+ const unsigned char *p = *in;
+ unsigned int magic;
+ unsigned char *enctmp = NULL, *q;
+ EVP_CIPHER_CTX cctx;
+ EVP_CIPHER_CTX_init(&cctx);
+ if (saltlen) {
+ char psbuf[PEM_BUFSIZE];
+ unsigned char keybuf[20];
+ int enctmplen, inlen;
+ if (cb)
+ inlen = cb(psbuf, PEM_BUFSIZE, 0, u);
+ else
+ inlen = PEM_def_callback(psbuf, PEM_BUFSIZE, 0, u);
+ if (inlen <= 0) {
+ PEMerr(PEM_F_DO_PVK_BODY, PEM_R_BAD_PASSWORD_READ);
+ return NULL;
+ }
+ enctmp = OPENSSL_malloc(keylen + 8);
+ if (!enctmp) {
+ PEMerr(PEM_F_DO_PVK_BODY, ERR_R_MALLOC_FAILURE);
+ return NULL;
+ }
+ if (!derive_pvk_key(keybuf, p, saltlen,
+ (unsigned char *)psbuf, inlen))
+ return NULL;
+ p += saltlen;
+ /* Copy BLOBHEADER across, decrypt rest */
+ memcpy(enctmp, p, 8);
+ p += 8;
+ if (keylen < 8) {
+ PEMerr(PEM_F_DO_PVK_BODY, PEM_R_PVK_TOO_SHORT);
+ return NULL;
+ }
+ inlen = keylen - 8;
+ q = enctmp + 8;
+ if (!EVP_DecryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf, NULL))
+ goto err;
+ if (!EVP_DecryptUpdate(&cctx, q, &enctmplen, p, inlen))
+ goto err;
+ if (!EVP_DecryptFinal_ex(&cctx, q + enctmplen, &enctmplen))
+ goto err;
+ magic = read_ledword((const unsigned char **)&q);
+ if (magic != MS_RSA2MAGIC && magic != MS_DSS2MAGIC) {
+ q = enctmp + 8;
+ memset(keybuf + 5, 0, 11);
+ if (!EVP_DecryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf, NULL))
+ goto err;
+ OPENSSL_cleanse(keybuf, 20);
+ if (!EVP_DecryptUpdate(&cctx, q, &enctmplen, p, inlen))
+ goto err;
+ if (!EVP_DecryptFinal_ex(&cctx, q + enctmplen, &enctmplen))
+ goto err;
+ magic = read_ledword((const unsigned char **)&q);
+ if (magic != MS_RSA2MAGIC && magic != MS_DSS2MAGIC) {
+ PEMerr(PEM_F_DO_PVK_BODY, PEM_R_BAD_DECRYPT);
+ goto err;
+ }
+ } else
+ OPENSSL_cleanse(keybuf, 20);
+ p = enctmp;
+ }
+
+ ret = b2i_PrivateKey(&p, keylen);
+ err:
+ EVP_CIPHER_CTX_cleanup(&cctx);
+ if (enctmp && saltlen)
+ OPENSSL_free(enctmp);
+ return ret;
+}
+
+EVP_PKEY *b2i_PVK_bio(BIO *in, pem_password_cb *cb, void *u)
+{
+ unsigned char pvk_hdr[24], *buf = NULL;
+ const unsigned char *p;
+ int buflen;
+ EVP_PKEY *ret = NULL;
+ unsigned int saltlen, keylen;
+ if (BIO_read(in, pvk_hdr, 24) != 24) {
+ PEMerr(PEM_F_B2I_PVK_BIO, PEM_R_PVK_DATA_TOO_SHORT);
+ return NULL;
+ }
+ p = pvk_hdr;
+
+ if (!do_PVK_header(&p, 24, 0, &saltlen, &keylen))
+ return 0;
+ buflen = (int)keylen + saltlen;
+ buf = OPENSSL_malloc(buflen);
+ if (!buf) {
+ PEMerr(PEM_F_B2I_PVK_BIO, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+ p = buf;
+ if (BIO_read(in, buf, buflen) != buflen) {
+ PEMerr(PEM_F_B2I_PVK_BIO, PEM_R_PVK_DATA_TOO_SHORT);
+ goto err;
+ }
+ ret = do_PVK_body(&p, saltlen, keylen, cb, u);
+
+ err:
+ if (buf) {
+ OPENSSL_cleanse(buf, buflen);
+ OPENSSL_free(buf);
+ }
+ return ret;
+}
+
+static int i2b_PVK(unsigned char **out, EVP_PKEY *pk, int enclevel,
+ pem_password_cb *cb, void *u)
+{
+ int outlen = 24, pklen;
+ unsigned char *p, *salt = NULL;
+ EVP_CIPHER_CTX cctx;
+ EVP_CIPHER_CTX_init(&cctx);
+ if (enclevel)
+ outlen += PVK_SALTLEN;
+ pklen = do_i2b(NULL, pk, 0);
+ if (pklen < 0)
+ return -1;
+ outlen += pklen;
+ if (!out)
+ return outlen;
+ if (*out)
+ p = *out;
+ else {
+ p = OPENSSL_malloc(outlen);
+ if (!p) {
+ PEMerr(PEM_F_I2B_PVK, ERR_R_MALLOC_FAILURE);
+ return -1;
+ }
+ *out = p;
+ }
+
+ write_ledword(&p, MS_PVKMAGIC);
+ write_ledword(&p, 0);
+ if (pk->type == EVP_PKEY_DSA)
+ write_ledword(&p, MS_KEYTYPE_SIGN);
+ else
+ write_ledword(&p, MS_KEYTYPE_KEYX);
+ write_ledword(&p, enclevel ? 1 : 0);
+ write_ledword(&p, enclevel ? PVK_SALTLEN : 0);
+ write_ledword(&p, pklen);
+ if (enclevel) {
+ if (RAND_bytes(p, PVK_SALTLEN) <= 0)
+ goto error;
+ salt = p;
+ p += PVK_SALTLEN;
+ }
+ do_i2b(&p, pk, 0);
+ if (enclevel == 0)
+ return outlen;
+ else {
+ char psbuf[PEM_BUFSIZE];
+ unsigned char keybuf[20];
+ int enctmplen, inlen;
+ if (cb)
+ inlen = cb(psbuf, PEM_BUFSIZE, 1, u);
+ else
+ inlen = PEM_def_callback(psbuf, PEM_BUFSIZE, 1, u);
+ if (inlen <= 0) {
+ PEMerr(PEM_F_I2B_PVK, PEM_R_BAD_PASSWORD_READ);
+ goto error;
+ }
+ if (!derive_pvk_key(keybuf, salt, PVK_SALTLEN,
+ (unsigned char *)psbuf, inlen))
+ goto error;
+ if (enclevel == 1)
+ memset(keybuf + 5, 0, 11);
+ p = salt + PVK_SALTLEN + 8;
+ if (!EVP_EncryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf, NULL))
+ goto error;
+ OPENSSL_cleanse(keybuf, 20);
+ if (!EVP_DecryptUpdate(&cctx, p, &enctmplen, p, pklen - 8))
+ goto error;
+ if (!EVP_DecryptFinal_ex(&cctx, p + enctmplen, &enctmplen))
+ goto error;
+ }
+ EVP_CIPHER_CTX_cleanup(&cctx);
+ return outlen;
+
+ error:
+ EVP_CIPHER_CTX_cleanup(&cctx);
+ return -1;
+}
+
+int i2b_PVK_bio(BIO *out, EVP_PKEY *pk, int enclevel,
+ pem_password_cb *cb, void *u)
+{
+ unsigned char *tmp = NULL;
+ int outlen, wrlen;
+ outlen = i2b_PVK(&tmp, pk, enclevel, cb, u);
+ if (outlen < 0)
+ return -1;
+ wrlen = BIO_write(out, tmp, outlen);
+ OPENSSL_free(tmp);
+ if (wrlen == outlen) {
+ PEMerr(PEM_F_I2B_PVK_BIO, PEM_R_BIO_WRITE_FAILURE);
+ return outlen;
+ }
+ return -1;
+}
+
+# endif
+
+#endif
Modified: trunk/crypto/openssl/crypto/perlasm/cbc.pl
===================================================================
--- trunk/crypto/openssl/crypto/perlasm/cbc.pl 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/perlasm/cbc.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -150,7 +150,7 @@
&set_label("PIC_point");
&blindpop("edx");
&lea("ecx",&DWP(&label("cbc_enc_jmp_table")."-".&label("PIC_point"),"edx"));
- &mov($count,&DWP(0,"ecx",$count,4))
+ &mov($count,&DWP(0,"ecx",$count,4));
&add($count,"edx");
&xor("ecx","ecx");
&xor("edx","edx");
Copied: trunk/crypto/openssl/crypto/perlasm/ppc-xlate.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/perlasm/ppc-xlate.pl)
===================================================================
--- trunk/crypto/openssl/crypto/perlasm/ppc-xlate.pl (rev 0)
+++ trunk/crypto/openssl/crypto/perlasm/ppc-xlate.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,159 @@
+#!/usr/bin/env perl
+
+# PowerPC assembler distiller by <appro>.
+
+my $flavour = shift;
+my $output = shift;
+open STDOUT,">$output" || die "can't open $output: $!";
+
+my %GLOBALS;
+my $dotinlocallabels=($flavour=~/linux/)?1:0;
+
+################################################################
+# directives which need special treatment on different platforms
+################################################################
+my $globl = sub {
+ my $junk = shift;
+ my $name = shift;
+ my $global = \$GLOBALS{$name};
+ my $ret;
+
+ $name =~ s|^[\.\_]||;
+
+ SWITCH: for ($flavour) {
+ /aix/ && do { $name = ".$name";
+ last;
+ };
+ /osx/ && do { $name = "_$name";
+ last;
+ };
+ /linux.*32/ && do { $ret .= ".globl $name\n";
+ $ret .= ".type $name,\@function";
+ last;
+ };
+ /linux.*64/ && do { $ret .= ".globl $name\n";
+ $ret .= ".type $name,\@function\n";
+ $ret .= ".section \".opd\",\"aw\"\n";
+ $ret .= ".align 3\n";
+ $ret .= "$name:\n";
+ $ret .= ".quad .$name,.TOC.\@tocbase,0\n";
+ $ret .= ".size $name,24\n";
+ $ret .= ".previous\n";
+
+ $name = ".$name";
+ last;
+ };
+ }
+
+ $ret = ".globl $name" if (!$ret);
+ $$global = $name;
+ $ret;
+};
+my $text = sub {
+ ($flavour =~ /aix/) ? ".csect" : ".text";
+};
+my $machine = sub {
+ my $junk = shift;
+ my $arch = shift;
+ if ($flavour =~ /osx/)
+ { $arch =~ s/\"//g;
+ $arch = ($flavour=~/64/) ? "ppc970-64" : "ppc970" if ($arch eq "any");
+ }
+ ".machine $arch";
+};
+my $size = sub {
+ if ($flavour =~ /linux.*32/)
+ { shift;
+ ".size " . join(",", at _);
+ }
+ else
+ { ""; }
+};
+my $asciz = sub {
+ shift;
+ my $line = join(",", at _);
+ if ($line =~ /^"(.*)"$/)
+ { ".byte " . join(",",unpack("C*",$1),0) . "\n.align 2"; }
+ else
+ { ""; }
+};
+
+################################################################
+# simplified mnemonics not handled by at least one assembler
+################################################################
+my $cmplw = sub {
+ my $f = shift;
+ my $cr = 0; $cr = shift if ($#_>1);
+ # Some out-of-date 32-bit GNU assembler just can't handle cmplw...
+ ($flavour =~ /linux.*32/) ?
+ " .long ".sprintf "0x%x",31<<26|$cr<<23|$_[0]<<16|$_[1]<<11|64 :
+ " cmplw ".join(',',$cr, at _);
+};
+my $bdnz = sub {
+ my $f = shift;
+ my $bo = $f=~/[\+\-]/ ? 16+9 : 16; # optional "to be taken" hint
+ " bc $bo,0,".shift;
+} if ($flavour!~/linux/);
+my $bltlr = sub {
+ my $f = shift;
+ my $bo = $f=~/\-/ ? 12+2 : 12; # optional "not to be taken" hint
+ ($flavour =~ /linux/) ? # GNU as doesn't allow most recent hints
+ " .long ".sprintf "0x%x",19<<26|$bo<<21|16<<1 :
+ " bclr $bo,0";
+};
+my $bnelr = sub {
+ my $f = shift;
+ my $bo = $f=~/\-/ ? 4+2 : 4; # optional "not to be taken" hint
+ ($flavour =~ /linux/) ? # GNU as doesn't allow most recent hints
+ " .long ".sprintf "0x%x",19<<26|$bo<<21|2<<16|16<<1 :
+ " bclr $bo,2";
+};
+my $beqlr = sub {
+ my $f = shift;
+ my $bo = $f=~/-/ ? 12+2 : 12; # optional "not to be taken" hint
+ ($flavour =~ /linux/) ? # GNU as doesn't allow most recent hints
+ " .long ".sprintf "0x%X",19<<26|$bo<<21|2<<16|16<<1 :
+ " bclr $bo,2";
+};
+# GNU assembler can't handle extrdi rA,rS,16,48, or when sum of last two
+# arguments is 64, with "operand out of range" error.
+my $extrdi = sub {
+ my ($f,$ra,$rs,$n,$b) = @_;
+ $b = ($b+$n)&63; $n = 64-$n;
+ " rldicl $ra,$rs,$b,$n";
+};
+
+while($line=<>) {
+
+ $line =~ s|[#!;].*$||; # get rid of asm-style comments...
+ $line =~ s|/\*.*\*/||; # ... and C-style comments...
+ $line =~ s|^\s+||; # ... and skip white spaces in beginning...
+ $line =~ s|\s+$||; # ... and at the end
+
+ {
+ $line =~ s|\b\.L(\w+)|L$1|g; # common denominator for Locallabel
+ $line =~ s|\bL(\w+)|\.L$1|g if ($dotinlocallabels);
+ }
+
+ {
+ $line =~ s|(^[\.\w]+)\:\s*||;
+ my $label = $1;
+ printf "%s:",($GLOBALS{$label} or $label) if ($label);
+ }
+
+ {
+ $line =~ s|^\s*(\.?)(\w+)([\.\+\-]?)\s*||;
+ my $c = $1; $c = "\t" if ($c eq "");
+ my $mnemonic = $2;
+ my $f = $3;
+ my $opcode = eval("\$$mnemonic");
+ $line =~ s|\bc?[rf]([0-9]+)\b|$1|g if ($c ne "." and $flavour !~ /osx/);
+ if (ref($opcode) eq 'CODE') { $line = &$opcode($f,split(',',$line)); }
+ elsif ($mnemonic) { $line = $c.$mnemonic.$f."\t".$line; }
+ }
+
+ print $line if ($line);
+ print "\n";
+}
+
+close STDOUT;
Modified: trunk/crypto/openssl/crypto/perlasm/x86_64-xlate.pl
===================================================================
--- trunk/crypto/openssl/crypto/perlasm/x86_64-xlate.pl 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/perlasm/x86_64-xlate.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,6 +1,6 @@
#!/usr/bin/env perl
-# Ascetic x86_64 AT&T to MASM assembler translator by <appro>.
+# Ascetic x86_64 AT&T to MASM/NASM assembler translator by <appro>.
#
# Why AT&T to MASM and not vice versa? Several reasons. Because AT&T
# format is way easier to parse. Because it's simpler to "gear" from
@@ -20,12 +20,11 @@
# Currently recognized limitations:
#
# - can't use multiple ops per line;
-# - indirect calls and jumps are not supported;
#
# Dual-ABI styling rules.
#
-# 1. Adhere to Unix register and stack layout [see the end for
-# explanation].
+# 1. Adhere to Unix register and stack layout [see cross-reference
+# ABI "card" at the end for explanation].
# 2. Forget about "red zone," stick to more traditional blended
# stack frame allocation. If volatile storage is actually required
# that is. If not, just leave the stack as is.
@@ -42,36 +41,64 @@
# 6. Don't use [or hand-code with .byte] "rep ret." "ret" mnemonic is
# required to identify the spots, where to inject Win64 epilogue!
# But on the pros, it's then prefixed with rep automatically:-)
-# 7. Due to MASM limitations [and certain general counter-intuitivity
-# of ip-relative addressing] generation of position-independent
-# code is assisted by synthetic directive, .picmeup, which puts
-# address of the *next* instruction into target register.
+# 7. Stick to explicit ip-relative addressing. If you have to use
+# GOTPCREL addressing, stick to mov symbol at GOTPCREL(%rip),%r??.
+# Both are recognized and translated to proper Win64 addressing
+# modes. To support legacy code a synthetic directive, .picmeup,
+# is implemented. It puts address of the *next* instruction into
+# target register, e.g.:
#
-# Example 1:
# .picmeup %rax
# lea .Label-.(%rax),%rax
-# Example 2:
-# .picmeup %rcx
-# .Lpic_point:
-# ...
-# lea .Label-.Lpic_point(%rcx),%rbp
+#
+# 8. In order to provide for structured exception handling unified
+# Win64 prologue copies %rsp value to %rax. For further details
+# see SEH paragraph at the end.
+# 9. .init segment is allowed to contain calls to functions only.
+# a. If function accepts more than 4 arguments *and* >4th argument
+# is declared as non 64-bit value, do clear its upper part.
+
+my $flavour = shift;
+my $output = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
-my $output = shift;
+open STDOUT,">$output" || die "can't open $output: $!"
+ if (defined($output));
-{ my ($stddev,$stdino, at junk)=stat(STDOUT);
- my ($outdev,$outino, at junk)=stat($output);
+my $gas=1; $gas=0 if ($output =~ /\.asm$/);
+my $elf=1; $elf=0 if (!$gas);
+my $win64=0;
+my $prefix="";
+my $decor=".L";
- open STDOUT,">$output" || die "can't open $output: $!"
- if ($stddev!=$outdev || $stdino!=$outino);
+my $masmref=8 + 50727*2**-32; # 8.00.50727 shipped with VS2005
+my $masm=0;
+my $PTR=" PTR";
+
+my $nasmref=2.03;
+my $nasm=0;
+
+if ($flavour eq "mingw64") { $gas=1; $elf=0; $win64=1;
+ $prefix=`echo __USER_LABEL_PREFIX__ | $ENV{CC} -E -P -`;
+ chomp($prefix);
+ }
+elsif ($flavour eq "macosx") { $gas=1; $elf=0; $prefix="_"; $decor="L\$"; }
+elsif ($flavour eq "masm") { $gas=0; $elf=0; $masm=$masmref; $win64=1; $decor="\$L\$"; }
+elsif ($flavour eq "nasm") { $gas=0; $elf=0; $nasm=$nasmref; $win64=1; $decor="\$L\$"; $PTR=""; }
+elsif (!$gas)
+{ if ($ENV{ASM} =~ m/nasm/ && `nasm -v` =~ m/version ([0-9]+)\.([0-9]+)/i)
+ { $nasm = $1 + $2*0.01; $PTR=""; }
+ elsif (`ml64 2>&1` =~ m/Version ([0-9]+)\.([0-9]+)(\.([0-9]+))?/)
+ { $masm = $1 + $2*2**-16 + $4*2**-32; }
+ die "no assembler found on %PATH" if (!($nasm || $masm));
+ $win64=1;
+ $elf=0;
+ $decor="\$L\$";
}
-my $masmref=8 + 50727*2**-32; # 8.00.50727 shipped with VS2005
-my $masm=$masmref if ($output =~ /\.asm/);
-if ($masm && `ml64 2>&1` =~ m/Version ([0-9]+)\.([0-9]+)(\.([0-9]+))?/)
-{ $masm=$1 + $2*2**-16 + $4*2**-32; }
-
my $current_segment;
my $current_function;
+my %globals;
{ package opcode; # pick up opcodes
sub re {
@@ -85,11 +112,17 @@
$line = substr($line, at +[0]); $line =~ s/^\s+//;
undef $self->{sz};
- if ($self->{op} =~ /^(movz)b.*/) { # movz is pain...
+ if ($self->{op} =~ /^(movz)x?([bw]).*/) { # movz is pain...
$self->{op} = $1;
- $self->{sz} = "b";
- } elsif ($self->{op} =~ /call/) {
- $self->{sz} = ""
+ $self->{sz} = $2;
+ } elsif ($self->{op} =~ /call|jmp/) {
+ $self->{sz} = "";
+ } elsif ($self->{op} =~ /^p/ && $' !~ /^(ush|op|insrw)/) { # SSEn
+ $self->{sz} = "";
+ } elsif ($self->{op} =~ /^v/) { # VEX
+ $self->{sz} = "";
+ } elsif ($self->{op} =~ /movq/ && $line =~ /%xmm/) {
+ $self->{sz} = "";
} elsif ($self->{op} =~ /([a-z]{3,})([qlwb])$/) {
$self->{op} = $1;
$self->{sz} = $2;
@@ -105,13 +138,20 @@
}
sub out {
my $self = shift;
- if (!$masm) {
+ if ($gas) {
if ($self->{op} eq "movz") { # movz is pain...
sprintf "%s%s%s",$self->{op},$self->{sz},shift;
} elsif ($self->{op} =~ /^set/) {
"$self->{op}";
} elsif ($self->{op} eq "ret") {
- ".byte 0xf3,0xc3";
+ my $epilogue = "";
+ if ($win64 && $current_function->{abi} eq "svr4") {
+ $epilogue = "movq 8(%rsp),%rdi\n\t" .
+ "movq 16(%rsp),%rsi\n\t";
+ }
+ $epilogue . ".byte 0xf3,0xc3";
+ } elsif ($self->{op} eq "call" && !$elf && $current_segment eq ".init") {
+ ".p2align\t3\n\t.quad";
} else {
"$self->{op}$self->{sz}";
}
@@ -119,15 +159,25 @@
$self->{op} =~ s/^movz/movzx/;
if ($self->{op} eq "ret") {
$self->{op} = "";
- if ($current_function->{abi} eq "svr4") {
- $self->{op} = "mov rdi,QWORD PTR 8[rsp]\t;WIN64 epilogue\n\t".
- "mov rsi,QWORD PTR 16[rsp]\n\t";
+ if ($win64 && $current_function->{abi} eq "svr4") {
+ $self->{op} = "mov rdi,QWORD${PTR}[8+rsp]\t;WIN64 epilogue\n\t".
+ "mov rsi,QWORD${PTR}[16+rsp]\n\t";
}
$self->{op} .= "DB\t0F3h,0C3h\t\t;repret";
- }
+ } elsif ($self->{op} =~ /^(pop|push)f/) {
+ $self->{op} .= $self->{sz};
+ } elsif ($self->{op} eq "call" && $current_segment eq ".CRT\$XCU") {
+ $self->{op} = "\tDQ";
+ }
$self->{op};
}
}
+ sub mnemonic {
+ my $self=shift;
+ my $op=shift;
+ $self->{op}=$op if (defined($op));
+ $self->{op};
+ }
}
{ package const; # pick up constants, which start with $
sub re {
@@ -145,14 +195,15 @@
sub out {
my $self = shift;
- if (!$masm) {
+ if ($gas) {
# Solaris /usr/ccs/bin/as can't handle multiplications
# in $self->{value}
- $self->{value} =~ s/(?<![0-9a-f])(0[x0-9a-f]+)/oct($1)/egi;
+ $self->{value} =~ s/(?<![\w\$\.])(0x?[0-9a-f]+)/oct($1)/egi;
$self->{value} =~ s/([0-9]+\s*[\*\/\%]\s*[0-9]+)/eval($1)/eg;
sprintf "\$%s",$self->{value};
} else {
- $self->{value} =~ s/0x([0-9a-f]+)/0$1h/ig;
+ $self->{value} =~ s/(0b[0-1]+)/oct($1)/eig;
+ $self->{value} =~ s/0x([0-9a-f]+)/0$1h/ig if ($masm);
sprintf "%s",$self->{value};
}
}
@@ -163,13 +214,19 @@
local *line = shift;
undef $ret;
- if ($line =~ /^([^\(,]*)\(([%\w,]+)\)/) {
- $self->{label} = $1;
- ($self->{base},$self->{index},$self->{scale})=split(/,/,$2);
+ # optional * ---vvv--- appears in indirect jmp/call
+ if ($line =~ /^(\*?)([^\(,]*)\(([%\w,]+)\)/) {
+ $self->{asterisk} = $1;
+ $self->{label} = $2;
+ ($self->{base},$self->{index},$self->{scale})=split(/,/,$3);
$self->{scale} = 1 if (!defined($self->{scale}));
$ret = $self;
$line = substr($line, at +[0]); $line =~ s/^\s+//;
+ if ($win64 && $self->{label} =~ s/\@GOTPCREL//) {
+ die if (opcode->mnemonic() ne "mov");
+ opcode->mnemonic("lea");
+ }
$self->{base} =~ s/^%//;
$self->{index} =~ s/^%// if (defined($self->{index}));
}
@@ -180,6 +237,9 @@
my $self = shift;
my $sz = shift;
+ $self->{label} =~ s/([_a-z][_a-z0-9]*)/$globals{$1} or $1/gei;
+ $self->{label} =~ s/\.L/$decor/g;
+
# Silently convert all EAs to 64-bit. This is required for
# elder GNU assembler and results in more compact code,
# *but* most importantly AES module depends on this feature!
@@ -186,38 +246,45 @@
$self->{index} =~ s/^[er](.?[0-9xpi])[d]?$/r\1/;
$self->{base} =~ s/^[er](.?[0-9xpi])[d]?$/r\1/;
- if (!$masm) {
- # Solaris /usr/ccs/bin/as can't handle multiplications
- # in $self->{label}
- use integer;
- $self->{label} =~ s/(?<![0-9a-f])(0[x0-9a-f]+)/oct($1)/egi;
- $self->{label} =~ s/([0-9]+\s*[\*\/\%]\s*[0-9]+)/eval($1)/eg;
- $self->{label} =~ s/([0-9]+)/$1<<32>>32/eg;
+ # Solaris /usr/ccs/bin/as can't handle multiplications
+ # in $self->{label}, new gas requires sign extension...
+ use integer;
+ $self->{label} =~ s/(?<![\w\$\.])(0x?[0-9a-f]+)/oct($1)/egi;
+ $self->{label} =~ s/([0-9]+\s*[\*\/\%]\s*[0-9]+)/eval($1)/eg;
+ $self->{label} =~ s/([0-9]+)/$1<<32>>32/eg;
+ if ($gas) {
+ $self->{label} =~ s/^___imp_/__imp__/ if ($flavour eq "mingw64");
+
if (defined($self->{index})) {
- sprintf "%s(%%%s,%%%s,%d)",
- $self->{label},$self->{base},
+ sprintf "%s%s(%s,%%%s,%d)",$self->{asterisk},
+ $self->{label},
+ $self->{base}?"%$self->{base}":"",
$self->{index},$self->{scale};
} else {
- sprintf "%s(%%%s)", $self->{label},$self->{base};
+ sprintf "%s%s(%%%s)", $self->{asterisk},$self->{label},$self->{base};
}
} else {
- %szmap = ( b=>"BYTE", w=>"WORD", l=>"DWORD", q=>"QWORD" );
+ %szmap = ( b=>"BYTE$PTR", w=>"WORD$PTR", l=>"DWORD$PTR",
+ q=>"QWORD$PTR",o=>"OWORD$PTR",x=>"XMMWORD$PTR" );
$self->{label} =~ s/\./\$/g;
- $self->{label} =~ s/0x([0-9a-f]+)/0$1h/ig;
+ $self->{label} =~ s/(?<![\w\$\.])0x([0-9a-f]+)/0$1h/ig;
$self->{label} = "($self->{label})" if ($self->{label} =~ /[\*\+\-\/]/);
+ $sz="q" if ($self->{asterisk} || opcode->mnemonic() eq "movq");
+ $sz="l" if (opcode->mnemonic() eq "movd");
if (defined($self->{index})) {
- sprintf "%s PTR %s[%s*%d+%s]",$szmap{$sz},
- $self->{label},
+ sprintf "%s[%s%s*%d%s]",$szmap{$sz},
+ $self->{label}?"$self->{label}+":"",
$self->{index},$self->{scale},
- $self->{base};
+ $self->{base}?"+$self->{base}":"";
} elsif ($self->{base} eq "rip") {
- sprintf "%s PTR %s",$szmap{$sz},$self->{label};
+ sprintf "%s[%s]",$szmap{$sz},$self->{label};
} else {
- sprintf "%s PTR %s[%s]",$szmap{$sz},
- $self->{label},$self->{base};
+ sprintf "%s[%s%s]",$szmap{$sz},
+ $self->{label}?"$self->{label}+":"",
+ $self->{base};
}
}
}
@@ -229,9 +296,11 @@
local *line = shift;
undef $ret;
- if ($line =~ /^%(\w+)/) {
+ # optional * ---vvv--- appears in indirect jmp/call
+ if ($line =~ /^(\*?)%(\w+)/) {
bless $self,$class;
- $self->{value} = $1;
+ $self->{asterisk} = $1;
+ $self->{value} = $2;
$ret = $self;
$line = substr($line, at +[0]); $line =~ s/^\s+//;
}
@@ -254,7 +323,8 @@
}
sub out {
my $self = shift;
- sprintf $masm?"%s":"%%%s",$self->{value};
+ if ($gas) { sprintf "%s%%%s",$self->{asterisk},$self->{value}; }
+ else { $self->{value}; }
}
}
{ package label; # pick up labels, which end with :
@@ -263,12 +333,12 @@
local *line = shift;
undef $ret;
- if ($line =~ /(^[\.\w]+\:)/) {
+ if ($line =~ /(^[\.\w]+)\:/) {
$self->{value} = $1;
$ret = $self;
$line = substr($line, at +[0]); $line =~ s/^\s+//;
- $self->{value} =~ s/\.L/\$L/ if ($masm);
+ $self->{value} =~ s/^\.L/$decor/;
}
$ret;
}
@@ -275,14 +345,39 @@
sub out {
my $self = shift;
- if (!$masm) {
- $self->{value};
- } elsif ($self->{value} ne "$current_function->{name}:") {
- $self->{value};
- } elsif ($current_function->{abi} eq "svr4") {
- my $func = "$current_function->{name} PROC\n".
- " mov QWORD PTR 8[rsp],rdi\t;WIN64 prologue\n".
- " mov QWORD PTR 16[rsp],rsi\n";
+ if ($gas) {
+ my $func = ($globals{$self->{value}} or $self->{value}) . ":";
+ if ($win64 &&
+ $current_function->{name} eq $self->{value} &&
+ $current_function->{abi} eq "svr4") {
+ $func .= "\n";
+ $func .= " movq %rdi,8(%rsp)\n";
+ $func .= " movq %rsi,16(%rsp)\n";
+ $func .= " movq %rsp,%rax\n";
+ $func .= "${decor}SEH_begin_$current_function->{name}:\n";
+ my $narg = $current_function->{narg};
+ $narg=6 if (!defined($narg));
+ $func .= " movq %rcx,%rdi\n" if ($narg>0);
+ $func .= " movq %rdx,%rsi\n" if ($narg>1);
+ $func .= " movq %r8,%rdx\n" if ($narg>2);
+ $func .= " movq %r9,%rcx\n" if ($narg>3);
+ $func .= " movq 40(%rsp),%r8\n" if ($narg>4);
+ $func .= " movq 48(%rsp),%r9\n" if ($narg>5);
+ }
+ $func;
+ } elsif ($self->{value} ne "$current_function->{name}") {
+ $self->{value} .= ":" if ($masm && $ret!~m/^\$/);
+ $self->{value} . ":";
+ } elsif ($win64 && $current_function->{abi} eq "svr4") {
+ my $func = "$current_function->{name}" .
+ ($nasm ? ":" : "\tPROC $current_function->{scope}") .
+ "\n";
+ $func .= " mov QWORD${PTR}[8+rsp],rdi\t;WIN64 prologue\n";
+ $func .= " mov QWORD${PTR}[16+rsp],rsi\n";
+ $func .= " mov rax,rsp\n";
+ $func .= "${decor}SEH_begin_$current_function->{name}:";
+ $func .= ":" if ($masm);
+ $func .= "\n";
my $narg = $current_function->{narg};
$narg=6 if (!defined($narg));
$func .= " mov rdi,rcx\n" if ($narg>0);
@@ -289,11 +384,12 @@
$func .= " mov rsi,rdx\n" if ($narg>1);
$func .= " mov rdx,r8\n" if ($narg>2);
$func .= " mov rcx,r9\n" if ($narg>3);
- $func .= " mov r8,QWORD PTR 40[rsp]\n" if ($narg>4);
- $func .= " mov r9,QWORD PTR 48[rsp]\n" if ($narg>5);
+ $func .= " mov r8,QWORD${PTR}[40+rsp]\n" if ($narg>4);
+ $func .= " mov r9,QWORD${PTR}[48+rsp]\n" if ($narg>5);
$func .= "\n";
} else {
- "$current_function->{name} PROC";
+ "$current_function->{name}".
+ ($nasm ? ":" : "\tPROC $current_function->{scope}");
}
}
}
@@ -308,13 +404,19 @@
$ret = $self;
$line = substr($line, at +[0]); $line =~ s/^\s+//;
- $self->{value} =~ s/\.L/\$L/g if ($masm);
+ $self->{value} =~ s/\@PLT// if (!$elf);
+ $self->{value} =~ s/([_a-z][_a-z0-9]*)/$globals{$1} or $1/gei;
+ $self->{value} =~ s/\.L/$decor/g;
}
$ret;
}
sub out {
my $self = shift;
- $self->{value};
+ if ($nasm && opcode->mnemonic()=~m/^j/) {
+ "NEAR ".$self->{value};
+ } else {
+ $self->{value};
+ }
}
}
{ package directive; # pick up directives, which start with .
@@ -334,41 +436,23 @@
"%r14"=>0x01358d4c, "%r15"=>0x013d8d4c );
if ($line =~ /^\s*(\.\w+)/) {
- if (!$masm) {
- $self->{value} = $1;
- $line =~ s/\@abi\-omnipotent/\@function/;
- $line =~ s/\@function.*/\@function/;
- if ($line =~ /\.picmeup\s+(%r[\w]+)/i) {
- $self->{value} = sprintf "\t.long\t0x%x,0x90000000",$opcode{$1};
- } elsif ($line =~ /\.asciz\s+"(.*)"$/) {
- $self->{value} = ".byte\t".join(",",unpack("C*",$1),0);
- } elsif ($line =~ /\.extern/) {
- $self->{value} = ""; # swallow extern
- } else {
- $self->{value} = $line;
- }
- $line = "";
- return $self;
- }
-
$dir = $1;
$ret = $self;
undef $self->{value};
$line = substr($line, at +[0]); $line =~ s/^\s+//;
+
SWITCH: for ($dir) {
- /\.(text)/
- && do { my $v=undef;
- $v="$current_segment\tENDS\n" if ($current_segment);
- $current_segment = "_$1\$";
- $current_segment =~ tr/[a-z]/[A-Z]/;
- $v.="$current_segment\tSEGMENT ";
- $v.=$masm>=$masmref ? "ALIGN(64)" : "PAGE";
- $v.=" 'CODE'";
- $self->{value} = $v;
+ /\.picmeup/ && do { if ($line =~ /(%r[\w]+)/i) {
+ $dir="\t.long";
+ $line=sprintf "0x%x,0x90000000",$opcode{$1};
+ }
last;
};
- /\.extern/ && do { $self->{value} = "EXTRN\t".$line.":BYTE"; last; };
- /\.globl/ && do { $self->{value} = "PUBLIC\t".$line; last; };
+ /\.global|\.globl|\.extern/
+ && do { $globals{$line} = $prefix . $line;
+ $line = $globals{$line} if ($prefix);
+ last;
+ };
/\.type/ && do { ($sym,$type,$narg) = split(',',$line);
if ($type eq "\@function") {
undef $current_function;
@@ -375,48 +459,182 @@
$current_function->{name} = $sym;
$current_function->{abi} = "svr4";
$current_function->{narg} = $narg;
+ $current_function->{scope} = defined($globals{$sym})?"PUBLIC":"PRIVATE";
} elsif ($type eq "\@abi-omnipotent") {
undef $current_function;
$current_function->{name} = $sym;
+ $current_function->{scope} = defined($globals{$sym})?"PUBLIC":"PRIVATE";
}
+ $line =~ s/\@abi\-omnipotent/\@function/;
+ $line =~ s/\@function.*/\@function/;
last;
};
+ /\.asciz/ && do { if ($line =~ /^"(.*)"$/) {
+ $dir = ".byte";
+ $line = join(",",unpack("C*",$1),0);
+ }
+ last;
+ };
+ /\.rva|\.long|\.quad/
+ && do { $line =~ s/([_a-z][_a-z0-9]*)/$globals{$1} or $1/gei;
+ $line =~ s/\.L/$decor/g;
+ last;
+ };
+ }
+
+ if ($gas) {
+ $self->{value} = $dir . "\t" . $line;
+
+ if ($dir =~ /\.extern/) {
+ $self->{value} = ""; # swallow extern
+ } elsif (!$elf && $dir =~ /\.type/) {
+ $self->{value} = "";
+ $self->{value} = ".def\t" . ($globals{$1} or $1) . ";\t" .
+ (defined($globals{$1})?".scl 2;":".scl 3;") .
+ "\t.type 32;\t.endef"
+ if ($win64 && $line =~ /([^,]+),\@function/);
+ } elsif (!$elf && $dir =~ /\.size/) {
+ $self->{value} = "";
+ if (defined($current_function)) {
+ $self->{value} .= "${decor}SEH_end_$current_function->{name}:"
+ if ($win64 && $current_function->{abi} eq "svr4");
+ undef $current_function;
+ }
+ } elsif (!$elf && $dir =~ /\.align/) {
+ $self->{value} = ".p2align\t" . (log($line)/log(2));
+ } elsif ($dir eq ".section") {
+ $current_segment=$line;
+ if (!$elf && $current_segment eq ".init") {
+ if ($flavour eq "macosx") { $self->{value} = ".mod_init_func"; }
+ elsif ($flavour eq "mingw64") { $self->{value} = ".section\t.ctors"; }
+ }
+ } elsif ($dir =~ /\.(text|data)/) {
+ $current_segment=".$1";
+ } elsif ($dir =~ /\.hidden/) {
+ if ($flavour eq "macosx") { $self->{value} = ".private_extern\t$prefix$line"; }
+ elsif ($flavour eq "mingw64") { $self->{value} = ""; }
+ } elsif ($dir =~ /\.comm/) {
+ $self->{value} = "$dir\t$prefix$line";
+ $self->{value} =~ s|,([0-9]+),([0-9]+)$|",$1,".log($2)/log(2)|e if ($flavour eq "macosx");
+ }
+ $line = "";
+ return $self;
+ }
+
+ # non-gas case or nasm/masm
+ SWITCH: for ($dir) {
+ /\.text/ && do { my $v=undef;
+ if ($nasm) {
+ $v="section .text code align=64\n";
+ } else {
+ $v="$current_segment\tENDS\n" if ($current_segment);
+ $current_segment = ".text\$";
+ $v.="$current_segment\tSEGMENT ";
+ $v.=$masm>=$masmref ? "ALIGN(64)" : "PAGE";
+ $v.=" 'CODE'";
+ }
+ $self->{value} = $v;
+ last;
+ };
+ /\.data/ && do { my $v=undef;
+ if ($nasm) {
+ $v="section .data data align=8\n";
+ } else {
+ $v="$current_segment\tENDS\n" if ($current_segment);
+ $current_segment = "_DATA";
+ $v.="$current_segment\tSEGMENT";
+ }
+ $self->{value} = $v;
+ last;
+ };
+ /\.section/ && do { my $v=undef;
+ $line =~ s/([^,]*).*/$1/;
+ $line = ".CRT\$XCU" if ($line eq ".init");
+ if ($nasm) {
+ $v="section $line";
+ if ($line=~/\.([px])data/) {
+ $v.=" rdata align=";
+ $v.=$1 eq "p"? 4 : 8;
+ } elsif ($line=~/\.CRT\$/i) {
+ $v.=" rdata align=8";
+ }
+ } else {
+ $v="$current_segment\tENDS\n" if ($current_segment);
+ $v.="$line\tSEGMENT";
+ if ($line=~/\.([px])data/) {
+ $v.=" READONLY";
+ $v.=" ALIGN(".($1 eq "p" ? 4 : 8).")" if ($masm>=$masmref);
+ } elsif ($line=~/\.CRT\$/i) {
+ $v.=" READONLY ";
+ $v.=$masm>=$masmref ? "ALIGN(8)" : "DWORD";
+ }
+ }
+ $current_segment = $line;
+ $self->{value} = $v;
+ last;
+ };
+ /\.extern/ && do { $self->{value} = "EXTERN\t".$line;
+ $self->{value} .= ":NEAR" if ($masm);
+ last;
+ };
+ /\.globl|.global/
+ && do { $self->{value} = $masm?"PUBLIC":"global";
+ $self->{value} .= "\t".$line;
+ last;
+ };
/\.size/ && do { if (defined($current_function)) {
- $self->{value}="$current_function->{name}\tENDP";
+ undef $self->{value};
+ if ($current_function->{abi} eq "svr4") {
+ $self->{value}="${decor}SEH_end_$current_function->{name}:";
+ $self->{value}.=":\n" if($masm);
+ }
+ $self->{value}.="$current_function->{name}\tENDP" if($masm && $current_function->{name});
undef $current_function;
}
last;
};
/\.align/ && do { $self->{value} = "ALIGN\t".$line; last; };
- /\.(byte|value|long|quad)/
- && do { my @arr = split(',',$line);
- my $sz = substr($1,0,1);
+ /\.(value|long|rva|quad)/
+ && do { my $sz = substr($1,0,1);
+ my @arr = split(/,\s*/,$line);
my $last = pop(@arr);
my $conv = sub { my $var=shift;
- if ($var=~s/0x([0-9a-f]+)/0$1h/i) { $var; }
- else { sprintf"0%Xh",$var; }
+ $var=~s/^(0b[0-1]+)/oct($1)/eig;
+ $var=~s/^0x([0-9a-f]+)/0$1h/ig if ($masm);
+ if ($sz eq "D" && ($current_segment=~/.[px]data/ || $dir eq ".rva"))
+ { $var=~s/([_a-z\$\@][_a-z0-9\$\@]*)/$nasm?"$1 wrt ..imagebase":"imagerel $1"/egi; }
+ $var;
};
- $sz =~ tr/bvlq/BWDQ/;
+ $sz =~ tr/bvlrq/BWDDQ/;
$self->{value} = "\tD$sz\t";
for (@arr) { $self->{value} .= &$conv($_).","; }
$self->{value} .= &$conv($last);
last;
};
- /\.picmeup/ && do { $self->{value} = sprintf"\tDD\t 0%Xh,090000000h",$opcode{$line};
+ /\.byte/ && do { my @str=split(/,\s*/,$line);
+ map(s/(0b[0-1]+)/oct($1)/eig, at str);
+ map(s/0x([0-9a-f]+)/0$1h/ig, at str) if ($masm);
+ while ($#str>15) {
+ $self->{value}.="DB\t"
+ .join(",", at str[0..15])."\n";
+ foreach (0..15) { shift @str; }
+ }
+ $self->{value}.="DB\t"
+ .join(",", at str) if (@str);
last;
};
- /\.asciz/ && do { if ($line =~ /^"(.*)"$/) {
- my @str=unpack("C*",$1);
- push @str,0;
- while ($#str>15) {
- $self->{value}.="DB\t"
- .join(",", at str[0..15])."\n";
- foreach (0..15) { shift @str; }
- }
- $self->{value}.="DB\t"
- .join(",", at str) if (@str);
+ /\.comm/ && do { my @str=split(/,\s*/,$line);
+ my $v=undef;
+ if ($nasm) {
+ $v.="common $prefix at str[0] @str[1]";
+ } else {
+ $v="$current_segment\tENDS\n" if ($current_segment);
+ $current_segment = "_DATA";
+ $v.="$current_segment\tSEGMENT\n";
+ $v.="COMM @str[0]:DWORD:". at str[1]/4;
}
+ $self->{value} = $v;
last;
};
}
@@ -431,6 +649,139 @@
}
}
+sub rex {
+ local *opcode=shift;
+ my ($dst,$src,$rex)=@_;
+
+ $rex|=0x04 if($dst>=8);
+ $rex|=0x01 if($src>=8);
+ push @opcode,($rex|0x40) if ($rex);
+}
+
+# older gas and ml64 don't handle SSE>2 instructions
+my %regrm = ( "%eax"=>0, "%ecx"=>1, "%edx"=>2, "%ebx"=>3,
+ "%esp"=>4, "%ebp"=>5, "%esi"=>6, "%edi"=>7 );
+
+my $movq = sub { # elderly gas can't handle inter-register movq
+ my $arg = shift;
+ my @opcode=(0x66);
+ if ($arg =~ /%xmm([0-9]+),\s*%r(\w+)/) {
+ my ($src,$dst)=($1,$2);
+ if ($dst !~ /[0-9]+/) { $dst = $regrm{"%e$dst"}; }
+ rex(\@opcode,$src,$dst,0x8);
+ push @opcode,0x0f,0x7e;
+ push @opcode,0xc0|(($src&7)<<3)|($dst&7); # ModR/M
+ @opcode;
+ } elsif ($arg =~ /%r(\w+),\s*%xmm([0-9]+)/) {
+ my ($src,$dst)=($2,$1);
+ if ($dst !~ /[0-9]+/) { $dst = $regrm{"%e$dst"}; }
+ rex(\@opcode,$src,$dst,0x8);
+ push @opcode,0x0f,0x6e;
+ push @opcode,0xc0|(($src&7)<<3)|($dst&7); # ModR/M
+ @opcode;
+ } else {
+ ();
+ }
+};
+
+my $pextrd = sub {
+ if (shift =~ /\$([0-9]+),\s*%xmm([0-9]+),\s*(%\w+)/) {
+ my @opcode=(0x66);
+ $imm=$1;
+ $src=$2;
+ $dst=$3;
+ if ($dst =~ /%r([0-9]+)d/) { $dst = $1; }
+ elsif ($dst =~ /%e/) { $dst = $regrm{$dst}; }
+ rex(\@opcode,$src,$dst);
+ push @opcode,0x0f,0x3a,0x16;
+ push @opcode,0xc0|(($src&7)<<3)|($dst&7); # ModR/M
+ push @opcode,$imm;
+ @opcode;
+ } else {
+ ();
+ }
+};
+
+my $pinsrd = sub {
+ if (shift =~ /\$([0-9]+),\s*(%\w+),\s*%xmm([0-9]+)/) {
+ my @opcode=(0x66);
+ $imm=$1;
+ $src=$2;
+ $dst=$3;
+ if ($src =~ /%r([0-9]+)/) { $src = $1; }
+ elsif ($src =~ /%e/) { $src = $regrm{$src}; }
+ rex(\@opcode,$dst,$src);
+ push @opcode,0x0f,0x3a,0x22;
+ push @opcode,0xc0|(($dst&7)<<3)|($src&7); # ModR/M
+ push @opcode,$imm;
+ @opcode;
+ } else {
+ ();
+ }
+};
+
+my $pshufb = sub {
+ if (shift =~ /%xmm([0-9]+),\s*%xmm([0-9]+)/) {
+ my @opcode=(0x66);
+ rex(\@opcode,$2,$1);
+ push @opcode,0x0f,0x38,0x00;
+ push @opcode,0xc0|($1&7)|(($2&7)<<3); # ModR/M
+ @opcode;
+ } else {
+ ();
+ }
+};
+
+my $palignr = sub {
+ if (shift =~ /\$([0-9]+),\s*%xmm([0-9]+),\s*%xmm([0-9]+)/) {
+ my @opcode=(0x66);
+ rex(\@opcode,$3,$2);
+ push @opcode,0x0f,0x3a,0x0f;
+ push @opcode,0xc0|($2&7)|(($3&7)<<3); # ModR/M
+ push @opcode,$1;
+ @opcode;
+ } else {
+ ();
+ }
+};
+
+my $pclmulqdq = sub {
+ if (shift =~ /\$([x0-9a-f]+),\s*%xmm([0-9]+),\s*%xmm([0-9]+)/) {
+ my @opcode=(0x66);
+ rex(\@opcode,$3,$2);
+ push @opcode,0x0f,0x3a,0x44;
+ push @opcode,0xc0|($2&7)|(($3&7)<<3); # ModR/M
+ my $c=$1;
+ push @opcode,$c=~/^0/?oct($c):$c;
+ @opcode;
+ } else {
+ ();
+ }
+};
+
+my $rdrand = sub {
+ if (shift =~ /%[er](\w+)/) {
+ my @opcode=();
+ my $dst=$1;
+ if ($dst !~ /[0-9]+/) { $dst = $regrm{"%e$dst"}; }
+ rex(\@opcode,0,$1,8);
+ push @opcode,0x0f,0xc7,0xf0|($dst&7);
+ @opcode;
+ } else {
+ ();
+ }
+};
+
+if ($nasm) {
+ print <<___;
+default rel
+%define XMMWORD
+___
+} elsif ($masm) {
+ print <<___;
+OPTION DOTNAME
+___
+}
while($line=<>) {
chomp($line);
@@ -441,43 +792,57 @@
undef $label;
undef $opcode;
- undef $dst;
- undef $src;
- undef $sz;
+ undef @args;
if ($label=label->re(\$line)) { print $label->out(); }
if (directive->re(\$line)) {
printf "%s",directive->out();
- } elsif ($opcode=opcode->re(\$line)) { ARGUMENT: {
+ } elsif ($opcode=opcode->re(\$line)) {
+ my $asm = eval("\$".$opcode->mnemonic());
+ undef @bytes;
+
+ if ((ref($asm) eq 'CODE') && scalar(@bytes=&$asm($line))) {
+ print $gas?".byte\t":"DB\t",join(',', at bytes),"\n";
+ next;
+ }
- if ($src=register->re(\$line)) { opcode->size($src->size()); }
- elsif ($src=const->re(\$line)) { }
- elsif ($src=ea->re(\$line)) { }
- elsif ($src=expr->re(\$line)) { }
+ ARGUMENT: while (1) {
+ my $arg;
- last ARGUMENT if ($line !~ /^,/);
+ if ($arg=register->re(\$line)) { opcode->size($arg->size()); }
+ elsif ($arg=const->re(\$line)) { }
+ elsif ($arg=ea->re(\$line)) { }
+ elsif ($arg=expr->re(\$line)) { }
+ else { last ARGUMENT; }
- $line = substr($line,1); $line =~ s/^\s+//;
+ push @args,$arg;
- if ($dst=register->re(\$line)) { opcode->size($dst->size()); }
- elsif ($dst=const->re(\$line)) { }
- elsif ($dst=ea->re(\$line)) { }
+ last ARGUMENT if ($line !~ /^,/);
+ $line =~ s/^,\s*//;
} # ARGUMENT:
- $sz=opcode->size();
+ if ($#args>=0) {
+ my $insn;
+ my $sz=opcode->size();
- if (defined($dst)) {
- if (!$masm) {
- printf "\t%s\t%s,%s", $opcode->out($dst->size()),
- $src->out($sz),$dst->out($sz);
+ if ($gas) {
+ $insn = $opcode->out($#args>=1?$args[$#args]->size():$sz);
+ @args = map($_->out($sz), at args);
+ printf "\t%s\t%s",$insn,join(",", at args);
} else {
- printf "\t%s\t%s,%s", $opcode->out(),
- $dst->out($sz),$src->out($sz);
+ $insn = $opcode->out();
+ foreach (@args) {
+ my $arg = $_->out();
+ # $insn.=$sz compensates for movq, pinsrw, ...
+ if ($arg =~ /^xmm[0-9]+$/) { $insn.=$sz; $sz="x" if(!$sz); last; }
+ if ($arg =~ /^mm[0-9]+$/) { $insn.=$sz; $sz="q" if(!$sz); last; }
+ }
+ @args = reverse(@args);
+ undef $sz if ($nasm && $opcode->mnemonic() eq "lea");
+ printf "\t%s\t%s",$insn,join(",",map($_->out($sz), at args));
}
- } elsif (defined($src)) {
- printf "\t%s\t%s",$opcode->out(),$src->out($sz);
} else {
printf "\t%s",$opcode->out();
}
@@ -486,11 +851,12 @@
print $line,"\n";
}
-print "\n$current_segment\tENDS\nEND\n" if ($masm);
+print "\n$current_segment\tENDS\n" if ($current_segment && $masm);
+print "END\n" if ($masm);
close STDOUT;
-#################################################
+
#################################################
# Cross-reference x86_64 ABI "card"
#
# Unix Win64
@@ -554,3 +920,161 @@
# movq 16(%rsp),%rsi
# endif
# ret
+#
+
#################################################
+# Win64 SEH, Structured Exception Handling.
+#
+# Unlike on Unix systems(*) lack of Win64 stack unwinding information
+# has undesired side-effect at run-time: if an exception is raised in
+# assembler subroutine such as those in question (basically we're
+# referring to segmentation violations caused by malformed input
+# parameters), the application is briskly terminated without invoking
+# any exception handlers, most notably without generating memory dump
+# or any user notification whatsoever. This poses a problem. It's
+# possible to address it by registering custom language-specific
+# handler that would restore processor context to the state at
+# subroutine entry point and return "exception is not handled, keep
+# unwinding" code. Writing such handler can be a challenge... But it's
+# doable, though requires certain coding convention. Consider following
+# snippet:
+#
+# .type function, at function
+# function:
+# movq %rsp,%rax # copy rsp to volatile register
+# pushq %r15 # save non-volatile registers
+# pushq %rbx
+# pushq %rbp
+# movq %rsp,%r11
+# subq %rdi,%r11 # prepare [variable] stack frame
+# andq $-64,%r11
+# movq %rax,0(%r11) # check for exceptions
+# movq %r11,%rsp # allocate [variable] stack frame
+# movq %rax,0(%rsp) # save original rsp value
+# magic_point:
+# ...
+# movq 0(%rsp),%rcx # pull original rsp value
+# movq -24(%rcx),%rbp # restore non-volatile registers
+# movq -16(%rcx),%rbx
+# movq -8(%rcx),%r15
+# movq %rcx,%rsp # restore original rsp
+# ret
+# .size function,.-function
+#
+# The key is that up to magic_point copy of original rsp value remains
+# in chosen volatile register and no non-volatile register, except for
+# rsp, is modified. While past magic_point rsp remains constant till
+# the very end of the function. In this case custom language-specific
+# exception handler would look like this:
+#
+# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
+# CONTEXT *context,DISPATCHER_CONTEXT *disp)
+# { ULONG64 *rsp = (ULONG64 *)context->Rax;
+# if (context->Rip >= magic_point)
+# { rsp = ((ULONG64 **)context->Rsp)[0];
+# context->Rbp = rsp[-3];
+# context->Rbx = rsp[-2];
+# context->R15 = rsp[-1];
+# }
+# context->Rsp = (ULONG64)rsp;
+# context->Rdi = rsp[1];
+# context->Rsi = rsp[2];
+#
+# memcpy (disp->ContextRecord,context,sizeof(CONTEXT));
+# RtlVirtualUnwind(UNW_FLAG_NHANDLER,disp->ImageBase,
+# dips->ControlPc,disp->FunctionEntry,disp->ContextRecord,
+# &disp->HandlerData,&disp->EstablisherFrame,NULL);
+# return ExceptionContinueSearch;
+# }
+#
+# It's appropriate to implement this handler in assembler, directly in
+# function's module. In order to do that one has to know members'
+# offsets in CONTEXT and DISPATCHER_CONTEXT structures and some constant
+# values. Here they are:
+#
+# CONTEXT.Rax 120
+# CONTEXT.Rcx 128
+# CONTEXT.Rdx 136
+# CONTEXT.Rbx 144
+# CONTEXT.Rsp 152
+# CONTEXT.Rbp 160
+# CONTEXT.Rsi 168
+# CONTEXT.Rdi 176
+# CONTEXT.R8 184
+# CONTEXT.R9 192
+# CONTEXT.R10 200
+# CONTEXT.R11 208
+# CONTEXT.R12 216
+# CONTEXT.R13 224
+# CONTEXT.R14 232
+# CONTEXT.R15 240
+# CONTEXT.Rip 248
+# CONTEXT.Xmm6 512
+# sizeof(CONTEXT) 1232
+# DISPATCHER_CONTEXT.ControlPc 0
+# DISPATCHER_CONTEXT.ImageBase 8
+# DISPATCHER_CONTEXT.FunctionEntry 16
+# DISPATCHER_CONTEXT.EstablisherFrame 24
+# DISPATCHER_CONTEXT.TargetIp 32
+# DISPATCHER_CONTEXT.ContextRecord 40
+# DISPATCHER_CONTEXT.LanguageHandler 48
+# DISPATCHER_CONTEXT.HandlerData 56
+# UNW_FLAG_NHANDLER 0
+# ExceptionContinueSearch 1
+#
+# In order to tie the handler to the function one has to compose
+# couple of structures: one for .xdata segment and one for .pdata.
+#
+# UNWIND_INFO structure for .xdata segment would be
+#
+# function_unwind_info:
+# .byte 9,0,0,0
+# .rva handler
+#
+# This structure designates exception handler for a function with
+# zero-length prologue, no stack frame or frame register.
+#
+# To facilitate composing of .pdata structures, auto-generated "gear"
+# prologue copies rsp value to rax and denotes next instruction with
+# .LSEH_begin_{function_name} label. This essentially defines the SEH
+# styling rule mentioned in the beginning. Position of this label is
+# chosen in such manner that possible exceptions raised in the "gear"
+# prologue would be accounted to caller and unwound from latter's frame.
+# End of function is marked with respective .LSEH_end_{function_name}
+# label. To summarize, .pdata segment would contain
+#
+# .rva .LSEH_begin_function
+# .rva .LSEH_end_function
+# .rva function_unwind_info
+#
+# Reference to functon_unwind_info from .xdata segment is the anchor.
+# In case you wonder why references are 32-bit .rvas and not 64-bit
+# .quads. References put into these two segments are required to be
+# *relative* to the base address of the current binary module, a.k.a.
+# image base. No Win64 module, be it .exe or .dll, can be larger than
+# 2GB and thus such relative references can be and are accommodated in
+# 32 bits.
+#
+# Having reviewed the example function code, one can argue that "movq
+# %rsp,%rax" above is redundant. It is not! Keep in mind that on Unix
+# rax would contain an undefined value. If this "offends" you, use
+# another register and refrain from modifying rax till magic_point is
+# reached, i.e. as if it was a non-volatile register. If more registers
+# are required prior [variable] frame setup is completed, note that
+# nobody says that you can have only one "magic point." You can
+# "liberate" non-volatile registers by denoting last stack off-load
+# instruction and reflecting it in finer grade unwind logic in handler.
+# After all, isn't it why it's called *language-specific* handler...
+#
+# Attentive reader can notice that exceptions would be mishandled in
+# auto-generated "gear" epilogue. Well, exception effectively can't
+# occur there, because if memory area used by it was subject to
+# segmentation violation, then it would be raised upon call to the
+# function (and as already mentioned be accounted to caller, which is
+# not a problem). If you're still not comfortable, then define tail
+# "magic point" just prior ret instruction and have handler treat it...
+#
+# (*) Note that we're talking about run-time, not debug-time. Lack of
+# unwind information makes debugging hard on both Windows and
+# Unix. "Unlike" referes to the fact that on Unix signal handler
+# will always be invoked, core dumped and appropriate exit code
+# returned to parent (for user notification).
Modified: trunk/crypto/openssl/crypto/perlasm/x86asm.pl
===================================================================
--- trunk/crypto/openssl/crypto/perlasm/x86asm.pl 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/perlasm/x86asm.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,130 +1,260 @@
-#!/usr/local/bin/perl
+#!/usr/bin/env perl
# require 'x86asm.pl';
-# &asm_init("cpp","des-586.pl");
-# XXX
-# XXX
-# main'asm_finish
+# &asm_init(<flavor>,"des-586.pl"[,$i386only]);
+# &function_begin("foo");
+# ...
+# &function_end("foo");
+# &asm_finish
-sub main'asm_finish
- {
- &file_end();
- &asm_finish_cpp() if $cpp;
- print &asm_get_output();
- }
+$out=();
+$i386=0;
-sub main'asm_init
- {
- ($type,$fn,$i386)=@_;
- $filename=$fn;
+# AUTOLOAD is this context has quite unpleasant side effect, namely
+# that typos in function calls effectively go to assembler output,
+# but on the pros side we don't have to implement one subroutine per
+# each opcode...
+sub ::AUTOLOAD
+{ my $opcode = $AUTOLOAD;
- $elf=$cpp=$coff=$aout=$win32=$netware=$mwerks=0;
- if ( ($type eq "elf"))
- { $elf=1; require "x86unix.pl"; }
- elsif ( ($type eq "a.out"))
- { $aout=1; require "x86unix.pl"; }
- elsif ( ($type eq "coff" or $type eq "gaswin"))
- { $coff=1; require "x86unix.pl"; }
- elsif ( ($type eq "cpp"))
- { $cpp=1; require "x86unix.pl"; }
- elsif ( ($type eq "win32"))
- { $win32=1; require "x86ms.pl"; }
- elsif ( ($type eq "win32n"))
- { $win32=1; require "x86nasm.pl"; }
- elsif ( ($type eq "nw-nasm"))
- { $netware=1; require "x86nasm.pl"; }
- elsif ( ($type eq "nw-mwasm"))
- { $netware=1; $mwerks=1; require "x86nasm.pl"; }
- else
- {
- print STDERR <<"EOF";
-Pick one target type from
- elf - Linux, FreeBSD, Solaris x86, etc.
- a.out - OpenBSD, DJGPP, etc.
- coff - GAS/COFF such as Win32 targets
- win32 - Windows 95/Windows NT
- win32n - Windows 95/Windows NT NASM format
- nw-nasm - NetWare NASM format
- nw-mwasm- NetWare Metrowerks Assembler
-EOF
- exit(1);
- }
+ die "more than 4 arguments passed to $opcode" if ($#_>3);
- $pic=0;
- for (@ARGV) { $pic=1 if (/\-[fK]PIC/i); }
+ $opcode =~ s/.*:://;
+ if ($opcode =~ /^push/) { $stack+=4; }
+ elsif ($opcode =~ /^pop/) { $stack-=4; }
- &asm_init_output();
+ &generic($opcode, at _) or die "undefined subroutine \&$AUTOLOAD";
+}
-&comment("Don't even think of reading this code");
-&comment("It was automatically generated by $filename");
-&comment("Which is a perl program used to generate the x86 assember for");
-&comment("any of ELF, a.out, COFF, Win32, ...");
-&comment("eric <eay\@cryptsoft.com>");
-&comment("");
+sub ::emit
+{ my $opcode=shift;
- $filename =~ s/\.pl$//;
- &file($filename);
- }
+ if ($#_==-1) { push(@out,"\t$opcode\n"); }
+ else { push(@out,"\t$opcode\t".join(',', at _)."\n"); }
+}
-sub asm_finish_cpp
- {
- return unless $cpp;
+sub ::LB
+{ $_[0] =~ m/^e?([a-d])x$/o or die "$_[0] does not have a 'low byte'";
+ $1."l";
+}
+sub ::HB
+{ $_[0] =~ m/^e?([a-d])x$/o or die "$_[0] does not have a 'high byte'";
+ $1."h";
+}
+sub ::stack_push{ my $num=$_[0]*4; $stack+=$num; &sub("esp",$num); }
+sub ::stack_pop { my $num=$_[0]*4; $stack-=$num; &add("esp",$num); }
+sub ::blindpop { &pop($_[0]); $stack+=4; }
+sub ::wparam { &DWP($stack+4*$_[0],"esp"); }
+sub ::swtmp { &DWP(4*$_[0],"esp"); }
- local($tmp,$i);
- foreach $i (&get_labels())
- {
- $tmp.="#define $i _$i\n";
- }
- print <<"EOF";
-/* Run the C pre-processor over this file with one of the following defined
- * ELF - elf object files,
- * OUT - a.out object files,
- * BSDI - BSDI style a.out object files
- * SOL - Solaris style elf
- */
+sub ::bswap
+{ if ($i386) # emulate bswap for i386
+ { &comment("bswap @_");
+ &xchg(&HB(@_),&LB(@_));
+ &ror (@_,16);
+ &xchg(&HB(@_),&LB(@_));
+ }
+ else
+ { &generic("bswap", at _); }
+}
+# These are made-up opcodes introduced over the years essentially
+# by ignorance, just alias them to real ones...
+sub ::movb { &mov(@_); }
+sub ::xorb { &xor(@_); }
+sub ::rotl { &rol(@_); }
+sub ::rotr { &ror(@_); }
+sub ::exch { &xchg(@_); }
+sub ::halt { &hlt; }
+sub ::movz { &movzx(@_); }
+sub ::pushf { &pushfd; }
+sub ::popf { &popfd; }
-#define TYPE(a,b) .type a,b
-#define SIZE(a,b) .size a,b
+# 3 argument instructions
+sub ::movq
+{ my($p1,$p2,$optimize)=@_;
-#if defined(OUT) || (defined(BSDI) && !defined(ELF))
-$tmp
-#endif
+ if ($optimize && $p1=~/^mm[0-7]$/ && $p2=~/^mm[0-7]$/)
+ # movq between mmx registers can sink Intel CPUs
+ { &::pshufw($p1,$p2,0xe4); }
+ else
+ { &::generic("movq", at _); }
+}
-#ifdef OUT
-#define OK 1
-#define ALIGN 4
-#if defined(__CYGWIN__) || defined(__DJGPP__) || (__MINGW32__)
-#undef SIZE
-#undef TYPE
-#define SIZE(a,b)
-#define TYPE(a,b) .def a; .scl 2; .type 32; .endef
-#endif /* __CYGWIN || __DJGPP */
-#endif
+# SSE>2 instructions
+my %regrm = ( "eax"=>0, "ecx"=>1, "edx"=>2, "ebx"=>3,
+ "esp"=>4, "ebp"=>5, "esi"=>6, "edi"=>7 );
+sub ::pextrd
+{ my($dst,$src,$imm)=@_;
+ if ("$dst:$src" =~ /(e[a-dsd][ixp]):xmm([0-7])/)
+ { &::data_byte(0x66,0x0f,0x3a,0x16,0xc0|($2<<3)|$regrm{$1},$imm); }
+ else
+ { &::generic("pextrd", at _); }
+}
-#if defined(BSDI) && !defined(ELF)
-#define OK 1
-#define ALIGN 4
-#undef SIZE
-#undef TYPE
-#define SIZE(a,b)
-#define TYPE(a,b)
-#endif
+sub ::pinsrd
+{ my($dst,$src,$imm)=@_;
+ if ("$dst:$src" =~ /xmm([0-7]):(e[a-dsd][ixp])/)
+ { &::data_byte(0x66,0x0f,0x3a,0x22,0xc0|($1<<3)|$regrm{$2},$imm); }
+ else
+ { &::generic("pinsrd", at _); }
+}
-#if defined(ELF) || defined(SOL)
-#define OK 1
-#define ALIGN 16
-#endif
+sub ::pshufb
+{ my($dst,$src)=@_;
+ if ("$dst:$src" =~ /xmm([0-7]):xmm([0-7])/)
+ { &data_byte(0x66,0x0f,0x38,0x00,0xc0|($1<<3)|$2); }
+ else
+ { &::generic("pshufb", at _); }
+}
-#ifndef OK
-You need to define one of
-ELF - elf systems - linux-elf, NetBSD and DG-UX
-OUT - a.out systems - linux-a.out and FreeBSD
-SOL - solaris systems, which are elf with strange comment lines
-BSDI - a.out with a very primative version of as.
-#endif
+sub ::palignr
+{ my($dst,$src,$imm)=@_;
+ if ("$dst:$src" =~ /xmm([0-7]):xmm([0-7])/)
+ { &::data_byte(0x66,0x0f,0x3a,0x0f,0xc0|($1<<3)|$2,$imm); }
+ else
+ { &::generic("palignr", at _); }
+}
-/* Let the Assembler begin :-) */
+sub ::pclmulqdq
+{ my($dst,$src,$imm)=@_;
+ if ("$dst:$src" =~ /xmm([0-7]):xmm([0-7])/)
+ { &::data_byte(0x66,0x0f,0x3a,0x44,0xc0|($1<<3)|$2,$imm); }
+ else
+ { &::generic("pclmulqdq", at _); }
+}
+
+sub ::rdrand
+{ my ($dst)=@_;
+ if ($dst =~ /(e[a-dsd][ixp])/)
+ { &::data_byte(0x0f,0xc7,0xf0|$regrm{$dst}); }
+ else
+ { &::generic("rdrand", at _); }
+}
+
+# label management
+$lbdecor="L"; # local label decoration, set by package
+$label="000";
+
+sub ::islabel # see is argument is a known label
+{ my $i;
+ foreach $i (values %label) { return $i if ($i eq $_[0]); }
+ $label{$_[0]}; # can be undef
+}
+
+sub ::label # instantiate a function-scope label
+{ if (!defined($label{$_[0]}))
+ { $label{$_[0]}="${lbdecor}${label}${_[0]}"; $label++; }
+ $label{$_[0]};
+}
+
+sub ::LABEL # instantiate a file-scope label
+{ $label{$_[0]}=$_[1] if (!defined($label{$_[0]}));
+ $label{$_[0]};
+}
+
+sub ::static_label { &::LABEL($_[0],$lbdecor.$_[0]); }
+
+sub ::set_label_B { push(@out,"@_:\n"); }
+sub ::set_label
+{ my $label=&::label($_[0]);
+ &::align($_[1]) if ($_[1]>1);
+ &::set_label_B($label);
+ $label;
+}
+
+sub ::wipe_labels # wipes function-scope labels
+{ foreach $i (keys %label)
+ { delete $label{$i} if ($label{$i} =~ /^\Q${lbdecor}\E[0-9]{3}/); }
+}
+
+# subroutine management
+sub ::function_begin
+{ &function_begin_B(@_);
+ $stack=4;
+ &push("ebp");
+ &push("ebx");
+ &push("esi");
+ &push("edi");
+}
+
+sub ::function_end
+{ &pop("edi");
+ &pop("esi");
+ &pop("ebx");
+ &pop("ebp");
+ &ret();
+ &function_end_B(@_);
+ $stack=0;
+ &wipe_labels();
+}
+
+sub ::function_end_A
+{ &pop("edi");
+ &pop("esi");
+ &pop("ebx");
+ &pop("ebp");
+ &ret();
+ $stack+=16; # readjust esp as if we didn't pop anything
+}
+
+sub ::asciz
+{ my @str=unpack("C*",shift);
+ push @str,0;
+ while ($#str>15) {
+ &data_byte(@str[0..15]);
+ foreach (0..15) { shift @str; }
+ }
+ &data_byte(@str) if (@str);
+}
+
+sub ::asm_finish
+{ &file_end();
+ print @out;
+}
+
+sub ::asm_init
+{ my ($type,$fn,$cpu)=@_;
+
+ $filename=$fn;
+ $i386=$cpu;
+
+ $elf=$cpp=$coff=$aout=$macosx=$win32=$netware=$mwerks=$android=0;
+ if (($type eq "elf"))
+ { $elf=1; require "x86gas.pl"; }
+ elsif (($type eq "a\.out"))
+ { $aout=1; require "x86gas.pl"; }
+ elsif (($type eq "coff" or $type eq "gaswin"))
+ { $coff=1; require "x86gas.pl"; }
+ elsif (($type eq "win32n"))
+ { $win32=1; require "x86nasm.pl"; }
+ elsif (($type eq "nw-nasm"))
+ { $netware=1; require "x86nasm.pl"; }
+ #elsif (($type eq "nw-mwasm"))
+ #{ $netware=1; $mwerks=1; require "x86nasm.pl"; }
+ elsif (($type eq "win32"))
+ { $win32=1; require "x86masm.pl"; }
+ elsif (($type eq "macosx"))
+ { $aout=1; $macosx=1; require "x86gas.pl"; }
+ elsif (($type eq "android"))
+ { $elf=1; $android=1; require "x86gas.pl"; }
+ else
+ { print STDERR <<"EOF";
+Pick one target type from
+ elf - Linux, FreeBSD, Solaris x86, etc.
+ a.out - DJGPP, elder OpenBSD, etc.
+ coff - GAS/COFF such as Win32 targets
+ win32n - Windows 95/Windows NT NASM format
+ nw-nasm - NetWare NASM format
+ macosx - Mac OS X
EOF
- }
+ exit(1);
+ }
+ $pic=0;
+ for (@ARGV) { $pic=1 if (/\-[fK]PIC/i); }
+
+ $filename =~ s/\.pl$//;
+ &file($filename);
+}
+
1;
Copied: trunk/crypto/openssl/crypto/perlasm/x86gas.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/perlasm/x86gas.pl)
===================================================================
--- trunk/crypto/openssl/crypto/perlasm/x86gas.pl (rev 0)
+++ trunk/crypto/openssl/crypto/perlasm/x86gas.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,253 @@
+#!/usr/bin/env perl
+
+package x86gas;
+
+*out=\@::out;
+
+$::lbdecor=$::aout?"L":".L"; # local label decoration
+$nmdecor=($::aout or $::coff)?"_":""; # external name decoration
+
+$initseg="";
+
+$align=16;
+$align=log($align)/log(2) if ($::aout);
+$com_start="#" if ($::aout or $::coff);
+
+sub opsize()
+{ my $reg=shift;
+ if ($reg =~ m/^%e/o) { "l"; }
+ elsif ($reg =~ m/^%[a-d][hl]$/o) { "b"; }
+ elsif ($reg =~ m/^%[xm]/o) { undef; }
+ else { "w"; }
+}
+
+# swap arguments;
+# expand opcode with size suffix;
+# prefix numeric constants with $;
+sub ::generic
+{ my($opcode, at arg)=@_;
+ my($suffix,$dst,$src);
+
+ @arg=reverse(@arg);
+
+ for (@arg)
+ { s/^(\*?)(e?[a-dsixphl]{2})$/$1%$2/o; # gp registers
+ s/^([xy]?mm[0-7])$/%$1/o; # xmm/mmx registers
+ s/^(\-?[0-9]+)$/\$$1/o; # constants
+ s/^(\-?0x[0-9a-f]+)$/\$$1/o; # constants
+ }
+
+ $dst = $arg[$#arg] if ($#arg>=0);
+ $src = $arg[$#arg-1] if ($#arg>=1);
+ if ($dst =~ m/^%/o) { $suffix=&opsize($dst); }
+ elsif ($src =~ m/^%/o) { $suffix=&opsize($src); }
+ else { $suffix="l"; }
+ undef $suffix if ($dst =~ m/^%[xm]/o || $src =~ m/^%[xm]/o);
+
+ if ($#_==0) { &::emit($opcode); }
+ elsif ($#_==1 && $opcode =~ m/^(call|clflush|j|loop|set)/o)
+ { &::emit($opcode, at arg); }
+ else { &::emit($opcode.$suffix, at arg);}
+
+ 1;
+}
+#
+# opcodes not covered by ::generic above, mostly inconsistent namings...
+#
+sub ::movzx { &::movzb(@_); }
+sub ::pushfd { &::pushfl; }
+sub ::popfd { &::popfl; }
+sub ::cpuid { &::emit(".byte\t0x0f,0xa2"); }
+sub ::rdtsc { &::emit(".byte\t0x0f,0x31"); }
+
+sub ::call { &::emit("call",(&::islabel($_[0]) or "$nmdecor$_[0]")); }
+sub ::call_ptr { &::generic("call","*$_[0]"); }
+sub ::jmp_ptr { &::generic("jmp","*$_[0]"); }
+
+*::bswap = sub { &::emit("bswap","%$_[0]"); } if (!$::i386);
+
+sub ::DWP
+{ my($addr,$reg1,$reg2,$idx)=@_;
+ my $ret="";
+
+ $addr =~ s/^\s+//;
+ # prepend global references with optional underscore
+ $addr =~ s/^([^\+\-0-9][^\+\-]*)/&::islabel($1) or "$nmdecor$1"/ige;
+
+ $reg1 = "%$reg1" if ($reg1);
+ $reg2 = "%$reg2" if ($reg2);
+
+ $ret .= $addr if (($addr ne "") && ($addr ne 0));
+
+ if ($reg2)
+ { $idx!= 0 or $idx=1;
+ $ret .= "($reg1,$reg2,$idx)";
+ }
+ elsif ($reg1)
+ { $ret .= "($reg1)"; }
+
+ $ret;
+}
+sub ::QWP { &::DWP(@_); }
+sub ::BP { &::DWP(@_); }
+sub ::WP { &::DWP(@_); }
+sub ::BC { @_; }
+sub ::DWC { @_; }
+
+sub ::file
+{ push(@out,".file\t\"$_[0].s\"\n.text\n"); }
+
+sub ::function_begin_B
+{ my $func=shift;
+ my $global=($func !~ /^_/);
+ my $begin="${::lbdecor}_${func}_begin";
+
+ &::LABEL($func,$global?"$begin":"$nmdecor$func");
+ $func=$nmdecor.$func;
+
+ push(@out,".globl\t$func\n") if ($global);
+ if ($::coff)
+ { push(@out,".def\t$func;\t.scl\t".(3-$global).";\t.type\t32;\t.endef\n"); }
+ elsif (($::aout and !$::pic) or $::macosx)
+ { }
+ else
+ { push(@out,".type $func,\@function\n"); }
+ push(@out,".align\t$align\n");
+ push(@out,"$func:\n");
+ push(@out,"$begin:\n") if ($global);
+ $::stack=4;
+}
+
+sub ::function_end_B
+{ my $func=shift;
+ push(@out,".size\t$nmdecor$func,.-".&::LABEL($func)."\n") if ($::elf);
+ $::stack=0;
+ &::wipe_labels();
+}
+
+sub ::comment
+ {
+ if (!defined($com_start) or $::elf)
+ { # Regarding $::elf above...
+ # GNU and SVR4 as'es use different comment delimiters,
+ push(@out,"\n"); # so we just skip ELF comments...
+ return;
+ }
+ foreach (@_)
+ {
+ if (/^\s*$/)
+ { push(@out,"\n"); }
+ else
+ { push(@out,"\t$com_start $_ $com_end\n"); }
+ }
+ }
+
+sub ::external_label
+{ foreach(@_) { &::LABEL($_,$nmdecor.$_); } }
+
+sub ::public_label
+{ push(@out,".globl\t".&::LABEL($_[0],$nmdecor.$_[0])."\n"); }
+
+sub ::file_end
+{ if ($::macosx)
+ { if (%non_lazy_ptr)
+ { push(@out,".section __IMPORT,__pointers,non_lazy_symbol_pointers\n");
+ foreach $i (keys %non_lazy_ptr)
+ { push(@out,"$non_lazy_ptr{$i}:\n.indirect_symbol\t$i\n.long\t0\n"); }
+ }
+ }
+ if (grep {/\b${nmdecor}OPENSSL_ia32cap_P\b/i} @out) {
+ my $tmp=".comm\t${nmdecor}OPENSSL_ia32cap_P,8";
+ if ($::macosx) { push (@out,"$tmp,2\n"); }
+ elsif ($::elf) { push (@out,"$tmp,4\n"); }
+ else { push (@out,"$tmp\n"); }
+ }
+ push(@out,$initseg) if ($initseg);
+}
+
+sub ::data_byte { push(@out,".byte\t".join(',', at _)."\n"); }
+sub ::data_short{ push(@out,".value\t".join(',', at _)."\n"); }
+sub ::data_word { push(@out,".long\t".join(',', at _)."\n"); }
+
+sub ::align
+{ my $val=$_[0],$p2,$i;
+ if ($::aout)
+ { for ($p2=0;$val!=0;$val>>=1) { $p2++; }
+ $val=$p2-1;
+ $val.=",0x90";
+ }
+ push(@out,".align\t$val\n");
+}
+
+sub ::picmeup
+{ my($dst,$sym,$base,$reflabel)=@_;
+
+ if (($::pic && ($::elf || $::aout)) || $::macosx)
+ { if (!defined($base))
+ { &::call(&::label("PIC_me_up"));
+ &::set_label("PIC_me_up");
+ &::blindpop($dst);
+ $base=$dst;
+ $reflabel=&::label("PIC_me_up");
+ }
+ if ($::macosx)
+ { my $indirect=&::static_label("$nmdecor$sym\$non_lazy_ptr");
+ &::mov($dst,&::DWP("$indirect-$reflabel",$base));
+ $non_lazy_ptr{"$nmdecor$sym"}=$indirect;
+ }
+ else
+ { &::lea($dst,&::DWP("_GLOBAL_OFFSET_TABLE_+[.-$reflabel]",
+ $base));
+ &::mov($dst,&::DWP("$sym\@GOT",$dst));
+ }
+ }
+ else
+ { &::lea($dst,&::DWP($sym)); }
+}
+
+sub ::initseg
+{ my $f=$nmdecor.shift;
+
+ if ($::android)
+ { $initseg.=<<___;
+.section .init_array
+.align 4
+.long $f
+___
+ }
+ elsif ($::elf)
+ { $initseg.=<<___;
+.section .init
+ call $f
+___
+ }
+ elsif ($::coff)
+ { $initseg.=<<___; # applies to both Cygwin and Mingw
+.section .ctors
+.long $f
+___
+ }
+ elsif ($::macosx)
+ { $initseg.=<<___;
+.mod_init_func
+.align 2
+.long $f
+___
+ }
+ elsif ($::aout)
+ { my $ctor="${nmdecor}_GLOBAL_\$I\$$f";
+ $initseg.=".text\n";
+ $initseg.=".type $ctor,\@function\n" if ($::pic);
+ $initseg.=<<___; # OpenBSD way...
+.globl $ctor
+.align 2
+$ctor:
+ jmp $f
+___
+ }
+}
+
+sub ::dataseg
+{ push(@out,".data\n"); }
+
+1;
Copied: trunk/crypto/openssl/crypto/perlasm/x86masm.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/perlasm/x86masm.pl)
===================================================================
--- trunk/crypto/openssl/crypto/perlasm/x86masm.pl (rev 0)
+++ trunk/crypto/openssl/crypto/perlasm/x86masm.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,198 @@
+#!/usr/bin/env perl
+
+package x86masm;
+
+*out=\@::out;
+
+$::lbdecor="\$L"; # local label decoration
+$nmdecor="_"; # external name decoration
+
+$initseg="";
+$segment="";
+
+sub ::generic
+{ my ($opcode, at arg)=@_;
+
+ # fix hexadecimal constants
+ for (@arg) { s/(?<![\w\$\.])0x([0-9a-f]+)/0$1h/oi; }
+
+ if ($opcode =~ /lea/ && @arg[1] =~ s/.*PTR\s+(\(.*\))$/OFFSET $1/) # no []
+ { $opcode="mov"; }
+ elsif ($opcode !~ /movq/)
+ { # fix xmm references
+ $arg[0] =~ s/\b[A-Z]+WORD\s+PTR/XMMWORD PTR/i if ($arg[1]=~/\bxmm[0-7]\b/i);
+ $arg[1] =~ s/\b[A-Z]+WORD\s+PTR/XMMWORD PTR/i if ($arg[0]=~/\bxmm[0-7]\b/i);
+ }
+
+ &::emit($opcode, at arg);
+ 1;
+}
+#
+# opcodes not covered by ::generic above, mostly inconsistent namings...
+#
+sub ::call { &::emit("call",(&::islabel($_[0]) or "$nmdecor$_[0]")); }
+sub ::call_ptr { &::emit("call", at _); }
+sub ::jmp_ptr { &::emit("jmp", at _); }
+sub ::lock { &::data_byte(0xf0); }
+
+sub get_mem
+{ my($size,$addr,$reg1,$reg2,$idx)=@_;
+ my($post,$ret);
+
+ $ret .= "$size PTR " if ($size ne "");
+
+ $addr =~ s/^\s+//;
+ # prepend global references with optional underscore
+ $addr =~ s/^([^\+\-0-9][^\+\-]*)/&::islabel($1) or "$nmdecor$1"/ige;
+ # put address arithmetic expression in parenthesis
+ $addr="($addr)" if ($addr =~ /^.+[\-\+].+$/);
+
+ if (($addr ne "") && ($addr ne 0))
+ { if ($addr !~ /^-/) { $ret .= "$addr"; }
+ else { $post=$addr; }
+ }
+ $ret .= "[";
+
+ if ($reg2 ne "")
+ { $idx!=0 or $idx=1;
+ $ret .= "$reg2*$idx";
+ $ret .= "+$reg1" if ($reg1 ne "");
+ }
+ else
+ { $ret .= "$reg1"; }
+
+ $ret .= "$post]";
+ $ret =~ s/\+\]/]/; # in case $addr was the only argument
+ $ret =~ s/\[\s*\]//;
+
+ $ret;
+}
+sub ::BP { &get_mem("BYTE", at _); }
+sub ::WP { &get_mem("WORD", at _); }
+sub ::DWP { &get_mem("DWORD", at _); }
+sub ::QWP { &get_mem("QWORD", at _); }
+sub ::BC { "@_"; }
+sub ::DWC { "@_"; }
+
+sub ::file
+{ my $tmp=<<___;
+TITLE $_[0].asm
+IF \@Version LT 800
+ECHO MASM version 8.00 or later is strongly recommended.
+ENDIF
+.486
+.MODEL FLAT
+OPTION DOTNAME
+IF \@Version LT 800
+.text\$ SEGMENT PAGE 'CODE'
+ELSE
+.text\$ SEGMENT ALIGN(64) 'CODE'
+ENDIF
+___
+ push(@out,$tmp);
+ $segment = ".text\$";
+}
+
+sub ::function_begin_B
+{ my $func=shift;
+ my $global=($func !~ /^_/);
+ my $begin="${::lbdecor}_${func}_begin";
+
+ &::LABEL($func,$global?"$begin":"$nmdecor$func");
+ $func="ALIGN\t16\n".$nmdecor.$func."\tPROC";
+
+ if ($global) { $func.=" PUBLIC\n${begin}::\n"; }
+ else { $func.=" PRIVATE\n"; }
+ push(@out,$func);
+ $::stack=4;
+}
+sub ::function_end_B
+{ my $func=shift;
+
+ push(@out,"$nmdecor$func ENDP\n");
+ $::stack=0;
+ &::wipe_labels();
+}
+
+sub ::file_end
+{ my $xmmheader=<<___;
+.686
+.XMM
+IF \@Version LT 800
+XMMWORD STRUCT 16
+DQ 2 dup (?)
+XMMWORD ENDS
+ENDIF
+___
+ if (grep {/\b[x]?mm[0-7]\b/i} @out) {
+ grep {s/\.[3-7]86/$xmmheader/} @out;
+ }
+
+ push(@out,"$segment ENDS\n");
+
+ if (grep {/\b${nmdecor}OPENSSL_ia32cap_P\b/i} @out)
+ { my $comm=<<___;
+.bss SEGMENT 'BSS'
+COMM ${nmdecor}OPENSSL_ia32cap_P:QWORD
+.bss ENDS
+___
+ # comment out OPENSSL_ia32cap_P declarations
+ grep {s/(^EXTERN\s+${nmdecor}OPENSSL_ia32cap_P)/\;$1/} @out;
+ push (@out,$comm);
+ }
+ push (@out,$initseg) if ($initseg);
+ push (@out,"END\n");
+}
+
+sub ::comment { foreach (@_) { push(@out,"\t; $_\n"); } }
+
+*::set_label_B = sub
+{ my $l=shift; push(@out,$l.($l=~/^\Q${::lbdecor}\E[0-9]{3}/?":\n":"::\n")); };
+
+sub ::external_label
+{ foreach(@_)
+ { push(@out, "EXTERN\t".&::LABEL($_,$nmdecor.$_).":NEAR\n"); }
+}
+
+sub ::public_label
+{ push(@out,"PUBLIC\t".&::LABEL($_[0],$nmdecor.$_[0])."\n"); }
+
+sub ::data_byte
+{ push(@out,("DB\t").join(',', at _)."\n"); }
+
+sub ::data_short
+{ push(@out,("DW\t").join(',', at _)."\n"); }
+
+sub ::data_word
+{ push(@out,("DD\t").join(',', at _)."\n"); }
+
+sub ::align
+{ push(@out,"ALIGN\t$_[0]\n"); }
+
+sub ::picmeup
+{ my($dst,$sym)=@_;
+ &::lea($dst,&::DWP($sym));
+}
+
+sub ::initseg
+{ my $f=$nmdecor.shift;
+
+ $initseg.=<<___;
+.CRT\$XCU SEGMENT DWORD PUBLIC 'DATA'
+EXTERN $f:NEAR
+DD $f
+.CRT\$XCU ENDS
+___
+}
+
+sub ::dataseg
+{ push(@out,"$segment\tENDS\n_DATA\tSEGMENT\n"); $segment="_DATA"; }
+
+sub ::safeseh
+{ my $nm=shift;
+ push(@out,"IF \@Version GE 710\n");
+ push(@out,".SAFESEH ".&::LABEL($nm,$nmdecor.$nm)."\n");
+ push(@out,"ENDIF\n");
+}
+
+1;
Modified: trunk/crypto/openssl/crypto/perlasm/x86nasm.pl
===================================================================
--- trunk/crypto/openssl/crypto/perlasm/x86nasm.pl 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/perlasm/x86nasm.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,455 +1,177 @@
-#!/usr/local/bin/perl
+#!/usr/bin/env perl
package x86nasm;
-$label="L000";
-$under=($main'netware)?'':'_';
+*out=\@::out;
-%lb=( 'eax', 'al',
- 'ebx', 'bl',
- 'ecx', 'cl',
- 'edx', 'dl',
- 'ax', 'al',
- 'bx', 'bl',
- 'cx', 'cl',
- 'dx', 'dl',
- );
+$::lbdecor="L\$"; # local label decoration
+$nmdecor=$::netware?"":"_"; # external name decoration
+$drdecor=$::mwerks?".":""; # directive decoration
-%hb=( 'eax', 'ah',
- 'ebx', 'bh',
- 'ecx', 'ch',
- 'edx', 'dh',
- 'ax', 'ah',
- 'bx', 'bh',
- 'cx', 'ch',
- 'dx', 'dh',
- );
+$initseg="";
-sub main'asm_init_output { @out=(); }
-sub main'asm_get_output { return(@out); }
-sub main'get_labels { return(@labels); }
+sub ::generic
+{ my $opcode=shift;
+ my $tmp;
-sub main'external_label
-{
- push(@labels, at _);
- foreach (@_) {
- push(@out,".") if ($main'mwerks);
- push(@out, "extern\t${under}$_\n");
- }
+ if (!$::mwerks)
+ { if ($opcode =~ m/^j/o && $#_==0) # optimize jumps
+ { $_[0] = "NEAR $_[0]"; }
+ elsif ($opcode eq "lea" && $#_==1) # wipe storage qualifier from lea
+ { $_[1] =~ s/^[^\[]*\[/\[/o; }
+ elsif ($opcode eq "clflush" && $#_==0)
+ { $_[0] =~ s/^[^\[]*\[/\[/o; }
+ }
+ &::emit($opcode, at _);
+ 1;
}
+#
+# opcodes not covered by ::generic above, mostly inconsistent namings...
+#
+sub ::call { &::emit("call",(&::islabel($_[0]) or "$nmdecor$_[0]")); }
+sub ::call_ptr { &::emit("call", at _); }
+sub ::jmp_ptr { &::emit("jmp", at _); }
-sub main'LB
- {
- (defined($lb{$_[0]})) || die "$_[0] does not have a 'low byte'\n";
- return($lb{$_[0]});
- }
-
-sub main'HB
- {
- (defined($hb{$_[0]})) || die "$_[0] does not have a 'high byte'\n";
- return($hb{$_[0]});
- }
-
-sub main'BP
- {
- &get_mem("BYTE", at _);
- }
-
-sub main'DWP
- {
- &get_mem("DWORD", at _);
- }
-
-sub main'QWP
- {
- &get_mem("", at _);
- }
-
-sub main'BC
- {
- return (($main'mwerks)?"":"BYTE ")."@_";
- }
-
-sub main'DWC
- {
- return (($main'mwerks)?"":"DWORD ")."@_";
- }
-
-sub main'stack_push
- {
- my($num)=@_;
- $stack+=$num*4;
- &main'sub("esp",$num*4);
- }
-
-sub main'stack_pop
- {
- my($num)=@_;
- $stack-=$num*4;
- &main'add("esp",$num*4);
- }
-
sub get_mem
- {
- my($size,$addr,$reg1,$reg2,$idx)=@_;
- my($t,$post);
- my($ret)=$size;
- if ($ret ne "")
- {
- $ret .= " PTR" if ($main'mwerks);
- $ret .= " ";
- }
- $ret .= "[";
- $addr =~ s/^\s+//;
- if ($addr =~ /^(.+)\+(.+)$/)
- {
- $reg2=&conv($1);
- $addr="$under$2";
- }
- elsif ($addr =~ /^[_a-z][_a-z0-9]*$/i)
- {
- $addr="$under$addr";
- }
+{ my($size,$addr,$reg1,$reg2,$idx)=@_;
+ my($post,$ret);
- if ($addr =~ /^.+\-.+$/) { $addr="($addr)"; }
+ if ($size ne "")
+ { $ret .= "$size";
+ $ret .= " PTR" if ($::mwerks);
+ $ret .= " ";
+ }
+ $ret .= "[";
- $reg1="$regs{$reg1}" if defined($regs{$reg1});
- $reg2="$regs{$reg2}" if defined($regs{$reg2});
- if (($addr ne "") && ($addr ne 0))
- {
- if ($addr !~ /^-/)
- { $ret.="${addr}+"; }
- else { $post=$addr; }
- }
- if ($reg2 ne "")
- {
- $t="";
- $t="*$idx" if ($idx != 0);
- $reg1="+".$reg1 if ("$reg1$post" ne "");
- $ret.="$reg2$t$reg1$post]";
- }
- else
- {
- $ret.="$reg1$post]"
- }
- $ret =~ s/\+\]/]/; # in case $addr was the only argument
- return($ret);
- }
+ $addr =~ s/^\s+//;
+ # prepend global references with optional underscore
+ $addr =~ s/^([^\+\-0-9][^\+\-]*)/::islabel($1) or "$nmdecor$1"/ige;
+ # put address arithmetic expression in parenthesis
+ $addr="($addr)" if ($addr =~ /^.+[\-\+].+$/);
-sub main'mov { &out2("mov", at _); }
-sub main'movb { &out2("mov", at _); }
-sub main'and { &out2("and", at _); }
-sub main'or { &out2("or", at _); }
-sub main'shl { &out2("shl", at _); }
-sub main'shr { &out2("shr", at _); }
-sub main'xor { &out2("xor", at _); }
-sub main'xorb { &out2("xor", at _); }
-sub main'add { &out2("add", at _); }
-sub main'adc { &out2("adc", at _); }
-sub main'sub { &out2("sub", at _); }
-sub main'sbb { &out2("sbb", at _); }
-sub main'rotl { &out2("rol", at _); }
-sub main'rotr { &out2("ror", at _); }
-sub main'exch { &out2("xchg", at _); }
-sub main'cmp { &out2("cmp", at _); }
-sub main'lea { &out2("lea", at _); }
-sub main'mul { &out1("mul", at _); }
-sub main'imul { &out2("imul", at _); }
-sub main'div { &out1("div", at _); }
-sub main'dec { &out1("dec", at _); }
-sub main'inc { &out1("inc", at _); }
-sub main'jmp { &out1("jmp", at _); }
-sub main'jmp_ptr { &out1p("jmp", at _); }
+ if (($addr ne "") && ($addr ne 0))
+ { if ($addr !~ /^-/) { $ret .= "$addr+"; }
+ else { $post=$addr; }
+ }
-# This is a bit of a kludge: declare all branches as NEAR.
-$near=($main'mwerks)?'':'NEAR';
-sub main'je { &out1("je $near", at _); }
-sub main'jle { &out1("jle $near", at _); }
-sub main'jz { &out1("jz $near", at _); }
-sub main'jge { &out1("jge $near", at _); }
-sub main'jl { &out1("jl $near", at _); }
-sub main'ja { &out1("ja $near", at _); }
-sub main'jae { &out1("jae $near", at _); }
-sub main'jb { &out1("jb $near", at _); }
-sub main'jbe { &out1("jbe $near", at _); }
-sub main'jc { &out1("jc $near", at _); }
-sub main'jnc { &out1("jnc $near", at _); }
-sub main'jnz { &out1("jnz $near", at _); }
-sub main'jne { &out1("jne $near", at _); }
-sub main'jno { &out1("jno $near", at _); }
+ if ($reg2 ne "")
+ { $idx!=0 or $idx=1;
+ $ret .= "$reg2*$idx";
+ $ret .= "+$reg1" if ($reg1 ne "");
+ }
+ else
+ { $ret .= "$reg1"; }
-sub main'push { &out1("push", at _); $stack+=4; }
-sub main'pop { &out1("pop", at _); $stack-=4; }
-sub main'pushf { &out0("pushfd"); $stack+=4; }
-sub main'popf { &out0("popfd"); $stack-=4; }
-sub main'bswap { &out1("bswap", at _); &using486(); }
-sub main'not { &out1("not", at _); }
-sub main'call { &out1("call",($_[0]=~/^\@L/?'':$under).$_[0]); }
-sub main'call_ptr { &out1p("call", at _); }
-sub main'ret { &out0("ret"); }
-sub main'nop { &out0("nop"); }
-sub main'test { &out2("test", at _); }
-sub main'bt { &out2("bt", at _); }
-sub main'leave { &out0("leave"); }
-sub main'cpuid { &out0("cpuid"); }
-sub main'rdtsc { &out0("rdtsc"); }
-sub main'halt { &out0("hlt"); }
-sub main'movz { &out2("movzx", at _); }
-sub main'neg { &out1("neg", at _); }
-sub main'cld { &out0("cld"); }
+ $ret .= "$post]";
+ $ret =~ s/\+\]/]/; # in case $addr was the only argument
-# SSE2
-sub main'emms { &out0("emms"); }
-sub main'movd { &out2("movd", at _); }
-sub main'movq { &out2("movq", at _); }
-sub main'movdqu { &out2("movdqu", at _); }
-sub main'movdqa { &out2("movdqa", at _); }
-sub main'movdq2q{ &out2("movdq2q", at _); }
-sub main'movq2dq{ &out2("movq2dq", at _); }
-sub main'paddq { &out2("paddq", at _); }
-sub main'pmuludq{ &out2("pmuludq", at _); }
-sub main'psrlq { &out2("psrlq", at _); }
-sub main'psllq { &out2("psllq", at _); }
-sub main'pxor { &out2("pxor", at _); }
-sub main'por { &out2("por", at _); }
-sub main'pand { &out2("pand", at _); }
+ $ret;
+}
+sub ::BP { &get_mem("BYTE", at _); }
+sub ::DWP { &get_mem("DWORD", at _); }
+sub ::WP { &get_mem("WORD", at _); }
+sub ::QWP { &get_mem("", at _); }
+sub ::BC { (($::mwerks)?"":"BYTE ")."@_"; }
+sub ::DWC { (($::mwerks)?"":"DWORD ")."@_"; }
-sub out2
- {
- my($name,$p1,$p2)=@_;
- my($l,$t);
-
- push(@out,"\t$name\t");
- if (!$main'mwerks and $name eq "lea")
- {
- $p1 =~ s/^[^\[]*\[/\[/;
- $p2 =~ s/^[^\[]*\[/\[/;
- }
- $t=&conv($p1).",";
- $l=length($t);
- push(@out,$t);
- $l=4-($l+9)/8;
- push(@out,"\t" x $l);
- push(@out,&conv($p2));
- push(@out,"\n");
- }
-
-sub out0
- {
- my($name)=@_;
-
- push(@out,"\t$name\n");
- }
-
-sub out1
- {
- my($name,$p1)=@_;
- my($l,$t);
- push(@out,"\t$name\t".&conv($p1)."\n");
- }
-
-sub conv
- {
- my($p)=@_;
- $p =~ s/0x([0-9A-Fa-f]+)/0$1h/;
- return $p;
- }
-
-sub using486
- {
- return if $using486;
- $using486++;
- grep(s/\.386/\.486/, at out);
- }
-
-sub main'file
- {
- if ($main'mwerks) { push(@out,".section\t.text\n"); }
- else {
- local $tmp=<<___;
-%ifdef __omf__
-section code use32 class=code
+sub ::file
+{ if ($::mwerks) { push(@out,".section\t.text,64\n"); }
+ else
+ { my $tmp=<<___;
+%ifidn __OUTPUT_FORMAT__,obj
+section code use32 class=code align=64
+%elifidn __OUTPUT_FORMAT__,win32
+\$\@feat.00 equ 1
+section .text code align=64
%else
-section .text
+section .text code
%endif
___
- push(@out,$tmp);
- }
- }
-
-sub main'function_begin
- {
- my($func,$extra)=@_;
-
- push(@labels,$func);
- push(@out,".") if ($main'mwerks);
- my($tmp)=<<"EOF";
-global $under$func
-$under$func:
- push ebp
- push ebx
- push esi
- push edi
-EOF
push(@out,$tmp);
- $stack=20;
- }
+ }
+}
-sub main'function_begin_B
- {
- my($func,$extra)=@_;
- push(@out,".") if ($main'mwerks);
- my($tmp)=<<"EOF";
-global $under$func
-$under$func:
-EOF
- push(@out,$tmp);
- $stack=4;
- }
+sub ::function_begin_B
+{ my $func=shift;
+ my $global=($func !~ /^_/);
+ my $begin="${::lbdecor}_${func}_begin";
-sub main'function_end
- {
- my($func)=@_;
+ $begin =~ s/^\@/./ if ($::mwerks); # the torture never stops
- my($tmp)=<<"EOF";
- pop edi
- pop esi
- pop ebx
- pop ebp
- ret
-EOF
- push(@out,$tmp);
- $stack=0;
- %label=();
- }
+ &::LABEL($func,$global?"$begin":"$nmdecor$func");
+ $func=$nmdecor.$func;
-sub main'function_end_B
- {
- $stack=0;
- %label=();
- }
+ push(@out,"${drdecor}global $func\n") if ($global);
+ push(@out,"${drdecor}align 16\n");
+ push(@out,"$func:\n");
+ push(@out,"$begin:\n") if ($global);
+ $::stack=4;
+}
-sub main'function_end_A
- {
- my($func)=@_;
+sub ::function_end_B
+{ $::stack=0;
+ &::wipe_labels();
+}
- my($tmp)=<<"EOF";
- pop edi
- pop esi
- pop ebx
- pop ebp
- ret
-EOF
- push(@out,$tmp);
- }
+sub ::file_end
+{ if (grep {/\b${nmdecor}OPENSSL_ia32cap_P\b/i} @out)
+ { my $comm=<<___;
+${drdecor}segment .bss
+${drdecor}common ${nmdecor}OPENSSL_ia32cap_P 8
+___
+ # comment out OPENSSL_ia32cap_P declarations
+ grep {s/(^extern\s+${nmdecor}OPENSSL_ia32cap_P)/\;$1/} @out;
+ push (@out,$comm)
+ }
+ push (@out,$initseg) if ($initseg);
+}
-sub main'file_end
- {
- }
+sub ::comment { foreach (@_) { push(@out,"\t; $_\n"); } }
-sub main'wparam
- {
- my($num)=@_;
+sub ::external_label
+{ foreach(@_)
+ { push(@out,"${drdecor}extern\t".&::LABEL($_,$nmdecor.$_)."\n"); }
+}
- return(&main'DWP($stack+$num*4,"esp","",0));
- }
+sub ::public_label
+{ push(@out,"${drdecor}global\t".&::LABEL($_[0],$nmdecor.$_[0])."\n"); }
-sub main'swtmp
- {
- return(&main'DWP($_[0]*4,"esp","",0));
- }
+sub ::data_byte
+{ push(@out,(($::mwerks)?".byte\t":"db\t").join(',', at _)."\n"); }
+sub ::data_short
+{ push(@out,(($::mwerks)?".word\t":"dw\t").join(',', at _)."\n"); }
+sub ::data_word
+{ push(@out,(($::mwerks)?".long\t":"dd\t").join(',', at _)."\n"); }
-# Should use swtmp, which is above esp. Linix can trash the stack above esp
-#sub main'wtmp
-# {
-# my($num)=@_;
-#
-# return(&main'DWP(-(($num+1)*4),"esp","",0));
-# }
+sub ::align
+{ push(@out,"${drdecor}align\t$_[0]\n"); }
-sub main'comment
- {
- foreach (@_)
- {
- push(@out,"\t; $_\n");
- }
- }
+sub ::picmeup
+{ my($dst,$sym)=@_;
+ &::lea($dst,&::DWP($sym));
+}
-sub main'public_label
- {
- $label{$_[0]}="${under}${_[0]}" if (!defined($label{$_[0]}));
- push(@out,".") if ($main'mwerks);
- push(@out,"global\t$label{$_[0]}\n");
- }
+sub ::initseg
+{ my $f=$nmdecor.shift;
+ if ($::win32)
+ { $initseg=<<___;
+segment .CRT\$XCU data align=4
+extern $f
+dd $f
+___
+ }
+}
-sub main'label
- {
- if (!defined($label{$_[0]}))
- {
- $label{$_[0]}="\@${label}${_[0]}";
- $label++;
- }
- return($label{$_[0]});
- }
+sub ::dataseg
+{ if ($mwerks) { push(@out,".section\t.data,4\n"); }
+ else { push(@out,"section\t.data align=4\n"); }
+}
-sub main'set_label
- {
- if (!defined($label{$_[0]}))
- {
- $label{$_[0]}="\@${label}${_[0]}";
- $label++;
- }
- if ($_[1]!=0 && $_[1]>1)
- {
- main'align($_[1]);
- }
- push(@out,"$label{$_[0]}:\n");
- }
+sub ::safeseh
+{ my $nm=shift;
+ push(@out,"%if __NASM_VERSION_ID__ >= 0x02030000\n");
+ push(@out,"safeseh ".&::LABEL($nm,$nmdecor.$nm)."\n");
+ push(@out,"%endif\n");
+}
-sub main'data_byte
- {
- push(@out,(($main'mwerks)?".byte\t":"DB\t").join(',', at _)."\n");
- }
-
-sub main'data_word
- {
- push(@out,(($main'mwerks)?".long\t":"DD\t").join(',', at _)."\n");
- }
-
-sub main'align
- {
- push(@out,".") if ($main'mwerks);
- push(@out,"align\t$_[0]\n");
- }
-
-sub out1p
- {
- my($name,$p1)=@_;
- my($l,$t);
-
- push(@out,"\t$name\t".&conv($p1)."\n");
- }
-
-sub main'picmeup
- {
- local($dst,$sym)=@_;
- &main'lea($dst,&main'DWP($sym));
- }
-
-sub main'blindpop { &out1("pop", at _); }
-
-sub main'initseg
- {
- local($f)=@_;
- if ($main'win32)
- {
- local($tmp)=<<___;
-segment .CRT\$XCU data
-extern $under$f
-DD $under$f
-___
- push(@out,$tmp);
- }
- }
-
1;
Modified: trunk/crypto/openssl/crypto/pkcs12/Makefile
===================================================================
--- trunk/crypto/openssl/crypto/pkcs12/Makefile 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/pkcs12/Makefile 2015-07-21 23:23:45 UTC (rev 7118)
@@ -39,7 +39,7 @@
all: lib
lib: $(LIBOBJ)
- $(ARX) $(LIB) $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
@@ -67,6 +67,8 @@
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
+update: depend
+
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
@@ -85,15 +87,14 @@
p12_add.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
p12_add.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
p12_add.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-p12_add.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-p12_add.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-p12_add.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p12_add.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-p12_add.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
-p12_add.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p12_add.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p12_add.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p12_add.o: ../cryptlib.h p12_add.c
+p12_add.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+p12_add.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p12_add.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+p12_add.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h
+p12_add.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+p12_add.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+p12_add.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+p12_add.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_add.c
p12_asn.o: ../../e_os.h ../../include/openssl/asn1.h
p12_asn.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
p12_asn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
@@ -100,22 +101,22 @@
p12_asn.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
p12_asn.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
p12_asn.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p12_asn.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-p12_asn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p12_asn.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-p12_asn.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h
-p12_asn.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-p12_asn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p12_asn.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p12_asn.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_asn.c
+p12_asn.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p12_asn.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p12_asn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p12_asn.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+p12_asn.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p12_asn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p12_asn.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p12_asn.o: ../cryptlib.h p12_asn.c
p12_attr.o: ../../e_os.h ../../include/openssl/asn1.h
p12_attr.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
p12_attr.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
p12_attr.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
p12_attr.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-p12_attr.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-p12_attr.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-p12_attr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p12_attr.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+p12_attr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p12_attr.o: ../../include/openssl/opensslconf.h
p12_attr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
p12_attr.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
p12_attr.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
@@ -127,9 +128,9 @@
p12_crpt.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
p12_crpt.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
p12_crpt.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-p12_crpt.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-p12_crpt.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-p12_crpt.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p12_crpt.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+p12_crpt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p12_crpt.o: ../../include/openssl/opensslconf.h
p12_crpt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
p12_crpt.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
p12_crpt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
@@ -141,23 +142,22 @@
p12_crt.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
p12_crt.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
p12_crt.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-p12_crt.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-p12_crt.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-p12_crt.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p12_crt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-p12_crt.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
-p12_crt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p12_crt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p12_crt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p12_crt.o: ../cryptlib.h p12_crt.c
+p12_crt.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+p12_crt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p12_crt.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+p12_crt.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h
+p12_crt.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+p12_crt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+p12_crt.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+p12_crt.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_crt.c
p12_decr.o: ../../e_os.h ../../include/openssl/asn1.h
p12_decr.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
p12_decr.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
p12_decr.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
p12_decr.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-p12_decr.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-p12_decr.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-p12_decr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p12_decr.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+p12_decr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p12_decr.o: ../../include/openssl/opensslconf.h
p12_decr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
p12_decr.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
p12_decr.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
@@ -169,9 +169,9 @@
p12_init.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
p12_init.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
p12_init.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-p12_init.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-p12_init.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-p12_init.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p12_init.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+p12_init.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p12_init.o: ../../include/openssl/opensslconf.h
p12_init.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
p12_init.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
p12_init.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
@@ -184,22 +184,22 @@
p12_key.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
p12_key.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
p12_key.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p12_key.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-p12_key.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p12_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-p12_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h
-p12_key.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-p12_key.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p12_key.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p12_key.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_key.c
+p12_key.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p12_key.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p12_key.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p12_key.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+p12_key.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p12_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p12_key.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p12_key.o: ../cryptlib.h p12_key.c
p12_kiss.o: ../../e_os.h ../../include/openssl/asn1.h
p12_kiss.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
p12_kiss.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
p12_kiss.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
p12_kiss.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-p12_kiss.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-p12_kiss.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-p12_kiss.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p12_kiss.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+p12_kiss.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p12_kiss.o: ../../include/openssl/opensslconf.h
p12_kiss.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
p12_kiss.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
p12_kiss.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
@@ -211,10 +211,9 @@
p12_mutl.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
p12_mutl.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
p12_mutl.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-p12_mutl.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-p12_mutl.o: ../../include/openssl/hmac.h ../../include/openssl/lhash.h
-p12_mutl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p12_mutl.o: ../../include/openssl/opensslconf.h
+p12_mutl.o: ../../include/openssl/evp.h ../../include/openssl/hmac.h
+p12_mutl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p12_mutl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
p12_mutl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
p12_mutl.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
p12_mutl.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
@@ -226,9 +225,8 @@
p12_npas.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
p12_npas.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
p12_npas.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p12_npas.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-p12_npas.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p12_npas.o: ../../include/openssl/opensslconf.h
+p12_npas.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p12_npas.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
p12_npas.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
p12_npas.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
p12_npas.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
@@ -241,53 +239,50 @@
p12_p8d.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
p12_p8d.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
p12_p8d.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-p12_p8d.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-p12_p8d.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-p12_p8d.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p12_p8d.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-p12_p8d.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
-p12_p8d.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p12_p8d.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p12_p8d.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p12_p8d.o: ../cryptlib.h p12_p8d.c
+p12_p8d.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+p12_p8d.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p12_p8d.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+p12_p8d.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h
+p12_p8d.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+p12_p8d.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+p12_p8d.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+p12_p8d.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_p8d.c
p12_p8e.o: ../../e_os.h ../../include/openssl/asn1.h
p12_p8e.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
p12_p8e.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
p12_p8e.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
p12_p8e.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-p12_p8e.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-p12_p8e.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-p12_p8e.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p12_p8e.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-p12_p8e.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
-p12_p8e.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p12_p8e.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p12_p8e.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p12_p8e.o: ../cryptlib.h p12_p8e.c
+p12_p8e.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+p12_p8e.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p12_p8e.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+p12_p8e.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h
+p12_p8e.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+p12_p8e.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+p12_p8e.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+p12_p8e.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_p8e.c
p12_utl.o: ../../e_os.h ../../include/openssl/asn1.h
p12_utl.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
p12_utl.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
p12_utl.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
p12_utl.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-p12_utl.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-p12_utl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-p12_utl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p12_utl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-p12_utl.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
-p12_utl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p12_utl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p12_utl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p12_utl.o: ../cryptlib.h p12_utl.c
+p12_utl.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+p12_utl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p12_utl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+p12_utl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h
+p12_utl.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+p12_utl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+p12_utl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+p12_utl.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_utl.c
pk12err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
pk12err.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
pk12err.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
pk12err.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
pk12err.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-pk12err.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-pk12err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-pk12err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-pk12err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h
-pk12err.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-pk12err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-pk12err.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-pk12err.o: ../../include/openssl/x509_vfy.h pk12err.c
+pk12err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pk12err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+pk12err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pk12err.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+pk12err.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+pk12err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+pk12err.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+pk12err.o: pk12err.c
Modified: trunk/crypto/openssl/crypto/pkcs12/p12_add.c
===================================================================
--- trunk/crypto/openssl/crypto/pkcs12/p12_add.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/pkcs12/p12_add.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -108,6 +108,7 @@
PKCS8_PRIV_KEY_INFO *p8)
{
PKCS12_SAFEBAG *bag;
+ const EVP_CIPHER *pbe_ciph;
/* Set up the safe bag */
if (!(bag = PKCS12_SAFEBAG_new())) {
@@ -116,8 +117,14 @@
}
bag->type = OBJ_nid2obj(NID_pkcs8ShroudedKeyBag);
+
+ pbe_ciph = EVP_get_cipherbynid(pbe_nid);
+
+ if (pbe_ciph)
+ pbe_nid = -1;
+
if (!(bag->value.shkeybag =
- PKCS8_encrypt(pbe_nid, NULL, pass, passlen, salt, saltlen, iter,
+ PKCS8_encrypt(pbe_nid, pbe_ciph, pass, passlen, salt, saltlen, iter,
p8))) {
PKCS12err(PKCS12_F_PKCS12_MAKE_SHKEYBAG, ERR_R_MALLOC_FAILURE);
return NULL;
@@ -166,6 +173,7 @@
{
PKCS7 *p7;
X509_ALGOR *pbe;
+ const EVP_CIPHER *pbe_ciph;
if (!(p7 = PKCS7_new())) {
PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, ERR_R_MALLOC_FAILURE);
return NULL;
@@ -175,7 +183,15 @@
PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE);
return NULL;
}
- if (!(pbe = PKCS5_pbe_set(pbe_nid, iter, salt, saltlen))) {
+
+ pbe_ciph = EVP_get_cipherbynid(pbe_nid);
+
+ if (pbe_ciph)
+ pbe = PKCS5_pbe2_set(pbe_ciph, iter, salt, saltlen);
+ else
+ pbe = PKCS5_pbe_set(pbe_nid, iter, salt, saltlen);
+
+ if (!pbe) {
PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, ERR_R_MALLOC_FAILURE);
return NULL;
}
Modified: trunk/crypto/openssl/crypto/pkcs12/p12_attr.c
===================================================================
--- trunk/crypto/openssl/crypto/pkcs12/p12_attr.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/pkcs12/p12_attr.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -61,12 +61,6 @@
#include "cryptlib.h"
#include <openssl/pkcs12.h>
-#ifdef OPENSSL_SYS_NETWARE
-/* Rename these functions to avoid name clashes on NetWare OS */
-# define uni2asc OPENSSL_uni2asc
-# define asc2uni OPENSSL_asc2uni
-#endif
-
/* Add a local keyid to a safebag */
int PKCS12_add_localkeyid(PKCS12_SAFEBAG *bag, unsigned char *name,
@@ -148,6 +142,6 @@
return NULL;
if (atype->type != V_ASN1_BMPSTRING)
return NULL;
- return uni2asc(atype->value.bmpstring->data,
- atype->value.bmpstring->length);
+ return OPENSSL_uni2asc(atype->value.bmpstring->data,
+ atype->value.bmpstring->length);
}
Modified: trunk/crypto/openssl/crypto/pkcs12/p12_crpt.c
===================================================================
--- trunk/crypto/openssl/crypto/pkcs12/p12_crpt.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/pkcs12/p12_crpt.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -61,28 +61,10 @@
#include "cryptlib.h"
#include <openssl/pkcs12.h>
-/* PKCS#12 specific PBE functions */
+/* PKCS#12 PBE algorithms now in static table */
void PKCS12_PBE_add(void)
{
-#ifndef OPENSSL_NO_RC4
- EVP_PBE_alg_add(NID_pbe_WithSHA1And128BitRC4, EVP_rc4(), EVP_sha1(),
- PKCS12_PBE_keyivgen);
- EVP_PBE_alg_add(NID_pbe_WithSHA1And40BitRC4, EVP_rc4_40(), EVP_sha1(),
- PKCS12_PBE_keyivgen);
-#endif
-#ifndef OPENSSL_NO_DES
- EVP_PBE_alg_add(NID_pbe_WithSHA1And3_Key_TripleDES_CBC,
- EVP_des_ede3_cbc(), EVP_sha1(), PKCS12_PBE_keyivgen);
- EVP_PBE_alg_add(NID_pbe_WithSHA1And2_Key_TripleDES_CBC,
- EVP_des_ede_cbc(), EVP_sha1(), PKCS12_PBE_keyivgen);
-#endif
-#ifndef OPENSSL_NO_RC2
- EVP_PBE_alg_add(NID_pbe_WithSHA1And128BitRC2_CBC, EVP_rc2_cbc(),
- EVP_sha1(), PKCS12_PBE_keyivgen);
- EVP_PBE_alg_add(NID_pbe_WithSHA1And40BitRC2_CBC, EVP_rc2_40_cbc(),
- EVP_sha1(), PKCS12_PBE_keyivgen);
-#endif
}
int PKCS12_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
Modified: trunk/crypto/openssl/crypto/pkcs12/p12_crt.c
===================================================================
--- trunk/crypto/openssl/crypto/pkcs12/p12_crt.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/pkcs12/p12_crt.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -60,9 +60,6 @@
#include <stdio.h>
#include "cryptlib.h"
#include <openssl/pkcs12.h>
-#ifdef OPENSSL_FIPS
-# include <openssl/fips.h>
-#endif
static int pkcs12_add_bag(STACK_OF(PKCS12_SAFEBAG) **pbags,
PKCS12_SAFEBAG *bag);
Modified: trunk/crypto/openssl/crypto/pkcs12/p12_decr.c
===================================================================
--- trunk/crypto/openssl/crypto/pkcs12/p12_decr.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/pkcs12/p12_decr.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -93,7 +93,13 @@
goto err;
}
- EVP_CipherUpdate(&ctx, out, &i, in, inlen);
+ if (!EVP_CipherUpdate(&ctx, out, &i, in, inlen)) {
+ OPENSSL_free(out);
+ out = NULL;
+ PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT, ERR_R_EVP_LIB);
+ goto err;
+ }
+
outlen = i;
if (!EVP_CipherFinal_ex(&ctx, out + i, &i)) {
OPENSSL_free(out);
Modified: trunk/crypto/openssl/crypto/pkcs12/p12_key.c
===================================================================
--- trunk/crypto/openssl/crypto/pkcs12/p12_key.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/pkcs12/p12_key.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -72,12 +72,6 @@
void h__dump(unsigned char *p, int len);
#endif
-#ifdef OPENSSL_SYS_NETWARE
-/* Rename these functions to avoid name clashes on NetWare OS */
-# define uni2asc OPENSSL_uni2asc
-# define asc2uni OPENSSL_asc2uni
-#endif
-
/* PKCS12 compatible key/IV generation */
#ifndef min
# define min(a,b) ((a) < (b) ? (a) : (b))
@@ -90,15 +84,18 @@
int ret;
unsigned char *unipass;
int uniplen;
+
if (!pass) {
unipass = NULL;
uniplen = 0;
- } else if (!asc2uni(pass, passlen, &unipass, &uniplen)) {
+ } else if (!OPENSSL_asc2uni(pass, passlen, &unipass, &uniplen)) {
PKCS12err(PKCS12_F_PKCS12_KEY_GEN_ASC, ERR_R_MALLOC_FAILURE);
return 0;
}
ret = PKCS12_key_gen_uni(unipass, uniplen, salt, saltlen,
id, iter, n, out, md_type);
+ if (ret <= 0)
+ return 0;
if (unipass) {
OPENSSL_cleanse(unipass, uniplen); /* Clear password from memory */
OPENSSL_free(unipass);
@@ -139,6 +136,8 @@
#endif
v = EVP_MD_block_size(md_type);
u = EVP_MD_size(md_type);
+ if (u < 0)
+ return 0;
D = OPENSSL_malloc(v);
Ai = OPENSSL_malloc(u);
B = OPENSSL_malloc(v + 1);
@@ -161,14 +160,16 @@
for (i = 0; i < Plen; i++)
*p++ = pass[i % passlen];
for (;;) {
- EVP_DigestInit_ex(&ctx, md_type, NULL);
- EVP_DigestUpdate(&ctx, D, v);
- EVP_DigestUpdate(&ctx, I, Ilen);
- EVP_DigestFinal_ex(&ctx, Ai, NULL);
+ if (!EVP_DigestInit_ex(&ctx, md_type, NULL)
+ || !EVP_DigestUpdate(&ctx, D, v)
+ || !EVP_DigestUpdate(&ctx, I, Ilen)
+ || !EVP_DigestFinal_ex(&ctx, Ai, NULL))
+ goto err;
for (j = 1; j < iter; j++) {
- EVP_DigestInit_ex(&ctx, md_type, NULL);
- EVP_DigestUpdate(&ctx, Ai, u);
- EVP_DigestFinal_ex(&ctx, Ai, NULL);
+ if (!EVP_DigestInit_ex(&ctx, md_type, NULL)
+ || !EVP_DigestUpdate(&ctx, Ai, u)
+ || !EVP_DigestFinal_ex(&ctx, Ai, NULL))
+ goto err;
}
memcpy(out, Ai, min(n, u));
if (u >= n) {
@@ -193,20 +194,23 @@
goto err;
if (!BN_add(Ij, Ij, Bpl1))
goto err;
- BN_bn2bin(Ij, B);
+ if (!BN_bn2bin(Ij, B))
+ goto err;
Ijlen = BN_num_bytes(Ij);
/* If more than 2^(v*8) - 1 cut off MSB */
if (Ijlen > v) {
- BN_bn2bin(Ij, B);
+ if (!BN_bn2bin(Ij, B))
+ goto err;
memcpy(I + j, B + 1, v);
#ifndef PKCS12_BROKEN_KEYGEN
/* If less than v bytes pad with zeroes */
} else if (Ijlen < v) {
memset(I + j, 0, v - Ijlen);
- BN_bn2bin(Ij, I + j + v - Ijlen);
+ if (!BN_bn2bin(Ij, I + j + v - Ijlen))
+ goto err;
#endif
- } else
- BN_bn2bin(Ij, I + j);
+ } else if (!BN_bn2bin(Ij, I + j))
+ goto err;
}
}
Modified: trunk/crypto/openssl/crypto/pkcs12/p12_kiss.c
===================================================================
--- trunk/crypto/openssl/crypto/pkcs12/p12_kiss.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/pkcs12/p12_kiss.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -64,16 +64,13 @@
/* Simplified PKCS#12 routines */
static int parse_pk12(PKCS12 *p12, const char *pass, int passlen,
- EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca);
+ EVP_PKEY **pkey, STACK_OF(X509) *ocerts);
static int parse_bags(STACK_OF(PKCS12_SAFEBAG) *bags, const char *pass,
- int passlen, EVP_PKEY **pkey, X509 **cert,
- STACK_OF(X509) **ca, ASN1_OCTET_STRING **keyid,
- char *keymatch);
+ int passlen, EVP_PKEY **pkey, STACK_OF(X509) *ocerts);
static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen,
- EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca,
- ASN1_OCTET_STRING **keyid, char *keymatch);
+ EVP_PKEY **pkey, STACK_OF(X509) *ocerts);
/*
* Parse and decrypt a PKCS#12 structure returning user key, user cert and
@@ -85,7 +82,8 @@
int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
STACK_OF(X509) **ca)
{
-
+ STACK_OF(X509) *ocerts = NULL;
+ X509 *x = NULL;
/* Check for NULL PKCS12 structure */
if (!p12) {
@@ -94,14 +92,6 @@
return 0;
}
- /* Allocate stack for ca certificates if needed */
- if ((ca != NULL) && (*ca == NULL)) {
- if (!(*ca = sk_X509_new_null())) {
- PKCS12err(PKCS12_F_PKCS12_PARSE, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- }
-
if (pkey)
*pkey = NULL;
if (cert)
@@ -130,11 +120,43 @@
goto err;
}
- if (!parse_pk12(p12, pass, -1, pkey, cert, ca)) {
+ /* Allocate stack for other certificates */
+ ocerts = sk_X509_new_null();
+
+ if (!ocerts) {
+ PKCS12err(PKCS12_F_PKCS12_PARSE, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+
+ if (!parse_pk12(p12, pass, -1, pkey, ocerts)) {
PKCS12err(PKCS12_F_PKCS12_PARSE, PKCS12_R_PARSE_ERROR);
goto err;
}
+ while ((x = sk_X509_pop(ocerts))) {
+ if (pkey && *pkey && cert && !*cert) {
+ if (X509_check_private_key(x, *pkey)) {
+ *cert = x;
+ x = NULL;
+ }
+ }
+
+ if (ca && x) {
+ if (!*ca)
+ *ca = sk_X509_new_null();
+ if (!*ca)
+ goto err;
+ if (!sk_X509_push(*ca, x))
+ goto err;
+ x = NULL;
+ }
+ if (x)
+ X509_free(x);
+ }
+
+ if (ocerts)
+ sk_X509_pop_free(ocerts, X509_free);
+
return 1;
err:
@@ -143,8 +165,10 @@
EVP_PKEY_free(*pkey);
if (cert && *cert)
X509_free(*cert);
- if (ca)
- sk_X509_pop_free(*ca, X509_free);
+ if (x)
+ X509_free(x);
+ if (ocerts)
+ sk_X509_pop_free(ocerts, X509_free);
return 0;
}
@@ -152,15 +176,13 @@
/* Parse the outer PKCS#12 structure */
static int parse_pk12(PKCS12 *p12, const char *pass, int passlen,
- EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca)
+ EVP_PKEY **pkey, STACK_OF(X509) *ocerts)
{
STACK_OF(PKCS7) *asafes;
STACK_OF(PKCS12_SAFEBAG) *bags;
int i, bagnid;
PKCS7 *p7;
- ASN1_OCTET_STRING *keyid = NULL;
- char keymatch = 0;
if (!(asafes = PKCS12_unpack_authsafes(p12)))
return 0;
for (i = 0; i < sk_PKCS7_num(asafes); i++) {
@@ -176,8 +198,7 @@
sk_PKCS7_pop_free(asafes, PKCS7_free);
return 0;
}
- if (!parse_bags(bags, pass, passlen, pkey, cert, ca,
- &keyid, &keymatch)) {
+ if (!parse_bags(bags, pass, passlen, pkey, ocerts)) {
sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
sk_PKCS7_pop_free(asafes, PKCS7_free);
return 0;
@@ -185,71 +206,46 @@
sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
}
sk_PKCS7_pop_free(asafes, PKCS7_free);
- if (keyid)
- M_ASN1_OCTET_STRING_free(keyid);
return 1;
}
static int parse_bags(STACK_OF(PKCS12_SAFEBAG) *bags, const char *pass,
- int passlen, EVP_PKEY **pkey, X509 **cert,
- STACK_OF(X509) **ca, ASN1_OCTET_STRING **keyid,
- char *keymatch)
+ int passlen, EVP_PKEY **pkey, STACK_OF(X509) *ocerts)
{
int i;
for (i = 0; i < sk_PKCS12_SAFEBAG_num(bags); i++) {
if (!parse_bag(sk_PKCS12_SAFEBAG_value(bags, i),
- pass, passlen, pkey, cert, ca, keyid, keymatch))
+ pass, passlen, pkey, ocerts))
return 0;
}
return 1;
}
-#define MATCH_KEY 0x1
-#define MATCH_CERT 0x2
-#define MATCH_ALL 0x3
-
static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen,
- EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca,
- ASN1_OCTET_STRING **keyid, char *keymatch)
+ EVP_PKEY **pkey, STACK_OF(X509) *ocerts)
{
PKCS8_PRIV_KEY_INFO *p8;
X509 *x509;
- ASN1_OCTET_STRING *lkey = NULL, *ckid = NULL;
ASN1_TYPE *attrib;
ASN1_BMPSTRING *fname = NULL;
+ ASN1_OCTET_STRING *lkid = NULL;
if ((attrib = PKCS12_get_attr(bag, NID_friendlyName)))
fname = attrib->value.bmpstring;
- if ((attrib = PKCS12_get_attr(bag, NID_localKeyID))) {
- lkey = attrib->value.octet_string;
- ckid = lkey;
- }
+ if ((attrib = PKCS12_get_attr(bag, NID_localKeyID)))
+ lkid = attrib->value.octet_string;
- /* Check for any local key id matching (if needed) */
- if (lkey && ((*keymatch & MATCH_ALL) != MATCH_ALL)) {
- if (*keyid) {
- if (M_ASN1_OCTET_STRING_cmp(*keyid, lkey))
- lkey = NULL;
- } else {
- if (!(*keyid = M_ASN1_OCTET_STRING_dup(lkey))) {
- PKCS12err(PKCS12_F_PARSE_BAG, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- }
- }
-
switch (M_PKCS12_bag_type(bag)) {
case NID_keyBag:
- if (!lkey || !pkey)
+ if (!pkey || *pkey)
return 1;
if (!(*pkey = EVP_PKCS82PKEY(bag->value.keybag)))
return 0;
- *keymatch |= MATCH_KEY;
break;
case NID_pkcs8ShroudedKeyBag:
- if (!lkey || !pkey)
+ if (!pkey || *pkey)
return 1;
if (!(p8 = PKCS12_decrypt_skey(bag, pass, passlen)))
return 0;
@@ -257,7 +253,6 @@
PKCS8_PRIV_KEY_INFO_free(p8);
if (!(*pkey))
return 0;
- *keymatch |= MATCH_KEY;
break;
case NID_certBag:
@@ -265,11 +260,9 @@
return 1;
if (!(x509 = PKCS12_certbag2x509(bag)))
return 0;
- if (ckid) {
- if (!X509_keyid_set1(x509, ckid->data, ckid->length)) {
- X509_free(x509);
- return 0;
- }
+ if (lkid && !X509_keyid_set1(x509, lkid->data, lkid->length)) {
+ X509_free(x509);
+ return 0;
}
if (fname) {
int len, r;
@@ -285,23 +278,15 @@
}
}
- if (lkey) {
- *keymatch |= MATCH_CERT;
- if (cert)
- *cert = x509;
- else
- X509_free(x509);
- } else {
- if (ca)
- sk_X509_push(*ca, x509);
- else
- X509_free(x509);
+ if (!sk_X509_push(ocerts, x509)) {
+ X509_free(x509);
+ return 0;
}
+
break;
case NID_safeContentsBag:
- return parse_bags(bag->value.safes, pass, passlen,
- pkey, cert, ca, keyid, keymatch);
+ return parse_bags(bag->value.safes, pass, passlen, pkey, ocerts);
break;
default:
Modified: trunk/crypto/openssl/crypto/pkcs12/p12_mutl.c
===================================================================
--- trunk/crypto/openssl/crypto/pkcs12/p12_mutl.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/pkcs12/p12_mutl.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -60,6 +60,7 @@
#ifndef OPENSSL_NO_HMAC
# include <stdio.h>
# include "cryptlib.h"
+# include <openssl/crypto.h>
# include <openssl/hmac.h>
# include <openssl/rand.h>
# include <openssl/pkcs12.h>
@@ -72,6 +73,7 @@
HMAC_CTX hmac;
unsigned char key[EVP_MAX_MD_SIZE], *salt;
int saltlen, iter;
+ int md_size;
if (!PKCS7_type_is_data(p12->authsafes)) {
PKCS12err(PKCS12_F_PKCS12_GEN_MAC, PKCS12_R_CONTENT_TYPE_NOT_DATA);
@@ -88,16 +90,22 @@
PKCS12err(PKCS12_F_PKCS12_GEN_MAC, PKCS12_R_UNKNOWN_DIGEST_ALGORITHM);
return 0;
}
+ md_size = EVP_MD_size(md_type);
+ if (md_size < 0)
+ return 0;
if (!PKCS12_key_gen(pass, passlen, salt, saltlen, PKCS12_MAC_ID, iter,
- EVP_MD_size(md_type), key, md_type)) {
+ md_size, key, md_type)) {
PKCS12err(PKCS12_F_PKCS12_GEN_MAC, PKCS12_R_KEY_GEN_ERROR);
return 0;
}
HMAC_CTX_init(&hmac);
- HMAC_Init_ex(&hmac, key, EVP_MD_size(md_type), md_type, NULL);
- HMAC_Update(&hmac, p12->authsafes->d.data->data,
- p12->authsafes->d.data->length);
- HMAC_Final(&hmac, mac, maclen);
+ if (!HMAC_Init_ex(&hmac, key, md_size, md_type, NULL)
+ || !HMAC_Update(&hmac, p12->authsafes->d.data->data,
+ p12->authsafes->d.data->length)
+ || !HMAC_Final(&hmac, mac, maclen)) {
+ HMAC_CTX_cleanup(&hmac);
+ return 0;
+ }
HMAC_CTX_cleanup(&hmac);
return 1;
}
@@ -116,7 +124,7 @@
return 0;
}
if ((maclen != (unsigned int)p12->mac->dinfo->digest->length)
- || memcmp(mac, p12->mac->dinfo->digest->data, maclen))
+ || CRYPTO_memcmp(mac, p12->mac->dinfo->digest->data, maclen))
return 0;
return 1;
}
Modified: trunk/crypto/openssl/crypto/pkcs12/p12_utl.c
===================================================================
--- trunk/crypto/openssl/crypto/pkcs12/p12_utl.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/pkcs12/p12_utl.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -61,16 +61,10 @@
#include "cryptlib.h"
#include <openssl/pkcs12.h>
-#ifdef OPENSSL_SYS_NETWARE
-/* Rename these functions to avoid name clashes on NetWare OS */
-# define uni2asc OPENSSL_uni2asc
-# define asc2uni OPENSSL_asc2uni
-#endif
-
/* Cheap and nasty Unicode stuff */
-unsigned char *asc2uni(const char *asc, int asclen, unsigned char **uni,
- int *unilen)
+unsigned char *OPENSSL_asc2uni(const char *asc, int asclen,
+ unsigned char **uni, int *unilen)
{
int ulen, i;
unsigned char *unitmp;
@@ -93,7 +87,7 @@
return unitmp;
}
-char *uni2asc(unsigned char *uni, int unilen)
+char *OPENSSL_uni2asc(unsigned char *uni, int unilen)
{
int asclen, i;
char *asctmp;
Modified: trunk/crypto/openssl/crypto/pkcs12/pk12err.c
===================================================================
--- trunk/crypto/openssl/crypto/pkcs12/pk12err.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/pkcs12/pk12err.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,6 +1,6 @@
/* crypto/pkcs12/pk12err.c */
/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
Modified: trunk/crypto/openssl/crypto/pkcs12/pkcs12.h
===================================================================
--- trunk/crypto/openssl/crypto/pkcs12/pkcs12.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/pkcs12/pkcs12.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -111,7 +111,7 @@
PKCS7 *authsafes;
} PKCS12;
-PREDECLARE_STACK_OF(PKCS12_SAFEBAG) typedef struct {
+typedef struct {
ASN1_OBJECT *type;
union {
struct pkcs12_bag_st *bag; /* secret, crl and certbag */
@@ -239,16 +239,10 @@
const EVP_MD *md_type);
int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt,
int saltlen, const EVP_MD *md_type);
-# if defined(NETWARE) || defined(OPENSSL_SYS_NETWARE)
-/* Rename these functions to avoid name clashes on NetWare OS */
unsigned char *OPENSSL_asc2uni(const char *asc, int asclen,
unsigned char **uni, int *unilen);
char *OPENSSL_uni2asc(unsigned char *uni, int unilen);
-# else
-unsigned char *asc2uni(const char *asc, int asclen, unsigned char **uni,
- int *unilen);
-char *uni2asc(unsigned char *uni, int unilen);
-# endif
+
DECLARE_ASN1_FUNCTIONS(PKCS12)
DECLARE_ASN1_FUNCTIONS(PKCS12_MAC_DATA)
DECLARE_ASN1_FUNCTIONS(PKCS12_SAFEBAG)
Modified: trunk/crypto/openssl/crypto/pkcs7/Makefile
===================================================================
--- trunk/crypto/openssl/crypto/pkcs7/Makefile 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/pkcs7/Makefile 2015-07-21 23:23:45 UTC (rev 7118)
@@ -21,9 +21,9 @@
LIB=$(TOP)/libcrypto.a
LIBSRC= pk7_asn1.c pk7_lib.c pkcs7err.c pk7_doit.c pk7_smime.c pk7_attr.c \
- pk7_mime.c
+ pk7_mime.c bio_pk7.c
LIBOBJ= pk7_asn1.o pk7_lib.o pkcs7err.o pk7_doit.o pk7_smime.o pk7_attr.o \
- pk7_mime.o
+ pk7_mime.o bio_pk7.o
SRC= $(LIBSRC)
@@ -40,7 +40,7 @@
all: lib
lib: $(LIBOBJ)
- $(ARX) $(LIB) $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
@@ -68,6 +68,8 @@
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
+update: depend
+
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
@@ -81,6 +83,12 @@
# DO NOT DELETE THIS LINE -- make depend depends on it.
+bio_pk7.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+bio_pk7.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+bio_pk7.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+bio_pk7.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+bio_pk7.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bio_pk7.o: ../../include/openssl/symhacks.h bio_pk7.c
pk7_asn1.o: ../../e_os.h ../../include/openssl/asn1.h
pk7_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
pk7_asn1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
@@ -87,20 +95,19 @@
pk7_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
pk7_asn1.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
pk7_asn1.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-pk7_asn1.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-pk7_asn1.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-pk7_asn1.o: ../../include/openssl/opensslconf.h
+pk7_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pk7_asn1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
pk7_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
pk7_asn1.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
pk7_asn1.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
pk7_asn1.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
pk7_asn1.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pk7_asn1.c
-pk7_attr.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-pk7_attr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-pk7_attr.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-pk7_attr.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-pk7_attr.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-pk7_attr.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
+pk7_attr.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+pk7_attr.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pk7_attr.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+pk7_attr.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+pk7_attr.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
+pk7_attr.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
pk7_attr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
pk7_attr.o: ../../include/openssl/opensslconf.h
pk7_attr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
@@ -115,9 +122,8 @@
pk7_doit.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
pk7_doit.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
pk7_doit.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-pk7_doit.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-pk7_doit.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-pk7_doit.o: ../../include/openssl/opensslconf.h
+pk7_doit.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pk7_doit.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
pk7_doit.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
pk7_doit.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
pk7_doit.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
@@ -129,22 +135,22 @@
pk7_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
pk7_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
pk7_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-pk7_lib.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-pk7_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-pk7_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-pk7_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-pk7_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-pk7_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-pk7_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-pk7_lib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pk7_lib.c
+pk7_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+pk7_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pk7_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+pk7_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+pk7_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+pk7_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+pk7_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+pk7_lib.o: ../asn1/asn1_locl.h ../cryptlib.h pk7_lib.c
pk7_mime.o: ../../e_os.h ../../include/openssl/asn1.h
pk7_mime.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
pk7_mime.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
pk7_mime.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
pk7_mime.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-pk7_mime.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-pk7_mime.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-pk7_mime.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+pk7_mime.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+pk7_mime.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pk7_mime.o: ../../include/openssl/opensslconf.h
pk7_mime.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
pk7_mime.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
pk7_mime.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
@@ -157,8 +163,8 @@
pk7_smime.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
pk7_smime.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
pk7_smime.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-pk7_smime.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-pk7_smime.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pk7_smime.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pk7_smime.o: ../../include/openssl/objects.h
pk7_smime.o: ../../include/openssl/opensslconf.h
pk7_smime.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
pk7_smime.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
Copied: trunk/crypto/openssl/crypto/pkcs7/bio_pk7.c (from rev 7117, vendor-crypto/openssl/dist/crypto/pkcs7/bio_pk7.c)
===================================================================
--- trunk/crypto/openssl/crypto/pkcs7/bio_pk7.c (rev 0)
+++ trunk/crypto/openssl/crypto/pkcs7/bio_pk7.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,70 @@
+/* bio_pk7.c */
+/*
+ * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include <openssl/asn1.h>
+#include <openssl/pkcs7.h>
+#include <openssl/bio.h>
+
+#if !defined(OPENSSL_SYSNAME_NETWARE) && !defined(OPENSSL_SYSNAME_VXWORKS)
+# include <memory.h>
+#endif
+#include <stdio.h>
+
+/* Streaming encode support for PKCS#7 */
+
+BIO *BIO_new_PKCS7(BIO *out, PKCS7 *p7)
+{
+ return BIO_new_NDEF(out, (ASN1_VALUE *)p7, ASN1_ITEM_rptr(PKCS7));
+}
Modified: trunk/crypto/openssl/crypto/pkcs7/pk7_asn1.c
===================================================================
--- trunk/crypto/openssl/crypto/pkcs7/pk7_asn1.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/pkcs7/pk7_asn1.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -78,13 +78,43 @@
ADB_ENTRY(NID_pkcs7_encrypted, ASN1_NDEF_EXP_OPT(PKCS7, d.encrypted, PKCS7_ENCRYPT, 0))
} ASN1_ADB_END(PKCS7, 0, type, 0, &p7default_tt, NULL);
-ASN1_NDEF_SEQUENCE(PKCS7) = {
+/* PKCS#7 streaming support */
+static int pk7_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+ void *exarg)
+{
+ ASN1_STREAM_ARG *sarg = exarg;
+ PKCS7 **pp7 = (PKCS7 **)pval;
+
+ switch (operation) {
+
+ case ASN1_OP_STREAM_PRE:
+ if (PKCS7_stream(&sarg->boundary, *pp7) <= 0)
+ return 0;
+ case ASN1_OP_DETACHED_PRE:
+ sarg->ndef_bio = PKCS7_dataInit(*pp7, sarg->out);
+ if (!sarg->ndef_bio)
+ return 0;
+ break;
+
+ case ASN1_OP_STREAM_POST:
+ case ASN1_OP_DETACHED_POST:
+ if (PKCS7_dataFinal(*pp7, sarg->ndef_bio) <= 0)
+ return 0;
+ break;
+
+ }
+ return 1;
+}
+
+ASN1_NDEF_SEQUENCE_cb(PKCS7, pk7_cb) = {
ASN1_SIMPLE(PKCS7, type, ASN1_OBJECT),
ASN1_ADB_OBJECT(PKCS7)
-}ASN1_NDEF_SEQUENCE_END(PKCS7)
+}ASN1_NDEF_SEQUENCE_END_cb(PKCS7, PKCS7)
IMPLEMENT_ASN1_FUNCTIONS(PKCS7)
+
IMPLEMENT_ASN1_NDEF_FUNCTION(PKCS7)
+
IMPLEMENT_ASN1_DUP_FUNCTION(PKCS7)
ASN1_NDEF_SEQUENCE(PKCS7_SIGNED) = {
@@ -99,7 +129,8 @@
IMPLEMENT_ASN1_FUNCTIONS(PKCS7_SIGNED)
/* Minor tweak to operation: free up EVP_PKEY */
-static int si_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
+static int si_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+ void *exarg)
{
if (operation == ASN1_OP_FREE_POST) {
PKCS7_SIGNER_INFO *si = (PKCS7_SIGNER_INFO *)*pval;
@@ -141,7 +172,8 @@
IMPLEMENT_ASN1_FUNCTIONS(PKCS7_ENVELOPE)
/* Minor tweak to operation: free up X509 */
-static int ri_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
+static int ri_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+ void *exarg)
{
if (operation == ASN1_OP_FREE_POST) {
PKCS7_RECIP_INFO *ri = (PKCS7_RECIP_INFO *)*pval;
@@ -162,7 +194,7 @@
ASN1_NDEF_SEQUENCE(PKCS7_ENC_CONTENT) = {
ASN1_SIMPLE(PKCS7_ENC_CONTENT, content_type, ASN1_OBJECT),
ASN1_SIMPLE(PKCS7_ENC_CONTENT, algorithm, X509_ALGOR),
- ASN1_IMP_OPT(PKCS7_ENC_CONTENT, enc_data, ASN1_OCTET_STRING, 0)
+ ASN1_IMP_OPT(PKCS7_ENC_CONTENT, enc_data, ASN1_OCTET_STRING_NDEF, 0)
} ASN1_NDEF_SEQUENCE_END(PKCS7_ENC_CONTENT)
IMPLEMENT_ASN1_FUNCTIONS(PKCS7_ENC_CONTENT)
@@ -215,3 +247,5 @@
ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_IMPTAG | ASN1_TFLG_UNIVERSAL,
V_ASN1_SET, PKCS7_ATTRIBUTES, X509_ATTRIBUTE)
ASN1_ITEM_TEMPLATE_END(PKCS7_ATTR_VERIFY)
+
+IMPLEMENT_ASN1_PRINT_FUNCTION(PKCS7)
Modified: trunk/crypto/openssl/crypto/pkcs7/pk7_attr.c
===================================================================
--- trunk/crypto/openssl/crypto/pkcs7/pk7_attr.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/pkcs7/pk7_attr.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -61,6 +61,7 @@
#include <stdlib.h>
#include <openssl/bio.h>
#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
#include <openssl/pem.h>
#include <openssl/pkcs7.h>
#include <openssl/x509.h>
@@ -70,27 +71,12 @@
STACK_OF(X509_ALGOR) *cap)
{
ASN1_STRING *seq;
- unsigned char *p, *pp;
- int len;
- len = i2d_ASN1_SET_OF_X509_ALGOR(cap, NULL, i2d_X509_ALGOR,
- V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL,
- IS_SEQUENCE);
- if (!(pp = (unsigned char *)OPENSSL_malloc(len))) {
- PKCS7err(PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- p = pp;
- i2d_ASN1_SET_OF_X509_ALGOR(cap, &p, i2d_X509_ALGOR, V_ASN1_SEQUENCE,
- V_ASN1_UNIVERSAL, IS_SEQUENCE);
if (!(seq = ASN1_STRING_new())) {
PKCS7err(PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP, ERR_R_MALLOC_FAILURE);
return 0;
}
- if (!ASN1_STRING_set(seq, pp, len)) {
- PKCS7err(PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- OPENSSL_free(pp);
+ seq->length = ASN1_item_i2d((ASN1_VALUE *)cap, &seq->data,
+ ASN1_ITEM_rptr(X509_ALGORS));
return PKCS7_add_signed_attribute(si, NID_SMIMECapabilities,
V_ASN1_SEQUENCE, seq);
}
@@ -104,10 +90,9 @@
if (!cap || (cap->type != V_ASN1_SEQUENCE))
return NULL;
p = cap->value.sequence->data;
- return d2i_ASN1_SET_OF_X509_ALGOR(NULL, &p,
- cap->value.sequence->length,
- d2i_X509_ALGOR, X509_ALGOR_free,
- V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
+ return (STACK_OF(X509_ALGOR) *)
+ ASN1_item_d2i(NULL, &p, cap->value.sequence->length,
+ ASN1_ITEM_rptr(X509_ALGORS));
}
/* Basic smime-capabilities OID and optional integer arg */
@@ -141,3 +126,40 @@
sk_X509_ALGOR_push(sk, alg);
return 1;
}
+
+int PKCS7_add_attrib_content_type(PKCS7_SIGNER_INFO *si, ASN1_OBJECT *coid)
+{
+ if (PKCS7_get_signed_attribute(si, NID_pkcs9_contentType))
+ return 0;
+ if (!coid)
+ coid = OBJ_nid2obj(NID_pkcs7_data);
+ return PKCS7_add_signed_attribute(si, NID_pkcs9_contentType,
+ V_ASN1_OBJECT, coid);
+}
+
+int PKCS7_add0_attrib_signing_time(PKCS7_SIGNER_INFO *si, ASN1_TIME *t)
+{
+ if (!t && !(t = X509_gmtime_adj(NULL, 0))) {
+ PKCS7err(PKCS7_F_PKCS7_ADD0_ATTRIB_SIGNING_TIME,
+ ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+ return PKCS7_add_signed_attribute(si, NID_pkcs9_signingTime,
+ V_ASN1_UTCTIME, t);
+}
+
+int PKCS7_add1_attrib_digest(PKCS7_SIGNER_INFO *si,
+ const unsigned char *md, int mdlen)
+{
+ ASN1_OCTET_STRING *os;
+ os = ASN1_OCTET_STRING_new();
+ if (!os)
+ return 0;
+ if (!ASN1_STRING_set(os, md, mdlen)
+ || !PKCS7_add_signed_attribute(si, NID_pkcs9_messageDigest,
+ V_ASN1_OCTET_STRING, os)) {
+ ASN1_OCTET_STRING_free(os);
+ return 0;
+ }
+ return 1;
+}
Modified: trunk/crypto/openssl/crypto/pkcs7/pk7_doit.c
===================================================================
--- trunk/crypto/openssl/crypto/pkcs7/pk7_doit.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/pkcs7/pk7_doit.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -134,6 +134,121 @@
}
+static int pkcs7_encode_rinfo(PKCS7_RECIP_INFO *ri,
+ unsigned char *key, int keylen)
+{
+ EVP_PKEY_CTX *pctx = NULL;
+ EVP_PKEY *pkey = NULL;
+ unsigned char *ek = NULL;
+ int ret = 0;
+ size_t eklen;
+
+ pkey = X509_get_pubkey(ri->cert);
+
+ if (!pkey)
+ return 0;
+
+ pctx = EVP_PKEY_CTX_new(pkey, NULL);
+ if (!pctx)
+ return 0;
+
+ if (EVP_PKEY_encrypt_init(pctx) <= 0)
+ goto err;
+
+ if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_ENCRYPT,
+ EVP_PKEY_CTRL_PKCS7_ENCRYPT, 0, ri) <= 0) {
+ PKCS7err(PKCS7_F_PKCS7_ENCODE_RINFO, PKCS7_R_CTRL_ERROR);
+ goto err;
+ }
+
+ if (EVP_PKEY_encrypt(pctx, NULL, &eklen, key, keylen) <= 0)
+ goto err;
+
+ ek = OPENSSL_malloc(eklen);
+
+ if (ek == NULL) {
+ PKCS7err(PKCS7_F_PKCS7_ENCODE_RINFO, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ if (EVP_PKEY_encrypt(pctx, ek, &eklen, key, keylen) <= 0)
+ goto err;
+
+ ASN1_STRING_set0(ri->enc_key, ek, eklen);
+ ek = NULL;
+
+ ret = 1;
+
+ err:
+ if (pkey)
+ EVP_PKEY_free(pkey);
+ if (pctx)
+ EVP_PKEY_CTX_free(pctx);
+ if (ek)
+ OPENSSL_free(ek);
+ return ret;
+
+}
+
+static int pkcs7_decrypt_rinfo(unsigned char **pek, int *peklen,
+ PKCS7_RECIP_INFO *ri, EVP_PKEY *pkey)
+{
+ EVP_PKEY_CTX *pctx = NULL;
+ unsigned char *ek = NULL;
+ size_t eklen;
+
+ int ret = -1;
+
+ pctx = EVP_PKEY_CTX_new(pkey, NULL);
+ if (!pctx)
+ return -1;
+
+ if (EVP_PKEY_decrypt_init(pctx) <= 0)
+ goto err;
+
+ if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DECRYPT,
+ EVP_PKEY_CTRL_PKCS7_DECRYPT, 0, ri) <= 0) {
+ PKCS7err(PKCS7_F_PKCS7_DECRYPT_RINFO, PKCS7_R_CTRL_ERROR);
+ goto err;
+ }
+
+ if (EVP_PKEY_decrypt(pctx, NULL, &eklen,
+ ri->enc_key->data, ri->enc_key->length) <= 0)
+ goto err;
+
+ ek = OPENSSL_malloc(eklen);
+
+ if (ek == NULL) {
+ PKCS7err(PKCS7_F_PKCS7_DECRYPT_RINFO, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ if (EVP_PKEY_decrypt(pctx, ek, &eklen,
+ ri->enc_key->data, ri->enc_key->length) <= 0) {
+ ret = 0;
+ PKCS7err(PKCS7_F_PKCS7_DECRYPT_RINFO, ERR_R_EVP_LIB);
+ goto err;
+ }
+
+ ret = 1;
+
+ if (*pek) {
+ OPENSSL_cleanse(*pek, *peklen);
+ OPENSSL_free(*pek);
+ }
+
+ *pek = ek;
+ *peklen = eklen;
+
+ err:
+ if (pctx)
+ EVP_PKEY_CTX_free(pctx);
+ if (!ret && ek)
+ OPENSSL_free(ek);
+
+ return ret;
+}
+
BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
{
int i;
@@ -144,7 +259,6 @@
STACK_OF(PKCS7_RECIP_INFO) *rsk = NULL;
X509_ALGOR *xalg = NULL;
PKCS7_RECIP_INFO *ri = NULL;
- EVP_PKEY *pkey;
ASN1_OCTET_STRING *os = NULL;
if (p7 == NULL) {
@@ -197,6 +311,8 @@
xa = p7->d.digest->md;
os = PKCS7_get_octet_string(p7->d.digest->contents);
break;
+ case NID_pkcs7_data:
+ break;
default:
PKCS7err(PKCS7_F_PKCS7_DATAINIT, PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
goto err;
@@ -213,8 +329,6 @@
unsigned char key[EVP_MAX_KEY_LENGTH];
unsigned char iv[EVP_MAX_IV_LENGTH];
int keylen, ivlen;
- int jj, max;
- unsigned char *tmp;
EVP_CIPHER_CTX *ctx;
if ((btmp = BIO_new(BIO_f_cipher())) == NULL) {
@@ -246,43 +360,11 @@
}
/* Lets do the pub key stuff :-) */
- max = 0;
for (i = 0; i < sk_PKCS7_RECIP_INFO_num(rsk); i++) {
ri = sk_PKCS7_RECIP_INFO_value(rsk, i);
- if (ri->cert == NULL) {
- PKCS7err(PKCS7_F_PKCS7_DATAINIT,
- PKCS7_R_MISSING_CERIPEND_INFO);
+ if (pkcs7_encode_rinfo(ri, key, keylen) <= 0)
goto err;
- }
- if ((pkey = X509_get_pubkey(ri->cert)) == NULL)
- goto err;
- jj = EVP_PKEY_size(pkey);
- EVP_PKEY_free(pkey);
- if (max < jj)
- max = jj;
}
- if ((tmp = (unsigned char *)OPENSSL_malloc(max)) == NULL) {
- PKCS7err(PKCS7_F_PKCS7_DATAINIT, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- for (i = 0; i < sk_PKCS7_RECIP_INFO_num(rsk); i++) {
- ri = sk_PKCS7_RECIP_INFO_value(rsk, i);
- if ((pkey = X509_get_pubkey(ri->cert)) == NULL)
- goto err;
- jj = EVP_PKEY_encrypt(tmp, key, keylen, pkey);
- EVP_PKEY_free(pkey);
- if (jj <= 0) {
- PKCS7err(PKCS7_F_PKCS7_DATAINIT, ERR_R_EVP_LIB);
- OPENSSL_free(tmp);
- goto err;
- }
- if (!M_ASN1_OCTET_STRING_set(ri->enc_key, tmp, jj)) {
- PKCS7err(PKCS7_F_PKCS7_DATAINIT, ERR_R_MALLOC_FAILURE);
- OPENSSL_free(tmp);
- goto err;
- }
- }
- OPENSSL_free(tmp);
OPENSSL_cleanse(key, keylen);
if (out == NULL)
@@ -304,7 +386,10 @@
BIO_set_mem_eof_return(bio, 0);
}
}
- BIO_push(out, bio);
+ if (out)
+ BIO_push(out, bio);
+ else
+ out = bio;
bio = NULL;
if (0) {
err:
@@ -333,7 +418,6 @@
{
int i, j;
BIO *out = NULL, *btmp = NULL, *etmp = NULL, *bio = NULL;
- unsigned char *tmp = NULL;
X509_ALGOR *xa;
ASN1_OCTET_STRING *data_body = NULL;
const EVP_MD *evp_md;
@@ -343,6 +427,8 @@
STACK_OF(X509_ALGOR) *md_sk = NULL;
STACK_OF(PKCS7_RECIP_INFO) *rsk = NULL;
PKCS7_RECIP_INFO *ri = NULL;
+ unsigned char *ek = NULL, *tkey = NULL;
+ int eklen = 0, tkeylen = 0;
if (p7 == NULL) {
PKCS7err(PKCS7_F_PKCS7_DATADECODE, PKCS7_R_INVALID_NULL_POINTER);
@@ -366,6 +452,11 @@
* or if the contentType is wrong (i.e., not "data").
*/
data_body = PKCS7_get_octet_string(p7->d.sign->contents);
+ if (!PKCS7_is_detached(p7) && data_body == NULL) {
+ PKCS7err(PKCS7_F_PKCS7_DATADECODE,
+ PKCS7_R_INVALID_SIGNED_DATA_TYPE);
+ goto err;
+ }
md_sk = p7->d.sign->md_algs;
break;
case NID_pkcs7_signedAndEnveloped:
@@ -439,9 +530,6 @@
int max;
X509_OBJECT ret;
#endif
- unsigned char *tkey = NULL;
- int tkeylen;
- int jj;
if ((etmp = BIO_new(BIO_f_cipher())) == NULL) {
PKCS7err(PKCS7_F_PKCS7_DATADECODE, ERR_R_BIO_LIB);
@@ -472,48 +560,23 @@
}
}
- jj = EVP_PKEY_size(pkey);
- tmp = (unsigned char *)OPENSSL_malloc(jj + 10);
- if (tmp == NULL) {
- PKCS7err(PKCS7_F_PKCS7_DATADECODE, ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
/* If we haven't got a certificate try each ri in turn */
-
if (pcert == NULL) {
/*
- * Temporary storage in case EVP_PKEY_decrypt overwrites output
- * buffer on error.
+ * Always attempt to decrypt all rinfo even after sucess as a
+ * defence against MMA timing attacks.
*/
- unsigned char *tmp2;
- tmp2 = OPENSSL_malloc(jj);
- if (!tmp2)
- goto err;
- jj = -1;
- /*
- * Always attempt to decrypt all cases to avoid leaking timing
- * information about a successful decrypt.
- */
for (i = 0; i < sk_PKCS7_RECIP_INFO_num(rsk); i++) {
- int tret;
ri = sk_PKCS7_RECIP_INFO_value(rsk, i);
- tret = EVP_PKEY_decrypt(tmp2,
- M_ASN1_STRING_data(ri->enc_key),
- M_ASN1_STRING_length(ri->enc_key),
- pkey);
- if (tret > 0) {
- memcpy(tmp, tmp2, tret);
- OPENSSL_cleanse(tmp2, tret);
- jj = tret;
- }
+
+ if (pkcs7_decrypt_rinfo(&ek, &eklen, ri, pkey) < 0)
+ goto err;
ERR_clear_error();
}
- OPENSSL_free(tmp2);
} else {
- jj = EVP_PKEY_decrypt(tmp,
- M_ASN1_STRING_data(ri->enc_key),
- M_ASN1_STRING_length(ri->enc_key), pkey);
+ /* Only exit on fatal errors, not decrypt failure */
+ if (pkcs7_decrypt_rinfo(&ek, &eklen, ri, pkey) < 0)
+ goto err;
ERR_clear_error();
}
@@ -523,7 +586,7 @@
goto err;
if (EVP_CIPHER_asn1_to_param(evp_ctx, enc_alg->parameter) < 0)
goto err;
- /* Generate random key to counter MMA */
+ /* Generate random key as MMA defence */
tkeylen = EVP_CIPHER_CTX_key_length(evp_ctx);
tkey = OPENSSL_malloc(tkeylen);
if (!tkey)
@@ -530,38 +593,41 @@
goto err;
if (EVP_CIPHER_CTX_rand_key(evp_ctx, tkey) <= 0)
goto err;
- /* If we have no key use random key */
- if (jj <= 0) {
- OPENSSL_free(tmp);
- jj = tkeylen;
- tmp = tkey;
+ if (ek == NULL) {
+ ek = tkey;
+ eklen = tkeylen;
tkey = NULL;
}
- if (jj != tkeylen) {
+ if (eklen != EVP_CIPHER_CTX_key_length(evp_ctx)) {
/*
* Some S/MIME clients don't use the same key and effective key
* length. The key length is determined by the size of the
* decrypted RSA key.
*/
- if (!EVP_CIPHER_CTX_set_key_length(evp_ctx, jj)) {
- /* As MMA defence use random key instead */
- OPENSSL_cleanse(tmp, jj);
- OPENSSL_free(tmp);
- jj = tkeylen;
- tmp = tkey;
+ if (!EVP_CIPHER_CTX_set_key_length(evp_ctx, eklen)) {
+ /* Use random key as MMA defence */
+ OPENSSL_cleanse(ek, eklen);
+ OPENSSL_free(ek);
+ ek = tkey;
+ eklen = tkeylen;
tkey = NULL;
}
}
+ /* Clear errors so we don't leak information useful in MMA */
ERR_clear_error();
- if (EVP_CipherInit_ex(evp_ctx, NULL, NULL, tmp, NULL, 0) <= 0)
+ if (EVP_CipherInit_ex(evp_ctx, NULL, NULL, ek, NULL, 0) <= 0)
goto err;
- OPENSSL_cleanse(tmp, jj);
-
+ if (ek) {
+ OPENSSL_cleanse(ek, eklen);
+ OPENSSL_free(ek);
+ ek = NULL;
+ }
if (tkey) {
OPENSSL_cleanse(tkey, tkeylen);
OPENSSL_free(tkey);
+ tkey = NULL;
}
if (out == NULL)
@@ -601,6 +667,14 @@
#endif
if (0) {
err:
+ if (ek) {
+ OPENSSL_cleanse(ek, eklen);
+ OPENSSL_free(ek);
+ }
+ if (tkey) {
+ OPENSSL_cleanse(tkey, tkeylen);
+ OPENSSL_free(tkey);
+ }
if (out != NULL)
BIO_free_all(out);
if (btmp != NULL)
@@ -611,8 +685,6 @@
BIO_free_all(bio);
out = NULL;
}
- if (tmp != NULL)
- OPENSSL_free(tmp);
return (out);
}
@@ -637,13 +709,41 @@
return NULL;
}
+static int do_pkcs7_signed_attrib(PKCS7_SIGNER_INFO *si, EVP_MD_CTX *mctx)
+{
+ unsigned char md_data[EVP_MAX_MD_SIZE];
+ unsigned int md_len;
+
+ /* Add signing time if not already present */
+ if (!PKCS7_get_signed_attribute(si, NID_pkcs9_signingTime)) {
+ if (!PKCS7_add0_attrib_signing_time(si, NULL)) {
+ PKCS7err(PKCS7_F_DO_PKCS7_SIGNED_ATTRIB, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+ }
+
+ /* Add digest */
+ if (!EVP_DigestFinal_ex(mctx, md_data, &md_len)) {
+ PKCS7err(PKCS7_F_DO_PKCS7_SIGNED_ATTRIB, ERR_R_EVP_LIB);
+ return 0;
+ }
+ if (!PKCS7_add1_attrib_digest(si, md_data, md_len)) {
+ PKCS7err(PKCS7_F_DO_PKCS7_SIGNED_ATTRIB, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+
+ /* Now sign the attributes */
+ if (!PKCS7_SIGNER_INFO_sign(si))
+ return 0;
+
+ return 1;
+}
+
int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
{
int ret = 0;
int i, j;
BIO *btmp;
- BUF_MEM *buf_mem = NULL;
- BUF_MEM *buf = NULL;
PKCS7_SIGNER_INFO *si;
EVP_MD_CTX *mdc, ctx_tmp;
STACK_OF(X509_ATTRIBUTE) *sk;
@@ -665,22 +765,33 @@
p7->state = PKCS7_S_HEADER;
switch (i) {
+ case NID_pkcs7_data:
+ os = p7->d.data;
+ break;
case NID_pkcs7_signedAndEnveloped:
/* XXXXXXXXXXXXXXXX */
si_sk = p7->d.signed_and_enveloped->signer_info;
- if (!(os = M_ASN1_OCTET_STRING_new())) {
- PKCS7err(PKCS7_F_PKCS7_DATAFINAL, ERR_R_MALLOC_FAILURE);
- goto err;
+ os = p7->d.signed_and_enveloped->enc_data->enc_data;
+ if (!os) {
+ os = M_ASN1_OCTET_STRING_new();
+ if (!os) {
+ PKCS7err(PKCS7_F_PKCS7_DATAFINAL, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ p7->d.signed_and_enveloped->enc_data->enc_data = os;
}
- p7->d.signed_and_enveloped->enc_data->enc_data = os;
break;
case NID_pkcs7_enveloped:
/* XXXXXXXXXXXXXXXX */
- if (!(os = M_ASN1_OCTET_STRING_new())) {
- PKCS7err(PKCS7_F_PKCS7_DATAFINAL, ERR_R_MALLOC_FAILURE);
- goto err;
+ os = p7->d.enveloped->enc_data->enc_data;
+ if (!os) {
+ os = M_ASN1_OCTET_STRING_new();
+ if (!os) {
+ PKCS7err(PKCS7_F_PKCS7_DATAFINAL, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ p7->d.enveloped->enc_data->enc_data = os;
}
- p7->d.enveloped->enc_data->enc_data = os;
break;
case NID_pkcs7_signed:
si_sk = p7->d.sign->signer_info;
@@ -703,13 +814,12 @@
}
break;
+ default:
+ PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
+ goto err;
}
if (si_sk != NULL) {
- if ((buf = BUF_MEM_new()) == NULL) {
- PKCS7err(PKCS7_F_PKCS7_DATAFINAL, ERR_R_BIO_LIB);
- goto err;
- }
for (i = 0; i < sk_PKCS7_SIGNER_INFO_num(si_sk); i++) {
si = sk_PKCS7_SIGNER_INFO_value(si_sk, i);
if (si->pkey == NULL)
@@ -727,11 +837,8 @@
/*
* We now have the EVP_MD_CTX, lets do the signing.
*/
- EVP_MD_CTX_copy_ex(&ctx_tmp, mdc);
- if (!BUF_MEM_grow_clean(buf, EVP_PKEY_size(si->pkey))) {
- PKCS7err(PKCS7_F_PKCS7_DATAFINAL, ERR_R_BIO_LIB);
+ if (!EVP_MD_CTX_copy_ex(&ctx_tmp, mdc))
goto err;
- }
sk = si->auth_attr;
@@ -739,77 +846,23 @@
* If there are attributes, we add the digest attribute and only
* sign the attributes
*/
- if ((sk != NULL) && (sk_X509_ATTRIBUTE_num(sk) != 0)) {
- unsigned char md_data[EVP_MAX_MD_SIZE], *abuf = NULL;
- unsigned int md_len, alen;
- ASN1_OCTET_STRING *digest;
- ASN1_UTCTIME *sign_time;
- const EVP_MD *md_tmp;
-
- /* Add signing time if not already present */
- if (!PKCS7_get_signed_attribute(si, NID_pkcs9_signingTime)) {
- if (!(sign_time = X509_gmtime_adj(NULL, 0))) {
- PKCS7err(PKCS7_F_PKCS7_DATAFINAL,
- ERR_R_MALLOC_FAILURE);
- goto err;
- }
- if (!PKCS7_add_signed_attribute(si,
- NID_pkcs9_signingTime,
- V_ASN1_UTCTIME,
- sign_time)) {
- M_ASN1_UTCTIME_free(sign_time);
- goto err;
- }
- }
-
- /* Add digest */
- md_tmp = EVP_MD_CTX_md(&ctx_tmp);
- EVP_DigestFinal_ex(&ctx_tmp, md_data, &md_len);
- if (!(digest = M_ASN1_OCTET_STRING_new())) {
- PKCS7err(PKCS7_F_PKCS7_DATAFINAL, ERR_R_MALLOC_FAILURE);
+ if (sk_X509_ATTRIBUTE_num(sk) > 0) {
+ if (!do_pkcs7_signed_attrib(si, &ctx_tmp))
goto err;
- }
- if (!M_ASN1_OCTET_STRING_set(digest, md_data, md_len)) {
- PKCS7err(PKCS7_F_PKCS7_DATAFINAL, ERR_R_MALLOC_FAILURE);
- M_ASN1_OCTET_STRING_free(digest);
+ } else {
+ unsigned char *abuf = NULL;
+ unsigned int abuflen;
+ abuflen = EVP_PKEY_size(si->pkey);
+ abuf = OPENSSL_malloc(abuflen);
+ if (!abuf)
goto err;
- }
- if (!PKCS7_add_signed_attribute(si,
- NID_pkcs9_messageDigest,
- V_ASN1_OCTET_STRING, digest))
- {
- M_ASN1_OCTET_STRING_free(digest);
+
+ if (!EVP_SignFinal(&ctx_tmp, abuf, &abuflen, si->pkey)) {
+ PKCS7err(PKCS7_F_PKCS7_DATAFINAL, ERR_R_EVP_LIB);
goto err;
}
-
- /* Now sign the attributes */
- EVP_SignInit_ex(&ctx_tmp, md_tmp, NULL);
- alen = ASN1_item_i2d((ASN1_VALUE *)sk, &abuf,
- ASN1_ITEM_rptr(PKCS7_ATTR_SIGN));
- if (!abuf)
- goto err;
- EVP_SignUpdate(&ctx_tmp, abuf, alen);
- OPENSSL_free(abuf);
+ ASN1_STRING_set0(si->enc_digest, abuf, abuflen);
}
-#ifndef OPENSSL_NO_DSA
- if (si->pkey->type == EVP_PKEY_DSA)
- ctx_tmp.digest = EVP_dss1();
-#endif
-#ifndef OPENSSL_NO_ECDSA
- if (si->pkey->type == EVP_PKEY_EC)
- ctx_tmp.digest = EVP_ecdsa();
-#endif
-
- if (!EVP_SignFinal(&ctx_tmp, (unsigned char *)buf->data,
- (unsigned int *)&buf->length, si->pkey)) {
- PKCS7err(PKCS7_F_PKCS7_DATAFINAL, ERR_R_EVP_LIB);
- goto err;
- }
- if (!ASN1_STRING_set(si->enc_digest,
- (unsigned char *)buf->data, buf->length)) {
- PKCS7err(PKCS7_F_PKCS7_DATAFINAL, ERR_R_ASN1_LIB);
- goto err;
- }
}
} else if (i == NID_pkcs7_digest) {
unsigned char md_data[EVP_MAX_MD_SIZE];
@@ -817,7 +870,8 @@
if (!PKCS7_find_digest(&mdc, bio,
OBJ_obj2nid(p7->d.digest->md->algorithm)))
goto err;
- EVP_DigestFinal_ex(mdc, md_data, &md_len);
+ if (!EVP_DigestFinal_ex(mdc, md_data, &md_len))
+ goto err;
M_ASN1_OCTET_STRING_set(p7->d.digest->digest, md_data, md_len);
}
@@ -828,34 +882,89 @@
*/
if (os == NULL)
goto err;
- btmp = BIO_find_type(bio, BIO_TYPE_MEM);
- if (btmp == NULL) {
- PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_UNABLE_TO_FIND_MEM_BIO);
- goto err;
+ if (!(os->flags & ASN1_STRING_FLAG_NDEF)) {
+ char *cont;
+ long contlen;
+ btmp = BIO_find_type(bio, BIO_TYPE_MEM);
+ if (btmp == NULL) {
+ PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_UNABLE_TO_FIND_MEM_BIO);
+ goto err;
+ }
+ contlen = BIO_get_mem_data(btmp, &cont);
+ /*
+ * Mark the BIO read only then we can use its copy of the data
+ * instead of making an extra copy.
+ */
+ BIO_set_flags(btmp, BIO_FLAGS_MEM_RDONLY);
+ BIO_set_mem_eof_return(btmp, 0);
+ ASN1_STRING_set0(os, (unsigned char *)cont, contlen);
}
- BIO_get_mem_ptr(btmp, &buf_mem);
- /*
- * Mark the BIO read only then we can use its copy of the data
- * instead of making an extra copy.
- */
- BIO_set_flags(btmp, BIO_FLAGS_MEM_RDONLY);
- BIO_set_mem_eof_return(btmp, 0);
- os->data = (unsigned char *)buf_mem->data;
- os->length = buf_mem->length;
-#if 0
- M_ASN1_OCTET_STRING_set(os,
- (unsigned char *)buf_mem->data,
- buf_mem->length);
-#endif
}
ret = 1;
err:
EVP_MD_CTX_cleanup(&ctx_tmp);
- if (buf != NULL)
- BUF_MEM_free(buf);
return (ret);
}
+int PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si)
+{
+ EVP_MD_CTX mctx;
+ EVP_PKEY_CTX *pctx;
+ unsigned char *abuf = NULL;
+ int alen;
+ size_t siglen;
+ const EVP_MD *md = NULL;
+
+ md = EVP_get_digestbyobj(si->digest_alg->algorithm);
+ if (md == NULL)
+ return 0;
+
+ EVP_MD_CTX_init(&mctx);
+ if (EVP_DigestSignInit(&mctx, &pctx, md, NULL, si->pkey) <= 0)
+ goto err;
+
+ if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN,
+ EVP_PKEY_CTRL_PKCS7_SIGN, 0, si) <= 0) {
+ PKCS7err(PKCS7_F_PKCS7_SIGNER_INFO_SIGN, PKCS7_R_CTRL_ERROR);
+ goto err;
+ }
+
+ alen = ASN1_item_i2d((ASN1_VALUE *)si->auth_attr, &abuf,
+ ASN1_ITEM_rptr(PKCS7_ATTR_SIGN));
+ if (!abuf)
+ goto err;
+ if (EVP_DigestSignUpdate(&mctx, abuf, alen) <= 0)
+ goto err;
+ OPENSSL_free(abuf);
+ abuf = NULL;
+ if (EVP_DigestSignFinal(&mctx, NULL, &siglen) <= 0)
+ goto err;
+ abuf = OPENSSL_malloc(siglen);
+ if (!abuf)
+ goto err;
+ if (EVP_DigestSignFinal(&mctx, abuf, &siglen) <= 0)
+ goto err;
+
+ if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN,
+ EVP_PKEY_CTRL_PKCS7_SIGN, 1, si) <= 0) {
+ PKCS7err(PKCS7_F_PKCS7_SIGNER_INFO_SIGN, PKCS7_R_CTRL_ERROR);
+ goto err;
+ }
+
+ EVP_MD_CTX_cleanup(&mctx);
+
+ ASN1_STRING_set0(si->enc_digest, abuf, siglen);
+
+ return 1;
+
+ err:
+ if (abuf)
+ OPENSSL_free(abuf);
+ EVP_MD_CTX_cleanup(&mctx);
+ return 0;
+
+}
+
int PKCS7_dataVerify(X509_STORE *cert_store, X509_STORE_CTX *ctx, BIO *bio,
PKCS7 *p7, PKCS7_SIGNER_INFO *si)
{
@@ -961,15 +1070,18 @@
* mdc is the digest ctx that we want, unless there are attributes, in
* which case the digest is the signed attributes
*/
- EVP_MD_CTX_copy_ex(&mdc_tmp, mdc);
+ if (!EVP_MD_CTX_copy_ex(&mdc_tmp, mdc))
+ goto err;
sk = si->auth_attr;
if ((sk != NULL) && (sk_X509_ATTRIBUTE_num(sk) != 0)) {
unsigned char md_dat[EVP_MAX_MD_SIZE], *abuf = NULL;
- unsigned int md_len, alen;
+ unsigned int md_len;
+ int alen;
ASN1_OCTET_STRING *message_digest;
- EVP_DigestFinal_ex(&mdc_tmp, md_dat, &md_len);
+ if (!EVP_DigestFinal_ex(&mdc_tmp, md_dat, &md_len))
+ goto err;
message_digest = PKCS7_digest_from_attributes(sk);
if (!message_digest) {
PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY,
@@ -994,11 +1106,18 @@
goto err;
}
- EVP_VerifyInit_ex(&mdc_tmp, EVP_get_digestbynid(md_type), NULL);
+ if (!EVP_VerifyInit_ex(&mdc_tmp, EVP_get_digestbynid(md_type), NULL))
+ goto err;
alen = ASN1_item_i2d((ASN1_VALUE *)sk, &abuf,
ASN1_ITEM_rptr(PKCS7_ATTR_VERIFY));
- EVP_VerifyUpdate(&mdc_tmp, abuf, alen);
+ if (alen <= 0) {
+ PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY, ERR_R_ASN1_LIB);
+ ret = -1;
+ goto err;
+ }
+ if (!EVP_VerifyUpdate(&mdc_tmp, abuf, alen))
+ goto err;
OPENSSL_free(abuf);
}
@@ -1009,14 +1128,6 @@
ret = -1;
goto err;
}
-#ifndef OPENSSL_NO_DSA
- if (pkey->type == EVP_PKEY_DSA)
- mdc_tmp.digest = EVP_dss1();
-#endif
-#ifndef OPENSSL_NO_ECDSA
- if (pkey->type == EVP_PKEY_EC)
- mdc_tmp.digest = EVP_ecdsa();
-#endif
i = EVP_VerifyFinal(&mdc_tmp, os->data, os->length, pkey);
EVP_PKEY_free(pkey);
@@ -1149,7 +1260,8 @@
X509_ATTRIBUTE *attr = NULL;
if (*sk == NULL) {
- if (!(*sk = sk_X509_ATTRIBUTE_new_null()))
+ *sk = sk_X509_ATTRIBUTE_new_null();
+ if (*sk == NULL)
return 0;
new_attrib:
if (!(attr = X509_ATTRIBUTE_create(nid, atrtype, value)))
Modified: trunk/crypto/openssl/crypto/pkcs7/pk7_lib.c
===================================================================
--- trunk/crypto/openssl/crypto/pkcs7/pk7_lib.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/pkcs7/pk7_lib.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -60,6 +60,7 @@
#include "cryptlib.h"
#include <openssl/objects.h>
#include <openssl/x509.h>
+#include "asn1_locl.h"
long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg)
{
@@ -354,13 +355,8 @@
int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
const EVP_MD *dgst)
{
- int nid;
- char is_dsa;
+ int ret;
- if (pkey->type == EVP_PKEY_DSA || pkey->type == EVP_PKEY_EC)
- is_dsa = 1;
- else
- is_dsa = 0;
/* We now need to add another PKCS7_SIGNER_INFO entry */
if (!ASN1_INTEGER_set(p7i->version, 1))
goto err;
@@ -382,59 +378,42 @@
p7i->pkey = pkey;
/* Set the algorithms */
- if (is_dsa)
- p7i->digest_alg->algorithm = OBJ_nid2obj(NID_sha1);
- else
- p7i->digest_alg->algorithm = OBJ_nid2obj(EVP_MD_type(dgst));
- if (p7i->digest_alg->parameter != NULL)
- ASN1_TYPE_free(p7i->digest_alg->parameter);
- if ((p7i->digest_alg->parameter = ASN1_TYPE_new()) == NULL)
- goto err;
- p7i->digest_alg->parameter->type = V_ASN1_NULL;
+ X509_ALGOR_set0(p7i->digest_alg, OBJ_nid2obj(EVP_MD_type(dgst)),
+ V_ASN1_NULL, NULL);
- if (p7i->digest_enc_alg->parameter != NULL)
- ASN1_TYPE_free(p7i->digest_enc_alg->parameter);
- nid = EVP_PKEY_type(pkey->type);
- if (nid == EVP_PKEY_RSA) {
- p7i->digest_enc_alg->algorithm = OBJ_nid2obj(NID_rsaEncryption);
- if (!(p7i->digest_enc_alg->parameter = ASN1_TYPE_new()))
- goto err;
- p7i->digest_enc_alg->parameter->type = V_ASN1_NULL;
- } else if (nid == EVP_PKEY_DSA) {
-#if 1
- /*
- * use 'dsaEncryption' OID for compatibility with other software
- * (PKCS #7 v1.5 does specify how to handle DSA) ...
- */
- p7i->digest_enc_alg->algorithm = OBJ_nid2obj(NID_dsa);
-#else
- /*
- * ... although the 'dsaWithSHA1' OID (as required by RFC 2630 for
- * CMS) would make more sense.
- */
- p7i->digest_enc_alg->algorithm = OBJ_nid2obj(NID_dsaWithSHA1);
-#endif
- p7i->digest_enc_alg->parameter = NULL; /* special case for DSA: omit
- * 'parameter'! */
- } else if (nid == EVP_PKEY_EC) {
- p7i->digest_enc_alg->algorithm = OBJ_nid2obj(NID_ecdsa_with_SHA1);
- if (!(p7i->digest_enc_alg->parameter = ASN1_TYPE_new()))
- goto err;
- p7i->digest_enc_alg->parameter->type = V_ASN1_NULL;
- } else
- return (0);
-
- return (1);
+ if (pkey->ameth && pkey->ameth->pkey_ctrl) {
+ ret = pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_PKCS7_SIGN, 0, p7i);
+ if (ret > 0)
+ return 1;
+ if (ret != -2) {
+ PKCS7err(PKCS7_F_PKCS7_SIGNER_INFO_SET,
+ PKCS7_R_SIGNING_CTRL_FAILURE);
+ return 0;
+ }
+ }
+ PKCS7err(PKCS7_F_PKCS7_SIGNER_INFO_SET,
+ PKCS7_R_SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE);
err:
- return (0);
+ return 0;
}
PKCS7_SIGNER_INFO *PKCS7_add_signature(PKCS7 *p7, X509 *x509, EVP_PKEY *pkey,
const EVP_MD *dgst)
{
- PKCS7_SIGNER_INFO *si;
+ PKCS7_SIGNER_INFO *si = NULL;
+ if (dgst == NULL) {
+ int def_nid;
+ if (EVP_PKEY_get_default_digest_nid(pkey, &def_nid) <= 0)
+ goto err;
+ dgst = EVP_get_digestbynid(def_nid);
+ if (dgst == NULL) {
+ PKCS7err(PKCS7_F_PKCS7_ADD_SIGNATURE, PKCS7_R_NO_DEFAULT_DIGEST);
+ goto err;
+ }
+ }
+
if ((si = PKCS7_SIGNER_INFO_new()) == NULL)
goto err;
if (!PKCS7_SIGNER_INFO_set(si, x509, pkey, dgst))
@@ -443,7 +422,8 @@
goto err;
return (si);
err:
- PKCS7_SIGNER_INFO_free(si);
+ if (si)
+ PKCS7_SIGNER_INFO_free(si);
return (NULL);
}
@@ -475,6 +455,23 @@
return (NULL);
}
+void PKCS7_SIGNER_INFO_get0_algs(PKCS7_SIGNER_INFO *si, EVP_PKEY **pk,
+ X509_ALGOR **pdig, X509_ALGOR **psig)
+{
+ if (pk)
+ *pk = si->pkey;
+ if (pdig)
+ *pdig = si->digest_alg;
+ if (psig)
+ *psig = si->digest_enc_alg;
+}
+
+void PKCS7_RECIP_INFO_get0_alg(PKCS7_RECIP_INFO *ri, X509_ALGOR **penc)
+{
+ if (penc)
+ *penc = ri->key_enc_algor;
+}
+
PKCS7_RECIP_INFO *PKCS7_add_recipient(PKCS7 *p7, X509 *x509)
{
PKCS7_RECIP_INFO *ri;
@@ -485,10 +482,11 @@
goto err;
if (!PKCS7_add_recipient_info(p7, ri))
goto err;
- return (ri);
+ return ri;
err:
- PKCS7_RECIP_INFO_free(ri);
- return (NULL);
+ if (ri)
+ PKCS7_RECIP_INFO_free(ri);
+ return NULL;
}
int PKCS7_add_recipient_info(PKCS7 *p7, PKCS7_RECIP_INFO *ri)
@@ -517,6 +515,8 @@
int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509)
{
+ int ret;
+ EVP_PKEY *pkey = NULL;
if (!ASN1_INTEGER_set(p7i->version, 0))
return 0;
if (!X509_NAME_set(&p7i->issuer_and_serial->issuer,
@@ -528,14 +528,37 @@
M_ASN1_INTEGER_dup(X509_get_serialNumber(x509))))
return 0;
- X509_ALGOR_free(p7i->key_enc_algor);
- if (!(p7i->key_enc_algor = X509_ALGOR_dup(x509->cert_info->key->algor)))
- return 0;
+ pkey = X509_get_pubkey(x509);
+ if (!pkey || !pkey->ameth || !pkey->ameth->pkey_ctrl) {
+ PKCS7err(PKCS7_F_PKCS7_RECIP_INFO_SET,
+ PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE);
+ goto err;
+ }
+
+ ret = pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_PKCS7_ENCRYPT, 0, p7i);
+ if (ret == -2) {
+ PKCS7err(PKCS7_F_PKCS7_RECIP_INFO_SET,
+ PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE);
+ goto err;
+ }
+ if (ret <= 0) {
+ PKCS7err(PKCS7_F_PKCS7_RECIP_INFO_SET,
+ PKCS7_R_ENCRYPTION_CTRL_FAILURE);
+ goto err;
+ }
+
+ EVP_PKEY_free(pkey);
+
CRYPTO_add(&x509->references, 1, CRYPTO_LOCK_X509);
p7i->cert = x509;
- return (1);
+ return 1;
+
+ err:
+ if (pkey)
+ EVP_PKEY_free(pkey);
+ return 0;
}
X509 *PKCS7_cert_from_signer_info(PKCS7 *p7, PKCS7_SIGNER_INFO *si)
@@ -578,3 +601,46 @@
ec->cipher = cipher;
return 1;
}
+
+int PKCS7_stream(unsigned char ***boundary, PKCS7 *p7)
+{
+ ASN1_OCTET_STRING *os = NULL;
+
+ switch (OBJ_obj2nid(p7->type)) {
+ case NID_pkcs7_data:
+ os = p7->d.data;
+ break;
+
+ case NID_pkcs7_signedAndEnveloped:
+ os = p7->d.signed_and_enveloped->enc_data->enc_data;
+ if (os == NULL) {
+ os = M_ASN1_OCTET_STRING_new();
+ p7->d.signed_and_enveloped->enc_data->enc_data = os;
+ }
+ break;
+
+ case NID_pkcs7_enveloped:
+ os = p7->d.enveloped->enc_data->enc_data;
+ if (os == NULL) {
+ os = M_ASN1_OCTET_STRING_new();
+ p7->d.enveloped->enc_data->enc_data = os;
+ }
+ break;
+
+ case NID_pkcs7_signed:
+ os = p7->d.sign->contents->d.data;
+ break;
+
+ default:
+ os = NULL;
+ break;
+ }
+
+ if (os == NULL)
+ return 0;
+
+ os->flags |= ASN1_STRING_FLAG_NDEF;
+ *boundary = &os->data;
+
+ return 1;
+}
Modified: trunk/crypto/openssl/crypto/pkcs7/pk7_mime.c
===================================================================
--- trunk/crypto/openssl/crypto/pkcs7/pk7_mime.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/pkcs7/pk7_mime.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -60,52 +60,18 @@
#include <openssl/x509.h>
#include <openssl/asn1.h>
-/* PKCS#7 wrappers round generalised MIME routines */
+/* PKCS#7 wrappers round generalised stream and MIME routines */
-PKCS7 *SMIME_read_PKCS7(BIO *bio, BIO **bcont)
+int i2d_PKCS7_bio_stream(BIO *out, PKCS7 *p7, BIO *in, int flags)
{
- return (PKCS7 *)SMIME_read_ASN1(bio, bcont, ASN1_ITEM_rptr(PKCS7));
+ return i2d_ASN1_bio_stream(out, (ASN1_VALUE *)p7, in, flags,
+ ASN1_ITEM_rptr(PKCS7));
}
-/* Callback for int_smime_write_ASN1 */
-
-static int pk7_output_data(BIO *out, BIO *data, ASN1_VALUE *val, int flags,
- const ASN1_ITEM *it)
+int PEM_write_bio_PKCS7_stream(BIO *out, PKCS7 *p7, BIO *in, int flags)
{
- PKCS7 *p7 = (PKCS7 *)val;
- BIO *tmpbio, *p7bio;
-
- if (!(flags & SMIME_DETACHED)) {
- SMIME_crlf_copy(data, out, flags);
- return 1;
- }
-
- /* Let PKCS7 code prepend any needed BIOs */
-
- p7bio = PKCS7_dataInit(p7, out);
-
- if (!p7bio)
- return 0;
-
- /* Copy data across, passing through filter BIOs for processing */
- SMIME_crlf_copy(data, p7bio, flags);
-
- /* Finalize structure */
- if (PKCS7_dataFinal(p7, p7bio) <= 0)
- goto err;
-
- err:
-
- /* Now remove any digests prepended to the BIO */
-
- while (p7bio != out) {
- tmpbio = BIO_pop(p7bio);
- BIO_free(p7bio);
- p7bio = tmpbio;
- }
-
- return 1;
-
+ return PEM_write_bio_ASN1_stream(out, (ASN1_VALUE *)p7, in, flags,
+ "PKCS7", ASN1_ITEM_rptr(PKCS7));
}
int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags)
@@ -117,7 +83,14 @@
else
mdalgs = NULL;
- return int_smime_write_ASN1(bio, (ASN1_VALUE *)p7, data, flags,
- ctype_nid, NID_undef, mdalgs,
- pk7_output_data, ASN1_ITEM_rptr(PKCS7));
+ flags ^= SMIME_OLDMIME;
+
+ return SMIME_write_ASN1(bio, (ASN1_VALUE *)p7, data, flags,
+ ctype_nid, NID_undef, mdalgs,
+ ASN1_ITEM_rptr(PKCS7));
}
+
+PKCS7 *SMIME_read_PKCS7(BIO *bio, BIO **bcont)
+{
+ return (PKCS7 *)SMIME_read_ASN1(bio, bcont, ASN1_ITEM_rptr(PKCS7));
+}
Modified: trunk/crypto/openssl/crypto/pkcs7/pk7_smime.c
===================================================================
--- trunk/crypto/openssl/crypto/pkcs7/pk7_smime.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/pkcs7/pk7_smime.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -64,21 +64,14 @@
#include <openssl/x509.h>
#include <openssl/x509v3.h>
+static int pkcs7_copy_existing_digest(PKCS7 *p7, PKCS7_SIGNER_INFO *si);
+
PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
BIO *data, int flags)
{
- PKCS7 *p7 = NULL;
- PKCS7_SIGNER_INFO *si;
- BIO *p7bio = NULL;
- STACK_OF(X509_ALGOR) *smcap = NULL;
+ PKCS7 *p7;
int i;
- if (!X509_check_private_key(signcert, pkey)) {
- PKCS7err(PKCS7_F_PKCS7_SIGN,
- PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE);
- return NULL;
- }
-
if (!(p7 = PKCS7_new())) {
PKCS7err(PKCS7_F_PKCS7_SIGN, ERR_R_MALLOC_FAILURE);
return NULL;
@@ -90,81 +83,167 @@
if (!PKCS7_content_new(p7, NID_pkcs7_data))
goto err;
- if (!(si = PKCS7_add_signature(p7, signcert, pkey, EVP_sha1()))) {
- PKCS7err(PKCS7_F_PKCS7_SIGN, PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR);
+ if (pkey && !PKCS7_sign_add_signer(p7, signcert, pkey, NULL, flags)) {
+ PKCS7err(PKCS7_F_PKCS7_SIGN, PKCS7_R_PKCS7_ADD_SIGNER_ERROR);
goto err;
}
if (!(flags & PKCS7_NOCERTS)) {
+ for (i = 0; i < sk_X509_num(certs); i++) {
+ if (!PKCS7_add_certificate(p7, sk_X509_value(certs, i)))
+ goto err;
+ }
+ }
+
+ if (flags & PKCS7_DETACHED)
+ PKCS7_set_detached(p7, 1);
+
+ if (flags & (PKCS7_STREAM | PKCS7_PARTIAL))
+ return p7;
+
+ if (PKCS7_final(p7, data, flags))
+ return p7;
+
+ err:
+ PKCS7_free(p7);
+ return NULL;
+}
+
+int PKCS7_final(PKCS7 *p7, BIO *data, int flags)
+{
+ BIO *p7bio;
+ int ret = 0;
+ if (!(p7bio = PKCS7_dataInit(p7, NULL))) {
+ PKCS7err(PKCS7_F_PKCS7_FINAL, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+
+ SMIME_crlf_copy(data, p7bio, flags);
+
+ (void)BIO_flush(p7bio);
+
+ if (!PKCS7_dataFinal(p7, p7bio)) {
+ PKCS7err(PKCS7_F_PKCS7_FINAL, PKCS7_R_PKCS7_DATASIGN);
+ goto err;
+ }
+
+ ret = 1;
+
+ err:
+ BIO_free_all(p7bio);
+
+ return ret;
+
+}
+
+/* Check to see if a cipher exists and if so add S/MIME capabilities */
+
+static int add_cipher_smcap(STACK_OF(X509_ALGOR) *sk, int nid, int arg)
+{
+ if (EVP_get_cipherbynid(nid))
+ return PKCS7_simple_smimecap(sk, nid, arg);
+ return 1;
+}
+
+static int add_digest_smcap(STACK_OF(X509_ALGOR) *sk, int nid, int arg)
+{
+ if (EVP_get_digestbynid(nid))
+ return PKCS7_simple_smimecap(sk, nid, arg);
+ return 1;
+}
+
+PKCS7_SIGNER_INFO *PKCS7_sign_add_signer(PKCS7 *p7, X509 *signcert,
+ EVP_PKEY *pkey, const EVP_MD *md,
+ int flags)
+{
+ PKCS7_SIGNER_INFO *si = NULL;
+ STACK_OF(X509_ALGOR) *smcap = NULL;
+ if (!X509_check_private_key(signcert, pkey)) {
+ PKCS7err(PKCS7_F_PKCS7_SIGN_ADD_SIGNER,
+ PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE);
+ return NULL;
+ }
+
+ if (!(si = PKCS7_add_signature(p7, signcert, pkey, md))) {
+ PKCS7err(PKCS7_F_PKCS7_SIGN_ADD_SIGNER,
+ PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR);
+ return NULL;
+ }
+
+ if (!(flags & PKCS7_NOCERTS)) {
if (!PKCS7_add_certificate(p7, signcert))
goto err;
- if (certs)
- for (i = 0; i < sk_X509_num(certs); i++)
- if (!PKCS7_add_certificate(p7, sk_X509_value(certs, i)))
- goto err;
}
if (!(flags & PKCS7_NOATTR)) {
- if (!PKCS7_add_signed_attribute(si, NID_pkcs9_contentType,
- V_ASN1_OBJECT,
- OBJ_nid2obj(NID_pkcs7_data)))
+ if (!PKCS7_add_attrib_content_type(si, NULL))
goto err;
/* Add SMIMECapabilities */
if (!(flags & PKCS7_NOSMIMECAP)) {
if (!(smcap = sk_X509_ALGOR_new_null())) {
- PKCS7err(PKCS7_F_PKCS7_SIGN, ERR_R_MALLOC_FAILURE);
+ PKCS7err(PKCS7_F_PKCS7_SIGN_ADD_SIGNER, ERR_R_MALLOC_FAILURE);
goto err;
}
-#ifndef OPENSSL_NO_DES
- if (!PKCS7_simple_smimecap(smcap, NID_des_ede3_cbc, -1))
+ if (!add_cipher_smcap(smcap, NID_aes_256_cbc, -1)
+ || !add_digest_smcap(smcap, NID_id_GostR3411_94, -1)
+ || !add_cipher_smcap(smcap, NID_id_Gost28147_89, -1)
+ || !add_cipher_smcap(smcap, NID_aes_192_cbc, -1)
+ || !add_cipher_smcap(smcap, NID_aes_128_cbc, -1)
+ || !add_cipher_smcap(smcap, NID_des_ede3_cbc, -1)
+ || !add_cipher_smcap(smcap, NID_rc2_cbc, 128)
+ || !add_cipher_smcap(smcap, NID_rc2_cbc, 64)
+ || !add_cipher_smcap(smcap, NID_des_cbc, -1)
+ || !add_cipher_smcap(smcap, NID_rc2_cbc, 40)
+ || !PKCS7_add_attrib_smimecap(si, smcap))
goto err;
-#endif
-#ifndef OPENSSL_NO_RC2
- if (!PKCS7_simple_smimecap(smcap, NID_rc2_cbc, 128))
- goto err;
- if (!PKCS7_simple_smimecap(smcap, NID_rc2_cbc, 64))
- goto err;
-#endif
-#ifndef OPENSSL_NO_DES
- if (!PKCS7_simple_smimecap(smcap, NID_des_cbc, -1))
- goto err;
-#endif
-#ifndef OPENSSL_NO_RC2
- if (!PKCS7_simple_smimecap(smcap, NID_rc2_cbc, 40))
- goto err;
-#endif
- if (!PKCS7_add_attrib_smimecap(si, smcap))
- goto err;
sk_X509_ALGOR_pop_free(smcap, X509_ALGOR_free);
smcap = NULL;
}
+ if (flags & PKCS7_REUSE_DIGEST) {
+ if (!pkcs7_copy_existing_digest(p7, si))
+ goto err;
+ if (!(flags & PKCS7_PARTIAL) && !PKCS7_SIGNER_INFO_sign(si))
+ goto err;
+ }
}
+ return si;
+ err:
+ if (smcap)
+ sk_X509_ALGOR_pop_free(smcap, X509_ALGOR_free);
+ return NULL;
+}
- if (flags & PKCS7_DETACHED)
- PKCS7_set_detached(p7, 1);
+/*
+ * Search for a digest matching SignerInfo digest type and if found copy
+ * across.
+ */
- if (flags & PKCS7_STREAM)
- return p7;
+static int pkcs7_copy_existing_digest(PKCS7 *p7, PKCS7_SIGNER_INFO *si)
+{
+ int i;
+ STACK_OF(PKCS7_SIGNER_INFO) *sinfos;
+ PKCS7_SIGNER_INFO *sitmp;
+ ASN1_OCTET_STRING *osdig = NULL;
+ sinfos = PKCS7_get_signer_info(p7);
+ for (i = 0; i < sk_PKCS7_SIGNER_INFO_num(sinfos); i++) {
+ sitmp = sk_PKCS7_SIGNER_INFO_value(sinfos, i);
+ if (si == sitmp)
+ break;
+ if (sk_X509_ATTRIBUTE_num(sitmp->auth_attr) <= 0)
+ continue;
+ if (!OBJ_cmp(si->digest_alg->algorithm, sitmp->digest_alg->algorithm)) {
+ osdig = PKCS7_digest_from_attributes(sitmp->auth_attr);
+ break;
+ }
- if (!(p7bio = PKCS7_dataInit(p7, NULL))) {
- PKCS7err(PKCS7_F_PKCS7_SIGN, ERR_R_MALLOC_FAILURE);
- goto err;
}
- SMIME_crlf_copy(data, p7bio, flags);
+ if (osdig)
+ return PKCS7_add1_attrib_digest(si, osdig->data, osdig->length);
- if (!PKCS7_dataFinal(p7, p7bio)) {
- PKCS7err(PKCS7_F_PKCS7_SIGN, PKCS7_R_PKCS7_DATASIGN);
- goto err;
- }
-
- BIO_free_all(p7bio);
- return p7;
- err:
- sk_X509_ALGOR_pop_free(smcap, X509_ALGOR_free);
- BIO_free_all(p7bio);
- PKCS7_free(p7);
- return NULL;
+ PKCS7err(PKCS7_F_PKCS7_COPY_EXISTING_DIGEST,
+ PKCS7_R_NO_MATCHING_DIGEST_TYPE_FOUND);
+ return 0;
}
int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
@@ -357,7 +436,7 @@
if (sk_PKCS7_SIGNER_INFO_num(sinfos) <= 0) {
PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS, PKCS7_R_NO_SIGNERS);
- return NULL;
+ return 0;
}
if (!(signers = sk_X509_new_null())) {
@@ -382,7 +461,7 @@
PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS,
PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND);
sk_X509_free(signers);
- return NULL;
+ return 0;
}
if (!sk_X509_push(signers, signer)) {
@@ -422,23 +501,12 @@
}
}
- if (!(p7bio = PKCS7_dataInit(p7, NULL))) {
- PKCS7err(PKCS7_F_PKCS7_ENCRYPT, ERR_R_MALLOC_FAILURE);
- goto err;
- }
+ if (flags & PKCS7_STREAM)
+ return p7;
- SMIME_crlf_copy(in, p7bio, flags);
+ if (PKCS7_final(p7, in, flags))
+ return p7;
- (void)BIO_flush(p7bio);
-
- if (!PKCS7_dataFinal(p7, p7bio)) {
- PKCS7err(PKCS7_F_PKCS7_ENCRYPT, PKCS7_R_PKCS7_DATAFINAL_ERROR);
- goto err;
- }
- BIO_free_all(p7bio);
-
- return p7;
-
err:
BIO_free_all(p7bio);
Modified: trunk/crypto/openssl/crypto/pkcs7/pkcs7.h
===================================================================
--- trunk/crypto/openssl/crypto/pkcs7/pkcs7.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/pkcs7/pkcs7.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -215,7 +215,6 @@
# define PKCS7_type_is_signedAndEnveloped(a) \
(OBJ_obj2nid((a)->type) == NID_pkcs7_signedAndEnveloped)
# define PKCS7_type_is_data(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_data)
-
# define PKCS7_type_is_digest(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_digest)
# define PKCS7_set_detached(p,v) \
@@ -225,14 +224,6 @@
# define PKCS7_is_detached(p7) (PKCS7_type_is_signed(p7) && PKCS7_get_detached(p7))
-# ifdef SSLEAY_MACROS
-# ifndef PKCS7_ISSUER_AND_SERIAL_digest
-# define PKCS7_ISSUER_AND_SERIAL_digest(data,type,md,len) \
- ASN1_digest((int (*)())i2d_PKCS7_ISSUER_AND_SERIAL,type,\
- (char *)data,md,len)
-# endif
-# endif
-
/* S/MIME related flags */
# define PKCS7_TEXT 0x1
@@ -249,6 +240,8 @@
# define PKCS7_CRLFEOL 0x800
# define PKCS7_STREAM 0x1000
# define PKCS7_NOCRL 0x2000
+# define PKCS7_PARTIAL 0x4000
+# define PKCS7_REUSE_DIGEST 0x8000
/* Flags: for compatibility with older code */
@@ -264,18 +257,18 @@
DECLARE_ASN1_FUNCTIONS(PKCS7_ISSUER_AND_SERIAL)
-# ifndef SSLEAY_MACROS
int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data,
const EVP_MD *type, unsigned char *md,
unsigned int *len);
-# ifndef OPENSSL_NO_FP_API
+# ifndef OPENSSL_NO_FP_API
PKCS7 *d2i_PKCS7_fp(FILE *fp, PKCS7 **p7);
int i2d_PKCS7_fp(FILE *fp, PKCS7 *p7);
-# endif
+# endif
PKCS7 *PKCS7_dup(PKCS7 *p7);
PKCS7 *d2i_PKCS7_bio(BIO *bp, PKCS7 **p7);
int i2d_PKCS7_bio(BIO *bp, PKCS7 *p7);
-# endif
+int i2d_PKCS7_bio_stream(BIO *out, PKCS7 *p7, BIO *in, int flags);
+int PEM_write_bio_PKCS7_stream(BIO *out, PKCS7 *p7, BIO *in, int flags);
DECLARE_ASN1_FUNCTIONS(PKCS7_SIGNER_INFO)
DECLARE_ASN1_FUNCTIONS(PKCS7_RECIP_INFO)
@@ -291,6 +284,7 @@
DECLARE_ASN1_ITEM(PKCS7_ATTR_VERIFY)
DECLARE_ASN1_NDEF_FUNCTION(PKCS7)
+DECLARE_ASN1_PRINT_FUNCTION(PKCS7)
long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg);
@@ -299,6 +293,7 @@
int PKCS7_set_content(PKCS7 *p7, PKCS7 *p7_data);
int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
const EVP_MD *dgst);
+int PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si);
int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *p7i);
int PKCS7_add_certificate(PKCS7 *p7, X509 *x509);
int PKCS7_add_crl(PKCS7 *p7, X509_CRL *x509);
@@ -319,9 +314,13 @@
STACK_OF(PKCS7_SIGNER_INFO) *PKCS7_get_signer_info(PKCS7 *p7);
PKCS7_RECIP_INFO *PKCS7_add_recipient(PKCS7 *p7, X509 *x509);
+void PKCS7_SIGNER_INFO_get0_algs(PKCS7_SIGNER_INFO *si, EVP_PKEY **pk,
+ X509_ALGOR **pdig, X509_ALGOR **psig);
+void PKCS7_RECIP_INFO_get0_alg(PKCS7_RECIP_INFO *ri, X509_ALGOR **penc);
int PKCS7_add_recipient_info(PKCS7 *p7, PKCS7_RECIP_INFO *ri);
int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509);
int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher);
+int PKCS7_stream(unsigned char ***boundary, PKCS7 *p7);
PKCS7_ISSUER_AND_SERIAL *PKCS7_get_issuer_and_serial(PKCS7 *p7, int idx);
ASN1_OCTET_STRING *PKCS7_digest_from_attributes(STACK_OF(X509_ATTRIBUTE) *sk);
@@ -338,6 +337,12 @@
PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
BIO *data, int flags);
+
+PKCS7_SIGNER_INFO *PKCS7_sign_add_signer(PKCS7 *p7,
+ X509 *signcert, EVP_PKEY *pkey,
+ const EVP_MD *md, int flags);
+
+int PKCS7_final(PKCS7 *p7, BIO *data, int flags);
int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
BIO *indata, BIO *out, int flags);
STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs,
@@ -352,11 +357,16 @@
STACK_OF(X509_ALGOR) *PKCS7_get_smimecap(PKCS7_SIGNER_INFO *si);
int PKCS7_simple_smimecap(STACK_OF(X509_ALGOR) *sk, int nid, int arg);
+int PKCS7_add_attrib_content_type(PKCS7_SIGNER_INFO *si, ASN1_OBJECT *coid);
+int PKCS7_add0_attrib_signing_time(PKCS7_SIGNER_INFO *si, ASN1_TIME *t);
+int PKCS7_add1_attrib_digest(PKCS7_SIGNER_INFO *si,
+ const unsigned char *md, int mdlen);
+
int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags);
PKCS7 *SMIME_read_PKCS7(BIO *bio, BIO **bcont);
-int SMIME_crlf_copy(BIO *in, BIO *out, int flags);
-int SMIME_text(BIO *in, BIO *out);
+BIO *BIO_new_PKCS7(BIO *out, PKCS7 *p7);
+
/* BEGIN ERROR CODES */
/*
* The following lines are auto generated by the script mkerr.pl. Any changes
@@ -369,12 +379,17 @@
/* Function codes. */
# define PKCS7_F_B64_READ_PKCS7 120
# define PKCS7_F_B64_WRITE_PKCS7 121
+# define PKCS7_F_DO_PKCS7_SIGNED_ATTRIB 136
+# define PKCS7_F_I2D_PKCS7_BIO_STREAM 140
+# define PKCS7_F_PKCS7_ADD0_ATTRIB_SIGNING_TIME 135
# define PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP 118
# define PKCS7_F_PKCS7_ADD_CERTIFICATE 100
# define PKCS7_F_PKCS7_ADD_CRL 101
# define PKCS7_F_PKCS7_ADD_RECIPIENT_INFO 102
+# define PKCS7_F_PKCS7_ADD_SIGNATURE 131
# define PKCS7_F_PKCS7_ADD_SIGNER 103
# define PKCS7_F_PKCS7_BIO_ADD_DIGEST 125
+# define PKCS7_F_PKCS7_COPY_EXISTING_DIGEST 138
# define PKCS7_F_PKCS7_CTRL 104
# define PKCS7_F_PKCS7_DATADECODE 112
# define PKCS7_F_PKCS7_DATAFINAL 128
@@ -382,9 +397,13 @@
# define PKCS7_F_PKCS7_DATASIGN 106
# define PKCS7_F_PKCS7_DATAVERIFY 107
# define PKCS7_F_PKCS7_DECRYPT 114
+# define PKCS7_F_PKCS7_DECRYPT_RINFO 133
+# define PKCS7_F_PKCS7_ENCODE_RINFO 132
# define PKCS7_F_PKCS7_ENCRYPT 115
+# define PKCS7_F_PKCS7_FINAL 134
# define PKCS7_F_PKCS7_FIND_DIGEST 127
# define PKCS7_F_PKCS7_GET0_SIGNERS 124
+# define PKCS7_F_PKCS7_RECIP_INFO_SET 130
# define PKCS7_F_PKCS7_SET_CIPHER 108
# define PKCS7_F_PKCS7_SET_CONTENT 109
# define PKCS7_F_PKCS7_SET_DIGEST 126
@@ -391,6 +410,9 @@
# define PKCS7_F_PKCS7_SET_TYPE 110
# define PKCS7_F_PKCS7_SIGN 116
# define PKCS7_F_PKCS7_SIGNATUREVERIFY 113
+# define PKCS7_F_PKCS7_SIGNER_INFO_SET 129
+# define PKCS7_F_PKCS7_SIGNER_INFO_SIGN 139
+# define PKCS7_F_PKCS7_SIGN_ADD_SIGNER 137
# define PKCS7_F_PKCS7_SIMPLE_SMIMECAP 119
# define PKCS7_F_PKCS7_VERIFY 117
# define PKCS7_F_SMIME_READ_PKCS7 122
@@ -401,14 +423,18 @@
# define PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER 144
# define PKCS7_R_CIPHER_NOT_INITIALIZED 116
# define PKCS7_R_CONTENT_AND_DATA_PRESENT 118
+# define PKCS7_R_CTRL_ERROR 152
# define PKCS7_R_DECODE_ERROR 130
# define PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH 100
# define PKCS7_R_DECRYPT_ERROR 119
# define PKCS7_R_DIGEST_FAILURE 101
+# define PKCS7_R_ENCRYPTION_CTRL_FAILURE 149
+# define PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE 150
# define PKCS7_R_ERROR_ADDING_RECIPIENT 120
# define PKCS7_R_ERROR_SETTING_CIPHER 121
# define PKCS7_R_INVALID_MIME_TYPE 131
# define PKCS7_R_INVALID_NULL_POINTER 143
+# define PKCS7_R_INVALID_SIGNED_DATA_TYPE 155
# define PKCS7_R_MIME_NO_CONTENT_TYPE 132
# define PKCS7_R_MIME_PARSE_ERROR 133
# define PKCS7_R_MIME_SIG_PARSE_ERROR 134
@@ -415,6 +441,8 @@
# define PKCS7_R_MISSING_CERIPEND_INFO 103
# define PKCS7_R_NO_CONTENT 122
# define PKCS7_R_NO_CONTENT_TYPE 135
+# define PKCS7_R_NO_DEFAULT_DIGEST 151
+# define PKCS7_R_NO_MATCHING_DIGEST_TYPE_FOUND 154
# define PKCS7_R_NO_MULTIPART_BODY_FAILURE 136
# define PKCS7_R_NO_MULTIPART_BOUNDARY 137
# define PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE 115
@@ -424,6 +452,7 @@
# define PKCS7_R_NO_SIG_CONTENT_TYPE 138
# define PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE 104
# define PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR 124
+# define PKCS7_R_PKCS7_ADD_SIGNER_ERROR 153
# define PKCS7_R_PKCS7_DATAFINAL 126
# define PKCS7_R_PKCS7_DATAFINAL_ERROR 125
# define PKCS7_R_PKCS7_DATASIGN 145
@@ -432,6 +461,8 @@
# define PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 127
# define PKCS7_R_SIGNATURE_FAILURE 105
# define PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND 128
+# define PKCS7_R_SIGNING_CTRL_FAILURE 147
+# define PKCS7_R_SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE 148
# define PKCS7_R_SIG_INVALID_MIME_TYPE 141
# define PKCS7_R_SMIME_TEXT_ERROR 129
# define PKCS7_R_UNABLE_TO_FIND_CERTIFICATE 106
Modified: trunk/crypto/openssl/crypto/pkcs7/pkcs7err.c
===================================================================
--- trunk/crypto/openssl/crypto/pkcs7/pkcs7err.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/pkcs7/pkcs7err.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,6 +1,6 @@
/* crypto/pkcs7/pkcs7err.c */
/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2014 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -72,13 +72,20 @@
static ERR_STRING_DATA PKCS7_str_functs[] = {
{ERR_FUNC(PKCS7_F_B64_READ_PKCS7), "B64_READ_PKCS7"},
{ERR_FUNC(PKCS7_F_B64_WRITE_PKCS7), "B64_WRITE_PKCS7"},
+ {ERR_FUNC(PKCS7_F_DO_PKCS7_SIGNED_ATTRIB), "DO_PKCS7_SIGNED_ATTRIB"},
+ {ERR_FUNC(PKCS7_F_I2D_PKCS7_BIO_STREAM), "i2d_PKCS7_bio_stream"},
+ {ERR_FUNC(PKCS7_F_PKCS7_ADD0_ATTRIB_SIGNING_TIME),
+ "PKCS7_add0_attrib_signing_time"},
{ERR_FUNC(PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP),
"PKCS7_add_attrib_smimecap"},
{ERR_FUNC(PKCS7_F_PKCS7_ADD_CERTIFICATE), "PKCS7_add_certificate"},
{ERR_FUNC(PKCS7_F_PKCS7_ADD_CRL), "PKCS7_add_crl"},
{ERR_FUNC(PKCS7_F_PKCS7_ADD_RECIPIENT_INFO), "PKCS7_add_recipient_info"},
+ {ERR_FUNC(PKCS7_F_PKCS7_ADD_SIGNATURE), "PKCS7_add_signature"},
{ERR_FUNC(PKCS7_F_PKCS7_ADD_SIGNER), "PKCS7_add_signer"},
{ERR_FUNC(PKCS7_F_PKCS7_BIO_ADD_DIGEST), "PKCS7_BIO_ADD_DIGEST"},
+ {ERR_FUNC(PKCS7_F_PKCS7_COPY_EXISTING_DIGEST),
+ "PKCS7_COPY_EXISTING_DIGEST"},
{ERR_FUNC(PKCS7_F_PKCS7_CTRL), "PKCS7_ctrl"},
{ERR_FUNC(PKCS7_F_PKCS7_DATADECODE), "PKCS7_dataDecode"},
{ERR_FUNC(PKCS7_F_PKCS7_DATAFINAL), "PKCS7_dataFinal"},
@@ -86,9 +93,13 @@
{ERR_FUNC(PKCS7_F_PKCS7_DATASIGN), "PKCS7_DATASIGN"},
{ERR_FUNC(PKCS7_F_PKCS7_DATAVERIFY), "PKCS7_dataVerify"},
{ERR_FUNC(PKCS7_F_PKCS7_DECRYPT), "PKCS7_decrypt"},
+ {ERR_FUNC(PKCS7_F_PKCS7_DECRYPT_RINFO), "PKCS7_DECRYPT_RINFO"},
+ {ERR_FUNC(PKCS7_F_PKCS7_ENCODE_RINFO), "PKCS7_ENCODE_RINFO"},
{ERR_FUNC(PKCS7_F_PKCS7_ENCRYPT), "PKCS7_encrypt"},
+ {ERR_FUNC(PKCS7_F_PKCS7_FINAL), "PKCS7_final"},
{ERR_FUNC(PKCS7_F_PKCS7_FIND_DIGEST), "PKCS7_FIND_DIGEST"},
{ERR_FUNC(PKCS7_F_PKCS7_GET0_SIGNERS), "PKCS7_get0_signers"},
+ {ERR_FUNC(PKCS7_F_PKCS7_RECIP_INFO_SET), "PKCS7_RECIP_INFO_set"},
{ERR_FUNC(PKCS7_F_PKCS7_SET_CIPHER), "PKCS7_set_cipher"},
{ERR_FUNC(PKCS7_F_PKCS7_SET_CONTENT), "PKCS7_set_content"},
{ERR_FUNC(PKCS7_F_PKCS7_SET_DIGEST), "PKCS7_set_digest"},
@@ -95,6 +106,9 @@
{ERR_FUNC(PKCS7_F_PKCS7_SET_TYPE), "PKCS7_set_type"},
{ERR_FUNC(PKCS7_F_PKCS7_SIGN), "PKCS7_sign"},
{ERR_FUNC(PKCS7_F_PKCS7_SIGNATUREVERIFY), "PKCS7_signatureVerify"},
+ {ERR_FUNC(PKCS7_F_PKCS7_SIGNER_INFO_SET), "PKCS7_SIGNER_INFO_set"},
+ {ERR_FUNC(PKCS7_F_PKCS7_SIGNER_INFO_SIGN), "PKCS7_SIGNER_INFO_sign"},
+ {ERR_FUNC(PKCS7_F_PKCS7_SIGN_ADD_SIGNER), "PKCS7_sign_add_signer"},
{ERR_FUNC(PKCS7_F_PKCS7_SIMPLE_SMIMECAP), "PKCS7_simple_smimecap"},
{ERR_FUNC(PKCS7_F_PKCS7_VERIFY), "PKCS7_verify"},
{ERR_FUNC(PKCS7_F_SMIME_READ_PKCS7), "SMIME_read_PKCS7"},
@@ -110,15 +124,21 @@
{ERR_REASON(PKCS7_R_CIPHER_NOT_INITIALIZED), "cipher not initialized"},
{ERR_REASON(PKCS7_R_CONTENT_AND_DATA_PRESENT),
"content and data present"},
+ {ERR_REASON(PKCS7_R_CTRL_ERROR), "ctrl error"},
{ERR_REASON(PKCS7_R_DECODE_ERROR), "decode error"},
{ERR_REASON(PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH),
"decrypted key is wrong length"},
{ERR_REASON(PKCS7_R_DECRYPT_ERROR), "decrypt error"},
{ERR_REASON(PKCS7_R_DIGEST_FAILURE), "digest failure"},
+ {ERR_REASON(PKCS7_R_ENCRYPTION_CTRL_FAILURE), "encryption ctrl failure"},
+ {ERR_REASON(PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE),
+ "encryption not supported for this key type"},
{ERR_REASON(PKCS7_R_ERROR_ADDING_RECIPIENT), "error adding recipient"},
{ERR_REASON(PKCS7_R_ERROR_SETTING_CIPHER), "error setting cipher"},
{ERR_REASON(PKCS7_R_INVALID_MIME_TYPE), "invalid mime type"},
{ERR_REASON(PKCS7_R_INVALID_NULL_POINTER), "invalid null pointer"},
+ {ERR_REASON(PKCS7_R_INVALID_SIGNED_DATA_TYPE),
+ "invalid signed data type"},
{ERR_REASON(PKCS7_R_MIME_NO_CONTENT_TYPE), "mime no content type"},
{ERR_REASON(PKCS7_R_MIME_PARSE_ERROR), "mime parse error"},
{ERR_REASON(PKCS7_R_MIME_SIG_PARSE_ERROR), "mime sig parse error"},
@@ -125,6 +145,9 @@
{ERR_REASON(PKCS7_R_MISSING_CERIPEND_INFO), "missing ceripend info"},
{ERR_REASON(PKCS7_R_NO_CONTENT), "no content"},
{ERR_REASON(PKCS7_R_NO_CONTENT_TYPE), "no content type"},
+ {ERR_REASON(PKCS7_R_NO_DEFAULT_DIGEST), "no default digest"},
+ {ERR_REASON(PKCS7_R_NO_MATCHING_DIGEST_TYPE_FOUND),
+ "no matching digest type found"},
{ERR_REASON(PKCS7_R_NO_MULTIPART_BODY_FAILURE),
"no multipart body failure"},
{ERR_REASON(PKCS7_R_NO_MULTIPART_BOUNDARY), "no multipart boundary"},
@@ -139,6 +162,7 @@
"operation not supported on this type"},
{ERR_REASON(PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR),
"pkcs7 add signature error"},
+ {ERR_REASON(PKCS7_R_PKCS7_ADD_SIGNER_ERROR), "pkcs7 add signer error"},
{ERR_REASON(PKCS7_R_PKCS7_DATAFINAL), "pkcs7 datafinal"},
{ERR_REASON(PKCS7_R_PKCS7_DATAFINAL_ERROR), "pkcs7 datafinal error"},
{ERR_REASON(PKCS7_R_PKCS7_DATASIGN), "pkcs7 datasign"},
@@ -149,6 +173,9 @@
{ERR_REASON(PKCS7_R_SIGNATURE_FAILURE), "signature failure"},
{ERR_REASON(PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND),
"signer certificate not found"},
+ {ERR_REASON(PKCS7_R_SIGNING_CTRL_FAILURE), "signing ctrl failure"},
+ {ERR_REASON(PKCS7_R_SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE),
+ "signing not supported for this key type"},
{ERR_REASON(PKCS7_R_SIG_INVALID_MIME_TYPE), "sig invalid mime type"},
{ERR_REASON(PKCS7_R_SMIME_TEXT_ERROR), "smime text error"},
{ERR_REASON(PKCS7_R_UNABLE_TO_FIND_CERTIFICATE),
Copied: trunk/crypto/openssl/crypto/ppccap.c (from rev 7117, vendor-crypto/openssl/dist/crypto/ppccap.c)
===================================================================
--- trunk/crypto/openssl/crypto/ppccap.c (rev 0)
+++ trunk/crypto/openssl/crypto/ppccap.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,129 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <setjmp.h>
+#include <signal.h>
+#include <unistd.h>
+#include <crypto.h>
+#include <openssl/bn.h>
+
+#define PPC_FPU64 (1<<0)
+#define PPC_ALTIVEC (1<<1)
+
+static int OPENSSL_ppccap_P = 0;
+
+static sigset_t all_masked;
+
+#ifdef OPENSSL_BN_ASM_MONT
+int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
+ const BN_ULONG *np, const BN_ULONG *n0, int num)
+{
+ int bn_mul_mont_fpu64(BN_ULONG *rp, const BN_ULONG *ap,
+ const BN_ULONG *bp, const BN_ULONG *np,
+ const BN_ULONG *n0, int num);
+ int bn_mul_mont_int(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
+ const BN_ULONG *np, const BN_ULONG *n0, int num);
+
+ if (sizeof(size_t) == 4) {
+# if (defined(__APPLE__) && defined(__MACH__))
+ if (num >= 8 && (num & 3) == 0 && (OPENSSL_ppccap_P & PPC_FPU64))
+ return bn_mul_mont_fpu64(rp, ap, bp, np, n0, num);
+# else
+ /*
+ * boundary of 32 was experimentally determined on Linux 2.6.22,
+ * might have to be adjusted on AIX...
+ */
+ if (num >= 32 && (num & 3) == 0 && (OPENSSL_ppccap_P & PPC_FPU64)) {
+ sigset_t oset;
+ int ret;
+
+ sigprocmask(SIG_SETMASK, &all_masked, &oset);
+ ret = bn_mul_mont_fpu64(rp, ap, bp, np, n0, num);
+ sigprocmask(SIG_SETMASK, &oset, NULL);
+
+ return ret;
+ }
+# endif
+ } else if ((OPENSSL_ppccap_P & PPC_FPU64))
+ /*
+ * this is a "must" on POWER6, but run-time detection is not
+ * implemented yet...
+ */
+ return bn_mul_mont_fpu64(rp, ap, bp, np, n0, num);
+
+ return bn_mul_mont_int(rp, ap, bp, np, n0, num);
+}
+#endif
+
+static sigjmp_buf ill_jmp;
+static void ill_handler(int sig)
+{
+ siglongjmp(ill_jmp, sig);
+}
+
+void OPENSSL_ppc64_probe(void);
+void OPENSSL_altivec_probe(void);
+
+void OPENSSL_cpuid_setup(void)
+{
+ char *e;
+ struct sigaction ill_oact, ill_act;
+ sigset_t oset;
+ static int trigger = 0;
+
+ if (trigger)
+ return;
+ trigger = 1;
+
+ sigfillset(&all_masked);
+ sigdelset(&all_masked, SIGILL);
+ sigdelset(&all_masked, SIGTRAP);
+#ifdef SIGEMT
+ sigdelset(&all_masked, SIGEMT);
+#endif
+ sigdelset(&all_masked, SIGFPE);
+ sigdelset(&all_masked, SIGBUS);
+ sigdelset(&all_masked, SIGSEGV);
+
+ if ((e = getenv("OPENSSL_ppccap"))) {
+ OPENSSL_ppccap_P = strtoul(e, NULL, 0);
+ return;
+ }
+
+ OPENSSL_ppccap_P = 0;
+
+#if defined(_AIX)
+ if (sizeof(size_t) == 4
+# if defined(_SC_AIX_KERNEL_BITMODE)
+ && sysconf(_SC_AIX_KERNEL_BITMODE) != 64
+# endif
+ )
+ return;
+#endif
+
+ memset(&ill_act, 0, sizeof(ill_act));
+ ill_act.sa_handler = ill_handler;
+ ill_act.sa_mask = all_masked;
+
+ sigprocmask(SIG_SETMASK, &ill_act.sa_mask, &oset);
+ sigaction(SIGILL, &ill_act, &ill_oact);
+
+ if (sizeof(size_t) == 4) {
+ if (sigsetjmp(ill_jmp, 1) == 0) {
+ OPENSSL_ppc64_probe();
+ OPENSSL_ppccap_P |= PPC_FPU64;
+ }
+ } else {
+ /*
+ * Wanted code detecting POWER6 CPU and setting PPC_FPU64
+ */
+ }
+
+ if (sigsetjmp(ill_jmp, 1) == 0) {
+ OPENSSL_altivec_probe();
+ OPENSSL_ppccap_P |= PPC_ALTIVEC;
+ }
+
+ sigaction(SIGILL, &ill_oact, NULL);
+ sigprocmask(SIG_SETMASK, &oset, NULL);
+}
Copied: trunk/crypto/openssl/crypto/ppccpuid.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/ppccpuid.pl)
===================================================================
--- trunk/crypto/openssl/crypto/ppccpuid.pl (rev 0)
+++ trunk/crypto/openssl/crypto/ppccpuid.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,132 @@
+#!/usr/bin/env perl
+
+$flavour = shift;
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}ppc-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}perlasm/ppc-xlate.pl" and -f $xlate) or
+die "can't locate ppc-xlate.pl";
+
+open STDOUT,"| $^X $xlate $flavour ".shift || die "can't call $xlate: $!";
+
+if ($flavour=~/64/) {
+ $CMPLI="cmpldi";
+ $SHRLI="srdi";
+ $SIGNX="extsw";
+} else {
+ $CMPLI="cmplwi";
+ $SHRLI="srwi";
+ $SIGNX="mr";
+}
+
+$code=<<___;
+.machine "any"
+.text
+
+.globl .OPENSSL_ppc64_probe
+.align 4
+.OPENSSL_ppc64_probe:
+ fcfid f1,f1
+ extrdi r0,r0,32,0
+ blr
+ .long 0
+ .byte 0,12,0x14,0,0,0,0,0
+
+.globl .OPENSSL_altivec_probe
+.align 4
+.OPENSSL_altivec_probe:
+ .long 0x10000484 # vor v0,v0,v0
+ blr
+ .long 0
+ .byte 0,12,0x14,0,0,0,0,0
+
+.globl .OPENSSL_wipe_cpu
+.align 4
+.OPENSSL_wipe_cpu:
+ xor r0,r0,r0
+ fmr f0,f31
+ fmr f1,f31
+ fmr f2,f31
+ mr r3,r1
+ fmr f3,f31
+ xor r4,r4,r4
+ fmr f4,f31
+ xor r5,r5,r5
+ fmr f5,f31
+ xor r6,r6,r6
+ fmr f6,f31
+ xor r7,r7,r7
+ fmr f7,f31
+ xor r8,r8,r8
+ fmr f8,f31
+ xor r9,r9,r9
+ fmr f9,f31
+ xor r10,r10,r10
+ fmr f10,f31
+ xor r11,r11,r11
+ fmr f11,f31
+ xor r12,r12,r12
+ fmr f12,f31
+ fmr f13,f31
+ blr
+ .long 0
+ .byte 0,12,0x14,0,0,0,0,0
+
+.globl .OPENSSL_atomic_add
+.align 4
+.OPENSSL_atomic_add:
+Ladd: lwarx r5,0,r3
+ add r0,r4,r5
+ stwcx. r0,0,r3
+ bne- Ladd
+ $SIGNX r3,r0
+ blr
+ .long 0
+ .byte 0,12,0x14,0,0,0,2,0
+ .long 0
+
+.globl .OPENSSL_rdtsc
+.align 4
+.OPENSSL_rdtsc:
+ mftb r3
+ mftbu r4
+ blr
+ .long 0
+ .byte 0,12,0x14,0,0,0,0,0
+
+.globl .OPENSSL_cleanse
+.align 4
+.OPENSSL_cleanse:
+ $CMPLI r4,7
+ li r0,0
+ bge Lot
+ $CMPLI r4,0
+ beqlr-
+Little: mtctr r4
+ stb r0,0(r3)
+ addi r3,r3,1
+ bdnz \$-8
+ blr
+Lot: andi. r5,r3,3
+ beq Laligned
+ stb r0,0(r3)
+ subi r4,r4,1
+ addi r3,r3,1
+ b Lot
+Laligned:
+ $SHRLI r5,r4,2
+ mtctr r5
+ stw r0,0(r3)
+ addi r3,r3,4
+ bdnz \$-8
+ andi. r4,r4,3
+ bne Little
+ blr
+ .long 0
+ .byte 0,12,0x14,0,0,0,2,0
+ .long 0
+___
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+print $code;
+close STDOUT;
Modified: trunk/crypto/openssl/crypto/pqueue/Makefile
===================================================================
--- trunk/crypto/openssl/crypto/pqueue/Makefile 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/pqueue/Makefile 2015-07-21 23:23:45 UTC (rev 7118)
@@ -22,7 +22,7 @@
SRC= $(LIBSRC)
-EXHEADER= pqueue.h pq_compat.h
+EXHEADER= pqueue.h
HEADER= $(EXHEADER)
ALL= $(GENERAL) $(SRC) $(HEADER)
@@ -33,7 +33,7 @@
all: lib
lib: $(LIBOBJ)
- $(ARX) $(LIB) $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
@@ -61,6 +61,8 @@
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
+update: depend
+
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
@@ -79,6 +81,5 @@
pqueue.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
pqueue.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
pqueue.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-pqueue.o: ../../include/openssl/pq_compat.h ../../include/openssl/safestack.h
-pqueue.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-pqueue.o: ../cryptlib.h pqueue.c pqueue.h
+pqueue.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+pqueue.o: ../../include/openssl/symhacks.h ../cryptlib.h pqueue.c pqueue.h
Modified: trunk/crypto/openssl/crypto/pqueue/pqueue.c
===================================================================
--- trunk/crypto/openssl/crypto/pqueue/pqueue.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/pqueue/pqueue.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -66,14 +66,13 @@
int count;
} pqueue_s;
-pitem *pitem_new(PQ_64BIT priority, void *data)
+pitem *pitem_new(unsigned char *prio64be, void *data)
{
pitem *item = (pitem *)OPENSSL_malloc(sizeof(pitem));
if (item == NULL)
return NULL;
- pq_64bit_init(&(item->priority));
- pq_64bit_assign(&item->priority, &priority);
+ memcpy(item->priority, prio64be, sizeof(item->priority));
item->data = data;
item->next = NULL;
@@ -86,7 +85,6 @@
if (item == NULL)
return;
- pq_64bit_free(&(item->priority));
OPENSSL_free(item);
}
@@ -119,7 +117,11 @@
for (curr = NULL, next = pq->items;
next != NULL; curr = next, next = next->next) {
- if (pq_64bit_gt(&(next->priority), &(item->priority))) {
+ /*
+ * we can compare 64-bit value in big-endian encoding with memcmp:-)
+ */
+ int cmp = memcmp(next->priority, item->priority, 8);
+ if (cmp > 0) { /* next > item */
item->next = next;
if (curr == NULL)
@@ -129,8 +131,8 @@
return item;
}
- /* duplicates not allowed */
- if (pq_64bit_eq(&(item->priority), &(next->priority)))
+
+ else if (cmp == 0) /* duplicates not allowed */
return NULL;
}
@@ -155,7 +157,7 @@
return item;
}
-pitem *pqueue_find(pqueue_s *pq, PQ_64BIT priority)
+pitem *pqueue_find(pqueue_s *pq, unsigned char *prio64be)
{
pitem *next;
pitem *found = NULL;
@@ -164,7 +166,7 @@
return NULL;
for (next = pq->items; next->next != NULL; next = next->next) {
- if (pq_64bit_eq(&(next->priority), &priority)) {
+ if (memcmp(next->priority, prio64be, 8) == 0) {
found = next;
break;
}
@@ -171,26 +173,35 @@
}
/* check the one last node */
- if (pq_64bit_eq(&(next->priority), &priority))
+ if (memcmp(next->priority, prio64be, 8) == 0)
found = next;
if (!found)
return NULL;
+#if 0 /* find works in peek mode */
+ if (prev == NULL)
+ pq->items = next->next;
+ else
+ prev->next = next->next;
+#endif
+
return found;
}
-#if PQ_64BIT_IS_INTEGER
void pqueue_print(pqueue_s *pq)
{
pitem *item = pq->items;
while (item != NULL) {
- printf("item\t" PQ_64BIT_PRINT "\n", item->priority);
+ printf("item\t%02x%02x%02x%02x%02x%02x%02x%02x\n",
+ item->priority[0], item->priority[1],
+ item->priority[2], item->priority[3],
+ item->priority[4], item->priority[5],
+ item->priority[6], item->priority[7]);
item = item->next;
}
}
-#endif
pitem *pqueue_iterator(pqueue_s *pq)
{
Modified: trunk/crypto/openssl/crypto/pqueue/pqueue.h
===================================================================
--- trunk/crypto/openssl/crypto/pqueue/pqueue.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/pqueue/pqueue.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -64,12 +64,13 @@
# include <stdlib.h>
# include <string.h>
-# include <openssl/pq_compat.h>
-
+#ifdef __cplusplus
+extern "C" {
+#endif
typedef struct _pqueue *pqueue;
typedef struct _pitem {
- PQ_64BIT priority;
+ unsigned char priority[8]; /* 64-bit value in big-endian encoding */
void *data;
struct _pitem *next;
} pitem;
@@ -76,7 +77,7 @@
typedef struct _pitem *piterator;
-pitem *pitem_new(PQ_64BIT priority, void *data);
+pitem *pitem_new(unsigned char *prio64be, void *data);
void pitem_free(pitem *item);
pqueue pqueue_new(void);
@@ -85,7 +86,7 @@
pitem *pqueue_insert(pqueue pq, pitem *item);
pitem *pqueue_peek(pqueue pq);
pitem *pqueue_pop(pqueue pq);
-pitem *pqueue_find(pqueue pq, PQ_64BIT priority);
+pitem *pqueue_find(pqueue pq, unsigned char *prio64be);
pitem *pqueue_iterator(pqueue pq);
pitem *pqueue_next(piterator *iter);
@@ -92,4 +93,7 @@
void pqueue_print(pqueue pq);
int pqueue_size(pqueue pq);
+#ifdef __cplusplus
+}
+#endif
#endif /* ! HEADER_PQUEUE_H */
Modified: trunk/crypto/openssl/crypto/rand/Makefile
===================================================================
--- trunk/crypto/openssl/crypto/rand/Makefile 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/rand/Makefile 2015-07-21 23:23:45 UTC (rev 7118)
@@ -17,9 +17,9 @@
APPS=
LIB=$(TOP)/libcrypto.a
-LIBSRC=md_rand.c randfile.c rand_lib.c rand_eng.c rand_err.c rand_egd.c \
+LIBSRC=md_rand.c randfile.c rand_lib.c rand_err.c rand_egd.c \
rand_win.c rand_unix.c rand_os2.c rand_nw.c
-LIBOBJ=md_rand.o randfile.o rand_lib.o rand_eng.o rand_err.o rand_egd.o \
+LIBOBJ=md_rand.o randfile.o rand_lib.o rand_err.o rand_egd.o \
rand_win.o rand_unix.o rand_os2.o rand_nw.o
SRC= $(LIBSRC)
@@ -35,7 +35,7 @@
all: lib
lib: $(LIBOBJ)
- $(ARX) $(LIB) $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
@@ -63,6 +63,8 @@
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
+update: depend
+
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
@@ -79,34 +81,17 @@
md_rand.o: ../../e_os.h ../../include/openssl/asn1.h
md_rand.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
md_rand.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-md_rand.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-md_rand.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-md_rand.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-md_rand.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-md_rand.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
-md_rand.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-md_rand.o: ../../include/openssl/symhacks.h md_rand.c rand_lcl.h
+md_rand.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+md_rand.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+md_rand.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+md_rand.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+md_rand.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+md_rand.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+md_rand.o: md_rand.c rand_lcl.h
rand_egd.o: ../../include/openssl/buffer.h ../../include/openssl/e_os2.h
rand_egd.o: ../../include/openssl/opensslconf.h
rand_egd.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
rand_egd.o: rand_egd.c
-rand_eng.o: ../../e_os.h ../../include/openssl/asn1.h
-rand_eng.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-rand_eng.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-rand_eng.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
-rand_eng.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-rand_eng.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
-rand_eng.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-rand_eng.o: ../../include/openssl/fips.h ../../include/openssl/fips_rand.h
-rand_eng.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-rand_eng.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-rand_eng.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-rand_eng.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-rand_eng.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-rand_eng.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-rand_eng.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-rand_eng.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-rand_eng.o: ../cryptlib.h rand_eng.c rand_lcl.h
rand_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
rand_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
rand_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
@@ -116,12 +101,10 @@
rand_err.o: rand_err.c
rand_lib.o: ../../e_os.h ../../include/openssl/asn1.h
rand_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-rand_lib.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-rand_lib.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+rand_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
rand_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
rand_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
rand_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-rand_lib.o: ../../include/openssl/fips.h ../../include/openssl/fips_rand.h
rand_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
rand_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
rand_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
@@ -128,27 +111,24 @@
rand_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
rand_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
rand_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-rand_lib.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
rand_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-rand_lib.o: ../cryptlib.h rand_lcl.h rand_lib.c
+rand_lib.o: ../cryptlib.h rand_lib.c
rand_nw.o: ../../e_os.h ../../include/openssl/asn1.h
rand_nw.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
rand_nw.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
rand_nw.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-rand_nw.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-rand_nw.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-rand_nw.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-rand_nw.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
-rand_nw.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-rand_nw.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-rand_nw.o: ../cryptlib.h rand_lcl.h rand_nw.c
+rand_nw.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+rand_nw.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+rand_nw.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rand_nw.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+rand_nw.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+rand_nw.o: ../../include/openssl/symhacks.h ../cryptlib.h rand_lcl.h rand_nw.c
rand_os2.o: ../../e_os.h ../../include/openssl/asn1.h
rand_os2.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
rand_os2.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
rand_os2.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-rand_os2.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-rand_os2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-rand_os2.o: ../../include/openssl/opensslconf.h
+rand_os2.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+rand_os2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
rand_os2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
rand_os2.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
rand_os2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
@@ -158,8 +138,8 @@
rand_unix.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
rand_unix.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
rand_unix.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-rand_unix.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-rand_unix.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+rand_unix.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+rand_unix.o: ../../include/openssl/objects.h
rand_unix.o: ../../include/openssl/opensslconf.h
rand_unix.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
rand_unix.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
@@ -170,9 +150,8 @@
rand_win.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
rand_win.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
rand_win.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-rand_win.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-rand_win.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-rand_win.o: ../../include/openssl/opensslconf.h
+rand_win.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+rand_win.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
rand_win.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
rand_win.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
rand_win.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
Modified: trunk/crypto/openssl/crypto/rand/md_rand.c
===================================================================
--- trunk/crypto/openssl/crypto/rand/md_rand.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/rand/md_rand.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -109,6 +109,8 @@
*
*/
+#define OPENSSL_FIPSEVP
+
#ifdef MD_RAND_DEBUG
# ifndef NDEBUG
# define NDEBUG
@@ -121,14 +123,11 @@
#include "e_os.h"
+#include <openssl/crypto.h>
#include <openssl/rand.h>
#include "rand_lcl.h"
-#include <openssl/crypto.h>
#include <openssl/err.h>
-#ifdef OPENSSL_FIPS
-# include <openssl/fips.h>
-#endif
#ifdef BN_DEBUG
# define PREDICT
@@ -150,7 +149,7 @@
* prevent double locking) */
/* access to lockin_thread is synchronized by CRYPTO_LOCK_RAND2 */
/* valid iff crypto_lock_rand is set */
-static unsigned long locking_thread = 0;
+static CRYPTO_THREADID locking_threadid;
#ifdef PREDICT
int rand_predictable = 0;
@@ -161,13 +160,13 @@
static void ssleay_rand_cleanup(void);
static void ssleay_rand_seed(const void *buf, int num);
static void ssleay_rand_add(const void *buf, int num, double add_entropy);
-static int ssleay_rand_bytes(unsigned char *buf, int num);
+static int ssleay_rand_nopseudo_bytes(unsigned char *buf, int num);
static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num);
static int ssleay_rand_status(void);
RAND_METHOD rand_ssleay_meth = {
ssleay_rand_seed,
- ssleay_rand_bytes,
+ ssleay_rand_nopseudo_bytes,
ssleay_rand_cleanup,
ssleay_rand_add,
ssleay_rand_pseudo_bytes,
@@ -199,6 +198,9 @@
EVP_MD_CTX m;
int do_not_lock;
+ if (!num)
+ return;
+
/*
* (Based on the rand(3) manpage)
*
@@ -216,8 +218,10 @@
/* check if we already have the lock */
if (crypto_lock_rand) {
+ CRYPTO_THREADID cur;
+ CRYPTO_THREADID_current(&cur);
CRYPTO_r_lock(CRYPTO_LOCK_RAND2);
- do_not_lock = (locking_thread == CRYPTO_thread_id());
+ do_not_lock = !CRYPTO_THREADID_cmp(&locking_threadid, &cur);
CRYPTO_r_unlock(CRYPTO_LOCK_RAND2);
} else
do_not_lock = 0;
@@ -271,7 +275,16 @@
} else
MD_Update(&m, &(state[st_idx]), j);
+ /* DO NOT REMOVE THE FOLLOWING CALL TO MD_Update()! */
MD_Update(&m, buf, j);
+ /*
+ * We know that line may cause programs such as purify and valgrind
+ * to complain about use of uninitialized data. The problem is not,
+ * it's with the caller. Removing that line will make sure you get
+ * really bad randomness and thereby other problems such as very
+ * insecure keys.
+ */
+
MD_Update(&m, (unsigned char *)&(md_c[0]), sizeof(md_c));
MD_Final(&m, local_md);
md_c[1]++;
@@ -320,7 +333,7 @@
ssleay_rand_add(buf, num, (double)num);
}
-static int ssleay_rand_bytes(unsigned char *buf, int num)
+int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo, int lock)
{
static volatile int stirred_pool = 0;
int i, j, k, st_num, st_idx;
@@ -334,13 +347,6 @@
#endif
int do_stir_pool = 0;
-#ifdef OPENSSL_FIPS
- if (FIPS_mode()) {
- FIPSerr(FIPS_F_SSLEAY_RAND_BYTES, FIPS_R_NON_FIPS_METHOD);
- return 0;
- }
-#endif
-
#ifdef PREDICT
if (rand_predictable) {
static unsigned char val = 0;
@@ -376,12 +382,12 @@
* are fed into the hash function and the results are kept in the
* global 'md'.
*/
+ if (lock)
+ CRYPTO_w_lock(CRYPTO_LOCK_RAND);
- CRYPTO_w_lock(CRYPTO_LOCK_RAND);
-
/* prevent ssleay_rand_bytes() from trying to obtain the lock again */
CRYPTO_w_lock(CRYPTO_LOCK_RAND2);
- locking_thread = CRYPTO_thread_id();
+ CRYPTO_THREADID_current(&locking_threadid);
CRYPTO_w_unlock(CRYPTO_LOCK_RAND2);
crypto_lock_rand = 1;
@@ -456,7 +462,8 @@
/* before unlocking, we must clear 'crypto_lock_rand' */
crypto_lock_rand = 0;
- CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
+ if (lock)
+ CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
while (num > 0) {
/* num_ceil -= MD_DIGEST_LENGTH/2 */
@@ -471,9 +478,18 @@
#endif
MD_Update(&m, local_md, MD_DIGEST_LENGTH);
MD_Update(&m, (unsigned char *)&(md_c[0]), sizeof(md_c));
-#ifndef PURIFY
- MD_Update(&m, buf, j); /* purify complains */
+
+#ifndef PURIFY /* purify complains */
+ /*
+ * The following line uses the supplied buffer as a small source of
+ * entropy: since this buffer is often uninitialised it may cause
+ * programs such as purify or valgrind to complain. So for those
+ * builds it is not used: the removal of such a small source of
+ * entropy has negligible impact on security.
+ */
+ MD_Update(&m, buf, j);
#endif
+
k = (st_idx + MD_DIGEST_LENGTH / 2) - st_num;
if (k > 0) {
MD_Update(&m, &(state[st_idx]), MD_DIGEST_LENGTH / 2 - k);
@@ -495,14 +511,18 @@
MD_Init(&m);
MD_Update(&m, (unsigned char *)&(md_c[0]), sizeof(md_c));
MD_Update(&m, local_md, MD_DIGEST_LENGTH);
- CRYPTO_w_lock(CRYPTO_LOCK_RAND);
+ if (lock)
+ CRYPTO_w_lock(CRYPTO_LOCK_RAND);
MD_Update(&m, md, MD_DIGEST_LENGTH);
MD_Final(&m, md);
- CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
+ if (lock)
+ CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
EVP_MD_CTX_cleanup(&m);
if (ok)
return (1);
+ else if (pseudo)
+ return 0;
else {
RANDerr(RAND_F_SSLEAY_RAND_BYTES, RAND_R_PRNG_NOT_SEEDED);
ERR_add_error_data(1, "You need to read the OpenSSL FAQ, "
@@ -511,29 +531,26 @@
}
}
+static int ssleay_rand_nopseudo_bytes(unsigned char *buf, int num)
+{
+ return ssleay_rand_bytes(buf, num, 0, 1);
+}
+
/*
* pseudo-random bytes that are guaranteed to be unique but not unpredictable
*/
static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num)
{
- int ret;
- unsigned long err;
-
- ret = RAND_bytes(buf, num);
- if (ret == 0) {
- err = ERR_peek_error();
- if (ERR_GET_LIB(err) == ERR_LIB_RAND &&
- ERR_GET_REASON(err) == RAND_R_PRNG_NOT_SEEDED)
- ERR_clear_error();
- }
- return (ret);
+ return ssleay_rand_bytes(buf, num, 1, 1);
}
static int ssleay_rand_status(void)
{
+ CRYPTO_THREADID cur;
int ret;
int do_not_lock;
+ CRYPTO_THREADID_current(&cur);
/*
* check if we already have the lock (could happen if a RAND_poll()
* implementation calls RAND_status())
@@ -540,7 +557,7 @@
*/
if (crypto_lock_rand) {
CRYPTO_r_lock(CRYPTO_LOCK_RAND2);
- do_not_lock = (locking_thread == CRYPTO_thread_id());
+ do_not_lock = !CRYPTO_THREADID_cmp(&locking_threadid, &cur);
CRYPTO_r_unlock(CRYPTO_LOCK_RAND2);
} else
do_not_lock = 0;
@@ -552,7 +569,7 @@
* prevent ssleay_rand_bytes() from trying to obtain the lock again
*/
CRYPTO_w_lock(CRYPTO_LOCK_RAND2);
- locking_thread = CRYPTO_thread_id();
+ CRYPTO_THREADID_cpy(&locking_threadid, &cur);
CRYPTO_w_unlock(CRYPTO_LOCK_RAND2);
crypto_lock_rand = 1;
}
Modified: trunk/crypto/openssl/crypto/rand/rand.h
===================================================================
--- trunk/crypto/openssl/crypto/rand/rand.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/rand/rand.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -72,7 +72,7 @@
#endif
# if defined(OPENSSL_FIPS)
-# define FIPS_RAND_SIZE_T int
+# define FIPS_RAND_SIZE_T size_t
# endif
/* Already defined in ossl_typ.h */
@@ -110,16 +110,6 @@
int RAND_egd(const char *path);
int RAND_egd_bytes(const char *path, int bytes);
int RAND_poll(void);
-# ifndef OPENSSL_NO_ENGINE
-# ifdef OPENSSL_FIPS
-void int_RAND_init_engine_callbacks(void);
-void int_RAND_set_callbacks(int (*set_rand_func) (const RAND_METHOD *meth,
- const RAND_METHOD **pmeth),
- const RAND_METHOD *(*get_rand_func) (const
- RAND_METHOD
- **pmeth));
-# endif
-# endif
# if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32)
@@ -128,6 +118,11 @@
# endif
+# ifdef OPENSSL_FIPS
+void RAND_set_fips_drbg_type(int type, int flags);
+int RAND_init_fips(void);
+# endif
+
/* BEGIN ERROR CODES */
/*
* The following lines are auto generated by the script mkerr.pl. Any changes
@@ -138,29 +133,16 @@
/* Error codes for the RAND functions. */
/* Function codes. */
-# define RAND_F_ENG_RAND_GET_RAND_METHOD 108
-# define RAND_F_FIPS_RAND 103
-# define RAND_F_FIPS_RAND_BYTES 102
-# define RAND_F_FIPS_RAND_GET_RAND_METHOD 109
-# define RAND_F_FIPS_RAND_SET_DT 106
-# define RAND_F_FIPS_SET_DT 104
-# define RAND_F_FIPS_SET_PRNG_SEED 107
-# define RAND_F_FIPS_SET_TEST_MODE 105
# define RAND_F_RAND_GET_RAND_METHOD 101
+# define RAND_F_RAND_INIT_FIPS 102
# define RAND_F_SSLEAY_RAND_BYTES 100
/* Reason codes. */
-# define RAND_R_NON_FIPS_METHOD 105
-# define RAND_R_NOT_IN_TEST_MODE 106
-# define RAND_R_NO_KEY_SET 107
-# define RAND_R_PRNG_ASKING_FOR_TOO_MUCH 101
-# define RAND_R_PRNG_ERROR 108
-# define RAND_R_PRNG_KEYED 109
-# define RAND_R_PRNG_NOT_REKEYED 102
-# define RAND_R_PRNG_NOT_RESEEDED 103
+# define RAND_R_DUAL_EC_DRBG_DISABLED 104
+# define RAND_R_ERROR_INITIALISING_DRBG 102
+# define RAND_R_ERROR_INSTANTIATING_DRBG 103
+# define RAND_R_NO_FIPS_RANDOM_METHOD_SET 101
# define RAND_R_PRNG_NOT_SEEDED 100
-# define RAND_R_PRNG_SEED_MUST_NOT_MATCH_KEY 110
-# define RAND_R_PRNG_STUCK 104
#ifdef __cplusplus
}
Modified: trunk/crypto/openssl/crypto/rand/rand_egd.c
===================================================================
--- trunk/crypto/openssl/crypto/rand/rand_egd.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/rand/rand_egd.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -95,7 +95,7 @@
* RAND_egd() is a wrapper for RAND_egd_bytes() with numbytes=255.
*/
-#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_VOS)
+#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_VOS) || defined(OPENSSL_SYS_BEOS)
int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes)
{
return (-1);
@@ -113,6 +113,7 @@
#else
# include <openssl/opensslconf.h>
# include OPENSSL_UNISTD
+# include <stddef.h>
# include <sys/types.h>
# include <sys/socket.h>
# ifndef NO_SYS_UN_H
Modified: trunk/crypto/openssl/crypto/rand/rand_err.c
===================================================================
--- trunk/crypto/openssl/crypto/rand/rand_err.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/rand/rand_err.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,6 +1,6 @@
/* crypto/rand/rand_err.c */
/* ====================================================================
- * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -70,32 +70,19 @@
# define ERR_REASON(reason) ERR_PACK(ERR_LIB_RAND,0,reason)
static ERR_STRING_DATA RAND_str_functs[] = {
- {ERR_FUNC(RAND_F_ENG_RAND_GET_RAND_METHOD), "ENG_RAND_GET_RAND_METHOD"},
- {ERR_FUNC(RAND_F_FIPS_RAND), "FIPS_RAND"},
- {ERR_FUNC(RAND_F_FIPS_RAND_BYTES), "FIPS_RAND_BYTES"},
- {ERR_FUNC(RAND_F_FIPS_RAND_GET_RAND_METHOD), "FIPS_RAND_GET_RAND_METHOD"},
- {ERR_FUNC(RAND_F_FIPS_RAND_SET_DT), "FIPS_RAND_SET_DT"},
- {ERR_FUNC(RAND_F_FIPS_SET_DT), "FIPS_SET_DT"},
- {ERR_FUNC(RAND_F_FIPS_SET_PRNG_SEED), "FIPS_SET_PRNG_SEED"},
- {ERR_FUNC(RAND_F_FIPS_SET_TEST_MODE), "FIPS_SET_TEST_MODE"},
{ERR_FUNC(RAND_F_RAND_GET_RAND_METHOD), "RAND_get_rand_method"},
+ {ERR_FUNC(RAND_F_RAND_INIT_FIPS), "RAND_init_fips"},
{ERR_FUNC(RAND_F_SSLEAY_RAND_BYTES), "SSLEAY_RAND_BYTES"},
{0, NULL}
};
static ERR_STRING_DATA RAND_str_reasons[] = {
- {ERR_REASON(RAND_R_NON_FIPS_METHOD), "non fips method"},
- {ERR_REASON(RAND_R_NOT_IN_TEST_MODE), "not in test mode"},
- {ERR_REASON(RAND_R_NO_KEY_SET), "no key set"},
- {ERR_REASON(RAND_R_PRNG_ASKING_FOR_TOO_MUCH), "prng asking for too much"},
- {ERR_REASON(RAND_R_PRNG_ERROR), "prng error"},
- {ERR_REASON(RAND_R_PRNG_KEYED), "prng keyed"},
- {ERR_REASON(RAND_R_PRNG_NOT_REKEYED), "prng not rekeyed"},
- {ERR_REASON(RAND_R_PRNG_NOT_RESEEDED), "prng not reseeded"},
+ {ERR_REASON(RAND_R_DUAL_EC_DRBG_DISABLED), "dual ec drbg disabled"},
+ {ERR_REASON(RAND_R_ERROR_INITIALISING_DRBG), "error initialising drbg"},
+ {ERR_REASON(RAND_R_ERROR_INSTANTIATING_DRBG), "error instantiating drbg"},
+ {ERR_REASON(RAND_R_NO_FIPS_RANDOM_METHOD_SET),
+ "no fips random method set"},
{ERR_REASON(RAND_R_PRNG_NOT_SEEDED), "PRNG not seeded"},
- {ERR_REASON(RAND_R_PRNG_SEED_MUST_NOT_MATCH_KEY),
- "prng seed must not match key"},
- {ERR_REASON(RAND_R_PRNG_STUCK), "prng stuck"},
{0, NULL}
};
Modified: trunk/crypto/openssl/crypto/rand/rand_lcl.h
===================================================================
--- trunk/crypto/openssl/crypto/rand/rand_lcl.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/rand/rand_lcl.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -153,14 +153,6 @@
# define MD(a,b,c) EVP_Digest(a,b,c,NULL,EVP_md2(), NULL)
# endif
-# ifndef OPENSSL_NO_ENGINE
-void int_RAND_set_callbacks(int (*set_rand_func) (const RAND_METHOD *meth,
- const RAND_METHOD **pmeth),
- const RAND_METHOD *(*get_rand_func)
- (const RAND_METHOD **pmeth));
-int eng_RAND_set_rand_method(const RAND_METHOD *meth,
- const RAND_METHOD **pmeth);
-const RAND_METHOD *eng_RAND_get_rand_method(const RAND_METHOD **pmeth);
-# endif
+int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo, int lock);
#endif
Modified: trunk/crypto/openssl/crypto/rand/rand_lib.c
===================================================================
--- trunk/crypto/openssl/crypto/rand/rand_lib.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/rand/rand_lib.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -60,88 +60,31 @@
#include <time.h>
#include "cryptlib.h"
#include <openssl/rand.h>
-#include "rand_lcl.h"
-#ifdef OPENSSL_FIPS
-# include <openssl/fips.h>
-# include <openssl/fips_rand.h>
-#endif
#ifndef OPENSSL_NO_ENGINE
# include <openssl/engine.h>
#endif
-static const RAND_METHOD *default_RAND_meth = NULL;
-
#ifdef OPENSSL_FIPS
+# include <openssl/fips.h>
+# include <openssl/fips_rand.h>
+# include "rand_lcl.h"
+#endif
-static int fips_RAND_set_rand_method(const RAND_METHOD *meth,
- const RAND_METHOD **pmeth)
-{
- *pmeth = meth;
- return 1;
-}
-
-static const RAND_METHOD *fips_RAND_get_rand_method(const RAND_METHOD **pmeth)
-{
- if (!*pmeth) {
- if (FIPS_mode())
- *pmeth = FIPS_rand_method();
- else
- *pmeth = RAND_SSLeay();
- }
-
- if (FIPS_mode()
- && *pmeth != FIPS_rand_check()) {
- RANDerr(RAND_F_FIPS_RAND_GET_RAND_METHOD, RAND_R_NON_FIPS_METHOD);
- return 0;
- }
-
- return *pmeth;
-}
-
-static int (*RAND_set_rand_method_func) (const RAND_METHOD *meth,
- const RAND_METHOD **pmeth)
- = fips_RAND_set_rand_method;
-static const RAND_METHOD *(*RAND_get_rand_method_func)
- (const RAND_METHOD **pmeth)
- = fips_RAND_get_rand_method;
-
-# ifndef OPENSSL_NO_ENGINE
-void int_RAND_set_callbacks(int (*set_rand_func) (const RAND_METHOD *meth,
- const RAND_METHOD **pmeth),
- const RAND_METHOD *(*get_rand_func)
- (const RAND_METHOD **pmeth))
-{
- RAND_set_rand_method_func = set_rand_func;
- RAND_get_rand_method_func = get_rand_func;
-}
-# endif
-
-int RAND_set_rand_method(const RAND_METHOD *meth)
-{
- return RAND_set_rand_method_func(meth, &default_RAND_meth);
-}
-
-const RAND_METHOD *RAND_get_rand_method(void)
-{
- return RAND_get_rand_method_func(&default_RAND_meth);
-}
-
-#else
-
-# ifndef OPENSSL_NO_ENGINE
+#ifndef OPENSSL_NO_ENGINE
/* non-NULL if default_RAND_meth is ENGINE-provided */
static ENGINE *funct_ref = NULL;
-# endif
+#endif
+static const RAND_METHOD *default_RAND_meth = NULL;
int RAND_set_rand_method(const RAND_METHOD *meth)
{
-# ifndef OPENSSL_NO_ENGINE
+#ifndef OPENSSL_NO_ENGINE
if (funct_ref) {
ENGINE_finish(funct_ref);
funct_ref = NULL;
}
-# endif
+#endif
default_RAND_meth = meth;
return 1;
}
@@ -149,7 +92,7 @@
const RAND_METHOD *RAND_get_rand_method(void)
{
if (!default_RAND_meth) {
-# ifndef OPENSSL_NO_ENGINE
+#ifndef OPENSSL_NO_ENGINE
ENGINE *e = ENGINE_get_default_RAND();
if (e) {
default_RAND_meth = ENGINE_get_RAND(e);
@@ -161,13 +104,13 @@
if (e)
funct_ref = e;
else
-# endif
+#endif
default_RAND_meth = RAND_SSLeay();
}
return default_RAND_meth;
}
-# ifndef OPENSSL_NO_ENGINE
+#ifndef OPENSSL_NO_ENGINE
int RAND_set_rand_engine(ENGINE *engine)
{
const RAND_METHOD *tmp_meth = NULL;
@@ -185,8 +128,6 @@
funct_ref = engine;
return 1;
}
-# endif
-
#endif
void RAND_cleanup(void)
@@ -234,3 +175,126 @@
return meth->status();
return 0;
}
+
+#ifdef OPENSSL_FIPS
+
+/*
+ * FIPS DRBG initialisation code. This sets up the DRBG for use by the rest
+ * of OpenSSL.
+ */
+
+/*
+ * Entropy gatherer: use standard OpenSSL PRNG to seed (this will gather
+ * entropy internally through RAND_poll().
+ */
+
+static size_t drbg_get_entropy(DRBG_CTX *ctx, unsigned char **pout,
+ int entropy, size_t min_len, size_t max_len)
+{
+ /* Round up request to multiple of block size */
+ min_len = ((min_len + 19) / 20) * 20;
+ *pout = OPENSSL_malloc(min_len);
+ if (!*pout)
+ return 0;
+ if (ssleay_rand_bytes(*pout, min_len, 0, 0) <= 0) {
+ OPENSSL_free(*pout);
+ *pout = NULL;
+ return 0;
+ }
+ return min_len;
+}
+
+static void drbg_free_entropy(DRBG_CTX *ctx, unsigned char *out, size_t olen)
+{
+ if (out) {
+ OPENSSL_cleanse(out, olen);
+ OPENSSL_free(out);
+ }
+}
+
+/*
+ * Set "additional input" when generating random data. This uses the current
+ * PID, a time value and a counter.
+ */
+
+static size_t drbg_get_adin(DRBG_CTX *ctx, unsigned char **pout)
+{
+ /* Use of static variables is OK as this happens under a lock */
+ static unsigned char buf[16];
+ static unsigned long counter;
+ FIPS_get_timevec(buf, &counter);
+ *pout = buf;
+ return sizeof(buf);
+}
+
+/*
+ * RAND_add() and RAND_seed() pass through to OpenSSL PRNG so it is
+ * correctly seeded by RAND_poll().
+ */
+
+static int drbg_rand_add(DRBG_CTX *ctx, const void *in, int inlen,
+ double entropy)
+{
+ RAND_SSLeay()->add(in, inlen, entropy);
+ return 1;
+}
+
+static int drbg_rand_seed(DRBG_CTX *ctx, const void *in, int inlen)
+{
+ RAND_SSLeay()->seed(in, inlen);
+ return 1;
+}
+
+# ifndef OPENSSL_DRBG_DEFAULT_TYPE
+# define OPENSSL_DRBG_DEFAULT_TYPE NID_aes_256_ctr
+# endif
+# ifndef OPENSSL_DRBG_DEFAULT_FLAGS
+# define OPENSSL_DRBG_DEFAULT_FLAGS DRBG_FLAG_CTR_USE_DF
+# endif
+
+static int fips_drbg_type = OPENSSL_DRBG_DEFAULT_TYPE;
+static int fips_drbg_flags = OPENSSL_DRBG_DEFAULT_FLAGS;
+
+void RAND_set_fips_drbg_type(int type, int flags)
+{
+ fips_drbg_type = type;
+ fips_drbg_flags = flags;
+}
+
+int RAND_init_fips(void)
+{
+ DRBG_CTX *dctx;
+ size_t plen;
+ unsigned char pers[32], *p;
+# ifndef OPENSSL_ALLOW_DUAL_EC_DRBG
+ if (fips_drbg_type >> 16) {
+ RANDerr(RAND_F_RAND_INIT_FIPS, RAND_R_DUAL_EC_DRBG_DISABLED);
+ return 0;
+ }
+# endif
+
+ dctx = FIPS_get_default_drbg();
+ if (FIPS_drbg_init(dctx, fips_drbg_type, fips_drbg_flags) <= 0) {
+ RANDerr(RAND_F_RAND_INIT_FIPS, RAND_R_ERROR_INITIALISING_DRBG);
+ return 0;
+ }
+
+ FIPS_drbg_set_callbacks(dctx,
+ drbg_get_entropy, drbg_free_entropy, 20,
+ drbg_get_entropy, drbg_free_entropy);
+ FIPS_drbg_set_rand_callbacks(dctx, drbg_get_adin, 0,
+ drbg_rand_seed, drbg_rand_add);
+ /* Personalisation string: a string followed by date time vector */
+ strcpy((char *)pers, "OpenSSL DRBG2.0");
+ plen = drbg_get_adin(dctx, &p);
+ memcpy(pers + 16, p, plen);
+
+ if (FIPS_drbg_instantiate(dctx, pers, sizeof(pers)) <= 0) {
+ RANDerr(RAND_F_RAND_INIT_FIPS, RAND_R_ERROR_INSTANTIATING_DRBG);
+ return 0;
+ }
+ FIPS_rand_set_method(FIPS_drbg_method());
+ return 1;
+}
+
+#endif
Modified: trunk/crypto/openssl/crypto/rand/rand_os2.c
===================================================================
--- trunk/crypto/openssl/crypto/rand/rand_os2.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/rand/rand_os2.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -78,11 +78,13 @@
ULONG ulIntrHigh; /* High 32 bits of interrupt time */
} CPUUTIL;
+# ifndef __KLIBC__
APIRET APIENTRY(*DosPerfSysCall) (ULONG ulCommand, ULONG ulParm1,
ULONG ulParm2, ULONG ulParm3) = NULL;
APIRET APIENTRY(*DosQuerySysState) (ULONG func, ULONG arg1, ULONG pid,
ULONG _res_, PVOID buf, ULONG bufsz) =
NULL;
+# endif
HMODULE hDoscalls = 0;
int RAND_poll(void)
@@ -96,6 +98,7 @@
DosLoadModule(failed_module, sizeof(failed_module), "DOSCALLS",
&hDoscalls);
+# ifndef __KLIBC__
if (rc == 0) {
rc = DosQueryProcAddr(hDoscalls, 976, NULL,
(PFN *) & DosPerfSysCall);
@@ -109,6 +112,7 @@
if (rc)
DosQuerySysState = NULL;
}
+# endif
}
/* Sample the hi-res timer, runs at around 1.1 MHz */
@@ -132,7 +136,9 @@
if (DosPerfSysCall(CMD_KI_RDCNT, (ULONG) & util, 0, 0) == 0) {
RAND_add(&util, sizeof(util), 10);
} else {
+# ifndef __KLIBC__
DosPerfSysCall = NULL;
+# endif
}
}
@@ -143,6 +149,9 @@
if (DosQuerySysState) {
char *buffer = OPENSSL_malloc(256 * 1024);
+ if (!buffer)
+ return 0;
+
if (DosQuerySysState(0x1F, 0, 0, 0, buffer, 256 * 1024) == 0) {
/*
* First 4 bytes in buffer is a pointer to the thread count there
Modified: trunk/crypto/openssl/crypto/rand/rand_unix.c
===================================================================
--- trunk/crypto/openssl/crypto/rand/rand_unix.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/rand/rand_unix.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -134,9 +134,97 @@
# define FD_SETSIZE (8*sizeof(fd_set))
# endif
-# ifdef __OpenBSD__
+# if defined(OPENSSL_SYS_VOS)
+
+/*
+ * The following algorithm repeatedly samples the real-time clock (RTC) to
+ * generate a sequence of unpredictable data. The algorithm relies upon the
+ * uneven execution speed of the code (due to factors such as cache misses,
+ * interrupts, bus activity, and scheduling) and upon the rather large
+ * relative difference between the speed of the clock and the rate at which
+ * it can be read.
+ *
+ * If this code is ported to an environment where execution speed is more
+ * constant or where the RTC ticks at a much slower rate, or the clock can be
+ * read with fewer instructions, it is likely that the results would be far
+ * more predictable.
+ *
+ * As a precaution, we generate 4 times the minimum required amount of seed
+ * data.
+ */
+
int RAND_poll(void)
{
+ short int code;
+ gid_t curr_gid;
+ pid_t curr_pid;
+ uid_t curr_uid;
+ int i, k;
+ struct timespec ts;
+ unsigned char v;
+
+# ifdef OPENSSL_SYS_VOS_HPPA
+ long duration;
+ extern void s$sleep(long *_duration, short int *_code);
+# else
+# ifdef OPENSSL_SYS_VOS_IA32
+ long long duration;
+ extern void s$sleep2(long long *_duration, short int *_code);
+# else
+# error "Unsupported Platform."
+# endif /* OPENSSL_SYS_VOS_IA32 */
+# endif /* OPENSSL_SYS_VOS_HPPA */
+
+ /*
+ * Seed with the gid, pid, and uid, to ensure *some* variation between
+ * different processes.
+ */
+
+ curr_gid = getgid();
+ RAND_add(&curr_gid, sizeof curr_gid, 1);
+ curr_gid = 0;
+
+ curr_pid = getpid();
+ RAND_add(&curr_pid, sizeof curr_pid, 1);
+ curr_pid = 0;
+
+ curr_uid = getuid();
+ RAND_add(&curr_uid, sizeof curr_uid, 1);
+ curr_uid = 0;
+
+ for (i = 0; i < (ENTROPY_NEEDED * 4); i++) {
+ /*
+ * burn some cpu; hope for interrupts, cache collisions, bus
+ * interference, etc.
+ */
+ for (k = 0; k < 99; k++)
+ ts.tv_nsec = random();
+
+# ifdef OPENSSL_SYS_VOS_HPPA
+ /* sleep for 1/1024 of a second (976 us). */
+ duration = 1;
+ s$sleep(&duration, &code);
+# else
+# ifdef OPENSSL_SYS_VOS_IA32
+ /* sleep for 1/65536 of a second (15 us). */
+ duration = 1;
+ s$sleep2(&duration, &code);
+# endif /* OPENSSL_SYS_VOS_IA32 */
+# endif /* OPENSSL_SYS_VOS_HPPA */
+
+ /* get wall clock time. */
+ clock_gettime(CLOCK_REALTIME, &ts);
+
+ /* take 8 bits */
+ v = (unsigned char)(ts.tv_nsec % 256);
+ RAND_add(&v, sizeof v, 1);
+ v = 0;
+ }
+ return 1;
+}
+# elif defined __OpenBSD__
+int RAND_poll(void)
+{
u_int32_t rnd = 0, i;
unsigned char buf[ENTROPY_NEEDED];
@@ -164,7 +252,7 @@
static const char *randomfiles[] = { DEVRANDOM };
struct stat randomstats[sizeof(randomfiles) / sizeof(randomfiles[0])];
int fd;
- size_t i;
+ unsigned int i;
# endif
# ifdef DEVRANDOM_EGD
static const char *egdsockets[] = { DEVRANDOM_EGD, NULL };
@@ -179,8 +267,8 @@
* out of random entries.
*/
- for (i = 0; i < sizeof(randomfiles) / sizeof(randomfiles[0])
- && n < ENTROPY_NEEDED; i++) {
+ for (i = 0; (i < sizeof(randomfiles) / sizeof(randomfiles[0])) &&
+ (n < ENTROPY_NEEDED); i++) {
if ((fd = open(randomfiles[i], O_RDONLY
# ifdef O_NONBLOCK
| O_NONBLOCK
@@ -195,7 +283,7 @@
)) >= 0) {
int usec = 10 * 1000; /* spend 10ms on each file */
int r;
- size_t j;
+ unsigned int j;
struct stat *st = &randomstats[i];
/*
@@ -219,7 +307,14 @@
do {
int try_read = 0;
-# if defined(OPENSSL_SYS_LINUX)
+# if defined(OPENSSL_SYS_BEOS_R5)
+ /*
+ * select() is broken in BeOS R5, so we simply try to read
+ * something and snooze if we couldn't
+ */
+ try_read = 1;
+
+# elif defined(OPENSSL_SYS_LINUX)
/* use poll() */
struct pollfd pset;
@@ -263,6 +358,10 @@
ENTROPY_NEEDED - n);
if (r > 0)
n += r;
+# if defined(OPENSSL_SYS_BEOS_R5)
+ if (r == 0)
+ snooze(t.tv_usec);
+# endif
} else
r = -1;
@@ -317,6 +416,14 @@
l = time(NULL);
RAND_add(&l, sizeof(l), 0.0);
+# if defined(OPENSSL_SYS_BEOS)
+ {
+ system_info sysInfo;
+ get_system_info(&sysInfo);
+ RAND_add(&sysInfo, sizeof(sysInfo), 0);
+ }
+# endif
+
# if defined(DEVRANDOM) || defined(DEVRANDOM_EGD)
return 1;
# else
Modified: trunk/crypto/openssl/crypto/rand/rand_vms.c
===================================================================
--- trunk/crypto/openssl/crypto/rand/rand_vms.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/rand/rand_vms.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -70,6 +70,18 @@
# pragma message disable DOLLARID
# endif
+/*
+ * Use 32-bit pointers almost everywhere. Define the type to which to cast a
+ * pointer passed to an external function.
+ */
+# if __INITIAL_POINTER_SIZE == 64
+# define PTR_T __void_ptr64
+# pragma pointer_size save
+# pragma pointer_size 32
+# else /* __INITIAL_POINTER_SIZE == 64 */
+# define PTR_T void *
+# endif /* __INITIAL_POINTER_SIZE == 64 [else] */
+
static struct items_data_st {
short length, code; /* length is amount of bytes */
} items_data[] = {
@@ -136,11 +148,11 @@
while ((status = sys$getjpiw(0, &pid, 0, item, iosb, 0, 0))
!= SS$_NOMOREPROC) {
if (status == SS$_NORMAL) {
- RAND_add(data_buffer, total_length, total_length / 2);
+ RAND_add((PTR_T) data_buffer, total_length, total_length / 2);
}
}
sys$gettim(iosb);
- RAND_add((unsigned char *)iosb, sizeof(iosb), sizeof(iosb) / 2);
+ RAND_add((PTR_T) iosb, sizeof(iosb), sizeof(iosb) / 2);
return 1;
}
Modified: trunk/crypto/openssl/crypto/rand/randfile.c
===================================================================
--- trunk/crypto/openssl/crypto/rand/randfile.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/rand/randfile.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -57,7 +57,9 @@
*/
/* We need to define this to get macros like S_IFBLK and S_IFCHR */
-#define _XOPEN_SOURCE 500
+#if !defined(OPENSSL_SYS_VXWORKS)
+# define _XOPEN_SOURCE 500
+#endif
#include <errno.h>
#include <stdio.h>
@@ -75,10 +77,9 @@
#ifndef NO_SYS_TYPES_H
# include <sys/types.h>
#endif
-#ifdef MAC_OS_pre_X
-# include <stat.h>
-#else
+#ifndef OPENSSL_NO_POSIX_IO
# include <sys/stat.h>
+# include <fcntl.h>
#endif
#ifdef _WIN32
@@ -117,7 +118,9 @@
*/
MS_STATIC unsigned char buf[BUFSIZE];
+#ifndef OPENSSL_NO_POSIX_IO
struct stat sb;
+#endif
int i, ret = 0, n;
FILE *in;
@@ -124,7 +127,8 @@
if (file == NULL)
return (0);
-#ifdef PURIFY
+#ifndef OPENSSL_NO_POSIX_IO
+# ifdef PURIFY
/*
* struct stat can have padding and unused fields that may not be
* initialized in the call to stat(). We need to clear the entire
@@ -132,11 +136,11 @@
* applications such as Valgrind.
*/
memset(&sb, 0, sizeof(sb));
-#endif
-
+# endif
if (stat(file, &sb) < 0)
return (0);
RAND_add(&sb, sizeof(sb), 0.0);
+#endif
if (bytes == 0)
return (ret);
@@ -147,8 +151,8 @@
#endif
if (in == NULL)
goto err;
-#if defined(S_ISBLK) && defined(S_ISCHR)
- if (S_ISBLK(sb.st_mode) || S_ISCHR(sb.st_mode)) {
+#if defined(S_IFBLK) && defined(S_IFCHR) && !defined(OPENSSL_NO_POSIX_IO)
+ if (sb.st_mode & (S_IFBLK | S_IFCHR)) {
/*
* this file is a device. we don't want read an infinite number of
* bytes from a random device, nor do we want to use buffered I/O
@@ -155,7 +159,9 @@
* because we will waste system entropy.
*/
bytes = (bytes == -1) ? 2048 : bytes; /* ok, is 2048 enough? */
+# ifndef OPENSSL_NO_SETVBUF_IONBF
setvbuf(in, NULL, _IONBF, 0); /* don't do buffered reads */
+# endif /* ndef OPENSSL_NO_SETVBUF_IONBF */
}
#endif
for (;;) {
@@ -191,11 +197,12 @@
int i, ret = 0, rand_err = 0;
FILE *out = NULL;
int n;
+#ifndef OPENSSL_NO_POSIX_IO
struct stat sb;
i = stat(file, &sb);
if (i != -1) {
-#if defined(S_ISBLK) && defined(S_ISCHR)
+# if defined(S_ISBLK) && defined(S_ISCHR)
if (S_ISBLK(sb.st_mode) || S_ISCHR(sb.st_mode)) {
/*
* this file is a device. we don't write back to it. we
@@ -205,17 +212,20 @@
*/
return (1);
}
+# endif
+ }
#endif
- }
-#if defined(O_CREAT) && !defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_SYS_VMS)
+
+#if defined(O_CREAT) && !defined(OPENSSL_NO_POSIX_IO) && !defined(OPENSSL_SYS_VMS)
{
- /* For some reason Win32 can't write to files created this way */
-
+# ifndef O_BINARY
+# define O_BINARY 0
+# endif
/*
* chmod(..., 0600) is too late to protect the file, permissions
* should be restrictive from the start
*/
- int fd = open(file, O_CREAT, 0600);
+ int fd = open(file, O_WRONLY | O_CREAT | O_BINARY, 0600);
if (fd != -1)
out = fdopen(fd, "wb");
}
@@ -279,7 +289,6 @@
{
char *s = NULL;
#ifdef __OpenBSD__
- int ok = 0;
struct stat sb;
#endif
@@ -302,9 +311,6 @@
BUF_strlcat(buf, "/", size);
#endif
BUF_strlcat(buf, RFILE, size);
-#ifdef __OpenBSD__
- ok = 1;
-#endif
} else
buf[0] = '\0'; /* no file name */
}
@@ -318,7 +324,7 @@
* available.
*/
- if (!ok)
+ if (!buf[0])
if (BUF_strlcpy(buf, "/dev/arandom", size) >= size) {
return (NULL);
}
Modified: trunk/crypto/openssl/crypto/rc2/Makefile
===================================================================
--- trunk/crypto/openssl/crypto/rc2/Makefile 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/rc2/Makefile 2015-07-21 23:23:45 UTC (rev 7118)
@@ -33,7 +33,7 @@
all: lib
lib: $(LIBOBJ)
- $(ARX) $(LIB) $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
@@ -61,6 +61,8 @@
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
+update: depend
+
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
@@ -79,7 +81,7 @@
rc2_ecb.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
rc2_ecb.o: ../../include/openssl/rc2.h rc2_ecb.c rc2_locl.h
rc2_skey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-rc2_skey.o: ../../include/openssl/fips.h ../../include/openssl/opensslconf.h
+rc2_skey.o: ../../include/openssl/opensslconf.h
rc2_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
rc2_skey.o: ../../include/openssl/rc2.h ../../include/openssl/safestack.h
rc2_skey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
Modified: trunk/crypto/openssl/crypto/rc2/rc2_skey.c
===================================================================
--- trunk/crypto/openssl/crypto/rc2/rc2_skey.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/rc2/rc2_skey.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -56,15 +56,11 @@
* [including the GNU Public Licence.]
*/
+#include <openssl/crypto.h>
#include <openssl/rc2.h>
-#include <openssl/crypto.h>
-#ifdef OPENSSL_FIPS
-# include <openssl/fips.h>
-#endif
-
#include "rc2_locl.h"
-static unsigned char key_table[256] = {
+static const unsigned char key_table[256] = {
0xd9, 0x78, 0xf9, 0xc4, 0x19, 0xdd, 0xb5, 0xed, 0x28, 0xe9, 0xfd, 0x79,
0x4a, 0xa0, 0xd8, 0x9d, 0xc6, 0x7e, 0x37, 0x83, 0x2b, 0x76, 0x53, 0x8e,
0x62, 0x4c, 0x64, 0x88, 0x44, 0x8b, 0xfb, 0xa2, 0x17, 0x9a, 0x59, 0xf5,
@@ -100,19 +96,15 @@
* shipped is the same as specifying 1024 for the 'bits' parameter. Bsafe
* uses a version where the bits parameter is the same as len*8
*/
-
+void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, int bits)
#ifdef OPENSSL_FIPS
-void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, int bits)
{
- if (FIPS_mode())
- FIPS_BAD_ABORT(RC2)
- private_RC2_set_key(key, len, data, bits);
+ fips_cipher_abort(RC2);
+ private_RC2_set_key(key, len, data, bits);
}
void private_RC2_set_key(RC2_KEY *key, int len, const unsigned char *data,
int bits)
-#else
-void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, int bits)
#endif
{
int i, j;
Modified: trunk/crypto/openssl/crypto/rc4/Makefile
===================================================================
--- trunk/crypto/openssl/crypto/rc4/Makefile 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/rc4/Makefile 2015-07-21 23:23:45 UTC (rev 7118)
@@ -21,8 +21,8 @@
APPS=
LIB=$(TOP)/libcrypto.a
-LIBSRC=rc4_skey.c rc4_enc.c rc4_fblk.c
-LIBOBJ=$(RC4_ENC) rc4_fblk.o
+LIBSRC=rc4_skey.c rc4_enc.c rc4_utl.c
+LIBOBJ=$(RC4_ENC) rc4_utl.o
SRC= $(LIBSRC)
@@ -37,29 +37,34 @@
all: lib
lib: $(LIBOBJ)
- $(ARX) $(LIB) $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
-# ELF
-rx86-elf.s: asm/rc4-586.pl ../perlasm/x86asm.pl
- (cd asm; $(PERL) rc4-586.pl elf $(CFLAGS) > ../$@)
-# COFF
-rx86-cof.s: asm/rc4-586.pl ../perlasm/x86asm.pl
- (cd asm; $(PERL) rc4-586.pl coff $(CFLAGS) > ../$@)
-# a.out
-rx86-out.s: asm/rc4-586.pl ../perlasm/x86asm.pl
- (cd asm; $(PERL) rc4-586.pl a.out $(CFLAGS) > ../$@)
+rc4-586.s: asm/rc4-586.pl ../perlasm/x86asm.pl
+ $(PERL) asm/rc4-586.pl $(PERLASM_SCHEME) $(CFLAGS) > $@
-rc4-x86_64.s: asm/rc4-x86_64.pl; $(PERL) asm/rc4-x86_64.pl $@
+rc4-x86_64.s: asm/rc4-x86_64.pl
+ $(PERL) asm/rc4-x86_64.pl $(PERLASM_SCHEME) > $@
+rc4-md5-x86_64.s: asm/rc4-md5-x86_64.pl
+ $(PERL) asm/rc4-md5-x86_64.pl $(PERLASM_SCHEME) > $@
-rc4-ia64.s: asm/rc4-ia64.S
+rc4-ia64.S: asm/rc4-ia64.pl
+ $(PERL) asm/rc4-ia64.pl $(CFLAGS) > $@
+
+rc4-parisc.s: asm/rc4-parisc.pl
+ $(PERL) asm/rc4-parisc.pl $(PERLASM_SCHEME) $@
+
+rc4-ia64.s: rc4-ia64.S
@case `awk '/^#define RC4_INT/{print$$NF}' $(TOP)/include/openssl/opensslconf.h` in \
- int) set -x; $(CC) $(CFLAGS) -DSZ=4 -E asm/rc4-ia64.S > $@ ;; \
- char) set -x; $(CC) $(CFLAGS) -DSZ=1 -E asm/rc4-ia64.S > $@ ;; \
+ int) set -x; $(CC) $(CFLAGS) -DSZ=4 -E rc4-ia64.S > $@ ;; \
+ char) set -x; $(CC) $(CFLAGS) -DSZ=1 -E rc4-ia64.S > $@ ;; \
*) exit 1 ;; \
esac
+# GNU make "catch all"
+rc4-%.s: asm/rc4-%.pl; $(PERL) $< $(PERLASM_SCHEME) $@
+
files:
$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
@@ -84,6 +89,8 @@
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
+update: depend
+
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
@@ -105,21 +112,16 @@
rc4_enc.o: ../../include/openssl/rc4.h ../../include/openssl/safestack.h
rc4_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
rc4_enc.o: ../cryptlib.h rc4_enc.c rc4_locl.h
-rc4_fblk.o: ../../e_os.h ../../include/openssl/bio.h
-rc4_fblk.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-rc4_fblk.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-rc4_fblk.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-rc4_fblk.o: ../../include/openssl/opensslconf.h
-rc4_fblk.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-rc4_fblk.o: ../../include/openssl/rc4.h ../../include/openssl/safestack.h
-rc4_fblk.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-rc4_fblk.o: ../cryptlib.h rc4_fblk.c rc4_locl.h
rc4_skey.o: ../../e_os.h ../../include/openssl/bio.h
rc4_skey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
rc4_skey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-rc4_skey.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-rc4_skey.o: ../../include/openssl/opensslconf.h
+rc4_skey.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
rc4_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
rc4_skey.o: ../../include/openssl/rc4.h ../../include/openssl/safestack.h
rc4_skey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
rc4_skey.o: ../cryptlib.h rc4_locl.h rc4_skey.c
+rc4_utl.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+rc4_utl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+rc4_utl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc4.h
+rc4_utl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+rc4_utl.o: ../../include/openssl/symhacks.h rc4_utl.c
Modified: trunk/crypto/openssl/crypto/rc4/asm/rc4-586.pl
===================================================================
--- trunk/crypto/openssl/crypto/rc4/asm/rc4-586.pl 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/rc4/asm/rc4-586.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,14 +1,21 @@
-#!/usr/local/bin/perl
+#!/usr/bin/env perl
+# ====================================================================
+# [Re]written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
# At some point it became apparent that the original SSLeay RC4
-# assembler implementation performs suboptimaly on latest IA-32
+# assembler implementation performs suboptimally on latest IA-32
# microarchitectures. After re-tuning performance has changed as
# following:
#
-# Pentium +0%
-# Pentium III +17%
-# AMD +52%(*)
-# P4 +180%(**)
+# Pentium -10%
+# Pentium III +12%
+# AMD +50%(*)
+# P4 +250%(**)
#
# (*) This number is actually a trade-off:-) It's possible to
# achieve +72%, but at the cost of -48% off PIII performance.
@@ -17,214 +24,387 @@
# For reference! This code delivers ~80% of rc4-amd64.pl
# performance on the same Opteron machine.
# (**) This number requires compressed key schedule set up by
-# RC4_set_key and therefore doesn't apply to 0.9.7 [option for
-# compressed key schedule is implemented in 0.9.8 and later,
-# see commentary section in rc4_skey.c for further details].
+# RC4_set_key [see commentary below for further details].
#
# <appro at fy.chalmers.se>
-push(@INC,"perlasm","../../perlasm");
+# May 2011
+#
+# Optimize for Core2 and Westmere [and incidentally Opteron]. Current
+# performance in cycles per processed byte (less is better) and
+# improvement relative to previous version of this module is:
+#
+# Pentium 10.2 # original numbers
+# Pentium III 7.8(*)
+# Intel P4 7.5
+#
+# Opteron 6.1/+20% # new MMX numbers
+# Core2 5.3/+67%(**)
+# Westmere 5.1/+94%(**)
+# Sandy Bridge 5.0/+8%
+# Atom 12.6/+6%
+#
+# (*) PIII can actually deliver 6.6 cycles per byte with MMX code,
+# but this specific code performs poorly on Core2. And vice
+# versa, below MMX/SSE code delivering 5.8/7.1 on Core2 performs
+# poorly on PIII, at 8.0/14.5:-( As PIII is not a "hot" CPU
+# [anymore], I chose to discard PIII-specific code path and opt
+# for original IALU-only code, which is why MMX/SSE code path
+# is guarded by SSE2 bit (see below), not MMX/SSE.
+# (**) Performance vs. block size on Core2 and Westmere had a maximum
+# at ... 64 bytes block size. And it was quite a maximum, 40-60%
+# in comparison to largest 8KB block size. Above improvement
+# coefficients are for the largest block size.
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
require "x86asm.pl";
&asm_init($ARGV[0],"rc4-586.pl");
-$x="eax";
-$y="ebx";
+$xx="eax";
+$yy="ebx";
$tx="ecx";
$ty="edx";
-$in="esi";
-$out="edi";
-$d="ebp";
+$inp="esi";
+$out="ebp";
+$dat="edi";
-&RC4("RC4");
+sub RC4_loop {
+ my $i=shift;
+ my $func = ($i==0)?*mov:*or;
-&asm_finish();
+ &add (&LB($yy),&LB($tx));
+ &mov ($ty,&DWP(0,$dat,$yy,4));
+ &mov (&DWP(0,$dat,$yy,4),$tx);
+ &mov (&DWP(0,$dat,$xx,4),$ty);
+ &add ($ty,$tx);
+ &inc (&LB($xx));
+ &and ($ty,0xff);
+ &ror ($out,8) if ($i!=0);
+ if ($i<3) {
+ &mov ($tx,&DWP(0,$dat,$xx,4));
+ } else {
+ &mov ($tx,&wparam(3)); # reload [re-biased] out
+ }
+ &$func ($out,&DWP(0,$dat,$ty,4));
+}
-sub RC4_loop
- {
- local($n,$p,$char)=@_;
+if ($alt=0) {
+ # >20% faster on Atom and Sandy Bridge[!], 8% faster on Opteron,
+ # but ~40% slower on Core2 and Westmere... Attempt to add movz
+ # brings down Opteron by 25%, Atom and Sandy Bridge by 15%, yet
+ # on Core2 with movz it's almost 20% slower than below alternative
+ # code... Yes, it's a total mess...
+ my @XX=($xx,$out);
+ $RC4_loop_mmx = sub { # SSE actually...
+ my $i=shift;
+ my $j=$i<=0?0:$i>>1;
+ my $mm=$i<=0?"mm0":"mm".($i&1);
- &comment("Round $n");
+ &add (&LB($yy),&LB($tx));
+ &lea (@XX[1],&DWP(1, at XX[0]));
+ &pxor ("mm2","mm0") if ($i==0);
+ &psllq ("mm1",8) if ($i==0);
+ &and (@XX[1],0xff);
+ &pxor ("mm0","mm0") if ($i<=0);
+ &mov ($ty,&DWP(0,$dat,$yy,4));
+ &mov (&DWP(0,$dat,$yy,4),$tx);
+ &pxor ("mm1","mm2") if ($i==0);
+ &mov (&DWP(0,$dat,$XX[0],4),$ty);
+ &add (&LB($ty),&LB($tx));
+ &movd (@XX[0],"mm7") if ($i==0);
+ &mov ($tx,&DWP(0,$dat, at XX[1],4));
+ &pxor ("mm1","mm1") if ($i==1);
+ &movq ("mm2",&QWP(0,$inp)) if ($i==1);
+ &movq (&QWP(-8,(@XX[0],$inp)),"mm1") if ($i==0);
+ &pinsrw ($mm,&DWP(0,$dat,$ty,4),$j);
- if ($char)
- {
- if ($p >= 0)
- {
- &mov($ty, &swtmp(2));
- &cmp($ty, $in);
- &jbe(&label("finished"));
- &inc($in);
- }
- else
- {
- &add($ty, 8);
- &inc($in);
- &cmp($ty, $in);
- &jb(&label("finished"));
- &mov(&swtmp(2), $ty);
- }
- }
- # Moved out
- # &mov( $tx, &DWP(0,$d,$x,4)) if $p < 0;
+ push (@XX,shift(@XX)) if ($i>=0);
+ }
+} else {
+ # Using pinsrw here improves performane on Intel CPUs by 2-3%, but
+ # brings down AMD by 7%...
+ $RC4_loop_mmx = sub {
+ my $i=shift;
- &add( &LB($y), &LB($tx));
- &mov( $ty, &DWP(0,$d,$y,4));
- # XXX
- &mov( &DWP(0,$d,$x,4),$ty);
- &add( $ty, $tx);
- &mov( &DWP(0,$d,$y,4),$tx);
- &and( $ty, 0xff);
- &inc( &LB($x)); # NEXT ROUND
- &mov( $tx, &DWP(0,$d,$x,4)) if $p < 1; # NEXT ROUND
- &mov( $ty, &DWP(0,$d,$ty,4));
+ &add (&LB($yy),&LB($tx));
+ &psllq ("mm1",8*(($i-1)&7)) if (abs($i)!=1);
+ &mov ($ty,&DWP(0,$dat,$yy,4));
+ &mov (&DWP(0,$dat,$yy,4),$tx);
+ &mov (&DWP(0,$dat,$xx,4),$ty);
+ &inc ($xx);
+ &add ($ty,$tx);
+ &movz ($xx,&LB($xx)); # (*)
+ &movz ($ty,&LB($ty)); # (*)
+ &pxor ("mm2",$i==1?"mm0":"mm1") if ($i>=0);
+ &movq ("mm0",&QWP(0,$inp)) if ($i<=0);
+ &movq (&QWP(-8,($out,$inp)),"mm2") if ($i==0);
+ &mov ($tx,&DWP(0,$dat,$xx,4));
+ &movd ($i>0?"mm1":"mm2",&DWP(0,$dat,$ty,4));
- if (!$char)
- {
- #moved up into last round
- if ($p >= 1)
- {
- &add( $out, 8)
- }
- &movb( &BP($n,"esp","",0), &LB($ty));
- }
- else
- {
- # Note in+=8 has occured
- &movb( &HB($ty), &BP(-1,$in,"",0));
- # XXX
- &xorb(&LB($ty), &HB($ty));
- # XXX
- &movb(&BP($n,$out,"",0),&LB($ty));
- }
- }
+ # (*) This is the key to Core2 and Westmere performance.
+ # Whithout movz out-of-order execution logic confuses
+ # itself and fails to reorder loads and stores. Problem
+ # appears to be fixed in Sandy Bridge...
+ }
+}
+&external_label("OPENSSL_ia32cap_P");
-sub RC4
- {
- local($name)=@_;
+# void RC4(RC4_KEY *key,size_t len,const unsigned char *inp,unsigned char *out);
+&function_begin("RC4");
+ &mov ($dat,&wparam(0)); # load key schedule pointer
+ &mov ($ty, &wparam(1)); # load len
+ &mov ($inp,&wparam(2)); # load inp
+ &mov ($out,&wparam(3)); # load out
- &function_begin_B($name,"");
+ &xor ($xx,$xx); # avoid partial register stalls
+ &xor ($yy,$yy);
- &mov($ty,&wparam(1)); # len
- &cmp($ty,0);
- &jne(&label("proceed"));
- &ret();
- &set_label("proceed");
+ &cmp ($ty,0); # safety net
+ &je (&label("abort"));
- &comment("");
+ &mov (&LB($xx),&BP(0,$dat)); # load key->x
+ &mov (&LB($yy),&BP(4,$dat)); # load key->y
+ &add ($dat,8);
- &push("ebp");
- &push("ebx");
- &push("esi");
- &xor( $x, $x); # avoid partial register stalls
- &push("edi");
- &xor( $y, $y); # avoid partial register stalls
- &mov( $d, &wparam(0)); # key
- &mov( $in, &wparam(2));
+ &lea ($tx,&DWP(0,$inp,$ty));
+ &sub ($out,$inp); # re-bias out
+ &mov (&wparam(1),$tx); # save input+len
- &movb( &LB($x), &BP(0,$d,"",1));
- &movb( &LB($y), &BP(4,$d,"",1));
+ &inc (&LB($xx));
- &mov( $out, &wparam(3));
- &inc( &LB($x));
+ # detect compressed key schedule...
+ &cmp (&DWP(256,$dat),-1);
+ &je (&label("RC4_CHAR"));
- &stack_push(3); # 3 temp variables
- &add( $d, 8);
+ &mov ($tx,&DWP(0,$dat,$xx,4));
- # detect compressed schedule, see commentary section in rc4_skey.c...
- # in 0.9.7 context ~50 bytes below RC4_CHAR label remain redundant,
- # as compressed key schedule is set up in 0.9.8 and later.
- &cmp(&DWP(256,$d),-1);
- &je(&label("RC4_CHAR"));
+ &and ($ty,-4); # how many 4-byte chunks?
+ &jz (&label("loop1"));
- &lea( $ty, &DWP(-8,$ty,$in));
+ &test ($ty,-8);
+ &mov (&wparam(3),$out); # $out as accumulator in these loops
+ &jz (&label("go4loop4"));
- # check for 0 length input
+ &picmeup($out,"OPENSSL_ia32cap_P");
+ &bt (&DWP(0,$out),26); # check SSE2 bit [could have been MMX]
+ &jnc (&label("go4loop4"));
- &mov( &swtmp(2), $ty); # this is now address to exit at
- &mov( $tx, &DWP(0,$d,$x,4));
+ &mov ($out,&wparam(3)) if (!$alt);
+ &movd ("mm7",&wparam(3)) if ($alt);
+ &and ($ty,-8);
+ &lea ($ty,&DWP(-8,$inp,$ty));
+ &mov (&DWP(-4,$dat),$ty); # save input+(len/8)*8-8
- &cmp( $ty, $in);
- &jb( &label("end")); # less than 8 bytes
+ &$RC4_loop_mmx(-1);
+ &jmp(&label("loop_mmx_enter"));
- &set_label("start");
+ &set_label("loop_mmx",16);
+ &$RC4_loop_mmx(0);
+ &set_label("loop_mmx_enter");
+ for ($i=1;$i<8;$i++) { &$RC4_loop_mmx($i); }
+ &mov ($ty,$yy);
+ &xor ($yy,$yy); # this is second key to Core2
+ &mov (&LB($yy),&LB($ty)); # and Westmere performance...
+ &cmp ($inp,&DWP(-4,$dat));
+ &lea ($inp,&DWP(8,$inp));
+ &jb (&label("loop_mmx"));
- # filling DELAY SLOT
- &add( $in, 8);
+ if ($alt) {
+ &movd ($out,"mm7");
+ &pxor ("mm2","mm0");
+ &psllq ("mm1",8);
+ &pxor ("mm1","mm2");
+ &movq (&QWP(-8,$out,$inp),"mm1");
+ } else {
+ &psllq ("mm1",56);
+ &pxor ("mm2","mm1");
+ &movq (&QWP(-8,$out,$inp),"mm2");
+ }
+ &emms ();
- &RC4_loop(0,-1,0);
- &RC4_loop(1,0,0);
- &RC4_loop(2,0,0);
- &RC4_loop(3,0,0);
- &RC4_loop(4,0,0);
- &RC4_loop(5,0,0);
- &RC4_loop(6,0,0);
- &RC4_loop(7,1,0);
-
- &comment("apply the cipher text");
- # xor the cipher data with input
+ &cmp ($inp,&wparam(1)); # compare to input+len
+ &je (&label("done"));
+ &jmp (&label("loop1"));
- #&add( $out, 8); #moved up into last round
+&set_label("go4loop4",16);
+ &lea ($ty,&DWP(-4,$inp,$ty));
+ &mov (&wparam(2),$ty); # save input+(len/4)*4-4
- &mov( $tx, &swtmp(0));
- &mov( $ty, &DWP(-8,$in,"",0));
- &xor( $tx, $ty);
- &mov( $ty, &DWP(-4,$in,"",0));
- &mov( &DWP(-8,$out,"",0), $tx);
- &mov( $tx, &swtmp(1));
- &xor( $tx, $ty);
- &mov( $ty, &swtmp(2)); # load end ptr;
- &mov( &DWP(-4,$out,"",0), $tx);
- &mov( $tx, &DWP(0,$d,$x,4));
- &cmp($in, $ty);
- &jbe(&label("start"));
+ &set_label("loop4");
+ for ($i=0;$i<4;$i++) { RC4_loop($i); }
+ &ror ($out,8);
+ &xor ($out,&DWP(0,$inp));
+ &cmp ($inp,&wparam(2)); # compare to input+(len/4)*4-4
+ &mov (&DWP(0,$tx,$inp),$out);# $tx holds re-biased out here
+ &lea ($inp,&DWP(4,$inp));
+ &mov ($tx,&DWP(0,$dat,$xx,4));
+ &jb (&label("loop4"));
- &set_label("end");
+ &cmp ($inp,&wparam(1)); # compare to input+len
+ &je (&label("done"));
+ &mov ($out,&wparam(3)); # restore $out
- # There is quite a bit of extra crap in RC4_loop() for this
- # first round
- &RC4_loop(0,-1,1);
- &RC4_loop(1,0,1);
- &RC4_loop(2,0,1);
- &RC4_loop(3,0,1);
- &RC4_loop(4,0,1);
- &RC4_loop(5,0,1);
- &RC4_loop(6,1,1);
+ &set_label("loop1",16);
+ &add (&LB($yy),&LB($tx));
+ &mov ($ty,&DWP(0,$dat,$yy,4));
+ &mov (&DWP(0,$dat,$yy,4),$tx);
+ &mov (&DWP(0,$dat,$xx,4),$ty);
+ &add ($ty,$tx);
+ &inc (&LB($xx));
+ &and ($ty,0xff);
+ &mov ($ty,&DWP(0,$dat,$ty,4));
+ &xor (&LB($ty),&BP(0,$inp));
+ &lea ($inp,&DWP(1,$inp));
+ &mov ($tx,&DWP(0,$dat,$xx,4));
+ &cmp ($inp,&wparam(1)); # compare to input+len
+ &mov (&BP(-1,$out,$inp),&LB($ty));
+ &jb (&label("loop1"));
- &jmp(&label("finished"));
+ &jmp (&label("done"));
- &align(16);
- # this is essentially Intel P4 specific codepath, see rc4_skey.c,
- # and is engaged in 0.9.8 and later context...
- &set_label("RC4_CHAR");
-
- &lea ($ty,&DWP(0,$in,$ty));
- &mov (&swtmp(2),$ty);
- &movz ($tx,&BP(0,$d,$x));
-
+# this is essentially Intel P4 specific codepath...
+&set_label("RC4_CHAR",16);
+ &movz ($tx,&BP(0,$dat,$xx));
# strangely enough unrolled loop performs over 20% slower...
- &set_label("RC4_CHAR_loop");
- &add (&LB($y),&LB($tx));
- &movz ($ty,&BP(0,$d,$y));
- &movb (&BP(0,$d,$y),&LB($tx));
- &movb (&BP(0,$d,$x),&LB($ty));
+ &set_label("cloop1");
+ &add (&LB($yy),&LB($tx));
+ &movz ($ty,&BP(0,$dat,$yy));
+ &mov (&BP(0,$dat,$yy),&LB($tx));
+ &mov (&BP(0,$dat,$xx),&LB($ty));
&add (&LB($ty),&LB($tx));
- &movz ($ty,&BP(0,$d,$ty));
- &add (&LB($x),1);
- &xorb (&LB($ty),&BP(0,$in));
- &lea ($in,&DWP(1,$in));
- &movz ($tx,&BP(0,$d,$x));
- &cmp ($in,&swtmp(2));
- &movb (&BP(0,$out),&LB($ty));
- &lea ($out,&DWP(1,$out));
- &jb (&label("RC4_CHAR_loop"));
+ &movz ($ty,&BP(0,$dat,$ty));
+ &add (&LB($xx),1);
+ &xor (&LB($ty),&BP(0,$inp));
+ &lea ($inp,&DWP(1,$inp));
+ &movz ($tx,&BP(0,$dat,$xx));
+ &cmp ($inp,&wparam(1));
+ &mov (&BP(-1,$out,$inp),&LB($ty));
+ &jb (&label("cloop1"));
- &set_label("finished");
- &dec( $x);
- &stack_pop(3);
- &movb( &BP(-4,$d,"",0),&LB($y));
- &movb( &BP(-8,$d,"",0),&LB($x));
+&set_label("done");
+ &dec (&LB($xx));
+ &mov (&DWP(-4,$dat),$yy); # save key->y
+ &mov (&BP(-8,$dat),&LB($xx)); # save key->x
+&set_label("abort");
+&function_end("RC4");
- &function_end($name);
- }
+########################################################################
+$inp="esi";
+$out="edi";
+$idi="ebp";
+$ido="ecx";
+$idx="edx";
+
+# void RC4_set_key(RC4_KEY *key,int len,const unsigned char *data);
+&function_begin("private_RC4_set_key");
+ &mov ($out,&wparam(0)); # load key
+ &mov ($idi,&wparam(1)); # load len
+ &mov ($inp,&wparam(2)); # load data
+ &picmeup($idx,"OPENSSL_ia32cap_P");
+
+ &lea ($out,&DWP(2*4,$out)); # &key->data
+ &lea ($inp,&DWP(0,$inp,$idi)); # $inp to point at the end
+ &neg ($idi);
+ &xor ("eax","eax");
+ &mov (&DWP(-4,$out),$idi); # borrow key->y
+
+ &bt (&DWP(0,$idx),20); # check for bit#20
+ &jc (&label("c1stloop"));
+
+&set_label("w1stloop",16);
+ &mov (&DWP(0,$out,"eax",4),"eax"); # key->data[i]=i;
+ &add (&LB("eax"),1); # i++;
+ &jnc (&label("w1stloop"));
+
+ &xor ($ido,$ido);
+ &xor ($idx,$idx);
+
+&set_label("w2ndloop",16);
+ &mov ("eax",&DWP(0,$out,$ido,4));
+ &add (&LB($idx),&BP(0,$inp,$idi));
+ &add (&LB($idx),&LB("eax"));
+ &add ($idi,1);
+ &mov ("ebx",&DWP(0,$out,$idx,4));
+ &jnz (&label("wnowrap"));
+ &mov ($idi,&DWP(-4,$out));
+ &set_label("wnowrap");
+ &mov (&DWP(0,$out,$idx,4),"eax");
+ &mov (&DWP(0,$out,$ido,4),"ebx");
+ &add (&LB($ido),1);
+ &jnc (&label("w2ndloop"));
+&jmp (&label("exit"));
+
+# Unlike all other x86 [and x86_64] implementations, Intel P4 core
+# [including EM64T] was found to perform poorly with above "32-bit" key
+# schedule, a.k.a. RC4_INT. Performance improvement for IA-32 hand-coded
+# assembler turned out to be 3.5x if re-coded for compressed 8-bit one,
+# a.k.a. RC4_CHAR! It's however inappropriate to just switch to 8-bit
+# schedule for x86[_64], because non-P4 implementations suffer from
+# significant performance losses then, e.g. PIII exhibits >2x
+# deterioration, and so does Opteron. In order to assure optimal
+# all-round performance, we detect P4 at run-time and set up compressed
+# key schedule, which is recognized by RC4 procedure.
+
+&set_label("c1stloop",16);
+ &mov (&BP(0,$out,"eax"),&LB("eax")); # key->data[i]=i;
+ &add (&LB("eax"),1); # i++;
+ &jnc (&label("c1stloop"));
+
+ &xor ($ido,$ido);
+ &xor ($idx,$idx);
+ &xor ("ebx","ebx");
+
+&set_label("c2ndloop",16);
+ &mov (&LB("eax"),&BP(0,$out,$ido));
+ &add (&LB($idx),&BP(0,$inp,$idi));
+ &add (&LB($idx),&LB("eax"));
+ &add ($idi,1);
+ &mov (&LB("ebx"),&BP(0,$out,$idx));
+ &jnz (&label("cnowrap"));
+ &mov ($idi,&DWP(-4,$out));
+ &set_label("cnowrap");
+ &mov (&BP(0,$out,$idx),&LB("eax"));
+ &mov (&BP(0,$out,$ido),&LB("ebx"));
+ &add (&LB($ido),1);
+ &jnc (&label("c2ndloop"));
+
+ &mov (&DWP(256,$out),-1); # mark schedule as compressed
+
+&set_label("exit");
+ &xor ("eax","eax");
+ &mov (&DWP(-8,$out),"eax"); # key->x=0;
+ &mov (&DWP(-4,$out),"eax"); # key->y=0;
+&function_end("private_RC4_set_key");
+
+# const char *RC4_options(void);
+&function_begin_B("RC4_options");
+ &call (&label("pic_point"));
+&set_label("pic_point");
+ &blindpop("eax");
+ &lea ("eax",&DWP(&label("opts")."-".&label("pic_point"),"eax"));
+ &picmeup("edx","OPENSSL_ia32cap_P");
+ &mov ("edx",&DWP(0,"edx"));
+ &bt ("edx",20);
+ &jc (&label("1xchar"));
+ &bt ("edx",26);
+ &jnc (&label("ret"));
+ &add ("eax",25);
+ &ret ();
+&set_label("1xchar");
+ &add ("eax",12);
+&set_label("ret");
+ &ret ();
+&set_label("opts",64);
+&asciz ("rc4(4x,int)");
+&asciz ("rc4(1x,char)");
+&asciz ("rc4(8x,mmx)");
+&asciz ("RC4 for x86, CRYPTOGAMS by <appro\@openssl.org>");
+&align (64);
+&function_end_B("RC4_options");
+
+&asm_finish();
+
Deleted: trunk/crypto/openssl/crypto/rc4/asm/rc4-ia64.S
===================================================================
--- trunk/crypto/openssl/crypto/rc4/asm/rc4-ia64.S 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/rc4/asm/rc4-ia64.S 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,159 +0,0 @@
-// ====================================================================
-// Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
-// project.
-//
-// Rights for redistribution and usage in source and binary forms are
-// granted according to the OpenSSL license. Warranty of any kind is
-// disclaimed.
-// ====================================================================
-
-.ident "rc4-ia64.S, Version 2.0"
-.ident "IA-64 ISA artwork by Andy Polyakov <appro at fy.chalmers.se>"
-
-// What's wrong with compiler generated code? Because of the nature of
-// C language, compiler doesn't [dare to] reorder load and stores. But
-// being memory-bound, RC4 should benefit from reorder [on in-order-
-// execution core such as IA-64]. But what can we reorder? At the very
-// least we can safely reorder references to key schedule in respect
-// to input and output streams. Secondly, from the first [close] glance
-// it appeared that it's possible to pull up some references to
-// elements of the key schedule itself. Original rationale ["prior
-// loads are not safe only for "degenerated" key schedule, when some
-// elements equal to the same value"] was kind of sloppy. I should have
-// formulated as it really was: if we assume that pulling up reference
-// to key[x+1] is not safe, then it would mean that key schedule would
-// "degenerate," which is never the case. The problem is that this
-// holds true in respect to references to key[x], but not to key[y].
-// Legitimate "collisions" do occur within every 256^2 bytes window.
-// Fortunately there're enough free instruction slots to keep prior
-// reference to key[x+1], detect "collision" and compensate for it.
-// All this without sacrificing a single clock cycle:-) Throughput is
-// ~210MBps on 900MHz CPU, which is is >3x faster than gcc generated
-// code and +30% - if compared to HP-UX C. Unrolling loop below should
-// give >30% on top of that...
-
-.text
-.explicit
-
-#if defined(_HPUX_SOURCE) && !defined(_LP64)
-# define ADDP addp4
-#else
-# define ADDP add
-#endif
-
-#ifndef SZ
-#define SZ 4 // this is set to sizeof(RC4_INT)
-#endif
-// SZ==4 seems to be optimal. At least SZ==8 is not any faster, not for
-// assembler implementation, while SZ==1 code is ~30% slower.
-#if SZ==1 // RC4_INT is unsigned char
-# define LDKEY ld1
-# define STKEY st1
-# define OFF 0
-#elif SZ==4 // RC4_INT is unsigned int
-# define LDKEY ld4
-# define STKEY st4
-# define OFF 2
-#elif SZ==8 // RC4_INT is unsigned long
-# define LDKEY ld8
-# define STKEY st8
-# define OFF 3
-#endif
-
-out=r8; // [expanded] output pointer
-inp=r9; // [expanded] output pointer
-prsave=r10;
-key=r28; // [expanded] pointer to RC4_KEY
-ksch=r29; // (key->data+255)[&~(sizeof(key->data)-1)]
-xx=r30;
-yy=r31;
-
-// void RC4(RC4_KEY *key,size_t len,const void *inp,void *out);
-.global RC4#
-.proc RC4#
-.align 32
-.skip 16
-RC4:
- .prologue
- .save ar.pfs,r2
-{ .mii; alloc r2=ar.pfs,4,12,0,16
- .save pr,prsave
- mov prsave=pr
- ADDP key=0,in0 };;
-{ .mib; cmp.eq p6,p0=0,in1 // len==0?
- .save ar.lc,r3
- mov r3=ar.lc
-(p6) br.ret.spnt.many b0 };; // emergency exit
-
- .body
- .rotr dat[4],key_x[4],tx[2],rnd[2],key_y[2],ty[1];
-
-{ .mib; LDKEY xx=[key],SZ // load key->x
- add in1=-1,in1 // adjust len for loop counter
- nop.b 0 }
-{ .mib; ADDP inp=0,in2
- ADDP out=0,in3
- brp.loop.imp .Ltop,.Lexit-16 };;
-{ .mmi; LDKEY yy=[key] // load key->y
- add ksch=SZ,key
- mov ar.lc=in1 }
-{ .mmi; mov key_y[1]=r0 // guarantee inequality
- // in first iteration
- add xx=1,xx
- mov pr.rot=1<<16 };;
-{ .mii; nop.m 0
- dep key_x[1]=xx,r0,OFF,8
- mov ar.ec=3 };; // note that epilogue counter
- // is off by 1. I compensate
- // for this at exit...
-.Ltop:
-// The loop is scheduled for 4*(n+2) spin-rate on Itanium 2, which
-// theoretically gives asymptotic performance of clock frequency
-// divided by 4 bytes per seconds, or 400MBps on 1.6GHz CPU. This is
-// for sizeof(RC4_INT)==4. For smaller RC4_INT STKEY inadvertently
-// splits the last bundle and you end up with 5*n spin-rate:-(
-// Originally the loop was scheduled for 3*n and relied on key
-// schedule to be aligned at 256*sizeof(RC4_INT) boundary. But
-// *(out++)=dat, which maps to st1, had same effect [inadvertent
-// bundle split] and holded the loop back. Rescheduling for 4*n
-// made it possible to eliminate dependence on specific alignment
-// and allow OpenSSH keep "abusing" our API. Reaching for 3*n would
-// require unrolling, sticking to variable shift instruction for
-// collecting output [to avoid starvation for integer shifter] and
-// copying of key schedule to controlled place in stack [so that
-// deposit instruction can serve as substitute for whole
-// key->data+((x&255)<<log2(sizeof(key->data[0])))]...
-{ .mmi; (p19) st1 [out]=dat[3],1 // *(out++)=dat
- (p16) add xx=1,xx // x++
- (p18) dep rnd[1]=rnd[1],r0,OFF,8 } // ((tx+ty)&255)<<OFF
-{ .mmi; (p16) add key_x[1]=ksch,key_x[1] // &key[xx&255]
- (p17) add key_y[1]=ksch,key_y[1] };; // &key[yy&255]
-{ .mmi; (p16) LDKEY tx[0]=[key_x[1]] // tx=key[xx]
- (p17) LDKEY ty[0]=[key_y[1]] // ty=key[yy]
- (p16) dep key_x[0]=xx,r0,OFF,8 } // (xx&255)<<OFF
-{ .mmi; (p18) add rnd[1]=ksch,rnd[1] // &key[(tx+ty)&255]
- (p16) cmp.ne.unc p20,p21=key_x[1],key_y[1] };;
-{ .mmi; (p18) LDKEY rnd[1]=[rnd[1]] // rnd=key[(tx+ty)&255]
- (p16) ld1 dat[0]=[inp],1 } // dat=*(inp++)
-.pred.rel "mutex",p20,p21
-{ .mmi; (p21) add yy=yy,tx[1] // (p16)
- (p20) add yy=yy,tx[0] // (p16) y+=tx
- (p21) mov tx[0]=tx[1] };; // (p16)
-{ .mmi; (p17) STKEY [key_y[1]]=tx[1] // key[yy]=tx
- (p17) STKEY [key_x[2]]=ty[0] // key[xx]=ty
- (p16) dep key_y[0]=yy,r0,OFF,8 } // &key[yy&255]
-{ .mmb; (p17) add rnd[0]=tx[1],ty[0] // tx+=ty
- (p18) xor dat[2]=dat[2],rnd[1] // dat^=rnd
- br.ctop.sptk .Ltop };;
-.Lexit:
-{ .mib; STKEY [key]=yy,-SZ // save key->y
- mov pr=prsave,0x1ffff
- nop.b 0 }
-{ .mib; st1 [out]=dat[3],1 // compensate for truncated
- // epilogue counter
- add xx=-1,xx
- nop.b 0 };;
-{ .mib; STKEY [key]=xx // save key->x
- mov ar.lc=r3
- br.ret.sptk.many b0 };;
-.endp RC4#
Copied: trunk/crypto/openssl/crypto/rc4/asm/rc4-ia64.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/rc4/asm/rc4-ia64.pl)
===================================================================
--- trunk/crypto/openssl/crypto/rc4/asm/rc4-ia64.pl (rev 0)
+++ trunk/crypto/openssl/crypto/rc4/asm/rc4-ia64.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,755 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by David Mosberger <David.Mosberger at acm.org> based on the
+# Itanium optimized Crypto code which was released by HP Labs at
+# http://www.hpl.hp.com/research/linux/crypto/.
+#
+# Copyright (c) 2005 Hewlett-Packard Development Company, L.P.
+#
+# Permission is hereby granted, free of charge, to any person obtaining
+# a copy of this software and associated documentation files (the
+# "Software"), to deal in the Software without restriction, including
+# without limitation the rights to use, copy, modify, merge, publish,
+# distribute, sublicense, and/or sell copies of the Software, and to
+# permit persons to whom the Software is furnished to do so, subject to
+# the following conditions:
+#
+# The above copyright notice and this permission notice shall be
+# included in all copies or substantial portions of the Software.
+
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. */
+
+
+
+# This is a little helper program which generates a software-pipelined
+# for RC4 encryption. The basic algorithm looks like this:
+#
+# for (counter = 0; counter < len; ++counter)
+# {
+# in = inp[counter];
+# SI = S[I];
+# J = (SI + J) & 0xff;
+# SJ = S[J];
+# T = (SI + SJ) & 0xff;
+# S[I] = SJ, S[J] = SI;
+# ST = S[T];
+# outp[counter] = in ^ ST;
+# I = (I + 1) & 0xff;
+# }
+#
+# Pipelining this loop isn't easy, because the stores to the S[] array
+# need to be observed in the right order. The loop generated by the
+# code below has the following pipeline diagram:
+#
+# cycle
+# | 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 |10 |11 |12 |13 |14 |15 |16 |17 |
+# iter
+# 1: xxx LDI xxx xxx xxx LDJ xxx SWP xxx LDT xxx xxx
+# 2: xxx LDI xxx xxx xxx LDJ xxx SWP xxx LDT xxx xxx
+# 3: xxx LDI xxx xxx xxx LDJ xxx SWP xxx LDT xxx xxx
+#
+# where:
+# LDI = load of S[I]
+# LDJ = load of S[J]
+# SWP = swap of S[I] and S[J]
+# LDT = load of S[T]
+#
+# Note that in the above diagram, the major trouble-spot is that LDI
+# of the 2nd iteration is performed BEFORE the SWP of the first
+# iteration. Fortunately, this is easy to detect (I of the 1st
+# iteration will be equal to J of the 2nd iteration) and when this
+# happens, we simply forward the proper value from the 1st iteration
+# to the 2nd one. The proper value in this case is simply the value
+# of S[I] from the first iteration (thanks to the fact that SWP
+# simply swaps the contents of S[I] and S[J]).
+#
+# Another potential trouble-spot is in cycle 7, where SWP of the 1st
+# iteration issues at the same time as the LDI of the 3rd iteration.
+# However, thanks to IA-64 execution semantics, this can be taken
+# care of simply by placing LDI later in the instruction-group than
+# SWP. IA-64 CPUs will automatically forward the value if they
+# detect that the SWP and LDI are accessing the same memory-location.
+
+# The core-loop that can be pipelined then looks like this (annotated
+# with McKinley/Madison issue port & latency numbers, assuming L1
+# cache hits for the most part):
+
+# operation: instruction: issue-ports: latency
+# ------------------ ----------------------------- ------------- -------
+
+# Data = *inp++ ld1 data = [inp], 1 M0-M1 1 cyc c0
+# shladd Iptr = I, KeyTable, 3 M0-M3, I0, I1 1 cyc
+# I = (I + 1) & 0xff padd1 nextI = I, one M0-M3, I0, I1 3 cyc
+# ;;
+# SI = S[I] ld8 SI = [Iptr] M0-M1 1 cyc c1 * after SWAP!
+# ;;
+# cmp.eq.unc pBypass = I, J * after J is valid!
+# J = SI + J add J = J, SI M0-M3, I0, I1 1 cyc c2
+# (pBypass) br.cond.spnt Bypass
+# ;;
+# ---------------------------------------------------------------------------------------
+# J = J & 0xff zxt1 J = J I0, I1, 1 cyc c3
+# ;;
+# shladd Jptr = J, KeyTable, 3 M0-M3, I0, I1 1 cyc c4
+# ;;
+# SJ = S[J] ld8 SJ = [Jptr] M0-M1 1 cyc c5
+# ;;
+# ---------------------------------------------------------------------------------------
+# T = (SI + SJ) add T = SI, SJ M0-M3, I0, I1 1 cyc c6
+# ;;
+# T = T & 0xff zxt1 T = T I0, I1 1 cyc
+# S[I] = SJ st8 [Iptr] = SJ M2-M3 c7
+# S[J] = SI st8 [Jptr] = SI M2-M3
+# ;;
+# shladd Tptr = T, KeyTable, 3 M0-M3, I0, I1 1 cyc c8
+# ;;
+# ---------------------------------------------------------------------------------------
+# T = S[T] ld8 T = [Tptr] M0-M1 1 cyc c9
+# ;;
+# data ^= T xor data = data, T M0-M3, I0, I1 1 cyc c10
+# ;;
+# *out++ = Data ^ T dep word = word, data, 8, POS I0, I1 1 cyc c11
+# ;;
+# ---------------------------------------------------------------------------------------
+
+# There are several points worth making here:
+
+# - Note that due to the bypass/forwarding-path, the first two
+# phases of the loop are strangly mingled together. In
+# particular, note that the first stage of the pipeline is
+# using the value of "J", as calculated by the second stage.
+# - Each bundle-pair will have exactly 6 instructions.
+# - Pipelined, the loop can execute in 3 cycles/iteration and
+# 4 stages. However, McKinley/Madison can issue "st1" to
+# the same bank at a rate of at most one per 4 cycles. Thus,
+# instead of storing each byte, we accumulate them in a word
+# and then write them back at once with a single "st8" (this
+# implies that the setup code needs to ensure that the output
+# buffer is properly aligned, if need be, by encoding the
+# first few bytes separately).
+# - There is no space for a "br.ctop" instruction. For this
+# reason we can't use module-loop support in IA-64 and have
+# to do a traditional, purely software-pipelined loop.
+# - We can't replace any of the remaining "add/zxt1" pairs with
+# "padd1" because the latency for that instruction is too high
+# and would push the loop to the point where more bypasses
+# would be needed, which we don't have space for.
+# - The above loop runs at around 3.26 cycles/byte, or roughly
+# 440 MByte/sec on a 1.5GHz Madison. This is well below the
+# system bus bandwidth and hence with judicious use of
+# "lfetch" this loop can run at (almost) peak speed even when
+# the input and output data reside in memory. The
+# max. latency that can be tolerated is (PREFETCH_DISTANCE *
+# L2_LINE_SIZE * 3 cyc), or about 384 cycles assuming (at
+# least) 1-ahead prefetching of 128 byte cache-lines. Note
+# that we do NOT prefetch into L1, since that would only
+# interfere with the S[] table values stored there. This is
+# acceptable because there is a 10 cycle latency between
+# load and first use of the input data.
+# - We use a branch to out-of-line bypass-code of cycle-pressure:
+# we calculate the next J, check for the need to activate the
+# bypass path, and activate the bypass path ALL IN THE SAME
+# CYCLE. If we didn't have these constraints, we could do
+# the bypass with a simple conditional move instruction.
+# Fortunately, the bypass paths get activated relatively
+# infrequently, so the extra branches don't cost all that much
+# (about 0.04 cycles/byte, measured on a 16396 byte file with
+# random input data).
+#
+
+$phases = 4; # number of stages/phases in the pipelined-loop
+$unroll_count = 6; # number of times we unrolled it
+$pComI = (1 << 0);
+$pComJ = (1 << 1);
+$pComT = (1 << 2);
+$pOut = (1 << 3);
+
+$NData = 4;
+$NIP = 3;
+$NJP = 2;
+$NI = 2;
+$NSI = 3;
+$NSJ = 2;
+$NT = 2;
+$NOutWord = 2;
+
+#
+# $threshold is the minimum length before we attempt to use the
+# big software-pipelined loop. It MUST be greater-or-equal
+# to:
+# PHASES * (UNROLL_COUNT + 1) + 7
+#
+# The "+ 7" comes from the fact we may have to encode up to
+# 7 bytes separately before the output pointer is aligned.
+#
+$threshold = (3 * ($phases * ($unroll_count + 1)) + 7);
+
+sub I {
+ local *code = shift;
+ local $format = shift;
+ $code .= sprintf ("\t\t".$format."\n", @_);
+}
+
+sub P {
+ local *code = shift;
+ local $format = shift;
+ $code .= sprintf ($format."\n", @_);
+}
+
+sub STOP {
+ local *code = shift;
+ $code .=<<___;
+ ;;
+___
+}
+
+sub emit_body {
+ local *c = shift;
+ local *bypass = shift;
+ local ($iteration, $p) = @_;
+
+ local $i0 = $iteration;
+ local $i1 = $iteration - 1;
+ local $i2 = $iteration - 2;
+ local $i3 = $iteration - 3;
+ local $iw0 = ($iteration - 3) / 8;
+ local $iw1 = ($iteration > 3) ? ($iteration - 4) / 8 : 1;
+ local $byte_num = ($iteration - 3) % 8;
+ local $label = $iteration + 1;
+ local $pAny = ($p & 0xf) == 0xf;
+ local $pByp = (($p & $pComI) && ($iteration > 0));
+
+ $c.=<<___;
+//////////////////////////////////////////////////
+___
+
+ if (($p & 0xf) == 0) {
+ $c.="#ifdef HOST_IS_BIG_ENDIAN\n";
+ &I(\$c,"shr.u OutWord[%u] = OutWord[%u], 32;;",
+ $iw1 % $NOutWord, $iw1 % $NOutWord);
+ $c.="#endif\n";
+ &I(\$c, "st4 [OutPtr] = OutWord[%u], 4", $iw1 % $NOutWord);
+ return;
+ }
+
+ # Cycle 0
+ &I(\$c, "{ .mmi") if ($pAny);
+ &I(\$c, "ld1 Data[%u] = [InPtr], 1", $i0 % $NData) if ($p & $pComI);
+ &I(\$c, "padd1 I[%u] = One, I[%u]", $i0 % $NI, $i1 % $NI)if ($p & $pComI);
+ &I(\$c, "zxt1 J = J") if ($p & $pComJ);
+ &I(\$c, "}") if ($pAny);
+ &I(\$c, "{ .mmi") if ($pAny);
+ &I(\$c, "LKEY T[%u] = [T[%u]]", $i1 % $NT, $i1 % $NT) if ($p & $pOut);
+ &I(\$c, "add T[%u] = SI[%u], SJ[%u]",
+ $i0 % $NT, $i2 % $NSI, $i1 % $NSJ) if ($p & $pComT);
+ &I(\$c, "KEYADDR(IPr[%u], I[%u])", $i0 % $NIP, $i1 % $NI) if ($p & $pComI);
+ &I(\$c, "}") if ($pAny);
+ &STOP(\$c);
+
+ # Cycle 1
+ &I(\$c, "{ .mmi") if ($pAny);
+ &I(\$c, "SKEY [IPr[%u]] = SJ[%u]", $i2 % $NIP, $i1%$NSJ)if ($p & $pComT);
+ &I(\$c, "SKEY [JP[%u]] = SI[%u]", $i1 % $NJP, $i2%$NSI) if ($p & $pComT);
+ &I(\$c, "zxt1 T[%u] = T[%u]", $i0 % $NT, $i0 % $NT) if ($p & $pComT);
+ &I(\$c, "}") if ($pAny);
+ &I(\$c, "{ .mmi") if ($pAny);
+ &I(\$c, "LKEY SI[%u] = [IPr[%u]]", $i0 % $NSI, $i0%$NIP)if ($p & $pComI);
+ &I(\$c, "KEYADDR(JP[%u], J)", $i0 % $NJP) if ($p & $pComJ);
+ &I(\$c, "xor Data[%u] = Data[%u], T[%u]",
+ $i3 % $NData, $i3 % $NData, $i1 % $NT) if ($p & $pOut);
+ &I(\$c, "}") if ($pAny);
+ &STOP(\$c);
+
+ # Cycle 2
+ &I(\$c, "{ .mmi") if ($pAny);
+ &I(\$c, "LKEY SJ[%u] = [JP[%u]]", $i0 % $NSJ, $i0%$NJP) if ($p & $pComJ);
+ &I(\$c, "cmp.eq pBypass, p0 = I[%u], J", $i1 % $NI) if ($pByp);
+ &I(\$c, "dep OutWord[%u] = Data[%u], OutWord[%u], BYTE_POS(%u), 8",
+ $iw0%$NOutWord, $i3%$NData, $iw1%$NOutWord, $byte_num) if ($p & $pOut);
+ &I(\$c, "}") if ($pAny);
+ &I(\$c, "{ .mmb") if ($pAny);
+ &I(\$c, "add J = J, SI[%u]", $i0 % $NSI) if ($p & $pComI);
+ &I(\$c, "KEYADDR(T[%u], T[%u])", $i0 % $NT, $i0 % $NT) if ($p & $pComT);
+ &P(\$c, "(pBypass)\tbr.cond.spnt.many .rc4Bypass%u",$label)if ($pByp);
+ &I(\$c, "}") if ($pAny);
+ &STOP(\$c);
+
+ &P(\$c, ".rc4Resume%u:", $label) if ($pByp);
+ if ($byte_num == 0 && $iteration >= $phases) {
+ &I(\$c, "st8 [OutPtr] = OutWord[%u], 8",
+ $iw1 % $NOutWord) if ($p & $pOut);
+ if ($iteration == (1 + $unroll_count) * $phases - 1) {
+ if ($unroll_count == 6) {
+ &I(\$c, "mov OutWord[%u] = OutWord[%u]",
+ $iw1 % $NOutWord, $iw0 % $NOutWord);
+ }
+ &I(\$c, "lfetch.nt1 [InPrefetch], %u",
+ $unroll_count * $phases);
+ &I(\$c, "lfetch.excl.nt1 [OutPrefetch], %u",
+ $unroll_count * $phases);
+ &I(\$c, "br.cloop.sptk.few .rc4Loop");
+ }
+ }
+
+ if ($pByp) {
+ &P(\$bypass, ".rc4Bypass%u:", $label);
+ &I(\$bypass, "sub J = J, SI[%u]", $i0 % $NSI);
+ &I(\$bypass, "nop 0");
+ &I(\$bypass, "nop 0");
+ &I(\$bypass, ";;");
+ &I(\$bypass, "add J = J, SI[%u]", $i1 % $NSI);
+ &I(\$bypass, "mov SI[%u] = SI[%u]", $i0 % $NSI, $i1 % $NSI);
+ &I(\$bypass, "br.sptk.many .rc4Resume%u\n", $label);
+ &I(\$bypass, ";;");
+ }
+}
+
+$code=<<___;
+.ident \"rc4-ia64.s, version 3.0\"
+.ident \"Copyright (c) 2005 Hewlett-Packard Development Company, L.P.\"
+
+#define LCSave r8
+#define PRSave r9
+
+/* Inputs become invalid once rotation begins! */
+
+#define StateTable in0
+#define DataLen in1
+#define InputBuffer in2
+#define OutputBuffer in3
+
+#define KTable r14
+#define J r15
+#define InPtr r16
+#define OutPtr r17
+#define InPrefetch r18
+#define OutPrefetch r19
+#define One r20
+#define LoopCount r21
+#define Remainder r22
+#define IFinal r23
+#define EndPtr r24
+
+#define tmp0 r25
+#define tmp1 r26
+
+#define pBypass p6
+#define pDone p7
+#define pSmall p8
+#define pAligned p9
+#define pUnaligned p10
+
+#define pComputeI pPhase[0]
+#define pComputeJ pPhase[1]
+#define pComputeT pPhase[2]
+#define pOutput pPhase[3]
+
+#define RetVal r8
+#define L_OK p7
+#define L_NOK p8
+
+#define _NINPUTS 4
+#define _NOUTPUT 0
+
+#define _NROTATE 24
+#define _NLOCALS (_NROTATE - _NINPUTS - _NOUTPUT)
+
+#ifndef SZ
+# define SZ 4 // this must be set to sizeof(RC4_INT)
+#endif
+
+#if SZ == 1
+# define LKEY ld1
+# define SKEY st1
+# define KEYADDR(dst, i) add dst = i, KTable
+#elif SZ == 2
+# define LKEY ld2
+# define SKEY st2
+# define KEYADDR(dst, i) shladd dst = i, 1, KTable
+#elif SZ == 4
+# define LKEY ld4
+# define SKEY st4
+# define KEYADDR(dst, i) shladd dst = i, 2, KTable
+#else
+# define LKEY ld8
+# define SKEY st8
+# define KEYADDR(dst, i) shladd dst = i, 3, KTable
+#endif
+
+#if defined(_HPUX_SOURCE) && !defined(_LP64)
+# define ADDP addp4
+#else
+# define ADDP add
+#endif
+
+/* Define a macro for the bit number of the n-th byte: */
+
+#if defined(_HPUX_SOURCE) || defined(B_ENDIAN)
+# define HOST_IS_BIG_ENDIAN
+# define BYTE_POS(n) (56 - (8 * (n)))
+#else
+# define BYTE_POS(n) (8 * (n))
+#endif
+
+/*
+ We must perform the first phase of the pipeline explicitly since
+ we will always load from the stable the first time. The br.cexit
+ will never be taken since regardless of the number of bytes because
+ the epilogue count is 4.
+*/
+/* MODSCHED_RC4 macro was split to _PROLOGUE and _LOOP, because HP-UX
+ assembler failed on original macro with syntax error. <appro> */
+#define MODSCHED_RC4_PROLOGUE \\
+ { \\
+ ld1 Data[0] = [InPtr], 1; \\
+ add IFinal = 1, I[1]; \\
+ KEYADDR(IPr[0], I[1]); \\
+ } ;; \\
+ { \\
+ LKEY SI[0] = [IPr[0]]; \\
+ mov pr.rot = 0x10000; \\
+ mov ar.ec = 4; \\
+ } ;; \\
+ { \\
+ add J = J, SI[0]; \\
+ zxt1 I[0] = IFinal; \\
+ br.cexit.spnt.few .+16; /* never taken */ \\
+ } ;;
+#define MODSCHED_RC4_LOOP(label) \\
+label: \\
+ { .mmi; \\
+ (pComputeI) ld1 Data[0] = [InPtr], 1; \\
+ (pComputeI) add IFinal = 1, I[1]; \\
+ (pComputeJ) zxt1 J = J; \\
+ }{ .mmi; \\
+ (pOutput) LKEY T[1] = [T[1]]; \\
+ (pComputeT) add T[0] = SI[2], SJ[1]; \\
+ (pComputeI) KEYADDR(IPr[0], I[1]); \\
+ } ;; \\
+ { .mmi; \\
+ (pComputeT) SKEY [IPr[2]] = SJ[1]; \\
+ (pComputeT) SKEY [JP[1]] = SI[2]; \\
+ (pComputeT) zxt1 T[0] = T[0]; \\
+ }{ .mmi; \\
+ (pComputeI) LKEY SI[0] = [IPr[0]]; \\
+ (pComputeJ) KEYADDR(JP[0], J); \\
+ (pComputeI) cmp.eq.unc pBypass, p0 = I[1], J; \\
+ } ;; \\
+ { .mmi; \\
+ (pComputeJ) LKEY SJ[0] = [JP[0]]; \\
+ (pOutput) xor Data[3] = Data[3], T[1]; \\
+ nop 0x0; \\
+ }{ .mmi; \\
+ (pComputeT) KEYADDR(T[0], T[0]); \\
+ (pBypass) mov SI[0] = SI[1]; \\
+ (pComputeI) zxt1 I[0] = IFinal; \\
+ } ;; \\
+ { .mmb; \\
+ (pOutput) st1 [OutPtr] = Data[3], 1; \\
+ (pComputeI) add J = J, SI[0]; \\
+ br.ctop.sptk.few label; \\
+ } ;;
+
+ .text
+
+ .align 32
+
+ .type RC4, \@function
+ .global RC4
+
+ .proc RC4
+ .prologue
+
+RC4:
+ {
+ .mmi
+ alloc r2 = ar.pfs, _NINPUTS, _NLOCALS, _NOUTPUT, _NROTATE
+
+ .rotr Data[4], I[2], IPr[3], SI[3], JP[2], SJ[2], T[2], \\
+ OutWord[2]
+ .rotp pPhase[4]
+
+ ADDP InPrefetch = 0, InputBuffer
+ ADDP KTable = 0, StateTable
+ }
+ {
+ .mmi
+ ADDP InPtr = 0, InputBuffer
+ ADDP OutPtr = 0, OutputBuffer
+ mov RetVal = r0
+ }
+ ;;
+ {
+ .mmi
+ lfetch.nt1 [InPrefetch], 0x80
+ ADDP OutPrefetch = 0, OutputBuffer
+ }
+ { // Return 0 if the input length is nonsensical
+ .mib
+ ADDP StateTable = 0, StateTable
+ cmp.ge.unc L_NOK, L_OK = r0, DataLen
+ (L_NOK) br.ret.sptk.few rp
+ }
+ ;;
+ {
+ .mib
+ cmp.eq.or L_NOK, L_OK = r0, InPtr
+ cmp.eq.or L_NOK, L_OK = r0, OutPtr
+ nop 0x0
+ }
+ {
+ .mib
+ cmp.eq.or L_NOK, L_OK = r0, StateTable
+ nop 0x0
+ (L_NOK) br.ret.sptk.few rp
+ }
+ ;;
+ LKEY I[1] = [KTable], SZ
+/* Prefetch the state-table. It contains 256 elements of size SZ */
+
+#if SZ == 1
+ ADDP tmp0 = 1*128, StateTable
+#elif SZ == 2
+ ADDP tmp0 = 3*128, StateTable
+ ADDP tmp1 = 2*128, StateTable
+#elif SZ == 4
+ ADDP tmp0 = 7*128, StateTable
+ ADDP tmp1 = 6*128, StateTable
+#elif SZ == 8
+ ADDP tmp0 = 15*128, StateTable
+ ADDP tmp1 = 14*128, StateTable
+#endif
+ ;;
+#if SZ >= 8
+ lfetch.fault.nt1 [tmp0], -256 // 15
+ lfetch.fault.nt1 [tmp1], -256;;
+ lfetch.fault.nt1 [tmp0], -256 // 13
+ lfetch.fault.nt1 [tmp1], -256;;
+ lfetch.fault.nt1 [tmp0], -256 // 11
+ lfetch.fault.nt1 [tmp1], -256;;
+ lfetch.fault.nt1 [tmp0], -256 // 9
+ lfetch.fault.nt1 [tmp1], -256;;
+#endif
+#if SZ >= 4
+ lfetch.fault.nt1 [tmp0], -256 // 7
+ lfetch.fault.nt1 [tmp1], -256;;
+ lfetch.fault.nt1 [tmp0], -256 // 5
+ lfetch.fault.nt1 [tmp1], -256;;
+#endif
+#if SZ >= 2
+ lfetch.fault.nt1 [tmp0], -256 // 3
+ lfetch.fault.nt1 [tmp1], -256;;
+#endif
+ {
+ .mii
+ lfetch.fault.nt1 [tmp0] // 1
+ add I[1]=1,I[1];;
+ zxt1 I[1]=I[1]
+ }
+ {
+ .mmi
+ lfetch.nt1 [InPrefetch], 0x80
+ lfetch.excl.nt1 [OutPrefetch], 0x80
+ .save pr, PRSave
+ mov PRSave = pr
+ } ;;
+ {
+ .mmi
+ lfetch.excl.nt1 [OutPrefetch], 0x80
+ LKEY J = [KTable], SZ
+ ADDP EndPtr = DataLen, InPtr
+ } ;;
+ {
+ .mmi
+ ADDP EndPtr = -1, EndPtr // Make it point to
+ // last data byte.
+ mov One = 1
+ .save ar.lc, LCSave
+ mov LCSave = ar.lc
+ .body
+ } ;;
+ {
+ .mmb
+ sub Remainder = 0, OutPtr
+ cmp.gtu pSmall, p0 = $threshold, DataLen
+(pSmall) br.cond.dpnt .rc4Remainder // Data too small for
+ // big loop.
+ } ;;
+ {
+ .mmi
+ and Remainder = 0x7, Remainder
+ ;;
+ cmp.eq pAligned, pUnaligned = Remainder, r0
+ nop 0x0
+ } ;;
+ {
+ .mmb
+.pred.rel "mutex",pUnaligned,pAligned
+(pUnaligned) add Remainder = -1, Remainder
+(pAligned) sub Remainder = EndPtr, InPtr
+(pAligned) br.cond.dptk.many .rc4Aligned
+ } ;;
+ {
+ .mmi
+ nop 0x0
+ nop 0x0
+ mov.i ar.lc = Remainder
+ }
+
+/* Do the initial few bytes via the compact, modulo-scheduled loop
+ until the output pointer is 8-byte-aligned. */
+
+ MODSCHED_RC4_PROLOGUE
+ MODSCHED_RC4_LOOP(.RC4AlignLoop)
+
+ {
+ .mib
+ sub Remainder = EndPtr, InPtr
+ zxt1 IFinal = IFinal
+ clrrrb // Clear CFM.rrb.pr so
+ ;; // next "mov pr.rot = N"
+ // does the right thing.
+ }
+ {
+ .mmi
+ mov I[1] = IFinal
+ nop 0x0
+ nop 0x0
+ } ;;
+
+
+.rc4Aligned:
+
+/*
+ Unrolled loop count = (Remainder - ($unroll_count+1)*$phases)/($unroll_count*$phases)
+ */
+
+ {
+ .mlx
+ add LoopCount = 1 - ($unroll_count + 1)*$phases, Remainder
+ movl Remainder = 0xaaaaaaaaaaaaaaab
+ } ;;
+ {
+ .mmi
+ setf.sig f6 = LoopCount // M2, M3 6 cyc
+ setf.sig f7 = Remainder // M2, M3 6 cyc
+ nop 0x0
+ } ;;
+ {
+ .mfb
+ nop 0x0
+ xmpy.hu f6 = f6, f7
+ nop 0x0
+ } ;;
+ {
+ .mmi
+ getf.sig LoopCount = f6;; // M2 5 cyc
+ nop 0x0
+ shr.u LoopCount = LoopCount, 4
+ } ;;
+ {
+ .mmi
+ nop 0x0
+ nop 0x0
+ mov.i ar.lc = LoopCount
+ } ;;
+
+/* Now comes the unrolled loop: */
+
+.rc4Prologue:
+___
+
+$iteration = 0;
+
+# Generate the prologue:
+$predicates = 1;
+for ($i = 0; $i < $phases; ++$i) {
+ &emit_body (\$code, \$bypass, $iteration++, $predicates);
+ $predicates = ($predicates << 1) | 1;
+}
+
+$code.=<<___;
+.rc4Loop:
+___
+
+# Generate the body:
+for ($i = 0; $i < $unroll_count*$phases; ++$i) {
+ &emit_body (\$code, \$bypass, $iteration++, $predicates);
+}
+
+$code.=<<___;
+.rc4Epilogue:
+___
+
+# Generate the epilogue:
+for ($i = 0; $i < $phases; ++$i) {
+ $predicates <<= 1;
+ &emit_body (\$code, \$bypass, $iteration++, $predicates);
+}
+
+$code.=<<___;
+ {
+ .mmi
+ lfetch.nt1 [EndPtr] // fetch line with last byte
+ mov IFinal = I[1]
+ nop 0x0
+ }
+
+.rc4Remainder:
+ {
+ .mmi
+ sub Remainder = EndPtr, InPtr // Calculate
+ // # of bytes
+ // left - 1
+ nop 0x0
+ nop 0x0
+ } ;;
+ {
+ .mib
+ cmp.eq pDone, p0 = -1, Remainder // done already?
+ mov.i ar.lc = Remainder
+(pDone) br.cond.dptk.few .rc4Complete
+ }
+
+/* Do the remaining bytes via the compact, modulo-scheduled loop */
+
+ MODSCHED_RC4_PROLOGUE
+ MODSCHED_RC4_LOOP(.RC4RestLoop)
+
+.rc4Complete:
+ {
+ .mmi
+ add KTable = -SZ, KTable
+ add IFinal = -1, IFinal
+ mov ar.lc = LCSave
+ } ;;
+ {
+ .mii
+ SKEY [KTable] = J,-SZ
+ zxt1 IFinal = IFinal
+ mov pr = PRSave, 0x1FFFF
+ } ;;
+ {
+ .mib
+ SKEY [KTable] = IFinal
+ add RetVal = 1, r0
+ br.ret.sptk.few rp
+ } ;;
+___
+
+# Last but not least, emit the code for the bypass-code of the unrolled loop:
+
+$code.=$bypass;
+
+$code.=<<___;
+ .endp RC4
+___
+
+print $code;
Copied: trunk/crypto/openssl/crypto/rc4/asm/rc4-md5-x86_64.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/rc4/asm/rc4-md5-x86_64.pl)
===================================================================
--- trunk/crypto/openssl/crypto/rc4/asm/rc4-md5-x86_64.pl (rev 0)
+++ trunk/crypto/openssl/crypto/rc4/asm/rc4-md5-x86_64.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,632 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# June 2011
+#
+# This is RC4+MD5 "stitch" implementation. The idea, as spelled in
+# http://download.intel.com/design/intarch/papers/323686.pdf, is that
+# since both algorithms exhibit instruction-level parallelism, ILP,
+# below theoretical maximum, interleaving them would allow to utilize
+# processor resources better and achieve better performance. RC4
+# instruction sequence is virtually identical to rc4-x86_64.pl, which
+# is heavily based on submission by Maxim Perminov, Maxim Locktyukhin
+# and Jim Guilford of Intel. MD5 is fresh implementation aiming to
+# minimize register usage, which was used as "main thread" with RC4
+# weaved into it, one RC4 round per one MD5 round. In addition to the
+# stiched subroutine the script can generate standalone replacement
+# md5_block_asm_data_order and RC4. Below are performance numbers in
+# cycles per processed byte, less is better, for these the standalone
+# subroutines, sum of them, and stitched one:
+#
+# RC4 MD5 RC4+MD5 stitch gain
+# Opteron 6.5(*) 5.4 11.9 7.0 +70%(*)
+# Core2 6.5 5.8 12.3 7.7 +60%
+# Westmere 4.3 5.2 9.5 7.0 +36%
+# Sandy Bridge 4.2 5.5 9.7 6.8 +43%
+# Atom 9.3 6.5 15.8 11.1 +42%
+#
+# (*) rc4-x86_64.pl delivers 5.3 on Opteron, so real improvement
+# is +53%...
+
+my ($rc4,$md5)=(1,1); # what to generate?
+my $D="#" if (!$md5); # if set to "#", MD5 is stitched into RC4(),
+ # but its result is discarded. Idea here is
+ # to be able to use 'openssl speed rc4' for
+ # benchmarking the stitched subroutine...
+
+my $flavour = shift;
+my $output = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+
+my $win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; my $dir=$1; my $xlate;
+( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
+die "can't locate x86_64-xlate.pl";
+
+open OUT,"| \"$^X\" $xlate $flavour $output";
+*STDOUT=*OUT;
+
+my ($dat,$in0,$out,$ctx,$inp,$len, $func,$nargs);
+
+if ($rc4 && !$md5) {
+ ($dat,$len,$in0,$out) = ("%rdi","%rsi","%rdx","%rcx");
+ $func="RC4"; $nargs=4;
+} elsif ($md5 && !$rc4) {
+ ($ctx,$inp,$len) = ("%rdi","%rsi","%rdx");
+ $func="md5_block_asm_data_order"; $nargs=3;
+} else {
+ ($dat,$in0,$out,$ctx,$inp,$len) = ("%rdi","%rsi","%rdx","%rcx","%r8","%r9");
+ $func="rc4_md5_enc"; $nargs=6;
+ # void rc4_md5_enc(
+ # RC4_KEY *key, #
+ # const void *in0, # RC4 input
+ # void *out, # RC4 output
+ # MD5_CTX *ctx, #
+ # const void *inp, # MD5 input
+ # size_t len); # number of 64-byte blocks
+}
+
+my @K=( 0xd76aa478,0xe8c7b756,0x242070db,0xc1bdceee,
+ 0xf57c0faf,0x4787c62a,0xa8304613,0xfd469501,
+ 0x698098d8,0x8b44f7af,0xffff5bb1,0x895cd7be,
+ 0x6b901122,0xfd987193,0xa679438e,0x49b40821,
+
+ 0xf61e2562,0xc040b340,0x265e5a51,0xe9b6c7aa,
+ 0xd62f105d,0x02441453,0xd8a1e681,0xe7d3fbc8,
+ 0x21e1cde6,0xc33707d6,0xf4d50d87,0x455a14ed,
+ 0xa9e3e905,0xfcefa3f8,0x676f02d9,0x8d2a4c8a,
+
+ 0xfffa3942,0x8771f681,0x6d9d6122,0xfde5380c,
+ 0xa4beea44,0x4bdecfa9,0xf6bb4b60,0xbebfbc70,
+ 0x289b7ec6,0xeaa127fa,0xd4ef3085,0x04881d05,
+ 0xd9d4d039,0xe6db99e5,0x1fa27cf8,0xc4ac5665,
+
+ 0xf4292244,0x432aff97,0xab9423a7,0xfc93a039,
+ 0x655b59c3,0x8f0ccc92,0xffeff47d,0x85845dd1,
+ 0x6fa87e4f,0xfe2ce6e0,0xa3014314,0x4e0811a1,
+ 0xf7537e82,0xbd3af235,0x2ad7d2bb,0xeb86d391 );
+
+my @V=("%r8d","%r9d","%r10d","%r11d"); # MD5 registers
+my $tmp="%r12d";
+
+my @XX=("%rbp","%rsi"); # RC4 registers
+my @TX=("%rax","%rbx");
+my $YY="%rcx";
+my $TY="%rdx";
+
+my $MOD=32; # 16, 32 or 64
+
+$code.=<<___;
+.text
+.align 16
+
+.globl $func
+.type $func,\@function,$nargs
+$func:
+ cmp \$0,$len
+ je .Labort
+ push %rbx
+ push %rbp
+ push %r12
+ push %r13
+ push %r14
+ push %r15
+ sub \$40,%rsp
+.Lbody:
+___
+if ($rc4) {
+$code.=<<___;
+$D#md5# mov $ctx,%r11 # reassign arguments
+ mov $len,%r12
+ mov $in0,%r13
+ mov $out,%r14
+$D#md5# mov $inp,%r15
+___
+ $ctx="%r11" if ($md5); # reassign arguments
+ $len="%r12";
+ $in0="%r13";
+ $out="%r14";
+ $inp="%r15" if ($md5);
+ $inp=$in0 if (!$md5);
+$code.=<<___;
+ xor $XX[0],$XX[0]
+ xor $YY,$YY
+
+ lea 8($dat),$dat
+ mov -8($dat),$XX[0]#b
+ mov -4($dat),$YY#b
+
+ inc $XX[0]#b
+ sub $in0,$out
+ movl ($dat,$XX[0],4),$TX[0]#d
+___
+$code.=<<___ if (!$md5);
+ xor $TX[1],$TX[1]
+ test \$-128,$len
+ jz .Loop1
+ sub $XX[0],$TX[1]
+ and \$`$MOD-1`,$TX[1]
+ jz .Loop${MOD}_is_hot
+ sub $TX[1],$len
+.Loop${MOD}_warmup:
+ add $TX[0]#b,$YY#b
+ movl ($dat,$YY,4),$TY#d
+ movl $TX[0]#d,($dat,$YY,4)
+ movl $TY#d,($dat,$XX[0],4)
+ add $TY#b,$TX[0]#b
+ inc $XX[0]#b
+ movl ($dat,$TX[0],4),$TY#d
+ movl ($dat,$XX[0],4),$TX[0]#d
+ xorb ($in0),$TY#b
+ movb $TY#b,($out,$in0)
+ lea 1($in0),$in0
+ dec $TX[1]
+ jnz .Loop${MOD}_warmup
+
+ mov $YY,$TX[1]
+ xor $YY,$YY
+ mov $TX[1]#b,$YY#b
+
+.Loop${MOD}_is_hot:
+ mov $len,32(%rsp) # save original $len
+ shr \$6,$len # number of 64-byte blocks
+___
+ if ($D && !$md5) { # stitch in dummy MD5
+ $md5=1;
+ $ctx="%r11";
+ $inp="%r15";
+ $code.=<<___;
+ mov %rsp,$ctx
+ mov $in0,$inp
+___
+ }
+}
+$code.=<<___;
+#rc4# add $TX[0]#b,$YY#b
+#rc4# lea ($dat,$XX[0],4),$XX[1]
+ shl \$6,$len
+ add $inp,$len # pointer to the end of input
+ mov $len,16(%rsp)
+
+#md5# mov $ctx,24(%rsp) # save pointer to MD5_CTX
+#md5# mov 0*4($ctx),$V[0] # load current hash value from MD5_CTX
+#md5# mov 1*4($ctx),$V[1]
+#md5# mov 2*4($ctx),$V[2]
+#md5# mov 3*4($ctx),$V[3]
+ jmp .Loop
+
+.align 16
+.Loop:
+#md5# mov $V[0],0*4(%rsp) # put aside current hash value
+#md5# mov $V[1],1*4(%rsp)
+#md5# mov $V[2],2*4(%rsp)
+#md5# mov $V[3],$tmp # forward reference
+#md5# mov $V[3],3*4(%rsp)
+___
+
+sub R0 {
+ my ($i,$a,$b,$c,$d)=@_;
+ my @rot0=(7,12,17,22);
+ my $j=$i%16;
+ my $k=$i%$MOD;
+ my $xmm="%xmm".($j&1);
+ $code.=" movdqu ($in0),%xmm2\n" if ($rc4 && $j==15);
+ $code.=" add \$$MOD,$XX[0]#b\n" if ($rc4 && $j==15 && $k==$MOD-1);
+ $code.=" pxor $xmm,$xmm\n" if ($rc4 && $j<=1);
+ $code.=<<___;
+#rc4# movl ($dat,$YY,4),$TY#d
+#md5# xor $c,$tmp
+#rc4# movl $TX[0]#d,($dat,$YY,4)
+#md5# and $b,$tmp
+#md5# add 4*`$j`($inp),$a
+#rc4# add $TY#b,$TX[0]#b
+#rc4# movl `4*(($k+1)%$MOD)`(`$k==$MOD-1?"$dat,$XX[0],4":"$XX[1]"`),$TX[1]#d
+#md5# add \$$K[$i],$a
+#md5# xor $d,$tmp
+#rc4# movz $TX[0]#b,$TX[0]#d
+#rc4# movl $TY#d,4*$k($XX[1])
+#md5# add $tmp,$a
+#rc4# add $TX[1]#b,$YY#b
+#md5# rol \$$rot0[$j%4],$a
+#md5# mov `$j==15?"$b":"$c"`,$tmp # forward reference
+#rc4# pinsrw \$`($j>>1)&7`,($dat,$TX[0],4),$xmm\n
+#md5# add $b,$a
+___
+ $code.=<<___ if ($rc4 && $j==15 && $k==$MOD-1);
+ mov $YY,$XX[1]
+ xor $YY,$YY # keyword to partial register
+ mov $XX[1]#b,$YY#b
+ lea ($dat,$XX[0],4),$XX[1]
+___
+ $code.=<<___ if ($rc4 && $j==15);
+ psllq \$8,%xmm1
+ pxor %xmm0,%xmm2
+ pxor %xmm1,%xmm2
+___
+}
+sub R1 {
+ my ($i,$a,$b,$c,$d)=@_;
+ my @rot1=(5,9,14,20);
+ my $j=$i%16;
+ my $k=$i%$MOD;
+ my $xmm="%xmm".($j&1);
+ $code.=" movdqu 16($in0),%xmm3\n" if ($rc4 && $j==15);
+ $code.=" add \$$MOD,$XX[0]#b\n" if ($rc4 && $j==15 && $k==$MOD-1);
+ $code.=" pxor $xmm,$xmm\n" if ($rc4 && $j<=1);
+ $code.=<<___;
+#rc4# movl ($dat,$YY,4),$TY#d
+#md5# xor $b,$tmp
+#rc4# movl $TX[0]#d,($dat,$YY,4)
+#md5# and $d,$tmp
+#md5# add 4*`((1+5*$j)%16)`($inp),$a
+#rc4# add $TY#b,$TX[0]#b
+#rc4# movl `4*(($k+1)%$MOD)`(`$k==$MOD-1?"$dat,$XX[0],4":"$XX[1]"`),$TX[1]#d
+#md5# add \$$K[$i],$a
+#md5# xor $c,$tmp
+#rc4# movz $TX[0]#b,$TX[0]#d
+#rc4# movl $TY#d,4*$k($XX[1])
+#md5# add $tmp,$a
+#rc4# add $TX[1]#b,$YY#b
+#md5# rol \$$rot1[$j%4],$a
+#md5# mov `$j==15?"$c":"$b"`,$tmp # forward reference
+#rc4# pinsrw \$`($j>>1)&7`,($dat,$TX[0],4),$xmm\n
+#md5# add $b,$a
+___
+ $code.=<<___ if ($rc4 && $j==15 && $k==$MOD-1);
+ mov $YY,$XX[1]
+ xor $YY,$YY # keyword to partial register
+ mov $XX[1]#b,$YY#b
+ lea ($dat,$XX[0],4),$XX[1]
+___
+ $code.=<<___ if ($rc4 && $j==15);
+ psllq \$8,%xmm1
+ pxor %xmm0,%xmm3
+ pxor %xmm1,%xmm3
+___
+}
+sub R2 {
+ my ($i,$a,$b,$c,$d)=@_;
+ my @rot2=(4,11,16,23);
+ my $j=$i%16;
+ my $k=$i%$MOD;
+ my $xmm="%xmm".($j&1);
+ $code.=" movdqu 32($in0),%xmm4\n" if ($rc4 && $j==15);
+ $code.=" add \$$MOD,$XX[0]#b\n" if ($rc4 && $j==15 && $k==$MOD-1);
+ $code.=" pxor $xmm,$xmm\n" if ($rc4 && $j<=1);
+ $code.=<<___;
+#rc4# movl ($dat,$YY,4),$TY#d
+#md5# xor $c,$tmp
+#rc4# movl $TX[0]#d,($dat,$YY,4)
+#md5# xor $b,$tmp
+#md5# add 4*`((5+3*$j)%16)`($inp),$a
+#rc4# add $TY#b,$TX[0]#b
+#rc4# movl `4*(($k+1)%$MOD)`(`$k==$MOD-1?"$dat,$XX[0],4":"$XX[1]"`),$TX[1]#d
+#md5# add \$$K[$i],$a
+#rc4# movz $TX[0]#b,$TX[0]#d
+#md5# add $tmp,$a
+#rc4# movl $TY#d,4*$k($XX[1])
+#rc4# add $TX[1]#b,$YY#b
+#md5# rol \$$rot2[$j%4],$a
+#md5# mov `$j==15?"\\\$-1":"$c"`,$tmp # forward reference
+#rc4# pinsrw \$`($j>>1)&7`,($dat,$TX[0],4),$xmm\n
+#md5# add $b,$a
+___
+ $code.=<<___ if ($rc4 && $j==15 && $k==$MOD-1);
+ mov $YY,$XX[1]
+ xor $YY,$YY # keyword to partial register
+ mov $XX[1]#b,$YY#b
+ lea ($dat,$XX[0],4),$XX[1]
+___
+ $code.=<<___ if ($rc4 && $j==15);
+ psllq \$8,%xmm1
+ pxor %xmm0,%xmm4
+ pxor %xmm1,%xmm4
+___
+}
+sub R3 {
+ my ($i,$a,$b,$c,$d)=@_;
+ my @rot3=(6,10,15,21);
+ my $j=$i%16;
+ my $k=$i%$MOD;
+ my $xmm="%xmm".($j&1);
+ $code.=" movdqu 48($in0),%xmm5\n" if ($rc4 && $j==15);
+ $code.=" add \$$MOD,$XX[0]#b\n" if ($rc4 && $j==15 && $k==$MOD-1);
+ $code.=" pxor $xmm,$xmm\n" if ($rc4 && $j<=1);
+ $code.=<<___;
+#rc4# movl ($dat,$YY,4),$TY#d
+#md5# xor $d,$tmp
+#rc4# movl $TX[0]#d,($dat,$YY,4)
+#md5# or $b,$tmp
+#md5# add 4*`((7*$j)%16)`($inp),$a
+#rc4# add $TY#b,$TX[0]#b
+#rc4# movl `4*(($k+1)%$MOD)`(`$k==$MOD-1?"$dat,$XX[0],4":"$XX[1]"`),$TX[1]#d
+#md5# add \$$K[$i],$a
+#rc4# movz $TX[0]#b,$TX[0]#d
+#md5# xor $c,$tmp
+#rc4# movl $TY#d,4*$k($XX[1])
+#md5# add $tmp,$a
+#rc4# add $TX[1]#b,$YY#b
+#md5# rol \$$rot3[$j%4],$a
+#md5# mov \$-1,$tmp # forward reference
+#rc4# pinsrw \$`($j>>1)&7`,($dat,$TX[0],4),$xmm\n
+#md5# add $b,$a
+___
+ $code.=<<___ if ($rc4 && $j==15);
+ mov $XX[0],$XX[1]
+ xor $XX[0],$XX[0] # keyword to partial register
+ mov $XX[1]#b,$XX[0]#b
+ mov $YY,$XX[1]
+ xor $YY,$YY # keyword to partial register
+ mov $XX[1]#b,$YY#b
+ lea ($dat,$XX[0],4),$XX[1]
+ psllq \$8,%xmm1
+ pxor %xmm0,%xmm5
+ pxor %xmm1,%xmm5
+___
+}
+
+my $i=0;
+for(;$i<16;$i++) { R0($i, at V); unshift(@V,pop(@V)); push(@TX,shift(@TX)); }
+for(;$i<32;$i++) { R1($i, at V); unshift(@V,pop(@V)); push(@TX,shift(@TX)); }
+for(;$i<48;$i++) { R2($i, at V); unshift(@V,pop(@V)); push(@TX,shift(@TX)); }
+for(;$i<64;$i++) { R3($i, at V); unshift(@V,pop(@V)); push(@TX,shift(@TX)); }
+
+$code.=<<___;
+#md5# add 0*4(%rsp),$V[0] # accumulate hash value
+#md5# add 1*4(%rsp),$V[1]
+#md5# add 2*4(%rsp),$V[2]
+#md5# add 3*4(%rsp),$V[3]
+
+#rc4# movdqu %xmm2,($out,$in0) # write RC4 output
+#rc4# movdqu %xmm3,16($out,$in0)
+#rc4# movdqu %xmm4,32($out,$in0)
+#rc4# movdqu %xmm5,48($out,$in0)
+#md5# lea 64($inp),$inp
+#rc4# lea 64($in0),$in0
+ cmp 16(%rsp),$inp # are we done?
+ jb .Loop
+
+#md5# mov 24(%rsp),$len # restore pointer to MD5_CTX
+#rc4# sub $TX[0]#b,$YY#b # correct $YY
+#md5# mov $V[0],0*4($len) # write MD5_CTX
+#md5# mov $V[1],1*4($len)
+#md5# mov $V[2],2*4($len)
+#md5# mov $V[3],3*4($len)
+___
+$code.=<<___ if ($rc4 && (!$md5 || $D));
+ mov 32(%rsp),$len # restore original $len
+ and \$63,$len # remaining bytes
+ jnz .Loop1
+ jmp .Ldone
+
+.align 16
+.Loop1:
+ add $TX[0]#b,$YY#b
+ movl ($dat,$YY,4),$TY#d
+ movl $TX[0]#d,($dat,$YY,4)
+ movl $TY#d,($dat,$XX[0],4)
+ add $TY#b,$TX[0]#b
+ inc $XX[0]#b
+ movl ($dat,$TX[0],4),$TY#d
+ movl ($dat,$XX[0],4),$TX[0]#d
+ xorb ($in0),$TY#b
+ movb $TY#b,($out,$in0)
+ lea 1($in0),$in0
+ dec $len
+ jnz .Loop1
+
+.Ldone:
+___
+$code.=<<___;
+#rc4# sub \$1,$XX[0]#b
+#rc4# movl $XX[0]#d,-8($dat)
+#rc4# movl $YY#d,-4($dat)
+
+ mov 40(%rsp),%r15
+ mov 48(%rsp),%r14
+ mov 56(%rsp),%r13
+ mov 64(%rsp),%r12
+ mov 72(%rsp),%rbp
+ mov 80(%rsp),%rbx
+ lea 88(%rsp),%rsp
+.Lepilogue:
+.Labort:
+ ret
+.size $func,.-$func
+___
+
+if ($rc4 && $D) { # sole purpose of this section is to provide
+ # option to use the generated module as drop-in
+ # replacement for rc4-x86_64.pl for debugging
+ # and testing purposes...
+my ($idx,$ido)=("%r8","%r9");
+my ($dat,$len,$inp)=("%rdi","%rsi","%rdx");
+
+$code.=<<___;
+.globl RC4_set_key
+.type RC4_set_key,\@function,3
+.align 16
+RC4_set_key:
+ lea 8($dat),$dat
+ lea ($inp,$len),$inp
+ neg $len
+ mov $len,%rcx
+ xor %eax,%eax
+ xor $ido,$ido
+ xor %r10,%r10
+ xor %r11,%r11
+ jmp .Lw1stloop
+
+.align 16
+.Lw1stloop:
+ mov %eax,($dat,%rax,4)
+ add \$1,%al
+ jnc .Lw1stloop
+
+ xor $ido,$ido
+ xor $idx,$idx
+.align 16
+.Lw2ndloop:
+ mov ($dat,$ido,4),%r10d
+ add ($inp,$len,1),$idx#b
+ add %r10b,$idx#b
+ add \$1,$len
+ mov ($dat,$idx,4),%r11d
+ cmovz %rcx,$len
+ mov %r10d,($dat,$idx,4)
+ mov %r11d,($dat,$ido,4)
+ add \$1,$ido#b
+ jnc .Lw2ndloop
+
+ xor %eax,%eax
+ mov %eax,-8($dat)
+ mov %eax,-4($dat)
+ ret
+.size RC4_set_key,.-RC4_set_key
+
+.globl RC4_options
+.type RC4_options,\@abi-omnipotent
+.align 16
+RC4_options:
+ lea .Lopts(%rip),%rax
+ ret
+.align 64
+.Lopts:
+.asciz "rc4(64x,int)"
+.align 64
+.size RC4_options,.-RC4_options
+___
+}
+# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
+# CONTEXT *context,DISPATCHER_CONTEXT *disp)
+if ($win64) {
+my $rec="%rcx";
+my $frame="%rdx";
+my $context="%r8";
+my $disp="%r9";
+
+$code.=<<___;
+.extern __imp_RtlVirtualUnwind
+.type se_handler,\@abi-omnipotent
+.align 16
+se_handler:
+ push %rsi
+ push %rdi
+ push %rbx
+ push %rbp
+ push %r12
+ push %r13
+ push %r14
+ push %r15
+ pushfq
+ sub \$64,%rsp
+
+ mov 120($context),%rax # pull context->Rax
+ mov 248($context),%rbx # pull context->Rip
+
+ lea .Lbody(%rip),%r10
+ cmp %r10,%rbx # context->Rip<.Lbody
+ jb .Lin_prologue
+
+ mov 152($context),%rax # pull context->Rsp
+
+ lea .Lepilogue(%rip),%r10
+ cmp %r10,%rbx # context->Rip>=.Lepilogue
+ jae .Lin_prologue
+
+ mov 40(%rax),%r15
+ mov 48(%rax),%r14
+ mov 56(%rax),%r13
+ mov 64(%rax),%r12
+ mov 72(%rax),%rbp
+ mov 80(%rax),%rbx
+ lea 88(%rax),%rax
+
+ mov %rbx,144($context) # restore context->Rbx
+ mov %rbp,160($context) # restore context->Rbp
+ mov %r12,216($context) # restore context->R12
+ mov %r13,224($context) # restore context->R12
+ mov %r14,232($context) # restore context->R14
+ mov %r15,240($context) # restore context->R15
+
+.Lin_prologue:
+ mov 8(%rax),%rdi
+ mov 16(%rax),%rsi
+ mov %rax,152($context) # restore context->Rsp
+ mov %rsi,168($context) # restore context->Rsi
+ mov %rdi,176($context) # restore context->Rdi
+
+ mov 40($disp),%rdi # disp->ContextRecord
+ mov $context,%rsi # context
+ mov \$154,%ecx # sizeof(CONTEXT)
+ .long 0xa548f3fc # cld; rep movsq
+
+ mov $disp,%rsi
+ xor %rcx,%rcx # arg1, UNW_FLAG_NHANDLER
+ mov 8(%rsi),%rdx # arg2, disp->ImageBase
+ mov 0(%rsi),%r8 # arg3, disp->ControlPc
+ mov 16(%rsi),%r9 # arg4, disp->FunctionEntry
+ mov 40(%rsi),%r10 # disp->ContextRecord
+ lea 56(%rsi),%r11 # &disp->HandlerData
+ lea 24(%rsi),%r12 # &disp->EstablisherFrame
+ mov %r10,32(%rsp) # arg5
+ mov %r11,40(%rsp) # arg6
+ mov %r12,48(%rsp) # arg7
+ mov %rcx,56(%rsp) # arg8, (NULL)
+ call *__imp_RtlVirtualUnwind(%rip)
+
+ mov \$1,%eax # ExceptionContinueSearch
+ add \$64,%rsp
+ popfq
+ pop %r15
+ pop %r14
+ pop %r13
+ pop %r12
+ pop %rbp
+ pop %rbx
+ pop %rdi
+ pop %rsi
+ ret
+.size se_handler,.-se_handler
+
+.section .pdata
+.align 4
+ .rva .LSEH_begin_$func
+ .rva .LSEH_end_$func
+ .rva .LSEH_info_$func
+
+.section .xdata
+.align 8
+.LSEH_info_$func:
+ .byte 9,0,0,0
+ .rva se_handler
+___
+}
+
+sub reg_part {
+my ($reg,$conv)=@_;
+ if ($reg =~ /%r[0-9]+/) { $reg .= $conv; }
+ elsif ($conv eq "b") { $reg =~ s/%[er]([^x]+)x?/%$1l/; }
+ elsif ($conv eq "w") { $reg =~ s/%[er](.+)/%$1/; }
+ elsif ($conv eq "d") { $reg =~ s/%[er](.+)/%e$1/; }
+ return $reg;
+}
+
+$code =~ s/(%[a-z0-9]+)#([bwd])/reg_part($1,$2)/gem;
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+$code =~ s/pinsrw\s+\$0,/movd /gm;
+
+$code =~ s/#md5#//gm if ($md5);
+$code =~ s/#rc4#//gm if ($rc4);
+
+print $code;
+
+close STDOUT;
Copied: trunk/crypto/openssl/crypto/rc4/asm/rc4-parisc.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/rc4/asm/rc4-parisc.pl)
===================================================================
--- trunk/crypto/openssl/crypto/rc4/asm/rc4-parisc.pl (rev 0)
+++ trunk/crypto/openssl/crypto/rc4/asm/rc4-parisc.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,314 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# RC4 for PA-RISC.
+
+# June 2009.
+#
+# Performance is 33% better than gcc 3.2 generated code on PA-7100LC.
+# For reference, [4x] unrolled loop is >40% faster than folded one.
+# It's possible to unroll loop 8 times on PA-RISC 2.0, but improvement
+# is believed to be not sufficient to justify the effort...
+#
+# Special thanks to polarhome.com for providing HP-UX account.
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+
+$flavour = shift;
+$output = shift;
+open STDOUT,">$output";
+
+if ($flavour =~ /64/) {
+ $LEVEL ="2.0W";
+ $SIZE_T =8;
+ $FRAME_MARKER =80;
+ $SAVED_RP =16;
+ $PUSH ="std";
+ $PUSHMA ="std,ma";
+ $POP ="ldd";
+ $POPMB ="ldd,mb";
+} else {
+ $LEVEL ="1.0";
+ $SIZE_T =4;
+ $FRAME_MARKER =48;
+ $SAVED_RP =20;
+ $PUSH ="stw";
+ $PUSHMA ="stwm";
+ $POP ="ldw";
+ $POPMB ="ldwm";
+}
+
+$FRAME=4*$SIZE_T+$FRAME_MARKER; # 4 saved regs + frame marker
+ # [+ argument transfer]
+$SZ=1; # defaults to RC4_CHAR
+if (open CONF,"<${dir}../../opensslconf.h") {
+ while(<CONF>) {
+ if (m/#\s*define\s+RC4_INT\s+(.*)/) {
+ $SZ = ($1=~/char$/) ? 1 : 4;
+ last;
+ }
+ }
+ close CONF;
+}
+
+if ($SZ==1) { # RC4_CHAR
+ $LD="ldb";
+ $LDX="ldbx";
+ $MKX="addl";
+ $ST="stb";
+} else { # RC4_INT (~5% faster than RC4_CHAR on PA-7100LC)
+ $LD="ldw";
+ $LDX="ldwx,s";
+ $MKX="sh2addl";
+ $ST="stw";
+}
+
+$key="%r26";
+$len="%r25";
+$inp="%r24";
+$out="%r23";
+
+ at XX=("%r19","%r20");
+ at TX=("%r21","%r22");
+$YY="%r28";
+$TY="%r29";
+
+$acc="%r1";
+$ix="%r2";
+$iy="%r3";
+$dat0="%r4";
+$dat1="%r5";
+$rem="%r6";
+$mask="%r31";
+
+sub unrolledloopbody {
+for ($i=0;$i<4;$i++) {
+$code.=<<___;
+ ldo 1($XX[0]),$XX[1]
+ `sprintf("$LDX %$TY(%$key),%$dat1") if ($i>0)`
+ and $mask,$XX[1],$XX[1]
+ $LDX $YY($key),$TY
+ $MKX $YY,$key,$ix
+ $LDX $XX[1]($key),$TX[1]
+ $MKX $XX[0],$key,$iy
+ $ST $TX[0],0($ix)
+ comclr,<> $XX[1],$YY,%r0 ; conditional
+ copy $TX[0],$TX[1] ; move
+ `sprintf("%sdep %$dat1,%d,8,%$acc",$i==1?"z":"",8*($i-1)+7) if ($i>0)`
+ $ST $TY,0($iy)
+ addl $TX[0],$TY,$TY
+ addl $TX[1],$YY,$YY
+ and $mask,$TY,$TY
+ and $mask,$YY,$YY
+___
+push(@TX,shift(@TX)); push(@XX,shift(@XX)); # "rotate" registers
+} }
+
+sub foldedloop {
+my ($label,$count)=@_;
+$code.=<<___;
+$label
+ $MKX $YY,$key,$iy
+ $LDX $YY($key),$TY
+ $MKX $XX[0],$key,$ix
+ $ST $TX[0],0($iy)
+ ldo 1($XX[0]),$XX[0]
+ $ST $TY,0($ix)
+ addl $TX[0],$TY,$TY
+ ldbx $inp($out),$dat1
+ and $mask,$TY,$TY
+ and $mask,$XX[0],$XX[0]
+ $LDX $TY($key),$acc
+ $LDX $XX[0]($key),$TX[0]
+ ldo 1($out),$out
+ xor $dat1,$acc,$acc
+ addl $TX[0],$YY,$YY
+ stb $acc,-1($out)
+ addib,<> -1,$count,$label ; $count is always small
+ and $mask,$YY,$YY
+___
+}
+
+$code=<<___;
+ .LEVEL $LEVEL
+ .SPACE \$TEXT\$
+ .SUBSPA \$CODE\$,QUAD=0,ALIGN=8,ACCESS=0x2C,CODE_ONLY
+
+ .EXPORT RC4,ENTRY,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR
+RC4
+ .PROC
+ .CALLINFO FRAME=`$FRAME-4*$SIZE_T`,NO_CALLS,SAVE_RP,ENTRY_GR=6
+ .ENTRY
+ $PUSH %r2,-$SAVED_RP(%sp) ; standard prologue
+ $PUSHMA %r3,$FRAME(%sp)
+ $PUSH %r4,`-$FRAME+1*$SIZE_T`(%sp)
+ $PUSH %r5,`-$FRAME+2*$SIZE_T`(%sp)
+ $PUSH %r6,`-$FRAME+3*$SIZE_T`(%sp)
+
+ cmpib,*= 0,$len,L\$abort
+ sub $inp,$out,$inp ; distance between $inp and $out
+
+ $LD `0*$SZ`($key),$XX[0]
+ $LD `1*$SZ`($key),$YY
+ ldo `2*$SZ`($key),$key
+
+ ldi 0xff,$mask
+ ldi 3,$dat0
+
+ ldo 1($XX[0]),$XX[0] ; warm up loop
+ and $mask,$XX[0],$XX[0]
+ $LDX $XX[0]($key),$TX[0]
+ addl $TX[0],$YY,$YY
+ cmpib,*>>= 6,$len,L\$oop1 ; is $len large enough to bother?
+ and $mask,$YY,$YY
+
+ and,<> $out,$dat0,$rem ; is $out aligned?
+ b L\$alignedout
+ subi 4,$rem,$rem
+ sub $len,$rem,$len
+___
+&foldedloop("L\$alignout",$rem); # process till $out is aligned
+
+$code.=<<___;
+L\$alignedout ; $len is at least 4 here
+ and,<> $inp,$dat0,$acc ; is $inp aligned?
+ b L\$oop4
+ sub $inp,$acc,$rem ; align $inp
+
+ sh3addl $acc,%r0,$acc
+ subi 32,$acc,$acc
+ mtctl $acc,%cr11 ; load %sar with vshd align factor
+ ldwx $rem($out),$dat0
+ ldo 4($rem),$rem
+L\$oop4misalignedinp
+___
+&unrolledloopbody();
+$code.=<<___;
+ $LDX $TY($key),$ix
+ ldwx $rem($out),$dat1
+ ldo -4($len),$len
+ or $ix,$acc,$acc ; last piece, no need to dep
+ vshd $dat0,$dat1,$iy ; align data
+ copy $dat1,$dat0
+ xor $iy,$acc,$acc
+ stw $acc,0($out)
+ cmpib,*<< 3,$len,L\$oop4misalignedinp
+ ldo 4($out),$out
+ cmpib,*= 0,$len,L\$done
+ nop
+ b L\$oop1
+ nop
+
+ .ALIGN 8
+L\$oop4
+___
+&unrolledloopbody();
+$code.=<<___;
+ $LDX $TY($key),$ix
+ ldwx $inp($out),$dat0
+ ldo -4($len),$len
+ or $ix,$acc,$acc ; last piece, no need to dep
+ xor $dat0,$acc,$acc
+ stw $acc,0($out)
+ cmpib,*<< 3,$len,L\$oop4
+ ldo 4($out),$out
+ cmpib,*= 0,$len,L\$done
+ nop
+___
+&foldedloop("L\$oop1",$len);
+$code.=<<___;
+L\$done
+ $POP `-$FRAME-$SAVED_RP`(%sp),%r2
+ ldo -1($XX[0]),$XX[0] ; chill out loop
+ sub $YY,$TX[0],$YY
+ and $mask,$XX[0],$XX[0]
+ and $mask,$YY,$YY
+ $ST $XX[0],`-2*$SZ`($key)
+ $ST $YY,`-1*$SZ`($key)
+ $POP `-$FRAME+1*$SIZE_T`(%sp),%r4
+ $POP `-$FRAME+2*$SIZE_T`(%sp),%r5
+ $POP `-$FRAME+3*$SIZE_T`(%sp),%r6
+L\$abort
+ bv (%r2)
+ .EXIT
+ $POPMB -$FRAME(%sp),%r3
+ .PROCEND
+___
+
+$code.=<<___;
+
+ .EXPORT private_RC4_set_key,ENTRY,ARGW0=GR,ARGW1=GR,ARGW2=GR
+ .ALIGN 8
+private_RC4_set_key
+ .PROC
+ .CALLINFO NO_CALLS
+ .ENTRY
+ $ST %r0,`0*$SZ`($key)
+ $ST %r0,`1*$SZ`($key)
+ ldo `2*$SZ`($key),$key
+ copy %r0, at XX[0]
+L\$1st
+ $ST @XX[0],0($key)
+ ldo 1(@XX[0]), at XX[0]
+ bb,>= @XX[0],`31-8`,L\$1st ; @XX[0]<256
+ ldo $SZ($key),$key
+
+ ldo `-256*$SZ`($key),$key ; rewind $key
+ addl $len,$inp,$inp ; $inp to point at the end
+ sub %r0,$len,%r23 ; inverse index
+ copy %r0, at XX[0]
+ copy %r0, at XX[1]
+ ldi 0xff,$mask
+
+L\$2nd
+ $LDX @XX[0]($key), at TX[0]
+ ldbx %r23($inp), at TX[1]
+ addi,nuv 1,%r23,%r23 ; increment and conditional
+ sub %r0,$len,%r23 ; inverse index
+ addl @TX[0], at XX[1], at XX[1]
+ addl @TX[1], at XX[1], at XX[1]
+ and $mask, at XX[1], at XX[1]
+ $MKX @XX[0],$key,$TY
+ $LDX @XX[1]($key), at TX[1]
+ $MKX @XX[1],$key,$YY
+ ldo 1(@XX[0]), at XX[0]
+ $ST @TX[0],0($YY)
+ bb,>= @XX[0],`31-8`,L\$2nd ; @XX[0]<256
+ $ST @TX[1],0($TY)
+
+ bv,n (%r2)
+ .EXIT
+ nop
+ .PROCEND
+
+ .EXPORT RC4_options,ENTRY
+ .ALIGN 8
+RC4_options
+ .PROC
+ .CALLINFO NO_CALLS
+ .ENTRY
+ blr %r0,%r28
+ ldi 3,%r1
+L\$pic
+ andcm %r28,%r1,%r28
+ bv (%r2)
+ .EXIT
+ ldo L\$opts-L\$pic(%r28),%r28
+ .PROCEND
+ .ALIGN 8
+L\$opts
+ .STRINGZ "rc4(4x,`$SZ==1?"char":"int"`)"
+ .STRINGZ "RC4 for PA-RISC, CRYPTOGAMS by <appro\@openssl.org>"
+___
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+$code =~ s/cmpib,\*/comib,/gm if ($SIZE_T==4);
+$code =~ s/\bbv\b/bve/gm if ($SIZE_T==8);
+
+print $code;
+close STDOUT;
Copied: trunk/crypto/openssl/crypto/rc4/asm/rc4-s390x.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/rc4/asm/rc4-s390x.pl)
===================================================================
--- trunk/crypto/openssl/crypto/rc4/asm/rc4-s390x.pl (rev 0)
+++ trunk/crypto/openssl/crypto/rc4/asm/rc4-s390x.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,234 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+#
+# February 2009
+#
+# Performance is 2x of gcc 3.4.6 on z10. Coding "secret" is to
+# "cluster" Address Generation Interlocks, so that one pipeline stall
+# resolves several dependencies.
+
+# November 2010.
+#
+# Adapt for -m31 build. If kernel supports what's called "highgprs"
+# feature on Linux [see /proc/cpuinfo], it's possible to use 64-bit
+# instructions and achieve "64-bit" performance even in 31-bit legacy
+# application context. The feature is not specific to any particular
+# processor, as long as it's "z-CPU". Latter implies that the code
+# remains z/Architecture specific. On z990 it was measured to perform
+# 50% better than code generated by gcc 4.3.
+
+$flavour = shift;
+
+if ($flavour =~ /3[12]/) {
+ $SIZE_T=4;
+ $g="";
+} else {
+ $SIZE_T=8;
+ $g="g";
+}
+
+while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
+open STDOUT,">$output";
+
+$rp="%r14";
+$sp="%r15";
+$code=<<___;
+.text
+
+___
+
+# void RC4(RC4_KEY *key,size_t len,const void *inp,void *out)
+{
+$acc="%r0";
+$cnt="%r1";
+$key="%r2";
+$len="%r3";
+$inp="%r4";
+$out="%r5";
+
+ at XX=("%r6","%r7");
+ at TX=("%r8","%r9");
+$YY="%r10";
+$TY="%r11";
+
+$code.=<<___;
+.globl RC4
+.type RC4,\@function
+.align 64
+RC4:
+ stm${g} %r6,%r11,6*$SIZE_T($sp)
+___
+$code.=<<___ if ($flavour =~ /3[12]/);
+ llgfr $len,$len
+___
+$code.=<<___;
+ llgc $XX[0],0($key)
+ llgc $YY,1($key)
+ la $XX[0],1($XX[0])
+ nill $XX[0],0xff
+ srlg $cnt,$len,3
+ ltgr $cnt,$cnt
+ llgc $TX[0],2($XX[0],$key)
+ jz .Lshort
+ j .Loop8
+
+.align 64
+.Loop8:
+___
+for ($i=0;$i<8;$i++) {
+$code.=<<___;
+ la $YY,0($YY,$TX[0]) # $i
+ nill $YY,255
+ la $XX[1],1($XX[0])
+ nill $XX[1],255
+___
+$code.=<<___ if ($i==1);
+ llgc $acc,2($TY,$key)
+___
+$code.=<<___ if ($i>1);
+ sllg $acc,$acc,8
+ ic $acc,2($TY,$key)
+___
+$code.=<<___;
+ llgc $TY,2($YY,$key)
+ stc $TX[0],2($YY,$key)
+ llgc $TX[1],2($XX[1],$key)
+ stc $TY,2($XX[0],$key)
+ cr $XX[1],$YY
+ jne .Lcmov$i
+ la $TX[1],0($TX[0])
+.Lcmov$i:
+ la $TY,0($TY,$TX[0])
+ nill $TY,255
+___
+push(@TX,shift(@TX)); push(@XX,shift(@XX)); # "rotate" registers
+}
+
+$code.=<<___;
+ lg $TX[1],0($inp)
+ sllg $acc,$acc,8
+ la $inp,8($inp)
+ ic $acc,2($TY,$key)
+ xgr $acc,$TX[1]
+ stg $acc,0($out)
+ la $out,8($out)
+ brctg $cnt,.Loop8
+
+.Lshort:
+ lghi $acc,7
+ ngr $len,$acc
+ jz .Lexit
+ j .Loop1
+
+.align 16
+.Loop1:
+ la $YY,0($YY,$TX[0])
+ nill $YY,255
+ llgc $TY,2($YY,$key)
+ stc $TX[0],2($YY,$key)
+ stc $TY,2($XX[0],$key)
+ ar $TY,$TX[0]
+ ahi $XX[0],1
+ nill $TY,255
+ nill $XX[0],255
+ llgc $acc,0($inp)
+ la $inp,1($inp)
+ llgc $TY,2($TY,$key)
+ llgc $TX[0],2($XX[0],$key)
+ xr $acc,$TY
+ stc $acc,0($out)
+ la $out,1($out)
+ brct $len,.Loop1
+
+.Lexit:
+ ahi $XX[0],-1
+ stc $XX[0],0($key)
+ stc $YY,1($key)
+ lm${g} %r6,%r11,6*$SIZE_T($sp)
+ br $rp
+.size RC4,.-RC4
+.string "RC4 for s390x, CRYPTOGAMS by <appro\@openssl.org>"
+
+___
+}
+
+# void RC4_set_key(RC4_KEY *key,unsigned int len,const void *inp)
+{
+$cnt="%r0";
+$idx="%r1";
+$key="%r2";
+$len="%r3";
+$inp="%r4";
+$acc="%r5";
+$dat="%r6";
+$ikey="%r7";
+$iinp="%r8";
+
+$code.=<<___;
+.globl private_RC4_set_key
+.type private_RC4_set_key,\@function
+.align 64
+private_RC4_set_key:
+ stm${g} %r6,%r8,6*$SIZE_T($sp)
+ lhi $cnt,256
+ la $idx,0(%r0)
+ sth $idx,0($key)
+.align 4
+.L1stloop:
+ stc $idx,2($idx,$key)
+ la $idx,1($idx)
+ brct $cnt,.L1stloop
+
+ lghi $ikey,-256
+ lr $cnt,$len
+ la $iinp,0(%r0)
+ la $idx,0(%r0)
+.align 16
+.L2ndloop:
+ llgc $acc,2+256($ikey,$key)
+ llgc $dat,0($iinp,$inp)
+ la $idx,0($idx,$acc)
+ la $ikey,1($ikey)
+ la $idx,0($idx,$dat)
+ nill $idx,255
+ la $iinp,1($iinp)
+ tml $ikey,255
+ llgc $dat,2($idx,$key)
+ stc $dat,2+256-1($ikey,$key)
+ stc $acc,2($idx,$key)
+ jz .Ldone
+ brct $cnt,.L2ndloop
+ lr $cnt,$len
+ la $iinp,0(%r0)
+ j .L2ndloop
+.Ldone:
+ lm${g} %r6,%r8,6*$SIZE_T($sp)
+ br $rp
+.size private_RC4_set_key,.-private_RC4_set_key
+
+___
+}
+
+# const char *RC4_options()
+$code.=<<___;
+.globl RC4_options
+.type RC4_options,\@function
+.align 16
+RC4_options:
+ larl %r2,.Loptions
+ br %r14
+.size RC4_options,.-RC4_options
+.section .rodata
+.Loptions:
+.align 8
+.string "rc4(8x,char)"
+___
+
+print $code;
+close STDOUT; # force flush
Modified: trunk/crypto/openssl/crypto/rc4/asm/rc4-x86_64.pl
===================================================================
--- trunk/crypto/openssl/crypto/rc4/asm/rc4-x86_64.pl 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/rc4/asm/rc4-x86_64.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -7,6 +7,8 @@
# details see http://www.openssl.org/~appro/cryptogams/.
# ====================================================================
#
+# July 2004
+#
# 2.22x RC4 tune-up:-) It should be noted though that my hand [as in
# "hand-coded assembler"] doesn't stand for the whole improvement
# coefficient. It turned out that eliminating RC4_CHAR from config
@@ -19,6 +21,8 @@
# to operate on partial registers, it turned out to be the best bet.
# At least for AMD... How IA32E would perform remains to be seen...
+# November 2004
+#
# As was shown by Marc Bevand reordering of couple of load operations
# results in even higher performance gain of 3.3x:-) At least on
# Opteron... For reference, 1x in this case is RC4_CHAR C-code
@@ -26,6 +30,8 @@
# Latter means that if you want to *estimate* what to expect from
# *your* Opteron, then multiply 54 by 3.3 and clock frequency in GHz.
+# November 2004
+#
# Intel P4 EM64T core was found to run the AMD64 code really slow...
# The only way to achieve comparable performance on P4 was to keep
# RC4_CHAR. Kind of ironic, huh? As it's apparently impossible to
@@ -33,10 +39,14 @@
# on either AMD and Intel platforms, I implement both cases. See
# rc4_skey.c for further details...
+# April 2005
+#
# P4 EM64T core appears to be "allergic" to 64-bit inc/dec. Replacing
# those with add/sub results in 50% performance improvement of folded
# loop...
+# May 2005
+#
# As was shown by Zou Nanhai loop unrolling can improve Intel EM64T
# performance by >30% [unlike P4 32-bit case that is]. But this is
# provided that loads are reordered even more aggressively! Both code
@@ -50,6 +60,8 @@
# is not implemented, then this final RC4_CHAR code-path should be
# preferred, as it provides better *all-round* performance].
+# March 2007
+#
# Intel Core2 was observed to perform poorly on both code paths:-( It
# apparently suffers from some kind of partial register stall, which
# occurs in 64-bit mode only [as virtually identical 32-bit loop was
@@ -58,14 +70,50 @@
# fit for Core2 and therefore the code was modified to skip cloop8 on
# this CPU.
-$output=shift;
+# May 2010
+#
+# Intel Westmere was observed to perform suboptimally. Adding yet
+# another movzb to cloop1 improved performance by almost 50%! Core2
+# performance is improved too, but nominally...
+# May 2011
+#
+# The only code path that was not modified is P4-specific one. Non-P4
+# Intel code path optimization is heavily based on submission by Maxim
+# Perminov, Maxim Locktyukhin and Jim Guilford of Intel. I've used
+# some of the ideas even in attempt to optmize the original RC4_INT
+# code path... Current performance in cycles per processed byte (less
+# is better) and improvement coefficients relative to previous
+# version of this module are:
+#
+# Opteron 5.3/+0%(*)
+# P4 6.5
+# Core2 6.2/+15%(**)
+# Westmere 4.2/+60%
+# Sandy Bridge 4.2/+120%
+# Atom 9.3/+80%
+#
+# (*) But corresponding loop has less instructions, which should have
+# positive effect on upcoming Bulldozer, which has one less ALU.
+# For reference, Intel code runs at 6.8 cpb rate on Opteron.
+# (**) Note that Core2 result is ~15% lower than corresponding result
+# for 32-bit code, meaning that it's possible to improve it,
+# but more than likely at the cost of the others (see rc4-586.pl
+# to get the idea)...
+
+$flavour = shift;
+$output = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+
+$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
+
$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
die "can't locate x86_64-xlate.pl";
-open STDOUT,"| $^X $xlate $output";
+open OUT,"| \"$^X\" $xlate $flavour $output";
+*STDOUT=*OUT;
$dat="%rdi"; # arg1
$len="%rsi"; # arg2
@@ -72,13 +120,10 @@
$inp="%rdx"; # arg3
$out="%rcx"; # arg4
- at XX=("%r8","%r10");
- at TX=("%r9","%r11");
-$YY="%r12";
-$TY="%r13";
-
+{
$code=<<___;
.text
+.extern OPENSSL_ia32cap_P
.globl RC4
.type RC4,\@function,4
@@ -87,62 +132,181 @@
jne .Lentry
ret
.Lentry:
+ push %rbx
push %r12
push %r13
+.Lprologue:
+ mov $len,%r11
+ mov $inp,%r12
+ mov $out,%r13
+___
+my $len="%r11"; # reassign input arguments
+my $inp="%r12";
+my $out="%r13";
- add \$8,$dat
- movl -8($dat),$XX[0]#d
- movl -4($dat),$YY#d
+my @XX=("%r10","%rsi");
+my @TX=("%rax","%rbx");
+my $YY="%rcx";
+my $TY="%rdx";
+
+$code.=<<___;
+ xor $XX[0],$XX[0]
+ xor $YY,$YY
+
+ lea 8($dat),$dat
+ mov -8($dat),$XX[0]#b
+ mov -4($dat),$YY#b
cmpl \$-1,256($dat)
je .LRC4_CHAR
+ mov OPENSSL_ia32cap_P(%rip),%r8d
+ xor $TX[1],$TX[1]
inc $XX[0]#b
+ sub $XX[0],$TX[1]
+ sub $inp,$out
movl ($dat,$XX[0],4),$TX[0]#d
- test \$-8,$len
+ test \$-16,$len
jz .Lloop1
- jmp .Lloop8
+ bt \$30,%r8d # Intel CPU?
+ jc .Lintel
+ and \$7,$TX[1]
+ lea 1($XX[0]),$XX[1]
+ jz .Loop8
+ sub $TX[1],$len
+.Loop8_warmup:
+ add $TX[0]#b,$YY#b
+ movl ($dat,$YY,4),$TY#d
+ movl $TX[0]#d,($dat,$YY,4)
+ movl $TY#d,($dat,$XX[0],4)
+ add $TY#b,$TX[0]#b
+ inc $XX[0]#b
+ movl ($dat,$TX[0],4),$TY#d
+ movl ($dat,$XX[0],4),$TX[0]#d
+ xorb ($inp),$TY#b
+ movb $TY#b,($out,$inp)
+ lea 1($inp),$inp
+ dec $TX[1]
+ jnz .Loop8_warmup
+
+ lea 1($XX[0]),$XX[1]
+ jmp .Loop8
.align 16
-.Lloop8:
+.Loop8:
___
for ($i=0;$i<8;$i++) {
+$code.=<<___ if ($i==7);
+ add \$8,$XX[1]#b
+___
$code.=<<___;
add $TX[0]#b,$YY#b
- mov $XX[0],$XX[1]
movl ($dat,$YY,4),$TY#d
- ror \$8,%rax # ror is redundant when $i=0
- inc $XX[1]#b
- movl ($dat,$XX[1],4),$TX[1]#d
- cmp $XX[1],$YY
movl $TX[0]#d,($dat,$YY,4)
- cmove $TX[0],$TX[1]
- movl $TY#d,($dat,$XX[0],4)
+ movl `4*($i==7?-1:$i)`($dat,$XX[1],4),$TX[1]#d
+ ror \$8,%r8 # ror is redundant when $i=0
+ movl $TY#d,4*$i($dat,$XX[0],4)
add $TX[0]#b,$TY#b
- movb ($dat,$TY,4),%al
+ movb ($dat,$TY,4),%r8b
___
-push(@TX,shift(@TX)); push(@XX,shift(@XX)); # "rotate" registers
+push(@TX,shift(@TX)); #push(@XX,shift(@XX)); # "rotate" registers
}
$code.=<<___;
- ror \$8,%rax
+ add \$8,$XX[0]#b
+ ror \$8,%r8
sub \$8,$len
- xor ($inp),%rax
- add \$8,$inp
- mov %rax,($out)
- add \$8,$out
+ xor ($inp),%r8
+ mov %r8,($out,$inp)
+ lea 8($inp),$inp
test \$-8,$len
- jnz .Lloop8
+ jnz .Loop8
cmp \$0,$len
jne .Lloop1
+ jmp .Lexit
+
+.align 16
+.Lintel:
+ test \$-32,$len
+ jz .Lloop1
+ and \$15,$TX[1]
+ jz .Loop16_is_hot
+ sub $TX[1],$len
+.Loop16_warmup:
+ add $TX[0]#b,$YY#b
+ movl ($dat,$YY,4),$TY#d
+ movl $TX[0]#d,($dat,$YY,4)
+ movl $TY#d,($dat,$XX[0],4)
+ add $TY#b,$TX[0]#b
+ inc $XX[0]#b
+ movl ($dat,$TX[0],4),$TY#d
+ movl ($dat,$XX[0],4),$TX[0]#d
+ xorb ($inp),$TY#b
+ movb $TY#b,($out,$inp)
+ lea 1($inp),$inp
+ dec $TX[1]
+ jnz .Loop16_warmup
+
+ mov $YY,$TX[1]
+ xor $YY,$YY
+ mov $TX[1]#b,$YY#b
+
+.Loop16_is_hot:
+ lea ($dat,$XX[0],4),$XX[1]
___
+sub RC4_loop {
+ my $i=shift;
+ my $j=$i<0?0:$i;
+ my $xmm="%xmm".($j&1);
+
+ $code.=" add \$16,$XX[0]#b\n" if ($i==15);
+ $code.=" movdqu ($inp),%xmm2\n" if ($i==15);
+ $code.=" add $TX[0]#b,$YY#b\n" if ($i<=0);
+ $code.=" movl ($dat,$YY,4),$TY#d\n";
+ $code.=" pxor %xmm0,%xmm2\n" if ($i==0);
+ $code.=" psllq \$8,%xmm1\n" if ($i==0);
+ $code.=" pxor $xmm,$xmm\n" if ($i<=1);
+ $code.=" movl $TX[0]#d,($dat,$YY,4)\n";
+ $code.=" add $TY#b,$TX[0]#b\n";
+ $code.=" movl `4*($j+1)`($XX[1]),$TX[1]#d\n" if ($i<15);
+ $code.=" movz $TX[0]#b,$TX[0]#d\n";
+ $code.=" movl $TY#d,4*$j($XX[1])\n";
+ $code.=" pxor %xmm1,%xmm2\n" if ($i==0);
+ $code.=" lea ($dat,$XX[0],4),$XX[1]\n" if ($i==15);
+ $code.=" add $TX[1]#b,$YY#b\n" if ($i<15);
+ $code.=" pinsrw \$`($j>>1)&7`,($dat,$TX[0],4),$xmm\n";
+ $code.=" movdqu %xmm2,($out,$inp)\n" if ($i==0);
+ $code.=" lea 16($inp),$inp\n" if ($i==0);
+ $code.=" movl ($XX[1]),$TX[1]#d\n" if ($i==15);
+}
+ RC4_loop(-1);
$code.=<<___;
-.Lexit:
- sub \$1,$XX[0]#b
- movl $XX[0]#d,-8($dat)
- movl $YY#d,-4($dat)
+ jmp .Loop16_enter
+.align 16
+.Loop16:
+___
- pop %r13
- pop %r12
- ret
+for ($i=0;$i<16;$i++) {
+ $code.=".Loop16_enter:\n" if ($i==1);
+ RC4_loop($i);
+ push(@TX,shift(@TX)); # "rotate" registers
+}
+$code.=<<___;
+ mov $YY,$TX[1]
+ xor $YY,$YY # keyword to partial register
+ sub \$16,$len
+ mov $TX[1]#b,$YY#b
+ test \$-16,$len
+ jnz .Loop16
+
+ psllq \$8,%xmm1
+ pxor %xmm0,%xmm2
+ pxor %xmm1,%xmm2
+ movdqu %xmm2,($out,$inp)
+ lea 16($inp),$inp
+
+ cmp \$0,$len
+ jne .Lloop1
+ jmp .Lexit
+
.align 16
.Lloop1:
add $TX[0]#b,$YY#b
@@ -154,9 +318,8 @@
movl ($dat,$TX[0],4),$TY#d
movl ($dat,$XX[0],4),$TX[0]#d
xorb ($inp),$TY#b
- inc $inp
- movb $TY#b,($out)
- inc $out
+ movb $TY#b,($out,$inp)
+ lea 1($inp),$inp
dec $len
jnz .Lloop1
jmp .Lexit
@@ -167,14 +330,11 @@
movzb ($dat,$XX[0]),$TX[0]#d
test \$-8,$len
jz .Lcloop1
- cmpl \$0,260($dat)
- jnz .Lcloop1
- push %rbx
jmp .Lcloop8
.align 16
.Lcloop8:
- mov ($inp),%eax
- mov 4($inp),%ebx
+ mov ($inp),%r8d
+ mov 4($inp),%r9d
___
# unroll 2x4-wise, because 64-bit rotates kill Intel P4...
for ($i=0;$i<4;$i++) {
@@ -191,8 +351,8 @@
mov $TX[0],$TX[1]
.Lcmov$i:
add $TX[0]#b,$TY#b
- xor ($dat,$TY),%al
- ror \$8,%eax
+ xor ($dat,$TY),%r8b
+ ror \$8,%r8d
___
push(@TX,shift(@TX)); push(@XX,shift(@XX)); # "rotate" registers
}
@@ -210,21 +370,20 @@
mov $TX[0],$TX[1]
.Lcmov$i:
add $TX[0]#b,$TY#b
- xor ($dat,$TY),%bl
- ror \$8,%ebx
+ xor ($dat,$TY),%r9b
+ ror \$8,%r9d
___
push(@TX,shift(@TX)); push(@XX,shift(@XX)); # "rotate" registers
}
$code.=<<___;
lea -8($len),$len
- mov %eax,($out)
+ mov %r8d,($out)
lea 8($inp),$inp
- mov %ebx,4($out)
+ mov %r9d,4($out)
lea 8($out),$out
test \$-8,$len
jnz .Lcloop8
- pop %rbx
cmp \$0,$len
jne .Lcloop1
jmp .Lexit
@@ -233,6 +392,7 @@
.align 16
.Lcloop1:
add $TX[0]#b,$YY#b
+ movzb $YY#b,$YY#d
movzb ($dat,$YY),$TY#d
movb $TX[0]#b,($dat,$YY)
movb $TY#b,($dat,$XX[0])
@@ -249,18 +409,31 @@
sub \$1,$len
jnz .Lcloop1
jmp .Lexit
+
+.align 16
+.Lexit:
+ sub \$1,$XX[0]#b
+ movl $XX[0]#d,-8($dat)
+ movl $YY#d,-4($dat)
+
+ mov (%rsp),%r13
+ mov 8(%rsp),%r12
+ mov 16(%rsp),%rbx
+ add \$24,%rsp
+.Lepilogue:
+ ret
.size RC4,.-RC4
___
+}
$idx="%r8";
$ido="%r9";
$code.=<<___;
-.extern OPENSSL_ia32cap_P
-.globl RC4_set_key
-.type RC4_set_key,\@function,3
+.globl private_RC4_set_key
+.type private_RC4_set_key,\@function,3
.align 16
-RC4_set_key:
+private_RC4_set_key:
lea 8($dat),$dat
lea ($inp,$len),$inp
neg $len
@@ -271,12 +444,9 @@
xor %r11,%r11
mov OPENSSL_ia32cap_P(%rip),$idx#d
- bt \$20,$idx#d
- jnc .Lw1stloop
- bt \$30,$idx#d
- setc $ido#b
- mov $ido#d,260($dat)
- jmp .Lc1stloop
+ bt \$20,$idx#d # RC4_CHAR?
+ jc .Lc1stloop
+ jmp .Lw1stloop
.align 16
.Lw1stloop:
@@ -330,21 +500,22 @@
mov %eax,-8($dat)
mov %eax,-4($dat)
ret
-.size RC4_set_key,.-RC4_set_key
+.size private_RC4_set_key,.-private_RC4_set_key
.globl RC4_options
-.type RC4_options,\@function,0
+.type RC4_options,\@abi-omnipotent
.align 16
RC4_options:
- .picmeup %rax
- lea .Lopts-.(%rax),%rax
+ lea .Lopts(%rip),%rax
mov OPENSSL_ia32cap_P(%rip),%edx
bt \$20,%edx
+ jc .L8xchar
+ bt \$30,%edx
jnc .Ldone
+ add \$25,%rax
+ ret
+.L8xchar:
add \$12,%rax
- bt \$30,%edx
- jnc .Ldone
- add \$13,%rax
.Ldone:
ret
.align 64
@@ -351,16 +522,156 @@
.Lopts:
.asciz "rc4(8x,int)"
.asciz "rc4(8x,char)"
-.asciz "rc4(1x,char)"
+.asciz "rc4(16x,int)"
.asciz "RC4 for x86_64, CRYPTOGAMS by <appro\@openssl.org>"
.align 64
.size RC4_options,.-RC4_options
___
-$code =~ s/#([bwd])/$1/gm;
+# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
+# CONTEXT *context,DISPATCHER_CONTEXT *disp)
+if ($win64) {
+$rec="%rcx";
+$frame="%rdx";
+$context="%r8";
+$disp="%r9";
-$code =~ s/RC4_set_key/private_RC4_set_key/g if ($ENV{FIPSCANLIB} ne "");
+$code.=<<___;
+.extern __imp_RtlVirtualUnwind
+.type stream_se_handler,\@abi-omnipotent
+.align 16
+stream_se_handler:
+ push %rsi
+ push %rdi
+ push %rbx
+ push %rbp
+ push %r12
+ push %r13
+ push %r14
+ push %r15
+ pushfq
+ sub \$64,%rsp
+ mov 120($context),%rax # pull context->Rax
+ mov 248($context),%rbx # pull context->Rip
+
+ lea .Lprologue(%rip),%r10
+ cmp %r10,%rbx # context->Rip<prologue label
+ jb .Lin_prologue
+
+ mov 152($context),%rax # pull context->Rsp
+
+ lea .Lepilogue(%rip),%r10
+ cmp %r10,%rbx # context->Rip>=epilogue label
+ jae .Lin_prologue
+
+ lea 24(%rax),%rax
+
+ mov -8(%rax),%rbx
+ mov -16(%rax),%r12
+ mov -24(%rax),%r13
+ mov %rbx,144($context) # restore context->Rbx
+ mov %r12,216($context) # restore context->R12
+ mov %r13,224($context) # restore context->R13
+
+.Lin_prologue:
+ mov 8(%rax),%rdi
+ mov 16(%rax),%rsi
+ mov %rax,152($context) # restore context->Rsp
+ mov %rsi,168($context) # restore context->Rsi
+ mov %rdi,176($context) # restore context->Rdi
+
+ jmp .Lcommon_seh_exit
+.size stream_se_handler,.-stream_se_handler
+
+.type key_se_handler,\@abi-omnipotent
+.align 16
+key_se_handler:
+ push %rsi
+ push %rdi
+ push %rbx
+ push %rbp
+ push %r12
+ push %r13
+ push %r14
+ push %r15
+ pushfq
+ sub \$64,%rsp
+
+ mov 152($context),%rax # pull context->Rsp
+ mov 8(%rax),%rdi
+ mov 16(%rax),%rsi
+ mov %rsi,168($context) # restore context->Rsi
+ mov %rdi,176($context) # restore context->Rdi
+
+.Lcommon_seh_exit:
+
+ mov 40($disp),%rdi # disp->ContextRecord
+ mov $context,%rsi # context
+ mov \$154,%ecx # sizeof(CONTEXT)
+ .long 0xa548f3fc # cld; rep movsq
+
+ mov $disp,%rsi
+ xor %rcx,%rcx # arg1, UNW_FLAG_NHANDLER
+ mov 8(%rsi),%rdx # arg2, disp->ImageBase
+ mov 0(%rsi),%r8 # arg3, disp->ControlPc
+ mov 16(%rsi),%r9 # arg4, disp->FunctionEntry
+ mov 40(%rsi),%r10 # disp->ContextRecord
+ lea 56(%rsi),%r11 # &disp->HandlerData
+ lea 24(%rsi),%r12 # &disp->EstablisherFrame
+ mov %r10,32(%rsp) # arg5
+ mov %r11,40(%rsp) # arg6
+ mov %r12,48(%rsp) # arg7
+ mov %rcx,56(%rsp) # arg8, (NULL)
+ call *__imp_RtlVirtualUnwind(%rip)
+
+ mov \$1,%eax # ExceptionContinueSearch
+ add \$64,%rsp
+ popfq
+ pop %r15
+ pop %r14
+ pop %r13
+ pop %r12
+ pop %rbp
+ pop %rbx
+ pop %rdi
+ pop %rsi
+ ret
+.size key_se_handler,.-key_se_handler
+
+.section .pdata
+.align 4
+ .rva .LSEH_begin_RC4
+ .rva .LSEH_end_RC4
+ .rva .LSEH_info_RC4
+
+ .rva .LSEH_begin_private_RC4_set_key
+ .rva .LSEH_end_private_RC4_set_key
+ .rva .LSEH_info_private_RC4_set_key
+
+.section .xdata
+.align 8
+.LSEH_info_RC4:
+ .byte 9,0,0,0
+ .rva stream_se_handler
+.LSEH_info_private_RC4_set_key:
+ .byte 9,0,0,0
+ .rva key_se_handler
+___
+}
+
+sub reg_part {
+my ($reg,$conv)=@_;
+ if ($reg =~ /%r[0-9]+/) { $reg .= $conv; }
+ elsif ($conv eq "b") { $reg =~ s/%[er]([^x]+)x?/%$1l/; }
+ elsif ($conv eq "w") { $reg =~ s/%[er](.+)/%$1/; }
+ elsif ($conv eq "d") { $reg =~ s/%[er](.+)/%e$1/; }
+ return $reg;
+}
+
+$code =~ s/(%[a-z0-9]+)#([bwd])/reg_part($1,$2)/gem;
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+
print $code;
close STDOUT;
Modified: trunk/crypto/openssl/crypto/rc4/rc4.h
===================================================================
--- trunk/crypto/openssl/crypto/rc4/rc4.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/rc4/rc4.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -64,6 +64,8 @@
# error RC4 is disabled.
# endif
+# include <stddef.h>
+
#ifdef __cplusplus
extern "C" {
#endif
@@ -74,11 +76,9 @@
} RC4_KEY;
const char *RC4_options(void);
-# ifdef OPENSSL_FIPS
+void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data);
void private_RC4_set_key(RC4_KEY *key, int len, const unsigned char *data);
-# endif
-void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data);
-void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata,
+void RC4(RC4_KEY *key, size_t len, const unsigned char *indata,
unsigned char *outdata);
#ifdef __cplusplus
Modified: trunk/crypto/openssl/crypto/rc4/rc4_enc.c
===================================================================
--- trunk/crypto/openssl/crypto/rc4/rc4_enc.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/rc4/rc4_enc.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -68,12 +68,12 @@
* Date: Wed, 14 Sep 1994 06:35:31 GMT
*/
-void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata,
+void RC4(RC4_KEY *key, size_t len, const unsigned char *indata,
unsigned char *outdata)
{
register RC4_INT *d;
register RC4_INT x, y, tx, ty;
- int i;
+ size_t i;
x = key->x;
y = key->y;
@@ -121,8 +121,8 @@
(RC4_CHUNK)d[(tx+ty)&0xff]\
)
- if ((((unsigned long)indata & (sizeof(RC4_CHUNK) - 1)) |
- ((unsigned long)outdata & (sizeof(RC4_CHUNK) - 1))) == 0) {
+ if ((((size_t)indata & (sizeof(RC4_CHUNK) - 1)) |
+ ((size_t)outdata & (sizeof(RC4_CHUNK) - 1))) == 0) {
RC4_CHUNK ichunk, otp;
const union {
long one;
@@ -161,7 +161,7 @@
*/
if (!is_endian.little) { /* BIG-ENDIAN CASE */
# define BESHFT(c) (((sizeof(RC4_CHUNK)-(c)-1)*8)&(sizeof(RC4_CHUNK)*8-1))
- for (; len & ~(sizeof(RC4_CHUNK) - 1); len -= sizeof(RC4_CHUNK)) {
+ for (; len & (0 - sizeof(RC4_CHUNK)); len -= sizeof(RC4_CHUNK)) {
ichunk = *(RC4_CHUNK *) indata;
otp = RC4_STEP << BESHFT(0);
otp |= RC4_STEP << BESHFT(1);
@@ -215,7 +215,7 @@
return;
} else { /* LITTLE-ENDIAN CASE */
# define LESHFT(c) (((c)*8)&(sizeof(RC4_CHUNK)*8-1))
- for (; len & ~(sizeof(RC4_CHUNK) - 1); len -= sizeof(RC4_CHUNK)) {
+ for (; len & (0 - sizeof(RC4_CHUNK)); len -= sizeof(RC4_CHUNK)) {
ichunk = *(RC4_CHUNK *) indata;
otp = RC4_STEP;
otp |= RC4_STEP << 8;
@@ -284,7 +284,7 @@
# define RC4_LOOP(a,b,i) LOOP(a[i],b[i])
#endif
- i = (int)(len >> 3L);
+ i = len >> 3;
if (i) {
for (;;) {
RC4_LOOP(indata, outdata, 0);
@@ -303,7 +303,7 @@
break;
}
}
- i = (int)len & 0x07;
+ i = len & 0x07;
if (i) {
for (;;) {
RC4_LOOP(indata, outdata, 0);
Modified: trunk/crypto/openssl/crypto/rc4/rc4_skey.c
===================================================================
--- trunk/crypto/openssl/crypto/rc4/rc4_skey.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/rc4/rc4_skey.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -59,10 +59,6 @@
#include <openssl/rc4.h>
#include "rc4_locl.h"
#include <openssl/opensslv.h>
-#include <openssl/crypto.h>
-#ifdef OPENSSL_FIPS
-# include <openssl/fips.h>
-#endif
const char RC4_version[] = "RC4" OPENSSL_VERSION_PTEXT;
@@ -90,11 +86,7 @@
* Date: Wed, 14 Sep 1994 06:35:31 GMT
*/
-#ifdef OPENSSL_FIPS
void private_RC4_set_key(RC4_KEY *key, int len, const unsigned char *data)
-#else
-void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data)
-#endif
{
register RC4_INT tmp;
register int id1, id2;
@@ -113,48 +105,6 @@
d[(n)]=d[id2]; \
d[id2]=tmp; }
-#if defined(OPENSSL_CPUID_OBJ) && !defined(OPENSSL_NO_ASM)
-# if defined(__i386) || defined(__i386__) || defined(_M_IX86) || \
- defined(__INTEL__) || \
- defined(__x86_64) || defined(__x86_64__) || defined(_M_AMD64)
- if (sizeof(RC4_INT) > 1) {
- /*
- * Unlike all other x86 [and x86_64] implementations,
- * Intel P4 core [including EM64T] was found to perform
- * poorly with wider RC4_INT. Performance improvement
- * for IA-32 hand-coded assembler turned out to be 2.8x
- * if re-coded for RC4_CHAR! It's however inappropriate
- * to just switch to RC4_CHAR for x86[_64], as non-P4
- * implementations suffer from significant performance
- * losses then, e.g. PIII exhibits >2x deterioration,
- * and so does Opteron. In order to assure optimal
- * all-round performance, we detect P4 at run-time by
- * checking upon reserved bit 20 in CPU capability
- * vector and set up compressed key schedule, which is
- * recognized by correspondingly updated assembler
- * module... Bit 20 is set up by OPENSSL_ia32_cpuid.
- *
- * <appro at fy.chalmers.se>
- */
-# ifdef OPENSSL_FIPS
- unsigned long *ia32cap_ptr = OPENSSL_ia32cap_loc();
- if (ia32cap_ptr && (*ia32cap_ptr & (1 << 20))) {
-# else
- if (OPENSSL_ia32cap_P & (1 << 20)) {
-# endif
- unsigned char *cp = (unsigned char *)d;
-
- for (i = 0; i < 256; i++)
- cp[i] = i;
- for (i = 0; i < 256; i++)
- SK_LOOP(cp, i);
- /* mark schedule as compressed! */
- d[256 / sizeof(RC4_INT)] = -1;
- return;
- }
- }
-# endif
-#endif
for (i = 0; i < 256; i++)
d[i] = i;
for (i = 0; i < 256; i += 4) {
Copied: trunk/crypto/openssl/crypto/rc4/rc4_utl.c (from rev 7117, vendor-crypto/openssl/dist/crypto/rc4/rc4_utl.c)
===================================================================
--- trunk/crypto/openssl/crypto/rc4/rc4_utl.c (rev 0)
+++ trunk/crypto/openssl/crypto/rc4/rc4_utl.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,62 @@
+/* crypto/rc4/rc4_utl.c -*- mode:C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright (c) 2011 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include <openssl/opensslv.h>
+#include <openssl/crypto.h>
+#include <openssl/rc4.h>
+
+void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data)
+{
+#ifdef OPENSSL_FIPS
+ fips_cipher_abort(RC4);
+#endif
+ private_RC4_set_key(key, len, data);
+}
Modified: trunk/crypto/openssl/crypto/rc4/rc4test.c
===================================================================
--- trunk/crypto/openssl/crypto/rc4/rc4test.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/rc4/rc4test.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -115,12 +115,18 @@
int main(int argc, char *argv[])
{
- int err = 0;
- unsigned int i, j;
+ int i, err = 0;
+ int j;
unsigned char *p;
RC4_KEY key;
unsigned char obuf[512];
+# if !defined(OPENSSL_PIC)
+ void OPENSSL_cpuid_setup(void);
+
+ OPENSSL_cpuid_setup();
+# endif
+
for (i = 0; i < 6; i++) {
RC4_set_key(&key, keys[i][0], &(keys[i][1]));
memset(obuf, 0x00, sizeof(obuf));
@@ -128,12 +134,12 @@
if (memcmp(obuf, output[i], data_len[i] + 1) != 0) {
printf("error calculating RC4\n");
printf("output:");
- for (j = 0; j < data_len[i] + 1U; j++)
+ for (j = 0; j < data_len[i] + 1; j++)
printf(" %02x", obuf[j]);
printf("\n");
printf("expect:");
p = &(output[i][0]);
- for (j = 0; j < data_len[i] + 1U; j++)
+ for (j = 0; j < data_len[i] + 1; j++)
printf(" %02x", *(p++));
printf("\n");
err++;
@@ -172,12 +178,12 @@
if (memcmp(obuf, output[3], data_len[3] + 1) != 0) {
printf("error in RC4 multi-call processing\n");
printf("output:");
- for (j = 0; j < data_len[3] + 1U; j++)
+ for (j = 0; j < data_len[3] + 1; j++)
printf(" %02x", obuf[j]);
printf("\n");
printf("expect:");
p = &(output[3][0]);
- for (j = 0; j < data_len[3] + 1U; j++)
+ for (j = 0; j < data_len[3] + 1; j++)
printf(" %02x", *(p++));
err++;
} else {
@@ -208,11 +214,11 @@
if (memcmp(md, expected, sizeof(md))) {
printf("error in RC4 bulk test\n");
printf("output:");
- for (j = 0; j < sizeof(md); j++)
+ for (j = 0; j < (int)sizeof(md); j++)
printf(" %02x", md[j]);
printf("\n");
printf("expect:");
- for (j = 0; j < sizeof(md); j++)
+ for (j = 0; j < (int)sizeof(md); j++)
printf(" %02x", expected[j]);
printf("\n");
err++;
Modified: trunk/crypto/openssl/crypto/rc5/Makefile
===================================================================
--- trunk/crypto/openssl/crypto/rc5/Makefile 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/rc5/Makefile 2015-07-21 23:23:45 UTC (rev 7118)
@@ -12,8 +12,6 @@
AR= ar r
RC5_ENC= rc5_enc.o
-# or use
-#DES_ENC= r586-elf.o
CFLAGS= $(INCLUDES) $(CFLAG)
ASFLAGS= $(INCLUDES) $(ASFLAG)
@@ -40,19 +38,12 @@
all: lib
lib: $(LIBOBJ)
- $(ARX) $(LIB) $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
-# ELF
-r586-elf.s: asm/rc5-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
- (cd asm; $(PERL) rc5-586.pl elf $(CFLAGS) > ../$@)
-# COFF
-r586-cof.s: asm/rc5-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
- (cd asm; $(PERL) rc5-586.pl coff $(CFLAGS) > ../$@)
-# a.out
-r586-out.s: asm/rc5-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
- (cd asm; $(PERL) rc5-586.pl a.out $(CFLAGS) > ../$@)
+rc5-586.s: asm/rc5-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
+ $(PERL) asm/rc5-586.pl $(PERLASM_SCHEME) $(CFLAGS) > $@
files:
$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
@@ -78,6 +69,8 @@
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
+update: depend
+
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
Modified: trunk/crypto/openssl/crypto/rc5/asm/rc5-586.pl
===================================================================
--- trunk/crypto/openssl/crypto/rc5/asm/rc5-586.pl 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/rc5/asm/rc5-586.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,6 +1,7 @@
#!/usr/local/bin/perl
-push(@INC,"perlasm","../../perlasm");
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
require "x86asm.pl";
require "cbc.pl";
Modified: trunk/crypto/openssl/crypto/rc5/rc5.h
===================================================================
--- trunk/crypto/openssl/crypto/rc5/rc5.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/rc5/rc5.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -92,10 +92,6 @@
RC5_32_INT data[2 * (RC5_16_ROUNDS + 1)];
} RC5_32_KEY;
-# ifdef OPENSSL_FIPS
-void private_RC5_32_set_key(RC5_32_KEY *key, int len,
- const unsigned char *data, int rounds);
-# endif
void RC5_32_set_key(RC5_32_KEY *key, int len, const unsigned char *data,
int rounds);
void RC5_32_ecb_encrypt(const unsigned char *in, unsigned char *out,
Modified: trunk/crypto/openssl/crypto/rc5/rc5_locl.h
===================================================================
--- trunk/crypto/openssl/crypto/rc5/rc5_locl.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/rc5/rc5_locl.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -154,7 +154,7 @@
# define ROTATE_l32(a,n) ({ register unsigned int ret; \
asm ("roll %%cl,%0" \
: "=r"(ret) \
- : "c"(n),"0"(a) \
+ : "c"(n),"0"((unsigned int)(a)) \
: "cc"); \
ret; \
})
@@ -161,7 +161,7 @@
# define ROTATE_r32(a,n) ({ register unsigned int ret; \
asm ("rorl %%cl,%0" \
: "=r"(ret) \
- : "c"(n),"0"(a) \
+ : "c"(n),"0"((unsigned int)(a)) \
: "cc"); \
ret; \
})
Modified: trunk/crypto/openssl/crypto/rc5/rc5_skey.c
===================================================================
--- trunk/crypto/openssl/crypto/rc5/rc5_skey.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/rc5/rc5_skey.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -56,30 +56,12 @@
* [including the GNU Public Licence.]
*/
-#include <openssl/crypto.h>
#include <openssl/rc5.h>
-#ifdef OPENSSL_FIPS
-# include <openssl/fips.h>
-#endif
-
#include "rc5_locl.h"
-#ifdef OPENSSL_FIPS
void RC5_32_set_key(RC5_32_KEY *key, int len, const unsigned char *data,
int rounds)
{
- if (FIPS_mode())
- FIPS_BAD_ABORT(RC5)
- private_RC5_32_set_key(key, len, data, rounds);
-}
-
-void private_RC5_32_set_key(RC5_32_KEY *key, int len,
- const unsigned char *data, int rounds)
-#else
-void RC5_32_set_key(RC5_32_KEY *key, int len, const unsigned char *data,
- int rounds)
-#endif
-{
RC5_32_INT L[64], l, ll, A, B, *S, k;
int i, j, m, c, t, ii, jj;
Modified: trunk/crypto/openssl/crypto/ripemd/Makefile
===================================================================
--- trunk/crypto/openssl/crypto/ripemd/Makefile 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/ripemd/Makefile 2015-07-21 23:23:45 UTC (rev 7118)
@@ -38,19 +38,12 @@
all: lib
lib: $(LIBOBJ)
- $(ARX) $(LIB) $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
-# ELF
-rm86-elf.s: asm/rmd-586.pl ../perlasm/x86asm.pl
- (cd asm; $(PERL) rmd-586.pl elf $(CFLAGS) > ../$@)
-# COFF
-rm86-cof.s: asm/rmd-586.pl ../perlasm/x86asm.pl
- (cd asm; $(PERL) rmd-586.pl coff $(CFLAGS) > ../$@)
-# a.out
-rm86-out.s: asm/rmd-586.pl ../perlasm/x86asm.pl
- (cd asm; $(PERL) rmd-586.pl a.out $(CFLAGS) > ../$@)
+rmd-586.s: asm/rmd-586.pl ../perlasm/x86asm.pl
+ $(PERL) asm/rmd-586.pl $(PERLASM_SCHEME) $(CFLAGS) > $@
files:
$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
@@ -76,6 +69,8 @@
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
+update: depend
+
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
@@ -89,9 +84,7 @@
# DO NOT DELETE THIS LINE -- make depend depends on it.
-rmd_dgst.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
-rmd_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-rmd_dgst.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
+rmd_dgst.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
rmd_dgst.o: ../../include/openssl/opensslconf.h
rmd_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
rmd_dgst.o: ../../include/openssl/ripemd.h ../../include/openssl/safestack.h
Modified: trunk/crypto/openssl/crypto/ripemd/asm/rmd-586.pl
===================================================================
--- trunk/crypto/openssl/crypto/ripemd/asm/rmd-586.pl 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/ripemd/asm/rmd-586.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -5,7 +5,8 @@
$normal=0;
-push(@INC,"perlasm","../../perlasm");
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
require "x86asm.pl";
&asm_init($ARGV[0],$0);
Modified: trunk/crypto/openssl/crypto/ripemd/ripemd.h
===================================================================
--- trunk/crypto/openssl/crypto/ripemd/ripemd.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/ripemd/ripemd.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -70,7 +70,7 @@
# error RIPEMD is disabled.
# endif
-# if defined(OPENSSL_SYS_WIN16) || defined(__LP32__)
+# if defined(__LP32__)
# define RIPEMD160_LONG unsigned long
# elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__)
# define RIPEMD160_LONG unsigned long
@@ -89,6 +89,7 @@
RIPEMD160_LONG data[RIPEMD160_LBLOCK];
unsigned int num;
} RIPEMD160_CTX;
+
# ifdef OPENSSL_FIPS
int private_RIPEMD160_Init(RIPEMD160_CTX *c);
# endif
Modified: trunk/crypto/openssl/crypto/ripemd/rmd_dgst.c
===================================================================
--- trunk/crypto/openssl/crypto/ripemd/rmd_dgst.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/ripemd/rmd_dgst.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -59,10 +59,7 @@
#include <stdio.h>
#include "rmd_locl.h"
#include <openssl/opensslv.h>
-#include <openssl/err.h>
-#ifdef OPENSSL_FIPS
-# include <openssl/fips.h>
-#endif
+#include <openssl/crypto.h>
const char RMD160_version[] = "RIPE-MD160" OPENSSL_VERSION_PTEXT;
@@ -73,16 +70,14 @@
void ripemd160_block(RIPEMD160_CTX *c, unsigned long *p, size_t num);
#endif
-FIPS_NON_FIPS_MD_Init(RIPEMD160)
+fips_md_init(RIPEMD160)
{
+ memset(c, 0, sizeof(*c));
c->A = RIPEMD160_A;
c->B = RIPEMD160_B;
c->C = RIPEMD160_C;
c->D = RIPEMD160_D;
c->E = RIPEMD160_E;
- c->Nl = 0;
- c->Nh = 0;
- c->num = 0;
return 1;
}
@@ -113,51 +108,51 @@
D = ctx->D;
E = ctx->E;
- HOST_c2l(data, l);
+ (void)HOST_c2l(data, l);
X(0) = l;
- HOST_c2l(data, l);
+ (void)HOST_c2l(data, l);
X(1) = l;
RIP1(A, B, C, D, E, WL00, SL00);
- HOST_c2l(data, l);
+ (void)HOST_c2l(data, l);
X(2) = l;
RIP1(E, A, B, C, D, WL01, SL01);
- HOST_c2l(data, l);
+ (void)HOST_c2l(data, l);
X(3) = l;
RIP1(D, E, A, B, C, WL02, SL02);
- HOST_c2l(data, l);
+ (void)HOST_c2l(data, l);
X(4) = l;
RIP1(C, D, E, A, B, WL03, SL03);
- HOST_c2l(data, l);
+ (void)HOST_c2l(data, l);
X(5) = l;
RIP1(B, C, D, E, A, WL04, SL04);
- HOST_c2l(data, l);
+ (void)HOST_c2l(data, l);
X(6) = l;
RIP1(A, B, C, D, E, WL05, SL05);
- HOST_c2l(data, l);
+ (void)HOST_c2l(data, l);
X(7) = l;
RIP1(E, A, B, C, D, WL06, SL06);
- HOST_c2l(data, l);
+ (void)HOST_c2l(data, l);
X(8) = l;
RIP1(D, E, A, B, C, WL07, SL07);
- HOST_c2l(data, l);
+ (void)HOST_c2l(data, l);
X(9) = l;
RIP1(C, D, E, A, B, WL08, SL08);
- HOST_c2l(data, l);
+ (void)HOST_c2l(data, l);
X(10) = l;
RIP1(B, C, D, E, A, WL09, SL09);
- HOST_c2l(data, l);
+ (void)HOST_c2l(data, l);
X(11) = l;
RIP1(A, B, C, D, E, WL10, SL10);
- HOST_c2l(data, l);
+ (void)HOST_c2l(data, l);
X(12) = l;
RIP1(E, A, B, C, D, WL11, SL11);
- HOST_c2l(data, l);
+ (void)HOST_c2l(data, l);
X(13) = l;
RIP1(D, E, A, B, C, WL12, SL12);
- HOST_c2l(data, l);
+ (void)HOST_c2l(data, l);
X(14) = l;
RIP1(C, D, E, A, B, WL13, SL13);
- HOST_c2l(data, l);
+ (void)HOST_c2l(data, l);
X(15) = l;
RIP1(B, C, D, E, A, WL14, SL14);
RIP1(A, B, C, D, E, WL15, SL15);
Modified: trunk/crypto/openssl/crypto/ripemd/rmd_locl.h
===================================================================
--- trunk/crypto/openssl/crypto/ripemd/rmd_locl.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/ripemd/rmd_locl.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -72,7 +72,7 @@
*/
#ifdef RMD160_ASM
# if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__)
-# define ripemd160_block_host_order ripemd160_block_asm_data_order
+# define ripemd160_block_data_order ripemd160_block_asm_data_order
# endif
#endif
@@ -88,11 +88,11 @@
#define HASH_FINAL RIPEMD160_Final
#define HASH_MAKE_STRING(c,s) do { \
unsigned long ll; \
- ll=(c)->A; HOST_l2c(ll,(s)); \
- ll=(c)->B; HOST_l2c(ll,(s)); \
- ll=(c)->C; HOST_l2c(ll,(s)); \
- ll=(c)->D; HOST_l2c(ll,(s)); \
- ll=(c)->E; HOST_l2c(ll,(s)); \
+ ll=(c)->A; (void)HOST_l2c(ll,(s)); \
+ ll=(c)->B; (void)HOST_l2c(ll,(s)); \
+ ll=(c)->C; (void)HOST_l2c(ll,(s)); \
+ ll=(c)->D; (void)HOST_l2c(ll,(s)); \
+ ll=(c)->E; (void)HOST_l2c(ll,(s)); \
} while (0)
#define HASH_BLOCK_DATA_ORDER ripemd160_block_data_order
Modified: trunk/crypto/openssl/crypto/rsa/Makefile
===================================================================
--- trunk/crypto/openssl/crypto/rsa/Makefile 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/rsa/Makefile 2015-07-21 23:23:45 UTC (rev 7118)
@@ -19,10 +19,12 @@
LIB=$(TOP)/libcrypto.a
LIBSRC= rsa_eay.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c \
rsa_pk1.c rsa_ssl.c rsa_none.c rsa_oaep.c rsa_chk.c rsa_null.c \
- rsa_pss.c rsa_x931.c rsa_x931g.c rsa_asn1.c rsa_depr.c rsa_eng.c
+ rsa_pss.c rsa_x931.c rsa_asn1.c rsa_depr.c rsa_ameth.c rsa_prn.c \
+ rsa_pmeth.c rsa_crpt.c
LIBOBJ= rsa_eay.o rsa_gen.o rsa_lib.o rsa_sign.o rsa_saos.o rsa_err.o \
rsa_pk1.o rsa_ssl.o rsa_none.o rsa_oaep.o rsa_chk.o rsa_null.o \
- rsa_pss.o rsa_x931.o rsa_x931g.o rsa_asn1.o rsa_depr.o rsa_eng.o
+ rsa_pss.o rsa_x931.o rsa_asn1.o rsa_depr.o rsa_ameth.o rsa_prn.o \
+ rsa_pmeth.o rsa_crpt.o
SRC= $(LIBSRC)
@@ -37,7 +39,7 @@
all: lib
lib: $(LIBOBJ)
- $(ARX) $(LIB) $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
@@ -65,6 +67,8 @@
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
+update: depend
+
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
@@ -78,15 +82,36 @@
# DO NOT DELETE THIS LINE -- make depend depends on it.
+rsa_ameth.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_ameth.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+rsa_ameth.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+rsa_ameth.o: ../../include/openssl/cms.h ../../include/openssl/crypto.h
+rsa_ameth.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+rsa_ameth.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+rsa_ameth.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+rsa_ameth.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+rsa_ameth.o: ../../include/openssl/objects.h
+rsa_ameth.o: ../../include/openssl/opensslconf.h
+rsa_ameth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_ameth.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+rsa_ameth.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+rsa_ameth.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rsa_ameth.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+rsa_ameth.o: ../asn1/asn1_locl.h ../cryptlib.h rsa_ameth.c
rsa_asn1.o: ../../e_os.h ../../include/openssl/asn1.h
rsa_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
rsa_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
rsa_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-rsa_asn1.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+rsa_asn1.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+rsa_asn1.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
+rsa_asn1.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+rsa_asn1.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
rsa_asn1.o: ../../include/openssl/opensslconf.h
rsa_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-rsa_asn1.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+rsa_asn1.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+rsa_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
rsa_asn1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rsa_asn1.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
rsa_asn1.o: ../cryptlib.h rsa_asn1.c
rsa_chk.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
rsa_chk.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
@@ -96,6 +121,21 @@
rsa_chk.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
rsa_chk.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
rsa_chk.o: rsa_chk.c
+rsa_crpt.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_crpt.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+rsa_crpt.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rsa_crpt.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+rsa_crpt.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+rsa_crpt.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+rsa_crpt.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+rsa_crpt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+rsa_crpt.o: ../../include/openssl/opensslconf.h
+rsa_crpt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_crpt.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+rsa_crpt.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+rsa_crpt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+rsa_crpt.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+rsa_crpt.o: ../../include/openssl/x509_vfy.h ../cryptlib.h rsa_crpt.c
rsa_depr.o: ../../e_os.h ../../include/openssl/asn1.h
rsa_depr.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
rsa_depr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
@@ -114,21 +154,6 @@
rsa_eay.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
rsa_eay.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
rsa_eay.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_eay.c
-rsa_eng.o: ../../e_os.h ../../include/openssl/asn1.h
-rsa_eng.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-rsa_eng.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-rsa_eng.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-rsa_eng.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-rsa_eng.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-rsa_eng.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-rsa_eng.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-rsa_eng.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-rsa_eng.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-rsa_eng.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-rsa_eng.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-rsa_eng.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-rsa_eng.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-rsa_eng.o: ../../include/openssl/x509_vfy.h ../cryptlib.h rsa_eng.c
rsa_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
rsa_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
rsa_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
@@ -151,15 +176,15 @@
rsa_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
rsa_lib.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
rsa_lib.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-rsa_lib.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-rsa_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-rsa_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-rsa_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-rsa_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-rsa_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-rsa_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-rsa_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-rsa_lib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h rsa_lib.c
+rsa_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+rsa_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+rsa_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+rsa_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+rsa_lib.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+rsa_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+rsa_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rsa_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+rsa_lib.o: ../cryptlib.h rsa_lib.c
rsa_none.o: ../../e_os.h ../../include/openssl/asn1.h
rsa_none.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
rsa_none.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
@@ -182,9 +207,9 @@
rsa_oaep.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
rsa_oaep.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
rsa_oaep.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-rsa_oaep.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-rsa_oaep.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-rsa_oaep.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+rsa_oaep.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+rsa_oaep.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+rsa_oaep.o: ../../include/openssl/opensslconf.h
rsa_oaep.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
rsa_oaep.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
rsa_oaep.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
@@ -200,18 +225,43 @@
rsa_pk1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
rsa_pk1.o: ../../include/openssl/symhacks.h ../constant_time_locl.h
rsa_pk1.o: ../cryptlib.h rsa_pk1.c
+rsa_pmeth.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_pmeth.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+rsa_pmeth.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+rsa_pmeth.o: ../../include/openssl/cms.h ../../include/openssl/crypto.h
+rsa_pmeth.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+rsa_pmeth.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+rsa_pmeth.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+rsa_pmeth.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+rsa_pmeth.o: ../../include/openssl/objects.h
+rsa_pmeth.o: ../../include/openssl/opensslconf.h
+rsa_pmeth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_pmeth.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+rsa_pmeth.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+rsa_pmeth.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rsa_pmeth.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+rsa_pmeth.o: ../cryptlib.h ../evp/evp_locl.h rsa_locl.h rsa_pmeth.c
+rsa_prn.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_prn.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+rsa_prn.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+rsa_prn.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+rsa_prn.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+rsa_prn.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+rsa_prn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_prn.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+rsa_prn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rsa_prn.o: ../cryptlib.h rsa_prn.c
rsa_pss.o: ../../e_os.h ../../include/openssl/asn1.h
rsa_pss.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
rsa_pss.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
rsa_pss.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-rsa_pss.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-rsa_pss.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-rsa_pss.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-rsa_pss.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-rsa_pss.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
-rsa_pss.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-rsa_pss.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-rsa_pss.o: ../cryptlib.h rsa_pss.c
+rsa_pss.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+rsa_pss.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+rsa_pss.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+rsa_pss.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+rsa_pss.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+rsa_pss.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+rsa_pss.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_pss.c
rsa_saos.o: ../../e_os.h ../../include/openssl/asn1.h
rsa_saos.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
rsa_saos.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
@@ -218,9 +268,8 @@
rsa_saos.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
rsa_saos.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
rsa_saos.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-rsa_saos.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-rsa_saos.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-rsa_saos.o: ../../include/openssl/opensslconf.h
+rsa_saos.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+rsa_saos.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
rsa_saos.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
rsa_saos.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
rsa_saos.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
@@ -233,15 +282,14 @@
rsa_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
rsa_sign.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
rsa_sign.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-rsa_sign.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-rsa_sign.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-rsa_sign.o: ../../include/openssl/opensslconf.h
+rsa_sign.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+rsa_sign.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
rsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
rsa_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
rsa_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
rsa_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
rsa_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-rsa_sign.o: ../cryptlib.h rsa_sign.c
+rsa_sign.o: ../cryptlib.h rsa_locl.h rsa_sign.c
rsa_ssl.o: ../../e_os.h ../../include/openssl/asn1.h
rsa_ssl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
rsa_ssl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
@@ -261,11 +309,3 @@
rsa_x931.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
rsa_x931.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
rsa_x931.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_x931.c
-rsa_x931g.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-rsa_x931g.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
-rsa_x931g.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-rsa_x931g.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-rsa_x931g.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-rsa_x931g.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-rsa_x931g.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-rsa_x931g.o: rsa_x931g.c
Modified: trunk/crypto/openssl/crypto/rsa/rsa.h
===================================================================
--- trunk/crypto/openssl/crypto/rsa/rsa.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/rsa/rsa.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -74,27 +74,6 @@
# error RSA is disabled.
# endif
-/*
- * If this flag is set the RSA method is FIPS compliant and can be used in
- * FIPS mode. This is set in the validated module method. If an application
- * sets this flag in its own methods it is its reposibility to ensure the
- * result is compliant.
- */
-
-# define RSA_FLAG_FIPS_METHOD 0x0400
-
-/*
- * If this flag is set the operations normally disabled in FIPS mode are
- * permitted it is then the applications responsibility to ensure that the
- * usage is compliant.
- */
-
-# define RSA_FLAG_NON_FIPS_ALLOW 0x0400
-
-# ifdef OPENSSL_FIPS
-# define FIPS_RSA_SIZE_T int
-# endif
-
#ifdef __cplusplus
extern "C" {
#endif
@@ -139,7 +118,7 @@
unsigned char *sigret, unsigned int *siglen,
const RSA *rsa);
int (*rsa_verify) (int dtype, const unsigned char *m,
- unsigned int m_length, unsigned char *sigbuf,
+ unsigned int m_length, const unsigned char *sigbuf,
unsigned int siglen, const RSA *rsa);
/*
* If this callback is NULL, the builtin software RSA key-gen will be
@@ -189,8 +168,6 @@
# define OPENSSL_RSA_MAX_MODULUS_BITS 16384
# endif
-# define OPENSSL_RSA_FIPS_MIN_MODULUS_BITS 1024
-
# ifndef OPENSSL_RSA_SMALL_MODULUS_BITS
# define OPENSSL_RSA_SMALL_MODULUS_BITS 3072
# endif
@@ -256,11 +233,60 @@
# define RSA_FLAG_NO_EXP_CONSTTIME RSA_FLAG_NO_CONSTTIME
# endif
+# define EVP_PKEY_CTX_set_rsa_padding(ctx, pad) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, EVP_PKEY_CTRL_RSA_PADDING, \
+ pad, NULL)
+
+# define EVP_PKEY_CTX_get_rsa_padding(ctx, ppad) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, \
+ EVP_PKEY_CTRL_GET_RSA_PADDING, 0, ppad)
+
+# define EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx, len) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, \
+ (EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), \
+ EVP_PKEY_CTRL_RSA_PSS_SALTLEN, \
+ len, NULL)
+
+# define EVP_PKEY_CTX_get_rsa_pss_saltlen(ctx, plen) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, \
+ (EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), \
+ EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN, \
+ 0, plen)
+
+# define EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, bits) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_KEYGEN, \
+ EVP_PKEY_CTRL_RSA_KEYGEN_BITS, bits, NULL)
+
+# define EVP_PKEY_CTX_set_rsa_keygen_pubexp(ctx, pubexp) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_KEYGEN, \
+ EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP, 0, pubexp)
+
+# define EVP_PKEY_CTX_set_rsa_mgf1_md(ctx, md) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_SIG, \
+ EVP_PKEY_CTRL_RSA_MGF1_MD, 0, (void *)md)
+
+# define EVP_PKEY_CTX_get_rsa_mgf1_md(ctx, pmd) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_SIG, \
+ EVP_PKEY_CTRL_GET_RSA_MGF1_MD, 0, (void *)pmd)
+
+# define EVP_PKEY_CTRL_RSA_PADDING (EVP_PKEY_ALG_CTRL + 1)
+# define EVP_PKEY_CTRL_RSA_PSS_SALTLEN (EVP_PKEY_ALG_CTRL + 2)
+
+# define EVP_PKEY_CTRL_RSA_KEYGEN_BITS (EVP_PKEY_ALG_CTRL + 3)
+# define EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP (EVP_PKEY_ALG_CTRL + 4)
+# define EVP_PKEY_CTRL_RSA_MGF1_MD (EVP_PKEY_ALG_CTRL + 5)
+
+# define EVP_PKEY_CTRL_GET_RSA_PADDING (EVP_PKEY_ALG_CTRL + 6)
+# define EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN (EVP_PKEY_ALG_CTRL + 7)
+# define EVP_PKEY_CTRL_GET_RSA_MGF1_MD (EVP_PKEY_ALG_CTRL + 8)
+
# define RSA_PKCS1_PADDING 1
# define RSA_SSLV23_PADDING 2
# define RSA_NO_PADDING 3
# define RSA_PKCS1_OAEP_PADDING 4
# define RSA_X931_PADDING 5
+/* EVP_PKEY_ only */
+# define RSA_PKCS1_PSS_PADDING 6
# define RSA_PKCS1_PADDING_SIZE 11
@@ -269,7 +295,7 @@
RSA *RSA_new(void);
RSA *RSA_new_method(ENGINE *engine);
-int RSA_size(const RSA *);
+int RSA_size(const RSA *rsa);
/* Deprecated version */
# ifndef OPENSSL_NO_DEPRECATED
@@ -279,12 +305,6 @@
/* New version */
int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
-int RSA_X931_derive_ex(RSA *rsa, BIGNUM *p1, BIGNUM *p2, BIGNUM *q1,
- BIGNUM *q2, const BIGNUM *Xp1, const BIGNUM *Xp2,
- const BIGNUM *Xp, const BIGNUM *Xq1, const BIGNUM *Xq2,
- const BIGNUM *Xq, const BIGNUM *e, BN_GENCB *cb);
-int RSA_X931_generate_key_ex(RSA *rsa, int bits, const BIGNUM *e,
- BN_GENCB *cb);
int RSA_check_key(const RSA *);
/* next 4 return -1 on error */
@@ -302,11 +322,6 @@
int RSA_flags(const RSA *r);
-# ifdef OPENSSL_FIPS
-RSA *FIPS_rsa_new(void);
-void FIPS_rsa_free(RSA *r);
-# endif
-
void RSA_set_default_method(const RSA_METHOD *meth);
const RSA_METHOD *RSA_get_default_method(void);
const RSA_METHOD *RSA_get_method(const RSA *rsa);
@@ -323,6 +338,15 @@
DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPublicKey)
DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPrivateKey)
+typedef struct rsa_pss_params_st {
+ X509_ALGOR *hashAlgorithm;
+ X509_ALGOR *maskGenAlgorithm;
+ ASN1_INTEGER *saltLength;
+ ASN1_INTEGER *trailerField;
+} RSA_PSS_PARAMS;
+
+DECLARE_ASN1_FUNCTIONS(RSA_PSS_PARAMS)
+
# ifndef OPENSSL_NO_FP_API
int RSA_print_fp(FILE *fp, const RSA *r, int offset);
# endif
@@ -354,7 +378,7 @@
int RSA_sign(int type, const unsigned char *m, unsigned int m_length,
unsigned char *sigret, unsigned int *siglen, RSA *rsa);
int RSA_verify(int type, const unsigned char *m, unsigned int m_length,
- unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
+ const unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
/*
* The following 2 function sign and verify a ASN1_OCTET_STRING object inside
@@ -411,6 +435,15 @@
const unsigned char *mHash, const EVP_MD *Hash,
int sLen);
+int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash,
+ const EVP_MD *Hash, const EVP_MD *mgf1Hash,
+ const unsigned char *EM, int sLen);
+
+int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM,
+ const unsigned char *mHash,
+ const EVP_MD *Hash, const EVP_MD *mgf1Hash,
+ int sLen);
+
int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
int RSA_set_ex_data(RSA *r, int idx, void *arg);
@@ -419,6 +452,28 @@
RSA *RSAPublicKey_dup(RSA *rsa);
RSA *RSAPrivateKey_dup(RSA *rsa);
+/*
+ * If this flag is set the RSA method is FIPS compliant and can be used in
+ * FIPS mode. This is set in the validated module method. If an application
+ * sets this flag in its own methods it is its responsibility to ensure the
+ * result is compliant.
+ */
+
+# define RSA_FLAG_FIPS_METHOD 0x0400
+
+/*
+ * If this flag is set the operations normally disabled in FIPS mode are
+ * permitted it is then the applications responsibility to ensure that the
+ * usage is compliant.
+ */
+
+# define RSA_FLAG_NON_FIPS_ALLOW 0x0400
+/*
+ * Application has decided PRNG is good enough to generate a key: don't
+ * check.
+ */
+# define RSA_FLAG_CHECKED 0x0800
+
/* BEGIN ERROR CODES */
/*
* The following lines are auto generated by the script mkerr.pl. Any changes
@@ -429,9 +484,16 @@
/* Error codes for the RSA functions. */
/* Function codes. */
-# define RSA_F_FIPS_RSA_SIGN 140
-# define RSA_F_FIPS_RSA_VERIFY 141
+# define RSA_F_CHECK_PADDING_MD 140
+# define RSA_F_DO_RSA_PRINT 146
+# define RSA_F_INT_RSA_VERIFY 145
# define RSA_F_MEMORY_LOCK 100
+# define RSA_F_OLD_RSA_PRIV_DECODE 147
+# define RSA_F_PKEY_RSA_CTRL 143
+# define RSA_F_PKEY_RSA_CTRL_STR 144
+# define RSA_F_PKEY_RSA_SIGN 142
+# define RSA_F_PKEY_RSA_VERIFY 154
+# define RSA_F_PKEY_RSA_VERIFYRECOVER 141
# define RSA_F_RSA_BUILTIN_KEYGEN 129
# define RSA_F_RSA_CHECK_KEY 123
# define RSA_F_RSA_EAY_PRIVATE_DECRYPT 101
@@ -439,6 +501,8 @@
# define RSA_F_RSA_EAY_PUBLIC_DECRYPT 103
# define RSA_F_RSA_EAY_PUBLIC_ENCRYPT 104
# define RSA_F_RSA_GENERATE_KEY 105
+# define RSA_F_RSA_GENERATE_KEY_EX 155
+# define RSA_F_RSA_ITEM_VERIFY 156
# define RSA_F_RSA_MEMORY_LOCK 130
# define RSA_F_RSA_NEW_METHOD 106
# define RSA_F_RSA_NULL 124
@@ -450,6 +514,7 @@
# define RSA_F_RSA_PADDING_ADD_NONE 107
# define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP 121
# define RSA_F_RSA_PADDING_ADD_PKCS1_PSS 125
+# define RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1 148
# define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1 108
# define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2 109
# define RSA_F_RSA_PADDING_ADD_SSLV23 110
@@ -462,16 +527,20 @@
# define RSA_F_RSA_PADDING_CHECK_X931 128
# define RSA_F_RSA_PRINT 115
# define RSA_F_RSA_PRINT_FP 116
-# define RSA_F_RSA_PRIVATE_ENCRYPT 137
-# define RSA_F_RSA_PUBLIC_DECRYPT 138
+# define RSA_F_RSA_PRIVATE_DECRYPT 150
+# define RSA_F_RSA_PRIVATE_ENCRYPT 151
+# define RSA_F_RSA_PRIV_DECODE 137
+# define RSA_F_RSA_PRIV_ENCODE 138
+# define RSA_F_RSA_PUBLIC_DECRYPT 152
+# define RSA_F_RSA_PUBLIC_ENCRYPT 153
+# define RSA_F_RSA_PUB_DECODE 139
# define RSA_F_RSA_SETUP_BLINDING 136
-# define RSA_F_RSA_SET_DEFAULT_METHOD 139
-# define RSA_F_RSA_SET_METHOD 142
# define RSA_F_RSA_SIGN 117
# define RSA_F_RSA_SIGN_ASN1_OCTET_STRING 118
# define RSA_F_RSA_VERIFY 119
# define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING 120
# define RSA_F_RSA_VERIFY_PKCS1_PSS 126
+# define RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1 149
/* Reason codes. */
# define RSA_R_ALGORITHM_MISMATCH 100
@@ -492,20 +561,30 @@
# define RSA_R_DMQ1_NOT_CONGRUENT_TO_D 125
# define RSA_R_D_E_NOT_CONGRUENT_TO_1 123
# define RSA_R_FIRST_OCTET_INVALID 133
+# define RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE 144
+# define RSA_R_INVALID_DIGEST_LENGTH 143
# define RSA_R_INVALID_HEADER 137
+# define RSA_R_INVALID_KEYBITS 145
# define RSA_R_INVALID_MESSAGE_LENGTH 131
+# define RSA_R_INVALID_MGF1_MD 156
# define RSA_R_INVALID_PADDING 138
+# define RSA_R_INVALID_PADDING_MODE 141
+# define RSA_R_INVALID_PSS_PARAMETERS 149
+# define RSA_R_INVALID_PSS_SALTLEN 146
+# define RSA_R_INVALID_SALT_LENGTH 150
# define RSA_R_INVALID_TRAILER 139
+# define RSA_R_INVALID_X931_DIGEST 142
# define RSA_R_IQMP_NOT_INVERSE_OF_Q 126
# define RSA_R_KEY_SIZE_TOO_SMALL 120
# define RSA_R_LAST_OCTET_INVALID 134
# define RSA_R_MODULUS_TOO_LARGE 105
-# define RSA_R_NON_FIPS_METHOD 141
+# define RSA_R_NON_FIPS_RSA_METHOD 157
# define RSA_R_NO_PUBLIC_EXPONENT 140
# define RSA_R_NULL_BEFORE_BLOCK_MISSING 113
# define RSA_R_N_DOES_NOT_EQUAL_P_Q 127
# define RSA_R_OAEP_DECODING_ERROR 121
-# define RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE 142
+# define RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE 158
+# define RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 148
# define RSA_R_PADDING_CHECK_FAILED 114
# define RSA_R_PKCS_DECODING_ERROR 159
# define RSA_R_P_NOT_PRIME 128
@@ -516,7 +595,13 @@
# define RSA_R_SSLV3_ROLLBACK_ATTACK 115
# define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 116
# define RSA_R_UNKNOWN_ALGORITHM_TYPE 117
+# define RSA_R_UNKNOWN_MASK_DIGEST 151
# define RSA_R_UNKNOWN_PADDING_TYPE 118
+# define RSA_R_UNKNOWN_PSS_DIGEST 152
+# define RSA_R_UNSUPPORTED_MASK_ALGORITHM 153
+# define RSA_R_UNSUPPORTED_MASK_PARAMETER 154
+# define RSA_R_UNSUPPORTED_SIGNATURE_TYPE 155
+# define RSA_R_VALUE_MISSING 147
# define RSA_R_WRONG_SIGNATURE_LENGTH 119
#ifdef __cplusplus
Copied: trunk/crypto/openssl/crypto/rsa/rsa_ameth.c (from rev 7117, vendor-crypto/openssl/dist/crypto/rsa/rsa_ameth.c)
===================================================================
--- trunk/crypto/openssl/crypto/rsa/rsa_ameth.c (rev 0)
+++ trunk/crypto/openssl/crypto/rsa/rsa_ameth.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,649 @@
+/* crypto/rsa/rsa_ameth.c */
+/*
+ * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+ * 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/x509.h>
+#include <openssl/rsa.h>
+#include <openssl/bn.h>
+#ifndef OPENSSL_NO_CMS
+# include <openssl/cms.h>
+#endif
+#include "asn1_locl.h"
+
+static int rsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
+{
+ unsigned char *penc = NULL;
+ int penclen;
+ penclen = i2d_RSAPublicKey(pkey->pkey.rsa, &penc);
+ if (penclen <= 0)
+ return 0;
+ if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_RSA),
+ V_ASN1_NULL, NULL, penc, penclen))
+ return 1;
+
+ OPENSSL_free(penc);
+ return 0;
+}
+
+static int rsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
+{
+ const unsigned char *p;
+ int pklen;
+ RSA *rsa = NULL;
+ if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, NULL, pubkey))
+ return 0;
+ if (!(rsa = d2i_RSAPublicKey(NULL, &p, pklen))) {
+ RSAerr(RSA_F_RSA_PUB_DECODE, ERR_R_RSA_LIB);
+ return 0;
+ }
+ EVP_PKEY_assign_RSA(pkey, rsa);
+ return 1;
+}
+
+static int rsa_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
+{
+ if (BN_cmp(b->pkey.rsa->n, a->pkey.rsa->n) != 0
+ || BN_cmp(b->pkey.rsa->e, a->pkey.rsa->e) != 0)
+ return 0;
+ return 1;
+}
+
+static int old_rsa_priv_decode(EVP_PKEY *pkey,
+ const unsigned char **pder, int derlen)
+{
+ RSA *rsa;
+ if (!(rsa = d2i_RSAPrivateKey(NULL, pder, derlen))) {
+ RSAerr(RSA_F_OLD_RSA_PRIV_DECODE, ERR_R_RSA_LIB);
+ return 0;
+ }
+ EVP_PKEY_assign_RSA(pkey, rsa);
+ return 1;
+}
+
+static int old_rsa_priv_encode(const EVP_PKEY *pkey, unsigned char **pder)
+{
+ return i2d_RSAPrivateKey(pkey->pkey.rsa, pder);
+}
+
+static int rsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
+{
+ unsigned char *rk = NULL;
+ int rklen;
+ rklen = i2d_RSAPrivateKey(pkey->pkey.rsa, &rk);
+
+ if (rklen <= 0) {
+ RSAerr(RSA_F_RSA_PRIV_ENCODE, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+
+ if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_rsaEncryption), 0,
+ V_ASN1_NULL, NULL, rk, rklen)) {
+ RSAerr(RSA_F_RSA_PRIV_ENCODE, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+
+ return 1;
+}
+
+static int rsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
+{
+ const unsigned char *p;
+ int pklen;
+ if (!PKCS8_pkey_get0(NULL, &p, &pklen, NULL, p8))
+ return 0;
+ return old_rsa_priv_decode(pkey, &p, pklen);
+}
+
+static int int_rsa_size(const EVP_PKEY *pkey)
+{
+ return RSA_size(pkey->pkey.rsa);
+}
+
+static int rsa_bits(const EVP_PKEY *pkey)
+{
+ return BN_num_bits(pkey->pkey.rsa->n);
+}
+
+static void int_rsa_free(EVP_PKEY *pkey)
+{
+ RSA_free(pkey->pkey.rsa);
+}
+
+static void update_buflen(const BIGNUM *b, size_t *pbuflen)
+{
+ size_t i;
+ if (!b)
+ return;
+ if (*pbuflen < (i = (size_t)BN_num_bytes(b)))
+ *pbuflen = i;
+}
+
+static int do_rsa_print(BIO *bp, const RSA *x, int off, int priv)
+{
+ char *str;
+ const char *s;
+ unsigned char *m = NULL;
+ int ret = 0, mod_len = 0;
+ size_t buf_len = 0;
+
+ update_buflen(x->n, &buf_len);
+ update_buflen(x->e, &buf_len);
+
+ if (priv) {
+ update_buflen(x->d, &buf_len);
+ update_buflen(x->p, &buf_len);
+ update_buflen(x->q, &buf_len);
+ update_buflen(x->dmp1, &buf_len);
+ update_buflen(x->dmq1, &buf_len);
+ update_buflen(x->iqmp, &buf_len);
+ }
+
+ m = (unsigned char *)OPENSSL_malloc(buf_len + 10);
+ if (m == NULL) {
+ RSAerr(RSA_F_DO_RSA_PRINT, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ if (x->n != NULL)
+ mod_len = BN_num_bits(x->n);
+
+ if (!BIO_indent(bp, off, 128))
+ goto err;
+
+ if (priv && x->d) {
+ if (BIO_printf(bp, "Private-Key: (%d bit)\n", mod_len)
+ <= 0)
+ goto err;
+ str = "modulus:";
+ s = "publicExponent:";
+ } else {
+ if (BIO_printf(bp, "Public-Key: (%d bit)\n", mod_len)
+ <= 0)
+ goto err;
+ str = "Modulus:";
+ s = "Exponent:";
+ }
+ if (!ASN1_bn_print(bp, str, x->n, m, off))
+ goto err;
+ if (!ASN1_bn_print(bp, s, x->e, m, off))
+ goto err;
+ if (priv) {
+ if (!ASN1_bn_print(bp, "privateExponent:", x->d, m, off))
+ goto err;
+ if (!ASN1_bn_print(bp, "prime1:", x->p, m, off))
+ goto err;
+ if (!ASN1_bn_print(bp, "prime2:", x->q, m, off))
+ goto err;
+ if (!ASN1_bn_print(bp, "exponent1:", x->dmp1, m, off))
+ goto err;
+ if (!ASN1_bn_print(bp, "exponent2:", x->dmq1, m, off))
+ goto err;
+ if (!ASN1_bn_print(bp, "coefficient:", x->iqmp, m, off))
+ goto err;
+ }
+ ret = 1;
+ err:
+ if (m != NULL)
+ OPENSSL_free(m);
+ return (ret);
+}
+
+static int rsa_pub_print(BIO *bp, const EVP_PKEY *pkey, int indent,
+ ASN1_PCTX *ctx)
+{
+ return do_rsa_print(bp, pkey->pkey.rsa, indent, 0);
+}
+
+static int rsa_priv_print(BIO *bp, const EVP_PKEY *pkey, int indent,
+ ASN1_PCTX *ctx)
+{
+ return do_rsa_print(bp, pkey->pkey.rsa, indent, 1);
+}
+
+static RSA_PSS_PARAMS *rsa_pss_decode(const X509_ALGOR *alg,
+ X509_ALGOR **pmaskHash)
+{
+ const unsigned char *p;
+ int plen;
+ RSA_PSS_PARAMS *pss;
+
+ *pmaskHash = NULL;
+
+ if (!alg->parameter || alg->parameter->type != V_ASN1_SEQUENCE)
+ return NULL;
+ p = alg->parameter->value.sequence->data;
+ plen = alg->parameter->value.sequence->length;
+ pss = d2i_RSA_PSS_PARAMS(NULL, &p, plen);
+
+ if (!pss)
+ return NULL;
+
+ if (pss->maskGenAlgorithm) {
+ ASN1_TYPE *param = pss->maskGenAlgorithm->parameter;
+ if (OBJ_obj2nid(pss->maskGenAlgorithm->algorithm) == NID_mgf1
+ && param->type == V_ASN1_SEQUENCE) {
+ p = param->value.sequence->data;
+ plen = param->value.sequence->length;
+ *pmaskHash = d2i_X509_ALGOR(NULL, &p, plen);
+ }
+ }
+
+ return pss;
+}
+
+static int rsa_pss_param_print(BIO *bp, RSA_PSS_PARAMS *pss,
+ X509_ALGOR *maskHash, int indent)
+{
+ int rv = 0;
+ if (!pss) {
+ if (BIO_puts(bp, " (INVALID PSS PARAMETERS)\n") <= 0)
+ return 0;
+ return 1;
+ }
+ if (BIO_puts(bp, "\n") <= 0)
+ goto err;
+ if (!BIO_indent(bp, indent, 128))
+ goto err;
+ if (BIO_puts(bp, "Hash Algorithm: ") <= 0)
+ goto err;
+
+ if (pss->hashAlgorithm) {
+ if (i2a_ASN1_OBJECT(bp, pss->hashAlgorithm->algorithm) <= 0)
+ goto err;
+ } else if (BIO_puts(bp, "sha1 (default)") <= 0)
+ goto err;
+
+ if (BIO_puts(bp, "\n") <= 0)
+ goto err;
+
+ if (!BIO_indent(bp, indent, 128))
+ goto err;
+
+ if (BIO_puts(bp, "Mask Algorithm: ") <= 0)
+ goto err;
+ if (pss->maskGenAlgorithm) {
+ if (i2a_ASN1_OBJECT(bp, pss->maskGenAlgorithm->algorithm) <= 0)
+ goto err;
+ if (BIO_puts(bp, " with ") <= 0)
+ goto err;
+ if (maskHash) {
+ if (i2a_ASN1_OBJECT(bp, maskHash->algorithm) <= 0)
+ goto err;
+ } else if (BIO_puts(bp, "INVALID") <= 0)
+ goto err;
+ } else if (BIO_puts(bp, "mgf1 with sha1 (default)") <= 0)
+ goto err;
+ BIO_puts(bp, "\n");
+
+ if (!BIO_indent(bp, indent, 128))
+ goto err;
+ if (BIO_puts(bp, "Salt Length: 0x") <= 0)
+ goto err;
+ if (pss->saltLength) {
+ if (i2a_ASN1_INTEGER(bp, pss->saltLength) <= 0)
+ goto err;
+ } else if (BIO_puts(bp, "14 (default)") <= 0)
+ goto err;
+ BIO_puts(bp, "\n");
+
+ if (!BIO_indent(bp, indent, 128))
+ goto err;
+ if (BIO_puts(bp, "Trailer Field: 0x") <= 0)
+ goto err;
+ if (pss->trailerField) {
+ if (i2a_ASN1_INTEGER(bp, pss->trailerField) <= 0)
+ goto err;
+ } else if (BIO_puts(bp, "BC (default)") <= 0)
+ goto err;
+ BIO_puts(bp, "\n");
+
+ rv = 1;
+
+ err:
+ return rv;
+
+}
+
+static int rsa_sig_print(BIO *bp, const X509_ALGOR *sigalg,
+ const ASN1_STRING *sig, int indent, ASN1_PCTX *pctx)
+{
+ if (OBJ_obj2nid(sigalg->algorithm) == NID_rsassaPss) {
+ int rv;
+ RSA_PSS_PARAMS *pss;
+ X509_ALGOR *maskHash;
+ pss = rsa_pss_decode(sigalg, &maskHash);
+ rv = rsa_pss_param_print(bp, pss, maskHash, indent);
+ if (pss)
+ RSA_PSS_PARAMS_free(pss);
+ if (maskHash)
+ X509_ALGOR_free(maskHash);
+ if (!rv)
+ return 0;
+ } else if (!sig && BIO_puts(bp, "\n") <= 0)
+ return 0;
+ if (sig)
+ return X509_signature_dump(bp, sig, indent);
+ return 1;
+}
+
+static int rsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
+{
+ X509_ALGOR *alg = NULL;
+ switch (op) {
+
+ case ASN1_PKEY_CTRL_PKCS7_SIGN:
+ if (arg1 == 0)
+ PKCS7_SIGNER_INFO_get0_algs(arg2, NULL, NULL, &alg);
+ break;
+
+ case ASN1_PKEY_CTRL_PKCS7_ENCRYPT:
+ if (arg1 == 0)
+ PKCS7_RECIP_INFO_get0_alg(arg2, &alg);
+ break;
+#ifndef OPENSSL_NO_CMS
+ case ASN1_PKEY_CTRL_CMS_SIGN:
+ if (arg1 == 0)
+ CMS_SignerInfo_get0_algs(arg2, NULL, NULL, NULL, &alg);
+ break;
+
+ case ASN1_PKEY_CTRL_CMS_ENVELOPE:
+ if (arg1 == 0)
+ CMS_RecipientInfo_ktri_get0_algs(arg2, NULL, NULL, &alg);
+ break;
+#endif
+
+ case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
+ *(int *)arg2 = NID_sha1;
+ return 1;
+
+ default:
+ return -2;
+
+ }
+
+ if (alg)
+ X509_ALGOR_set0(alg, OBJ_nid2obj(NID_rsaEncryption), V_ASN1_NULL, 0);
+
+ return 1;
+
+}
+
+/*
+ * Customised RSA item verification routine. This is called when a signature
+ * is encountered requiring special handling. We currently only handle PSS.
+ */
+
+static int rsa_item_verify(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+ X509_ALGOR *sigalg, ASN1_BIT_STRING *sig,
+ EVP_PKEY *pkey)
+{
+ int rv = -1;
+ int saltlen;
+ const EVP_MD *mgf1md = NULL, *md = NULL;
+ RSA_PSS_PARAMS *pss;
+ X509_ALGOR *maskHash;
+ EVP_PKEY_CTX *pkctx;
+ /* Sanity check: make sure it is PSS */
+ if (OBJ_obj2nid(sigalg->algorithm) != NID_rsassaPss) {
+ RSAerr(RSA_F_RSA_ITEM_VERIFY, RSA_R_UNSUPPORTED_SIGNATURE_TYPE);
+ return -1;
+ }
+ /* Decode PSS parameters */
+ pss = rsa_pss_decode(sigalg, &maskHash);
+
+ if (pss == NULL) {
+ RSAerr(RSA_F_RSA_ITEM_VERIFY, RSA_R_INVALID_PSS_PARAMETERS);
+ goto err;
+ }
+ /* Check mask and lookup mask hash algorithm */
+ if (pss->maskGenAlgorithm) {
+ if (OBJ_obj2nid(pss->maskGenAlgorithm->algorithm) != NID_mgf1) {
+ RSAerr(RSA_F_RSA_ITEM_VERIFY, RSA_R_UNSUPPORTED_MASK_ALGORITHM);
+ goto err;
+ }
+ if (!maskHash) {
+ RSAerr(RSA_F_RSA_ITEM_VERIFY, RSA_R_UNSUPPORTED_MASK_PARAMETER);
+ goto err;
+ }
+ mgf1md = EVP_get_digestbyobj(maskHash->algorithm);
+ if (mgf1md == NULL) {
+ RSAerr(RSA_F_RSA_ITEM_VERIFY, RSA_R_UNKNOWN_MASK_DIGEST);
+ goto err;
+ }
+ } else
+ mgf1md = EVP_sha1();
+
+ if (pss->hashAlgorithm) {
+ md = EVP_get_digestbyobj(pss->hashAlgorithm->algorithm);
+ if (md == NULL) {
+ RSAerr(RSA_F_RSA_ITEM_VERIFY, RSA_R_UNKNOWN_PSS_DIGEST);
+ goto err;
+ }
+ } else
+ md = EVP_sha1();
+
+ if (pss->saltLength) {
+ saltlen = ASN1_INTEGER_get(pss->saltLength);
+
+ /*
+ * Could perform more salt length sanity checks but the main RSA
+ * routines will trap other invalid values anyway.
+ */
+ if (saltlen < 0) {
+ RSAerr(RSA_F_RSA_ITEM_VERIFY, RSA_R_INVALID_SALT_LENGTH);
+ goto err;
+ }
+ } else
+ saltlen = 20;
+
+ /*
+ * low-level routines support only trailer field 0xbc (value 1) and
+ * PKCS#1 says we should reject any other value anyway.
+ */
+ if (pss->trailerField && ASN1_INTEGER_get(pss->trailerField) != 1) {
+ RSAerr(RSA_F_RSA_ITEM_VERIFY, RSA_R_INVALID_TRAILER);
+ goto err;
+ }
+
+ /* We have all parameters now set up context */
+
+ if (!EVP_DigestVerifyInit(ctx, &pkctx, md, NULL, pkey))
+ goto err;
+
+ if (EVP_PKEY_CTX_set_rsa_padding(pkctx, RSA_PKCS1_PSS_PADDING) <= 0)
+ goto err;
+
+ if (EVP_PKEY_CTX_set_rsa_pss_saltlen(pkctx, saltlen) <= 0)
+ goto err;
+
+ if (EVP_PKEY_CTX_set_rsa_mgf1_md(pkctx, mgf1md) <= 0)
+ goto err;
+ /* Carry on */
+ rv = 2;
+
+ err:
+ RSA_PSS_PARAMS_free(pss);
+ if (maskHash)
+ X509_ALGOR_free(maskHash);
+ return rv;
+}
+
+static int rsa_item_sign(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+ X509_ALGOR *alg1, X509_ALGOR *alg2,
+ ASN1_BIT_STRING *sig)
+{
+ int pad_mode;
+ EVP_PKEY_CTX *pkctx = ctx->pctx;
+ if (EVP_PKEY_CTX_get_rsa_padding(pkctx, &pad_mode) <= 0)
+ return 0;
+ if (pad_mode == RSA_PKCS1_PADDING)
+ return 2;
+ if (pad_mode == RSA_PKCS1_PSS_PADDING) {
+ const EVP_MD *sigmd, *mgf1md;
+ RSA_PSS_PARAMS *pss = NULL;
+ X509_ALGOR *mgf1alg = NULL;
+ ASN1_STRING *os1 = NULL, *os2 = NULL;
+ EVP_PKEY *pk = EVP_PKEY_CTX_get0_pkey(pkctx);
+ int saltlen, rv = 0;
+ sigmd = EVP_MD_CTX_md(ctx);
+ if (EVP_PKEY_CTX_get_rsa_mgf1_md(pkctx, &mgf1md) <= 0)
+ goto err;
+ if (!EVP_PKEY_CTX_get_rsa_pss_saltlen(pkctx, &saltlen))
+ goto err;
+ if (saltlen == -1)
+ saltlen = EVP_MD_size(sigmd);
+ else if (saltlen == -2) {
+ saltlen = EVP_PKEY_size(pk) - EVP_MD_size(sigmd) - 2;
+ if (((EVP_PKEY_bits(pk) - 1) & 0x7) == 0)
+ saltlen--;
+ }
+ pss = RSA_PSS_PARAMS_new();
+ if (!pss)
+ goto err;
+ if (saltlen != 20) {
+ pss->saltLength = ASN1_INTEGER_new();
+ if (!pss->saltLength)
+ goto err;
+ if (!ASN1_INTEGER_set(pss->saltLength, saltlen))
+ goto err;
+ }
+ if (EVP_MD_type(sigmd) != NID_sha1) {
+ pss->hashAlgorithm = X509_ALGOR_new();
+ if (!pss->hashAlgorithm)
+ goto err;
+ X509_ALGOR_set_md(pss->hashAlgorithm, sigmd);
+ }
+ if (EVP_MD_type(mgf1md) != NID_sha1) {
+ ASN1_STRING *stmp = NULL;
+ /* need to embed algorithm ID inside another */
+ mgf1alg = X509_ALGOR_new();
+ X509_ALGOR_set_md(mgf1alg, mgf1md);
+ if (!ASN1_item_pack(mgf1alg, ASN1_ITEM_rptr(X509_ALGOR), &stmp))
+ goto err;
+ pss->maskGenAlgorithm = X509_ALGOR_new();
+ if (!pss->maskGenAlgorithm)
+ goto err;
+ X509_ALGOR_set0(pss->maskGenAlgorithm,
+ OBJ_nid2obj(NID_mgf1), V_ASN1_SEQUENCE, stmp);
+ }
+ /* Finally create string with pss parameter encoding. */
+ if (!ASN1_item_pack(pss, ASN1_ITEM_rptr(RSA_PSS_PARAMS), &os1))
+ goto err;
+ if (alg2) {
+ os2 = ASN1_STRING_dup(os1);
+ if (!os2)
+ goto err;
+ X509_ALGOR_set0(alg2, OBJ_nid2obj(NID_rsassaPss),
+ V_ASN1_SEQUENCE, os2);
+ }
+ X509_ALGOR_set0(alg1, OBJ_nid2obj(NID_rsassaPss),
+ V_ASN1_SEQUENCE, os1);
+ os1 = os2 = NULL;
+ rv = 3;
+ err:
+ if (mgf1alg)
+ X509_ALGOR_free(mgf1alg);
+ if (pss)
+ RSA_PSS_PARAMS_free(pss);
+ if (os1)
+ ASN1_STRING_free(os1);
+ return rv;
+
+ }
+ return 2;
+}
+
+const EVP_PKEY_ASN1_METHOD rsa_asn1_meths[] = {
+ {
+ EVP_PKEY_RSA,
+ EVP_PKEY_RSA,
+ ASN1_PKEY_SIGPARAM_NULL,
+
+ "RSA",
+ "OpenSSL RSA method",
+
+ rsa_pub_decode,
+ rsa_pub_encode,
+ rsa_pub_cmp,
+ rsa_pub_print,
+
+ rsa_priv_decode,
+ rsa_priv_encode,
+ rsa_priv_print,
+
+ int_rsa_size,
+ rsa_bits,
+
+ 0, 0, 0, 0, 0, 0,
+
+ rsa_sig_print,
+ int_rsa_free,
+ rsa_pkey_ctrl,
+ old_rsa_priv_decode,
+ old_rsa_priv_encode,
+ rsa_item_verify,
+ rsa_item_sign},
+
+ {
+ EVP_PKEY_RSA2,
+ EVP_PKEY_RSA,
+ ASN1_PKEY_ALIAS}
+};
Modified: trunk/crypto/openssl/crypto/rsa/rsa_asn1.c
===================================================================
--- trunk/crypto/openssl/crypto/rsa/rsa_asn1.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/rsa/rsa_asn1.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -4,7 +4,7 @@
* 2000.
*/
/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -61,22 +61,12 @@
#include "cryptlib.h"
#include <openssl/bn.h>
#include <openssl/rsa.h>
+#include <openssl/x509.h>
#include <openssl/asn1t.h>
-static ASN1_METHOD method = {
- (I2D_OF(void)) i2d_RSAPrivateKey,
- (D2I_OF(void)) d2i_RSAPrivateKey,
- (void *(*)(void))RSA_new,
- (void (*)(void *))RSA_free
-};
-
-ASN1_METHOD *RSAPrivateKey_asn1_meth(void)
-{
- return (&method);
-}
-
/* Override the default free and new methods */
-static int rsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
+static int rsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+ void *exarg)
{
if (operation == ASN1_OP_NEW_PRE) {
*pval = (ASN1_VALUE *)RSA_new();
@@ -109,6 +99,15 @@
ASN1_SIMPLE(RSA, e, BIGNUM),
} ASN1_SEQUENCE_END_cb(RSA, RSAPublicKey)
+ASN1_SEQUENCE(RSA_PSS_PARAMS) = {
+ ASN1_EXP_OPT(RSA_PSS_PARAMS, hashAlgorithm, X509_ALGOR,0),
+ ASN1_EXP_OPT(RSA_PSS_PARAMS, maskGenAlgorithm, X509_ALGOR,1),
+ ASN1_EXP_OPT(RSA_PSS_PARAMS, saltLength, ASN1_INTEGER,2),
+ ASN1_EXP_OPT(RSA_PSS_PARAMS, trailerField, ASN1_INTEGER,3)
+} ASN1_SEQUENCE_END(RSA_PSS_PARAMS)
+
+IMPLEMENT_ASN1_FUNCTIONS(RSA_PSS_PARAMS)
+
IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(RSA, RSAPrivateKey, RSAPrivateKey)
IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(RSA, RSAPublicKey, RSAPublicKey)
Modified: trunk/crypto/openssl/crypto/rsa/rsa_chk.c
===================================================================
--- trunk/crypto/openssl/crypto/rsa/rsa_chk.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/rsa/rsa_chk.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -59,6 +59,11 @@
int r;
int ret = 1;
+ if (!key->p || !key->q || !key->n || !key->e || !key->d) {
+ RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_VALUE_MISSING);
+ return 0;
+ }
+
i = BN_new();
j = BN_new();
k = BN_new();
Copied: trunk/crypto/openssl/crypto/rsa/rsa_crpt.c (from rev 7117, vendor-crypto/openssl/dist/crypto/rsa/rsa_crpt.c)
===================================================================
--- trunk/crypto/openssl/crypto/rsa/rsa_crpt.c (rev 0)
+++ trunk/crypto/openssl/crypto/rsa/rsa_crpt.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,247 @@
+/* crypto/rsa/rsa_lib.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <openssl/crypto.h>
+#include "cryptlib.h"
+#include <openssl/lhash.h>
+#include <openssl/bn.h>
+#include <openssl/rsa.h>
+#include <openssl/rand.h>
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+#endif
+
+int RSA_size(const RSA *r)
+{
+ return (BN_num_bytes(r->n));
+}
+
+int RSA_public_encrypt(int flen, const unsigned char *from, unsigned char *to,
+ RSA *rsa, int padding)
+{
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode() && !(rsa->meth->flags & RSA_FLAG_FIPS_METHOD)
+ && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) {
+ RSAerr(RSA_F_RSA_PUBLIC_ENCRYPT, RSA_R_NON_FIPS_RSA_METHOD);
+ return -1;
+ }
+#endif
+ return (rsa->meth->rsa_pub_enc(flen, from, to, rsa, padding));
+}
+
+int RSA_private_encrypt(int flen, const unsigned char *from,
+ unsigned char *to, RSA *rsa, int padding)
+{
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode() && !(rsa->meth->flags & RSA_FLAG_FIPS_METHOD)
+ && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) {
+ RSAerr(RSA_F_RSA_PRIVATE_ENCRYPT, RSA_R_NON_FIPS_RSA_METHOD);
+ return -1;
+ }
+#endif
+ return (rsa->meth->rsa_priv_enc(flen, from, to, rsa, padding));
+}
+
+int RSA_private_decrypt(int flen, const unsigned char *from,
+ unsigned char *to, RSA *rsa, int padding)
+{
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode() && !(rsa->meth->flags & RSA_FLAG_FIPS_METHOD)
+ && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) {
+ RSAerr(RSA_F_RSA_PRIVATE_DECRYPT, RSA_R_NON_FIPS_RSA_METHOD);
+ return -1;
+ }
+#endif
+ return (rsa->meth->rsa_priv_dec(flen, from, to, rsa, padding));
+}
+
+int RSA_public_decrypt(int flen, const unsigned char *from, unsigned char *to,
+ RSA *rsa, int padding)
+{
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode() && !(rsa->meth->flags & RSA_FLAG_FIPS_METHOD)
+ && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) {
+ RSAerr(RSA_F_RSA_PUBLIC_DECRYPT, RSA_R_NON_FIPS_RSA_METHOD);
+ return -1;
+ }
+#endif
+ return (rsa->meth->rsa_pub_dec(flen, from, to, rsa, padding));
+}
+
+int RSA_flags(const RSA *r)
+{
+ return ((r == NULL) ? 0 : r->meth->flags);
+}
+
+void RSA_blinding_off(RSA *rsa)
+{
+ if (rsa->blinding != NULL) {
+ BN_BLINDING_free(rsa->blinding);
+ rsa->blinding = NULL;
+ }
+ rsa->flags &= ~RSA_FLAG_BLINDING;
+ rsa->flags |= RSA_FLAG_NO_BLINDING;
+}
+
+int RSA_blinding_on(RSA *rsa, BN_CTX *ctx)
+{
+ int ret = 0;
+
+ if (rsa->blinding != NULL)
+ RSA_blinding_off(rsa);
+
+ rsa->blinding = RSA_setup_blinding(rsa, ctx);
+ if (rsa->blinding == NULL)
+ goto err;
+
+ rsa->flags |= RSA_FLAG_BLINDING;
+ rsa->flags &= ~RSA_FLAG_NO_BLINDING;
+ ret = 1;
+ err:
+ return (ret);
+}
+
+static BIGNUM *rsa_get_public_exp(const BIGNUM *d, const BIGNUM *p,
+ const BIGNUM *q, BN_CTX *ctx)
+{
+ BIGNUM *ret = NULL, *r0, *r1, *r2;
+
+ if (d == NULL || p == NULL || q == NULL)
+ return NULL;
+
+ BN_CTX_start(ctx);
+ r0 = BN_CTX_get(ctx);
+ r1 = BN_CTX_get(ctx);
+ r2 = BN_CTX_get(ctx);
+ if (r2 == NULL)
+ goto err;
+
+ if (!BN_sub(r1, p, BN_value_one()))
+ goto err;
+ if (!BN_sub(r2, q, BN_value_one()))
+ goto err;
+ if (!BN_mul(r0, r1, r2, ctx))
+ goto err;
+
+ ret = BN_mod_inverse(NULL, d, r0, ctx);
+ err:
+ BN_CTX_end(ctx);
+ return ret;
+}
+
+BN_BLINDING *RSA_setup_blinding(RSA *rsa, BN_CTX *in_ctx)
+{
+ BIGNUM local_n;
+ BIGNUM *e, *n;
+ BN_CTX *ctx;
+ BN_BLINDING *ret = NULL;
+
+ if (in_ctx == NULL) {
+ if ((ctx = BN_CTX_new()) == NULL)
+ return 0;
+ } else
+ ctx = in_ctx;
+
+ BN_CTX_start(ctx);
+ e = BN_CTX_get(ctx);
+ if (e == NULL) {
+ RSAerr(RSA_F_RSA_SETUP_BLINDING, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ if (rsa->e == NULL) {
+ e = rsa_get_public_exp(rsa->d, rsa->p, rsa->q, ctx);
+ if (e == NULL) {
+ RSAerr(RSA_F_RSA_SETUP_BLINDING, RSA_R_NO_PUBLIC_EXPONENT);
+ goto err;
+ }
+ } else
+ e = rsa->e;
+
+ if ((RAND_status() == 0) && rsa->d != NULL && rsa->d->d != NULL) {
+ /*
+ * if PRNG is not properly seeded, resort to secret exponent as
+ * unpredictable seed
+ */
+ RAND_add(rsa->d->d, rsa->d->dmax * sizeof rsa->d->d[0], 0.0);
+ }
+
+ if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
+ /* Set BN_FLG_CONSTTIME flag */
+ n = &local_n;
+ BN_with_flags(n, rsa->n, BN_FLG_CONSTTIME);
+ } else
+ n = rsa->n;
+
+ ret = BN_BLINDING_create_param(NULL, e, n, ctx,
+ rsa->meth->bn_mod_exp, rsa->_method_mod_n);
+ if (ret == NULL) {
+ RSAerr(RSA_F_RSA_SETUP_BLINDING, ERR_R_BN_LIB);
+ goto err;
+ }
+ CRYPTO_THREADID_current(BN_BLINDING_thread_id(ret));
+ err:
+ BN_CTX_end(ctx);
+ if (in_ctx == NULL)
+ BN_CTX_free(ctx);
+ if (rsa->e == NULL)
+ BN_free(e);
+
+ return ret;
+}
Modified: trunk/crypto/openssl/crypto/rsa/rsa_eay.c
===================================================================
--- trunk/crypto/openssl/crypto/rsa/rsa_eay.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/rsa/rsa_eay.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -115,7 +115,7 @@
#include <openssl/rsa.h>
#include <openssl/rand.h>
-#if !defined(RSA_NULL) && !defined(OPENSSL_FIPS)
+#ifndef RSA_NULL
static int RSA_eay_public_encrypt(int flen, const unsigned char *from,
unsigned char *to, RSA *rsa, int padding);
@@ -257,6 +257,7 @@
{
BN_BLINDING *ret;
int got_write_lock = 0;
+ CRYPTO_THREADID cur;
CRYPTO_r_lock(CRYPTO_LOCK_RSA);
@@ -273,7 +274,8 @@
if (ret == NULL)
goto err;
- if (BN_BLINDING_get_thread_id(ret) == CRYPTO_thread_id()) {
+ CRYPTO_THREADID_current(&cur);
+ if (!CRYPTO_THREADID_cmp(&cur, BN_BLINDING_thread_id(ret))) {
/* rsa->blinding is ours! */
*local = 1;
Modified: trunk/crypto/openssl/crypto/rsa/rsa_err.c
===================================================================
--- trunk/crypto/openssl/crypto/rsa/rsa_err.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/rsa/rsa_err.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,6 +1,6 @@
/* crypto/rsa/rsa_err.c */
/* ====================================================================
- * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -70,9 +70,16 @@
# define ERR_REASON(reason) ERR_PACK(ERR_LIB_RSA,0,reason)
static ERR_STRING_DATA RSA_str_functs[] = {
- {ERR_FUNC(RSA_F_FIPS_RSA_SIGN), "FIPS_RSA_SIGN"},
- {ERR_FUNC(RSA_F_FIPS_RSA_VERIFY), "FIPS_RSA_VERIFY"},
+ {ERR_FUNC(RSA_F_CHECK_PADDING_MD), "CHECK_PADDING_MD"},
+ {ERR_FUNC(RSA_F_DO_RSA_PRINT), "DO_RSA_PRINT"},
+ {ERR_FUNC(RSA_F_INT_RSA_VERIFY), "INT_RSA_VERIFY"},
{ERR_FUNC(RSA_F_MEMORY_LOCK), "MEMORY_LOCK"},
+ {ERR_FUNC(RSA_F_OLD_RSA_PRIV_DECODE), "OLD_RSA_PRIV_DECODE"},
+ {ERR_FUNC(RSA_F_PKEY_RSA_CTRL), "PKEY_RSA_CTRL"},
+ {ERR_FUNC(RSA_F_PKEY_RSA_CTRL_STR), "PKEY_RSA_CTRL_STR"},
+ {ERR_FUNC(RSA_F_PKEY_RSA_SIGN), "PKEY_RSA_SIGN"},
+ {ERR_FUNC(RSA_F_PKEY_RSA_VERIFY), "PKEY_RSA_VERIFY"},
+ {ERR_FUNC(RSA_F_PKEY_RSA_VERIFYRECOVER), "PKEY_RSA_VERIFYRECOVER"},
{ERR_FUNC(RSA_F_RSA_BUILTIN_KEYGEN), "RSA_BUILTIN_KEYGEN"},
{ERR_FUNC(RSA_F_RSA_CHECK_KEY), "RSA_check_key"},
{ERR_FUNC(RSA_F_RSA_EAY_PRIVATE_DECRYPT), "RSA_EAY_PRIVATE_DECRYPT"},
@@ -80,6 +87,8 @@
{ERR_FUNC(RSA_F_RSA_EAY_PUBLIC_DECRYPT), "RSA_EAY_PUBLIC_DECRYPT"},
{ERR_FUNC(RSA_F_RSA_EAY_PUBLIC_ENCRYPT), "RSA_EAY_PUBLIC_ENCRYPT"},
{ERR_FUNC(RSA_F_RSA_GENERATE_KEY), "RSA_generate_key"},
+ {ERR_FUNC(RSA_F_RSA_GENERATE_KEY_EX), "RSA_generate_key_ex"},
+ {ERR_FUNC(RSA_F_RSA_ITEM_VERIFY), "RSA_ITEM_VERIFY"},
{ERR_FUNC(RSA_F_RSA_MEMORY_LOCK), "RSA_memory_lock"},
{ERR_FUNC(RSA_F_RSA_NEW_METHOD), "RSA_new_method"},
{ERR_FUNC(RSA_F_RSA_NULL), "RSA_NULL"},
@@ -92,6 +101,8 @@
{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP),
"RSA_padding_add_PKCS1_OAEP"},
{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_PSS), "RSA_padding_add_PKCS1_PSS"},
+ {ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1),
+ "RSA_padding_add_PKCS1_PSS_mgf1"},
{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1),
"RSA_padding_add_PKCS1_type_1"},
{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2),
@@ -109,11 +120,14 @@
{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_X931), "RSA_padding_check_X931"},
{ERR_FUNC(RSA_F_RSA_PRINT), "RSA_print"},
{ERR_FUNC(RSA_F_RSA_PRINT_FP), "RSA_print_fp"},
+ {ERR_FUNC(RSA_F_RSA_PRIVATE_DECRYPT), "RSA_private_decrypt"},
{ERR_FUNC(RSA_F_RSA_PRIVATE_ENCRYPT), "RSA_private_encrypt"},
+ {ERR_FUNC(RSA_F_RSA_PRIV_DECODE), "RSA_PRIV_DECODE"},
+ {ERR_FUNC(RSA_F_RSA_PRIV_ENCODE), "RSA_PRIV_ENCODE"},
{ERR_FUNC(RSA_F_RSA_PUBLIC_DECRYPT), "RSA_public_decrypt"},
+ {ERR_FUNC(RSA_F_RSA_PUBLIC_ENCRYPT), "RSA_public_encrypt"},
+ {ERR_FUNC(RSA_F_RSA_PUB_DECODE), "RSA_PUB_DECODE"},
{ERR_FUNC(RSA_F_RSA_SETUP_BLINDING), "RSA_setup_blinding"},
- {ERR_FUNC(RSA_F_RSA_SET_DEFAULT_METHOD), "RSA_set_default_method"},
- {ERR_FUNC(RSA_F_RSA_SET_METHOD), "RSA_set_method"},
{ERR_FUNC(RSA_F_RSA_SIGN), "RSA_sign"},
{ERR_FUNC(RSA_F_RSA_SIGN_ASN1_OCTET_STRING),
"RSA_sign_ASN1_OCTET_STRING"},
@@ -121,6 +135,7 @@
{ERR_FUNC(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING),
"RSA_verify_ASN1_OCTET_STRING"},
{ERR_FUNC(RSA_F_RSA_VERIFY_PKCS1_PSS), "RSA_verify_PKCS1_PSS"},
+ {ERR_FUNC(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1), "RSA_verify_PKCS1_PSS_mgf1"},
{0, NULL}
};
@@ -148,15 +163,25 @@
{ERR_REASON(RSA_R_DMQ1_NOT_CONGRUENT_TO_D), "dmq1 not congruent to d"},
{ERR_REASON(RSA_R_D_E_NOT_CONGRUENT_TO_1), "d e not congruent to 1"},
{ERR_REASON(RSA_R_FIRST_OCTET_INVALID), "first octet invalid"},
+ {ERR_REASON(RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE),
+ "illegal or unsupported padding mode"},
+ {ERR_REASON(RSA_R_INVALID_DIGEST_LENGTH), "invalid digest length"},
{ERR_REASON(RSA_R_INVALID_HEADER), "invalid header"},
+ {ERR_REASON(RSA_R_INVALID_KEYBITS), "invalid keybits"},
{ERR_REASON(RSA_R_INVALID_MESSAGE_LENGTH), "invalid message length"},
+ {ERR_REASON(RSA_R_INVALID_MGF1_MD), "invalid mgf1 md"},
{ERR_REASON(RSA_R_INVALID_PADDING), "invalid padding"},
+ {ERR_REASON(RSA_R_INVALID_PADDING_MODE), "invalid padding mode"},
+ {ERR_REASON(RSA_R_INVALID_PSS_PARAMETERS), "invalid pss parameters"},
+ {ERR_REASON(RSA_R_INVALID_PSS_SALTLEN), "invalid pss saltlen"},
+ {ERR_REASON(RSA_R_INVALID_SALT_LENGTH), "invalid salt length"},
{ERR_REASON(RSA_R_INVALID_TRAILER), "invalid trailer"},
+ {ERR_REASON(RSA_R_INVALID_X931_DIGEST), "invalid x931 digest"},
{ERR_REASON(RSA_R_IQMP_NOT_INVERSE_OF_Q), "iqmp not inverse of q"},
{ERR_REASON(RSA_R_KEY_SIZE_TOO_SMALL), "key size too small"},
{ERR_REASON(RSA_R_LAST_OCTET_INVALID), "last octet invalid"},
{ERR_REASON(RSA_R_MODULUS_TOO_LARGE), "modulus too large"},
- {ERR_REASON(RSA_R_NON_FIPS_METHOD), "non fips method"},
+ {ERR_REASON(RSA_R_NON_FIPS_RSA_METHOD), "non fips rsa method"},
{ERR_REASON(RSA_R_NO_PUBLIC_EXPONENT), "no public exponent"},
{ERR_REASON(RSA_R_NULL_BEFORE_BLOCK_MISSING),
"null before block missing"},
@@ -164,6 +189,8 @@
{ERR_REASON(RSA_R_OAEP_DECODING_ERROR), "oaep decoding error"},
{ERR_REASON(RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE),
"operation not allowed in fips mode"},
+ {ERR_REASON(RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE),
+ "operation not supported for this keytype"},
{ERR_REASON(RSA_R_PADDING_CHECK_FAILED), "padding check failed"},
{ERR_REASON(RSA_R_PKCS_DECODING_ERROR), "pkcs decoding error"},
{ERR_REASON(RSA_R_P_NOT_PRIME), "p not prime"},
@@ -176,7 +203,16 @@
{ERR_REASON(RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD),
"the asn1 object identifier is not known for this md"},
{ERR_REASON(RSA_R_UNKNOWN_ALGORITHM_TYPE), "unknown algorithm type"},
+ {ERR_REASON(RSA_R_UNKNOWN_MASK_DIGEST), "unknown mask digest"},
{ERR_REASON(RSA_R_UNKNOWN_PADDING_TYPE), "unknown padding type"},
+ {ERR_REASON(RSA_R_UNKNOWN_PSS_DIGEST), "unknown pss digest"},
+ {ERR_REASON(RSA_R_UNSUPPORTED_MASK_ALGORITHM),
+ "unsupported mask algorithm"},
+ {ERR_REASON(RSA_R_UNSUPPORTED_MASK_PARAMETER),
+ "unsupported mask parameter"},
+ {ERR_REASON(RSA_R_UNSUPPORTED_SIGNATURE_TYPE),
+ "unsupported signature type"},
+ {ERR_REASON(RSA_R_VALUE_MISSING), "value missing"},
{ERR_REASON(RSA_R_WRONG_SIGNATURE_LENGTH), "wrong signature length"},
{0, NULL}
};
Modified: trunk/crypto/openssl/crypto/rsa/rsa_gen.c
===================================================================
--- trunk/crypto/openssl/crypto/rsa/rsa_gen.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/rsa/rsa_gen.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -67,9 +67,10 @@
#include "cryptlib.h"
#include <openssl/bn.h>
#include <openssl/rsa.h>
+#ifdef OPENSSL_FIPS
+# include <openssl/fips.h>
+#endif
-#ifndef OPENSSL_FIPS
-
static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value,
BN_GENCB *cb);
@@ -82,8 +83,19 @@
*/
int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb)
{
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode() && !(rsa->meth->flags & RSA_FLAG_FIPS_METHOD)
+ && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) {
+ RSAerr(RSA_F_RSA_GENERATE_KEY_EX, RSA_R_NON_FIPS_RSA_METHOD);
+ return 0;
+ }
+#endif
if (rsa->meth->rsa_keygen)
return rsa->meth->rsa_keygen(rsa, bits, e_value, cb);
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode())
+ return FIPS_rsa_generate_key_ex(rsa, bits, e_value, cb);
+#endif
return rsa_builtin_keygen(rsa, bits, e_value, cb);
}
@@ -234,5 +246,3 @@
return ok;
}
-
-#endif
Modified: trunk/crypto/openssl/crypto/rsa/rsa_lib.c
===================================================================
--- trunk/crypto/openssl/crypto/rsa/rsa_lib.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/rsa/rsa_lib.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -67,162 +67,270 @@
# include <openssl/engine.h>
#endif
-int RSA_public_encrypt(int flen, const unsigned char *from, unsigned char *to,
- RSA *rsa, int padding)
+#ifdef OPENSSL_FIPS
+# include <openssl/fips.h>
+#endif
+
+const char RSA_version[] = "RSA" OPENSSL_VERSION_PTEXT;
+
+static const RSA_METHOD *default_RSA_meth = NULL;
+
+RSA *RSA_new(void)
{
- return (rsa->meth->rsa_pub_enc(flen, from, to, rsa, padding));
-}
+ RSA *r = RSA_new_method(NULL);
-int RSA_private_encrypt(int flen, const unsigned char *from,
- unsigned char *to, RSA *rsa, int padding)
-{
-#ifdef OPENSSL_FIPS
- if (FIPS_mode() && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) {
- RSAerr(RSA_F_RSA_PRIVATE_ENCRYPT,
- RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE);
- return 0;
- }
-#endif
- return (rsa->meth->rsa_priv_enc(flen, from, to, rsa, padding));
+ return r;
}
-int RSA_private_decrypt(int flen, const unsigned char *from,
- unsigned char *to, RSA *rsa, int padding)
+void RSA_set_default_method(const RSA_METHOD *meth)
{
- return (rsa->meth->rsa_priv_dec(flen, from, to, rsa, padding));
+ default_RSA_meth = meth;
}
-int RSA_public_decrypt(int flen, const unsigned char *from, unsigned char *to,
- RSA *rsa, int padding)
+const RSA_METHOD *RSA_get_default_method(void)
{
+ if (default_RSA_meth == NULL) {
#ifdef OPENSSL_FIPS
- if (FIPS_mode() && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) {
- RSAerr(RSA_F_RSA_PUBLIC_DECRYPT,
- RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE);
- return 0;
+ if (FIPS_mode())
+ return FIPS_rsa_pkcs1_ssleay();
+ else
+ return RSA_PKCS1_SSLeay();
+#else
+# ifdef RSA_NULL
+ default_RSA_meth = RSA_null_method();
+# else
+ default_RSA_meth = RSA_PKCS1_SSLeay();
+# endif
+#endif
}
-#endif
- return (rsa->meth->rsa_pub_dec(flen, from, to, rsa, padding));
+
+ return default_RSA_meth;
}
-int RSA_size(const RSA *r)
+const RSA_METHOD *RSA_get_method(const RSA *rsa)
{
- return (BN_num_bytes(r->n));
+ return rsa->meth;
}
-void RSA_blinding_off(RSA *rsa)
+int RSA_set_method(RSA *rsa, const RSA_METHOD *meth)
{
- if (rsa->blinding != NULL) {
- BN_BLINDING_free(rsa->blinding);
- rsa->blinding = NULL;
+ /*
+ * NB: The caller is specifically setting a method, so it's not up to us
+ * to deal with which ENGINE it comes from.
+ */
+ const RSA_METHOD *mtmp;
+ mtmp = rsa->meth;
+ if (mtmp->finish)
+ mtmp->finish(rsa);
+#ifndef OPENSSL_NO_ENGINE
+ if (rsa->engine) {
+ ENGINE_finish(rsa->engine);
+ rsa->engine = NULL;
}
- rsa->flags &= ~RSA_FLAG_BLINDING;
- rsa->flags |= RSA_FLAG_NO_BLINDING;
+#endif
+ rsa->meth = meth;
+ if (meth->init)
+ meth->init(rsa);
+ return 1;
}
-int RSA_blinding_on(RSA *rsa, BN_CTX *ctx)
+RSA *RSA_new_method(ENGINE *engine)
{
- int ret = 0;
+ RSA *ret;
- if (rsa->blinding != NULL)
- RSA_blinding_off(rsa);
+ ret = (RSA *)OPENSSL_malloc(sizeof(RSA));
+ if (ret == NULL) {
+ RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_MALLOC_FAILURE);
+ return NULL;
+ }
- rsa->blinding = RSA_setup_blinding(rsa, ctx);
- if (rsa->blinding == NULL)
- goto err;
+ ret->meth = RSA_get_default_method();
+#ifndef OPENSSL_NO_ENGINE
+ if (engine) {
+ if (!ENGINE_init(engine)) {
+ RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_ENGINE_LIB);
+ OPENSSL_free(ret);
+ return NULL;
+ }
+ ret->engine = engine;
+ } else
+ ret->engine = ENGINE_get_default_RSA();
+ if (ret->engine) {
+ ret->meth = ENGINE_get_RSA(ret->engine);
+ if (!ret->meth) {
+ RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_ENGINE_LIB);
+ ENGINE_finish(ret->engine);
+ OPENSSL_free(ret);
+ return NULL;
+ }
+ }
+#endif
- rsa->flags |= RSA_FLAG_BLINDING;
- rsa->flags &= ~RSA_FLAG_NO_BLINDING;
- ret = 1;
- err:
+ ret->pad = 0;
+ ret->version = 0;
+ ret->n = NULL;
+ ret->e = NULL;
+ ret->d = NULL;
+ ret->p = NULL;
+ ret->q = NULL;
+ ret->dmp1 = NULL;
+ ret->dmq1 = NULL;
+ ret->iqmp = NULL;
+ ret->references = 1;
+ ret->_method_mod_n = NULL;
+ ret->_method_mod_p = NULL;
+ ret->_method_mod_q = NULL;
+ ret->blinding = NULL;
+ ret->mt_blinding = NULL;
+ ret->bignum_data = NULL;
+ ret->flags = ret->meth->flags & ~RSA_FLAG_NON_FIPS_ALLOW;
+ if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data)) {
+#ifndef OPENSSL_NO_ENGINE
+ if (ret->engine)
+ ENGINE_finish(ret->engine);
+#endif
+ OPENSSL_free(ret);
+ return (NULL);
+ }
+
+ if ((ret->meth->init != NULL) && !ret->meth->init(ret)) {
+#ifndef OPENSSL_NO_ENGINE
+ if (ret->engine)
+ ENGINE_finish(ret->engine);
+#endif
+ CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data);
+ OPENSSL_free(ret);
+ ret = NULL;
+ }
return (ret);
}
-static BIGNUM *rsa_get_public_exp(const BIGNUM *d, const BIGNUM *p,
- const BIGNUM *q, BN_CTX *ctx)
+void RSA_free(RSA *r)
{
- BIGNUM *ret = NULL, *r0, *r1, *r2;
+ int i;
- if (d == NULL || p == NULL || q == NULL)
- return NULL;
+ if (r == NULL)
+ return;
- BN_CTX_start(ctx);
- r0 = BN_CTX_get(ctx);
- r1 = BN_CTX_get(ctx);
- r2 = BN_CTX_get(ctx);
- if (r2 == NULL)
- goto err;
+ i = CRYPTO_add(&r->references, -1, CRYPTO_LOCK_RSA);
+#ifdef REF_PRINT
+ REF_PRINT("RSA", r);
+#endif
+ if (i > 0)
+ return;
+#ifdef REF_CHECK
+ if (i < 0) {
+ fprintf(stderr, "RSA_free, bad reference count\n");
+ abort();
+ }
+#endif
- if (!BN_sub(r1, p, BN_value_one()))
- goto err;
- if (!BN_sub(r2, q, BN_value_one()))
- goto err;
- if (!BN_mul(r0, r1, r2, ctx))
- goto err;
+ if (r->meth->finish)
+ r->meth->finish(r);
+#ifndef OPENSSL_NO_ENGINE
+ if (r->engine)
+ ENGINE_finish(r->engine);
+#endif
- ret = BN_mod_inverse(NULL, d, r0, ctx);
- err:
- BN_CTX_end(ctx);
- return ret;
+ CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, r, &r->ex_data);
+
+ if (r->n != NULL)
+ BN_clear_free(r->n);
+ if (r->e != NULL)
+ BN_clear_free(r->e);
+ if (r->d != NULL)
+ BN_clear_free(r->d);
+ if (r->p != NULL)
+ BN_clear_free(r->p);
+ if (r->q != NULL)
+ BN_clear_free(r->q);
+ if (r->dmp1 != NULL)
+ BN_clear_free(r->dmp1);
+ if (r->dmq1 != NULL)
+ BN_clear_free(r->dmq1);
+ if (r->iqmp != NULL)
+ BN_clear_free(r->iqmp);
+ if (r->blinding != NULL)
+ BN_BLINDING_free(r->blinding);
+ if (r->mt_blinding != NULL)
+ BN_BLINDING_free(r->mt_blinding);
+ if (r->bignum_data != NULL)
+ OPENSSL_free_locked(r->bignum_data);
+ OPENSSL_free(r);
}
-BN_BLINDING *RSA_setup_blinding(RSA *rsa, BN_CTX *in_ctx)
+int RSA_up_ref(RSA *r)
{
- BIGNUM local_n;
- BIGNUM *e, *n;
- BN_CTX *ctx;
- BN_BLINDING *ret = NULL;
+ int i = CRYPTO_add(&r->references, 1, CRYPTO_LOCK_RSA);
+#ifdef REF_PRINT
+ REF_PRINT("RSA", r);
+#endif
+#ifdef REF_CHECK
+ if (i < 2) {
+ fprintf(stderr, "RSA_up_ref, bad reference count\n");
+ abort();
+ }
+#endif
+ return ((i > 1) ? 1 : 0);
+}
- if (in_ctx == NULL) {
- if ((ctx = BN_CTX_new()) == NULL)
- return 0;
- } else
- ctx = in_ctx;
+int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+ CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
+{
+ return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_RSA, argl, argp,
+ new_func, dup_func, free_func);
+}
- BN_CTX_start(ctx);
- e = BN_CTX_get(ctx);
- if (e == NULL) {
- RSAerr(RSA_F_RSA_SETUP_BLINDING, ERR_R_MALLOC_FAILURE);
- goto err;
- }
+int RSA_set_ex_data(RSA *r, int idx, void *arg)
+{
+ return (CRYPTO_set_ex_data(&r->ex_data, idx, arg));
+}
- if (rsa->e == NULL) {
- e = rsa_get_public_exp(rsa->d, rsa->p, rsa->q, ctx);
- if (e == NULL) {
- RSAerr(RSA_F_RSA_SETUP_BLINDING, RSA_R_NO_PUBLIC_EXPONENT);
- goto err;
- }
- } else
- e = rsa->e;
+void *RSA_get_ex_data(const RSA *r, int idx)
+{
+ return (CRYPTO_get_ex_data(&r->ex_data, idx));
+}
- if ((RAND_status() == 0) && rsa->d != NULL && rsa->d->d != NULL) {
- /*
- * if PRNG is not properly seeded, resort to secret exponent as
- * unpredictable seed
- */
- RAND_add(rsa->d->d, rsa->d->dmax * sizeof rsa->d->d[0], 0.0);
+int RSA_memory_lock(RSA *r)
+{
+ int i, j, k, off;
+ char *p;
+ BIGNUM *bn, **t[6], *b;
+ BN_ULONG *ul;
+
+ if (r->d == NULL)
+ return (1);
+ t[0] = &r->d;
+ t[1] = &r->p;
+ t[2] = &r->q;
+ t[3] = &r->dmp1;
+ t[4] = &r->dmq1;
+ t[5] = &r->iqmp;
+ k = sizeof(BIGNUM) * 6;
+ off = k / sizeof(BN_ULONG) + 1;
+ j = 1;
+ for (i = 0; i < 6; i++)
+ j += (*t[i])->top;
+ if ((p = OPENSSL_malloc_locked((off + j) * sizeof(BN_ULONG))) == NULL) {
+ RSAerr(RSA_F_RSA_MEMORY_LOCK, ERR_R_MALLOC_FAILURE);
+ return (0);
}
+ bn = (BIGNUM *)p;
+ ul = (BN_ULONG *)&(p[off]);
+ for (i = 0; i < 6; i++) {
+ b = *(t[i]);
+ *(t[i]) = &(bn[i]);
+ memcpy((char *)&(bn[i]), (char *)b, sizeof(BIGNUM));
+ bn[i].flags = BN_FLG_STATIC_DATA;
+ bn[i].d = ul;
+ memcpy((char *)ul, b->d, sizeof(BN_ULONG) * b->top);
+ ul += b->top;
+ BN_clear_free(b);
+ }
- if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
- /* Set BN_FLG_CONSTTIME flag */
- n = &local_n;
- BN_with_flags(n, rsa->n, BN_FLG_CONSTTIME);
- } else
- n = rsa->n;
+ /* I should fix this so it can still be done */
+ r->flags &= ~(RSA_FLAG_CACHE_PRIVATE | RSA_FLAG_CACHE_PUBLIC);
- ret = BN_BLINDING_create_param(NULL, e, n, ctx,
- rsa->meth->bn_mod_exp, rsa->_method_mod_n);
- if (ret == NULL) {
- RSAerr(RSA_F_RSA_SETUP_BLINDING, ERR_R_BN_LIB);
- goto err;
- }
- BN_BLINDING_set_thread_id(ret, CRYPTO_thread_id());
- err:
- BN_CTX_end(ctx);
- if (in_ctx == NULL)
- BN_CTX_free(ctx);
- if (rsa->e == NULL)
- BN_free(e);
-
- return ret;
+ r->bignum_data = p;
+ return (1);
}
Copied: trunk/crypto/openssl/crypto/rsa/rsa_locl.h (from rev 7117, vendor-crypto/openssl/dist/crypto/rsa/rsa_locl.h)
===================================================================
--- trunk/crypto/openssl/crypto/rsa/rsa_locl.h (rev 0)
+++ trunk/crypto/openssl/crypto/rsa/rsa_locl.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,4 @@
+extern int int_rsa_verify(int dtype, const unsigned char *m,
+ unsigned int m_len, unsigned char *rm,
+ size_t *prm_len, const unsigned char *sigbuf,
+ size_t siglen, RSA *rsa);
Modified: trunk/crypto/openssl/crypto/rsa/rsa_oaep.c
===================================================================
--- trunk/crypto/openssl/crypto/rsa/rsa_oaep.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/rsa/rsa_oaep.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -28,8 +28,8 @@
# include <openssl/rand.h>
# include <openssl/sha.h>
-int MGF1(unsigned char *mask, long len,
- const unsigned char *seed, long seedlen);
+static int MGF1(unsigned char *mask, long len,
+ const unsigned char *seed, long seedlen);
int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
const unsigned char *from, int flen,
@@ -54,7 +54,8 @@
seed = to + 1;
db = to + SHA_DIGEST_LENGTH + 1;
- EVP_Digest((void *)param, plen, db, NULL, EVP_sha1(), NULL);
+ if (!EVP_Digest((void *)param, plen, db, NULL, EVP_sha1(), NULL))
+ return 0;
memset(db + SHA_DIGEST_LENGTH, 0,
emlen - flen - 2 * SHA_DIGEST_LENGTH - 1);
db[emlen - flen - SHA_DIGEST_LENGTH - 1] = 0x01;
@@ -73,11 +74,13 @@
return 0;
}
- MGF1(dbmask, emlen - SHA_DIGEST_LENGTH, seed, SHA_DIGEST_LENGTH);
+ if (MGF1(dbmask, emlen - SHA_DIGEST_LENGTH, seed, SHA_DIGEST_LENGTH) < 0)
+ return 0;
for (i = 0; i < emlen - SHA_DIGEST_LENGTH; i++)
db[i] ^= dbmask[i];
- MGF1(seedmask, SHA_DIGEST_LENGTH, db, emlen - SHA_DIGEST_LENGTH);
+ if (MGF1(seedmask, SHA_DIGEST_LENGTH, db, emlen - SHA_DIGEST_LENGTH) < 0)
+ return 0;
for (i = 0; i < SHA_DIGEST_LENGTH; i++)
seed[i] ^= seedmask[i];
@@ -142,15 +145,18 @@
maskedseed = em + 1;
maskeddb = em + 1 + SHA_DIGEST_LENGTH;
- MGF1(seed, SHA_DIGEST_LENGTH, maskeddb, dblen);
+ if (MGF1(seed, SHA_DIGEST_LENGTH, maskeddb, dblen))
+ goto cleanup;
for (i = 0; i < SHA_DIGEST_LENGTH; i++)
seed[i] ^= maskedseed[i];
- MGF1(db, dblen, seed, SHA_DIGEST_LENGTH);
+ if (MGF1(db, dblen, seed, SHA_DIGEST_LENGTH))
+ goto cleanup;
for (i = 0; i < dblen; i++)
db[i] ^= maskeddb[i];
- EVP_Digest((void *)param, plen, phash, NULL, EVP_sha1(), NULL);
+ if (!EVP_Digest((void *)param, plen, phash, NULL, EVP_sha1(), NULL))
+ goto cleanup;
good &=
constant_time_is_zero(CRYPTO_memcmp(db, phash, SHA_DIGEST_LENGTH));
@@ -211,32 +217,40 @@
EVP_MD_CTX c;
unsigned char md[EVP_MAX_MD_SIZE];
int mdlen;
+ int rv = -1;
EVP_MD_CTX_init(&c);
- mdlen = M_EVP_MD_size(dgst);
+ mdlen = EVP_MD_size(dgst);
+ if (mdlen < 0)
+ goto err;
for (i = 0; outlen < len; i++) {
cnt[0] = (unsigned char)((i >> 24) & 255);
cnt[1] = (unsigned char)((i >> 16) & 255);
cnt[2] = (unsigned char)((i >> 8)) & 255;
cnt[3] = (unsigned char)(i & 255);
- EVP_DigestInit_ex(&c, dgst, NULL);
- EVP_DigestUpdate(&c, seed, seedlen);
- EVP_DigestUpdate(&c, cnt, 4);
+ if (!EVP_DigestInit_ex(&c, dgst, NULL)
+ || !EVP_DigestUpdate(&c, seed, seedlen)
+ || !EVP_DigestUpdate(&c, cnt, 4))
+ goto err;
if (outlen + mdlen <= len) {
- EVP_DigestFinal_ex(&c, mask + outlen, NULL);
+ if (!EVP_DigestFinal_ex(&c, mask + outlen, NULL))
+ goto err;
outlen += mdlen;
} else {
- EVP_DigestFinal_ex(&c, md, NULL);
+ if (!EVP_DigestFinal_ex(&c, md, NULL))
+ goto err;
memcpy(mask + outlen, md, len - outlen);
outlen = len;
}
}
+ rv = 0;
+ err:
EVP_MD_CTX_cleanup(&c);
- return 0;
+ return rv;
}
-int MGF1(unsigned char *mask, long len, const unsigned char *seed,
- long seedlen)
+static int MGF1(unsigned char *mask, long len, const unsigned char *seed,
+ long seedlen)
{
return PKCS1_MGF1(mask, len, seed, seedlen, EVP_sha1());
}
Copied: trunk/crypto/openssl/crypto/rsa/rsa_pmeth.c (from rev 7117, vendor-crypto/openssl/dist/crypto/rsa/rsa_pmeth.c)
===================================================================
--- trunk/crypto/openssl/crypto/rsa/rsa_pmeth.c (rev 0)
+++ trunk/crypto/openssl/crypto/rsa/rsa_pmeth.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,665 @@
+/* crypto/rsa/rsa_pmeth.c */
+/*
+ * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+ * 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/x509.h>
+#include <openssl/rsa.h>
+#include <openssl/bn.h>
+#include <openssl/evp.h>
+#ifndef OPENSSL_NO_CMS
+# include <openssl/cms.h>
+#endif
+#ifdef OPENSSL_FIPS
+# include <openssl/fips.h>
+#endif
+#include "evp_locl.h"
+#include "rsa_locl.h"
+
+/* RSA pkey context structure */
+
+typedef struct {
+ /* Key gen parameters */
+ int nbits;
+ BIGNUM *pub_exp;
+ /* Keygen callback info */
+ int gentmp[2];
+ /* RSA padding mode */
+ int pad_mode;
+ /* message digest */
+ const EVP_MD *md;
+ /* message digest for MGF1 */
+ const EVP_MD *mgf1md;
+ /* PSS/OAEP salt length */
+ int saltlen;
+ /* Temp buffer */
+ unsigned char *tbuf;
+} RSA_PKEY_CTX;
+
+static int pkey_rsa_init(EVP_PKEY_CTX *ctx)
+{
+ RSA_PKEY_CTX *rctx;
+ rctx = OPENSSL_malloc(sizeof(RSA_PKEY_CTX));
+ if (!rctx)
+ return 0;
+ rctx->nbits = 1024;
+ rctx->pub_exp = NULL;
+ rctx->pad_mode = RSA_PKCS1_PADDING;
+ rctx->md = NULL;
+ rctx->mgf1md = NULL;
+ rctx->tbuf = NULL;
+
+ rctx->saltlen = -2;
+
+ ctx->data = rctx;
+ ctx->keygen_info = rctx->gentmp;
+ ctx->keygen_info_count = 2;
+
+ return 1;
+}
+
+static int pkey_rsa_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
+{
+ RSA_PKEY_CTX *dctx, *sctx;
+ if (!pkey_rsa_init(dst))
+ return 0;
+ sctx = src->data;
+ dctx = dst->data;
+ dctx->nbits = sctx->nbits;
+ if (sctx->pub_exp) {
+ dctx->pub_exp = BN_dup(sctx->pub_exp);
+ if (!dctx->pub_exp)
+ return 0;
+ }
+ dctx->pad_mode = sctx->pad_mode;
+ dctx->md = sctx->md;
+ return 1;
+}
+
+static int setup_tbuf(RSA_PKEY_CTX *ctx, EVP_PKEY_CTX *pk)
+{
+ if (ctx->tbuf)
+ return 1;
+ ctx->tbuf = OPENSSL_malloc(EVP_PKEY_size(pk->pkey));
+ if (!ctx->tbuf)
+ return 0;
+ return 1;
+}
+
+static void pkey_rsa_cleanup(EVP_PKEY_CTX *ctx)
+{
+ RSA_PKEY_CTX *rctx = ctx->data;
+ if (rctx) {
+ if (rctx->pub_exp)
+ BN_free(rctx->pub_exp);
+ if (rctx->tbuf)
+ OPENSSL_free(rctx->tbuf);
+ OPENSSL_free(rctx);
+ }
+}
+
+#ifdef OPENSSL_FIPS
+/*
+ * FIP checker. Return value indicates status of context parameters: 1 :
+ * redirect to FIPS. 0 : don't redirect to FIPS. -1 : illegal operation in
+ * FIPS mode.
+ */
+
+static int pkey_fips_check_ctx(EVP_PKEY_CTX *ctx)
+{
+ RSA_PKEY_CTX *rctx = ctx->data;
+ RSA *rsa = ctx->pkey->pkey.rsa;
+ int rv = -1;
+ if (!FIPS_mode())
+ return 0;
+ if (rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)
+ rv = 0;
+ if (!(rsa->meth->flags & RSA_FLAG_FIPS_METHOD) && rv)
+ return -1;
+ if (rctx->md && !(rctx->md->flags & EVP_MD_FLAG_FIPS))
+ return rv;
+ if (rctx->mgf1md && !(rctx->mgf1md->flags & EVP_MD_FLAG_FIPS))
+ return rv;
+ return 1;
+}
+#endif
+
+static int pkey_rsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig,
+ size_t *siglen, const unsigned char *tbs,
+ size_t tbslen)
+{
+ int ret;
+ RSA_PKEY_CTX *rctx = ctx->data;
+ RSA *rsa = ctx->pkey->pkey.rsa;
+
+#ifdef OPENSSL_FIPS
+ ret = pkey_fips_check_ctx(ctx);
+ if (ret < 0) {
+ RSAerr(RSA_F_PKEY_RSA_SIGN, RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE);
+ return -1;
+ }
+#endif
+
+ if (rctx->md) {
+ if (tbslen != (size_t)EVP_MD_size(rctx->md)) {
+ RSAerr(RSA_F_PKEY_RSA_SIGN, RSA_R_INVALID_DIGEST_LENGTH);
+ return -1;
+ }
+#ifdef OPENSSL_FIPS
+ if (ret > 0) {
+ unsigned int slen;
+ ret = FIPS_rsa_sign_digest(rsa, tbs, tbslen, rctx->md,
+ rctx->pad_mode,
+ rctx->saltlen,
+ rctx->mgf1md, sig, &slen);
+ if (ret > 0)
+ *siglen = slen;
+ else
+ *siglen = 0;
+ return ret;
+ }
+#endif
+
+ if (EVP_MD_type(rctx->md) == NID_mdc2) {
+ unsigned int sltmp;
+ if (rctx->pad_mode != RSA_PKCS1_PADDING)
+ return -1;
+ ret = RSA_sign_ASN1_OCTET_STRING(NID_mdc2,
+ tbs, tbslen, sig, &sltmp, rsa);
+
+ if (ret <= 0)
+ return ret;
+ ret = sltmp;
+ } else if (rctx->pad_mode == RSA_X931_PADDING) {
+ if ((size_t)EVP_PKEY_size(ctx->pkey) < tbslen + 1) {
+ RSAerr(RSA_F_PKEY_RSA_SIGN, RSA_R_KEY_SIZE_TOO_SMALL);
+ return -1;
+ }
+ if (!setup_tbuf(rctx, ctx)) {
+ RSAerr(RSA_F_PKEY_RSA_SIGN, ERR_R_MALLOC_FAILURE);
+ return -1;
+ }
+ memcpy(rctx->tbuf, tbs, tbslen);
+ rctx->tbuf[tbslen] = RSA_X931_hash_id(EVP_MD_type(rctx->md));
+ ret = RSA_private_encrypt(tbslen + 1, rctx->tbuf,
+ sig, rsa, RSA_X931_PADDING);
+ } else if (rctx->pad_mode == RSA_PKCS1_PADDING) {
+ unsigned int sltmp;
+ ret = RSA_sign(EVP_MD_type(rctx->md),
+ tbs, tbslen, sig, &sltmp, rsa);
+ if (ret <= 0)
+ return ret;
+ ret = sltmp;
+ } else if (rctx->pad_mode == RSA_PKCS1_PSS_PADDING) {
+ if (!setup_tbuf(rctx, ctx))
+ return -1;
+ if (!RSA_padding_add_PKCS1_PSS_mgf1(rsa,
+ rctx->tbuf, tbs,
+ rctx->md, rctx->mgf1md,
+ rctx->saltlen))
+ return -1;
+ ret = RSA_private_encrypt(RSA_size(rsa), rctx->tbuf,
+ sig, rsa, RSA_NO_PADDING);
+ } else
+ return -1;
+ } else
+ ret = RSA_private_encrypt(tbslen, tbs, sig, ctx->pkey->pkey.rsa,
+ rctx->pad_mode);
+ if (ret < 0)
+ return ret;
+ *siglen = ret;
+ return 1;
+}
+
+static int pkey_rsa_verifyrecover(EVP_PKEY_CTX *ctx,
+ unsigned char *rout, size_t *routlen,
+ const unsigned char *sig, size_t siglen)
+{
+ int ret;
+ RSA_PKEY_CTX *rctx = ctx->data;
+
+ if (rctx->md) {
+ if (rctx->pad_mode == RSA_X931_PADDING) {
+ if (!setup_tbuf(rctx, ctx))
+ return -1;
+ ret = RSA_public_decrypt(siglen, sig,
+ rctx->tbuf, ctx->pkey->pkey.rsa,
+ RSA_X931_PADDING);
+ if (ret < 1)
+ return 0;
+ ret--;
+ if (rctx->tbuf[ret] != RSA_X931_hash_id(EVP_MD_type(rctx->md))) {
+ RSAerr(RSA_F_PKEY_RSA_VERIFYRECOVER,
+ RSA_R_ALGORITHM_MISMATCH);
+ return 0;
+ }
+ if (ret != EVP_MD_size(rctx->md)) {
+ RSAerr(RSA_F_PKEY_RSA_VERIFYRECOVER,
+ RSA_R_INVALID_DIGEST_LENGTH);
+ return 0;
+ }
+ if (rout)
+ memcpy(rout, rctx->tbuf, ret);
+ } else if (rctx->pad_mode == RSA_PKCS1_PADDING) {
+ size_t sltmp;
+ ret = int_rsa_verify(EVP_MD_type(rctx->md),
+ NULL, 0, rout, &sltmp,
+ sig, siglen, ctx->pkey->pkey.rsa);
+ if (ret <= 0)
+ return 0;
+ ret = sltmp;
+ } else
+ return -1;
+ } else
+ ret = RSA_public_decrypt(siglen, sig, rout, ctx->pkey->pkey.rsa,
+ rctx->pad_mode);
+ if (ret < 0)
+ return ret;
+ *routlen = ret;
+ return 1;
+}
+
+static int pkey_rsa_verify(EVP_PKEY_CTX *ctx,
+ const unsigned char *sig, size_t siglen,
+ const unsigned char *tbs, size_t tbslen)
+{
+ RSA_PKEY_CTX *rctx = ctx->data;
+ RSA *rsa = ctx->pkey->pkey.rsa;
+ size_t rslen;
+#ifdef OPENSSL_FIPS
+ int rv;
+ rv = pkey_fips_check_ctx(ctx);
+ if (rv < 0) {
+ RSAerr(RSA_F_PKEY_RSA_VERIFY,
+ RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE);
+ return -1;
+ }
+#endif
+ if (rctx->md) {
+#ifdef OPENSSL_FIPS
+ if (rv > 0) {
+ return FIPS_rsa_verify_digest(rsa,
+ tbs, tbslen,
+ rctx->md,
+ rctx->pad_mode,
+ rctx->saltlen,
+ rctx->mgf1md, sig, siglen);
+
+ }
+#endif
+ if (rctx->pad_mode == RSA_PKCS1_PADDING)
+ return RSA_verify(EVP_MD_type(rctx->md), tbs, tbslen,
+ sig, siglen, rsa);
+ if (rctx->pad_mode == RSA_X931_PADDING) {
+ if (pkey_rsa_verifyrecover(ctx, NULL, &rslen, sig, siglen) <= 0)
+ return 0;
+ } else if (rctx->pad_mode == RSA_PKCS1_PSS_PADDING) {
+ int ret;
+ if (!setup_tbuf(rctx, ctx))
+ return -1;
+ ret = RSA_public_decrypt(siglen, sig, rctx->tbuf,
+ rsa, RSA_NO_PADDING);
+ if (ret <= 0)
+ return 0;
+ ret = RSA_verify_PKCS1_PSS_mgf1(rsa, tbs,
+ rctx->md, rctx->mgf1md,
+ rctx->tbuf, rctx->saltlen);
+ if (ret <= 0)
+ return 0;
+ return 1;
+ } else
+ return -1;
+ } else {
+ if (!setup_tbuf(rctx, ctx))
+ return -1;
+ rslen = RSA_public_decrypt(siglen, sig, rctx->tbuf,
+ rsa, rctx->pad_mode);
+ if (rslen == 0)
+ return 0;
+ }
+
+ if ((rslen != tbslen) || memcmp(tbs, rctx->tbuf, rslen))
+ return 0;
+
+ return 1;
+
+}
+
+static int pkey_rsa_encrypt(EVP_PKEY_CTX *ctx,
+ unsigned char *out, size_t *outlen,
+ const unsigned char *in, size_t inlen)
+{
+ int ret;
+ RSA_PKEY_CTX *rctx = ctx->data;
+ ret = RSA_public_encrypt(inlen, in, out, ctx->pkey->pkey.rsa,
+ rctx->pad_mode);
+ if (ret < 0)
+ return ret;
+ *outlen = ret;
+ return 1;
+}
+
+static int pkey_rsa_decrypt(EVP_PKEY_CTX *ctx,
+ unsigned char *out, size_t *outlen,
+ const unsigned char *in, size_t inlen)
+{
+ int ret;
+ RSA_PKEY_CTX *rctx = ctx->data;
+ ret = RSA_private_decrypt(inlen, in, out, ctx->pkey->pkey.rsa,
+ rctx->pad_mode);
+ if (ret < 0)
+ return ret;
+ *outlen = ret;
+ return 1;
+}
+
+static int check_padding_md(const EVP_MD *md, int padding)
+{
+ if (!md)
+ return 1;
+
+ if (padding == RSA_NO_PADDING) {
+ RSAerr(RSA_F_CHECK_PADDING_MD, RSA_R_INVALID_PADDING_MODE);
+ return 0;
+ }
+
+ if (padding == RSA_X931_PADDING) {
+ if (RSA_X931_hash_id(EVP_MD_type(md)) == -1) {
+ RSAerr(RSA_F_CHECK_PADDING_MD, RSA_R_INVALID_X931_DIGEST);
+ return 0;
+ }
+ return 1;
+ }
+
+ return 1;
+}
+
+static int pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
+{
+ RSA_PKEY_CTX *rctx = ctx->data;
+ switch (type) {
+ case EVP_PKEY_CTRL_RSA_PADDING:
+ if ((p1 >= RSA_PKCS1_PADDING) && (p1 <= RSA_PKCS1_PSS_PADDING)) {
+ if (!check_padding_md(rctx->md, p1))
+ return 0;
+ if (p1 == RSA_PKCS1_PSS_PADDING) {
+ if (!(ctx->operation &
+ (EVP_PKEY_OP_SIGN | EVP_PKEY_OP_VERIFY)))
+ goto bad_pad;
+ if (!rctx->md)
+ rctx->md = EVP_sha1();
+ }
+ if (p1 == RSA_PKCS1_OAEP_PADDING) {
+ if (!(ctx->operation & EVP_PKEY_OP_TYPE_CRYPT))
+ goto bad_pad;
+ if (!rctx->md)
+ rctx->md = EVP_sha1();
+ }
+ rctx->pad_mode = p1;
+ return 1;
+ }
+ bad_pad:
+ RSAerr(RSA_F_PKEY_RSA_CTRL,
+ RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE);
+ return -2;
+
+ case EVP_PKEY_CTRL_GET_RSA_PADDING:
+ *(int *)p2 = rctx->pad_mode;
+ return 1;
+
+ case EVP_PKEY_CTRL_RSA_PSS_SALTLEN:
+ case EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN:
+ if (rctx->pad_mode != RSA_PKCS1_PSS_PADDING) {
+ RSAerr(RSA_F_PKEY_RSA_CTRL, RSA_R_INVALID_PSS_SALTLEN);
+ return -2;
+ }
+ if (type == EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN)
+ *(int *)p2 = rctx->saltlen;
+ else {
+ if (p1 < -2)
+ return -2;
+ rctx->saltlen = p1;
+ }
+ return 1;
+
+ case EVP_PKEY_CTRL_RSA_KEYGEN_BITS:
+ if (p1 < 256) {
+ RSAerr(RSA_F_PKEY_RSA_CTRL, RSA_R_INVALID_KEYBITS);
+ return -2;
+ }
+ rctx->nbits = p1;
+ return 1;
+
+ case EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP:
+ if (!p2)
+ return -2;
+ rctx->pub_exp = p2;
+ return 1;
+
+ case EVP_PKEY_CTRL_MD:
+ if (!check_padding_md(p2, rctx->pad_mode))
+ return 0;
+ rctx->md = p2;
+ return 1;
+
+ case EVP_PKEY_CTRL_RSA_MGF1_MD:
+ case EVP_PKEY_CTRL_GET_RSA_MGF1_MD:
+ if (rctx->pad_mode != RSA_PKCS1_PSS_PADDING) {
+ RSAerr(RSA_F_PKEY_RSA_CTRL, RSA_R_INVALID_MGF1_MD);
+ return -2;
+ }
+ if (type == EVP_PKEY_CTRL_GET_RSA_MGF1_MD) {
+ if (rctx->mgf1md)
+ *(const EVP_MD **)p2 = rctx->mgf1md;
+ else
+ *(const EVP_MD **)p2 = rctx->md;
+ } else
+ rctx->mgf1md = p2;
+ return 1;
+
+ case EVP_PKEY_CTRL_DIGESTINIT:
+ case EVP_PKEY_CTRL_PKCS7_ENCRYPT:
+ case EVP_PKEY_CTRL_PKCS7_DECRYPT:
+ case EVP_PKEY_CTRL_PKCS7_SIGN:
+ return 1;
+#ifndef OPENSSL_NO_CMS
+ case EVP_PKEY_CTRL_CMS_DECRYPT:
+ {
+ X509_ALGOR *alg = NULL;
+ ASN1_OBJECT *encalg = NULL;
+ if (p2)
+ CMS_RecipientInfo_ktri_get0_algs(p2, NULL, NULL, &alg);
+ if (alg)
+ X509_ALGOR_get0(&encalg, NULL, NULL, alg);
+ if (encalg && OBJ_obj2nid(encalg) == NID_rsaesOaep)
+ rctx->pad_mode = RSA_PKCS1_OAEP_PADDING;
+ }
+ case EVP_PKEY_CTRL_CMS_ENCRYPT:
+ case EVP_PKEY_CTRL_CMS_SIGN:
+ return 1;
+#endif
+ case EVP_PKEY_CTRL_PEER_KEY:
+ RSAerr(RSA_F_PKEY_RSA_CTRL,
+ RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+ return -2;
+
+ default:
+ return -2;
+
+ }
+}
+
+static int pkey_rsa_ctrl_str(EVP_PKEY_CTX *ctx,
+ const char *type, const char *value)
+{
+ if (!value) {
+ RSAerr(RSA_F_PKEY_RSA_CTRL_STR, RSA_R_VALUE_MISSING);
+ return 0;
+ }
+ if (!strcmp(type, "rsa_padding_mode")) {
+ int pm;
+ if (!strcmp(value, "pkcs1"))
+ pm = RSA_PKCS1_PADDING;
+ else if (!strcmp(value, "sslv23"))
+ pm = RSA_SSLV23_PADDING;
+ else if (!strcmp(value, "none"))
+ pm = RSA_NO_PADDING;
+ else if (!strcmp(value, "oeap"))
+ pm = RSA_PKCS1_OAEP_PADDING;
+ else if (!strcmp(value, "oaep"))
+ pm = RSA_PKCS1_OAEP_PADDING;
+ else if (!strcmp(value, "x931"))
+ pm = RSA_X931_PADDING;
+ else if (!strcmp(value, "pss"))
+ pm = RSA_PKCS1_PSS_PADDING;
+ else {
+ RSAerr(RSA_F_PKEY_RSA_CTRL_STR, RSA_R_UNKNOWN_PADDING_TYPE);
+ return -2;
+ }
+ return EVP_PKEY_CTX_set_rsa_padding(ctx, pm);
+ }
+
+ if (!strcmp(type, "rsa_pss_saltlen")) {
+ int saltlen;
+ saltlen = atoi(value);
+ return EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx, saltlen);
+ }
+
+ if (!strcmp(type, "rsa_keygen_bits")) {
+ int nbits;
+ nbits = atoi(value);
+ return EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, nbits);
+ }
+
+ if (!strcmp(type, "rsa_keygen_pubexp")) {
+ int ret;
+ BIGNUM *pubexp = NULL;
+ if (!BN_asc2bn(&pubexp, value))
+ return 0;
+ ret = EVP_PKEY_CTX_set_rsa_keygen_pubexp(ctx, pubexp);
+ if (ret <= 0)
+ BN_free(pubexp);
+ return ret;
+ }
+
+ return -2;
+}
+
+static int pkey_rsa_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
+{
+ RSA *rsa = NULL;
+ RSA_PKEY_CTX *rctx = ctx->data;
+ BN_GENCB *pcb, cb;
+ int ret;
+ if (!rctx->pub_exp) {
+ rctx->pub_exp = BN_new();
+ if (!rctx->pub_exp || !BN_set_word(rctx->pub_exp, RSA_F4))
+ return 0;
+ }
+ rsa = RSA_new();
+ if (!rsa)
+ return 0;
+ if (ctx->pkey_gencb) {
+ pcb = &cb;
+ evp_pkey_set_cb_translate(pcb, ctx);
+ } else
+ pcb = NULL;
+ ret = RSA_generate_key_ex(rsa, rctx->nbits, rctx->pub_exp, pcb);
+ if (ret > 0)
+ EVP_PKEY_assign_RSA(pkey, rsa);
+ else
+ RSA_free(rsa);
+ return ret;
+}
+
+const EVP_PKEY_METHOD rsa_pkey_meth = {
+ EVP_PKEY_RSA,
+ EVP_PKEY_FLAG_AUTOARGLEN,
+ pkey_rsa_init,
+ pkey_rsa_copy,
+ pkey_rsa_cleanup,
+
+ 0, 0,
+
+ 0,
+ pkey_rsa_keygen,
+
+ 0,
+ pkey_rsa_sign,
+
+ 0,
+ pkey_rsa_verify,
+
+ 0,
+ pkey_rsa_verifyrecover,
+
+ 0, 0, 0, 0,
+
+ 0,
+ pkey_rsa_encrypt,
+
+ 0,
+ pkey_rsa_decrypt,
+
+ 0, 0,
+
+ pkey_rsa_ctrl,
+ pkey_rsa_ctrl_str
+};
Copied: trunk/crypto/openssl/crypto/rsa/rsa_prn.c (from rev 7117, vendor-crypto/openssl/dist/crypto/rsa/rsa_prn.c)
===================================================================
--- trunk/crypto/openssl/crypto/rsa/rsa_prn.c (rev 0)
+++ trunk/crypto/openssl/crypto/rsa/rsa_prn.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,92 @@
+/* crypto/rsa/rsa_prn.c */
+/*
+ * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL project
+ * 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/rsa.h>
+#include <openssl/evp.h>
+
+#ifndef OPENSSL_NO_FP_API
+int RSA_print_fp(FILE *fp, const RSA *x, int off)
+{
+ BIO *b;
+ int ret;
+
+ if ((b = BIO_new(BIO_s_file())) == NULL) {
+ RSAerr(RSA_F_RSA_PRINT_FP, ERR_R_BUF_LIB);
+ return (0);
+ }
+ BIO_set_fp(b, fp, BIO_NOCLOSE);
+ ret = RSA_print(b, x, off);
+ BIO_free(b);
+ return (ret);
+}
+#endif
+
+int RSA_print(BIO *bp, const RSA *x, int off)
+{
+ EVP_PKEY *pk;
+ int ret;
+ pk = EVP_PKEY_new();
+ if (!pk || !EVP_PKEY_set1_RSA(pk, (RSA *)x))
+ return 0;
+ ret = EVP_PKEY_print_private(bp, pk, off, NULL);
+ EVP_PKEY_free(pk);
+ return ret;
+}
Modified: trunk/crypto/openssl/crypto/rsa/rsa_pss.c
===================================================================
--- trunk/crypto/openssl/crypto/rsa/rsa_pss.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/rsa/rsa_pss.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -75,6 +75,13 @@
const EVP_MD *Hash, const unsigned char *EM,
int sLen)
{
+ return RSA_verify_PKCS1_PSS_mgf1(rsa, mHash, Hash, NULL, EM, sLen);
+}
+
+int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash,
+ const EVP_MD *Hash, const EVP_MD *mgf1Hash,
+ const unsigned char *EM, int sLen)
+{
int i;
int ret = 0;
int hLen, maskedDBLen, MSBits, emLen;
@@ -82,8 +89,14 @@
unsigned char *DB = NULL;
EVP_MD_CTX ctx;
unsigned char H_[EVP_MAX_MD_SIZE];
+ EVP_MD_CTX_init(&ctx);
- hLen = M_EVP_MD_size(Hash);
+ if (mgf1Hash == NULL)
+ mgf1Hash = Hash;
+
+ hLen = EVP_MD_size(Hash);
+ if (hLen < 0)
+ goto err;
/*-
* Negative sLen has special meanings:
* -1 sLen == hLen
@@ -95,7 +108,7 @@
else if (sLen == -2)
sLen = -2;
else if (sLen < -2) {
- RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_SLEN_CHECK_FAILED);
+ RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, RSA_R_SLEN_CHECK_FAILED);
goto err;
}
@@ -102,7 +115,7 @@
MSBits = (BN_num_bits(rsa->n) - 1) & 0x7;
emLen = RSA_size(rsa);
if (EM[0] & (0xFF << MSBits)) {
- RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_FIRST_OCTET_INVALID);
+ RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, RSA_R_FIRST_OCTET_INVALID);
goto err;
}
if (MSBits == 0) {
@@ -110,11 +123,11 @@
emLen--;
}
if (emLen < (hLen + sLen + 2)) { /* sLen can be small negative */
- RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_DATA_TOO_LARGE);
+ RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, RSA_R_DATA_TOO_LARGE);
goto err;
}
if (EM[emLen - 1] != 0xbc) {
- RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_LAST_OCTET_INVALID);
+ RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, RSA_R_LAST_OCTET_INVALID);
goto err;
}
maskedDBLen = emLen - hLen - 1;
@@ -121,10 +134,11 @@
H = EM + maskedDBLen;
DB = OPENSSL_malloc(maskedDBLen);
if (!DB) {
- RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, ERR_R_MALLOC_FAILURE);
+ RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, ERR_R_MALLOC_FAILURE);
goto err;
}
- PKCS1_MGF1(DB, maskedDBLen, H, hLen, Hash);
+ if (PKCS1_MGF1(DB, maskedDBLen, H, hLen, mgf1Hash) < 0)
+ goto err;
for (i = 0; i < maskedDBLen; i++)
DB[i] ^= EM[i];
if (MSBits)
@@ -131,23 +145,25 @@
DB[0] &= 0xFF >> (8 - MSBits);
for (i = 0; DB[i] == 0 && i < (maskedDBLen - 1); i++) ;
if (DB[i++] != 0x1) {
- RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_SLEN_RECOVERY_FAILED);
+ RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, RSA_R_SLEN_RECOVERY_FAILED);
goto err;
}
if (sLen >= 0 && (maskedDBLen - i) != sLen) {
- RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_SLEN_CHECK_FAILED);
+ RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, RSA_R_SLEN_CHECK_FAILED);
goto err;
}
- EVP_MD_CTX_init(&ctx);
- EVP_DigestInit_ex(&ctx, Hash, NULL);
- EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes);
- EVP_DigestUpdate(&ctx, mHash, hLen);
- if (maskedDBLen - i)
- EVP_DigestUpdate(&ctx, DB + i, maskedDBLen - i);
- EVP_DigestFinal(&ctx, H_, NULL);
- EVP_MD_CTX_cleanup(&ctx);
+ if (!EVP_DigestInit_ex(&ctx, Hash, NULL)
+ || !EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes)
+ || !EVP_DigestUpdate(&ctx, mHash, hLen))
+ goto err;
+ if (maskedDBLen - i) {
+ if (!EVP_DigestUpdate(&ctx, DB + i, maskedDBLen - i))
+ goto err;
+ }
+ if (!EVP_DigestFinal_ex(&ctx, H_, NULL))
+ goto err;
if (memcmp(H_, H, hLen)) {
- RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_BAD_SIGNATURE);
+ RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, RSA_R_BAD_SIGNATURE);
ret = 0;
} else
ret = 1;
@@ -155,6 +171,7 @@
err:
if (DB)
OPENSSL_free(DB);
+ EVP_MD_CTX_cleanup(&ctx);
return ret;
@@ -164,6 +181,14 @@
const unsigned char *mHash,
const EVP_MD *Hash, int sLen)
{
+ return RSA_padding_add_PKCS1_PSS_mgf1(rsa, EM, mHash, Hash, NULL, sLen);
+}
+
+int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM,
+ const unsigned char *mHash,
+ const EVP_MD *Hash, const EVP_MD *mgf1Hash,
+ int sLen)
+{
int i;
int ret = 0;
int hLen, maskedDBLen, MSBits, emLen;
@@ -170,7 +195,12 @@
unsigned char *H, *salt = NULL, *p;
EVP_MD_CTX ctx;
- hLen = M_EVP_MD_size(Hash);
+ if (mgf1Hash == NULL)
+ mgf1Hash = Hash;
+
+ hLen = EVP_MD_size(Hash);
+ if (hLen < 0)
+ goto err;
/*-
* Negative sLen has special meanings:
* -1 sLen == hLen
@@ -182,7 +212,7 @@
else if (sLen == -2)
sLen = -2;
else if (sLen < -2) {
- RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_PSS, RSA_R_SLEN_CHECK_FAILED);
+ RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1, RSA_R_SLEN_CHECK_FAILED);
goto err;
}
@@ -195,7 +225,7 @@
if (sLen == -2) {
sLen = emLen - hLen - 2;
} else if (emLen < (hLen + sLen + 2)) {
- RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_PSS,
+ RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1,
RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
goto err;
}
@@ -202,7 +232,8 @@
if (sLen > 0) {
salt = OPENSSL_malloc(sLen);
if (!salt) {
- RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_PSS, ERR_R_MALLOC_FAILURE);
+ RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1,
+ ERR_R_MALLOC_FAILURE);
goto err;
}
if (RAND_bytes(salt, sLen) <= 0)
@@ -211,16 +242,19 @@
maskedDBLen = emLen - hLen - 1;
H = EM + maskedDBLen;
EVP_MD_CTX_init(&ctx);
- EVP_DigestInit_ex(&ctx, Hash, NULL);
- EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes);
- EVP_DigestUpdate(&ctx, mHash, hLen);
- if (sLen)
- EVP_DigestUpdate(&ctx, salt, sLen);
- EVP_DigestFinal(&ctx, H, NULL);
+ if (!EVP_DigestInit_ex(&ctx, Hash, NULL)
+ || !EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes)
+ || !EVP_DigestUpdate(&ctx, mHash, hLen))
+ goto err;
+ if (sLen && !EVP_DigestUpdate(&ctx, salt, sLen))
+ goto err;
+ if (!EVP_DigestFinal_ex(&ctx, H, NULL))
+ goto err;
EVP_MD_CTX_cleanup(&ctx);
/* Generate dbMask in place then perform XOR on it */
- PKCS1_MGF1(EM, maskedDBLen, H, hLen, Hash);
+ if (PKCS1_MGF1(EM, maskedDBLen, H, hLen, mgf1Hash))
+ goto err;
p = EM;
Modified: trunk/crypto/openssl/crypto/rsa/rsa_sign.c
===================================================================
--- trunk/crypto/openssl/crypto/rsa/rsa_sign.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/rsa/rsa_sign.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -62,6 +62,7 @@
#include <openssl/rsa.h>
#include <openssl/objects.h>
#include <openssl/x509.h>
+#include "rsa_locl.h"
/* Size of an SSL signature: MD5+SHA1 */
#define SSL_SIG_LENGTH 36
@@ -76,6 +77,13 @@
const unsigned char *s = NULL;
X509_ALGOR algor;
ASN1_OCTET_STRING digest;
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode() && !(rsa->meth->flags & RSA_FLAG_FIPS_METHOD)
+ && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) {
+ RSAerr(RSA_F_RSA_SIGN, RSA_R_NON_FIPS_RSA_METHOD);
+ return 0;
+ }
+#endif
if ((rsa->flags & RSA_FLAG_SIGN_VER) && rsa->meth->rsa_sign) {
return rsa->meth->rsa_sign(type, m, m_len, sigret, siglen, rsa);
}
@@ -88,13 +96,6 @@
i = SSL_SIG_LENGTH;
s = m;
} else {
- /* NB: in FIPS mode block anything that isn't a TLS signature */
-#ifdef OPENSSL_FIPS
- if (FIPS_mode() && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) {
- RSAerr(RSA_F_RSA_SIGN, RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE);
- return 0;
- }
-#endif
sig.algor = &algor;
sig.algor->algorithm = OBJ_nid2obj(type);
if (sig.algor->algorithm == NULL) {
@@ -131,12 +132,7 @@
i2d_X509_SIG(&sig, &p);
s = tmps;
}
-#ifdef OPENSSL_FIPS
- /* Bypass algorithm blocking: this is allowed if we get this far */
- i = rsa->meth->rsa_priv_enc(i, s, sigret, rsa, RSA_PKCS1_PADDING);
-#else
i = RSA_private_encrypt(i, s, sigret, rsa, RSA_PKCS1_PADDING);
-#endif
if (i <= 0)
ret = 0;
else
@@ -169,53 +165,69 @@
return ret;
}
-int RSA_verify(int dtype, const unsigned char *m, unsigned int m_len,
- unsigned char *sigbuf, unsigned int siglen, RSA *rsa)
+int int_rsa_verify(int dtype, const unsigned char *m,
+ unsigned int m_len,
+ unsigned char *rm, size_t *prm_len,
+ const unsigned char *sigbuf, size_t siglen, RSA *rsa)
{
int i, ret = 0, sigtype;
unsigned char *s;
X509_SIG *sig = NULL;
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode() && !(rsa->meth->flags & RSA_FLAG_FIPS_METHOD)
+ && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) {
+ RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_NON_FIPS_RSA_METHOD);
+ return 0;
+ }
+#endif
+
if (siglen != (unsigned int)RSA_size(rsa)) {
- RSAerr(RSA_F_RSA_VERIFY, RSA_R_WRONG_SIGNATURE_LENGTH);
+ RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_WRONG_SIGNATURE_LENGTH);
return (0);
}
- if ((rsa->flags & RSA_FLAG_SIGN_VER) && rsa->meth->rsa_verify) {
- return rsa->meth->rsa_verify(dtype, m, m_len, sigbuf, siglen, rsa);
+ if ((dtype == NID_md5_sha1) && rm) {
+ i = RSA_public_decrypt((int)siglen,
+ sigbuf, rm, rsa, RSA_PKCS1_PADDING);
+ if (i <= 0)
+ return 0;
+ *prm_len = i;
+ return 1;
}
s = (unsigned char *)OPENSSL_malloc((unsigned int)siglen);
if (s == NULL) {
- RSAerr(RSA_F_RSA_VERIFY, ERR_R_MALLOC_FAILURE);
+ RSAerr(RSA_F_INT_RSA_VERIFY, ERR_R_MALLOC_FAILURE);
goto err;
}
- if (dtype == NID_md5_sha1) {
- if (m_len != SSL_SIG_LENGTH) {
- RSAerr(RSA_F_RSA_VERIFY, RSA_R_INVALID_MESSAGE_LENGTH);
- goto err;
- }
+ if ((dtype == NID_md5_sha1) && (m_len != SSL_SIG_LENGTH)) {
+ RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_INVALID_MESSAGE_LENGTH);
+ goto err;
}
- /* NB: in FIPS mode block anything that isn't a TLS signature */
-#ifdef OPENSSL_FIPS
- else if (FIPS_mode() && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) {
- RSAerr(RSA_F_RSA_VERIFY, RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE);
- return 0;
- }
- /* Bypass algorithm blocking: this is allowed */
- i = rsa->meth->rsa_pub_dec((int)siglen, sigbuf, s, rsa,
- RSA_PKCS1_PADDING);
-#else
i = RSA_public_decrypt((int)siglen, sigbuf, s, rsa, RSA_PKCS1_PADDING);
-#endif
if (i <= 0)
goto err;
+ /*
+ * Oddball MDC2 case: signature can be OCTET STRING. check for correct
+ * tag and length octets.
+ */
+ if (dtype == NID_mdc2 && i == 18 && s[0] == 0x04 && s[1] == 0x10) {
+ if (rm) {
+ memcpy(rm, s + 2, 16);
+ *prm_len = 16;
+ ret = 1;
+ } else if (memcmp(m, s + 2, 16))
+ RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_BAD_SIGNATURE);
+ else
+ ret = 1;
+ }
/* Special case: SSL signature */
if (dtype == NID_md5_sha1) {
if ((i != SSL_SIG_LENGTH) || memcmp(s, m, SSL_SIG_LENGTH))
- RSAerr(RSA_F_RSA_VERIFY, RSA_R_BAD_SIGNATURE);
+ RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_BAD_SIGNATURE);
else
ret = 1;
} else {
@@ -227,7 +239,7 @@
/* Excess data can be used to create forgeries */
if (p != s + i || !rsa_check_digestinfo(sig, s, i)) {
- RSAerr(RSA_F_RSA_VERIFY, RSA_R_BAD_SIGNATURE);
+ RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_BAD_SIGNATURE);
goto err;
}
@@ -237,7 +249,7 @@
*/
if (sig->algor->parameter
&& ASN1_TYPE_get(sig->algor->parameter) != V_ASN1_NULL) {
- RSAerr(RSA_F_RSA_VERIFY, RSA_R_BAD_SIGNATURE);
+ RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_BAD_SIGNATURE);
goto err;
}
@@ -259,13 +271,23 @@
"signature has problems, re-make with post SSLeay045\n");
#endif
} else {
- RSAerr(RSA_F_RSA_VERIFY, RSA_R_ALGORITHM_MISMATCH);
+ RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_ALGORITHM_MISMATCH);
goto err;
}
}
- if (((unsigned int)sig->digest->length != m_len) ||
- (memcmp(m, sig->digest->data, m_len) != 0)) {
- RSAerr(RSA_F_RSA_VERIFY, RSA_R_BAD_SIGNATURE);
+ if (rm) {
+ const EVP_MD *md;
+ md = EVP_get_digestbynid(dtype);
+ if (md && (EVP_MD_size(md) != sig->digest->length))
+ RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_INVALID_DIGEST_LENGTH);
+ else {
+ memcpy(rm, sig->digest->data, sig->digest->length);
+ *prm_len = sig->digest->length;
+ ret = 1;
+ }
+ } else if (((unsigned int)sig->digest->length != m_len) ||
+ (memcmp(m, sig->digest->data, m_len) != 0)) {
+ RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_BAD_SIGNATURE);
} else
ret = 1;
}
@@ -278,3 +300,14 @@
}
return (ret);
}
+
+int RSA_verify(int dtype, const unsigned char *m, unsigned int m_len,
+ const unsigned char *sigbuf, unsigned int siglen, RSA *rsa)
+{
+
+ if ((rsa->flags & RSA_FLAG_SIGN_VER) && rsa->meth->rsa_verify) {
+ return rsa->meth->rsa_verify(dtype, m, m_len, sigbuf, siglen, rsa);
+ }
+
+ return int_rsa_verify(dtype, m, m_len, NULL, NULL, sigbuf, siglen, rsa);
+}
Modified: trunk/crypto/openssl/crypto/rsa/rsa_test.c
===================================================================
--- trunk/crypto/openssl/crypto/rsa/rsa_test.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/rsa/rsa_test.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -318,7 +318,7 @@
}
CRYPTO_cleanup_all_ex_data();
- ERR_remove_state(0);
+ ERR_remove_thread_state(NULL);
CRYPTO_mem_leaks_fp(stderr);
Copied: trunk/crypto/openssl/crypto/s390xcap.c (from rev 7117, vendor-crypto/openssl/dist/crypto/s390xcap.c)
===================================================================
--- trunk/crypto/openssl/crypto/s390xcap.c (rev 0)
+++ trunk/crypto/openssl/crypto/s390xcap.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,41 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <setjmp.h>
+#include <signal.h>
+
+extern unsigned long OPENSSL_s390xcap_P[];
+
+static sigjmp_buf ill_jmp;
+static void ill_handler(int sig)
+{
+ siglongjmp(ill_jmp, sig);
+}
+
+unsigned long OPENSSL_s390x_facilities(void);
+
+void OPENSSL_cpuid_setup(void)
+{
+ sigset_t oset;
+ struct sigaction ill_act, oact;
+
+ if (OPENSSL_s390xcap_P[0])
+ return;
+
+ OPENSSL_s390xcap_P[0] = 1UL << (8 * sizeof(unsigned long) - 1);
+
+ memset(&ill_act, 0, sizeof(ill_act));
+ ill_act.sa_handler = ill_handler;
+ sigfillset(&ill_act.sa_mask);
+ sigdelset(&ill_act.sa_mask, SIGILL);
+ sigdelset(&ill_act.sa_mask, SIGTRAP);
+ sigprocmask(SIG_SETMASK, &ill_act.sa_mask, &oset);
+ sigaction(SIGILL, &ill_act, &oact);
+
+ /* protection against missing store-facility-list-extended */
+ if (sigsetjmp(ill_jmp, 1) == 0)
+ OPENSSL_s390x_facilities();
+
+ sigaction(SIGILL, &oact, NULL);
+ sigprocmask(SIG_SETMASK, &oset, NULL);
+}
Copied: trunk/crypto/openssl/crypto/s390xcpuid.S (from rev 7117, vendor-crypto/openssl/dist/crypto/s390xcpuid.S)
===================================================================
--- trunk/crypto/openssl/crypto/s390xcpuid.S (rev 0)
+++ trunk/crypto/openssl/crypto/s390xcpuid.S 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,99 @@
+.text
+
+.globl OPENSSL_s390x_facilities
+.type OPENSSL_s390x_facilities, at function
+.align 16
+OPENSSL_s390x_facilities:
+ lghi %r0,0
+ larl %r2,OPENSSL_s390xcap_P
+ stg %r0,8(%r2)
+ .long 0xb2b02000 # stfle 0(%r2)
+ brc 8,.Ldone
+ lghi %r0,1
+ .long 0xb2b02000 # stfle 0(%r2)
+.Ldone:
+ lg %r2,0(%r2)
+ br %r14
+.size OPENSSL_s390x_facilities,.-OPENSSL_s390x_facilities
+
+.globl OPENSSL_rdtsc
+.type OPENSSL_rdtsc, at function
+.align 16
+OPENSSL_rdtsc:
+ stck 16(%r15)
+ lg %r2,16(%r15)
+ br %r14
+.size OPENSSL_rdtsc,.-OPENSSL_rdtsc
+
+.globl OPENSSL_atomic_add
+.type OPENSSL_atomic_add, at function
+.align 16
+OPENSSL_atomic_add:
+ l %r1,0(%r2)
+.Lspin: lr %r0,%r1
+ ar %r0,%r3
+ cs %r1,%r0,0(%r2)
+ brc 4,.Lspin
+ lgfr %r2,%r0 # OpenSSL expects the new value
+ br %r14
+.size OPENSSL_atomic_add,.-OPENSSL_atomic_add
+
+.globl OPENSSL_wipe_cpu
+.type OPENSSL_wipe_cpu, at function
+.align 16
+OPENSSL_wipe_cpu:
+ xgr %r0,%r0
+ xgr %r1,%r1
+ lgr %r2,%r15
+ xgr %r3,%r3
+ xgr %r4,%r4
+ lzdr %f0
+ lzdr %f1
+ lzdr %f2
+ lzdr %f3
+ lzdr %f4
+ lzdr %f5
+ lzdr %f6
+ lzdr %f7
+ br %r14
+.size OPENSSL_wipe_cpu,.-OPENSSL_wipe_cpu
+
+.globl OPENSSL_cleanse
+.type OPENSSL_cleanse, at function
+.align 16
+OPENSSL_cleanse:
+#if !defined(__s390x__) && !defined(__s390x)
+ llgfr %r3,%r3
+#endif
+ lghi %r4,15
+ lghi %r0,0
+ clgr %r3,%r4
+ jh .Lot
+ clgr %r3,%r0
+ bcr 8,%r14
+.Little:
+ stc %r0,0(%r2)
+ la %r2,1(%r2)
+ brctg %r3,.Little
+ br %r14
+.align 4
+.Lot: tmll %r2,7
+ jz .Laligned
+ stc %r0,0(%r2)
+ la %r2,1(%r2)
+ brctg %r3,.Lot
+.Laligned:
+ srlg %r4,%r3,3
+.Loop: stg %r0,0(%r2)
+ la %r2,8(%r2)
+ brctg %r4,.Loop
+ lghi %r4,7
+ ngr %r3,%r4
+ jnz .Little
+ br %r14
+.size OPENSSL_cleanse,.-OPENSSL_cleanse
+
+.section .init
+ brasl %r14,OPENSSL_cpuid_setup
+
+.comm OPENSSL_s390xcap_P,16,8
Modified: trunk/crypto/openssl/crypto/seed/Makefile
===================================================================
--- trunk/crypto/openssl/crypto/seed/Makefile 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/seed/Makefile 2015-07-21 23:23:45 UTC (rev 7118)
@@ -34,7 +34,7 @@
all: lib
lib: $(LIBOBJ)
- $(ARX) $(LIB) $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
@@ -62,6 +62,8 @@
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
+update: depend
+
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
@@ -75,13 +77,32 @@
# DO NOT DELETE THIS LINE -- make depend depends on it.
-seed.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-seed.o: ../../include/openssl/seed.h seed.c seed_locl.h
-seed_cbc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-seed_cbc.o: ../../include/openssl/seed.h seed_cbc.c seed_locl.h
-seed_cfb.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-seed_cfb.o: ../../include/openssl/seed.h seed_cfb.c seed_locl.h
-seed_ecb.o: ../../include/openssl/opensslconf.h ../../include/openssl/seed.h
+seed.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+seed.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+seed.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+seed.o: ../../include/openssl/seed.h ../../include/openssl/stack.h
+seed.o: ../../include/openssl/symhacks.h seed.c seed_locl.h
+seed_cbc.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+seed_cbc.o: ../../include/openssl/modes.h ../../include/openssl/opensslconf.h
+seed_cbc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+seed_cbc.o: ../../include/openssl/safestack.h ../../include/openssl/seed.h
+seed_cbc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+seed_cbc.o: seed_cbc.c
+seed_cfb.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+seed_cfb.o: ../../include/openssl/modes.h ../../include/openssl/opensslconf.h
+seed_cfb.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+seed_cfb.o: ../../include/openssl/safestack.h ../../include/openssl/seed.h
+seed_cfb.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+seed_cfb.o: seed_cfb.c
+seed_ecb.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+seed_ecb.o: ../../include/openssl/opensslconf.h
+seed_ecb.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+seed_ecb.o: ../../include/openssl/safestack.h ../../include/openssl/seed.h
+seed_ecb.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
seed_ecb.o: seed_ecb.c
-seed_ofb.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-seed_ofb.o: ../../include/openssl/seed.h seed_locl.h seed_ofb.c
+seed_ofb.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+seed_ofb.o: ../../include/openssl/modes.h ../../include/openssl/opensslconf.h
+seed_ofb.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+seed_ofb.o: ../../include/openssl/safestack.h ../../include/openssl/seed.h
+seed_ofb.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+seed_ofb.o: seed_ofb.c
Modified: trunk/crypto/openssl/crypto/seed/seed.c
===================================================================
--- trunk/crypto/openssl/crypto/seed/seed.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/seed/seed.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -32,683 +32,497 @@
# include <memory.h>
# endif
+# include <openssl/crypto.h>
# include <openssl/seed.h>
# include "seed_locl.h"
-static seed_word SS[4][256] = { {
- 0x2989a1a8, 0x05858184, 0x16c6d2d4,
- 0x13c3d3d0, 0x14445054, 0x1d0d111c,
- 0x2c8ca0ac, 0x25052124,
- 0x1d4d515c, 0x03434340, 0x18081018,
- 0x1e0e121c, 0x11415150, 0x3cccf0fc,
- 0x0acac2c8, 0x23436360,
- 0x28082028, 0x04444044, 0x20002020,
- 0x1d8d919c, 0x20c0e0e0, 0x22c2e2e0,
- 0x08c8c0c8, 0x17071314,
- 0x2585a1a4, 0x0f8f838c, 0x03030300,
- 0x3b4b7378, 0x3b8bb3b8, 0x13031310,
- 0x12c2d2d0, 0x2ecee2ec,
- 0x30407070, 0x0c8c808c, 0x3f0f333c,
- 0x2888a0a8, 0x32023230, 0x1dcdd1dc,
- 0x36c6f2f4, 0x34447074,
- 0x2ccce0ec, 0x15859194, 0x0b0b0308,
- 0x17475354, 0x1c4c505c, 0x1b4b5358,
- 0x3d8db1bc, 0x01010100,
- 0x24042024, 0x1c0c101c, 0x33437370,
- 0x18889098, 0x10001010, 0x0cccc0cc,
- 0x32c2f2f0, 0x19c9d1d8,
- 0x2c0c202c, 0x27c7e3e4, 0x32427270,
- 0x03838380, 0x1b8b9398, 0x11c1d1d0,
- 0x06868284, 0x09c9c1c8,
- 0x20406060, 0x10405050, 0x2383a3a0,
- 0x2bcbe3e8, 0x0d0d010c, 0x3686b2b4,
- 0x1e8e929c, 0x0f4f434c,
- 0x3787b3b4, 0x1a4a5258, 0x06c6c2c4,
- 0x38487078, 0x2686a2a4, 0x12021210,
- 0x2f8fa3ac, 0x15c5d1d4,
- 0x21416160, 0x03c3c3c0, 0x3484b0b4,
- 0x01414140, 0x12425250, 0x3d4d717c,
- 0x0d8d818c, 0x08080008,
- 0x1f0f131c, 0x19899198, 0x00000000,
- 0x19091118, 0x04040004, 0x13435350,
- 0x37c7f3f4, 0x21c1e1e0,
- 0x3dcdf1fc, 0x36467274, 0x2f0f232c,
- 0x27072324, 0x3080b0b0, 0x0b8b8388,
- 0x0e0e020c, 0x2b8ba3a8,
- 0x2282a2a0, 0x2e4e626c, 0x13839390,
- 0x0d4d414c, 0x29496168, 0x3c4c707c,
- 0x09090108, 0x0a0a0208,
- 0x3f8fb3bc, 0x2fcfe3ec, 0x33c3f3f0,
- 0x05c5c1c4, 0x07878384, 0x14041014,
- 0x3ecef2fc, 0x24446064,
- 0x1eced2dc, 0x2e0e222c, 0x0b4b4348,
- 0x1a0a1218, 0x06060204, 0x21012120,
- 0x2b4b6368, 0x26466264,
- 0x02020200, 0x35c5f1f4, 0x12829290,
- 0x0a8a8288, 0x0c0c000c, 0x3383b3b0,
- 0x3e4e727c, 0x10c0d0d0,
- 0x3a4a7278, 0x07474344, 0x16869294,
- 0x25c5e1e4, 0x26062224, 0x00808080,
- 0x2d8da1ac, 0x1fcfd3dc,
- 0x2181a1a0, 0x30003030, 0x37073334,
- 0x2e8ea2ac, 0x36063234, 0x15051114,
- 0x22022220, 0x38083038,
- 0x34c4f0f4, 0x2787a3a4, 0x05454144,
- 0x0c4c404c, 0x01818180, 0x29c9e1e8,
- 0x04848084, 0x17879394,
- 0x35053134, 0x0bcbc3c8, 0x0ecec2cc,
- 0x3c0c303c, 0x31417170, 0x11011110,
- 0x07c7c3c4, 0x09898188,
- 0x35457174, 0x3bcbf3f8, 0x1acad2d8,
- 0x38c8f0f8, 0x14849094, 0x19495158,
- 0x02828280, 0x04c4c0c4,
- 0x3fcff3fc, 0x09494148, 0x39093138,
- 0x27476364, 0x00c0c0c0, 0x0fcfc3cc,
- 0x17c7d3d4, 0x3888b0b8,
- 0x0f0f030c, 0x0e8e828c, 0x02424240,
- 0x23032320, 0x11819190, 0x2c4c606c,
- 0x1bcbd3d8, 0x2484a0a4,
- 0x34043034, 0x31c1f1f0, 0x08484048,
- 0x02c2c2c0, 0x2f4f636c, 0x3d0d313c,
- 0x2d0d212c, 0x00404040,
- 0x3e8eb2bc, 0x3e0e323c, 0x3c8cb0bc,
- 0x01c1c1c0, 0x2a8aa2a8, 0x3a8ab2b8,
- 0x0e4e424c, 0x15455154,
- 0x3b0b3338, 0x1cccd0dc, 0x28486068,
- 0x3f4f737c, 0x1c8c909c, 0x18c8d0d8,
- 0x0a4a4248, 0x16465254,
- 0x37477374, 0x2080a0a0, 0x2dcde1ec,
- 0x06464244, 0x3585b1b4, 0x2b0b2328,
- 0x25456164, 0x3acaf2f8,
- 0x23c3e3e0, 0x3989b1b8, 0x3181b1b0,
- 0x1f8f939c, 0x1e4e525c, 0x39c9f1f8,
- 0x26c6e2e4, 0x3282b2b0,
- 0x31013130, 0x2acae2e8, 0x2d4d616c,
- 0x1f4f535c, 0x24c4e0e4, 0x30c0f0f0,
- 0x0dcdc1cc, 0x08888088,
- 0x16061214, 0x3a0a3238, 0x18485058,
- 0x14c4d0d4, 0x22426260, 0x29092128,
- 0x07070304, 0x33033330,
- 0x28c8e0e8, 0x1b0b1318, 0x05050104,
- 0x39497178, 0x10809090, 0x2a4a6268,
- 0x2a0a2228, 0x1a8a9298}, {
- 0x38380830,
- 0xe828c8e0,
- 0x2c2d0d21,
- 0xa42686a2,
- 0xcc0fcfc3,
- 0xdc1eced2,
- 0xb03383b3,
- 0xb83888b0,
- 0xac2f8fa3,
- 0x60204060,
- 0x54154551,
- 0xc407c7c3,
- 0x44044440,
- 0x6c2f4f63,
- 0x682b4b63,
- 0x581b4b53,
- 0xc003c3c3,
- 0x60224262,
- 0x30330333,
- 0xb43585b1,
- 0x28290921,
- 0xa02080a0,
- 0xe022c2e2,
- 0xa42787a3,
- 0xd013c3d3,
- 0x90118191,
- 0x10110111,
- 0x04060602,
- 0x1c1c0c10,
- 0xbc3c8cb0,
- 0x34360632,
- 0x480b4b43,
- 0xec2fcfe3,
- 0x88088880,
- 0x6c2c4c60,
- 0xa82888a0,
- 0x14170713,
- 0xc404c4c0,
- 0x14160612,
- 0xf434c4f0,
- 0xc002c2c2,
- 0x44054541,
- 0xe021c1e1,
- 0xd416c6d2,
- 0x3c3f0f33,
- 0x3c3d0d31,
- 0x8c0e8e82,
- 0x98188890,
- 0x28280820,
- 0x4c0e4e42,
- 0xf436c6f2,
- 0x3c3e0e32,
- 0xa42585a1,
- 0xf839c9f1,
- 0x0c0d0d01,
- 0xdc1fcfd3,
- 0xd818c8d0,
- 0x282b0b23,
- 0x64264662,
- 0x783a4a72,
- 0x24270723,
- 0x2c2f0f23,
- 0xf031c1f1,
- 0x70324272,
- 0x40024242,
- 0xd414c4d0,
- 0x40014141,
- 0xc000c0c0,
- 0x70334373,
- 0x64274763,
- 0xac2c8ca0,
- 0x880b8b83,
- 0xf437c7f3,
- 0xac2d8da1,
- 0x80008080,
- 0x1c1f0f13,
- 0xc80acac2,
- 0x2c2c0c20,
- 0xa82a8aa2,
- 0x34340430,
- 0xd012c2d2,
- 0x080b0b03,
- 0xec2ecee2,
- 0xe829c9e1,
- 0x5c1d4d51,
- 0x94148490,
- 0x18180810,
- 0xf838c8f0,
- 0x54174753,
- 0xac2e8ea2,
- 0x08080800,
- 0xc405c5c1,
- 0x10130313,
- 0xcc0dcdc1,
- 0x84068682,
- 0xb83989b1,
- 0xfc3fcff3,
- 0x7c3d4d71,
- 0xc001c1c1,
- 0x30310131,
- 0xf435c5f1,
- 0x880a8a82,
- 0x682a4a62,
- 0xb03181b1,
- 0xd011c1d1,
- 0x20200020,
- 0xd417c7d3,
- 0x00020202,
- 0x20220222,
- 0x04040400,
- 0x68284860,
- 0x70314171,
- 0x04070703,
- 0xd81bcbd3,
- 0x9c1d8d91,
- 0x98198991,
- 0x60214161,
- 0xbc3e8eb2,
- 0xe426c6e2,
- 0x58194951,
- 0xdc1dcdd1,
- 0x50114151,
- 0x90108090,
- 0xdc1cccd0,
- 0x981a8a92,
- 0xa02383a3,
- 0xa82b8ba3,
- 0xd010c0d0,
- 0x80018181,
- 0x0c0f0f03,
- 0x44074743,
- 0x181a0a12,
- 0xe023c3e3,
- 0xec2ccce0,
- 0x8c0d8d81,
- 0xbc3f8fb3,
- 0x94168692,
- 0x783b4b73,
- 0x5c1c4c50,
- 0xa02282a2,
- 0xa02181a1,
- 0x60234363,
- 0x20230323,
- 0x4c0d4d41,
- 0xc808c8c0,
- 0x9c1e8e92,
- 0x9c1c8c90,
- 0x383a0a32,
- 0x0c0c0c00,
- 0x2c2e0e22,
- 0xb83a8ab2,
- 0x6c2e4e62,
- 0x9c1f8f93,
- 0x581a4a52,
- 0xf032c2f2,
- 0x90128292,
- 0xf033c3f3,
- 0x48094941,
- 0x78384870,
- 0xcc0cccc0,
- 0x14150511,
- 0xf83bcbf3,
- 0x70304070,
- 0x74354571,
- 0x7c3f4f73,
- 0x34350531,
- 0x10100010,
- 0x00030303,
- 0x64244460,
- 0x6c2d4d61,
- 0xc406c6c2,
- 0x74344470,
- 0xd415c5d1,
- 0xb43484b0,
- 0xe82acae2,
- 0x08090901,
- 0x74364672,
- 0x18190911,
- 0xfc3ecef2,
- 0x40004040,
- 0x10120212,
- 0xe020c0e0,
- 0xbc3d8db1,
- 0x04050501,
- 0xf83acaf2,
- 0x00010101,
- 0xf030c0f0,
- 0x282a0a22,
- 0x5c1e4e52,
- 0xa82989a1,
- 0x54164652,
- 0x40034343,
- 0x84058581,
- 0x14140410,
- 0x88098981,
- 0x981b8b93,
- 0xb03080b0,
- 0xe425c5e1,
- 0x48084840,
- 0x78394971,
- 0x94178793,
- 0xfc3cccf0,
- 0x1c1e0e12,
- 0x80028282,
- 0x20210121,
- 0x8c0c8c80,
- 0x181b0b13,
- 0x5c1f4f53,
- 0x74374773,
- 0x54144450,
- 0xb03282b2,
- 0x1c1d0d11,
- 0x24250521,
- 0x4c0f4f43,
- 0x00000000,
- 0x44064642,
- 0xec2dcde1,
- 0x58184850,
- 0x50124252,
- 0xe82bcbe3,
- 0x7c3e4e72,
- 0xd81acad2,
- 0xc809c9c1,
- 0xfc3dcdf1,
- 0x30300030,
- 0x94158591,
- 0x64254561,
- 0x3c3c0c30,
- 0xb43686b2,
- 0xe424c4e0,
- 0xb83b8bb3,
- 0x7c3c4c70,
- 0x0c0e0e02,
- 0x50104050,
- 0x38390931,
- 0x24260622,
- 0x30320232,
- 0x84048480,
- 0x68294961,
- 0x90138393,
- 0x34370733,
- 0xe427c7e3,
- 0x24240420,
- 0xa42484a0,
- 0xc80bcbc3,
- 0x50134353,
- 0x080a0a02,
- 0x84078783,
- 0xd819c9d1,
- 0x4c0c4c40,
- 0x80038383,
- 0x8c0f8f83,
- 0xcc0ecec2,
- 0x383b0b33,
- 0x480a4a42,
- 0xb43787b3}, {
- 0xa1a82989,
- 0x81840585,
- 0xd2d416c6,
- 0xd3d013c3,
- 0x50541444,
- 0x111c1d0d,
- 0xa0ac2c8c,
- 0x21242505,
- 0x515c1d4d,
- 0x43400343,
- 0x10181808,
- 0x121c1e0e,
- 0x51501141,
- 0xf0fc3ccc,
- 0xc2c80aca,
- 0x63602343,
- 0x20282808,
- 0x40440444,
- 0x20202000,
- 0x919c1d8d,
- 0xe0e020c0,
- 0xe2e022c2,
- 0xc0c808c8,
- 0x13141707,
- 0xa1a42585,
- 0x838c0f8f,
- 0x03000303,
- 0x73783b4b,
- 0xb3b83b8b,
- 0x13101303,
- 0xd2d012c2,
- 0xe2ec2ece,
- 0x70703040,
- 0x808c0c8c,
- 0x333c3f0f,
- 0xa0a82888,
- 0x32303202,
- 0xd1dc1dcd,
- 0xf2f436c6,
- 0x70743444,
- 0xe0ec2ccc,
- 0x91941585,
- 0x03080b0b,
- 0x53541747,
- 0x505c1c4c,
- 0x53581b4b,
- 0xb1bc3d8d,
- 0x01000101,
- 0x20242404,
- 0x101c1c0c,
- 0x73703343,
- 0x90981888,
- 0x10101000,
- 0xc0cc0ccc,
- 0xf2f032c2,
- 0xd1d819c9,
- 0x202c2c0c,
- 0xe3e427c7,
- 0x72703242,
- 0x83800383,
- 0x93981b8b,
- 0xd1d011c1,
- 0x82840686,
- 0xc1c809c9,
- 0x60602040,
- 0x50501040,
- 0xa3a02383,
- 0xe3e82bcb,
- 0x010c0d0d,
- 0xb2b43686,
- 0x929c1e8e,
- 0x434c0f4f,
- 0xb3b43787,
- 0x52581a4a,
- 0xc2c406c6,
- 0x70783848,
- 0xa2a42686,
- 0x12101202,
- 0xa3ac2f8f,
- 0xd1d415c5,
- 0x61602141,
- 0xc3c003c3,
- 0xb0b43484,
- 0x41400141,
- 0x52501242,
- 0x717c3d4d,
- 0x818c0d8d,
- 0x00080808,
- 0x131c1f0f,
- 0x91981989,
- 0x00000000,
- 0x11181909,
- 0x00040404,
- 0x53501343,
- 0xf3f437c7,
- 0xe1e021c1,
- 0xf1fc3dcd,
- 0x72743646,
- 0x232c2f0f,
- 0x23242707,
- 0xb0b03080,
- 0x83880b8b,
- 0x020c0e0e,
- 0xa3a82b8b,
- 0xa2a02282,
- 0x626c2e4e,
- 0x93901383,
- 0x414c0d4d,
- 0x61682949,
- 0x707c3c4c,
- 0x01080909,
- 0x02080a0a,
- 0xb3bc3f8f,
- 0xe3ec2fcf,
- 0xf3f033c3,
- 0xc1c405c5,
- 0x83840787,
- 0x10141404,
- 0xf2fc3ece,
- 0x60642444,
- 0xd2dc1ece,
- 0x222c2e0e,
- 0x43480b4b,
- 0x12181a0a,
- 0x02040606,
- 0x21202101,
- 0x63682b4b,
- 0x62642646,
- 0x02000202,
- 0xf1f435c5,
- 0x92901282,
- 0x82880a8a,
- 0x000c0c0c,
- 0xb3b03383,
- 0x727c3e4e,
- 0xd0d010c0,
- 0x72783a4a,
- 0x43440747,
- 0x92941686,
- 0xe1e425c5,
- 0x22242606,
- 0x80800080,
- 0xa1ac2d8d,
- 0xd3dc1fcf,
- 0xa1a02181,
- 0x30303000,
- 0x33343707,
- 0xa2ac2e8e,
- 0x32343606,
- 0x11141505,
- 0x22202202,
- 0x30383808,
- 0xf0f434c4,
- 0xa3a42787,
- 0x41440545,
- 0x404c0c4c,
- 0x81800181,
- 0xe1e829c9,
- 0x80840484,
- 0x93941787,
- 0x31343505,
- 0xc3c80bcb,
- 0xc2cc0ece,
- 0x303c3c0c,
- 0x71703141,
- 0x11101101,
- 0xc3c407c7,
- 0x81880989,
- 0x71743545,
- 0xf3f83bcb,
- 0xd2d81aca,
- 0xf0f838c8,
- 0x90941484,
- 0x51581949,
- 0x82800282,
- 0xc0c404c4,
- 0xf3fc3fcf,
- 0x41480949,
- 0x31383909,
- 0x63642747,
- 0xc0c000c0,
- 0xc3cc0fcf,
- 0xd3d417c7,
- 0xb0b83888,
- 0x030c0f0f,
- 0x828c0e8e,
- 0x42400242,
- 0x23202303,
- 0x91901181,
- 0x606c2c4c,
- 0xd3d81bcb,
- 0xa0a42484,
- 0x30343404,
- 0xf1f031c1,
- 0x40480848,
- 0xc2c002c2,
- 0x636c2f4f,
- 0x313c3d0d,
- 0x212c2d0d,
- 0x40400040,
- 0xb2bc3e8e,
- 0x323c3e0e,
- 0xb0bc3c8c,
- 0xc1c001c1,
- 0xa2a82a8a,
- 0xb2b83a8a,
- 0x424c0e4e,
- 0x51541545,
- 0x33383b0b,
- 0xd0dc1ccc,
- 0x60682848,
- 0x737c3f4f,
- 0x909c1c8c,
- 0xd0d818c8,
- 0x42480a4a,
- 0x52541646,
- 0x73743747,
- 0xa0a02080,
- 0xe1ec2dcd,
- 0x42440646,
- 0xb1b43585,
- 0x23282b0b,
- 0x61642545,
- 0xf2f83aca,
- 0xe3e023c3,
- 0xb1b83989,
- 0xb1b03181,
- 0x939c1f8f,
- 0x525c1e4e,
- 0xf1f839c9,
- 0xe2e426c6,
- 0xb2b03282,
- 0x31303101,
- 0xe2e82aca,
- 0x616c2d4d,
- 0x535c1f4f,
- 0xe0e424c4,
- 0xf0f030c0,
- 0xc1cc0dcd,
- 0x80880888,
- 0x12141606,
- 0x32383a0a,
- 0x50581848,
- 0xd0d414c4,
- 0x62602242,
- 0x21282909,
- 0x03040707,
- 0x33303303,
- 0xe0e828c8,
- 0x13181b0b,
- 0x01040505,
- 0x71783949,
- 0x90901080,
- 0x62682a4a,
- 0x22282a0a,
- 0x92981a8a},
+# ifdef SS /* can get defined on Solaris by inclusion of
+ * <stdlib.h> */
+# undef SS
+# endif
+
+static const seed_word SS[4][256] = { {
+ 0x2989a1a8, 0x05858184, 0x16c6d2d4,
+ 0x13c3d3d0, 0x14445054, 0x1d0d111c,
+ 0x2c8ca0ac, 0x25052124,
+ 0x1d4d515c, 0x03434340, 0x18081018,
+ 0x1e0e121c, 0x11415150, 0x3cccf0fc,
+ 0x0acac2c8, 0x23436360,
+ 0x28082028, 0x04444044, 0x20002020,
+ 0x1d8d919c, 0x20c0e0e0, 0x22c2e2e0,
+ 0x08c8c0c8, 0x17071314,
+ 0x2585a1a4, 0x0f8f838c, 0x03030300,
+ 0x3b4b7378, 0x3b8bb3b8, 0x13031310,
+ 0x12c2d2d0, 0x2ecee2ec,
+ 0x30407070, 0x0c8c808c, 0x3f0f333c,
+ 0x2888a0a8, 0x32023230, 0x1dcdd1dc,
+ 0x36c6f2f4, 0x34447074,
+ 0x2ccce0ec, 0x15859194, 0x0b0b0308,
+ 0x17475354, 0x1c4c505c, 0x1b4b5358,
+ 0x3d8db1bc, 0x01010100,
+ 0x24042024, 0x1c0c101c, 0x33437370,
+ 0x18889098, 0x10001010, 0x0cccc0cc,
+ 0x32c2f2f0, 0x19c9d1d8,
+ 0x2c0c202c, 0x27c7e3e4, 0x32427270,
+ 0x03838380, 0x1b8b9398, 0x11c1d1d0,
+ 0x06868284, 0x09c9c1c8,
+ 0x20406060, 0x10405050, 0x2383a3a0,
+ 0x2bcbe3e8, 0x0d0d010c, 0x3686b2b4,
+ 0x1e8e929c, 0x0f4f434c,
+ 0x3787b3b4, 0x1a4a5258, 0x06c6c2c4,
+ 0x38487078, 0x2686a2a4, 0x12021210,
+ 0x2f8fa3ac, 0x15c5d1d4,
+ 0x21416160, 0x03c3c3c0, 0x3484b0b4,
+ 0x01414140, 0x12425250, 0x3d4d717c,
+ 0x0d8d818c, 0x08080008,
+ 0x1f0f131c, 0x19899198, 0x00000000,
+ 0x19091118, 0x04040004, 0x13435350,
+ 0x37c7f3f4, 0x21c1e1e0,
+ 0x3dcdf1fc, 0x36467274, 0x2f0f232c,
+ 0x27072324, 0x3080b0b0, 0x0b8b8388,
+ 0x0e0e020c, 0x2b8ba3a8,
+ 0x2282a2a0, 0x2e4e626c, 0x13839390,
+ 0x0d4d414c, 0x29496168, 0x3c4c707c,
+ 0x09090108, 0x0a0a0208,
+ 0x3f8fb3bc, 0x2fcfe3ec, 0x33c3f3f0,
+ 0x05c5c1c4, 0x07878384, 0x14041014,
+ 0x3ecef2fc, 0x24446064,
+ 0x1eced2dc, 0x2e0e222c, 0x0b4b4348,
+ 0x1a0a1218, 0x06060204, 0x21012120,
+ 0x2b4b6368, 0x26466264,
+ 0x02020200, 0x35c5f1f4, 0x12829290,
+ 0x0a8a8288, 0x0c0c000c, 0x3383b3b0,
+ 0x3e4e727c, 0x10c0d0d0,
+ 0x3a4a7278, 0x07474344, 0x16869294,
+ 0x25c5e1e4, 0x26062224, 0x00808080,
+ 0x2d8da1ac, 0x1fcfd3dc,
+ 0x2181a1a0, 0x30003030, 0x37073334,
+ 0x2e8ea2ac, 0x36063234, 0x15051114,
+ 0x22022220, 0x38083038,
+ 0x34c4f0f4, 0x2787a3a4, 0x05454144,
+ 0x0c4c404c, 0x01818180, 0x29c9e1e8,
+ 0x04848084, 0x17879394,
+ 0x35053134, 0x0bcbc3c8, 0x0ecec2cc,
+ 0x3c0c303c, 0x31417170, 0x11011110,
+ 0x07c7c3c4, 0x09898188,
+ 0x35457174, 0x3bcbf3f8, 0x1acad2d8,
+ 0x38c8f0f8, 0x14849094, 0x19495158,
+ 0x02828280, 0x04c4c0c4,
+ 0x3fcff3fc, 0x09494148, 0x39093138,
+ 0x27476364, 0x00c0c0c0, 0x0fcfc3cc,
+ 0x17c7d3d4, 0x3888b0b8,
+ 0x0f0f030c, 0x0e8e828c, 0x02424240,
+ 0x23032320, 0x11819190, 0x2c4c606c,
+ 0x1bcbd3d8, 0x2484a0a4,
+ 0x34043034, 0x31c1f1f0, 0x08484048,
+ 0x02c2c2c0, 0x2f4f636c, 0x3d0d313c,
+ 0x2d0d212c, 0x00404040,
+ 0x3e8eb2bc, 0x3e0e323c, 0x3c8cb0bc,
+ 0x01c1c1c0, 0x2a8aa2a8, 0x3a8ab2b8,
+ 0x0e4e424c, 0x15455154,
+ 0x3b0b3338, 0x1cccd0dc, 0x28486068,
+ 0x3f4f737c, 0x1c8c909c, 0x18c8d0d8,
+ 0x0a4a4248, 0x16465254,
+ 0x37477374, 0x2080a0a0, 0x2dcde1ec,
+ 0x06464244, 0x3585b1b4, 0x2b0b2328,
+ 0x25456164, 0x3acaf2f8,
+ 0x23c3e3e0, 0x3989b1b8, 0x3181b1b0,
+ 0x1f8f939c, 0x1e4e525c, 0x39c9f1f8,
+ 0x26c6e2e4, 0x3282b2b0,
+ 0x31013130, 0x2acae2e8, 0x2d4d616c,
+ 0x1f4f535c, 0x24c4e0e4, 0x30c0f0f0,
+ 0x0dcdc1cc, 0x08888088,
+ 0x16061214, 0x3a0a3238, 0x18485058,
+ 0x14c4d0d4, 0x22426260, 0x29092128,
+ 0x07070304, 0x33033330,
+ 0x28c8e0e8, 0x1b0b1318, 0x05050104,
+ 0x39497178, 0x10809090, 0x2a4a6268,
+ 0x2a0a2228, 0x1a8a9298}, {
+ 0x38380830,
+ 0xe828c8e0,
+ 0x2c2d0d21,
+ 0xa42686a2,
+ 0xcc0fcfc3,
+ 0xdc1eced2,
+ 0xb03383b3,
+ 0xb83888b0,
+ 0xac2f8fa3,
+ 0x60204060,
+ 0x54154551,
+ 0xc407c7c3,
+ 0x44044440,
+ 0x6c2f4f63,
+ 0x682b4b63,
+ 0x581b4b53,
+ 0xc003c3c3,
+ 0x60224262,
+ 0x30330333,
+ 0xb43585b1,
+ 0x28290921,
+ 0xa02080a0,
+ 0xe022c2e2,
+ 0xa42787a3,
+ 0xd013c3d3,
+ 0x90118191,
+ 0x10110111,
+ 0x04060602,
+ 0x1c1c0c10,
+ 0xbc3c8cb0,
+ 0x34360632,
+ 0x480b4b43,
+ 0xec2fcfe3,
+ 0x88088880,
+ 0x6c2c4c60,
+ 0xa82888a0,
+ 0x14170713,
+ 0xc404c4c0,
+ 0x14160612,
+ 0xf434c4f0,
+ 0xc002c2c2,
+ 0x44054541,
+ 0xe021c1e1,
+ 0xd416c6d2,
+ 0x3c3f0f33,
+ 0x3c3d0d31,
+ 0x8c0e8e82,
+ 0x98188890,
+ 0x28280820,
+ 0x4c0e4e42,
+ 0xf436c6f2,
+ 0x3c3e0e32,
+ 0xa42585a1,
+ 0xf839c9f1,
+ 0x0c0d0d01,
+ 0xdc1fcfd3,
+ 0xd818c8d0,
+ 0x282b0b23,
+ 0x64264662,
+ 0x783a4a72,
+ 0x24270723,
+ 0x2c2f0f23,
+ 0xf031c1f1,
+ 0x70324272,
+ 0x40024242,
+ 0xd414c4d0,
+ 0x40014141,
+ 0xc000c0c0,
+ 0x70334373,
+ 0x64274763,
+ 0xac2c8ca0,
+ 0x880b8b83,
+ 0xf437c7f3,
+ 0xac2d8da1,
+ 0x80008080,
+ 0x1c1f0f13,
+ 0xc80acac2,
+ 0x2c2c0c20,
+ 0xa82a8aa2,
+ 0x34340430,
+ 0xd012c2d2,
+ 0x080b0b03,
+ 0xec2ecee2,
+ 0xe829c9e1,
+ 0x5c1d4d51,
+ 0x94148490,
+ 0x18180810,
+ 0xf838c8f0,
+ 0x54174753,
+ 0xac2e8ea2,
+ 0x08080800,
+ 0xc405c5c1,
+ 0x10130313,
+ 0xcc0dcdc1,
+ 0x84068682,
+ 0xb83989b1,
+ 0xfc3fcff3,
+ 0x7c3d4d71,
+ 0xc001c1c1,
+ 0x30310131,
+ 0xf435c5f1,
+ 0x880a8a82,
+ 0x682a4a62,
+ 0xb03181b1,
+ 0xd011c1d1,
+ 0x20200020,
+ 0xd417c7d3,
+ 0x00020202,
+ 0x20220222,
+ 0x04040400,
+ 0x68284860,
+ 0x70314171,
+ 0x04070703,
+ 0xd81bcbd3,
+ 0x9c1d8d91,
+ 0x98198991,
+ 0x60214161,
+ 0xbc3e8eb2,
+ 0xe426c6e2,
+ 0x58194951,
+ 0xdc1dcdd1,
+ 0x50114151,
+ 0x90108090,
+ 0xdc1cccd0,
+ 0x981a8a92,
+ 0xa02383a3,
+ 0xa82b8ba3,
+ 0xd010c0d0,
+ 0x80018181,
+ 0x0c0f0f03,
+ 0x44074743,
+ 0x181a0a12,
+ 0xe023c3e3,
+ 0xec2ccce0,
+ 0x8c0d8d81,
+ 0xbc3f8fb3,
+ 0x94168692,
+ 0x783b4b73,
+ 0x5c1c4c50,
+ 0xa02282a2,
+ 0xa02181a1,
+ 0x60234363,
+ 0x20230323,
+ 0x4c0d4d41,
+ 0xc808c8c0,
+ 0x9c1e8e92,
+ 0x9c1c8c90,
+ 0x383a0a32,
+ 0x0c0c0c00,
+ 0x2c2e0e22,
+ 0xb83a8ab2,
+ 0x6c2e4e62,
+ 0x9c1f8f93,
+ 0x581a4a52,
+ 0xf032c2f2,
+ 0x90128292,
+ 0xf033c3f3,
+ 0x48094941,
+ 0x78384870,
+ 0xcc0cccc0,
+ 0x14150511,
+ 0xf83bcbf3,
+ 0x70304070,
+ 0x74354571,
+ 0x7c3f4f73,
+ 0x34350531,
+ 0x10100010,
+ 0x00030303,
+ 0x64244460,
+ 0x6c2d4d61,
+ 0xc406c6c2,
+ 0x74344470,
+ 0xd415c5d1,
+ 0xb43484b0,
+ 0xe82acae2,
+ 0x08090901,
+ 0x74364672,
+ 0x18190911,
+ 0xfc3ecef2,
+ 0x40004040,
+ 0x10120212,
+ 0xe020c0e0,
+ 0xbc3d8db1,
+ 0x04050501,
+ 0xf83acaf2,
+ 0x00010101,
+ 0xf030c0f0,
+ 0x282a0a22,
+ 0x5c1e4e52,
+ 0xa82989a1,
+ 0x54164652,
+ 0x40034343,
+ 0x84058581,
+ 0x14140410,
+ 0x88098981,
+ 0x981b8b93,
+ 0xb03080b0,
+ 0xe425c5e1,
+ 0x48084840,
+ 0x78394971,
+ 0x94178793,
+ 0xfc3cccf0,
+ 0x1c1e0e12,
+ 0x80028282,
+ 0x20210121,
+ 0x8c0c8c80,
+ 0x181b0b13,
+ 0x5c1f4f53,
+ 0x74374773,
+ 0x54144450,
+ 0xb03282b2,
+ 0x1c1d0d11,
+ 0x24250521,
+ 0x4c0f4f43,
+ 0x00000000,
+ 0x44064642,
+ 0xec2dcde1,
+ 0x58184850,
+ 0x50124252,
+ 0xe82bcbe3,
+ 0x7c3e4e72,
+ 0xd81acad2,
+ 0xc809c9c1,
+ 0xfc3dcdf1,
+ 0x30300030,
+ 0x94158591,
+ 0x64254561,
+ 0x3c3c0c30,
+ 0xb43686b2,
+ 0xe424c4e0,
+ 0xb83b8bb3,
+ 0x7c3c4c70,
+ 0x0c0e0e02,
+ 0x50104050,
+ 0x38390931,
+ 0x24260622,
+ 0x30320232,
+ 0x84048480,
+ 0x68294961,
+ 0x90138393,
+ 0x34370733,
+ 0xe427c7e3,
+ 0x24240420,
+ 0xa42484a0,
+ 0xc80bcbc3,
+ 0x50134353,
+ 0x080a0a02,
+ 0x84078783,
+ 0xd819c9d1,
+ 0x4c0c4c40,
+ 0x80038383,
+ 0x8c0f8f83,
+ 0xcc0ecec2,
+ 0x383b0b33,
+ 0x480a4a42,
+ 0xb43787b3},
{
- 0x08303838, 0xc8e0e828, 0x0d212c2d, 0x86a2a426, 0xcfc3cc0f, 0xced2dc1e,
- 0x83b3b033, 0x88b0b838,
- 0x8fa3ac2f, 0x40606020, 0x45515415, 0xc7c3c407, 0x44404404, 0x4f636c2f,
- 0x4b63682b, 0x4b53581b,
- 0xc3c3c003, 0x42626022, 0x03333033, 0x85b1b435, 0x09212829, 0x80a0a020,
- 0xc2e2e022, 0x87a3a427,
- 0xc3d3d013, 0x81919011, 0x01111011, 0x06020406, 0x0c101c1c, 0x8cb0bc3c,
- 0x06323436, 0x4b43480b,
- 0xcfe3ec2f, 0x88808808, 0x4c606c2c, 0x88a0a828, 0x07131417, 0xc4c0c404,
- 0x06121416, 0xc4f0f434,
- 0xc2c2c002, 0x45414405, 0xc1e1e021, 0xc6d2d416, 0x0f333c3f, 0x0d313c3d,
- 0x8e828c0e, 0x88909818,
- 0x08202828, 0x4e424c0e, 0xc6f2f436, 0x0e323c3e, 0x85a1a425, 0xc9f1f839,
- 0x0d010c0d, 0xcfd3dc1f,
- 0xc8d0d818, 0x0b23282b, 0x46626426, 0x4a72783a, 0x07232427, 0x0f232c2f,
- 0xc1f1f031, 0x42727032,
- 0x42424002, 0xc4d0d414, 0x41414001, 0xc0c0c000, 0x43737033, 0x47636427,
- 0x8ca0ac2c, 0x8b83880b,
- 0xc7f3f437, 0x8da1ac2d, 0x80808000, 0x0f131c1f, 0xcac2c80a, 0x0c202c2c,
- 0x8aa2a82a, 0x04303434,
- 0xc2d2d012, 0x0b03080b, 0xcee2ec2e, 0xc9e1e829, 0x4d515c1d, 0x84909414,
- 0x08101818, 0xc8f0f838,
- 0x47535417, 0x8ea2ac2e, 0x08000808, 0xc5c1c405, 0x03131013, 0xcdc1cc0d,
- 0x86828406, 0x89b1b839,
- 0xcff3fc3f, 0x4d717c3d, 0xc1c1c001, 0x01313031, 0xc5f1f435, 0x8a82880a,
- 0x4a62682a, 0x81b1b031,
- 0xc1d1d011, 0x00202020, 0xc7d3d417, 0x02020002, 0x02222022, 0x04000404,
- 0x48606828, 0x41717031,
- 0x07030407, 0xcbd3d81b, 0x8d919c1d, 0x89919819, 0x41616021, 0x8eb2bc3e,
- 0xc6e2e426, 0x49515819,
- 0xcdd1dc1d, 0x41515011, 0x80909010, 0xccd0dc1c, 0x8a92981a, 0x83a3a023,
- 0x8ba3a82b, 0xc0d0d010,
- 0x81818001, 0x0f030c0f, 0x47434407, 0x0a12181a, 0xc3e3e023, 0xcce0ec2c,
- 0x8d818c0d, 0x8fb3bc3f,
- 0x86929416, 0x4b73783b, 0x4c505c1c, 0x82a2a022, 0x81a1a021, 0x43636023,
- 0x03232023, 0x4d414c0d,
- 0xc8c0c808, 0x8e929c1e, 0x8c909c1c, 0x0a32383a, 0x0c000c0c, 0x0e222c2e,
- 0x8ab2b83a, 0x4e626c2e,
- 0x8f939c1f, 0x4a52581a, 0xc2f2f032, 0x82929012, 0xc3f3f033, 0x49414809,
- 0x48707838, 0xccc0cc0c,
- 0x05111415, 0xcbf3f83b, 0x40707030, 0x45717435, 0x4f737c3f, 0x05313435,
- 0x00101010, 0x03030003,
- 0x44606424, 0x4d616c2d, 0xc6c2c406, 0x44707434, 0xc5d1d415, 0x84b0b434,
- 0xcae2e82a, 0x09010809,
- 0x46727436, 0x09111819, 0xcef2fc3e, 0x40404000, 0x02121012, 0xc0e0e020,
- 0x8db1bc3d, 0x05010405,
- 0xcaf2f83a, 0x01010001, 0xc0f0f030, 0x0a22282a, 0x4e525c1e, 0x89a1a829,
- 0x46525416, 0x43434003,
- 0x85818405, 0x04101414, 0x89818809, 0x8b93981b, 0x80b0b030, 0xc5e1e425,
- 0x48404808, 0x49717839,
- 0x87939417, 0xccf0fc3c, 0x0e121c1e, 0x82828002, 0x01212021, 0x8c808c0c,
- 0x0b13181b, 0x4f535c1f,
- 0x47737437, 0x44505414, 0x82b2b032, 0x0d111c1d, 0x05212425, 0x4f434c0f,
- 0x00000000, 0x46424406,
- 0xcde1ec2d, 0x48505818, 0x42525012, 0xcbe3e82b, 0x4e727c3e, 0xcad2d81a,
- 0xc9c1c809, 0xcdf1fc3d,
- 0x00303030, 0x85919415, 0x45616425, 0x0c303c3c, 0x86b2b436, 0xc4e0e424,
- 0x8bb3b83b, 0x4c707c3c,
- 0x0e020c0e, 0x40505010, 0x09313839, 0x06222426, 0x02323032, 0x84808404,
- 0x49616829, 0x83939013,
- 0x07333437, 0xc7e3e427, 0x04202424, 0x84a0a424, 0xcbc3c80b, 0x43535013,
- 0x0a02080a, 0x87838407,
- 0xc9d1d819, 0x4c404c0c, 0x83838003, 0x8f838c0f, 0xcec2cc0e, 0x0b33383b,
- 0x4a42480a, 0x87b3b437}
+ 0xa1a82989, 0x81840585, 0xd2d416c6, 0xd3d013c3, 0x50541444, 0x111c1d0d,
+ 0xa0ac2c8c, 0x21242505,
+ 0x515c1d4d, 0x43400343, 0x10181808, 0x121c1e0e, 0x51501141, 0xf0fc3ccc,
+ 0xc2c80aca, 0x63602343,
+ 0x20282808, 0x40440444, 0x20202000, 0x919c1d8d, 0xe0e020c0, 0xe2e022c2,
+ 0xc0c808c8, 0x13141707,
+ 0xa1a42585, 0x838c0f8f, 0x03000303, 0x73783b4b, 0xb3b83b8b, 0x13101303,
+ 0xd2d012c2, 0xe2ec2ece,
+ 0x70703040, 0x808c0c8c, 0x333c3f0f, 0xa0a82888, 0x32303202, 0xd1dc1dcd,
+ 0xf2f436c6, 0x70743444,
+ 0xe0ec2ccc, 0x91941585, 0x03080b0b, 0x53541747, 0x505c1c4c, 0x53581b4b,
+ 0xb1bc3d8d, 0x01000101,
+ 0x20242404, 0x101c1c0c, 0x73703343, 0x90981888, 0x10101000, 0xc0cc0ccc,
+ 0xf2f032c2, 0xd1d819c9,
+ 0x202c2c0c, 0xe3e427c7, 0x72703242, 0x83800383, 0x93981b8b, 0xd1d011c1,
+ 0x82840686, 0xc1c809c9,
+ 0x60602040, 0x50501040, 0xa3a02383, 0xe3e82bcb, 0x010c0d0d, 0xb2b43686,
+ 0x929c1e8e, 0x434c0f4f,
+ 0xb3b43787, 0x52581a4a, 0xc2c406c6, 0x70783848, 0xa2a42686, 0x12101202,
+ 0xa3ac2f8f, 0xd1d415c5,
+ 0x61602141, 0xc3c003c3, 0xb0b43484, 0x41400141, 0x52501242, 0x717c3d4d,
+ 0x818c0d8d, 0x00080808,
+ 0x131c1f0f, 0x91981989, 0x00000000, 0x11181909, 0x00040404, 0x53501343,
+ 0xf3f437c7, 0xe1e021c1,
+ 0xf1fc3dcd, 0x72743646, 0x232c2f0f, 0x23242707, 0xb0b03080, 0x83880b8b,
+ 0x020c0e0e, 0xa3a82b8b,
+ 0xa2a02282, 0x626c2e4e, 0x93901383, 0x414c0d4d, 0x61682949, 0x707c3c4c,
+ 0x01080909, 0x02080a0a,
+ 0xb3bc3f8f, 0xe3ec2fcf, 0xf3f033c3, 0xc1c405c5, 0x83840787, 0x10141404,
+ 0xf2fc3ece, 0x60642444,
+ 0xd2dc1ece, 0x222c2e0e, 0x43480b4b, 0x12181a0a, 0x02040606, 0x21202101,
+ 0x63682b4b, 0x62642646,
+ 0x02000202, 0xf1f435c5, 0x92901282, 0x82880a8a, 0x000c0c0c, 0xb3b03383,
+ 0x727c3e4e, 0xd0d010c0,
+ 0x72783a4a, 0x43440747, 0x92941686, 0xe1e425c5, 0x22242606, 0x80800080,
+ 0xa1ac2d8d, 0xd3dc1fcf,
+ 0xa1a02181, 0x30303000, 0x33343707, 0xa2ac2e8e, 0x32343606, 0x11141505,
+ 0x22202202, 0x30383808,
+ 0xf0f434c4, 0xa3a42787, 0x41440545, 0x404c0c4c, 0x81800181, 0xe1e829c9,
+ 0x80840484, 0x93941787,
+ 0x31343505, 0xc3c80bcb, 0xc2cc0ece, 0x303c3c0c, 0x71703141, 0x11101101,
+ 0xc3c407c7, 0x81880989,
+ 0x71743545, 0xf3f83bcb, 0xd2d81aca, 0xf0f838c8, 0x90941484, 0x51581949,
+ 0x82800282, 0xc0c404c4,
+ 0xf3fc3fcf, 0x41480949, 0x31383909, 0x63642747, 0xc0c000c0, 0xc3cc0fcf,
+ 0xd3d417c7, 0xb0b83888,
+ 0x030c0f0f, 0x828c0e8e, 0x42400242, 0x23202303, 0x91901181, 0x606c2c4c,
+ 0xd3d81bcb, 0xa0a42484,
+ 0x30343404, 0xf1f031c1, 0x40480848, 0xc2c002c2, 0x636c2f4f, 0x313c3d0d,
+ 0x212c2d0d, 0x40400040,
+ 0xb2bc3e8e, 0x323c3e0e, 0xb0bc3c8c, 0xc1c001c1, 0xa2a82a8a, 0xb2b83a8a,
+ 0x424c0e4e, 0x51541545,
+ 0x33383b0b, 0xd0dc1ccc, 0x60682848, 0x737c3f4f, 0x909c1c8c, 0xd0d818c8,
+ 0x42480a4a, 0x52541646,
+ 0x73743747, 0xa0a02080, 0xe1ec2dcd, 0x42440646, 0xb1b43585, 0x23282b0b,
+ 0x61642545, 0xf2f83aca,
+ 0xe3e023c3, 0xb1b83989, 0xb1b03181, 0x939c1f8f, 0x525c1e4e, 0xf1f839c9,
+ 0xe2e426c6, 0xb2b03282,
+ 0x31303101, 0xe2e82aca, 0x616c2d4d, 0x535c1f4f, 0xe0e424c4, 0xf0f030c0,
+ 0xc1cc0dcd, 0x80880888,
+ 0x12141606, 0x32383a0a, 0x50581848, 0xd0d414c4, 0x62602242, 0x21282909,
+ 0x03040707, 0x33303303,
+ 0xe0e828c8, 0x13181b0b, 0x01040505, 0x71783949, 0x90901080, 0x62682a4a,
+ 0x22282a0a, 0x92981a8a}, {
+ 0x08303838, 0xc8e0e828, 0x0d212c2d, 0x86a2a426,
+ 0xcfc3cc0f, 0xced2dc1e, 0x83b3b033, 0x88b0b838,
+ 0x8fa3ac2f, 0x40606020, 0x45515415, 0xc7c3c407,
+ 0x44404404, 0x4f636c2f, 0x4b63682b, 0x4b53581b,
+ 0xc3c3c003, 0x42626022, 0x03333033, 0x85b1b435,
+ 0x09212829, 0x80a0a020, 0xc2e2e022, 0x87a3a427,
+ 0xc3d3d013, 0x81919011, 0x01111011, 0x06020406,
+ 0x0c101c1c, 0x8cb0bc3c, 0x06323436, 0x4b43480b,
+ 0xcfe3ec2f, 0x88808808, 0x4c606c2c, 0x88a0a828,
+ 0x07131417, 0xc4c0c404, 0x06121416, 0xc4f0f434,
+ 0xc2c2c002, 0x45414405, 0xc1e1e021, 0xc6d2d416,
+ 0x0f333c3f, 0x0d313c3d, 0x8e828c0e, 0x88909818,
+ 0x08202828, 0x4e424c0e, 0xc6f2f436, 0x0e323c3e,
+ 0x85a1a425, 0xc9f1f839, 0x0d010c0d, 0xcfd3dc1f,
+ 0xc8d0d818, 0x0b23282b, 0x46626426, 0x4a72783a,
+ 0x07232427, 0x0f232c2f, 0xc1f1f031, 0x42727032,
+ 0x42424002, 0xc4d0d414, 0x41414001, 0xc0c0c000,
+ 0x43737033, 0x47636427, 0x8ca0ac2c, 0x8b83880b,
+ 0xc7f3f437, 0x8da1ac2d, 0x80808000, 0x0f131c1f,
+ 0xcac2c80a, 0x0c202c2c, 0x8aa2a82a, 0x04303434,
+ 0xc2d2d012, 0x0b03080b, 0xcee2ec2e, 0xc9e1e829,
+ 0x4d515c1d, 0x84909414, 0x08101818, 0xc8f0f838,
+ 0x47535417, 0x8ea2ac2e, 0x08000808, 0xc5c1c405,
+ 0x03131013, 0xcdc1cc0d, 0x86828406, 0x89b1b839,
+ 0xcff3fc3f, 0x4d717c3d, 0xc1c1c001, 0x01313031,
+ 0xc5f1f435, 0x8a82880a, 0x4a62682a, 0x81b1b031,
+ 0xc1d1d011, 0x00202020, 0xc7d3d417, 0x02020002,
+ 0x02222022, 0x04000404, 0x48606828, 0x41717031,
+ 0x07030407, 0xcbd3d81b, 0x8d919c1d, 0x89919819,
+ 0x41616021, 0x8eb2bc3e, 0xc6e2e426, 0x49515819,
+ 0xcdd1dc1d, 0x41515011, 0x80909010, 0xccd0dc1c,
+ 0x8a92981a, 0x83a3a023, 0x8ba3a82b, 0xc0d0d010,
+ 0x81818001, 0x0f030c0f, 0x47434407, 0x0a12181a,
+ 0xc3e3e023, 0xcce0ec2c, 0x8d818c0d, 0x8fb3bc3f,
+ 0x86929416, 0x4b73783b, 0x4c505c1c, 0x82a2a022,
+ 0x81a1a021, 0x43636023, 0x03232023, 0x4d414c0d,
+ 0xc8c0c808, 0x8e929c1e, 0x8c909c1c, 0x0a32383a,
+ 0x0c000c0c, 0x0e222c2e, 0x8ab2b83a, 0x4e626c2e,
+ 0x8f939c1f, 0x4a52581a, 0xc2f2f032, 0x82929012,
+ 0xc3f3f033, 0x49414809, 0x48707838, 0xccc0cc0c,
+ 0x05111415, 0xcbf3f83b, 0x40707030, 0x45717435,
+ 0x4f737c3f, 0x05313435, 0x00101010, 0x03030003,
+ 0x44606424, 0x4d616c2d, 0xc6c2c406, 0x44707434,
+ 0xc5d1d415, 0x84b0b434, 0xcae2e82a, 0x09010809,
+ 0x46727436, 0x09111819, 0xcef2fc3e, 0x40404000,
+ 0x02121012, 0xc0e0e020, 0x8db1bc3d, 0x05010405,
+ 0xcaf2f83a, 0x01010001, 0xc0f0f030, 0x0a22282a,
+ 0x4e525c1e, 0x89a1a829, 0x46525416, 0x43434003,
+ 0x85818405, 0x04101414, 0x89818809, 0x8b93981b,
+ 0x80b0b030, 0xc5e1e425, 0x48404808, 0x49717839,
+ 0x87939417, 0xccf0fc3c, 0x0e121c1e, 0x82828002,
+ 0x01212021, 0x8c808c0c, 0x0b13181b, 0x4f535c1f,
+ 0x47737437, 0x44505414, 0x82b2b032, 0x0d111c1d,
+ 0x05212425, 0x4f434c0f, 0x00000000, 0x46424406,
+ 0xcde1ec2d, 0x48505818, 0x42525012, 0xcbe3e82b,
+ 0x4e727c3e, 0xcad2d81a, 0xc9c1c809, 0xcdf1fc3d,
+ 0x00303030, 0x85919415, 0x45616425, 0x0c303c3c,
+ 0x86b2b436, 0xc4e0e424, 0x8bb3b83b, 0x4c707c3c,
+ 0x0e020c0e, 0x40505010, 0x09313839, 0x06222426,
+ 0x02323032, 0x84808404, 0x49616829, 0x83939013,
+ 0x07333437, 0xc7e3e427, 0x04202424, 0x84a0a424,
+ 0xcbc3c80b, 0x43535013, 0x0a02080a, 0x87838407,
+ 0xc9d1d819, 0x4c404c0c, 0x83838003, 0x8f838c0f,
+ 0xcec2cc0e, 0x0b33383b, 0x4a42480a, 0x87b3b437}
};
/* key schedule constants - golden ratio */
@@ -729,9 +543,24 @@
# define KC14 0xde6e678d
# define KC15 0xbcdccf1b
+# if defined(OPENSSL_SMALL_FOOTPRINT)
+static const seed_word KC[] = {
+ KC0, KC1, KC2, KC3, KC4, KC5, KC6, KC7,
+ KC8, KC9, KC10, KC11, KC12, KC13, KC14, KC15
+};
+# endif
void SEED_set_key(const unsigned char rawkey[SEED_KEY_LENGTH],
SEED_KEY_SCHEDULE *ks)
+# ifdef OPENSSL_FIPS
{
+ fips_cipher_abort(SEED);
+ private_SEED_set_key(rawkey, ks);
+}
+
+void private_SEED_set_key(const unsigned char rawkey[SEED_KEY_LENGTH],
+ SEED_KEY_SCHEDULE *ks)
+# endif
+{
seed_word x1, x2, x3, x4;
seed_word t0, t1;
@@ -745,6 +574,8 @@
KEYUPDATE_TEMP(t0, t1, &ks->data[0]);
KEYSCHEDULE_UPDATE1(t0, t1, x1, x2, x3, x4, KC1);
KEYUPDATE_TEMP(t0, t1, &ks->data[2]);
+
+# if !defined(OPENSSL_SMALL_FOOTPRINT)
KEYSCHEDULE_UPDATE0(t0, t1, x1, x2, x3, x4, KC2);
KEYUPDATE_TEMP(t0, t1, &ks->data[4]);
KEYSCHEDULE_UPDATE1(t0, t1, x1, x2, x3, x4, KC3);
@@ -773,6 +604,17 @@
KEYUPDATE_TEMP(t0, t1, &ks->data[28]);
KEYSCHEDULE_UPDATE1(t0, t1, x1, x2, x3, x4, KC15);
KEYUPDATE_TEMP(t0, t1, &ks->data[30]);
+# else
+ {
+ int i;
+ for (i = 2; i < 16; i += 2) {
+ KEYSCHEDULE_UPDATE0(t0, t1, x1, x2, x3, x4, KC[i]);
+ KEYUPDATE_TEMP(t0, t1, &ks->data[i * 2]);
+ KEYSCHEDULE_UPDATE1(t0, t1, x1, x2, x3, x4, KC[i + 1]);
+ KEYUPDATE_TEMP(t0, t1, &ks->data[i * 2 + 2]);
+ }
+ }
+# endif
}
void SEED_encrypt(const unsigned char s[SEED_BLOCK_SIZE],
@@ -787,6 +629,7 @@
char2word(s + 8, x3);
char2word(s + 12, x4);
+# if !defined(OPENSSL_SMALL_FOOTPRINT)
E_SEED(t0, t1, x1, x2, x3, x4, 0);
E_SEED(t0, t1, x3, x4, x1, x2, 2);
E_SEED(t0, t1, x1, x2, x3, x4, 4);
@@ -803,6 +646,15 @@
E_SEED(t0, t1, x3, x4, x1, x2, 26);
E_SEED(t0, t1, x1, x2, x3, x4, 28);
E_SEED(t0, t1, x3, x4, x1, x2, 30);
+# else
+ {
+ int i;
+ for (i = 0; i < 30; i += 4) {
+ E_SEED(t0, t1, x1, x2, x3, x4, i);
+ E_SEED(t0, t1, x3, x4, x1, x2, i + 2);
+ }
+ }
+# endif
word2char(x3, d);
word2char(x4, d + 4);
@@ -822,6 +674,7 @@
char2word(s + 8, x3);
char2word(s + 12, x4);
+# if !defined(OPENSSL_SMALL_FOOTPRINT)
E_SEED(t0, t1, x1, x2, x3, x4, 30);
E_SEED(t0, t1, x3, x4, x1, x2, 28);
E_SEED(t0, t1, x1, x2, x3, x4, 26);
@@ -838,7 +691,17 @@
E_SEED(t0, t1, x3, x4, x1, x2, 4);
E_SEED(t0, t1, x1, x2, x3, x4, 2);
E_SEED(t0, t1, x3, x4, x1, x2, 0);
+# else
+ {
+ int i;
+ for (i = 30; i > 0; i -= 4) {
+ E_SEED(t0, t1, x1, x2, x3, x4, i);
+ E_SEED(t0, t1, x3, x4, x1, x2, i - 2);
+ }
+ }
+# endif
+
word2char(x3, d);
word2char(x4, d + 4);
word2char(x1, d + 8);
Modified: trunk/crypto/openssl/crypto/seed/seed.h
===================================================================
--- trunk/crypto/openssl/crypto/seed/seed.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/seed/seed.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -81,6 +81,8 @@
# define HEADER_SEED_H
# include <openssl/opensslconf.h>
+# include <openssl/e_os2.h>
+# include <openssl/crypto.h>
# ifdef OPENSSL_NO_SEED
# error SEED is disabled.
@@ -113,6 +115,10 @@
# endif
} SEED_KEY_SCHEDULE;
+# ifdef OPENSSL_FIPS
+void private_SEED_set_key(const unsigned char rawkey[SEED_KEY_LENGTH],
+ SEED_KEY_SCHEDULE *ks);
+# endif
void SEED_set_key(const unsigned char rawkey[SEED_KEY_LENGTH],
SEED_KEY_SCHEDULE *ks);
Modified: trunk/crypto/openssl/crypto/seed/seed_cbc.c
===================================================================
--- trunk/crypto/openssl/crypto/seed/seed_cbc.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/seed/seed_cbc.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -49,71 +49,17 @@
*
*/
-#include "seed_locl.h"
-#include <string.h>
+#include <openssl/seed.h>
+#include <openssl/modes.h>
void SEED_cbc_encrypt(const unsigned char *in, unsigned char *out,
size_t len, const SEED_KEY_SCHEDULE *ks,
unsigned char ivec[SEED_BLOCK_SIZE], int enc)
{
- size_t n;
- unsigned char tmp[SEED_BLOCK_SIZE];
- const unsigned char *iv = ivec;
-
- if (enc) {
- while (len >= SEED_BLOCK_SIZE) {
- for (n = 0; n < SEED_BLOCK_SIZE; ++n)
- out[n] = in[n] ^ iv[n];
- SEED_encrypt(out, out, ks);
- iv = out;
- len -= SEED_BLOCK_SIZE;
- in += SEED_BLOCK_SIZE;
- out += SEED_BLOCK_SIZE;
- }
- if (len) {
- for (n = 0; n < len; ++n)
- out[n] = in[n] ^ iv[n];
- for (n = len; n < SEED_BLOCK_SIZE; ++n)
- out[n] = iv[n];
- SEED_encrypt(out, out, ks);
- iv = out;
- }
- memcpy(ivec, iv, SEED_BLOCK_SIZE);
- } else if (in != out) { /* decrypt */
- while (len >= SEED_BLOCK_SIZE) {
- SEED_decrypt(in, out, ks);
- for (n = 0; n < SEED_BLOCK_SIZE; ++n)
- out[n] ^= iv[n];
- iv = in;
- len -= SEED_BLOCK_SIZE;
- in += SEED_BLOCK_SIZE;
- out += SEED_BLOCK_SIZE;
- }
- if (len) {
- SEED_decrypt(in, tmp, ks);
- for (n = 0; n < len; ++n)
- out[n] = tmp[n] ^ iv[n];
- iv = in;
- }
- memcpy(ivec, iv, SEED_BLOCK_SIZE);
- } else { /* decrypt, overlap */
-
- while (len >= SEED_BLOCK_SIZE) {
- memcpy(tmp, in, SEED_BLOCK_SIZE);
- SEED_decrypt(in, out, ks);
- for (n = 0; n < SEED_BLOCK_SIZE; ++n)
- out[n] ^= ivec[n];
- memcpy(ivec, tmp, SEED_BLOCK_SIZE);
- len -= SEED_BLOCK_SIZE;
- in += SEED_BLOCK_SIZE;
- out += SEED_BLOCK_SIZE;
- }
- if (len) {
- memcpy(tmp, in, SEED_BLOCK_SIZE);
- SEED_decrypt(tmp, tmp, ks);
- for (n = 0; n < len; ++n)
- out[n] = tmp[n] ^ ivec[n];
- memcpy(ivec, tmp, SEED_BLOCK_SIZE);
- }
- }
+ if (enc)
+ CRYPTO_cbc128_encrypt(in, out, len, ks, ivec,
+ (block128_f) SEED_encrypt);
+ else
+ CRYPTO_cbc128_decrypt(in, out, len, ks, ivec,
+ (block128_f) SEED_decrypt);
}
Modified: trunk/crypto/openssl/crypto/seed/seed_cfb.c
===================================================================
--- trunk/crypto/openssl/crypto/seed/seed_cfb.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/seed/seed_cfb.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -105,8 +105,8 @@
* [including the GNU Public Licence.]
*/
-#include "seed_locl.h"
-#include <string.h>
+#include <openssl/seed.h>
+#include <openssl/modes.h>
void SEED_cfb128_encrypt(const unsigned char *in, unsigned char *out,
size_t len, const SEED_KEY_SCHEDULE *ks,
@@ -113,28 +113,6 @@
unsigned char ivec[SEED_BLOCK_SIZE], int *num,
int enc)
{
- int n;
- unsigned char c;
-
- n = *num;
-
- if (enc) {
- while (len--) {
- if (n == 0)
- SEED_encrypt(ivec, ivec, ks);
- ivec[n] = *(out++) = *(in++) ^ ivec[n];
- n = (n + 1) % SEED_BLOCK_SIZE;
- }
- } else {
- while (len--) {
- if (n == 0)
- SEED_encrypt(ivec, ivec, ks);
- c = *(in);
- *(out++) = *(in++) ^ ivec[n];
- ivec[n] = c;
- n = (n + 1) % SEED_BLOCK_SIZE;
- }
- }
-
- *num = n;
+ CRYPTO_cfb128_encrypt(in, out, len, ks, ivec, num, enc,
+ (block128_f) SEED_encrypt);
}
Modified: trunk/crypto/openssl/crypto/seed/seed_ofb.c
===================================================================
--- trunk/crypto/openssl/crypto/seed/seed_ofb.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/seed/seed_ofb.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -105,23 +105,13 @@
* [including the GNU Public Licence.]
*/
-#include "seed_locl.h"
-#include <string.h>
+#include <openssl/seed.h>
+#include <openssl/modes.h>
void SEED_ofb128_encrypt(const unsigned char *in, unsigned char *out,
size_t len, const SEED_KEY_SCHEDULE *ks,
unsigned char ivec[SEED_BLOCK_SIZE], int *num)
{
- int n;
-
- n = *num;
-
- while (len--) {
- if (n == 0)
- SEED_encrypt(ivec, ivec, ks);
- *(out++) = *(in++) ^ ivec[n];
- n = (n + 1) % SEED_BLOCK_SIZE;
- }
-
- *num = n;
+ CRYPTO_ofb128_encrypt(in, out, len, ks, ivec, num,
+ (block128_f) SEED_encrypt);
}
Modified: trunk/crypto/openssl/crypto/sha/Makefile
===================================================================
--- trunk/crypto/openssl/crypto/sha/Makefile 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/sha/Makefile 2015-07-21 23:23:45 UTC (rev 7118)
@@ -38,25 +38,16 @@
all: lib
lib: $(LIBOBJ)
- $(ARX) $(LIB) $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
-# ELF
-sx86-elf.s: asm/sha1-586.pl ../perlasm/x86asm.pl
- (cd asm; $(PERL) sha1-586.pl elf $(CFLAGS) $(PROCESSOR) > ../$@)
-s512sse2-elf.s: asm/sha512-sse2.pl ../perlasm/x86asm.pl
- (cd asm; $(PERL) sha512-sse2.pl elf $(CFLAGS) $(PROCESSOR) > ../$@)
-# COFF
-sx86-cof.s: asm/sha1-586.pl ../perlasm/x86asm.pl
- (cd asm; $(PERL) sha1-586.pl coff $(CFLAGS) $(PROCESSOR) > ../$@)
-s512sse2-cof.s: asm/sha512-sse2.pl ../perlasm/x86asm.pl
- (cd asm; $(PERL) sha512-sse2.pl coff $(CFLAGS) $(PROCESSOR) > ../$@)
-# a.out
-sx86-out.s: asm/sha1-586.pl ../perlasm/x86asm.pl
- (cd asm; $(PERL) sha1-586.pl a.out $(CFLAGS) $(PROCESSOR) > ../$@)
-s512sse2-out.s: asm/sha512-sse2.pl ../perlasm/x86asm.pl
- (cd asm; $(PERL) sha512-sse2.pl a.out $(CFLAGS) $(PROCESSOR) > ../$@)
+sha1-586.s: asm/sha1-586.pl ../perlasm/x86asm.pl
+ $(PERL) asm/sha1-586.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+sha256-586.s: asm/sha256-586.pl ../perlasm/x86asm.pl
+ $(PERL) asm/sha256-586.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+sha512-586.s: asm/sha512-586.pl ../perlasm/x86asm.pl
+ $(PERL) asm/sha512-586.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
sha1-ia64.s: asm/sha1-ia64.pl
(cd asm; $(PERL) sha1-ia64.pl ../$@ $(CFLAGS))
@@ -65,11 +56,43 @@
sha512-ia64.s: asm/sha512-ia64.pl
(cd asm; $(PERL) sha512-ia64.pl ../$@ $(CFLAGS))
+sha256-armv4.S: asm/sha256-armv4.pl
+ $(PERL) $< $(PERLASM_SCHEME) $@
+
+sha1-alpha.s: asm/sha1-alpha.pl
+ (preproc=/tmp/$$$$.$@; trap "rm $$preproc" INT; \
+ $(PERL) asm/sha1-alpha.pl > $$preproc && \
+ $(CC) -E $$preproc > $@ && rm $$preproc)
+
# Solaris make has to be explicitly told
-sha1-x86_64.s: asm/sha1-x86_64.pl; $(PERL) asm/sha1-x86_64.pl $@
-sha256-x86_64.s:asm/sha512-x86_64.pl; $(PERL) asm/sha512-x86_64.pl $@
-sha512-x86_64.s:asm/sha512-x86_64.pl; $(PERL) asm/sha512-x86_64.pl $@
+sha1-x86_64.s: asm/sha1-x86_64.pl; $(PERL) asm/sha1-x86_64.pl $(PERLASM_SCHEME) > $@
+sha256-x86_64.s:asm/sha512-x86_64.pl; $(PERL) asm/sha512-x86_64.pl $(PERLASM_SCHEME) $@
+sha512-x86_64.s:asm/sha512-x86_64.pl; $(PERL) asm/sha512-x86_64.pl $(PERLASM_SCHEME) $@
+sha1-sparcv9.s: asm/sha1-sparcv9.pl; $(PERL) asm/sha1-sparcv9.pl $@ $(CFLAGS)
+sha256-sparcv9.s:asm/sha512-sparcv9.pl; $(PERL) asm/sha512-sparcv9.pl $@ $(CFLAGS)
+sha512-sparcv9.s:asm/sha512-sparcv9.pl; $(PERL) asm/sha512-sparcv9.pl $@ $(CFLAGS)
+sha1-ppc.s: asm/sha1-ppc.pl; $(PERL) asm/sha1-ppc.pl $(PERLASM_SCHEME) $@
+sha256-ppc.s: asm/sha512-ppc.pl; $(PERL) asm/sha512-ppc.pl $(PERLASM_SCHEME) $@
+sha512-ppc.s: asm/sha512-ppc.pl; $(PERL) asm/sha512-ppc.pl $(PERLASM_SCHEME) $@
+
+sha1-parisc.s: asm/sha1-parisc.pl; $(PERL) asm/sha1-parisc.pl $(PERLASM_SCHEME) $@
+sha256-parisc.s:asm/sha512-parisc.pl; $(PERL) asm/sha512-parisc.pl $(PERLASM_SCHEME) $@
+sha512-parisc.s:asm/sha512-parisc.pl; $(PERL) asm/sha512-parisc.pl $(PERLASM_SCHEME) $@
+
+sha1-mips.S: asm/sha1-mips.pl; $(PERL) asm/sha1-mips.pl $(PERLASM_SCHEME) $@
+sha256-mips.S: asm/sha512-mips.pl; $(PERL) asm/sha512-mips.pl $(PERLASM_SCHEME) $@
+sha512-mips.S: asm/sha512-mips.pl; $(PERL) asm/sha512-mips.pl $(PERLASM_SCHEME) $@
+
+# GNU make "catch all"
+sha1-%.S: asm/sha1-%.pl; $(PERL) $< $(PERLASM_SCHEME) $@
+sha256-%.S: asm/sha512-%.pl; $(PERL) $< $(PERLASM_SCHEME) $@
+sha512-%.S: asm/sha512-%.pl; $(PERL) $< $(PERLASM_SCHEME) $@
+
+sha1-armv4-large.o: sha1-armv4-large.S
+sha256-armv4.o: sha256-armv4.S
+sha512-armv4.o: sha512-armv4.S
+
files:
$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
@@ -94,6 +117,8 @@
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
+update: depend
+
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
@@ -113,27 +138,26 @@
sha1_one.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
sha1_one.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
sha1_one.o: sha1_one.c
-sha1dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/fips.h
+sha1dgst.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
sha1dgst.o: ../../include/openssl/opensslconf.h
-sha1dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/sha.h
+sha1dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+sha1dgst.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+sha1dgst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
sha1dgst.o: ../md32_common.h sha1dgst.c sha_locl.h
sha256.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-sha256.o: ../../include/openssl/fips.h ../../include/openssl/opensslconf.h
-sha256.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-sha256.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-sha256.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-sha256.o: ../md32_common.h sha256.c
+sha256.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+sha256.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+sha256.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+sha256.o: ../../include/openssl/symhacks.h ../md32_common.h sha256.c
sha512.o: ../../e_os.h ../../include/openssl/bio.h
sha512.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
sha512.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-sha512.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-sha512.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-sha512.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-sha512.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-sha512.o: ../../include/openssl/symhacks.h ../cryptlib.h sha512.c
-sha_dgst.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
-sha_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-sha_dgst.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
+sha512.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+sha512.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+sha512.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+sha512.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+sha512.o: ../cryptlib.h sha512.c
+sha_dgst.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
sha_dgst.o: ../../include/openssl/opensslconf.h
sha_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
sha_dgst.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
Modified: trunk/crypto/openssl/crypto/sha/asm/sha1-586.pl
===================================================================
--- trunk/crypto/openssl/crypto/sha/asm/sha1-586.pl 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/sha/asm/sha1-586.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -12,6 +12,8 @@
# commentary below], and in 2006 the rest was rewritten in order to
# gain freedom to liberate licensing terms.
+# January, September 2004.
+#
# It was noted that Intel IA-32 C compiler generates code which
# performs ~30% *faster* on P4 CPU than original *hand-coded*
# SHA1 assembler implementation. To address this problem (and
@@ -31,6 +33,71 @@
# ----------------------------------------------------------------
# <appro at fy.chalmers.se>
+# August 2009.
+#
+# George Spelvin has tipped that F_40_59(b,c,d) can be rewritten as
+# '(c&d) + (b&(c^d))', which allows to accumulate partial results
+# and lighten "pressure" on scratch registers. This resulted in
+# >12% performance improvement on contemporary AMD cores (with no
+# degradation on other CPUs:-). Also, the code was revised to maximize
+# "distance" between instructions producing input to 'lea' instruction
+# and the 'lea' instruction itself, which is essential for Intel Atom
+# core and resulted in ~15% improvement.
+
+# October 2010.
+#
+# Add SSSE3, Supplemental[!] SSE3, implementation. The idea behind it
+# is to offload message schedule denoted by Wt in NIST specification,
+# or Xupdate in OpenSSL source, to SIMD unit. The idea is not novel,
+# and in SSE2 context was first explored by Dean Gaudet in 2004, see
+# http://arctic.org/~dean/crypto/sha1.html. Since then several things
+# have changed that made it interesting again:
+#
+# a) XMM units became faster and wider;
+# b) instruction set became more versatile;
+# c) an important observation was made by Max Locktykhin, which made
+# it possible to reduce amount of instructions required to perform
+# the operation in question, for further details see
+# http://software.intel.com/en-us/articles/improving-the-performance-of-the-secure-hash-algorithm-1/.
+
+# April 2011.
+#
+# Add AVX code path, probably most controversial... The thing is that
+# switch to AVX alone improves performance by as little as 4% in
+# comparison to SSSE3 code path. But below result doesn't look like
+# 4% improvement... Trouble is that Sandy Bridge decodes 'ro[rl]' as
+# pair of \xB5-ops, and it's the additional \xB5-ops, two per round, that
+# make it run slower than Core2 and Westmere. But 'sh[rl]d' is decoded
+# as single \xB5-op by Sandy Bridge and it's replacing 'ro[rl]' with
+# equivalent 'sh[rl]d' that is responsible for the impressive 5.1
+# cycles per processed byte. But 'sh[rl]d' is not something that used
+# to be fast, nor does it appear to be fast in upcoming Bulldozer
+# [according to its optimization manual]. Which is why AVX code path
+# is guarded by *both* AVX and synthetic bit denoting Intel CPUs.
+# One can argue that it's unfair to AMD, but without 'sh[rl]d' it
+# makes no sense to keep the AVX code path. If somebody feels that
+# strongly, it's probably more appropriate to discuss possibility of
+# using vector rotate XOP on AMD...
+
+######################################################################
+# Current performance is summarized in following table. Numbers are
+# CPU clock cycles spent to process single byte (less is better).
+#
+# x86 SSSE3 AVX
+# Pentium 15.7 -
+# PIII 11.5 -
+# P4 10.6 -
+# AMD K8 7.1 -
+# Core2 7.3 6.1/+20% -
+# Atom 12.5 9.5(*)/+32% -
+# Westmere 7.3 5.6/+30% -
+# Sandy Bridge 8.8 6.2/+40% 5.1(**)/+70%
+#
+# (*) Loop is 1056 instructions long and expected result is ~8.25.
+# It remains mystery [to me] why ILP is limited to 1.7.
+#
+# (**) As per above comment, the result is for AVX *plus* sh[rl]d.
+
$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
push(@INC,"${dir}","${dir}../../perlasm");
require "x86asm.pl";
@@ -37,6 +104,21 @@
&asm_init($ARGV[0],"sha1-586.pl",$ARGV[$#ARGV] eq "386");
+$xmm=$ymm=0;
+for (@ARGV) { $xmm=1 if (/-DOPENSSL_IA32_SSE2/); }
+
+$ymm=1 if ($xmm &&
+ `$ENV{CC} -Wa,-v -c -o /dev/null -x assembler /dev/null 2>&1`
+ =~ /GNU assembler version ([2-9]\.[0-9]+)/ &&
+ $1>=2.19); # first version supporting AVX
+
+$ymm=1 if ($xmm && !$ymm && $ARGV[0] eq "win32n" &&
+ `nasm -v 2>&1` =~ /NASM version ([2-9]\.[0-9]+)/ &&
+ $1>=2.03); # first version supporting AVX
+
+&external_label("OPENSSL_ia32cap_P") if ($xmm);
+
+
$A="eax";
$B="ebx";
$C="ecx";
@@ -47,6 +129,10 @@
@V=($A,$B,$C,$D,$E,$T);
+$alt=0; # 1 denotes alternative IALU implementation, which performs
+ # 8% *worse* on P4, same on Westmere and Atom, 2% better on
+ # Sandy Bridge...
+
sub BODY_00_15
{
local($n,$a,$b,$c,$d,$e,$f)=@_;
@@ -59,16 +145,18 @@
&rotl($tmp1,5); # tmp1=ROTATE(a,5)
&xor($f,$d);
&add($tmp1,$e); # tmp1+=e;
- &and($f,$b);
- &mov($e,&swtmp($n%16)); # e becomes volatile and is loaded
+ &mov($e,&swtmp($n%16)); # e becomes volatile and is loaded
# with xi, also note that e becomes
# f in next round...
+ &and($f,$b);
+ &rotr($b,2); # b=ROTATE(b,30)
&xor($f,$d); # f holds F_00_19(b,c,d)
- &rotr($b,2); # b=ROTATE(b,30)
- &lea($tmp1,&DWP(0x5a827999,$tmp1,$e)); # tmp1+=K_00_19+xi
+ &lea($tmp1,&DWP(0x5a827999,$tmp1,$e)); # tmp1+=K_00_19+xi
- if ($n==15) { &add($f,$tmp1); } # f+=tmp1
+ if ($n==15) { &mov($e,&swtmp(($n+1)%16));# pre-fetch f for next round
+ &add($f,$tmp1); } # f+=tmp1
else { &add($tmp1,$f); } # f becomes a in next round
+ &mov($tmp1,$a) if ($alt && $n==15);
}
sub BODY_16_19
@@ -77,22 +165,41 @@
&comment("16_19 $n");
- &mov($f,&swtmp($n%16)); # f to hold Xupdate(xi,xa,xb,xc,xd)
- &mov($tmp1,$c); # tmp1 to hold F_00_19(b,c,d)
- &xor($f,&swtmp(($n+2)%16));
- &xor($tmp1,$d);
- &xor($f,&swtmp(($n+8)%16));
- &and($tmp1,$b); # tmp1 holds F_00_19(b,c,d)
- &rotr($b,2); # b=ROTATE(b,30)
+if ($alt) {
+ &xor($c,$d);
+ &xor($f,&swtmp(($n+2)%16)); # f to hold Xupdate(xi,xa,xb,xc,xd)
+ &and($tmp1,$c); # tmp1 to hold F_00_19(b,c,d), b&=c^d
+ &xor($f,&swtmp(($n+8)%16));
+ &xor($tmp1,$d); # tmp1=F_00_19(b,c,d)
&xor($f,&swtmp(($n+13)%16)); # f holds xa^xb^xc^xd
&rotl($f,1); # f=ROTATE(f,1)
+ &add($e,$tmp1); # e+=F_00_19(b,c,d)
+ &xor($c,$d); # restore $c
+ &mov($tmp1,$a); # b in next round
+ &rotr($b,$n==16?2:7); # b=ROTATE(b,30)
+ &mov(&swtmp($n%16),$f); # xi=f
+ &rotl($a,5); # ROTATE(a,5)
+ &lea($f,&DWP(0x5a827999,$f,$e));# f+=F_00_19(b,c,d)+e
+ &mov($e,&swtmp(($n+1)%16)); # pre-fetch f for next round
+ &add($f,$a); # f+=ROTATE(a,5)
+} else {
+ &mov($tmp1,$c); # tmp1 to hold F_00_19(b,c,d)
+ &xor($f,&swtmp(($n+2)%16)); # f to hold Xupdate(xi,xa,xb,xc,xd)
+ &xor($tmp1,$d);
+ &xor($f,&swtmp(($n+8)%16));
+ &and($tmp1,$b);
+ &xor($f,&swtmp(($n+13)%16)); # f holds xa^xb^xc^xd
+ &rotl($f,1); # f=ROTATE(f,1)
&xor($tmp1,$d); # tmp1=F_00_19(b,c,d)
- &mov(&swtmp($n%16),$f); # xi=f
- &lea($f,&DWP(0x5a827999,$f,$e));# f+=K_00_19+e
- &mov($e,$a); # e becomes volatile
- &rotl($e,5); # e=ROTATE(a,5)
- &add($f,$tmp1); # f+=F_00_19(b,c,d)
- &add($f,$e); # f+=ROTATE(a,5)
+ &add($e,$tmp1); # e+=F_00_19(b,c,d)
+ &mov($tmp1,$a);
+ &rotr($b,2); # b=ROTATE(b,30)
+ &mov(&swtmp($n%16),$f); # xi=f
+ &rotl($tmp1,5); # ROTATE(a,5)
+ &lea($f,&DWP(0x5a827999,$f,$e));# f+=F_00_19(b,c,d)+e
+ &mov($e,&swtmp(($n+1)%16)); # pre-fetch f for next round
+ &add($f,$tmp1); # f+=ROTATE(a,5)
+}
}
sub BODY_20_39
@@ -102,21 +209,41 @@
&comment("20_39 $n");
+if ($alt) {
+ &xor($tmp1,$c); # tmp1 to hold F_20_39(b,c,d), b^=c
+ &xor($f,&swtmp(($n+2)%16)); # f to hold Xupdate(xi,xa,xb,xc,xd)
+ &xor($tmp1,$d); # tmp1 holds F_20_39(b,c,d)
+ &xor($f,&swtmp(($n+8)%16));
+ &add($e,$tmp1); # e+=F_20_39(b,c,d)
+ &xor($f,&swtmp(($n+13)%16)); # f holds xa^xb^xc^xd
+ &rotl($f,1); # f=ROTATE(f,1)
+ &mov($tmp1,$a); # b in next round
+ &rotr($b,7); # b=ROTATE(b,30)
+ &mov(&swtmp($n%16),$f) if($n<77);# xi=f
+ &rotl($a,5); # ROTATE(a,5)
+ &xor($b,$c) if($n==39);# warm up for BODY_40_59
+ &and($tmp1,$b) if($n==39);
+ &lea($f,&DWP($K,$f,$e)); # f+=e+K_XX_YY
+ &mov($e,&swtmp(($n+1)%16)) if($n<79);# pre-fetch f for next round
+ &add($f,$a); # f+=ROTATE(a,5)
+ &rotr($a,5) if ($n==79);
+} else {
&mov($tmp1,$b); # tmp1 to hold F_20_39(b,c,d)
- &mov($f,&swtmp($n%16)); # f to hold Xupdate(xi,xa,xb,xc,xd)
- &rotr($b,2); # b=ROTATE(b,30)
- &xor($f,&swtmp(($n+2)%16));
+ &xor($f,&swtmp(($n+2)%16)); # f to hold Xupdate(xi,xa,xb,xc,xd)
&xor($tmp1,$c);
&xor($f,&swtmp(($n+8)%16));
&xor($tmp1,$d); # tmp1 holds F_20_39(b,c,d)
&xor($f,&swtmp(($n+13)%16)); # f holds xa^xb^xc^xd
&rotl($f,1); # f=ROTATE(f,1)
- &add($tmp1,$e);
- &mov(&swtmp($n%16),$f); # xi=f
- &mov($e,$a); # e becomes volatile
- &rotl($e,5); # e=ROTATE(a,5)
- &lea($f,&DWP($K,$f,$tmp1)); # f+=K_20_39+e
- &add($f,$e); # f+=ROTATE(a,5)
+ &add($e,$tmp1); # e+=F_20_39(b,c,d)
+ &rotr($b,2); # b=ROTATE(b,30)
+ &mov($tmp1,$a);
+ &rotl($tmp1,5); # ROTATE(a,5)
+ &mov(&swtmp($n%16),$f) if($n<77);# xi=f
+ &lea($f,&DWP($K,$f,$e)); # f+=e+K_XX_YY
+ &mov($e,&swtmp(($n+1)%16)) if($n<79);# pre-fetch f for next round
+ &add($f,$tmp1); # f+=ROTATE(a,5)
+}
}
sub BODY_40_59
@@ -125,41 +252,86 @@
&comment("40_59 $n");
- &mov($f,&swtmp($n%16)); # f to hold Xupdate(xi,xa,xb,xc,xd)
- &mov($tmp1,&swtmp(($n+2)%16));
- &xor($f,$tmp1);
- &mov($tmp1,&swtmp(($n+8)%16));
- &xor($f,$tmp1);
- &mov($tmp1,&swtmp(($n+13)%16));
- &xor($f,$tmp1); # f holds xa^xb^xc^xd
- &mov($tmp1,$b); # tmp1 to hold F_40_59(b,c,d)
+if ($alt) {
+ &add($e,$tmp1); # e+=b&(c^d)
+ &xor($f,&swtmp(($n+2)%16)); # f to hold Xupdate(xi,xa,xb,xc,xd)
+ &mov($tmp1,$d);
+ &xor($f,&swtmp(($n+8)%16));
+ &xor($c,$d); # restore $c
+ &xor($f,&swtmp(($n+13)%16)); # f holds xa^xb^xc^xd
&rotl($f,1); # f=ROTATE(f,1)
- &or($tmp1,$c);
- &mov(&swtmp($n%16),$f); # xi=f
- &and($tmp1,$d);
- &lea($f,&DWP(0x8f1bbcdc,$f,$e));# f+=K_40_59+e
- &mov($e,$b); # e becomes volatile and is used
- # to calculate F_40_59(b,c,d)
+ &and($tmp1,$c);
+ &rotr($b,7); # b=ROTATE(b,30)
+ &add($e,$tmp1); # e+=c&d
+ &mov($tmp1,$a); # b in next round
+ &mov(&swtmp($n%16),$f); # xi=f
+ &rotl($a,5); # ROTATE(a,5)
+ &xor($b,$c) if ($n<59);
+ &and($tmp1,$b) if ($n<59);# tmp1 to hold F_40_59(b,c,d)
+ &lea($f,&DWP(0x8f1bbcdc,$f,$e));# f+=K_40_59+e+(b&(c^d))
+ &mov($e,&swtmp(($n+1)%16)); # pre-fetch f for next round
+ &add($f,$a); # f+=ROTATE(a,5)
+} else {
+ &mov($tmp1,$c); # tmp1 to hold F_40_59(b,c,d)
+ &xor($f,&swtmp(($n+2)%16)); # f to hold Xupdate(xi,xa,xb,xc,xd)
+ &xor($tmp1,$d);
+ &xor($f,&swtmp(($n+8)%16));
+ &and($tmp1,$b);
+ &xor($f,&swtmp(($n+13)%16)); # f holds xa^xb^xc^xd
+ &rotl($f,1); # f=ROTATE(f,1)
+ &add($tmp1,$e); # b&(c^d)+=e
&rotr($b,2); # b=ROTATE(b,30)
- &and($e,$c);
- &or($tmp1,$e); # tmp1 holds F_40_59(b,c,d)
- &mov($e,$a);
- &rotl($e,5); # e=ROTATE(a,5)
- &add($f,$tmp1); # f+=tmp1;
+ &mov($e,$a); # e becomes volatile
+ &rotl($e,5); # ROTATE(a,5)
+ &mov(&swtmp($n%16),$f); # xi=f
+ &lea($f,&DWP(0x8f1bbcdc,$f,$tmp1));# f+=K_40_59+e+(b&(c^d))
+ &mov($tmp1,$c);
&add($f,$e); # f+=ROTATE(a,5)
+ &and($tmp1,$d);
+ &mov($e,&swtmp(($n+1)%16)); # pre-fetch f for next round
+ &add($f,$tmp1); # f+=c&d
+}
}
&function_begin("sha1_block_data_order");
+if ($xmm) {
+ &static_label("ssse3_shortcut");
+ &static_label("avx_shortcut") if ($ymm);
+ &static_label("K_XX_XX");
+
+ &call (&label("pic_point")); # make it PIC!
+ &set_label("pic_point");
+ &blindpop($tmp1);
+ &picmeup($T,"OPENSSL_ia32cap_P",$tmp1,&label("pic_point"));
+ &lea ($tmp1,&DWP(&label("K_XX_XX")."-".&label("pic_point"),$tmp1));
+
+ &mov ($A,&DWP(0,$T));
+ &mov ($D,&DWP(4,$T));
+ &test ($D,1<<9); # check SSSE3 bit
+ &jz (&label("x86"));
+ &test ($A,1<<24); # check FXSR bit
+ &jz (&label("x86"));
+ if ($ymm) {
+ &and ($D,1<<28); # mask AVX bit
+ &and ($A,1<<30); # mask "Intel CPU" bit
+ &or ($A,$D);
+ &cmp ($A,1<<28|1<<30);
+ &je (&label("avx_shortcut"));
+ }
+ &jmp (&label("ssse3_shortcut"));
+ &set_label("x86",16);
+}
&mov($tmp1,&wparam(0)); # SHA_CTX *c
&mov($T,&wparam(1)); # const void *input
&mov($A,&wparam(2)); # size_t num
- &stack_push(16); # allocate X[16]
+ &stack_push(16+3); # allocate X[16]
&shl($A,6);
&add($A,$T);
&mov(&wparam(2),$A); # pointer beyond the end of input
&mov($E,&DWP(16,$tmp1));# pre-load E
+ &jmp(&label("loop"));
- &set_label("loop",16);
+&set_label("loop",16);
# copy input chunk to X, but reversing byte order!
for ($i=0; $i<16; $i+=4)
@@ -213,7 +385,845 @@
&mov(&DWP(16,$tmp1),$C);
&jb(&label("loop"));
- &stack_pop(16);
+ &stack_pop(16+3);
&function_end("sha1_block_data_order");
+if ($xmm) {
+######################################################################
+# The SSSE3 implementation.
+#
+# %xmm[0-7] are used as ring @X[] buffer containing quadruples of last
+# 32 elements of the message schedule or Xupdate outputs. First 4
+# quadruples are simply byte-swapped input, next 4 are calculated
+# according to method originally suggested by Dean Gaudet (modulo
+# being implemented in SSSE3). Once 8 quadruples or 32 elements are
+# collected, it switches to routine proposed by Max Locktyukhin.
+#
+# Calculations inevitably require temporary reqisters, and there are
+# no %xmm registers left to spare. For this reason part of the ring
+# buffer, X[2..4] to be specific, is offloaded to 3 quadriples ring
+# buffer on the stack. Keep in mind that X[2] is alias X[-6], X[3] -
+# X[-5], and X[4] - X[-4]...
+#
+# Another notable optimization is aggressive stack frame compression
+# aiming to minimize amount of 9-byte instructions...
+#
+# Yet another notable optimization is "jumping" $B variable. It means
+# that there is no register permanently allocated for $B value. This
+# allowed to eliminate one instruction from body_20_39...
+#
+my $Xi=4; # 4xSIMD Xupdate round, start pre-seeded
+my @X=map("xmm$_",(4..7,0..3)); # pre-seeded for $Xi=4
+my @V=($A,$B,$C,$D,$E);
+my $j=0; # hash round
+my @T=($T,$tmp1);
+my $inp;
+
+my $_rol=sub { &rol(@_) };
+my $_ror=sub { &ror(@_) };
+
+&function_begin("_sha1_block_data_order_ssse3");
+ &call (&label("pic_point")); # make it PIC!
+ &set_label("pic_point");
+ &blindpop($tmp1);
+ &lea ($tmp1,&DWP(&label("K_XX_XX")."-".&label("pic_point"),$tmp1));
+&set_label("ssse3_shortcut");
+
+ &movdqa (@X[3],&QWP(0,$tmp1)); # K_00_19
+ &movdqa (@X[4],&QWP(16,$tmp1)); # K_20_39
+ &movdqa (@X[5],&QWP(32,$tmp1)); # K_40_59
+ &movdqa (@X[6],&QWP(48,$tmp1)); # K_60_79
+ &movdqa (@X[2],&QWP(64,$tmp1)); # pbswap mask
+
+ &mov ($E,&wparam(0)); # load argument block
+ &mov ($inp=@T[1],&wparam(1));
+ &mov ($D,&wparam(2));
+ &mov (@T[0],"esp");
+
+ # stack frame layout
+ #
+ # +0 X[0]+K X[1]+K X[2]+K X[3]+K # XMM->IALU xfer area
+ # X[4]+K X[5]+K X[6]+K X[7]+K
+ # X[8]+K X[9]+K X[10]+K X[11]+K
+ # X[12]+K X[13]+K X[14]+K X[15]+K
+ #
+ # +64 X[0] X[1] X[2] X[3] # XMM->XMM backtrace area
+ # X[4] X[5] X[6] X[7]
+ # X[8] X[9] X[10] X[11] # even borrowed for K_00_19
+ #
+ # +112 K_20_39 K_20_39 K_20_39 K_20_39 # constants
+ # K_40_59 K_40_59 K_40_59 K_40_59
+ # K_60_79 K_60_79 K_60_79 K_60_79
+ # K_00_19 K_00_19 K_00_19 K_00_19
+ # pbswap mask
+ #
+ # +192 ctx # argument block
+ # +196 inp
+ # +200 end
+ # +204 esp
+ &sub ("esp",208);
+ &and ("esp",-64);
+
+ &movdqa (&QWP(112+0,"esp"), at X[4]); # copy constants
+ &movdqa (&QWP(112+16,"esp"), at X[5]);
+ &movdqa (&QWP(112+32,"esp"), at X[6]);
+ &shl ($D,6); # len*64
+ &movdqa (&QWP(112+48,"esp"), at X[3]);
+ &add ($D,$inp); # end of input
+ &movdqa (&QWP(112+64,"esp"), at X[2]);
+ &add ($inp,64);
+ &mov (&DWP(192+0,"esp"),$E); # save argument block
+ &mov (&DWP(192+4,"esp"),$inp);
+ &mov (&DWP(192+8,"esp"),$D);
+ &mov (&DWP(192+12,"esp"), at T[0]); # save original %esp
+
+ &mov ($A,&DWP(0,$E)); # load context
+ &mov ($B,&DWP(4,$E));
+ &mov ($C,&DWP(8,$E));
+ &mov ($D,&DWP(12,$E));
+ &mov ($E,&DWP(16,$E));
+ &mov (@T[0],$B); # magic seed
+
+ &movdqu (@X[-4&7],&QWP(-64,$inp)); # load input to %xmm[0-3]
+ &movdqu (@X[-3&7],&QWP(-48,$inp));
+ &movdqu (@X[-2&7],&QWP(-32,$inp));
+ &movdqu (@X[-1&7],&QWP(-16,$inp));
+ &pshufb (@X[-4&7], at X[2]); # byte swap
+ &pshufb (@X[-3&7], at X[2]);
+ &pshufb (@X[-2&7], at X[2]);
+ &movdqa (&QWP(112-16,"esp"), at X[3]); # borrow last backtrace slot
+ &pshufb (@X[-1&7], at X[2]);
+ &paddd (@X[-4&7], at X[3]); # add K_00_19
+ &paddd (@X[-3&7], at X[3]);
+ &paddd (@X[-2&7], at X[3]);
+ &movdqa (&QWP(0,"esp"), at X[-4&7]); # X[]+K xfer to IALU
+ &psubd (@X[-4&7], at X[3]); # restore X[]
+ &movdqa (&QWP(0+16,"esp"), at X[-3&7]);
+ &psubd (@X[-3&7], at X[3]);
+ &movdqa (&QWP(0+32,"esp"), at X[-2&7]);
+ &psubd (@X[-2&7], at X[3]);
+ &movdqa (@X[0], at X[-3&7]);
+ &jmp (&label("loop"));
+
+######################################################################
+# SSE instruction sequence is first broken to groups of indepentent
+# instructions, independent in respect to their inputs and shifter
+# (not all architectures have more than one). Then IALU instructions
+# are "knitted in" between the SSE groups. Distance is maintained for
+# SSE latency of 2 in hope that it fits better upcoming AMD Bulldozer
+# [which allegedly also implements SSSE3]...
+#
+# Temporary registers usage. X[2] is volatile at the entry and at the
+# end is restored from backtrace ring buffer. X[3] is expected to
+# contain current K_XX_XX constant and is used to caclulate X[-1]+K
+# from previous round, it becomes volatile the moment the value is
+# saved to stack for transfer to IALU. X[4] becomes volatile whenever
+# X[-4] is accumulated and offloaded to backtrace ring buffer, at the
+# end it is loaded with next K_XX_XX [which becomes X[3] in next
+# round]...
+#
+sub Xupdate_ssse3_16_31() # recall that $Xi starts wtih 4
+{ use integer;
+ my $body = shift;
+ my @insns = (&$body,&$body,&$body,&$body); # 40 instructions
+ my ($a,$b,$c,$d,$e);
+
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &palignr(@X[0], at X[-4&7],8); # compose "X[-14]" in "X[0]"
+ &movdqa (@X[2], at X[-1&7]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &paddd (@X[3], at X[-1&7]);
+ &movdqa (&QWP(64+16*(($Xi-4)%3),"esp"), at X[-4&7]);# save X[] to backtrace buffer
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &psrldq (@X[2],4); # "X[-3]", 3 dwords
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &pxor (@X[0], at X[-4&7]); # "X[0]"^="X[-16]"
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &pxor (@X[2], at X[-2&7]); # "X[-3]"^"X[-8]"
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &pxor (@X[0], at X[2]); # "X[0]"^="X[-3]"^"X[-8]"
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &movdqa (&QWP(0+16*(($Xi-1)&3),"esp"), at X[3]); # X[]+K xfer to IALU
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &movdqa (@X[4], at X[0]);
+ &movdqa (@X[2], at X[0]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &pslldq (@X[4],12); # "X[0]"<<96, extract one dword
+ &paddd (@X[0], at X[0]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &psrld (@X[2],31);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &movdqa (@X[3], at X[4]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &psrld (@X[4],30);
+ &por (@X[0], at X[2]); # "X[0]"<<<=1
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &movdqa (@X[2],&QWP(64+16*(($Xi-6)%3),"esp")) if ($Xi>5); # restore X[] from backtrace buffer
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &pslld (@X[3],2);
+ &pxor (@X[0], at X[4]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &movdqa (@X[4],&QWP(112-16+16*(($Xi)/5),"esp")); # K_XX_XX
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &pxor (@X[0], at X[3]); # "X[0]"^=("X[0]"<<96)<<<2
+ &movdqa (@X[1], at X[-2&7]) if ($Xi<7);
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ foreach (@insns) { eval; } # remaining instructions [if any]
+
+ $Xi++; push(@X,shift(@X)); # "rotate" X[]
+}
+
+sub Xupdate_ssse3_32_79()
+{ use integer;
+ my $body = shift;
+ my @insns = (&$body,&$body,&$body,&$body); # 32 to 48 instructions
+ my ($a,$b,$c,$d,$e);
+
+ &movdqa (@X[2], at X[-1&7]) if ($Xi==8);
+ eval(shift(@insns)); # body_20_39
+ &pxor (@X[0], at X[-4&7]); # "X[0]"="X[-32]"^"X[-16]"
+ &palignr(@X[2], at X[-2&7],8); # compose "X[-6]"
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns)); # rol
+
+ &pxor (@X[0], at X[-7&7]); # "X[0]"^="X[-28]"
+ &movdqa (&QWP(64+16*(($Xi-4)%3),"esp"), at X[-4&7]); # save X[] to backtrace buffer
+ eval(shift(@insns));
+ eval(shift(@insns));
+ if ($Xi%5) {
+ &movdqa (@X[4], at X[3]); # "perpetuate" K_XX_XX...
+ } else { # ... or load next one
+ &movdqa (@X[4],&QWP(112-16+16*($Xi/5),"esp"));
+ }
+ &paddd (@X[3], at X[-1&7]);
+ eval(shift(@insns)); # ror
+ eval(shift(@insns));
+
+ &pxor (@X[0], at X[2]); # "X[0]"^="X[-6]"
+ eval(shift(@insns)); # body_20_39
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns)); # rol
+
+ &movdqa (@X[2], at X[0]);
+ &movdqa (&QWP(0+16*(($Xi-1)&3),"esp"), at X[3]); # X[]+K xfer to IALU
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns)); # ror
+ eval(shift(@insns));
+
+ &pslld (@X[0],2);
+ eval(shift(@insns)); # body_20_39
+ eval(shift(@insns));
+ &psrld (@X[2],30);
+ eval(shift(@insns));
+ eval(shift(@insns)); # rol
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns)); # ror
+ eval(shift(@insns));
+
+ &por (@X[0], at X[2]); # "X[0]"<<<=2
+ eval(shift(@insns)); # body_20_39
+ eval(shift(@insns));
+ &movdqa (@X[2],&QWP(64+16*(($Xi-6)%3),"esp")) if($Xi<19); # restore X[] from backtrace buffer
+ eval(shift(@insns));
+ eval(shift(@insns)); # rol
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns)); # ror
+ &movdqa (@X[3], at X[0]) if ($Xi<19);
+ eval(shift(@insns));
+
+ foreach (@insns) { eval; } # remaining instructions
+
+ $Xi++; push(@X,shift(@X)); # "rotate" X[]
+}
+
+sub Xuplast_ssse3_80()
+{ use integer;
+ my $body = shift;
+ my @insns = (&$body,&$body,&$body,&$body); # 32 instructions
+ my ($a,$b,$c,$d,$e);
+
+ eval(shift(@insns));
+ &paddd (@X[3], at X[-1&7]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &movdqa (&QWP(0+16*(($Xi-1)&3),"esp"), at X[3]); # X[]+K xfer IALU
+
+ foreach (@insns) { eval; } # remaining instructions
+
+ &mov ($inp=@T[1],&DWP(192+4,"esp"));
+ &cmp ($inp,&DWP(192+8,"esp"));
+ &je (&label("done"));
+
+ &movdqa (@X[3],&QWP(112+48,"esp")); # K_00_19
+ &movdqa (@X[2],&QWP(112+64,"esp")); # pbswap mask
+ &movdqu (@X[-4&7],&QWP(0,$inp)); # load input
+ &movdqu (@X[-3&7],&QWP(16,$inp));
+ &movdqu (@X[-2&7],&QWP(32,$inp));
+ &movdqu (@X[-1&7],&QWP(48,$inp));
+ &add ($inp,64);
+ &pshufb (@X[-4&7], at X[2]); # byte swap
+ &mov (&DWP(192+4,"esp"),$inp);
+ &movdqa (&QWP(112-16,"esp"), at X[3]); # borrow last backtrace slot
+
+ $Xi=0;
+}
+
+sub Xloop_ssse3()
+{ use integer;
+ my $body = shift;
+ my @insns = (&$body,&$body,&$body,&$body); # 32 instructions
+ my ($a,$b,$c,$d,$e);
+
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &pshufb (@X[($Xi-3)&7], at X[2]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &paddd (@X[($Xi-4)&7], at X[3]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &movdqa (&QWP(0+16*$Xi,"esp"), at X[($Xi-4)&7]); # X[]+K xfer to IALU
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &psubd (@X[($Xi-4)&7], at X[3]);
+
+ foreach (@insns) { eval; }
+ $Xi++;
+}
+
+sub Xtail_ssse3()
+{ use integer;
+ my $body = shift;
+ my @insns = (&$body,&$body,&$body,&$body); # 32 instructions
+ my ($a,$b,$c,$d,$e);
+
+ foreach (@insns) { eval; }
+}
+
+sub body_00_19 () {
+ (
+ '($a,$b,$c,$d,$e)=@V;'.
+ '&add ($e,&DWP(4*($j&15),"esp"));', # X[]+K xfer
+ '&xor ($c,$d);',
+ '&mov (@T[1],$a);', # $b in next round
+ '&$_rol ($a,5);',
+ '&and (@T[0],$c);', # ($b&($c^$d))
+ '&xor ($c,$d);', # restore $c
+ '&xor (@T[0],$d);',
+ '&add ($e,$a);',
+ '&$_ror ($b,$j?7:2);', # $b>>>2
+ '&add ($e, at T[0]);' .'$j++; unshift(@V,pop(@V)); unshift(@T,pop(@T));'
+ );
+}
+
+sub body_20_39 () {
+ (
+ '($a,$b,$c,$d,$e)=@V;'.
+ '&add ($e,&DWP(4*($j++&15),"esp"));', # X[]+K xfer
+ '&xor (@T[0],$d);', # ($b^$d)
+ '&mov (@T[1],$a);', # $b in next round
+ '&$_rol ($a,5);',
+ '&xor (@T[0],$c);', # ($b^$d^$c)
+ '&add ($e,$a);',
+ '&$_ror ($b,7);', # $b>>>2
+ '&add ($e, at T[0]);' .'unshift(@V,pop(@V)); unshift(@T,pop(@T));'
+ );
+}
+
+sub body_40_59 () {
+ (
+ '($a,$b,$c,$d,$e)=@V;'.
+ '&mov (@T[1],$c);',
+ '&xor ($c,$d);',
+ '&add ($e,&DWP(4*($j++&15),"esp"));', # X[]+K xfer
+ '&and (@T[1],$d);',
+ '&and (@T[0],$c);', # ($b&($c^$d))
+ '&$_ror ($b,7);', # $b>>>2
+ '&add ($e, at T[1]);',
+ '&mov (@T[1],$a);', # $b in next round
+ '&$_rol ($a,5);',
+ '&add ($e, at T[0]);',
+ '&xor ($c,$d);', # restore $c
+ '&add ($e,$a);' .'unshift(@V,pop(@V)); unshift(@T,pop(@T));'
+ );
+}
+
+&set_label("loop",16);
+ &Xupdate_ssse3_16_31(\&body_00_19);
+ &Xupdate_ssse3_16_31(\&body_00_19);
+ &Xupdate_ssse3_16_31(\&body_00_19);
+ &Xupdate_ssse3_16_31(\&body_00_19);
+ &Xupdate_ssse3_32_79(\&body_00_19);
+ &Xupdate_ssse3_32_79(\&body_20_39);
+ &Xupdate_ssse3_32_79(\&body_20_39);
+ &Xupdate_ssse3_32_79(\&body_20_39);
+ &Xupdate_ssse3_32_79(\&body_20_39);
+ &Xupdate_ssse3_32_79(\&body_20_39);
+ &Xupdate_ssse3_32_79(\&body_40_59);
+ &Xupdate_ssse3_32_79(\&body_40_59);
+ &Xupdate_ssse3_32_79(\&body_40_59);
+ &Xupdate_ssse3_32_79(\&body_40_59);
+ &Xupdate_ssse3_32_79(\&body_40_59);
+ &Xupdate_ssse3_32_79(\&body_20_39);
+ &Xuplast_ssse3_80(\&body_20_39); # can jump to "done"
+
+ $saved_j=$j; @saved_V=@V;
+
+ &Xloop_ssse3(\&body_20_39);
+ &Xloop_ssse3(\&body_20_39);
+ &Xloop_ssse3(\&body_20_39);
+
+ &mov (@T[1],&DWP(192,"esp")); # update context
+ &add ($A,&DWP(0, at T[1]));
+ &add (@T[0],&DWP(4, at T[1])); # $b
+ &add ($C,&DWP(8, at T[1]));
+ &mov (&DWP(0, at T[1]),$A);
+ &add ($D,&DWP(12, at T[1]));
+ &mov (&DWP(4, at T[1]), at T[0]);
+ &add ($E,&DWP(16, at T[1]));
+ &mov (&DWP(8, at T[1]),$C);
+ &mov ($B, at T[0]);
+ &mov (&DWP(12, at T[1]),$D);
+ &mov (&DWP(16, at T[1]),$E);
+ &movdqa (@X[0], at X[-3&7]);
+
+ &jmp (&label("loop"));
+
+&set_label("done",16); $j=$saved_j; @V=@saved_V;
+
+ &Xtail_ssse3(\&body_20_39);
+ &Xtail_ssse3(\&body_20_39);
+ &Xtail_ssse3(\&body_20_39);
+
+ &mov (@T[1],&DWP(192,"esp")); # update context
+ &add ($A,&DWP(0, at T[1]));
+ &mov ("esp",&DWP(192+12,"esp")); # restore %esp
+ &add (@T[0],&DWP(4, at T[1])); # $b
+ &add ($C,&DWP(8, at T[1]));
+ &mov (&DWP(0, at T[1]),$A);
+ &add ($D,&DWP(12, at T[1]));
+ &mov (&DWP(4, at T[1]), at T[0]);
+ &add ($E,&DWP(16, at T[1]));
+ &mov (&DWP(8, at T[1]),$C);
+ &mov (&DWP(12, at T[1]),$D);
+ &mov (&DWP(16, at T[1]),$E);
+
+&function_end("_sha1_block_data_order_ssse3");
+
+if ($ymm) {
+my $Xi=4; # 4xSIMD Xupdate round, start pre-seeded
+my @X=map("xmm$_",(4..7,0..3)); # pre-seeded for $Xi=4
+my @V=($A,$B,$C,$D,$E);
+my $j=0; # hash round
+my @T=($T,$tmp1);
+my $inp;
+
+my $_rol=sub { &shld(@_[0], at _) };
+my $_ror=sub { &shrd(@_[0], at _) };
+
+&function_begin("_sha1_block_data_order_avx");
+ &call (&label("pic_point")); # make it PIC!
+ &set_label("pic_point");
+ &blindpop($tmp1);
+ &lea ($tmp1,&DWP(&label("K_XX_XX")."-".&label("pic_point"),$tmp1));
+&set_label("avx_shortcut");
+ &vzeroall();
+
+ &vmovdqa(@X[3],&QWP(0,$tmp1)); # K_00_19
+ &vmovdqa(@X[4],&QWP(16,$tmp1)); # K_20_39
+ &vmovdqa(@X[5],&QWP(32,$tmp1)); # K_40_59
+ &vmovdqa(@X[6],&QWP(48,$tmp1)); # K_60_79
+ &vmovdqa(@X[2],&QWP(64,$tmp1)); # pbswap mask
+
+ &mov ($E,&wparam(0)); # load argument block
+ &mov ($inp=@T[1],&wparam(1));
+ &mov ($D,&wparam(2));
+ &mov (@T[0],"esp");
+
+ # stack frame layout
+ #
+ # +0 X[0]+K X[1]+K X[2]+K X[3]+K # XMM->IALU xfer area
+ # X[4]+K X[5]+K X[6]+K X[7]+K
+ # X[8]+K X[9]+K X[10]+K X[11]+K
+ # X[12]+K X[13]+K X[14]+K X[15]+K
+ #
+ # +64 X[0] X[1] X[2] X[3] # XMM->XMM backtrace area
+ # X[4] X[5] X[6] X[7]
+ # X[8] X[9] X[10] X[11] # even borrowed for K_00_19
+ #
+ # +112 K_20_39 K_20_39 K_20_39 K_20_39 # constants
+ # K_40_59 K_40_59 K_40_59 K_40_59
+ # K_60_79 K_60_79 K_60_79 K_60_79
+ # K_00_19 K_00_19 K_00_19 K_00_19
+ # pbswap mask
+ #
+ # +192 ctx # argument block
+ # +196 inp
+ # +200 end
+ # +204 esp
+ &sub ("esp",208);
+ &and ("esp",-64);
+
+ &vmovdqa(&QWP(112+0,"esp"), at X[4]); # copy constants
+ &vmovdqa(&QWP(112+16,"esp"), at X[5]);
+ &vmovdqa(&QWP(112+32,"esp"), at X[6]);
+ &shl ($D,6); # len*64
+ &vmovdqa(&QWP(112+48,"esp"), at X[3]);
+ &add ($D,$inp); # end of input
+ &vmovdqa(&QWP(112+64,"esp"), at X[2]);
+ &add ($inp,64);
+ &mov (&DWP(192+0,"esp"),$E); # save argument block
+ &mov (&DWP(192+4,"esp"),$inp);
+ &mov (&DWP(192+8,"esp"),$D);
+ &mov (&DWP(192+12,"esp"), at T[0]); # save original %esp
+
+ &mov ($A,&DWP(0,$E)); # load context
+ &mov ($B,&DWP(4,$E));
+ &mov ($C,&DWP(8,$E));
+ &mov ($D,&DWP(12,$E));
+ &mov ($E,&DWP(16,$E));
+ &mov (@T[0],$B); # magic seed
+
+ &vmovdqu(@X[-4&7],&QWP(-64,$inp)); # load input to %xmm[0-3]
+ &vmovdqu(@X[-3&7],&QWP(-48,$inp));
+ &vmovdqu(@X[-2&7],&QWP(-32,$inp));
+ &vmovdqu(@X[-1&7],&QWP(-16,$inp));
+ &vpshufb(@X[-4&7], at X[-4&7], at X[2]); # byte swap
+ &vpshufb(@X[-3&7], at X[-3&7], at X[2]);
+ &vpshufb(@X[-2&7], at X[-2&7], at X[2]);
+ &vmovdqa(&QWP(112-16,"esp"), at X[3]); # borrow last backtrace slot
+ &vpshufb(@X[-1&7], at X[-1&7], at X[2]);
+ &vpaddd (@X[0], at X[-4&7], at X[3]); # add K_00_19
+ &vpaddd (@X[1], at X[-3&7], at X[3]);
+ &vpaddd (@X[2], at X[-2&7], at X[3]);
+ &vmovdqa(&QWP(0,"esp"), at X[0]); # X[]+K xfer to IALU
+ &vmovdqa(&QWP(0+16,"esp"), at X[1]);
+ &vmovdqa(&QWP(0+32,"esp"), at X[2]);
+ &jmp (&label("loop"));
+
+sub Xupdate_avx_16_31() # recall that $Xi starts wtih 4
+{ use integer;
+ my $body = shift;
+ my @insns = (&$body,&$body,&$body,&$body); # 40 instructions
+ my ($a,$b,$c,$d,$e);
+
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &vpalignr(@X[0], at X[-3&7], at X[-4&7],8); # compose "X[-14]" in "X[0]"
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &vpaddd (@X[3], at X[3], at X[-1&7]);
+ &vmovdqa (&QWP(64+16*(($Xi-4)%3),"esp"), at X[-4&7]);# save X[] to backtrace buffer
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &vpsrldq(@X[2], at X[-1&7],4); # "X[-3]", 3 dwords
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &vpxor (@X[0], at X[0], at X[-4&7]); # "X[0]"^="X[-16]"
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &vpxor (@X[2], at X[2], at X[-2&7]); # "X[-3]"^"X[-8]"
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &vmovdqa (&QWP(0+16*(($Xi-1)&3),"esp"), at X[3]); # X[]+K xfer to IALU
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &vpxor (@X[0], at X[0], at X[2]); # "X[0]"^="X[-3]"^"X[-8]"
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &vpsrld (@X[2], at X[0],31);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &vpslldq(@X[4], at X[0],12); # "X[0]"<<96, extract one dword
+ &vpaddd (@X[0], at X[0], at X[0]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &vpsrld (@X[3], at X[4],30);
+ &vpor (@X[0], at X[0], at X[2]); # "X[0]"<<<=1
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &vpslld (@X[4], at X[4],2);
+ &vmovdqa (@X[2],&QWP(64+16*(($Xi-6)%3),"esp")) if ($Xi>5); # restore X[] from backtrace buffer
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &vpxor (@X[0], at X[0], at X[3]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &vpxor (@X[0], at X[0], at X[4]); # "X[0]"^=("X[0]"<<96)<<<2
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &vmovdqa (@X[4],&QWP(112-16+16*(($Xi)/5),"esp")); # K_XX_XX
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ foreach (@insns) { eval; } # remaining instructions [if any]
+
+ $Xi++; push(@X,shift(@X)); # "rotate" X[]
+}
+
+sub Xupdate_avx_32_79()
+{ use integer;
+ my $body = shift;
+ my @insns = (&$body,&$body,&$body,&$body); # 32 to 48 instructions
+ my ($a,$b,$c,$d,$e);
+
+ &vpalignr(@X[2], at X[-1&7], at X[-2&7],8); # compose "X[-6]"
+ &vpxor (@X[0], at X[0], at X[-4&7]); # "X[0]"="X[-32]"^"X[-16]"
+ eval(shift(@insns)); # body_20_39
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns)); # rol
+
+ &vpxor (@X[0], at X[0], at X[-7&7]); # "X[0]"^="X[-28]"
+ &vmovdqa (&QWP(64+16*(($Xi-4)%3),"esp"), at X[-4&7]); # save X[] to backtrace buffer
+ eval(shift(@insns));
+ eval(shift(@insns));
+ if ($Xi%5) {
+ &vmovdqa (@X[4], at X[3]); # "perpetuate" K_XX_XX...
+ } else { # ... or load next one
+ &vmovdqa (@X[4],&QWP(112-16+16*($Xi/5),"esp"));
+ }
+ &vpaddd (@X[3], at X[3], at X[-1&7]);
+ eval(shift(@insns)); # ror
+ eval(shift(@insns));
+
+ &vpxor (@X[0], at X[0], at X[2]); # "X[0]"^="X[-6]"
+ eval(shift(@insns)); # body_20_39
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns)); # rol
+
+ &vpsrld (@X[2], at X[0],30);
+ &vmovdqa (&QWP(0+16*(($Xi-1)&3),"esp"), at X[3]); # X[]+K xfer to IALU
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns)); # ror
+ eval(shift(@insns));
+
+ &vpslld (@X[0], at X[0],2);
+ eval(shift(@insns)); # body_20_39
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns)); # rol
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns)); # ror
+ eval(shift(@insns));
+
+ &vpor (@X[0], at X[0], at X[2]); # "X[0]"<<<=2
+ eval(shift(@insns)); # body_20_39
+ eval(shift(@insns));
+ &vmovdqa (@X[2],&QWP(64+16*(($Xi-6)%3),"esp")) if($Xi<19); # restore X[] from backtrace buffer
+ eval(shift(@insns));
+ eval(shift(@insns)); # rol
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns)); # ror
+ eval(shift(@insns));
+
+ foreach (@insns) { eval; } # remaining instructions
+
+ $Xi++; push(@X,shift(@X)); # "rotate" X[]
+}
+
+sub Xuplast_avx_80()
+{ use integer;
+ my $body = shift;
+ my @insns = (&$body,&$body,&$body,&$body); # 32 instructions
+ my ($a,$b,$c,$d,$e);
+
+ eval(shift(@insns));
+ &vpaddd (@X[3], at X[3], at X[-1&7]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &vmovdqa (&QWP(0+16*(($Xi-1)&3),"esp"), at X[3]); # X[]+K xfer IALU
+
+ foreach (@insns) { eval; } # remaining instructions
+
+ &mov ($inp=@T[1],&DWP(192+4,"esp"));
+ &cmp ($inp,&DWP(192+8,"esp"));
+ &je (&label("done"));
+
+ &vmovdqa(@X[3],&QWP(112+48,"esp")); # K_00_19
+ &vmovdqa(@X[2],&QWP(112+64,"esp")); # pbswap mask
+ &vmovdqu(@X[-4&7],&QWP(0,$inp)); # load input
+ &vmovdqu(@X[-3&7],&QWP(16,$inp));
+ &vmovdqu(@X[-2&7],&QWP(32,$inp));
+ &vmovdqu(@X[-1&7],&QWP(48,$inp));
+ &add ($inp,64);
+ &vpshufb(@X[-4&7], at X[-4&7], at X[2]); # byte swap
+ &mov (&DWP(192+4,"esp"),$inp);
+ &vmovdqa(&QWP(112-16,"esp"), at X[3]); # borrow last backtrace slot
+
+ $Xi=0;
+}
+
+sub Xloop_avx()
+{ use integer;
+ my $body = shift;
+ my @insns = (&$body,&$body,&$body,&$body); # 32 instructions
+ my ($a,$b,$c,$d,$e);
+
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &vpshufb (@X[($Xi-3)&7], at X[($Xi-3)&7], at X[2]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &vpaddd (@X[$Xi&7], at X[($Xi-4)&7], at X[3]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &vmovdqa (&QWP(0+16*$Xi,"esp"), at X[$Xi&7]); # X[]+K xfer to IALU
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ foreach (@insns) { eval; }
+ $Xi++;
+}
+
+sub Xtail_avx()
+{ use integer;
+ my $body = shift;
+ my @insns = (&$body,&$body,&$body,&$body); # 32 instructions
+ my ($a,$b,$c,$d,$e);
+
+ foreach (@insns) { eval; }
+}
+
+&set_label("loop",16);
+ &Xupdate_avx_16_31(\&body_00_19);
+ &Xupdate_avx_16_31(\&body_00_19);
+ &Xupdate_avx_16_31(\&body_00_19);
+ &Xupdate_avx_16_31(\&body_00_19);
+ &Xupdate_avx_32_79(\&body_00_19);
+ &Xupdate_avx_32_79(\&body_20_39);
+ &Xupdate_avx_32_79(\&body_20_39);
+ &Xupdate_avx_32_79(\&body_20_39);
+ &Xupdate_avx_32_79(\&body_20_39);
+ &Xupdate_avx_32_79(\&body_20_39);
+ &Xupdate_avx_32_79(\&body_40_59);
+ &Xupdate_avx_32_79(\&body_40_59);
+ &Xupdate_avx_32_79(\&body_40_59);
+ &Xupdate_avx_32_79(\&body_40_59);
+ &Xupdate_avx_32_79(\&body_40_59);
+ &Xupdate_avx_32_79(\&body_20_39);
+ &Xuplast_avx_80(\&body_20_39); # can jump to "done"
+
+ $saved_j=$j; @saved_V=@V;
+
+ &Xloop_avx(\&body_20_39);
+ &Xloop_avx(\&body_20_39);
+ &Xloop_avx(\&body_20_39);
+
+ &mov (@T[1],&DWP(192,"esp")); # update context
+ &add ($A,&DWP(0, at T[1]));
+ &add (@T[0],&DWP(4, at T[1])); # $b
+ &add ($C,&DWP(8, at T[1]));
+ &mov (&DWP(0, at T[1]),$A);
+ &add ($D,&DWP(12, at T[1]));
+ &mov (&DWP(4, at T[1]), at T[0]);
+ &add ($E,&DWP(16, at T[1]));
+ &mov (&DWP(8, at T[1]),$C);
+ &mov ($B, at T[0]);
+ &mov (&DWP(12, at T[1]),$D);
+ &mov (&DWP(16, at T[1]),$E);
+
+ &jmp (&label("loop"));
+
+&set_label("done",16); $j=$saved_j; @V=@saved_V;
+
+ &Xtail_avx(\&body_20_39);
+ &Xtail_avx(\&body_20_39);
+ &Xtail_avx(\&body_20_39);
+
+ &vzeroall();
+
+ &mov (@T[1],&DWP(192,"esp")); # update context
+ &add ($A,&DWP(0, at T[1]));
+ &mov ("esp",&DWP(192+12,"esp")); # restore %esp
+ &add (@T[0],&DWP(4, at T[1])); # $b
+ &add ($C,&DWP(8, at T[1]));
+ &mov (&DWP(0, at T[1]),$A);
+ &add ($D,&DWP(12, at T[1]));
+ &mov (&DWP(4, at T[1]), at T[0]);
+ &add ($E,&DWP(16, at T[1]));
+ &mov (&DWP(8, at T[1]),$C);
+ &mov (&DWP(12, at T[1]),$D);
+ &mov (&DWP(16, at T[1]),$E);
+&function_end("_sha1_block_data_order_avx");
+}
+&set_label("K_XX_XX",64);
+&data_word(0x5a827999,0x5a827999,0x5a827999,0x5a827999); # K_00_19
+&data_word(0x6ed9eba1,0x6ed9eba1,0x6ed9eba1,0x6ed9eba1); # K_20_39
+&data_word(0x8f1bbcdc,0x8f1bbcdc,0x8f1bbcdc,0x8f1bbcdc); # K_40_59
+&data_word(0xca62c1d6,0xca62c1d6,0xca62c1d6,0xca62c1d6); # K_60_79
+&data_word(0x00010203,0x04050607,0x08090a0b,0x0c0d0e0f); # pbswap mask
+}
+&asciz("SHA1 block transform for x86, CRYPTOGAMS by <appro\@openssl.org>");
+
&asm_finish();
Copied: trunk/crypto/openssl/crypto/sha/asm/sha1-alpha.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/sha/asm/sha1-alpha.pl)
===================================================================
--- trunk/crypto/openssl/crypto/sha/asm/sha1-alpha.pl (rev 0)
+++ trunk/crypto/openssl/crypto/sha/asm/sha1-alpha.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,322 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# SHA1 block procedure for Alpha.
+
+# On 21264 performance is 33% better than code generated by vendor
+# compiler, and 75% better than GCC [3.4], and in absolute terms is
+# 8.7 cycles per processed byte. Implementation features vectorized
+# byte swap, but not Xupdate.
+
+ at X=( "\$0", "\$1", "\$2", "\$3", "\$4", "\$5", "\$6", "\$7",
+ "\$8", "\$9", "\$10", "\$11", "\$12", "\$13", "\$14", "\$15");
+$ctx="a0"; # $16
+$inp="a1";
+$num="a2";
+$A="a3";
+$B="a4"; # 20
+$C="a5";
+$D="t8";
+$E="t9"; @V=($A,$B,$C,$D,$E);
+$t0="t10"; # 24
+$t1="t11";
+$t2="ra";
+$t3="t12";
+$K="AT"; # 28
+
+sub BODY_00_19 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i+1;
+$code.=<<___ if ($i==0);
+ ldq_u @X[0],0+0($inp)
+ ldq_u @X[1],0+7($inp)
+___
+$code.=<<___ if (!($i&1) && $i<14);
+ ldq_u @X[$i+2],($i+2)*4+0($inp)
+ ldq_u @X[$i+3],($i+2)*4+7($inp)
+___
+$code.=<<___ if (!($i&1) && $i<15);
+ extql @X[$i],$inp, at X[$i]
+ extqh @X[$i+1],$inp, at X[$i+1]
+
+ or @X[$i+1], at X[$i], at X[$i] # pair of 32-bit values are fetched
+
+ srl @X[$i],24,$t0 # vectorized byte swap
+ srl @X[$i],8,$t2
+
+ sll @X[$i],8,$t3
+ sll @X[$i],24, at X[$i]
+ zapnot $t0,0x11,$t0
+ zapnot $t2,0x22,$t2
+
+ zapnot @X[$i],0x88, at X[$i]
+ or $t0,$t2,$t0
+ zapnot $t3,0x44,$t3
+ sll $a,5,$t1
+
+ or @X[$i],$t0, at X[$i]
+ addl $K,$e,$e
+ and $b,$c,$t2
+ zapnot $a,0xf,$a
+
+ or @X[$i],$t3, at X[$i]
+ srl $a,27,$t0
+ bic $d,$b,$t3
+ sll $b,30,$b
+
+ extll @X[$i],4, at X[$i+1] # extract upper half
+ or $t2,$t3,$t2
+ addl @X[$i],$e,$e
+
+ addl $t1,$e,$e
+ srl $b,32,$t3
+ zapnot @X[$i],0xf, at X[$i]
+
+ addl $t0,$e,$e
+ addl $t2,$e,$e
+ or $t3,$b,$b
+___
+$code.=<<___ if (($i&1) && $i<15);
+ sll $a,5,$t1
+ addl $K,$e,$e
+ and $b,$c,$t2
+ zapnot $a,0xf,$a
+
+ srl $a,27,$t0
+ addl @X[$i%16],$e,$e
+ bic $d,$b,$t3
+ sll $b,30,$b
+
+ or $t2,$t3,$t2
+ addl $t1,$e,$e
+ srl $b,32,$t3
+ zapnot @X[$i],0xf, at X[$i]
+
+ addl $t0,$e,$e
+ addl $t2,$e,$e
+ or $t3,$b,$b
+___
+$code.=<<___ if ($i>=15); # with forward Xupdate
+ sll $a,5,$t1
+ addl $K,$e,$e
+ and $b,$c,$t2
+ xor @X[($j+2)%16], at X[$j%16], at X[$j%16]
+
+ zapnot $a,0xf,$a
+ addl @X[$i%16],$e,$e
+ bic $d,$b,$t3
+ xor @X[($j+8)%16], at X[$j%16], at X[$j%16]
+
+ srl $a,27,$t0
+ addl $t1,$e,$e
+ or $t2,$t3,$t2
+ xor @X[($j+13)%16], at X[$j%16], at X[$j%16]
+
+ sll $b,30,$b
+ addl $t0,$e,$e
+ srl @X[$j%16],31,$t1
+
+ addl $t2,$e,$e
+ srl $b,32,$t3
+ addl @X[$j%16], at X[$j%16], at X[$j%16]
+
+ or $t3,$b,$b
+ zapnot @X[$i%16],0xf, at X[$i%16]
+ or $t1, at X[$j%16], at X[$j%16]
+___
+}
+
+sub BODY_20_39 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i+1;
+$code.=<<___ if ($i<79); # with forward Xupdate
+ sll $a,5,$t1
+ addl $K,$e,$e
+ zapnot $a,0xf,$a
+ xor @X[($j+2)%16], at X[$j%16], at X[$j%16]
+
+ sll $b,30,$t3
+ addl $t1,$e,$e
+ xor $b,$c,$t2
+ xor @X[($j+8)%16], at X[$j%16], at X[$j%16]
+
+ srl $b,2,$b
+ addl @X[$i%16],$e,$e
+ xor $d,$t2,$t2
+ xor @X[($j+13)%16], at X[$j%16], at X[$j%16]
+
+ srl @X[$j%16],31,$t1
+ addl $t2,$e,$e
+ srl $a,27,$t0
+ addl @X[$j%16], at X[$j%16], at X[$j%16]
+
+ or $t3,$b,$b
+ addl $t0,$e,$e
+ or $t1, at X[$j%16], at X[$j%16]
+___
+$code.=<<___ if ($i<77);
+ zapnot @X[$i%16],0xf, at X[$i%16]
+___
+$code.=<<___ if ($i==79); # with context fetch
+ sll $a,5,$t1
+ addl $K,$e,$e
+ zapnot $a,0xf,$a
+ ldl @X[0],0($ctx)
+
+ sll $b,30,$t3
+ addl $t1,$e,$e
+ xor $b,$c,$t2
+ ldl @X[1],4($ctx)
+
+ srl $b,2,$b
+ addl @X[$i%16],$e,$e
+ xor $d,$t2,$t2
+ ldl @X[2],8($ctx)
+
+ srl $a,27,$t0
+ addl $t2,$e,$e
+ ldl @X[3],12($ctx)
+
+ or $t3,$b,$b
+ addl $t0,$e,$e
+ ldl @X[4],16($ctx)
+___
+}
+
+sub BODY_40_59 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i+1;
+$code.=<<___; # with forward Xupdate
+ sll $a,5,$t1
+ addl $K,$e,$e
+ zapnot $a,0xf,$a
+ xor @X[($j+2)%16], at X[$j%16], at X[$j%16]
+
+ srl $a,27,$t0
+ and $b,$c,$t2
+ and $b,$d,$t3
+ xor @X[($j+8)%16], at X[$j%16], at X[$j%16]
+
+ sll $b,30,$b
+ addl $t1,$e,$e
+ xor @X[($j+13)%16], at X[$j%16], at X[$j%16]
+
+ srl @X[$j%16],31,$t1
+ addl $t0,$e,$e
+ or $t2,$t3,$t2
+ and $c,$d,$t3
+
+ or $t2,$t3,$t2
+ srl $b,32,$t3
+ addl @X[$i%16],$e,$e
+ addl @X[$j%16], at X[$j%16], at X[$j%16]
+
+ or $t3,$b,$b
+ addl $t2,$e,$e
+ or $t1, at X[$j%16], at X[$j%16]
+ zapnot @X[$i%16],0xf, at X[$i%16]
+___
+}
+
+$code=<<___;
+#ifdef __linux__
+#include <asm/regdef.h>
+#else
+#include <asm.h>
+#include <regdef.h>
+#endif
+
+.text
+
+.set noat
+.set noreorder
+.globl sha1_block_data_order
+.align 5
+.ent sha1_block_data_order
+sha1_block_data_order:
+ lda sp,-64(sp)
+ stq ra,0(sp)
+ stq s0,8(sp)
+ stq s1,16(sp)
+ stq s2,24(sp)
+ stq s3,32(sp)
+ stq s4,40(sp)
+ stq s5,48(sp)
+ stq fp,56(sp)
+ .mask 0x0400fe00,-64
+ .frame sp,64,ra
+ .prologue 0
+
+ ldl $A,0($ctx)
+ ldl $B,4($ctx)
+ sll $num,6,$num
+ ldl $C,8($ctx)
+ ldl $D,12($ctx)
+ ldl $E,16($ctx)
+ addq $inp,$num,$num
+
+.Lloop:
+ .set noreorder
+ ldah $K,23170(zero)
+ zapnot $B,0xf,$B
+ lda $K,31129($K) # K_00_19
+___
+for ($i=0;$i<20;$i++) { &BODY_00_19($i, at V); unshift(@V,pop(@V)); }
+
+$code.=<<___;
+ ldah $K,28378(zero)
+ lda $K,-5215($K) # K_20_39
+___
+for (;$i<40;$i++) { &BODY_20_39($i, at V); unshift(@V,pop(@V)); }
+
+$code.=<<___;
+ ldah $K,-28900(zero)
+ lda $K,-17188($K) # K_40_59
+___
+for (;$i<60;$i++) { &BODY_40_59($i, at V); unshift(@V,pop(@V)); }
+
+$code.=<<___;
+ ldah $K,-13725(zero)
+ lda $K,-15914($K) # K_60_79
+___
+for (;$i<80;$i++) { &BODY_20_39($i, at V); unshift(@V,pop(@V)); }
+
+$code.=<<___;
+ addl @X[0],$A,$A
+ addl @X[1],$B,$B
+ addl @X[2],$C,$C
+ addl @X[3],$D,$D
+ addl @X[4],$E,$E
+ stl $A,0($ctx)
+ stl $B,4($ctx)
+ addq $inp,64,$inp
+ stl $C,8($ctx)
+ stl $D,12($ctx)
+ stl $E,16($ctx)
+ cmpult $inp,$num,$t1
+ bne $t1,.Lloop
+
+ .set noreorder
+ ldq ra,0(sp)
+ ldq s0,8(sp)
+ ldq s1,16(sp)
+ ldq s2,24(sp)
+ ldq s3,32(sp)
+ ldq s4,40(sp)
+ ldq s5,48(sp)
+ ldq fp,56(sp)
+ lda sp,64(sp)
+ ret (ra)
+.end sha1_block_data_order
+.ascii "SHA1 block transform for Alpha, CRYPTOGAMS by <appro\@openssl.org>"
+.align 2
+___
+$output=shift and open STDOUT,">$output";
+print $code;
+close STDOUT;
Copied: trunk/crypto/openssl/crypto/sha/asm/sha1-armv4-large.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/sha/asm/sha1-armv4-large.pl)
===================================================================
--- trunk/crypto/openssl/crypto/sha/asm/sha1-armv4-large.pl (rev 0)
+++ trunk/crypto/openssl/crypto/sha/asm/sha1-armv4-large.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,248 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# sha1_block procedure for ARMv4.
+#
+# January 2007.
+
+# Size/performance trade-off
+# ====================================================================
+# impl size in bytes comp cycles[*] measured performance
+# ====================================================================
+# thumb 304 3212 4420
+# armv4-small 392/+29% 1958/+64% 2250/+96%
+# armv4-compact 740/+89% 1552/+26% 1840/+22%
+# armv4-large 1420/+92% 1307/+19% 1370/+34%[***]
+# full unroll ~5100/+260% ~1260/+4% ~1300/+5%
+# ====================================================================
+# thumb = same as 'small' but in Thumb instructions[**] and
+# with recurring code in two private functions;
+# small = detached Xload/update, loops are folded;
+# compact = detached Xload/update, 5x unroll;
+# large = interleaved Xload/update, 5x unroll;
+# full unroll = interleaved Xload/update, full unroll, estimated[!];
+#
+# [*] Manually counted instructions in "grand" loop body. Measured
+# performance is affected by prologue and epilogue overhead,
+# i-cache availability, branch penalties, etc.
+# [**] While each Thumb instruction is twice smaller, they are not as
+# diverse as ARM ones: e.g., there are only two arithmetic
+# instructions with 3 arguments, no [fixed] rotate, addressing
+# modes are limited. As result it takes more instructions to do
+# the same job in Thumb, therefore the code is never twice as
+# small and always slower.
+# [***] which is also ~35% better than compiler generated code. Dual-
+# issue Cortex A8 core was measured to process input block in
+# ~990 cycles.
+
+# August 2010.
+#
+# Rescheduling for dual-issue pipeline resulted in 13% improvement on
+# Cortex A8 core and in absolute terms ~870 cycles per input block
+# [or 13.6 cycles per byte].
+
+# February 2011.
+#
+# Profiler-assisted and platform-specific optimization resulted in 10%
+# improvement on Cortex A8 core and 12.2 cycles per byte.
+
+while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
+open STDOUT,">$output";
+
+$ctx="r0";
+$inp="r1";
+$len="r2";
+$a="r3";
+$b="r4";
+$c="r5";
+$d="r6";
+$e="r7";
+$K="r8";
+$t0="r9";
+$t1="r10";
+$t2="r11";
+$t3="r12";
+$Xi="r14";
+ at V=($a,$b,$c,$d,$e);
+
+sub Xupdate {
+my ($a,$b,$c,$d,$e,$opt1,$opt2)=@_;
+$code.=<<___;
+ ldr $t0,[$Xi,#15*4]
+ ldr $t1,[$Xi,#13*4]
+ ldr $t2,[$Xi,#7*4]
+ add $e,$K,$e,ror#2 @ E+=K_xx_xx
+ ldr $t3,[$Xi,#2*4]
+ eor $t0,$t0,$t1
+ eor $t2,$t2,$t3 @ 1 cycle stall
+ eor $t1,$c,$d @ F_xx_xx
+ mov $t0,$t0,ror#31
+ add $e,$e,$a,ror#27 @ E+=ROR(A,27)
+ eor $t0,$t0,$t2,ror#31
+ str $t0,[$Xi,#-4]!
+ $opt1 @ F_xx_xx
+ $opt2 @ F_xx_xx
+ add $e,$e,$t0 @ E+=X[i]
+___
+}
+
+sub BODY_00_15 {
+my ($a,$b,$c,$d,$e)=@_;
+$code.=<<___;
+#if __ARM_ARCH__<7
+ ldrb $t1,[$inp,#2]
+ ldrb $t0,[$inp,#3]
+ ldrb $t2,[$inp,#1]
+ add $e,$K,$e,ror#2 @ E+=K_00_19
+ ldrb $t3,[$inp],#4
+ orr $t0,$t0,$t1,lsl#8
+ eor $t1,$c,$d @ F_xx_xx
+ orr $t0,$t0,$t2,lsl#16
+ add $e,$e,$a,ror#27 @ E+=ROR(A,27)
+ orr $t0,$t0,$t3,lsl#24
+#else
+ ldr $t0,[$inp],#4 @ handles unaligned
+ add $e,$K,$e,ror#2 @ E+=K_00_19
+ eor $t1,$c,$d @ F_xx_xx
+ add $e,$e,$a,ror#27 @ E+=ROR(A,27)
+#ifdef __ARMEL__
+ rev $t0,$t0 @ byte swap
+#endif
+#endif
+ and $t1,$b,$t1,ror#2
+ add $e,$e,$t0 @ E+=X[i]
+ eor $t1,$t1,$d,ror#2 @ F_00_19(B,C,D)
+ str $t0,[$Xi,#-4]!
+ add $e,$e,$t1 @ E+=F_00_19(B,C,D)
+___
+}
+
+sub BODY_16_19 {
+my ($a,$b,$c,$d,$e)=@_;
+ &Xupdate(@_,"and $t1,$b,$t1,ror#2");
+$code.=<<___;
+ eor $t1,$t1,$d,ror#2 @ F_00_19(B,C,D)
+ add $e,$e,$t1 @ E+=F_00_19(B,C,D)
+___
+}
+
+sub BODY_20_39 {
+my ($a,$b,$c,$d,$e)=@_;
+ &Xupdate(@_,"eor $t1,$b,$t1,ror#2");
+$code.=<<___;
+ add $e,$e,$t1 @ E+=F_20_39(B,C,D)
+___
+}
+
+sub BODY_40_59 {
+my ($a,$b,$c,$d,$e)=@_;
+ &Xupdate(@_,"and $t1,$b,$t1,ror#2","and $t2,$c,$d");
+$code.=<<___;
+ add $e,$e,$t1 @ E+=F_40_59(B,C,D)
+ add $e,$e,$t2,ror#2
+___
+}
+
+$code=<<___;
+#include "arm_arch.h"
+
+.text
+
+.global sha1_block_data_order
+.type sha1_block_data_order,%function
+
+.align 2
+sha1_block_data_order:
+ stmdb sp!,{r4-r12,lr}
+ add $len,$inp,$len,lsl#6 @ $len to point at the end of $inp
+ ldmia $ctx,{$a,$b,$c,$d,$e}
+.Lloop:
+ ldr $K,.LK_00_19
+ mov $Xi,sp
+ sub sp,sp,#15*4
+ mov $c,$c,ror#30
+ mov $d,$d,ror#30
+ mov $e,$e,ror#30 @ [6]
+.L_00_15:
+___
+for($i=0;$i<5;$i++) {
+ &BODY_00_15(@V); unshift(@V,pop(@V));
+}
+$code.=<<___;
+ teq $Xi,sp
+ bne .L_00_15 @ [((11+4)*5+2)*3]
+ sub sp,sp,#25*4
+___
+ &BODY_00_15(@V); unshift(@V,pop(@V));
+ &BODY_16_19(@V); unshift(@V,pop(@V));
+ &BODY_16_19(@V); unshift(@V,pop(@V));
+ &BODY_16_19(@V); unshift(@V,pop(@V));
+ &BODY_16_19(@V); unshift(@V,pop(@V));
+$code.=<<___;
+
+ ldr $K,.LK_20_39 @ [+15+16*4]
+ cmn sp,#0 @ [+3], clear carry to denote 20_39
+.L_20_39_or_60_79:
+___
+for($i=0;$i<5;$i++) {
+ &BODY_20_39(@V); unshift(@V,pop(@V));
+}
+$code.=<<___;
+ teq $Xi,sp @ preserve carry
+ bne .L_20_39_or_60_79 @ [+((12+3)*5+2)*4]
+ bcs .L_done @ [+((12+3)*5+2)*4], spare 300 bytes
+
+ ldr $K,.LK_40_59
+ sub sp,sp,#20*4 @ [+2]
+.L_40_59:
+___
+for($i=0;$i<5;$i++) {
+ &BODY_40_59(@V); unshift(@V,pop(@V));
+}
+$code.=<<___;
+ teq $Xi,sp
+ bne .L_40_59 @ [+((12+5)*5+2)*4]
+
+ ldr $K,.LK_60_79
+ sub sp,sp,#20*4
+ cmp sp,#0 @ set carry to denote 60_79
+ b .L_20_39_or_60_79 @ [+4], spare 300 bytes
+.L_done:
+ add sp,sp,#80*4 @ "deallocate" stack frame
+ ldmia $ctx,{$K,$t0,$t1,$t2,$t3}
+ add $a,$K,$a
+ add $b,$t0,$b
+ add $c,$t1,$c,ror#2
+ add $d,$t2,$d,ror#2
+ add $e,$t3,$e,ror#2
+ stmia $ctx,{$a,$b,$c,$d,$e}
+ teq $inp,$len
+ bne .Lloop @ [+18], total 1307
+
+#if __ARM_ARCH__>=5
+ ldmia sp!,{r4-r12,pc}
+#else
+ ldmia sp!,{r4-r12,lr}
+ tst lr,#1
+ moveq pc,lr @ be binary compatible with V4, yet
+ bx lr @ interoperable with Thumb ISA:-)
+#endif
+.align 2
+.LK_00_19: .word 0x5a827999
+.LK_20_39: .word 0x6ed9eba1
+.LK_40_59: .word 0x8f1bbcdc
+.LK_60_79: .word 0xca62c1d6
+.size sha1_block_data_order,.-sha1_block_data_order
+.asciz "SHA1 block transform for ARMv4, CRYPTOGAMS by <appro\@openssl.org>"
+.align 2
+___
+
+$code =~ s/\bbx\s+lr\b/.word\t0xe12fff1e/gm; # make it possible to compile with -march=armv4
+print $code;
+close STDOUT; # enforce flush
Modified: trunk/crypto/openssl/crypto/sha/asm/sha1-ia64.pl
===================================================================
--- trunk/crypto/openssl/crypto/sha/asm/sha1-ia64.pl 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/sha/asm/sha1-ia64.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -15,7 +15,7 @@
# is >50% better than HP C and >2x better than gcc.
$code=<<___;
-.ident \"sha1-ia64.s, version 1.2\"
+.ident \"sha1-ia64.s, version 1.3\"
.ident \"IA-64 ISA artwork by Andy Polyakov <appro\@fy.chalmers.se>\"
.explicit
@@ -26,14 +26,10 @@
$ADDP="addp4";
for (@ARGV) { $ADDP="add" if (/[\+DD|\-mlp]64/); }
} else { $ADDP="add"; }
-for (@ARGV) { $big_endian=1 if (/\-DB_ENDIAN/);
- $big_endian=0 if (/\-DL_ENDIAN/); }
-if (!defined($big_endian))
- { $big_endian=(unpack('L',pack('N',1))==1); }
#$human=1;
if ($human) { # useful for visual code auditing...
- ($A,$B,$C,$D,$E,$T) = ("A","B","C","D","E","T");
+ ($A,$B,$C,$D,$E) = ("A","B","C","D","E");
($h0,$h1,$h2,$h3,$h4) = ("h0","h1","h2","h3","h4");
($K_00_19, $K_20_39, $K_40_59, $K_60_79) =
( "K_00_19","K_20_39","K_40_59","K_60_79" );
@@ -41,10 +37,10 @@
"X8", "X9","X10","X11","X12","X13","X14","X15" );
}
else {
- ($A,$B,$C,$D,$E,$T) = ("loc0","loc1","loc2","loc3","loc4","loc5");
- ($h0,$h1,$h2,$h3,$h4) = ("loc6","loc7","loc8","loc9","loc10");
+ ($A,$B,$C,$D,$E) = ("loc0","loc1","loc2","loc3","loc4");
+ ($h0,$h1,$h2,$h3,$h4) = ("loc5","loc6","loc7","loc8","loc9");
($K_00_19, $K_20_39, $K_40_59, $K_60_79) =
- ( "r14", "r15", "loc11", "loc12" );
+ ( "r14", "r15", "loc10", "loc11" );
@X= ( "r16", "r17", "r18", "r19", "r20", "r21", "r22", "r23",
"r24", "r25", "r26", "r27", "r28", "r29", "r30", "r31" );
}
@@ -51,37 +47,40 @@
sub BODY_00_15 {
local *code=shift;
-local ($i,$a,$b,$c,$d,$e,$f)=@_;
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i+1;
+my $Xn=@X[$j%16];
$code.=<<___ if ($i==0);
-{ .mmi; ld1 $X[$i&0xf]=[inp],2 // MSB
+{ .mmi; ld1 $X[$i]=[inp],2 // MSB
ld1 tmp2=[tmp3],2 };;
{ .mmi; ld1 tmp0=[inp],2
ld1 tmp4=[tmp3],2 // LSB
- dep $X[$i&0xf]=$X[$i&0xf],tmp2,8,8 };;
+ dep $X[$i]=$X[$i],tmp2,8,8 };;
___
if ($i<15) {
$code.=<<___;
-{ .mmi; ld1 $X[($i+1)&0xf]=[inp],2 // +1
+{ .mmi; ld1 $Xn=[inp],2 // forward Xload
+ nop.m 0x0
dep tmp1=tmp0,tmp4,8,8 };;
-{ .mmi; ld1 tmp2=[tmp3],2 // +1
+{ .mmi; ld1 tmp2=[tmp3],2 // forward Xload
and tmp4=$c,$b
- dep $X[$i&0xf]=$X[$i&0xf],tmp1,16,16 } //;;
-{ .mmi; andcm tmp1=$d,$b
- add tmp0=$e,$K_00_19
+ dep $X[$i]=$X[$i],tmp1,16,16} //;;
+{ .mmi; add $e=$e,$K_00_19 // e+=K_00_19
+ andcm tmp1=$d,$b
dep.z tmp5=$a,5,27 };; // a<<5
-{ .mmi; or tmp4=tmp4,tmp1 // F_00_19(b,c,d)=(b&c)|(~b&d)
- add $f=tmp0,$X[$i&0xf] // f=xi+e+K_00_19
+{ .mmi; add $e=$e,$X[$i] // e+=Xload
+ or tmp4=tmp4,tmp1 // F_00_19(b,c,d)=(b&c)|(~b&d)
extr.u tmp1=$a,27,5 };; // a>>27
-{ .mmi; ld1 tmp0=[inp],2 // +1
- add $f=$f,tmp4 // f+=F_00_19(b,c,d)
+{ .mmi; ld1 tmp0=[inp],2 // forward Xload
+ add $e=$e,tmp4 // e+=F_00_19(b,c,d)
shrp $b=tmp6,tmp6,2 } // b=ROTATE(b,30)
-{ .mmi; ld1 tmp4=[tmp3],2 // +1
+{ .mmi; ld1 tmp4=[tmp3],2 // forward Xload
or tmp5=tmp1,tmp5 // ROTATE(a,5)
mux2 tmp6=$a,0x44 };; // see b in next iteration
-{ .mii; add $f=$f,tmp5 // f+=ROTATE(a,5)
- dep $X[($i+1)&0xf]=$X[($i+1)&0xf],tmp2,8,8 // +1
- mux2 $X[$i&0xf]=$X[$i&0xf],0x44 } //;;
+{ .mii; add $e=$e,tmp5 // e+=ROTATE(a,5)
+ dep $Xn=$Xn,tmp2,8,8 // forward Xload
+ mux2 $X[$i]=$X[$i],0x44 } //;;
___
}
@@ -89,24 +88,24 @@
$code.=<<___;
{ .mii; and tmp3=$c,$b
dep tmp1=tmp0,tmp4,8,8;;
- dep $X[$i&0xf]=$X[$i&0xf],tmp1,16,16 } //;;
-{ .mmi; andcm tmp1=$d,$b
- add tmp0=$e,$K_00_19
+ dep $X[$i]=$X[$i],tmp1,16,16} //;;
+{ .mmi; add $e=$e,$K_00_19 // e+=K_00_19
+ andcm tmp1=$d,$b
dep.z tmp5=$a,5,27 };; // a<<5
-{ .mmi; or tmp4=tmp3,tmp1 // F_00_19(b,c,d)=(b&c)|(~b&d)
- add $f=tmp0,$X[$i&0xf] // f=xi+e+K_00_19
+{ .mmi; add $e=$e,$X[$i] // e+=Xupdate
+ or tmp4=tmp3,tmp1 // F_00_19(b,c,d)=(b&c)|(~b&d)
extr.u tmp1=$a,27,5 } // a>>27
-{ .mmi; xor tmp2=$X[($i+0+1)&0xf],$X[($i+2+1)&0xf] // +1
- xor tmp3=$X[($i+8+1)&0xf],$X[($i+13+1)&0xf] // +1
+{ .mmi; xor $Xn=$Xn,$X[($j+2)%16] // forward Xupdate
+ xor tmp3=$X[($j+8)%16],$X[($j+13)%16] // forward Xupdate
nop.i 0 };;
-{ .mmi; add $f=$f,tmp4 // f+=F_00_19(b,c,d)
- xor tmp2=tmp2,tmp3 // +1
+{ .mmi; add $e=$e,tmp4 // e+=F_00_19(b,c,d)
+ xor $Xn=$Xn,tmp3 // forward Xupdate
shrp $b=tmp6,tmp6,2 } // b=ROTATE(b,30)
{ .mmi; or tmp1=tmp1,tmp5 // ROTATE(a,5)
mux2 tmp6=$a,0x44 };; // see b in next iteration
-{ .mii; add $f=$f,tmp1 // f+=ROTATE(a,5)
- shrp $e=tmp2,tmp2,31 // f+1=ROTATE(x[0]^x[2]^x[8]^x[13],1)
- mux2 $X[$i&0xf]=$X[$i&0xf],0x44 };;
+{ .mii; add $e=$e,tmp1 // e+=ROTATE(a,5)
+ shrp $Xn=$Xn,$Xn,31 // ROTATE(x[0]^x[2]^x[8]^x[13],1)
+ mux2 $X[$i]=$X[$i],0x44 };;
___
}
@@ -114,27 +113,28 @@
sub BODY_16_19 {
local *code=shift;
-local ($i,$a,$b,$c,$d,$e,$f)=@_;
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i+1;
+my $Xn=@X[$j%16];
$code.=<<___;
-{ .mmi; mov $X[$i&0xf]=$f // Xupdate
- and tmp0=$c,$b
+{ .mib; add $e=$e,$K_00_19 // e+=K_00_19
dep.z tmp5=$a,5,27 } // a<<5
-{ .mmi; andcm tmp1=$d,$b
- add tmp4=$e,$K_00_19 };;
-{ .mmi; or tmp0=tmp0,tmp1 // F_00_19(b,c,d)=(b&c)|(~b&d)
- add $f=$f,tmp4 // f+=e+K_00_19
+{ .mib; andcm tmp1=$d,$b
+ and tmp0=$c,$b };;
+{ .mmi; add $e=$e,$X[$i%16] // e+=Xupdate
+ or tmp0=tmp0,tmp1 // F_00_19(b,c,d)=(b&c)|(~b&d)
extr.u tmp1=$a,27,5 } // a>>27
-{ .mmi; xor tmp2=$X[($i+0+1)&0xf],$X[($i+2+1)&0xf] // +1
- xor tmp3=$X[($i+8+1)&0xf],$X[($i+13+1)&0xf] // +1
+{ .mmi; xor $Xn=$Xn,$X[($j+2)%16] // forward Xupdate
+ xor tmp3=$X[($j+8)%16],$X[($j+13)%16] // forward Xupdate
nop.i 0 };;
-{ .mmi; add $f=$f,tmp0 // f+=F_00_19(b,c,d)
- xor tmp2=tmp2,tmp3 // +1
+{ .mmi; add $e=$e,tmp0 // f+=F_00_19(b,c,d)
+ xor $Xn=$Xn,tmp3 // forward Xupdate
shrp $b=tmp6,tmp6,2 } // b=ROTATE(b,30)
{ .mmi; or tmp1=tmp1,tmp5 // ROTATE(a,5)
mux2 tmp6=$a,0x44 };; // see b in next iteration
-{ .mii; add $f=$f,tmp1 // f+=ROTATE(a,5)
- shrp $e=tmp2,tmp2,31 // f+1=ROTATE(x[0]^x[2]^x[8]^x[13],1)
+{ .mii; add $e=$e,tmp1 // e+=ROTATE(a,5)
+ shrp $Xn=$Xn,$Xn,31 // ROTATE(x[0]^x[2]^x[8]^x[13],1)
nop.i 0 };;
___
@@ -142,28 +142,28 @@
sub BODY_20_39 {
local *code=shift;
-local ($i,$a,$b,$c,$d,$e,$f,$Konst)=@_;
+my ($i,$a,$b,$c,$d,$e,$Konst)=@_;
$Konst = $K_20_39 if (!defined($Konst));
+my $j=$i+1;
+my $Xn=@X[$j%16];
if ($i<79) {
$code.=<<___;
-{ .mib; mov $X[$i&0xf]=$f // Xupdate
+{ .mib; add $e=$e,$Konst // e+=K_XX_XX
dep.z tmp5=$a,5,27 } // a<<5
{ .mib; xor tmp0=$c,$b
- add tmp4=$e,$Konst };;
-{ .mmi; xor tmp0=tmp0,$d // F_20_39(b,c,d)=b^c^d
- add $f=$f,tmp4 // f+=e+K_20_39
+ xor $Xn=$Xn,$X[($j+2)%16] };; // forward Xupdate
+{ .mib; add $e=$e,$X[$i%16] // e+=Xupdate
extr.u tmp1=$a,27,5 } // a>>27
-{ .mmi; xor tmp2=$X[($i+0+1)&0xf],$X[($i+2+1)&0xf] // +1
- xor tmp3=$X[($i+8+1)&0xf],$X[($i+13+1)&0xf] // +1
- nop.i 0 };;
-{ .mmi; add $f=$f,tmp0 // f+=F_20_39(b,c,d)
- xor tmp2=tmp2,tmp3 // +1
+{ .mib; xor tmp0=tmp0,$d // F_20_39(b,c,d)=b^c^d
+ xor $Xn=$Xn,$X[($j+8)%16] };; // forward Xupdate
+{ .mmi; add $e=$e,tmp0 // e+=F_20_39(b,c,d)
+ xor $Xn=$Xn,$X[($j+13)%16] // forward Xupdate
shrp $b=tmp6,tmp6,2 } // b=ROTATE(b,30)
{ .mmi; or tmp1=tmp1,tmp5 // ROTATE(a,5)
mux2 tmp6=$a,0x44 };; // see b in next iteration
-{ .mii; add $f=$f,tmp1 // f+=ROTATE(a,5)
- shrp $e=tmp2,tmp2,31 // f+1=ROTATE(x[0]^x[2]^x[8]^x[13],1)
+{ .mii; add $e=$e,tmp1 // e+=ROTATE(a,5)
+ shrp $Xn=$Xn,$Xn,31 // ROTATE(x[0]^x[2]^x[8]^x[13],1)
nop.i 0 };;
___
@@ -170,21 +170,19 @@
}
else {
$code.=<<___;
-{ .mib; mov $X[$i&0xf]=$f // Xupdate
+{ .mib; add $e=$e,$Konst // e+=K_60_79
dep.z tmp5=$a,5,27 } // a<<5
{ .mib; xor tmp0=$c,$b
- add tmp4=$e,$Konst };;
+ add $h1=$h1,$a };; // wrap up
+{ .mib; add $e=$e,$X[$i%16] // e+=Xupdate
+ extr.u tmp1=$a,27,5 } // a>>27
{ .mib; xor tmp0=tmp0,$d // F_20_39(b,c,d)=b^c^d
- extr.u tmp1=$a,27,5 } // a>>27
-{ .mib; add $f=$f,tmp4 // f+=e+K_20_39
- add $h1=$h1,$a };; // wrap up
-{ .mmi; add $f=$f,tmp0 // f+=F_20_39(b,c,d)
- shrp $b=tmp6,tmp6,2 } // b=ROTATE(b,30) ;;?
-{ .mmi; or tmp1=tmp1,tmp5 // ROTATE(a,5)
add $h3=$h3,$c };; // wrap up
-{ .mib; add tmp3=1,inp // used in unaligned codepath
- add $f=$f,tmp1 } // f+=ROTATE(a,5)
-{ .mib; add $h2=$h2,$b // wrap up
+{ .mmi; add $e=$e,tmp0 // e+=F_20_39(b,c,d)
+ or tmp1=tmp1,tmp5 // ROTATE(a,5)
+ shrp $b=tmp6,tmp6,2 };; // b=ROTATE(b,30) ;;?
+{ .mmi; add $e=$e,tmp1 // e+=ROTATE(a,5)
+ add tmp3=1,inp // used in unaligned codepath
add $h4=$h4,$d };; // wrap up
___
@@ -193,29 +191,29 @@
sub BODY_40_59 {
local *code=shift;
-local ($i,$a,$b,$c,$d,$e,$f)=@_;
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i+1;
+my $Xn=@X[$j%16];
$code.=<<___;
-{ .mmi; mov $X[$i&0xf]=$f // Xupdate
- and tmp0=$c,$b
+{ .mib; add $e=$e,$K_40_59 // e+=K_40_59
dep.z tmp5=$a,5,27 } // a<<5
-{ .mmi; and tmp1=$d,$b
- add tmp4=$e,$K_40_59 };;
-{ .mmi; or tmp0=tmp0,tmp1 // (b&c)|(b&d)
- add $f=$f,tmp4 // f+=e+K_40_59
+{ .mib; and tmp1=$c,$d
+ xor tmp0=$c,$d };;
+{ .mmi; add $e=$e,$X[$i%16] // e+=Xupdate
+ add tmp5=tmp5,tmp1 // a<<5+(c&d)
extr.u tmp1=$a,27,5 } // a>>27
-{ .mmi; and tmp4=$c,$d
- xor tmp2=$X[($i+0+1)&0xf],$X[($i+2+1)&0xf] // +1
- xor tmp3=$X[($i+8+1)&0xf],$X[($i+13+1)&0xf] // +1
- };;
-{ .mmi; or tmp1=tmp1,tmp5 // ROTATE(a,5)
- xor tmp2=tmp2,tmp3 // +1
+{ .mmi; and tmp0=tmp0,$b
+ xor $Xn=$Xn,$X[($j+2)%16] // forward Xupdate
+ xor tmp3=$X[($j+8)%16],$X[($j+13)%16] };; // forward Xupdate
+{ .mmi; add $e=$e,tmp0 // e+=b&(c^d)
+ add tmp5=tmp5,tmp1 // ROTATE(a,5)+(c&d)
shrp $b=tmp6,tmp6,2 } // b=ROTATE(b,30)
-{ .mmi; or tmp0=tmp0,tmp4 // F_40_59(b,c,d)=(b&c)|(b&d)|(c&d)
+{ .mmi; xor $Xn=$Xn,tmp3
mux2 tmp6=$a,0x44 };; // see b in next iteration
-{ .mii; add $f=$f,tmp0 // f+=F_40_59(b,c,d)
- shrp $e=tmp2,tmp2,31;; // f+1=ROTATE(x[0]^x[2]^x[8]^x[13],1)
- add $f=$f,tmp1 };; // f+=ROTATE(a,5)
+{ .mii; add $e=$e,tmp5 // e+=ROTATE(a,5)+(c&d)
+ shrp $Xn=$Xn,$Xn,31 // ROTATE(x[0]^x[2]^x[8]^x[13],1)
+ nop.i 0x0 };;
___
}
@@ -237,7 +235,7 @@
.align 32
sha1_block_data_order:
.prologue
-{ .mmi; alloc tmp1=ar.pfs,3,15,0,0
+{ .mmi; alloc tmp1=ar.pfs,3,14,0,0
$ADDP tmp0=4,ctx
.save ar.lc,r3
mov r3=ar.lc }
@@ -245,8 +243,8 @@
$ADDP inp=0,inp
mov r2=pr };;
tmp4=in2;
-tmp5=loc13;
-tmp6=loc14;
+tmp5=loc12;
+tmp6=loc13;
.body
{ .mlx; ld4 $h0=[ctx],8
movl $K_00_19=0x5a827999 }
@@ -273,7 +271,8 @@
___
-{ my $i, at V=($A,$B,$C,$D,$E,$T);
+{ my $i;
+ my @V=($A,$B,$C,$D,$E);
for($i=0;$i<16;$i++) { &BODY_00_15(\$code,$i, at V); unshift(@V,pop(@V)); }
for(;$i<20;$i++) { &BODY_16_19(\$code,$i, at V); unshift(@V,pop(@V)); }
@@ -281,12 +280,12 @@
for(;$i<60;$i++) { &BODY_40_59(\$code,$i, at V); unshift(@V,pop(@V)); }
for(;$i<80;$i++) { &BODY_60_79(\$code,$i, at V); unshift(@V,pop(@V)); }
- (($V[5] eq $D) and ($V[0] eq $E)) or die; # double-check
+ (($V[0] eq $A) and ($V[4] eq $E)) or die; # double-check
}
$code.=<<___;
-{ .mmb; add $h0=$h0,$E
- nop.m 0
+{ .mmb; add $h0=$h0,$A
+ add $h2=$h2,$C
br.ctop.dptk.many .Ldtop };;
.Ldend:
{ .mmi; add tmp0=4,ctx
Copied: trunk/crypto/openssl/crypto/sha/asm/sha1-mips.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/sha/asm/sha1-mips.pl)
===================================================================
--- trunk/crypto/openssl/crypto/sha/asm/sha1-mips.pl (rev 0)
+++ trunk/crypto/openssl/crypto/sha/asm/sha1-mips.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,354 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# SHA1 block procedure for MIPS.
+
+# Performance improvement is 30% on unaligned input. The "secret" is
+# to deploy lwl/lwr pair to load unaligned input. One could have
+# vectorized Xupdate on MIPSIII/IV, but the goal was to code MIPS32-
+# compatible subroutine. There is room for minor optimization on
+# little-endian platforms...
+
+######################################################################
+# There is a number of MIPS ABI in use, O32 and N32/64 are most
+# widely used. Then there is a new contender: NUBI. It appears that if
+# one picks the latter, it's possible to arrange code in ABI neutral
+# manner. Therefore let's stick to NUBI register layout:
+#
+($zero,$at,$t0,$t1,$t2)=map("\$$_",(0..2,24,25));
+($a0,$a1,$a2,$a3,$a4,$a5,$a6,$a7)=map("\$$_",(4..11));
+($s0,$s1,$s2,$s3,$s4,$s5,$s6,$s7,$s8,$s9,$s10,$s11)=map("\$$_",(12..23));
+($gp,$tp,$sp,$fp,$ra)=map("\$$_",(3,28..31));
+#
+# The return value is placed in $a0. Following coding rules facilitate
+# interoperability:
+#
+# - never ever touch $tp, "thread pointer", former $gp;
+# - copy return value to $t0, former $v0 [or to $a0 if you're adapting
+# old code];
+# - on O32 populate $a4-$a7 with 'lw $aN,4*N($sp)' if necessary;
+#
+# For reference here is register layout for N32/64 MIPS ABIs:
+#
+# ($zero,$at,$v0,$v1)=map("\$$_",(0..3));
+# ($a0,$a1,$a2,$a3,$a4,$a5,$a6,$a7)=map("\$$_",(4..11));
+# ($t0,$t1,$t2,$t3,$t8,$t9)=map("\$$_",(12..15,24,25));
+# ($s0,$s1,$s2,$s3,$s4,$s5,$s6,$s7)=map("\$$_",(16..23));
+# ($gp,$sp,$fp,$ra)=map("\$$_",(28..31));
+#
+$flavour = shift; # supported flavours are o32,n32,64,nubi32,nubi64
+
+if ($flavour =~ /64|n32/i) {
+ $PTR_ADD="dadd"; # incidentally works even on n32
+ $PTR_SUB="dsub"; # incidentally works even on n32
+ $REG_S="sd";
+ $REG_L="ld";
+ $PTR_SLL="dsll"; # incidentally works even on n32
+ $SZREG=8;
+} else {
+ $PTR_ADD="add";
+ $PTR_SUB="sub";
+ $REG_S="sw";
+ $REG_L="lw";
+ $PTR_SLL="sll";
+ $SZREG=4;
+}
+#
+# <appro at openssl.org>
+#
+######################################################################
+
+$big_endian=(`echo MIPSEL | $ENV{CC} -E -`=~/MIPSEL/)?1:0 if ($ENV{CC});
+
+for (@ARGV) { $output=$_ if (/^\w[\w\-]*\.\w+$/); }
+open STDOUT,">$output";
+
+if (!defined($big_endian))
+ { $big_endian=(unpack('L',pack('N',1))==1); }
+
+# offsets of the Most and Least Significant Bytes
+$MSB=$big_endian?0:3;
+$LSB=3&~$MSB;
+
+ at X=map("\$$_",(8..23)); # a4-a7,s0-s11
+
+$ctx=$a0;
+$inp=$a1;
+$num=$a2;
+$A="\$1";
+$B="\$2";
+$C="\$3";
+$D="\$7";
+$E="\$24"; @V=($A,$B,$C,$D,$E);
+$t0="\$25";
+$t1=$num; # $num is offloaded to stack
+$t2="\$30"; # fp
+$K="\$31"; # ra
+
+sub BODY_00_14 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i+1;
+$code.=<<___ if (!$big_endian);
+ srl $t0, at X[$i],24 # byte swap($i)
+ srl $t1, at X[$i],8
+ andi $t2, at X[$i],0xFF00
+ sll @X[$i], at X[$i],24
+ andi $t1,0xFF00
+ sll $t2,$t2,8
+ or @X[$i],$t0
+ or $t1,$t2
+ or @X[$i],$t1
+___
+$code.=<<___;
+ lwl @X[$j],$j*4+$MSB($inp)
+ sll $t0,$a,5 # $i
+ addu $e,$K
+ lwr @X[$j],$j*4+$LSB($inp)
+ srl $t1,$a,27
+ addu $e,$t0
+ xor $t0,$c,$d
+ addu $e,$t1
+ sll $t2,$b,30
+ and $t0,$b
+ srl $b,$b,2
+ xor $t0,$d
+ addu $e, at X[$i]
+ or $b,$t2
+ addu $e,$t0
+___
+}
+
+sub BODY_15_19 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i+1;
+
+$code.=<<___ if (!$big_endian && $i==15);
+ srl $t0, at X[$i],24 # byte swap($i)
+ srl $t1, at X[$i],8
+ andi $t2, at X[$i],0xFF00
+ sll @X[$i], at X[$i],24
+ andi $t1,0xFF00
+ sll $t2,$t2,8
+ or @X[$i],$t0
+ or @X[$i],$t1
+ or @X[$i],$t2
+___
+$code.=<<___;
+ xor @X[$j%16], at X[($j+2)%16]
+ sll $t0,$a,5 # $i
+ addu $e,$K
+ srl $t1,$a,27
+ addu $e,$t0
+ xor @X[$j%16], at X[($j+8)%16]
+ xor $t0,$c,$d
+ addu $e,$t1
+ xor @X[$j%16], at X[($j+13)%16]
+ sll $t2,$b,30
+ and $t0,$b
+ srl $t1, at X[$j%16],31
+ addu @X[$j%16], at X[$j%16]
+ srl $b,$b,2
+ xor $t0,$d
+ or @X[$j%16],$t1
+ addu $e, at X[$i%16]
+ or $b,$t2
+ addu $e,$t0
+___
+}
+
+sub BODY_20_39 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i+1;
+$code.=<<___ if ($i<79);
+ xor @X[$j%16], at X[($j+2)%16]
+ sll $t0,$a,5 # $i
+ addu $e,$K
+ srl $t1,$a,27
+ addu $e,$t0
+ xor @X[$j%16], at X[($j+8)%16]
+ xor $t0,$c,$d
+ addu $e,$t1
+ xor @X[$j%16], at X[($j+13)%16]
+ sll $t2,$b,30
+ xor $t0,$b
+ srl $t1, at X[$j%16],31
+ addu @X[$j%16], at X[$j%16]
+ srl $b,$b,2
+ addu $e, at X[$i%16]
+ or @X[$j%16],$t1
+ or $b,$t2
+ addu $e,$t0
+___
+$code.=<<___ if ($i==79);
+ lw @X[0],0($ctx)
+ sll $t0,$a,5 # $i
+ addu $e,$K
+ lw @X[1],4($ctx)
+ srl $t1,$a,27
+ addu $e,$t0
+ lw @X[2],8($ctx)
+ xor $t0,$c,$d
+ addu $e,$t1
+ lw @X[3],12($ctx)
+ sll $t2,$b,30
+ xor $t0,$b
+ lw @X[4],16($ctx)
+ srl $b,$b,2
+ addu $e, at X[$i%16]
+ or $b,$t2
+ addu $e,$t0
+___
+}
+
+sub BODY_40_59 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i+1;
+$code.=<<___ if ($i<79);
+ xor @X[$j%16], at X[($j+2)%16]
+ sll $t0,$a,5 # $i
+ addu $e,$K
+ srl $t1,$a,27
+ addu $e,$t0
+ xor @X[$j%16], at X[($j+8)%16]
+ and $t0,$c,$d
+ addu $e,$t1
+ xor @X[$j%16], at X[($j+13)%16]
+ sll $t2,$b,30
+ addu $e,$t0
+ srl $t1, at X[$j%16],31
+ xor $t0,$c,$d
+ addu @X[$j%16], at X[$j%16]
+ and $t0,$b
+ srl $b,$b,2
+ or @X[$j%16],$t1
+ addu $e, at X[$i%16]
+ or $b,$t2
+ addu $e,$t0
+___
+}
+
+$FRAMESIZE=16; # large enough to accomodate NUBI saved registers
+$SAVED_REGS_MASK = ($flavour =~ /nubi/i) ? 0xc0fff008 : 0xc0ff0000;
+
+$code=<<___;
+#ifdef OPENSSL_FIPSCANISTER
+# include <openssl/fipssyms.h>
+#endif
+
+.text
+
+.set noat
+.set noreorder
+.align 5
+.globl sha1_block_data_order
+.ent sha1_block_data_order
+sha1_block_data_order:
+ .frame $sp,$FRAMESIZE*$SZREG,$ra
+ .mask $SAVED_REGS_MASK,-$SZREG
+ .set noreorder
+ $PTR_SUB $sp,$FRAMESIZE*$SZREG
+ $REG_S $ra,($FRAMESIZE-1)*$SZREG($sp)
+ $REG_S $fp,($FRAMESIZE-2)*$SZREG($sp)
+ $REG_S $s11,($FRAMESIZE-3)*$SZREG($sp)
+ $REG_S $s10,($FRAMESIZE-4)*$SZREG($sp)
+ $REG_S $s9,($FRAMESIZE-5)*$SZREG($sp)
+ $REG_S $s8,($FRAMESIZE-6)*$SZREG($sp)
+ $REG_S $s7,($FRAMESIZE-7)*$SZREG($sp)
+ $REG_S $s6,($FRAMESIZE-8)*$SZREG($sp)
+ $REG_S $s5,($FRAMESIZE-9)*$SZREG($sp)
+ $REG_S $s4,($FRAMESIZE-10)*$SZREG($sp)
+___
+$code.=<<___ if ($flavour =~ /nubi/i); # optimize non-nubi prologue
+ $REG_S $s3,($FRAMESIZE-11)*$SZREG($sp)
+ $REG_S $s2,($FRAMESIZE-12)*$SZREG($sp)
+ $REG_S $s1,($FRAMESIZE-13)*$SZREG($sp)
+ $REG_S $s0,($FRAMESIZE-14)*$SZREG($sp)
+ $REG_S $gp,($FRAMESIZE-15)*$SZREG($sp)
+___
+$code.=<<___;
+ $PTR_SLL $num,6
+ $PTR_ADD $num,$inp
+ $REG_S $num,0($sp)
+ lw $A,0($ctx)
+ lw $B,4($ctx)
+ lw $C,8($ctx)
+ lw $D,12($ctx)
+ b .Loop
+ lw $E,16($ctx)
+.align 4
+.Loop:
+ .set reorder
+ lwl @X[0],$MSB($inp)
+ lui $K,0x5a82
+ lwr @X[0],$LSB($inp)
+ ori $K,0x7999 # K_00_19
+___
+for ($i=0;$i<15;$i++) { &BODY_00_14($i, at V); unshift(@V,pop(@V)); }
+for (;$i<20;$i++) { &BODY_15_19($i, at V); unshift(@V,pop(@V)); }
+$code.=<<___;
+ lui $K,0x6ed9
+ ori $K,0xeba1 # K_20_39
+___
+for (;$i<40;$i++) { &BODY_20_39($i, at V); unshift(@V,pop(@V)); }
+$code.=<<___;
+ lui $K,0x8f1b
+ ori $K,0xbcdc # K_40_59
+___
+for (;$i<60;$i++) { &BODY_40_59($i, at V); unshift(@V,pop(@V)); }
+$code.=<<___;
+ lui $K,0xca62
+ ori $K,0xc1d6 # K_60_79
+___
+for (;$i<80;$i++) { &BODY_20_39($i, at V); unshift(@V,pop(@V)); }
+$code.=<<___;
+ $PTR_ADD $inp,64
+ $REG_L $num,0($sp)
+
+ addu $A,$X[0]
+ addu $B,$X[1]
+ sw $A,0($ctx)
+ addu $C,$X[2]
+ addu $D,$X[3]
+ sw $B,4($ctx)
+ addu $E,$X[4]
+ sw $C,8($ctx)
+ sw $D,12($ctx)
+ sw $E,16($ctx)
+ .set noreorder
+ bne $inp,$num,.Loop
+ nop
+
+ .set noreorder
+ $REG_L $ra,($FRAMESIZE-1)*$SZREG($sp)
+ $REG_L $fp,($FRAMESIZE-2)*$SZREG($sp)
+ $REG_L $s11,($FRAMESIZE-3)*$SZREG($sp)
+ $REG_L $s10,($FRAMESIZE-4)*$SZREG($sp)
+ $REG_L $s9,($FRAMESIZE-5)*$SZREG($sp)
+ $REG_L $s8,($FRAMESIZE-6)*$SZREG($sp)
+ $REG_L $s7,($FRAMESIZE-7)*$SZREG($sp)
+ $REG_L $s6,($FRAMESIZE-8)*$SZREG($sp)
+ $REG_L $s5,($FRAMESIZE-9)*$SZREG($sp)
+ $REG_L $s4,($FRAMESIZE-10)*$SZREG($sp)
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+ $REG_L $s3,($FRAMESIZE-11)*$SZREG($sp)
+ $REG_L $s2,($FRAMESIZE-12)*$SZREG($sp)
+ $REG_L $s1,($FRAMESIZE-13)*$SZREG($sp)
+ $REG_L $s0,($FRAMESIZE-14)*$SZREG($sp)
+ $REG_L $gp,($FRAMESIZE-15)*$SZREG($sp)
+___
+$code.=<<___;
+ jr $ra
+ $PTR_ADD $sp,$FRAMESIZE*$SZREG
+.end sha1_block_data_order
+.rdata
+.asciiz "SHA1 for MIPS, CRYPTOGAMS by <appro\@openssl.org>"
+___
+print $code;
+close STDOUT;
Copied: trunk/crypto/openssl/crypto/sha/asm/sha1-parisc.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/sha/asm/sha1-parisc.pl)
===================================================================
--- trunk/crypto/openssl/crypto/sha/asm/sha1-parisc.pl (rev 0)
+++ trunk/crypto/openssl/crypto/sha/asm/sha1-parisc.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,260 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# SHA1 block procedure for PA-RISC.
+
+# June 2009.
+#
+# On PA-7100LC performance is >30% better than gcc 3.2 generated code
+# for aligned input and >50% better for unaligned. Compared to vendor
+# compiler on PA-8600 it's almost 60% faster in 64-bit build and just
+# few percent faster in 32-bit one (this for aligned input, data for
+# unaligned input is not available).
+#
+# Special thanks to polarhome.com for providing HP-UX account.
+
+$flavour = shift;
+$output = shift;
+open STDOUT,">$output";
+
+if ($flavour =~ /64/) {
+ $LEVEL ="2.0W";
+ $SIZE_T =8;
+ $FRAME_MARKER =80;
+ $SAVED_RP =16;
+ $PUSH ="std";
+ $PUSHMA ="std,ma";
+ $POP ="ldd";
+ $POPMB ="ldd,mb";
+} else {
+ $LEVEL ="1.0";
+ $SIZE_T =4;
+ $FRAME_MARKER =48;
+ $SAVED_RP =20;
+ $PUSH ="stw";
+ $PUSHMA ="stwm";
+ $POP ="ldw";
+ $POPMB ="ldwm";
+}
+
+$FRAME=14*$SIZE_T+$FRAME_MARKER;# 14 saved regs + frame marker
+ # [+ argument transfer]
+$ctx="%r26"; # arg0
+$inp="%r25"; # arg1
+$num="%r24"; # arg2
+
+$t0="%r28";
+$t1="%r29";
+$K="%r31";
+
+ at X=("%r1", "%r2", "%r3", "%r4", "%r5", "%r6", "%r7", "%r8",
+ "%r9", "%r10","%r11","%r12","%r13","%r14","%r15","%r16",$t0);
+
+ at V=($A,$B,$C,$D,$E)=("%r19","%r20","%r21","%r22","%r23");
+
+sub BODY_00_19 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i+1;
+$code.=<<___ if ($i<15);
+ addl $K,$e,$e ; $i
+ shd $a,$a,27,$t1
+ addl @X[$i],$e,$e
+ and $c,$b,$t0
+ addl $t1,$e,$e
+ andcm $d,$b,$t1
+ shd $b,$b,2,$b
+ or $t1,$t0,$t0
+ addl $t0,$e,$e
+___
+$code.=<<___ if ($i>=15); # with forward Xupdate
+ addl $K,$e,$e ; $i
+ shd $a,$a,27,$t1
+ xor @X[($j+2)%16], at X[$j%16], at X[$j%16]
+ addl @X[$i%16],$e,$e
+ and $c,$b,$t0
+ xor @X[($j+8)%16], at X[$j%16], at X[$j%16]
+ addl $t1,$e,$e
+ andcm $d,$b,$t1
+ shd $b,$b,2,$b
+ or $t1,$t0,$t0
+ xor @X[($j+13)%16], at X[$j%16], at X[$j%16]
+ add $t0,$e,$e
+ shd @X[$j%16], at X[$j%16],31, at X[$j%16]
+___
+}
+
+sub BODY_20_39 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i+1;
+$code.=<<___ if ($i<79);
+ xor @X[($j+2)%16], at X[$j%16], at X[$j%16] ; $i
+ addl $K,$e,$e
+ shd $a,$a,27,$t1
+ xor @X[($j+8)%16], at X[$j%16], at X[$j%16]
+ addl @X[$i%16],$e,$e
+ xor $b,$c,$t0
+ xor @X[($j+13)%16], at X[$j%16], at X[$j%16]
+ addl $t1,$e,$e
+ shd $b,$b,2,$b
+ xor $d,$t0,$t0
+ shd @X[$j%16], at X[$j%16],31, at X[$j%16]
+ addl $t0,$e,$e
+___
+$code.=<<___ if ($i==79); # with context load
+ ldw 0($ctx), at X[0] ; $i
+ addl $K,$e,$e
+ shd $a,$a,27,$t1
+ ldw 4($ctx), at X[1]
+ addl @X[$i%16],$e,$e
+ xor $b,$c,$t0
+ ldw 8($ctx), at X[2]
+ addl $t1,$e,$e
+ shd $b,$b,2,$b
+ xor $d,$t0,$t0
+ ldw 12($ctx), at X[3]
+ addl $t0,$e,$e
+ ldw 16($ctx), at X[4]
+___
+}
+
+sub BODY_40_59 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i+1;
+$code.=<<___;
+ shd $a,$a,27,$t1 ; $i
+ addl $K,$e,$e
+ xor @X[($j+2)%16], at X[$j%16], at X[$j%16]
+ xor $d,$c,$t0
+ addl @X[$i%16],$e,$e
+ xor @X[($j+8)%16], at X[$j%16], at X[$j%16]
+ and $b,$t0,$t0
+ addl $t1,$e,$e
+ shd $b,$b,2,$b
+ xor @X[($j+13)%16], at X[$j%16], at X[$j%16]
+ addl $t0,$e,$e
+ and $d,$c,$t1
+ shd @X[$j%16], at X[$j%16],31, at X[$j%16]
+ addl $t1,$e,$e
+___
+}
+
+$code=<<___;
+ .LEVEL $LEVEL
+ .SPACE \$TEXT\$
+ .SUBSPA \$CODE\$,QUAD=0,ALIGN=8,ACCESS=0x2C,CODE_ONLY
+
+ .EXPORT sha1_block_data_order,ENTRY,ARGW0=GR,ARGW1=GR,ARGW2=GR
+sha1_block_data_order
+ .PROC
+ .CALLINFO FRAME=`$FRAME-14*$SIZE_T`,NO_CALLS,SAVE_RP,ENTRY_GR=16
+ .ENTRY
+ $PUSH %r2,-$SAVED_RP(%sp) ; standard prologue
+ $PUSHMA %r3,$FRAME(%sp)
+ $PUSH %r4,`-$FRAME+1*$SIZE_T`(%sp)
+ $PUSH %r5,`-$FRAME+2*$SIZE_T`(%sp)
+ $PUSH %r6,`-$FRAME+3*$SIZE_T`(%sp)
+ $PUSH %r7,`-$FRAME+4*$SIZE_T`(%sp)
+ $PUSH %r8,`-$FRAME+5*$SIZE_T`(%sp)
+ $PUSH %r9,`-$FRAME+6*$SIZE_T`(%sp)
+ $PUSH %r10,`-$FRAME+7*$SIZE_T`(%sp)
+ $PUSH %r11,`-$FRAME+8*$SIZE_T`(%sp)
+ $PUSH %r12,`-$FRAME+9*$SIZE_T`(%sp)
+ $PUSH %r13,`-$FRAME+10*$SIZE_T`(%sp)
+ $PUSH %r14,`-$FRAME+11*$SIZE_T`(%sp)
+ $PUSH %r15,`-$FRAME+12*$SIZE_T`(%sp)
+ $PUSH %r16,`-$FRAME+13*$SIZE_T`(%sp)
+
+ ldw 0($ctx),$A
+ ldw 4($ctx),$B
+ ldw 8($ctx),$C
+ ldw 12($ctx),$D
+ ldw 16($ctx),$E
+
+ extru $inp,31,2,$t0 ; t0=inp&3;
+ sh3addl $t0,%r0,$t0 ; t0*=8;
+ subi 32,$t0,$t0 ; t0=32-t0;
+ mtctl $t0,%cr11 ; %sar=t0;
+
+L\$oop
+ ldi 3,$t0
+ andcm $inp,$t0,$t0 ; 64-bit neutral
+___
+ for ($i=0;$i<15;$i++) { # load input block
+ $code.="\tldw `4*$i`($t0), at X[$i]\n"; }
+$code.=<<___;
+ cmpb,*= $inp,$t0,L\$aligned
+ ldw 60($t0), at X[15]
+ ldw 64($t0), at X[16]
+___
+ for ($i=0;$i<16;$i++) { # align input
+ $code.="\tvshd @X[$i], at X[$i+1], at X[$i]\n"; }
+$code.=<<___;
+L\$aligned
+ ldil L'0x5a827000,$K ; K_00_19
+ ldo 0x999($K),$K
+___
+for ($i=0;$i<20;$i++) { &BODY_00_19($i, at V); unshift(@V,pop(@V)); }
+$code.=<<___;
+ ldil L'0x6ed9e000,$K ; K_20_39
+ ldo 0xba1($K),$K
+___
+
+for (;$i<40;$i++) { &BODY_20_39($i, at V); unshift(@V,pop(@V)); }
+$code.=<<___;
+ ldil L'0x8f1bb000,$K ; K_40_59
+ ldo 0xcdc($K),$K
+___
+
+for (;$i<60;$i++) { &BODY_40_59($i, at V); unshift(@V,pop(@V)); }
+$code.=<<___;
+ ldil L'0xca62c000,$K ; K_60_79
+ ldo 0x1d6($K),$K
+___
+for (;$i<80;$i++) { &BODY_20_39($i, at V); unshift(@V,pop(@V)); }
+
+$code.=<<___;
+ addl @X[0],$A,$A
+ addl @X[1],$B,$B
+ addl @X[2],$C,$C
+ addl @X[3],$D,$D
+ addl @X[4],$E,$E
+ stw $A,0($ctx)
+ stw $B,4($ctx)
+ stw $C,8($ctx)
+ stw $D,12($ctx)
+ stw $E,16($ctx)
+ addib,*<> -1,$num,L\$oop
+ ldo 64($inp),$inp
+
+ $POP `-$FRAME-$SAVED_RP`(%sp),%r2 ; standard epilogue
+ $POP `-$FRAME+1*$SIZE_T`(%sp),%r4
+ $POP `-$FRAME+2*$SIZE_T`(%sp),%r5
+ $POP `-$FRAME+3*$SIZE_T`(%sp),%r6
+ $POP `-$FRAME+4*$SIZE_T`(%sp),%r7
+ $POP `-$FRAME+5*$SIZE_T`(%sp),%r8
+ $POP `-$FRAME+6*$SIZE_T`(%sp),%r9
+ $POP `-$FRAME+7*$SIZE_T`(%sp),%r10
+ $POP `-$FRAME+8*$SIZE_T`(%sp),%r11
+ $POP `-$FRAME+9*$SIZE_T`(%sp),%r12
+ $POP `-$FRAME+10*$SIZE_T`(%sp),%r13
+ $POP `-$FRAME+11*$SIZE_T`(%sp),%r14
+ $POP `-$FRAME+12*$SIZE_T`(%sp),%r15
+ $POP `-$FRAME+13*$SIZE_T`(%sp),%r16
+ bv (%r2)
+ .EXIT
+ $POPMB -$FRAME(%sp),%r3
+ .PROCEND
+ .STRINGZ "SHA1 block transform for PA-RISC, CRYPTOGAMS by <appro\@openssl.org>"
+___
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+$code =~ s/,\*/,/gm if ($SIZE_T==4);
+$code =~ s/\bbv\b/bve/gm if ($SIZE_T==8);
+print $code;
+close STDOUT;
Copied: trunk/crypto/openssl/crypto/sha/asm/sha1-ppc.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/sha/asm/sha1-ppc.pl)
===================================================================
--- trunk/crypto/openssl/crypto/sha/asm/sha1-ppc.pl (rev 0)
+++ trunk/crypto/openssl/crypto/sha/asm/sha1-ppc.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,326 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# I let hardware handle unaligned input(*), except on page boundaries
+# (see below for details). Otherwise straightforward implementation
+# with X vector in register bank. The module is big-endian [which is
+# not big deal as there're no little-endian targets left around].
+#
+# (*) this means that this module is inappropriate for PPC403? Does
+# anybody know if pre-POWER3 can sustain unaligned load?
+
+# -m64 -m32
+# ----------------------------------
+# PPC970,gcc-4.0.0 +76% +59%
+# Power6,xlc-7 +68% +33%
+
+$flavour = shift;
+
+if ($flavour =~ /64/) {
+ $SIZE_T =8;
+ $LRSAVE =2*$SIZE_T;
+ $UCMP ="cmpld";
+ $STU ="stdu";
+ $POP ="ld";
+ $PUSH ="std";
+} elsif ($flavour =~ /32/) {
+ $SIZE_T =4;
+ $LRSAVE =$SIZE_T;
+ $UCMP ="cmplw";
+ $STU ="stwu";
+ $POP ="lwz";
+ $PUSH ="stw";
+} else { die "nonsense $flavour"; }
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}ppc-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/ppc-xlate.pl" and -f $xlate) or
+die "can't locate ppc-xlate.pl";
+
+open STDOUT,"| $^X $xlate $flavour ".shift || die "can't call $xlate: $!";
+
+$FRAME=24*$SIZE_T+64;
+$LOCALS=6*$SIZE_T;
+
+$K ="r0";
+$sp ="r1";
+$toc="r2";
+$ctx="r3";
+$inp="r4";
+$num="r5";
+$t0 ="r15";
+$t1 ="r6";
+
+$A ="r7";
+$B ="r8";
+$C ="r9";
+$D ="r10";
+$E ="r11";
+$T ="r12";
+
+ at V=($A,$B,$C,$D,$E,$T);
+ at X=("r16","r17","r18","r19","r20","r21","r22","r23",
+ "r24","r25","r26","r27","r28","r29","r30","r31");
+
+sub BODY_00_19 {
+my ($i,$a,$b,$c,$d,$e,$f)=@_;
+my $j=$i+1;
+$code.=<<___ if ($i==0);
+ lwz @X[$i],`$i*4`($inp)
+___
+$code.=<<___ if ($i<15);
+ lwz @X[$j],`$j*4`($inp)
+ add $f,$K,$e
+ rotlwi $e,$a,5
+ add $f,$f, at X[$i]
+ and $t0,$c,$b
+ add $f,$f,$e
+ andc $t1,$d,$b
+ rotlwi $b,$b,30
+ or $t0,$t0,$t1
+ add $f,$f,$t0
+___
+$code.=<<___ if ($i>=15);
+ add $f,$K,$e
+ rotlwi $e,$a,5
+ xor @X[$j%16], at X[$j%16], at X[($j+2)%16]
+ add $f,$f, at X[$i%16]
+ and $t0,$c,$b
+ xor @X[$j%16], at X[$j%16], at X[($j+8)%16]
+ add $f,$f,$e
+ andc $t1,$d,$b
+ rotlwi $b,$b,30
+ or $t0,$t0,$t1
+ xor @X[$j%16], at X[$j%16], at X[($j+13)%16]
+ add $f,$f,$t0
+ rotlwi @X[$j%16], at X[$j%16],1
+___
+}
+
+sub BODY_20_39 {
+my ($i,$a,$b,$c,$d,$e,$f)=@_;
+my $j=$i+1;
+$code.=<<___ if ($i<79);
+ add $f,$K,$e
+ rotlwi $e,$a,5
+ xor @X[$j%16], at X[$j%16], at X[($j+2)%16]
+ add $f,$f, at X[$i%16]
+ xor $t0,$b,$c
+ xor @X[$j%16], at X[$j%16], at X[($j+8)%16]
+ add $f,$f,$e
+ rotlwi $b,$b,30
+ xor $t0,$t0,$d
+ xor @X[$j%16], at X[$j%16], at X[($j+13)%16]
+ add $f,$f,$t0
+ rotlwi @X[$j%16], at X[$j%16],1
+___
+$code.=<<___ if ($i==79);
+ add $f,$K,$e
+ rotlwi $e,$a,5
+ lwz r16,0($ctx)
+ add $f,$f, at X[$i%16]
+ xor $t0,$b,$c
+ lwz r17,4($ctx)
+ add $f,$f,$e
+ rotlwi $b,$b,30
+ lwz r18,8($ctx)
+ xor $t0,$t0,$d
+ lwz r19,12($ctx)
+ add $f,$f,$t0
+ lwz r20,16($ctx)
+___
+}
+
+sub BODY_40_59 {
+my ($i,$a,$b,$c,$d,$e,$f)=@_;
+my $j=$i+1;
+$code.=<<___;
+ add $f,$K,$e
+ rotlwi $e,$a,5
+ xor @X[$j%16], at X[$j%16], at X[($j+2)%16]
+ add $f,$f, at X[$i%16]
+ and $t0,$b,$c
+ xor @X[$j%16], at X[$j%16], at X[($j+8)%16]
+ add $f,$f,$e
+ or $t1,$b,$c
+ rotlwi $b,$b,30
+ xor @X[$j%16], at X[$j%16], at X[($j+13)%16]
+ and $t1,$t1,$d
+ or $t0,$t0,$t1
+ rotlwi @X[$j%16], at X[$j%16],1
+ add $f,$f,$t0
+___
+}
+
+$code=<<___;
+.machine "any"
+.text
+
+.globl .sha1_block_data_order
+.align 4
+.sha1_block_data_order:
+ $STU $sp,-$FRAME($sp)
+ mflr r0
+ $PUSH r15,`$FRAME-$SIZE_T*17`($sp)
+ $PUSH r16,`$FRAME-$SIZE_T*16`($sp)
+ $PUSH r17,`$FRAME-$SIZE_T*15`($sp)
+ $PUSH r18,`$FRAME-$SIZE_T*14`($sp)
+ $PUSH r19,`$FRAME-$SIZE_T*13`($sp)
+ $PUSH r20,`$FRAME-$SIZE_T*12`($sp)
+ $PUSH r21,`$FRAME-$SIZE_T*11`($sp)
+ $PUSH r22,`$FRAME-$SIZE_T*10`($sp)
+ $PUSH r23,`$FRAME-$SIZE_T*9`($sp)
+ $PUSH r24,`$FRAME-$SIZE_T*8`($sp)
+ $PUSH r25,`$FRAME-$SIZE_T*7`($sp)
+ $PUSH r26,`$FRAME-$SIZE_T*6`($sp)
+ $PUSH r27,`$FRAME-$SIZE_T*5`($sp)
+ $PUSH r28,`$FRAME-$SIZE_T*4`($sp)
+ $PUSH r29,`$FRAME-$SIZE_T*3`($sp)
+ $PUSH r30,`$FRAME-$SIZE_T*2`($sp)
+ $PUSH r31,`$FRAME-$SIZE_T*1`($sp)
+ $PUSH r0,`$FRAME+$LRSAVE`($sp)
+ lwz $A,0($ctx)
+ lwz $B,4($ctx)
+ lwz $C,8($ctx)
+ lwz $D,12($ctx)
+ lwz $E,16($ctx)
+ andi. r0,$inp,3
+ bne Lunaligned
+Laligned:
+ mtctr $num
+ bl Lsha1_block_private
+ b Ldone
+
+; PowerPC specification allows an implementation to be ill-behaved
+; upon unaligned access which crosses page boundary. "Better safe
+; than sorry" principle makes me treat it specially. But I don't
+; look for particular offending word, but rather for 64-byte input
+; block which crosses the boundary. Once found that block is aligned
+; and hashed separately...
+.align 4
+Lunaligned:
+ subfic $t1,$inp,4096
+ andi. $t1,$t1,4095 ; distance to closest page boundary
+ srwi. $t1,$t1,6 ; t1/=64
+ beq Lcross_page
+ $UCMP $num,$t1
+ ble- Laligned ; didn't cross the page boundary
+ mtctr $t1
+ subfc $num,$t1,$num
+ bl Lsha1_block_private
+Lcross_page:
+ li $t1,16
+ mtctr $t1
+ addi r20,$sp,$LOCALS ; spot within the frame
+Lmemcpy:
+ lbz r16,0($inp)
+ lbz r17,1($inp)
+ lbz r18,2($inp)
+ lbz r19,3($inp)
+ addi $inp,$inp,4
+ stb r16,0(r20)
+ stb r17,1(r20)
+ stb r18,2(r20)
+ stb r19,3(r20)
+ addi r20,r20,4
+ bdnz Lmemcpy
+
+ $PUSH $inp,`$FRAME-$SIZE_T*18`($sp)
+ li $t1,1
+ addi $inp,$sp,$LOCALS
+ mtctr $t1
+ bl Lsha1_block_private
+ $POP $inp,`$FRAME-$SIZE_T*18`($sp)
+ addic. $num,$num,-1
+ bne- Lunaligned
+
+Ldone:
+ $POP r0,`$FRAME+$LRSAVE`($sp)
+ $POP r15,`$FRAME-$SIZE_T*17`($sp)
+ $POP r16,`$FRAME-$SIZE_T*16`($sp)
+ $POP r17,`$FRAME-$SIZE_T*15`($sp)
+ $POP r18,`$FRAME-$SIZE_T*14`($sp)
+ $POP r19,`$FRAME-$SIZE_T*13`($sp)
+ $POP r20,`$FRAME-$SIZE_T*12`($sp)
+ $POP r21,`$FRAME-$SIZE_T*11`($sp)
+ $POP r22,`$FRAME-$SIZE_T*10`($sp)
+ $POP r23,`$FRAME-$SIZE_T*9`($sp)
+ $POP r24,`$FRAME-$SIZE_T*8`($sp)
+ $POP r25,`$FRAME-$SIZE_T*7`($sp)
+ $POP r26,`$FRAME-$SIZE_T*6`($sp)
+ $POP r27,`$FRAME-$SIZE_T*5`($sp)
+ $POP r28,`$FRAME-$SIZE_T*4`($sp)
+ $POP r29,`$FRAME-$SIZE_T*3`($sp)
+ $POP r30,`$FRAME-$SIZE_T*2`($sp)
+ $POP r31,`$FRAME-$SIZE_T*1`($sp)
+ mtlr r0
+ addi $sp,$sp,$FRAME
+ blr
+ .long 0
+ .byte 0,12,4,1,0x80,18,3,0
+ .long 0
+___
+
+# This is private block function, which uses tailored calling
+# interface, namely upon entry SHA_CTX is pre-loaded to given
+# registers and counter register contains amount of chunks to
+# digest...
+$code.=<<___;
+.align 4
+Lsha1_block_private:
+___
+$code.=<<___; # load K_00_19
+ lis $K,0x5a82
+ ori $K,$K,0x7999
+___
+for($i=0;$i<20;$i++) { &BODY_00_19($i, at V); unshift(@V,pop(@V)); }
+$code.=<<___; # load K_20_39
+ lis $K,0x6ed9
+ ori $K,$K,0xeba1
+___
+for(;$i<40;$i++) { &BODY_20_39($i, at V); unshift(@V,pop(@V)); }
+$code.=<<___; # load K_40_59
+ lis $K,0x8f1b
+ ori $K,$K,0xbcdc
+___
+for(;$i<60;$i++) { &BODY_40_59($i, at V); unshift(@V,pop(@V)); }
+$code.=<<___; # load K_60_79
+ lis $K,0xca62
+ ori $K,$K,0xc1d6
+___
+for(;$i<80;$i++) { &BODY_20_39($i, at V); unshift(@V,pop(@V)); }
+$code.=<<___;
+ add r16,r16,$E
+ add r17,r17,$T
+ add r18,r18,$A
+ add r19,r19,$B
+ add r20,r20,$C
+ stw r16,0($ctx)
+ mr $A,r16
+ stw r17,4($ctx)
+ mr $B,r17
+ stw r18,8($ctx)
+ mr $C,r18
+ stw r19,12($ctx)
+ mr $D,r19
+ stw r20,16($ctx)
+ mr $E,r20
+ addi $inp,$inp,`16*4`
+ bdnz- Lsha1_block_private
+ blr
+ .long 0
+ .byte 0,12,0x14,0,0,0,0,0
+___
+$code.=<<___;
+.asciz "SHA1 block transform for PPC, CRYPTOGAMS by <appro\@fy.chalmers.se>"
+___
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+print $code;
+close STDOUT;
Copied: trunk/crypto/openssl/crypto/sha/asm/sha1-s390x.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/sha/asm/sha1-s390x.pl)
===================================================================
--- trunk/crypto/openssl/crypto/sha/asm/sha1-s390x.pl (rev 0)
+++ trunk/crypto/openssl/crypto/sha/asm/sha1-s390x.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,246 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# SHA1 block procedure for s390x.
+
+# April 2007.
+#
+# Performance is >30% better than gcc 3.3 generated code. But the real
+# twist is that SHA1 hardware support is detected and utilized. In
+# which case performance can reach further >4.5x for larger chunks.
+
+# January 2009.
+#
+# Optimize Xupdate for amount of memory references and reschedule
+# instructions to favour dual-issue z10 pipeline. On z10 hardware is
+# "only" ~2.3x faster than software.
+
+# November 2010.
+#
+# Adapt for -m31 build. If kernel supports what's called "highgprs"
+# feature on Linux [see /proc/cpuinfo], it's possible to use 64-bit
+# instructions and achieve "64-bit" performance even in 31-bit legacy
+# application context. The feature is not specific to any particular
+# processor, as long as it's "z-CPU". Latter implies that the code
+# remains z/Architecture specific.
+
+$kimdfunc=1; # magic function code for kimd instruction
+
+$flavour = shift;
+
+if ($flavour =~ /3[12]/) {
+ $SIZE_T=4;
+ $g="";
+} else {
+ $SIZE_T=8;
+ $g="g";
+}
+
+while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
+open STDOUT,">$output";
+
+$K_00_39="%r0"; $K=$K_00_39;
+$K_40_79="%r1";
+$ctx="%r2"; $prefetch="%r2";
+$inp="%r3";
+$len="%r4";
+
+$A="%r5";
+$B="%r6";
+$C="%r7";
+$D="%r8";
+$E="%r9"; @V=($A,$B,$C,$D,$E);
+$t0="%r10";
+$t1="%r11";
+ at X=("%r12","%r13","%r14");
+$sp="%r15";
+
+$stdframe=16*$SIZE_T+4*8;
+$frame=$stdframe+16*4;
+
+sub Xupdate {
+my $i=shift;
+
+$code.=<<___ if ($i==15);
+ lg $prefetch,$stdframe($sp) ### Xupdate(16) warm-up
+ lr $X[0],$X[2]
+___
+return if ($i&1); # Xupdate is vectorized and executed every 2nd cycle
+$code.=<<___ if ($i<16);
+ lg $X[0],`$i*4`($inp) ### Xload($i)
+ rllg $X[1],$X[0],32
+___
+$code.=<<___ if ($i>=16);
+ xgr $X[0],$prefetch ### Xupdate($i)
+ lg $prefetch,`$stdframe+4*(($i+2)%16)`($sp)
+ xg $X[0],`$stdframe+4*(($i+8)%16)`($sp)
+ xgr $X[0],$prefetch
+ rll $X[0],$X[0],1
+ rllg $X[1],$X[0],32
+ rll $X[1],$X[1],1
+ rllg $X[0],$X[1],32
+ lr $X[2],$X[1] # feedback
+___
+$code.=<<___ if ($i<=70);
+ stg $X[0],`$stdframe+4*($i%16)`($sp)
+___
+unshift(@X,pop(@X));
+}
+
+sub BODY_00_19 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $xi=$X[1];
+
+ &Xupdate($i);
+$code.=<<___;
+ alr $e,$K ### $i
+ rll $t1,$a,5
+ lr $t0,$d
+ xr $t0,$c
+ alr $e,$t1
+ nr $t0,$b
+ alr $e,$xi
+ xr $t0,$d
+ rll $b,$b,30
+ alr $e,$t0
+___
+}
+
+sub BODY_20_39 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $xi=$X[1];
+
+ &Xupdate($i);
+$code.=<<___;
+ alr $e,$K ### $i
+ rll $t1,$a,5
+ lr $t0,$b
+ alr $e,$t1
+ xr $t0,$c
+ alr $e,$xi
+ xr $t0,$d
+ rll $b,$b,30
+ alr $e,$t0
+___
+}
+
+sub BODY_40_59 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $xi=$X[1];
+
+ &Xupdate($i);
+$code.=<<___;
+ alr $e,$K ### $i
+ rll $t1,$a,5
+ lr $t0,$b
+ alr $e,$t1
+ or $t0,$c
+ lr $t1,$b
+ nr $t0,$d
+ nr $t1,$c
+ alr $e,$xi
+ or $t0,$t1
+ rll $b,$b,30
+ alr $e,$t0
+___
+}
+
+$code.=<<___;
+.text
+.align 64
+.type Ktable,\@object
+Ktable: .long 0x5a827999,0x6ed9eba1,0x8f1bbcdc,0xca62c1d6
+ .skip 48 #.long 0,0,0,0,0,0,0,0,0,0,0,0
+.size Ktable,.-Ktable
+.globl sha1_block_data_order
+.type sha1_block_data_order,\@function
+sha1_block_data_order:
+___
+$code.=<<___ if ($kimdfunc);
+ larl %r1,OPENSSL_s390xcap_P
+ lg %r0,0(%r1)
+ tmhl %r0,0x4000 # check for message-security assist
+ jz .Lsoftware
+ lghi %r0,0
+ la %r1,`2*$SIZE_T`($sp)
+ .long 0xb93e0002 # kimd %r0,%r2
+ lg %r0,`2*$SIZE_T`($sp)
+ tmhh %r0,`0x8000>>$kimdfunc`
+ jz .Lsoftware
+ lghi %r0,$kimdfunc
+ lgr %r1,$ctx
+ lgr %r2,$inp
+ sllg %r3,$len,6
+ .long 0xb93e0002 # kimd %r0,%r2
+ brc 1,.-4 # pay attention to "partial completion"
+ br %r14
+.align 16
+.Lsoftware:
+___
+$code.=<<___;
+ lghi %r1,-$frame
+ st${g} $ctx,`2*$SIZE_T`($sp)
+ stm${g} %r6,%r15,`6*$SIZE_T`($sp)
+ lgr %r0,$sp
+ la $sp,0(%r1,$sp)
+ st${g} %r0,0($sp)
+
+ larl $t0,Ktable
+ llgf $A,0($ctx)
+ llgf $B,4($ctx)
+ llgf $C,8($ctx)
+ llgf $D,12($ctx)
+ llgf $E,16($ctx)
+
+ lg $K_00_39,0($t0)
+ lg $K_40_79,8($t0)
+
+.Lloop:
+ rllg $K_00_39,$K_00_39,32
+___
+for ($i=0;$i<20;$i++) { &BODY_00_19($i, at V); unshift(@V,pop(@V)); }
+$code.=<<___;
+ rllg $K_00_39,$K_00_39,32
+___
+for (;$i<40;$i++) { &BODY_20_39($i, at V); unshift(@V,pop(@V)); }
+$code.=<<___; $K=$K_40_79;
+ rllg $K_40_79,$K_40_79,32
+___
+for (;$i<60;$i++) { &BODY_40_59($i, at V); unshift(@V,pop(@V)); }
+$code.=<<___;
+ rllg $K_40_79,$K_40_79,32
+___
+for (;$i<80;$i++) { &BODY_20_39($i, at V); unshift(@V,pop(@V)); }
+$code.=<<___;
+
+ l${g} $ctx,`$frame+2*$SIZE_T`($sp)
+ la $inp,64($inp)
+ al $A,0($ctx)
+ al $B,4($ctx)
+ al $C,8($ctx)
+ al $D,12($ctx)
+ al $E,16($ctx)
+ st $A,0($ctx)
+ st $B,4($ctx)
+ st $C,8($ctx)
+ st $D,12($ctx)
+ st $E,16($ctx)
+ brct${g} $len,.Lloop
+
+ lm${g} %r6,%r15,`$frame+6*$SIZE_T`($sp)
+ br %r14
+.size sha1_block_data_order,.-sha1_block_data_order
+.string "SHA1 block transform for s390x, CRYPTOGAMS by <appro\@openssl.org>"
+.comm OPENSSL_s390xcap_P,16,8
+___
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+
+print $code;
+close STDOUT;
Copied: trunk/crypto/openssl/crypto/sha/asm/sha1-sparcv9.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/sha/asm/sha1-sparcv9.pl)
===================================================================
--- trunk/crypto/openssl/crypto/sha/asm/sha1-sparcv9.pl (rev 0)
+++ trunk/crypto/openssl/crypto/sha/asm/sha1-sparcv9.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,284 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# Performance improvement is not really impressive on pre-T1 CPU: +8%
+# over Sun C and +25% over gcc [3.3]. While on T1, a.k.a. Niagara, it
+# turned to be 40% faster than 64-bit code generated by Sun C 5.8 and
+# >2x than 64-bit code generated by gcc 3.4. And there is a gimmick.
+# X[16] vector is packed to 8 64-bit registers and as result nothing
+# is spilled on stack. In addition input data is loaded in compact
+# instruction sequence, thus minimizing the window when the code is
+# subject to [inter-thread] cache-thrashing hazard. The goal is to
+# ensure scalability on UltraSPARC T1, or rather to avoid decay when
+# amount of active threads exceeds the number of physical cores.
+
+$bits=32;
+for (@ARGV) { $bits=64 if (/\-m64/ || /\-xarch\=v9/); }
+if ($bits==64) { $bias=2047; $frame=192; }
+else { $bias=0; $frame=112; }
+
+$output=shift;
+open STDOUT,">$output";
+
+ at X=("%o0","%o1","%o2","%o3","%o4","%o5","%g1","%o7");
+$rot1m="%g2";
+$tmp64="%g3";
+$Xi="%g4";
+$A="%l0";
+$B="%l1";
+$C="%l2";
+$D="%l3";
+$E="%l4";
+ at V=($A,$B,$C,$D,$E);
+$K_00_19="%l5";
+$K_20_39="%l6";
+$K_40_59="%l7";
+$K_60_79="%g5";
+ at K=($K_00_19,$K_20_39,$K_40_59,$K_60_79);
+
+$ctx="%i0";
+$inp="%i1";
+$len="%i2";
+$tmp0="%i3";
+$tmp1="%i4";
+$tmp2="%i5";
+
+sub BODY_00_15 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $xi=($i&1)?@X[($i/2)%8]:$Xi;
+
+$code.=<<___;
+ sll $a,5,$tmp0 !! $i
+ add @K[$i/20],$e,$e
+ srl $a,27,$tmp1
+ add $tmp0,$e,$e
+ and $c,$b,$tmp0
+ add $tmp1,$e,$e
+ sll $b,30,$tmp2
+ andn $d,$b,$tmp1
+ srl $b,2,$b
+ or $tmp1,$tmp0,$tmp1
+ or $tmp2,$b,$b
+ add $xi,$e,$e
+___
+if ($i&1 && $i<15) {
+ $code.=
+ " srlx @X[(($i+1)/2)%8],32,$Xi\n";
+}
+$code.=<<___;
+ add $tmp1,$e,$e
+___
+}
+
+sub Xupdate {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i/2;
+
+if ($i&1) {
+$code.=<<___;
+ sll $a,5,$tmp0 !! $i
+ add @K[$i/20],$e,$e
+ srl $a,27,$tmp1
+___
+} else {
+$code.=<<___;
+ sllx @X[($j+6)%8],32,$Xi ! Xupdate($i)
+ xor @X[($j+1)%8], at X[$j%8], at X[$j%8]
+ srlx @X[($j+7)%8],32,$tmp1
+ xor @X[($j+4)%8], at X[$j%8], at X[$j%8]
+ sll $a,5,$tmp0 !! $i
+ or $tmp1,$Xi,$Xi
+ add @K[$i/20],$e,$e !!
+ xor $Xi, at X[$j%8], at X[$j%8]
+ srlx @X[$j%8],31,$Xi
+ add @X[$j%8], at X[$j%8], at X[$j%8]
+ and $Xi,$rot1m,$Xi
+ andn @X[$j%8],$rot1m, at X[$j%8]
+ srl $a,27,$tmp1 !!
+ or $Xi, at X[$j%8], at X[$j%8]
+___
+}
+}
+
+sub BODY_16_19 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+
+ &Xupdate(@_);
+ if ($i&1) {
+ $xi=@X[($i/2)%8];
+ } else {
+ $xi=$Xi;
+ $code.="\tsrlx @X[($i/2)%8],32,$xi\n";
+ }
+$code.=<<___;
+ add $tmp0,$e,$e !!
+ and $c,$b,$tmp0
+ add $tmp1,$e,$e
+ sll $b,30,$tmp2
+ add $xi,$e,$e
+ andn $d,$b,$tmp1
+ srl $b,2,$b
+ or $tmp1,$tmp0,$tmp1
+ or $tmp2,$b,$b
+ add $tmp1,$e,$e
+___
+}
+
+sub BODY_20_39 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $xi;
+ &Xupdate(@_);
+ if ($i&1) {
+ $xi=@X[($i/2)%8];
+ } else {
+ $xi=$Xi;
+ $code.="\tsrlx @X[($i/2)%8],32,$xi\n";
+ }
+$code.=<<___;
+ add $tmp0,$e,$e !!
+ xor $c,$b,$tmp0
+ add $tmp1,$e,$e
+ sll $b,30,$tmp2
+ xor $d,$tmp0,$tmp1
+ srl $b,2,$b
+ add $tmp1,$e,$e
+ or $tmp2,$b,$b
+ add $xi,$e,$e
+___
+}
+
+sub BODY_40_59 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $xi;
+ &Xupdate(@_);
+ if ($i&1) {
+ $xi=@X[($i/2)%8];
+ } else {
+ $xi=$Xi;
+ $code.="\tsrlx @X[($i/2)%8],32,$xi\n";
+ }
+$code.=<<___;
+ add $tmp0,$e,$e !!
+ and $c,$b,$tmp0
+ add $tmp1,$e,$e
+ sll $b,30,$tmp2
+ or $c,$b,$tmp1
+ srl $b,2,$b
+ and $d,$tmp1,$tmp1
+ add $xi,$e,$e
+ or $tmp1,$tmp0,$tmp1
+ or $tmp2,$b,$b
+ add $tmp1,$e,$e
+___
+}
+
+$code.=<<___ if ($bits==64);
+.register %g2,#scratch
+.register %g3,#scratch
+___
+$code.=<<___;
+.section ".text",#alloc,#execinstr
+
+.align 32
+.globl sha1_block_data_order
+sha1_block_data_order:
+ save %sp,-$frame,%sp
+ sllx $len,6,$len
+ add $inp,$len,$len
+
+ or %g0,1,$rot1m
+ sllx $rot1m,32,$rot1m
+ or $rot1m,1,$rot1m
+
+ ld [$ctx+0],$A
+ ld [$ctx+4],$B
+ ld [$ctx+8],$C
+ ld [$ctx+12],$D
+ ld [$ctx+16],$E
+ andn $inp,7,$tmp0
+
+ sethi %hi(0x5a827999),$K_00_19
+ or $K_00_19,%lo(0x5a827999),$K_00_19
+ sethi %hi(0x6ed9eba1),$K_20_39
+ or $K_20_39,%lo(0x6ed9eba1),$K_20_39
+ sethi %hi(0x8f1bbcdc),$K_40_59
+ or $K_40_59,%lo(0x8f1bbcdc),$K_40_59
+ sethi %hi(0xca62c1d6),$K_60_79
+ or $K_60_79,%lo(0xca62c1d6),$K_60_79
+
+.Lloop:
+ ldx [$tmp0+0], at X[0]
+ ldx [$tmp0+16], at X[2]
+ ldx [$tmp0+32], at X[4]
+ ldx [$tmp0+48], at X[6]
+ and $inp,7,$tmp1
+ ldx [$tmp0+8], at X[1]
+ sll $tmp1,3,$tmp1
+ ldx [$tmp0+24], at X[3]
+ subcc %g0,$tmp1,$tmp2 ! should be 64-$tmp1, but -$tmp1 works too
+ ldx [$tmp0+40], at X[5]
+ bz,pt %icc,.Laligned
+ ldx [$tmp0+56], at X[7]
+
+ sllx @X[0],$tmp1, at X[0]
+ ldx [$tmp0+64],$tmp64
+___
+for($i=0;$i<7;$i++)
+{ $code.=<<___;
+ srlx @X[$i+1],$tmp2,$Xi
+ sllx @X[$i+1],$tmp1, at X[$i+1]
+ or $Xi, at X[$i], at X[$i]
+___
+}
+$code.=<<___;
+ srlx $tmp64,$tmp2,$tmp64
+ or $tmp64, at X[7], at X[7]
+.Laligned:
+ srlx @X[0],32,$Xi
+___
+for ($i=0;$i<16;$i++) { &BODY_00_15($i, at V); unshift(@V,pop(@V)); }
+for (;$i<20;$i++) { &BODY_16_19($i, at V); unshift(@V,pop(@V)); }
+for (;$i<40;$i++) { &BODY_20_39($i, at V); unshift(@V,pop(@V)); }
+for (;$i<60;$i++) { &BODY_40_59($i, at V); unshift(@V,pop(@V)); }
+for (;$i<80;$i++) { &BODY_20_39($i, at V); unshift(@V,pop(@V)); }
+$code.=<<___;
+
+ ld [$ctx+0], at X[0]
+ ld [$ctx+4], at X[1]
+ ld [$ctx+8], at X[2]
+ ld [$ctx+12], at X[3]
+ add $inp,64,$inp
+ ld [$ctx+16], at X[4]
+ cmp $inp,$len
+
+ add $A, at X[0],$A
+ st $A,[$ctx+0]
+ add $B, at X[1],$B
+ st $B,[$ctx+4]
+ add $C, at X[2],$C
+ st $C,[$ctx+8]
+ add $D, at X[3],$D
+ st $D,[$ctx+12]
+ add $E, at X[4],$E
+ st $E,[$ctx+16]
+
+ bne `$bits==64?"%xcc":"%icc"`,.Lloop
+ andn $inp,7,$tmp0
+
+ ret
+ restore
+.type sha1_block_data_order,#function
+.size sha1_block_data_order,(.-sha1_block_data_order)
+.asciz "SHA1 block transform for SPARCv9, CRYPTOGAMS by <appro\@openssl.org>"
+.align 4
+___
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+print $code;
+close STDOUT;
Copied: trunk/crypto/openssl/crypto/sha/asm/sha1-sparcv9a.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/sha/asm/sha1-sparcv9a.pl)
===================================================================
--- trunk/crypto/openssl/crypto/sha/asm/sha1-sparcv9a.pl (rev 0)
+++ trunk/crypto/openssl/crypto/sha/asm/sha1-sparcv9a.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,601 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# January 2009
+#
+# Provided that UltraSPARC VIS instructions are pipe-lined(*) and
+# pairable(*) with IALU ones, offloading of Xupdate to the UltraSPARC
+# Graphic Unit would make it possible to achieve higher instruction-
+# level parallelism, ILP, and thus higher performance. It should be
+# explicitly noted that ILP is the keyword, and it means that this
+# code would be unsuitable for cores like UltraSPARC-Tx. The idea is
+# not really novel, Sun had VIS-powered implementation for a while.
+# Unlike Sun's implementation this one can process multiple unaligned
+# input blocks, and as such works as drop-in replacement for OpenSSL
+# sha1_block_data_order. Performance improvement was measured to be
+# 40% over pure IALU sha1-sparcv9.pl on UltraSPARC-IIi, but 12% on
+# UltraSPARC-III. See below for discussion...
+#
+# The module does not present direct interest for OpenSSL, because
+# it doesn't provide better performance on contemporary SPARCv9 CPUs,
+# UltraSPARC-Tx and SPARC64-V[II] to be specific. Those who feel they
+# absolutely must score on UltraSPARC-I-IV can simply replace
+# crypto/sha/asm/sha1-sparcv9.pl with this module.
+#
+# (*) "Pipe-lined" means that even if it takes several cycles to
+# complete, next instruction using same functional unit [but not
+# depending on the result of the current instruction] can start
+# execution without having to wait for the unit. "Pairable"
+# means that two [or more] independent instructions can be
+# issued at the very same time.
+
+$bits=32;
+for (@ARGV) { $bits=64 if (/\-m64/ || /\-xarch\=v9/); }
+if ($bits==64) { $bias=2047; $frame=192; }
+else { $bias=0; $frame=112; }
+
+$output=shift;
+open STDOUT,">$output";
+
+$ctx="%i0";
+$inp="%i1";
+$len="%i2";
+$tmp0="%i3";
+$tmp1="%i4";
+$tmp2="%i5";
+$tmp3="%g5";
+
+$base="%g1";
+$align="%g4";
+$Xfer="%o5";
+$nXfer=$tmp3;
+$Xi="%o7";
+
+$A="%l0";
+$B="%l1";
+$C="%l2";
+$D="%l3";
+$E="%l4";
+ at V=($A,$B,$C,$D,$E);
+
+$Actx="%o0";
+$Bctx="%o1";
+$Cctx="%o2";
+$Dctx="%o3";
+$Ectx="%o4";
+
+$fmul="%f32";
+$VK_00_19="%f34";
+$VK_20_39="%f36";
+$VK_40_59="%f38";
+$VK_60_79="%f40";
+ at VK=($VK_00_19,$VK_20_39,$VK_40_59,$VK_60_79);
+ at X=("%f0", "%f1", "%f2", "%f3", "%f4", "%f5", "%f6", "%f7",
+ "%f8", "%f9","%f10","%f11","%f12","%f13","%f14","%f15","%f16");
+
+# This is reference 2x-parallelized VIS-powered Xupdate procedure. It
+# covers even K_NN_MM addition...
+sub Xupdate {
+my ($i)=@_;
+my $K=@VK[($i+16)/20];
+my $j=($i+16)%16;
+
+# [ provided that GSR.alignaddr_offset is 5, $mul contains
+# 0x100ULL<<32|0x100 value and K_NN_MM are pre-loaded to
+# chosen registers... ]
+$code.=<<___;
+ fxors @X[($j+13)%16], at X[$j], at X[$j] !-1/-1/-1:X[0]^=X[13]
+ fxors @X[($j+14)%16], at X[$j+1], at X[$j+1]! 0/ 0/ 0:X[1]^=X[14]
+ fxor @X[($j+2)%16], at X[($j+8)%16],%f18! 1/ 1/ 1:Tmp=X[2,3]^X[8,9]
+ fxor %f18, at X[$j], at X[$j] ! 2/ 4/ 3:X[0,1]^=X[2,3]^X[8,9]
+ faligndata @X[$j], at X[$j],%f18 ! 3/ 7/ 5:Tmp=X[0,1]>>>24
+ fpadd32 @X[$j], at X[$j], at X[$j] ! 4/ 8/ 6:X[0,1]<<=1
+ fmul8ulx16 %f18,$fmul,%f18 ! 5/10/ 7:Tmp>>=7, Tmp&=1
+ ![fxors %f15,%f2,%f2]
+ for %f18, at X[$j], at X[$j] ! 8/14/10:X[0,1]|=Tmp
+ ![fxors %f0,%f3,%f3] !10/17/12:X[0] dependency
+ fpadd32 $K, at X[$j],%f20
+ std %f20,[$Xfer+`4*$j`]
+___
+# The numbers delimited with slash are the earliest possible dispatch
+# cycles for given instruction assuming 1 cycle latency for simple VIS
+# instructions, such as on UltraSPARC-I&II, 3 cycles latency, such as
+# on UltraSPARC-III&IV, and 2 cycles latency(*), respectively. Being
+# 2x-parallelized the procedure is "worth" 5, 8.5 or 6 ticks per SHA1
+# round. As [long as] FPU/VIS instructions are perfectly pairable with
+# IALU ones, the round timing is defined by the maximum between VIS
+# and IALU timings. The latter varies from round to round and averages
+# out at 6.25 ticks. This means that USI&II should operate at IALU
+# rate, while USIII&IV - at VIS rate. This explains why performance
+# improvement varies among processors. Well, given that pure IALU
+# sha1-sparcv9.pl module exhibits virtually uniform performance of
+# ~9.3 cycles per SHA1 round. Timings mentioned above are theoretical
+# lower limits. Real-life performance was measured to be 6.6 cycles
+# per SHA1 round on USIIi and 8.3 on USIII. The latter is lower than
+# half-round VIS timing, because there are 16 Xupdate-free rounds,
+# which "push down" average theoretical timing to 8 cycles...
+
+# (*) SPARC64-V[II] was originally believed to have 2 cycles VIS
+# latency. Well, it might have, but it doesn't have dedicated
+# VIS-unit. Instead, VIS instructions are executed by other
+# functional units, ones used here - by IALU. This doesn't
+# improve effective ILP...
+}
+
+# The reference Xupdate procedure is then "strained" over *pairs* of
+# BODY_NN_MM and kind of modulo-scheduled in respect to X[n]^=X[n+13]
+# and K_NN_MM addition. It's "running" 15 rounds ahead, which leaves
+# plenty of room to amortize for read-after-write hazard, as well as
+# to fetch and align input for the next spin. The VIS instructions are
+# scheduled for latency of 2 cycles, because there are not enough IALU
+# instructions to schedule for latency of 3, while scheduling for 1
+# would give no gain on USI&II anyway.
+
+sub BODY_00_19 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i&~1;
+my $k=($j+16+2)%16; # ahead reference
+my $l=($j+16-2)%16; # behind reference
+my $K=@VK[($j+16-2)/20];
+
+$j=($j+16)%16;
+
+$code.=<<___ if (!($i&1));
+ sll $a,5,$tmp0 !! $i
+ and $c,$b,$tmp3
+ ld [$Xfer+`4*($i%16)`],$Xi
+ fxors @X[($j+14)%16], at X[$j+1], at X[$j+1]! 0/ 0/ 0:X[1]^=X[14]
+ srl $a,27,$tmp1
+ add $tmp0,$e,$e
+ fxor @X[($j+2)%16], at X[($j+8)%16],%f18! 1/ 1/ 1:Tmp=X[2,3]^X[8,9]
+ sll $b,30,$tmp2
+ add $tmp1,$e,$e
+ andn $d,$b,$tmp1
+ add $Xi,$e,$e
+ fxor %f18, at X[$j], at X[$j] ! 2/ 4/ 3:X[0,1]^=X[2,3]^X[8,9]
+ srl $b,2,$b
+ or $tmp1,$tmp3,$tmp1
+ or $tmp2,$b,$b
+ add $tmp1,$e,$e
+ faligndata @X[$j], at X[$j],%f18 ! 3/ 7/ 5:Tmp=X[0,1]>>>24
+___
+$code.=<<___ if ($i&1);
+ sll $a,5,$tmp0 !! $i
+ and $c,$b,$tmp3
+ ld [$Xfer+`4*($i%16)`],$Xi
+ fpadd32 @X[$j], at X[$j], at X[$j] ! 4/ 8/ 6:X[0,1]<<=1
+ srl $a,27,$tmp1
+ add $tmp0,$e,$e
+ fmul8ulx16 %f18,$fmul,%f18 ! 5/10/ 7:Tmp>>=7, Tmp&=1
+ sll $b,30,$tmp2
+ add $tmp1,$e,$e
+ fpadd32 $K, at X[$l],%f20 !
+ andn $d,$b,$tmp1
+ add $Xi,$e,$e
+ fxors @X[($k+13)%16], at X[$k], at X[$k] !-1/-1/-1:X[0]^=X[13]
+ srl $b,2,$b
+ or $tmp1,$tmp3,$tmp1
+ fxor %f18, at X[$j], at X[$j] ! 8/14/10:X[0,1]|=Tmp
+ or $tmp2,$b,$b
+ add $tmp1,$e,$e
+___
+$code.=<<___ if ($i&1 && $i>=2);
+ std %f20,[$Xfer+`4*$l`] !
+___
+}
+
+sub BODY_20_39 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i&~1;
+my $k=($j+16+2)%16; # ahead reference
+my $l=($j+16-2)%16; # behind reference
+my $K=@VK[($j+16-2)/20];
+
+$j=($j+16)%16;
+
+$code.=<<___ if (!($i&1) && $i<64);
+ sll $a,5,$tmp0 !! $i
+ ld [$Xfer+`4*($i%16)`],$Xi
+ fxors @X[($j+14)%16], at X[$j+1], at X[$j+1]! 0/ 0/ 0:X[1]^=X[14]
+ srl $a,27,$tmp1
+ add $tmp0,$e,$e
+ fxor @X[($j+2)%16], at X[($j+8)%16],%f18! 1/ 1/ 1:Tmp=X[2,3]^X[8,9]
+ xor $c,$b,$tmp0
+ add $tmp1,$e,$e
+ sll $b,30,$tmp2
+ xor $d,$tmp0,$tmp1
+ fxor %f18, at X[$j], at X[$j] ! 2/ 4/ 3:X[0,1]^=X[2,3]^X[8,9]
+ srl $b,2,$b
+ add $tmp1,$e,$e
+ or $tmp2,$b,$b
+ add $Xi,$e,$e
+ faligndata @X[$j], at X[$j],%f18 ! 3/ 7/ 5:Tmp=X[0,1]>>>24
+___
+$code.=<<___ if ($i&1 && $i<64);
+ sll $a,5,$tmp0 !! $i
+ ld [$Xfer+`4*($i%16)`],$Xi
+ fpadd32 @X[$j], at X[$j], at X[$j] ! 4/ 8/ 6:X[0,1]<<=1
+ srl $a,27,$tmp1
+ add $tmp0,$e,$e
+ fmul8ulx16 %f18,$fmul,%f18 ! 5/10/ 7:Tmp>>=7, Tmp&=1
+ xor $c,$b,$tmp0
+ add $tmp1,$e,$e
+ fpadd32 $K, at X[$l],%f20 !
+ sll $b,30,$tmp2
+ xor $d,$tmp0,$tmp1
+ fxors @X[($k+13)%16], at X[$k], at X[$k] !-1/-1/-1:X[0]^=X[13]
+ srl $b,2,$b
+ add $tmp1,$e,$e
+ fxor %f18, at X[$j], at X[$j] ! 8/14/10:X[0,1]|=Tmp
+ or $tmp2,$b,$b
+ add $Xi,$e,$e
+ std %f20,[$Xfer+`4*$l`] !
+___
+$code.=<<___ if ($i==64);
+ sll $a,5,$tmp0 !! $i
+ ld [$Xfer+`4*($i%16)`],$Xi
+ fpadd32 $K, at X[$l],%f20
+ srl $a,27,$tmp1
+ add $tmp0,$e,$e
+ xor $c,$b,$tmp0
+ add $tmp1,$e,$e
+ sll $b,30,$tmp2
+ xor $d,$tmp0,$tmp1
+ std %f20,[$Xfer+`4*$l`]
+ srl $b,2,$b
+ add $tmp1,$e,$e
+ or $tmp2,$b,$b
+ add $Xi,$e,$e
+___
+$code.=<<___ if ($i>64);
+ sll $a,5,$tmp0 !! $i
+ ld [$Xfer+`4*($i%16)`],$Xi
+ srl $a,27,$tmp1
+ add $tmp0,$e,$e
+ xor $c,$b,$tmp0
+ add $tmp1,$e,$e
+ sll $b,30,$tmp2
+ xor $d,$tmp0,$tmp1
+ srl $b,2,$b
+ add $tmp1,$e,$e
+ or $tmp2,$b,$b
+ add $Xi,$e,$e
+___
+}
+
+sub BODY_40_59 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i&~1;
+my $k=($j+16+2)%16; # ahead reference
+my $l=($j+16-2)%16; # behind reference
+my $K=@VK[($j+16-2)/20];
+
+$j=($j+16)%16;
+
+$code.=<<___ if (!($i&1));
+ sll $a,5,$tmp0 !! $i
+ ld [$Xfer+`4*($i%16)`],$Xi
+ fxors @X[($j+14)%16], at X[$j+1], at X[$j+1]! 0/ 0/ 0:X[1]^=X[14]
+ srl $a,27,$tmp1
+ add $tmp0,$e,$e
+ fxor @X[($j+2)%16], at X[($j+8)%16],%f18! 1/ 1/ 1:Tmp=X[2,3]^X[8,9]
+ and $c,$b,$tmp0
+ add $tmp1,$e,$e
+ sll $b,30,$tmp2
+ or $c,$b,$tmp1
+ fxor %f18, at X[$j], at X[$j] ! 2/ 4/ 3:X[0,1]^=X[2,3]^X[8,9]
+ srl $b,2,$b
+ and $d,$tmp1,$tmp1
+ add $Xi,$e,$e
+ or $tmp1,$tmp0,$tmp1
+ faligndata @X[$j], at X[$j],%f18 ! 3/ 7/ 5:Tmp=X[0,1]>>>24
+ or $tmp2,$b,$b
+ add $tmp1,$e,$e
+ fpadd32 @X[$j], at X[$j], at X[$j] ! 4/ 8/ 6:X[0,1]<<=1
+___
+$code.=<<___ if ($i&1);
+ sll $a,5,$tmp0 !! $i
+ ld [$Xfer+`4*($i%16)`],$Xi
+ srl $a,27,$tmp1
+ add $tmp0,$e,$e
+ fmul8ulx16 %f18,$fmul,%f18 ! 5/10/ 7:Tmp>>=7, Tmp&=1
+ and $c,$b,$tmp0
+ add $tmp1,$e,$e
+ fpadd32 $K, at X[$l],%f20 !
+ sll $b,30,$tmp2
+ or $c,$b,$tmp1
+ fxors @X[($k+13)%16], at X[$k], at X[$k] !-1/-1/-1:X[0]^=X[13]
+ srl $b,2,$b
+ and $d,$tmp1,$tmp1
+ fxor %f18, at X[$j], at X[$j] ! 8/14/10:X[0,1]|=Tmp
+ add $Xi,$e,$e
+ or $tmp1,$tmp0,$tmp1
+ or $tmp2,$b,$b
+ add $tmp1,$e,$e
+ std %f20,[$Xfer+`4*$l`] !
+___
+}
+
+# If there is more data to process, then we pre-fetch the data for
+# next iteration in last ten rounds...
+sub BODY_70_79 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i&~1;
+my $m=($i%8)*2;
+
+$j=($j+16)%16;
+
+$code.=<<___ if ($i==70);
+ sll $a,5,$tmp0 !! $i
+ ld [$Xfer+`4*($i%16)`],$Xi
+ srl $a,27,$tmp1
+ add $tmp0,$e,$e
+ ldd [$inp+64], at X[0]
+ xor $c,$b,$tmp0
+ add $tmp1,$e,$e
+ sll $b,30,$tmp2
+ xor $d,$tmp0,$tmp1
+ srl $b,2,$b
+ add $tmp1,$e,$e
+ or $tmp2,$b,$b
+ add $Xi,$e,$e
+
+ and $inp,-64,$nXfer
+ inc 64,$inp
+ and $nXfer,255,$nXfer
+ alignaddr %g0,$align,%g0
+ add $base,$nXfer,$nXfer
+___
+$code.=<<___ if ($i==71);
+ sll $a,5,$tmp0 !! $i
+ ld [$Xfer+`4*($i%16)`],$Xi
+ srl $a,27,$tmp1
+ add $tmp0,$e,$e
+ xor $c,$b,$tmp0
+ add $tmp1,$e,$e
+ sll $b,30,$tmp2
+ xor $d,$tmp0,$tmp1
+ srl $b,2,$b
+ add $tmp1,$e,$e
+ or $tmp2,$b,$b
+ add $Xi,$e,$e
+___
+$code.=<<___ if ($i>=72);
+ faligndata @X[$m], at X[$m+2], at X[$m]
+ sll $a,5,$tmp0 !! $i
+ ld [$Xfer+`4*($i%16)`],$Xi
+ srl $a,27,$tmp1
+ add $tmp0,$e,$e
+ xor $c,$b,$tmp0
+ add $tmp1,$e,$e
+ fpadd32 $VK_00_19, at X[$m],%f20
+ sll $b,30,$tmp2
+ xor $d,$tmp0,$tmp1
+ srl $b,2,$b
+ add $tmp1,$e,$e
+ or $tmp2,$b,$b
+ add $Xi,$e,$e
+___
+$code.=<<___ if ($i<77);
+ ldd [$inp+`8*($i+1-70)`], at X[2*($i+1-70)]
+___
+$code.=<<___ if ($i==77); # redundant if $inp was aligned
+ add $align,63,$tmp0
+ and $tmp0,-8,$tmp0
+ ldd [$inp+$tmp0], at X[16]
+___
+$code.=<<___ if ($i>=72);
+ std %f20,[$nXfer+`4*$m`]
+___
+}
+
+$code.=<<___;
+.section ".text",#alloc,#execinstr
+
+.align 64
+vis_const:
+.long 0x5a827999,0x5a827999 ! K_00_19
+.long 0x6ed9eba1,0x6ed9eba1 ! K_20_39
+.long 0x8f1bbcdc,0x8f1bbcdc ! K_40_59
+.long 0xca62c1d6,0xca62c1d6 ! K_60_79
+.long 0x00000100,0x00000100
+.align 64
+.type vis_const,#object
+.size vis_const,(.-vis_const)
+
+.globl sha1_block_data_order
+sha1_block_data_order:
+ save %sp,-$frame,%sp
+ add %fp,$bias-256,$base
+
+1: call .+8
+ add %o7,vis_const-1b,$tmp0
+
+ ldd [$tmp0+0],$VK_00_19
+ ldd [$tmp0+8],$VK_20_39
+ ldd [$tmp0+16],$VK_40_59
+ ldd [$tmp0+24],$VK_60_79
+ ldd [$tmp0+32],$fmul
+
+ ld [$ctx+0],$Actx
+ and $base,-256,$base
+ ld [$ctx+4],$Bctx
+ sub $base,$bias+$frame,%sp
+ ld [$ctx+8],$Cctx
+ and $inp,7,$align
+ ld [$ctx+12],$Dctx
+ and $inp,-8,$inp
+ ld [$ctx+16],$Ectx
+
+ ! X[16] is maintained in FP register bank
+ alignaddr %g0,$align,%g0
+ ldd [$inp+0], at X[0]
+ sub $inp,-64,$Xfer
+ ldd [$inp+8], at X[2]
+ and $Xfer,-64,$Xfer
+ ldd [$inp+16], at X[4]
+ and $Xfer,255,$Xfer
+ ldd [$inp+24], at X[6]
+ add $base,$Xfer,$Xfer
+ ldd [$inp+32], at X[8]
+ ldd [$inp+40], at X[10]
+ ldd [$inp+48], at X[12]
+ brz,pt $align,.Laligned
+ ldd [$inp+56], at X[14]
+
+ ldd [$inp+64], at X[16]
+ faligndata @X[0], at X[2], at X[0]
+ faligndata @X[2], at X[4], at X[2]
+ faligndata @X[4], at X[6], at X[4]
+ faligndata @X[6], at X[8], at X[6]
+ faligndata @X[8], at X[10], at X[8]
+ faligndata @X[10], at X[12], at X[10]
+ faligndata @X[12], at X[14], at X[12]
+ faligndata @X[14], at X[16], at X[14]
+
+.Laligned:
+ mov 5,$tmp0
+ dec 1,$len
+ alignaddr %g0,$tmp0,%g0
+ fpadd32 $VK_00_19, at X[0],%f16
+ fpadd32 $VK_00_19, at X[2],%f18
+ fpadd32 $VK_00_19, at X[4],%f20
+ fpadd32 $VK_00_19, at X[6],%f22
+ fpadd32 $VK_00_19, at X[8],%f24
+ fpadd32 $VK_00_19, at X[10],%f26
+ fpadd32 $VK_00_19, at X[12],%f28
+ fpadd32 $VK_00_19, at X[14],%f30
+ std %f16,[$Xfer+0]
+ mov $Actx,$A
+ std %f18,[$Xfer+8]
+ mov $Bctx,$B
+ std %f20,[$Xfer+16]
+ mov $Cctx,$C
+ std %f22,[$Xfer+24]
+ mov $Dctx,$D
+ std %f24,[$Xfer+32]
+ mov $Ectx,$E
+ std %f26,[$Xfer+40]
+ fxors @X[13], at X[0], at X[0]
+ std %f28,[$Xfer+48]
+ ba .Loop
+ std %f30,[$Xfer+56]
+.align 32
+.Loop:
+___
+for ($i=0;$i<20;$i++) { &BODY_00_19($i, at V); unshift(@V,pop(@V)); }
+for (;$i<40;$i++) { &BODY_20_39($i, at V); unshift(@V,pop(@V)); }
+for (;$i<60;$i++) { &BODY_40_59($i, at V); unshift(@V,pop(@V)); }
+for (;$i<70;$i++) { &BODY_20_39($i, at V); unshift(@V,pop(@V)); }
+$code.=<<___;
+ tst $len
+ bz,pn `$bits==32?"%icc":"%xcc"`,.Ltail
+ nop
+___
+for (;$i<80;$i++) { &BODY_70_79($i, at V); unshift(@V,pop(@V)); }
+$code.=<<___;
+ add $A,$Actx,$Actx
+ add $B,$Bctx,$Bctx
+ add $C,$Cctx,$Cctx
+ add $D,$Dctx,$Dctx
+ add $E,$Ectx,$Ectx
+ mov 5,$tmp0
+ fxors @X[13], at X[0], at X[0]
+ mov $Actx,$A
+ mov $Bctx,$B
+ mov $Cctx,$C
+ mov $Dctx,$D
+ mov $Ectx,$E
+ alignaddr %g0,$tmp0,%g0
+ dec 1,$len
+ ba .Loop
+ mov $nXfer,$Xfer
+
+.align 32
+.Ltail:
+___
+for($i=70;$i<80;$i++) { &BODY_20_39($i, at V); unshift(@V,pop(@V)); }
+$code.=<<___;
+ add $A,$Actx,$Actx
+ add $B,$Bctx,$Bctx
+ add $C,$Cctx,$Cctx
+ add $D,$Dctx,$Dctx
+ add $E,$Ectx,$Ectx
+
+ st $Actx,[$ctx+0]
+ st $Bctx,[$ctx+4]
+ st $Cctx,[$ctx+8]
+ st $Dctx,[$ctx+12]
+ st $Ectx,[$ctx+16]
+
+ ret
+ restore
+.type sha1_block_data_order,#function
+.size sha1_block_data_order,(.-sha1_block_data_order)
+.asciz "SHA1 block transform for SPARCv9a, CRYPTOGAMS by <appro\@openssl.org>"
+.align 4
+___
+
+# Purpose of these subroutines is to explicitly encode VIS instructions,
+# so that one can compile the module without having to specify VIS
+# extentions on compiler command line, e.g. -xarch=v9 vs. -xarch=v9a.
+# Idea is to reserve for option to produce "universal" binary and let
+# programmer detect if current CPU is VIS capable at run-time.
+sub unvis {
+my ($mnemonic,$rs1,$rs2,$rd)=@_;
+my ($ref,$opf);
+my %visopf = ( "fmul8ulx16" => 0x037,
+ "faligndata" => 0x048,
+ "fpadd32" => 0x052,
+ "fxor" => 0x06c,
+ "fxors" => 0x06d );
+
+ $ref = "$mnemonic\t$rs1,$rs2,$rd";
+
+ if ($opf=$visopf{$mnemonic}) {
+ foreach ($rs1,$rs2,$rd) {
+ return $ref if (!/%f([0-9]{1,2})/);
+ $_=$1;
+ if ($1>=32) {
+ return $ref if ($1&1);
+ # re-encode for upper double register addressing
+ $_=($1|$1>>5)&31;
+ }
+ }
+
+ return sprintf ".word\t0x%08x !%s",
+ 0x81b00000|$rd<<25|$rs1<<14|$opf<<5|$rs2,
+ $ref;
+ } else {
+ return $ref;
+ }
+}
+sub unalignaddr {
+my ($mnemonic,$rs1,$rs2,$rd)=@_;
+my %bias = ( "g" => 0, "o" => 8, "l" => 16, "i" => 24 );
+my $ref="$mnemonic\t$rs1,$rs2,$rd";
+
+ foreach ($rs1,$rs2,$rd) {
+ if (/%([goli])([0-7])/) { $_=$bias{$1}+$2; }
+ else { return $ref; }
+ }
+ return sprintf ".word\t0x%08x !%s",
+ 0x81b00300|$rd<<25|$rs1<<14|$rs2,
+ $ref;
+}
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+$code =~ s/\b(f[^\s]*)\s+(%f[0-9]{1,2}),(%f[0-9]{1,2}),(%f[0-9]{1,2})/
+ &unvis($1,$2,$3,$4)
+ /gem;
+$code =~ s/\b(alignaddr)\s+(%[goli][0-7]),(%[goli][0-7]),(%[goli][0-7])/
+ &unalignaddr($1,$2,$3,$4)
+ /gem;
+print $code;
+close STDOUT;
Copied: trunk/crypto/openssl/crypto/sha/asm/sha1-thumb.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/sha/asm/sha1-thumb.pl)
===================================================================
--- trunk/crypto/openssl/crypto/sha/asm/sha1-thumb.pl (rev 0)
+++ trunk/crypto/openssl/crypto/sha/asm/sha1-thumb.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,259 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# sha1_block for Thumb.
+#
+# January 2007.
+#
+# The code does not present direct interest to OpenSSL, because of low
+# performance. Its purpose is to establish _size_ benchmark. Pretty
+# useless one I must say, because 30% or 88 bytes larger ARMv4 code
+# [avialable on demand] is almost _twice_ as fast. It should also be
+# noted that in-lining of .Lcommon and .Lrotate improves performance
+# by over 40%, while code increases by only 10% or 32 bytes. But once
+# again, the goal was to establish _size_ benchmark, not performance.
+
+$output=shift;
+open STDOUT,">$output";
+
+$inline=0;
+#$cheat_on_binutils=1;
+
+$t0="r0";
+$t1="r1";
+$t2="r2";
+$a="r3";
+$b="r4";
+$c="r5";
+$d="r6";
+$e="r7";
+$K="r8"; # "upper" registers can be used in add/sub and mov insns
+$ctx="r9";
+$inp="r10";
+$len="r11";
+$Xi="r12";
+
+sub common {
+<<___;
+ sub $t0,#4
+ ldr $t1,[$t0]
+ add $e,$K @ E+=K_xx_xx
+ lsl $t2,$a,#5
+ add $t2,$e
+ lsr $e,$a,#27
+ add $t2,$e @ E+=ROR(A,27)
+ add $t2,$t1 @ E+=X[i]
+___
+}
+sub rotate {
+<<___;
+ mov $e,$d @ E=D
+ mov $d,$c @ D=C
+ lsl $c,$b,#30
+ lsr $b,$b,#2
+ orr $c,$b @ C=ROR(B,2)
+ mov $b,$a @ B=A
+ add $a,$t2,$t1 @ A=E+F_xx_xx(B,C,D)
+___
+}
+
+sub BODY_00_19 {
+$code.=$inline?&common():"\tbl .Lcommon\n";
+$code.=<<___;
+ mov $t1,$c
+ eor $t1,$d
+ and $t1,$b
+ eor $t1,$d @ F_00_19(B,C,D)
+___
+$code.=$inline?&rotate():"\tbl .Lrotate\n";
+}
+
+sub BODY_20_39 {
+$code.=$inline?&common():"\tbl .Lcommon\n";
+$code.=<<___;
+ mov $t1,$b
+ eor $t1,$c
+ eor $t1,$d @ F_20_39(B,C,D)
+___
+$code.=$inline?&rotate():"\tbl .Lrotate\n";
+}
+
+sub BODY_40_59 {
+$code.=$inline?&common():"\tbl .Lcommon\n";
+$code.=<<___;
+ mov $t1,$b
+ and $t1,$c
+ mov $e,$b
+ orr $e,$c
+ and $e,$d
+ orr $t1,$e @ F_40_59(B,C,D)
+___
+$code.=$inline?&rotate():"\tbl .Lrotate\n";
+}
+
+$code=<<___;
+.text
+.code 16
+
+.global sha1_block_data_order
+.type sha1_block_data_order,%function
+
+.align 2
+sha1_block_data_order:
+___
+if ($cheat_on_binutils) {
+$code.=<<___;
+.code 32
+ add r3,pc,#1
+ bx r3 @ switch to Thumb ISA
+.code 16
+___
+}
+$code.=<<___;
+ push {r4-r7}
+ mov r3,r8
+ mov r4,r9
+ mov r5,r10
+ mov r6,r11
+ mov r7,r12
+ push {r3-r7,lr}
+ lsl r2,#6
+ mov $ctx,r0 @ save context
+ mov $inp,r1 @ save inp
+ mov $len,r2 @ save len
+ add $len,$inp @ $len to point at inp end
+
+.Lloop:
+ mov $Xi,sp
+ mov $t2,sp
+ sub $t2,#16*4 @ [3]
+.LXload:
+ ldrb $a,[$t1,#0] @ $t1 is r1 and holds inp
+ ldrb $b,[$t1,#1]
+ ldrb $c,[$t1,#2]
+ ldrb $d,[$t1,#3]
+ lsl $a,#24
+ lsl $b,#16
+ lsl $c,#8
+ orr $a,$b
+ orr $a,$c
+ orr $a,$d
+ add $t1,#4
+ push {$a}
+ cmp sp,$t2
+ bne .LXload @ [+14*16]
+
+ mov $inp,$t1 @ update $inp
+ sub $t2,#32*4
+ sub $t2,#32*4
+ mov $e,#31 @ [+4]
+.LXupdate:
+ ldr $a,[sp,#15*4]
+ ldr $b,[sp,#13*4]
+ ldr $c,[sp,#7*4]
+ ldr $d,[sp,#2*4]
+ eor $a,$b
+ eor $a,$c
+ eor $a,$d
+ ror $a,$e
+ push {$a}
+ cmp sp,$t2
+ bne .LXupdate @ [+(11+1)*64]
+
+ ldmia $t0!,{$a,$b,$c,$d,$e} @ $t0 is r0 and holds ctx
+ mov $t0,$Xi
+
+ ldr $t2,.LK_00_19
+ mov $t1,$t0
+ sub $t1,#20*4
+ mov $Xi,$t1
+ mov $K,$t2 @ [+7+4]
+.L_00_19:
+___
+ &BODY_00_19();
+$code.=<<___;
+ cmp $Xi,$t0
+ bne .L_00_19 @ [+(2+9+4+2+8+2)*20]
+
+ ldr $t2,.LK_20_39
+ mov $t1,$t0
+ sub $t1,#20*4
+ mov $Xi,$t1
+ mov $K,$t2 @ [+5]
+.L_20_39_or_60_79:
+___
+ &BODY_20_39();
+$code.=<<___;
+ cmp $Xi,$t0
+ bne .L_20_39_or_60_79 @ [+(2+9+3+2+8+2)*20*2]
+ cmp sp,$t0
+ beq .Ldone @ [+2]
+
+ ldr $t2,.LK_40_59
+ mov $t1,$t0
+ sub $t1,#20*4
+ mov $Xi,$t1
+ mov $K,$t2 @ [+5]
+.L_40_59:
+___
+ &BODY_40_59();
+$code.=<<___;
+ cmp $Xi,$t0
+ bne .L_40_59 @ [+(2+9+6+2+8+2)*20]
+
+ ldr $t2,.LK_60_79
+ mov $Xi,sp
+ mov $K,$t2
+ b .L_20_39_or_60_79 @ [+4]
+.Ldone:
+ mov $t0,$ctx
+ ldr $t1,[$t0,#0]
+ ldr $t2,[$t0,#4]
+ add $a,$t1
+ ldr $t1,[$t0,#8]
+ add $b,$t2
+ ldr $t2,[$t0,#12]
+ add $c,$t1
+ ldr $t1,[$t0,#16]
+ add $d,$t2
+ add $e,$t1
+ stmia $t0!,{$a,$b,$c,$d,$e} @ [+20]
+
+ add sp,#80*4 @ deallocate stack frame
+ mov $t0,$ctx @ restore ctx
+ mov $t1,$inp @ restore inp
+ cmp $t1,$len
+ beq .Lexit
+ b .Lloop @ [+6] total 3212 cycles
+.Lexit:
+ pop {r2-r7}
+ mov r8,r2
+ mov r9,r3
+ mov r10,r4
+ mov r11,r5
+ mov r12,r6
+ mov lr,r7
+ pop {r4-r7}
+ bx lr
+.align 2
+___
+$code.=".Lcommon:\n".&common()."\tmov pc,lr\n" if (!$inline);
+$code.=".Lrotate:\n".&rotate()."\tmov pc,lr\n" if (!$inline);
+$code.=<<___;
+.align 2
+.LK_00_19: .word 0x5a827999
+.LK_20_39: .word 0x6ed9eba1
+.LK_40_59: .word 0x8f1bbcdc
+.LK_60_79: .word 0xca62c1d6
+.size sha1_block_data_order,.-sha1_block_data_order
+.asciz "SHA1 block transform for Thumb, CRYPTOGAMS by <appro\@openssl.org>"
+___
+
+print $code;
+close STDOUT; # enforce flush
Modified: trunk/crypto/openssl/crypto/sha/asm/sha1-x86_64.pl
===================================================================
--- trunk/crypto/openssl/crypto/sha/asm/sha1-x86_64.pl 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/sha/asm/sha1-x86_64.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -16,7 +16,7 @@
# There was suggestion to mechanically translate 32-bit code, but I
# dismissed it, reasoning that x86_64 offers enough register bank
# capacity to fully utilize SHA-1 parallelism. Therefore this fresh
-# implementation:-) However! While 64-bit code does performs better
+# implementation:-) However! While 64-bit code does perform better
# on Opteron, I failed to beat 32-bit assembler on EM64T core. Well,
# x86_64 does offer larger *addressable* bank, but out-of-order core
# reaches for even more registers through dynamic aliasing, and EM64T
@@ -29,15 +29,62 @@
# Xeon P4 +65% +0% 9.9
# Core2 +60% +10% 7.0
-$output=shift;
+# August 2009.
+#
+# The code was revised to minimize code size and to maximize
+# "distance" between instructions producing input to 'lea'
+# instruction and the 'lea' instruction itself, which is essential
+# for Intel Atom core.
+# October 2010.
+#
+# Add SSSE3, Supplemental[!] SSE3, implementation. The idea behind it
+# is to offload message schedule denoted by Wt in NIST specification,
+# or Xupdate in OpenSSL source, to SIMD unit. See sha1-586.pl module
+# for background and implementation details. The only difference from
+# 32-bit code is that 64-bit code doesn't have to spill @X[] elements
+# to free temporary registers.
+
+# April 2011.
+#
+# Add AVX code path. See sha1-586.pl for further information.
+
+######################################################################
+# Current performance is summarized in following table. Numbers are
+# CPU clock cycles spent to process single byte (less is better).
+#
+# x86_64 SSSE3 AVX
+# P4 9.8 -
+# Opteron 6.6 -
+# Core2 6.7 6.1/+10% -
+# Atom 11.0 9.7/+13% -
+# Westmere 7.1 5.6/+27% -
+# Sandy Bridge 7.9 6.3/+25% 5.2/+51%
+
+$flavour = shift;
+$output = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+
+$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
+
$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
die "can't locate x86_64-xlate.pl";
-open STDOUT,"| $^X $xlate $output";
+$avx=1 if (`$ENV{CC} -Wa,-v -c -o /dev/null -x assembler /dev/null 2>&1`
+ =~ /GNU assembler version ([2-9]\.[0-9]+)/ &&
+ $1>=2.19);
+$avx=1 if (!$avx && $win64 && ($flavour =~ /nasm/ || $ENV{ASM} =~ /nasm/) &&
+ `nasm -v 2>&1` =~ /NASM version ([2-9]\.[0-9]+)/ &&
+ $1>=2.09);
+$avx=1 if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
+ `ml64 2>&1` =~ /Version ([0-9]+)\./ &&
+ $1>=10);
+open OUT,"| \"$^X\" $xlate $flavour $output";
+*STDOUT=*OUT;
+
$ctx="%rdi"; # 1st arg
$inp="%rsi"; # 2nd arg
$num="%rdx"; # 3rd arg
@@ -47,194 +94,1166 @@
$inp="%r9";
$num="%r10";
-$xi="%eax";
-$t0="%ebx";
-$t1="%ecx";
-$A="%edx";
-$B="%esi";
-$C="%edi";
-$D="%ebp";
-$E="%r11d";
-$T="%r12d";
+$t0="%eax";
+$t1="%ebx";
+$t2="%ecx";
+ at xi=("%edx","%ebp");
+$A="%esi";
+$B="%edi";
+$C="%r11d";
+$D="%r12d";
+$E="%r13d";
- at V=($A,$B,$C,$D,$E,$T);
+ at V=($A,$B,$C,$D,$E);
-sub PROLOGUE {
-my $func=shift;
-$code.=<<___;
-.globl $func
-.type $func,\@function,3
-.align 16
-$func:
- push %rbx
- push %rbp
- push %r12
- mov %rsp,%rax
- mov %rdi,$ctx # reassigned argument
- sub \$`8+16*4`,%rsp
- mov %rsi,$inp # reassigned argument
- and \$-64,%rsp
- mov %rdx,$num # reassigned argument
- mov %rax,`16*4`(%rsp)
-
- mov 0($ctx),$A
- mov 4($ctx),$B
- mov 8($ctx),$C
- mov 12($ctx),$D
- mov 16($ctx),$E
-___
-}
-
-sub EPILOGUE {
-my $func=shift;
-$code.=<<___;
- mov `16*4`(%rsp),%rsp
- pop %r12
- pop %rbp
- pop %rbx
- ret
-.size $func,.-$func
-___
-}
-
sub BODY_00_19 {
-my ($i,$a,$b,$c,$d,$e,$f,$host)=@_;
+my ($i,$a,$b,$c,$d,$e)=@_;
my $j=$i+1;
$code.=<<___ if ($i==0);
- mov `4*$i`($inp),$xi
- `"bswap $xi" if(!defined($host))`
- mov $xi,`4*$i`(%rsp)
+ mov `4*$i`($inp),$xi[0]
+ bswap $xi[0]
+ mov $xi[0],`4*$i`(%rsp)
___
$code.=<<___ if ($i<15);
- lea 0x5a827999($xi,$e),$f
mov $c,$t0
- mov `4*$j`($inp),$xi
- mov $a,$e
+ mov `4*$j`($inp),$xi[1]
+ mov $a,$t2
xor $d,$t0
- `"bswap $xi" if(!defined($host))`
- rol \$5,$e
+ bswap $xi[1]
+ rol \$5,$t2
+ lea 0x5a827999($xi[0],$e),$e
and $b,$t0
- mov $xi,`4*$j`(%rsp)
- add $e,$f
+ mov $xi[1],`4*$j`(%rsp)
+ add $t2,$e
xor $d,$t0
rol \$30,$b
- add $t0,$f
+ add $t0,$e
___
$code.=<<___ if ($i>=15);
- lea 0x5a827999($xi,$e),$f
- mov `4*($j%16)`(%rsp),$xi
+ mov `4*($j%16)`(%rsp),$xi[1]
mov $c,$t0
- mov $a,$e
- xor `4*(($j+2)%16)`(%rsp),$xi
+ mov $a,$t2
+ xor `4*(($j+2)%16)`(%rsp),$xi[1]
xor $d,$t0
- rol \$5,$e
- xor `4*(($j+8)%16)`(%rsp),$xi
+ rol \$5,$t2
+ xor `4*(($j+8)%16)`(%rsp),$xi[1]
and $b,$t0
- add $e,$f
- xor `4*(($j+13)%16)`(%rsp),$xi
+ lea 0x5a827999($xi[0],$e),$e
+ xor `4*(($j+13)%16)`(%rsp),$xi[1]
xor $d,$t0
+ rol \$1,$xi[1]
+ add $t2,$e
rol \$30,$b
- add $t0,$f
- rol \$1,$xi
- mov $xi,`4*($j%16)`(%rsp)
+ mov $xi[1],`4*($j%16)`(%rsp)
+ add $t0,$e
___
+unshift(@xi,pop(@xi));
}
sub BODY_20_39 {
-my ($i,$a,$b,$c,$d,$e,$f)=@_;
+my ($i,$a,$b,$c,$d,$e)=@_;
my $j=$i+1;
my $K=($i<40)?0x6ed9eba1:0xca62c1d6;
$code.=<<___ if ($i<79);
- lea $K($xi,$e),$f
- mov `4*($j%16)`(%rsp),$xi
+ mov `4*($j%16)`(%rsp),$xi[1]
mov $c,$t0
- mov $a,$e
- xor `4*(($j+2)%16)`(%rsp),$xi
+ mov $a,$t2
+ xor `4*(($j+2)%16)`(%rsp),$xi[1]
xor $b,$t0
- rol \$5,$e
- xor `4*(($j+8)%16)`(%rsp),$xi
+ rol \$5,$t2
+ lea $K($xi[0],$e),$e
+ xor `4*(($j+8)%16)`(%rsp),$xi[1]
xor $d,$t0
- add $e,$f
- xor `4*(($j+13)%16)`(%rsp),$xi
+ add $t2,$e
+ xor `4*(($j+13)%16)`(%rsp),$xi[1]
rol \$30,$b
- add $t0,$f
- rol \$1,$xi
+ add $t0,$e
+ rol \$1,$xi[1]
___
$code.=<<___ if ($i<76);
- mov $xi,`4*($j%16)`(%rsp)
+ mov $xi[1],`4*($j%16)`(%rsp)
___
$code.=<<___ if ($i==79);
- lea $K($xi,$e),$f
mov $c,$t0
- mov $a,$e
+ mov $a,$t2
xor $b,$t0
- rol \$5,$e
+ lea $K($xi[0],$e),$e
+ rol \$5,$t2
xor $d,$t0
- add $e,$f
+ add $t2,$e
rol \$30,$b
- add $t0,$f
+ add $t0,$e
___
+unshift(@xi,pop(@xi));
}
sub BODY_40_59 {
-my ($i,$a,$b,$c,$d,$e,$f)=@_;
+my ($i,$a,$b,$c,$d,$e)=@_;
my $j=$i+1;
$code.=<<___;
- lea 0x8f1bbcdc($xi,$e),$f
- mov `4*($j%16)`(%rsp),$xi
- mov $b,$t0
- mov $b,$t1
- xor `4*(($j+2)%16)`(%rsp),$xi
- mov $a,$e
- and $c,$t0
- xor `4*(($j+8)%16)`(%rsp),$xi
- or $c,$t1
- rol \$5,$e
- xor `4*(($j+13)%16)`(%rsp),$xi
- and $d,$t1
- add $e,$f
- rol \$1,$xi
- or $t1,$t0
+ mov `4*($j%16)`(%rsp),$xi[1]
+ mov $c,$t0
+ mov $c,$t1
+ xor `4*(($j+2)%16)`(%rsp),$xi[1]
+ and $d,$t0
+ mov $a,$t2
+ xor `4*(($j+8)%16)`(%rsp),$xi[1]
+ xor $d,$t1
+ lea 0x8f1bbcdc($xi[0],$e),$e
+ rol \$5,$t2
+ xor `4*(($j+13)%16)`(%rsp),$xi[1]
+ add $t0,$e
+ and $b,$t1
+ rol \$1,$xi[1]
+ add $t1,$e
rol \$30,$b
- mov $xi,`4*($j%16)`(%rsp)
- add $t0,$f
+ mov $xi[1],`4*($j%16)`(%rsp)
+ add $t2,$e
___
+unshift(@xi,pop(@xi));
}
-$code=".text\n";
+$code.=<<___;
+.text
+.extern OPENSSL_ia32cap_P
-&PROLOGUE("sha1_block_data_order");
-$code.=".align 4\n.Lloop:\n";
+.globl sha1_block_data_order
+.type sha1_block_data_order,\@function,3
+.align 16
+sha1_block_data_order:
+ mov OPENSSL_ia32cap_P+0(%rip),%r9d
+ mov OPENSSL_ia32cap_P+4(%rip),%r8d
+ test \$`1<<9`,%r8d # check SSSE3 bit
+ jz .Lialu
+___
+$code.=<<___ if ($avx);
+ and \$`1<<28`,%r8d # mask AVX bit
+ and \$`1<<30`,%r9d # mask "Intel CPU" bit
+ or %r9d,%r8d
+ cmp \$`1<<28|1<<30`,%r8d
+ je _avx_shortcut
+___
+$code.=<<___;
+ jmp _ssse3_shortcut
+
+.align 16
+.Lialu:
+ push %rbx
+ push %rbp
+ push %r12
+ push %r13
+ mov %rsp,%r11
+ mov %rdi,$ctx # reassigned argument
+ sub \$`8+16*4`,%rsp
+ mov %rsi,$inp # reassigned argument
+ and \$-64,%rsp
+ mov %rdx,$num # reassigned argument
+ mov %r11,`16*4`(%rsp)
+.Lprologue:
+
+ mov 0($ctx),$A
+ mov 4($ctx),$B
+ mov 8($ctx),$C
+ mov 12($ctx),$D
+ mov 16($ctx),$E
+ jmp .Lloop
+
+.align 16
+.Lloop:
+___
for($i=0;$i<20;$i++) { &BODY_00_19($i, at V); unshift(@V,pop(@V)); }
for(;$i<40;$i++) { &BODY_20_39($i, at V); unshift(@V,pop(@V)); }
for(;$i<60;$i++) { &BODY_40_59($i, at V); unshift(@V,pop(@V)); }
for(;$i<80;$i++) { &BODY_20_39($i, at V); unshift(@V,pop(@V)); }
$code.=<<___;
- add 0($ctx),$E
- add 4($ctx),$T
- add 8($ctx),$A
- add 12($ctx),$B
- add 16($ctx),$C
- mov $E,0($ctx)
- mov $T,4($ctx)
- mov $A,8($ctx)
- mov $B,12($ctx)
- mov $C,16($ctx)
+ add 0($ctx),$A
+ add 4($ctx),$B
+ add 8($ctx),$C
+ add 12($ctx),$D
+ add 16($ctx),$E
+ mov $A,0($ctx)
+ mov $B,4($ctx)
+ mov $C,8($ctx)
+ mov $D,12($ctx)
+ mov $E,16($ctx)
- xchg $E,$A # mov $E,$A
- xchg $T,$B # mov $T,$B
- xchg $E,$C # mov $A,$C
- xchg $T,$D # mov $B,$D
- # mov $C,$E
+ sub \$1,$num
lea `16*4`($inp),$inp
- sub \$1,$num
jnz .Lloop
+
+ mov `16*4`(%rsp),%rsi
+ mov (%rsi),%r13
+ mov 8(%rsi),%r12
+ mov 16(%rsi),%rbp
+ mov 24(%rsi),%rbx
+ lea 32(%rsi),%rsp
+.Lepilogue:
+ ret
+.size sha1_block_data_order,.-sha1_block_data_order
___
-&EPILOGUE("sha1_block_data_order");
+{{{
+my $Xi=4;
+my @X=map("%xmm$_",(4..7,0..3));
+my @Tx=map("%xmm$_",(8..10));
+my @V=($A,$B,$C,$D,$E)=("%eax","%ebx","%ecx","%edx","%ebp"); # size optimization
+my @T=("%esi","%edi");
+my $j=0;
+my $K_XX_XX="%r11";
+
+my $_rol=sub { &rol(@_) };
+my $_ror=sub { &ror(@_) };
+
$code.=<<___;
+.type sha1_block_data_order_ssse3,\@function,3
+.align 16
+sha1_block_data_order_ssse3:
+_ssse3_shortcut:
+ push %rbx
+ push %rbp
+ push %r12
+ lea `-64-($win64?5*16:0)`(%rsp),%rsp
+___
+$code.=<<___ if ($win64);
+ movaps %xmm6,64+0(%rsp)
+ movaps %xmm7,64+16(%rsp)
+ movaps %xmm8,64+32(%rsp)
+ movaps %xmm9,64+48(%rsp)
+ movaps %xmm10,64+64(%rsp)
+.Lprologue_ssse3:
+___
+$code.=<<___;
+ mov %rdi,$ctx # reassigned argument
+ mov %rsi,$inp # reassigned argument
+ mov %rdx,$num # reassigned argument
+
+ shl \$6,$num
+ add $inp,$num
+ lea K_XX_XX(%rip),$K_XX_XX
+
+ mov 0($ctx),$A # load context
+ mov 4($ctx),$B
+ mov 8($ctx),$C
+ mov 12($ctx),$D
+ mov $B, at T[0] # magic seed
+ mov 16($ctx),$E
+
+ movdqa 64($K_XX_XX), at X[2] # pbswap mask
+ movdqa 0($K_XX_XX), at Tx[1] # K_00_19
+ movdqu 0($inp), at X[-4&7] # load input to %xmm[0-3]
+ movdqu 16($inp), at X[-3&7]
+ movdqu 32($inp), at X[-2&7]
+ movdqu 48($inp), at X[-1&7]
+ pshufb @X[2], at X[-4&7] # byte swap
+ add \$64,$inp
+ pshufb @X[2], at X[-3&7]
+ pshufb @X[2], at X[-2&7]
+ pshufb @X[2], at X[-1&7]
+ paddd @Tx[1], at X[-4&7] # add K_00_19
+ paddd @Tx[1], at X[-3&7]
+ paddd @Tx[1], at X[-2&7]
+ movdqa @X[-4&7],0(%rsp) # X[]+K xfer to IALU
+ psubd @Tx[1], at X[-4&7] # restore X[]
+ movdqa @X[-3&7],16(%rsp)
+ psubd @Tx[1], at X[-3&7]
+ movdqa @X[-2&7],32(%rsp)
+ psubd @Tx[1], at X[-2&7]
+ jmp .Loop_ssse3
+___
+
+sub AUTOLOAD() # thunk [simplified] 32-bit style perlasm
+{ my $opcode = $AUTOLOAD; $opcode =~ s/.*:://;
+ my $arg = pop;
+ $arg = "\$$arg" if ($arg*1 eq $arg);
+ $code .= "\t$opcode\t".join(',',$arg,reverse @_)."\n";
+}
+
+sub Xupdate_ssse3_16_31() # recall that $Xi starts wtih 4
+{ use integer;
+ my $body = shift;
+ my @insns = (&$body,&$body,&$body,&$body); # 40 instructions
+ my ($a,$b,$c,$d,$e);
+
+ &movdqa (@X[0], at X[-3&7]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &movdqa (@Tx[0], at X[-1&7]);
+ &palignr(@X[0], at X[-4&7],8); # compose "X[-14]" in "X[0]"
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &paddd (@Tx[1], at X[-1&7]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &psrldq (@Tx[0],4); # "X[-3]", 3 dwords
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &pxor (@X[0], at X[-4&7]); # "X[0]"^="X[-16]"
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &pxor (@Tx[0], at X[-2&7]); # "X[-3]"^"X[-8]"
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &pxor (@X[0], at Tx[0]); # "X[0]"^="X[-3]"^"X[-8]"
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &movdqa (eval(16*(($Xi-1)&3))."(%rsp)", at Tx[1]); # X[]+K xfer to IALU
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &movdqa (@Tx[2], at X[0]);
+ &movdqa (@Tx[0], at X[0]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &pslldq (@Tx[2],12); # "X[0]"<<96, extract one dword
+ &paddd (@X[0], at X[0]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &psrld (@Tx[0],31);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &movdqa (@Tx[1], at Tx[2]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &psrld (@Tx[2],30);
+ &por (@X[0], at Tx[0]); # "X[0]"<<<=1
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &pslld (@Tx[1],2);
+ &pxor (@X[0], at Tx[2]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &movdqa (@Tx[2],eval(16*(($Xi)/5))."($K_XX_XX)"); # K_XX_XX
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &pxor (@X[0], at Tx[1]); # "X[0]"^=("X[0]">>96)<<<2
+
+ foreach (@insns) { eval; } # remaining instructions [if any]
+
+ $Xi++; push(@X,shift(@X)); # "rotate" X[]
+ push(@Tx,shift(@Tx));
+}
+
+sub Xupdate_ssse3_32_79()
+{ use integer;
+ my $body = shift;
+ my @insns = (&$body,&$body,&$body,&$body); # 32 to 48 instructions
+ my ($a,$b,$c,$d,$e);
+
+ &movdqa (@Tx[0], at X[-1&7]) if ($Xi==8);
+ eval(shift(@insns)); # body_20_39
+ &pxor (@X[0], at X[-4&7]); # "X[0]"="X[-32]"^"X[-16]"
+ &palignr(@Tx[0], at X[-2&7],8); # compose "X[-6]"
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns)); # rol
+
+ &pxor (@X[0], at X[-7&7]); # "X[0]"^="X[-28]"
+ eval(shift(@insns));
+ eval(shift(@insns)) if (@insns[0] !~ /&ro[rl]/);
+ if ($Xi%5) {
+ &movdqa (@Tx[2], at Tx[1]);# "perpetuate" K_XX_XX...
+ } else { # ... or load next one
+ &movdqa (@Tx[2],eval(16*($Xi/5))."($K_XX_XX)");
+ }
+ &paddd (@Tx[1], at X[-1&7]);
+ eval(shift(@insns)); # ror
+ eval(shift(@insns));
+
+ &pxor (@X[0], at Tx[0]); # "X[0]"^="X[-6]"
+ eval(shift(@insns)); # body_20_39
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns)); # rol
+
+ &movdqa (@Tx[0], at X[0]);
+ &movdqa (eval(16*(($Xi-1)&3))."(%rsp)", at Tx[1]); # X[]+K xfer to IALU
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns)); # ror
+ eval(shift(@insns));
+
+ &pslld (@X[0],2);
+ eval(shift(@insns)); # body_20_39
+ eval(shift(@insns));
+ &psrld (@Tx[0],30);
+ eval(shift(@insns));
+ eval(shift(@insns)); # rol
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns)); # ror
+ eval(shift(@insns));
+
+ &por (@X[0], at Tx[0]); # "X[0]"<<<=2
+ eval(shift(@insns)); # body_20_39
+ eval(shift(@insns));
+ &movdqa (@Tx[1], at X[0]) if ($Xi<19);
+ eval(shift(@insns));
+ eval(shift(@insns)); # rol
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns)); # rol
+ eval(shift(@insns));
+
+ foreach (@insns) { eval; } # remaining instructions
+
+ $Xi++; push(@X,shift(@X)); # "rotate" X[]
+ push(@Tx,shift(@Tx));
+}
+
+sub Xuplast_ssse3_80()
+{ use integer;
+ my $body = shift;
+ my @insns = (&$body,&$body,&$body,&$body); # 32 instructions
+ my ($a,$b,$c,$d,$e);
+
+ eval(shift(@insns));
+ &paddd (@Tx[1], at X[-1&7]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &movdqa (eval(16*(($Xi-1)&3))."(%rsp)", at Tx[1]); # X[]+K xfer IALU
+
+ foreach (@insns) { eval; } # remaining instructions
+
+ &cmp ($inp,$num);
+ &je (".Ldone_ssse3");
+
+ unshift(@Tx,pop(@Tx));
+
+ &movdqa (@X[2],"64($K_XX_XX)"); # pbswap mask
+ &movdqa (@Tx[1],"0($K_XX_XX)"); # K_00_19
+ &movdqu (@X[-4&7],"0($inp)"); # load input
+ &movdqu (@X[-3&7],"16($inp)");
+ &movdqu (@X[-2&7],"32($inp)");
+ &movdqu (@X[-1&7],"48($inp)");
+ &pshufb (@X[-4&7], at X[2]); # byte swap
+ &add ($inp,64);
+
+ $Xi=0;
+}
+
+sub Xloop_ssse3()
+{ use integer;
+ my $body = shift;
+ my @insns = (&$body,&$body,&$body,&$body); # 32 instructions
+ my ($a,$b,$c,$d,$e);
+
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &pshufb (@X[($Xi-3)&7], at X[2]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &paddd (@X[($Xi-4)&7], at Tx[1]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &movdqa (eval(16*$Xi)."(%rsp)", at X[($Xi-4)&7]); # X[]+K xfer to IALU
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &psubd (@X[($Xi-4)&7], at Tx[1]);
+
+ foreach (@insns) { eval; }
+ $Xi++;
+}
+
+sub Xtail_ssse3()
+{ use integer;
+ my $body = shift;
+ my @insns = (&$body,&$body,&$body,&$body); # 32 instructions
+ my ($a,$b,$c,$d,$e);
+
+ foreach (@insns) { eval; }
+}
+
+sub body_00_19 () {
+ (
+ '($a,$b,$c,$d,$e)=@V;'.
+ '&add ($e,eval(4*($j&15))."(%rsp)");', # X[]+K xfer
+ '&xor ($c,$d);',
+ '&mov (@T[1],$a);', # $b in next round
+ '&$_rol ($a,5);',
+ '&and (@T[0],$c);', # ($b&($c^$d))
+ '&xor ($c,$d);', # restore $c
+ '&xor (@T[0],$d);',
+ '&add ($e,$a);',
+ '&$_ror ($b,$j?7:2);', # $b>>>2
+ '&add ($e, at T[0]);' .'$j++; unshift(@V,pop(@V)); unshift(@T,pop(@T));'
+ );
+}
+
+sub body_20_39 () {
+ (
+ '($a,$b,$c,$d,$e)=@V;'.
+ '&add ($e,eval(4*($j++&15))."(%rsp)");', # X[]+K xfer
+ '&xor (@T[0],$d);', # ($b^$d)
+ '&mov (@T[1],$a);', # $b in next round
+ '&$_rol ($a,5);',
+ '&xor (@T[0],$c);', # ($b^$d^$c)
+ '&add ($e,$a);',
+ '&$_ror ($b,7);', # $b>>>2
+ '&add ($e, at T[0]);' .'unshift(@V,pop(@V)); unshift(@T,pop(@T));'
+ );
+}
+
+sub body_40_59 () {
+ (
+ '($a,$b,$c,$d,$e)=@V;'.
+ '&mov (@T[1],$c);',
+ '&xor ($c,$d);',
+ '&add ($e,eval(4*($j++&15))."(%rsp)");', # X[]+K xfer
+ '&and (@T[1],$d);',
+ '&and (@T[0],$c);', # ($b&($c^$d))
+ '&$_ror ($b,7);', # $b>>>2
+ '&add ($e, at T[1]);',
+ '&mov (@T[1],$a);', # $b in next round
+ '&$_rol ($a,5);',
+ '&add ($e, at T[0]);',
+ '&xor ($c,$d);', # restore $c
+ '&add ($e,$a);' .'unshift(@V,pop(@V)); unshift(@T,pop(@T));'
+ );
+}
+$code.=<<___;
+.align 16
+.Loop_ssse3:
+___
+ &Xupdate_ssse3_16_31(\&body_00_19);
+ &Xupdate_ssse3_16_31(\&body_00_19);
+ &Xupdate_ssse3_16_31(\&body_00_19);
+ &Xupdate_ssse3_16_31(\&body_00_19);
+ &Xupdate_ssse3_32_79(\&body_00_19);
+ &Xupdate_ssse3_32_79(\&body_20_39);
+ &Xupdate_ssse3_32_79(\&body_20_39);
+ &Xupdate_ssse3_32_79(\&body_20_39);
+ &Xupdate_ssse3_32_79(\&body_20_39);
+ &Xupdate_ssse3_32_79(\&body_20_39);
+ &Xupdate_ssse3_32_79(\&body_40_59);
+ &Xupdate_ssse3_32_79(\&body_40_59);
+ &Xupdate_ssse3_32_79(\&body_40_59);
+ &Xupdate_ssse3_32_79(\&body_40_59);
+ &Xupdate_ssse3_32_79(\&body_40_59);
+ &Xupdate_ssse3_32_79(\&body_20_39);
+ &Xuplast_ssse3_80(\&body_20_39); # can jump to "done"
+
+ $saved_j=$j; @saved_V=@V;
+
+ &Xloop_ssse3(\&body_20_39);
+ &Xloop_ssse3(\&body_20_39);
+ &Xloop_ssse3(\&body_20_39);
+
+$code.=<<___;
+ add 0($ctx),$A # update context
+ add 4($ctx), at T[0]
+ add 8($ctx),$C
+ add 12($ctx),$D
+ mov $A,0($ctx)
+ add 16($ctx),$E
+ mov @T[0],4($ctx)
+ mov @T[0],$B # magic seed
+ mov $C,8($ctx)
+ mov $D,12($ctx)
+ mov $E,16($ctx)
+ jmp .Loop_ssse3
+
+.align 16
+.Ldone_ssse3:
+___
+ $j=$saved_j; @V=@saved_V;
+
+ &Xtail_ssse3(\&body_20_39);
+ &Xtail_ssse3(\&body_20_39);
+ &Xtail_ssse3(\&body_20_39);
+
+$code.=<<___;
+ add 0($ctx),$A # update context
+ add 4($ctx), at T[0]
+ add 8($ctx),$C
+ mov $A,0($ctx)
+ add 12($ctx),$D
+ mov @T[0],4($ctx)
+ add 16($ctx),$E
+ mov $C,8($ctx)
+ mov $D,12($ctx)
+ mov $E,16($ctx)
+___
+$code.=<<___ if ($win64);
+ movaps 64+0(%rsp),%xmm6
+ movaps 64+16(%rsp),%xmm7
+ movaps 64+32(%rsp),%xmm8
+ movaps 64+48(%rsp),%xmm9
+ movaps 64+64(%rsp),%xmm10
+___
+$code.=<<___;
+ lea `64+($win64?5*16:0)`(%rsp),%rsi
+ mov 0(%rsi),%r12
+ mov 8(%rsi),%rbp
+ mov 16(%rsi),%rbx
+ lea 24(%rsi),%rsp
+.Lepilogue_ssse3:
+ ret
+.size sha1_block_data_order_ssse3,.-sha1_block_data_order_ssse3
+___
+
+if ($avx) {
+my $Xi=4;
+my @X=map("%xmm$_",(4..7,0..3));
+my @Tx=map("%xmm$_",(8..10));
+my @V=($A,$B,$C,$D,$E)=("%eax","%ebx","%ecx","%edx","%ebp"); # size optimization
+my @T=("%esi","%edi");
+my $j=0;
+my $K_XX_XX="%r11";
+
+my $_rol=sub { &shld(@_[0], at _) };
+my $_ror=sub { &shrd(@_[0], at _) };
+
+$code.=<<___;
+.type sha1_block_data_order_avx,\@function,3
+.align 16
+sha1_block_data_order_avx:
+_avx_shortcut:
+ push %rbx
+ push %rbp
+ push %r12
+ lea `-64-($win64?5*16:0)`(%rsp),%rsp
+___
+$code.=<<___ if ($win64);
+ movaps %xmm6,64+0(%rsp)
+ movaps %xmm7,64+16(%rsp)
+ movaps %xmm8,64+32(%rsp)
+ movaps %xmm9,64+48(%rsp)
+ movaps %xmm10,64+64(%rsp)
+.Lprologue_avx:
+___
+$code.=<<___;
+ mov %rdi,$ctx # reassigned argument
+ mov %rsi,$inp # reassigned argument
+ mov %rdx,$num # reassigned argument
+ vzeroupper
+
+ shl \$6,$num
+ add $inp,$num
+ lea K_XX_XX(%rip),$K_XX_XX
+
+ mov 0($ctx),$A # load context
+ mov 4($ctx),$B
+ mov 8($ctx),$C
+ mov 12($ctx),$D
+ mov $B, at T[0] # magic seed
+ mov 16($ctx),$E
+
+ vmovdqa 64($K_XX_XX), at X[2] # pbswap mask
+ vmovdqa 0($K_XX_XX), at Tx[1] # K_00_19
+ vmovdqu 0($inp), at X[-4&7] # load input to %xmm[0-3]
+ vmovdqu 16($inp), at X[-3&7]
+ vmovdqu 32($inp), at X[-2&7]
+ vmovdqu 48($inp), at X[-1&7]
+ vpshufb @X[2], at X[-4&7], at X[-4&7] # byte swap
+ add \$64,$inp
+ vpshufb @X[2], at X[-3&7], at X[-3&7]
+ vpshufb @X[2], at X[-2&7], at X[-2&7]
+ vpshufb @X[2], at X[-1&7], at X[-1&7]
+ vpaddd @Tx[1], at X[-4&7], at X[0] # add K_00_19
+ vpaddd @Tx[1], at X[-3&7], at X[1]
+ vpaddd @Tx[1], at X[-2&7], at X[2]
+ vmovdqa @X[0],0(%rsp) # X[]+K xfer to IALU
+ vmovdqa @X[1],16(%rsp)
+ vmovdqa @X[2],32(%rsp)
+ jmp .Loop_avx
+___
+
+sub Xupdate_avx_16_31() # recall that $Xi starts wtih 4
+{ use integer;
+ my $body = shift;
+ my @insns = (&$body,&$body,&$body,&$body); # 40 instructions
+ my ($a,$b,$c,$d,$e);
+
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &vpalignr(@X[0], at X[-3&7], at X[-4&7],8); # compose "X[-14]" in "X[0]"
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &vpaddd (@Tx[1], at Tx[1], at X[-1&7]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &vpsrldq(@Tx[0], at X[-1&7],4); # "X[-3]", 3 dwords
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &vpxor (@X[0], at X[0], at X[-4&7]); # "X[0]"^="X[-16]"
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &vpxor (@Tx[0], at Tx[0], at X[-2&7]); # "X[-3]"^"X[-8]"
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &vpxor (@X[0], at X[0], at Tx[0]); # "X[0]"^="X[-3]"^"X[-8]"
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &vmovdqa (eval(16*(($Xi-1)&3))."(%rsp)", at Tx[1]); # X[]+K xfer to IALU
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &vpsrld (@Tx[0], at X[0],31);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &vpslldq(@Tx[2], at X[0],12); # "X[0]"<<96, extract one dword
+ &vpaddd (@X[0], at X[0], at X[0]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &vpsrld (@Tx[1], at Tx[2],30);
+ &vpor (@X[0], at X[0], at Tx[0]); # "X[0]"<<<=1
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &vpslld (@Tx[2], at Tx[2],2);
+ &vpxor (@X[0], at X[0], at Tx[1]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &vpxor (@X[0], at X[0], at Tx[2]); # "X[0]"^=("X[0]">>96)<<<2
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &vmovdqa (@Tx[2],eval(16*(($Xi)/5))."($K_XX_XX)"); # K_XX_XX
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+
+ foreach (@insns) { eval; } # remaining instructions [if any]
+
+ $Xi++; push(@X,shift(@X)); # "rotate" X[]
+ push(@Tx,shift(@Tx));
+}
+
+sub Xupdate_avx_32_79()
+{ use integer;
+ my $body = shift;
+ my @insns = (&$body,&$body,&$body,&$body); # 32 to 48 instructions
+ my ($a,$b,$c,$d,$e);
+
+ &vpalignr(@Tx[0], at X[-1&7], at X[-2&7],8); # compose "X[-6]"
+ &vpxor (@X[0], at X[0], at X[-4&7]); # "X[0]"="X[-32]"^"X[-16]"
+ eval(shift(@insns)); # body_20_39
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns)); # rol
+
+ &vpxor (@X[0], at X[0], at X[-7&7]); # "X[0]"^="X[-28]"
+ eval(shift(@insns));
+ eval(shift(@insns)) if (@insns[0] !~ /&ro[rl]/);
+ if ($Xi%5) {
+ &vmovdqa (@Tx[2], at Tx[1]);# "perpetuate" K_XX_XX...
+ } else { # ... or load next one
+ &vmovdqa (@Tx[2],eval(16*($Xi/5))."($K_XX_XX)");
+ }
+ &vpaddd (@Tx[1], at Tx[1], at X[-1&7]);
+ eval(shift(@insns)); # ror
+ eval(shift(@insns));
+
+ &vpxor (@X[0], at X[0], at Tx[0]); # "X[0]"^="X[-6]"
+ eval(shift(@insns)); # body_20_39
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns)); # rol
+
+ &vpsrld (@Tx[0], at X[0],30);
+ &vmovdqa (eval(16*(($Xi-1)&3))."(%rsp)", at Tx[1]); # X[]+K xfer to IALU
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns)); # ror
+ eval(shift(@insns));
+
+ &vpslld (@X[0], at X[0],2);
+ eval(shift(@insns)); # body_20_39
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns)); # rol
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns)); # ror
+ eval(shift(@insns));
+
+ &vpor (@X[0], at X[0], at Tx[0]); # "X[0]"<<<=2
+ eval(shift(@insns)); # body_20_39
+ eval(shift(@insns));
+ &vmovdqa (@Tx[1], at X[0]) if ($Xi<19);
+ eval(shift(@insns));
+ eval(shift(@insns)); # rol
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns)); # rol
+ eval(shift(@insns));
+
+ foreach (@insns) { eval; } # remaining instructions
+
+ $Xi++; push(@X,shift(@X)); # "rotate" X[]
+ push(@Tx,shift(@Tx));
+}
+
+sub Xuplast_avx_80()
+{ use integer;
+ my $body = shift;
+ my @insns = (&$body,&$body,&$body,&$body); # 32 instructions
+ my ($a,$b,$c,$d,$e);
+
+ eval(shift(@insns));
+ &vpaddd (@Tx[1], at Tx[1], at X[-1&7]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &movdqa (eval(16*(($Xi-1)&3))."(%rsp)", at Tx[1]); # X[]+K xfer IALU
+
+ foreach (@insns) { eval; } # remaining instructions
+
+ &cmp ($inp,$num);
+ &je (".Ldone_avx");
+
+ unshift(@Tx,pop(@Tx));
+
+ &vmovdqa(@X[2],"64($K_XX_XX)"); # pbswap mask
+ &vmovdqa(@Tx[1],"0($K_XX_XX)"); # K_00_19
+ &vmovdqu(@X[-4&7],"0($inp)"); # load input
+ &vmovdqu(@X[-3&7],"16($inp)");
+ &vmovdqu(@X[-2&7],"32($inp)");
+ &vmovdqu(@X[-1&7],"48($inp)");
+ &vpshufb(@X[-4&7], at X[-4&7], at X[2]); # byte swap
+ &add ($inp,64);
+
+ $Xi=0;
+}
+
+sub Xloop_avx()
+{ use integer;
+ my $body = shift;
+ my @insns = (&$body,&$body,&$body,&$body); # 32 instructions
+ my ($a,$b,$c,$d,$e);
+
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &vpshufb(@X[($Xi-3)&7], at X[($Xi-3)&7], at X[2]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &vpaddd (@X[$Xi&7], at X[($Xi-4)&7], at Tx[1]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &vmovdqa(eval(16*$Xi)."(%rsp)", at X[$Xi&7]); # X[]+K xfer to IALU
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ foreach (@insns) { eval; }
+ $Xi++;
+}
+
+sub Xtail_avx()
+{ use integer;
+ my $body = shift;
+ my @insns = (&$body,&$body,&$body,&$body); # 32 instructions
+ my ($a,$b,$c,$d,$e);
+
+ foreach (@insns) { eval; }
+}
+
+$code.=<<___;
+.align 16
+.Loop_avx:
+___
+ &Xupdate_avx_16_31(\&body_00_19);
+ &Xupdate_avx_16_31(\&body_00_19);
+ &Xupdate_avx_16_31(\&body_00_19);
+ &Xupdate_avx_16_31(\&body_00_19);
+ &Xupdate_avx_32_79(\&body_00_19);
+ &Xupdate_avx_32_79(\&body_20_39);
+ &Xupdate_avx_32_79(\&body_20_39);
+ &Xupdate_avx_32_79(\&body_20_39);
+ &Xupdate_avx_32_79(\&body_20_39);
+ &Xupdate_avx_32_79(\&body_20_39);
+ &Xupdate_avx_32_79(\&body_40_59);
+ &Xupdate_avx_32_79(\&body_40_59);
+ &Xupdate_avx_32_79(\&body_40_59);
+ &Xupdate_avx_32_79(\&body_40_59);
+ &Xupdate_avx_32_79(\&body_40_59);
+ &Xupdate_avx_32_79(\&body_20_39);
+ &Xuplast_avx_80(\&body_20_39); # can jump to "done"
+
+ $saved_j=$j; @saved_V=@V;
+
+ &Xloop_avx(\&body_20_39);
+ &Xloop_avx(\&body_20_39);
+ &Xloop_avx(\&body_20_39);
+
+$code.=<<___;
+ add 0($ctx),$A # update context
+ add 4($ctx), at T[0]
+ add 8($ctx),$C
+ add 12($ctx),$D
+ mov $A,0($ctx)
+ add 16($ctx),$E
+ mov @T[0],4($ctx)
+ mov @T[0],$B # magic seed
+ mov $C,8($ctx)
+ mov $D,12($ctx)
+ mov $E,16($ctx)
+ jmp .Loop_avx
+
+.align 16
+.Ldone_avx:
+___
+ $j=$saved_j; @V=@saved_V;
+
+ &Xtail_avx(\&body_20_39);
+ &Xtail_avx(\&body_20_39);
+ &Xtail_avx(\&body_20_39);
+
+$code.=<<___;
+ vzeroupper
+
+ add 0($ctx),$A # update context
+ add 4($ctx), at T[0]
+ add 8($ctx),$C
+ mov $A,0($ctx)
+ add 12($ctx),$D
+ mov @T[0],4($ctx)
+ add 16($ctx),$E
+ mov $C,8($ctx)
+ mov $D,12($ctx)
+ mov $E,16($ctx)
+___
+$code.=<<___ if ($win64);
+ movaps 64+0(%rsp),%xmm6
+ movaps 64+16(%rsp),%xmm7
+ movaps 64+32(%rsp),%xmm8
+ movaps 64+48(%rsp),%xmm9
+ movaps 64+64(%rsp),%xmm10
+___
+$code.=<<___;
+ lea `64+($win64?5*16:0)`(%rsp),%rsi
+ mov 0(%rsi),%r12
+ mov 8(%rsi),%rbp
+ mov 16(%rsi),%rbx
+ lea 24(%rsi),%rsp
+.Lepilogue_avx:
+ ret
+.size sha1_block_data_order_avx,.-sha1_block_data_order_avx
+___
+}
+$code.=<<___;
+.align 64
+K_XX_XX:
+.long 0x5a827999,0x5a827999,0x5a827999,0x5a827999 # K_00_19
+.long 0x6ed9eba1,0x6ed9eba1,0x6ed9eba1,0x6ed9eba1 # K_20_39
+.long 0x8f1bbcdc,0x8f1bbcdc,0x8f1bbcdc,0x8f1bbcdc # K_40_59
+.long 0xca62c1d6,0xca62c1d6,0xca62c1d6,0xca62c1d6 # K_60_79
+.long 0x00010203,0x04050607,0x08090a0b,0x0c0d0e0f # pbswap mask
+___
+}}}
+$code.=<<___;
.asciz "SHA1 block transform for x86_64, CRYPTOGAMS by <appro\@openssl.org>"
+.align 64
___
+# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
+# CONTEXT *context,DISPATCHER_CONTEXT *disp)
+if ($win64) {
+$rec="%rcx";
+$frame="%rdx";
+$context="%r8";
+$disp="%r9";
+
+$code.=<<___;
+.extern __imp_RtlVirtualUnwind
+.type se_handler,\@abi-omnipotent
+.align 16
+se_handler:
+ push %rsi
+ push %rdi
+ push %rbx
+ push %rbp
+ push %r12
+ push %r13
+ push %r14
+ push %r15
+ pushfq
+ sub \$64,%rsp
+
+ mov 120($context),%rax # pull context->Rax
+ mov 248($context),%rbx # pull context->Rip
+
+ lea .Lprologue(%rip),%r10
+ cmp %r10,%rbx # context->Rip<.Lprologue
+ jb .Lcommon_seh_tail
+
+ mov 152($context),%rax # pull context->Rsp
+
+ lea .Lepilogue(%rip),%r10
+ cmp %r10,%rbx # context->Rip>=.Lepilogue
+ jae .Lcommon_seh_tail
+
+ mov `16*4`(%rax),%rax # pull saved stack pointer
+ lea 32(%rax),%rax
+
+ mov -8(%rax),%rbx
+ mov -16(%rax),%rbp
+ mov -24(%rax),%r12
+ mov -32(%rax),%r13
+ mov %rbx,144($context) # restore context->Rbx
+ mov %rbp,160($context) # restore context->Rbp
+ mov %r12,216($context) # restore context->R12
+ mov %r13,224($context) # restore context->R13
+
+ jmp .Lcommon_seh_tail
+.size se_handler,.-se_handler
+
+.type ssse3_handler,\@abi-omnipotent
+.align 16
+ssse3_handler:
+ push %rsi
+ push %rdi
+ push %rbx
+ push %rbp
+ push %r12
+ push %r13
+ push %r14
+ push %r15
+ pushfq
+ sub \$64,%rsp
+
+ mov 120($context),%rax # pull context->Rax
+ mov 248($context),%rbx # pull context->Rip
+
+ mov 8($disp),%rsi # disp->ImageBase
+ mov 56($disp),%r11 # disp->HandlerData
+
+ mov 0(%r11),%r10d # HandlerData[0]
+ lea (%rsi,%r10),%r10 # prologue label
+ cmp %r10,%rbx # context->Rip<prologue label
+ jb .Lcommon_seh_tail
+
+ mov 152($context),%rax # pull context->Rsp
+
+ mov 4(%r11),%r10d # HandlerData[1]
+ lea (%rsi,%r10),%r10 # epilogue label
+ cmp %r10,%rbx # context->Rip>=epilogue label
+ jae .Lcommon_seh_tail
+
+ lea 64(%rax),%rsi
+ lea 512($context),%rdi # &context.Xmm6
+ mov \$10,%ecx
+ .long 0xa548f3fc # cld; rep movsq
+ lea `24+64+5*16`(%rax),%rax # adjust stack pointer
+
+ mov -8(%rax),%rbx
+ mov -16(%rax),%rbp
+ mov -24(%rax),%r12
+ mov %rbx,144($context) # restore context->Rbx
+ mov %rbp,160($context) # restore context->Rbp
+ mov %r12,216($context) # restore cotnext->R12
+
+.Lcommon_seh_tail:
+ mov 8(%rax),%rdi
+ mov 16(%rax),%rsi
+ mov %rax,152($context) # restore context->Rsp
+ mov %rsi,168($context) # restore context->Rsi
+ mov %rdi,176($context) # restore context->Rdi
+
+ mov 40($disp),%rdi # disp->ContextRecord
+ mov $context,%rsi # context
+ mov \$154,%ecx # sizeof(CONTEXT)
+ .long 0xa548f3fc # cld; rep movsq
+
+ mov $disp,%rsi
+ xor %rcx,%rcx # arg1, UNW_FLAG_NHANDLER
+ mov 8(%rsi),%rdx # arg2, disp->ImageBase
+ mov 0(%rsi),%r8 # arg3, disp->ControlPc
+ mov 16(%rsi),%r9 # arg4, disp->FunctionEntry
+ mov 40(%rsi),%r10 # disp->ContextRecord
+ lea 56(%rsi),%r11 # &disp->HandlerData
+ lea 24(%rsi),%r12 # &disp->EstablisherFrame
+ mov %r10,32(%rsp) # arg5
+ mov %r11,40(%rsp) # arg6
+ mov %r12,48(%rsp) # arg7
+ mov %rcx,56(%rsp) # arg8, (NULL)
+ call *__imp_RtlVirtualUnwind(%rip)
+
+ mov \$1,%eax # ExceptionContinueSearch
+ add \$64,%rsp
+ popfq
+ pop %r15
+ pop %r14
+ pop %r13
+ pop %r12
+ pop %rbp
+ pop %rbx
+ pop %rdi
+ pop %rsi
+ ret
+.size ssse3_handler,.-ssse3_handler
+
+.section .pdata
+.align 4
+ .rva .LSEH_begin_sha1_block_data_order
+ .rva .LSEH_end_sha1_block_data_order
+ .rva .LSEH_info_sha1_block_data_order
+ .rva .LSEH_begin_sha1_block_data_order_ssse3
+ .rva .LSEH_end_sha1_block_data_order_ssse3
+ .rva .LSEH_info_sha1_block_data_order_ssse3
+___
+$code.=<<___ if ($avx);
+ .rva .LSEH_begin_sha1_block_data_order_avx
+ .rva .LSEH_end_sha1_block_data_order_avx
+ .rva .LSEH_info_sha1_block_data_order_avx
+___
+$code.=<<___;
+.section .xdata
+.align 8
+.LSEH_info_sha1_block_data_order:
+ .byte 9,0,0,0
+ .rva se_handler
+.LSEH_info_sha1_block_data_order_ssse3:
+ .byte 9,0,0,0
+ .rva ssse3_handler
+ .rva .Lprologue_ssse3,.Lepilogue_ssse3 # HandlerData[]
+___
+$code.=<<___ if ($avx);
+.LSEH_info_sha1_block_data_order_avx:
+ .byte 9,0,0,0
+ .rva ssse3_handler
+ .rva .Lprologue_avx,.Lepilogue_avx # HandlerData[]
+___
+}
+
####################################################################
$code =~ s/\`([^\`]*)\`/eval $1/gem;
Copied: trunk/crypto/openssl/crypto/sha/asm/sha256-586.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/sha/asm/sha256-586.pl)
===================================================================
--- trunk/crypto/openssl/crypto/sha/asm/sha256-586.pl (rev 0)
+++ trunk/crypto/openssl/crypto/sha/asm/sha256-586.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,249 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+#
+# SHA256 block transform for x86. September 2007.
+#
+# Performance in clock cycles per processed byte (less is better):
+#
+# Pentium PIII P4 AMD K8 Core2
+# gcc 46 36 41 27 26
+# icc 57 33 38 25 23
+# x86 asm 40 30 33 20 18
+# x86_64 asm(*) - - 21 16 16
+#
+# (*) x86_64 assembler performance is presented for reference
+# purposes.
+#
+# Performance improvement over compiler generated code varies from
+# 10% to 40% [see above]. Not very impressive on some \xB5-archs, but
+# it's 5 times smaller and optimizies amount of writes.
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
+require "x86asm.pl";
+
+&asm_init($ARGV[0],"sha512-586.pl",$ARGV[$#ARGV] eq "386");
+
+$A="eax";
+$E="edx";
+$T="ebx";
+$Aoff=&DWP(0,"esp");
+$Boff=&DWP(4,"esp");
+$Coff=&DWP(8,"esp");
+$Doff=&DWP(12,"esp");
+$Eoff=&DWP(16,"esp");
+$Foff=&DWP(20,"esp");
+$Goff=&DWP(24,"esp");
+$Hoff=&DWP(28,"esp");
+$Xoff=&DWP(32,"esp");
+$K256="ebp";
+
+sub BODY_00_15() {
+ my $in_16_63=shift;
+
+ &mov ("ecx",$E);
+ &add ($T,"edi") if ($in_16_63); # T += sigma1(X[-2])
+ &ror ("ecx",25-11);
+ &mov ("esi",$Foff);
+ &xor ("ecx",$E);
+ &ror ("ecx",11-6);
+ &mov (&DWP(4*(8+15),"esp"),$T) if ($in_16_63); # save X[0]
+ &xor ("ecx",$E);
+ &ror ("ecx",6); # Sigma1(e)
+ &mov ("edi",$Goff);
+ &add ($T,"ecx"); # T += Sigma1(e)
+
+ &xor ("esi","edi");
+ &mov ($Eoff,$E); # modulo-scheduled
+ &mov ("ecx",$A);
+ &and ("esi",$E);
+ &mov ($E,$Doff); # e becomes d, which is e in next iteration
+ &xor ("esi","edi"); # Ch(e,f,g)
+ &mov ("edi",$A);
+ &add ($T,"esi"); # T += Ch(e,f,g)
+
+ &ror ("ecx",22-13);
+ &add ($T,$Hoff); # T += h
+ &xor ("ecx",$A);
+ &ror ("ecx",13-2);
+ &mov ("esi",$Boff);
+ &xor ("ecx",$A);
+ &ror ("ecx",2); # Sigma0(a)
+ &add ($E,$T); # d += T
+ &mov ("edi",$Coff);
+
+ &add ($T,"ecx"); # T += Sigma0(a)
+ &mov ($Aoff,$A); # modulo-scheduled
+
+ &mov ("ecx",$A);
+ &sub ("esp",4);
+ &or ($A,"esi"); # a becomes h, which is a in next iteration
+ &and ("ecx","esi");
+ &and ($A,"edi");
+ &mov ("esi",&DWP(0,$K256));
+ &or ($A,"ecx"); # h=Maj(a,b,c)
+
+ &add ($K256,4);
+ &add ($A,$T); # h += T
+ &mov ($T,&DWP(4*(8+15+16-1),"esp")) if ($in_16_63); # preload T
+ &add ($E,"esi"); # d += K256[i]
+ &add ($A,"esi"); # h += K256[i]
+}
+
+&function_begin("sha256_block_data_order");
+ &mov ("esi",wparam(0)); # ctx
+ &mov ("edi",wparam(1)); # inp
+ &mov ("eax",wparam(2)); # num
+ &mov ("ebx","esp"); # saved sp
+
+ &call (&label("pic_point")); # make it PIC!
+&set_label("pic_point");
+ &blindpop($K256);
+ &lea ($K256,&DWP(&label("K256")."-".&label("pic_point"),$K256));
+
+ &sub ("esp",16);
+ &and ("esp",-64);
+
+ &shl ("eax",6);
+ &add ("eax","edi");
+ &mov (&DWP(0,"esp"),"esi"); # ctx
+ &mov (&DWP(4,"esp"),"edi"); # inp
+ &mov (&DWP(8,"esp"),"eax"); # inp+num*128
+ &mov (&DWP(12,"esp"),"ebx"); # saved sp
+
+&set_label("loop",16);
+ # copy input block to stack reversing byte and dword order
+ for($i=0;$i<4;$i++) {
+ &mov ("eax",&DWP($i*16+0,"edi"));
+ &mov ("ebx",&DWP($i*16+4,"edi"));
+ &mov ("ecx",&DWP($i*16+8,"edi"));
+ &mov ("edx",&DWP($i*16+12,"edi"));
+ &bswap ("eax");
+ &bswap ("ebx");
+ &bswap ("ecx");
+ &bswap ("edx");
+ &push ("eax");
+ &push ("ebx");
+ &push ("ecx");
+ &push ("edx");
+ }
+ &add ("edi",64);
+ &sub ("esp",4*8); # place for A,B,C,D,E,F,G,H
+ &mov (&DWP(4*(8+16)+4,"esp"),"edi");
+
+ # copy ctx->h[0-7] to A,B,C,D,E,F,G,H on stack
+ &mov ($A,&DWP(0,"esi"));
+ &mov ("ebx",&DWP(4,"esi"));
+ &mov ("ecx",&DWP(8,"esi"));
+ &mov ("edi",&DWP(12,"esi"));
+ # &mov ($Aoff,$A);
+ &mov ($Boff,"ebx");
+ &mov ($Coff,"ecx");
+ &mov ($Doff,"edi");
+ &mov ($E,&DWP(16,"esi"));
+ &mov ("ebx",&DWP(20,"esi"));
+ &mov ("ecx",&DWP(24,"esi"));
+ &mov ("edi",&DWP(28,"esi"));
+ # &mov ($Eoff,$E);
+ &mov ($Foff,"ebx");
+ &mov ($Goff,"ecx");
+ &mov ($Hoff,"edi");
+
+&set_label("00_15",16);
+ &mov ($T,&DWP(4*(8+15),"esp"));
+
+ &BODY_00_15();
+
+ &cmp ("esi",0xc19bf174);
+ &jne (&label("00_15"));
+
+ &mov ($T,&DWP(4*(8+15+16-1),"esp")); # preloaded in BODY_00_15(1)
+&set_label("16_63",16);
+ &mov ("esi",$T);
+ &mov ("ecx",&DWP(4*(8+15+16-14),"esp"));
+ &ror ("esi",18-7);
+ &mov ("edi","ecx");
+ &xor ("esi",$T);
+ &ror ("esi",7);
+ &shr ($T,3);
+
+ &ror ("edi",19-17);
+ &xor ($T,"esi"); # T = sigma0(X[-15])
+ &xor ("edi","ecx");
+ &ror ("edi",17);
+ &shr ("ecx",10);
+ &add ($T,&DWP(4*(8+15+16),"esp")); # T += X[-16]
+ &xor ("edi","ecx"); # sigma1(X[-2])
+
+ &add ($T,&DWP(4*(8+15+16-9),"esp")); # T += X[-7]
+ # &add ($T,"edi"); # T += sigma1(X[-2])
+ # &mov (&DWP(4*(8+15),"esp"),$T); # save X[0]
+
+ &BODY_00_15(1);
+
+ &cmp ("esi",0xc67178f2);
+ &jne (&label("16_63"));
+
+ &mov ("esi",&DWP(4*(8+16+64)+0,"esp"));#ctx
+ # &mov ($A,$Aoff);
+ &mov ("ebx",$Boff);
+ &mov ("ecx",$Coff);
+ &mov ("edi",$Doff);
+ &add ($A,&DWP(0,"esi"));
+ &add ("ebx",&DWP(4,"esi"));
+ &add ("ecx",&DWP(8,"esi"));
+ &add ("edi",&DWP(12,"esi"));
+ &mov (&DWP(0,"esi"),$A);
+ &mov (&DWP(4,"esi"),"ebx");
+ &mov (&DWP(8,"esi"),"ecx");
+ &mov (&DWP(12,"esi"),"edi");
+ # &mov ($E,$Eoff);
+ &mov ("eax",$Foff);
+ &mov ("ebx",$Goff);
+ &mov ("ecx",$Hoff);
+ &mov ("edi",&DWP(4*(8+16+64)+4,"esp"));#inp
+ &add ($E,&DWP(16,"esi"));
+ &add ("eax",&DWP(20,"esi"));
+ &add ("ebx",&DWP(24,"esi"));
+ &add ("ecx",&DWP(28,"esi"));
+ &mov (&DWP(16,"esi"),$E);
+ &mov (&DWP(20,"esi"),"eax");
+ &mov (&DWP(24,"esi"),"ebx");
+ &mov (&DWP(28,"esi"),"ecx");
+
+ &add ("esp",4*(8+16+64)); # destroy frame
+ &sub ($K256,4*64); # rewind K
+
+ &cmp ("edi",&DWP(8,"esp")); # are we done yet?
+ &jb (&label("loop"));
+
+ &mov ("esp",&DWP(12,"esp")); # restore sp
+&function_end_A();
+
+&set_label("K256",64); # Yes! I keep it in the code segment!
+ &data_word(0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5);
+ &data_word(0x3956c25b,0x59f111f1,0x923f82a4,0xab1c5ed5);
+ &data_word(0xd807aa98,0x12835b01,0x243185be,0x550c7dc3);
+ &data_word(0x72be5d74,0x80deb1fe,0x9bdc06a7,0xc19bf174);
+ &data_word(0xe49b69c1,0xefbe4786,0x0fc19dc6,0x240ca1cc);
+ &data_word(0x2de92c6f,0x4a7484aa,0x5cb0a9dc,0x76f988da);
+ &data_word(0x983e5152,0xa831c66d,0xb00327c8,0xbf597fc7);
+ &data_word(0xc6e00bf3,0xd5a79147,0x06ca6351,0x14292967);
+ &data_word(0x27b70a85,0x2e1b2138,0x4d2c6dfc,0x53380d13);
+ &data_word(0x650a7354,0x766a0abb,0x81c2c92e,0x92722c85);
+ &data_word(0xa2bfe8a1,0xa81a664b,0xc24b8b70,0xc76c51a3);
+ &data_word(0xd192e819,0xd6990624,0xf40e3585,0x106aa070);
+ &data_word(0x19a4c116,0x1e376c08,0x2748774c,0x34b0bcb5);
+ &data_word(0x391c0cb3,0x4ed8aa4a,0x5b9cca4f,0x682e6ff3);
+ &data_word(0x748f82ee,0x78a5636f,0x84c87814,0x8cc70208);
+ &data_word(0x90befffa,0xa4506ceb,0xbef9a3f7,0xc67178f2);
+&function_end_B("sha256_block_data_order");
+&asciz("SHA256 block transform for x86, CRYPTOGAMS by <appro\@openssl.org>");
+
+&asm_finish();
Copied: trunk/crypto/openssl/crypto/sha/asm/sha256-armv4.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/sha/asm/sha256-armv4.pl)
===================================================================
--- trunk/crypto/openssl/crypto/sha/asm/sha256-armv4.pl (rev 0)
+++ trunk/crypto/openssl/crypto/sha/asm/sha256-armv4.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,211 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# SHA256 block procedure for ARMv4. May 2007.
+
+# Performance is ~2x better than gcc 3.4 generated code and in "abso-
+# lute" terms is ~2250 cycles per 64-byte block or ~35 cycles per
+# byte [on single-issue Xscale PXA250 core].
+
+# July 2010.
+#
+# Rescheduling for dual-issue pipeline resulted in 22% improvement on
+# Cortex A8 core and ~20 cycles per processed byte.
+
+# February 2011.
+#
+# Profiler-assisted and platform-specific optimization resulted in 16%
+# improvement on Cortex A8 core and ~17 cycles per processed byte.
+
+while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
+open STDOUT,">$output";
+
+$ctx="r0"; $t0="r0";
+$inp="r1"; $t3="r1";
+$len="r2"; $t1="r2";
+$T1="r3";
+$A="r4";
+$B="r5";
+$C="r6";
+$D="r7";
+$E="r8";
+$F="r9";
+$G="r10";
+$H="r11";
+ at V=($A,$B,$C,$D,$E,$F,$G,$H);
+$t2="r12";
+$Ktbl="r14";
+
+ at Sigma0=( 2,13,22);
+ at Sigma1=( 6,11,25);
+ at sigma0=( 7,18, 3);
+ at sigma1=(17,19,10);
+
+sub BODY_00_15 {
+my ($i,$a,$b,$c,$d,$e,$f,$g,$h) = @_;
+
+$code.=<<___ if ($i<16);
+#if __ARM_ARCH__>=7
+ ldr $T1,[$inp],#4
+#else
+ ldrb $T1,[$inp,#3] @ $i
+ ldrb $t2,[$inp,#2]
+ ldrb $t1,[$inp,#1]
+ ldrb $t0,[$inp],#4
+ orr $T1,$T1,$t2,lsl#8
+ orr $T1,$T1,$t1,lsl#16
+ orr $T1,$T1,$t0,lsl#24
+#endif
+___
+$code.=<<___;
+ mov $t0,$e,ror#$Sigma1[0]
+ ldr $t2,[$Ktbl],#4 @ *K256++
+ eor $t0,$t0,$e,ror#$Sigma1[1]
+ eor $t1,$f,$g
+#if $i>=16
+ add $T1,$T1,$t3 @ from BODY_16_xx
+#elif __ARM_ARCH__>=7 && defined(__ARMEL__)
+ rev $T1,$T1
+#endif
+#if $i==15
+ str $inp,[sp,#17*4] @ leave room for $t3
+#endif
+ eor $t0,$t0,$e,ror#$Sigma1[2] @ Sigma1(e)
+ and $t1,$t1,$e
+ str $T1,[sp,#`$i%16`*4]
+ add $T1,$T1,$t0
+ eor $t1,$t1,$g @ Ch(e,f,g)
+ add $T1,$T1,$h
+ mov $h,$a,ror#$Sigma0[0]
+ add $T1,$T1,$t1
+ eor $h,$h,$a,ror#$Sigma0[1]
+ add $T1,$T1,$t2
+ eor $h,$h,$a,ror#$Sigma0[2] @ Sigma0(a)
+#if $i>=15
+ ldr $t3,[sp,#`($i+2)%16`*4] @ from BODY_16_xx
+#endif
+ orr $t0,$a,$b
+ and $t1,$a,$b
+ and $t0,$t0,$c
+ add $h,$h,$T1
+ orr $t0,$t0,$t1 @ Maj(a,b,c)
+ add $d,$d,$T1
+ add $h,$h,$t0
+___
+}
+
+sub BODY_16_XX {
+my ($i,$a,$b,$c,$d,$e,$f,$g,$h) = @_;
+
+$code.=<<___;
+ @ ldr $t3,[sp,#`($i+1)%16`*4] @ $i
+ ldr $t2,[sp,#`($i+14)%16`*4]
+ mov $t0,$t3,ror#$sigma0[0]
+ ldr $T1,[sp,#`($i+0)%16`*4]
+ eor $t0,$t0,$t3,ror#$sigma0[1]
+ ldr $t1,[sp,#`($i+9)%16`*4]
+ eor $t0,$t0,$t3,lsr#$sigma0[2] @ sigma0(X[i+1])
+ mov $t3,$t2,ror#$sigma1[0]
+ add $T1,$T1,$t0
+ eor $t3,$t3,$t2,ror#$sigma1[1]
+ add $T1,$T1,$t1
+ eor $t3,$t3,$t2,lsr#$sigma1[2] @ sigma1(X[i+14])
+ @ add $T1,$T1,$t3
+___
+ &BODY_00_15(@_);
+}
+
+$code=<<___;
+#include "arm_arch.h"
+
+.text
+.code 32
+
+.type K256,%object
+.align 5
+K256:
+.word 0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5
+.word 0x3956c25b,0x59f111f1,0x923f82a4,0xab1c5ed5
+.word 0xd807aa98,0x12835b01,0x243185be,0x550c7dc3
+.word 0x72be5d74,0x80deb1fe,0x9bdc06a7,0xc19bf174
+.word 0xe49b69c1,0xefbe4786,0x0fc19dc6,0x240ca1cc
+.word 0x2de92c6f,0x4a7484aa,0x5cb0a9dc,0x76f988da
+.word 0x983e5152,0xa831c66d,0xb00327c8,0xbf597fc7
+.word 0xc6e00bf3,0xd5a79147,0x06ca6351,0x14292967
+.word 0x27b70a85,0x2e1b2138,0x4d2c6dfc,0x53380d13
+.word 0x650a7354,0x766a0abb,0x81c2c92e,0x92722c85
+.word 0xa2bfe8a1,0xa81a664b,0xc24b8b70,0xc76c51a3
+.word 0xd192e819,0xd6990624,0xf40e3585,0x106aa070
+.word 0x19a4c116,0x1e376c08,0x2748774c,0x34b0bcb5
+.word 0x391c0cb3,0x4ed8aa4a,0x5b9cca4f,0x682e6ff3
+.word 0x748f82ee,0x78a5636f,0x84c87814,0x8cc70208
+.word 0x90befffa,0xa4506ceb,0xbef9a3f7,0xc67178f2
+.size K256,.-K256
+
+.global sha256_block_data_order
+.type sha256_block_data_order,%function
+sha256_block_data_order:
+ sub r3,pc,#8 @ sha256_block_data_order
+ add $len,$inp,$len,lsl#6 @ len to point at the end of inp
+ stmdb sp!,{$ctx,$inp,$len,r4-r11,lr}
+ ldmia $ctx,{$A,$B,$C,$D,$E,$F,$G,$H}
+ sub $Ktbl,r3,#256 @ K256
+ sub sp,sp,#16*4 @ alloca(X[16])
+.Loop:
+___
+for($i=0;$i<16;$i++) { &BODY_00_15($i, at V); unshift(@V,pop(@V)); }
+$code.=".Lrounds_16_xx:\n";
+for (;$i<32;$i++) { &BODY_16_XX($i, at V); unshift(@V,pop(@V)); }
+$code.=<<___;
+ and $t2,$t2,#0xff
+ cmp $t2,#0xf2
+ bne .Lrounds_16_xx
+
+ ldr $T1,[sp,#16*4] @ pull ctx
+ ldr $t0,[$T1,#0]
+ ldr $t1,[$T1,#4]
+ ldr $t2,[$T1,#8]
+ add $A,$A,$t0
+ ldr $t0,[$T1,#12]
+ add $B,$B,$t1
+ ldr $t1,[$T1,#16]
+ add $C,$C,$t2
+ ldr $t2,[$T1,#20]
+ add $D,$D,$t0
+ ldr $t0,[$T1,#24]
+ add $E,$E,$t1
+ ldr $t1,[$T1,#28]
+ add $F,$F,$t2
+ ldr $inp,[sp,#17*4] @ pull inp
+ ldr $t2,[sp,#18*4] @ pull inp+len
+ add $G,$G,$t0
+ add $H,$H,$t1
+ stmia $T1,{$A,$B,$C,$D,$E,$F,$G,$H}
+ cmp $inp,$t2
+ sub $Ktbl,$Ktbl,#256 @ rewind Ktbl
+ bne .Loop
+
+ add sp,sp,#`16+3`*4 @ destroy frame
+#if __ARM_ARCH__>=5
+ ldmia sp!,{r4-r11,pc}
+#else
+ ldmia sp!,{r4-r11,lr}
+ tst lr,#1
+ moveq pc,lr @ be binary compatible with V4, yet
+ bx lr @ interoperable with Thumb ISA:-)
+#endif
+.size sha256_block_data_order,.-sha256_block_data_order
+.asciz "SHA256 block transform for ARMv4, CRYPTOGAMS by <appro\@openssl.org>"
+.align 2
+___
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+$code =~ s/\bbx\s+lr\b/.word\t0xe12fff1e/gm; # make it possible to compile with -march=armv4
+print $code;
+close STDOUT; # enforce flush
Copied: trunk/crypto/openssl/crypto/sha/asm/sha512-586.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/sha/asm/sha512-586.pl)
===================================================================
--- trunk/crypto/openssl/crypto/sha/asm/sha512-586.pl (rev 0)
+++ trunk/crypto/openssl/crypto/sha/asm/sha512-586.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,644 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+#
+# SHA512 block transform for x86. September 2007.
+#
+# Performance in clock cycles per processed byte (less is better):
+#
+# Pentium PIII P4 AMD K8 Core2
+# gcc 100 75 116 54 66
+# icc 97 77 95 55 57
+# x86 asm 61 56 82 36 40
+# SSE2 asm - - 38 24 20
+# x86_64 asm(*) - - 30 10.0 10.5
+#
+# (*) x86_64 assembler performance is presented for reference
+# purposes.
+#
+# IALU code-path is optimized for elder Pentiums. On vanilla Pentium
+# performance improvement over compiler generated code reaches ~60%,
+# while on PIII - ~35%. On newer \xB5-archs improvement varies from 15%
+# to 50%, but it's less important as they are expected to execute SSE2
+# code-path, which is commonly ~2-3x faster [than compiler generated
+# code]. SSE2 code-path is as fast as original sha512-sse2.pl, even
+# though it does not use 128-bit operations. The latter means that
+# SSE2-aware kernel is no longer required to execute the code. Another
+# difference is that new code optimizes amount of writes, but at the
+# cost of increased data cache "footprint" by 1/2KB.
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
+require "x86asm.pl";
+
+&asm_init($ARGV[0],"sha512-586.pl",$ARGV[$#ARGV] eq "386");
+
+$sse2=0;
+for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); }
+
+&external_label("OPENSSL_ia32cap_P") if ($sse2);
+
+$Tlo=&DWP(0,"esp"); $Thi=&DWP(4,"esp");
+$Alo=&DWP(8,"esp"); $Ahi=&DWP(8+4,"esp");
+$Blo=&DWP(16,"esp"); $Bhi=&DWP(16+4,"esp");
+$Clo=&DWP(24,"esp"); $Chi=&DWP(24+4,"esp");
+$Dlo=&DWP(32,"esp"); $Dhi=&DWP(32+4,"esp");
+$Elo=&DWP(40,"esp"); $Ehi=&DWP(40+4,"esp");
+$Flo=&DWP(48,"esp"); $Fhi=&DWP(48+4,"esp");
+$Glo=&DWP(56,"esp"); $Ghi=&DWP(56+4,"esp");
+$Hlo=&DWP(64,"esp"); $Hhi=&DWP(64+4,"esp");
+$K512="ebp";
+
+$Asse2=&QWP(0,"esp");
+$Bsse2=&QWP(8,"esp");
+$Csse2=&QWP(16,"esp");
+$Dsse2=&QWP(24,"esp");
+$Esse2=&QWP(32,"esp");
+$Fsse2=&QWP(40,"esp");
+$Gsse2=&QWP(48,"esp");
+$Hsse2=&QWP(56,"esp");
+
+$A="mm0"; # B-D and
+$E="mm4"; # F-H are commonly loaded to respectively mm1-mm3 and
+ # mm5-mm7, but it's done on on-demand basis...
+
+sub BODY_00_15_sse2 {
+ my $prefetch=shift;
+
+ &movq ("mm5",$Fsse2); # load f
+ &movq ("mm6",$Gsse2); # load g
+ &movq ("mm7",$Hsse2); # load h
+
+ &movq ("mm1",$E); # %mm1 is sliding right
+ &movq ("mm2",$E); # %mm2 is sliding left
+ &psrlq ("mm1",14);
+ &movq ($Esse2,$E); # modulo-scheduled save e
+ &psllq ("mm2",23);
+ &movq ("mm3","mm1"); # %mm3 is T1
+ &psrlq ("mm1",4);
+ &pxor ("mm3","mm2");
+ &psllq ("mm2",23);
+ &pxor ("mm3","mm1");
+ &psrlq ("mm1",23);
+ &pxor ("mm3","mm2");
+ &psllq ("mm2",4);
+ &pxor ("mm3","mm1");
+ &paddq ("mm7",QWP(0,$K512)); # h+=K512[i]
+ &pxor ("mm3","mm2"); # T1=Sigma1_512(e)
+
+ &pxor ("mm5","mm6"); # f^=g
+ &movq ("mm1",$Bsse2); # load b
+ &pand ("mm5",$E); # f&=e
+ &movq ("mm2",$Csse2); # load c
+ &pxor ("mm5","mm6"); # f^=g
+ &movq ($E,$Dsse2); # e = load d
+ &paddq ("mm3","mm5"); # T1+=Ch(e,f,g)
+ &movq (&QWP(0,"esp"),$A); # modulo-scheduled save a
+ &paddq ("mm3","mm7"); # T1+=h
+
+ &movq ("mm5",$A); # %mm5 is sliding right
+ &movq ("mm6",$A); # %mm6 is sliding left
+ &paddq ("mm3",&QWP(8*9,"esp")); # T1+=X[0]
+ &psrlq ("mm5",28);
+ &paddq ($E,"mm3"); # e += T1
+ &psllq ("mm6",25);
+ &movq ("mm7","mm5"); # %mm7 is T2
+ &psrlq ("mm5",6);
+ &pxor ("mm7","mm6");
+ &psllq ("mm6",5);
+ &pxor ("mm7","mm5");
+ &psrlq ("mm5",5);
+ &pxor ("mm7","mm6");
+ &psllq ("mm6",6);
+ &pxor ("mm7","mm5");
+ &sub ("esp",8);
+ &pxor ("mm7","mm6"); # T2=Sigma0_512(a)
+
+ &movq ("mm5",$A); # %mm5=a
+ &por ($A,"mm2"); # a=a|c
+ &movq ("mm6",&QWP(8*(9+16-14),"esp")) if ($prefetch);
+ &pand ("mm5","mm2"); # %mm5=a&c
+ &pand ($A,"mm1"); # a=(a|c)&b
+ &movq ("mm2",&QWP(8*(9+16-1),"esp")) if ($prefetch);
+ &por ("mm5",$A); # %mm5=(a&c)|((a|c)&b)
+ &paddq ("mm7","mm5"); # T2+=Maj(a,b,c)
+ &movq ($A,"mm3"); # a=T1
+
+ &mov (&LB("edx"),&BP(0,$K512));
+ &paddq ($A,"mm7"); # a+=T2
+ &add ($K512,8);
+}
+
+sub BODY_00_15_x86 {
+ #define Sigma1(x) (ROTR((x),14) ^ ROTR((x),18) ^ ROTR((x),41))
+ # LO lo>>14^hi<<18 ^ lo>>18^hi<<14 ^ hi>>9^lo<<23
+ # HI hi>>14^lo<<18 ^ hi>>18^lo<<14 ^ lo>>9^hi<<23
+ &mov ("ecx",$Elo);
+ &mov ("edx",$Ehi);
+ &mov ("esi","ecx");
+
+ &shr ("ecx",9); # lo>>9
+ &mov ("edi","edx");
+ &shr ("edx",9); # hi>>9
+ &mov ("ebx","ecx");
+ &shl ("esi",14); # lo<<14
+ &mov ("eax","edx");
+ &shl ("edi",14); # hi<<14
+ &xor ("ebx","esi");
+
+ &shr ("ecx",14-9); # lo>>14
+ &xor ("eax","edi");
+ &shr ("edx",14-9); # hi>>14
+ &xor ("eax","ecx");
+ &shl ("esi",18-14); # lo<<18
+ &xor ("ebx","edx");
+ &shl ("edi",18-14); # hi<<18
+ &xor ("ebx","esi");
+
+ &shr ("ecx",18-14); # lo>>18
+ &xor ("eax","edi");
+ &shr ("edx",18-14); # hi>>18
+ &xor ("eax","ecx");
+ &shl ("esi",23-18); # lo<<23
+ &xor ("ebx","edx");
+ &shl ("edi",23-18); # hi<<23
+ &xor ("eax","esi");
+ &xor ("ebx","edi"); # T1 = Sigma1(e)
+
+ &mov ("ecx",$Flo);
+ &mov ("edx",$Fhi);
+ &mov ("esi",$Glo);
+ &mov ("edi",$Ghi);
+ &add ("eax",$Hlo);
+ &adc ("ebx",$Hhi); # T1 += h
+ &xor ("ecx","esi");
+ &xor ("edx","edi");
+ &and ("ecx",$Elo);
+ &and ("edx",$Ehi);
+ &add ("eax",&DWP(8*(9+15)+0,"esp"));
+ &adc ("ebx",&DWP(8*(9+15)+4,"esp")); # T1 += X[0]
+ &xor ("ecx","esi");
+ &xor ("edx","edi"); # Ch(e,f,g) = (f^g)&e)^g
+
+ &mov ("esi",&DWP(0,$K512));
+ &mov ("edi",&DWP(4,$K512)); # K[i]
+ &add ("eax","ecx");
+ &adc ("ebx","edx"); # T1 += Ch(e,f,g)
+ &mov ("ecx",$Dlo);
+ &mov ("edx",$Dhi);
+ &add ("eax","esi");
+ &adc ("ebx","edi"); # T1 += K[i]
+ &mov ($Tlo,"eax");
+ &mov ($Thi,"ebx"); # put T1 away
+ &add ("eax","ecx");
+ &adc ("ebx","edx"); # d += T1
+
+ #define Sigma0(x) (ROTR((x),28) ^ ROTR((x),34) ^ ROTR((x),39))
+ # LO lo>>28^hi<<4 ^ hi>>2^lo<<30 ^ hi>>7^lo<<25
+ # HI hi>>28^lo<<4 ^ lo>>2^hi<<30 ^ lo>>7^hi<<25
+ &mov ("ecx",$Alo);
+ &mov ("edx",$Ahi);
+ &mov ($Dlo,"eax");
+ &mov ($Dhi,"ebx");
+ &mov ("esi","ecx");
+
+ &shr ("ecx",2); # lo>>2
+ &mov ("edi","edx");
+ &shr ("edx",2); # hi>>2
+ &mov ("ebx","ecx");
+ &shl ("esi",4); # lo<<4
+ &mov ("eax","edx");
+ &shl ("edi",4); # hi<<4
+ &xor ("ebx","esi");
+
+ &shr ("ecx",7-2); # lo>>7
+ &xor ("eax","edi");
+ &shr ("edx",7-2); # hi>>7
+ &xor ("ebx","ecx");
+ &shl ("esi",25-4); # lo<<25
+ &xor ("eax","edx");
+ &shl ("edi",25-4); # hi<<25
+ &xor ("eax","esi");
+
+ &shr ("ecx",28-7); # lo>>28
+ &xor ("ebx","edi");
+ &shr ("edx",28-7); # hi>>28
+ &xor ("eax","ecx");
+ &shl ("esi",30-25); # lo<<30
+ &xor ("ebx","edx");
+ &shl ("edi",30-25); # hi<<30
+ &xor ("eax","esi");
+ &xor ("ebx","edi"); # Sigma0(a)
+
+ &mov ("ecx",$Alo);
+ &mov ("edx",$Ahi);
+ &mov ("esi",$Blo);
+ &mov ("edi",$Bhi);
+ &add ("eax",$Tlo);
+ &adc ("ebx",$Thi); # T1 = Sigma0(a)+T1
+ &or ("ecx","esi");
+ &or ("edx","edi");
+ &and ("ecx",$Clo);
+ &and ("edx",$Chi);
+ &and ("esi",$Alo);
+ &and ("edi",$Ahi);
+ &or ("ecx","esi");
+ &or ("edx","edi"); # Maj(a,b,c) = ((a|b)&c)|(a&b)
+
+ &add ("eax","ecx");
+ &adc ("ebx","edx"); # T1 += Maj(a,b,c)
+ &mov ($Tlo,"eax");
+ &mov ($Thi,"ebx");
+
+ &mov (&LB("edx"),&BP(0,$K512)); # pre-fetch LSB of *K
+ &sub ("esp",8);
+ &lea ($K512,&DWP(8,$K512)); # K++
+}
+
+
+&function_begin("sha512_block_data_order");
+ &mov ("esi",wparam(0)); # ctx
+ &mov ("edi",wparam(1)); # inp
+ &mov ("eax",wparam(2)); # num
+ &mov ("ebx","esp"); # saved sp
+
+ &call (&label("pic_point")); # make it PIC!
+&set_label("pic_point");
+ &blindpop($K512);
+ &lea ($K512,&DWP(&label("K512")."-".&label("pic_point"),$K512));
+
+ &sub ("esp",16);
+ &and ("esp",-64);
+
+ &shl ("eax",7);
+ &add ("eax","edi");
+ &mov (&DWP(0,"esp"),"esi"); # ctx
+ &mov (&DWP(4,"esp"),"edi"); # inp
+ &mov (&DWP(8,"esp"),"eax"); # inp+num*128
+ &mov (&DWP(12,"esp"),"ebx"); # saved sp
+
+if ($sse2) {
+ &picmeup("edx","OPENSSL_ia32cap_P",$K512,&label("K512"));
+ &bt (&DWP(0,"edx"),26);
+ &jnc (&label("loop_x86"));
+
+ # load ctx->h[0-7]
+ &movq ($A,&QWP(0,"esi"));
+ &movq ("mm1",&QWP(8,"esi"));
+ &movq ("mm2",&QWP(16,"esi"));
+ &movq ("mm3",&QWP(24,"esi"));
+ &movq ($E,&QWP(32,"esi"));
+ &movq ("mm5",&QWP(40,"esi"));
+ &movq ("mm6",&QWP(48,"esi"));
+ &movq ("mm7",&QWP(56,"esi"));
+ &sub ("esp",8*10);
+
+&set_label("loop_sse2",16);
+ # &movq ($Asse2,$A);
+ &movq ($Bsse2,"mm1");
+ &movq ($Csse2,"mm2");
+ &movq ($Dsse2,"mm3");
+ # &movq ($Esse2,$E);
+ &movq ($Fsse2,"mm5");
+ &movq ($Gsse2,"mm6");
+ &movq ($Hsse2,"mm7");
+
+ &mov ("ecx",&DWP(0,"edi"));
+ &mov ("edx",&DWP(4,"edi"));
+ &add ("edi",8);
+ &bswap ("ecx");
+ &bswap ("edx");
+ &mov (&DWP(8*9+4,"esp"),"ecx");
+ &mov (&DWP(8*9+0,"esp"),"edx");
+
+&set_label("00_14_sse2",16);
+ &mov ("eax",&DWP(0,"edi"));
+ &mov ("ebx",&DWP(4,"edi"));
+ &add ("edi",8);
+ &bswap ("eax");
+ &bswap ("ebx");
+ &mov (&DWP(8*8+4,"esp"),"eax");
+ &mov (&DWP(8*8+0,"esp"),"ebx");
+
+ &BODY_00_15_sse2();
+
+ &cmp (&LB("edx"),0x35);
+ &jne (&label("00_14_sse2"));
+
+ &BODY_00_15_sse2(1);
+
+&set_label("16_79_sse2",16);
+ #&movq ("mm2",&QWP(8*(9+16-1),"esp")); #prefetched in BODY_00_15
+ #&movq ("mm6",&QWP(8*(9+16-14),"esp"));
+ &movq ("mm1","mm2");
+
+ &psrlq ("mm2",1);
+ &movq ("mm7","mm6");
+ &psrlq ("mm6",6);
+ &movq ("mm3","mm2");
+
+ &psrlq ("mm2",7-1);
+ &movq ("mm5","mm6");
+ &psrlq ("mm6",19-6);
+ &pxor ("mm3","mm2");
+
+ &psrlq ("mm2",8-7);
+ &pxor ("mm5","mm6");
+ &psrlq ("mm6",61-19);
+ &pxor ("mm3","mm2");
+
+ &movq ("mm2",&QWP(8*(9+16),"esp"));
+
+ &psllq ("mm1",56);
+ &pxor ("mm5","mm6");
+ &psllq ("mm7",3);
+ &pxor ("mm3","mm1");
+
+ &paddq ("mm2",&QWP(8*(9+16-9),"esp"));
+
+ &psllq ("mm1",63-56);
+ &pxor ("mm5","mm7");
+ &psllq ("mm7",45-3);
+ &pxor ("mm3","mm1");
+ &pxor ("mm5","mm7");
+
+ &paddq ("mm3","mm5");
+ &paddq ("mm3","mm2");
+ &movq (&QWP(8*9,"esp"),"mm3");
+
+ &BODY_00_15_sse2(1);
+
+ &cmp (&LB("edx"),0x17);
+ &jne (&label("16_79_sse2"));
+
+ # &movq ($A,$Asse2);
+ &movq ("mm1",$Bsse2);
+ &movq ("mm2",$Csse2);
+ &movq ("mm3",$Dsse2);
+ # &movq ($E,$Esse2);
+ &movq ("mm5",$Fsse2);
+ &movq ("mm6",$Gsse2);
+ &movq ("mm7",$Hsse2);
+
+ &paddq ($A,&QWP(0,"esi"));
+ &paddq ("mm1",&QWP(8,"esi"));
+ &paddq ("mm2",&QWP(16,"esi"));
+ &paddq ("mm3",&QWP(24,"esi"));
+ &paddq ($E,&QWP(32,"esi"));
+ &paddq ("mm5",&QWP(40,"esi"));
+ &paddq ("mm6",&QWP(48,"esi"));
+ &paddq ("mm7",&QWP(56,"esi"));
+
+ &movq (&QWP(0,"esi"),$A);
+ &movq (&QWP(8,"esi"),"mm1");
+ &movq (&QWP(16,"esi"),"mm2");
+ &movq (&QWP(24,"esi"),"mm3");
+ &movq (&QWP(32,"esi"),$E);
+ &movq (&QWP(40,"esi"),"mm5");
+ &movq (&QWP(48,"esi"),"mm6");
+ &movq (&QWP(56,"esi"),"mm7");
+
+ &add ("esp",8*80); # destroy frame
+ &sub ($K512,8*80); # rewind K
+
+ &cmp ("edi",&DWP(8*10+8,"esp")); # are we done yet?
+ &jb (&label("loop_sse2"));
+
+ &emms ();
+ &mov ("esp",&DWP(8*10+12,"esp")); # restore sp
+&function_end_A();
+}
+&set_label("loop_x86",16);
+ # copy input block to stack reversing byte and qword order
+ for ($i=0;$i<8;$i++) {
+ &mov ("eax",&DWP($i*16+0,"edi"));
+ &mov ("ebx",&DWP($i*16+4,"edi"));
+ &mov ("ecx",&DWP($i*16+8,"edi"));
+ &mov ("edx",&DWP($i*16+12,"edi"));
+ &bswap ("eax");
+ &bswap ("ebx");
+ &bswap ("ecx");
+ &bswap ("edx");
+ &push ("eax");
+ &push ("ebx");
+ &push ("ecx");
+ &push ("edx");
+ }
+ &add ("edi",128);
+ &sub ("esp",9*8); # place for T,A,B,C,D,E,F,G,H
+ &mov (&DWP(8*(9+16)+4,"esp"),"edi");
+
+ # copy ctx->h[0-7] to A,B,C,D,E,F,G,H on stack
+ &lea ("edi",&DWP(8,"esp"));
+ &mov ("ecx",16);
+ &data_word(0xA5F3F689); # rep movsd
+
+&set_label("00_15_x86",16);
+ &BODY_00_15_x86();
+
+ &cmp (&LB("edx"),0x94);
+ &jne (&label("00_15_x86"));
+
+&set_label("16_79_x86",16);
+ #define sigma0(x) (ROTR((x),1) ^ ROTR((x),8) ^ ((x)>>7))
+ # LO lo>>1^hi<<31 ^ lo>>8^hi<<24 ^ lo>>7^hi<<25
+ # HI hi>>1^lo<<31 ^ hi>>8^lo<<24 ^ hi>>7
+ &mov ("ecx",&DWP(8*(9+15+16-1)+0,"esp"));
+ &mov ("edx",&DWP(8*(9+15+16-1)+4,"esp"));
+ &mov ("esi","ecx");
+
+ &shr ("ecx",1); # lo>>1
+ &mov ("edi","edx");
+ &shr ("edx",1); # hi>>1
+ &mov ("eax","ecx");
+ &shl ("esi",24); # lo<<24
+ &mov ("ebx","edx");
+ &shl ("edi",24); # hi<<24
+ &xor ("ebx","esi");
+
+ &shr ("ecx",7-1); # lo>>7
+ &xor ("eax","edi");
+ &shr ("edx",7-1); # hi>>7
+ &xor ("eax","ecx");
+ &shl ("esi",31-24); # lo<<31
+ &xor ("ebx","edx");
+ &shl ("edi",25-24); # hi<<25
+ &xor ("ebx","esi");
+
+ &shr ("ecx",8-7); # lo>>8
+ &xor ("eax","edi");
+ &shr ("edx",8-7); # hi>>8
+ &xor ("eax","ecx");
+ &shl ("edi",31-25); # hi<<31
+ &xor ("ebx","edx");
+ &xor ("eax","edi"); # T1 = sigma0(X[-15])
+
+ &mov (&DWP(0,"esp"),"eax");
+ &mov (&DWP(4,"esp"),"ebx"); # put T1 away
+
+ #define sigma1(x) (ROTR((x),19) ^ ROTR((x),61) ^ ((x)>>6))
+ # LO lo>>19^hi<<13 ^ hi>>29^lo<<3 ^ lo>>6^hi<<26
+ # HI hi>>19^lo<<13 ^ lo>>29^hi<<3 ^ hi>>6
+ &mov ("ecx",&DWP(8*(9+15+16-14)+0,"esp"));
+ &mov ("edx",&DWP(8*(9+15+16-14)+4,"esp"));
+ &mov ("esi","ecx");
+
+ &shr ("ecx",6); # lo>>6
+ &mov ("edi","edx");
+ &shr ("edx",6); # hi>>6
+ &mov ("eax","ecx");
+ &shl ("esi",3); # lo<<3
+ &mov ("ebx","edx");
+ &shl ("edi",3); # hi<<3
+ &xor ("eax","esi");
+
+ &shr ("ecx",19-6); # lo>>19
+ &xor ("ebx","edi");
+ &shr ("edx",19-6); # hi>>19
+ &xor ("eax","ecx");
+ &shl ("esi",13-3); # lo<<13
+ &xor ("ebx","edx");
+ &shl ("edi",13-3); # hi<<13
+ &xor ("ebx","esi");
+
+ &shr ("ecx",29-19); # lo>>29
+ &xor ("eax","edi");
+ &shr ("edx",29-19); # hi>>29
+ &xor ("ebx","ecx");
+ &shl ("edi",26-13); # hi<<26
+ &xor ("eax","edx");
+ &xor ("eax","edi"); # sigma1(X[-2])
+
+ &mov ("ecx",&DWP(8*(9+15+16)+0,"esp"));
+ &mov ("edx",&DWP(8*(9+15+16)+4,"esp"));
+ &add ("eax",&DWP(0,"esp"));
+ &adc ("ebx",&DWP(4,"esp")); # T1 = sigma1(X[-2])+T1
+ &mov ("esi",&DWP(8*(9+15+16-9)+0,"esp"));
+ &mov ("edi",&DWP(8*(9+15+16-9)+4,"esp"));
+ &add ("eax","ecx");
+ &adc ("ebx","edx"); # T1 += X[-16]
+ &add ("eax","esi");
+ &adc ("ebx","edi"); # T1 += X[-7]
+ &mov (&DWP(8*(9+15)+0,"esp"),"eax");
+ &mov (&DWP(8*(9+15)+4,"esp"),"ebx"); # save X[0]
+
+ &BODY_00_15_x86();
+
+ &cmp (&LB("edx"),0x17);
+ &jne (&label("16_79_x86"));
+
+ &mov ("esi",&DWP(8*(9+16+80)+0,"esp"));# ctx
+ &mov ("edi",&DWP(8*(9+16+80)+4,"esp"));# inp
+ for($i=0;$i<4;$i++) {
+ &mov ("eax",&DWP($i*16+0,"esi"));
+ &mov ("ebx",&DWP($i*16+4,"esi"));
+ &mov ("ecx",&DWP($i*16+8,"esi"));
+ &mov ("edx",&DWP($i*16+12,"esi"));
+ &add ("eax",&DWP(8+($i*16)+0,"esp"));
+ &adc ("ebx",&DWP(8+($i*16)+4,"esp"));
+ &mov (&DWP($i*16+0,"esi"),"eax");
+ &mov (&DWP($i*16+4,"esi"),"ebx");
+ &add ("ecx",&DWP(8+($i*16)+8,"esp"));
+ &adc ("edx",&DWP(8+($i*16)+12,"esp"));
+ &mov (&DWP($i*16+8,"esi"),"ecx");
+ &mov (&DWP($i*16+12,"esi"),"edx");
+ }
+ &add ("esp",8*(9+16+80)); # destroy frame
+ &sub ($K512,8*80); # rewind K
+
+ &cmp ("edi",&DWP(8,"esp")); # are we done yet?
+ &jb (&label("loop_x86"));
+
+ &mov ("esp",&DWP(12,"esp")); # restore sp
+&function_end_A();
+
+&set_label("K512",64); # Yes! I keep it in the code segment!
+ &data_word(0xd728ae22,0x428a2f98); # u64
+ &data_word(0x23ef65cd,0x71374491); # u64
+ &data_word(0xec4d3b2f,0xb5c0fbcf); # u64
+ &data_word(0x8189dbbc,0xe9b5dba5); # u64
+ &data_word(0xf348b538,0x3956c25b); # u64
+ &data_word(0xb605d019,0x59f111f1); # u64
+ &data_word(0xaf194f9b,0x923f82a4); # u64
+ &data_word(0xda6d8118,0xab1c5ed5); # u64
+ &data_word(0xa3030242,0xd807aa98); # u64
+ &data_word(0x45706fbe,0x12835b01); # u64
+ &data_word(0x4ee4b28c,0x243185be); # u64
+ &data_word(0xd5ffb4e2,0x550c7dc3); # u64
+ &data_word(0xf27b896f,0x72be5d74); # u64
+ &data_word(0x3b1696b1,0x80deb1fe); # u64
+ &data_word(0x25c71235,0x9bdc06a7); # u64
+ &data_word(0xcf692694,0xc19bf174); # u64
+ &data_word(0x9ef14ad2,0xe49b69c1); # u64
+ &data_word(0x384f25e3,0xefbe4786); # u64
+ &data_word(0x8b8cd5b5,0x0fc19dc6); # u64
+ &data_word(0x77ac9c65,0x240ca1cc); # u64
+ &data_word(0x592b0275,0x2de92c6f); # u64
+ &data_word(0x6ea6e483,0x4a7484aa); # u64
+ &data_word(0xbd41fbd4,0x5cb0a9dc); # u64
+ &data_word(0x831153b5,0x76f988da); # u64
+ &data_word(0xee66dfab,0x983e5152); # u64
+ &data_word(0x2db43210,0xa831c66d); # u64
+ &data_word(0x98fb213f,0xb00327c8); # u64
+ &data_word(0xbeef0ee4,0xbf597fc7); # u64
+ &data_word(0x3da88fc2,0xc6e00bf3); # u64
+ &data_word(0x930aa725,0xd5a79147); # u64
+ &data_word(0xe003826f,0x06ca6351); # u64
+ &data_word(0x0a0e6e70,0x14292967); # u64
+ &data_word(0x46d22ffc,0x27b70a85); # u64
+ &data_word(0x5c26c926,0x2e1b2138); # u64
+ &data_word(0x5ac42aed,0x4d2c6dfc); # u64
+ &data_word(0x9d95b3df,0x53380d13); # u64
+ &data_word(0x8baf63de,0x650a7354); # u64
+ &data_word(0x3c77b2a8,0x766a0abb); # u64
+ &data_word(0x47edaee6,0x81c2c92e); # u64
+ &data_word(0x1482353b,0x92722c85); # u64
+ &data_word(0x4cf10364,0xa2bfe8a1); # u64
+ &data_word(0xbc423001,0xa81a664b); # u64
+ &data_word(0xd0f89791,0xc24b8b70); # u64
+ &data_word(0x0654be30,0xc76c51a3); # u64
+ &data_word(0xd6ef5218,0xd192e819); # u64
+ &data_word(0x5565a910,0xd6990624); # u64
+ &data_word(0x5771202a,0xf40e3585); # u64
+ &data_word(0x32bbd1b8,0x106aa070); # u64
+ &data_word(0xb8d2d0c8,0x19a4c116); # u64
+ &data_word(0x5141ab53,0x1e376c08); # u64
+ &data_word(0xdf8eeb99,0x2748774c); # u64
+ &data_word(0xe19b48a8,0x34b0bcb5); # u64
+ &data_word(0xc5c95a63,0x391c0cb3); # u64
+ &data_word(0xe3418acb,0x4ed8aa4a); # u64
+ &data_word(0x7763e373,0x5b9cca4f); # u64
+ &data_word(0xd6b2b8a3,0x682e6ff3); # u64
+ &data_word(0x5defb2fc,0x748f82ee); # u64
+ &data_word(0x43172f60,0x78a5636f); # u64
+ &data_word(0xa1f0ab72,0x84c87814); # u64
+ &data_word(0x1a6439ec,0x8cc70208); # u64
+ &data_word(0x23631e28,0x90befffa); # u64
+ &data_word(0xde82bde9,0xa4506ceb); # u64
+ &data_word(0xb2c67915,0xbef9a3f7); # u64
+ &data_word(0xe372532b,0xc67178f2); # u64
+ &data_word(0xea26619c,0xca273ece); # u64
+ &data_word(0x21c0c207,0xd186b8c7); # u64
+ &data_word(0xcde0eb1e,0xeada7dd6); # u64
+ &data_word(0xee6ed178,0xf57d4f7f); # u64
+ &data_word(0x72176fba,0x06f067aa); # u64
+ &data_word(0xa2c898a6,0x0a637dc5); # u64
+ &data_word(0xbef90dae,0x113f9804); # u64
+ &data_word(0x131c471b,0x1b710b35); # u64
+ &data_word(0x23047d84,0x28db77f5); # u64
+ &data_word(0x40c72493,0x32caab7b); # u64
+ &data_word(0x15c9bebc,0x3c9ebe0a); # u64
+ &data_word(0x9c100d4c,0x431d67c4); # u64
+ &data_word(0xcb3e42b6,0x4cc5d4be); # u64
+ &data_word(0xfc657e2a,0x597f299c); # u64
+ &data_word(0x3ad6faec,0x5fcb6fab); # u64
+ &data_word(0x4a475817,0x6c44198c); # u64
+&function_end_B("sha512_block_data_order");
+&asciz("SHA512 block transform for x86, CRYPTOGAMS by <appro\@openssl.org>");
+
+&asm_finish();
Copied: trunk/crypto/openssl/crypto/sha/asm/sha512-armv4.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/sha/asm/sha512-armv4.pl)
===================================================================
--- trunk/crypto/openssl/crypto/sha/asm/sha512-armv4.pl (rev 0)
+++ trunk/crypto/openssl/crypto/sha/asm/sha512-armv4.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,582 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# SHA512 block procedure for ARMv4. September 2007.
+
+# This code is ~4.5 (four and a half) times faster than code generated
+# by gcc 3.4 and it spends ~72 clock cycles per byte [on single-issue
+# Xscale PXA250 core].
+#
+# July 2010.
+#
+# Rescheduling for dual-issue pipeline resulted in 6% improvement on
+# Cortex A8 core and ~40 cycles per processed byte.
+
+# February 2011.
+#
+# Profiler-assisted and platform-specific optimization resulted in 7%
+# improvement on Coxtex A8 core and ~38 cycles per byte.
+
+# March 2011.
+#
+# Add NEON implementation. On Cortex A8 it was measured to process
+# one byte in 25.5 cycles or 47% faster than integer-only code.
+
+# Byte order [in]dependence. =========================================
+#
+# Originally caller was expected to maintain specific *dword* order in
+# h[0-7], namely with most significant dword at *lower* address, which
+# was reflected in below two parameters as 0 and 4. Now caller is
+# expected to maintain native byte order for whole 64-bit values.
+$hi="HI";
+$lo="LO";
+# ====================================================================
+
+while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
+open STDOUT,">$output";
+
+$ctx="r0"; # parameter block
+$inp="r1";
+$len="r2";
+
+$Tlo="r3";
+$Thi="r4";
+$Alo="r5";
+$Ahi="r6";
+$Elo="r7";
+$Ehi="r8";
+$t0="r9";
+$t1="r10";
+$t2="r11";
+$t3="r12";
+############ r13 is stack pointer
+$Ktbl="r14";
+############ r15 is program counter
+
+$Aoff=8*0;
+$Boff=8*1;
+$Coff=8*2;
+$Doff=8*3;
+$Eoff=8*4;
+$Foff=8*5;
+$Goff=8*6;
+$Hoff=8*7;
+$Xoff=8*8;
+
+sub BODY_00_15() {
+my $magic = shift;
+$code.=<<___;
+ @ Sigma1(x) (ROTR((x),14) ^ ROTR((x),18) ^ ROTR((x),41))
+ @ LO lo>>14^hi<<18 ^ lo>>18^hi<<14 ^ hi>>9^lo<<23
+ @ HI hi>>14^lo<<18 ^ hi>>18^lo<<14 ^ lo>>9^hi<<23
+ mov $t0,$Elo,lsr#14
+ str $Tlo,[sp,#$Xoff+0]
+ mov $t1,$Ehi,lsr#14
+ str $Thi,[sp,#$Xoff+4]
+ eor $t0,$t0,$Ehi,lsl#18
+ ldr $t2,[sp,#$Hoff+0] @ h.lo
+ eor $t1,$t1,$Elo,lsl#18
+ ldr $t3,[sp,#$Hoff+4] @ h.hi
+ eor $t0,$t0,$Elo,lsr#18
+ eor $t1,$t1,$Ehi,lsr#18
+ eor $t0,$t0,$Ehi,lsl#14
+ eor $t1,$t1,$Elo,lsl#14
+ eor $t0,$t0,$Ehi,lsr#9
+ eor $t1,$t1,$Elo,lsr#9
+ eor $t0,$t0,$Elo,lsl#23
+ eor $t1,$t1,$Ehi,lsl#23 @ Sigma1(e)
+ adds $Tlo,$Tlo,$t0
+ ldr $t0,[sp,#$Foff+0] @ f.lo
+ adc $Thi,$Thi,$t1 @ T += Sigma1(e)
+ ldr $t1,[sp,#$Foff+4] @ f.hi
+ adds $Tlo,$Tlo,$t2
+ ldr $t2,[sp,#$Goff+0] @ g.lo
+ adc $Thi,$Thi,$t3 @ T += h
+ ldr $t3,[sp,#$Goff+4] @ g.hi
+
+ eor $t0,$t0,$t2
+ str $Elo,[sp,#$Eoff+0]
+ eor $t1,$t1,$t3
+ str $Ehi,[sp,#$Eoff+4]
+ and $t0,$t0,$Elo
+ str $Alo,[sp,#$Aoff+0]
+ and $t1,$t1,$Ehi
+ str $Ahi,[sp,#$Aoff+4]
+ eor $t0,$t0,$t2
+ ldr $t2,[$Ktbl,#$lo] @ K[i].lo
+ eor $t1,$t1,$t3 @ Ch(e,f,g)
+ ldr $t3,[$Ktbl,#$hi] @ K[i].hi
+
+ adds $Tlo,$Tlo,$t0
+ ldr $Elo,[sp,#$Doff+0] @ d.lo
+ adc $Thi,$Thi,$t1 @ T += Ch(e,f,g)
+ ldr $Ehi,[sp,#$Doff+4] @ d.hi
+ adds $Tlo,$Tlo,$t2
+ and $t0,$t2,#0xff
+ adc $Thi,$Thi,$t3 @ T += K[i]
+ adds $Elo,$Elo,$Tlo
+ ldr $t2,[sp,#$Boff+0] @ b.lo
+ adc $Ehi,$Ehi,$Thi @ d += T
+ teq $t0,#$magic
+
+ ldr $t3,[sp,#$Coff+0] @ c.lo
+ orreq $Ktbl,$Ktbl,#1
+ @ Sigma0(x) (ROTR((x),28) ^ ROTR((x),34) ^ ROTR((x),39))
+ @ LO lo>>28^hi<<4 ^ hi>>2^lo<<30 ^ hi>>7^lo<<25
+ @ HI hi>>28^lo<<4 ^ lo>>2^hi<<30 ^ lo>>7^hi<<25
+ mov $t0,$Alo,lsr#28
+ mov $t1,$Ahi,lsr#28
+ eor $t0,$t0,$Ahi,lsl#4
+ eor $t1,$t1,$Alo,lsl#4
+ eor $t0,$t0,$Ahi,lsr#2
+ eor $t1,$t1,$Alo,lsr#2
+ eor $t0,$t0,$Alo,lsl#30
+ eor $t1,$t1,$Ahi,lsl#30
+ eor $t0,$t0,$Ahi,lsr#7
+ eor $t1,$t1,$Alo,lsr#7
+ eor $t0,$t0,$Alo,lsl#25
+ eor $t1,$t1,$Ahi,lsl#25 @ Sigma0(a)
+ adds $Tlo,$Tlo,$t0
+ and $t0,$Alo,$t2
+ adc $Thi,$Thi,$t1 @ T += Sigma0(a)
+
+ ldr $t1,[sp,#$Boff+4] @ b.hi
+ orr $Alo,$Alo,$t2
+ ldr $t2,[sp,#$Coff+4] @ c.hi
+ and $Alo,$Alo,$t3
+ and $t3,$Ahi,$t1
+ orr $Ahi,$Ahi,$t1
+ orr $Alo,$Alo,$t0 @ Maj(a,b,c).lo
+ and $Ahi,$Ahi,$t2
+ adds $Alo,$Alo,$Tlo
+ orr $Ahi,$Ahi,$t3 @ Maj(a,b,c).hi
+ sub sp,sp,#8
+ adc $Ahi,$Ahi,$Thi @ h += T
+ tst $Ktbl,#1
+ add $Ktbl,$Ktbl,#8
+___
+}
+$code=<<___;
+#include "arm_arch.h"
+#ifdef __ARMEL__
+# define LO 0
+# define HI 4
+# define WORD64(hi0,lo0,hi1,lo1) .word lo0,hi0, lo1,hi1
+#else
+# define HI 0
+# define LO 4
+# define WORD64(hi0,lo0,hi1,lo1) .word hi0,lo0, hi1,lo1
+#endif
+
+.text
+.code 32
+.type K512,%object
+.align 5
+K512:
+WORD64(0x428a2f98,0xd728ae22, 0x71374491,0x23ef65cd)
+WORD64(0xb5c0fbcf,0xec4d3b2f, 0xe9b5dba5,0x8189dbbc)
+WORD64(0x3956c25b,0xf348b538, 0x59f111f1,0xb605d019)
+WORD64(0x923f82a4,0xaf194f9b, 0xab1c5ed5,0xda6d8118)
+WORD64(0xd807aa98,0xa3030242, 0x12835b01,0x45706fbe)
+WORD64(0x243185be,0x4ee4b28c, 0x550c7dc3,0xd5ffb4e2)
+WORD64(0x72be5d74,0xf27b896f, 0x80deb1fe,0x3b1696b1)
+WORD64(0x9bdc06a7,0x25c71235, 0xc19bf174,0xcf692694)
+WORD64(0xe49b69c1,0x9ef14ad2, 0xefbe4786,0x384f25e3)
+WORD64(0x0fc19dc6,0x8b8cd5b5, 0x240ca1cc,0x77ac9c65)
+WORD64(0x2de92c6f,0x592b0275, 0x4a7484aa,0x6ea6e483)
+WORD64(0x5cb0a9dc,0xbd41fbd4, 0x76f988da,0x831153b5)
+WORD64(0x983e5152,0xee66dfab, 0xa831c66d,0x2db43210)
+WORD64(0xb00327c8,0x98fb213f, 0xbf597fc7,0xbeef0ee4)
+WORD64(0xc6e00bf3,0x3da88fc2, 0xd5a79147,0x930aa725)
+WORD64(0x06ca6351,0xe003826f, 0x14292967,0x0a0e6e70)
+WORD64(0x27b70a85,0x46d22ffc, 0x2e1b2138,0x5c26c926)
+WORD64(0x4d2c6dfc,0x5ac42aed, 0x53380d13,0x9d95b3df)
+WORD64(0x650a7354,0x8baf63de, 0x766a0abb,0x3c77b2a8)
+WORD64(0x81c2c92e,0x47edaee6, 0x92722c85,0x1482353b)
+WORD64(0xa2bfe8a1,0x4cf10364, 0xa81a664b,0xbc423001)
+WORD64(0xc24b8b70,0xd0f89791, 0xc76c51a3,0x0654be30)
+WORD64(0xd192e819,0xd6ef5218, 0xd6990624,0x5565a910)
+WORD64(0xf40e3585,0x5771202a, 0x106aa070,0x32bbd1b8)
+WORD64(0x19a4c116,0xb8d2d0c8, 0x1e376c08,0x5141ab53)
+WORD64(0x2748774c,0xdf8eeb99, 0x34b0bcb5,0xe19b48a8)
+WORD64(0x391c0cb3,0xc5c95a63, 0x4ed8aa4a,0xe3418acb)
+WORD64(0x5b9cca4f,0x7763e373, 0x682e6ff3,0xd6b2b8a3)
+WORD64(0x748f82ee,0x5defb2fc, 0x78a5636f,0x43172f60)
+WORD64(0x84c87814,0xa1f0ab72, 0x8cc70208,0x1a6439ec)
+WORD64(0x90befffa,0x23631e28, 0xa4506ceb,0xde82bde9)
+WORD64(0xbef9a3f7,0xb2c67915, 0xc67178f2,0xe372532b)
+WORD64(0xca273ece,0xea26619c, 0xd186b8c7,0x21c0c207)
+WORD64(0xeada7dd6,0xcde0eb1e, 0xf57d4f7f,0xee6ed178)
+WORD64(0x06f067aa,0x72176fba, 0x0a637dc5,0xa2c898a6)
+WORD64(0x113f9804,0xbef90dae, 0x1b710b35,0x131c471b)
+WORD64(0x28db77f5,0x23047d84, 0x32caab7b,0x40c72493)
+WORD64(0x3c9ebe0a,0x15c9bebc, 0x431d67c4,0x9c100d4c)
+WORD64(0x4cc5d4be,0xcb3e42b6, 0x597f299c,0xfc657e2a)
+WORD64(0x5fcb6fab,0x3ad6faec, 0x6c44198c,0x4a475817)
+.size K512,.-K512
+.LOPENSSL_armcap:
+.word OPENSSL_armcap_P-sha512_block_data_order
+.skip 32-4
+
+.global sha512_block_data_order
+.type sha512_block_data_order,%function
+sha512_block_data_order:
+ sub r3,pc,#8 @ sha512_block_data_order
+ add $len,$inp,$len,lsl#7 @ len to point at the end of inp
+#if __ARM_ARCH__>=7
+ ldr r12,.LOPENSSL_armcap
+ ldr r12,[r3,r12] @ OPENSSL_armcap_P
+ tst r12,#1
+ bne .LNEON
+#endif
+ stmdb sp!,{r4-r12,lr}
+ sub $Ktbl,r3,#672 @ K512
+ sub sp,sp,#9*8
+
+ ldr $Elo,[$ctx,#$Eoff+$lo]
+ ldr $Ehi,[$ctx,#$Eoff+$hi]
+ ldr $t0, [$ctx,#$Goff+$lo]
+ ldr $t1, [$ctx,#$Goff+$hi]
+ ldr $t2, [$ctx,#$Hoff+$lo]
+ ldr $t3, [$ctx,#$Hoff+$hi]
+.Loop:
+ str $t0, [sp,#$Goff+0]
+ str $t1, [sp,#$Goff+4]
+ str $t2, [sp,#$Hoff+0]
+ str $t3, [sp,#$Hoff+4]
+ ldr $Alo,[$ctx,#$Aoff+$lo]
+ ldr $Ahi,[$ctx,#$Aoff+$hi]
+ ldr $Tlo,[$ctx,#$Boff+$lo]
+ ldr $Thi,[$ctx,#$Boff+$hi]
+ ldr $t0, [$ctx,#$Coff+$lo]
+ ldr $t1, [$ctx,#$Coff+$hi]
+ ldr $t2, [$ctx,#$Doff+$lo]
+ ldr $t3, [$ctx,#$Doff+$hi]
+ str $Tlo,[sp,#$Boff+0]
+ str $Thi,[sp,#$Boff+4]
+ str $t0, [sp,#$Coff+0]
+ str $t1, [sp,#$Coff+4]
+ str $t2, [sp,#$Doff+0]
+ str $t3, [sp,#$Doff+4]
+ ldr $Tlo,[$ctx,#$Foff+$lo]
+ ldr $Thi,[$ctx,#$Foff+$hi]
+ str $Tlo,[sp,#$Foff+0]
+ str $Thi,[sp,#$Foff+4]
+
+.L00_15:
+#if __ARM_ARCH__<7
+ ldrb $Tlo,[$inp,#7]
+ ldrb $t0, [$inp,#6]
+ ldrb $t1, [$inp,#5]
+ ldrb $t2, [$inp,#4]
+ ldrb $Thi,[$inp,#3]
+ ldrb $t3, [$inp,#2]
+ orr $Tlo,$Tlo,$t0,lsl#8
+ ldrb $t0, [$inp,#1]
+ orr $Tlo,$Tlo,$t1,lsl#16
+ ldrb $t1, [$inp],#8
+ orr $Tlo,$Tlo,$t2,lsl#24
+ orr $Thi,$Thi,$t3,lsl#8
+ orr $Thi,$Thi,$t0,lsl#16
+ orr $Thi,$Thi,$t1,lsl#24
+#else
+ ldr $Tlo,[$inp,#4]
+ ldr $Thi,[$inp],#8
+#ifdef __ARMEL__
+ rev $Tlo,$Tlo
+ rev $Thi,$Thi
+#endif
+#endif
+___
+ &BODY_00_15(0x94);
+$code.=<<___;
+ tst $Ktbl,#1
+ beq .L00_15
+ ldr $t0,[sp,#`$Xoff+8*(16-1)`+0]
+ ldr $t1,[sp,#`$Xoff+8*(16-1)`+4]
+ bic $Ktbl,$Ktbl,#1
+.L16_79:
+ @ sigma0(x) (ROTR((x),1) ^ ROTR((x),8) ^ ((x)>>7))
+ @ LO lo>>1^hi<<31 ^ lo>>8^hi<<24 ^ lo>>7^hi<<25
+ @ HI hi>>1^lo<<31 ^ hi>>8^lo<<24 ^ hi>>7
+ mov $Tlo,$t0,lsr#1
+ ldr $t2,[sp,#`$Xoff+8*(16-14)`+0]
+ mov $Thi,$t1,lsr#1
+ ldr $t3,[sp,#`$Xoff+8*(16-14)`+4]
+ eor $Tlo,$Tlo,$t1,lsl#31
+ eor $Thi,$Thi,$t0,lsl#31
+ eor $Tlo,$Tlo,$t0,lsr#8
+ eor $Thi,$Thi,$t1,lsr#8
+ eor $Tlo,$Tlo,$t1,lsl#24
+ eor $Thi,$Thi,$t0,lsl#24
+ eor $Tlo,$Tlo,$t0,lsr#7
+ eor $Thi,$Thi,$t1,lsr#7
+ eor $Tlo,$Tlo,$t1,lsl#25
+
+ @ sigma1(x) (ROTR((x),19) ^ ROTR((x),61) ^ ((x)>>6))
+ @ LO lo>>19^hi<<13 ^ hi>>29^lo<<3 ^ lo>>6^hi<<26
+ @ HI hi>>19^lo<<13 ^ lo>>29^hi<<3 ^ hi>>6
+ mov $t0,$t2,lsr#19
+ mov $t1,$t3,lsr#19
+ eor $t0,$t0,$t3,lsl#13
+ eor $t1,$t1,$t2,lsl#13
+ eor $t0,$t0,$t3,lsr#29
+ eor $t1,$t1,$t2,lsr#29
+ eor $t0,$t0,$t2,lsl#3
+ eor $t1,$t1,$t3,lsl#3
+ eor $t0,$t0,$t2,lsr#6
+ eor $t1,$t1,$t3,lsr#6
+ ldr $t2,[sp,#`$Xoff+8*(16-9)`+0]
+ eor $t0,$t0,$t3,lsl#26
+
+ ldr $t3,[sp,#`$Xoff+8*(16-9)`+4]
+ adds $Tlo,$Tlo,$t0
+ ldr $t0,[sp,#`$Xoff+8*16`+0]
+ adc $Thi,$Thi,$t1
+
+ ldr $t1,[sp,#`$Xoff+8*16`+4]
+ adds $Tlo,$Tlo,$t2
+ adc $Thi,$Thi,$t3
+ adds $Tlo,$Tlo,$t0
+ adc $Thi,$Thi,$t1
+___
+ &BODY_00_15(0x17);
+$code.=<<___;
+ ldreq $t0,[sp,#`$Xoff+8*(16-1)`+0]
+ ldreq $t1,[sp,#`$Xoff+8*(16-1)`+4]
+ beq .L16_79
+ bic $Ktbl,$Ktbl,#1
+
+ ldr $Tlo,[sp,#$Boff+0]
+ ldr $Thi,[sp,#$Boff+4]
+ ldr $t0, [$ctx,#$Aoff+$lo]
+ ldr $t1, [$ctx,#$Aoff+$hi]
+ ldr $t2, [$ctx,#$Boff+$lo]
+ ldr $t3, [$ctx,#$Boff+$hi]
+ adds $t0,$Alo,$t0
+ str $t0, [$ctx,#$Aoff+$lo]
+ adc $t1,$Ahi,$t1
+ str $t1, [$ctx,#$Aoff+$hi]
+ adds $t2,$Tlo,$t2
+ str $t2, [$ctx,#$Boff+$lo]
+ adc $t3,$Thi,$t3
+ str $t3, [$ctx,#$Boff+$hi]
+
+ ldr $Alo,[sp,#$Coff+0]
+ ldr $Ahi,[sp,#$Coff+4]
+ ldr $Tlo,[sp,#$Doff+0]
+ ldr $Thi,[sp,#$Doff+4]
+ ldr $t0, [$ctx,#$Coff+$lo]
+ ldr $t1, [$ctx,#$Coff+$hi]
+ ldr $t2, [$ctx,#$Doff+$lo]
+ ldr $t3, [$ctx,#$Doff+$hi]
+ adds $t0,$Alo,$t0
+ str $t0, [$ctx,#$Coff+$lo]
+ adc $t1,$Ahi,$t1
+ str $t1, [$ctx,#$Coff+$hi]
+ adds $t2,$Tlo,$t2
+ str $t2, [$ctx,#$Doff+$lo]
+ adc $t3,$Thi,$t3
+ str $t3, [$ctx,#$Doff+$hi]
+
+ ldr $Tlo,[sp,#$Foff+0]
+ ldr $Thi,[sp,#$Foff+4]
+ ldr $t0, [$ctx,#$Eoff+$lo]
+ ldr $t1, [$ctx,#$Eoff+$hi]
+ ldr $t2, [$ctx,#$Foff+$lo]
+ ldr $t3, [$ctx,#$Foff+$hi]
+ adds $Elo,$Elo,$t0
+ str $Elo,[$ctx,#$Eoff+$lo]
+ adc $Ehi,$Ehi,$t1
+ str $Ehi,[$ctx,#$Eoff+$hi]
+ adds $t2,$Tlo,$t2
+ str $t2, [$ctx,#$Foff+$lo]
+ adc $t3,$Thi,$t3
+ str $t3, [$ctx,#$Foff+$hi]
+
+ ldr $Alo,[sp,#$Goff+0]
+ ldr $Ahi,[sp,#$Goff+4]
+ ldr $Tlo,[sp,#$Hoff+0]
+ ldr $Thi,[sp,#$Hoff+4]
+ ldr $t0, [$ctx,#$Goff+$lo]
+ ldr $t1, [$ctx,#$Goff+$hi]
+ ldr $t2, [$ctx,#$Hoff+$lo]
+ ldr $t3, [$ctx,#$Hoff+$hi]
+ adds $t0,$Alo,$t0
+ str $t0, [$ctx,#$Goff+$lo]
+ adc $t1,$Ahi,$t1
+ str $t1, [$ctx,#$Goff+$hi]
+ adds $t2,$Tlo,$t2
+ str $t2, [$ctx,#$Hoff+$lo]
+ adc $t3,$Thi,$t3
+ str $t3, [$ctx,#$Hoff+$hi]
+
+ add sp,sp,#640
+ sub $Ktbl,$Ktbl,#640
+
+ teq $inp,$len
+ bne .Loop
+
+ add sp,sp,#8*9 @ destroy frame
+#if __ARM_ARCH__>=5
+ ldmia sp!,{r4-r12,pc}
+#else
+ ldmia sp!,{r4-r12,lr}
+ tst lr,#1
+ moveq pc,lr @ be binary compatible with V4, yet
+ bx lr @ interoperable with Thumb ISA:-)
+#endif
+___
+
+{
+my @Sigma0=(28,34,39);
+my @Sigma1=(14,18,41);
+my @sigma0=(1, 8, 7);
+my @sigma1=(19,61,6);
+
+my $Ktbl="r3";
+my $cnt="r12"; # volatile register known as ip, intra-procedure-call scratch
+
+my @X=map("d$_",(0..15));
+my @V=($A,$B,$C,$D,$E,$F,$G,$H)=map("d$_",(16..23));
+
+sub NEON_00_15() {
+my $i=shift;
+my ($a,$b,$c,$d,$e,$f,$g,$h)=@_;
+my ($t0,$t1,$t2,$T1,$K,$Ch,$Maj)=map("d$_",(24..31)); # temps
+
+$code.=<<___ if ($i<16 || $i&1);
+ vshr.u64 $t0,$e,#@Sigma1[0] @ $i
+#if $i<16
+ vld1.64 {@X[$i%16]},[$inp]! @ handles unaligned
+#endif
+ vshr.u64 $t1,$e,#@Sigma1[1]
+ vshr.u64 $t2,$e,#@Sigma1[2]
+___
+$code.=<<___;
+ vld1.64 {$K},[$Ktbl,:64]! @ K[i++]
+ vsli.64 $t0,$e,#`64- at Sigma1[0]`
+ vsli.64 $t1,$e,#`64- at Sigma1[1]`
+ vsli.64 $t2,$e,#`64- at Sigma1[2]`
+#if $i<16 && defined(__ARMEL__)
+ vrev64.8 @X[$i], at X[$i]
+#endif
+ vadd.i64 $T1,$K,$h
+ veor $Ch,$f,$g
+ veor $t0,$t1
+ vand $Ch,$e
+ veor $t0,$t2 @ Sigma1(e)
+ veor $Ch,$g @ Ch(e,f,g)
+ vadd.i64 $T1,$t0
+ vshr.u64 $t0,$a,#@Sigma0[0]
+ vadd.i64 $T1,$Ch
+ vshr.u64 $t1,$a,#@Sigma0[1]
+ vshr.u64 $t2,$a,#@Sigma0[2]
+ vsli.64 $t0,$a,#`64- at Sigma0[0]`
+ vsli.64 $t1,$a,#`64- at Sigma0[1]`
+ vsli.64 $t2,$a,#`64- at Sigma0[2]`
+ vadd.i64 $T1, at X[$i%16]
+ vorr $Maj,$a,$c
+ vand $Ch,$a,$c
+ veor $h,$t0,$t1
+ vand $Maj,$b
+ veor $h,$t2 @ Sigma0(a)
+ vorr $Maj,$Ch @ Maj(a,b,c)
+ vadd.i64 $h,$T1
+ vadd.i64 $d,$T1
+ vadd.i64 $h,$Maj
+___
+}
+
+sub NEON_16_79() {
+my $i=shift;
+
+if ($i&1) { &NEON_00_15($i, at _); return; }
+
+# 2x-vectorized, therefore runs every 2nd round
+my @X=map("q$_",(0..7)); # view @X as 128-bit vector
+my ($t0,$t1,$s0,$s1) = map("q$_",(12..15)); # temps
+my ($d0,$d1,$d2) = map("d$_",(24..26)); # temps from NEON_00_15
+my $e=@_[4]; # $e from NEON_00_15
+$i /= 2;
+$code.=<<___;
+ vshr.u64 $t0, at X[($i+7)%8],#@sigma1[0]
+ vshr.u64 $t1, at X[($i+7)%8],#@sigma1[1]
+ vshr.u64 $s1, at X[($i+7)%8],#@sigma1[2]
+ vsli.64 $t0, at X[($i+7)%8],#`64- at sigma1[0]`
+ vext.8 $s0, at X[$i%8], at X[($i+1)%8],#8 @ X[i+1]
+ vsli.64 $t1, at X[($i+7)%8],#`64- at sigma1[1]`
+ veor $s1,$t0
+ vshr.u64 $t0,$s0,#@sigma0[0]
+ veor $s1,$t1 @ sigma1(X[i+14])
+ vshr.u64 $t1,$s0,#@sigma0[1]
+ vadd.i64 @X[$i%8],$s1
+ vshr.u64 $s1,$s0,#@sigma0[2]
+ vsli.64 $t0,$s0,#`64- at sigma0[0]`
+ vsli.64 $t1,$s0,#`64- at sigma0[1]`
+ vext.8 $s0, at X[($i+4)%8], at X[($i+5)%8],#8 @ X[i+9]
+ veor $s1,$t0
+ vshr.u64 $d0,$e,#@Sigma1[0] @ from NEON_00_15
+ vadd.i64 @X[$i%8],$s0
+ vshr.u64 $d1,$e,#@Sigma1[1] @ from NEON_00_15
+ veor $s1,$t1 @ sigma0(X[i+1])
+ vshr.u64 $d2,$e,#@Sigma1[2] @ from NEON_00_15
+ vadd.i64 @X[$i%8],$s1
+___
+ &NEON_00_15(2*$i, at _);
+}
+
+$code.=<<___;
+#if __ARM_ARCH__>=7
+.fpu neon
+
+.align 4
+.LNEON:
+ dmb @ errata #451034 on early Cortex A8
+ vstmdb sp!,{d8-d15} @ ABI specification says so
+ sub $Ktbl,r3,#672 @ K512
+ vldmia $ctx,{$A-$H} @ load context
+.Loop_neon:
+___
+for($i=0;$i<16;$i++) { &NEON_00_15($i, at V); unshift(@V,pop(@V)); }
+$code.=<<___;
+ mov $cnt,#4
+.L16_79_neon:
+ subs $cnt,#1
+___
+for(;$i<32;$i++) { &NEON_16_79($i, at V); unshift(@V,pop(@V)); }
+$code.=<<___;
+ bne .L16_79_neon
+
+ vldmia $ctx,{d24-d31} @ load context to temp
+ vadd.i64 q8,q12 @ vectorized accumulate
+ vadd.i64 q9,q13
+ vadd.i64 q10,q14
+ vadd.i64 q11,q15
+ vstmia $ctx,{$A-$H} @ save context
+ teq $inp,$len
+ sub $Ktbl,#640 @ rewind K512
+ bne .Loop_neon
+
+ vldmia sp!,{d8-d15} @ epilogue
+ bx lr
+#endif
+___
+}
+$code.=<<___;
+.size sha512_block_data_order,.-sha512_block_data_order
+.asciz "SHA512 block transform for ARMv4/NEON, CRYPTOGAMS by <appro\@openssl.org>"
+.align 2
+.comm OPENSSL_armcap_P,4,4
+___
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+$code =~ s/\bbx\s+lr\b/.word\t0xe12fff1e/gm; # make it possible to compile with -march=armv4
+print $code;
+close STDOUT; # enforce flush
Copied: trunk/crypto/openssl/crypto/sha/asm/sha512-mips.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/sha/asm/sha512-mips.pl)
===================================================================
--- trunk/crypto/openssl/crypto/sha/asm/sha512-mips.pl (rev 0)
+++ trunk/crypto/openssl/crypto/sha/asm/sha512-mips.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,455 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# SHA2 block procedures for MIPS.
+
+# October 2010.
+#
+# SHA256 performance improvement on MIPS R5000 CPU is ~27% over gcc-
+# generated code in o32 build and ~55% in n32/64 build. SHA512 [which
+# for now can only be compiled for MIPS64 ISA] improvement is modest
+# ~17%, but it comes for free, because it's same instruction sequence.
+# Improvement coefficients are for aligned input.
+
+######################################################################
+# There is a number of MIPS ABI in use, O32 and N32/64 are most
+# widely used. Then there is a new contender: NUBI. It appears that if
+# one picks the latter, it's possible to arrange code in ABI neutral
+# manner. Therefore let's stick to NUBI register layout:
+#
+($zero,$at,$t0,$t1,$t2)=map("\$$_",(0..2,24,25));
+($a0,$a1,$a2,$a3,$a4,$a5,$a6,$a7)=map("\$$_",(4..11));
+($s0,$s1,$s2,$s3,$s4,$s5,$s6,$s7,$s8,$s9,$s10,$s11)=map("\$$_",(12..23));
+($gp,$tp,$sp,$fp,$ra)=map("\$$_",(3,28..31));
+#
+# The return value is placed in $a0. Following coding rules facilitate
+# interoperability:
+#
+# - never ever touch $tp, "thread pointer", former $gp [o32 can be
+# excluded from the rule, because it's specified volatile];
+# - copy return value to $t0, former $v0 [or to $a0 if you're adapting
+# old code];
+# - on O32 populate $a4-$a7 with 'lw $aN,4*N($sp)' if necessary;
+#
+# For reference here is register layout for N32/64 MIPS ABIs:
+#
+# ($zero,$at,$v0,$v1)=map("\$$_",(0..3));
+# ($a0,$a1,$a2,$a3,$a4,$a5,$a6,$a7)=map("\$$_",(4..11));
+# ($t0,$t1,$t2,$t3,$t8,$t9)=map("\$$_",(12..15,24,25));
+# ($s0,$s1,$s2,$s3,$s4,$s5,$s6,$s7)=map("\$$_",(16..23));
+# ($gp,$sp,$fp,$ra)=map("\$$_",(28..31));
+#
+$flavour = shift; # supported flavours are o32,n32,64,nubi32,nubi64
+
+if ($flavour =~ /64|n32/i) {
+ $PTR_ADD="dadd"; # incidentally works even on n32
+ $PTR_SUB="dsub"; # incidentally works even on n32
+ $REG_S="sd";
+ $REG_L="ld";
+ $PTR_SLL="dsll"; # incidentally works even on n32
+ $SZREG=8;
+} else {
+ $PTR_ADD="add";
+ $PTR_SUB="sub";
+ $REG_S="sw";
+ $REG_L="lw";
+ $PTR_SLL="sll";
+ $SZREG=4;
+}
+$pf = ($flavour =~ /nubi/i) ? $t0 : $t2;
+#
+# <appro at openssl.org>
+#
+######################################################################
+
+$big_endian=(`echo MIPSEL | $ENV{CC} -E -`=~/MIPSEL/)?1:0 if ($ENV{CC});
+
+for (@ARGV) { $output=$_ if (/^\w[\w\-]*\.\w+$/); }
+open STDOUT,">$output";
+
+if (!defined($big_endian)) { $big_endian=(unpack('L',pack('N',1))==1); }
+
+if ($output =~ /512/) {
+ $label="512";
+ $SZ=8;
+ $LD="ld"; # load from memory
+ $ST="sd"; # store to memory
+ $SLL="dsll"; # shift left logical
+ $SRL="dsrl"; # shift right logical
+ $ADDU="daddu";
+ @Sigma0=(28,34,39);
+ @Sigma1=(14,18,41);
+ @sigma0=( 7, 1, 8); # right shift first
+ @sigma1=( 6,19,61); # right shift first
+ $lastK=0x817;
+ $rounds=80;
+} else {
+ $label="256";
+ $SZ=4;
+ $LD="lw"; # load from memory
+ $ST="sw"; # store to memory
+ $SLL="sll"; # shift left logical
+ $SRL="srl"; # shift right logical
+ $ADDU="addu";
+ @Sigma0=( 2,13,22);
+ @Sigma1=( 6,11,25);
+ @sigma0=( 3, 7,18); # right shift first
+ @sigma1=(10,17,19); # right shift first
+ $lastK=0x8f2;
+ $rounds=64;
+}
+
+$MSB = $big_endian ? 0 : ($SZ-1);
+$LSB = ($SZ-1)&~$MSB;
+
+ at V=($A,$B,$C,$D,$E,$F,$G,$H)=map("\$$_",(1,2,3,7,24,25,30,31));
+ at X=map("\$$_",(8..23));
+
+$ctx=$a0;
+$inp=$a1;
+$len=$a2; $Ktbl=$len;
+
+sub BODY_00_15 {
+my ($i,$a,$b,$c,$d,$e,$f,$g,$h)=@_;
+my ($T1,$tmp0,$tmp1,$tmp2)=(@X[4], at X[5], at X[6], at X[7]);
+
+$code.=<<___ if ($i<15);
+ ${LD}l @X[1],`($i+1)*$SZ+$MSB`($inp)
+ ${LD}r @X[1],`($i+1)*$SZ+$LSB`($inp)
+___
+$code.=<<___ if (!$big_endian && $i<16 && $SZ==4);
+ srl $tmp0, at X[0],24 # byte swap($i)
+ srl $tmp1, at X[0],8
+ andi $tmp2, at X[0],0xFF00
+ sll @X[0], at X[0],24
+ andi $tmp1,0xFF00
+ sll $tmp2,$tmp2,8
+ or @X[0],$tmp0
+ or $tmp1,$tmp2
+ or @X[0],$tmp1
+___
+$code.=<<___ if (!$big_endian && $i<16 && $SZ==8);
+ ori $tmp0,$zero,0xFF
+ dsll $tmp2,$tmp0,32
+ or $tmp0,$tmp2 # 0x000000FF000000FF
+ and $tmp1, at X[0],$tmp0 # byte swap($i)
+ dsrl $tmp2, at X[0],24
+ dsll $tmp1,24
+ and $tmp2,$tmp0
+ dsll $tmp0,8 # 0x0000FF000000FF00
+ or $tmp1,$tmp2
+ and $tmp2, at X[0],$tmp0
+ dsrl @X[0],8
+ dsll $tmp2,8
+ and @X[0],$tmp0
+ or $tmp1,$tmp2
+ or @X[0],$tmp1
+ dsrl $tmp1, at X[0],32
+ dsll @X[0],32
+ or @X[0],$tmp1
+___
+$code.=<<___;
+ $ADDU $T1,$X[0],$h # $i
+ $SRL $h,$e, at Sigma1[0]
+ xor $tmp2,$f,$g
+ $SLL $tmp1,$e,`$SZ*8- at Sigma1[2]`
+ and $tmp2,$e
+ $SRL $tmp0,$e, at Sigma1[1]
+ xor $h,$tmp1
+ $SLL $tmp1,$e,`$SZ*8- at Sigma1[1]`
+ xor $h,$tmp0
+ $SRL $tmp0,$e, at Sigma1[2]
+ xor $h,$tmp1
+ $SLL $tmp1,$e,`$SZ*8- at Sigma1[0]`
+ xor $h,$tmp0
+ xor $tmp2,$g # Ch(e,f,g)
+ xor $tmp0,$tmp1,$h # Sigma1(e)
+
+ $SRL $h,$a, at Sigma0[0]
+ $ADDU $T1,$tmp2
+ $LD $tmp2,`$i*$SZ`($Ktbl) # K[$i]
+ $SLL $tmp1,$a,`$SZ*8- at Sigma0[2]`
+ $ADDU $T1,$tmp0
+ $SRL $tmp0,$a, at Sigma0[1]
+ xor $h,$tmp1
+ $SLL $tmp1,$a,`$SZ*8- at Sigma0[1]`
+ xor $h,$tmp0
+ $SRL $tmp0,$a, at Sigma0[2]
+ xor $h,$tmp1
+ $SLL $tmp1,$a,`$SZ*8- at Sigma0[0]`
+ xor $h,$tmp0
+ $ST @X[0],`($i%16)*$SZ`($sp) # offload to ring buffer
+ xor $h,$tmp1 # Sigma0(a)
+
+ or $tmp0,$a,$b
+ and $tmp1,$a,$b
+ and $tmp0,$c
+ or $tmp1,$tmp0 # Maj(a,b,c)
+ $ADDU $T1,$tmp2 # +=K[$i]
+ $ADDU $h,$tmp1
+
+ $ADDU $d,$T1
+ $ADDU $h,$T1
+___
+$code.=<<___ if ($i>=13);
+ $LD @X[3],`(($i+3)%16)*$SZ`($sp) # prefetch from ring buffer
+___
+}
+
+sub BODY_16_XX {
+my $i=@_[0];
+my ($tmp0,$tmp1,$tmp2,$tmp3)=(@X[4], at X[5], at X[6], at X[7]);
+
+$code.=<<___;
+ $SRL $tmp2, at X[1], at sigma0[0] # Xupdate($i)
+ $ADDU @X[0], at X[9] # +=X[i+9]
+ $SLL $tmp1, at X[1],`$SZ*8- at sigma0[2]`
+ $SRL $tmp0, at X[1], at sigma0[1]
+ xor $tmp2,$tmp1
+ $SLL $tmp1,`@sigma0[2]- at sigma0[1]`
+ xor $tmp2,$tmp0
+ $SRL $tmp0, at X[1], at sigma0[2]
+ xor $tmp2,$tmp1
+
+ $SRL $tmp3, at X[14], at sigma1[0]
+ xor $tmp2,$tmp0 # sigma0(X[i+1])
+ $SLL $tmp1, at X[14],`$SZ*8- at sigma1[2]`
+ $ADDU @X[0],$tmp2
+ $SRL $tmp0, at X[14], at sigma1[1]
+ xor $tmp3,$tmp1
+ $SLL $tmp1,`@sigma1[2]- at sigma1[1]`
+ xor $tmp3,$tmp0
+ $SRL $tmp0, at X[14], at sigma1[2]
+ xor $tmp3,$tmp1
+
+ xor $tmp3,$tmp0 # sigma1(X[i+14])
+ $ADDU @X[0],$tmp3
+___
+ &BODY_00_15(@_);
+}
+
+$FRAMESIZE=16*$SZ+16*$SZREG;
+$SAVED_REGS_MASK = ($flavour =~ /nubi/i) ? 0xc0fff008 : 0xc0ff0000;
+
+$code.=<<___;
+#ifdef OPENSSL_FIPSCANISTER
+# include <openssl/fipssyms.h>
+#endif
+
+.text
+.set noat
+#if !defined(__vxworks) || defined(__pic__)
+.option pic2
+#endif
+
+.align 5
+.globl sha${label}_block_data_order
+.ent sha${label}_block_data_order
+sha${label}_block_data_order:
+ .frame $sp,$FRAMESIZE,$ra
+ .mask $SAVED_REGS_MASK,-$SZREG
+ .set noreorder
+___
+$code.=<<___ if ($flavour =~ /o32/i); # o32 PIC-ification
+ .cpload $pf
+___
+$code.=<<___;
+ $PTR_SUB $sp,$FRAMESIZE
+ $REG_S $ra,$FRAMESIZE-1*$SZREG($sp)
+ $REG_S $fp,$FRAMESIZE-2*$SZREG($sp)
+ $REG_S $s11,$FRAMESIZE-3*$SZREG($sp)
+ $REG_S $s10,$FRAMESIZE-4*$SZREG($sp)
+ $REG_S $s9,$FRAMESIZE-5*$SZREG($sp)
+ $REG_S $s8,$FRAMESIZE-6*$SZREG($sp)
+ $REG_S $s7,$FRAMESIZE-7*$SZREG($sp)
+ $REG_S $s6,$FRAMESIZE-8*$SZREG($sp)
+ $REG_S $s5,$FRAMESIZE-9*$SZREG($sp)
+ $REG_S $s4,$FRAMESIZE-10*$SZREG($sp)
+___
+$code.=<<___ if ($flavour =~ /nubi/i); # optimize non-nubi prologue
+ $REG_S $s3,$FRAMESIZE-11*$SZREG($sp)
+ $REG_S $s2,$FRAMESIZE-12*$SZREG($sp)
+ $REG_S $s1,$FRAMESIZE-13*$SZREG($sp)
+ $REG_S $s0,$FRAMESIZE-14*$SZREG($sp)
+ $REG_S $gp,$FRAMESIZE-15*$SZREG($sp)
+___
+$code.=<<___;
+ $PTR_SLL @X[15],$len,`log(16*$SZ)/log(2)`
+___
+$code.=<<___ if ($flavour !~ /o32/i); # non-o32 PIC-ification
+ .cplocal $Ktbl
+ .cpsetup $pf,$zero,sha${label}_block_data_order
+___
+$code.=<<___;
+ .set reorder
+ la $Ktbl,K${label} # PIC-ified 'load address'
+
+ $LD $A,0*$SZ($ctx) # load context
+ $LD $B,1*$SZ($ctx)
+ $LD $C,2*$SZ($ctx)
+ $LD $D,3*$SZ($ctx)
+ $LD $E,4*$SZ($ctx)
+ $LD $F,5*$SZ($ctx)
+ $LD $G,6*$SZ($ctx)
+ $LD $H,7*$SZ($ctx)
+
+ $PTR_ADD @X[15],$inp # pointer to the end of input
+ $REG_S @X[15],16*$SZ($sp)
+ b .Loop
+
+.align 5
+.Loop:
+ ${LD}l @X[0],$MSB($inp)
+ ${LD}r @X[0],$LSB($inp)
+___
+for ($i=0;$i<16;$i++)
+{ &BODY_00_15($i, at V); unshift(@V,pop(@V)); push(@X,shift(@X)); }
+$code.=<<___;
+ b .L16_xx
+.align 4
+.L16_xx:
+___
+for (;$i<32;$i++)
+{ &BODY_16_XX($i, at V); unshift(@V,pop(@V)); push(@X,shift(@X)); }
+$code.=<<___;
+ and @X[6],0xfff
+ li @X[7],$lastK
+ .set noreorder
+ bne @X[6], at X[7],.L16_xx
+ $PTR_ADD $Ktbl,16*$SZ # Ktbl+=16
+
+ $REG_L @X[15],16*$SZ($sp) # restore pointer to the end of input
+ $LD @X[0],0*$SZ($ctx)
+ $LD @X[1],1*$SZ($ctx)
+ $LD @X[2],2*$SZ($ctx)
+ $PTR_ADD $inp,16*$SZ
+ $LD @X[3],3*$SZ($ctx)
+ $ADDU $A, at X[0]
+ $LD @X[4],4*$SZ($ctx)
+ $ADDU $B, at X[1]
+ $LD @X[5],5*$SZ($ctx)
+ $ADDU $C, at X[2]
+ $LD @X[6],6*$SZ($ctx)
+ $ADDU $D, at X[3]
+ $LD @X[7],7*$SZ($ctx)
+ $ADDU $E, at X[4]
+ $ST $A,0*$SZ($ctx)
+ $ADDU $F, at X[5]
+ $ST $B,1*$SZ($ctx)
+ $ADDU $G, at X[6]
+ $ST $C,2*$SZ($ctx)
+ $ADDU $H, at X[7]
+ $ST $D,3*$SZ($ctx)
+ $ST $E,4*$SZ($ctx)
+ $ST $F,5*$SZ($ctx)
+ $ST $G,6*$SZ($ctx)
+ $ST $H,7*$SZ($ctx)
+
+ bne $inp, at X[15],.Loop
+ $PTR_SUB $Ktbl,`($rounds-16)*$SZ` # rewind $Ktbl
+
+ $REG_L $ra,$FRAMESIZE-1*$SZREG($sp)
+ $REG_L $fp,$FRAMESIZE-2*$SZREG($sp)
+ $REG_L $s11,$FRAMESIZE-3*$SZREG($sp)
+ $REG_L $s10,$FRAMESIZE-4*$SZREG($sp)
+ $REG_L $s9,$FRAMESIZE-5*$SZREG($sp)
+ $REG_L $s8,$FRAMESIZE-6*$SZREG($sp)
+ $REG_L $s7,$FRAMESIZE-7*$SZREG($sp)
+ $REG_L $s6,$FRAMESIZE-8*$SZREG($sp)
+ $REG_L $s5,$FRAMESIZE-9*$SZREG($sp)
+ $REG_L $s4,$FRAMESIZE-10*$SZREG($sp)
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+ $REG_L $s3,$FRAMESIZE-11*$SZREG($sp)
+ $REG_L $s2,$FRAMESIZE-12*$SZREG($sp)
+ $REG_L $s1,$FRAMESIZE-13*$SZREG($sp)
+ $REG_L $s0,$FRAMESIZE-14*$SZREG($sp)
+ $REG_L $gp,$FRAMESIZE-15*$SZREG($sp)
+___
+$code.=<<___;
+ jr $ra
+ $PTR_ADD $sp,$FRAMESIZE
+.end sha${label}_block_data_order
+
+.rdata
+.align 5
+K${label}:
+___
+if ($SZ==4) {
+$code.=<<___;
+ .word 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5
+ .word 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5
+ .word 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3
+ .word 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174
+ .word 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc
+ .word 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da
+ .word 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7
+ .word 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967
+ .word 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13
+ .word 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85
+ .word 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3
+ .word 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070
+ .word 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5
+ .word 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3
+ .word 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208
+ .word 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
+___
+} else {
+$code.=<<___;
+ .dword 0x428a2f98d728ae22, 0x7137449123ef65cd
+ .dword 0xb5c0fbcfec4d3b2f, 0xe9b5dba58189dbbc
+ .dword 0x3956c25bf348b538, 0x59f111f1b605d019
+ .dword 0x923f82a4af194f9b, 0xab1c5ed5da6d8118
+ .dword 0xd807aa98a3030242, 0x12835b0145706fbe
+ .dword 0x243185be4ee4b28c, 0x550c7dc3d5ffb4e2
+ .dword 0x72be5d74f27b896f, 0x80deb1fe3b1696b1
+ .dword 0x9bdc06a725c71235, 0xc19bf174cf692694
+ .dword 0xe49b69c19ef14ad2, 0xefbe4786384f25e3
+ .dword 0x0fc19dc68b8cd5b5, 0x240ca1cc77ac9c65
+ .dword 0x2de92c6f592b0275, 0x4a7484aa6ea6e483
+ .dword 0x5cb0a9dcbd41fbd4, 0x76f988da831153b5
+ .dword 0x983e5152ee66dfab, 0xa831c66d2db43210
+ .dword 0xb00327c898fb213f, 0xbf597fc7beef0ee4
+ .dword 0xc6e00bf33da88fc2, 0xd5a79147930aa725
+ .dword 0x06ca6351e003826f, 0x142929670a0e6e70
+ .dword 0x27b70a8546d22ffc, 0x2e1b21385c26c926
+ .dword 0x4d2c6dfc5ac42aed, 0x53380d139d95b3df
+ .dword 0x650a73548baf63de, 0x766a0abb3c77b2a8
+ .dword 0x81c2c92e47edaee6, 0x92722c851482353b
+ .dword 0xa2bfe8a14cf10364, 0xa81a664bbc423001
+ .dword 0xc24b8b70d0f89791, 0xc76c51a30654be30
+ .dword 0xd192e819d6ef5218, 0xd69906245565a910
+ .dword 0xf40e35855771202a, 0x106aa07032bbd1b8
+ .dword 0x19a4c116b8d2d0c8, 0x1e376c085141ab53
+ .dword 0x2748774cdf8eeb99, 0x34b0bcb5e19b48a8
+ .dword 0x391c0cb3c5c95a63, 0x4ed8aa4ae3418acb
+ .dword 0x5b9cca4f7763e373, 0x682e6ff3d6b2b8a3
+ .dword 0x748f82ee5defb2fc, 0x78a5636f43172f60
+ .dword 0x84c87814a1f0ab72, 0x8cc702081a6439ec
+ .dword 0x90befffa23631e28, 0xa4506cebde82bde9
+ .dword 0xbef9a3f7b2c67915, 0xc67178f2e372532b
+ .dword 0xca273eceea26619c, 0xd186b8c721c0c207
+ .dword 0xeada7dd6cde0eb1e, 0xf57d4f7fee6ed178
+ .dword 0x06f067aa72176fba, 0x0a637dc5a2c898a6
+ .dword 0x113f9804bef90dae, 0x1b710b35131c471b
+ .dword 0x28db77f523047d84, 0x32caab7b40c72493
+ .dword 0x3c9ebe0a15c9bebc, 0x431d67c49c100d4c
+ .dword 0x4cc5d4becb3e42b6, 0x597f299cfc657e2a
+ .dword 0x5fcb6fab3ad6faec, 0x6c44198c4a475817
+___
+}
+$code.=<<___;
+.asciiz "SHA${label} for MIPS, CRYPTOGAMS by <appro\@openssl.org>"
+.align 5
+
+___
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+print $code;
+close STDOUT;
Copied: trunk/crypto/openssl/crypto/sha/asm/sha512-parisc.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/sha/asm/sha512-parisc.pl)
===================================================================
--- trunk/crypto/openssl/crypto/sha/asm/sha512-parisc.pl (rev 0)
+++ trunk/crypto/openssl/crypto/sha/asm/sha512-parisc.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,793 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# SHA256/512 block procedure for PA-RISC.
+
+# June 2009.
+#
+# SHA256 performance is >75% better than gcc 3.2 generated code on
+# PA-7100LC. Compared to code generated by vendor compiler this
+# implementation is almost 70% faster in 64-bit build, but delivers
+# virtually same performance in 32-bit build on PA-8600.
+#
+# SHA512 performance is >2.9x better than gcc 3.2 generated code on
+# PA-7100LC, PA-RISC 1.1 processor. Then implementation detects if the
+# code is executed on PA-RISC 2.0 processor and switches to 64-bit
+# code path delivering adequate peformance even in "blended" 32-bit
+# build. Though 64-bit code is not any faster than code generated by
+# vendor compiler on PA-8600...
+#
+# Special thanks to polarhome.com for providing HP-UX account.
+
+$flavour = shift;
+$output = shift;
+open STDOUT,">$output";
+
+if ($flavour =~ /64/) {
+ $LEVEL ="2.0W";
+ $SIZE_T =8;
+ $FRAME_MARKER =80;
+ $SAVED_RP =16;
+ $PUSH ="std";
+ $PUSHMA ="std,ma";
+ $POP ="ldd";
+ $POPMB ="ldd,mb";
+} else {
+ $LEVEL ="1.0";
+ $SIZE_T =4;
+ $FRAME_MARKER =48;
+ $SAVED_RP =20;
+ $PUSH ="stw";
+ $PUSHMA ="stwm";
+ $POP ="ldw";
+ $POPMB ="ldwm";
+}
+
+if ($output =~ /512/) {
+ $func="sha512_block_data_order";
+ $SZ=8;
+ @Sigma0=(28,34,39);
+ @Sigma1=(14,18,41);
+ @sigma0=(1, 8, 7);
+ @sigma1=(19,61, 6);
+ $rounds=80;
+ $LAST10BITS=0x017;
+ $LD="ldd";
+ $LDM="ldd,ma";
+ $ST="std";
+} else {
+ $func="sha256_block_data_order";
+ $SZ=4;
+ @Sigma0=( 2,13,22);
+ @Sigma1=( 6,11,25);
+ @sigma0=( 7,18, 3);
+ @sigma1=(17,19,10);
+ $rounds=64;
+ $LAST10BITS=0x0f2;
+ $LD="ldw";
+ $LDM="ldwm";
+ $ST="stw";
+}
+
+$FRAME=16*$SIZE_T+$FRAME_MARKER;# 16 saved regs + frame marker
+ # [+ argument transfer]
+$XOFF=16*$SZ+32; # local variables
+$FRAME+=$XOFF;
+$XOFF+=$FRAME_MARKER; # distance between %sp and local variables
+
+$ctx="%r26"; # zapped by $a0
+$inp="%r25"; # zapped by $a1
+$num="%r24"; # zapped by $t0
+
+$a0 ="%r26";
+$a1 ="%r25";
+$t0 ="%r24";
+$t1 ="%r29";
+$Tbl="%r31";
+
+ at V=($A,$B,$C,$D,$E,$F,$G,$H)=("%r17","%r18","%r19","%r20","%r21","%r22","%r23","%r28");
+
+ at X=("%r1", "%r2", "%r3", "%r4", "%r5", "%r6", "%r7", "%r8",
+ "%r9", "%r10","%r11","%r12","%r13","%r14","%r15","%r16",$inp);
+
+sub ROUND_00_15 {
+my ($i,$a,$b,$c,$d,$e,$f,$g,$h)=@_;
+$code.=<<___;
+ _ror $e,$Sigma1[0],$a0
+ and $f,$e,$t0
+ _ror $e,$Sigma1[1],$a1
+ addl $t1,$h,$h
+ andcm $g,$e,$t1
+ xor $a1,$a0,$a0
+ _ror $a1,`$Sigma1[2]-$Sigma1[1]`,$a1
+ or $t0,$t1,$t1 ; Ch(e,f,g)
+ addl @X[$i%16],$h,$h
+ xor $a0,$a1,$a1 ; Sigma1(e)
+ addl $t1,$h,$h
+ _ror $a,$Sigma0[0],$a0
+ addl $a1,$h,$h
+
+ _ror $a,$Sigma0[1],$a1
+ and $a,$b,$t0
+ and $a,$c,$t1
+ xor $a1,$a0,$a0
+ _ror $a1,`$Sigma0[2]-$Sigma0[1]`,$a1
+ xor $t1,$t0,$t0
+ and $b,$c,$t1
+ xor $a0,$a1,$a1 ; Sigma0(a)
+ addl $h,$d,$d
+ xor $t1,$t0,$t0 ; Maj(a,b,c)
+ `"$LDM $SZ($Tbl),$t1" if ($i<15)`
+ addl $a1,$h,$h
+ addl $t0,$h,$h
+
+___
+}
+
+sub ROUND_16_xx {
+my ($i,$a,$b,$c,$d,$e,$f,$g,$h)=@_;
+$i-=16;
+$code.=<<___;
+ _ror @X[($i+1)%16],$sigma0[0],$a0
+ _ror @X[($i+1)%16],$sigma0[1],$a1
+ addl @X[($i+9)%16], at X[$i], at X[$i]
+ _ror @X[($i+14)%16],$sigma1[0],$t0
+ _ror @X[($i+14)%16],$sigma1[1],$t1
+ xor $a1,$a0,$a0
+ _shr @X[($i+1)%16],$sigma0[2],$a1
+ xor $t1,$t0,$t0
+ _shr @X[($i+14)%16],$sigma1[2],$t1
+ xor $a1,$a0,$a0 ; sigma0(X[(i+1)&0x0f])
+ xor $t1,$t0,$t0 ; sigma1(X[(i+14)&0x0f])
+ $LDM $SZ($Tbl),$t1
+ addl $a0, at X[$i], at X[$i]
+ addl $t0, at X[$i], at X[$i]
+___
+$code.=<<___ if ($i==15);
+ extru $t1,31,10,$a1
+ comiclr,<> $LAST10BITS,$a1,%r0
+ ldo 1($Tbl),$Tbl ; signal end of $Tbl
+___
+&ROUND_00_15($i+16,$a,$b,$c,$d,$e,$f,$g,$h);
+}
+
+$code=<<___;
+ .LEVEL $LEVEL
+ .SPACE \$TEXT\$
+ .SUBSPA \$CODE\$,QUAD=0,ALIGN=8,ACCESS=0x2C,CODE_ONLY
+
+ .ALIGN 64
+L\$table
+___
+$code.=<<___ if ($SZ==8);
+ .WORD 0x428a2f98,0xd728ae22,0x71374491,0x23ef65cd
+ .WORD 0xb5c0fbcf,0xec4d3b2f,0xe9b5dba5,0x8189dbbc
+ .WORD 0x3956c25b,0xf348b538,0x59f111f1,0xb605d019
+ .WORD 0x923f82a4,0xaf194f9b,0xab1c5ed5,0xda6d8118
+ .WORD 0xd807aa98,0xa3030242,0x12835b01,0x45706fbe
+ .WORD 0x243185be,0x4ee4b28c,0x550c7dc3,0xd5ffb4e2
+ .WORD 0x72be5d74,0xf27b896f,0x80deb1fe,0x3b1696b1
+ .WORD 0x9bdc06a7,0x25c71235,0xc19bf174,0xcf692694
+ .WORD 0xe49b69c1,0x9ef14ad2,0xefbe4786,0x384f25e3
+ .WORD 0x0fc19dc6,0x8b8cd5b5,0x240ca1cc,0x77ac9c65
+ .WORD 0x2de92c6f,0x592b0275,0x4a7484aa,0x6ea6e483
+ .WORD 0x5cb0a9dc,0xbd41fbd4,0x76f988da,0x831153b5
+ .WORD 0x983e5152,0xee66dfab,0xa831c66d,0x2db43210
+ .WORD 0xb00327c8,0x98fb213f,0xbf597fc7,0xbeef0ee4
+ .WORD 0xc6e00bf3,0x3da88fc2,0xd5a79147,0x930aa725
+ .WORD 0x06ca6351,0xe003826f,0x14292967,0x0a0e6e70
+ .WORD 0x27b70a85,0x46d22ffc,0x2e1b2138,0x5c26c926
+ .WORD 0x4d2c6dfc,0x5ac42aed,0x53380d13,0x9d95b3df
+ .WORD 0x650a7354,0x8baf63de,0x766a0abb,0x3c77b2a8
+ .WORD 0x81c2c92e,0x47edaee6,0x92722c85,0x1482353b
+ .WORD 0xa2bfe8a1,0x4cf10364,0xa81a664b,0xbc423001
+ .WORD 0xc24b8b70,0xd0f89791,0xc76c51a3,0x0654be30
+ .WORD 0xd192e819,0xd6ef5218,0xd6990624,0x5565a910
+ .WORD 0xf40e3585,0x5771202a,0x106aa070,0x32bbd1b8
+ .WORD 0x19a4c116,0xb8d2d0c8,0x1e376c08,0x5141ab53
+ .WORD 0x2748774c,0xdf8eeb99,0x34b0bcb5,0xe19b48a8
+ .WORD 0x391c0cb3,0xc5c95a63,0x4ed8aa4a,0xe3418acb
+ .WORD 0x5b9cca4f,0x7763e373,0x682e6ff3,0xd6b2b8a3
+ .WORD 0x748f82ee,0x5defb2fc,0x78a5636f,0x43172f60
+ .WORD 0x84c87814,0xa1f0ab72,0x8cc70208,0x1a6439ec
+ .WORD 0x90befffa,0x23631e28,0xa4506ceb,0xde82bde9
+ .WORD 0xbef9a3f7,0xb2c67915,0xc67178f2,0xe372532b
+ .WORD 0xca273ece,0xea26619c,0xd186b8c7,0x21c0c207
+ .WORD 0xeada7dd6,0xcde0eb1e,0xf57d4f7f,0xee6ed178
+ .WORD 0x06f067aa,0x72176fba,0x0a637dc5,0xa2c898a6
+ .WORD 0x113f9804,0xbef90dae,0x1b710b35,0x131c471b
+ .WORD 0x28db77f5,0x23047d84,0x32caab7b,0x40c72493
+ .WORD 0x3c9ebe0a,0x15c9bebc,0x431d67c4,0x9c100d4c
+ .WORD 0x4cc5d4be,0xcb3e42b6,0x597f299c,0xfc657e2a
+ .WORD 0x5fcb6fab,0x3ad6faec,0x6c44198c,0x4a475817
+___
+$code.=<<___ if ($SZ==4);
+ .WORD 0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5
+ .WORD 0x3956c25b,0x59f111f1,0x923f82a4,0xab1c5ed5
+ .WORD 0xd807aa98,0x12835b01,0x243185be,0x550c7dc3
+ .WORD 0x72be5d74,0x80deb1fe,0x9bdc06a7,0xc19bf174
+ .WORD 0xe49b69c1,0xefbe4786,0x0fc19dc6,0x240ca1cc
+ .WORD 0x2de92c6f,0x4a7484aa,0x5cb0a9dc,0x76f988da
+ .WORD 0x983e5152,0xa831c66d,0xb00327c8,0xbf597fc7
+ .WORD 0xc6e00bf3,0xd5a79147,0x06ca6351,0x14292967
+ .WORD 0x27b70a85,0x2e1b2138,0x4d2c6dfc,0x53380d13
+ .WORD 0x650a7354,0x766a0abb,0x81c2c92e,0x92722c85
+ .WORD 0xa2bfe8a1,0xa81a664b,0xc24b8b70,0xc76c51a3
+ .WORD 0xd192e819,0xd6990624,0xf40e3585,0x106aa070
+ .WORD 0x19a4c116,0x1e376c08,0x2748774c,0x34b0bcb5
+ .WORD 0x391c0cb3,0x4ed8aa4a,0x5b9cca4f,0x682e6ff3
+ .WORD 0x748f82ee,0x78a5636f,0x84c87814,0x8cc70208
+ .WORD 0x90befffa,0xa4506ceb,0xbef9a3f7,0xc67178f2
+___
+$code.=<<___;
+
+ .EXPORT $func,ENTRY,ARGW0=GR,ARGW1=GR,ARGW2=GR
+ .ALIGN 64
+$func
+ .PROC
+ .CALLINFO FRAME=`$FRAME-16*$SIZE_T`,NO_CALLS,SAVE_RP,ENTRY_GR=18
+ .ENTRY
+ $PUSH %r2,-$SAVED_RP(%sp) ; standard prologue
+ $PUSHMA %r3,$FRAME(%sp)
+ $PUSH %r4,`-$FRAME+1*$SIZE_T`(%sp)
+ $PUSH %r5,`-$FRAME+2*$SIZE_T`(%sp)
+ $PUSH %r6,`-$FRAME+3*$SIZE_T`(%sp)
+ $PUSH %r7,`-$FRAME+4*$SIZE_T`(%sp)
+ $PUSH %r8,`-$FRAME+5*$SIZE_T`(%sp)
+ $PUSH %r9,`-$FRAME+6*$SIZE_T`(%sp)
+ $PUSH %r10,`-$FRAME+7*$SIZE_T`(%sp)
+ $PUSH %r11,`-$FRAME+8*$SIZE_T`(%sp)
+ $PUSH %r12,`-$FRAME+9*$SIZE_T`(%sp)
+ $PUSH %r13,`-$FRAME+10*$SIZE_T`(%sp)
+ $PUSH %r14,`-$FRAME+11*$SIZE_T`(%sp)
+ $PUSH %r15,`-$FRAME+12*$SIZE_T`(%sp)
+ $PUSH %r16,`-$FRAME+13*$SIZE_T`(%sp)
+ $PUSH %r17,`-$FRAME+14*$SIZE_T`(%sp)
+ $PUSH %r18,`-$FRAME+15*$SIZE_T`(%sp)
+
+ _shl $num,`log(16*$SZ)/log(2)`,$num
+ addl $inp,$num,$num ; $num to point at the end of $inp
+
+ $PUSH $num,`-$FRAME_MARKER-4*$SIZE_T`(%sp) ; save arguments
+ $PUSH $inp,`-$FRAME_MARKER-3*$SIZE_T`(%sp)
+ $PUSH $ctx,`-$FRAME_MARKER-2*$SIZE_T`(%sp)
+
+ blr %r0,$Tbl
+ ldi 3,$t1
+L\$pic
+ andcm $Tbl,$t1,$Tbl ; wipe privilege level
+ ldo L\$table-L\$pic($Tbl),$Tbl
+___
+$code.=<<___ if ($SZ==8 && $SIZE_T==4);
+ ldi 31,$t1
+ mtctl $t1,%cr11
+ extrd,u,*= $t1,%sar,1,$t1 ; executes on PA-RISC 1.0
+ b L\$parisc1
+ nop
+___
+$code.=<<___;
+ $LD `0*$SZ`($ctx),$A ; load context
+ $LD `1*$SZ`($ctx),$B
+ $LD `2*$SZ`($ctx),$C
+ $LD `3*$SZ`($ctx),$D
+ $LD `4*$SZ`($ctx),$E
+ $LD `5*$SZ`($ctx),$F
+ $LD `6*$SZ`($ctx),$G
+ $LD `7*$SZ`($ctx),$H
+
+ extru $inp,31,`log($SZ)/log(2)`,$t0
+ sh3addl $t0,%r0,$t0
+ subi `8*$SZ`,$t0,$t0
+ mtctl $t0,%cr11 ; load %sar with align factor
+
+L\$oop
+ ldi `$SZ-1`,$t0
+ $LDM $SZ($Tbl),$t1
+ andcm $inp,$t0,$t0 ; align $inp
+___
+ for ($i=0;$i<15;$i++) { # load input block
+ $code.="\t$LD `$SZ*$i`($t0), at X[$i]\n"; }
+$code.=<<___;
+ cmpb,*= $inp,$t0,L\$aligned
+ $LD `$SZ*15`($t0), at X[15]
+ $LD `$SZ*16`($t0), at X[16]
+___
+ for ($i=0;$i<16;$i++) { # align data
+ $code.="\t_align @X[$i], at X[$i+1], at X[$i]\n"; }
+$code.=<<___;
+L\$aligned
+ nop ; otherwise /usr/ccs/bin/as is confused by below .WORD
+___
+
+for($i=0;$i<16;$i++) { &ROUND_00_15($i, at V); unshift(@V,pop(@V)); }
+$code.=<<___;
+L\$rounds
+ nop ; otherwise /usr/ccs/bin/as is confused by below .WORD
+___
+for(;$i<32;$i++) { &ROUND_16_xx($i, at V); unshift(@V,pop(@V)); }
+$code.=<<___;
+ bb,>= $Tbl,31,L\$rounds ; end of $Tbl signalled?
+ nop
+
+ $POP `-$FRAME_MARKER-2*$SIZE_T`(%sp),$ctx ; restore arguments
+ $POP `-$FRAME_MARKER-3*$SIZE_T`(%sp),$inp
+ $POP `-$FRAME_MARKER-4*$SIZE_T`(%sp),$num
+ ldo `-$rounds*$SZ-1`($Tbl),$Tbl ; rewind $Tbl
+
+ $LD `0*$SZ`($ctx), at X[0] ; load context
+ $LD `1*$SZ`($ctx), at X[1]
+ $LD `2*$SZ`($ctx), at X[2]
+ $LD `3*$SZ`($ctx), at X[3]
+ $LD `4*$SZ`($ctx), at X[4]
+ $LD `5*$SZ`($ctx), at X[5]
+ addl @X[0],$A,$A
+ $LD `6*$SZ`($ctx), at X[6]
+ addl @X[1],$B,$B
+ $LD `7*$SZ`($ctx), at X[7]
+ ldo `16*$SZ`($inp),$inp ; advance $inp
+
+ $ST $A,`0*$SZ`($ctx) ; save context
+ addl @X[2],$C,$C
+ $ST $B,`1*$SZ`($ctx)
+ addl @X[3],$D,$D
+ $ST $C,`2*$SZ`($ctx)
+ addl @X[4],$E,$E
+ $ST $D,`3*$SZ`($ctx)
+ addl @X[5],$F,$F
+ $ST $E,`4*$SZ`($ctx)
+ addl @X[6],$G,$G
+ $ST $F,`5*$SZ`($ctx)
+ addl @X[7],$H,$H
+ $ST $G,`6*$SZ`($ctx)
+ $ST $H,`7*$SZ`($ctx)
+
+ cmpb,*<>,n $inp,$num,L\$oop
+ $PUSH $inp,`-$FRAME_MARKER-3*$SIZE_T`(%sp) ; save $inp
+___
+if ($SZ==8 && $SIZE_T==4) # SHA512 for 32-bit PA-RISC 1.0
+{{
+$code.=<<___;
+ b L\$done
+ nop
+
+ .ALIGN 64
+L\$parisc1
+___
+
+ at V=( $Ahi, $Alo, $Bhi, $Blo, $Chi, $Clo, $Dhi, $Dlo,
+ $Ehi, $Elo, $Fhi, $Flo, $Ghi, $Glo, $Hhi, $Hlo) =
+ ( "%r1", "%r2", "%r3", "%r4", "%r5", "%r6", "%r7", "%r8",
+ "%r9","%r10","%r11","%r12","%r13","%r14","%r15","%r16");
+$a0 ="%r17";
+$a1 ="%r18";
+$a2 ="%r19";
+$a3 ="%r20";
+$t0 ="%r21";
+$t1 ="%r22";
+$t2 ="%r28";
+$t3 ="%r29";
+$Tbl="%r31";
+
+ at X=("%r23","%r24","%r25","%r26"); # zaps $num,$inp,$ctx
+
+sub ROUND_00_15_pa1 {
+my ($i,$ahi,$alo,$bhi,$blo,$chi,$clo,$dhi,$dlo,
+ $ehi,$elo,$fhi,$flo,$ghi,$glo,$hhi,$hlo,$flag)=@_;
+my ($Xhi,$Xlo,$Xnhi,$Xnlo) = @X;
+
+$code.=<<___ if (!$flag);
+ ldw `-$XOFF+8*(($i+1)%16)`(%sp),$Xnhi
+ ldw `-$XOFF+8*(($i+1)%16)+4`(%sp),$Xnlo ; load X[i+1]
+___
+$code.=<<___;
+ shd $ehi,$elo,$Sigma1[0],$t0
+ add $Xlo,$hlo,$hlo
+ shd $elo,$ehi,$Sigma1[0],$t1
+ addc $Xhi,$hhi,$hhi ; h += X[i]
+ shd $ehi,$elo,$Sigma1[1],$t2
+ ldwm 8($Tbl),$Xhi
+ shd $elo,$ehi,$Sigma1[1],$t3
+ ldw -4($Tbl),$Xlo ; load K[i]
+ xor $t2,$t0,$t0
+ xor $t3,$t1,$t1
+ and $flo,$elo,$a0
+ and $fhi,$ehi,$a1
+ shd $ehi,$elo,$Sigma1[2],$t2
+ andcm $glo,$elo,$a2
+ shd $elo,$ehi,$Sigma1[2],$t3
+ andcm $ghi,$ehi,$a3
+ xor $t2,$t0,$t0
+ xor $t3,$t1,$t1 ; Sigma1(e)
+ add $Xlo,$hlo,$hlo
+ xor $a2,$a0,$a0
+ addc $Xhi,$hhi,$hhi ; h += K[i]
+ xor $a3,$a1,$a1 ; Ch(e,f,g)
+
+ add $t0,$hlo,$hlo
+ shd $ahi,$alo,$Sigma0[0],$t0
+ addc $t1,$hhi,$hhi ; h += Sigma1(e)
+ shd $alo,$ahi,$Sigma0[0],$t1
+ add $a0,$hlo,$hlo
+ shd $ahi,$alo,$Sigma0[1],$t2
+ addc $a1,$hhi,$hhi ; h += Ch(e,f,g)
+ shd $alo,$ahi,$Sigma0[1],$t3
+
+ xor $t2,$t0,$t0
+ xor $t3,$t1,$t1
+ shd $ahi,$alo,$Sigma0[2],$t2
+ and $alo,$blo,$a0
+ shd $alo,$ahi,$Sigma0[2],$t3
+ and $ahi,$bhi,$a1
+ xor $t2,$t0,$t0
+ xor $t3,$t1,$t1 ; Sigma0(a)
+
+ and $alo,$clo,$a2
+ and $ahi,$chi,$a3
+ xor $a2,$a0,$a0
+ add $hlo,$dlo,$dlo
+ xor $a3,$a1,$a1
+ addc $hhi,$dhi,$dhi ; d += h
+ and $blo,$clo,$a2
+ add $t0,$hlo,$hlo
+ and $bhi,$chi,$a3
+ addc $t1,$hhi,$hhi ; h += Sigma0(a)
+ xor $a2,$a0,$a0
+ add $a0,$hlo,$hlo
+ xor $a3,$a1,$a1 ; Maj(a,b,c)
+ addc $a1,$hhi,$hhi ; h += Maj(a,b,c)
+
+___
+$code.=<<___ if ($i==15 && $flag);
+ extru $Xlo,31,10,$Xlo
+ comiclr,= $LAST10BITS,$Xlo,%r0
+ b L\$rounds_pa1
+ nop
+___
+push(@X,shift(@X)); push(@X,shift(@X));
+}
+
+sub ROUND_16_xx_pa1 {
+my ($Xhi,$Xlo,$Xnhi,$Xnlo) = @X;
+my ($i)=shift;
+$i-=16;
+$code.=<<___;
+ ldw `-$XOFF+8*(($i+1)%16)`(%sp),$Xnhi
+ ldw `-$XOFF+8*(($i+1)%16)+4`(%sp),$Xnlo ; load X[i+1]
+ ldw `-$XOFF+8*(($i+9)%16)`(%sp),$a1
+ ldw `-$XOFF+8*(($i+9)%16)+4`(%sp),$a0 ; load X[i+9]
+ ldw `-$XOFF+8*(($i+14)%16)`(%sp),$a3
+ ldw `-$XOFF+8*(($i+14)%16)+4`(%sp),$a2 ; load X[i+14]
+ shd $Xnhi,$Xnlo,$sigma0[0],$t0
+ shd $Xnlo,$Xnhi,$sigma0[0],$t1
+ add $a0,$Xlo,$Xlo
+ shd $Xnhi,$Xnlo,$sigma0[1],$t2
+ addc $a1,$Xhi,$Xhi
+ shd $Xnlo,$Xnhi,$sigma0[1],$t3
+ xor $t2,$t0,$t0
+ shd $Xnhi,$Xnlo,$sigma0[2],$t2
+ xor $t3,$t1,$t1
+ extru $Xnhi,`31-$sigma0[2]`,`32-$sigma0[2]`,$t3
+ xor $t2,$t0,$t0
+ shd $a3,$a2,$sigma1[0],$a0
+ xor $t3,$t1,$t1 ; sigma0(X[i+1)&0x0f])
+ shd $a2,$a3,$sigma1[0],$a1
+ add $t0,$Xlo,$Xlo
+ shd $a3,$a2,$sigma1[1],$t2
+ addc $t1,$Xhi,$Xhi
+ shd $a2,$a3,$sigma1[1],$t3
+ xor $t2,$a0,$a0
+ shd $a3,$a2,$sigma1[2],$t2
+ xor $t3,$a1,$a1
+ extru $a3,`31-$sigma1[2]`,`32-$sigma1[2]`,$t3
+ xor $t2,$a0,$a0
+ xor $t3,$a1,$a1 ; sigma0(X[i+14)&0x0f])
+ add $a0,$Xlo,$Xlo
+ addc $a1,$Xhi,$Xhi
+
+ stw $Xhi,`-$XOFF+8*($i%16)`(%sp)
+ stw $Xlo,`-$XOFF+8*($i%16)+4`(%sp)
+___
+&ROUND_00_15_pa1($i, at _,1);
+}
+$code.=<<___;
+ ldw `0*4`($ctx),$Ahi ; load context
+ ldw `1*4`($ctx),$Alo
+ ldw `2*4`($ctx),$Bhi
+ ldw `3*4`($ctx),$Blo
+ ldw `4*4`($ctx),$Chi
+ ldw `5*4`($ctx),$Clo
+ ldw `6*4`($ctx),$Dhi
+ ldw `7*4`($ctx),$Dlo
+ ldw `8*4`($ctx),$Ehi
+ ldw `9*4`($ctx),$Elo
+ ldw `10*4`($ctx),$Fhi
+ ldw `11*4`($ctx),$Flo
+ ldw `12*4`($ctx),$Ghi
+ ldw `13*4`($ctx),$Glo
+ ldw `14*4`($ctx),$Hhi
+ ldw `15*4`($ctx),$Hlo
+
+ extru $inp,31,2,$t0
+ sh3addl $t0,%r0,$t0
+ subi 32,$t0,$t0
+ mtctl $t0,%cr11 ; load %sar with align factor
+
+L\$oop_pa1
+ extru $inp,31,2,$a3
+ comib,= 0,$a3,L\$aligned_pa1
+ sub $inp,$a3,$inp
+
+ ldw `0*4`($inp),$X[0]
+ ldw `1*4`($inp),$X[1]
+ ldw `2*4`($inp),$t2
+ ldw `3*4`($inp),$t3
+ ldw `4*4`($inp),$a0
+ ldw `5*4`($inp),$a1
+ ldw `6*4`($inp),$a2
+ ldw `7*4`($inp),$a3
+ vshd $X[0],$X[1],$X[0]
+ vshd $X[1],$t2,$X[1]
+ stw $X[0],`-$XOFF+0*4`(%sp)
+ ldw `8*4`($inp),$t0
+ vshd $t2,$t3,$t2
+ stw $X[1],`-$XOFF+1*4`(%sp)
+ ldw `9*4`($inp),$t1
+ vshd $t3,$a0,$t3
+___
+{
+my @t=($t2,$t3,$a0,$a1,$a2,$a3,$t0,$t1);
+for ($i=2;$i<=(128/4-8);$i++) {
+$code.=<<___;
+ stw $t[0],`-$XOFF+$i*4`(%sp)
+ ldw `(8+$i)*4`($inp),$t[0]
+ vshd $t[1],$t[2],$t[1]
+___
+push(@t,shift(@t));
+}
+for (;$i<(128/4-1);$i++) {
+$code.=<<___;
+ stw $t[0],`-$XOFF+$i*4`(%sp)
+ vshd $t[1],$t[2],$t[1]
+___
+push(@t,shift(@t));
+}
+$code.=<<___;
+ b L\$collected_pa1
+ stw $t[0],`-$XOFF+$i*4`(%sp)
+
+___
+}
+$code.=<<___;
+L\$aligned_pa1
+ ldw `0*4`($inp),$X[0]
+ ldw `1*4`($inp),$X[1]
+ ldw `2*4`($inp),$t2
+ ldw `3*4`($inp),$t3
+ ldw `4*4`($inp),$a0
+ ldw `5*4`($inp),$a1
+ ldw `6*4`($inp),$a2
+ ldw `7*4`($inp),$a3
+ stw $X[0],`-$XOFF+0*4`(%sp)
+ ldw `8*4`($inp),$t0
+ stw $X[1],`-$XOFF+1*4`(%sp)
+ ldw `9*4`($inp),$t1
+___
+{
+my @t=($t2,$t3,$a0,$a1,$a2,$a3,$t0,$t1);
+for ($i=2;$i<(128/4-8);$i++) {
+$code.=<<___;
+ stw $t[0],`-$XOFF+$i*4`(%sp)
+ ldw `(8+$i)*4`($inp),$t[0]
+___
+push(@t,shift(@t));
+}
+for (;$i<128/4;$i++) {
+$code.=<<___;
+ stw $t[0],`-$XOFF+$i*4`(%sp)
+___
+push(@t,shift(@t));
+}
+$code.="L\$collected_pa1\n";
+}
+
+for($i=0;$i<16;$i++) { &ROUND_00_15_pa1($i, at V); unshift(@V,pop(@V)); unshift(@V,pop(@V)); }
+$code.="L\$rounds_pa1\n";
+for(;$i<32;$i++) { &ROUND_16_xx_pa1($i, at V); unshift(@V,pop(@V)); unshift(@V,pop(@V)); }
+
+$code.=<<___;
+ $POP `-$FRAME_MARKER-2*$SIZE_T`(%sp),$ctx ; restore arguments
+ $POP `-$FRAME_MARKER-3*$SIZE_T`(%sp),$inp
+ $POP `-$FRAME_MARKER-4*$SIZE_T`(%sp),$num
+ ldo `-$rounds*$SZ`($Tbl),$Tbl ; rewind $Tbl
+
+ ldw `0*4`($ctx),$t1 ; update context
+ ldw `1*4`($ctx),$t0
+ ldw `2*4`($ctx),$t3
+ ldw `3*4`($ctx),$t2
+ ldw `4*4`($ctx),$a1
+ ldw `5*4`($ctx),$a0
+ ldw `6*4`($ctx),$a3
+ add $t0,$Alo,$Alo
+ ldw `7*4`($ctx),$a2
+ addc $t1,$Ahi,$Ahi
+ ldw `8*4`($ctx),$t1
+ add $t2,$Blo,$Blo
+ ldw `9*4`($ctx),$t0
+ addc $t3,$Bhi,$Bhi
+ ldw `10*4`($ctx),$t3
+ add $a0,$Clo,$Clo
+ ldw `11*4`($ctx),$t2
+ addc $a1,$Chi,$Chi
+ ldw `12*4`($ctx),$a1
+ add $a2,$Dlo,$Dlo
+ ldw `13*4`($ctx),$a0
+ addc $a3,$Dhi,$Dhi
+ ldw `14*4`($ctx),$a3
+ add $t0,$Elo,$Elo
+ ldw `15*4`($ctx),$a2
+ addc $t1,$Ehi,$Ehi
+ stw $Ahi,`0*4`($ctx)
+ add $t2,$Flo,$Flo
+ stw $Alo,`1*4`($ctx)
+ addc $t3,$Fhi,$Fhi
+ stw $Bhi,`2*4`($ctx)
+ add $a0,$Glo,$Glo
+ stw $Blo,`3*4`($ctx)
+ addc $a1,$Ghi,$Ghi
+ stw $Chi,`4*4`($ctx)
+ add $a2,$Hlo,$Hlo
+ stw $Clo,`5*4`($ctx)
+ addc $a3,$Hhi,$Hhi
+ stw $Dhi,`6*4`($ctx)
+ ldo `16*$SZ`($inp),$inp ; advance $inp
+ stw $Dlo,`7*4`($ctx)
+ stw $Ehi,`8*4`($ctx)
+ stw $Elo,`9*4`($ctx)
+ stw $Fhi,`10*4`($ctx)
+ stw $Flo,`11*4`($ctx)
+ stw $Ghi,`12*4`($ctx)
+ stw $Glo,`13*4`($ctx)
+ stw $Hhi,`14*4`($ctx)
+ comb,= $inp,$num,L\$done
+ stw $Hlo,`15*4`($ctx)
+ b L\$oop_pa1
+ $PUSH $inp,`-$FRAME_MARKER-3*$SIZE_T`(%sp) ; save $inp
+L\$done
+___
+}}
+$code.=<<___;
+ $POP `-$FRAME-$SAVED_RP`(%sp),%r2 ; standard epilogue
+ $POP `-$FRAME+1*$SIZE_T`(%sp),%r4
+ $POP `-$FRAME+2*$SIZE_T`(%sp),%r5
+ $POP `-$FRAME+3*$SIZE_T`(%sp),%r6
+ $POP `-$FRAME+4*$SIZE_T`(%sp),%r7
+ $POP `-$FRAME+5*$SIZE_T`(%sp),%r8
+ $POP `-$FRAME+6*$SIZE_T`(%sp),%r9
+ $POP `-$FRAME+7*$SIZE_T`(%sp),%r10
+ $POP `-$FRAME+8*$SIZE_T`(%sp),%r11
+ $POP `-$FRAME+9*$SIZE_T`(%sp),%r12
+ $POP `-$FRAME+10*$SIZE_T`(%sp),%r13
+ $POP `-$FRAME+11*$SIZE_T`(%sp),%r14
+ $POP `-$FRAME+12*$SIZE_T`(%sp),%r15
+ $POP `-$FRAME+13*$SIZE_T`(%sp),%r16
+ $POP `-$FRAME+14*$SIZE_T`(%sp),%r17
+ $POP `-$FRAME+15*$SIZE_T`(%sp),%r18
+ bv (%r2)
+ .EXIT
+ $POPMB -$FRAME(%sp),%r3
+ .PROCEND
+ .STRINGZ "SHA`64*$SZ` block transform for PA-RISC, CRYPTOGAMS by <appro\@openssl.org>"
+___
+
+# Explicitly encode PA-RISC 2.0 instructions used in this module, so
+# that it can be compiled with .LEVEL 1.0. It should be noted that I
+# wouldn't have to do this, if GNU assembler understood .ALLOW 2.0
+# directive...
+
+my $ldd = sub {
+ my ($mod,$args) = @_;
+ my $orig = "ldd$mod\t$args";
+
+ if ($args =~ /(\-?[0-9]+)\(%r([0-9]+)\),%r([0-9]+)/) # format 3 suffices
+ { my $opcode=(0x14<<26)|($2<<21)|($3<<16)|(($1&0x1FF8)<<1)|(($1>>13)&1);
+ $opcode|=(1<<3) if ($mod =~ /^,m/);
+ $opcode|=(1<<2) if ($mod =~ /^,mb/);
+ sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
+ }
+ else { "\t".$orig; }
+};
+
+my $std = sub {
+ my ($mod,$args) = @_;
+ my $orig = "std$mod\t$args";
+
+ if ($args =~ /%r([0-9]+),(\-?[0-9]+)\(%r([0-9]+)\)/) # format 3 suffices
+ { my $opcode=(0x1c<<26)|($3<<21)|($1<<16)|(($2&0x1FF8)<<1)|(($2>>13)&1);
+ sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
+ }
+ else { "\t".$orig; }
+};
+
+my $extrd = sub {
+ my ($mod,$args) = @_;
+ my $orig = "extrd$mod\t$args";
+
+ # I only have ",u" completer, it's implicitly encoded...
+ if ($args =~ /%r([0-9]+),([0-9]+),([0-9]+),%r([0-9]+)/) # format 15
+ { my $opcode=(0x36<<26)|($1<<21)|($4<<16);
+ my $len=32-$3;
+ $opcode |= (($2&0x20)<<6)|(($2&0x1f)<<5); # encode pos
+ $opcode |= (($len&0x20)<<7)|($len&0x1f); # encode len
+ sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
+ }
+ elsif ($args =~ /%r([0-9]+),%sar,([0-9]+),%r([0-9]+)/) # format 12
+ { my $opcode=(0x34<<26)|($1<<21)|($3<<16)|(2<<11)|(1<<9);
+ my $len=32-$2;
+ $opcode |= (($len&0x20)<<3)|($len&0x1f); # encode len
+ $opcode |= (1<<13) if ($mod =~ /,\**=/);
+ sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
+ }
+ else { "\t".$orig; }
+};
+
+my $shrpd = sub {
+ my ($mod,$args) = @_;
+ my $orig = "shrpd$mod\t$args";
+
+ if ($args =~ /%r([0-9]+),%r([0-9]+),([0-9]+),%r([0-9]+)/) # format 14
+ { my $opcode=(0x34<<26)|($2<<21)|($1<<16)|(1<<10)|$4;
+ my $cpos=63-$3;
+ $opcode |= (($cpos&0x20)<<6)|(($cpos&0x1f)<<5); # encode sa
+ sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
+ }
+ elsif ($args =~ /%r([0-9]+),%r([0-9]+),%sar,%r([0-9]+)/) # format 11
+ { sprintf "\t.WORD\t0x%08x\t; %s",
+ (0x34<<26)|($2<<21)|($1<<16)|(1<<9)|$3,$orig;
+ }
+ else { "\t".$orig; }
+};
+
+sub assemble {
+ my ($mnemonic,$mod,$args)=@_;
+ my $opcode = eval("\$$mnemonic");
+
+ ref($opcode) eq 'CODE' ? &$opcode($mod,$args) : "\t$mnemonic$mod\t$args";
+}
+
+foreach (split("\n",$code)) {
+ s/\`([^\`]*)\`/eval $1/ge;
+
+ s/shd\s+(%r[0-9]+),(%r[0-9]+),([0-9]+)/
+ $3>31 ? sprintf("shd\t%$2,%$1,%d",$3-32) # rotation for >=32
+ : sprintf("shd\t%$1,%$2,%d",$3)/e or
+ # translate made up instructons: _ror, _shr, _align, _shl
+ s/_ror(\s+)(%r[0-9]+),/
+ ($SZ==4 ? "shd" : "shrpd")."$1$2,$2,"/e or
+
+ s/_shr(\s+%r[0-9]+),([0-9]+),/
+ $SZ==4 ? sprintf("extru%s,%d,%d,",$1,31-$2,32-$2)
+ : sprintf("extrd,u%s,%d,%d,",$1,63-$2,64-$2)/e or
+
+ s/_align(\s+%r[0-9]+,%r[0-9]+),/
+ ($SZ==4 ? "vshd$1," : "shrpd$1,%sar,")/e or
+
+ s/_shl(\s+%r[0-9]+),([0-9]+),/
+ $SIZE_T==4 ? sprintf("zdep%s,%d,%d,",$1,31-$2,32-$2)
+ : sprintf("depd,z%s,%d,%d,",$1,63-$2,64-$2)/e;
+
+ s/^\s+([a-z]+)([\S]*)\s+([\S]*)/&assemble($1,$2,$3)/e if ($SIZE_T==4);
+
+ s/cmpb,\*/comb,/ if ($SIZE_T==4);
+
+ s/\bbv\b/bve/ if ($SIZE_T==8);
+
+ print $_,"\n";
+}
+
+close STDOUT;
Copied: trunk/crypto/openssl/crypto/sha/asm/sha512-ppc.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/sha/asm/sha512-ppc.pl)
===================================================================
--- trunk/crypto/openssl/crypto/sha/asm/sha512-ppc.pl (rev 0)
+++ trunk/crypto/openssl/crypto/sha/asm/sha512-ppc.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,460 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# I let hardware handle unaligned input, except on page boundaries
+# (see below for details). Otherwise straightforward implementation
+# with X vector in register bank. The module is big-endian [which is
+# not big deal as there're no little-endian targets left around].
+
+# sha256 | sha512
+# -m64 -m32 | -m64 -m32
+# --------------------------------------+-----------------------
+# PPC970,gcc-4.0.0 +50% +38% | +40% +410%(*)
+# Power6,xlc-7 +150% +90% | +100% +430%(*)
+#
+# (*) 64-bit code in 32-bit application context, which actually is
+# on TODO list. It should be noted that for safe deployment in
+# 32-bit *mutli-threaded* context asyncronous signals should be
+# blocked upon entry to SHA512 block routine. This is because
+# 32-bit signaling procedure invalidates upper halves of GPRs.
+# Context switch procedure preserves them, but not signaling:-(
+
+# Second version is true multi-thread safe. Trouble with the original
+# version was that it was using thread local storage pointer register.
+# Well, it scrupulously preserved it, but the problem would arise the
+# moment asynchronous signal was delivered and signal handler would
+# dereference the TLS pointer. While it's never the case in openssl
+# application or test suite, we have to respect this scenario and not
+# use TLS pointer register. Alternative would be to require caller to
+# block signals prior calling this routine. For the record, in 32-bit
+# context R2 serves as TLS pointer, while in 64-bit context - R13.
+
+$flavour=shift;
+$output =shift;
+
+if ($flavour =~ /64/) {
+ $SIZE_T=8;
+ $LRSAVE=2*$SIZE_T;
+ $STU="stdu";
+ $UCMP="cmpld";
+ $SHL="sldi";
+ $POP="ld";
+ $PUSH="std";
+} elsif ($flavour =~ /32/) {
+ $SIZE_T=4;
+ $LRSAVE=$SIZE_T;
+ $STU="stwu";
+ $UCMP="cmplw";
+ $SHL="slwi";
+ $POP="lwz";
+ $PUSH="stw";
+} else { die "nonsense $flavour"; }
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}ppc-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/ppc-xlate.pl" and -f $xlate) or
+die "can't locate ppc-xlate.pl";
+
+open STDOUT,"| $^X $xlate $flavour $output" || die "can't call $xlate: $!";
+
+if ($output =~ /512/) {
+ $func="sha512_block_data_order";
+ $SZ=8;
+ @Sigma0=(28,34,39);
+ @Sigma1=(14,18,41);
+ @sigma0=(1, 8, 7);
+ @sigma1=(19,61, 6);
+ $rounds=80;
+ $LD="ld";
+ $ST="std";
+ $ROR="rotrdi";
+ $SHR="srdi";
+} else {
+ $func="sha256_block_data_order";
+ $SZ=4;
+ @Sigma0=( 2,13,22);
+ @Sigma1=( 6,11,25);
+ @sigma0=( 7,18, 3);
+ @sigma1=(17,19,10);
+ $rounds=64;
+ $LD="lwz";
+ $ST="stw";
+ $ROR="rotrwi";
+ $SHR="srwi";
+}
+
+$FRAME=32*$SIZE_T+16*$SZ;
+$LOCALS=6*$SIZE_T;
+
+$sp ="r1";
+$toc="r2";
+$ctx="r3"; # zapped by $a0
+$inp="r4"; # zapped by $a1
+$num="r5"; # zapped by $t0
+
+$T ="r0";
+$a0 ="r3";
+$a1 ="r4";
+$t0 ="r5";
+$t1 ="r6";
+$Tbl="r7";
+
+$A ="r8";
+$B ="r9";
+$C ="r10";
+$D ="r11";
+$E ="r12";
+$F ="r13"; $F="r2" if ($SIZE_T==8);# reassigned to exempt TLS pointer
+$G ="r14";
+$H ="r15";
+
+ at V=($A,$B,$C,$D,$E,$F,$G,$H);
+ at X=("r16","r17","r18","r19","r20","r21","r22","r23",
+ "r24","r25","r26","r27","r28","r29","r30","r31");
+
+$inp="r31"; # reassigned $inp! aliases with @X[15]
+
+sub ROUND_00_15 {
+my ($i,$a,$b,$c,$d,$e,$f,$g,$h)=@_;
+$code.=<<___;
+ $LD $T,`$i*$SZ`($Tbl)
+ $ROR $a0,$e,$Sigma1[0]
+ $ROR $a1,$e,$Sigma1[1]
+ and $t0,$f,$e
+ andc $t1,$g,$e
+ add $T,$T,$h
+ xor $a0,$a0,$a1
+ $ROR $a1,$a1,`$Sigma1[2]-$Sigma1[1]`
+ or $t0,$t0,$t1 ; Ch(e,f,g)
+ add $T,$T, at X[$i]
+ xor $a0,$a0,$a1 ; Sigma1(e)
+ add $T,$T,$t0
+ add $T,$T,$a0
+
+ $ROR $a0,$a,$Sigma0[0]
+ $ROR $a1,$a,$Sigma0[1]
+ and $t0,$a,$b
+ and $t1,$a,$c
+ xor $a0,$a0,$a1
+ $ROR $a1,$a1,`$Sigma0[2]-$Sigma0[1]`
+ xor $t0,$t0,$t1
+ and $t1,$b,$c
+ xor $a0,$a0,$a1 ; Sigma0(a)
+ add $d,$d,$T
+ xor $t0,$t0,$t1 ; Maj(a,b,c)
+ add $h,$T,$a0
+ add $h,$h,$t0
+
+___
+}
+
+sub ROUND_16_xx {
+my ($i,$a,$b,$c,$d,$e,$f,$g,$h)=@_;
+$i-=16;
+$code.=<<___;
+ $ROR $a0, at X[($i+1)%16],$sigma0[0]
+ $ROR $a1, at X[($i+1)%16],$sigma0[1]
+ $ROR $t0, at X[($i+14)%16],$sigma1[0]
+ $ROR $t1, at X[($i+14)%16],$sigma1[1]
+ xor $a0,$a0,$a1
+ $SHR $a1, at X[($i+1)%16],$sigma0[2]
+ xor $t0,$t0,$t1
+ $SHR $t1, at X[($i+14)%16],$sigma1[2]
+ add @X[$i], at X[$i], at X[($i+9)%16]
+ xor $a0,$a0,$a1 ; sigma0(X[(i+1)&0x0f])
+ xor $t0,$t0,$t1 ; sigma1(X[(i+14)&0x0f])
+ add @X[$i], at X[$i],$a0
+ add @X[$i], at X[$i],$t0
+___
+&ROUND_00_15($i,$a,$b,$c,$d,$e,$f,$g,$h);
+}
+
+$code=<<___;
+.machine "any"
+.text
+
+.globl $func
+.align 6
+$func:
+ $STU $sp,-$FRAME($sp)
+ mflr r0
+ $SHL $num,$num,`log(16*$SZ)/log(2)`
+
+ $PUSH $ctx,`$FRAME-$SIZE_T*22`($sp)
+
+ $PUSH $toc,`$FRAME-$SIZE_T*20`($sp)
+ $PUSH r13,`$FRAME-$SIZE_T*19`($sp)
+ $PUSH r14,`$FRAME-$SIZE_T*18`($sp)
+ $PUSH r15,`$FRAME-$SIZE_T*17`($sp)
+ $PUSH r16,`$FRAME-$SIZE_T*16`($sp)
+ $PUSH r17,`$FRAME-$SIZE_T*15`($sp)
+ $PUSH r18,`$FRAME-$SIZE_T*14`($sp)
+ $PUSH r19,`$FRAME-$SIZE_T*13`($sp)
+ $PUSH r20,`$FRAME-$SIZE_T*12`($sp)
+ $PUSH r21,`$FRAME-$SIZE_T*11`($sp)
+ $PUSH r22,`$FRAME-$SIZE_T*10`($sp)
+ $PUSH r23,`$FRAME-$SIZE_T*9`($sp)
+ $PUSH r24,`$FRAME-$SIZE_T*8`($sp)
+ $PUSH r25,`$FRAME-$SIZE_T*7`($sp)
+ $PUSH r26,`$FRAME-$SIZE_T*6`($sp)
+ $PUSH r27,`$FRAME-$SIZE_T*5`($sp)
+ $PUSH r28,`$FRAME-$SIZE_T*4`($sp)
+ $PUSH r29,`$FRAME-$SIZE_T*3`($sp)
+ $PUSH r30,`$FRAME-$SIZE_T*2`($sp)
+ $PUSH r31,`$FRAME-$SIZE_T*1`($sp)
+ $PUSH r0,`$FRAME+$LRSAVE`($sp)
+
+ $LD $A,`0*$SZ`($ctx)
+ mr $inp,r4 ; incarnate $inp
+ $LD $B,`1*$SZ`($ctx)
+ $LD $C,`2*$SZ`($ctx)
+ $LD $D,`3*$SZ`($ctx)
+ $LD $E,`4*$SZ`($ctx)
+ $LD $F,`5*$SZ`($ctx)
+ $LD $G,`6*$SZ`($ctx)
+ $LD $H,`7*$SZ`($ctx)
+
+ bl LPICmeup
+LPICedup:
+ andi. r0,$inp,3
+ bne Lunaligned
+Laligned:
+ add $num,$inp,$num
+ $PUSH $num,`$FRAME-$SIZE_T*24`($sp) ; end pointer
+ $PUSH $inp,`$FRAME-$SIZE_T*23`($sp) ; inp pointer
+ bl Lsha2_block_private
+ b Ldone
+
+; PowerPC specification allows an implementation to be ill-behaved
+; upon unaligned access which crosses page boundary. "Better safe
+; than sorry" principle makes me treat it specially. But I don't
+; look for particular offending word, but rather for the input
+; block which crosses the boundary. Once found that block is aligned
+; and hashed separately...
+.align 4
+Lunaligned:
+ subfic $t1,$inp,4096
+ andi. $t1,$t1,`4096-16*$SZ` ; distance to closest page boundary
+ beq Lcross_page
+ $UCMP $num,$t1
+ ble- Laligned ; didn't cross the page boundary
+ subfc $num,$t1,$num
+ add $t1,$inp,$t1
+ $PUSH $num,`$FRAME-$SIZE_T*25`($sp) ; save real remaining num
+ $PUSH $t1,`$FRAME-$SIZE_T*24`($sp) ; intermediate end pointer
+ $PUSH $inp,`$FRAME-$SIZE_T*23`($sp) ; inp pointer
+ bl Lsha2_block_private
+ ; $inp equals to the intermediate end pointer here
+ $POP $num,`$FRAME-$SIZE_T*25`($sp) ; restore real remaining num
+Lcross_page:
+ li $t1,`16*$SZ/4`
+ mtctr $t1
+ addi r20,$sp,$LOCALS ; aligned spot below the frame
+Lmemcpy:
+ lbz r16,0($inp)
+ lbz r17,1($inp)
+ lbz r18,2($inp)
+ lbz r19,3($inp)
+ addi $inp,$inp,4
+ stb r16,0(r20)
+ stb r17,1(r20)
+ stb r18,2(r20)
+ stb r19,3(r20)
+ addi r20,r20,4
+ bdnz Lmemcpy
+
+ $PUSH $inp,`$FRAME-$SIZE_T*26`($sp) ; save real inp
+ addi $t1,$sp,`$LOCALS+16*$SZ` ; fictitious end pointer
+ addi $inp,$sp,$LOCALS ; fictitious inp pointer
+ $PUSH $num,`$FRAME-$SIZE_T*25`($sp) ; save real num
+ $PUSH $t1,`$FRAME-$SIZE_T*24`($sp) ; end pointer
+ $PUSH $inp,`$FRAME-$SIZE_T*23`($sp) ; inp pointer
+ bl Lsha2_block_private
+ $POP $inp,`$FRAME-$SIZE_T*26`($sp) ; restore real inp
+ $POP $num,`$FRAME-$SIZE_T*25`($sp) ; restore real num
+ addic. $num,$num,`-16*$SZ` ; num--
+ bne- Lunaligned
+
+Ldone:
+ $POP r0,`$FRAME+$LRSAVE`($sp)
+ $POP $toc,`$FRAME-$SIZE_T*20`($sp)
+ $POP r13,`$FRAME-$SIZE_T*19`($sp)
+ $POP r14,`$FRAME-$SIZE_T*18`($sp)
+ $POP r15,`$FRAME-$SIZE_T*17`($sp)
+ $POP r16,`$FRAME-$SIZE_T*16`($sp)
+ $POP r17,`$FRAME-$SIZE_T*15`($sp)
+ $POP r18,`$FRAME-$SIZE_T*14`($sp)
+ $POP r19,`$FRAME-$SIZE_T*13`($sp)
+ $POP r20,`$FRAME-$SIZE_T*12`($sp)
+ $POP r21,`$FRAME-$SIZE_T*11`($sp)
+ $POP r22,`$FRAME-$SIZE_T*10`($sp)
+ $POP r23,`$FRAME-$SIZE_T*9`($sp)
+ $POP r24,`$FRAME-$SIZE_T*8`($sp)
+ $POP r25,`$FRAME-$SIZE_T*7`($sp)
+ $POP r26,`$FRAME-$SIZE_T*6`($sp)
+ $POP r27,`$FRAME-$SIZE_T*5`($sp)
+ $POP r28,`$FRAME-$SIZE_T*4`($sp)
+ $POP r29,`$FRAME-$SIZE_T*3`($sp)
+ $POP r30,`$FRAME-$SIZE_T*2`($sp)
+ $POP r31,`$FRAME-$SIZE_T*1`($sp)
+ mtlr r0
+ addi $sp,$sp,$FRAME
+ blr
+ .long 0
+ .byte 0,12,4,1,0x80,18,3,0
+ .long 0
+
+.align 4
+Lsha2_block_private:
+___
+for($i=0;$i<16;$i++) {
+$code.=<<___ if ($SZ==4);
+ lwz @X[$i],`$i*$SZ`($inp)
+___
+# 64-bit loads are split to 2x32-bit ones, as CPU can't handle
+# unaligned 64-bit loads, only 32-bit ones...
+$code.=<<___ if ($SZ==8);
+ lwz $t0,`$i*$SZ`($inp)
+ lwz @X[$i],`$i*$SZ+4`($inp)
+ insrdi @X[$i],$t0,32,0
+___
+ &ROUND_00_15($i, at V);
+ unshift(@V,pop(@V));
+}
+$code.=<<___;
+ li $T,`$rounds/16-1`
+ mtctr $T
+.align 4
+Lrounds:
+ addi $Tbl,$Tbl,`16*$SZ`
+___
+for(;$i<32;$i++) {
+ &ROUND_16_xx($i, at V);
+ unshift(@V,pop(@V));
+}
+$code.=<<___;
+ bdnz- Lrounds
+
+ $POP $ctx,`$FRAME-$SIZE_T*22`($sp)
+ $POP $inp,`$FRAME-$SIZE_T*23`($sp) ; inp pointer
+ $POP $num,`$FRAME-$SIZE_T*24`($sp) ; end pointer
+ subi $Tbl,$Tbl,`($rounds-16)*$SZ` ; rewind Tbl
+
+ $LD r16,`0*$SZ`($ctx)
+ $LD r17,`1*$SZ`($ctx)
+ $LD r18,`2*$SZ`($ctx)
+ $LD r19,`3*$SZ`($ctx)
+ $LD r20,`4*$SZ`($ctx)
+ $LD r21,`5*$SZ`($ctx)
+ $LD r22,`6*$SZ`($ctx)
+ addi $inp,$inp,`16*$SZ` ; advance inp
+ $LD r23,`7*$SZ`($ctx)
+ add $A,$A,r16
+ add $B,$B,r17
+ $PUSH $inp,`$FRAME-$SIZE_T*23`($sp)
+ add $C,$C,r18
+ $ST $A,`0*$SZ`($ctx)
+ add $D,$D,r19
+ $ST $B,`1*$SZ`($ctx)
+ add $E,$E,r20
+ $ST $C,`2*$SZ`($ctx)
+ add $F,$F,r21
+ $ST $D,`3*$SZ`($ctx)
+ add $G,$G,r22
+ $ST $E,`4*$SZ`($ctx)
+ add $H,$H,r23
+ $ST $F,`5*$SZ`($ctx)
+ $ST $G,`6*$SZ`($ctx)
+ $UCMP $inp,$num
+ $ST $H,`7*$SZ`($ctx)
+ bne Lsha2_block_private
+ blr
+ .long 0
+ .byte 0,12,0x14,0,0,0,0,0
+___
+
+# Ugly hack here, because PPC assembler syntax seem to vary too
+# much from platforms to platform...
+$code.=<<___;
+.align 6
+LPICmeup:
+ mflr r0
+ bcl 20,31,\$+4
+ mflr $Tbl ; vvvvvv "distance" between . and 1st data entry
+ addi $Tbl,$Tbl,`64-8`
+ mtlr r0
+ blr
+ .long 0
+ .byte 0,12,0x14,0,0,0,0,0
+ .space `64-9*4`
+___
+$code.=<<___ if ($SZ==8);
+ .long 0x428a2f98,0xd728ae22,0x71374491,0x23ef65cd
+ .long 0xb5c0fbcf,0xec4d3b2f,0xe9b5dba5,0x8189dbbc
+ .long 0x3956c25b,0xf348b538,0x59f111f1,0xb605d019
+ .long 0x923f82a4,0xaf194f9b,0xab1c5ed5,0xda6d8118
+ .long 0xd807aa98,0xa3030242,0x12835b01,0x45706fbe
+ .long 0x243185be,0x4ee4b28c,0x550c7dc3,0xd5ffb4e2
+ .long 0x72be5d74,0xf27b896f,0x80deb1fe,0x3b1696b1
+ .long 0x9bdc06a7,0x25c71235,0xc19bf174,0xcf692694
+ .long 0xe49b69c1,0x9ef14ad2,0xefbe4786,0x384f25e3
+ .long 0x0fc19dc6,0x8b8cd5b5,0x240ca1cc,0x77ac9c65
+ .long 0x2de92c6f,0x592b0275,0x4a7484aa,0x6ea6e483
+ .long 0x5cb0a9dc,0xbd41fbd4,0x76f988da,0x831153b5
+ .long 0x983e5152,0xee66dfab,0xa831c66d,0x2db43210
+ .long 0xb00327c8,0x98fb213f,0xbf597fc7,0xbeef0ee4
+ .long 0xc6e00bf3,0x3da88fc2,0xd5a79147,0x930aa725
+ .long 0x06ca6351,0xe003826f,0x14292967,0x0a0e6e70
+ .long 0x27b70a85,0x46d22ffc,0x2e1b2138,0x5c26c926
+ .long 0x4d2c6dfc,0x5ac42aed,0x53380d13,0x9d95b3df
+ .long 0x650a7354,0x8baf63de,0x766a0abb,0x3c77b2a8
+ .long 0x81c2c92e,0x47edaee6,0x92722c85,0x1482353b
+ .long 0xa2bfe8a1,0x4cf10364,0xa81a664b,0xbc423001
+ .long 0xc24b8b70,0xd0f89791,0xc76c51a3,0x0654be30
+ .long 0xd192e819,0xd6ef5218,0xd6990624,0x5565a910
+ .long 0xf40e3585,0x5771202a,0x106aa070,0x32bbd1b8
+ .long 0x19a4c116,0xb8d2d0c8,0x1e376c08,0x5141ab53
+ .long 0x2748774c,0xdf8eeb99,0x34b0bcb5,0xe19b48a8
+ .long 0x391c0cb3,0xc5c95a63,0x4ed8aa4a,0xe3418acb
+ .long 0x5b9cca4f,0x7763e373,0x682e6ff3,0xd6b2b8a3
+ .long 0x748f82ee,0x5defb2fc,0x78a5636f,0x43172f60
+ .long 0x84c87814,0xa1f0ab72,0x8cc70208,0x1a6439ec
+ .long 0x90befffa,0x23631e28,0xa4506ceb,0xde82bde9
+ .long 0xbef9a3f7,0xb2c67915,0xc67178f2,0xe372532b
+ .long 0xca273ece,0xea26619c,0xd186b8c7,0x21c0c207
+ .long 0xeada7dd6,0xcde0eb1e,0xf57d4f7f,0xee6ed178
+ .long 0x06f067aa,0x72176fba,0x0a637dc5,0xa2c898a6
+ .long 0x113f9804,0xbef90dae,0x1b710b35,0x131c471b
+ .long 0x28db77f5,0x23047d84,0x32caab7b,0x40c72493
+ .long 0x3c9ebe0a,0x15c9bebc,0x431d67c4,0x9c100d4c
+ .long 0x4cc5d4be,0xcb3e42b6,0x597f299c,0xfc657e2a
+ .long 0x5fcb6fab,0x3ad6faec,0x6c44198c,0x4a475817
+___
+$code.=<<___ if ($SZ==4);
+ .long 0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5
+ .long 0x3956c25b,0x59f111f1,0x923f82a4,0xab1c5ed5
+ .long 0xd807aa98,0x12835b01,0x243185be,0x550c7dc3
+ .long 0x72be5d74,0x80deb1fe,0x9bdc06a7,0xc19bf174
+ .long 0xe49b69c1,0xefbe4786,0x0fc19dc6,0x240ca1cc
+ .long 0x2de92c6f,0x4a7484aa,0x5cb0a9dc,0x76f988da
+ .long 0x983e5152,0xa831c66d,0xb00327c8,0xbf597fc7
+ .long 0xc6e00bf3,0xd5a79147,0x06ca6351,0x14292967
+ .long 0x27b70a85,0x2e1b2138,0x4d2c6dfc,0x53380d13
+ .long 0x650a7354,0x766a0abb,0x81c2c92e,0x92722c85
+ .long 0xa2bfe8a1,0xa81a664b,0xc24b8b70,0xc76c51a3
+ .long 0xd192e819,0xd6990624,0xf40e3585,0x106aa070
+ .long 0x19a4c116,0x1e376c08,0x2748774c,0x34b0bcb5
+ .long 0x391c0cb3,0x4ed8aa4a,0x5b9cca4f,0x682e6ff3
+ .long 0x748f82ee,0x78a5636f,0x84c87814,0x8cc70208
+ .long 0x90befffa,0xa4506ceb,0xbef9a3f7,0xc67178f2
+___
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+print $code;
+close STDOUT;
Copied: trunk/crypto/openssl/crypto/sha/asm/sha512-s390x.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/sha/asm/sha512-s390x.pl)
===================================================================
--- trunk/crypto/openssl/crypto/sha/asm/sha512-s390x.pl (rev 0)
+++ trunk/crypto/openssl/crypto/sha/asm/sha512-s390x.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,322 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# SHA256/512 block procedures for s390x.
+
+# April 2007.
+#
+# sha256_block_data_order is reportedly >3 times faster than gcc 3.3
+# generated code (must be a bug in compiler, as improvement is
+# "pathologically" high, in particular in comparison to other SHA
+# modules). But the real twist is that it detects if hardware support
+# for SHA256 is available and in such case utilizes it. Then the
+# performance can reach >6.5x of assembler one for larger chunks.
+#
+# sha512_block_data_order is ~70% faster than gcc 3.3 generated code.
+
+# January 2009.
+#
+# Add support for hardware SHA512 and reschedule instructions to
+# favour dual-issue z10 pipeline. Hardware SHA256/512 is ~4.7x faster
+# than software.
+
+# November 2010.
+#
+# Adapt for -m31 build. If kernel supports what's called "highgprs"
+# feature on Linux [see /proc/cpuinfo], it's possible to use 64-bit
+# instructions and achieve "64-bit" performance even in 31-bit legacy
+# application context. The feature is not specific to any particular
+# processor, as long as it's "z-CPU". Latter implies that the code
+# remains z/Architecture specific. On z900 SHA256 was measured to
+# perform 2.4x and SHA512 - 13x better than code generated by gcc 4.3.
+
+$flavour = shift;
+
+if ($flavour =~ /3[12]/) {
+ $SIZE_T=4;
+ $g="";
+} else {
+ $SIZE_T=8;
+ $g="g";
+}
+
+$t0="%r0";
+$t1="%r1";
+$ctx="%r2"; $t2="%r2";
+$inp="%r3";
+$len="%r4"; # used as index in inner loop
+
+$A="%r5";
+$B="%r6";
+$C="%r7";
+$D="%r8";
+$E="%r9";
+$F="%r10";
+$G="%r11";
+$H="%r12"; @V=($A,$B,$C,$D,$E,$F,$G,$H);
+$tbl="%r13";
+$T1="%r14";
+$sp="%r15";
+
+while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
+open STDOUT,">$output";
+
+if ($output =~ /512/) {
+ $label="512";
+ $SZ=8;
+ $LD="lg"; # load from memory
+ $ST="stg"; # store to memory
+ $ADD="alg"; # add with memory operand
+ $ROT="rllg"; # rotate left
+ $SHR="srlg"; # logical right shift [see even at the end]
+ @Sigma0=(25,30,36);
+ @Sigma1=(23,46,50);
+ @sigma0=(56,63, 7);
+ @sigma1=( 3,45, 6);
+ $rounds=80;
+ $kimdfunc=3; # 0 means unknown/unsupported/unimplemented/disabled
+} else {
+ $label="256";
+ $SZ=4;
+ $LD="llgf"; # load from memory
+ $ST="st"; # store to memory
+ $ADD="al"; # add with memory operand
+ $ROT="rll"; # rotate left
+ $SHR="srl"; # logical right shift
+ @Sigma0=(10,19,30);
+ @Sigma1=( 7,21,26);
+ @sigma0=(14,25, 3);
+ @sigma1=(13,15,10);
+ $rounds=64;
+ $kimdfunc=2; # magic function code for kimd instruction
+}
+$Func="sha${label}_block_data_order";
+$Table="K${label}";
+$stdframe=16*$SIZE_T+4*8;
+$frame=$stdframe+16*$SZ;
+
+sub BODY_00_15 {
+my ($i,$a,$b,$c,$d,$e,$f,$g,$h) = @_;
+
+$code.=<<___ if ($i<16);
+ $LD $T1,`$i*$SZ`($inp) ### $i
+___
+$code.=<<___;
+ $ROT $t0,$e,$Sigma1[0]
+ $ROT $t1,$e,$Sigma1[1]
+ lgr $t2,$f
+ xgr $t0,$t1
+ $ROT $t1,$t1,`$Sigma1[2]-$Sigma1[1]`
+ xgr $t2,$g
+ $ST $T1,`$stdframe+$SZ*($i%16)`($sp)
+ xgr $t0,$t1 # Sigma1(e)
+ algr $T1,$h # T1+=h
+ ngr $t2,$e
+ lgr $t1,$a
+ algr $T1,$t0 # T1+=Sigma1(e)
+ $ROT $h,$a,$Sigma0[0]
+ xgr $t2,$g # Ch(e,f,g)
+ $ADD $T1,`$i*$SZ`($len,$tbl) # T1+=K[i]
+ $ROT $t0,$a,$Sigma0[1]
+ algr $T1,$t2 # T1+=Ch(e,f,g)
+ ogr $t1,$b
+ xgr $h,$t0
+ lgr $t2,$a
+ ngr $t1,$c
+ $ROT $t0,$t0,`$Sigma0[2]-$Sigma0[1]`
+ xgr $h,$t0 # h=Sigma0(a)
+ ngr $t2,$b
+ algr $h,$T1 # h+=T1
+ ogr $t2,$t1 # Maj(a,b,c)
+ algr $d,$T1 # d+=T1
+ algr $h,$t2 # h+=Maj(a,b,c)
+___
+}
+
+sub BODY_16_XX {
+my ($i,$a,$b,$c,$d,$e,$f,$g,$h) = @_;
+
+$code.=<<___;
+ $LD $T1,`$stdframe+$SZ*(($i+1)%16)`($sp) ### $i
+ $LD $t1,`$stdframe+$SZ*(($i+14)%16)`($sp)
+ $ROT $t0,$T1,$sigma0[0]
+ $SHR $T1,$sigma0[2]
+ $ROT $t2,$t0,`$sigma0[1]-$sigma0[0]`
+ xgr $T1,$t0
+ $ROT $t0,$t1,$sigma1[0]
+ xgr $T1,$t2 # sigma0(X[i+1])
+ $SHR $t1,$sigma1[2]
+ $ADD $T1,`$stdframe+$SZ*($i%16)`($sp) # +=X[i]
+ xgr $t1,$t0
+ $ROT $t0,$t0,`$sigma1[1]-$sigma1[0]`
+ $ADD $T1,`$stdframe+$SZ*(($i+9)%16)`($sp) # +=X[i+9]
+ xgr $t1,$t0 # sigma1(X[i+14])
+ algr $T1,$t1 # +=sigma1(X[i+14])
+___
+ &BODY_00_15(@_);
+}
+
+$code.=<<___;
+.text
+.align 64
+.type $Table,\@object
+$Table:
+___
+$code.=<<___ if ($SZ==4);
+ .long 0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5
+ .long 0x3956c25b,0x59f111f1,0x923f82a4,0xab1c5ed5
+ .long 0xd807aa98,0x12835b01,0x243185be,0x550c7dc3
+ .long 0x72be5d74,0x80deb1fe,0x9bdc06a7,0xc19bf174
+ .long 0xe49b69c1,0xefbe4786,0x0fc19dc6,0x240ca1cc
+ .long 0x2de92c6f,0x4a7484aa,0x5cb0a9dc,0x76f988da
+ .long 0x983e5152,0xa831c66d,0xb00327c8,0xbf597fc7
+ .long 0xc6e00bf3,0xd5a79147,0x06ca6351,0x14292967
+ .long 0x27b70a85,0x2e1b2138,0x4d2c6dfc,0x53380d13
+ .long 0x650a7354,0x766a0abb,0x81c2c92e,0x92722c85
+ .long 0xa2bfe8a1,0xa81a664b,0xc24b8b70,0xc76c51a3
+ .long 0xd192e819,0xd6990624,0xf40e3585,0x106aa070
+ .long 0x19a4c116,0x1e376c08,0x2748774c,0x34b0bcb5
+ .long 0x391c0cb3,0x4ed8aa4a,0x5b9cca4f,0x682e6ff3
+ .long 0x748f82ee,0x78a5636f,0x84c87814,0x8cc70208
+ .long 0x90befffa,0xa4506ceb,0xbef9a3f7,0xc67178f2
+___
+$code.=<<___ if ($SZ==8);
+ .quad 0x428a2f98d728ae22,0x7137449123ef65cd
+ .quad 0xb5c0fbcfec4d3b2f,0xe9b5dba58189dbbc
+ .quad 0x3956c25bf348b538,0x59f111f1b605d019
+ .quad 0x923f82a4af194f9b,0xab1c5ed5da6d8118
+ .quad 0xd807aa98a3030242,0x12835b0145706fbe
+ .quad 0x243185be4ee4b28c,0x550c7dc3d5ffb4e2
+ .quad 0x72be5d74f27b896f,0x80deb1fe3b1696b1
+ .quad 0x9bdc06a725c71235,0xc19bf174cf692694
+ .quad 0xe49b69c19ef14ad2,0xefbe4786384f25e3
+ .quad 0x0fc19dc68b8cd5b5,0x240ca1cc77ac9c65
+ .quad 0x2de92c6f592b0275,0x4a7484aa6ea6e483
+ .quad 0x5cb0a9dcbd41fbd4,0x76f988da831153b5
+ .quad 0x983e5152ee66dfab,0xa831c66d2db43210
+ .quad 0xb00327c898fb213f,0xbf597fc7beef0ee4
+ .quad 0xc6e00bf33da88fc2,0xd5a79147930aa725
+ .quad 0x06ca6351e003826f,0x142929670a0e6e70
+ .quad 0x27b70a8546d22ffc,0x2e1b21385c26c926
+ .quad 0x4d2c6dfc5ac42aed,0x53380d139d95b3df
+ .quad 0x650a73548baf63de,0x766a0abb3c77b2a8
+ .quad 0x81c2c92e47edaee6,0x92722c851482353b
+ .quad 0xa2bfe8a14cf10364,0xa81a664bbc423001
+ .quad 0xc24b8b70d0f89791,0xc76c51a30654be30
+ .quad 0xd192e819d6ef5218,0xd69906245565a910
+ .quad 0xf40e35855771202a,0x106aa07032bbd1b8
+ .quad 0x19a4c116b8d2d0c8,0x1e376c085141ab53
+ .quad 0x2748774cdf8eeb99,0x34b0bcb5e19b48a8
+ .quad 0x391c0cb3c5c95a63,0x4ed8aa4ae3418acb
+ .quad 0x5b9cca4f7763e373,0x682e6ff3d6b2b8a3
+ .quad 0x748f82ee5defb2fc,0x78a5636f43172f60
+ .quad 0x84c87814a1f0ab72,0x8cc702081a6439ec
+ .quad 0x90befffa23631e28,0xa4506cebde82bde9
+ .quad 0xbef9a3f7b2c67915,0xc67178f2e372532b
+ .quad 0xca273eceea26619c,0xd186b8c721c0c207
+ .quad 0xeada7dd6cde0eb1e,0xf57d4f7fee6ed178
+ .quad 0x06f067aa72176fba,0x0a637dc5a2c898a6
+ .quad 0x113f9804bef90dae,0x1b710b35131c471b
+ .quad 0x28db77f523047d84,0x32caab7b40c72493
+ .quad 0x3c9ebe0a15c9bebc,0x431d67c49c100d4c
+ .quad 0x4cc5d4becb3e42b6,0x597f299cfc657e2a
+ .quad 0x5fcb6fab3ad6faec,0x6c44198c4a475817
+___
+$code.=<<___;
+.size $Table,.-$Table
+.globl $Func
+.type $Func,\@function
+$Func:
+ sllg $len,$len,`log(16*$SZ)/log(2)`
+___
+$code.=<<___ if ($kimdfunc);
+ larl %r1,OPENSSL_s390xcap_P
+ lg %r0,0(%r1)
+ tmhl %r0,0x4000 # check for message-security assist
+ jz .Lsoftware
+ lghi %r0,0
+ la %r1,`2*$SIZE_T`($sp)
+ .long 0xb93e0002 # kimd %r0,%r2
+ lg %r0,`2*$SIZE_T`($sp)
+ tmhh %r0,`0x8000>>$kimdfunc`
+ jz .Lsoftware
+ lghi %r0,$kimdfunc
+ lgr %r1,$ctx
+ lgr %r2,$inp
+ lgr %r3,$len
+ .long 0xb93e0002 # kimd %r0,%r2
+ brc 1,.-4 # pay attention to "partial completion"
+ br %r14
+.align 16
+.Lsoftware:
+___
+$code.=<<___;
+ lghi %r1,-$frame
+ la $len,0($len,$inp)
+ stm${g} $ctx,%r15,`2*$SIZE_T`($sp)
+ lgr %r0,$sp
+ la $sp,0(%r1,$sp)
+ st${g} %r0,0($sp)
+
+ larl $tbl,$Table
+ $LD $A,`0*$SZ`($ctx)
+ $LD $B,`1*$SZ`($ctx)
+ $LD $C,`2*$SZ`($ctx)
+ $LD $D,`3*$SZ`($ctx)
+ $LD $E,`4*$SZ`($ctx)
+ $LD $F,`5*$SZ`($ctx)
+ $LD $G,`6*$SZ`($ctx)
+ $LD $H,`7*$SZ`($ctx)
+
+.Lloop:
+ lghi $len,0
+___
+for ($i=0;$i<16;$i++) { &BODY_00_15($i, at V); unshift(@V,pop(@V)); }
+$code.=".Lrounds_16_xx:\n";
+for (;$i<32;$i++) { &BODY_16_XX($i, at V); unshift(@V,pop(@V)); }
+$code.=<<___;
+ aghi $len,`16*$SZ`
+ lghi $t0,`($rounds-16)*$SZ`
+ clgr $len,$t0
+ jne .Lrounds_16_xx
+
+ l${g} $ctx,`$frame+2*$SIZE_T`($sp)
+ la $inp,`16*$SZ`($inp)
+ $ADD $A,`0*$SZ`($ctx)
+ $ADD $B,`1*$SZ`($ctx)
+ $ADD $C,`2*$SZ`($ctx)
+ $ADD $D,`3*$SZ`($ctx)
+ $ADD $E,`4*$SZ`($ctx)
+ $ADD $F,`5*$SZ`($ctx)
+ $ADD $G,`6*$SZ`($ctx)
+ $ADD $H,`7*$SZ`($ctx)
+ $ST $A,`0*$SZ`($ctx)
+ $ST $B,`1*$SZ`($ctx)
+ $ST $C,`2*$SZ`($ctx)
+ $ST $D,`3*$SZ`($ctx)
+ $ST $E,`4*$SZ`($ctx)
+ $ST $F,`5*$SZ`($ctx)
+ $ST $G,`6*$SZ`($ctx)
+ $ST $H,`7*$SZ`($ctx)
+ cl${g} $inp,`$frame+4*$SIZE_T`($sp)
+ jne .Lloop
+
+ lm${g} %r6,%r15,`$frame+6*$SIZE_T`($sp)
+ br %r14
+.size $Func,.-$Func
+.string "SHA${label} block transform for s390x, CRYPTOGAMS by <appro\@openssl.org>"
+.comm OPENSSL_s390xcap_P,16,8
+___
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+# unlike 32-bit shift 64-bit one takes three arguments
+$code =~ s/(srlg\s+)(%r[0-9]+),/$1$2,$2,/gm;
+
+print $code;
+close STDOUT;
Copied: trunk/crypto/openssl/crypto/sha/asm/sha512-sparcv9.pl (from rev 7117, vendor-crypto/openssl/dist/crypto/sha/asm/sha512-sparcv9.pl)
===================================================================
--- trunk/crypto/openssl/crypto/sha/asm/sha512-sparcv9.pl (rev 0)
+++ trunk/crypto/openssl/crypto/sha/asm/sha512-sparcv9.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,594 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro at fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# SHA256 performance improvement over compiler generated code varies
+# from 40% for Sun C [32-bit build] to 70% for gcc [3.3, 64-bit
+# build]. Just like in SHA1 module I aim to ensure scalability on
+# UltraSPARC T1 by packing X[16] to 8 64-bit registers.
+
+# SHA512 on pre-T1 UltraSPARC.
+#
+# Performance is >75% better than 64-bit code generated by Sun C and
+# over 2x than 32-bit code. X[16] resides on stack, but access to it
+# is scheduled for L2 latency and staged through 32 least significant
+# bits of %l0-%l7. The latter is done to achieve 32-/64-bit ABI
+# duality. Nevetheless it's ~40% faster than SHA256, which is pretty
+# good [optimal coefficient is 50%].
+#
+# SHA512 on UltraSPARC T1.
+#
+# It's not any faster than 64-bit code generated by Sun C 5.8. This is
+# because 64-bit code generator has the advantage of using 64-bit
+# loads(*) to access X[16], which I consciously traded for 32-/64-bit
+# ABI duality [as per above]. But it surpasses 32-bit Sun C generated
+# code by 60%, not to mention that it doesn't suffer from severe decay
+# when running 4 times physical cores threads and that it leaves gcc
+# [3.4] behind by over 4x factor! If compared to SHA256, single thread
+# performance is only 10% better, but overall throughput for maximum
+# amount of threads for given CPU exceeds corresponding one of SHA256
+# by 30% [again, optimal coefficient is 50%].
+#
+# (*) Unlike pre-T1 UltraSPARC loads on T1 are executed strictly
+# in-order, i.e. load instruction has to complete prior next
+# instruction in given thread is executed, even if the latter is
+# not dependent on load result! This means that on T1 two 32-bit
+# loads are always slower than one 64-bit load. Once again this
+# is unlike pre-T1 UltraSPARC, where, if scheduled appropriately,
+# 2x32-bit loads can be as fast as 1x64-bit ones.
+
+$bits=32;
+for (@ARGV) { $bits=64 if (/\-m64/ || /\-xarch\=v9/); }
+if ($bits==64) { $bias=2047; $frame=192; }
+else { $bias=0; $frame=112; }
+
+$output=shift;
+open STDOUT,">$output";
+
+if ($output =~ /512/) {
+ $label="512";
+ $SZ=8;
+ $LD="ldx"; # load from memory
+ $ST="stx"; # store to memory
+ $SLL="sllx"; # shift left logical
+ $SRL="srlx"; # shift right logical
+ @Sigma0=(28,34,39);
+ @Sigma1=(14,18,41);
+ @sigma0=( 7, 1, 8); # right shift first
+ @sigma1=( 6,19,61); # right shift first
+ $lastK=0x817;
+ $rounds=80;
+ $align=4;
+
+ $locals=16*$SZ; # X[16]
+
+ $A="%o0";
+ $B="%o1";
+ $C="%o2";
+ $D="%o3";
+ $E="%o4";
+ $F="%o5";
+ $G="%g1";
+ $H="%o7";
+ @V=($A,$B,$C,$D,$E,$F,$G,$H);
+} else {
+ $label="256";
+ $SZ=4;
+ $LD="ld"; # load from memory
+ $ST="st"; # store to memory
+ $SLL="sll"; # shift left logical
+ $SRL="srl"; # shift right logical
+ @Sigma0=( 2,13,22);
+ @Sigma1=( 6,11,25);
+ @sigma0=( 3, 7,18); # right shift first
+ @sigma1=(10,17,19); # right shift first
+ $lastK=0x8f2;
+ $rounds=64;
+ $align=8;
+
+ $locals=0; # X[16] is register resident
+ @X=("%o0","%o1","%o2","%o3","%o4","%o5","%g1","%o7");
+
+ $A="%l0";
+ $B="%l1";
+ $C="%l2";
+ $D="%l3";
+ $E="%l4";
+ $F="%l5";
+ $G="%l6";
+ $H="%l7";
+ @V=($A,$B,$C,$D,$E,$F,$G,$H);
+}
+$T1="%g2";
+$tmp0="%g3";
+$tmp1="%g4";
+$tmp2="%g5";
+
+$ctx="%i0";
+$inp="%i1";
+$len="%i2";
+$Ktbl="%i3";
+$tmp31="%i4";
+$tmp32="%i5";
+
+########### SHA256
+$Xload = sub {
+my ($i,$a,$b,$c,$d,$e,$f,$g,$h)=@_;
+
+ if ($i==0) {
+$code.=<<___;
+ ldx [$inp+0], at X[0]
+ ldx [$inp+16], at X[2]
+ ldx [$inp+32], at X[4]
+ ldx [$inp+48], at X[6]
+ ldx [$inp+8], at X[1]
+ ldx [$inp+24], at X[3]
+ subcc %g0,$tmp31,$tmp32 ! should be 64-$tmp31, but -$tmp31 works too
+ ldx [$inp+40], at X[5]
+ bz,pt %icc,.Laligned
+ ldx [$inp+56], at X[7]
+
+ sllx @X[0],$tmp31, at X[0]
+ ldx [$inp+64],$T1
+___
+for($j=0;$j<7;$j++)
+{ $code.=<<___;
+ srlx @X[$j+1],$tmp32,$tmp1
+ sllx @X[$j+1],$tmp31, at X[$j+1]
+ or $tmp1, at X[$j], at X[$j]
+___
+}
+$code.=<<___;
+ srlx $T1,$tmp32,$T1
+ or $T1, at X[7], at X[7]
+.Laligned:
+___
+ }
+
+ if ($i&1) {
+ $code.="\tadd @X[$i/2],$h,$T1\n";
+ } else {
+ $code.="\tsrlx @X[$i/2],32,$T1\n\tadd $h,$T1,$T1\n";
+ }
+} if ($SZ==4);
+
+########### SHA512
+$Xload = sub {
+my ($i,$a,$b,$c,$d,$e,$f,$g,$h)=@_;
+my @pair=("%l".eval(($i*2)%8),"%l".eval(($i*2)%8+1),"%l".eval((($i+1)*2)%8));
+
+$code.=<<___ if ($i==0);
+ ld [$inp+0],%l0
+ ld [$inp+4],%l1
+ ld [$inp+8],%l2
+ ld [$inp+12],%l3
+ ld [$inp+16],%l4
+ ld [$inp+20],%l5
+ ld [$inp+24],%l6
+ ld [$inp+28],%l7
+___
+$code.=<<___ if ($i<15);
+ sllx @pair[1],$tmp31,$tmp2 ! Xload($i)
+ add $tmp31,32,$tmp0
+ sllx @pair[0],$tmp0,$tmp1
+ `"ld [$inp+".eval(32+0+$i*8)."], at pair[0]" if ($i<12)`
+ srlx @pair[2],$tmp32, at pair[1]
+ or $tmp1,$tmp2,$tmp2
+ or @pair[1],$tmp2,$tmp2
+ `"ld [$inp+".eval(32+4+$i*8)."], at pair[1]" if ($i<12)`
+ add $h,$tmp2,$T1
+ $ST $tmp2,[%sp+`$bias+$frame+$i*$SZ`]
+___
+$code.=<<___ if ($i==12);
+ brnz,a $tmp31,.+8
+ ld [$inp+128],%l0
+___
+$code.=<<___ if ($i==15);
+ ld [%sp+`$bias+$frame+(($i+1+1)%16)*$SZ+0`],%l2
+ sllx @pair[1],$tmp31,$tmp2 ! Xload($i)
+ add $tmp31,32,$tmp0
+ ld [%sp+`$bias+$frame+(($i+1+1)%16)*$SZ+4`],%l3
+ sllx @pair[0],$tmp0,$tmp1
+ ld [%sp+`$bias+$frame+(($i+1+9)%16)*$SZ+0`],%l4
+ srlx @pair[2],$tmp32, at pair[1]
+ or $tmp1,$tmp2,$tmp2
+ ld [%sp+`$bias+$frame+(($i+1+9)%16)*$SZ+4`],%l5
+ or @pair[1],$tmp2,$tmp2
+ ld [%sp+`$bias+$frame+(($i+1+14)%16)*$SZ+0`],%l6
+ add $h,$tmp2,$T1
+ $ST $tmp2,[%sp+`$bias+$frame+$i*$SZ`]
+ ld [%sp+`$bias+$frame+(($i+1+14)%16)*$SZ+4`],%l7
+ ld [%sp+`$bias+$frame+(($i+1+0)%16)*$SZ+0`],%l0
+ ld [%sp+`$bias+$frame+(($i+1+0)%16)*$SZ+4`],%l1
+___
+} if ($SZ==8);
+
+########### common
+sub BODY_00_15 {
+my ($i,$a,$b,$c,$d,$e,$f,$g,$h)=@_;
+
+ if ($i<16) {
+ &$Xload(@_);
+ } else {
+ $code.="\tadd $h,$T1,$T1\n";
+ }
+
+$code.=<<___;
+ $SRL $e, at Sigma1[0],$h !! $i
+ xor $f,$g,$tmp2
+ $SLL $e,`$SZ*8- at Sigma1[2]`,$tmp1
+ and $e,$tmp2,$tmp2
+ $SRL $e, at Sigma1[1],$tmp0
+ xor $tmp1,$h,$h
+ $SLL $e,`$SZ*8- at Sigma1[1]`,$tmp1
+ xor $tmp0,$h,$h
+ $SRL $e, at Sigma1[2],$tmp0
+ xor $tmp1,$h,$h
+ $SLL $e,`$SZ*8- at Sigma1[0]`,$tmp1
+ xor $tmp0,$h,$h
+ xor $g,$tmp2,$tmp2 ! Ch(e,f,g)
+ xor $tmp1,$h,$tmp0 ! Sigma1(e)
+
+ $SRL $a, at Sigma0[0],$h
+ add $tmp2,$T1,$T1
+ $LD [$Ktbl+`$i*$SZ`],$tmp2 ! K[$i]
+ $SLL $a,`$SZ*8- at Sigma0[2]`,$tmp1
+ add $tmp0,$T1,$T1
+ $SRL $a, at Sigma0[1],$tmp0
+ xor $tmp1,$h,$h
+ $SLL $a,`$SZ*8- at Sigma0[1]`,$tmp1
+ xor $tmp0,$h,$h
+ $SRL $a, at Sigma0[2],$tmp0
+ xor $tmp1,$h,$h
+ $SLL $a,`$SZ*8- at Sigma0[0]`,$tmp1
+ xor $tmp0,$h,$h
+ xor $tmp1,$h,$h ! Sigma0(a)
+
+ or $a,$b,$tmp0
+ and $a,$b,$tmp1
+ and $c,$tmp0,$tmp0
+ or $tmp0,$tmp1,$tmp1 ! Maj(a,b,c)
+ add $tmp2,$T1,$T1 ! +=K[$i]
+ add $tmp1,$h,$h
+
+ add $T1,$d,$d
+ add $T1,$h,$h
+___
+}
+
+########### SHA256
+$BODY_16_XX = sub {
+my $i=@_[0];
+my $xi;
+
+ if ($i&1) {
+ $xi=$tmp32;
+ $code.="\tsrlx @X[(($i+1)/2)%8],32,$xi\n";
+ } else {
+ $xi=@X[(($i+1)/2)%8];
+ }
+$code.=<<___;
+ srl $xi, at sigma0[0],$T1 !! Xupdate($i)
+ sll $xi,`32- at sigma0[2]`,$tmp1
+ srl $xi, at sigma0[1],$tmp0
+ xor $tmp1,$T1,$T1
+ sll $tmp1,`@sigma0[2]- at sigma0[1]`,$tmp1
+ xor $tmp0,$T1,$T1
+ srl $xi, at sigma0[2],$tmp0
+ xor $tmp1,$T1,$T1
+___
+ if ($i&1) {
+ $xi=@X[(($i+14)/2)%8];
+ } else {
+ $xi=$tmp32;
+ $code.="\tsrlx @X[(($i+14)/2)%8],32,$xi\n";
+ }
+$code.=<<___;
+ srl $xi, at sigma1[0],$tmp2
+ xor $tmp0,$T1,$T1 ! T1=sigma0(X[i+1])
+ sll $xi,`32- at sigma1[2]`,$tmp1
+ srl $xi, at sigma1[1],$tmp0
+ xor $tmp1,$tmp2,$tmp2
+ sll $tmp1,`@sigma1[2]- at sigma1[1]`,$tmp1
+ xor $tmp0,$tmp2,$tmp2
+ srl $xi, at sigma1[2],$tmp0
+ xor $tmp1,$tmp2,$tmp2
+___
+ if ($i&1) {
+ $xi=@X[($i/2)%8];
+$code.=<<___;
+ srlx @X[(($i+9)/2)%8],32,$tmp1 ! X[i+9]
+ xor $tmp0,$tmp2,$tmp2 ! sigma1(X[i+14])
+ srl @X[($i/2)%8],0,$tmp0
+ add $tmp2,$tmp1,$tmp1
+ add $xi,$T1,$T1 ! +=X[i]
+ xor $tmp0, at X[($i/2)%8], at X[($i/2)%8]
+ add $tmp1,$T1,$T1
+
+ srl $T1,0,$T1
+ or $T1, at X[($i/2)%8], at X[($i/2)%8]
+___
+ } else {
+ $xi=@X[(($i+9)/2)%8];
+$code.=<<___;
+ srlx @X[($i/2)%8],32,$tmp1 ! X[i]
+ xor $tmp0,$tmp2,$tmp2 ! sigma1(X[i+14])
+ add $xi,$T1,$T1 ! +=X[i+9]
+ add $tmp2,$tmp1,$tmp1
+ srl @X[($i/2)%8],0, at X[($i/2)%8]
+ add $tmp1,$T1,$T1
+
+ sllx $T1,32,$tmp0
+ or $tmp0, at X[($i/2)%8], at X[($i/2)%8]
+___
+ }
+ &BODY_00_15(@_);
+} if ($SZ==4);
+
+########### SHA512
+$BODY_16_XX = sub {
+my $i=@_[0];
+my @pair=("%l".eval(($i*2)%8),"%l".eval(($i*2)%8+1));
+
+$code.=<<___;
+ sllx %l2,32,$tmp0 !! Xupdate($i)
+ or %l3,$tmp0,$tmp0
+
+ srlx $tmp0, at sigma0[0],$T1
+ ld [%sp+`$bias+$frame+(($i+1+1)%16)*$SZ+0`],%l2
+ sllx $tmp0,`64- at sigma0[2]`,$tmp1
+ ld [%sp+`$bias+$frame+(($i+1+1)%16)*$SZ+4`],%l3
+ srlx $tmp0, at sigma0[1],$tmp0
+ xor $tmp1,$T1,$T1
+ sllx $tmp1,`@sigma0[2]- at sigma0[1]`,$tmp1
+ xor $tmp0,$T1,$T1
+ srlx $tmp0,`@sigma0[2]- at sigma0[1]`,$tmp0
+ xor $tmp1,$T1,$T1
+ sllx %l6,32,$tmp2
+ xor $tmp0,$T1,$T1 ! sigma0(X[$i+1])
+ or %l7,$tmp2,$tmp2
+
+ srlx $tmp2, at sigma1[0],$tmp1
+ ld [%sp+`$bias+$frame+(($i+1+14)%16)*$SZ+0`],%l6
+ sllx $tmp2,`64- at sigma1[2]`,$tmp0
+ ld [%sp+`$bias+$frame+(($i+1+14)%16)*$SZ+4`],%l7
+ srlx $tmp2, at sigma1[1],$tmp2
+ xor $tmp0,$tmp1,$tmp1
+ sllx $tmp0,`@sigma1[2]- at sigma1[1]`,$tmp0
+ xor $tmp2,$tmp1,$tmp1
+ srlx $tmp2,`@sigma1[2]- at sigma1[1]`,$tmp2
+ xor $tmp0,$tmp1,$tmp1
+ sllx %l4,32,$tmp0
+ xor $tmp2,$tmp1,$tmp1 ! sigma1(X[$i+14])
+ ld [%sp+`$bias+$frame+(($i+1+9)%16)*$SZ+0`],%l4
+ or %l5,$tmp0,$tmp0
+ ld [%sp+`$bias+$frame+(($i+1+9)%16)*$SZ+4`],%l5
+
+ sllx %l0,32,$tmp2
+ add $tmp1,$T1,$T1
+ ld [%sp+`$bias+$frame+(($i+1+0)%16)*$SZ+0`],%l0
+ or %l1,$tmp2,$tmp2
+ add $tmp0,$T1,$T1 ! +=X[$i+9]
+ ld [%sp+`$bias+$frame+(($i+1+0)%16)*$SZ+4`],%l1
+ add $tmp2,$T1,$T1 ! +=X[$i]
+ $ST $T1,[%sp+`$bias+$frame+($i%16)*$SZ`]
+___
+ &BODY_00_15(@_);
+} if ($SZ==8);
+
+$code.=<<___ if ($bits==64);
+.register %g2,#scratch
+.register %g3,#scratch
+___
+$code.=<<___;
+.section ".text",#alloc,#execinstr
+
+.align 64
+K${label}:
+.type K${label},#object
+___
+if ($SZ==4) {
+$code.=<<___;
+ .long 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5
+ .long 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5
+ .long 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3
+ .long 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174
+ .long 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc
+ .long 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da
+ .long 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7
+ .long 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967
+ .long 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13
+ .long 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85
+ .long 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3
+ .long 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070
+ .long 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5
+ .long 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3
+ .long 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208
+ .long 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
+___
+} else {
+$code.=<<___;
+ .long 0x428a2f98,0xd728ae22, 0x71374491,0x23ef65cd
+ .long 0xb5c0fbcf,0xec4d3b2f, 0xe9b5dba5,0x8189dbbc
+ .long 0x3956c25b,0xf348b538, 0x59f111f1,0xb605d019
+ .long 0x923f82a4,0xaf194f9b, 0xab1c5ed5,0xda6d8118
+ .long 0xd807aa98,0xa3030242, 0x12835b01,0x45706fbe
+ .long 0x243185be,0x4ee4b28c, 0x550c7dc3,0xd5ffb4e2
+ .long 0x72be5d74,0xf27b896f, 0x80deb1fe,0x3b1696b1
+ .long 0x9bdc06a7,0x25c71235, 0xc19bf174,0xcf692694
+ .long 0xe49b69c1,0x9ef14ad2, 0xefbe4786,0x384f25e3
+ .long 0x0fc19dc6,0x8b8cd5b5, 0x240ca1cc,0x77ac9c65
+ .long 0x2de92c6f,0x592b0275, 0x4a7484aa,0x6ea6e483
+ .long 0x5cb0a9dc,0xbd41fbd4, 0x76f988da,0x831153b5
+ .long 0x983e5152,0xee66dfab, 0xa831c66d,0x2db43210
+ .long 0xb00327c8,0x98fb213f, 0xbf597fc7,0xbeef0ee4
+ .long 0xc6e00bf3,0x3da88fc2, 0xd5a79147,0x930aa725
+ .long 0x06ca6351,0xe003826f, 0x14292967,0x0a0e6e70
+ .long 0x27b70a85,0x46d22ffc, 0x2e1b2138,0x5c26c926
+ .long 0x4d2c6dfc,0x5ac42aed, 0x53380d13,0x9d95b3df
+ .long 0x650a7354,0x8baf63de, 0x766a0abb,0x3c77b2a8
+ .long 0x81c2c92e,0x47edaee6, 0x92722c85,0x1482353b
+ .long 0xa2bfe8a1,0x4cf10364, 0xa81a664b,0xbc423001
+ .long 0xc24b8b70,0xd0f89791, 0xc76c51a3,0x0654be30
+ .long 0xd192e819,0xd6ef5218, 0xd6990624,0x5565a910
+ .long 0xf40e3585,0x5771202a, 0x106aa070,0x32bbd1b8
+ .long 0x19a4c116,0xb8d2d0c8, 0x1e376c08,0x5141ab53
+ .long 0x2748774c,0xdf8eeb99, 0x34b0bcb5,0xe19b48a8
+ .long 0x391c0cb3,0xc5c95a63, 0x4ed8aa4a,0xe3418acb
+ .long 0x5b9cca4f,0x7763e373, 0x682e6ff3,0xd6b2b8a3
+ .long 0x748f82ee,0x5defb2fc, 0x78a5636f,0x43172f60
+ .long 0x84c87814,0xa1f0ab72, 0x8cc70208,0x1a6439ec
+ .long 0x90befffa,0x23631e28, 0xa4506ceb,0xde82bde9
+ .long 0xbef9a3f7,0xb2c67915, 0xc67178f2,0xe372532b
+ .long 0xca273ece,0xea26619c, 0xd186b8c7,0x21c0c207
+ .long 0xeada7dd6,0xcde0eb1e, 0xf57d4f7f,0xee6ed178
+ .long 0x06f067aa,0x72176fba, 0x0a637dc5,0xa2c898a6
+ .long 0x113f9804,0xbef90dae, 0x1b710b35,0x131c471b
+ .long 0x28db77f5,0x23047d84, 0x32caab7b,0x40c72493
+ .long 0x3c9ebe0a,0x15c9bebc, 0x431d67c4,0x9c100d4c
+ .long 0x4cc5d4be,0xcb3e42b6, 0x597f299c,0xfc657e2a
+ .long 0x5fcb6fab,0x3ad6faec, 0x6c44198c,0x4a475817
+___
+}
+$code.=<<___;
+.size K${label},.-K${label}
+.globl sha${label}_block_data_order
+sha${label}_block_data_order:
+ save %sp,`-$frame-$locals`,%sp
+ and $inp,`$align-1`,$tmp31
+ sllx $len,`log(16*$SZ)/log(2)`,$len
+ andn $inp,`$align-1`,$inp
+ sll $tmp31,3,$tmp31
+ add $inp,$len,$len
+___
+$code.=<<___ if ($SZ==8); # SHA512
+ mov 32,$tmp32
+ sub $tmp32,$tmp31,$tmp32
+___
+$code.=<<___;
+.Lpic: call .+8
+ add %o7,K${label}-.Lpic,$Ktbl
+
+ $LD [$ctx+`0*$SZ`],$A
+ $LD [$ctx+`1*$SZ`],$B
+ $LD [$ctx+`2*$SZ`],$C
+ $LD [$ctx+`3*$SZ`],$D
+ $LD [$ctx+`4*$SZ`],$E
+ $LD [$ctx+`5*$SZ`],$F
+ $LD [$ctx+`6*$SZ`],$G
+ $LD [$ctx+`7*$SZ`],$H
+
+.Lloop:
+___
+for ($i=0;$i<16;$i++) { &BODY_00_15($i, at V); unshift(@V,pop(@V)); }
+$code.=".L16_xx:\n";
+for (;$i<32;$i++) { &$BODY_16_XX($i, at V); unshift(@V,pop(@V)); }
+$code.=<<___;
+ and $tmp2,0xfff,$tmp2
+ cmp $tmp2,$lastK
+ bne .L16_xx
+ add $Ktbl,`16*$SZ`,$Ktbl ! Ktbl+=16
+
+___
+$code.=<<___ if ($SZ==4); # SHA256
+ $LD [$ctx+`0*$SZ`], at X[0]
+ $LD [$ctx+`1*$SZ`], at X[1]
+ $LD [$ctx+`2*$SZ`], at X[2]
+ $LD [$ctx+`3*$SZ`], at X[3]
+ $LD [$ctx+`4*$SZ`], at X[4]
+ $LD [$ctx+`5*$SZ`], at X[5]
+ $LD [$ctx+`6*$SZ`], at X[6]
+ $LD [$ctx+`7*$SZ`], at X[7]
+
+ add $A, at X[0],$A
+ $ST $A,[$ctx+`0*$SZ`]
+ add $B, at X[1],$B
+ $ST $B,[$ctx+`1*$SZ`]
+ add $C, at X[2],$C
+ $ST $C,[$ctx+`2*$SZ`]
+ add $D, at X[3],$D
+ $ST $D,[$ctx+`3*$SZ`]
+ add $E, at X[4],$E
+ $ST $E,[$ctx+`4*$SZ`]
+ add $F, at X[5],$F
+ $ST $F,[$ctx+`5*$SZ`]
+ add $G, at X[6],$G
+ $ST $G,[$ctx+`6*$SZ`]
+ add $H, at X[7],$H
+ $ST $H,[$ctx+`7*$SZ`]
+___
+$code.=<<___ if ($SZ==8); # SHA512
+ ld [$ctx+`0*$SZ+0`],%l0
+ ld [$ctx+`0*$SZ+4`],%l1
+ ld [$ctx+`1*$SZ+0`],%l2
+ ld [$ctx+`1*$SZ+4`],%l3
+ ld [$ctx+`2*$SZ+0`],%l4
+ ld [$ctx+`2*$SZ+4`],%l5
+ ld [$ctx+`3*$SZ+0`],%l6
+
+ sllx %l0,32,$tmp0
+ ld [$ctx+`3*$SZ+4`],%l7
+ sllx %l2,32,$tmp1
+ or %l1,$tmp0,$tmp0
+ or %l3,$tmp1,$tmp1
+ add $tmp0,$A,$A
+ add $tmp1,$B,$B
+ $ST $A,[$ctx+`0*$SZ`]
+ sllx %l4,32,$tmp2
+ $ST $B,[$ctx+`1*$SZ`]
+ sllx %l6,32,$T1
+ or %l5,$tmp2,$tmp2
+ or %l7,$T1,$T1
+ add $tmp2,$C,$C
+ $ST $C,[$ctx+`2*$SZ`]
+ add $T1,$D,$D
+ $ST $D,[$ctx+`3*$SZ`]
+
+ ld [$ctx+`4*$SZ+0`],%l0
+ ld [$ctx+`4*$SZ+4`],%l1
+ ld [$ctx+`5*$SZ+0`],%l2
+ ld [$ctx+`5*$SZ+4`],%l3
+ ld [$ctx+`6*$SZ+0`],%l4
+ ld [$ctx+`6*$SZ+4`],%l5
+ ld [$ctx+`7*$SZ+0`],%l6
+
+ sllx %l0,32,$tmp0
+ ld [$ctx+`7*$SZ+4`],%l7
+ sllx %l2,32,$tmp1
+ or %l1,$tmp0,$tmp0
+ or %l3,$tmp1,$tmp1
+ add $tmp0,$E,$E
+ add $tmp1,$F,$F
+ $ST $E,[$ctx+`4*$SZ`]
+ sllx %l4,32,$tmp2
+ $ST $F,[$ctx+`5*$SZ`]
+ sllx %l6,32,$T1
+ or %l5,$tmp2,$tmp2
+ or %l7,$T1,$T1
+ add $tmp2,$G,$G
+ $ST $G,[$ctx+`6*$SZ`]
+ add $T1,$H,$H
+ $ST $H,[$ctx+`7*$SZ`]
+___
+$code.=<<___;
+ add $inp,`16*$SZ`,$inp ! advance inp
+ cmp $inp,$len
+ bne `$bits==64?"%xcc":"%icc"`,.Lloop
+ sub $Ktbl,`($rounds-16)*$SZ`,$Ktbl ! rewind Ktbl
+
+ ret
+ restore
+.type sha${label}_block_data_order,#function
+.size sha${label}_block_data_order,(.-sha${label}_block_data_order)
+.asciz "SHA${label} block transform for SPARCv9, CRYPTOGAMS by <appro\@openssl.org>"
+.align 4
+___
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+print $code;
+close STDOUT;
Modified: trunk/crypto/openssl/crypto/sha/asm/sha512-x86_64.pl
===================================================================
--- trunk/crypto/openssl/crypto/sha/asm/sha512-x86_64.pl 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/sha/asm/sha512-x86_64.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -40,14 +40,19 @@
# sha256_block:-( This is presumably because 64-bit shifts/rotates
# apparently are not atomic instructions, but implemented in microcode.
-$output=shift;
+$flavour = shift;
+$output = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
+
$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
die "can't locate x86_64-xlate.pl";
-open STDOUT,"| $^X $xlate $output";
+open OUT,"| \"$^X\" $xlate $flavour $output";
+*STDOUT=*OUT;
if ($output =~ /512/) {
$func="sha512_block_data_order";
@@ -91,50 +96,44 @@
{ my ($i,$a,$b,$c,$d,$e,$f,$g,$h) = @_;
$code.=<<___;
- mov $e,$a0
- mov $e,$a1
+ ror \$`$Sigma1[2]-$Sigma1[1]`,$a0
mov $f,$a2
+ mov $T1,`$SZ*($i&0xf)`(%rsp)
- ror \$$Sigma1[0],$a0
- ror \$$Sigma1[1],$a1
+ ror \$`$Sigma0[2]-$Sigma0[1]`,$a1
+ xor $e,$a0
xor $g,$a2 # f^g
- xor $a1,$a0
- ror \$`$Sigma1[2]-$Sigma1[1]`,$a1
+ ror \$`$Sigma1[1]-$Sigma1[0]`,$a0
+ add $h,$T1 # T1+=h
+ xor $a,$a1
+
+ add ($Tbl,$round,$SZ),$T1 # T1+=K[round]
and $e,$a2 # (f^g)&e
- mov $T1,`$SZ*($i&0xf)`(%rsp)
+ mov $b,$h
- xor $a1,$a0 # Sigma1(e)
+ ror \$`$Sigma0[1]-$Sigma0[0]`,$a1
+ xor $e,$a0
xor $g,$a2 # Ch(e,f,g)=((f^g)&e)^g
- add $h,$T1 # T1+=h
- mov $a,$h
- add $a0,$T1 # T1+=Sigma1(e)
-
+ xor $c,$h # b^c
+ xor $a,$a1
add $a2,$T1 # T1+=Ch(e,f,g)
- mov $a,$a0
- mov $a,$a1
+ mov $b,$a2
- ror \$$Sigma0[0],$h
- ror \$$Sigma0[1],$a0
- mov $a,$a2
- add ($Tbl,$round,$SZ),$T1 # T1+=K[round]
+ ror \$$Sigma1[0],$a0 # Sigma1(e)
+ and $a,$h # h=(b^c)&a
+ and $c,$a2 # b&c
- xor $a0,$h
- ror \$`$Sigma0[2]-$Sigma0[1]`,$a0
- or $c,$a1 # a|c
+ ror \$$Sigma0[0],$a1 # Sigma0(a)
+ add $a0,$T1 # T1+=Sigma1(e)
+ add $a2,$h # h+=b&c (completes +=Maj(a,b,c)
- xor $a0,$h # h=Sigma0(a)
- and $c,$a2 # a&c
add $T1,$d # d+=T1
-
- and $b,$a1 # (a|c)&b
add $T1,$h # h+=T1
-
- or $a2,$a1 # Maj(a,b,c)=((a|c)&b)|(a&c)
lea 1($round),$round # round++
+ add $a1,$h # h+=Sigma0(a)
- add $a1,$h # h+=Maj(a,b,c)
___
}
@@ -143,32 +142,30 @@
$code.=<<___;
mov `$SZ*(($i+1)&0xf)`(%rsp),$a0
- mov `$SZ*(($i+14)&0xf)`(%rsp),$T1
+ mov `$SZ*(($i+14)&0xf)`(%rsp),$a1
+ mov $a0,$T1
+ mov $a1,$a2
- mov $a0,$a2
-
+ ror \$`$sigma0[1]-$sigma0[0]`,$T1
+ xor $a0,$T1
shr \$$sigma0[2],$a0
- ror \$$sigma0[0],$a2
- xor $a2,$a0
- ror \$`$sigma0[1]-$sigma0[0]`,$a2
+ ror \$$sigma0[0],$T1
+ xor $T1,$a0 # sigma0(X[(i+1)&0xf])
+ mov `$SZ*(($i+9)&0xf)`(%rsp),$T1
- xor $a2,$a0 # sigma0(X[(i+1)&0xf])
- mov $T1,$a1
+ ror \$`$sigma1[1]-$sigma1[0]`,$a2
+ xor $a1,$a2
+ shr \$$sigma1[2],$a1
- shr \$$sigma1[2],$T1
- ror \$$sigma1[0],$a1
-
- xor $a1,$T1
- ror \$`$sigma1[1]-$sigma1[0]`,$a1
-
- xor $a1,$T1 # sigma1(X[(i+14)&0xf])
-
+ ror \$$sigma1[0],$a2
add $a0,$T1
+ xor $a2,$a1 # sigma1(X[(i+14)&0xf])
- add `$SZ*(($i+9)&0xf)`(%rsp),$T1
-
add `$SZ*($i&0xf)`(%rsp),$T1
+ mov $e,$a0
+ add $a1,$T1
+ mov $a,$a1
___
&ROUND_00_15(@_);
}
@@ -186,7 +183,7 @@
push %r13
push %r14
push %r15
- mov %rsp,%rbp # copy %rsp
+ mov %rsp,%r11 # copy %rsp
shl \$4,%rdx # num*16
sub \$$framesz,%rsp
lea ($inp,%rdx,$SZ),%rdx # inp+num*16*$SZ
@@ -194,10 +191,10 @@
mov $ctx,$_ctx # save ctx, 1st arg
mov $inp,$_inp # save inp, 2nd arh
mov %rdx,$_end # save end pointer, "3rd" arg
- mov %rbp,$_rsp # save copy of %rsp
+ mov %r11,$_rsp # save copy of %rsp
+.Lprologue:
- .picmeup $Tbl
- lea $TABLE-.($Tbl),$Tbl
+ lea $TABLE(%rip),$Tbl
mov $SZ*0($ctx),$A
mov $SZ*1($ctx),$B
@@ -215,6 +212,8 @@
___
for($i=0;$i<16;$i++) {
$code.=" mov $SZ*$i($inp),$T1\n";
+ $code.=" mov @ROT[4],$a0\n";
+ $code.=" mov @ROT[0],$a1\n";
$code.=" bswap $T1\n";
&ROUND_00_15($i, at ROT);
unshift(@ROT,pop(@ROT));
@@ -257,14 +256,15 @@
mov $H,$SZ*7($ctx)
jb .Lloop
- mov $_rsp,%rsp
- pop %r15
- pop %r14
- pop %r13
- pop %r12
- pop %rbp
- pop %rbx
-
+ mov $_rsp,%rsi
+ mov (%rsi),%r15
+ mov 8(%rsi),%r14
+ mov 16(%rsi),%r13
+ mov 24(%rsi),%r12
+ mov 32(%rsi),%rbp
+ mov 40(%rsi),%rbx
+ lea 48(%rsi),%rsp
+.Lepilogue:
ret
.size $func,.-$func
___
@@ -339,6 +339,113 @@
___
}
+# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
+# CONTEXT *context,DISPATCHER_CONTEXT *disp)
+if ($win64) {
+$rec="%rcx";
+$frame="%rdx";
+$context="%r8";
+$disp="%r9";
+
+$code.=<<___;
+.extern __imp_RtlVirtualUnwind
+.type se_handler,\@abi-omnipotent
+.align 16
+se_handler:
+ push %rsi
+ push %rdi
+ push %rbx
+ push %rbp
+ push %r12
+ push %r13
+ push %r14
+ push %r15
+ pushfq
+ sub \$64,%rsp
+
+ mov 120($context),%rax # pull context->Rax
+ mov 248($context),%rbx # pull context->Rip
+
+ lea .Lprologue(%rip),%r10
+ cmp %r10,%rbx # context->Rip<.Lprologue
+ jb .Lin_prologue
+
+ mov 152($context),%rax # pull context->Rsp
+
+ lea .Lepilogue(%rip),%r10
+ cmp %r10,%rbx # context->Rip>=.Lepilogue
+ jae .Lin_prologue
+
+ mov 16*$SZ+3*8(%rax),%rax # pull $_rsp
+ lea 48(%rax),%rax
+
+ mov -8(%rax),%rbx
+ mov -16(%rax),%rbp
+ mov -24(%rax),%r12
+ mov -32(%rax),%r13
+ mov -40(%rax),%r14
+ mov -48(%rax),%r15
+ mov %rbx,144($context) # restore context->Rbx
+ mov %rbp,160($context) # restore context->Rbp
+ mov %r12,216($context) # restore context->R12
+ mov %r13,224($context) # restore context->R13
+ mov %r14,232($context) # restore context->R14
+ mov %r15,240($context) # restore context->R15
+
+.Lin_prologue:
+ mov 8(%rax),%rdi
+ mov 16(%rax),%rsi
+ mov %rax,152($context) # restore context->Rsp
+ mov %rsi,168($context) # restore context->Rsi
+ mov %rdi,176($context) # restore context->Rdi
+
+ mov 40($disp),%rdi # disp->ContextRecord
+ mov $context,%rsi # context
+ mov \$154,%ecx # sizeof(CONTEXT)
+ .long 0xa548f3fc # cld; rep movsq
+
+ mov $disp,%rsi
+ xor %rcx,%rcx # arg1, UNW_FLAG_NHANDLER
+ mov 8(%rsi),%rdx # arg2, disp->ImageBase
+ mov 0(%rsi),%r8 # arg3, disp->ControlPc
+ mov 16(%rsi),%r9 # arg4, disp->FunctionEntry
+ mov 40(%rsi),%r10 # disp->ContextRecord
+ lea 56(%rsi),%r11 # &disp->HandlerData
+ lea 24(%rsi),%r12 # &disp->EstablisherFrame
+ mov %r10,32(%rsp) # arg5
+ mov %r11,40(%rsp) # arg6
+ mov %r12,48(%rsp) # arg7
+ mov %rcx,56(%rsp) # arg8, (NULL)
+ call *__imp_RtlVirtualUnwind(%rip)
+
+ mov \$1,%eax # ExceptionContinueSearch
+ add \$64,%rsp
+ popfq
+ pop %r15
+ pop %r14
+ pop %r13
+ pop %r12
+ pop %rbp
+ pop %rbx
+ pop %rdi
+ pop %rsi
+ ret
+.size se_handler,.-se_handler
+
+.section .pdata
+.align 4
+ .rva .LSEH_begin_$func
+ .rva .LSEH_end_$func
+ .rva .LSEH_info_$func
+
+.section .xdata
+.align 8
+.LSEH_info_$func:
+ .byte 9,0,0,0
+ .rva se_handler
+___
+}
+
$code =~ s/\`([^\`]*)\`/eval $1/gem;
print $code;
close STDOUT;
Modified: trunk/crypto/openssl/crypto/sha/sha.h
===================================================================
--- trunk/crypto/openssl/crypto/sha/sha.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/sha/sha.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -81,7 +81,7 @@
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
*/
-# if defined(OPENSSL_SYS_WIN16) || defined(__LP32__)
+# if defined(__LP32__)
# define SHA_LONG unsigned long
# elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__)
# define SHA_LONG unsigned long
@@ -115,6 +115,9 @@
void SHA_Transform(SHA_CTX *c, const unsigned char *data);
# endif
# ifndef OPENSSL_NO_SHA1
+# ifdef OPENSSL_FIPS
+int private_SHA1_Init(SHA_CTX *c);
+# endif
int SHA1_Init(SHA_CTX *c);
int SHA1_Update(SHA_CTX *c, const void *data, size_t len);
int SHA1_Final(unsigned char *md, SHA_CTX *c);
@@ -136,6 +139,10 @@
} SHA256_CTX;
# ifndef OPENSSL_NO_SHA256
+# ifdef OPENSSL_FIPS
+int private_SHA224_Init(SHA256_CTX *c);
+int private_SHA256_Init(SHA256_CTX *c);
+# endif
int SHA224_Init(SHA256_CTX *c);
int SHA224_Update(SHA256_CTX *c, const void *data, size_t len);
int SHA224_Final(unsigned char *md, SHA256_CTX *c);
@@ -185,6 +192,10 @@
# endif
# ifndef OPENSSL_NO_SHA512
+# ifdef OPENSSL_FIPS
+int private_SHA384_Init(SHA512_CTX *c);
+int private_SHA512_Init(SHA512_CTX *c);
+# endif
int SHA384_Init(SHA512_CTX *c);
int SHA384_Update(SHA512_CTX *c, const void *data, size_t len);
int SHA384_Final(unsigned char *md, SHA512_CTX *c);
Modified: trunk/crypto/openssl/crypto/sha/sha1_one.c
===================================================================
--- trunk/crypto/openssl/crypto/sha/sha1_one.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/sha/sha1_one.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -58,10 +58,10 @@
#include <stdio.h>
#include <string.h>
+#include <openssl/crypto.h>
#include <openssl/sha.h>
-#include <openssl/crypto.h>
-#if !defined(OPENSSL_NO_SHA1)
+#ifndef OPENSSL_NO_SHA1
unsigned char *SHA1(const unsigned char *d, size_t n, unsigned char *md)
{
SHA_CTX c;
Modified: trunk/crypto/openssl/crypto/sha/sha1dgst.c
===================================================================
--- trunk/crypto/openssl/crypto/sha/sha1dgst.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/sha/sha1dgst.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -56,6 +56,7 @@
* [including the GNU Public Licence.]
*/
+#include <openssl/crypto.h>
#include <openssl/opensslconf.h>
#if !defined(OPENSSL_NO_SHA1) && !defined(OPENSSL_NO_SHA)
@@ -63,9 +64,6 @@
# define SHA_1
# include <openssl/opensslv.h>
-# ifdef OPENSSL_FIPS
-# include <openssl/fips.h>
-# endif
const char SHA1_version[] = "SHA1" OPENSSL_VERSION_PTEXT;
Deleted: trunk/crypto/openssl/crypto/sha/sha1s.cpp
===================================================================
--- trunk/crypto/openssl/crypto/sha/sha1s.cpp 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/sha/sha1s.cpp 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,82 +0,0 @@
-//
-// gettsc.inl
-//
-// gives access to the Pentium's (secret) cycle counter
-//
-// This software was written by Leonard Janke (janke at unixg.ubc.ca)
-// in 1996-7 and is entered, by him, into the public domain.
-
-#if defined(__WATCOMC__)
-void GetTSC(unsigned long&);
-#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
-#elif defined(__GNUC__)
-inline
-void GetTSC(unsigned long& tsc)
-{
- asm volatile(".byte 15, 49\n\t"
- : "=eax" (tsc)
- :
- : "%edx", "%eax");
-}
-#elif defined(_MSC_VER)
-inline
-void GetTSC(unsigned long& tsc)
-{
- unsigned long a;
- __asm _emit 0fh
- __asm _emit 31h
- __asm mov a, eax;
- tsc=a;
-}
-#endif
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/sha.h>
-
-#define sha1_block_x86 sha1_block_asm_data_order
-extern "C" {
-void sha1_block_x86(SHA_CTX *ctx, unsigned char *buffer,int num);
-}
-
-void main(int argc,char *argv[])
- {
- unsigned char buffer[64*256];
- SHA_CTX ctx;
- unsigned long s1,s2,e1,e2;
- unsigned char k[16];
- unsigned long data[2];
- unsigned char iv[8];
- int i,num=0,numm;
- int j=0;
-
- if (argc >= 2)
- num=atoi(argv[1]);
-
- if (num == 0) num=16;
- if (num > 250) num=16;
- numm=num+2;
-#if 0
- num*=64;
- numm*=64;
-#endif
-
- for (j=0; j<6; j++)
- {
- for (i=0; i<10; i++) /**/
- {
- sha1_block_x86(&ctx,buffer,numm);
- GetTSC(s1);
- sha1_block_x86(&ctx,buffer,numm);
- GetTSC(e1);
- GetTSC(s2);
- sha1_block_x86(&ctx,buffer,num);
- GetTSC(e2);
- sha1_block_x86(&ctx,buffer,num);
- }
-
- printf("sha1 (%d bytes) %d %d (%.2f)\n",num*64,
- e1-s1,e2-s2,(double)((e1-s1)-(e2-s2))/2);
- }
- }
-
Modified: trunk/crypto/openssl/crypto/sha/sha256.c
===================================================================
--- trunk/crypto/openssl/crypto/sha/sha256.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/sha/sha256.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -12,19 +12,13 @@
# include <openssl/crypto.h>
# include <openssl/sha.h>
-# ifdef OPENSSL_FIPS
-# include <openssl/fips.h>
-# endif
-
# include <openssl/opensslv.h>
const char SHA256_version[] = "SHA-256" OPENSSL_VERSION_PTEXT;
-int SHA224_Init(SHA256_CTX *c)
+fips_md_init_ctx(SHA224, SHA256)
{
-# ifdef OPENSSL_FIPS
- FIPS_selftest_check();
-# endif
+ memset(c, 0, sizeof(*c));
c->h[0] = 0xc1059ed8UL;
c->h[1] = 0x367cd507UL;
c->h[2] = 0x3070dd17UL;
@@ -33,18 +27,13 @@
c->h[5] = 0x68581511UL;
c->h[6] = 0x64f98fa7UL;
c->h[7] = 0xbefa4fa4UL;
- c->Nl = 0;
- c->Nh = 0;
- c->num = 0;
c->md_len = SHA224_DIGEST_LENGTH;
return 1;
}
-int SHA256_Init(SHA256_CTX *c)
+fips_md_init(SHA256)
{
-# ifdef OPENSSL_FIPS
- FIPS_selftest_check();
-# endif
+ memset(c, 0, sizeof(*c));
c->h[0] = 0x6a09e667UL;
c->h[1] = 0xbb67ae85UL;
c->h[2] = 0x3c6ef372UL;
@@ -53,9 +42,6 @@
c->h[5] = 0x9b05688cUL;
c->h[6] = 0x1f83d9abUL;
c->h[7] = 0x5be0cd19UL;
- c->Nl = 0;
- c->Nh = 0;
- c->num = 0;
c->md_len = SHA256_DIGEST_LENGTH;
return 1;
}
@@ -113,21 +99,21 @@
*/
# define HASH_MAKE_STRING(c,s) do { \
unsigned long ll; \
- unsigned int xn; \
+ unsigned int nn; \
switch ((c)->md_len) \
{ case SHA224_DIGEST_LENGTH: \
- for (xn=0;xn<SHA224_DIGEST_LENGTH/4;xn++) \
- { ll=(c)->h[xn]; HOST_l2c(ll,(s)); } \
+ for (nn=0;nn<SHA224_DIGEST_LENGTH/4;nn++) \
+ { ll=(c)->h[nn]; (void)HOST_l2c(ll,(s)); } \
break; \
case SHA256_DIGEST_LENGTH: \
- for (xn=0;xn<SHA256_DIGEST_LENGTH/4;xn++) \
- { ll=(c)->h[xn]; HOST_l2c(ll,(s)); } \
+ for (nn=0;nn<SHA256_DIGEST_LENGTH/4;nn++) \
+ { ll=(c)->h[nn]; (void)HOST_l2c(ll,(s)); } \
break; \
default: \
if ((c)->md_len > SHA256_DIGEST_LENGTH) \
return 0; \
- for (xn=0;xn<(c)->md_len/4;xn++) \
- { ll=(c)->h[xn]; HOST_l2c(ll,(s)); } \
+ for (nn=0;nn<(c)->md_len/4;nn++) \
+ { ll=(c)->h[nn]; (void)HOST_l2c(ll,(s)); } \
break; \
} \
} while (0)
Modified: trunk/crypto/openssl/crypto/sha/sha512.c
===================================================================
--- trunk/crypto/openssl/crypto/sha/sha512.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/sha/sha512.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -5,10 +5,6 @@
* ====================================================================
*/
#include <openssl/opensslconf.h>
-#ifdef OPENSSL_FIPS
-# include <openssl/fips.h>
-#endif
-
#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA512)
/*-
* IMPLEMENTATION NOTES.
@@ -63,11 +59,8 @@
# define SHA512_BLOCK_CAN_MANAGE_UNALIGNED_DATA
# endif
-int SHA384_Init(SHA512_CTX *c)
+fips_md_init_ctx(SHA384, SHA512)
{
-# ifdef OPENSSL_FIPS
- FIPS_selftest_check();
-# endif
c->h[0] = U64(0xcbbb9d5dc1059ed8);
c->h[1] = U64(0x629a292a367cd507);
c->h[2] = U64(0x9159015a3070dd17);
@@ -76,6 +69,7 @@
c->h[5] = U64(0x8eb44a8768581511);
c->h[6] = U64(0xdb0c2e0d64f98fa7);
c->h[7] = U64(0x47b5481dbefa4fa4);
+
c->Nl = 0;
c->Nh = 0;
c->num = 0;
@@ -83,11 +77,8 @@
return 1;
}
-int SHA512_Init(SHA512_CTX *c)
+fips_md_init(SHA512)
{
-# ifdef OPENSSL_FIPS
- FIPS_selftest_check();
-# endif
c->h[0] = U64(0x6a09e667f3bcc908);
c->h[1] = U64(0xbb67ae8584caa73b);
c->h[2] = U64(0x3c6ef372fe94f82b);
@@ -96,6 +87,7 @@
c->h[5] = U64(0x9b05688c2b3e6c1f);
c->h[6] = U64(0x1f83d9abfb41bd6b);
c->h[7] = U64(0x5be0cd19137e2179);
+
c->Nl = 0;
c->Nh = 0;
c->num = 0;
@@ -210,7 +202,7 @@
size_t n = sizeof(c->u) - c->num;
if (len < n) {
- memcpy(p + c->num, data, len), c->num += len;
+ memcpy(p + c->num, data, len), c->num += (unsigned int)len;
return 1;
} else {
memcpy(p + c->num, data, n), c->num = 0;
@@ -245,6 +237,10 @@
void SHA512_Transform(SHA512_CTX *c, const unsigned char *data)
{
+# ifndef SHA512_BLOCK_CAN_MANAGE_UNALIGNED_DATA
+ if ((size_t)data % sizeof(c->u.d[0]) != 0)
+ memcpy(c->u.p, data, sizeof(c->u.p)), data = c->u.p;
+# endif
sha512_block_data_order(c, data, 1);
}
@@ -323,7 +319,7 @@
# ifndef PEDANTIC
# if defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
# if defined(__x86_64) || defined(__x86_64__)
-# define ROTR(a,n) ({ unsigned long ret; \
+# define ROTR(a,n) ({ SHA_LONG64 ret; \
asm ("rorq %1,%0" \
: "=r"(ret) \
: "J"(n),"0"(a) \
@@ -346,7 +342,7 @@
((SHA_LONG64)hi)<<32|lo; })
# else
# define PULL64(x) ({ const unsigned int *p=(const unsigned int *)(&(x));\
- unsigned int hi=p[0],lo=p[1]; \
+ unsigned int hi=p[0],lo=p[1]; \
asm ("bswapl %0; bswapl %1;" \
: "=r"(lo),"=r"(hi) \
: "0"(lo),"1"(hi)); \
@@ -353,7 +349,7 @@
((SHA_LONG64)hi)<<32|lo; })
# endif
# elif (defined(_ARCH_PPC) && defined(__64BIT__)) || defined(_ARCH_PPC64)
-# define ROTR(a,n) ({ unsigned long ret; \
+# define ROTR(a,n) ({ SHA_LONG64 ret; \
asm ("rotrdi %0,%1,%2" \
: "=r"(ret) \
: "r"(a),"K"(n)); ret; })
@@ -360,6 +356,7 @@
# endif
# elif defined(_MSC_VER)
# if defined(_WIN64) /* applies to both IA-64 and AMD64 */
+# pragma intrinsic(_rotr64)
# define ROTR(a,n) _rotr64((a),n)
# endif
# if defined(_M_IX86) && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
@@ -398,14 +395,71 @@
# define sigma1(x) (ROTR((x),19) ^ ROTR((x),61) ^ ((x)>>6))
# define Ch(x,y,z) (((x) & (y)) ^ ((~(x)) & (z)))
# define Maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))
-# if defined(OPENSSL_IA32_SSE2) && !defined(OPENSSL_NO_ASM) && !defined(I386_ONLY)
-# define GO_FOR_SSE2(ctx,in,num) do { \
- void sha512_block_sse2(void *,const void *,size_t); \
- if (!(OPENSSL_ia32cap_P & (1<<26))) break; \
- sha512_block_sse2(ctx->h,in,num); return; \
- } while (0)
-# endif
-# ifdef OPENSSL_SMALL_FOOTPRINT
+# if defined(__i386) || defined(__i386__) || defined(_M_IX86)
+/*
+ * This code should give better results on 32-bit CPU with less than
+ * ~24 registers, both size and performance wise...
+ */ static void sha512_block_data_order(SHA512_CTX *ctx, const void *in,
+ size_t num)
+{
+ const SHA_LONG64 *W = in;
+ SHA_LONG64 A, E, T;
+ SHA_LONG64 X[9 + 80], *F;
+ int i;
+
+ while (num--) {
+
+ F = X + 80;
+ A = ctx->h[0];
+ F[1] = ctx->h[1];
+ F[2] = ctx->h[2];
+ F[3] = ctx->h[3];
+ E = ctx->h[4];
+ F[5] = ctx->h[5];
+ F[6] = ctx->h[6];
+ F[7] = ctx->h[7];
+
+ for (i = 0; i < 16; i++, F--) {
+# ifdef B_ENDIAN
+ T = W[i];
+# else
+ T = PULL64(W[i]);
+# endif
+ F[0] = A;
+ F[4] = E;
+ F[8] = T;
+ T += F[7] + Sigma1(E) + Ch(E, F[5], F[6]) + K512[i];
+ E = F[3] + T;
+ A = T + Sigma0(A) + Maj(A, F[1], F[2]);
+ }
+
+ for (; i < 80; i++, F--) {
+ T = sigma0(F[8 + 16 - 1]);
+ T += sigma1(F[8 + 16 - 14]);
+ T += F[8 + 16] + F[8 + 16 - 9];
+
+ F[0] = A;
+ F[4] = E;
+ F[8] = T;
+ T += F[7] + Sigma1(E) + Ch(E, F[5], F[6]) + K512[i];
+ E = F[3] + T;
+ A = T + Sigma0(A) + Maj(A, F[1], F[2]);
+ }
+
+ ctx->h[0] += A;
+ ctx->h[1] += F[1];
+ ctx->h[2] += F[2];
+ ctx->h[3] += F[3];
+ ctx->h[4] += E;
+ ctx->h[5] += F[5];
+ ctx->h[6] += F[6];
+ ctx->h[7] += F[7];
+
+ W += SHA_LBLOCK;
+ }
+}
+
+# elif defined(OPENSSL_SMALL_FOOTPRINT)
static void sha512_block_data_order(SHA512_CTX *ctx, const void *in,
size_t num)
{
@@ -414,10 +468,6 @@
SHA_LONG64 X[16];
int i;
-# ifdef GO_FOR_SSE2
- GO_FOR_SSE2(ctx, in, num);
-# endif
-
while (num--) {
a = ctx->h[0];
@@ -484,11 +534,11 @@
T1 += h + Sigma1(e) + Ch(e,f,g) + K512[i]; \
h = Sigma0(a) + Maj(a,b,c); \
d += T1; h += T1; } while (0)
-# define ROUND_16_80(i,a,b,c,d,e,f,g,h,X) do { \
- s0 = X[(i+1)&0x0f]; s0 = sigma0(s0); \
- s1 = X[(i+14)&0x0f]; s1 = sigma1(s1); \
- T1 = X[(i)&0x0f] += s0 + s1 + X[(i+9)&0x0f]; \
- ROUND_00_15(i,a,b,c,d,e,f,g,h); } while (0)
+# define ROUND_16_80(i,j,a,b,c,d,e,f,g,h,X) do { \
+ s0 = X[(j+1)&0x0f]; s0 = sigma0(s0); \
+ s1 = X[(j+14)&0x0f]; s1 = sigma1(s1); \
+ T1 = X[(j)&0x0f] += s0 + s1 + X[(j+9)&0x0f]; \
+ ROUND_00_15(i+j,a,b,c,d,e,f,g,h); } while (0)
static void sha512_block_data_order(SHA512_CTX *ctx, const void *in,
size_t num)
{
@@ -497,10 +547,6 @@
SHA_LONG64 X[16];
int i;
-# ifdef GO_FOR_SSE2
- GO_FOR_SSE2(ctx, in, num);
-# endif
-
while (num--) {
a = ctx->h[0];
@@ -580,15 +626,23 @@
ROUND_00_15(15, b, c, d, e, f, g, h, a);
# endif
- for (i = 16; i < 80; i += 8) {
- ROUND_16_80(i + 0, a, b, c, d, e, f, g, h, X);
- ROUND_16_80(i + 1, h, a, b, c, d, e, f, g, X);
- ROUND_16_80(i + 2, g, h, a, b, c, d, e, f, X);
- ROUND_16_80(i + 3, f, g, h, a, b, c, d, e, X);
- ROUND_16_80(i + 4, e, f, g, h, a, b, c, d, X);
- ROUND_16_80(i + 5, d, e, f, g, h, a, b, c, X);
- ROUND_16_80(i + 6, c, d, e, f, g, h, a, b, X);
- ROUND_16_80(i + 7, b, c, d, e, f, g, h, a, X);
+ for (i = 16; i < 80; i += 16) {
+ ROUND_16_80(i, 0, a, b, c, d, e, f, g, h, X);
+ ROUND_16_80(i, 1, h, a, b, c, d, e, f, g, X);
+ ROUND_16_80(i, 2, g, h, a, b, c, d, e, f, X);
+ ROUND_16_80(i, 3, f, g, h, a, b, c, d, e, X);
+ ROUND_16_80(i, 4, e, f, g, h, a, b, c, d, X);
+ ROUND_16_80(i, 5, d, e, f, g, h, a, b, c, X);
+ ROUND_16_80(i, 6, c, d, e, f, g, h, a, b, X);
+ ROUND_16_80(i, 7, b, c, d, e, f, g, h, a, X);
+ ROUND_16_80(i, 8, a, b, c, d, e, f, g, h, X);
+ ROUND_16_80(i, 9, h, a, b, c, d, e, f, g, X);
+ ROUND_16_80(i, 10, g, h, a, b, c, d, e, f, X);
+ ROUND_16_80(i, 11, f, g, h, a, b, c, d, e, X);
+ ROUND_16_80(i, 12, e, f, g, h, a, b, c, d, X);
+ ROUND_16_80(i, 13, d, e, f, g, h, a, b, c, X);
+ ROUND_16_80(i, 14, c, d, e, f, g, h, a, b, X);
+ ROUND_16_80(i, 15, b, c, d, e, f, g, h, a, X);
}
ctx->h[0] += a;
@@ -608,14 +662,10 @@
# endif /* SHA512_ASM */
-#else /* OPENSSL_NO_SHA512 */
+#else /* !OPENSSL_NO_SHA512 */
-/*
- * Sensitive compilers ("Compaq C V6.4-005 on OpenVMS VAX V7.3", for example)
- * dislike a statement-free file, complaining: "%CC-W-EMPTYFILE, Source file
- * does not contain any declarations."
- */
+# if defined(PEDANTIC) || defined(__DECC) || defined(OPENSSL_SYS_MACOSX)
+static void *dummy = &dummy;
+# endif
-int sha512_dummy();
-
-#endif /* OPENSSL_NO_SHA512 */
+#endif /* !OPENSSL_NO_SHA512 */
Modified: trunk/crypto/openssl/crypto/sha/sha_dgst.c
===================================================================
--- trunk/crypto/openssl/crypto/sha/sha_dgst.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/sha/sha_dgst.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -56,13 +56,8 @@
* [including the GNU Public Licence.]
*/
+#include <openssl/crypto.h>
#include <openssl/opensslconf.h>
-#include <openssl/crypto.h>
-#ifdef OPENSSL_FIPS
-# include <openssl/fips.h>
-#endif
-
-#include <openssl/err.h>
#if !defined(OPENSSL_NO_SHA0) && !defined(OPENSSL_NO_SHA)
# undef SHA_1
Modified: trunk/crypto/openssl/crypto/sha/sha_locl.h
===================================================================
--- trunk/crypto/openssl/crypto/sha/sha_locl.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/sha/sha_locl.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -69,11 +69,11 @@
#define HASH_CBLOCK SHA_CBLOCK
#define HASH_MAKE_STRING(c,s) do { \
unsigned long ll; \
- ll=(c)->h0; HOST_l2c(ll,(s)); \
- ll=(c)->h1; HOST_l2c(ll,(s)); \
- ll=(c)->h2; HOST_l2c(ll,(s)); \
- ll=(c)->h3; HOST_l2c(ll,(s)); \
- ll=(c)->h4; HOST_l2c(ll,(s)); \
+ ll=(c)->h0; (void)HOST_l2c(ll,(s)); \
+ ll=(c)->h1; (void)HOST_l2c(ll,(s)); \
+ ll=(c)->h2; (void)HOST_l2c(ll,(s)); \
+ ll=(c)->h3; (void)HOST_l2c(ll,(s)); \
+ ll=(c)->h4; (void)HOST_l2c(ll,(s)); \
} while (0)
#if defined(SHA_0)
@@ -122,23 +122,18 @@
#define INIT_DATA_h3 0x10325476UL
#define INIT_DATA_h4 0xc3d2e1f0UL
-#if defined(SHA_0) && defined(OPENSSL_FIPS)
-FIPS_NON_FIPS_MD_Init(SHA)
+#ifdef SHA_0
+fips_md_init(SHA)
#else
-int HASH_INIT(SHA_CTX *c)
+fips_md_init_ctx(SHA1, SHA)
#endif
{
-#if defined(SHA_1) && defined(OPENSSL_FIPS)
- FIPS_selftest_check();
-#endif
+ memset(c, 0, sizeof(*c));
c->h0 = INIT_DATA_h0;
c->h1 = INIT_DATA_h1;
c->h2 = INIT_DATA_h2;
c->h3 = INIT_DATA_h3;
c->h4 = INIT_DATA_h4;
- c->Nl = 0;
- c->Nh = 0;
- c->num = 0;
return 1;
}
@@ -278,51 +273,51 @@
data += SHA_CBLOCK;
} else {
- HOST_c2l(data, l);
+ (void)HOST_c2l(data, l);
X(0) = l;
- HOST_c2l(data, l);
+ (void)HOST_c2l(data, l);
X(1) = l;
BODY_00_15(0, A, B, C, D, E, T, X(0));
- HOST_c2l(data, l);
+ (void)HOST_c2l(data, l);
X(2) = l;
BODY_00_15(1, T, A, B, C, D, E, X(1));
- HOST_c2l(data, l);
+ (void)HOST_c2l(data, l);
X(3) = l;
BODY_00_15(2, E, T, A, B, C, D, X(2));
- HOST_c2l(data, l);
+ (void)HOST_c2l(data, l);
X(4) = l;
BODY_00_15(3, D, E, T, A, B, C, X(3));
- HOST_c2l(data, l);
+ (void)HOST_c2l(data, l);
X(5) = l;
BODY_00_15(4, C, D, E, T, A, B, X(4));
- HOST_c2l(data, l);
+ (void)HOST_c2l(data, l);
X(6) = l;
BODY_00_15(5, B, C, D, E, T, A, X(5));
- HOST_c2l(data, l);
+ (void)HOST_c2l(data, l);
X(7) = l;
BODY_00_15(6, A, B, C, D, E, T, X(6));
- HOST_c2l(data, l);
+ (void)HOST_c2l(data, l);
X(8) = l;
BODY_00_15(7, T, A, B, C, D, E, X(7));
- HOST_c2l(data, l);
+ (void)HOST_c2l(data, l);
X(9) = l;
BODY_00_15(8, E, T, A, B, C, D, X(8));
- HOST_c2l(data, l);
+ (void)HOST_c2l(data, l);
X(10) = l;
BODY_00_15(9, D, E, T, A, B, C, X(9));
- HOST_c2l(data, l);
+ (void)HOST_c2l(data, l);
X(11) = l;
BODY_00_15(10, C, D, E, T, A, B, X(10));
- HOST_c2l(data, l);
+ (void)HOST_c2l(data, l);
X(12) = l;
BODY_00_15(11, B, C, D, E, T, A, X(11));
- HOST_c2l(data, l);
+ (void)HOST_c2l(data, l);
X(13) = l;
BODY_00_15(12, A, B, C, D, E, T, X(12));
- HOST_c2l(data, l);
+ (void)HOST_c2l(data, l);
X(14) = l;
BODY_00_15(13, T, A, B, C, D, E, X(13));
- HOST_c2l(data, l);
+ (void)HOST_c2l(data, l);
X(15) = l;
BODY_00_15(14, E, T, A, B, C, D, X(14));
BODY_00_15(15, D, E, T, A, B, C, X(15));
Modified: trunk/crypto/openssl/crypto/sha/shatest.c
===================================================================
--- trunk/crypto/openssl/crypto/sha/shatest.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/sha/shatest.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -122,9 +122,9 @@
R = ret;
i = 1;
while (*P != NULL) {
- EVP_Digest(*P, strlen((char *)*P), md, NULL, EVP_sha(), NULL);
+ EVP_Digest(*P, strlen(*P), md, NULL, EVP_sha(), NULL);
p = pt(md);
- if (strcmp(p, (char *)*R) != 0) {
+ if (strcmp(p, *R) != 0) {
printf("error calculating SHA on '%s'\n", *P);
printf("got %s instead of %s\n", p, *R);
err++;
Modified: trunk/crypto/openssl/crypto/sparccpuid.S
===================================================================
--- trunk/crypto/openssl/crypto/sparccpuid.S 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/sparccpuid.S 2015-07-21 23:23:45 UTC (rev 7118)
@@ -34,7 +34,8 @@
nop
call .PIC.zero.up
mov .zero-(.-4),%o0
- ldd [%o0],%f0
+ ld [%o0],%f0
+ ld [%o0],%f1
subcc %g0,1,%o0
! Following is V9 "rd %ccr,%o0" instruction. However! V8
@@ -166,6 +167,7 @@
.global OPENSSL_atomic_add
.type OPENSSL_atomic_add,#function
+.align 32
OPENSSL_atomic_add:
#ifndef ABI64
subcc %g0,1,%o2
@@ -177,7 +179,7 @@
ba .enter
nop
#ifdef __sun
-! Note that you don't have to link with libthread to call thr_yield,
+! Note that you do not have to link with libthread to call thr_yield,
! as libc provides a stub, which is overloaded the moment you link
! with *either* libpthread or libthread...
#define YIELD_CPU thr_yield
@@ -213,27 +215,188 @@
sra %o0,%g0,%o0 ! we return signed int, remember?
.size OPENSSL_atomic_add,.-OPENSSL_atomic_add
-.global OPENSSL_rdtsc
+.global _sparcv9_rdtick
+.align 32
+_sparcv9_rdtick:
subcc %g0,1,%o0
.word 0x91408000 !rd %ccr,%o0
cmp %o0,0x99
- bne .notsc
+ bne .notick
xor %o0,%o0,%o0
- save %sp,FRAME-16,%sp
- mov 513,%o0 !SI_PLATFORM
- add %sp,BIAS+16,%o1
- call sysinfo
- mov 256,%o2
+ .word 0x91410000 !rd %tick,%o0
+ retl
+ .word 0x93323020 !srlx %o0,32,%o1
+.notick:
+ retl
+ xor %o1,%o1,%o1
+.type _sparcv9_rdtick,#function
+.size _sparcv9_rdtick,.-_sparcv9_rdtick
- add %sp,BIAS-16,%o1
- ld [%o1],%l0
- ld [%o1+4],%l1
- ld [%o1+8],%l2
- mov %lo('SUNW'),%l3
- ret
- restore
-.notsc:
+.global _sparcv9_vis1_probe
+.align 8
+_sparcv9_vis1_probe:
+ add %sp,BIAS+2,%o1
+ .word 0xc19a5a40 !ldda [%o1]ASI_FP16_P,%f0
retl
+ .word 0x81b00d80 !fxor %f0,%f0,%f0
+.type _sparcv9_vis1_probe,#function
+.size _sparcv9_vis1_probe,.-_sparcv9_vis1_probe
+
+! Probe and instrument VIS1 instruction. Output is number of cycles it
+! takes to execute rdtick and pair of VIS1 instructions. US-Tx VIS unit
+! is slow (documented to be 6 cycles on T2) and the core is in-order
+! single-issue, it should be possible to distinguish Tx reliably...
+! Observed return values are:
+!
+! UltraSPARC IIe 7
+! UltraSPARC III 7
+! UltraSPARC T1 24
+!
+! Numbers for T2 and SPARC64 V-VII are more than welcomed.
+!
+! It would be possible to detect specifically US-T1 by instrumenting
+! fmul8ulx16, which is emulated on T1 and as such accounts for quite
+! a lot of %tick-s, couple of thousand on Linux...
+.global _sparcv9_vis1_instrument
+.align 8
+_sparcv9_vis1_instrument:
+ .word 0x91410000 !rd %tick,%o0
+ .word 0x81b00d80 !fxor %f0,%f0,%f0
+ .word 0x85b08d82 !fxor %f2,%f2,%f2
+ .word 0x93410000 !rd %tick,%o1
+ .word 0x81b00d80 !fxor %f0,%f0,%f0
+ .word 0x85b08d82 !fxor %f2,%f2,%f2
+ .word 0x95410000 !rd %tick,%o2
+ .word 0x81b00d80 !fxor %f0,%f0,%f0
+ .word 0x85b08d82 !fxor %f2,%f2,%f2
+ .word 0x97410000 !rd %tick,%o3
+ .word 0x81b00d80 !fxor %f0,%f0,%f0
+ .word 0x85b08d82 !fxor %f2,%f2,%f2
+ .word 0x99410000 !rd %tick,%o4
+
+ ! calculate intervals
+ sub %o1,%o0,%o0
+ sub %o2,%o1,%o1
+ sub %o3,%o2,%o2
+ sub %o4,%o3,%o3
+
+ ! find minumum value
+ cmp %o0,%o1
+ .word 0x38680002 !bgu,a %xcc,.+8
+ mov %o1,%o0
+ cmp %o0,%o2
+ .word 0x38680002 !bgu,a %xcc,.+8
+ mov %o2,%o0
+ cmp %o0,%o3
+ .word 0x38680002 !bgu,a %xcc,.+8
+ mov %o3,%o0
+
+ retl
nop
-.type OPENSSL_rdtsc,#function
-.size OPENSSL_rdtsc,.-OPENSSL_atomic_add
+.type _sparcv9_vis1_instrument,#function
+.size _sparcv9_vis1_instrument,.-_sparcv9_vis1_instrument
+
+.global _sparcv9_vis2_probe
+.align 8
+_sparcv9_vis2_probe:
+ retl
+ .word 0x81b00980 !bshuffle %f0,%f0,%f0
+.type _sparcv9_vis2_probe,#function
+.size _sparcv9_vis2_probe,.-_sparcv9_vis2_probe
+
+.global _sparcv9_fmadd_probe
+.align 8
+_sparcv9_fmadd_probe:
+ .word 0x81b00d80 !fxor %f0,%f0,%f0
+ .word 0x85b08d82 !fxor %f2,%f2,%f2
+ retl
+ .word 0x81b80440 !fmaddd %f0,%f0,%f2,%f0
+.type _sparcv9_fmadd_probe,#function
+.size _sparcv9_fmadd_probe,.-_sparcv9_fmadd_probe
+
+.global OPENSSL_cleanse
+.align 32
+OPENSSL_cleanse:
+ cmp %o1,14
+ nop
+#ifdef ABI64
+ bgu %xcc,.Lot
+#else
+ bgu .Lot
+#endif
+ cmp %o1,0
+ bne .Little
+ nop
+ retl
+ nop
+
+.Little:
+ stb %g0,[%o0]
+ subcc %o1,1,%o1
+ bnz .Little
+ add %o0,1,%o0
+ retl
+ nop
+.align 32
+.Lot:
+#ifndef ABI64
+ subcc %g0,1,%g1
+ ! see above for explanation
+ .word 0x83408000 !rd %ccr,%g1
+ cmp %g1,0x99
+ bne .v8lot
+ nop
+#endif
+
+.v9lot: andcc %o0,7,%g0
+ bz .v9aligned
+ nop
+ stb %g0,[%o0]
+ sub %o1,1,%o1
+ ba .v9lot
+ add %o0,1,%o0
+.align 16,0x01000000
+.v9aligned:
+ .word 0xc0720000 !stx %g0,[%o0]
+ sub %o1,8,%o1
+ andcc %o1,-8,%g0
+#ifdef ABI64
+ .word 0x126ffffd !bnz %xcc,.v9aligned
+#else
+ .word 0x124ffffd !bnz %icc,.v9aligned
+#endif
+ add %o0,8,%o0
+
+ cmp %o1,0
+ bne .Little
+ nop
+ retl
+ nop
+#ifndef ABI64
+.v8lot: andcc %o0,3,%g0
+ bz .v8aligned
+ nop
+ stb %g0,[%o0]
+ sub %o1,1,%o1
+ ba .v8lot
+ add %o0,1,%o0
+ nop
+.v8aligned:
+ st %g0,[%o0]
+ sub %o1,4,%o1
+ andcc %o1,-4,%g0
+ bnz .v8aligned
+ add %o0,4,%o0
+
+ cmp %o1,0
+ bne .Little
+ nop
+ retl
+ nop
+#endif
+.type OPENSSL_cleanse,#function
+.size OPENSSL_cleanse,.-OPENSSL_cleanse
+
+.section ".init",#alloc,#execinstr
+ call OPENSSL_cpuid_setup
+ nop
Copied: trunk/crypto/openssl/crypto/sparcv9cap.c (from rev 7117, vendor-crypto/openssl/dist/crypto/sparcv9cap.c)
===================================================================
--- trunk/crypto/openssl/crypto/sparcv9cap.c (rev 0)
+++ trunk/crypto/openssl/crypto/sparcv9cap.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,245 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <setjmp.h>
+#include <signal.h>
+#include <sys/time.h>
+#include <openssl/bn.h>
+
+#define SPARCV9_TICK_PRIVILEGED (1<<0)
+#define SPARCV9_PREFER_FPU (1<<1)
+#define SPARCV9_VIS1 (1<<2)
+#define SPARCV9_VIS2 (1<<3) /* reserved */
+#define SPARCV9_FMADD (1<<4) /* reserved for SPARC64 V */
+
+static int OPENSSL_sparcv9cap_P = SPARCV9_TICK_PRIVILEGED;
+
+int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
+ const BN_ULONG *np, const BN_ULONG *n0, int num)
+{
+ int bn_mul_mont_fpu(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
+ const BN_ULONG *np, const BN_ULONG *n0, int num);
+ int bn_mul_mont_int(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
+ const BN_ULONG *np, const BN_ULONG *n0, int num);
+
+ if (num >= 8 && !(num & 1) &&
+ (OPENSSL_sparcv9cap_P & (SPARCV9_PREFER_FPU | SPARCV9_VIS1)) ==
+ (SPARCV9_PREFER_FPU | SPARCV9_VIS1))
+ return bn_mul_mont_fpu(rp, ap, bp, np, n0, num);
+ else
+ return bn_mul_mont_int(rp, ap, bp, np, n0, num);
+}
+
+unsigned long _sparcv9_rdtick(void);
+void _sparcv9_vis1_probe(void);
+unsigned long _sparcv9_vis1_instrument(void);
+void _sparcv9_vis2_probe(void);
+void _sparcv9_fmadd_probe(void);
+
+unsigned long OPENSSL_rdtsc(void)
+{
+ if (OPENSSL_sparcv9cap_P & SPARCV9_TICK_PRIVILEGED)
+#if defined(__sun) && defined(__SVR4)
+ return gethrtime();
+#else
+ return 0;
+#endif
+ else
+ return _sparcv9_rdtick();
+}
+
+#if 0 && defined(__sun) && defined(__SVR4)
+/*
+ * This code path is disabled, because of incompatibility of libdevinfo.so.1
+ * and libmalloc.so.1 (see below for details)
+ */
+# include <malloc.h>
+# include <dlfcn.h>
+# include <libdevinfo.h>
+# include <sys/systeminfo.h>
+
+typedef di_node_t(*di_init_t) (const char *, uint_t);
+typedef void (*di_fini_t) (di_node_t);
+typedef char *(*di_node_name_t) (di_node_t);
+typedef int (*di_walk_node_t) (di_node_t, uint_t, di_node_name_t,
+ int (*)(di_node_t, di_node_name_t));
+
+# define DLLINK(h,name) (name=(name##_t)dlsym((h),#name))
+
+static int walk_nodename(di_node_t node, di_node_name_t di_node_name)
+{
+ char *name = (*di_node_name) (node);
+
+ /* This is expected to catch all UltraSPARC flavors prior T1 */
+ if (!strcmp(name, "SUNW,UltraSPARC") ||
+ /* covers II,III,IV */
+ !strncmp(name, "SUNW,UltraSPARC-I", 17)) {
+ OPENSSL_sparcv9cap_P |= SPARCV9_PREFER_FPU | SPARCV9_VIS1;
+
+ /* %tick is privileged only on UltraSPARC-I/II, but not IIe */
+ if (name[14] != '\0' && name[17] != '\0' && name[18] != '\0')
+ OPENSSL_sparcv9cap_P &= ~SPARCV9_TICK_PRIVILEGED;
+
+ return DI_WALK_TERMINATE;
+ }
+ /* This is expected to catch remaining UltraSPARCs, such as T1 */
+ else if (!strncmp(name, "SUNW,UltraSPARC", 15)) {
+ OPENSSL_sparcv9cap_P &= ~SPARCV9_TICK_PRIVILEGED;
+
+ return DI_WALK_TERMINATE;
+ }
+
+ return DI_WALK_CONTINUE;
+}
+
+void OPENSSL_cpuid_setup(void)
+{
+ void *h;
+ char *e, si[256];
+ static int trigger = 0;
+
+ if (trigger)
+ return;
+ trigger = 1;
+
+ if ((e = getenv("OPENSSL_sparcv9cap"))) {
+ OPENSSL_sparcv9cap_P = strtoul(e, NULL, 0);
+ return;
+ }
+
+ if (sysinfo(SI_MACHINE, si, sizeof(si)) > 0) {
+ if (strcmp(si, "sun4v"))
+ /* FPU is preferred for all CPUs, but US-T1/2 */
+ OPENSSL_sparcv9cap_P |= SPARCV9_PREFER_FPU;
+ }
+
+ if (sysinfo(SI_ISALIST, si, sizeof(si)) > 0) {
+ if (strstr(si, "+vis"))
+ OPENSSL_sparcv9cap_P |= SPARCV9_VIS1;
+ if (strstr(si, "+vis2")) {
+ OPENSSL_sparcv9cap_P |= SPARCV9_VIS2;
+ OPENSSL_sparcv9cap_P &= ~SPARCV9_TICK_PRIVILEGED;
+ return;
+ }
+ }
+# ifdef M_KEEP
+ /*
+ * Solaris libdevinfo.so.1 is effectively incomatible with
+ * libmalloc.so.1. Specifically, if application is linked with
+ * -lmalloc, it crashes upon startup with SIGSEGV in
+ * free(3LIBMALLOC) called by di_fini. Prior call to
+ * mallopt(M_KEEP,0) somehow helps... But not always...
+ */
+ if ((h = dlopen(NULL, RTLD_LAZY))) {
+ union {
+ void *p;
+ int (*f) (int, int);
+ } sym;
+ if ((sym.p = dlsym(h, "mallopt")))
+ (*sym.f) (M_KEEP, 0);
+ dlclose(h);
+ }
+# endif
+ if ((h = dlopen("libdevinfo.so.1", RTLD_LAZY)))
+ do {
+ di_init_t di_init;
+ di_fini_t di_fini;
+ di_walk_node_t di_walk_node;
+ di_node_name_t di_node_name;
+ di_node_t root_node;
+
+ if (!DLLINK(h, di_init))
+ break;
+ if (!DLLINK(h, di_fini))
+ break;
+ if (!DLLINK(h, di_walk_node))
+ break;
+ if (!DLLINK(h, di_node_name))
+ break;
+
+ if ((root_node = (*di_init) ("/", DINFOSUBTREE)) != DI_NODE_NIL) {
+ (*di_walk_node) (root_node, DI_WALK_SIBFIRST,
+ di_node_name, walk_nodename);
+ (*di_fini) (root_node);
+ }
+ } while (0);
+
+ if (h)
+ dlclose(h);
+}
+
+#else
+
+static sigjmp_buf common_jmp;
+static void common_handler(int sig)
+{
+ siglongjmp(common_jmp, sig);
+}
+
+void OPENSSL_cpuid_setup(void)
+{
+ char *e;
+ struct sigaction common_act, ill_oact, bus_oact;
+ sigset_t all_masked, oset;
+ static int trigger = 0;
+
+ if (trigger)
+ return;
+ trigger = 1;
+
+ if ((e = getenv("OPENSSL_sparcv9cap"))) {
+ OPENSSL_sparcv9cap_P = strtoul(e, NULL, 0);
+ return;
+ }
+
+ /* Initial value, fits UltraSPARC-I&II... */
+ OPENSSL_sparcv9cap_P = SPARCV9_PREFER_FPU | SPARCV9_TICK_PRIVILEGED;
+
+ sigfillset(&all_masked);
+ sigdelset(&all_masked, SIGILL);
+ sigdelset(&all_masked, SIGTRAP);
+# ifdef SIGEMT
+ sigdelset(&all_masked, SIGEMT);
+# endif
+ sigdelset(&all_masked, SIGFPE);
+ sigdelset(&all_masked, SIGBUS);
+ sigdelset(&all_masked, SIGSEGV);
+ sigprocmask(SIG_SETMASK, &all_masked, &oset);
+
+ memset(&common_act, 0, sizeof(common_act));
+ common_act.sa_handler = common_handler;
+ common_act.sa_mask = all_masked;
+
+ sigaction(SIGILL, &common_act, &ill_oact);
+ sigaction(SIGBUS, &common_act, &bus_oact); /* T1 fails 16-bit ldda [on
+ * Linux] */
+
+ if (sigsetjmp(common_jmp, 1) == 0) {
+ _sparcv9_rdtick();
+ OPENSSL_sparcv9cap_P &= ~SPARCV9_TICK_PRIVILEGED;
+ }
+
+ if (sigsetjmp(common_jmp, 1) == 0) {
+ _sparcv9_vis1_probe();
+ OPENSSL_sparcv9cap_P |= SPARCV9_VIS1;
+ /* detect UltraSPARC-Tx, see sparccpud.S for details... */
+ if (_sparcv9_vis1_instrument() >= 12)
+ OPENSSL_sparcv9cap_P &= ~(SPARCV9_VIS1 | SPARCV9_PREFER_FPU);
+ else {
+ _sparcv9_vis2_probe();
+ OPENSSL_sparcv9cap_P |= SPARCV9_VIS2;
+ }
+ }
+
+ if (sigsetjmp(common_jmp, 1) == 0) {
+ _sparcv9_fmadd_probe();
+ OPENSSL_sparcv9cap_P |= SPARCV9_FMADD;
+ }
+
+ sigaction(SIGBUS, &bus_oact, NULL);
+ sigaction(SIGILL, &ill_oact, NULL);
+
+ sigprocmask(SIG_SETMASK, &oset, NULL);
+}
+
+#endif
Modified: trunk/crypto/openssl/crypto/stack/Makefile
===================================================================
--- trunk/crypto/openssl/crypto/stack/Makefile 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/stack/Makefile 2015-07-21 23:23:45 UTC (rev 7118)
@@ -33,7 +33,7 @@
all: lib
lib: $(LIBOBJ)
- $(ARX) $(LIB) $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
@@ -61,6 +61,8 @@
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
+update: depend
+
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
Modified: trunk/crypto/openssl/crypto/stack/safestack.h
===================================================================
--- trunk/crypto/openssl/crypto/stack/safestack.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/stack/safestack.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -57,173 +57,159 @@
# include <openssl/stack.h>
-# ifdef DEBUG_SAFESTACK
+#ifdef __cplusplus
+extern "C" {
+#endif
-# ifndef CHECKED_PTR_OF
-# define CHECKED_PTR_OF(type, p) \
+# ifndef CHECKED_PTR_OF
+# define CHECKED_PTR_OF(type, p) \
((void*) (1 ? p : (type*)0))
-# endif
+# endif
-# define CHECKED_SK_FREE_FUNC(type, p) \
+/*
+ * In C++ we get problems because an explicit cast is needed from (void *) we
+ * use CHECKED_STACK_OF to ensure the correct type is passed in the macros
+ * below.
+ */
+
+# define CHECKED_STACK_OF(type, p) \
+ ((_STACK*) (1 ? p : (STACK_OF(type)*)0))
+
+# define CHECKED_SK_FREE_FUNC(type, p) \
((void (*)(void *)) ((1 ? p : (void (*)(type *))0)))
-# define CHECKED_SK_CMP_FUNC(type, p) \
- ((int (*)(const char * const *, const char * const *)) \
+# define CHECKED_SK_FREE_FUNC2(type, p) \
+ ((void (*)(void *)) ((1 ? p : (void (*)(type))0)))
+
+# define CHECKED_SK_CMP_FUNC(type, p) \
+ ((int (*)(const void *, const void *)) \
((1 ? p : (int (*)(const type * const *, const type * const *))0)))
-# define STACK_OF(type) struct stack_st_##type
-# define PREDECLARE_STACK_OF(type) STACK_OF(type);
+# define STACK_OF(type) struct stack_st_##type
+# define PREDECLARE_STACK_OF(type) STACK_OF(type);
-# define DECLARE_STACK_OF(type) \
+# define DECLARE_STACK_OF(type) \
STACK_OF(type) \
{ \
- STACK stack; \
+ _STACK stack; \
};
+# define DECLARE_SPECIAL_STACK_OF(type, type2) \
+STACK_OF(type) \
+ { \
+ _STACK stack; \
+ };
/* nada (obsolete in new safestack approach)*/
-# define IMPLEMENT_STACK_OF(type)
+# define IMPLEMENT_STACK_OF(type)
+/*-
+ * Strings are special: normally an lhash entry will point to a single
+ * (somewhat) mutable object. In the case of strings:
+ *
+ * a) Instead of a single char, there is an array of chars, NUL-terminated.
+ * b) The string may have be immutable.
+ *
+ * So, they need their own declarations. Especially important for
+ * type-checking tools, such as Deputy.
+ *
+ * In practice, however, it appears to be hard to have a const
+ * string. For now, I'm settling for dealing with the fact it is a
+ * string at all.
+ */
+typedef char *OPENSSL_STRING;
+
+typedef const char *OPENSSL_CSTRING;
+
/*
+ * Confusingly, LHASH_OF(STRING) deals with char ** throughout, but
+ * STACK_OF(STRING) is really more like STACK_OF(char), only, as mentioned
+ * above, instead of a single char each entry is a NUL-terminated array of
+ * chars. So, we have to implement STRING specially for STACK_OF. This is
+ * dealt with in the autogenerated macros below.
+ */
+
+DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char)
+
+/*
+ * Similarly, we sometimes use a block of characters, NOT nul-terminated.
+ * These should also be distinguished from "normal" stacks.
+ */
+typedef void *OPENSSL_BLOCK;
+DECLARE_SPECIAL_STACK_OF(OPENSSL_BLOCK, void)
+
+/*
* SKM_sk_... stack macros are internal to safestack.h: never use them
* directly, use sk_<type>_... instead
*/
-# define SKM_sk_new(type, cmp) \
+# define SKM_sk_new(type, cmp) \
((STACK_OF(type) *)sk_new(CHECKED_SK_CMP_FUNC(type, cmp)))
-# define SKM_sk_new_null(type) \
+# define SKM_sk_new_null(type) \
((STACK_OF(type) *)sk_new_null())
-# define SKM_sk_free(type, st) \
- sk_free(CHECKED_PTR_OF(STACK_OF(type), st))
-# define SKM_sk_num(type, st) \
- sk_num(CHECKED_PTR_OF(STACK_OF(type), st))
-# define SKM_sk_value(type, st,i) \
- ((type *)sk_value(CHECKED_PTR_OF(STACK_OF(type), st), i))
-# define SKM_sk_set(type, st,i,val) \
- sk_set(CHECKED_PTR_OF(STACK_OF(type), st), i, CHECKED_PTR_OF(type, val))
-# define SKM_sk_zero(type, st) \
- sk_zero(CHECKED_PTR_OF(STACK_OF(type), st))
-# define SKM_sk_push(type, st,val) \
- sk_push(CHECKED_PTR_OF(STACK_OF(type), st), CHECKED_PTR_OF(type, val))
-# define SKM_sk_unshift(type, st,val) \
- sk_unshift(CHECKED_PTR_OF(STACK_OF(type), st), CHECKED_PTR_OF(type, val))
-# define SKM_sk_find(type, st,val) \
- sk_find(CHECKED_PTR_OF(STACK_OF(type), st), CHECKED_PTR_OF(type, val))
-# define SKM_sk_delete(type, st,i) \
- (type *)sk_delete(CHECKED_PTR_OF(STACK_OF(type), st), i)
-# define SKM_sk_delete_ptr(type, st,ptr) \
- (type *)sk_delete_ptr(CHECKED_PTR_OF(STACK_OF(type), st), CHECKED_PTR_OF(type, ptr))
-# define SKM_sk_insert(type, st,val,i) \
- sk_insert(CHECKED_PTR_OF(STACK_OF(type), st), CHECKED_PTR_OF(type, val), i)
-# define SKM_sk_set_cmp_func(type, st,cmp) \
+# define SKM_sk_free(type, st) \
+ sk_free(CHECKED_STACK_OF(type, st))
+# define SKM_sk_num(type, st) \
+ sk_num(CHECKED_STACK_OF(type, st))
+# define SKM_sk_value(type, st,i) \
+ ((type *)sk_value(CHECKED_STACK_OF(type, st), i))
+# define SKM_sk_set(type, st,i,val) \
+ sk_set(CHECKED_STACK_OF(type, st), i, CHECKED_PTR_OF(type, val))
+# define SKM_sk_zero(type, st) \
+ sk_zero(CHECKED_STACK_OF(type, st))
+# define SKM_sk_push(type, st, val) \
+ sk_push(CHECKED_STACK_OF(type, st), CHECKED_PTR_OF(type, val))
+# define SKM_sk_unshift(type, st, val) \
+ sk_unshift(CHECKED_STACK_OF(type, st), CHECKED_PTR_OF(type, val))
+# define SKM_sk_find(type, st, val) \
+ sk_find(CHECKED_STACK_OF(type, st), CHECKED_PTR_OF(type, val))
+# define SKM_sk_find_ex(type, st, val) \
+ sk_find_ex(CHECKED_STACK_OF(type, st), \
+ CHECKED_PTR_OF(type, val))
+# define SKM_sk_delete(type, st, i) \
+ (type *)sk_delete(CHECKED_STACK_OF(type, st), i)
+# define SKM_sk_delete_ptr(type, st, ptr) \
+ (type *)sk_delete_ptr(CHECKED_STACK_OF(type, st), CHECKED_PTR_OF(type, ptr))
+# define SKM_sk_insert(type, st,val, i) \
+ sk_insert(CHECKED_STACK_OF(type, st), CHECKED_PTR_OF(type, val), i)
+# define SKM_sk_set_cmp_func(type, st, cmp) \
((int (*)(const type * const *,const type * const *)) \
- sk_set_cmp_func(CHECKED_PTR_OF(STACK_OF(type), st), CHECKED_SK_CMP_FUNC(type, cmp)))
-# define SKM_sk_dup(type, st) \
- (STACK_OF(type) *)sk_dup(CHECKED_PTR_OF(STACK_OF(type), st))
-# define SKM_sk_pop_free(type, st,free_func) \
- sk_pop_free(CHECKED_PTR_OF(STACK_OF(type), st), CHECKED_SK_FREE_FUNC(type, free_func))
-# define SKM_sk_shift(type, st) \
- (type *)sk_shift(CHECKED_PTR_OF(STACK_OF(type), st))
-# define SKM_sk_pop(type, st) \
- (type *)sk_pop(CHECKED_PTR_OF(STACK_OF(type), st))
-# define SKM_sk_sort(type, st) \
- sk_sort(CHECKED_PTR_OF(STACK_OF(type), st))
-# define SKM_sk_is_sorted(type, st) \
- sk_is_sorted(CHECKED_PTR_OF(STACK_OF(type), st))
-
-# define SKM_ASN1_SET_OF_d2i(type, st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
- (STACK_OF(type) *)d2i_ASN1_SET(CHECKED_PTR_OF(STACK_OF(type)*, st), \
+ sk_set_cmp_func(CHECKED_STACK_OF(type, st), CHECKED_SK_CMP_FUNC(type, cmp)))
+# define SKM_sk_dup(type, st) \
+ (STACK_OF(type) *)sk_dup(CHECKED_STACK_OF(type, st))
+# define SKM_sk_pop_free(type, st, free_func) \
+ sk_pop_free(CHECKED_STACK_OF(type, st), CHECKED_SK_FREE_FUNC(type, free_func))
+# define SKM_sk_shift(type, st) \
+ (type *)sk_shift(CHECKED_STACK_OF(type, st))
+# define SKM_sk_pop(type, st) \
+ (type *)sk_pop(CHECKED_STACK_OF(type, st))
+# define SKM_sk_sort(type, st) \
+ sk_sort(CHECKED_STACK_OF(type, st))
+# define SKM_sk_is_sorted(type, st) \
+ sk_is_sorted(CHECKED_STACK_OF(type, st))
+# define SKM_ASN1_SET_OF_d2i(type, st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
+ (STACK_OF(type) *)d2i_ASN1_SET( \
+ (STACK_OF(OPENSSL_BLOCK) **)CHECKED_PTR_OF(STACK_OF(type)*, st), \
pp, length, \
CHECKED_D2I_OF(type, d2i_func), \
CHECKED_SK_FREE_FUNC(type, free_func), \
ex_tag, ex_class)
-
-# define SKM_ASN1_SET_OF_i2d(type, st, pp, i2d_func, ex_tag, ex_class, is_set) \
- i2d_ASN1_SET(CHECKED_PTR_OF(STACK_OF(type), st), pp, \
+# define SKM_ASN1_SET_OF_i2d(type, st, pp, i2d_func, ex_tag, ex_class, is_set) \
+ i2d_ASN1_SET((STACK_OF(OPENSSL_BLOCK) *)CHECKED_STACK_OF(type, st), pp, \
CHECKED_I2D_OF(type, i2d_func), \
ex_tag, ex_class, is_set)
-
-# define SKM_ASN1_seq_pack(type, st, i2d_func, buf, len) \
+# define SKM_ASN1_seq_pack(type, st, i2d_func, buf, len) \
ASN1_seq_pack(CHECKED_PTR_OF(STACK_OF(type), st), \
CHECKED_I2D_OF(type, i2d_func), buf, len)
-
-# define SKM_ASN1_seq_unpack(type, buf, len, d2i_func, free_func) \
+# define SKM_ASN1_seq_unpack(type, buf, len, d2i_func, free_func) \
(STACK_OF(type) *)ASN1_seq_unpack(buf, len, CHECKED_D2I_OF(type, d2i_func), CHECKED_SK_FREE_FUNC(type, free_func))
-
-# define SKM_PKCS12_decrypt_d2i(type, algor, d2i_func, free_func, pass, passlen, oct, seq) \
+# define SKM_PKCS12_decrypt_d2i(type, algor, d2i_func, free_func, pass, passlen, oct, seq) \
(STACK_OF(type) *)PKCS12_decrypt_d2i(algor, \
CHECKED_D2I_OF(type, d2i_func), \
CHECKED_SK_FREE_FUNC(type, free_func), \
pass, passlen, oct, seq)
-
-# else
-
-# define STACK_OF(type) STACK
-# define PREDECLARE_STACK_OF(type)
- /* nada */
-# define DECLARE_STACK_OF(type)/* nada */
-# define IMPLEMENT_STACK_OF(type)
- /* nada */
-
-# define SKM_sk_new(type, cmp) \
- sk_new((int (*)(const char * const *, const char * const *))(cmp))
-# define SKM_sk_new_null(type) \
- sk_new_null()
-# define SKM_sk_free(type, st) \
- sk_free(st)
-# define SKM_sk_num(type, st) \
- sk_num(st)
-# define SKM_sk_value(type, st,i) \
- ((type *)sk_value(st, i))
-# define SKM_sk_set(type, st,i,val) \
- ((type *)sk_set(st, i,(char *)val))
-# define SKM_sk_zero(type, st) \
- sk_zero(st)
-# define SKM_sk_push(type, st,val) \
- sk_push(st, (char *)val)
-# define SKM_sk_unshift(type, st,val) \
- sk_unshift(st, (char *)val)
-# define SKM_sk_find(type, st,val) \
- sk_find(st, (char *)val)
-# define SKM_sk_delete(type, st,i) \
- ((type *)sk_delete(st, i))
-# define SKM_sk_delete_ptr(type, st,ptr) \
- ((type *)sk_delete_ptr(st,(char *)ptr))
-# define SKM_sk_insert(type, st,val,i) \
- sk_insert(st, (char *)val, i)
-# define SKM_sk_set_cmp_func(type, st,cmp) \
- ((int (*)(const type * const *,const type * const *)) \
- sk_set_cmp_func(st, (int (*)(const char * const *, const char * const *))(cmp)))
-# define SKM_sk_dup(type, st) \
- sk_dup(st)
-# define SKM_sk_pop_free(type, st,free_func) \
- sk_pop_free(st, (void (*)(void *))free_func)
-# define SKM_sk_shift(type, st) \
- ((type *)sk_shift(st))
-# define SKM_sk_pop(type, st) \
- ((type *)sk_pop(st))
-# define SKM_sk_sort(type, st) \
- sk_sort(st)
-# define SKM_sk_is_sorted(type, st) \
- sk_is_sorted(st)
-
-# define SKM_ASN1_SET_OF_d2i(type, st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
- d2i_ASN1_SET(st,pp,length, (void *(*)(void ** ,const unsigned char ** ,long))d2i_func, (void (*)(void *))free_func, ex_tag,ex_class)
-# define SKM_ASN1_SET_OF_i2d(type, st, pp, i2d_func, ex_tag, ex_class, is_set) \
- i2d_ASN1_SET(st,pp,(int (*)(void *, unsigned char **))i2d_func,ex_tag,ex_class,is_set)
-
-# define SKM_ASN1_seq_pack(type, st, i2d_func, buf, len) \
- ASN1_seq_pack(st, (int (*)(void *, unsigned char **))i2d_func, buf, len)
-# define SKM_ASN1_seq_unpack(type, buf, len, d2i_func, free_func) \
- ASN1_seq_unpack(buf,len,(void *(*)(void **,const unsigned char **,long))d2i_func, (void(*)(void *))free_func)
-
-# define SKM_PKCS12_decrypt_d2i(type, algor, d2i_func, free_func, pass, passlen, oct, seq) \
- ((STACK *)PKCS12_decrypt_d2i(algor,(char *(*)())d2i_func, (void(*)(void *))free_func,pass,passlen,oct,seq))
-
-# endif
-
/*
* This block of defines is updated by util/mkstack.pl, please do not touch!
*/
-# define sk_ACCESS_DESCRIPTION_new(st) SKM_sk_new(ACCESS_DESCRIPTION, (st))
+# define sk_ACCESS_DESCRIPTION_new(cmp) SKM_sk_new(ACCESS_DESCRIPTION, (cmp))
# define sk_ACCESS_DESCRIPTION_new_null() SKM_sk_new_null(ACCESS_DESCRIPTION)
# define sk_ACCESS_DESCRIPTION_free(st) SKM_sk_free(ACCESS_DESCRIPTION, (st))
# define sk_ACCESS_DESCRIPTION_num(st) SKM_sk_num(ACCESS_DESCRIPTION, (st))
@@ -244,8 +230,7 @@
# define sk_ACCESS_DESCRIPTION_pop(st) SKM_sk_pop(ACCESS_DESCRIPTION, (st))
# define sk_ACCESS_DESCRIPTION_sort(st) SKM_sk_sort(ACCESS_DESCRIPTION, (st))
# define sk_ACCESS_DESCRIPTION_is_sorted(st) SKM_sk_is_sorted(ACCESS_DESCRIPTION, (st))
-
-# define sk_ASIdOrRange_new(st) SKM_sk_new(ASIdOrRange, (st))
+# define sk_ASIdOrRange_new(cmp) SKM_sk_new(ASIdOrRange, (cmp))
# define sk_ASIdOrRange_new_null() SKM_sk_new_null(ASIdOrRange)
# define sk_ASIdOrRange_free(st) SKM_sk_free(ASIdOrRange, (st))
# define sk_ASIdOrRange_num(st) SKM_sk_num(ASIdOrRange, (st))
@@ -266,8 +251,7 @@
# define sk_ASIdOrRange_pop(st) SKM_sk_pop(ASIdOrRange, (st))
# define sk_ASIdOrRange_sort(st) SKM_sk_sort(ASIdOrRange, (st))
# define sk_ASIdOrRange_is_sorted(st) SKM_sk_is_sorted(ASIdOrRange, (st))
-
-# define sk_ASN1_GENERALSTRING_new(st) SKM_sk_new(ASN1_GENERALSTRING, (st))
+# define sk_ASN1_GENERALSTRING_new(cmp) SKM_sk_new(ASN1_GENERALSTRING, (cmp))
# define sk_ASN1_GENERALSTRING_new_null() SKM_sk_new_null(ASN1_GENERALSTRING)
# define sk_ASN1_GENERALSTRING_free(st) SKM_sk_free(ASN1_GENERALSTRING, (st))
# define sk_ASN1_GENERALSTRING_num(st) SKM_sk_num(ASN1_GENERALSTRING, (st))
@@ -288,8 +272,7 @@
# define sk_ASN1_GENERALSTRING_pop(st) SKM_sk_pop(ASN1_GENERALSTRING, (st))
# define sk_ASN1_GENERALSTRING_sort(st) SKM_sk_sort(ASN1_GENERALSTRING, (st))
# define sk_ASN1_GENERALSTRING_is_sorted(st) SKM_sk_is_sorted(ASN1_GENERALSTRING, (st))
-
-# define sk_ASN1_INTEGER_new(st) SKM_sk_new(ASN1_INTEGER, (st))
+# define sk_ASN1_INTEGER_new(cmp) SKM_sk_new(ASN1_INTEGER, (cmp))
# define sk_ASN1_INTEGER_new_null() SKM_sk_new_null(ASN1_INTEGER)
# define sk_ASN1_INTEGER_free(st) SKM_sk_free(ASN1_INTEGER, (st))
# define sk_ASN1_INTEGER_num(st) SKM_sk_num(ASN1_INTEGER, (st))
@@ -310,8 +293,7 @@
# define sk_ASN1_INTEGER_pop(st) SKM_sk_pop(ASN1_INTEGER, (st))
# define sk_ASN1_INTEGER_sort(st) SKM_sk_sort(ASN1_INTEGER, (st))
# define sk_ASN1_INTEGER_is_sorted(st) SKM_sk_is_sorted(ASN1_INTEGER, (st))
-
-# define sk_ASN1_OBJECT_new(st) SKM_sk_new(ASN1_OBJECT, (st))
+# define sk_ASN1_OBJECT_new(cmp) SKM_sk_new(ASN1_OBJECT, (cmp))
# define sk_ASN1_OBJECT_new_null() SKM_sk_new_null(ASN1_OBJECT)
# define sk_ASN1_OBJECT_free(st) SKM_sk_free(ASN1_OBJECT, (st))
# define sk_ASN1_OBJECT_num(st) SKM_sk_num(ASN1_OBJECT, (st))
@@ -332,8 +314,7 @@
# define sk_ASN1_OBJECT_pop(st) SKM_sk_pop(ASN1_OBJECT, (st))
# define sk_ASN1_OBJECT_sort(st) SKM_sk_sort(ASN1_OBJECT, (st))
# define sk_ASN1_OBJECT_is_sorted(st) SKM_sk_is_sorted(ASN1_OBJECT, (st))
-
-# define sk_ASN1_STRING_TABLE_new(st) SKM_sk_new(ASN1_STRING_TABLE, (st))
+# define sk_ASN1_STRING_TABLE_new(cmp) SKM_sk_new(ASN1_STRING_TABLE, (cmp))
# define sk_ASN1_STRING_TABLE_new_null() SKM_sk_new_null(ASN1_STRING_TABLE)
# define sk_ASN1_STRING_TABLE_free(st) SKM_sk_free(ASN1_STRING_TABLE, (st))
# define sk_ASN1_STRING_TABLE_num(st) SKM_sk_num(ASN1_STRING_TABLE, (st))
@@ -354,8 +335,7 @@
# define sk_ASN1_STRING_TABLE_pop(st) SKM_sk_pop(ASN1_STRING_TABLE, (st))
# define sk_ASN1_STRING_TABLE_sort(st) SKM_sk_sort(ASN1_STRING_TABLE, (st))
# define sk_ASN1_STRING_TABLE_is_sorted(st) SKM_sk_is_sorted(ASN1_STRING_TABLE, (st))
-
-# define sk_ASN1_TYPE_new(st) SKM_sk_new(ASN1_TYPE, (st))
+# define sk_ASN1_TYPE_new(cmp) SKM_sk_new(ASN1_TYPE, (cmp))
# define sk_ASN1_TYPE_new_null() SKM_sk_new_null(ASN1_TYPE)
# define sk_ASN1_TYPE_free(st) SKM_sk_free(ASN1_TYPE, (st))
# define sk_ASN1_TYPE_num(st) SKM_sk_num(ASN1_TYPE, (st))
@@ -376,8 +356,28 @@
# define sk_ASN1_TYPE_pop(st) SKM_sk_pop(ASN1_TYPE, (st))
# define sk_ASN1_TYPE_sort(st) SKM_sk_sort(ASN1_TYPE, (st))
# define sk_ASN1_TYPE_is_sorted(st) SKM_sk_is_sorted(ASN1_TYPE, (st))
-
-# define sk_ASN1_VALUE_new(st) SKM_sk_new(ASN1_VALUE, (st))
+# define sk_ASN1_UTF8STRING_new(cmp) SKM_sk_new(ASN1_UTF8STRING, (cmp))
+# define sk_ASN1_UTF8STRING_new_null() SKM_sk_new_null(ASN1_UTF8STRING)
+# define sk_ASN1_UTF8STRING_free(st) SKM_sk_free(ASN1_UTF8STRING, (st))
+# define sk_ASN1_UTF8STRING_num(st) SKM_sk_num(ASN1_UTF8STRING, (st))
+# define sk_ASN1_UTF8STRING_value(st, i) SKM_sk_value(ASN1_UTF8STRING, (st), (i))
+# define sk_ASN1_UTF8STRING_set(st, i, val) SKM_sk_set(ASN1_UTF8STRING, (st), (i), (val))
+# define sk_ASN1_UTF8STRING_zero(st) SKM_sk_zero(ASN1_UTF8STRING, (st))
+# define sk_ASN1_UTF8STRING_push(st, val) SKM_sk_push(ASN1_UTF8STRING, (st), (val))
+# define sk_ASN1_UTF8STRING_unshift(st, val) SKM_sk_unshift(ASN1_UTF8STRING, (st), (val))
+# define sk_ASN1_UTF8STRING_find(st, val) SKM_sk_find(ASN1_UTF8STRING, (st), (val))
+# define sk_ASN1_UTF8STRING_find_ex(st, val) SKM_sk_find_ex(ASN1_UTF8STRING, (st), (val))
+# define sk_ASN1_UTF8STRING_delete(st, i) SKM_sk_delete(ASN1_UTF8STRING, (st), (i))
+# define sk_ASN1_UTF8STRING_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_UTF8STRING, (st), (ptr))
+# define sk_ASN1_UTF8STRING_insert(st, val, i) SKM_sk_insert(ASN1_UTF8STRING, (st), (val), (i))
+# define sk_ASN1_UTF8STRING_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_UTF8STRING, (st), (cmp))
+# define sk_ASN1_UTF8STRING_dup(st) SKM_sk_dup(ASN1_UTF8STRING, st)
+# define sk_ASN1_UTF8STRING_pop_free(st, free_func) SKM_sk_pop_free(ASN1_UTF8STRING, (st), (free_func))
+# define sk_ASN1_UTF8STRING_shift(st) SKM_sk_shift(ASN1_UTF8STRING, (st))
+# define sk_ASN1_UTF8STRING_pop(st) SKM_sk_pop(ASN1_UTF8STRING, (st))
+# define sk_ASN1_UTF8STRING_sort(st) SKM_sk_sort(ASN1_UTF8STRING, (st))
+# define sk_ASN1_UTF8STRING_is_sorted(st) SKM_sk_is_sorted(ASN1_UTF8STRING, (st))
+# define sk_ASN1_VALUE_new(cmp) SKM_sk_new(ASN1_VALUE, (cmp))
# define sk_ASN1_VALUE_new_null() SKM_sk_new_null(ASN1_VALUE)
# define sk_ASN1_VALUE_free(st) SKM_sk_free(ASN1_VALUE, (st))
# define sk_ASN1_VALUE_num(st) SKM_sk_num(ASN1_VALUE, (st))
@@ -398,8 +398,7 @@
# define sk_ASN1_VALUE_pop(st) SKM_sk_pop(ASN1_VALUE, (st))
# define sk_ASN1_VALUE_sort(st) SKM_sk_sort(ASN1_VALUE, (st))
# define sk_ASN1_VALUE_is_sorted(st) SKM_sk_is_sorted(ASN1_VALUE, (st))
-
-# define sk_BIO_new(st) SKM_sk_new(BIO, (st))
+# define sk_BIO_new(cmp) SKM_sk_new(BIO, (cmp))
# define sk_BIO_new_null() SKM_sk_new_null(BIO)
# define sk_BIO_free(st) SKM_sk_free(BIO, (st))
# define sk_BIO_num(st) SKM_sk_num(BIO, (st))
@@ -420,8 +419,49 @@
# define sk_BIO_pop(st) SKM_sk_pop(BIO, (st))
# define sk_BIO_sort(st) SKM_sk_sort(BIO, (st))
# define sk_BIO_is_sorted(st) SKM_sk_is_sorted(BIO, (st))
-
-# define sk_CMS_CertificateChoices_new(st) SKM_sk_new(CMS_CertificateChoices, (st))
+# define sk_BY_DIR_ENTRY_new(cmp) SKM_sk_new(BY_DIR_ENTRY, (cmp))
+# define sk_BY_DIR_ENTRY_new_null() SKM_sk_new_null(BY_DIR_ENTRY)
+# define sk_BY_DIR_ENTRY_free(st) SKM_sk_free(BY_DIR_ENTRY, (st))
+# define sk_BY_DIR_ENTRY_num(st) SKM_sk_num(BY_DIR_ENTRY, (st))
+# define sk_BY_DIR_ENTRY_value(st, i) SKM_sk_value(BY_DIR_ENTRY, (st), (i))
+# define sk_BY_DIR_ENTRY_set(st, i, val) SKM_sk_set(BY_DIR_ENTRY, (st), (i), (val))
+# define sk_BY_DIR_ENTRY_zero(st) SKM_sk_zero(BY_DIR_ENTRY, (st))
+# define sk_BY_DIR_ENTRY_push(st, val) SKM_sk_push(BY_DIR_ENTRY, (st), (val))
+# define sk_BY_DIR_ENTRY_unshift(st, val) SKM_sk_unshift(BY_DIR_ENTRY, (st), (val))
+# define sk_BY_DIR_ENTRY_find(st, val) SKM_sk_find(BY_DIR_ENTRY, (st), (val))
+# define sk_BY_DIR_ENTRY_find_ex(st, val) SKM_sk_find_ex(BY_DIR_ENTRY, (st), (val))
+# define sk_BY_DIR_ENTRY_delete(st, i) SKM_sk_delete(BY_DIR_ENTRY, (st), (i))
+# define sk_BY_DIR_ENTRY_delete_ptr(st, ptr) SKM_sk_delete_ptr(BY_DIR_ENTRY, (st), (ptr))
+# define sk_BY_DIR_ENTRY_insert(st, val, i) SKM_sk_insert(BY_DIR_ENTRY, (st), (val), (i))
+# define sk_BY_DIR_ENTRY_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(BY_DIR_ENTRY, (st), (cmp))
+# define sk_BY_DIR_ENTRY_dup(st) SKM_sk_dup(BY_DIR_ENTRY, st)
+# define sk_BY_DIR_ENTRY_pop_free(st, free_func) SKM_sk_pop_free(BY_DIR_ENTRY, (st), (free_func))
+# define sk_BY_DIR_ENTRY_shift(st) SKM_sk_shift(BY_DIR_ENTRY, (st))
+# define sk_BY_DIR_ENTRY_pop(st) SKM_sk_pop(BY_DIR_ENTRY, (st))
+# define sk_BY_DIR_ENTRY_sort(st) SKM_sk_sort(BY_DIR_ENTRY, (st))
+# define sk_BY_DIR_ENTRY_is_sorted(st) SKM_sk_is_sorted(BY_DIR_ENTRY, (st))
+# define sk_BY_DIR_HASH_new(cmp) SKM_sk_new(BY_DIR_HASH, (cmp))
+# define sk_BY_DIR_HASH_new_null() SKM_sk_new_null(BY_DIR_HASH)
+# define sk_BY_DIR_HASH_free(st) SKM_sk_free(BY_DIR_HASH, (st))
+# define sk_BY_DIR_HASH_num(st) SKM_sk_num(BY_DIR_HASH, (st))
+# define sk_BY_DIR_HASH_value(st, i) SKM_sk_value(BY_DIR_HASH, (st), (i))
+# define sk_BY_DIR_HASH_set(st, i, val) SKM_sk_set(BY_DIR_HASH, (st), (i), (val))
+# define sk_BY_DIR_HASH_zero(st) SKM_sk_zero(BY_DIR_HASH, (st))
+# define sk_BY_DIR_HASH_push(st, val) SKM_sk_push(BY_DIR_HASH, (st), (val))
+# define sk_BY_DIR_HASH_unshift(st, val) SKM_sk_unshift(BY_DIR_HASH, (st), (val))
+# define sk_BY_DIR_HASH_find(st, val) SKM_sk_find(BY_DIR_HASH, (st), (val))
+# define sk_BY_DIR_HASH_find_ex(st, val) SKM_sk_find_ex(BY_DIR_HASH, (st), (val))
+# define sk_BY_DIR_HASH_delete(st, i) SKM_sk_delete(BY_DIR_HASH, (st), (i))
+# define sk_BY_DIR_HASH_delete_ptr(st, ptr) SKM_sk_delete_ptr(BY_DIR_HASH, (st), (ptr))
+# define sk_BY_DIR_HASH_insert(st, val, i) SKM_sk_insert(BY_DIR_HASH, (st), (val), (i))
+# define sk_BY_DIR_HASH_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(BY_DIR_HASH, (st), (cmp))
+# define sk_BY_DIR_HASH_dup(st) SKM_sk_dup(BY_DIR_HASH, st)
+# define sk_BY_DIR_HASH_pop_free(st, free_func) SKM_sk_pop_free(BY_DIR_HASH, (st), (free_func))
+# define sk_BY_DIR_HASH_shift(st) SKM_sk_shift(BY_DIR_HASH, (st))
+# define sk_BY_DIR_HASH_pop(st) SKM_sk_pop(BY_DIR_HASH, (st))
+# define sk_BY_DIR_HASH_sort(st) SKM_sk_sort(BY_DIR_HASH, (st))
+# define sk_BY_DIR_HASH_is_sorted(st) SKM_sk_is_sorted(BY_DIR_HASH, (st))
+# define sk_CMS_CertificateChoices_new(cmp) SKM_sk_new(CMS_CertificateChoices, (cmp))
# define sk_CMS_CertificateChoices_new_null() SKM_sk_new_null(CMS_CertificateChoices)
# define sk_CMS_CertificateChoices_free(st) SKM_sk_free(CMS_CertificateChoices, (st))
# define sk_CMS_CertificateChoices_num(st) SKM_sk_num(CMS_CertificateChoices, (st))
@@ -442,8 +482,7 @@
# define sk_CMS_CertificateChoices_pop(st) SKM_sk_pop(CMS_CertificateChoices, (st))
# define sk_CMS_CertificateChoices_sort(st) SKM_sk_sort(CMS_CertificateChoices, (st))
# define sk_CMS_CertificateChoices_is_sorted(st) SKM_sk_is_sorted(CMS_CertificateChoices, (st))
-
-# define sk_CMS_RecipientInfo_new(st) SKM_sk_new(CMS_RecipientInfo, (st))
+# define sk_CMS_RecipientInfo_new(cmp) SKM_sk_new(CMS_RecipientInfo, (cmp))
# define sk_CMS_RecipientInfo_new_null() SKM_sk_new_null(CMS_RecipientInfo)
# define sk_CMS_RecipientInfo_free(st) SKM_sk_free(CMS_RecipientInfo, (st))
# define sk_CMS_RecipientInfo_num(st) SKM_sk_num(CMS_RecipientInfo, (st))
@@ -464,8 +503,7 @@
# define sk_CMS_RecipientInfo_pop(st) SKM_sk_pop(CMS_RecipientInfo, (st))
# define sk_CMS_RecipientInfo_sort(st) SKM_sk_sort(CMS_RecipientInfo, (st))
# define sk_CMS_RecipientInfo_is_sorted(st) SKM_sk_is_sorted(CMS_RecipientInfo, (st))
-
-# define sk_CMS_RevocationInfoChoice_new(st) SKM_sk_new(CMS_RevocationInfoChoice, (st))
+# define sk_CMS_RevocationInfoChoice_new(cmp) SKM_sk_new(CMS_RevocationInfoChoice, (cmp))
# define sk_CMS_RevocationInfoChoice_new_null() SKM_sk_new_null(CMS_RevocationInfoChoice)
# define sk_CMS_RevocationInfoChoice_free(st) SKM_sk_free(CMS_RevocationInfoChoice, (st))
# define sk_CMS_RevocationInfoChoice_num(st) SKM_sk_num(CMS_RevocationInfoChoice, (st))
@@ -486,8 +524,7 @@
# define sk_CMS_RevocationInfoChoice_pop(st) SKM_sk_pop(CMS_RevocationInfoChoice, (st))
# define sk_CMS_RevocationInfoChoice_sort(st) SKM_sk_sort(CMS_RevocationInfoChoice, (st))
# define sk_CMS_RevocationInfoChoice_is_sorted(st) SKM_sk_is_sorted(CMS_RevocationInfoChoice, (st))
-
-# define sk_CMS_SignerInfo_new(st) SKM_sk_new(CMS_SignerInfo, (st))
+# define sk_CMS_SignerInfo_new(cmp) SKM_sk_new(CMS_SignerInfo, (cmp))
# define sk_CMS_SignerInfo_new_null() SKM_sk_new_null(CMS_SignerInfo)
# define sk_CMS_SignerInfo_free(st) SKM_sk_free(CMS_SignerInfo, (st))
# define sk_CMS_SignerInfo_num(st) SKM_sk_num(CMS_SignerInfo, (st))
@@ -508,8 +545,7 @@
# define sk_CMS_SignerInfo_pop(st) SKM_sk_pop(CMS_SignerInfo, (st))
# define sk_CMS_SignerInfo_sort(st) SKM_sk_sort(CMS_SignerInfo, (st))
# define sk_CMS_SignerInfo_is_sorted(st) SKM_sk_is_sorted(CMS_SignerInfo, (st))
-
-# define sk_CONF_IMODULE_new(st) SKM_sk_new(CONF_IMODULE, (st))
+# define sk_CONF_IMODULE_new(cmp) SKM_sk_new(CONF_IMODULE, (cmp))
# define sk_CONF_IMODULE_new_null() SKM_sk_new_null(CONF_IMODULE)
# define sk_CONF_IMODULE_free(st) SKM_sk_free(CONF_IMODULE, (st))
# define sk_CONF_IMODULE_num(st) SKM_sk_num(CONF_IMODULE, (st))
@@ -530,8 +566,7 @@
# define sk_CONF_IMODULE_pop(st) SKM_sk_pop(CONF_IMODULE, (st))
# define sk_CONF_IMODULE_sort(st) SKM_sk_sort(CONF_IMODULE, (st))
# define sk_CONF_IMODULE_is_sorted(st) SKM_sk_is_sorted(CONF_IMODULE, (st))
-
-# define sk_CONF_MODULE_new(st) SKM_sk_new(CONF_MODULE, (st))
+# define sk_CONF_MODULE_new(cmp) SKM_sk_new(CONF_MODULE, (cmp))
# define sk_CONF_MODULE_new_null() SKM_sk_new_null(CONF_MODULE)
# define sk_CONF_MODULE_free(st) SKM_sk_free(CONF_MODULE, (st))
# define sk_CONF_MODULE_num(st) SKM_sk_num(CONF_MODULE, (st))
@@ -552,8 +587,7 @@
# define sk_CONF_MODULE_pop(st) SKM_sk_pop(CONF_MODULE, (st))
# define sk_CONF_MODULE_sort(st) SKM_sk_sort(CONF_MODULE, (st))
# define sk_CONF_MODULE_is_sorted(st) SKM_sk_is_sorted(CONF_MODULE, (st))
-
-# define sk_CONF_VALUE_new(st) SKM_sk_new(CONF_VALUE, (st))
+# define sk_CONF_VALUE_new(cmp) SKM_sk_new(CONF_VALUE, (cmp))
# define sk_CONF_VALUE_new_null() SKM_sk_new_null(CONF_VALUE)
# define sk_CONF_VALUE_free(st) SKM_sk_free(CONF_VALUE, (st))
# define sk_CONF_VALUE_num(st) SKM_sk_num(CONF_VALUE, (st))
@@ -574,8 +608,7 @@
# define sk_CONF_VALUE_pop(st) SKM_sk_pop(CONF_VALUE, (st))
# define sk_CONF_VALUE_sort(st) SKM_sk_sort(CONF_VALUE, (st))
# define sk_CONF_VALUE_is_sorted(st) SKM_sk_is_sorted(CONF_VALUE, (st))
-
-# define sk_CRYPTO_EX_DATA_FUNCS_new(st) SKM_sk_new(CRYPTO_EX_DATA_FUNCS, (st))
+# define sk_CRYPTO_EX_DATA_FUNCS_new(cmp) SKM_sk_new(CRYPTO_EX_DATA_FUNCS, (cmp))
# define sk_CRYPTO_EX_DATA_FUNCS_new_null() SKM_sk_new_null(CRYPTO_EX_DATA_FUNCS)
# define sk_CRYPTO_EX_DATA_FUNCS_free(st) SKM_sk_free(CRYPTO_EX_DATA_FUNCS, (st))
# define sk_CRYPTO_EX_DATA_FUNCS_num(st) SKM_sk_num(CRYPTO_EX_DATA_FUNCS, (st))
@@ -596,8 +629,7 @@
# define sk_CRYPTO_EX_DATA_FUNCS_pop(st) SKM_sk_pop(CRYPTO_EX_DATA_FUNCS, (st))
# define sk_CRYPTO_EX_DATA_FUNCS_sort(st) SKM_sk_sort(CRYPTO_EX_DATA_FUNCS, (st))
# define sk_CRYPTO_EX_DATA_FUNCS_is_sorted(st) SKM_sk_is_sorted(CRYPTO_EX_DATA_FUNCS, (st))
-
-# define sk_CRYPTO_dynlock_new(st) SKM_sk_new(CRYPTO_dynlock, (st))
+# define sk_CRYPTO_dynlock_new(cmp) SKM_sk_new(CRYPTO_dynlock, (cmp))
# define sk_CRYPTO_dynlock_new_null() SKM_sk_new_null(CRYPTO_dynlock)
# define sk_CRYPTO_dynlock_free(st) SKM_sk_free(CRYPTO_dynlock, (st))
# define sk_CRYPTO_dynlock_num(st) SKM_sk_num(CRYPTO_dynlock, (st))
@@ -618,8 +650,7 @@
# define sk_CRYPTO_dynlock_pop(st) SKM_sk_pop(CRYPTO_dynlock, (st))
# define sk_CRYPTO_dynlock_sort(st) SKM_sk_sort(CRYPTO_dynlock, (st))
# define sk_CRYPTO_dynlock_is_sorted(st) SKM_sk_is_sorted(CRYPTO_dynlock, (st))
-
-# define sk_DIST_POINT_new(st) SKM_sk_new(DIST_POINT, (st))
+# define sk_DIST_POINT_new(cmp) SKM_sk_new(DIST_POINT, (cmp))
# define sk_DIST_POINT_new_null() SKM_sk_new_null(DIST_POINT)
# define sk_DIST_POINT_free(st) SKM_sk_free(DIST_POINT, (st))
# define sk_DIST_POINT_num(st) SKM_sk_num(DIST_POINT, (st))
@@ -640,8 +671,7 @@
# define sk_DIST_POINT_pop(st) SKM_sk_pop(DIST_POINT, (st))
# define sk_DIST_POINT_sort(st) SKM_sk_sort(DIST_POINT, (st))
# define sk_DIST_POINT_is_sorted(st) SKM_sk_is_sorted(DIST_POINT, (st))
-
-# define sk_ENGINE_new(st) SKM_sk_new(ENGINE, (st))
+# define sk_ENGINE_new(cmp) SKM_sk_new(ENGINE, (cmp))
# define sk_ENGINE_new_null() SKM_sk_new_null(ENGINE)
# define sk_ENGINE_free(st) SKM_sk_free(ENGINE, (st))
# define sk_ENGINE_num(st) SKM_sk_num(ENGINE, (st))
@@ -662,8 +692,7 @@
# define sk_ENGINE_pop(st) SKM_sk_pop(ENGINE, (st))
# define sk_ENGINE_sort(st) SKM_sk_sort(ENGINE, (st))
# define sk_ENGINE_is_sorted(st) SKM_sk_is_sorted(ENGINE, (st))
-
-# define sk_ENGINE_CLEANUP_ITEM_new(st) SKM_sk_new(ENGINE_CLEANUP_ITEM, (st))
+# define sk_ENGINE_CLEANUP_ITEM_new(cmp) SKM_sk_new(ENGINE_CLEANUP_ITEM, (cmp))
# define sk_ENGINE_CLEANUP_ITEM_new_null() SKM_sk_new_null(ENGINE_CLEANUP_ITEM)
# define sk_ENGINE_CLEANUP_ITEM_free(st) SKM_sk_free(ENGINE_CLEANUP_ITEM, (st))
# define sk_ENGINE_CLEANUP_ITEM_num(st) SKM_sk_num(ENGINE_CLEANUP_ITEM, (st))
@@ -684,8 +713,112 @@
# define sk_ENGINE_CLEANUP_ITEM_pop(st) SKM_sk_pop(ENGINE_CLEANUP_ITEM, (st))
# define sk_ENGINE_CLEANUP_ITEM_sort(st) SKM_sk_sort(ENGINE_CLEANUP_ITEM, (st))
# define sk_ENGINE_CLEANUP_ITEM_is_sorted(st) SKM_sk_is_sorted(ENGINE_CLEANUP_ITEM, (st))
-
-# define sk_GENERAL_NAME_new(st) SKM_sk_new(GENERAL_NAME, (st))
+# define sk_ESS_CERT_ID_new(cmp) SKM_sk_new(ESS_CERT_ID, (cmp))
+# define sk_ESS_CERT_ID_new_null() SKM_sk_new_null(ESS_CERT_ID)
+# define sk_ESS_CERT_ID_free(st) SKM_sk_free(ESS_CERT_ID, (st))
+# define sk_ESS_CERT_ID_num(st) SKM_sk_num(ESS_CERT_ID, (st))
+# define sk_ESS_CERT_ID_value(st, i) SKM_sk_value(ESS_CERT_ID, (st), (i))
+# define sk_ESS_CERT_ID_set(st, i, val) SKM_sk_set(ESS_CERT_ID, (st), (i), (val))
+# define sk_ESS_CERT_ID_zero(st) SKM_sk_zero(ESS_CERT_ID, (st))
+# define sk_ESS_CERT_ID_push(st, val) SKM_sk_push(ESS_CERT_ID, (st), (val))
+# define sk_ESS_CERT_ID_unshift(st, val) SKM_sk_unshift(ESS_CERT_ID, (st), (val))
+# define sk_ESS_CERT_ID_find(st, val) SKM_sk_find(ESS_CERT_ID, (st), (val))
+# define sk_ESS_CERT_ID_find_ex(st, val) SKM_sk_find_ex(ESS_CERT_ID, (st), (val))
+# define sk_ESS_CERT_ID_delete(st, i) SKM_sk_delete(ESS_CERT_ID, (st), (i))
+# define sk_ESS_CERT_ID_delete_ptr(st, ptr) SKM_sk_delete_ptr(ESS_CERT_ID, (st), (ptr))
+# define sk_ESS_CERT_ID_insert(st, val, i) SKM_sk_insert(ESS_CERT_ID, (st), (val), (i))
+# define sk_ESS_CERT_ID_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ESS_CERT_ID, (st), (cmp))
+# define sk_ESS_CERT_ID_dup(st) SKM_sk_dup(ESS_CERT_ID, st)
+# define sk_ESS_CERT_ID_pop_free(st, free_func) SKM_sk_pop_free(ESS_CERT_ID, (st), (free_func))
+# define sk_ESS_CERT_ID_shift(st) SKM_sk_shift(ESS_CERT_ID, (st))
+# define sk_ESS_CERT_ID_pop(st) SKM_sk_pop(ESS_CERT_ID, (st))
+# define sk_ESS_CERT_ID_sort(st) SKM_sk_sort(ESS_CERT_ID, (st))
+# define sk_ESS_CERT_ID_is_sorted(st) SKM_sk_is_sorted(ESS_CERT_ID, (st))
+# define sk_EVP_MD_new(cmp) SKM_sk_new(EVP_MD, (cmp))
+# define sk_EVP_MD_new_null() SKM_sk_new_null(EVP_MD)
+# define sk_EVP_MD_free(st) SKM_sk_free(EVP_MD, (st))
+# define sk_EVP_MD_num(st) SKM_sk_num(EVP_MD, (st))
+# define sk_EVP_MD_value(st, i) SKM_sk_value(EVP_MD, (st), (i))
+# define sk_EVP_MD_set(st, i, val) SKM_sk_set(EVP_MD, (st), (i), (val))
+# define sk_EVP_MD_zero(st) SKM_sk_zero(EVP_MD, (st))
+# define sk_EVP_MD_push(st, val) SKM_sk_push(EVP_MD, (st), (val))
+# define sk_EVP_MD_unshift(st, val) SKM_sk_unshift(EVP_MD, (st), (val))
+# define sk_EVP_MD_find(st, val) SKM_sk_find(EVP_MD, (st), (val))
+# define sk_EVP_MD_find_ex(st, val) SKM_sk_find_ex(EVP_MD, (st), (val))
+# define sk_EVP_MD_delete(st, i) SKM_sk_delete(EVP_MD, (st), (i))
+# define sk_EVP_MD_delete_ptr(st, ptr) SKM_sk_delete_ptr(EVP_MD, (st), (ptr))
+# define sk_EVP_MD_insert(st, val, i) SKM_sk_insert(EVP_MD, (st), (val), (i))
+# define sk_EVP_MD_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(EVP_MD, (st), (cmp))
+# define sk_EVP_MD_dup(st) SKM_sk_dup(EVP_MD, st)
+# define sk_EVP_MD_pop_free(st, free_func) SKM_sk_pop_free(EVP_MD, (st), (free_func))
+# define sk_EVP_MD_shift(st) SKM_sk_shift(EVP_MD, (st))
+# define sk_EVP_MD_pop(st) SKM_sk_pop(EVP_MD, (st))
+# define sk_EVP_MD_sort(st) SKM_sk_sort(EVP_MD, (st))
+# define sk_EVP_MD_is_sorted(st) SKM_sk_is_sorted(EVP_MD, (st))
+# define sk_EVP_PBE_CTL_new(cmp) SKM_sk_new(EVP_PBE_CTL, (cmp))
+# define sk_EVP_PBE_CTL_new_null() SKM_sk_new_null(EVP_PBE_CTL)
+# define sk_EVP_PBE_CTL_free(st) SKM_sk_free(EVP_PBE_CTL, (st))
+# define sk_EVP_PBE_CTL_num(st) SKM_sk_num(EVP_PBE_CTL, (st))
+# define sk_EVP_PBE_CTL_value(st, i) SKM_sk_value(EVP_PBE_CTL, (st), (i))
+# define sk_EVP_PBE_CTL_set(st, i, val) SKM_sk_set(EVP_PBE_CTL, (st), (i), (val))
+# define sk_EVP_PBE_CTL_zero(st) SKM_sk_zero(EVP_PBE_CTL, (st))
+# define sk_EVP_PBE_CTL_push(st, val) SKM_sk_push(EVP_PBE_CTL, (st), (val))
+# define sk_EVP_PBE_CTL_unshift(st, val) SKM_sk_unshift(EVP_PBE_CTL, (st), (val))
+# define sk_EVP_PBE_CTL_find(st, val) SKM_sk_find(EVP_PBE_CTL, (st), (val))
+# define sk_EVP_PBE_CTL_find_ex(st, val) SKM_sk_find_ex(EVP_PBE_CTL, (st), (val))
+# define sk_EVP_PBE_CTL_delete(st, i) SKM_sk_delete(EVP_PBE_CTL, (st), (i))
+# define sk_EVP_PBE_CTL_delete_ptr(st, ptr) SKM_sk_delete_ptr(EVP_PBE_CTL, (st), (ptr))
+# define sk_EVP_PBE_CTL_insert(st, val, i) SKM_sk_insert(EVP_PBE_CTL, (st), (val), (i))
+# define sk_EVP_PBE_CTL_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(EVP_PBE_CTL, (st), (cmp))
+# define sk_EVP_PBE_CTL_dup(st) SKM_sk_dup(EVP_PBE_CTL, st)
+# define sk_EVP_PBE_CTL_pop_free(st, free_func) SKM_sk_pop_free(EVP_PBE_CTL, (st), (free_func))
+# define sk_EVP_PBE_CTL_shift(st) SKM_sk_shift(EVP_PBE_CTL, (st))
+# define sk_EVP_PBE_CTL_pop(st) SKM_sk_pop(EVP_PBE_CTL, (st))
+# define sk_EVP_PBE_CTL_sort(st) SKM_sk_sort(EVP_PBE_CTL, (st))
+# define sk_EVP_PBE_CTL_is_sorted(st) SKM_sk_is_sorted(EVP_PBE_CTL, (st))
+# define sk_EVP_PKEY_ASN1_METHOD_new(cmp) SKM_sk_new(EVP_PKEY_ASN1_METHOD, (cmp))
+# define sk_EVP_PKEY_ASN1_METHOD_new_null() SKM_sk_new_null(EVP_PKEY_ASN1_METHOD)
+# define sk_EVP_PKEY_ASN1_METHOD_free(st) SKM_sk_free(EVP_PKEY_ASN1_METHOD, (st))
+# define sk_EVP_PKEY_ASN1_METHOD_num(st) SKM_sk_num(EVP_PKEY_ASN1_METHOD, (st))
+# define sk_EVP_PKEY_ASN1_METHOD_value(st, i) SKM_sk_value(EVP_PKEY_ASN1_METHOD, (st), (i))
+# define sk_EVP_PKEY_ASN1_METHOD_set(st, i, val) SKM_sk_set(EVP_PKEY_ASN1_METHOD, (st), (i), (val))
+# define sk_EVP_PKEY_ASN1_METHOD_zero(st) SKM_sk_zero(EVP_PKEY_ASN1_METHOD, (st))
+# define sk_EVP_PKEY_ASN1_METHOD_push(st, val) SKM_sk_push(EVP_PKEY_ASN1_METHOD, (st), (val))
+# define sk_EVP_PKEY_ASN1_METHOD_unshift(st, val) SKM_sk_unshift(EVP_PKEY_ASN1_METHOD, (st), (val))
+# define sk_EVP_PKEY_ASN1_METHOD_find(st, val) SKM_sk_find(EVP_PKEY_ASN1_METHOD, (st), (val))
+# define sk_EVP_PKEY_ASN1_METHOD_find_ex(st, val) SKM_sk_find_ex(EVP_PKEY_ASN1_METHOD, (st), (val))
+# define sk_EVP_PKEY_ASN1_METHOD_delete(st, i) SKM_sk_delete(EVP_PKEY_ASN1_METHOD, (st), (i))
+# define sk_EVP_PKEY_ASN1_METHOD_delete_ptr(st, ptr) SKM_sk_delete_ptr(EVP_PKEY_ASN1_METHOD, (st), (ptr))
+# define sk_EVP_PKEY_ASN1_METHOD_insert(st, val, i) SKM_sk_insert(EVP_PKEY_ASN1_METHOD, (st), (val), (i))
+# define sk_EVP_PKEY_ASN1_METHOD_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(EVP_PKEY_ASN1_METHOD, (st), (cmp))
+# define sk_EVP_PKEY_ASN1_METHOD_dup(st) SKM_sk_dup(EVP_PKEY_ASN1_METHOD, st)
+# define sk_EVP_PKEY_ASN1_METHOD_pop_free(st, free_func) SKM_sk_pop_free(EVP_PKEY_ASN1_METHOD, (st), (free_func))
+# define sk_EVP_PKEY_ASN1_METHOD_shift(st) SKM_sk_shift(EVP_PKEY_ASN1_METHOD, (st))
+# define sk_EVP_PKEY_ASN1_METHOD_pop(st) SKM_sk_pop(EVP_PKEY_ASN1_METHOD, (st))
+# define sk_EVP_PKEY_ASN1_METHOD_sort(st) SKM_sk_sort(EVP_PKEY_ASN1_METHOD, (st))
+# define sk_EVP_PKEY_ASN1_METHOD_is_sorted(st) SKM_sk_is_sorted(EVP_PKEY_ASN1_METHOD, (st))
+# define sk_EVP_PKEY_METHOD_new(cmp) SKM_sk_new(EVP_PKEY_METHOD, (cmp))
+# define sk_EVP_PKEY_METHOD_new_null() SKM_sk_new_null(EVP_PKEY_METHOD)
+# define sk_EVP_PKEY_METHOD_free(st) SKM_sk_free(EVP_PKEY_METHOD, (st))
+# define sk_EVP_PKEY_METHOD_num(st) SKM_sk_num(EVP_PKEY_METHOD, (st))
+# define sk_EVP_PKEY_METHOD_value(st, i) SKM_sk_value(EVP_PKEY_METHOD, (st), (i))
+# define sk_EVP_PKEY_METHOD_set(st, i, val) SKM_sk_set(EVP_PKEY_METHOD, (st), (i), (val))
+# define sk_EVP_PKEY_METHOD_zero(st) SKM_sk_zero(EVP_PKEY_METHOD, (st))
+# define sk_EVP_PKEY_METHOD_push(st, val) SKM_sk_push(EVP_PKEY_METHOD, (st), (val))
+# define sk_EVP_PKEY_METHOD_unshift(st, val) SKM_sk_unshift(EVP_PKEY_METHOD, (st), (val))
+# define sk_EVP_PKEY_METHOD_find(st, val) SKM_sk_find(EVP_PKEY_METHOD, (st), (val))
+# define sk_EVP_PKEY_METHOD_find_ex(st, val) SKM_sk_find_ex(EVP_PKEY_METHOD, (st), (val))
+# define sk_EVP_PKEY_METHOD_delete(st, i) SKM_sk_delete(EVP_PKEY_METHOD, (st), (i))
+# define sk_EVP_PKEY_METHOD_delete_ptr(st, ptr) SKM_sk_delete_ptr(EVP_PKEY_METHOD, (st), (ptr))
+# define sk_EVP_PKEY_METHOD_insert(st, val, i) SKM_sk_insert(EVP_PKEY_METHOD, (st), (val), (i))
+# define sk_EVP_PKEY_METHOD_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(EVP_PKEY_METHOD, (st), (cmp))
+# define sk_EVP_PKEY_METHOD_dup(st) SKM_sk_dup(EVP_PKEY_METHOD, st)
+# define sk_EVP_PKEY_METHOD_pop_free(st, free_func) SKM_sk_pop_free(EVP_PKEY_METHOD, (st), (free_func))
+# define sk_EVP_PKEY_METHOD_shift(st) SKM_sk_shift(EVP_PKEY_METHOD, (st))
+# define sk_EVP_PKEY_METHOD_pop(st) SKM_sk_pop(EVP_PKEY_METHOD, (st))
+# define sk_EVP_PKEY_METHOD_sort(st) SKM_sk_sort(EVP_PKEY_METHOD, (st))
+# define sk_EVP_PKEY_METHOD_is_sorted(st) SKM_sk_is_sorted(EVP_PKEY_METHOD, (st))
+# define sk_GENERAL_NAME_new(cmp) SKM_sk_new(GENERAL_NAME, (cmp))
# define sk_GENERAL_NAME_new_null() SKM_sk_new_null(GENERAL_NAME)
# define sk_GENERAL_NAME_free(st) SKM_sk_free(GENERAL_NAME, (st))
# define sk_GENERAL_NAME_num(st) SKM_sk_num(GENERAL_NAME, (st))
@@ -706,8 +839,7 @@
# define sk_GENERAL_NAME_pop(st) SKM_sk_pop(GENERAL_NAME, (st))
# define sk_GENERAL_NAME_sort(st) SKM_sk_sort(GENERAL_NAME, (st))
# define sk_GENERAL_NAME_is_sorted(st) SKM_sk_is_sorted(GENERAL_NAME, (st))
-
-# define sk_GENERAL_NAMES_new(st) SKM_sk_new(GENERAL_NAMES, (st))
+# define sk_GENERAL_NAMES_new(cmp) SKM_sk_new(GENERAL_NAMES, (cmp))
# define sk_GENERAL_NAMES_new_null() SKM_sk_new_null(GENERAL_NAMES)
# define sk_GENERAL_NAMES_free(st) SKM_sk_free(GENERAL_NAMES, (st))
# define sk_GENERAL_NAMES_num(st) SKM_sk_num(GENERAL_NAMES, (st))
@@ -728,8 +860,7 @@
# define sk_GENERAL_NAMES_pop(st) SKM_sk_pop(GENERAL_NAMES, (st))
# define sk_GENERAL_NAMES_sort(st) SKM_sk_sort(GENERAL_NAMES, (st))
# define sk_GENERAL_NAMES_is_sorted(st) SKM_sk_is_sorted(GENERAL_NAMES, (st))
-
-# define sk_GENERAL_SUBTREE_new(st) SKM_sk_new(GENERAL_SUBTREE, (st))
+# define sk_GENERAL_SUBTREE_new(cmp) SKM_sk_new(GENERAL_SUBTREE, (cmp))
# define sk_GENERAL_SUBTREE_new_null() SKM_sk_new_null(GENERAL_SUBTREE)
# define sk_GENERAL_SUBTREE_free(st) SKM_sk_free(GENERAL_SUBTREE, (st))
# define sk_GENERAL_SUBTREE_num(st) SKM_sk_num(GENERAL_SUBTREE, (st))
@@ -750,8 +881,7 @@
# define sk_GENERAL_SUBTREE_pop(st) SKM_sk_pop(GENERAL_SUBTREE, (st))
# define sk_GENERAL_SUBTREE_sort(st) SKM_sk_sort(GENERAL_SUBTREE, (st))
# define sk_GENERAL_SUBTREE_is_sorted(st) SKM_sk_is_sorted(GENERAL_SUBTREE, (st))
-
-# define sk_IPAddressFamily_new(st) SKM_sk_new(IPAddressFamily, (st))
+# define sk_IPAddressFamily_new(cmp) SKM_sk_new(IPAddressFamily, (cmp))
# define sk_IPAddressFamily_new_null() SKM_sk_new_null(IPAddressFamily)
# define sk_IPAddressFamily_free(st) SKM_sk_free(IPAddressFamily, (st))
# define sk_IPAddressFamily_num(st) SKM_sk_num(IPAddressFamily, (st))
@@ -772,8 +902,7 @@
# define sk_IPAddressFamily_pop(st) SKM_sk_pop(IPAddressFamily, (st))
# define sk_IPAddressFamily_sort(st) SKM_sk_sort(IPAddressFamily, (st))
# define sk_IPAddressFamily_is_sorted(st) SKM_sk_is_sorted(IPAddressFamily, (st))
-
-# define sk_IPAddressOrRange_new(st) SKM_sk_new(IPAddressOrRange, (st))
+# define sk_IPAddressOrRange_new(cmp) SKM_sk_new(IPAddressOrRange, (cmp))
# define sk_IPAddressOrRange_new_null() SKM_sk_new_null(IPAddressOrRange)
# define sk_IPAddressOrRange_free(st) SKM_sk_free(IPAddressOrRange, (st))
# define sk_IPAddressOrRange_num(st) SKM_sk_num(IPAddressOrRange, (st))
@@ -794,8 +923,7 @@
# define sk_IPAddressOrRange_pop(st) SKM_sk_pop(IPAddressOrRange, (st))
# define sk_IPAddressOrRange_sort(st) SKM_sk_sort(IPAddressOrRange, (st))
# define sk_IPAddressOrRange_is_sorted(st) SKM_sk_is_sorted(IPAddressOrRange, (st))
-
-# define sk_KRB5_APREQBODY_new(st) SKM_sk_new(KRB5_APREQBODY, (st))
+# define sk_KRB5_APREQBODY_new(cmp) SKM_sk_new(KRB5_APREQBODY, (cmp))
# define sk_KRB5_APREQBODY_new_null() SKM_sk_new_null(KRB5_APREQBODY)
# define sk_KRB5_APREQBODY_free(st) SKM_sk_free(KRB5_APREQBODY, (st))
# define sk_KRB5_APREQBODY_num(st) SKM_sk_num(KRB5_APREQBODY, (st))
@@ -816,8 +944,7 @@
# define sk_KRB5_APREQBODY_pop(st) SKM_sk_pop(KRB5_APREQBODY, (st))
# define sk_KRB5_APREQBODY_sort(st) SKM_sk_sort(KRB5_APREQBODY, (st))
# define sk_KRB5_APREQBODY_is_sorted(st) SKM_sk_is_sorted(KRB5_APREQBODY, (st))
-
-# define sk_KRB5_AUTHDATA_new(st) SKM_sk_new(KRB5_AUTHDATA, (st))
+# define sk_KRB5_AUTHDATA_new(cmp) SKM_sk_new(KRB5_AUTHDATA, (cmp))
# define sk_KRB5_AUTHDATA_new_null() SKM_sk_new_null(KRB5_AUTHDATA)
# define sk_KRB5_AUTHDATA_free(st) SKM_sk_free(KRB5_AUTHDATA, (st))
# define sk_KRB5_AUTHDATA_num(st) SKM_sk_num(KRB5_AUTHDATA, (st))
@@ -838,8 +965,7 @@
# define sk_KRB5_AUTHDATA_pop(st) SKM_sk_pop(KRB5_AUTHDATA, (st))
# define sk_KRB5_AUTHDATA_sort(st) SKM_sk_sort(KRB5_AUTHDATA, (st))
# define sk_KRB5_AUTHDATA_is_sorted(st) SKM_sk_is_sorted(KRB5_AUTHDATA, (st))
-
-# define sk_KRB5_AUTHENTBODY_new(st) SKM_sk_new(KRB5_AUTHENTBODY, (st))
+# define sk_KRB5_AUTHENTBODY_new(cmp) SKM_sk_new(KRB5_AUTHENTBODY, (cmp))
# define sk_KRB5_AUTHENTBODY_new_null() SKM_sk_new_null(KRB5_AUTHENTBODY)
# define sk_KRB5_AUTHENTBODY_free(st) SKM_sk_free(KRB5_AUTHENTBODY, (st))
# define sk_KRB5_AUTHENTBODY_num(st) SKM_sk_num(KRB5_AUTHENTBODY, (st))
@@ -860,8 +986,7 @@
# define sk_KRB5_AUTHENTBODY_pop(st) SKM_sk_pop(KRB5_AUTHENTBODY, (st))
# define sk_KRB5_AUTHENTBODY_sort(st) SKM_sk_sort(KRB5_AUTHENTBODY, (st))
# define sk_KRB5_AUTHENTBODY_is_sorted(st) SKM_sk_is_sorted(KRB5_AUTHENTBODY, (st))
-
-# define sk_KRB5_CHECKSUM_new(st) SKM_sk_new(KRB5_CHECKSUM, (st))
+# define sk_KRB5_CHECKSUM_new(cmp) SKM_sk_new(KRB5_CHECKSUM, (cmp))
# define sk_KRB5_CHECKSUM_new_null() SKM_sk_new_null(KRB5_CHECKSUM)
# define sk_KRB5_CHECKSUM_free(st) SKM_sk_free(KRB5_CHECKSUM, (st))
# define sk_KRB5_CHECKSUM_num(st) SKM_sk_num(KRB5_CHECKSUM, (st))
@@ -882,8 +1007,7 @@
# define sk_KRB5_CHECKSUM_pop(st) SKM_sk_pop(KRB5_CHECKSUM, (st))
# define sk_KRB5_CHECKSUM_sort(st) SKM_sk_sort(KRB5_CHECKSUM, (st))
# define sk_KRB5_CHECKSUM_is_sorted(st) SKM_sk_is_sorted(KRB5_CHECKSUM, (st))
-
-# define sk_KRB5_ENCDATA_new(st) SKM_sk_new(KRB5_ENCDATA, (st))
+# define sk_KRB5_ENCDATA_new(cmp) SKM_sk_new(KRB5_ENCDATA, (cmp))
# define sk_KRB5_ENCDATA_new_null() SKM_sk_new_null(KRB5_ENCDATA)
# define sk_KRB5_ENCDATA_free(st) SKM_sk_free(KRB5_ENCDATA, (st))
# define sk_KRB5_ENCDATA_num(st) SKM_sk_num(KRB5_ENCDATA, (st))
@@ -904,8 +1028,7 @@
# define sk_KRB5_ENCDATA_pop(st) SKM_sk_pop(KRB5_ENCDATA, (st))
# define sk_KRB5_ENCDATA_sort(st) SKM_sk_sort(KRB5_ENCDATA, (st))
# define sk_KRB5_ENCDATA_is_sorted(st) SKM_sk_is_sorted(KRB5_ENCDATA, (st))
-
-# define sk_KRB5_ENCKEY_new(st) SKM_sk_new(KRB5_ENCKEY, (st))
+# define sk_KRB5_ENCKEY_new(cmp) SKM_sk_new(KRB5_ENCKEY, (cmp))
# define sk_KRB5_ENCKEY_new_null() SKM_sk_new_null(KRB5_ENCKEY)
# define sk_KRB5_ENCKEY_free(st) SKM_sk_free(KRB5_ENCKEY, (st))
# define sk_KRB5_ENCKEY_num(st) SKM_sk_num(KRB5_ENCKEY, (st))
@@ -926,8 +1049,7 @@
# define sk_KRB5_ENCKEY_pop(st) SKM_sk_pop(KRB5_ENCKEY, (st))
# define sk_KRB5_ENCKEY_sort(st) SKM_sk_sort(KRB5_ENCKEY, (st))
# define sk_KRB5_ENCKEY_is_sorted(st) SKM_sk_is_sorted(KRB5_ENCKEY, (st))
-
-# define sk_KRB5_PRINCNAME_new(st) SKM_sk_new(KRB5_PRINCNAME, (st))
+# define sk_KRB5_PRINCNAME_new(cmp) SKM_sk_new(KRB5_PRINCNAME, (cmp))
# define sk_KRB5_PRINCNAME_new_null() SKM_sk_new_null(KRB5_PRINCNAME)
# define sk_KRB5_PRINCNAME_free(st) SKM_sk_free(KRB5_PRINCNAME, (st))
# define sk_KRB5_PRINCNAME_num(st) SKM_sk_num(KRB5_PRINCNAME, (st))
@@ -948,8 +1070,7 @@
# define sk_KRB5_PRINCNAME_pop(st) SKM_sk_pop(KRB5_PRINCNAME, (st))
# define sk_KRB5_PRINCNAME_sort(st) SKM_sk_sort(KRB5_PRINCNAME, (st))
# define sk_KRB5_PRINCNAME_is_sorted(st) SKM_sk_is_sorted(KRB5_PRINCNAME, (st))
-
-# define sk_KRB5_TKTBODY_new(st) SKM_sk_new(KRB5_TKTBODY, (st))
+# define sk_KRB5_TKTBODY_new(cmp) SKM_sk_new(KRB5_TKTBODY, (cmp))
# define sk_KRB5_TKTBODY_new_null() SKM_sk_new_null(KRB5_TKTBODY)
# define sk_KRB5_TKTBODY_free(st) SKM_sk_free(KRB5_TKTBODY, (st))
# define sk_KRB5_TKTBODY_num(st) SKM_sk_num(KRB5_TKTBODY, (st))
@@ -970,8 +1091,28 @@
# define sk_KRB5_TKTBODY_pop(st) SKM_sk_pop(KRB5_TKTBODY, (st))
# define sk_KRB5_TKTBODY_sort(st) SKM_sk_sort(KRB5_TKTBODY, (st))
# define sk_KRB5_TKTBODY_is_sorted(st) SKM_sk_is_sorted(KRB5_TKTBODY, (st))
-
-# define sk_MIME_HEADER_new(st) SKM_sk_new(MIME_HEADER, (st))
+# define sk_MEM_OBJECT_DATA_new(cmp) SKM_sk_new(MEM_OBJECT_DATA, (cmp))
+# define sk_MEM_OBJECT_DATA_new_null() SKM_sk_new_null(MEM_OBJECT_DATA)
+# define sk_MEM_OBJECT_DATA_free(st) SKM_sk_free(MEM_OBJECT_DATA, (st))
+# define sk_MEM_OBJECT_DATA_num(st) SKM_sk_num(MEM_OBJECT_DATA, (st))
+# define sk_MEM_OBJECT_DATA_value(st, i) SKM_sk_value(MEM_OBJECT_DATA, (st), (i))
+# define sk_MEM_OBJECT_DATA_set(st, i, val) SKM_sk_set(MEM_OBJECT_DATA, (st), (i), (val))
+# define sk_MEM_OBJECT_DATA_zero(st) SKM_sk_zero(MEM_OBJECT_DATA, (st))
+# define sk_MEM_OBJECT_DATA_push(st, val) SKM_sk_push(MEM_OBJECT_DATA, (st), (val))
+# define sk_MEM_OBJECT_DATA_unshift(st, val) SKM_sk_unshift(MEM_OBJECT_DATA, (st), (val))
+# define sk_MEM_OBJECT_DATA_find(st, val) SKM_sk_find(MEM_OBJECT_DATA, (st), (val))
+# define sk_MEM_OBJECT_DATA_find_ex(st, val) SKM_sk_find_ex(MEM_OBJECT_DATA, (st), (val))
+# define sk_MEM_OBJECT_DATA_delete(st, i) SKM_sk_delete(MEM_OBJECT_DATA, (st), (i))
+# define sk_MEM_OBJECT_DATA_delete_ptr(st, ptr) SKM_sk_delete_ptr(MEM_OBJECT_DATA, (st), (ptr))
+# define sk_MEM_OBJECT_DATA_insert(st, val, i) SKM_sk_insert(MEM_OBJECT_DATA, (st), (val), (i))
+# define sk_MEM_OBJECT_DATA_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(MEM_OBJECT_DATA, (st), (cmp))
+# define sk_MEM_OBJECT_DATA_dup(st) SKM_sk_dup(MEM_OBJECT_DATA, st)
+# define sk_MEM_OBJECT_DATA_pop_free(st, free_func) SKM_sk_pop_free(MEM_OBJECT_DATA, (st), (free_func))
+# define sk_MEM_OBJECT_DATA_shift(st) SKM_sk_shift(MEM_OBJECT_DATA, (st))
+# define sk_MEM_OBJECT_DATA_pop(st) SKM_sk_pop(MEM_OBJECT_DATA, (st))
+# define sk_MEM_OBJECT_DATA_sort(st) SKM_sk_sort(MEM_OBJECT_DATA, (st))
+# define sk_MEM_OBJECT_DATA_is_sorted(st) SKM_sk_is_sorted(MEM_OBJECT_DATA, (st))
+# define sk_MIME_HEADER_new(cmp) SKM_sk_new(MIME_HEADER, (cmp))
# define sk_MIME_HEADER_new_null() SKM_sk_new_null(MIME_HEADER)
# define sk_MIME_HEADER_free(st) SKM_sk_free(MIME_HEADER, (st))
# define sk_MIME_HEADER_num(st) SKM_sk_num(MIME_HEADER, (st))
@@ -992,8 +1133,7 @@
# define sk_MIME_HEADER_pop(st) SKM_sk_pop(MIME_HEADER, (st))
# define sk_MIME_HEADER_sort(st) SKM_sk_sort(MIME_HEADER, (st))
# define sk_MIME_HEADER_is_sorted(st) SKM_sk_is_sorted(MIME_HEADER, (st))
-
-# define sk_MIME_PARAM_new(st) SKM_sk_new(MIME_PARAM, (st))
+# define sk_MIME_PARAM_new(cmp) SKM_sk_new(MIME_PARAM, (cmp))
# define sk_MIME_PARAM_new_null() SKM_sk_new_null(MIME_PARAM)
# define sk_MIME_PARAM_free(st) SKM_sk_free(MIME_PARAM, (st))
# define sk_MIME_PARAM_num(st) SKM_sk_num(MIME_PARAM, (st))
@@ -1014,8 +1154,7 @@
# define sk_MIME_PARAM_pop(st) SKM_sk_pop(MIME_PARAM, (st))
# define sk_MIME_PARAM_sort(st) SKM_sk_sort(MIME_PARAM, (st))
# define sk_MIME_PARAM_is_sorted(st) SKM_sk_is_sorted(MIME_PARAM, (st))
-
-# define sk_NAME_FUNCS_new(st) SKM_sk_new(NAME_FUNCS, (st))
+# define sk_NAME_FUNCS_new(cmp) SKM_sk_new(NAME_FUNCS, (cmp))
# define sk_NAME_FUNCS_new_null() SKM_sk_new_null(NAME_FUNCS)
# define sk_NAME_FUNCS_free(st) SKM_sk_free(NAME_FUNCS, (st))
# define sk_NAME_FUNCS_num(st) SKM_sk_num(NAME_FUNCS, (st))
@@ -1036,8 +1175,7 @@
# define sk_NAME_FUNCS_pop(st) SKM_sk_pop(NAME_FUNCS, (st))
# define sk_NAME_FUNCS_sort(st) SKM_sk_sort(NAME_FUNCS, (st))
# define sk_NAME_FUNCS_is_sorted(st) SKM_sk_is_sorted(NAME_FUNCS, (st))
-
-# define sk_OCSP_CERTID_new(st) SKM_sk_new(OCSP_CERTID, (st))
+# define sk_OCSP_CERTID_new(cmp) SKM_sk_new(OCSP_CERTID, (cmp))
# define sk_OCSP_CERTID_new_null() SKM_sk_new_null(OCSP_CERTID)
# define sk_OCSP_CERTID_free(st) SKM_sk_free(OCSP_CERTID, (st))
# define sk_OCSP_CERTID_num(st) SKM_sk_num(OCSP_CERTID, (st))
@@ -1058,8 +1196,7 @@
# define sk_OCSP_CERTID_pop(st) SKM_sk_pop(OCSP_CERTID, (st))
# define sk_OCSP_CERTID_sort(st) SKM_sk_sort(OCSP_CERTID, (st))
# define sk_OCSP_CERTID_is_sorted(st) SKM_sk_is_sorted(OCSP_CERTID, (st))
-
-# define sk_OCSP_ONEREQ_new(st) SKM_sk_new(OCSP_ONEREQ, (st))
+# define sk_OCSP_ONEREQ_new(cmp) SKM_sk_new(OCSP_ONEREQ, (cmp))
# define sk_OCSP_ONEREQ_new_null() SKM_sk_new_null(OCSP_ONEREQ)
# define sk_OCSP_ONEREQ_free(st) SKM_sk_free(OCSP_ONEREQ, (st))
# define sk_OCSP_ONEREQ_num(st) SKM_sk_num(OCSP_ONEREQ, (st))
@@ -1080,8 +1217,7 @@
# define sk_OCSP_ONEREQ_pop(st) SKM_sk_pop(OCSP_ONEREQ, (st))
# define sk_OCSP_ONEREQ_sort(st) SKM_sk_sort(OCSP_ONEREQ, (st))
# define sk_OCSP_ONEREQ_is_sorted(st) SKM_sk_is_sorted(OCSP_ONEREQ, (st))
-
-# define sk_OCSP_RESPID_new(st) SKM_sk_new(OCSP_RESPID, (st))
+# define sk_OCSP_RESPID_new(cmp) SKM_sk_new(OCSP_RESPID, (cmp))
# define sk_OCSP_RESPID_new_null() SKM_sk_new_null(OCSP_RESPID)
# define sk_OCSP_RESPID_free(st) SKM_sk_free(OCSP_RESPID, (st))
# define sk_OCSP_RESPID_num(st) SKM_sk_num(OCSP_RESPID, (st))
@@ -1102,8 +1238,7 @@
# define sk_OCSP_RESPID_pop(st) SKM_sk_pop(OCSP_RESPID, (st))
# define sk_OCSP_RESPID_sort(st) SKM_sk_sort(OCSP_RESPID, (st))
# define sk_OCSP_RESPID_is_sorted(st) SKM_sk_is_sorted(OCSP_RESPID, (st))
-
-# define sk_OCSP_SINGLERESP_new(st) SKM_sk_new(OCSP_SINGLERESP, (st))
+# define sk_OCSP_SINGLERESP_new(cmp) SKM_sk_new(OCSP_SINGLERESP, (cmp))
# define sk_OCSP_SINGLERESP_new_null() SKM_sk_new_null(OCSP_SINGLERESP)
# define sk_OCSP_SINGLERESP_free(st) SKM_sk_free(OCSP_SINGLERESP, (st))
# define sk_OCSP_SINGLERESP_num(st) SKM_sk_num(OCSP_SINGLERESP, (st))
@@ -1124,8 +1259,7 @@
# define sk_OCSP_SINGLERESP_pop(st) SKM_sk_pop(OCSP_SINGLERESP, (st))
# define sk_OCSP_SINGLERESP_sort(st) SKM_sk_sort(OCSP_SINGLERESP, (st))
# define sk_OCSP_SINGLERESP_is_sorted(st) SKM_sk_is_sorted(OCSP_SINGLERESP, (st))
-
-# define sk_PKCS12_SAFEBAG_new(st) SKM_sk_new(PKCS12_SAFEBAG, (st))
+# define sk_PKCS12_SAFEBAG_new(cmp) SKM_sk_new(PKCS12_SAFEBAG, (cmp))
# define sk_PKCS12_SAFEBAG_new_null() SKM_sk_new_null(PKCS12_SAFEBAG)
# define sk_PKCS12_SAFEBAG_free(st) SKM_sk_free(PKCS12_SAFEBAG, (st))
# define sk_PKCS12_SAFEBAG_num(st) SKM_sk_num(PKCS12_SAFEBAG, (st))
@@ -1146,8 +1280,7 @@
# define sk_PKCS12_SAFEBAG_pop(st) SKM_sk_pop(PKCS12_SAFEBAG, (st))
# define sk_PKCS12_SAFEBAG_sort(st) SKM_sk_sort(PKCS12_SAFEBAG, (st))
# define sk_PKCS12_SAFEBAG_is_sorted(st) SKM_sk_is_sorted(PKCS12_SAFEBAG, (st))
-
-# define sk_PKCS7_new(st) SKM_sk_new(PKCS7, (st))
+# define sk_PKCS7_new(cmp) SKM_sk_new(PKCS7, (cmp))
# define sk_PKCS7_new_null() SKM_sk_new_null(PKCS7)
# define sk_PKCS7_free(st) SKM_sk_free(PKCS7, (st))
# define sk_PKCS7_num(st) SKM_sk_num(PKCS7, (st))
@@ -1168,8 +1301,7 @@
# define sk_PKCS7_pop(st) SKM_sk_pop(PKCS7, (st))
# define sk_PKCS7_sort(st) SKM_sk_sort(PKCS7, (st))
# define sk_PKCS7_is_sorted(st) SKM_sk_is_sorted(PKCS7, (st))
-
-# define sk_PKCS7_RECIP_INFO_new(st) SKM_sk_new(PKCS7_RECIP_INFO, (st))
+# define sk_PKCS7_RECIP_INFO_new(cmp) SKM_sk_new(PKCS7_RECIP_INFO, (cmp))
# define sk_PKCS7_RECIP_INFO_new_null() SKM_sk_new_null(PKCS7_RECIP_INFO)
# define sk_PKCS7_RECIP_INFO_free(st) SKM_sk_free(PKCS7_RECIP_INFO, (st))
# define sk_PKCS7_RECIP_INFO_num(st) SKM_sk_num(PKCS7_RECIP_INFO, (st))
@@ -1190,8 +1322,7 @@
# define sk_PKCS7_RECIP_INFO_pop(st) SKM_sk_pop(PKCS7_RECIP_INFO, (st))
# define sk_PKCS7_RECIP_INFO_sort(st) SKM_sk_sort(PKCS7_RECIP_INFO, (st))
# define sk_PKCS7_RECIP_INFO_is_sorted(st) SKM_sk_is_sorted(PKCS7_RECIP_INFO, (st))
-
-# define sk_PKCS7_SIGNER_INFO_new(st) SKM_sk_new(PKCS7_SIGNER_INFO, (st))
+# define sk_PKCS7_SIGNER_INFO_new(cmp) SKM_sk_new(PKCS7_SIGNER_INFO, (cmp))
# define sk_PKCS7_SIGNER_INFO_new_null() SKM_sk_new_null(PKCS7_SIGNER_INFO)
# define sk_PKCS7_SIGNER_INFO_free(st) SKM_sk_free(PKCS7_SIGNER_INFO, (st))
# define sk_PKCS7_SIGNER_INFO_num(st) SKM_sk_num(PKCS7_SIGNER_INFO, (st))
@@ -1212,8 +1343,7 @@
# define sk_PKCS7_SIGNER_INFO_pop(st) SKM_sk_pop(PKCS7_SIGNER_INFO, (st))
# define sk_PKCS7_SIGNER_INFO_sort(st) SKM_sk_sort(PKCS7_SIGNER_INFO, (st))
# define sk_PKCS7_SIGNER_INFO_is_sorted(st) SKM_sk_is_sorted(PKCS7_SIGNER_INFO, (st))
-
-# define sk_POLICYINFO_new(st) SKM_sk_new(POLICYINFO, (st))
+# define sk_POLICYINFO_new(cmp) SKM_sk_new(POLICYINFO, (cmp))
# define sk_POLICYINFO_new_null() SKM_sk_new_null(POLICYINFO)
# define sk_POLICYINFO_free(st) SKM_sk_free(POLICYINFO, (st))
# define sk_POLICYINFO_num(st) SKM_sk_num(POLICYINFO, (st))
@@ -1234,8 +1364,7 @@
# define sk_POLICYINFO_pop(st) SKM_sk_pop(POLICYINFO, (st))
# define sk_POLICYINFO_sort(st) SKM_sk_sort(POLICYINFO, (st))
# define sk_POLICYINFO_is_sorted(st) SKM_sk_is_sorted(POLICYINFO, (st))
-
-# define sk_POLICYQUALINFO_new(st) SKM_sk_new(POLICYQUALINFO, (st))
+# define sk_POLICYQUALINFO_new(cmp) SKM_sk_new(POLICYQUALINFO, (cmp))
# define sk_POLICYQUALINFO_new_null() SKM_sk_new_null(POLICYQUALINFO)
# define sk_POLICYQUALINFO_free(st) SKM_sk_free(POLICYQUALINFO, (st))
# define sk_POLICYQUALINFO_num(st) SKM_sk_num(POLICYQUALINFO, (st))
@@ -1256,8 +1385,7 @@
# define sk_POLICYQUALINFO_pop(st) SKM_sk_pop(POLICYQUALINFO, (st))
# define sk_POLICYQUALINFO_sort(st) SKM_sk_sort(POLICYQUALINFO, (st))
# define sk_POLICYQUALINFO_is_sorted(st) SKM_sk_is_sorted(POLICYQUALINFO, (st))
-
-# define sk_POLICY_MAPPING_new(st) SKM_sk_new(POLICY_MAPPING, (st))
+# define sk_POLICY_MAPPING_new(cmp) SKM_sk_new(POLICY_MAPPING, (cmp))
# define sk_POLICY_MAPPING_new_null() SKM_sk_new_null(POLICY_MAPPING)
# define sk_POLICY_MAPPING_free(st) SKM_sk_free(POLICY_MAPPING, (st))
# define sk_POLICY_MAPPING_num(st) SKM_sk_num(POLICY_MAPPING, (st))
@@ -1278,8 +1406,91 @@
# define sk_POLICY_MAPPING_pop(st) SKM_sk_pop(POLICY_MAPPING, (st))
# define sk_POLICY_MAPPING_sort(st) SKM_sk_sort(POLICY_MAPPING, (st))
# define sk_POLICY_MAPPING_is_sorted(st) SKM_sk_is_sorted(POLICY_MAPPING, (st))
-
-# define sk_SSL_CIPHER_new(st) SKM_sk_new(SSL_CIPHER, (st))
+# define sk_SRP_gN_new(cmp) SKM_sk_new(SRP_gN, (cmp))
+# define sk_SRP_gN_new_null() SKM_sk_new_null(SRP_gN)
+# define sk_SRP_gN_free(st) SKM_sk_free(SRP_gN, (st))
+# define sk_SRP_gN_num(st) SKM_sk_num(SRP_gN, (st))
+# define sk_SRP_gN_value(st, i) SKM_sk_value(SRP_gN, (st), (i))
+# define sk_SRP_gN_set(st, i, val) SKM_sk_set(SRP_gN, (st), (i), (val))
+# define sk_SRP_gN_zero(st) SKM_sk_zero(SRP_gN, (st))
+# define sk_SRP_gN_push(st, val) SKM_sk_push(SRP_gN, (st), (val))
+# define sk_SRP_gN_unshift(st, val) SKM_sk_unshift(SRP_gN, (st), (val))
+# define sk_SRP_gN_find(st, val) SKM_sk_find(SRP_gN, (st), (val))
+# define sk_SRP_gN_find_ex(st, val) SKM_sk_find_ex(SRP_gN, (st), (val))
+# define sk_SRP_gN_delete(st, i) SKM_sk_delete(SRP_gN, (st), (i))
+# define sk_SRP_gN_delete_ptr(st, ptr) SKM_sk_delete_ptr(SRP_gN, (st), (ptr))
+# define sk_SRP_gN_insert(st, val, i) SKM_sk_insert(SRP_gN, (st), (val), (i))
+# define sk_SRP_gN_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SRP_gN, (st), (cmp))
+# define sk_SRP_gN_dup(st) SKM_sk_dup(SRP_gN, st)
+# define sk_SRP_gN_pop_free(st, free_func) SKM_sk_pop_free(SRP_gN, (st), (free_func))
+# define sk_SRP_gN_shift(st) SKM_sk_shift(SRP_gN, (st))
+# define sk_SRP_gN_pop(st) SKM_sk_pop(SRP_gN, (st))
+# define sk_SRP_gN_sort(st) SKM_sk_sort(SRP_gN, (st))
+# define sk_SRP_gN_is_sorted(st) SKM_sk_is_sorted(SRP_gN, (st))
+# define sk_SRP_gN_cache_new(cmp) SKM_sk_new(SRP_gN_cache, (cmp))
+# define sk_SRP_gN_cache_new_null() SKM_sk_new_null(SRP_gN_cache)
+# define sk_SRP_gN_cache_free(st) SKM_sk_free(SRP_gN_cache, (st))
+# define sk_SRP_gN_cache_num(st) SKM_sk_num(SRP_gN_cache, (st))
+# define sk_SRP_gN_cache_value(st, i) SKM_sk_value(SRP_gN_cache, (st), (i))
+# define sk_SRP_gN_cache_set(st, i, val) SKM_sk_set(SRP_gN_cache, (st), (i), (val))
+# define sk_SRP_gN_cache_zero(st) SKM_sk_zero(SRP_gN_cache, (st))
+# define sk_SRP_gN_cache_push(st, val) SKM_sk_push(SRP_gN_cache, (st), (val))
+# define sk_SRP_gN_cache_unshift(st, val) SKM_sk_unshift(SRP_gN_cache, (st), (val))
+# define sk_SRP_gN_cache_find(st, val) SKM_sk_find(SRP_gN_cache, (st), (val))
+# define sk_SRP_gN_cache_find_ex(st, val) SKM_sk_find_ex(SRP_gN_cache, (st), (val))
+# define sk_SRP_gN_cache_delete(st, i) SKM_sk_delete(SRP_gN_cache, (st), (i))
+# define sk_SRP_gN_cache_delete_ptr(st, ptr) SKM_sk_delete_ptr(SRP_gN_cache, (st), (ptr))
+# define sk_SRP_gN_cache_insert(st, val, i) SKM_sk_insert(SRP_gN_cache, (st), (val), (i))
+# define sk_SRP_gN_cache_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SRP_gN_cache, (st), (cmp))
+# define sk_SRP_gN_cache_dup(st) SKM_sk_dup(SRP_gN_cache, st)
+# define sk_SRP_gN_cache_pop_free(st, free_func) SKM_sk_pop_free(SRP_gN_cache, (st), (free_func))
+# define sk_SRP_gN_cache_shift(st) SKM_sk_shift(SRP_gN_cache, (st))
+# define sk_SRP_gN_cache_pop(st) SKM_sk_pop(SRP_gN_cache, (st))
+# define sk_SRP_gN_cache_sort(st) SKM_sk_sort(SRP_gN_cache, (st))
+# define sk_SRP_gN_cache_is_sorted(st) SKM_sk_is_sorted(SRP_gN_cache, (st))
+# define sk_SRP_user_pwd_new(cmp) SKM_sk_new(SRP_user_pwd, (cmp))
+# define sk_SRP_user_pwd_new_null() SKM_sk_new_null(SRP_user_pwd)
+# define sk_SRP_user_pwd_free(st) SKM_sk_free(SRP_user_pwd, (st))
+# define sk_SRP_user_pwd_num(st) SKM_sk_num(SRP_user_pwd, (st))
+# define sk_SRP_user_pwd_value(st, i) SKM_sk_value(SRP_user_pwd, (st), (i))
+# define sk_SRP_user_pwd_set(st, i, val) SKM_sk_set(SRP_user_pwd, (st), (i), (val))
+# define sk_SRP_user_pwd_zero(st) SKM_sk_zero(SRP_user_pwd, (st))
+# define sk_SRP_user_pwd_push(st, val) SKM_sk_push(SRP_user_pwd, (st), (val))
+# define sk_SRP_user_pwd_unshift(st, val) SKM_sk_unshift(SRP_user_pwd, (st), (val))
+# define sk_SRP_user_pwd_find(st, val) SKM_sk_find(SRP_user_pwd, (st), (val))
+# define sk_SRP_user_pwd_find_ex(st, val) SKM_sk_find_ex(SRP_user_pwd, (st), (val))
+# define sk_SRP_user_pwd_delete(st, i) SKM_sk_delete(SRP_user_pwd, (st), (i))
+# define sk_SRP_user_pwd_delete_ptr(st, ptr) SKM_sk_delete_ptr(SRP_user_pwd, (st), (ptr))
+# define sk_SRP_user_pwd_insert(st, val, i) SKM_sk_insert(SRP_user_pwd, (st), (val), (i))
+# define sk_SRP_user_pwd_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SRP_user_pwd, (st), (cmp))
+# define sk_SRP_user_pwd_dup(st) SKM_sk_dup(SRP_user_pwd, st)
+# define sk_SRP_user_pwd_pop_free(st, free_func) SKM_sk_pop_free(SRP_user_pwd, (st), (free_func))
+# define sk_SRP_user_pwd_shift(st) SKM_sk_shift(SRP_user_pwd, (st))
+# define sk_SRP_user_pwd_pop(st) SKM_sk_pop(SRP_user_pwd, (st))
+# define sk_SRP_user_pwd_sort(st) SKM_sk_sort(SRP_user_pwd, (st))
+# define sk_SRP_user_pwd_is_sorted(st) SKM_sk_is_sorted(SRP_user_pwd, (st))
+# define sk_SRTP_PROTECTION_PROFILE_new(cmp) SKM_sk_new(SRTP_PROTECTION_PROFILE, (cmp))
+# define sk_SRTP_PROTECTION_PROFILE_new_null() SKM_sk_new_null(SRTP_PROTECTION_PROFILE)
+# define sk_SRTP_PROTECTION_PROFILE_free(st) SKM_sk_free(SRTP_PROTECTION_PROFILE, (st))
+# define sk_SRTP_PROTECTION_PROFILE_num(st) SKM_sk_num(SRTP_PROTECTION_PROFILE, (st))
+# define sk_SRTP_PROTECTION_PROFILE_value(st, i) SKM_sk_value(SRTP_PROTECTION_PROFILE, (st), (i))
+# define sk_SRTP_PROTECTION_PROFILE_set(st, i, val) SKM_sk_set(SRTP_PROTECTION_PROFILE, (st), (i), (val))
+# define sk_SRTP_PROTECTION_PROFILE_zero(st) SKM_sk_zero(SRTP_PROTECTION_PROFILE, (st))
+# define sk_SRTP_PROTECTION_PROFILE_push(st, val) SKM_sk_push(SRTP_PROTECTION_PROFILE, (st), (val))
+# define sk_SRTP_PROTECTION_PROFILE_unshift(st, val) SKM_sk_unshift(SRTP_PROTECTION_PROFILE, (st), (val))
+# define sk_SRTP_PROTECTION_PROFILE_find(st, val) SKM_sk_find(SRTP_PROTECTION_PROFILE, (st), (val))
+# define sk_SRTP_PROTECTION_PROFILE_find_ex(st, val) SKM_sk_find_ex(SRTP_PROTECTION_PROFILE, (st), (val))
+# define sk_SRTP_PROTECTION_PROFILE_delete(st, i) SKM_sk_delete(SRTP_PROTECTION_PROFILE, (st), (i))
+# define sk_SRTP_PROTECTION_PROFILE_delete_ptr(st, ptr) SKM_sk_delete_ptr(SRTP_PROTECTION_PROFILE, (st), (ptr))
+# define sk_SRTP_PROTECTION_PROFILE_insert(st, val, i) SKM_sk_insert(SRTP_PROTECTION_PROFILE, (st), (val), (i))
+# define sk_SRTP_PROTECTION_PROFILE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SRTP_PROTECTION_PROFILE, (st), (cmp))
+# define sk_SRTP_PROTECTION_PROFILE_dup(st) SKM_sk_dup(SRTP_PROTECTION_PROFILE, st)
+# define sk_SRTP_PROTECTION_PROFILE_pop_free(st, free_func) SKM_sk_pop_free(SRTP_PROTECTION_PROFILE, (st), (free_func))
+# define sk_SRTP_PROTECTION_PROFILE_shift(st) SKM_sk_shift(SRTP_PROTECTION_PROFILE, (st))
+# define sk_SRTP_PROTECTION_PROFILE_pop(st) SKM_sk_pop(SRTP_PROTECTION_PROFILE, (st))
+# define sk_SRTP_PROTECTION_PROFILE_sort(st) SKM_sk_sort(SRTP_PROTECTION_PROFILE, (st))
+# define sk_SRTP_PROTECTION_PROFILE_is_sorted(st) SKM_sk_is_sorted(SRTP_PROTECTION_PROFILE, (st))
+# define sk_SSL_CIPHER_new(cmp) SKM_sk_new(SSL_CIPHER, (cmp))
# define sk_SSL_CIPHER_new_null() SKM_sk_new_null(SSL_CIPHER)
# define sk_SSL_CIPHER_free(st) SKM_sk_free(SSL_CIPHER, (st))
# define sk_SSL_CIPHER_num(st) SKM_sk_num(SSL_CIPHER, (st))
@@ -1300,8 +1511,7 @@
# define sk_SSL_CIPHER_pop(st) SKM_sk_pop(SSL_CIPHER, (st))
# define sk_SSL_CIPHER_sort(st) SKM_sk_sort(SSL_CIPHER, (st))
# define sk_SSL_CIPHER_is_sorted(st) SKM_sk_is_sorted(SSL_CIPHER, (st))
-
-# define sk_SSL_COMP_new(st) SKM_sk_new(SSL_COMP, (st))
+# define sk_SSL_COMP_new(cmp) SKM_sk_new(SSL_COMP, (cmp))
# define sk_SSL_COMP_new_null() SKM_sk_new_null(SSL_COMP)
# define sk_SSL_COMP_free(st) SKM_sk_free(SSL_COMP, (st))
# define sk_SSL_COMP_num(st) SKM_sk_num(SSL_COMP, (st))
@@ -1322,8 +1532,49 @@
# define sk_SSL_COMP_pop(st) SKM_sk_pop(SSL_COMP, (st))
# define sk_SSL_COMP_sort(st) SKM_sk_sort(SSL_COMP, (st))
# define sk_SSL_COMP_is_sorted(st) SKM_sk_is_sorted(SSL_COMP, (st))
-
-# define sk_STORE_OBJECT_new(st) SKM_sk_new(STORE_OBJECT, (st))
+# define sk_STACK_OF_X509_NAME_ENTRY_new(cmp) SKM_sk_new(STACK_OF_X509_NAME_ENTRY, (cmp))
+# define sk_STACK_OF_X509_NAME_ENTRY_new_null() SKM_sk_new_null(STACK_OF_X509_NAME_ENTRY)
+# define sk_STACK_OF_X509_NAME_ENTRY_free(st) SKM_sk_free(STACK_OF_X509_NAME_ENTRY, (st))
+# define sk_STACK_OF_X509_NAME_ENTRY_num(st) SKM_sk_num(STACK_OF_X509_NAME_ENTRY, (st))
+# define sk_STACK_OF_X509_NAME_ENTRY_value(st, i) SKM_sk_value(STACK_OF_X509_NAME_ENTRY, (st), (i))
+# define sk_STACK_OF_X509_NAME_ENTRY_set(st, i, val) SKM_sk_set(STACK_OF_X509_NAME_ENTRY, (st), (i), (val))
+# define sk_STACK_OF_X509_NAME_ENTRY_zero(st) SKM_sk_zero(STACK_OF_X509_NAME_ENTRY, (st))
+# define sk_STACK_OF_X509_NAME_ENTRY_push(st, val) SKM_sk_push(STACK_OF_X509_NAME_ENTRY, (st), (val))
+# define sk_STACK_OF_X509_NAME_ENTRY_unshift(st, val) SKM_sk_unshift(STACK_OF_X509_NAME_ENTRY, (st), (val))
+# define sk_STACK_OF_X509_NAME_ENTRY_find(st, val) SKM_sk_find(STACK_OF_X509_NAME_ENTRY, (st), (val))
+# define sk_STACK_OF_X509_NAME_ENTRY_find_ex(st, val) SKM_sk_find_ex(STACK_OF_X509_NAME_ENTRY, (st), (val))
+# define sk_STACK_OF_X509_NAME_ENTRY_delete(st, i) SKM_sk_delete(STACK_OF_X509_NAME_ENTRY, (st), (i))
+# define sk_STACK_OF_X509_NAME_ENTRY_delete_ptr(st, ptr) SKM_sk_delete_ptr(STACK_OF_X509_NAME_ENTRY, (st), (ptr))
+# define sk_STACK_OF_X509_NAME_ENTRY_insert(st, val, i) SKM_sk_insert(STACK_OF_X509_NAME_ENTRY, (st), (val), (i))
+# define sk_STACK_OF_X509_NAME_ENTRY_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(STACK_OF_X509_NAME_ENTRY, (st), (cmp))
+# define sk_STACK_OF_X509_NAME_ENTRY_dup(st) SKM_sk_dup(STACK_OF_X509_NAME_ENTRY, st)
+# define sk_STACK_OF_X509_NAME_ENTRY_pop_free(st, free_func) SKM_sk_pop_free(STACK_OF_X509_NAME_ENTRY, (st), (free_func))
+# define sk_STACK_OF_X509_NAME_ENTRY_shift(st) SKM_sk_shift(STACK_OF_X509_NAME_ENTRY, (st))
+# define sk_STACK_OF_X509_NAME_ENTRY_pop(st) SKM_sk_pop(STACK_OF_X509_NAME_ENTRY, (st))
+# define sk_STACK_OF_X509_NAME_ENTRY_sort(st) SKM_sk_sort(STACK_OF_X509_NAME_ENTRY, (st))
+# define sk_STACK_OF_X509_NAME_ENTRY_is_sorted(st) SKM_sk_is_sorted(STACK_OF_X509_NAME_ENTRY, (st))
+# define sk_STORE_ATTR_INFO_new(cmp) SKM_sk_new(STORE_ATTR_INFO, (cmp))
+# define sk_STORE_ATTR_INFO_new_null() SKM_sk_new_null(STORE_ATTR_INFO)
+# define sk_STORE_ATTR_INFO_free(st) SKM_sk_free(STORE_ATTR_INFO, (st))
+# define sk_STORE_ATTR_INFO_num(st) SKM_sk_num(STORE_ATTR_INFO, (st))
+# define sk_STORE_ATTR_INFO_value(st, i) SKM_sk_value(STORE_ATTR_INFO, (st), (i))
+# define sk_STORE_ATTR_INFO_set(st, i, val) SKM_sk_set(STORE_ATTR_INFO, (st), (i), (val))
+# define sk_STORE_ATTR_INFO_zero(st) SKM_sk_zero(STORE_ATTR_INFO, (st))
+# define sk_STORE_ATTR_INFO_push(st, val) SKM_sk_push(STORE_ATTR_INFO, (st), (val))
+# define sk_STORE_ATTR_INFO_unshift(st, val) SKM_sk_unshift(STORE_ATTR_INFO, (st), (val))
+# define sk_STORE_ATTR_INFO_find(st, val) SKM_sk_find(STORE_ATTR_INFO, (st), (val))
+# define sk_STORE_ATTR_INFO_find_ex(st, val) SKM_sk_find_ex(STORE_ATTR_INFO, (st), (val))
+# define sk_STORE_ATTR_INFO_delete(st, i) SKM_sk_delete(STORE_ATTR_INFO, (st), (i))
+# define sk_STORE_ATTR_INFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(STORE_ATTR_INFO, (st), (ptr))
+# define sk_STORE_ATTR_INFO_insert(st, val, i) SKM_sk_insert(STORE_ATTR_INFO, (st), (val), (i))
+# define sk_STORE_ATTR_INFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(STORE_ATTR_INFO, (st), (cmp))
+# define sk_STORE_ATTR_INFO_dup(st) SKM_sk_dup(STORE_ATTR_INFO, st)
+# define sk_STORE_ATTR_INFO_pop_free(st, free_func) SKM_sk_pop_free(STORE_ATTR_INFO, (st), (free_func))
+# define sk_STORE_ATTR_INFO_shift(st) SKM_sk_shift(STORE_ATTR_INFO, (st))
+# define sk_STORE_ATTR_INFO_pop(st) SKM_sk_pop(STORE_ATTR_INFO, (st))
+# define sk_STORE_ATTR_INFO_sort(st) SKM_sk_sort(STORE_ATTR_INFO, (st))
+# define sk_STORE_ATTR_INFO_is_sorted(st) SKM_sk_is_sorted(STORE_ATTR_INFO, (st))
+# define sk_STORE_OBJECT_new(cmp) SKM_sk_new(STORE_OBJECT, (cmp))
# define sk_STORE_OBJECT_new_null() SKM_sk_new_null(STORE_OBJECT)
# define sk_STORE_OBJECT_free(st) SKM_sk_free(STORE_OBJECT, (st))
# define sk_STORE_OBJECT_num(st) SKM_sk_num(STORE_OBJECT, (st))
@@ -1344,8 +1595,7 @@
# define sk_STORE_OBJECT_pop(st) SKM_sk_pop(STORE_OBJECT, (st))
# define sk_STORE_OBJECT_sort(st) SKM_sk_sort(STORE_OBJECT, (st))
# define sk_STORE_OBJECT_is_sorted(st) SKM_sk_is_sorted(STORE_OBJECT, (st))
-
-# define sk_SXNETID_new(st) SKM_sk_new(SXNETID, (st))
+# define sk_SXNETID_new(cmp) SKM_sk_new(SXNETID, (cmp))
# define sk_SXNETID_new_null() SKM_sk_new_null(SXNETID)
# define sk_SXNETID_free(st) SKM_sk_free(SXNETID, (st))
# define sk_SXNETID_num(st) SKM_sk_num(SXNETID, (st))
@@ -1366,8 +1616,7 @@
# define sk_SXNETID_pop(st) SKM_sk_pop(SXNETID, (st))
# define sk_SXNETID_sort(st) SKM_sk_sort(SXNETID, (st))
# define sk_SXNETID_is_sorted(st) SKM_sk_is_sorted(SXNETID, (st))
-
-# define sk_UI_STRING_new(st) SKM_sk_new(UI_STRING, (st))
+# define sk_UI_STRING_new(cmp) SKM_sk_new(UI_STRING, (cmp))
# define sk_UI_STRING_new_null() SKM_sk_new_null(UI_STRING)
# define sk_UI_STRING_free(st) SKM_sk_free(UI_STRING, (st))
# define sk_UI_STRING_num(st) SKM_sk_num(UI_STRING, (st))
@@ -1388,8 +1637,7 @@
# define sk_UI_STRING_pop(st) SKM_sk_pop(UI_STRING, (st))
# define sk_UI_STRING_sort(st) SKM_sk_sort(UI_STRING, (st))
# define sk_UI_STRING_is_sorted(st) SKM_sk_is_sorted(UI_STRING, (st))
-
-# define sk_X509_new(st) SKM_sk_new(X509, (st))
+# define sk_X509_new(cmp) SKM_sk_new(X509, (cmp))
# define sk_X509_new_null() SKM_sk_new_null(X509)
# define sk_X509_free(st) SKM_sk_free(X509, (st))
# define sk_X509_num(st) SKM_sk_num(X509, (st))
@@ -1410,8 +1658,7 @@
# define sk_X509_pop(st) SKM_sk_pop(X509, (st))
# define sk_X509_sort(st) SKM_sk_sort(X509, (st))
# define sk_X509_is_sorted(st) SKM_sk_is_sorted(X509, (st))
-
-# define sk_X509V3_EXT_METHOD_new(st) SKM_sk_new(X509V3_EXT_METHOD, (st))
+# define sk_X509V3_EXT_METHOD_new(cmp) SKM_sk_new(X509V3_EXT_METHOD, (cmp))
# define sk_X509V3_EXT_METHOD_new_null() SKM_sk_new_null(X509V3_EXT_METHOD)
# define sk_X509V3_EXT_METHOD_free(st) SKM_sk_free(X509V3_EXT_METHOD, (st))
# define sk_X509V3_EXT_METHOD_num(st) SKM_sk_num(X509V3_EXT_METHOD, (st))
@@ -1432,8 +1679,7 @@
# define sk_X509V3_EXT_METHOD_pop(st) SKM_sk_pop(X509V3_EXT_METHOD, (st))
# define sk_X509V3_EXT_METHOD_sort(st) SKM_sk_sort(X509V3_EXT_METHOD, (st))
# define sk_X509V3_EXT_METHOD_is_sorted(st) SKM_sk_is_sorted(X509V3_EXT_METHOD, (st))
-
-# define sk_X509_ALGOR_new(st) SKM_sk_new(X509_ALGOR, (st))
+# define sk_X509_ALGOR_new(cmp) SKM_sk_new(X509_ALGOR, (cmp))
# define sk_X509_ALGOR_new_null() SKM_sk_new_null(X509_ALGOR)
# define sk_X509_ALGOR_free(st) SKM_sk_free(X509_ALGOR, (st))
# define sk_X509_ALGOR_num(st) SKM_sk_num(X509_ALGOR, (st))
@@ -1454,8 +1700,7 @@
# define sk_X509_ALGOR_pop(st) SKM_sk_pop(X509_ALGOR, (st))
# define sk_X509_ALGOR_sort(st) SKM_sk_sort(X509_ALGOR, (st))
# define sk_X509_ALGOR_is_sorted(st) SKM_sk_is_sorted(X509_ALGOR, (st))
-
-# define sk_X509_ATTRIBUTE_new(st) SKM_sk_new(X509_ATTRIBUTE, (st))
+# define sk_X509_ATTRIBUTE_new(cmp) SKM_sk_new(X509_ATTRIBUTE, (cmp))
# define sk_X509_ATTRIBUTE_new_null() SKM_sk_new_null(X509_ATTRIBUTE)
# define sk_X509_ATTRIBUTE_free(st) SKM_sk_free(X509_ATTRIBUTE, (st))
# define sk_X509_ATTRIBUTE_num(st) SKM_sk_num(X509_ATTRIBUTE, (st))
@@ -1476,8 +1721,7 @@
# define sk_X509_ATTRIBUTE_pop(st) SKM_sk_pop(X509_ATTRIBUTE, (st))
# define sk_X509_ATTRIBUTE_sort(st) SKM_sk_sort(X509_ATTRIBUTE, (st))
# define sk_X509_ATTRIBUTE_is_sorted(st) SKM_sk_is_sorted(X509_ATTRIBUTE, (st))
-
-# define sk_X509_CRL_new(st) SKM_sk_new(X509_CRL, (st))
+# define sk_X509_CRL_new(cmp) SKM_sk_new(X509_CRL, (cmp))
# define sk_X509_CRL_new_null() SKM_sk_new_null(X509_CRL)
# define sk_X509_CRL_free(st) SKM_sk_free(X509_CRL, (st))
# define sk_X509_CRL_num(st) SKM_sk_num(X509_CRL, (st))
@@ -1498,8 +1742,7 @@
# define sk_X509_CRL_pop(st) SKM_sk_pop(X509_CRL, (st))
# define sk_X509_CRL_sort(st) SKM_sk_sort(X509_CRL, (st))
# define sk_X509_CRL_is_sorted(st) SKM_sk_is_sorted(X509_CRL, (st))
-
-# define sk_X509_EXTENSION_new(st) SKM_sk_new(X509_EXTENSION, (st))
+# define sk_X509_EXTENSION_new(cmp) SKM_sk_new(X509_EXTENSION, (cmp))
# define sk_X509_EXTENSION_new_null() SKM_sk_new_null(X509_EXTENSION)
# define sk_X509_EXTENSION_free(st) SKM_sk_free(X509_EXTENSION, (st))
# define sk_X509_EXTENSION_num(st) SKM_sk_num(X509_EXTENSION, (st))
@@ -1520,8 +1763,7 @@
# define sk_X509_EXTENSION_pop(st) SKM_sk_pop(X509_EXTENSION, (st))
# define sk_X509_EXTENSION_sort(st) SKM_sk_sort(X509_EXTENSION, (st))
# define sk_X509_EXTENSION_is_sorted(st) SKM_sk_is_sorted(X509_EXTENSION, (st))
-
-# define sk_X509_INFO_new(st) SKM_sk_new(X509_INFO, (st))
+# define sk_X509_INFO_new(cmp) SKM_sk_new(X509_INFO, (cmp))
# define sk_X509_INFO_new_null() SKM_sk_new_null(X509_INFO)
# define sk_X509_INFO_free(st) SKM_sk_free(X509_INFO, (st))
# define sk_X509_INFO_num(st) SKM_sk_num(X509_INFO, (st))
@@ -1542,8 +1784,7 @@
# define sk_X509_INFO_pop(st) SKM_sk_pop(X509_INFO, (st))
# define sk_X509_INFO_sort(st) SKM_sk_sort(X509_INFO, (st))
# define sk_X509_INFO_is_sorted(st) SKM_sk_is_sorted(X509_INFO, (st))
-
-# define sk_X509_LOOKUP_new(st) SKM_sk_new(X509_LOOKUP, (st))
+# define sk_X509_LOOKUP_new(cmp) SKM_sk_new(X509_LOOKUP, (cmp))
# define sk_X509_LOOKUP_new_null() SKM_sk_new_null(X509_LOOKUP)
# define sk_X509_LOOKUP_free(st) SKM_sk_free(X509_LOOKUP, (st))
# define sk_X509_LOOKUP_num(st) SKM_sk_num(X509_LOOKUP, (st))
@@ -1564,8 +1805,7 @@
# define sk_X509_LOOKUP_pop(st) SKM_sk_pop(X509_LOOKUP, (st))
# define sk_X509_LOOKUP_sort(st) SKM_sk_sort(X509_LOOKUP, (st))
# define sk_X509_LOOKUP_is_sorted(st) SKM_sk_is_sorted(X509_LOOKUP, (st))
-
-# define sk_X509_NAME_new(st) SKM_sk_new(X509_NAME, (st))
+# define sk_X509_NAME_new(cmp) SKM_sk_new(X509_NAME, (cmp))
# define sk_X509_NAME_new_null() SKM_sk_new_null(X509_NAME)
# define sk_X509_NAME_free(st) SKM_sk_free(X509_NAME, (st))
# define sk_X509_NAME_num(st) SKM_sk_num(X509_NAME, (st))
@@ -1586,8 +1826,7 @@
# define sk_X509_NAME_pop(st) SKM_sk_pop(X509_NAME, (st))
# define sk_X509_NAME_sort(st) SKM_sk_sort(X509_NAME, (st))
# define sk_X509_NAME_is_sorted(st) SKM_sk_is_sorted(X509_NAME, (st))
-
-# define sk_X509_NAME_ENTRY_new(st) SKM_sk_new(X509_NAME_ENTRY, (st))
+# define sk_X509_NAME_ENTRY_new(cmp) SKM_sk_new(X509_NAME_ENTRY, (cmp))
# define sk_X509_NAME_ENTRY_new_null() SKM_sk_new_null(X509_NAME_ENTRY)
# define sk_X509_NAME_ENTRY_free(st) SKM_sk_free(X509_NAME_ENTRY, (st))
# define sk_X509_NAME_ENTRY_num(st) SKM_sk_num(X509_NAME_ENTRY, (st))
@@ -1608,8 +1847,7 @@
# define sk_X509_NAME_ENTRY_pop(st) SKM_sk_pop(X509_NAME_ENTRY, (st))
# define sk_X509_NAME_ENTRY_sort(st) SKM_sk_sort(X509_NAME_ENTRY, (st))
# define sk_X509_NAME_ENTRY_is_sorted(st) SKM_sk_is_sorted(X509_NAME_ENTRY, (st))
-
-# define sk_X509_OBJECT_new(st) SKM_sk_new(X509_OBJECT, (st))
+# define sk_X509_OBJECT_new(cmp) SKM_sk_new(X509_OBJECT, (cmp))
# define sk_X509_OBJECT_new_null() SKM_sk_new_null(X509_OBJECT)
# define sk_X509_OBJECT_free(st) SKM_sk_free(X509_OBJECT, (st))
# define sk_X509_OBJECT_num(st) SKM_sk_num(X509_OBJECT, (st))
@@ -1630,8 +1868,7 @@
# define sk_X509_OBJECT_pop(st) SKM_sk_pop(X509_OBJECT, (st))
# define sk_X509_OBJECT_sort(st) SKM_sk_sort(X509_OBJECT, (st))
# define sk_X509_OBJECT_is_sorted(st) SKM_sk_is_sorted(X509_OBJECT, (st))
-
-# define sk_X509_POLICY_DATA_new(st) SKM_sk_new(X509_POLICY_DATA, (st))
+# define sk_X509_POLICY_DATA_new(cmp) SKM_sk_new(X509_POLICY_DATA, (cmp))
# define sk_X509_POLICY_DATA_new_null() SKM_sk_new_null(X509_POLICY_DATA)
# define sk_X509_POLICY_DATA_free(st) SKM_sk_free(X509_POLICY_DATA, (st))
# define sk_X509_POLICY_DATA_num(st) SKM_sk_num(X509_POLICY_DATA, (st))
@@ -1652,8 +1889,7 @@
# define sk_X509_POLICY_DATA_pop(st) SKM_sk_pop(X509_POLICY_DATA, (st))
# define sk_X509_POLICY_DATA_sort(st) SKM_sk_sort(X509_POLICY_DATA, (st))
# define sk_X509_POLICY_DATA_is_sorted(st) SKM_sk_is_sorted(X509_POLICY_DATA, (st))
-
-# define sk_X509_POLICY_NODE_new(st) SKM_sk_new(X509_POLICY_NODE, (st))
+# define sk_X509_POLICY_NODE_new(cmp) SKM_sk_new(X509_POLICY_NODE, (cmp))
# define sk_X509_POLICY_NODE_new_null() SKM_sk_new_null(X509_POLICY_NODE)
# define sk_X509_POLICY_NODE_free(st) SKM_sk_free(X509_POLICY_NODE, (st))
# define sk_X509_POLICY_NODE_num(st) SKM_sk_num(X509_POLICY_NODE, (st))
@@ -1674,30 +1910,7 @@
# define sk_X509_POLICY_NODE_pop(st) SKM_sk_pop(X509_POLICY_NODE, (st))
# define sk_X509_POLICY_NODE_sort(st) SKM_sk_sort(X509_POLICY_NODE, (st))
# define sk_X509_POLICY_NODE_is_sorted(st) SKM_sk_is_sorted(X509_POLICY_NODE, (st))
-
-# define sk_X509_POLICY_REF_new(st) SKM_sk_new(X509_POLICY_REF, (st))
-# define sk_X509_POLICY_REF_new_null() SKM_sk_new_null(X509_POLICY_REF)
-# define sk_X509_POLICY_REF_free(st) SKM_sk_free(X509_POLICY_REF, (st))
-# define sk_X509_POLICY_REF_num(st) SKM_sk_num(X509_POLICY_REF, (st))
-# define sk_X509_POLICY_REF_value(st, i) SKM_sk_value(X509_POLICY_REF, (st), (i))
-# define sk_X509_POLICY_REF_set(st, i, val) SKM_sk_set(X509_POLICY_REF, (st), (i), (val))
-# define sk_X509_POLICY_REF_zero(st) SKM_sk_zero(X509_POLICY_REF, (st))
-# define sk_X509_POLICY_REF_push(st, val) SKM_sk_push(X509_POLICY_REF, (st), (val))
-# define sk_X509_POLICY_REF_unshift(st, val) SKM_sk_unshift(X509_POLICY_REF, (st), (val))
-# define sk_X509_POLICY_REF_find(st, val) SKM_sk_find(X509_POLICY_REF, (st), (val))
-# define sk_X509_POLICY_REF_find_ex(st, val) SKM_sk_find_ex(X509_POLICY_REF, (st), (val))
-# define sk_X509_POLICY_REF_delete(st, i) SKM_sk_delete(X509_POLICY_REF, (st), (i))
-# define sk_X509_POLICY_REF_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_POLICY_REF, (st), (ptr))
-# define sk_X509_POLICY_REF_insert(st, val, i) SKM_sk_insert(X509_POLICY_REF, (st), (val), (i))
-# define sk_X509_POLICY_REF_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_POLICY_REF, (st), (cmp))
-# define sk_X509_POLICY_REF_dup(st) SKM_sk_dup(X509_POLICY_REF, st)
-# define sk_X509_POLICY_REF_pop_free(st, free_func) SKM_sk_pop_free(X509_POLICY_REF, (st), (free_func))
-# define sk_X509_POLICY_REF_shift(st) SKM_sk_shift(X509_POLICY_REF, (st))
-# define sk_X509_POLICY_REF_pop(st) SKM_sk_pop(X509_POLICY_REF, (st))
-# define sk_X509_POLICY_REF_sort(st) SKM_sk_sort(X509_POLICY_REF, (st))
-# define sk_X509_POLICY_REF_is_sorted(st) SKM_sk_is_sorted(X509_POLICY_REF, (st))
-
-# define sk_X509_PURPOSE_new(st) SKM_sk_new(X509_PURPOSE, (st))
+# define sk_X509_PURPOSE_new(cmp) SKM_sk_new(X509_PURPOSE, (cmp))
# define sk_X509_PURPOSE_new_null() SKM_sk_new_null(X509_PURPOSE)
# define sk_X509_PURPOSE_free(st) SKM_sk_free(X509_PURPOSE, (st))
# define sk_X509_PURPOSE_num(st) SKM_sk_num(X509_PURPOSE, (st))
@@ -1718,8 +1931,7 @@
# define sk_X509_PURPOSE_pop(st) SKM_sk_pop(X509_PURPOSE, (st))
# define sk_X509_PURPOSE_sort(st) SKM_sk_sort(X509_PURPOSE, (st))
# define sk_X509_PURPOSE_is_sorted(st) SKM_sk_is_sorted(X509_PURPOSE, (st))
-
-# define sk_X509_REVOKED_new(st) SKM_sk_new(X509_REVOKED, (st))
+# define sk_X509_REVOKED_new(cmp) SKM_sk_new(X509_REVOKED, (cmp))
# define sk_X509_REVOKED_new_null() SKM_sk_new_null(X509_REVOKED)
# define sk_X509_REVOKED_free(st) SKM_sk_free(X509_REVOKED, (st))
# define sk_X509_REVOKED_num(st) SKM_sk_num(X509_REVOKED, (st))
@@ -1740,8 +1952,7 @@
# define sk_X509_REVOKED_pop(st) SKM_sk_pop(X509_REVOKED, (st))
# define sk_X509_REVOKED_sort(st) SKM_sk_sort(X509_REVOKED, (st))
# define sk_X509_REVOKED_is_sorted(st) SKM_sk_is_sorted(X509_REVOKED, (st))
-
-# define sk_X509_TRUST_new(st) SKM_sk_new(X509_TRUST, (st))
+# define sk_X509_TRUST_new(cmp) SKM_sk_new(X509_TRUST, (cmp))
# define sk_X509_TRUST_new_null() SKM_sk_new_null(X509_TRUST)
# define sk_X509_TRUST_free(st) SKM_sk_free(X509_TRUST, (st))
# define sk_X509_TRUST_num(st) SKM_sk_num(X509_TRUST, (st))
@@ -1762,8 +1973,7 @@
# define sk_X509_TRUST_pop(st) SKM_sk_pop(X509_TRUST, (st))
# define sk_X509_TRUST_sort(st) SKM_sk_sort(X509_TRUST, (st))
# define sk_X509_TRUST_is_sorted(st) SKM_sk_is_sorted(X509_TRUST, (st))
-
-# define sk_X509_VERIFY_PARAM_new(st) SKM_sk_new(X509_VERIFY_PARAM, (st))
+# define sk_X509_VERIFY_PARAM_new(cmp) SKM_sk_new(X509_VERIFY_PARAM, (cmp))
# define sk_X509_VERIFY_PARAM_new_null() SKM_sk_new_null(X509_VERIFY_PARAM)
# define sk_X509_VERIFY_PARAM_free(st) SKM_sk_free(X509_VERIFY_PARAM, (st))
# define sk_X509_VERIFY_PARAM_num(st) SKM_sk_num(X509_VERIFY_PARAM, (st))
@@ -1784,7 +1994,117 @@
# define sk_X509_VERIFY_PARAM_pop(st) SKM_sk_pop(X509_VERIFY_PARAM, (st))
# define sk_X509_VERIFY_PARAM_sort(st) SKM_sk_sort(X509_VERIFY_PARAM, (st))
# define sk_X509_VERIFY_PARAM_is_sorted(st) SKM_sk_is_sorted(X509_VERIFY_PARAM, (st))
-
+# define sk_nid_triple_new(cmp) SKM_sk_new(nid_triple, (cmp))
+# define sk_nid_triple_new_null() SKM_sk_new_null(nid_triple)
+# define sk_nid_triple_free(st) SKM_sk_free(nid_triple, (st))
+# define sk_nid_triple_num(st) SKM_sk_num(nid_triple, (st))
+# define sk_nid_triple_value(st, i) SKM_sk_value(nid_triple, (st), (i))
+# define sk_nid_triple_set(st, i, val) SKM_sk_set(nid_triple, (st), (i), (val))
+# define sk_nid_triple_zero(st) SKM_sk_zero(nid_triple, (st))
+# define sk_nid_triple_push(st, val) SKM_sk_push(nid_triple, (st), (val))
+# define sk_nid_triple_unshift(st, val) SKM_sk_unshift(nid_triple, (st), (val))
+# define sk_nid_triple_find(st, val) SKM_sk_find(nid_triple, (st), (val))
+# define sk_nid_triple_find_ex(st, val) SKM_sk_find_ex(nid_triple, (st), (val))
+# define sk_nid_triple_delete(st, i) SKM_sk_delete(nid_triple, (st), (i))
+# define sk_nid_triple_delete_ptr(st, ptr) SKM_sk_delete_ptr(nid_triple, (st), (ptr))
+# define sk_nid_triple_insert(st, val, i) SKM_sk_insert(nid_triple, (st), (val), (i))
+# define sk_nid_triple_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(nid_triple, (st), (cmp))
+# define sk_nid_triple_dup(st) SKM_sk_dup(nid_triple, st)
+# define sk_nid_triple_pop_free(st, free_func) SKM_sk_pop_free(nid_triple, (st), (free_func))
+# define sk_nid_triple_shift(st) SKM_sk_shift(nid_triple, (st))
+# define sk_nid_triple_pop(st) SKM_sk_pop(nid_triple, (st))
+# define sk_nid_triple_sort(st) SKM_sk_sort(nid_triple, (st))
+# define sk_nid_triple_is_sorted(st) SKM_sk_is_sorted(nid_triple, (st))
+# define sk_void_new(cmp) SKM_sk_new(void, (cmp))
+# define sk_void_new_null() SKM_sk_new_null(void)
+# define sk_void_free(st) SKM_sk_free(void, (st))
+# define sk_void_num(st) SKM_sk_num(void, (st))
+# define sk_void_value(st, i) SKM_sk_value(void, (st), (i))
+# define sk_void_set(st, i, val) SKM_sk_set(void, (st), (i), (val))
+# define sk_void_zero(st) SKM_sk_zero(void, (st))
+# define sk_void_push(st, val) SKM_sk_push(void, (st), (val))
+# define sk_void_unshift(st, val) SKM_sk_unshift(void, (st), (val))
+# define sk_void_find(st, val) SKM_sk_find(void, (st), (val))
+# define sk_void_find_ex(st, val) SKM_sk_find_ex(void, (st), (val))
+# define sk_void_delete(st, i) SKM_sk_delete(void, (st), (i))
+# define sk_void_delete_ptr(st, ptr) SKM_sk_delete_ptr(void, (st), (ptr))
+# define sk_void_insert(st, val, i) SKM_sk_insert(void, (st), (val), (i))
+# define sk_void_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(void, (st), (cmp))
+# define sk_void_dup(st) SKM_sk_dup(void, st)
+# define sk_void_pop_free(st, free_func) SKM_sk_pop_free(void, (st), (free_func))
+# define sk_void_shift(st) SKM_sk_shift(void, (st))
+# define sk_void_pop(st) SKM_sk_pop(void, (st))
+# define sk_void_sort(st) SKM_sk_sort(void, (st))
+# define sk_void_is_sorted(st) SKM_sk_is_sorted(void, (st))
+# define sk_OPENSSL_STRING_new(cmp) ((STACK_OF(OPENSSL_STRING) *)sk_new(CHECKED_SK_CMP_FUNC(char, cmp)))
+# define sk_OPENSSL_STRING_new_null() ((STACK_OF(OPENSSL_STRING) *)sk_new_null())
+# define sk_OPENSSL_STRING_push(st, val) sk_push(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_PTR_OF(char, val))
+# define sk_OPENSSL_STRING_find(st, val) sk_find(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_PTR_OF(char, val))
+# define sk_OPENSSL_STRING_value(st, i) ((OPENSSL_STRING)sk_value(CHECKED_STACK_OF(OPENSSL_STRING, st), i))
+# define sk_OPENSSL_STRING_num(st) SKM_sk_num(OPENSSL_STRING, st)
+# define sk_OPENSSL_STRING_pop_free(st, free_func) sk_pop_free(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_SK_FREE_FUNC2(OPENSSL_STRING, free_func))
+# define sk_OPENSSL_STRING_insert(st, val, i) sk_insert(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_PTR_OF(char, val), i)
+# define sk_OPENSSL_STRING_free(st) SKM_sk_free(OPENSSL_STRING, st)
+# define sk_OPENSSL_STRING_set(st, i, val) sk_set(CHECKED_STACK_OF(OPENSSL_STRING, st), i, CHECKED_PTR_OF(char, val))
+# define sk_OPENSSL_STRING_zero(st) SKM_sk_zero(OPENSSL_STRING, (st))
+# define sk_OPENSSL_STRING_unshift(st, val) sk_unshift(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_PTR_OF(char, val))
+# define sk_OPENSSL_STRING_find_ex(st, val) sk_find_ex((_STACK *)CHECKED_CONST_PTR_OF(STACK_OF(OPENSSL_STRING), st), CHECKED_CONST_PTR_OF(char, val))
+# define sk_OPENSSL_STRING_delete(st, i) SKM_sk_delete(OPENSSL_STRING, (st), (i))
+# define sk_OPENSSL_STRING_delete_ptr(st, ptr) (OPENSSL_STRING *)sk_delete_ptr(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_PTR_OF(char, ptr))
+# define sk_OPENSSL_STRING_set_cmp_func(st, cmp) \
+ ((int (*)(const char * const *,const char * const *)) \
+ sk_set_cmp_func(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_SK_CMP_FUNC(char, cmp)))
+# define sk_OPENSSL_STRING_dup(st) SKM_sk_dup(OPENSSL_STRING, st)
+# define sk_OPENSSL_STRING_shift(st) SKM_sk_shift(OPENSSL_STRING, (st))
+# define sk_OPENSSL_STRING_pop(st) (char *)sk_pop(CHECKED_STACK_OF(OPENSSL_STRING, st))
+# define sk_OPENSSL_STRING_sort(st) SKM_sk_sort(OPENSSL_STRING, (st))
+# define sk_OPENSSL_STRING_is_sorted(st) SKM_sk_is_sorted(OPENSSL_STRING, (st))
+# define sk_OPENSSL_BLOCK_new(cmp) ((STACK_OF(OPENSSL_BLOCK) *)sk_new(CHECKED_SK_CMP_FUNC(void, cmp)))
+# define sk_OPENSSL_BLOCK_new_null() ((STACK_OF(OPENSSL_BLOCK) *)sk_new_null())
+# define sk_OPENSSL_BLOCK_push(st, val) sk_push(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_PTR_OF(void, val))
+# define sk_OPENSSL_BLOCK_find(st, val) sk_find(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_PTR_OF(void, val))
+# define sk_OPENSSL_BLOCK_value(st, i) ((OPENSSL_BLOCK)sk_value(CHECKED_STACK_OF(OPENSSL_BLOCK, st), i))
+# define sk_OPENSSL_BLOCK_num(st) SKM_sk_num(OPENSSL_BLOCK, st)
+# define sk_OPENSSL_BLOCK_pop_free(st, free_func) sk_pop_free(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_SK_FREE_FUNC2(OPENSSL_BLOCK, free_func))
+# define sk_OPENSSL_BLOCK_insert(st, val, i) sk_insert(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_PTR_OF(void, val), i)
+# define sk_OPENSSL_BLOCK_free(st) SKM_sk_free(OPENSSL_BLOCK, st)
+# define sk_OPENSSL_BLOCK_set(st, i, val) sk_set(CHECKED_STACK_OF(OPENSSL_BLOCK, st), i, CHECKED_PTR_OF(void, val))
+# define sk_OPENSSL_BLOCK_zero(st) SKM_sk_zero(OPENSSL_BLOCK, (st))
+# define sk_OPENSSL_BLOCK_unshift(st, val) sk_unshift(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_PTR_OF(void, val))
+# define sk_OPENSSL_BLOCK_find_ex(st, val) sk_find_ex((_STACK *)CHECKED_CONST_PTR_OF(STACK_OF(OPENSSL_BLOCK), st), CHECKED_CONST_PTR_OF(void, val))
+# define sk_OPENSSL_BLOCK_delete(st, i) SKM_sk_delete(OPENSSL_BLOCK, (st), (i))
+# define sk_OPENSSL_BLOCK_delete_ptr(st, ptr) (OPENSSL_BLOCK *)sk_delete_ptr(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_PTR_OF(void, ptr))
+# define sk_OPENSSL_BLOCK_set_cmp_func(st, cmp) \
+ ((int (*)(const void * const *,const void * const *)) \
+ sk_set_cmp_func(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_SK_CMP_FUNC(void, cmp)))
+# define sk_OPENSSL_BLOCK_dup(st) SKM_sk_dup(OPENSSL_BLOCK, st)
+# define sk_OPENSSL_BLOCK_shift(st) SKM_sk_shift(OPENSSL_BLOCK, (st))
+# define sk_OPENSSL_BLOCK_pop(st) (void *)sk_pop(CHECKED_STACK_OF(OPENSSL_BLOCK, st))
+# define sk_OPENSSL_BLOCK_sort(st) SKM_sk_sort(OPENSSL_BLOCK, (st))
+# define sk_OPENSSL_BLOCK_is_sorted(st) SKM_sk_is_sorted(OPENSSL_BLOCK, (st))
+# define sk_OPENSSL_PSTRING_new(cmp) ((STACK_OF(OPENSSL_PSTRING) *)sk_new(CHECKED_SK_CMP_FUNC(OPENSSL_STRING, cmp)))
+# define sk_OPENSSL_PSTRING_new_null() ((STACK_OF(OPENSSL_PSTRING) *)sk_new_null())
+# define sk_OPENSSL_PSTRING_push(st, val) sk_push(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val))
+# define sk_OPENSSL_PSTRING_find(st, val) sk_find(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val))
+# define sk_OPENSSL_PSTRING_value(st, i) ((OPENSSL_PSTRING)sk_value(CHECKED_STACK_OF(OPENSSL_PSTRING, st), i))
+# define sk_OPENSSL_PSTRING_num(st) SKM_sk_num(OPENSSL_PSTRING, st)
+# define sk_OPENSSL_PSTRING_pop_free(st, free_func) sk_pop_free(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_SK_FREE_FUNC2(OPENSSL_PSTRING, free_func))
+# define sk_OPENSSL_PSTRING_insert(st, val, i) sk_insert(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val), i)
+# define sk_OPENSSL_PSTRING_free(st) SKM_sk_free(OPENSSL_PSTRING, st)
+# define sk_OPENSSL_PSTRING_set(st, i, val) sk_set(CHECKED_STACK_OF(OPENSSL_PSTRING, st), i, CHECKED_PTR_OF(OPENSSL_STRING, val))
+# define sk_OPENSSL_PSTRING_zero(st) SKM_sk_zero(OPENSSL_PSTRING, (st))
+# define sk_OPENSSL_PSTRING_unshift(st, val) sk_unshift(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val))
+# define sk_OPENSSL_PSTRING_find_ex(st, val) sk_find_ex((_STACK *)CHECKED_CONST_PTR_OF(STACK_OF(OPENSSL_PSTRING), st), CHECKED_CONST_PTR_OF(OPENSSL_STRING, val))
+# define sk_OPENSSL_PSTRING_delete(st, i) SKM_sk_delete(OPENSSL_PSTRING, (st), (i))
+# define sk_OPENSSL_PSTRING_delete_ptr(st, ptr) (OPENSSL_PSTRING *)sk_delete_ptr(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, ptr))
+# define sk_OPENSSL_PSTRING_set_cmp_func(st, cmp) \
+ ((int (*)(const OPENSSL_STRING * const *,const OPENSSL_STRING * const *)) \
+ sk_set_cmp_func(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_SK_CMP_FUNC(OPENSSL_STRING, cmp)))
+# define sk_OPENSSL_PSTRING_dup(st) SKM_sk_dup(OPENSSL_PSTRING, st)
+# define sk_OPENSSL_PSTRING_shift(st) SKM_sk_shift(OPENSSL_PSTRING, (st))
+# define sk_OPENSSL_PSTRING_pop(st) (OPENSSL_STRING *)sk_pop(CHECKED_STACK_OF(OPENSSL_PSTRING, st))
+# define sk_OPENSSL_PSTRING_sort(st) SKM_sk_sort(OPENSSL_PSTRING, (st))
+# define sk_OPENSSL_PSTRING_is_sorted(st) SKM_sk_is_sorted(OPENSSL_PSTRING, (st))
# define d2i_ASN1_SET_OF_ACCESS_DESCRIPTION(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
SKM_ASN1_SET_OF_d2i(ACCESS_DESCRIPTION, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
# define i2d_ASN1_SET_OF_ACCESS_DESCRIPTION(st, pp, i2d_func, ex_tag, ex_class, is_set) \
@@ -1793,7 +2113,6 @@
SKM_ASN1_seq_pack(ACCESS_DESCRIPTION, (st), (i2d_func), (buf), (len))
# define ASN1_seq_unpack_ACCESS_DESCRIPTION(buf, len, d2i_func, free_func) \
SKM_ASN1_seq_unpack(ACCESS_DESCRIPTION, (buf), (len), (d2i_func), (free_func))
-
# define d2i_ASN1_SET_OF_ASN1_INTEGER(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
SKM_ASN1_SET_OF_d2i(ASN1_INTEGER, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
# define i2d_ASN1_SET_OF_ASN1_INTEGER(st, pp, i2d_func, ex_tag, ex_class, is_set) \
@@ -1802,7 +2121,6 @@
SKM_ASN1_seq_pack(ASN1_INTEGER, (st), (i2d_func), (buf), (len))
# define ASN1_seq_unpack_ASN1_INTEGER(buf, len, d2i_func, free_func) \
SKM_ASN1_seq_unpack(ASN1_INTEGER, (buf), (len), (d2i_func), (free_func))
-
# define d2i_ASN1_SET_OF_ASN1_OBJECT(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
SKM_ASN1_SET_OF_d2i(ASN1_OBJECT, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
# define i2d_ASN1_SET_OF_ASN1_OBJECT(st, pp, i2d_func, ex_tag, ex_class, is_set) \
@@ -1811,7 +2129,6 @@
SKM_ASN1_seq_pack(ASN1_OBJECT, (st), (i2d_func), (buf), (len))
# define ASN1_seq_unpack_ASN1_OBJECT(buf, len, d2i_func, free_func) \
SKM_ASN1_seq_unpack(ASN1_OBJECT, (buf), (len), (d2i_func), (free_func))
-
# define d2i_ASN1_SET_OF_ASN1_TYPE(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
SKM_ASN1_SET_OF_d2i(ASN1_TYPE, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
# define i2d_ASN1_SET_OF_ASN1_TYPE(st, pp, i2d_func, ex_tag, ex_class, is_set) \
@@ -1820,7 +2137,14 @@
SKM_ASN1_seq_pack(ASN1_TYPE, (st), (i2d_func), (buf), (len))
# define ASN1_seq_unpack_ASN1_TYPE(buf, len, d2i_func, free_func) \
SKM_ASN1_seq_unpack(ASN1_TYPE, (buf), (len), (d2i_func), (free_func))
-
+# define d2i_ASN1_SET_OF_ASN1_UTF8STRING(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
+ SKM_ASN1_SET_OF_d2i(ASN1_UTF8STRING, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
+# define i2d_ASN1_SET_OF_ASN1_UTF8STRING(st, pp, i2d_func, ex_tag, ex_class, is_set) \
+ SKM_ASN1_SET_OF_i2d(ASN1_UTF8STRING, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
+# define ASN1_seq_pack_ASN1_UTF8STRING(st, i2d_func, buf, len) \
+ SKM_ASN1_seq_pack(ASN1_UTF8STRING, (st), (i2d_func), (buf), (len))
+# define ASN1_seq_unpack_ASN1_UTF8STRING(buf, len, d2i_func, free_func) \
+ SKM_ASN1_seq_unpack(ASN1_UTF8STRING, (buf), (len), (d2i_func), (free_func))
# define d2i_ASN1_SET_OF_DIST_POINT(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
SKM_ASN1_SET_OF_d2i(DIST_POINT, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
# define i2d_ASN1_SET_OF_DIST_POINT(st, pp, i2d_func, ex_tag, ex_class, is_set) \
@@ -1829,7 +2153,22 @@
SKM_ASN1_seq_pack(DIST_POINT, (st), (i2d_func), (buf), (len))
# define ASN1_seq_unpack_DIST_POINT(buf, len, d2i_func, free_func) \
SKM_ASN1_seq_unpack(DIST_POINT, (buf), (len), (d2i_func), (free_func))
-
+# define d2i_ASN1_SET_OF_ESS_CERT_ID(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
+ SKM_ASN1_SET_OF_d2i(ESS_CERT_ID, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
+# define i2d_ASN1_SET_OF_ESS_CERT_ID(st, pp, i2d_func, ex_tag, ex_class, is_set) \
+ SKM_ASN1_SET_OF_i2d(ESS_CERT_ID, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
+# define ASN1_seq_pack_ESS_CERT_ID(st, i2d_func, buf, len) \
+ SKM_ASN1_seq_pack(ESS_CERT_ID, (st), (i2d_func), (buf), (len))
+# define ASN1_seq_unpack_ESS_CERT_ID(buf, len, d2i_func, free_func) \
+ SKM_ASN1_seq_unpack(ESS_CERT_ID, (buf), (len), (d2i_func), (free_func))
+# define d2i_ASN1_SET_OF_EVP_MD(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
+ SKM_ASN1_SET_OF_d2i(EVP_MD, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
+# define i2d_ASN1_SET_OF_EVP_MD(st, pp, i2d_func, ex_tag, ex_class, is_set) \
+ SKM_ASN1_SET_OF_i2d(EVP_MD, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
+# define ASN1_seq_pack_EVP_MD(st, i2d_func, buf, len) \
+ SKM_ASN1_seq_pack(EVP_MD, (st), (i2d_func), (buf), (len))
+# define ASN1_seq_unpack_EVP_MD(buf, len, d2i_func, free_func) \
+ SKM_ASN1_seq_unpack(EVP_MD, (buf), (len), (d2i_func), (free_func))
# define d2i_ASN1_SET_OF_GENERAL_NAME(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
SKM_ASN1_SET_OF_d2i(GENERAL_NAME, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
# define i2d_ASN1_SET_OF_GENERAL_NAME(st, pp, i2d_func, ex_tag, ex_class, is_set) \
@@ -1838,7 +2177,6 @@
SKM_ASN1_seq_pack(GENERAL_NAME, (st), (i2d_func), (buf), (len))
# define ASN1_seq_unpack_GENERAL_NAME(buf, len, d2i_func, free_func) \
SKM_ASN1_seq_unpack(GENERAL_NAME, (buf), (len), (d2i_func), (free_func))
-
# define d2i_ASN1_SET_OF_OCSP_ONEREQ(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
SKM_ASN1_SET_OF_d2i(OCSP_ONEREQ, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
# define i2d_ASN1_SET_OF_OCSP_ONEREQ(st, pp, i2d_func, ex_tag, ex_class, is_set) \
@@ -1847,7 +2185,6 @@
SKM_ASN1_seq_pack(OCSP_ONEREQ, (st), (i2d_func), (buf), (len))
# define ASN1_seq_unpack_OCSP_ONEREQ(buf, len, d2i_func, free_func) \
SKM_ASN1_seq_unpack(OCSP_ONEREQ, (buf), (len), (d2i_func), (free_func))
-
# define d2i_ASN1_SET_OF_OCSP_SINGLERESP(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
SKM_ASN1_SET_OF_d2i(OCSP_SINGLERESP, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
# define i2d_ASN1_SET_OF_OCSP_SINGLERESP(st, pp, i2d_func, ex_tag, ex_class, is_set) \
@@ -1856,7 +2193,6 @@
SKM_ASN1_seq_pack(OCSP_SINGLERESP, (st), (i2d_func), (buf), (len))
# define ASN1_seq_unpack_OCSP_SINGLERESP(buf, len, d2i_func, free_func) \
SKM_ASN1_seq_unpack(OCSP_SINGLERESP, (buf), (len), (d2i_func), (free_func))
-
# define d2i_ASN1_SET_OF_PKCS12_SAFEBAG(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
SKM_ASN1_SET_OF_d2i(PKCS12_SAFEBAG, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
# define i2d_ASN1_SET_OF_PKCS12_SAFEBAG(st, pp, i2d_func, ex_tag, ex_class, is_set) \
@@ -1865,7 +2201,6 @@
SKM_ASN1_seq_pack(PKCS12_SAFEBAG, (st), (i2d_func), (buf), (len))
# define ASN1_seq_unpack_PKCS12_SAFEBAG(buf, len, d2i_func, free_func) \
SKM_ASN1_seq_unpack(PKCS12_SAFEBAG, (buf), (len), (d2i_func), (free_func))
-
# define d2i_ASN1_SET_OF_PKCS7(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
SKM_ASN1_SET_OF_d2i(PKCS7, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
# define i2d_ASN1_SET_OF_PKCS7(st, pp, i2d_func, ex_tag, ex_class, is_set) \
@@ -1874,7 +2209,6 @@
SKM_ASN1_seq_pack(PKCS7, (st), (i2d_func), (buf), (len))
# define ASN1_seq_unpack_PKCS7(buf, len, d2i_func, free_func) \
SKM_ASN1_seq_unpack(PKCS7, (buf), (len), (d2i_func), (free_func))
-
# define d2i_ASN1_SET_OF_PKCS7_RECIP_INFO(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
SKM_ASN1_SET_OF_d2i(PKCS7_RECIP_INFO, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
# define i2d_ASN1_SET_OF_PKCS7_RECIP_INFO(st, pp, i2d_func, ex_tag, ex_class, is_set) \
@@ -1883,7 +2217,6 @@
SKM_ASN1_seq_pack(PKCS7_RECIP_INFO, (st), (i2d_func), (buf), (len))
# define ASN1_seq_unpack_PKCS7_RECIP_INFO(buf, len, d2i_func, free_func) \
SKM_ASN1_seq_unpack(PKCS7_RECIP_INFO, (buf), (len), (d2i_func), (free_func))
-
# define d2i_ASN1_SET_OF_PKCS7_SIGNER_INFO(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
SKM_ASN1_SET_OF_d2i(PKCS7_SIGNER_INFO, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
# define i2d_ASN1_SET_OF_PKCS7_SIGNER_INFO(st, pp, i2d_func, ex_tag, ex_class, is_set) \
@@ -1892,7 +2225,6 @@
SKM_ASN1_seq_pack(PKCS7_SIGNER_INFO, (st), (i2d_func), (buf), (len))
# define ASN1_seq_unpack_PKCS7_SIGNER_INFO(buf, len, d2i_func, free_func) \
SKM_ASN1_seq_unpack(PKCS7_SIGNER_INFO, (buf), (len), (d2i_func), (free_func))
-
# define d2i_ASN1_SET_OF_POLICYINFO(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
SKM_ASN1_SET_OF_d2i(POLICYINFO, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
# define i2d_ASN1_SET_OF_POLICYINFO(st, pp, i2d_func, ex_tag, ex_class, is_set) \
@@ -1901,7 +2233,6 @@
SKM_ASN1_seq_pack(POLICYINFO, (st), (i2d_func), (buf), (len))
# define ASN1_seq_unpack_POLICYINFO(buf, len, d2i_func, free_func) \
SKM_ASN1_seq_unpack(POLICYINFO, (buf), (len), (d2i_func), (free_func))
-
# define d2i_ASN1_SET_OF_POLICYQUALINFO(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
SKM_ASN1_SET_OF_d2i(POLICYQUALINFO, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
# define i2d_ASN1_SET_OF_POLICYQUALINFO(st, pp, i2d_func, ex_tag, ex_class, is_set) \
@@ -1910,7 +2241,6 @@
SKM_ASN1_seq_pack(POLICYQUALINFO, (st), (i2d_func), (buf), (len))
# define ASN1_seq_unpack_POLICYQUALINFO(buf, len, d2i_func, free_func) \
SKM_ASN1_seq_unpack(POLICYQUALINFO, (buf), (len), (d2i_func), (free_func))
-
# define d2i_ASN1_SET_OF_SXNETID(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
SKM_ASN1_SET_OF_d2i(SXNETID, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
# define i2d_ASN1_SET_OF_SXNETID(st, pp, i2d_func, ex_tag, ex_class, is_set) \
@@ -1919,7 +2249,6 @@
SKM_ASN1_seq_pack(SXNETID, (st), (i2d_func), (buf), (len))
# define ASN1_seq_unpack_SXNETID(buf, len, d2i_func, free_func) \
SKM_ASN1_seq_unpack(SXNETID, (buf), (len), (d2i_func), (free_func))
-
# define d2i_ASN1_SET_OF_X509(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
SKM_ASN1_SET_OF_d2i(X509, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
# define i2d_ASN1_SET_OF_X509(st, pp, i2d_func, ex_tag, ex_class, is_set) \
@@ -1928,7 +2257,6 @@
SKM_ASN1_seq_pack(X509, (st), (i2d_func), (buf), (len))
# define ASN1_seq_unpack_X509(buf, len, d2i_func, free_func) \
SKM_ASN1_seq_unpack(X509, (buf), (len), (d2i_func), (free_func))
-
# define d2i_ASN1_SET_OF_X509_ALGOR(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
SKM_ASN1_SET_OF_d2i(X509_ALGOR, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
# define i2d_ASN1_SET_OF_X509_ALGOR(st, pp, i2d_func, ex_tag, ex_class, is_set) \
@@ -1937,7 +2265,6 @@
SKM_ASN1_seq_pack(X509_ALGOR, (st), (i2d_func), (buf), (len))
# define ASN1_seq_unpack_X509_ALGOR(buf, len, d2i_func, free_func) \
SKM_ASN1_seq_unpack(X509_ALGOR, (buf), (len), (d2i_func), (free_func))
-
# define d2i_ASN1_SET_OF_X509_ATTRIBUTE(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
SKM_ASN1_SET_OF_d2i(X509_ATTRIBUTE, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
# define i2d_ASN1_SET_OF_X509_ATTRIBUTE(st, pp, i2d_func, ex_tag, ex_class, is_set) \
@@ -1946,7 +2273,6 @@
SKM_ASN1_seq_pack(X509_ATTRIBUTE, (st), (i2d_func), (buf), (len))
# define ASN1_seq_unpack_X509_ATTRIBUTE(buf, len, d2i_func, free_func) \
SKM_ASN1_seq_unpack(X509_ATTRIBUTE, (buf), (len), (d2i_func), (free_func))
-
# define d2i_ASN1_SET_OF_X509_CRL(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
SKM_ASN1_SET_OF_d2i(X509_CRL, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
# define i2d_ASN1_SET_OF_X509_CRL(st, pp, i2d_func, ex_tag, ex_class, is_set) \
@@ -1955,7 +2281,6 @@
SKM_ASN1_seq_pack(X509_CRL, (st), (i2d_func), (buf), (len))
# define ASN1_seq_unpack_X509_CRL(buf, len, d2i_func, free_func) \
SKM_ASN1_seq_unpack(X509_CRL, (buf), (len), (d2i_func), (free_func))
-
# define d2i_ASN1_SET_OF_X509_EXTENSION(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
SKM_ASN1_SET_OF_d2i(X509_EXTENSION, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
# define i2d_ASN1_SET_OF_X509_EXTENSION(st, pp, i2d_func, ex_tag, ex_class, is_set) \
@@ -1964,7 +2289,6 @@
SKM_ASN1_seq_pack(X509_EXTENSION, (st), (i2d_func), (buf), (len))
# define ASN1_seq_unpack_X509_EXTENSION(buf, len, d2i_func, free_func) \
SKM_ASN1_seq_unpack(X509_EXTENSION, (buf), (len), (d2i_func), (free_func))
-
# define d2i_ASN1_SET_OF_X509_NAME_ENTRY(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
SKM_ASN1_SET_OF_d2i(X509_NAME_ENTRY, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
# define i2d_ASN1_SET_OF_X509_NAME_ENTRY(st, pp, i2d_func, ex_tag, ex_class, is_set) \
@@ -1973,7 +2297,6 @@
SKM_ASN1_seq_pack(X509_NAME_ENTRY, (st), (i2d_func), (buf), (len))
# define ASN1_seq_unpack_X509_NAME_ENTRY(buf, len, d2i_func, free_func) \
SKM_ASN1_seq_unpack(X509_NAME_ENTRY, (buf), (len), (d2i_func), (free_func))
-
# define d2i_ASN1_SET_OF_X509_REVOKED(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
SKM_ASN1_SET_OF_d2i(X509_REVOKED, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
# define i2d_ASN1_SET_OF_X509_REVOKED(st, pp, i2d_func, ex_tag, ex_class, is_set) \
@@ -1982,11 +2305,232 @@
SKM_ASN1_seq_pack(X509_REVOKED, (st), (i2d_func), (buf), (len))
# define ASN1_seq_unpack_X509_REVOKED(buf, len, d2i_func, free_func) \
SKM_ASN1_seq_unpack(X509_REVOKED, (buf), (len), (d2i_func), (free_func))
-
# define PKCS12_decrypt_d2i_PKCS12_SAFEBAG(algor, d2i_func, free_func, pass, passlen, oct, seq) \
SKM_PKCS12_decrypt_d2i(PKCS12_SAFEBAG, (algor), (d2i_func), (free_func), (pass), (passlen), (oct), (seq))
-
# define PKCS12_decrypt_d2i_PKCS7(algor, d2i_func, free_func, pass, passlen, oct, seq) \
SKM_PKCS12_decrypt_d2i(PKCS7, (algor), (d2i_func), (free_func), (pass), (passlen), (oct), (seq))
-
+# define lh_ADDED_OBJ_new() LHM_lh_new(ADDED_OBJ,added_obj)
+# define lh_ADDED_OBJ_insert(lh,inst) LHM_lh_insert(ADDED_OBJ,lh,inst)
+# define lh_ADDED_OBJ_retrieve(lh,inst) LHM_lh_retrieve(ADDED_OBJ,lh,inst)
+# define lh_ADDED_OBJ_delete(lh,inst) LHM_lh_delete(ADDED_OBJ,lh,inst)
+# define lh_ADDED_OBJ_doall(lh,fn) LHM_lh_doall(ADDED_OBJ,lh,fn)
+# define lh_ADDED_OBJ_doall_arg(lh,fn,arg_type,arg) \
+ LHM_lh_doall_arg(ADDED_OBJ,lh,fn,arg_type,arg)
+# define lh_ADDED_OBJ_error(lh) LHM_lh_error(ADDED_OBJ,lh)
+# define lh_ADDED_OBJ_num_items(lh) LHM_lh_num_items(ADDED_OBJ,lh)
+# define lh_ADDED_OBJ_down_load(lh) LHM_lh_down_load(ADDED_OBJ,lh)
+# define lh_ADDED_OBJ_node_stats_bio(lh,out) \
+ LHM_lh_node_stats_bio(ADDED_OBJ,lh,out)
+# define lh_ADDED_OBJ_node_usage_stats_bio(lh,out) \
+ LHM_lh_node_usage_stats_bio(ADDED_OBJ,lh,out)
+# define lh_ADDED_OBJ_stats_bio(lh,out) \
+ LHM_lh_stats_bio(ADDED_OBJ,lh,out)
+# define lh_ADDED_OBJ_free(lh) LHM_lh_free(ADDED_OBJ,lh)
+# define lh_APP_INFO_new() LHM_lh_new(APP_INFO,app_info)
+# define lh_APP_INFO_insert(lh,inst) LHM_lh_insert(APP_INFO,lh,inst)
+# define lh_APP_INFO_retrieve(lh,inst) LHM_lh_retrieve(APP_INFO,lh,inst)
+# define lh_APP_INFO_delete(lh,inst) LHM_lh_delete(APP_INFO,lh,inst)
+# define lh_APP_INFO_doall(lh,fn) LHM_lh_doall(APP_INFO,lh,fn)
+# define lh_APP_INFO_doall_arg(lh,fn,arg_type,arg) \
+ LHM_lh_doall_arg(APP_INFO,lh,fn,arg_type,arg)
+# define lh_APP_INFO_error(lh) LHM_lh_error(APP_INFO,lh)
+# define lh_APP_INFO_num_items(lh) LHM_lh_num_items(APP_INFO,lh)
+# define lh_APP_INFO_down_load(lh) LHM_lh_down_load(APP_INFO,lh)
+# define lh_APP_INFO_node_stats_bio(lh,out) \
+ LHM_lh_node_stats_bio(APP_INFO,lh,out)
+# define lh_APP_INFO_node_usage_stats_bio(lh,out) \
+ LHM_lh_node_usage_stats_bio(APP_INFO,lh,out)
+# define lh_APP_INFO_stats_bio(lh,out) \
+ LHM_lh_stats_bio(APP_INFO,lh,out)
+# define lh_APP_INFO_free(lh) LHM_lh_free(APP_INFO,lh)
+# define lh_CONF_VALUE_new() LHM_lh_new(CONF_VALUE,conf_value)
+# define lh_CONF_VALUE_insert(lh,inst) LHM_lh_insert(CONF_VALUE,lh,inst)
+# define lh_CONF_VALUE_retrieve(lh,inst) LHM_lh_retrieve(CONF_VALUE,lh,inst)
+# define lh_CONF_VALUE_delete(lh,inst) LHM_lh_delete(CONF_VALUE,lh,inst)
+# define lh_CONF_VALUE_doall(lh,fn) LHM_lh_doall(CONF_VALUE,lh,fn)
+# define lh_CONF_VALUE_doall_arg(lh,fn,arg_type,arg) \
+ LHM_lh_doall_arg(CONF_VALUE,lh,fn,arg_type,arg)
+# define lh_CONF_VALUE_error(lh) LHM_lh_error(CONF_VALUE,lh)
+# define lh_CONF_VALUE_num_items(lh) LHM_lh_num_items(CONF_VALUE,lh)
+# define lh_CONF_VALUE_down_load(lh) LHM_lh_down_load(CONF_VALUE,lh)
+# define lh_CONF_VALUE_node_stats_bio(lh,out) \
+ LHM_lh_node_stats_bio(CONF_VALUE,lh,out)
+# define lh_CONF_VALUE_node_usage_stats_bio(lh,out) \
+ LHM_lh_node_usage_stats_bio(CONF_VALUE,lh,out)
+# define lh_CONF_VALUE_stats_bio(lh,out) \
+ LHM_lh_stats_bio(CONF_VALUE,lh,out)
+# define lh_CONF_VALUE_free(lh) LHM_lh_free(CONF_VALUE,lh)
+# define lh_ENGINE_PILE_new() LHM_lh_new(ENGINE_PILE,engine_pile)
+# define lh_ENGINE_PILE_insert(lh,inst) LHM_lh_insert(ENGINE_PILE,lh,inst)
+# define lh_ENGINE_PILE_retrieve(lh,inst) LHM_lh_retrieve(ENGINE_PILE,lh,inst)
+# define lh_ENGINE_PILE_delete(lh,inst) LHM_lh_delete(ENGINE_PILE,lh,inst)
+# define lh_ENGINE_PILE_doall(lh,fn) LHM_lh_doall(ENGINE_PILE,lh,fn)
+# define lh_ENGINE_PILE_doall_arg(lh,fn,arg_type,arg) \
+ LHM_lh_doall_arg(ENGINE_PILE,lh,fn,arg_type,arg)
+# define lh_ENGINE_PILE_error(lh) LHM_lh_error(ENGINE_PILE,lh)
+# define lh_ENGINE_PILE_num_items(lh) LHM_lh_num_items(ENGINE_PILE,lh)
+# define lh_ENGINE_PILE_down_load(lh) LHM_lh_down_load(ENGINE_PILE,lh)
+# define lh_ENGINE_PILE_node_stats_bio(lh,out) \
+ LHM_lh_node_stats_bio(ENGINE_PILE,lh,out)
+# define lh_ENGINE_PILE_node_usage_stats_bio(lh,out) \
+ LHM_lh_node_usage_stats_bio(ENGINE_PILE,lh,out)
+# define lh_ENGINE_PILE_stats_bio(lh,out) \
+ LHM_lh_stats_bio(ENGINE_PILE,lh,out)
+# define lh_ENGINE_PILE_free(lh) LHM_lh_free(ENGINE_PILE,lh)
+# define lh_ERR_STATE_new() LHM_lh_new(ERR_STATE,err_state)
+# define lh_ERR_STATE_insert(lh,inst) LHM_lh_insert(ERR_STATE,lh,inst)
+# define lh_ERR_STATE_retrieve(lh,inst) LHM_lh_retrieve(ERR_STATE,lh,inst)
+# define lh_ERR_STATE_delete(lh,inst) LHM_lh_delete(ERR_STATE,lh,inst)
+# define lh_ERR_STATE_doall(lh,fn) LHM_lh_doall(ERR_STATE,lh,fn)
+# define lh_ERR_STATE_doall_arg(lh,fn,arg_type,arg) \
+ LHM_lh_doall_arg(ERR_STATE,lh,fn,arg_type,arg)
+# define lh_ERR_STATE_error(lh) LHM_lh_error(ERR_STATE,lh)
+# define lh_ERR_STATE_num_items(lh) LHM_lh_num_items(ERR_STATE,lh)
+# define lh_ERR_STATE_down_load(lh) LHM_lh_down_load(ERR_STATE,lh)
+# define lh_ERR_STATE_node_stats_bio(lh,out) \
+ LHM_lh_node_stats_bio(ERR_STATE,lh,out)
+# define lh_ERR_STATE_node_usage_stats_bio(lh,out) \
+ LHM_lh_node_usage_stats_bio(ERR_STATE,lh,out)
+# define lh_ERR_STATE_stats_bio(lh,out) \
+ LHM_lh_stats_bio(ERR_STATE,lh,out)
+# define lh_ERR_STATE_free(lh) LHM_lh_free(ERR_STATE,lh)
+# define lh_ERR_STRING_DATA_new() LHM_lh_new(ERR_STRING_DATA,err_string_data)
+# define lh_ERR_STRING_DATA_insert(lh,inst) LHM_lh_insert(ERR_STRING_DATA,lh,inst)
+# define lh_ERR_STRING_DATA_retrieve(lh,inst) LHM_lh_retrieve(ERR_STRING_DATA,lh,inst)
+# define lh_ERR_STRING_DATA_delete(lh,inst) LHM_lh_delete(ERR_STRING_DATA,lh,inst)
+# define lh_ERR_STRING_DATA_doall(lh,fn) LHM_lh_doall(ERR_STRING_DATA,lh,fn)
+# define lh_ERR_STRING_DATA_doall_arg(lh,fn,arg_type,arg) \
+ LHM_lh_doall_arg(ERR_STRING_DATA,lh,fn,arg_type,arg)
+# define lh_ERR_STRING_DATA_error(lh) LHM_lh_error(ERR_STRING_DATA,lh)
+# define lh_ERR_STRING_DATA_num_items(lh) LHM_lh_num_items(ERR_STRING_DATA,lh)
+# define lh_ERR_STRING_DATA_down_load(lh) LHM_lh_down_load(ERR_STRING_DATA,lh)
+# define lh_ERR_STRING_DATA_node_stats_bio(lh,out) \
+ LHM_lh_node_stats_bio(ERR_STRING_DATA,lh,out)
+# define lh_ERR_STRING_DATA_node_usage_stats_bio(lh,out) \
+ LHM_lh_node_usage_stats_bio(ERR_STRING_DATA,lh,out)
+# define lh_ERR_STRING_DATA_stats_bio(lh,out) \
+ LHM_lh_stats_bio(ERR_STRING_DATA,lh,out)
+# define lh_ERR_STRING_DATA_free(lh) LHM_lh_free(ERR_STRING_DATA,lh)
+# define lh_EX_CLASS_ITEM_new() LHM_lh_new(EX_CLASS_ITEM,ex_class_item)
+# define lh_EX_CLASS_ITEM_insert(lh,inst) LHM_lh_insert(EX_CLASS_ITEM,lh,inst)
+# define lh_EX_CLASS_ITEM_retrieve(lh,inst) LHM_lh_retrieve(EX_CLASS_ITEM,lh,inst)
+# define lh_EX_CLASS_ITEM_delete(lh,inst) LHM_lh_delete(EX_CLASS_ITEM,lh,inst)
+# define lh_EX_CLASS_ITEM_doall(lh,fn) LHM_lh_doall(EX_CLASS_ITEM,lh,fn)
+# define lh_EX_CLASS_ITEM_doall_arg(lh,fn,arg_type,arg) \
+ LHM_lh_doall_arg(EX_CLASS_ITEM,lh,fn,arg_type,arg)
+# define lh_EX_CLASS_ITEM_error(lh) LHM_lh_error(EX_CLASS_ITEM,lh)
+# define lh_EX_CLASS_ITEM_num_items(lh) LHM_lh_num_items(EX_CLASS_ITEM,lh)
+# define lh_EX_CLASS_ITEM_down_load(lh) LHM_lh_down_load(EX_CLASS_ITEM,lh)
+# define lh_EX_CLASS_ITEM_node_stats_bio(lh,out) \
+ LHM_lh_node_stats_bio(EX_CLASS_ITEM,lh,out)
+# define lh_EX_CLASS_ITEM_node_usage_stats_bio(lh,out) \
+ LHM_lh_node_usage_stats_bio(EX_CLASS_ITEM,lh,out)
+# define lh_EX_CLASS_ITEM_stats_bio(lh,out) \
+ LHM_lh_stats_bio(EX_CLASS_ITEM,lh,out)
+# define lh_EX_CLASS_ITEM_free(lh) LHM_lh_free(EX_CLASS_ITEM,lh)
+# define lh_FUNCTION_new() LHM_lh_new(FUNCTION,function)
+# define lh_FUNCTION_insert(lh,inst) LHM_lh_insert(FUNCTION,lh,inst)
+# define lh_FUNCTION_retrieve(lh,inst) LHM_lh_retrieve(FUNCTION,lh,inst)
+# define lh_FUNCTION_delete(lh,inst) LHM_lh_delete(FUNCTION,lh,inst)
+# define lh_FUNCTION_doall(lh,fn) LHM_lh_doall(FUNCTION,lh,fn)
+# define lh_FUNCTION_doall_arg(lh,fn,arg_type,arg) \
+ LHM_lh_doall_arg(FUNCTION,lh,fn,arg_type,arg)
+# define lh_FUNCTION_error(lh) LHM_lh_error(FUNCTION,lh)
+# define lh_FUNCTION_num_items(lh) LHM_lh_num_items(FUNCTION,lh)
+# define lh_FUNCTION_down_load(lh) LHM_lh_down_load(FUNCTION,lh)
+# define lh_FUNCTION_node_stats_bio(lh,out) \
+ LHM_lh_node_stats_bio(FUNCTION,lh,out)
+# define lh_FUNCTION_node_usage_stats_bio(lh,out) \
+ LHM_lh_node_usage_stats_bio(FUNCTION,lh,out)
+# define lh_FUNCTION_stats_bio(lh,out) \
+ LHM_lh_stats_bio(FUNCTION,lh,out)
+# define lh_FUNCTION_free(lh) LHM_lh_free(FUNCTION,lh)
+# define lh_MEM_new() LHM_lh_new(MEM,mem)
+# define lh_MEM_insert(lh,inst) LHM_lh_insert(MEM,lh,inst)
+# define lh_MEM_retrieve(lh,inst) LHM_lh_retrieve(MEM,lh,inst)
+# define lh_MEM_delete(lh,inst) LHM_lh_delete(MEM,lh,inst)
+# define lh_MEM_doall(lh,fn) LHM_lh_doall(MEM,lh,fn)
+# define lh_MEM_doall_arg(lh,fn,arg_type,arg) \
+ LHM_lh_doall_arg(MEM,lh,fn,arg_type,arg)
+# define lh_MEM_error(lh) LHM_lh_error(MEM,lh)
+# define lh_MEM_num_items(lh) LHM_lh_num_items(MEM,lh)
+# define lh_MEM_down_load(lh) LHM_lh_down_load(MEM,lh)
+# define lh_MEM_node_stats_bio(lh,out) \
+ LHM_lh_node_stats_bio(MEM,lh,out)
+# define lh_MEM_node_usage_stats_bio(lh,out) \
+ LHM_lh_node_usage_stats_bio(MEM,lh,out)
+# define lh_MEM_stats_bio(lh,out) \
+ LHM_lh_stats_bio(MEM,lh,out)
+# define lh_MEM_free(lh) LHM_lh_free(MEM,lh)
+# define lh_OBJ_NAME_new() LHM_lh_new(OBJ_NAME,obj_name)
+# define lh_OBJ_NAME_insert(lh,inst) LHM_lh_insert(OBJ_NAME,lh,inst)
+# define lh_OBJ_NAME_retrieve(lh,inst) LHM_lh_retrieve(OBJ_NAME,lh,inst)
+# define lh_OBJ_NAME_delete(lh,inst) LHM_lh_delete(OBJ_NAME,lh,inst)
+# define lh_OBJ_NAME_doall(lh,fn) LHM_lh_doall(OBJ_NAME,lh,fn)
+# define lh_OBJ_NAME_doall_arg(lh,fn,arg_type,arg) \
+ LHM_lh_doall_arg(OBJ_NAME,lh,fn,arg_type,arg)
+# define lh_OBJ_NAME_error(lh) LHM_lh_error(OBJ_NAME,lh)
+# define lh_OBJ_NAME_num_items(lh) LHM_lh_num_items(OBJ_NAME,lh)
+# define lh_OBJ_NAME_down_load(lh) LHM_lh_down_load(OBJ_NAME,lh)
+# define lh_OBJ_NAME_node_stats_bio(lh,out) \
+ LHM_lh_node_stats_bio(OBJ_NAME,lh,out)
+# define lh_OBJ_NAME_node_usage_stats_bio(lh,out) \
+ LHM_lh_node_usage_stats_bio(OBJ_NAME,lh,out)
+# define lh_OBJ_NAME_stats_bio(lh,out) \
+ LHM_lh_stats_bio(OBJ_NAME,lh,out)
+# define lh_OBJ_NAME_free(lh) LHM_lh_free(OBJ_NAME,lh)
+# define lh_OPENSSL_CSTRING_new() LHM_lh_new(OPENSSL_CSTRING,openssl_cstring)
+# define lh_OPENSSL_CSTRING_insert(lh,inst) LHM_lh_insert(OPENSSL_CSTRING,lh,inst)
+# define lh_OPENSSL_CSTRING_retrieve(lh,inst) LHM_lh_retrieve(OPENSSL_CSTRING,lh,inst)
+# define lh_OPENSSL_CSTRING_delete(lh,inst) LHM_lh_delete(OPENSSL_CSTRING,lh,inst)
+# define lh_OPENSSL_CSTRING_doall(lh,fn) LHM_lh_doall(OPENSSL_CSTRING,lh,fn)
+# define lh_OPENSSL_CSTRING_doall_arg(lh,fn,arg_type,arg) \
+ LHM_lh_doall_arg(OPENSSL_CSTRING,lh,fn,arg_type,arg)
+# define lh_OPENSSL_CSTRING_error(lh) LHM_lh_error(OPENSSL_CSTRING,lh)
+# define lh_OPENSSL_CSTRING_num_items(lh) LHM_lh_num_items(OPENSSL_CSTRING,lh)
+# define lh_OPENSSL_CSTRING_down_load(lh) LHM_lh_down_load(OPENSSL_CSTRING,lh)
+# define lh_OPENSSL_CSTRING_node_stats_bio(lh,out) \
+ LHM_lh_node_stats_bio(OPENSSL_CSTRING,lh,out)
+# define lh_OPENSSL_CSTRING_node_usage_stats_bio(lh,out) \
+ LHM_lh_node_usage_stats_bio(OPENSSL_CSTRING,lh,out)
+# define lh_OPENSSL_CSTRING_stats_bio(lh,out) \
+ LHM_lh_stats_bio(OPENSSL_CSTRING,lh,out)
+# define lh_OPENSSL_CSTRING_free(lh) LHM_lh_free(OPENSSL_CSTRING,lh)
+# define lh_OPENSSL_STRING_new() LHM_lh_new(OPENSSL_STRING,openssl_string)
+# define lh_OPENSSL_STRING_insert(lh,inst) LHM_lh_insert(OPENSSL_STRING,lh,inst)
+# define lh_OPENSSL_STRING_retrieve(lh,inst) LHM_lh_retrieve(OPENSSL_STRING,lh,inst)
+# define lh_OPENSSL_STRING_delete(lh,inst) LHM_lh_delete(OPENSSL_STRING,lh,inst)
+# define lh_OPENSSL_STRING_doall(lh,fn) LHM_lh_doall(OPENSSL_STRING,lh,fn)
+# define lh_OPENSSL_STRING_doall_arg(lh,fn,arg_type,arg) \
+ LHM_lh_doall_arg(OPENSSL_STRING,lh,fn,arg_type,arg)
+# define lh_OPENSSL_STRING_error(lh) LHM_lh_error(OPENSSL_STRING,lh)
+# define lh_OPENSSL_STRING_num_items(lh) LHM_lh_num_items(OPENSSL_STRING,lh)
+# define lh_OPENSSL_STRING_down_load(lh) LHM_lh_down_load(OPENSSL_STRING,lh)
+# define lh_OPENSSL_STRING_node_stats_bio(lh,out) \
+ LHM_lh_node_stats_bio(OPENSSL_STRING,lh,out)
+# define lh_OPENSSL_STRING_node_usage_stats_bio(lh,out) \
+ LHM_lh_node_usage_stats_bio(OPENSSL_STRING,lh,out)
+# define lh_OPENSSL_STRING_stats_bio(lh,out) \
+ LHM_lh_stats_bio(OPENSSL_STRING,lh,out)
+# define lh_OPENSSL_STRING_free(lh) LHM_lh_free(OPENSSL_STRING,lh)
+# define lh_SSL_SESSION_new() LHM_lh_new(SSL_SESSION,ssl_session)
+# define lh_SSL_SESSION_insert(lh,inst) LHM_lh_insert(SSL_SESSION,lh,inst)
+# define lh_SSL_SESSION_retrieve(lh,inst) LHM_lh_retrieve(SSL_SESSION,lh,inst)
+# define lh_SSL_SESSION_delete(lh,inst) LHM_lh_delete(SSL_SESSION,lh,inst)
+# define lh_SSL_SESSION_doall(lh,fn) LHM_lh_doall(SSL_SESSION,lh,fn)
+# define lh_SSL_SESSION_doall_arg(lh,fn,arg_type,arg) \
+ LHM_lh_doall_arg(SSL_SESSION,lh,fn,arg_type,arg)
+# define lh_SSL_SESSION_error(lh) LHM_lh_error(SSL_SESSION,lh)
+# define lh_SSL_SESSION_num_items(lh) LHM_lh_num_items(SSL_SESSION,lh)
+# define lh_SSL_SESSION_down_load(lh) LHM_lh_down_load(SSL_SESSION,lh)
+# define lh_SSL_SESSION_node_stats_bio(lh,out) \
+ LHM_lh_node_stats_bio(SSL_SESSION,lh,out)
+# define lh_SSL_SESSION_node_usage_stats_bio(lh,out) \
+ LHM_lh_node_usage_stats_bio(SSL_SESSION,lh,out)
+# define lh_SSL_SESSION_stats_bio(lh,out) \
+ LHM_lh_stats_bio(SSL_SESSION,lh,out)
+# define lh_SSL_SESSION_free(lh) LHM_lh_free(SSL_SESSION,lh)
+#ifdef __cplusplus
+}
+#endif
#endif /* !defined HEADER_SAFESTACK_H */
Modified: trunk/crypto/openssl/crypto/stack/stack.c
===================================================================
--- trunk/crypto/openssl/crypto/stack/stack.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/stack/stack.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -78,10 +78,9 @@
#include <errno.h>
-int (*sk_set_cmp_func
- (STACK * sk, int (*c) (const char *const *, const char *const *)))
- (const char *const *, const char *const *) {
- int (*old) (const char *const *, const char *const *) = sk->comp;
+int (*sk_set_cmp_func(_STACK *sk, int (*c) (const void *, const void *)))
+ (const void *, const void *) {
+ int (*old) (const void *, const void *) = sk->comp;
if (sk->comp != c)
sk->sorted = 0;
@@ -90,9 +89,9 @@
return old;
}
-STACK *sk_dup(STACK * sk)
+_STACK *sk_dup(_STACK *sk)
{
- STACK *ret;
+ _STACK *ret;
char **s;
if ((ret = sk_new(sk->comp)) == NULL)
@@ -116,20 +115,19 @@
return (NULL);
}
-STACK *sk_new_null(void)
+_STACK *sk_new_null(void)
{
- return sk_new((int (*)(const char *const *, const char *const *))0);
+ return sk_new((int (*)(const void *, const void *))0);
}
-STACK *sk_new(int (*c) (const char *const *, const char *const *))
+_STACK *sk_new(int (*c) (const void *, const void *))
{
- STACK *ret;
+ _STACK *ret;
int i;
- if ((ret = (STACK *) OPENSSL_malloc(sizeof(STACK))) == NULL)
+ if ((ret = OPENSSL_malloc(sizeof(_STACK))) == NULL)
goto err;
- if ((ret->data =
- (char **)OPENSSL_malloc(sizeof(char *) * MIN_NODES)) == NULL)
+ if ((ret->data = OPENSSL_malloc(sizeof(char *) * MIN_NODES)) == NULL)
goto err;
for (i = 0; i < MIN_NODES; i++)
ret->data[i] = NULL;
@@ -144,7 +142,7 @@
return (NULL);
}
-int sk_insert(STACK * st, char *data, int loc)
+int sk_insert(_STACK *st, void *data, int loc)
{
char **s;
@@ -151,9 +149,8 @@
if (st == NULL)
return 0;
if (st->num_alloc <= st->num + 1) {
- s = (char **)OPENSSL_realloc((char *)st->data,
- (unsigned int)sizeof(char *) *
- st->num_alloc * 2);
+ s = OPENSSL_realloc((char *)st->data,
+ (unsigned int)sizeof(char *) * st->num_alloc * 2);
if (s == NULL)
return (0);
st->data = s;
@@ -165,14 +162,14 @@
int i;
char **f, **t;
- f = (char **)st->data;
- t = (char **)&(st->data[1]);
+ f = st->data;
+ t = &(st->data[1]);
for (i = st->num; i >= loc; i--)
t[i] = f[i];
#ifdef undef /* no memmove on sunos :-( */
- memmove((char *)&(st->data[loc + 1]),
- (char *)&(st->data[loc]), sizeof(char *) * (st->num - loc));
+ memmove(&(st->data[loc + 1]),
+ &(st->data[loc]), sizeof(char *) * (st->num - loc));
#endif
st->data[loc] = data;
}
@@ -181,7 +178,7 @@
return (st->num);
}
-char *sk_delete_ptr(STACK * st, char *p)
+void *sk_delete_ptr(_STACK *st, void *p)
{
int i;
@@ -191,7 +188,7 @@
return (NULL);
}
-char *sk_delete(STACK * st, int loc)
+void *sk_delete(_STACK *st, int loc)
{
char *ret;
int i, j;
@@ -213,11 +210,11 @@
return (ret);
}
-static int internal_find(STACK * st, char *data, int ret_val_options)
+static int internal_find(_STACK *st, void *data, int ret_val_options)
{
- char **r;
+ const void *const *r;
int i;
- int (*comp_func) (const void *, const void *);
+
if (st == NULL)
return -1;
@@ -230,44 +227,34 @@
sk_sort(st);
if (data == NULL)
return (-1);
- /*
- * This (and the "qsort" below) are the two places in OpenSSL where we
- * need to convert from our standard (type **,type **) compare callback
- * type to the (void *,void *) type required by bsearch. However, the
- * "data" it is being called(back) with are not (type *) pointers, but
- * the *pointers* to (type *) pointers, so we get our extra level of
- * pointer dereferencing that way.
- */
- comp_func = (int (*)(const void *, const void *))(st->comp);
- r = (char **)OBJ_bsearch_ex((char *)&data, (char *)st->data,
- st->num, sizeof(char *), comp_func,
- ret_val_options);
+ r = OBJ_bsearch_ex_(&data, st->data, st->num, sizeof(void *), st->comp,
+ ret_val_options);
if (r == NULL)
return (-1);
- return ((int)(r - st->data));
+ return (int)((char **)r - st->data);
}
-int sk_find(STACK * st, char *data)
+int sk_find(_STACK *st, void *data)
{
return internal_find(st, data, OBJ_BSEARCH_FIRST_VALUE_ON_MATCH);
}
-int sk_find_ex(STACK * st, char *data)
+int sk_find_ex(_STACK *st, void *data)
{
return internal_find(st, data, OBJ_BSEARCH_VALUE_ON_NOMATCH);
}
-int sk_push(STACK * st, char *data)
+int sk_push(_STACK *st, void *data)
{
return (sk_insert(st, data, st->num));
}
-int sk_unshift(STACK * st, char *data)
+int sk_unshift(_STACK *st, void *data)
{
return (sk_insert(st, data, 0));
}
-char *sk_shift(STACK * st)
+void *sk_shift(_STACK *st)
{
if (st == NULL)
return (NULL);
@@ -276,7 +263,7 @@
return (sk_delete(st, 0));
}
-char *sk_pop(STACK * st)
+void *sk_pop(_STACK *st)
{
if (st == NULL)
return (NULL);
@@ -285,17 +272,17 @@
return (sk_delete(st, st->num - 1));
}
-void sk_zero(STACK * st)
+void sk_zero(_STACK *st)
{
if (st == NULL)
return;
if (st->num <= 0)
return;
- memset((char *)st->data, 0, sizeof(st->data) * st->num);
+ memset((char *)st->data, 0, sizeof(*st->data) * st->num);
st->num = 0;
}
-void sk_pop_free(STACK * st, void (*func) (void *))
+void sk_pop_free(_STACK *st, void (*func) (void *))
{
int i;
@@ -307,7 +294,7 @@
sk_free(st);
}
-void sk_free(STACK * st)
+void sk_free(_STACK *st)
{
if (st == NULL)
return;
@@ -316,7 +303,7 @@
OPENSSL_free(st);
}
-int sk_num(const STACK * st)
+int sk_num(const _STACK *st)
{
if (st == NULL)
return -1;
@@ -323,7 +310,7 @@
return st->num;
}
-char *sk_value(const STACK * st, int i)
+void *sk_value(const _STACK *st, int i)
{
if (!st || (i < 0) || (i >= st->num))
return NULL;
@@ -330,7 +317,7 @@
return st->data[i];
}
-char *sk_set(STACK * st, int i, char *value)
+void *sk_set(_STACK *st, int i, void *value)
{
if (!st || (i < 0) || (i >= st->num))
return NULL;
@@ -337,7 +324,7 @@
return (st->data[i] = value);
}
-void sk_sort(STACK * st)
+void sk_sort(_STACK *st)
{
if (st && !st->sorted) {
int (*comp_func) (const void *, const void *);
@@ -355,7 +342,7 @@
}
}
-int sk_is_sorted(const STACK * st)
+int sk_is_sorted(const _STACK *st)
{
if (!st)
return 1;
Modified: trunk/crypto/openssl/crypto/stack/stack.h
===================================================================
--- trunk/crypto/openssl/crypto/stack/stack.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/stack/stack.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -68,37 +68,36 @@
char **data;
int sorted;
int num_alloc;
- int (*comp) (const char *const *, const char *const *);
-} STACK;
+ int (*comp) (const void *, const void *);
+} _STACK; /* Use STACK_OF(...) instead */
# define M_sk_num(sk) ((sk) ? (sk)->num:-1)
# define M_sk_value(sk,n) ((sk) ? (sk)->data[n] : NULL)
-int sk_num(const STACK *);
-char *sk_value(const STACK *, int);
+int sk_num(const _STACK *);
+void *sk_value(const _STACK *, int);
-char *sk_set(STACK *, int, char *);
+void *sk_set(_STACK *, int, void *);
-STACK *sk_new(int (*cmp) (const char *const *, const char *const *));
-STACK *sk_new_null(void);
-void sk_free(STACK *);
-void sk_pop_free(STACK * st, void (*func) (void *));
-int sk_insert(STACK * sk, char *data, int where);
-char *sk_delete(STACK * st, int loc);
-char *sk_delete_ptr(STACK * st, char *p);
-int sk_find(STACK * st, char *data);
-int sk_find_ex(STACK * st, char *data);
-int sk_push(STACK * st, char *data);
-int sk_unshift(STACK * st, char *data);
-char *sk_shift(STACK * st);
-char *sk_pop(STACK * st);
-void sk_zero(STACK * st);
-int (*sk_set_cmp_func(STACK * sk, int (*c) (const char *const *,
- const char *const *)))
- (const char *const *, const char *const *);
-STACK *sk_dup(STACK * st);
-void sk_sort(STACK * st);
-int sk_is_sorted(const STACK * st);
+_STACK *sk_new(int (*cmp) (const void *, const void *));
+_STACK *sk_new_null(void);
+void sk_free(_STACK *);
+void sk_pop_free(_STACK *st, void (*func) (void *));
+int sk_insert(_STACK *sk, void *data, int where);
+void *sk_delete(_STACK *st, int loc);
+void *sk_delete_ptr(_STACK *st, void *p);
+int sk_find(_STACK *st, void *data);
+int sk_find_ex(_STACK *st, void *data);
+int sk_push(_STACK *st, void *data);
+int sk_unshift(_STACK *st, void *data);
+void *sk_shift(_STACK *st);
+void *sk_pop(_STACK *st);
+void sk_zero(_STACK *st);
+int (*sk_set_cmp_func(_STACK *sk, int (*c) (const void *, const void *)))
+ (const void *, const void *);
+_STACK *sk_dup(_STACK *st);
+void sk_sort(_STACK *st);
+int sk_is_sorted(const _STACK *st);
#ifdef __cplusplus
}
Modified: trunk/crypto/openssl/crypto/store/Makefile
===================================================================
--- trunk/crypto/openssl/crypto/store/Makefile 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/store/Makefile 2015-07-21 23:23:45 UTC (rev 7118)
@@ -35,7 +35,7 @@
all: lib
lib: $(LIBOBJ)
- $(ARX) $(LIB) $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
@@ -63,6 +63,8 @@
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
+update: depend
+
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
@@ -89,14 +91,14 @@
str_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
str_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
str_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-str_lib.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-str_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-str_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-str_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-str_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-str_lib.o: ../../include/openssl/stack.h ../../include/openssl/store.h
-str_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-str_lib.o: ../../include/openssl/x509_vfy.h str_lib.c str_locl.h
+str_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+str_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+str_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+str_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+str_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+str_lib.o: ../../include/openssl/store.h ../../include/openssl/symhacks.h
+str_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+str_lib.o: str_lib.c str_locl.h
str_mem.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
str_mem.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
str_mem.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
Modified: trunk/crypto/openssl/crypto/store/store.h
===================================================================
--- trunk/crypto/openssl/crypto/store/store.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/store/store.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -60,6 +60,12 @@
#ifndef HEADER_STORE_H
# define HEADER_STORE_H
+# include <openssl/opensslconf.h>
+
+# ifdef OPENSSL_NO_STORE
+# error STORE is disabled.
+# endif
+
# include <openssl/ossl_typ.h>
# ifndef OPENSSL_NO_DEPRECATED
# include <openssl/evp.h>
@@ -503,7 +509,8 @@
* Compare on basis of a bit pattern formed by the STORE_ATTR_TYPES values in
* each contained attribute.
*/
-int STORE_ATTR_INFO_compare(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b);
+int STORE_ATTR_INFO_compare(const STORE_ATTR_INFO *const *a,
+ const STORE_ATTR_INFO *const *b);
/*
* Check if the set of attributes in a is within the range of attributes set
* in b.
Modified: trunk/crypto/openssl/crypto/store/str_err.c
===================================================================
--- trunk/crypto/openssl/crypto/store/str_err.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/store/str_err.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,6 +1,6 @@
/* crypto/store/str_err.c */
/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
Modified: trunk/crypto/openssl/crypto/store/str_lib.c
===================================================================
--- trunk/crypto/openssl/crypto/store/str_lib.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/store/str_lib.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1577,8 +1577,8 @@
return 0;
}
-static int attr_info_compare_compute_range(unsigned char *abits,
- unsigned char *bbits,
+static int attr_info_compare_compute_range(const unsigned char *abits,
+ const unsigned char *bbits,
unsigned int *alowp,
unsigned int *ahighp,
unsigned int *blowp,
@@ -1679,7 +1679,8 @@
return res;
}
-int STORE_ATTR_INFO_compare(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
+int STORE_ATTR_INFO_compare(const STORE_ATTR_INFO *const *a,
+ const STORE_ATTR_INFO *const *b)
{
if (a == b)
return 0;
@@ -1687,7 +1688,7 @@
return -1;
if (!b)
return 1;
- return attr_info_compare_compute_range(a->set, b->set, 0, 0, 0, 0);
+ return attr_info_compare_compute_range((*a)->set, (*b)->set, 0, 0, 0, 0);
}
int STORE_ATTR_INFO_in_range(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
Modified: trunk/crypto/openssl/crypto/store/str_mem.c
===================================================================
--- trunk/crypto/openssl/crypto/store/str_mem.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/store/str_mem.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -77,36 +77,41 @@
* (basically, the lowest associated attribute type code).
*/
-struct mem_object_data_st {
+typedef struct mem_object_data_st {
STORE_OBJECT *object;
STORE_ATTR_INFO *attr_info;
int references;
-};
+} MEM_OBJECT_DATA;
+DECLARE_STACK_OF(MEM_OBJECT_DATA)
struct mem_data_st {
/*
- * A stack of mem_object_data_st,
- * sorted with STORE_ATTR_INFO_compare().
+ * sorted with
+ * STORE_ATTR_INFO_compare().
*/
- STACK *data;
+ STACK_OF(MEM_OBJECT_DATA) *data;
/*
- * Currently unused, but can be used to add attributes from parts of the
- * data.
+ * Currently unused, but can
+ * be used to add attributes
+ * from parts of the data.
*/
unsigned int compute_components:1;
};
+DECLARE_STACK_OF(STORE_ATTR_INFO)
struct mem_ctx_st {
/* The type we're searching for */
int type;
/*
- * Sets of attributes to search for.
- * Each element is a STORE_ATTR_INFO.
+ * Sets of
+ * attributes to search for. Each
+ * element is a STORE_ATTR_INFO.
*/
- STACK *search_attributes;
+ STACK_OF(STORE_ATTR_INFO) *search_attributes;
/*
- * which of the search attributes we found a match
- * for, -1 when we still haven't found any
+ * which of the search attributes we
+ * found a match for, -1 when we still
+ * haven't found any
*/
int search_index;
/* -1 as long as we're searching for the first */
@@ -259,14 +264,13 @@
while ((attrs = STORE_parse_attrs_next(attribute_context))) {
if (context->search_attributes == NULL) {
context->search_attributes =
- sk_new((int (*)(const char *const *, const char *const *))
- STORE_ATTR_INFO_compare);
+ sk_STORE_ATTR_INFO_new(STORE_ATTR_INFO_compare);
if (!context->search_attributes) {
STOREerr(STORE_F_MEM_LIST_START, ERR_R_MALLOC_FAILURE);
goto err;
}
}
- sk_push(context->search_attributes, (char *)attrs);
+ sk_STORE_ATTR_INFO_push(context->search_attributes, attrs);
}
if (!STORE_parse_attrs_endp(attribute_context))
goto err;
@@ -300,10 +304,11 @@
}
if (context->search_index == -1) {
- for (i = 0; i < sk_num(context->search_attributes); i++) {
- key.attr_info =
- (STORE_ATTR_INFO *)sk_value(context->search_attributes, i);
- srch = sk_find_ex(store->data, (char *)&key);
+ for (i = 0;
+ i < sk_STORE_ATTR_INFO_num(context->search_attributes); i++) {
+ key.attr_info
+ = sk_STORE_ATTR_INFO_value(context->search_attributes, i);
+ srch = sk_MEM_OBJECT_DATA_find_ex(store->data, &key);
if (srch >= 0) {
context->search_index = srch;
@@ -315,22 +320,22 @@
return NULL;
key.attr_info =
- (STORE_ATTR_INFO *)sk_value(context->search_attributes,
- context->search_index);
- for (srch = context->search_index; srch < sk_num(store->data)
+ sk_STORE_ATTR_INFO_value(context->search_attributes,
+ context->search_index);
+ for (srch = context->search_index;
+ srch < sk_MEM_OBJECT_DATA_num(store->data)
&& STORE_ATTR_INFO_in_range(key.attr_info,
- (STORE_ATTR_INFO *)sk_value(store->data,
- srch))
+ sk_MEM_OBJECT_DATA_value(store->data,
+ srch)->attr_info)
&& !(cres =
STORE_ATTR_INFO_in_ex(key.attr_info,
- (STORE_ATTR_INFO *)sk_value(store->data,
- srch)));
+ sk_MEM_OBJECT_DATA_value(store->data,
+ srch)->attr_info));
srch++) ;
context->search_index = srch;
if (cres)
- return ((struct mem_object_data_st *)sk_value(store->data,
- srch))->object;
+ return (sk_MEM_OBJECT_DATA_value(store->data, srch))->object;
return NULL;
}
@@ -343,7 +348,7 @@
return 0;
}
if (context && context->search_attributes)
- sk_free(context->search_attributes);
+ sk_STORE_ATTR_INFO_free(context->search_attributes);
if (context)
OPENSSL_free(context);
return 1;
@@ -354,7 +359,8 @@
struct mem_ctx_st *context = (struct mem_ctx_st *)handle;
if (!context
- || context->search_index == sk_num(context->search_attributes))
+ || context->search_index
+ == sk_STORE_ATTR_INFO_num(context->search_attributes))
return 1;
return 0;
}
Modified: trunk/crypto/openssl/crypto/symhacks.h
===================================================================
--- trunk/crypto/openssl/crypto/symhacks.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/symhacks.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -71,10 +71,6 @@
*/
# ifdef OPENSSL_SYS_VMS
-/* Hack a long name in crypto/cryptlib.c */
-# undef int_CRYPTO_set_do_dynlock_callback
-# define int_CRYPTO_set_do_dynlock_callback int_CRYPTO_set_do_dynlock_cb
-
/* Hack a long name in crypto/ex_data.c */
# undef CRYPTO_get_ex_data_implementation
# define CRYPTO_get_ex_data_implementation CRYPTO_get_ex_data_impl
@@ -187,7 +183,6 @@
# define SSL_CTX_set_default_passwd_cb_userdata SSL_CTX_set_def_passwd_cb_ud
# undef SSL_COMP_get_compression_methods
# define SSL_COMP_get_compression_methods SSL_COMP_get_compress_methods
-
# undef ssl_add_clienthello_renegotiate_ext
# define ssl_add_clienthello_renegotiate_ext ssl_add_clienthello_reneg_ext
# undef ssl_add_serverhello_renegotiate_ext
@@ -196,7 +191,26 @@
# define ssl_parse_clienthello_renegotiate_ext ssl_parse_clienthello_reneg_ext
# undef ssl_parse_serverhello_renegotiate_ext
# define ssl_parse_serverhello_renegotiate_ext ssl_parse_serverhello_reneg_ext
-
+# undef SSL_srp_server_param_with_username
+# define SSL_srp_server_param_with_username SSL_srp_server_param_with_un
+# undef SSL_CTX_set_srp_client_pwd_callback
+# define SSL_CTX_set_srp_client_pwd_callback SSL_CTX_set_srp_client_pwd_cb
+# undef SSL_CTX_set_srp_verify_param_callback
+# define SSL_CTX_set_srp_verify_param_callback SSL_CTX_set_srp_vfy_param_cb
+# undef SSL_CTX_set_srp_username_callback
+# define SSL_CTX_set_srp_username_callback SSL_CTX_set_srp_un_cb
+# undef ssl_add_clienthello_use_srtp_ext
+# define ssl_add_clienthello_use_srtp_ext ssl_add_clihello_use_srtp_ext
+# undef ssl_add_serverhello_use_srtp_ext
+# define ssl_add_serverhello_use_srtp_ext ssl_add_serhello_use_srtp_ext
+# undef ssl_parse_clienthello_use_srtp_ext
+# define ssl_parse_clienthello_use_srtp_ext ssl_parse_clihello_use_srtp_ext
+# undef ssl_parse_serverhello_use_srtp_ext
+# define ssl_parse_serverhello_use_srtp_ext ssl_parse_serhello_use_srtp_ext
+# undef SSL_CTX_set_next_protos_advertised_cb
+# define SSL_CTX_set_next_protos_advertised_cb SSL_CTX_set_next_protos_adv_cb
+# undef SSL_CTX_set_next_proto_select_cb
+# define SSL_CTX_set_next_proto_select_cb SSL_CTX_set_next_proto_sel_cb
# undef ssl3_cbc_record_digest_supported
# define ssl3_cbc_record_digest_supported ssl3_cbc_record_digest_support
# undef ssl_check_clienthello_tlsext_late
@@ -213,6 +227,14 @@
# define ENGINE_set_load_privkey_function ENGINE_set_load_privkey_fn
# undef ENGINE_get_load_privkey_function
# define ENGINE_get_load_privkey_function ENGINE_get_load_privkey_fn
+# undef ENGINE_unregister_pkey_asn1_meths
+# define ENGINE_unregister_pkey_asn1_meths ENGINE_unreg_pkey_asn1_meths
+# undef ENGINE_register_all_pkey_asn1_meths
+# define ENGINE_register_all_pkey_asn1_meths ENGINE_reg_all_pkey_asn1_meths
+# undef ENGINE_set_default_pkey_asn1_meths
+# define ENGINE_set_default_pkey_asn1_meths ENGINE_set_def_pkey_asn1_meths
+# undef ENGINE_get_pkey_asn1_meth_engine
+# define ENGINE_get_pkey_asn1_meth_engine ENGINE_get_pkey_asn1_meth_eng
# undef ENGINE_set_load_ssl_client_cert_function
# define ENGINE_set_load_ssl_client_cert_function \
ENGINE_set_ld_ssl_clnt_cert_fn
@@ -238,6 +260,8 @@
# define OPENSSL_add_all_algorithms_noconf OPENSSL_add_all_algo_noconf
# undef OPENSSL_add_all_algorithms_conf
# define OPENSSL_add_all_algorithms_conf OPENSSL_add_all_algo_conf
+# undef EVP_PKEY_meth_set_verify_recover
+# define EVP_PKEY_meth_set_verify_recover EVP_PKEY_meth_set_vrfy_recover
/* Hack some long EC names */
# undef EC_GROUP_set_point_conversion_form
@@ -246,6 +270,9 @@
# define EC_GROUP_get_point_conversion_form EC_GROUP_get_point_conv_form
# undef EC_GROUP_clear_free_all_extra_data
# define EC_GROUP_clear_free_all_extra_data EC_GROUP_clr_free_all_xtra_data
+# undef EC_KEY_set_public_key_affine_coordinates
+# define EC_KEY_set_public_key_affine_coordinates \
+ EC_KEY_set_pub_key_aff_coords
# undef EC_POINT_set_Jprojective_coordinates_GFp
# define EC_POINT_set_Jprojective_coordinates_GFp \
EC_POINT_set_Jproj_coords_GFp
@@ -379,6 +406,14 @@
# undef STORE_method_get_unlock_store_function
# define STORE_method_get_unlock_store_function STORE_meth_get_unlock_store_fn
+/* Hack some long TS names */
+# undef TS_RESP_CTX_set_status_info_cond
+# define TS_RESP_CTX_set_status_info_cond TS_RESP_CTX_set_stat_info_cond
+# undef TS_RESP_CTX_set_clock_precision_digits
+# define TS_RESP_CTX_set_clock_precision_digits TS_RESP_CTX_set_clk_prec_digits
+# undef TS_CONF_set_clock_precision_digits
+# define TS_CONF_set_clock_precision_digits TS_CONF_set_clk_prec_digits
+
/* Hack some long CMS names */
# undef CMS_RecipientInfo_ktri_get0_algs
# define CMS_RecipientInfo_ktri_get0_algs CMS_RecipInfo_ktri_get0_algs
@@ -397,10 +432,22 @@
# undef dtls1_retransmit_buffered_messages
# define dtls1_retransmit_buffered_messages dtls1_retransmit_buffered_msgs
+/* Hack some long SRP names */
+# undef SRP_generate_server_master_secret
+# define SRP_generate_server_master_secret SRP_gen_server_master_secret
+# undef SRP_generate_client_master_secret
+# define SRP_generate_client_master_secret SRP_gen_client_master_secret
+
+/* Hack some long UI names */
+# undef UI_method_get_prompt_constructor
+# define UI_method_get_prompt_constructor UI_method_get_prompt_constructr
+# undef UI_method_set_prompt_constructor
+# define UI_method_set_prompt_constructor UI_method_set_prompt_constructr
+
# endif /* defined OPENSSL_SYS_VMS */
-/* Case insensiteve linking causes problems.... */
-# if defined(OPENSSL_SYS_WIN16) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2)
+/* Case insensitive linking causes problems.... */
+# if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2)
# undef ERR_load_CRYPTO_strings
# define ERR_load_CRYPTO_strings ERR_load_CRYPTOlib_strings
# undef OCSP_crlID_new
@@ -430,9 +477,10 @@
# undef X509v3_add_standard_extensions
# define X509v3_add_standard_extensions oX509v3_add_standard_extensions
+/* This one clashes with CMS_data_create */
+# undef cms_Data_create
+# define cms_Data_create priv_cms_Data_create
+
# endif
#endif /* ! defined HEADER_VMS_IDHACKS_H */
-/* This one clashes with CMS_data_create */
-#undef cms_Data_create
-#define cms_Data_create priv_cms_Data_create
Modified: trunk/crypto/openssl/crypto/threads/mttest.c
===================================================================
--- trunk/crypto/openssl/crypto/threads/mttest.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/threads/mttest.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -117,11 +117,13 @@
void win32_locking_callback(int mode, int type, char *file, int line);
void pthreads_locking_callback(int mode, int type, char *file, int line);
void netware_locking_callback(int mode, int type, char *file, int line);
+void beos_locking_callback(int mode, int type, const char *file, int line);
unsigned long irix_thread_id(void);
unsigned long solaris_thread_id(void);
unsigned long pthreads_thread_id(void);
unsigned long netware_thread_id(void);
+unsigned long beos_thread_id(void);
#if defined(OPENSSL_SYS_NETWARE)
static MPKMutex *lock_cs;
@@ -1113,3 +1115,94 @@
return (ret);
}
#endif /* NETWARE */
+
+#ifdef BEOS_THREADS
+
+# include <Locker.h>
+
+static BLocker **lock_cs;
+static long *lock_count;
+
+void thread_setup(void)
+{
+ int i;
+
+ lock_cs =
+ (BLocker **) OPENSSL_malloc(CRYPTO_num_locks() * sizeof(BLocker *));
+ lock_count = (long *)OPENSSL_malloc(CRYPTO_num_locks() * sizeof(long));
+ for (i = 0; i < CRYPTO_num_locks(); i++) {
+ lock_count[i] = 0;
+ lock_cs[i] = new BLocker(CRYPTO_get_lock_name(i));
+ }
+
+ CRYPTO_set_id_callback((unsigned long (*)())beos_thread_id);
+ CRYPTO_set_locking_callback(beos_locking_callback);
+}
+
+void thread_cleanup(void)
+{
+ int i;
+
+ CRYPTO_set_locking_callback(NULL);
+ fprintf(stderr, "cleanup\n");
+ for (i = 0; i < CRYPTO_num_locks(); i++) {
+ delete lock_cs[i];
+ fprintf(stderr, "%8ld:%s\n", lock_count[i], CRYPTO_get_lock_name(i));
+ }
+ OPENSSL_free(lock_cs);
+ OPENSSL_free(lock_count);
+
+ fprintf(stderr, "done cleanup\n");
+}
+
+void beos_locking_callback(int mode, int type, const char *file, int line)
+{
+# if 0
+ fprintf(stderr, "thread=%4d mode=%s lock=%s %s:%d\n",
+ CRYPTO_thread_id(),
+ (mode & CRYPTO_LOCK) ? "l" : "u",
+ (type & CRYPTO_READ) ? "r" : "w", file, line);
+# endif
+ if (mode & CRYPTO_LOCK) {
+ lock_cs[type]->Lock();
+ lock_count[type]++;
+ } else {
+ lock_cs[type]->Unlock();
+ }
+}
+
+void do_threads(SSL_CTX *s_ctx, SSL_CTX *c_ctx)
+{
+ SSL_CTX *ssl_ctx[2];
+ thread_id thread_ctx[MAX_THREAD_NUMBER];
+ int i;
+
+ ssl_ctx[0] = s_ctx;
+ ssl_ctx[1] = c_ctx;
+
+ for (i = 0; i < thread_number; i++) {
+ thread_ctx[i] = spawn_thread((thread_func) ndoit,
+ NULL, B_NORMAL_PRIORITY,
+ (void *)ssl_ctx);
+ resume_thread(thread_ctx[i]);
+ }
+
+ printf("waiting...\n");
+ for (i = 0; i < thread_number; i++) {
+ status_t result;
+ wait_for_thread(thread_ctx[i], &result);
+ }
+
+ printf("beos threads done (%d,%d)\n",
+ s_ctx->references, c_ctx->references);
+}
+
+unsigned long beos_thread_id(void)
+{
+ unsigned long ret;
+
+ ret = (unsigned long)find_thread(NULL);
+ return (ret);
+}
+
+#endif /* BEOS_THREADS */
Modified: trunk/crypto/openssl/crypto/threads/th-lock.c
===================================================================
--- trunk/crypto/openssl/crypto/threads/th-lock.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/threads/th-lock.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -117,6 +117,10 @@
int i;
lock_cs = OPENSSL_malloc(CRYPTO_num_locks() * sizeof(HANDLE));
+ if (!lock_cs) {
+ /* Nothing we can do about this...void function! */
+ return;
+ }
for (i = 0; i < CRYPTO_num_locks(); i++) {
lock_cs[i] = CreateMutex(NULL, FALSE, NULL);
}
@@ -168,6 +172,10 @@
# else
lock_cs = OPENSSL_malloc(CRYPTO_num_locks() * sizeof(rwlock_t));
# endif
+ if (!lock_cs) {
+ /* Nothing we can do about this...void function! */
+ return;
+ }
lock_count = OPENSSL_malloc(CRYPTO_num_locks() * sizeof(long));
for (i = 0; i < CRYPTO_num_locks(); i++) {
lock_count[i] = 0;
@@ -251,6 +259,12 @@
int i;
char filename[20];
+ lock_cs = OPENSSL_malloc(CRYPTO_num_locks() * sizeof(usema_t *));
+ if (!lock_cs) {
+ /* Nothing we can do about this...void function! */
+ return;
+ }
+
strcpy(filename, "/tmp/mttest.XXXXXX");
mktemp(filename);
@@ -261,7 +275,6 @@
arena = usinit(filename);
unlink(filename);
- lock_cs = OPENSSL_malloc(CRYPTO_num_locks() * sizeof(usema_t *));
for (i = 0; i < CRYPTO_num_locks(); i++) {
lock_cs[i] = usnewsema(arena, 1);
}
@@ -315,6 +328,14 @@
lock_cs = OPENSSL_malloc(CRYPTO_num_locks() * sizeof(pthread_mutex_t));
lock_count = OPENSSL_malloc(CRYPTO_num_locks() * sizeof(long));
+ if (!lock_cs || !lock_count) {
+ /* Nothing we can do about this...void function! */
+ if (lock_cs)
+ OPENSSL_free(lock_cs);
+ if (lock_count)
+ OPENSSL_free(lock_count);
+ return;
+ }
for (i = 0; i < CRYPTO_num_locks(); i++) {
lock_count[i] = 0;
pthread_mutex_init(&(lock_cs[i]), NULL);
Modified: trunk/crypto/openssl/crypto/txt_db/Makefile
===================================================================
--- trunk/crypto/openssl/crypto/txt_db/Makefile 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/txt_db/Makefile 2015-07-21 23:23:45 UTC (rev 7118)
@@ -33,7 +33,7 @@
all: lib
lib: $(LIBOBJ)
- $(ARX) $(LIB) $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
@@ -61,6 +61,8 @@
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
+update: depend
+
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by top Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
Modified: trunk/crypto/openssl/crypto/txt_db/txt_db.c
===================================================================
--- trunk/crypto/openssl/crypto/txt_db/txt_db.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/txt_db/txt_db.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -77,7 +77,8 @@
int i, add, n;
int size = BUFSIZE;
int offset = 0;
- char *p, **pp, *f;
+ char *p, *f;
+ OPENSSL_STRING *pp;
BUF_MEM *buf = NULL;
if ((buf = BUF_MEM_new()) == NULL)
@@ -85,19 +86,16 @@
if (!BUF_MEM_grow(buf, size))
goto err;
- if ((ret = (TXT_DB *)OPENSSL_malloc(sizeof(TXT_DB))) == NULL)
+ if ((ret = OPENSSL_malloc(sizeof(TXT_DB))) == NULL)
goto err;
ret->num_fields = num;
ret->index = NULL;
ret->qual = NULL;
- if ((ret->data = sk_new_null()) == NULL)
+ if ((ret->data = sk_OPENSSL_PSTRING_new_null()) == NULL)
goto err;
- if ((ret->index =
- (LHASH **)OPENSSL_malloc(sizeof(LHASH *) * num)) == NULL)
+ if ((ret->index = OPENSSL_malloc(sizeof(*ret->index) * num)) == NULL)
goto err;
- if ((ret->qual =
- (int (**)(char **))OPENSSL_malloc(sizeof(int (**)(char **)) *
- num)) == NULL)
+ if ((ret->qual = OPENSSL_malloc(sizeof(*(ret->qual)) * num)) == NULL)
goto err;
for (i = 0; i < num; i++) {
ret->index[i] = NULL;
@@ -126,7 +124,7 @@
continue;
else {
buf->data[offset - 1] = '\0'; /* blat the '\n' */
- if (!(p = (char *)OPENSSL_malloc(add + offset)))
+ if (!(p = OPENSSL_malloc(add + offset)))
goto err;
offset = 0;
}
@@ -158,7 +156,7 @@
}
*(p++) = '\0';
if ((n != num) || (*f != '\0')) {
-#if !defined(OPENSSL_NO_STDIO) && !defined(OPENSSL_SYS_WIN16) /* temporaty
+#if !defined(OPENSSL_NO_STDIO) && !defined(OPENSSL_SYS_WIN16) /* temporary
* fix :-( */
fprintf(stderr,
"wrong number of fields on line %ld (looking for field %d, got %d, '%s' left)\n",
@@ -168,8 +166,8 @@
goto err;
}
pp[n] = p;
- if (!sk_push(ret->data, (char *)pp)) {
-#if !defined(OPENSSL_NO_STDIO) && !defined(OPENSSL_SYS_WIN16) /* temporaty
+ if (!sk_OPENSSL_PSTRING_push(ret->data, pp)) {
+#if !defined(OPENSSL_NO_STDIO) && !defined(OPENSSL_SYS_WIN16) /* temporary
* fix :-( */
fprintf(stderr, "failure in sk_push\n");
#endif
@@ -187,7 +185,7 @@
#endif
if (ret != NULL) {
if (ret->data != NULL)
- sk_free(ret->data);
+ sk_OPENSSL_PSTRING_free(ret->data);
if (ret->index != NULL)
OPENSSL_free(ret->index);
if (ret->qual != NULL)
@@ -200,10 +198,11 @@
return (ret);
}
-char **TXT_DB_get_by_index(TXT_DB *db, int idx, char **value)
+OPENSSL_STRING *TXT_DB_get_by_index(TXT_DB *db, int idx,
+ OPENSSL_STRING *value)
{
- char **ret;
- LHASH *lh;
+ OPENSSL_STRING *ret;
+ LHASH_OF(OPENSSL_STRING) *lh;
if (idx >= db->num_fields) {
db->error = DB_ERROR_INDEX_OUT_OF_RANGE;
@@ -214,16 +213,16 @@
db->error = DB_ERROR_NO_INDEX;
return (NULL);
}
- ret = (char **)lh_retrieve(lh, value);
+ ret = lh_OPENSSL_STRING_retrieve(lh, value);
db->error = DB_ERROR_OK;
return (ret);
}
-int TXT_DB_create_index(TXT_DB *db, int field, int (*qual) (char **),
+int TXT_DB_create_index(TXT_DB *db, int field, int (*qual) (OPENSSL_STRING *),
LHASH_HASH_FN_TYPE hash, LHASH_COMP_FN_TYPE cmp)
{
- LHASH *idx;
- char **r;
+ LHASH_OF(OPENSSL_STRING) *idx;
+ OPENSSL_STRING *r;
int i, n;
if (field >= db->num_fields) {
@@ -230,25 +229,26 @@
db->error = DB_ERROR_INDEX_OUT_OF_RANGE;
return (0);
}
- if ((idx = lh_new(hash, cmp)) == NULL) {
+ /* FIXME: we lose type checking at this point */
+ if ((idx = (LHASH_OF(OPENSSL_STRING) *)lh_new(hash, cmp)) == NULL) {
db->error = DB_ERROR_MALLOC;
return (0);
}
- n = sk_num(db->data);
+ n = sk_OPENSSL_PSTRING_num(db->data);
for (i = 0; i < n; i++) {
- r = (char **)sk_value(db->data, i);
+ r = sk_OPENSSL_PSTRING_value(db->data, i);
if ((qual != NULL) && (qual(r) == 0))
continue;
- if ((r = lh_insert(idx, r)) != NULL) {
+ if ((r = lh_OPENSSL_STRING_insert(idx, r)) != NULL) {
db->error = DB_ERROR_INDEX_CLASH;
- db->arg1 = sk_find(db->data, (char *)r);
+ db->arg1 = sk_OPENSSL_PSTRING_find(db->data, r);
db->arg2 = i;
- lh_free(idx);
+ lh_OPENSSL_STRING_free(idx);
return (0);
}
}
if (db->index[field] != NULL)
- lh_free(db->index[field]);
+ lh_OPENSSL_STRING_free(db->index[field]);
db->index[field] = idx;
db->qual[field] = qual;
return (1);
@@ -263,10 +263,10 @@
if ((buf = BUF_MEM_new()) == NULL)
goto err;
- n = sk_num(db->data);
+ n = sk_OPENSSL_PSTRING_num(db->data);
nn = db->num_fields;
for (i = 0; i < n; i++) {
- pp = (char **)sk_value(db->data, i);
+ pp = sk_OPENSSL_PSTRING_value(db->data, i);
l = 0;
for (j = 0; j < nn; j++) {
@@ -302,16 +302,16 @@
return (ret);
}
-int TXT_DB_insert(TXT_DB *db, char **row)
+int TXT_DB_insert(TXT_DB *db, OPENSSL_STRING *row)
{
int i;
- char **r;
+ OPENSSL_STRING *r;
for (i = 0; i < db->num_fields; i++) {
if (db->index[i] != NULL) {
if ((db->qual[i] != NULL) && (db->qual[i] (row) == 0))
continue;
- r = (char **)lh_retrieve(db->index[i], row);
+ r = lh_OPENSSL_STRING_retrieve(db->index[i], row);
if (r != NULL) {
db->error = DB_ERROR_INDEX_CLASH;
db->arg1 = i;
@@ -321,7 +321,7 @@
}
}
/* We have passed the index checks, now just append and insert */
- if (!sk_push(db->data, (char *)row)) {
+ if (!sk_OPENSSL_PSTRING_push(db->data, row)) {
db->error = DB_ERROR_MALLOC;
goto err;
}
@@ -330,7 +330,7 @@
if (db->index[i] != NULL) {
if ((db->qual[i] != NULL) && (db->qual[i] (row) == 0))
continue;
- lh_insert(db->index[i], row);
+ (void)lh_OPENSSL_STRING_insert(db->index[i], row);
}
}
return (1);
@@ -349,18 +349,18 @@
if (db->index != NULL) {
for (i = db->num_fields - 1; i >= 0; i--)
if (db->index[i] != NULL)
- lh_free(db->index[i]);
+ lh_OPENSSL_STRING_free(db->index[i]);
OPENSSL_free(db->index);
}
if (db->qual != NULL)
OPENSSL_free(db->qual);
if (db->data != NULL) {
- for (i = sk_num(db->data) - 1; i >= 0; i--) {
+ for (i = sk_OPENSSL_PSTRING_num(db->data) - 1; i >= 0; i--) {
/*
* check if any 'fields' have been allocated from outside of the
* initial block
*/
- p = (char **)sk_value(db->data, i);
+ p = sk_OPENSSL_PSTRING_value(db->data, i);
max = p[db->num_fields]; /* last address */
if (max == NULL) { /* new row */
for (n = 0; n < db->num_fields; n++)
@@ -373,9 +373,9 @@
OPENSSL_free(p[n]);
}
}
- OPENSSL_free(sk_value(db->data, i));
+ OPENSSL_free(sk_OPENSSL_PSTRING_value(db->data, i));
}
- sk_free(db->data);
+ sk_OPENSSL_PSTRING_free(db->data);
}
OPENSSL_free(db);
}
Modified: trunk/crypto/openssl/crypto/txt_db/txt_db.h
===================================================================
--- trunk/crypto/openssl/crypto/txt_db/txt_db.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/txt_db/txt_db.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -77,15 +77,18 @@
extern "C" {
#endif
+typedef OPENSSL_STRING *OPENSSL_PSTRING;
+DECLARE_SPECIAL_STACK_OF(OPENSSL_PSTRING, OPENSSL_STRING)
+
typedef struct txt_db_st {
int num_fields;
- STACK /* char ** */ * data;
- LHASH **index;
- int (**qual) (char **);
+ STACK_OF(OPENSSL_PSTRING) *data;
+ LHASH_OF(OPENSSL_STRING) **index;
+ int (**qual) (OPENSSL_STRING *);
long error;
long arg1;
long arg2;
- char **arg_row;
+ OPENSSL_STRING *arg_row;
} TXT_DB;
# ifndef OPENSSL_NO_BIO
@@ -95,11 +98,12 @@
TXT_DB *TXT_DB_read(char *in, int num);
long TXT_DB_write(char *out, TXT_DB *db);
# endif
-int TXT_DB_create_index(TXT_DB *db, int field, int (*qual) (char **),
+int TXT_DB_create_index(TXT_DB *db, int field, int (*qual) (OPENSSL_STRING *),
LHASH_HASH_FN_TYPE hash, LHASH_COMP_FN_TYPE cmp);
void TXT_DB_free(TXT_DB *db);
-char **TXT_DB_get_by_index(TXT_DB *db, int idx, char **value);
-int TXT_DB_insert(TXT_DB *db, char **value);
+OPENSSL_STRING *TXT_DB_get_by_index(TXT_DB *db, int idx,
+ OPENSSL_STRING *value);
+int TXT_DB_insert(TXT_DB *db, OPENSSL_STRING *value);
#ifdef __cplusplus
}
Modified: trunk/crypto/openssl/crypto/ui/Makefile
===================================================================
--- trunk/crypto/openssl/crypto/ui/Makefile 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/ui/Makefile 2015-07-21 23:23:45 UTC (rev 7118)
@@ -37,7 +37,7 @@
all: lib
lib: $(LIBOBJ)
- $(ARX) $(LIB) $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
@@ -65,6 +65,8 @@
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
+update: depend
+
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
Modified: trunk/crypto/openssl/crypto/ui/ui.h
===================================================================
--- trunk/crypto/openssl/crypto/ui/ui.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/ui/ui.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -301,8 +301,8 @@
* The UI_STRING type is the data structure that contains all the needed info
* about a string or a prompt, including test data for a verification prompt.
*/
+typedef struct ui_string_st UI_STRING;
DECLARE_STACK_OF(UI_STRING)
-typedef struct ui_string_st UI_STRING;
/*
* The different types of strings that are currently supported. This is only
@@ -327,11 +327,20 @@
int UI_method_set_reader(UI_METHOD *method,
int (*reader) (UI *ui, UI_STRING *uis));
int UI_method_set_closer(UI_METHOD *method, int (*closer) (UI *ui));
+int UI_method_set_prompt_constructor(UI_METHOD *method,
+ char *(*prompt_constructor) (UI *ui,
+ const char
+ *object_desc,
+ const char
+ *object_name));
int (*UI_method_get_opener(UI_METHOD *method)) (UI *);
int (*UI_method_get_writer(UI_METHOD *method)) (UI *, UI_STRING *);
int (*UI_method_get_flusher(UI_METHOD *method)) (UI *);
int (*UI_method_get_reader(UI_METHOD *method)) (UI *, UI_STRING *);
int (*UI_method_get_closer(UI_METHOD *method)) (UI *);
+char *(*UI_method_get_prompt_constructor(UI_METHOD *method)) (UI *,
+ const char *,
+ const char *);
/*
* The following functions are helpers for method writers to access relevant
Modified: trunk/crypto/openssl/crypto/ui/ui_err.c
===================================================================
--- trunk/crypto/openssl/crypto/ui/ui_err.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/ui/ui_err.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,6 +1,6 @@
/* crypto/ui/ui_err.c */
/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
Modified: trunk/crypto/openssl/crypto/ui/ui_lib.c
===================================================================
--- trunk/crypto/openssl/crypto/ui/ui_lib.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/ui/ui_lib.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -655,6 +655,20 @@
return -1;
}
+int UI_method_set_prompt_constructor(UI_METHOD *method,
+ char *(*prompt_constructor) (UI *ui,
+ const char
+ *object_desc,
+ const char
+ *object_name))
+{
+ if (method) {
+ method->ui_construct_prompt = prompt_constructor;
+ return 0;
+ } else
+ return -1;
+}
+
int (*UI_method_get_opener(UI_METHOD *method)) (UI *) {
if (method)
return method->ui_open_session;
@@ -690,6 +704,15 @@
return NULL;
}
+char *(*UI_method_get_prompt_constructor(UI_METHOD *method)) (UI *,
+ const char *,
+ const char *) {
+ if (method)
+ return method->ui_construct_prompt;
+ else
+ return NULL;
+}
+
enum UI_string_types UI_get_string_type(UI_STRING *uis)
{
if (!uis)
Modified: trunk/crypto/openssl/crypto/ui/ui_openssl.c
===================================================================
--- trunk/crypto/openssl/crypto/ui/ui_openssl.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/ui/ui_openssl.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -124,7 +124,15 @@
* sigaction and fileno included. -pedantic would be more appropriate for the
* intended purposes, but we can't prevent users from adding -ansi.
*/
-#define _POSIX_C_SOURCE 1
+#if defined(OPENSSL_SYSNAME_VXWORKS)
+# include <sys/types.h>
+#endif
+
+#if !defined(_POSIX_C_SOURCE) && defined(OPENSSL_SYS_VMS)
+# ifndef _POSIX_C_SOURCE
+# define _POSIX_C_SOURCE 2
+# endif
+#endif
#include <signal.h>
#include <stdio.h>
#include <string.h>
@@ -177,45 +185,39 @@
/*
* There are 5 types of terminal interface supported, TERMIO, TERMIOS, VMS,
- * MSDOS and SGTTY
+ * MSDOS and SGTTY.
+ *
+ * If someone defines one of the macros TERMIO, TERMIOS or SGTTY, it will
+ * remain respected. Otherwise, we default to TERMIOS except for a few
+ * systems that require something different.
+ *
+ * Note: we do not use SGTTY unless it's defined by the configuration. We
+ * may eventually opt to remove it's use entirely.
*/
-#if defined(__sgi) && !defined(TERMIOS)
-# define TERMIOS
-# undef TERMIO
-# undef SGTTY
-#endif
+#if !defined(TERMIOS) && !defined(TERMIO) && !defined(SGTTY)
-#if defined(linux) && !defined(TERMIO)
-# undef TERMIOS
-# define TERMIO
-# undef SGTTY
-#endif
+# if defined(_LIBC)
+# undef TERMIOS
+# define TERMIO
+# undef SGTTY
+/*
+ * We know that VMS, MSDOS, VXWORKS, NETWARE use entirely other mechanisms.
+ * MAC_OS_GUSI_SOURCE should probably go away, but that needs to be confirmed.
+ */
+# elif !defined(OPENSSL_SYS_VMS) \
+ && !defined(OPENSSL_SYS_MSDOS) \
+ && !defined(OPENSSL_SYS_MACINTOSH_CLASSIC) \
+ && !defined(MAC_OS_GUSI_SOURCE) \
+ && !defined(OPENSSL_SYS_VXWORKS) \
+ && !defined(OPENSSL_SYS_NETWARE)
+# define TERMIOS
+# undef TERMIO
+# undef SGTTY
+# endif
-#ifdef _LIBC
-# undef TERMIOS
-# define TERMIO
-# undef SGTTY
#endif
-#if !defined(TERMIO) && !defined(TERMIOS) && !defined(OPENSSL_SYS_VMS) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_MACINTOSH_CLASSIC) && !defined(MAC_OS_GUSI_SOURCE)
-# undef TERMIOS
-# undef TERMIO
-# define SGTTY
-#endif
-
-#if defined(OPENSSL_SYS_VXWORKS)
-# undef TERMIOS
-# undef TERMIO
-# undef SGTTY
-#endif
-
-#if defined(OPENSSL_SYS_NETWARE)
-# undef TERMIOS
-# undef TERMIO
-# undef SGTTY
-#endif
-
#ifdef TERMIOS
# include <termios.h>
# define TTY_STRUCT struct termios
@@ -476,7 +478,7 @@
CRYPTO_w_lock(CRYPTO_LOCK_UI);
is_a_tty = 1;
-#if defined(OPENSSL_SYS_MACINTOSH_CLASSIC) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE)
+#if defined(OPENSSL_SYS_MACINTOSH_CLASSIC) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_BEOS)
tty_in = stdin;
tty_out = stderr;
#else
Copied: trunk/crypto/openssl/crypto/vms_rms.h (from rev 7117, vendor-crypto/openssl/dist/crypto/vms_rms.h)
===================================================================
--- trunk/crypto/openssl/crypto/vms_rms.h (rev 0)
+++ trunk/crypto/openssl/crypto/vms_rms.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,50 @@
+
+#ifdef NAML$C_MAXRSS
+
+# define CC_RMS_NAMX cc$rms_naml
+# define FAB_NAMX fab$l_naml
+# define FAB_OR_NAML( fab, naml) naml
+# define FAB_OR_NAML_DNA naml$l_long_defname
+# define FAB_OR_NAML_DNS naml$l_long_defname_size
+# define FAB_OR_NAML_FNA naml$l_long_filename
+# define FAB_OR_NAML_FNS naml$l_long_filename_size
+# define NAMX_ESA naml$l_long_expand
+# define NAMX_ESL naml$l_long_expand_size
+# define NAMX_ESS naml$l_long_expand_alloc
+# define NAMX_NOP naml$b_nop
+# define SET_NAMX_NO_SHORT_UPCASE( nam) nam.naml$v_no_short_upcase = 1
+
+# if __INITIAL_POINTER_SIZE == 64
+# define NAMX_DNA_FNA_SET(fab) fab.fab$l_dna = (__char_ptr32) -1; \
+ fab.fab$l_fna = (__char_ptr32) -1;
+# else /* __INITIAL_POINTER_SIZE == 64 */
+# define NAMX_DNA_FNA_SET(fab) fab.fab$l_dna = (char *) -1; \
+ fab.fab$l_fna = (char *) -1;
+# endif /* __INITIAL_POINTER_SIZE == 64 [else] */
+
+# define NAMX_MAXRSS NAML$C_MAXRSS
+# define NAMX_STRUCT NAML
+
+#else /* def NAML$C_MAXRSS */
+
+# define CC_RMS_NAMX cc$rms_nam
+# define FAB_NAMX fab$l_nam
+# define FAB_OR_NAML( fab, naml) fab
+# define FAB_OR_NAML_DNA fab$l_dna
+# define FAB_OR_NAML_DNS fab$b_dns
+# define FAB_OR_NAML_FNA fab$l_fna
+# define FAB_OR_NAML_FNS fab$b_fns
+# define NAMX_ESA nam$l_esa
+# define NAMX_ESL nam$b_esl
+# define NAMX_ESS nam$b_ess
+# define NAMX_NOP nam$b_nop
+# define NAMX_DNA_FNA_SET(fab)
+# define NAMX_MAXRSS NAM$C_MAXRSS
+# define NAMX_STRUCT NAM
+# ifdef NAM$M_NO_SHORT_UPCASE
+# define SET_NAMX_NO_SHORT_UPCASE( nam) naml.naml$v_no_short_upcase = 1
+# else /* def NAM$M_NO_SHORT_UPCASE */
+# define SET_NAMX_NO_SHORT_UPCASE( nam)
+# endif /* def NAM$M_NO_SHORT_UPCASE [else] */
+
+#endif /* def NAML$C_MAXRSS [else] */
Modified: trunk/crypto/openssl/crypto/x509/Makefile
===================================================================
--- trunk/crypto/openssl/crypto/x509/Makefile 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/x509/Makefile 2015-07-21 23:23:45 UTC (rev 7118)
@@ -43,12 +43,12 @@
all: lib
lib: $(LIBOBJ)
- $(ARX) $(LIB) $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
files:
- $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+ $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
links:
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@@ -71,6 +71,8 @@
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
+update: depend
+
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
@@ -89,28 +91,27 @@
by_dir.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
by_dir.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
by_dir.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-by_dir.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-by_dir.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-by_dir.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-by_dir.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-by_dir.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-by_dir.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-by_dir.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-by_dir.o: ../cryptlib.h by_dir.c
+by_dir.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+by_dir.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+by_dir.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+by_dir.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+by_dir.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+by_dir.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+by_dir.o: ../../include/openssl/x509_vfy.h ../cryptlib.h by_dir.c
by_file.o: ../../e_os.h ../../include/openssl/asn1.h
by_file.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
by_file.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
by_file.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
by_file.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-by_file.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-by_file.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-by_file.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-by_file.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-by_file.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
-by_file.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-by_file.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-by_file.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-by_file.o: ../../include/openssl/x509_vfy.h ../cryptlib.h by_file.c
+by_file.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+by_file.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+by_file.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+by_file.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
+by_file.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
+by_file.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+by_file.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+by_file.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+by_file.o: ../cryptlib.h by_file.c
x509_att.o: ../../e_os.h ../../include/openssl/asn1.h
x509_att.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
x509_att.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
@@ -117,9 +118,8 @@
x509_att.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
x509_att.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
x509_att.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x509_att.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-x509_att.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x509_att.o: ../../include/openssl/opensslconf.h
+x509_att.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x509_att.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
x509_att.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
x509_att.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
x509_att.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
@@ -132,9 +132,8 @@
x509_cmp.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
x509_cmp.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
x509_cmp.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x509_cmp.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-x509_cmp.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x509_cmp.o: ../../include/openssl/opensslconf.h
+x509_cmp.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x509_cmp.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
x509_cmp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
x509_cmp.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
x509_cmp.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
@@ -146,22 +145,22 @@
x509_d2.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
x509_d2.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
x509_d2.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-x509_d2.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-x509_d2.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-x509_d2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x509_d2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x509_d2.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-x509_d2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x509_d2.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x509_d2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509_d2.c
+x509_d2.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x509_d2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x509_d2.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x509_d2.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+x509_d2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x509_d2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x509_d2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x509_d2.o: ../cryptlib.h x509_d2.c
x509_def.o: ../../e_os.h ../../include/openssl/asn1.h
x509_def.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
x509_def.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
x509_def.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
x509_def.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-x509_def.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-x509_def.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-x509_def.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x509_def.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x509_def.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x509_def.o: ../../include/openssl/opensslconf.h
x509_def.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
x509_def.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
x509_def.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
@@ -172,9 +171,8 @@
x509_err.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
x509_err.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
x509_err.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x509_err.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-x509_err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x509_err.o: ../../include/openssl/opensslconf.h
+x509_err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x509_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
x509_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
x509_err.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
x509_err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
@@ -186,9 +184,8 @@
x509_ext.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
x509_ext.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
x509_ext.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x509_ext.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-x509_ext.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x509_ext.o: ../../include/openssl/opensslconf.h
+x509_ext.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x509_ext.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
x509_ext.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
x509_ext.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
x509_ext.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
@@ -201,22 +198,22 @@
x509_lu.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
x509_lu.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
x509_lu.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x509_lu.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-x509_lu.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x509_lu.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-x509_lu.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-x509_lu.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x509_lu.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x509_lu.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-x509_lu.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_lu.c
+x509_lu.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x509_lu.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x509_lu.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_lu.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509_lu.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509_lu.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509_lu.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+x509_lu.o: ../cryptlib.h x509_lu.c
x509_obj.o: ../../e_os.h ../../include/openssl/asn1.h
x509_obj.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
x509_obj.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
x509_obj.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
x509_obj.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-x509_obj.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-x509_obj.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-x509_obj.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x509_obj.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x509_obj.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x509_obj.o: ../../include/openssl/opensslconf.h
x509_obj.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
x509_obj.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
x509_obj.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
@@ -228,9 +225,8 @@
x509_r2x.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
x509_r2x.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
x509_r2x.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x509_r2x.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-x509_r2x.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x509_r2x.o: ../../include/openssl/opensslconf.h
+x509_r2x.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x509_r2x.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
x509_r2x.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
x509_r2x.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
x509_r2x.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
@@ -237,12 +233,12 @@
x509_r2x.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
x509_r2x.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509_r2x.c
x509_req.o: ../../e_os.h ../../include/openssl/asn1.h
-x509_req.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-x509_req.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-x509_req.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-x509_req.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-x509_req.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x509_req.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
+x509_req.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+x509_req.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+x509_req.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x509_req.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+x509_req.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
+x509_req.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
x509_req.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
x509_req.o: ../../include/openssl/opensslconf.h
x509_req.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
@@ -256,9 +252,9 @@
x509_set.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
x509_set.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
x509_set.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-x509_set.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-x509_set.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-x509_set.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x509_set.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x509_set.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x509_set.o: ../../include/openssl/opensslconf.h
x509_set.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
x509_set.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
x509_set.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
@@ -270,9 +266,8 @@
x509_trs.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
x509_trs.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
x509_trs.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x509_trs.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-x509_trs.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x509_trs.o: ../../include/openssl/opensslconf.h
+x509_trs.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x509_trs.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
x509_trs.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
x509_trs.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
x509_trs.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
@@ -284,9 +279,9 @@
x509_txt.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
x509_txt.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
x509_txt.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-x509_txt.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-x509_txt.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-x509_txt.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x509_txt.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x509_txt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x509_txt.o: ../../include/openssl/opensslconf.h
x509_txt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
x509_txt.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
x509_txt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
@@ -298,14 +293,14 @@
x509_v3.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
x509_v3.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
x509_v3.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x509_v3.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-x509_v3.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x509_v3.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-x509_v3.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-x509_v3.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x509_v3.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x509_v3.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-x509_v3.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_v3.c
+x509_v3.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x509_v3.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x509_v3.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_v3.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509_v3.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509_v3.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509_v3.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+x509_v3.o: ../cryptlib.h x509_v3.c
x509_vfy.o: ../../e_os.h ../../include/openssl/asn1.h
x509_vfy.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
x509_vfy.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
@@ -312,9 +307,8 @@
x509_vfy.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
x509_vfy.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
x509_vfy.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x509_vfy.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-x509_vfy.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x509_vfy.o: ../../include/openssl/opensslconf.h
+x509_vfy.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x509_vfy.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
x509_vfy.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
x509_vfy.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
x509_vfy.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
@@ -327,9 +321,8 @@
x509_vpm.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
x509_vpm.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
x509_vpm.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x509_vpm.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-x509_vpm.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x509_vpm.o: ../../include/openssl/opensslconf.h
+x509_vpm.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x509_vpm.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
x509_vpm.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
x509_vpm.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
x509_vpm.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
@@ -341,9 +334,9 @@
x509cset.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
x509cset.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
x509cset.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-x509cset.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-x509cset.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-x509cset.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x509cset.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x509cset.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x509cset.o: ../../include/openssl/opensslconf.h
x509cset.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
x509cset.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
x509cset.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
@@ -354,9 +347,9 @@
x509name.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
x509name.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
x509name.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-x509name.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-x509name.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-x509name.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x509name.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x509name.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x509name.o: ../../include/openssl/opensslconf.h
x509name.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
x509name.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
x509name.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
@@ -367,9 +360,9 @@
x509rset.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
x509rset.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
x509rset.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-x509rset.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-x509rset.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-x509rset.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x509rset.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x509rset.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x509rset.o: ../../include/openssl/opensslconf.h
x509rset.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
x509rset.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
x509rset.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
@@ -380,9 +373,9 @@
x509spki.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
x509spki.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
x509spki.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-x509spki.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-x509spki.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-x509spki.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x509spki.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x509spki.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x509spki.o: ../../include/openssl/opensslconf.h
x509spki.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
x509spki.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
x509spki.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
@@ -393,9 +386,9 @@
x509type.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
x509type.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
x509type.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-x509type.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-x509type.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-x509type.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x509type.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x509type.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x509type.o: ../../include/openssl/opensslconf.h
x509type.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
x509type.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
x509type.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
@@ -406,12 +399,11 @@
x_all.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
x_all.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
x_all.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-x_all.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-x_all.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-x_all.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x_all.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x_all.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
-x_all.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x_all.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x_all.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-x_all.o: ../cryptlib.h x_all.c
+x_all.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x_all.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x_all.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+x_all.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+x_all.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x_all.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x_all.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_all.c
Modified: trunk/crypto/openssl/crypto/x509/by_dir.c
===================================================================
--- trunk/crypto/openssl/crypto/x509/by_dir.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/x509/by_dir.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -65,9 +65,7 @@
#ifndef NO_SYS_TYPES_H
# include <sys/types.h>
#endif
-#ifdef MAC_OS_pre_X
-# include <stat.h>
-#else
+#ifndef OPENSSL_NO_POSIX_IO
# include <sys/stat.h>
#endif
@@ -74,18 +72,25 @@
#include <openssl/lhash.h>
#include <openssl/x509.h>
-#ifdef _WIN32
-# define stat _stat
-#endif
+typedef struct lookup_dir_hashes_st {
+ unsigned long hash;
+ int suffix;
+} BY_DIR_HASH;
+typedef struct lookup_dir_entry_st {
+ char *dir;
+ int dir_type;
+ STACK_OF(BY_DIR_HASH) *hashes;
+} BY_DIR_ENTRY;
+
typedef struct lookup_dir_st {
BUF_MEM *buffer;
- int num_dirs;
- char **dirs;
- int *dirs_type;
- int num_dirs_alloced;
+ STACK_OF(BY_DIR_ENTRY) *dirs;
} BY_DIR;
+DECLARE_STACK_OF(BY_DIR_HASH)
+DECLARE_STACK_OF(BY_DIR_ENTRY)
+
static int dir_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl,
char **ret);
static int new_dir(X509_LOOKUP *lu);
@@ -123,7 +128,7 @@
switch (cmd) {
case X509_L_ADD_DIR:
if (argl == X509_FILETYPE_DEFAULT) {
- dir = (char *)Getenv(X509_get_default_cert_dir_env());
+ dir = (char *)getenv(X509_get_default_cert_dir_env());
if (dir)
ret = add_cert_dir(ld, dir, X509_FILETYPE_PEM);
else
@@ -149,27 +154,42 @@
OPENSSL_free(a);
return (0);
}
- a->num_dirs = 0;
a->dirs = NULL;
- a->dirs_type = NULL;
- a->num_dirs_alloced = 0;
lu->method_data = (char *)a;
return (1);
}
+static void by_dir_hash_free(BY_DIR_HASH *hash)
+{
+ OPENSSL_free(hash);
+}
+
+static int by_dir_hash_cmp(const BY_DIR_HASH *const *a,
+ const BY_DIR_HASH *const *b)
+{
+ if ((*a)->hash > (*b)->hash)
+ return 1;
+ if ((*a)->hash < (*b)->hash)
+ return -1;
+ return 0;
+}
+
+static void by_dir_entry_free(BY_DIR_ENTRY *ent)
+{
+ if (ent->dir)
+ OPENSSL_free(ent->dir);
+ if (ent->hashes)
+ sk_BY_DIR_HASH_pop_free(ent->hashes, by_dir_hash_free);
+ OPENSSL_free(ent);
+}
+
static void free_dir(X509_LOOKUP *lu)
{
BY_DIR *a;
- int i;
a = (BY_DIR *)lu->method_data;
- for (i = 0; i < a->num_dirs; i++)
- if (a->dirs[i] != NULL)
- OPENSSL_free(a->dirs[i]);
if (a->dirs != NULL)
- OPENSSL_free(a->dirs);
- if (a->dirs_type != NULL)
- OPENSSL_free(a->dirs_type);
+ sk_BY_DIR_ENTRY_pop_free(a->dirs, by_dir_entry_free);
if (a->buffer != NULL)
BUF_MEM_free(a->buffer);
OPENSSL_free(a);
@@ -178,9 +198,7 @@
static int add_cert_dir(BY_DIR *ctx, const char *dir, int type)
{
int j, len;
- int *ip;
const char *s, *ss, *p;
- char **pp;
if (dir == NULL || !*dir) {
X509err(X509_F_ADD_CERT_DIR, X509_R_INVALID_DIRECTORY);
@@ -189,53 +207,48 @@
s = dir;
p = s;
- for (;; p++) {
+ do {
if ((*p == LIST_SEPARATOR_CHAR) || (*p == '\0')) {
+ BY_DIR_ENTRY *ent;
ss = s;
s = p + 1;
len = (int)(p - ss);
if (len == 0)
continue;
- for (j = 0; j < ctx->num_dirs; j++)
- if (strlen(ctx->dirs[j]) == (size_t)len &&
- strncmp(ctx->dirs[j], ss, (unsigned int)len) == 0)
+ for (j = 0; j < sk_BY_DIR_ENTRY_num(ctx->dirs); j++) {
+ ent = sk_BY_DIR_ENTRY_value(ctx->dirs, j);
+ if (strlen(ent->dir) == (size_t)len &&
+ strncmp(ent->dir, ss, (unsigned int)len) == 0)
break;
- if (j < ctx->num_dirs)
+ }
+ if (j < sk_BY_DIR_ENTRY_num(ctx->dirs))
continue;
- if (ctx->num_dirs_alloced < (ctx->num_dirs + 1)) {
- ctx->num_dirs_alloced += 10;
- pp = (char **)OPENSSL_malloc(ctx->num_dirs_alloced *
- sizeof(char *));
- ip = (int *)OPENSSL_malloc(ctx->num_dirs_alloced *
- sizeof(int));
- if ((pp == NULL) || (ip == NULL)) {
+ if (ctx->dirs == NULL) {
+ ctx->dirs = sk_BY_DIR_ENTRY_new_null();
+ if (!ctx->dirs) {
X509err(X509_F_ADD_CERT_DIR, ERR_R_MALLOC_FAILURE);
- return (0);
+ return 0;
}
- memcpy(pp, ctx->dirs, (ctx->num_dirs_alloced - 10) *
- sizeof(char *));
- memcpy(ip, ctx->dirs_type, (ctx->num_dirs_alloced - 10) *
- sizeof(int));
- if (ctx->dirs != NULL)
- OPENSSL_free(ctx->dirs);
- if (ctx->dirs_type != NULL)
- OPENSSL_free(ctx->dirs_type);
- ctx->dirs = pp;
- ctx->dirs_type = ip;
}
- ctx->dirs_type[ctx->num_dirs] = type;
- ctx->dirs[ctx->num_dirs] =
- (char *)OPENSSL_malloc((unsigned int)len + 1);
- if (ctx->dirs[ctx->num_dirs] == NULL)
- return (0);
- strncpy(ctx->dirs[ctx->num_dirs], ss, (unsigned int)len);
- ctx->dirs[ctx->num_dirs][len] = '\0';
- ctx->num_dirs++;
+ ent = OPENSSL_malloc(sizeof(BY_DIR_ENTRY));
+ if (!ent)
+ return 0;
+ ent->dir_type = type;
+ ent->hashes = sk_BY_DIR_HASH_new(by_dir_hash_cmp);
+ ent->dir = OPENSSL_malloc((unsigned int)len + 1);
+ if (!ent->dir || !ent->hashes) {
+ by_dir_entry_free(ent);
+ return 0;
+ }
+ strncpy(ent->dir, ss, (unsigned int)len);
+ ent->dir[len] = '\0';
+ if (!sk_BY_DIR_ENTRY_push(ctx->dirs, ent)) {
+ by_dir_entry_free(ent);
+ return 0;
+ }
}
- if (*p == '\0')
- break;
- }
- return (1);
+ } while (*p++ != '\0');
+ return 1;
}
static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name,
@@ -256,7 +269,6 @@
int i, j, k;
unsigned long h;
BUF_MEM *b = NULL;
- struct stat st;
X509_OBJECT stmp, *tmp;
const char *postfix = "";
@@ -287,17 +299,36 @@
ctx = (BY_DIR *)xl->method_data;
h = X509_NAME_hash(name);
- for (i = 0; i < ctx->num_dirs; i++) {
- j = strlen(ctx->dirs[i]) + 1 + 8 + 6 + 1 + 1;
+ for (i = 0; i < sk_BY_DIR_ENTRY_num(ctx->dirs); i++) {
+ BY_DIR_ENTRY *ent;
+ int idx;
+ BY_DIR_HASH htmp, *hent;
+ ent = sk_BY_DIR_ENTRY_value(ctx->dirs, i);
+ j = strlen(ent->dir) + 1 + 8 + 6 + 1 + 1;
if (!BUF_MEM_grow(b, j)) {
X509err(X509_F_GET_CERT_BY_SUBJECT, ERR_R_MALLOC_FAILURE);
goto finish;
}
- k = 0;
+ if (type == X509_LU_CRL && ent->hashes) {
+ htmp.hash = h;
+ CRYPTO_r_lock(CRYPTO_LOCK_X509_STORE);
+ idx = sk_BY_DIR_HASH_find(ent->hashes, &htmp);
+ if (idx >= 0) {
+ hent = sk_BY_DIR_HASH_value(ent->hashes, idx);
+ k = hent->suffix;
+ } else {
+ hent = NULL;
+ k = 0;
+ }
+ CRYPTO_r_unlock(CRYPTO_LOCK_X509_STORE);
+ } else {
+ k = 0;
+ hent = NULL;
+ }
for (;;) {
char c = '/';
#ifdef OPENSSL_SYS_VMS
- c = ctx->dirs[i][strlen(ctx->dirs[i]) - 1];
+ c = ent->dir[strlen(ent->dir) - 1];
if (c != ':' && c != '>' && c != ']') {
/*
* If no separator is present, we assume the directory
@@ -316,25 +347,31 @@
* should be added.
*/
BIO_snprintf(b->data, b->max,
- "%s%08lx.%s%d", ctx->dirs[i], h, postfix, k);
+ "%s%08lx.%s%d", ent->dir, h, postfix, k);
} else {
BIO_snprintf(b->data, b->max,
- "%s%c%08lx.%s%d", ctx->dirs[i], c, h,
- postfix, k);
+ "%s%c%08lx.%s%d", ent->dir, c, h, postfix, k);
}
- k++;
- if (stat(b->data, &st) < 0)
- break;
+#ifndef OPENSSL_NO_POSIX_IO
+# ifdef _WIN32
+# define stat _stat
+# endif
+ {
+ struct stat st;
+ if (stat(b->data, &st) < 0)
+ break;
+ }
+#endif
/* found one. */
if (type == X509_LU_X509) {
- if ((X509_load_cert_file(xl, b->data,
- ctx->dirs_type[i])) == 0)
+ if ((X509_load_cert_file(xl, b->data, ent->dir_type)) == 0)
break;
} else if (type == X509_LU_CRL) {
- if ((X509_load_crl_file(xl, b->data, ctx->dirs_type[i])) == 0)
+ if ((X509_load_crl_file(xl, b->data, ent->dir_type)) == 0)
break;
}
/* else case will caught higher up */
+ k++;
}
/*
@@ -348,6 +385,37 @@
tmp = NULL;
CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+ /* If a CRL, update the last file suffix added for this */
+
+ if (type == X509_LU_CRL) {
+ CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
+ /*
+ * Look for entry again in case another thread added an entry
+ * first.
+ */
+ if (!hent) {
+ htmp.hash = h;
+ idx = sk_BY_DIR_HASH_find(ent->hashes, &htmp);
+ if (idx >= 0)
+ hent = sk_BY_DIR_HASH_value(ent->hashes, idx);
+ }
+ if (!hent) {
+ hent = OPENSSL_malloc(sizeof(BY_DIR_HASH));
+ hent->hash = h;
+ hent->suffix = k;
+ if (!sk_BY_DIR_HASH_push(ent->hashes, hent)) {
+ CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+ OPENSSL_free(hent);
+ ok = 0;
+ goto finish;
+ }
+ } else if (hent->suffix < k)
+ hent->suffix = k;
+
+ CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+
+ }
+
if (tmp != NULL) {
ok = 1;
ret->type = tmp->type;
Modified: trunk/crypto/openssl/crypto/x509/by_file.c
===================================================================
--- trunk/crypto/openssl/crypto/x509/by_file.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/x509/by_file.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -97,7 +97,7 @@
switch (cmd) {
case X509_L_FILE_LOAD:
if (argl == X509_FILETYPE_DEFAULT) {
- file = (char *)Getenv(X509_get_default_cert_file_env());
+ file = (char *)getenv(X509_get_default_cert_file_env());
if (file)
ok = (X509_load_cert_crl_file(ctx, file,
X509_FILETYPE_PEM) != 0);
Modified: trunk/crypto/openssl/crypto/x509/x509.h
===================================================================
--- trunk/crypto/openssl/crypto/x509/x509.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/x509/x509.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -154,11 +154,11 @@
ASN1_TIME *notAfter;
} X509_VAL;
-typedef struct X509_pubkey_st {
+struct X509_pubkey_st {
X509_ALGOR *algor;
ASN1_BIT_STRING *public_key;
EVP_PKEY *pkey;
-} X509_PUBKEY;
+};
typedef struct X509_sig_st {
X509_ALGOR *algor;
@@ -184,7 +184,9 @@
# else
char *bytes;
# endif
- unsigned long hash; /* Keep the hash around for lookups */
+/* unsigned long hash; Keep the hash around for lookups */
+ unsigned char *canon_enc;
+ int canon_enclen;
} /* X509_NAME */ ;
DECLARE_STACK_OF(X509_NAME)
@@ -281,8 +283,11 @@
unsigned long ex_xkusage;
unsigned long ex_nscert;
ASN1_OCTET_STRING *skid;
- struct AUTHORITY_KEYID_st *akid;
+ AUTHORITY_KEYID *akid;
X509_POLICY_CACHE *policy_cache;
+ STACK_OF(DIST_POINT) *crldp;
+ STACK_OF(GENERAL_NAME) *altname;
+ NAME_CONSTRAINTS *nc;
# ifndef OPENSSL_NO_RFC3779
STACK_OF(IPAddressFamily) *rfc3779_addr;
struct ASIdentifiers_st *rfc3779_asid;
@@ -325,10 +330,11 @@
# define X509_TRUST_OBJECT_SIGN 5
# define X509_TRUST_OCSP_SIGN 6
# define X509_TRUST_OCSP_REQUEST 7
+# define X509_TRUST_TSA 8
/* Keep these up to date! */
# define X509_TRUST_MIN 1
-# define X509_TRUST_MAX 7
+# define X509_TRUST_MAX 8
/* trust_flags values */
# define X509_TRUST_DYNAMIC 1
@@ -417,12 +423,16 @@
XN_FLAG_FN_LN | \
XN_FLAG_FN_ALIGN)
-typedef struct X509_revoked_st {
+struct x509_revoked_st {
ASN1_INTEGER *serialNumber;
ASN1_TIME *revocationDate;
STACK_OF(X509_EXTENSION) /* optional */ *extensions;
+ /* Set up if indirect CRL */
+ STACK_OF(GENERAL_NAME) *issuer;
+ /* Revocation reason */
+ int reason;
int sequence; /* load sequence */
-} X509_REVOKED;
+};
DECLARE_STACK_OF(X509_REVOKED)
DECLARE_ASN1_SET_OF(X509_REVOKED)
@@ -444,6 +454,22 @@
X509_ALGOR *sig_alg;
ASN1_BIT_STRING *signature;
int references;
+ int flags;
+ /* Copies of various extensions */
+ AUTHORITY_KEYID *akid;
+ ISSUING_DIST_POINT *idp;
+ /* Convenient breakdown of IDP */
+ int idp_flags;
+ int idp_reasons;
+ /* CRL and base CRL numbers for delta processing */
+ ASN1_INTEGER *crl_number;
+ ASN1_INTEGER *base_crl_number;
+# ifndef OPENSSL_NO_SHA
+ unsigned char sha1_hash[SHA_DIGEST_LENGTH];
+# endif
+ STACK_OF(GENERAL_NAMES) *issuers;
+ const X509_CRL_METHOD *meth;
+ void *meth_data;
} /* X509_CRL */ ;
DECLARE_STACK_OF(X509_CRL)
@@ -532,7 +558,7 @@
/* PKCS#8 private key info structure */
-typedef struct pkcs8_priv_key_info_st {
+struct pkcs8_priv_key_info_st {
/* Flag for various broken formats */
int broken;
# define PKCS8_OK 0
@@ -539,12 +565,13 @@
# define PKCS8_NO_OCTET 1
# define PKCS8_EMBEDDED_PARAM 2
# define PKCS8_NS_DB 3
+# define PKCS8_NEG_PRIVKEY 4
ASN1_INTEGER *version;
X509_ALGOR *pkeyalg;
/* Should be OCTET STRING but some are broken */
ASN1_TYPE *pkey;
STACK_OF(X509_ATTRIBUTE) *attributes;
-} PKCS8_PRIV_KEY_INFO;
+};
#ifdef __cplusplus
}
@@ -557,151 +584,6 @@
extern "C" {
#endif
-# ifdef SSLEAY_MACROS
-# define X509_verify(a,r) ASN1_verify((int (*)())i2d_X509_CINF,a->sig_alg,\
- a->signature,(char *)a->cert_info,r)
-# define X509_REQ_verify(a,r) ASN1_verify((int (*)())i2d_X509_REQ_INFO, \
- a->sig_alg,a->signature,(char *)a->req_info,r)
-# define X509_CRL_verify(a,r) ASN1_verify((int (*)())i2d_X509_CRL_INFO, \
- a->sig_alg, a->signature,(char *)a->crl,r)
-
-# define X509_sign(x,pkey,md) \
- ASN1_sign((int (*)())i2d_X509_CINF, x->cert_info->signature, \
- x->sig_alg, x->signature, (char *)x->cert_info,pkey,md)
-# define X509_REQ_sign(x,pkey,md) \
- ASN1_sign((int (*)())i2d_X509_REQ_INFO,x->sig_alg, NULL, \
- x->signature, (char *)x->req_info,pkey,md)
-# define X509_CRL_sign(x,pkey,md) \
- ASN1_sign((int (*)())i2d_X509_CRL_INFO,x->crl->sig_alg,x->sig_alg, \
- x->signature, (char *)x->crl,pkey,md)
-# define NETSCAPE_SPKI_sign(x,pkey,md) \
- ASN1_sign((int (*)())i2d_NETSCAPE_SPKAC, x->sig_algor,NULL, \
- x->signature, (char *)x->spkac,pkey,md)
-
-# define X509_dup(x509) (X509 *)ASN1_dup((int (*)())i2d_X509, \
- (char *(*)())d2i_X509,(char *)x509)
-# define X509_ATTRIBUTE_dup(xa) (X509_ATTRIBUTE *)ASN1_dup(\
- (int (*)())i2d_X509_ATTRIBUTE, \
- (char *(*)())d2i_X509_ATTRIBUTE,(char *)xa)
-# define X509_EXTENSION_dup(ex) (X509_EXTENSION *)ASN1_dup( \
- (int (*)())i2d_X509_EXTENSION, \
- (char *(*)())d2i_X509_EXTENSION,(char *)ex)
-# define d2i_X509_fp(fp,x509) (X509 *)ASN1_d2i_fp((char *(*)())X509_new, \
- (char *(*)())d2i_X509, (fp),(unsigned char **)(x509))
-# define i2d_X509_fp(fp,x509) ASN1_i2d_fp(i2d_X509,fp,(unsigned char *)x509)
-# define d2i_X509_bio(bp,x509) (X509 *)ASN1_d2i_bio((char *(*)())X509_new, \
- (char *(*)())d2i_X509, (bp),(unsigned char **)(x509))
-# define i2d_X509_bio(bp,x509) ASN1_i2d_bio(i2d_X509,bp,(unsigned char *)x509)
-
-# define X509_CRL_dup(crl) (X509_CRL *)ASN1_dup((int (*)())i2d_X509_CRL, \
- (char *(*)())d2i_X509_CRL,(char *)crl)
-# define d2i_X509_CRL_fp(fp,crl) (X509_CRL *)ASN1_d2i_fp((char *(*)()) \
- X509_CRL_new,(char *(*)())d2i_X509_CRL, (fp),\
- (unsigned char **)(crl))
-# define i2d_X509_CRL_fp(fp,crl) ASN1_i2d_fp(i2d_X509_CRL,fp,\
- (unsigned char *)crl)
-# define d2i_X509_CRL_bio(bp,crl) (X509_CRL *)ASN1_d2i_bio((char *(*)()) \
- X509_CRL_new,(char *(*)())d2i_X509_CRL, (bp),\
- (unsigned char **)(crl))
-# define i2d_X509_CRL_bio(bp,crl) ASN1_i2d_bio(i2d_X509_CRL,bp,\
- (unsigned char *)crl)
-
-# define PKCS7_dup(p7) (PKCS7 *)ASN1_dup((int (*)())i2d_PKCS7, \
- (char *(*)())d2i_PKCS7,(char *)p7)
-# define d2i_PKCS7_fp(fp,p7) (PKCS7 *)ASN1_d2i_fp((char *(*)()) \
- PKCS7_new,(char *(*)())d2i_PKCS7, (fp),\
- (unsigned char **)(p7))
-# define i2d_PKCS7_fp(fp,p7) ASN1_i2d_fp(i2d_PKCS7,fp,\
- (unsigned char *)p7)
-# define d2i_PKCS7_bio(bp,p7) (PKCS7 *)ASN1_d2i_bio((char *(*)()) \
- PKCS7_new,(char *(*)())d2i_PKCS7, (bp),\
- (unsigned char **)(p7))
-# define i2d_PKCS7_bio(bp,p7) ASN1_i2d_bio(i2d_PKCS7,bp,\
- (unsigned char *)p7)
-
-# define X509_REQ_dup(req) (X509_REQ *)ASN1_dup((int (*)())i2d_X509_REQ, \
- (char *(*)())d2i_X509_REQ,(char *)req)
-# define d2i_X509_REQ_fp(fp,req) (X509_REQ *)ASN1_d2i_fp((char *(*)())\
- X509_REQ_new, (char *(*)())d2i_X509_REQ, (fp),\
- (unsigned char **)(req))
-# define i2d_X509_REQ_fp(fp,req) ASN1_i2d_fp(i2d_X509_REQ,fp,\
- (unsigned char *)req)
-# define d2i_X509_REQ_bio(bp,req) (X509_REQ *)ASN1_d2i_bio((char *(*)())\
- X509_REQ_new, (char *(*)())d2i_X509_REQ, (bp),\
- (unsigned char **)(req))
-# define i2d_X509_REQ_bio(bp,req) ASN1_i2d_bio(i2d_X509_REQ,bp,\
- (unsigned char *)req)
-
-# define RSAPublicKey_dup(rsa) (RSA *)ASN1_dup((int (*)())i2d_RSAPublicKey, \
- (char *(*)())d2i_RSAPublicKey,(char *)rsa)
-# define RSAPrivateKey_dup(rsa) (RSA *)ASN1_dup((int (*)())i2d_RSAPrivateKey, \
- (char *(*)())d2i_RSAPrivateKey,(char *)rsa)
-
-# define d2i_RSAPrivateKey_fp(fp,rsa) (RSA *)ASN1_d2i_fp((char *(*)())\
- RSA_new,(char *(*)())d2i_RSAPrivateKey, (fp), \
- (unsigned char **)(rsa))
-# define i2d_RSAPrivateKey_fp(fp,rsa) ASN1_i2d_fp(i2d_RSAPrivateKey,fp, \
- (unsigned char *)rsa)
-# define d2i_RSAPrivateKey_bio(bp,rsa) (RSA *)ASN1_d2i_bio((char *(*)())\
- RSA_new,(char *(*)())d2i_RSAPrivateKey, (bp), \
- (unsigned char **)(rsa))
-# define i2d_RSAPrivateKey_bio(bp,rsa) ASN1_i2d_bio(i2d_RSAPrivateKey,bp, \
- (unsigned char *)rsa)
-
-# define d2i_RSAPublicKey_fp(fp,rsa) (RSA *)ASN1_d2i_fp((char *(*)())\
- RSA_new,(char *(*)())d2i_RSAPublicKey, (fp), \
- (unsigned char **)(rsa))
-# define i2d_RSAPublicKey_fp(fp,rsa) ASN1_i2d_fp(i2d_RSAPublicKey,fp, \
- (unsigned char *)rsa)
-# define d2i_RSAPublicKey_bio(bp,rsa) (RSA *)ASN1_d2i_bio((char *(*)())\
- RSA_new,(char *(*)())d2i_RSAPublicKey, (bp), \
- (unsigned char **)(rsa))
-# define i2d_RSAPublicKey_bio(bp,rsa) ASN1_i2d_bio(i2d_RSAPublicKey,bp, \
- (unsigned char *)rsa)
-
-# define d2i_DSAPrivateKey_fp(fp,dsa) (DSA *)ASN1_d2i_fp((char *(*)())\
- DSA_new,(char *(*)())d2i_DSAPrivateKey, (fp), \
- (unsigned char **)(dsa))
-# define i2d_DSAPrivateKey_fp(fp,dsa) ASN1_i2d_fp(i2d_DSAPrivateKey,fp, \
- (unsigned char *)dsa)
-# define d2i_DSAPrivateKey_bio(bp,dsa) (DSA *)ASN1_d2i_bio((char *(*)())\
- DSA_new,(char *(*)())d2i_DSAPrivateKey, (bp), \
- (unsigned char **)(dsa))
-# define i2d_DSAPrivateKey_bio(bp,dsa) ASN1_i2d_bio(i2d_DSAPrivateKey,bp, \
- (unsigned char *)dsa)
-
-# define d2i_ECPrivateKey_fp(fp,ecdsa) (EC_KEY *)ASN1_d2i_fp((char *(*)())\
- EC_KEY_new,(char *(*)())d2i_ECPrivateKey, (fp), \
- (unsigned char **)(ecdsa))
-# define i2d_ECPrivateKey_fp(fp,ecdsa) ASN1_i2d_fp(i2d_ECPrivateKey,fp, \
- (unsigned char *)ecdsa)
-# define d2i_ECPrivateKey_bio(bp,ecdsa) (EC_KEY *)ASN1_d2i_bio((char *(*)())\
- EC_KEY_new,(char *(*)())d2i_ECPrivateKey, (bp), \
- (unsigned char **)(ecdsa))
-# define i2d_ECPrivateKey_bio(bp,ecdsa) ASN1_i2d_bio(i2d_ECPrivateKey,bp, \
- (unsigned char *)ecdsa)
-
-# define X509_ALGOR_dup(xn) (X509_ALGOR *)ASN1_dup((int (*)())i2d_X509_ALGOR,\
- (char *(*)())d2i_X509_ALGOR,(char *)xn)
-
-# define X509_NAME_dup(xn) (X509_NAME *)ASN1_dup((int (*)())i2d_X509_NAME, \
- (char *(*)())d2i_X509_NAME,(char *)xn)
-# define X509_NAME_ENTRY_dup(ne) (X509_NAME_ENTRY *)ASN1_dup( \
- (int (*)())i2d_X509_NAME_ENTRY, \
- (char *(*)())d2i_X509_NAME_ENTRY,\
- (char *)ne)
-
-# define X509_digest(data,type,md,len) \
- ASN1_digest((int (*)())i2d_X509,type,(char *)data,md,len)
-# define X509_NAME_digest(data,type,md,len) \
- ASN1_digest((int (*)())i2d_X509_NAME,type,(char *)data,md,len)
-# ifndef PKCS7_ISSUER_AND_SERIAL_digest
-# define PKCS7_ISSUER_AND_SERIAL_digest(data,type,md,len) \
- ASN1_digest((int (*)())i2d_PKCS7_ISSUER_AND_SERIAL,type,\
- (char *)data,md,len)
-# endif
-# endif
-
# define X509_EXT_PACK_UNKNOWN 1
# define X509_EXT_PACK_STRING 2
@@ -722,6 +604,20 @@
# define X509_CRL_get_issuer(x) ((x)->crl->issuer)
# define X509_CRL_get_REVOKED(x) ((x)->crl->revoked)
+void X509_CRL_set_default_method(const X509_CRL_METHOD *meth);
+X509_CRL_METHOD *X509_CRL_METHOD_new(int (*crl_init) (X509_CRL *crl),
+ int (*crl_free) (X509_CRL *crl),
+ int (*crl_lookup) (X509_CRL *crl,
+ X509_REVOKED **ret,
+ ASN1_INTEGER *ser,
+ X509_NAME *issuer),
+ int (*crl_verify) (X509_CRL *crl,
+ EVP_PKEY *pk));
+void X509_CRL_METHOD_free(X509_CRL_METHOD *m);
+
+void X509_CRL_set_meth_data(X509_CRL *crl, void *dat);
+void *X509_CRL_get_meth_data(X509_CRL *crl);
+
/*
* This one is only used so that a binary form can output, as in
* i2d_X509_NAME(X509_get_X509_PUBKEY(x),&buf)
@@ -730,8 +626,7 @@
const char *X509_verify_cert_error_string(long n);
-# ifndef SSLEAY_MACROS
-# ifndef OPENSSL_NO_EVP
+# ifndef OPENSSL_NO_EVP
int X509_verify(X509 *a, EVP_PKEY *r);
int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r);
@@ -745,11 +640,15 @@
int NETSCAPE_SPKI_print(BIO *out, NETSCAPE_SPKI *spki);
+int X509_signature_dump(BIO *bp, const ASN1_STRING *sig, int indent);
int X509_signature_print(BIO *bp, X509_ALGOR *alg, ASN1_STRING *sig);
int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md);
+int X509_sign_ctx(X509 *x, EVP_MD_CTX *ctx);
int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md);
+int X509_REQ_sign_ctx(X509_REQ *x, EVP_MD_CTX *ctx);
int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md);
+int X509_CRL_sign_ctx(X509_CRL *x, EVP_MD_CTX *ctx);
int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md);
int X509_pubkey_digest(const X509 *data, const EVP_MD *type,
@@ -762,9 +661,9 @@
unsigned char *md, unsigned int *len);
int X509_NAME_digest(const X509_NAME *data, const EVP_MD *type,
unsigned char *md, unsigned int *len);
-# endif
+# endif
-# ifndef OPENSSL_NO_FP_API
+# ifndef OPENSSL_NO_FP_API
X509 *d2i_X509_fp(FILE *fp, X509 **x509);
int i2d_X509_fp(FILE *fp, X509 *x509);
X509_CRL *d2i_X509_CRL_fp(FILE *fp, X509_CRL **crl);
@@ -771,7 +670,7 @@
int i2d_X509_CRL_fp(FILE *fp, X509_CRL *crl);
X509_REQ *d2i_X509_REQ_fp(FILE *fp, X509_REQ **req);
int i2d_X509_REQ_fp(FILE *fp, X509_REQ *req);
-# ifndef OPENSSL_NO_RSA
+# ifndef OPENSSL_NO_RSA
RSA *d2i_RSAPrivateKey_fp(FILE *fp, RSA **rsa);
int i2d_RSAPrivateKey_fp(FILE *fp, RSA *rsa);
RSA *d2i_RSAPublicKey_fp(FILE *fp, RSA **rsa);
@@ -778,19 +677,19 @@
int i2d_RSAPublicKey_fp(FILE *fp, RSA *rsa);
RSA *d2i_RSA_PUBKEY_fp(FILE *fp, RSA **rsa);
int i2d_RSA_PUBKEY_fp(FILE *fp, RSA *rsa);
-# endif
-# ifndef OPENSSL_NO_DSA
+# endif
+# ifndef OPENSSL_NO_DSA
DSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa);
int i2d_DSA_PUBKEY_fp(FILE *fp, DSA *dsa);
DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa);
int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa);
-# endif
-# ifndef OPENSSL_NO_EC
+# endif
+# ifndef OPENSSL_NO_EC
EC_KEY *d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **eckey);
int i2d_EC_PUBKEY_fp(FILE *fp, EC_KEY *eckey);
EC_KEY *d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey);
int i2d_ECPrivateKey_fp(FILE *fp, EC_KEY *eckey);
-# endif
+# endif
X509_SIG *d2i_PKCS8_fp(FILE *fp, X509_SIG **p8);
int i2d_PKCS8_fp(FILE *fp, X509_SIG *p8);
PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp,
@@ -801,9 +700,9 @@
EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a);
int i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey);
EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a);
-# endif
+# endif
-# ifndef OPENSSL_NO_BIO
+# ifndef OPENSSL_NO_BIO
X509 *d2i_X509_bio(BIO *bp, X509 **x509);
int i2d_X509_bio(BIO *bp, X509 *x509);
X509_CRL *d2i_X509_CRL_bio(BIO *bp, X509_CRL **crl);
@@ -810,7 +709,7 @@
int i2d_X509_CRL_bio(BIO *bp, X509_CRL *crl);
X509_REQ *d2i_X509_REQ_bio(BIO *bp, X509_REQ **req);
int i2d_X509_REQ_bio(BIO *bp, X509_REQ *req);
-# ifndef OPENSSL_NO_RSA
+# ifndef OPENSSL_NO_RSA
RSA *d2i_RSAPrivateKey_bio(BIO *bp, RSA **rsa);
int i2d_RSAPrivateKey_bio(BIO *bp, RSA *rsa);
RSA *d2i_RSAPublicKey_bio(BIO *bp, RSA **rsa);
@@ -817,19 +716,19 @@
int i2d_RSAPublicKey_bio(BIO *bp, RSA *rsa);
RSA *d2i_RSA_PUBKEY_bio(BIO *bp, RSA **rsa);
int i2d_RSA_PUBKEY_bio(BIO *bp, RSA *rsa);
-# endif
-# ifndef OPENSSL_NO_DSA
+# endif
+# ifndef OPENSSL_NO_DSA
DSA *d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa);
int i2d_DSA_PUBKEY_bio(BIO *bp, DSA *dsa);
DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa);
int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa);
-# endif
-# ifndef OPENSSL_NO_EC
+# endif
+# ifndef OPENSSL_NO_EC
EC_KEY *d2i_EC_PUBKEY_bio(BIO *bp, EC_KEY **eckey);
int i2d_EC_PUBKEY_bio(BIO *bp, EC_KEY *eckey);
EC_KEY *d2i_ECPrivateKey_bio(BIO *bp, EC_KEY **eckey);
int i2d_ECPrivateKey_bio(BIO *bp, EC_KEY *eckey);
-# endif
+# endif
X509_SIG *d2i_PKCS8_bio(BIO *bp, X509_SIG **p8);
int i2d_PKCS8_bio(BIO *bp, X509_SIG *p8);
PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp,
@@ -840,7 +739,7 @@
EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a);
int i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey);
EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a);
-# endif
+# endif
X509 *X509_dup(X509 *x509);
X509_ATTRIBUTE *X509_ATTRIBUTE_dup(X509_ATTRIBUTE *xa);
@@ -852,16 +751,17 @@
void *pval);
void X509_ALGOR_get0(ASN1_OBJECT **paobj, int *pptype, void **ppval,
X509_ALGOR *algor);
+void X509_ALGOR_set_md(X509_ALGOR *alg, const EVP_MD *md);
int X509_ALGOR_cmp(const X509_ALGOR *a, const X509_ALGOR *b);
X509_NAME *X509_NAME_dup(X509_NAME *xn);
X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne);
-# endif /* !SSLEAY_MACROS */
-
-int X509_cmp_time(ASN1_TIME *s, time_t *t);
-int X509_cmp_current_time(ASN1_TIME *s);
+int X509_cmp_time(const ASN1_TIME *s, time_t *t);
+int X509_cmp_current_time(const ASN1_TIME *s);
ASN1_TIME *X509_time_adj(ASN1_TIME *s, long adj, time_t *t);
+ASN1_TIME *X509_time_adj_ex(ASN1_TIME *s,
+ int offset_day, long offset_sec, time_t *t);
ASN1_TIME *X509_gmtime_adj(ASN1_TIME *s, long adj);
const char *X509_get_default_cert_area(void);
@@ -945,6 +845,9 @@
DECLARE_ASN1_FUNCTIONS(X509_CRL)
int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev);
+int X509_CRL_get0_by_serial(X509_CRL *crl,
+ X509_REVOKED **ret, ASN1_INTEGER *serial);
+int X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret, X509 *x);
X509_PKEY *X509_PKEY_new(void);
void X509_PKEY_free(X509_PKEY *a);
@@ -980,6 +883,9 @@
int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1,
X509_ALGOR *algor2, ASN1_BIT_STRING *signature, void *data,
EVP_PKEY *pkey, const EVP_MD *type);
+int ASN1_item_sign_ctx(const ASN1_ITEM *it, X509_ALGOR *algor1,
+ X509_ALGOR *algor2, ASN1_BIT_STRING *signature,
+ void *asn, EVP_MD_CTX *ctx);
# endif
int X509_set_version(X509 *x, long version);
@@ -989,8 +895,8 @@
X509_NAME *X509_get_issuer_name(X509 *a);
int X509_set_subject_name(X509 *x, X509_NAME *name);
X509_NAME *X509_get_subject_name(X509 *a);
-int X509_set_notBefore(X509 *x, ASN1_TIME *tm);
-int X509_set_notAfter(X509 *x, ASN1_TIME *tm);
+int X509_set_notBefore(X509 *x, const ASN1_TIME *tm);
+int X509_set_notAfter(X509 *x, const ASN1_TIME *tm);
int X509_set_pubkey(X509 *x, EVP_PKEY *pkey);
EVP_PKEY *X509_get_pubkey(X509 *x);
ASN1_BIT_STRING *X509_get0_pubkey_bitstr(const X509 *x);
@@ -1026,8 +932,8 @@
int X509_CRL_set_version(X509_CRL *x, long version);
int X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name);
-int X509_CRL_set_lastUpdate(X509_CRL *x, ASN1_TIME *tm);
-int X509_CRL_set_nextUpdate(X509_CRL *x, ASN1_TIME *tm);
+int X509_CRL_set_lastUpdate(X509_CRL *x, const ASN1_TIME *tm);
+int X509_CRL_set_nextUpdate(X509_CRL *x, const ASN1_TIME *tm);
int X509_CRL_sort(X509_CRL *crl);
int X509_REVOKED_set_serialNumber(X509_REVOKED *x, ASN1_INTEGER *serial);
@@ -1046,11 +952,18 @@
int X509_subject_name_cmp(const X509 *a, const X509 *b);
unsigned long X509_subject_name_hash(X509 *x);
+# ifndef OPENSSL_NO_MD5
+unsigned long X509_issuer_name_hash_old(X509 *a);
+unsigned long X509_subject_name_hash_old(X509 *x);
+# endif
+
int X509_cmp(const X509 *a, const X509 *b);
int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b);
unsigned long X509_NAME_hash(X509_NAME *x);
+unsigned long X509_NAME_hash_old(X509_NAME *x);
int X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b);
+int X509_CRL_match(const X509_CRL *a, const X509_CRL *b);
# ifndef OPENSSL_NO_FP_API
int X509_print_ex_fp(FILE *bp, X509 *x, unsigned long nmflag,
unsigned long cflag);
@@ -1250,11 +1163,20 @@
DECLARE_ASN1_FUNCTIONS(PBE2PARAM)
DECLARE_ASN1_FUNCTIONS(PBKDF2PARAM)
-X509_ALGOR *PKCS5_pbe_set(int alg, int iter, unsigned char *salt,
- int saltlen);
+int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter,
+ const unsigned char *salt, int saltlen);
+
+X509_ALGOR *PKCS5_pbe_set(int alg, int iter,
+ const unsigned char *salt, int saltlen);
X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
unsigned char *salt, int saltlen);
+X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter,
+ unsigned char *salt, int saltlen,
+ unsigned char *aiv, int prf_nid);
+X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen,
+ int prf_nid, int keylen);
+
/* PKCS#8 utilities */
DECLARE_ASN1_FUNCTIONS(PKCS8_PRIV_KEY_INFO)
@@ -1264,6 +1186,20 @@
PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken);
PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken);
+int PKCS8_pkey_set0(PKCS8_PRIV_KEY_INFO *priv, ASN1_OBJECT *aobj,
+ int version, int ptype, void *pval,
+ unsigned char *penc, int penclen);
+int PKCS8_pkey_get0(ASN1_OBJECT **ppkalg,
+ const unsigned char **pk, int *ppklen,
+ X509_ALGOR **pa, PKCS8_PRIV_KEY_INFO *p8);
+
+int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj,
+ int ptype, void *pval,
+ unsigned char *penc, int penclen);
+int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg,
+ const unsigned char **pk, int *ppklen,
+ X509_ALGOR **pa, X509_PUBKEY *pub);
+
int X509_check_trust(X509 *x, int id, int flags);
int X509_TRUST_get_count(void);
X509_TRUST *X509_TRUST_get0(int idx);
@@ -1344,7 +1280,10 @@
# define X509_R_KEY_VALUES_MISMATCH 116
# define X509_R_LOADING_CERT_DIR 103
# define X509_R_LOADING_DEFAULTS 104
+# define X509_R_METHOD_NOT_SUPPORTED 124
# define X509_R_NO_CERT_SET_FOR_US_TO_VERIFY 105
+# define X509_R_PUBLIC_KEY_DECODE_ERROR 125
+# define X509_R_PUBLIC_KEY_ENCODE_ERROR 126
# define X509_R_SHOULD_RETRY 106
# define X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN 107
# define X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY 108
Modified: trunk/crypto/openssl/crypto/x509/x509_cmp.c
===================================================================
--- trunk/crypto/openssl/crypto/x509/x509_cmp.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/x509/x509_cmp.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -87,16 +87,21 @@
EVP_MD_CTX_init(&ctx);
f = X509_NAME_oneline(a->cert_info->issuer, NULL, 0);
- ret = strlen(f);
- EVP_DigestInit_ex(&ctx, EVP_md5(), NULL);
- EVP_DigestUpdate(&ctx, (unsigned char *)f, ret);
+ if (!EVP_DigestInit_ex(&ctx, EVP_md5(), NULL))
+ goto err;
+ if (!EVP_DigestUpdate(&ctx, (unsigned char *)f, strlen(f)))
+ goto err;
OPENSSL_free(f);
- EVP_DigestUpdate(&ctx, (unsigned char *)a->cert_info->serialNumber->data,
- (unsigned long)a->cert_info->serialNumber->length);
- EVP_DigestFinal_ex(&ctx, &(md[0]), NULL);
+ if (!EVP_DigestUpdate
+ (&ctx, (unsigned char *)a->cert_info->serialNumber->data,
+ (unsigned long)a->cert_info->serialNumber->length))
+ goto err;
+ if (!EVP_DigestFinal_ex(&ctx, &(md[0]), NULL))
+ goto err;
ret = (((unsigned long)md[0]) | ((unsigned long)md[1] << 8L) |
((unsigned long)md[2] << 16L) | ((unsigned long)md[3] << 24L)
) & 0xffffffffL;
+ err:
EVP_MD_CTX_cleanup(&ctx);
return (ret);
}
@@ -117,6 +122,13 @@
return (X509_NAME_cmp(a->crl->issuer, b->crl->issuer));
}
+#ifndef OPENSSL_NO_SHA
+int X509_CRL_match(const X509_CRL *a, const X509_CRL *b)
+{
+ return memcmp(a->sha1_hash, b->sha1_hash, 20);
+}
+#endif
+
X509_NAME *X509_get_issuer_name(X509 *a)
{
return (a->cert_info->issuer);
@@ -127,6 +139,13 @@
return (X509_NAME_hash(x->cert_info->issuer));
}
+#ifndef OPENSSL_NO_MD5
+unsigned long X509_issuer_name_hash_old(X509 *x)
+{
+ return (X509_NAME_hash_old(x->cert_info->issuer));
+}
+#endif
+
X509_NAME *X509_get_subject_name(X509 *a)
{
return (a->cert_info->subject);
@@ -142,6 +161,13 @@
return (X509_NAME_hash(x->cert_info->subject));
}
+#ifndef OPENSSL_NO_MD5
+unsigned long X509_subject_name_hash_old(X509 *x)
+{
+ return (X509_NAME_hash_old(x->cert_info->subject));
+}
+#endif
+
#ifndef OPENSSL_NO_SHA
/*
* Compare two certificates: they must be identical for this to work. NB:
@@ -161,153 +187,48 @@
}
#endif
-/* Case insensitive string comparision */
-static int nocase_cmp(const ASN1_STRING *a, const ASN1_STRING *b)
+int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b)
{
- int i;
+ int ret;
- if (a->length != b->length)
- return (a->length - b->length);
+ /* Ensure canonical encoding is present and up to date */
- for (i = 0; i < a->length; i++) {
- int ca, cb;
-
- ca = tolower(a->data[i]);
- cb = tolower(b->data[i]);
-
- if (ca != cb)
- return (ca - cb);
+ if (!a->canon_enc || a->modified) {
+ ret = i2d_X509_NAME((X509_NAME *)a, NULL);
+ if (ret < 0)
+ return -2;
}
- return 0;
-}
-/*
- * Case insensitive string comparision with space normalization Space
- * normalization - ignore leading, trailing spaces, multiple spaces between
- * characters are replaced by single space
- */
-static int nocase_spacenorm_cmp(const ASN1_STRING *a, const ASN1_STRING *b)
-{
- unsigned char *pa = NULL, *pb = NULL;
- int la, lb;
-
- la = a->length;
- lb = b->length;
- pa = a->data;
- pb = b->data;
-
- /* skip leading spaces */
- while (la > 0 && isspace(*pa)) {
- la--;
- pa++;
+ if (!b->canon_enc || b->modified) {
+ ret = i2d_X509_NAME((X509_NAME *)b, NULL);
+ if (ret < 0)
+ return -2;
}
- while (lb > 0 && isspace(*pb)) {
- lb--;
- pb++;
- }
- /* skip trailing spaces */
- while (la > 0 && isspace(pa[la - 1]))
- la--;
- while (lb > 0 && isspace(pb[lb - 1]))
- lb--;
+ ret = a->canon_enclen - b->canon_enclen;
- /* compare strings with space normalization */
- while (la > 0 && lb > 0) {
- int ca, cb;
+ if (ret)
+ return ret;
- /* compare character */
- ca = tolower(*pa);
- cb = tolower(*pb);
- if (ca != cb)
- return (ca - cb);
+ return memcmp(a->canon_enc, b->canon_enc, a->canon_enclen);
- pa++;
- pb++;
- la--;
- lb--;
-
- if (la <= 0 || lb <= 0)
- break;
-
- /* is white space next character ? */
- if (isspace(*pa) && isspace(*pb)) {
- /* skip remaining white spaces */
- while (la > 0 && isspace(*pa)) {
- la--;
- pa++;
- }
- while (lb > 0 && isspace(*pb)) {
- lb--;
- pb++;
- }
- }
- }
- if (la > 0 || lb > 0)
- return la - lb;
-
- return 0;
}
-static int asn1_string_memcmp(ASN1_STRING *a, ASN1_STRING *b)
+unsigned long X509_NAME_hash(X509_NAME *x)
{
- int j;
- j = a->length - b->length;
- if (j)
- return j;
- return memcmp(a->data, b->data, a->length);
-}
+ unsigned long ret = 0;
+ unsigned char md[SHA_DIGEST_LENGTH];
-#define STR_TYPE_CMP (B_ASN1_PRINTABLESTRING|B_ASN1_T61STRING|B_ASN1_UTF8STRING)
+ /* Make sure X509_NAME structure contains valid cached encoding */
+ i2d_X509_NAME(x, NULL);
+ if (!EVP_Digest(x->canon_enc, x->canon_enclen, md, NULL, EVP_sha1(),
+ NULL))
+ return 0;
-int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b)
-{
- int i, j;
- X509_NAME_ENTRY *na, *nb;
-
- unsigned long nabit, nbbit;
-
- j = sk_X509_NAME_ENTRY_num(a->entries)
- - sk_X509_NAME_ENTRY_num(b->entries);
- if (j)
- return j;
- for (i = sk_X509_NAME_ENTRY_num(a->entries) - 1; i >= 0; i--) {
- na = sk_X509_NAME_ENTRY_value(a->entries, i);
- nb = sk_X509_NAME_ENTRY_value(b->entries, i);
- j = na->value->type - nb->value->type;
- if (j) {
- nabit = ASN1_tag2bit(na->value->type);
- nbbit = ASN1_tag2bit(nb->value->type);
- if (!(nabit & STR_TYPE_CMP) || !(nbbit & STR_TYPE_CMP))
- return j;
- if (!asn1_string_memcmp(na->value, nb->value))
- j = 0;
- } else if (na->value->type == V_ASN1_PRINTABLESTRING)
- j = nocase_spacenorm_cmp(na->value, nb->value);
- else if (na->value->type == V_ASN1_IA5STRING
- && OBJ_obj2nid(na->object) == NID_pkcs9_emailAddress)
- j = nocase_cmp(na->value, nb->value);
- else
- j = asn1_string_memcmp(na->value, nb->value);
- if (j)
- return (j);
- j = na->set - nb->set;
- if (j)
- return (j);
- }
-
- /*
- * We will check the object types after checking the values since the
- * values will more often be different than the object types.
- */
- for (i = sk_X509_NAME_ENTRY_num(a->entries) - 1; i >= 0; i--) {
- na = sk_X509_NAME_ENTRY_value(a->entries, i);
- nb = sk_X509_NAME_ENTRY_value(b->entries, i);
- j = OBJ_cmp(na->object, nb->object);
- if (j)
- return (j);
- }
- return (0);
+ ret = (((unsigned long)md[0]) | ((unsigned long)md[1] << 8L) |
+ ((unsigned long)md[2] << 16L) | ((unsigned long)md[3] << 24L)
+ ) & 0xffffffffL;
+ return (ret);
}
#ifndef OPENSSL_NO_MD5
@@ -315,24 +236,25 @@
* I now DER encode the name and hash it. Since I cache the DER encoding,
* this is reasonably efficient.
*/
-unsigned long X509_NAME_hash(X509_NAME *x)
+
+unsigned long X509_NAME_hash_old(X509_NAME *x)
{
+ EVP_MD_CTX md_ctx;
unsigned long ret = 0;
unsigned char md[16];
- EVP_MD_CTX md_ctx;
/* Make sure X509_NAME structure contains valid cached encoding */
i2d_X509_NAME(x, NULL);
EVP_MD_CTX_init(&md_ctx);
EVP_MD_CTX_set_flags(&md_ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
- EVP_DigestInit_ex(&md_ctx, EVP_md5(), NULL);
- EVP_DigestUpdate(&md_ctx, x->bytes->data, x->bytes->length);
- EVP_DigestFinal_ex(&md_ctx, md, NULL);
+ if (EVP_DigestInit_ex(&md_ctx, EVP_md5(), NULL)
+ && EVP_DigestUpdate(&md_ctx, x->bytes->data, x->bytes->length)
+ && EVP_DigestFinal_ex(&md_ctx, md, NULL))
+ ret = (((unsigned long)md[0]) | ((unsigned long)md[1] << 8L) |
+ ((unsigned long)md[2] << 16L) | ((unsigned long)md[3] << 24L)
+ ) & 0xffffffffL;
EVP_MD_CTX_cleanup(&md_ctx);
- ret = (((unsigned long)md[0]) | ((unsigned long)md[1] << 8L) |
- ((unsigned long)md[2] << 16L) | ((unsigned long)md[3] << 24L)
- ) & 0xffffffffL;
return (ret);
}
#endif
@@ -389,13 +311,18 @@
int X509_check_private_key(X509 *x, EVP_PKEY *k)
{
- EVP_PKEY *xk = NULL;
- int ok = 0;
+ EVP_PKEY *xk;
+ int ret;
xk = X509_get_pubkey(x);
- switch (EVP_PKEY_cmp(xk, k)) {
+
+ if (xk)
+ ret = EVP_PKEY_cmp(xk, k);
+ else
+ ret = -2;
+
+ switch (ret) {
case 1:
- ok = 1;
break;
case 0:
X509err(X509_F_X509_CHECK_PRIVATE_KEY, X509_R_KEY_VALUES_MISMATCH);
@@ -404,22 +331,11 @@
X509err(X509_F_X509_CHECK_PRIVATE_KEY, X509_R_KEY_TYPE_MISMATCH);
break;
case -2:
-#ifndef OPENSSL_NO_EC
- if (k->type == EVP_PKEY_EC) {
- X509err(X509_F_X509_CHECK_PRIVATE_KEY, ERR_R_EC_LIB);
- break;
- }
-#endif
-#ifndef OPENSSL_NO_DH
- if (k->type == EVP_PKEY_DH) {
- /* No idea */
- X509err(X509_F_X509_CHECK_PRIVATE_KEY, X509_R_CANT_CHECK_DH_KEY);
- break;
- }
-#endif
X509err(X509_F_X509_CHECK_PRIVATE_KEY, X509_R_UNKNOWN_KEY_TYPE);
}
-
- EVP_PKEY_free(xk);
- return (ok);
+ if (xk)
+ EVP_PKEY_free(xk);
+ if (ret > 0)
+ return 1;
+ return 0;
}
Modified: trunk/crypto/openssl/crypto/x509/x509_err.c
===================================================================
--- trunk/crypto/openssl/crypto/x509/x509_err.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/x509/x509_err.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,6 +1,6 @@
/* crypto/x509/x509_err.c */
/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -144,8 +144,11 @@
{ERR_REASON(X509_R_KEY_VALUES_MISMATCH), "key values mismatch"},
{ERR_REASON(X509_R_LOADING_CERT_DIR), "loading cert dir"},
{ERR_REASON(X509_R_LOADING_DEFAULTS), "loading defaults"},
+ {ERR_REASON(X509_R_METHOD_NOT_SUPPORTED), "method not supported"},
{ERR_REASON(X509_R_NO_CERT_SET_FOR_US_TO_VERIFY),
"no cert set for us to verify"},
+ {ERR_REASON(X509_R_PUBLIC_KEY_DECODE_ERROR), "public key decode error"},
+ {ERR_REASON(X509_R_PUBLIC_KEY_ENCODE_ERROR), "public key encode error"},
{ERR_REASON(X509_R_SHOULD_RETRY), "should retry"},
{ERR_REASON(X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN),
"unable to find parameters in chain"},
Modified: trunk/crypto/openssl/crypto/x509/x509_lu.c
===================================================================
--- trunk/crypto/openssl/crypto/x509/x509_lu.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/x509/x509_lu.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -87,7 +87,7 @@
if (ctx == NULL)
return;
if ((ctx->method != NULL) && (ctx->method->free != NULL))
- ctx->method->free(ctx);
+ (*ctx->method->free) (ctx);
OPENSSL_free(ctx);
}
@@ -200,6 +200,8 @@
ret->get_crl = 0;
ret->check_crl = 0;
ret->cert_crl = 0;
+ ret->lookup_certs = 0;
+ ret->lookup_crls = 0;
ret->cleanup = 0;
if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE, ret, &ret->ex_data)) {
@@ -291,7 +293,7 @@
tmp = X509_OBJECT_retrieve_by_subject(ctx->objs, type, name);
CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
- if (tmp == NULL) {
+ if (tmp == NULL || type == X509_LU_CRL) {
for (i = vs->current_method;
i < sk_X509_LOOKUP_num(ctx->get_cert_methods); i++) {
lu = sk_X509_LOOKUP_value(ctx->get_cert_methods, i);
@@ -409,8 +411,8 @@
}
}
-int X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h, int type,
- X509_NAME *name)
+static int x509_object_idx_cnt(STACK_OF(X509_OBJECT) *h, int type,
+ X509_NAME *name, int *pnmatch)
{
X509_OBJECT stmp;
X509 x509_s;
@@ -417,6 +419,7 @@
X509_CINF cinf_s;
X509_CRL crl_s;
X509_CRL_INFO crl_info_s;
+ int idx;
stmp.type = type;
switch (type) {
@@ -435,9 +438,28 @@
return -1;
}
- return sk_X509_OBJECT_find(h, &stmp);
+ idx = sk_X509_OBJECT_find(h, &stmp);
+ if (idx >= 0 && pnmatch) {
+ int tidx;
+ const X509_OBJECT *tobj, *pstmp;
+ *pnmatch = 1;
+ pstmp = &stmp;
+ for (tidx = idx + 1; tidx < sk_X509_OBJECT_num(h); tidx++) {
+ tobj = sk_X509_OBJECT_value(h, tidx);
+ if (x509_object_cmp(&tobj, &pstmp))
+ break;
+ (*pnmatch)++;
+ }
+ }
+ return idx;
}
+int X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h, int type,
+ X509_NAME *name)
+{
+ return x509_object_idx_cnt(h, type, name, NULL);
+}
+
X509_OBJECT *X509_OBJECT_retrieve_by_subject(STACK_OF(X509_OBJECT) *h,
int type, X509_NAME *name)
{
@@ -448,6 +470,94 @@
return sk_X509_OBJECT_value(h, idx);
}
+STACK_OF(X509) *X509_STORE_get1_certs(X509_STORE_CTX *ctx, X509_NAME *nm)
+{
+ int i, idx, cnt;
+ STACK_OF(X509) *sk;
+ X509 *x;
+ X509_OBJECT *obj;
+ sk = sk_X509_new_null();
+ CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
+ idx = x509_object_idx_cnt(ctx->ctx->objs, X509_LU_X509, nm, &cnt);
+ if (idx < 0) {
+ /*
+ * Nothing found in cache: do lookup to possibly add new objects to
+ * cache
+ */
+ X509_OBJECT xobj;
+ CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+ if (!X509_STORE_get_by_subject(ctx, X509_LU_X509, nm, &xobj)) {
+ sk_X509_free(sk);
+ return NULL;
+ }
+ X509_OBJECT_free_contents(&xobj);
+ CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
+ idx = x509_object_idx_cnt(ctx->ctx->objs, X509_LU_X509, nm, &cnt);
+ if (idx < 0) {
+ CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+ sk_X509_free(sk);
+ return NULL;
+ }
+ }
+ for (i = 0; i < cnt; i++, idx++) {
+ obj = sk_X509_OBJECT_value(ctx->ctx->objs, idx);
+ x = obj->data.x509;
+ CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
+ if (!sk_X509_push(sk, x)) {
+ CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+ X509_free(x);
+ sk_X509_pop_free(sk, X509_free);
+ return NULL;
+ }
+ }
+ CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+ return sk;
+
+}
+
+STACK_OF(X509_CRL) *X509_STORE_get1_crls(X509_STORE_CTX *ctx, X509_NAME *nm)
+{
+ int i, idx, cnt;
+ STACK_OF(X509_CRL) *sk;
+ X509_CRL *x;
+ X509_OBJECT *obj, xobj;
+ sk = sk_X509_CRL_new_null();
+ CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
+ /* Check cache first */
+ idx = x509_object_idx_cnt(ctx->ctx->objs, X509_LU_CRL, nm, &cnt);
+
+ /*
+ * Always do lookup to possibly add new CRLs to cache
+ */
+ CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+ if (!X509_STORE_get_by_subject(ctx, X509_LU_CRL, nm, &xobj)) {
+ sk_X509_CRL_free(sk);
+ return NULL;
+ }
+ X509_OBJECT_free_contents(&xobj);
+ CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
+ idx = x509_object_idx_cnt(ctx->ctx->objs, X509_LU_CRL, nm, &cnt);
+ if (idx < 0) {
+ CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+ sk_X509_CRL_free(sk);
+ return NULL;
+ }
+
+ for (i = 0; i < cnt; i++, idx++) {
+ obj = sk_X509_OBJECT_value(ctx->ctx->objs, idx);
+ x = obj->data.crl;
+ CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509_CRL);
+ if (!sk_X509_CRL_push(sk, x)) {
+ CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+ X509_CRL_free(x);
+ sk_X509_CRL_pop_free(sk, X509_CRL_free);
+ return NULL;
+ }
+ }
+ CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+ return sk;
+}
+
X509_OBJECT *X509_OBJECT_retrieve_match(STACK_OF(X509_OBJECT) *h,
X509_OBJECT *x)
{
@@ -456,7 +566,7 @@
idx = sk_X509_OBJECT_find(h, x);
if (idx == -1)
return NULL;
- if (x->type != X509_LU_X509)
+ if ((x->type != X509_LU_X509) && (x->type != X509_LU_CRL))
return sk_X509_OBJECT_value(h, idx);
for (i = idx; i < sk_X509_OBJECT_num(h); i++) {
obj = sk_X509_OBJECT_value(h, i);
@@ -463,8 +573,13 @@
if (x509_object_cmp
((const X509_OBJECT **)&obj, (const X509_OBJECT **)&x))
return NULL;
- if ((x->type != X509_LU_X509)
- || !X509_cmp(obj->data.x509, x->data.x509))
+ if (x->type == X509_LU_X509) {
+ if (!X509_cmp(obj->data.x509, x->data.x509))
+ return obj;
+ } else if (x->type == X509_LU_CRL) {
+ if (!X509_CRL_match(obj->data.crl, x->data.crl))
+ return obj;
+ } else
return obj;
}
return NULL;
@@ -560,6 +675,12 @@
return X509_VERIFY_PARAM_set1(ctx->param, param);
}
+void X509_STORE_set_verify_cb(X509_STORE *ctx,
+ int (*verify_cb) (int, X509_STORE_CTX *))
+{
+ ctx->verify_cb = verify_cb;
+}
+
IMPLEMENT_STACK_OF(X509_LOOKUP)
IMPLEMENT_STACK_OF(X509_OBJECT)
Modified: trunk/crypto/openssl/crypto/x509/x509_obj.c
===================================================================
--- trunk/crypto/openssl/crypto/x509/x509_obj.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/x509/x509_obj.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -72,7 +72,7 @@
char *p;
unsigned char *q;
BUF_MEM *b = NULL;
- static char hex[17] = "0123456789ABCDEF";
+ static const char hex[17] = "0123456789ABCDEF";
int gs_doit[4];
char tmp_buf[80];
#ifdef CHARSET_EBCDIC
Modified: trunk/crypto/openssl/crypto/x509/x509_req.c
===================================================================
--- trunk/crypto/openssl/crypto/x509/x509_req.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/x509/x509_req.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -61,6 +61,7 @@
#include <openssl/bn.h>
#include <openssl/evp.h>
#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
#include <openssl/x509.h>
#include <openssl/objects.h>
#include <openssl/buffer.h>
@@ -209,11 +210,9 @@
if (!ext || (ext->type != V_ASN1_SEQUENCE))
return NULL;
p = ext->value.sequence->data;
- return d2i_ASN1_SET_OF_X509_EXTENSION(NULL, &p,
- ext->value.sequence->length,
- d2i_X509_EXTENSION,
- X509_EXTENSION_free,
- V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
+ return (STACK_OF(X509_EXTENSION) *)
+ ASN1_item_d2i(NULL, &p, ext->value.sequence->length,
+ ASN1_ITEM_rptr(X509_EXTENSIONS));
}
/*
@@ -224,8 +223,6 @@
int X509_REQ_add_extensions_nid(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts,
int nid)
{
- unsigned char *p = NULL, *q;
- long len;
ASN1_TYPE *at = NULL;
X509_ATTRIBUTE *attr = NULL;
if (!(at = ASN1_TYPE_new()) || !(at->value.sequence = ASN1_STRING_new()))
@@ -233,18 +230,10 @@
at->type = V_ASN1_SEQUENCE;
/* Generate encoding of extensions */
- len = i2d_ASN1_SET_OF_X509_EXTENSION(exts, NULL, i2d_X509_EXTENSION,
- V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL,
- IS_SEQUENCE);
- if (!(p = OPENSSL_malloc(len)))
- goto err;
- q = p;
- i2d_ASN1_SET_OF_X509_EXTENSION(exts, &q, i2d_X509_EXTENSION,
- V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL,
- IS_SEQUENCE);
- at->value.sequence->data = p;
- p = NULL;
- at->value.sequence->length = len;
+ at->value.sequence->length =
+ ASN1_item_i2d((ASN1_VALUE *)exts,
+ &at->value.sequence->data,
+ ASN1_ITEM_rptr(X509_EXTENSIONS));
if (!(attr = X509_ATTRIBUTE_new()))
goto err;
if (!(attr->value.set = sk_ASN1_TYPE_new_null()))
@@ -262,8 +251,6 @@
goto err;
return 1;
err:
- if (p)
- OPENSSL_free(p);
X509_ATTRIBUTE_free(attr);
ASN1_TYPE_free(at);
return 0;
Modified: trunk/crypto/openssl/crypto/x509/x509_set.c
===================================================================
--- trunk/crypto/openssl/crypto/x509/x509_set.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/x509/x509_set.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -105,7 +105,7 @@
return (X509_NAME_set(&x->cert_info->subject, name));
}
-int X509_set_notBefore(X509 *x, ASN1_TIME *tm)
+int X509_set_notBefore(X509 *x, const ASN1_TIME *tm)
{
ASN1_TIME *in;
@@ -122,7 +122,7 @@
return (in != NULL);
}
-int X509_set_notAfter(X509 *x, ASN1_TIME *tm)
+int X509_set_notAfter(X509 *x, const ASN1_TIME *tm)
{
ASN1_TIME *in;
Modified: trunk/crypto/openssl/crypto/x509/x509_trs.c
===================================================================
--- trunk/crypto/openssl/crypto/x509/x509_trs.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/x509/x509_trs.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -89,7 +89,9 @@
NULL},
{X509_TRUST_OCSP_SIGN, 0, trust_1oid, "OCSP responder", NID_OCSP_sign,
NULL},
- {X509_TRUST_OCSP_REQUEST, 0, trust_1oid, "OCSP request", NID_ad_OCSP, NULL}
+ {X509_TRUST_OCSP_REQUEST, 0, trust_1oid, "OCSP request", NID_ad_OCSP,
+ NULL},
+ {X509_TRUST_TSA, 0, trust_1oidany, "TSA server", NID_time_stamp, NULL}
};
#define X509_TRUST_COUNT (sizeof(trstandard)/sizeof(X509_TRUST))
Modified: trunk/crypto/openssl/crypto/x509/x509_txt.c
===================================================================
--- trunk/crypto/openssl/crypto/x509/x509_txt.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/x509/x509_txt.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -162,8 +162,28 @@
return ("invalid or inconsistent certificate policy extension");
case X509_V_ERR_NO_EXPLICIT_POLICY:
return ("no explicit policy");
+ case X509_V_ERR_DIFFERENT_CRL_SCOPE:
+ return ("Different CRL scope");
+ case X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE:
+ return ("Unsupported extension feature");
case X509_V_ERR_UNNESTED_RESOURCE:
return ("RFC 3779 resource not subset of parent's resources");
+
+ case X509_V_ERR_PERMITTED_VIOLATION:
+ return ("permitted subtree violation");
+ case X509_V_ERR_EXCLUDED_VIOLATION:
+ return ("excluded subtree violation");
+ case X509_V_ERR_SUBTREE_MINMAX:
+ return ("name constraints minimum and maximum not supported");
+ case X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE:
+ return ("unsupported name constraint type");
+ case X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX:
+ return ("unsupported or invalid name constraint syntax");
+ case X509_V_ERR_UNSUPPORTED_NAME_SYNTAX:
+ return ("unsupported or invalid name syntax");
+ case X509_V_ERR_CRL_PATH_VALIDATION_ERROR:
+ return ("CRL path validation error");
+
default:
BIO_snprintf(buf, sizeof buf, "error number %ld", n);
return (buf);
Modified: trunk/crypto/openssl/crypto/x509/x509_vfy.c
===================================================================
--- trunk/crypto/openssl/crypto/x509/x509_vfy.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/x509/x509_vfy.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -70,14 +70,70 @@
#include <openssl/x509v3.h>
#include <openssl/objects.h>
+/* CRL score values */
+
+/* No unhandled critical extensions */
+
+#define CRL_SCORE_NOCRITICAL 0x100
+
+/* certificate is within CRL scope */
+
+#define CRL_SCORE_SCOPE 0x080
+
+/* CRL times valid */
+
+#define CRL_SCORE_TIME 0x040
+
+/* Issuer name matches certificate */
+
+#define CRL_SCORE_ISSUER_NAME 0x020
+
+/* If this score or above CRL is probably valid */
+
+#define CRL_SCORE_VALID (CRL_SCORE_NOCRITICAL|CRL_SCORE_TIME|CRL_SCORE_SCOPE)
+
+/* CRL issuer is certificate issuer */
+
+#define CRL_SCORE_ISSUER_CERT 0x018
+
+/* CRL issuer is on certificate path */
+
+#define CRL_SCORE_SAME_PATH 0x008
+
+/* CRL issuer matches CRL AKID */
+
+#define CRL_SCORE_AKID 0x004
+
+/* Have a delta CRL with valid times */
+
+#define CRL_SCORE_TIME_DELTA 0x002
+
static int null_callback(int ok, X509_STORE_CTX *e);
static int check_issued(X509_STORE_CTX *ctx, X509 *x, X509 *issuer);
static X509 *find_issuer(X509_STORE_CTX *ctx, STACK_OF(X509) *sk, X509 *x);
static int check_chain_extensions(X509_STORE_CTX *ctx);
+static int check_name_constraints(X509_STORE_CTX *ctx);
static int check_trust(X509_STORE_CTX *ctx);
static int check_revocation(X509_STORE_CTX *ctx);
static int check_cert(X509_STORE_CTX *ctx);
static int check_policy(X509_STORE_CTX *ctx);
+
+static int get_crl_score(X509_STORE_CTX *ctx, X509 **pissuer,
+ unsigned int *preasons, X509_CRL *crl, X509 *x);
+static int get_crl_delta(X509_STORE_CTX *ctx,
+ X509_CRL **pcrl, X509_CRL **pdcrl, X509 *x);
+static void get_delta_sk(X509_STORE_CTX *ctx, X509_CRL **dcrl,
+ int *pcrl_score, X509_CRL *base,
+ STACK_OF(X509_CRL) *crls);
+static void crl_akid_check(X509_STORE_CTX *ctx, X509_CRL *crl, X509 **pissuer,
+ int *pcrl_score);
+static int crl_crldp_check(X509 *x, X509_CRL *crl, int crl_score,
+ unsigned int *preasons);
+static int check_crl_path(X509_STORE_CTX *ctx, X509 *x);
+static int check_crl_chain(X509_STORE_CTX *ctx,
+ STACK_OF(X509) *cert_path,
+ STACK_OF(X509) *crl_path);
+
static int internal_verify(X509_STORE_CTX *ctx);
const char X509_version[] = "X.509" OPENSSL_VERSION_PTEXT;
@@ -95,11 +151,11 @@
int X509_verify_cert(X509_STORE_CTX *ctx)
{
- X509 *x, *xtmp, *chain_ss = NULL;
+ X509 *x, *xtmp, *xtmp2, *chain_ss = NULL;
int bad_chain = 0;
X509_VERIFY_PARAM *param = ctx->param;
int depth, i, ok = 0;
- int num;
+ int num, j, retry;
int (*cb) (int xok, X509_STORE_CTX *xctx);
STACK_OF(X509) *sktmp = NULL;
if (ctx->cert == NULL) {
@@ -168,6 +224,8 @@
break;
}
+ /* Remember how many untrusted certs we have */
+ j = num;
/*
* at this point, chain should contain a list of untrusted certificates.
* We now need to add at least one trusted one, if possible, otherwise we
@@ -174,80 +232,111 @@
* complain.
*/
- /*
- * Examine last certificate in chain and see if it is self signed.
- */
-
- i = sk_X509_num(ctx->chain);
- x = sk_X509_value(ctx->chain, i - 1);
- if (ctx->check_issued(ctx, x, x)) {
- /* we have a self signed certificate */
- if (sk_X509_num(ctx->chain) == 1) {
- /*
- * We have a single self signed certificate: see if we can find
- * it in the store. We must have an exact match to avoid possible
- * impersonation.
- */
- ok = ctx->get_issuer(&xtmp, ctx, x);
- if ((ok <= 0) || X509_cmp(x, xtmp)) {
- ctx->error = X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT;
- ctx->current_cert = x;
- ctx->error_depth = i - 1;
- if (ok == 1)
- X509_free(xtmp);
- bad_chain = 1;
- ok = cb(0, ctx);
- if (!ok)
- goto end;
+ do {
+ /*
+ * Examine last certificate in chain and see if it is self signed.
+ */
+ i = sk_X509_num(ctx->chain);
+ x = sk_X509_value(ctx->chain, i - 1);
+ if (ctx->check_issued(ctx, x, x)) {
+ /* we have a self signed certificate */
+ if (sk_X509_num(ctx->chain) == 1) {
+ /*
+ * We have a single self signed certificate: see if we can
+ * find it in the store. We must have an exact match to avoid
+ * possible impersonation.
+ */
+ ok = ctx->get_issuer(&xtmp, ctx, x);
+ if ((ok <= 0) || X509_cmp(x, xtmp)) {
+ ctx->error = X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT;
+ ctx->current_cert = x;
+ ctx->error_depth = i - 1;
+ if (ok == 1)
+ X509_free(xtmp);
+ bad_chain = 1;
+ ok = cb(0, ctx);
+ if (!ok)
+ goto end;
+ } else {
+ /*
+ * We have a match: replace certificate with store
+ * version so we get any trust settings.
+ */
+ X509_free(x);
+ x = xtmp;
+ (void)sk_X509_set(ctx->chain, i - 1, x);
+ ctx->last_untrusted = 0;
+ }
} else {
/*
- * We have a match: replace certificate with store version so
- * we get any trust settings.
+ * extract and save self signed certificate for later use
*/
- X509_free(x);
- x = xtmp;
- (void)sk_X509_set(ctx->chain, i - 1, x);
- ctx->last_untrusted = 0;
+ chain_ss = sk_X509_pop(ctx->chain);
+ ctx->last_untrusted--;
+ num--;
+ j--;
+ x = sk_X509_value(ctx->chain, num - 1);
}
- } else {
- /*
- * extract and save self signed certificate for later use
- */
- chain_ss = sk_X509_pop(ctx->chain);
- ctx->last_untrusted--;
- num--;
- x = sk_X509_value(ctx->chain, num - 1);
}
- }
+ /* We now lookup certs from the certificate store */
+ for (;;) {
+ /* If we have enough, we break */
+ if (depth < num)
+ break;
+ /* If we are self signed, we break */
+ if (ctx->check_issued(ctx, x, x))
+ break;
+ ok = ctx->get_issuer(&xtmp, ctx, x);
+ if (ok < 0)
+ return ok;
+ if (ok == 0)
+ break;
+ x = xtmp;
+ if (!sk_X509_push(ctx->chain, x)) {
+ X509_free(xtmp);
+ X509err(X509_F_X509_VERIFY_CERT, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+ num++;
+ }
- /* We now lookup certs from the certificate store */
- for (;;) {
- /* If we have enough, we break */
- if (depth < num)
- break;
+ /*
+ * If we haven't got a least one certificate from our store then check
+ * if there is an alternative chain that could be used. We only do this
+ * if the user hasn't switched off alternate chain checking
+ */
+ retry = 0;
+ if (j == ctx->last_untrusted &&
+ !(ctx->param->flags & X509_V_FLAG_NO_ALT_CHAINS)) {
+ while (j-- > 1) {
+ xtmp2 = sk_X509_value(ctx->chain, j - 1);
+ ok = ctx->get_issuer(&xtmp, ctx, xtmp2);
+ if (ok < 0)
+ goto end;
+ /* Check if we found an alternate chain */
+ if (ok > 0) {
+ /*
+ * Free up the found cert we'll add it again later
+ */
+ X509_free(xtmp);
- /* If we are self signed, we break */
- if (ctx->check_issued(ctx, x, x))
- break;
-
- ok = ctx->get_issuer(&xtmp, ctx, x);
-
- if (ok < 0)
- return ok;
- if (ok == 0)
- break;
-
- x = xtmp;
- if (!sk_X509_push(ctx->chain, x)) {
- X509_free(xtmp);
- X509err(X509_F_X509_VERIFY_CERT, ERR_R_MALLOC_FAILURE);
- return 0;
+ /*
+ * Dump all the certs above this point - we've found an
+ * alternate chain
+ */
+ while (num > j) {
+ xtmp = sk_X509_pop(ctx->chain);
+ X509_free(xtmp);
+ num--;
+ ctx->last_untrusted--;
+ }
+ retry = 1;
+ break;
+ }
+ }
}
- num++;
- }
+ } while (retry);
- /* we now have our chain, lets check it... */
-
/* Is last certificate looked up self signed? */
if (!ctx->check_issued(ctx, x, x)) {
if ((chain_ss == NULL) || !ctx->check_issued(ctx, x, chain_ss)) {
@@ -279,6 +368,13 @@
if (!ok)
goto end;
+ /* Check name constraints */
+
+ ok = check_name_constraints(ctx);
+
+ if (!ok)
+ goto end;
+
/* The chain extensions are OK: check trust */
if (param->trust > 0)
@@ -394,8 +490,8 @@
X509 *x;
int (*cb) (int xok, X509_STORE_CTX *xctx);
int proxy_path_length = 0;
- int allow_proxy_certs =
- ! !(ctx->param->flags & X509_V_FLAG_ALLOW_PROXY_CERTS);
+ int purpose;
+ int allow_proxy_certs;
cb = ctx->verify_cb;
/*-
@@ -409,11 +505,21 @@
*/
must_be_ca = -1;
- /*
- * A hack to keep people who don't want to modify their software happy
- */
- if (getenv("OPENSSL_ALLOW_PROXY_CERTS"))
- allow_proxy_certs = 1;
+ /* CRL path validation */
+ if (ctx->parent) {
+ allow_proxy_certs = 0;
+ purpose = X509_PURPOSE_CRL_SIGN;
+ } else {
+ allow_proxy_certs =
+ ! !(ctx->param->flags & X509_V_FLAG_ALLOW_PROXY_CERTS);
+ /*
+ * A hack to keep people who don't want to modify their software
+ * happy
+ */
+ if (getenv("OPENSSL_ALLOW_PROXY_CERTS"))
+ allow_proxy_certs = 1;
+ purpose = ctx->param->purpose;
+ }
/* Check all untrusted certificates */
for (i = 0; i < ctx->last_untrusted; i++) {
@@ -471,7 +577,7 @@
goto end;
}
if (ctx->param->purpose > 0) {
- ret = X509_check_purpose(x, ctx->param->purpose, must_be_ca > 0);
+ ret = X509_check_purpose(x, purpose, must_be_ca > 0);
if ((ret == 0)
|| ((ctx->param->flags & X509_V_FLAG_X509_STRICT)
&& (ret != 1))) {
@@ -522,6 +628,39 @@
#endif
}
+static int check_name_constraints(X509_STORE_CTX *ctx)
+{
+ X509 *x;
+ int i, j, rv;
+ /* Check name constraints for all certificates */
+ for (i = sk_X509_num(ctx->chain) - 1; i >= 0; i--) {
+ x = sk_X509_value(ctx->chain, i);
+ /* Ignore self issued certs unless last in chain */
+ if (i && (x->ex_flags & EXFLAG_SI))
+ continue;
+ /*
+ * Check against constraints for all certificates higher in chain
+ * including trust anchor. Trust anchor not strictly speaking needed
+ * but if it includes constraints it is to be assumed it expects them
+ * to be obeyed.
+ */
+ for (j = sk_X509_num(ctx->chain) - 1; j > i; j--) {
+ NAME_CONSTRAINTS *nc = sk_X509_value(ctx->chain, j)->nc;
+ if (nc) {
+ rv = NAME_CONSTRAINTS_check(x, nc);
+ if (rv != X509_V_OK) {
+ ctx->error = rv;
+ ctx->error_depth = i;
+ ctx->current_cert = x;
+ if (!ctx->verify_cb(0, ctx))
+ return 0;
+ }
+ }
+ }
+ }
+ return 1;
+}
+
static int check_trust(X509_STORE_CTX *ctx)
{
#ifdef OPENSSL_NO_CHAIN_VERIFY
@@ -555,8 +694,12 @@
return 1;
if (ctx->param->flags & X509_V_FLAG_CRL_CHECK_ALL)
last = sk_X509_num(ctx->chain) - 1;
- else
+ else {
+ /* If checking CRL paths this isn't the EE certificate */
+ if (ctx->parent)
+ return 1;
last = 0;
+ }
for (i = 0; i <= last; i++) {
ctx->error_depth = i;
ok = check_cert(ctx);
@@ -568,30 +711,72 @@
static int check_cert(X509_STORE_CTX *ctx)
{
- X509_CRL *crl = NULL;
+ X509_CRL *crl = NULL, *dcrl = NULL;
X509 *x;
int ok, cnum;
+ unsigned int last_reasons;
cnum = ctx->error_depth;
x = sk_X509_value(ctx->chain, cnum);
ctx->current_cert = x;
- /* Try to retrieve relevant CRL */
- ok = ctx->get_crl(ctx, &crl, x);
- /*
- * If error looking up CRL, nothing we can do except notify callback
- */
- if (!ok) {
- ctx->error = X509_V_ERR_UNABLE_TO_GET_CRL;
- ok = ctx->verify_cb(0, ctx);
- goto err;
+ ctx->current_issuer = NULL;
+ ctx->current_crl_score = 0;
+ ctx->current_reasons = 0;
+ while (ctx->current_reasons != CRLDP_ALL_REASONS) {
+ last_reasons = ctx->current_reasons;
+ /* Try to retrieve relevant CRL */
+ if (ctx->get_crl)
+ ok = ctx->get_crl(ctx, &crl, x);
+ else
+ ok = get_crl_delta(ctx, &crl, &dcrl, x);
+ /*
+ * If error looking up CRL, nothing we can do except notify callback
+ */
+ if (!ok) {
+ ctx->error = X509_V_ERR_UNABLE_TO_GET_CRL;
+ ok = ctx->verify_cb(0, ctx);
+ goto err;
+ }
+ ctx->current_crl = crl;
+ ok = ctx->check_crl(ctx, crl);
+ if (!ok)
+ goto err;
+
+ if (dcrl) {
+ ok = ctx->check_crl(ctx, dcrl);
+ if (!ok)
+ goto err;
+ ok = ctx->cert_crl(ctx, dcrl, x);
+ if (!ok)
+ goto err;
+ } else
+ ok = 1;
+
+ /* Don't look in full CRL if delta reason is removefromCRL */
+ if (ok != 2) {
+ ok = ctx->cert_crl(ctx, crl, x);
+ if (!ok)
+ goto err;
+ }
+
+ X509_CRL_free(crl);
+ X509_CRL_free(dcrl);
+ crl = NULL;
+ dcrl = NULL;
+ /*
+ * If reasons not updated we wont get anywhere by another iteration,
+ * so exit loop.
+ */
+ if (last_reasons == ctx->current_reasons) {
+ ctx->error = X509_V_ERR_UNABLE_TO_GET_CRL;
+ ok = ctx->verify_cb(0, ctx);
+ goto err;
+ }
}
- ctx->current_crl = crl;
- ok = ctx->check_crl(ctx, crl);
- if (!ok)
- goto err;
- ok = ctx->cert_crl(ctx, crl, x);
err:
+ X509_CRL_free(crl);
+ X509_CRL_free(dcrl);
+
ctx->current_crl = NULL;
- X509_CRL_free(crl);
return ok;
}
@@ -602,7 +787,8 @@
{
time_t *ptime;
int i;
- ctx->current_crl = crl;
+ if (notify)
+ ctx->current_crl = crl;
if (ctx->param->flags & X509_V_FLAG_USE_CHECK_TIME)
ptime = &ctx->param->check_time;
else
@@ -610,14 +796,18 @@
i = X509_cmp_time(X509_CRL_get_lastUpdate(crl), ptime);
if (i == 0) {
+ if (!notify)
+ return 0;
ctx->error = X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD;
- if (!notify || !ctx->verify_cb(0, ctx))
+ if (!ctx->verify_cb(0, ctx))
return 0;
}
if (i > 0) {
+ if (!notify)
+ return 0;
ctx->error = X509_V_ERR_CRL_NOT_YET_VALID;
- if (!notify || !ctx->verify_cb(0, ctx))
+ if (!ctx->verify_cb(0, ctx))
return 0;
}
@@ -625,88 +815,511 @@
i = X509_cmp_time(X509_CRL_get_nextUpdate(crl), ptime);
if (i == 0) {
+ if (!notify)
+ return 0;
ctx->error = X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD;
- if (!notify || !ctx->verify_cb(0, ctx))
+ if (!ctx->verify_cb(0, ctx))
return 0;
}
-
- if (i < 0) {
+ /* Ignore expiry of base CRL is delta is valid */
+ if ((i < 0) && !(ctx->current_crl_score & CRL_SCORE_TIME_DELTA)) {
+ if (!notify)
+ return 0;
ctx->error = X509_V_ERR_CRL_HAS_EXPIRED;
- if (!notify || !ctx->verify_cb(0, ctx))
+ if (!ctx->verify_cb(0, ctx))
return 0;
}
}
- ctx->current_crl = NULL;
+ if (notify)
+ ctx->current_crl = NULL;
return 1;
}
-/*
- * Lookup CRLs from the supplied list. Look for matching isser name and
- * validity. If we can't find a valid CRL return the last one with matching
- * name. This gives more meaningful error codes. Otherwise we'd get a CRL not
- * found error if a CRL existed with matching name but was invalid.
- */
-
-static int get_crl_sk(X509_STORE_CTX *ctx, X509_CRL **pcrl,
- X509_NAME *nm, STACK_OF(X509_CRL) *crls)
+static int get_crl_sk(X509_STORE_CTX *ctx, X509_CRL **pcrl, X509_CRL **pdcrl,
+ X509 **pissuer, int *pscore, unsigned int *preasons,
+ STACK_OF(X509_CRL) *crls)
{
- int i;
+ int i, crl_score, best_score = *pscore;
+ unsigned int reasons, best_reasons = 0;
+ X509 *x = ctx->current_cert;
X509_CRL *crl, *best_crl = NULL;
+ X509 *crl_issuer = NULL, *best_crl_issuer = NULL;
+
for (i = 0; i < sk_X509_CRL_num(crls); i++) {
crl = sk_X509_CRL_value(crls, i);
- if (X509_NAME_cmp(nm, X509_CRL_get_issuer(crl)))
- continue;
- if (check_crl_time(ctx, crl, 0)) {
- *pcrl = crl;
- CRYPTO_add(&crl->references, 1, CRYPTO_LOCK_X509);
- return 1;
+ reasons = *preasons;
+ crl_score = get_crl_score(ctx, &crl_issuer, &reasons, crl, x);
+
+ if (crl_score > best_score) {
+ best_crl = crl;
+ best_crl_issuer = crl_issuer;
+ best_score = crl_score;
+ best_reasons = reasons;
}
- best_crl = crl;
}
+
if (best_crl) {
+ if (*pcrl)
+ X509_CRL_free(*pcrl);
*pcrl = best_crl;
- CRYPTO_add(&best_crl->references, 1, CRYPTO_LOCK_X509);
+ *pissuer = best_crl_issuer;
+ *pscore = best_score;
+ *preasons = best_reasons;
+ CRYPTO_add(&best_crl->references, 1, CRYPTO_LOCK_X509_CRL);
+ if (*pdcrl) {
+ X509_CRL_free(*pdcrl);
+ *pdcrl = NULL;
+ }
+ get_delta_sk(ctx, pdcrl, pscore, best_crl, crls);
}
+ if (best_score >= CRL_SCORE_VALID)
+ return 1;
+
return 0;
}
/*
- * Retrieve CRL corresponding to certificate: currently just a subject
- * lookup: maybe use AKID later...
+ * Compare two CRL extensions for delta checking purposes. They should be
+ * both present or both absent. If both present all fields must be identical.
*/
-static int get_crl(X509_STORE_CTX *ctx, X509_CRL **pcrl, X509 *x)
+
+static int crl_extension_match(X509_CRL *a, X509_CRL *b, int nid)
{
- int ok;
- X509_CRL *crl = NULL;
- X509_OBJECT xobj;
- X509_NAME *nm;
- nm = X509_get_issuer_name(x);
- ok = get_crl_sk(ctx, &crl, nm, ctx->crls);
- if (ok) {
- *pcrl = crl;
+ ASN1_OCTET_STRING *exta, *extb;
+ int i;
+ i = X509_CRL_get_ext_by_NID(a, nid, -1);
+ if (i >= 0) {
+ /* Can't have multiple occurrences */
+ if (X509_CRL_get_ext_by_NID(a, nid, i) != -1)
+ return 0;
+ exta = X509_EXTENSION_get_data(X509_CRL_get_ext(a, i));
+ } else
+ exta = NULL;
+
+ i = X509_CRL_get_ext_by_NID(b, nid, -1);
+
+ if (i >= 0) {
+
+ if (X509_CRL_get_ext_by_NID(b, nid, i) != -1)
+ return 0;
+ extb = X509_EXTENSION_get_data(X509_CRL_get_ext(b, i));
+ } else
+ extb = NULL;
+
+ if (!exta && !extb)
return 1;
+
+ if (!exta || !extb)
+ return 0;
+
+ if (ASN1_OCTET_STRING_cmp(exta, extb))
+ return 0;
+
+ return 1;
+}
+
+/* See if a base and delta are compatible */
+
+static int check_delta_base(X509_CRL *delta, X509_CRL *base)
+{
+ /* Delta CRL must be a delta */
+ if (!delta->base_crl_number)
+ return 0;
+ /* Base must have a CRL number */
+ if (!base->crl_number)
+ return 0;
+ /* Issuer names must match */
+ if (X509_NAME_cmp(X509_CRL_get_issuer(base), X509_CRL_get_issuer(delta)))
+ return 0;
+ /* AKID and IDP must match */
+ if (!crl_extension_match(delta, base, NID_authority_key_identifier))
+ return 0;
+ if (!crl_extension_match(delta, base, NID_issuing_distribution_point))
+ return 0;
+ /* Delta CRL base number must not exceed Full CRL number. */
+ if (ASN1_INTEGER_cmp(delta->base_crl_number, base->crl_number) > 0)
+ return 0;
+ /* Delta CRL number must exceed full CRL number */
+ if (ASN1_INTEGER_cmp(delta->crl_number, base->crl_number) > 0)
+ return 1;
+ return 0;
+}
+
+/*
+ * For a given base CRL find a delta... maybe extend to delta scoring or
+ * retrieve a chain of deltas...
+ */
+
+static void get_delta_sk(X509_STORE_CTX *ctx, X509_CRL **dcrl, int *pscore,
+ X509_CRL *base, STACK_OF(X509_CRL) *crls)
+{
+ X509_CRL *delta;
+ int i;
+ if (!(ctx->param->flags & X509_V_FLAG_USE_DELTAS))
+ return;
+ if (!((ctx->current_cert->ex_flags | base->flags) & EXFLAG_FRESHEST))
+ return;
+ for (i = 0; i < sk_X509_CRL_num(crls); i++) {
+ delta = sk_X509_CRL_value(crls, i);
+ if (check_delta_base(delta, base)) {
+ if (check_crl_time(ctx, delta, 0))
+ *pscore |= CRL_SCORE_TIME_DELTA;
+ CRYPTO_add(&delta->references, 1, CRYPTO_LOCK_X509_CRL);
+ *dcrl = delta;
+ return;
+ }
}
+ *dcrl = NULL;
+}
- ok = X509_STORE_get_by_subject(ctx, X509_LU_CRL, nm, &xobj);
+/*
+ * For a given CRL return how suitable it is for the supplied certificate
+ * 'x'. The return value is a mask of several criteria. If the issuer is not
+ * the certificate issuer this is returned in *pissuer. The reasons mask is
+ * also used to determine if the CRL is suitable: if no new reasons the CRL
+ * is rejected, otherwise reasons is updated.
+ */
- if (!ok) {
- /* If we got a near match from get_crl_sk use that */
- if (crl) {
- *pcrl = crl;
- return 1;
+static int get_crl_score(X509_STORE_CTX *ctx, X509 **pissuer,
+ unsigned int *preasons, X509_CRL *crl, X509 *x)
+{
+
+ int crl_score = 0;
+ unsigned int tmp_reasons = *preasons, crl_reasons;
+
+ /* First see if we can reject CRL straight away */
+
+ /* Invalid IDP cannot be processed */
+ if (crl->idp_flags & IDP_INVALID)
+ return 0;
+ /* Reason codes or indirect CRLs need extended CRL support */
+ if (!(ctx->param->flags & X509_V_FLAG_EXTENDED_CRL_SUPPORT)) {
+ if (crl->idp_flags & (IDP_INDIRECT | IDP_REASONS))
+ return 0;
+ } else if (crl->idp_flags & IDP_REASONS) {
+ /* If no new reasons reject */
+ if (!(crl->idp_reasons & ~tmp_reasons))
+ return 0;
+ }
+ /* Don't process deltas at this stage */
+ else if (crl->base_crl_number)
+ return 0;
+ /* If issuer name doesn't match certificate need indirect CRL */
+ if (X509_NAME_cmp(X509_get_issuer_name(x), X509_CRL_get_issuer(crl))) {
+ if (!(crl->idp_flags & IDP_INDIRECT))
+ return 0;
+ } else
+ crl_score |= CRL_SCORE_ISSUER_NAME;
+
+ if (!(crl->flags & EXFLAG_CRITICAL))
+ crl_score |= CRL_SCORE_NOCRITICAL;
+
+ /* Check expiry */
+ if (check_crl_time(ctx, crl, 0))
+ crl_score |= CRL_SCORE_TIME;
+
+ /* Check authority key ID and locate certificate issuer */
+ crl_akid_check(ctx, crl, pissuer, &crl_score);
+
+ /* If we can't locate certificate issuer at this point forget it */
+
+ if (!(crl_score & CRL_SCORE_AKID))
+ return 0;
+
+ /* Check cert for matching CRL distribution points */
+
+ if (crl_crldp_check(x, crl, crl_score, &crl_reasons)) {
+ /* If no new reasons reject */
+ if (!(crl_reasons & ~tmp_reasons))
+ return 0;
+ tmp_reasons |= crl_reasons;
+ crl_score |= CRL_SCORE_SCOPE;
+ }
+
+ *preasons = tmp_reasons;
+
+ return crl_score;
+
+}
+
+static void crl_akid_check(X509_STORE_CTX *ctx, X509_CRL *crl,
+ X509 **pissuer, int *pcrl_score)
+{
+ X509 *crl_issuer = NULL;
+ X509_NAME *cnm = X509_CRL_get_issuer(crl);
+ int cidx = ctx->error_depth;
+ int i;
+
+ if (cidx != sk_X509_num(ctx->chain) - 1)
+ cidx++;
+
+ crl_issuer = sk_X509_value(ctx->chain, cidx);
+
+ if (X509_check_akid(crl_issuer, crl->akid) == X509_V_OK) {
+ if (*pcrl_score & CRL_SCORE_ISSUER_NAME) {
+ *pcrl_score |= CRL_SCORE_AKID | CRL_SCORE_ISSUER_CERT;
+ *pissuer = crl_issuer;
+ return;
}
+ }
+
+ for (cidx++; cidx < sk_X509_num(ctx->chain); cidx++) {
+ crl_issuer = sk_X509_value(ctx->chain, cidx);
+ if (X509_NAME_cmp(X509_get_subject_name(crl_issuer), cnm))
+ continue;
+ if (X509_check_akid(crl_issuer, crl->akid) == X509_V_OK) {
+ *pcrl_score |= CRL_SCORE_AKID | CRL_SCORE_SAME_PATH;
+ *pissuer = crl_issuer;
+ return;
+ }
+ }
+
+ /* Anything else needs extended CRL support */
+
+ if (!(ctx->param->flags & X509_V_FLAG_EXTENDED_CRL_SUPPORT))
+ return;
+
+ /*
+ * Otherwise the CRL issuer is not on the path. Look for it in the set of
+ * untrusted certificates.
+ */
+ for (i = 0; i < sk_X509_num(ctx->untrusted); i++) {
+ crl_issuer = sk_X509_value(ctx->untrusted, i);
+ if (X509_NAME_cmp(X509_get_subject_name(crl_issuer), cnm))
+ continue;
+ if (X509_check_akid(crl_issuer, crl->akid) == X509_V_OK) {
+ *pissuer = crl_issuer;
+ *pcrl_score |= CRL_SCORE_AKID;
+ return;
+ }
+ }
+}
+
+/*
+ * Check the path of a CRL issuer certificate. This creates a new
+ * X509_STORE_CTX and populates it with most of the parameters from the
+ * parent. This could be optimised somewhat since a lot of path checking will
+ * be duplicated by the parent, but this will rarely be used in practice.
+ */
+
+static int check_crl_path(X509_STORE_CTX *ctx, X509 *x)
+{
+ X509_STORE_CTX crl_ctx;
+ int ret;
+ /* Don't allow recursive CRL path validation */
+ if (ctx->parent)
return 0;
+ if (!X509_STORE_CTX_init(&crl_ctx, ctx->ctx, x, ctx->untrusted))
+ return -1;
+
+ crl_ctx.crls = ctx->crls;
+ /* Copy verify params across */
+ X509_STORE_CTX_set0_param(&crl_ctx, ctx->param);
+
+ crl_ctx.parent = ctx;
+ crl_ctx.verify_cb = ctx->verify_cb;
+
+ /* Verify CRL issuer */
+ ret = X509_verify_cert(&crl_ctx);
+
+ if (ret <= 0)
+ goto err;
+
+ /* Check chain is acceptable */
+
+ ret = check_crl_chain(ctx, ctx->chain, crl_ctx.chain);
+ err:
+ X509_STORE_CTX_cleanup(&crl_ctx);
+ return ret;
+}
+
+/*
+ * RFC3280 says nothing about the relationship between CRL path and
+ * certificate path, which could lead to situations where a certificate could
+ * be revoked or validated by a CA not authorised to do so. RFC5280 is more
+ * strict and states that the two paths must end in the same trust anchor,
+ * though some discussions remain... until this is resolved we use the
+ * RFC5280 version
+ */
+
+static int check_crl_chain(X509_STORE_CTX *ctx,
+ STACK_OF(X509) *cert_path,
+ STACK_OF(X509) *crl_path)
+{
+ X509 *cert_ta, *crl_ta;
+ cert_ta = sk_X509_value(cert_path, sk_X509_num(cert_path) - 1);
+ crl_ta = sk_X509_value(crl_path, sk_X509_num(crl_path) - 1);
+ if (!X509_cmp(cert_ta, crl_ta))
+ return 1;
+ return 0;
+}
+
+/*-
+ * Check for match between two dist point names: three separate cases.
+ * 1. Both are relative names and compare X509_NAME types.
+ * 2. One full, one relative. Compare X509_NAME to GENERAL_NAMES.
+ * 3. Both are full names and compare two GENERAL_NAMES.
+ * 4. One is NULL: automatic match.
+ */
+
+static int idp_check_dp(DIST_POINT_NAME *a, DIST_POINT_NAME *b)
+{
+ X509_NAME *nm = NULL;
+ GENERAL_NAMES *gens = NULL;
+ GENERAL_NAME *gena, *genb;
+ int i, j;
+ if (!a || !b)
+ return 1;
+ if (a->type == 1) {
+ if (!a->dpname)
+ return 0;
+ /* Case 1: two X509_NAME */
+ if (b->type == 1) {
+ if (!b->dpname)
+ return 0;
+ if (!X509_NAME_cmp(a->dpname, b->dpname))
+ return 1;
+ else
+ return 0;
+ }
+ /* Case 2: set name and GENERAL_NAMES appropriately */
+ nm = a->dpname;
+ gens = b->name.fullname;
+ } else if (b->type == 1) {
+ if (!b->dpname)
+ return 0;
+ /* Case 2: set name and GENERAL_NAMES appropriately */
+ gens = a->name.fullname;
+ nm = b->dpname;
}
- *pcrl = xobj.data.crl;
- if (crl)
- X509_CRL_free(crl);
- return 1;
+ /* Handle case 2 with one GENERAL_NAMES and one X509_NAME */
+ if (nm) {
+ for (i = 0; i < sk_GENERAL_NAME_num(gens); i++) {
+ gena = sk_GENERAL_NAME_value(gens, i);
+ if (gena->type != GEN_DIRNAME)
+ continue;
+ if (!X509_NAME_cmp(nm, gena->d.directoryName))
+ return 1;
+ }
+ return 0;
+ }
+
+ /* Else case 3: two GENERAL_NAMES */
+
+ for (i = 0; i < sk_GENERAL_NAME_num(a->name.fullname); i++) {
+ gena = sk_GENERAL_NAME_value(a->name.fullname, i);
+ for (j = 0; j < sk_GENERAL_NAME_num(b->name.fullname); j++) {
+ genb = sk_GENERAL_NAME_value(b->name.fullname, j);
+ if (!GENERAL_NAME_cmp(gena, genb))
+ return 1;
+ }
+ }
+
+ return 0;
+
}
+static int crldp_check_crlissuer(DIST_POINT *dp, X509_CRL *crl, int crl_score)
+{
+ int i;
+ X509_NAME *nm = X509_CRL_get_issuer(crl);
+ /* If no CRLissuer return is successful iff don't need a match */
+ if (!dp->CRLissuer)
+ return ! !(crl_score & CRL_SCORE_ISSUER_NAME);
+ for (i = 0; i < sk_GENERAL_NAME_num(dp->CRLissuer); i++) {
+ GENERAL_NAME *gen = sk_GENERAL_NAME_value(dp->CRLissuer, i);
+ if (gen->type != GEN_DIRNAME)
+ continue;
+ if (!X509_NAME_cmp(gen->d.directoryName, nm))
+ return 1;
+ }
+ return 0;
+}
+
+/* Check CRLDP and IDP */
+
+static int crl_crldp_check(X509 *x, X509_CRL *crl, int crl_score,
+ unsigned int *preasons)
+{
+ int i;
+ if (crl->idp_flags & IDP_ONLYATTR)
+ return 0;
+ if (x->ex_flags & EXFLAG_CA) {
+ if (crl->idp_flags & IDP_ONLYUSER)
+ return 0;
+ } else {
+ if (crl->idp_flags & IDP_ONLYCA)
+ return 0;
+ }
+ *preasons = crl->idp_reasons;
+ for (i = 0; i < sk_DIST_POINT_num(x->crldp); i++) {
+ DIST_POINT *dp = sk_DIST_POINT_value(x->crldp, i);
+ if (crldp_check_crlissuer(dp, crl, crl_score)) {
+ if (!crl->idp || idp_check_dp(dp->distpoint, crl->idp->distpoint)) {
+ *preasons &= dp->dp_reasons;
+ return 1;
+ }
+ }
+ }
+ if ((!crl->idp || !crl->idp->distpoint)
+ && (crl_score & CRL_SCORE_ISSUER_NAME))
+ return 1;
+ return 0;
+}
+
+/*
+ * Retrieve CRL corresponding to current certificate. If deltas enabled try
+ * to find a delta CRL too
+ */
+
+static int get_crl_delta(X509_STORE_CTX *ctx,
+ X509_CRL **pcrl, X509_CRL **pdcrl, X509 *x)
+{
+ int ok;
+ X509 *issuer = NULL;
+ int crl_score = 0;
+ unsigned int reasons;
+ X509_CRL *crl = NULL, *dcrl = NULL;
+ STACK_OF(X509_CRL) *skcrl;
+ X509_NAME *nm = X509_get_issuer_name(x);
+ reasons = ctx->current_reasons;
+ ok = get_crl_sk(ctx, &crl, &dcrl,
+ &issuer, &crl_score, &reasons, ctx->crls);
+
+ if (ok)
+ goto done;
+
+ /* Lookup CRLs from store */
+
+ skcrl = ctx->lookup_crls(ctx, nm);
+
+ /* If no CRLs found and a near match from get_crl_sk use that */
+ if (!skcrl && crl)
+ goto done;
+
+ get_crl_sk(ctx, &crl, &dcrl, &issuer, &crl_score, &reasons, skcrl);
+
+ sk_X509_CRL_pop_free(skcrl, X509_CRL_free);
+
+ done:
+
+ /* If we got any kind of CRL use it and return success */
+ if (crl) {
+ ctx->current_issuer = issuer;
+ ctx->current_crl_score = crl_score;
+ ctx->current_reasons = reasons;
+ *pcrl = crl;
+ *pdcrl = dcrl;
+ return 1;
+ }
+
+ return 0;
+}
+
/* Check CRL validity */
static int check_crl(X509_STORE_CTX *ctx, X509_CRL *crl)
{
@@ -715,11 +1328,15 @@
int ok = 0, chnum, cnum;
cnum = ctx->error_depth;
chnum = sk_X509_num(ctx->chain) - 1;
+ /* if we have an alternative CRL issuer cert use that */
+ if (ctx->current_issuer)
+ issuer = ctx->current_issuer;
+
/*
- * Find CRL issuer: if not last certificate then issuer is next
+ * Else find CRL issuer: if not last certificate then issuer is next
* certificate in chain.
*/
- if (cnum < chnum)
+ else if (cnum < chnum)
issuer = sk_X509_value(ctx->chain, cnum + 1);
else {
issuer = sk_X509_value(ctx->chain, chnum);
@@ -733,11 +1350,46 @@
}
if (issuer) {
- /* Check for cRLSign bit if keyUsage present */
- if ((issuer->ex_flags & EXFLAG_KUSAGE) &&
- !(issuer->ex_kusage & KU_CRL_SIGN)) {
- ctx->error = X509_V_ERR_KEYUSAGE_NO_CRL_SIGN;
- ok = ctx->verify_cb(0, ctx);
+ /*
+ * Skip most tests for deltas because they have already been done
+ */
+ if (!crl->base_crl_number) {
+ /* Check for cRLSign bit if keyUsage present */
+ if ((issuer->ex_flags & EXFLAG_KUSAGE) &&
+ !(issuer->ex_kusage & KU_CRL_SIGN)) {
+ ctx->error = X509_V_ERR_KEYUSAGE_NO_CRL_SIGN;
+ ok = ctx->verify_cb(0, ctx);
+ if (!ok)
+ goto err;
+ }
+
+ if (!(ctx->current_crl_score & CRL_SCORE_SCOPE)) {
+ ctx->error = X509_V_ERR_DIFFERENT_CRL_SCOPE;
+ ok = ctx->verify_cb(0, ctx);
+ if (!ok)
+ goto err;
+ }
+
+ if (!(ctx->current_crl_score & CRL_SCORE_SAME_PATH)) {
+ if (check_crl_path(ctx, ctx->current_issuer) <= 0) {
+ ctx->error = X509_V_ERR_CRL_PATH_VALIDATION_ERROR;
+ ok = ctx->verify_cb(0, ctx);
+ if (!ok)
+ goto err;
+ }
+ }
+
+ if (crl->idp_flags & IDP_INVALID) {
+ ctx->error = X509_V_ERR_INVALID_EXTENSION;
+ ok = ctx->verify_cb(0, ctx);
+ if (!ok)
+ goto err;
+ }
+
+ }
+
+ if (!(ctx->current_crl_score & CRL_SCORE_TIME)) {
+ ok = check_crl_time(ctx, crl, 1);
if (!ok)
goto err;
}
@@ -761,10 +1413,6 @@
}
}
- ok = check_crl_time(ctx, crl, 1);
- if (!ok)
- goto err;
-
ok = 1;
err:
@@ -775,27 +1423,28 @@
/* Check certificate against CRL */
static int cert_crl(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x)
{
- int idx, ok;
- X509_REVOKED rtmp;
- STACK_OF(X509_EXTENSION) *exts;
- X509_EXTENSION *ext;
- /* Look for serial number of certificate in CRL */
- rtmp.serialNumber = X509_get_serialNumber(x);
+ int ok;
+ X509_REVOKED *rev;
/*
- * Sort revoked into serial number order if not already sorted. Do this
- * under a lock to avoid race condition.
+ * The rules changed for this... previously if a CRL contained unhandled
+ * critical extensions it could still be used to indicate a certificate
+ * was revoked. This has since been changed since critical extension can
+ * change the meaning of CRL entries.
*/
- if (!sk_X509_REVOKED_is_sorted(crl->crl->revoked)) {
- CRYPTO_w_lock(CRYPTO_LOCK_X509_CRL);
- sk_X509_REVOKED_sort(crl->crl->revoked);
- CRYPTO_w_unlock(CRYPTO_LOCK_X509_CRL);
+ if (!(ctx->param->flags & X509_V_FLAG_IGNORE_CRITICAL)
+ && (crl->flags & EXFLAG_CRITICAL)) {
+ ctx->error = X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION;
+ ok = ctx->verify_cb(0, ctx);
+ if (!ok)
+ return 0;
}
- idx = sk_X509_REVOKED_find(crl->crl->revoked, &rtmp);
/*
- * If found assume revoked: want something cleverer than this to handle
- * entry extensions in V2 CRLs.
+ * Look for serial number of certificate in CRL If found make sure reason
+ * is not removeFromCRL.
*/
- if (idx >= 0) {
+ if (X509_CRL_get0_by_cert(crl, &rev, x)) {
+ if (rev->reason == CRL_REASON_REMOVE_FROM_CRL)
+ return 2;
ctx->error = X509_V_ERR_CERT_REVOKED;
ok = ctx->verify_cb(0, ctx);
if (!ok)
@@ -802,28 +1451,6 @@
return 0;
}
- if (ctx->param->flags & X509_V_FLAG_IGNORE_CRITICAL)
- return 1;
-
- /*
- * See if we have any critical CRL extensions: since we currently don't
- * handle any CRL extensions the CRL must be rejected. This code
- * accesses the X509_CRL structure directly: applications shouldn't do
- * this.
- */
-
- exts = crl->crl->extensions;
-
- for (idx = 0; idx < sk_X509_EXTENSION_num(exts); idx++) {
- ext = sk_X509_EXTENSION_value(exts, idx);
- if (ext->critical > 0) {
- ctx->error = X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION;
- ok = ctx->verify_cb(0, ctx);
- if (!ok)
- return 0;
- break;
- }
- }
return 1;
}
@@ -830,6 +1457,8 @@
static int check_policy(X509_STORE_CTX *ctx)
{
int ret;
+ if (ctx->parent)
+ return 1;
ret = X509_policy_check(&ctx->tree, &ctx->explicit_policy, ctx->chain,
ctx->param->policies, ctx->param->flags);
if (ret == 0) {
@@ -849,7 +1478,8 @@
continue;
ctx->current_cert = x;
ctx->error = X509_V_ERR_INVALID_POLICY_EXTENSION;
- ret = ctx->verify_cb(0, ctx);
+ if (!ctx->verify_cb(0, ctx))
+ return 0;
}
return 1;
}
@@ -996,12 +1626,12 @@
return ok;
}
-int X509_cmp_current_time(ASN1_TIME *ctm)
+int X509_cmp_current_time(const ASN1_TIME *ctm)
{
return X509_cmp_time(ctm, NULL);
}
-int X509_cmp_time(ASN1_TIME *ctm, time_t *cmp_time)
+int X509_cmp_time(const ASN1_TIME *ctm, time_t *cmp_time)
{
char *str;
ASN1_TIME atm;
@@ -1091,6 +1721,7 @@
offset = -offset;
}
atm.type = ctm->type;
+ atm.flags = 0;
atm.length = sizeof(buff2);
atm.data = (unsigned char *)buff2;
@@ -1122,10 +1753,15 @@
return X509_time_adj(s, adj, NULL);
}
-ASN1_TIME *X509_time_adj(ASN1_TIME *s, long adj, time_t *in_tm)
+ASN1_TIME *X509_time_adj(ASN1_TIME *s, long offset_sec, time_t *in_tm)
{
+ return X509_time_adj_ex(s, 0, offset_sec, in_tm);
+}
+
+ASN1_TIME *X509_time_adj_ex(ASN1_TIME *s,
+ int offset_day, long offset_sec, time_t *in_tm)
+{
time_t t;
- int type = -1;
if (in_tm)
t = *in_tm;
@@ -1132,14 +1768,13 @@
else
time(&t);
- t += adj;
- if (s)
- type = s->type;
- if (type == V_ASN1_UTCTIME)
- return ASN1_UTCTIME_set(s, t);
- if (type == V_ASN1_GENERALIZEDTIME)
- return ASN1_GENERALIZEDTIME_set(s, t);
- return ASN1_TIME_set(s, t);
+ if (s && !(s->flags & ASN1_STRING_FLAG_MSTRING)) {
+ if (s->type == V_ASN1_UTCTIME)
+ return ASN1_UTCTIME_adj(s, t, offset_day, offset_sec);
+ if (s->type == V_ASN1_GENERALIZEDTIME)
+ return ASN1_GENERALIZEDTIME_adj(s, t, offset_day, offset_sec);
+ }
+ return ASN1_TIME_adj(s, t, offset_day, offset_sec);
}
int X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain)
@@ -1245,6 +1880,21 @@
return chain;
}
+X509 *X509_STORE_CTX_get0_current_issuer(X509_STORE_CTX *ctx)
+{
+ return ctx->current_issuer;
+}
+
+X509_CRL *X509_STORE_CTX_get0_current_crl(X509_STORE_CTX *ctx)
+{
+ return ctx->current_crl;
+}
+
+X509_STORE_CTX *X509_STORE_CTX_get0_parent_ctx(X509_STORE_CTX *ctx)
+{
+ return ctx->parent;
+}
+
void X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx, X509 *x)
{
ctx->cert = x;
@@ -1365,7 +2015,11 @@
ctx->error_depth = 0;
ctx->current_cert = NULL;
ctx->current_issuer = NULL;
+ ctx->current_crl = NULL;
+ ctx->current_crl_score = 0;
+ ctx->current_reasons = 0;
ctx->tree = NULL;
+ ctx->parent = NULL;
ctx->param = X509_VERIFY_PARAM_new();
@@ -1426,7 +2080,7 @@
if (store && store->get_crl)
ctx->get_crl = store->get_crl;
else
- ctx->get_crl = get_crl;
+ ctx->get_crl = NULL;
if (store && store->check_crl)
ctx->check_crl = store->check_crl;
@@ -1438,6 +2092,16 @@
else
ctx->cert_crl = cert_crl;
+ if (store && store->lookup_certs)
+ ctx->lookup_certs = store->lookup_certs;
+ else
+ ctx->lookup_certs = X509_STORE_get1_certs;
+
+ if (store && store->lookup_crls)
+ ctx->lookup_crls = store->lookup_crls;
+ else
+ ctx->lookup_crls = X509_STORE_get1_crls;
+
ctx->check_policy = check_policy;
/*
@@ -1471,7 +2135,8 @@
if (ctx->cleanup)
ctx->cleanup(ctx);
if (ctx->param != NULL) {
- X509_VERIFY_PARAM_free(ctx->param);
+ if (ctx->parent == NULL)
+ X509_VERIFY_PARAM_free(ctx->param);
ctx->param = NULL;
}
if (ctx->tree != NULL) {
Modified: trunk/crypto/openssl/crypto/x509/x509_vfy.h
===================================================================
--- trunk/crypto/openssl/crypto/x509/x509_vfy.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/x509/x509_vfy.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -79,6 +79,7 @@
extern "C" {
#endif
+# if 0
/* Outer object */
typedef struct x509_hash_dir_st {
int num_dirs;
@@ -86,6 +87,7 @@
int *dirs_type;
int num_dirs_alloced;
} X509_HASH_DIR_CTX;
+# endif
typedef struct x509_file_st {
int num_paths; /* number of paths to files or directories */
@@ -202,6 +204,8 @@
int (*check_crl) (X509_STORE_CTX *ctx, X509_CRL *crl);
/* Check certificate against CRL */
int (*cert_crl) (X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x);
+ STACK_OF(X509) *(*lookup_certs) (X509_STORE_CTX *ctx, X509_NAME *nm);
+ STACK_OF(X509_CRL) *(*lookup_crls) (X509_STORE_CTX *ctx, X509_NAME *nm);
int (*cleanup) (X509_STORE_CTX *ctx);
CRYPTO_EX_DATA ex_data;
int references;
@@ -258,6 +262,8 @@
/* Check certificate against CRL */
int (*cert_crl) (X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x);
int (*check_policy) (X509_STORE_CTX *ctx);
+ STACK_OF(X509) *(*lookup_certs) (X509_STORE_CTX *ctx, X509_NAME *nm);
+ STACK_OF(X509_CRL) *(*lookup_crls) (X509_STORE_CTX *ctx, X509_NAME *nm);
int (*cleanup) (X509_STORE_CTX *ctx);
/* The following is built up */
/* if 0, rebuild chain */
@@ -278,6 +284,12 @@
X509 *current_issuer;
/* current CRL */
X509_CRL *current_crl;
+ /* score of current CRL */
+ int current_crl_score;
+ /* Reason mask */
+ unsigned int current_reasons;
+ /* For CRL path validation: parent context */
+ X509_STORE_CTX *parent;
CRYPTO_EX_DATA ex_data;
} /* X509_STORE_CTX */ ;
@@ -345,9 +357,19 @@
# define X509_V_ERR_INVALID_EXTENSION 41
# define X509_V_ERR_INVALID_POLICY_EXTENSION 42
# define X509_V_ERR_NO_EXPLICIT_POLICY 43
+# define X509_V_ERR_DIFFERENT_CRL_SCOPE 44
+# define X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE 45
-# define X509_V_ERR_UNNESTED_RESOURCE 44
+# define X509_V_ERR_UNNESTED_RESOURCE 46
+# define X509_V_ERR_PERMITTED_VIOLATION 47
+# define X509_V_ERR_EXCLUDED_VIOLATION 48
+# define X509_V_ERR_SUBTREE_MINMAX 49
+# define X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE 51
+# define X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX 52
+# define X509_V_ERR_UNSUPPORTED_NAME_SYNTAX 53
+# define X509_V_ERR_CRL_PATH_VALIDATION_ERROR 54
+
/* The application is not happy */
# define X509_V_ERR_APPLICATION_VERIFICATION 50
@@ -377,9 +399,18 @@
# define X509_V_FLAG_INHIBIT_MAP 0x400
/* Notify callback that policy is OK */
# define X509_V_FLAG_NOTIFY_POLICY 0x800
-
+/* Extended CRL features such as indirect CRLs, alternate CRL signing keys */
+# define X509_V_FLAG_EXTENDED_CRL_SUPPORT 0x1000
+/* Delta CRL support */
+# define X509_V_FLAG_USE_DELTAS 0x2000
/* Check selfsigned CA signature */
# define X509_V_FLAG_CHECK_SS_SIGNATURE 0x4000
+/*
+ * If the initial chain is not trusted, do not attempt to build an alternative
+ * chain. Alternate chain checking was introduced in 1.0.1n/1.0.2b. Setting
+ * this flag will force the behaviour to match that of previous versions.
+ */
+# define X509_V_FLAG_NO_ALT_CHAINS 0x100000
# define X509_VP_FLAG_DEFAULT 0x1
# define X509_VP_FLAG_OVERWRITE 0x2
@@ -404,11 +435,16 @@
X509_STORE *X509_STORE_new(void);
void X509_STORE_free(X509_STORE *v);
+STACK_OF(X509) *X509_STORE_get1_certs(X509_STORE_CTX *st, X509_NAME *nm);
+STACK_OF(X509_CRL) *X509_STORE_get1_crls(X509_STORE_CTX *st, X509_NAME *nm);
int X509_STORE_set_flags(X509_STORE *ctx, unsigned long flags);
int X509_STORE_set_purpose(X509_STORE *ctx, int purpose);
int X509_STORE_set_trust(X509_STORE *ctx, int trust);
int X509_STORE_set1_param(X509_STORE *ctx, X509_VERIFY_PARAM *pm);
+void X509_STORE_set_verify_cb(X509_STORE *ctx,
+ int (*verify_cb) (int, X509_STORE_CTX *));
+
X509_STORE_CTX *X509_STORE_CTX_new(void);
int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x);
@@ -469,6 +505,9 @@
void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int s);
int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx);
X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx);
+X509 *X509_STORE_CTX_get0_current_issuer(X509_STORE_CTX *ctx);
+X509_CRL *X509_STORE_CTX_get0_current_crl(X509_STORE_CTX *ctx);
+X509_STORE_CTX *X509_STORE_CTX_get0_parent_ctx(X509_STORE_CTX *ctx);
STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx);
STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx);
void X509_STORE_CTX_set_cert(X509_STORE_CTX *c, X509 *x);
Modified: trunk/crypto/openssl/crypto/x509/x509_vpm.c
===================================================================
--- trunk/crypto/openssl/crypto/x509/x509_vpm.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/x509/x509_vpm.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -75,6 +75,9 @@
param->name = NULL;
param->purpose = 0;
param->trust = 0;
+ /*
+ * param->inh_flags = X509_VP_FLAG_DEFAULT;
+ */
param->inh_flags = 0;
param->flags = 0;
param->depth = -1;
@@ -88,6 +91,8 @@
{
X509_VERIFY_PARAM *param;
param = OPENSSL_malloc(sizeof(X509_VERIFY_PARAM));
+ if (!param)
+ return NULL;
memset(param, 0, sizeof(X509_VERIFY_PARAM));
x509_verify_param_zero(param);
return param;
@@ -95,6 +100,8 @@
void X509_VERIFY_PARAM_free(X509_VERIFY_PARAM *param)
{
+ if (param == NULL)
+ return;
x509_verify_param_zero(param);
OPENSSL_free(param);
}
@@ -324,7 +331,7 @@
NULL /* policies */
},
{
- "pkcs7", /* S/MIME signing parameters */
+ "pkcs7", /* S/MIME sign parameters */
0, /* Check time */
0, /* internal flags */
0, /* flags */
@@ -334,7 +341,7 @@
NULL /* policies */
},
{
- "smime_sign", /* S/MIME signing parameters */
+ "smime_sign", /* S/MIME sign parameters */
0, /* Check time */
0, /* internal flags */
0, /* flags */
@@ -367,12 +374,14 @@
static STACK_OF(X509_VERIFY_PARAM) *param_table = NULL;
-static int table_cmp(const void *pa, const void *pb)
+static int table_cmp(const X509_VERIFY_PARAM *a, const X509_VERIFY_PARAM *b)
{
- const X509_VERIFY_PARAM *a = pa, *b = pb;
return strcmp(a->name, b->name);
}
+DECLARE_OBJ_BSEARCH_CMP_FN(X509_VERIFY_PARAM, X509_VERIFY_PARAM, table);
+IMPLEMENT_OBJ_BSEARCH_CMP_FN(X509_VERIFY_PARAM, X509_VERIFY_PARAM, table);
+
static int param_cmp(const X509_VERIFY_PARAM *const *a,
const X509_VERIFY_PARAM *const *b)
{
@@ -404,6 +413,7 @@
{
int idx;
X509_VERIFY_PARAM pm;
+
pm.name = (char *)name;
if (param_table) {
idx = sk_X509_VERIFY_PARAM_find(param_table, &pm);
@@ -410,12 +420,9 @@
if (idx != -1)
return sk_X509_VERIFY_PARAM_value(param_table, idx);
}
- return (const X509_VERIFY_PARAM *)OBJ_bsearch((char *)&pm,
- (char *)&default_table,
- sizeof(default_table) /
- sizeof(X509_VERIFY_PARAM),
- sizeof(X509_VERIFY_PARAM),
- table_cmp);
+ return OBJ_bsearch_table(&pm, default_table,
+ sizeof(default_table) /
+ sizeof(X509_VERIFY_PARAM));
}
void X509_VERIFY_PARAM_table_cleanup(void)
Modified: trunk/crypto/openssl/crypto/x509/x509cset.c
===================================================================
--- trunk/crypto/openssl/crypto/x509/x509cset.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/x509/x509cset.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -82,7 +82,7 @@
return (X509_NAME_set(&x->crl->issuer, name));
}
-int X509_CRL_set_lastUpdate(X509_CRL *x, ASN1_TIME *tm)
+int X509_CRL_set_lastUpdate(X509_CRL *x, const ASN1_TIME *tm)
{
ASN1_TIME *in;
@@ -99,7 +99,7 @@
return (in != NULL);
}
-int X509_CRL_set_nextUpdate(X509_CRL *x, ASN1_TIME *tm)
+int X509_CRL_set_nextUpdate(X509_CRL *x, const ASN1_TIME *tm)
{
ASN1_TIME *in;
Modified: trunk/crypto/openssl/crypto/x509/x509name.c
===================================================================
--- trunk/crypto/openssl/crypto/x509/x509name.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/x509/x509name.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -369,7 +369,7 @@
len, type,
OBJ_obj2nid(ne->object)) ? 1 : 0;
if (len < 0)
- len = strlen((char *)bytes);
+ len = strlen((const char *)bytes);
i = ASN1_STRING_set(ne->value, bytes, len);
if (!i)
return (0);
Modified: trunk/crypto/openssl/crypto/x509/x509type.c
===================================================================
--- trunk/crypto/openssl/crypto/x509/x509type.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/x509/x509type.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -93,28 +93,34 @@
case EVP_PKEY_DH:
ret = EVP_PK_DH | EVP_PKT_EXCH;
break;
+ case NID_id_GostR3410_94:
+ case NID_id_GostR3410_2001:
+ ret = EVP_PKT_EXCH | EVP_PKT_SIGN;
+ break;
default:
break;
}
- i = X509_get_signature_type(x);
- switch (i) {
- case EVP_PKEY_RSA:
- ret |= EVP_PKS_RSA;
- break;
- case EVP_PKEY_DSA:
- ret |= EVP_PKS_DSA;
- break;
- case EVP_PKEY_EC:
- ret |= EVP_PKS_EC;
- break;
- default:
- break;
+ i = OBJ_obj2nid(x->sig_alg->algorithm);
+ if (i && OBJ_find_sigid_algs(i, NULL, &i)) {
+
+ switch (i) {
+ case NID_rsaEncryption:
+ case NID_rsa:
+ ret |= EVP_PKS_RSA;
+ break;
+ case NID_dsa:
+ case NID_dsa_2:
+ ret |= EVP_PKS_DSA;
+ break;
+ case NID_X9_62_id_ecPublicKey:
+ ret |= EVP_PKS_EC;
+ break;
+ default:
+ break;
+ }
}
- /* /8 because it's 1024 bits we look for, not bytes */
- if (EVP_PKEY_size(pk) <= 1024 / 8)
- ret |= EVP_PKT_EXP;
if (pkey == NULL)
EVP_PKEY_free(pk);
return (ret);
Modified: trunk/crypto/openssl/crypto/x509/x_all.c
===================================================================
--- trunk/crypto/openssl/crypto/x509/x_all.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/x509/x_all.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -57,7 +57,6 @@
*/
#include <stdio.h>
-#undef SSLEAY_MACROS
#include <openssl/stack.h>
#include "cryptlib.h"
#include <openssl/buffer.h>
@@ -85,12 +84,6 @@
a->sig_alg, a->signature, a->req_info, r));
}
-int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r)
-{
- return (ASN1_item_verify(ASN1_ITEM_rptr(X509_CRL_INFO),
- a->sig_alg, a->signature, a->crl, r));
-}
-
int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r)
{
return (ASN1_item_verify(ASN1_ITEM_rptr(NETSCAPE_SPKAC),
@@ -104,6 +97,14 @@
x->sig_alg, x->signature, x->cert_info, pkey, md));
}
+int X509_sign_ctx(X509 *x, EVP_MD_CTX *ctx)
+{
+ x->cert_info->enc.modified = 1;
+ return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_CINF),
+ x->cert_info->signature,
+ x->sig_alg, x->signature, x->cert_info, ctx);
+}
+
int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md)
{
return (ASN1_item_sign(ASN1_ITEM_rptr(X509_REQ_INFO), x->sig_alg, NULL,
@@ -110,6 +111,13 @@
x->signature, x->req_info, pkey, md));
}
+int X509_REQ_sign_ctx(X509_REQ *x, EVP_MD_CTX *ctx)
+{
+ return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_REQ_INFO),
+ x->sig_alg, NULL, x->signature, x->req_info,
+ ctx);
+}
+
int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md)
{
x->crl->enc.modified = 1;
@@ -117,6 +125,14 @@
x->sig_alg, x->signature, x->crl, pkey, md));
}
+int X509_CRL_sign_ctx(X509_CRL *x, EVP_MD_CTX *ctx)
+{
+ x->crl->enc.modified = 1;
+ return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_CRL_INFO),
+ x->crl->sig_alg, x->sig_alg, x->signature,
+ x->crl, ctx);
+}
+
int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md)
{
return (ASN1_item_sign(ASN1_ITEM_rptr(NETSCAPE_SPKAC), x->sig_algor, NULL,
Modified: trunk/crypto/openssl/crypto/x509v3/Makefile
===================================================================
--- trunk/crypto/openssl/crypto/x509v3/Makefile 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/x509v3/Makefile 2015-07-21 23:23:45 UTC (rev 7118)
@@ -43,7 +43,7 @@
all: lib
lib: $(LIBOBJ)
- $(ARX) $(LIB) $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
@@ -71,6 +71,8 @@
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
+update: depend
+
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
@@ -90,8 +92,8 @@
pcy_cache.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
pcy_cache.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
pcy_cache.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-pcy_cache.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-pcy_cache.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pcy_cache.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pcy_cache.o: ../../include/openssl/objects.h
pcy_cache.o: ../../include/openssl/opensslconf.h
pcy_cache.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
pcy_cache.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
@@ -105,9 +107,8 @@
pcy_data.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
pcy_data.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
pcy_data.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-pcy_data.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-pcy_data.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-pcy_data.o: ../../include/openssl/opensslconf.h
+pcy_data.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pcy_data.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
pcy_data.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
pcy_data.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
pcy_data.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
@@ -120,14 +121,14 @@
pcy_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
pcy_lib.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
pcy_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-pcy_lib.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-pcy_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-pcy_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-pcy_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-pcy_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-pcy_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-pcy_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-pcy_lib.o: ../../include/openssl/x509v3.h ../cryptlib.h pcy_int.h pcy_lib.c
+pcy_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pcy_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+pcy_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pcy_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+pcy_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pcy_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+pcy_lib.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+pcy_lib.o: ../cryptlib.h pcy_int.h pcy_lib.c
pcy_map.o: ../../e_os.h ../../include/openssl/asn1.h
pcy_map.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
pcy_map.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
@@ -134,22 +135,21 @@
pcy_map.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
pcy_map.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
pcy_map.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-pcy_map.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-pcy_map.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-pcy_map.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-pcy_map.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-pcy_map.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-pcy_map.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-pcy_map.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-pcy_map.o: ../../include/openssl/x509v3.h ../cryptlib.h pcy_int.h pcy_map.c
+pcy_map.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pcy_map.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+pcy_map.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pcy_map.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+pcy_map.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pcy_map.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+pcy_map.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+pcy_map.o: ../cryptlib.h pcy_int.h pcy_map.c
pcy_node.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
pcy_node.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
pcy_node.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
pcy_node.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
pcy_node.o: ../../include/openssl/ecdsa.h ../../include/openssl/evp.h
-pcy_node.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-pcy_node.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-pcy_node.o: ../../include/openssl/opensslconf.h
+pcy_node.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pcy_node.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
pcy_node.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
pcy_node.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
pcy_node.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
@@ -162,9 +162,8 @@
pcy_tree.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
pcy_tree.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
pcy_tree.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-pcy_tree.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-pcy_tree.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-pcy_tree.o: ../../include/openssl/opensslconf.h
+pcy_tree.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pcy_tree.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
pcy_tree.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
pcy_tree.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
pcy_tree.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
@@ -177,15 +176,14 @@
v3_addr.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
v3_addr.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
v3_addr.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-v3_addr.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-v3_addr.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-v3_addr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-v3_addr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-v3_addr.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-v3_addr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-v3_addr.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-v3_addr.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-v3_addr.o: ../cryptlib.h v3_addr.c
+v3_addr.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+v3_addr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_addr.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+v3_addr.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+v3_addr.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+v3_addr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+v3_addr.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+v3_addr.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_addr.c
v3_akey.o: ../../e_os.h ../../include/openssl/asn1.h
v3_akey.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
v3_akey.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
@@ -192,15 +190,14 @@
v3_akey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
v3_akey.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
v3_akey.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-v3_akey.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-v3_akey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-v3_akey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-v3_akey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-v3_akey.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-v3_akey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-v3_akey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-v3_akey.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-v3_akey.o: ../cryptlib.h v3_akey.c
+v3_akey.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+v3_akey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_akey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+v3_akey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+v3_akey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+v3_akey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+v3_akey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+v3_akey.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_akey.c
v3_akeya.o: ../../e_os.h ../../include/openssl/asn1.h
v3_akeya.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
v3_akeya.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
@@ -207,9 +204,9 @@
v3_akeya.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
v3_akeya.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
v3_akeya.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-v3_akeya.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-v3_akeya.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-v3_akeya.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_akeya.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+v3_akeya.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_akeya.o: ../../include/openssl/opensslconf.h
v3_akeya.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
v3_akeya.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
v3_akeya.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
@@ -221,15 +218,14 @@
v3_alt.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
v3_alt.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
v3_alt.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-v3_alt.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-v3_alt.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-v3_alt.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-v3_alt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-v3_alt.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-v3_alt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-v3_alt.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-v3_alt.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-v3_alt.o: ../cryptlib.h v3_alt.c
+v3_alt.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+v3_alt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_alt.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+v3_alt.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+v3_alt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+v3_alt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+v3_alt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+v3_alt.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_alt.c
v3_asid.o: ../../e_os.h ../../include/openssl/asn1.h
v3_asid.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
v3_asid.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
@@ -237,14 +233,14 @@
v3_asid.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
v3_asid.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
v3_asid.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-v3_asid.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-v3_asid.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_asid.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-v3_asid.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-v3_asid.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-v3_asid.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-v3_asid.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-v3_asid.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_asid.c
+v3_asid.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_asid.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_asid.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_asid.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_asid.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_asid.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_asid.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_asid.o: ../cryptlib.h v3_asid.c
v3_bcons.o: ../../e_os.h ../../include/openssl/asn1.h
v3_bcons.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
v3_bcons.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
@@ -251,9 +247,9 @@
v3_bcons.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
v3_bcons.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
v3_bcons.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-v3_bcons.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-v3_bcons.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-v3_bcons.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_bcons.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+v3_bcons.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_bcons.o: ../../include/openssl/opensslconf.h
v3_bcons.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
v3_bcons.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
v3_bcons.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
@@ -266,9 +262,8 @@
v3_bitst.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
v3_bitst.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
v3_bitst.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-v3_bitst.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-v3_bitst.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_bitst.o: ../../include/openssl/opensslconf.h
+v3_bitst.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_bitst.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
v3_bitst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
v3_bitst.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
v3_bitst.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
@@ -281,14 +276,14 @@
v3_conf.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
v3_conf.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
v3_conf.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-v3_conf.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-v3_conf.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_conf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-v3_conf.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-v3_conf.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-v3_conf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-v3_conf.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-v3_conf.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_conf.c
+v3_conf.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_conf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_conf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_conf.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_conf.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_conf.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_conf.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_conf.o: ../cryptlib.h v3_conf.c
v3_cpols.o: ../../e_os.h ../../include/openssl/asn1.h
v3_cpols.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
v3_cpols.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
@@ -295,9 +290,9 @@
v3_cpols.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
v3_cpols.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
v3_cpols.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-v3_cpols.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-v3_cpols.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-v3_cpols.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_cpols.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+v3_cpols.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_cpols.o: ../../include/openssl/opensslconf.h
v3_cpols.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
v3_cpols.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
v3_cpols.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
@@ -310,15 +305,14 @@
v3_crld.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
v3_crld.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
v3_crld.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-v3_crld.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-v3_crld.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-v3_crld.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-v3_crld.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-v3_crld.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-v3_crld.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-v3_crld.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-v3_crld.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-v3_crld.o: ../cryptlib.h v3_crld.c
+v3_crld.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+v3_crld.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_crld.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+v3_crld.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+v3_crld.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+v3_crld.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+v3_crld.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+v3_crld.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_crld.c
v3_enum.o: ../../e_os.h ../../include/openssl/asn1.h
v3_enum.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
v3_enum.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
@@ -325,14 +319,14 @@
v3_enum.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
v3_enum.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
v3_enum.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-v3_enum.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-v3_enum.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_enum.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-v3_enum.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-v3_enum.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-v3_enum.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-v3_enum.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-v3_enum.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_enum.c
+v3_enum.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_enum.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_enum.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_enum.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_enum.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_enum.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_enum.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_enum.o: ../cryptlib.h v3_enum.c
v3_extku.o: ../../e_os.h ../../include/openssl/asn1.h
v3_extku.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
v3_extku.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
@@ -339,9 +333,9 @@
v3_extku.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
v3_extku.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
v3_extku.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-v3_extku.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-v3_extku.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-v3_extku.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_extku.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+v3_extku.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_extku.o: ../../include/openssl/opensslconf.h
v3_extku.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
v3_extku.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
v3_extku.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
@@ -354,29 +348,27 @@
v3_genn.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
v3_genn.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
v3_genn.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-v3_genn.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-v3_genn.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-v3_genn.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-v3_genn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-v3_genn.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-v3_genn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-v3_genn.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-v3_genn.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-v3_genn.o: ../cryptlib.h v3_genn.c
+v3_genn.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+v3_genn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_genn.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+v3_genn.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+v3_genn.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+v3_genn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+v3_genn.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+v3_genn.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_genn.c
v3_ia5.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
v3_ia5.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
v3_ia5.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
v3_ia5.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
v3_ia5.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-v3_ia5.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-v3_ia5.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-v3_ia5.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-v3_ia5.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-v3_ia5.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-v3_ia5.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-v3_ia5.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-v3_ia5.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-v3_ia5.o: ../cryptlib.h v3_ia5.c
+v3_ia5.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+v3_ia5.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_ia5.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+v3_ia5.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+v3_ia5.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+v3_ia5.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+v3_ia5.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+v3_ia5.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_ia5.c
v3_info.o: ../../e_os.h ../../include/openssl/asn1.h
v3_info.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
v3_info.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
@@ -383,43 +375,40 @@
v3_info.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
v3_info.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
v3_info.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-v3_info.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-v3_info.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-v3_info.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-v3_info.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-v3_info.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-v3_info.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-v3_info.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-v3_info.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-v3_info.o: ../cryptlib.h v3_info.c
+v3_info.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+v3_info.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_info.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+v3_info.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+v3_info.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+v3_info.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+v3_info.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+v3_info.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_info.c
v3_int.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
v3_int.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
v3_int.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
v3_int.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
v3_int.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-v3_int.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-v3_int.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-v3_int.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-v3_int.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-v3_int.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-v3_int.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-v3_int.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-v3_int.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-v3_int.o: ../cryptlib.h v3_int.c
+v3_int.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+v3_int.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_int.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+v3_int.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+v3_int.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+v3_int.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+v3_int.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+v3_int.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_int.c
v3_lib.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
v3_lib.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
v3_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
v3_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
v3_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-v3_lib.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-v3_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-v3_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-v3_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-v3_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-v3_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-v3_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-v3_lib.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-v3_lib.o: ../cryptlib.h ext_dat.h v3_lib.c
+v3_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+v3_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+v3_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+v3_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+v3_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+v3_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+v3_lib.o: ../../include/openssl/x509v3.h ../cryptlib.h ext_dat.h v3_lib.c
v3_ncons.o: ../../e_os.h ../../include/openssl/asn1.h
v3_ncons.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
v3_ncons.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
@@ -426,9 +415,9 @@
v3_ncons.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
v3_ncons.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
v3_ncons.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-v3_ncons.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-v3_ncons.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-v3_ncons.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_ncons.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+v3_ncons.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_ncons.o: ../../include/openssl/opensslconf.h
v3_ncons.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
v3_ncons.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
v3_ncons.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
@@ -441,43 +430,40 @@
v3_ocsp.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
v3_ocsp.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
v3_ocsp.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-v3_ocsp.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-v3_ocsp.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_ocsp.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h
-v3_ocsp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-v3_ocsp.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-v3_ocsp.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-v3_ocsp.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-v3_ocsp.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-v3_ocsp.o: ../cryptlib.h v3_ocsp.c
+v3_ocsp.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_ocsp.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h
+v3_ocsp.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+v3_ocsp.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+v3_ocsp.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+v3_ocsp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+v3_ocsp.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+v3_ocsp.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_ocsp.c
v3_pci.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
v3_pci.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
v3_pci.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
v3_pci.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
v3_pci.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-v3_pci.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-v3_pci.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-v3_pci.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-v3_pci.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-v3_pci.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-v3_pci.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-v3_pci.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-v3_pci.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-v3_pci.o: ../cryptlib.h v3_pci.c
+v3_pci.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+v3_pci.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_pci.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+v3_pci.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+v3_pci.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+v3_pci.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+v3_pci.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+v3_pci.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_pci.c
v3_pcia.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
v3_pcia.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
v3_pcia.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
v3_pcia.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
v3_pcia.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-v3_pcia.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-v3_pcia.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-v3_pcia.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-v3_pcia.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-v3_pcia.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-v3_pcia.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-v3_pcia.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-v3_pcia.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-v3_pcia.o: v3_pcia.c
+v3_pcia.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+v3_pcia.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_pcia.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+v3_pcia.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+v3_pcia.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+v3_pcia.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+v3_pcia.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+v3_pcia.o: ../../include/openssl/x509v3.h v3_pcia.c
v3_pcons.o: ../../e_os.h ../../include/openssl/asn1.h
v3_pcons.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
v3_pcons.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
@@ -484,9 +470,9 @@
v3_pcons.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
v3_pcons.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
v3_pcons.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-v3_pcons.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-v3_pcons.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-v3_pcons.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_pcons.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+v3_pcons.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_pcons.o: ../../include/openssl/opensslconf.h
v3_pcons.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
v3_pcons.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
v3_pcons.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
@@ -499,15 +485,14 @@
v3_pku.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
v3_pku.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
v3_pku.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-v3_pku.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-v3_pku.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-v3_pku.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-v3_pku.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-v3_pku.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-v3_pku.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-v3_pku.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-v3_pku.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-v3_pku.o: ../cryptlib.h v3_pku.c
+v3_pku.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+v3_pku.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_pku.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+v3_pku.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+v3_pku.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+v3_pku.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+v3_pku.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+v3_pku.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_pku.c
v3_pmaps.o: ../../e_os.h ../../include/openssl/asn1.h
v3_pmaps.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
v3_pmaps.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
@@ -514,9 +499,9 @@
v3_pmaps.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
v3_pmaps.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
v3_pmaps.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-v3_pmaps.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-v3_pmaps.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-v3_pmaps.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_pmaps.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+v3_pmaps.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_pmaps.o: ../../include/openssl/opensslconf.h
v3_pmaps.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
v3_pmaps.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
v3_pmaps.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
@@ -528,15 +513,14 @@
v3_prn.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
v3_prn.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
v3_prn.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-v3_prn.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-v3_prn.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-v3_prn.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-v3_prn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-v3_prn.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-v3_prn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-v3_prn.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-v3_prn.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-v3_prn.o: ../cryptlib.h v3_prn.c
+v3_prn.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+v3_prn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_prn.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+v3_prn.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+v3_prn.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+v3_prn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+v3_prn.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+v3_prn.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_prn.c
v3_purp.o: ../../e_os.h ../../include/openssl/asn1.h
v3_purp.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
v3_purp.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
@@ -543,14 +527,14 @@
v3_purp.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
v3_purp.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
v3_purp.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-v3_purp.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-v3_purp.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_purp.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-v3_purp.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-v3_purp.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-v3_purp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-v3_purp.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-v3_purp.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_purp.c
+v3_purp.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_purp.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_purp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_purp.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_purp.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_purp.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_purp.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_purp.o: ../cryptlib.h v3_purp.c
v3_skey.o: ../../e_os.h ../../include/openssl/asn1.h
v3_skey.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
v3_skey.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
@@ -557,14 +541,14 @@
v3_skey.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
v3_skey.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
v3_skey.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-v3_skey.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-v3_skey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_skey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-v3_skey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-v3_skey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-v3_skey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-v3_skey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-v3_skey.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_skey.c
+v3_skey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_skey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_skey.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_skey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_skey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_skey.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_skey.o: ../cryptlib.h v3_skey.c
v3_sxnet.o: ../../e_os.h ../../include/openssl/asn1.h
v3_sxnet.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
v3_sxnet.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
@@ -571,9 +555,9 @@
v3_sxnet.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
v3_sxnet.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
v3_sxnet.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-v3_sxnet.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-v3_sxnet.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-v3_sxnet.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_sxnet.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+v3_sxnet.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_sxnet.o: ../../include/openssl/opensslconf.h
v3_sxnet.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
v3_sxnet.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
v3_sxnet.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
@@ -586,25 +570,24 @@
v3_utl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
v3_utl.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
v3_utl.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-v3_utl.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-v3_utl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_utl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-v3_utl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-v3_utl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-v3_utl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-v3_utl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-v3_utl.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_utl.c
+v3_utl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_utl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_utl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_utl.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_utl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_utl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_utl.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_utl.o: ../cryptlib.h v3_utl.c
v3err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
v3err.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
v3err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
v3err.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
v3err.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-v3err.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-v3err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-v3err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-v3err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-v3err.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-v3err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-v3err.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-v3err.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-v3err.o: v3err.c
+v3err.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+v3err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+v3err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+v3err.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+v3err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+v3err.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+v3err.o: ../../include/openssl/x509v3.h v3err.c
Modified: trunk/crypto/openssl/crypto/x509v3/ext_dat.h
===================================================================
--- trunk/crypto/openssl/crypto/x509v3/ext_dat.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/x509v3/ext_dat.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -62,15 +62,13 @@
extern X509V3_EXT_METHOD v3_pkey_usage_period, v3_sxnet, v3_info, v3_sinfo;
extern X509V3_EXT_METHOD v3_ns_ia5_list[], v3_alt[], v3_skey_id, v3_akey_id;
extern X509V3_EXT_METHOD v3_crl_num, v3_crl_reason, v3_crl_invdate;
-extern X509V3_EXT_METHOD v3_delta_crl, v3_cpols, v3_crld;
+extern X509V3_EXT_METHOD v3_delta_crl, v3_cpols, v3_crld, v3_freshest_crl;
extern X509V3_EXT_METHOD v3_ocsp_nonce, v3_ocsp_accresp, v3_ocsp_acutoff;
extern X509V3_EXT_METHOD v3_ocsp_crlid, v3_ocsp_nocheck, v3_ocsp_serviceloc;
extern X509V3_EXT_METHOD v3_crl_hold, v3_pci;
extern X509V3_EXT_METHOD v3_policy_mappings, v3_policy_constraints;
-extern X509V3_EXT_METHOD v3_name_constraints, v3_inhibit_anyp;
-#ifndef OPENSSL_NO_RFC3779
+extern X509V3_EXT_METHOD v3_name_constraints, v3_inhibit_anyp, v3_idp;
extern X509V3_EXT_METHOD v3_addr, v3_asid;
-#endif
/*
* This table will be searched using OBJ_bsearch so it *must* kept in order
@@ -77,7 +75,7 @@
* of the ext_nid values.
*/
-static X509V3_EXT_METHOD *standard_exts[] = {
+static const X509V3_EXT_METHOD *standard_exts[] = {
&v3_nscert,
&v3_ns_ia5_list[0],
&v3_ns_ia5_list[1],
@@ -124,7 +122,10 @@
&v3_pci,
&v3_name_constraints,
&v3_policy_mappings,
- &v3_inhibit_anyp
+ &v3_inhibit_anyp,
+ &v3_idp,
+ &v3_alt[2],
+ &v3_freshest_crl,
};
/* Number of standard extensions */
Modified: trunk/crypto/openssl/crypto/x509v3/pcy_cache.c
===================================================================
--- trunk/crypto/openssl/crypto/x509v3/pcy_cache.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/x509v3/pcy_cache.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -133,7 +133,6 @@
return 0;
cache->anyPolicy = NULL;
cache->data = NULL;
- cache->maps = NULL;
cache->any_skip = -1;
cache->explicit_skip = -1;
cache->map_skip = -1;
Modified: trunk/crypto/openssl/crypto/x509v3/pcy_data.c
===================================================================
--- trunk/crypto/openssl/crypto/x509v3/pcy_data.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/x509v3/pcy_data.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -83,17 +83,19 @@
* source.
*/
-X509_POLICY_DATA *policy_data_new(POLICYINFO *policy, ASN1_OBJECT *id,
- int crit)
+X509_POLICY_DATA *policy_data_new(POLICYINFO *policy,
+ const ASN1_OBJECT *cid, int crit)
{
X509_POLICY_DATA *ret;
- if (!policy && !id)
+ ASN1_OBJECT *id;
+ if (!policy && !cid)
return NULL;
- if (id) {
- id = OBJ_dup(id);
+ if (cid) {
+ id = OBJ_dup(cid);
if (!id)
return NULL;
- }
+ } else
+ id = NULL;
ret = OPENSSL_malloc(sizeof(X509_POLICY_DATA));
if (!ret)
return NULL;
Modified: trunk/crypto/openssl/crypto/x509v3/pcy_int.h
===================================================================
--- trunk/crypto/openssl/crypto/x509v3/pcy_int.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/x509v3/pcy_int.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -57,13 +57,10 @@
*
*/
+typedef struct X509_POLICY_DATA_st X509_POLICY_DATA;
+
DECLARE_STACK_OF(X509_POLICY_DATA)
-DECLARE_STACK_OF(X509_POLICY_REF)
-DECLARE_STACK_OF(X509_POLICY_NODE)
-typedef struct X509_POLICY_DATA_st X509_POLICY_DATA;
-typedef struct X509_POLICY_REF_st X509_POLICY_REF;
-
/* Internal structures */
/*
@@ -113,16 +110,6 @@
#define POLICY_DATA_FLAG_CRITICAL 0x10
-/*
- * This structure is an entry from a table of mapped policies which cross
- * reference the policy it refers to.
- */
-
-struct X509_POLICY_REF_st {
- ASN1_OBJECT *subjectDomainPolicy;
- const X509_POLICY_DATA *data;
-};
-
/* This structure is cached with a certificate */
struct X509_POLICY_CACHE_st {
@@ -130,8 +117,6 @@
X509_POLICY_DATA *anyPolicy;
/* other policy data */
STACK_OF(X509_POLICY_DATA) *data;
- /* If policyMappings extension present a table of mapped policies */
- STACK_OF(X509_POLICY_REF) *maps;
/* If InhibitAnyPolicy present this is its value or -1 if absent. */
long any_skip;
/*
@@ -200,7 +185,7 @@
/* Internal functions */
-X509_POLICY_DATA *policy_data_new(POLICYINFO *policy, ASN1_OBJECT *id,
+X509_POLICY_DATA *policy_data_new(POLICYINFO *policy, const ASN1_OBJECT *id,
int crit);
void policy_data_free(X509_POLICY_DATA *data);
@@ -215,6 +200,7 @@
void policy_cache_free(X509_POLICY_CACHE *cache);
X509_POLICY_NODE *level_find_node(const X509_POLICY_LEVEL *level,
+ const X509_POLICY_NODE *parent,
const ASN1_OBJECT *id);
X509_POLICY_NODE *tree_find_sk(STACK_OF(X509_POLICY_NODE) *sk,
@@ -221,9 +207,11 @@
const ASN1_OBJECT *id);
X509_POLICY_NODE *level_add_node(X509_POLICY_LEVEL *level,
- X509_POLICY_DATA *data,
+ const X509_POLICY_DATA *data,
X509_POLICY_NODE *parent,
X509_POLICY_TREE *tree);
void policy_node_free(X509_POLICY_NODE *node);
+int policy_node_match(const X509_POLICY_LEVEL *lvl,
+ const X509_POLICY_NODE *node, const ASN1_OBJECT *oid);
const X509_POLICY_CACHE *policy_cache_set(X509 *x);
Modified: trunk/crypto/openssl/crypto/x509v3/pcy_map.c
===================================================================
--- trunk/crypto/openssl/crypto/x509v3/pcy_map.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/x509v3/pcy_map.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -63,30 +63,6 @@
#include "pcy_int.h"
-static int ref_cmp(const X509_POLICY_REF * const *a,
- const X509_POLICY_REF * const *b)
-{
- return OBJ_cmp((*a)->subjectDomainPolicy, (*b)->subjectDomainPolicy);
-}
-
-static void policy_map_free(X509_POLICY_REF * map)
-{
- OPENSSL_free(map);
-}
-
-static X509_POLICY_REF *policy_map_find(X509_POLICY_CACHE *cache,
- ASN1_OBJECT *id)
-{
- X509_POLICY_REF tmp;
- int idx;
- tmp.subjectDomainPolicy = id;
-
- idx = sk_X509_POLICY_REF_find(cache->maps, &tmp);
- if (idx == -1)
- return NULL;
- return sk_X509_POLICY_REF_value(cache->maps, idx);
-}
-
/*
* Set policy mapping entries in cache. Note: this modifies the passed
* POLICY_MAPPINGS structure
@@ -95,8 +71,6 @@
int policy_cache_set_mapping(X509 *x, POLICY_MAPPINGS *maps)
{
POLICY_MAPPING *map;
- X509_POLICY_REF *ref = NULL;
- ASN1_OBJECT *subjectDomainPolicyRef;
X509_POLICY_DATA *data;
X509_POLICY_CACHE *cache = x->policy_cache;
int i;
@@ -105,7 +79,6 @@
ret = -1;
goto bad_mapping;
}
- cache->maps = sk_X509_POLICY_REF_new(ref_cmp);
for (i = 0; i < sk_POLICY_MAPPING_num(maps); i++) {
map = sk_POLICY_MAPPING_value(maps, i);
/* Reject if map to or from anyPolicy */
@@ -115,12 +88,6 @@
goto bad_mapping;
}
- /* If we've already mapped from this OID bad mapping */
- if (policy_map_find(cache, map->subjectDomainPolicy) != NULL) {
- ret = -1;
- goto bad_mapping;
- }
-
/* Attempt to find matching policy data */
data = policy_cache_find_data(cache, map->issuerDomainPolicy);
/* If we don't have anyPolicy can't map */
@@ -135,7 +102,9 @@
if (!data)
goto bad_mapping;
data->qualifier_set = cache->anyPolicy->qualifier_set;
- map->issuerDomainPolicy = NULL;
+ /*
+ * map->issuerDomainPolicy = NULL;
+ */
data->flags |= POLICY_DATA_FLAG_MAPPED_ANY;
data->flags |= POLICY_DATA_FLAG_SHARED_QUALIFIERS;
if (!sk_X509_POLICY_DATA_push(cache->data, data)) {
@@ -144,29 +113,11 @@
}
} else
data->flags |= POLICY_DATA_FLAG_MAPPED;
-
if (!sk_ASN1_OBJECT_push(data->expected_policy_set,
map->subjectDomainPolicy))
goto bad_mapping;
- /*
- * map->subjectDomainPolicy will be freed when cache->data is freed.
- * Set it to NULL to avoid double-free.
- */
- subjectDomainPolicyRef = map->subjectDomainPolicy;
map->subjectDomainPolicy = NULL;
- ref = OPENSSL_malloc(sizeof(X509_POLICY_REF));
- if (!ref)
- goto bad_mapping;
-
- ref->subjectDomainPolicy = subjectDomainPolicyRef;
- ref->data = data;
-
- if (!sk_X509_POLICY_REF_push(cache->maps, ref))
- goto bad_mapping;
-
- ref = NULL;
-
}
ret = 1;
@@ -173,12 +124,6 @@
bad_mapping:
if (ret == -1)
x->ex_flags |= EXFLAG_INVALID_POLICY;
- if (ref)
- policy_map_free(ref);
- if (ret <= 0) {
- sk_X509_POLICY_REF_pop_free(cache->maps, policy_map_free);
- cache->maps = NULL;
- }
sk_POLICY_MAPPING_pop_free(maps, POLICY_MAPPING_free);
return ret;
Modified: trunk/crypto/openssl/crypto/x509v3/pcy_node.c
===================================================================
--- trunk/crypto/openssl/crypto/x509v3/pcy_node.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/x509v3/pcy_node.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -93,13 +93,23 @@
}
X509_POLICY_NODE *level_find_node(const X509_POLICY_LEVEL *level,
+ const X509_POLICY_NODE *parent,
const ASN1_OBJECT *id)
{
- return tree_find_sk(level->nodes, id);
+ X509_POLICY_NODE *node;
+ int i;
+ for (i = 0; i < sk_X509_POLICY_NODE_num(level->nodes); i++) {
+ node = sk_X509_POLICY_NODE_value(level->nodes, i);
+ if (node->parent == parent) {
+ if (!OBJ_cmp(node->data->valid_policy, id))
+ return node;
+ }
+ }
+ return NULL;
}
X509_POLICY_NODE *level_add_node(X509_POLICY_LEVEL *level,
- X509_POLICY_DATA *data,
+ const X509_POLICY_DATA *data,
X509_POLICY_NODE *parent,
X509_POLICY_TREE *tree)
{
@@ -150,3 +160,31 @@
{
OPENSSL_free(node);
}
+
+/*
+ * See if a policy node matches a policy OID. If mapping enabled look through
+ * expected policy set otherwise just valid policy.
+ */
+
+int policy_node_match(const X509_POLICY_LEVEL *lvl,
+ const X509_POLICY_NODE *node, const ASN1_OBJECT *oid)
+{
+ int i;
+ ASN1_OBJECT *policy_oid;
+ const X509_POLICY_DATA *x = node->data;
+
+ if ((lvl->flags & X509_V_FLAG_INHIBIT_MAP)
+ || !(x->flags & POLICY_DATA_FLAG_MAP_MASK)) {
+ if (!OBJ_cmp(x->valid_policy, oid))
+ return 1;
+ return 0;
+ }
+
+ for (i = 0; i < sk_ASN1_OBJECT_num(x->expected_policy_set); i++) {
+ policy_oid = sk_ASN1_OBJECT_value(x->expected_policy_set, i);
+ if (!OBJ_cmp(policy_oid, oid))
+ return 1;
+ }
+ return 0;
+
+}
Modified: trunk/crypto/openssl/crypto/x509v3/pcy_tree.c
===================================================================
--- trunk/crypto/openssl/crypto/x509v3/pcy_tree.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/x509v3/pcy_tree.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -63,9 +63,77 @@
#include "pcy_int.h"
+/*
+ * Enable this to print out the complete policy tree at various point during
+ * evaluation.
+ */
+
+/*
+ * #define OPENSSL_POLICY_DEBUG
+ */
+
+#ifdef OPENSSL_POLICY_DEBUG
+
+static void expected_print(BIO *err, X509_POLICY_LEVEL *lev,
+ X509_POLICY_NODE *node, int indent)
+{
+ if ((lev->flags & X509_V_FLAG_INHIBIT_MAP)
+ || !(node->data->flags & POLICY_DATA_FLAG_MAP_MASK))
+ BIO_puts(err, " Not Mapped\n");
+ else {
+ int i;
+ STACK_OF(ASN1_OBJECT) *pset = node->data->expected_policy_set;
+ ASN1_OBJECT *oid;
+ BIO_puts(err, " Expected: ");
+ for (i = 0; i < sk_ASN1_OBJECT_num(pset); i++) {
+ oid = sk_ASN1_OBJECT_value(pset, i);
+ if (i)
+ BIO_puts(err, ", ");
+ i2a_ASN1_OBJECT(err, oid);
+ }
+ BIO_puts(err, "\n");
+ }
+}
+
+static void tree_print(char *str, X509_POLICY_TREE *tree,
+ X509_POLICY_LEVEL *curr)
+{
+ X509_POLICY_LEVEL *plev;
+ X509_POLICY_NODE *node;
+ int i;
+ BIO *err;
+ err = BIO_new_fp(stderr, BIO_NOCLOSE);
+ if (!curr)
+ curr = tree->levels + tree->nlevel;
+ else
+ curr++;
+ BIO_printf(err, "Level print after %s\n", str);
+ BIO_printf(err, "Printing Up to Level %ld\n", curr - tree->levels);
+ for (plev = tree->levels; plev != curr; plev++) {
+ BIO_printf(err, "Level %ld, flags = %x\n",
+ plev - tree->levels, plev->flags);
+ for (i = 0; i < sk_X509_POLICY_NODE_num(plev->nodes); i++) {
+ node = sk_X509_POLICY_NODE_value(plev->nodes, i);
+ X509_POLICY_NODE_print(err, node, 2);
+ expected_print(err, plev, node, 2);
+ BIO_printf(err, " Flags: %x\n", node->data->flags);
+ }
+ if (plev->anyPolicy)
+ X509_POLICY_NODE_print(err, plev->anyPolicy, 2);
+ }
+
+ BIO_free(err);
+
+}
+#else
+
+# define tree_print(a,b,c) /* */
+
+#endif
+
/*-
* Initialize policy tree. Return values:
- * 0 Some internal error occured.
+ * 0 Some internal error occurred.
* -1 Inconsistent or invalid extensions in certificates.
* 1 Tree initialized OK.
* 2 Policy tree is empty.
@@ -89,8 +157,10 @@
*ptree = NULL;
n = sk_X509_num(certs);
+#if 0
/* Disable policy mapping for now... */
flags |= X509_V_FLAG_INHIBIT_MAP;
+#endif
if (flags & X509_V_FLAG_EXPLICIT_POLICY)
explicit_policy = 0;
@@ -184,7 +254,6 @@
level++;
x = sk_X509_value(certs, i);
cache = policy_cache_set(x);
-
CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
level->cert = x;
@@ -210,7 +279,8 @@
if (map_skip == 0)
level->flags |= X509_V_FLAG_INHIBIT_MAP;
else {
- map_skip--;
+ if (!(x->ex_flags & EXFLAG_SI))
+ map_skip--;
if ((cache->map_skip >= 0)
&& (cache->map_skip < map_skip))
map_skip = cache->map_skip;
@@ -233,8 +303,30 @@
}
+static int tree_link_matching_nodes(X509_POLICY_LEVEL *curr,
+ const X509_POLICY_DATA *data)
+{
+ X509_POLICY_LEVEL *last = curr - 1;
+ X509_POLICY_NODE *node;
+ int i, matched = 0;
+ /* Iterate through all in nodes linking matches */
+ for (i = 0; i < sk_X509_POLICY_NODE_num(last->nodes); i++) {
+ node = sk_X509_POLICY_NODE_value(last->nodes, i);
+ if (policy_node_match(last, node, data->valid_policy)) {
+ if (!level_add_node(curr, data, node, NULL))
+ return 0;
+ matched = 1;
+ }
+ }
+ if (!matched && last->anyPolicy) {
+ if (!level_add_node(curr, data, last->anyPolicy, NULL))
+ return 0;
+ }
+ return 1;
+}
+
/*
- * This corresponds to RFC3280 XXXX XXXXX: link any data from
+ * This corresponds to RFC3280 6.1.3(d)(1): link any data from
* CertificatePolicies onto matching parent or anyPolicy if no match.
*/
@@ -242,10 +334,8 @@
const X509_POLICY_CACHE *cache)
{
int i;
- X509_POLICY_LEVEL *last;
X509_POLICY_DATA *data;
- X509_POLICY_NODE *parent;
- last = curr - 1;
+
for (i = 0; i < sk_X509_POLICY_DATA_num(cache->data); i++) {
data = sk_X509_POLICY_DATA_value(cache->data, i);
/*
@@ -256,15 +346,13 @@
* because then it will have the mapping flags right and we can prune
* it later.
*/
+#if 0
if ((data->flags & POLICY_DATA_FLAG_MAPPED_ANY)
&& !(curr->flags & X509_V_FLAG_INHIBIT_ANY))
continue;
- /* Look for matching node in parent */
- parent = level_find_node(last, data->valid_policy);
- /* If no match link to anyPolicy */
- if (!parent)
- parent = last->anyPolicy;
- if (parent && !level_add_node(curr, data, parent, NULL))
+#endif
+ /* Look for matching nodes in previous level */
+ if (!tree_link_matching_nodes(curr, data))
return 0;
}
return 1;
@@ -271,24 +359,91 @@
}
/*
- * This corresponds to RFC3280 XXXX XXXXX: Create new data for any unmatched
+ * This corresponds to RFC3280 6.1.3(d)(2): Create new data for any unmatched
* policies in the parent and link to anyPolicy.
*/
+static int tree_add_unmatched(X509_POLICY_LEVEL *curr,
+ const X509_POLICY_CACHE *cache,
+ const ASN1_OBJECT *id,
+ X509_POLICY_NODE *node, X509_POLICY_TREE *tree)
+{
+ X509_POLICY_DATA *data;
+ if (id == NULL)
+ id = node->data->valid_policy;
+ /*
+ * Create a new node with qualifiers from anyPolicy and id from unmatched
+ * node.
+ */
+ data = policy_data_new(NULL, id, node_critical(node));
+
+ if (data == NULL)
+ return 0;
+ /* Curr may not have anyPolicy */
+ data->qualifier_set = cache->anyPolicy->qualifier_set;
+ data->flags |= POLICY_DATA_FLAG_SHARED_QUALIFIERS;
+ if (!level_add_node(curr, data, node, tree)) {
+ policy_data_free(data);
+ return 0;
+ }
+
+ return 1;
+}
+
+static int tree_link_unmatched(X509_POLICY_LEVEL *curr,
+ const X509_POLICY_CACHE *cache,
+ X509_POLICY_NODE *node, X509_POLICY_TREE *tree)
+{
+ const X509_POLICY_LEVEL *last = curr - 1;
+ int i;
+
+ if ((last->flags & X509_V_FLAG_INHIBIT_MAP)
+ || !(node->data->flags & POLICY_DATA_FLAG_MAPPED)) {
+ /* If no policy mapping: matched if one child present */
+ if (node->nchild)
+ return 1;
+ if (!tree_add_unmatched(curr, cache, NULL, node, tree))
+ return 0;
+ /* Add it */
+ } else {
+ /* If mapping: matched if one child per expected policy set */
+ STACK_OF(ASN1_OBJECT) *expset = node->data->expected_policy_set;
+ if (node->nchild == sk_ASN1_OBJECT_num(expset))
+ return 1;
+ /* Locate unmatched nodes */
+ for (i = 0; i < sk_ASN1_OBJECT_num(expset); i++) {
+ ASN1_OBJECT *oid = sk_ASN1_OBJECT_value(expset, i);
+ if (level_find_node(curr, node, oid))
+ continue;
+ if (!tree_add_unmatched(curr, cache, oid, node, tree))
+ return 0;
+ }
+
+ }
+
+ return 1;
+
+}
+
static int tree_link_any(X509_POLICY_LEVEL *curr,
const X509_POLICY_CACHE *cache,
X509_POLICY_TREE *tree)
{
int i;
- X509_POLICY_DATA *data;
+ /*
+ * X509_POLICY_DATA *data;
+ */
X509_POLICY_NODE *node;
- X509_POLICY_LEVEL *last;
+ X509_POLICY_LEVEL *last = curr - 1;
- last = curr - 1;
-
for (i = 0; i < sk_X509_POLICY_NODE_num(last->nodes); i++) {
node = sk_X509_POLICY_NODE_value(last->nodes, i);
+ if (!tree_link_unmatched(curr, cache, node, tree))
+ return 0;
+
+#if 0
+
/*
* Skip any node with any children: we only want unmathced nodes.
* Note: need something better for policy mapping because each node
@@ -296,6 +451,7 @@
*/
if (node->nchild)
continue;
+
/*
* Create a new node with qualifiers from anyPolicy and id from
* unmatched node.
@@ -312,6 +468,8 @@
policy_data_free(data);
return 0;
}
+#endif
+
}
/* Finally add link to anyPolicy */
if (last->anyPolicy) {
@@ -329,26 +487,31 @@
static int tree_prune(X509_POLICY_TREE *tree, X509_POLICY_LEVEL *curr)
{
+ STACK_OF(X509_POLICY_NODE) *nodes;
X509_POLICY_NODE *node;
int i;
- for (i = sk_X509_POLICY_NODE_num(curr->nodes) - 1; i >= 0; i--) {
- node = sk_X509_POLICY_NODE_value(curr->nodes, i);
- /* Delete any mapped data: see RFC3280 XXXX */
- if (node->data->flags & POLICY_DATA_FLAG_MAP_MASK) {
- node->parent->nchild--;
- OPENSSL_free(node);
- (void)sk_X509_POLICY_NODE_delete(curr->nodes, i);
+ nodes = curr->nodes;
+ if (curr->flags & X509_V_FLAG_INHIBIT_MAP) {
+ for (i = sk_X509_POLICY_NODE_num(nodes) - 1; i >= 0; i--) {
+ node = sk_X509_POLICY_NODE_value(nodes, i);
+ /* Delete any mapped data: see RFC3280 XXXX */
+ if (node->data->flags & POLICY_DATA_FLAG_MAP_MASK) {
+ node->parent->nchild--;
+ OPENSSL_free(node);
+ (void)sk_X509_POLICY_NODE_delete(nodes, i);
+ }
}
}
for (;;) {
--curr;
- for (i = sk_X509_POLICY_NODE_num(curr->nodes) - 1; i >= 0; i--) {
- node = sk_X509_POLICY_NODE_value(curr->nodes, i);
+ nodes = curr->nodes;
+ for (i = sk_X509_POLICY_NODE_num(nodes) - 1; i >= 0; i--) {
+ node = sk_X509_POLICY_NODE_value(nodes, i);
if (node->nchild == 0) {
node->parent->nchild--;
OPENSSL_free(node);
- (void)sk_X509_POLICY_NODE_delete(curr->nodes, i);
+ (void)sk_X509_POLICY_NODE_delete(nodes, i);
}
}
if (curr->anyPolicy && !curr->anyPolicy->nchild) {
@@ -511,6 +674,7 @@
if (!(curr->flags & X509_V_FLAG_INHIBIT_ANY)
&& !tree_link_any(curr, cache, tree))
return 0;
+ tree_print("before tree_prune()", tree, curr);
ret = tree_prune(tree, curr);
if (ret != 1)
return ret;
@@ -620,6 +784,8 @@
goto error;
ret = tree_evaluate(tree);
+ tree_print("tree_evaluate()", tree, NULL);
+
if (ret <= 0)
goto error;
Modified: trunk/crypto/openssl/crypto/x509v3/v3_addr.c
===================================================================
--- trunk/crypto/openssl/crypto/x509v3/v3_addr.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/x509v3/v3_addr.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -239,7 +239,7 @@
/*
* i2r handler for an IPAddrBlocks extension.
*/
-static int i2r_IPAddrBlocks(X509V3_EXT_METHOD *method,
+static int i2r_IPAddrBlocks(const X509V3_EXT_METHOD *method,
void *ext, BIO *out, int indent)
{
const IPAddrBlocks *addr = ext;
@@ -321,8 +321,7 @@
const IPAddressOrRange *b, const int length)
{
unsigned char addr_a[ADDR_RAW_BUF_LEN], addr_b[ADDR_RAW_BUF_LEN];
- int prefixlen_a = 0;
- int prefixlen_b = 0;
+ int prefixlen_a = 0, prefixlen_b = 0;
int r;
switch (a->type) {
@@ -879,7 +878,7 @@
IPAddressOrRange *merged;
if (!make_addressRange(&merged, a_min, b_max, length))
return 0;
- sk_IPAddressOrRange_set(aors, i, merged);
+ (void)sk_IPAddressOrRange_set(aors, i, merged);
(void)sk_IPAddressOrRange_delete(aors, i + 1);
IPAddressOrRange_free(a);
IPAddressOrRange_free(b);
@@ -928,7 +927,7 @@
/*
* v2i handler for the IPAddrBlocks extension.
*/
-static void *v2i_IPAddrBlocks(struct v3_ext_method *method,
+static void *v2i_IPAddrBlocks(const struct v3_ext_method *method,
struct v3_ext_ctx *ctx,
STACK_OF(CONF_VALUE) *values)
{
@@ -1219,7 +1218,7 @@
{
IPAddrBlocks *child = NULL;
int i, j, ret = 1;
- X509 *x = NULL;
+ X509 *x;
OPENSSL_assert(chain != NULL && sk_X509_num(chain) > 0);
OPENSSL_assert(ctx != NULL || ext != NULL);
@@ -1232,6 +1231,7 @@
*/
if (ext != NULL) {
i = -1;
+ x = NULL;
} else {
i = 0;
x = sk_X509_value(chain, i);
@@ -1299,6 +1299,7 @@
/*
* Trust anchor can't inherit.
*/
+ OPENSSL_assert(x != NULL);
if (x->rfc3779_addr != NULL) {
for (j = 0; j < sk_IPAddressFamily_num(x->rfc3779_addr); j++) {
IPAddressFamily *fp =
Modified: trunk/crypto/openssl/crypto/x509v3/v3_alt.c
===================================================================
--- trunk/crypto/openssl/crypto/x509v3/v3_alt.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/x509v3/v3_alt.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -87,6 +87,12 @@
(X509V3_EXT_I2V) i2v_GENERAL_NAMES,
(X509V3_EXT_V2I)v2i_issuer_alt,
NULL, NULL, NULL},
+
+ {NID_certificate_issuer, 0, ASN1_ITEM_ref(GENERAL_NAMES),
+ 0, 0, 0, 0,
+ 0, 0,
+ (X509V3_EXT_I2V) i2v_GENERAL_NAMES,
+ NULL, NULL, NULL, NULL},
};
STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method,
@@ -390,7 +396,7 @@
}
-GENERAL_NAMES *v2i_GENERAL_NAMES(X509V3_EXT_METHOD *method,
+GENERAL_NAMES *v2i_GENERAL_NAMES(const X509V3_EXT_METHOD *method,
X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
{
GENERAL_NAME *gen;
@@ -413,27 +419,22 @@
return NULL;
}
-GENERAL_NAME *v2i_GENERAL_NAME(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
- CONF_VALUE *cnf)
+GENERAL_NAME *v2i_GENERAL_NAME(const X509V3_EXT_METHOD *method,
+ X509V3_CTX *ctx, CONF_VALUE *cnf)
{
return v2i_GENERAL_NAME_ex(NULL, method, ctx, cnf, 0);
}
-GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out,
- X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
- CONF_VALUE *cnf, int is_nc)
+GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out,
+ const X509V3_EXT_METHOD *method,
+ X509V3_CTX *ctx, int gen_type, char *value,
+ int is_nc)
{
char is_string = 0;
- int type;
GENERAL_NAME *gen = NULL;
- char *name, *value;
-
- name = cnf->name;
- value = cnf->value;
-
if (!value) {
- X509V3err(X509V3_F_V2I_GENERAL_NAME_EX, X509V3_R_MISSING_VALUE);
+ X509V3err(X509V3_F_A2I_GENERAL_NAME, X509V3_R_MISSING_VALUE);
return NULL;
}
@@ -442,55 +443,57 @@
else {
gen = GENERAL_NAME_new();
if (gen == NULL) {
- X509V3err(X509V3_F_V2I_GENERAL_NAME_EX, ERR_R_MALLOC_FAILURE);
+ X509V3err(X509V3_F_A2I_GENERAL_NAME, ERR_R_MALLOC_FAILURE);
return NULL;
}
}
- if (!name_cmp(name, "email")) {
+ switch (gen_type) {
+ case GEN_URI:
+ case GEN_EMAIL:
+ case GEN_DNS:
is_string = 1;
- type = GEN_EMAIL;
- } else if (!name_cmp(name, "URI")) {
- is_string = 1;
- type = GEN_URI;
- } else if (!name_cmp(name, "DNS")) {
- is_string = 1;
- type = GEN_DNS;
- } else if (!name_cmp(name, "RID")) {
- ASN1_OBJECT *obj;
- if (!(obj = OBJ_txt2obj(value, 0))) {
- X509V3err(X509V3_F_V2I_GENERAL_NAME_EX, X509V3_R_BAD_OBJECT);
- ERR_add_error_data(2, "value=", value);
- goto err;
+ break;
+
+ case GEN_RID:
+ {
+ ASN1_OBJECT *obj;
+ if (!(obj = OBJ_txt2obj(value, 0))) {
+ X509V3err(X509V3_F_A2I_GENERAL_NAME, X509V3_R_BAD_OBJECT);
+ ERR_add_error_data(2, "value=", value);
+ goto err;
+ }
+ gen->d.rid = obj;
}
- gen->d.rid = obj;
- type = GEN_RID;
- } else if (!name_cmp(name, "IP")) {
+ break;
+
+ case GEN_IPADD:
if (is_nc)
gen->d.ip = a2i_IPADDRESS_NC(value);
else
gen->d.ip = a2i_IPADDRESS(value);
if (gen->d.ip == NULL) {
- X509V3err(X509V3_F_V2I_GENERAL_NAME_EX, X509V3_R_BAD_IP_ADDRESS);
+ X509V3err(X509V3_F_A2I_GENERAL_NAME, X509V3_R_BAD_IP_ADDRESS);
ERR_add_error_data(2, "value=", value);
goto err;
}
- type = GEN_IPADD;
- } else if (!name_cmp(name, "dirName")) {
- type = GEN_DIRNAME;
+ break;
+
+ case GEN_DIRNAME:
if (!do_dirname(gen, value, ctx)) {
- X509V3err(X509V3_F_V2I_GENERAL_NAME_EX, X509V3_R_DIRNAME_ERROR);
+ X509V3err(X509V3_F_A2I_GENERAL_NAME, X509V3_R_DIRNAME_ERROR);
goto err;
}
- } else if (!name_cmp(name, "otherName")) {
+ break;
+
+ case GEN_OTHERNAME:
if (!do_othername(gen, value, ctx)) {
- X509V3err(X509V3_F_V2I_GENERAL_NAME_EX, X509V3_R_OTHERNAME_ERROR);
+ X509V3err(X509V3_F_A2I_GENERAL_NAME, X509V3_R_OTHERNAME_ERROR);
goto err;
}
- type = GEN_OTHERNAME;
- } else {
- X509V3err(X509V3_F_V2I_GENERAL_NAME_EX, X509V3_R_UNSUPPORTED_OPTION);
- ERR_add_error_data(2, "name=", name);
+ break;
+ default:
+ X509V3err(X509V3_F_A2I_GENERAL_NAME, X509V3_R_UNSUPPORTED_TYPE);
goto err;
}
@@ -498,12 +501,12 @@
if (!(gen->d.ia5 = M_ASN1_IA5STRING_new()) ||
!ASN1_STRING_set(gen->d.ia5, (unsigned char *)value,
strlen(value))) {
- X509V3err(X509V3_F_V2I_GENERAL_NAME_EX, ERR_R_MALLOC_FAILURE);
+ X509V3err(X509V3_F_A2I_GENERAL_NAME, ERR_R_MALLOC_FAILURE);
goto err;
}
}
- gen->type = type;
+ gen->type = gen_type;
return gen;
@@ -513,6 +516,46 @@
return NULL;
}
+GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out,
+ const X509V3_EXT_METHOD *method,
+ X509V3_CTX *ctx, CONF_VALUE *cnf, int is_nc)
+{
+ int type;
+
+ char *name, *value;
+
+ name = cnf->name;
+ value = cnf->value;
+
+ if (!value) {
+ X509V3err(X509V3_F_V2I_GENERAL_NAME_EX, X509V3_R_MISSING_VALUE);
+ return NULL;
+ }
+
+ if (!name_cmp(name, "email"))
+ type = GEN_EMAIL;
+ else if (!name_cmp(name, "URI"))
+ type = GEN_URI;
+ else if (!name_cmp(name, "DNS"))
+ type = GEN_DNS;
+ else if (!name_cmp(name, "RID"))
+ type = GEN_RID;
+ else if (!name_cmp(name, "IP"))
+ type = GEN_IPADD;
+ else if (!name_cmp(name, "dirName"))
+ type = GEN_DIRNAME;
+ else if (!name_cmp(name, "otherName"))
+ type = GEN_OTHERNAME;
+ else {
+ X509V3err(X509V3_F_V2I_GENERAL_NAME_EX, X509V3_R_UNSUPPORTED_OPTION);
+ ERR_add_error_data(2, "name=", name);
+ return NULL;
+ }
+
+ return a2i_GENERAL_NAME(out, method, ctx, type, value, is_nc);
+
+}
+
static int do_othername(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx)
{
char *objtmp = NULL, *p;
@@ -541,25 +584,26 @@
static int do_dirname(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx)
{
- int ret;
- STACK_OF(CONF_VALUE) *sk;
- X509_NAME *nm;
+ int ret = 0;
+ STACK_OF(CONF_VALUE) *sk = NULL;
+ X509_NAME *nm = NULL;
if (!(nm = X509_NAME_new()))
- return 0;
+ goto err;
sk = X509V3_get_section(ctx, value);
if (!sk) {
X509V3err(X509V3_F_DO_DIRNAME, X509V3_R_SECTION_NOT_FOUND);
ERR_add_error_data(2, "section=", value);
- X509_NAME_free(nm);
- return 0;
+ goto err;
}
/* FIXME: should allow other character types... */
ret = X509V3_NAME_from_section(nm, sk, MBSTRING_ASC);
if (!ret)
- X509_NAME_free(nm);
+ goto err;
gen->d.dirn = nm;
+err:
+ if (ret == 0)
+ X509_NAME_free(nm);
X509V3_section_free(ctx, sk);
-
return ret;
}
Modified: trunk/crypto/openssl/crypto/x509v3/v3_asid.c
===================================================================
--- trunk/crypto/openssl/crypto/x509v3/v3_asid.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/x509v3/v3_asid.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -151,7 +151,7 @@
/*
* i2r method for an ASIdentifier extension.
*/
-static int i2r_ASIdentifiers(X509V3_EXT_METHOD *method,
+static int i2r_ASIdentifiers(const X509V3_EXT_METHOD *method,
void *ext, BIO *out, int indent)
{
ASIdentifiers *asid = ext;
@@ -537,7 +537,7 @@
/*
* v2i method for an ASIdentifier extension.
*/
-static void *v2i_ASIdentifiers(struct v3_ext_method *method,
+static void *v2i_ASIdentifiers(const struct v3_ext_method *method,
struct v3_ext_ctx *ctx,
STACK_OF(CONF_VALUE) *values)
{
@@ -757,7 +757,7 @@
{
ASIdOrRanges *child_as = NULL, *child_rdi = NULL;
int i, ret = 1, inherit_as = 0, inherit_rdi = 0;
- X509 *x = NULL;
+ X509 *x;
OPENSSL_assert(chain != NULL && sk_X509_num(chain) > 0);
OPENSSL_assert(ctx != NULL || ext != NULL);
@@ -770,6 +770,7 @@
*/
if (ext != NULL) {
i = -1;
+ x = NULL;
} else {
i = 0;
x = sk_X509_value(chain, i);
@@ -852,6 +853,7 @@
/*
* Trust anchor can't inherit.
*/
+ OPENSSL_assert(x != NULL);
if (x->rfc3779_asid != NULL) {
if (x->rfc3779_asid->asnum != NULL &&
x->rfc3779_asid->asnum->type == ASIdentifierChoice_inherit)
Modified: trunk/crypto/openssl/crypto/x509v3/v3_conf.c
===================================================================
--- trunk/crypto/openssl/crypto/x509v3/v3_conf.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/x509v3/v3_conf.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -74,8 +74,8 @@
X509V3_CTX *ctx);
static char *conf_lhash_get_string(void *db, char *section, char *value);
static STACK_OF(CONF_VALUE) *conf_lhash_get_section(void *db, char *section);
-static X509_EXTENSION *do_ext_i2d(X509V3_EXT_METHOD *method, int ext_nid,
- int crit, void *ext_struc);
+static X509_EXTENSION *do_ext_i2d(const X509V3_EXT_METHOD *method,
+ int ext_nid, int crit, void *ext_struc);
static unsigned char *generic_asn1(char *value, X509V3_CTX *ctx,
long *ext_len);
/* CONF *conf: Config file */
@@ -117,7 +117,7 @@
static X509_EXTENSION *do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid,
int crit, char *value)
{
- X509V3_EXT_METHOD *method;
+ const X509V3_EXT_METHOD *method;
X509_EXTENSION *ext;
STACK_OF(CONF_VALUE) *nval;
void *ext_struc;
@@ -173,8 +173,8 @@
}
-static X509_EXTENSION *do_ext_i2d(X509V3_EXT_METHOD *method, int ext_nid,
- int crit, void *ext_struc)
+static X509_EXTENSION *do_ext_i2d(const X509V3_EXT_METHOD *method,
+ int ext_nid, int crit, void *ext_struc)
{
unsigned char *ext_der;
int ext_len;
@@ -217,7 +217,7 @@
X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc)
{
- X509V3_EXT_METHOD *method;
+ const X509V3_EXT_METHOD *method;
if (!(method = X509V3_EXT_get_nid(ext_nid))) {
X509V3err(X509V3_F_X509V3_EXT_I2D, X509V3_R_UNKNOWN_EXTENSION);
return NULL;
@@ -462,8 +462,8 @@
/* Old conf compatibility functions */
-X509_EXTENSION *X509V3_EXT_conf(LHASH *conf, X509V3_CTX *ctx, char *name,
- char *value)
+X509_EXTENSION *X509V3_EXT_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
+ char *name, char *value)
{
CONF ctmp;
CONF_set_nconf(&ctmp, conf);
@@ -472,8 +472,8 @@
/* LHASH *conf: Config file */
/* char *value: Value */
-X509_EXTENSION *X509V3_EXT_conf_nid(LHASH *conf, X509V3_CTX *ctx, int ext_nid,
- char *value)
+X509_EXTENSION *X509V3_EXT_conf_nid(LHASH_OF(CONF_VALUE) *conf,
+ X509V3_CTX *ctx, int ext_nid, char *value)
{
CONF ctmp;
CONF_set_nconf(&ctmp, conf);
@@ -497,14 +497,14 @@
NULL
};
-void X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH *lhash)
+void X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH_OF(CONF_VALUE) *lhash)
{
ctx->db_meth = &conf_lhash_method;
ctx->db = lhash;
}
-int X509V3_EXT_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section,
- X509 *cert)
+int X509V3_EXT_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
+ char *section, X509 *cert)
{
CONF ctmp;
CONF_set_nconf(&ctmp, conf);
@@ -513,8 +513,8 @@
/* Same as above but for a CRL */
-int X509V3_EXT_CRL_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section,
- X509_CRL *crl)
+int X509V3_EXT_CRL_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
+ char *section, X509_CRL *crl)
{
CONF ctmp;
CONF_set_nconf(&ctmp, conf);
@@ -523,8 +523,8 @@
/* Add extensions to certificate request */
-int X509V3_EXT_REQ_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section,
- X509_REQ *req)
+int X509V3_EXT_REQ_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
+ char *section, X509_REQ *req)
{
CONF ctmp;
CONF_set_nconf(&ctmp, conf);
Modified: trunk/crypto/openssl/crypto/x509v3/v3_cpols.c
===================================================================
--- trunk/crypto/openssl/crypto/x509v3/v3_cpols.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/x509v3/v3_cpols.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -230,8 +230,12 @@
goto merr;
if (!sk_POLICYQUALINFO_push(pol->qualifiers, qual))
goto merr;
- qual->pqualid = OBJ_nid2obj(NID_id_qt_cps);
- qual->d.cpsuri = M_ASN1_IA5STRING_new();
+ if (!(qual->pqualid = OBJ_nid2obj(NID_id_qt_cps))) {
+ X509V3err(X509V3_F_POLICY_SECTION, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+ if (!(qual->d.cpsuri = M_ASN1_IA5STRING_new()))
+ goto merr;
if (!ASN1_STRING_set(qual->d.cpsuri, cnf->value,
strlen(cnf->value)))
goto merr;
@@ -290,7 +294,10 @@
POLICYQUALINFO *qual;
if (!(qual = POLICYQUALINFO_new()))
goto merr;
- qual->pqualid = OBJ_nid2obj(NID_id_qt_unotice);
+ if (!(qual->pqualid = OBJ_nid2obj(NID_id_qt_unotice))) {
+ X509V3err(X509V3_F_NOTICE_SECTION, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
if (!(not = USERNOTICE_new()))
goto merr;
qual->d.usernotice = not;
@@ -297,7 +304,8 @@
for (i = 0; i < sk_CONF_VALUE_num(unot); i++) {
cnf = sk_CONF_VALUE_value(unot, i);
if (!strcmp(cnf->name, "explicitText")) {
- not->exptext = M_ASN1_VISIBLESTRING_new();
+ if (!(not->exptext = M_ASN1_VISIBLESTRING_new()))
+ goto merr;
if (!ASN1_STRING_set(not->exptext, cnf->value,
strlen(cnf->value)))
goto merr;
@@ -473,4 +481,7 @@
BIO_printf(out, "%*sNo Qualifiers\n", indent + 2, "");
}
+
IMPLEMENT_STACK_OF(X509_POLICY_NODE)
+
+IMPLEMENT_STACK_OF(X509_POLICY_DATA)
Modified: trunk/crypto/openssl/crypto/x509v3/v3_crld.c
===================================================================
--- trunk/crypto/openssl/crypto/x509v3/v3_crld.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/x509v3/v3_crld.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -4,7 +4,7 @@
* 1999.
*/
/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2008 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -64,52 +64,228 @@
#include <openssl/asn1t.h>
#include <openssl/x509v3.h>
-static STACK_OF(CONF_VALUE) *i2v_crld(X509V3_EXT_METHOD *method,
- STACK_OF(DIST_POINT) *crld,
- STACK_OF(CONF_VALUE) *extlist);
-static STACK_OF(DIST_POINT) *v2i_crld(X509V3_EXT_METHOD *method,
- X509V3_CTX *ctx,
- STACK_OF(CONF_VALUE) *nval);
+static void *v2i_crld(const X509V3_EXT_METHOD *method,
+ X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
+static int i2r_crldp(const X509V3_EXT_METHOD *method, void *pcrldp, BIO *out,
+ int indent);
const X509V3_EXT_METHOD v3_crld = {
- NID_crl_distribution_points, X509V3_EXT_MULTILINE,
- ASN1_ITEM_ref(CRL_DIST_POINTS),
+ NID_crl_distribution_points, 0, ASN1_ITEM_ref(CRL_DIST_POINTS),
0, 0, 0, 0,
0, 0,
- (X509V3_EXT_I2V) i2v_crld,
- (X509V3_EXT_V2I)v2i_crld,
+ 0,
+ v2i_crld,
+ i2r_crldp, 0,
+ NULL
+};
+
+const X509V3_EXT_METHOD v3_freshest_crl = {
+ NID_freshest_crl, 0, ASN1_ITEM_ref(CRL_DIST_POINTS),
+ 0, 0, 0, 0,
0, 0,
+ 0,
+ v2i_crld,
+ i2r_crldp, 0,
NULL
};
-static STACK_OF(CONF_VALUE) *i2v_crld(X509V3_EXT_METHOD *method,
- STACK_OF(DIST_POINT) *crld,
- STACK_OF(CONF_VALUE) *exts)
+static STACK_OF(GENERAL_NAME) *gnames_from_sectname(X509V3_CTX *ctx,
+ char *sect)
{
- DIST_POINT *point;
- int i;
- for (i = 0; i < sk_DIST_POINT_num(crld); i++) {
- point = sk_DIST_POINT_value(crld, i);
- if (point->distpoint) {
- if (point->distpoint->type == 0)
- exts = i2v_GENERAL_NAMES(NULL,
- point->distpoint->name.fullname,
- exts);
+ STACK_OF(CONF_VALUE) *gnsect;
+ STACK_OF(GENERAL_NAME) *gens;
+ if (*sect == '@')
+ gnsect = X509V3_get_section(ctx, sect + 1);
+ else
+ gnsect = X509V3_parse_list(sect);
+ if (!gnsect) {
+ X509V3err(X509V3_F_GNAMES_FROM_SECTNAME, X509V3_R_SECTION_NOT_FOUND);
+ return NULL;
+ }
+ gens = v2i_GENERAL_NAMES(NULL, ctx, gnsect);
+ if (*sect == '@')
+ X509V3_section_free(ctx, gnsect);
+ else
+ sk_CONF_VALUE_pop_free(gnsect, X509V3_conf_free);
+ return gens;
+}
+
+static int set_dist_point_name(DIST_POINT_NAME **pdp, X509V3_CTX *ctx,
+ CONF_VALUE *cnf)
+{
+ STACK_OF(GENERAL_NAME) *fnm = NULL;
+ STACK_OF(X509_NAME_ENTRY) *rnm = NULL;
+ if (!strncmp(cnf->name, "fullname", 9)) {
+ fnm = gnames_from_sectname(ctx, cnf->value);
+ if (!fnm)
+ goto err;
+ } else if (!strcmp(cnf->name, "relativename")) {
+ int ret;
+ STACK_OF(CONF_VALUE) *dnsect;
+ X509_NAME *nm;
+ nm = X509_NAME_new();
+ if (!nm)
+ return -1;
+ dnsect = X509V3_get_section(ctx, cnf->value);
+ if (!dnsect) {
+ X509V3err(X509V3_F_SET_DIST_POINT_NAME,
+ X509V3_R_SECTION_NOT_FOUND);
+ return -1;
+ }
+ ret = X509V3_NAME_from_section(nm, dnsect, MBSTRING_ASC);
+ X509V3_section_free(ctx, dnsect);
+ rnm = nm->entries;
+ nm->entries = NULL;
+ X509_NAME_free(nm);
+ if (!ret || sk_X509_NAME_ENTRY_num(rnm) <= 0)
+ goto err;
+ /*
+ * Since its a name fragment can't have more than one RDNSequence
+ */
+ if (sk_X509_NAME_ENTRY_value(rnm,
+ sk_X509_NAME_ENTRY_num(rnm) - 1)->set) {
+ X509V3err(X509V3_F_SET_DIST_POINT_NAME,
+ X509V3_R_INVALID_MULTIPLE_RDNS);
+ goto err;
+ }
+ } else
+ return 0;
+
+ if (*pdp) {
+ X509V3err(X509V3_F_SET_DIST_POINT_NAME,
+ X509V3_R_DISTPOINT_ALREADY_SET);
+ goto err;
+ }
+
+ *pdp = DIST_POINT_NAME_new();
+ if (!*pdp)
+ goto err;
+ if (fnm) {
+ (*pdp)->type = 0;
+ (*pdp)->name.fullname = fnm;
+ } else {
+ (*pdp)->type = 1;
+ (*pdp)->name.relativename = rnm;
+ }
+
+ return 1;
+
+ err:
+ if (fnm)
+ sk_GENERAL_NAME_pop_free(fnm, GENERAL_NAME_free);
+ if (rnm)
+ sk_X509_NAME_ENTRY_pop_free(rnm, X509_NAME_ENTRY_free);
+ return -1;
+}
+
+static const BIT_STRING_BITNAME reason_flags[] = {
+ {0, "Unused", "unused"},
+ {1, "Key Compromise", "keyCompromise"},
+ {2, "CA Compromise", "CACompromise"},
+ {3, "Affiliation Changed", "affiliationChanged"},
+ {4, "Superseded", "superseded"},
+ {5, "Cessation Of Operation", "cessationOfOperation"},
+ {6, "Certificate Hold", "certificateHold"},
+ {7, "Privilege Withdrawn", "privilegeWithdrawn"},
+ {8, "AA Compromise", "AACompromise"},
+ {-1, NULL, NULL}
+};
+
+static int set_reasons(ASN1_BIT_STRING **preas, char *value)
+{
+ STACK_OF(CONF_VALUE) *rsk = NULL;
+ const BIT_STRING_BITNAME *pbn;
+ const char *bnam;
+ int i, ret = 0;
+ rsk = X509V3_parse_list(value);
+ if (!rsk)
+ return 0;
+ if (*preas)
+ return 0;
+ for (i = 0; i < sk_CONF_VALUE_num(rsk); i++) {
+ bnam = sk_CONF_VALUE_value(rsk, i)->name;
+ if (!*preas) {
+ *preas = ASN1_BIT_STRING_new();
+ if (!*preas)
+ goto err;
+ }
+ for (pbn = reason_flags; pbn->lname; pbn++) {
+ if (!strcmp(pbn->sname, bnam)) {
+ if (!ASN1_BIT_STRING_set_bit(*preas, pbn->bitnum, 1))
+ goto err;
+ break;
+ }
+ }
+ if (!pbn->lname)
+ goto err;
+ }
+ ret = 1;
+
+ err:
+ sk_CONF_VALUE_pop_free(rsk, X509V3_conf_free);
+ return ret;
+}
+
+static int print_reasons(BIO *out, const char *rname,
+ ASN1_BIT_STRING *rflags, int indent)
+{
+ int first = 1;
+ const BIT_STRING_BITNAME *pbn;
+ BIO_printf(out, "%*s%s:\n%*s", indent, "", rname, indent + 2, "");
+ for (pbn = reason_flags; pbn->lname; pbn++) {
+ if (ASN1_BIT_STRING_get_bit(rflags, pbn->bitnum)) {
+ if (first)
+ first = 0;
else
- X509V3_add_value("RelativeName", "<UNSUPPORTED>", &exts);
+ BIO_puts(out, ", ");
+ BIO_puts(out, pbn->lname);
}
- if (point->reasons)
- X509V3_add_value("reasons", "<UNSUPPORTED>", &exts);
- if (point->CRLissuer)
- X509V3_add_value("CRLissuer", "<UNSUPPORTED>", &exts);
}
- return exts;
+ if (first)
+ BIO_puts(out, "<EMPTY>\n");
+ else
+ BIO_puts(out, "\n");
+ return 1;
}
-static STACK_OF(DIST_POINT) *v2i_crld(X509V3_EXT_METHOD *method,
- X509V3_CTX *ctx,
+static DIST_POINT *crldp_from_section(X509V3_CTX *ctx,
STACK_OF(CONF_VALUE) *nval)
{
+ int i;
+ CONF_VALUE *cnf;
+ DIST_POINT *point = NULL;
+ point = DIST_POINT_new();
+ if (!point)
+ goto err;
+ for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
+ int ret;
+ cnf = sk_CONF_VALUE_value(nval, i);
+ ret = set_dist_point_name(&point->distpoint, ctx, cnf);
+ if (ret > 0)
+ continue;
+ if (ret < 0)
+ goto err;
+ if (!strcmp(cnf->name, "reasons")) {
+ if (!set_reasons(&point->reasons, cnf->value))
+ goto err;
+ } else if (!strcmp(cnf->name, "CRLissuer")) {
+ point->CRLissuer = gnames_from_sectname(ctx, cnf->value);
+ if (!point->CRLissuer)
+ goto err;
+ }
+ }
+
+ return point;
+
+ err:
+ if (point)
+ DIST_POINT_free(point);
+ return NULL;
+}
+
+static void *v2i_crld(const X509V3_EXT_METHOD *method,
+ X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
+{
STACK_OF(DIST_POINT) *crld = NULL;
GENERAL_NAMES *gens = NULL;
GENERAL_NAME *gen = NULL;
@@ -120,24 +296,39 @@
for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
DIST_POINT *point;
cnf = sk_CONF_VALUE_value(nval, i);
- if (!(gen = v2i_GENERAL_NAME(method, ctx, cnf)))
- goto err;
- if (!(gens = GENERAL_NAMES_new()))
- goto merr;
- if (!sk_GENERAL_NAME_push(gens, gen))
- goto merr;
- gen = NULL;
- if (!(point = DIST_POINT_new()))
- goto merr;
- if (!sk_DIST_POINT_push(crld, point)) {
- DIST_POINT_free(point);
- goto merr;
+ if (!cnf->value) {
+ STACK_OF(CONF_VALUE) *dpsect;
+ dpsect = X509V3_get_section(ctx, cnf->name);
+ if (!dpsect)
+ goto err;
+ point = crldp_from_section(ctx, dpsect);
+ X509V3_section_free(ctx, dpsect);
+ if (!point)
+ goto err;
+ if (!sk_DIST_POINT_push(crld, point)) {
+ DIST_POINT_free(point);
+ goto merr;
+ }
+ } else {
+ if (!(gen = v2i_GENERAL_NAME(method, ctx, cnf)))
+ goto err;
+ if (!(gens = GENERAL_NAMES_new()))
+ goto merr;
+ if (!sk_GENERAL_NAME_push(gens, gen))
+ goto merr;
+ gen = NULL;
+ if (!(point = DIST_POINT_new()))
+ goto merr;
+ if (!sk_DIST_POINT_push(crld, point)) {
+ DIST_POINT_free(point);
+ goto merr;
+ }
+ if (!(point->distpoint = DIST_POINT_NAME_new()))
+ goto merr;
+ point->distpoint->name.fullname = gens;
+ point->distpoint->type = 0;
+ gens = NULL;
}
- if (!(point->distpoint = DIST_POINT_NAME_new()))
- goto merr;
- point->distpoint->name.fullname = gens;
- point->distpoint->type = 0;
- gens = NULL;
}
return crld;
@@ -154,12 +345,31 @@
IMPLEMENT_ASN1_SET_OF(DIST_POINT)
+static int dpn_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+ void *exarg)
+{
+ DIST_POINT_NAME *dpn = (DIST_POINT_NAME *)*pval;
-ASN1_CHOICE(DIST_POINT_NAME) = {
+ switch (operation) {
+ case ASN1_OP_NEW_POST:
+ dpn->dpname = NULL;
+ break;
+
+ case ASN1_OP_FREE_POST:
+ if (dpn->dpname)
+ X509_NAME_free(dpn->dpname);
+ break;
+ }
+ return 1;
+}
+
+
+ASN1_CHOICE_cb(DIST_POINT_NAME, dpn_cb) = {
ASN1_IMP_SEQUENCE_OF(DIST_POINT_NAME, name.fullname, GENERAL_NAME, 0),
ASN1_IMP_SET_OF(DIST_POINT_NAME, name.relativename, X509_NAME_ENTRY, 1)
-} ASN1_CHOICE_END(DIST_POINT_NAME)
+} ASN1_CHOICE_END_cb(DIST_POINT_NAME, DIST_POINT_NAME, type)
+
IMPLEMENT_ASN1_FUNCTIONS(DIST_POINT_NAME)
ASN1_SEQUENCE(DIST_POINT) = {
@@ -175,3 +385,178 @@
ASN1_ITEM_TEMPLATE_END(CRL_DIST_POINTS)
IMPLEMENT_ASN1_FUNCTIONS(CRL_DIST_POINTS)
+
+ASN1_SEQUENCE(ISSUING_DIST_POINT) = {
+ ASN1_EXP_OPT(ISSUING_DIST_POINT, distpoint, DIST_POINT_NAME, 0),
+ ASN1_IMP_OPT(ISSUING_DIST_POINT, onlyuser, ASN1_FBOOLEAN, 1),
+ ASN1_IMP_OPT(ISSUING_DIST_POINT, onlyCA, ASN1_FBOOLEAN, 2),
+ ASN1_IMP_OPT(ISSUING_DIST_POINT, onlysomereasons, ASN1_BIT_STRING, 3),
+ ASN1_IMP_OPT(ISSUING_DIST_POINT, indirectCRL, ASN1_FBOOLEAN, 4),
+ ASN1_IMP_OPT(ISSUING_DIST_POINT, onlyattr, ASN1_FBOOLEAN, 5)
+} ASN1_SEQUENCE_END(ISSUING_DIST_POINT)
+
+IMPLEMENT_ASN1_FUNCTIONS(ISSUING_DIST_POINT)
+
+static int i2r_idp(const X509V3_EXT_METHOD *method, void *pidp, BIO *out,
+ int indent);
+static void *v2i_idp(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
+ STACK_OF(CONF_VALUE) *nval);
+
+const X509V3_EXT_METHOD v3_idp = {
+ NID_issuing_distribution_point, X509V3_EXT_MULTILINE,
+ ASN1_ITEM_ref(ISSUING_DIST_POINT),
+ 0, 0, 0, 0,
+ 0, 0,
+ 0,
+ v2i_idp,
+ i2r_idp, 0,
+ NULL
+};
+
+static void *v2i_idp(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
+ STACK_OF(CONF_VALUE) *nval)
+{
+ ISSUING_DIST_POINT *idp = NULL;
+ CONF_VALUE *cnf;
+ char *name, *val;
+ int i, ret;
+ idp = ISSUING_DIST_POINT_new();
+ if (!idp)
+ goto merr;
+ for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
+ cnf = sk_CONF_VALUE_value(nval, i);
+ name = cnf->name;
+ val = cnf->value;
+ ret = set_dist_point_name(&idp->distpoint, ctx, cnf);
+ if (ret > 0)
+ continue;
+ if (ret < 0)
+ goto err;
+ if (!strcmp(name, "onlyuser")) {
+ if (!X509V3_get_value_bool(cnf, &idp->onlyuser))
+ goto err;
+ } else if (!strcmp(name, "onlyCA")) {
+ if (!X509V3_get_value_bool(cnf, &idp->onlyCA))
+ goto err;
+ } else if (!strcmp(name, "onlyAA")) {
+ if (!X509V3_get_value_bool(cnf, &idp->onlyattr))
+ goto err;
+ } else if (!strcmp(name, "indirectCRL")) {
+ if (!X509V3_get_value_bool(cnf, &idp->indirectCRL))
+ goto err;
+ } else if (!strcmp(name, "onlysomereasons")) {
+ if (!set_reasons(&idp->onlysomereasons, val))
+ goto err;
+ } else {
+ X509V3err(X509V3_F_V2I_IDP, X509V3_R_INVALID_NAME);
+ X509V3_conf_err(cnf);
+ goto err;
+ }
+ }
+ return idp;
+
+ merr:
+ X509V3err(X509V3_F_V2I_IDP, ERR_R_MALLOC_FAILURE);
+ err:
+ ISSUING_DIST_POINT_free(idp);
+ return NULL;
+}
+
+static int print_gens(BIO *out, STACK_OF(GENERAL_NAME) *gens, int indent)
+{
+ int i;
+ for (i = 0; i < sk_GENERAL_NAME_num(gens); i++) {
+ BIO_printf(out, "%*s", indent + 2, "");
+ GENERAL_NAME_print(out, sk_GENERAL_NAME_value(gens, i));
+ BIO_puts(out, "\n");
+ }
+ return 1;
+}
+
+static int print_distpoint(BIO *out, DIST_POINT_NAME *dpn, int indent)
+{
+ if (dpn->type == 0) {
+ BIO_printf(out, "%*sFull Name:\n", indent, "");
+ print_gens(out, dpn->name.fullname, indent);
+ } else {
+ X509_NAME ntmp;
+ ntmp.entries = dpn->name.relativename;
+ BIO_printf(out, "%*sRelative Name:\n%*s", indent, "", indent + 2, "");
+ X509_NAME_print_ex(out, &ntmp, 0, XN_FLAG_ONELINE);
+ BIO_puts(out, "\n");
+ }
+ return 1;
+}
+
+static int i2r_idp(const X509V3_EXT_METHOD *method, void *pidp, BIO *out,
+ int indent)
+{
+ ISSUING_DIST_POINT *idp = pidp;
+ if (idp->distpoint)
+ print_distpoint(out, idp->distpoint, indent);
+ if (idp->onlyuser > 0)
+ BIO_printf(out, "%*sOnly User Certificates\n", indent, "");
+ if (idp->onlyCA > 0)
+ BIO_printf(out, "%*sOnly CA Certificates\n", indent, "");
+ if (idp->indirectCRL > 0)
+ BIO_printf(out, "%*sIndirect CRL\n", indent, "");
+ if (idp->onlysomereasons)
+ print_reasons(out, "Only Some Reasons", idp->onlysomereasons, indent);
+ if (idp->onlyattr > 0)
+ BIO_printf(out, "%*sOnly Attribute Certificates\n", indent, "");
+ if (!idp->distpoint && (idp->onlyuser <= 0) && (idp->onlyCA <= 0)
+ && (idp->indirectCRL <= 0) && !idp->onlysomereasons
+ && (idp->onlyattr <= 0))
+ BIO_printf(out, "%*s<EMPTY>\n", indent, "");
+
+ return 1;
+}
+
+static int i2r_crldp(const X509V3_EXT_METHOD *method, void *pcrldp, BIO *out,
+ int indent)
+{
+ STACK_OF(DIST_POINT) *crld = pcrldp;
+ DIST_POINT *point;
+ int i;
+ for (i = 0; i < sk_DIST_POINT_num(crld); i++) {
+ BIO_puts(out, "\n");
+ point = sk_DIST_POINT_value(crld, i);
+ if (point->distpoint)
+ print_distpoint(out, point->distpoint, indent);
+ if (point->reasons)
+ print_reasons(out, "Reasons", point->reasons, indent);
+ if (point->CRLissuer) {
+ BIO_printf(out, "%*sCRL Issuer:\n", indent, "");
+ print_gens(out, point->CRLissuer, indent);
+ }
+ }
+ return 1;
+}
+
+int DIST_POINT_set_dpname(DIST_POINT_NAME *dpn, X509_NAME *iname)
+{
+ int i;
+ STACK_OF(X509_NAME_ENTRY) *frag;
+ X509_NAME_ENTRY *ne;
+ if (!dpn || (dpn->type != 1))
+ return 1;
+ frag = dpn->name.relativename;
+ dpn->dpname = X509_NAME_dup(iname);
+ if (!dpn->dpname)
+ return 0;
+ for (i = 0; i < sk_X509_NAME_ENTRY_num(frag); i++) {
+ ne = sk_X509_NAME_ENTRY_value(frag, i);
+ if (!X509_NAME_add_entry(dpn->dpname, ne, -1, i ? 0 : 1)) {
+ X509_NAME_free(dpn->dpname);
+ dpn->dpname = NULL;
+ return 0;
+ }
+ }
+ /* generate cached encoding of name */
+ if (i2d_X509_NAME(dpn->dpname, NULL) < 0) {
+ X509_NAME_free(dpn->dpname);
+ dpn->dpname = NULL;
+ return 0;
+ }
+ return 1;
+}
Modified: trunk/crypto/openssl/crypto/x509v3/v3_enum.c
===================================================================
--- trunk/crypto/openssl/crypto/x509v3/v3_enum.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/x509v3/v3_enum.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -62,14 +62,19 @@
#include <openssl/x509v3.h>
static ENUMERATED_NAMES crl_reasons[] = {
- {0, "Unspecified", "unspecified"},
- {1, "Key Compromise", "keyCompromise"},
- {2, "CA Compromise", "CACompromise"},
- {3, "Affiliation Changed", "affiliationChanged"},
- {4, "Superseded", "superseded"},
- {5, "Cessation Of Operation", "cessationOfOperation"},
- {6, "Certificate Hold", "certificateHold"},
- {8, "Remove From CRL", "removeFromCRL"},
+ {CRL_REASON_UNSPECIFIED, "Unspecified", "unspecified"},
+ {CRL_REASON_KEY_COMPROMISE, "Key Compromise", "keyCompromise"},
+ {CRL_REASON_CA_COMPROMISE, "CA Compromise", "CACompromise"},
+ {CRL_REASON_AFFILIATION_CHANGED, "Affiliation Changed",
+ "affiliationChanged"},
+ {CRL_REASON_SUPERSEDED, "Superseded", "superseded"},
+ {CRL_REASON_CESSATION_OF_OPERATION,
+ "Cessation Of Operation", "cessationOfOperation"},
+ {CRL_REASON_CERTIFICATE_HOLD, "Certificate Hold", "certificateHold"},
+ {CRL_REASON_REMOVE_FROM_CRL, "Remove From CRL", "removeFromCRL"},
+ {CRL_REASON_PRIVILEGE_WITHDRAWN, "Privilege Withdrawn",
+ "privilegeWithdrawn"},
+ {CRL_REASON_AA_COMPROMISE, "AA Compromise", "AACompromise"},
{-1, NULL, NULL}
};
Modified: trunk/crypto/openssl/crypto/x509v3/v3_extku.c
===================================================================
--- trunk/crypto/openssl/crypto/x509v3/v3_extku.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/x509v3/v3_extku.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -63,12 +63,11 @@
#include <openssl/conf.h>
#include <openssl/x509v3.h>
-static void *v2i_EXTENDED_KEY_USAGE(X509V3_EXT_METHOD *method,
+static void *v2i_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD *method,
X509V3_CTX *ctx,
STACK_OF(CONF_VALUE) *nval);
-static STACK_OF(CONF_VALUE) *i2v_EXTENDED_KEY_USAGE(X509V3_EXT_METHOD *method,
- void *eku,
- STACK_OF(CONF_VALUE)
+static STACK_OF(CONF_VALUE) *i2v_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD
+ *method, void *eku, STACK_OF(CONF_VALUE)
*extlist);
const X509V3_EXT_METHOD v3_ext_ku = {
@@ -100,9 +99,8 @@
IMPLEMENT_ASN1_FUNCTIONS(EXTENDED_KEY_USAGE)
-static STACK_OF(CONF_VALUE) *i2v_EXTENDED_KEY_USAGE(X509V3_EXT_METHOD *method,
- void *a,
- STACK_OF(CONF_VALUE)
+static STACK_OF(CONF_VALUE) *i2v_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD
+ *method, void *a, STACK_OF(CONF_VALUE)
*ext_list)
{
EXTENDED_KEY_USAGE *eku = a;
@@ -117,7 +115,7 @@
return ext_list;
}
-static void *v2i_EXTENDED_KEY_USAGE(X509V3_EXT_METHOD *method,
+static void *v2i_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD *method,
X509V3_CTX *ctx,
STACK_OF(CONF_VALUE) *nval)
{
Modified: trunk/crypto/openssl/crypto/x509v3/v3_genn.c
===================================================================
--- trunk/crypto/openssl/crypto/x509v3/v3_genn.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/x509v3/v3_genn.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -4,7 +4,7 @@
* 1999.
*/
/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2008 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -99,3 +99,152 @@
ASN1_ITEM_TEMPLATE_END(GENERAL_NAMES)
IMPLEMENT_ASN1_FUNCTIONS(GENERAL_NAMES)
+
+GENERAL_NAME *GENERAL_NAME_dup(GENERAL_NAME *a)
+{
+ return (GENERAL_NAME *)ASN1_dup((i2d_of_void *)i2d_GENERAL_NAME,
+ (d2i_of_void *)d2i_GENERAL_NAME,
+ (char *)a);
+}
+
+/* Returns 0 if they are equal, != 0 otherwise. */
+int GENERAL_NAME_cmp(GENERAL_NAME *a, GENERAL_NAME *b)
+{
+ int result = -1;
+
+ if (!a || !b || a->type != b->type)
+ return -1;
+ switch (a->type) {
+ case GEN_X400:
+ case GEN_EDIPARTY:
+ result = ASN1_TYPE_cmp(a->d.other, b->d.other);
+ break;
+
+ case GEN_OTHERNAME:
+ result = OTHERNAME_cmp(a->d.otherName, b->d.otherName);
+ break;
+
+ case GEN_EMAIL:
+ case GEN_DNS:
+ case GEN_URI:
+ result = ASN1_STRING_cmp(a->d.ia5, b->d.ia5);
+ break;
+
+ case GEN_DIRNAME:
+ result = X509_NAME_cmp(a->d.dirn, b->d.dirn);
+ break;
+
+ case GEN_IPADD:
+ result = ASN1_OCTET_STRING_cmp(a->d.ip, b->d.ip);
+ break;
+
+ case GEN_RID:
+ result = OBJ_cmp(a->d.rid, b->d.rid);
+ break;
+ }
+ return result;
+}
+
+/* Returns 0 if they are equal, != 0 otherwise. */
+int OTHERNAME_cmp(OTHERNAME *a, OTHERNAME *b)
+{
+ int result = -1;
+
+ if (!a || !b)
+ return -1;
+ /* Check their type first. */
+ if ((result = OBJ_cmp(a->type_id, b->type_id)) != 0)
+ return result;
+ /* Check the value. */
+ result = ASN1_TYPE_cmp(a->value, b->value);
+ return result;
+}
+
+void GENERAL_NAME_set0_value(GENERAL_NAME *a, int type, void *value)
+{
+ switch (type) {
+ case GEN_X400:
+ case GEN_EDIPARTY:
+ a->d.other = value;
+ break;
+
+ case GEN_OTHERNAME:
+ a->d.otherName = value;
+ break;
+
+ case GEN_EMAIL:
+ case GEN_DNS:
+ case GEN_URI:
+ a->d.ia5 = value;
+ break;
+
+ case GEN_DIRNAME:
+ a->d.dirn = value;
+ break;
+
+ case GEN_IPADD:
+ a->d.ip = value;
+ break;
+
+ case GEN_RID:
+ a->d.rid = value;
+ break;
+ }
+ a->type = type;
+}
+
+void *GENERAL_NAME_get0_value(GENERAL_NAME *a, int *ptype)
+{
+ if (ptype)
+ *ptype = a->type;
+ switch (a->type) {
+ case GEN_X400:
+ case GEN_EDIPARTY:
+ return a->d.other;
+
+ case GEN_OTHERNAME:
+ return a->d.otherName;
+
+ case GEN_EMAIL:
+ case GEN_DNS:
+ case GEN_URI:
+ return a->d.ia5;
+
+ case GEN_DIRNAME:
+ return a->d.dirn;
+
+ case GEN_IPADD:
+ return a->d.ip;
+
+ case GEN_RID:
+ return a->d.rid;
+
+ default:
+ return NULL;
+ }
+}
+
+int GENERAL_NAME_set0_othername(GENERAL_NAME *gen,
+ ASN1_OBJECT *oid, ASN1_TYPE *value)
+{
+ OTHERNAME *oth;
+ oth = OTHERNAME_new();
+ if (!oth)
+ return 0;
+ oth->type_id = oid;
+ oth->value = value;
+ GENERAL_NAME_set0_value(gen, GEN_OTHERNAME, oth);
+ return 1;
+}
+
+int GENERAL_NAME_get0_otherName(GENERAL_NAME *gen,
+ ASN1_OBJECT **poid, ASN1_TYPE **pvalue)
+{
+ if (gen->type != GEN_OTHERNAME)
+ return 0;
+ if (poid)
+ *poid = gen->d.otherName->type_id;
+ if (pvalue)
+ *pvalue = gen->d.otherName->value;
+ return 1;
+}
Modified: trunk/crypto/openssl/crypto/x509v3/v3_lib.c
===================================================================
--- trunk/crypto/openssl/crypto/x509v3/v3_lib.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/x509v3/v3_lib.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -90,20 +90,20 @@
return ((*a)->ext_nid - (*b)->ext_nid);
}
-X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid)
+DECLARE_OBJ_BSEARCH_CMP_FN(const X509V3_EXT_METHOD *,
+ const X509V3_EXT_METHOD *, ext);
+IMPLEMENT_OBJ_BSEARCH_CMP_FN(const X509V3_EXT_METHOD *,
+ const X509V3_EXT_METHOD *, ext);
+
+const X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid)
{
- X509V3_EXT_METHOD tmp, *t = &tmp, **ret;
+ X509V3_EXT_METHOD tmp;
+ const X509V3_EXT_METHOD *t = &tmp, *const *ret;
int idx;
if (nid < 0)
return NULL;
tmp.ext_nid = nid;
- ret = (X509V3_EXT_METHOD **)OBJ_bsearch((char *)&t,
- (char *)standard_exts,
- STANDARD_EXTENSION_COUNT,
- sizeof(X509V3_EXT_METHOD *),
- (int (*)
- (const void *,
- const void *))ext_cmp);
+ ret = OBJ_bsearch_ext(&t, standard_exts, STANDARD_EXTENSION_COUNT);
if (ret)
return *ret;
if (!ext_list)
@@ -114,7 +114,7 @@
return sk_X509V3_EXT_METHOD_value(ext_list, idx);
}
-X509V3_EXT_METHOD *X509V3_EXT_get(X509_EXTENSION *ext)
+const X509V3_EXT_METHOD *X509V3_EXT_get(X509_EXTENSION *ext)
{
int nid;
if ((nid = OBJ_obj2nid(ext->object)) == NID_undef)
@@ -132,7 +132,9 @@
int X509V3_EXT_add_alias(int nid_to, int nid_from)
{
- X509V3_EXT_METHOD *ext, *tmpext;
+ const X509V3_EXT_METHOD *ext;
+ X509V3_EXT_METHOD *tmpext;
+
if (!(ext = X509V3_EXT_get_nid(nid_from))) {
X509V3err(X509V3_F_X509V3_EXT_ADD_ALIAS,
X509V3_R_EXTENSION_NOT_FOUND);
@@ -176,7 +178,7 @@
void *X509V3_EXT_d2i(X509_EXTENSION *ext)
{
- X509V3_EXT_METHOD *method;
+ const X509V3_EXT_METHOD *method;
const unsigned char *p;
if (!(method = X509V3_EXT_get(ext)))
Modified: trunk/crypto/openssl/crypto/x509v3/v3_ncons.c
===================================================================
--- trunk/crypto/openssl/crypto/x509v3/v3_ncons.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/x509v3/v3_ncons.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -63,16 +63,23 @@
#include <openssl/conf.h>
#include <openssl/x509v3.h>
-static void *v2i_NAME_CONSTRAINTS(X509V3_EXT_METHOD *method,
+static void *v2i_NAME_CONSTRAINTS(const X509V3_EXT_METHOD *method,
X509V3_CTX *ctx,
STACK_OF(CONF_VALUE) *nval);
-static int i2r_NAME_CONSTRAINTS(X509V3_EXT_METHOD *method, void *a, BIO *bp,
- int ind);
-static int do_i2r_name_constraints(X509V3_EXT_METHOD *method,
+static int i2r_NAME_CONSTRAINTS(const X509V3_EXT_METHOD *method, void *a,
+ BIO *bp, int ind);
+static int do_i2r_name_constraints(const X509V3_EXT_METHOD *method,
STACK_OF(GENERAL_SUBTREE) *trees, BIO *bp,
int ind, char *name);
static int print_nc_ipadd(BIO *bp, ASN1_OCTET_STRING *ip);
+static int nc_match(GENERAL_NAME *gen, NAME_CONSTRAINTS *nc);
+static int nc_match_single(GENERAL_NAME *sub, GENERAL_NAME *gen);
+static int nc_dn(X509_NAME *sub, X509_NAME *nm);
+static int nc_dns(ASN1_IA5STRING *sub, ASN1_IA5STRING *dns);
+static int nc_email(ASN1_IA5STRING *sub, ASN1_IA5STRING *eml);
+static int nc_uri(ASN1_IA5STRING *uri, ASN1_IA5STRING *base);
+
const X509V3_EXT_METHOD v3_name_constraints = {
NID_name_constraints, 0,
ASN1_ITEM_ref(NAME_CONSTRAINTS),
@@ -100,7 +107,7 @@
IMPLEMENT_ASN1_ALLOC_FUNCTIONS(GENERAL_SUBTREE)
IMPLEMENT_ASN1_ALLOC_FUNCTIONS(NAME_CONSTRAINTS)
-static void *v2i_NAME_CONSTRAINTS(X509V3_EXT_METHOD *method,
+static void *v2i_NAME_CONSTRAINTS(const X509V3_EXT_METHOD *method,
X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
{
int i;
@@ -147,8 +154,8 @@
return NULL;
}
-static int i2r_NAME_CONSTRAINTS(X509V3_EXT_METHOD *method,
- void *a, BIO *bp, int ind)
+static int i2r_NAME_CONSTRAINTS(const X509V3_EXT_METHOD *method, void *a,
+ BIO *bp, int ind)
{
NAME_CONSTRAINTS *ncons = a;
do_i2r_name_constraints(method, ncons->permittedSubtrees,
@@ -158,7 +165,7 @@
return 1;
}
-static int do_i2r_name_constraints(X509V3_EXT_METHOD *method,
+static int do_i2r_name_constraints(const X509V3_EXT_METHOD *method,
STACK_OF(GENERAL_SUBTREE) *trees,
BIO *bp, int ind, char *name)
{
@@ -201,3 +208,270 @@
BIO_printf(bp, "IP Address:<invalid>");
return 1;
}
+
+/*-
+ * Check a certificate conforms to a specified set of constraints.
+ * Return values:
+ * X509_V_OK: All constraints obeyed.
+ * X509_V_ERR_PERMITTED_VIOLATION: Permitted subtree violation.
+ * X509_V_ERR_EXCLUDED_VIOLATION: Excluded subtree violation.
+ * X509_V_ERR_SUBTREE_MINMAX: Min or max values present and matching type.
+ * X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE: Unsupported constraint type.
+ * X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX: bad unsupported constraint syntax.
+ * X509_V_ERR_UNSUPPORTED_NAME_SYNTAX: bad or unsupported syntax of name
+ */
+
+int NAME_CONSTRAINTS_check(X509 *x, NAME_CONSTRAINTS *nc)
+{
+ int r, i;
+ X509_NAME *nm;
+
+ nm = X509_get_subject_name(x);
+
+ if (X509_NAME_entry_count(nm) > 0) {
+ GENERAL_NAME gntmp;
+ gntmp.type = GEN_DIRNAME;
+ gntmp.d.directoryName = nm;
+
+ r = nc_match(&gntmp, nc);
+
+ if (r != X509_V_OK)
+ return r;
+
+ gntmp.type = GEN_EMAIL;
+
+ /* Process any email address attributes in subject name */
+
+ for (i = -1;;) {
+ X509_NAME_ENTRY *ne;
+ i = X509_NAME_get_index_by_NID(nm, NID_pkcs9_emailAddress, i);
+ if (i == -1)
+ break;
+ ne = X509_NAME_get_entry(nm, i);
+ gntmp.d.rfc822Name = X509_NAME_ENTRY_get_data(ne);
+ if (gntmp.d.rfc822Name->type != V_ASN1_IA5STRING)
+ return X509_V_ERR_UNSUPPORTED_NAME_SYNTAX;
+
+ r = nc_match(&gntmp, nc);
+
+ if (r != X509_V_OK)
+ return r;
+ }
+
+ }
+
+ for (i = 0; i < sk_GENERAL_NAME_num(x->altname); i++) {
+ GENERAL_NAME *gen = sk_GENERAL_NAME_value(x->altname, i);
+ r = nc_match(gen, nc);
+ if (r != X509_V_OK)
+ return r;
+ }
+
+ return X509_V_OK;
+
+}
+
+static int nc_match(GENERAL_NAME *gen, NAME_CONSTRAINTS *nc)
+{
+ GENERAL_SUBTREE *sub;
+ int i, r, match = 0;
+
+ /*
+ * Permitted subtrees: if any subtrees exist of matching the type at
+ * least one subtree must match.
+ */
+
+ for (i = 0; i < sk_GENERAL_SUBTREE_num(nc->permittedSubtrees); i++) {
+ sub = sk_GENERAL_SUBTREE_value(nc->permittedSubtrees, i);
+ if (gen->type != sub->base->type)
+ continue;
+ if (sub->minimum || sub->maximum)
+ return X509_V_ERR_SUBTREE_MINMAX;
+ /* If we already have a match don't bother trying any more */
+ if (match == 2)
+ continue;
+ if (match == 0)
+ match = 1;
+ r = nc_match_single(gen, sub->base);
+ if (r == X509_V_OK)
+ match = 2;
+ else if (r != X509_V_ERR_PERMITTED_VIOLATION)
+ return r;
+ }
+
+ if (match == 1)
+ return X509_V_ERR_PERMITTED_VIOLATION;
+
+ /* Excluded subtrees: must not match any of these */
+
+ for (i = 0; i < sk_GENERAL_SUBTREE_num(nc->excludedSubtrees); i++) {
+ sub = sk_GENERAL_SUBTREE_value(nc->excludedSubtrees, i);
+ if (gen->type != sub->base->type)
+ continue;
+ if (sub->minimum || sub->maximum)
+ return X509_V_ERR_SUBTREE_MINMAX;
+
+ r = nc_match_single(gen, sub->base);
+ if (r == X509_V_OK)
+ return X509_V_ERR_EXCLUDED_VIOLATION;
+ else if (r != X509_V_ERR_PERMITTED_VIOLATION)
+ return r;
+
+ }
+
+ return X509_V_OK;
+
+}
+
+static int nc_match_single(GENERAL_NAME *gen, GENERAL_NAME *base)
+{
+ switch (base->type) {
+ case GEN_DIRNAME:
+ return nc_dn(gen->d.directoryName, base->d.directoryName);
+
+ case GEN_DNS:
+ return nc_dns(gen->d.dNSName, base->d.dNSName);
+
+ case GEN_EMAIL:
+ return nc_email(gen->d.rfc822Name, base->d.rfc822Name);
+
+ case GEN_URI:
+ return nc_uri(gen->d.uniformResourceIdentifier,
+ base->d.uniformResourceIdentifier);
+
+ default:
+ return X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE;
+ }
+
+}
+
+/*
+ * directoryName name constraint matching. The canonical encoding of
+ * X509_NAME makes this comparison easy. It is matched if the subtree is a
+ * subset of the name.
+ */
+
+static int nc_dn(X509_NAME *nm, X509_NAME *base)
+{
+ /* Ensure canonical encodings are up to date. */
+ if (nm->modified && i2d_X509_NAME(nm, NULL) < 0)
+ return X509_V_ERR_OUT_OF_MEM;
+ if (base->modified && i2d_X509_NAME(base, NULL) < 0)
+ return X509_V_ERR_OUT_OF_MEM;
+ if (base->canon_enclen > nm->canon_enclen)
+ return X509_V_ERR_PERMITTED_VIOLATION;
+ if (memcmp(base->canon_enc, nm->canon_enc, base->canon_enclen))
+ return X509_V_ERR_PERMITTED_VIOLATION;
+ return X509_V_OK;
+}
+
+static int nc_dns(ASN1_IA5STRING *dns, ASN1_IA5STRING *base)
+{
+ char *baseptr = (char *)base->data;
+ char *dnsptr = (char *)dns->data;
+ /* Empty matches everything */
+ if (!*baseptr)
+ return X509_V_OK;
+ /*
+ * Otherwise can add zero or more components on the left so compare RHS
+ * and if dns is longer and expect '.' as preceding character.
+ */
+ if (dns->length > base->length) {
+ dnsptr += dns->length - base->length;
+ if (*baseptr != '.' && dnsptr[-1] != '.')
+ return X509_V_ERR_PERMITTED_VIOLATION;
+ }
+
+ if (strcasecmp(baseptr, dnsptr))
+ return X509_V_ERR_PERMITTED_VIOLATION;
+
+ return X509_V_OK;
+
+}
+
+static int nc_email(ASN1_IA5STRING *eml, ASN1_IA5STRING *base)
+{
+ const char *baseptr = (char *)base->data;
+ const char *emlptr = (char *)eml->data;
+
+ const char *baseat = strchr(baseptr, '@');
+ const char *emlat = strchr(emlptr, '@');
+ if (!emlat)
+ return X509_V_ERR_UNSUPPORTED_NAME_SYNTAX;
+ /* Special case: inital '.' is RHS match */
+ if (!baseat && (*baseptr == '.')) {
+ if (eml->length > base->length) {
+ emlptr += eml->length - base->length;
+ if (!strcasecmp(baseptr, emlptr))
+ return X509_V_OK;
+ }
+ return X509_V_ERR_PERMITTED_VIOLATION;
+ }
+
+ /* If we have anything before '@' match local part */
+
+ if (baseat) {
+ if (baseat != baseptr) {
+ if ((baseat - baseptr) != (emlat - emlptr))
+ return X509_V_ERR_PERMITTED_VIOLATION;
+ /* Case sensitive match of local part */
+ if (strncmp(baseptr, emlptr, emlat - emlptr))
+ return X509_V_ERR_PERMITTED_VIOLATION;
+ }
+ /* Position base after '@' */
+ baseptr = baseat + 1;
+ }
+ emlptr = emlat + 1;
+ /* Just have hostname left to match: case insensitive */
+ if (strcasecmp(baseptr, emlptr))
+ return X509_V_ERR_PERMITTED_VIOLATION;
+
+ return X509_V_OK;
+
+}
+
+static int nc_uri(ASN1_IA5STRING *uri, ASN1_IA5STRING *base)
+{
+ const char *baseptr = (char *)base->data;
+ const char *hostptr = (char *)uri->data;
+ const char *p = strchr(hostptr, ':');
+ int hostlen;
+ /* Check for foo:// and skip past it */
+ if (!p || (p[1] != '/') || (p[2] != '/'))
+ return X509_V_ERR_UNSUPPORTED_NAME_SYNTAX;
+ hostptr = p + 3;
+
+ /* Determine length of hostname part of URI */
+
+ /* Look for a port indicator as end of hostname first */
+
+ p = strchr(hostptr, ':');
+ /* Otherwise look for trailing slash */
+ if (!p)
+ p = strchr(hostptr, '/');
+
+ if (!p)
+ hostlen = strlen(hostptr);
+ else
+ hostlen = p - hostptr;
+
+ if (hostlen == 0)
+ return X509_V_ERR_UNSUPPORTED_NAME_SYNTAX;
+
+ /* Special case: inital '.' is RHS match */
+ if (*baseptr == '.') {
+ if (hostlen > base->length) {
+ p = hostptr + hostlen - base->length;
+ if (!strncasecmp(p, baseptr, base->length))
+ return X509_V_OK;
+ }
+ return X509_V_ERR_PERMITTED_VIOLATION;
+ }
+
+ if ((base->length != (int)hostlen)
+ || strncasecmp(hostptr, baseptr, hostlen))
+ return X509_V_ERR_PERMITTED_VIOLATION;
+
+ return X509_V_OK;
+
+}
Modified: trunk/crypto/openssl/crypto/x509v3/v3_ocsp.c
===================================================================
--- trunk/crypto/openssl/crypto/x509v3/v3_ocsp.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/x509v3/v3_ocsp.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -70,11 +70,11 @@
* OCSP extensions and a couple of CRL entry extensions
*/
-static int i2r_ocsp_crlid(X509V3_EXT_METHOD *method, void *nonce, BIO *out,
- int indent);
-static int i2r_ocsp_acutoff(X509V3_EXT_METHOD *method, void *nonce, BIO *out,
- int indent);
-static int i2r_object(X509V3_EXT_METHOD *method, void *obj, BIO *out,
+static int i2r_ocsp_crlid(const X509V3_EXT_METHOD *method, void *nonce,
+ BIO *out, int indent);
+static int i2r_ocsp_acutoff(const X509V3_EXT_METHOD *method, void *nonce,
+ BIO *out, int indent);
+static int i2r_object(const X509V3_EXT_METHOD *method, void *obj, BIO *out,
int indent);
static void *ocsp_nonce_new(void);
@@ -81,15 +81,15 @@
static int i2d_ocsp_nonce(void *a, unsigned char **pp);
static void *d2i_ocsp_nonce(void *a, const unsigned char **pp, long length);
static void ocsp_nonce_free(void *a);
-static int i2r_ocsp_nonce(X509V3_EXT_METHOD *method, void *nonce, BIO *out,
- int indent);
+static int i2r_ocsp_nonce(const X509V3_EXT_METHOD *method, void *nonce,
+ BIO *out, int indent);
-static int i2r_ocsp_nocheck(X509V3_EXT_METHOD *method, void *nocheck,
- BIO *out, int indent);
-static void *s2i_ocsp_nocheck(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
- const char *str);
-static int i2r_ocsp_serviceloc(X509V3_EXT_METHOD *method, void *in, BIO *bp,
- int ind);
+static int i2r_ocsp_nocheck(const X509V3_EXT_METHOD *method,
+ void *nocheck, BIO *out, int indent);
+static void *s2i_ocsp_nocheck(const X509V3_EXT_METHOD *method,
+ X509V3_CTX *ctx, const char *str);
+static int i2r_ocsp_serviceloc(const X509V3_EXT_METHOD *method, void *in,
+ BIO *bp, int ind);
const X509V3_EXT_METHOD v3_ocsp_crlid = {
NID_id_pkix_OCSP_CrlID, 0, ASN1_ITEM_ref(OCSP_CRLID),
@@ -157,7 +157,7 @@
NULL
};
-static int i2r_ocsp_crlid(X509V3_EXT_METHOD *method, void *in, BIO *bp,
+static int i2r_ocsp_crlid(const X509V3_EXT_METHOD *method, void *in, BIO *bp,
int ind)
{
OCSP_CRLID *a = in;
@@ -190,8 +190,8 @@
return 0;
}
-static int i2r_ocsp_acutoff(X509V3_EXT_METHOD *method, void *cutoff, BIO *bp,
- int ind)
+static int i2r_ocsp_acutoff(const X509V3_EXT_METHOD *method, void *cutoff,
+ BIO *bp, int ind)
{
if (BIO_printf(bp, "%*s", ind, "") <= 0)
return 0;
@@ -200,7 +200,8 @@
return 1;
}
-static int i2r_object(X509V3_EXT_METHOD *method, void *oid, BIO *bp, int ind)
+static int i2r_object(const X509V3_EXT_METHOD *method, void *oid, BIO *bp,
+ int ind)
{
if (BIO_printf(bp, "%*s", ind, "") <= 0)
return 0;
@@ -258,8 +259,8 @@
M_ASN1_OCTET_STRING_free(a);
}
-static int i2r_ocsp_nonce(X509V3_EXT_METHOD *method, void *nonce, BIO *out,
- int indent)
+static int i2r_ocsp_nonce(const X509V3_EXT_METHOD *method, void *nonce,
+ BIO *out, int indent)
{
if (BIO_printf(out, "%*s", indent, "") <= 0)
return 0;
@@ -270,20 +271,20 @@
/* Nocheck is just a single NULL. Don't print anything and always set it */
-static int i2r_ocsp_nocheck(X509V3_EXT_METHOD *method, void *nocheck,
+static int i2r_ocsp_nocheck(const X509V3_EXT_METHOD *method, void *nocheck,
BIO *out, int indent)
{
return 1;
}
-static void *s2i_ocsp_nocheck(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
- const char *str)
+static void *s2i_ocsp_nocheck(const X509V3_EXT_METHOD *method,
+ X509V3_CTX *ctx, const char *str)
{
return ASN1_NULL_new();
}
-static int i2r_ocsp_serviceloc(X509V3_EXT_METHOD *method, void *in, BIO *bp,
- int ind)
+static int i2r_ocsp_serviceloc(const X509V3_EXT_METHOD *method, void *in,
+ BIO *bp, int ind)
{
int i;
OCSP_SERVICELOC *a = in;
Modified: trunk/crypto/openssl/crypto/x509v3/v3_pci.c
===================================================================
--- trunk/crypto/openssl/crypto/x509v3/v3_pci.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/x509v3/v3_pci.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -82,7 +82,7 @@
if (strcmp(val->name, "language") == 0) {
if (*language) {
X509V3err(X509V3_F_PROCESS_PCI_VALUE,
- X509V3_R_POLICY_LANGUAGE_ALREADTY_DEFINED);
+ X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED);
X509V3_conf_err(val);
return 0;
}
@@ -95,7 +95,7 @@
} else if (strcmp(val->name, "pathlen") == 0) {
if (*pathlen) {
X509V3err(X509V3_F_PROCESS_PCI_VALUE,
- X509V3_R_POLICY_PATH_LENGTH_ALREADTY_DEFINED);
+ X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED);
X509V3_conf_err(val);
return 0;
}
Modified: trunk/crypto/openssl/crypto/x509v3/v3_pcons.c
===================================================================
--- trunk/crypto/openssl/crypto/x509v3/v3_pcons.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/x509v3/v3_pcons.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -64,11 +64,10 @@
#include <openssl/conf.h>
#include <openssl/x509v3.h>
-static STACK_OF(CONF_VALUE) *i2v_POLICY_CONSTRAINTS(X509V3_EXT_METHOD *method,
- void *bcons,
- STACK_OF(CONF_VALUE)
+static STACK_OF(CONF_VALUE) *i2v_POLICY_CONSTRAINTS(const X509V3_EXT_METHOD
+ *method, void *bcons, STACK_OF(CONF_VALUE)
*extlist);
-static void *v2i_POLICY_CONSTRAINTS(X509V3_EXT_METHOD *method,
+static void *v2i_POLICY_CONSTRAINTS(const X509V3_EXT_METHOD *method,
X509V3_CTX *ctx,
STACK_OF(CONF_VALUE) *values);
@@ -90,9 +89,8 @@
IMPLEMENT_ASN1_ALLOC_FUNCTIONS(POLICY_CONSTRAINTS)
-static STACK_OF(CONF_VALUE) *i2v_POLICY_CONSTRAINTS(X509V3_EXT_METHOD *method,
- void *a,
- STACK_OF(CONF_VALUE)
+static STACK_OF(CONF_VALUE) *i2v_POLICY_CONSTRAINTS(const X509V3_EXT_METHOD
+ *method, void *a, STACK_OF(CONF_VALUE)
*extlist)
{
POLICY_CONSTRAINTS *pcons = a;
@@ -103,7 +101,7 @@
return extlist;
}
-static void *v2i_POLICY_CONSTRAINTS(X509V3_EXT_METHOD *method,
+static void *v2i_POLICY_CONSTRAINTS(const X509V3_EXT_METHOD *method,
X509V3_CTX *ctx,
STACK_OF(CONF_VALUE) *values)
{
Modified: trunk/crypto/openssl/crypto/x509v3/v3_pmaps.c
===================================================================
--- trunk/crypto/openssl/crypto/x509v3/v3_pmaps.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/x509v3/v3_pmaps.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -63,11 +63,10 @@
#include <openssl/conf.h>
#include <openssl/x509v3.h>
-static void *v2i_POLICY_MAPPINGS(X509V3_EXT_METHOD *method,
+static void *v2i_POLICY_MAPPINGS(const X509V3_EXT_METHOD *method,
X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
-static STACK_OF(CONF_VALUE) *i2v_POLICY_MAPPINGS(X509V3_EXT_METHOD *method,
- void *pmps,
- STACK_OF(CONF_VALUE)
+static STACK_OF(CONF_VALUE) *i2v_POLICY_MAPPINGS(const X509V3_EXT_METHOD
+ *method, void *pmps, STACK_OF(CONF_VALUE)
*extlist);
const X509V3_EXT_METHOD v3_policy_mappings = {
@@ -93,8 +92,8 @@
IMPLEMENT_ASN1_ALLOC_FUNCTIONS(POLICY_MAPPING)
-static STACK_OF(CONF_VALUE) *i2v_POLICY_MAPPINGS(X509V3_EXT_METHOD *method,
- void *a, STACK_OF(CONF_VALUE)
+static STACK_OF(CONF_VALUE) *i2v_POLICY_MAPPINGS(const X509V3_EXT_METHOD
+ *method, void *a, STACK_OF(CONF_VALUE)
*ext_list)
{
POLICY_MAPPINGS *pmaps = a;
@@ -111,7 +110,7 @@
return ext_list;
}
-static void *v2i_POLICY_MAPPINGS(X509V3_EXT_METHOD *method,
+static void *v2i_POLICY_MAPPINGS(const X509V3_EXT_METHOD *method,
X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
{
POLICY_MAPPINGS *pmaps;
Modified: trunk/crypto/openssl/crypto/x509v3/v3_prn.c
===================================================================
--- trunk/crypto/openssl/crypto/x509v3/v3_prn.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/x509v3/v3_prn.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -121,7 +121,7 @@
void *ext_str = NULL;
char *value = NULL;
const unsigned char *p;
- X509V3_EXT_METHOD *method;
+ const X509V3_EXT_METHOD *method;
STACK_OF(CONF_VALUE) *nval = NULL;
int ok = 1;
Modified: trunk/crypto/openssl/crypto/x509v3/v3_purp.c
===================================================================
--- trunk/crypto/openssl/crypto/x509v3/v3_purp.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/x509v3/v3_purp.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -78,6 +78,8 @@
int ca);
static int check_purpose_crl_sign(const X509_PURPOSE *xp, const X509 *x,
int ca);
+static int check_purpose_timestamp_sign(const X509_PURPOSE *xp, const X509 *x,
+ int ca);
static int no_check(const X509_PURPOSE *xp, const X509 *x, int ca);
static int ocsp_helper(const X509_PURPOSE *xp, const X509 *x, int ca);
@@ -101,6 +103,9 @@
NULL},
{X509_PURPOSE_OCSP_HELPER, X509_TRUST_COMPAT, 0, ocsp_helper,
"OCSP helper", "ocsphelper", NULL},
+ {X509_PURPOSE_TIMESTAMP_SIGN, X509_TRUST_TSA, 0,
+ check_purpose_timestamp_sign, "Time Stamp signing", "timestampsign",
+ NULL},
};
#define X509_PURPOSE_COUNT (sizeof(xstandard)/sizeof(X509_PURPOSE))
@@ -292,11 +297,14 @@
return xp->trust;
}
-static int nid_cmp(int *a, int *b)
+static int nid_cmp(const int *a, const int *b)
{
return *a - *b;
}
+DECLARE_OBJ_BSEARCH_CMP_FN(int, int, nid);
+IMPLEMENT_OBJ_BSEARCH_CMP_FN(int, int, nid);
+
int X509_supported_extension(X509_EXTENSION *ex)
{
/*
@@ -307,7 +315,7 @@
* order because it will be searched using bsearch.
*/
- static int supported_nids[] = {
+ static const int supported_nids[] = {
NID_netscape_cert_type, /* 71 */
NID_key_usage, /* 83 */
NID_subject_alt_name, /* 85 */
@@ -319,24 +327,59 @@
NID_sbgp_autonomousSysNum, /* 291 */
#endif
NID_policy_constraints, /* 401 */
- NID_proxyCertInfo, /* 661 */
+ NID_proxyCertInfo, /* 663 */
+ NID_name_constraints, /* 666 */
+ NID_policy_mappings, /* 747 */
NID_inhibit_any_policy /* 748 */
};
- int ex_nid;
+ int ex_nid = OBJ_obj2nid(X509_EXTENSION_get_object(ex));
- ex_nid = OBJ_obj2nid(X509_EXTENSION_get_object(ex));
-
if (ex_nid == NID_undef)
return 0;
- if (OBJ_bsearch((char *)&ex_nid, (char *)supported_nids,
- sizeof(supported_nids) / sizeof(int), sizeof(int),
- (int (*)(const void *, const void *))nid_cmp))
+ if (OBJ_bsearch_nid(&ex_nid, supported_nids,
+ sizeof(supported_nids) / sizeof(int)))
return 1;
return 0;
}
+static void setup_dp(X509 *x, DIST_POINT *dp)
+{
+ X509_NAME *iname = NULL;
+ int i;
+ if (dp->reasons) {
+ if (dp->reasons->length > 0)
+ dp->dp_reasons = dp->reasons->data[0];
+ if (dp->reasons->length > 1)
+ dp->dp_reasons |= (dp->reasons->data[1] << 8);
+ dp->dp_reasons &= CRLDP_ALL_REASONS;
+ } else
+ dp->dp_reasons = CRLDP_ALL_REASONS;
+ if (!dp->distpoint || (dp->distpoint->type != 1))
+ return;
+ for (i = 0; i < sk_GENERAL_NAME_num(dp->CRLissuer); i++) {
+ GENERAL_NAME *gen = sk_GENERAL_NAME_value(dp->CRLissuer, i);
+ if (gen->type == GEN_DIRNAME) {
+ iname = gen->d.directoryName;
+ break;
+ }
+ }
+ if (!iname)
+ iname = X509_get_issuer_name(x);
+
+ DIST_POINT_set_dpname(dp->distpoint, iname);
+
+}
+
+static void setup_crldp(X509 *x)
+{
+ int i;
+ x->crldp = X509_get_ext_d2i(x, NID_crl_distribution_points, NULL, NULL);
+ for (i = 0; i < sk_DIST_POINT_num(x->crldp); i++)
+ setup_dp(x, sk_DIST_POINT_value(x->crldp, i));
+}
+
static void x509v3_cache_extensions(X509 *x)
{
BASIC_CONSTRAINTS *bs;
@@ -377,8 +420,8 @@
/* Handle proxy certificates */
if ((pci = X509_get_ext_d2i(x, NID_proxyCertInfo, NULL, NULL))) {
if (x->ex_flags & EXFLAG_CA
- || X509_get_ext_by_NID(x, NID_subject_alt_name, 0) >= 0
- || X509_get_ext_by_NID(x, NID_issuer_alt_name, 0) >= 0) {
+ || X509_get_ext_by_NID(x, NID_subject_alt_name, -1) >= 0
+ || X509_get_ext_by_NID(x, NID_issuer_alt_name, -1) >= 0) {
x->ex_flags |= EXFLAG_INVALID;
}
if (pci->pcPathLengthConstraint) {
@@ -451,6 +494,12 @@
}
x->skid = X509_get_ext_d2i(x, NID_subject_key_identifier, NULL, NULL);
x->akid = X509_get_ext_d2i(x, NID_authority_key_identifier, NULL, NULL);
+ x->altname = X509_get_ext_d2i(x, NID_subject_alt_name, NULL, NULL);
+ x->nc = X509_get_ext_d2i(x, NID_name_constraints, &i, NULL);
+ if (!x->nc && (i != -1))
+ x->ex_flags |= EXFLAG_INVALID;
+ setup_crldp(x);
+
#ifndef OPENSSL_NO_RFC3779
x->rfc3779_addr = X509_get_ext_d2i(x, NID_sbgp_ipAddrBlock, NULL, NULL);
x->rfc3779_asid = X509_get_ext_d2i(x, NID_sbgp_autonomousSysNum,
@@ -458,6 +507,9 @@
#endif
for (i = 0; i < X509_get_ext_count(x); i++) {
ex = X509_get_ext(x, i);
+ if (OBJ_obj2nid(X509_EXTENSION_get_object(ex))
+ == NID_freshest_crl)
+ x->ex_flags |= EXFLAG_FRESHEST;
if (!X509_EXTENSION_get_critical(ex))
continue;
if (!X509_supported_extension(ex)) {
@@ -669,6 +721,41 @@
return 1;
}
+static int check_purpose_timestamp_sign(const X509_PURPOSE *xp, const X509 *x,
+ int ca)
+{
+ int i_ext;
+
+ /* If ca is true we must return if this is a valid CA certificate. */
+ if (ca)
+ return check_ca(x);
+
+ /*
+ * Check the optional key usage field:
+ * if Key Usage is present, it must be one of digitalSignature
+ * and/or nonRepudiation (other values are not consistent and shall
+ * be rejected).
+ */
+ if ((x->ex_flags & EXFLAG_KUSAGE)
+ && ((x->ex_kusage & ~(KU_NON_REPUDIATION | KU_DIGITAL_SIGNATURE)) ||
+ !(x->ex_kusage & (KU_NON_REPUDIATION | KU_DIGITAL_SIGNATURE))))
+ return 0;
+
+ /* Only time stamp key usage is permitted and it's required. */
+ if (!(x->ex_flags & EXFLAG_XKUSAGE) || x->ex_xkusage != XKU_TIMESTAMP)
+ return 0;
+
+ /* Extended Key Usage MUST be critical */
+ i_ext = X509_get_ext_by_NID((X509 *)x, NID_ext_key_usage, -1);
+ if (i_ext >= 0) {
+ X509_EXTENSION *ext = X509_get_ext((X509 *)x, i_ext);
+ if (!X509_EXTENSION_get_critical(ext))
+ return 0;
+ }
+
+ return 1;
+}
+
static int no_check(const X509_PURPOSE *xp, const X509 *x, int ca)
{
return 1;
@@ -694,39 +781,13 @@
return X509_V_ERR_SUBJECT_ISSUER_MISMATCH;
x509v3_cache_extensions(issuer);
x509v3_cache_extensions(subject);
+
if (subject->akid) {
- /* Check key ids (if present) */
- if (subject->akid->keyid && issuer->skid &&
- ASN1_OCTET_STRING_cmp(subject->akid->keyid, issuer->skid))
- return X509_V_ERR_AKID_SKID_MISMATCH;
- /* Check serial number */
- if (subject->akid->serial &&
- ASN1_INTEGER_cmp(X509_get_serialNumber(issuer),
- subject->akid->serial))
- return X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH;
- /* Check issuer name */
- if (subject->akid->issuer) {
- /*
- * Ugh, for some peculiar reason AKID includes SEQUENCE OF
- * GeneralName. So look for a DirName. There may be more than one
- * but we only take any notice of the first.
- */
- GENERAL_NAMES *gens;
- GENERAL_NAME *gen;
- X509_NAME *nm = NULL;
- int i;
- gens = subject->akid->issuer;
- for (i = 0; i < sk_GENERAL_NAME_num(gens); i++) {
- gen = sk_GENERAL_NAME_value(gens, i);
- if (gen->type == GEN_DIRNAME) {
- nm = gen->d.dirn;
- break;
- }
- }
- if (nm && X509_NAME_cmp(nm, X509_get_issuer_name(issuer)))
- return X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH;
- }
+ int ret = X509_check_akid(issuer, subject->akid);
+ if (ret != X509_V_OK)
+ return ret;
}
+
if (subject->ex_flags & EXFLAG_PROXY) {
if (ku_reject(issuer, KU_DIGITAL_SIGNATURE))
return X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE;
@@ -734,3 +795,42 @@
return X509_V_ERR_KEYUSAGE_NO_CERTSIGN;
return X509_V_OK;
}
+
+int X509_check_akid(X509 *issuer, AUTHORITY_KEYID *akid)
+{
+
+ if (!akid)
+ return X509_V_OK;
+
+ /* Check key ids (if present) */
+ if (akid->keyid && issuer->skid &&
+ ASN1_OCTET_STRING_cmp(akid->keyid, issuer->skid))
+ return X509_V_ERR_AKID_SKID_MISMATCH;
+ /* Check serial number */
+ if (akid->serial &&
+ ASN1_INTEGER_cmp(X509_get_serialNumber(issuer), akid->serial))
+ return X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH;
+ /* Check issuer name */
+ if (akid->issuer) {
+ /*
+ * Ugh, for some peculiar reason AKID includes SEQUENCE OF
+ * GeneralName. So look for a DirName. There may be more than one but
+ * we only take any notice of the first.
+ */
+ GENERAL_NAMES *gens;
+ GENERAL_NAME *gen;
+ X509_NAME *nm = NULL;
+ int i;
+ gens = akid->issuer;
+ for (i = 0; i < sk_GENERAL_NAME_num(gens); i++) {
+ gen = sk_GENERAL_NAME_value(gens, i);
+ if (gen->type == GEN_DIRNAME) {
+ nm = gen->d.dirn;
+ break;
+ }
+ }
+ if (nm && X509_NAME_cmp(nm, X509_get_issuer_name(issuer)))
+ return X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH;
+ }
+ return X509_V_OK;
+}
Modified: trunk/crypto/openssl/crypto/x509v3/v3_skey.c
===================================================================
--- trunk/crypto/openssl/crypto/x509v3/v3_skey.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/x509v3/v3_skey.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -133,7 +133,9 @@
goto err;
}
- EVP_Digest(pk->data, pk->length, pkey_dig, &diglen, EVP_sha1(), NULL);
+ if (!EVP_Digest
+ (pk->data, pk->length, pkey_dig, &diglen, EVP_sha1(), NULL))
+ goto err;
if (!M_ASN1_OCTET_STRING_set(oct, pkey_dig, diglen)) {
X509V3err(X509V3_F_S2I_SKEY_ID, ERR_R_MALLOC_FAILURE);
Modified: trunk/crypto/openssl/crypto/x509v3/v3_utl.c
===================================================================
--- trunk/crypto/openssl/crypto/x509v3/v3_utl.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/x509v3/v3_utl.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -67,9 +67,10 @@
static char *strip_spaces(char *name);
static int sk_strcmp(const char *const *a, const char *const *b);
-static STACK *get_email(X509_NAME *name, GENERAL_NAMES *gens);
-static void str_free(void *str);
-static int append_ia5(STACK ** sk, ASN1_IA5STRING *email);
+static STACK_OF(OPENSSL_STRING) *get_email(X509_NAME *name,
+ GENERAL_NAMES *gens);
+static void str_free(OPENSSL_STRING str);
+static int append_ia5(STACK_OF(OPENSSL_STRING) **sk, ASN1_IA5STRING *email);
static int ipv4_from_asc(unsigned char *v4, const char *in);
static int ipv6_from_asc(unsigned char *v6, const char *in);
@@ -284,6 +285,10 @@
int state;
/* We are going to modify the line so copy it first */
linebuf = BUF_strdup(line);
+ if (linebuf == NULL) {
+ X509V3err(X509V3_F_X509V3_PARSE_LIST, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
state = HDR_NAME;
ntmp = NULL;
/* Go through all characters */
@@ -399,10 +404,10 @@
* on EBCDIC machines)
*/
-char *hex_to_string(unsigned char *buffer, long len)
+char *hex_to_string(const unsigned char *buffer, long len)
{
char *tmp, *q;
- unsigned char *p;
+ const unsigned char *p;
int i;
const static char hexdig[] = "0123456789ABCDEF";
if (!buffer || !len)
@@ -429,7 +434,7 @@
* Give a string of hex digits convert to a buffer
*/
-unsigned char *string_to_hex(char *str, long *len)
+unsigned char *string_to_hex(const char *str, long *len)
{
unsigned char *hexbuf, *q;
unsigned char ch, cl, *p;
@@ -517,10 +522,11 @@
return strcmp(*a, *b);
}
-STACK *X509_get1_email(X509 *x)
+STACK_OF(OPENSSL_STRING) *X509_get1_email(X509 *x)
{
GENERAL_NAMES *gens;
- STACK *ret;
+ STACK_OF(OPENSSL_STRING) *ret;
+
gens = X509_get_ext_d2i(x, NID_subject_alt_name, NULL, NULL);
ret = get_email(X509_get_subject_name(x), gens);
sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free);
@@ -527,11 +533,12 @@
return ret;
}
-STACK *X509_get1_ocsp(X509 *x)
+STACK_OF(OPENSSL_STRING) *X509_get1_ocsp(X509 *x)
{
AUTHORITY_INFO_ACCESS *info;
- STACK *ret = NULL;
+ STACK_OF(OPENSSL_STRING) *ret = NULL;
int i;
+
info = X509_get_ext_d2i(x, NID_info_access, NULL, NULL);
if (!info)
return NULL;
@@ -549,11 +556,12 @@
return ret;
}
-STACK *X509_REQ_get1_email(X509_REQ *x)
+STACK_OF(OPENSSL_STRING) *X509_REQ_get1_email(X509_REQ *x)
{
GENERAL_NAMES *gens;
STACK_OF(X509_EXTENSION) *exts;
- STACK *ret;
+ STACK_OF(OPENSSL_STRING) *ret;
+
exts = X509_REQ_get_extensions(x);
gens = X509V3_get_d2i(exts, NID_subject_alt_name, NULL, NULL);
ret = get_email(X509_REQ_get_subject_name(x), gens);
@@ -562,9 +570,10 @@
return ret;
}
-static STACK *get_email(X509_NAME *name, GENERAL_NAMES *gens)
+static STACK_OF(OPENSSL_STRING) *get_email(X509_NAME *name,
+ GENERAL_NAMES *gens)
{
- STACK *ret = NULL;
+ STACK_OF(OPENSSL_STRING) *ret = NULL;
X509_NAME_ENTRY *ne;
ASN1_IA5STRING *email;
GENERAL_NAME *gen;
@@ -589,12 +598,12 @@
return ret;
}
-static void str_free(void *str)
+static void str_free(OPENSSL_STRING str)
{
OPENSSL_free(str);
}
-static int append_ia5(STACK ** sk, ASN1_IA5STRING *email)
+static int append_ia5(STACK_OF(OPENSSL_STRING) **sk, ASN1_IA5STRING *email)
{
char *emtmp;
/* First some sanity checks */
@@ -603,14 +612,14 @@
if (!email->data || !email->length)
return 1;
if (!*sk)
- *sk = sk_new(sk_strcmp);
+ *sk = sk_OPENSSL_STRING_new(sk_strcmp);
if (!*sk)
return 0;
/* Don't add duplicates */
- if (sk_find(*sk, (char *)email->data) != -1)
+ if (sk_OPENSSL_STRING_find(*sk, (char *)email->data) != -1)
return 1;
emtmp = BUF_strdup((char *)email->data);
- if (!emtmp || !sk_push(*sk, emtmp)) {
+ if (!emtmp || !sk_OPENSSL_STRING_push(*sk, emtmp)) {
X509_email_free(*sk);
*sk = NULL;
return 0;
@@ -618,9 +627,9 @@
return 1;
}
-void X509_email_free(STACK * sk)
+void X509_email_free(STACK_OF(OPENSSL_STRING) *sk)
{
- sk_pop_free(sk, str_free);
+ sk_OPENSSL_STRING_pop_free(sk, str_free);
}
/*
Modified: trunk/crypto/openssl/crypto/x509v3/v3err.c
===================================================================
--- trunk/crypto/openssl/crypto/x509v3/v3err.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/x509v3/v3err.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,6 +1,6 @@
/* crypto/x509v3/v3err.c */
/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -70,6 +70,7 @@
# define ERR_REASON(reason) ERR_PACK(ERR_LIB_X509V3,0,reason)
static ERR_STRING_DATA X509V3_str_functs[] = {
+ {ERR_FUNC(X509V3_F_A2I_GENERAL_NAME), "A2I_GENERAL_NAME"},
{ERR_FUNC(X509V3_F_ASIDENTIFIERCHOICE_CANONIZE),
"ASIDENTIFIERCHOICE_CANONIZE"},
{ERR_FUNC(X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL),
@@ -81,6 +82,7 @@
{ERR_FUNC(X509V3_F_DO_EXT_I2D), "DO_EXT_I2D"},
{ERR_FUNC(X509V3_F_DO_EXT_NCONF), "DO_EXT_NCONF"},
{ERR_FUNC(X509V3_F_DO_I2V_NAME_CONSTRAINTS), "DO_I2V_NAME_CONSTRAINTS"},
+ {ERR_FUNC(X509V3_F_GNAMES_FROM_SECTNAME), "GNAMES_FROM_SECTNAME"},
{ERR_FUNC(X509V3_F_HEX_TO_STRING), "hex_to_string"},
{ERR_FUNC(X509V3_F_I2S_ASN1_ENUMERATED), "i2s_ASN1_ENUMERATED"},
{ERR_FUNC(X509V3_F_I2S_ASN1_IA5STRING), "I2S_ASN1_IA5STRING"},
@@ -98,6 +100,7 @@
{ERR_FUNC(X509V3_F_S2I_ASN1_OCTET_STRING), "s2i_ASN1_OCTET_STRING"},
{ERR_FUNC(X509V3_F_S2I_ASN1_SKEY_ID), "S2I_ASN1_SKEY_ID"},
{ERR_FUNC(X509V3_F_S2I_SKEY_ID), "S2I_SKEY_ID"},
+ {ERR_FUNC(X509V3_F_SET_DIST_POINT_NAME), "SET_DIST_POINT_NAME"},
{ERR_FUNC(X509V3_F_STRING_TO_HEX), "string_to_hex"},
{ERR_FUNC(X509V3_F_SXNET_ADD_ID_ASC), "SXNET_add_id_asc"},
{ERR_FUNC(X509V3_F_SXNET_ADD_ID_INTEGER), "SXNET_add_id_INTEGER"},
@@ -114,6 +117,7 @@
{ERR_FUNC(X509V3_F_V2I_EXTENDED_KEY_USAGE), "V2I_EXTENDED_KEY_USAGE"},
{ERR_FUNC(X509V3_F_V2I_GENERAL_NAMES), "v2i_GENERAL_NAMES"},
{ERR_FUNC(X509V3_F_V2I_GENERAL_NAME_EX), "v2i_GENERAL_NAME_ex"},
+ {ERR_FUNC(X509V3_F_V2I_IDP), "V2I_IDP"},
{ERR_FUNC(X509V3_F_V2I_IPADDRBLOCKS), "V2I_IPADDRBLOCKS"},
{ERR_FUNC(X509V3_F_V2I_ISSUER_ALT), "V2I_ISSUER_ALT"},
{ERR_FUNC(X509V3_F_V2I_NAME_CONSTRAINTS), "V2I_NAME_CONSTRAINTS"},
@@ -146,6 +150,7 @@
{ERR_REASON(X509V3_R_BN_TO_ASN1_INTEGER_ERROR),
"bn to asn1 integer error"},
{ERR_REASON(X509V3_R_DIRNAME_ERROR), "dirname error"},
+ {ERR_REASON(X509V3_R_DISTPOINT_ALREADY_SET), "distpoint already set"},
{ERR_REASON(X509V3_R_DUPLICATE_ZONE_ID), "duplicate zone id"},
{ERR_REASON(X509V3_R_ERROR_CONVERTING_ZONE), "error converting zone"},
{ERR_REASON(X509V3_R_ERROR_CREATING_EXTENSION),
@@ -162,6 +167,7 @@
{ERR_REASON(X509V3_R_ILLEGAL_HEX_DIGIT), "illegal hex digit"},
{ERR_REASON(X509V3_R_INCORRECT_POLICY_SYNTAX_TAG),
"incorrect policy syntax tag"},
+ {ERR_REASON(X509V3_R_INVALID_MULTIPLE_RDNS), "invalid multiple rdns"},
{ERR_REASON(X509V3_R_INVALID_ASNUMBER), "invalid asnumber"},
{ERR_REASON(X509V3_R_INVALID_ASRANGE), "invalid asrange"},
{ERR_REASON(X509V3_R_INVALID_BOOLEAN_STRING), "invalid boolean string"},
@@ -201,11 +207,11 @@
{ERR_REASON(X509V3_R_ODD_NUMBER_OF_DIGITS), "odd number of digits"},
{ERR_REASON(X509V3_R_OPERATION_NOT_DEFINED), "operation not defined"},
{ERR_REASON(X509V3_R_OTHERNAME_ERROR), "othername error"},
- {ERR_REASON(X509V3_R_POLICY_LANGUAGE_ALREADTY_DEFINED),
- "policy language alreadty defined"},
+ {ERR_REASON(X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED),
+ "policy language already defined"},
{ERR_REASON(X509V3_R_POLICY_PATH_LENGTH), "policy path length"},
- {ERR_REASON(X509V3_R_POLICY_PATH_LENGTH_ALREADTY_DEFINED),
- "policy path length alreadty defined"},
+ {ERR_REASON(X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED),
+ "policy path length already defined"},
{ERR_REASON(X509V3_R_POLICY_SYNTAX_NOT_CURRENTLY_SUPPORTED),
"policy syntax not currently supported"},
{ERR_REASON(X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY),
@@ -221,6 +227,7 @@
{ERR_REASON(X509V3_R_UNKNOWN_EXTENSION_NAME), "unknown extension name"},
{ERR_REASON(X509V3_R_UNKNOWN_OPTION), "unknown option"},
{ERR_REASON(X509V3_R_UNSUPPORTED_OPTION), "unsupported option"},
+ {ERR_REASON(X509V3_R_UNSUPPORTED_TYPE), "unsupported type"},
{ERR_REASON(X509V3_R_USER_TOO_LONG), "user too long"},
{0, NULL}
};
Modified: trunk/crypto/openssl/crypto/x509v3/x509v3.h
===================================================================
--- trunk/crypto/openssl/crypto/x509v3/x509v3.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/x509v3/x509v3.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -77,19 +77,19 @@
typedef void (*X509V3_EXT_FREE) (void *);
typedef void *(*X509V3_EXT_D2I)(void *, const unsigned char **, long);
typedef int (*X509V3_EXT_I2D) (void *, unsigned char **);
-typedef STACK_OF(CONF_VALUE) *(*X509V3_EXT_I2V) (struct v3_ext_method *method,
- void *ext,
- STACK_OF(CONF_VALUE)
- *extlist);
-typedef void *(*X509V3_EXT_V2I)(struct v3_ext_method *method,
+typedef STACK_OF(CONF_VALUE) *
+ (*X509V3_EXT_I2V) (const struct v3_ext_method *method, void *ext,
+ STACK_OF(CONF_VALUE) *extlist);
+typedef void *(*X509V3_EXT_V2I)(const struct v3_ext_method *method,
struct v3_ext_ctx *ctx,
STACK_OF(CONF_VALUE) *values);
-typedef char *(*X509V3_EXT_I2S)(struct v3_ext_method *method, void *ext);
-typedef void *(*X509V3_EXT_S2I)(struct v3_ext_method *method,
+typedef char *(*X509V3_EXT_I2S)(const struct v3_ext_method *method,
+ void *ext);
+typedef void *(*X509V3_EXT_S2I)(const struct v3_ext_method *method,
struct v3_ext_ctx *ctx, const char *str);
-typedef int (*X509V3_EXT_I2R) (struct v3_ext_method *method, void *ext,
+typedef int (*X509V3_EXT_I2R) (const struct v3_ext_method *method, void *ext,
BIO *out, int indent);
-typedef void *(*X509V3_EXT_R2I)(struct v3_ext_method *method,
+typedef void *(*X509V3_EXT_R2I)(const struct v3_ext_method *method,
struct v3_ext_ctx *ctx, const char *str);
/* V3 extension structure */
@@ -222,13 +222,30 @@
GENERAL_NAMES *fullname;
STACK_OF(X509_NAME_ENTRY) *relativename;
} name;
+/* If relativename then this contains the full distribution point name */
+ X509_NAME *dpname;
} DIST_POINT_NAME;
+/* All existing reasons */
+# define CRLDP_ALL_REASONS 0x807f
-typedef struct DIST_POINT_st {
+# define CRL_REASON_NONE -1
+# define CRL_REASON_UNSPECIFIED 0
+# define CRL_REASON_KEY_COMPROMISE 1
+# define CRL_REASON_CA_COMPROMISE 2
+# define CRL_REASON_AFFILIATION_CHANGED 3
+# define CRL_REASON_SUPERSEDED 4
+# define CRL_REASON_CESSATION_OF_OPERATION 5
+# define CRL_REASON_CERTIFICATE_HOLD 6
+# define CRL_REASON_REMOVE_FROM_CRL 8
+# define CRL_REASON_PRIVILEGE_WITHDRAWN 9
+# define CRL_REASON_AA_COMPROMISE 10
+
+struct DIST_POINT_st {
DIST_POINT_NAME *distpoint;
ASN1_BIT_STRING *reasons;
GENERAL_NAMES *CRLissuer;
-} DIST_POINT;
+ int dp_reasons;
+};
typedef STACK_OF(DIST_POINT) CRL_DIST_POINTS;
@@ -235,11 +252,11 @@
DECLARE_STACK_OF(DIST_POINT)
DECLARE_ASN1_SET_OF(DIST_POINT)
-typedef struct AUTHORITY_KEYID_st {
+struct AUTHORITY_KEYID_st {
ASN1_OCTET_STRING *keyid;
GENERAL_NAMES *issuer;
ASN1_INTEGER *serial;
-} AUTHORITY_KEYID;
+};
/* Strong extranet structures */
@@ -305,10 +322,10 @@
DECLARE_STACK_OF(GENERAL_SUBTREE)
-typedef struct NAME_CONSTRAINTS_st {
+struct NAME_CONSTRAINTS_st {
STACK_OF(GENERAL_SUBTREE) *permittedSubtrees;
STACK_OF(GENERAL_SUBTREE) *excludedSubtrees;
-} NAME_CONSTRAINTS;
+};
typedef struct POLICY_CONSTRAINTS_st {
ASN1_INTEGER *requireExplicitPolicy;
@@ -329,6 +346,31 @@
DECLARE_ASN1_FUNCTIONS(PROXY_POLICY)
DECLARE_ASN1_FUNCTIONS(PROXY_CERT_INFO_EXTENSION)
+struct ISSUING_DIST_POINT_st {
+ DIST_POINT_NAME *distpoint;
+ int onlyuser;
+ int onlyCA;
+ ASN1_BIT_STRING *onlysomereasons;
+ int indirectCRL;
+ int onlyattr;
+};
+
+/* Values in idp_flags field */
+/* IDP present */
+# define IDP_PRESENT 0x1
+/* IDP values inconsistent */
+# define IDP_INVALID 0x2
+/* onlyuser true */
+# define IDP_ONLYUSER 0x4
+/* onlyCA true */
+# define IDP_ONLYCA 0x8
+/* onlyattr true */
+# define IDP_ONLYATTR 0x10
+/* indirectCRL true */
+# define IDP_INDIRECT 0x20
+/* onlysomereasons present */
+# define IDP_REASONS 0x40
+
# define X509V3_conf_err(val) ERR_add_error_data(6, "section:", val->section, \
",name:", val->name, ",value:", val->value);
@@ -371,6 +413,7 @@
# define EXFLAG_PROXY 0x400
# define EXFLAG_INVALID_POLICY 0x800
+# define EXFLAG_FRESHEST 0x1000
# define KU_DIGITAL_SIGNATURE 0x0080
# define KU_NON_REPUDIATION 0x0040
@@ -421,9 +464,10 @@
# define X509_PURPOSE_CRL_SIGN 6
# define X509_PURPOSE_ANY 7
# define X509_PURPOSE_OCSP_HELPER 8
+# define X509_PURPOSE_TIMESTAMP_SIGN 9
# define X509_PURPOSE_MIN 1
-# define X509_PURPOSE_MAX 8
+# define X509_PURPOSE_MAX 9
/* Flags for X509V3_EXT_print() */
@@ -470,6 +514,8 @@
DECLARE_ASN1_FUNCTIONS(PKEY_USAGE_PERIOD)
DECLARE_ASN1_FUNCTIONS(GENERAL_NAME)
+GENERAL_NAME *GENERAL_NAME_dup(GENERAL_NAME *a);
+int GENERAL_NAME_cmp(GENERAL_NAME *a, GENERAL_NAME *b);
ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
X509V3_CTX *ctx,
@@ -488,11 +534,18 @@
STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method,
GENERAL_NAMES *gen,
STACK_OF(CONF_VALUE) *extlist);
-GENERAL_NAMES *v2i_GENERAL_NAMES(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
- STACK_OF(CONF_VALUE) *nval);
+GENERAL_NAMES *v2i_GENERAL_NAMES(const X509V3_EXT_METHOD *method,
+ X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
DECLARE_ASN1_FUNCTIONS(OTHERNAME)
DECLARE_ASN1_FUNCTIONS(EDIPARTYNAME)
+int OTHERNAME_cmp(OTHERNAME *a, OTHERNAME *b);
+void GENERAL_NAME_set0_value(GENERAL_NAME *a, int type, void *value);
+void *GENERAL_NAME_get0_value(GENERAL_NAME *a, int *ptype);
+int GENERAL_NAME_set0_othername(GENERAL_NAME *gen,
+ ASN1_OBJECT *oid, ASN1_TYPE *value);
+int GENERAL_NAME_get0_otherName(GENERAL_NAME *gen,
+ ASN1_OBJECT **poid, ASN1_TYPE **pvalue);
char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method,
ASN1_OCTET_STRING *ia5);
@@ -511,7 +564,12 @@
DECLARE_ASN1_FUNCTIONS(CRL_DIST_POINTS)
DECLARE_ASN1_FUNCTIONS(DIST_POINT)
DECLARE_ASN1_FUNCTIONS(DIST_POINT_NAME)
+DECLARE_ASN1_FUNCTIONS(ISSUING_DIST_POINT)
+int DIST_POINT_set_dpname(DIST_POINT_NAME *dpn, X509_NAME *iname);
+
+int NAME_CONSTRAINTS_check(X509 *x, NAME_CONSTRAINTS *nc);
+
DECLARE_ASN1_FUNCTIONS(ACCESS_DESCRIPTION)
DECLARE_ASN1_FUNCTIONS(AUTHORITY_INFO_ACCESS)
@@ -528,12 +586,18 @@
DECLARE_ASN1_ALLOC_FUNCTIONS(POLICY_CONSTRAINTS)
DECLARE_ASN1_ITEM(POLICY_CONSTRAINTS)
+GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out,
+ const X509V3_EXT_METHOD *method,
+ X509V3_CTX *ctx, int gen_type, char *value,
+ int is_nc);
+
# ifdef HEADER_CONF_H
-GENERAL_NAME *v2i_GENERAL_NAME(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
- CONF_VALUE *cnf);
+GENERAL_NAME *v2i_GENERAL_NAME(const X509V3_EXT_METHOD *method,
+ X509V3_CTX *ctx, CONF_VALUE *cnf);
GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out,
- X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
- CONF_VALUE *cnf, int is_nc);
+ const X509V3_EXT_METHOD *method,
+ X509V3_CTX *ctx, CONF_VALUE *cnf,
+ int is_nc);
void X509V3_conf_free(CONF_VALUE *val);
X509_EXTENSION *X509V3_EXT_nconf_nid(CONF *conf, X509V3_CTX *ctx, int ext_nid,
@@ -549,16 +613,17 @@
int X509V3_EXT_CRL_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section,
X509_CRL *crl);
-X509_EXTENSION *X509V3_EXT_conf_nid(LHASH *conf, X509V3_CTX *ctx, int ext_nid,
+X509_EXTENSION *X509V3_EXT_conf_nid(LHASH_OF(CONF_VALUE) *conf,
+ X509V3_CTX *ctx, int ext_nid,
char *value);
-X509_EXTENSION *X509V3_EXT_conf(LHASH *conf, X509V3_CTX *ctx, char *name,
- char *value);
-int X509V3_EXT_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section,
- X509 *cert);
-int X509V3_EXT_REQ_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section,
- X509_REQ *req);
-int X509V3_EXT_CRL_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section,
- X509_CRL *crl);
+X509_EXTENSION *X509V3_EXT_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
+ char *name, char *value);
+int X509V3_EXT_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
+ char *section, X509 *cert);
+int X509V3_EXT_REQ_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
+ char *section, X509_REQ *req);
+int X509V3_EXT_CRL_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
+ char *section, X509_CRL *crl);
int X509V3_add_value_bool_nf(char *name, int asn1_bool,
STACK_OF(CONF_VALUE) **extlist);
@@ -565,7 +630,7 @@
int X509V3_get_value_bool(CONF_VALUE *value, int *asn1_bool);
int X509V3_get_value_int(CONF_VALUE *value, ASN1_INTEGER **aint);
void X509V3_set_nconf(X509V3_CTX *ctx, CONF *conf);
-void X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH *lhash);
+void X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH_OF(CONF_VALUE) *lhash);
# endif
char *X509V3_get_string(X509V3_CTX *ctx, char *name, char *section);
@@ -593,8 +658,8 @@
int X509V3_EXT_add_alias(int nid_to, int nid_from);
void X509V3_EXT_cleanup(void);
-X509V3_EXT_METHOD *X509V3_EXT_get(X509_EXTENSION *ext);
-X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid);
+const X509V3_EXT_METHOD *X509V3_EXT_get(X509_EXTENSION *ext);
+const X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid);
int X509V3_add_standard_extensions(void);
STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line);
void *X509V3_EXT_d2i(X509_EXTENSION *ext);
@@ -605,8 +670,8 @@
int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value,
int crit, unsigned long flags);
-char *hex_to_string(unsigned char *buffer, long len);
-unsigned char *string_to_hex(char *str, long *len);
+char *hex_to_string(const unsigned char *buffer, long len);
+unsigned char *string_to_hex(const char *str, long *len);
int name_cmp(const char *name, const char *cmp);
void X509V3_EXT_val_prn(BIO *out, STACK_OF(CONF_VALUE) *val, int indent,
@@ -624,6 +689,7 @@
int X509_supported_extension(X509_EXTENSION *ex);
int X509_PURPOSE_set(int *p, int purpose);
int X509_check_issued(X509 *issuer, X509 *subject);
+int X509_check_akid(X509 *issuer, AUTHORITY_KEYID *akid);
int X509_PURPOSE_get_count(void);
X509_PURPOSE *X509_PURPOSE_get0(int idx);
int X509_PURPOSE_get_by_sname(char *sname);
@@ -637,10 +703,10 @@
void X509_PURPOSE_cleanup(void);
int X509_PURPOSE_get_id(X509_PURPOSE *);
-STACK *X509_get1_email(X509 *x);
-STACK *X509_REQ_get1_email(X509_REQ *x);
-void X509_email_free(STACK * sk);
-STACK *X509_get1_ocsp(X509 *x);
+STACK_OF(OPENSSL_STRING) *X509_get1_email(X509 *x);
+STACK_OF(OPENSSL_STRING) *X509_REQ_get1_email(X509_REQ *x);
+void X509_email_free(STACK_OF(OPENSSL_STRING) *sk);
+STACK_OF(OPENSSL_STRING) *X509_get1_ocsp(X509 *x);
ASN1_OCTET_STRING *a2i_IPADDRESS(const char *ipasc);
ASN1_OCTET_STRING *a2i_IPADDRESS_NC(const char *ipasc);
@@ -649,6 +715,7 @@
unsigned long chtype);
void X509_POLICY_NODE_print(BIO *out, X509_POLICY_NODE *node, int indent);
+DECLARE_STACK_OF(X509_POLICY_NODE)
# ifndef OPENSSL_NO_RFC3779
@@ -806,8 +873,9 @@
/* Error codes for the X509V3 functions. */
/* Function codes. */
-# define X509V3_F_ASIDENTIFIERCHOICE_CANONIZE 156
-# define X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL 157
+# define X509V3_F_A2I_GENERAL_NAME 164
+# define X509V3_F_ASIDENTIFIERCHOICE_CANONIZE 161
+# define X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL 162
# define X509V3_F_COPY_EMAIL 122
# define X509V3_F_COPY_ISSUER 123
# define X509V3_F_DO_DIRNAME 144
@@ -815,6 +883,7 @@
# define X509V3_F_DO_EXT_I2D 135
# define X509V3_F_DO_EXT_NCONF 151
# define X509V3_F_DO_I2V_NAME_CONSTRAINTS 148
+# define X509V3_F_GNAMES_FROM_SECTNAME 156
# define X509V3_F_HEX_TO_STRING 111
# define X509V3_F_I2S_ASN1_ENUMERATED 121
# define X509V3_F_I2S_ASN1_IA5STRING 149
@@ -831,6 +900,7 @@
# define X509V3_F_S2I_ASN1_OCTET_STRING 112
# define X509V3_F_S2I_ASN1_SKEY_ID 114
# define X509V3_F_S2I_SKEY_ID 115
+# define X509V3_F_SET_DIST_POINT_NAME 158
# define X509V3_F_STRING_TO_HEX 113
# define X509V3_F_SXNET_ADD_ID_ASC 125
# define X509V3_F_SXNET_ADD_ID_INTEGER 126
@@ -837,7 +907,7 @@
# define X509V3_F_SXNET_ADD_ID_ULONG 127
# define X509V3_F_SXNET_GET_ID_ASC 128
# define X509V3_F_SXNET_GET_ID_ULONG 129
-# define X509V3_F_V2I_ASIDENTIFIERS 158
+# define X509V3_F_V2I_ASIDENTIFIERS 163
# define X509V3_F_V2I_ASN1_BIT_STRING 101
# define X509V3_F_V2I_AUTHORITY_INFO_ACCESS 139
# define X509V3_F_V2I_AUTHORITY_KEYID 119
@@ -846,6 +916,7 @@
# define X509V3_F_V2I_EXTENDED_KEY_USAGE 103
# define X509V3_F_V2I_GENERAL_NAMES 118
# define X509V3_F_V2I_GENERAL_NAME_EX 117
+# define X509V3_F_V2I_IDP 157
# define X509V3_F_V2I_IPADDRBLOCKS 159
# define X509V3_F_V2I_ISSUER_ALT 153
# define X509V3_F_V2I_NAME_CONSTRAINTS 147
@@ -874,6 +945,7 @@
# define X509V3_R_BN_DEC2BN_ERROR 100
# define X509V3_R_BN_TO_ASN1_INTEGER_ERROR 101
# define X509V3_R_DIRNAME_ERROR 149
+# define X509V3_R_DISTPOINT_ALREADY_SET 160
# define X509V3_R_DUPLICATE_ZONE_ID 133
# define X509V3_R_ERROR_CONVERTING_ZONE 131
# define X509V3_R_ERROR_CREATING_EXTENSION 144
@@ -887,12 +959,13 @@
# define X509V3_R_ILLEGAL_EMPTY_EXTENSION 151
# define X509V3_R_ILLEGAL_HEX_DIGIT 113
# define X509V3_R_INCORRECT_POLICY_SYNTAX_TAG 152
-# define X509V3_R_INVALID_ASNUMBER 160
-# define X509V3_R_INVALID_ASRANGE 161
+# define X509V3_R_INVALID_MULTIPLE_RDNS 161
+# define X509V3_R_INVALID_ASNUMBER 162
+# define X509V3_R_INVALID_ASRANGE 163
# define X509V3_R_INVALID_BOOLEAN_STRING 104
# define X509V3_R_INVALID_EXTENSION_STRING 105
-# define X509V3_R_INVALID_INHERITANCE 162
-# define X509V3_R_INVALID_IPADDRESS 163
+# define X509V3_R_INVALID_INHERITANCE 165
+# define X509V3_R_INVALID_IPADDRESS 166
# define X509V3_R_INVALID_NAME 106
# define X509V3_R_INVALID_NULL_ARGUMENT 107
# define X509V3_R_INVALID_NULL_NAME 108
@@ -920,9 +993,9 @@
# define X509V3_R_ODD_NUMBER_OF_DIGITS 112
# define X509V3_R_OPERATION_NOT_DEFINED 148
# define X509V3_R_OTHERNAME_ERROR 147
-# define X509V3_R_POLICY_LANGUAGE_ALREADTY_DEFINED 155
+# define X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED 155
# define X509V3_R_POLICY_PATH_LENGTH 156
-# define X509V3_R_POLICY_PATH_LENGTH_ALREADTY_DEFINED 157
+# define X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED 157
# define X509V3_R_POLICY_SYNTAX_NOT_CURRENTLY_SUPPORTED 158
# define X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY 159
# define X509V3_R_SECTION_NOT_FOUND 150
@@ -933,6 +1006,7 @@
# define X509V3_R_UNKNOWN_EXTENSION_NAME 130
# define X509V3_R_UNKNOWN_OPTION 120
# define X509V3_R_UNSUPPORTED_OPTION 117
+# define X509V3_R_UNSUPPORTED_TYPE 167
# define X509V3_R_USER_TOO_LONG 132
#ifdef __cplusplus
Modified: trunk/crypto/openssl/crypto/x86_64cpuid.pl
===================================================================
--- trunk/crypto/openssl/crypto/x86_64cpuid.pl 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/x86_64cpuid.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,108 +1,47 @@
#!/usr/bin/env perl
-$output=shift;
-$masm=1 if ($output =~ /\.asm/);
-open STDOUT,">$output" || die "can't open $output: $!";
+$flavour = shift;
+$output = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
-print<<___ if(defined($masm));
-_TEXT SEGMENT
-PUBLIC OPENSSL_rdtsc
+$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
-PUBLIC OPENSSL_atomic_add
-ALIGN 16
-OPENSSL_atomic_add PROC
- mov eax,DWORD PTR[rcx]
-\$Lspin: lea r8,DWORD PTR[rdx+rax]
-lock cmpxchg DWORD PTR[rcx],r8d
- jne \$Lspin
- mov eax,r8d
- cdqe
- ret
-OPENSSL_atomic_add ENDP
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}perlasm/x86_64-xlate.pl" and -f $xlate) or
+die "can't locate x86_64-xlate.pl";
-PUBLIC OPENSSL_wipe_cpu
-ALIGN 16
-OPENSSL_wipe_cpu PROC
- pxor xmm0,xmm0
- pxor xmm1,xmm1
- pxor xmm2,xmm2
- pxor xmm3,xmm3
- pxor xmm4,xmm4
- pxor xmm5,xmm5
- xor rcx,rcx
- xor rdx,rdx
- xor r8,r8
- xor r9,r9
- xor r10,r10
- xor r11,r11
- lea rax,QWORD PTR[rsp+8]
- ret
-OPENSSL_wipe_cpu ENDP
-_TEXT ENDS
+open OUT,"| \"$^X\" $xlate $flavour $output";
+*STDOUT=*OUT;
-CRT\$XIU SEGMENT
-EXTRN OPENSSL_cpuid_setup:PROC
-DQ OPENSSL_cpuid_setup
-CRT\$XIU ENDS
+($arg1,$arg2,$arg3,$arg4)=$win64?("%rcx","%rdx","%r8", "%r9") : # Win64 order
+ ("%rdi","%rsi","%rdx","%rcx"); # Unix order
-___
-print<<___ if(!defined($masm));
+print<<___;
+.extern OPENSSL_cpuid_setup
+.hidden OPENSSL_cpuid_setup
+.section .init
+ call OPENSSL_cpuid_setup
+
+.hidden OPENSSL_ia32cap_P
+.comm OPENSSL_ia32cap_P,8,4
+
.text
.globl OPENSSL_atomic_add
-.type OPENSSL_atomic_add,\@function
+.type OPENSSL_atomic_add,\@abi-omnipotent
.align 16
OPENSSL_atomic_add:
- movl (%rdi),%eax
-.Lspin: leaq (%rsi,%rax),%r8
-lock; cmpxchgl %r8d,(%rdi)
+ movl ($arg1),%eax
+.Lspin: leaq ($arg2,%rax),%r8
+ .byte 0xf0 # lock
+ cmpxchgl %r8d,($arg1)
jne .Lspin
movl %r8d,%eax
- .byte 0x48,0x98
+ .byte 0x48,0x98 # cltq/cdqe
ret
.size OPENSSL_atomic_add,.-OPENSSL_atomic_add
-.globl OPENSSL_wipe_cpu
-.type OPENSSL_wipe_cpu,\@function
-.align 16
-OPENSSL_wipe_cpu:
- pxor %xmm0,%xmm0
- pxor %xmm1,%xmm1
- pxor %xmm2,%xmm2
- pxor %xmm3,%xmm3
- pxor %xmm4,%xmm4
- pxor %xmm5,%xmm5
- pxor %xmm6,%xmm6
- pxor %xmm7,%xmm7
- pxor %xmm8,%xmm8
- pxor %xmm9,%xmm9
- pxor %xmm10,%xmm10
- pxor %xmm11,%xmm11
- pxor %xmm12,%xmm12
- pxor %xmm13,%xmm13
- pxor %xmm14,%xmm14
- pxor %xmm15,%xmm15
- xorq %rcx,%rcx
- xorq %rdx,%rdx
- xorq %rsi,%rsi
- xorq %rdi,%rdi
- xorq %r8,%r8
- xorq %r9,%r9
- xorq %r10,%r10
- xorq %r11,%r11
- leaq 8(%rsp),%rax
- ret
-.size OPENSSL_wipe_cpu,.-OPENSSL_wipe_cpu
-
-.section .init
- call OPENSSL_cpuid_setup
-
-___
-
-open STDOUT,"| $^X perlasm/x86_64-xlate.pl $output";
-print<<___;
-.text
-
.globl OPENSSL_rdtsc
.type OPENSSL_rdtsc,\@abi-omnipotent
.align 16
@@ -117,10 +56,12 @@
.type OPENSSL_ia32_cpuid,\@abi-omnipotent
.align 16
OPENSSL_ia32_cpuid:
- mov %rbx,%r8
+ mov %rbx,%r8 # save %rbx
xor %eax,%eax
cpuid
+ mov %eax,%r11d # max value for standard query level
+
xor %eax,%eax
cmp \$0x756e6547,%ebx # "Genu"
setne %al
@@ -130,30 +71,214 @@
or %eax,%r9d
cmp \$0x6c65746e,%ecx # "ntel"
setne %al
- or %eax,%r9d
+ or %eax,%r9d # 0 indicates Intel CPU
+ jz .Lintel
+ cmp \$0x68747541,%ebx # "Auth"
+ setne %al
+ mov %eax,%r10d
+ cmp \$0x69746E65,%edx # "enti"
+ setne %al
+ or %eax,%r10d
+ cmp \$0x444D4163,%ecx # "cAMD"
+ setne %al
+ or %eax,%r10d # 0 indicates AMD CPU
+ jnz .Lintel
+
+ # AMD specific
+ mov \$0x80000000,%eax
+ cpuid
+ cmp \$0x80000001,%eax
+ jb .Lintel
+ mov %eax,%r10d
+ mov \$0x80000001,%eax
+ cpuid
+ or %ecx,%r9d
+ and \$0x00000801,%r9d # isolate AMD XOP bit, 1<<11
+
+ cmp \$0x80000008,%r10d
+ jb .Lintel
+
+ mov \$0x80000008,%eax
+ cpuid
+ movzb %cl,%r10 # number of cores - 1
+ inc %r10 # number of cores
+
mov \$1,%eax
cpuid
+ bt \$28,%edx # test hyper-threading bit
+ jnc .Lgeneric
+ shr \$16,%ebx # number of logical processors
+ cmp %r10b,%bl
+ ja .Lgeneric
+ and \$0xefffffff,%edx # ~(1<<28)
+ jmp .Lgeneric
+
+.Lintel:
+ cmp \$4,%r11d
+ mov \$-1,%r10d
+ jb .Lnocacheinfo
+
+ mov \$4,%eax
+ mov \$0,%ecx # query L1D
+ cpuid
+ mov %eax,%r10d
+ shr \$14,%r10d
+ and \$0xfff,%r10d # number of cores -1 per L1D
+
+.Lnocacheinfo:
+ mov \$1,%eax
+ cpuid
+ and \$0xbfefffff,%edx # force reserved bits to 0
cmp \$0,%r9d
jne .Lnotintel
- or \$0x00100000,%edx # use reserved 20th bit to engage RC4_CHAR
+ or \$0x40000000,%edx # set reserved bit#30 on Intel CPUs
and \$15,%ah
cmp \$15,%ah # examine Family ID
- je .Lnotintel
- or \$0x40000000,%edx # use reserved bit to skip unrolled loop
+ jne .Lnotintel
+ or \$0x00100000,%edx # set reserved bit#20 to engage RC4_CHAR
.Lnotintel:
bt \$28,%edx # test hyper-threading bit
- jnc .Ldone
+ jnc .Lgeneric
+ and \$0xefffffff,%edx # ~(1<<28)
+ cmp \$0,%r10d
+ je .Lgeneric
+
+ or \$0x10000000,%edx # 1<<28
shr \$16,%ebx
cmp \$1,%bl # see if cache is shared
- ja .Ldone
+ ja .Lgeneric
and \$0xefffffff,%edx # ~(1<<28)
+.Lgeneric:
+ and \$0x00000800,%r9d # isolate AMD XOP flag
+ and \$0xfffff7ff,%ecx
+ or %ecx,%r9d # merge AMD XOP flag
+
+ mov %edx,%r10d # %r9d:%r10d is copy of %ecx:%edx
+ bt \$27,%r9d # check OSXSAVE bit
+ jnc .Lclear_avx
+ xor %ecx,%ecx # XCR0
+ .byte 0x0f,0x01,0xd0 # xgetbv
+ and \$6,%eax # isolate XMM and YMM state support
+ cmp \$6,%eax
+ je .Ldone
+.Lclear_avx:
+ mov \$0xefffe7ff,%eax # ~(1<<28|1<<12|1<<11)
+ and %eax,%r9d # clear AVX, FMA and AMD XOP bits
.Ldone:
- shl \$32,%rcx
- mov %edx,%eax
- mov %r8,%rbx
- or %rcx,%rax
+ shl \$32,%r9
+ mov %r10d,%eax
+ mov %r8,%rbx # restore %rbx
+ or %r9,%rax
ret
.size OPENSSL_ia32_cpuid,.-OPENSSL_ia32_cpuid
+
+.globl OPENSSL_cleanse
+.type OPENSSL_cleanse,\@abi-omnipotent
+.align 16
+OPENSSL_cleanse:
+ xor %rax,%rax
+ cmp \$15,$arg2
+ jae .Lot
+ cmp \$0,$arg2
+ je .Lret
+.Little:
+ mov %al,($arg1)
+ sub \$1,$arg2
+ lea 1($arg1),$arg1
+ jnz .Little
+.Lret:
+ ret
+.align 16
+.Lot:
+ test \$7,$arg1
+ jz .Laligned
+ mov %al,($arg1)
+ lea -1($arg2),$arg2
+ lea 1($arg1),$arg1
+ jmp .Lot
+.Laligned:
+ mov %rax,($arg1)
+ lea -8($arg2),$arg2
+ test \$-8,$arg2
+ lea 8($arg1),$arg1
+ jnz .Laligned
+ cmp \$0,$arg2
+ jne .Little
+ ret
+.size OPENSSL_cleanse,.-OPENSSL_cleanse
___
+
+print<<___ if (!$win64);
+.globl OPENSSL_wipe_cpu
+.type OPENSSL_wipe_cpu,\@abi-omnipotent
+.align 16
+OPENSSL_wipe_cpu:
+ pxor %xmm0,%xmm0
+ pxor %xmm1,%xmm1
+ pxor %xmm2,%xmm2
+ pxor %xmm3,%xmm3
+ pxor %xmm4,%xmm4
+ pxor %xmm5,%xmm5
+ pxor %xmm6,%xmm6
+ pxor %xmm7,%xmm7
+ pxor %xmm8,%xmm8
+ pxor %xmm9,%xmm9
+ pxor %xmm10,%xmm10
+ pxor %xmm11,%xmm11
+ pxor %xmm12,%xmm12
+ pxor %xmm13,%xmm13
+ pxor %xmm14,%xmm14
+ pxor %xmm15,%xmm15
+ xorq %rcx,%rcx
+ xorq %rdx,%rdx
+ xorq %rsi,%rsi
+ xorq %rdi,%rdi
+ xorq %r8,%r8
+ xorq %r9,%r9
+ xorq %r10,%r10
+ xorq %r11,%r11
+ leaq 8(%rsp),%rax
+ ret
+.size OPENSSL_wipe_cpu,.-OPENSSL_wipe_cpu
+___
+print<<___ if ($win64);
+.globl OPENSSL_wipe_cpu
+.type OPENSSL_wipe_cpu,\@abi-omnipotent
+.align 16
+OPENSSL_wipe_cpu:
+ pxor %xmm0,%xmm0
+ pxor %xmm1,%xmm1
+ pxor %xmm2,%xmm2
+ pxor %xmm3,%xmm3
+ pxor %xmm4,%xmm4
+ pxor %xmm5,%xmm5
+ xorq %rcx,%rcx
+ xorq %rdx,%rdx
+ xorq %r8,%r8
+ xorq %r9,%r9
+ xorq %r10,%r10
+ xorq %r11,%r11
+ leaq 8(%rsp),%rax
+ ret
+.size OPENSSL_wipe_cpu,.-OPENSSL_wipe_cpu
+___
+
+print<<___;
+.globl OPENSSL_ia32_rdrand
+.type OPENSSL_ia32_rdrand,\@abi-omnipotent
+.align 16
+OPENSSL_ia32_rdrand:
+ mov \$8,%ecx
+.Loop_rdrand:
+ rdrand %rax
+ jc .Lbreak_rdrand
+ loop .Loop_rdrand
+.Lbreak_rdrand:
+ cmp \$0,%rax
+ cmove %rcx,%rax
+ ret
+.size OPENSSL_ia32_rdrand,.-OPENSSL_ia32_rdrand
+___
+
close STDOUT; # flush
Modified: trunk/crypto/openssl/crypto/x86cpuid.pl
===================================================================
--- trunk/crypto/openssl/crypto/x86cpuid.pl 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/crypto/x86cpuid.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,6 +1,7 @@
#!/usr/bin/env perl
-push(@INC,"perlasm");
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC, "${dir}perlasm", "perlasm");
require "x86asm.pl";
&asm_init($ARGV[0],"x86cpuid");
@@ -18,43 +19,127 @@
&pushf ();
&pop ("eax");
&xor ("ecx","eax");
+ &xor ("eax","eax");
&bt ("ecx",21);
- &jnc (&label("done"));
- &xor ("eax","eax");
+ &jnc (&label("nocpuid"));
&cpuid ();
+ &mov ("edi","eax"); # max value for standard query level
+
&xor ("eax","eax");
&cmp ("ebx",0x756e6547); # "Genu"
- &data_byte(0x0f,0x95,0xc0); #&setne (&LB("eax"));
+ &setne (&LB("eax"));
&mov ("ebp","eax");
&cmp ("edx",0x49656e69); # "ineI"
- &data_byte(0x0f,0x95,0xc0); #&setne (&LB("eax"));
+ &setne (&LB("eax"));
&or ("ebp","eax");
&cmp ("ecx",0x6c65746e); # "ntel"
- &data_byte(0x0f,0x95,0xc0); #&setne (&LB("eax"));
- &or ("ebp","eax");
+ &setne (&LB("eax"));
+ &or ("ebp","eax"); # 0 indicates Intel CPU
+ &jz (&label("intel"));
+
+ &cmp ("ebx",0x68747541); # "Auth"
+ &setne (&LB("eax"));
+ &mov ("esi","eax");
+ &cmp ("edx",0x69746E65); # "enti"
+ &setne (&LB("eax"));
+ &or ("esi","eax");
+ &cmp ("ecx",0x444D4163); # "cAMD"
+ &setne (&LB("eax"));
+ &or ("esi","eax"); # 0 indicates AMD CPU
+ &jnz (&label("intel"));
+
+ # AMD specific
+ &mov ("eax",0x80000000);
+ &cpuid ();
+ &cmp ("eax",0x80000001);
+ &jb (&label("intel"));
+ &mov ("esi","eax");
+ &mov ("eax",0x80000001);
+ &cpuid ();
+ &or ("ebp","ecx");
+ &and ("ebp",1<<11|1); # isolate XOP bit
+ &cmp ("esi",0x80000008);
+ &jb (&label("intel"));
+
+ &mov ("eax",0x80000008);
+ &cpuid ();
+ &movz ("esi",&LB("ecx")); # number of cores - 1
+ &inc ("esi"); # number of cores
+
&mov ("eax",1);
&xor ("ecx","ecx");
&cpuid ();
+ &bt ("edx",28);
+ &jnc (&label("generic"));
+ &shr ("ebx",16);
+ &and ("ebx",0xff);
+ &cmp ("ebx","esi");
+ &ja (&label("generic"));
+ &and ("edx",0xefffffff); # clear hyper-threading bit
+ &jmp (&label("generic"));
+
+&set_label("intel");
+ &cmp ("edi",4);
+ &mov ("edi",-1);
+ &jb (&label("nocacheinfo"));
+
+ &mov ("eax",4);
+ &mov ("ecx",0); # query L1D
+ &cpuid ();
+ &mov ("edi","eax");
+ &shr ("edi",14);
+ &and ("edi",0xfff); # number of cores -1 per L1D
+
+&set_label("nocacheinfo");
+ &mov ("eax",1);
+ &xor ("ecx","ecx");
+ &cpuid ();
+ &and ("edx",0xbfefffff); # force reserved bits #20, #30 to 0
&cmp ("ebp",0);
- &jne (&label("notP4"));
- &and ("eax",15<<8); # familiy ID
- &cmp ("eax",15<<8); # P4?
- &jne (&label("notP4"));
- &or ("edx",1<<20); # use reserved bit to engage RC4_CHAR
-&set_label("notP4");
+ &jne (&label("notintel"));
+ &or ("edx",1<<30); # set reserved bit#30 on Intel CPUs
+ &and (&HB("eax"),15); # familiy ID
+ &cmp (&HB("eax"),15); # P4?
+ &jne (&label("notintel"));
+ &or ("edx",1<<20); # set reserved bit#20 to engage RC4_CHAR
+&set_label("notintel");
&bt ("edx",28); # test hyper-threading bit
- &jnc (&label("done"));
+ &jnc (&label("generic"));
+ &and ("edx",0xefffffff);
+ &cmp ("edi",0);
+ &je (&label("generic"));
+
+ &or ("edx",0x10000000);
&shr ("ebx",16);
- &and ("ebx",0xff);
- &cmp ("ebx",1); # see if cache is shared(*)
- &ja (&label("done"));
+ &cmp (&LB("ebx"),1);
+ &ja (&label("generic"));
&and ("edx",0xefffffff); # clear hyper-threading bit if not
+
+&set_label("generic");
+ &and ("ebp",1<<11); # isolate AMD XOP flag
+ &and ("ecx",0xfffff7ff); # force 11th bit to 0
+ &mov ("esi","edx");
+ &or ("ebp","ecx"); # merge AMD XOP flag
+
+ &bt ("ecx",27); # check OSXSAVE bit
+ &jnc (&label("clear_avx"));
+ &xor ("ecx","ecx");
+ &data_byte(0x0f,0x01,0xd0); # xgetbv
+ &and ("eax",6);
+ &cmp ("eax",6);
+ &je (&label("done"));
+ &cmp ("eax",2);
+ &je (&label("clear_avx"));
+&set_label("clear_xmm");
+ &and ("ebp",0xfdfffffd); # clear AESNI and PCLMULQDQ bits
+ &and ("esi",0xfeffffff); # clear FXSR
+&set_label("clear_avx");
+ &and ("ebp",0xefffe7ff); # clear AVX, FMA and AMD XOP bits
&set_label("done");
- &mov ("eax","edx");
- &mov ("edx","ecx");
+ &mov ("eax","esi");
+ &mov ("edx","ebp");
+&set_label("nocpuid");
&function_end("OPENSSL_ia32_cpuid");
-# (*) on Core2 this value is set to 2 denoting the fact that L2
-# cache is shared between cores.
&external_label("OPENSSL_ia32cap_P");
@@ -82,7 +167,7 @@
&jnz (&label("nohalt")); # not enough privileges
&pushf ();
- &pop ("eax")
+ &pop ("eax");
&bt ("eax",9);
&jnc (&label("nohalt")); # interrupts are disabled
@@ -147,8 +232,9 @@
&bt (&DWP(0,"ecx"),1);
&jnc (&label("no_x87"));
if ($sse2) {
- &bt (&DWP(0,"ecx"),26);
- &jnc (&label("no_sse2"));
+ &and ("ecx",1<<26|1<<24); # check SSE2 and FXSR bits
+ &cmp ("ecx",1<<26|1<<24);
+ &jne (&label("no_sse2"));
&pxor ("xmm0","xmm0");
&pxor ("xmm1","xmm1");
&pxor ("xmm2","xmm2");
@@ -196,7 +282,7 @@
# arguments is 1 or 2!
&function_begin_B("OPENSSL_indirect_call");
{
- my $i,$max=7; # $max has to be chosen as 4*n-1
+ my ($max,$i)=(7,); # $max has to be chosen as 4*n-1
# in order to preserve eventual
# stack alignment
&push ("ebp");
@@ -221,6 +307,52 @@
}
&function_end_B("OPENSSL_indirect_call");
+&function_begin_B("OPENSSL_cleanse");
+ &mov ("edx",&wparam(0));
+ &mov ("ecx",&wparam(1));
+ &xor ("eax","eax");
+ &cmp ("ecx",7);
+ &jae (&label("lot"));
+ &cmp ("ecx",0);
+ &je (&label("ret"));
+&set_label("little");
+ &mov (&BP(0,"edx"),"al");
+ &sub ("ecx",1);
+ &lea ("edx",&DWP(1,"edx"));
+ &jnz (&label("little"));
+&set_label("ret");
+ &ret ();
+
+&set_label("lot",16);
+ &test ("edx",3);
+ &jz (&label("aligned"));
+ &mov (&BP(0,"edx"),"al");
+ &lea ("ecx",&DWP(-1,"ecx"));
+ &lea ("edx",&DWP(1,"edx"));
+ &jmp (&label("lot"));
+&set_label("aligned");
+ &mov (&DWP(0,"edx"),"eax");
+ &lea ("ecx",&DWP(-4,"ecx"));
+ &test ("ecx",-4);
+ &lea ("edx",&DWP(4,"edx"));
+ &jnz (&label("aligned"));
+ &cmp ("ecx",0);
+ &jne (&label("little"));
+ &ret ();
+&function_end_B("OPENSSL_cleanse");
+
+&function_begin_B("OPENSSL_ia32_rdrand");
+ &mov ("ecx",8);
+&set_label("loop");
+ &rdrand ("eax");
+ &jc (&label("break"));
+ &loop (&label("loop"));
+&set_label("break");
+ &cmp ("eax",0);
+ &cmove ("eax","ecx");
+ &ret ();
+&function_end_B("OPENSSL_ia32_rdrand");
+
&initseg("OPENSSL_cpuid_setup");
&asm_finish();
Modified: trunk/crypto/openssl/demos/easy_tls/easy-tls.c
===================================================================
--- trunk/crypto/openssl/demos/easy_tls/easy-tls.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/demos/easy_tls/easy-tls.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -761,7 +761,8 @@
if (tls_dhe1024 == NULL) {
int i;
- RAND_bytes((unsigned char *)&i, sizeof i);
+ if (RAND_bytes((unsigned char *)&i, sizeof i) <= 0)
+ goto err_return;
/*
* make sure that i is non-negative -- pick one of the provided
* seeds
Modified: trunk/crypto/openssl/demos/pkcs12/pkread.c
===================================================================
--- trunk/crypto/openssl/demos/pkcs12/pkread.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/demos/pkcs12/pkread.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -20,7 +20,7 @@
fprintf(stderr, "Usage: pkread p12file password opfile\n");
exit(1);
}
- SSLeay_add_all_algorithms();
+ OpenSSL_add_all_algorithms();
ERR_load_crypto_strings();
if (!(fp = fopen(argv[1], "rb"))) {
fprintf(stderr, "Error opening file %s\n", argv[1]);
@@ -51,7 +51,7 @@
fprintf(fp, "***User Certificate***\n");
PEM_write_X509_AUX(fp, cert);
}
- if (ca && sk_num(ca)) {
+ if (ca && sk_X509_num(ca)) {
fprintf(fp, "***Other Certificates***\n");
for (i = 0; i < sk_X509_num(ca); i++)
PEM_write_X509_AUX(fp, sk_X509_value(ca, i));
Modified: trunk/crypto/openssl/demos/tunala/autoungunk.sh
===================================================================
--- trunk/crypto/openssl/demos/tunala/autoungunk.sh 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/demos/tunala/autoungunk.sh 2015-07-21 23:23:45 UTC (rev 7118)
@@ -15,4 +15,5 @@
rm -f aclocal.m4 config.* configure install-sh \
missing mkinstalldirs stamp-h.* Makefile.in \
- ltconfig ltmain.sh
+ ltconfig ltmain.sh depcomp
+rm -rf autom4te.cache
Modified: trunk/crypto/openssl/demos/tunala/cb.c
===================================================================
--- trunk/crypto/openssl/demos/tunala/cb.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/demos/tunala/cb.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -146,8 +146,27 @@
* after certain intervals?
*/
static RSA *rsa_tmp = NULL;
- if (!rsa_tmp)
- rsa_tmp = RSA_generate_key(keylength, RSA_F4, NULL, NULL);
+ BIGNUM *bn = NULL;
+ int ok = 1;
+ if (!rsa_tmp) {
+ ok = 0;
+ if (!(bn = BN_new()))
+ goto end;
+ if (!BN_set_word(bn, RSA_F4))
+ goto end;
+ if (!(rsa_tmp = RSA_new()))
+ goto end;
+ if (!RSA_generate_key_ex(rsa_tmp, keylength, bn, NULL))
+ goto end;
+ ok = 1;
+ }
+ end:
+ if (bn)
+ BN_free(bn);
+ if (!ok) {
+ RSA_free(rsa_tmp);
+ rsa_tmp = NULL;
+ }
return rsa_tmp;
}
Modified: trunk/crypto/openssl/demos/tunala/tunala.c
===================================================================
--- trunk/crypto/openssl/demos/tunala/tunala.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/demos/tunala/tunala.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -747,9 +747,12 @@
abort();
fprintf(stderr, "Info, generating DH parameters ... ");
fflush(stderr);
- if ((dh = DH_generate_parameters(512, DH_GENERATOR_5,
- NULL, NULL)) == NULL) {
+ if (!(dh = DH_new()) || !DH_generate_parameters_ex(dh, 512,
+ DH_GENERATOR_5,
+ NULL)) {
fprintf(stderr, "error!\n");
+ if (dh)
+ DH_free(dh);
return 0;
}
fprintf(stderr, "complete\n");
@@ -786,7 +789,7 @@
unsigned int verify_depth)
{
SSL_CTX *ctx = NULL, *ret = NULL;
- SSL_METHOD *meth;
+ const SSL_METHOD *meth;
ENGINE *e = NULL;
OpenSSL_add_ssl_algorithms();
Modified: trunk/crypto/openssl/doc/HOWTO/certificates.txt
===================================================================
--- trunk/crypto/openssl/doc/HOWTO/certificates.txt 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/HOWTO/certificates.txt 2015-07-21 23:23:45 UTC (rev 7118)
@@ -3,22 +3,22 @@
1. Introduction
-How you handle certificates depend a great deal on what your role is.
+How you handle certificates depends a great deal on what your role is.
Your role can be one or several of:
- - User of some client software
- - User of some server software
+ - User of some client application
+ - User of some server application
- Certificate authority
This file is for users who wish to get a certificate of their own.
-Certificate authorities should read ca.txt.
+Certificate authorities should read https://www.openssl.org/docs/apps/ca.html.
In all the cases shown below, the standard configuration file, as
compiled into openssl, will be used. You may find it in /etc/,
-/usr/local/ssl/ or somewhere else. The name is openssl.cnf, and
-is better described in another HOWTO <config.txt?>. If you want to
-use a different configuration file, use the argument '-config {file}'
-with the command shown below.
+/usr/local/ssl/ or somewhere else. By default the file is named
+openssl.cnf and is described at https://www.openssl.org/docs/apps/config.html.
+You can specify a different configuration file using the
+'-config {file}' argument with the commands shown below.
2. Relationship with keys
@@ -29,24 +29,26 @@
keys, so before you create a certificate or a certificate request, you
need to create a private key.
-Private keys are generated with 'openssl genrsa' if you want a RSA
-private key, or 'openssl gendsa' if you want a DSA private key.
-Further information on how to create private keys can be found in
-another HOWTO <keys.txt?>. The rest of this text assumes you have
-a private key in the file privkey.pem.
+Private keys are generated with 'openssl genrsa -out privkey.pem' if
+you want a RSA private key, or if you want a DSA private key:
+'openssl dsaparam -out dsaparam.pem 2048; openssl gendsa -out privkey.pem dsaparam.pem'.
+The private keys created by these commands are not passphrase protected;
+it might or might not be the desirable thing. Further information on how to
+create private keys can be found at https://www.openssl.org/docs/HOWTO/keys.txt.
+The rest of this text assumes you have a private key in the file privkey.pem.
+
3. Creating a certificate request
-To create a certificate, you need to start with a certificate
-request (or, as some certificate authorities like to put
-it, "certificate signing request", since that's exactly what they do,
-they sign it and give you the result back, thus making it authentic
-according to their policies). A certificate request can then be sent
-to a certificate authority to get it signed into a certificate, or if
-you have your own certificate authority, you may sign it yourself, or
-if you need a self-signed certificate (because you just want a test
-certificate or because you are setting up your own CA).
+To create a certificate, you need to start with a certificate request
+(or, as some certificate authorities like to put it, "certificate
+signing request", since that's exactly what they do, they sign it and
+give you the result back, thus making it authentic according to their
+policies). A certificate request is sent to a certificate authority
+to get it signed into a certificate. You can also sign the certificate
+yourself if you have your own certificate authority or create a
+self-signed certificate (typically for testing purpose).
The certificate request is created like this:
@@ -55,12 +57,14 @@
Now, cert.csr can be sent to the certificate authority, if they can
handle files in PEM format. If not, use the extra argument '-outform'
followed by the keyword for the format to use (see another HOWTO
-<formats.txt?>). In some cases, that isn't sufficient and you will
-have to be more creative.
+<formats.txt?>). In some cases, -outform does not let you output the
+certificate request in the right format and you will have to use one
+of the various other commands that are exposed by openssl (or get
+creative and use a combination of tools).
-When the certificate authority has then done the checks the need to
-do (and probably gotten payment from you), they will hand over your
-new certificate to you.
+The certificate authority performs various checks (according to their
+policies) and usually waits for payment from you. Once that is
+complete, they send you your new certificate.
Section 5 will tell you more on how to handle the certificate you
received.
@@ -68,11 +72,12 @@
4. Creating a self-signed test certificate
-If you don't want to deal with another certificate authority, or just
-want to create a test certificate for yourself. This is similar to
-creating a certificate request, but creates a certificate instead of
-a certificate request. This is NOT the recommended way to create a
-CA certificate, see ca.txt.
+You can create a self-signed certificate if you don't want to deal
+with a certificate authority, or if you just want to create a test
+certificate for yourself. This is similar to creating a certificate
+request, but creates a certificate instead of a certificate request.
+This is NOT the recommended way to create a CA certificate, see
+https://www.openssl.org/docs/apps/ca.html.
openssl req -new -x509 -key privkey.pem -out cacert.pem -days 1095
@@ -93,13 +98,13 @@
them together into one file. The ways to do this is described in
another HOWTO <formats.txt?>, I will just mention the simplest case.
In the case of a raw DER thing in PEM format, and assuming that's all
-right for yor applications, simply concatenating the certificate and
+right for your applications, simply concatenating the certificate and
the key into a new file and using that one should be enough. With
some applications, you don't even have to do that.
-By now, you have your cetificate and your private key and can start
-using the software that depend on it.
+By now, you have your certificate and your private key and can start
+using applications that depend on it.
--
Richard Levitte
Modified: trunk/crypto/openssl/doc/HOWTO/proxy_certificates.txt
===================================================================
--- trunk/crypto/openssl/doc/HOWTO/proxy_certificates.txt 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/HOWTO/proxy_certificates.txt 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,23 +1,22 @@
-<DRAFT!>
HOWTO proxy certificates
0. WARNING
-NONE OF THE CODE PRESENTED HERE HAVE BEEN CHECKED! They are just an
-example to show you how things can be done. There may be typos or
-type conflicts, and you will have to resolve them.
+NONE OF THE CODE PRESENTED HERE HAS BEEN CHECKED! The code is just examples to
+show you how things could be done. There might be typos or type conflicts, and
+you will have to resolve them.
1. Introduction
-Proxy certificates are defined in RFC 3820. They are really usual
-certificates with the mandatory extension proxyCertInfo.
+Proxy certificates are defined in RFC 3820. They are really usual certificates
+with the mandatory extension proxyCertInfo.
-Proxy certificates are issued by an End Entity (typically a user),
-either directly with the EE certificate as issuing certificate, or by
-extension through an already issued proxy certificate.. They are used
-to extend rights to some other entity (a computer process, typically,
-or sometimes to the user itself), so it can perform operations in the
-name of the owner of the EE certificate.
+Proxy certificates are issued by an End Entity (typically a user), either
+directly with the EE certificate as issuing certificate, or by extension through
+an already issued proxy certificate. Proxy certificates are used to extend
+rights to some other entity (a computer process, typically, or sometimes to the
+user itself). This allows the entity to perform operations on behalf of the
+owner of the EE certificate.
See http://www.ietf.org/rfc/rfc3820.txt for more information.
@@ -24,52 +23,48 @@
2. A warning about proxy certificates
-Noone seems to have tested proxy certificates with security in mind.
-Basically, to this date, it seems that proxy certificates have only
-been used in a world that's highly aware of them. What would happen
-if an unsuspecting application is to validate a chain of certificates
-that contains proxy certificates? It would usually consider the leaf
-to be the certificate to check for authorisation data, and since proxy
-certificates are controlled by the EE certificate owner alone, it's
-would be normal to consider what the EE certificate owner could do
-with them.
+No one seems to have tested proxy certificates with security in mind. To this
+date, it seems that proxy certificates have only been used in a context highly
+aware of them.
-subjectAltName and issuerAltName are forbidden in proxy certificates,
-and this is enforced in OpenSSL. The subject must be the same as the
-issuer, with one commonName added on.
+Existing applications might misbehave when trying to validate a chain of
+certificates which use a proxy certificate. They might incorrectly consider the
+leaf to be the certificate to check for authorisation data, which is controlled
+by the EE certificate owner.
-Possible threats are, as far as has been imagined so far:
+subjectAltName and issuerAltName are forbidden in proxy certificates, and this
+is enforced in OpenSSL. The subject must be the same as the issuer, with one
+commonName added on.
+Possible threats we can think of at this time include:
+
- impersonation through commonName (think server certificates).
- - use of additional extensions, possibly non-standard ones used in
- certain environments, that would grant extra or different
- authorisation rights.
+ - use of additional extensions, possibly non-standard ones used in certain
+ environments, that would grant extra or different authorisation rights.
-For this reason, OpenSSL requires that the use of proxy certificates
-be explicitely allowed. Currently, this can be done using the
-following methods:
+For these reasons, OpenSSL requires that the use of proxy certificates be
+explicitly allowed. Currently, this can be done using the following methods:
- - if the application calls X509_verify_cert() itself, it can do the
- following prior to that call (ctx is the pointer passed in the call
- to X509_verify_cert()):
+ - if the application directly calls X509_verify_cert(), it can first call:
- X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_ALLOW_PROXY_CERTS);
+ X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_ALLOW_PROXY_CERTS);
- - in all other cases, proxy certificate validation can be enabled
- before starting the application by setting the envirnoment variable
- OPENSSL_ALLOW_PROXY_CERTS with some non-empty value.
+ Where ctx is the pointer which then gets passed to X509_verify_cert().
-There are thoughts to allow proxy certificates with a line in the
-default openssl.cnf, but that's still in the future.
+ - proxy certificate validation can be enabled before starting the application
+ by setting the environment variable OPENSSL_ALLOW_PROXY_CERTS.
+In the future, it might be possible to enable proxy certificates by editing
+openssl.cnf.
-3. How to create proxy cerificates
-It's quite easy to create proxy certificates, by taking advantage of
-the lack of checks of the 'openssl x509' application (*ahem*). But
-first, you need to create a configuration section that contains a
-definition of the proxyCertInfo extension, a little like this:
+3. How to create proxy certificates
+Creating proxy certificates is quite easy, by taking advantage of a lack of
+checks in the 'openssl x509' application (*ahem*). You must first create a
+configuration section that contains a definition of the proxyCertInfo extension,
+for example:
+
[ v3_proxy ]
# A proxy certificate MUST NEVER be a CA certificate.
basicConstraints=CA:FALSE
@@ -77,10 +72,10 @@
# Usual authority key ID
authorityKeyIdentifier=keyid,issuer:always
- # Now, for the extension that marks this certificate as a proxy one
+ # The extension which marks this certificate as a proxy
proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:1,policy:text:AB
-It's also possible to give the proxy extension in a separate section:
+It's also possible to specify the proxy extension in a separate section:
proxyCertInfo=critical, at proxy_ext
@@ -89,96 +84,85 @@
pathlen=0
policy=text:BC
-The policy value has a specific syntax, {syntag}:{string}, where the
-syntag determines what will be done with the string. The recognised
-syntags are as follows:
+The policy value has a specific syntax, {syntag}:{string}, where the syntag
+determines what will be done with the string. The following syntags are
+recognised:
- text indicates that the string is simply the bytes, not
- encoded in any kind of way:
+ text indicates that the string is simply bytes, without any encoding:
- policy=text:r\xE4ksm\xF6rg\xE5s
+ policy=text:räksmörgås
- Previous versions of this design had a specific tag
- for UTF-8 text. However, since the bytes are copied
- as-is anyway, there's no need for it. Instead, use
- the text: tag, like this:
+ Previous versions of this design had a specific tag for UTF-8 text.
+ However, since the bytes are copied as-is anyway, there is no need for
+ such a specific tag.
- policy=text:räksmörgås
+ hex indicates the string is encoded in hex, with colons between each byte
+ (every second hex digit):
- hex indicates the string is encoded in hex, with colons
- between each byte (every second hex digit):
+ policy=hex:72:E4:6B:73:6D:F6:72:67:E5:73
- policy=hex:72:E4:6B:73:6D:F6:72:67:E5:73
+ Previous versions of this design had a tag to insert a complete DER
+ blob. However, the only legal use for this would be to surround the
+ bytes that would go with the hex: tag with whatever is needed to
+ construct a correct OCTET STRING. The DER tag therefore felt
+ superfluous, and was removed.
- Previous versions of this design had a tag to insert a
- complete DER blob. However, the only legal use for
- this would be to surround the bytes that would go with
- the hex: tag with what's needed to construct a correct
- OCTET STRING. Since hex: does that, the DER tag felt
- superfluous, and was therefore removed.
+ file indicates that the text of the policy should really be taken from a
+ file. The string is then really a file name. This is useful for
+ policies that are large (more than a few lines, e.g. XML documents).
- file indicates that the text of the policy should really be
- taken from a file. The string is then really a file
- name. This is useful for policies that are large
- (more than a few of lines) XML documents, for example.
-
The 'policy' setting can be split up in multiple lines like this:
0.policy=This is
- 1.polisy= a multi-
+ 1.policy= a multi-
2.policy=line policy.
-NOTE: the proxy policy value is the part that determines the rights
-granted to the process using the proxy certificate. The value is
-completely dependent on the application reading and interpretting it!
+NOTE: the proxy policy value is the part which determines the rights granted to
+the process using the proxy certificate. The value is completely dependent on
+the application reading and interpreting it!
-Now that you have created an extension section for your proxy
-certificate, you can now easily create a proxy certificate like this:
+Now that you have created an extension section for your proxy certificate, you
+can easily create a proxy certificate by doing:
- openssl req -new -config openssl.cnf \
- -out proxy.req -keyout proxy.key
- openssl x509 -req -CAcreateserial -in proxy.req -days 7 \
- -out proxy.crt -CA user.crt -CAkey user.key \
- -extfile openssl.cnf -extensions v3_proxy
+ openssl req -new -config openssl.cnf -out proxy.req -keyout proxy.key
+ openssl x509 -req -CAcreateserial -in proxy.req -days 7 -out proxy.crt \
+ -CA user.crt -CAkey user.key -extfile openssl.cnf -extensions v3_proxy
-It's just as easy to create a proxy certificate using another proxy
-certificate as issuer (note that I'm using a different configuration
-section for it):
+You can also create a proxy certificate using another proxy certificate as
+issuer (note: I'm using a different configuration section for it):
- openssl req -new -config openssl.cnf \
- -out proxy2.req -keyout proxy2.key
- openssl x509 -req -CAcreateserial -in proxy2.req -days 7 \
- -out proxy2.crt -CA proxy.crt -CAkey proxy.key \
- -extfile openssl.cnf -extensions v3_proxy2
+ openssl req -new -config openssl.cnf -out proxy2.req -keyout proxy2.key
+ openssl x509 -req -CAcreateserial -in proxy2.req -days 7 -out proxy2.crt \
+ -CA proxy.crt -CAkey proxy.key -extfile openssl.cnf -extensions v3_proxy2
4. How to have your application interpret the policy?
-The basic way to interpret proxy policies is to prepare some default
-rights, then do a check of the proxy certificate against the a chain
-of proxy certificates, user certificate and CA certificates, and see
-what rights came out by the end. Sounds easy, huh? It almost is.
+The basic way to interpret proxy policies is to start with some default rights,
+then compute the resulting rights by checking the proxy certificate against
+the chain of proxy certificates, user certificate and CA certificates. You then
+use the final computed rights. Sounds easy, huh? It almost is.
-The slightly complicated part is how to pass data between your
+The slightly complicated part is figuring out how to pass data between your
application and the certificate validation procedure.
You need the following ingredients:
- - a callback routing that will be called for every certificate that's
- validated. It will be called several times for each certificates,
- so you must be attentive to when it's a good time to do the proxy
- policy interpretation and check, as well as to fill in the defaults
- when the EE certificate is checked.
+ - a callback function that will be called for every certificate being
+ validated. The callback be called several times for each certificate,
+ so you must be careful to do the proxy policy interpretation at the right
+ time. You also need to fill in the defaults when the EE certificate is
+ checked.
- - a structure of data that's shared between your application code and
- the callback.
+ - a data structure that is shared between your application code and the
+ callback.
- a wrapper function that sets it all up.
- - an ex_data index function that creates an index into the generic
- ex_data store that's attached to an X509 validation context.
+ - an ex_data index function that creates an index into the generic ex_data
+ store that is attached to an X509 validation context.
-This is some cookbook code for you to fill in:
+Here is some skeleton code you can fill in:
/* In this example, I will use a view of granted rights as a bit
array, one bit for each possible right. */
@@ -210,7 +194,7 @@
static int verify_callback(int ok, X509_STORE_CTX *ctx)
{
if (ok == 1) /* It's REALLY important you keep the proxy policy
- check within this secion. It's important to know
+ check within this section. It's important to know
that when ok is 1, the certificates are checked
from top to bottom. You get the CA root first,
followed by the possible chain of intermediate
@@ -221,7 +205,7 @@
if (xs->ex_flags & EXFLAG_PROXY)
{
- YOUR_RIGHTS *rights =
+ YOUR_RIGHTS *rights =
(YOUR_RIGHTS *)X509_STORE_CTX_get_ex_data(ctx,
get_proxy_auth_ex_data_idx());
PROXY_CERT_INFO_EXTENSION *pci =
@@ -250,12 +234,12 @@
bit array and fill it with the rights granted by
the current proxy certificate, then use it as a
mask on the accumulated rights bit array, and
- voil\xE0, you now have a new accumulated rights bit
+ voilà, you now have a new accumulated rights bit
array. */
{
int i;
YOUR_RIGHTS tmp_rights;
- memset(tmp_rights.rights, 0, sizeof(tmp_rights.rights));
+ memset(tmp_rights.rights, 0, sizeof(tmp_rights.rights));
/* process_rights() is supposed to be a procedure
that takes a string and it's length, interprets
@@ -276,7 +260,7 @@
{
/* We have a EE certificate, let's use it to set default!
*/
- YOUR_RIGHTS *rights =
+ YOUR_RIGHTS *rights =
(YOUR_RIGHTS *)X509_STORE_CTX_get_ex_data(ctx,
get_proxy_auth_ex_data_idx());
Modified: trunk/crypto/openssl/doc/apps/asn1parse.pod
===================================================================
--- trunk/crypto/openssl/doc/apps/asn1parse.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/apps/asn1parse.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -82,11 +82,11 @@
=item B<-genstr string>, B<-genconf file>
generate encoded data based on B<string>, B<file> or both using
-ASN1_generate_nconf() format. If B<file> only is present then the string
-is obtained from the default section using the name B<asn1>. The encoded
-data is passed through the ASN1 parser and printed out as though it came
-from a file, the contents can thus be examined and written to a file
-using the B<out> option.
+L<ASN1_generate_nconf(3)|ASN1_generate_nconf(3)> format. If B<file> only is
+present then the string is obtained from the default section using the name
+B<asn1>. The encoded data is passed through the ASN1 parser and printed out as
+though it came from a file, the contents can thus be examined and written to a
+file using the B<out> option.
=back
@@ -178,4 +178,8 @@
There should be options to change the format of output lines. The output of some
ASN.1 types is not well handled (if at all).
+=head1 SEE ALSO
+
+L<ASN1_generate_nconf(3)|ASN1_generate_nconf(3)>
+
=cut
Copied: trunk/crypto/openssl/doc/apps/c_rehash.pod (from rev 7117, vendor-crypto/openssl/dist/doc/apps/c_rehash.pod)
===================================================================
--- trunk/crypto/openssl/doc/apps/c_rehash.pod (rev 0)
+++ trunk/crypto/openssl/doc/apps/c_rehash.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,81 @@
+=pod
+
+=for comment
+Original text by James Westby, contributed under the OpenSSL license.
+
+=head1 NAME
+
+c_rehash - Create symbolic links to files named by the hash values
+
+=head1 SYNOPSIS
+
+B<c_rehash>
+[ I<directory>...]
+
+=head1 DESCRIPTION
+
+B<c_rehash> scans directories and calculates a hash value of each C<.pem>
+file in the specified directory list and creates symbolic links
+for each file, where the name of the link is the hash value.
+This utility is useful as many programs that use OpenSSL require
+directories to be set up like this in order to find certificates.
+
+If any directories are named on the command line, then those are
+processed in turn. If not, then the B<SSL_CERT_DIR> environment variable
+is consulted; this shold be a colon-separated list of directories,
+like the Unix B<PATH> variable.
+If that is not set then the default directory (installation-specific
+but often B</usr/local/ssl/certs>) is processed.
+
+In order for a directory to be processed, the user must have write
+permissions on that directory, otherwise it will be skipped.
+The links created are of the form C<HHHHHHHH.D>, where each B<H>
+is a hexadecimal character and B<D> is a single decimal digit.
+When processing a directory, B<c_rehash> will first remove all links
+that have a name in that syntax. If you have links in that format
+used for other purposes, they will be removed.
+Hashes for CRL's look similar except the letter B<r> appears after
+the period, like this: C<HHHHHHHH.rD>.
+
+Multiple objects may have the same hash; they will be indicated by
+incrementing the B<D> value. Duplicates are found by comparing the
+full SHA-1 fingerprint. A warning will be displayed if a duplicate
+is found.
+
+A warning will also be displayed if there are B<.pem> files that
+cannot be parsed as either a certificate or a CRL.
+
+The program uses the B<openssl> program to compute the hashes and
+fingerprints. If not found in the user's B<PATH>, then set the
+B<OPENSSL> environment variable to the full pathname.
+Any program can be used, it will be invoked as follows for either
+a certificate or CRL:
+
+ $OPENSSL x509 -hash -fingerprint -noout -in FFFFFF
+ $OPENSSL crl -hash -fingerprint -noout -in FFFFFF
+
+where B<FFFFFF> is the filename. It must output the hash of the
+file on the first line, and the fingerprint on the second,
+optionally prefixed with some text and an equals sign.
+
+=head1 ENVIRONMENT
+
+=over
+
+=item B<OPENSSL>
+
+The path to an executable to use to generate hashes and
+fingerprints (see above).
+
+=item B<SSL_CERT_DIR>
+
+Colon separated list of directories to operate on.
+Ignored if directories are listed on the command line.
+
+=back
+
+=head1 SEE ALSO
+
+L<openssl(1)|openssl(1)>,
+L<crl(1)|crl(1)>.
+L<x509(1)|x509(1)>.
Modified: trunk/crypto/openssl/doc/apps/ca.pod
===================================================================
--- trunk/crypto/openssl/doc/apps/ca.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/apps/ca.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -213,7 +213,9 @@
to be added when a certificate is issued (defaults to B<x509_extensions>
unless the B<-extfile> option is used). If no extension section is
present then, a V1 certificate is created. If the extension section
-is present (even if it is empty), then a V3 certificate is created.
+is present (even if it is empty), then a V3 certificate is created. See the:w
+L<x509v3_config(5)|x509v3_config(5)> manual page for details of the
+extension section format.
=item B<-extfile file>
@@ -223,7 +225,7 @@
=item B<-engine id>
-specifying an engine (by it's unique B<id> string) will cause B<req>
+specifying an engine (by its unique B<id> string) will cause B<ca>
to attempt to obtain a functional reference to the specified engine,
thus initialising it if needed. The engine will then be set as the default
for all available algorithms.
@@ -316,7 +318,9 @@
created, if the CRL extension section is present (even if it is
empty) then a V2 CRL is created. The CRL extensions specified are
CRL extensions and B<not> CRL entry extensions. It should be noted
-that some software (for example Netscape) can't handle V2 CRLs.
+that some software (for example Netscape) can't handle V2 CRLs. See
+L<x509v3_config(5)|x509v3_config(5)> manual page for details of the
+extension section format.
=back
@@ -687,6 +691,6 @@
=head1 SEE ALSO
L<req(1)|req(1)>, L<spkac(1)|spkac(1)>, L<x509(1)|x509(1)>, L<CA.pl(1)|CA.pl(1)>,
-L<config(5)|config(5)>
+L<config(5)|config(5)>, L<x509v3_config(5)|x509v3_config(5)>
=cut
Modified: trunk/crypto/openssl/doc/apps/ciphers.pod
===================================================================
--- trunk/crypto/openssl/doc/apps/ciphers.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/apps/ciphers.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -8,6 +8,7 @@
B<openssl> B<ciphers>
[B<-v>]
+[B<-V>]
[B<-ssl2>]
[B<-ssl3>]
[B<-tls1>]
@@ -15,7 +16,7 @@
=head1 DESCRIPTION
-The B<cipherlist> command converts OpenSSL cipher lists into ordered
+The B<ciphers> command converts textual OpenSSL cipher lists into ordered
SSL cipher preference lists. It can be used as a test tool to determine
the appropriate cipherlist.
@@ -25,7 +26,7 @@
=item B<-v>
-verbose option. List ciphers with a complete description of
+Verbose option. List ciphers with a complete description of
protocol version (SSLv2 or SSLv3; the latter includes TLS), key exchange,
authentication, encryption and mac algorithms used along with any key size
restrictions and whether the algorithm is classed as an "export" cipher.
@@ -33,6 +34,10 @@
in a cipher list; this is when similar ciphers are available for
SSL v2 and for SSL v3/TLS v1.
+=item B<-V>
+
+Like B<-v>, but include cipher suite codes in output (hex format).
+
=item B<-ssl3>
only include SSL v3 ciphers.
@@ -104,19 +109,20 @@
=item B<DEFAULT>
-the default cipher list. This is determined at compile time and is normally
-B<ALL:!EXPORT:!aNULL:!eNULL:!SSLv2:@STRENGTH>. This must be the first cipher string
+the default cipher list. This is determined at compile time and
+is normally B<ALL:!EXPORT:!aNULL:!eNULL:!SSLv2>. This must be the firstcipher string
specified.
=item B<COMPLEMENTOFDEFAULT>
the ciphers included in B<ALL>, but not enabled by default. Currently
-this is B<ADH>. Note that this rule does not cover B<eNULL>, which is
-not included by B<ALL> (use B<COMPLEMENTOFALL> if necessary).
+this is B<ADH> and B<AECDH>. Note that this rule does not cover B<eNULL>,
+which is not included by B<ALL> (use B<COMPLEMENTOFALL> if necessary).
=item B<ALL>
-all ciphers suites except the B<eNULL> ciphers which must be explicitly enabled.
+all cipher suites except the B<eNULL> ciphers which must be explicitly enabled;
+as of OpenSSL, the B<ALL> cipher suites are reasonably ordered by default
=item B<COMPLEMENTOFALL>
@@ -159,22 +165,59 @@
=item B<aNULL>
the cipher suites offering no authentication. This is currently the anonymous
-DH algorithms. These cipher suites are vulnerable to a "man in the middle"
-attack and so their use is normally discouraged.
+DH algorithms and anonymous ECDH algorithms. These cipher suites are vulnerable
+to a "man in the middle" attack and so their use is normally discouraged.
=item B<kRSA>, B<RSA>
cipher suites using RSA key exchange.
+=item B<kDHr>, B<kDHd>, B<kDH>
+
+cipher suites using DH key agreement and DH certificates signed by CAs with RSA
+and DSS keys or either respectively. Not implemented.
+
=item B<kEDH>
-cipher suites using ephemeral DH key agreement.
+cipher suites using ephemeral DH key agreement, including anonymous cipher
+suites.
-=item B<kDHr>, B<kDHd>
+=item B<EDH>
-cipher suites using DH key agreement and DH certificates signed by CAs with RSA
-and DSS keys respectively. Not implemented.
+cipher suites using authenticated ephemeral DH key agreement.
+=item B<ADH>
+
+anonymous DH cipher suites, note that this does not include anonymous Elliptic
+Curve DH (ECDH) cipher suites.
+
+=item B<DH>
+
+cipher suites using DH, including anonymous DH, ephemeral DH and fixed DH.
+
+=item B<kECDHr>, B<kECDHe>, B<kECDH>
+
+cipher suites using fixed ECDH key agreement signed by CAs with RSA and ECDSA
+keys or either respectively.
+
+=item B<kEECDH>
+
+cipher suites using ephemeral ECDH key agreement, including anonymous
+cipher suites.
+
+=item B<EECDHE>
+
+cipher suites using authenticated ephemeral ECDH key agreement.
+
+=item B<AECDH>
+
+anonymous Elliptic Curve Diffie Hellman cipher suites.
+
+=item B<ECDH>
+
+cipher suites using ECDH key exchange, including anonymous, ephemeral and
+fixed ECDH.
+
=item B<aRSA>
cipher suites using RSA authentication, i.e. the certificates carry RSA keys.
@@ -188,31 +231,40 @@
cipher suites effectively using DH authentication, i.e. the certificates carry
DH keys. Not implemented.
+=item B<aECDH>
+
+cipher suites effectively using ECDH authentication, i.e. the certificates
+carry ECDH keys.
+
+=item B<aECDSA>, B<ECDSA>
+
+cipher suites using ECDSA authentication, i.e. the certificates carry ECDSA
+keys.
+
=item B<kFZA>, B<aFZA>, B<eFZA>, B<FZA>
ciphers suites using FORTEZZA key exchange, authentication, encryption or all
FORTEZZA algorithms. Not implemented.
-=item B<TLSv1>, B<SSLv3>, B<SSLv2>
+=item B<TLSv1.2>, B<TLSv1>, B<SSLv3>, B<SSLv2>
-TLS v1.0, SSL v3.0 or SSL v2.0 cipher suites respectively.
+TLS v1.2, TLS v1.0, SSL v3.0 or SSL v2.0 cipher suites respectively. Note:
+there are no ciphersuites specific to TLS v1.1.
-=item B<DH>
+=item B<AES128>, B<AES256>, B<AES>
-cipher suites using DH, including anonymous DH.
+cipher suites using 128 bit AES, 256 bit AES or either 128 or 256 bit AES.
-=item B<ADH>
+=item B<AESGCM>
-anonymous DH cipher suites.
+AES in Galois Counter Mode (GCM): these ciphersuites are only supported
+in TLS v1.2.
-=item B<AES>
+=item B<CAMELLIA128>, B<CAMELLIA256>, B<CAMELLIA>
-cipher suites using AES.
+cipher suites using 128 bit CAMELLIA, 256 bit CAMELLIA or either 128 or 256 bit
+CAMELLIA.
-=item B<CAMELLIA>
-
-cipher suites using Camellia.
-
=item B<3DES>
cipher suites using triple DES.
@@ -245,6 +297,40 @@
cipher suites using SHA1.
+=item B<SHA256>, B<SHA384>
+
+ciphersuites using SHA256 or SHA384.
+
+=item B<aGOST>
+
+cipher suites using GOST R 34.10 (either 2001 or 94) for authenticaction
+(needs an engine supporting GOST algorithms).
+
+=item B<aGOST01>
+
+cipher suites using GOST R 34.10-2001 authentication.
+
+=item B<aGOST94>
+
+cipher suites using GOST R 34.10-94 authentication (note that R 34.10-94
+standard has been expired so use GOST R 34.10-2001)
+
+=item B<kGOST>
+
+cipher suites, using VKO 34.10 key exchange, specified in the RFC 4357.
+
+=item B<GOST94>
+
+cipher suites, using HMAC based on GOST R 34.11-94.
+
+=item B<GOST89MAC>
+
+cipher suites using GOST 28147-89 MAC B<instead of> HMAC.
+
+=item B<PSK>
+
+cipher suites using pre-shared keys (PSK).
+
=back
=head1 CIPHER SUITE NAMES
@@ -370,6 +456,16 @@
TLS_DH_anon_WITH_SEED_CBC_SHA ADH-SEED-SHA
+=head2 GOST ciphersuites from draft-chudov-cryptopro-cptls, extending TLS v1.0
+
+Note: these ciphers require an engine which including GOST cryptographic
+algorithms, such as the B<ccgost> engine, included in the OpenSSL distribution.
+
+ TLS_GOSTR341094_WITH_28147_CNT_IMIT GOST94-GOST89-GOST89
+ TLS_GOSTR341001_WITH_28147_CNT_IMIT GOST2001-GOST89-GOST89
+ TLS_GOSTR341094_WITH_NULL_GOSTR3411 GOST94-NULL-GOST94
+ TLS_GOSTR341001_WITH_NULL_GOSTR3411 GOST2001-NULL-GOST94
+
=head2 Additional Export 1024 and other cipher suites
Note: these ciphers can also be used in SSL v3.
@@ -380,8 +476,101 @@
TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA EXP1024-DHE-DSS-RC4-SHA
TLS_DHE_DSS_WITH_RC4_128_SHA DHE-DSS-RC4-SHA
-=head2 SSL v2.0 cipher suites.
+=head2 Elliptic curve cipher suites.
+ TLS_ECDH_RSA_WITH_NULL_SHA ECDH-RSA-NULL-SHA
+ TLS_ECDH_RSA_WITH_RC4_128_SHA ECDH-RSA-RC4-SHA
+ TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA ECDH-RSA-DES-CBC3-SHA
+ TLS_ECDH_RSA_WITH_AES_128_CBC_SHA ECDH-RSA-AES128-SHA
+ TLS_ECDH_RSA_WITH_AES_256_CBC_SHA ECDH-RSA-AES256-SHA
+
+ TLS_ECDH_ECDSA_WITH_NULL_SHA ECDH-ECDSA-NULL-SHA
+ TLS_ECDH_ECDSA_WITH_RC4_128_SHA ECDH-ECDSA-RC4-SHA
+ TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA ECDH-ECDSA-DES-CBC3-SHA
+ TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA ECDH-ECDSA-AES128-SHA
+ TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA ECDH-ECDSA-AES256-SHA
+
+ TLS_ECDHE_RSA_WITH_NULL_SHA ECDHE-RSA-NULL-SHA
+ TLS_ECDHE_RSA_WITH_RC4_128_SHA ECDHE-RSA-RC4-SHA
+ TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA ECDHE-RSA-DES-CBC3-SHA
+ TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA ECDHE-RSA-AES128-SHA
+ TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA ECDHE-RSA-AES256-SHA
+
+ TLS_ECDHE_ECDSA_WITH_NULL_SHA ECDHE-ECDSA-NULL-SHA
+ TLS_ECDHE_ECDSA_WITH_RC4_128_SHA ECDHE-ECDSA-RC4-SHA
+ TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA ECDHE-ECDSA-DES-CBC3-SHA
+ TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA ECDHE-ECDSA-AES128-SHA
+ TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA ECDHE-ECDSA-AES256-SHA
+
+ TLS_ECDH_anon_WITH_NULL_SHA AECDH-NULL-SHA
+ TLS_ECDH_anon_WITH_RC4_128_SHA AECDH-RC4-SHA
+ TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA AECDH-DES-CBC3-SHA
+ TLS_ECDH_anon_WITH_AES_128_CBC_SHA AECDH-AES128-SHA
+ TLS_ECDH_anon_WITH_AES_256_CBC_SHA AECDH-AES256-SHA
+
+=head2 TLS v1.2 cipher suites
+
+ TLS_RSA_WITH_NULL_SHA256 NULL-SHA256
+
+ TLS_RSA_WITH_AES_128_CBC_SHA256 AES128-SHA256
+ TLS_RSA_WITH_AES_256_CBC_SHA256 AES256-SHA256
+ TLS_RSA_WITH_AES_128_GCM_SHA256 AES128-GCM-SHA256
+ TLS_RSA_WITH_AES_256_GCM_SHA384 AES256-GCM-SHA384
+
+ TLS_DH_RSA_WITH_AES_128_CBC_SHA256 Not implemented.
+ TLS_DH_RSA_WITH_AES_256_CBC_SHA256 Not implemented.
+ TLS_DH_RSA_WITH_AES_128_GCM_SHA256 Not implemented.
+ TLS_DH_RSA_WITH_AES_256_GCM_SHA384 Not implemented.
+
+ TLS_DH_DSS_WITH_AES_128_CBC_SHA256 Not implemented.
+ TLS_DH_DSS_WITH_AES_256_CBC_SHA256 Not implemented.
+ TLS_DH_DSS_WITH_AES_128_GCM_SHA256 Not implemented.
+ TLS_DH_DSS_WITH_AES_256_GCM_SHA384 Not implemented.
+
+ TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 DHE-RSA-AES128-SHA256
+ TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 DHE-RSA-AES256-SHA256
+ TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 DHE-RSA-AES128-GCM-SHA256
+ TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 DHE-RSA-AES256-GCM-SHA384
+
+ TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 DHE-DSS-AES128-SHA256
+ TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 DHE-DSS-AES256-SHA256
+ TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 DHE-DSS-AES128-GCM-SHA256
+ TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 DHE-DSS-AES256-GCM-SHA384
+
+ TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 ECDH-RSA-AES128-SHA256
+ TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 ECDH-RSA-AES256-SHA384
+ TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 ECDH-RSA-AES128-GCM-SHA256
+ TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 ECDH-RSA-AES256-GCM-SHA384
+
+ TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 ECDH-ECDSA-AES128-SHA256
+ TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 ECDH-ECDSA-AES256-SHA384
+ TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 ECDH-ECDSA-AES128-GCM-SHA256
+ TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 ECDH-ECDSA-AES256-GCM-SHA384
+
+ TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 ECDHE-RSA-AES128-SHA256
+ TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 ECDHE-RSA-AES256-SHA384
+ TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDHE-RSA-AES128-GCM-SHA256
+ TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 ECDHE-RSA-AES256-GCM-SHA384
+
+ TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 ECDHE-ECDSA-AES128-SHA256
+ TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 ECDHE-ECDSA-AES256-SHA384
+ TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 ECDHE-ECDSA-AES128-GCM-SHA256
+ TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 ECDHE-ECDSA-AES256-GCM-SHA384
+
+ TLS_DH_anon_WITH_AES_128_CBC_SHA256 ADH-AES128-SHA256
+ TLS_DH_anon_WITH_AES_256_CBC_SHA256 ADH-AES256-SHA256
+ TLS_DH_anon_WITH_AES_128_GCM_SHA256 ADH-AES128-GCM-SHA256
+ TLS_DH_anon_WITH_AES_256_GCM_SHA384 ADH-AES256-GCM-SHA384
+
+=head2 Pre shared keying (PSK) cipheruites
+
+ TLS_PSK_WITH_RC4_128_SHA PSK-RC4-SHA
+ TLS_PSK_WITH_3DES_EDE_CBC_SHA PSK-3DES-EDE-CBC-SHA
+ TLS_PSK_WITH_AES_128_CBC_SHA PSK-AES128-CBC-SHA
+ TLS_PSK_WITH_AES_256_CBC_SHA PSK-AES256-CBC-SHA
+
+=head2 Deprecated SSL v2.0 cipher suites.
+
SSL_CK_RC4_128_WITH_MD5 RC4-MD5
SSL_CK_RC4_128_EXPORT40_WITH_MD5 EXP-RC4-MD5
SSL_CK_RC2_128_CBC_WITH_MD5 RC2-MD5
@@ -409,6 +598,11 @@
openssl ciphers -v 'ALL:!ADH:@STRENGTH'
+Include all ciphers except ones with no encryption (eNULL) or no
+authentication (aNULL):
+
+ openssl ciphers -v 'ALL:!aNULL'
+
Include only 3DES ciphers and then place RSA ciphers last:
openssl ciphers -v '3DES:+RSA'
@@ -428,7 +622,8 @@
=head1 HISTORY
-The B<COMPLENTOFALL> and B<COMPLEMENTOFDEFAULT> selection options were
-added in version 0.9.7.
+The B<COMPLENTOFALL> and B<COMPLEMENTOFDEFAULT> selection options
+for cipherlist strings were added in OpenSSL 0.9.7.
+The B<-V> option for the B<ciphers> command was added in OpenSSL 1.0.0.
=cut
Copied: trunk/crypto/openssl/doc/apps/cms.pod (from rev 7117, vendor-crypto/openssl/dist/doc/apps/cms.pod)
===================================================================
--- trunk/crypto/openssl/doc/apps/cms.pod (rev 0)
+++ trunk/crypto/openssl/doc/apps/cms.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,620 @@
+=pod
+
+=head1 NAME
+
+cms - CMS utility
+
+=head1 SYNOPSIS
+
+B<openssl> B<cms>
+[B<-encrypt>]
+[B<-decrypt>]
+[B<-sign>]
+[B<-verify>]
+[B<-cmsout>]
+[B<-resign>]
+[B<-data_create>]
+[B<-data_out>]
+[B<-digest_create>]
+[B<-digest_verify>]
+[B<-compress>]
+[B<-uncompress>]
+[B<-EncryptedData_encrypt>]
+[B<-sign_receipt>]
+[B<-verify_receipt receipt>]
+[B<-in filename>]
+[B<-inform SMIME|PEM|DER>]
+[B<-rctform SMIME|PEM|DER>]
+[B<-out filename>]
+[B<-outform SMIME|PEM|DER>]
+[B<-stream -indef -noindef>]
+[B<-noindef>]
+[B<-content filename>]
+[B<-text>]
+[B<-noout>]
+[B<-print>]
+[B<-CAfile file>]
+[B<-CApath dir>]
+[B<-no_alt_chains>]
+[B<-md digest>]
+[B<-[cipher]>]
+[B<-nointern>]
+[B<-no_signer_cert_verify>]
+[B<-nocerts>]
+[B<-noattr>]
+[B<-nosmimecap>]
+[B<-binary>]
+[B<-nodetach>]
+[B<-certfile file>]
+[B<-certsout file>]
+[B<-signer file>]
+[B<-recip file>]
+[B<-keyid>]
+[B<-receipt_request_all -receipt_request_first>]
+[B<-receipt_request_from emailaddress>]
+[B<-receipt_request_to emailaddress>]
+[B<-receipt_request_print>]
+[B<-secretkey key>]
+[B<-secretkeyid id>]
+[B<-econtent_type type>]
+[B<-inkey file>]
+[B<-passin arg>]
+[B<-rand file(s)>]
+[B<cert.pem...>]
+[B<-to addr>]
+[B<-from addr>]
+[B<-subject subj>]
+[cert.pem]...
+
+=head1 DESCRIPTION
+
+The B<cms> command handles S/MIME v3.1 mail. It can encrypt, decrypt, sign and
+verify, compress and uncompress S/MIME messages.
+
+=head1 COMMAND OPTIONS
+
+There are fourteen operation options that set the type of operation to be
+performed. The meaning of the other options varies according to the operation
+type.
+
+=over 4
+
+=item B<-encrypt>
+
+encrypt mail for the given recipient certificates. Input file is the message
+to be encrypted. The output file is the encrypted mail in MIME format. The
+actual CMS type is <B>EnvelopedData<B>.
+
+=item B<-decrypt>
+
+decrypt mail using the supplied certificate and private key. Expects an
+encrypted mail message in MIME format for the input file. The decrypted mail
+is written to the output file.
+
+=item B<-debug_decrypt>
+
+this option sets the B<CMS_DEBUG_DECRYPT> flag. This option should be used
+with caution: see the notes section below.
+
+=item B<-sign>
+
+sign mail using the supplied certificate and private key. Input file is
+the message to be signed. The signed message in MIME format is written
+to the output file.
+
+=item B<-verify>
+
+verify signed mail. Expects a signed mail message on input and outputs
+the signed data. Both clear text and opaque signing is supported.
+
+=item B<-cmsout>
+
+takes an input message and writes out a PEM encoded CMS structure.
+
+=item B<-resign>
+
+resign a message: take an existing message and one or more new signers.
+
+=item B<-data_create>
+
+Create a CMS B<Data> type.
+
+=item B<-data_out>
+
+B<Data> type and output the content.
+
+=item B<-digest_create>
+
+Create a CMS B<DigestedData> type.
+
+=item B<-digest_verify>
+
+Verify a CMS B<DigestedData> type and output the content.
+
+=item B<-compress>
+
+Create a CMS B<CompressedData> type. OpenSSL must be compiled with B<zlib>
+support for this option to work, otherwise it will output an error.
+
+=item B<-uncompress>
+
+Uncompress a CMS B<CompressedData> type and output the content. OpenSSL must be
+compiled with B<zlib> support for this option to work, otherwise it will
+output an error.
+
+=item B<-EncryptedData_encrypt>
+
+Encrypt content using supplied symmetric key and algorithm using a CMS
+B<EncrytedData> type and output the content.
+
+=item B<-sign_receipt>
+
+Generate and output a signed receipt for the supplied message. The input
+message B<must> contain a signed receipt request. Functionality is otherwise
+similar to the B<-sign> operation.
+
+=item B<-verify_receipt receipt>
+
+Verify a signed receipt in filename B<receipt>. The input message B<must>
+contain the original receipt request. Functionality is otherwise similar
+to the B<-verify> operation.
+
+=item B<-in filename>
+
+the input message to be encrypted or signed or the message to be decrypted
+or verified.
+
+=item B<-inform SMIME|PEM|DER>
+
+this specifies the input format for the CMS structure. The default
+is B<SMIME> which reads an S/MIME format message. B<PEM> and B<DER>
+format change this to expect PEM and DER format CMS structures
+instead. This currently only affects the input format of the CMS
+structure, if no CMS structure is being input (for example with
+B<-encrypt> or B<-sign>) this option has no effect.
+
+=item B<-rctform SMIME|PEM|DER>
+
+specify the format for a signed receipt for use with the B<-receipt_verify>
+operation.
+
+=item B<-out filename>
+
+the message text that has been decrypted or verified or the output MIME
+format message that has been signed or verified.
+
+=item B<-outform SMIME|PEM|DER>
+
+this specifies the output format for the CMS structure. The default
+is B<SMIME> which writes an S/MIME format message. B<PEM> and B<DER>
+format change this to write PEM and DER format CMS structures
+instead. This currently only affects the output format of the CMS
+structure, if no CMS structure is being output (for example with
+B<-verify> or B<-decrypt>) this option has no effect.
+
+=item B<-stream -indef -noindef>
+
+the B<-stream> and B<-indef> options are equivalent and enable streaming I/O
+for encoding operations. This permits single pass processing of data without
+the need to hold the entire contents in memory, potentially supporting very
+large files. Streaming is automatically set for S/MIME signing with detached
+data if the output format is B<SMIME> it is currently off by default for all
+other operations.
+
+=item B<-noindef>
+
+disable streaming I/O where it would produce and indefinite length constructed
+encoding. This option currently has no effect. In future streaming will be
+enabled by default on all relevant operations and this option will disable it.
+
+=item B<-content filename>
+
+This specifies a file containing the detached content, this is only
+useful with the B<-verify> command. This is only usable if the CMS
+structure is using the detached signature form where the content is
+not included. This option will override any content if the input format
+is S/MIME and it uses the multipart/signed MIME content type.
+
+=item B<-text>
+
+this option adds plain text (text/plain) MIME headers to the supplied
+message if encrypting or signing. If decrypting or verifying it strips
+off text headers: if the decrypted or verified message is not of MIME
+type text/plain then an error occurs.
+
+=item B<-noout>
+
+for the B<-cmsout> operation do not output the parsed CMS structure. This
+is useful when combined with the B<-print> option or if the syntax of the CMS
+structure is being checked.
+
+=item B<-print>
+
+for the B<-cmsout> operation print out all fields of the CMS structure. This
+is mainly useful for testing purposes.
+
+=item B<-CAfile file>
+
+a file containing trusted CA certificates, only used with B<-verify>.
+
+=item B<-CApath dir>
+
+a directory containing trusted CA certificates, only used with
+B<-verify>. This directory must be a standard certificate directory: that
+is a hash of each subject name (using B<x509 -hash>) should be linked
+to each certificate.
+
+=item B<-md digest>
+
+digest algorithm to use when signing or resigning. If not present then the
+default digest algorithm for the signing key will be used (usually SHA1).
+
+=item B<-[cipher]>
+
+the encryption algorithm to use. For example triple DES (168 bits) - B<-des3>
+or 256 bit AES - B<-aes256>. Any standard algorithm name (as used by the
+EVP_get_cipherbyname() function) can also be used preceded by a dash, for
+example B<-aes_128_cbc>. See L<B<enc>|enc(1)> for a list of ciphers
+supported by your version of OpenSSL.
+
+If not specified triple DES is used. Only used with B<-encrypt> and
+B<-EncryptedData_create> commands.
+
+=item B<-nointern>
+
+when verifying a message normally certificates (if any) included in
+the message are searched for the signing certificate. With this option
+only the certificates specified in the B<-certfile> option are used.
+The supplied certificates can still be used as untrusted CAs however.
+
+=item B<-no_signer_cert_verify>
+
+do not verify the signers certificate of a signed message.
+
+=item B<-nocerts>
+
+when signing a message the signer's certificate is normally included
+with this option it is excluded. This will reduce the size of the
+signed message but the verifier must have a copy of the signers certificate
+available locally (passed using the B<-certfile> option for example).
+
+=item B<-noattr>
+
+normally when a message is signed a set of attributes are included which
+include the signing time and supported symmetric algorithms. With this
+option they are not included.
+
+=item B<-nosmimecap>
+
+exclude the list of supported algorithms from signed attributes, other options
+such as signing time and content type are still included.
+
+=item B<-binary>
+
+normally the input message is converted to "canonical" format which is
+effectively using CR and LF as end of line: as required by the S/MIME
+specification. When this option is present no translation occurs. This
+is useful when handling binary data which may not be in MIME format.
+
+=item B<-nodetach>
+
+when signing a message use opaque signing: this form is more resistant
+to translation by mail relays but it cannot be read by mail agents that
+do not support S/MIME. Without this option cleartext signing with
+the MIME type multipart/signed is used.
+
+=item B<-certfile file>
+
+allows additional certificates to be specified. When signing these will
+be included with the message. When verifying these will be searched for
+the signers certificates. The certificates should be in PEM format.
+
+=item B<-certsout file>
+
+any certificates contained in the message are written to B<file>.
+
+=item B<-signer file>
+
+a signing certificate when signing or resigning a message, this option can be
+used multiple times if more than one signer is required. If a message is being
+verified then the signers certificates will be written to this file if the
+verification was successful.
+
+=item B<-recip file>
+
+the recipients certificate when decrypting a message. This certificate
+must match one of the recipients of the message or an error occurs.
+
+=item B<-keyid>
+
+use subject key identifier to identify certificates instead of issuer name and
+serial number. The supplied certificate B<must> include a subject key
+identifier extension. Supported by B<-sign> and B<-encrypt> options.
+
+=item B<-receipt_request_all -receipt_request_first>
+
+for B<-sign> option include a signed receipt request. Indicate requests should
+be provided by all receipient or first tier recipients (those mailed directly
+and not from a mailing list). Ignored it B<-receipt_request_from> is included.
+
+=item B<-receipt_request_from emailaddress>
+
+for B<-sign> option include a signed receipt request. Add an explicit email
+address where receipts should be supplied.
+
+=item B<-receipt_request_to emailaddress>
+
+Add an explicit email address where signed receipts should be sent to. This
+option B<must> but supplied if a signed receipt it requested.
+
+=item B<-receipt_request_print>
+
+For the B<-verify> operation print out the contents of any signed receipt
+requests.
+
+=item B<-secretkey key>
+
+specify symmetric key to use. The key must be supplied in hex format and be
+consistent with the algorithm used. Supported by the B<-EncryptedData_encrypt>
+B<-EncrryptedData_decrypt>, B<-encrypt> and B<-decrypt> options. When used
+with B<-encrypt> or B<-decrypt> the supplied key is used to wrap or unwrap the
+content encryption key using an AES key in the B<KEKRecipientInfo> type.
+
+=item B<-secretkeyid id>
+
+the key identifier for the supplied symmetric key for B<KEKRecipientInfo> type.
+This option B<must> be present if the B<-secretkey> option is used with
+B<-encrypt>. With B<-decrypt> operations the B<id> is used to locate the
+relevant key if it is not supplied then an attempt is used to decrypt any
+B<KEKRecipientInfo> structures.
+
+=item B<-econtent_type type>
+
+set the encapsulated content type to B<type> if not supplied the B<Data> type
+is used. The B<type> argument can be any valid OID name in either text or
+numerical format.
+
+=item B<-inkey file>
+
+the private key to use when signing or decrypting. This must match the
+corresponding certificate. If this option is not specified then the
+private key must be included in the certificate file specified with
+the B<-recip> or B<-signer> file. When signing this option can be used
+multiple times to specify successive keys.
+
+=item B<-passin arg>
+
+the private key password source. For more information about the format of B<arg>
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+
+=item B<-rand file(s)>
+
+a file or files containing random data used to seed the random number
+generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
+Multiple files can be specified separated by a OS-dependent character.
+The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
+all others.
+
+=item B<cert.pem...>
+
+one or more certificates of message recipients: used when encrypting
+a message.
+
+=item B<-to, -from, -subject>
+
+the relevant mail headers. These are included outside the signed
+portion of a message so they may be included manually. If signing
+then many S/MIME mail clients check the signers certificate's email
+address matches that specified in the From: address.
+
+=item B<-purpose, -ignore_critical, -issuer_checks, -crl_check, -crl_check_all, -policy_check, -extended_crl, -x509_strict, -policy -check_ss_sig -no_alt_chains>
+
+Set various certificate chain valiadition option. See the
+L<B<verify>|verify(1)> manual page for details.
+
+=back
+
+=head1 NOTES
+
+The MIME message must be sent without any blank lines between the
+headers and the output. Some mail programs will automatically add
+a blank line. Piping the mail directly to sendmail is one way to
+achieve the correct format.
+
+The supplied message to be signed or encrypted must include the
+necessary MIME headers or many S/MIME clients wont display it
+properly (if at all). You can use the B<-text> option to automatically
+add plain text headers.
+
+A "signed and encrypted" message is one where a signed message is
+then encrypted. This can be produced by encrypting an already signed
+message: see the examples section.
+
+This version of the program only allows one signer per message but it
+will verify multiple signers on received messages. Some S/MIME clients
+choke if a message contains multiple signers. It is possible to sign
+messages "in parallel" by signing an already signed message.
+
+The options B<-encrypt> and B<-decrypt> reflect common usage in S/MIME
+clients. Strictly speaking these process CMS enveloped data: CMS
+encrypted data is used for other purposes.
+
+The B<-resign> option uses an existing message digest when adding a new
+signer. This means that attributes must be present in at least one existing
+signer using the same message digest or this operation will fail.
+
+The B<-stream> and B<-indef> options enable experimental streaming I/O support.
+As a result the encoding is BER using indefinite length constructed encoding
+and no longer DER. Streaming is supported for the B<-encrypt> operation and the
+B<-sign> operation if the content is not detached.
+
+Streaming is always used for the B<-sign> operation with detached data but
+since the content is no longer part of the CMS structure the encoding
+remains DER.
+
+If the B<-decrypt> option is used without a recipient certificate then an
+attempt is made to locate the recipient by trying each potential recipient
+in turn using the supplied private key. To thwart the MMA attack
+(Bleichenbacher's attack on PKCS #1 v1.5 RSA padding) all recipients are
+tried whether they succeed or not and if no recipients match the message
+is "decrypted" using a random key which will typically output garbage.
+The B<-debug_decrypt> option can be used to disable the MMA attack protection
+and return an error if no recipient can be found: this option should be used
+with caution. For a fuller description see L<CMS_decrypt(3)|CMS_decrypt(3)>).
+
+=head1 EXIT CODES
+
+=over 4
+
+=item Z<>0
+
+the operation was completely successfully.
+
+=item Z<>1
+
+an error occurred parsing the command options.
+
+=item Z<>2
+
+one of the input files could not be read.
+
+=item Z<>3
+
+an error occurred creating the CMS file or when reading the MIME
+message.
+
+=item Z<>4
+
+an error occurred decrypting or verifying the message.
+
+=item Z<>5
+
+the message was verified correctly but an error occurred writing out
+the signers certificates.
+
+=back
+
+=head1 COMPATIBILITY WITH PKCS#7 format.
+
+The B<smime> utility can only process the older B<PKCS#7> format. The B<cms>
+utility supports Cryptographic Message Syntax format. Use of some features
+will result in messages which cannot be processed by applications which only
+support the older format. These are detailed below.
+
+The use of the B<-keyid> option with B<-sign> or B<-encrypt>.
+
+The B<-outform PEM> option uses different headers.
+
+The B<-compress> option.
+
+The B<-secretkey> option when used with B<-encrypt>.
+
+Additionally the B<-EncryptedData_create> and B<-data_create> type cannot
+be processed by the older B<smime> command.
+
+=head1 EXAMPLES
+
+Create a cleartext signed message:
+
+ openssl cms -sign -in message.txt -text -out mail.msg \
+ -signer mycert.pem
+
+Create an opaque signed message
+
+ openssl cms -sign -in message.txt -text -out mail.msg -nodetach \
+ -signer mycert.pem
+
+Create a signed message, include some additional certificates and
+read the private key from another file:
+
+ openssl cms -sign -in in.txt -text -out mail.msg \
+ -signer mycert.pem -inkey mykey.pem -certfile mycerts.pem
+
+Create a signed message with two signers, use key identifier:
+
+ openssl cms -sign -in message.txt -text -out mail.msg \
+ -signer mycert.pem -signer othercert.pem -keyid
+
+Send a signed message under Unix directly to sendmail, including headers:
+
+ openssl cms -sign -in in.txt -text -signer mycert.pem \
+ -from steve at openssl.org -to someone at somewhere \
+ -subject "Signed message" | sendmail someone at somewhere
+
+Verify a message and extract the signer's certificate if successful:
+
+ openssl cms -verify -in mail.msg -signer user.pem -out signedtext.txt
+
+Send encrypted mail using triple DES:
+
+ openssl cms -encrypt -in in.txt -from steve at openssl.org \
+ -to someone at somewhere -subject "Encrypted message" \
+ -des3 user.pem -out mail.msg
+
+Sign and encrypt mail:
+
+ openssl cms -sign -in ml.txt -signer my.pem -text \
+ | openssl cms -encrypt -out mail.msg \
+ -from steve at openssl.org -to someone at somewhere \
+ -subject "Signed and Encrypted message" -des3 user.pem
+
+Note: the encryption command does not include the B<-text> option because the
+message being encrypted already has MIME headers.
+
+Decrypt mail:
+
+ openssl cms -decrypt -in mail.msg -recip mycert.pem -inkey key.pem
+
+The output from Netscape form signing is a PKCS#7 structure with the
+detached signature format. You can use this program to verify the
+signature by line wrapping the base64 encoded structure and surrounding
+it with:
+
+ -----BEGIN PKCS7-----
+ -----END PKCS7-----
+
+and using the command,
+
+ openssl cms -verify -inform PEM -in signature.pem -content content.txt
+
+alternatively you can base64 decode the signature and use
+
+ openssl cms -verify -inform DER -in signature.der -content content.txt
+
+Create an encrypted message using 128 bit Camellia:
+
+ openssl cms -encrypt -in plain.txt -camellia128 -out mail.msg cert.pem
+
+Add a signer to an existing message:
+
+ openssl cms -resign -in mail.msg -signer newsign.pem -out mail2.msg
+
+=head1 BUGS
+
+The MIME parser isn't very clever: it seems to handle most messages that I've
+thrown at it but it may choke on others.
+
+The code currently will only write out the signer's certificate to a file: if
+the signer has a separate encryption certificate this must be manually
+extracted. There should be some heuristic that determines the correct
+encryption certificate.
+
+Ideally a database should be maintained of a certificates for each email
+address.
+
+The code doesn't currently take note of the permitted symmetric encryption
+algorithms as supplied in the SMIMECapabilities signed attribute. this means the
+user has to manually include the correct encryption algorithm. It should store
+the list of permitted ciphers in a database and only use those.
+
+No revocation checking is done on the signer's certificate.
+
+=head1 HISTORY
+
+The use of multiple B<-signer> options and the B<-resign> command were first
+added in OpenSSL 1.0.0
+
+
+The -no_alt_chains options was first added to OpenSSL 1.0.1n and 1.0.2b.
+
+=cut
Modified: trunk/crypto/openssl/doc/apps/config.pod
===================================================================
--- trunk/crypto/openssl/doc/apps/config.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/apps/config.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -89,8 +89,7 @@
... engine stuff here ...
-Currently there are two configuration modules. One for ASN1 objects another
-for ENGINE configuration.
+The features of each configuration module are described below.
=head2 ASN1 OBJECT CONFIGURATION MODULE
@@ -119,7 +118,7 @@
information.
The section pointed to by B<engines> is a table of engine names (though see
-B<engine_id> below) and further sections containing configuration informations
+B<engine_id> below) and further sections containing configuration information
specific to each ENGINE.
Each ENGINE specific section is used to set default algorithms, load
@@ -191,6 +190,25 @@
# Supply all default algorithms
default_algorithms = ALL
+=head2 EVP CONFIGURATION MODULE
+
+This modules has the name B<alg_section> which points to a section containing
+algorithm commands.
+
+Currently the only algorithm command supported is B<fips_mode> whose
+value should be a boolean string such as B<on> or B<off>. If the value is
+B<on> this attempt to enter FIPS mode. If the call fails or the library is
+not FIPS capable then an error occurs.
+
+For example:
+
+ alg_section = evp_settings
+
+ [evp_settings]
+
+ fips_mode = on
+
+
=head1 NOTES
If a configuration file attempts to expand a variable that doesn't exist
@@ -259,6 +277,59 @@
# The above value is used if TEMP isn't in the environment
tmpfile=${ENV::TEMP}/tmp.filename
+Simple OpenSSL library configuration example to enter FIPS mode:
+
+ # Default appname: should match "appname" parameter (if any)
+ # supplied to CONF_modules_load_file et al.
+ openssl_conf = openssl_conf_section
+
+ [openssl_conf_section]
+ # Configuration module list
+ alg_section = evp_sect
+
+ [evp_sect]
+ # Set to "yes" to enter FIPS mode if supported
+ fips_mode = yes
+
+Note: in the above example you will get an error in non FIPS capable versions
+of OpenSSL.
+
+More complex OpenSSL library configuration. Add OID and don't enter FIPS mode:
+
+ # Default appname: should match "appname" parameter (if any)
+ # supplied to CONF_modules_load_file et al.
+ openssl_conf = openssl_conf_section
+
+ [openssl_conf_section]
+ # Configuration module list
+ alg_section = evp_sect
+ oid_section = new_oids
+
+ [evp_sect]
+ # This will have no effect as FIPS mode is off by default.
+ # Set to "yes" to enter FIPS mode, if supported
+ fips_mode = no
+
+ [new_oids]
+ # New OID, just short name
+ newoid1 = 1.2.3.4.1
+ # New OID shortname and long name
+ newoid2 = New OID 2 long name, 1.2.3.4.2
+
+The above examples can be used with with any application supporting library
+configuration if "openssl_conf" is modified to match the appropriate "appname".
+
+For example if the second sample file above is saved to "example.cnf" then
+the command line:
+
+ OPENSSL_CONF=example.cnf openssl asn1parse -genstr OID:1.2.3.4.1
+
+will output:
+
+ 0:d=0 hl=2 l= 4 prim: OBJECT :newoid1
+
+showing that the OID "newoid1" has been added as "1.2.3.4.1".
+
=head1 BUGS
Currently there is no way to include characters using the octal B<\nnn>
Modified: trunk/crypto/openssl/doc/apps/crl.pod
===================================================================
--- trunk/crypto/openssl/doc/apps/crl.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/apps/crl.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -68,6 +68,11 @@
output a hash of the issuer name. This can be use to lookup CRLs in
a directory by issuer name.
+=item B<-hash_old>
+
+outputs the "hash" of the CRL issuer name using the older algorithm
+as used by OpenSSL versions before 1.0.0.
+
=item B<-issuer>
output the issuer name.
Modified: trunk/crypto/openssl/doc/apps/dgst.pod
===================================================================
--- trunk/crypto/openssl/doc/apps/dgst.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/apps/dgst.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -2,34 +2,40 @@
=head1 NAME
-dgst, md5, md4, md2, sha1, sha, mdc2, ripemd160 - message digests
+dgst, sha, sha1, mdc2, ripemd160, sha224, sha256, sha384, sha512, md2, md4, md5, dss1 - message digests
=head1 SYNOPSIS
B<openssl> B<dgst>
-[B<-md5|-md4|-md2|-sha1|-sha|-mdc2|-ripemd160|-dss1>]
+[B<-sha|-sha1|-mdc2|-ripemd160|-sha224|-sha256|-sha384|-sha512|-md2|-md4|-md5|-dss1>]
[B<-c>]
[B<-d>]
[B<-hex>]
[B<-binary>]
+[B<-r>]
+[B<-hmac arg>]
+[B<-non-fips-allow>]
[B<-out filename>]
[B<-sign filename>]
+[B<-keyform arg>]
[B<-passin arg>]
[B<-verify filename>]
[B<-prverify filename>]
[B<-signature filename>]
[B<-hmac key>]
+[B<-non-fips-allow>]
+[B<-fips-fingerprint>]
[B<file...>]
-[B<md5|md4|md2|sha1|sha|mdc2|ripemd160>]
-[B<-c>]
-[B<-d>]
-[B<file...>]
+B<openssl>
+[I<digest>]
+[B<...>]
=head1 DESCRIPTION
The digest functions output the message digest of a supplied file or files
-in hexadecimal form. They can also be used for digital signing and verification.
+in hexadecimal. The digest functions also generate and verify digital
+signatures using message digests.
=head1 OPTIONS
@@ -47,12 +53,26 @@
=item B<-hex>
digest is to be output as a hex dump. This is the default case for a "normal"
-digest as opposed to a digital signature.
+digest as opposed to a digital signature. See NOTES below for digital
+signatures using B<-hex>.
=item B<-binary>
output the digest or signature in binary form.
+=item B<-r>
+
+output the digest in the "coreutils" format used by programs like B<sha1sum>.
+
+=item B<-hmac arg>
+
+set the HMAC key to "arg".
+
+=item B<-non-fips-allow>
+
+Allow use of non FIPS digest when in FIPS mode. This has no effect when not in
+FIPS mode.
+
=item B<-out filename>
filename to output to, or standard output by default.
@@ -61,6 +81,23 @@
digitally sign the digest using the private key in "filename".
+=item B<-keyform arg>
+
+Specifies the key format to sign digest with. The DER, PEM, P12,
+and ENGINE formats are supported.
+
+=item B<-engine id>
+
+Use engine B<id> for operations (including private key storage).
+This engine is not used as source for digest algorithms, unless it is
+also specified in the configuration file.
+
+=item B<-sigopt nm:v>
+
+Pass options to the signature algorithm during sign or verify operations.
+Names and values of these options are algorithm-specific.
+
+
=item B<-passin arg>
the private key password source. For more information about the format of B<arg>
@@ -83,6 +120,35 @@
create a hashed MAC using "key".
+=item B<-mac alg>
+
+create MAC (keyed Message Authentication Code). The most popular MAC
+algorithm is HMAC (hash-based MAC), but there are other MAC algorithms
+which are not based on hash, for instance B<gost-mac> algorithm,
+supported by B<ccgost> engine. MAC keys and other options should be set
+via B<-macopt> parameter.
+
+=item B<-macopt nm:v>
+
+Passes options to MAC algorithm, specified by B<-mac> key.
+Following options are supported by both by B<HMAC> and B<gost-mac>:
+
+=over 8
+
+=item B<key:string>
+
+Specifies MAC key as alphnumeric string (use if key contain printable
+characters only). String length must conform to any restrictions of
+the MAC algorithm for example exactly 32 chars for gost-mac.
+
+=item B<hexkey:string>
+
+Specifies MAC key in hexadecimal form (two hex digits per byte).
+Key length must conform to any restrictions of the MAC algorithm
+for example exactly 32 chars for gost-mac.
+
+=back
+
=item B<-rand file(s)>
a file or files containing random data used to seed the random number
@@ -91,6 +157,15 @@
The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
all others.
+=item B<-non-fips-allow>
+
+enable use of non-FIPS algorithms such as MD5 even in FIPS mode.
+
+=item B<-fips-fingerprint>
+
+compute HMAC using a specific key
+for certain OpenSSL-FIPS operations.
+
=item B<file...>
file or files to digest. If no files are specified then standard input is
@@ -98,18 +173,41 @@
=back
+
+=head1 EXAMPLES
+
+To create a hex-encoded message digest of a file:
+ openssl dgst -md5 -hex file.txt
+
+To sign a file using SHA-256 with binary file output:
+ openssl dgst -sha256 -sign privatekey.pem -out signature.sign file.txt
+
+To verify a signature:
+ openssl dgst -sha256 -verify publickey.pem \
+ -signature signature.sign \
+ file.txt
+
+
=head1 NOTES
The digest of choice for all new applications is SHA1. Other digests are
however still widely used.
-If you wish to sign or verify data using the DSA algorithm then the dss1
-digest must be used.
+When signing a file, B<dgst> will automatically determine the algorithm
+(RSA, ECC, etc) to use for signing based on the private key's ASN.1 info.
+When verifying signatures, it only handles the RSA, DSA, or ECDSA signature
+itself, not the related data to identify the signer and algorithm used in
+formats such as x.509, CMS, and S/MIME.
A source of random numbers is required for certain signing algorithms, in
-particular DSA.
+particular ECDSA and DSA.
The signing and verify options should only be used if a single file is
being signed or verified.
+Hex signatures cannot be verified using B<openssl>. Instead, use "xxd -r"
+or similar program to transform the hex signature into a binary signature
+prior to verification.
+
+
=cut
Modified: trunk/crypto/openssl/doc/apps/dhparam.pod
===================================================================
--- trunk/crypto/openssl/doc/apps/dhparam.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/apps/dhparam.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -71,8 +71,10 @@
=item B<-2>, B<-5>
-The generator to use, either 2 or 5. 2 is the default. If present then the
-input file is ignored and parameters are generated instead.
+The generator to use, either 2 or 5. If present then the
+input file is ignored and parameters are generated instead. If not
+present but B<numbits> is present, parameters are generated with the
+default generator 2.
=item B<-rand> I<file(s)>
@@ -85,9 +87,10 @@
=item I<numbits>
this option specifies that a parameter set should be generated of size
-I<numbits>. It must be the last option. If not present then a value of 512
-is used. If this option is present then the input file is ignored and
-parameters are generated instead.
+I<numbits>. It must be the last option. If this option is present then
+the input file is ignored and parameters are generated instead. If
+this option is not present but a generator (B<-2> or B<-5>) is
+present, parameters are generated with a default length of 2048 bits.
=item B<-noout>
@@ -104,7 +107,7 @@
=item B<-engine id>
-specifying an engine (by it's unique B<id> string) will cause B<req>
+specifying an engine (by its unique B<id> string) will cause B<dhparam>
to attempt to obtain a functional reference to the specified engine,
thus initialising it if needed. The engine will then be set as the default
for all available algorithms.
Modified: trunk/crypto/openssl/doc/apps/dsa.pod
===================================================================
--- trunk/crypto/openssl/doc/apps/dsa.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/apps/dsa.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -115,7 +115,7 @@
=item B<-engine id>
-specifying an engine (by it's unique B<id> string) will cause B<req>
+specifying an engine (by its unique B<id> string) will cause B<dsa>
to attempt to obtain a functional reference to the specified engine,
thus initialising it if needed. The engine will then be set as the default
for all available algorithms.
Modified: trunk/crypto/openssl/doc/apps/dsaparam.pod
===================================================================
--- trunk/crypto/openssl/doc/apps/dsaparam.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/apps/dsaparam.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -85,7 +85,7 @@
=item B<-engine id>
-specifying an engine (by it's unique B<id> string) will cause B<req>
+specifying an engine (by its unique B<id> string) will cause B<dsaparam>
to attempt to obtain a functional reference to the specified engine,
thus initialising it if needed. The engine will then be set as the default
for all available algorithms.
Modified: trunk/crypto/openssl/doc/apps/ec.pod
===================================================================
--- trunk/crypto/openssl/doc/apps/ec.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/apps/ec.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -41,7 +41,7 @@
This specifies the input format. The B<DER> option with a private key uses
an ASN.1 DER encoded SEC1 private key. When used with a public key it
-uses the SubjectPublicKeyInfo structur as specified in RFC 3280.
+uses the SubjectPublicKeyInfo structure as specified in RFC 3280.
The B<PEM> form is the default format: it consists of the B<DER> format base64
encoded with additional header and footer lines. In the case of a private key
PKCS#8 format is also accepted.
@@ -130,7 +130,7 @@
=item B<-engine id>
-specifying an engine (by it's unique B<id> string) will cause B<req>
+specifying an engine (by its unique B<id> string) will cause B<ec>
to attempt to obtain a functional reference to the specified engine,
thus initialising it if needed. The engine will then be set as the default
for all available algorithms.
Modified: trunk/crypto/openssl/doc/apps/ecparam.pod
===================================================================
--- trunk/crypto/openssl/doc/apps/ecparam.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/apps/ecparam.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -121,7 +121,7 @@
=item B<-engine id>
-specifying an engine (by it's unique B<id> string) will cause B<req>
+specifying an engine (by its unique B<id> string) will cause B<ecparam>
to attempt to obtain a functional reference to the specified engine,
thus initialising it if needed. The engine will then be set as the default
for all available algorithms.
Modified: trunk/crypto/openssl/doc/apps/enc.pod
===================================================================
--- trunk/crypto/openssl/doc/apps/enc.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/apps/enc.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -12,17 +12,24 @@
[B<-pass arg>]
[B<-e>]
[B<-d>]
-[B<-a>]
+[B<-a/-base64>]
[B<-A>]
[B<-k password>]
[B<-kfile filename>]
[B<-K key>]
[B<-iv IV>]
+[B<-S salt>]
+[B<-salt>]
+[B<-nosalt>]
+[B<-z>]
+[B<-md>]
[B<-p>]
[B<-P>]
[B<-bufsize number>]
[B<-nopad>]
[B<-debug>]
+[B<-none>]
+[B<-engine id>]
=head1 DESCRIPTION
@@ -72,6 +79,10 @@
the data is base64 encoded after encryption. If decryption is set then
the input data is base64 decoded before being decrypted.
+=item B<-base64>
+
+same as B<-a>
+
=item B<-A>
if the B<-a> option is set then base64 process the data on one line.
@@ -87,10 +98,18 @@
This is for compatibility with previous versions of OpenSSL. Superseded by
the B<-pass> argument.
+=item B<-nosalt>
+
+do not use a salt
+
+=item B<-salt>
+
+use salt (randomly generated or provide with B<-S> option) when
+encrypting (this is the default).
+
=item B<-S salt>
-the actual salt to use: this must be represented as a string comprised only
-of hex digits.
+the actual salt to use: this must be represented as a string of hex digits.
=item B<-K key>
@@ -129,13 +148,35 @@
debug the BIOs used for I/O.
+=item B<-z>
+
+Compress or decompress clear text using zlib before encryption or after
+decryption. This option exists only if OpenSSL with compiled with zlib
+or zlib-dynamic option.
+
+=item B<-none>
+
+Use NULL cipher (no encryption or decryption of input).
+
=back
=head1 NOTES
The program can be called either as B<openssl ciphername> or
-B<openssl enc -ciphername>.
+B<openssl enc -ciphername>. But the first form doesn't work with
+engine-provided ciphers, because this form is processed before the
+configuration file is read and any ENGINEs loaded.
+Engines which provide entirely new encryption algorithms (such as ccgost
+engine which provides gost89 algorithm) should be configured in the
+configuration file. Engines, specified in the command line using -engine
+options can only be used for hadrware-assisted implementations of
+ciphers, which are supported by OpenSSL core or other engine, specified
+in the configuration file.
+
+When enc command lists supported ciphers, ciphers provided by engines,
+specified in the configuration files are listed too.
+
A password will be prompted for to derive the key and IV if necessary.
The B<-salt> option should B<ALWAYS> be used if the key is being derived
@@ -167,6 +208,18 @@
=head1 SUPPORTED CIPHERS
+Note that some of these ciphers can be disabled at compile time
+and some are available only if an appropriate engine is configured
+in the configuration file. The output of the B<enc> command run with
+unsupported options (for example B<openssl enc -help>) includes a
+list of ciphers, supported by your versesion of OpenSSL, including
+ones provided by configured engines.
+
+The B<enc> program does not support authenticated encryption modes
+like CCM and GCM. The utility does not store or retrieve the
+authentication tag.
+
+
base64 Base 64
bf-cbc Blowfish in CBC mode
@@ -201,6 +254,9 @@
desx DESX algorithm.
+ gost89 GOST 28147-89 in CFB mode (provided by ccgost engine)
+ gost89-cnt `GOST 28147-89 in CNT mode (provided by ccgost engine)
+
idea-cbc IDEA algorithm in CBC mode
idea same as idea-cbc
idea-cfb IDEA in CFB mode
Modified: trunk/crypto/openssl/doc/apps/gendsa.pod
===================================================================
--- trunk/crypto/openssl/doc/apps/gendsa.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/apps/gendsa.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -46,7 +46,7 @@
=item B<-engine id>
-specifying an engine (by it's unique B<id> string) will cause B<req>
+specifying an engine (by its unique B<id> string) will cause B<gendsa>
to attempt to obtain a functional reference to the specified engine,
thus initialising it if needed. The engine will then be set as the default
for all available algorithms.
Copied: trunk/crypto/openssl/doc/apps/genpkey.pod (from rev 7117, vendor-crypto/openssl/dist/doc/apps/genpkey.pod)
===================================================================
--- trunk/crypto/openssl/doc/apps/genpkey.pod (rev 0)
+++ trunk/crypto/openssl/doc/apps/genpkey.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,215 @@
+=pod
+
+=head1 NAME
+
+genpkey - generate a private key
+
+=head1 SYNOPSIS
+
+B<openssl> B<genpkey>
+[B<-out filename>]
+[B<-outform PEM|DER>]
+[B<-pass arg>]
+[B<-cipher>]
+[B<-engine id>]
+[B<-paramfile file>]
+[B<-algorithm alg>]
+[B<-pkeyopt opt:value>]
+[B<-genparam>]
+[B<-text>]
+
+=head1 DESCRIPTION
+
+The B<genpkey> command generates a private key.
+
+=head1 OPTIONS
+
+=over 4
+
+=item B<-out filename>
+
+the output filename. If this argument is not specified then standard output is
+used.
+
+=item B<-outform DER|PEM>
+
+This specifies the output format DER or PEM.
+
+=item B<-pass arg>
+
+the output file password source. For more information about the format of B<arg>
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+
+=item B<-cipher>
+
+This option encrypts the private key with the supplied cipher. Any algorithm
+name accepted by EVP_get_cipherbyname() is acceptable such as B<des3>.
+
+=item B<-engine id>
+
+specifying an engine (by its unique B<id> string) will cause B<genpkey>
+to attempt to obtain a functional reference to the specified engine,
+thus initialising it if needed. The engine will then be set as the default
+for all available algorithms. If used this option should precede all other
+options.
+
+=item B<-algorithm alg>
+
+public key algorithm to use such as RSA, DSA or DH. If used this option must
+precede any B<-pkeyopt> options. The options B<-paramfile> and B<-algorithm>
+are mutually exclusive.
+
+=item B<-pkeyopt opt:value>
+
+set the public key algorithm option B<opt> to B<value>. The precise set of
+options supported depends on the public key algorithm used and its
+implementation. See B<KEY GENERATION OPTIONS> below for more details.
+
+=item B<-genparam>
+
+generate a set of parameters instead of a private key. If used this option must
+precede and B<-algorithm>, B<-paramfile> or B<-pkeyopt> options.
+
+=item B<-paramfile filename>
+
+Some public key algorithms generate a private key based on a set of parameters.
+They can be supplied using this option. If this option is used the public key
+algorithm used is determined by the parameters. If used this option must
+precede and B<-pkeyopt> options. The options B<-paramfile> and B<-algorithm>
+are mutually exclusive.
+
+=item B<-text>
+
+Print an (unencrypted) text representation of private and public keys and
+parameters along with the PEM or DER structure.
+
+=back
+
+=head1 KEY GENERATION OPTIONS
+
+The options supported by each algorith and indeed each implementation of an
+algorithm can vary. The options for the OpenSSL implementations are detailed
+below.
+
+=head1 RSA KEY GENERATION OPTIONS
+
+=over 4
+
+=item B<rsa_keygen_bits:numbits>
+
+The number of bits in the generated key. If not specified 1024 is used.
+
+=item B<rsa_keygen_pubexp:value>
+
+The RSA public exponent value. This can be a large decimal or
+hexadecimal value if preceded by B<0x>. Default value is 65537.
+
+=back
+
+=head1 DSA PARAMETER GENERATION OPTIONS
+
+=over 4
+
+=item B<dsa_paramgen_bits:numbits>
+
+The number of bits in the generated parameters. If not specified 1024 is used.
+
+=back
+
+=head1 DH PARAMETER GENERATION OPTIONS
+
+=over 4
+
+=item B<dh_paramgen_prime_len:numbits>
+
+The number of bits in the prime parameter B<p>.
+
+=item B<dh_paramgen_generator:value>
+
+The value to use for the generator B<g>.
+
+=back
+
+=head1 EC PARAMETER GENERATION OPTIONS
+
+=over 4
+
+=item B<ec_paramgen_curve:curve>
+
+the EC curve to use.
+
+=back
+
+=head1 GOST2001 KEY GENERATION AND PARAMETER OPTIONS
+
+Gost 2001 support is not enabled by default. To enable this algorithm,
+one should load the ccgost engine in the OpenSSL configuration file.
+See README.gost file in the engines/ccgost directiry of the source
+distribution for more details.
+
+Use of a parameter file for the GOST R 34.10 algorithm is optional.
+Parameters can be specified during key generation directly as well as
+during generation of parameter file.
+
+=over 4
+
+=item B<paramset:name>
+
+Specifies GOST R 34.10-2001 parameter set according to RFC 4357.
+Parameter set can be specified using abbreviated name, object short name or
+numeric OID. Following parameter sets are supported:
+
+ paramset OID Usage
+ A 1.2.643.2.2.35.1 Signature
+ B 1.2.643.2.2.35.2 Signature
+ C 1.2.643.2.2.35.3 Signature
+ XA 1.2.643.2.2.36.0 Key exchange
+ XB 1.2.643.2.2.36.1 Key exchange
+ test 1.2.643.2.2.35.0 Test purposes
+
+=back
+
+
+
+=head1 NOTES
+
+The use of the genpkey program is encouraged over the algorithm specific
+utilities because additional algorithm options and ENGINE provided algorithms
+can be used.
+
+=head1 EXAMPLES
+
+Generate an RSA private key using default parameters:
+
+ openssl genpkey -algorithm RSA -out key.pem
+
+Encrypt output private key using 128 bit AES and the passphrase "hello":
+
+ openssl genpkey -algorithm RSA -out key.pem -aes-128-cbc -pass pass:hello
+
+Generate a 2048 bit RSA key using 3 as the public exponent:
+
+ openssl genpkey -algorithm RSA -out key.pem -pkeyopt rsa_keygen_bits:2048 \
+ -pkeyopt rsa_keygen_pubexp:3
+
+Generate 1024 bit DSA parameters:
+
+ openssl genpkey -genparam -algorithm DSA -out dsap.pem \
+ -pkeyopt dsa_paramgen_bits:1024
+
+Generate DSA key from parameters:
+
+ openssl genpkey -paramfile dsap.pem -out dsakey.pem
+
+Generate 1024 bit DH parameters:
+
+ openssl genpkey -genparam -algorithm DH -out dhp.pem \
+ -pkeyopt dh_paramgen_prime_len:1024
+
+Generate DH key from parameters:
+
+ openssl genpkey -paramfile dhp.pem -out dhkey.pem
+
+
+=cut
+
Modified: trunk/crypto/openssl/doc/apps/genrsa.pod
===================================================================
--- trunk/crypto/openssl/doc/apps/genrsa.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/apps/genrsa.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -69,7 +69,7 @@
=item B<-engine id>
-specifying an engine (by it's unique B<id> string) will cause B<req>
+specifying an engine (by its unique B<id> string) will cause B<genrsa>
to attempt to obtain a functional reference to the specified engine,
thus initialising it if needed. The engine will then be set as the default
for all available algorithms.
Modified: trunk/crypto/openssl/doc/apps/ocsp.pod
===================================================================
--- trunk/crypto/openssl/doc/apps/ocsp.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/apps/ocsp.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -29,6 +29,7 @@
[B<-path>]
[B<-CApath dir>]
[B<-CAfile file>]
+[B<-no_alt_chains>]]
[B<-VAfile file>]
[B<-validity_period n>]
[B<-status_age n>]
@@ -40,6 +41,7 @@
[B<-no_cert_verify>]
[B<-no_chain>]
[B<-no_cert_checks>]
+[B<-no_explicit>]
[B<-port num>]
[B<-index file>]
[B<-CA file>]
@@ -51,6 +53,7 @@
[B<-ndays n>]
[B<-resp_key_id>]
[B<-nrequest n>]
+[B<-md5|-sha1|...>]
=head1 DESCRIPTION
@@ -132,11 +135,19 @@
B<hostname> on port B<port>. B<path> specifies the HTTP path name to use
or "/" by default.
+=item B<-timeout seconds>
+
+connection timeout to the OCSP responder in seconds
+
=item B<-CAfile file>, B<-CApath pathname>
file or pathname containing trusted CA certificates. These are used to verify
the signature on the OCSP response.
+=item B<-no_alt_chains>
+
+See L<B<verify>|verify(1)> manual page for details.
+
=item B<-verify_other file>
file containing additional certificates to search when attempting to locate
@@ -184,6 +195,10 @@
do not use certificates in the response as additional untrusted CA
certificates.
+=item B<-no_explicit>
+
+do not explicitly trust the root CA if it is set to be trusted for OCSP signing.
+
=item B<-no_cert_checks>
don't perform any additional checks on the OCSP response signers certificate.
@@ -206,6 +221,11 @@
is checked to see it is not older than B<age> seconds old. By default this additional
check is not performed.
+=item B<-md5|-sha1|-sha256|-ripemod160|...>
+
+this option sets digest algorithm to use for certificate identification
+in the OCSP request. By default SHA-1 is used.
+
=back
=head1 OCSP SERVER OPTIONS
@@ -291,8 +311,9 @@
extended key usage is present in the OCSP responder certificate then the
OCSP verify succeeds.
-Otherwise the root CA of the OCSP responders CA is checked to see if it
-is trusted for OCSP signing. If it is the OCSP verify succeeds.
+Otherwise, if B<-no_explicit> is B<not> set the root CA of the OCSP responders
+CA is checked to see if it is trusted for OCSP signing. If it is the OCSP
+verify succeeds.
If none of these checks is successful then the OCSP verify fails.
@@ -363,3 +384,9 @@
openssl ocsp -index demoCA/index.txt -rsigner rcert.pem -CA demoCA/cacert.pem
-reqin req.der -respout resp.der
+
+=head1 HISTORY
+
+The -no_alt_chains options was first added to OpenSSL 1.0.1n and 1.0.2b.
+
+=cut
Modified: trunk/crypto/openssl/doc/apps/openssl.pod
===================================================================
--- trunk/crypto/openssl/doc/apps/openssl.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/apps/openssl.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -12,7 +12,7 @@
[ I<command_opts> ]
[ I<command_args> ]
-B<openssl> [ B<list-standard-commands> | B<list-message-digest-commands> | B<list-cipher-commands> ]
+B<openssl> [ B<list-standard-commands> | B<list-message-digest-commands> | B<list-cipher-commands> | B<list-cipher-algorithms> | B<list-message-digest-algorithms> | B<list-public-key-algorithms>]
B<openssl> B<no->I<XXX> [ I<arbitrary options> ]
@@ -26,12 +26,14 @@
cryptography functions of OpenSSL's B<crypto> library from the shell.
It can be used for
- o Creation of RSA, DH and DSA key parameters
+ o Creation and management of private keys, public keys and parameters
+ o Public key cryptographic operations
o Creation of X.509 certificates, CSRs and CRLs
o Calculation of Message Digests
o Encryption and Decryption with Ciphers
o SSL/TLS Client and Server Tests
o Handling of S/MIME signed or encrypted mail
+ o Time Stamp requests, generation and verification
=head1 COMMAND SUMMARY
@@ -44,6 +46,14 @@
of all standard commands, message digest commands, or cipher commands,
respectively, that are available in the present B<openssl> utility.
+The pseudo-commands B<list-cipher-algorithms> and
+B<list-message-digest-algorithms> list all cipher and message digest names, one entry per line. Aliases are listed as:
+
+ from => to
+
+The pseudo-command B<list-public-key-algorithms> lists all supported public
+key algorithms.
+
The pseudo-command B<no->I<XXX> tests whether a command of the
specified name is available. If no command named I<XXX> exists, it
returns 0 (success) and prints B<no->I<XXX>; otherwise it returns 1
@@ -71,6 +81,10 @@
Cipher Suite Description Determination.
+=item L<B<cms>|cms(1)>
+
+CMS (Cryptographic Message Syntax) utility
+
=item L<B<crl>|crl(1)>
Certificate Revocation List (CRL) Management.
@@ -88,6 +102,12 @@
Diffie-Hellman Parameter Management.
Obsoleted by L<B<dhparam>|dhparam(1)>.
+=item L<B<dhparam>|dhparam(1)>
+
+Generation and Management of Diffie-Hellman Parameters. Superseded by
+L<B<genpkey>|genpkey(1)> and L<B<pkeyparam>|pkeyparam(1)>
+
+
=item L<B<dsa>|dsa(1)>
DSA Data Management.
@@ -94,20 +114,29 @@
=item L<B<dsaparam>|dsaparam(1)>
-DSA Parameter Generation.
+DSA Parameter Generation and Management. Superseded by
+L<B<genpkey>|genpkey(1)> and L<B<pkeyparam>|pkeyparam(1)>
+=item L<B<ec>|ec(1)>
+
+EC (Elliptic curve) key processing
+
+=item L<B<ecparam>|ecparam(1)>
+
+EC parameter manipulation and generation
+
=item L<B<enc>|enc(1)>
Encoding with Ciphers.
+=item L<B<engine>|engine(1)>
+
+Engine (loadble module) information and manipulation.
+
=item L<B<errstr>|errstr(1)>
Error Number to Error String Conversion.
-=item L<B<dhparam>|dhparam(1)>
-
-Generation and Management of Diffie-Hellman Parameters.
-
=item B<gendh>
Generation of Diffie-Hellman Parameters.
@@ -115,12 +144,21 @@
=item L<B<gendsa>|gendsa(1)>
-Generation of DSA Parameters.
+Generation of DSA Private Key from Parameters. Superseded by
+L<B<genpkey>|genpkey(1)> and L<B<pkey>|pkey(1)>
+=item L<B<genpkey>|genpkey(1)>
+
+Generation of Private Key or Parameters.
+
=item L<B<genrsa>|genrsa(1)>
-Generation of RSA Parameters.
+Generation of RSA Private Key. Superceded by L<B<genpkey>|genpkey(1)>.
+=item L<B<nseq>|nseq(1)>
+
+Create or examine a netscape certificate sequence
+
=item L<B<ocsp>|ocsp(1)>
Online Certificate Status Protocol utility.
@@ -137,6 +175,18 @@
PKCS#7 Data Management.
+=item L<B<pkey>|pkey(1)>
+
+Public and private key management.
+
+=item L<B<pkeyparam>|pkeyparam(1)>
+
+Public key algorithm parameter management.
+
+=item L<B<pkeyutl>|pkeyutl(1)>
+
+Public key algorithm cryptographic operation utility.
+
=item L<B<rand>|rand(1)>
Generate pseudo-random bytes.
@@ -143,15 +193,17 @@
=item L<B<req>|req(1)>
-X.509 Certificate Signing Request (CSR) Management.
+PKCS#10 X.509 Certificate Signing Request (CSR) Management.
=item L<B<rsa>|rsa(1)>
-RSA Data Management.
+RSA key management.
+
=item L<B<rsautl>|rsautl(1)>
-RSA utility for signing, verification, encryption, and decryption.
+RSA utility for signing, verification, encryption, and decryption. Superseded
+by L<B<pkeyutl>|pkeyutl(1)>
=item L<B<s_client>|s_client(1)>
@@ -185,6 +237,14 @@
Algorithm Speed Measurement.
+=item L<B<spkac>|spkac(1)>
+
+SPKAC printing and generating utility
+
+=item L<B<ts>|ts(1)>
+
+Time Stamping Authority tool (client/server)
+
=item L<B<verify>|verify(1)>
X.509 Certificate Verification.
@@ -339,7 +399,7 @@
L<asn1parse(1)|asn1parse(1)>, L<ca(1)|ca(1)>, L<config(5)|config(5)>,
L<crl(1)|crl(1)>, L<crl2pkcs7(1)|crl2pkcs7(1)>, L<dgst(1)|dgst(1)>,
L<dhparam(1)|dhparam(1)>, L<dsa(1)|dsa(1)>, L<dsaparam(1)|dsaparam(1)>,
-L<enc(1)|enc(1)>, L<gendsa(1)|gendsa(1)>,
+L<enc(1)|enc(1)>, L<gendsa(1)|gendsa(1)>, L<genpkey(1)|genpkey(1)>,
L<genrsa(1)|genrsa(1)>, L<nseq(1)|nseq(1)>, L<openssl(1)|openssl(1)>,
L<passwd(1)|passwd(1)>,
L<pkcs12(1)|pkcs12(1)>, L<pkcs7(1)|pkcs7(1)>, L<pkcs8(1)|pkcs8(1)>,
@@ -348,12 +408,13 @@
L<s_server(1)|s_server(1)>, L<s_time(1)|s_time(1)>,
L<smime(1)|smime(1)>, L<spkac(1)|spkac(1)>,
L<verify(1)|verify(1)>, L<version(1)|version(1)>, L<x509(1)|x509(1)>,
-L<crypto(3)|crypto(3)>, L<ssl(3)|ssl(3)>
+L<crypto(3)|crypto(3)>, L<ssl(3)|ssl(3)>, L<x509v3_config(5)|x509v3_config(5)>
=head1 HISTORY
The openssl(1) document appeared in OpenSSL 0.9.2.
The B<list->I<XXX>B<-commands> pseudo-commands were added in OpenSSL 0.9.3;
+The B<list->I<XXX>B<-algorithms> pseudo-commands were added in OpenSSL 1.0.0;
the B<no->I<XXX> pseudo-commands were added in OpenSSL 0.9.5a.
For notes on the availability of other commands, see their individual
manual pages.
Modified: trunk/crypto/openssl/doc/apps/pkcs12.pod
===================================================================
--- trunk/crypto/openssl/doc/apps/pkcs12.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/apps/pkcs12.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -23,16 +23,14 @@
[B<-cacerts>]
[B<-nokeys>]
[B<-info>]
-[B<-des>]
-[B<-des3>]
-[B<-idea>]
-[B<-nodes>]
+[B<-des | -des3 | -idea | -aes128 | -aes192 | -aes256 | -camellia128 | -camellia192 | -camellia256 | -nodes>]
[B<-noiter>]
-[B<-maciter>]
+[B<-maciter | -nomaciter | -nomac>]
[B<-twopass>]
[B<-descert>]
-[B<-certpbe>]
-[B<-keypbe>]
+[B<-certpbe cipher>]
+[B<-keypbe cipher>]
+[B<-macalg digest>]
[B<-keyex>]
[B<-keysig>]
[B<-password arg>]
@@ -39,6 +37,9 @@
[B<-passin arg>]
[B<-passout arg>]
[B<-rand file(s)>]
+[B<-CAfile file>]
+[B<-CApath dir>]
+[B<-CSP name>]
=head1 DESCRIPTION
@@ -49,7 +50,7 @@
=head1 COMMAND OPTIONS
There are a lot of options the meaning of some depends of whether a PKCS#12 file
-is being created or parsed. By default a PKCS#12 file is parsed a PKCS#12
+is being created or parsed. By default a PKCS#12 file is parsed. A PKCS#12
file can be created by using the B<-export> option (see below).
=head1 PARSING OPTIONS
@@ -63,25 +64,30 @@
=item B<-out filename>
-The filename to write certificates and private keys to, standard output by default.
-They are all written in PEM format.
+The filename to write certificates and private keys to, standard output by
+default. They are all written in PEM format.
-=item B<-pass arg>, B<-passin arg>
+=item B<-passin arg>
-the PKCS#12 file (i.e. input file) password source. For more information about the
-format of B<arg> see the B<PASS PHRASE ARGUMENTS> section in
+the PKCS#12 file (i.e. input file) password source. For more information about
+the format of B<arg> see the B<PASS PHRASE ARGUMENTS> section in
L<openssl(1)|openssl(1)>.
=item B<-passout arg>
-pass phrase source to encrypt any outputed private keys with. For more information
-about the format of B<arg> see the B<PASS PHRASE ARGUMENTS> section in
-L<openssl(1)|openssl(1)>.
+pass phrase source to encrypt any outputted private keys with. For more
+information about the format of B<arg> see the B<PASS PHRASE ARGUMENTS> section
+in L<openssl(1)|openssl(1)>.
+=item B<-password arg>
+
+With -export, -password is equivalent to -passout.
+Otherwise, -password is equivalent to -passin.
+
=item B<-noout>
-this option inhibits output of the keys and certificates to the output file version
-of the PKCS#12 file.
+this option inhibits output of the keys and certificates to the output file
+version of the PKCS#12 file.
=item B<-clcerts>
@@ -116,6 +122,14 @@
use IDEA to encrypt private keys before outputting.
+=item B<-aes128>, B<-aes192>, B<-aes256>
+
+use AES to encrypt private keys before outputting.
+
+=item B<-camellia128>, B<-camellia192>, B<-camellia256>
+
+use Camellia to encrypt private keys before outputting.
+
=item B<-nodes>
don't encrypt the private keys at all.
@@ -148,10 +162,10 @@
=item B<-in filename>
-The filename to read certificates and private keys from, standard input by default.
-They must all be in PEM format. The order doesn't matter but one private key and
-its corresponding certificate should be present. If additional certificates are
-present they will also be included in the PKCS#12 file.
+The filename to read certificates and private keys from, standard input by
+default. They must all be in PEM format. The order doesn't matter but one
+private key and its corresponding certificate should be present. If additional
+certificates are present they will also be included in the PKCS#12 file.
=item B<-inkey filename>
@@ -160,8 +174,8 @@
=item B<-name friendlyname>
-This specifies the "friendly name" for the certificate and private key. This name
-is typically displayed in list boxes by software importing the file.
+This specifies the "friendly name" for the certificate and private key. This
+name is typically displayed in list boxes by software importing the file.
=item B<-certfile filename>
@@ -201,9 +215,11 @@
=item B<-keypbe alg>, B<-certpbe alg>
these options allow the algorithm used to encrypt the private key and
-certificates to be selected. Although any PKCS#5 v1.5 or PKCS#12 algorithms
-can be selected it is advisable only to use PKCS#12 algorithms. See the list
-in the B<NOTES> section for more information.
+certificates to be selected. Any PKCS#5 v1.5 or PKCS#12 PBE algorithm name
+can be used (see B<NOTES> section for more information). If a a cipher name
+(as output by the B<list-cipher-algorithms> command is specified then it
+is used with PKCS#5 v2.0. For interoperability reasons it is advisable to only
+use PKCS#12 algorithms.
=item B<-keyex|-keysig>
@@ -216,6 +232,10 @@
authentication, however due to a bug only MSIE 5.0 and later support
the use of signing only keys for SSL client authentication.
+=item B<-macalg digest>
+
+specify the MAC digest algorithm. If not included them SHA1 will be used.
+
=item B<-nomaciter>, B<-noiter>
these options affect the iteration counts on the MAC and key algorithms.
@@ -239,6 +259,10 @@
This option is included for compatibility with previous versions, it used
to be needed to use MAC iterations counts but they are now used by default.
+=item B<-nomac>
+
+don't attempt to provide the MAC integrity.
+
=item B<-rand file(s)>
a file or files containing random data used to seed the random number
@@ -247,6 +271,20 @@
The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
all others.
+=item B<-CAfile file>
+
+CA storage as a file.
+
+=item B<-CApath dir>
+
+CA storage as a directory. This directory must be a standard certificate
+directory: that is a hash of each subject name (using B<x509 -hash>) should be
+linked to each certificate.
+
+=item B<-CSP name>
+
+write B<name> as a Microsoft CSP name.
+
=back
=head1 NOTES
Modified: trunk/crypto/openssl/doc/apps/pkcs7.pod
===================================================================
--- trunk/crypto/openssl/doc/apps/pkcs7.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/apps/pkcs7.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -62,7 +62,7 @@
=item B<-engine id>
-specifying an engine (by it's unique B<id> string) will cause B<req>
+specifying an engine (by its unique B<id> string) will cause B<pkcs7>
to attempt to obtain a functional reference to the specified engine,
thus initialising it if needed. The engine will then be set as the default
for all available algorithms.
Modified: trunk/crypto/openssl/doc/apps/pkcs8.pod
===================================================================
--- trunk/crypto/openssl/doc/apps/pkcs8.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/apps/pkcs8.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -125,7 +125,7 @@
=item B<-engine id>
-specifying an engine (by it's unique B<id> string) will cause B<req>
+specifying an engine (by its unique B<id> string) will cause B<pkcs8>
to attempt to obtain a functional reference to the specified engine,
thus initialising it if needed. The engine will then be set as the default
for all available algorithms.
Copied: trunk/crypto/openssl/doc/apps/pkey.pod (from rev 7117, vendor-crypto/openssl/dist/doc/apps/pkey.pod)
===================================================================
--- trunk/crypto/openssl/doc/apps/pkey.pod (rev 0)
+++ trunk/crypto/openssl/doc/apps/pkey.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,135 @@
+
+=pod
+
+=head1 NAME
+
+pkey - public or private key processing tool
+
+=head1 SYNOPSIS
+
+B<openssl> B<pkey>
+[B<-inform PEM|DER>]
+[B<-outform PEM|DER>]
+[B<-in filename>]
+[B<-passin arg>]
+[B<-out filename>]
+[B<-passout arg>]
+[B<-cipher>]
+[B<-text>]
+[B<-text_pub>]
+[B<-noout>]
+[B<-pubin>]
+[B<-pubout>]
+[B<-engine id>]
+
+=head1 DESCRIPTION
+
+The B<pkey> command processes public or private keys. They can be converted
+between various forms and their components printed out.
+
+=head1 COMMAND OPTIONS
+
+=over 4
+
+=item B<-inform DER|PEM>
+
+This specifies the input format DER or PEM.
+
+=item B<-outform DER|PEM>
+
+This specifies the output format, the options have the same meaning as the
+B<-inform> option.
+
+=item B<-in filename>
+
+This specifies the input filename to read a key from or standard input if this
+option is not specified. If the key is encrypted a pass phrase will be
+prompted for.
+
+=item B<-passin arg>
+
+the input file password source. For more information about the format of B<arg>
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+
+=item B<-out filename>
+
+This specifies the output filename to write a key to or standard output if this
+option is not specified. If any encryption options are set then a pass phrase
+will be prompted for. The output filename should B<not> be the same as the input
+filename.
+
+=item B<-passout password>
+
+the output file password source. For more information about the format of B<arg>
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+
+=item B<-cipher>
+
+These options encrypt the private key with the supplied cipher. Any algorithm
+name accepted by EVP_get_cipherbyname() is acceptable such as B<des3>.
+
+=item B<-text>
+
+prints out the various public or private key components in
+plain text in addition to the encoded version.
+
+=item B<-text_pub>
+
+print out only public key components even if a private key is being processed.
+
+=item B<-noout>
+
+do not output the encoded version of the key.
+
+=item B<-pubin>
+
+by default a private key is read from the input file: with this
+option a public key is read instead.
+
+=item B<-pubout>
+
+by default a private key is output: with this option a public
+key will be output instead. This option is automatically set if
+the input is a public key.
+
+=item B<-engine id>
+
+specifying an engine (by its unique B<id> string) will cause B<pkey>
+to attempt to obtain a functional reference to the specified engine,
+thus initialising it if needed. The engine will then be set as the default
+for all available algorithms.
+
+=back
+
+=head1 EXAMPLES
+
+To remove the pass phrase on an RSA private key:
+
+ openssl pkey -in key.pem -out keyout.pem
+
+To encrypt a private key using triple DES:
+
+ openssl pkey -in key.pem -des3 -out keyout.pem
+
+To convert a private key from PEM to DER format:
+
+ openssl pkey -in key.pem -outform DER -out keyout.der
+
+To print out the components of a private key to standard output:
+
+ openssl pkey -in key.pem -text -noout
+
+To print out the public components of a private key to standard output:
+
+ openssl pkey -in key.pem -text_pub -noout
+
+To just output the public part of a private key:
+
+ openssl pkey -in key.pem -pubout -out pubkey.pem
+
+=head1 SEE ALSO
+
+L<genpkey(1)|genpkey(1)>, L<rsa(1)|rsa(1)>, L<pkcs8(1)|pkcs8(1)>,
+L<dsa(1)|dsa(1)>, L<genrsa(1)|genrsa(1)>, L<gendsa(1)|gendsa(1)>
+
+=cut
Copied: trunk/crypto/openssl/doc/apps/pkeyparam.pod (from rev 7117, vendor-crypto/openssl/dist/doc/apps/pkeyparam.pod)
===================================================================
--- trunk/crypto/openssl/doc/apps/pkeyparam.pod (rev 0)
+++ trunk/crypto/openssl/doc/apps/pkeyparam.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,69 @@
+
+=pod
+
+=head1 NAME
+
+pkeyparam - public key algorithm parameter processing tool
+
+=head1 SYNOPSIS
+
+B<openssl> B<pkeyparam>
+[B<-in filename>]
+[B<-out filename>]
+[B<-text>]
+[B<-noout>]
+[B<-engine id>]
+
+=head1 DESCRIPTION
+
+The B<pkey> command processes public or private keys. They can be converted
+between various forms and their components printed out.
+
+=head1 COMMAND OPTIONS
+
+=over 4
+
+=item B<-in filename>
+
+This specifies the input filename to read parameters from or standard input if
+this option is not specified.
+
+=item B<-out filename>
+
+This specifies the output filename to write parameters to or standard output if
+this option is not specified.
+
+=item B<-text>
+
+prints out the parameters in plain text in addition to the encoded version.
+
+=item B<-noout>
+
+do not output the encoded version of the parameters.
+
+=item B<-engine id>
+
+specifying an engine (by its unique B<id> string) will cause B<pkeyparam>
+to attempt to obtain a functional reference to the specified engine,
+thus initialising it if needed. The engine will then be set as the default
+for all available algorithms.
+
+=back
+
+=head1 EXAMPLE
+
+Print out text version of parameters:
+
+ openssl pkeyparam -in param.pem -text
+
+=head1 NOTES
+
+There are no B<-inform> or B<-outform> options for this command because only
+PEM format is supported because the key type is determined by the PEM headers.
+
+=head1 SEE ALSO
+
+L<genpkey(1)|genpkey(1)>, L<rsa(1)|rsa(1)>, L<pkcs8(1)|pkcs8(1)>,
+L<dsa(1)|dsa(1)>, L<genrsa(1)|genrsa(1)>, L<gendsa(1)|gendsa(1)>
+
+=cut
Copied: trunk/crypto/openssl/doc/apps/pkeyutl.pod (from rev 7117, vendor-crypto/openssl/dist/doc/apps/pkeyutl.pod)
===================================================================
--- trunk/crypto/openssl/doc/apps/pkeyutl.pod (rev 0)
+++ trunk/crypto/openssl/doc/apps/pkeyutl.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,222 @@
+=pod
+
+=head1 NAME
+
+pkeyutl - public key algorithm utility
+
+=head1 SYNOPSIS
+
+B<openssl> B<pkeyutl>
+[B<-in file>]
+[B<-out file>]
+[B<-sigfile file>]
+[B<-inkey file>]
+[B<-keyform PEM|DER>]
+[B<-passin arg>]
+[B<-peerkey file>]
+[B<-peerform PEM|DER>]
+[B<-pubin>]
+[B<-certin>]
+[B<-rev>]
+[B<-sign>]
+[B<-verify>]
+[B<-verifyrecover>]
+[B<-encrypt>]
+[B<-decrypt>]
+[B<-derive>]
+[B<-pkeyopt opt:value>]
+[B<-hexdump>]
+[B<-asn1parse>]
+[B<-engine id>]
+
+=head1 DESCRIPTION
+
+The B<pkeyutl> command can be used to perform public key operations using
+any supported algorithm.
+
+=head1 COMMAND OPTIONS
+
+=over 4
+
+=item B<-in filename>
+
+This specifies the input filename to read data from or standard input
+if this option is not specified.
+
+=item B<-out filename>
+
+specifies the output filename to write to or standard output by
+default.
+
+=item B<-inkey file>
+
+the input key file, by default it should be a private key.
+
+=item B<-keyform PEM|DER>
+
+the key format PEM, DER or ENGINE.
+
+=item B<-passin arg>
+
+the input key password source. For more information about the format of B<arg>
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+
+
+=item B<-peerkey file>
+
+the peer key file, used by key derivation (agreement) operations.
+
+=item B<-peerform PEM|DER>
+
+the peer key format PEM, DER or ENGINE.
+
+=item B<-engine id>
+
+specifying an engine (by its unique B<id> string) will cause B<pkeyutl>
+to attempt to obtain a functional reference to the specified engine,
+thus initialising it if needed. The engine will then be set as the default
+for all available algorithms.
+
+
+=item B<-pubin>
+
+the input file is a public key.
+
+=item B<-certin>
+
+the input is a certificate containing a public key.
+
+=item B<-rev>
+
+reverse the order of the input buffer. This is useful for some libraries
+(such as CryptoAPI) which represent the buffer in little endian format.
+
+=item B<-sign>
+
+sign the input data and output the signed result. This requires
+a private key.
+
+=item B<-verify>
+
+verify the input data against the signature file and indicate if the
+verification succeeded or failed.
+
+=item B<-verifyrecover>
+
+verify the input data and output the recovered data.
+
+=item B<-encrypt>
+
+encrypt the input data using a public key.
+
+=item B<-decrypt>
+
+decrypt the input data using a private key.
+
+=item B<-derive>
+
+derive a shared secret using the peer key.
+
+=item B<-hexdump>
+
+hex dump the output data.
+
+=item B<-asn1parse>
+
+asn1parse the output data, this is useful when combined with the
+B<-verifyrecover> option when an ASN1 structure is signed.
+
+=back
+
+=head1 NOTES
+
+The operations and options supported vary according to the key algorithm
+and its implementation. The OpenSSL operations and options are indicated below.
+
+Unless otherwise mentioned all algorithms support the B<digest:alg> option
+which specifies the digest in use for sign, verify and verifyrecover operations.
+The value B<alg> should represent a digest name as used in the
+EVP_get_digestbyname() function for example B<sha1>.
+
+=head1 RSA ALGORITHM
+
+The RSA algorithm supports encrypt, decrypt, sign, verify and verifyrecover
+operations in general. Some padding modes only support some of these
+operations however.
+
+=over 4
+
+=item -B<rsa_padding_mode:mode>
+
+This sets the RSA padding mode. Acceptable values for B<mode> are B<pkcs1> for
+PKCS#1 padding, B<sslv23> for SSLv23 padding, B<none> for no padding, B<oaep>
+for B<OAEP> mode, B<x931> for X9.31 mode and B<pss> for PSS.
+
+In PKCS#1 padding if the message digest is not set then the supplied data is
+signed or verified directly instead of using a B<DigestInfo> structure. If a
+digest is set then the a B<DigestInfo> structure is used and its the length
+must correspond to the digest type.
+
+For B<oeap> mode only encryption and decryption is supported.
+
+For B<x931> if the digest type is set it is used to format the block data
+otherwise the first byte is used to specify the X9.31 digest ID. Sign,
+verify and verifyrecover are can be performed in this mode.
+
+For B<pss> mode only sign and verify are supported and the digest type must be
+specified.
+
+=item B<rsa_pss_saltlen:len>
+
+For B<pss> mode only this option specifies the salt length. Two special values
+are supported: -1 sets the salt length to the digest length. When signing -2
+sets the salt length to the maximum permissible value. When verifying -2 causes
+the salt length to be automatically determined based on the B<PSS> block
+structure.
+
+=back
+
+=head1 DSA ALGORITHM
+
+The DSA algorithm supports signing and verification operations only. Currently
+there are no additional options other than B<digest>. Only the SHA1
+digest can be used and this digest is assumed by default.
+
+=head1 DH ALGORITHM
+
+The DH algorithm only supports the derivation operation and no additional
+options.
+
+=head1 EC ALGORITHM
+
+The EC algorithm supports sign, verify and derive operations. The sign and
+verify operations use ECDSA and derive uses ECDH. Currently there are no
+additional options other than B<digest>. Only the SHA1 digest can be used and
+this digest is assumed by default.
+
+=head1 EXAMPLES
+
+Sign some data using a private key:
+
+ openssl pkeyutl -sign -in file -inkey key.pem -out sig
+
+Recover the signed data (e.g. if an RSA key is used):
+
+ openssl pkeyutl -verifyrecover -in sig -inkey key.pem
+
+Verify the signature (e.g. a DSA key):
+
+ openssl pkeyutl -verify -in file -sigfile sig -inkey key.pem
+
+Sign data using a message digest value (this is currently only valid for RSA):
+
+ openssl pkeyutl -sign -in file -inkey key.pem -out sig -pkeyopt digest:sha256
+
+Derive a shared secret value:
+
+ openssl pkeyutl -derive -inkey key.pem -peerkey pubkey.pem -out secret
+
+=head1 SEE ALSO
+
+L<genpkey(1)|genpkey(1)>, L<pkey(1)|pkey(1)>, L<rsautl(1)|rsautl(1)>
+L<dgst(1)|dgst(1)>, L<rsa(1)|rsa(1)>, L<genrsa(1)|genrsa(1)>
Modified: trunk/crypto/openssl/doc/apps/req.pod
===================================================================
--- trunk/crypto/openssl/doc/apps/req.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/apps/req.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -22,12 +22,13 @@
[B<-new>]
[B<-rand file(s)>]
[B<-newkey rsa:bits>]
-[B<-newkey dsa:file>]
+[B<-newkey alg:file>]
[B<-nodes>]
[B<-key filename>]
[B<-keyform PEM|DER>]
[B<-keyout filename>]
-[B<-[md5|sha1|md2|mdc2]>]
+[B<-keygen_engine id>]
+[B<-[digest]>]
[B<-config filename>]
[B<-subj arg>]
[B<-multivalue-rdn>]
@@ -35,11 +36,15 @@
[B<-days n>]
[B<-set_serial n>]
[B<-asn1-kludge>]
+[B<-no-asn1-kludge>]
[B<-newhdr>]
[B<-extensions section>]
[B<-reqexts section>]
[B<-utf8>]
[B<-nameopt>]
+[B<-reqopt>]
+[B<-subject>]
+[B<-subj arg>]
[B<-batch>]
[B<-verbose>]
[B<-engine id>]
@@ -91,6 +96,11 @@
prints out the certificate request in text form.
+=item B<-subject>
+
+prints out the request subject (or certificate subject if B<-x509> is
+specified)
+
=item B<-pubkey>
outputs the public key.
@@ -118,6 +128,13 @@
If the B<-key> option is not used it will generate a new RSA private
key using information specified in the configuration file.
+=item B<-subj arg>
+
+Replaces subject field of input request with specified data and outputs
+modified request. The arg must be formatted as
+I</type0=value0/type1=value1/type2=...>,
+characters may be escaped by \ (backslash), no spaces are skipped.
+
=item B<-rand file(s)>
a file or files containing random data used to seed the random number
@@ -129,11 +146,36 @@
=item B<-newkey arg>
this option creates a new certificate request and a new private
-key. The argument takes one of two forms. B<rsa:nbits>, where
+key. The argument takes one of several forms. B<rsa:nbits>, where
B<nbits> is the number of bits, generates an RSA key B<nbits>
-in size. B<dsa:filename> generates a DSA key using the parameters
-in the file B<filename>.
+in size. If B<nbits> is omitted, i.e. B<-newkey rsa> specified,
+the default key size, specified in the configuration file is used.
+All other algorithms support the B<-newkey alg:file> form, where file may be
+an algorithm parameter file, created by the B<genpkey -genparam> command
+or and X.509 certificate for a key with approriate algorithm.
+
+B<param:file> generates a key using the parameter file or certificate B<file>,
+the algorithm is determined by the parameters. B<algname:file> use algorithm
+B<algname> and parameter file B<file>: the two algorithms must match or an
+error occurs. B<algname> just uses algorithm B<algname>, and parameters,
+if neccessary should be specified via B<-pkeyopt> parameter.
+
+B<dsa:filename> generates a DSA key using the parameters
+in the file B<filename>. B<ec:filename> generates EC key (usable both with
+ECDSA or ECDH algorithms), B<gost2001:filename> generates GOST R
+34.10-2001 key (requires B<ccgost> engine configured in the configuration
+file). If just B<gost2001> is specified a parameter set should be
+specified by B<-pkeyopt paramset:X>
+
+
+=item B<-pkeyopt opt:value>
+
+set the public key algorithm option B<opt> to B<value>. The precise set of
+options supported depends on the public key algorithm used and its
+implementation. See B<KEY GENERATION OPTIONS> in the B<genpkey> manual page
+for more details.
+
=item B<-key filename>
This specifies the file to read the private key from. It also
@@ -155,12 +197,16 @@
if this option is specified then if a private key is created it
will not be encrypted.
-=item B<-[md5|sha1|md2|mdc2]>
+=item B<-[digest]>
-this specifies the message digest to sign the request with. This
-overrides the digest algorithm specified in the configuration file.
-This option is ignored for DSA requests: they always use SHA1.
+this specifies the message digest to sign the request with (such as
+B<-md5>, B<-sha1>). This overrides the digest algorithm specified in
+the configuration file.
+Some public key algorithms may override this choice. For instance, DSA
+signatures always use SHA1, GOST R 34.10 signatures always use
+GOST R 34.11-94 (B<-md_gost94>).
+
=item B<-config filename>
this allows an alternative configuration file to be specified,
@@ -227,6 +273,15 @@
commas. Alternatively the B<-nameopt> switch may be used more than once to
set multiple options. See the L<x509(1)|x509(1)> manual page for details.
+=item B<-reqopt>
+
+customise the output format used with B<-text>. The B<option> argument can be
+a single option or multiple options separated by commas.
+
+See discission of the B<-certopt> parameter in the L<B<x509>|x509(1)>
+command.
+
+
=item B<-asn1-kludge>
by default the B<req> command outputs certificate requests containing
@@ -242,9 +297,13 @@
It should be noted that very few CAs still require the use of this option.
+=item B<-no-asn1-kludge>
+
+Reverses effect of B<-asn1-kludge>
+
=item B<-newhdr>
-Adds the word B<NEW> to the PEM file header and footer lines on the outputed
+Adds the word B<NEW> to the PEM file header and footer lines on the outputted
request. Some software (Netscape certificate server) and some CAs need this.
=item B<-batch>
@@ -257,11 +316,16 @@
=item B<-engine id>
-specifying an engine (by it's unique B<id> string) will cause B<req>
+specifying an engine (by its unique B<id> string) will cause B<req>
to attempt to obtain a functional reference to the specified engine,
thus initialising it if needed. The engine will then be set as the default
for all available algorithms.
+=item B<-keygen_engine id>
+
+specifies an engine (by its unique B<id> string) which would be used
+for key generation operations.
+
=back
=head1 CONFIGURATION FILE FORMAT
@@ -344,7 +408,9 @@
this specifies the configuration file section containing a list of
extensions to add to the certificate request. It can be overridden
-by the B<-reqexts> command line switch.
+by the B<-reqexts> command line switch. See the
+L<x509v3_config(5)|x509v3_config(5)> manual page for details of the
+extension section format.
=item B<x509_extensions>
@@ -606,6 +672,7 @@
=head1 SEE ALSO
L<x509(1)|x509(1)>, L<ca(1)|ca(1)>, L<genrsa(1)|genrsa(1)>,
-L<gendsa(1)|gendsa(1)>, L<config(5)|config(5)>
+L<gendsa(1)|gendsa(1)>, L<config(5)|config(5)>,
+L<x509v3_config(5)|x509v3_config(5)>
=cut
Modified: trunk/crypto/openssl/doc/apps/rsa.pod
===================================================================
--- trunk/crypto/openssl/doc/apps/rsa.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/apps/rsa.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -30,6 +30,8 @@
[B<-check>]
[B<-pubin>]
[B<-pubout>]
+[B<-RSAPublicKey_in>]
+[B<-RSAPublicKey_out>]
[B<-engine id>]
=head1 DESCRIPTION
@@ -124,9 +126,13 @@
key will be output instead. This option is automatically set if
the input is a public key.
+=item B<-RSAPublicKey_in>, B<-RSAPublicKey_out>
+
+like B<-pubin> and B<-pubout> except B<RSAPublicKey> format is used instead.
+
=item B<-engine id>
-specifying an engine (by it's unique B<id> string) will cause B<req>
+specifying an engine (by its unique B<id> string) will cause B<rsa>
to attempt to obtain a functional reference to the specified engine,
thus initialising it if needed. The engine will then be set as the default
for all available algorithms.
@@ -145,6 +151,11 @@
-----BEGIN PUBLIC KEY-----
-----END PUBLIC KEY-----
+The PEM B<RSAPublicKey> format uses the header and footer lines:
+
+ -----BEGIN RSA PUBLIC KEY-----
+ -----END RSA PUBLIC KEY-----
+
The B<NET> form is a format compatible with older Netscape servers
and Microsoft IIS .key files, this uses unsalted RC4 for its encryption.
It is not very secure and so should only be used when necessary.
@@ -179,6 +190,10 @@
openssl rsa -in key.pem -pubout -out pubkey.pem
+Output the public part of a private key in B<RSAPublicKey> format:
+
+ openssl rsa -in key.pem -RSAPublicKey_out -out pubkey.pem
+
=head1 BUGS
The command line password arguments don't currently work with
Modified: trunk/crypto/openssl/doc/apps/s_client.pod
===================================================================
--- trunk/crypto/openssl/doc/apps/s_client.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/apps/s_client.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -9,7 +9,9 @@
B<openssl> B<s_client>
[B<-connect host:port>]
+[B<-servername name>]
[B<-verify depth>]
+[B<-verify_return_error>]
[B<-cert filename>]
[B<-certform DER|PEM>]
[B<-key filename>]
@@ -17,22 +19,7 @@
[B<-pass arg>]
[B<-CApath directory>]
[B<-CAfile filename>]
-[B<-attime timestamp>]
-[B<-check_ss_sig>]
-[B<-crl_check>]
-[B<-crl_check_all>]
-[B<-explicit_policy>]
-[B<-ignore_critical>]
-[B<-inhibit_any>]
-[B<-inhibit_map>]
-[B<-issuer_checks>]
-[B<-policy arg>]
-[B<-policy_check>]
-[B<-policy_print>]
-[B<-purpose purpose>]
-[B<-use_deltas>]
-[B<-verify_depth num>]
-[B<-x509_strict>]
+[B<-no_alt_chains>]
[B<-reconnect>]
[B<-pause>]
[B<-showcerts>]
@@ -43,6 +30,7 @@
[B<-nbio>]
[B<-crlf>]
[B<-ign_eof>]
+[B<-no_ign_eof>]
[B<-quiet>]
[B<-ssl2>]
[B<-ssl3>]
@@ -50,11 +38,10 @@
[B<-no_ssl2>]
[B<-no_ssl3>]
[B<-no_tls1>]
-[B<-fallback_scsv>]
[B<-bugs>]
[B<-cipher cipherlist>]
+[B<-serverpref>]
[B<-starttls protocol>]
-[B<-xmpphost hostname>]
[B<-engine id>]
[B<-tlsextdebug>]
[B<-no_ticket>]
@@ -61,6 +48,8 @@
[B<-sess_out filename>]
[B<-sess_in filename>]
[B<-rand file(s)>]
+[B<-status>]
+[B<-nextprotoneg protocols>]
=head1 DESCRIPTION
@@ -70,11 +59,6 @@
=head1 OPTIONS
-In addition to the options below the B<s_client> utility also supports the
-common and client only options documented in the
-in the L<SSL_CONF_cmd(3)|SSL_CONF_cmd(3)/SUPPORTED COMMAND LINE COMMANDS>
-manual page.
-
=over 4
=item B<-connect host:port>
@@ -82,6 +66,10 @@
This specifies the host and optional port to connect to. If not specified
then an attempt is made to connect to the local host on port 4433.
+=item B<-servername name>
+
+Set the TLS SNI (Server Name Indication) extension in the ClientHello message.
+
=item B<-cert certname>
The certificate to use, if one is requested by the server. The default is
@@ -113,6 +101,11 @@
with a certificate chain can be seen. As a side effect the connection
will never fail due to a server certificate verify failure.
+=item B<-verify_return_error>
+
+Return verification errors instead of continuing. This will typically
+abort the handshake with a fatal error.
+
=item B<-CApath directory>
The directory to use for server certificate verification. This directory
@@ -124,13 +117,9 @@
A file containing trusted certificates to use during server authentication
and to use when attempting to build the client certificate chain.
-=item B<-attime>, B<-check_ss_sig>, B<-crl_check>, B<-crl_check_all>,
-B<explicit_policy>, B<-ignore_critical>, B<-inhibit_any>,
-B<-inhibit_map>, B<-issuer_checks>, B<-policy>,
-B<-policy_check>, B<-policy_print>, B<-purpose>,
-B<-use_deltas>, B<-verify_depth>, B<-x509_strict>
+=item B<-purpose, -ignore_critical, -issuer_checks, -crl_check, -crl_check_all, -policy_check, -extended_crl, -x509_strict, -policy -check_ss_sig -no_alt_chains>
-Set various certificate chain valiadition options. See the
+Set various certificate chain valiadition option. See the
L<B<verify>|verify(1)> manual page for details.
=item B<-reconnect>
@@ -193,6 +182,21 @@
inhibit printing of session and certificate information. This implicitly
turns on B<-ign_eof> as well.
+=item B<-no_ign_eof>
+
+shut down the connection when end of file is reached in the input.
+Can be used to override the implicit B<-ign_eof> after B<-quiet>.
+
+=item B<-psk_identity identity>
+
+Use the PSK identity B<identity> when using a PSK cipher suite.
+
+=item B<-psk key>
+
+Use the PSK key B<key> when using a PSK cipher suite. The key is
+given as a hexadecimal number without leading 0x, for example -psk
+1a2b3c4d.
+
=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>
these options disable the use of certain SSL or TLS protocols. By default
@@ -199,14 +203,11 @@
the initial handshake uses a method which should be compatible with all
servers and permit them to use SSL v3, SSL v2 or TLS as appropriate.
-Unfortunately there are still ancient and broken servers in use which
+Unfortunately there are a lot of ancient and broken servers in use which
cannot handle this technique and will fail to connect. Some servers only
-work if TLS is turned off.
+work if TLS is turned off with the B<-no_tls> option others will only
+support SSL v2 and may need the B<-ssl2> option.
-=item B<-fallback_scsv>
-
-Send TLS_FALLBACK_SCSV in the ClientHello.
-
=item B<-bugs>
there are several known bug in SSL and TLS implementations. Adding this
@@ -219,19 +220,16 @@
supported cipher in the list sent by the client. See the B<ciphers>
command for more information.
+=item B<-serverpref>
+
+use the server's cipher preferences; only used for SSLV2.
+
=item B<-starttls protocol>
send the protocol-specific message(s) to switch to TLS for communication.
B<protocol> is a keyword for the intended protocol. Currently, the only
-supported keywords are "smtp", "pop3", "imap", "ftp" and "xmpp".
+supported keywords are "smtp", "pop3", "imap", and "ftp".
-=item B<-xmpphost hostname>
-
-This option, when used with "-starttls xmpp", specifies the host for the
-"to" attribute of the stream element.
-If this option is not specified, then the host specified with "-connect"
-will be used.
-
=item B<-tlsextdebug>
print out a hex dump of any TLS extensions received from the server.
@@ -264,6 +262,22 @@
The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
all others.
+=item B<-status>
+
+sends a certificate status request to the server (OCSP stapling). The server
+response (if any) is printed out.
+
+=item B<-nextprotoneg protocols>
+
+enable Next Protocol Negotiation TLS extension and provide a list of
+comma-separated protocol names that the client should advertise
+support for. The list should contain most wanted protocols first.
+Protocol names are printable ASCII strings, for example "http/1.1" or
+"spdy/3".
+Empty list of protocols is treated specially and will cause the client to
+advertise support for the TLS extension but disconnect just after
+reciving ServerHello with a list of server supported protocols.
+
=back
=head1 CONNECTED COMMANDS
@@ -317,7 +331,8 @@
handshake after any certificate verification errors. As a result it will
accept any certificate chain (trusted or not) sent by the peer. None test
applications should B<not> do this as it makes them vulnerable to a MITM
-attack.
+attack. This behaviour can be changed by with the B<-verify_return_error>
+option: any verify errors are then returned aborting the handshake.
=head1 BUGS
@@ -333,4 +348,8 @@
L<sess_id(1)|sess_id(1)>, L<s_server(1)|s_server(1)>, L<ciphers(1)|ciphers(1)>
+=head1 HISTORY
+
+The -no_alt_chains options was first added to OpenSSL 1.0.1n and 1.0.2b.
+
=cut
Modified: trunk/crypto/openssl/doc/apps/s_server.pod
===================================================================
--- trunk/crypto/openssl/doc/apps/s_server.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/apps/s_server.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -33,6 +33,7 @@
[B<-state>]
[B<-CApath directory>]
[B<-CAfile filename>]
+[B<-no_alt_chains>]
[B<-nocert>]
[B<-cipher cipherlist>]
[B<-serverpref>]
@@ -45,6 +46,7 @@
[B<-no_ssl3>]
[B<-no_tls1>]
[B<-no_dhe>]
+[B<-no_ecdhe>]
[B<-bugs>]
[B<-hack>]
[B<-www>]
@@ -55,6 +57,11 @@
[B<-no_ticket>]
[B<-id_prefix arg>]
[B<-rand file(s)>]
+[B<-status>]
+[B<-status_verbose>]
+[B<-status_timeout nsec>]
+[B<-status_url url>]
+[B<-nextprotoneg protocols>]
=head1 DESCRIPTION
@@ -112,7 +119,7 @@
=item B<-dcertform format>, B<-dkeyform format>, B<-dpass arg>
-addtional certificate and private key format and passphrase respectively.
+additional certificate and private key format and passphrase respectively.
=item B<-nocert>
@@ -132,6 +139,11 @@
if this option is set then no DH parameters will be loaded effectively
disabling the ephemeral DH cipher suites.
+=item B<-no_ecdhe>
+
+if this option is set then no ECDH parameters will be loaded effectively
+disabling the ephemeral ECDH cipher suites.
+
=item B<-no_tmp_rsa>
certain export cipher suites sometimes use a temporary RSA key, this option
@@ -167,6 +179,10 @@
is also used in the list of acceptable client CAs passed to the client when
a certificate is requested.
+=item B<-no_alt_chains>
+
+See the L<B<verify>|verify(1)> manual page for details.
+
=item B<-state>
prints out the SSL session states.
@@ -195,6 +211,16 @@
inhibit printing of session and certificate information.
+=item B<-psk_hint hint>
+
+Use the PSK identity hint B<hint> when using a PSK cipher suite.
+
+=item B<-psk key>
+
+Use the PSK key B<key> when using a PSK cipher suite. The key is
+given as a hexadecimal number without leading 0x, for example -psk
+1a2b3c4d.
+
=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>
these options disable the use of certain SSL or TLS protocols. By default
@@ -254,7 +280,7 @@
=item B<-engine id>
-specifying an engine (by it's unique B<id> string) will cause B<s_server>
+specifying an engine (by its unique B<id> string) will cause B<s_server>
to attempt to obtain a functional reference to the specified engine,
thus initialising it if needed. The engine will then be set as the default
for all available algorithms.
@@ -274,6 +300,33 @@
The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
all others.
+=item B<-status>
+
+enables certificate status request support (aka OCSP stapling).
+
+=item B<-status_verbose>
+
+enables certificate status request support (aka OCSP stapling) and gives
+a verbose printout of the OCSP response.
+
+=item B<-status_timeout nsec>
+
+sets the timeout for OCSP response to B<nsec> seconds.
+
+=item B<-status_url url>
+
+sets a fallback responder URL to use if no responder URL is present in the
+server certificate. Without this option an error is returned if the server
+certificate does not contain a responder address.
+
+=item B<-nextprotoneg protocols>
+
+enable Next Protocol Negotiation TLS extension and provide a
+comma-separated list of supported protocol names.
+The list should contain most wanted protocols first.
+Protocol names are printable ASCII strings, for example "http/1.1" or
+"spdy/3".
+
=back
=head1 CONNECTED COMMANDS
@@ -333,9 +386,6 @@
The session parameters can printed out using the B<sess_id> program.
-TLS extensions are only supported in OpenSSL 0.9.8 if they are explictly
-enabled at compile time using for example the B<enable-tlsext> switch.
-
=head1 BUGS
Because this program has a lot of options and also because some of
@@ -353,4 +403,8 @@
L<sess_id(1)|sess_id(1)>, L<s_client(1)|s_client(1)>, L<ciphers(1)|ciphers(1)>
+=head1 HISTORY
+
+The -no_alt_chains options was first added to OpenSSL 1.0.1n and 1.0.2b.
+
=cut
Modified: trunk/crypto/openssl/doc/apps/smime.pod
===================================================================
--- trunk/crypto/openssl/doc/apps/smime.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/apps/smime.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -10,20 +10,12 @@
[B<-encrypt>]
[B<-decrypt>]
[B<-sign>]
+[B<-resign>]
[B<-verify>]
[B<-pk7out>]
-[B<-des>]
-[B<-des3>]
-[B<-rc2-40>]
-[B<-rc2-64>]
-[B<-rc2-128>]
-[B<-aes128>]
-[B<-aes192>]
-[B<-aes256>]
-[B<-camellia128>]
-[B<-camellia192>]
-[B<-camellia256>]
+[B<-[cipher]>]
[B<-in file>]
+[B<-no_alt_chains>]
[B<-certfile file>]
[B<-signer file>]
[B<-recip file>]
@@ -37,7 +29,11 @@
[B<-from ad>]
[B<-subject s>]
[B<-text>]
+[B<-indef>]
+[B<-noindef>]
+[B<-stream>]
[B<-rand file(s)>]
+[B<-md digest>]
[cert.pem]...
=head1 DESCRIPTION
@@ -47,7 +43,7 @@
=head1 COMMAND OPTIONS
-There are five operation options that set the type of operation to be performed.
+There are six operation options that set the type of operation to be performed.
The meaning of the other options varies according to the operation type.
=over 4
@@ -78,6 +74,10 @@
takes an input message and writes out a PEM encoded PKCS#7 structure.
+=item B<-resign>
+
+resign a message: take an existing message and one or more new signers.
+
=item B<-in filename>
the input message to be encrypted or signed or the MIME message to
@@ -106,6 +106,21 @@
structure, if no PKCS#7 structure is being output (for example with
B<-verify> or B<-decrypt>) this option has no effect.
+=item B<-stream -indef -noindef>
+
+the B<-stream> and B<-indef> options are equivalent and enable streaming I/O
+for encoding operations. This permits single pass processing of data without
+the need to hold the entire contents in memory, potentially supporting very
+large files. Streaming is automatically set for S/MIME signing with detached
+data if the output format is B<SMIME> it is currently off by default for all
+other operations.
+
+=item B<-noindef>
+
+disable streaming I/O where it would produce and indefinite length constructed
+encoding. This option currently has no effect. In future streaming will be
+enabled by default on all relevant operations and this option will disable it.
+
=item B<-content filename>
This specifies a file containing the detached content, this is only
@@ -132,10 +147,19 @@
is a hash of each subject name (using B<x509 -hash>) should be linked
to each certificate.
-=item B<-des -des3 -rc2-40 -rc2-64 -rc2-128 -aes128 -aes192 -aes256 -camellia128 -camellia192 -camellia256>
+=item B<-md digest>
-the encryption algorithm to use. DES (56 bits), triple DES (168 bits),
-40, 64 or 128 bit RC2, 128, 192 or 256 bit AES, or 128, 192 or 256 bit Camellia respectively.
+digest algorithm to use when signing or resigning. If not present then the
+default digest algorithm for the signing key will be used (usually SHA1).
+
+=item B<-[cipher]>
+
+the encryption algorithm to use. For example DES (56 bits) - B<-des>,
+triple DES (168 bits) - B<-des3>,
+EVP_get_cipherbyname() function) can also be used preceded by a dash, for
+example B<-aes_128_cbc>. See L<B<enc>|enc(1)> for list of ciphers
+supported by your version of OpenSSL.
+
If not specified triple DES is used. Only used with B<-encrypt>.
=item B<-nointern>
@@ -193,9 +217,10 @@
=item B<-signer file>
-the signers certificate when signing a message. If a message is
-being verified then the signers certificates will be written to this
-file if the verification was successful.
+a signing certificate when signing or resigning a message, this option can be
+used multiple times if more than one signer is required. If a message is being
+verified then the signers certificates will be written to this file if the
+verification was successful.
=item B<-recip file>
@@ -207,7 +232,8 @@
the private key to use when signing or decrypting. This must match the
corresponding certificate. If this option is not specified then the
private key must be included in the certificate file specified with
-the B<-recip> or B<-signer> file.
+the B<-recip> or B<-signer> file. When signing this option can be used
+multiple times to specify successive keys.
=item B<-passin arg>
@@ -234,6 +260,11 @@
then many S/MIME mail clients check the signers certificate's email
address matches that specified in the From: address.
+=item B<-purpose, -ignore_critical, -issuer_checks, -crl_check, -crl_check_all, -policy_check, -extended_crl, -x509_strict, -policy -check_ss_sig -no_alt_chains>
+
+Set various options of certificate chain verification. See
+L<B<verify>|verify(1)> manual page for details.
+
=back
=head1 NOTES
@@ -261,6 +292,19 @@
clients. Strictly speaking these process PKCS#7 enveloped data: PKCS#7
encrypted data is used for other purposes.
+The B<-resign> option uses an existing message digest when adding a new
+signer. This means that attributes must be present in at least one existing
+signer using the same message digest or this operation will fail.
+
+The B<-stream> and B<-indef> options enable experimental streaming I/O support.
+As a result the encoding is BER using indefinite length constructed encoding
+and no longer DER. Streaming is supported for the B<-encrypt> operation and the
+B<-sign> operation if the content is not detached.
+
+Streaming is always used for the B<-sign> operation with detached data but
+since the content is no longer part of the PKCS#7 structure the encoding
+remains DER.
+
=head1 EXIT CODES
=over 4
@@ -269,7 +313,7 @@
the operation was completely successfully.
-=item Z<>1
+=item Z<>1
an error occurred parsing the command options.
@@ -300,7 +344,7 @@
openssl smime -sign -in message.txt -text -out mail.msg \
-signer mycert.pem
-Create and opaque signed message:
+Create an opaque signed message:
openssl smime -sign -in message.txt -text -out mail.msg -nodetach \
-signer mycert.pem
@@ -311,6 +355,11 @@
openssl smime -sign -in in.txt -text -out mail.msg \
-signer mycert.pem -inkey mykey.pem -certfile mycerts.pem
+Create a signed message with two signers:
+
+ openssl smime -sign -in message.txt -text -out mail.msg \
+ -signer mycert.pem -signer othercert.pem
+
Send a signed message under Unix directly to sendmail, including headers:
openssl smime -sign -in in.txt -text -signer mycert.pem \
@@ -334,8 +383,8 @@
-from steve at openssl.org -to someone at somewhere \
-subject "Signed and Encrypted message" -des3 user.pem
-Note: the encryption command does not include the B<-text> option because the message
-being encrypted already has MIME headers.
+Note: the encryption command does not include the B<-text> option because the
+message being encrypted already has MIME headers.
Decrypt mail:
@@ -361,16 +410,22 @@
openssl smime -encrypt -in plain.txt -camellia128 -out mail.msg cert.pem
+Add a signer to an existing message:
+
+ openssl smime -resign -in mail.msg -signer newsign.pem -out mail2.msg
+
=head1 BUGS
-The MIME parser isn't very clever: it seems to handle most messages that I've thrown
-at it but it may choke on others.
+The MIME parser isn't very clever: it seems to handle most messages that I've
+thrown at it but it may choke on others.
-The code currently will only write out the signer's certificate to a file: if the
-signer has a separate encryption certificate this must be manually extracted. There
-should be some heuristic that determines the correct encryption certificate.
+The code currently will only write out the signer's certificate to a file: if
+the signer has a separate encryption certificate this must be manually
+extracted. There should be some heuristic that determines the correct
+encryption certificate.
-Ideally a database should be maintained of a certificates for each email address.
+Ideally a database should be maintained of a certificates for each email
+address.
The code doesn't currently take note of the permitted symmetric encryption
algorithms as supplied in the SMIMECapabilities signed attribute. This means the
@@ -382,4 +437,11 @@
The current code can only handle S/MIME v2 messages, the more complex S/MIME v3
structures may cause parsing errors.
+=head1 HISTORY
+
+The use of multiple B<-signer> options and the B<-resign> command were first
+added in OpenSSL 1.0.0
+
+The -no_alt_chains options was first added to OpenSSL 1.0.1n and 1.0.2b.
+
=cut
Modified: trunk/crypto/openssl/doc/apps/speed.pod
===================================================================
--- trunk/crypto/openssl/doc/apps/speed.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/apps/speed.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -44,7 +44,7 @@
=item B<-engine id>
-specifying an engine (by it's unique B<id> string) will cause B<speed>
+specifying an engine (by its unique B<id> string) will cause B<speed>
to attempt to obtain a functional reference to the specified engine,
thus initialising it if needed. The engine will then be set as the default
for all available algorithms.
Modified: trunk/crypto/openssl/doc/apps/spkac.pod
===================================================================
--- trunk/crypto/openssl/doc/apps/spkac.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/apps/spkac.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -81,7 +81,7 @@
=item B<-engine id>
-specifying an engine (by it's unique B<id> string) will cause B<req>
+specifying an engine (by its unique B<id> string) will cause B<spkac>
to attempt to obtain a functional reference to the specified engine,
thus initialising it if needed. The engine will then be set as the default
for all available algorithms.
Copied: trunk/crypto/openssl/doc/apps/ts.pod (from rev 7117, vendor-crypto/openssl/dist/doc/apps/ts.pod)
===================================================================
--- trunk/crypto/openssl/doc/apps/ts.pod (rev 0)
+++ trunk/crypto/openssl/doc/apps/ts.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,594 @@
+=pod
+
+=head1 NAME
+
+ts - Time Stamping Authority tool (client/server)
+
+=head1 SYNOPSIS
+
+B<openssl> B<ts>
+B<-query>
+[B<-rand> file:file...]
+[B<-config> configfile]
+[B<-data> file_to_hash]
+[B<-digest> digest_bytes]
+[B<-md2>|B<-md4>|B<-md5>|B<-sha>|B<-sha1>|B<-mdc2>|B<-ripemd160>|B<...>]
+[B<-policy> object_id]
+[B<-no_nonce>]
+[B<-cert>]
+[B<-in> request.tsq]
+[B<-out> request.tsq]
+[B<-text>]
+
+B<openssl> B<ts>
+B<-reply>
+[B<-config> configfile]
+[B<-section> tsa_section]
+[B<-queryfile> request.tsq]
+[B<-passin> password_src]
+[B<-signer> tsa_cert.pem]
+[B<-inkey> private.pem]
+[B<-chain> certs_file.pem]
+[B<-policy> object_id]
+[B<-in> response.tsr]
+[B<-token_in>]
+[B<-out> response.tsr]
+[B<-token_out>]
+[B<-text>]
+[B<-engine> id]
+
+B<openssl> B<ts>
+B<-verify>
+[B<-data> file_to_hash]
+[B<-digest> digest_bytes]
+[B<-queryfile> request.tsq]
+[B<-in> response.tsr]
+[B<-token_in>]
+[B<-CApath> trusted_cert_path]
+[B<-CAfile> trusted_certs.pem]
+[B<-untrusted> cert_file.pem]
+
+=head1 DESCRIPTION
+
+The B<ts> command is a basic Time Stamping Authority (TSA) client and server
+application as specified in RFC 3161 (Time-Stamp Protocol, TSP). A
+TSA can be part of a PKI deployment and its role is to provide long
+term proof of the existence of a certain datum before a particular
+time. Here is a brief description of the protocol:
+
+=over 4
+
+=item 1.
+
+The TSA client computes a one-way hash value for a data file and sends
+the hash to the TSA.
+
+=item 2.
+
+The TSA attaches the current date and time to the received hash value,
+signs them and sends the time stamp token back to the client. By
+creating this token the TSA certifies the existence of the original
+data file at the time of response generation.
+
+=item 3.
+
+The TSA client receives the time stamp token and verifies the
+signature on it. It also checks if the token contains the same hash
+value that it had sent to the TSA.
+
+=back
+
+There is one DER encoded protocol data unit defined for transporting a time
+stamp request to the TSA and one for sending the time stamp response
+back to the client. The B<ts> command has three main functions:
+creating a time stamp request based on a data file,
+creating a time stamp response based on a request, verifying if a
+response corresponds to a particular request or a data file.
+
+There is no support for sending the requests/responses automatically
+over HTTP or TCP yet as suggested in RFC 3161. The users must send the
+requests either by ftp or e-mail.
+
+=head1 OPTIONS
+
+=head2 Time Stamp Request generation
+
+The B<-query> switch can be used for creating and printing a time stamp
+request with the following options:
+
+=over 4
+
+=item B<-rand> file:file...
+
+The files containing random data for seeding the random number
+generator. Multiple files can be specified, the separator is B<;> for
+MS-Windows, B<,> for VMS and B<:> for all other platforms. (Optional)
+
+=item B<-config> configfile
+
+The configuration file to use, this option overrides the
+B<OPENSSL_CONF> environment variable. Only the OID section
+of the config file is used with the B<-query> command. (Optional)
+
+=item B<-data> file_to_hash
+
+The data file for which the time stamp request needs to be
+created. stdin is the default if neither the B<-data> nor the B<-digest>
+parameter is specified. (Optional)
+
+=item B<-digest> digest_bytes
+
+It is possible to specify the message imprint explicitly without the data
+file. The imprint must be specified in a hexadecimal format, two characters
+per byte, the bytes optionally separated by colons (e.g. 1A:F6:01:... or
+1AF601...). The number of bytes must match the message digest algorithm
+in use. (Optional)
+
+=item B<-md2>|B<-md4>|B<-md5>|B<-sha>|B<-sha1>|B<-mdc2>|B<-ripemd160>|B<...>
+
+The message digest to apply to the data file, it supports all the message
+digest algorithms that are supported by the openssl B<dgst> command.
+The default is SHA-1. (Optional)
+
+=item B<-policy> object_id
+
+The policy that the client expects the TSA to use for creating the
+time stamp token. Either the dotted OID notation or OID names defined
+in the config file can be used. If no policy is requested the TSA will
+use its own default policy. (Optional)
+
+=item B<-no_nonce>
+
+No nonce is specified in the request if this option is
+given. Otherwise a 64 bit long pseudo-random none is
+included in the request. It is recommended to use nonce to
+protect against replay-attacks. (Optional)
+
+=item B<-cert>
+
+The TSA is expected to include its signing certificate in the
+response. (Optional)
+
+=item B<-in> request.tsq
+
+This option specifies a previously created time stamp request in DER
+format that will be printed into the output file. Useful when you need
+to examine the content of a request in human-readable
+
+format. (Optional)
+
+=item B<-out> request.tsq
+
+Name of the output file to which the request will be written. Default
+is stdout. (Optional)
+
+=item B<-text>
+
+If this option is specified the output is human-readable text format
+instead of DER. (Optional)
+
+=back
+
+=head2 Time Stamp Response generation
+
+A time stamp response (TimeStampResp) consists of a response status
+and the time stamp token itself (ContentInfo), if the token generation was
+successful. The B<-reply> command is for creating a time stamp
+response or time stamp token based on a request and printing the
+response/token in human-readable format. If B<-token_out> is not
+specified the output is always a time stamp response (TimeStampResp),
+otherwise it is a time stamp token (ContentInfo).
+
+=over 4
+
+=item B<-config> configfile
+
+The configuration file to use, this option overrides the
+B<OPENSSL_CONF> environment variable. See B<CONFIGURATION FILE
+OPTIONS> for configurable variables. (Optional)
+
+=item B<-section> tsa_section
+
+The name of the config file section conatining the settings for the
+response generation. If not specified the default TSA section is
+used, see B<CONFIGURATION FILE OPTIONS> for details. (Optional)
+
+=item B<-queryfile> request.tsq
+
+The name of the file containing a DER encoded time stamp request. (Optional)
+
+=item B<-passin> password_src
+
+Specifies the password source for the private key of the TSA. See
+B<PASS PHRASE ARGUMENTS> in L<openssl(1)|openssl(1)>. (Optional)
+
+=item B<-signer> tsa_cert.pem
+
+The signer certificate of the TSA in PEM format. The TSA signing
+certificate must have exactly one extended key usage assigned to it:
+timeStamping. The extended key usage must also be critical, otherwise
+the certificate is going to be refused. Overrides the B<signer_cert>
+variable of the config file. (Optional)
+
+=item B<-inkey> private.pem
+
+The signer private key of the TSA in PEM format. Overrides the
+B<signer_key> config file option. (Optional)
+
+=item B<-chain> certs_file.pem
+
+The collection of certificates in PEM format that will all
+be included in the response in addition to the signer certificate if
+the B<-cert> option was used for the request. This file is supposed to
+contain the certificate chain for the signer certificate from its
+issuer upwards. The B<-reply> command does not build a certificate
+chain automatically. (Optional)
+
+=item B<-policy> object_id
+
+The default policy to use for the response unless the client
+explicitly requires a particular TSA policy. The OID can be specified
+either in dotted notation or with its name. Overrides the
+B<default_policy> config file option. (Optional)
+
+=item B<-in> response.tsr
+
+Specifies a previously created time stamp response or time stamp token
+(if B<-token_in> is also specified) in DER format that will be written
+to the output file. This option does not require a request, it is
+useful e.g. when you need to examine the content of a response or
+token or you want to extract the time stamp token from a response. If
+the input is a token and the output is a time stamp response a default
+'granted' status info is added to the token. (Optional)
+
+=item B<-token_in>
+
+This flag can be used together with the B<-in> option and indicates
+that the input is a DER encoded time stamp token (ContentInfo) instead
+of a time stamp response (TimeStampResp). (Optional)
+
+=item B<-out> response.tsr
+
+The response is written to this file. The format and content of the
+file depends on other options (see B<-text>, B<-token_out>). The default is
+stdout. (Optional)
+
+=item B<-token_out>
+
+The output is a time stamp token (ContentInfo) instead of time stamp
+response (TimeStampResp). (Optional)
+
+=item B<-text>
+
+If this option is specified the output is human-readable text format
+instead of DER. (Optional)
+
+=item B<-engine> id
+
+Specifying an engine (by its unique B<id> string) will cause B<ts>
+to attempt to obtain a functional reference to the specified engine,
+thus initialising it if needed. The engine will then be set as the default
+for all available algorithms. Default is builtin. (Optional)
+
+=back
+
+=head2 Time Stamp Response verification
+
+The B<-verify> command is for verifying if a time stamp response or time
+stamp token is valid and matches a particular time stamp request or
+data file. The B<-verify> command does not use the configuration file.
+
+=over 4
+
+=item B<-data> file_to_hash
+
+The response or token must be verified against file_to_hash. The file
+is hashed with the message digest algorithm specified in the token.
+The B<-digest> and B<-queryfile> options must not be specified with this one.
+(Optional)
+
+=item B<-digest> digest_bytes
+
+The response or token must be verified against the message digest specified
+with this option. The number of bytes must match the message digest algorithm
+specified in the token. The B<-data> and B<-queryfile> options must not be
+specified with this one. (Optional)
+
+=item B<-queryfile> request.tsq
+
+The original time stamp request in DER format. The B<-data> and B<-digest>
+options must not be specified with this one. (Optional)
+
+=item B<-in> response.tsr
+
+The time stamp response that needs to be verified in DER format. (Mandatory)
+
+=item B<-token_in>
+
+This flag can be used together with the B<-in> option and indicates
+that the input is a DER encoded time stamp token (ContentInfo) instead
+of a time stamp response (TimeStampResp). (Optional)
+
+=item B<-CApath> trusted_cert_path
+
+The name of the directory containing the trused CA certificates of the
+client. See the similar option of L<verify(1)|verify(1)> for additional
+details. Either this option or B<-CAfile> must be specified. (Optional)
+
+
+=item B<-CAfile> trusted_certs.pem
+
+The name of the file containing a set of trusted self-signed CA
+certificates in PEM format. See the similar option of
+L<verify(1)|verify(1)> for additional details. Either this option
+or B<-CApath> must be specified.
+(Optional)
+
+=item B<-untrusted> cert_file.pem
+
+Set of additional untrusted certificates in PEM format which may be
+needed when building the certificate chain for the TSA's signing
+certificate. This file must contain the TSA signing certificate and
+all intermediate CA certificates unless the response includes them.
+(Optional)
+
+=back
+
+=head1 CONFIGURATION FILE OPTIONS
+
+The B<-query> and B<-reply> commands make use of a configuration file
+defined by the B<OPENSSL_CONF> environment variable. See L<config(5)|config(5)>
+for a general description of the syntax of the config file. The
+B<-query> command uses only the symbolic OID names section
+and it can work without it. However, the B<-reply> command needs the
+config file for its operation.
+
+When there is a command line switch equivalent of a variable the
+switch always overrides the settings in the config file.
+
+=over 4
+
+=item B<tsa> section, B<default_tsa>
+
+This is the main section and it specifies the name of another section
+that contains all the options for the B<-reply> command. This default
+section can be overridden with the B<-section> command line switch. (Optional)
+
+=item B<oid_file>
+
+See L<ca(1)|ca(1)> for description. (Optional)
+
+=item B<oid_section>
+
+See L<ca(1)|ca(1)> for description. (Optional)
+
+=item B<RANDFILE>
+
+See L<ca(1)|ca(1)> for description. (Optional)
+
+=item B<serial>
+
+The name of the file containing the hexadecimal serial number of the
+last time stamp response created. This number is incremented by 1 for
+each response. If the file does not exist at the time of response
+generation a new file is created with serial number 1. (Mandatory)
+
+=item B<crypto_device>
+
+Specifies the OpenSSL engine that will be set as the default for
+all available algorithms. The default value is builtin, you can specify
+any other engines supported by OpenSSL (e.g. use chil for the NCipher HSM).
+(Optional)
+
+=item B<signer_cert>
+
+TSA signing certificate in PEM format. The same as the B<-signer>
+command line option. (Optional)
+
+=item B<certs>
+
+A file containing a set of PEM encoded certificates that need to be
+included in the response. The same as the B<-chain> command line
+option. (Optional)
+
+=item B<signer_key>
+
+The private key of the TSA in PEM format. The same as the B<-inkey>
+command line option. (Optional)
+
+=item B<default_policy>
+
+The default policy to use when the request does not mandate any
+policy. The same as the B<-policy> command line option. (Optional)
+
+=item B<other_policies>
+
+Comma separated list of policies that are also acceptable by the TSA
+and used only if the request explicitly specifies one of them. (Optional)
+
+=item B<digests>
+
+The list of message digest algorithms that the TSA accepts. At least
+one algorithm must be specified. (Mandatory)
+
+=item B<accuracy>
+
+The accuracy of the time source of the TSA in seconds, milliseconds
+and microseconds. E.g. secs:1, millisecs:500, microsecs:100. If any of
+the components is missing zero is assumed for that field. (Optional)
+
+=item B<clock_precision_digits>
+
+Specifies the maximum number of digits, which represent the fraction of
+seconds, that need to be included in the time field. The trailing zeroes
+must be removed from the time, so there might actually be fewer digits,
+or no fraction of seconds at all. Supported only on UNIX platforms.
+The maximum value is 6, default is 0.
+(Optional)
+
+=item B<ordering>
+
+If this option is yes the responses generated by this TSA can always
+be ordered, even if the time difference between two responses is less
+than the sum of their accuracies. Default is no. (Optional)
+
+=item B<tsa_name>
+
+Set this option to yes if the subject name of the TSA must be included in
+the TSA name field of the response. Default is no. (Optional)
+
+=item B<ess_cert_id_chain>
+
+The SignedData objects created by the TSA always contain the
+certificate identifier of the signing certificate in a signed
+attribute (see RFC 2634, Enhanced Security Services). If this option
+is set to yes and either the B<certs> variable or the B<-chain> option
+is specified then the certificate identifiers of the chain will also
+be included in the SigningCertificate signed attribute. If this
+variable is set to no, only the signing certificate identifier is
+included. Default is no. (Optional)
+
+=back
+
+=head1 ENVIRONMENT VARIABLES
+
+B<OPENSSL_CONF> contains the path of the configuration file and can be
+overridden by the B<-config> command line option.
+
+=head1 EXAMPLES
+
+All the examples below presume that B<OPENSSL_CONF> is set to a proper
+configuration file, e.g. the example configuration file
+openssl/apps/openssl.cnf will do.
+
+=head2 Time Stamp Request
+
+To create a time stamp request for design1.txt with SHA-1
+without nonce and policy and no certificate is required in the response:
+
+ openssl ts -query -data design1.txt -no_nonce \
+ -out design1.tsq
+
+To create a similar time stamp request with specifying the message imprint
+explicitly:
+
+ openssl ts -query -digest b7e5d3f93198b38379852f2c04e78d73abdd0f4b \
+ -no_nonce -out design1.tsq
+
+To print the content of the previous request in human readable format:
+
+ openssl ts -query -in design1.tsq -text
+
+To create a time stamp request which includes the MD-5 digest
+of design2.txt, requests the signer certificate and nonce,
+specifies a policy id (assuming the tsa_policy1 name is defined in the
+OID section of the config file):
+
+ openssl ts -query -data design2.txt -md5 \
+ -policy tsa_policy1 -cert -out design2.tsq
+
+=head2 Time Stamp Response
+
+Before generating a response a signing certificate must be created for
+the TSA that contains the B<timeStamping> critical extended key usage extension
+without any other key usage extensions. You can add the
+'extendedKeyUsage = critical,timeStamping' line to the user certificate section
+of the config file to generate a proper certificate. See L<req(1)|req(1)>,
+L<ca(1)|ca(1)>, L<x509(1)|x509(1)> for instructions. The examples
+below assume that cacert.pem contains the certificate of the CA,
+tsacert.pem is the signing certificate issued by cacert.pem and
+tsakey.pem is the private key of the TSA.
+
+To create a time stamp response for a request:
+
+ openssl ts -reply -queryfile design1.tsq -inkey tsakey.pem \
+ -signer tsacert.pem -out design1.tsr
+
+If you want to use the settings in the config file you could just write:
+
+ openssl ts -reply -queryfile design1.tsq -out design1.tsr
+
+To print a time stamp reply to stdout in human readable format:
+
+ openssl ts -reply -in design1.tsr -text
+
+To create a time stamp token instead of time stamp response:
+
+ openssl ts -reply -queryfile design1.tsq -out design1_token.der -token_out
+
+To print a time stamp token to stdout in human readable format:
+
+ openssl ts -reply -in design1_token.der -token_in -text -token_out
+
+To extract the time stamp token from a response:
+
+ openssl ts -reply -in design1.tsr -out design1_token.der -token_out
+
+To add 'granted' status info to a time stamp token thereby creating a
+valid response:
+
+ openssl ts -reply -in design1_token.der -token_in -out design1.tsr
+
+=head2 Time Stamp Verification
+
+To verify a time stamp reply against a request:
+
+ openssl ts -verify -queryfile design1.tsq -in design1.tsr \
+ -CAfile cacert.pem -untrusted tsacert.pem
+
+To verify a time stamp reply that includes the certificate chain:
+
+ openssl ts -verify -queryfile design2.tsq -in design2.tsr \
+ -CAfile cacert.pem
+
+To verify a time stamp token against the original data file:
+ openssl ts -verify -data design2.txt -in design2.tsr \
+ -CAfile cacert.pem
+
+To verify a time stamp token against a message imprint:
+ openssl ts -verify -digest b7e5d3f93198b38379852f2c04e78d73abdd0f4b \
+ -in design2.tsr -CAfile cacert.pem
+
+You could also look at the 'test' directory for more examples.
+
+=head1 BUGS
+
+If you find any bugs or you have suggestions please write to
+Zoltan Glozik <zglozik at opentsa.org>. Known issues:
+
+=over 4
+
+=item * No support for time stamps over SMTP, though it is quite easy
+to implement an automatic e-mail based TSA with L<procmail(1)|procmail(1)>
+and L<perl(1)|perl(1)>. HTTP server support is provided in the form of
+a separate apache module. HTTP client support is provided by
+L<tsget(1)|tsget(1)>. Pure TCP/IP protocol is not supported.
+
+=item * The file containing the last serial number of the TSA is not
+locked when being read or written. This is a problem if more than one
+instance of L<openssl(1)|openssl(1)> is trying to create a time stamp
+response at the same time. This is not an issue when using the apache
+server module, it does proper locking.
+
+=item * Look for the FIXME word in the source files.
+
+=item * The source code should really be reviewed by somebody else, too.
+
+=item * More testing is needed, I have done only some basic tests (see
+test/testtsa).
+
+=back
+
+=cut
+
+=head1 AUTHOR
+
+Zoltan Glozik <zglozik at opentsa.org>, OpenTSA project (http://www.opentsa.org)
+
+=head1 SEE ALSO
+
+L<tsget(1)|tsget(1)>, L<openssl(1)|openssl(1)>, L<req(1)|req(1)>,
+L<x509(1)|x509(1)>, L<ca(1)|ca(1)>, L<genrsa(1)|genrsa(1)>,
+L<config(5)|config(5)>
+
+=cut
Copied: trunk/crypto/openssl/doc/apps/tsget.pod (from rev 7117, vendor-crypto/openssl/dist/doc/apps/tsget.pod)
===================================================================
--- trunk/crypto/openssl/doc/apps/tsget.pod (rev 0)
+++ trunk/crypto/openssl/doc/apps/tsget.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,194 @@
+=pod
+
+=head1 NAME
+
+tsget - Time Stamping HTTP/HTTPS client
+
+=head1 SYNOPSIS
+
+B<tsget>
+B<-h> server_url
+[B<-e> extension]
+[B<-o> output]
+[B<-v>]
+[B<-d>]
+[B<-k> private_key.pem]
+[B<-p> key_password]
+[B<-c> client_cert.pem]
+[B<-C> CA_certs.pem]
+[B<-P> CA_path]
+[B<-r> file:file...]
+[B<-g> EGD_socket]
+[request]...
+
+=head1 DESCRIPTION
+
+The B<tsget> command can be used for sending a time stamp request, as
+specified in B<RFC 3161>, to a time stamp server over HTTP or HTTPS and storing
+the time stamp response in a file. This tool cannot be used for creating the
+requests and verifying responses, you can use the OpenSSL B<ts(1)> command to
+do that. B<tsget> can send several requests to the server without closing
+the TCP connection if more than one requests are specified on the command
+line.
+
+The tool sends the following HTTP request for each time stamp request:
+
+ POST url HTTP/1.1
+ User-Agent: OpenTSA tsget.pl/<version>
+ Host: <host>:<port>
+ Pragma: no-cache
+ Content-Type: application/timestamp-query
+ Accept: application/timestamp-reply
+ Content-Length: length of body
+
+ ...binary request specified by the user...
+
+B<tsget> expects a response of type application/timestamp-reply, which is
+written to a file without any interpretation.
+
+=head1 OPTIONS
+
+=over 4
+
+=item B<-h> server_url
+
+The URL of the HTTP/HTTPS server listening for time stamp requests.
+
+=item B<-e> extension
+
+If the B<-o> option is not given this argument specifies the extension of the
+output files. The base name of the output file will be the same as those of
+the input files. Default extension is '.tsr'. (Optional)
+
+=item B<-o> output
+
+This option can be specified only when just one request is sent to the
+server. The time stamp response will be written to the given output file. '-'
+means standard output. In case of multiple time stamp requests or the absence
+of this argument the names of the output files will be derived from the names
+of the input files and the default or specified extension argument. (Optional)
+
+=item B<-v>
+
+The name of the currently processed request is printed on standard
+error. (Optional)
+
+=item B<-d>
+
+Switches on verbose mode for the underlying B<curl> library. You can see
+detailed debug messages for the connection. (Optional)
+
+=item B<-k> private_key.pem
+
+(HTTPS) In case of certificate-based client authentication over HTTPS
+<private_key.pem> must contain the private key of the user. The private key
+file can optionally be protected by a passphrase. The B<-c> option must also
+be specified. (Optional)
+
+=item B<-p> key_password
+
+(HTTPS) Specifies the passphrase for the private key specified by the B<-k>
+argument. If this option is omitted and the key is passphrase protected B<tsget>
+will ask for it. (Optional)
+
+=item B<-c> client_cert.pem
+
+(HTTPS) In case of certificate-based client authentication over HTTPS
+<client_cert.pem> must contain the X.509 certificate of the user. The B<-k>
+option must also be specified. If this option is not specified no
+certificate-based client authentication will take place. (Optional)
+
+=item B<-C> CA_certs.pem
+
+(HTTPS) The trusted CA certificate store. The certificate chain of the peer's
+certificate must include one of the CA certificates specified in this file.
+Either option B<-C> or option B<-P> must be given in case of HTTPS. (Optional)
+
+=item B<-P> CA_path
+
+(HTTPS) The path containing the trusted CA certificates to verify the peer's
+certificate. The directory must be prepared with the B<c_rehash>
+OpenSSL utility. Either option B<-C> or option B<-P> must be given in case of
+HTTPS. (Optional)
+
+=item B<-rand> file:file...
+
+The files containing random data for seeding the random number
+generator. Multiple files can be specified, the separator is B<;> for
+MS-Windows, B<,> for VMS and B<:> for all other platforms. (Optional)
+
+=item B<-g> EGD_socket
+
+The name of an EGD socket to get random data from. (Optional)
+
+=item [request]...
+
+List of files containing B<RFC 3161> DER-encoded time stamp requests. If no
+requests are specified only one request will be sent to the server and it will be
+read from the standard input. (Optional)
+
+=back
+
+=head1 ENVIRONMENT VARIABLES
+
+The B<TSGET> environment variable can optionally contain default
+arguments. The content of this variable is added to the list of command line
+arguments.
+
+=head1 EXAMPLES
+
+The examples below presume that B<file1.tsq> and B<file2.tsq> contain valid
+time stamp requests, tsa.opentsa.org listens at port 8080 for HTTP requests
+and at port 8443 for HTTPS requests, the TSA service is available at the /tsa
+absolute path.
+
+Get a time stamp response for file1.tsq over HTTP, output is written to
+file1.tsr:
+
+ tsget -h http://tsa.opentsa.org:8080/tsa file1.tsq
+
+Get a time stamp response for file1.tsq and file2.tsq over HTTP showing
+progress, output is written to file1.reply and file2.reply respectively:
+
+ tsget -h http://tsa.opentsa.org:8080/tsa -v -e .reply \
+ file1.tsq file2.tsq
+
+Create a time stamp request, write it to file3.tsq, send it to the server and
+write the response to file3.tsr:
+
+ openssl ts -query -data file3.txt -cert | tee file3.tsq \
+ | tsget -h http://tsa.opentsa.org:8080/tsa \
+ -o file3.tsr
+
+Get a time stamp response for file1.tsq over HTTPS without client
+authentication:
+
+ tsget -h https://tsa.opentsa.org:8443/tsa \
+ -C cacerts.pem file1.tsq
+
+Get a time stamp response for file1.tsq over HTTPS with certificate-based
+client authentication (it will ask for the passphrase if client_key.pem is
+protected):
+
+ tsget -h https://tsa.opentsa.org:8443/tsa -C cacerts.pem \
+ -k client_key.pem -c client_cert.pem file1.tsq
+
+You can shorten the previous command line if you make use of the B<TSGET>
+environment variable. The following commands do the same as the previous
+example:
+
+ TSGET='-h https://tsa.opentsa.org:8443/tsa -C cacerts.pem \
+ -k client_key.pem -c client_cert.pem'
+ export TSGET
+ tsget file1.tsq
+
+=head1 AUTHOR
+
+Zoltan Glozik <zglozik at opentsa.org>, OpenTSA project (http://www.opentsa.org)
+
+=head1 SEE ALSO
+
+L<openssl(1)|openssl(1)>, L<ts(1)|ts(1)>, L<curl(1)|curl(1)>,
+B<RFC 3161>
+
+=cut
Modified: trunk/crypto/openssl/doc/apps/verify.pod
===================================================================
--- trunk/crypto/openssl/doc/apps/verify.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/apps/verify.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -7,27 +7,27 @@
=head1 SYNOPSIS
B<openssl> B<verify>
+[B<-CApath directory>]
[B<-CAfile file>]
-[B<-CApath directory>]
-[B<-attime timestamp>]
-[B<-check_ss_sig>]
+[B<-purpose purpose>]
+[B<-policy arg>]
+[B<-ignore_critical>]
[B<-crl_check>]
[B<-crl_check_all>]
+[B<-policy_check>]
[B<-explicit_policy>]
-[B<-help>]
-[B<-ignore_critical>]
[B<-inhibit_any>]
[B<-inhibit_map>]
-[B<-issuer_checks>]
-[B<-policy arg>]
-[B<-policy_check>]
+[B<-x509_strict>]
+[B<-extended_crl>]
+[B<-use_deltas>]
[B<-policy_print>]
-[B<-purpose purpose>]
+[B<-no_alt_chains>]
[B<-untrusted file>]
-[B<-use_deltas>]
+[B<-help>]
+[B<-issuer_checks>]
+[B<-attime timestamp>]
[B<-verbose>]
-[B<-verify_depth num>]
-[B<-x509_strict>]
[B<->]
[certificates]
@@ -40,11 +40,6 @@
=over 4
-=item B<-CAfile file>
-
-A file of trusted certificates. The file should contain multiple certificates
-in PEM format concatenated together.
-
=item B<-CApath directory>
A directory of trusted certificates. The certificates should have names
@@ -53,49 +48,31 @@
of the B<x509> utility). Under Unix the B<c_rehash> script will automatically
create symbolic links to a directory of certificates.
-=item B<-attime timestamp>
+=item B<-CAfile file>
+A file of trusted certificates. The file should contain multiple certificates
+in PEM format concatenated together.
-Perform validation checks using time specified by B<timestamp> and not
-current system time. B<timestamp> is the number of seconds since
-01.01.1970 (UNIX time).
+=item B<-untrusted file>
-=item B<-check_ss_sig>
+A file of untrusted certificates. The file should contain multiple certificates
+in PEM format concatenated together.
-Verify the signature on the self-signed root CA. This is disabled by default
-because it doesn't add any security.
+=item B<-purpose purpose>
-=item B<-crl_check>
+The intended use for the certificate. If this option is not specified,
+B<verify> will not consider certificate purpose during chain verification.
+Currently accepted uses are B<sslclient>, B<sslserver>, B<nssslserver>,
+B<smimesign>, B<smimeencrypt>. See the B<VERIFY OPERATION> section for more
+information.
-Checks end entity certificate validity by attempting to look up a valid CRL.
-If a valid CRL cannot be found an error occurs.
-
-=item B<-crl_check_all>
-
-Checks the validity of B<all> certificates in the chain by attempting
-to look up valid CRLs.
-
-=item B<-explicit_policy>
-
-Set policy variable require-explicit-policy (see RFC5280).
-
=item B<-help>
Print out a usage message.
-=item B<-ignore_critical>
+=item B<-verbose>
-Normally if an unhandled critical extension is present which is not
-supported by OpenSSL the certificate is rejected (as required by RFC5280).
-If this option is set critical extensions are ignored.
+Print extra information about the operations being performed.
-=item B<-inhibit_any>
-
-Set policy variable inhibit-any-policy (see RFC5280).
-
-=item B<-inhibit_map>
-
-Set policy variable inhibit-policy-mapping (see RFC5280).
-
=item B<-issuer_checks>
Print out diagnostics relating to searches for the issuer certificate of the
@@ -104,6 +81,12 @@
anything is wrong; during the normal verification process, several
rejections may take place.
+=item B<-attime timestamp>
+
+Perform validation checks using time specified by B<timestamp> and not
+current system time. B<timestamp> is the number of seconds since
+01.01.1970 (UNIX time).
+
=item B<-policy arg>
Enable policy processing and add B<arg> to the user-initial-policy-set (see
@@ -114,40 +97,65 @@
Enables certificate policy processing.
-=item B<-policy_print>
+=item B<-explicit_policy>
-Print out diagnostics related to policy processing.
+Set policy variable require-explicit-policy (see RFC5280).
-=item B<-purpose purpose>
+=item B<-inhibit_any>
-The intended use for the certificate. If this option is not specified,
-B<verify> will not consider certificate purpose during chain verification.
-Currently accepted uses are B<sslclient>, B<sslserver>, B<nssslserver>,
-B<smimesign>, B<smimeencrypt>. See the B<VERIFY OPERATION> section for more
-information.
+Set policy variable inhibit-any-policy (see RFC5280).
-=item B<-untrusted file>
+=item B<-inhibit_map>
-A file of untrusted certificates. The file should contain multiple certificates
-in PEM format concatenated together.
+Set policy variable inhibit-policy-mapping (see RFC5280).
-=item B<-use_deltas>
+=item B<-no_alt_chains>
-Enable support for delta CRLs.
+When building a certificate chain, if the first certificate chain found is not
+trusted, then OpenSSL will continue to check to see if an alternative chain can
+be found that is trusted. With this option that behaviour is suppressed so that
+only the first chain found is ever used. Using this option will force the
+behaviour to match that of previous OpenSSL versions.
-=item B<-verbose>
+=item B<-policy_print>
-Print extra information about the operations being performed.
+Print out diagnostics related to policy processing.
-=item B<-verify_depth num>
+=item B<-crl_check>
-Limit the maximum depth of the certificate chain to B<num> certificates.
+Checks end entity certificate validity by attempting to look up a valid CRL.
+If a valid CRL cannot be found an error occurs.
+=item B<-crl_check_all>
+
+Checks the validity of B<all> certificates in the chain by attempting
+to look up valid CRLs.
+
+=item B<-ignore_critical>
+
+Normally if an unhandled critical extension is present which is not
+supported by OpenSSL the certificate is rejected (as required by RFC5280).
+If this option is set critical extensions are ignored.
+
=item B<-x509_strict>
For strict X.509 compliance, disable non-compliant workarounds for broken
certificates.
+=item B<-extended_crl>
+
+Enable extended CRL features such as indirect CRLs and alternate CRL
+signing keys.
+
+=item B<-use_deltas>
+
+Enable support for delta CRLs.
+
+=item B<-check_ss_sig>
+
+Verify the signature on the self-signed root CA. This is disabled by default
+because it doesn't add any security.
+
=item B<->
Indicates the last option. All arguments following this are assumed to be
@@ -396,7 +404,7 @@
Although the issuer checks are a considerable improvement over the old technique they still
suffer from limitations in the underlying X509_LOOKUP API. One consequence of this is that
trusted certificates with matching subject name must either appear in a file (as specified by the
-B<-CAfile> option) or a directory (as specified by B<-CApath>). If they occur in both then only
+B<-CAfile> option) or a directory (as specified by B<-CApath>. If they occur in both then only
the certificates in the file will be recognised.
Previous versions of OpenSSL assume certificates with matching subject name are identical and
@@ -410,4 +418,8 @@
L<x509(1)|x509(1)>
+=head1 HISTORY
+
+The -no_alt_chains options was first added to OpenSSL 1.0.1n and 1.0.2b.
+
=cut
Modified: trunk/crypto/openssl/doc/apps/version.pod
===================================================================
--- trunk/crypto/openssl/doc/apps/version.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/apps/version.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -13,6 +13,7 @@
[B<-o>]
[B<-f>]
[B<-p>]
+[B<-d>]
=head1 DESCRIPTION
@@ -38,7 +39,7 @@
option information: various options set when the library was built.
-=item B<-c>
+=item B<-f>
compilation flags.
Modified: trunk/crypto/openssl/doc/apps/x509.pod
===================================================================
--- trunk/crypto/openssl/doc/apps/x509.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/apps/x509.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -24,6 +24,7 @@
[B<-issuer>]
[B<-nameopt option>]
[B<-email>]
+[B<-ocsp_uri>]
[B<-startdate>]
[B<-enddate>]
[B<-purpose>]
@@ -30,6 +31,7 @@
[B<-dates>]
[B<-checkend num>]
[B<-modulus>]
+[B<-pubkey>]
[B<-fingerprint>]
[B<-alias>]
[B<-noout>]
@@ -107,7 +109,7 @@
=item B<-engine id>
-specifying an engine (by it's unique B<id> string) will cause B<req>
+specifying an engine (by its unique B<id> string) will cause B<x509>
to attempt to obtain a functional reference to the specified engine,
thus initialising it if needed. The engine will then be set as the default
for all available algorithms.
@@ -138,6 +140,10 @@
this option prevents output of the encoded version of the request.
+=item B<-pubkey>
+
+outputs the the certificate's SubjectPublicKeyInfo block in PEM format.
+
=item B<-modulus>
this option prints out the value of the modulus of the public key
@@ -165,6 +171,16 @@
synonym for "-subject_hash" for backward compatibility reasons.
+=item B<-subject_hash_old>
+
+outputs the "hash" of the certificate subject name using the older algorithm
+as used by OpenSSL versions before 1.0.0.
+
+=item B<-issuer_hash_old>
+
+outputs the "hash" of the certificate issuer name using the older algorithm
+as used by OpenSSL versions before 1.0.0.
+
=item B<-subject>
outputs the subject name.
@@ -184,6 +200,10 @@
outputs the email address(es) if any.
+=item B<-ocsp_uri>
+
+outputs the OCSP responder address(es) if any.
+
=item B<-startdate>
prints out the start date of the certificate, that is the notBefore date.
@@ -394,7 +414,9 @@
the section to add certificate extensions from. If this option is not
specified then the extensions should either be contained in the unnamed
(default) section or the default section should contain a variable called
-"extensions" which contains the section to use.
+"extensions" which contains the section to use. See the
+L<x509v3_config(5)|x509v3_config(5)> manual page for details of the
+extension section format.
=back
@@ -841,10 +863,17 @@
=head1 SEE ALSO
L<req(1)|req(1)>, L<ca(1)|ca(1)>, L<genrsa(1)|genrsa(1)>,
-L<gendsa(1)|gendsa(1)>, L<verify(1)|verify(1)>
+L<gendsa(1)|gendsa(1)>, L<verify(1)|verify(1)>,
+L<x509v3_config(5)|x509v3_config(5)>
=head1 HISTORY
Before OpenSSL 0.9.8, the default digest for RSA keys was MD5.
+The hash algorithm used in the B<-subject_hash> and B<-issuer_hash> options
+before OpenSSL 1.0.0 was based on the deprecated MD5 algorithm and the encoding
+of the distinguished name. In OpenSSL 1.0.0 and later it is based on a
+canonical version of the DN using SHA1. This means that any directories using
+the old form must have their links rebuilt using B<c_rehash> or similar.
+
=cut
Modified: trunk/crypto/openssl/doc/apps/x509v3_config.pod
===================================================================
--- trunk/crypto/openssl/doc/apps/x509v3_config.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/apps/x509v3_config.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -174,7 +174,7 @@
The value of B<dirName> should point to a section containing the distinguished
name to use as a set of name value pairs. Multi values AVAs can be formed by
-preceding the name with a B<+> character.
+prefacing the name with a B<+> character.
otherName can include arbitrary data associated with an OID: the value
should be the OID followed by a semicolon and the content in standard
Modified: trunk/crypto/openssl/doc/crypto/ASN1_generate_nconf.pod
===================================================================
--- trunk/crypto/openssl/doc/crypto/ASN1_generate_nconf.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/crypto/ASN1_generate_nconf.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -61,7 +61,7 @@
=item B<INTEGER>, B<INT>
Encodes an ASN1 B<INTEGER> type. The B<value> string represents
-the value of the integer, it can be preceded by a minus sign and
+the value of the integer, it can be prefaced by a minus sign and
is normally interpreted as a decimal value unless the prefix B<0x>
is included.
Modified: trunk/crypto/openssl/doc/crypto/BIO_f_md.pod
===================================================================
--- trunk/crypto/openssl/doc/crypto/BIO_f_md.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/crypto/BIO_f_md.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -58,6 +58,12 @@
a chain containing digest BIOs then this can be done by prepending
a buffering BIO.
+Before OpenSSL 1.0.0 the call to BIO_get_md_ctx() would only work if the BIO
+had been initialized for example by calling BIO_set_md() ). In OpenSSL
+1.0.0 and later the context is always returned and the BIO is state is set
+to initialized. This allows applications to initialize the context externally
+if the standard calls such as BIO_set_md() are not sufficiently flexible.
+
=head1 RETURN VALUES
BIO_f_md() returns the digest BIO method.
Modified: trunk/crypto/openssl/doc/crypto/BIO_f_ssl.pod
===================================================================
--- trunk/crypto/openssl/doc/crypto/BIO_f_ssl.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/crypto/BIO_f_ssl.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -308,6 +308,15 @@
BIO_free_all(sbio);
+=head1 BUGS
+
+In OpenSSL versions before 1.0.0 the BIO_pop() call was handled incorrectly,
+the I/O BIO reference count was incorrectly incremented (instead of
+decremented) and dissociated with the SSL BIO even if the SSL BIO was not
+explicitly being popped (e.g. a pop higher up the chain). Applications which
+included workarounds for this bug (e.g. freeing BIOs more than once) should
+be modified to handle this fix or they may free up an already freed BIO.
+
=head1 SEE ALSO
TBA
Copied: trunk/crypto/openssl/doc/crypto/BIO_new_CMS.pod (from rev 7117, vendor-crypto/openssl/dist/doc/crypto/BIO_new_CMS.pod)
===================================================================
--- trunk/crypto/openssl/doc/crypto/BIO_new_CMS.pod (rev 0)
+++ trunk/crypto/openssl/doc/crypto/BIO_new_CMS.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,66 @@
+=pod
+
+=head1 NAME
+
+ BIO_new_CMS - CMS streaming filter BIO
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ BIO *BIO_new_CMS(BIO *out, CMS_ContentInfo *cms);
+
+=head1 DESCRIPTION
+
+BIO_new_CMS() returns a streaming filter BIO chain based on B<cms>. The output
+of the filter is written to B<out>. Any data written to the chain is
+automatically translated to a BER format CMS structure of the appropriate type.
+
+=head1 NOTES
+
+The chain returned by this function behaves like a standard filter BIO. It
+supports non blocking I/O. Content is processed and streamed on the fly and not
+all held in memory at once: so it is possible to encode very large structures.
+After all content has been written through the chain BIO_flush() must be called
+to finalise the structure.
+
+The B<CMS_STREAM> flag must be included in the corresponding B<flags>
+parameter of the B<cms> creation function.
+
+If an application wishes to write additional data to B<out> BIOs should be
+removed from the chain using BIO_pop() and freed with BIO_free() until B<out>
+is reached. If no additional data needs to be written BIO_free_all() can be
+called to free up the whole chain.
+
+Any content written through the filter is used verbatim: no canonical
+translation is performed.
+
+It is possible to chain multiple BIOs to, for example, create a triple wrapped
+signed, enveloped, signed structure. In this case it is the applications
+responsibility to set the inner content type of any outer CMS_ContentInfo
+structures.
+
+Large numbers of small writes through the chain should be avoided as this will
+produce an output consisting of lots of OCTET STRING structures. Prepending
+a BIO_f_buffer() buffering BIO will prevent this.
+
+=head1 BUGS
+
+There is currently no corresponding inverse BIO: i.e. one which can decode
+a CMS structure on the fly.
+
+=head1 RETURN VALUES
+
+BIO_new_CMS() returns a BIO chain when successful or NULL if an error
+occurred. The error can be obtained from ERR_get_error(3).
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_sign(3)|CMS_sign(3)>,
+L<CMS_encrypt(3)|CMS_encrypt(3)>
+
+=head1 HISTORY
+
+BIO_new_CMS() was added to OpenSSL 1.0.0
+
+=cut
Modified: trunk/crypto/openssl/doc/crypto/BIO_s_accept.pod
===================================================================
--- trunk/crypto/openssl/doc/crypto/BIO_s_accept.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/crypto/BIO_s_accept.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -59,8 +59,8 @@
BIO_set_accept_port() uses the string B<name> to set the accept
port. The port is represented as a string of the form "host:port",
where "host" is the interface to use and "port" is the port.
-Either or both values can be "*" which is interpreted as meaning
-any interface or port respectively. "port" has the same syntax
+The host can be can be "*" which is interpreted as meaning
+any interface; "port" has the same syntax
as the port specified in BIO_set_conn_port() for connect BIOs,
that is it can be a numerical port string or a string to lookup
using getservbyname() and a string table.
Modified: trunk/crypto/openssl/doc/crypto/BIO_s_file.pod
===================================================================
--- trunk/crypto/openssl/doc/crypto/BIO_s_file.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/crypto/BIO_s_file.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -76,6 +76,10 @@
Because the file BIO calls the underlying stdio functions any quirks
in stdio behaviour will be mirrored by the corresponding BIO.
+On Windows BIO_new_files reserves for the filename argument to be
+UTF-8 encoded. In other words if you have to make it work in multi-
+lingual environment, encode file names in UTF-8.
+
=head1 EXAMPLES
File BIO "hello world":
Modified: trunk/crypto/openssl/doc/crypto/BIO_s_mem.pod
===================================================================
--- trunk/crypto/openssl/doc/crypto/BIO_s_mem.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/crypto/BIO_s_mem.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -74,7 +74,7 @@
their size can grow indefinitely.
Every read from a read write memory BIO will remove the data just read with
-an internal copy operation, if a BIO contains a lots of data and it is
+an internal copy operation, if a BIO contains a lot of data and it is
read in small chunks the operation can be very slow. The use of a read only
memory BIO avoids this problem. If the BIO must be read write then adding
a buffering BIO to the chain will speed up the process.
Modified: trunk/crypto/openssl/doc/crypto/BN_BLINDING_new.pod
===================================================================
--- trunk/crypto/openssl/doc/crypto/BN_BLINDING_new.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/crypto/BN_BLINDING_new.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -22,8 +22,11 @@
BN_CTX *ctx);
int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b,
BN_CTX *ctx);
+ #ifndef OPENSSL_NO_DEPRECATED
unsigned long BN_BLINDING_get_thread_id(const BN_BLINDING *);
void BN_BLINDING_set_thread_id(BN_BLINDING *, unsigned long);
+ #endif
+ CRYPTO_THREADID *BN_BLINDING_thread_id(BN_BLINDING *);
unsigned long BN_BLINDING_get_flags(const BN_BLINDING *);
void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long);
BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
@@ -45,7 +48,7 @@
BN_BLINDING_convert_ex() multiplies B<n> with the blinding factor B<A>.
If B<r> is not NULL a copy the inverse blinding factor B<Ai> will be
-returned in B<r> (this is useful if a B<RSA> object is shared amoung
+returned in B<r> (this is useful if a B<RSA> object is shared among
several threads). BN_BLINDING_invert_ex() multiplies B<n> with the
inverse blinding factor B<Ai>. If B<r> is not NULL it will be used as
the inverse blinding.
@@ -54,11 +57,11 @@
functions for BN_BLINDING_convert_ex() and BN_BLINDING_invert_ex()
with B<r> set to NULL.
-BN_BLINDING_set_thread_id() and BN_BLINDING_get_thread_id()
-set and get the "thread id" value of the B<BN_BLINDING> structure,
-a field provided to users of B<BN_BLINDING> structure to help them
-provide proper locking if needed for multi-threaded use. The
-"thread id" of a newly allocated B<BN_BLINDING> structure is zero.
+BN_BLINDING_thread_id() provides access to the B<CRYPTO_THREADID>
+object within the B<BN_BLINDING> structure. This is to help users
+provide proper locking if needed for multi-threaded use. The "thread
+id" object of a newly allocated B<BN_BLINDING> structure is
+initialised to the thread id in which BN_BLINDING_new() was called.
BN_BLINDING_get_flags() returns the BN_BLINDING flags. Currently
there are two supported flags: B<BN_BLINDING_NO_UPDATE> and
@@ -83,8 +86,8 @@
BN_BLINDING_convert_ex() and BN_BLINDING_invert_ex() return 1 on
success and 0 if an error occured.
-BN_BLINDING_get_thread_id() returns the thread id (a B<unsigned long>
-value) or 0 if not set.
+BN_BLINDING_thread_id() returns a pointer to the thread id object
+within a B<BN_BLINDING> object.
BN_BLINDING_get_flags() returns the currently set B<BN_BLINDING> flags
(a B<unsigned long> value).
@@ -98,6 +101,9 @@
=head1 HISTORY
+BN_BLINDING_thread_id was first introduced in OpenSSL 1.0.0, and it
+deprecates BN_BLINDING_set_thread_id and BN_BLINDING_get_thread_id.
+
BN_BLINDING_convert_ex, BN_BLINDIND_invert_ex, BN_BLINDING_get_thread_id,
BN_BLINDING_set_thread_id, BN_BLINDING_set_flags, BN_BLINDING_get_flags
and BN_BLINDING_create_param were first introduced in OpenSSL 0.9.8
Copied: trunk/crypto/openssl/doc/crypto/CMS_add0_cert.pod (from rev 7117, vendor-crypto/openssl/dist/doc/crypto/CMS_add0_cert.pod)
===================================================================
--- trunk/crypto/openssl/doc/crypto/CMS_add0_cert.pod (rev 0)
+++ trunk/crypto/openssl/doc/crypto/CMS_add0_cert.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,66 @@
+=pod
+
+=head1 NAME
+
+ CMS_add0_cert, CMS_add1_cert, CMS_get1_certs, CMS_add0_crl, CMS_get1_crls, - CMS certificate and CRL utility functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ int CMS_add0_cert(CMS_ContentInfo *cms, X509 *cert);
+ int CMS_add1_cert(CMS_ContentInfo *cms, X509 *cert);
+ STACK_OF(X509) *CMS_get1_certs(CMS_ContentInfo *cms);
+
+ int CMS_add0_crl(CMS_ContentInfo *cms, X509_CRL *crl);
+ int CMS_add1_crl(CMS_ContentInfo *cms, X509_CRL *crl);
+ STACK_OF(X509_CRL) *CMS_get1_crls(CMS_ContentInfo *cms);
+
+
+=head1 DESCRIPTION
+
+CMS_add0_cert() and CMS_add1_cert() add certificate B<cert> to B<cms>.
+must be of type signed data or enveloped data.
+
+CMS_get1_certs() returns all certificates in B<cms>.
+
+CMS_add0_crl() and CMS_add1_crl() add CRL B<crl> to B<cms>. CMS_get1_crls()
+returns any CRLs in B<cms>.
+
+=head1 NOTES
+
+The CMS_ContentInfo structure B<cms> must be of type signed data or enveloped
+data or an error will be returned.
+
+For signed data certificates and CRLs are added to the B<certificates> and
+B<crls> fields of SignedData structure. For enveloped data they are added to
+B<OriginatorInfo>.
+
+As the B<0> implies CMS_add0_cert() adds B<cert> internally to B<cms> and it
+must not be freed up after the call as opposed to CMS_add1_cert() where B<cert>
+must be freed up.
+
+The same certificate or CRL must not be added to the same cms structure more
+than once.
+
+=head1 RETURN VALUES
+
+CMS_add0_cert(), CMS_add1_cert() and CMS_add0_crl() and CMS_add1_crl() return
+1 for success and 0 for failure.
+
+CMS_get1_certs() and CMS_get1_crls() return the STACK of certificates or CRLs
+or NULL if there are none or an error occurs. The only error which will occur
+in practice is if the B<cms> type is invalid.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>,
+L<CMS_sign(3)|CMS_sign(3)>,
+L<CMS_encrypt(3)|CMS_encrypt(3)>
+
+=head1 HISTORY
+
+CMS_add0_cert(), CMS_add1_cert(), CMS_get1_certs(), CMS_add0_crl()
+and CMS_get1_crls() were all first added to OpenSSL 0.9.8
+
+=cut
Copied: trunk/crypto/openssl/doc/crypto/CMS_add1_recipient_cert.pod (from rev 7117, vendor-crypto/openssl/dist/doc/crypto/CMS_add1_recipient_cert.pod)
===================================================================
--- trunk/crypto/openssl/doc/crypto/CMS_add1_recipient_cert.pod (rev 0)
+++ trunk/crypto/openssl/doc/crypto/CMS_add1_recipient_cert.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,62 @@
+=pod
+
+=head1 NAME
+
+ CMS_add1_recipient_cert, CMS_add0_recipient_key - add recipients to a CMS enveloped data structure
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ CMS_RecipientInfo *CMS_add1_recipient_cert(CMS_ContentInfo *cms, X509 *recip, unsigned int flags);
+
+ CMS_RecipientInfo *CMS_add0_recipient_key(CMS_ContentInfo *cms, int nid, unsigned char *key, size_t keylen, unsigned char *id, size_t idlen, ASN1_GENERALIZEDTIME *date, ASN1_OBJECT *otherTypeId, ASN1_TYPE *otherType);
+
+=head1 DESCRIPTION
+
+CMS_add1_recipient_cert() adds recipient B<recip> to CMS_ContentInfo enveloped
+data structure B<cms> as a KeyTransRecipientInfo structure.
+
+CMS_add0_recipient_key() adds symmetric key B<key> of length B<keylen> using
+wrapping algorithm B<nid>, identifier B<id> of length B<idlen> and optional
+values B<date>, B<otherTypeId> and B<otherType> to CMS_ContentInfo enveloped
+data structure B<cms> as a KEKRecipientInfo structure.
+
+The CMS_ContentInfo structure should be obtained from an initial call to
+CMS_encrypt() with the flag B<CMS_PARTIAL> set.
+
+=head1 NOTES
+
+The main purpose of this function is to provide finer control over a CMS
+enveloped data structure where the simpler CMS_encrypt() function defaults are
+not appropriate. For example if one or more KEKRecipientInfo structures
+need to be added. New attributes can also be added using the returned
+CMS_RecipientInfo structure and the CMS attribute utility functions.
+
+OpenSSL will by default identify recipient certificates using issuer name
+and serial number. If B<CMS_USE_KEYID> is set it will use the subject key
+identifier value instead. An error occurs if all recipient certificates do not
+have a subject key identifier extension.
+
+Currently only AES based key wrapping algorithms are supported for B<nid>,
+specifically: NID_id_aes128_wrap, NID_id_aes192_wrap and NID_id_aes256_wrap.
+If B<nid> is set to B<NID_undef> then an AES wrap algorithm will be used
+consistent with B<keylen>.
+
+=head1 RETURN VALUES
+
+CMS_add1_recipient_cert() and CMS_add0_recipient_key() return an internal
+pointer to the CMS_RecipientInfo structure just added or NULL if an error
+occurs.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_decrypt(3)|CMS_decrypt(3)>,
+L<CMS_final(3)|CMS_final(3)>,
+
+=head1 HISTORY
+
+CMS_add1_recipient_cert() and CMS_add0_recipient_key() were added to OpenSSL
+0.9.8
+
+=cut
Copied: trunk/crypto/openssl/doc/crypto/CMS_add1_signer.pod (from rev 7117, vendor-crypto/openssl/dist/doc/crypto/CMS_add1_signer.pod)
===================================================================
--- trunk/crypto/openssl/doc/crypto/CMS_add1_signer.pod (rev 0)
+++ trunk/crypto/openssl/doc/crypto/CMS_add1_signer.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,101 @@
+=pod
+
+=head1 NAME
+
+ CMS_add1_signer, CMS_SignerInfo_sign - add a signer to a CMS_ContentInfo signed data structure.
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms, X509 *signcert, EVP_PKEY *pkey, const EVP_MD *md, unsigned int flags);
+
+ int CMS_SignerInfo_sign(CMS_SignerInfo *si);
+
+
+=head1 DESCRIPTION
+
+CMS_add1_signer() adds a signer with certificate B<signcert> and private
+key B<pkey> using message digest B<md> to CMS_ContentInfo SignedData
+structure B<cms>.
+
+The CMS_ContentInfo structure should be obtained from an initial call to
+CMS_sign() with the flag B<CMS_PARTIAL> set or in the case or re-signing a
+valid CMS_ContentInfo SignedData structure.
+
+If the B<md> parameter is B<NULL> then the default digest for the public
+key algorithm will be used.
+
+Unless the B<CMS_REUSE_DIGEST> flag is set the returned CMS_ContentInfo
+structure is not complete and must be finalized either by streaming (if
+applicable) or a call to CMS_final().
+
+The CMS_SignerInfo_sign() function will explicitly sign a CMS_SignerInfo
+structure, its main use is when B<CMS_REUSE_DIGEST> and B<CMS_PARTIAL> flags
+are both set.
+
+=head1 NOTES
+
+The main purpose of CMS_add1_signer() is to provide finer control
+over a CMS signed data structure where the simpler CMS_sign() function defaults
+are not appropriate. For example if multiple signers or non default digest
+algorithms are needed. New attributes can also be added using the returned
+CMS_SignerInfo structure and the CMS attribute utility functions or the
+CMS signed receipt request functions.
+
+Any of the following flags (ored together) can be passed in the B<flags>
+parameter.
+
+If B<CMS_REUSE_DIGEST> is set then an attempt is made to copy the content
+digest value from the CMS_ContentInfo structure: to add a signer to an existing
+structure. An error occurs if a matching digest value cannot be found to copy.
+The returned CMS_ContentInfo structure will be valid and finalized when this
+flag is set.
+
+If B<CMS_PARTIAL> is set in addition to B<CMS_REUSE_DIGEST> then the
+CMS_SignerInfo structure will not be finalized so additional attributes
+can be added. In this case an explicit call to CMS_SignerInfo_sign() is
+needed to finalize it.
+
+If B<CMS_NOCERTS> is set the signer's certificate will not be included in the
+CMS_ContentInfo structure, the signer's certificate must still be supplied in
+the B<signcert> parameter though. This can reduce the size of the signature if
+the signers certificate can be obtained by other means: for example a
+previously signed message.
+
+The SignedData structure includes several CMS signedAttributes including the
+signing time, the CMS content type and the supported list of ciphers in an
+SMIMECapabilities attribute. If B<CMS_NOATTR> is set then no signedAttributes
+will be used. If B<CMS_NOSMIMECAP> is set then just the SMIMECapabilities are
+omitted.
+
+OpenSSL will by default identify signing certificates using issuer name
+and serial number. If B<CMS_USE_KEYID> is set it will use the subject key
+identifier value instead. An error occurs if the signing certificate does not
+have a subject key identifier extension.
+
+If present the SMIMECapabilities attribute indicates support for the following
+algorithms in preference order: 256 bit AES, Gost R3411-94, Gost 28147-89, 192
+bit AES, 128 bit AES, triple DES, 128 bit RC2, 64 bit RC2, DES and 40 bit RC2.
+If any of these algorithms is not available then it will not be included: for example the GOST algorithms will not be included if the GOST ENGINE is
+not loaded.
+
+CMS_add1_signer() returns an internal pointer to the CMS_SignerInfo
+structure just added, this can be used to set additional attributes
+before it is finalized.
+
+=head1 RETURN VALUES
+
+CMS_add1_signer() returns an internal pointer to the CMS_SignerInfo
+structure just added or NULL if an error occurs.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_sign(3)|CMS_sign(3)>,
+L<CMS_final(3)|CMS_final(3)>,
+
+=head1 HISTORY
+
+CMS_add1_signer() was added to OpenSSL 0.9.8
+
+=cut
Copied: trunk/crypto/openssl/doc/crypto/CMS_compress.pod (from rev 7117, vendor-crypto/openssl/dist/doc/crypto/CMS_compress.pod)
===================================================================
--- trunk/crypto/openssl/doc/crypto/CMS_compress.pod (rev 0)
+++ trunk/crypto/openssl/doc/crypto/CMS_compress.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,73 @@
+=pod
+
+=head1 NAME
+
+CMS_compress - create a CMS CompressedData structure
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ CMS_ContentInfo *CMS_compress(BIO *in, int comp_nid, unsigned int flags);
+
+=head1 DESCRIPTION
+
+CMS_compress() creates and returns a CMS CompressedData structure. B<comp_nid>
+is the compression algorithm to use or B<NID_undef> to use the default
+algorithm (zlib compression). B<in> is the content to be compressed.
+B<flags> is an optional set of flags.
+
+=head1 NOTES
+
+The only currently supported compression algorithm is zlib using the NID
+NID_zlib_compression.
+
+If zlib support is not compiled into OpenSSL then CMS_compress() will return
+an error.
+
+If the B<CMS_TEXT> flag is set MIME headers for type B<text/plain> are
+prepended to the data.
+
+Normally the supplied content is translated into MIME canonical format (as
+required by the S/MIME specifications) if B<CMS_BINARY> is set no translation
+occurs. This option should be used if the supplied data is in binary format
+otherwise the translation will corrupt it. If B<CMS_BINARY> is set then
+B<CMS_TEXT> is ignored.
+
+If the B<CMS_STREAM> flag is set a partial B<CMS_ContentInfo> structure is
+returned suitable for streaming I/O: no data is read from the BIO B<in>.
+
+The compressed data is included in the CMS_ContentInfo structure, unless
+B<CMS_DETACHED> is set in which case it is omitted. This is rarely used in
+practice and is not supported by SMIME_write_CMS().
+
+=head1 NOTES
+
+If the flag B<CMS_STREAM> is set the returned B<CMS_ContentInfo> structure is
+B<not> complete and outputting its contents via a function that does not
+properly finalize the B<CMS_ContentInfo> structure will give unpredictable
+results.
+
+Several functions including SMIME_write_CMS(), i2d_CMS_bio_stream(),
+PEM_write_bio_CMS_stream() finalize the structure. Alternatively finalization
+can be performed by obtaining the streaming ASN1 B<BIO> directly using
+BIO_new_CMS().
+
+Additional compression parameters such as the zlib compression level cannot
+currently be set.
+
+=head1 RETURN VALUES
+
+CMS_compress() returns either a CMS_ContentInfo structure or NULL if an error
+occurred. The error can be obtained from ERR_get_error(3).
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_uncompress(3)|CMS_uncompress(3)>
+
+=head1 HISTORY
+
+CMS_compress() was added to OpenSSL 0.9.8
+The B<CMS_STREAM> flag was first supported in OpenSSL 1.0.0.
+
+=cut
Copied: trunk/crypto/openssl/doc/crypto/CMS_decrypt.pod (from rev 7117, vendor-crypto/openssl/dist/doc/crypto/CMS_decrypt.pod)
===================================================================
--- trunk/crypto/openssl/doc/crypto/CMS_decrypt.pod (rev 0)
+++ trunk/crypto/openssl/doc/crypto/CMS_decrypt.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,79 @@
+=pod
+
+=head1 NAME
+
+ CMS_decrypt - decrypt content from a CMS envelopedData structure
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ int CMS_decrypt(CMS_ContentInfo *cms, EVP_PKEY *pkey, X509 *cert, BIO *dcont, BIO *out, unsigned int flags);
+
+=head1 DESCRIPTION
+
+CMS_decrypt() extracts and decrypts the content from a CMS EnvelopedData
+structure. B<pkey> is the private key of the recipient, B<cert> is the
+recipient's certificate, B<out> is a BIO to write the content to and
+B<flags> is an optional set of flags.
+
+The B<dcont> parameter is used in the rare case where the encrypted content
+is detached. It will normally be set to NULL.
+
+=head1 NOTES
+
+OpenSSL_add_all_algorithms() (or equivalent) should be called before using this
+function or errors about unknown algorithms will occur.
+
+Although the recipients certificate is not needed to decrypt the data it is
+needed to locate the appropriate (of possible several) recipients in the CMS
+structure.
+
+If B<cert> is set to NULL all possible recipients are tried. This case however
+is problematic. To thwart the MMA attack (Bleichenbacher's attack on
+PKCS #1 v1.5 RSA padding) all recipients are tried whether they succeed or
+not. If no recipient succeeds then a random symmetric key is used to decrypt
+the content: this will typically output garbage and may (but is not guaranteed
+to) ultimately return a padding error only. If CMS_decrypt() just returned an
+error when all recipient encrypted keys failed to decrypt an attacker could
+use this in a timing attack. If the special flag B<CMS_DEBUG_DECRYPT> is set
+then the above behaviour is modified and an error B<is> returned if no
+recipient encrypted key can be decrypted B<without> generating a random
+content encryption key. Applications should use this flag with
+B<extreme caution> especially in automated gateways as it can leave them
+open to attack.
+
+It is possible to determine the correct recipient key by other means (for
+example looking them up in a database) and setting them in the CMS structure
+in advance using the CMS utility functions such as CMS_set1_pkey(). In this
+case both B<cert> and B<pkey> should be set to NULL.
+
+To process KEKRecipientInfo types CMS_set1_key() or CMS_RecipientInfo_set0_key()
+and CMS_ReceipientInfo_decrypt() should be called before CMS_decrypt() and
+B<cert> and B<pkey> set to NULL.
+
+The following flags can be passed in the B<flags> parameter.
+
+If the B<CMS_TEXT> flag is set MIME headers for type B<text/plain> are deleted
+from the content. If the content is not of type B<text/plain> then an error is
+returned.
+
+=head1 RETURN VALUES
+
+CMS_decrypt() returns either 1 for success or 0 for failure.
+The error can be obtained from ERR_get_error(3)
+
+=head1 BUGS
+
+The lack of single pass processing and the need to hold all data in memory as
+mentioned in CMS_verify() also applies to CMS_decrypt().
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_encrypt(3)|CMS_encrypt(3)>
+
+=head1 HISTORY
+
+CMS_decrypt() was added to OpenSSL 0.9.8
+
+=cut
Copied: trunk/crypto/openssl/doc/crypto/CMS_encrypt.pod (from rev 7117, vendor-crypto/openssl/dist/doc/crypto/CMS_encrypt.pod)
===================================================================
--- trunk/crypto/openssl/doc/crypto/CMS_encrypt.pod (rev 0)
+++ trunk/crypto/openssl/doc/crypto/CMS_encrypt.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,96 @@
+=pod
+
+=head1 NAME
+
+ CMS_encrypt - create a CMS envelopedData structure
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ CMS_ContentInfo *CMS_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher, unsigned int flags);
+
+=head1 DESCRIPTION
+
+CMS_encrypt() creates and returns a CMS EnvelopedData structure. B<certs>
+is a list of recipient certificates. B<in> is the content to be encrypted.
+B<cipher> is the symmetric cipher to use. B<flags> is an optional set of flags.
+
+=head1 NOTES
+
+Only certificates carrying RSA keys are supported so the recipient certificates
+supplied to this function must all contain RSA public keys, though they do not
+have to be signed using the RSA algorithm.
+
+EVP_des_ede3_cbc() (triple DES) is the algorithm of choice for S/MIME use
+because most clients will support it.
+
+The algorithm passed in the B<cipher> parameter must support ASN1 encoding of
+its parameters.
+
+Many browsers implement a "sign and encrypt" option which is simply an S/MIME
+envelopedData containing an S/MIME signed message. This can be readily produced
+by storing the S/MIME signed message in a memory BIO and passing it to
+CMS_encrypt().
+
+The following flags can be passed in the B<flags> parameter.
+
+If the B<CMS_TEXT> flag is set MIME headers for type B<text/plain> are
+prepended to the data.
+
+Normally the supplied content is translated into MIME canonical format (as
+required by the S/MIME specifications) if B<CMS_BINARY> is set no translation
+occurs. This option should be used if the supplied data is in binary format
+otherwise the translation will corrupt it. If B<CMS_BINARY> is set then
+B<CMS_TEXT> is ignored.
+
+OpenSSL will by default identify recipient certificates using issuer name
+and serial number. If B<CMS_USE_KEYID> is set it will use the subject key
+identifier value instead. An error occurs if all recipient certificates do not
+have a subject key identifier extension.
+
+If the B<CMS_STREAM> flag is set a partial B<CMS_ContentInfo> structure is
+returned suitable for streaming I/O: no data is read from the BIO B<in>.
+
+If the B<CMS_PARTIAL> flag is set a partial B<CMS_ContentInfo> structure is
+returned to which additional recipients and attributes can be added before
+finalization.
+
+The data being encrypted is included in the CMS_ContentInfo structure, unless
+B<CMS_DETACHED> is set in which case it is omitted. This is rarely used in
+practice and is not supported by SMIME_write_CMS().
+
+=head1 NOTES
+
+If the flag B<CMS_STREAM> is set the returned B<CMS_ContentInfo> structure is
+B<not> complete and outputting its contents via a function that does not
+properly finalize the B<CMS_ContentInfo> structure will give unpredictable
+results.
+
+Several functions including SMIME_write_CMS(), i2d_CMS_bio_stream(),
+PEM_write_bio_CMS_stream() finalize the structure. Alternatively finalization
+can be performed by obtaining the streaming ASN1 B<BIO> directly using
+BIO_new_CMS().
+
+The recipients specified in B<certs> use a CMS KeyTransRecipientInfo info
+structure. KEKRecipientInfo is also supported using the flag B<CMS_PARTIAL>
+and CMS_add0_recipient_key().
+
+The parameter B<certs> may be NULL if B<CMS_PARTIAL> is set and recipients
+added later using CMS_add1_recipient_cert() or CMS_add0_recipient_key().
+
+=head1 RETURN VALUES
+
+CMS_encrypt() returns either a CMS_ContentInfo structure or NULL if an error
+occurred. The error can be obtained from ERR_get_error(3).
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_decrypt(3)|CMS_decrypt(3)>
+
+=head1 HISTORY
+
+CMS_decrypt() was added to OpenSSL 0.9.8
+The B<CMS_STREAM> flag was first supported in OpenSSL 1.0.0.
+
+=cut
Copied: trunk/crypto/openssl/doc/crypto/CMS_final.pod (from rev 7117, vendor-crypto/openssl/dist/doc/crypto/CMS_final.pod)
===================================================================
--- trunk/crypto/openssl/doc/crypto/CMS_final.pod (rev 0)
+++ trunk/crypto/openssl/doc/crypto/CMS_final.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,41 @@
+=pod
+
+=head1 NAME
+
+ CMS_final - finalise a CMS_ContentInfo structure
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ int CMS_final(CMS_ContentInfo *cms, BIO *data, BIO *dcont, unsigned int flags);
+
+=head1 DESCRIPTION
+
+CMS_final() finalises the structure B<cms>. It's purpose is to perform any
+operations necessary on B<cms> (digest computation for example) and set the
+appropriate fields. The parameter B<data> contains the content to be
+processed. The B<dcont> parameter contains a BIO to write content to after
+processing: this is only used with detached data and will usually be set to
+NULL.
+
+=head1 NOTES
+
+This function will normally be called when the B<CMS_PARTIAL> flag is used. It
+should only be used when streaming is not performed because the streaming
+I/O functions perform finalisation operations internally.
+
+=head1 RETURN VALUES
+
+CMS_final() returns 1 for success or 0 for failure.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_sign(3)|CMS_sign(3)>,
+L<CMS_encrypt(3)|CMS_encrypt(3)>
+
+=head1 HISTORY
+
+CMS_final() was added to OpenSSL 0.9.8
+
+=cut
Copied: trunk/crypto/openssl/doc/crypto/CMS_get0_RecipientInfos.pod (from rev 7117, vendor-crypto/openssl/dist/doc/crypto/CMS_get0_RecipientInfos.pod)
===================================================================
--- trunk/crypto/openssl/doc/crypto/CMS_get0_RecipientInfos.pod (rev 0)
+++ trunk/crypto/openssl/doc/crypto/CMS_get0_RecipientInfos.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,106 @@
+=pod
+
+=head1 NAME
+
+ CMS_get0_RecipientInfos, CMS_RecipientInfo_type, CMS_RecipientInfo_ktri_get0_signer_id,CMS_RecipientInfo_ktri_cert_cmp, CMS_RecipientInfo_set0_pkey, CMS_RecipientInfo_kekri_get0_id, CMS_RecipientInfo_kekri_id_cmp, CMS_RecipientInfo_set0_key, CMS_RecipientInfo_decrypt - CMS envelopedData RecipientInfo routines
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ STACK_OF(CMS_RecipientInfo) *CMS_get0_RecipientInfos(CMS_ContentInfo *cms);
+ int CMS_RecipientInfo_type(CMS_RecipientInfo *ri);
+
+ int CMS_RecipientInfo_ktri_get0_signer_id(CMS_RecipientInfo *ri, ASN1_OCTET_STRING **keyid, X509_NAME **issuer, ASN1_INTEGER **sno);
+ int CMS_RecipientInfo_ktri_cert_cmp(CMS_RecipientInfo *ri, X509 *cert);
+ int CMS_RecipientInfo_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pkey);
+
+ int CMS_RecipientInfo_kekri_get0_id(CMS_RecipientInfo *ri, X509_ALGOR **palg, ASN1_OCTET_STRING **pid, ASN1_GENERALIZEDTIME **pdate, ASN1_OBJECT **potherid, ASN1_TYPE **pothertype);
+ int CMS_RecipientInfo_kekri_id_cmp(CMS_RecipientInfo *ri, const unsigned char *id, size_t idlen);
+ int CMS_RecipientInfo_set0_key(CMS_RecipientInfo *ri, unsigned char *key, size_t keylen);
+
+ int CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);
+
+=head1 DESCRIPTION
+
+The function CMS_get0_RecipientInfos() returns all the CMS_RecipientInfo
+structures associated with a CMS EnvelopedData structure.
+
+CMS_RecipientInfo_type() returns the type of CMS_RecipientInfo structure B<ri>.
+It will currently return CMS_RECIPINFO_TRANS, CMS_RECIPINFO_AGREE,
+CMS_RECIPINFO_KEK, CMS_RECIPINFO_PASS, or CMS_RECIPINFO_OTHER.
+
+CMS_RecipientInfo_ktri_get0_signer_id() retrieves the certificate recipient
+identifier associated with a specific CMS_RecipientInfo structure B<ri>, which
+must be of type CMS_RECIPINFO_TRANS. Either the keyidentifier will be set in
+B<keyid> or B<both> issuer name and serial number in B<issuer> and B<sno>.
+
+CMS_RecipientInfo_ktri_cert_cmp() compares the certificate B<cert> against the
+CMS_RecipientInfo structure B<ri>, which must be of type CMS_RECIPINFO_TRANS.
+It returns zero if the comparison is successful and non zero if not.
+
+CMS_RecipientInfo_set0_pkey() associates the private key B<pkey> with
+the CMS_RecipientInfo structure B<ri>, which must be of type
+CMS_RECIPINFO_TRANS.
+
+CMS_RecipientInfo_kekri_get0_id() retrieves the key information from the
+CMS_RecipientInfo structure B<ri> which must be of type CMS_RECIPINFO_KEK. Any
+of the remaining parameters can be NULL if the application is not interested in
+the value of a field. Where a field is optional and absent NULL will be written
+to the corresponding parameter. The keyEncryptionAlgorithm field is written to
+B<palg>, the B<keyIdentifier> field is written to B<pid>, the B<date> field if
+present is written to B<pdate>, if the B<other> field is present the components
+B<keyAttrId> and B<keyAttr> are written to parameters B<potherid> and
+B<pothertype>.
+
+CMS_RecipientInfo_kekri_id_cmp() compares the ID in the B<id> and B<idlen>
+parameters against the B<keyIdentifier> CMS_RecipientInfo structure B<ri>,
+which must be of type CMS_RECIPINFO_KEK. It returns zero if the comparison is
+successful and non zero if not.
+
+CMS_RecipientInfo_set0_key() associates the symmetric key B<key> of length
+B<keylen> with the CMS_RecipientInfo structure B<ri>, which must be of type
+CMS_RECIPINFO_KEK.
+
+CMS_RecipientInfo_decrypt() attempts to decrypt CMS_RecipientInfo structure
+B<ri> in structure B<cms>. A key must have been associated with the structure
+first.
+
+=head1 NOTES
+
+The main purpose of these functions is to enable an application to lookup
+recipient keys using any appropriate technique when the simpler method
+of CMS_decrypt() is not appropriate.
+
+In typical usage and application will retrieve all CMS_RecipientInfo structures
+using CMS_get0_RecipientInfos() and check the type of each using
+CMS_RecpientInfo_type(). Depending on the type the CMS_RecipientInfo structure
+can be ignored or its key identifier data retrieved using an appropriate
+function. Then if the corresponding secret or private key can be obtained by
+any appropriate means it can then associated with the structure and
+CMS_RecpientInfo_decrypt() called. If successful CMS_decrypt() can be called
+with a NULL key to decrypt the enveloped content.
+
+=head1 RETURN VALUES
+
+CMS_get0_RecipientInfos() returns all CMS_RecipientInfo structures, or NULL if
+an error occurs.
+
+CMS_RecipientInfo_ktri_get0_signer_id(), CMS_RecipientInfo_set0_pkey(),
+CMS_RecipientInfo_kekri_get0_id(), CMS_RecipientInfo_set0_key() and
+CMS_RecipientInfo_decrypt() return 1 for success or 0 if an error occurs.
+
+CMS_RecipientInfo_ktri_cert_cmp() and CMS_RecipientInfo_kekri_cmp() return 0
+for a successful comparison and non zero otherwise.
+
+Any error can be obtained from L<ERR_get_error(3)|ERR_get_error(3)>.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_decrypt(3)|CMS_decrypt(3)>
+
+=head1 HISTORY
+
+These functions were first was added to OpenSSL 0.9.8
+
+=cut
Copied: trunk/crypto/openssl/doc/crypto/CMS_get0_SignerInfos.pod (from rev 7117, vendor-crypto/openssl/dist/doc/crypto/CMS_get0_SignerInfos.pod)
===================================================================
--- trunk/crypto/openssl/doc/crypto/CMS_get0_SignerInfos.pod (rev 0)
+++ trunk/crypto/openssl/doc/crypto/CMS_get0_SignerInfos.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,75 @@
+=pod
+
+=head1 NAME
+
+ CMS_get0_SignerInfos, CMS_SignerInfo_get0_signer_id, CMS_SignerInfo_cert_cmp, CMS_set1_signer_certs - CMS signedData signer functions.
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ STACK_OF(CMS_SignerInfo) *CMS_get0_SignerInfos(CMS_ContentInfo *cms);
+
+ int CMS_SignerInfo_get0_signer_id(CMS_SignerInfo *si, ASN1_OCTET_STRING **keyid, X509_NAME **issuer, ASN1_INTEGER **sno);
+ int CMS_SignerInfo_cert_cmp(CMS_SignerInfo *si, X509 *cert);
+ void CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo *si, X509 *signer);
+
+=head1 DESCRIPTION
+
+The function CMS_get0_SignerInfos() returns all the CMS_SignerInfo structures
+associated with a CMS signedData structure.
+
+CMS_SignerInfo_get0_signer_id() retrieves the certificate signer identifier
+associated with a specific CMS_SignerInfo structure B<si>. Either the
+keyidentifier will be set in B<keyid> or B<both> issuer name and serial number
+in B<issuer> and B<sno>.
+
+CMS_SignerInfo_cert_cmp() compares the certificate B<cert> against the signer
+identifier B<si>. It returns zero if the comparison is successful and non zero
+if not.
+
+CMS_SignerInfo_set1_signer_cert() sets the signers certificate of B<si> to
+B<signer>.
+
+=head1 NOTES
+
+The main purpose of these functions is to enable an application to lookup
+signers certificates using any appropriate technique when the simpler method
+of CMS_verify() is not appropriate.
+
+In typical usage and application will retrieve all CMS_SignerInfo structures
+using CMS_get0_SignerInfo() and retrieve the identifier information using
+CMS. It will then obtain the signer certificate by some unspecified means
+(or return and error if it cannot be found) and set it using
+CMS_SignerInfo_set1_signer_cert().
+
+Once all signer certificates have been set CMS_verify() can be used.
+
+Although CMS_get0_SignerInfos() can return NULL is an error occur B<or> if
+there are no signers this is not a problem in practice because the only
+error which can occur is if the B<cms> structure is not of type signedData
+due to application error.
+
+=head1 RETURN VALUES
+
+CMS_get0_SignerInfos() returns all CMS_SignerInfo structures, or NULL there
+are no signers or an error occurs.
+
+CMS_SignerInfo_get0_signer_id() returns 1 for success and 0 for failure.
+
+CMS_SignerInfo_cert_cmp() returns 0 for a successful comparison and non
+zero otherwise.
+
+CMS_SignerInfo_set1_signer_cert() does not return a value.
+
+Any error can be obtained from L<ERR_get_error(3)|ERR_get_error(3)>
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_verify(3)|CMS_verify(3)>
+
+=head1 HISTORY
+
+These functions were first was added to OpenSSL 0.9.8
+
+=cut
Copied: trunk/crypto/openssl/doc/crypto/CMS_get0_type.pod (from rev 7117, vendor-crypto/openssl/dist/doc/crypto/CMS_get0_type.pod)
===================================================================
--- trunk/crypto/openssl/doc/crypto/CMS_get0_type.pod (rev 0)
+++ trunk/crypto/openssl/doc/crypto/CMS_get0_type.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,77 @@
+=pod
+
+=head1 NAME
+
+ CMS_get0_type, CMS_set1_eContentType, CMS_get0_eContentType, CMS_get0_content - get and set CMS content types and content
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ const ASN1_OBJECT *CMS_get0_type(CMS_ContentInfo *cms);
+ int CMS_set1_eContentType(CMS_ContentInfo *cms, const ASN1_OBJECT *oid);
+ const ASN1_OBJECT *CMS_get0_eContentType(CMS_ContentInfo *cms);
+ ASN1_OCTET_STRING **CMS_get0_content(CMS_ContentInfo *cms);
+
+=head1 DESCRIPTION
+
+CMS_get0_type() returns the content type of a CMS_ContentInfo structure as
+and ASN1_OBJECT pointer. An application can then decide how to process the
+CMS_ContentInfo structure based on this value.
+
+CMS_set1_eContentType() sets the embedded content type of a CMS_ContentInfo
+structure. It should be called with CMS functions with the B<CMS_PARTIAL>
+flag and B<before> the structure is finalised, otherwise the results are
+undefined.
+
+ASN1_OBJECT *CMS_get0_eContentType() returns a pointer to the embedded
+content type.
+
+CMS_get0_content() returns a pointer to the B<ASN1_OCTET_STRING> pointer
+containing the embedded content.
+
+=head1 NOTES
+
+As the B<0> implies CMS_get0_type(), CMS_get0_eContentType() and
+CMS_get0_content() return internal pointers which should B<not> be freed up.
+CMS_set1_eContentType() copies the supplied OID and it B<should> be freed up
+after use.
+
+The B<ASN1_OBJECT> values returned can be converted to an integer B<NID> value
+using OBJ_obj2nid(). For the currently supported content types the following
+values are returned:
+
+ NID_pkcs7_data
+ NID_pkcs7_signed
+ NID_pkcs7_digest
+ NID_id_smime_ct_compressedData:
+ NID_pkcs7_encrypted
+ NID_pkcs7_enveloped
+
+The return value of CMS_get0_content() is a pointer to the B<ASN1_OCTET_STRING>
+content pointer. That means that for example:
+
+ ASN1_OCTET_STRING **pconf = CMS_get0_content(cms);
+
+B<*pconf> could be NULL if there is no embedded content. Applications can
+access, modify or create the embedded content in a B<CMS_ContentInfo> structure
+using this function. Applications usually will not need to modify the
+embedded content as it is normally set by higher level functions.
+
+=head1 RETURN VALUES
+
+CMS_get0_type() and CMS_get0_eContentType() return and ASN1_OBJECT structure.
+
+CMS_set1_eContentType() returns 1 for success or 0 if an error occurred. The
+error can be obtained from ERR_get_error(3).
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>
+
+=head1 HISTORY
+
+CMS_get0_type(), CMS_set1_eContentType() and CMS_get0_eContentType() were all
+first added to OpenSSL 0.9.8
+
+=cut
Copied: trunk/crypto/openssl/doc/crypto/CMS_get1_ReceiptRequest.pod (from rev 7117, vendor-crypto/openssl/dist/doc/crypto/CMS_get1_ReceiptRequest.pod)
===================================================================
--- trunk/crypto/openssl/doc/crypto/CMS_get1_ReceiptRequest.pod (rev 0)
+++ trunk/crypto/openssl/doc/crypto/CMS_get1_ReceiptRequest.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,69 @@
+=pod
+
+=head1 NAME
+
+ CMS_ReceiptRequest_create0, CMS_add1_ReceiptRequest, CMS_get1_ReceiptRequest, CMS_ReceiptRequest_get0_values - CMS signed receipt request functions.
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ CMS_ReceiptRequest *CMS_ReceiptRequest_create0(unsigned char *id, int idlen, int allorfirst, STACK_OF(GENERAL_NAMES) *receiptList, STACK_OF(GENERAL_NAMES) *receiptsTo);
+ int CMS_add1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest *rr);
+ int CMS_get1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest **prr);
+ void CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest *rr, ASN1_STRING **pcid, int *pallorfirst, STACK_OF(GENERAL_NAMES) **plist, STACK_OF(GENERAL_NAMES) **prto);
+
+=head1 DESCRIPTION
+
+CMS_ReceiptRequest_create0() creates a signed receipt request structure. The
+B<signedContentIdentifier> field is set using B<id> and B<idlen>, or it is set
+to 32 bytes of pseudo random data if B<id> is NULL. If B<receiptList> is NULL
+the allOrFirstTier option in B<receiptsFrom> is used and set to the value of
+the B<allorfirst> parameter. If B<receiptList> is not NULL the B<receiptList>
+option in B<receiptsFrom> is used. The B<receiptsTo> parameter specifies the
+B<receiptsTo> field value.
+
+The CMS_add1_ReceiptRequest() function adds a signed receipt request B<rr>
+to SignerInfo structure B<si>.
+
+int CMS_get1_ReceiptRequest() looks for a signed receipt request in B<si>, if
+any is found it is decoded and written to B<prr>.
+
+CMS_ReceiptRequest_get0_values() retrieves the values of a receipt request.
+The signedContentIdentifier is copied to B<pcid>. If the B<allOrFirstTier>
+option of B<receiptsFrom> is used its value is copied to B<pallorfirst>
+otherwise the B<receiptList> field is copied to B<plist>. The B<receiptsTo>
+parameter is copied to B<prto>.
+
+=head1 NOTES
+
+For more details of the meaning of the fields see RFC2634.
+
+The contents of a signed receipt should only be considered meaningful if the
+corresponding CMS_ContentInfo structure can be successfully verified using
+CMS_verify().
+
+=head1 RETURN VALUES
+
+CMS_ReceiptRequest_create0() returns a signed receipt request structure or
+NULL if an error occurred.
+
+CMS_add1_ReceiptRequest() returns 1 for success or 0 is an error occurred.
+
+CMS_get1_ReceiptRequest() returns 1 is a signed receipt request is found and
+decoded. It returns 0 if a signed receipt request is not present and -1 if
+it is present but malformed.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_sign(3)|CMS_sign(3)>,
+L<CMS_sign_receipt(3)|CMS_sign_receipt(3)>, L<CMS_verify(3)|CMS_verify(3)>
+L<CMS_verify_receipt(3)|CMS_verify_receipt(3)>
+
+=head1 HISTORY
+
+CMS_ReceiptRequest_create0(), CMS_add1_ReceiptRequest(),
+CMS_get1_ReceiptRequest() and CMS_ReceiptRequest_get0_values() were added to
+OpenSSL 0.9.8
+
+=cut
Copied: trunk/crypto/openssl/doc/crypto/CMS_sign.pod (from rev 7117, vendor-crypto/openssl/dist/doc/crypto/CMS_sign.pod)
===================================================================
--- trunk/crypto/openssl/doc/crypto/CMS_sign.pod (rev 0)
+++ trunk/crypto/openssl/doc/crypto/CMS_sign.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,121 @@
+=pod
+
+=head1 NAME
+
+ CMS_sign - create a CMS SignedData structure
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, BIO *data, unsigned int flags);
+
+=head1 DESCRIPTION
+
+CMS_sign() creates and returns a CMS SignedData structure. B<signcert> is
+the certificate to sign with, B<pkey> is the corresponding private key.
+B<certs> is an optional additional set of certificates to include in the CMS
+structure (for example any intermediate CAs in the chain). Any or all of
+these parameters can be B<NULL>, see B<NOTES> below.
+
+The data to be signed is read from BIO B<data>.
+
+B<flags> is an optional set of flags.
+
+=head1 NOTES
+
+Any of the following flags (ored together) can be passed in the B<flags>
+parameter.
+
+Many S/MIME clients expect the signed content to include valid MIME headers. If
+the B<CMS_TEXT> flag is set MIME headers for type B<text/plain> are prepended
+to the data.
+
+If B<CMS_NOCERTS> is set the signer's certificate will not be included in the
+CMS_ContentInfo structure, the signer's certificate must still be supplied in
+the B<signcert> parameter though. This can reduce the size of the signature if
+the signers certificate can be obtained by other means: for example a
+previously signed message.
+
+The data being signed is included in the CMS_ContentInfo structure, unless
+B<CMS_DETACHED> is set in which case it is omitted. This is used for
+CMS_ContentInfo detached signatures which are used in S/MIME plaintext signed
+messages for example.
+
+Normally the supplied content is translated into MIME canonical format (as
+required by the S/MIME specifications) if B<CMS_BINARY> is set no translation
+occurs. This option should be used if the supplied data is in binary format
+otherwise the translation will corrupt it.
+
+The SignedData structure includes several CMS signedAttributes including the
+signing time, the CMS content type and the supported list of ciphers in an
+SMIMECapabilities attribute. If B<CMS_NOATTR> is set then no signedAttributes
+will be used. If B<CMS_NOSMIMECAP> is set then just the SMIMECapabilities are
+omitted.
+
+If present the SMIMECapabilities attribute indicates support for the following
+algorithms in preference order: 256 bit AES, Gost R3411-94, Gost 28147-89, 192
+bit AES, 128 bit AES, triple DES, 128 bit RC2, 64 bit RC2, DES and 40 bit RC2.
+If any of these algorithms is not available then it will not be included: for example the GOST algorithms will not be included if the GOST ENGINE is
+not loaded.
+
+OpenSSL will by default identify signing certificates using issuer name
+and serial number. If B<CMS_USE_KEYID> is set it will use the subject key
+identifier value instead. An error occurs if the signing certificate does not
+have a subject key identifier extension.
+
+If the flags B<CMS_STREAM> is set then the returned B<CMS_ContentInfo>
+structure is just initialized ready to perform the signing operation. The
+signing is however B<not> performed and the data to be signed is not read from
+the B<data> parameter. Signing is deferred until after the data has been
+written. In this way data can be signed in a single pass.
+
+If the B<CMS_PARTIAL> flag is set a partial B<CMS_ContentInfo> structure is
+output to which additional signers and capabilities can be added before
+finalization.
+
+If the flag B<CMS_STREAM> is set the returned B<CMS_ContentInfo> structure is
+B<not> complete and outputting its contents via a function that does not
+properly finalize the B<CMS_ContentInfo> structure will give unpredictable
+results.
+
+Several functions including SMIME_write_CMS(), i2d_CMS_bio_stream(),
+PEM_write_bio_CMS_stream() finalize the structure. Alternatively finalization
+can be performed by obtaining the streaming ASN1 B<BIO> directly using
+BIO_new_CMS().
+
+If a signer is specified it will use the default digest for the signing
+algorithm. This is B<SHA1> for both RSA and DSA keys.
+
+If B<signcert> and B<pkey> are NULL then a certificates only CMS structure is
+output.
+
+The function CMS_sign() is a basic CMS signing function whose output will be
+suitable for many purposes. For finer control of the output format the
+B<certs>, B<signcert> and B<pkey> parameters can all be B<NULL> and the
+B<CMS_PARTIAL> flag set. Then one or more signers can be added using the
+function CMS_sign_add1_signer(), non default digests can be used and custom
+attributes added. B<CMS_final()> must then be called to finalize the
+structure if streaming is not enabled.
+
+=head1 BUGS
+
+Some attributes such as counter signatures are not supported.
+
+=head1 RETURN VALUES
+
+CMS_sign() returns either a valid CMS_ContentInfo structure or NULL if an error
+occurred. The error can be obtained from ERR_get_error(3).
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_verify(3)|CMS_verify(3)>
+
+=head1 HISTORY
+
+CMS_sign() was added to OpenSSL 0.9.8
+
+The B<CMS_STREAM> flag is only supported for detached data in OpenSSL 0.9.8,
+it is supported for embedded data in OpenSSL 1.0.0 and later.
+
+=cut
Copied: trunk/crypto/openssl/doc/crypto/CMS_sign_receipt.pod (from rev 7117, vendor-crypto/openssl/dist/doc/crypto/CMS_sign_receipt.pod)
===================================================================
--- trunk/crypto/openssl/doc/crypto/CMS_sign_receipt.pod (rev 0)
+++ trunk/crypto/openssl/doc/crypto/CMS_sign_receipt.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,45 @@
+=pod
+
+=head1 NAME
+
+ CMS_sign_receipt - create a CMS signed receipt
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si, X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, unsigned int flags);
+
+=head1 DESCRIPTION
+
+CMS_sign_receipt() creates and returns a CMS signed receipt structure. B<si> is
+the B<CMS_SignerInfo> structure containing the signed receipt request.
+B<signcert> is the certificate to sign with, B<pkey> is the corresponding
+private key. B<certs> is an optional additional set of certificates to include
+in the CMS structure (for example any intermediate CAs in the chain).
+
+B<flags> is an optional set of flags.
+
+=head1 NOTES
+
+This functions behaves in a similar way to CMS_sign() except the flag values
+B<CMS_DETACHED>, B<CMS_BINARY>, B<CMS_NOATTR>, B<CMS_TEXT> and B<CMS_STREAM>
+are not supported since they do not make sense in the context of signed
+receipts.
+
+=head1 RETURN VALUES
+
+CMS_sign_receipt() returns either a valid CMS_ContentInfo structure or NULL if
+an error occurred. The error can be obtained from ERR_get_error(3).
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>,
+L<CMS_verify_receipt(3)|CMS_verify_receipt(3)>,
+L<CMS_sign(3)|CMS_sign(3)>
+
+=head1 HISTORY
+
+CMS_sign_receipt() was added to OpenSSL 0.9.8
+
+=cut
Copied: trunk/crypto/openssl/doc/crypto/CMS_uncompress.pod (from rev 7117, vendor-crypto/openssl/dist/doc/crypto/CMS_uncompress.pod)
===================================================================
--- trunk/crypto/openssl/doc/crypto/CMS_uncompress.pod (rev 0)
+++ trunk/crypto/openssl/doc/crypto/CMS_uncompress.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,54 @@
+=pod
+
+=head1 NAME
+
+ CMS_uncompress - uncompress a CMS CompressedData structure
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ int CMS_uncompress(CMS_ContentInfo *cms, BIO *dcont, BIO *out, unsigned int flags);
+
+=head1 DESCRIPTION
+
+CMS_uncompress() extracts and uncompresses the content from a CMS
+CompressedData structure B<cms>. B<data> is a BIO to write the content to and
+B<flags> is an optional set of flags.
+
+The B<dcont> parameter is used in the rare case where the compressed content
+is detached. It will normally be set to NULL.
+
+=head1 NOTES
+
+The only currently supported compression algorithm is zlib: if the structure
+indicates the use of any other algorithm an error is returned.
+
+If zlib support is not compiled into OpenSSL then CMS_uncompress() will always
+return an error.
+
+The following flags can be passed in the B<flags> parameter.
+
+If the B<CMS_TEXT> flag is set MIME headers for type B<text/plain> are deleted
+from the content. If the content is not of type B<text/plain> then an error is
+returned.
+
+=head1 RETURN VALUES
+
+CMS_uncompress() returns either 1 for success or 0 for failure. The error can
+be obtained from ERR_get_error(3)
+
+=head1 BUGS
+
+The lack of single pass processing and the need to hold all data in memory as
+mentioned in CMS_verify() also applies to CMS_decompress().
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_compress(3)|CMS_compress(3)>
+
+=head1 HISTORY
+
+CMS_uncompress() was added to OpenSSL 0.9.8
+
+=cut
Copied: trunk/crypto/openssl/doc/crypto/CMS_verify.pod (from rev 7117, vendor-crypto/openssl/dist/doc/crypto/CMS_verify.pod)
===================================================================
--- trunk/crypto/openssl/doc/crypto/CMS_verify.pod (rev 0)
+++ trunk/crypto/openssl/doc/crypto/CMS_verify.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,126 @@
+=pod
+
+=head1 NAME
+
+ CMS_verify - verify a CMS SignedData structure
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs, X509_STORE *store, BIO *indata, BIO *out, unsigned int flags);
+
+ STACK_OF(X509) *CMS_get0_signers(CMS_ContentInfo *cms);
+
+=head1 DESCRIPTION
+
+CMS_verify() verifies a CMS SignedData structure. B<cms> is the CMS_ContentInfo
+structure to verify. B<certs> is a set of certificates in which to search for
+the signing certificate(s). B<store> is a trusted certificate store used for
+chain verification. B<indata> is the detached content if the content is not
+present in B<cms>. The content is written to B<out> if it is not NULL.
+
+B<flags> is an optional set of flags, which can be used to modify the verify
+operation.
+
+CMS_get0_signers() retrieves the signing certificate(s) from B<cms>, it must
+be called after a successful CMS_verify() operation.
+
+=head1 VERIFY PROCESS
+
+Normally the verify process proceeds as follows.
+
+Initially some sanity checks are performed on B<cms>. The type of B<cms> must
+be SignedData. There must be at least one signature on the data and if
+the content is detached B<indata> cannot be B<NULL>.
+
+An attempt is made to locate all the signing certificate(s), first looking in
+the B<certs> parameter (if it is not NULL) and then looking in any
+certificates contained in the B<cms> structure itself. If any signing
+certificate cannot be located the operation fails.
+
+Each signing certificate is chain verified using the B<smimesign> purpose and
+the supplied trusted certificate store. Any internal certificates in the message
+are used as untrusted CAs. If CRL checking is enabled in B<store> any internal
+CRLs are used in addition to attempting to look them up in B<store>. If any
+chain verify fails an error code is returned.
+
+Finally the signed content is read (and written to B<out> is it is not NULL)
+and the signature's checked.
+
+If all signature's verify correctly then the function is successful.
+
+Any of the following flags (ored together) can be passed in the B<flags>
+parameter to change the default verify behaviour.
+
+If B<CMS_NOINTERN> is set the certificates in the message itself are not
+searched when locating the signing certificate(s). This means that all the
+signing certificates must be in the B<certs> parameter.
+
+If B<CMS_NOCRL> is set and CRL checking is enabled in B<store> then any
+CRLs in the message itself are ignored.
+
+If the B<CMS_TEXT> flag is set MIME headers for type B<text/plain> are deleted
+from the content. If the content is not of type B<text/plain> then an error is
+returned.
+
+If B<CMS_NO_SIGNER_CERT_VERIFY> is set the signing certificates are not
+verified.
+
+If B<CMS_NO_ATTR_VERIFY> is set the signed attributes signature is not
+verified.
+
+If B<CMS_NO_CONTENT_VERIFY> is set then the content digest is not checked.
+
+=head1 NOTES
+
+One application of B<CMS_NOINTERN> is to only accept messages signed by
+a small number of certificates. The acceptable certificates would be passed
+in the B<certs> parameter. In this case if the signer is not one of the
+certificates supplied in B<certs> then the verify will fail because the
+signer cannot be found.
+
+In some cases the standard techniques for looking up and validating
+certificates are not appropriate: for example an application may wish to
+lookup certificates in a database or perform customised verification. This
+can be achieved by setting and verifying the signers certificates manually
+using the signed data utility functions.
+
+Care should be taken when modifying the default verify behaviour, for example
+setting B<CMS_NO_CONTENT_VERIFY> will totally disable all content verification
+and any modified content will be considered valid. This combination is however
+useful if one merely wishes to write the content to B<out> and its validity
+is not considered important.
+
+Chain verification should arguably be performed using the signing time rather
+than the current time. However since the signing time is supplied by the
+signer it cannot be trusted without additional evidence (such as a trusted
+timestamp).
+
+=head1 RETURN VALUES
+
+CMS_verify() returns 1 for a successful verification and zero if an error
+occurred.
+
+CMS_get0_signers() returns all signers or NULL if an error occurred.
+
+The error can be obtained from L<ERR_get_error(3)|ERR_get_error(3)>
+
+=head1 BUGS
+
+The trusted certificate store is not searched for the signing certificate,
+this is primarily due to the inadequacies of the current B<X509_STORE>
+functionality.
+
+The lack of single pass processing means that the signed content must all
+be held in memory if it is not detached.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_sign(3)|CMS_sign(3)>
+
+=head1 HISTORY
+
+CMS_verify() was added to OpenSSL 0.9.8
+
+=cut
Copied: trunk/crypto/openssl/doc/crypto/CMS_verify_receipt.pod (from rev 7117, vendor-crypto/openssl/dist/doc/crypto/CMS_verify_receipt.pod)
===================================================================
--- trunk/crypto/openssl/doc/crypto/CMS_verify_receipt.pod (rev 0)
+++ trunk/crypto/openssl/doc/crypto/CMS_verify_receipt.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,47 @@
+=pod
+
+=head1 NAME
+
+ CMS_verify_receipt - verify a CMS signed receipt
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ int CMS_verify_receipt(CMS_ContentInfo *rcms, CMS_ContentInfo *ocms, STACK_OF(X509) *certs, X509_STORE *store, unsigned int flags);
+
+=head1 DESCRIPTION
+
+CMS_verify_receipt() verifies a CMS signed receipt. B<rcms> is the signed
+receipt to verify. B<ocms> is the original SignedData structure containing the
+receipt request. B<certs> is a set of certificates in which to search for the
+signing certificate. B<store> is a trusted certificate store (used for chain
+verification).
+
+B<flags> is an optional set of flags, which can be used to modify the verify
+operation.
+
+=head1 NOTES
+
+This functions behaves in a similar way to CMS_verify() except the flag values
+B<CMS_DETACHED>, B<CMS_BINARY>, B<CMS_TEXT> and B<CMS_STREAM> are not
+supported since they do not make sense in the context of signed receipts.
+
+=head1 RETURN VALUES
+
+CMS_verify_receipt() returns 1 for a successful verification and zero if an
+error occurred.
+
+The error can be obtained from L<ERR_get_error(3)|ERR_get_error(3)>
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>,
+L<CMS_sign_receipt(3)|CMS_sign_receipt(3)>,
+L<CMS_verify(3)|CMS_verify(3)>,
+
+=head1 HISTORY
+
+CMS_verify_receipt() was added to OpenSSL 0.9.8
+
+=cut
Modified: trunk/crypto/openssl/doc/crypto/CONF_modules_load_file.pod
===================================================================
--- trunk/crypto/openssl/doc/crypto/CONF_modules_load_file.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/crypto/CONF_modules_load_file.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -9,9 +9,9 @@
#include <openssl/conf.h>
int CONF_modules_load_file(const char *filename, const char *appname,
- unsigned long flags);
+ unsigned long flags);
int CONF_modules_load(const CONF *cnf, const char *appname,
- unsigned long flags);
+ unsigned long flags);
=head1 DESCRIPTION
@@ -22,7 +22,7 @@
The behaviour can be cutomized using B<flags>.
CONF_modules_load() is idential to CONF_modules_load_file() except it
-read configuration information from B<cnf>.
+reads configuration information from B<cnf>.
=head1 NOTES
@@ -30,7 +30,7 @@
B<CONF_MFLAGS_IGNORE_ERRORS> if set errors returned by individual
configuration modules are ignored. If not set the first module error is
-considered fatal and no further modules are loads.
+considered fatal and no further modules are loaded.
Normally any modules errors will add error information to the error queue. If
B<CONF_MFLAGS_SILENT> is set no error information is added.
@@ -42,8 +42,85 @@
ignore missing configuration files. Normally a missing configuration file
return an error.
-=head1 RETURN VALUE
+B<CONF_MFLAGS_DEFAULT_SECTION> if set and B<appname> is not NULL will use the
+default section pointed to by B<openssl_conf> if B<appname> does not exist.
+Applications should call these functions after loading builtin modules using
+OPENSSL_load_builtin_modules(), any ENGINEs for example using
+ENGINE_load_builtin_engines(), any algorithms for example
+OPENSSL_add_all_algorithms() and (if the application uses libssl)
+SSL_library_init().
+
+By using CONF_modules_load_file() with appropriate flags an application can
+customise application configuration to best suit its needs. In some cases the
+use of a configuration file is optional and its absence is not an error: in
+this case B<CONF_MFLAGS_IGNORE_MISSING_FILE> would be set.
+
+Errors during configuration may also be handled differently by different
+applications. For example in some cases an error may simply print out a warning
+message and the application continue. In other cases an application might
+consider a configuration file error as fatal and exit immediately.
+
+Applications can use the CONF_modules_load() function if they wish to load a
+configuration file themselves and have finer control over how errors are
+treated.
+
+=head1 EXAMPLES
+
+Load a configuration file and print out any errors and exit (missing file
+considered fatal):
+
+ if (CONF_modules_load_file(NULL, NULL, 0) <= 0) {
+ fprintf(stderr, "FATAL: error loading configuration file\n");
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
+Load default configuration file using the section indicated by "myapp",
+tolerate missing files, but exit on other errors:
+
+ if (CONF_modules_load_file(NULL, "myapp",
+ CONF_MFLAGS_IGNORE_MISSING_FILE) <= 0) {
+ fprintf(stderr, "FATAL: error loading configuration file\n");
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
+Load custom configuration file and section, only print warnings on error,
+missing configuration file ignored:
+
+ if (CONF_modules_load_file("/something/app.cnf", "myapp",
+ CONF_MFLAGS_IGNORE_MISSING_FILE) <= 0) {
+ fprintf(stderr, "WARNING: error loading configuration file\n");
+ ERR_print_errors_fp(stderr);
+ }
+
+Load and parse configuration file manually, custom error handling:
+
+ FILE *fp;
+ CONF *cnf = NULL;
+ long eline;
+ fp = fopen("/somepath/app.cnf", "r");
+ if (fp == NULL) {
+ fprintf(stderr, "Error opening configuration file\n");
+ /* Other missing configuration file behaviour */
+ } else {
+ cnf = NCONF_new(NULL);
+ if (NCONF_load_fp(cnf, fp, &eline) == 0) {
+ fprintf(stderr, "Error on line %ld of configuration file\n", eline);
+ ERR_print_errors_fp(stderr);
+ /* Other malformed configuration file behaviour */
+ } else if (CONF_modules_load(cnf, "appname", 0) <= 0) {
+ fprintf(stderr, "Error configuring application\n");
+ ERR_print_errors_fp(stderr);
+ /* Other configuration error behaviour */
+ }
+ fclose(fp);
+ NCONF_free(cnf);
+ }
+
+=head1 RETURN VALUES
+
These functions return 1 for success and a zero or negative value for
failure. If module errors are not ignored the return code will reflect the
return value of the failing module (this will always be zero or negative).
Modified: trunk/crypto/openssl/doc/crypto/DSA_get_ex_new_index.pod
===================================================================
--- trunk/crypto/openssl/doc/crypto/DSA_get_ex_new_index.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/crypto/DSA_get_ex_new_index.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -6,7 +6,7 @@
=head1 SYNOPSIS
- #include <openssl/DSA.h>
+ #include <openssl/dsa.h>
int DSA_get_ex_new_index(long argl, void *argp,
CRYPTO_EX_new *new_func,
Modified: trunk/crypto/openssl/doc/crypto/EVP_BytesToKey.pod
===================================================================
--- trunk/crypto/openssl/doc/crypto/EVP_BytesToKey.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/crypto/EVP_BytesToKey.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -17,7 +17,7 @@
EVP_BytesToKey() derives a key and IV from various parameters. B<type> is
the cipher to derive the key and IV for. B<md> is the message digest to use.
-The B<salt> paramter is used as a salt in the derivation: it should point to
+The B<salt> parameter is used as a salt in the derivation: it should point to
an 8 byte buffer or NULL if no salt is used. B<data> is a buffer containing
B<datal> bytes which is used to derive the keying data. B<count> is the
iteration count to use. The derived key and IV will be written to B<key>
Modified: trunk/crypto/openssl/doc/crypto/EVP_DigestInit.pod
===================================================================
--- trunk/crypto/openssl/doc/crypto/EVP_DigestInit.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/crypto/EVP_DigestInit.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -6,7 +6,8 @@
EVP_DigestFinal_ex, EVP_MD_CTX_cleanup, EVP_MD_CTX_destroy, EVP_MAX_MD_SIZE,
EVP_MD_CTX_copy_ex, EVP_MD_CTX_copy, EVP_MD_type, EVP_MD_pkey_type, EVP_MD_size,
EVP_MD_block_size, EVP_MD_CTX_md, EVP_MD_CTX_size, EVP_MD_CTX_block_size, EVP_MD_CTX_type,
-EVP_md_null, EVP_md2, EVP_md5, EVP_sha, EVP_sha1, EVP_dss, EVP_dss1, EVP_mdc2,
+EVP_md_null, EVP_md2, EVP_md5, EVP_sha, EVP_sha1, EVP_sha224, EVP_sha256,
+EVP_sha384, EVP_sha512, EVP_dss, EVP_dss1, EVP_mdc2,
EVP_ripemd160, EVP_get_digestbyname, EVP_get_digestbynid, EVP_get_digestbyobj -
EVP digest routines
@@ -25,24 +26,23 @@
int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx);
void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx);
- int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out,const EVP_MD_CTX *in);
+ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out,const EVP_MD_CTX *in);
int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md,
unsigned int *s);
- int EVP_MD_CTX_copy(EVP_MD_CTX *out,EVP_MD_CTX *in);
+ int EVP_MD_CTX_copy(EVP_MD_CTX *out,EVP_MD_CTX *in);
- #define EVP_MAX_MD_SIZE (16+20) /* The SSLv3 md5+sha1 type */
+ #define EVP_MAX_MD_SIZE 64 /* SHA512 */
+ int EVP_MD_type(const EVP_MD *md);
+ int EVP_MD_pkey_type(const EVP_MD *md);
+ int EVP_MD_size(const EVP_MD *md);
+ int EVP_MD_block_size(const EVP_MD *md);
- #define EVP_MD_type(e) ((e)->type)
- #define EVP_MD_pkey_type(e) ((e)->pkey_type)
- #define EVP_MD_size(e) ((e)->md_size)
- #define EVP_MD_block_size(e) ((e)->block_size)
-
- #define EVP_MD_CTX_md(e) (e)->digest)
- #define EVP_MD_CTX_size(e) EVP_MD_size((e)->digest)
+ const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx);
+ #define EVP_MD_CTX_size(e) EVP_MD_size(EVP_MD_CTX_md(e))
#define EVP_MD_CTX_block_size(e) EVP_MD_block_size((e)->digest)
#define EVP_MD_CTX_type(e) EVP_MD_type((e)->digest)
@@ -56,6 +56,11 @@
const EVP_MD *EVP_mdc2(void);
const EVP_MD *EVP_ripemd160(void);
+ const EVP_MD *EVP_sha224(void);
+ const EVP_MD *EVP_sha256(void);
+ const EVP_MD *EVP_sha384(void);
+ const EVP_MD *EVP_sha512(void);
+
const EVP_MD *EVP_get_digestbyname(const char *name);
#define EVP_get_digestbynid(a) EVP_get_digestbyname(OBJ_nid2sn(a))
#define EVP_get_digestbyobj(a) EVP_get_digestbynid(OBJ_obj2nid(a))
@@ -124,15 +129,19 @@
EVP_MD_pkey_type() returns the NID of the public key signing algorithm associated
with this digest. For example EVP_sha1() is associated with RSA so this will
-return B<NID_sha1WithRSAEncryption>. This "link" between digests and signature
-algorithms may not be retained in future versions of OpenSSL.
+return B<NID_sha1WithRSAEncryption>. Since digests and signature algorithms
+are no longer linked this function is only retained for compatibility
+reasons.
-EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(), EVP_mdc2() and EVP_ripemd160()
-return B<EVP_MD> structures for the MD2, MD5, SHA, SHA1, MDC2 and RIPEMD160 digest
-algorithms respectively. The associated signature algorithm is RSA in each case.
+EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(), EVP_sha224(), EVP_sha256(),
+EVP_sha384(), EVP_sha512(), EVP_mdc2() and EVP_ripemd160() return B<EVP_MD>
+structures for the MD2, MD5, SHA, SHA1, SHA224, SHA256, SHA384, SHA512, MDC2
+and RIPEMD160 digest algorithms respectively.
EVP_dss() and EVP_dss1() return B<EVP_MD> structures for SHA and SHA1 digest
-algorithms but using DSS (DSA) for the signature algorithm.
+algorithms but using DSS (DSA) for the signature algorithm. Note: there is
+no need to use these pseudo-digests in OpenSSL 1.0.0 and later, they are
+however retained for compatibility.
EVP_md_null() is a "null" message digest that does nothing: i.e. the hash it
returns is of zero length.
@@ -152,9 +161,8 @@
EVP_MD_type(), EVP_MD_pkey_type() and EVP_MD_type() return the NID of the
corresponding OBJECT IDENTIFIER or NID_undef if none exists.
-EVP_MD_size(), EVP_MD_block_size(), EVP_MD_CTX_size(e), EVP_MD_size(),
-EVP_MD_CTX_block_size() and EVP_MD_block_size() return the digest or block
-size in bytes.
+EVP_MD_size(), EVP_MD_block_size(), EVP_MD_CTX_size() and
+EVP_MD_CTX_block_size() return the digest or block size in bytes.
EVP_md_null(), EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(), EVP_dss(),
EVP_dss1(), EVP_mdc2() and EVP_ripemd160() return pointers to the
@@ -169,22 +177,35 @@
preference to the low level interfaces. This is because the code then becomes
transparent to the digest used and much more flexible.
-SHA1 is the digest of choice for new applications. The other digest algorithms
-are still in common use.
+New applications should use the SHA2 digest algorithms such as SHA256.
+The other digest algorithms are still in common use.
For most applications the B<impl> parameter to EVP_DigestInit_ex() will be
set to NULL to use the default digest implementation.
-The functions EVP_DigestInit(), EVP_DigestFinal() and EVP_MD_CTX_copy() are
+The functions EVP_DigestInit(), EVP_DigestFinal() and EVP_MD_CTX_copy() are
obsolete but are retained to maintain compatibility with existing code. New
-applications should use EVP_DigestInit_ex(), EVP_DigestFinal_ex() and
+applications should use EVP_DigestInit_ex(), EVP_DigestFinal_ex() and
EVP_MD_CTX_copy_ex() because they can efficiently reuse a digest context
instead of initializing and cleaning it up on each call and allow non default
implementations of digests to be specified.
In OpenSSL 0.9.7 and later if digest contexts are not cleaned up after use
-memory leaks will occur.
+memory leaks will occur.
+Stack allocation of EVP_MD_CTX structures is common, for example:
+
+ EVP_MD_CTX mctx;
+ EVP_MD_CTX_init(&mctx);
+
+This will cause binary compatibility issues if the size of EVP_MD_CTX
+structure changes (this will only happen with a major release of OpenSSL).
+Applications wishing to avoid this should use EVP_MD_CTX_create() instead:
+
+ EVP_MD_CTX *mctx;
+ mctx = EVP_MD_CTX_create();
+
+
=head1 EXAMPLE
This example digests the data "Test Message\n" and "Hello World\n", using the
@@ -195,7 +216,7 @@
main(int argc, char *argv[])
{
- EVP_MD_CTX mdctx;
+ EVP_MD_CTX *mdctx;
const EVP_MD *md;
char mess1[] = "Test Message\n";
char mess2[] = "Hello World\n";
@@ -216,29 +237,27 @@
exit(1);
}
- EVP_MD_CTX_init(&mdctx);
- EVP_DigestInit_ex(&mdctx, md, NULL);
- EVP_DigestUpdate(&mdctx, mess1, strlen(mess1));
- EVP_DigestUpdate(&mdctx, mess2, strlen(mess2));
- EVP_DigestFinal_ex(&mdctx, md_value, &md_len);
- EVP_MD_CTX_cleanup(&mdctx);
+ mdctx = EVP_MD_CTX_create();
+ EVP_DigestInit_ex(mdctx, md, NULL);
+ EVP_DigestUpdate(mdctx, mess1, strlen(mess1));
+ EVP_DigestUpdate(mdctx, mess2, strlen(mess2));
+ EVP_DigestFinal_ex(mdctx, md_value, &md_len);
+ EVP_MD_CTX_destroy(mdctx);
printf("Digest is: ");
- for(i = 0; i < md_len; i++) printf("%02x", md_value[i]);
+ for(i = 0; i < md_len; i++)
+ printf("%02x", md_value[i]);
printf("\n");
+
+ /* Call this once before exit. */
+ EVP_cleanup();
+ exit(0);
}
-=head1 BUGS
-
-The link between digests and signing algorithms results in a situation where
-EVP_sha1() must be used with RSA and EVP_dss1() must be used with DSS
-even though they are identical digests.
-
=head1 SEE ALSO
-L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>,
-L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>,
-L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)>
+L<dgst(1)|dgst(1)>,
+L<evp(3)|evp(3)>
=head1 HISTORY
@@ -253,4 +272,11 @@
EVP_dss(), EVP_dss1(), EVP_mdc2() and EVP_ripemd160() were
changed to return truely const EVP_MD * in OpenSSL 0.9.7.
+The link between digests and signing algorithms was fixed in OpenSSL 1.0 and
+later, so now EVP_sha1() can be used with RSA and DSA; there is no need to
+use EVP_dss1() any more.
+
+OpenSSL 1.0 and later does not include the MD2 digest algorithm in the
+default configuration due to its security weaknesses.
+
=cut
Copied: trunk/crypto/openssl/doc/crypto/EVP_DigestSignInit.pod (from rev 7117, vendor-crypto/openssl/dist/doc/crypto/EVP_DigestSignInit.pod)
===================================================================
--- trunk/crypto/openssl/doc/crypto/EVP_DigestSignInit.pod (rev 0)
+++ trunk/crypto/openssl/doc/crypto/EVP_DigestSignInit.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,87 @@
+=pod
+
+=head1 NAME
+
+EVP_DigestSignInit, EVP_DigestSignUpdate, EVP_DigestSignFinal - EVP signing functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
+ const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
+ int EVP_DigestSignUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
+ int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen);
+
+=head1 DESCRIPTION
+
+The EVP signature routines are a high level interface to digital signatures.
+
+EVP_DigestSignInit() sets up signing context B<ctx> to use digest B<type> from
+ENGINE B<impl> and private key B<pkey>. B<ctx> must be initialized with
+EVP_MD_CTX_init() before calling this function. If B<pctx> is not NULL the
+EVP_PKEY_CTX of the signing operation will be written to B<*pctx>: this can
+be used to set alternative signing options.
+
+EVP_DigestSignUpdate() hashes B<cnt> bytes of data at B<d> into the
+signature context B<ctx>. This function can be called several times on the
+same B<ctx> to include additional data. This function is currently implemented
+usig a macro.
+
+EVP_DigestSignFinal() signs the data in B<ctx> places the signature in B<sig>.
+If B<sig> is B<NULL> then the maximum size of the output buffer is written to
+the B<siglen> parameter. If B<sig> is not B<NULL> then before the call the
+B<siglen> parameter should contain the length of the B<sig> buffer, if the
+call is successful the signature is written to B<sig> and the amount of data
+written to B<siglen>.
+
+=head1 RETURN VALUES
+
+EVP_DigestSignInit() EVP_DigestSignUpdate() and EVP_DigestSignaFinal() return
+1 for success and 0 or a negative value for failure. In particular a return
+value of -2 indicates the operation is not supported by the public key
+algorithm.
+
+The error codes can be obtained from L<ERR_get_error(3)|ERR_get_error(3)>.
+
+=head1 NOTES
+
+The B<EVP> interface to digital signatures should almost always be used in
+preference to the low level interfaces. This is because the code then becomes
+transparent to the algorithm used and much more flexible.
+
+In previous versions of OpenSSL there was a link between message digest types
+and public key algorithms. This meant that "clone" digests such as EVP_dss1()
+needed to be used to sign using SHA1 and DSA. This is no longer necessary and
+the use of clone digest is now discouraged.
+
+For some key types and parameters the random number generator must be seeded
+or the operation will fail.
+
+The call to EVP_DigestSignFinal() internally finalizes a copy of the digest
+context. This means that calls to EVP_DigestSignUpdate() and
+EVP_DigestSignFinal() can be called later to digest and sign additional data.
+
+Since only a copy of the digest context is ever finalized the context must
+be cleaned up after use by calling EVP_MD_CTX_cleanup() or a memory leak
+will occur.
+
+The use of EVP_PKEY_size() with these functions is discouraged because some
+signature operations may have a signature length which depends on the
+parameters set. As a result EVP_PKEY_size() would have to return a value
+which indicates the maximum possible signature for any set of parameters.
+
+=head1 SEE ALSO
+
+L<EVP_DigestVerifyInit(3)|EVP_DigestVerifyInit(3)>,
+L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<err(3)|err(3)>,
+L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>,
+L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>,
+L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)>
+
+=head1 HISTORY
+
+EVP_DigestSignInit(), EVP_DigestSignUpdate() and EVP_DigestSignFinal()
+were first added to OpenSSL 1.0.0.
+
+=cut
Copied: trunk/crypto/openssl/doc/crypto/EVP_DigestVerifyInit.pod (from rev 7117, vendor-crypto/openssl/dist/doc/crypto/EVP_DigestVerifyInit.pod)
===================================================================
--- trunk/crypto/openssl/doc/crypto/EVP_DigestVerifyInit.pod (rev 0)
+++ trunk/crypto/openssl/doc/crypto/EVP_DigestVerifyInit.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,82 @@
+=pod
+
+=head1 NAME
+
+EVP_DigestVerifyInit, EVP_DigestVerifyUpdate, EVP_DigestVerifyFinal - EVP signature verification functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
+ const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
+ int EVP_DigestVerifyUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
+ int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, unsigned char *sig, size_t siglen);
+
+=head1 DESCRIPTION
+
+The EVP signature routines are a high level interface to digital signatures.
+
+EVP_DigestVerifyInit() sets up verification context B<ctx> to use digest
+B<type> from ENGINE B<impl> and public key B<pkey>. B<ctx> must be initialized
+with EVP_MD_CTX_init() before calling this function. If B<pctx> is not NULL the
+EVP_PKEY_CTX of the verification operation will be written to B<*pctx>: this
+can be used to set alternative verification options.
+
+EVP_DigestVerifyUpdate() hashes B<cnt> bytes of data at B<d> into the
+verification context B<ctx>. This function can be called several times on the
+same B<ctx> to include additional data. This function is currently implemented
+using a macro.
+
+EVP_DigestVerifyFinal() verifies the data in B<ctx> against the signature in
+B<sig> of length B<siglen>.
+
+=head1 RETURN VALUES
+
+EVP_DigestVerifyInit() and EVP_DigestVerifyUpdate() return 1 for success and 0
+or a negative value for failure. In particular a return value of -2 indicates
+the operation is not supported by the public key algorithm.
+
+Unlike other functions the return value 0 from EVP_DigestVerifyFinal() only
+indicates that the signature did not verify successfully (that is tbs did
+not match the original data or the signature was of invalid form) it is not an
+indication of a more serious error.
+
+The error codes can be obtained from L<ERR_get_error(3)|ERR_get_error(3)>.
+
+=head1 NOTES
+
+The B<EVP> interface to digital signatures should almost always be used in
+preference to the low level interfaces. This is because the code then becomes
+transparent to the algorithm used and much more flexible.
+
+In previous versions of OpenSSL there was a link between message digest types
+and public key algorithms. This meant that "clone" digests such as EVP_dss1()
+needed to be used to sign using SHA1 and DSA. This is no longer necessary and
+the use of clone digest is now discouraged.
+
+For some key types and parameters the random number generator must be seeded
+or the operation will fail.
+
+The call to EVP_DigestVerifyFinal() internally finalizes a copy of the digest
+context. This means that EVP_VerifyUpdate() and EVP_VerifyFinal() can
+be called later to digest and verify additional data.
+
+Since only a copy of the digest context is ever finalized the context must
+be cleaned up after use by calling EVP_MD_CTX_cleanup() or a memory leak
+will occur.
+
+=head1 SEE ALSO
+
+L<EVP_DigestSignInit(3)|EVP_DigestSignInit(3)>,
+L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<err(3)|err(3)>,
+L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>,
+L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>,
+L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)>
+
+=head1 HISTORY
+
+EVP_DigestVerifyInit(), EVP_DigestVerifyUpdate() and EVP_DigestVerifyFinal()
+were first added to OpenSSL 1.0.0.
+
+=cut
Modified: trunk/crypto/openssl/doc/crypto/EVP_EncryptInit.pod
===================================================================
--- trunk/crypto/openssl/doc/crypto/EVP_EncryptInit.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/crypto/EVP_EncryptInit.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -115,7 +115,7 @@
multiple times to encrypt successive blocks of data. The amount
of data written depends on the block alignment of the encrypted data:
as a result the amount of data written may be anything from zero bytes
-to (inl + cipher_block_size - 1) so B<outl> should contain sufficient
+to (inl + cipher_block_size - 1) so B<out> should contain sufficient
room. The actual number of bytes written is placed in B<outl>.
If padding is enabled (the default) then EVP_EncryptFinal_ex() encrypts
@@ -152,7 +152,7 @@
EVP_EncryptInit(), EVP_DecryptInit() and EVP_CipherInit() behave in a
similar way to EVP_EncryptInit_ex(), EVP_DecryptInit_ex and
-EVP_CipherInit_ex() except the B<ctx> paramter does not need to be
+EVP_CipherInit_ex() except the B<ctx> parameter does not need to be
initialized and they always use the default cipher implementation.
EVP_EncryptFinal(), EVP_DecryptFinal() and EVP_CipherFinal() behave in a
@@ -344,7 +344,10 @@
Where possible the B<EVP> interface to symmetric ciphers should be used in
preference to the low level interfaces. This is because the code then becomes
-transparent to the cipher used and much more flexible.
+transparent to the cipher used and much more flexible. Additionally, the
+B<EVP> interface will ensure the use of platform specific cryptographic
+acceleration such as AES-NI (the low level interfaces do not provide the
+guarantee).
PKCS padding works by adding B<n> padding bytes of value B<n> to make the total
length of the encrypted data a multiple of the block size. Padding is always
@@ -384,28 +387,8 @@
=head1 EXAMPLES
-Get the number of rounds used in RC5:
+Encrypt a string using IDEA:
- int nrounds;
- EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GET_RC5_ROUNDS, 0, &nrounds);
-
-Get the RC2 effective key length:
-
- int key_bits;
- EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GET_RC2_KEY_BITS, 0, &key_bits);
-
-Set the number of rounds used in RC5:
-
- int nrounds;
- EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_SET_RC5_ROUNDS, nrounds, NULL);
-
-Set the effective key length used in RC2:
-
- int key_bits;
- EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_SET_RC2_KEY_BITS, key_bits, NULL);
-
-Encrypt a string using blowfish:
-
int do_crypt(char *outfile)
{
unsigned char outbuf[1024];
@@ -418,8 +401,9 @@
char intext[] = "Some Crypto Text";
EVP_CIPHER_CTX ctx;
FILE *out;
+
EVP_CIPHER_CTX_init(&ctx);
- EVP_EncryptInit_ex(&ctx, EVP_bf_cbc(), NULL, key, iv);
+ EVP_EncryptInit_ex(&ctx, EVP_idea_cbc(), NULL, key, iv);
if(!EVP_EncryptUpdate(&ctx, outbuf, &outlen, intext, strlen(intext)))
{
@@ -448,28 +432,34 @@
}
The ciphertext from the above example can be decrypted using the B<openssl>
-utility with the command line:
+utility with the command line (shown on two lines for clarity):
- S<openssl bf -in cipher.bin -K 000102030405060708090A0B0C0D0E0F -iv 0102030405060708 -d>
+ openssl idea -d <filename
+ -K 000102030405060708090A0B0C0D0E0F -iv 0102030405060708
-General encryption, decryption function example using FILE I/O and RC2 with an
-80 bit key:
+General encryption and decryption function example using FILE I/O and AES128
+with a 128-bit key:
int do_crypt(FILE *in, FILE *out, int do_encrypt)
{
/* Allow enough space in output buffer for additional block */
- inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
+ unsigned char inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
int inlen, outlen;
+ EVP_CIPHER_CTX ctx;
/* Bogus key and IV: we'd normally set these from
* another source.
*/
- unsigned char key[] = "0123456789";
- unsigned char iv[] = "12345678";
- /* Don't set key or IV because we will modify the parameters */
+ unsigned char key[] = "0123456789abcdeF";
+ unsigned char iv[] = "1234567887654321";
+
+ /* Don't set key or IV right away; we want to check lengths */
EVP_CIPHER_CTX_init(&ctx);
- EVP_CipherInit_ex(&ctx, EVP_rc2(), NULL, NULL, NULL, do_encrypt);
- EVP_CIPHER_CTX_set_key_length(&ctx, 10);
- /* We finished modifying parameters so now we can set key and IV */
+ EVP_CipherInit_ex(&ctx, EVP_aes_128_cbc(), NULL, NULL, NULL,
+ do_encrypt);
+ OPENSSL_assert(EVP_CIPHER_CTX_key_length(&ctx) == 16);
+ OPENSSL_assert(EVP_CIPHER_CTX_iv_length(&ctx) == 16);
+
+ /* Now we can set key and IV */
EVP_CipherInit_ex(&ctx, NULL, NULL, key, iv, do_encrypt);
for(;;)
@@ -508,4 +498,7 @@
EVP_CipherFinal_ex() and EVP_CIPHER_CTX_set_padding() appeared in
OpenSSL 0.9.7.
+IDEA appeared in OpenSSL 0.9.7 but was often disabled due to
+patent concerns; the last patents expired in 2012.
+
=cut
Copied: trunk/crypto/openssl/doc/crypto/EVP_PKEY_CTX_ctrl.pod (from rev 7117, vendor-crypto/openssl/dist/doc/crypto/EVP_PKEY_CTX_ctrl.pod)
===================================================================
--- trunk/crypto/openssl/doc/crypto/EVP_PKEY_CTX_ctrl.pod (rev 0)
+++ trunk/crypto/openssl/doc/crypto/EVP_PKEY_CTX_ctrl.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,128 @@
+=pod
+
+=head1 NAME
+
+EVP_PKEY_ctrl, EVP_PKEY_ctrl_str - algorithm specific control operations
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+ int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+ const char *value);
+
+ int EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid);
+
+ #include <openssl/rsa.h>
+
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_rsa_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+
+ #include <openssl/dsa.h>
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+
+ #include <openssl/dh.h>
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+
+ #include <openssl/ec.h>
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+
+=head1 DESCRIPTION
+
+The function EVP_PKEY_CTX_ctrl() sends a control operation to the context
+B<ctx>. The key type used must match B<keytype> if it is not -1. The parameter
+B<optype> is a mask indicating which operations the control can be applied to.
+The control command is indicated in B<cmd> and any additional arguments in
+B<p1> and B<p2>.
+
+Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will
+instead call one of the algorithm specific macros below.
+
+The function EVP_PKEY_ctrl_str() allows an application to send an algorithm
+specific control operation to a context B<ctx> in string form. This is
+intended to be used for options specified on the command line or in text
+files. The commands supported are documented in the openssl utility
+command line pages for the option B<-pkeyopt> which is supported by the
+B<pkeyutl>, B<genpkey> and B<req> commands.
+
+All the remaining "functions" are implemented as macros.
+
+The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used
+in a signature. It can be used with any public key algorithm supporting
+signature operations.
+
+The macro EVP_PKEY_CTX_set_rsa_padding() sets the RSA padding mode for B<ctx>.
+The B<pad> parameter can take the value RSA_PKCS1_PADDING for PKCS#1 padding,
+RSA_SSLV23_PADDING for SSLv23 padding, RSA_NO_PADDING for no padding,
+RSA_PKCS1_OAEP_PADDING for OAEP padding (encrypt and decrypt only),
+RSA_X931_PADDING for X9.31 padding (signature operations only) and
+RSA_PKCS1_PSS_PADDING (sign and verify only).
+
+Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md()
+is used. If this macro is called for PKCS#1 padding the plaintext buffer is
+an actual digest value and is encapsulated in a DigestInfo structure according
+to PKCS#1 when signing and this structure is expected (and stripped off) when
+verifying. If this control is not used with RSA and PKCS#1 padding then the
+supplied data is used directly and not encapsulated. In the case of X9.31
+padding for RSA the algorithm identifier byte is added or checked and removed
+if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.
+
+The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to
+B<len> as its name implies it is only supported for PSS padding. Two special
+values are supported: -1 sets the salt length to the digest length. When
+signing -2 sets the salt length to the maximum permissible value. When
+verifying -2 causes the salt length to be automatically determined based on the
+B<PSS> block structure. If this macro is not called a salt length value of -2
+is used by default.
+
+The EVP_PKEY_CTX_set_rsa_rsa_keygen_bits() macro sets the RSA key length for
+RSA key genration to B<bits>. If not specified 1024 bits is used.
+
+The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value
+for RSA key generation to B<pubexp> currently it should be an odd integer. The
+B<pubexp> pointer is used internally by this function so it should not be
+modified or free after the call. If this macro is not called then 65537 is used.
+
+The macro EVP_PKEY_CTX_set_dsa_paramgen_bits() sets the number of bits used
+for DSA parameter generation to B<bits>. If not specified 1024 is used.
+
+The macro EVP_PKEY_CTX_set_dh_paramgen_prime_len() sets the length of the DH
+prime parameter B<p> for DH parameter generation. If this macro is not called
+then 1024 is used.
+
+The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to B<gen>
+for DH parameter generation. If not specified 2 is used.
+
+The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter
+generation to B<nid>. For EC parameter generation this macro must be called
+or an error occurs because there is no default curve.
+
+=head1 RETURN VALUES
+
+EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0
+or a negative value for failure. In particular a return value of -2
+indicates the operation is not supported by the public key algorithm.
+
+=head1 SEE ALSO
+
+L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
+L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>,
+L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
+L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
+L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
+L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>,
+L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>
+L<EVP_PKEY_keygen(3)|EVP_PKEY_keygen(3)>
+
+=head1 HISTORY
+
+These functions were first added to OpenSSL 1.0.0.
+
+=cut
Copied: trunk/crypto/openssl/doc/crypto/EVP_PKEY_CTX_new.pod (from rev 7117, vendor-crypto/openssl/dist/doc/crypto/EVP_PKEY_CTX_new.pod)
===================================================================
--- trunk/crypto/openssl/doc/crypto/EVP_PKEY_CTX_new.pod (rev 0)
+++ trunk/crypto/openssl/doc/crypto/EVP_PKEY_CTX_new.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,52 @@
+=pod
+
+=head1 NAME
+
+EVP_PKEY_CTX_new, EVP_PKEY_CTX_new_id, EVP_PKEY_CTX_dup, EVP_PKEY_CTX_free - public key algorithm context functions.
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e);
+ EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e);
+ EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *ctx);
+ void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx);
+
+=head1 DESCRIPTION
+
+The EVP_PKEY_CTX_new() function allocates public key algorithm context using
+the algorithm specified in B<pkey> and ENGINE B<e>.
+
+The EVP_PKEY_CTX_new_id() function allocates public key algorithm context
+using the algorithm specified by B<id> and ENGINE B<e>. It is normally used
+when no B<EVP_PKEY> structure is associated with the operations, for example
+during parameter generation of key genration for some algorithms.
+
+EVP_PKEY_CTX_dup() duplicates the context B<ctx>.
+
+EVP_PKEY_CTX_free() frees up the context B<ctx>.
+
+=head1 NOTES
+
+The B<EVP_PKEY_CTX> structure is an opaque public key algorithm context used
+by the OpenSSL high level public key API. Contexts B<MUST NOT> be shared between
+threads: that is it is not permissible to use the same context simultaneously
+in two threads.
+
+=head1 RETURN VALUES
+
+EVP_PKEY_CTX_new(), EVP_PKEY_CTX_new_id(), EVP_PKEY_CTX_dup() returns either
+the newly allocated B<EVP_PKEY_CTX> structure of B<NULL> if an error occurred.
+
+EVP_PKEY_CTX_free() does not return a value.
+
+=head1 SEE ALSO
+
+L<EVP_PKEY_new(3)|EVP_PKEY_new(3)>
+
+=head1 HISTORY
+
+These functions were first added to OpenSSL 1.0.0.
+
+=cut
Copied: trunk/crypto/openssl/doc/crypto/EVP_PKEY_cmp.pod (from rev 7117, vendor-crypto/openssl/dist/doc/crypto/EVP_PKEY_cmp.pod)
===================================================================
--- trunk/crypto/openssl/doc/crypto/EVP_PKEY_cmp.pod (rev 0)
+++ trunk/crypto/openssl/doc/crypto/EVP_PKEY_cmp.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,61 @@
+=pod
+
+=head1 NAME
+
+EVP_PKEY_copy_parameters, EVP_PKEY_missing_parameters, EVP_PKEY_cmp_parameters, EVP_PKEY_cmp - public key parameter and comparison functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey);
+ int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from);
+
+ int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b);
+ int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b);
+
+=head1 DESCRIPTION
+
+The function EVP_PKEY_missing_parameters() returns 1 if the public key
+parameters of B<pkey> are missing and 0 if they are present or the algorithm
+doesn't use parameters.
+
+The function EVP_PKEY_copy_parameters() copies the parameters from key
+B<from> to key B<to>.
+
+The funcion EVP_PKEY_cmp_parameters() compares the parameters of keys
+B<a> and B<b>.
+
+The funcion EVP_PKEY_cmp() compares the public key components and paramters
+(if present) of keys B<a> and B<b>.
+
+=head1 NOTES
+
+The main purpose of the functions EVP_PKEY_missing_parameters() and
+EVP_PKEY_copy_parameters() is to handle public keys in certificates where the
+parameters are sometimes omitted from a public key if they are inherited from
+the CA that signed it.
+
+Since OpenSSL private keys contain public key components too the function
+EVP_PKEY_cmp() can also be used to determine if a private key matches
+a public key.
+
+=head1 RETURN VALUES
+
+The function EVP_PKEY_missing_parameters() returns 1 if the public key
+parameters of B<pkey> are missing and 0 if they are present or the algorithm
+doesn't use parameters.
+
+These functions EVP_PKEY_copy_parameters() returns 1 for success and 0 for
+failure.
+
+The function EVP_PKEY_cmp_parameters() and EVP_PKEY_cmp() return 1 if the
+keys match, 0 if they don't match, -1 if the key types are different and
+-2 if the operation is not supported.
+
+=head1 SEE ALSO
+
+L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
+L<EVP_PKEY_keygen(3)|EVP_PKEY_keygen(3)>
+
+=cut
Copied: trunk/crypto/openssl/doc/crypto/EVP_PKEY_decrypt.pod (from rev 7117, vendor-crypto/openssl/dist/doc/crypto/EVP_PKEY_decrypt.pod)
===================================================================
--- trunk/crypto/openssl/doc/crypto/EVP_PKEY_decrypt.pod (rev 0)
+++ trunk/crypto/openssl/doc/crypto/EVP_PKEY_decrypt.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,93 @@
+=pod
+
+=head1 NAME
+
+EVP_PKEY_decrypt_init, EVP_PKEY_decrypt - decrypt using a public key algorithm
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx,
+ unsigned char *out, size_t *outlen,
+ const unsigned char *in, size_t inlen);
+
+=head1 DESCRIPTION
+
+The EVP_PKEY_decrypt_init() function initializes a public key algorithm
+context using key B<pkey> for a decryption operation.
+
+The EVP_PKEY_decrypt() function performs a public key decryption operation
+using B<ctx>. The data to be decrypted is specified using the B<in> and
+B<inlen> parameters. If B<out> is B<NULL> then the maximum size of the output
+buffer is written to the B<outlen> parameter. If B<out> is not B<NULL> then
+before the call the B<outlen> parameter should contain the length of the
+B<out> buffer, if the call is successful the decrypted data is written to
+B<out> and the amount of data written to B<outlen>.
+
+=head1 NOTES
+
+After the call to EVP_PKEY_decrypt_init() algorithm specific control
+operations can be performed to set any appropriate parameters for the
+operation.
+
+The function EVP_PKEY_decrypt() can be called more than once on the same
+context if several operations are performed using the same parameters.
+
+=head1 RETURN VALUES
+
+EVP_PKEY_decrypt_init() and EVP_PKEY_decrypt() return 1 for success and 0
+or a negative value for failure. In particular a return value of -2
+indicates the operation is not supported by the public key algorithm.
+
+=head1 EXAMPLE
+
+Decrypt data using OAEP (for RSA keys):
+
+ #include <openssl/evp.h>
+ #include <openssl/rsa.h>
+
+ EVP_PKEY_CTX *ctx;
+ unsigned char *out, *in;
+ size_t outlen, inlen;
+ EVP_PKEY *key;
+ /* NB: assumes key in, inlen are already set up
+ * and that key is an RSA private key
+ */
+ ctx = EVP_PKEY_CTX_new(key);
+ if (!ctx)
+ /* Error occurred */
+ if (EVP_PKEY_decrypt_init(ctx) <= 0)
+ /* Error */
+ if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_OAEP_PADDING) <= 0)
+ /* Error */
+
+ /* Determine buffer length */
+ if (EVP_PKEY_decrypt(ctx, NULL, &outlen, in, inlen) <= 0)
+ /* Error */
+
+ out = OPENSSL_malloc(outlen);
+
+ if (!out)
+ /* malloc failure */
+
+ if (EVP_PKEY_decrypt(ctx, out, &outlen, in, inlen) <= 0)
+ /* Error */
+
+ /* Decrypted data is outlen bytes written to buffer out */
+
+=head1 SEE ALSO
+
+L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
+L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>,
+L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
+L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
+L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>,
+L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>
+
+=head1 HISTORY
+
+These functions were first added to OpenSSL 1.0.0.
+
+=cut
Copied: trunk/crypto/openssl/doc/crypto/EVP_PKEY_derive.pod (from rev 7117, vendor-crypto/openssl/dist/doc/crypto/EVP_PKEY_derive.pod)
===================================================================
--- trunk/crypto/openssl/doc/crypto/EVP_PKEY_derive.pod (rev 0)
+++ trunk/crypto/openssl/doc/crypto/EVP_PKEY_derive.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,93 @@
+=pod
+
+=head1 NAME
+
+EVP_PKEY_derive_init, EVP_PKEY_derive_set_peer, EVP_PKEY_derive - derive public key algorithm shared secret.
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer);
+ int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);
+
+=head1 DESCRIPTION
+
+The EVP_PKEY_derive_init() function initializes a public key algorithm
+context using key B<pkey> for shared secret derivation.
+
+The EVP_PKEY_derive_set_peer() function sets the peer key: this will normally
+be a public key.
+
+The EVP_PKEY_derive() derives a shared secret using B<ctx>.
+If B<key> is B<NULL> then the maximum size of the output buffer is written to
+the B<keylen> parameter. If B<key> is not B<NULL> then before the call the
+B<keylen> parameter should contain the length of the B<key> buffer, if the call
+is successful the shared secret is written to B<key> and the amount of data
+written to B<keylen>.
+
+=head1 NOTES
+
+After the call to EVP_PKEY_derive_init() algorithm specific control
+operations can be performed to set any appropriate parameters for the
+operation.
+
+The function EVP_PKEY_derive() can be called more than once on the same
+context if several operations are performed using the same parameters.
+
+=head1 RETURN VALUES
+
+EVP_PKEY_derive_init() and EVP_PKEY_derive() return 1 for success and 0
+or a negative value for failure. In particular a return value of -2
+indicates the operation is not supported by the public key algorithm.
+
+=head1 EXAMPLE
+
+Derive shared secret (for example DH or EC keys):
+
+ #include <openssl/evp.h>
+ #include <openssl/rsa.h>
+
+ EVP_PKEY_CTX *ctx;
+ unsigned char *skey;
+ size_t skeylen;
+ EVP_PKEY *pkey, *peerkey;
+ /* NB: assumes pkey, peerkey have been already set up */
+
+ ctx = EVP_PKEY_CTX_new(pkey);
+ if (!ctx)
+ /* Error occurred */
+ if (EVP_PKEY_derive_init(ctx) <= 0)
+ /* Error */
+ if (EVP_PKEY_derive_set_peer(ctx, peerkey) <= 0)
+ /* Error */
+
+ /* Determine buffer length */
+ if (EVP_PKEY_derive(ctx, NULL, &skeylen) <= 0)
+ /* Error */
+
+ skey = OPENSSL_malloc(skeylen);
+
+ if (!skey)
+ /* malloc failure */
+
+ if (EVP_PKEY_derive(ctx, skey, &skeylen) <= 0)
+ /* Error */
+
+ /* Shared secret is skey bytes written to buffer skey */
+
+=head1 SEE ALSO
+
+L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
+L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>,
+L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
+L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
+L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
+L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>,
+
+=head1 HISTORY
+
+These functions were first added to OpenSSL 1.0.0.
+
+=cut
Copied: trunk/crypto/openssl/doc/crypto/EVP_PKEY_encrypt.pod (from rev 7117, vendor-crypto/openssl/dist/doc/crypto/EVP_PKEY_encrypt.pod)
===================================================================
--- trunk/crypto/openssl/doc/crypto/EVP_PKEY_encrypt.pod (rev 0)
+++ trunk/crypto/openssl/doc/crypto/EVP_PKEY_encrypt.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,99 @@
+=pod
+
+=head1 NAME
+
+EVP_PKEY_encrypt_init, EVP_PKEY_encrypt - encrypt using a public key algorithm
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx,
+ unsigned char *out, size_t *outlen,
+ const unsigned char *in, size_t inlen);
+
+=head1 DESCRIPTION
+
+The EVP_PKEY_encrypt_init() function initializes a public key algorithm
+context using key B<pkey> for an encryption operation.
+
+The EVP_PKEY_encrypt() function performs a public key encryption operation
+using B<ctx>. The data to be encrypted is specified using the B<in> and
+B<inlen> parameters. If B<out> is B<NULL> then the maximum size of the output
+buffer is written to the B<outlen> parameter. If B<out> is not B<NULL> then
+before the call the B<outlen> parameter should contain the length of the
+B<out> buffer, if the call is successful the encrypted data is written to
+B<out> and the amount of data written to B<outlen>.
+
+=head1 NOTES
+
+After the call to EVP_PKEY_encrypt_init() algorithm specific control
+operations can be performed to set any appropriate parameters for the
+operation.
+
+The function EVP_PKEY_encrypt() can be called more than once on the same
+context if several operations are performed using the same parameters.
+
+=head1 RETURN VALUES
+
+EVP_PKEY_encrypt_init() and EVP_PKEY_encrypt() return 1 for success and 0
+or a negative value for failure. In particular a return value of -2
+indicates the operation is not supported by the public key algorithm.
+
+=head1 EXAMPLE
+
+Encrypt data using OAEP (for RSA keys). See also L<PEM_read_PUBKEY(3)|pem(3)> or
+L<d2i_X509(3)|d2i_X509(3)> for means to load a public key. You may also simply
+set 'eng = NULL;' to start with the default OpenSSL RSA implementation:
+
+ #include <openssl/evp.h>
+ #include <openssl/rsa.h>
+ #include <openssl/engine.h>
+
+ EVP_PKEY_CTX *ctx;
+ ENGINE *eng;
+ unsigned char *out, *in;
+ size_t outlen, inlen;
+ EVP_PKEY *key;
+ /* NB: assumes eng, key, in, inlen are already set up,
+ * and that key is an RSA public key
+ */
+ ctx = EVP_PKEY_CTX_new(key,eng);
+ if (!ctx)
+ /* Error occurred */
+ if (EVP_PKEY_encrypt_init(ctx) <= 0)
+ /* Error */
+ if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_OAEP_PADDING) <= 0)
+ /* Error */
+
+ /* Determine buffer length */
+ if (EVP_PKEY_encrypt(ctx, NULL, &outlen, in, inlen) <= 0)
+ /* Error */
+
+ out = OPENSSL_malloc(outlen);
+
+ if (!out)
+ /* malloc failure */
+
+ if (EVP_PKEY_encrypt(ctx, out, &outlen, in, inlen) <= 0)
+ /* Error */
+
+ /* Encrypted data is outlen bytes written to buffer out */
+
+=head1 SEE ALSO
+
+L<d2i_X509(3)|d2i_X509(3)>,
+L<engine(3)|engine(3)>,
+L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
+L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
+L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
+L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
+L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>,
+L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>
+
+=head1 HISTORY
+
+These functions were first added to OpenSSL 1.0.0.
+
+=cut
Copied: trunk/crypto/openssl/doc/crypto/EVP_PKEY_get_default_digest.pod (from rev 7117, vendor-crypto/openssl/dist/doc/crypto/EVP_PKEY_get_default_digest.pod)
===================================================================
--- trunk/crypto/openssl/doc/crypto/EVP_PKEY_get_default_digest.pod (rev 0)
+++ trunk/crypto/openssl/doc/crypto/EVP_PKEY_get_default_digest.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,41 @@
+=pod
+
+=head1 NAME
+
+EVP_PKEY_get_default_digest_nid - get default signature digest
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+ int EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid);
+
+=head1 DESCRIPTION
+
+The EVP_PKEY_get_default_digest_nid() function sets B<pnid> to the default
+message digest NID for the public key signature operations associated with key
+B<pkey>.
+
+=head1 NOTES
+
+For all current standard OpenSSL public key algorithms SHA1 is returned.
+
+=head1 RETURN VALUES
+
+The EVP_PKEY_get_default_digest_nid() function returns 1 if the message digest
+is advisory (that is other digests can be used) and 2 if it is mandatory (other
+digests can not be used). It returns 0 or a negative value for failure. In
+particular a return value of -2 indicates the operation is not supported by the
+public key algorithm.
+
+=head1 SEE ALSO
+
+L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
+L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
+L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
+L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>,
+
+=head1 HISTORY
+
+This function was first added to OpenSSL 1.0.0.
+
+=cut
Copied: trunk/crypto/openssl/doc/crypto/EVP_PKEY_keygen.pod (from rev 7117, vendor-crypto/openssl/dist/doc/crypto/EVP_PKEY_keygen.pod)
===================================================================
--- trunk/crypto/openssl/doc/crypto/EVP_PKEY_keygen.pod (rev 0)
+++ trunk/crypto/openssl/doc/crypto/EVP_PKEY_keygen.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,161 @@
+=pod
+
+=head1 NAME
+
+EVP_PKEY_keygen_init, EVP_PKEY_keygen, EVP_PKEY_paramgen_init, EVP_PKEY_paramgen, EVP_PKEY_CTX_set_cb, EVP_PKEY_CTX_get_cb, EVP_PKEY_CTX_get_keygen_info, EVP_PKEVP_PKEY_CTX_set_app_data, EVP_PKEY_CTX_get_app_data - key and parameter generation functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
+ int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
+
+ typedef int EVP_PKEY_gen_cb(EVP_PKEY_CTX *ctx);
+
+ void EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX *ctx, EVP_PKEY_gen_cb *cb);
+ EVP_PKEY_gen_cb *EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx);
+
+ int EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx);
+
+ void EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX *ctx, void *data);
+ void *EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx);
+
+=head1 DESCRIPTION
+
+The EVP_PKEY_keygen_init() function initializes a public key algorithm
+context using key B<pkey> for a key genration operation.
+
+The EVP_PKEY_keygen() function performs a key generation operation, the
+generated key is written to B<ppkey>.
+
+The functions EVP_PKEY_paramgen_init() and EVP_PKEY_paramgen() are similar
+except parameters are generated.
+
+The function EVP_PKEY_set_cb() sets the key or parameter generation callback
+to B<cb>. The function EVP_PKEY_CTX_get_cb() returns the key or parameter
+generation callback.
+
+The function EVP_PKEY_CTX_get_keygen_info() returns parameters associated
+with the generation operation. If B<idx> is -1 the total number of
+parameters available is returned. Any non negative value returns the value of
+that parameter. EVP_PKEY_CTX_gen_keygen_info() with a non-negative value for
+B<idx> should only be called within the generation callback.
+
+If the callback returns 0 then the key genration operation is aborted and an
+error occurs. This might occur during a time consuming operation where
+a user clicks on a "cancel" button.
+
+The functions EVP_PKEY_CTX_set_app_data() and EVP_PKEY_CTX_get_app_data() set
+and retrieve an opaque pointer. This can be used to set some application
+defined value which can be retrieved in the callback: for example a handle
+which is used to update a "progress dialog".
+
+=head1 NOTES
+
+After the call to EVP_PKEY_keygen_init() or EVP_PKEY_paramgen_init() algorithm
+specific control operations can be performed to set any appropriate parameters
+for the operation.
+
+The functions EVP_PKEY_keygen() and EVP_PKEY_paramgen() can be called more than
+once on the same context if several operations are performed using the same
+parameters.
+
+The meaning of the parameters passed to the callback will depend on the
+algorithm and the specifiic implementation of the algorithm. Some might not
+give any useful information at all during key or parameter generation. Others
+might not even call the callback.
+
+The operation performed by key or parameter generation depends on the algorithm
+used. In some cases (e.g. EC with a supplied named curve) the "generation"
+option merely sets the appropriate fields in an EVP_PKEY structure.
+
+In OpenSSL an EVP_PKEY structure containing a private key also contains the
+public key components and parameters (if any). An OpenSSL private key is
+equivalent to what some libraries call a "key pair". A private key can be used
+in functions which require the use of a public key or parameters.
+
+=head1 RETURN VALUES
+
+EVP_PKEY_keygen_init(), EVP_PKEY_paramgen_init(), EVP_PKEY_keygen() and
+EVP_PKEY_paramgen() return 1 for success and 0 or a negative value for failure.
+In particular a return value of -2 indicates the operation is not supported by
+the public key algorithm.
+
+=head1 EXAMPLES
+
+Generate a 2048 bit RSA key:
+
+ #include <openssl/evp.h>
+ #include <openssl/rsa.h>
+
+ EVP_PKEY_CTX *ctx;
+ EVP_PKEY *pkey = NULL;
+ ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL);
+ if (!ctx)
+ /* Error occurred */
+ if (EVP_PKEY_keygen_init(ctx) <= 0)
+ /* Error */
+ if (EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, 2048) <= 0)
+ /* Error */
+
+ /* Generate key */
+ if (EVP_PKEY_keygen(ctx, &pkey) <= 0)
+ /* Error */
+
+Generate a key from a set of parameters:
+
+ #include <openssl/evp.h>
+ #include <openssl/rsa.h>
+
+ EVP_PKEY_CTX *ctx;
+ EVP_PKEY *pkey = NULL, *param;
+ /* Assumed param is set up already */
+ ctx = EVP_PKEY_CTX_new(param);
+ if (!ctx)
+ /* Error occurred */
+ if (EVP_PKEY_keygen_init(ctx) <= 0)
+ /* Error */
+
+ /* Generate key */
+ if (EVP_PKEY_keygen(ctx, &pkey) <= 0)
+ /* Error */
+
+Example of generation callback for OpenSSL public key implementations:
+
+ /* Application data is a BIO to output status to */
+
+ EVP_PKEY_CTX_set_app_data(ctx, status_bio);
+
+ static int genpkey_cb(EVP_PKEY_CTX *ctx)
+ {
+ char c='*';
+ BIO *b = EVP_PKEY_CTX_get_app_data(ctx);
+ int p;
+ p = EVP_PKEY_CTX_get_keygen_info(ctx, 0);
+ if (p == 0) c='.';
+ if (p == 1) c='+';
+ if (p == 2) c='*';
+ if (p == 3) c='\n';
+ BIO_write(b,&c,1);
+ (void)BIO_flush(b);
+ return 1;
+ }
+
+=head1 SEE ALSO
+
+L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
+L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>,
+L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
+L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
+L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
+L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>,
+L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>
+
+=head1 HISTORY
+
+These functions were first added to OpenSSL 1.0.0.
+
+=cut
Copied: trunk/crypto/openssl/doc/crypto/EVP_PKEY_print_private.pod (from rev 7117, vendor-crypto/openssl/dist/doc/crypto/EVP_PKEY_print_private.pod)
===================================================================
--- trunk/crypto/openssl/doc/crypto/EVP_PKEY_print_private.pod (rev 0)
+++ trunk/crypto/openssl/doc/crypto/EVP_PKEY_print_private.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,53 @@
+=pod
+
+=head1 NAME
+
+EVP_PKEY_print_public, EVP_PKEY_print_private, EVP_PKEY_print_params - public key algorithm printing routines.
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey,
+ int indent, ASN1_PCTX *pctx);
+ int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey,
+ int indent, ASN1_PCTX *pctx);
+ int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey,
+ int indent, ASN1_PCTX *pctx);
+
+=head1 DESCRIPTION
+
+The functions EVP_PKEY_print_public(), EVP_PKEY_print_private() and
+EVP_PKEY_print_params() print out the public, private or parameter components
+of key B<pkey> respectively. The key is sent to BIO B<out> in human readable
+form. The parameter B<indent> indicated how far the printout should be indented.
+
+The B<pctx> parameter allows the print output to be finely tuned by using
+ASN1 printing options. If B<pctx> is set to NULL then default values will
+be used.
+
+=head1 NOTES
+
+Currently no public key algorithms include any options in the B<pctx> parameter
+parameter.
+
+If the key does not include all the components indicated by the function then
+only those contained in the key will be printed. For example passing a public
+key to EVP_PKEY_print_private() will only print the public components.
+
+=head1 RETURN VALUES
+
+These functions all return 1 for success and 0 or a negative value for failure.
+In particular a return value of -2 indicates the operation is not supported by
+the public key algorithm.
+
+=head1 SEE ALSO
+
+L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
+L<EVP_PKEY_keygen(3)|EVP_PKEY_keygen(3)>
+
+=head1 HISTORY
+
+These functions were first added to OpenSSL 1.0.0.
+
+=cut
Modified: trunk/crypto/openssl/doc/crypto/EVP_PKEY_set1_RSA.pod
===================================================================
--- trunk/crypto/openssl/doc/crypto/EVP_PKEY_set1_RSA.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/crypto/EVP_PKEY_set1_RSA.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -37,7 +37,7 @@
EVP_PKEY_get1_EC_KEY() return the referenced key in B<pkey> or
B<NULL> if the key is not of the correct type.
-EVP_PKEY_assign_RSA() EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH()
+EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH()
and EVP_PKEY_assign_EC_KEY() also set the referenced key to B<key>
however these use the supplied B<key> internally and so B<key>
will be freed when the parent B<pkey> is freed.
@@ -54,8 +54,8 @@
from or assigned to the B<pkey> using the B<1> functions must be
freed as well as B<pkey>.
-EVP_PKEY_assign_RSA() EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH()
-EVP_PKEY_assign_EC_KEY() are implemented as macros.
+EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH()
+and EVP_PKEY_assign_EC_KEY() are implemented as macros.
=head1 RETURN VALUES
@@ -66,7 +66,7 @@
EVP_PKEY_get1_EC_KEY() return the referenced key or B<NULL> if
an error occurred.
-EVP_PKEY_assign_RSA() EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH()
+EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH()
and EVP_PKEY_assign_EC_KEY() return 1 for success and 0 for failure.
=head1 SEE ALSO
Copied: trunk/crypto/openssl/doc/crypto/EVP_PKEY_sign.pod (from rev 7117, vendor-crypto/openssl/dist/doc/crypto/EVP_PKEY_sign.pod)
===================================================================
--- trunk/crypto/openssl/doc/crypto/EVP_PKEY_sign.pod (rev 0)
+++ trunk/crypto/openssl/doc/crypto/EVP_PKEY_sign.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,106 @@
+=pod
+
+=head1 NAME
+
+EVP_PKEY_sign_init, EVP_PKEY_sign - sign using a public key algorithm
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_sign(EVP_PKEY_CTX *ctx,
+ unsigned char *sig, size_t *siglen,
+ const unsigned char *tbs, size_t tbslen);
+
+=head1 DESCRIPTION
+
+The EVP_PKEY_sign_init() function initializes a public key algorithm
+context using key B<pkey> for a signing operation.
+
+The EVP_PKEY_sign() function performs a public key signing operation
+using B<ctx>. The data to be signed is specified using the B<tbs> and
+B<tbslen> parameters. If B<sig> is B<NULL> then the maximum size of the output
+buffer is written to the B<siglen> parameter. If B<sig> is not B<NULL> then
+before the call the B<siglen> parameter should contain the length of the
+B<sig> buffer, if the call is successful the signature is written to
+B<sig> and the amount of data written to B<siglen>.
+
+=head1 NOTES
+
+EVP_PKEY_sign() does not hash the data to be signed, and therefore is
+normally used to sign digests. For signing arbitrary messages, see the
+L<EVP_DigestSignInit(3)|EVP_DigestSignInit(3)> and
+L<EVP_SignInit(3)|EVP_SignInit(3)> signing interfaces instead.
+
+After the call to EVP_PKEY_sign_init() algorithm specific control
+operations can be performed to set any appropriate parameters for the
+operation (see L<EVP_PKEY_CTX_ctrl(3)|EVP_PKEY_CTX_ctrl(3)>).
+
+The function EVP_PKEY_sign() can be called more than once on the same
+context if several operations are performed using the same parameters.
+
+=head1 RETURN VALUES
+
+EVP_PKEY_sign_init() and EVP_PKEY_sign() return 1 for success and 0
+or a negative value for failure. In particular a return value of -2
+indicates the operation is not supported by the public key algorithm.
+
+=head1 EXAMPLE
+
+Sign data using RSA with PKCS#1 padding and SHA256 digest:
+
+ #include <openssl/evp.h>
+ #include <openssl/rsa.h>
+
+ EVP_PKEY_CTX *ctx;
+ /* md is a SHA-256 digest in this example. */
+ unsigned char *md, *sig;
+ size_t mdlen = 32, siglen;
+ EVP_PKEY *signing_key;
+
+ /*
+ * NB: assumes signing_key and md are set up before the next
+ * step. signing_key must be an RSA private key and md must
+ * point to the SHA-256 digest to be signed.
+ */
+ ctx = EVP_PKEY_CTX_new(signing_key, NULL /* no engine */);
+ if (!ctx)
+ /* Error occurred */
+ if (EVP_PKEY_sign_init(ctx) <= 0)
+ /* Error */
+ if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) <= 0)
+ /* Error */
+ if (EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256()) <= 0)
+ /* Error */
+
+ /* Determine buffer length */
+ if (EVP_PKEY_sign(ctx, NULL, &siglen, md, mdlen) <= 0)
+ /* Error */
+
+ sig = OPENSSL_malloc(siglen);
+
+ if (!sig)
+ /* malloc failure */
+
+ if (EVP_PKEY_sign(ctx, sig, &siglen, md, mdlen) <= 0)
+ /* Error */
+
+ /* Signature is siglen bytes written to buffer sig */
+
+
+=head1 SEE ALSO
+
+L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
+L<EVP_PKEY_CTX_ctrl(3)|EVP_PKEY_CTX_ctrl(3)>,
+L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>,
+L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
+L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
+L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>,
+L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>
+
+=head1 HISTORY
+
+These functions were first added to OpenSSL 1.0.0.
+
+=cut
Copied: trunk/crypto/openssl/doc/crypto/EVP_PKEY_verify.pod (from rev 7117, vendor-crypto/openssl/dist/doc/crypto/EVP_PKEY_verify.pod)
===================================================================
--- trunk/crypto/openssl/doc/crypto/EVP_PKEY_verify.pod (rev 0)
+++ trunk/crypto/openssl/doc/crypto/EVP_PKEY_verify.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,91 @@
+=pod
+
+=head1 NAME
+
+EVP_PKEY_verify_init, EVP_PKEY_verify - signature verification using a public key algorithm
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_verify(EVP_PKEY_CTX *ctx,
+ const unsigned char *sig, size_t siglen,
+ const unsigned char *tbs, size_t tbslen);
+
+=head1 DESCRIPTION
+
+The EVP_PKEY_verify_init() function initializes a public key algorithm
+context using key B<pkey> for a signature verification operation.
+
+The EVP_PKEY_verify() function performs a public key verification operation
+using B<ctx>. The signature is specified using the B<sig> and
+B<siglen> parameters. The verified data (i.e. the data believed originally
+signed) is specified using the B<tbs> and B<tbslen> parameters.
+
+=head1 NOTES
+
+After the call to EVP_PKEY_verify_init() algorithm specific control
+operations can be performed to set any appropriate parameters for the
+operation.
+
+The function EVP_PKEY_verify() can be called more than once on the same
+context if several operations are performed using the same parameters.
+
+=head1 RETURN VALUES
+
+EVP_PKEY_verify_init() and EVP_PKEY_verify() return 1 if the verification was
+successful and 0 if it failed. Unlike other functions the return value 0 from
+EVP_PKEY_verify() only indicates that the signature did not not verify
+successfully (that is tbs did not match the original data or the signature was
+of invalid form) it is not an indication of a more serious error.
+
+A negative value indicates an error other that signature verification failure.
+In particular a return value of -2 indicates the operation is not supported by
+the public key algorithm.
+
+=head1 EXAMPLE
+
+Verify signature using PKCS#1 and SHA256 digest:
+
+ #include <openssl/evp.h>
+ #include <openssl/rsa.h>
+
+ EVP_PKEY_CTX *ctx;
+ unsigned char *md, *sig;
+ size_t mdlen, siglen;
+ EVP_PKEY *verify_key;
+ /* NB: assumes verify_key, sig, siglen md and mdlen are already set up
+ * and that verify_key is an RSA public key
+ */
+ ctx = EVP_PKEY_CTX_new(verify_key);
+ if (!ctx)
+ /* Error occurred */
+ if (EVP_PKEY_verify_init(ctx) <= 0)
+ /* Error */
+ if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) <= 0)
+ /* Error */
+ if (EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256()) <= 0)
+ /* Error */
+
+ /* Perform operation */
+ ret = EVP_PKEY_verify(ctx, sig, siglen, md, mdlen);
+
+ /* ret == 1 indicates success, 0 verify failure and < 0 for some
+ * other error.
+ */
+
+=head1 SEE ALSO
+
+L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
+L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>,
+L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
+L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
+L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>,
+L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>
+
+=head1 HISTORY
+
+These functions were first added to OpenSSL 1.0.0.
+
+=cut
Copied: trunk/crypto/openssl/doc/crypto/EVP_PKEY_verify_recover.pod (from rev 7117, vendor-crypto/openssl/dist/doc/crypto/EVP_PKEY_verify_recover.pod)
===================================================================
--- trunk/crypto/openssl/doc/crypto/EVP_PKEY_verify_recover.pod (rev 0)
+++ trunk/crypto/openssl/doc/crypto/EVP_PKEY_verify_recover.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,103 @@
+=pod
+
+=head1 NAME
+
+EVP_PKEY_verify_recover_init, EVP_PKEY_verify_recover - recover signature using a public key algorithm
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ int EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx,
+ unsigned char *rout, size_t *routlen,
+ const unsigned char *sig, size_t siglen);
+
+=head1 DESCRIPTION
+
+The EVP_PKEY_verify_recover_init() function initializes a public key algorithm
+context using key B<pkey> for a verify recover operation.
+
+The EVP_PKEY_verify_recover() function recovers signed data
+using B<ctx>. The signature is specified using the B<sig> and
+B<siglen> parameters. If B<rout> is B<NULL> then the maximum size of the output
+buffer is written to the B<routlen> parameter. If B<rout> is not B<NULL> then
+before the call the B<routlen> parameter should contain the length of the
+B<rout> buffer, if the call is successful recovered data is written to
+B<rout> and the amount of data written to B<routlen>.
+
+=head1 NOTES
+
+Normally an application is only interested in whether a signature verification
+operation is successful in those cases the EVP_verify() function should be
+used.
+
+Sometimes however it is useful to obtain the data originally signed using a
+signing operation. Only certain public key algorithms can recover a signature
+in this way (for example RSA in PKCS padding mode).
+
+After the call to EVP_PKEY_verify_recover_init() algorithm specific control
+operations can be performed to set any appropriate parameters for the
+operation.
+
+The function EVP_PKEY_verify_recover() can be called more than once on the same
+context if several operations are performed using the same parameters.
+
+=head1 RETURN VALUES
+
+EVP_PKEY_verify_recover_init() and EVP_PKEY_verify_recover() return 1 for success
+and 0 or a negative value for failure. In particular a return value of -2
+indicates the operation is not supported by the public key algorithm.
+
+=head1 EXAMPLE
+
+Recover digest originally signed using PKCS#1 and SHA256 digest:
+
+ #include <openssl/evp.h>
+ #include <openssl/rsa.h>
+
+ EVP_PKEY_CTX *ctx;
+ unsigned char *rout, *sig;
+ size_t routlen, siglen;
+ EVP_PKEY *verify_key;
+ /* NB: assumes verify_key, sig and siglen are already set up
+ * and that verify_key is an RSA public key
+ */
+ ctx = EVP_PKEY_CTX_new(verify_key);
+ if (!ctx)
+ /* Error occurred */
+ if (EVP_PKEY_verify_recover_init(ctx) <= 0)
+ /* Error */
+ if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) <= 0)
+ /* Error */
+ if (EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256()) <= 0)
+ /* Error */
+
+ /* Determine buffer length */
+ if (EVP_PKEY_verify_recover(ctx, NULL, &routlen, sig, siglen) <= 0)
+ /* Error */
+
+ rout = OPENSSL_malloc(routlen);
+
+ if (!rout)
+ /* malloc failure */
+
+ if (EVP_PKEY_verify_recover(ctx, rout, &routlen, sig, siglen) <= 0)
+ /* Error */
+
+ /* Recovered data is routlen bytes written to buffer rout */
+
+=head1 SEE ALSO
+
+L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
+L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>,
+L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
+L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
+L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
+L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>
+
+=head1 HISTORY
+
+These functions were first added to OpenSSL 1.0.0.
+
+=cut
Modified: trunk/crypto/openssl/doc/crypto/EVP_SignInit.pod
===================================================================
--- trunk/crypto/openssl/doc/crypto/EVP_SignInit.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/crypto/EVP_SignInit.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -30,9 +30,11 @@
same B<ctx> to include additional data.
EVP_SignFinal() signs the data in B<ctx> using the private key B<pkey> and
-places the signature in B<sig>. The number of bytes of data written (i.e. the
-length of the signature) will be written to the integer at B<s>, at most
-EVP_PKEY_size(pkey) bytes will be written.
+places the signature in B<sig>. B<sig> must be at least EVP_PKEY_size(pkey)
+bytes in size. B<s> is an OUT paramter, and not used as an IN parameter.
+The number of bytes of data written (i.e. the length of the signature)
+will be written to the integer at B<s>, at most EVP_PKEY_size(pkey) bytes
+will be written.
EVP_SignInit() initializes a signing context B<ctx> to use the default
implementation of digest B<type>.
@@ -77,6 +79,15 @@
Older versions of this documentation wrongly stated that calls to
EVP_SignUpdate() could not be made after calling EVP_SignFinal().
+Since the private key is passed in the call to EVP_SignFinal() any error
+relating to the private key (for example an unsuitable key and digest
+combination) will not be indicated until after potentially large amounts of
+data have been passed through EVP_SignUpdate().
+
+It is not possible to change the signing parameters using these function.
+
+The previous two bugs are fixed in the newer EVP_SignDigest*() function.
+
=head1 SEE ALSO
L<EVP_VerifyInit(3)|EVP_VerifyInit(3)>,
Modified: trunk/crypto/openssl/doc/crypto/EVP_VerifyInit.pod
===================================================================
--- trunk/crypto/openssl/doc/crypto/EVP_VerifyInit.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/crypto/EVP_VerifyInit.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -67,6 +67,15 @@
Older versions of this documentation wrongly stated that calls to
EVP_VerifyUpdate() could not be made after calling EVP_VerifyFinal().
+Since the public key is passed in the call to EVP_SignFinal() any error
+relating to the private key (for example an unsuitable key and digest
+combination) will not be indicated until after potentially large amounts of
+data have been passed through EVP_SignUpdate().
+
+It is not possible to change the signing parameters using these function.
+
+The previous two bugs are fixed in the newer EVP_VerifyDigest*() function.
+
=head1 SEE ALSO
L<evp(3)|evp(3)>,
Modified: trunk/crypto/openssl/doc/crypto/OPENSSL_config.pod
===================================================================
--- trunk/crypto/openssl/doc/crypto/OPENSSL_config.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/crypto/OPENSSL_config.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -15,9 +15,10 @@
OPENSSL_config() configures OpenSSL using the standard B<openssl.cnf>
configuration file name using B<config_name>. If B<config_name> is NULL then
-the default name B<openssl_conf> will be used. Any errors are ignored. Further
-calls to OPENSSL_config() will have no effect. The configuration file format
-is documented in the L<conf(5)|conf(5)> manual page.
+the file specified in the environment variable B<OPENSSL_CONF> will be used,
+and if that is not set then a system default location is used.
+Errors are silently ignored.
+Multiple calls have no effect.
OPENSSL_no_config() disables configuration. If called before OPENSSL_config()
no configuration takes place.
@@ -24,23 +25,15 @@
=head1 NOTES
-It is B<strongly> recommended that B<all> new applications call OPENSSL_config()
-or the more sophisticated functions such as CONF_modules_load() during
-initialization (that is before starting any threads). By doing this
-an application does not need to keep track of all configuration options
-and some new functionality can be supported automatically.
+The OPENSSL_config() function is designed to be a very simple "call it and
+forget it" function.
+It is however B<much> better than nothing. Applications which need finer
+control over their configuration functionality should use the configuration
+functions such as CONF_modules_load() directly. This function is deprecated
+and its use should be avoided.
+Applications should instead call CONF_modules_load() during
+initialization (that is before starting any threads).
-It is also possible to automatically call OPENSSL_config() when an application
-calls OPENSSL_add_all_algorithms() by compiling an application with the
-preprocessor symbol B<OPENSSL_LOAD_CONF> #define'd. In this way configuration
-can be added without source changes.
-
-The environment variable B<OPENSSL_CONF> can be set to specify the location
-of the configuration file.
-
-Currently ASN1 OBJECTs and ENGINE configuration can be performed future
-versions of OpenSSL will add new configuration options.
-
There are several reasons why calling the OpenSSL configuration routines is
advisable. For example new ENGINE functionality was added to OpenSSL 0.9.7.
In OpenSSL 0.9.7 control functions can be supported by ENGINEs, this can be
Copied: trunk/crypto/openssl/doc/crypto/PEM_write_bio_CMS_stream.pod (from rev 7117, vendor-crypto/openssl/dist/doc/crypto/PEM_write_bio_CMS_stream.pod)
===================================================================
--- trunk/crypto/openssl/doc/crypto/PEM_write_bio_CMS_stream.pod (rev 0)
+++ trunk/crypto/openssl/doc/crypto/PEM_write_bio_CMS_stream.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,41 @@
+=pod
+
+=head1 NAME
+
+ PEM_write_bio_CMS_stream - output CMS_ContentInfo structure in PEM format.
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+ #include <openssl/pem.h>
+
+ int PEM_write_bio_CMS_stream(BIO *out, CMS_ContentInfo *cms, BIO *data, int flags);
+
+=head1 DESCRIPTION
+
+PEM_write_bio_CMS_stream() outputs a CMS_ContentInfo structure in PEM format.
+
+It is otherwise identical to the function SMIME_write_CMS().
+
+=head1 NOTES
+
+This function is effectively a version of the PEM_write_bio_CMS() supporting
+streaming.
+
+=head1 RETURN VALUES
+
+PEM_write_bio_CMS_stream() returns 1 for success or 0 for failure.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_sign(3)|CMS_sign(3)>,
+L<CMS_verify(3)|CMS_verify(3)>, L<CMS_encrypt(3)|CMS_encrypt(3)>
+L<CMS_decrypt(3)|CMS_decrypt(3)>,
+L<SMIME_write_CMS(3)|SMIME_write_CMS(3)>,
+L<i2d_CMS_bio_stream(3)|i2d_CMS_bio_stream(3)>
+
+=head1 HISTORY
+
+PEM_write_bio_CMS_stream() was added to OpenSSL 1.0.0
+
+=cut
Copied: trunk/crypto/openssl/doc/crypto/PEM_write_bio_PKCS7_stream.pod (from rev 7117, vendor-crypto/openssl/dist/doc/crypto/PEM_write_bio_PKCS7_stream.pod)
===================================================================
--- trunk/crypto/openssl/doc/crypto/PEM_write_bio_PKCS7_stream.pod (rev 0)
+++ trunk/crypto/openssl/doc/crypto/PEM_write_bio_PKCS7_stream.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,41 @@
+=pod
+
+=head1 NAME
+
+PEM_write_bio_PKCS7_stream - output PKCS7 structure in PEM format.
+
+=head1 SYNOPSIS
+
+ #include <openssl/pkcs7.h>
+ #include <openssl/pem.h>
+
+ int PEM_write_bio_PKCS7_stream(BIO *out, PKCS7 *p7, BIO *data, int flags);
+
+=head1 DESCRIPTION
+
+PEM_write_bio_PKCS7_stream() outputs a PKCS7 structure in PEM format.
+
+It is otherwise identical to the function SMIME_write_PKCS7().
+
+=head1 NOTES
+
+This function is effectively a version of the PEM_write_bio_PKCS7() supporting
+streaming.
+
+=head1 RETURN VALUES
+
+PEM_write_bio_PKCS7_stream() returns 1 for success or 0 for failure.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<PKCS7_sign(3)|PKCS7_sign(3)>,
+L<PKCS7_verify(3)|PKCS7_verify(3)>, L<PKCS7_encrypt(3)|PKCS7_encrypt(3)>
+L<PKCS7_decrypt(3)|PKCS7_decrypt(3)>,
+L<SMIME_write_PKCS7(3)|SMIME_write_PKCS7(3)>,
+L<i2d_PKCS7_bio_stream(3)|i2d_PKCS7_bio_stream(3)>
+
+=head1 HISTORY
+
+PEM_write_bio_PKCS7_stream() was added to OpenSSL 1.0.0
+
+=cut
Modified: trunk/crypto/openssl/doc/crypto/PKCS7_encrypt.pod
===================================================================
--- trunk/crypto/openssl/doc/crypto/PKCS7_encrypt.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/crypto/PKCS7_encrypt.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -18,20 +18,21 @@
=head1 NOTES
-Only RSA keys are supported in PKCS#7 and envelopedData so the recipient certificates
-supplied to this function must all contain RSA public keys, though they do not have to
-be signed using the RSA algorithm.
+Only RSA keys are supported in PKCS#7 and envelopedData so the recipient
+certificates supplied to this function must all contain RSA public keys, though
+they do not have to be signed using the RSA algorithm.
-EVP_des_ede3_cbc() (triple DES) is the algorithm of choice for S/MIME use because
-most clients will support it.
+EVP_des_ede3_cbc() (triple DES) is the algorithm of choice for S/MIME use
+because most clients will support it.
-Some old "export grade" clients may only support weak encryption using 40 or 64 bit
-RC2. These can be used by passing EVP_rc2_40_cbc() and EVP_rc2_64_cbc() respectively.
+Some old "export grade" clients may only support weak encryption using 40 or 64
+bit RC2. These can be used by passing EVP_rc2_40_cbc() and EVP_rc2_64_cbc()
+respectively.
-The algorithm passed in the B<cipher> parameter must support ASN1 encoding of its
-parameters.
+The algorithm passed in the B<cipher> parameter must support ASN1 encoding of
+its parameters.
-Many browsers implement a "sign and encrypt" option which is simply an S/MIME
+Many browsers implement a "sign and encrypt" option which is simply an S/MIME
envelopedData containing an S/MIME signed message. This can be readily produced
by storing the S/MIME signed message in a memory BIO and passing it to
PKCS7_encrypt().
@@ -38,24 +39,35 @@
The following flags can be passed in the B<flags> parameter.
-If the B<PKCS7_TEXT> flag is set MIME headers for type B<text/plain> are prepended
-to the data.
+If the B<PKCS7_TEXT> flag is set MIME headers for type B<text/plain> are
+prepended to the data.
-Normally the supplied content is translated into MIME canonical format (as required
-by the S/MIME specifications) if B<PKCS7_BINARY> is set no translation occurs. This
-option should be used if the supplied data is in binary format otherwise the translation
-will corrupt it. If B<PKCS7_BINARY> is set then B<PKCS7_TEXT> is ignored.
+Normally the supplied content is translated into MIME canonical format (as
+required by the S/MIME specifications) if B<PKCS7_BINARY> is set no translation
+occurs. This option should be used if the supplied data is in binary format
+otherwise the translation will corrupt it. If B<PKCS7_BINARY> is set then
+B<PKCS7_TEXT> is ignored.
+If the B<PKCS7_STREAM> flag is set a partial B<PKCS7> structure is output
+suitable for streaming I/O: no data is read from the BIO B<in>.
+
+=head1 NOTES
+
+If the flag B<PKCS7_STREAM> is set the returned B<PKCS7> structure is B<not>
+complete and outputting its contents via a function that does not
+properly finalize the B<PKCS7> structure will give unpredictable
+results.
+
+Several functions including SMIME_write_PKCS7(), i2d_PKCS7_bio_stream(),
+PEM_write_bio_PKCS7_stream() finalize the structure. Alternatively finalization
+can be performed by obtaining the streaming ASN1 B<BIO> directly using
+BIO_new_PKCS7().
+
=head1 RETURN VALUES
-PKCS7_encrypt() returns either a valid PKCS7 structure or NULL if an error occurred.
+PKCS7_encrypt() returns either a PKCS7 structure or NULL if an error occurred.
The error can be obtained from ERR_get_error(3).
-=head1 BUGS
-
-The lack of single pass processing and need to hold all data in memory as
-mentioned in PKCS7_sign() also applies to PKCS7_verify().
-
=head1 SEE ALSO
L<ERR_get_error(3)|ERR_get_error(3)>, L<PKCS7_decrypt(3)|PKCS7_decrypt(3)>
@@ -63,5 +75,6 @@
=head1 HISTORY
PKCS7_decrypt() was added to OpenSSL 0.9.5
+The B<PKCS7_STREAM> flag was first supported in OpenSSL 1.0.0.
=cut
Modified: trunk/crypto/openssl/doc/crypto/PKCS7_sign.pod
===================================================================
--- trunk/crypto/openssl/doc/crypto/PKCS7_sign.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/crypto/PKCS7_sign.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -12,10 +12,10 @@
=head1 DESCRIPTION
-PKCS7_sign() creates and returns a PKCS#7 signedData structure. B<signcert>
-is the certificate to sign with, B<pkey> is the corresponsding private key.
-B<certs> is an optional additional set of certificates to include in the
-PKCS#7 structure (for example any intermediate CAs in the chain).
+PKCS7_sign() creates and returns a PKCS#7 signedData structure. B<signcert> is
+the certificate to sign with, B<pkey> is the corresponsding private key.
+B<certs> is an optional additional set of certificates to include in the PKCS#7
+structure (for example any intermediate CAs in the chain).
The data to be signed is read from BIO B<data>.
@@ -23,7 +23,8 @@
=head1 NOTES
-Any of the following flags (ored together) can be passed in the B<flags> parameter.
+Any of the following flags (ored together) can be passed in the B<flags>
+parameter.
Many S/MIME clients expect the signed content to include valid MIME headers. If
the B<PKCS7_TEXT> flag is set MIME headers for type B<text/plain> are prepended
@@ -30,65 +31,75 @@
to the data.
If B<PKCS7_NOCERTS> is set the signer's certificate will not be included in the
-PKCS7 structure, the signer's certificate must still be supplied in the B<signcert>
-parameter though. This can reduce the size of the signature if the signers certificate
-can be obtained by other means: for example a previously signed message.
+PKCS7 structure, the signer's certificate must still be supplied in the
+B<signcert> parameter though. This can reduce the size of the signature if the
+signers certificate can be obtained by other means: for example a previously
+signed message.
-The data being signed is included in the PKCS7 structure, unless B<PKCS7_DETACHED>
-is set in which case it is omitted. This is used for PKCS7 detached signatures
-which are used in S/MIME plaintext signed messages for example.
+The data being signed is included in the PKCS7 structure, unless
+B<PKCS7_DETACHED> is set in which case it is omitted. This is used for PKCS7
+detached signatures which are used in S/MIME plaintext signed messages for
+example.
-Normally the supplied content is translated into MIME canonical format (as required
-by the S/MIME specifications) if B<PKCS7_BINARY> is set no translation occurs. This
-option should be used if the supplied data is in binary format otherwise the translation
-will corrupt it.
+Normally the supplied content is translated into MIME canonical format (as
+required by the S/MIME specifications) if B<PKCS7_BINARY> is set no translation
+occurs. This option should be used if the supplied data is in binary format
+otherwise the translation will corrupt it.
-The signedData structure includes several PKCS#7 autenticatedAttributes including
-the signing time, the PKCS#7 content type and the supported list of ciphers in
-an SMIMECapabilities attribute. If B<PKCS7_NOATTR> is set then no authenticatedAttributes
-will be used. If B<PKCS7_NOSMIMECAP> is set then just the SMIMECapabilities are
-omitted.
+The signedData structure includes several PKCS#7 autenticatedAttributes
+including the signing time, the PKCS#7 content type and the supported list of
+ciphers in an SMIMECapabilities attribute. If B<PKCS7_NOATTR> is set then no
+authenticatedAttributes will be used. If B<PKCS7_NOSMIMECAP> is set then just
+the SMIMECapabilities are omitted.
If present the SMIMECapabilities attribute indicates support for the following
-algorithms: triple DES, 128 bit RC2, 64 bit RC2, DES and 40 bit RC2. If any
-of these algorithms is disabled then it will not be included.
+algorithms: triple DES, 128 bit RC2, 64 bit RC2, DES and 40 bit RC2. If any of
+these algorithms is disabled then it will not be included.
-If the flags B<PKCS7_PARTSIGN> is set then the returned B<PKCS7> structure
-is just initialized ready to perform the signing operation. The signing
-is however B<not> performed and the data to be signed is not read from
-the B<data> parameter. Signing is deferred until after the data has been
-written. In this way data can be signed in a single pass. Currently the
-flag B<PKCS7_DETACHED> B<must> also be set.
+If the flags B<PKCS7_STREAM> is set then the returned B<PKCS7> structure is
+just initialized ready to perform the signing operation. The signing is however
+B<not> performed and the data to be signed is not read from the B<data>
+parameter. Signing is deferred until after the data has been written. In this
+way data can be signed in a single pass.
+If the B<PKCS7_PARTIAL> flag is set a partial B<PKCS7> structure is output to
+which additional signers and capabilities can be added before finalization.
+
+
=head1 NOTES
-Currently the flag B<PKCS7_PARTSIGN> is only supported for detached
-data. If this flag is set the returned B<PKCS7> structure is B<not>
-complete and outputting its contents via a function that does not
-properly finalize the B<PKCS7> structure will give unpredictable
-results.
+If the flag B<PKCS7_STREAM> is set the returned B<PKCS7> structure is B<not>
+complete and outputting its contents via a function that does not properly
+finalize the B<PKCS7> structure will give unpredictable results.
-At present only the SMIME_write_PKCS7() function properly finalizes the
-structure.
+Several functions including SMIME_write_PKCS7(), i2d_PKCS7_bio_stream(),
+PEM_write_bio_PKCS7_stream() finalize the structure. Alternatively finalization
+can be performed by obtaining the streaming ASN1 B<BIO> directly using
+BIO_new_PKCS7().
-=head1 BUGS
+If a signer is specified it will use the default digest for the signing
+algorithm. This is B<SHA1> for both RSA and DSA keys.
-PKCS7_sign() is somewhat limited. It does not support multiple signers, some
-advanced attributes such as counter signatures are not supported.
+In OpenSSL 1.0.0 the B<certs>, B<signcert> and B<pkey> parameters can all be
+B<NULL> if the B<PKCS7_PARTIAL> flag is set. One or more signers can be added
+using the function B<PKCS7_sign_add_signer()>. B<PKCS7_final()> must also be
+called to finalize the structure if streaming is not enabled. Alternative
+signing digests can also be specified using this method.
-The SHA1 digest algorithm is currently always used.
+In OpenSSL 1.0.0 if B<signcert> and B<pkey> are NULL then a certificates only
+PKCS#7 structure is output.
-When the signed data is not detached it will be stored in memory within the
-B<PKCS7> structure. This effectively limits the size of messages which can be
-signed due to memory restraints. There should be a way to sign data without
-having to hold it all in memory, this would however require fairly major
-revisions of the OpenSSL ASN1 code.
+In versions of OpenSSL before 1.0.0 the B<signcert> and B<pkey> parameters must
+B<NOT> be NULL.
+=head1 BUGS
+Some advanced attributes such as counter signatures are not supported.
+
=head1 RETURN VALUES
-PKCS7_sign() returns either a valid PKCS7 structure or NULL if an error occurred.
-The error can be obtained from ERR_get_error(3).
+PKCS7_sign() returns either a valid PKCS7 structure or NULL if an error
+occurred. The error can be obtained from ERR_get_error(3).
=head1 SEE ALSO
@@ -98,6 +109,8 @@
PKCS7_sign() was added to OpenSSL 0.9.5
-The B<PKCS7_PARTSIGN> flag was added in OpenSSL 0.9.8
+The B<PKCS7_PARTIAL> flag was added in OpenSSL 1.0.0
+The B<PKCS7_STREAM> flag was added in OpenSSL 1.0.0
+
=cut
Copied: trunk/crypto/openssl/doc/crypto/PKCS7_sign_add_signer.pod (from rev 7117, vendor-crypto/openssl/dist/doc/crypto/PKCS7_sign_add_signer.pod)
===================================================================
--- trunk/crypto/openssl/doc/crypto/PKCS7_sign_add_signer.pod (rev 0)
+++ trunk/crypto/openssl/doc/crypto/PKCS7_sign_add_signer.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,87 @@
+=pod
+
+=head1 NAME
+
+PKCS7_sign_add_signer - add a signer PKCS7 signed data structure.
+
+=head1 SYNOPSIS
+
+ #include <openssl/pkcs7.h>
+
+ PKCS7_SIGNER_INFO *PKCS7_sign_add_signer(PKCS7 *p7, X509 *signcert, EVP_PKEY *pkey, const EVP_MD *md, int flags);
+
+
+=head1 DESCRIPTION
+
+PKCS7_sign_add_signer() adds a signer with certificate B<signcert> and private
+key B<pkey> using message digest B<md> to a PKCS7 signed data structure
+B<p7>.
+
+The PKCS7 structure should be obtained from an initial call to PKCS7_sign()
+with the flag B<PKCS7_PARTIAL> set or in the case or re-signing a valid PKCS7
+signed data structure.
+
+If the B<md> parameter is B<NULL> then the default digest for the public
+key algorithm will be used.
+
+Unless the B<PKCS7_REUSE_DIGEST> flag is set the returned PKCS7 structure
+is not complete and must be finalized either by streaming (if applicable) or
+a call to PKCS7_final().
+
+
+=head1 NOTES
+
+The main purpose of this function is to provide finer control over a PKCS#7
+signed data structure where the simpler PKCS7_sign() function defaults are
+not appropriate. For example if multiple signers or non default digest
+algorithms are needed.
+
+Any of the following flags (ored together) can be passed in the B<flags>
+parameter.
+
+If B<PKCS7_REUSE_DIGEST> is set then an attempt is made to copy the content
+digest value from the PKCS7 struture: to add a signer to an existing structure.
+An error occurs if a matching digest value cannot be found to copy. The
+returned PKCS7 structure will be valid and finalized when this flag is set.
+
+If B<PKCS7_PARTIAL> is set in addition to B<PKCS7_REUSE_DIGEST> then the
+B<PKCS7_SIGNER_INO> structure will not be finalized so additional attributes
+can be added. In this case an explicit call to PKCS7_SIGNER_INFO_sign() is
+needed to finalize it.
+
+If B<PKCS7_NOCERTS> is set the signer's certificate will not be included in the
+PKCS7 structure, the signer's certificate must still be supplied in the
+B<signcert> parameter though. This can reduce the size of the signature if the
+signers certificate can be obtained by other means: for example a previously
+signed message.
+
+The signedData structure includes several PKCS#7 autenticatedAttributes
+including the signing time, the PKCS#7 content type and the supported list of
+ciphers in an SMIMECapabilities attribute. If B<PKCS7_NOATTR> is set then no
+authenticatedAttributes will be used. If B<PKCS7_NOSMIMECAP> is set then just
+the SMIMECapabilities are omitted.
+
+If present the SMIMECapabilities attribute indicates support for the following
+algorithms: triple DES, 128 bit RC2, 64 bit RC2, DES and 40 bit RC2. If any of
+these algorithms is disabled then it will not be included.
+
+
+PKCS7_sign_add_signers() returns an internal pointer to the PKCS7_SIGNER_INFO
+structure just added, this can be used to set additional attributes
+before it is finalized.
+
+=head1 RETURN VALUES
+
+PKCS7_sign_add_signers() returns an internal pointer to the PKCS7_SIGNER_INFO
+structure just added or NULL if an error occurs.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<PKCS7_sign(3)|PKCS7_sign(3)>,
+L<PKCS7_final(3)|PKCS7_final(3)>,
+
+=head1 HISTORY
+
+PPKCS7_sign_add_signer() was added to OpenSSL 1.0.0
+
+=cut
Copied: trunk/crypto/openssl/doc/crypto/SMIME_read_CMS.pod (from rev 7117, vendor-crypto/openssl/dist/doc/crypto/SMIME_read_CMS.pod)
===================================================================
--- trunk/crypto/openssl/doc/crypto/SMIME_read_CMS.pod (rev 0)
+++ trunk/crypto/openssl/doc/crypto/SMIME_read_CMS.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,70 @@
+=pod
+
+=head1 NAME
+
+ SMIME_read_CMS - parse S/MIME message.
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ CMS_ContentInfo *SMIME_read_CMS(BIO *in, BIO **bcont);
+
+=head1 DESCRIPTION
+
+SMIME_read_CMS() parses a message in S/MIME format.
+
+B<in> is a BIO to read the message from.
+
+If cleartext signing is used then the content is saved in a memory bio which is
+written to B<*bcont>, otherwise B<*bcont> is set to NULL.
+
+The parsed CMS_ContentInfo structure is returned or NULL if an
+error occurred.
+
+=head1 NOTES
+
+If B<*bcont> is not NULL then the message is clear text signed. B<*bcont> can
+then be passed to CMS_verify() with the B<CMS_DETACHED> flag set.
+
+Otherwise the type of the returned structure can be determined
+using CMS_get0_type().
+
+To support future functionality if B<bcont> is not NULL B<*bcont> should be
+initialized to NULL. For example:
+
+ BIO *cont = NULL;
+ CMS_ContentInfo *cms;
+
+ cms = SMIME_read_CMS(in, &cont);
+
+=head1 BUGS
+
+The MIME parser used by SMIME_read_CMS() is somewhat primitive. While it will
+handle most S/MIME messages more complex compound formats may not work.
+
+The parser assumes that the CMS_ContentInfo structure is always base64 encoded
+and will not handle the case where it is in binary format or uses quoted
+printable format.
+
+The use of a memory BIO to hold the signed content limits the size of message
+which can be processed due to memory restraints: a streaming single pass option
+should be available.
+
+=head1 RETURN VALUES
+
+SMIME_read_CMS() returns a valid B<CMS_ContentInfo> structure or B<NULL>
+if an error occurred. The error can be obtained from ERR_get_error(3).
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_type(3)|CMS_type(3)>
+L<SMIME_read_CMS(3)|SMIME_read_CMS(3)>, L<CMS_sign(3)|CMS_sign(3)>,
+L<CMS_verify(3)|CMS_verify(3)>, L<CMS_encrypt(3)|CMS_encrypt(3)>
+L<CMS_decrypt(3)|CMS_decrypt(3)>
+
+=head1 HISTORY
+
+SMIME_read_CMS() was added to OpenSSL 0.9.8
+
+=cut
Copied: trunk/crypto/openssl/doc/crypto/SMIME_write_CMS.pod (from rev 7117, vendor-crypto/openssl/dist/doc/crypto/SMIME_write_CMS.pod)
===================================================================
--- trunk/crypto/openssl/doc/crypto/SMIME_write_CMS.pod (rev 0)
+++ trunk/crypto/openssl/doc/crypto/SMIME_write_CMS.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,64 @@
+=pod
+
+=head1 NAME
+
+ SMIME_write_CMS - convert CMS structure to S/MIME format.
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ int SMIME_write_CMS(BIO *out, CMS_ContentInfo *cms, BIO *data, int flags);
+
+=head1 DESCRIPTION
+
+SMIME_write_CMS() adds the appropriate MIME headers to a CMS
+structure to produce an S/MIME message.
+
+B<out> is the BIO to write the data to. B<cms> is the appropriate
+B<CMS_ContentInfo> structure. If streaming is enabled then the content must be
+supplied in the B<data> argument. B<flags> is an optional set of flags.
+
+=head1 NOTES
+
+The following flags can be passed in the B<flags> parameter.
+
+If B<CMS_DETACHED> is set then cleartext signing will be used, this option only
+makes sense for SignedData where B<CMS_DETACHED> is also set when CMS_sign() is
+called.
+
+If the B<CMS_TEXT> flag is set MIME headers for type B<text/plain> are added to
+the content, this only makes sense if B<CMS_DETACHED> is also set.
+
+If the B<CMS_STREAM> flag is set streaming is performed. This flag should only
+be set if B<CMS_STREAM> was also set in the previous call to a CMS_ContentInfo
+creation function.
+
+If cleartext signing is being used and B<CMS_STREAM> not set then the data must
+be read twice: once to compute the signature in CMS_sign() and once to output
+the S/MIME message.
+
+If streaming is performed the content is output in BER format using indefinite
+length constructed encoding except in the case of signed data with detached
+content where the content is absent and DER format is used.
+
+=head1 BUGS
+
+SMIME_write_CMS() always base64 encodes CMS structures, there should be an
+option to disable this.
+
+=head1 RETURN VALUES
+
+SMIME_write_CMS() returns 1 for success or 0 for failure.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_sign(3)|CMS_sign(3)>,
+L<CMS_verify(3)|CMS_verify(3)>, L<CMS_encrypt(3)|CMS_encrypt(3)>
+L<CMS_decrypt(3)|CMS_decrypt(3)>
+
+=head1 HISTORY
+
+SMIME_write_CMS() was added to OpenSSL 0.9.8
+
+=cut
Modified: trunk/crypto/openssl/doc/crypto/SMIME_write_PKCS7.pod
===================================================================
--- trunk/crypto/openssl/doc/crypto/SMIME_write_PKCS7.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/crypto/SMIME_write_PKCS7.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -15,10 +15,9 @@
SMIME_write_PKCS7() adds the appropriate MIME headers to a PKCS#7
structure to produce an S/MIME message.
-B<out> is the BIO to write the data to. B<p7> is the appropriate
-B<PKCS7> structure. If cleartext signing (B<multipart/signed>) is
-being used then the signed data must be supplied in the B<data>
-argument. B<flags> is an optional set of flags.
+B<out> is the BIO to write the data to. B<p7> is the appropriate B<PKCS7>
+structure. If streaming is enabled then the content must be supplied in the
+B<data> argument. B<flags> is an optional set of flags.
=head1 NOTES
@@ -32,15 +31,18 @@
are added to the content, this only makes sense if B<PKCS7_DETACHED>
is also set.
-If the B<PKCS7_PARTSIGN> flag is set the signed data is finalized
-and output along with the content. This flag should only be set
-if B<PKCS7_DETACHED> is also set and the previous call to PKCS7_sign()
-also set these flags.
+If the B<PKCS7_STREAM> flag is set streaming is performed. This flag should
+only be set if B<PKCS7_STREAM> was also set in the previous call to
+PKCS7_sign() or B<PKCS7_encrypt()>.
-If cleartext signing is being used and B<PKCS7_PARTSIGN> not set then
+If cleartext signing is being used and B<PKCS7_STREAM> not set then
the data must be read twice: once to compute the signature in PKCS7_sign()
and once to output the S/MIME message.
+If streaming is performed the content is output in BER format using indefinite
+length constructuted encoding except in the case of signed data with detached
+content where the content is absent and DER format is used.
+
=head1 BUGS
SMIME_write_PKCS7() always base64 encodes PKCS#7 structures, there
Modified: trunk/crypto/openssl/doc/crypto/X509_NAME_add_entry_by_txt.pod
===================================================================
--- trunk/crypto/openssl/doc/crypto/X509_NAME_add_entry_by_txt.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/crypto/X509_NAME_add_entry_by_txt.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -81,14 +81,14 @@
nm = X509_NAME_new();
if (nm == NULL)
/* Some error */
- if (!X509_NAME_add_entry_by_txt(nm, MBSTRING_ASC,
- "C", "UK", -1, -1, 0))
+ if (!X509_NAME_add_entry_by_txt(nm, "C", MBSTRING_ASC,
+ "UK", -1, -1, 0))
/* Error */
- if (!X509_NAME_add_entry_by_txt(nm, MBSTRING_ASC,
- "O", "Disorganized Organization", -1, -1, 0))
+ if (!X509_NAME_add_entry_by_txt(nm, "O", MBSTRING_ASC,
+ "Disorganized Organization", -1, -1, 0))
/* Error */
- if (!X509_NAME_add_entry_by_txt(nm, MBSTRING_ASC,
- "CN", "Joe Bloggs", -1, -1, 0))
+ if (!X509_NAME_add_entry_by_txt(nm, "CN", MBSTRING_ASC,
+ "Joe Bloggs", -1, -1, 0))
/* Error */
=head1 RETURN VALUES
Modified: trunk/crypto/openssl/doc/crypto/X509_NAME_get_index_by_NID.pod
===================================================================
--- trunk/crypto/openssl/doc/crypto/X509_NAME_get_index_by_NID.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/crypto/X509_NAME_get_index_by_NID.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -59,6 +59,10 @@
X509_NAME_get_entry() on any matching indices and then the
various B<X509_NAME_ENTRY> utility functions on the result.
+The list of all relevant B<NID_*> and B<OBJ_* codes> can be found in
+the source code header files E<lt>openssl/obj_mac.hE<gt> and/or
+E<lt>openssl/objects.hE<gt>.
+
=head1 EXAMPLES
Process all entries:
Copied: trunk/crypto/openssl/doc/crypto/X509_STORE_CTX_get_error.pod (from rev 7117, vendor-crypto/openssl/dist/doc/crypto/X509_STORE_CTX_get_error.pod)
===================================================================
--- trunk/crypto/openssl/doc/crypto/X509_STORE_CTX_get_error.pod (rev 0)
+++ trunk/crypto/openssl/doc/crypto/X509_STORE_CTX_get_error.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,305 @@
+=pod
+
+=head1 NAME
+
+X509_STORE_CTX_get_error, X509_STORE_CTX_set_error, X509_STORE_CTX_get_error_depth, X509_STORE_CTX_get_current_cert, X509_STORE_CTX_get1_chain, X509_verify_cert_error_string - get or set certificate verification status information
+
+=head1 SYNOPSIS
+
+ #include <openssl/x509.h>
+ #include <openssl/x509_vfy.h>
+
+ int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx,int s);
+ int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx);
+ X509 * X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx);
+
+ STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx);
+
+ const char *X509_verify_cert_error_string(long n);
+
+=head1 DESCRIPTION
+
+These functions are typically called after X509_verify_cert() has indicated
+an error or in a verification callback to determine the nature of an error.
+
+X509_STORE_CTX_get_error() returns the error code of B<ctx>, see
+the B<ERROR CODES> section for a full description of all error codes.
+
+X509_STORE_CTX_set_error() sets the error code of B<ctx> to B<s>. For example
+it might be used in a verification callback to set an error based on additional
+checks.
+
+X509_STORE_CTX_get_error_depth() returns the B<depth> of the error. This is a
+non-negative integer representing where in the certificate chain the error
+occurred. If it is zero it occured in the end entity certificate, one if
+it is the certificate which signed the end entity certificate and so on.
+
+X509_STORE_CTX_get_current_cert() returns the certificate in B<ctx> which
+caused the error or B<NULL> if no certificate is relevant.
+
+X509_STORE_CTX_get1_chain() returns a complete validate chain if a previous
+call to X509_verify_cert() is successful. If the call to X509_verify_cert()
+is B<not> successful the returned chain may be incomplete or invalid. The
+returned chain persists after the B<ctx> structure is freed, when it is
+no longer needed it should be free up using:
+
+ sk_X509_pop_free(chain, X509_free);
+
+X509_verify_cert_error_string() returns a human readable error string for
+verification error B<n>.
+
+=head1 RETURN VALUES
+
+X509_STORE_CTX_get_error() returns B<X509_V_OK> or an error code.
+
+X509_STORE_CTX_get_error_depth() returns a non-negative error depth.
+
+X509_STORE_CTX_get_current_cert() returns the cerificate which caused the
+error or B<NULL> if no certificate is relevant to the error.
+
+X509_verify_cert_error_string() returns a human readable error string for
+verification error B<n>.
+
+=head1 ERROR CODES
+
+A list of error codes and messages is shown below. Some of the
+error codes are defined but currently never returned: these are described as
+"unused".
+
+=over 4
+
+=item B<X509_V_OK: ok>
+
+the operation was successful.
+
+=item B<X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: unable to get issuer certificate>
+
+the issuer certificate could not be found: this occurs if the issuer certificate
+of an untrusted certificate cannot be found.
+
+=item B<X509_V_ERR_UNABLE_TO_GET_CRL: unable to get certificate CRL>
+
+the CRL of a certificate could not be found.
+
+=item B<X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: unable to decrypt certificate's signature>
+
+the certificate signature could not be decrypted. This means that the actual
+signature value could not be determined rather than it not matching the
+expected value, this is only meaningful for RSA keys.
+
+=item B<X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE: unable to decrypt CRL's signature>
+
+the CRL signature could not be decrypted: this means that the actual signature
+value could not be determined rather than it not matching the expected value.
+Unused.
+
+=item B<X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY: unable to decode issuer public key>
+
+the public key in the certificate SubjectPublicKeyInfo could not be read.
+
+=item B<X509_V_ERR_CERT_SIGNATURE_FAILURE: certificate signature failure>
+
+the signature of the certificate is invalid.
+
+=item B<X509_V_ERR_CRL_SIGNATURE_FAILURE: CRL signature failure>
+
+the signature of the certificate is invalid.
+
+=item B<X509_V_ERR_CERT_NOT_YET_VALID: certificate is not yet valid>
+
+the certificate is not yet valid: the notBefore date is after the current time.
+
+=item B<X509_V_ERR_CERT_HAS_EXPIRED: certificate has expired>
+
+the certificate has expired: that is the notAfter date is before the current time.
+
+=item B<X509_V_ERR_CRL_NOT_YET_VALID: CRL is not yet valid>
+
+the CRL is not yet valid.
+
+=item B<X509_V_ERR_CRL_HAS_EXPIRED: CRL has expired>
+
+the CRL has expired.
+
+=item B<X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: format error in certificate's notBefore field>
+
+the certificate notBefore field contains an invalid time.
+
+=item B<X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: format error in certificate's notAfter field>
+
+the certificate notAfter field contains an invalid time.
+
+=item B<X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD: format error in CRL's lastUpdate field>
+
+the CRL lastUpdate field contains an invalid time.
+
+=item B<X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD: format error in CRL's nextUpdate field>
+
+the CRL nextUpdate field contains an invalid time.
+
+=item B<X509_V_ERR_OUT_OF_MEM: out of memory>
+
+an error occurred trying to allocate memory. This should never happen.
+
+=item B<X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: self signed certificate>
+
+the passed certificate is self signed and the same certificate cannot be found
+in the list of trusted certificates.
+
+=item B<X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: self signed certificate in certificate chain>
+
+the certificate chain could be built up using the untrusted certificates but
+the root could not be found locally.
+
+=item B<X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: unable to get local issuer certificate>
+
+the issuer certificate of a locally looked up certificate could not be found.
+This normally means the list of trusted certificates is not complete.
+
+=item B<X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE: unable to verify the first certificate>
+
+no signatures could be verified because the chain contains only one certificate
+and it is not self signed.
+
+=item B<X509_V_ERR_CERT_CHAIN_TOO_LONG: certificate chain too long>
+
+the certificate chain length is greater than the supplied maximum depth. Unused.
+
+=item B<X509_V_ERR_CERT_REVOKED: certificate revoked>
+
+the certificate has been revoked.
+
+=item B<X509_V_ERR_INVALID_CA: invalid CA certificate>
+
+a CA certificate is invalid. Either it is not a CA or its extensions are not
+consistent with the supplied purpose.
+
+=item B<X509_V_ERR_PATH_LENGTH_EXCEEDED: path length constraint exceeded>
+
+the basicConstraints pathlength parameter has been exceeded.
+
+=item B<X509_V_ERR_INVALID_PURPOSE: unsupported certificate purpose>
+
+the supplied certificate cannot be used for the specified purpose.
+
+=item B<X509_V_ERR_CERT_UNTRUSTED: certificate not trusted>
+
+the root CA is not marked as trusted for the specified purpose.
+
+=item B<X509_V_ERR_CERT_REJECTED: certificate rejected>
+
+the root CA is marked to reject the specified purpose.
+
+=item B<X509_V_ERR_SUBJECT_ISSUER_MISMATCH: subject issuer mismatch>
+
+the current candidate issuer certificate was rejected because its subject name
+did not match the issuer name of the current certificate. This is only set
+if issuer check debugging is enabled it is used for status notification and
+is B<not> in itself an error.
+
+=item B<X509_V_ERR_AKID_SKID_MISMATCH: authority and subject key identifier mismatch>
+
+the current candidate issuer certificate was rejected because its subject key
+identifier was present and did not match the authority key identifier current
+certificate. This is only set if issuer check debugging is enabled it is used
+for status notification and is B<not> in itself an error.
+
+=item B<X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH: authority and issuer serial number mismatch>
+
+the current candidate issuer certificate was rejected because its issuer name
+and serial number was present and did not match the authority key identifier of
+the current certificate. This is only set if issuer check debugging is enabled
+it is used for status notification and is B<not> in itself an error.
+
+=item B<X509_V_ERR_KEYUSAGE_NO_CERTSIGN:key usage does not include certificate signing>
+
+the current candidate issuer certificate was rejected because its keyUsage
+extension does not permit certificate signing. This is only set if issuer check
+debugging is enabled it is used for status notification and is B<not> in itself
+an error.
+
+=item B<X509_V_ERR_INVALID_EXTENSION: invalid or inconsistent certificate extension>
+
+A certificate extension had an invalid value (for example an incorrect
+encoding) or some value inconsistent with other extensions.
+
+
+=item B<X509_V_ERR_INVALID_POLICY_EXTENSION: invalid or inconsistent certificate policy extension>
+
+A certificate policies extension had an invalid value (for example an incorrect
+encoding) or some value inconsistent with other extensions. This error only
+occurs if policy processing is enabled.
+
+=item B<X509_V_ERR_NO_EXPLICIT_POLICY: no explicit policy>
+
+The verification flags were set to require and explicit policy but none was
+present.
+
+=item B<X509_V_ERR_DIFFERENT_CRL_SCOPE: Different CRL scope>
+
+The only CRLs that could be found did not match the scope of the certificate.
+
+=item B<X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE: Unsupported extension feature>
+
+Some feature of a certificate extension is not supported. Unused.
+
+=item B<X509_V_ERR_PERMITTED_VIOLATION: permitted subtree violation>
+
+A name constraint violation occured in the permitted subtrees.
+
+=item B<X509_V_ERR_EXCLUDED_VIOLATION: excluded subtree violation>
+
+A name constraint violation occured in the excluded subtrees.
+
+=item B<X509_V_ERR_SUBTREE_MINMAX: name constraints minimum and maximum not supported>
+
+A certificate name constraints extension included a minimum or maximum field:
+this is not supported.
+
+=item B<X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE: unsupported name constraint type>
+
+An unsupported name constraint type was encountered. OpenSSL currently only
+supports directory name, DNS name, email and URI types.
+
+=item B<X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX: unsupported or invalid name constraint syntax>
+
+The format of the name constraint is not recognised: for example an email
+address format of a form not mentioned in RFC3280. This could be caused by
+a garbage extension or some new feature not currently supported.
+
+=item B<X509_V_ERR_CRL_PATH_VALIDATION_ERROR: CRL path validation error>
+
+An error occured when attempting to verify the CRL path. This error can only
+happen if extended CRL checking is enabled.
+
+=item B<X509_V_ERR_APPLICATION_VERIFICATION: application verification failure>
+
+an application specific error. This will never be returned unless explicitly
+set by an application.
+
+=back
+
+=head1 NOTES
+
+The above functions should be used instead of directly referencing the fields
+in the B<X509_VERIFY_CTX> structure.
+
+In versions of OpenSSL before 1.0 the current certificate returned by
+X509_STORE_CTX_get_current_cert() was never B<NULL>. Applications should
+check the return value before printing out any debugging information relating
+to the current certificate.
+
+If an unrecognised error code is passed to X509_verify_cert_error_string() the
+numerical value of the unknown code is returned in a static buffer. This is not
+thread safe but will never happen unless an invalid code is passed.
+
+=head1 SEE ALSO
+
+L<X509_verify_cert(3)|X509_verify_cert(3)>
+
+=head1 HISTORY
+
+TBA
+
+=cut
Copied: trunk/crypto/openssl/doc/crypto/X509_STORE_CTX_get_ex_new_index.pod (from rev 7117, vendor-crypto/openssl/dist/doc/crypto/X509_STORE_CTX_get_ex_new_index.pod)
===================================================================
--- trunk/crypto/openssl/doc/crypto/X509_STORE_CTX_get_ex_new_index.pod (rev 0)
+++ trunk/crypto/openssl/doc/crypto/X509_STORE_CTX_get_ex_new_index.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,41 @@
+=pod
+
+=head1 NAME
+
+X509_STORE_CTX_get_ex_new_index, X509_STORE_CTX_set_ex_data, X509_STORE_CTX_get_ex_data - add application specific data to X509_STORE_CTX structures
+
+=head1 SYNOPSIS
+
+ #include <openssl/x509_vfy.h>
+
+ int X509_STORE_CTX_get_ex_new_index(long argl, void *argp,
+ CRYPTO_EX_new *new_func,
+ CRYPTO_EX_dup *dup_func,
+ CRYPTO_EX_free *free_func);
+
+ int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *d, int idx, void *arg);
+
+ void *X509_STORE_CTX_get_ex_data(X509_STORE_CTX *d, int idx);
+
+=head1 DESCRIPTION
+
+These functions handle application specific data in X509_STORE_CTX structures.
+Their usage is identical to that of RSA_get_ex_new_index(), RSA_set_ex_data()
+and RSA_get_ex_data() as described in L<RSA_get_ex_new_index(3)>.
+
+=head1 NOTES
+
+This mechanism is used internally by the B<ssl> library to store the B<SSL>
+structure associated with a verification operation in an B<X509_STORE_CTX>
+structure.
+
+=head1 SEE ALSO
+
+L<RSA_get_ex_new_index(3)|RSA_get_ex_new_index(3)>
+
+=head1 HISTORY
+
+X509_STORE_CTX_get_ex_new_index(), X509_STORE_CTX_set_ex_data() and
+X509_STORE_CTX_get_ex_data() are available since OpenSSL 0.9.5.
+
+=cut
Copied: trunk/crypto/openssl/doc/crypto/X509_STORE_CTX_new.pod (from rev 7117, vendor-crypto/openssl/dist/doc/crypto/X509_STORE_CTX_new.pod)
===================================================================
--- trunk/crypto/openssl/doc/crypto/X509_STORE_CTX_new.pod (rev 0)
+++ trunk/crypto/openssl/doc/crypto/X509_STORE_CTX_new.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,122 @@
+=pod
+
+=head1 NAME
+
+X509_STORE_CTX_new, X509_STORE_CTX_cleanup, X509_STORE_CTX_free, X509_STORE_CTX_init, X509_STORE_CTX_trusted_stack, X509_STORE_CTX_set_cert, X509_STORE_CTX_set_chain, X509_STORE_CTX_set0_crls, X509_STORE_CTX_get0_param, X509_STORE_CTX_set0_param, X509_STORE_CTX_set_default - X509_STORE_CTX initialisation
+
+=head1 SYNOPSIS
+
+ #include <openssl/x509_vfy.h>
+
+ X509_STORE_CTX *X509_STORE_CTX_new(void);
+ void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_free(X509_STORE_CTX *ctx);
+
+ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store,
+ X509 *x509, STACK_OF(X509) *chain);
+
+ void X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
+
+ void X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx,X509 *x);
+ void X509_STORE_CTX_set_chain(X509_STORE_CTX *ctx,STACK_OF(X509) *sk);
+ void X509_STORE_CTX_set0_crls(X509_STORE_CTX *ctx, STACK_OF(X509_CRL) *sk);
+
+ X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param);
+ int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name);
+
+=head1 DESCRIPTION
+
+These functions initialise an B<X509_STORE_CTX> structure for subsequent use
+by X509_verify_cert().
+
+X509_STORE_CTX_new() returns a newly initialised B<X509_STORE_CTX> structure.
+
+X509_STORE_CTX_cleanup() internally cleans up an B<X509_STORE_CTX> structure.
+The context can then be reused with an new call to X509_STORE_CTX_init().
+
+X509_STORE_CTX_free() completely frees up B<ctx>. After this call B<ctx>
+is no longer valid.
+
+X509_STORE_CTX_init() sets up B<ctx> for a subsequent verification operation.
+The trusted certificate store is set to B<store>, the end entity certificate
+to be verified is set to B<x509> and a set of additional certificates (which
+will be untrusted but may be used to build the chain) in B<chain>. Any or
+all of the B<store>, B<x509> and B<chain> parameters can be B<NULL>.
+
+X509_STORE_CTX_trusted_stack() sets the set of trusted certificates of B<ctx>
+to B<sk>. This is an alternative way of specifying trusted certificates
+instead of using an B<X509_STORE>.
+
+X509_STORE_CTX_set_cert() sets the certificate to be vertified in B<ctx> to
+B<x>.
+
+X509_STORE_CTX_set_chain() sets the additional certificate chain used by B<ctx>
+to B<sk>.
+
+X509_STORE_CTX_set0_crls() sets a set of CRLs to use to aid certificate
+verification to B<sk>. These CRLs will only be used if CRL verification is
+enabled in the associated B<X509_VERIFY_PARAM> structure. This might be
+used where additional "useful" CRLs are supplied as part of a protocol,
+for example in a PKCS#7 structure.
+
+X509_VERIFY_PARAM *X509_STORE_CTX_get0_param() retrieves an intenal pointer
+to the verification parameters associated with B<ctx>.
+
+X509_STORE_CTX_set0_param() sets the intenal verification parameter pointer
+to B<param>. After this call B<param> should not be used.
+
+X509_STORE_CTX_set_default() looks up and sets the default verification
+method to B<name>. This uses the function X509_VERIFY_PARAM_lookup() to
+find an appropriate set of parameters from B<name>.
+
+=head1 NOTES
+
+The certificates and CRLs in a store are used internally and should B<not>
+be freed up until after the associated B<X509_STORE_CTX> is freed. Legacy
+applications might implicitly use an B<X509_STORE_CTX> like this:
+
+ X509_STORE_CTX ctx;
+ X509_STORE_CTX_init(&ctx, store, cert, chain);
+
+this is B<not> recommended in new applications they should instead do:
+
+ X509_STORE_CTX *ctx;
+ ctx = X509_STORE_CTX_new();
+ if (ctx == NULL)
+ /* Bad error */
+ X509_STORE_CTX_init(ctx, store, cert, chain);
+
+=head1 BUGS
+
+The certificates and CRLs in a context are used internally and should B<not>
+be freed up until after the associated B<X509_STORE_CTX> is freed. Copies
+should be made or reference counts increased instead.
+
+=head1 RETURN VALUES
+
+X509_STORE_CTX_new() returns an newly allocates context or B<NULL> is an
+error occurred.
+
+X509_STORE_CTX_init() returns 1 for success or 0 if an error occurred.
+
+X509_STORE_CTX_get0_param() returns a pointer to an B<X509_VERIFY_PARAM>
+structure or B<NULL> if an error occurred.
+
+X509_STORE_CTX_cleanup(), X509_STORE_CTX_free(), X509_STORE_CTX_trusted_stack(),
+X509_STORE_CTX_set_cert(), X509_STORE_CTX_set_chain(),
+X509_STORE_CTX_set0_crls() and X509_STORE_CTX_set0_param() do not return
+values.
+
+X509_STORE_CTX_set_default() returns 1 for success or 0 if an error occurred.
+
+=head1 SEE ALSO
+
+L<X509_verify_cert(3)|X509_verify_cert(3)>
+L<X509_VERIFY_PARAM_set_flags(3)|X509_VERIFY_PARAM_set_flags(3)>
+
+=head1 HISTORY
+
+X509_STORE_CTX_set0_crls() was first added to OpenSSL 1.0.0
+
+=cut
Copied: trunk/crypto/openssl/doc/crypto/X509_STORE_CTX_set_verify_cb.pod (from rev 7117, vendor-crypto/openssl/dist/doc/crypto/X509_STORE_CTX_set_verify_cb.pod)
===================================================================
--- trunk/crypto/openssl/doc/crypto/X509_STORE_CTX_set_verify_cb.pod (rev 0)
+++ trunk/crypto/openssl/doc/crypto/X509_STORE_CTX_set_verify_cb.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,161 @@
+=pod
+
+=head1 NAME
+
+X509_STORE_CTX_set_verify_cb - set verification callback
+
+=head1 SYNOPSIS
+
+ #include <openssl/x509_vfy.h>
+
+ void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx,
+ int (*verify_cb)(int ok, X509_STORE_CTX *ctx));
+
+=head1 DESCRIPTION
+
+X509_STORE_CTX_set_verify_cb() sets the verification callback of B<ctx> to
+B<verify_cb> overwriting any existing callback.
+
+The verification callback can be used to customise the operation of certificate
+verification, either by overriding error conditions or logging errors for
+debugging purposes.
+
+However a verification callback is B<not> essential and the default operation
+is often sufficient.
+
+The B<ok> parameter to the callback indicates the value the callback should
+return to retain the default behaviour. If it is zero then and error condition
+is indicated. If it is 1 then no error occurred. If the flag
+B<X509_V_FLAG_NOTIFY_POLICY> is set then B<ok> is set to 2 to indicate the
+policy checking is complete.
+
+The B<ctx> parameter to the callback is the B<X509_STORE_CTX> structure that
+is performing the verification operation. A callback can examine this
+structure and receive additional information about the error, for example
+by calling X509_STORE_CTX_get_current_cert(). Additional application data can
+be passed to the callback via the B<ex_data> mechanism.
+
+=head1 WARNING
+
+In general a verification callback should B<NOT> unconditionally return 1 in
+all circumstances because this will allow verification to succeed no matter
+what the error. This effectively removes all security from the application
+because B<any> certificate (including untrusted generated ones) will be
+accepted.
+
+=head1 NOTES
+
+The verification callback can be set and inherited from the parent structure
+performing the operation. In some cases (such as S/MIME verification) the
+B<X509_STORE_CTX> structure is created and destroyed internally and the
+only way to set a custom verification callback is by inheriting it from the
+associated B<X509_STORE>.
+
+=head1 RETURN VALUES
+
+X509_STORE_CTX_set_verify_cb() does not return a value.
+
+=head1 EXAMPLES
+
+Default callback operation:
+
+ int verify_callback(int ok, X509_STORE_CTX *ctx)
+ {
+ return ok;
+ }
+
+Simple example, suppose a certificate in the chain is expired and we wish
+to continue after this error:
+
+ int verify_callback(int ok, X509_STORE_CTX *ctx)
+ {
+ /* Tolerate certificate expiration */
+ if (X509_STORE_CTX_get_error(ctx) == X509_V_ERR_CERT_HAS_EXPIRED)
+ return 1;
+ /* Otherwise don't override */
+ return ok;
+ }
+
+More complex example, we don't wish to continue after B<any> certificate has
+expired just one specific case:
+
+ int verify_callback(int ok, X509_STORE_CTX *ctx)
+ {
+ int err = X509_STORE_CTX_get_error(ctx);
+ X509 *err_cert = X509_STORE_CTX_get_current_cert(ctx);
+ if (err == X509_V_ERR_CERT_HAS_EXPIRED)
+ {
+ if (check_is_acceptable_expired_cert(err_cert)
+ return 1;
+ }
+ return ok;
+ }
+
+Full featured logging callback. In this case the B<bio_err> is assumed to be
+a global logging B<BIO>, an alternative would to store a BIO in B<ctx> using
+B<ex_data>.
+
+ int verify_callback(int ok, X509_STORE_CTX *ctx)
+ {
+ X509 *err_cert;
+ int err,depth;
+
+ err_cert = X509_STORE_CTX_get_current_cert(ctx);
+ err = X509_STORE_CTX_get_error(ctx);
+ depth = X509_STORE_CTX_get_error_depth(ctx);
+
+ BIO_printf(bio_err,"depth=%d ",depth);
+ if (err_cert)
+ {
+ X509_NAME_print_ex(bio_err, X509_get_subject_name(err_cert),
+ 0, XN_FLAG_ONELINE);
+ BIO_puts(bio_err, "\n");
+ }
+ else
+ BIO_puts(bio_err, "<no cert>\n");
+ if (!ok)
+ BIO_printf(bio_err,"verify error:num=%d:%s\n",err,
+ X509_verify_cert_error_string(err));
+ switch (err)
+ {
+ case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
+ BIO_puts(bio_err,"issuer= ");
+ X509_NAME_print_ex(bio_err, X509_get_issuer_name(err_cert),
+ 0, XN_FLAG_ONELINE);
+ BIO_puts(bio_err, "\n");
+ break;
+ case X509_V_ERR_CERT_NOT_YET_VALID:
+ case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
+ BIO_printf(bio_err,"notBefore=");
+ ASN1_TIME_print(bio_err,X509_get_notBefore(err_cert));
+ BIO_printf(bio_err,"\n");
+ break;
+ case X509_V_ERR_CERT_HAS_EXPIRED:
+ case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
+ BIO_printf(bio_err,"notAfter=");
+ ASN1_TIME_print(bio_err,X509_get_notAfter(err_cert));
+ BIO_printf(bio_err,"\n");
+ break;
+ case X509_V_ERR_NO_EXPLICIT_POLICY:
+ policies_print(bio_err, ctx);
+ break;
+ }
+ if (err == X509_V_OK && ok == 2)
+ /* print out policies */
+
+ BIO_printf(bio_err,"verify return:%d\n",ok);
+ return(ok);
+ }
+
+=head1 SEE ALSO
+
+L<X509_STORE_CTX_get_error(3)|X509_STORE_CTX_get_error(3)>
+L<X509_STORE_set_verify_cb_func(3)|X509_STORE_set_verify_cb_func(3)>
+L<X509_STORE_CTX_get_ex_new_index(3)|X509_STORE_CTX_get_ex_new_index(3)>
+
+=head1 HISTORY
+
+X509_STORE_CTX_set_verify_cb() is available in all versions of SSLeay and
+OpenSSL.
+
+=cut
Copied: trunk/crypto/openssl/doc/crypto/X509_STORE_set_verify_cb_func.pod (from rev 7117, vendor-crypto/openssl/dist/doc/crypto/X509_STORE_set_verify_cb_func.pod)
===================================================================
--- trunk/crypto/openssl/doc/crypto/X509_STORE_set_verify_cb_func.pod (rev 0)
+++ trunk/crypto/openssl/doc/crypto/X509_STORE_set_verify_cb_func.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,54 @@
+=pod
+
+=head1 NAME
+
+X509_STORE_set_verify_cb_func, X509_STORE_set_verify_cb - set verification callback
+
+=head1 SYNOPSIS
+
+ #include <openssl/x509_vfy.h>
+
+ void X509_STORE_set_verify_cb(X509_STORE *st,
+ int (*verify_cb)(int ok, X509_STORE_CTX *ctx));
+
+ void X509_STORE_set_verify_cb_func(X509_STORE *st,
+ int (*verify_cb)(int ok, X509_STORE_CTX *ctx));
+
+=head1 DESCRIPTION
+
+X509_STORE_set_verify_cb() sets the verification callback of B<ctx> to
+B<verify_cb> overwriting any existing callback.
+
+X509_STORE_set_verify_cb_func() also sets the verification callback but it
+is implemented as a macro.
+
+=head1 NOTES
+
+The verification callback from an B<X509_STORE> is inherited by
+the corresponding B<X509_STORE_CTX> structure when it is initialized. This can
+be used to set the verification callback when the B<X509_STORE_CTX> is
+otherwise inaccessible (for example during S/MIME verification).
+
+=head1 BUGS
+
+The macro version of this function was the only one available before
+OpenSSL 1.0.0.
+
+=head1 RETURN VALUES
+
+X509_STORE_set_verify_cb() and X509_STORE_set_verify_cb_func() do not return
+a value.
+
+=head1 SEE ALSO
+
+L<X509_STORE_CTX_set_verify_cb(3)|X509_STORE_CTX_set_verify_cb(3)>
+L<CMS_verify(3)|CMS_verify(3)>
+
+=head1 HISTORY
+
+X509_STORE_set_verify_cb_func() is available in all versions of SSLeay and
+OpenSSL.
+
+X509_STORE_set_verify_cb() was added to OpenSSL 1.0.0.
+
+=cut
Copied: trunk/crypto/openssl/doc/crypto/X509_VERIFY_PARAM_set_flags.pod (from rev 7117, vendor-crypto/openssl/dist/doc/crypto/X509_VERIFY_PARAM_set_flags.pod)
===================================================================
--- trunk/crypto/openssl/doc/crypto/X509_VERIFY_PARAM_set_flags.pod (rev 0)
+++ trunk/crypto/openssl/doc/crypto/X509_VERIFY_PARAM_set_flags.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,177 @@
+=pod
+
+=head1 NAME
+
+X509_VERIFY_PARAM_set_flags, X509_VERIFY_PARAM_clear_flags, X509_VERIFY_PARAM_get_flags, X509_VERIFY_PARAM_set_purpose, X509_VERIFY_PARAM_set_trust, X509_VERIFY_PARAM_set_depth, X509_VERIFY_PARAM_get_depth, X509_VERIFY_PARAM_set_time, X509_VERIFY_PARAM_add0_policy, X509_VERIFY_PARAM_set1_policies - X509 verification parameters
+
+=head1 SYNOPSIS
+
+ #include <openssl/x509_vfy.h>
+
+ int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param, unsigned long flags);
+ int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param,
+ unsigned long flags);
+ unsigned long X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose);
+ int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust);
+
+ void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t);
+
+ int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
+ ASN1_OBJECT *policy);
+ int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param,
+ STACK_OF(ASN1_OBJECT) *policies);
+
+ void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth);
+ int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param);
+
+=head1 DESCRIPTION
+
+These functions manipulate the B<X509_VERIFY_PARAM> structure associated with
+a certificate verification operation.
+
+The X509_VERIFY_PARAM_set_flags() function sets the flags in B<param> by oring
+it with B<flags>. See the B<VERIFICATION FLAGS> section for a complete
+description of values the B<flags> parameter can take.
+
+X509_VERIFY_PARAM_get_flags() returns the flags in B<param>.
+
+X509_VERIFY_PARAM_clear_flags() clears the flags B<flags> in B<param>.
+
+X509_VERIFY_PARAM_set_purpose() sets the verification purpose in B<param>
+to B<purpose>. This determines the acceptable purpose of the certificate
+chain, for example SSL client or SSL server.
+
+X509_VERIFY_PARAM_set_trust() sets the trust setting in B<param> to
+B<trust>.
+
+X509_VERIFY_PARAM_set_time() sets the verification time in B<param> to
+B<t>. Normally the current time is used.
+
+X509_VERIFY_PARAM_add0_policy() enables policy checking (it is disabled
+by default) and adds B<policy> to the acceptable policy set.
+
+X509_VERIFY_PARAM_set1_policies() enables policy checking (it is disabled
+by default) and sets the acceptable policy set to B<policies>. Any existing
+policy set is cleared. The B<policies> parameter can be B<NULL> to clear
+an existing policy set.
+
+X509_VERIFY_PARAM_set_depth() sets the maximum verification depth to B<depth>.
+That is the maximum number of untrusted CA certificates that can appear in a
+chain.
+
+=head1 RETURN VALUES
+
+X509_VERIFY_PARAM_set_flags(), X509_VERIFY_PARAM_clear_flags(),
+X509_VERIFY_PARAM_set_purpose(), X509_VERIFY_PARAM_set_trust(),
+X509_VERIFY_PARAM_add0_policy() and X509_VERIFY_PARAM_set1_policies() return 1
+for success and 0 for failure.
+
+X509_VERIFY_PARAM_get_flags() returns the current verification flags.
+
+X509_VERIFY_PARAM_set_time() and X509_VERIFY_PARAM_set_depth() do not return
+values.
+
+X509_VERIFY_PARAM_get_depth() returns the current verification depth.
+
+=head1 VERIFICATION FLAGS
+
+The verification flags consists of zero or more of the following flags
+ored together.
+
+B<X509_V_FLAG_CRL_CHECK> enables CRL checking for the certificate chain leaf
+certificate. An error occurs if a suitable CRL cannot be found.
+
+B<X509_V_FLAG_CRL_CHECK_ALL> enables CRL checking for the entire certificate
+chain.
+
+B<X509_V_FLAG_IGNORE_CRITICAL> disabled critical extension checking. By default
+any unhandled critical extensions in certificates or (if checked) CRLs results
+in a fatal error. If this flag is set unhandled critical extensions are
+ignored. B<WARNING> setting this option for anything other than debugging
+purposes can be a security risk. Finer control over which extensions are
+supported can be performed in the verification callback.
+
+THe B<X509_V_FLAG_X509_STRICT> flag disables workarounds for some broken
+certificates and makes the verification strictly apply B<X509> rules.
+
+B<X509_V_FLAG_ALLOW_PROXY_CERTS> enables proxy certificate verification.
+
+B<X509_V_FLAG_POLICY_CHECK> enables certificate policy checking, by default
+no policy checking is peformed. Additional information is sent to the
+verification callback relating to policy checking.
+
+B<X509_V_FLAG_EXPLICIT_POLICY>, B<X509_V_FLAG_INHIBIT_ANY> and
+B<X509_V_FLAG_INHIBIT_MAP> set the B<require explicit policy>, B<inhibit any
+policy> and B<inhibit policy mapping> flags respectively as defined in
+B<RFC3280>. Policy checking is automatically enabled if any of these flags
+are set.
+
+If B<X509_V_FLAG_NOTIFY_POLICY> is set and the policy checking is successful
+a special status code is set to the verification callback. This permits it
+to examine the valid policy tree and perform additional checks or simply
+log it for debugging purposes.
+
+By default some additional features such as indirect CRLs and CRLs signed by
+different keys are disabled. If B<X509_V_FLAG_EXTENDED_CRL_SUPPORT> is set
+they are enabled.
+
+If B<X509_V_FLAG_USE_DELTAS> ise set delta CRLs (if present) are used to
+determine certificate status. If not set deltas are ignored.
+
+B<X509_V_FLAG_CHECK_SS_SIGNATURE> enables checking of the root CA self signed
+cerificate signature. By default this check is disabled because it doesn't
+add any additional security but in some cases applications might want to
+check the signature anyway. A side effect of not checking the root CA
+signature is that disabled or unsupported message digests on the root CA
+are not treated as fatal errors.
+
+The B<X509_V_FLAG_CB_ISSUER_CHECK> flag enables debugging of certificate
+issuer checks. It is B<not> needed unless you are logging certificate
+verification. If this flag is set then additional status codes will be sent
+to the verification callback and it B<must> be prepared to handle such cases
+without assuming they are hard errors.
+
+The B<X509_V_FLAG_NO_ALT_CHAINS> flag suppresses checking for alternative
+chains. By default, when building a certificate chain, if the first certificate
+chain found is not trusted, then OpenSSL will continue to check to see if an
+alternative chain can be found that is trusted. With this flag set the behaviour
+will match that of OpenSSL versions prior to 1.0.1n and 1.0.2b.
+
+=head1 NOTES
+
+The above functions should be used to manipulate verification parameters
+instead of legacy functions which work in specific structures such as
+X509_STORE_CTX_set_flags().
+
+=head1 BUGS
+
+Delta CRL checking is currently primitive. Only a single delta can be used and
+(partly due to limitations of B<X509_STORE>) constructed CRLs are not
+maintained.
+
+If CRLs checking is enable CRLs are expected to be available in the
+corresponding B<X509_STORE> structure. No attempt is made to download
+CRLs from the CRL distribution points extension.
+
+=head1 EXAMPLE
+
+Enable CRL checking when performing certificate verification during SSL
+connections associated with an B<SSL_CTX> structure B<ctx>:
+
+ X509_VERIFY_PARAM *param;
+ param = X509_VERIFY_PARAM_new();
+ X509_VERIFY_PARAM_set_flags(param, X509_V_FLAG_CRL_CHECK);
+ SSL_CTX_set1_param(ctx, param);
+ X509_VERIFY_PARAM_free(param);
+
+=head1 SEE ALSO
+
+L<X509_verify_cert(3)|X509_verify_cert(3)>
+
+=head1 HISTORY
+
+The B<X509_V_FLAG_NO_ALT_CHAINS> flag was added in OpenSSL 1.0.1n and 1.0.2b
+
+=cut
Copied: trunk/crypto/openssl/doc/crypto/X509_verify_cert.pod (from rev 7117, vendor-crypto/openssl/dist/doc/crypto/X509_verify_cert.pod)
===================================================================
--- trunk/crypto/openssl/doc/crypto/X509_verify_cert.pod (rev 0)
+++ trunk/crypto/openssl/doc/crypto/X509_verify_cert.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,53 @@
+=pod
+
+=head1 NAME
+
+X509_verify_cert - discover and verify X509 certificte chain
+
+=head1 SYNOPSIS
+
+ #include <openssl/x509.h>
+
+ int X509_verify_cert(X509_STORE_CTX *ctx);
+
+=head1 DESCRIPTION
+
+The X509_verify_cert() function attempts to discover and validate a
+certificate chain based on parameters in B<ctx>. A complete description of
+the process is contained in the L<verify(1)|verify(1)> manual page.
+
+=head1 RETURN VALUES
+
+If a complete chain can be built and validated this function returns 1,
+otherwise it return zero, in exceptional circumstances it can also
+return a negative code.
+
+If the function fails additional error information can be obtained by
+examining B<ctx> using, for example X509_STORE_CTX_get_error().
+
+=head1 NOTES
+
+Applications rarely call this function directly but it is used by
+OpenSSL internally for certificate validation, in both the S/MIME and
+SSL/TLS code.
+
+The negative return value from X509_verify_cert() can only occur if no
+certificate is set in B<ctx> (due to a programming error) or if a retry
+operation is requested during internal lookups (which never happens with
+standard lookup methods). It is however recommended that application check
+for <= 0 return value on error.
+
+=head1 BUGS
+
+This function uses the header B<x509.h> as opposed to most chain verification
+functiosn which use B<x509_vfy.h>.
+
+=head1 SEE ALSO
+
+L<X509_STORE_CTX_get_error(3)|X509_STORE_CTX_get_error(3)>
+
+=head1 HISTORY
+
+X509_verify_cert() is available in all versions of SSLeay and OpenSSL.
+
+=cut
Copied: trunk/crypto/openssl/doc/crypto/d2i_CMS_ContentInfo.pod (from rev 7117, vendor-crypto/openssl/dist/doc/crypto/d2i_CMS_ContentInfo.pod)
===================================================================
--- trunk/crypto/openssl/doc/crypto/d2i_CMS_ContentInfo.pod (rev 0)
+++ trunk/crypto/openssl/doc/crypto/d2i_CMS_ContentInfo.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,29 @@
+=pod
+
+=head1 NAME
+
+d2i_CMS_ContentInfo, i2d_CMS_ContentInfo - CMS ContentInfo functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ CMS_ContentInfo *d2i_CMS_ContentInfo(CMS_ContentInfo **a, unsigned char **pp, long length);
+ int i2d_CMS_ContentInfo(CMS_ContentInfo *a, unsigned char **pp);
+
+=head1 DESCRIPTION
+
+These functions decode and encode an CMS ContentInfo structure.
+
+Otherwise they behave in a similar way to d2i_X509() and i2d_X509()
+described in the L<d2i_X509(3)|d2i_X509(3)> manual page.
+
+=head1 SEE ALSO
+
+L<d2i_X509(3)|d2i_X509(3)>
+
+=head1 HISTORY
+
+These functions were first added to OpenSSL 0.9.8
+
+=cut
Copied: trunk/crypto/openssl/doc/crypto/d2i_ECPrivateKey.pod (from rev 7117, vendor-crypto/openssl/dist/doc/crypto/d2i_ECPrivateKey.pod)
===================================================================
--- trunk/crypto/openssl/doc/crypto/d2i_ECPrivateKey.pod (rev 0)
+++ trunk/crypto/openssl/doc/crypto/d2i_ECPrivateKey.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,67 @@
+=pod
+
+=head1 NAME
+
+i2d_ECPrivateKey, d2i_ECPrivate_key - Encode and decode functions for saving and
+reading EC_KEY structures
+
+=head1 SYNOPSIS
+
+ #include <openssl/ec.h>
+
+ EC_KEY *d2i_ECPrivateKey(EC_KEY **key, const unsigned char **in, long len);
+ int i2d_ECPrivateKey(EC_KEY *key, unsigned char **out);
+
+ unsigned int EC_KEY_get_enc_flags(const EC_KEY *key);
+ void EC_KEY_set_enc_flags(EC_KEY *eckey, unsigned int flags);
+
+=head1 DESCRIPTION
+
+The ECPrivateKey encode and decode routines encode and parse an
+B<EC_KEY> structure into a binary format (ASN.1 DER) and back again.
+
+These functions are similar to the d2i_X509() functions, and you should refer to
+that page for a detailed description (see L<d2i_X509(3)|d2i_X509(3)>).
+
+The format of the external representation of the public key written by
+i2d_ECPrivateKey (such as whether it is stored in a compressed form or not) is
+described by the point_conversion_form. See L<EC_GROUP_copy(3)|EC_GROUP_copy(3)>
+for a description of point_conversion_form.
+
+When reading a private key encoded without an associated public key (e.g. if
+EC_PKEY_NO_PUBKEY has been used - see below), then d2i_ECPrivateKey generates
+the missing public key automatically. Private keys encoded without parameters
+(e.g. if EC_PKEY_NO_PARAMETERS has been used - see below) cannot be loaded using
+d2i_ECPrivateKey.
+
+The functions EC_KEY_get_enc_flags and EC_KEY_set_enc_flags get and set the
+value of the encoding flags for the B<key>. There are two encoding flags
+currently defined - EC_PKEY_NO_PARAMETERS and EC_PKEY_NO_PUBKEY. These flags
+define the behaviour of how the B<key> is converted into ASN1 in a call to
+i2d_ECPrivateKey. If EC_PKEY_NO_PARAMETERS is set then the public parameters for
+the curve are not encoded along with the private key. If EC_PKEY_NO_PUBKEY is
+set then the public key is not encoded along with the private key.
+
+=head1 RETURN VALUES
+
+d2i_ECPrivateKey() returns a valid B<EC_KEY> structure or B<NULL> if an error
+occurs. The error code that can be obtained by
+L<ERR_get_error(3)|ERR_get_error(3)>.
+
+i2d_ECPrivateKey() returns the number of bytes successfully encoded or a
+negative value if an error occurs. The error code can be obtained by
+L<ERR_get_error(3)|ERR_get_error(3)>.
+
+EC_KEY_get_enc_flags returns the value of the current encoding flags for the
+EC_KEY.
+
+=head1 SEE ALSO
+
+L<crypto(3)|crypto(3)>, L<ec(3)|ec(3)>, L<EC_GROUP_new(3)|EC_GROUP_new(3)>,
+L<EC_GROUP_copy(3)|EC_GROUP_copy(3)>, L<EC_POINT_new(3)|EC_POINT_new(3)>,
+L<EC_POINT_add(3)|EC_POINT_add(3)>,
+L<EC_GFp_simple_method(3)|EC_GFp_simple_method(3)>,
+L<d2i_ECPKParameters(3)|d2i_ECPKParameters(3)>,
+L<d2i_ECPrivateKey(3)|d2i_ECPrivateKey(3)>
+
+=cut
Modified: trunk/crypto/openssl/doc/crypto/d2i_RSAPublicKey.pod
===================================================================
--- trunk/crypto/openssl/doc/crypto/d2i_RSAPublicKey.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/crypto/d2i_RSAPublicKey.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -11,21 +11,21 @@
#include <openssl/rsa.h>
#include <openssl/x509.h>
- RSA * d2i_RSAPublicKey(RSA **a, unsigned char **pp, long length);
+ RSA * d2i_RSAPublicKey(RSA **a, const unsigned char **pp, long length);
int i2d_RSAPublicKey(RSA *a, unsigned char **pp);
- RSA * d2i_RSA_PUBKEY(RSA **a, unsigned char **pp, long length);
+ RSA * d2i_RSA_PUBKEY(RSA **a, const unsigned char **pp, long length);
int i2d_RSA_PUBKEY(RSA *a, unsigned char **pp);
- RSA * d2i_RSAPrivateKey(RSA **a, unsigned char **pp, long length);
+ RSA * d2i_RSAPrivateKey(RSA **a, const unsigned char **pp, long length);
int i2d_RSAPrivateKey(RSA *a, unsigned char **pp);
int i2d_Netscape_RSA(RSA *a, unsigned char **pp, int (*cb)());
- RSA * d2i_Netscape_RSA(RSA **a, unsigned char **pp, long length, int (*cb)());
+ RSA * d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length, int (*cb)());
=head1 DESCRIPTION
Modified: trunk/crypto/openssl/doc/crypto/d2i_X509.pod
===================================================================
--- trunk/crypto/openssl/doc/crypto/d2i_X509.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/crypto/d2i_X509.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -28,8 +28,11 @@
occurred then B<NULL> is returned. If B<px> is not B<NULL> then the
returned structure is written to B<*px>. If B<*px> is not B<NULL>
then it is assumed that B<*px> contains a valid B<X509>
-structure and an attempt is made to reuse it. If the call is
-successful B<*in> is incremented to the byte following the
+structure and an attempt is made to reuse it. This "reuse" capability is present
+for historical compatibility but its use is B<strongly discouraged> (see BUGS
+below, and the discussion in the RETURN VALUES section).
+
+If the call is successful B<*in> is incremented to the byte following the
parsed data.
i2d_X509() encodes the structure pointed to by B<x> into DER format.
@@ -210,7 +213,10 @@
d2i_X509(), d2i_X509_bio() and d2i_X509_fp() return a valid B<X509> structure
or B<NULL> if an error occurs. The error code that can be obtained by
-L<ERR_get_error(3)|ERR_get_error(3)>.
+L<ERR_get_error(3)|ERR_get_error(3)>. If the "reuse" capability has been used
+with a valid X509 structure being passed in via B<px> then the object is not
+freed in the event of error but may be in a potentially invalid or inconsistent
+state.
i2d_X509() returns the number of bytes successfully encoded or a negative
value if an error occurs. The error code can be obtained by
Modified: trunk/crypto/openssl/doc/crypto/evp.pod
===================================================================
--- trunk/crypto/openssl/doc/crypto/evp.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/crypto/evp.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -22,15 +22,25 @@
Symmetric encryption is available with the B<EVP_Encrypt>I<...>
functions. The B<EVP_Digest>I<...> functions provide message digests.
+The B<EVP_PKEY>I<...> functions provide a high level interface to
+asymmetric algorithms.
+
Algorithms are loaded with OpenSSL_add_all_algorithms(3).
-All the symmetric algorithms (ciphers) and digests can be replaced by ENGINE
-modules providing alternative implementations. If ENGINE implementations of
-ciphers or digests are registered as defaults, then the various EVP functions
-will automatically use those implementations automatically in preference to
-built in software implementations. For more information, consult the engine(3)
-man page.
+All the symmetric algorithms (ciphers), digests and asymmetric algorithms
+(public key algorithms) can be replaced by ENGINE modules providing alternative
+implementations. If ENGINE implementations of ciphers or digests are registered
+as defaults, then the various EVP functions will automatically use those
+implementations automatically in preference to built in software
+implementations. For more information, consult the engine(3) man page.
+Although low level algorithm specific functions exist for many algorithms
+their use is discouraged. They cannot be used with an ENGINE and ENGINE
+versions of new algorithms cannot be accessed using the low level functions.
+Also makes code harder to adapt to new algorithms and some options are not
+cleanly supported at the low level and some operations are more efficient
+using the high level interface.
+
=head1 SEE ALSO
L<EVP_DigestInit(3)|EVP_DigestInit(3)>,
Modified: trunk/crypto/openssl/doc/crypto/hmac.pod
===================================================================
--- trunk/crypto/openssl/doc/crypto/hmac.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/crypto/hmac.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -15,12 +15,12 @@
void HMAC_CTX_init(HMAC_CTX *ctx);
- void HMAC_Init(HMAC_CTX *ctx, const void *key, int key_len,
+ int HMAC_Init(HMAC_CTX *ctx, const void *key, int key_len,
const EVP_MD *md);
- void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int key_len,
+ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int key_len,
const EVP_MD *md, ENGINE *impl);
- void HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len);
- void HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);
+ int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len);
+ int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);
void HMAC_CTX_cleanup(HMAC_CTX *ctx);
void HMAC_cleanup(HMAC_CTX *ctx);
@@ -76,11 +76,14 @@
=head1 RETURN VALUES
-HMAC() returns a pointer to the message authentication code.
+HMAC() returns a pointer to the message authentication code or NULL if
+an error occurred.
-HMAC_CTX_init(), HMAC_Init_ex(), HMAC_Update(), HMAC_Final() and
-HMAC_CTX_cleanup() do not return values.
+HMAC_Init_ex(), HMAC_Update() and HMAC_Final() return 1 for success or 0 if
+an error occurred.
+HMAC_CTX_init() and HMAC_CTX_cleanup() do not return values.
+
=head1 CONFORMING TO
RFC 2104
@@ -97,4 +100,7 @@
HMAC_CTX_init(), HMAC_Init_ex() and HMAC_CTX_cleanup() are available
since OpenSSL 0.9.7.
+HMAC_Init_ex(), HMAC_Update() and HMAC_Final() did not return values in
+versions of OpenSSL before 1.0.0.
+
=cut
Copied: trunk/crypto/openssl/doc/crypto/i2d_CMS_bio_stream.pod (from rev 7117, vendor-crypto/openssl/dist/doc/crypto/i2d_CMS_bio_stream.pod)
===================================================================
--- trunk/crypto/openssl/doc/crypto/i2d_CMS_bio_stream.pod (rev 0)
+++ trunk/crypto/openssl/doc/crypto/i2d_CMS_bio_stream.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,44 @@
+=pod
+
+=head1 NAME
+
+ i2d_CMS_bio_stream - output CMS_ContentInfo structure in BER format.
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ int i2d_CMS_bio_stream(BIO *out, CMS_ContentInfo *cms, BIO *data, int flags);
+
+=head1 DESCRIPTION
+
+i2d_CMS_bio_stream() outputs a CMS_ContentInfo structure in BER format.
+
+It is otherwise identical to the function SMIME_write_CMS().
+
+=head1 NOTES
+
+This function is effectively a version of the i2d_CMS_bio() supporting
+streaming.
+
+=head1 BUGS
+
+The prefix "i2d" is arguably wrong because the function outputs BER format.
+
+=head1 RETURN VALUES
+
+i2d_CMS_bio_stream() returns 1 for success or 0 for failure.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_sign(3)|CMS_sign(3)>,
+L<CMS_verify(3)|CMS_verify(3)>, L<CMS_encrypt(3)|CMS_encrypt(3)>
+L<CMS_decrypt(3)|CMS_decrypt(3)>,
+L<SMIME_write_CMS(3)|SMIME_write_CMS(3)>,
+L<PEM_write_bio_CMS_stream(3)|PEM_write_bio_CMS_stream(3)>
+
+=head1 HISTORY
+
+i2d_CMS_bio_stream() was added to OpenSSL 1.0.0
+
+=cut
Copied: trunk/crypto/openssl/doc/crypto/i2d_PKCS7_bio_stream.pod (from rev 7117, vendor-crypto/openssl/dist/doc/crypto/i2d_PKCS7_bio_stream.pod)
===================================================================
--- trunk/crypto/openssl/doc/crypto/i2d_PKCS7_bio_stream.pod (rev 0)
+++ trunk/crypto/openssl/doc/crypto/i2d_PKCS7_bio_stream.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,44 @@
+=pod
+
+=head1 NAME
+
+i2d_PKCS7_bio_stream - output PKCS7 structure in BER format.
+
+=head1 SYNOPSIS
+
+ #include <openssl/pkcs7.h>
+
+ int i2d_PKCS7_bio_stream(BIO *out, PKCS7 *p7, BIO *data, int flags);
+
+=head1 DESCRIPTION
+
+i2d_PKCS7_bio_stream() outputs a PKCS7 structure in BER format.
+
+It is otherwise identical to the function SMIME_write_PKCS7().
+
+=head1 NOTES
+
+This function is effectively a version of the d2i_PKCS7_bio() supporting
+streaming.
+
+=head1 BUGS
+
+The prefix "d2i" is arguably wrong because the function outputs BER format.
+
+=head1 RETURN VALUES
+
+i2d_PKCS7_bio_stream() returns 1 for success or 0 for failure.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<PKCS7_sign(3)|PKCS7_sign(3)>,
+L<PKCS7_verify(3)|PKCS7_verify(3)>, L<PKCS7_encrypt(3)|PKCS7_encrypt(3)>
+L<PKCS7_decrypt(3)|PKCS7_decrypt(3)>,
+L<SMIME_write_PKCS7(3)|SMIME_write_PKCS7(3)>,
+L<PEM_write_bio_PKCS7_stream(3)|PEM_write_bio_PKCS7_stream(3)>
+
+=head1 HISTORY
+
+i2d_PKCS7_bio_stream() was added to OpenSSL 1.0.0
+
+=cut
Modified: trunk/crypto/openssl/doc/crypto/lhash.pod
===================================================================
--- trunk/crypto/openssl/doc/crypto/lhash.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/crypto/lhash.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -8,19 +8,21 @@
#include <openssl/lhash.h>
- LHASH *lh_new(LHASH_HASH_FN_TYPE hash, LHASH_COMP_FN_TYPE compare);
- void lh_free(LHASH *table);
+ DECLARE_LHASH_OF(<type>);
- void *lh_insert(LHASH *table, void *data);
- void *lh_delete(LHASH *table, void *data);
- void *lh_retrieve(LHASH *table, void *data);
+ LHASH *lh_<type>_new();
+ void lh_<type>_free(LHASH_OF(<type> *table);
- void lh_doall(LHASH *table, LHASH_DOALL_FN_TYPE func);
- void lh_doall_arg(LHASH *table, LHASH_DOALL_ARG_FN_TYPE func,
- void *arg);
+ <type> *lh_<type>_insert(LHASH_OF(<type> *table, <type> *data);
+ <type> *lh_<type>_delete(LHASH_OF(<type> *table, <type> *data);
+ <type> *lh_retrieve(LHASH_OF<type> *table, <type> *data);
- int lh_error(LHASH *table);
+ void lh_<type>_doall(LHASH_OF(<type> *table, LHASH_DOALL_FN_TYPE func);
+ void lh_<type>_doall_arg(LHASH_OF(<type> *table, LHASH_DOALL_ARG_FN_TYPE func,
+ <type2>, <type2> *arg);
+ int lh_<type>_error(LHASH_OF(<type> *table);
+
typedef int (*LHASH_COMP_FN_TYPE)(const void *, const void *);
typedef unsigned long (*LHASH_HASH_FN_TYPE)(const void *);
typedef void (*LHASH_DOALL_FN_TYPE)(const void *);
@@ -28,113 +30,115 @@
=head1 DESCRIPTION
-This library implements dynamic hash tables. The hash table entries
-can be arbitrary structures. Usually they consist of key and value
-fields.
+This library implements type-checked dynamic hash tables. The hash
+table entries can be arbitrary structures. Usually they consist of key
+and value fields.
-lh_new() creates a new B<LHASH> structure to store arbitrary data
-entries, and provides the 'hash' and 'compare' callbacks to be used in
-organising the table's entries. The B<hash> callback takes a pointer
-to a table entry as its argument and returns an unsigned long hash
-value for its key field. The hash value is normally truncated to a
-power of 2, so make sure that your hash function returns well mixed
-low order bits. The B<compare> callback takes two arguments (pointers
-to two hash table entries), and returns 0 if their keys are equal,
-non-zero otherwise. If your hash table will contain items of some
-particular type and the B<hash> and B<compare> callbacks hash/compare
-these types, then the B<DECLARE_LHASH_HASH_FN> and
-B<IMPLEMENT_LHASH_COMP_FN> macros can be used to create callback
-wrappers of the prototypes required by lh_new(). These provide
-per-variable casts before calling the type-specific callbacks written
-by the application author. These macros, as well as those used for
-the "doall" callbacks, are defined as;
+lh_<type>_new() creates a new B<LHASH_OF(<type>> structure to store
+arbitrary data entries, and provides the 'hash' and 'compare'
+callbacks to be used in organising the table's entries. The B<hash>
+callback takes a pointer to a table entry as its argument and returns
+an unsigned long hash value for its key field. The hash value is
+normally truncated to a power of 2, so make sure that your hash
+function returns well mixed low order bits. The B<compare> callback
+takes two arguments (pointers to two hash table entries), and returns
+0 if their keys are equal, non-zero otherwise. If your hash table
+will contain items of some particular type and the B<hash> and
+B<compare> callbacks hash/compare these types, then the
+B<DECLARE_LHASH_HASH_FN> and B<IMPLEMENT_LHASH_COMP_FN> macros can be
+used to create callback wrappers of the prototypes required by
+lh_<type>_new(). These provide per-variable casts before calling the
+type-specific callbacks written by the application author. These
+macros, as well as those used for the "doall" callbacks, are defined
+as;
- #define DECLARE_LHASH_HASH_FN(f_name,o_type) \
- unsigned long f_name##_LHASH_HASH(const void *);
- #define IMPLEMENT_LHASH_HASH_FN(f_name,o_type) \
- unsigned long f_name##_LHASH_HASH(const void *arg) { \
- o_type a = (o_type)arg; \
- return f_name(a); }
- #define LHASH_HASH_FN(f_name) f_name##_LHASH_HASH
+ #define DECLARE_LHASH_HASH_FN(name, o_type) \
+ unsigned long name##_LHASH_HASH(const void *);
+ #define IMPLEMENT_LHASH_HASH_FN(name, o_type) \
+ unsigned long name##_LHASH_HASH(const void *arg) { \
+ const o_type *a = arg; \
+ return name##_hash(a); }
+ #define LHASH_HASH_FN(name) name##_LHASH_HASH
- #define DECLARE_LHASH_COMP_FN(f_name,o_type) \
- int f_name##_LHASH_COMP(const void *, const void *);
- #define IMPLEMENT_LHASH_COMP_FN(f_name,o_type) \
- int f_name##_LHASH_COMP(const void *arg1, const void *arg2) { \
- o_type a = (o_type)arg1; \
- o_type b = (o_type)arg2; \
- return f_name(a,b); }
- #define LHASH_COMP_FN(f_name) f_name##_LHASH_COMP
+ #define DECLARE_LHASH_COMP_FN(name, o_type) \
+ int name##_LHASH_COMP(const void *, const void *);
+ #define IMPLEMENT_LHASH_COMP_FN(name, o_type) \
+ int name##_LHASH_COMP(const void *arg1, const void *arg2) { \
+ const o_type *a = arg1; \
+ const o_type *b = arg2; \
+ return name##_cmp(a,b); }
+ #define LHASH_COMP_FN(name) name##_LHASH_COMP
- #define DECLARE_LHASH_DOALL_FN(f_name,o_type) \
- void f_name##_LHASH_DOALL(const void *);
- #define IMPLEMENT_LHASH_DOALL_FN(f_name,o_type) \
- void f_name##_LHASH_DOALL(const void *arg) { \
- o_type a = (o_type)arg; \
- f_name(a); }
- #define LHASH_DOALL_FN(f_name) f_name##_LHASH_DOALL
+ #define DECLARE_LHASH_DOALL_FN(name, o_type) \
+ void name##_LHASH_DOALL(void *);
+ #define IMPLEMENT_LHASH_DOALL_FN(name, o_type) \
+ void name##_LHASH_DOALL(void *arg) { \
+ o_type *a = arg; \
+ name##_doall(a); }
+ #define LHASH_DOALL_FN(name) name##_LHASH_DOALL
- #define DECLARE_LHASH_DOALL_ARG_FN(f_name,o_type,a_type) \
- void f_name##_LHASH_DOALL_ARG(const void *, const void *);
- #define IMPLEMENT_LHASH_DOALL_ARG_FN(f_name,o_type,a_type) \
- void f_name##_LHASH_DOALL_ARG(const void *arg1, const void *arg2) { \
- o_type a = (o_type)arg1; \
- a_type b = (a_type)arg2; \
- f_name(a,b); }
- #define LHASH_DOALL_ARG_FN(f_name) f_name##_LHASH_DOALL_ARG
+ #define DECLARE_LHASH_DOALL_ARG_FN(name, o_type, a_type) \
+ void name##_LHASH_DOALL_ARG(void *, void *);
+ #define IMPLEMENT_LHASH_DOALL_ARG_FN(name, o_type, a_type) \
+ void name##_LHASH_DOALL_ARG(void *arg1, void *arg2) { \
+ o_type *a = arg1; \
+ a_type *b = arg2; \
+ name##_doall_arg(a, b); }
+ #define LHASH_DOALL_ARG_FN(name) name##_LHASH_DOALL_ARG
-An example of a hash table storing (pointers to) structures of type 'STUFF'
-could be defined as follows;
+ An example of a hash table storing (pointers to) structures of type 'STUFF'
+ could be defined as follows;
/* Calculates the hash value of 'tohash' (implemented elsewhere) */
unsigned long STUFF_hash(const STUFF *tohash);
/* Orders 'arg1' and 'arg2' (implemented elsewhere) */
- int STUFF_cmp(const STUFF *arg1, const STUFF *arg2);
+ int stuff_cmp(const STUFF *arg1, const STUFF *arg2);
/* Create the type-safe wrapper functions for use in the LHASH internals */
- static IMPLEMENT_LHASH_HASH_FN(STUFF_hash, const STUFF *)
- static IMPLEMENT_LHASH_COMP_FN(STUFF_cmp, const STUFF *);
+ static IMPLEMENT_LHASH_HASH_FN(stuff, STUFF);
+ static IMPLEMENT_LHASH_COMP_FN(stuff, STUFF);
/* ... */
int main(int argc, char *argv[]) {
/* Create the new hash table using the hash/compare wrappers */
- LHASH *hashtable = lh_new(LHASH_HASH_FN(STUFF_hash),
+ LHASH_OF(STUFF) *hashtable = lh_STUFF_new(LHASH_HASH_FN(STUFF_hash),
LHASH_COMP_FN(STUFF_cmp));
/* ... */
}
-lh_free() frees the B<LHASH> structure B<table>. Allocated hash table
-entries will not be freed; consider using lh_doall() to deallocate any
-remaining entries in the hash table (see below).
+lh_<type>_free() frees the B<LHASH_OF(<type>> structure
+B<table>. Allocated hash table entries will not be freed; consider
+using lh_<type>_doall() to deallocate any remaining entries in the
+hash table (see below).
-lh_insert() inserts the structure pointed to by B<data> into B<table>.
-If there already is an entry with the same key, the old value is
-replaced. Note that lh_insert() stores pointers, the data are not
-copied.
+lh_<type>_insert() inserts the structure pointed to by B<data> into
+B<table>. If there already is an entry with the same key, the old
+value is replaced. Note that lh_<type>_insert() stores pointers, the
+data are not copied.
-lh_delete() deletes an entry from B<table>.
+lh_<type>_delete() deletes an entry from B<table>.
-lh_retrieve() looks up an entry in B<table>. Normally, B<data> is
-a structure with the key field(s) set; the function will return a
+lh_<type>_retrieve() looks up an entry in B<table>. Normally, B<data>
+is a structure with the key field(s) set; the function will return a
pointer to a fully populated structure.
-lh_doall() will, for every entry in the hash table, call B<func> with
-the data item as its parameter. For lh_doall() and lh_doall_arg(),
-function pointer casting should be avoided in the callbacks (see
-B<NOTE>) - instead, either declare the callbacks to match the
-prototype required in lh_new() or use the declare/implement macros to
-create type-safe wrappers that cast variables prior to calling your
-type-specific callbacks. An example of this is illustrated here where
-the callback is used to cleanup resources for items in the hash table
-prior to the hashtable itself being deallocated:
+lh_<type>_doall() will, for every entry in the hash table, call
+B<func> with the data item as its parameter. For lh_<type>_doall()
+and lh_<type>_doall_arg(), function pointer casting should be avoided
+in the callbacks (see B<NOTE>) - instead use the declare/implement
+macros to create type-checked wrappers that cast variables prior to
+calling your type-specific callbacks. An example of this is
+illustrated here where the callback is used to cleanup resources for
+items in the hash table prior to the hashtable itself being
+deallocated:
/* Cleans up resources belonging to 'a' (this is implemented elsewhere) */
- void STUFF_cleanup(STUFF *a);
+ void STUFF_cleanup_doall(STUFF *a);
/* Implement a prototype-compatible wrapper for "STUFF_cleanup" */
- IMPLEMENT_LHASH_DOALL_FN(STUFF_cleanup, STUFF *)
+ IMPLEMENT_LHASH_DOALL_FN(STUFF_cleanup, STUFF)
/* ... then later in the code ... */
/* So to run "STUFF_cleanup" against all items in a hash table ... */
- lh_doall(hashtable, LHASH_DOALL_FN(STUFF_cleanup));
+ lh_STUFF_doall(hashtable, LHASH_DOALL_FN(STUFF_cleanup));
/* Then the hash table itself can be deallocated */
- lh_free(hashtable);
+ lh_STUFF_free(hashtable);
When doing this, be careful if you delete entries from the hash table
in your callbacks: the table may decrease in size, moving the item
@@ -145,51 +149,52 @@
The best solution is probably to avoid deleting items from the hash
table inside a "doall" callback!
-lh_doall_arg() is the same as lh_doall() except that B<func> will be
-called with B<arg> as the second argument and B<func> should be of
-type B<LHASH_DOALL_ARG_FN_TYPE> (a callback prototype that is passed
-both the table entry and an extra argument). As with lh_doall(), you
-can instead choose to declare your callback with a prototype matching
-the types you are dealing with and use the declare/implement macros to
-create compatible wrappers that cast variables before calling your
-type-specific callbacks. An example of this is demonstrated here
-(printing all hash table entries to a BIO that is provided by the
-caller):
+lh_<type>_doall_arg() is the same as lh_<type>_doall() except that
+B<func> will be called with B<arg> as the second argument and B<func>
+should be of type B<LHASH_DOALL_ARG_FN_TYPE> (a callback prototype
+that is passed both the table entry and an extra argument). As with
+lh_doall(), you can instead choose to declare your callback with a
+prototype matching the types you are dealing with and use the
+declare/implement macros to create compatible wrappers that cast
+variables before calling your type-specific callbacks. An example of
+this is demonstrated here (printing all hash table entries to a BIO
+that is provided by the caller):
/* Prints item 'a' to 'output_bio' (this is implemented elsewhere) */
- void STUFF_print(const STUFF *a, BIO *output_bio);
+ void STUFF_print_doall_arg(const STUFF *a, BIO *output_bio);
/* Implement a prototype-compatible wrapper for "STUFF_print" */
- static IMPLEMENT_LHASH_DOALL_ARG_FN(STUFF_print, const STUFF *, BIO *)
+ static IMPLEMENT_LHASH_DOALL_ARG_FN(STUFF, const STUFF, BIO)
/* ... then later in the code ... */
/* Print out the entire hashtable to a particular BIO */
- lh_doall_arg(hashtable, LHASH_DOALL_ARG_FN(STUFF_print), logging_bio);
+ lh_STUFF_doall_arg(hashtable, LHASH_DOALL_ARG_FN(STUFF_print), BIO,
+ logging_bio);
-lh_error() can be used to determine if an error occurred in the last
-operation. lh_error() is a macro.
+lh_<type>_error() can be used to determine if an error occurred in the last
+operation. lh_<type>_error() is a macro.
=head1 RETURN VALUES
-lh_new() returns B<NULL> on error, otherwise a pointer to the new
+lh_<type>_new() returns B<NULL> on error, otherwise a pointer to the new
B<LHASH> structure.
-When a hash table entry is replaced, lh_insert() returns the value
+When a hash table entry is replaced, lh_<type>_insert() returns the value
being replaced. B<NULL> is returned on normal operation and on error.
-lh_delete() returns the entry being deleted. B<NULL> is returned if
+lh_<type>_delete() returns the entry being deleted. B<NULL> is returned if
there is no such value in the hash table.
-lh_retrieve() returns the hash table entry if it has been found,
+lh_<type>_retrieve() returns the hash table entry if it has been found,
B<NULL> otherwise.
-lh_error() returns 1 if an error occurred in the last operation, 0
+lh_<type>_error() returns 1 if an error occurred in the last operation, 0
otherwise.
-lh_free(), lh_doall() and lh_doall_arg() return no values.
+lh_<type>_free(), lh_<type>_doall() and lh_<type>_doall_arg() return no values.
=head1 NOTE
The various LHASH macros and callback types exist to make it possible
-to write type-safe code without resorting to function-prototype
+to write type-checked code without resorting to function-prototype
casting - an evil that makes application code much harder to
audit/verify and also opens the window of opportunity for stack
corruption and other hard-to-find bugs. It also, apparently, violates
@@ -227,7 +232,7 @@
=head1 BUGS
-lh_insert() returns B<NULL> both for success and error.
+lh_<type>_insert() returns B<NULL> both for success and error.
=head1 INTERNALS
@@ -272,8 +277,8 @@
unsigned long lh_strhash(const char *c);
Since the B<LHASH> routines would normally be passed structures, this
-routine would not normally be passed to lh_new(), rather it would be
-used in the function passed to lh_new().
+routine would not normally be passed to lh_<type>_new(), rather it would be
+used in the function passed to lh_<type>_new().
=head1 SEE ALSO
@@ -291,4 +296,7 @@
LHASH_HASH_FN_TYPE, LHASH_DOALL_FN_TYPE and LHASH_DOALL_ARG_FN_TYPE
became available.
+In OpenSSL 1.0.0, the lhash interface was revamped for even better
+type checking.
+
=cut
Modified: trunk/crypto/openssl/doc/crypto/pem.pod
===================================================================
--- trunk/crypto/openssl/doc/crypto/pem.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/crypto/pem.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -223,7 +223,7 @@
PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey()
write a private key in an EVP_PKEY structure in PKCS#8
EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption
-algorithms. The B<cipher> argument specifies the encryption algoritm to
+algorithms. The B<cipher> argument specifies the encryption algorithm to
use: unlike all other PEM routines the encryption is applied at the
PKCS#8 level and not in the PEM headers. If B<cipher> is NULL then no
encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.
Modified: trunk/crypto/openssl/doc/crypto/threads.pod
===================================================================
--- trunk/crypto/openssl/doc/crypto/threads.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/crypto/threads.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -2,7 +2,9 @@
=head1 NAME
-CRYPTO_set_locking_callback, CRYPTO_set_id_callback, CRYPTO_num_locks,
+CRYPTO_THREADID_set_callback, CRYPTO_THREADID_get_callback,
+CRYPTO_THREADID_current, CRYPTO_THREADID_cmp, CRYPTO_THREADID_cpy,
+CRYPTO_THREADID_hash, CRYPTO_set_locking_callback, CRYPTO_num_locks,
CRYPTO_set_dynlock_create_callback, CRYPTO_set_dynlock_lock_callback,
CRYPTO_set_dynlock_destroy_callback, CRYPTO_get_new_dynlockid,
CRYPTO_destroy_dynlockid, CRYPTO_lock - OpenSSL thread support
@@ -11,14 +13,26 @@
#include <openssl/crypto.h>
- void CRYPTO_set_locking_callback(void (*locking_function)(int mode,
- int n, const char *file, int line));
+ /* Don't use this structure directly. */
+ typedef struct crypto_threadid_st
+ {
+ void *ptr;
+ unsigned long val;
+ } CRYPTO_THREADID;
+ /* Only use CRYPTO_THREADID_set_[numeric|pointer]() within callbacks */
+ void CRYPTO_THREADID_set_numeric(CRYPTO_THREADID *id, unsigned long val);
+ void CRYPTO_THREADID_set_pointer(CRYPTO_THREADID *id, void *ptr);
+ int CRYPTO_THREADID_set_callback(void (*threadid_func)(CRYPTO_THREADID *));
+ void (*CRYPTO_THREADID_get_callback(void))(CRYPTO_THREADID *);
+ void CRYPTO_THREADID_current(CRYPTO_THREADID *id);
+ int CRYPTO_THREADID_cmp(const CRYPTO_THREADID *a,
+ const CRYPTO_THREADID *b);
+ void CRYPTO_THREADID_cpy(CRYPTO_THREADID *dest,
+ const CRYPTO_THREADID *src);
+ unsigned long CRYPTO_THREADID_hash(const CRYPTO_THREADID *id);
- void CRYPTO_set_id_callback(unsigned long (*id_function)(void));
-
int CRYPTO_num_locks(void);
-
/* struct CRYPTO_dynlock_value needs to be defined by the user */
struct CRYPTO_dynlock_value;
@@ -50,7 +64,8 @@
=head1 DESCRIPTION
OpenSSL can safely be used in multi-threaded applications provided
-that at least two callback functions are set.
+that at least two callback functions are set, locking_function and
+threadid_func.
locking_function(int mode, int n, const char *file, int line) is
needed to perform locking on shared data structures.
@@ -65,11 +80,43 @@
B<file> and B<line> are the file number of the function setting the
lock. They can be useful for debugging.
-id_function(void) is a function that returns a thread ID, for example
-pthread_self() if it returns an integer (see NOTES below). It isn't
-needed on Windows nor on platforms where getpid() returns a different
-ID for each thread (see NOTES below).
+threadid_func(CRYPTO_THREADID *id) is needed to record the currently-executing
+thread's identifier into B<id>. The implementation of this callback should not
+fill in B<id> directly, but should use CRYPTO_THREADID_set_numeric() if thread
+IDs are numeric, or CRYPTO_THREADID_set_pointer() if they are pointer-based.
+If the application does not register such a callback using
+CRYPTO_THREADID_set_callback(), then a default implementation is used - on
+Windows and BeOS this uses the system's default thread identifying APIs, and on
+all other platforms it uses the address of B<errno>. The latter is satisfactory
+for thread-safety if and only if the platform has a thread-local error number
+facility.
+Once threadid_func() is registered, or if the built-in default implementation is
+to be used;
+
+=over 4
+
+=item *
+CRYPTO_THREADID_current() records the currently-executing thread ID into the
+given B<id> object.
+
+=item *
+CRYPTO_THREADID_cmp() compares two thread IDs (returning zero for equality, ie.
+the same semantics as memcmp()).
+
+=item *
+CRYPTO_THREADID_cpy() duplicates a thread ID value,
+
+=item *
+CRYPTO_THREADID_hash() returns a numeric value usable as a hash-table key. This
+is usually the exact numeric or pointer-based thread ID used internally, however
+this also handles the unusual case where pointers are larger than 'long'
+variables and the platform's thread IDs are pointer-based - in this case, mixing
+is done to attempt to produce a unique numeric value even though it is not as
+wide as the platform's true thread IDs.
+
+=back
+
Additionally, OpenSSL supports dynamic locks, and sometimes, some parts
of OpenSSL need it for better performance. To enable this, the following
is required:
@@ -140,22 +187,6 @@
Also, dynamic locks are currently not used internally by OpenSSL, but
may do so in the future.
-Defining id_function(void) has it's own issues. Generally speaking,
-pthread_self() should be used, even on platforms where getpid() gives
-different answers in each thread, since that may depend on the machine
-the program is run on, not the machine where the program is being
-compiled. For instance, Red Hat 8 Linux and earlier used
-LinuxThreads, whose getpid() returns a different value for each
-thread. Red Hat 9 Linux and later use NPTL, which is
-Posix-conformant, and has a getpid() that returns the same value for
-all threads in a process. A program compiled on Red Hat 8 and run on
-Red Hat 9 will therefore see getpid() returning the same value for
-all threads.
-
-There is still the issue of platforms where pthread_self() returns
-something other than an integer. This is a bit unusual, and this
-manual has no cookbook solution for that case.
-
=head1 EXAMPLES
B<crypto/threads/mttest.c> shows examples of the callback functions on
@@ -163,10 +194,14 @@
=head1 HISTORY
-CRYPTO_set_locking_callback() and CRYPTO_set_id_callback() are
+CRYPTO_set_locking_callback() is
available in all versions of SSLeay and OpenSSL.
CRYPTO_num_locks() was added in OpenSSL 0.9.4.
All functions dealing with dynamic locks were added in OpenSSL 0.9.5b-dev.
+B<CRYPTO_THREADID> and associated functions were introduced in OpenSSL 1.0.0
+to replace (actually, deprecate) the previous CRYPTO_set_id_callback(),
+CRYPTO_get_id_callback(), and CRYPTO_thread_id() functions which assumed
+thread IDs to always be represented by 'unsigned long'.
=head1 SEE ALSO
Modified: trunk/crypto/openssl/doc/ssl/SSL_CTX_new.pod
===================================================================
--- trunk/crypto/openssl/doc/ssl/SSL_CTX_new.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/ssl/SSL_CTX_new.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -8,7 +8,7 @@
#include <openssl/ssl.h>
- SSL_CTX *SSL_CTX_new(SSL_METHOD *method);
+ SSL_CTX *SSL_CTX_new(const SSL_METHOD *method);
=head1 DESCRIPTION
@@ -51,22 +51,36 @@
=item SSLv23_method(void), SSLv23_server_method(void), SSLv23_client_method(void)
-A TLS/SSL connection established with these methods will understand the SSLv2,
-SSLv3, and TLSv1 protocol. A client will send out SSLv2 client hello messages
-and will indicate that it also understands SSLv3 and TLSv1. A server will
-understand SSLv2, SSLv3, and TLSv1 client hello messages. This is the best
-choice when compatibility is a concern.
+A TLS/SSL connection established with these methods may understand the SSLv2,
+SSLv3, TLSv1, TLSv1.1 and TLSv1.2 protocols.
+If the cipher list does not contain any SSLv2 ciphersuites (the default
+cipher list does not) or extensions are required (for example server name)
+a client will send out TLSv1 client hello messages including extensions and
+will indicate that it also understands TLSv1.1, TLSv1.2 and permits a
+fallback to SSLv3. A server will support SSLv3, TLSv1, TLSv1.1 and TLSv1.2
+protocols. This is the best choice when compatibility is a concern.
+
+If any SSLv2 ciphersuites are included in the cipher list and no extensions
+are required then SSLv2 compatible client hellos will be used by clients and
+SSLv2 will be accepted by servers. This is B<not> recommended due to the
+insecurity of SSLv2 and the limited nature of the SSLv2 client hello
+prohibiting the use of extensions.
+
=back
The list of protocols available can later be limited using the SSL_OP_NO_SSLv2,
-SSL_OP_NO_SSLv3, SSL_OP_NO_TLSv1 options of the B<SSL_CTX_set_options()> or
-B<SSL_set_options()> functions. Using these options it is possible to choose
-e.g. SSLv23_server_method() and be able to negotiate with all possible
-clients, but to only allow newer protocols like SSLv3 or TLSv1.
+SSL_OP_NO_SSLv3, SSL_OP_NO_TLSv1, SSL_OP_NO_TLSv1_1 and SSL_OP_NO_TLSv1_2
+options of the SSL_CTX_set_options() or SSL_set_options() functions.
+Using these options it is possible to choose e.g. SSLv23_server_method() and
+be able to negotiate with all possible clients, but to only allow newer
+protocols like TLSv1, TLSv1.1 or TLS v1.2.
+Applications which never want to support SSLv2 (even is the cipher string
+is configured to use SSLv2 ciphersuites) can set SSL_OP_NO_SSLv2.
+
SSL_CTX_new() initializes the list of ciphers, the session cache setting,
-the callbacks, the keys and certificates, and the options to its default
+the callbacks, the keys and certificates and the options to its default
values.
=head1 RETURN VALUES
Modified: trunk/crypto/openssl/doc/ssl/SSL_CTX_set_cipher_list.pod
===================================================================
--- trunk/crypto/openssl/doc/ssl/SSL_CTX_set_cipher_list.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/ssl/SSL_CTX_set_cipher_list.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -54,6 +54,10 @@
keys), the "no shared cipher" (SSL_R_NO_SHARED_CIPHER) error is generated
and the handshake will fail.
+If the cipher list does not contain any SSLv2 cipher suites (this is the
+default) then SSLv2 is effectively disabled and neither clients nor servers
+will attempt to use SSLv2.
+
=head1 RETURN VALUES
SSL_CTX_set_cipher_list() and SSL_set_cipher_list() return 1 if any cipher
Modified: trunk/crypto/openssl/doc/ssl/SSL_CTX_set_mode.pod
===================================================================
--- trunk/crypto/openssl/doc/ssl/SSL_CTX_set_mode.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/ssl/SSL_CTX_set_mode.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -61,6 +61,16 @@
flag SSL_MODE_AUTO_RETRY will cause read/write operations to only
return after the handshake and successful completion.
+=item SSL_MODE_RELEASE_BUFFERS
+
+When we no longer need a read buffer or a write buffer for a given SSL,
+then release the memory we were using to hold it. Released memory is
+either appended to a list of unused RAM chunks on the SSL_CTX, or simply
+freed if the list of unused chunks would become longer than
+SSL_CTX->freelist_max_len, which defaults to 32. Using this flag can
+save around 34k per idle SSL connection.
+This flag has no effect on SSL v2 connections, or on DTLS connections.
+
=item SSL_MODE_SEND_FALLBACK_SCSV
Send TLS_FALLBACK_SCSV in the ClientHello.
Modified: trunk/crypto/openssl/doc/ssl/SSL_CTX_set_options.pod
===================================================================
--- trunk/crypto/openssl/doc/ssl/SSL_CTX_set_options.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/ssl/SSL_CTX_set_options.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -112,6 +112,12 @@
broken SSL implementations. This option has no effect for connections
using other ciphers.
+=item SSL_OP_TLSEXT_PADDING
+
+Adds a padding extension to ensure the ClientHello size is never between
+256 and 511 bytes in length. This is needed as a workaround for some
+implementations.
+
=item SSL_OP_ALL
All of the above bug workarounds.
@@ -201,8 +207,7 @@
=item SSL_OP_NO_TICKET
Normally clients and servers will, where possible, transparently make use
-of RFC4507bis tickets for stateless session resumption if extension support
-is explicitly set when OpenSSL is compiled.
+of RFC4507bis tickets for stateless session resumption.
If this option is set this functionality is disabled and tickets will
not be used by clients or servers.
Copied: trunk/crypto/openssl/doc/ssl/SSL_CTX_set_psk_client_callback.pod (from rev 7117, vendor-crypto/openssl/dist/doc/ssl/SSL_CTX_set_psk_client_callback.pod)
===================================================================
--- trunk/crypto/openssl/doc/ssl/SSL_CTX_set_psk_client_callback.pod (rev 0)
+++ trunk/crypto/openssl/doc/ssl/SSL_CTX_set_psk_client_callback.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,81 @@
+=pod
+
+=begin comment
+
+Copyright 2005 Nokia. All rights reserved.
+
+The portions of the attached software ("Contribution") is developed by
+Nokia Corporation and is licensed pursuant to the OpenSSL open source
+license.
+
+The Contribution, originally written by Mika Kousa and Pasi Eronen of
+Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+support (see RFC 4279) to OpenSSL.
+
+No patent licenses or other rights except those expressly stated in
+the OpenSSL open source license shall be deemed granted or received
+expressly, by implication, estoppel, or otherwise.
+
+No assurances are provided by Nokia that the Contribution does not
+infringe the patent or other intellectual property rights of any third
+party or that the license provides you with all the necessary rights
+to make use of the Contribution.
+
+THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+OTHERWISE.
+
+=end comment
+
+=head1 NAME
+
+SSL_CTX_set_psk_client_callback, SSL_set_psk_client_callback - set PSK client callback
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ void SSL_CTX_set_psk_client_callback(SSL_CTX *ctx,
+ unsigned int (*callback)(SSL *ssl, const char *hint,
+ char *identity, unsigned int max_identity_len,
+ unsigned char *psk, unsigned int max_psk_len));
+ void SSL_set_psk_client_callback(SSL *ssl,
+ unsigned int (*callback)(SSL *ssl, const char *hint,
+ char *identity, unsigned int max_identity_len,
+ unsigned char *psk, unsigned int max_psk_len));
+
+
+=head1 DESCRIPTION
+
+A client application must provide a callback function which is called
+when the client is sending the ClientKeyExchange message to the server.
+
+The purpose of the callback function is to select the PSK identity and
+the pre-shared key to use during the connection setup phase.
+
+The callback is set using functions SSL_CTX_set_psk_client_callback()
+or SSL_set_psk_client_callback(). The callback function is given the
+connection in parameter B<ssl>, a B<NULL>-terminated PSK identity hint
+sent by the server in parameter B<hint>, a buffer B<identity> of
+length B<max_identity_len> bytes where the the resulting
+B<NULL>-terminated identity is to be stored, and a buffer B<psk> of
+length B<max_psk_len> bytes where the resulting pre-shared key is to
+be stored.
+
+=head1 NOTES
+
+Note that parameter B<hint> given to the callback may be B<NULL>.
+
+=head1 RETURN VALUES
+
+Return values from the client callback are interpreted as follows:
+
+On success (callback found a PSK identity and a pre-shared key to use)
+the length (> 0) of B<psk> in bytes is returned.
+
+Otherwise or on errors callback should return 0. In this case
+the connection setup fails.
+
+=cut
Copied: trunk/crypto/openssl/doc/ssl/SSL_CTX_set_read_ahead.pod (from rev 7117, vendor-crypto/openssl/dist/doc/ssl/SSL_CTX_set_read_ahead.pod)
===================================================================
--- trunk/crypto/openssl/doc/ssl/SSL_CTX_set_read_ahead.pod (rev 0)
+++ trunk/crypto/openssl/doc/ssl/SSL_CTX_set_read_ahead.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,51 @@
+=pod
+
+=head1 NAME
+
+SSL_CTX_set_read_ahead, SSL_CTX_set_default_read_ahead, SSL_CTX_get_read_ahead,
+SSL_CTX_get_default_read_ahead, SSL_set_read_ahead, SSL_get_read_ahead
+- manage whether to read as many input bytes as possible
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ int SSL_get_read_ahead(const SSL *s);
+ void SSL_set_read_ahead(SSL *s, int yes);
+
+ #define SSL_CTX_get_default_read_ahead(ctx)
+ #define SSL_CTX_set_default_read_ahead(ctx,m)
+ #define SSL_CTX_get_read_ahead(ctx)
+ #define SSL_CTX_set_read_ahead(ctx,m)
+
+=head1 DESCRIPTION
+
+SSL_CTX_set_read_ahead() and SSL_set_read_ahead() set whether we should read as
+many input bytes as possible (for non-blocking reads) or not. For example if
+B<x> bytes are currently required by OpenSSL, but B<y> bytes are available from
+the underlying BIO (where B<y> > B<x>), then OpenSSL will read all B<y> bytes
+into its buffer (providing that the buffer is large enough) if reading ahead is
+on, or B<x> bytes otherwise. The parameter B<yes> or B<m> should be 0 to ensure
+reading ahead is off, or non zero otherwise.
+
+SSL_CTX_set_default_read_ahead is a synonym for SSL_CTX_set_read_ahead, and
+SSL_CTX_get_default_read_ahead is a synonym for SSL_CTX_get_read_ahead.
+
+SSL_CTX_get_read_ahead() and SSL_get_read_ahead() indicate whether reading
+ahead has been set or not.
+
+=head1 NOTES
+
+These functions have no impact when used with DTLS. The return values for
+SSL_CTX_get_read_head() and SSL_get_read_ahead() are undefined for DTLS.
+
+=head1 RETURN VALUES
+
+SSL_get_read_ahead and SSL_CTX_get_read_ahead return 0 if reading ahead is off,
+and non zero otherwise.
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>
+
+=cut
Modified: trunk/crypto/openssl/doc/ssl/SSL_CTX_set_ssl_version.pod
===================================================================
--- trunk/crypto/openssl/doc/ssl/SSL_CTX_set_ssl_version.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/ssl/SSL_CTX_set_ssl_version.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -9,9 +9,9 @@
#include <openssl/ssl.h>
- int SSL_CTX_set_ssl_version(SSL_CTX *ctx, SSL_METHOD *method);
- int SSL_set_ssl_method(SSL *s, SSL_METHOD *method);
- SSL_METHOD *SSL_get_ssl_method(SSL *ssl);
+ int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *method);
+ int SSL_set_ssl_method(SSL *s, const SSL_METHOD *method);
+ const SSL_METHOD *SSL_get_ssl_method(SSL *ssl);
=head1 DESCRIPTION
Modified: trunk/crypto/openssl/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod
===================================================================
--- trunk/crypto/openssl/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -48,12 +48,13 @@
only used for signing.
In order to perform a DH key exchange the server must use a DH group
-(DH parameters) and generate a DH key. The server will always generate a new
-DH key during the negotiation, when the DH parameters are supplied via
-callback and/or when the SSL_OP_SINGLE_DH_USE option of
-L<SSL_CTX_set_options(3)|SSL_CTX_set_options(3)> is set. It will
-immediately create a DH key, when DH parameters are supplied via
-SSL_CTX_set_tmp_dh() and SSL_OP_SINGLE_DH_USE is not set. In this case,
+(DH parameters) and generate a DH key.
+The server will always generate a new DH key during the negotiation
+if either the DH parameters are supplied via callback or the
+SSL_OP_SINGLE_DH_USE option of SSL_CTX_set_options(3) is set (or both).
+It will immediately create a DH key if DH parameters are supplied via
+SSL_CTX_set_tmp_dh() and SSL_OP_SINGLE_DH_USE is not set.
+In this case,
it may happen that a key is generated on initialization without later
being needed, while on the other hand the computer time during the
negotiation is being saved.
@@ -60,12 +61,12 @@
If "strong" primes were used to generate the DH parameters, it is not strictly
necessary to generate a new key for each handshake but it does improve forward
-secrecy. If it is not assured, that "strong" primes were used (see especially
-the section about DSA parameters below), SSL_OP_SINGLE_DH_USE must be used
-in order to prevent small subgroup attacks. Always using SSL_OP_SINGLE_DH_USE
-has an impact on the computer time needed during negotiation, but it is not
-very large, so application authors/users should consider to always enable
-this option.
+secrecy. If it is not assured that "strong" primes were used,
+SSL_OP_SINGLE_DH_USE must be used in order to prevent small subgroup
+attacks. Always using SSL_OP_SINGLE_DH_USE has an impact on the
+computer time needed during negotiation, but it is not very large, so
+application authors/users should consider always enabling this option.
+The option is required to implement perfect forward secrecy (PFS).
As generating DH parameters is extremely time consuming, an application
should not generate the parameters on the fly but supply the parameters.
@@ -73,83 +74,63 @@
the negotiation. The risk in reusing DH parameters is that an attacker
may specialize on a very often used DH group. Applications should therefore
generate their own DH parameters during the installation process using the
-openssl L<dhparam(1)|dhparam(1)> application. In order to reduce the computer
-time needed for this generation, it is possible to use DSA parameters
-instead (see L<dhparam(1)|dhparam(1)>), but in this case SSL_OP_SINGLE_DH_USE
-is mandatory.
+openssl L<dhparam(1)|dhparam(1)> application. This application
+guarantees that "strong" primes are used.
-Application authors may compile in DH parameters. Files dh512.pem,
-dh1024.pem, dh2048.pem, and dh4096.pem in the 'apps' directory of current
+Files dh2048.pem, and dh4096.pem in the 'apps' directory of the current
version of the OpenSSL distribution contain the 'SKIP' DH parameters,
which use safe primes and were generated verifiably pseudo-randomly.
These files can be converted into C code using the B<-C> option of the
-L<dhparam(1)|dhparam(1)> application.
-Authors may also generate their own set of parameters using
-L<dhparam(1)|dhparam(1)>, but a user may not be sure how the parameters were
-generated. The generation of DH parameters during installation is therefore
-recommended.
+L<dhparam(1)|dhparam(1)> application. Generation of custom DH
+parameters during installation should still be preferred to stop an
+attacker from specializing on a commonly used group. Files dh1024.pem
+and dh512.pem contain old parameters that must not be used by
+applications.
An application may either directly specify the DH parameters or
-can supply the DH parameters via a callback function. The callback approach
-has the advantage, that the callback may supply DH parameters for different
-key lengths.
+can supply the DH parameters via a callback function.
-The B<tmp_dh_callback> is called with the B<keylength> needed and
-the B<is_export> information. The B<is_export> flag is set, when the
-ephemeral DH key exchange is performed with an export cipher.
+Previous versions of the callback used B<is_export> and B<keylength>
+parameters to control parameter generation for export and non-export
+cipher suites. Modern servers that do not support export ciphersuites
+are advised to either use SSL_CTX_set_tmp_dh() in combination with
+SSL_OP_SINGLE_DH_USE, or alternatively, use the callback but ignore
+B<keylength> and B<is_export> and simply supply at least 2048-bit
+parameters in the callback.
=head1 EXAMPLES
-Handle DH parameters for key lengths of 512 and 1024 bits. (Error handling
+Setup DH parameters with a key length of 2048 bits. (Error handling
partly left out.)
+ Command-line parameter generation:
+ $ openssl dhparam -out dh_param_2048.pem 2048
+
+ Code for setting up parameters during server initialization:
+
...
- /* Set up ephemeral DH stuff */
- DH *dh_512 = NULL;
- DH *dh_1024 = NULL;
+ SSL_CTX ctx = SSL_CTX_new();
+ ...
+
+ /* Set up ephemeral DH parameters. */
+ DH *dh_2048 = NULL;
FILE *paramfile;
-
- ...
- /* "openssl dhparam -out dh_param_512.pem -2 512" */
- paramfile = fopen("dh_param_512.pem", "r");
+ paramfile = fopen("dh_param_2048.pem", "r");
if (paramfile) {
- dh_512 = PEM_read_DHparams(paramfile, NULL, NULL, NULL);
+ dh_2048 = PEM_read_DHparams(paramfile, NULL, NULL, NULL);
fclose(paramfile);
+ } else {
+ /* Error. */
}
- /* "openssl dhparam -out dh_param_1024.pem -2 1024" */
- paramfile = fopen("dh_param_1024.pem", "r");
- if (paramfile) {
- dh_1024 = PEM_read_DHparams(paramfile, NULL, NULL, NULL);
- fclose(paramfile);
+ if (dh_2048 == NULL) {
+ /* Error. */
}
+ if (SSL_CTX_set_tmp_dh(ctx, dh_2048) != 1) {
+ /* Error. */
+ }
+ SSL_CTX_set_options(ctx, SSL_OP_SINGLE_DH_USE);
...
- /* "openssl dhparam -C -2 512" etc... */
- DH *get_dh512() { ... }
- DH *get_dh1024() { ... }
-
- DH *tmp_dh_callback(SSL *s, int is_export, int keylength)
- {
- DH *dh_tmp=NULL;
-
- switch (keylength) {
- case 512:
- if (!dh_512)
- dh_512 = get_dh512();
- dh_tmp = dh_512;
- break;
- case 1024:
- if (!dh_1024)
- dh_1024 = get_dh1024();
- dh_tmp = dh_1024;
- break;
- default:
- /* Generating a key on the fly is very costly, so use what is there */
- setup_dh_parameters_like_above();
- }
- return(dh_tmp);
- }
-
=head1 RETURN VALUES
SSL_CTX_set_tmp_dh_callback() and SSL_set_tmp_dh_callback() do not return
Modified: trunk/crypto/openssl/doc/ssl/SSL_CTX_set_verify.pod
===================================================================
--- trunk/crypto/openssl/doc/ssl/SSL_CTX_set_verify.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/ssl/SSL_CTX_set_verify.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -169,8 +169,8 @@
failure, if wished. The callback realizes a verification depth limit with
more informational output.
-All verification errors are printed, informations about the certificate chain
-are printed on request.
+All verification errors are printed; information about the certificate chain
+is printed on request.
The example is realized for a server that does allow but not require client
certificates.
Copied: trunk/crypto/openssl/doc/ssl/SSL_CTX_use_psk_identity_hint.pod (from rev 7117, vendor-crypto/openssl/dist/doc/ssl/SSL_CTX_use_psk_identity_hint.pod)
===================================================================
--- trunk/crypto/openssl/doc/ssl/SSL_CTX_use_psk_identity_hint.pod (rev 0)
+++ trunk/crypto/openssl/doc/ssl/SSL_CTX_use_psk_identity_hint.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,106 @@
+=pod
+
+=begin comment
+
+Copyright 2005 Nokia. All rights reserved.
+
+The portions of the attached software ("Contribution") is developed by
+Nokia Corporation and is licensed pursuant to the OpenSSL open source
+license.
+
+The Contribution, originally written by Mika Kousa and Pasi Eronen of
+Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+support (see RFC 4279) to OpenSSL.
+
+No patent licenses or other rights except those expressly stated in
+the OpenSSL open source license shall be deemed granted or received
+expressly, by implication, estoppel, or otherwise.
+
+No assurances are provided by Nokia that the Contribution does not
+infringe the patent or other intellectual property rights of any third
+party or that the license provides you with all the necessary rights
+to make use of the Contribution.
+
+THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+OTHERWISE.
+
+=end comment
+
+=head1 NAME
+
+SSL_CTX_use_psk_identity_hint, SSL_use_psk_identity_hint,
+SSL_CTX_set_psk_server_callback, SSL_set_psk_server_callback - set PSK
+identity hint to use
+
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *hint);
+ int SSL_use_psk_identity_hint(SSL *ssl, const char *hint);
+
+ void SSL_CTX_set_psk_server_callback(SSL_CTX *ctx,
+ unsigned int (*callback)(SSL *ssl, const char *identity,
+ unsigned char *psk, int max_psk_len));
+ void SSL_set_psk_server_callback(SSL *ssl,
+ unsigned int (*callback)(SSL *ssl, const char *identity,
+ unsigned char *psk, int max_psk_len));
+
+
+=head1 DESCRIPTION
+
+SSL_CTX_use_psk_identity_hint() sets the given B<NULL>-terminated PSK
+identity hint B<hint> to SSL context object
+B<ctx>. SSL_use_psk_identity_hint() sets the given B<NULL>-terminated
+PSK identity hint B<hint> to SSL connection object B<ssl>. If B<hint>
+is B<NULL> the current hint from B<ctx> or B<ssl> is deleted.
+
+In the case where PSK identity hint is B<NULL>, the server
+does not send the ServerKeyExchange message to the client.
+
+A server application must provide a callback function which is called
+when the server receives the ClientKeyExchange message from the
+client. The purpose of the callback function is to validate the
+received PSK identity and to fetch the pre-shared key used during the
+connection setup phase. The callback is set using functions
+SSL_CTX_set_psk_server_callback() or
+SSL_set_psk_server_callback(). The callback function is given the
+connection in parameter B<ssl>, B<NULL>-terminated PSK identity sent
+by the client in parameter B<identity>, and a buffer B<psk> of length
+B<max_psk_len> bytes where the pre-shared key is to be stored.
+
+
+=head1 RETURN VALUES
+
+SSL_CTX_use_psk_identity_hint() and SSL_use_psk_identity_hint() return
+1 on success, 0 otherwise.
+
+Return values from the server callback are interpreted as follows:
+
+=over 4
+
+=item > 0
+
+PSK identity was found and the server callback has provided the PSK
+successfully in parameter B<psk>. Return value is the length of
+B<psk> in bytes. It is an error to return a value greater than
+B<max_psk_len>.
+
+If the PSK identity was not found but the callback instructs the
+protocol to continue anyway, the callback must provide some random
+data to B<psk> and return the length of the random data, so the
+connection will fail with decryption_error before it will be finished
+completely.
+
+=item Z<>0
+
+PSK identity was not found. An "unknown_psk_identity" alert message
+will be sent and the connection setup fails.
+
+=back
+
+=cut
Modified: trunk/crypto/openssl/doc/ssl/SSL_alert_type_string.pod
===================================================================
--- trunk/crypto/openssl/doc/ssl/SSL_alert_type_string.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/ssl/SSL_alert_type_string.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -214,6 +214,11 @@
difficult to communicate changes to these parameters after that
point. This message is always a warning.
+=item "UP"/"unknown PSK identity"
+
+Sent by the server to indicate that it does not recognize a PSK
+identity or an SRP identity.
+
=item "UK"/"unknown"
This indicates that no description is available for this alert type.
Modified: trunk/crypto/openssl/doc/ssl/SSL_get_peer_cert_chain.pod
===================================================================
--- trunk/crypto/openssl/doc/ssl/SSL_get_peer_cert_chain.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/ssl/SSL_get_peer_cert_chain.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -8,11 +8,11 @@
#include <openssl/ssl.h>
- STACKOF(X509) *SSL_get_peer_cert_chain(const SSL *ssl);
+ STACK_OF(X509) *SSL_get_peer_cert_chain(const SSL *ssl);
=head1 DESCRIPTION
-SSL_get_peer_cert_chain() returns a pointer to STACKOF(X509) certificates
+SSL_get_peer_cert_chain() returns a pointer to STACK_OF(X509) certificates
forming the certificate chain of the peer. If called on the client side,
the stack also contains the peer's certificate; if called on the server
side, the peer's certificate must be obtained separately using
@@ -24,7 +24,7 @@
The peer certificate chain is not necessarily available after reusing
a session, in which case a NULL pointer is returned.
-The reference count of the STACKOF(X509) object is not incremented.
+The reference count of the STACK_OF(X509) object is not incremented.
If the corresponding session is freed, the pointer must not be used
any longer.
@@ -39,7 +39,7 @@
No certificate was presented by the peer or no connection was established
or the certificate chain is no longer available when a session is reused.
-=item Pointer to a STACKOF(X509)
+=item Pointer to a STACK_OF(X509)
The return value points to the certificate chain presented by the peer.
Copied: trunk/crypto/openssl/doc/ssl/SSL_get_psk_identity.pod (from rev 7117, vendor-crypto/openssl/dist/doc/ssl/SSL_get_psk_identity.pod)
===================================================================
--- trunk/crypto/openssl/doc/ssl/SSL_get_psk_identity.pod (rev 0)
+++ trunk/crypto/openssl/doc/ssl/SSL_get_psk_identity.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,63 @@
+=pod
+
+=begin comment
+
+Copyright 2005 Nokia. All rights reserved.
+
+The portions of the attached software ("Contribution") is developed by
+Nokia Corporation and is licensed pursuant to the OpenSSL open source
+license.
+
+The Contribution, originally written by Mika Kousa and Pasi Eronen of
+Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+support (see RFC 4279) to OpenSSL.
+
+No patent licenses or other rights except those expressly stated in
+the OpenSSL open source license shall be deemed granted or received
+expressly, by implication, estoppel, or otherwise.
+
+No assurances are provided by Nokia that the Contribution does not
+infringe the patent or other intellectual property rights of any third
+party or that the license provides you with all the necessary rights
+to make use of the Contribution.
+
+THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+OTHERWISE.
+
+=end comment
+
+=head1 NAME
+
+SSL_get_psk_identity, SSL_get_psk_identity_hint - get PSK client identity and hint
+
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ const char *SSL_get_psk_identity_hint(const SSL *ssl);
+ const char *SSL_get_psk_identity(const SSL *ssl);
+
+
+=head1 DESCRIPTION
+
+SSL_get_psk_identity_hint() is used to retrieve the PSK identity hint
+used during the connection setup related to SSL object
+B<ssl>. Similarly, SSL_get_psk_identity() is used to retrieve the PSK
+identity used during the connection setup.
+
+
+=head1 RETURN VALUES
+
+If non-B<NULL>, SSL_get_psk_identity_hint() returns the PSK identity
+hint and SSL_get_psk_identity() returns the PSK identity. Both are
+B<NULL>-terminated. SSL_get_psk_identity_hint() may return B<NULL> if
+no PSK identity hint was used during the connection setup.
+
+Note that the return value is valid only during the lifetime of the
+SSL object B<ssl>.
+
+=cut
Modified: trunk/crypto/openssl/doc/ssl/SSL_library_init.pod
===================================================================
--- trunk/crypto/openssl/doc/ssl/SSL_library_init.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/ssl/SSL_library_init.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -23,6 +23,7 @@
=head1 NOTES
SSL_library_init() must be called before any other action takes place.
+SSL_library_init() is not reentrant.
=head1 WARNING
Modified: trunk/crypto/openssl/doc/ssl/SSL_pending.pod
===================================================================
--- trunk/crypto/openssl/doc/ssl/SSL_pending.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/ssl/SSL_pending.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -29,8 +29,9 @@
SSL_pending() takes into account only bytes from the TLS/SSL record
that is currently being processed (if any). If the B<SSL> object's
-I<read_ahead> flag is set, additional protocol bytes may have been
-read containing more TLS/SSL records; these are ignored by
+I<read_ahead> flag is set (see
+L<SSL_CTX_set_read_ahead(3)|SSL_CTX_set_read_ahead(3)>), additional protocol
+bytes may have been read containing more TLS/SSL records; these are ignored by
SSL_pending().
Up to OpenSSL 0.9.6, SSL_pending() does not check if the record type
@@ -38,6 +39,7 @@
=head1 SEE ALSO
-L<SSL_read(3)|SSL_read(3)>, L<ssl(3)|ssl(3)>
+L<SSL_read(3)|SSL_read(3)>,
+L<SSL_CTX_set_read_ahead(3)|SSL_CTX_set_read_ahead(3)>, L<ssl(3)|ssl(3)>
=cut
Modified: trunk/crypto/openssl/doc/ssl/SSL_set_shutdown.pod
===================================================================
--- trunk/crypto/openssl/doc/ssl/SSL_set_shutdown.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/ssl/SSL_set_shutdown.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -24,7 +24,7 @@
=over 4
-=item 0
+=item Z<>0
No shutdown setting, yet.
Modified: trunk/crypto/openssl/doc/ssl/SSL_shutdown.pod
===================================================================
--- trunk/crypto/openssl/doc/ssl/SSL_shutdown.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/ssl/SSL_shutdown.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -104,7 +104,7 @@
The shutdown was successfully completed. The "close notify" alert was sent
and the peer's "close notify" alert was received.
-=item Z<>-1
+=item -1
The shutdown was not successful because a fatal error occurred either
at the protocol level or a connection failure occurred. It can also occur if
Modified: trunk/crypto/openssl/doc/ssl/ssl.pod
===================================================================
--- trunk/crypto/openssl/doc/ssl/ssl.pod 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/ssl/ssl.pod 2015-07-21 23:23:45 UTC (rev 7118)
@@ -130,39 +130,39 @@
=over 4
-=item SSL_METHOD *B<SSLv2_client_method>(void);
+=item const SSL_METHOD *B<SSLv2_client_method>(void);
Constructor for the SSLv2 SSL_METHOD structure for a dedicated client.
-=item SSL_METHOD *B<SSLv2_server_method>(void);
+=item const SSL_METHOD *B<SSLv2_server_method>(void);
Constructor for the SSLv2 SSL_METHOD structure for a dedicated server.
-=item SSL_METHOD *B<SSLv2_method>(void);
+=item const SSL_METHOD *B<SSLv2_method>(void);
Constructor for the SSLv2 SSL_METHOD structure for combined client and server.
-=item SSL_METHOD *B<SSLv3_client_method>(void);
+=item const SSL_METHOD *B<SSLv3_client_method>(void);
Constructor for the SSLv3 SSL_METHOD structure for a dedicated client.
-=item SSL_METHOD *B<SSLv3_server_method>(void);
+=item const SSL_METHOD *B<SSLv3_server_method>(void);
Constructor for the SSLv3 SSL_METHOD structure for a dedicated server.
-=item SSL_METHOD *B<SSLv3_method>(void);
+=item const SSL_METHOD *B<SSLv3_method>(void);
Constructor for the SSLv3 SSL_METHOD structure for combined client and server.
-=item SSL_METHOD *B<TLSv1_client_method>(void);
+=item const SSL_METHOD *B<TLSv1_client_method>(void);
Constructor for the TLSv1 SSL_METHOD structure for a dedicated client.
-=item SSL_METHOD *B<TLSv1_server_method>(void);
+=item const SSL_METHOD *B<TLSv1_server_method>(void);
Constructor for the TLSv1 SSL_METHOD structure for a dedicated server.
-=item SSL_METHOD *B<TLSv1_method>(void);
+=item const SSL_METHOD *B<TLSv1_method>(void);
Constructor for the TLSv1 SSL_METHOD structure for combined client and server.
@@ -229,6 +229,8 @@
=item int (*B<SSL_CTX_get_client_cert_cb>(SSL_CTX *ctx))(SSL *ssl, X509 **x509, EVP_PKEY **pkey);
+=item void B<SSL_CTX_get_default_read_ahead>(SSL_CTX *ctx);
+
=item char *B<SSL_CTX_get_ex_data>(const SSL_CTX *s, int idx);
=item int B<SSL_CTX_get_ex_new_index>(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void))
@@ -237,6 +239,8 @@
=item int B<SSL_CTX_get_quiet_shutdown>(const SSL_CTX *ctx);
+=item void B<SSL_CTX_get_read_ahead>(SSL_CTX *ctx);
+
=item int B<SSL_CTX_get_session_cache_mode>(SSL_CTX *ctx);
=item long B<SSL_CTX_get_timeout>(const SSL_CTX *ctx);
@@ -249,7 +253,7 @@
=item long B<SSL_CTX_need_tmp_RSA>(SSL_CTX *ctx);
-=item SSL_CTX *B<SSL_CTX_new>(SSL_METHOD *meth);
+=item SSL_CTX *B<SSL_CTX_new>(const SSL_METHOD *meth);
=item int B<SSL_CTX_remove_session>(SSL_CTX *ctx, SSL_SESSION *c);
@@ -325,9 +329,11 @@
=item void B<SSL_CTX_set_quiet_shutdown>(SSL_CTX *ctx, int mode);
+=item void B<SSL_CTX_set_read_ahead>(SSL_CTX *ctx, int m);
+
=item void B<SSL_CTX_set_session_cache_mode>(SSL_CTX *ctx, int mode);
-=item int B<SSL_CTX_set_ssl_version>(SSL_CTX *ctx, SSL_METHOD *meth);
+=item int B<SSL_CTX_set_ssl_version>(SSL_CTX *ctx, const SSL_METHOD *meth);
=item void B<SSL_CTX_set_timeout>(SSL_CTX *ctx, long t);
@@ -374,6 +380,15 @@
=item int B<SSL_CTX_use_certificate_file>(SSL_CTX *ctx, char *file, int type);
+=item void B<SSL_CTX_set_psk_client_callback>(SSL_CTX *ctx, unsigned int (*callback)(SSL *ssl, const char *hint, char *identity, unsigned int max_identity_len, unsigned char *psk, unsigned int max_psk_len));
+
+=item int B<SSL_CTX_use_psk_identity_hint>(SSL_CTX *ctx, const char *hint);
+
+=item void B<SSL_CTX_set_psk_server_callback>(SSL_CTX *ctx, unsigned int (*callback)(SSL *ssl, const char *identity, unsigned char *psk, int max_psk_len));
+
+
+
+
=back
=head2 DEALING WITH SESSIONS
@@ -512,7 +527,7 @@
=item int B<SSL_get_shutdown>(const SSL *ssl);
-=item SSL_METHOD *B<SSL_get_ssl_method>(SSL *ssl);
+=item const SSL_METHOD *B<SSL_get_ssl_method>(SSL *ssl);
=item int B<SSL_get_state>(const SSL *ssl);
@@ -596,7 +611,7 @@
=item void B<SSL_set_shutdown>(SSL *ssl, int mode);
-=item int B<SSL_set_ssl_method>(SSL *ssl, SSL_METHOD *meth);
+=item int B<SSL_set_ssl_method>(SSL *ssl, const SSL_METHOD *meth);
=item void B<SSL_set_time>(SSL *ssl, long t);
@@ -650,6 +665,16 @@
=item int B<SSL_write>(SSL *ssl, const void *buf, int num);
+=item void B<SSL_set_psk_client_callback>(SSL *ssl, unsigned int (*callback)(SSL *ssl, const char *hint, char *identity, unsigned int max_identity_len, unsigned char *psk, unsigned int max_psk_len));
+
+=item int B<SSL_use_psk_identity_hint>(SSL *ssl, const char *hint);
+
+=item void B<SSL_set_psk_server_callback>(SSL *ssl, unsigned int (*callback)(SSL *ssl, const char *identity, unsigned char *psk, int max_psk_len));
+
+=item const char *B<SSL_get_psk_identity_hint>(SSL *ssl);
+
+=item const char *B<SSL_get_psk_identity>(SSL *ssl);
+
=back
=head1 SEE ALSO
@@ -684,6 +709,7 @@
L<SSL_CTX_set_msg_callback(3)|SSL_CTX_set_msg_callback(3)>,
L<SSL_CTX_set_options(3)|SSL_CTX_set_options(3)>,
L<SSL_CTX_set_quiet_shutdown(3)|SSL_CTX_set_quiet_shutdown(3)>,
+L<SSL_CTX_set_read_ahead(3)|SSL_CTX_set_read_ahead(3)>,
L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>,
L<SSL_CTX_set_session_id_context(3)|SSL_CTX_set_session_id_context(3)>,
L<SSL_CTX_set_ssl_version(3)|SSL_CTX_set_ssl_version(3)>,
@@ -726,7 +752,10 @@
L<SSL_SESSION_free(3)|SSL_SESSION_free(3)>,
L<SSL_SESSION_get_ex_new_index(3)|SSL_SESSION_get_ex_new_index(3)>,
L<SSL_SESSION_get_time(3)|SSL_SESSION_get_time(3)>,
-L<d2i_SSL_SESSION(3)|d2i_SSL_SESSION(3)>
+L<d2i_SSL_SESSION(3)|d2i_SSL_SESSION(3)>,
+L<SSL_CTX_set_psk_client_callback(3)|SSL_CTX_set_psk_client_callback(3)>,
+L<SSL_CTX_use_psk_identity_hint(3)|SSL_CTX_use_psk_identity_hint(3)>,
+L<SSL_get_psk_identity(3)|SSL_get_psk_identity(3)>
=head1 HISTORY
Modified: trunk/crypto/openssl/doc/ssleay.txt
===================================================================
--- trunk/crypto/openssl/doc/ssleay.txt 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/ssleay.txt 2015-07-21 23:23:45 UTC (rev 7118)
@@ -20,7 +20,7 @@
==== readme ========================================================
This is the old 0.6.6 docuementation. Most of the cipher stuff is still
-relevent but I'm working (very slowly) on new docuemtation.
+relevent but I'm working (very slowly) on new documentation.
The current version can be found online at
http://www.cryptsoft.com/ssleay/doc
@@ -548,8 +548,8 @@
can all be compiled independantly.
ssleay has 3 modes of operation.
-1) If the ssleay binaray has the name of one of its component programs, it
-executes that program and then exits. This can be achieve by using hard or
+1) If the ssleay binary has the name of one of its component programs, it
+executes that program and then exits. This can be achieved by using hard or
symbolic links, or failing that, just renaming the binary.
2) If the first argument to ssleay is the name of one of the component
programs, that program runs that program and then exits.
@@ -1185,7 +1185,7 @@
example is for BIO_s_sock(). A socket needs to be
assigned to the BIO before it can be used.
- 'shutdown', this flag indicates if the underlying
- comunication primative being used should be closed/freed
+ communication primitive being used should be closed/freed
when the BIO is closed.
- 'flags' is used to hold extra state. It is primarily used
to hold information about why a non-blocking operation
@@ -1799,7 +1799,7 @@
unsigned long BN_get_word(BIGNUM *a);
Returns 'a' in an unsigned long. Not remarkably, often 'a' will
- be biger than a word, in which case 0xffffffffL is returned.
+ be bigger than a word, in which case 0xffffffffL is returned.
Word Operations
These functions are much more efficient that the normal bignum arithmetic
@@ -2058,7 +2058,7 @@
PEM_ASN1_write((int (*)())i2d_X509,PEM_STRING_X509,fp, \
(char *)x, NULL,NULL,0,NULL)
Don't do encryption normally. If you want to PEM encrypt your X509 structure,
-either just call PEM_ASN1_write directly or just define you own
+either just call PEM_ASN1_write directly or just define your own
macro variant. As you can see, this macro just sets all encryption related
parameters to NULL.
@@ -5566,7 +5566,7 @@
The SSL_CTX has a session_cache_mode which is by default,
in SSL_SESS_CACHE_SERVER mode. What this means is that the library
-will automatically add new session-id's to the cache apon sucsessful
+will automatically add new session-id's to the cache upon successful
SSL_accept() calls.
If SSL_SESS_CACHE_CLIENT is set, then client certificates are also added
to the cache.
@@ -5580,12 +5580,12 @@
If SSL_SESS_CACHE_NO_AUTO_CLEAR is set, old timed out sessions are
not automatically removed each 255, SSL_connect()s or SSL_accept()s.
-By default, apon every 255 successful SSL_connect() or SSL_accept()s,
+By default, upon every 255 successful SSL_connect() or SSL_accept()s,
the cache is flush. Please note that this could be expensive on
a heavily loaded SSL server, in which case, turn this off and
clear the cache of old entries 'manually' (with one of the functions
listed below) every few hours. Perhaps I should up this number, it is hard
-to say. Remember, the '255' new calls is just a mechanims to get called
+to say. Remember, the '255' new calls is just a mechanism to get called
every now and then, in theory at most 255 new session-id's will have been
added but if 100 are added every minute, you would still have
500 in the cache before any would start being flushed (assuming a 3 minute
@@ -5628,10 +5628,10 @@
void SSL_CTX_sess_set_get_cb(ctx,cb) sets the callback and
int (*cb)()SSL_CTX_sess_get_get_cb(ctx) returns the callback.
-These callbacks are basically indended to be used by processes to
+These callbacks are basically intended to be used by processes to
send their session-id's to other processes. I currently have not implemented
-non-blocking semantics for these callbacks, it is upto the appication
-to make the callbacks effiecent if they require blocking (perhaps
+non-blocking semantics for these callbacks, it is upto the application
+to make the callbacks efficient if they require blocking (perhaps
by 'saving' them and then 'posting them' when control returns from
the SSL_accept().
@@ -6589,7 +6589,7 @@
condition has dissapeared.
After the connection has been made, information can be retrived about the
-SSL session and the session-id values that have been decided apon.
+SSL session and the session-id values that have been decided upon.
The 'peer' certificate can be retrieved.
The session-id values include
Modified: trunk/crypto/openssl/doc/standards.txt
===================================================================
--- trunk/crypto/openssl/doc/standards.txt 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/doc/standards.txt 2015-07-21 23:23:45 UTC (rev 7118)
@@ -69,6 +69,10 @@
3174 US Secure Hash Algorithm 1 (SHA1). D. Eastlake 3rd, P. Jones.
September 2001. (Format: TXT=35525 bytes) (Status: INFORMATIONAL)
+3161 Internet X.509 Public Key Infrastructure, Time-Stamp Protocol (TSP)
+ C. Adams, P. Cain, D. Pinkas, R. Zuccherato. August 2001
+ (Status: PROPOSED STANDARD)
+
3268 Advanced Encryption Standard (AES) Ciphersuites for Transport
Layer Security (TLS). P. Chown. June 2002. (Format: TXT=13530 bytes)
(Status: PROPOSED STANDARD)
Modified: trunk/crypto/openssl/e_os.h
===================================================================
--- trunk/crypto/openssl/e_os.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/e_os.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -104,7 +104,6 @@
# ifndef MAC_OS_GUSI_SOURCE
# define MAC_OS_pre_X
# define NO_SYS_TYPES_H
-typedef long ssize_t;
# endif
# define NO_SYS_PARAM_H
# define NO_CHMOD
@@ -118,7 +117,7 @@
The Microsoft section
********************************************************************/
/*
- * The following is used becaue of the small stack in some Microsoft
+ * The following is used because of the small stack in some Microsoft
* operating systems
*/
# if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYSNAME_WIN32)
@@ -130,9 +129,6 @@
# if defined(OPENSSL_SYS_WIN32) && !defined(WIN32)
# define WIN32
# endif
-# if defined(OPENSSL_SYS_WIN16) && !defined(WIN16)
-# define WIN16
-# endif
# if defined(OPENSSL_SYS_WINDOWS) && !defined(WINDOWS)
# define WINDOWS
# endif
@@ -187,6 +183,13 @@
# define closesocket(s) close(s)
# define readsocket(s,b,n) read((s),(b),(n))
# define writesocket(s,b,n) write((s),(char *)(b),(n))
+# elif defined(OPENSSL_SYS_BEOS_R5)
+# define get_last_socket_error() errno
+# define clear_socket_error() errno=0
+# define FIONBIO SO_NONBLOCK
+# define ioctlsocket(a,b,c) setsockopt((a),SOL_SOCKET,(b),(c),sizeof(*(c)))
+# define readsocket(s,b,n) recv((s),(b),(n),0)
+# define writesocket(s,b,n) send((s),(b),(n),0)
# elif defined(OPENSSL_SYS_NETWARE)
# if defined(NETWARE_BSDSOCK)
# define get_last_socket_error() errno
@@ -215,7 +218,7 @@
# define writesocket(s,b,n) write((s),(b),(n))
# endif
-# ifdef WIN16
+# ifdef WIN16 /* never the case */
# define MS_CALLBACK _far _loadds
# define MS_FAR _far
# else
@@ -261,7 +264,7 @@
/*
* Defining _WIN32_WINNT here in e_os.h implies certain "discipline."
* Most notably we ought to check for availability of each specific
- * routine with GetProcAddress() and/or quard NT-specific calls with
+ * routine with GetProcAddress() and/or guard NT-specific calls with
* GetVersion() < 0x80000000. One can argue that in latter "or" case
* we ought to /DELAYLOAD some .DLLs in order to protect ourselves
* against run-time link errors. This doesn't seem to be necessary,
@@ -268,12 +271,24 @@
* because it turned out that already Windows 95, first non-NT Win32
* implementation, is equipped with at least NT 3.51 stubs, dummy
* routines with same name, but which do nothing. Meaning that it's
- * apparently appropriate to guard generic NT calls with GetVersion
- * alone, while NT 4.0 and above calls ought to be additionally
- * checked upon with GetProcAddress.
+ * apparently sufficient to guard "vanilla" NT calls with GetVersion
+ * alone, while NT 4.0 and above interfaces ought to be linked with
+ * GetProcAddress at run-time.
*/
# define _WIN32_WINNT 0x0400
# endif
+# if !defined(OPENSSL_NO_SOCK) && defined(_WIN32_WINNT)
+ /*
+ * Just like defining _WIN32_WINNT including winsock2.h implies
+ * certain "discipline" for maintaining [broad] binary compatibility.
+ * As long as structures are invariant among Winsock versions,
+ * it's sufficient to check for specific Winsock2 API availability
+ * at run-time [DSO_global_lookup is recommended]...
+ */
+# include <winsock2.h>
+# include <ws2tcpip.h>
+ /* yes, they have to be #included prior to <windows.h> */
+# endif
# include <windows.h>
# include <stdio.h>
# include <stddef.h>
@@ -330,11 +345,9 @@
# include <fcntl.h>
# ifdef OPENSSL_SYS_WINCE
-# include <winsock_extras.h>
+# define OPENSSL_NO_POSIX_IO
# endif
-# define ssize_t long
-
# if defined (__BORLANDC__)
# define _setmode setmode
# define _O_TEXT O_TEXT
@@ -343,12 +356,7 @@
# define _kbhit kbhit
# endif
-# if defined(WIN16) && defined(SSLEAY) && defined(_WINEXITNOPERSIST)
-# define EXIT(n) _wsetexit(_WINEXITNOPERSIST)
-# define OPENSSL_EXIT(n) do { if (n == 0) EXIT(n); return(n); } while(0)
-# else
-# define EXIT(n) exit(n)
-# endif
+# define EXIT(n) exit(n)
# define LIST_SEPARATOR_CHAR ';'
# ifndef X_OK
# define X_OK 0
@@ -434,7 +442,6 @@
extern int GetThreadID(void);
/* # include <conio.h> */
extern int kbhit(void);
-extern void delay(unsigned milliseconds);
# else
# include <screen.h>
# endif
@@ -468,13 +475,14 @@
* -D_POSIX_SOURCE, which doesn't work for
* us) */
# endif
-# if defined(NeXT) || defined(OPENSSL_SYS_NEWS4) || defined(OPENSSL_SYS_SUNOS)
-# define ssize_t int /* ditto */
-# endif
# ifdef OPENSSL_SYS_NEWS4 /* setvbuf is missing on mips-sony-bsd */
# define setvbuf(a, b, c, d) setbuffer((a), (b), (d))
typedef unsigned long clock_t;
# endif
+# ifdef OPENSSL_SYS_WIN32_CYGWIN
+# include <io.h>
+# include <fcntl.h>
+# endif
# define OPENSSL_CONF "openssl.cnf"
# define SSLEAY_CONF OPENSSL_CONF
@@ -500,8 +508,19 @@
# define SHUTDOWN(fd) close(fd)
# define SHUTDOWN2(fd) close(fd)
# elif !defined(__DJGPP__)
-# include <winsock.h>
-extern HINSTANCE _hInstance;
+# if defined(_WIN32_WCE) && _WIN32_WCE<410
+# define getservbyname _masked_declaration_getservbyname
+# endif
+# if !defined(IPPROTO_IP)
+ /* winsock[2].h was included already? */
+# include <winsock.h>
+# endif
+# ifdef getservbyname
+# undef getservbyname
+ /* this is used to be wcecompat/include/winsock_extras.h */
+struct servent *PASCAL getservbyname(const char *, const char *);
+# endif
+
# ifdef _WIN64
/*
* Even though sizeof(SOCKET) is 8, it's safe to cast it to int, because
@@ -575,7 +594,9 @@
# include <sys/filio.h> /* Added for FIONBIO under unixware */
# endif
# include <netinet/in.h>
-# include <arpa/inet.h>
+# if !defined(OPENSSL_SYS_BEOS_R5)
+# include <arpa/inet.h>
+# endif
# endif
# if defined(NeXT) || defined(_NEXT_SOURCE)
@@ -619,12 +640,18 @@
# define INVALID_SOCKET (-1)
# endif /* INVALID_SOCKET */
# endif
-# endif
-# if defined(__ultrix)
-# ifndef ssize_t
-# define ssize_t int
+/*
+ * Some IPv6 implementations are broken, disable them in known bad versions.
+ */
+# if !defined(OPENSSL_USE_IPV6)
+# if defined(AF_INET6) && !defined(OPENSSL_SYS_BEOS_BONE) && !defined(NETWARE_CLIB)
+# define OPENSSL_USE_IPV6 1
+# else
+# define OPENSSL_USE_IPV6 0
+# endif
# endif
+
# endif
# if defined(sun) && !defined(__svr4__) && !defined(__SVR4)
@@ -653,20 +680,6 @@
/***********************************************/
-/*
- * do we need to do this for getenv. Just define getenv for use under windows
- */
-
-# ifdef WIN16
-/* How to do this needs to be thought out a bit more.... */
-/*
- * char *GETENV(char *); #define Getenv GETENV
- */
-# define Getenv getenv
-# else
-# define Getenv getenv
-# endif
-
# define DG_GCC_BUG /* gcc < 2.6.3 on DGUX */
# ifdef sgi
@@ -730,6 +743,14 @@
# endif
/* end vxworks */
+/* beos */
+# if defined(OPENSSL_SYS_BEOS_R5)
+# define SO_ERROR 0
+# define NO_SYS_UN
+# define IPPROTO_IP 0
+# include <OS.h>
+# endif
+
# if !defined(inline) && !defined(__cplusplus)
# if defined(__STDC_VERSION__) && __STDC_VERSION__>=199901L
/* do nothing, inline works */
Modified: trunk/crypto/openssl/e_os2.h
===================================================================
--- trunk/crypto/openssl/e_os2.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/e_os2.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -205,8 +205,14 @@
# endif
/* -------------------------------- VOS ----------------------------------- */
-# ifdef OPENSSL_SYSNAME_VOS
+# if defined(__VOS__) || defined(OPENSSL_SYSNAME_VOS)
# define OPENSSL_SYS_VOS
+# ifdef __HPPA__
+# define OPENSSL_SYS_VOS_HPPA
+# endif
+# ifdef __IA32__
+# define OPENSSL_SYS_VOS_IA32
+# endif
# endif
/* ------------------------------ VxWorks --------------------------------- */
@@ -214,6 +220,17 @@
# define OPENSSL_SYS_VXWORKS
# endif
+/* -------------------------------- BeOS ---------------------------------- */
+# if defined(__BEOS__)
+# define OPENSSL_SYS_BEOS
+# include <sys/socket.h>
+# if defined(BONE_VERSION)
+# define OPENSSL_SYS_BEOS_BONE
+# else
+# define OPENSSL_SYS_BEOS_R5
+# endif
+# endif
+
/**
* That's it for OS-specific stuff
*****************************************************************************/
@@ -274,18 +291,37 @@
* #define foobar OPENSSL_GLOBAL_REF(foobar)
*/
# ifdef OPENSSL_EXPORT_VAR_AS_FUNCTION
-# define OPENSSL_IMPLEMENT_GLOBAL(type,name) \
- extern type _hide_##name; \
- type *_shadow_##name(void) { return &_hide_##name; } \
- static type _hide_##name
+# define OPENSSL_IMPLEMENT_GLOBAL(type,name,value) \
+ type *_shadow_##name(void) \
+ { static type _hide_##name=value; return &_hide_##name; }
# define OPENSSL_DECLARE_GLOBAL(type,name) type *_shadow_##name(void)
# define OPENSSL_GLOBAL_REF(name) (*(_shadow_##name()))
# else
-# define OPENSSL_IMPLEMENT_GLOBAL(type,name) OPENSSL_GLOBAL type _shadow_##name
+# define OPENSSL_IMPLEMENT_GLOBAL(type,name,value) OPENSSL_GLOBAL type _shadow_##name=value;
# define OPENSSL_DECLARE_GLOBAL(type,name) OPENSSL_EXPORT type _shadow_##name
# define OPENSSL_GLOBAL_REF(name) _shadow_##name
# endif
+# if defined(OPENSSL_SYS_MACINTOSH_CLASSIC) && macintosh==1 && !defined(MAC_OS_GUSI_SOURCE)
+# define ossl_ssize_t long
+# endif
+
+# ifdef OPENSSL_SYS_MSDOS
+# define ossl_ssize_t long
+# endif
+
+# if defined(NeXT) || defined(OPENSSL_SYS_NEWS4) || defined(OPENSSL_SYS_SUNOS)
+# define ssize_t int
+# endif
+
+# if defined(__ultrix) && !defined(ssize_t)
+# define ossl_ssize_t int
+# endif
+
+# ifndef ossl_ssize_t
+# define ossl_ssize_t ssize_t
+# endif
+
#ifdef __cplusplus
}
#endif
Modified: trunk/crypto/openssl/engines/Makefile
===================================================================
--- trunk/crypto/openssl/engines/Makefile 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/engines/Makefile 2015-07-21 23:23:45 UTC (rev 7118)
@@ -9,7 +9,13 @@
CFLAG=-g
MAKEFILE= Makefile
AR= ar r
+ENGDIRS= ccgost
+RECURSIVE_MAKE= [ -z "$(ENGDIRS)" ] || for i in $(ENGDIRS) ; do \
+ (cd $$i && echo "making $$target in $(DIR)/$$i..." && \
+ $(MAKE) -e TOP=../.. DIR=$$i $$target ) || exit 1; \
+ done;
+
PEX_LIBS=
EX_LIBS=
@@ -20,7 +26,7 @@
APPS=
LIB=$(TOP)/libcrypto.a
-LIBNAMES= 4758cca aep atalla cswift gmp chil nuron sureware ubsec capi
+LIBNAMES= 4758cca aep atalla cswift gmp chil nuron sureware ubsec padlock capi
LIBSRC= e_4758cca.c \
e_aep.c \
@@ -31,6 +37,7 @@
e_nuron.c \
e_sureware.c \
e_ubsec.c \
+ e_padlock.c \
e_capi.c
LIBOBJ= e_4758cca.o \
e_aep.o \
@@ -41,6 +48,7 @@
e_nuron.o \
e_sureware.o \
e_ubsec.o \
+ e_padlock.o \
e_capi.o
SRC= $(LIBSRC)
@@ -62,7 +70,7 @@
top:
(cd ..; $(MAKE) DIRS=$(DIR) all)
-all: lib
+all: lib subdirs
lib: $(LIBOBJ)
@if [ -n "$(SHARED_LIBS)" ]; then \
@@ -79,37 +87,48 @@
fi; \
touch lib
+subdirs:
+ echo $(EDIRS)
+ @target=all; $(RECURSIVE_MAKE)
+
files:
$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+ @target=files; $(RECURSIVE_MAKE)
links:
+ @target=links; $(RECURSIVE_MAKE)
# XXXXX This currently only works on systems that use .so as suffix
# for shared libraries as well as for Cygwin which uses the
# dlfcn_name_converter and therefore stores the engines with .so suffix, too.
# XXXXX This was extended to HP-UX dl targets, which use .sl suffix.
+# XXXXX This was extended to mingw targets, which use eay32.dll suffix without lib as prefix.
install:
@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
@if [ -n "$(SHARED_LIBS)" ]; then \
set -e; \
- $(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines; \
+ $(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines; \
for l in $(LIBNAMES); do \
( echo installing $$l; \
+ pfx=lib; \
if [ "$(PLATFORM)" != "Cygwin" ]; then \
case "$(CFLAGS)" in \
- *DSO_DLFCN*) sfx="so";; \
- *DSO_DL*) sfx="sl";; \
- *) sfx="bad";; \
+ *DSO_BEOS*) sfx=".so";; \
+ *DSO_DLFCN*) sfx=`expr "$(SHLIB_EXT)" : '.*\(\.[a-z][a-z]*\)' \| ".so"`;; \
+ *DSO_DL*) sfx=".sl";; \
+ *DSO_WIN32*) sfx="eay32.dll"; pfx=;; \
+ *) sfx=".bad";; \
esac; \
- cp lib$$l.$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/lib$$l.$$sfx.new; \
+ cp $$pfx$$l$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \
else \
- sfx="so"; \
- cp cyg$$l.dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/lib$$l.$$sfx.new; \
+ sfx=".so"; \
+ cp cyg$$l.dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \
fi; \
- chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/lib$$l.$$sfx.new; \
- mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/lib$$l.$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/lib$$l.$$sfx ); \
+ chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \
+ mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \
done; \
fi
+ @target=install; $(RECURSIVE_MAKE)
tags:
ctags $(SRC)
@@ -119,25 +138,32 @@
$(PERL) ../util/mkerr.pl -conf e_$$l.ec \
-nostatic -staticloader -write e_$$l.c; \
done
+ (cd ccgost; $(MAKE) PERL=$(PERL) errors)
tests:
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
+ @target=lint; $(RECURSIVE_MAKE)
-depend:
- @if [ -z "$(THIS)" ]; then \
- $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; \
- else \
- $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC); \
- fi
+update: local_depend
+ @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
+ @[ -z "$(THIS)" ] || (set -e; target=update; $(RECURSIVE_MAKE) )
+depend: local_depend
+ @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
+ @[ -z "$(THIS)" ] || (set -e; target=depend; $(RECURSIVE_MAKE) )
+local_depend:
+ @[ -z "$(THIS)" ] || $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
dclean:
$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
mv -f Makefile.new $(MAKEFILE)
+ @target=dclean; $(RECURSIVE_MAKE)
clean:
rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+ @target=clean; $(RECURSIVE_MAKE)
# DO NOT DELETE THIS LINE -- make depend depends on it.
@@ -147,16 +173,16 @@
e_4758cca.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
e_4758cca.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
e_4758cca.o: ../include/openssl/engine.h ../include/openssl/err.h
-e_4758cca.o: ../include/openssl/evp.h ../include/openssl/fips.h
-e_4758cca.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-e_4758cca.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-e_4758cca.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-e_4758cca.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-e_4758cca.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-e_4758cca.o: ../include/openssl/sha.h ../include/openssl/stack.h
-e_4758cca.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
-e_4758cca.o: ../include/openssl/x509_vfy.h e_4758cca.c e_4758cca_err.c
-e_4758cca.o: e_4758cca_err.h vendor_defns/hw_4758_cca.h
+e_4758cca.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+e_4758cca.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+e_4758cca.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+e_4758cca.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
+e_4758cca.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+e_4758cca.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+e_4758cca.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+e_4758cca.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+e_4758cca.o: e_4758cca.c e_4758cca_err.c e_4758cca_err.h
+e_4758cca.o: vendor_defns/hw_4758_cca.h
e_aep.o: ../include/openssl/asn1.h ../include/openssl/bio.h
e_aep.o: ../include/openssl/bn.h ../include/openssl/buffer.h
e_aep.o: ../include/openssl/crypto.h ../include/openssl/dh.h
@@ -164,15 +190,15 @@
e_aep.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
e_aep.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
e_aep.o: ../include/openssl/engine.h ../include/openssl/err.h
-e_aep.o: ../include/openssl/evp.h ../include/openssl/fips.h
-e_aep.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-e_aep.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-e_aep.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-e_aep.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
-e_aep.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-e_aep.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-e_aep.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h e_aep.c
-e_aep.o: e_aep_err.c e_aep_err.h vendor_defns/aep.h
+e_aep.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+e_aep.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+e_aep.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+e_aep.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
+e_aep.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+e_aep.o: ../include/openssl/sha.h ../include/openssl/stack.h
+e_aep.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
+e_aep.o: ../include/openssl/x509_vfy.h e_aep.c e_aep_err.c e_aep_err.h
+e_aep.o: vendor_defns/aep.h
e_atalla.o: ../include/openssl/asn1.h ../include/openssl/bio.h
e_atalla.o: ../include/openssl/bn.h ../include/openssl/buffer.h
e_atalla.o: ../include/openssl/crypto.h ../include/openssl/dh.h
@@ -180,28 +206,27 @@
e_atalla.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
e_atalla.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
e_atalla.o: ../include/openssl/engine.h ../include/openssl/err.h
-e_atalla.o: ../include/openssl/evp.h ../include/openssl/fips.h
-e_atalla.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-e_atalla.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-e_atalla.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-e_atalla.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
-e_atalla.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-e_atalla.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-e_atalla.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h e_atalla.c
-e_atalla.o: e_atalla_err.c e_atalla_err.h vendor_defns/atalla.h
+e_atalla.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+e_atalla.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+e_atalla.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+e_atalla.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
+e_atalla.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+e_atalla.o: ../include/openssl/sha.h ../include/openssl/stack.h
+e_atalla.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
+e_atalla.o: ../include/openssl/x509_vfy.h e_atalla.c e_atalla_err.c
+e_atalla.o: e_atalla_err.h vendor_defns/atalla.h
e_capi.o: ../include/openssl/asn1.h ../include/openssl/bio.h
e_capi.o: ../include/openssl/bn.h ../include/openssl/buffer.h
e_capi.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
e_capi.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
e_capi.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-e_capi.o: ../include/openssl/evp.h ../include/openssl/fips.h
-e_capi.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-e_capi.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-e_capi.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-e_capi.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
-e_capi.o: ../include/openssl/sha.h ../include/openssl/stack.h
-e_capi.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
-e_capi.o: ../include/openssl/x509_vfy.h e_capi.c
+e_capi.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+e_capi.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+e_capi.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+e_capi.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
+e_capi.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+e_capi.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+e_capi.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h e_capi.c
e_chil.o: ../include/openssl/asn1.h ../include/openssl/bio.h
e_chil.o: ../include/openssl/bn.h ../include/openssl/buffer.h
e_chil.o: ../include/openssl/crypto.h ../include/openssl/dh.h
@@ -209,17 +234,16 @@
e_chil.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
e_chil.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
e_chil.o: ../include/openssl/err.h ../include/openssl/evp.h
-e_chil.o: ../include/openssl/fips.h ../include/openssl/lhash.h
-e_chil.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-e_chil.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-e_chil.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-e_chil.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-e_chil.o: ../include/openssl/rand.h ../include/openssl/rsa.h
-e_chil.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-e_chil.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-e_chil.o: ../include/openssl/ui.h ../include/openssl/x509.h
-e_chil.o: ../include/openssl/x509_vfy.h e_chil.c e_chil_err.c e_chil_err.h
-e_chil.o: vendor_defns/hwcryptohook.h
+e_chil.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+e_chil.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+e_chil.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+e_chil.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+e_chil.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+e_chil.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+e_chil.o: ../include/openssl/sha.h ../include/openssl/stack.h
+e_chil.o: ../include/openssl/symhacks.h ../include/openssl/ui.h
+e_chil.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h e_chil.c
+e_chil.o: e_chil_err.c e_chil_err.h vendor_defns/hwcryptohook.h
e_cswift.o: ../include/openssl/asn1.h ../include/openssl/bio.h
e_cswift.o: ../include/openssl/bn.h ../include/openssl/buffer.h
e_cswift.o: ../include/openssl/crypto.h ../include/openssl/dh.h
@@ -227,29 +251,28 @@
e_cswift.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
e_cswift.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
e_cswift.o: ../include/openssl/engine.h ../include/openssl/err.h
-e_cswift.o: ../include/openssl/evp.h ../include/openssl/fips.h
-e_cswift.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-e_cswift.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-e_cswift.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-e_cswift.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-e_cswift.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-e_cswift.o: ../include/openssl/sha.h ../include/openssl/stack.h
-e_cswift.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
-e_cswift.o: ../include/openssl/x509_vfy.h e_cswift.c e_cswift_err.c
-e_cswift.o: e_cswift_err.h vendor_defns/cswift.h
+e_cswift.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+e_cswift.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+e_cswift.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+e_cswift.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
+e_cswift.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+e_cswift.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+e_cswift.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+e_cswift.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h e_cswift.c
+e_cswift.o: e_cswift_err.c e_cswift_err.h vendor_defns/cswift.h
e_gmp.o: ../include/openssl/asn1.h ../include/openssl/bio.h
e_gmp.o: ../include/openssl/bn.h ../include/openssl/buffer.h
e_gmp.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
e_gmp.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
e_gmp.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-e_gmp.o: ../include/openssl/evp.h ../include/openssl/fips.h
-e_gmp.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-e_gmp.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-e_gmp.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-e_gmp.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
-e_gmp.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-e_gmp.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-e_gmp.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h e_gmp.c
+e_gmp.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+e_gmp.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+e_gmp.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+e_gmp.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
+e_gmp.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+e_gmp.o: ../include/openssl/sha.h ../include/openssl/stack.h
+e_gmp.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
+e_gmp.o: ../include/openssl/x509_vfy.h e_gmp.c
e_nuron.o: ../include/openssl/asn1.h ../include/openssl/bio.h
e_nuron.o: ../include/openssl/bn.h ../include/openssl/buffer.h
e_nuron.o: ../include/openssl/crypto.h ../include/openssl/dh.h
@@ -257,15 +280,28 @@
e_nuron.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
e_nuron.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
e_nuron.o: ../include/openssl/engine.h ../include/openssl/err.h
-e_nuron.o: ../include/openssl/evp.h ../include/openssl/fips.h
-e_nuron.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-e_nuron.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-e_nuron.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-e_nuron.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
-e_nuron.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-e_nuron.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-e_nuron.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h e_nuron.c
-e_nuron.o: e_nuron_err.c e_nuron_err.h
+e_nuron.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+e_nuron.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+e_nuron.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+e_nuron.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
+e_nuron.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+e_nuron.o: ../include/openssl/sha.h ../include/openssl/stack.h
+e_nuron.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
+e_nuron.o: ../include/openssl/x509_vfy.h e_nuron.c e_nuron_err.c e_nuron_err.h
+e_padlock.o: ../include/openssl/aes.h ../include/openssl/asn1.h
+e_padlock.o: ../include/openssl/bio.h ../include/openssl/buffer.h
+e_padlock.o: ../include/openssl/crypto.h ../include/openssl/dso.h
+e_padlock.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
+e_padlock.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
+e_padlock.o: ../include/openssl/engine.h ../include/openssl/err.h
+e_padlock.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+e_padlock.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+e_padlock.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+e_padlock.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
+e_padlock.o: ../include/openssl/rand.h ../include/openssl/safestack.h
+e_padlock.o: ../include/openssl/sha.h ../include/openssl/stack.h
+e_padlock.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
+e_padlock.o: ../include/openssl/x509_vfy.h e_padlock.c
e_sureware.o: ../include/openssl/asn1.h ../include/openssl/bio.h
e_sureware.o: ../include/openssl/bn.h ../include/openssl/buffer.h
e_sureware.o: ../include/openssl/crypto.h ../include/openssl/dh.h
@@ -273,17 +309,17 @@
e_sureware.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
e_sureware.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
e_sureware.o: ../include/openssl/engine.h ../include/openssl/err.h
-e_sureware.o: ../include/openssl/evp.h ../include/openssl/fips.h
-e_sureware.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-e_sureware.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-e_sureware.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-e_sureware.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-e_sureware.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-e_sureware.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-e_sureware.o: ../include/openssl/sha.h ../include/openssl/stack.h
-e_sureware.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
-e_sureware.o: ../include/openssl/x509_vfy.h e_sureware.c e_sureware_err.c
-e_sureware.o: e_sureware_err.h vendor_defns/sureware.h
+e_sureware.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+e_sureware.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+e_sureware.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+e_sureware.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+e_sureware.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+e_sureware.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+e_sureware.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+e_sureware.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+e_sureware.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+e_sureware.o: e_sureware.c e_sureware_err.c e_sureware_err.h
+e_sureware.o: vendor_defns/sureware.h
e_ubsec.o: ../include/openssl/asn1.h ../include/openssl/bio.h
e_ubsec.o: ../include/openssl/bn.h ../include/openssl/buffer.h
e_ubsec.o: ../include/openssl/crypto.h ../include/openssl/dh.h
@@ -291,12 +327,12 @@
e_ubsec.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
e_ubsec.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
e_ubsec.o: ../include/openssl/engine.h ../include/openssl/err.h
-e_ubsec.o: ../include/openssl/evp.h ../include/openssl/fips.h
-e_ubsec.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-e_ubsec.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-e_ubsec.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-e_ubsec.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
-e_ubsec.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-e_ubsec.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-e_ubsec.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h e_ubsec.c
-e_ubsec.o: e_ubsec_err.c e_ubsec_err.h vendor_defns/hw_ubsec.h
+e_ubsec.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+e_ubsec.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+e_ubsec.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+e_ubsec.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
+e_ubsec.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+e_ubsec.o: ../include/openssl/sha.h ../include/openssl/stack.h
+e_ubsec.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
+e_ubsec.o: ../include/openssl/x509_vfy.h e_ubsec.c e_ubsec_err.c e_ubsec_err.h
+e_ubsec.o: vendor_defns/hw_ubsec.h
Copied: trunk/crypto/openssl/engines/axp.opt (from rev 7117, vendor-crypto/openssl/dist/engines/axp.opt)
===================================================================
--- trunk/crypto/openssl/engines/axp.opt (rev 0)
+++ trunk/crypto/openssl/engines/axp.opt 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1 @@
+SYMBOL_VECTOR=(bind_engine=PROCEDURE,v_check=PROCEDURE)
Copied: trunk/crypto/openssl/engines/capierr.bat (from rev 7117, vendor-crypto/openssl/dist/engines/capierr.bat)
===================================================================
--- trunk/crypto/openssl/engines/capierr.bat (rev 0)
+++ trunk/crypto/openssl/engines/capierr.bat 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1 @@
+perl ../util/mkerr.pl -conf e_capi.ec -nostatic -staticloader -write e_capi.c
Modified: trunk/crypto/openssl/engines/e_4758cca.c
===================================================================
--- trunk/crypto/openssl/engines/e_4758cca.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/engines/e_4758cca.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -94,7 +94,7 @@
unsigned char *sigret, unsigned int *siglen,
const RSA *rsa);
static int cca_rsa_verify(int dtype, const unsigned char *m,
- unsigned int m_len, unsigned char *sigbuf,
+ unsigned int m_len, const unsigned char *sigbuf,
unsigned int siglen, const RSA *rsa);
/* utility functions */
@@ -476,10 +476,6 @@
err:
if (keyToken)
OPENSSL_free(keyToken);
- if (res)
- EVP_PKEY_free(res);
- if (rtmp)
- RSA_free(rtmp);
return NULL;
}
@@ -550,10 +546,6 @@
err:
if (keyToken)
OPENSSL_free(keyToken);
- if (res)
- EVP_PKEY_free(res);
- if (rtmp)
- RSA_free(rtmp);
return NULL;
}
@@ -616,7 +608,7 @@
# define SSL_SIG_LEN 36
static int cca_rsa_verify(int type, const unsigned char *m,
- unsigned int m_len, unsigned char *sigbuf,
+ unsigned int m_len, const unsigned char *sigbuf,
unsigned int siglen, const RSA *rsa)
{
long returnCode;
@@ -715,7 +707,7 @@
digitalSignatureVerify(&returnCode, &reasonCode, &exitDataLength,
exitData, &ruleArrayLength, ruleArray,
&keyTokenLength, keyToken, &length, hashBuffer,
- &lsiglen, sigbuf);
+ &lsiglen, (unsigned char *)sigbuf);
if (type == NID_sha1 || type == NID_md5) {
OPENSSL_cleanse(hashBuffer, keyLength + 1);
Modified: trunk/crypto/openssl/engines/e_aep.c
===================================================================
--- trunk/crypto/openssl/engines/e_aep.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/engines/e_aep.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -57,7 +57,7 @@
#include <string.h>
#include <openssl/e_os2.h>
-#if !defined(OPENSSL_SYS_MSDOS) || defined(__DJGPP__)
+#if !defined(OPENSSL_SYS_MSDOS) || defined(__DJGPP__) || defined(__MINGW32__)
# include <sys/types.h>
# include <unistd.h>
#else
@@ -68,6 +68,8 @@
#if defined(OPENSSL_SYS_NETWARE) && defined(NETWARE_CLIB)
# define getpid GetThreadID
extern int GetThreadID(void);
+#elif defined(_WIN32) && !defined(__WATCOMC__)
+# define getpid _getpid
#endif
#include <openssl/crypto.h>
@@ -83,7 +85,6 @@
#ifndef OPENSSL_NO_DH
# include <openssl/dh.h>
#endif
-#include <openssl/bn.h>
#ifndef OPENSSL_NO_HW
# ifndef OPENSSL_NO_HW_AEP
@@ -872,13 +873,7 @@
CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-# ifdef NETWARE_CLIB
- curr_pid = GetThreadID();
-# elif defined(_WIN32)
- curr_pid = _getpid();
-# else
curr_pid = getpid();
-# endif
/*
* Check if this is the first time this is being called from the current
Modified: trunk/crypto/openssl/engines/e_capi.c
===================================================================
--- trunk/crypto/openssl/engines/e_capi.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/engines/e_capi.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -71,28 +71,50 @@
# include <wincrypt.h>
-# undef X509_EXTENSIONS
-# undef X509_CERT_PAIR
+/*
+ * This module uses several "new" interfaces, among which is
+ * CertGetCertificateContextProperty. CERT_KEY_PROV_INFO_PROP_ID is
+ * one of possible values you can pass to function in question. By
+ * checking if it's defined we can see if wincrypt.h and accompanying
+ * crypt32.lib are in shape. The native MingW32 headers up to and
+ * including __W32API_VERSION 3.14 lack of struct DSSPUBKEY and the
+ * defines CERT_STORE_PROV_SYSTEM_A and CERT_STORE_READONLY_FLAG,
+ * so we check for these too and avoid compiling.
+ * Yes, it's rather "weak" test and if compilation fails,
+ * then re-configure with -DOPENSSL_NO_CAPIENG.
+ */
+# if defined(CERT_KEY_PROV_INFO_PROP_ID) && \
+ defined(CERT_STORE_PROV_SYSTEM_A) && \
+ defined(CERT_STORE_READONLY_FLAG)
+# define __COMPILE_CAPIENG
+# endif /* CERT_KEY_PROV_INFO_PROP_ID */
+# endif /* OPENSSL_NO_CAPIENG */
+#endif /* OPENSSL_SYS_WIN32 */
+#ifdef __COMPILE_CAPIENG
+
+# undef X509_EXTENSIONS
+# undef X509_CERT_PAIR
+
/* Definitions which may be missing from earlier version of headers */
-# ifndef CERT_STORE_OPEN_EXISTING_FLAG
-# define CERT_STORE_OPEN_EXISTING_FLAG 0x00004000
-# endif
+# ifndef CERT_STORE_OPEN_EXISTING_FLAG
+# define CERT_STORE_OPEN_EXISTING_FLAG 0x00004000
+# endif
-# ifndef CERT_STORE_CREATE_NEW_FLAG
-# define CERT_STORE_CREATE_NEW_FLAG 0x00002000
-# endif
+# ifndef CERT_STORE_CREATE_NEW_FLAG
+# define CERT_STORE_CREATE_NEW_FLAG 0x00002000
+# endif
-# ifndef CERT_SYSTEM_STORE_CURRENT_USER
-# define CERT_SYSTEM_STORE_CURRENT_USER 0x00010000
-# endif
+# ifndef CERT_SYSTEM_STORE_CURRENT_USER
+# define CERT_SYSTEM_STORE_CURRENT_USER 0x00010000
+# endif
-# include <openssl/engine.h>
-# include <openssl/pem.h>
-# include <openssl/x509v3.h>
+# include <openssl/engine.h>
+# include <openssl/pem.h>
+# include <openssl/x509v3.h>
-# include "e_capi_err.h"
-# include "e_capi_err.c"
+# include "e_capi_err.h"
+# include "e_capi_err.c"
static const char *engine_capi_id = "capi";
static const char *engine_capi_name = "CryptoAPI ENGINE";
@@ -137,9 +159,9 @@
void *callback_data);
static int cert_select_simple(ENGINE *e, SSL *ssl, STACK_OF(X509) *certs);
-# ifdef OPENSSL_CAPIENG_DIALOG
+# ifdef OPENSSL_CAPIENG_DIALOG
static int cert_select_dialog(ENGINE *e, SSL *ssl, STACK_OF(X509) *certs);
-# endif
+# endif
typedef PCCERT_CONTEXT(WINAPI *CERTDLG) (HCERTSTORE, HWND, LPCWSTR,
LPCWSTR, DWORD, DWORD, void *);
@@ -150,8 +172,8 @@
* global options and affects how other functions behave.
*/
-# define CAPI_DBG_TRACE 2
-# define CAPI_DBG_ERROR 1
+# define CAPI_DBG_TRACE 2
+# define CAPI_DBG_ERROR 1
struct CAPI_CTX_st {
int debug_level;
@@ -167,25 +189,25 @@
DWORD store_flags;
/* Lookup string meanings in load_private_key */
/* Substring of subject: uses "storename" */
-# define CAPI_LU_SUBSTR 1
+# define CAPI_LU_SUBSTR 1
/* Friendly name: uses storename */
-# define CAPI_LU_FNAME 2
+# define CAPI_LU_FNAME 2
/* Container name: uses cspname, keytype */
-# define CAPI_LU_CONTNAME 3
+# define CAPI_LU_CONTNAME 3
int lookup_method;
/* Info to dump with dumpcerts option */
/* Issuer and serial name strings */
-# define CAPI_DMP_SUMMARY 0x1
+# define CAPI_DMP_SUMMARY 0x1
/* Friendly name */
-# define CAPI_DMP_FNAME 0x2
+# define CAPI_DMP_FNAME 0x2
/* Full X509_print dump */
-# define CAPI_DMP_FULL 0x4
+# define CAPI_DMP_FULL 0x4
/* Dump PEM format certificate */
-# define CAPI_DMP_PEM 0x8
+# define CAPI_DMP_PEM 0x8
/* Dump pseudo key (if possible) */
-# define CAPI_DMP_PSKEY 0x10
+# define CAPI_DMP_PSKEY 0x10
/* Dump key info (if possible) */
-# define CAPI_DMP_PKEYINFO 0x20
+# define CAPI_DMP_PKEYINFO 0x20
DWORD dump_flags;
int (*client_cert_select) (ENGINE *e, SSL *ssl, STACK_OF(X509) *certs);
CERTDLG certselectdlg;
@@ -198,20 +220,20 @@
int check);
static int capi_ctx_set_provname_idx(CAPI_CTX * ctx, int idx);
-# define CAPI_CMD_LIST_CERTS ENGINE_CMD_BASE
-# define CAPI_CMD_LOOKUP_CERT (ENGINE_CMD_BASE + 1)
-# define CAPI_CMD_DEBUG_LEVEL (ENGINE_CMD_BASE + 2)
-# define CAPI_CMD_DEBUG_FILE (ENGINE_CMD_BASE + 3)
-# define CAPI_CMD_KEYTYPE (ENGINE_CMD_BASE + 4)
-# define CAPI_CMD_LIST_CSPS (ENGINE_CMD_BASE + 5)
-# define CAPI_CMD_SET_CSP_IDX (ENGINE_CMD_BASE + 6)
-# define CAPI_CMD_SET_CSP_NAME (ENGINE_CMD_BASE + 7)
-# define CAPI_CMD_SET_CSP_TYPE (ENGINE_CMD_BASE + 8)
-# define CAPI_CMD_LIST_CONTAINERS (ENGINE_CMD_BASE + 9)
-# define CAPI_CMD_LIST_OPTIONS (ENGINE_CMD_BASE + 10)
-# define CAPI_CMD_LOOKUP_METHOD (ENGINE_CMD_BASE + 11)
-# define CAPI_CMD_STORE_NAME (ENGINE_CMD_BASE + 12)
-# define CAPI_CMD_STORE_FLAGS (ENGINE_CMD_BASE + 13)
+# define CAPI_CMD_LIST_CERTS ENGINE_CMD_BASE
+# define CAPI_CMD_LOOKUP_CERT (ENGINE_CMD_BASE + 1)
+# define CAPI_CMD_DEBUG_LEVEL (ENGINE_CMD_BASE + 2)
+# define CAPI_CMD_DEBUG_FILE (ENGINE_CMD_BASE + 3)
+# define CAPI_CMD_KEYTYPE (ENGINE_CMD_BASE + 4)
+# define CAPI_CMD_LIST_CSPS (ENGINE_CMD_BASE + 5)
+# define CAPI_CMD_SET_CSP_IDX (ENGINE_CMD_BASE + 6)
+# define CAPI_CMD_SET_CSP_NAME (ENGINE_CMD_BASE + 7)
+# define CAPI_CMD_SET_CSP_TYPE (ENGINE_CMD_BASE + 8)
+# define CAPI_CMD_LIST_CONTAINERS (ENGINE_CMD_BASE + 9)
+# define CAPI_CMD_LIST_OPTIONS (ENGINE_CMD_BASE + 10)
+# define CAPI_CMD_LOOKUP_METHOD (ENGINE_CMD_BASE + 11)
+# define CAPI_CMD_STORE_NAME (ENGINE_CMD_BASE + 12)
+# define CAPI_CMD_STORE_FLAGS (ENGINE_CMD_BASE + 13)
static const ENGINE_CMD_DEFN capi_cmd_defns[] = {
{CAPI_CMD_LIST_CERTS,
@@ -441,7 +463,7 @@
ENGINE_set_ex_data(e, capi_idx, ctx);
-# ifdef OPENSSL_CAPIENG_DIALOG
+# ifdef OPENSSL_CAPIENG_DIALOG
{
HMODULE cryptui = LoadLibrary(TEXT("CRYPTUI.DLL"));
HMODULE kernel = GetModuleHandle(TEXT("KERNEL32.DLL"));
@@ -455,7 +477,7 @@
if (cryptui && !OPENSSL_isservice())
ctx->client_cert_select = cert_select_dialog;
}
-# endif
+# endif
return 1;
@@ -499,6 +521,7 @@
{
if (!ENGINE_set_id(e, engine_capi_id)
|| !ENGINE_set_name(e, engine_capi_name)
+ || !ENGINE_set_flags(e, ENGINE_FLAGS_NO_REGISTER_ALL)
|| !ENGINE_set_init_function(e, capi_init)
|| !ENGINE_set_finish_function(e, capi_finish)
|| !ENGINE_set_destroy_function(e, capi_destroy)
@@ -516,7 +539,7 @@
}
-# ifndef OPENSSL_NO_DYNAMIC_ENGINE
+# ifndef OPENSSL_NO_DYNAMIC_ENGINE
static int bind_helper(ENGINE *e, const char *id)
{
if (id && (strcmp(id, engine_capi_id) != 0))
@@ -528,7 +551,7 @@
IMPLEMENT_DYNAMIC_CHECK_FN()
IMPLEMENT_DYNAMIC_BIND_FN(bind_helper)
-# else
+# else
static ENGINE *engine_capi(void)
{
ENGINE *ret = ENGINE_new();
@@ -551,7 +574,7 @@
ENGINE_free(toadd);
ERR_clear_error();
}
-# endif
+# endif
static int lend_tobn(BIGNUM *bn, unsigned char *bin, int binlen)
{
@@ -1641,7 +1664,7 @@
return 0;
}
-# ifdef OPENSSL_CAPIENG_DIALOG
+# ifdef OPENSSL_CAPIENG_DIALOG
/*
* More complex cert selection function, using standard function
@@ -1653,14 +1676,14 @@
* versions of headers.
*/
-# ifndef CRYPTUI_SELECT_LOCATION_COLUMN
-# define CRYPTUI_SELECT_LOCATION_COLUMN 0x000000010
-# define CRYPTUI_SELECT_INTENDEDUSE_COLUMN 0x000000004
-# endif
+# ifndef CRYPTUI_SELECT_LOCATION_COLUMN
+# define CRYPTUI_SELECT_LOCATION_COLUMN 0x000000010
+# define CRYPTUI_SELECT_INTENDEDUSE_COLUMN 0x000000004
+# endif
-# define dlg_title L"OpenSSL Application SSL Client Certificate Selection"
-# define dlg_prompt L"Select a certificate to use for authentication"
-# define dlg_columns CRYPTUI_SELECT_LOCATION_COLUMN \
+# define dlg_title L"OpenSSL Application SSL Client Certificate Selection"
+# define dlg_prompt L"Select a certificate to use for authentication"
+# define dlg_columns CRYPTUI_SELECT_LOCATION_COLUMN \
|CRYPTUI_SELECT_INTENDEDUSE_COLUMN
static int cert_select_dialog(ENGINE *e, SSL *ssl, STACK_OF(X509) *certs)
@@ -1725,13 +1748,14 @@
return idx;
}
-# endif
+# endif
-# endif
-#else /* !WIN32 */
+#else /* !__COMPILE_CAPIENG */
# include <openssl/engine.h>
# ifndef OPENSSL_NO_DYNAMIC_ENGINE
OPENSSL_EXPORT
+ int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns);
+OPENSSL_EXPORT
int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns)
{
return 0;
@@ -1738,5 +1762,9 @@
}
IMPLEMENT_DYNAMIC_CHECK_FN()
+# else
+void ENGINE_load_capi(void)
+{
+}
# endif
#endif
Modified: trunk/crypto/openssl/engines/e_capi_err.c
===================================================================
--- trunk/crypto/openssl/engines/e_capi_err.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/engines/e_capi_err.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,6 +1,6 @@
/* e_capi_err.c */
/* ====================================================================
- * Copyright (c) 1999-2008 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2009 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
Modified: trunk/crypto/openssl/engines/e_chil.c
===================================================================
--- trunk/crypto/openssl/engines/e_chil.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/engines/e_chil.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -232,7 +232,6 @@
/* Constants used when creating the ENGINE */
static const char *engine_hwcrhk_id = "chil";
static const char *engine_hwcrhk_name = "CHIL hardware engine support";
-
# ifndef OPENSSL_NO_DYNAMIC_ENGINE
/* Compatibility hack, the dynamic library uses this form in the path */
static const char *engine_hwcrhk_id_alt = "ncipher";
@@ -849,8 +848,6 @@
return res;
err:
- if (res)
- EVP_PKEY_free(res);
# ifndef OPENSSL_NO_RSA
if (rtmp)
RSA_free(rtmp);
Modified: trunk/crypto/openssl/engines/e_gmp.c
===================================================================
--- trunk/crypto/openssl/engines/e_gmp.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/engines/e_gmp.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -89,7 +89,9 @@
#include <openssl/crypto.h>
#include <openssl/buffer.h>
#include <openssl/engine.h>
-#include <openssl/rsa.h>
+#ifndef OPENSSL_NO_RSA
+# include <openssl/rsa.h>
+#endif
#include <openssl/bn.h>
#ifndef OPENSSL_NO_HW
@@ -478,11 +480,13 @@
IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
# else
OPENSSL_EXPORT
+ int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns);
+OPENSSL_EXPORT
int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns)
{
return 0;
}
# endif
-# endif /* OPENSSL_NO_DYNAMIC_ENGINE */
+# endif /* !OPENSSL_NO_DYNAMIC_ENGINE */
#endif /* !OPENSSL_NO_HW */
Copied: trunk/crypto/openssl/engines/e_padlock.c (from rev 7117, vendor-crypto/openssl/dist/engines/e_padlock.c)
===================================================================
--- trunk/crypto/openssl/engines/e_padlock.c (rev 0)
+++ trunk/crypto/openssl/engines/e_padlock.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,1266 @@
+/*-
+ * Support for VIA PadLock Advanced Cryptography Engine (ACE)
+ * Written by Michal Ludvig <michal at logix.cz>
+ * http://www.logix.cz/michal
+ *
+ * Big thanks to Andy Polyakov for a help with optimization,
+ * assembler fixes, port to MS Windows and a lot of other
+ * valuable work on this engine!
+ */
+
+/* ====================================================================
+ * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <string.h>
+
+#include <openssl/opensslconf.h>
+#include <openssl/crypto.h>
+#include <openssl/dso.h>
+#include <openssl/engine.h>
+#include <openssl/evp.h>
+#ifndef OPENSSL_NO_AES
+# include <openssl/aes.h>
+#endif
+#include <openssl/rand.h>
+#include <openssl/err.h>
+
+#ifndef OPENSSL_NO_HW
+# ifndef OPENSSL_NO_HW_PADLOCK
+
+/* Attempt to have a single source for both 0.9.7 and 0.9.8 :-) */
+# if (OPENSSL_VERSION_NUMBER >= 0x00908000L)
+# ifndef OPENSSL_NO_DYNAMIC_ENGINE
+# define DYNAMIC_ENGINE
+# endif
+# elif (OPENSSL_VERSION_NUMBER >= 0x00907000L)
+# ifdef ENGINE_DYNAMIC_SUPPORT
+# define DYNAMIC_ENGINE
+# endif
+# else
+# error "Only OpenSSL >= 0.9.7 is supported"
+# endif
+
+/*
+ * VIA PadLock AES is available *ONLY* on some x86 CPUs. Not only that it
+ * doesn't exist elsewhere, but it even can't be compiled on other platforms!
+ *
+ * In addition, because of the heavy use of inline assembler, compiler choice
+ * is limited to GCC and Microsoft C.
+ */
+# undef COMPILE_HW_PADLOCK
+# if !defined(I386_ONLY) && !defined(OPENSSL_NO_INLINE_ASM)
+# if (defined(__GNUC__) && (defined(__i386__) || defined(__i386))) || \
+ (defined(_MSC_VER) && defined(_M_IX86))
+# define COMPILE_HW_PADLOCK
+# endif
+# endif
+
+# ifdef OPENSSL_NO_DYNAMIC_ENGINE
+# ifdef COMPILE_HW_PADLOCK
+static ENGINE *ENGINE_padlock(void);
+# endif
+
+void ENGINE_load_padlock(void)
+{
+/* On non-x86 CPUs it just returns. */
+# ifdef COMPILE_HW_PADLOCK
+ ENGINE *toadd = ENGINE_padlock();
+ if (!toadd)
+ return;
+ ENGINE_add(toadd);
+ ENGINE_free(toadd);
+ ERR_clear_error();
+# endif
+}
+
+# endif
+
+# ifdef COMPILE_HW_PADLOCK
+/*
+ * We do these includes here to avoid header problems on platforms that do
+ * not have the VIA padlock anyway...
+ */
+# include <stdlib.h>
+# ifdef _WIN32
+# include <malloc.h>
+# ifndef alloca
+# define alloca _alloca
+# endif
+# elif defined(__GNUC__)
+# ifndef alloca
+# define alloca(s) __builtin_alloca(s)
+# endif
+# endif
+
+/* Function for ENGINE detection and control */
+static int padlock_available(void);
+static int padlock_init(ENGINE *e);
+
+/* RNG Stuff */
+static RAND_METHOD padlock_rand;
+
+/* Cipher Stuff */
+# ifndef OPENSSL_NO_AES
+static int padlock_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
+ const int **nids, int nid);
+# endif
+
+/* Engine names */
+static const char *padlock_id = "padlock";
+static char padlock_name[100];
+
+/* Available features */
+static int padlock_use_ace = 0; /* Advanced Cryptography Engine */
+static int padlock_use_rng = 0; /* Random Number Generator */
+# ifndef OPENSSL_NO_AES
+static int padlock_aes_align_required = 1;
+# endif
+
+/* ===== Engine "management" functions ===== */
+
+/* Prepare the ENGINE structure for registration */
+static int padlock_bind_helper(ENGINE *e)
+{
+ /* Check available features */
+ padlock_available();
+
+# if 1 /* disable RNG for now, see commentary in
+ * vicinity of RNG code */
+ padlock_use_rng = 0;
+# endif
+
+ /* Generate a nice engine name with available features */
+ BIO_snprintf(padlock_name, sizeof(padlock_name),
+ "VIA PadLock (%s, %s)",
+ padlock_use_rng ? "RNG" : "no-RNG",
+ padlock_use_ace ? "ACE" : "no-ACE");
+
+ /* Register everything or return with an error */
+ if (!ENGINE_set_id(e, padlock_id) ||
+ !ENGINE_set_name(e, padlock_name) ||
+ !ENGINE_set_init_function(e, padlock_init) ||
+# ifndef OPENSSL_NO_AES
+ (padlock_use_ace && !ENGINE_set_ciphers(e, padlock_ciphers)) ||
+# endif
+ (padlock_use_rng && !ENGINE_set_RAND(e, &padlock_rand))) {
+ return 0;
+ }
+
+ /* Everything looks good */
+ return 1;
+}
+
+# ifdef OPENSSL_NO_DYNAMIC_ENGINE
+
+/* Constructor */
+static ENGINE *ENGINE_padlock(void)
+{
+ ENGINE *eng = ENGINE_new();
+
+ if (!eng) {
+ return NULL;
+ }
+
+ if (!padlock_bind_helper(eng)) {
+ ENGINE_free(eng);
+ return NULL;
+ }
+
+ return eng;
+}
+
+# endif
+
+/* Check availability of the engine */
+static int padlock_init(ENGINE *e)
+{
+ return (padlock_use_rng || padlock_use_ace);
+}
+
+/*
+ * This stuff is needed if this ENGINE is being compiled into a
+ * self-contained shared-library.
+ */
+# ifdef DYNAMIC_ENGINE
+static int padlock_bind_fn(ENGINE *e, const char *id)
+{
+ if (id && (strcmp(id, padlock_id) != 0)) {
+ return 0;
+ }
+
+ if (!padlock_bind_helper(e)) {
+ return 0;
+ }
+
+ return 1;
+}
+
+IMPLEMENT_DYNAMIC_CHECK_FN()
+ IMPLEMENT_DYNAMIC_BIND_FN(padlock_bind_fn)
+# endif /* DYNAMIC_ENGINE */
+/* ===== Here comes the "real" engine ===== */
+# ifndef OPENSSL_NO_AES
+/* Some AES-related constants */
+# define AES_BLOCK_SIZE 16
+# define AES_KEY_SIZE_128 16
+# define AES_KEY_SIZE_192 24
+# define AES_KEY_SIZE_256 32
+ /*
+ * Here we store the status information relevant to the current context.
+ */
+ /*
+ * BIG FAT WARNING: Inline assembler in PADLOCK_XCRYPT_ASM() depends on
+ * the order of items in this structure. Don't blindly modify, reorder,
+ * etc!
+ */
+struct padlock_cipher_data {
+ unsigned char iv[AES_BLOCK_SIZE]; /* Initialization vector */
+ union {
+ unsigned int pad[4];
+ struct {
+ int rounds:4;
+ int dgst:1; /* n/a in C3 */
+ int align:1; /* n/a in C3 */
+ int ciphr:1; /* n/a in C3 */
+ unsigned int keygen:1;
+ int interm:1;
+ unsigned int encdec:1;
+ int ksize:2;
+ } b;
+ } cword; /* Control word */
+ AES_KEY ks; /* Encryption key */
+};
+
+/*
+ * Essentially this variable belongs in thread local storage.
+ * Having this variable global on the other hand can only cause
+ * few bogus key reloads [if any at all on single-CPU system],
+ * so we accept the penatly...
+ */
+static volatile struct padlock_cipher_data *padlock_saved_context;
+# endif
+
+/*-
+ * =======================================================
+ * Inline assembler section(s).
+ * =======================================================
+ * Order of arguments is chosen to facilitate Windows port
+ * using __fastcall calling convention. If you wish to add
+ * more routines, keep in mind that first __fastcall
+ * argument is passed in %ecx and second - in %edx.
+ * =======================================================
+ */
+# if defined(__GNUC__) && __GNUC__>=2
+/*
+ * As for excessive "push %ebx"/"pop %ebx" found all over.
+ * When generating position-independent code GCC won't let
+ * us use "b" in assembler templates nor even respect "ebx"
+ * in "clobber description." Therefore the trouble...
+ */
+
+/*
+ * Helper function - check if a CPUID instruction is available on this CPU
+ */
+static int padlock_insn_cpuid_available(void)
+{
+ int result = -1;
+
+ /*
+ * We're checking if the bit #21 of EFLAGS can be toggled. If yes =
+ * CPUID is available.
+ */
+ asm volatile ("pushf\n"
+ "popl %%eax\n"
+ "xorl $0x200000, %%eax\n"
+ "movl %%eax, %%ecx\n"
+ "andl $0x200000, %%ecx\n"
+ "pushl %%eax\n"
+ "popf\n"
+ "pushf\n"
+ "popl %%eax\n"
+ "andl $0x200000, %%eax\n"
+ "xorl %%eax, %%ecx\n"
+ "movl %%ecx, %0\n":"=r" (result)::"eax", "ecx");
+
+ return (result == 0);
+}
+
+/*
+ * Load supported features of the CPU to see if the PadLock is available.
+ */
+static int padlock_available(void)
+{
+ char vendor_string[16];
+ unsigned int eax, edx;
+
+ /* First check if the CPUID instruction is available at all... */
+ if (!padlock_insn_cpuid_available())
+ return 0;
+
+ /* Are we running on the Centaur (VIA) CPU? */
+ eax = 0x00000000;
+ vendor_string[12] = 0;
+ asm volatile ("pushl %%ebx\n"
+ "cpuid\n"
+ "movl %%ebx,(%%edi)\n"
+ "movl %%edx,4(%%edi)\n"
+ "movl %%ecx,8(%%edi)\n"
+ "popl %%ebx":"+a" (eax):"D"(vendor_string):"ecx", "edx");
+ if (strcmp(vendor_string, "CentaurHauls") != 0)
+ return 0;
+
+ /* Check for Centaur Extended Feature Flags presence */
+ eax = 0xC0000000;
+ asm volatile ("pushl %%ebx; cpuid; popl %%ebx":"+a" (eax)::"ecx", "edx");
+ if (eax < 0xC0000001)
+ return 0;
+
+ /* Read the Centaur Extended Feature Flags */
+ eax = 0xC0000001;
+ asm volatile ("pushl %%ebx; cpuid; popl %%ebx":"+a" (eax),
+ "=d"(edx)::"ecx");
+
+ /* Fill up some flags */
+ padlock_use_ace = ((edx & (0x3 << 6)) == (0x3 << 6));
+ padlock_use_rng = ((edx & (0x3 << 2)) == (0x3 << 2));
+
+ return padlock_use_ace + padlock_use_rng;
+}
+
+# ifndef OPENSSL_NO_AES
+# ifndef AES_ASM
+/* Our own htonl()/ntohl() */
+static inline void padlock_bswapl(AES_KEY *ks)
+{
+ size_t i = sizeof(ks->rd_key) / sizeof(ks->rd_key[0]);
+ unsigned int *key = ks->rd_key;
+
+ while (i--) {
+ asm volatile ("bswapl %0":"+r" (*key));
+ key++;
+ }
+}
+# endif
+# endif
+
+/*
+ * Force key reload from memory to the CPU microcode. Loading EFLAGS from the
+ * stack clears EFLAGS[30] which does the trick.
+ */
+static inline void padlock_reload_key(void)
+{
+ asm volatile ("pushfl; popfl");
+}
+
+# ifndef OPENSSL_NO_AES
+/*
+ * This is heuristic key context tracing. At first one
+ * believes that one should use atomic swap instructions,
+ * but it's not actually necessary. Point is that if
+ * padlock_saved_context was changed by another thread
+ * after we've read it and before we compare it with cdata,
+ * our key *shall* be reloaded upon thread context switch
+ * and we are therefore set in either case...
+ */
+static inline void padlock_verify_context(struct padlock_cipher_data *cdata)
+{
+ asm volatile ("pushfl\n"
+ " btl $30,(%%esp)\n"
+ " jnc 1f\n"
+ " cmpl %2,%1\n"
+ " je 1f\n"
+ " popfl\n"
+ " subl $4,%%esp\n"
+ "1: addl $4,%%esp\n"
+ " movl %2,%0":"+m" (padlock_saved_context)
+ :"r"(padlock_saved_context), "r"(cdata):"cc");
+}
+
+/* Template for padlock_xcrypt_* modes */
+/*
+ * BIG FAT WARNING: The offsets used with 'leal' instructions describe items
+ * of the 'padlock_cipher_data' structure.
+ */
+# define PADLOCK_XCRYPT_ASM(name,rep_xcrypt) \
+static inline void *name(size_t cnt, \
+ struct padlock_cipher_data *cdata, \
+ void *out, const void *inp) \
+{ void *iv; \
+ asm volatile ( "pushl %%ebx\n" \
+ " leal 16(%0),%%edx\n" \
+ " leal 32(%0),%%ebx\n" \
+ rep_xcrypt "\n" \
+ " popl %%ebx" \
+ : "=a"(iv), "=c"(cnt), "=D"(out), "=S"(inp) \
+ : "0"(cdata), "1"(cnt), "2"(out), "3"(inp) \
+ : "edx", "cc", "memory"); \
+ return iv; \
+}
+
+/* Generate all functions with appropriate opcodes */
+/* rep xcryptecb */
+PADLOCK_XCRYPT_ASM(padlock_xcrypt_ecb, ".byte 0xf3,0x0f,0xa7,0xc8")
+/* rep xcryptcbc */
+ PADLOCK_XCRYPT_ASM(padlock_xcrypt_cbc, ".byte 0xf3,0x0f,0xa7,0xd0")
+/* rep xcryptcfb */
+ PADLOCK_XCRYPT_ASM(padlock_xcrypt_cfb, ".byte 0xf3,0x0f,0xa7,0xe0")
+/* rep xcryptofb */
+ PADLOCK_XCRYPT_ASM(padlock_xcrypt_ofb, ".byte 0xf3,0x0f,0xa7,0xe8")
+# endif
+/* The RNG call itself */
+static inline unsigned int padlock_xstore(void *addr, unsigned int edx_in)
+{
+ unsigned int eax_out;
+
+ asm volatile (".byte 0x0f,0xa7,0xc0" /* xstore */
+ :"=a" (eax_out), "=m"(*(unsigned *)addr)
+ :"D"(addr), "d"(edx_in)
+ );
+
+ return eax_out;
+}
+
+/*
+ * Why not inline 'rep movsd'? I failed to find information on what value in
+ * Direction Flag one can expect and consequently have to apply
+ * "better-safe-than-sorry" approach and assume "undefined." I could
+ * explicitly clear it and restore the original value upon return from
+ * padlock_aes_cipher, but it's presumably too much trouble for too little
+ * gain... In case you wonder 'rep xcrypt*' instructions above are *not*
+ * affected by the Direction Flag and pointers advance toward larger
+ * addresses unconditionally.
+ */
+static inline unsigned char *padlock_memcpy(void *dst, const void *src,
+ size_t n)
+{
+ long *d = dst;
+ const long *s = src;
+
+ n /= sizeof(*d);
+ do {
+ *d++ = *s++;
+ } while (--n);
+
+ return dst;
+}
+
+# elif defined(_MSC_VER)
+/*
+ * Unlike GCC these are real functions. In order to minimize impact
+ * on performance we adhere to __fastcall calling convention in
+ * order to get two first arguments passed through %ecx and %edx.
+ * Which kind of suits very well, as instructions in question use
+ * both %ecx and %edx as input:-)
+ */
+# define REP_XCRYPT(code) \
+ _asm _emit 0xf3 \
+ _asm _emit 0x0f _asm _emit 0xa7 \
+ _asm _emit code
+
+/*
+ * BIG FAT WARNING: The offsets used with 'lea' instructions describe items
+ * of the 'padlock_cipher_data' structure.
+ */
+# define PADLOCK_XCRYPT_ASM(name,code) \
+static void * __fastcall \
+ name (size_t cnt, void *cdata, \
+ void *outp, const void *inp) \
+{ _asm mov eax,edx \
+ _asm lea edx,[eax+16] \
+ _asm lea ebx,[eax+32] \
+ _asm mov edi,outp \
+ _asm mov esi,inp \
+ REP_XCRYPT(code) \
+}
+
+PADLOCK_XCRYPT_ASM(padlock_xcrypt_ecb,0xc8)
+PADLOCK_XCRYPT_ASM(padlock_xcrypt_cbc,0xd0)
+PADLOCK_XCRYPT_ASM(padlock_xcrypt_cfb,0xe0)
+PADLOCK_XCRYPT_ASM(padlock_xcrypt_ofb,0xe8)
+
+static int __fastcall padlock_xstore(void *outp, unsigned int code)
+{
+ _asm mov edi,ecx
+ _asm _emit 0x0f _asm _emit 0xa7 _asm _emit 0xc0
+}
+
+static void __fastcall padlock_reload_key(void)
+{
+ _asm pushfd
+ _asm popfd
+}
+
+static void __fastcall padlock_verify_context(void *cdata)
+{
+ _asm {
+ pushfd
+ bt DWORD PTR[esp],30
+ jnc skip
+ cmp ecx,padlock_saved_context
+ je skip
+ popfd
+ sub esp,4
+ skip: add esp,4
+ mov padlock_saved_context,ecx
+ }
+}
+
+static int
+padlock_available(void)
+{
+ _asm {
+ pushfd
+ pop eax
+ mov ecx,eax
+ xor eax,1<<21
+ push eax
+ popfd
+ pushfd
+ pop eax
+ xor eax,ecx
+ bt eax,21
+ jnc noluck
+ mov eax,0
+ cpuid
+ xor eax,eax
+ cmp ebx,'tneC'
+ jne noluck
+ cmp edx,'Hrua'
+ jne noluck
+ cmp ecx,'slua'
+ jne noluck
+ mov eax,0xC0000000
+ cpuid
+ mov edx,eax
+ xor eax,eax
+ cmp edx,0xC0000001
+ jb noluck
+ mov eax,0xC0000001
+ cpuid
+ xor eax,eax
+ bt edx,6
+ jnc skip_a
+ bt edx,7
+ jnc skip_a
+ mov padlock_use_ace,1
+ inc eax
+ skip_a: bt edx,2
+ jnc skip_r
+ bt edx,3
+ jnc skip_r
+ mov padlock_use_rng,1
+ inc eax
+ skip_r:
+ noluck:
+ }
+}
+
+static void __fastcall padlock_bswapl(void *key)
+{
+ _asm {
+ pushfd
+ cld
+ mov esi,ecx
+ mov edi,ecx
+ mov ecx,60
+ up: lodsd
+ bswap eax
+ stosd
+ loop up
+ popfd
+ }
+}
+
+/*
+ * MS actually specifies status of Direction Flag and compiler even manages
+ * to compile following as 'rep movsd' all by itself...
+ */
+# define padlock_memcpy(o,i,n) ((unsigned char *)memcpy((o),(i),(n)&~3U))
+# endif
+/* ===== AES encryption/decryption ===== */
+# ifndef OPENSSL_NO_AES
+# if defined(NID_aes_128_cfb128) && ! defined (NID_aes_128_cfb)
+# define NID_aes_128_cfb NID_aes_128_cfb128
+# endif
+# if defined(NID_aes_128_ofb128) && ! defined (NID_aes_128_ofb)
+# define NID_aes_128_ofb NID_aes_128_ofb128
+# endif
+# if defined(NID_aes_192_cfb128) && ! defined (NID_aes_192_cfb)
+# define NID_aes_192_cfb NID_aes_192_cfb128
+# endif
+# if defined(NID_aes_192_ofb128) && ! defined (NID_aes_192_ofb)
+# define NID_aes_192_ofb NID_aes_192_ofb128
+# endif
+# if defined(NID_aes_256_cfb128) && ! defined (NID_aes_256_cfb)
+# define NID_aes_256_cfb NID_aes_256_cfb128
+# endif
+# if defined(NID_aes_256_ofb128) && ! defined (NID_aes_256_ofb)
+# define NID_aes_256_ofb NID_aes_256_ofb128
+# endif
+/*
+ * List of supported ciphers.
+ */ static int padlock_cipher_nids[] = {
+ NID_aes_128_ecb,
+ NID_aes_128_cbc,
+ NID_aes_128_cfb,
+ NID_aes_128_ofb,
+
+ NID_aes_192_ecb,
+ NID_aes_192_cbc,
+ NID_aes_192_cfb,
+ NID_aes_192_ofb,
+
+ NID_aes_256_ecb,
+ NID_aes_256_cbc,
+ NID_aes_256_cfb,
+ NID_aes_256_ofb,
+};
+
+static int padlock_cipher_nids_num = (sizeof(padlock_cipher_nids) /
+ sizeof(padlock_cipher_nids[0]));
+
+/* Function prototypes ... */
+static int padlock_aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+ const unsigned char *iv, int enc);
+static int padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t nbytes);
+
+# define NEAREST_ALIGNED(ptr) ( (unsigned char *)(ptr) + \
+ ( (0x10 - ((size_t)(ptr) & 0x0F)) & 0x0F ) )
+# define ALIGNED_CIPHER_DATA(ctx) ((struct padlock_cipher_data *)\
+ NEAREST_ALIGNED(ctx->cipher_data))
+
+# define EVP_CIPHER_block_size_ECB AES_BLOCK_SIZE
+# define EVP_CIPHER_block_size_CBC AES_BLOCK_SIZE
+# define EVP_CIPHER_block_size_OFB 1
+# define EVP_CIPHER_block_size_CFB 1
+
+/*
+ * Declaring so many ciphers by hand would be a pain. Instead introduce a bit
+ * of preprocessor magic :-)
+ */
+# define DECLARE_AES_EVP(ksize,lmode,umode) \
+static const EVP_CIPHER padlock_aes_##ksize##_##lmode = { \
+ NID_aes_##ksize##_##lmode, \
+ EVP_CIPHER_block_size_##umode, \
+ AES_KEY_SIZE_##ksize, \
+ AES_BLOCK_SIZE, \
+ 0 | EVP_CIPH_##umode##_MODE, \
+ padlock_aes_init_key, \
+ padlock_aes_cipher, \
+ NULL, \
+ sizeof(struct padlock_cipher_data) + 16, \
+ EVP_CIPHER_set_asn1_iv, \
+ EVP_CIPHER_get_asn1_iv, \
+ NULL, \
+ NULL \
+}
+
+DECLARE_AES_EVP(128, ecb, ECB);
+DECLARE_AES_EVP(128, cbc, CBC);
+DECLARE_AES_EVP(128, cfb, CFB);
+DECLARE_AES_EVP(128, ofb, OFB);
+
+DECLARE_AES_EVP(192, ecb, ECB);
+DECLARE_AES_EVP(192, cbc, CBC);
+DECLARE_AES_EVP(192, cfb, CFB);
+DECLARE_AES_EVP(192, ofb, OFB);
+
+DECLARE_AES_EVP(256, ecb, ECB);
+DECLARE_AES_EVP(256, cbc, CBC);
+DECLARE_AES_EVP(256, cfb, CFB);
+DECLARE_AES_EVP(256, ofb, OFB);
+
+static int
+padlock_ciphers(ENGINE *e, const EVP_CIPHER **cipher, const int **nids,
+ int nid)
+{
+ /* No specific cipher => return a list of supported nids ... */
+ if (!cipher) {
+ *nids = padlock_cipher_nids;
+ return padlock_cipher_nids_num;
+ }
+
+ /* ... or the requested "cipher" otherwise */
+ switch (nid) {
+ case NID_aes_128_ecb:
+ *cipher = &padlock_aes_128_ecb;
+ break;
+ case NID_aes_128_cbc:
+ *cipher = &padlock_aes_128_cbc;
+ break;
+ case NID_aes_128_cfb:
+ *cipher = &padlock_aes_128_cfb;
+ break;
+ case NID_aes_128_ofb:
+ *cipher = &padlock_aes_128_ofb;
+ break;
+
+ case NID_aes_192_ecb:
+ *cipher = &padlock_aes_192_ecb;
+ break;
+ case NID_aes_192_cbc:
+ *cipher = &padlock_aes_192_cbc;
+ break;
+ case NID_aes_192_cfb:
+ *cipher = &padlock_aes_192_cfb;
+ break;
+ case NID_aes_192_ofb:
+ *cipher = &padlock_aes_192_ofb;
+ break;
+
+ case NID_aes_256_ecb:
+ *cipher = &padlock_aes_256_ecb;
+ break;
+ case NID_aes_256_cbc:
+ *cipher = &padlock_aes_256_cbc;
+ break;
+ case NID_aes_256_cfb:
+ *cipher = &padlock_aes_256_cfb;
+ break;
+ case NID_aes_256_ofb:
+ *cipher = &padlock_aes_256_ofb;
+ break;
+
+ default:
+ /* Sorry, we don't support this NID */
+ *cipher = NULL;
+ return 0;
+ }
+
+ return 1;
+}
+
+/* Prepare the encryption key for PadLock usage */
+static int
+padlock_aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+ const unsigned char *iv, int enc)
+{
+ struct padlock_cipher_data *cdata;
+ int key_len = EVP_CIPHER_CTX_key_length(ctx) * 8;
+
+ if (key == NULL)
+ return 0; /* ERROR */
+
+ cdata = ALIGNED_CIPHER_DATA(ctx);
+ memset(cdata, 0, sizeof(struct padlock_cipher_data));
+
+ /* Prepare Control word. */
+ if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_OFB_MODE)
+ cdata->cword.b.encdec = 0;
+ else
+ cdata->cword.b.encdec = (ctx->encrypt == 0);
+ cdata->cword.b.rounds = 10 + (key_len - 128) / 32;
+ cdata->cword.b.ksize = (key_len - 128) / 64;
+
+ switch (key_len) {
+ case 128:
+ /*
+ * PadLock can generate an extended key for AES128 in hardware
+ */
+ memcpy(cdata->ks.rd_key, key, AES_KEY_SIZE_128);
+ cdata->cword.b.keygen = 0;
+ break;
+
+ case 192:
+ case 256:
+ /*
+ * Generate an extended AES key in software. Needed for AES192/AES256
+ */
+ /*
+ * Well, the above applies to Stepping 8 CPUs and is listed as
+ * hardware errata. They most likely will fix it at some point and
+ * then a check for stepping would be due here.
+ */
+ if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_CFB_MODE ||
+ EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_OFB_MODE || enc)
+ AES_set_encrypt_key(key, key_len, &cdata->ks);
+ else
+ AES_set_decrypt_key(key, key_len, &cdata->ks);
+# ifndef AES_ASM
+ /*
+ * OpenSSL C functions use byte-swapped extended key.
+ */
+ padlock_bswapl(&cdata->ks);
+# endif
+ cdata->cword.b.keygen = 1;
+ break;
+
+ default:
+ /* ERROR */
+ return 0;
+ }
+
+ /*
+ * This is done to cover for cases when user reuses the
+ * context for new key. The catch is that if we don't do
+ * this, padlock_eas_cipher might proceed with old key...
+ */
+ padlock_reload_key();
+
+ return 1;
+}
+
+/*-
+ * Simplified version of padlock_aes_cipher() used when
+ * 1) both input and output buffers are at aligned addresses.
+ * or when
+ * 2) running on a newer CPU that doesn't require aligned buffers.
+ */
+static int
+padlock_aes_cipher_omnivorous(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
+ const unsigned char *in_arg, size_t nbytes)
+{
+ struct padlock_cipher_data *cdata;
+ void *iv;
+
+ cdata = ALIGNED_CIPHER_DATA(ctx);
+ padlock_verify_context(cdata);
+
+ switch (EVP_CIPHER_CTX_mode(ctx)) {
+ case EVP_CIPH_ECB_MODE:
+ padlock_xcrypt_ecb(nbytes / AES_BLOCK_SIZE, cdata, out_arg, in_arg);
+ break;
+
+ case EVP_CIPH_CBC_MODE:
+ memcpy(cdata->iv, ctx->iv, AES_BLOCK_SIZE);
+ iv = padlock_xcrypt_cbc(nbytes / AES_BLOCK_SIZE, cdata, out_arg,
+ in_arg);
+ memcpy(ctx->iv, iv, AES_BLOCK_SIZE);
+ break;
+
+ case EVP_CIPH_CFB_MODE:
+ memcpy(cdata->iv, ctx->iv, AES_BLOCK_SIZE);
+ iv = padlock_xcrypt_cfb(nbytes / AES_BLOCK_SIZE, cdata, out_arg,
+ in_arg);
+ memcpy(ctx->iv, iv, AES_BLOCK_SIZE);
+ break;
+
+ case EVP_CIPH_OFB_MODE:
+ memcpy(cdata->iv, ctx->iv, AES_BLOCK_SIZE);
+ padlock_xcrypt_ofb(nbytes / AES_BLOCK_SIZE, cdata, out_arg, in_arg);
+ memcpy(ctx->iv, cdata->iv, AES_BLOCK_SIZE);
+ break;
+
+ default:
+ return 0;
+ }
+
+ memset(cdata->iv, 0, AES_BLOCK_SIZE);
+
+ return 1;
+}
+
+# ifndef PADLOCK_CHUNK
+# define PADLOCK_CHUNK 512 /* Must be a power of 2 larger than 16 */
+# endif
+# if PADLOCK_CHUNK<16 || PADLOCK_CHUNK&(PADLOCK_CHUNK-1)
+# error "insane PADLOCK_CHUNK..."
+# endif
+
+/*
+ * Re-align the arguments to 16-Bytes boundaries and run the encryption
+ * function itself. This function is not AES-specific.
+ */
+static int
+padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
+ const unsigned char *in_arg, size_t nbytes)
+{
+ struct padlock_cipher_data *cdata;
+ const void *inp;
+ unsigned char *out;
+ void *iv;
+ int inp_misaligned, out_misaligned, realign_in_loop;
+ size_t chunk, allocated = 0;
+
+ /*
+ * ctx->num is maintained in byte-oriented modes, such as CFB and OFB...
+ */
+ if ((chunk = ctx->num)) { /* borrow chunk variable */
+ unsigned char *ivp = ctx->iv;
+
+ switch (EVP_CIPHER_CTX_mode(ctx)) {
+ case EVP_CIPH_CFB_MODE:
+ if (chunk >= AES_BLOCK_SIZE)
+ return 0; /* bogus value */
+
+ if (ctx->encrypt)
+ while (chunk < AES_BLOCK_SIZE && nbytes != 0) {
+ ivp[chunk] = *(out_arg++) = *(in_arg++) ^ ivp[chunk];
+ chunk++, nbytes--;
+ } else
+ while (chunk < AES_BLOCK_SIZE && nbytes != 0) {
+ unsigned char c = *(in_arg++);
+ *(out_arg++) = c ^ ivp[chunk];
+ ivp[chunk++] = c, nbytes--;
+ }
+
+ ctx->num = chunk % AES_BLOCK_SIZE;
+ break;
+ case EVP_CIPH_OFB_MODE:
+ if (chunk >= AES_BLOCK_SIZE)
+ return 0; /* bogus value */
+
+ while (chunk < AES_BLOCK_SIZE && nbytes != 0) {
+ *(out_arg++) = *(in_arg++) ^ ivp[chunk];
+ chunk++, nbytes--;
+ }
+
+ ctx->num = chunk % AES_BLOCK_SIZE;
+ break;
+ }
+ }
+
+ if (nbytes == 0)
+ return 1;
+# if 0
+ if (nbytes % AES_BLOCK_SIZE)
+ return 0; /* are we expected to do tail processing? */
+# else
+ /*
+ * nbytes is always multiple of AES_BLOCK_SIZE in ECB and CBC modes and
+ * arbitrary value in byte-oriented modes, such as CFB and OFB...
+ */
+# endif
+
+ /*
+ * VIA promises CPUs that won't require alignment in the future. For now
+ * padlock_aes_align_required is initialized to 1 and the condition is
+ * never met...
+ */
+ /*
+ * C7 core is capable to manage unaligned input in non-ECB[!] mode, but
+ * performance penalties appear to be approximately same as for software
+ * alignment below or ~3x. They promise to improve it in the future, but
+ * for now we can just as well pretend that it can only handle aligned
+ * input...
+ */
+ if (!padlock_aes_align_required && (nbytes % AES_BLOCK_SIZE) == 0)
+ return padlock_aes_cipher_omnivorous(ctx, out_arg, in_arg, nbytes);
+
+ inp_misaligned = (((size_t)in_arg) & 0x0F);
+ out_misaligned = (((size_t)out_arg) & 0x0F);
+
+ /*
+ * Note that even if output is aligned and input not, I still prefer to
+ * loop instead of copy the whole input and then encrypt in one stroke.
+ * This is done in order to improve L1 cache utilization...
+ */
+ realign_in_loop = out_misaligned | inp_misaligned;
+
+ if (!realign_in_loop && (nbytes % AES_BLOCK_SIZE) == 0)
+ return padlock_aes_cipher_omnivorous(ctx, out_arg, in_arg, nbytes);
+
+ /* this takes one "if" out of the loops */
+ chunk = nbytes;
+ chunk %= PADLOCK_CHUNK;
+ if (chunk == 0)
+ chunk = PADLOCK_CHUNK;
+
+ if (out_misaligned) {
+ /* optmize for small input */
+ allocated = (chunk < nbytes ? PADLOCK_CHUNK : nbytes);
+ out = alloca(0x10 + allocated);
+ out = NEAREST_ALIGNED(out);
+ } else
+ out = out_arg;
+
+ cdata = ALIGNED_CIPHER_DATA(ctx);
+ padlock_verify_context(cdata);
+
+ switch (EVP_CIPHER_CTX_mode(ctx)) {
+ case EVP_CIPH_ECB_MODE:
+ do {
+ if (inp_misaligned)
+ inp = padlock_memcpy(out, in_arg, chunk);
+ else
+ inp = in_arg;
+ in_arg += chunk;
+
+ padlock_xcrypt_ecb(chunk / AES_BLOCK_SIZE, cdata, out, inp);
+
+ if (out_misaligned)
+ out_arg = padlock_memcpy(out_arg, out, chunk) + chunk;
+ else
+ out = out_arg += chunk;
+
+ nbytes -= chunk;
+ chunk = PADLOCK_CHUNK;
+ } while (nbytes);
+ break;
+
+ case EVP_CIPH_CBC_MODE:
+ memcpy(cdata->iv, ctx->iv, AES_BLOCK_SIZE);
+ goto cbc_shortcut;
+ do {
+ if (iv != cdata->iv)
+ memcpy(cdata->iv, iv, AES_BLOCK_SIZE);
+ chunk = PADLOCK_CHUNK;
+ cbc_shortcut: /* optimize for small input */
+ if (inp_misaligned)
+ inp = padlock_memcpy(out, in_arg, chunk);
+ else
+ inp = in_arg;
+ in_arg += chunk;
+
+ iv = padlock_xcrypt_cbc(chunk / AES_BLOCK_SIZE, cdata, out, inp);
+
+ if (out_misaligned)
+ out_arg = padlock_memcpy(out_arg, out, chunk) + chunk;
+ else
+ out = out_arg += chunk;
+
+ } while (nbytes -= chunk);
+ memcpy(ctx->iv, iv, AES_BLOCK_SIZE);
+ break;
+
+ case EVP_CIPH_CFB_MODE:
+ memcpy(iv = cdata->iv, ctx->iv, AES_BLOCK_SIZE);
+ chunk &= ~(AES_BLOCK_SIZE - 1);
+ if (chunk)
+ goto cfb_shortcut;
+ else
+ goto cfb_skiploop;
+ do {
+ if (iv != cdata->iv)
+ memcpy(cdata->iv, iv, AES_BLOCK_SIZE);
+ chunk = PADLOCK_CHUNK;
+ cfb_shortcut: /* optimize for small input */
+ if (inp_misaligned)
+ inp = padlock_memcpy(out, in_arg, chunk);
+ else
+ inp = in_arg;
+ in_arg += chunk;
+
+ iv = padlock_xcrypt_cfb(chunk / AES_BLOCK_SIZE, cdata, out, inp);
+
+ if (out_misaligned)
+ out_arg = padlock_memcpy(out_arg, out, chunk) + chunk;
+ else
+ out = out_arg += chunk;
+
+ nbytes -= chunk;
+ } while (nbytes >= AES_BLOCK_SIZE);
+
+ cfb_skiploop:
+ if (nbytes) {
+ unsigned char *ivp = cdata->iv;
+
+ if (iv != ivp) {
+ memcpy(ivp, iv, AES_BLOCK_SIZE);
+ iv = ivp;
+ }
+ ctx->num = nbytes;
+ if (cdata->cword.b.encdec) {
+ cdata->cword.b.encdec = 0;
+ padlock_reload_key();
+ padlock_xcrypt_ecb(1, cdata, ivp, ivp);
+ cdata->cword.b.encdec = 1;
+ padlock_reload_key();
+ while (nbytes) {
+ unsigned char c = *(in_arg++);
+ *(out_arg++) = c ^ *ivp;
+ *(ivp++) = c, nbytes--;
+ }
+ } else {
+ padlock_reload_key();
+ padlock_xcrypt_ecb(1, cdata, ivp, ivp);
+ padlock_reload_key();
+ while (nbytes) {
+ *ivp = *(out_arg++) = *(in_arg++) ^ *ivp;
+ ivp++, nbytes--;
+ }
+ }
+ }
+
+ memcpy(ctx->iv, iv, AES_BLOCK_SIZE);
+ break;
+
+ case EVP_CIPH_OFB_MODE:
+ memcpy(cdata->iv, ctx->iv, AES_BLOCK_SIZE);
+ chunk &= ~(AES_BLOCK_SIZE - 1);
+ if (chunk)
+ do {
+ if (inp_misaligned)
+ inp = padlock_memcpy(out, in_arg, chunk);
+ else
+ inp = in_arg;
+ in_arg += chunk;
+
+ padlock_xcrypt_ofb(chunk / AES_BLOCK_SIZE, cdata, out, inp);
+
+ if (out_misaligned)
+ out_arg = padlock_memcpy(out_arg, out, chunk) + chunk;
+ else
+ out = out_arg += chunk;
+
+ nbytes -= chunk;
+ chunk = PADLOCK_CHUNK;
+ } while (nbytes >= AES_BLOCK_SIZE);
+
+ if (nbytes) {
+ unsigned char *ivp = cdata->iv;
+
+ ctx->num = nbytes;
+ padlock_reload_key(); /* empirically found */
+ padlock_xcrypt_ecb(1, cdata, ivp, ivp);
+ padlock_reload_key(); /* empirically found */
+ while (nbytes) {
+ *(out_arg++) = *(in_arg++) ^ *ivp;
+ ivp++, nbytes--;
+ }
+ }
+
+ memcpy(ctx->iv, cdata->iv, AES_BLOCK_SIZE);
+ break;
+
+ default:
+ return 0;
+ }
+
+ /* Clean the realign buffer if it was used */
+ if (out_misaligned) {
+ volatile unsigned long *p = (void *)out;
+ size_t n = allocated / sizeof(*p);
+ while (n--)
+ *p++ = 0;
+ }
+
+ memset(cdata->iv, 0, AES_BLOCK_SIZE);
+
+ return 1;
+}
+
+# endif /* OPENSSL_NO_AES */
+
+/* ===== Random Number Generator ===== */
+/*
+ * This code is not engaged. The reason is that it does not comply
+ * with recommendations for VIA RNG usage for secure applications
+ * (posted at http://www.via.com.tw/en/viac3/c3.jsp) nor does it
+ * provide meaningful error control...
+ */
+/*
+ * Wrapper that provides an interface between the API and the raw PadLock
+ * RNG
+ */
+static int padlock_rand_bytes(unsigned char *output, int count)
+{
+ unsigned int eax, buf;
+
+ while (count >= 8) {
+ eax = padlock_xstore(output, 0);
+ if (!(eax & (1 << 6)))
+ return 0; /* RNG disabled */
+ /* this ---vv--- covers DC bias, Raw Bits and String Filter */
+ if (eax & (0x1F << 10))
+ return 0;
+ if ((eax & 0x1F) == 0)
+ continue; /* no data, retry... */
+ if ((eax & 0x1F) != 8)
+ return 0; /* fatal failure... */
+ output += 8;
+ count -= 8;
+ }
+ while (count > 0) {
+ eax = padlock_xstore(&buf, 3);
+ if (!(eax & (1 << 6)))
+ return 0; /* RNG disabled */
+ /* this ---vv--- covers DC bias, Raw Bits and String Filter */
+ if (eax & (0x1F << 10))
+ return 0;
+ if ((eax & 0x1F) == 0)
+ continue; /* no data, retry... */
+ if ((eax & 0x1F) != 1)
+ return 0; /* fatal failure... */
+ *output++ = (unsigned char)buf;
+ count--;
+ }
+ *(volatile unsigned int *)&buf = 0;
+
+ return 1;
+}
+
+/* Dummy but necessary function */
+static int padlock_rand_status(void)
+{
+ return 1;
+}
+
+/* Prepare structure for registration */
+static RAND_METHOD padlock_rand = {
+ NULL, /* seed */
+ padlock_rand_bytes, /* bytes */
+ NULL, /* cleanup */
+ NULL, /* add */
+ padlock_rand_bytes, /* pseudorand */
+ padlock_rand_status, /* rand status */
+};
+
+# else /* !COMPILE_HW_PADLOCK */
+# ifndef OPENSSL_NO_DYNAMIC_ENGINE
+OPENSSL_EXPORT
+ int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns);
+OPENSSL_EXPORT
+ int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns)
+{
+ return 0;
+}
+
+IMPLEMENT_DYNAMIC_CHECK_FN()
+# endif
+# endif /* COMPILE_HW_PADLOCK */
+# endif /* !OPENSSL_NO_HW_PADLOCK */
+#endif /* !OPENSSL_NO_HW */
Copied: trunk/crypto/openssl/engines/e_padlock.ec (from rev 7117, vendor-crypto/openssl/dist/engines/e_padlock.ec)
===================================================================
--- trunk/crypto/openssl/engines/e_padlock.ec (rev 0)
+++ trunk/crypto/openssl/engines/e_padlock.ec 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1 @@
+L PADLOCK e_padlock_err.h e_padlock_err.c
Modified: trunk/crypto/openssl/engines/e_sureware.c
===================================================================
--- trunk/crypto/openssl/engines/e_sureware.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/engines/e_sureware.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -712,10 +712,12 @@
/* set public big nums */
rsatmp->e = BN_new();
rsatmp->n = BN_new();
+ if(!rsatmp->e || !rsatmp->n)
+ goto err;
bn_expand2(rsatmp->e, el / sizeof(BN_ULONG));
bn_expand2(rsatmp->n, el / sizeof(BN_ULONG));
- if (!rsatmp->e || rsatmp->e->dmax != (int)(el / sizeof(BN_ULONG)) ||
- !rsatmp->n || rsatmp->n->dmax != (int)(el / sizeof(BN_ULONG)))
+ if (rsatmp->e->dmax != (int)(el / sizeof(BN_ULONG)) ||
+ rsatmp->n->dmax != (int)(el / sizeof(BN_ULONG)))
goto err;
ret = p_surewarehk_Load_Rsa_Pubkey(msg, key_id, el,
(unsigned long *)rsatmp->n->d,
@@ -752,15 +754,16 @@
dsatmp->p = BN_new();
dsatmp->q = BN_new();
dsatmp->g = BN_new();
+ if(!dsatmp->pub_key || !dsatmp->p || !dsatmp->q || !dsatmp->g)
+ goto err;
bn_expand2(dsatmp->pub_key, el / sizeof(BN_ULONG));
bn_expand2(dsatmp->p, el / sizeof(BN_ULONG));
bn_expand2(dsatmp->q, 20 / sizeof(BN_ULONG));
bn_expand2(dsatmp->g, el / sizeof(BN_ULONG));
- if (!dsatmp->pub_key
- || dsatmp->pub_key->dmax != (int)(el / sizeof(BN_ULONG))
- || !dsatmp->p || dsatmp->p->dmax != (int)(el / sizeof(BN_ULONG))
- || !dsatmp->q || dsatmp->q->dmax != 20 / sizeof(BN_ULONG)
- || !dsatmp->g || dsatmp->g->dmax != (int)(el / sizeof(BN_ULONG)))
+ if (dsatmp->pub_key->dmax != (int)(el / sizeof(BN_ULONG))
+ || dsatmp->p->dmax != (int)(el / sizeof(BN_ULONG))
+ || dsatmp->q->dmax != 20 / sizeof(BN_ULONG)
+ || dsatmp->g->dmax != (int)(el / sizeof(BN_ULONG)))
goto err;
ret = p_surewarehk_Load_Dsa_Pubkey(msg, key_id, el,
@@ -799,8 +802,6 @@
}
return res;
err:
- if (res)
- EVP_PKEY_free(res);
# ifndef OPENSSL_NO_RSA
if (rsatmp)
RSA_free(rsatmp);
@@ -1040,10 +1041,12 @@
}
psign->r = BN_new();
psign->s = BN_new();
+ if(!psign->r || !psign->s)
+ goto err;
bn_expand2(psign->r, 20 / sizeof(BN_ULONG));
bn_expand2(psign->s, 20 / sizeof(BN_ULONG));
- if (!psign->r || psign->r->dmax != 20 / sizeof(BN_ULONG) ||
- !psign->s || psign->s->dmax != 20 / sizeof(BN_ULONG))
+ if (psign->r->dmax != 20 / sizeof(BN_ULONG) ||
+ psign->s->dmax != 20 / sizeof(BN_ULONG))
goto err;
ret = p_surewarehk_Dsa_Sign(msg, flen, from,
(unsigned long *)psign->r->d,
@@ -1072,9 +1075,9 @@
char msg[64] = "ENGINE_modexp";
if (!p_surewarehk_Mod_Exp) {
SUREWAREerr(SUREWARE_F_SUREWAREHK_MODEXP, ENGINE_R_NOT_INITIALISED);
- } else {
+ } else if (r) {
bn_expand2(r, m->top);
- if (r && r->dmax == m->top) {
+ if (r->dmax == m->top) {
/* do it */
ret = p_surewarehk_Mod_Exp(msg,
m->top * sizeof(BN_ULONG),
Modified: trunk/crypto/openssl/engines/e_ubsec.c
===================================================================
--- trunk/crypto/openssl/engines/e_ubsec.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/engines/e_ubsec.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -94,17 +94,17 @@
static int ubsec_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void));
static int ubsec_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx);
+# ifndef OPENSSL_NO_RSA
static int ubsec_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *q, const BIGNUM *dp,
const BIGNUM *dq, const BIGNUM *qinv,
BN_CTX *ctx);
-# ifndef OPENSSL_NO_RSA
static int ubsec_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa,
BN_CTX *ctx);
-# endif
static int ubsec_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx,
BN_MONT_CTX *m_ctx);
+# endif
# ifndef OPENSSL_NO_DSA
# ifdef NOT_USED
static int ubsec_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
@@ -310,10 +310,10 @@
static t_UBSEC_diffie_hellman_agree_ioctl *p_UBSEC_diffie_hellman_agree_ioctl
= NULL;
# endif
-/* #ifndef OPENSSL_NO_RSA */
+# ifndef OPENSSL_NO_RSA
static t_UBSEC_rsa_mod_exp_ioctl *p_UBSEC_rsa_mod_exp_ioctl = NULL;
static t_UBSEC_rsa_mod_exp_crt_ioctl *p_UBSEC_rsa_mod_exp_crt_ioctl = NULL;
-/* #endif */
+# endif
# ifndef OPENSSL_NO_DSA
static t_UBSEC_dsa_sign_ioctl *p_UBSEC_dsa_sign_ioctl = NULL;
static t_UBSEC_dsa_verify_ioctl *p_UBSEC_dsa_verify_ioctl = NULL;
@@ -631,7 +631,6 @@
err:
return to_return;
}
-# endif
static int ubsec_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *q, const BIGNUM *dp,
@@ -679,6 +678,7 @@
r->top = (BN_num_bits(p) + BN_num_bits(q) + BN_BITS2 - 1) / BN_BITS2;
return 1;
}
+# endif
# ifndef OPENSSL_NO_DSA
# ifdef NOT_USED
@@ -714,6 +714,8 @@
# endif
# endif
+# ifndef OPENSSL_NO_RSA
+
/*
* This function is aliased to mod_exp (with the mont stuff dropped).
*/
@@ -723,19 +725,17 @@
{
int ret = 0;
-# ifndef OPENSSL_NO_RSA
/* Do in software if the key is too large for the hardware. */
if (BN_num_bits(m) > max_key_len) {
const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
ret = (*meth->bn_mod_exp) (r, a, p, m, ctx, m_ctx);
- } else
-# endif
- {
+ } else {
ret = ubsec_mod_exp(r, a, p, m, ctx);
}
return ret;
}
+# endif
# ifndef OPENSSL_NO_DH
/* This function is aliased to mod_exp (with the dh and mont dropped). */
@@ -967,11 +967,11 @@
if (dh->pub_key == NULL) {
pub_key = BN_new();
+ if (pub_key == NULL)
+ goto err;
pub_key_len = BN_num_bits(dh->p);
if (bn_wexpand(pub_key, dh->p->top) == NULL)
goto err;
- if (pub_key == NULL)
- goto err;
} else {
pub_key = dh->pub_key;
}
Modified: trunk/crypto/openssl/engines/vendor_defns/hwcryptohook.h
===================================================================
--- trunk/crypto/openssl/engines/vendor_defns/hwcryptohook.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/engines/vendor_defns/hwcryptohook.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -180,32 +180,32 @@
* be power of 2 */
int mslimbfirst; /* 0 or 1 */
int msbytefirst; /* 0 or 1; -1 = native */
- /*-
- * All the callback functions should return 0 on success, or a
- * nonzero integer (whose value will be visible in the error message
- * put in the buffer passed to the call).
- *
- * If a callback is not available pass a null function pointer.
- *
- * The callbacks may not call down again into the crypto plugin.
- */
- /*-
- * For thread-safety. Set everything to 0 if you promise only to be
- * singlethreaded. maxsimultaneous is the number of calls to
- * ModExp[Crt]/RSAImmed{Priv,Pub}/RSA. If you don't know what to
- * put there then say 0 and the hook library will use a default.
- *
- * maxmutexes is a small limit on the number of simultaneous mutexes
- * which will be requested by the library. If there is no small
- * limit, set it to 0. If the crypto plugin cannot create the
- * advertised number of mutexes the calls to its functions may fail.
- * If a low number of mutexes is advertised the plugin will try to
- * do the best it can. Making larger numbers of mutexes available
- * may improve performance and parallelism by reducing contention
- * over critical sections. Unavailability of any mutexes, implying
- * single-threaded operation, should be indicated by the setting
- * mutex_init et al to 0.
- */
+ /*-
+ * All the callback functions should return 0 on success, or a
+ * nonzero integer (whose value will be visible in the error message
+ * put in the buffer passed to the call).
+ *
+ * If a callback is not available pass a null function pointer.
+ *
+ * The callbacks may not call down again into the crypto plugin.
+ */
+ /*-
+ * For thread-safety. Set everything to 0 if you promise only to be
+ * singlethreaded. maxsimultaneous is the number of calls to
+ * ModExp[Crt]/RSAImmed{Priv,Pub}/RSA. If you don't know what to
+ * put there then say 0 and the hook library will use a default.
+ *
+ * maxmutexes is a small limit on the number of simultaneous mutexes
+ * which will be requested by the library. If there is no small
+ * limit, set it to 0. If the crypto plugin cannot create the
+ * advertised number of mutexes the calls to its functions may fail.
+ * If a low number of mutexes is advertised the plugin will try to
+ * do the best it can. Making larger numbers of mutexes available
+ * may improve performance and parallelism by reducing contention
+ * over critical sections. Unavailability of any mutexes, implying
+ * single-threaded operation, should be indicated by the setting
+ * mutex_init et al to 0.
+ */
int maxmutexes;
int maxsimultaneous;
size_t mutexsize;
@@ -214,12 +214,12 @@
int (*mutex_acquire) (HWCryptoHook_Mutex *);
void (*mutex_release) (HWCryptoHook_Mutex *);
void (*mutex_destroy) (HWCryptoHook_Mutex *);
- /*-
- * For greater efficiency, can use condition vars internally for
- * synchronisation. In this case maxsimultaneous is ignored, but
- * the other mutex stuff must be available. In singlethreaded
- * programs, set everything to 0.
- */
+ /*-
+ * For greater efficiency, can use condition vars internally for
+ * synchronisation. In this case maxsimultaneous is ignored, but
+ * the other mutex stuff must be available. In singlethreaded
+ * programs, set everything to 0.
+ */
size_t condvarsize;
int (*condvar_init) (HWCryptoHook_CondVar *,
HWCryptoHook_CallerContext * cactx);
@@ -227,103 +227,103 @@
void (*condvar_signal) (HWCryptoHook_CondVar *);
void (*condvar_broadcast) (HWCryptoHook_CondVar *);
void (*condvar_destroy) (HWCryptoHook_CondVar *);
- /*-
- * The semantics of acquiring and releasing mutexes and broadcasting
- * and waiting on condition variables are expected to be those from
- * POSIX threads (pthreads). The mutexes may be (in pthread-speak)
- * fast mutexes, recursive mutexes, or nonrecursive ones.
- *
- * The _release/_signal/_broadcast and _destroy functions must
- * always succeed when given a valid argument; if they are given an
- * invalid argument then the program (crypto plugin + application)
- * has an internal error, and they should abort the program.
- */
+ /*-
+ * The semantics of acquiring and releasing mutexes and broadcasting
+ * and waiting on condition variables are expected to be those from
+ * POSIX threads (pthreads). The mutexes may be (in pthread-speak)
+ * fast mutexes, recursive mutexes, or nonrecursive ones.
+ *
+ * The _release/_signal/_broadcast and _destroy functions must
+ * always succeed when given a valid argument; if they are given an
+ * invalid argument then the program (crypto plugin + application)
+ * has an internal error, and they should abort the program.
+ */
int (*getpassphrase) (const char *prompt_info,
int *len_io, char *buf,
HWCryptoHook_PassphraseContext * ppctx,
HWCryptoHook_CallerContext * cactx);
- /*-
- * Passphrases and the prompt_info, if they contain high-bit-set
- * characters, are UTF-8. The prompt_info may be a null pointer if
- * no prompt information is available (it should not be an empty
- * string). It will not contain text like `enter passphrase';
- * instead it might say something like `Operator Card for John
- * Smith' or `SmartCard in nFast Module #1, Slot #1'.
- *
- * buf points to a buffer in which to return the passphrase; on
- * entry *len_io is the length of the buffer. It should be updated
- * by the callback. The returned passphrase should not be
- * null-terminated by the callback.
- */
+ /*-
+ * Passphrases and the prompt_info, if they contain high-bit-set
+ * characters, are UTF-8. The prompt_info may be a null pointer if
+ * no prompt information is available (it should not be an empty
+ * string). It will not contain text like `enter passphrase';
+ * instead it might say something like `Operator Card for John
+ * Smith' or `SmartCard in nFast Module #1, Slot #1'.
+ *
+ * buf points to a buffer in which to return the passphrase; on
+ * entry *len_io is the length of the buffer. It should be updated
+ * by the callback. The returned passphrase should not be
+ * null-terminated by the callback.
+ */
int (*getphystoken) (const char *prompt_info,
const char *wrong_info,
HWCryptoHook_PassphraseContext * ppctx,
HWCryptoHook_CallerContext * cactx);
- /*-
- * Requests that the human user physically insert a different
- * smartcard, DataKey, etc. The plugin should check whether the
- * currently inserted token(s) are appropriate, and if they are it
- * should not make this call.
- *
- * prompt_info is as before. wrong_info is a description of the
- * currently inserted token(s) so that the user is told what
- * something is. wrong_info, like prompt_info, may be null, but
- * should not be an empty string. Its contents should be
- * syntactically similar to that of prompt_info.
- */
- /*-
- * Note that a single LoadKey operation might cause several calls to
- * getpassphrase and/or requestphystoken. If requestphystoken is
- * not provided (ie, a null pointer is passed) then the plugin may
- * not support loading keys for which authorisation by several cards
- * is required. If getpassphrase is not provided then cards with
- * passphrases may not be supported.
- *
- * getpassphrase and getphystoken do not need to check that the
- * passphrase has been entered correctly or the correct token
- * inserted; the crypto plugin will do that. If this is not the
- * case then the crypto plugin is responsible for calling these
- * routines again as appropriate until the correct token(s) and
- * passphrase(s) are supplied as required, or until any retry limits
- * implemented by the crypto plugin are reached.
- *
- * In either case, the application must allow the user to say `no'
- * or `cancel' to indicate that they do not know the passphrase or
- * have the appropriate token; this should cause the callback to
- * return nonzero indicating error.
- */
+ /*-
+ * Requests that the human user physically insert a different
+ * smartcard, DataKey, etc. The plugin should check whether the
+ * currently inserted token(s) are appropriate, and if they are it
+ * should not make this call.
+ *
+ * prompt_info is as before. wrong_info is a description of the
+ * currently inserted token(s) so that the user is told what
+ * something is. wrong_info, like prompt_info, may be null, but
+ * should not be an empty string. Its contents should be
+ * syntactically similar to that of prompt_info.
+ */
+ /*-
+ * Note that a single LoadKey operation might cause several calls to
+ * getpassphrase and/or requestphystoken. If requestphystoken is
+ * not provided (ie, a null pointer is passed) then the plugin may
+ * not support loading keys for which authorisation by several cards
+ * is required. If getpassphrase is not provided then cards with
+ * passphrases may not be supported.
+ *
+ * getpassphrase and getphystoken do not need to check that the
+ * passphrase has been entered correctly or the correct token
+ * inserted; the crypto plugin will do that. If this is not the
+ * case then the crypto plugin is responsible for calling these
+ * routines again as appropriate until the correct token(s) and
+ * passphrase(s) are supplied as required, or until any retry limits
+ * implemented by the crypto plugin are reached.
+ *
+ * In either case, the application must allow the user to say `no'
+ * or `cancel' to indicate that they do not know the passphrase or
+ * have the appropriate token; this should cause the callback to
+ * return nonzero indicating error.
+ */
void (*logmessage) (void *logstream, const char *message);
- /*-
- * A log message will be generated at least every time something goes
- * wrong and an ErrMsgBuf is filled in (or would be if one was
- * provided). Other diagnostic information may be written there too,
- * including more detailed reasons for errors which are reported in an
- * ErrMsgBuf.
- *
- * When a log message is generated, this callback is called. It
- * should write a message to the relevant logging arrangements.
- *
- * The message string passed will be null-terminated and may be of arbitrary
- * length. It will not be prefixed by the time and date, nor by the
- * name of the library that is generating it - if this is required,
- * the logmessage callback must do it. The message will not have a
- * trailing newline (though it may contain internal newlines).
- *
- * If a null pointer is passed for logmessage a default function is
- * used. The default function treats logstream as a FILE* which has
- * been converted to a void*. If logstream is 0 it does nothing.
- * Otherwise it prepends the date and time and library name and
- * writes the message to logstream. Each line will be prefixed by a
- * descriptive string containing the date, time and identity of the
- * crypto plugin. Errors on the logstream are not reported
- * anywhere, and the default function doesn't flush the stream, so
- * the application must set the buffering how it wants it.
- *
- * The crypto plugin may also provide a facility to have copies of
- * log messages sent elsewhere, and or for adjusting the verbosity
- * of the log messages; any such facilities will be configured by
- * external means.
- */
+ /*-
+ * A log message will be generated at least every time something goes
+ * wrong and an ErrMsgBuf is filled in (or would be if one was
+ * provided). Other diagnostic information may be written there too,
+ * including more detailed reasons for errors which are reported in an
+ * ErrMsgBuf.
+ *
+ * When a log message is generated, this callback is called. It
+ * should write a message to the relevant logging arrangements.
+ *
+ * The message string passed will be null-terminated and may be of arbitrary
+ * length. It will not be prefixed by the time and date, nor by the
+ * name of the library that is generating it - if this is required,
+ * the logmessage callback must do it. The message will not have a
+ * trailing newline (though it may contain internal newlines).
+ *
+ * If a null pointer is passed for logmessage a default function is
+ * used. The default function treats logstream as a FILE* which has
+ * been converted to a void*. If logstream is 0 it does nothing.
+ * Otherwise it prepends the date and time and library name and
+ * writes the message to logstream. Each line will be prefixed by a
+ * descriptive string containing the date, time and identity of the
+ * crypto plugin. Errors on the logstream are not reported
+ * anywhere, and the default function doesn't flush the stream, so
+ * the application must set the buffering how it wants it.
+ *
+ * The crypto plugin may also provide a facility to have copies of
+ * log messages sent elsewhere, and or for adjusting the verbosity
+ * of the log messages; any such facilities will be configured by
+ * external means.
+ */
} HWCryptoHook_InitInfo;
typedef
Copied: trunk/crypto/openssl/include/openssl/camellia.h (from rev 7117, vendor-crypto/openssl/dist/include/openssl/camellia.h)
===================================================================
--- trunk/crypto/openssl/include/openssl/camellia.h (rev 0)
+++ trunk/crypto/openssl/include/openssl/camellia.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1 @@
+link ../../crypto/camellia/camellia.h
\ No newline at end of file
Copied: trunk/crypto/openssl/include/openssl/cmac.h (from rev 7117, vendor-crypto/openssl/dist/include/openssl/cmac.h)
===================================================================
--- trunk/crypto/openssl/include/openssl/cmac.h (rev 0)
+++ trunk/crypto/openssl/include/openssl/cmac.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1 @@
+link ../../crypto/cmac/cmac.h
\ No newline at end of file
Copied: trunk/crypto/openssl/include/openssl/cms.h (from rev 7117, vendor-crypto/openssl/dist/include/openssl/cms.h)
===================================================================
--- trunk/crypto/openssl/include/openssl/cms.h (rev 0)
+++ trunk/crypto/openssl/include/openssl/cms.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1 @@
+link ../../crypto/cms/cms.h
\ No newline at end of file
Deleted: trunk/crypto/openssl/include/openssl/fips.h
===================================================================
--- trunk/crypto/openssl/include/openssl/fips.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/include/openssl/fips.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1 +0,0 @@
-link ../../fips/fips.h
\ No newline at end of file
Deleted: trunk/crypto/openssl/include/openssl/fips_rand.h
===================================================================
--- trunk/crypto/openssl/include/openssl/fips_rand.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/include/openssl/fips_rand.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1 +0,0 @@
-link ../../fips/rand/fips_rand.h
\ No newline at end of file
Deleted: trunk/crypto/openssl/include/openssl/md2.h
===================================================================
--- trunk/crypto/openssl/include/openssl/md2.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/include/openssl/md2.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1 +0,0 @@
-link ../../crypto/md2/md2.h
\ No newline at end of file
Copied: trunk/crypto/openssl/include/openssl/mdc2.h (from rev 7117, vendor-crypto/openssl/dist/include/openssl/mdc2.h)
===================================================================
--- trunk/crypto/openssl/include/openssl/mdc2.h (rev 0)
+++ trunk/crypto/openssl/include/openssl/mdc2.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1 @@
+link ../../crypto/mdc2/mdc2.h
\ No newline at end of file
Copied: trunk/crypto/openssl/include/openssl/modes.h (from rev 7117, vendor-crypto/openssl/dist/include/openssl/modes.h)
===================================================================
--- trunk/crypto/openssl/include/openssl/modes.h (rev 0)
+++ trunk/crypto/openssl/include/openssl/modes.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1 @@
+link ../../crypto/modes/modes.h
\ No newline at end of file
Deleted: trunk/crypto/openssl/include/openssl/pq_compat.h
===================================================================
--- trunk/crypto/openssl/include/openssl/pq_compat.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/include/openssl/pq_compat.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1 +0,0 @@
-link ../../crypto/pqueue/pq_compat.h
\ No newline at end of file
Copied: trunk/crypto/openssl/include/openssl/seed.h (from rev 7117, vendor-crypto/openssl/dist/include/openssl/seed.h)
===================================================================
--- trunk/crypto/openssl/include/openssl/seed.h (rev 0)
+++ trunk/crypto/openssl/include/openssl/seed.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1 @@
+link ../../crypto/seed/seed.h
\ No newline at end of file
Copied: trunk/crypto/openssl/include/openssl/srp.h (from rev 7117, vendor-crypto/openssl/dist/include/openssl/srp.h)
===================================================================
--- trunk/crypto/openssl/include/openssl/srp.h (rev 0)
+++ trunk/crypto/openssl/include/openssl/srp.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1 @@
+link ../../crypto/srp/srp.h
\ No newline at end of file
Copied: trunk/crypto/openssl/include/openssl/srtp.h (from rev 7117, vendor-crypto/openssl/dist/include/openssl/srtp.h)
===================================================================
--- trunk/crypto/openssl/include/openssl/srtp.h (rev 0)
+++ trunk/crypto/openssl/include/openssl/srtp.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1 @@
+link ../../ssl/srtp.h
\ No newline at end of file
Deleted: trunk/crypto/openssl/include/openssl/store.h
===================================================================
--- trunk/crypto/openssl/include/openssl/store.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/include/openssl/store.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1 +0,0 @@
-link ../../crypto/store/store.h
\ No newline at end of file
Deleted: trunk/crypto/openssl/include/openssl/tmdiff.h
===================================================================
--- trunk/crypto/openssl/include/openssl/tmdiff.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/include/openssl/tmdiff.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1 +0,0 @@
-link ../../crypto/tmdiff.h
\ No newline at end of file
Copied: trunk/crypto/openssl/include/openssl/ts.h (from rev 7117, vendor-crypto/openssl/dist/include/openssl/ts.h)
===================================================================
--- trunk/crypto/openssl/include/openssl/ts.h (rev 0)
+++ trunk/crypto/openssl/include/openssl/ts.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1 @@
+link ../../crypto/ts/ts.h
\ No newline at end of file
Copied: trunk/crypto/openssl/include/openssl/whrlpool.h (from rev 7117, vendor-crypto/openssl/dist/include/openssl/whrlpool.h)
===================================================================
--- trunk/crypto/openssl/include/openssl/whrlpool.h (rev 0)
+++ trunk/crypto/openssl/include/openssl/whrlpool.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1 @@
+link ../../crypto/whrlpool/whrlpool.h
\ No newline at end of file
Copied: trunk/crypto/openssl/install.com (from rev 7117, vendor-crypto/openssl/dist/install.com)
===================================================================
--- trunk/crypto/openssl/install.com (rev 0)
+++ trunk/crypto/openssl/install.com 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,136 @@
+$! INSTALL.COM -- Installs the files in a given directory tree
+$!
+$! Author: Richard Levitte <richard at levitte.org>
+$! Time of creation: 22-MAY-1998 10:13
+$!
+$! P1 root of the directory tree
+$! P2 "64" for 64-bit pointers.
+$!
+$!
+$! Announce/identify.
+$!
+$ proc = f$environment( "procedure")
+$ write sys$output "@@@ "+ -
+ f$parse( proc, , , "name")+ f$parse( proc, , , "type")
+$!
+$ def_orig = f$environment( "default")
+$ on error then goto tidy
+$ on control_c then goto tidy
+$!
+$ if (p1 .eqs. "")
+$ then
+$ write sys$output "First argument missing."
+$ write sys$output -
+ "It should be the directory where you want things installed."
+$ exit
+$ endif
+$!
+$ if (f$getsyi("cpu") .lt. 128)
+$ then
+$ arch = "VAX"
+$ else
+$ arch = f$edit( f$getsyi( "arch_name"), "upcase")
+$ if (arch .eqs. "") then arch = "UNK"
+$ endif
+$!
+$ archd = arch
+$!
+$ if (p2 .nes. "")
+$ then
+$ if (p2 .eqs. "64")
+$ then
+$ archd = arch+ "_64"
+$ else
+$ if (p2 .nes. "32")
+$ then
+$ write sys$output "Second argument invalid."
+$ write sys$output "It should be "32", "64", or nothing."
+$ exit
+$ endif
+$ endif
+$ endif
+$!
+$ root = f$parse( p1, "[]A.;0", , , "syntax_only, no_conceal") - "A.;0"
+$ root_dev = f$parse( root, , , "device", "syntax_only")
+$ root_dir = f$parse( root, , , "directory", "syntax_only") -
+ - ".][000000" - "[000000." - "][" - "[" - "]"
+$ root = root_dev + "[" + root_dir
+$!
+$ define /nolog wrk_sslroot 'root'.] /trans=conc
+$ define /nolog wrk_sslcerts wrk_sslroot:[certs]
+$ define /nolog wrk_sslinclude wrk_sslroot:[include]
+$ define /nolog wrk_ssllib wrk_sslroot:[lib]
+$ define /nolog wrk_sslprivate wrk_sslroot:[private]
+$ define /nolog wrk_sslxexe wrk_sslroot:['archd'_exe]
+$ define /nolog wrk_sslxlib wrk_sslroot:['arch'_lib]
+$!
+$! Exhibit the destination directory.
+$!
+$ write sys$output " Installing to (WRK_SSLROOT) ="
+$ write sys$output " ''f$trnlnm( "wrk_sslroot")'"
+$ write sys$output ""
+$!
+$ if f$parse("wrk_sslroot:[000000]") .eqs. "" then -
+ create /directory /log wrk_sslroot:[000000]
+$ if f$parse("wrk_sslxexe:") .eqs. "" then -
+ create /directory /log wrk_sslxexe:
+$ if f$parse("wrk_sslxlib:") .eqs. "" then -
+ create /directory /log wrk_sslxlib:
+$ if f$parse("wrk_ssllib:") .eqs. "" then -
+ create /directory /log wrk_ssllib:
+$ if f$parse("wrk_sslinclude:") .eqs. "" then -
+ create /directory /log wrk_sslinclude:
+$ if f$parse("wrk_sslcerts:") .eqs. "" then -
+ create /directory /log wrk_sslcerts:
+$ if f$parse("wrk_sslprivate:") .eqs. "" then -
+ create /directory /log wrk_sslprivate:
+$ if f$parse("wrk_sslroot:[VMS]") .EQS. "" THEN -
+ create /directory /log wrk_sslroot:[VMS]
+$!
+$ sdirs := CRYPTO, SSL, APPS, VMS !!!, RSAREF, TEST, TOOLS
+$ exheader := e_os2.h
+$!
+$ copy /protection = w:re 'exheader' wrk_sslinclude: /log
+$!
+$ i = 0
+$ loop_sdirs:
+$ d = f$edit( f$element(i, ",", sdirs), "trim")
+$ i = i + 1
+$ if d .eqs. "," then goto loop_sdirs_end
+$ write sys$output "Installing ", d, " files."
+$ set default [.'d']
+$ @ install-'d'.com 'root'] 'p2'
+$ set default 'def_orig'
+$ goto loop_sdirs
+$ loop_sdirs_end:
+$!
+$ write sys$output ""
+$ write sys$output " Installation done!"
+$ write sys$output ""
+$ if (f$search( root+ "...]*.*;-1") .nes. "")
+$ then
+$ write sys$output " You might want to purge ", root, "...]"
+$ write sys$output ""
+$ endif
+$!
+$ tidy:
+$!
+$ set default 'def_orig'
+$!
+$ call deass wrk_sslroot
+$ call deass wrk_sslcerts
+$ call deass wrk_sslinclude
+$ call deass wrk_ssllib
+$ call deass wrk_sslprivate
+$ call deass wrk_sslxexe
+$ call deass wrk_sslxlib
+$!
+$ exit
+$!
+$ deass: subroutine
+$ if (f$trnlnm( p1, "LNM$PROCESS") .nes. "")
+$ then
+$ deassign /process 'p1'
+$ endif
+$ endsubroutine
+$!
Copied: trunk/crypto/openssl/makevms.com (from rev 7117, vendor-crypto/openssl/dist/makevms.com)
===================================================================
--- trunk/crypto/openssl/makevms.com (rev 0)
+++ trunk/crypto/openssl/makevms.com 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,1551 @@
+$!
+$! MAKEVMS.COM
+$! Original Author: UNKNOWN
+$! Rewritten By: Robert Byer
+$! Vice-President
+$! A-Com Computing, Inc.
+$! byer at mail.all-net.net
+$!
+$! Changes by Richard Levitte <richard at levitte.org>
+$! Zoltan Arpadffy <zoli at polarhome.com>
+$!
+$! This procedure creates the SSL libraries of "[.xxx.EXE.CRYPTO]LIBCRYPTO.OLB"
+$! "[.xxx.EXE.SSL]LIBSSL.OLB"
+$! The "xxx" denotes the machine architecture of ALPHA, IA64 or VAX.
+$!
+$! This procedures accepts two command line options listed below.
+$!
+$! P1 specifies one of the following build options:
+$!
+$! ALL Just build "everything".
+$! CONFIG Just build the "[.CRYPTO._xxx]OPENSSLCONF.H" file.
+$! BUILDINF Just build the "[.CRYPTO._xxx]BUILDINF.H" file.
+$! SOFTLINKS Just fix the Unix soft links.
+$! BUILDALL Same as ALL, except CONFIG, BUILDINF and SOFTILNKS aren't done.
+$! CRYPTO Just build the "[.xxx.EXE.CRYPTO]LIBCRYPTO.OLB" library.
+$! CRYPTO/x Just build the x part of the
+$! "[.xxx.EXE.CRYPTO]LIBCRYPTO.OLB" library.
+$! SSL Just build the "[.xxx.EXE.SSL]LIBSSL.OLB" library.
+$! SSL_TASK Just build the "[.xxx.EXE.SSL]SSL_TASK.EXE" program.
+$! TEST Just build the "[.xxx.EXE.TEST]" test programs for OpenSSL.
+$! APPS Just build the "[.xxx.EXE.APPS]" application programs for OpenSSL.
+$! ENGINES Just build the "[.xxx.EXE.ENGINES]" application programs for OpenSSL.
+$!
+$! P2, if defined, specifies the C pointer size. Ignored on VAX.
+$! ("64=ARGV" gives more efficient code with HP C V7.3 or newer.)
+$! Supported values are:
+$!
+$! "" Compile with default (/NOPOINTER_SIZE).
+$! 32 Compile with /POINTER_SIZE=32 (SHORT).
+$! 64 Compile with /POINTER_SIZE=64[=ARGV] (LONG[=ARGV]).
+$! (Automatically select ARGV if compiler supports it.)
+$! 64= Compile with /POINTER_SIZE=64 (LONG).
+$! 64=ARGV Compile with /POINTER_SIZE=64=ARGV (LONG=ARGV).
+$!
+$! P3 specifies DEBUG or NODEBUG, to compile with or without debugging
+$! information.
+$!
+$! P4 specifies which compiler to try to compile under.
+$!
+$! VAXC For VAX C.
+$! DECC For DEC C.
+$! GNUC For GNU C.
+$! LINK To only link the programs from existing object files.
+$! (not yet implemented)
+$!
+$! If you don't specify a compiler, it will try to determine which
+$! "C" compiler to use.
+$!
+$! P5, if defined, sets a TCP/IP library to use, through one of the following
+$! keywords:
+$!
+$! UCX for UCX or UCX emulation
+$! TCPIP for TCP/IP Services or TCP/IP Services emulation
+$! (this is prefered over UCX)
+$! SOCKETSHR for SOCKETSHR+NETLIB
+$! NONE to avoid specifying which TCP/IP implementation to
+$! use at build time (this works with DEC C). This is
+$! the default.
+$!
+$! P6, if defined, sets a compiler thread NOT needed on OpenVMS 7.1 (and up).
+$!
+$! P7, if defined, specifies a directory where ZLIB files (zlib.h,
+$! libz.olb) may be found. Optionally, a non-default object library
+$! name may be included ("dev:[dir]libz_64.olb", for example).
+$!
+$!
+$! Announce/identify.
+$!
+$ proc = f$environment( "procedure")
+$ write sys$output "@@@ "+ -
+ f$parse( proc, , , "name")+ f$parse( proc, , , "type")
+$!
+$ DEF_ORIG = F$ENVIRONMENT( "DEFAULT")
+$ ON ERROR THEN GOTO TIDY
+$ ON CONTROL_C THEN GOTO TIDY
+$!
+$! Check if we're in a batch job, and make sure we get to
+$! the directory this script is in
+$!
+$ IF F$MODE() .EQS. "BATCH"
+$ THEN
+$ COMNAME=F$ENVIRONMENT("PROCEDURE")
+$ COMPATH=F$PARSE("A.;",COMNAME) - "A.;"
+$ SET DEF 'COMPATH'
+$ ENDIF
+$!
+$! Check What Architecture We Are Using.
+$!
+$ IF (F$GETSYI("CPU").LT.128)
+$ THEN
+$!
+$! The Architecture Is VAX.
+$!
+$ ARCH = "VAX"
+$!
+$! Else...
+$!
+$ ELSE
+$!
+$! The Architecture Is Alpha, IA64 or whatever comes in the future.
+$!
+$ ARCH = F$EDIT( F$GETSYI( "ARCH_NAME"), "UPCASE")
+$ IF (ARCH .EQS. "") THEN ARCH = "UNK"
+$!
+$! End The Architecture Check.
+$!
+$ ENDIF
+$!
+$ ARCHD = ARCH
+$ LIB32 = "32"
+$ POINTER_SIZE = ""
+$!
+$! Get VMS version.
+$!
+$ VMS_VERSION = f$edit( f$getsyi( "VERSION"), "TRIM")
+$!
+$! Check To Make Sure We Have Valid Command Line Parameters.
+$!
+$ GOSUB CHECK_OPTIONS
+$!
+$! Check To See What We Are To Do.
+$!
+$ IF (BUILDCOMMAND.EQS."ALL")
+$ THEN
+$!
+$! Start with building the OpenSSL configuration file.
+$!
+$ GOSUB CONFIG
+$!
+$! Create The "BUILDINF.H" Include File.
+$!
+$ GOSUB BUILDINF
+$!
+$! Fix The Unix Softlinks.
+$!
+$ GOSUB SOFTLINKS
+$!
+$ ENDIF
+$!
+$ IF (BUILDCOMMAND.EQS."ALL".OR.BUILDCOMMAND.EQS."BUILDALL")
+$ THEN
+$!
+$! Build The [.xxx.EXE.CRYPTO]LIBCRYPTO.OLB Library.
+$!
+$ GOSUB CRYPTO
+$!
+$! Build The [.xxx.EXE.SSL]LIBSSL.OLB Library.
+$!
+$ GOSUB SSL
+$!
+$! Build The [.xxx.EXE.SSL]SSL_TASK.EXE DECNet SSL Engine.
+$!
+$ GOSUB SSL_TASK
+$!
+$! Build The [.xxx.EXE.TEST] OpenSSL Test Utilities.
+$!
+$ GOSUB TEST
+$!
+$! Build The [.xxx.EXE.APPS] OpenSSL Application Utilities.
+$!
+$ GOSUB APPS
+$!
+$! Build The [.xxx.EXE.ENGINES] OpenSSL Shareable Engines.
+$!
+$ GOSUB ENGINES
+$!
+$! Else...
+$!
+$ ELSE
+$!
+$! Build Just What The User Wants Us To Build.
+$!
+$ GOSUB 'BUILDCOMMAND'
+$!
+$ ENDIF
+$!
+$! Time To EXIT.
+$!
+$ GOTO TIDY
+$!
+$! Rebuild The [.CRYPTO._xxx]OPENSSLCONF.H" file.
+$!
+$ CONFIG:
+$!
+$! Tell The User We Are Creating The [.CRYPTO._xxx]OPENSSLCONF.H File.
+$!
+$ WRITE SYS$OUTPUT "Creating [.CRYPTO.''ARCHD']OPENSSLCONF.H Include File."
+$!
+$! First, make sure the directory exists.
+$!
+$ IF F$PARSE("SYS$DISK:[.CRYPTO.''ARCHD']") .EQS. "" THEN -
+ CREATE/DIRECTORY SYS$DISK:[.CRYPTO.'ARCHD']
+$!
+$! Different tar/UnZip versions/option may have named the file differently
+$ IF F$SEARCH("[.crypto]opensslconf.h_in") .NES. ""
+$ THEN
+$ OPENSSLCONF_H_IN = "[.crypto]opensslconf.h_in"
+$ ELSE
+$ IF F$SEARCH( "[.crypto]opensslconf_h.in") .NES. ""
+$ THEN
+$ OPENSSLCONF_H_IN = "[.crypto]opensslconf_h.in"
+$ ELSE
+$ ! For ODS-5
+$ IF F$SEARCH( "[.crypto]opensslconf.h.in") .NES. ""
+$ THEN
+$ OPENSSLCONF_H_IN = "[.crypto]opensslconf.h.in"
+$ ELSE
+$ WRITE SYS$ERROR "Couldn't find a [.crypto]opensslconf.h.in. Exiting!"
+$ $STATUS = %X00018294 ! "%RMS-F-FNF, file not found".
+$ GOTO TIDY
+$ ENDIF
+$ ENDIF
+$ ENDIF
+$!
+$! Create The [.CRYPTO._xxx]OPENSSLCONF.H File.
+$! Make sure it has the right format.
+$!
+$ OSCH_NAME = "SYS$DISK:[.CRYPTO.''ARCHD']OPENSSLCONF.H"
+$ CREATE /FDL=SYS$INPUT: 'OSCH_NAME'
+RECORD
+ FORMAT stream_lf
+$ OPEN /APPEND H_FILE 'OSCH_NAME'
+$!
+$! Write The [.CRYPTO._xxx]OPENSSLCONF.H File.
+$!
+$ WRITE H_FILE "/* This file was automatically built using makevms.com */"
+$ WRITE H_FILE "/* and ''OPENSSLCONF_H_IN' */"
+$!
+$! Write a few macros that indicate how this system was built.
+$!
+$ WRITE H_FILE ""
+$ WRITE H_FILE "#ifndef OPENSSL_SYS_VMS"
+$ WRITE H_FILE "# define OPENSSL_SYS_VMS"
+$ WRITE H_FILE "#endif"
+$
+$! One of the best way to figure out what the list should be is to do
+$! the following on a Unix system:
+$! grep OPENSSL_NO_ crypto/*/*.h ssl/*.h engines/*.h engines/*/*.h|grep ':# *if'|sed -e 's/^.*def //'|sort|uniq
+$! For that reason, the list will also always end up in alphabetical order
+$ CONFIG_LOGICALS := AES,-
+ ASM,INLINE_ASM,-
+ BF,-
+ BIO,-
+ BUFFER,-
+ BUF_FREELISTS,-
+ CAMELLIA,-
+ CAST,-
+ CMS,-
+ COMP,-
+ DEPRECATED,-
+ DES,-
+ DGRAM,-
+ DH,-
+ DSA,-
+ EC,-
+ EC2M,-
+ ECDH,-
+ ECDSA,-
+ EC_NISTP_64_GCC_128,-
+ ENGINE,-
+ ERR,-
+ EVP,-
+ FP_API,-
+ GMP,-
+ GOST,-
+ HASH_COMP,-
+ HMAC,-
+ IDEA,-
+ JPAKE,-
+ KRB5,-
+ LHASH,-
+ MD2,-
+ MD4,-
+ MD5,-
+ MDC2,-
+ NEXTPROTONEG,-
+ OCSP,-
+ PSK,-
+ RC2,-
+ RC4,-
+ RC5,-
+ RFC3779,-
+ RIPEMD,-
+ RSA,-
+ SEED,-
+ SHA,-
+ SHA0,-
+ SHA1,-
+ SHA256,-
+ SHA512,-
+ SOCK,-
+ SRP,-
+ SSL2,-
+ SSL_INTERN,-
+ STACK,-
+ STATIC_ENGINE,-
+ STDIO,-
+ STORE,-
+ TLSEXT,-
+ WHIRLPOOL,-
+ X509
+$! Add a few that we know about
+$ CONFIG_LOGICALS := 'CONFIG_LOGICALS',-
+ THREADS
+$! The following rules, which dictate how some algorithm choices affect
+$! others, are picked from Configure.
+$! Quick syntax:
+$! list = item[ ; list]
+$! item = algos / dependents
+$! algos = algo [, algos]
+$! dependents = dependent [, dependents]
+$! When a list of algos is specified in one item, it means that they must
+$! all be disabled for the rule to apply.
+$! When a list of dependents is specified in one item, it means that they
+$! will all be disabled if the rule applies.
+$! Rules are checked sequentially. If a rule disables an algorithm, it will
+$! affect all following rules that depend on that algorithm being disabled.
+$! To force something to be enabled or disabled, have no algorithms in the
+$! algos part.
+$ CONFIG_DISABLE_RULES := RIJNDAEL/AES;-
+ DES/MDC2;-
+ EC/ECDSA,ECDH;-
+ MD5/SSL2,SSL3,TLS1;-
+ SHA/SSL3,TLS1;-
+ RSA/SSL2;-
+ RSA,DSA/SSL2;-
+ DH/SSL3,TLS1;-
+ TLS1/TLSEXT;-
+ EC/GOST;-
+ DSA/GOST;-
+ DH/GOST;-
+ /STATIC_ENGINE;-
+ /KRB5;-
+ /EC_NISTP_64_GCC_128;-
+ /GMP;-
+ /MD2;-
+ /RC5;-
+ /RFC3779;-
+ /SCTP
+$ CONFIG_ENABLE_RULES := ZLIB_DYNAMIC/ZLIB;-
+ /THREADS
+$
+$! Architecture specific rule addtions
+$ IF ARCH .EQS. "VAX"
+$ THEN
+$ ! Disable algorithms that require 64-bit integers in C
+$ CONFIG_DISABLE_RULES = CONFIG_DISABLE_RULES + -
+ ";/GOST" + -
+ ";/WHIRLPOOL"
+$ ENDIF
+$
+$ CONFIG_LOG_I = 0
+$ CONFIG_LOG_LOOP1:
+$ CONFIG_LOG_E = F$EDIT(F$ELEMENT(CONFIG_LOG_I,",",CONFIG_LOGICALS),"TRIM")
+$ CONFIG_LOG_I = CONFIG_LOG_I + 1
+$ IF CONFIG_LOG_E .EQS. "" THEN GOTO CONFIG_LOG_LOOP1
+$ IF CONFIG_LOG_E .EQS. "," THEN GOTO CONFIG_LOG_LOOP1_END
+$ IF F$TRNLNM("OPENSSL_NO_"+CONFIG_LOG_E)
+$ THEN
+$ CONFIG_DISABLED_'CONFIG_LOG_E' := YES
+$ CONFIG_ENABLED_'CONFIG_LOG_E' := NO
+$ CONFIG_CHANGED_'CONFIG_LOG_E' := YES
+$ ELSE
+$ CONFIG_DISABLED_'CONFIG_LOG_E' := NO
+$ CONFIG_ENABLED_'CONFIG_LOG_E' := YES
+$ ! Because all algorithms are assumed enabled by default
+$ CONFIG_CHANGED_'CONFIG_LOG_E' := NO
+$ ENDIF
+$ GOTO CONFIG_LOG_LOOP1
+$ CONFIG_LOG_LOOP1_END:
+$
+$! Apply cascading disable rules
+$ CONFIG_DISABLE_I = 0
+$ CONFIG_DISABLE_LOOP0:
+$ CONFIG_DISABLE_E = F$EDIT(F$ELEMENT(CONFIG_DISABLE_I,";", -
+ CONFIG_DISABLE_RULES),"TRIM")
+$ CONFIG_DISABLE_I = CONFIG_DISABLE_I + 1
+$ IF CONFIG_DISABLE_E .EQS. "" THEN GOTO CONFIG_DISABLE_LOOP0
+$ IF CONFIG_DISABLE_E .EQS. ";" THEN GOTO CONFIG_DISABLE_LOOP0_END
+$
+$ CONFIG_DISABLE_ALGOS = F$EDIT(F$ELEMENT(0,"/",CONFIG_DISABLE_E),"TRIM")
+$ CONFIG_DISABLE_DEPENDENTS = F$EDIT(F$ELEMENT(1,"/",CONFIG_DISABLE_E),"TRIM")
+$ TO_DISABLE := YES
+$ CONFIG_ALGO_I = 0
+$ CONFIG_DISABLE_LOOP1:
+$ CONFIG_ALGO_E = F$EDIT(F$ELEMENT(CONFIG_ALGO_I,",", -
+ CONFIG_DISABLE_ALGOS),"TRIM")
+$ CONFIG_ALGO_I = CONFIG_ALGO_I + 1
+$ IF CONFIG_ALGO_E .EQS. "" THEN GOTO CONFIG_DISABLE_LOOP1
+$ IF CONFIG_ALGO_E .EQS. "," THEN GOTO CONFIG_DISABLE_LOOP1_END
+$ IF F$TYPE(CONFIG_DISABLED_'CONFIG_ALGO_E') .EQS. ""
+$ THEN
+$ TO_DISABLE := NO
+$ ELSE
+$ IF .NOT. CONFIG_DISABLED_'CONFIG_ALGO_E' THEN TO_DISABLE := NO
+$ ENDIF
+$ GOTO CONFIG_DISABLE_LOOP1
+$ CONFIG_DISABLE_LOOP1_END:
+$
+$ IF TO_DISABLE
+$ THEN
+$ CONFIG_DEPENDENT_I = 0
+$ CONFIG_DISABLE_LOOP2:
+$ CONFIG_DEPENDENT_E = F$EDIT(F$ELEMENT(CONFIG_DEPENDENT_I,",", -
+ CONFIG_DISABLE_DEPENDENTS),"TRIM")
+$ CONFIG_DEPENDENT_I = CONFIG_DEPENDENT_I + 1
+$ IF CONFIG_DEPENDENT_E .EQS. "" THEN GOTO CONFIG_DISABLE_LOOP2
+$ IF CONFIG_DEPENDENT_E .EQS. "," THEN GOTO CONFIG_DISABLE_LOOP2_END
+$ CONFIG_DISABLED_'CONFIG_DEPENDENT_E' := YES
+$ CONFIG_ENABLED_'CONFIG_DEPENDENT_E' := NO
+$ ! Better not to assume defaults at this point...
+$ CONFIG_CHANGED_'CONFIG_DEPENDENT_E' := YES
+$ WRITE SYS$ERROR -
+ "''CONFIG_DEPENDENT_E' disabled by rule ''CONFIG_DISABLE_E'"
+$ GOTO CONFIG_DISABLE_LOOP2
+$ CONFIG_DISABLE_LOOP2_END:
+$ ENDIF
+$ GOTO CONFIG_DISABLE_LOOP0
+$ CONFIG_DISABLE_LOOP0_END:
+$
+$! Apply cascading enable rules
+$ CONFIG_ENABLE_I = 0
+$ CONFIG_ENABLE_LOOP0:
+$ CONFIG_ENABLE_E = F$EDIT(F$ELEMENT(CONFIG_ENABLE_I,";", -
+ CONFIG_ENABLE_RULES),"TRIM")
+$ CONFIG_ENABLE_I = CONFIG_ENABLE_I + 1
+$ IF CONFIG_ENABLE_E .EQS. "" THEN GOTO CONFIG_ENABLE_LOOP0
+$ IF CONFIG_ENABLE_E .EQS. ";" THEN GOTO CONFIG_ENABLE_LOOP0_END
+$
+$ CONFIG_ENABLE_ALGOS = F$EDIT(F$ELEMENT(0,"/",CONFIG_ENABLE_E),"TRIM")
+$ CONFIG_ENABLE_DEPENDENTS = F$EDIT(F$ELEMENT(1,"/",CONFIG_ENABLE_E),"TRIM")
+$ TO_ENABLE := YES
+$ CONFIG_ALGO_I = 0
+$ CONFIG_ENABLE_LOOP1:
+$ CONFIG_ALGO_E = F$EDIT(F$ELEMENT(CONFIG_ALGO_I,",", -
+ CONFIG_ENABLE_ALGOS),"TRIM")
+$ CONFIG_ALGO_I = CONFIG_ALGO_I + 1
+$ IF CONFIG_ALGO_E .EQS. "" THEN GOTO CONFIG_ENABLE_LOOP1
+$ IF CONFIG_ALGO_E .EQS. "," THEN GOTO CONFIG_ENABLE_LOOP1_END
+$ IF F$TYPE(CONFIG_ENABLED_'CONFIG_ALGO_E') .EQS. ""
+$ THEN
+$ TO_ENABLE := NO
+$ ELSE
+$ IF .NOT. CONFIG_ENABLED_'CONFIG_ALGO_E' THEN TO_ENABLE := NO
+$ ENDIF
+$ GOTO CONFIG_ENABLE_LOOP1
+$ CONFIG_ENABLE_LOOP1_END:
+$
+$ IF TO_ENABLE
+$ THEN
+$ CONFIG_DEPENDENT_I = 0
+$ CONFIG_ENABLE_LOOP2:
+$ CONFIG_DEPENDENT_E = F$EDIT(F$ELEMENT(CONFIG_DEPENDENT_I,",", -
+ CONFIG_ENABLE_DEPENDENTS),"TRIM")
+$ CONFIG_DEPENDENT_I = CONFIG_DEPENDENT_I + 1
+$ IF CONFIG_DEPENDENT_E .EQS. "" THEN GOTO CONFIG_ENABLE_LOOP2
+$ IF CONFIG_DEPENDENT_E .EQS. "," THEN GOTO CONFIG_ENABLE_LOOP2_END
+$ CONFIG_DISABLED_'CONFIG_DEPENDENT_E' := NO
+$ CONFIG_ENABLED_'CONFIG_DEPENDENT_E' := YES
+$ ! Better not to assume defaults at this point...
+$ CONFIG_CHANGED_'CONFIG_DEPENDENT_E' := YES
+$ WRITE SYS$ERROR -
+ "''CONFIG_DEPENDENT_E' enabled by rule ''CONFIG_ENABLE_E'"
+$ GOTO CONFIG_ENABLE_LOOP2
+$ CONFIG_ENABLE_LOOP2_END:
+$ ENDIF
+$ GOTO CONFIG_ENABLE_LOOP0
+$ CONFIG_ENABLE_LOOP0_END:
+$
+$! Write to the configuration
+$ CONFIG_LOG_I = 0
+$ CONFIG_LOG_LOOP2:
+$ CONFIG_LOG_E = F$EDIT(F$ELEMENT(CONFIG_LOG_I,",",CONFIG_LOGICALS),"TRIM")
+$ CONFIG_LOG_I = CONFIG_LOG_I + 1
+$ IF CONFIG_LOG_E .EQS. "" THEN GOTO CONFIG_LOG_LOOP2
+$ IF CONFIG_LOG_E .EQS. "," THEN GOTO CONFIG_LOG_LOOP2_END
+$ IF CONFIG_CHANGED_'CONFIG_LOG_E'
+$ THEN
+$ IF CONFIG_DISABLED_'CONFIG_LOG_E'
+$ THEN
+$ WRITE H_FILE "#ifndef OPENSSL_NO_",CONFIG_LOG_E
+$ WRITE H_FILE "# define OPENSSL_NO_",CONFIG_LOG_E
+$ WRITE H_FILE "#endif"
+$ ELSE
+$ WRITE H_FILE "#ifndef OPENSSL_",CONFIG_LOG_E
+$ WRITE H_FILE "# define OPENSSL_",CONFIG_LOG_E
+$ WRITE H_FILE "#endif"
+$ ENDIF
+$ ENDIF
+$ GOTO CONFIG_LOG_LOOP2
+$ CONFIG_LOG_LOOP2_END:
+$!
+$ WRITE H_FILE ""
+$ WRITE H_FILE "/* 2011-02-23 SMS."
+$ WRITE H_FILE " * On VMS (V8.3), setvbuf() doesn't support a 64-bit"
+$ WRITE H_FILE " * ""in"" pointer, and the help says:"
+$ WRITE H_FILE " * Please note that the previously documented"
+$ WRITE H_FILE " * value _IONBF is not supported."
+$ WRITE H_FILE " * So, skip it on VMS."
+$ WRITE H_FILE " */"
+$ WRITE H_FILE "#define OPENSSL_NO_SETVBUF_IONBF"
+$ WRITE H_FILE "/* STCP support comes with TCPIP 5.7 ECO 2 "
+$ WRITE H_FILE " * enable on newer systems / 2012-02-24 arpadffy */"
+$ WRITE H_FILE "#define OPENSSL_NO_SCTP"
+$ WRITE H_FILE ""
+$!
+$! Add in the common "crypto/opensslconf.h.in".
+$!
+$ TYPE 'OPENSSLCONF_H_IN' /OUTPUT=H_FILE:
+$!
+$ IF ARCH .NES. "VAX"
+$ THEN
+$!
+$! Write the non-VAX specific data
+$!
+$ WRITE H_FILE "#if defined(HEADER_RC4_H)"
+$ WRITE H_FILE "#undef RC4_INT"
+$ WRITE H_FILE "#define RC4_INT unsigned int"
+$ WRITE H_FILE "#undef RC4_CHUNK"
+$ WRITE H_FILE "#define RC4_CHUNK unsigned long long"
+$ WRITE H_FILE "#endif"
+$!
+$ WRITE H_FILE "#if defined(HEADER_DES_LOCL_H)"
+$ WRITE H_FILE "#undef DES_LONG"
+$ WRITE H_FILE "#define DES_LONG unsigned int"
+$ WRITE H_FILE "#undef DES_PTR"
+$ WRITE H_FILE "#define DES_PTR"
+$ WRITE H_FILE "#undef DES_RISC1"
+$ WRITE H_FILE "#undef DES_RISC2"
+$ WRITE H_FILE "#define DES_RISC1"
+$ WRITE H_FILE "#undef DES_UNROLL"
+$ WRITE H_FILE "#define DES_UNROLL"
+$ WRITE H_FILE "#endif"
+$!
+$ WRITE H_FILE "#if defined(HEADER_BN_H)"
+$ WRITE H_FILE "#undef BN_LLONG" ! Never define with SIXTY_FOUR_BIT
+$ WRITE H_FILE "#undef SIXTY_FOUR_BIT_LONG"
+$ WRITE H_FILE "#undef SIXTY_FOUR_BIT"
+$ WRITE H_FILE "#define SIXTY_FOUR_BIT"
+$ WRITE H_FILE "#undef THIRTY_TWO_BIT"
+$ WRITE H_FILE "#undef SIXTEEN_BIT"
+$ WRITE H_FILE "#undef EIGHT_BIT"
+$ WRITE H_FILE "#endif"
+$
+$ WRITE H_FILE "#undef OPENSSL_EXPORT_VAR_AS_FUNCTION"
+$!
+$! Else...
+$!
+$ ELSE
+$!
+$! Write the VAX specific data
+$!
+$ WRITE H_FILE "#if defined(HEADER_RC4_H)"
+$ WRITE H_FILE "#undef RC4_INT"
+$ WRITE H_FILE "#define RC4_INT unsigned char"
+$ WRITE H_FILE "#undef RC4_CHUNK"
+$ WRITE H_FILE "#define RC4_CHUNK unsigned long"
+$ WRITE H_FILE "#endif"
+$!
+$ WRITE H_FILE "#if defined(HEADER_DES_LOCL_H)"
+$ WRITE H_FILE "#undef DES_LONG"
+$ WRITE H_FILE "#define DES_LONG unsigned long"
+$ WRITE H_FILE "#undef DES_PTR"
+$ WRITE H_FILE "#define DES_PTR"
+$ WRITE H_FILE "#undef DES_RISC1"
+$ WRITE H_FILE "#undef DES_RISC2"
+$ WRITE H_FILE "#undef DES_UNROLL"
+$ WRITE H_FILE "#endif"
+$!
+$ WRITE H_FILE "#if defined(HEADER_BN_H)"
+$ WRITE H_FILE "#undef BN_LLONG" ! VAX C/DEC C doesn't have long long
+$ WRITE H_FILE "#undef SIXTY_FOUR_BIT_LONG"
+$ WRITE H_FILE "#undef SIXTY_FOUR_BIT"
+$ WRITE H_FILE "#undef THIRTY_TWO_BIT"
+$ WRITE H_FILE "#define THIRTY_TWO_BIT"
+$ WRITE H_FILE "#undef SIXTEEN_BIT"
+$ WRITE H_FILE "#undef EIGHT_BIT"
+$ WRITE H_FILE "#endif"
+$!
+$! Oddly enough, the following symbol is tested in crypto/sha/sha512.c
+$! before sha.h gets included (and HEADER_SHA_H defined), so we will not
+$! protect this one...
+$ WRITE H_FILE "#undef OPENSSL_NO_SHA512"
+$ WRITE H_FILE "#define OPENSSL_NO_SHA512"
+$!
+$ WRITE H_FILE "#undef OPENSSL_EXPORT_VAR_AS_FUNCTION"
+$ WRITE H_FILE "#define OPENSSL_EXPORT_VAR_AS_FUNCTION"
+$!
+$! End
+$!
+$ ENDIF
+$!
+$! Close the [.CRYPTO._xxx]OPENSSLCONF.H file
+$!
+$ CLOSE H_FILE
+$!
+$! Purge The [.CRYPTO._xxx]OPENSSLCONF.H file
+$!
+$ PURGE SYS$DISK:[.CRYPTO.'ARCHD']OPENSSLCONF.H
+$!
+$! That's All, Time To RETURN.
+$!
+$ RETURN
+$!
+$! Rebuild The "[.CRYPTO._xxx]BUILDINF.H" file.
+$!
+$ BUILDINF:
+$!
+$! Tell The User We Are Creating The [.CRYPTO._xxx]BUILDINF.H File.
+$!
+$ WRITE SYS$OUTPUT "Creating [.CRYPTO.''ARCHD']BUILDINF.H Include File."
+$!
+$! Create The [.CRYPTO._xxx]BUILDINF.H File.
+$!
+$ BIH_NAME = "SYS$DISK:[.CRYPTO.''ARCHD']BUILDINF.H"
+$ CREATE /FDL=SYS$INPUT: 'BIH_NAME'
+RECORD
+ FORMAT stream_lf
+$!
+$ OPEN /APPEND H_FILE 'bih_name'
+$!
+$! Get The Current Date & Time.
+$!
+$ TIME = F$TIME()
+$!
+$! Write The [.CRYPTO._xxx]BUILDINF.H File.
+$!
+$ CFLAGS = ""
+$ if (POINTER_SIZE .nes. "")
+$ then
+$ CFLAGS = CFLAGS+ "/POINTER_SIZE=''POINTER_SIZE'"
+$ endif
+$ if (ZLIB .nes. "")
+$ then
+$ if (CFLAGS .nes. "") then CFLAGS = CFLAGS+ " "
+$ CFLAGS = CFLAGS+ "/DEFINE=ZLIB"
+$ endif
+$!
+$ WRITE H_FILE "#define CFLAGS cflags"
+$ WRITE H_FILE "static const char cflags[] = ""compiler: ''CFLAGS'"";"
+$ WRITE H_FILE "#define PLATFORM ""platform: VMS ''ARCHD' ''VMS_VERSION'"""
+$ WRITE H_FILE "#define DATE ""built on: ''TIME'"" "
+$!
+$! Close The [.CRYPTO._xxx]BUILDINF.H File.
+$!
+$ CLOSE H_FILE
+$!
+$! Purge The [.CRYPTO._xxx]BUILDINF.H File.
+$!
+$ PURGE SYS$DISK:[.CRYPTO.'ARCHD']BUILDINF.H
+$!
+$! Delete [.CRYPTO]BUILDINF.H File, as there might be some residue from Unix.
+$!
+$ IF F$SEARCH("[.CRYPTO]BUILDINF.H") .NES. "" THEN -
+ DELETE SYS$DISK:[.CRYPTO]BUILDINF.H;*
+$!
+$! That's All, Time To RETURN.
+$!
+$ RETURN
+$!
+$! Copy a lot of files around.
+$!
+$ SOFTLINKS:
+$!
+$!!!! Tell The User We Are Partly Rebuilding The [.APPS] Directory.
+$!!!!
+$!!! WRITE SYS$OUTPUT "Rebuilding The '[.APPS]MD4.C' File."
+$!!!!
+$!!! DELETE SYS$DISK:[.APPS]MD4.C;*
+$!!!!
+$!!!! Copy MD4.C from [.CRYPTO.MD4] into [.APPS]
+$!!!!
+$!!! COPY SYS$DISK:[.CRYPTO.MD4]MD4.C SYS$DISK:[.APPS]
+$!
+$! Ensure that the [.include.openssl] directory contains a full set of
+$! real header files. The distribution kit may have left real or fake
+$! symlinks there. Rather than think about what's there, simply delete
+$! the destination files (fake or real symlinks) before copying the real
+$! header files in. (Copying a real header file onto a real symlink
+$! merely duplicates the real header file at its source.)
+$!
+$! Tell The User We Are Rebuilding The [.include.openssl] Directory.
+$!
+$ WRITE SYS$OUTPUT "Rebuilding The '[.include.openssl]' Directory."
+$!
+$! First, make sure the directory exists. If it did exist, delete all
+$! the existing header files (or fake or real symlinks).
+$!
+$ if f$parse( "sys$disk:[.include.openssl]") .eqs. ""
+$ then
+$ create /directory sys$disk:[.include.openssl]
+$ else
+$ delete sys$disk:[.include.openssl]*.h;*
+$ endif
+$!
+$! Copy All The ".H" Files From The Main Directory.
+$!
+$ EXHEADER := e_os2.h
+$ copy 'exheader' sys$disk:[.include.openssl]
+$!
+$! Copy All The ".H" Files From The [.CRYPTO] Directory Tree.
+$!
+$ SDIRS := , -
+ 'ARCHD', -
+ OBJECTS, -
+ MD4, MD5, SHA, MDC2, HMAC, RIPEMD, WHRLPOOL, -
+ DES, AES, RC2, RC4, IDEA, BF, CAST, CAMELLIA, SEED, MODES, -
+ BN, EC, RSA, DSA, ECDSA, DH, ECDH, DSO, ENGINE, -
+ BUFFER, BIO, STACK, LHASH, RAND, ERR, -
+ EVP, ASN1, PEM, X509, X509V3, CONF, TXT_DB, PKCS7, PKCS12, -
+ COMP, OCSP, UI, KRB5, -
+ CMS, PQUEUE, TS, JPAKE, SRP, STORE, CMAC
+$!
+$ EXHEADER_ := crypto.h, opensslv.h, ebcdic.h, symhacks.h, ossl_typ.h
+$ EXHEADER_'ARCHD' := opensslconf.h
+$ EXHEADER_OBJECTS := objects.h, obj_mac.h
+$ EXHEADER_MD2 := md2.h
+$ EXHEADER_MD4 := md4.h
+$ EXHEADER_MD5 := md5.h
+$ EXHEADER_SHA := sha.h
+$ EXHEADER_MDC2 := mdc2.h
+$ EXHEADER_HMAC := hmac.h
+$ EXHEADER_RIPEMD := ripemd.h
+$ EXHEADER_WHRLPOOL := whrlpool.h
+$ EXHEADER_DES := des.h, des_old.h
+$ EXHEADER_AES := aes.h
+$ EXHEADER_RC2 := rc2.h
+$ EXHEADER_RC4 := rc4.h
+$ EXHEADER_RC5 := rc5.h
+$ EXHEADER_IDEA := idea.h
+$ EXHEADER_BF := blowfish.h
+$ EXHEADER_CAST := cast.h
+$ EXHEADER_CAMELLIA := camellia.h
+$ EXHEADER_SEED := seed.h
+$ EXHEADER_MODES := modes.h
+$ EXHEADER_BN := bn.h
+$ EXHEADER_EC := ec.h
+$ EXHEADER_RSA := rsa.h
+$ EXHEADER_DSA := dsa.h
+$ EXHEADER_ECDSA := ecdsa.h
+$ EXHEADER_DH := dh.h
+$ EXHEADER_ECDH := ecdh.h
+$ EXHEADER_DSO := dso.h
+$ EXHEADER_ENGINE := engine.h
+$ EXHEADER_BUFFER := buffer.h
+$ EXHEADER_BIO := bio.h
+$ EXHEADER_STACK := stack.h, safestack.h
+$ EXHEADER_LHASH := lhash.h
+$ EXHEADER_RAND := rand.h
+$ EXHEADER_ERR := err.h
+$ EXHEADER_EVP := evp.h
+$ EXHEADER_ASN1 := asn1.h, asn1_mac.h, asn1t.h
+$ EXHEADER_PEM := pem.h, pem2.h
+$ EXHEADER_X509 := x509.h, x509_vfy.h
+$ EXHEADER_X509V3 := x509v3.h
+$ EXHEADER_CONF := conf.h, conf_api.h
+$ EXHEADER_TXT_DB := txt_db.h
+$ EXHEADER_PKCS7 := pkcs7.h
+$ EXHEADER_PKCS12 := pkcs12.h
+$ EXHEADER_COMP := comp.h
+$ EXHEADER_OCSP := ocsp.h
+$ EXHEADER_UI := ui.h, ui_compat.h
+$ EXHEADER_KRB5 := krb5_asn.h
+$ EXHEADER_CMS := cms.h
+$ EXHEADER_PQUEUE := pqueue.h
+$ EXHEADER_TS := ts.h
+$ EXHEADER_JPAKE := jpake.h
+$ EXHEADER_SRP := srp.h
+$!!! EXHEADER_STORE := store.h, str_compat.h
+$ EXHEADER_STORE := store.h
+$ EXHEADER_CMAC := cmac.h
+$!
+$ i = 0
+$ loop_sdirs:
+$ sdir = f$edit( f$element( i, ",", sdirs), "trim")
+$ i = i + 1
+$ if (sdir .eqs. ",") then goto loop_sdirs_end
+$ hdr_list = exheader_'sdir'
+$ if (sdir .nes. "") then sdir = "."+ sdir
+$ copy [.crypto'sdir']'hdr_list' sys$disk:[.include.openssl]
+$ goto loop_sdirs
+$ loop_sdirs_end:
+$!
+$! Copy All The ".H" Files From The [.SSL] Directory.
+$!
+$! (keep these in the same order as ssl/Makefile)
+$ EXHEADER := ssl.h, ssl2.h, ssl3.h, ssl23.h, tls1.h, dtls1.h, kssl.h, srtp.h
+$ copy sys$disk:[.ssl]'exheader' sys$disk:[.include.openssl]
+$!
+$! Purge the [.include.openssl] header files.
+$!
+$ purge sys$disk:[.include.openssl]*.h
+$!
+$! That's All, Time To RETURN.
+$!
+$ RETURN
+$!
+$! Build The "[.xxx.EXE.CRYPTO]SSL_LIBCRYPTO''LIB32'.OLB" Library.
+$!
+$ CRYPTO:
+$!
+$! Tell The User What We Are Doing.
+$!
+$ WRITE SYS$OUTPUT ""
+$ WRITE SYS$OUTPUT -
+ "Building The [.",ARCHD,".EXE.CRYPTO]SSL_LIBCRYPTO''LIB32'.OLB Library."
+$!
+$! Go To The [.CRYPTO] Directory.
+$!
+$ SET DEFAULT SYS$DISK:[.CRYPTO]
+$!
+$! Build The [.xxx.EXE.CRYPTO]LIBCRYPTO.OLB Library.
+$!
+$ @CRYPTO-LIB LIBRARY 'DEBUGGER' "''COMPILER'" "''TCPIP_TYPE'" -
+ "''ISSEVEN'" "''BUILDPART'" "''POINTER_SIZE'" "''ZLIB'"
+$!
+$! Build The [.xxx.EXE.CRYPTO]*.EXE Test Applications.
+$!
+$!!! DISABLED, as these test programs lack any support
+$!!!$ @CRYPTO-LIB APPS 'DEBUGGER' "''COMPILER'" "''TCPIP_TYPE'" -
+$!!! "''ISSEVEN'" "''BUILDPART'" "''POINTER_SIZE'" "''ZLIB'"
+$!
+$! Go Back To The Main Directory.
+$!
+$ SET DEFAULT [-]
+$!
+$! Time To RETURN.
+$!
+$ RETURN
+$!
+$! Build The "[.xxx.EXE.SSL]SSL_LIBSSL''LIB32'.OLB" Library.
+$!
+$ SSL:
+$!
+$! Tell The User What We Are Doing.
+$!
+$ WRITE SYS$OUTPUT ""
+$ WRITE SYS$OUTPUT -
+ "Building The [.",ARCHD,".EXE.SSL]SSL_LIBSSL''LIB32'.OLB Library."
+$!
+$! Go To The [.SSL] Directory.
+$!
+$ SET DEFAULT SYS$DISK:[.SSL]
+$!
+$! Build The [.xxx.EXE.SSL]LIBSSL.OLB Library.
+$!
+$ @SSL-LIB LIBRARY 'DEBUGGER' "''COMPILER'" "''TCPIP_TYPE'" -
+ "''ISSEVEN'" "''POINTER_SIZE'" "''ZLIB'"
+$!
+$! Go Back To The Main Directory.
+$!
+$ SET DEFAULT [-]
+$!
+$! Time To Return.
+$!
+$ RETURN
+$!
+$! Build The "[.xxx.EXE.SSL]SSL_TASK.EXE" Program.
+$!
+$ SSL_TASK:
+$!
+$! Tell The User What We Are Doing.
+$!
+$ WRITE SYS$OUTPUT ""
+$ WRITE SYS$OUTPUT -
+ "Building DECNet Based SSL Engine, [.",ARCHD,".EXE.SSL]SSL_TASK.EXE"
+$!
+$! Go To The [.SSL] Directory.
+$!
+$ SET DEFAULT SYS$DISK:[.SSL]
+$!
+$! Build The [.xxx.EXE.SSL]SSL_TASK.EXE
+$!
+$ @SSL-LIB SSL_TASK 'DEBUGGER' "''COMPILER'" "''TCPIP_TYPE'" -
+ "''ISSEVEN'" "''POINTER_SIZE'" "''ZLIB'"
+$!
+$! Go Back To The Main Directory.
+$!
+$ SET DEFAULT [-]
+$!
+$! That's All, Time To RETURN.
+$!
+$ RETURN
+$!
+$! Build The OpenSSL Test Programs.
+$!
+$ TEST:
+$!
+$! Tell The User What We Are Doing.
+$!
+$ WRITE SYS$OUTPUT ""
+$ WRITE SYS$OUTPUT "Building The OpenSSL [.",ARCHD,".EXE.TEST] Test Utilities."
+$!
+$! Go To The [.TEST] Directory.
+$!
+$ SET DEFAULT SYS$DISK:[.TEST]
+$!
+$! Build The Test Programs.
+$!
+$ @MAKETESTS 'DEBUGGER' "''COMPILER'" "''TCPIP_TYPE'" "''ISSEVEN'" -
+ "''POINTER_SIZE'" "''ZLIB'"
+$!
+$! Go Back To The Main Directory.
+$!
+$ SET DEFAULT [-]
+$!
+$! That's All, Time To RETURN.
+$!
+$ RETURN
+$!
+$! Build The OpenSSL Application Programs.
+$!
+$ APPS:
+$!
+$! Tell The User What We Are Doing.
+$!
+$ WRITE SYS$OUTPUT ""
+$ WRITE SYS$OUTPUT "Building OpenSSL [.",ARCHD,".EXE.APPS] Applications."
+$!
+$! Go To The [.APPS] Directory.
+$!
+$ SET DEFAULT SYS$DISK:[.APPS]
+$!
+$! Build The Application Programs.
+$!
+$ @MAKEAPPS 'DEBUGGER' "''COMPILER'" "''TCPIP_TYPE'" "''ISSEVEN'" -
+ "" "''POINTER_SIZE'" "''ZLIB'"
+$!
+$! Go Back To The Main Directory.
+$!
+$ SET DEFAULT [-]
+$!
+$! That's All, Time To RETURN.
+$!
+$ RETURN
+$!
+$! Build The OpenSSL Application Programs.
+$!
+$ ENGINES:
+$!
+$! Tell The User What We Are Doing.
+$!
+$ WRITE SYS$OUTPUT ""
+$ WRITE SYS$OUTPUT "Building OpenSSL [.",ARCHD,".EXE.ENGINES] Engines."
+$!
+$! Go To The [.ENGINES] Directory.
+$!
+$ SET DEFAULT SYS$DISK:[.ENGINES]
+$!
+$! Build The Application Programs.
+$!
+$ @MAKEENGINES ENGINES 'DEBUGGER' "''COMPILER'" "''TCPIP_TYPE'" -
+ "''ISSEVEN'" "''BUILDPART'" "''POINTER_SIZE'" "''ZLIB'"
+$!
+$! Go Back To The Main Directory.
+$!
+$ SET DEFAULT [-]
+$!
+$! That's All, Time To RETURN.
+$!
+$ RETURN
+$!
+$! Check The User's Options.
+$!
+$ CHECK_OPTIONS:
+$!
+$! Check if there's a "part", and separate it out
+$!
+$ BUILDPART = F$ELEMENT(1,"/",P1)
+$ IF BUILDPART .EQS. "/"
+$ THEN
+$ BUILDPART = ""
+$ ELSE
+$ P1 = F$EXTRACT(0,F$LENGTH(P1) - F$LENGTH(BUILDPART) - 1, P1)
+$ ENDIF
+$!
+$! Check To See If P1 Is Blank.
+$!
+$ IF (P1.EQS."ALL")
+$ THEN
+$!
+$! P1 Is ALL, So Build Everything.
+$!
+$ BUILDCOMMAND = "ALL"
+$!
+$! Else...
+$!
+$ ELSE
+$!
+$! Else, Check To See If P1 Has A Valid Argument.
+$!
+$ IF (P1.EQS."CONFIG").OR.(P1.EQS."BUILDINF").OR.(P1.EQS."SOFTLINKS") -
+ .OR.(P1.EQS."BUILDALL") -
+ .OR.(P1.EQS."CRYPTO").OR.(P1.EQS."SSL") -
+ .OR.(P1.EQS."SSL_TASK").OR.(P1.EQS."TEST").OR.(P1.EQS."APPS") -
+ .OR.(P1.EQS."ENGINES")
+$ THEN
+$!
+$! A Valid Argument.
+$!
+$ BUILDCOMMAND = P1
+$!
+$! Else...
+$!
+$ ELSE
+$!
+$! Tell The User We Don't Know What They Want.
+$!
+$ WRITE SYS$OUTPUT ""
+$ WRITE SYS$OUTPUT "USAGE: @MAKEVMS.COM [Target] [Pointer size] [Debug option] <Compiler>"
+$ WRITE SYS$OUTPUT ""
+$ WRITE SYS$OUTPUT "Example: @MAKEVMS.COM ALL """" NODEBUG "
+$ WRITE SYS$OUTPUT ""
+$ WRITE SYS$OUTPUT "The Target ",P1," Is Invalid. The Valid Target Options Are:"
+$ WRITE SYS$OUTPUT ""
+$ WRITE SYS$OUTPUT " ALL : Just Build Everything."
+$ WRITE SYS$OUTPUT " CONFIG : Just build the [.CRYPTO._xxx]OPENSSLCONF.H file."
+$ WRITE SYS$OUTPUT " BUILDINF : Just build the [.CRYPTO._xxx]BUILDINF.H file."
+$ WRITE SYS$OUTPUT " SOFTLINKS: Just Fix The Unix soft links."
+$ WRITE SYS$OUTPUT " BUILDALL : Same as ALL, except CONFIG, BUILDINF and SOFTILNKS aren't done."
+$ WRITE SYS$OUTPUT " CRYPTO : To Build Just The [.xxx.EXE.CRYPTO]LIBCRYPTO.OLB Library."
+$ WRITE SYS$OUTPUT " CRYPTO/x : To Build Just The x Part Of The"
+$ WRITE SYS$OUTPUT " [.xxx.EXE.CRYPTO]LIBCRYPTO.OLB Library."
+$ WRITE SYS$OUTPUT " SSL : To Build Just The [.xxx.EXE.SSL]LIBSSL.OLB Library."
+$ WRITE SYS$OUTPUT " SSL_TASK : To Build Just The [.xxx.EXE.SSL]SSL_TASK.EXE Program."
+$ WRITE SYS$OUTPUT " TEST : To Build Just The OpenSSL Test Programs."
+$ WRITE SYS$OUTPUT " APPS : To Build Just The OpenSSL Application Programs."
+$ WRITE SYS$OUTPUT " ENGINES : To Build Just The ENGINES"
+$ WRITE SYS$OUTPUT ""
+$ WRITE SYS$OUTPUT " Where 'xxx' Stands For:"
+$ WRITE SYS$OUTPUT ""
+$ WRITE SYS$OUTPUT " ALPHA[64]: Alpha Architecture."
+$ WRITE SYS$OUTPUT " IA64[64] : IA64 Architecture."
+$ WRITE SYS$OUTPUT " VAX : VAX Architecture."
+$ WRITE SYS$OUTPUT ""
+$!
+$! Time To EXIT.
+$!
+$ GOTO TIDY
+$!
+$! End The Valid Argument Check.
+$!
+$ ENDIF
+$!
+$! End The P1 Check.
+$!
+$ ENDIF
+$!
+$! Check P2 (POINTER_SIZE).
+$!
+$ IF (P2 .NES. "") .AND. (ARCH .NES. "VAX")
+$ THEN
+$!
+$ IF (P2 .EQS. "32")
+$ THEN
+$ POINTER_SIZE = "32"
+$ ELSE
+$ POINTER_SIZE = F$EDIT( P2, "COLLAPSE, UPCASE")
+$ IF ((POINTER_SIZE .EQS. "64") .OR. -
+ (POINTER_SIZE .EQS. "64=") .OR. -
+ (POINTER_SIZE .EQS. "64=ARGV"))
+$ THEN
+$ ARCHD = ARCH+ "_64"
+$ LIB32 = ""
+$ ELSE
+$!
+$! Tell The User Entered An Invalid Option.
+$!
+$ WRITE SYS$OUTPUT ""
+$ WRITE SYS$OUTPUT "The Option ", P2, -
+ " Is Invalid. The Valid Options Are:"
+$ WRITE SYS$OUTPUT ""
+$ WRITE SYS$OUTPUT -
+ " """" : Compile with default (short) pointers."
+$ WRITE SYS$OUTPUT -
+ " 32 : Compile with 32-bit (short) pointers."
+$ WRITE SYS$OUTPUT -
+ " 64 : Compile with 64-bit (long) pointers (auto ARGV)."
+$ WRITE SYS$OUTPUT -
+ " 64= : Compile with 64-bit (long) pointers (no ARGV)."
+$ WRITE SYS$OUTPUT -
+ " 64=ARGV : Compile with 64-bit (long) pointers (ARGV)."
+$ WRITE SYS$OUTPUT ""
+$!
+$! Time To EXIT.
+$!
+$ GOTO TIDY
+$!
+$ ENDIF
+$!
+$ ENDIF
+$!
+$! End The P2 (POINTER_SIZE) Check.
+$!
+$ ENDIF
+$!
+$! Check To See If P3 Is Blank.
+$!
+$ IF (P3.EQS."NODEBUG")
+$ THEN
+$!
+$! P3 Is NODEBUG, So Compile Without Debugger Information.
+$!
+$ DEBUGGER = "NODEBUG"
+$!
+$! Else...
+$!
+$ ELSE
+$!
+$! Check To See If We Are To Compile With Debugger Information.
+$!
+$ IF (P3.EQS."DEBUG")
+$ THEN
+$!
+$! Compile With Debugger Information.
+$!
+$ DEBUGGER = "DEBUG"
+$!
+$! Else...
+$!
+$ ELSE
+$!
+$! Tell The User Entered An Invalid Option.
+$!
+$ WRITE SYS$OUTPUT ""
+$ WRITE SYS$OUTPUT "The Option ",P3," Is Invalid. The Valid Options Are:"
+$ WRITE SYS$OUTPUT ""
+$ WRITE SYS$OUTPUT " DEBUG : Compile With The Debugger Information."
+$ WRITE SYS$OUTPUT " NODEBUG : Compile Without The Debugger Information."
+$ WRITE SYS$OUTPUT ""
+$!
+$! Time To EXIT.
+$!
+$ GOTO TIDY
+$!
+$! End The Valid Argument Check.
+$!
+$ ENDIF
+$!
+$! End The P3 Check.
+$!
+$ ENDIF
+$!
+$! Check To See If P4 Is Blank.
+$!
+$ IF (P4.EQS."")
+$ THEN
+$!
+$! O.K., The User Didn't Specify A Compiler, Let's Try To
+$! Find Out Which One To Use.
+$!
+$! Check To See If We Have GNU C.
+$!
+$ IF (F$TRNLNM("GNU_CC").NES."")
+$ THEN
+$!
+$! Looks Like GNUC, Set To Use GNUC.
+$!
+$ COMPILER = "GNUC"
+$!
+$! Tell The User We Are Using GNUC.
+$!
+$ WRITE SYS$OUTPUT "Using GNU 'C' Compiler."
+$!
+$! End The GNU C Compiler Check.
+$!
+$ ENDIF
+$!
+$! Check To See If We Have VAXC Or DECC.
+$!
+$ IF (F$GETSYI("CPU").GE.128).OR.(F$TRNLNM("DECC$CC_DEFAULT").EQS."/DECC")
+$ THEN
+$!
+$! Looks Like DECC, Set To Use DECC.
+$!
+$ COMPILER = "DECC"
+$!
+$! Tell The User We Are Using DECC.
+$!
+$ WRITE SYS$OUTPUT "Using DECC 'C' Compiler."
+$!
+$! Else...
+$!
+$ ELSE
+$!
+$! Looks Like VAXC, Set To Use VAXC.
+$!
+$ COMPILER = "VAXC"
+$!
+$! Tell The User We Are Using VAX C.
+$!
+$ WRITE SYS$OUTPUT "Using VAXC 'C' Compiler."
+$!
+$! End The DECC & VAXC Compiler Check.
+$!
+$ ENDIF
+$!
+$! Else...
+$!
+$ ELSE
+$!
+$! Check To See If The User Entered A Valid Parameter.
+$!
+$ IF (P4.EQS."VAXC").OR.(P4.EQS."DECC").OR.(P4.EQS."GNUC")!.OR.(P4.EQS."LINK")
+$ THEN
+$!
+$! Check To See If The User Wanted To Just LINK.
+$!
+$ IF (P4.EQS."LINK")
+$ THEN
+$!
+$! Looks Like LINK-only
+$!
+$ COMPILER = "LINK"
+$!
+$! Tell The User We Are Only Linking.
+$!
+$ WRITE SYS$OUTPUT "LINK Only. This actually NOT YET SUPPORTED!"
+$!
+$! End LINK Check.
+$!
+$ ENDIF
+$!
+$! Check To See If The User Wanted DECC.
+$!
+$ IF (P4.EQS."DECC")
+$ THEN
+$!
+$! Looks Like DECC, Set To Use DECC.
+$!
+$ COMPILER = "DECC"
+$!
+$! Tell The User We Are Using DECC.
+$!
+$ WRITE SYS$OUTPUT "Using DECC 'C' Compiler."
+$!
+$! End DECC Check.
+$!
+$ ENDIF
+$!
+$! Check To See If We Are To Use VAXC.
+$!
+$ IF (P4.EQS."VAXC")
+$ THEN
+$!
+$! Looks Like VAXC, Set To Use VAXC.
+$!
+$ COMPILER = "VAXC"
+$!
+$! Tell The User We Are Using VAX C.
+$!
+$ WRITE SYS$OUTPUT "Using VAXC 'C' Compiler."
+$!
+$! End VAXC Check
+$!
+$ ENDIF
+$!
+$! Check To See If We Are To Use GNU C.
+$!
+$ IF (P4.EQS."GNUC")
+$ THEN
+$!
+$! Looks Like GNUC, Set To Use GNUC.
+$!
+$ COMPILER = "GNUC"
+$!
+$! Tell The User We Are Using GNUC.
+$!
+$ WRITE SYS$OUTPUT "Using GNU 'C' Compiler."
+$!
+$! End The GNU C Check.
+$!
+$ ENDIF
+$!
+$! Else The User Entered An Invalid Argument.
+$!
+$ ELSE
+$!
+$! Tell The User We Don't Know What They Want.
+$!
+$ WRITE SYS$OUTPUT ""
+$ WRITE SYS$OUTPUT "The Option ",P4," Is Invalid. The Valid Options Are:"
+$ WRITE SYS$OUTPUT ""
+$ WRITE SYS$OUTPUT " VAXC : To Compile With VAX C."
+$ WRITE SYS$OUTPUT " DECC : To Compile With DEC C."
+$ WRITE SYS$OUTPUT " GNUC : To Compile With GNU C."
+$ WRITE SYS$OUTPUT ""
+$!
+$! Time To EXIT.
+$!
+$ GOTO TIDY
+$!
+$! End The Valid Argument Check.
+$!
+$ ENDIF
+$!
+$! End The P4 Check.
+$!
+$ ENDIF
+$!
+$! Time to check the contents of P5, and to make sure we get the correct
+$! library.
+$!
+$ IF P5.EQS."SOCKETSHR" .OR. P5.EQS."MULTINET" .OR. P5.EQS."UCX" -
+ .OR. P5.EQS."TCPIP" .OR. P5.EQS."NONE"
+$ THEN
+$!
+$! Check to see if SOCKETSHR was chosen
+$!
+$ IF P5.EQS."SOCKETSHR"
+$ THEN
+$!
+$! Set the library to use SOCKETSHR
+$!
+$ TCPIP_LIB = "SYS$DISK:[-.VMS]SOCKETSHR_SHR.OPT /OPTIONS"
+$!
+$! Tell the user
+$!
+$ WRITE SYS$OUTPUT "Using SOCKETSHR for TCP/IP"
+$!
+$! Done with SOCKETSHR
+$!
+$ ENDIF
+$!
+$! Check to see if MULTINET was chosen
+$!
+$ IF P5.EQS."MULTINET"
+$ THEN
+$!
+$! Set the library to use UCX emulation.
+$!
+$ P5 = "UCX"
+$!
+$! Tell the user
+$!
+$ WRITE SYS$OUTPUT "Using MultiNet via UCX emulation for TCP/IP"
+$!
+$! Done with MULTINET
+$!
+$ ENDIF
+$!
+$! Check to see if UCX was chosen
+$!
+$ IF P5.EQS."UCX"
+$ THEN
+$!
+$! Set the library to use UCX.
+$!
+$ TCPIP_LIB = "SYS$DISK:[-.VMS]UCX_SHR_DECC.OPT /OPTIONS"
+$!
+$! Tell the user
+$!
+$ WRITE SYS$OUTPUT "Using UCX or an emulation thereof for TCP/IP"
+$!
+$! Done with UCX
+$!
+$ ENDIF
+$!
+$! Check to see if TCPIP was chosen
+$!
+$ IF P5.EQS."TCPIP"
+$ THEN
+$!
+$! Set the library to use TCPIP (post UCX).
+$!
+$ TCPIP_LIB = "SYS$DISK:[-.VMS]TCPIP_SHR_DECC.OPT /OPTIONS"
+$!
+$! Tell the user
+$!
+$ WRITE SYS$OUTPUT "Using TCPIP (post UCX) for TCP/IP"
+$!
+$! Done with TCPIP
+$!
+$ ENDIF
+$!
+$! Check to see if NONE was chosen
+$!
+$ IF P5.EQS."NONE"
+$ THEN
+$!
+$! Do not use a TCPIP library.
+$!
+$ TCPIP_LIB = ""
+$!
+$! Tell the user
+$!
+$ WRITE SYS$OUTPUT "A specific TCPIP library will not be used."
+$!
+$! Done with NONE.
+$!
+$ ENDIF
+$!
+$! Set the TCPIP_TYPE symbol
+$!
+$ TCPIP_TYPE = P5
+$!
+$! Print info
+$!
+$ WRITE SYS$OUTPUT "TCP/IP library spec: ", TCPIP_LIB
+$!
+$! Else The User Entered An Invalid Argument.
+$!
+$ ELSE
+$ IF P5 .NES. ""
+$ THEN
+$!
+$! Tell The User We Don't Know What They Want.
+$!
+$ WRITE SYS$OUTPUT ""
+$ WRITE SYS$OUTPUT "The Option ",P5," Is Invalid. The Valid Options Are:"
+$ WRITE SYS$OUTPUT ""
+$ WRITE SYS$OUTPUT " SOCKETSHR : To link with SOCKETSHR TCP/IP library."
+$ WRITE SYS$OUTPUT " UCX : To link with UCX TCP/IP library."
+$ WRITE SYS$OUTPUT " TCPIP : To link with TCPIP TCP/IP (post UCX) library."
+$ WRITE SYS$OUTPUT " NONE : To not link with a specific TCP/IP library."
+$ WRITE SYS$OUTPUT ""
+$!
+$! Time To EXIT.
+$!
+$ GOTO TIDY
+$ ELSE
+$!
+$! If TCPIP is not defined, then hardcode it to make
+$! it clear that no TCPIP is desired.
+$!
+$ IF P5 .EQS. ""
+$ THEN
+$ TCPIP_LIB = ""
+$ TCPIP_TYPE = "NONE"
+$ ELSE
+$!
+$! Set the TCPIP_TYPE symbol
+$!
+$ TCPIP_TYPE = P5
+$ ENDIF
+$ ENDIF
+$!
+$! Done with TCP/IP libraries
+$!
+$ ENDIF
+$!
+$! Special Threads For OpenVMS v7.1 Or Later
+$!
+$! Written By: Richard Levitte
+$! richard at levitte.org
+$!
+$!
+$! Check To See If We Have A Option For P6.
+$!
+$ IF (P6.EQS."")
+$ THEN
+$!
+$! Get The Version Of VMS We Are Using.
+$!
+$ ISSEVEN :=
+$ TMP = F$ELEMENT(0,"-",F$EXTRACT(1,4,VMS_VERSION))
+$ TMP = F$INTEGER(F$ELEMENT(0,".",TMP)+F$ELEMENT(1,".",TMP))
+$!
+$! Check To See If The VMS Version Is v7.1 Or Later.
+$!
+$ IF (TMP.GE.71)
+$ THEN
+$!
+$! We Have OpenVMS v7.1 Or Later, So Use The Special Threads.
+$!
+$ ISSEVEN := ,PTHREAD_USE_D4
+$!
+$! End The VMS Version Check.
+$!
+$ ENDIF
+$!
+$! End The P6 Check.
+$!
+$ ENDIF
+$!
+$!
+$! Check To See If We Have A ZLIB Option.
+$!
+$ ZLIB = P7
+$ IF (ZLIB .NES. "")
+$ THEN
+$!
+$! Check for expected ZLIB files.
+$!
+$ err = 0
+$ file1 = f$parse( "zlib.h", ZLIB, , , "SYNTAX_ONLY")
+$ if (f$search( file1) .eqs. "")
+$ then
+$ WRITE SYS$OUTPUT ""
+$ WRITE SYS$OUTPUT "The Option ", ZLIB, " Is Invalid."
+$ WRITE SYS$OUTPUT " Can't find header: ''file1'"
+$ err = 1
+$ endif
+$!
+$ file2 = f$parse( ZLIB, "libz.olb", , , "SYNTAX_ONLY")
+$ if (f$search( file2) .eqs. "")
+$ then
+$ if (err .eq. 0)
+$ then
+$ WRITE SYS$OUTPUT ""
+$ WRITE SYS$OUTPUT "The Option ", ZLIB, " Is Invalid."
+$ endif
+$ WRITE SYS$OUTPUT " Can't find library: ''file2'"
+$ WRITE SYS$OUTPUT ""
+$ err = err+ 2
+$ endif
+$ if (err .eq. 1)
+$ then
+$ WRITE SYS$OUTPUT ""
+$ endif
+$!
+$ if (err .ne. 0)
+$ then
+$ GOTO TIDY
+$ endif
+$!
+$! Print info
+$!
+$ WRITE SYS$OUTPUT "ZLIB library spec: ", file2
+$!
+$! End The ZLIB Check.
+$!
+$ ENDIF
+$!
+$! Time To RETURN...
+$!
+$ RETURN
+$!
+$ TIDY:
+$!
+$! Close any open files.
+$!
+$ if (f$trnlnm( "h_file", "LNM$PROCESS", 0, "SUPERVISOR") .nes. "") then -
+ close h_file
+$!
+$! Restore the original default device:[directory].
+$!
+$ SET DEFAULT 'DEF_ORIG'
+$!
+$ EXIT
+$!
Modified: trunk/crypto/openssl/openssl.spec
===================================================================
--- trunk/crypto/openssl/openssl.spec 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/openssl.spec 2015-07-21 23:23:45 UTC (rev 7118)
@@ -6,7 +6,8 @@
Summary: Secure Sockets Layer and cryptography libraries and tools
Name: openssl
-Version: 0.9.8zg
+#Version: %{libmaj}.%{libmin}.%{librel}
+Version: 1.0.1o
Source0: ftp://ftp.openssl.org/source/%{name}-%{version}.tar.gz
License: OpenSSL
Group: System Environment/Libraries
Modified: trunk/crypto/openssl/ssl/Makefile
===================================================================
--- trunk/crypto/openssl/ssl/Makefile 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/ssl/Makefile 2015-07-21 23:23:45 UTC (rev 7118)
@@ -15,7 +15,7 @@
CFLAGS= $(INCLUDES) $(CFLAG)
GENERAL=Makefile README ssl-lib.com install.com
-TEST=ssltest.c
+TEST=ssltest.c heartbeat_test.c
APPS=
LIB=$(TOP)/libssl.a
@@ -26,11 +26,11 @@
s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c \
t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c \
d1_meth.c d1_srvr.c d1_clnt.c d1_lib.c d1_pkt.c \
- d1_both.c d1_enc.c \
+ d1_both.c d1_enc.c d1_srtp.c \
ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c \
ssl_ciph.c ssl_stat.c ssl_rsa.c \
ssl_asn1.c ssl_txt.c ssl_algs.c \
- bio_ssl.c ssl_err.c kssl.c t1_reneg.c
+ bio_ssl.c ssl_err.c kssl.c tls_srp.c t1_reneg.c ssl_utst.c
LIBOBJ= \
s2_meth.o s2_srvr.o s2_clnt.o s2_lib.o s2_enc.o s2_pkt.o \
s3_meth.o s3_srvr.o s3_clnt.o s3_lib.o s3_enc.o s3_pkt.o s3_both.o s3_cbc.o \
@@ -37,15 +37,15 @@
s23_meth.o s23_srvr.o s23_clnt.o s23_lib.o s23_pkt.o \
t1_meth.o t1_srvr.o t1_clnt.o t1_lib.o t1_enc.o \
d1_meth.o d1_srvr.o d1_clnt.o d1_lib.o d1_pkt.o \
- d1_both.o d1_enc.o \
+ d1_both.o d1_enc.o d1_srtp.o\
ssl_lib.o ssl_err2.o ssl_cert.o ssl_sess.o \
ssl_ciph.o ssl_stat.o ssl_rsa.o \
ssl_asn1.o ssl_txt.o ssl_algs.o \
- bio_ssl.o ssl_err.o kssl.o t1_reneg.o
+ bio_ssl.o ssl_err.o kssl.o tls_srp.o t1_reneg.o ssl_utst.o
SRC= $(LIBSRC)
-EXHEADER= ssl.h ssl2.h ssl3.h ssl23.h tls1.h dtls1.h kssl.h
+EXHEADER= ssl.h ssl2.h ssl3.h ssl23.h tls1.h dtls1.h kssl.h srtp.h
HEADER= $(EXHEADER) ssl_locl.h kssl_lcl.h
ALL= $(GENERAL) $(SRC) $(HEADER)
@@ -53,7 +53,7 @@
top:
(cd ..; $(MAKE) DIRS=$(DIR) all)
-all: lib
+all: shared
lib: $(LIBOBJ)
$(AR) $(LIB) $(LIBOBJ)
@@ -89,13 +89,14 @@
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
-depend:
- @if [ -z "$(THIS)" ]; then \
- $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; \
- else \
- $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC); \
- fi
+update: local_depend
+ @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
+depend: local_depend
+ @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
+local_depend:
+ @[ -z "$(THIS)" ] || $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
dclean:
$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
mv -f Makefile.new $(MAKEFILE)
@@ -106,40 +107,38 @@
# DO NOT DELETE THIS LINE -- make depend depends on it.
bio_ssl.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-bio_ssl.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-bio_ssl.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-bio_ssl.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-bio_ssl.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-bio_ssl.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-bio_ssl.o: ../include/openssl/evp.h ../include/openssl/fips.h
+bio_ssl.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+bio_ssl.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h
+bio_ssl.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
+bio_ssl.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
+bio_ssl.o: ../include/openssl/err.h ../include/openssl/evp.h
bio_ssl.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
bio_ssl.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
bio_ssl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
bio_ssl.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
bio_ssl.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-bio_ssl.o: ../include/openssl/pkcs7.h ../include/openssl/pq_compat.h
-bio_ssl.o: ../include/openssl/pqueue.h ../include/openssl/safestack.h
-bio_ssl.o: ../include/openssl/sha.h ../include/openssl/ssl.h
+bio_ssl.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+bio_ssl.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+bio_ssl.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
bio_ssl.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
bio_ssl.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
bio_ssl.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
bio_ssl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h bio_ssl.c
d1_both.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-d1_both.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-d1_both.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-d1_both.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
-d1_both.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-d1_both.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-d1_both.o: ../include/openssl/err.h ../include/openssl/evp.h
-d1_both.o: ../include/openssl/fips.h ../include/openssl/hmac.h
+d1_both.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+d1_both.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+d1_both.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+d1_both.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+d1_both.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+d1_both.o: ../include/openssl/evp.h ../include/openssl/hmac.h
d1_both.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
d1_both.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
d1_both.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
d1_both.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
d1_both.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-d1_both.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h
-d1_both.o: ../include/openssl/rand.h ../include/openssl/rsa.h
-d1_both.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+d1_both.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+d1_both.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+d1_both.o: ../include/openssl/sha.h ../include/openssl/srtp.h
d1_both.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
d1_both.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
d1_both.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
@@ -152,38 +151,37 @@
d1_clnt.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
d1_clnt.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
d1_clnt.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-d1_clnt.o: ../include/openssl/evp.h ../include/openssl/fips.h
-d1_clnt.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
-d1_clnt.o: ../include/openssl/lhash.h ../include/openssl/md5.h
-d1_clnt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-d1_clnt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-d1_clnt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-d1_clnt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-d1_clnt.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h
+d1_clnt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+d1_clnt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+d1_clnt.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
+d1_clnt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+d1_clnt.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+d1_clnt.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+d1_clnt.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
d1_clnt.o: ../include/openssl/rand.h ../include/openssl/rsa.h
d1_clnt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-d1_clnt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-d1_clnt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-d1_clnt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-d1_clnt.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-d1_clnt.o: ../include/openssl/x509_vfy.h d1_clnt.c kssl_lcl.h ssl_locl.h
+d1_clnt.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+d1_clnt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+d1_clnt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+d1_clnt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+d1_clnt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_clnt.c
+d1_clnt.o: kssl_lcl.h ssl_locl.h
d1_enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-d1_enc.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-d1_enc.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-d1_enc.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
-d1_enc.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-d1_enc.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-d1_enc.o: ../include/openssl/err.h ../include/openssl/evp.h
-d1_enc.o: ../include/openssl/fips.h ../include/openssl/hmac.h
+d1_enc.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+d1_enc.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+d1_enc.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+d1_enc.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+d1_enc.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+d1_enc.o: ../include/openssl/evp.h ../include/openssl/hmac.h
d1_enc.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
d1_enc.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
d1_enc.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
d1_enc.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
d1_enc.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-d1_enc.o: ../include/openssl/pkcs7.h ../include/openssl/pq_compat.h
-d1_enc.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
-d1_enc.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-d1_enc.o: ../include/openssl/sha.h ../include/openssl/ssl.h
+d1_enc.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+d1_enc.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+d1_enc.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+d1_enc.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
d1_enc.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
d1_enc.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
d1_enc.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
@@ -190,21 +188,20 @@
d1_enc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_enc.c
d1_enc.o: ssl_locl.h
d1_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-d1_lib.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-d1_lib.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-d1_lib.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
-d1_lib.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-d1_lib.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-d1_lib.o: ../include/openssl/err.h ../include/openssl/evp.h
-d1_lib.o: ../include/openssl/fips.h ../include/openssl/hmac.h
+d1_lib.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+d1_lib.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+d1_lib.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+d1_lib.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+d1_lib.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+d1_lib.o: ../include/openssl/evp.h ../include/openssl/hmac.h
d1_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
d1_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
d1_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
d1_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
d1_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-d1_lib.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h
-d1_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-d1_lib.o: ../include/openssl/sha.h ../include/openssl/ssl.h
+d1_lib.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+d1_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+d1_lib.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
d1_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
d1_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
d1_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
@@ -211,21 +208,20 @@
d1_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_lib.c
d1_lib.o: ssl_locl.h
d1_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-d1_meth.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-d1_meth.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-d1_meth.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
-d1_meth.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-d1_meth.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-d1_meth.o: ../include/openssl/err.h ../include/openssl/evp.h
-d1_meth.o: ../include/openssl/fips.h ../include/openssl/hmac.h
+d1_meth.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+d1_meth.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+d1_meth.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+d1_meth.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+d1_meth.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+d1_meth.o: ../include/openssl/evp.h ../include/openssl/hmac.h
d1_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
d1_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
d1_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
d1_meth.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
d1_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-d1_meth.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h
-d1_meth.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-d1_meth.o: ../include/openssl/sha.h ../include/openssl/ssl.h
+d1_meth.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+d1_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+d1_meth.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
d1_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
d1_meth.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
d1_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
@@ -232,26 +228,45 @@
d1_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_meth.c
d1_meth.o: ssl_locl.h
d1_pkt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-d1_pkt.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-d1_pkt.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-d1_pkt.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
-d1_pkt.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-d1_pkt.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-d1_pkt.o: ../include/openssl/err.h ../include/openssl/evp.h
-d1_pkt.o: ../include/openssl/fips.h ../include/openssl/hmac.h
+d1_pkt.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+d1_pkt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+d1_pkt.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+d1_pkt.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+d1_pkt.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+d1_pkt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
d1_pkt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
d1_pkt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
d1_pkt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
d1_pkt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
d1_pkt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-d1_pkt.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h
-d1_pkt.o: ../include/openssl/rand.h ../include/openssl/rsa.h
-d1_pkt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+d1_pkt.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+d1_pkt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+d1_pkt.o: ../include/openssl/sha.h ../include/openssl/srtp.h
d1_pkt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
d1_pkt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
d1_pkt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
d1_pkt.o: ../include/openssl/tls1.h ../include/openssl/x509.h
d1_pkt.o: ../include/openssl/x509_vfy.h d1_pkt.c ssl_locl.h
+d1_srtp.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+d1_srtp.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+d1_srtp.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+d1_srtp.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+d1_srtp.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+d1_srtp.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+d1_srtp.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+d1_srtp.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+d1_srtp.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+d1_srtp.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+d1_srtp.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+d1_srtp.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+d1_srtp.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+d1_srtp.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+d1_srtp.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+d1_srtp.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+d1_srtp.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+d1_srtp.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+d1_srtp.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_srtp.c
+d1_srtp.o: srtp.h ssl_locl.h
d1_srvr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
d1_srvr.o: ../include/openssl/bn.h ../include/openssl/buffer.h
d1_srvr.o: ../include/openssl/comp.h ../include/openssl/crypto.h
@@ -259,56 +274,55 @@
d1_srvr.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
d1_srvr.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
d1_srvr.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-d1_srvr.o: ../include/openssl/evp.h ../include/openssl/fips.h
-d1_srvr.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
-d1_srvr.o: ../include/openssl/lhash.h ../include/openssl/md5.h
-d1_srvr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-d1_srvr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-d1_srvr.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-d1_srvr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-d1_srvr.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h
+d1_srvr.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+d1_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+d1_srvr.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
+d1_srvr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+d1_srvr.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+d1_srvr.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+d1_srvr.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
d1_srvr.o: ../include/openssl/rand.h ../include/openssl/rsa.h
d1_srvr.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-d1_srvr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-d1_srvr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-d1_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-d1_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-d1_srvr.o: ../include/openssl/x509_vfy.h d1_srvr.c ssl_locl.h
+d1_srvr.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+d1_srvr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+d1_srvr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+d1_srvr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+d1_srvr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_srvr.c
+d1_srvr.o: ssl_locl.h
kssl.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-kssl.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-kssl.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-kssl.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-kssl.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-kssl.o: ../include/openssl/ecdsa.h ../include/openssl/evp.h
-kssl.o: ../include/openssl/fips.h ../include/openssl/hmac.h
+kssl.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+kssl.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h
+kssl.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
+kssl.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
+kssl.o: ../include/openssl/evp.h ../include/openssl/hmac.h
kssl.o: ../include/openssl/krb5_asn.h ../include/openssl/kssl.h
kssl.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
kssl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
kssl.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
kssl.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-kssl.o: ../include/openssl/pkcs7.h ../include/openssl/pq_compat.h
-kssl.o: ../include/openssl/pqueue.h ../include/openssl/safestack.h
-kssl.o: ../include/openssl/sha.h ../include/openssl/ssl.h
+kssl.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+kssl.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+kssl.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
kssl.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
kssl.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
kssl.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
kssl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h kssl.c
+kssl.o: kssl_lcl.h
s23_clnt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s23_clnt.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-s23_clnt.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-s23_clnt.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
-s23_clnt.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-s23_clnt.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-s23_clnt.o: ../include/openssl/err.h ../include/openssl/evp.h
-s23_clnt.o: ../include/openssl/fips.h ../include/openssl/hmac.h
+s23_clnt.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+s23_clnt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+s23_clnt.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+s23_clnt.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+s23_clnt.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+s23_clnt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
s23_clnt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
s23_clnt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
s23_clnt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
s23_clnt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
s23_clnt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s23_clnt.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h
-s23_clnt.o: ../include/openssl/rand.h ../include/openssl/rsa.h
-s23_clnt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s23_clnt.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+s23_clnt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+s23_clnt.o: ../include/openssl/sha.h ../include/openssl/srtp.h
s23_clnt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
s23_clnt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
s23_clnt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
@@ -315,21 +329,20 @@
s23_clnt.o: ../include/openssl/tls1.h ../include/openssl/x509.h
s23_clnt.o: ../include/openssl/x509_vfy.h s23_clnt.c ssl_locl.h
s23_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s23_lib.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-s23_lib.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-s23_lib.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
-s23_lib.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-s23_lib.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-s23_lib.o: ../include/openssl/err.h ../include/openssl/evp.h
-s23_lib.o: ../include/openssl/fips.h ../include/openssl/hmac.h
+s23_lib.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+s23_lib.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+s23_lib.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+s23_lib.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+s23_lib.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+s23_lib.o: ../include/openssl/evp.h ../include/openssl/hmac.h
s23_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
s23_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
s23_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
s23_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
s23_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s23_lib.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h
-s23_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s23_lib.o: ../include/openssl/sha.h ../include/openssl/ssl.h
+s23_lib.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+s23_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s23_lib.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
s23_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
s23_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
s23_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
@@ -336,21 +349,20 @@
s23_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s23_lib.c
s23_lib.o: ssl_locl.h
s23_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s23_meth.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-s23_meth.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-s23_meth.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
-s23_meth.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-s23_meth.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-s23_meth.o: ../include/openssl/err.h ../include/openssl/evp.h
-s23_meth.o: ../include/openssl/fips.h ../include/openssl/hmac.h
+s23_meth.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+s23_meth.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+s23_meth.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+s23_meth.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+s23_meth.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+s23_meth.o: ../include/openssl/evp.h ../include/openssl/hmac.h
s23_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
s23_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
s23_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
s23_meth.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
s23_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s23_meth.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h
-s23_meth.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s23_meth.o: ../include/openssl/sha.h ../include/openssl/ssl.h
+s23_meth.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+s23_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s23_meth.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
s23_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
s23_meth.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
s23_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
@@ -357,21 +369,20 @@
s23_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s23_meth.c
s23_meth.o: ssl_locl.h
s23_pkt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s23_pkt.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-s23_pkt.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-s23_pkt.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
-s23_pkt.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-s23_pkt.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-s23_pkt.o: ../include/openssl/err.h ../include/openssl/evp.h
-s23_pkt.o: ../include/openssl/fips.h ../include/openssl/hmac.h
+s23_pkt.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+s23_pkt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+s23_pkt.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+s23_pkt.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+s23_pkt.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+s23_pkt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
s23_pkt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
s23_pkt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
s23_pkt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
s23_pkt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
s23_pkt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s23_pkt.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h
-s23_pkt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s23_pkt.o: ../include/openssl/sha.h ../include/openssl/ssl.h
+s23_pkt.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+s23_pkt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s23_pkt.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
s23_pkt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
s23_pkt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
s23_pkt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
@@ -378,21 +389,20 @@
s23_pkt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s23_pkt.c
s23_pkt.o: ssl_locl.h
s23_srvr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s23_srvr.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-s23_srvr.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-s23_srvr.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
-s23_srvr.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-s23_srvr.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-s23_srvr.o: ../include/openssl/err.h ../include/openssl/evp.h
-s23_srvr.o: ../include/openssl/fips.h ../include/openssl/hmac.h
+s23_srvr.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+s23_srvr.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+s23_srvr.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+s23_srvr.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+s23_srvr.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+s23_srvr.o: ../include/openssl/evp.h ../include/openssl/hmac.h
s23_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
s23_srvr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
s23_srvr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
s23_srvr.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
s23_srvr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s23_srvr.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h
-s23_srvr.o: ../include/openssl/rand.h ../include/openssl/rsa.h
-s23_srvr.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s23_srvr.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+s23_srvr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+s23_srvr.o: ../include/openssl/sha.h ../include/openssl/srtp.h
s23_srvr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
s23_srvr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
s23_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
@@ -399,21 +409,20 @@
s23_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h
s23_srvr.o: ../include/openssl/x509_vfy.h s23_srvr.c ssl_locl.h
s2_clnt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s2_clnt.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-s2_clnt.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-s2_clnt.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
-s2_clnt.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-s2_clnt.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-s2_clnt.o: ../include/openssl/err.h ../include/openssl/evp.h
-s2_clnt.o: ../include/openssl/fips.h ../include/openssl/hmac.h
+s2_clnt.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+s2_clnt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+s2_clnt.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+s2_clnt.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+s2_clnt.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+s2_clnt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
s2_clnt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
s2_clnt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
s2_clnt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
s2_clnt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
s2_clnt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s2_clnt.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h
-s2_clnt.o: ../include/openssl/rand.h ../include/openssl/rsa.h
-s2_clnt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s2_clnt.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+s2_clnt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+s2_clnt.o: ../include/openssl/sha.h ../include/openssl/srtp.h
s2_clnt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
s2_clnt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
s2_clnt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
@@ -420,21 +429,20 @@
s2_clnt.o: ../include/openssl/tls1.h ../include/openssl/x509.h
s2_clnt.o: ../include/openssl/x509_vfy.h s2_clnt.c ssl_locl.h
s2_enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s2_enc.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-s2_enc.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-s2_enc.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
-s2_enc.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-s2_enc.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-s2_enc.o: ../include/openssl/err.h ../include/openssl/evp.h
-s2_enc.o: ../include/openssl/fips.h ../include/openssl/hmac.h
+s2_enc.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+s2_enc.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+s2_enc.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+s2_enc.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+s2_enc.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+s2_enc.o: ../include/openssl/evp.h ../include/openssl/hmac.h
s2_enc.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
s2_enc.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
s2_enc.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
s2_enc.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
s2_enc.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s2_enc.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h
-s2_enc.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s2_enc.o: ../include/openssl/sha.h ../include/openssl/ssl.h
+s2_enc.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+s2_enc.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s2_enc.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
s2_enc.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
s2_enc.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
s2_enc.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
@@ -441,21 +449,20 @@
s2_enc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_enc.c
s2_enc.o: ssl_locl.h
s2_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s2_lib.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-s2_lib.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-s2_lib.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
-s2_lib.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-s2_lib.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-s2_lib.o: ../include/openssl/err.h ../include/openssl/evp.h
-s2_lib.o: ../include/openssl/fips.h ../include/openssl/hmac.h
+s2_lib.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+s2_lib.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+s2_lib.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+s2_lib.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+s2_lib.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+s2_lib.o: ../include/openssl/evp.h ../include/openssl/hmac.h
s2_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
s2_lib.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
s2_lib.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
s2_lib.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
s2_lib.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-s2_lib.o: ../include/openssl/pkcs7.h ../include/openssl/pq_compat.h
-s2_lib.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
-s2_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s2_lib.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+s2_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+s2_lib.o: ../include/openssl/sha.h ../include/openssl/srtp.h
s2_lib.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
s2_lib.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
s2_lib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
@@ -462,21 +469,20 @@
s2_lib.o: ../include/openssl/tls1.h ../include/openssl/x509.h
s2_lib.o: ../include/openssl/x509_vfy.h s2_lib.c ssl_locl.h
s2_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s2_meth.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-s2_meth.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-s2_meth.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
-s2_meth.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-s2_meth.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-s2_meth.o: ../include/openssl/err.h ../include/openssl/evp.h
-s2_meth.o: ../include/openssl/fips.h ../include/openssl/hmac.h
+s2_meth.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+s2_meth.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+s2_meth.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+s2_meth.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+s2_meth.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+s2_meth.o: ../include/openssl/evp.h ../include/openssl/hmac.h
s2_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
s2_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
s2_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
s2_meth.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
s2_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s2_meth.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h
-s2_meth.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s2_meth.o: ../include/openssl/sha.h ../include/openssl/ssl.h
+s2_meth.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+s2_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s2_meth.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
s2_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
s2_meth.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
s2_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
@@ -483,63 +489,61 @@
s2_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_meth.c
s2_meth.o: ssl_locl.h
s2_pkt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s2_pkt.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-s2_pkt.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-s2_pkt.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
-s2_pkt.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-s2_pkt.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-s2_pkt.o: ../include/openssl/err.h ../include/openssl/evp.h
-s2_pkt.o: ../include/openssl/fips.h ../include/openssl/hmac.h
+s2_pkt.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+s2_pkt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+s2_pkt.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+s2_pkt.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+s2_pkt.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+s2_pkt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
s2_pkt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
s2_pkt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
s2_pkt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
s2_pkt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
s2_pkt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s2_pkt.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h
-s2_pkt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s2_pkt.o: ../include/openssl/sha.h ../include/openssl/ssl.h
+s2_pkt.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+s2_pkt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s2_pkt.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
s2_pkt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
s2_pkt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
s2_pkt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
s2_pkt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_pkt.c
s2_pkt.o: ssl_locl.h
-s2_srvr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s2_srvr.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+s2_srvr.o: ../crypto/constant_time_locl.h ../e_os.h ../include/openssl/asn1.h
+s2_srvr.o: ../include/openssl/bio.h ../include/openssl/buffer.h
s2_srvr.o: ../include/openssl/comp.h ../include/openssl/crypto.h
s2_srvr.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
s2_srvr.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
s2_srvr.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
s2_srvr.o: ../include/openssl/err.h ../include/openssl/evp.h
-s2_srvr.o: ../include/openssl/fips.h ../include/openssl/hmac.h
-s2_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-s2_srvr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-s2_srvr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s2_srvr.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-s2_srvr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s2_srvr.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h
+s2_srvr.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
+s2_srvr.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+s2_srvr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+s2_srvr.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+s2_srvr.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+s2_srvr.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
s2_srvr.o: ../include/openssl/rand.h ../include/openssl/rsa.h
s2_srvr.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s2_srvr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s2_srvr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s2_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s2_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-s2_srvr.o: ../include/openssl/x509_vfy.h s2_srvr.c ssl_locl.h
+s2_srvr.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s2_srvr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s2_srvr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s2_srvr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s2_srvr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_srvr.c
+s2_srvr.o: ssl_locl.h
s3_both.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s3_both.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-s3_both.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-s3_both.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
-s3_both.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-s3_both.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-s3_both.o: ../include/openssl/err.h ../include/openssl/evp.h
-s3_both.o: ../include/openssl/fips.h ../include/openssl/hmac.h
+s3_both.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+s3_both.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+s3_both.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+s3_both.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+s3_both.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+s3_both.o: ../include/openssl/evp.h ../include/openssl/hmac.h
s3_both.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
s3_both.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
s3_both.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
s3_both.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
s3_both.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s3_both.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h
-s3_both.o: ../include/openssl/rand.h ../include/openssl/rsa.h
-s3_both.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s3_both.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+s3_both.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+s3_both.o: ../include/openssl/sha.h ../include/openssl/srtp.h
s3_both.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
s3_both.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
s3_both.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
@@ -546,13 +550,12 @@
s3_both.o: ../include/openssl/tls1.h ../include/openssl/x509.h
s3_both.o: ../include/openssl/x509_vfy.h s3_both.c ssl_locl.h
s3_cbc.o: ../crypto/constant_time_locl.h ../e_os.h ../include/openssl/asn1.h
-s3_cbc.o: ../include/openssl/bio.h ../include/openssl/bn.h
-s3_cbc.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-s3_cbc.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-s3_cbc.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-s3_cbc.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-s3_cbc.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-s3_cbc.o: ../include/openssl/evp.h ../include/openssl/fips.h
+s3_cbc.o: ../include/openssl/bio.h ../include/openssl/buffer.h
+s3_cbc.o: ../include/openssl/comp.h ../include/openssl/crypto.h
+s3_cbc.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+s3_cbc.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
+s3_cbc.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
+s3_cbc.o: ../include/openssl/err.h ../include/openssl/evp.h
s3_cbc.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
s3_cbc.o: ../include/openssl/lhash.h ../include/openssl/md5.h
s3_cbc.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
@@ -559,9 +562,9 @@
s3_cbc.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
s3_cbc.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
s3_cbc.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s3_cbc.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h
-s3_cbc.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s3_cbc.o: ../include/openssl/sha.h ../include/openssl/ssl.h
+s3_cbc.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+s3_cbc.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s3_cbc.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
s3_cbc.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
s3_cbc.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
s3_cbc.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
@@ -575,50 +578,48 @@
s3_clnt.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
s3_clnt.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
s3_clnt.o: ../include/openssl/err.h ../include/openssl/evp.h
-s3_clnt.o: ../include/openssl/fips.h ../include/openssl/hmac.h
-s3_clnt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-s3_clnt.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
-s3_clnt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-s3_clnt.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-s3_clnt.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-s3_clnt.o: ../include/openssl/pkcs7.h ../include/openssl/pq_compat.h
+s3_clnt.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
+s3_clnt.o: ../include/openssl/lhash.h ../include/openssl/md5.h
+s3_clnt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s3_clnt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s3_clnt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s3_clnt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
s3_clnt.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
s3_clnt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s3_clnt.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-s3_clnt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s3_clnt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s3_clnt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s3_clnt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h kssl_lcl.h
-s3_clnt.o: s3_clnt.c ssl_locl.h
+s3_clnt.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+s3_clnt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+s3_clnt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+s3_clnt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+s3_clnt.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+s3_clnt.o: ../include/openssl/x509_vfy.h kssl_lcl.h s3_clnt.c ssl_locl.h
s3_enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s3_enc.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-s3_enc.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-s3_enc.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
-s3_enc.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-s3_enc.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-s3_enc.o: ../include/openssl/err.h ../include/openssl/evp.h
-s3_enc.o: ../include/openssl/fips.h ../include/openssl/hmac.h
+s3_enc.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+s3_enc.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+s3_enc.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+s3_enc.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+s3_enc.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+s3_enc.o: ../include/openssl/evp.h ../include/openssl/hmac.h
s3_enc.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
s3_enc.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
s3_enc.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
s3_enc.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
s3_enc.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-s3_enc.o: ../include/openssl/pkcs7.h ../include/openssl/pq_compat.h
-s3_enc.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
-s3_enc.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s3_enc.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+s3_enc.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+s3_enc.o: ../include/openssl/sha.h ../include/openssl/srtp.h
s3_enc.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
s3_enc.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
s3_enc.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
s3_enc.o: ../include/openssl/tls1.h ../include/openssl/x509.h
s3_enc.o: ../include/openssl/x509_vfy.h s3_enc.c ssl_locl.h
-s3_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s3_lib.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-s3_lib.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-s3_lib.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-s3_lib.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-s3_lib.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-s3_lib.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-s3_lib.o: ../include/openssl/evp.h ../include/openssl/fips.h
+s3_lib.o: ../crypto/ec/ec_lcl.h ../e_os.h ../include/openssl/asn1.h
+s3_lib.o: ../include/openssl/bio.h ../include/openssl/bn.h
+s3_lib.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+s3_lib.o: ../include/openssl/crypto.h ../include/openssl/dh.h
+s3_lib.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+s3_lib.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
+s3_lib.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
+s3_lib.o: ../include/openssl/err.h ../include/openssl/evp.h
s3_lib.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
s3_lib.o: ../include/openssl/lhash.h ../include/openssl/md5.h
s3_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
@@ -625,9 +626,9 @@
s3_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
s3_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
s3_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s3_lib.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h
-s3_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s3_lib.o: ../include/openssl/sha.h ../include/openssl/ssl.h
+s3_lib.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+s3_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s3_lib.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
s3_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
s3_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
s3_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
@@ -634,21 +635,20 @@
s3_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h kssl_lcl.h
s3_lib.o: s3_lib.c ssl_locl.h
s3_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s3_meth.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-s3_meth.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-s3_meth.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
-s3_meth.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-s3_meth.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-s3_meth.o: ../include/openssl/err.h ../include/openssl/evp.h
-s3_meth.o: ../include/openssl/fips.h ../include/openssl/hmac.h
+s3_meth.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+s3_meth.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+s3_meth.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+s3_meth.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+s3_meth.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+s3_meth.o: ../include/openssl/evp.h ../include/openssl/hmac.h
s3_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
s3_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
s3_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
s3_meth.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
s3_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s3_meth.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h
-s3_meth.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s3_meth.o: ../include/openssl/sha.h ../include/openssl/ssl.h
+s3_meth.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+s3_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s3_meth.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
s3_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
s3_meth.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
s3_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
@@ -655,26 +655,25 @@
s3_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s3_meth.c
s3_meth.o: ssl_locl.h
s3_pkt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s3_pkt.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-s3_pkt.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-s3_pkt.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
-s3_pkt.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-s3_pkt.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-s3_pkt.o: ../include/openssl/err.h ../include/openssl/evp.h
-s3_pkt.o: ../include/openssl/fips.h ../include/openssl/hmac.h
+s3_pkt.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+s3_pkt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+s3_pkt.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+s3_pkt.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+s3_pkt.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+s3_pkt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
s3_pkt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
s3_pkt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
s3_pkt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
s3_pkt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
s3_pkt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s3_pkt.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h
+s3_pkt.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
s3_pkt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s3_pkt.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-s3_pkt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s3_pkt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s3_pkt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s3_pkt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s3_pkt.c
-s3_pkt.o: ssl_locl.h
+s3_pkt.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+s3_pkt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+s3_pkt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+s3_pkt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+s3_pkt.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+s3_pkt.o: ../include/openssl/x509_vfy.h s3_pkt.c ssl_locl.h
s3_srvr.o: ../crypto/constant_time_locl.h ../e_os.h ../include/openssl/asn1.h
s3_srvr.o: ../include/openssl/bio.h ../include/openssl/bn.h
s3_srvr.o: ../include/openssl/buffer.h ../include/openssl/comp.h
@@ -683,37 +682,36 @@
s3_srvr.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
s3_srvr.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
s3_srvr.o: ../include/openssl/err.h ../include/openssl/evp.h
-s3_srvr.o: ../include/openssl/fips.h ../include/openssl/hmac.h
-s3_srvr.o: ../include/openssl/krb5_asn.h ../include/openssl/kssl.h
-s3_srvr.o: ../include/openssl/lhash.h ../include/openssl/md5.h
-s3_srvr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-s3_srvr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s3_srvr.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-s3_srvr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s3_srvr.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h
+s3_srvr.o: ../include/openssl/hmac.h ../include/openssl/krb5_asn.h
+s3_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s3_srvr.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
+s3_srvr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+s3_srvr.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+s3_srvr.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+s3_srvr.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
s3_srvr.o: ../include/openssl/rand.h ../include/openssl/rsa.h
s3_srvr.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s3_srvr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s3_srvr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s3_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s3_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-s3_srvr.o: ../include/openssl/x509_vfy.h kssl_lcl.h s3_srvr.c ssl_locl.h
+s3_srvr.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s3_srvr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s3_srvr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s3_srvr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s3_srvr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h kssl_lcl.h
+s3_srvr.o: s3_srvr.c ssl_locl.h
ssl_algs.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-ssl_algs.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-ssl_algs.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-ssl_algs.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
-ssl_algs.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-ssl_algs.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-ssl_algs.o: ../include/openssl/err.h ../include/openssl/evp.h
-ssl_algs.o: ../include/openssl/fips.h ../include/openssl/hmac.h
+ssl_algs.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+ssl_algs.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+ssl_algs.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+ssl_algs.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+ssl_algs.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+ssl_algs.o: ../include/openssl/evp.h ../include/openssl/hmac.h
ssl_algs.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
ssl_algs.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
ssl_algs.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
ssl_algs.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
ssl_algs.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-ssl_algs.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h
-ssl_algs.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-ssl_algs.o: ../include/openssl/sha.h ../include/openssl/ssl.h
+ssl_algs.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+ssl_algs.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_algs.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
ssl_algs.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
ssl_algs.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
ssl_algs.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
@@ -720,21 +718,20 @@
ssl_algs.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_algs.c
ssl_algs.o: ssl_locl.h
ssl_asn1.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/asn1_mac.h
-ssl_asn1.o: ../include/openssl/bio.h ../include/openssl/bn.h
-ssl_asn1.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-ssl_asn1.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-ssl_asn1.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-ssl_asn1.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-ssl_asn1.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-ssl_asn1.o: ../include/openssl/evp.h ../include/openssl/fips.h
+ssl_asn1.o: ../include/openssl/bio.h ../include/openssl/buffer.h
+ssl_asn1.o: ../include/openssl/comp.h ../include/openssl/crypto.h
+ssl_asn1.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+ssl_asn1.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
+ssl_asn1.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
+ssl_asn1.o: ../include/openssl/err.h ../include/openssl/evp.h
ssl_asn1.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
ssl_asn1.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
ssl_asn1.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
ssl_asn1.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
ssl_asn1.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-ssl_asn1.o: ../include/openssl/pkcs7.h ../include/openssl/pq_compat.h
-ssl_asn1.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
-ssl_asn1.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_asn1.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+ssl_asn1.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+ssl_asn1.o: ../include/openssl/sha.h ../include/openssl/srtp.h
ssl_asn1.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
ssl_asn1.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
ssl_asn1.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
@@ -748,89 +745,84 @@
ssl_cert.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
ssl_cert.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
ssl_cert.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-ssl_cert.o: ../include/openssl/evp.h ../include/openssl/fips.h
-ssl_cert.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
-ssl_cert.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-ssl_cert.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-ssl_cert.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-ssl_cert.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-ssl_cert.o: ../include/openssl/pkcs7.h ../include/openssl/pq_compat.h
+ssl_cert.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+ssl_cert.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+ssl_cert.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ssl_cert.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+ssl_cert.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+ssl_cert.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
ssl_cert.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
ssl_cert.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-ssl_cert.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-ssl_cert.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-ssl_cert.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-ssl_cert.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-ssl_cert.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h
-ssl_cert.o: ssl_cert.c ssl_locl.h
+ssl_cert.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ssl_cert.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssl_cert.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssl_cert.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssl_cert.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+ssl_cert.o: ../include/openssl/x509v3.h ssl_cert.c ssl_locl.h
ssl_ciph.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-ssl_ciph.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-ssl_ciph.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-ssl_ciph.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
-ssl_ciph.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-ssl_ciph.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
+ssl_ciph.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+ssl_ciph.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+ssl_ciph.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+ssl_ciph.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+ssl_ciph.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
ssl_ciph.o: ../include/openssl/err.h ../include/openssl/evp.h
-ssl_ciph.o: ../include/openssl/fips.h ../include/openssl/hmac.h
-ssl_ciph.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-ssl_ciph.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-ssl_ciph.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-ssl_ciph.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-ssl_ciph.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-ssl_ciph.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h
+ssl_ciph.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
+ssl_ciph.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+ssl_ciph.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+ssl_ciph.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+ssl_ciph.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+ssl_ciph.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
ssl_ciph.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-ssl_ciph.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-ssl_ciph.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-ssl_ciph.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-ssl_ciph.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-ssl_ciph.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_ciph.c
-ssl_ciph.o: ssl_locl.h
+ssl_ciph.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+ssl_ciph.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+ssl_ciph.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+ssl_ciph.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+ssl_ciph.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+ssl_ciph.o: ../include/openssl/x509_vfy.h ssl_ciph.c ssl_locl.h
ssl_err.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-ssl_err.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-ssl_err.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-ssl_err.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-ssl_err.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-ssl_err.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-ssl_err.o: ../include/openssl/evp.h ../include/openssl/fips.h
+ssl_err.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+ssl_err.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h
+ssl_err.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
+ssl_err.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
+ssl_err.o: ../include/openssl/err.h ../include/openssl/evp.h
ssl_err.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
ssl_err.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
ssl_err.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
ssl_err.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
ssl_err.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-ssl_err.o: ../include/openssl/pkcs7.h ../include/openssl/pq_compat.h
-ssl_err.o: ../include/openssl/pqueue.h ../include/openssl/safestack.h
-ssl_err.o: ../include/openssl/sha.h ../include/openssl/ssl.h
+ssl_err.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+ssl_err.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_err.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
ssl_err.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
ssl_err.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
ssl_err.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
ssl_err.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_err.c
ssl_err2.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-ssl_err2.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-ssl_err2.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-ssl_err2.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-ssl_err2.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-ssl_err2.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-ssl_err2.o: ../include/openssl/evp.h ../include/openssl/fips.h
+ssl_err2.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+ssl_err2.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h
+ssl_err2.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
+ssl_err2.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
+ssl_err2.o: ../include/openssl/err.h ../include/openssl/evp.h
ssl_err2.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
ssl_err2.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
ssl_err2.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
ssl_err2.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
ssl_err2.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-ssl_err2.o: ../include/openssl/pkcs7.h ../include/openssl/pq_compat.h
-ssl_err2.o: ../include/openssl/pqueue.h ../include/openssl/safestack.h
-ssl_err2.o: ../include/openssl/sha.h ../include/openssl/ssl.h
+ssl_err2.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+ssl_err2.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_err2.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
ssl_err2.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
ssl_err2.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
ssl_err2.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
ssl_err2.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_err2.c
ssl_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-ssl_lib.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-ssl_lib.o: ../include/openssl/comp.h ../include/openssl/conf.h
-ssl_lib.o: ../include/openssl/crypto.h ../include/openssl/dh.h
-ssl_lib.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
-ssl_lib.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-ssl_lib.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-ssl_lib.o: ../include/openssl/engine.h ../include/openssl/err.h
-ssl_lib.o: ../include/openssl/evp.h ../include/openssl/fips.h
+ssl_lib.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+ssl_lib.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+ssl_lib.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+ssl_lib.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+ssl_lib.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+ssl_lib.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
+ssl_lib.o: ../include/openssl/err.h ../include/openssl/evp.h
ssl_lib.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
ssl_lib.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
ssl_lib.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
@@ -837,9 +829,9 @@
ssl_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
ssl_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
ssl_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-ssl_lib.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h
-ssl_lib.o: ../include/openssl/rand.h ../include/openssl/rsa.h
-ssl_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_lib.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+ssl_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+ssl_lib.o: ../include/openssl/sha.h ../include/openssl/srtp.h
ssl_lib.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
ssl_lib.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
ssl_lib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
@@ -847,21 +839,20 @@
ssl_lib.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h kssl_lcl.h
ssl_lib.o: ssl_lib.c ssl_locl.h
ssl_rsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-ssl_rsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-ssl_rsa.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-ssl_rsa.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
-ssl_rsa.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-ssl_rsa.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-ssl_rsa.o: ../include/openssl/err.h ../include/openssl/evp.h
-ssl_rsa.o: ../include/openssl/fips.h ../include/openssl/hmac.h
+ssl_rsa.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+ssl_rsa.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+ssl_rsa.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+ssl_rsa.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+ssl_rsa.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+ssl_rsa.o: ../include/openssl/evp.h ../include/openssl/hmac.h
ssl_rsa.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
ssl_rsa.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
ssl_rsa.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
ssl_rsa.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
ssl_rsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-ssl_rsa.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h
-ssl_rsa.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-ssl_rsa.o: ../include/openssl/sha.h ../include/openssl/ssl.h
+ssl_rsa.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+ssl_rsa.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_rsa.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
ssl_rsa.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
ssl_rsa.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
ssl_rsa.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
@@ -868,22 +859,21 @@
ssl_rsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
ssl_rsa.o: ssl_rsa.c
ssl_sess.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-ssl_sess.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-ssl_sess.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-ssl_sess.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
-ssl_sess.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-ssl_sess.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-ssl_sess.o: ../include/openssl/engine.h ../include/openssl/err.h
-ssl_sess.o: ../include/openssl/evp.h ../include/openssl/fips.h
+ssl_sess.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+ssl_sess.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+ssl_sess.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+ssl_sess.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+ssl_sess.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
+ssl_sess.o: ../include/openssl/err.h ../include/openssl/evp.h
ssl_sess.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
ssl_sess.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
ssl_sess.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
ssl_sess.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
ssl_sess.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-ssl_sess.o: ../include/openssl/pkcs7.h ../include/openssl/pq_compat.h
-ssl_sess.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
-ssl_sess.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-ssl_sess.o: ../include/openssl/sha.h ../include/openssl/ssl.h
+ssl_sess.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+ssl_sess.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+ssl_sess.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_sess.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
ssl_sess.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
ssl_sess.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
ssl_sess.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
@@ -890,21 +880,20 @@
ssl_sess.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
ssl_sess.o: ssl_sess.c
ssl_stat.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-ssl_stat.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-ssl_stat.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-ssl_stat.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
-ssl_stat.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-ssl_stat.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-ssl_stat.o: ../include/openssl/err.h ../include/openssl/evp.h
-ssl_stat.o: ../include/openssl/fips.h ../include/openssl/hmac.h
+ssl_stat.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+ssl_stat.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+ssl_stat.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+ssl_stat.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+ssl_stat.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+ssl_stat.o: ../include/openssl/evp.h ../include/openssl/hmac.h
ssl_stat.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
ssl_stat.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
ssl_stat.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
ssl_stat.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
ssl_stat.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-ssl_stat.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h
-ssl_stat.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-ssl_stat.o: ../include/openssl/sha.h ../include/openssl/ssl.h
+ssl_stat.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+ssl_stat.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_stat.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
ssl_stat.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
ssl_stat.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
ssl_stat.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
@@ -911,42 +900,60 @@
ssl_stat.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
ssl_stat.o: ssl_stat.c
ssl_txt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-ssl_txt.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-ssl_txt.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-ssl_txt.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
-ssl_txt.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-ssl_txt.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-ssl_txt.o: ../include/openssl/err.h ../include/openssl/evp.h
-ssl_txt.o: ../include/openssl/fips.h ../include/openssl/hmac.h
+ssl_txt.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+ssl_txt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+ssl_txt.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+ssl_txt.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+ssl_txt.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+ssl_txt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
ssl_txt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
ssl_txt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
ssl_txt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
ssl_txt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
ssl_txt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-ssl_txt.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h
-ssl_txt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-ssl_txt.o: ../include/openssl/sha.h ../include/openssl/ssl.h
+ssl_txt.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+ssl_txt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_txt.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
ssl_txt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
ssl_txt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
ssl_txt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
ssl_txt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
ssl_txt.o: ssl_txt.c
+ssl_utst.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+ssl_utst.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+ssl_utst.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+ssl_utst.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+ssl_utst.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+ssl_utst.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+ssl_utst.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+ssl_utst.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+ssl_utst.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ssl_utst.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+ssl_utst.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+ssl_utst.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+ssl_utst.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+ssl_utst.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_utst.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ssl_utst.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssl_utst.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssl_utst.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssl_utst.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
+ssl_utst.o: ssl_utst.c
t1_clnt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-t1_clnt.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-t1_clnt.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-t1_clnt.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
-t1_clnt.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-t1_clnt.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-t1_clnt.o: ../include/openssl/err.h ../include/openssl/evp.h
-t1_clnt.o: ../include/openssl/fips.h ../include/openssl/hmac.h
+t1_clnt.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+t1_clnt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+t1_clnt.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+t1_clnt.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+t1_clnt.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+t1_clnt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
t1_clnt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
t1_clnt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
t1_clnt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
t1_clnt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
t1_clnt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-t1_clnt.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h
-t1_clnt.o: ../include/openssl/rand.h ../include/openssl/rsa.h
-t1_clnt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+t1_clnt.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+t1_clnt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+t1_clnt.o: ../include/openssl/sha.h ../include/openssl/srtp.h
t1_clnt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
t1_clnt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
t1_clnt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
@@ -953,34 +960,33 @@
t1_clnt.o: ../include/openssl/tls1.h ../include/openssl/x509.h
t1_clnt.o: ../include/openssl/x509_vfy.h ssl_locl.h t1_clnt.c
t1_enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-t1_enc.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-t1_enc.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-t1_enc.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
-t1_enc.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-t1_enc.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-t1_enc.o: ../include/openssl/err.h ../include/openssl/evp.h
-t1_enc.o: ../include/openssl/fips.h ../include/openssl/hmac.h
+t1_enc.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+t1_enc.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+t1_enc.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+t1_enc.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+t1_enc.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+t1_enc.o: ../include/openssl/evp.h ../include/openssl/hmac.h
t1_enc.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
t1_enc.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
t1_enc.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
t1_enc.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
t1_enc.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-t1_enc.o: ../include/openssl/pkcs7.h ../include/openssl/pq_compat.h
-t1_enc.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+t1_enc.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+t1_enc.o: ../include/openssl/rand.h ../include/openssl/rsa.h
t1_enc.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-t1_enc.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-t1_enc.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-t1_enc.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-t1_enc.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-t1_enc.o: ../include/openssl/x509_vfy.h ssl_locl.h t1_enc.c
+t1_enc.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+t1_enc.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+t1_enc.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+t1_enc.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+t1_enc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
+t1_enc.o: t1_enc.c
t1_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-t1_lib.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-t1_lib.o: ../include/openssl/comp.h ../include/openssl/conf.h
-t1_lib.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-t1_lib.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
-t1_lib.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-t1_lib.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-t1_lib.o: ../include/openssl/evp.h ../include/openssl/fips.h
+t1_lib.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+t1_lib.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+t1_lib.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+t1_lib.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
+t1_lib.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
+t1_lib.o: ../include/openssl/err.h ../include/openssl/evp.h
t1_lib.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
t1_lib.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
t1_lib.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
@@ -987,30 +993,30 @@
t1_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
t1_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
t1_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-t1_lib.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h
+t1_lib.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
t1_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-t1_lib.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-t1_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-t1_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-t1_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-t1_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-t1_lib.o: ../include/openssl/x509v3.h ssl_locl.h t1_lib.c
+t1_lib.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+t1_lib.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+t1_lib.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+t1_lib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+t1_lib.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+t1_lib.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h ssl_locl.h
+t1_lib.o: t1_lib.c
t1_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-t1_meth.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-t1_meth.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-t1_meth.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
-t1_meth.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-t1_meth.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-t1_meth.o: ../include/openssl/err.h ../include/openssl/evp.h
-t1_meth.o: ../include/openssl/fips.h ../include/openssl/hmac.h
+t1_meth.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+t1_meth.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+t1_meth.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+t1_meth.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+t1_meth.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+t1_meth.o: ../include/openssl/evp.h ../include/openssl/hmac.h
t1_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
t1_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
t1_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
t1_meth.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
t1_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-t1_meth.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h
-t1_meth.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-t1_meth.o: ../include/openssl/sha.h ../include/openssl/ssl.h
+t1_meth.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+t1_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+t1_meth.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
t1_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
t1_meth.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
t1_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
@@ -1017,21 +1023,20 @@
t1_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
t1_meth.o: t1_meth.c
t1_reneg.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-t1_reneg.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-t1_reneg.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-t1_reneg.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
-t1_reneg.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-t1_reneg.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-t1_reneg.o: ../include/openssl/err.h ../include/openssl/evp.h
-t1_reneg.o: ../include/openssl/fips.h ../include/openssl/hmac.h
+t1_reneg.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+t1_reneg.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+t1_reneg.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+t1_reneg.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+t1_reneg.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+t1_reneg.o: ../include/openssl/evp.h ../include/openssl/hmac.h
t1_reneg.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
t1_reneg.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
t1_reneg.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
t1_reneg.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
t1_reneg.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-t1_reneg.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h
-t1_reneg.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-t1_reneg.o: ../include/openssl/sha.h ../include/openssl/ssl.h
+t1_reneg.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+t1_reneg.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+t1_reneg.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
t1_reneg.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
t1_reneg.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
t1_reneg.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
@@ -1038,23 +1043,43 @@
t1_reneg.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
t1_reneg.o: t1_reneg.c
t1_srvr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-t1_srvr.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-t1_srvr.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-t1_srvr.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
-t1_srvr.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-t1_srvr.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-t1_srvr.o: ../include/openssl/err.h ../include/openssl/evp.h
-t1_srvr.o: ../include/openssl/fips.h ../include/openssl/hmac.h
+t1_srvr.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+t1_srvr.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+t1_srvr.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+t1_srvr.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+t1_srvr.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+t1_srvr.o: ../include/openssl/evp.h ../include/openssl/hmac.h
t1_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
t1_srvr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
t1_srvr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
t1_srvr.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
t1_srvr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-t1_srvr.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h
-t1_srvr.o: ../include/openssl/rand.h ../include/openssl/rsa.h
-t1_srvr.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+t1_srvr.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+t1_srvr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+t1_srvr.o: ../include/openssl/sha.h ../include/openssl/srtp.h
t1_srvr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
t1_srvr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
t1_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
t1_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h
t1_srvr.o: ../include/openssl/x509_vfy.h ssl_locl.h t1_srvr.c
+tls_srp.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+tls_srp.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+tls_srp.o: ../include/openssl/comp.h ../include/openssl/crypto.h
+tls_srp.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+tls_srp.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
+tls_srp.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
+tls_srp.o: ../include/openssl/err.h ../include/openssl/evp.h
+tls_srp.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
+tls_srp.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+tls_srp.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+tls_srp.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+tls_srp.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+tls_srp.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+tls_srp.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+tls_srp.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+tls_srp.o: ../include/openssl/srp.h ../include/openssl/srtp.h
+tls_srp.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+tls_srp.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+tls_srp.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+tls_srp.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+tls_srp.o: ../include/openssl/x509_vfy.h ssl_locl.h tls_srp.c
Modified: trunk/crypto/openssl/ssl/bio_ssl.c
===================================================================
--- trunk/crypto/openssl/ssl/bio_ssl.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/ssl/bio_ssl.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -388,15 +388,19 @@
}
break;
case BIO_CTRL_POP:
- /* ugly bit of a hack */
- if (ssl->rbio != ssl->wbio) { /* we are in trouble :-( */
- BIO_free_all(ssl->wbio);
+ /* Only detach if we are the BIO explicitly being popped */
+ if (b == ptr) {
+ /*
+ * Shouldn't happen in practice because the rbio and wbio are the
+ * same when pushed.
+ */
+ if (ssl->rbio != ssl->wbio)
+ BIO_free_all(ssl->wbio);
+ if (b->next_bio != NULL)
+ CRYPTO_add(&b->next_bio->references, -1, CRYPTO_LOCK_BIO);
+ ssl->wbio = NULL;
+ ssl->rbio = NULL;
}
- if (b->next_bio != NULL) {
- CRYPTO_add(&b->next_bio->references, 1, CRYPTO_LOCK_BIO);
- }
- ssl->wbio = NULL;
- ssl->rbio = NULL;
break;
case BIO_C_DO_STATE_MACHINE:
BIO_clear_retry_flags(b);
@@ -518,6 +522,7 @@
BIO *BIO_new_ssl_connect(SSL_CTX *ctx)
{
+#ifndef OPENSSL_NO_SOCK
BIO *ret = NULL, *con = NULL, *ssl = NULL;
if ((con = BIO_new(BIO_s_connect())) == NULL)
@@ -530,8 +535,7 @@
err:
if (con != NULL)
BIO_free(con);
- if (ret != NULL)
- BIO_free(ret);
+#endif
return (NULL);
}
Modified: trunk/crypto/openssl/ssl/d1_both.c
===================================================================
--- trunk/crypto/openssl/ssl/d1_both.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/ssl/d1_both.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -158,9 +158,8 @@
{ 0xff, 0x01, 0x03, 0x07, 0x0f, 0x1f, 0x3f, 0x7f };
/* XDTLS: figure out the right values */
-static unsigned int g_probable_mtu[] = { 1500 - 28, 512 - 28, 256 - 28 };
+static const unsigned int g_probable_mtu[] = { 1500, 512, 256 };
-static unsigned int dtls1_guess_mtu(unsigned int curr_mtu);
static void dtls1_fix_message_header(SSL *s, unsigned long frag_off,
unsigned long frag_len);
static unsigned char *dtls1_write_message_header(SSL *s, unsigned char *p);
@@ -212,8 +211,15 @@
return frag;
}
-static void dtls1_hm_fragment_free(hm_fragment *frag)
+void dtls1_hm_fragment_free(hm_fragment *frag)
{
+
+ if (frag->msg_header.is_ccs) {
+ EVP_CIPHER_CTX_free(frag->msg_header.
+ saved_retransmit_state.enc_write_ctx);
+ EVP_MD_CTX_destroy(frag->msg_header.
+ saved_retransmit_state.write_hash);
+ }
if (frag->fragment)
OPENSSL_free(frag->fragment);
if (frag->reassembly)
@@ -221,6 +227,36 @@
OPENSSL_free(frag);
}
+static int dtls1_query_mtu(SSL *s)
+{
+ if (s->d1->link_mtu) {
+ s->d1->mtu =
+ s->d1->link_mtu - BIO_dgram_get_mtu_overhead(SSL_get_wbio(s));
+ s->d1->link_mtu = 0;
+ }
+
+ /* AHA! Figure out the MTU, and stick to the right size */
+ if (s->d1->mtu < dtls1_min_mtu(s)) {
+ if (!(SSL_get_options(s) & SSL_OP_NO_QUERY_MTU)) {
+ s->d1->mtu =
+ BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_QUERY_MTU, 0, NULL);
+
+ /*
+ * I've seen the kernel return bogus numbers when it doesn't know
+ * (initial write), so just make sure we have a reasonable number
+ */
+ if (s->d1->mtu < dtls1_min_mtu(s)) {
+ /* Set to min mtu */
+ s->d1->mtu = dtls1_min_mtu(s);
+ BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SET_MTU,
+ s->d1->mtu, NULL);
+ }
+ } else
+ return 0;
+ }
+ return 1;
+}
+
/*
* send s->init_buf in records of type 'type' (SSL3_RT_HANDSHAKE or
* SSL3_RT_CHANGE_CIPHER_SPEC)
@@ -228,51 +264,16 @@
int dtls1_do_write(SSL *s, int type)
{
int ret;
- int curr_mtu;
- unsigned int len, frag_off, mac_size, blocksize;
+ unsigned int curr_mtu;
+ int retry = 1;
+ unsigned int len, frag_off, mac_size, blocksize, used_len;
- /* AHA! Figure out the MTU, and stick to the right size */
- if (s->d1->mtu < dtls1_min_mtu()
- && !(SSL_get_options(s) & SSL_OP_NO_QUERY_MTU)) {
- s->d1->mtu =
- BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_QUERY_MTU, 0, NULL);
+ if (!dtls1_query_mtu(s))
+ return -1;
- /*
- * I've seen the kernel return bogus numbers when it doesn't know
- * (initial write), so just make sure we have a reasonable number
- */
- if (s->d1->mtu < dtls1_min_mtu()) {
- s->d1->mtu = 0;
- s->d1->mtu = dtls1_guess_mtu(s->d1->mtu);
- BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SET_MTU,
- s->d1->mtu, NULL);
- }
- }
-#if 0
- mtu = s->d1->mtu;
+ OPENSSL_assert(s->d1->mtu >= dtls1_min_mtu(s)); /* should have something
+ * reasonable now */
- fprintf(stderr, "using MTU = %d\n", mtu);
-
- mtu -= (DTLS1_HM_HEADER_LENGTH + DTLS1_RT_HEADER_LENGTH);
-
- curr_mtu = mtu - BIO_wpending(SSL_get_wbio(s));
-
- if (curr_mtu > 0)
- mtu = curr_mtu;
- else if ((ret = BIO_flush(SSL_get_wbio(s))) <= 0)
- return ret;
-
- if (BIO_wpending(SSL_get_wbio(s)) + s->init_num >= mtu) {
- ret = BIO_flush(SSL_get_wbio(s));
- if (ret <= 0)
- return ret;
- mtu = s->d1->mtu - (DTLS1_HM_HEADER_LENGTH + DTLS1_RT_HEADER_LENGTH);
- }
-#endif
-
- OPENSSL_assert(s->d1->mtu >= dtls1_min_mtu()); /* should have something
- * reasonable now */
-
if (s->init_off == 0 && type == SSL3_RT_HANDSHAKE)
OPENSSL_assert(s->init_num ==
(int)s->d1->w_msg_hdr.msg_len +
@@ -279,7 +280,7 @@
DTLS1_HM_HEADER_LENGTH);
if (s->write_hash)
- mac_size = EVP_MD_size(s->write_hash);
+ mac_size = EVP_MD_CTX_size(s->write_hash);
else
mac_size = 0;
@@ -290,9 +291,14 @@
blocksize = 0;
frag_off = 0;
- while (s->init_num) {
- curr_mtu = s->d1->mtu - BIO_wpending(SSL_get_wbio(s)) -
- DTLS1_RT_HEADER_LENGTH - mac_size - blocksize;
+ /* s->init_num shouldn't ever be < 0...but just in case */
+ while (s->init_num > 0) {
+ used_len = BIO_wpending(SSL_get_wbio(s)) + DTLS1_RT_HEADER_LENGTH
+ + mac_size + blocksize;
+ if (s->d1->mtu > used_len)
+ curr_mtu = s->d1->mtu - used_len;
+ else
+ curr_mtu = 0;
if (curr_mtu <= DTLS1_HM_HEADER_LENGTH) {
/*
@@ -301,15 +307,27 @@
ret = BIO_flush(SSL_get_wbio(s));
if (ret <= 0)
return ret;
- curr_mtu = s->d1->mtu - DTLS1_RT_HEADER_LENGTH -
- mac_size - blocksize;
+ used_len = DTLS1_RT_HEADER_LENGTH + mac_size + blocksize;
+ if (s->d1->mtu > used_len + DTLS1_HM_HEADER_LENGTH) {
+ curr_mtu = s->d1->mtu - used_len;
+ } else {
+ /* Shouldn't happen */
+ return -1;
+ }
}
- if (s->init_num > curr_mtu)
+ /*
+ * We just checked that s->init_num > 0 so this cast should be safe
+ */
+ if (((unsigned int)s->init_num) > curr_mtu)
len = curr_mtu;
else
len = s->init_num;
+ /* Shouldn't ever happen */
+ if (len > INT_MAX)
+ len = INT_MAX;
+
/*
* XDTLS: this function is too long. split out the CCS part
*/
@@ -319,12 +337,27 @@
s->init_off -= DTLS1_HM_HEADER_LENGTH;
s->init_num += DTLS1_HM_HEADER_LENGTH;
- if (s->init_num > curr_mtu)
+ /*
+ * We just checked that s->init_num > 0 so this cast should
+ * be safe
+ */
+ if (((unsigned int)s->init_num) > curr_mtu)
len = curr_mtu;
else
len = s->init_num;
}
+ /* Shouldn't ever happen */
+ if (len > INT_MAX)
+ len = INT_MAX;
+
+ if (len < DTLS1_HM_HEADER_LENGTH) {
+ /*
+ * len is so small that we really can't do anything sensible
+ * so fail
+ */
+ return -1;
+ }
dtls1_fix_message_header(s, frag_off,
len - DTLS1_HM_HEADER_LENGTH);
@@ -331,8 +364,6 @@
dtls1_write_message_header(s,
(unsigned char *)&s->init_buf->
data[s->init_off]);
-
- OPENSSL_assert(len >= DTLS1_HM_HEADER_LENGTH);
}
ret = dtls1_write_bytes(s, type, &s->init_buf->data[s->init_off],
@@ -344,12 +375,18 @@
* retransmit anything. continue as if everything is fine and
* wait for an alert to handle the retransmit
*/
- if (BIO_ctrl(SSL_get_wbio(s),
- BIO_CTRL_DGRAM_MTU_EXCEEDED, 0, NULL) > 0)
- s->d1->mtu = BIO_ctrl(SSL_get_wbio(s),
- BIO_CTRL_DGRAM_QUERY_MTU, 0, NULL);
- else
+ if (retry && BIO_ctrl(SSL_get_wbio(s),
+ BIO_CTRL_DGRAM_MTU_EXCEEDED, 0, NULL) > 0) {
+ if (!(SSL_get_options(s) & SSL_OP_NO_QUERY_MTU)) {
+ if (!dtls1_query_mtu(s))
+ return -1;
+ /* Have one more go */
+ retry = 0;
+ } else
+ return -1;
+ } else {
return (-1);
+ }
} else {
/*
@@ -368,7 +405,7 @@
const struct hm_header_st *msg_hdr = &s->d1->w_msg_hdr;
int xlen;
- if (frag_off == 0 && s->client_version != DTLS1_BAD_VER) {
+ if (frag_off == 0 && s->version != DTLS1_BAD_VER) {
/*
* reconstruct message header is if it is being sent in
* single fragment
@@ -448,6 +485,12 @@
return i;
}
+ if (mt >= 0 && s->s3->tmp.message_type != mt) {
+ al = SSL_AD_UNEXPECTED_MESSAGE;
+ SSLerr(SSL_F_DTLS1_GET_MESSAGE, SSL_R_UNEXPECTED_MESSAGE);
+ goto f_err;
+ }
+
p = (unsigned char *)s->init_buf->data;
msg_len = msg_hdr->msg_len;
@@ -508,7 +551,7 @@
* above
*/
if (!BUF_MEM_grow_clean
- (s->init_buf, (int)msg_len + DTLS1_HM_HEADER_LENGTH)) {
+ (s->init_buf, msg_len + DTLS1_HM_HEADER_LENGTH)) {
SSLerr(SSL_F_DTLS1_PREPROCESS_FRAGMENT, ERR_R_BUF_LIB);
return SSL_AD_INTERNAL_ERROR;
}
@@ -602,7 +645,7 @@
hm_fragment *frag = NULL;
pitem *item = NULL;
int i = -1, is_complete;
- PQ_64BIT seq64;
+ unsigned char seq64be[8];
unsigned long frag_len = msg_hdr->frag_len;
if ((msg_hdr->frag_off + frag_len) > msg_hdr->msg_len ||
@@ -613,10 +656,10 @@
return DTLS1_HM_FRAGMENT_RETRY;
/* Try to find item in queue */
- pq_64bit_init(&seq64);
- pq_64bit_assign_word(&seq64, msg_hdr->seq);
- item = pqueue_find(s->d1->buffered_messages, seq64);
- pq_64bit_free(&seq64);
+ memset(seq64be, 0, sizeof(seq64be));
+ seq64be[6] = (unsigned char)(msg_hdr->seq >> 8);
+ seq64be[7] = (unsigned char)msg_hdr->seq;
+ item = pqueue_find(s->d1->buffered_messages, seq64be);
if (item == NULL) {
frag = dtls1_hm_fragment_new(msg_hdr->msg_len, 1);
@@ -676,11 +719,7 @@
}
if (item == NULL) {
- pq_64bit_init(&seq64);
- pq_64bit_assign_word(&seq64, msg_hdr->seq);
- item = pitem_new(seq64, frag);
- pq_64bit_free(&seq64);
-
+ item = pitem_new(seq64be, frag);
if (item == NULL) {
i = -1;
goto err;
@@ -712,7 +751,7 @@
int i = -1;
hm_fragment *frag = NULL;
pitem *item = NULL;
- PQ_64BIT seq64;
+ unsigned char seq64be[8];
unsigned long frag_len = msg_hdr->frag_len;
if ((msg_hdr->frag_off + frag_len) > msg_hdr->msg_len)
@@ -719,10 +758,10 @@
goto err;
/* Try to find item in queue, to prevent duplicate entries */
- pq_64bit_init(&seq64);
- pq_64bit_assign_word(&seq64, msg_hdr->seq);
- item = pqueue_find(s->d1->buffered_messages, seq64);
- pq_64bit_free(&seq64);
+ memset(seq64be, 0, sizeof(seq64be));
+ seq64be[6] = (unsigned char)(msg_hdr->seq >> 8);
+ seq64be[7] = (unsigned char)msg_hdr->seq;
+ item = pqueue_find(s->d1->buffered_messages, seq64be);
/*
* If we already have an entry and this one is a fragment, don't discard
@@ -767,7 +806,7 @@
if (frag_len) {
/*
- * read the body of the fragment (header has already been read)
+ * read the body of the fragment (header has already been read
*/
i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE,
frag->fragment, frag_len, 0);
@@ -777,11 +816,7 @@
goto err;
}
- pq_64bit_init(&seq64);
- pq_64bit_assign_word(&seq64, msg_hdr->seq);
-
- item = pitem_new(seq64, frag);
- pq_64bit_free(&seq64);
+ item = pitem_new(seq64be, frag);
if (item == NULL)
goto err;
@@ -840,7 +875,21 @@
/* parse the message fragment header */
dtls1_get_message_header(wire, &msg_hdr);
+ len = msg_hdr.msg_len;
+ frag_off = msg_hdr.frag_off;
+ frag_len = msg_hdr.frag_len;
+
/*
+ * We must have at least frag_len bytes left in the record to be read.
+ * Fragments must not span records.
+ */
+ if (frag_len > s->s3->rrec.length) {
+ al = SSL3_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT, SSL_R_BAD_LENGTH);
+ goto f_err;
+ }
+
+ /*
* if this is a future (or stale) message it gets buffered
* (or dropped)--no further processing at this time
* While listening, we accept seq 1 (ClientHello with cookie)
@@ -850,10 +899,6 @@
&& !(s->d1->listen && msg_hdr.seq == 1))
return dtls1_process_out_of_seq_message(s, &msg_hdr, ok);
- len = msg_hdr.msg_len;
- frag_off = msg_hdr.frag_off;
- frag_len = msg_hdr.frag_len;
-
if (frag_len && frag_len < len)
return dtls1_reassemble_fragment(s, &msg_hdr, ok);
@@ -884,9 +929,6 @@
if ((al = dtls1_preprocess_fragment(s, &msg_hdr, max)))
goto f_err;
- /* XDTLS: ressurect this when restart is in place */
- s->state = stn;
-
if (frag_len > 0) {
unsigned char *p =
(unsigned char *)s->init_buf->data + DTLS1_HM_HEADER_LENGTH;
@@ -893,8 +935,10 @@
i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE,
&p[frag_off], frag_len, 0);
+
/*
- * XDTLS: fix this--message fragments cannot span multiple packets
+ * This shouldn't ever fail due to NBIO because we already checked
+ * that we have enough data in the record
*/
if (i <= 0) {
s->rwstate = SSL_READING;
@@ -915,6 +959,7 @@
}
*ok = 1;
+ s->state = stn;
/*
* Note that s->init_num is *not* used as current offset in
@@ -944,8 +989,6 @@
p = &(d[DTLS1_HM_HEADER_LENGTH]);
i = s->method->ssl3_enc->final_finish_mac(s,
- &(s->s3->finish_dgst1),
- &(s->s3->finish_dgst2),
sender, slen,
s->s3->tmp.finish_md);
s->s3->tmp.finish_md_len = i;
@@ -1007,7 +1050,7 @@
s->d1->handshake_write_seq = s->d1->next_handshake_write_seq;
s->init_num = DTLS1_CCS_HEADER_LENGTH;
- if (s->client_version == DTLS1_BAD_VER) {
+ if (s->version == DTLS1_BAD_VER) {
s->d1->next_handshake_write_seq++;
s2n(s->d1->handshake_write_seq, p);
s->init_num += 2;
@@ -1113,9 +1156,14 @@
*/
return code;
}
-
+#ifndef OPENSSL_NO_HEARTBEATS
/* done, no need to send a retransmit */
- if (!SSL_in_init(s)) {
+ if (!SSL_in_init(s) && !s->tlsext_hb_pending)
+#else
+ /* done, no need to send a retransmit */
+ if (!SSL_in_init(s))
+#endif
+ {
BIO_set_flags(SSL_get_rbio(s), BIO_FLAGS_READ);
return code;
}
@@ -1181,7 +1229,7 @@
{
pitem *item;
hm_fragment *frag;
- PQ_64BIT seq64;
+ unsigned char seq64be[8];
/*
* this function is called immediately after a message has been
@@ -1197,7 +1245,9 @@
if (is_ccs) {
OPENSSL_assert(s->d1->w_msg_hdr.msg_len +
- DTLS1_CCS_HEADER_LENGTH <= (unsigned int)s->init_num);
+ ((s->version ==
+ DTLS1_VERSION) ? DTLS1_CCS_HEADER_LENGTH : 3) ==
+ (unsigned int)s->init_num);
} else {
OPENSSL_assert(s->d1->w_msg_hdr.msg_len +
DTLS1_HM_HEADER_LENGTH == (unsigned int)s->init_num);
@@ -1217,14 +1267,17 @@
frag->msg_header.saved_retransmit_state.session = s->session;
frag->msg_header.saved_retransmit_state.epoch = s->d1->w_epoch;
- pq_64bit_init(&seq64);
+ memset(seq64be, 0, sizeof(seq64be));
+ seq64be[6] =
+ (unsigned
+ char)(dtls1_get_queue_priority(frag->msg_header.seq,
+ frag->msg_header.is_ccs) >> 8);
+ seq64be[7] =
+ (unsigned
+ char)(dtls1_get_queue_priority(frag->msg_header.seq,
+ frag->msg_header.is_ccs));
- pq_64bit_assign_word(&seq64,
- dtls1_get_queue_priority(frag->msg_header.seq,
- frag->msg_header.is_ccs));
-
- item = pitem_new(seq64, frag);
- pq_64bit_free(&seq64);
+ item = pitem_new(seq64be, frag);
if (item == NULL) {
dtls1_hm_fragment_free(frag);
return 0;
@@ -1248,7 +1301,7 @@
pitem *item;
hm_fragment *frag;
unsigned long header_length;
- PQ_64BIT seq64;
+ unsigned char seq64be[8];
struct dtls1_retransmit_state saved_state;
unsigned char save_write_sequence[8];
@@ -1258,11 +1311,11 @@
*/
/* XDTLS: the requested message ought to be found, otherwise error */
- pq_64bit_init(&seq64);
- pq_64bit_assign_word(&seq64, seq);
+ memset(seq64be, 0, sizeof(seq64be));
+ seq64be[6] = (unsigned char)(seq >> 8);
+ seq64be[7] = (unsigned char)seq;
- item = pqueue_find(s->d1->sent_messages, seq64);
- pq_64bit_free(&seq64);
+ item = pqueue_find(s->d1->sent_messages, seq64be);
if (item == NULL) {
fprintf(stderr, "retransmit: message %d non-existant\n", seq);
*found = 0;
@@ -1403,24 +1456,15 @@
return p;
}
-unsigned int dtls1_min_mtu(void)
+unsigned int dtls1_link_min_mtu(void)
{
return (g_probable_mtu[(sizeof(g_probable_mtu) /
sizeof(g_probable_mtu[0])) - 1]);
}
-static unsigned int dtls1_guess_mtu(unsigned int curr_mtu)
+unsigned int dtls1_min_mtu(SSL *s)
{
- size_t i;
-
- if (curr_mtu == 0)
- return g_probable_mtu[0];
-
- for (i = 0; i < sizeof(g_probable_mtu) / sizeof(g_probable_mtu[0]); i++)
- if (curr_mtu > g_probable_mtu[i])
- return g_probable_mtu[i];
-
- return curr_mtu;
+ return dtls1_link_min_mtu() - BIO_dgram_get_mtu_overhead(SSL_get_wbio(s));
}
void
@@ -1441,3 +1485,183 @@
ccs_hdr->type = *(data++);
}
+
+int dtls1_shutdown(SSL *s)
+{
+ int ret;
+#ifndef OPENSSL_NO_SCTP
+ if (BIO_dgram_is_sctp(SSL_get_wbio(s)) &&
+ !(s->shutdown & SSL_SENT_SHUTDOWN)) {
+ ret = BIO_dgram_sctp_wait_for_dry(SSL_get_wbio(s));
+ if (ret < 0)
+ return -1;
+
+ if (ret == 0)
+ BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_SAVE_SHUTDOWN, 1,
+ NULL);
+ }
+#endif
+ ret = ssl3_shutdown(s);
+#ifndef OPENSSL_NO_SCTP
+ BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_SAVE_SHUTDOWN, 0, NULL);
+#endif
+ return ret;
+}
+
+#ifndef OPENSSL_NO_HEARTBEATS
+int dtls1_process_heartbeat(SSL *s)
+{
+ unsigned char *p = &s->s3->rrec.data[0], *pl;
+ unsigned short hbtype;
+ unsigned int payload;
+ unsigned int padding = 16; /* Use minimum padding */
+
+ if (s->msg_callback)
+ s->msg_callback(0, s->version, TLS1_RT_HEARTBEAT,
+ &s->s3->rrec.data[0], s->s3->rrec.length,
+ s, s->msg_callback_arg);
+
+ /* Read type and payload length first */
+ if (1 + 2 + 16 > s->s3->rrec.length)
+ return 0; /* silently discard */
+ if (s->s3->rrec.length > SSL3_RT_MAX_PLAIN_LENGTH)
+ return 0; /* silently discard per RFC 6520 sec. 4 */
+
+ hbtype = *p++;
+ n2s(p, payload);
+ if (1 + 2 + payload + 16 > s->s3->rrec.length)
+ return 0; /* silently discard per RFC 6520 sec. 4 */
+ pl = p;
+
+ if (hbtype == TLS1_HB_REQUEST) {
+ unsigned char *buffer, *bp;
+ unsigned int write_length = 1 /* heartbeat type */ +
+ 2 /* heartbeat length */ +
+ payload + padding;
+ int r;
+
+ if (write_length > SSL3_RT_MAX_PLAIN_LENGTH)
+ return 0;
+
+ /*
+ * Allocate memory for the response, size is 1 byte message type,
+ * plus 2 bytes payload length, plus payload, plus padding
+ */
+ buffer = OPENSSL_malloc(write_length);
+ bp = buffer;
+
+ /* Enter response type, length and copy payload */
+ *bp++ = TLS1_HB_RESPONSE;
+ s2n(payload, bp);
+ memcpy(bp, pl, payload);
+ bp += payload;
+ /* Random padding */
+ if (RAND_pseudo_bytes(bp, padding) < 0) {
+ OPENSSL_free(buffer);
+ return -1;
+ }
+
+ r = dtls1_write_bytes(s, TLS1_RT_HEARTBEAT, buffer, write_length);
+
+ if (r >= 0 && s->msg_callback)
+ s->msg_callback(1, s->version, TLS1_RT_HEARTBEAT,
+ buffer, write_length, s, s->msg_callback_arg);
+
+ OPENSSL_free(buffer);
+
+ if (r < 0)
+ return r;
+ } else if (hbtype == TLS1_HB_RESPONSE) {
+ unsigned int seq;
+
+ /*
+ * We only send sequence numbers (2 bytes unsigned int), and 16
+ * random bytes, so we just try to read the sequence number
+ */
+ n2s(pl, seq);
+
+ if (payload == 18 && seq == s->tlsext_hb_seq) {
+ dtls1_stop_timer(s);
+ s->tlsext_hb_seq++;
+ s->tlsext_hb_pending = 0;
+ }
+ }
+
+ return 0;
+}
+
+int dtls1_heartbeat(SSL *s)
+{
+ unsigned char *buf, *p;
+ int ret = -1;
+ unsigned int payload = 18; /* Sequence number + random bytes */
+ unsigned int padding = 16; /* Use minimum padding */
+
+ /* Only send if peer supports and accepts HB requests... */
+ if (!(s->tlsext_heartbeat & SSL_TLSEXT_HB_ENABLED) ||
+ s->tlsext_heartbeat & SSL_TLSEXT_HB_DONT_SEND_REQUESTS) {
+ SSLerr(SSL_F_DTLS1_HEARTBEAT, SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT);
+ return -1;
+ }
+
+ /* ...and there is none in flight yet... */
+ if (s->tlsext_hb_pending) {
+ SSLerr(SSL_F_DTLS1_HEARTBEAT, SSL_R_TLS_HEARTBEAT_PENDING);
+ return -1;
+ }
+
+ /* ...and no handshake in progress. */
+ if (SSL_in_init(s) || s->in_handshake) {
+ SSLerr(SSL_F_DTLS1_HEARTBEAT, SSL_R_UNEXPECTED_MESSAGE);
+ return -1;
+ }
+
+ /*
+ * Check if padding is too long, payload and padding must not exceed 2^14
+ * - 3 = 16381 bytes in total.
+ */
+ OPENSSL_assert(payload + padding <= 16381);
+
+ /*-
+ * Create HeartBeat message, we just use a sequence number
+ * as payload to distuingish different messages and add
+ * some random stuff.
+ * - Message Type, 1 byte
+ * - Payload Length, 2 bytes (unsigned int)
+ * - Payload, the sequence number (2 bytes uint)
+ * - Payload, random bytes (16 bytes uint)
+ * - Padding
+ */
+ buf = OPENSSL_malloc(1 + 2 + payload + padding);
+ p = buf;
+ /* Message Type */
+ *p++ = TLS1_HB_REQUEST;
+ /* Payload length (18 bytes here) */
+ s2n(payload, p);
+ /* Sequence number */
+ s2n(s->tlsext_hb_seq, p);
+ /* 16 random bytes */
+ if (RAND_pseudo_bytes(p, 16) < 0)
+ goto err;
+ p += 16;
+ /* Random padding */
+ if (RAND_pseudo_bytes(p, padding) < 0)
+ goto err;
+
+ ret = dtls1_write_bytes(s, TLS1_RT_HEARTBEAT, buf, 3 + payload + padding);
+ if (ret >= 0) {
+ if (s->msg_callback)
+ s->msg_callback(1, s->version, TLS1_RT_HEARTBEAT,
+ buf, 3 + payload + padding,
+ s, s->msg_callback_arg);
+
+ dtls1_start_timer(s);
+ s->tlsext_hb_pending = 1;
+ }
+
+err:
+ OPENSSL_free(buf);
+
+ return ret;
+}
+#endif
Modified: trunk/crypto/openssl/ssl/d1_clnt.c
===================================================================
--- trunk/crypto/openssl/ssl/d1_clnt.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/ssl/d1_clnt.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -4,7 +4,7 @@
* (nagendra at cs.stanford.edu) for the OpenSSL project 2005.
*/
/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -115,20 +115,23 @@
#include <stdio.h>
#include "ssl_locl.h"
-#include "kssl_lcl.h"
+#ifndef OPENSSL_NO_KRB5
+# include "kssl_lcl.h"
+#endif
#include <openssl/buffer.h>
#include <openssl/rand.h>
#include <openssl/objects.h>
#include <openssl/evp.h>
#include <openssl/md5.h>
+#include <openssl/bn.h>
#ifndef OPENSSL_NO_DH
# include <openssl/dh.h>
#endif
-static SSL_METHOD *dtls1_get_client_method(int ver);
+static const SSL_METHOD *dtls1_get_client_method(int ver);
static int dtls1_get_hello_verify(SSL *s);
-static SSL_METHOD *dtls1_get_client_method(int ver)
+static const SSL_METHOD *dtls1_get_client_method(int ver)
{
if (ver == DTLS1_VERSION || ver == DTLS1_BAD_VER)
return (DTLSv1_client_method());
@@ -146,7 +149,11 @@
unsigned long Time = (unsigned long)time(NULL);
void (*cb) (const SSL *ssl, int type, int val) = NULL;
int ret = -1;
- int new_state, state, skip = 0;;
+ int new_state, state, skip = 0;
+#ifndef OPENSSL_NO_SCTP
+ unsigned char sctpauthkey[64];
+ char labelbuffer[sizeof(DTLS1_SCTP_AUTH_LABEL)];
+#endif
RAND_add(&Time, sizeof(Time), 0);
ERR_clear_error();
@@ -161,12 +168,34 @@
if (!SSL_in_init(s) || SSL_in_before(s))
SSL_clear(s);
+#ifndef OPENSSL_NO_SCTP
+ /*
+ * Notify SCTP BIO socket to enter handshake mode and prevent stream
+ * identifier other than 0. Will be ignored if no SCTP is used.
+ */
+ BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE,
+ s->in_handshake, NULL);
+#endif
+
+#ifndef OPENSSL_NO_HEARTBEATS
+ /*
+ * If we're awaiting a HeartbeatResponse, pretend we already got and
+ * don't await it anymore, because Heartbeats don't make sense during
+ * handshakes anyway.
+ */
+ if (s->tlsext_hb_pending) {
+ dtls1_stop_timer(s);
+ s->tlsext_hb_pending = 0;
+ s->tlsext_hb_seq++;
+ }
+#endif
+
for (;;) {
state = s->state;
switch (s->state) {
case SSL_ST_RENEGOTIATE:
- s->new_session = 1;
+ s->renegotiate = 1;
s->state = SSL_ST_CONNECT;
s->ctx->stats.sess_connect_renegotiate++;
/* break */
@@ -183,6 +212,7 @@
(s->version & 0xff00) != (DTLS1_BAD_VER & 0xff00)) {
SSLerr(SSL_F_DTLS1_CONNECT, ERR_R_INTERNAL_ERROR);
ret = -1;
+ s->state = SSL_ST_ERR;
goto end;
}
@@ -192,10 +222,12 @@
if (s->init_buf == NULL) {
if ((buf = BUF_MEM_new()) == NULL) {
ret = -1;
+ s->state = SSL_ST_ERR;
goto end;
}
if (!BUF_MEM_grow(buf, SSL3_RT_MAX_PLAIN_LENGTH)) {
ret = -1;
+ s->state = SSL_ST_ERR;
goto end;
}
s->init_buf = buf;
@@ -204,6 +236,7 @@
if (!ssl3_setup_buffers(s)) {
ret = -1;
+ s->state = SSL_ST_ERR;
goto end;
}
@@ -210,6 +243,7 @@
/* setup buffing BIO */
if (!ssl_init_wbio_buffer(s, 0)) {
ret = -1;
+ s->state = SSL_ST_ERR;
goto end;
}
@@ -222,8 +256,48 @@
memset(s->s3->client_random, 0, sizeof(s->s3->client_random));
s->d1->send_cookie = 0;
s->hit = 0;
+ s->d1->change_cipher_spec_ok = 0;
+ /*
+ * Should have been reset by ssl3_get_finished, too.
+ */
+ s->s3->change_cipher_spec = 0;
break;
+#ifndef OPENSSL_NO_SCTP
+ case DTLS1_SCTP_ST_CR_READ_SOCK:
+
+ if (BIO_dgram_sctp_msg_waiting(SSL_get_rbio(s))) {
+ s->s3->in_read_app_data = 2;
+ s->rwstate = SSL_READING;
+ BIO_clear_retry_flags(SSL_get_rbio(s));
+ BIO_set_retry_read(SSL_get_rbio(s));
+ ret = -1;
+ goto end;
+ }
+
+ s->state = s->s3->tmp.next_state;
+ break;
+
+ case DTLS1_SCTP_ST_CW_WRITE_SOCK:
+ /* read app data until dry event */
+
+ ret = BIO_dgram_sctp_wait_for_dry(SSL_get_wbio(s));
+ if (ret < 0)
+ goto end;
+
+ if (ret == 0) {
+ s->s3->in_read_app_data = 2;
+ s->rwstate = SSL_READING;
+ BIO_clear_retry_flags(SSL_get_rbio(s));
+ BIO_set_retry_read(SSL_get_rbio(s));
+ ret = -1;
+ goto end;
+ }
+
+ s->state = s->d1->next_state;
+ break;
+#endif
+
case SSL3_ST_CW_CLNT_HELLO_A:
case SSL3_ST_CW_CLNT_HELLO_B:
@@ -245,9 +319,18 @@
s->init_num = 0;
- /* turn on buffering for the next lot of output */
- if (s->bbio != s->wbio)
- s->wbio = BIO_push(s->bbio, s->wbio);
+#ifndef OPENSSL_NO_SCTP
+ /* Disable buffering for SCTP */
+ if (!BIO_dgram_is_sctp(SSL_get_wbio(s))) {
+#endif
+ /*
+ * turn on buffering for the next lot of output
+ */
+ if (s->bbio != s->wbio)
+ s->wbio = BIO_push(s->bbio, s->wbio);
+#ifndef OPENSSL_NO_SCTP
+ }
+#endif
break;
@@ -257,9 +340,29 @@
if (ret <= 0)
goto end;
else {
- if (s->hit)
+ if (s->hit) {
+#ifndef OPENSSL_NO_SCTP
+ /*
+ * Add new shared key for SCTP-Auth, will be ignored if
+ * no SCTP used.
+ */
+ snprintf((char *)labelbuffer,
+ sizeof(DTLS1_SCTP_AUTH_LABEL),
+ DTLS1_SCTP_AUTH_LABEL);
+
+ SSL_export_keying_material(s, sctpauthkey,
+ sizeof(sctpauthkey),
+ labelbuffer,
+ sizeof(labelbuffer), NULL, 0,
+ 0);
+
+ BIO_ctrl(SSL_get_wbio(s),
+ BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY,
+ sizeof(sctpauthkey), sctpauthkey);
+#endif
+
s->state = SSL3_ST_CR_FINISHED_A;
- else
+ } else
s->state = DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A;
}
s->init_num = 0;
@@ -281,22 +384,9 @@
case SSL3_ST_CR_CERT_A:
case SSL3_ST_CR_CERT_B:
-#ifndef OPENSSL_NO_TLSEXT
- ret = ssl3_check_finished(s);
- if (ret <= 0)
- goto end;
- if (ret == 2) {
- s->hit = 1;
- if (s->tlsext_ticket_expected)
- s->state = SSL3_ST_CR_SESSION_TICKET_A;
- else
- s->state = SSL3_ST_CR_FINISHED_A;
- s->init_num = 0;
- break;
- }
-#endif
- /* Check if it is anon DH */
- if (!(s->s3->tmp.new_cipher->algorithms & SSL_aNULL)) {
+ /* Check if it is anon DH or PSK */
+ if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) &&
+ !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)) {
ret = ssl3_get_server_certificate(s);
if (ret <= 0)
goto end;
@@ -332,6 +422,7 @@
*/
if (!ssl3_check_cert_and_algorithm(s)) {
ret = -1;
+ s->state = SSL_ST_ERR;
goto end;
}
break;
@@ -352,11 +443,18 @@
goto end;
dtls1_stop_timer(s);
if (s->s3->tmp.cert_req)
- s->state = SSL3_ST_CW_CERT_A;
+ s->s3->tmp.next_state = SSL3_ST_CW_CERT_A;
else
- s->state = SSL3_ST_CW_KEY_EXCH_A;
+ s->s3->tmp.next_state = SSL3_ST_CW_KEY_EXCH_A;
s->init_num = 0;
+#ifndef OPENSSL_NO_SCTP
+ if (BIO_dgram_is_sctp(SSL_get_wbio(s)) &&
+ state == SSL_ST_RENEGOTIATE)
+ s->state = DTLS1_SCTP_ST_CR_READ_SOCK;
+ else
+#endif
+ s->state = s->s3->tmp.next_state;
break;
case SSL3_ST_CW_CERT_A:
@@ -377,7 +475,24 @@
ret = dtls1_send_client_key_exchange(s);
if (ret <= 0)
goto end;
+
+#ifndef OPENSSL_NO_SCTP
/*
+ * Add new shared key for SCTP-Auth, will be ignored if no SCTP
+ * used.
+ */
+ snprintf((char *)labelbuffer, sizeof(DTLS1_SCTP_AUTH_LABEL),
+ DTLS1_SCTP_AUTH_LABEL);
+
+ SSL_export_keying_material(s, sctpauthkey,
+ sizeof(sctpauthkey), labelbuffer,
+ sizeof(labelbuffer), NULL, 0, 0);
+
+ BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY,
+ sizeof(sctpauthkey), sctpauthkey);
+#endif
+
+ /*
* EAY EAY EAY need to check for DH fix cert sent back
*/
/*
@@ -387,8 +502,13 @@
if (s->s3->tmp.cert_req == 1) {
s->state = SSL3_ST_CW_CERT_VRFY_A;
} else {
- s->state = SSL3_ST_CW_CHANGE_A;
- s->s3->change_cipher_spec = 0;
+#ifndef OPENSSL_NO_SCTP
+ if (BIO_dgram_is_sctp(SSL_get_wbio(s))) {
+ s->d1->next_state = SSL3_ST_CW_CHANGE_A;
+ s->state = DTLS1_SCTP_ST_CW_WRITE_SOCK;
+ } else
+#endif
+ s->state = SSL3_ST_CW_CHANGE_A;
}
s->init_num = 0;
@@ -400,9 +520,14 @@
ret = dtls1_send_client_verify(s);
if (ret <= 0)
goto end;
- s->state = SSL3_ST_CW_CHANGE_A;
+#ifndef OPENSSL_NO_SCTP
+ if (BIO_dgram_is_sctp(SSL_get_wbio(s))) {
+ s->d1->next_state = SSL3_ST_CW_CHANGE_A;
+ s->state = DTLS1_SCTP_ST_CW_WRITE_SOCK;
+ } else
+#endif
+ s->state = SSL3_ST_CW_CHANGE_A;
s->init_num = 0;
- s->s3->change_cipher_spec = 0;
break;
case SSL3_ST_CW_CHANGE_A:
@@ -414,6 +539,7 @@
SSL3_ST_CW_CHANGE_B);
if (ret <= 0)
goto end;
+
s->state = SSL3_ST_CW_FINISHED_A;
s->init_num = 0;
@@ -428,6 +554,7 @@
#endif
if (!s->method->ssl3_enc->setup_key_block(s)) {
ret = -1;
+ s->state = SSL_ST_ERR;
goto end;
}
@@ -435,8 +562,19 @@
SSL3_CHANGE_CIPHER_CLIENT_WRITE))
{
ret = -1;
+ s->state = SSL_ST_ERR;
goto end;
}
+#ifndef OPENSSL_NO_SCTP
+ if (s->hit) {
+ /*
+ * Change to new shared key of SCTP-Auth, will be ignored if
+ * no SCTP used.
+ */
+ BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY,
+ 0, NULL);
+ }
+#endif
dtls1_reset_seq_numbers(s, SSL3_CC_WRITE);
break;
@@ -460,12 +598,33 @@
s->s3->flags &= ~SSL3_FLAGS_POP_BUFFER;
if (s->hit) {
s->s3->tmp.next_state = SSL_ST_OK;
+#ifndef OPENSSL_NO_SCTP
+ if (BIO_dgram_is_sctp(SSL_get_wbio(s))) {
+ s->d1->next_state = s->s3->tmp.next_state;
+ s->s3->tmp.next_state = DTLS1_SCTP_ST_CW_WRITE_SOCK;
+ }
+#endif
if (s->s3->flags & SSL3_FLAGS_DELAY_CLIENT_FINISHED) {
s->state = SSL_ST_OK;
+#ifndef OPENSSL_NO_SCTP
+ if (BIO_dgram_is_sctp(SSL_get_wbio(s))) {
+ s->d1->next_state = SSL_ST_OK;
+ s->state = DTLS1_SCTP_ST_CW_WRITE_SOCK;
+ }
+#endif
s->s3->flags |= SSL3_FLAGS_POP_BUFFER;
s->s3->delay_buf_pop_ret = 0;
}
} else {
+#ifndef OPENSSL_NO_SCTP
+ /*
+ * Change to new shared key of SCTP-Auth, will be ignored if
+ * no SCTP used.
+ */
+ BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY,
+ 0, NULL);
+#endif
+
#ifndef OPENSSL_NO_TLSEXT
/*
* Allow NewSessionTicket if ticket expected
@@ -478,7 +637,6 @@
s->s3->tmp.next_state = SSL3_ST_CR_FINISHED_A;
}
s->init_num = 0;
-
break;
#ifndef OPENSSL_NO_TLSEXT
@@ -514,6 +672,15 @@
s->state = SSL3_ST_CW_CHANGE_A;
else
s->state = SSL_ST_OK;
+
+#ifndef OPENSSL_NO_SCTP
+ if (BIO_dgram_is_sctp(SSL_get_wbio(s)) &&
+ state == SSL_ST_RENEGOTIATE) {
+ s->d1->next_state = s->state;
+ s->state = DTLS1_SCTP_ST_CW_WRITE_SOCK;
+ }
+#endif
+
s->init_num = 0;
break;
@@ -520,6 +687,14 @@
case SSL3_ST_CW_FLUSH:
s->rwstate = SSL_WRITING;
if (BIO_flush(s->wbio) <= 0) {
+ /*
+ * If the write error was fatal, stop trying
+ */
+ if (!BIO_should_retry(s->wbio)) {
+ s->rwstate = SSL_NOTHING;
+ s->state = s->s3->tmp.next_state;
+ }
+
ret = -1;
goto end;
}
@@ -547,6 +722,7 @@
/* else do it later in ssl3_write */
s->init_num = 0;
+ s->renegotiate = 0;
s->new_session = 0;
ssl_update_cache(s, SSL_SESS_CACHE_CLIENT);
@@ -567,6 +743,7 @@
goto end;
/* break; */
+ case SSL_ST_ERR:
default:
SSLerr(SSL_F_DTLS1_CONNECT, SSL_R_UNKNOWN_STATE);
ret = -1;
@@ -592,6 +769,16 @@
}
end:
s->in_handshake--;
+
+#ifndef OPENSSL_NO_SCTP
+ /*
+ * Notify SCTP BIO socket to leave handshake mode and allow stream
+ * identifier other than 0. Will be ignored if no SCTP is used.
+ */
+ BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE,
+ s->in_handshake, NULL);
+#endif
+
if (buf != NULL)
BUF_MEM_free(buf);
if (cb != NULL)
@@ -604,7 +791,7 @@
unsigned char *buf;
unsigned char *p, *d;
unsigned int i, j;
- unsigned long Time, l;
+ unsigned long l;
SSL_COMP *comp;
buf = (unsigned char *)s->init_buf->data;
@@ -623,16 +810,14 @@
/* else use the pre-loaded session */
p = s->s3->client_random;
+
/*
* if client_random is initialized, reuse it, we are required to use
* same upon reply to HelloVerify
*/
for (i = 0; p[i] == '\0' && i < sizeof(s->s3->client_random); i++) ;
- if (i == sizeof(s->s3->client_random)) {
- Time = (unsigned long)time(NULL); /* Time */
- l2n(Time, p);
- RAND_pseudo_bytes(p, SSL3_RANDOM_SIZE - 4);
- }
+ if (i == sizeof(s->s3->client_random))
+ ssl_fill_hello_random(s, 0, p, sizeof(s->s3->client_random));
/* Do the message type and length last */
d = p = &(buf[DTLS1_HM_HEADER_LENGTH]);
@@ -691,6 +876,11 @@
*(p++) = 0; /* Add the NULL method */
#ifndef OPENSSL_NO_TLSEXT
+ /* TLS extensions */
+ if (ssl_prepare_clienthello_tlsext(s) <= 0) {
+ SSLerr(SSL_F_DTLS1_CLIENT_HELLO, SSL_R_CLIENTHELLO_TLSEXT);
+ goto err;
+ }
if ((p =
ssl_add_clienthello_tlsext(s, p,
buf + SSL3_RT_MAX_PLAIN_LENGTH)) ==
@@ -764,6 +954,7 @@
f_err:
ssl3_send_alert(s, SSL3_AL_FATAL, al);
+ s->state = SSL_ST_ERR;
return -1;
}
@@ -771,7 +962,7 @@
{
unsigned char *p, *d;
int n;
- unsigned long l;
+ unsigned long alg_k;
#ifndef OPENSSL_NO_RSA
unsigned char *q;
EVP_PKEY *pkey = NULL;
@@ -779,18 +970,26 @@
#ifndef OPENSSL_NO_KRB5
KSSL_ERR kssl_err;
#endif /* OPENSSL_NO_KRB5 */
+#ifndef OPENSSL_NO_ECDH
+ EC_KEY *clnt_ecdh = NULL;
+ const EC_POINT *srvr_ecpoint = NULL;
+ EVP_PKEY *srvr_pub_pkey = NULL;
+ unsigned char *encodedPoint = NULL;
+ int encoded_pt_len = 0;
+ BN_CTX *bn_ctx = NULL;
+#endif
if (s->state == SSL3_ST_CW_KEY_EXCH_A) {
d = (unsigned char *)s->init_buf->data;
p = &(d[DTLS1_HM_HEADER_LENGTH]);
- l = s->s3->tmp.new_cipher->algorithms;
+ alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
/* Fool emacs indentation */
if (0) {
}
#ifndef OPENSSL_NO_RSA
- else if (l & SSL_kRSA) {
+ else if (alg_k & SSL_kRSA) {
RSA *rsa;
unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH];
@@ -861,7 +1060,7 @@
}
#endif
#ifndef OPENSSL_NO_KRB5
- else if (l & SSL_kKRB5) {
+ else if (alg_k & SSL_kKRB5) {
krb5_error_code krb5rc;
KSSL_CTX *kssl_ctx = s->kssl_ctx;
/* krb5_data krb5_ap_req; */
@@ -868,7 +1067,7 @@
krb5_data *enc_ticket;
krb5_data authenticator, *authp = NULL;
EVP_CIPHER_CTX ciph_ctx;
- EVP_CIPHER *enc = NULL;
+ const EVP_CIPHER *enc = NULL;
unsigned char iv[EVP_MAX_IV_LENGTH];
unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH];
unsigned char epms[SSL_MAX_MASTER_KEY_LENGTH + EVP_MAX_IV_LENGTH];
@@ -878,7 +1077,7 @@
# ifdef KSSL_DEBUG
printf("ssl3_send_client_key_exchange(%lx & %lx)\n",
- l, SSL_kKRB5);
+ alg_k, SSL_kKRB5);
# endif /* KSSL_DEBUG */
authp = NULL;
@@ -963,7 +1162,7 @@
sizeof tmp_buf);
EVP_EncryptFinal_ex(&ciph_ctx, &(epms[outl]), &padl);
outl += padl;
- if (outl > sizeof epms) {
+ if (outl > (int)sizeof epms) {
SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
ERR_R_INTERNAL_ERROR);
goto err;
@@ -988,7 +1187,7 @@
}
#endif
#ifndef OPENSSL_NO_DH
- else if (l & (SSL_kEDH | SSL_kDHr | SSL_kDHd)) {
+ else if (alg_k & (SSL_kEDH | SSL_kDHr | SSL_kDHd)) {
DH *dh_srvr, *dh_clnt;
if (s->session->sess_cert == NULL) {
@@ -1050,6 +1249,256 @@
/* perhaps clean things up a bit EAY EAY EAY EAY */
}
#endif
+#ifndef OPENSSL_NO_ECDH
+ else if (alg_k & (SSL_kEECDH | SSL_kECDHr | SSL_kECDHe)) {
+ const EC_GROUP *srvr_group = NULL;
+ EC_KEY *tkey;
+ int ecdh_clnt_cert = 0;
+ int field_size = 0;
+
+ if (s->session->sess_cert == NULL) {
+ ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
+ SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
+ SSL_R_UNEXPECTED_MESSAGE);
+ goto err;
+ }
+
+ /*
+ * Did we send out the client's ECDH share for use in premaster
+ * computation as part of client certificate? If so, set
+ * ecdh_clnt_cert to 1.
+ */
+ if ((alg_k & (SSL_kECDHr | SSL_kECDHe)) && (s->cert != NULL)) {
+ /*
+ * XXX: For now, we do not support client authentication
+ * using ECDH certificates. To add such support, one needs to
+ * add code that checks for appropriate conditions and sets
+ * ecdh_clnt_cert to 1. For example, the cert have an ECC key
+ * on the same curve as the server's and the key should be
+ * authorized for key agreement. One also needs to add code
+ * in ssl3_connect to skip sending the certificate verify
+ * message. if ((s->cert->key->privatekey != NULL) &&
+ * (s->cert->key->privatekey->type == EVP_PKEY_EC) && ...)
+ * ecdh_clnt_cert = 1;
+ */
+ }
+
+ if (s->session->sess_cert->peer_ecdh_tmp != NULL) {
+ tkey = s->session->sess_cert->peer_ecdh_tmp;
+ } else {
+ /* Get the Server Public Key from Cert */
+ srvr_pub_pkey =
+ X509_get_pubkey(s->session->
+ sess_cert->peer_pkeys[SSL_PKEY_ECC].x509);
+ if ((srvr_pub_pkey == NULL)
+ || (srvr_pub_pkey->type != EVP_PKEY_EC)
+ || (srvr_pub_pkey->pkey.ec == NULL)) {
+ SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+
+ tkey = srvr_pub_pkey->pkey.ec;
+ }
+
+ srvr_group = EC_KEY_get0_group(tkey);
+ srvr_ecpoint = EC_KEY_get0_public_key(tkey);
+
+ if ((srvr_group == NULL) || (srvr_ecpoint == NULL)) {
+ SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+
+ if ((clnt_ecdh = EC_KEY_new()) == NULL) {
+ SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ if (!EC_KEY_set_group(clnt_ecdh, srvr_group)) {
+ SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE, ERR_R_EC_LIB);
+ goto err;
+ }
+ if (ecdh_clnt_cert) {
+ /*
+ * Reuse key info from our certificate We only need our
+ * private key to perform the ECDH computation.
+ */
+ const BIGNUM *priv_key;
+ tkey = s->cert->key->privatekey->pkey.ec;
+ priv_key = EC_KEY_get0_private_key(tkey);
+ if (priv_key == NULL) {
+ SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ if (!EC_KEY_set_private_key(clnt_ecdh, priv_key)) {
+ SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_EC_LIB);
+ goto err;
+ }
+ } else {
+ /* Generate a new ECDH key pair */
+ if (!(EC_KEY_generate_key(clnt_ecdh))) {
+ SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_ECDH_LIB);
+ goto err;
+ }
+ }
+
+ /*
+ * use the 'p' output buffer for the ECDH key, but make sure to
+ * clear it out afterwards
+ */
+
+ field_size = EC_GROUP_get_degree(srvr_group);
+ if (field_size <= 0) {
+ SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE, ERR_R_ECDH_LIB);
+ goto err;
+ }
+ n = ECDH_compute_key(p, (field_size + 7) / 8, srvr_ecpoint,
+ clnt_ecdh, NULL);
+ if (n <= 0) {
+ SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE, ERR_R_ECDH_LIB);
+ goto err;
+ }
+
+ /* generate master key from the result */
+ s->session->master_key_length =
+ s->method->ssl3_enc->generate_master_secret(s,
+ s->
+ session->master_key,
+ p, n);
+
+ memset(p, 0, n); /* clean up */
+
+ if (ecdh_clnt_cert) {
+ /* Send empty client key exch message */
+ n = 0;
+ } else {
+ /*
+ * First check the size of encoding and allocate memory
+ * accordingly.
+ */
+ encoded_pt_len =
+ EC_POINT_point2oct(srvr_group,
+ EC_KEY_get0_public_key(clnt_ecdh),
+ POINT_CONVERSION_UNCOMPRESSED,
+ NULL, 0, NULL);
+
+ encodedPoint = (unsigned char *)
+ OPENSSL_malloc(encoded_pt_len * sizeof(unsigned char));
+ bn_ctx = BN_CTX_new();
+ if ((encodedPoint == NULL) || (bn_ctx == NULL)) {
+ SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ /* Encode the public key */
+ n = EC_POINT_point2oct(srvr_group,
+ EC_KEY_get0_public_key(clnt_ecdh),
+ POINT_CONVERSION_UNCOMPRESSED,
+ encodedPoint, encoded_pt_len, bn_ctx);
+
+ *p = n; /* length of encoded point */
+ /* Encoded point will be copied here */
+ p += 1;
+ /* copy the point */
+ memcpy((unsigned char *)p, encodedPoint, n);
+ /* increment n to account for length field */
+ n += 1;
+ }
+
+ /* Free allocated memory */
+ BN_CTX_free(bn_ctx);
+ if (encodedPoint != NULL)
+ OPENSSL_free(encodedPoint);
+ if (clnt_ecdh != NULL)
+ EC_KEY_free(clnt_ecdh);
+ EVP_PKEY_free(srvr_pub_pkey);
+ }
+#endif /* !OPENSSL_NO_ECDH */
+
+#ifndef OPENSSL_NO_PSK
+ else if (alg_k & SSL_kPSK) {
+ char identity[PSK_MAX_IDENTITY_LEN];
+ unsigned char *t = NULL;
+ unsigned char psk_or_pre_ms[PSK_MAX_PSK_LEN * 2 + 4];
+ unsigned int pre_ms_len = 0, psk_len = 0;
+ int psk_err = 1;
+
+ n = 0;
+ if (s->psk_client_callback == NULL) {
+ SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
+ SSL_R_PSK_NO_CLIENT_CB);
+ goto err;
+ }
+
+ psk_len = s->psk_client_callback(s, s->ctx->psk_identity_hint,
+ identity, PSK_MAX_IDENTITY_LEN,
+ psk_or_pre_ms,
+ sizeof(psk_or_pre_ms));
+ if (psk_len > PSK_MAX_PSK_LEN) {
+ SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_INTERNAL_ERROR);
+ goto psk_err;
+ } else if (psk_len == 0) {
+ SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
+ SSL_R_PSK_IDENTITY_NOT_FOUND);
+ goto psk_err;
+ }
+
+ /* create PSK pre_master_secret */
+ pre_ms_len = 2 + psk_len + 2 + psk_len;
+ t = psk_or_pre_ms;
+ memmove(psk_or_pre_ms + psk_len + 4, psk_or_pre_ms, psk_len);
+ s2n(psk_len, t);
+ memset(t, 0, psk_len);
+ t += psk_len;
+ s2n(psk_len, t);
+
+ if (s->session->psk_identity_hint != NULL)
+ OPENSSL_free(s->session->psk_identity_hint);
+ s->session->psk_identity_hint =
+ BUF_strdup(s->ctx->psk_identity_hint);
+ if (s->ctx->psk_identity_hint != NULL
+ && s->session->psk_identity_hint == NULL) {
+ SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_MALLOC_FAILURE);
+ goto psk_err;
+ }
+
+ if (s->session->psk_identity != NULL)
+ OPENSSL_free(s->session->psk_identity);
+ s->session->psk_identity = BUF_strdup(identity);
+ if (s->session->psk_identity == NULL) {
+ SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_MALLOC_FAILURE);
+ goto psk_err;
+ }
+
+ s->session->master_key_length =
+ s->method->ssl3_enc->generate_master_secret(s,
+ s->
+ session->master_key,
+ psk_or_pre_ms,
+ pre_ms_len);
+ n = strlen(identity);
+ s2n(n, p);
+ memcpy(p, identity, n);
+ n += 2;
+ psk_err = 0;
+ psk_err:
+ OPENSSL_cleanse(identity, PSK_MAX_IDENTITY_LEN);
+ OPENSSL_cleanse(psk_or_pre_ms, sizeof(psk_or_pre_ms));
+ if (psk_err != 0) {
+ ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
+ goto err;
+ }
+ }
+#endif
else {
ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
@@ -1078,6 +1527,14 @@
/* SSL3_ST_CW_KEY_EXCH_B */
return (dtls1_do_write(s, SSL3_RT_HANDSHAKE));
err:
+#ifndef OPENSSL_NO_ECDH
+ BN_CTX_free(bn_ctx);
+ if (encodedPoint != NULL)
+ OPENSSL_free(encodedPoint);
+ if (clnt_ecdh != NULL)
+ EC_KEY_free(clnt_ecdh);
+ EVP_PKEY_free(srvr_pub_pkey);
+#endif
return (-1);
}
@@ -1090,7 +1547,7 @@
unsigned u = 0;
#endif
unsigned long n;
-#ifndef OPENSSL_NO_DSA
+#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_ECDSA)
int j;
#endif
@@ -1099,17 +1556,16 @@
p = &(d[DTLS1_HM_HEADER_LENGTH]);
pkey = s->cert->key->privatekey;
- s->method->ssl3_enc->cert_verify_mac(s, &(s->s3->finish_dgst2),
+ s->method->ssl3_enc->cert_verify_mac(s,
+ NID_sha1,
&(data[MD5_DIGEST_LENGTH]));
#ifndef OPENSSL_NO_RSA
if (pkey->type == EVP_PKEY_RSA) {
- s->method->ssl3_enc->cert_verify_mac(s,
- &(s->s3->finish_dgst1),
- &(data[0]));
- if (RSA_sign
- (NID_md5_sha1, data, MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH,
- &(p[2]), &u, pkey->pkey.rsa) <= 0) {
+ s->method->ssl3_enc->cert_verify_mac(s, NID_md5, &(data[0]));
+ if (RSA_sign(NID_md5_sha1, data,
+ MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH,
+ &(p[2]), &u, pkey->pkey.rsa) <= 0) {
SSLerr(SSL_F_DTLS1_SEND_CLIENT_VERIFY, ERR_R_RSA_LIB);
goto err;
}
@@ -1130,6 +1586,19 @@
n = j + 2;
} else
#endif
+#ifndef OPENSSL_NO_ECDSA
+ if (pkey->type == EVP_PKEY_EC) {
+ if (!ECDSA_sign(pkey->save_type,
+ &(data[MD5_DIGEST_LENGTH]),
+ SHA_DIGEST_LENGTH, &(p[2]),
+ (unsigned int *)&j, pkey->pkey.ec)) {
+ SSLerr(SSL_F_DTLS1_SEND_CLIENT_VERIFY, ERR_R_ECDSA_LIB);
+ goto err;
+ }
+ s2n(j, p);
+ n = j + 2;
+ } else
+#endif
{
SSLerr(SSL_F_DTLS1_SEND_CLIENT_VERIFY, ERR_R_INTERNAL_ERROR);
goto err;
@@ -1215,6 +1684,11 @@
l = dtls1_output_cert_chain(s,
(s->s3->tmp.cert_req ==
2) ? NULL : s->cert->key->x509);
+ if (!l) {
+ SSLerr(SSL_F_DTLS1_SEND_CLIENT_CERTIFICATE, ERR_R_INTERNAL_ERROR);
+ ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
+ return 0;
+ }
s->init_num = (int)l;
s->init_off = 0;
Modified: trunk/crypto/openssl/ssl/d1_enc.c
===================================================================
--- trunk/crypto/openssl/ssl/d1_enc.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/ssl/d1_enc.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -145,8 +145,8 @@
const EVP_CIPHER *enc;
if (send) {
- if (s->write_hash) {
- mac_size = EVP_MD_size(s->write_hash);
+ if (EVP_MD_CTX_md(s->write_hash)) {
+ mac_size = EVP_MD_CTX_size(s->write_hash);
if (mac_size < 0)
return -1;
}
@@ -167,8 +167,8 @@
}
}
} else {
- if (s->read_hash) {
- mac_size = EVP_MD_size(s->read_hash);
+ if (EVP_MD_CTX_md(s->read_hash)) {
+ mac_size = EVP_MD_CTX_size(s->read_hash);
OPENSSL_assert(mac_size >= 0);
}
ds = s->enc_read_ctx;
@@ -210,11 +210,11 @@
{
unsigned long ui;
printf("EVP_Cipher(ds=%p,rec->data=%p,rec->input=%p,l=%ld) ==>\n",
- (void *)ds, rec->data, rec->input, l);
+ ds, rec->data, rec->input, l);
printf
- ("\tEVP_CIPHER_CTX: %d buf_len, %d key_len [%ld %ld], %d iv_len\n",
- ds->buf_len, ds->cipher->key_len, (unsigned long)DES_KEY_SZ,
- (unsigned long)DES_SCHEDULE_SZ, ds->cipher->iv_len);
+ ("\tEVP_CIPHER_CTX: %d buf_len, %d key_len [%d %d], %d iv_len\n",
+ ds->buf_len, ds->cipher->key_len, DES_KEY_SZ,
+ DES_SCHEDULE_SZ, ds->cipher->iv_len);
printf("\t\tIV: ");
for (i = 0; i < ds->cipher->iv_len; i++)
printf("%02X", ds->iv[i]);
@@ -231,14 +231,15 @@
return 0;
}
- EVP_Cipher(ds, rec->data, rec->input, l);
+ if (EVP_Cipher(ds, rec->data, rec->input, l) < 1)
+ return -1;
#ifdef KSSL_DEBUG
{
- unsigned long ki;
+ unsigned long i;
printf("\trec->data=");
- for (ki = 0; ki < l; ki++)
- printf(" %02x", rec->data[ki]);
+ for (i = 0; i < l; i++)
+ printf(" %02x", rec->data[i]);
printf("\n");
}
#endif /* KSSL_DEBUG */
Modified: trunk/crypto/openssl/ssl/d1_lib.c
===================================================================
--- trunk/crypto/openssl/ssl/d1_lib.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/ssl/d1_lib.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -82,6 +82,7 @@
TLS_MD_CLIENT_FINISH_CONST, TLS_MD_CLIENT_FINISH_CONST_SIZE,
TLS_MD_SERVER_FINISH_CONST, TLS_MD_SERVER_FINISH_CONST_SIZE,
tls1_alert_code,
+ tls1_export_keying_material,
};
long dtls1_default_timeout(void)
@@ -93,10 +94,6 @@
return (60 * 60 * 2);
}
-IMPLEMENT_dtls1_meth_func(dtlsv1_base_method,
- ssl_undefined_function,
- ssl_undefined_function, ssl_bad_method)
-
int dtls1_new(SSL *s)
{
DTLS1_STATE *d1;
@@ -108,18 +105,7 @@
memset(d1, 0, sizeof *d1);
/* d1->handshake_epoch=0; */
-#if defined(OPENSSL_SYS_VMS) || defined(VMS_TEST)
- d1->bitmap.length = 64;
-#else
- d1->bitmap.length = sizeof(d1->bitmap.map) * 8;
-#endif
- pq_64bit_init(&(d1->bitmap.map));
- pq_64bit_init(&(d1->bitmap.max_seq_num));
- d1->next_bitmap.length = d1->bitmap.length;
- pq_64bit_init(&(d1->next_bitmap.map));
- pq_64bit_init(&(d1->next_bitmap.max_seq_num));
-
d1->unprocessed_rcds.q = pqueue_new();
d1->processed_rcds.q = pqueue_new();
d1->buffered_messages = pqueue_new();
@@ -130,6 +116,9 @@
d1->cookie_len = sizeof(s->d1->cookie);
}
+ d1->link_mtu = 0;
+ d1->mtu = 0;
+
if (!d1->unprocessed_rcds.q || !d1->processed_rcds.q
|| !d1->buffered_messages || !d1->sent_messages
|| !d1->buffered_app_data.q) {
@@ -178,15 +167,13 @@
while ((item = pqueue_pop(s->d1->buffered_messages)) != NULL) {
frag = (hm_fragment *)item->data;
- OPENSSL_free(frag->fragment);
- OPENSSL_free(frag);
+ dtls1_hm_fragment_free(frag);
pitem_free(item);
}
while ((item = pqueue_pop(s->d1->sent_messages)) != NULL) {
frag = (hm_fragment *)item->data;
- OPENSSL_free(frag->fragment);
- OPENSSL_free(frag);
+ dtls1_hm_fragment_free(frag);
pitem_free(item);
}
@@ -212,12 +199,6 @@
pqueue_free(s->d1->sent_messages);
pqueue_free(s->d1->buffered_app_data.q);
- pq_64bit_free(&(s->d1->bitmap.map));
- pq_64bit_free(&(s->d1->bitmap.max_seq_num));
-
- pq_64bit_free(&(s->d1->next_bitmap.map));
- pq_64bit_free(&(s->d1->next_bitmap.max_seq_num));
-
OPENSSL_free(s->d1);
s->d1 = NULL;
}
@@ -230,6 +211,7 @@
pqueue sent_messages;
pqueue buffered_app_data;
unsigned int mtu;
+ unsigned int link_mtu;
if (s->d1) {
unprocessed_rcds = s->d1->unprocessed_rcds.q;
@@ -238,15 +220,10 @@
sent_messages = s->d1->sent_messages;
buffered_app_data = s->d1->buffered_app_data.q;
mtu = s->d1->mtu;
+ link_mtu = s->d1->link_mtu;
dtls1_clear_queues(s);
- pq_64bit_free(&(s->d1->bitmap.map));
- pq_64bit_free(&(s->d1->bitmap.max_seq_num));
-
- pq_64bit_free(&(s->d1->next_bitmap.map));
- pq_64bit_free(&(s->d1->next_bitmap.max_seq_num));
-
memset(s->d1, 0, sizeof(*(s->d1)));
if (s->server) {
@@ -255,6 +232,7 @@
if (SSL_get_options(s) & SSL_OP_NO_QUERY_MTU) {
s->d1->mtu = mtu;
+ s->d1->link_mtu = link_mtu;
}
s->d1->unprocessed_rcds.q = unprocessed_rcds;
@@ -262,18 +240,6 @@
s->d1->buffered_messages = buffered_messages;
s->d1->sent_messages = sent_messages;
s->d1->buffered_app_data.q = buffered_app_data;
-
-#if defined(OPENSSL_SYS_VMS) || defined(VMS_TEST)
- s->d1->bitmap.length = 64;
-#else
- s->d1->bitmap.length = sizeof(s->d1->bitmap.map) * 8;
-#endif
- pq_64bit_init(&(s->d1->bitmap.map));
- pq_64bit_init(&(s->d1->bitmap.max_seq_num));
-
- s->d1->next_bitmap.length = s->d1->bitmap.length;
- pq_64bit_init(&(s->d1->next_bitmap.map));
- pq_64bit_init(&(s->d1->next_bitmap.max_seq_num));
}
ssl3_clear(s);
@@ -313,7 +279,22 @@
* version is not as expected.
*/
return s->version == DTLS_MAX_VERSION;
-
+ case DTLS_CTRL_SET_LINK_MTU:
+ if (larg < (long)dtls1_link_min_mtu())
+ return 0;
+ s->d1->link_mtu = larg;
+ return 1;
+ case DTLS_CTRL_GET_LINK_MIN_MTU:
+ return (long)dtls1_link_min_mtu();
+ case SSL_CTRL_SET_MTU:
+ /*
+ * We may not have a BIO set yet so can't call dtls1_min_mtu()
+ * We'll have to make do with dtls1_link_min_mtu() and max overhead
+ */
+ if (larg < (long)dtls1_link_min_mtu() - DTLS1_MAX_MTU_OVERHEAD)
+ return 0;
+ s->d1->mtu = larg;
+ return larg;
default:
ret = ssl3_ctrl(s, cmd, larg, parg);
break;
@@ -328,12 +309,12 @@
* to explicitly list their SSL_* codes. Currently RC4 is the only one
* available, but if new ones emerge, they will have to be added...
*/
-SSL_CIPHER *dtls1_get_cipher(unsigned int u)
+const SSL_CIPHER *dtls1_get_cipher(unsigned int u)
{
- SSL_CIPHER *ciph = ssl3_get_cipher(u);
+ const SSL_CIPHER *ciph = ssl3_get_cipher(u);
if (ciph != NULL) {
- if ((ciph->algorithms & SSL_ENC_MASK) == SSL_RC4)
+ if (ciph->algorithm_enc == SSL_RC4)
return NULL;
}
@@ -342,6 +323,14 @@
void dtls1_start_timer(SSL *s)
{
+#ifndef OPENSSL_NO_SCTP
+ /* Disable timer for SCTP */
+ if (BIO_dgram_is_sctp(SSL_get_wbio(s))) {
+ memset(&(s->d1->next_timeout), 0, sizeof(struct timeval));
+ return;
+ }
+#endif
+
/* If timer is not set, initialize duration with 1 second */
if (s->d1->next_timeout.tv_sec == 0 && s->d1->next_timeout.tv_usec == 0) {
s->d1->timeout_duration = 1;
@@ -436,13 +425,18 @@
int dtls1_check_timeout_num(SSL *s)
{
+ unsigned int mtu;
+
s->d1->timeout.num_alerts++;
/* Reduce MTU after 2 unsuccessful retransmissions */
- if (s->d1->timeout.num_alerts > 2) {
- s->d1->mtu =
+ if (s->d1->timeout.num_alerts > 2
+ && !(SSL_get_options(s) & SSL_OP_NO_QUERY_MTU)) {
+ mtu =
BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_GET_FALLBACK_MTU, 0,
NULL);
+ if (mtu < s->d1->mtu)
+ s->d1->mtu = mtu;
}
if (s->d1->timeout.num_alerts > DTLS1_TMO_ALERT_COUNT) {
@@ -470,6 +464,12 @@
if (s->d1->timeout.read_timeouts > DTLS1_TMO_READ_COUNT) {
s->d1->timeout.read_timeouts = 1;
}
+#ifndef OPENSSL_NO_HEARTBEATS
+ if (s->tlsext_hb_pending) {
+ s->tlsext_hb_pending = 0;
+ return dtls1_heartbeat(s);
+ }
+#endif
dtls1_start_timer(s);
return dtls1_retransmit_buffered_messages(s);
Modified: trunk/crypto/openssl/ssl/d1_meth.c
===================================================================
--- trunk/crypto/openssl/ssl/d1_meth.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/ssl/d1_meth.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -61,8 +61,8 @@
#include <openssl/objects.h>
#include "ssl_locl.h"
-static SSL_METHOD *dtls1_get_method(int ver);
-static SSL_METHOD *dtls1_get_method(int ver)
+static const SSL_METHOD *dtls1_get_method(int ver);
+static const SSL_METHOD *dtls1_get_method(int ver)
{
if (ver == DTLS1_VERSION)
return (DTLSv1_method());
Modified: trunk/crypto/openssl/ssl/d1_pkt.c
===================================================================
--- trunk/crypto/openssl/ssl/d1_pkt.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/ssl/d1_pkt.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -122,10 +122,68 @@
#include <openssl/pqueue.h>
#include <openssl/rand.h>
+/* mod 128 saturating subtract of two 64-bit values in big-endian order */
+static int satsub64be(const unsigned char *v1, const unsigned char *v2)
+{
+ int ret, sat, brw, i;
+
+ if (sizeof(long) == 8)
+ do {
+ const union {
+ long one;
+ char little;
+ } is_endian = {
+ 1
+ };
+ long l;
+
+ if (is_endian.little)
+ break;
+ /* not reached on little-endians */
+ /*
+ * following test is redundant, because input is always aligned,
+ * but I take no chances...
+ */
+ if (((size_t)v1 | (size_t)v2) & 0x7)
+ break;
+
+ l = *((long *)v1);
+ l -= *((long *)v2);
+ if (l > 128)
+ return 128;
+ else if (l < -128)
+ return -128;
+ else
+ return (int)l;
+ } while (0);
+
+ ret = (int)v1[7] - (int)v2[7];
+ sat = 0;
+ brw = ret >> 8; /* brw is either 0 or -1 */
+ if (ret & 0x80) {
+ for (i = 6; i >= 0; i--) {
+ brw += (int)v1[i] - (int)v2[i];
+ sat |= ~brw;
+ brw >>= 8;
+ }
+ } else {
+ for (i = 6; i >= 0; i--) {
+ brw += (int)v1[i] - (int)v2[i];
+ sat |= brw;
+ brw >>= 8;
+ }
+ }
+ brw <<= 8; /* brw is either 0 or -256 */
+
+ if (sat & 0xff)
+ return brw | 0x80;
+ else
+ return brw + (ret & 0xFF);
+}
+
static int have_handshake_fragment(SSL *s, int type, unsigned char *buf,
int len, int peek);
-static int dtls1_record_replay_check(SSL *s, DTLS1_BITMAP *bitmap,
- PQ_64BIT * seq_num);
+static int dtls1_record_replay_check(SSL *s, DTLS1_BITMAP *bitmap);
static void dtls1_record_bitmap_update(SSL *s, DTLS1_BITMAP *bitmap);
static DTLS1_BITMAP *dtls1_get_bitmap(SSL *s, SSL3_RECORD *rr,
unsigned int *is_next_epoch);
@@ -134,11 +192,9 @@
unsigned short *priority,
unsigned long *offset);
#endif
-static int dtls1_buffer_record(SSL *s, record_pqueue *q, PQ_64BIT * priority);
+static int dtls1_buffer_record(SSL *s, record_pqueue *q,
+ unsigned char *priority);
static int dtls1_process_record(SSL *s);
-#if PQ_64BIT_IS_INTEGER
-static PQ_64BIT bytes_to_long_long(unsigned char *bytes, PQ_64BIT * num);
-#endif
/* copy buffered record into SSL structure */
static int dtls1_copy_record(SSL *s, pitem *item)
@@ -162,7 +218,7 @@
}
static int
-dtls1_buffer_record(SSL *s, record_pqueue *queue, PQ_64BIT * priority)
+dtls1_buffer_record(SSL *s, record_pqueue *queue, unsigned char *priority)
{
DTLS1_RECORD_DATA *rdata;
pitem *item;
@@ -172,7 +228,7 @@
return 0;
rdata = OPENSSL_malloc(sizeof(DTLS1_RECORD_DATA));
- item = pitem_new(*priority, rdata);
+ item = pitem_new(priority, rdata);
if (rdata == NULL || item == NULL) {
if (rdata != NULL)
OPENSSL_free(rdata);
@@ -180,7 +236,7 @@
pitem_free(item);
SSLerr(SSL_F_DTLS1_BUFFER_RECORD, ERR_R_INTERNAL_ERROR);
- return (0);
+ return -1;
}
rdata->packet = s->packet;
@@ -190,12 +246,15 @@
item->data = rdata;
- /* insert should not fail, since duplicates are dropped */
- if (pqueue_insert(queue->q, item) == NULL) {
- OPENSSL_free(rdata);
- pitem_free(item);
- return (0);
+#ifndef OPENSSL_NO_SCTP
+ /* Store bio_dgram_sctp_rcvinfo struct */
+ if (BIO_dgram_is_sctp(SSL_get_rbio(s)) &&
+ (s->state == SSL3_ST_SR_FINISHED_A
+ || s->state == SSL3_ST_CR_FINISHED_A)) {
+ BIO_ctrl(SSL_get_rbio(s), BIO_CTRL_DGRAM_SCTP_GET_RCVINFO,
+ sizeof(rdata->recordinfo), &rdata->recordinfo);
}
+#endif
s->packet = NULL;
s->packet_length = 0;
@@ -204,11 +263,23 @@
if (!ssl3_setup_buffers(s)) {
SSLerr(SSL_F_DTLS1_BUFFER_RECORD, ERR_R_INTERNAL_ERROR);
+ if (rdata->rbuf.buf != NULL)
+ OPENSSL_free(rdata->rbuf.buf);
OPENSSL_free(rdata);
pitem_free(item);
- return (0);
+ return (-1);
}
+ /* insert should not fail, since duplicates are dropped */
+ if (pqueue_insert(queue->q, item) == NULL) {
+ SSLerr(SSL_F_DTLS1_BUFFER_RECORD, ERR_R_INTERNAL_ERROR);
+ if (rdata->rbuf.buf != NULL)
+ OPENSSL_free(rdata->rbuf.buf);
+ OPENSSL_free(rdata);
+ pitem_free(item);
+ return (-1);
+ }
+
return (1);
}
@@ -260,8 +331,9 @@
dtls1_get_unprocessed_record(s);
if (!dtls1_process_record(s))
return (0);
- dtls1_buffer_record(s, &(s->d1->processed_rcds),
- &s->s3->rrec.seq_num);
+ if (dtls1_buffer_record(s, &(s->d1->processed_rcds),
+ s->s3->rrec.seq_num) < 0)
+ return -1;
}
}
@@ -383,11 +455,12 @@
#endif
/* r->length is now the compressed data plus mac */
- if ((sess != NULL) && (s->enc_read_ctx != NULL) && (s->read_hash != NULL)) {
+ if ((sess != NULL) &&
+ (s->enc_read_ctx != NULL) && (EVP_MD_CTX_md(s->read_hash) != NULL)) {
/* s->read_hash != NULL => mac_size != -1 */
unsigned char *mac = NULL;
unsigned char mac_tmp[EVP_MAX_MD_SIZE];
- mac_size = EVP_MD_size(s->read_hash);
+ mac_size = EVP_MD_CTX_size(s->read_hash);
OPENSSL_assert(mac_size <= EVP_MAX_MD_SIZE);
/*
@@ -478,8 +551,6 @@
/* we have pulled in a full packet so zero things */
s->packet_length = 0;
- dtls1_record_bitmap_update(s, &(s->d1->bitmap)); /* Mark receipt of
- * record. */
return (1);
f_err:
@@ -514,7 +585,8 @@
* The epoch may have changed. If so, process all the pending records.
* This is a non-blocking operation.
*/
- dtls1_process_buffered_records(s);
+ if (dtls1_process_buffered_records(s) < 0)
+ return -1;
/* if we're renegotiating, then there may be buffered records */
if (dtls1_get_processed_record(s))
@@ -556,7 +628,7 @@
/* Lets check version */
if (!s->first_packet) {
- if (version != s->version && version != DTLS1_BAD_VER) {
+ if (version != s->version) {
/* unexpected version, silently discard */
rr->length = 0;
s->packet_length = 0;
@@ -564,8 +636,7 @@
}
}
- if ((version & 0xff00) != (DTLS1_VERSION & 0xff00) &&
- (version & 0xff00) != (DTLS1_BAD_VER & 0xff00)) {
+ if ((version & 0xff00) != (s->version & 0xff00)) {
/* wrong version, silently discard record */
rr->length = 0;
s->packet_length = 0;
@@ -579,7 +650,6 @@
goto again;
}
- s->client_version = version;
/* now s->rstate == SSL_ST_READ_BODY */
}
@@ -610,21 +680,27 @@
s->packet_length = 0; /* dump this record */
goto again; /* get another record */
}
-
- /*
- * Check whether this is a repeat, or aged record. Don't check if we're
- * listening and this message is a ClientHello. They can look as if
- * they're replayed, since they arrive from different connections and
- * would be dropped unnecessarily.
- */
- if (!(s->d1->listen && rr->type == SSL3_RT_HANDSHAKE &&
- s->packet_length > DTLS1_RT_HEADER_LENGTH &&
- s->packet[DTLS1_RT_HEADER_LENGTH] == SSL3_MT_CLIENT_HELLO) &&
- !dtls1_record_replay_check(s, bitmap, &(rr->seq_num))) {
- rr->length = 0;
- s->packet_length = 0; /* dump this record */
- goto again; /* get another record */
+#ifndef OPENSSL_NO_SCTP
+ /* Only do replay check if no SCTP bio */
+ if (!BIO_dgram_is_sctp(SSL_get_rbio(s))) {
+#endif
+ /*
+ * Check whether this is a repeat, or aged record. Don't check if
+ * we're listening and this message is a ClientHello. They can look
+ * as if they're replayed, since they arrive from different
+ * connections and would be dropped unnecessarily.
+ */
+ if (!(s->d1->listen && rr->type == SSL3_RT_HANDSHAKE &&
+ s->packet_length > DTLS1_RT_HEADER_LENGTH &&
+ s->packet[DTLS1_RT_HEADER_LENGTH] == SSL3_MT_CLIENT_HELLO) &&
+ !dtls1_record_replay_check(s, bitmap)) {
+ rr->length = 0;
+ s->packet_length = 0; /* dump this record */
+ goto again; /* get another record */
+ }
+#ifndef OPENSSL_NO_SCTP
}
+#endif
/* just read a 0 length packet */
if (rr->length == 0)
@@ -638,7 +714,11 @@
*/
if (is_next_epoch) {
if ((SSL_in_init(s) || s->in_handshake) && !s->d1->listen) {
- dtls1_buffer_record(s, &(s->d1->unprocessed_rcds), &rr->seq_num);
+ if (dtls1_buffer_record
+ (s, &(s->d1->unprocessed_rcds), rr->seq_num) < 0)
+ return -1;
+ /* Mark receipt of record. */
+ dtls1_record_bitmap_update(s, bitmap);
}
rr->length = 0;
s->packet_length = 0;
@@ -650,6 +730,7 @@
s->packet_length = 0; /* dump this record */
goto again; /* get another record */
}
+ dtls1_record_bitmap_update(s, bitmap); /* Mark receipt of record. */
return (1);
@@ -712,7 +793,20 @@
* Now s->d1->handshake_fragment_len == 0 if type == SSL3_RT_HANDSHAKE.
*/
- if (!s->in_handshake && SSL_in_init(s)) {
+#ifndef OPENSSL_NO_SCTP
+ /*
+ * Continue handshake if it had to be interrupted to read app data with
+ * SCTP.
+ */
+ if ((!s->in_handshake && SSL_in_init(s)) ||
+ (BIO_dgram_is_sctp(SSL_get_rbio(s)) &&
+ (s->state == DTLS1_SCTP_ST_SR_READ_SOCK
+ || s->state == DTLS1_SCTP_ST_CR_READ_SOCK)
+ && s->s3->in_read_app_data != 2))
+#else
+ if (!s->in_handshake && SSL_in_init(s))
+#endif
+ {
/* type == SSL3_RT_APPLICATION_DATA */
i = s->handshake_func(s);
if (i < 0)
@@ -742,6 +836,15 @@
pitem *item;
item = pqueue_pop(s->d1->buffered_app_data.q);
if (item) {
+#ifndef OPENSSL_NO_SCTP
+ /* Restore bio_dgram_sctp_rcvinfo struct */
+ if (BIO_dgram_is_sctp(SSL_get_rbio(s))) {
+ DTLS1_RECORD_DATA *rdata = (DTLS1_RECORD_DATA *)item->data;
+ BIO_ctrl(SSL_get_rbio(s), BIO_CTRL_DGRAM_SCTP_SET_RCVINFO,
+ sizeof(rdata->recordinfo), &rdata->recordinfo);
+ }
+#endif
+
dtls1_copy_record(s, item);
OPENSSL_free(item->data);
@@ -781,7 +884,11 @@
* the packets were reordered on their way, so buffer the application
* data for later processing rather than dropping the connection.
*/
- dtls1_buffer_record(s, &(s->d1->buffered_app_data), &rr->seq_num);
+ if (dtls1_buffer_record(s, &(s->d1->buffered_app_data), rr->seq_num) <
+ 0) {
+ SSLerr(SSL_F_DTLS1_READ_BYTES, ERR_R_INTERNAL_ERROR);
+ return -1;
+ }
rr->length = 0;
goto start;
}
@@ -826,6 +933,32 @@
rr->off = 0;
}
}
+#ifndef OPENSSL_NO_SCTP
+ /*
+ * We were about to renegotiate but had to read belated application
+ * data first, so retry.
+ */
+ if (BIO_dgram_is_sctp(SSL_get_rbio(s)) &&
+ rr->type == SSL3_RT_APPLICATION_DATA &&
+ (s->state == DTLS1_SCTP_ST_SR_READ_SOCK
+ || s->state == DTLS1_SCTP_ST_CR_READ_SOCK)) {
+ s->rwstate = SSL_READING;
+ BIO_clear_retry_flags(SSL_get_rbio(s));
+ BIO_set_retry_read(SSL_get_rbio(s));
+ }
+
+ /*
+ * We might had to delay a close_notify alert because of reordered
+ * app data. If there was an alert and there is no message to read
+ * anymore, finally set shutdown.
+ */
+ if (BIO_dgram_is_sctp(SSL_get_rbio(s)) &&
+ s->d1->shutdown_received
+ && !BIO_dgram_sctp_msg_waiting(SSL_get_rbio(s))) {
+ s->shutdown |= SSL_RECEIVED_SHUTDOWN;
+ return (0);
+ }
+#endif
return (n);
}
@@ -852,6 +985,18 @@
dest = s->d1->alert_fragment;
dest_len = &s->d1->alert_fragment_len;
}
+#ifndef OPENSSL_NO_HEARTBEATS
+ else if (rr->type == TLS1_RT_HEARTBEAT) {
+ dtls1_process_heartbeat(s);
+
+ /* Exit and notify application to read again */
+ rr->length = 0;
+ s->rwstate = SSL_READING;
+ BIO_clear_retry_flags(SSL_get_rbio(s));
+ BIO_set_retry_read(SSL_get_rbio(s));
+ return (-1);
+ }
+#endif
/* else it's a CCS message, or application data or wrong */
else if (rr->type != SSL3_RT_CHANGE_CIPHER_SPEC) {
/*
@@ -920,7 +1065,7 @@
(s->d1->handshake_fragment[3] != 0)) {
al = SSL_AD_DECODE_ERROR;
SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_BAD_HELLO_REQUEST);
- goto err;
+ goto f_err;
}
/*
@@ -936,6 +1081,7 @@
!(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) &&
!s->s3->renegotiate) {
s->d1->handshake_read_seq++;
+ s->new_session = 1;
ssl3_renegotiate(s);
if (ssl3_renegotiate_check(s)) {
i = s->handshake_func(s);
@@ -992,9 +1138,24 @@
cb(s, SSL_CB_READ_ALERT, j);
}
- if (alert_level == 1) { /* warning */
+ if (alert_level == SSL3_AL_WARNING) {
s->s3->warn_alert = alert_descr;
if (alert_descr == SSL_AD_CLOSE_NOTIFY) {
+#ifndef OPENSSL_NO_SCTP
+ /*
+ * With SCTP and streams the socket may deliver app data
+ * after a close_notify alert. We have to check this first so
+ * that nothing gets discarded.
+ */
+ if (BIO_dgram_is_sctp(SSL_get_rbio(s)) &&
+ BIO_dgram_sctp_msg_waiting(SSL_get_rbio(s))) {
+ s->d1->shutdown_received = 1;
+ s->rwstate = SSL_READING;
+ BIO_clear_retry_flags(SSL_get_rbio(s));
+ BIO_set_retry_read(SSL_get_rbio(s));
+ return -1;
+ }
+#endif
s->shutdown |= SSL_RECEIVED_SHUTDOWN;
return (0);
}
@@ -1026,7 +1187,7 @@
}
}
#endif
- } else if (alert_level == 2) { /* fatal */
+ } else if (alert_level == SSL3_AL_FATAL) {
char tmp[16];
s->rwstate = SSL_NOTHING;
@@ -1060,16 +1221,16 @@
dtls1_get_ccs_header(rr->data, &ccs_hdr);
+ if (s->version == DTLS1_BAD_VER)
+ ccs_hdr_len = 3;
+
/*
* 'Change Cipher Spec' is just a single byte, so we know exactly
* what the record payload has to look like
*/
/* XDTLS: check that epoch is consistent */
- if (s->client_version == DTLS1_BAD_VER || s->version == DTLS1_BAD_VER)
- ccs_hdr_len = 3;
-
- if ((rr->length != ccs_hdr_len) || (rr->off != 0)
- || (rr->data[0] != SSL3_MT_CCS)) {
+ if ((rr->length != ccs_hdr_len) ||
+ (rr->off != 0) || (rr->data[0] != SSL3_MT_CCS)) {
i = SSL_AD_ILLEGAL_PARAMETER;
SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_BAD_CHANGE_CIPHER_SPEC);
goto err;
@@ -1098,9 +1259,18 @@
/* do this whenever CCS is processed */
dtls1_reset_seq_numbers(s, SSL3_CC_READ);
- if (s->client_version == DTLS1_BAD_VER)
+ if (s->version == DTLS1_BAD_VER)
s->d1->handshake_read_seq++;
+#ifndef OPENSSL_NO_SCTP
+ /*
+ * Remember that a CCS has been received, so that an old key of
+ * SCTP-Auth can be deleted when a CCS is sent. Will be ignored if no
+ * SCTP is used
+ */
+ BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_AUTH_CCS_RCVD, 1, NULL);
+#endif
+
goto start;
}
@@ -1142,6 +1312,7 @@
#else
s->state = s->server ? SSL_ST_ACCEPT : SSL_ST_CONNECT;
#endif
+ s->renegotiate = 1;
s->new_session = 1;
}
i = s->handshake_func(s);
@@ -1232,7 +1403,19 @@
{
int i;
- if (SSL_in_init(s) && !s->in_handshake) {
+#ifndef OPENSSL_NO_SCTP
+ /*
+ * Check if we have to continue an interrupted handshake for reading
+ * belated app data with SCTP.
+ */
+ if ((SSL_in_init(s) && !s->in_handshake) ||
+ (BIO_dgram_is_sctp(SSL_get_wbio(s)) &&
+ (s->state == DTLS1_SCTP_ST_SR_READ_SOCK
+ || s->state == DTLS1_SCTP_ST_CR_READ_SOCK)))
+#else
+ if (SSL_in_init(s) && !s->in_handshake)
+#endif
+ {
i = s->handshake_func(s);
if (i < 0)
return (i);
@@ -1335,13 +1518,16 @@
sess = s->session;
if ((sess == NULL) ||
- (s->enc_write_ctx == NULL) || (s->write_hash == NULL))
+ (s->enc_write_ctx == NULL) || (EVP_MD_CTX_md(s->write_hash) == NULL))
clear = 1;
if (clear)
mac_size = 0;
- else
- mac_size = EVP_MD_size(s->write_hash);
+ else {
+ mac_size = EVP_MD_CTX_size(s->write_hash);
+ if (mac_size < 0)
+ goto err;
+ }
/* DTLS implements explicit IV, so no need for empty fragments */
#if 0
@@ -1378,7 +1564,6 @@
s->s3->empty_fragment_done = 1;
}
#endif
-
p = wb->buf + prefix_len;
/* write the header */
@@ -1386,10 +1571,8 @@
*(p++) = type & 0xff;
wr->type = type;
- if (s->client_version == DTLS1_BAD_VER)
- *(p++) = DTLS1_BAD_VER >> 8, *(p++) = DTLS1_BAD_VER & 0xff;
- else
- *(p++) = (s->version >> 8), *(p++) = s->version & 0xff;
+ *(p++) = (s->version >> 8);
+ *(p++) = s->version & 0xff;
/* field where we are to write out packet epoch, seq num and len */
pseq = p;
@@ -1433,7 +1616,8 @@
*/
if (mac_size != 0) {
- s->method->ssl3_enc->mac(s, &(p[wr->length + bs]), 1);
+ if (s->method->ssl3_enc->mac(s, &(p[wr->length + bs]), 1) < 0)
+ goto err;
wr->length += mac_size;
}
@@ -1450,7 +1634,8 @@
wr->length += bs;
}
- s->method->ssl3_enc->enc(s, 1);
+ if (s->method->ssl3_enc->enc(s, 1) < 1)
+ goto err;
/* record length after mac and block padding */
/*
@@ -1514,104 +1699,46 @@
return -1;
}
-static int dtls1_record_replay_check(SSL *s, DTLS1_BITMAP *bitmap,
- PQ_64BIT * seq_num)
+static int dtls1_record_replay_check(SSL *s, DTLS1_BITMAP *bitmap)
{
-#if PQ_64BIT_IS_INTEGER
- PQ_64BIT mask = 0x0000000000000001L;
-#endif
- PQ_64BIT rcd_num, tmp;
+ int cmp;
+ unsigned int shift;
+ const unsigned char *seq = s->s3->read_sequence;
- pq_64bit_init(&rcd_num);
- pq_64bit_init(&tmp);
-
- /* this is the sequence number for the record just read */
- pq_64bit_bin2num(&rcd_num, s->s3->read_sequence, 8);
-
- if (pq_64bit_gt(&rcd_num, &(bitmap->max_seq_num)) ||
- pq_64bit_eq(&rcd_num, &(bitmap->max_seq_num))) {
- pq_64bit_assign(seq_num, &rcd_num);
- pq_64bit_free(&rcd_num);
- pq_64bit_free(&tmp);
- return 1; /* this record is new */
+ cmp = satsub64be(seq, bitmap->max_seq_num);
+ if (cmp > 0) {
+ memcpy(s->s3->rrec.seq_num, seq, 8);
+ return 1; /* this record in new */
}
-
- pq_64bit_sub(&tmp, &(bitmap->max_seq_num), &rcd_num);
-
- if (pq_64bit_get_word(&tmp) > bitmap->length) {
- pq_64bit_free(&rcd_num);
- pq_64bit_free(&tmp);
+ shift = -cmp;
+ if (shift >= sizeof(bitmap->map) * 8)
return 0; /* stale, outside the window */
- }
-#if PQ_64BIT_IS_BIGNUM
- {
- int offset;
- pq_64bit_sub(&tmp, &(bitmap->max_seq_num), &rcd_num);
- pq_64bit_sub_word(&tmp, 1);
- offset = pq_64bit_get_word(&tmp);
- if (pq_64bit_is_bit_set(&(bitmap->map), offset)) {
- pq_64bit_free(&rcd_num);
- pq_64bit_free(&tmp);
- return 0;
- }
- }
-#else
- mask <<= (bitmap->max_seq_num - rcd_num - 1);
- if (bitmap->map & mask)
+ else if (bitmap->map & (1UL << shift))
return 0; /* record previously received */
-#endif
- pq_64bit_assign(seq_num, &rcd_num);
- pq_64bit_free(&rcd_num);
- pq_64bit_free(&tmp);
+ memcpy(s->s3->rrec.seq_num, seq, 8);
return 1;
}
static void dtls1_record_bitmap_update(SSL *s, DTLS1_BITMAP *bitmap)
{
+ int cmp;
unsigned int shift;
- PQ_64BIT rcd_num;
- PQ_64BIT tmp;
- PQ_64BIT_CTX *ctx;
+ const unsigned char *seq = s->s3->read_sequence;
- pq_64bit_init(&rcd_num);
- pq_64bit_init(&tmp);
-
- pq_64bit_bin2num(&rcd_num, s->s3->read_sequence, 8);
-
- /*
- * unfortunate code complexity due to 64-bit manipulation support on
- * 32-bit machines
- */
- if (pq_64bit_gt(&rcd_num, &(bitmap->max_seq_num)) ||
- pq_64bit_eq(&rcd_num, &(bitmap->max_seq_num))) {
- pq_64bit_sub(&tmp, &rcd_num, &(bitmap->max_seq_num));
- pq_64bit_add_word(&tmp, 1);
-
- shift = (unsigned int)pq_64bit_get_word(&tmp);
-
- pq_64bit_lshift(&(tmp), &(bitmap->map), shift);
- pq_64bit_assign(&(bitmap->map), &tmp);
-
- pq_64bit_set_bit(&(bitmap->map), 0);
- pq_64bit_add_word(&rcd_num, 1);
- pq_64bit_assign(&(bitmap->max_seq_num), &rcd_num);
-
- pq_64bit_assign_word(&tmp, 1);
- pq_64bit_lshift(&tmp, &tmp, bitmap->length);
- ctx = pq_64bit_ctx_new(&ctx);
- pq_64bit_mod(&(bitmap->map), &(bitmap->map), &tmp, ctx);
- pq_64bit_ctx_free(ctx);
+ cmp = satsub64be(seq, bitmap->max_seq_num);
+ if (cmp > 0) {
+ shift = cmp;
+ if (shift < sizeof(bitmap->map) * 8)
+ bitmap->map <<= shift, bitmap->map |= 1UL;
+ else
+ bitmap->map = 1UL;
+ memcpy(bitmap->max_seq_num, seq, 8);
} else {
- pq_64bit_sub(&tmp, &(bitmap->max_seq_num), &rcd_num);
- pq_64bit_sub_word(&tmp, 1);
- shift = (unsigned int)pq_64bit_get_word(&tmp);
-
- pq_64bit_set_bit(&(bitmap->map), shift);
+ shift = -cmp;
+ if (shift < sizeof(bitmap->map) * 8)
+ bitmap->map |= 1UL << shift;
}
-
- pq_64bit_free(&rcd_num);
- pq_64bit_free(&tmp);
}
int dtls1_dispatch_alert(SSL *s)
@@ -1765,17 +1892,8 @@
if (rw & SSL3_CC_READ) {
seq = s->s3->read_sequence;
s->d1->r_epoch++;
-
- pq_64bit_assign(&(s->d1->bitmap.map), &(s->d1->next_bitmap.map));
- s->d1->bitmap.length = s->d1->next_bitmap.length;
- pq_64bit_assign(&(s->d1->bitmap.max_seq_num),
- &(s->d1->next_bitmap.max_seq_num));
-
- pq_64bit_free(&(s->d1->next_bitmap.map));
- pq_64bit_free(&(s->d1->next_bitmap.max_seq_num));
+ memcpy(&(s->d1->bitmap), &(s->d1->next_bitmap), sizeof(DTLS1_BITMAP));
memset(&(s->d1->next_bitmap), 0x00, sizeof(DTLS1_BITMAP));
- pq_64bit_init(&(s->d1->next_bitmap.map));
- pq_64bit_init(&(s->d1->next_bitmap.max_seq_num));
} else {
seq = s->s3->write_sequence;
memcpy(s->d1->last_write_sequence, seq,
@@ -1785,21 +1903,3 @@
memset(seq, 0x00, seq_bytes);
}
-
-#if PQ_64BIT_IS_INTEGER
-static PQ_64BIT bytes_to_long_long(unsigned char *bytes, PQ_64BIT * num)
-{
- PQ_64BIT _num;
-
- _num = (((PQ_64BIT) bytes[0]) << 56) |
- (((PQ_64BIT) bytes[1]) << 48) |
- (((PQ_64BIT) bytes[2]) << 40) |
- (((PQ_64BIT) bytes[3]) << 32) |
- (((PQ_64BIT) bytes[4]) << 24) |
- (((PQ_64BIT) bytes[5]) << 16) |
- (((PQ_64BIT) bytes[6]) << 8) | (((PQ_64BIT) bytes[7]));
-
- *num = _num;
- return _num;
-}
-#endif
Copied: trunk/crypto/openssl/ssl/d1_srtp.c (from rev 7117, vendor-crypto/openssl/dist/ssl/d1_srtp.c)
===================================================================
--- trunk/crypto/openssl/ssl/d1_srtp.c (rev 0)
+++ trunk/crypto/openssl/ssl/d1_srtp.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,449 @@
+/* ssl/t1_lib.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+/*
+ * DTLS code by Eric Rescorla <ekr at rtfm.com>
+ *
+ * Copyright (C) 2006, Network Resonance, Inc. Copyright (C) 2011, RTFM, Inc.
+ */
+
+#include <stdio.h>
+#include <openssl/objects.h>
+#include "ssl_locl.h"
+
+#ifndef OPENSSL_NO_SRTP
+
+# include "srtp.h"
+
+static SRTP_PROTECTION_PROFILE srtp_known_profiles[] = {
+ {
+ "SRTP_AES128_CM_SHA1_80",
+ SRTP_AES128_CM_SHA1_80,
+ },
+ {
+ "SRTP_AES128_CM_SHA1_32",
+ SRTP_AES128_CM_SHA1_32,
+ },
+# if 0
+ {
+ "SRTP_NULL_SHA1_80",
+ SRTP_NULL_SHA1_80,
+ },
+ {
+ "SRTP_NULL_SHA1_32",
+ SRTP_NULL_SHA1_32,
+ },
+# endif
+ {0}
+};
+
+static int find_profile_by_name(char *profile_name,
+ SRTP_PROTECTION_PROFILE **pptr, unsigned len)
+{
+ SRTP_PROTECTION_PROFILE *p;
+
+ p = srtp_known_profiles;
+ while (p->name) {
+ if ((len == strlen(p->name)) && !strncmp(p->name, profile_name, len)) {
+ *pptr = p;
+ return 0;
+ }
+
+ p++;
+ }
+
+ return 1;
+}
+
+static int ssl_ctx_make_profiles(const char *profiles_string,
+ STACK_OF(SRTP_PROTECTION_PROFILE) **out)
+{
+ STACK_OF(SRTP_PROTECTION_PROFILE) *profiles;
+
+ char *col;
+ char *ptr = (char *)profiles_string;
+
+ SRTP_PROTECTION_PROFILE *p;
+
+ if (!(profiles = sk_SRTP_PROTECTION_PROFILE_new_null())) {
+ SSLerr(SSL_F_SSL_CTX_MAKE_PROFILES,
+ SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES);
+ return 1;
+ }
+
+ do {
+ col = strchr(ptr, ':');
+
+ if (!find_profile_by_name(ptr, &p,
+ col ? col - ptr : (int)strlen(ptr))) {
+ if (sk_SRTP_PROTECTION_PROFILE_find(profiles, p) >= 0) {
+ SSLerr(SSL_F_SSL_CTX_MAKE_PROFILES,
+ SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
+ sk_SRTP_PROTECTION_PROFILE_free(profiles);
+ return 1;
+ }
+
+ sk_SRTP_PROTECTION_PROFILE_push(profiles, p);
+ } else {
+ SSLerr(SSL_F_SSL_CTX_MAKE_PROFILES,
+ SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE);
+ sk_SRTP_PROTECTION_PROFILE_free(profiles);
+ return 1;
+ }
+
+ if (col)
+ ptr = col + 1;
+ } while (col);
+
+ *out = profiles;
+
+ return 0;
+}
+
+int SSL_CTX_set_tlsext_use_srtp(SSL_CTX *ctx, const char *profiles)
+{
+ return ssl_ctx_make_profiles(profiles, &ctx->srtp_profiles);
+}
+
+int SSL_set_tlsext_use_srtp(SSL *s, const char *profiles)
+{
+ return ssl_ctx_make_profiles(profiles, &s->srtp_profiles);
+}
+
+STACK_OF(SRTP_PROTECTION_PROFILE) *SSL_get_srtp_profiles(SSL *s)
+{
+ if (s != NULL) {
+ if (s->srtp_profiles != NULL) {
+ return s->srtp_profiles;
+ } else if ((s->ctx != NULL) && (s->ctx->srtp_profiles != NULL)) {
+ return s->ctx->srtp_profiles;
+ }
+ }
+
+ return NULL;
+}
+
+SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile(SSL *s)
+{
+ return s->srtp_profile;
+}
+
+/*
+ * Note: this function returns 0 length if there are no profiles specified
+ */
+int ssl_add_clienthello_use_srtp_ext(SSL *s, unsigned char *p, int *len,
+ int maxlen)
+{
+ int ct = 0;
+ int i;
+ STACK_OF(SRTP_PROTECTION_PROFILE) *clnt = 0;
+ SRTP_PROTECTION_PROFILE *prof;
+
+ clnt = SSL_get_srtp_profiles(s);
+ ct = sk_SRTP_PROTECTION_PROFILE_num(clnt); /* -1 if clnt == 0 */
+
+ if (p) {
+ if (ct == 0) {
+ SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_USE_SRTP_EXT,
+ SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST);
+ return 1;
+ }
+
+ if ((2 + ct * 2 + 1) > maxlen) {
+ SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_USE_SRTP_EXT,
+ SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG);
+ return 1;
+ }
+
+ /* Add the length */
+ s2n(ct * 2, p);
+ for (i = 0; i < ct; i++) {
+ prof = sk_SRTP_PROTECTION_PROFILE_value(clnt, i);
+ s2n(prof->id, p);
+ }
+
+ /* Add an empty use_mki value */
+ *p++ = 0;
+ }
+
+ *len = 2 + ct * 2 + 1;
+
+ return 0;
+}
+
+int ssl_parse_clienthello_use_srtp_ext(SSL *s, unsigned char *d, int len,
+ int *al)
+{
+ SRTP_PROTECTION_PROFILE *sprof;
+ STACK_OF(SRTP_PROTECTION_PROFILE) *srvr;
+ int ct;
+ int mki_len;
+ int i, srtp_pref;
+ unsigned int id;
+
+ /* Length value + the MKI length */
+ if (len < 3) {
+ SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT,
+ SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
+ *al = SSL_AD_DECODE_ERROR;
+ return 1;
+ }
+
+ /* Pull off the length of the cipher suite list */
+ n2s(d, ct);
+ len -= 2;
+
+ /* Check that it is even */
+ if (ct % 2) {
+ SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT,
+ SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
+ *al = SSL_AD_DECODE_ERROR;
+ return 1;
+ }
+
+ /* Check that lengths are consistent */
+ if (len < (ct + 1)) {
+ SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT,
+ SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
+ *al = SSL_AD_DECODE_ERROR;
+ return 1;
+ }
+
+ srvr = SSL_get_srtp_profiles(s);
+ s->srtp_profile = NULL;
+ /* Search all profiles for a match initially */
+ srtp_pref = sk_SRTP_PROTECTION_PROFILE_num(srvr);
+
+ while (ct) {
+ n2s(d, id);
+ ct -= 2;
+ len -= 2;
+
+ /*
+ * Only look for match in profiles of higher preference than
+ * current match.
+ * If no profiles have been have been configured then this
+ * does nothing.
+ */
+ for (i = 0; i < srtp_pref; i++) {
+ sprof = sk_SRTP_PROTECTION_PROFILE_value(srvr, i);
+ if (sprof->id == id) {
+ s->srtp_profile = sprof;
+ srtp_pref = i;
+ break;
+ }
+ }
+ }
+
+ /*
+ * Now extract the MKI value as a sanity check, but discard it for now
+ */
+ mki_len = *d;
+ d++;
+ len--;
+
+ if (mki_len != len) {
+ SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT,
+ SSL_R_BAD_SRTP_MKI_VALUE);
+ *al = SSL_AD_DECODE_ERROR;
+ return 1;
+ }
+
+ return 0;
+}
+
+int ssl_add_serverhello_use_srtp_ext(SSL *s, unsigned char *p, int *len,
+ int maxlen)
+{
+ if (p) {
+ if (maxlen < 5) {
+ SSLerr(SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT,
+ SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG);
+ return 1;
+ }
+
+ if (s->srtp_profile == 0) {
+ SSLerr(SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT,
+ SSL_R_USE_SRTP_NOT_NEGOTIATED);
+ return 1;
+ }
+ s2n(2, p);
+ s2n(s->srtp_profile->id, p);
+ *p++ = 0;
+ }
+ *len = 5;
+
+ return 0;
+}
+
+int ssl_parse_serverhello_use_srtp_ext(SSL *s, unsigned char *d, int len,
+ int *al)
+{
+ unsigned id;
+ int i;
+ int ct;
+
+ STACK_OF(SRTP_PROTECTION_PROFILE) *clnt;
+ SRTP_PROTECTION_PROFILE *prof;
+
+ if (len != 5) {
+ SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT,
+ SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
+ *al = SSL_AD_DECODE_ERROR;
+ return 1;
+ }
+
+ n2s(d, ct);
+ if (ct != 2) {
+ SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT,
+ SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
+ *al = SSL_AD_DECODE_ERROR;
+ return 1;
+ }
+
+ n2s(d, id);
+ if (*d) { /* Must be no MKI, since we never offer one */
+ SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT,
+ SSL_R_BAD_SRTP_MKI_VALUE);
+ *al = SSL_AD_ILLEGAL_PARAMETER;
+ return 1;
+ }
+
+ clnt = SSL_get_srtp_profiles(s);
+
+ /* Throw an error if the server gave us an unsolicited extension */
+ if (clnt == NULL) {
+ SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT,
+ SSL_R_NO_SRTP_PROFILES);
+ *al = SSL_AD_DECODE_ERROR;
+ return 1;
+ }
+
+ /*
+ * Check to see if the server gave us something we support (and
+ * presumably offered)
+ */
+ for (i = 0; i < sk_SRTP_PROTECTION_PROFILE_num(clnt); i++) {
+ prof = sk_SRTP_PROTECTION_PROFILE_value(clnt, i);
+
+ if (prof->id == id) {
+ s->srtp_profile = prof;
+ *al = 0;
+ return 0;
+ }
+ }
+
+ SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT,
+ SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
+ *al = SSL_AD_DECODE_ERROR;
+ return 1;
+}
+
+#endif
Modified: trunk/crypto/openssl/ssl/d1_srvr.c
===================================================================
--- trunk/crypto/openssl/ssl/d1_srvr.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/ssl/d1_srvr.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -4,7 +4,7 @@
* (nagendra at cs.stanford.edu) for the OpenSSL project 2005.
*/
/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -121,14 +121,15 @@
#include <openssl/evp.h>
#include <openssl/x509.h>
#include <openssl/md5.h>
+#include <openssl/bn.h>
#ifndef OPENSSL_NO_DH
# include <openssl/dh.h>
#endif
-static SSL_METHOD *dtls1_get_server_method(int ver);
+static const SSL_METHOD *dtls1_get_server_method(int ver);
static int dtls1_send_hello_verify_request(SSL *s);
-static SSL_METHOD *dtls1_get_server_method(int ver)
+static const SSL_METHOD *dtls1_get_server_method(int ver)
{
if (ver == DTLS1_VERSION)
return (DTLSv1_server_method());
@@ -143,11 +144,16 @@
int dtls1_accept(SSL *s)
{
BUF_MEM *buf;
- unsigned long l, Time = (unsigned long)time(NULL);
+ unsigned long Time = (unsigned long)time(NULL);
void (*cb) (const SSL *ssl, int type, int val) = NULL;
+ unsigned long alg_k;
int ret = -1;
int new_state, state, skip = 0;
int listen;
+#ifndef OPENSSL_NO_SCTP
+ unsigned char sctpauthkey[64];
+ char labelbuffer[sizeof(DTLS1_SCTP_AUTH_LABEL)];
+#endif
RAND_add(&Time, sizeof(Time), 0);
ERR_clear_error();
@@ -166,11 +172,31 @@
SSL_clear(s);
s->d1->listen = listen;
+#ifndef OPENSSL_NO_SCTP
+ /*
+ * Notify SCTP BIO socket to enter handshake mode and prevent stream
+ * identifier other than 0. Will be ignored if no SCTP is used.
+ */
+ BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE,
+ s->in_handshake, NULL);
+#endif
if (s->cert == NULL) {
SSLerr(SSL_F_DTLS1_ACCEPT, SSL_R_NO_CERTIFICATE_SET);
return (-1);
}
+#ifndef OPENSSL_NO_HEARTBEATS
+ /*
+ * If we're awaiting a HeartbeatResponse, pretend we already got and
+ * don't await it anymore, because Heartbeats don't make sense during
+ * handshakes anyway.
+ */
+ if (s->tlsext_hb_pending) {
+ dtls1_stop_timer(s);
+ s->tlsext_hb_pending = 0;
+ s->tlsext_hb_seq++;
+ }
+#endif
for (;;) {
state = s->state;
@@ -177,7 +203,7 @@
switch (s->state) {
case SSL_ST_RENEGOTIATE:
- s->new_session = 1;
+ s->renegotiate = 1;
/* s->state=SSL_ST_ACCEPT; */
case SSL_ST_BEFORE:
@@ -198,10 +224,13 @@
if (s->init_buf == NULL) {
if ((buf = BUF_MEM_new()) == NULL) {
ret = -1;
+ s->state = SSL_ST_ERR;
goto end;
}
if (!BUF_MEM_grow(buf, SSL3_RT_MAX_PLAIN_LENGTH)) {
+ BUF_MEM_free(buf);
ret = -1;
+ s->state = SSL_ST_ERR;
goto end;
}
s->init_buf = buf;
@@ -209,20 +238,31 @@
if (!ssl3_setup_buffers(s)) {
ret = -1;
+ s->state = SSL_ST_ERR;
goto end;
}
s->init_num = 0;
+ s->d1->change_cipher_spec_ok = 0;
+ /*
+ * Should have been reset by ssl3_get_finished, too.
+ */
+ s->s3->change_cipher_spec = 0;
if (s->state != SSL_ST_RENEGOTIATE) {
/*
* Ok, we now need to push on a buffering BIO so that the
- * output is sent in a way that TCP likes :-)
+ * output is sent in a way that TCP likes :-) ...but not with
+ * SCTP :-)
*/
- if (!ssl_init_wbio_buffer(s, 1)) {
- ret = -1;
- goto end;
- }
+#ifndef OPENSSL_NO_SCTP
+ if (!BIO_dgram_is_sctp(SSL_get_wbio(s)))
+#endif
+ if (!ssl_init_wbio_buffer(s, 1)) {
+ ret = -1;
+ s->state = SSL_ST_ERR;
+ goto end;
+ }
ssl3_init_finished_mac(s);
s->state = SSL3_ST_SR_CLNT_HELLO_A;
@@ -308,31 +348,79 @@
s->state = SSL3_ST_SW_FLUSH;
s->s3->tmp.next_state = SSL3_ST_SR_CLNT_HELLO_A;
- /* HelloVerifyRequests resets Finished MAC */
- if (s->client_version != DTLS1_BAD_VER)
+ /* HelloVerifyRequest resets Finished MAC */
+ if (s->version != DTLS1_BAD_VER)
ssl3_init_finished_mac(s);
break;
+#ifndef OPENSSL_NO_SCTP
+ case DTLS1_SCTP_ST_SR_READ_SOCK:
+
+ if (BIO_dgram_sctp_msg_waiting(SSL_get_rbio(s))) {
+ s->s3->in_read_app_data = 2;
+ s->rwstate = SSL_READING;
+ BIO_clear_retry_flags(SSL_get_rbio(s));
+ BIO_set_retry_read(SSL_get_rbio(s));
+ ret = -1;
+ goto end;
+ }
+
+ s->state = SSL3_ST_SR_FINISHED_A;
+ break;
+
+ case DTLS1_SCTP_ST_SW_WRITE_SOCK:
+ ret = BIO_dgram_sctp_wait_for_dry(SSL_get_wbio(s));
+ if (ret < 0)
+ goto end;
+
+ if (ret == 0) {
+ if (s->d1->next_state != SSL_ST_OK) {
+ s->s3->in_read_app_data = 2;
+ s->rwstate = SSL_READING;
+ BIO_clear_retry_flags(SSL_get_rbio(s));
+ BIO_set_retry_read(SSL_get_rbio(s));
+ ret = -1;
+ goto end;
+ }
+ }
+
+ s->state = s->d1->next_state;
+ break;
+#endif
+
case SSL3_ST_SW_SRVR_HELLO_A:
case SSL3_ST_SW_SRVR_HELLO_B:
- s->new_session = 2;
+ s->renegotiate = 2;
dtls1_start_timer(s);
ret = dtls1_send_server_hello(s);
if (ret <= 0)
goto end;
+ if (s->hit) {
+#ifndef OPENSSL_NO_SCTP
+ /*
+ * Add new shared key for SCTP-Auth, will be ignored if no
+ * SCTP used.
+ */
+ snprintf((char *)labelbuffer, sizeof(DTLS1_SCTP_AUTH_LABEL),
+ DTLS1_SCTP_AUTH_LABEL);
+
+ SSL_export_keying_material(s, sctpauthkey,
+ sizeof(sctpauthkey), labelbuffer,
+ sizeof(labelbuffer), NULL, 0, 0);
+
+ BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY,
+ sizeof(sctpauthkey), sctpauthkey);
+#endif
#ifndef OPENSSL_NO_TLSEXT
- if (s->hit) {
if (s->tlsext_ticket_expected)
s->state = SSL3_ST_SW_SESSION_TICKET_A;
else
s->state = SSL3_ST_SW_CHANGE_A;
- }
#else
- if (s->hit)
s->state = SSL3_ST_SW_CHANGE_A;
#endif
- else
+ } else
s->state = SSL3_ST_SW_CERT_A;
s->init_num = 0;
break;
@@ -339,8 +427,9 @@
case SSL3_ST_SW_CERT_A:
case SSL3_ST_SW_CERT_B:
- /* Check if it is anon DH */
- if (!(s->s3->tmp.new_cipher->algorithms & SSL_aNULL)) {
+ /* Check if it is anon DH or normal PSK */
+ if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL)
+ && !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)) {
dtls1_start_timer(s);
ret = dtls1_send_server_certificate(s);
if (ret <= 0)
@@ -365,19 +454,29 @@
case SSL3_ST_SW_KEY_EXCH_A:
case SSL3_ST_SW_KEY_EXCH_B:
- l = s->s3->tmp.new_cipher->algorithms;
+ alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
/*
- * clear this, it may get reset by send_server_key_exchange
+ * clear this, it may get reset by
+ * send_server_key_exchange
*/
s->s3->tmp.use_rsa_tmp = 0;
/*
- * only send if a DH key exchange, fortezza or RSA but we have a
- * sign only certificate
+ * only send if a DH key exchange or RSA but we have a sign only
+ * certificate
*/
- if ((l & (SSL_DH | SSL_kFZA))
- || ((l & SSL_kRSA)
+ if (0
+ /*
+ * PSK: send ServerKeyExchange if PSK identity hint if
+ * provided
+ */
+#ifndef OPENSSL_NO_PSK
+ || ((alg_k & SSL_kPSK) && s->ctx->psk_identity_hint)
+#endif
+ || (alg_k & SSL_kEDH)
+ || (alg_k & SSL_kEECDH)
+ || ((alg_k & SSL_kRSA)
&& (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL
|| (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher)
&& EVP_PKEY_size(s->cert->pkeys
@@ -413,7 +512,7 @@
* section "Certificate request" in SSL 3 drafts and in
* RFC 2246):
*/
- ((s->s3->tmp.new_cipher->algorithms & SSL_aNULL) &&
+ ((s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) &&
/*
* ... except when the application insists on
* verification (against the specs, but s3_clnt.c accepts
@@ -423,11 +522,22 @@
/*
* never request cert in Kerberos ciphersuites
*/
- (s->s3->tmp.new_cipher->algorithms & SSL_aKRB5)) {
+ (s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5)
+ /*
+ * With normal PSK Certificates and Certificate Requests
+ * are omitted
+ */
+ || (s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)) {
/* no cert request */
skip = 1;
s->s3->tmp.cert_request = 0;
s->state = SSL3_ST_SW_SRVR_DONE_A;
+#ifndef OPENSSL_NO_SCTP
+ if (BIO_dgram_is_sctp(SSL_get_wbio(s))) {
+ s->d1->next_state = SSL3_ST_SW_SRVR_DONE_A;
+ s->state = DTLS1_SCTP_ST_SW_WRITE_SOCK;
+ }
+#endif
} else {
s->s3->tmp.cert_request = 1;
dtls1_start_timer(s);
@@ -436,9 +546,21 @@
goto end;
#ifndef NETSCAPE_HANG_BUG
s->state = SSL3_ST_SW_SRVR_DONE_A;
+# ifndef OPENSSL_NO_SCTP
+ if (BIO_dgram_is_sctp(SSL_get_wbio(s))) {
+ s->d1->next_state = SSL3_ST_SW_SRVR_DONE_A;
+ s->state = DTLS1_SCTP_ST_SW_WRITE_SOCK;
+ }
+# endif
#else
s->state = SSL3_ST_SW_FLUSH;
s->s3->tmp.next_state = SSL3_ST_SR_CERT_A;
+# ifndef OPENSSL_NO_SCTP
+ if (BIO_dgram_is_sctp(SSL_get_wbio(s))) {
+ s->d1->next_state = s->s3->tmp.next_state;
+ s->s3->tmp.next_state = DTLS1_SCTP_ST_SW_WRITE_SOCK;
+ }
+# endif
#endif
s->init_num = 0;
}
@@ -458,6 +580,14 @@
case SSL3_ST_SW_FLUSH:
s->rwstate = SSL_WRITING;
if (BIO_flush(s->wbio) <= 0) {
+ /*
+ * If the write error was fatal, stop trying
+ */
+ if (!BIO_should_retry(s->wbio)) {
+ s->rwstate = SSL_NOTHING;
+ s->state = s->s3->tmp.next_state;
+ }
+
ret = -1;
goto end;
}
@@ -490,40 +620,81 @@
ret = ssl3_get_client_key_exchange(s);
if (ret <= 0)
goto end;
+#ifndef OPENSSL_NO_SCTP
+ /*
+ * Add new shared key for SCTP-Auth, will be ignored if no SCTP
+ * used.
+ */
+ snprintf((char *)labelbuffer, sizeof(DTLS1_SCTP_AUTH_LABEL),
+ DTLS1_SCTP_AUTH_LABEL);
+
+ SSL_export_keying_material(s, sctpauthkey,
+ sizeof(sctpauthkey), labelbuffer,
+ sizeof(labelbuffer), NULL, 0, 0);
+
+ BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY,
+ sizeof(sctpauthkey), sctpauthkey);
+#endif
+
s->state = SSL3_ST_SR_CERT_VRFY_A;
s->init_num = 0;
- /*
- * We need to get hashes here so if there is a client cert, it
- * can be verified
- */
- s->method->ssl3_enc->cert_verify_mac(s,
- &(s->s3->finish_dgst1),
- &(s->s3->
- tmp.cert_verify_md[0]));
- s->method->ssl3_enc->cert_verify_mac(s, &(s->s3->finish_dgst2),
- &(s->s3->
- tmp.cert_verify_md
- [MD5_DIGEST_LENGTH]));
+ if (ret == 2) {
+ /*
+ * For the ECDH ciphersuites when the client sends its ECDH
+ * pub key in a certificate, the CertificateVerify message is
+ * not sent.
+ */
+ s->state = SSL3_ST_SR_FINISHED_A;
+ s->init_num = 0;
+ } else {
+ s->state = SSL3_ST_SR_CERT_VRFY_A;
+ s->init_num = 0;
+ /*
+ * We need to get hashes here so if there is a client cert,
+ * it can be verified
+ */
+ s->method->ssl3_enc->cert_verify_mac(s,
+ NID_md5,
+ &(s->s3->
+ tmp.cert_verify_md
+ [0]));
+ s->method->ssl3_enc->cert_verify_mac(s, NID_sha1,
+ &(s->s3->
+ tmp.cert_verify_md
+ [MD5_DIGEST_LENGTH]));
+ }
break;
case SSL3_ST_SR_CERT_VRFY_A:
case SSL3_ST_SR_CERT_VRFY_B:
-
- s->d1->change_cipher_spec_ok = 1;
- /* we should decide if we expected this one */
ret = ssl3_get_cert_verify(s);
if (ret <= 0)
goto end;
-
- s->state = SSL3_ST_SR_FINISHED_A;
+#ifndef OPENSSL_NO_SCTP
+ if (BIO_dgram_is_sctp(SSL_get_wbio(s)) &&
+ state == SSL_ST_RENEGOTIATE)
+ s->state = DTLS1_SCTP_ST_SR_READ_SOCK;
+ else
+#endif
+ s->state = SSL3_ST_SR_FINISHED_A;
s->init_num = 0;
break;
case SSL3_ST_SR_FINISHED_A:
case SSL3_ST_SR_FINISHED_B:
- s->d1->change_cipher_spec_ok = 1;
+ /*
+ * Enable CCS. Receiving a CCS clears the flag, so make
+ * sure not to re-enable it to ban duplicates. This *should* be the
+ * first time we have received one - but we check anyway to be
+ * cautious.
+ * s->s3->change_cipher_spec is set when a CCS is
+ * processed in d1_pkt.c, and remains set until
+ * the client's Finished message is read.
+ */
+ if (!s->s3->change_cipher_spec)
+ s->d1->change_cipher_spec_ok = 1;
ret = ssl3_get_finished(s, SSL3_ST_SR_FINISHED_A,
SSL3_ST_SR_FINISHED_B);
if (ret <= 0)
@@ -567,6 +738,7 @@
s->session->cipher = s->s3->tmp.new_cipher;
if (!s->method->ssl3_enc->setup_key_block(s)) {
ret = -1;
+ s->state = SSL_ST_ERR;
goto end;
}
@@ -576,6 +748,18 @@
if (ret <= 0)
goto end;
+
+#ifndef OPENSSL_NO_SCTP
+ if (!s->hit) {
+ /*
+ * Change to new shared key of SCTP-Auth, will be ignored if
+ * no SCTP used.
+ */
+ BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY,
+ 0, NULL);
+ }
+#endif
+
s->state = SSL3_ST_SW_FINISHED_A;
s->init_num = 0;
@@ -583,6 +767,7 @@
SSL3_CHANGE_CIPHER_SERVER_WRITE))
{
ret = -1;
+ s->state = SSL_ST_ERR;
goto end;
}
@@ -601,10 +786,26 @@
if (ret <= 0)
goto end;
s->state = SSL3_ST_SW_FLUSH;
- if (s->hit)
+ if (s->hit) {
s->s3->tmp.next_state = SSL3_ST_SR_FINISHED_A;
- else
+
+#ifndef OPENSSL_NO_SCTP
+ /*
+ * Change to new shared key of SCTP-Auth, will be ignored if
+ * no SCTP used.
+ */
+ BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY,
+ 0, NULL);
+#endif
+ } else {
s->s3->tmp.next_state = SSL_ST_OK;
+#ifndef OPENSSL_NO_SCTP
+ if (BIO_dgram_is_sctp(SSL_get_wbio(s))) {
+ s->d1->next_state = s->s3->tmp.next_state;
+ s->s3->tmp.next_state = DTLS1_SCTP_ST_SW_WRITE_SOCK;
+ }
+#endif
+ }
s->init_num = 0;
break;
@@ -622,13 +823,9 @@
s->init_num = 0;
- if (s->new_session == 2) { /* skipped if we just sent a
+ if (s->renegotiate == 2) { /* skipped if we just sent a
* HelloRequest */
- /*
- * actually not necessarily a 'new' session unless
- * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION is set
- */
-
+ s->renegotiate = 0;
s->new_session = 0;
ssl_update_cache(s, SSL_SESS_CACHE_SERVER);
@@ -651,6 +848,7 @@
goto end;
/* break; */
+ case SSL_ST_ERR:
default:
SSLerr(SSL_F_DTLS1_ACCEPT, SSL_R_UNKNOWN_STATE);
ret = -1;
@@ -677,6 +875,15 @@
/* BIO_flush(s->wbio); */
s->in_handshake--;
+#ifndef OPENSSL_NO_SCTP
+ /*
+ * Notify SCTP BIO socket to leave handshake mode and prevent stream
+ * identifier other than 0. Will be ignored if no SCTP is used.
+ */
+ BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE,
+ s->in_handshake, NULL);
+#endif
+
if (cb != NULL)
cb(s, SSL_CB_ACCEPT_EXIT, ret);
return (ret);
@@ -714,10 +921,8 @@
buf = (unsigned char *)s->init_buf->data;
msg = p = &(buf[DTLS1_HM_HEADER_LENGTH]);
- if (s->client_version == DTLS1_BAD_VER)
- *(p++) = DTLS1_BAD_VER >> 8, *(p++) = DTLS1_BAD_VER & 0xff;
- else
- *(p++) = s->version >> 8, *(p++) = s->version & 0xFF;
+ *(p++) = s->version >> 8;
+ *(p++) = s->version & 0xFF;
if (s->ctx->app_gen_cookie_cb == NULL ||
s->ctx->app_gen_cookie_cb(s, s->d1->cookie,
@@ -724,6 +929,7 @@
&(s->d1->cookie_len)) == 0) {
SSLerr(SSL_F_DTLS1_SEND_HELLO_VERIFY_REQUEST,
ERR_R_INTERNAL_ERROR);
+ s->state = SSL_ST_ERR;
return 0;
}
@@ -752,21 +958,17 @@
unsigned char *p, *d;
int i;
unsigned int sl;
- unsigned long l, Time;
+ unsigned long l;
if (s->state == SSL3_ST_SW_SRVR_HELLO_A) {
buf = (unsigned char *)s->init_buf->data;
p = s->s3->server_random;
- Time = (unsigned long)time(NULL); /* Time */
- l2n(Time, p);
- RAND_pseudo_bytes(p, SSL3_RANDOM_SIZE - 4);
+ ssl_fill_hello_random(s, 1, p, SSL3_RANDOM_SIZE);
/* Do the message type and length last */
d = p = &(buf[DTLS1_HM_HEADER_LENGTH]);
- if (s->client_version == DTLS1_BAD_VER)
- *(p++) = DTLS1_BAD_VER >> 8, *(p++) = DTLS1_BAD_VER & 0xff;
- else
- *(p++) = s->version >> 8, *(p++) = s->version & 0xff;
+ *(p++) = s->version >> 8;
+ *(p++) = s->version & 0xff;
/* Random stuff */
memcpy(p, s->s3->server_random, SSL3_RANDOM_SIZE);
@@ -809,6 +1011,10 @@
#endif
#ifndef OPENSSL_NO_TLSEXT
+ if (ssl_prepare_serverhello_tlsext(s) <= 0) {
+ SSLerr(SSL_F_DTLS1_SEND_SERVER_HELLO, SSL_R_SERVERHELLO_TLSEXT);
+ return -1;
+ }
if ((p =
ssl_add_serverhello_tlsext(s, p,
buf + SSL3_RT_MAX_PLAIN_LENGTH)) ==
@@ -872,6 +1078,13 @@
#ifndef OPENSSL_NO_DH
DH *dh = NULL, *dhp;
#endif
+#ifndef OPENSSL_NO_ECDH
+ EC_KEY *ecdh = NULL, *ecdhp;
+ unsigned char *encodedPoint = NULL;
+ int encodedlen = 0;
+ int curve_id = 0;
+ BN_CTX *bn_ctx = NULL;
+#endif
EVP_PKEY *pkey;
unsigned char *p, *d;
int al, i;
@@ -885,7 +1098,7 @@
EVP_MD_CTX_init(&md_ctx);
if (s->state == SSL3_ST_SW_KEY_EXCH_A) {
- type = s->s3->tmp.new_cipher->algorithms & SSL_MKEY_MASK;
+ type = s->s3->tmp.new_cipher->algorithm_mkey;
cert = s->cert;
buf = s->init_buf;
@@ -972,6 +1185,137 @@
r[2] = dh->pub_key;
} else
#endif
+#ifndef OPENSSL_NO_ECDH
+ if (type & SSL_kEECDH) {
+ const EC_GROUP *group;
+
+ ecdhp = cert->ecdh_tmp;
+ if ((ecdhp == NULL) && (s->cert->ecdh_tmp_cb != NULL)) {
+ ecdhp = s->cert->ecdh_tmp_cb(s,
+ SSL_C_IS_EXPORT(s->s3->
+ tmp.new_cipher),
+ SSL_C_EXPORT_PKEYLENGTH(s->
+ s3->tmp.new_cipher));
+ }
+ if (ecdhp == NULL) {
+ al = SSL_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,
+ SSL_R_MISSING_TMP_ECDH_KEY);
+ goto f_err;
+ }
+
+ if (s->s3->tmp.ecdh != NULL) {
+ EC_KEY_free(s->s3->tmp.ecdh);
+ SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,
+ ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+
+ /* Duplicate the ECDH structure. */
+ if (ecdhp == NULL) {
+ SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, ERR_R_ECDH_LIB);
+ goto err;
+ }
+ if ((ecdh = EC_KEY_dup(ecdhp)) == NULL) {
+ SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, ERR_R_ECDH_LIB);
+ goto err;
+ }
+
+ s->s3->tmp.ecdh = ecdh;
+ if ((EC_KEY_get0_public_key(ecdh) == NULL) ||
+ (EC_KEY_get0_private_key(ecdh) == NULL) ||
+ (s->options & SSL_OP_SINGLE_ECDH_USE)) {
+ if (!EC_KEY_generate_key(ecdh)) {
+ SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,
+ ERR_R_ECDH_LIB);
+ goto err;
+ }
+ }
+
+ if (((group = EC_KEY_get0_group(ecdh)) == NULL) ||
+ (EC_KEY_get0_public_key(ecdh) == NULL) ||
+ (EC_KEY_get0_private_key(ecdh) == NULL)) {
+ SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, ERR_R_ECDH_LIB);
+ goto err;
+ }
+
+ if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) &&
+ (EC_GROUP_get_degree(group) > 163)) {
+ SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,
+ SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER);
+ goto err;
+ }
+
+ /*
+ * XXX: For now, we only support ephemeral ECDH keys over named
+ * (not generic) curves. For supported named curves, curve_id is
+ * non-zero.
+ */
+ if ((curve_id =
+ tls1_ec_nid2curve_id(EC_GROUP_get_curve_name(group)))
+ == 0) {
+ SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,
+ SSL_R_UNSUPPORTED_ELLIPTIC_CURVE);
+ goto err;
+ }
+
+ /*
+ * Encode the public key. First check the size of encoding and
+ * allocate memory accordingly.
+ */
+ encodedlen = EC_POINT_point2oct(group,
+ EC_KEY_get0_public_key(ecdh),
+ POINT_CONVERSION_UNCOMPRESSED,
+ NULL, 0, NULL);
+
+ encodedPoint = (unsigned char *)
+ OPENSSL_malloc(encodedlen * sizeof(unsigned char));
+ bn_ctx = BN_CTX_new();
+ if ((encodedPoint == NULL) || (bn_ctx == NULL)) {
+ SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,
+ ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ encodedlen = EC_POINT_point2oct(group,
+ EC_KEY_get0_public_key(ecdh),
+ POINT_CONVERSION_UNCOMPRESSED,
+ encodedPoint, encodedlen, bn_ctx);
+
+ if (encodedlen == 0) {
+ SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, ERR_R_ECDH_LIB);
+ goto err;
+ }
+
+ BN_CTX_free(bn_ctx);
+ bn_ctx = NULL;
+
+ /*
+ * XXX: For now, we only support named (not generic) curves in
+ * ECDH ephemeral key exchanges. In this situation, we need four
+ * additional bytes to encode the entire ServerECDHParams
+ * structure.
+ */
+ n = 4 + encodedlen;
+
+ /*
+ * We'll generate the serverKeyExchange message explicitly so we
+ * can set these to NULLs
+ */
+ r[0] = NULL;
+ r[1] = NULL;
+ r[2] = NULL;
+ r[3] = NULL;
+ } else
+#endif /* !OPENSSL_NO_ECDH */
+#ifndef OPENSSL_NO_PSK
+ if (type & SSL_kPSK) {
+ /*
+ * reserve size for record length and PSK identity hint
+ */
+ n += 2 + strlen(s->ctx->psk_identity_hint);
+ } else
+#endif /* !OPENSSL_NO_PSK */
{
al = SSL_AD_HANDSHAKE_FAILURE;
SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,
@@ -983,8 +1327,9 @@
n += 2 + nr[i];
}
- if (!(s->s3->tmp.new_cipher->algorithms & SSL_aNULL)) {
- if ((pkey = ssl_get_sign_pkey(s, s->s3->tmp.new_cipher))
+ if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL)
+ && !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)) {
+ if ((pkey = ssl_get_sign_pkey(s, s->s3->tmp.new_cipher, NULL))
== NULL) {
al = SSL_AD_DECODE_ERROR;
goto f_err;
@@ -1008,6 +1353,40 @@
p += nr[i];
}
+#ifndef OPENSSL_NO_ECDH
+ if (type & SSL_kEECDH) {
+ /*
+ * XXX: For now, we only support named (not generic) curves. In
+ * this situation, the serverKeyExchange message has: [1 byte
+ * CurveType], [2 byte CurveName] [1 byte length of encoded
+ * point], followed by the actual encoded point itself
+ */
+ *p = NAMED_CURVE_TYPE;
+ p += 1;
+ *p = 0;
+ p += 1;
+ *p = curve_id;
+ p += 1;
+ *p = encodedlen;
+ p += 1;
+ memcpy((unsigned char *)p,
+ (unsigned char *)encodedPoint, encodedlen);
+ OPENSSL_free(encodedPoint);
+ encodedPoint = NULL;
+ p += encodedlen;
+ }
+#endif
+
+#ifndef OPENSSL_NO_PSK
+ if (type & SSL_kPSK) {
+ /* copy PSK identity hint */
+ s2n(strlen(s->ctx->psk_identity_hint), p);
+ strncpy((char *)p, s->ctx->psk_identity_hint,
+ strlen(s->ctx->psk_identity_hint));
+ p += strlen(s->ctx->psk_identity_hint);
+ }
+#endif
+
/* not anonymous */
if (pkey != NULL) {
/*
@@ -1059,6 +1438,25 @@
n += i + 2;
} else
#endif
+#if !defined(OPENSSL_NO_ECDSA)
+ if (pkey->type == EVP_PKEY_EC) {
+ /* let's do ECDSA */
+ EVP_SignInit_ex(&md_ctx, EVP_ecdsa(), NULL);
+ EVP_SignUpdate(&md_ctx, &(s->s3->client_random[0]),
+ SSL3_RANDOM_SIZE);
+ EVP_SignUpdate(&md_ctx, &(s->s3->server_random[0]),
+ SSL3_RANDOM_SIZE);
+ EVP_SignUpdate(&md_ctx, &(d[DTLS1_HM_HEADER_LENGTH]), n);
+ if (!EVP_SignFinal(&md_ctx, &(p[2]),
+ (unsigned int *)&i, pkey)) {
+ SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,
+ ERR_LIB_ECDSA);
+ goto err;
+ }
+ s2n(i, p);
+ n += i + 2;
+ } else
+#endif
{
/* Is this error check actually needed? */
al = SSL_AD_HANDSHAKE_FAILURE;
@@ -1087,6 +1485,11 @@
f_err:
ssl3_send_alert(s, SSL3_AL_FATAL, al);
err:
+#ifndef OPENSSL_NO_ECDH
+ if (encodedPoint != NULL)
+ OPENSSL_free(encodedPoint);
+ BN_CTX_free(bn_ctx);
+#endif
EVP_MD_CTX_cleanup(&md_ctx);
return (-1);
}
@@ -1198,16 +1601,21 @@
if (s->state == SSL3_ST_SW_CERT_A) {
x = ssl_get_server_send_cert(s);
- if (x == NULL &&
+ if (x == NULL) {
/* VRS: allow null cert if auth == KRB5 */
- (s->s3->tmp.new_cipher->algorithms
- & (SSL_MKEY_MASK | SSL_AUTH_MASK))
- != (SSL_aKRB5 | SSL_kKRB5)) {
+ if ((s->s3->tmp.new_cipher->algorithm_mkey != SSL_kKRB5) ||
+ (s->s3->tmp.new_cipher->algorithm_auth != SSL_aKRB5)) {
+ SSLerr(SSL_F_DTLS1_SEND_SERVER_CERTIFICATE,
+ ERR_R_INTERNAL_ERROR);
+ return (0);
+ }
+ }
+
+ l = dtls1_output_cert_chain(s, x);
+ if (!l) {
SSLerr(SSL_F_DTLS1_SEND_SERVER_CERTIFICATE, ERR_R_INTERNAL_ERROR);
return (0);
}
-
- l = dtls1_output_cert_chain(s, x);
s->state = SSL3_ST_SW_CERT_B;
s->init_num = (int)l;
s->init_off = 0;
Modified: trunk/crypto/openssl/ssl/dtls1.h
===================================================================
--- trunk/crypto/openssl/ssl/dtls1.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/ssl/dtls1.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -72,7 +72,11 @@
# elif defined(OPENSSL_SYS_NETWARE) && !defined(_WINSOCK2API_)
# include <sys/timeval.h>
# else
-# include <sys/time.h>
+# if defined(OPENSSL_SYS_VXWORKS)
+# include <sys/times.h>
+# else
+# include <sys/time.h>
+# endif
# endif
#ifdef __cplusplus
@@ -81,6 +85,7 @@
# define DTLS1_VERSION 0xFEFF
# define DTLS_MAX_VERSION DTLS1_VERSION
+# define DTLS1_VERSION_MAJOR 0xFE
# define DTLS1_BAD_VER 0x0100
@@ -107,20 +112,30 @@
# define DTLS1_AL_HEADER_LENGTH 2
# endif
+# ifndef OPENSSL_NO_SSL_INTERN
+
+# ifndef OPENSSL_NO_SCTP
+# define DTLS1_SCTP_AUTH_LABEL "EXPORTER_DTLS_OVER_SCTP"
+# endif
+
+/* Max MTU overhead we know about so far is 40 for IPv6 + 8 for UDP */
+# define DTLS1_MAX_MTU_OVERHEAD 48
+
typedef struct dtls1_bitmap_st {
- PQ_64BIT map;
- unsigned long length; /* sizeof the bitmap in bits */
- PQ_64BIT max_seq_num; /* max record number seen so far */
+ unsigned long map; /* track 32 packets on 32-bit systems and 64
+ * - on 64-bit systems */
+ unsigned char max_seq_num[8]; /* max record number seen so far, 64-bit
+ * value in big-endian encoding */
} DTLS1_BITMAP;
struct dtls1_retransmit_state {
EVP_CIPHER_CTX *enc_write_ctx; /* cryptographic state */
- const EVP_MD *write_hash; /* used for mac generation */
-# ifndef OPENSSL_NO_COMP
+ EVP_MD_CTX *write_hash; /* used for mac generation */
+# ifndef OPENSSL_NO_COMP
COMP_CTX *compress; /* compression */
-# else
+# else
char *compress;
-# endif
+# endif
SSL_SESSION *session;
unsigned short epoch;
};
@@ -197,11 +212,14 @@
record_pqueue buffered_app_data;
/* Is set when listening for new connections with dtls1_listen() */
unsigned int listen;
+ unsigned int link_mtu; /* max on-the-wire DTLS packet size */
unsigned int mtu; /* max DTLS packet size */
struct hm_header_st w_msg_hdr;
struct hm_header_st r_msg_hdr;
struct dtls1_timeout_st timeout;
- /* Indicates when the last handshake msg sent will timeout */
+ /*
+ * Indicates when the last handshake msg or heartbeat sent will timeout
+ */
struct timeval next_timeout;
/* Timeout duration */
unsigned short timeout_duration;
@@ -214,7 +232,16 @@
unsigned char handshake_fragment[DTLS1_HM_HEADER_LENGTH];
unsigned int handshake_fragment_len;
unsigned int retransmitting;
+ /*
+ * Set when the handshake is ready to process peer's ChangeCipherSpec message.
+ * Cleared after the message has been processed.
+ */
unsigned int change_cipher_spec_ok;
+# ifndef OPENSSL_NO_SCTP
+ /* used when SSL_ST_XX_FLUSH is entered */
+ int next_state;
+ int shutdown_received;
+# endif
} DTLS1_STATE;
typedef struct dtls1_record_data_st {
@@ -222,8 +249,13 @@
unsigned int packet_length;
SSL3_BUFFER rbuf;
SSL3_RECORD rrec;
+# ifndef OPENSSL_NO_SCTP
+ struct bio_dgram_sctp_rcvinfo recordinfo;
+# endif
} DTLS1_RECORD_DATA;
+# endif
+
/* Timeout multipliers (timeout slice is defined in apps/timeouts.h */
# define DTLS1_TMO_READ_COUNT 2
# define DTLS1_TMO_WRITE_COUNT 2
Copied: trunk/crypto/openssl/ssl/heartbeat_test.c (from rev 7117, vendor-crypto/openssl/dist/ssl/heartbeat_test.c)
===================================================================
--- trunk/crypto/openssl/ssl/heartbeat_test.c (rev 0)
+++ trunk/crypto/openssl/ssl/heartbeat_test.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,472 @@
+/* test/heartbeat_test.c */
+/*-
+ * Unit test for TLS heartbeats.
+ *
+ * Acts as a regression test against the Heartbleed bug (CVE-2014-0160).
+ *
+ * Author: Mike Bland (mbland at acm.org, http://mike-bland.com/)
+ * Date: 2014-04-12
+ * License: Creative Commons Attribution 4.0 International (CC By 4.0)
+ * http://creativecommons.org/licenses/by/4.0/deed.en_US
+ *
+ * OUTPUT
+ * ------
+ * The program returns zero on success. It will print a message with a count
+ * of the number of failed tests and return nonzero if any tests fail.
+ *
+ * It will print the contents of the request and response buffers for each
+ * failing test. In a "fixed" version, all the tests should pass and there
+ * should be no output.
+ *
+ * In a "bleeding" version, you'll see:
+ *
+ * test_dtls1_heartbleed failed:
+ * expected payload len: 0
+ * received: 1024
+ * sent 26 characters
+ * "HEARTBLEED "
+ * received 1024 characters
+ * "HEARTBLEED \xde\xad\xbe\xef..."
+ * ** test_dtls1_heartbleed failed **
+ *
+ * The contents of the returned buffer in the failing test will depend on the
+ * contents of memory on your machine.
+ *
+ * MORE INFORMATION
+ * ----------------
+ * http://mike-bland.com/2014/04/12/heartbleed.html
+ * http://mike-bland.com/tags/heartbleed.html
+ */
+
+#define OPENSSL_UNIT_TEST
+
+#include "../test/testutil.h"
+
+#include "../ssl/ssl_locl.h"
+#include <ctype.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#if !defined(OPENSSL_NO_HEARTBEATS) && !defined(OPENSSL_NO_UNIT_TEST)
+
+/* As per https://tools.ietf.org/html/rfc6520#section-4 */
+# define MIN_PADDING_SIZE 16
+
+/* Maximum number of payload characters to print as test output */
+# define MAX_PRINTABLE_CHARACTERS 1024
+
+typedef struct heartbeat_test_fixture {
+ SSL_CTX *ctx;
+ SSL *s;
+ const char *test_case_name;
+ int (*process_heartbeat) (SSL *s);
+ unsigned char *payload;
+ int sent_payload_len;
+ int expected_return_value;
+ int return_payload_offset;
+ int expected_payload_len;
+ const char *expected_return_payload;
+} HEARTBEAT_TEST_FIXTURE;
+
+static HEARTBEAT_TEST_FIXTURE set_up(const char *const test_case_name,
+ const SSL_METHOD *meth)
+{
+ HEARTBEAT_TEST_FIXTURE fixture;
+ int setup_ok = 1;
+ memset(&fixture, 0, sizeof(fixture));
+ fixture.test_case_name = test_case_name;
+
+ fixture.ctx = SSL_CTX_new(meth);
+ if (!fixture.ctx) {
+ fprintf(stderr, "Failed to allocate SSL_CTX for test: %s\n",
+ test_case_name);
+ setup_ok = 0;
+ goto fail;
+ }
+
+ fixture.s = SSL_new(fixture.ctx);
+ if (!fixture.s) {
+ fprintf(stderr, "Failed to allocate SSL for test: %s\n",
+ test_case_name);
+ setup_ok = 0;
+ goto fail;
+ }
+
+ if (!ssl_init_wbio_buffer(fixture.s, 1)) {
+ fprintf(stderr, "Failed to set up wbio buffer for test: %s\n",
+ test_case_name);
+ setup_ok = 0;
+ goto fail;
+ }
+
+ if (!ssl3_setup_buffers(fixture.s)) {
+ fprintf(stderr, "Failed to setup buffers for test: %s\n",
+ test_case_name);
+ setup_ok = 0;
+ goto fail;
+ }
+
+ /*
+ * Clear the memory for the return buffer, since this isn't automatically
+ * zeroed in opt mode and will cause spurious test failures that will
+ * change with each execution.
+ */
+ memset(fixture.s->s3->wbuf.buf, 0, fixture.s->s3->wbuf.len);
+
+ fail:
+ if (!setup_ok) {
+ ERR_print_errors_fp(stderr);
+ exit(EXIT_FAILURE);
+ }
+ return fixture;
+}
+
+static HEARTBEAT_TEST_FIXTURE set_up_dtls(const char *const test_case_name)
+{
+ HEARTBEAT_TEST_FIXTURE fixture = set_up(test_case_name,
+ DTLSv1_server_method());
+ fixture.process_heartbeat = dtls1_process_heartbeat;
+
+ /*
+ * As per dtls1_get_record(), skipping the following from the beginning
+ * of the returned heartbeat message: type-1 byte; version-2 bytes;
+ * sequence number-8 bytes; length-2 bytes And then skipping the 1-byte
+ * type encoded by process_heartbeat for a total of 14 bytes, at which
+ * point we can grab the length and the payload we seek.
+ */
+ fixture.return_payload_offset = 14;
+ return fixture;
+}
+
+/* Needed by ssl3_write_bytes() */
+static int dummy_handshake(SSL *s)
+{
+ return 1;
+}
+
+static HEARTBEAT_TEST_FIXTURE set_up_tls(const char *const test_case_name)
+{
+ HEARTBEAT_TEST_FIXTURE fixture = set_up(test_case_name,
+ TLSv1_server_method());
+ fixture.process_heartbeat = tls1_process_heartbeat;
+ fixture.s->handshake_func = dummy_handshake;
+
+ /*
+ * As per do_ssl3_write(), skipping the following from the beginning of
+ * the returned heartbeat message: type-1 byte; version-2 bytes; length-2
+ * bytes And then skipping the 1-byte type encoded by process_heartbeat
+ * for a total of 6 bytes, at which point we can grab the length and the
+ * payload we seek.
+ */
+ fixture.return_payload_offset = 6;
+ return fixture;
+}
+
+static void tear_down(HEARTBEAT_TEST_FIXTURE fixture)
+{
+ ERR_print_errors_fp(stderr);
+ SSL_free(fixture.s);
+ SSL_CTX_free(fixture.ctx);
+}
+
+static void print_payload(const char *const prefix,
+ const unsigned char *payload, const int n)
+{
+ const int end = n < MAX_PRINTABLE_CHARACTERS ? n
+ : MAX_PRINTABLE_CHARACTERS;
+ int i = 0;
+
+ printf("%s %d character%s", prefix, n, n == 1 ? "" : "s");
+ if (end != n)
+ printf(" (first %d shown)", end);
+ printf("\n \"");
+
+ for (; i != end; ++i) {
+ const unsigned char c = payload[i];
+ if (isprint(c))
+ fputc(c, stdout);
+ else
+ printf("\\x%02x", c);
+ }
+ printf("\"\n");
+}
+
+static int execute_heartbeat(HEARTBEAT_TEST_FIXTURE fixture)
+{
+ int result = 0;
+ SSL *s = fixture.s;
+ unsigned char *payload = fixture.payload;
+ unsigned char sent_buf[MAX_PRINTABLE_CHARACTERS + 1];
+ int return_value;
+ unsigned const char *p;
+ int actual_payload_len;
+
+ s->s3->rrec.data = payload;
+ s->s3->rrec.length = strlen((const char *)payload);
+ *payload++ = TLS1_HB_REQUEST;
+ s2n(fixture.sent_payload_len, payload);
+
+ /*
+ * Make a local copy of the request, since it gets overwritten at some
+ * point
+ */
+ memcpy((char *)sent_buf, (const char *)payload, sizeof(sent_buf));
+
+ return_value = fixture.process_heartbeat(s);
+
+ if (return_value != fixture.expected_return_value) {
+ printf("%s failed: expected return value %d, received %d\n",
+ fixture.test_case_name, fixture.expected_return_value,
+ return_value);
+ result = 1;
+ }
+
+ /*
+ * If there is any byte alignment, it will be stored in wbuf.offset.
+ */
+ p = &(s->s3->
+ wbuf.buf[fixture.return_payload_offset + s->s3->wbuf.offset]);
+ actual_payload_len = 0;
+ n2s(p, actual_payload_len);
+
+ if (actual_payload_len != fixture.expected_payload_len) {
+ printf("%s failed:\n expected payload len: %d\n received: %d\n",
+ fixture.test_case_name, fixture.expected_payload_len,
+ actual_payload_len);
+ print_payload("sent", sent_buf, strlen((const char *)sent_buf));
+ print_payload("received", p, actual_payload_len);
+ result = 1;
+ } else {
+ char *actual_payload =
+ BUF_strndup((const char *)p, actual_payload_len);
+ if (strcmp(actual_payload, fixture.expected_return_payload) != 0) {
+ printf
+ ("%s failed:\n expected payload: \"%s\"\n received: \"%s\"\n",
+ fixture.test_case_name, fixture.expected_return_payload,
+ actual_payload);
+ result = 1;
+ }
+ OPENSSL_free(actual_payload);
+ }
+
+ if (result != 0) {
+ printf("** %s failed **\n--------\n", fixture.test_case_name);
+ }
+ return result;
+}
+
+static int honest_payload_size(unsigned char payload_buf[])
+{
+ /* Omit three-byte pad at the beginning for type and payload length */
+ return strlen((const char *)&payload_buf[3]) - MIN_PADDING_SIZE;
+}
+
+# define SETUP_HEARTBEAT_TEST_FIXTURE(type)\
+ SETUP_TEST_FIXTURE(HEARTBEAT_TEST_FIXTURE, set_up_##type)
+
+# define EXECUTE_HEARTBEAT_TEST()\
+ EXECUTE_TEST(execute_heartbeat, tear_down)
+
+static int test_dtls1_not_bleeding()
+{
+ SETUP_HEARTBEAT_TEST_FIXTURE(dtls);
+ /* Three-byte pad at the beginning for type and payload length */
+ unsigned char payload_buf[] = " Not bleeding, sixteen spaces of padding"
+ " ";
+ const int payload_buf_len = honest_payload_size(payload_buf);
+
+ fixture.payload = &payload_buf[0];
+ fixture.sent_payload_len = payload_buf_len;
+ fixture.expected_return_value = 0;
+ fixture.expected_payload_len = payload_buf_len;
+ fixture.expected_return_payload =
+ "Not bleeding, sixteen spaces of padding";
+ EXECUTE_HEARTBEAT_TEST();
+}
+
+static int test_dtls1_not_bleeding_empty_payload()
+{
+ int payload_buf_len;
+
+ SETUP_HEARTBEAT_TEST_FIXTURE(dtls);
+ /*
+ * Three-byte pad at the beginning for type and payload length, plus a
+ * NUL at the end
+ */
+ unsigned char payload_buf[4 + MIN_PADDING_SIZE];
+ memset(payload_buf, ' ', sizeof(payload_buf));
+ payload_buf[sizeof(payload_buf) - 1] = '\0';
+ payload_buf_len = honest_payload_size(payload_buf);
+
+ fixture.payload = &payload_buf[0];
+ fixture.sent_payload_len = payload_buf_len;
+ fixture.expected_return_value = 0;
+ fixture.expected_payload_len = payload_buf_len;
+ fixture.expected_return_payload = "";
+ EXECUTE_HEARTBEAT_TEST();
+}
+
+static int test_dtls1_heartbleed()
+{
+ SETUP_HEARTBEAT_TEST_FIXTURE(dtls);
+ /* Three-byte pad at the beginning for type and payload length */
+ unsigned char payload_buf[] = " HEARTBLEED ";
+
+ fixture.payload = &payload_buf[0];
+ fixture.sent_payload_len = MAX_PRINTABLE_CHARACTERS;
+ fixture.expected_return_value = 0;
+ fixture.expected_payload_len = 0;
+ fixture.expected_return_payload = "";
+ EXECUTE_HEARTBEAT_TEST();
+}
+
+static int test_dtls1_heartbleed_empty_payload()
+{
+ SETUP_HEARTBEAT_TEST_FIXTURE(dtls);
+ /*
+ * Excluding the NUL at the end, one byte short of type + payload length
+ * + minimum padding
+ */
+ unsigned char payload_buf[MIN_PADDING_SIZE + 3];
+ memset(payload_buf, ' ', sizeof(payload_buf));
+ payload_buf[sizeof(payload_buf) - 1] = '\0';
+
+ fixture.payload = &payload_buf[0];
+ fixture.sent_payload_len = MAX_PRINTABLE_CHARACTERS;
+ fixture.expected_return_value = 0;
+ fixture.expected_payload_len = 0;
+ fixture.expected_return_payload = "";
+ EXECUTE_HEARTBEAT_TEST();
+}
+
+static int test_dtls1_heartbleed_excessive_plaintext_length()
+{
+ SETUP_HEARTBEAT_TEST_FIXTURE(dtls);
+ /*
+ * Excluding the NUL at the end, one byte in excess of maximum allowed
+ * heartbeat message length
+ */
+ unsigned char payload_buf[SSL3_RT_MAX_PLAIN_LENGTH + 2];
+ memset(payload_buf, ' ', sizeof(payload_buf));
+ payload_buf[sizeof(payload_buf) - 1] = '\0';
+
+ fixture.payload = &payload_buf[0];
+ fixture.sent_payload_len = honest_payload_size(payload_buf);
+ fixture.expected_return_value = 0;
+ fixture.expected_payload_len = 0;
+ fixture.expected_return_payload = "";
+ EXECUTE_HEARTBEAT_TEST();
+}
+
+static int test_tls1_not_bleeding()
+{
+ SETUP_HEARTBEAT_TEST_FIXTURE(tls);
+ /* Three-byte pad at the beginning for type and payload length */
+ unsigned char payload_buf[] = " Not bleeding, sixteen spaces of padding"
+ " ";
+ const int payload_buf_len = honest_payload_size(payload_buf);
+
+ fixture.payload = &payload_buf[0];
+ fixture.sent_payload_len = payload_buf_len;
+ fixture.expected_return_value = 0;
+ fixture.expected_payload_len = payload_buf_len;
+ fixture.expected_return_payload =
+ "Not bleeding, sixteen spaces of padding";
+ EXECUTE_HEARTBEAT_TEST();
+}
+
+static int test_tls1_not_bleeding_empty_payload()
+{
+ int payload_buf_len;
+
+ SETUP_HEARTBEAT_TEST_FIXTURE(tls);
+ /*
+ * Three-byte pad at the beginning for type and payload length, plus a
+ * NUL at the end
+ */
+ unsigned char payload_buf[4 + MIN_PADDING_SIZE];
+ memset(payload_buf, ' ', sizeof(payload_buf));
+ payload_buf[sizeof(payload_buf) - 1] = '\0';
+ payload_buf_len = honest_payload_size(payload_buf);
+
+ fixture.payload = &payload_buf[0];
+ fixture.sent_payload_len = payload_buf_len;
+ fixture.expected_return_value = 0;
+ fixture.expected_payload_len = payload_buf_len;
+ fixture.expected_return_payload = "";
+ EXECUTE_HEARTBEAT_TEST();
+}
+
+static int test_tls1_heartbleed()
+{
+ SETUP_HEARTBEAT_TEST_FIXTURE(tls);
+ /* Three-byte pad at the beginning for type and payload length */
+ unsigned char payload_buf[] = " HEARTBLEED ";
+
+ fixture.payload = &payload_buf[0];
+ fixture.sent_payload_len = MAX_PRINTABLE_CHARACTERS;
+ fixture.expected_return_value = 0;
+ fixture.expected_payload_len = 0;
+ fixture.expected_return_payload = "";
+ EXECUTE_HEARTBEAT_TEST();
+}
+
+static int test_tls1_heartbleed_empty_payload()
+{
+ SETUP_HEARTBEAT_TEST_FIXTURE(tls);
+ /*
+ * Excluding the NUL at the end, one byte short of type + payload length
+ * + minimum padding
+ */
+ unsigned char payload_buf[MIN_PADDING_SIZE + 3];
+ memset(payload_buf, ' ', sizeof(payload_buf));
+ payload_buf[sizeof(payload_buf) - 1] = '\0';
+
+ fixture.payload = &payload_buf[0];
+ fixture.sent_payload_len = MAX_PRINTABLE_CHARACTERS;
+ fixture.expected_return_value = 0;
+ fixture.expected_payload_len = 0;
+ fixture.expected_return_payload = "";
+ EXECUTE_HEARTBEAT_TEST();
+}
+
+# undef EXECUTE_HEARTBEAT_TEST
+# undef SETUP_HEARTBEAT_TEST_FIXTURE
+
+int main(int argc, char *argv[])
+{
+ int num_failed;
+
+ SSL_library_init();
+ SSL_load_error_strings();
+
+ num_failed = test_dtls1_not_bleeding() +
+ test_dtls1_not_bleeding_empty_payload() +
+ test_dtls1_heartbleed() + test_dtls1_heartbleed_empty_payload() +
+ /*
+ * The following test causes an assertion failure at
+ * ssl/d1_pkt.c:dtls1_write_bytes() in versions prior to 1.0.1g:
+ */
+ (OPENSSL_VERSION_NUMBER >= 0x1000107fL ?
+ test_dtls1_heartbleed_excessive_plaintext_length() : 0) +
+ test_tls1_not_bleeding() +
+ test_tls1_not_bleeding_empty_payload() +
+ test_tls1_heartbleed() + test_tls1_heartbleed_empty_payload() + 0;
+
+ ERR_print_errors_fp(stderr);
+
+ if (num_failed != 0) {
+ printf("%d test%s failed\n", num_failed, num_failed != 1 ? "s" : "");
+ return EXIT_FAILURE;
+ }
+ return EXIT_SUCCESS;
+}
+
+#else /* OPENSSL_NO_HEARTBEATS */
+
+int main(int argc, char *argv[])
+{
+ return EXIT_SUCCESS;
+}
+#endif /* OPENSSL_NO_HEARTBEATS */
Copied: trunk/crypto/openssl/ssl/install-ssl.com (from rev 7117, vendor-crypto/openssl/dist/ssl/install-ssl.com)
===================================================================
--- trunk/crypto/openssl/ssl/install-ssl.com (rev 0)
+++ trunk/crypto/openssl/ssl/install-ssl.com 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,136 @@
+$! INSTALL-SSL.COM -- Installs the files in a given directory tree
+$!
+$! Author: Richard Levitte <richard at levitte.org>
+$! Time of creation: 22-MAY-1998 10:13
+$!
+$! P1 root of the directory tree
+$! P2 "64" for 64-bit pointers.
+$!
+$!
+$! Announce/identify.
+$!
+$ proc = f$environment( "procedure")
+$ write sys$output "@@@ "+ -
+ f$parse( proc, , , "name")+ f$parse( proc, , , "type")
+$!
+$ on error then goto tidy
+$ on control_c then goto tidy
+$!
+$ if p1 .eqs. ""
+$ then
+$ write sys$output "First argument missing."
+$ write sys$output -
+ "It should be the directory where you want things installed."
+$ exit
+$ endif
+$!
+$ if (f$getsyi( "cpu") .lt. 128)
+$ then
+$ arch = "VAX"
+$ else
+$ arch = f$edit( f$getsyi( "arch_name"), "upcase")
+$ if (arch .eqs. "") then arch = "UNK"
+$ endif
+$!
+$ archd = arch
+$ lib32 = "32"
+$ shr = "_SHR32"
+$!
+$ if (p2 .nes. "")
+$ then
+$ if (p2 .eqs. "64")
+$ then
+$ archd = arch+ "_64"
+$ lib32 = ""
+$ shr = "_SHR"
+$ else
+$ if (p2 .nes. "32")
+$ then
+$ write sys$output "Second argument invalid."
+$ write sys$output "It should be "32", "64", or nothing."
+$ exit
+$ endif
+$ endif
+$ endif
+$!
+$ root = f$parse( p1, "[]A.;0", , , "syntax_only, no_conceal") - "A.;0"
+$ root_dev = f$parse(root,,,"device","syntax_only")
+$ root_dir = f$parse(root,,,"directory","syntax_only") - -
+ "[000000." - "][" - "[" - "]"
+$ root = root_dev + "[" + root_dir
+$!
+$ define /nolog wrk_sslroot 'root'.] /trans=conc
+$ define /nolog wrk_sslinclude wrk_sslroot:[include]
+$ define /nolog wrk_sslxexe wrk_sslroot:['archd'_exe]
+$ define /nolog wrk_sslxlib wrk_sslroot:['arch'_lib]
+$!
+$ if f$parse("wrk_sslroot:[000000]") .eqs. "" then -
+ create /directory /log wrk_sslroot:[000000]
+$ if f$parse("wrk_sslinclude:") .eqs. "" then -
+ create /directory /log wrk_sslinclude:
+$ if f$parse("wrk_sslxexe:") .eqs. "" then -
+ create /directory /log wrk_sslxexe:
+$ if f$parse("wrk_sslxlib:") .eqs. "" then -
+ create /directory /log wrk_sslxlib:
+$!
+$ exheader := ssl.h, ssl2.h, ssl3.h, ssl23.h, tls1.h, dtls1.h, kssl.h, srtp.h
+$ e_exe := ssl_task
+$ libs := ssl_libssl
+$!
+$ xexe_dir := [-.'archd'.exe.ssl]
+$!
+$ copy /protection = w:re 'exheader' wrk_sslinclude: /log
+$!
+$ i = 0
+$ loop_exe:
+$ e = f$edit( f$element( i, ",", e_exe), "trim")
+$ i = i + 1
+$ if e .eqs. "," then goto loop_exe_end
+$ set noon
+$ file = xexe_dir+ e+ ".exe"
+$ if f$search( file) .nes. ""
+$ then
+$ copy /protection = w:re 'file' wrk_sslxexe: /log
+$ endif
+$ set on
+$ goto loop_exe
+$ loop_exe_end:
+$!
+$ i = 0
+$ loop_lib:
+$ e = f$edit(f$element(i, ",", libs),"trim")
+$ i = i + 1
+$ if e .eqs. "," then goto loop_lib_end
+$ set noon
+$! Object library.
+$ file = xexe_dir+ e+ lib32+ ".olb"
+$ if f$search( file) .nes. ""
+$ then
+$ copy /protection = w:re 'file' wrk_sslxlib: /log
+$ endif
+$! Shareable image.
+$ file = xexe_dir+ e+ shr+ ".exe"
+$ if f$search( file) .nes. ""
+$ then
+$ copy /protection = w:re 'file' wrk_sslxlib: /log
+$ endif
+$ set on
+$ goto loop_lib
+$ loop_lib_end:
+$!
+$ tidy:
+$!
+$ call deass wrk_sslroot
+$ call deass wrk_sslinclude
+$ call deass wrk_sslxexe
+$ call deass wrk_sslxlib
+$!
+$ exit
+$!
+$ deass: subroutine
+$ if (f$trnlnm( p1, "LNM$PROCESS") .nes. "")
+$ then
+$ deassign /process 'p1'
+$ endif
+$ endsubroutine
+$!
Modified: trunk/crypto/openssl/ssl/kssl.c
===================================================================
--- trunk/crypto/openssl/ssl/kssl.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/ssl/kssl.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -78,6 +78,7 @@
#include <openssl/evp.h>
#include <openssl/objects.h>
#include <openssl/krb5_asn.h>
+#include "kssl_lcl.h"
#ifndef OPENSSL_NO_KRB5
@@ -133,7 +134,7 @@
# define krb5_principal_compare kssl_krb5_principal_compare
# define krb5_decrypt_tkt_part kssl_krb5_decrypt_tkt_part
# define krb5_timeofday kssl_krb5_timeofday
-# define krb5_rc_default kssl_krb5_rc_default
+# define krb5_rc_default kssl_krb5_rc_default
# ifdef krb5_rc_initialize
# undef krb5_rc_initialize
@@ -799,7 +800,7 @@
* yy" (APPLICATION-2, SEQUENCE), where xx-yy =~ 2, and xx and yy are
* possibly multi-byte length fields.
*/
-int kssl_test_confound(unsigned char *p)
+static int kssl_test_confound(unsigned char *p)
{
int len = 2;
int xx = 0, yy = 0;
@@ -859,7 +860,7 @@
* guess for what the highest assigned CKSUMTYPE_ constant is. As of 1.2.2
* it is 0x000c (CKSUMTYPE_HMAC_SHA1_DES3). So we will use 0x0010.
*/
-size_t *populate_cksumlens(void)
+static size_t *populate_cksumlens(void)
{
int i, j, n;
static size_t *cklens = NULL;
@@ -941,14 +942,14 @@
{
int i;
- printf("%s[%d] ", label, kdata->length);
+ fprintf(stderr, "%s[%d] ", label, kdata->length);
for (i = 0; i < (int)kdata->length; i++) {
if (0 && isprint((int)kdata->data[i]))
- printf("%c ", kdata->data[i]);
+ fprintf(stderr, "%c ", kdata->data[i]);
else
- printf("%02x ", (unsigned char)kdata->data[i]);
+ fprintf(stderr, "%02x ", (unsigned char)kdata->data[i]);
}
- printf("\n");
+ fprintf(stderr, "\n");
}
/*
@@ -957,19 +958,19 @@
void print_krb5_authdata(char *label, krb5_authdata **adata)
{
if (adata == NULL) {
- printf("%s, authdata==0\n", label);
+ fprintf(stderr, "%s, authdata==0\n", label);
return;
}
- printf("%s [%p]\n", label, (void *)adata);
+ fprintf(stderr, "%s [%p]\n", label, (void *)adata);
# if 0
{
int i;
- printf("%s[at%d:%d] ", label, adata->ad_type, adata->length);
+ fprintf(stderr, "%s[at%d:%d] ", label, adata->ad_type, adata->length);
for (i = 0; i < adata->length; i++) {
- printf((isprint(adata->contents[i])) ? "%c " : "%02x",
- adata->contents[i]);
+ fprintf(stderr, (isprint(adata->contents[i])) ? "%c " : "%02x",
+ adata->contents[i]);
}
- printf("\n");
+ fprintf(stderr, "\n");
}
# endif
}
@@ -982,22 +983,24 @@
int i;
if (keyblk == NULL) {
- printf("%s, keyblk==0\n", label);
+ fprintf(stderr, "%s, keyblk==0\n", label);
return;
}
# ifdef KRB5_HEIMDAL
- printf("%s\n\t[et%d:%d]: ", label, keyblk->keytype,
- keyblk->keyvalue->length);
+ fprintf(stderr, "%s\n\t[et%d:%d]: ", label, keyblk->keytype,
+ keyblk->keyvalue->length);
for (i = 0; i < (int)keyblk->keyvalue->length; i++) {
- printf("%02x", (unsigned char *)(keyblk->keyvalue->contents)[i]);
+ fprintf(stderr, "%02x",
+ (unsigned char *)(keyblk->keyvalue->contents)[i]);
}
- printf("\n");
+ fprintf(stderr, "\n");
# else
- printf("%s\n\t[et%d:%d]: ", label, keyblk->enctype, keyblk->length);
+ fprintf(stderr, "%s\n\t[et%d:%d]: ", label, keyblk->enctype,
+ keyblk->length);
for (i = 0; i < (int)keyblk->length; i++) {
- printf("%02x", keyblk->contents[i]);
+ fprintf(stderr, "%02x", keyblk->contents[i]);
}
- printf("\n");
+ fprintf(stderr, "\n");
# endif
}
@@ -1005,22 +1008,23 @@
* Display contents of krb5_principal_data struct, for debugging
* (krb5_principal is typedef'd == krb5_principal_data *)
*/
-void print_krb5_princ(char *label, krb5_principal_data *princ)
+static void print_krb5_princ(char *label, krb5_principal_data *princ)
{
int i, ui, uj;
- printf("%s principal Realm: ", label);
+ fprintf(stderr, "%s principal Realm: ", label);
if (princ == NULL)
return;
for (ui = 0; ui < (int)princ->realm.length; ui++)
putchar(princ->realm.data[ui]);
- printf(" (nametype %d) has %d strings:\n", princ->type, princ->length);
+ fprintf(stderr, " (nametype %d) has %d strings:\n", princ->type,
+ princ->length);
for (i = 0; i < (int)princ->length; i++) {
- printf("\t%d [%d]: ", i, princ->data[i].length);
+ fprintf(stderr, "\t%d [%d]: ", i, princ->data[i].length);
for (uj = 0; uj < (int)princ->data[i].length; uj++) {
putchar(princ->data[i].data[uj]);
}
- printf("\n");
+ fprintf(stderr, "\n");
}
return;
}
@@ -1197,16 +1201,16 @@
* code here. This tkt should alloc/free just
* like the real thing.
*/
-krb5_error_code kssl_TKT2tkt( /* IN */ krb5_context krb5context,
- /*
- * IN
- */ KRB5_TKTBODY *asn1ticket,
- /*
- * OUT
- */ krb5_ticket **krb5ticket,
- /*
- * OUT
- */ KSSL_ERR *kssl_err)
+static krb5_error_code kssl_TKT2tkt( /* IN */ krb5_context krb5context,
+ /*
+ * IN
+ */ KRB5_TKTBODY *asn1ticket,
+ /*
+ * OUT
+ */ krb5_ticket **krb5ticket,
+ /*
+ * OUT
+ */ KSSL_ERR *kssl_err)
{
krb5_error_code krb5rc = KRB5KRB_ERR_GENERIC;
krb5_ticket *new5ticket = NULL;
@@ -1308,7 +1312,8 @@
goto err;
}
# ifdef KSSL_DEBUG
- printf("in kssl_sget_tkt(%s)\n", kstring(kssl_ctx->service_name));
+ fprintf(stderr, "in kssl_sget_tkt(%s)\n",
+ kstring(kssl_ctx->service_name));
# endif /* KSSL_DEBUG */
if (!krb5context && (krb5rc = krb5_init_context(&krb5context))) {
@@ -1451,17 +1456,17 @@
{
int i;
krb5_address **paddr = krb5ticket->enc_part2->caddrs;
- printf("Decrypted ticket fields:\n");
- printf("\tflags: %X, transit-type: %X",
- krb5ticket->enc_part2->flags,
- krb5ticket->enc_part2->transited.tr_type);
+ fprintf(stderr, "Decrypted ticket fields:\n");
+ fprintf(stderr, "\tflags: %X, transit-type: %X",
+ krb5ticket->enc_part2->flags,
+ krb5ticket->enc_part2->transited.tr_type);
print_krb5_data("\ttransit-data: ",
&(krb5ticket->enc_part2->transited.tr_contents));
- printf("\tcaddrs: %p, authdata: %p\n",
- krb5ticket->enc_part2->caddrs,
- krb5ticket->enc_part2->authorization_data);
+ fprintf(stderr, "\tcaddrs: %p, authdata: %p\n",
+ krb5ticket->enc_part2->caddrs,
+ krb5ticket->enc_part2->authorization_data);
if (paddr) {
- printf("\tcaddrs:\n");
+ fprintf(stderr, "\tcaddrs:\n");
for (i = 0; paddr[i] != NULL; i++) {
krb5_data d;
d.length = paddr[i]->length;
@@ -1469,10 +1474,10 @@
print_krb5_data("\t\tIP: ", &d);
}
}
- printf("\tstart/auth/end times: %d / %d / %d\n",
- krb5ticket->enc_part2->times.starttime,
- krb5ticket->enc_part2->times.authtime,
- krb5ticket->enc_part2->times.endtime);
+ fprintf(stderr, "\tstart/auth/end times: %d / %d / %d\n",
+ krb5ticket->enc_part2->times.starttime,
+ krb5ticket->enc_part2->times.authtime,
+ krb5ticket->enc_part2->times.endtime);
}
# endif /* KSSL_DEBUG */
}
@@ -1874,7 +1879,7 @@
* as defined in RFC 1510. Return pointer to the (partially) filled in
* struct tm on success, return NULL on failure.
*/
-struct tm *k_gmtime(ASN1_GENERALIZEDTIME *gtime, struct tm *k_tm)
+static struct tm *k_gmtime(ASN1_GENERALIZEDTIME *gtime, struct tm *k_tm)
{
char c, *p;
@@ -1927,7 +1932,7 @@
* out through the replay cache. If that fails just return a likely default
* (300 seconds).
*/
-krb5_deltat get_rc_clockskew(krb5_context context)
+static krb5_deltat get_rc_clockskew(krb5_context context)
{
krb5_rcache rc;
krb5_deltat clockskew;
@@ -1980,8 +1985,8 @@
return SSL_R_KRB5_S_TKT_EXPIRED;
# ifdef KSSL_DEBUG
- printf("kssl_validate_times: %d |<- | %d - %d | < %d ->| %d\n",
- start, atime, now, skew, ttimes->endtime);
+ fprintf(stderr, "kssl_validate_times: %d |<- | %d - %d | < %d ->| %d\n",
+ start, atime, now, skew, ttimes->endtime);
# endif /* KSSL_DEBUG */
return 0;
@@ -2040,11 +2045,12 @@
# ifdef KSSL_DEBUG
{
unsigned int ui;
- printf("kssl_check_authent: authenticator[%d]:\n", authentp->length);
+ fprintf(stderr, "kssl_check_authent: authenticator[%d]:\n",
+ authentp->length);
p = authentp->data;
for (ui = 0; ui < authentp->length; ui++)
- printf("%02x ", p[ui]);
- printf("\n");
+ fprintf(stderr, "%02x ", p[ui]);
+ fprintf(stderr, "\n");
}
# endif /* KSSL_DEBUG */
@@ -2104,10 +2110,14 @@
EVP_CIPHER_CTX_cleanup(&ciph_ctx);
# ifdef KSSL_DEBUG
- printf("kssl_check_authent: decrypted authenticator[%d] =\n", outl);
- for (padl = 0; padl < outl; padl++)
- printf("%02x ", unenc_authent[padl]);
- printf("\n");
+ {
+ int padl;
+ fprintf(stderr, "kssl_check_authent: decrypted authenticator[%d] =\n",
+ outl);
+ for (padl = 0; padl < outl; padl++)
+ fprintf(stderr, "%02x ", unenc_authent[padl]);
+ fprintf(stderr, "\n");
+ }
# endif /* KSSL_DEBUG */
if ((p = kssl_skip_confound(enctype, unenc_authent)) == NULL) {
@@ -2136,14 +2146,15 @@
tg = mktime(tm_g);
tz_offset = tg - tl;
- *atimep = tr - tz_offset;
+ *atimep = (krb5_timestamp)(tr - tz_offset);
}
# ifdef KSSL_DEBUG
- printf("kssl_check_authent: returns %d for client time ", *atimep);
+ fprintf(stderr, "kssl_check_authent: returns %d for client time ",
+ *atimep);
if (auth && auth->ctime && auth->ctime->length && auth->ctime->data)
- printf("%.*s\n", auth->ctime->length, auth->ctime->data);
+ fprintf(stderr, "%.*s\n", auth->ctime->length, auth->ctime->data);
else
- printf("NULL\n");
+ fprintf(stderr, "NULL\n");
# endif /* KSSL_DEBUG */
err:
@@ -2223,6 +2234,23 @@
return ENOMEM;
}
+void SSL_set0_kssl_ctx(SSL *s, KSSL_CTX *kctx)
+{
+ s->kssl_ctx = kctx;
+}
+
+KSSL_CTX *SSL_get0_kssl_ctx(SSL *s)
+{
+ return s->kssl_ctx;
+}
+
+char *kssl_ctx_get0_client_princ(KSSL_CTX *kctx)
+{
+ if (kctx)
+ return kctx->client_princ;
+ return NULL;
+}
+
#else /* !OPENSSL_NO_KRB5 */
# if defined(PEDANTIC) || defined(OPENSSL_SYS_VMS)
Modified: trunk/crypto/openssl/ssl/kssl.h
===================================================================
--- trunk/crypto/openssl/ssl/kssl.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/ssl/kssl.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -71,6 +71,16 @@
# include <stdio.h>
# include <ctype.h>
# include <krb5.h>
+# ifdef OPENSSL_SYS_WIN32
+/*
+ * These can sometimes get redefined indirectly by krb5 header files after
+ * they get undefed in ossl_typ.h
+ */
+# undef X509_NAME
+# undef X509_EXTENSIONS
+# undef OCSP_REQUEST
+# undef OCSP_RESPONSE
+# endif
#ifdef __cplusplus
extern "C" {
@@ -176,6 +186,10 @@
KSSL_ERR *kssl_err);
unsigned char *kssl_skip_confound(krb5_enctype enctype, unsigned char *authn);
+void SSL_set0_kssl_ctx(SSL *s, KSSL_CTX *kctx);
+KSSL_CTX *SSL_get0_kssl_ctx(SSL *s);
+char *kssl_ctx_get0_client_princ(KSSL_CTX *kctx);
+
#ifdef __cplusplus
}
#endif
Modified: trunk/crypto/openssl/ssl/kssl_lcl.h
===================================================================
--- trunk/crypto/openssl/ssl/kssl_lcl.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/ssl/kssl_lcl.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -76,7 +76,7 @@
char *kstring(char *string);
char *knumber(int len, krb5_octet *contents);
-EVP_CIPHER *kssl_map_enc(krb5_enctype enctype);
+const EVP_CIPHER *kssl_map_enc(krb5_enctype enctype);
int kssl_keytab_is_available(KSSL_CTX *kssl_ctx);
int kssl_tgt_is_available(KSSL_CTX *kssl_ctx);
Modified: trunk/crypto/openssl/ssl/s23_clnt.c
===================================================================
--- trunk/crypto/openssl/ssl/s23_clnt.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/ssl/s23_clnt.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -55,6 +55,59 @@
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
+/* ====================================================================
+ * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
#include <stdio.h>
#include "ssl_locl.h"
@@ -63,10 +116,10 @@
#include <openssl/objects.h>
#include <openssl/evp.h>
-static SSL_METHOD *ssl23_get_client_method(int ver);
+static const SSL_METHOD *ssl23_get_client_method(int ver);
static int ssl23_client_hello(SSL *s);
static int ssl23_get_server_hello(SSL *s);
-static SSL_METHOD *ssl23_get_client_method(int ver)
+static const SSL_METHOD *ssl23_get_client_method(int ver)
{
#ifndef OPENSSL_NO_SSL2
if (ver == SSL2_VERSION)
@@ -78,6 +131,10 @@
#endif
if (ver == TLS1_VERSION)
return (TLSv1_client_method());
+ else if (ver == TLS1_1_VERSION)
+ return (TLSv1_1_client_method());
+ else if (ver == TLS1_2_VERSION)
+ return (TLSv1_2_client_method());
else
return (NULL);
}
@@ -201,12 +258,49 @@
return (ret);
}
+static int ssl23_no_ssl2_ciphers(SSL *s)
+{
+ SSL_CIPHER *cipher;
+ STACK_OF(SSL_CIPHER) *ciphers;
+ int i;
+ ciphers = SSL_get_ciphers(s);
+ for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) {
+ cipher = sk_SSL_CIPHER_value(ciphers, i);
+ if (cipher->algorithm_ssl == SSL_SSLV2)
+ return 0;
+ }
+ return 1;
+}
+
+/*
+ * Fill a ClientRandom or ServerRandom field of length len. Returns <= 0 on
+ * failure, 1 on success.
+ */
+int ssl_fill_hello_random(SSL *s, int server, unsigned char *result, int len)
+{
+ int send_time = 0;
+
+ if (len < 4)
+ return 0;
+ if (server)
+ send_time = (s->mode & SSL_MODE_SEND_SERVERHELLO_TIME) != 0;
+ else
+ send_time = (s->mode & SSL_MODE_SEND_CLIENTHELLO_TIME) != 0;
+ if (send_time) {
+ unsigned long Time = (unsigned long)time(NULL);
+ unsigned char *p = result;
+ l2n(Time, p);
+ return RAND_pseudo_bytes(p, len - 4);
+ } else
+ return RAND_pseudo_bytes(result, len);
+}
+
static int ssl23_client_hello(SSL *s)
{
unsigned char *buf;
unsigned char *p, *d;
int i, ch_len;
- unsigned long Time, l;
+ unsigned long l;
int ssl2_compat;
int version = 0, version_major, version_minor;
#ifndef OPENSSL_NO_COMP
@@ -214,16 +308,51 @@
SSL_COMP *comp;
#endif
int ret;
+ unsigned long mask, options = s->options;
- ssl2_compat = (s->options & SSL_OP_NO_SSLv2) ? 0 : 1;
+ ssl2_compat = (options & SSL_OP_NO_SSLv2) ? 0 : 1;
- if (!(s->options & SSL_OP_NO_TLSv1)) {
+ if (ssl2_compat && ssl23_no_ssl2_ciphers(s))
+ ssl2_compat = 0;
+
+ /*
+ * SSL_OP_NO_X disables all protocols above X *if* there are
+ * some protocols below X enabled. This is required in order
+ * to maintain "version capability" vector contiguous. So
+ * that if application wants to disable TLS1.0 in favour of
+ * TLS1>=1, it would be insufficient to pass SSL_NO_TLSv1, the
+ * answer is SSL_OP_NO_TLSv1|SSL_OP_NO_SSLv3|SSL_OP_NO_SSLv2.
+ */
+ mask = SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1
+#if !defined(OPENSSL_NO_SSL3)
+ | SSL_OP_NO_SSLv3
+#endif
+#if !defined(OPENSSL_NO_SSL2)
+ | (ssl2_compat ? SSL_OP_NO_SSLv2 : 0)
+#endif
+ ;
+#if !defined(OPENSSL_NO_TLS1_2_CLIENT)
+ version = TLS1_2_VERSION;
+
+ if ((options & SSL_OP_NO_TLSv1_2) && (options & mask) != mask)
+ version = TLS1_1_VERSION;
+#else
+ version = TLS1_1_VERSION;
+#endif
+ mask &= ~SSL_OP_NO_TLSv1_1;
+ if ((options & SSL_OP_NO_TLSv1_1) && (options & mask) != mask)
version = TLS1_VERSION;
- } else if (!(s->options & SSL_OP_NO_SSLv3)) {
+ mask &= ~SSL_OP_NO_TLSv1;
+#if !defined(OPENSSL_NO_SSL3)
+ if ((options & SSL_OP_NO_TLSv1) && (options & mask) != mask)
version = SSL3_VERSION;
- } else if (!(s->options & SSL_OP_NO_SSLv2)) {
+ mask &= ~SSL_OP_NO_SSLv3;
+#endif
+#if !defined(OPENSSL_NO_SSL2)
+ if ((options & SSL_OP_NO_SSLv3) && (options & mask) != mask)
version = SSL2_VERSION;
- }
+#endif
+
#ifndef OPENSSL_NO_TLSEXT
if (version != SSL2_VERSION) {
/*
@@ -234,6 +363,11 @@
ssl2_compat = 0;
if (s->tlsext_status_type != -1)
ssl2_compat = 0;
+# ifdef TLSEXT_TYPE_opaque_prf_input
+ if (s->ctx->tlsext_opaque_prf_input_callback != 0
+ || s->tlsext_opaque_prf_input != NULL)
+ ssl2_compat = 0;
+# endif
}
#endif
@@ -247,12 +381,16 @@
#endif
p = s->s3->client_random;
- Time = (unsigned long)time(NULL); /* Time */
- l2n(Time, p);
- if (RAND_pseudo_bytes(p, SSL3_RANDOM_SIZE - 4) <= 0)
+ if (ssl_fill_hello_random(s, 0, p, SSL3_RANDOM_SIZE) <= 0)
return -1;
- if (version == TLS1_VERSION) {
+ if (version == TLS1_2_VERSION) {
+ version_major = TLS1_2_VERSION_MAJOR;
+ version_minor = TLS1_2_VERSION_MINOR;
+ } else if (version == TLS1_1_VERSION) {
+ version_major = TLS1_1_VERSION_MAJOR;
+ version_minor = TLS1_1_VERSION_MINOR;
+ } else if (version == TLS1_VERSION) {
version_major = TLS1_VERSION_MAJOR;
version_minor = TLS1_VERSION_MINOR;
}
@@ -312,6 +450,12 @@
ch_len = SSL2_MAX_CHALLENGE_LENGTH;
/* write out sslv2 challenge */
+ /*
+ * Note that ch_len must be <= SSL3_RANDOM_SIZE (32), because it
+ * is one of SSL2_MAX_CHALLENGE_LENGTH (32) or
+ * SSL2_MAX_CHALLENGE_LENGTH (16), but leave the check in for
+ * futurproofing
+ */
if (SSL3_RANDOM_SIZE < ch_len)
i = SSL3_RANDOM_SIZE;
else
@@ -360,13 +504,25 @@
SSLerr(SSL_F_SSL23_CLIENT_HELLO, SSL_R_NO_CIPHERS_AVAILABLE);
return -1;
}
+#ifdef OPENSSL_MAX_TLS1_2_CIPHER_LENGTH
+ /*
+ * Some servers hang if client hello > 256 bytes as hack
+ * workaround chop number of supported ciphers to keep it well
+ * below this if we use TLS v1.2
+ */
+ if (TLS1_get_version(s) >= TLS1_2_VERSION
+ && i > OPENSSL_MAX_TLS1_2_CIPHER_LENGTH)
+ i = OPENSSL_MAX_TLS1_2_CIPHER_LENGTH & ~1;
+#endif
s2n(i, p);
p += i;
+
+ /* COMPRESSION */
#ifdef OPENSSL_NO_COMP
*(p++) = 1;
#else
- /* COMPRESSION */
- if (s->ctx->comp_methods == NULL)
+ if ((s->options & SSL_OP_NO_COMPRESSION)
+ || !s->ctx->comp_methods)
j = 0;
else
j = sk_SSL_COMP_num(s->ctx->comp_methods);
@@ -377,7 +533,13 @@
}
#endif
*(p++) = 0; /* Add the NULL method */
+
#ifndef OPENSSL_NO_TLSEXT
+ /* TLS extensions */
+ if (ssl_prepare_clienthello_tlsext(s) <= 0) {
+ SSLerr(SSL_F_SSL23_CLIENT_HELLO, SSL_R_CLIENTHELLO_TLSEXT);
+ return -1;
+ }
if ((p =
ssl_add_clienthello_tlsext(s, p,
buf +
@@ -389,7 +551,6 @@
#endif
l = p - d;
- *p = 42;
/* fill in 4-byte handshake header */
d = &(buf[5]);
@@ -407,9 +568,14 @@
d = buf;
*(d++) = SSL3_RT_HANDSHAKE;
*(d++) = version_major;
- *(d++) = version_minor; /* arguably we should send the *lowest*
- * suported version here (indicating,
- * e.g., TLS 1.0 in "SSL 3.0 format") */
+ /*
+ * Some servers hang if we use long client hellos and a record
+ * number > TLS 1.0.
+ */
+ if (TLS1_get_client_version(s) > TLS1_VERSION)
+ *(d++) = 1;
+ else
+ *(d++) = version_minor;
s2n((int)l, d);
/* number of bytes to write */
@@ -484,6 +650,11 @@
ch_len = SSL2_MAX_CHALLENGE_LENGTH;
/* write out sslv2 challenge */
+ /*
+ * Note that ch_len must be <= SSL3_RANDOM_SIZE (32), because it is
+ * one of SSL2_MAX_CHALLENGE_LENGTH (32) or SSL2_MAX_CHALLENGE_LENGTH
+ * (16), but leave the check in for futurproofing
+ */
i = (SSL3_RANDOM_SIZE < ch_len)
? SSL3_RANDOM_SIZE : ch_len;
s->s2->challenge_length = i;
@@ -524,8 +695,7 @@
s->handshake_func = s->method->ssl_connect;
#endif
} else if (p[1] == SSL3_VERSION_MAJOR &&
- ((p[2] == SSL3_VERSION_MINOR) ||
- (p[2] == TLS1_VERSION_MINOR)) &&
+ p[2] <= TLS1_2_VERSION_MINOR &&
((p[0] == SSL3_RT_HANDSHAKE && p[5] == SSL3_MT_SERVER_HELLO) ||
(p[0] == SSL3_RT_ALERT && p[3] == 0 && p[4] == 2))) {
/* we have sslv3 or tls1 (server hello or alert) */
@@ -546,6 +716,14 @@
if ((p[2] == TLS1_VERSION_MINOR) && !(s->options & SSL_OP_NO_TLSv1)) {
s->version = TLS1_VERSION;
s->method = TLSv1_client_method();
+ } else if ((p[2] == TLS1_1_VERSION_MINOR) &&
+ !(s->options & SSL_OP_NO_TLSv1_1)) {
+ s->version = TLS1_1_VERSION;
+ s->method = TLSv1_1_client_method();
+ } else if ((p[2] == TLS1_2_VERSION_MINOR) &&
+ !(s->options & SSL_OP_NO_TLSv1_2)) {
+ s->version = TLS1_2_VERSION;
+ s->method = TLSv1_2_client_method();
} else {
SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_R_UNSUPPORTED_PROTOCOL);
goto err;
@@ -592,7 +770,7 @@
s->rstate = SSL_ST_READ_HEADER;
s->packet_length = n;
if (s->s3->rbuf.buf == NULL)
- if (!ssl3_setup_buffers(s))
+ if (!ssl3_setup_read_buffer(s))
goto err;
s->packet = &(s->s3->rbuf.buf[0]);
memcpy(s->packet, buf, n);
Modified: trunk/crypto/openssl/ssl/s23_lib.c
===================================================================
--- trunk/crypto/openssl/ssl/s23_lib.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/ssl/s23_lib.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -65,10 +65,6 @@
return (300);
}
-IMPLEMENT_ssl23_meth_func(sslv23_base_method,
- ssl_undefined_function,
- ssl_undefined_function, ssl_bad_method)
-
int ssl23_num_ciphers(void)
{
return (ssl3_num_ciphers()
@@ -78,7 +74,7 @@
);
}
-SSL_CIPHER *ssl23_get_cipher(unsigned int u)
+const SSL_CIPHER *ssl23_get_cipher(unsigned int u)
{
unsigned int uu = ssl3_num_ciphers();
@@ -96,9 +92,9 @@
* This function needs to check if the ciphers required are actually
* available
*/
-SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p)
+const SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p)
{
- SSL_CIPHER *cp;
+ const SSL_CIPHER *cp;
cp = ssl3_get_cipher_by_char(p);
#ifndef OPENSSL_NO_SSL2
@@ -114,7 +110,10 @@
/* We can write SSLv2 and SSLv3 ciphers */
/* but no ECC ciphers */
- if (c->algorithms & (SSL_ECDH | SSL_aECDSA))
+ if (c->algorithm_mkey == SSL_kECDHr ||
+ c->algorithm_mkey == SSL_kECDHe ||
+ c->algorithm_mkey == SSL_kEECDH ||
+ c->algorithm_auth == SSL_aECDH || c->algorithm_auth == SSL_aECDSA)
return 0;
if (p != NULL) {
l = c->id;
Modified: trunk/crypto/openssl/ssl/s23_meth.c
===================================================================
--- trunk/crypto/openssl/ssl/s23_meth.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/ssl/s23_meth.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -60,8 +60,8 @@
#include <openssl/objects.h>
#include "ssl_locl.h"
-static SSL_METHOD *ssl23_get_method(int ver);
-static SSL_METHOD *ssl23_get_method(int ver)
+static const SSL_METHOD *ssl23_get_method(int ver);
+static const SSL_METHOD *ssl23_get_method(int ver)
{
#ifndef OPENSSL_NO_SSL2
if (ver == SSL2_VERSION)
@@ -76,6 +76,10 @@
#ifndef OPENSSL_NO_TLS1
if (ver == TLS1_VERSION)
return (TLSv1_method());
+ else if (ver == TLS1_1_VERSION)
+ return (TLSv1_1_method());
+ else if (ver == TLS1_2_VERSION)
+ return (TLSv1_2_method());
else
#endif
return (NULL);
Modified: trunk/crypto/openssl/ssl/s23_srvr.c
===================================================================
--- trunk/crypto/openssl/ssl/s23_srvr.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/ssl/s23_srvr.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -56,7 +56,7 @@
* [including the GNU Public Licence.]
*/
/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -115,10 +115,13 @@
#include <openssl/rand.h>
#include <openssl/objects.h>
#include <openssl/evp.h>
+#ifdef OPENSSL_FIPS
+# include <openssl/fips.h>
+#endif
-static SSL_METHOD *ssl23_get_server_method(int ver);
+static const SSL_METHOD *ssl23_get_server_method(int ver);
int ssl23_get_client_hello(SSL *s);
-static SSL_METHOD *ssl23_get_server_method(int ver)
+static const SSL_METHOD *ssl23_get_server_method(int ver)
{
#ifndef OPENSSL_NO_SSL2
if (ver == SSL2_VERSION)
@@ -130,6 +133,10 @@
#endif
if (ver == TLS1_VERSION)
return (TLSv1_server_method());
+ else if (ver == TLS1_1_VERSION)
+ return (TLSv1_1_server_method());
+ else if (ver == TLS1_2_VERSION)
+ return (TLSv1_2_server_method());
else
return (NULL);
}
@@ -181,6 +188,7 @@
goto end;
}
if (!BUF_MEM_grow(buf, SSL3_RT_MAX_PLAIN_LENGTH)) {
+ BUF_MEM_free(buf);
ret = -1;
goto end;
}
@@ -280,7 +288,20 @@
v[1] = p[4];
/* SSLv3/TLSv1 */
if (p[4] >= TLS1_VERSION_MINOR) {
- if (!(s->options & SSL_OP_NO_TLSv1)) {
+ if (p[4] >= TLS1_2_VERSION_MINOR &&
+ !(s->options & SSL_OP_NO_TLSv1_2)) {
+ s->version = TLS1_2_VERSION;
+ s->state = SSL23_ST_SR_CLNT_HELLO_B;
+ } else if (p[4] >= TLS1_1_VERSION_MINOR &&
+ !(s->options & SSL_OP_NO_TLSv1_1)) {
+ s->version = TLS1_1_VERSION;
+ /*
+ * type=2;
+ *//*
+ * done later to survive restarts
+ */
+ s->state = SSL23_ST_SR_CLNT_HELLO_B;
+ } else if (!(s->options & SSL_OP_NO_TLSv1)) {
s->version = TLS1_VERSION;
/*
* type=2;
@@ -337,7 +358,15 @@
else
v[1] = p[10]; /* minor version according to client_version */
if (v[1] >= TLS1_VERSION_MINOR) {
- if (!(s->options & SSL_OP_NO_TLSv1)) {
+ if (v[1] >= TLS1_2_VERSION_MINOR &&
+ !(s->options & SSL_OP_NO_TLSv1_2)) {
+ s->version = TLS1_2_VERSION;
+ type = 3;
+ } else if (v[1] >= TLS1_1_VERSION_MINOR &&
+ !(s->options & SSL_OP_NO_TLSv1_1)) {
+ s->version = TLS1_1_VERSION;
+ type = 3;
+ } else if (!(s->options & SSL_OP_NO_TLSv1)) {
s->version = TLS1_VERSION;
type = 3;
} else if (!(s->options & SSL_OP_NO_SSLv3)) {
@@ -369,6 +398,10 @@
goto err;
}
}
+
+ /* ensure that TLS_MAX_VERSION is up-to-date */
+ OPENSSL_assert(s->version <= TLS_MAX_VERSION);
+
#ifdef OPENSSL_FIPS
if (FIPS_mode() && (s->version < TLS1_VERSION)) {
SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,
@@ -377,9 +410,6 @@
}
#endif
- /* ensure that TLS_MAX_VERSION is up-to-date */
- OPENSSL_assert(s->version <= TLS_MAX_VERSION);
-
if (s->state == SSL23_ST_SR_CLNT_HELLO_B) {
/*
* we have SSLv3/TLSv1 in an SSLv2 header (other cases skip this
@@ -436,7 +466,14 @@
n2s(p, sil);
n2s(p, cl);
d = (unsigned char *)s->init_buf->data;
- if ((csl + sil + cl + 11) != s->packet_length) {
+ if ((csl + sil + cl + 11) != s->packet_length) { /* We can't have TLS
+ * extensions in SSL
+ * 2.0 format *
+ * Client Hello, can
+ * we? Error
+ * condition should
+ * be * '>'
+ * otherweise */
SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,
SSL_R_RECORD_LENGTH_MISMATCH);
goto err;
@@ -479,6 +516,14 @@
*(d++) = 1;
*(d++) = 0;
+#if 0
+ /* copy any remaining data with may be extensions */
+ p = p + csl + sil + cl;
+ while (p < s->packet + s->packet_length) {
+ *(d++) = *(p++);
+ }
+#endif
+
i = (d - (unsigned char *)s->init_buf->data) - 4;
l2n3((long)i, d_len);
@@ -546,7 +591,7 @@
/*
* we have SSLv3/TLSv1 (type 2: SSL2 style, type 3: SSL3/TLS style)
*/
- SSL_METHOD *new_method;
+ const SSL_METHOD *new_method;
new_method = ssl23_get_server_method(s->version);
if (new_method == NULL) {
SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, SSL_R_UNSUPPORTED_PROTOCOL);
@@ -566,6 +611,10 @@
*/
s->rstate = SSL_ST_READ_HEADER;
s->packet_length = n;
+ if (s->s3->rbuf.buf == NULL)
+ if (!ssl3_setup_read_buffer(s))
+ goto err;
+
s->packet = &(s->s3->rbuf.buf[0]);
memcpy(s->packet, buf, n);
s->s3->rbuf.left = n;
Modified: trunk/crypto/openssl/ssl/s2_clnt.c
===================================================================
--- trunk/crypto/openssl/ssl/s2_clnt.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/ssl/s2_clnt.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -117,7 +117,7 @@
# include <openssl/objects.h>
# include <openssl/evp.h>
-static SSL_METHOD *ssl2_get_client_method(int ver);
+static const SSL_METHOD *ssl2_get_client_method(int ver);
static int get_server_finished(SSL *s);
static int get_server_verify(SSL *s);
static int get_server_hello(SSL *s);
@@ -129,7 +129,7 @@
unsigned char *to, int padding);
# define BREAK break
-static SSL_METHOD *ssl2_get_client_method(int ver)
+static const SSL_METHOD *ssl2_get_client_method(int ver)
{
if (ver == SSL2_VERSION)
return (SSLv2_client_method());
@@ -355,14 +355,16 @@
SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_PEER_ERROR);
return (-1);
}
-# ifdef __APPLE_CC__
+# if 0
+ s->hit = (*(p++)) ? 1 : 0;
/*
- * The Rhapsody 5.5 (a.k.a. MacOS X) compiler bug workaround.
- * <appro at fy.chalmers.se>
+ * Some [PPC?] compilers fail to increment p in above statement, e.g.
+ * one provided with Rhapsody 5.5, but most recent example XL C 11.1
+ * for AIX, even without optimization flag...
*/
- s->hit = (i = *(p++)) ? 1 : 0;
# else
- s->hit = (*(p++)) ? 1 : 0;
+ s->hit = (*p) ? 1 : 0;
+ p++;
# endif
s->s2->tmp.cert_type = *(p++);
n2s(p, i);
@@ -604,7 +606,7 @@
buf = (unsigned char *)s->init_buf->data;
if (s->state == SSL2_ST_SEND_CLIENT_MASTER_KEY_A) {
- if (!ssl_cipher_get_evp(s->session, &c, &md, NULL)) {
+ if (!ssl_cipher_get_evp(s->session, &c, &md, NULL, NULL, NULL)) {
ssl2_return_error(s, SSL2_PE_NO_CIPHER);
SSLerr(SSL_F_CLIENT_MASTER_KEY,
SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS);
@@ -836,8 +838,13 @@
EVP_SignInit_ex(&ctx, s->ctx->rsa_md5, NULL);
EVP_SignUpdate(&ctx, s->s2->key_material, s->s2->key_material_length);
EVP_SignUpdate(&ctx, cert_ch, (unsigned int)cert_ch_len);
- n = i2d_X509(s->session->sess_cert->peer_key->x509, &p);
- EVP_SignUpdate(&ctx, buf, (unsigned int)n);
+ i = i2d_X509(s->session->sess_cert->peer_key->x509, &p);
+ /*
+ * Don't update the signature if it fails - FIXME: probably should
+ * handle this better
+ */
+ if (i > 0)
+ EVP_SignUpdate(&ctx, buf, (unsigned int)i);
p = buf;
d = p + 6;
Modified: trunk/crypto/openssl/ssl/s2_enc.c
===================================================================
--- trunk/crypto/openssl/ssl/s2_enc.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/ssl/s2_enc.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -68,15 +68,14 @@
const EVP_MD *md;
int num;
- if (!ssl_cipher_get_evp(s->session, &c, &md, NULL)) {
+ if (!ssl_cipher_get_evp(s->session, &c, &md, NULL, NULL, NULL)) {
ssl2_return_error(s, SSL2_PE_NO_CIPHER);
SSLerr(SSL_F_SSL2_ENC_INIT, SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS);
return (0);
}
+ ssl_replace_hash(&s->read_hash, md);
+ ssl_replace_hash(&s->write_hash, md);
- s->read_hash = md;
- s->write_hash = md;
-
if ((s->enc_read_ctx == NULL) && ((s->enc_read_ctx = (EVP_CIPHER_CTX *)
OPENSSL_malloc(sizeof(EVP_CIPHER_CTX)))
== NULL))
@@ -122,9 +121,10 @@
/*
* read/writes from s->s2->mac_data using length for encrypt and decrypt.
- * It sets s->s2->padding and s->[rw]length if we are encrypting
+ * It sets s->s2->padding and s->[rw]length if we are encrypting Returns 0 on
+ * error and 1 on success
*/
-void ssl2_enc(SSL *s, int send)
+int ssl2_enc(SSL *s, int send)
{
EVP_CIPHER_CTX *ds;
unsigned long l;
@@ -140,7 +140,7 @@
/* check for NULL cipher */
if (ds == NULL)
- return;
+ return 1;
bs = ds->cipher->block_size;
/*
@@ -150,7 +150,10 @@
if (bs == 8)
l = (l + 7) / 8 * 8;
- EVP_Cipher(ds, s->s2->mac_data, s->s2->mac_data, l);
+ if (EVP_Cipher(ds, s->s2->mac_data, s->s2->mac_data, l) < 1)
+ return 0;
+
+ return 1;
}
void ssl2_mac(SSL *s, unsigned char *md, int send)
@@ -177,7 +180,7 @@
/* There has to be a MAC algorithm. */
EVP_MD_CTX_init(&c);
- EVP_DigestInit_ex(&c, s->read_hash, NULL);
+ EVP_MD_CTX_copy(&c, s->read_hash);
EVP_DigestUpdate(&c, sec, EVP_CIPHER_CTX_key_length(s->enc_read_ctx));
EVP_DigestUpdate(&c, act, len);
/* the above line also does the pad data */
Modified: trunk/crypto/openssl/ssl/s2_lib.c
===================================================================
--- trunk/crypto/openssl/ssl/s2_lib.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/ssl/s2_lib.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -55,6 +55,59 @@
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
+/* ====================================================================
+ * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
#include "ssl_locl.h"
#ifndef OPENSSL_NO_SSL2
@@ -68,143 +121,172 @@
# define SSL2_NUM_CIPHERS (sizeof(ssl2_ciphers)/sizeof(SSL_CIPHER))
/* list of available SSLv2 ciphers (sorted by id) */
-OPENSSL_GLOBAL SSL_CIPHER ssl2_ciphers[] = {
+OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = {
+# if 0
/* NULL_WITH_MD5 v3 */
-# if 0
{
1,
SSL2_TXT_NULL_WITH_MD5,
SSL2_CK_NULL_WITH_MD5,
- SSL_kRSA | SSL_aRSA | SSL_eNULL | SSL_MD5 | SSL_SSLV2,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_eNULL,
+ SSL_MD5,
+ SSL_SSLV2,
SSL_EXPORT | SSL_EXP40 | SSL_STRONG_NONE,
0,
0,
0,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
# endif
+
/* RC4_128_WITH_MD5 */
{
1,
SSL2_TXT_RC4_128_WITH_MD5,
SSL2_CK_RC4_128_WITH_MD5,
- SSL_kRSA | SSL_aRSA | SSL_RC4 | SSL_MD5 | SSL_SSLV2,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_RC4,
+ SSL_MD5,
+ SSL_SSLV2,
SSL_NOT_EXP | SSL_MEDIUM,
0,
128,
128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
+
/* RC4_128_EXPORT40_WITH_MD5 */
{
1,
SSL2_TXT_RC4_128_EXPORT40_WITH_MD5,
SSL2_CK_RC4_128_EXPORT40_WITH_MD5,
- SSL_kRSA | SSL_aRSA | SSL_RC4 | SSL_MD5 | SSL_SSLV2,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_RC4,
+ SSL_MD5,
+ SSL_SSLV2,
SSL_EXPORT | SSL_EXP40,
SSL2_CF_5_BYTE_ENC,
40,
128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
+
/* RC2_128_CBC_WITH_MD5 */
{
1,
SSL2_TXT_RC2_128_CBC_WITH_MD5,
SSL2_CK_RC2_128_CBC_WITH_MD5,
- SSL_kRSA | SSL_aRSA | SSL_RC2 | SSL_MD5 | SSL_SSLV2,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_RC2,
+ SSL_MD5,
+ SSL_SSLV2,
SSL_NOT_EXP | SSL_MEDIUM,
0,
128,
128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
+
/* RC2_128_CBC_EXPORT40_WITH_MD5 */
{
1,
SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5,
SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5,
- SSL_kRSA | SSL_aRSA | SSL_RC2 | SSL_MD5 | SSL_SSLV2,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_RC2,
+ SSL_MD5,
+ SSL_SSLV2,
SSL_EXPORT | SSL_EXP40,
SSL2_CF_5_BYTE_ENC,
40,
128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
+
+# ifndef OPENSSL_NO_IDEA
/* IDEA_128_CBC_WITH_MD5 */
-# ifndef OPENSSL_NO_IDEA
{
1,
SSL2_TXT_IDEA_128_CBC_WITH_MD5,
SSL2_CK_IDEA_128_CBC_WITH_MD5,
- SSL_kRSA | SSL_aRSA | SSL_IDEA | SSL_MD5 | SSL_SSLV2,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_IDEA,
+ SSL_MD5,
+ SSL_SSLV2,
SSL_NOT_EXP | SSL_MEDIUM,
0,
128,
128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
# endif
+
/* DES_64_CBC_WITH_MD5 */
{
1,
SSL2_TXT_DES_64_CBC_WITH_MD5,
SSL2_CK_DES_64_CBC_WITH_MD5,
- SSL_kRSA | SSL_aRSA | SSL_DES | SSL_MD5 | SSL_SSLV2,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_DES,
+ SSL_MD5,
+ SSL_SSLV2,
SSL_NOT_EXP | SSL_LOW,
0,
56,
56,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
+
/* DES_192_EDE3_CBC_WITH_MD5 */
{
1,
SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5,
SSL2_CK_DES_192_EDE3_CBC_WITH_MD5,
- SSL_kRSA | SSL_aRSA | SSL_3DES | SSL_MD5 | SSL_SSLV2,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_3DES,
+ SSL_MD5,
+ SSL_SSLV2,
SSL_NOT_EXP | SSL_HIGH,
0,
+ 112,
168,
- 168,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
+
+# if 0
/* RC4_64_WITH_MD5 */
-# if 0
{
1,
SSL2_TXT_RC4_64_WITH_MD5,
SSL2_CK_RC4_64_WITH_MD5,
- SSL_kRSA | SSL_aRSA | SSL_RC4 | SSL_MD5 | SSL_SSLV2,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_RC4,
+ SSL_MD5,
+ SSL_SSLV2,
SSL_NOT_EXP | SSL_LOW,
SSL2_CF_8_BYTE_ENC,
64,
64,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
# endif
+
+# if 0
/* NULL SSLeay (testing) */
-# if 0
{
0,
SSL2_TXT_NULL,
SSL2_CK_NULL,
0,
+ 0,
+ 0,
+ 0,
+ SSL_SSLV2,
SSL_STRONG_NONE,
0,
0,
0,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
# endif
@@ -216,16 +298,12 @@
return (300);
}
-IMPLEMENT_ssl2_meth_func(sslv2_base_method,
- ssl_undefined_function,
- ssl_undefined_function, ssl_bad_method)
-
int ssl2_num_ciphers(void)
{
return (SSL2_NUM_CIPHERS);
}
-SSL_CIPHER *ssl2_get_cipher(unsigned int u)
+const SSL_CIPHER *ssl2_get_cipher(unsigned int u)
{
if (u < SSL2_NUM_CIPHERS)
return (&(ssl2_ciphers[SSL2_NUM_CIPHERS - 1 - u]));
@@ -347,18 +425,16 @@
* This function needs to check if the ciphers required are actually
* available
*/
-SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p)
+const SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p)
{
- SSL_CIPHER c, *cp;
+ SSL_CIPHER c;
+ const SSL_CIPHER *cp;
unsigned long id;
id = 0x02000000L | ((unsigned long)p[0] << 16L) |
((unsigned long)p[1] << 8L) | (unsigned long)p[2];
c.id = id;
- cp = (SSL_CIPHER *)OBJ_bsearch((char *)&c,
- (char *)ssl2_ciphers,
- SSL2_NUM_CIPHERS, sizeof(SSL_CIPHER),
- FP_ICC ssl_cipher_id_cmp);
+ cp = OBJ_bsearch_ssl_cipher_id(&c, ssl2_ciphers, SSL2_NUM_CIPHERS);
if ((cp == NULL) || (cp->valid == 0))
return NULL;
else
@@ -387,6 +463,7 @@
unsigned char *km;
unsigned char c = '0';
const EVP_MD *md5;
+ int md_size;
md5 = EVP_md5();
@@ -402,9 +479,11 @@
SSLerr(SSL_F_SSL2_GENERATE_KEY_MATERIAL, ERR_R_INTERNAL_ERROR);
return 0;
}
-
- for (i = 0; i < s->s2->key_material_length; i += EVP_MD_size(md5)) {
- if (((km - s->s2->key_material) + EVP_MD_size(md5)) >
+ md_size = EVP_MD_size(md5);
+ if (md_size < 0)
+ return 0;
+ for (i = 0; i < s->s2->key_material_length; i += md_size) {
+ if (((km - s->s2->key_material) + md_size) >
(int)sizeof(s->s2->key_material)) {
/*
* EVP_DigestFinal_ex() below would write beyond buffer
@@ -425,7 +504,7 @@
EVP_DigestUpdate(&ctx, s->s2->challenge, s->s2->challenge_length);
EVP_DigestUpdate(&ctx, s->s2->conn_id, s->s2->conn_id_length);
EVP_DigestFinal_ex(&ctx, km, NULL);
- km += EVP_MD_size(md5);
+ km += md_size;
}
EVP_MD_CTX_cleanup(&ctx);
Modified: trunk/crypto/openssl/ssl/s2_meth.c
===================================================================
--- trunk/crypto/openssl/ssl/s2_meth.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/ssl/s2_meth.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -61,8 +61,8 @@
# include <stdio.h>
# include <openssl/objects.h>
-static SSL_METHOD *ssl2_get_method(int ver);
-static SSL_METHOD *ssl2_get_method(int ver)
+static const SSL_METHOD *ssl2_get_method(int ver);
+static const SSL_METHOD *ssl2_get_method(int ver)
{
if (ver == SSL2_VERSION)
return (SSLv2_method());
Modified: trunk/crypto/openssl/ssl/s2_pkt.c
===================================================================
--- trunk/crypto/openssl/ssl/s2_pkt.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/ssl/s2_pkt.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -117,7 +117,7 @@
static int read_n(SSL *s, unsigned int n, unsigned int max,
unsigned int extend);
-static int do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len);
+static int n_do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len);
static int write_pending(SSL *s, const unsigned char *buf, unsigned int len);
static int ssl_mt_error(int n);
@@ -131,7 +131,7 @@
unsigned char mac[MAX_MAC_SIZE];
unsigned char *p;
int i;
- unsigned int mac_size;
+ int mac_size;
ssl2_read_again:
if (SSL_in_init(s) && !s->in_handshake) {
@@ -237,7 +237,9 @@
return (-1);
}
} else {
- mac_size = EVP_MD_size(s->read_hash);
+ mac_size = EVP_MD_CTX_size(s->read_hash);
+ if (mac_size < 0)
+ return -1;
OPENSSL_assert(mac_size <= MAX_MAC_SIZE);
s->s2->mac_data = p;
s->s2->ract_data = &p[mac_size];
@@ -252,8 +254,12 @@
* added a check for length > max_size in case encryption was not
* turned on yet due to an error
*/
- if ((!s->s2->clear_text) && (s->s2->rlength >= mac_size)) {
- ssl2_enc(s, 0);
+ if ((!s->s2->clear_text) &&
+ (s->s2->rlength >= (unsigned int)mac_size)) {
+ if (!ssl2_enc(s, 0)) {
+ SSLerr(SSL_F_SSL2_READ_INTERNAL, SSL_R_DECRYPTION_FAILED);
+ return (-1);
+ }
s->s2->ract_data_length -= mac_size;
ssl2_mac(s, mac, 0);
s->s2->ract_data_length -= s->s2->padding;
@@ -421,7 +427,7 @@
n = (len - tot);
for (;;) {
- i = do_ssl_write(s, &(buf[tot]), n);
+ i = n_do_ssl_write(s, &(buf[tot]), n);
if (i <= 0) {
s->s2->wnum = tot;
return (i);
@@ -477,9 +483,10 @@
}
}
-static int do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len)
+static int n_do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len)
{
- unsigned int j, k, olen, p, mac_size, bs;
+ unsigned int j, k, olen, p, bs;
+ int mac_size;
register unsigned char *pp;
olen = len;
@@ -495,8 +502,11 @@
/* set mac_size to mac size */
if (s->s2->clear_text)
mac_size = 0;
- else
- mac_size = EVP_MD_size(s->write_hash);
+ else {
+ mac_size = EVP_MD_CTX_size(s->write_hash);
+ if (mac_size < 0)
+ return -1;
+ }
/* lets set the pad p */
if (s->s2->clear_text) {
@@ -566,6 +576,20 @@
s->s2->padding = p;
s->s2->mac_data = &(s->s2->wbuf[3]);
s->s2->wact_data = &(s->s2->wbuf[3 + mac_size]);
+
+ /*
+ * It would be clearer to write this as follows:
+ * if (mac_size + len + p > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER)
+ * However |len| is user input that could in theory be very large. We
+ * know |mac_size| and |p| are small, so to avoid any possibility of
+ * overflow we write it like this.
+ *
+ * In theory this should never fail because the logic above should have
+ * modified |len| if it is too big. But we are being cautious.
+ */
+ if (len > (SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER - (mac_size + p))) {
+ return -1;
+ }
/* we copy the data into s->s2->wbuf */
memcpy(s->s2->wact_data, buf, len);
if (p)
@@ -575,7 +599,8 @@
s->s2->wact_data_length = len + p;
ssl2_mac(s, s->s2->mac_data, 1);
s->s2->wlength += p + mac_size;
- ssl2_enc(s, 1);
+ if (ssl2_enc(s, 1) < 1)
+ return -1;
}
/* package up the header */
Modified: trunk/crypto/openssl/ssl/s2_srvr.c
===================================================================
--- trunk/crypto/openssl/ssl/s2_srvr.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/ssl/s2_srvr.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -111,6 +111,7 @@
#include "ssl_locl.h"
#ifndef OPENSSL_NO_SSL2
+#include "../crypto/constant_time_locl.h"
# include <stdio.h>
# include <openssl/bio.h>
# include <openssl/rand.h>
@@ -117,7 +118,7 @@
# include <openssl/objects.h>
# include <openssl/evp.h>
-static SSL_METHOD *ssl2_get_server_method(int ver);
+static const SSL_METHOD *ssl2_get_server_method(int ver);
static int get_client_master_key(SSL *s);
static int get_client_hello(SSL *s);
static int server_hello(SSL *s);
@@ -129,7 +130,7 @@
unsigned char *to, int padding);
# define BREAK break
-static SSL_METHOD *ssl2_get_server_method(int ver)
+static const SSL_METHOD *ssl2_get_server_method(int ver)
{
if (ver == SSL2_VERSION)
return (SSLv2_server_method());
@@ -186,17 +187,19 @@
s->version = SSL2_VERSION;
s->type = SSL_ST_ACCEPT;
- buf = s->init_buf;
- if ((buf == NULL) && ((buf = BUF_MEM_new()) == NULL)) {
- ret = -1;
- goto end;
+ if (s->init_buf == NULL) {
+ if ((buf = BUF_MEM_new()) == NULL) {
+ ret = -1;
+ goto end;
+ }
+ if (!BUF_MEM_grow
+ (buf, (int)SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) {
+ BUF_MEM_free(buf);
+ ret = -1;
+ goto end;
+ }
+ s->init_buf = buf;
}
- if (!BUF_MEM_grow(buf, (int)
- SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) {
- ret = -1;
- goto end;
- }
- s->init_buf = buf;
s->init_num = 0;
s->ctx->stats.sess_accept++;
s->handshake_func = ssl2_accept;
@@ -370,12 +373,15 @@
static int get_client_master_key(SSL *s)
{
int is_export, i, n, keya;
- unsigned int ek;
+ unsigned int num_encrypted_key_bytes, key_length;
unsigned long len;
unsigned char *p;
- SSL_CIPHER *cp;
+ const SSL_CIPHER *cp;
const EVP_CIPHER *c;
const EVP_MD *md;
+ unsigned char rand_premaster_secret[SSL_MAX_MASTER_KEY_LENGTH];
+ unsigned char decrypt_good;
+ size_t j;
p = (unsigned char *)s->init_buf->data;
if (s->state == SSL2_ST_GET_CLIENT_MASTER_KEY_A) {
@@ -456,7 +462,7 @@
is_export = SSL_C_IS_EXPORT(s->session->cipher);
- if (!ssl_cipher_get_evp(s->session, &c, &md, NULL)) {
+ if (!ssl_cipher_get_evp(s->session, &c, &md, NULL, NULL, NULL)) {
ssl2_return_error(s, SSL2_PE_NO_CIPHER);
SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,
SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS);
@@ -463,12 +469,6 @@
return (0);
}
- if (s->session->cipher->algorithm2 & SSL2_CF_8_BYTE_ENC) {
- is_export = 1;
- ek = 8;
- } else
- ek = 5;
-
/*
* The format of the CLIENT-MASTER-KEY message is
* 1 byte message type
@@ -482,13 +482,28 @@
*
* If the cipher is an export cipher, then the encrypted key bytes
* are a fixed portion of the total key (5 or 8 bytes). The size of
- * this portion is in |ek|. If the cipher is not an export cipher,
- * then the entire key material is encrypted (i.e., clear key length
- * must be zero).
+ * this portion is in |num_encrypted_key_bytes|. If the cipher is not an
+ * export cipher, then the entire key material is encrypted (i.e., clear
+ * key length must be zero).
*/
- if ((!is_export && s->s2->tmp.clear != 0) ||
- (is_export && s->s2->tmp.clear + ek != (unsigned int)EVP_CIPHER_key_length(c))) {
+ key_length = (unsigned int)EVP_CIPHER_key_length(c);
+ if (key_length > SSL_MAX_MASTER_KEY_LENGTH) {
ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
+ return -1;
+ }
+
+ if (s->session->cipher->algorithm2 & SSL2_CF_8_BYTE_ENC) {
+ is_export = 1;
+ num_encrypted_key_bytes = 8;
+ } else if (is_export) {
+ num_encrypted_key_bytes = 5;
+ } else {
+ num_encrypted_key_bytes = key_length;
+ }
+
+ if (s->s2->tmp.clear + num_encrypted_key_bytes != key_length) {
+ ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_BAD_LENGTH);
return -1;
}
@@ -497,64 +512,49 @@
* Decryption can't be expanding, so if we don't have enough encrypted
* bytes to fit the key in the buffer, stop now.
*/
- if ((is_export && s->s2->tmp.enc < ek) ||
- (!is_export && s->s2->tmp.enc < (unsigned int)EVP_CIPHER_key_length(c))) {
+ if (s->s2->tmp.enc < num_encrypted_key_bytes) {
ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_LENGTH_TOO_SHORT);
return -1;
}
+ /*
+ * We must not leak whether a decryption failure occurs because of
+ * Bleichenbacher's attack on PKCS #1 v1.5 RSA padding (see RFC 2246,
+ * section 7.4.7.1). The code follows that advice of the TLS RFC and
+ * generates a random premaster secret for the case that the decrypt
+ * fails. See https://tools.ietf.org/html/rfc5246#section-7.4.7.1
+ */
+
+ /*
+ * should be RAND_bytes, but we cannot work around a failure.
+ */
+ if (RAND_pseudo_bytes(rand_premaster_secret,
+ (int)num_encrypted_key_bytes) <= 0)
+ return 0;
+
i = ssl_rsa_private_decrypt(s->cert, s->s2->tmp.enc,
&(p[s->s2->tmp.clear]),
&(p[s->s2->tmp.clear]),
(s->s2->ssl2_rollback) ? RSA_SSLV23_PADDING :
RSA_PKCS1_PADDING);
-
- /* bad decrypt */
-# if 1
+ ERR_clear_error();
/*
* If a bad decrypt, continue with protocol but with a random master
* secret (Bleichenbacher attack)
*/
- if ((i < 0) || ((!is_export && i != EVP_CIPHER_key_length(c))
- || (is_export && i != (int)ek))) {
- ERR_clear_error();
- if (is_export)
- i = ek;
- else
- i = EVP_CIPHER_key_length(c);
- if (RAND_pseudo_bytes(&p[s->s2->tmp.clear], i) <= 0)
- return 0;
+ decrypt_good = constant_time_eq_int_8(i, (int)num_encrypted_key_bytes);
+ for (j = 0; j < num_encrypted_key_bytes; j++) {
+ p[s->s2->tmp.clear + j] =
+ constant_time_select_8(decrypt_good, p[s->s2->tmp.clear + j],
+ rand_premaster_secret[j]);
}
-# else
- if (i < 0) {
- error = 1;
- SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_BAD_RSA_DECRYPT);
- }
- /* incorrect number of key bytes for non export cipher */
- else if ((!is_export && (i != EVP_CIPHER_key_length(c)))
- || (is_export && ((i != ek) || (s->s2->tmp.clear + i !=
- EVP_CIPHER_key_length(c))))) {
- error = 1;
- SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_WRONG_NUMBER_OF_KEY_BITS);
- }
- if (error) {
- ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
- return (-1);
- }
-# endif
- if (is_export)
- i = EVP_CIPHER_key_length(c);
+ s->session->master_key_length = (int)key_length;
+ memcpy(s->session->master_key, p, key_length);
+ OPENSSL_cleanse(p, key_length);
- if (i > SSL_MAX_MASTER_KEY_LENGTH) {
- ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
- SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
- return -1;
- }
- s->session->master_key_length = i;
- memcpy(s->session->master_key, p, (unsigned int)i);
- return (1);
+ return 1;
}
static int get_client_hello(SSL *s)
@@ -1075,10 +1075,11 @@
EVP_PKEY *pkey = NULL;
EVP_MD_CTX_init(&ctx);
- EVP_VerifyInit_ex(&ctx, s->ctx->rsa_md5, NULL);
- EVP_VerifyUpdate(&ctx, s->s2->key_material,
- s->s2->key_material_length);
- EVP_VerifyUpdate(&ctx, ccd, SSL2_MIN_CERT_CHALLENGE_LENGTH);
+ if (!EVP_VerifyInit_ex(&ctx, s->ctx->rsa_md5, NULL)
+ || !EVP_VerifyUpdate(&ctx, s->s2->key_material,
+ s->s2->key_material_length)
+ || !EVP_VerifyUpdate(&ctx, ccd, SSL2_MIN_CERT_CHALLENGE_LENGTH))
+ goto msg_end;
i = i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509, NULL);
buf2 = OPENSSL_malloc((unsigned int)i);
@@ -1088,7 +1089,10 @@
}
p2 = buf2;
i = i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509, &p2);
- EVP_VerifyUpdate(&ctx, buf2, (unsigned int)i);
+ if (!EVP_VerifyUpdate(&ctx, buf2, (unsigned int)i)) {
+ OPENSSL_free(buf2);
+ goto msg_end;
+ }
OPENSSL_free(buf2);
pkey = X509_get_pubkey(x509);
Modified: trunk/crypto/openssl/ssl/s3_both.c
===================================================================
--- trunk/crypto/openssl/ssl/s3_both.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/ssl/s3_both.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -167,10 +167,10 @@
p = &(d[4]);
i = s->method->ssl3_enc->final_finish_mac(s,
- &(s->s3->finish_dgst1),
- &(s->s3->finish_dgst2),
sender, slen,
s->s3->tmp.finish_md);
+ if (i <= 0)
+ return 0;
s->s3->tmp.finish_md_len = i;
memcpy(p, s->s3->tmp.finish_md, i);
p += i;
@@ -209,6 +209,36 @@
return (ssl3_do_write(s, SSL3_RT_HANDSHAKE));
}
+#ifndef OPENSSL_NO_NEXTPROTONEG
+/*
+ * ssl3_take_mac calculates the Finished MAC for the handshakes messages seen
+ * to far.
+ */
+static void ssl3_take_mac(SSL *s)
+{
+ const char *sender;
+ int slen;
+ /*
+ * If no new cipher setup return immediately: other functions will set
+ * the appropriate error.
+ */
+ if (s->s3->tmp.new_cipher == NULL)
+ return;
+ if (s->state & SSL_ST_CONNECT) {
+ sender = s->method->ssl3_enc->server_finished_label;
+ slen = s->method->ssl3_enc->server_finished_label_len;
+ } else {
+ sender = s->method->ssl3_enc->client_finished_label;
+ slen = s->method->ssl3_enc->client_finished_label_len;
+ }
+
+ s->s3->tmp.peer_finish_md_len = s->method->ssl3_enc->final_finish_mac(s,
+ sender,
+ slen,
+ s->s3->tmp.peer_finish_md);
+}
+#endif
+
int ssl3_get_finished(SSL *s, int a, int b)
{
int al, i, ok;
@@ -215,10 +245,12 @@
long n;
unsigned char *p;
+#ifdef OPENSSL_NO_NEXTPROTONEG
/*
* the mac has already been generated when we received the change cipher
- * spec message and is in s->s3->tmp.peer_finish_md
+ * spec message and is in s->s3->tmp.peer_finish_md.
*/
+#endif
/* 64 argument should actually be 36+4 :-) */
n = s->method->ssl_get_message(s, a, b, SSL3_MT_FINISHED, 64, &ok);
@@ -394,6 +426,7 @@
goto f_err;
}
*ok = 1;
+ s->state = stn;
s->init_msg = s->init_buf->data + 4;
s->init_num = (int)s->s3->tmp.message_size;
return s->init_num;
@@ -494,6 +527,17 @@
s->init_num += i;
n -= i;
}
+
+#ifndef OPENSSL_NO_NEXTPROTONEG
+ /*
+ * If receiving Finished, record MAC of prior handshake messages for
+ * Finished verification.
+ */
+ if (*s->init_buf->data == SSL3_MT_FINISHED)
+ ssl3_take_mac(s);
+#endif
+
+ /* Feed this message into MAC computation. */
ssl3_finish_mac(s, (unsigned char *)s->init_buf->data, s->init_num + 4);
if (s->msg_callback)
s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, s->init_buf->data,
@@ -530,7 +574,11 @@
ret = SSL_PKEY_ECC;
}
#endif
-
+ else if (i == NID_id_GostR3410_94 || i == NID_id_GostR3410_94_cc) {
+ ret = SSL_PKEY_GOST94;
+ } else if (i == NID_id_GostR3410_2001 || i == NID_id_GostR3410_2001_cc) {
+ ret = SSL_PKEY_GOST01;
+ }
err:
if (!pkey)
EVP_PKEY_free(pk);
@@ -596,11 +644,80 @@
return (al);
}
-int ssl3_setup_buffers(SSL *s)
+#ifndef OPENSSL_NO_BUF_FREELISTS
+/*-
+ * On some platforms, malloc() performance is bad enough that you can't just
+ * free() and malloc() buffers all the time, so we need to use freelists from
+ * unused buffers. Currently, each freelist holds memory chunks of only a
+ * given size (list->chunklen); other sized chunks are freed and malloced.
+ * This doesn't help much if you're using many different SSL option settings
+ * with a given context. (The options affecting buffer size are
+ * max_send_fragment, read buffer vs write buffer,
+ * SSL_OP_MICROSOFT_BIG_WRITE_BUFFER, SSL_OP_NO_COMPRESSION, and
+ * SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS.) Using a separate freelist for every
+ * possible size is not an option, since max_send_fragment can take on many
+ * different values.
+ *
+ * If you are on a platform with a slow malloc(), and you're using SSL
+ * connections with many different settings for these options, and you need to
+ * use the SSL_MOD_RELEASE_BUFFERS feature, you have a few options:
+ * - Link against a faster malloc implementation.
+ * - Use a separate SSL_CTX for each option set.
+ * - Improve this code.
+ */
+static void *freelist_extract(SSL_CTX *ctx, int for_read, int sz)
{
+ SSL3_BUF_FREELIST *list;
+ SSL3_BUF_FREELIST_ENTRY *ent = NULL;
+ void *result = NULL;
+
+ CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
+ list = for_read ? ctx->rbuf_freelist : ctx->wbuf_freelist;
+ if (list != NULL && sz == (int)list->chunklen)
+ ent = list->head;
+ if (ent != NULL) {
+ list->head = ent->next;
+ result = ent;
+ if (--list->len == 0)
+ list->chunklen = 0;
+ }
+ CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
+ if (!result)
+ result = OPENSSL_malloc(sz);
+ return result;
+}
+
+static void freelist_insert(SSL_CTX *ctx, int for_read, size_t sz, void *mem)
+{
+ SSL3_BUF_FREELIST *list;
+ SSL3_BUF_FREELIST_ENTRY *ent;
+
+ CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
+ list = for_read ? ctx->rbuf_freelist : ctx->wbuf_freelist;
+ if (list != NULL &&
+ (sz == list->chunklen || list->chunklen == 0) &&
+ list->len < ctx->freelist_max_len && sz >= sizeof(*ent)) {
+ list->chunklen = sz;
+ ent = mem;
+ ent->next = list->head;
+ list->head = ent;
+ ++list->len;
+ mem = NULL;
+ }
+
+ CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
+ if (mem)
+ OPENSSL_free(mem);
+}
+#else
+# define freelist_extract(c,fr,sz) OPENSSL_malloc(sz)
+# define freelist_insert(c,fr,sz,m) OPENSSL_free(m)
+#endif
+
+int ssl3_setup_read_buffer(SSL *s)
+{
unsigned char *p;
- unsigned int extra, headerlen;
- size_t len;
+ size_t len, align = 0, headerlen;
if (SSL_version(s) == DTLS1_VERSION || SSL_version(s) == DTLS1_BAD_VER)
headerlen = DTLS1_RT_HEADER_LENGTH;
@@ -607,29 +724,95 @@
else
headerlen = SSL3_RT_HEADER_LENGTH;
+#if defined(SSL3_ALIGN_PAYLOAD) && SSL3_ALIGN_PAYLOAD!=0
+ align = (-SSL3_RT_HEADER_LENGTH) & (SSL3_ALIGN_PAYLOAD - 1);
+#endif
+
if (s->s3->rbuf.buf == NULL) {
- if (s->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER)
- extra = SSL3_RT_MAX_EXTRA;
- else
- extra = 0;
- len = SSL3_RT_MAX_PACKET_SIZE + extra;
- if ((p = OPENSSL_malloc(len)) == NULL)
+ len = SSL3_RT_MAX_PLAIN_LENGTH
+ + SSL3_RT_MAX_ENCRYPTED_OVERHEAD + headerlen + align;
+ if (s->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER) {
+ s->s3->init_extra = 1;
+ len += SSL3_RT_MAX_EXTRA;
+ }
+#ifndef OPENSSL_NO_COMP
+ if (!(s->options & SSL_OP_NO_COMPRESSION))
+ len += SSL3_RT_MAX_COMPRESSED_OVERHEAD;
+#endif
+ if ((p = freelist_extract(s->ctx, 1, len)) == NULL)
goto err;
s->s3->rbuf.buf = p;
s->s3->rbuf.len = len;
}
+ s->packet = &(s->s3->rbuf.buf[0]);
+ return 1;
+
+ err:
+ SSLerr(SSL_F_SSL3_SETUP_READ_BUFFER, ERR_R_MALLOC_FAILURE);
+ return 0;
+}
+
+int ssl3_setup_write_buffer(SSL *s)
+{
+ unsigned char *p;
+ size_t len, align = 0, headerlen;
+
+ if (SSL_version(s) == DTLS1_VERSION || SSL_version(s) == DTLS1_BAD_VER)
+ headerlen = DTLS1_RT_HEADER_LENGTH + 1;
+ else
+ headerlen = SSL3_RT_HEADER_LENGTH;
+
+#if defined(SSL3_ALIGN_PAYLOAD) && SSL3_ALIGN_PAYLOAD!=0
+ align = (-SSL3_RT_HEADER_LENGTH) & (SSL3_ALIGN_PAYLOAD - 1);
+#endif
+
if (s->s3->wbuf.buf == NULL) {
- len = SSL3_RT_MAX_PACKET_SIZE;
- len += headerlen + 256; /* extra space for empty fragment */
- if ((p = OPENSSL_malloc(len)) == NULL)
+ len = s->max_send_fragment
+ + SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD + headerlen + align;
+#ifndef OPENSSL_NO_COMP
+ if (!(s->options & SSL_OP_NO_COMPRESSION))
+ len += SSL3_RT_MAX_COMPRESSED_OVERHEAD;
+#endif
+ if (!(s->options & SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS))
+ len += headerlen + align + SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD;
+
+ if ((p = freelist_extract(s->ctx, 0, len)) == NULL)
goto err;
s->s3->wbuf.buf = p;
s->s3->wbuf.len = len;
}
- s->packet = &(s->s3->rbuf.buf[0]);
- return (1);
+
+ return 1;
+
err:
- SSLerr(SSL_F_SSL3_SETUP_BUFFERS, ERR_R_MALLOC_FAILURE);
- return (0);
+ SSLerr(SSL_F_SSL3_SETUP_WRITE_BUFFER, ERR_R_MALLOC_FAILURE);
+ return 0;
}
+
+int ssl3_setup_buffers(SSL *s)
+{
+ if (!ssl3_setup_read_buffer(s))
+ return 0;
+ if (!ssl3_setup_write_buffer(s))
+ return 0;
+ return 1;
+}
+
+int ssl3_release_write_buffer(SSL *s)
+{
+ if (s->s3->wbuf.buf != NULL) {
+ freelist_insert(s->ctx, 0, s->s3->wbuf.len, s->s3->wbuf.buf);
+ s->s3->wbuf.buf = NULL;
+ }
+ return 1;
+}
+
+int ssl3_release_read_buffer(SSL *s)
+{
+ if (s->s3->rbuf.buf != NULL) {
+ freelist_insert(s->ctx, 1, s->s3->rbuf.len, s->s3->rbuf.buf);
+ s->s3->rbuf.buf = NULL;
+ }
+ return 1;
+}
Modified: trunk/crypto/openssl/ssl/s3_cbc.c
===================================================================
--- trunk/crypto/openssl/ssl/s3_cbc.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/ssl/s3_cbc.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -125,7 +125,7 @@
unsigned padding_length, good, to_check, i;
const unsigned overhead = 1 /* padding length byte */ + mac_size;
/* Check if version requires explicit IV */
- if (s->version == DTLS1_VERSION || s->version == DTLS1_BAD_VER) {
+ if (s->version >= TLS1_1_VERSION || s->version == DTLS1_BAD_VER) {
/*
* These lengths are all public so we can test them in non-constant
* time.
@@ -149,7 +149,7 @@
*/
if ((s->options & SSL_OP_TLS_BLOCK_PADDING_BUG) && !s->expand) {
/* First packet is even in size, so check */
- if ((memcmp(s->s3->read_sequence, "\0\0\0\0\0\0\0\0", 8) == 0) &&
+ if ((CRYPTO_memcmp(s->s3->read_sequence, "\0\0\0\0\0\0\0\0", 8) == 0) &&
!(padding_length & 1)) {
s->s3->flags |= TLS1_FLAGS_TLS_PADDING_BUG;
}
@@ -158,6 +158,12 @@
}
}
+ if (EVP_CIPHER_flags(s->enc_read_ctx->cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) {
+ /* padding is already verified */
+ rec->length -= padding_length + 1;
+ return 1;
+ }
+
good = constant_time_ge(rec->length, overhead + padding_length);
/*
* The padding consists of a length byte at the end of the record and
@@ -362,13 +368,13 @@
* ssl3_cbc_record_digest_supported returns 1 iff |ctx| uses a hash function
* which ssl3_cbc_digest_record supports.
*/
-char ssl3_cbc_record_digest_supported(const EVP_MD *digest)
+char ssl3_cbc_record_digest_supported(const EVP_MD_CTX *ctx)
{
#ifdef OPENSSL_FIPS
if (FIPS_mode())
return 0;
#endif
- switch (EVP_MD_type(digest)) {
+ switch (EVP_MD_CTX_type(ctx)) {
case NID_md5:
case NID_sha1:
#ifndef OPENSSL_NO_SHA256
@@ -406,7 +412,7 @@
* a padding byte and MAC. (If the padding was invalid, it might contain the
* padding too. )
*/
-void ssl3_cbc_digest_record(const EVP_MD *digest,
+void ssl3_cbc_digest_record(const EVP_MD_CTX *ctx,
unsigned char *md_out,
size_t *md_out_size,
const unsigned char header[13],
@@ -447,7 +453,7 @@
*/
OPENSSL_assert(data_plus_mac_plus_padding_size < 1024 * 1024);
- switch (EVP_MD_type(digest)) {
+ switch (EVP_MD_CTX_type(ctx)) {
case NID_md5:
MD5_Init((MD5_CTX *)md_state.c);
md_final_raw = tls1_md5_final_raw;
@@ -633,12 +639,22 @@
if (k > 0) {
if (is_sslv3) {
+ unsigned overhang;
+
/*
* The SSLv3 header is larger than a single block. overhang is
* the number of bytes beyond a single block that the header
- * consumes: either 7 bytes (SHA1) or 11 bytes (MD5).
+ * consumes: either 7 bytes (SHA1) or 11 bytes (MD5). There are no
+ * ciphersuites in SSLv3 that are not SHA1 or MD5 based and
+ * therefore we can be confident that the header_length will be
+ * greater than |md_block_size|. However we add a sanity check just
+ * in case
*/
- unsigned overhang = header_length - md_block_size;
+ if (header_length <= md_block_size) {
+ /* Should never happen */
+ return;
+ }
+ overhang = header_length - md_block_size;
md_transform(md_state.c, header);
memcpy(first_block, header + md_block_size, overhang);
memcpy(first_block + overhang, data, md_block_size - overhang);
@@ -717,7 +733,7 @@
}
EVP_MD_CTX_init(&md_ctx);
- EVP_DigestInit_ex(&md_ctx, digest, NULL /* engine */ );
+ EVP_DigestInit_ex(&md_ctx, ctx->digest, NULL /* engine */ );
if (is_sslv3) {
/* We repurpose |hmac_pad| to contain the SSLv3 pad2 block. */
memset(hmac_pad, 0x5c, sslv3_pad_length);
@@ -748,26 +764,31 @@
*/
void tls_fips_digest_extra(const EVP_CIPHER_CTX *cipher_ctx,
- const EVP_MD *hash, HMAC_CTX *hctx,
- const unsigned char *data, size_t data_len,
- size_t orig_len)
+ EVP_MD_CTX *mac_ctx, const unsigned char *data,
+ size_t data_len, size_t orig_len)
{
size_t block_size, digest_pad, blocks_data, blocks_orig;
if (EVP_CIPHER_CTX_mode(cipher_ctx) != EVP_CIPH_CBC_MODE)
return;
- block_size = EVP_MD_block_size(hash);
- /*
+ block_size = EVP_MD_CTX_block_size(mac_ctx);
+ /*-
* We are in FIPS mode if we get this far so we know we have only SHA*
- * digests and TLS to deal with. Minimum digest padding length is 17 for
- * SHA384/SHA512 and 9 otherwise. Additional header is 13 bytes. To get
- * the number of digest blocks processed round up the amount of data plus
- * padding to the nearest block length. Block length is 128 for
- * SHA384/SHA512 and 64 otherwise. So we have: blocks = (payload_len +
- * digest_pad + 13 + block_size - 1)/block_size equivalently: blocks =
- * (payload_len + digest_pad + 12)/block_size + 1 HMAC adds a constant
- * overhead. We're ultimately only interested in differences so this
- * becomes blocks = (payload_len + 29)/128 for SHA384/SHA512 and blocks =
- * (payload_len + 21)/64 otherwise.
+ * digests and TLS to deal with.
+ * Minimum digest padding length is 17 for SHA384/SHA512 and 9
+ * otherwise.
+ * Additional header is 13 bytes. To get the number of digest blocks
+ * processed round up the amount of data plus padding to the nearest
+ * block length. Block length is 128 for SHA384/SHA512 and 64 otherwise.
+ * So we have:
+ * blocks = (payload_len + digest_pad + 13 + block_size - 1)/block_size
+ * equivalently:
+ * blocks = (payload_len + digest_pad + 12)/block_size + 1
+ * HMAC adds a constant overhead.
+ * We're ultimately only interested in differences so this becomes
+ * blocks = (payload_len + 29)/128
+ * for SHA384/SHA512 and
+ * blocks = (payload_len + 21)/64
+ * otherwise.
*/
digest_pad = block_size == 64 ? 21 : 29;
blocks_orig = (orig_len + digest_pad) / block_size;
@@ -778,6 +799,7 @@
* The "data" pointer should always have enough space to perform this
* operation as it is large enough for a maximum length TLS buffer.
*/
- HMAC_Update(hctx, data, (blocks_orig - blocks_data + 1) * block_size);
+ EVP_DigestSignUpdate(mac_ctx, data,
+ (blocks_orig - blocks_data + 1) * block_size);
}
#endif
Modified: trunk/crypto/openssl/ssl/s3_clnt.c
===================================================================
--- trunk/crypto/openssl/ssl/s3_clnt.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/ssl/s3_clnt.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -56,7 +56,7 @@
* [including the GNU Public Licence.]
*/
/* ====================================================================
- * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -121,6 +121,32 @@
* Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories.
*
*/
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
#include <stdio.h>
#include "ssl_locl.h"
@@ -133,7 +159,6 @@
#ifdef OPENSSL_FIPS
# include <openssl/fips.h>
#endif
-
#ifndef OPENSSL_NO_DH
# include <openssl/dh.h>
#endif
@@ -142,15 +167,13 @@
# include <openssl/engine.h>
#endif
-static SSL_METHOD *ssl3_get_client_method(int ver);
static int ca_dn_cmp(const X509_NAME *const *a, const X509_NAME *const *b);
-
-#ifndef OPENSSL_NO_ECDH
-static int curve_id2nid(int curve_id);
-int check_srvr_ecc_cert_and_alg(X509 *x, SSL_CIPHER *cs);
+#ifndef OPENSSL_NO_TLSEXT
+static int ssl3_check_finished(SSL *s);
#endif
-static SSL_METHOD *ssl3_get_client_method(int ver)
+#ifndef OPENSSL_NO_SSL3_METHOD
+static const SSL_METHOD *ssl3_get_client_method(int ver)
{
if (ver == SSL3_VERSION)
return (SSLv3_client_method());
@@ -161,7 +184,7 @@
IMPLEMENT_ssl3_meth_func(SSLv3_client_method,
ssl_undefined_function,
ssl3_connect, ssl3_get_client_method)
-
+#endif
int ssl3_connect(SSL *s)
{
BUF_MEM *buf = NULL;
@@ -183,12 +206,24 @@
if (!SSL_in_init(s) || SSL_in_before(s))
SSL_clear(s);
+#ifndef OPENSSL_NO_HEARTBEATS
+ /*
+ * If we're awaiting a HeartbeatResponse, pretend we already got and
+ * don't await it anymore, because Heartbeats don't make sense during
+ * handshakes anyway.
+ */
+ if (s->tlsext_hb_pending) {
+ s->tlsext_hb_pending = 0;
+ s->tlsext_hb_seq++;
+ }
+#endif
+
for (;;) {
state = s->state;
switch (s->state) {
case SSL_ST_RENEGOTIATE:
- s->new_session = 1;
+ s->renegotiate = 1;
s->state = SSL_ST_CONNECT;
s->ctx->stats.sess_connect_renegotiate++;
/* break */
@@ -203,6 +238,7 @@
if ((s->version & 0xff00) != 0x0300) {
SSLerr(SSL_F_SSL3_CONNECT, ERR_R_INTERNAL_ERROR);
+ s->state = SSL_ST_ERR;
ret = -1;
goto end;
}
@@ -213,10 +249,12 @@
if (s->init_buf == NULL) {
if ((buf = BUF_MEM_new()) == NULL) {
ret = -1;
+ s->state = SSL_ST_ERR;
goto end;
}
if (!BUF_MEM_grow(buf, SSL3_RT_MAX_PLAIN_LENGTH)) {
ret = -1;
+ s->state = SSL_ST_ERR;
goto end;
}
s->init_buf = buf;
@@ -231,6 +269,7 @@
/* setup buffing BIO */
if (!ssl_init_wbio_buffer(s, 0)) {
ret = -1;
+ s->state = SSL_ST_ERR;
goto end;
}
@@ -241,6 +280,11 @@
s->state = SSL3_ST_CW_CLNT_HELLO_A;
s->ctx->stats.sess_connect++;
s->init_num = 0;
+ s->s3->flags &= ~SSL3_FLAGS_CCS_OK;
+ /*
+ * Should have been reset by ssl3_get_finished, too.
+ */
+ s->s3->change_cipher_spec = 0;
break;
case SSL3_ST_CW_CLNT_HELLO_A:
@@ -264,6 +308,7 @@
ret = ssl3_get_server_hello(s);
if (ret <= 0)
goto end;
+
if (s->hit) {
s->state = SSL3_ST_CR_FINISHED_A;
#ifndef OPENSSL_NO_TLSEXT
@@ -280,21 +325,23 @@
case SSL3_ST_CR_CERT_A:
case SSL3_ST_CR_CERT_B:
#ifndef OPENSSL_NO_TLSEXT
+ /* Noop (ret = 0) for everything but EAP-FAST. */
ret = ssl3_check_finished(s);
- if (ret <= 0)
+ if (ret < 0)
goto end;
- if (ret == 2) {
+ if (ret == 1) {
s->hit = 1;
- if (s->tlsext_ticket_expected)
- s->state = SSL3_ST_CR_SESSION_TICKET_A;
- else
- s->state = SSL3_ST_CR_FINISHED_A;
+ s->state = SSL3_ST_CR_FINISHED_A;
s->init_num = 0;
break;
}
#endif
- /* Check if it is anon DH/ECDH */
- if (!(s->s3->tmp.new_cipher->algorithms & SSL_aNULL)) {
+ /* Check if it is anon DH/ECDH, SRP auth */
+ /* or PSK */
+ if (!
+ (s->s3->tmp.
+ new_cipher->algorithm_auth & (SSL_aNULL | SSL_aSRP))
+ && !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)) {
ret = ssl3_get_server_certificate(s);
if (ret <= 0)
goto end;
@@ -330,6 +377,7 @@
*/
if (!ssl3_check_cert_and_algorithm(s)) {
ret = -1;
+ s->state = SSL_ST_ERR;
goto end;
}
break;
@@ -348,6 +396,16 @@
ret = ssl3_get_server_done(s);
if (ret <= 0)
goto end;
+#ifndef OPENSSL_NO_SRP
+ if (s->s3->tmp.new_cipher->algorithm_mkey & SSL_kSRP) {
+ if ((ret = SRP_Calc_A_param(s)) <= 0) {
+ SSLerr(SSL_F_SSL3_CONNECT, SSL_R_SRP_A_CALC);
+ ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
+ s->state = SSL_ST_ERR;
+ goto end;
+ }
+ }
+#endif
if (s->s3->tmp.cert_req)
s->state = SSL3_ST_CW_CERT_A;
else
@@ -389,8 +447,10 @@
s->state = SSL3_ST_CW_CERT_VRFY_A;
} else {
s->state = SSL3_ST_CW_CHANGE_A;
- s->s3->change_cipher_spec = 0;
}
+ if (s->s3->flags & TLS1_FLAGS_SKIP_CERT_VERIFY) {
+ s->state = SSL3_ST_CW_CHANGE_A;
+ }
s->init_num = 0;
break;
@@ -402,7 +462,6 @@
goto end;
s->state = SSL3_ST_CW_CHANGE_A;
s->init_num = 0;
- s->s3->change_cipher_spec = 0;
break;
case SSL3_ST_CW_CHANGE_A:
@@ -412,7 +471,15 @@
SSL3_ST_CW_CHANGE_B);
if (ret <= 0)
goto end;
+
+#if defined(OPENSSL_NO_TLSEXT) || defined(OPENSSL_NO_NEXTPROTONEG)
s->state = SSL3_ST_CW_FINISHED_A;
+#else
+ if (s->s3->next_proto_neg_seen)
+ s->state = SSL3_ST_CW_NEXT_PROTO_A;
+ else
+ s->state = SSL3_ST_CW_FINISHED_A;
+#endif
s->init_num = 0;
s->session->cipher = s->s3->tmp.new_cipher;
@@ -426,6 +493,7 @@
#endif
if (!s->method->ssl3_enc->setup_key_block(s)) {
ret = -1;
+ s->state = SSL_ST_ERR;
goto end;
}
@@ -433,11 +501,22 @@
SSL3_CHANGE_CIPHER_CLIENT_WRITE))
{
ret = -1;
+ s->state = SSL_ST_ERR;
goto end;
}
break;
+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
+ case SSL3_ST_CW_NEXT_PROTO_A:
+ case SSL3_ST_CW_NEXT_PROTO_B:
+ ret = ssl3_send_next_proto(s);
+ if (ret <= 0)
+ goto end;
+ s->state = SSL3_ST_CW_FINISHED_A;
+ break;
+#endif
+
case SSL3_ST_CW_FINISHED_A:
case SSL3_ST_CW_FINISHED_B:
ret = ssl3_send_finished(s,
@@ -449,7 +528,6 @@
ssl3_enc->client_finished_label_len);
if (ret <= 0)
goto end;
- s->s3->flags |= SSL3_FLAGS_CCS_OK;
s->state = SSL3_ST_CW_FLUSH;
/* clear flags */
@@ -498,8 +576,8 @@
case SSL3_ST_CR_FINISHED_A:
case SSL3_ST_CR_FINISHED_B:
-
- s->s3->flags |= SSL3_FLAGS_CCS_OK;
+ if (!s->s3->change_cipher_spec)
+ s->s3->flags |= SSL3_FLAGS_CCS_OK;
ret = ssl3_get_finished(s, SSL3_ST_CR_FINISHED_A,
SSL3_ST_CR_FINISHED_B);
if (ret <= 0)
@@ -540,6 +618,7 @@
/* else do it later in ssl3_write */
s->init_num = 0;
+ s->renegotiate = 0;
s->new_session = 0;
ssl_update_cache(s, SSL_SESS_CACHE_CLIENT);
@@ -557,6 +636,7 @@
goto end;
/* break; */
+ case SSL_ST_ERR:
default:
SSLerr(SSL_F_SSL3_CONNECT, SSL_R_UNKNOWN_STATE);
ret = -1;
@@ -594,7 +674,7 @@
unsigned char *buf;
unsigned char *p, *d;
int i;
- unsigned long Time, l;
+ unsigned long l;
#ifndef OPENSSL_NO_COMP
int j;
SSL_COMP *comp;
@@ -607,6 +687,10 @@
#ifdef OPENSSL_NO_TLSEXT
!sess->session_id_length ||
#else
+ /*
+ * In the case of EAP-FAST, we can have a pre-shared
+ * "ticket" without a session ID.
+ */
(!sess->session_id_length && !sess->tlsext_tick) ||
#endif
(sess->not_resumable)) {
@@ -616,17 +700,51 @@
/* else use the pre-loaded session */
p = s->s3->client_random;
- Time = (unsigned long)time(NULL); /* Time */
- l2n(Time, p);
- if (RAND_pseudo_bytes(p, SSL3_RANDOM_SIZE - 4) <= 0)
+
+ if (ssl_fill_hello_random(s, 0, p, SSL3_RANDOM_SIZE) <= 0)
goto err;
/* Do the message type and length last */
d = p = &(buf[4]);
+ /*-
+ * version indicates the negotiated version: for example from
+ * an SSLv2/v3 compatible client hello). The client_version
+ * field is the maximum version we permit and it is also
+ * used in RSA encrypted premaster secrets. Some servers can
+ * choke if we initially report a higher version then
+ * renegotiate to a lower one in the premaster secret. This
+ * didn't happen with TLS 1.0 as most servers supported it
+ * but it can with TLS 1.1 or later if the server only supports
+ * 1.0.
+ *
+ * Possible scenario with previous logic:
+ * 1. Client hello indicates TLS 1.2
+ * 2. Server hello says TLS 1.0
+ * 3. RSA encrypted premaster secret uses 1.2.
+ * 4. Handhaked proceeds using TLS 1.0.
+ * 5. Server sends hello request to renegotiate.
+ * 6. Client hello indicates TLS v1.0 as we now
+ * know that is maximum server supports.
+ * 7. Server chokes on RSA encrypted premaster secret
+ * containing version 1.0.
+ *
+ * For interoperability it should be OK to always use the
+ * maximum version we support in client hello and then rely
+ * on the checking of version to ensure the servers isn't
+ * being inconsistent: for example initially negotiating with
+ * TLS 1.0 and renegotiating with TLS 1.2. We do this by using
+ * client_version in client hello and not resetting it to
+ * the negotiated version.
+ */
+#if 0
*(p++) = s->version >> 8;
*(p++) = s->version & 0xff;
s->client_version = s->version;
+#else
+ *(p++) = s->client_version >> 8;
+ *(p++) = s->client_version & 0xff;
+#endif
/* Random stuff */
memcpy(p, s->s3->client_random, SSL3_RANDOM_SIZE);
@@ -653,6 +771,16 @@
SSLerr(SSL_F_SSL3_CLIENT_HELLO, SSL_R_NO_CIPHERS_AVAILABLE);
goto err;
}
+#ifdef OPENSSL_MAX_TLS1_2_CIPHER_LENGTH
+ /*
+ * Some servers hang if client hello > 256 bytes as hack workaround
+ * chop number of supported ciphers to keep it well below this if we
+ * use TLS v1.2
+ */
+ if (TLS1_get_version(s) >= TLS1_2_VERSION
+ && i > OPENSSL_MAX_TLS1_2_CIPHER_LENGTH)
+ i = OPENSSL_MAX_TLS1_2_CIPHER_LENGTH & ~1;
+#endif
s2n(i, p);
p += i;
@@ -660,7 +788,9 @@
#ifdef OPENSSL_NO_COMP
*(p++) = 1;
#else
- if (s->ctx->comp_methods == NULL)
+
+ if ((s->options & SSL_OP_NO_COMPRESSION)
+ || !s->ctx->comp_methods)
j = 0;
else
j = sk_SSL_COMP_num(s->ctx->comp_methods);
@@ -671,7 +801,13 @@
}
#endif
*(p++) = 0; /* Add the NULL method */
+
#ifndef OPENSSL_NO_TLSEXT
+ /* TLS extensions */
+ if (ssl_prepare_clienthello_tlsext(s) <= 0) {
+ SSLerr(SSL_F_SSL3_CLIENT_HELLO, SSL_R_CLIENTHELLO_TLSEXT);
+ goto err;
+ }
if ((p =
ssl_add_clienthello_tlsext(s, p,
buf + SSL3_RT_MAX_PLAIN_LENGTH)) ==
@@ -680,6 +816,7 @@
goto err;
}
#endif
+
l = (p - d);
d = buf;
*(d++) = SSL3_MT_CLIENT_HELLO;
@@ -694,6 +831,7 @@
/* SSL3_ST_CW_CLNT_HELLO_B */
return (ssl3_do_write(s, SSL3_RT_HANDSHAKE));
err:
+ s->state = SSL_ST_ERR;
return (-1);
}
@@ -700,7 +838,7 @@
int ssl3_get_server_hello(SSL *s)
{
STACK_OF(SSL_CIPHER) *sk;
- SSL_CIPHER *c;
+ const SSL_CIPHER *c;
unsigned char *p, *d;
int i, al, ok;
unsigned int j;
@@ -751,6 +889,8 @@
memcpy(s->s3->server_random, p, SSL3_RANDOM_SIZE);
p += SSL3_RANDOM_SIZE;
+ s->hit = 0;
+
/* get the session-id */
j = *(p++);
@@ -759,6 +899,36 @@
SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_SSL3_SESSION_ID_TOO_LONG);
goto f_err;
}
+#ifndef OPENSSL_NO_TLSEXT
+ /*
+ * Check if we can resume the session based on external pre-shared secret.
+ * EAP-FAST (RFC 4851) supports two types of session resumption.
+ * Resumption based on server-side state works with session IDs.
+ * Resumption based on pre-shared Protected Access Credentials (PACs)
+ * works by overriding the SessionTicket extension at the application
+ * layer, and does not send a session ID. (We do not know whether EAP-FAST
+ * servers would honour the session ID.) Therefore, the session ID alone
+ * is not a reliable indicator of session resumption, so we first check if
+ * we can resume, and later peek at the next handshake message to see if the
+ * server wants to resume.
+ */
+ if (s->version >= TLS1_VERSION && s->tls_session_secret_cb &&
+ s->session->tlsext_tick) {
+ SSL_CIPHER *pref_cipher = NULL;
+ s->session->master_key_length = sizeof(s->session->master_key);
+ if (s->tls_session_secret_cb(s, s->session->master_key,
+ &s->session->master_key_length,
+ NULL, &pref_cipher,
+ s->tls_session_secret_cb_arg)) {
+ s->session->cipher = pref_cipher ?
+ pref_cipher : ssl_get_cipher_by_char(s, p + j);
+ } else {
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, ERR_R_INTERNAL_ERROR);
+ al = SSL_AD_INTERNAL_ERROR;
+ goto f_err;
+ }
+ }
+#endif /* OPENSSL_NO_TLSEXT */
if (j != 0 && j == s->session->session_id_length
&& memcmp(p, s->session->session_id, j) == 0) {
@@ -770,15 +940,15 @@
SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT);
goto f_err;
}
- s->s3->flags |= SSL3_FLAGS_CCS_OK;
s->hit = 1;
- } else { /* a miss or crap from the other end */
-
+ } else {
/*
- * If we were trying for session-id reuse, make a new SSL_SESSION so
- * we don't stuff up other people
+ * If we were trying for session-id reuse but the server
+ * didn't echo the ID, make a new SSL_SESSION.
+ * In the case of EAP-FAST and PAC, we do not send a session ID,
+ * so the PAC-based session secret is always preserved. It'll be
+ * overwritten if the server refuses resumption.
*/
- s->hit = 0;
if (s->session->session_id_length > 0) {
if (!ssl_get_new_session(s, 0)) {
al = SSL_AD_INTERNAL_ERROR;
@@ -796,6 +966,21 @@
SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_UNKNOWN_CIPHER_RETURNED);
goto f_err;
}
+ /* TLS v1.2 only ciphersuites require v1.2 or later */
+ if ((c->algorithm_ssl & SSL_TLSV1_2) &&
+ (TLS1_get_version(s) < TLS1_2_VERSION)) {
+ al = SSL_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_WRONG_CIPHER_RETURNED);
+ goto f_err;
+ }
+#ifndef OPENSSL_NO_SRP
+ if (((c->algorithm_mkey & SSL_kSRP) || (c->algorithm_auth & SSL_aSRP)) &&
+ !(s->srp_ctx.srp_Mask & SSL_kSRP)) {
+ al = SSL_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_WRONG_CIPHER_RETURNED);
+ goto f_err;
+ }
+#endif /* OPENSSL_NO_SRP */
p += ssl_put_cipher_by_char(s, NULL, NULL);
sk = ssl_get_ciphers_by_id(s);
@@ -827,7 +1012,15 @@
}
}
s->s3->tmp.new_cipher = c;
-
+ /*
+ * Don't digest cached records if TLS v1.2: we may need them for client
+ * authentication.
+ */
+ if (TLS1_get_version(s) < TLS1_2_VERSION
+ && !ssl3_digest_cached_records(s)) {
+ al = SSL_AD_INTERNAL_ERROR;
+ goto f_err;
+ }
/* lets get the compression algorithm */
/* COMPRESSION */
#ifdef OPENSSL_NO_COMP
@@ -837,11 +1030,30 @@
SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
goto f_err;
}
+ /*
+ * If compression is disabled we'd better not try to resume a session
+ * using compression.
+ */
+ if (s->session->compress_meth != 0) {
+ al = SSL_AD_INTERNAL_ERROR;
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_INCONSISTENT_COMPRESSION);
+ goto f_err;
+ }
#else
j = *(p++);
+ if (s->hit && j != s->session->compress_meth) {
+ al = SSL_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
+ SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED);
+ goto f_err;
+ }
if (j == 0)
comp = NULL;
- else
+ else if (s->options & SSL_OP_NO_COMPRESSION) {
+ al = SSL_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_COMPRESSION_DISABLED);
+ goto f_err;
+ } else
comp = ssl3_comp_find(s->ctx->comp_methods, j);
if ((j != 0) && (comp == NULL)) {
@@ -853,6 +1065,7 @@
s->s3->tmp.new_compression = comp;
}
#endif
+
#ifndef OPENSSL_NO_TLSEXT
/* TLS extensions */
if (s->version >= SSL3_VERSION) {
@@ -878,9 +1091,8 @@
return (1);
f_err:
ssl3_send_alert(s, SSL3_AL_FATAL, al);
-#ifndef OPENSSL_NO_TLSEXT
err:
-#endif
+ s->state = SSL_ST_ERR;
return (-1);
}
@@ -906,7 +1118,7 @@
return ((int)n);
if ((s->s3->tmp.message_type == SSL3_MT_SERVER_KEY_EXCHANGE) ||
- ((s->s3->tmp.new_cipher->algorithms & SSL_aKRB5) &&
+ ((s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5) &&
(s->s3->tmp.message_type == SSL3_MT_SERVER_DONE))) {
s->s3->tmp.reuse_message = 1;
return (1);
@@ -964,9 +1176,8 @@
i = ssl_verify_cert_chain(s, sk);
if ((s->verify_mode != SSL_VERIFY_NONE) && (i <= 0)
#ifndef OPENSSL_NO_KRB5
- && (s->s3->tmp.
- new_cipher->algorithms & (SSL_MKEY_MASK | SSL_AUTH_MASK))
- != (SSL_aKRB5 | SSL_kKRB5)
+ && !((s->s3->tmp.new_cipher->algorithm_mkey & SSL_kKRB5) &&
+ (s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5))
#endif /* OPENSSL_NO_KRB5 */
) {
al = ssl_verify_alarm_type(s->verify_result);
@@ -998,15 +1209,17 @@
pkey = X509_get_pubkey(x);
/* VRS: allow null cert if auth == KRB5 */
- need_cert = ((s->s3->tmp.new_cipher->algorithms
- & (SSL_MKEY_MASK | SSL_AUTH_MASK))
- == (SSL_aKRB5 | SSL_kKRB5)) ? 0 : 1;
+ need_cert = ((s->s3->tmp.new_cipher->algorithm_mkey & SSL_kKRB5) &&
+ (s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5))
+ ? 0 : 1;
#ifdef KSSL_DEBUG
- printf("pkey,x = %p, %p\n", (void *)pkey, (void *)x);
- printf("ssl_cert_type(x,pkey) = %d\n", ssl_cert_type(x, pkey));
- printf("cipher, alg, nc = %s, %lx, %d\n", s->s3->tmp.new_cipher->name,
- s->s3->tmp.new_cipher->algorithms, need_cert);
+ fprintf(stderr, "pkey,x = %p, %p\n", pkey, x);
+ fprintf(stderr, "ssl_cert_type(x,pkey) = %d\n", ssl_cert_type(x, pkey));
+ fprintf(stderr, "cipher, alg, nc = %s, %lx, %lx, %d\n",
+ s->s3->tmp.new_cipher->name,
+ s->s3->tmp.new_cipher->algorithm_mkey,
+ s->s3->tmp.new_cipher->algorithm_auth, need_cert);
#endif /* KSSL_DEBUG */
if (need_cert && ((pkey == NULL) || EVP_PKEY_missing_parameters(pkey))) {
@@ -1058,8 +1271,10 @@
if (0) {
f_err:
ssl3_send_alert(s, SSL3_AL_FATAL, al);
+ err:
+ s->state = SSL_ST_ERR;
}
- err:
+
EVP_PKEY_free(pkey);
X509_free(x);
sk_X509_pop_free(sk, X509_free);
@@ -1074,8 +1289,9 @@
EVP_MD_CTX md_ctx;
unsigned char *param, *p;
int al, j, ok;
- long i, param_len, n, alg;
+ long i, param_len, n, alg_k, alg_a;
EVP_PKEY *pkey = NULL;
+ const EVP_MD *md = NULL;
#ifndef OPENSSL_NO_RSA
RSA *rsa = NULL;
#endif
@@ -1090,6 +1306,8 @@
int encoded_pt_len = 0;
#endif
+ EVP_MD_CTX_init(&md_ctx);
+
/*
* use same message size as in ssl3_get_certificate_request() as
* ServerKeyExchange message may be skipped
@@ -1098,12 +1316,10 @@
SSL3_ST_CR_KEY_EXCH_A,
SSL3_ST_CR_KEY_EXCH_B,
-1, s->max_cert_list, &ok);
-
if (!ok)
return ((int)n);
- alg = s->s3->tmp.new_cipher->algorithms;
- EVP_MD_CTX_init(&md_ctx);
+ alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
if (s->s3->tmp.message_type != SSL3_MT_SERVER_KEY_EXCHANGE) {
/*
@@ -1110,17 +1326,29 @@
* Can't skip server key exchange if this is an ephemeral
* ciphersuite.
*/
- if (alg & (SSL_kEDH | SSL_kECDHE)) {
+ if (alg_k & (SSL_kEDH | SSL_kEECDH)) {
SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_UNEXPECTED_MESSAGE);
al = SSL_AD_UNEXPECTED_MESSAGE;
goto f_err;
}
+#ifndef OPENSSL_NO_PSK
+ /*
+ * In plain PSK ciphersuite, ServerKeyExchange can be omitted if no
+ * identity hint is sent. Set session->sess_cert anyway to avoid
+ * problems later.
+ */
+ if (alg_k & SSL_kPSK) {
+ s->session->sess_cert = ssl_sess_cert_new();
+ if (s->ctx->psk_identity_hint)
+ OPENSSL_free(s->ctx->psk_identity_hint);
+ s->ctx->psk_identity_hint = NULL;
+ }
+#endif
s->s3->tmp.reuse_message = 1;
return (1);
}
param = p = (unsigned char *)s->init_msg;
-
if (s->session->sess_cert != NULL) {
#ifndef OPENSSL_NO_RSA
if (s->session->sess_cert->peer_rsa_tmp != NULL) {
@@ -1147,9 +1375,167 @@
/* Total length of the parameters including the length prefix */
param_len = 0;
+ alg_a = s->s3->tmp.new_cipher->algorithm_auth;
+
al = SSL_AD_DECODE_ERROR;
+
+#ifndef OPENSSL_NO_PSK
+ if (alg_k & SSL_kPSK) {
+ char tmp_id_hint[PSK_MAX_IDENTITY_LEN + 1];
+
+ param_len = 2;
+ if (param_len > n) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
+ goto f_err;
+ }
+ n2s(p, i);
+
+ /*
+ * Store PSK identity hint for later use, hint is used in
+ * ssl3_send_client_key_exchange. Assume that the maximum length of
+ * a PSK identity hint can be as long as the maximum length of a PSK
+ * identity.
+ */
+ if (i > PSK_MAX_IDENTITY_LEN) {
+ al = SSL_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_DATA_LENGTH_TOO_LONG);
+ goto f_err;
+ }
+ if (i > n - param_len) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
+ SSL_R_BAD_PSK_IDENTITY_HINT_LENGTH);
+ goto f_err;
+ }
+ param_len += i;
+
+ /*
+ * If received PSK identity hint contains NULL characters, the hint
+ * is truncated from the first NULL. p may not be ending with NULL,
+ * so create a NULL-terminated string.
+ */
+ memcpy(tmp_id_hint, p, i);
+ memset(tmp_id_hint + i, 0, PSK_MAX_IDENTITY_LEN + 1 - i);
+ if (s->ctx->psk_identity_hint != NULL)
+ OPENSSL_free(s->ctx->psk_identity_hint);
+ s->ctx->psk_identity_hint = BUF_strdup(tmp_id_hint);
+ if (s->ctx->psk_identity_hint == NULL) {
+ al = SSL_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
+ goto f_err;
+ }
+
+ p += i;
+ n -= param_len;
+ } else
+#endif /* !OPENSSL_NO_PSK */
+#ifndef OPENSSL_NO_SRP
+ if (alg_k & SSL_kSRP) {
+ param_len = 2;
+ if (param_len > n) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
+ goto f_err;
+ }
+ n2s(p, i);
+
+ if (i > n - param_len) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_SRP_N_LENGTH);
+ goto f_err;
+ }
+ param_len += i;
+
+ if (!(s->srp_ctx.N = BN_bin2bn(p, i, NULL))) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);
+ goto err;
+ }
+ p += i;
+
+ if (2 > n - param_len) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
+ goto f_err;
+ }
+ param_len += 2;
+
+ n2s(p, i);
+
+ if (i > n - param_len) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_SRP_G_LENGTH);
+ goto f_err;
+ }
+ param_len += i;
+
+ if (!(s->srp_ctx.g = BN_bin2bn(p, i, NULL))) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);
+ goto err;
+ }
+ p += i;
+
+ if (1 > n - param_len) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
+ goto f_err;
+ }
+ param_len += 1;
+
+ i = (unsigned int)(p[0]);
+ p++;
+
+ if (i > n - param_len) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_SRP_S_LENGTH);
+ goto f_err;
+ }
+ param_len += i;
+
+ if (!(s->srp_ctx.s = BN_bin2bn(p, i, NULL))) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);
+ goto err;
+ }
+ p += i;
+
+ if (2 > n - param_len) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
+ goto f_err;
+ }
+ param_len += 2;
+
+ n2s(p, i);
+
+ if (i > n - param_len) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_SRP_B_LENGTH);
+ goto f_err;
+ }
+ param_len += i;
+
+ if (!(s->srp_ctx.B = BN_bin2bn(p, i, NULL))) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);
+ goto err;
+ }
+ p += i;
+ n -= param_len;
+
+ if (!srp_verify_server_param(s, &al)) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_SRP_PARAMETERS);
+ goto f_err;
+ }
+
+/* We must check if there is a certificate */
+# ifndef OPENSSL_NO_RSA
+ if (alg_a & SSL_aRSA)
+ pkey =
+ X509_get_pubkey(s->session->
+ sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
+# else
+ if (0) ;
+# endif
+# ifndef OPENSSL_NO_DSA
+ else if (alg_a & SSL_aDSS)
+ pkey =
+ X509_get_pubkey(s->session->
+ sess_cert->peer_pkeys[SSL_PKEY_DSA_SIGN].
+ x509);
+# endif
+ } else
+#endif /* !OPENSSL_NO_SRP */
#ifndef OPENSSL_NO_RSA
- if (alg & SSL_kRSA) {
+ if (alg_k & SSL_kRSA) {
/* Temporary RSA keys only allowed in export ciphersuites */
if (!SSL_C_IS_EXPORT(s->s3->tmp.new_cipher)) {
al = SSL_AD_UNEXPECTED_MESSAGE;
@@ -1202,7 +1588,7 @@
n -= param_len;
/* this should be because we are using an export cipher */
- if (alg & SSL_aRSA)
+ if (alg_a & SSL_aRSA)
pkey =
X509_get_pubkey(s->session->
sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
@@ -1210,6 +1596,13 @@
SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
goto err;
}
+
+ if (EVP_PKEY_bits(pkey) <= SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)) {
+ al = SSL_AD_UNEXPECTED_MESSAGE;
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_UNEXPECTED_MESSAGE);
+ goto f_err;
+ }
+
s->session->sess_cert->peer_rsa_tmp = rsa;
rsa = NULL;
}
@@ -1217,7 +1610,7 @@
if (0) ;
#endif
#ifndef OPENSSL_NO_DH
- else if (alg & SSL_kEDH) {
+ else if (alg_k & SSL_kEDH) {
if ((dh = DH_new()) == NULL) {
SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_DH_LIB);
goto err;
@@ -1284,7 +1677,7 @@
n -= param_len;
# ifndef OPENSSL_NO_RSA
- if (alg & SSL_aRSA)
+ if (alg_a & SSL_aRSA)
pkey =
X509_get_pubkey(s->session->
sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
@@ -1292,7 +1685,7 @@
if (0) ;
# endif
# ifndef OPENSSL_NO_DSA
- else if (alg & SSL_aDSS)
+ else if (alg_a & SSL_aDSS)
pkey =
X509_get_pubkey(s->session->
sess_cert->peer_pkeys[SSL_PKEY_DSA_SIGN].
@@ -1302,7 +1695,7 @@
s->session->sess_cert->peer_dh_tmp = dh;
dh = NULL;
- } else if ((alg & SSL_kDHr) || (alg & SSL_kDHd)) {
+ } else if ((alg_k & SSL_kDHr) || (alg_k & SSL_kDHd)) {
al = SSL_AD_ILLEGAL_PARAMETER;
SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER);
@@ -1311,7 +1704,7 @@
#endif /* !OPENSSL_NO_DH */
#ifndef OPENSSL_NO_ECDH
- else if (alg & SSL_kECDHE) {
+ else if (alg_k & SSL_kEECDH) {
EC_GROUP *ngroup;
const EC_GROUP *group;
@@ -1338,7 +1731,7 @@
}
if ((*p != NAMED_CURVE_TYPE) ||
- ((curve_nid = curve_id2nid(*(p + 2))) == 0)) {
+ ((curve_nid = tls1_ec_curve_id2nid(*(p + 2))) == 0)) {
al = SSL_AD_INTERNAL_ERROR;
SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS);
@@ -1396,13 +1789,13 @@
*/
if (0) ;
# ifndef OPENSSL_NO_RSA
- else if (alg & SSL_aRSA)
+ else if (alg_a & SSL_aRSA)
pkey =
X509_get_pubkey(s->session->
sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
# endif
# ifndef OPENSSL_NO_ECDSA
- else if (alg & SSL_aECDSA)
+ else if (alg_a & SSL_aECDSA)
pkey =
X509_get_pubkey(s->session->
sess_cert->peer_pkeys[SSL_PKEY_ECC].x509);
@@ -1415,23 +1808,54 @@
bn_ctx = NULL;
EC_POINT_free(srvr_ecpoint);
srvr_ecpoint = NULL;
- } else if (alg & SSL_kECDH) {
+ } else if (alg_k) {
al = SSL_AD_UNEXPECTED_MESSAGE;
SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_UNEXPECTED_MESSAGE);
goto f_err;
}
#endif /* !OPENSSL_NO_ECDH */
- if (alg & SSL_aFZA) {
- al = SSL_AD_HANDSHAKE_FAILURE;
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
- SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER);
- goto f_err;
- }
/* p points to the next byte, there are 'n' bytes left */
/* if it was signed, check the signature */
if (pkey != NULL) {
+ if (TLS1_get_version(s) >= TLS1_2_VERSION) {
+ int sigalg;
+ if (2 > n) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
+ goto f_err;
+ }
+
+ sigalg = tls12_get_sigid(pkey);
+ /* Should never happen */
+ if (sigalg == -1) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+ /* Check key type is consistent with signature */
+ if (sigalg != (int)p[1]) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
+ SSL_R_WRONG_SIGNATURE_TYPE);
+ al = SSL_AD_DECODE_ERROR;
+ goto f_err;
+ }
+ md = tls12_get_hash(p[0]);
+ if (md == NULL) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_UNKNOWN_DIGEST);
+ goto f_err;
+ }
+#ifdef SSL_DEBUG
+ fprintf(stderr, "USING TLSv1.2 HASH %s\n", EVP_MD_name(md));
+#endif
+ p += 2;
+ n -= 2;
+ } else
+ md = EVP_sha1();
+
+ if (2 > n) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
+ goto f_err;
+ }
n2s(p, i);
n -= 2;
j = EVP_PKEY_size(pkey);
@@ -1445,7 +1869,8 @@
goto f_err;
}
#ifndef OPENSSL_NO_RSA
- if (pkey->type == EVP_PKEY_RSA) {
+ if (pkey->type == EVP_PKEY_RSA
+ && TLS1_get_version(s) < TLS1_2_VERSION) {
int num;
unsigned int size;
@@ -1478,10 +1903,8 @@
}
} else
#endif
-#ifndef OPENSSL_NO_DSA
- if (pkey->type == EVP_PKEY_DSA) {
- /* lets do DSS */
- EVP_VerifyInit_ex(&md_ctx, EVP_dss1(), NULL);
+ {
+ EVP_VerifyInit_ex(&md_ctx, md, NULL);
EVP_VerifyUpdate(&md_ctx, &(s->s3->client_random[0]),
SSL3_RANDOM_SIZE);
EVP_VerifyUpdate(&md_ctx, &(s->s3->server_random[0]),
@@ -1493,35 +1916,14 @@
SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_SIGNATURE);
goto f_err;
}
- } else
-#endif
-#ifndef OPENSSL_NO_ECDSA
- if (pkey->type == EVP_PKEY_EC) {
- /* let's do ECDSA */
- EVP_VerifyInit_ex(&md_ctx, EVP_ecdsa(), NULL);
- EVP_VerifyUpdate(&md_ctx, &(s->s3->client_random[0]),
- SSL3_RANDOM_SIZE);
- EVP_VerifyUpdate(&md_ctx, &(s->s3->server_random[0]),
- SSL3_RANDOM_SIZE);
- EVP_VerifyUpdate(&md_ctx, param, param_len);
- if (EVP_VerifyFinal(&md_ctx, p, (int)n, pkey) <= 0) {
- /* bad signature */
- al = SSL_AD_DECRYPT_ERROR;
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_SIGNATURE);
- goto f_err;
- }
- } else
-#endif
- {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
- goto err;
}
} else {
- /* still data left over */
- if (!(alg & SSL_aNULL)) {
+ /* aNULL, aSRP or kPSK do not need public keys */
+ if (!(alg_a & (SSL_aNULL | SSL_aSRP)) && !(alg_k & SSL_kPSK)) {
SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
goto err;
}
+ /* still data left over */
if (n != 0) {
SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_EXTRA_DATA_IN_MESSAGE);
goto f_err;
@@ -1549,6 +1951,7 @@
EC_KEY_free(ecdh);
#endif
EVP_MD_CTX_cleanup(&md_ctx);
+ s->state = SSL_ST_ERR;
return (-1);
}
@@ -1574,6 +1977,14 @@
if (s->s3->tmp.message_type == SSL3_MT_SERVER_DONE) {
s->s3->tmp.reuse_message = 1;
+ /*
+ * If we get here we don't need any cached handshake records as we
+ * wont be doing client auth.
+ */
+ if (s->s3->handshake_buffer) {
+ if (!ssl3_digest_cached_records(s))
+ goto err;
+ }
return (1);
}
@@ -1585,8 +1996,7 @@
/* TLS does not like anon-DH with client cert */
if (s->version > SSL3_VERSION) {
- l = s->s3->tmp.new_cipher->algorithms;
- if (l & SSL_aNULL) {
+ if (s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) {
ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,
SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER);
@@ -1608,6 +2018,26 @@
for (i = 0; i < ctype_num; i++)
s->s3->tmp.ctype[i] = p[i];
p += ctype_num;
+ if (TLS1_get_version(s) >= TLS1_2_VERSION) {
+ n2s(p, llen);
+ /*
+ * Check we have enough room for signature algorithms and following
+ * length value.
+ */
+ if ((unsigned long)(p - d + llen + 2) > n) {
+ ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
+ SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,
+ SSL_R_DATA_LENGTH_TOO_LONG);
+ goto err;
+ }
+ if ((llen & 1) || !tls1_process_sigalgs(s, p, llen)) {
+ ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
+ SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,
+ SSL_R_SIGNATURE_ALGORITHMS_ERROR);
+ goto err;
+ }
+ p += llen;
+ }
/* get the CA RDNs */
n2s(p, llen);
@@ -1620,7 +2050,7 @@
}
#endif
- if ((llen + ctype_num + 2 + 1) != n) {
+ if ((unsigned long)(p - d + llen) != n) {
ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST, SSL_R_LENGTH_MISMATCH);
goto err;
@@ -1678,7 +2108,10 @@
ca_sk = NULL;
ret = 1;
+ goto done;
err:
+ s->state = SSL_ST_ERR;
+ done:
if (ca_sk != NULL)
sk_X509_NAME_pop_free(ca_sk, X509_NAME_free);
return (ret);
@@ -1700,20 +2133,11 @@
n = s->method->ssl_get_message(s,
SSL3_ST_CR_SESSION_TICKET_A,
SSL3_ST_CR_SESSION_TICKET_B,
- -1, 16384, &ok);
+ SSL3_MT_NEWSESSION_TICKET, 16384, &ok);
if (!ok)
return ((int)n);
- if (s->s3->tmp.message_type == SSL3_MT_FINISHED) {
- s->s3->tmp.reuse_message = 1;
- return (1);
- }
- if (s->s3->tmp.message_type != SSL3_MT_NEWSESSION_TICKET) {
- al = SSL_AD_UNEXPECTED_MESSAGE;
- SSLerr(SSL_F_SSL3_GET_NEW_SESSION_TICKET, SSL_R_BAD_MESSAGE_TYPE);
- goto f_err;
- }
if (n < 6) {
/* need at least ticket_lifetime_hint + ticket length */
al = SSL_AD_DECODE_ERROR;
@@ -1774,8 +2198,8 @@
memcpy(s->session->tlsext_tick, p, ticklen);
s->session->tlsext_ticklen = ticklen;
/*
- * There are two ways to detect a resumed ticket sesion. One is to set an
- * appropriate session ID and then the server must return a match in
+ * There are two ways to detect a resumed ticket session. One is to set
+ * an appropriate session ID and then the server must return a match in
* ServerHello. This allows the normal client session ID matching to work
* and we know much earlier that the ticket has been accepted. The
* other way is to set zero length session ID when the ticket is
@@ -1796,6 +2220,7 @@
f_err:
ssl3_send_alert(s, SSL3_AL_FATAL, al);
err:
+ s->state = SSL_ST_ERR;
return (-1);
}
@@ -1802,8 +2227,7 @@
int ssl3_get_cert_status(SSL *s)
{
int ok, al;
- unsigned long resplen;
- long n;
+ unsigned long resplen, n;
const unsigned char *p;
n = s->method->ssl_get_message(s,
@@ -1826,7 +2250,7 @@
goto f_err;
}
n2l3(p, resplen);
- if (resplen + 4 != (unsigned long)n) {
+ if (resplen + 4 != n) {
al = SSL_AD_DECODE_ERROR;
SSLerr(SSL_F_SSL3_GET_CERT_STATUS, SSL_R_LENGTH_MISMATCH);
goto f_err;
@@ -1857,6 +2281,7 @@
return 1;
f_err:
ssl3_send_alert(s, SSL3_AL_FATAL, al);
+ s->state = SSL_ST_ERR;
return (-1);
}
#endif
@@ -1878,6 +2303,7 @@
/* should contain no data */
ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
SSLerr(SSL_F_SSL3_GET_SERVER_DONE, SSL_R_LENGTH_MISMATCH);
+ s->state = SSL_ST_ERR;
return -1;
}
ret = 1;
@@ -1888,7 +2314,7 @@
{
unsigned char *p, *d;
int n;
- unsigned long l;
+ unsigned long alg_k;
#ifndef OPENSSL_NO_RSA
unsigned char *q;
EVP_PKEY *pkey = NULL;
@@ -1909,13 +2335,13 @@
d = (unsigned char *)s->init_buf->data;
p = &(d[4]);
- l = s->s3->tmp.new_cipher->algorithms;
+ alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
/* Fool emacs indentation */
if (0) {
}
#ifndef OPENSSL_NO_RSA
- else if (l & SSL_kRSA) {
+ else if (alg_k & SSL_kRSA) {
RSA *rsa;
unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH];
@@ -1986,7 +2412,7 @@
}
#endif
#ifndef OPENSSL_NO_KRB5
- else if (l & SSL_kKRB5) {
+ else if (alg_k & SSL_kKRB5) {
krb5_error_code krb5rc;
KSSL_CTX *kssl_ctx = s->kssl_ctx;
/* krb5_data krb5_ap_req; */
@@ -1993,7 +2419,7 @@
krb5_data *enc_ticket;
krb5_data authenticator, *authp = NULL;
EVP_CIPHER_CTX ciph_ctx;
- EVP_CIPHER *enc = NULL;
+ const EVP_CIPHER *enc = NULL;
unsigned char iv[EVP_MAX_IV_LENGTH];
unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH];
unsigned char epms[SSL_MAX_MASTER_KEY_LENGTH + EVP_MAX_IV_LENGTH];
@@ -2002,8 +2428,8 @@
EVP_CIPHER_CTX_init(&ciph_ctx);
# ifdef KSSL_DEBUG
- printf("ssl3_send_client_key_exchange(%lx & %lx)\n",
- l, SSL_kKRB5);
+ fprintf(stderr, "ssl3_send_client_key_exchange(%lx & %lx)\n",
+ alg_k, SSL_kKRB5);
# endif /* KSSL_DEBUG */
authp = NULL;
@@ -2018,9 +2444,10 @@
goto err;
# ifdef KSSL_DEBUG
{
- printf("kssl_cget_tkt rtn %d\n", krb5rc);
+ fprintf(stderr, "kssl_cget_tkt rtn %d\n", krb5rc);
if (krb5rc && kssl_err.text)
- printf("kssl_cget_tkt kssl_err=%s\n", kssl_err.text);
+ fprintf(stderr, "kssl_cget_tkt kssl_err=%s\n",
+ kssl_err.text);
}
# endif /* KSSL_DEBUG */
@@ -2090,7 +2517,7 @@
sizeof tmp_buf);
EVP_EncryptFinal_ex(&ciph_ctx, &(epms[outl]), &padl);
outl += padl;
- if (outl > sizeof epms) {
+ if (outl > (int)sizeof epms) {
SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
ERR_R_INTERNAL_ERROR);
goto err;
@@ -2115,7 +2542,7 @@
}
#endif
#ifndef OPENSSL_NO_DH
- else if (l & (SSL_kEDH | SSL_kDHr | SSL_kDHd)) {
+ else if (alg_k & (SSL_kEDH | SSL_kDHr | SSL_kDHd)) {
DH *dh_srvr, *dh_clnt;
if (s->session->sess_cert == NULL) {
@@ -2142,6 +2569,7 @@
}
if (!DH_generate_key(dh_clnt)) {
SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_DH_LIB);
+ DH_free(dh_clnt);
goto err;
}
@@ -2154,6 +2582,7 @@
if (n <= 0) {
SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_DH_LIB);
+ DH_free(dh_clnt);
goto err;
}
@@ -2173,13 +2602,11 @@
n += 2;
DH_free(dh_clnt);
-
- /* perhaps clean things up a bit EAY EAY EAY EAY */
}
#endif
#ifndef OPENSSL_NO_ECDH
- else if ((l & SSL_kECDH) || (l & SSL_kECDHE)) {
+ else if (alg_k & (SSL_kEECDH | SSL_kECDHr | SSL_kECDHe)) {
const EC_GROUP *srvr_group = NULL;
EC_KEY *tkey;
int ecdh_clnt_cert = 0;
@@ -2197,7 +2624,7 @@
* computation as part of client certificate? If so, set
* ecdh_clnt_cert to 1.
*/
- if ((l & SSL_kECDH) && (s->cert != NULL)) {
+ if ((alg_k & (SSL_kECDHr | SSL_kECDHe)) && (s->cert != NULL)) {
/*-
* XXX: For now, we do not support client
* authentication using ECDH certificates.
@@ -2356,6 +2783,242 @@
EVP_PKEY_free(srvr_pub_pkey);
}
#endif /* !OPENSSL_NO_ECDH */
+ else if (alg_k & SSL_kGOST) {
+ /* GOST key exchange message creation */
+ EVP_PKEY_CTX *pkey_ctx;
+ X509 *peer_cert;
+ size_t msglen;
+ unsigned int md_len;
+ int keytype;
+ unsigned char premaster_secret[32], shared_ukm[32], tmp[256];
+ EVP_MD_CTX *ukm_hash;
+ EVP_PKEY *pub_key;
+
+ /*
+ * Get server sertificate PKEY and create ctx from it
+ */
+ peer_cert =
+ s->session->
+ sess_cert->peer_pkeys[(keytype = SSL_PKEY_GOST01)].x509;
+ if (!peer_cert)
+ peer_cert =
+ s->session->
+ sess_cert->peer_pkeys[(keytype = SSL_PKEY_GOST94)].x509;
+ if (!peer_cert) {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER);
+ goto err;
+ }
+
+ pkey_ctx = EVP_PKEY_CTX_new(pub_key =
+ X509_get_pubkey(peer_cert), NULL);
+ /*
+ * If we have send a certificate, and certificate key
+ *
+ * * parameters match those of server certificate, use
+ * certificate key for key exchange
+ */
+
+ /* Otherwise, generate ephemeral key pair */
+
+ EVP_PKEY_encrypt_init(pkey_ctx);
+ /* Generate session key */
+ if (RAND_bytes(premaster_secret, 32) <= 0) {
+ EVP_PKEY_CTX_free(pkey_ctx);
+ goto err;
+ }
+ /*
+ * If we have client certificate, use its secret as peer key
+ */
+ if (s->s3->tmp.cert_req && s->cert->key->privatekey) {
+ if (EVP_PKEY_derive_set_peer
+ (pkey_ctx, s->cert->key->privatekey) <= 0) {
+ /*
+ * If there was an error - just ignore it. Ephemeral key
+ * * would be used
+ */
+ ERR_clear_error();
+ }
+ }
+ /*
+ * Compute shared IV and store it in algorithm-specific context
+ * data
+ */
+ ukm_hash = EVP_MD_CTX_create();
+ EVP_DigestInit(ukm_hash,
+ EVP_get_digestbynid(NID_id_GostR3411_94));
+ EVP_DigestUpdate(ukm_hash, s->s3->client_random,
+ SSL3_RANDOM_SIZE);
+ EVP_DigestUpdate(ukm_hash, s->s3->server_random,
+ SSL3_RANDOM_SIZE);
+ EVP_DigestFinal_ex(ukm_hash, shared_ukm, &md_len);
+ EVP_MD_CTX_destroy(ukm_hash);
+ if (EVP_PKEY_CTX_ctrl
+ (pkey_ctx, -1, EVP_PKEY_OP_ENCRYPT, EVP_PKEY_CTRL_SET_IV, 8,
+ shared_ukm) < 0) {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ SSL_R_LIBRARY_BUG);
+ goto err;
+ }
+ /* Make GOST keytransport blob message */
+ /*
+ * Encapsulate it into sequence
+ */
+ *(p++) = V_ASN1_SEQUENCE | V_ASN1_CONSTRUCTED;
+ msglen = 255;
+ if (EVP_PKEY_encrypt(pkey_ctx, tmp, &msglen, premaster_secret, 32)
+ < 0) {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ SSL_R_LIBRARY_BUG);
+ goto err;
+ }
+ if (msglen >= 0x80) {
+ *(p++) = 0x81;
+ *(p++) = msglen & 0xff;
+ n = msglen + 3;
+ } else {
+ *(p++) = msglen & 0xff;
+ n = msglen + 2;
+ }
+ memcpy(p, tmp, msglen);
+ /* Check if pubkey from client certificate was used */
+ if (EVP_PKEY_CTX_ctrl
+ (pkey_ctx, -1, -1, EVP_PKEY_CTRL_PEER_KEY, 2, NULL) > 0) {
+ /* Set flag "skip certificate verify" */
+ s->s3->flags |= TLS1_FLAGS_SKIP_CERT_VERIFY;
+ }
+ EVP_PKEY_CTX_free(pkey_ctx);
+ s->session->master_key_length =
+ s->method->ssl3_enc->generate_master_secret(s,
+ s->
+ session->master_key,
+ premaster_secret,
+ 32);
+ EVP_PKEY_free(pub_key);
+
+ }
+#ifndef OPENSSL_NO_SRP
+ else if (alg_k & SSL_kSRP) {
+ if (s->srp_ctx.A != NULL) {
+ /* send off the data */
+ n = BN_num_bytes(s->srp_ctx.A);
+ s2n(n, p);
+ BN_bn2bin(s->srp_ctx.A, p);
+ n += 2;
+ } else {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+ if (s->session->srp_username != NULL)
+ OPENSSL_free(s->session->srp_username);
+ s->session->srp_username = BUF_strdup(s->srp_ctx.login);
+ if (s->session->srp_username == NULL) {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ if ((s->session->master_key_length =
+ SRP_generate_client_master_secret(s,
+ s->session->master_key)) <
+ 0) {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+ }
+#endif
+#ifndef OPENSSL_NO_PSK
+ else if (alg_k & SSL_kPSK) {
+ /*
+ * The callback needs PSK_MAX_IDENTITY_LEN + 1 bytes to return a
+ * \0-terminated identity. The last byte is for us for simulating
+ * strnlen.
+ */
+ char identity[PSK_MAX_IDENTITY_LEN + 2];
+ size_t identity_len;
+ unsigned char *t = NULL;
+ unsigned char psk_or_pre_ms[PSK_MAX_PSK_LEN * 2 + 4];
+ unsigned int pre_ms_len = 0, psk_len = 0;
+ int psk_err = 1;
+
+ n = 0;
+ if (s->psk_client_callback == NULL) {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ SSL_R_PSK_NO_CLIENT_CB);
+ goto err;
+ }
+
+ memset(identity, 0, sizeof(identity));
+ psk_len = s->psk_client_callback(s, s->ctx->psk_identity_hint,
+ identity, sizeof(identity) - 1,
+ psk_or_pre_ms,
+ sizeof(psk_or_pre_ms));
+ if (psk_len > PSK_MAX_PSK_LEN) {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_INTERNAL_ERROR);
+ goto psk_err;
+ } else if (psk_len == 0) {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ SSL_R_PSK_IDENTITY_NOT_FOUND);
+ goto psk_err;
+ }
+ identity[PSK_MAX_IDENTITY_LEN + 1] = '\0';
+ identity_len = strlen(identity);
+ if (identity_len > PSK_MAX_IDENTITY_LEN) {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_INTERNAL_ERROR);
+ goto psk_err;
+ }
+ /* create PSK pre_master_secret */
+ pre_ms_len = 2 + psk_len + 2 + psk_len;
+ t = psk_or_pre_ms;
+ memmove(psk_or_pre_ms + psk_len + 4, psk_or_pre_ms, psk_len);
+ s2n(psk_len, t);
+ memset(t, 0, psk_len);
+ t += psk_len;
+ s2n(psk_len, t);
+
+ if (s->session->psk_identity_hint != NULL)
+ OPENSSL_free(s->session->psk_identity_hint);
+ s->session->psk_identity_hint =
+ BUF_strdup(s->ctx->psk_identity_hint);
+ if (s->ctx->psk_identity_hint != NULL
+ && s->session->psk_identity_hint == NULL) {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_MALLOC_FAILURE);
+ goto psk_err;
+ }
+
+ if (s->session->psk_identity != NULL)
+ OPENSSL_free(s->session->psk_identity);
+ s->session->psk_identity = BUF_strdup(identity);
+ if (s->session->psk_identity == NULL) {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_MALLOC_FAILURE);
+ goto psk_err;
+ }
+
+ s->session->master_key_length =
+ s->method->ssl3_enc->generate_master_secret(s,
+ s->
+ session->master_key,
+ psk_or_pre_ms,
+ pre_ms_len);
+ s2n(identity_len, p);
+ memcpy(p, identity, identity_len);
+ n = 2 + identity_len;
+ psk_err = 0;
+ psk_err:
+ OPENSSL_cleanse(identity, sizeof(identity));
+ OPENSSL_cleanse(psk_or_pre_ms, sizeof(psk_or_pre_ms));
+ if (psk_err != 0) {
+ ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
+ goto err;
+ }
+ }
+#endif
else {
ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
@@ -2382,6 +3045,7 @@
EC_KEY_free(clnt_ecdh);
EVP_PKEY_free(srvr_pub_pkey);
#endif
+ s->state = SSL_ST_ERR;
return (-1);
}
@@ -2390,30 +3054,65 @@
unsigned char *p, *d;
unsigned char data[MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH];
EVP_PKEY *pkey;
-#ifndef OPENSSL_NO_RSA
+ EVP_PKEY_CTX *pctx = NULL;
+ EVP_MD_CTX mctx;
unsigned u = 0;
-#endif
unsigned long n;
-#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_ECDSA)
int j;
-#endif
+ EVP_MD_CTX_init(&mctx);
+
if (s->state == SSL3_ST_CW_CERT_VRFY_A) {
d = (unsigned char *)s->init_buf->data;
p = &(d[4]);
pkey = s->cert->key->privatekey;
-
- s->method->ssl3_enc->cert_verify_mac(s, &(s->s3->finish_dgst2),
- &(data[MD5_DIGEST_LENGTH]));
-
+/* Create context from key and test if sha1 is allowed as digest */
+ pctx = EVP_PKEY_CTX_new(pkey, NULL);
+ EVP_PKEY_sign_init(pctx);
+ if (EVP_PKEY_CTX_set_signature_md(pctx, EVP_sha1()) > 0) {
+ if (TLS1_get_version(s) < TLS1_2_VERSION)
+ s->method->ssl3_enc->cert_verify_mac(s,
+ NID_sha1,
+ &(data
+ [MD5_DIGEST_LENGTH]));
+ } else {
+ ERR_clear_error();
+ }
+ /*
+ * For TLS v1.2 send signature algorithm and signature using agreed
+ * digest and cached handshake records.
+ */
+ if (TLS1_get_version(s) >= TLS1_2_VERSION) {
+ long hdatalen = 0;
+ void *hdata;
+ const EVP_MD *md = s->cert->key->digest;
+ hdatalen = BIO_get_mem_data(s->s3->handshake_buffer, &hdata);
+ if (hdatalen <= 0 || !tls12_get_sigandhash(p, pkey, md)) {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+ p += 2;
+#ifdef SSL_DEBUG
+ fprintf(stderr, "Using TLS 1.2 with client alg %s\n",
+ EVP_MD_name(md));
+#endif
+ if (!EVP_SignInit_ex(&mctx, md, NULL)
+ || !EVP_SignUpdate(&mctx, hdata, hdatalen)
+ || !EVP_SignFinal(&mctx, p + 2, &u, pkey)) {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY, ERR_R_EVP_LIB);
+ goto err;
+ }
+ s2n(u, p);
+ n = u + 4;
+ if (!ssl3_digest_cached_records(s))
+ goto err;
+ } else
#ifndef OPENSSL_NO_RSA
if (pkey->type == EVP_PKEY_RSA) {
- s->method->ssl3_enc->cert_verify_mac(s,
- &(s->s3->finish_dgst1),
- &(data[0]));
- if (RSA_sign
- (NID_md5_sha1, data, MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH,
- &(p[2]), &u, pkey->pkey.rsa) <= 0) {
+ s->method->ssl3_enc->cert_verify_mac(s, NID_md5, &(data[0]));
+ if (RSA_sign(NID_md5_sha1, data,
+ MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH,
+ &(p[2]), &u, pkey->pkey.rsa) <= 0) {
SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY, ERR_R_RSA_LIB);
goto err;
}
@@ -2447,7 +3146,23 @@
n = j + 2;
} else
#endif
- {
+ if (pkey->type == NID_id_GostR3410_94
+ || pkey->type == NID_id_GostR3410_2001) {
+ unsigned char signbuf[64];
+ int i;
+ size_t sigsize = 64;
+ s->method->ssl3_enc->cert_verify_mac(s,
+ NID_id_GostR3411_94, data);
+ if (EVP_PKEY_sign(pctx, signbuf, &sigsize, data, 32) <= 0) {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+ for (i = 63, j = 0; i >= 0; j++, i--) {
+ p[2 + j] = signbuf[i];
+ }
+ s2n(j, p);
+ n = j + 2;
+ } else {
SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY, ERR_R_INTERNAL_ERROR);
goto err;
}
@@ -2458,8 +3173,13 @@
s->init_num = (int)n + 4;
s->init_off = 0;
}
+ EVP_MD_CTX_cleanup(&mctx);
+ EVP_PKEY_CTX_free(pctx);
return (ssl3_do_write(s, SSL3_RT_HANDSHAKE));
err:
+ EVP_MD_CTX_cleanup(&mctx);
+ EVP_PKEY_CTX_free(pctx);
+ s->state = SSL_ST_ERR;
return (-1);
}
@@ -2525,6 +3245,12 @@
l = ssl3_output_cert_chain(s,
(s->s3->tmp.cert_req ==
2) ? NULL : s->cert->key->x509);
+ if (!l) {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_CERTIFICATE, ERR_R_INTERNAL_ERROR);
+ ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
+ s->state = SSL_ST_ERR;
+ return 0;
+ }
s->init_num = (int)l;
s->init_off = 0;
}
@@ -2537,8 +3263,9 @@
int ssl3_check_cert_and_algorithm(SSL *s)
{
int i, idx;
- long algs;
+ long alg_k, alg_a;
EVP_PKEY *pkey = NULL;
+ int pkey_bits;
SESS_CERT *sc;
#ifndef OPENSSL_NO_RSA
RSA *rsa;
@@ -2546,15 +3273,16 @@
#ifndef OPENSSL_NO_DH
DH *dh;
#endif
+ int al = SSL_AD_HANDSHAKE_FAILURE;
- sc = s->session->sess_cert;
+ alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
+ alg_a = s->s3->tmp.new_cipher->algorithm_auth;
- algs = s->s3->tmp.new_cipher->algorithms;
-
/* we don't have a certificate */
- if (algs & (SSL_aDH | SSL_aNULL | SSL_aKRB5))
+ if ((alg_a & (SSL_aDH | SSL_aNULL | SSL_aKRB5)) || (alg_k & SSL_kPSK))
return (1);
+ sc = s->session->sess_cert;
if (sc == NULL) {
SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, ERR_R_INTERNAL_ERROR);
goto err;
@@ -2571,8 +3299,7 @@
idx = sc->peer_cert_type;
#ifndef OPENSSL_NO_ECDH
if (idx == SSL_PKEY_ECC) {
- if (check_srvr_ecc_cert_and_alg(sc->peer_pkeys[idx].x509,
- s->s3->tmp.new_cipher) == 0) {
+ if (ssl_check_srvr_ecc_cert_and_alg(sc->peer_pkeys[idx].x509, s) == 0) {
/* check failed */
SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, SSL_R_BAD_ECC_CERT);
goto f_err;
@@ -2582,17 +3309,18 @@
}
#endif
pkey = X509_get_pubkey(sc->peer_pkeys[idx].x509);
+ pkey_bits = EVP_PKEY_bits(pkey);
i = X509_certificate_type(sc->peer_pkeys[idx].x509, pkey);
EVP_PKEY_free(pkey);
/* Check that we have a certificate if we require one */
- if ((algs & SSL_aRSA) && !has_bits(i, EVP_PK_RSA | EVP_PKT_SIGN)) {
+ if ((alg_a & SSL_aRSA) && !has_bits(i, EVP_PK_RSA | EVP_PKT_SIGN)) {
SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
SSL_R_MISSING_RSA_SIGNING_CERT);
goto f_err;
}
#ifndef OPENSSL_NO_DSA
- else if ((algs & SSL_aDSS) && !has_bits(i, EVP_PK_DSA | EVP_PKT_SIGN)) {
+ else if ((alg_a & SSL_aDSS) && !has_bits(i, EVP_PK_DSA | EVP_PKT_SIGN)) {
SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
SSL_R_MISSING_DSA_SIGNING_CERT);
goto f_err;
@@ -2599,38 +3327,71 @@
}
#endif
#ifndef OPENSSL_NO_RSA
- if ((algs & SSL_kRSA) &&
- !(has_bits(i, EVP_PK_RSA | EVP_PKT_ENC) || (rsa != NULL))) {
- SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
- SSL_R_MISSING_RSA_ENCRYPTING_CERT);
- goto f_err;
+ if (alg_k & SSL_kRSA) {
+ if (!SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) &&
+ !has_bits(i, EVP_PK_RSA | EVP_PKT_ENC)) {
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
+ SSL_R_MISSING_RSA_ENCRYPTING_CERT);
+ goto f_err;
+ } else if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher)) {
+ if (pkey_bits <= SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)) {
+ if (!has_bits(i, EVP_PK_RSA | EVP_PKT_ENC)) {
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
+ SSL_R_MISSING_RSA_ENCRYPTING_CERT);
+ goto f_err;
+ }
+ if (rsa != NULL) {
+ /* server key exchange is not allowed. */
+ al = SSL_AD_INTERNAL_ERROR;
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, ERR_R_INTERNAL_ERROR);
+ goto f_err;
+ }
+ }
+ }
}
#endif
#ifndef OPENSSL_NO_DH
- if ((algs & SSL_kEDH) &&
- !(has_bits(i, EVP_PK_DH | EVP_PKT_EXCH) || (dh != NULL))) {
- SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, SSL_R_MISSING_DH_KEY);
+ if ((alg_k & SSL_kEDH) && dh == NULL) {
+ al = SSL_AD_INTERNAL_ERROR;
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, ERR_R_INTERNAL_ERROR);
goto f_err;
- } else if ((algs & SSL_kDHr) && !has_bits(i, EVP_PK_DH | EVP_PKS_RSA)) {
+ }
+ if ((alg_k & SSL_kDHr) && !has_bits(i, EVP_PK_DH | EVP_PKS_RSA)) {
SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
SSL_R_MISSING_DH_RSA_CERT);
goto f_err;
}
# ifndef OPENSSL_NO_DSA
- else if ((algs & SSL_kDHd) && !has_bits(i, EVP_PK_DH | EVP_PKS_DSA)) {
+ if ((alg_k & SSL_kDHd) && !has_bits(i, EVP_PK_DH | EVP_PKS_DSA)) {
SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
SSL_R_MISSING_DH_DSA_CERT);
goto f_err;
}
# endif
-#endif
- if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) && !has_bits(i, EVP_PKT_EXP)) {
+ /* Check DHE only: static DH not implemented. */
+ if (alg_k & SSL_kEDH) {
+ int dh_size = BN_num_bits(dh->p);
+ if ((!SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) && dh_size < 768)
+ || (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) && dh_size < 512)) {
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, SSL_R_DH_KEY_TOO_SMALL);
+ goto f_err;
+ }
+ }
+#endif /* !OPENSSL_NO_DH */
+
+ if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) &&
+ pkey_bits > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)) {
#ifndef OPENSSL_NO_RSA
- if (algs & SSL_kRSA) {
- if (rsa == NULL
- || RSA_size(rsa) * 8 >
+ if (alg_k & SSL_kRSA) {
+ if (rsa == NULL) {
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
+ SSL_R_MISSING_EXPORT_TMP_RSA_KEY);
+ goto f_err;
+ } else if (BN_num_bits(rsa->n) >
SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)) {
+ /* We have a temporary RSA key but it's too large. */
+ al = SSL_AD_EXPORT_RESTRICTION;
SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
SSL_R_MISSING_EXPORT_TMP_RSA_KEY);
goto f_err;
@@ -2638,14 +3399,21 @@
} else
#endif
#ifndef OPENSSL_NO_DH
- if (algs & (SSL_kEDH | SSL_kDHr | SSL_kDHd)) {
- if (dh == NULL
- || DH_size(dh) * 8 >
+ if (alg_k & SSL_kEDH) {
+ if (BN_num_bits(dh->p) >
SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)) {
+ /* We have a temporary DH key but it's too large. */
+ al = SSL_AD_EXPORT_RESTRICTION;
SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
SSL_R_MISSING_EXPORT_TMP_DH_KEY);
goto f_err;
}
+ } else if (alg_k & (SSL_kDHr | SSL_kDHd)) {
+ /* The cert should have had an export DH key. */
+ al = SSL_AD_EXPORT_RESTRICTION;
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
+ SSL_R_MISSING_EXPORT_TMP_DH_KEY);
+ goto f_err;
} else
#endif
{
@@ -2656,92 +3424,87 @@
}
return (1);
f_err:
- ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
+ ssl3_send_alert(s, SSL3_AL_FATAL, al);
err:
return (0);
}
-#ifndef OPENSSL_NO_ECDH
-/* This is the complement of nid2curve_id in s3_srvr.c. */
-static int curve_id2nid(int curve_id)
+#ifndef OPENSSL_NO_TLSEXT
+/*
+ * Normally, we can tell if the server is resuming the session from
+ * the session ID. EAP-FAST (RFC 4851), however, relies on the next server
+ * message after the ServerHello to determine if the server is resuming.
+ * Therefore, we allow EAP-FAST to peek ahead.
+ * ssl3_check_finished returns 1 if we are resuming from an external
+ * pre-shared secret, we have a "ticket" and the next server handshake message
+ * is Finished; and 0 otherwise. It returns -1 upon an error.
+ */
+static int ssl3_check_finished(SSL *s)
{
- /*
- * ECC curves from draft-ietf-tls-ecc-01.txt (Mar 15, 2001) (no changes
- * in draft-ietf-tls-ecc-03.txt [June 2003])
- */
- static int nid_list[26] = {
- 0,
- NID_sect163k1, /* sect163k1 (1) */
- NID_sect163r1, /* sect163r1 (2) */
- NID_sect163r2, /* sect163r2 (3) */
- NID_sect193r1, /* sect193r1 (4) */
- NID_sect193r2, /* sect193r2 (5) */
- NID_sect233k1, /* sect233k1 (6) */
- NID_sect233r1, /* sect233r1 (7) */
- NID_sect239k1, /* sect239k1 (8) */
- NID_sect283k1, /* sect283k1 (9) */
- NID_sect283r1, /* sect283r1 (10) */
- NID_sect409k1, /* sect409k1 (11) */
- NID_sect409r1, /* sect409r1 (12) */
- NID_sect571k1, /* sect571k1 (13) */
- NID_sect571r1, /* sect571r1 (14) */
- NID_secp160k1, /* secp160k1 (15) */
- NID_secp160r1, /* secp160r1 (16) */
- NID_secp160r2, /* secp160r2 (17) */
- NID_secp192k1, /* secp192k1 (18) */
- NID_X9_62_prime192v1, /* secp192r1 (19) */
- NID_secp224k1, /* secp224k1 (20) */
- NID_secp224r1, /* secp224r1 (21) */
- NID_secp256k1, /* secp256k1 (22) */
- NID_X9_62_prime256v1, /* secp256r1 (23) */
- NID_secp384r1, /* secp384r1 (24) */
- NID_secp521r1 /* secp521r1 (25) */
- };
+ int ok = 0;
- if ((curve_id < 1) || (curve_id > 25))
+ if (s->version < TLS1_VERSION || !s->tls_session_secret_cb ||
+ !s->session->tlsext_tick)
return 0;
- return nid_list[curve_id];
-}
-#endif
-
-/*
- * Check to see if handshake is full or resumed. Usually this is just a case
- * of checking to see if a cache hit has occurred. In the case of session
- * tickets we have to check the next message to be sure.
- */
-
-#ifndef OPENSSL_NO_TLSEXT
-int ssl3_check_finished(SSL *s)
-{
- int ok;
- long n;
+ /* Need to permit this temporarily, in case the next message is Finished. */
+ s->s3->flags |= SSL3_FLAGS_CCS_OK;
/*
- * If we have no ticket or session ID is non-zero length (a match of a
- * non-zero session length would never reach here) it cannot be a resumed
- * session.
+ * This function is called when we might get a Certificate message instead,
+ * so permit appropriate message length.
+ * We ignore the return value as we're only interested in the message type
+ * and not its length.
*/
- if (!s->session->tlsext_tick || s->session->session_id_length)
- return 1;
- /*
- * this function is called when we really expect a Certificate message,
- * so permit appropriate message length
- */
- n = s->method->ssl_get_message(s,
- SSL3_ST_CR_CERT_A,
- SSL3_ST_CR_CERT_B,
- -1, s->max_cert_list, &ok);
+ s->method->ssl_get_message(s,
+ SSL3_ST_CR_CERT_A,
+ SSL3_ST_CR_CERT_B,
+ -1, s->max_cert_list, &ok);
+ s->s3->flags &= ~SSL3_FLAGS_CCS_OK;
+
if (!ok)
- return ((int)n);
+ return -1;
+
s->s3->tmp.reuse_message = 1;
- if ((s->s3->tmp.message_type == SSL3_MT_FINISHED)
- || (s->s3->tmp.message_type == SSL3_MT_NEWSESSION_TICKET))
- return 2;
- return 1;
+ if (s->s3->tmp.message_type == SSL3_MT_FINISHED)
+ return 1;
+
+ /* If we're not done, then the CCS arrived early and we should bail. */
+ if (s->s3->change_cipher_spec) {
+ SSLerr(SSL_F_SSL3_CHECK_FINISHED, SSL_R_CCS_RECEIVED_EARLY);
+ ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
+ return -1;
+ }
+
+ return 0;
}
-#endif
+# ifndef OPENSSL_NO_NEXTPROTONEG
+int ssl3_send_next_proto(SSL *s)
+{
+ unsigned int len, padding_len;
+ unsigned char *d;
+
+ if (s->state == SSL3_ST_CW_NEXT_PROTO_A) {
+ len = s->next_proto_negotiated_len;
+ padding_len = 32 - ((len + 2) % 32);
+ d = (unsigned char *)s->init_buf->data;
+ d[4] = len;
+ memcpy(d + 5, s->next_proto_negotiated, len);
+ d[5 + len] = padding_len;
+ memset(d + 6 + len, 0, padding_len);
+ *(d++) = SSL3_MT_NEXT_PROTO;
+ l2n3(2 + len + padding_len, d);
+ s->state = SSL3_ST_CW_NEXT_PROTO_B;
+ s->init_num = 4 + 2 + len + padding_len;
+ s->init_off = 0;
+ }
+
+ return ssl3_do_write(s, SSL3_RT_HANDSHAKE);
+}
+#endif /* !OPENSSL_NO_NEXTPROTONEG */
+#endif /* !OPENSSL_NO_TLSEXT */
+
int ssl_do_client_cert_cb(SSL *s, X509 **px509, EVP_PKEY **ppkey)
{
int i = 0;
Modified: trunk/crypto/openssl/ssl/s3_enc.c
===================================================================
--- trunk/crypto/openssl/ssl/s3_enc.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/ssl/s3_enc.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -56,7 +56,7 @@
* [including the GNU Public Licence.]
*/
/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -108,6 +108,32 @@
* Hudson (tjh at cryptsoft.com).
*
*/
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
#include <stdio.h>
#include "ssl_locl.h"
@@ -132,9 +158,8 @@
0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c
};
-static int ssl3_handshake_mac(SSL *s, EVP_MD_CTX *in_ctx,
+static int ssl3_handshake_mac(SSL *s, int md_nid,
const char *sender, int len, unsigned char *p);
-
static int ssl3_generate_key_block(SSL *s, unsigned char *km, int num)
{
EVP_MD_CTX m5;
@@ -206,6 +231,8 @@
is_exp = SSL_C_IS_EXPORT(s->s3->tmp.new_cipher);
c = s->s3->tmp.new_sym_enc;
m = s->s3->tmp.new_hash;
+ /* m == NULL will lead to a crash later */
+ OPENSSL_assert(m);
#ifndef OPENSSL_NO_COMP
if (s->s3->tmp.new_compression == NULL)
comp = NULL;
@@ -225,7 +252,8 @@
*/
EVP_CIPHER_CTX_init(s->enc_read_ctx);
dd = s->enc_read_ctx;
- s->read_hash = m;
+
+ ssl_replace_hash(&s->read_hash, m);
#ifndef OPENSSL_NO_COMP
/* COMPRESS */
if (s->expand != NULL) {
@@ -260,7 +288,7 @@
*/
EVP_CIPHER_CTX_init(s->enc_write_ctx);
dd = s->enc_write_ctx;
- s->write_hash = m;
+ ssl_replace_hash(&s->write_hash, m);
#ifndef OPENSSL_NO_COMP
/* COMPRESS */
if (s->compress != NULL) {
@@ -285,6 +313,8 @@
p = s->s3->tmp.key_block;
i = EVP_MD_size(m);
+ if (i < 0)
+ goto err2;
cl = EVP_CIPHER_key_length(c);
j = is_exp ? (cl < SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher) ?
cl : SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher)) : cl;
@@ -366,7 +396,7 @@
if (s->s3->tmp.key_block_length != 0)
return (1);
- if (!ssl_cipher_get_evp(s->session, &c, &hash, &comp)) {
+ if (!ssl_cipher_get_evp(s->session, &c, &hash, NULL, NULL, &comp)) {
SSLerr(SSL_F_SSL3_SETUP_KEY_BLOCK, SSL_R_CIPHER_OR_HASH_UNAVAILABLE);
return (0);
}
@@ -379,9 +409,11 @@
s->s3->tmp.new_compression = comp;
#endif
- num =
- EVP_CIPHER_key_length(c) + EVP_MD_size(hash) +
- EVP_CIPHER_iv_length(c);
+ num = EVP_MD_size(hash);
+ if (num < 0)
+ return 0;
+
+ num = EVP_CIPHER_key_length(c) + num + EVP_CIPHER_iv_length(c);
num *= 2;
ssl3_cleanup_key_block(s);
@@ -402,11 +434,11 @@
s->s3->need_empty_fragments = 1;
if (s->session->cipher != NULL) {
- if ((s->session->cipher->algorithms & SSL_ENC_MASK) == SSL_eNULL)
+ if (s->session->cipher->algorithm_enc == SSL_eNULL)
s->s3->need_empty_fragments = 0;
#ifndef OPENSSL_NO_RC4
- if ((s->session->cipher->algorithms & SSL_ENC_MASK) == SSL_RC4)
+ if (s->session->cipher->algorithm_enc == SSL_RC4)
s->s3->need_empty_fragments = 0;
#endif
}
@@ -492,11 +524,11 @@
/* otherwise, rec->length >= bs */
}
- EVP_Cipher(ds, rec->data, rec->input, l);
+ if (EVP_Cipher(ds, rec->data, rec->input, l) < 1)
+ return -1;
- if (s->read_hash != NULL)
- mac_size = EVP_MD_size(s->read_hash);
-
+ if (EVP_MD_CTX_md(s->read_hash) != NULL)
+ mac_size = EVP_MD_CTX_size(s->read_hash);
if ((bs != 1) && !send)
return ssl3_cbc_remove_padding(s, rec, bs, mac_size);
}
@@ -505,35 +537,109 @@
void ssl3_init_finished_mac(SSL *s)
{
- EVP_MD_CTX_set_flags(&(s->s3->finish_dgst1),
- EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
- EVP_DigestInit_ex(&(s->s3->finish_dgst1), s->ctx->md5, NULL);
- EVP_DigestInit_ex(&(s->s3->finish_dgst2), s->ctx->sha1, NULL);
+ if (s->s3->handshake_buffer)
+ BIO_free(s->s3->handshake_buffer);
+ if (s->s3->handshake_dgst)
+ ssl3_free_digest_list(s);
+ s->s3->handshake_buffer = BIO_new(BIO_s_mem());
+ (void)BIO_set_close(s->s3->handshake_buffer, BIO_CLOSE);
}
+void ssl3_free_digest_list(SSL *s)
+{
+ int i;
+ if (!s->s3->handshake_dgst)
+ return;
+ for (i = 0; i < SSL_MAX_DIGEST; i++) {
+ if (s->s3->handshake_dgst[i])
+ EVP_MD_CTX_destroy(s->s3->handshake_dgst[i]);
+ }
+ OPENSSL_free(s->s3->handshake_dgst);
+ s->s3->handshake_dgst = NULL;
+}
+
void ssl3_finish_mac(SSL *s, const unsigned char *buf, int len)
{
- EVP_DigestUpdate(&(s->s3->finish_dgst1), buf, len);
- EVP_DigestUpdate(&(s->s3->finish_dgst2), buf, len);
+ if (s->s3->handshake_buffer
+ && !(s->s3->flags & TLS1_FLAGS_KEEP_HANDSHAKE)) {
+ BIO_write(s->s3->handshake_buffer, (void *)buf, len);
+ } else {
+ int i;
+ for (i = 0; i < SSL_MAX_DIGEST; i++) {
+ if (s->s3->handshake_dgst[i] != NULL)
+ EVP_DigestUpdate(s->s3->handshake_dgst[i], buf, len);
+ }
+ }
}
-int ssl3_cert_verify_mac(SSL *s, EVP_MD_CTX *ctx, unsigned char *p)
+int ssl3_digest_cached_records(SSL *s)
{
- return (ssl3_handshake_mac(s, ctx, NULL, 0, p));
+ int i;
+ long mask;
+ const EVP_MD *md;
+ long hdatalen;
+ void *hdata;
+
+ /* Allocate handshake_dgst array */
+ ssl3_free_digest_list(s);
+ s->s3->handshake_dgst =
+ OPENSSL_malloc(SSL_MAX_DIGEST * sizeof(EVP_MD_CTX *));
+ memset(s->s3->handshake_dgst, 0, SSL_MAX_DIGEST * sizeof(EVP_MD_CTX *));
+ hdatalen = BIO_get_mem_data(s->s3->handshake_buffer, &hdata);
+ if (hdatalen <= 0) {
+ SSLerr(SSL_F_SSL3_DIGEST_CACHED_RECORDS, SSL_R_BAD_HANDSHAKE_LENGTH);
+ return 0;
+ }
+
+ /* Loop through bitso of algorithm2 field and create MD_CTX-es */
+ for (i = 0; ssl_get_handshake_digest(i, &mask, &md); i++) {
+ if ((mask & ssl_get_algorithm2(s)) && md) {
+ s->s3->handshake_dgst[i] = EVP_MD_CTX_create();
+#ifdef OPENSSL_FIPS
+ if (EVP_MD_nid(md) == NID_md5) {
+ EVP_MD_CTX_set_flags(s->s3->handshake_dgst[i],
+ EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
+ }
+#endif
+ EVP_DigestInit_ex(s->s3->handshake_dgst[i], md, NULL);
+ EVP_DigestUpdate(s->s3->handshake_dgst[i], hdata, hdatalen);
+ } else {
+ s->s3->handshake_dgst[i] = NULL;
+ }
+ }
+ if (!(s->s3->flags & TLS1_FLAGS_KEEP_HANDSHAKE)) {
+ /* Free handshake_buffer BIO */
+ BIO_free(s->s3->handshake_buffer);
+ s->s3->handshake_buffer = NULL;
+ }
+
+ return 1;
}
-int ssl3_final_finish_mac(SSL *s, EVP_MD_CTX *ctx1, EVP_MD_CTX *ctx2,
+int ssl3_cert_verify_mac(SSL *s, int md_nid, unsigned char *p)
+{
+ return (ssl3_handshake_mac(s, md_nid, NULL, 0, p));
+}
+
+int ssl3_final_finish_mac(SSL *s,
const char *sender, int len, unsigned char *p)
{
- int ret;
+ int ret, sha1len;
+ ret = ssl3_handshake_mac(s, NID_md5, sender, len, p);
+ if (ret == 0)
+ return 0;
- ret = ssl3_handshake_mac(s, ctx1, sender, len, p);
p += ret;
- ret += ssl3_handshake_mac(s, ctx2, sender, len, p);
+
+ sha1len = ssl3_handshake_mac(s, NID_sha1, sender, len, p);
+ if (sha1len == 0)
+ return 0;
+
+ ret += sha1len;
return (ret);
}
-static int ssl3_handshake_mac(SSL *s, EVP_MD_CTX *in_ctx,
+static int ssl3_handshake_mac(SSL *s, int md_nid,
const char *sender, int len, unsigned char *p)
{
unsigned int ret;
@@ -540,15 +646,34 @@
int npad, n;
unsigned int i;
unsigned char md_buf[EVP_MAX_MD_SIZE];
- EVP_MD_CTX ctx;
+ EVP_MD_CTX ctx, *d = NULL;
+ if (s->s3->handshake_buffer)
+ if (!ssl3_digest_cached_records(s))
+ return 0;
+
+ /*
+ * Search for digest of specified type in the handshake_dgst array
+ */
+ for (i = 0; i < SSL_MAX_DIGEST; i++) {
+ if (s->s3->handshake_dgst[i]
+ && EVP_MD_CTX_type(s->s3->handshake_dgst[i]) == md_nid) {
+ d = s->s3->handshake_dgst[i];
+ break;
+ }
+ }
+ if (!d) {
+ SSLerr(SSL_F_SSL3_HANDSHAKE_MAC, SSL_R_NO_REQUIRED_DIGEST);
+ return 0;
+ }
EVP_MD_CTX_init(&ctx);
EVP_MD_CTX_set_flags(&ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
- EVP_MD_CTX_copy_ex(&ctx, in_ctx);
+ EVP_MD_CTX_copy_ex(&ctx, d);
+ n = EVP_MD_CTX_size(&ctx);
+ if (n < 0)
+ return 0;
- n = EVP_MD_CTX_size(&ctx);
npad = (48 / n) * n;
-
if (sender != NULL)
EVP_DigestUpdate(&ctx, sender, len);
EVP_DigestUpdate(&ctx, s->session->master_key,
@@ -568,15 +693,16 @@
return ((int)ret);
}
-int ssl3_mac(SSL *ssl, unsigned char *md, int send)
+int n_ssl3_mac(SSL *ssl, unsigned char *md, int send)
{
SSL3_RECORD *rec;
unsigned char *mac_sec, *seq;
EVP_MD_CTX md_ctx;
- const EVP_MD *hash;
+ const EVP_MD_CTX *hash;
unsigned char *p, rec_char;
size_t md_size, orig_len;
int npad;
+ int t;
if (send) {
rec = &(ssl->s3->wrec);
@@ -590,7 +716,10 @@
hash = ssl->read_hash;
}
- md_size = EVP_MD_size(hash);
+ t = EVP_MD_CTX_size(hash);
+ if (t < 0)
+ return -1;
+ md_size = t;
npad = (48 / md_size) * md_size;
/*
@@ -639,7 +768,7 @@
/* Chop the digest off the end :-) */
EVP_MD_CTX_init(&md_ctx);
- EVP_DigestInit_ex(&md_ctx, hash, NULL);
+ EVP_MD_CTX_copy_ex(&md_ctx, hash);
EVP_DigestUpdate(&md_ctx, mac_sec, md_size);
EVP_DigestUpdate(&md_ctx, ssl3_pad_1, npad);
EVP_DigestUpdate(&md_ctx, seq, 8);
@@ -651,7 +780,7 @@
EVP_DigestUpdate(&md_ctx, rec->input, rec->length);
EVP_DigestFinal_ex(&md_ctx, md, NULL);
- EVP_DigestInit_ex(&md_ctx, hash, NULL);
+ EVP_MD_CTX_copy_ex(&md_ctx, hash);
EVP_DigestUpdate(&md_ctx, mac_sec, md_size);
EVP_DigestUpdate(&md_ctx, ssl3_pad_2, npad);
EVP_DigestUpdate(&md_ctx, md, md_size);
Modified: trunk/crypto/openssl/ssl/s3_lib.c
===================================================================
--- trunk/crypto/openssl/ssl/s3_lib.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/ssl/s3_lib.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -56,7 +56,7 @@
* [including the GNU Public Licence.]
*/
/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -121,16 +121,46 @@
* Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories.
*
*/
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
#include <stdio.h>
#include <openssl/objects.h>
#include "ssl_locl.h"
#include "kssl_lcl.h"
+#ifndef OPENSSL_NO_TLSEXT
+# ifndef OPENSSL_NO_EC
+# include "../crypto/ec/ec_lcl.h"
+# endif /* OPENSSL_NO_EC */
+#endif /* OPENSSL_NO_TLSEXT */
#include <openssl/md5.h>
#ifndef OPENSSL_NO_DH
# include <openssl/dh.h>
#endif
-#include <openssl/pq_compat.h>
const char ssl3_version_str[] = "SSLv3" OPENSSL_VERSION_PTEXT;
@@ -138,6 +168,7 @@
/* list of available SSLv3 ciphers (sorted by id) */
OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
+
/* The RSA ciphers */
/* Cipher 01 */
{
@@ -144,79 +175,97 @@
1,
SSL3_TXT_RSA_NULL_MD5,
SSL3_CK_RSA_NULL_MD5,
- SSL_kRSA | SSL_aRSA | SSL_eNULL | SSL_MD5 | SSL_SSLV3,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_eNULL,
+ SSL_MD5,
+ SSL_SSLV3,
SSL_NOT_EXP | SSL_STRONG_NONE,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
0,
0,
- 0,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
+
/* Cipher 02 */
{
1,
SSL3_TXT_RSA_NULL_SHA,
SSL3_CK_RSA_NULL_SHA,
- SSL_kRSA | SSL_aRSA | SSL_eNULL | SSL_SHA1 | SSL_SSLV3,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_eNULL,
+ SSL_SHA1,
+ SSL_SSLV3,
SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
0,
0,
- 0,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
+
/* Cipher 03 */
{
1,
SSL3_TXT_RSA_RC4_40_MD5,
SSL3_CK_RSA_RC4_40_MD5,
- SSL_kRSA | SSL_aRSA | SSL_RC4 | SSL_MD5 | SSL_SSLV3,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_RC4,
+ SSL_MD5,
+ SSL_SSLV3,
SSL_EXPORT | SSL_EXP40,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
40,
128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
+
/* Cipher 04 */
{
1,
SSL3_TXT_RSA_RC4_128_MD5,
SSL3_CK_RSA_RC4_128_MD5,
- SSL_kRSA | SSL_aRSA | SSL_RC4 | SSL_MD5 | SSL_SSLV3,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_RC4,
+ SSL_MD5,
+ SSL_SSLV3,
SSL_NOT_EXP | SSL_MEDIUM,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
+
/* Cipher 05 */
{
1,
SSL3_TXT_RSA_RC4_128_SHA,
SSL3_CK_RSA_RC4_128_SHA,
- SSL_kRSA | SSL_aRSA | SSL_RC4 | SSL_SHA1 | SSL_SSLV3,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_RC4,
+ SSL_SHA1,
+ SSL_SSLV3,
SSL_NOT_EXP | SSL_MEDIUM,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
+
/* Cipher 06 */
{
1,
SSL3_TXT_RSA_RC2_40_MD5,
SSL3_CK_RSA_RC2_40_MD5,
- SSL_kRSA | SSL_aRSA | SSL_RC2 | SSL_MD5 | SSL_SSLV3,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_RC2,
+ SSL_MD5,
+ SSL_SSLV3,
SSL_EXPORT | SSL_EXP40,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
40,
128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
+
/* Cipher 07 */
#ifndef OPENSSL_NO_IDEA
{
@@ -223,54 +272,66 @@
1,
SSL3_TXT_RSA_IDEA_128_SHA,
SSL3_CK_RSA_IDEA_128_SHA,
- SSL_kRSA | SSL_aRSA | SSL_IDEA | SSL_SHA1 | SSL_SSLV3,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_IDEA,
+ SSL_SHA1,
+ SSL_SSLV3,
SSL_NOT_EXP | SSL_MEDIUM,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
#endif
+
/* Cipher 08 */
{
1,
SSL3_TXT_RSA_DES_40_CBC_SHA,
SSL3_CK_RSA_DES_40_CBC_SHA,
- SSL_kRSA | SSL_aRSA | SSL_DES | SSL_SHA1 | SSL_SSLV3,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_DES,
+ SSL_SHA1,
+ SSL_SSLV3,
SSL_EXPORT | SSL_EXP40,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
40,
56,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
+
/* Cipher 09 */
{
1,
SSL3_TXT_RSA_DES_64_CBC_SHA,
SSL3_CK_RSA_DES_64_CBC_SHA,
- SSL_kRSA | SSL_aRSA | SSL_DES | SSL_SHA1 | SSL_SSLV3,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_DES,
+ SSL_SHA1,
+ SSL_SSLV3,
SSL_NOT_EXP | SSL_LOW,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
56,
56,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
+
/* Cipher 0A */
{
1,
SSL3_TXT_RSA_DES_192_CBC3_SHA,
SSL3_CK_RSA_DES_192_CBC3_SHA,
- SSL_kRSA | SSL_aRSA | SSL_3DES | SSL_SHA1 | SSL_SSLV3,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_3DES,
+ SSL_SHA1,
+ SSL_SSLV3,
SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
168,
- 168,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
+
/* The DH ciphers */
/* Cipher 0B */
{
@@ -277,78 +338,95 @@
0,
SSL3_TXT_DH_DSS_DES_40_CBC_SHA,
SSL3_CK_DH_DSS_DES_40_CBC_SHA,
- SSL_kDHd | SSL_aDH | SSL_DES | SSL_SHA1 | SSL_SSLV3,
+ SSL_kDHd,
+ SSL_aDH,
+ SSL_DES,
+ SSL_SHA1,
+ SSL_SSLV3,
SSL_EXPORT | SSL_EXP40,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
40,
56,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
+
/* Cipher 0C */
{
- 0,
+ 0, /* not implemented (non-ephemeral DH) */
SSL3_TXT_DH_DSS_DES_64_CBC_SHA,
SSL3_CK_DH_DSS_DES_64_CBC_SHA,
- SSL_kDHd | SSL_aDH | SSL_DES | SSL_SHA1 | SSL_SSLV3,
+ SSL_kDHd,
+ SSL_aDH,
+ SSL_DES,
+ SSL_SHA1,
+ SSL_SSLV3,
SSL_NOT_EXP | SSL_LOW,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
56,
56,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
+
/* Cipher 0D */
{
- 0,
+ 0, /* not implemented (non-ephemeral DH) */
SSL3_TXT_DH_DSS_DES_192_CBC3_SHA,
SSL3_CK_DH_DSS_DES_192_CBC3_SHA,
- SSL_kDHd | SSL_aDH | SSL_3DES | SSL_SHA1 | SSL_SSLV3,
+ SSL_kDHd,
+ SSL_aDH,
+ SSL_3DES,
+ SSL_SHA1,
+ SSL_SSLV3,
SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
168,
- 168,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
+
/* Cipher 0E */
{
- 0,
+ 0, /* not implemented (non-ephemeral DH) */
SSL3_TXT_DH_RSA_DES_40_CBC_SHA,
SSL3_CK_DH_RSA_DES_40_CBC_SHA,
- SSL_kDHr | SSL_aDH | SSL_DES | SSL_SHA1 | SSL_SSLV3,
+ SSL_kDHr,
+ SSL_aDH,
+ SSL_DES,
+ SSL_SHA1,
+ SSL_SSLV3,
SSL_EXPORT | SSL_EXP40,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
40,
56,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
+
/* Cipher 0F */
{
- 0,
+ 0, /* not implemented (non-ephemeral DH) */
SSL3_TXT_DH_RSA_DES_64_CBC_SHA,
SSL3_CK_DH_RSA_DES_64_CBC_SHA,
- SSL_kDHr | SSL_aDH | SSL_DES | SSL_SHA1 | SSL_SSLV3,
+ SSL_kDHr,
+ SSL_aDH,
+ SSL_DES,
+ SSL_SHA1,
+ SSL_SSLV3,
SSL_NOT_EXP | SSL_LOW,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
56,
56,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
+
/* Cipher 10 */
{
- 0,
+ 0, /* not implemented (non-ephemeral DH) */
SSL3_TXT_DH_RSA_DES_192_CBC3_SHA,
SSL3_CK_DH_RSA_DES_192_CBC3_SHA,
- SSL_kDHr | SSL_aDH | SSL_3DES | SSL_SHA1 | SSL_SSLV3,
+ SSL_kDHr,
+ SSL_aDH,
+ SSL_3DES,
+ SSL_SHA1,
+ SSL_SSLV3,
SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
168,
- 168,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
/* The Ephemeral DH ciphers */
@@ -357,158 +435,193 @@
1,
SSL3_TXT_EDH_DSS_DES_40_CBC_SHA,
SSL3_CK_EDH_DSS_DES_40_CBC_SHA,
- SSL_kEDH | SSL_aDSS | SSL_DES | SSL_SHA1 | SSL_SSLV3,
+ SSL_kEDH,
+ SSL_aDSS,
+ SSL_DES,
+ SSL_SHA1,
+ SSL_SSLV3,
SSL_EXPORT | SSL_EXP40,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
40,
56,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
+
/* Cipher 12 */
{
1,
SSL3_TXT_EDH_DSS_DES_64_CBC_SHA,
SSL3_CK_EDH_DSS_DES_64_CBC_SHA,
- SSL_kEDH | SSL_aDSS | SSL_DES | SSL_SHA1 | SSL_SSLV3,
+ SSL_kEDH,
+ SSL_aDSS,
+ SSL_DES,
+ SSL_SHA1,
+ SSL_SSLV3,
SSL_NOT_EXP | SSL_LOW,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
56,
56,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
+
/* Cipher 13 */
{
1,
SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA,
SSL3_CK_EDH_DSS_DES_192_CBC3_SHA,
- SSL_kEDH | SSL_aDSS | SSL_3DES | SSL_SHA1 | SSL_SSLV3,
+ SSL_kEDH,
+ SSL_aDSS,
+ SSL_3DES,
+ SSL_SHA1,
+ SSL_SSLV3,
SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
168,
- 168,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
+
/* Cipher 14 */
{
1,
SSL3_TXT_EDH_RSA_DES_40_CBC_SHA,
SSL3_CK_EDH_RSA_DES_40_CBC_SHA,
- SSL_kEDH | SSL_aRSA | SSL_DES | SSL_SHA1 | SSL_SSLV3,
+ SSL_kEDH,
+ SSL_aRSA,
+ SSL_DES,
+ SSL_SHA1,
+ SSL_SSLV3,
SSL_EXPORT | SSL_EXP40,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
40,
56,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
+
/* Cipher 15 */
{
1,
SSL3_TXT_EDH_RSA_DES_64_CBC_SHA,
SSL3_CK_EDH_RSA_DES_64_CBC_SHA,
- SSL_kEDH | SSL_aRSA | SSL_DES | SSL_SHA1 | SSL_SSLV3,
+ SSL_kEDH,
+ SSL_aRSA,
+ SSL_DES,
+ SSL_SHA1,
+ SSL_SSLV3,
SSL_NOT_EXP | SSL_LOW,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
56,
56,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
+
/* Cipher 16 */
{
1,
SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA,
SSL3_CK_EDH_RSA_DES_192_CBC3_SHA,
- SSL_kEDH | SSL_aRSA | SSL_3DES | SSL_SHA1 | SSL_SSLV3,
+ SSL_kEDH,
+ SSL_aRSA,
+ SSL_3DES,
+ SSL_SHA1,
+ SSL_SSLV3,
SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
168,
- 168,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
+
/* Cipher 17 */
{
1,
SSL3_TXT_ADH_RC4_40_MD5,
SSL3_CK_ADH_RC4_40_MD5,
- SSL_kEDH | SSL_aNULL | SSL_RC4 | SSL_MD5 | SSL_SSLV3,
+ SSL_kEDH,
+ SSL_aNULL,
+ SSL_RC4,
+ SSL_MD5,
+ SSL_SSLV3,
SSL_EXPORT | SSL_EXP40,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
40,
128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
+
/* Cipher 18 */
{
1,
SSL3_TXT_ADH_RC4_128_MD5,
SSL3_CK_ADH_RC4_128_MD5,
- SSL_kEDH | SSL_aNULL | SSL_RC4 | SSL_MD5 | SSL_SSLV3,
+ SSL_kEDH,
+ SSL_aNULL,
+ SSL_RC4,
+ SSL_MD5,
+ SSL_SSLV3,
SSL_NOT_EXP | SSL_MEDIUM,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
+
/* Cipher 19 */
{
1,
SSL3_TXT_ADH_DES_40_CBC_SHA,
SSL3_CK_ADH_DES_40_CBC_SHA,
- SSL_kEDH | SSL_aNULL | SSL_DES | SSL_SHA1 | SSL_SSLV3,
+ SSL_kEDH,
+ SSL_aNULL,
+ SSL_DES,
+ SSL_SHA1,
+ SSL_SSLV3,
SSL_EXPORT | SSL_EXP40,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
40,
128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
+
/* Cipher 1A */
{
1,
SSL3_TXT_ADH_DES_64_CBC_SHA,
SSL3_CK_ADH_DES_64_CBC_SHA,
- SSL_kEDH | SSL_aNULL | SSL_DES | SSL_SHA1 | SSL_SSLV3,
+ SSL_kEDH,
+ SSL_aNULL,
+ SSL_DES,
+ SSL_SHA1,
+ SSL_SSLV3,
SSL_NOT_EXP | SSL_LOW,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
56,
56,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
+
/* Cipher 1B */
{
1,
SSL3_TXT_ADH_DES_192_CBC_SHA,
SSL3_CK_ADH_DES_192_CBC_SHA,
- SSL_kEDH | SSL_aNULL | SSL_3DES | SSL_SHA1 | SSL_SSLV3,
+ SSL_kEDH,
+ SSL_aNULL,
+ SSL_3DES,
+ SSL_SHA1,
+ SSL_SSLV3,
SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
168,
- 168,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
-/* Fortezza */
+/* Fortezza ciphersuite from SSL 3.0 spec */
+#if 0
/* Cipher 1C */
{
0,
SSL3_TXT_FZA_DMS_NULL_SHA,
SSL3_CK_FZA_DMS_NULL_SHA,
- SSL_kFZA | SSL_aFZA | SSL_eNULL | SSL_SHA1 | SSL_SSLV3,
+ SSL_kFZA,
+ SSL_aFZA,
+ SSL_eNULL,
+ SSL_SHA1,
+ SSL_SSLV3,
SSL_NOT_EXP | SSL_STRONG_NONE,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
0,
0,
- 0,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
/* Cipher 1D */
@@ -516,45 +629,50 @@
0,
SSL3_TXT_FZA_DMS_FZA_SHA,
SSL3_CK_FZA_DMS_FZA_SHA,
- SSL_kFZA | SSL_aFZA | SSL_eFZA | SSL_SHA1 | SSL_SSLV3,
+ SSL_kFZA,
+ SSL_aFZA,
+ SSL_eFZA,
+ SSL_SHA1,
+ SSL_SSLV3,
SSL_NOT_EXP | SSL_STRONG_NONE,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
0,
0,
- 0,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
-#if 0
/* Cipher 1E */
{
0,
SSL3_TXT_FZA_DMS_RC4_SHA,
SSL3_CK_FZA_DMS_RC4_SHA,
- SSL_kFZA | SSL_aFZA | SSL_RC4 | SSL_SHA1 | SSL_SSLV3,
+ SSL_kFZA,
+ SSL_aFZA,
+ SSL_RC4,
+ SSL_SHA1,
+ SSL_SSLV3,
SSL_NOT_EXP | SSL_MEDIUM,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
#endif
#ifndef OPENSSL_NO_KRB5
-/* The Kerberos ciphers */
+/* The Kerberos ciphers*/
/* Cipher 1E */
{
1,
SSL3_TXT_KRB5_DES_64_CBC_SHA,
SSL3_CK_KRB5_DES_64_CBC_SHA,
- SSL_kKRB5 | SSL_aKRB5 | SSL_DES | SSL_SHA1 | SSL_SSLV3,
+ SSL_kKRB5,
+ SSL_aKRB5,
+ SSL_DES,
+ SSL_SHA1,
+ SSL_SSLV3,
SSL_NOT_EXP | SSL_LOW,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
56,
56,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
/* Cipher 1F */
@@ -562,13 +680,15 @@
1,
SSL3_TXT_KRB5_DES_192_CBC3_SHA,
SSL3_CK_KRB5_DES_192_CBC3_SHA,
- SSL_kKRB5 | SSL_aKRB5 | SSL_3DES | SSL_SHA1 | SSL_SSLV3,
+ SSL_kKRB5,
+ SSL_aKRB5,
+ SSL_3DES,
+ SSL_SHA1,
+ SSL_SSLV3,
SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
168,
- 168,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
/* Cipher 20 */
@@ -576,13 +696,15 @@
1,
SSL3_TXT_KRB5_RC4_128_SHA,
SSL3_CK_KRB5_RC4_128_SHA,
- SSL_kKRB5 | SSL_aKRB5 | SSL_RC4 | SSL_SHA1 | SSL_SSLV3,
+ SSL_kKRB5,
+ SSL_aKRB5,
+ SSL_RC4,
+ SSL_SHA1,
+ SSL_SSLV3,
SSL_NOT_EXP | SSL_MEDIUM,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
/* Cipher 21 */
@@ -590,13 +712,15 @@
1,
SSL3_TXT_KRB5_IDEA_128_CBC_SHA,
SSL3_CK_KRB5_IDEA_128_CBC_SHA,
- SSL_kKRB5 | SSL_aKRB5 | SSL_IDEA | SSL_SHA1 | SSL_SSLV3,
+ SSL_kKRB5,
+ SSL_aKRB5,
+ SSL_IDEA,
+ SSL_SHA1,
+ SSL_SSLV3,
SSL_NOT_EXP | SSL_MEDIUM,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
/* Cipher 22 */
@@ -604,13 +728,15 @@
1,
SSL3_TXT_KRB5_DES_64_CBC_MD5,
SSL3_CK_KRB5_DES_64_CBC_MD5,
- SSL_kKRB5 | SSL_aKRB5 | SSL_DES | SSL_MD5 | SSL_SSLV3,
+ SSL_kKRB5,
+ SSL_aKRB5,
+ SSL_DES,
+ SSL_MD5,
+ SSL_SSLV3,
SSL_NOT_EXP | SSL_LOW,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
56,
56,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
/* Cipher 23 */
@@ -618,13 +744,15 @@
1,
SSL3_TXT_KRB5_DES_192_CBC3_MD5,
SSL3_CK_KRB5_DES_192_CBC3_MD5,
- SSL_kKRB5 | SSL_aKRB5 | SSL_3DES | SSL_MD5 | SSL_SSLV3,
+ SSL_kKRB5,
+ SSL_aKRB5,
+ SSL_3DES,
+ SSL_MD5,
+ SSL_SSLV3,
SSL_NOT_EXP | SSL_HIGH,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
168,
- 168,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
/* Cipher 24 */
@@ -632,13 +760,15 @@
1,
SSL3_TXT_KRB5_RC4_128_MD5,
SSL3_CK_KRB5_RC4_128_MD5,
- SSL_kKRB5 | SSL_aKRB5 | SSL_RC4 | SSL_MD5 | SSL_SSLV3,
+ SSL_kKRB5,
+ SSL_aKRB5,
+ SSL_RC4,
+ SSL_MD5,
+ SSL_SSLV3,
SSL_NOT_EXP | SSL_MEDIUM,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
/* Cipher 25 */
@@ -646,13 +776,15 @@
1,
SSL3_TXT_KRB5_IDEA_128_CBC_MD5,
SSL3_CK_KRB5_IDEA_128_CBC_MD5,
- SSL_kKRB5 | SSL_aKRB5 | SSL_IDEA | SSL_MD5 | SSL_SSLV3,
+ SSL_kKRB5,
+ SSL_aKRB5,
+ SSL_IDEA,
+ SSL_MD5,
+ SSL_SSLV3,
SSL_NOT_EXP | SSL_MEDIUM,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
/* Cipher 26 */
@@ -660,13 +792,15 @@
1,
SSL3_TXT_KRB5_DES_40_CBC_SHA,
SSL3_CK_KRB5_DES_40_CBC_SHA,
- SSL_kKRB5 | SSL_aKRB5 | SSL_DES | SSL_SHA1 | SSL_SSLV3,
+ SSL_kKRB5,
+ SSL_aKRB5,
+ SSL_DES,
+ SSL_SHA1,
+ SSL_SSLV3,
SSL_EXPORT | SSL_EXP40,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
40,
56,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
/* Cipher 27 */
@@ -674,13 +808,15 @@
1,
SSL3_TXT_KRB5_RC2_40_CBC_SHA,
SSL3_CK_KRB5_RC2_40_CBC_SHA,
- SSL_kKRB5 | SSL_aKRB5 | SSL_RC2 | SSL_SHA1 | SSL_SSLV3,
+ SSL_kKRB5,
+ SSL_aKRB5,
+ SSL_RC2,
+ SSL_SHA1,
+ SSL_SSLV3,
SSL_EXPORT | SSL_EXP40,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
40,
128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
/* Cipher 28 */
@@ -688,13 +824,15 @@
1,
SSL3_TXT_KRB5_RC4_40_SHA,
SSL3_CK_KRB5_RC4_40_SHA,
- SSL_kKRB5 | SSL_aKRB5 | SSL_RC4 | SSL_SHA1 | SSL_SSLV3,
+ SSL_kKRB5,
+ SSL_aKRB5,
+ SSL_RC4,
+ SSL_SHA1,
+ SSL_SSLV3,
SSL_EXPORT | SSL_EXP40,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
40,
128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
/* Cipher 29 */
@@ -702,13 +840,15 @@
1,
SSL3_TXT_KRB5_DES_40_CBC_MD5,
SSL3_CK_KRB5_DES_40_CBC_MD5,
- SSL_kKRB5 | SSL_aKRB5 | SSL_DES | SSL_MD5 | SSL_SSLV3,
+ SSL_kKRB5,
+ SSL_aKRB5,
+ SSL_DES,
+ SSL_MD5,
+ SSL_SSLV3,
SSL_EXPORT | SSL_EXP40,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
40,
56,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
/* Cipher 2A */
@@ -716,13 +856,15 @@
1,
SSL3_TXT_KRB5_RC2_40_CBC_MD5,
SSL3_CK_KRB5_RC2_40_CBC_MD5,
- SSL_kKRB5 | SSL_aKRB5 | SSL_RC2 | SSL_MD5 | SSL_SSLV3,
+ SSL_kKRB5,
+ SSL_aKRB5,
+ SSL_RC2,
+ SSL_MD5,
+ SSL_SSLV3,
SSL_EXPORT | SSL_EXP40,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
40,
128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
/* Cipher 2B */
@@ -730,13 +872,15 @@
1,
SSL3_TXT_KRB5_RC4_40_MD5,
SSL3_CK_KRB5_RC4_40_MD5,
- SSL_kKRB5 | SSL_aKRB5 | SSL_RC4 | SSL_MD5 | SSL_SSLV3,
+ SSL_kKRB5,
+ SSL_aKRB5,
+ SSL_RC4,
+ SSL_MD5,
+ SSL_SSLV3,
SSL_EXPORT | SSL_EXP40,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
40,
128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
#endif /* OPENSSL_NO_KRB5 */
@@ -746,13 +890,15 @@
1,
TLS1_TXT_RSA_WITH_AES_128_SHA,
TLS1_CK_RSA_WITH_AES_128_SHA,
- SSL_kRSA | SSL_aRSA | SSL_AES | SSL_SHA | SSL_TLSV1,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_AES128,
+ SSL_SHA1,
+ SSL_TLSV1,
SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
/* Cipher 30 */
{
@@ -759,13 +905,15 @@
0,
TLS1_TXT_DH_DSS_WITH_AES_128_SHA,
TLS1_CK_DH_DSS_WITH_AES_128_SHA,
- SSL_kDHd | SSL_aDH | SSL_AES | SSL_SHA | SSL_TLSV1,
+ SSL_kDHd,
+ SSL_aDH,
+ SSL_AES128,
+ SSL_SHA1,
+ SSL_TLSV1,
SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
/* Cipher 31 */
{
@@ -772,13 +920,15 @@
0,
TLS1_TXT_DH_RSA_WITH_AES_128_SHA,
TLS1_CK_DH_RSA_WITH_AES_128_SHA,
- SSL_kDHr | SSL_aDH | SSL_AES | SSL_SHA | SSL_TLSV1,
+ SSL_kDHr,
+ SSL_aDH,
+ SSL_AES128,
+ SSL_SHA1,
+ SSL_TLSV1,
SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
/* Cipher 32 */
{
@@ -785,13 +935,15 @@
1,
TLS1_TXT_DHE_DSS_WITH_AES_128_SHA,
TLS1_CK_DHE_DSS_WITH_AES_128_SHA,
- SSL_kEDH | SSL_aDSS | SSL_AES | SSL_SHA | SSL_TLSV1,
+ SSL_kEDH,
+ SSL_aDSS,
+ SSL_AES128,
+ SSL_SHA1,
+ SSL_TLSV1,
SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
/* Cipher 33 */
{
@@ -798,13 +950,15 @@
1,
TLS1_TXT_DHE_RSA_WITH_AES_128_SHA,
TLS1_CK_DHE_RSA_WITH_AES_128_SHA,
- SSL_kEDH | SSL_aRSA | SSL_AES | SSL_SHA | SSL_TLSV1,
+ SSL_kEDH,
+ SSL_aRSA,
+ SSL_AES128,
+ SSL_SHA1,
+ SSL_TLSV1,
SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
/* Cipher 34 */
{
@@ -811,13 +965,15 @@
1,
TLS1_TXT_ADH_WITH_AES_128_SHA,
TLS1_CK_ADH_WITH_AES_128_SHA,
- SSL_kEDH | SSL_aNULL | SSL_AES | SSL_SHA | SSL_TLSV1,
+ SSL_kEDH,
+ SSL_aNULL,
+ SSL_AES128,
+ SSL_SHA1,
+ SSL_TLSV1,
SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
/* Cipher 35 */
@@ -825,13 +981,15 @@
1,
TLS1_TXT_RSA_WITH_AES_256_SHA,
TLS1_CK_RSA_WITH_AES_256_SHA,
- SSL_kRSA | SSL_aRSA | SSL_AES | SSL_SHA | SSL_TLSV1,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_AES256,
+ SSL_SHA1,
+ SSL_TLSV1,
SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
256,
256,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
/* Cipher 36 */
{
@@ -838,67 +996,178 @@
0,
TLS1_TXT_DH_DSS_WITH_AES_256_SHA,
TLS1_CK_DH_DSS_WITH_AES_256_SHA,
- SSL_kDHd | SSL_aDH | SSL_AES | SSL_SHA | SSL_TLSV1,
+ SSL_kDHd,
+ SSL_aDH,
+ SSL_AES256,
+ SSL_SHA1,
+ SSL_TLSV1,
SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
256,
256,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
+
/* Cipher 37 */
{
- 0,
+ 0, /* not implemented (non-ephemeral DH) */
TLS1_TXT_DH_RSA_WITH_AES_256_SHA,
TLS1_CK_DH_RSA_WITH_AES_256_SHA,
- SSL_kDHr | SSL_aDH | SSL_AES | SSL_SHA | SSL_TLSV1,
+ SSL_kDHr,
+ SSL_aDH,
+ SSL_AES256,
+ SSL_SHA1,
+ SSL_TLSV1,
SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
256,
256,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
+
/* Cipher 38 */
{
1,
TLS1_TXT_DHE_DSS_WITH_AES_256_SHA,
TLS1_CK_DHE_DSS_WITH_AES_256_SHA,
- SSL_kEDH | SSL_aDSS | SSL_AES | SSL_SHA | SSL_TLSV1,
+ SSL_kEDH,
+ SSL_aDSS,
+ SSL_AES256,
+ SSL_SHA1,
+ SSL_TLSV1,
SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
256,
256,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
+
/* Cipher 39 */
{
1,
TLS1_TXT_DHE_RSA_WITH_AES_256_SHA,
TLS1_CK_DHE_RSA_WITH_AES_256_SHA,
- SSL_kEDH | SSL_aRSA | SSL_AES | SSL_SHA | SSL_TLSV1,
+ SSL_kEDH,
+ SSL_aRSA,
+ SSL_AES256,
+ SSL_SHA1,
+ SSL_TLSV1,
SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
256,
256,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
+
/* Cipher 3A */
{
1,
TLS1_TXT_ADH_WITH_AES_256_SHA,
TLS1_CK_ADH_WITH_AES_256_SHA,
- SSL_kEDH | SSL_aNULL | SSL_AES | SSL_SHA | SSL_TLSV1,
+ SSL_kEDH,
+ SSL_aNULL,
+ SSL_AES256,
+ SSL_SHA1,
+ SSL_TLSV1,
SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+
+ /* TLS v1.2 ciphersuites */
+ /* Cipher 3B */
+ {
+ 1,
+ TLS1_TXT_RSA_WITH_NULL_SHA256,
+ TLS1_CK_RSA_WITH_NULL_SHA256,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_eNULL,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
0,
+ 0,
+ },
+
+ /* Cipher 3C */
+ {
+ 1,
+ TLS1_TXT_RSA_WITH_AES_128_SHA256,
+ TLS1_CK_RSA_WITH_AES_128_SHA256,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_AES128,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher 3D */
+ {
+ 1,
+ TLS1_TXT_RSA_WITH_AES_256_SHA256,
+ TLS1_CK_RSA_WITH_AES_256_SHA256,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_AES256,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
256,
256,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
+ /* Cipher 3E */
+ {
+ 0, /* not implemented (non-ephemeral DH) */
+ TLS1_TXT_DH_DSS_WITH_AES_128_SHA256,
+ TLS1_CK_DH_DSS_WITH_AES_128_SHA256,
+ SSL_kDHd,
+ SSL_aDH,
+ SSL_AES128,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher 3F */
+ {
+ 0, /* not implemented (non-ephemeral DH) */
+ TLS1_TXT_DH_RSA_WITH_AES_128_SHA256,
+ TLS1_CK_DH_RSA_WITH_AES_128_SHA256,
+ SSL_kDHr,
+ SSL_aDH,
+ SSL_AES128,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher 40 */
+ {
+ 1,
+ TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256,
+ TLS1_CK_DHE_DSS_WITH_AES_128_SHA256,
+ SSL_kEDH,
+ SSL_aDSS,
+ SSL_AES128,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
#ifndef OPENSSL_NO_CAMELLIA
/* Camellia ciphersuites from RFC4132 (128-bit portion) */
@@ -907,73 +1176,96 @@
1,
TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA,
TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA,
- SSL_kRSA | SSL_aRSA | SSL_CAMELLIA | SSL_SHA | SSL_TLSV1,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_CAMELLIA128,
+ SSL_SHA1,
+ SSL_TLSV1,
SSL_NOT_EXP | SSL_HIGH,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS},
+ },
+
/* Cipher 42 */
{
0, /* not implemented (non-ephemeral DH) */
TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
- SSL_kDHd | SSL_aDH | SSL_CAMELLIA | SSL_SHA | SSL_TLSV1,
+ SSL_kDHd,
+ SSL_aDH,
+ SSL_CAMELLIA128,
+ SSL_SHA1,
+ SSL_TLSV1,
SSL_NOT_EXP | SSL_HIGH,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS},
+ },
+
/* Cipher 43 */
{
0, /* not implemented (non-ephemeral DH) */
TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
- SSL_kDHr | SSL_aDH | SSL_CAMELLIA | SSL_SHA | SSL_TLSV1,
+ SSL_kDHr,
+ SSL_aDH,
+ SSL_CAMELLIA128,
+ SSL_SHA1,
+ SSL_TLSV1,
SSL_NOT_EXP | SSL_HIGH,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS},
+ },
+
/* Cipher 44 */
{
1,
TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
- SSL_kEDH | SSL_aDSS | SSL_CAMELLIA | SSL_SHA | SSL_TLSV1,
+ SSL_kEDH,
+ SSL_aDSS,
+ SSL_CAMELLIA128,
+ SSL_SHA1,
+ SSL_TLSV1,
SSL_NOT_EXP | SSL_HIGH,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS},
+ },
+
/* Cipher 45 */
{
1,
TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
- SSL_kEDH | SSL_aRSA | SSL_CAMELLIA | SSL_SHA | SSL_TLSV1,
+ SSL_kEDH,
+ SSL_aRSA,
+ SSL_CAMELLIA128,
+ SSL_SHA1,
+ SSL_TLSV1,
SSL_NOT_EXP | SSL_HIGH,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS},
+ },
+
/* Cipher 46 */
{
1,
TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA,
TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA,
- SSL_kEDH | SSL_aNULL | SSL_CAMELLIA | SSL_SHA | SSL_TLSV1,
+ SSL_kEDH,
+ SSL_aNULL,
+ SSL_CAMELLIA128,
+ SSL_SHA1,
+ SSL_TLSV1,
SSL_NOT_EXP | SSL_HIGH,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS},
+ },
#endif /* OPENSSL_NO_CAMELLIA */
#if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES
@@ -984,94 +1276,283 @@
1,
TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5,
TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5,
- SSL_kRSA | SSL_aRSA | SSL_RC4 | SSL_MD5 | SSL_TLSV1,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_RC4,
+ SSL_MD5,
+ SSL_TLSV1,
SSL_EXPORT | SSL_EXP56,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
56,
128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
+
/* Cipher 61 */
{
1,
TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
- SSL_kRSA | SSL_aRSA | SSL_RC2 | SSL_MD5 | SSL_TLSV1,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_RC2,
+ SSL_MD5,
+ SSL_TLSV1,
SSL_EXPORT | SSL_EXP56,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
56,
128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
# endif
+
/* Cipher 62 */
{
1,
TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA,
TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA,
- SSL_kRSA | SSL_aRSA | SSL_DES | SSL_SHA | SSL_TLSV1,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_DES,
+ SSL_SHA1,
+ SSL_TLSV1,
SSL_EXPORT | SSL_EXP56,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
56,
56,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
+
/* Cipher 63 */
{
1,
TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
- SSL_kEDH | SSL_aDSS | SSL_DES | SSL_SHA | SSL_TLSV1,
+ SSL_kEDH,
+ SSL_aDSS,
+ SSL_DES,
+ SSL_SHA1,
+ SSL_TLSV1,
SSL_EXPORT | SSL_EXP56,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
56,
56,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
+
/* Cipher 64 */
{
1,
TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA,
TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA,
- SSL_kRSA | SSL_aRSA | SSL_RC4 | SSL_SHA | SSL_TLSV1,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_RC4,
+ SSL_SHA1,
+ SSL_TLSV1,
SSL_EXPORT | SSL_EXP56,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
56,
128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
+
/* Cipher 65 */
{
1,
TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
- SSL_kEDH | SSL_aDSS | SSL_RC4 | SSL_SHA | SSL_TLSV1,
+ SSL_kEDH,
+ SSL_aDSS,
+ SSL_RC4,
+ SSL_SHA1,
+ SSL_TLSV1,
SSL_EXPORT | SSL_EXP56,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
56,
128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
+
/* Cipher 66 */
{
1,
TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA,
TLS1_CK_DHE_DSS_WITH_RC4_128_SHA,
- SSL_kEDH | SSL_aDSS | SSL_RC4 | SSL_SHA | SSL_TLSV1,
+ SSL_kEDH,
+ SSL_aDSS,
+ SSL_RC4,
+ SSL_SHA1,
+ SSL_TLSV1,
SSL_NOT_EXP | SSL_MEDIUM,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS},
+ },
#endif
+ /* TLS v1.2 ciphersuites */
+ /* Cipher 67 */
+ {
+ 1,
+ TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256,
+ TLS1_CK_DHE_RSA_WITH_AES_128_SHA256,
+ SSL_kEDH,
+ SSL_aRSA,
+ SSL_AES128,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher 68 */
+ {
+ 0, /* not implemented (non-ephemeral DH) */
+ TLS1_TXT_DH_DSS_WITH_AES_256_SHA256,
+ TLS1_CK_DH_DSS_WITH_AES_256_SHA256,
+ SSL_kDHd,
+ SSL_aDH,
+ SSL_AES256,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+
+ /* Cipher 69 */
+ {
+ 0, /* not implemented (non-ephemeral DH) */
+ TLS1_TXT_DH_RSA_WITH_AES_256_SHA256,
+ TLS1_CK_DH_RSA_WITH_AES_256_SHA256,
+ SSL_kDHr,
+ SSL_aDH,
+ SSL_AES256,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+
+ /* Cipher 6A */
+ {
+ 1,
+ TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256,
+ TLS1_CK_DHE_DSS_WITH_AES_256_SHA256,
+ SSL_kEDH,
+ SSL_aDSS,
+ SSL_AES256,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+
+ /* Cipher 6B */
+ {
+ 1,
+ TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256,
+ TLS1_CK_DHE_RSA_WITH_AES_256_SHA256,
+ SSL_kEDH,
+ SSL_aRSA,
+ SSL_AES256,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+
+ /* Cipher 6C */
+ {
+ 1,
+ TLS1_TXT_ADH_WITH_AES_128_SHA256,
+ TLS1_CK_ADH_WITH_AES_128_SHA256,
+ SSL_kEDH,
+ SSL_aNULL,
+ SSL_AES128,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher 6D */
+ {
+ 1,
+ TLS1_TXT_ADH_WITH_AES_256_SHA256,
+ TLS1_CK_ADH_WITH_AES_256_SHA256,
+ SSL_kEDH,
+ SSL_aNULL,
+ SSL_AES256,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+
+ /* GOST Ciphersuites */
+
+ {
+ 1,
+ "GOST94-GOST89-GOST89",
+ 0x3000080,
+ SSL_kGOST,
+ SSL_aGOST94,
+ SSL_eGOST2814789CNT,
+ SSL_GOST89MAC,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94 | TLS1_STREAM_MAC,
+ 256,
+ 256},
+ {
+ 1,
+ "GOST2001-GOST89-GOST89",
+ 0x3000081,
+ SSL_kGOST,
+ SSL_aGOST01,
+ SSL_eGOST2814789CNT,
+ SSL_GOST89MAC,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94 | TLS1_STREAM_MAC,
+ 256,
+ 256},
+ {
+ 1,
+ "GOST94-NULL-GOST94",
+ 0x3000082,
+ SSL_kGOST,
+ SSL_aGOST94,
+ SSL_eNULL,
+ SSL_GOST94,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_STRONG_NONE,
+ SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94,
+ 0,
+ 0},
+ {
+ 1,
+ "GOST2001-NULL-GOST94",
+ 0x3000083,
+ SSL_kGOST,
+ SSL_aGOST01,
+ SSL_eNULL,
+ SSL_GOST94,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_STRONG_NONE,
+ SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94,
+ 0,
+ 0},
+
#ifndef OPENSSL_NO_CAMELLIA
/* Camellia ciphersuites from RFC4132 (256-bit portion) */
@@ -1080,75 +1561,163 @@
1,
TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA,
TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA,
- SSL_kRSA | SSL_aRSA | SSL_CAMELLIA | SSL_SHA | SSL_TLSV1,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_CAMELLIA256,
+ SSL_SHA1,
+ SSL_TLSV1,
SSL_NOT_EXP | SSL_HIGH,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
256,
256,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS},
+ },
/* Cipher 85 */
{
0, /* not implemented (non-ephemeral DH) */
TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
- SSL_kDHd | SSL_aDH | SSL_CAMELLIA | SSL_SHA | SSL_TLSV1,
+ SSL_kDHd,
+ SSL_aDH,
+ SSL_CAMELLIA256,
+ SSL_SHA1,
+ SSL_TLSV1,
SSL_NOT_EXP | SSL_HIGH,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
256,
256,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS},
+ },
+
/* Cipher 86 */
{
0, /* not implemented (non-ephemeral DH) */
TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
- SSL_kDHr | SSL_aDH | SSL_CAMELLIA | SSL_SHA | SSL_TLSV1,
+ SSL_kDHr,
+ SSL_aDH,
+ SSL_CAMELLIA256,
+ SSL_SHA1,
+ SSL_TLSV1,
SSL_NOT_EXP | SSL_HIGH,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
256,
256,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS},
+ },
+
/* Cipher 87 */
{
1,
TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
- SSL_kEDH | SSL_aDSS | SSL_CAMELLIA | SSL_SHA | SSL_TLSV1,
+ SSL_kEDH,
+ SSL_aDSS,
+ SSL_CAMELLIA256,
+ SSL_SHA1,
+ SSL_TLSV1,
SSL_NOT_EXP | SSL_HIGH,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
256,
256,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS},
+ },
+
/* Cipher 88 */
{
1,
TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
- SSL_kEDH | SSL_aRSA | SSL_CAMELLIA | SSL_SHA | SSL_TLSV1,
+ SSL_kEDH,
+ SSL_aRSA,
+ SSL_CAMELLIA256,
+ SSL_SHA1,
+ SSL_TLSV1,
SSL_NOT_EXP | SSL_HIGH,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
256,
256,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS},
+ },
+
/* Cipher 89 */
{
1,
TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA,
TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA,
- SSL_kEDH | SSL_aNULL | SSL_CAMELLIA | SSL_SHA | SSL_TLSV1,
+ SSL_kEDH,
+ SSL_aNULL,
+ SSL_CAMELLIA256,
+ SSL_SHA1,
+ SSL_TLSV1,
SSL_NOT_EXP | SSL_HIGH,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
256,
256,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS},
+ },
#endif /* OPENSSL_NO_CAMELLIA */
+#ifndef OPENSSL_NO_PSK
+ /* Cipher 8A */
+ {
+ 1,
+ TLS1_TXT_PSK_WITH_RC4_128_SHA,
+ TLS1_CK_PSK_WITH_RC4_128_SHA,
+ SSL_kPSK,
+ SSL_aPSK,
+ SSL_RC4,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher 8B */
+ {
+ 1,
+ TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA,
+ TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA,
+ SSL_kPSK,
+ SSL_aPSK,
+ SSL_3DES,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
+ 168,
+ },
+
+ /* Cipher 8C */
+ {
+ 1,
+ TLS1_TXT_PSK_WITH_AES_128_CBC_SHA,
+ TLS1_CK_PSK_WITH_AES_128_CBC_SHA,
+ SSL_kPSK,
+ SSL_aPSK,
+ SSL_AES128,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher 8D */
+ {
+ 1,
+ TLS1_TXT_PSK_WITH_AES_256_CBC_SHA,
+ TLS1_CK_PSK_WITH_AES_256_CBC_SHA,
+ SSL_kPSK,
+ SSL_aPSK,
+ SSL_AES256,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+#endif /* OPENSSL_NO_PSK */
+
#ifndef OPENSSL_NO_SEED
/* SEED ciphersuites from RFC4162 */
@@ -1157,13 +1726,15 @@
1,
TLS1_TXT_RSA_WITH_SEED_SHA,
TLS1_CK_RSA_WITH_SEED_SHA,
- SSL_kRSA | SSL_aRSA | SSL_SEED | SSL_SHA1 | SSL_TLSV1,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_SEED,
+ SSL_SHA1,
+ SSL_TLSV1,
SSL_NOT_EXP | SSL_MEDIUM,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
/* Cipher 97 */
@@ -1171,13 +1742,15 @@
0, /* not implemented (non-ephemeral DH) */
TLS1_TXT_DH_DSS_WITH_SEED_SHA,
TLS1_CK_DH_DSS_WITH_SEED_SHA,
- SSL_kDHd | SSL_aDH | SSL_SEED | SSL_SHA1 | SSL_TLSV1,
+ SSL_kDHd,
+ SSL_aDH,
+ SSL_SEED,
+ SSL_SHA1,
+ SSL_TLSV1,
SSL_NOT_EXP | SSL_MEDIUM,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
/* Cipher 98 */
@@ -1185,13 +1758,15 @@
0, /* not implemented (non-ephemeral DH) */
TLS1_TXT_DH_RSA_WITH_SEED_SHA,
TLS1_CK_DH_RSA_WITH_SEED_SHA,
- SSL_kDHr | SSL_aDH | SSL_SEED | SSL_SHA1 | SSL_TLSV1,
+ SSL_kDHr,
+ SSL_aDH,
+ SSL_SEED,
+ SSL_SHA1,
+ SSL_TLSV1,
SSL_NOT_EXP | SSL_MEDIUM,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
/* Cipher 99 */
@@ -1199,13 +1774,15 @@
1,
TLS1_TXT_DHE_DSS_WITH_SEED_SHA,
TLS1_CK_DHE_DSS_WITH_SEED_SHA,
- SSL_kEDH | SSL_aDSS | SSL_SEED | SSL_SHA1 | SSL_TLSV1,
+ SSL_kEDH,
+ SSL_aDSS,
+ SSL_SEED,
+ SSL_SHA1,
+ SSL_TLSV1,
SSL_NOT_EXP | SSL_MEDIUM,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
/* Cipher 9A */
@@ -1213,13 +1790,15 @@
1,
TLS1_TXT_DHE_RSA_WITH_SEED_SHA,
TLS1_CK_DHE_RSA_WITH_SEED_SHA,
- SSL_kEDH | SSL_aRSA | SSL_SEED | SSL_SHA1 | SSL_TLSV1,
+ SSL_kEDH,
+ SSL_aRSA,
+ SSL_SEED,
+ SSL_SHA1,
+ SSL_TLSV1,
SSL_NOT_EXP | SSL_MEDIUM,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
/* Cipher 9B */
@@ -1227,17 +1806,213 @@
1,
TLS1_TXT_ADH_WITH_SEED_SHA,
TLS1_CK_ADH_WITH_SEED_SHA,
- SSL_kEDH | SSL_aNULL | SSL_SEED | SSL_SHA1 | SSL_TLSV1,
+ SSL_kEDH,
+ SSL_aNULL,
+ SSL_SEED,
+ SSL_SHA1,
+ SSL_TLSV1,
SSL_NOT_EXP | SSL_MEDIUM,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
#endif /* OPENSSL_NO_SEED */
+ /* GCM ciphersuites from RFC5288 */
+
+ /* Cipher 9C */
+ {
+ 1,
+ TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256,
+ TLS1_CK_RSA_WITH_AES_128_GCM_SHA256,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_AES128GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+
+ /* Cipher 9D */
+ {
+ 1,
+ TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384,
+ TLS1_CK_RSA_WITH_AES_256_GCM_SHA384,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_AES256GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+
+ /* Cipher 9E */
+ {
+ 1,
+ TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256,
+ TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256,
+ SSL_kEDH,
+ SSL_aRSA,
+ SSL_AES128GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+
+ /* Cipher 9F */
+ {
+ 1,
+ TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384,
+ TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384,
+ SSL_kEDH,
+ SSL_aRSA,
+ SSL_AES256GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+
+ /* Cipher A0 */
+ {
+ 0,
+ TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256,
+ TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256,
+ SSL_kDHr,
+ SSL_aDH,
+ SSL_AES128GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+
+ /* Cipher A1 */
+ {
+ 0,
+ TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384,
+ TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384,
+ SSL_kDHr,
+ SSL_aDH,
+ SSL_AES256GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+
+ /* Cipher A2 */
+ {
+ 1,
+ TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256,
+ TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256,
+ SSL_kEDH,
+ SSL_aDSS,
+ SSL_AES128GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+
+ /* Cipher A3 */
+ {
+ 1,
+ TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384,
+ TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384,
+ SSL_kEDH,
+ SSL_aDSS,
+ SSL_AES256GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+
+ /* Cipher A4 */
+ {
+ 0,
+ TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256,
+ TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256,
+ SSL_kDHd,
+ SSL_aDH,
+ SSL_AES128GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+
+ /* Cipher A5 */
+ {
+ 0,
+ TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384,
+ TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384,
+ SSL_kDHd,
+ SSL_aDH,
+ SSL_AES256GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+
+ /* Cipher A6 */
+ {
+ 1,
+ TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256,
+ TLS1_CK_ADH_WITH_AES_128_GCM_SHA256,
+ SSL_kEDH,
+ SSL_aNULL,
+ SSL_AES128GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+
+ /* Cipher A7 */
+ {
+ 1,
+ TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384,
+ TLS1_CK_ADH_WITH_AES_256_GCM_SHA384,
+ SSL_kEDH,
+ SSL_aNULL,
+ SSL_AES256GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+
#ifndef OPENSSL_NO_ECDH
/* Cipher C001 */
{
@@ -1244,13 +2019,15 @@
1,
TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA,
TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA,
- SSL_kECDH | SSL_aECDSA | SSL_eNULL | SSL_SHA | SSL_TLSV1,
- SSL_NOT_EXP,
+ SSL_kECDHe,
+ SSL_aECDH,
+ SSL_eNULL,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
0,
0,
- 0,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
/* Cipher C002 */
@@ -1258,13 +2035,15 @@
1,
TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA,
TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA,
- SSL_kECDH | SSL_aECDSA | SSL_RC4 | SSL_SHA | SSL_TLSV1,
- SSL_NOT_EXP,
- 0,
+ SSL_kECDHe,
+ SSL_aECDH,
+ SSL_RC4,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
/* Cipher C003 */
@@ -1272,13 +2051,15 @@
1,
TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
- SSL_kECDH | SSL_aECDSA | SSL_3DES | SSL_SHA | SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH,
- 0,
+ SSL_kECDHe,
+ SSL_aECDH,
+ SSL_3DES,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
168,
- 168,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
/* Cipher C004 */
@@ -1286,13 +2067,15 @@
1,
TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
- SSL_kECDH | SSL_aECDSA | SSL_AES | SSL_SHA | SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH,
- 0,
+ SSL_kECDHe,
+ SSL_aECDH,
+ SSL_AES128,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
/* Cipher C005 */
@@ -1300,13 +2083,15 @@
1,
TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
- SSL_kECDH | SSL_aECDSA | SSL_AES | SSL_SHA | SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH,
- 0,
+ SSL_kECDHe,
+ SSL_aECDH,
+ SSL_AES256,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
256,
256,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
/* Cipher C006 */
@@ -1314,13 +2099,15 @@
1,
TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA,
TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA,
- SSL_kECDHE | SSL_aECDSA | SSL_eNULL | SSL_SHA | SSL_TLSV1,
- SSL_NOT_EXP,
+ SSL_kEECDH,
+ SSL_aECDSA,
+ SSL_eNULL,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
0,
0,
- 0,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
/* Cipher C007 */
@@ -1328,13 +2115,15 @@
1,
TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA,
TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA,
- SSL_kECDHE | SSL_aECDSA | SSL_RC4 | SSL_SHA | SSL_TLSV1,
- SSL_NOT_EXP,
- 0,
+ SSL_kEECDH,
+ SSL_aECDSA,
+ SSL_RC4,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
/* Cipher C008 */
@@ -1342,13 +2131,15 @@
1,
TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
- SSL_kECDHE | SSL_aECDSA | SSL_3DES | SSL_SHA | SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH,
- 0,
+ SSL_kEECDH,
+ SSL_aECDSA,
+ SSL_3DES,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
168,
- 168,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
/* Cipher C009 */
@@ -1356,13 +2147,15 @@
1,
TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
- SSL_kECDHE | SSL_aECDSA | SSL_AES | SSL_SHA | SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH,
- 0,
+ SSL_kEECDH,
+ SSL_aECDSA,
+ SSL_AES128,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
/* Cipher C00A */
@@ -1370,13 +2163,15 @@
1,
TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
- SSL_kECDHE | SSL_aECDSA | SSL_AES | SSL_SHA | SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH,
- 0,
+ SSL_kEECDH,
+ SSL_aECDSA,
+ SSL_AES256,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
256,
256,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
/* Cipher C00B */
@@ -1384,13 +2179,15 @@
1,
TLS1_TXT_ECDH_RSA_WITH_NULL_SHA,
TLS1_CK_ECDH_RSA_WITH_NULL_SHA,
- SSL_kECDH | SSL_aRSA | SSL_eNULL | SSL_SHA | SSL_TLSV1,
- SSL_NOT_EXP,
+ SSL_kECDHr,
+ SSL_aECDH,
+ SSL_eNULL,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
0,
0,
- 0,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
/* Cipher C00C */
@@ -1398,13 +2195,15 @@
1,
TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA,
TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA,
- SSL_kECDH | SSL_aRSA | SSL_RC4 | SSL_SHA | SSL_TLSV1,
- SSL_NOT_EXP,
- 0,
+ SSL_kECDHr,
+ SSL_aECDH,
+ SSL_RC4,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
/* Cipher C00D */
@@ -1412,13 +2211,15 @@
1,
TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA,
TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA,
- SSL_kECDH | SSL_aRSA | SSL_3DES | SSL_SHA | SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH,
- 0,
+ SSL_kECDHr,
+ SSL_aECDH,
+ SSL_3DES,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
168,
- 168,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
/* Cipher C00E */
@@ -1426,13 +2227,15 @@
1,
TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA,
TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA,
- SSL_kECDH | SSL_aRSA | SSL_AES | SSL_SHA | SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH,
- 0,
+ SSL_kECDHr,
+ SSL_aECDH,
+ SSL_AES128,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
/* Cipher C00F */
@@ -1440,13 +2243,15 @@
1,
TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA,
TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA,
- SSL_kECDH | SSL_aRSA | SSL_AES | SSL_SHA | SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH,
- 0,
+ SSL_kECDHr,
+ SSL_aECDH,
+ SSL_AES256,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
256,
256,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
/* Cipher C010 */
@@ -1454,13 +2259,15 @@
1,
TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA,
TLS1_CK_ECDHE_RSA_WITH_NULL_SHA,
- SSL_kECDHE | SSL_aRSA | SSL_eNULL | SSL_SHA | SSL_TLSV1,
- SSL_NOT_EXP,
+ SSL_kEECDH,
+ SSL_aRSA,
+ SSL_eNULL,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
0,
0,
- 0,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
/* Cipher C011 */
@@ -1468,13 +2275,15 @@
1,
TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA,
TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA,
- SSL_kECDHE | SSL_aRSA | SSL_RC4 | SSL_SHA | SSL_TLSV1,
- SSL_NOT_EXP,
- 0,
+ SSL_kEECDH,
+ SSL_aRSA,
+ SSL_RC4,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
/* Cipher C012 */
@@ -1482,13 +2291,15 @@
1,
TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
- SSL_kECDHE | SSL_aRSA | SSL_3DES | SSL_SHA | SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH,
- 0,
+ SSL_kEECDH,
+ SSL_aRSA,
+ SSL_3DES,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
168,
- 168,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
/* Cipher C013 */
@@ -1496,13 +2307,15 @@
1,
TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA,
TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA,
- SSL_kECDHE | SSL_aRSA | SSL_AES | SSL_SHA | SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH,
- 0,
+ SSL_kEECDH,
+ SSL_aRSA,
+ SSL_AES128,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
/* Cipher C014 */
@@ -1510,13 +2323,15 @@
1,
TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA,
TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA,
- SSL_kECDHE | SSL_aRSA | SSL_AES | SSL_SHA | SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH,
- 0,
+ SSL_kEECDH,
+ SSL_aRSA,
+ SSL_AES256,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
256,
256,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
/* Cipher C015 */
@@ -1524,13 +2339,15 @@
1,
TLS1_TXT_ECDH_anon_WITH_NULL_SHA,
TLS1_CK_ECDH_anon_WITH_NULL_SHA,
- SSL_kECDHE | SSL_aNULL | SSL_eNULL | SSL_SHA | SSL_TLSV1,
- SSL_NOT_EXP,
+ SSL_kEECDH,
+ SSL_aNULL,
+ SSL_eNULL,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
0,
0,
- 0,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
/* Cipher C016 */
@@ -1538,13 +2355,15 @@
1,
TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA,
TLS1_CK_ECDH_anon_WITH_RC4_128_SHA,
- SSL_kECDHE | SSL_aNULL | SSL_RC4 | SSL_SHA | SSL_TLSV1,
- SSL_NOT_EXP,
- 0,
+ SSL_kEECDH,
+ SSL_aNULL,
+ SSL_RC4,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
/* Cipher C017 */
@@ -1552,13 +2371,15 @@
1,
TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA,
TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA,
- SSL_kECDHE | SSL_aNULL | SSL_3DES | SSL_SHA | SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH,
- 0,
+ SSL_kEECDH,
+ SSL_aNULL,
+ SSL_3DES,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
168,
- 168,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
/* Cipher C018 */
@@ -1566,13 +2387,15 @@
1,
TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA,
TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA,
- SSL_kECDHE | SSL_aNULL | SSL_AES | SSL_SHA | SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH,
- 0,
+ SSL_kEECDH,
+ SSL_aNULL,
+ SSL_AES128,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
/* Cipher C019 */
@@ -1580,22 +2403,490 @@
1,
TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA,
TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA,
- SSL_kECDHE | SSL_aNULL | SSL_AES | SSL_SHA | SSL_TLSV1,
+ SSL_kEECDH,
+ SSL_aNULL,
+ SSL_AES256,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+#endif /* OPENSSL_NO_ECDH */
+
+#ifndef OPENSSL_NO_SRP
+ /* Cipher C01A */
+ {
+ 1,
+ TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
+ TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
+ SSL_kSRP,
+ SSL_aSRP,
+ SSL_3DES,
+ SSL_SHA1,
+ SSL_TLSV1,
SSL_NOT_EXP | SSL_HIGH,
- 0,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
+ 168,
+ },
+
+ /* Cipher C01B */
+ {
+ 1,
+ TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
+ TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
+ SSL_kSRP,
+ SSL_aRSA,
+ SSL_3DES,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
+ 168,
+ },
+
+ /* Cipher C01C */
+ {
+ 1,
+ TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
+ TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
+ SSL_kSRP,
+ SSL_aDSS,
+ SSL_3DES,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
+ 168,
+ },
+
+ /* Cipher C01D */
+ {
+ 1,
+ TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA,
+ TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA,
+ SSL_kSRP,
+ SSL_aSRP,
+ SSL_AES128,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher C01E */
+ {
+ 1,
+ TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
+ TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
+ SSL_kSRP,
+ SSL_aRSA,
+ SSL_AES128,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher C01F */
+ {
+ 1,
+ TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
+ TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
+ SSL_kSRP,
+ SSL_aDSS,
+ SSL_AES128,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher C020 */
+ {
+ 1,
+ TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA,
+ TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA,
+ SSL_kSRP,
+ SSL_aSRP,
+ SSL_AES256,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
256,
256,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
},
+
+ /* Cipher C021 */
+ {
+ 1,
+ TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
+ TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
+ SSL_kSRP,
+ SSL_aRSA,
+ SSL_AES256,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+
+ /* Cipher C022 */
+ {
+ 1,
+ TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
+ TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
+ SSL_kSRP,
+ SSL_aDSS,
+ SSL_AES256,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+#endif /* OPENSSL_NO_SRP */
+#ifndef OPENSSL_NO_ECDH
+
+ /* HMAC based TLS v1.2 ciphersuites from RFC5289 */
+
+ /* Cipher C023 */
+ {
+ 1,
+ TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256,
+ TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256,
+ SSL_kEECDH,
+ SSL_aECDSA,
+ SSL_AES128,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+
+ /* Cipher C024 */
+ {
+ 1,
+ TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384,
+ TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384,
+ SSL_kEECDH,
+ SSL_aECDSA,
+ SSL_AES256,
+ SSL_SHA384,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+
+ /* Cipher C025 */
+ {
+ 1,
+ TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256,
+ TLS1_CK_ECDH_ECDSA_WITH_AES_128_SHA256,
+ SSL_kECDHe,
+ SSL_aECDH,
+ SSL_AES128,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+
+ /* Cipher C026 */
+ {
+ 1,
+ TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384,
+ TLS1_CK_ECDH_ECDSA_WITH_AES_256_SHA384,
+ SSL_kECDHe,
+ SSL_aECDH,
+ SSL_AES256,
+ SSL_SHA384,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+
+ /* Cipher C027 */
+ {
+ 1,
+ TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256,
+ TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256,
+ SSL_kEECDH,
+ SSL_aRSA,
+ SSL_AES128,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+
+ /* Cipher C028 */
+ {
+ 1,
+ TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384,
+ TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384,
+ SSL_kEECDH,
+ SSL_aRSA,
+ SSL_AES256,
+ SSL_SHA384,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+
+ /* Cipher C029 */
+ {
+ 1,
+ TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256,
+ TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256,
+ SSL_kECDHr,
+ SSL_aECDH,
+ SSL_AES128,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+
+ /* Cipher C02A */
+ {
+ 1,
+ TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384,
+ TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384,
+ SSL_kECDHr,
+ SSL_aECDH,
+ SSL_AES256,
+ SSL_SHA384,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+
+ /* GCM based TLS v1.2 ciphersuites from RFC5289 */
+
+ /* Cipher C02B */
+ {
+ 1,
+ TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
+ TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
+ SSL_kEECDH,
+ SSL_aECDSA,
+ SSL_AES128GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+
+ /* Cipher C02C */
+ {
+ 1,
+ TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
+ TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
+ SSL_kEECDH,
+ SSL_aECDSA,
+ SSL_AES256GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+
+ /* Cipher C02D */
+ {
+ 1,
+ TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
+ TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
+ SSL_kECDHe,
+ SSL_aECDH,
+ SSL_AES128GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+
+ /* Cipher C02E */
+ {
+ 1,
+ TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
+ TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
+ SSL_kECDHe,
+ SSL_aECDH,
+ SSL_AES256GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+
+ /* Cipher C02F */
+ {
+ 1,
+ TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
+ TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
+ SSL_kEECDH,
+ SSL_aRSA,
+ SSL_AES128GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+
+ /* Cipher C030 */
+ {
+ 1,
+ TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
+ TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
+ SSL_kEECDH,
+ SSL_aRSA,
+ SSL_AES256GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+
+ /* Cipher C031 */
+ {
+ 1,
+ TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256,
+ TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256,
+ SSL_kECDHr,
+ SSL_aECDH,
+ SSL_AES128GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+
+ /* Cipher C032 */
+ {
+ 1,
+ TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384,
+ TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384,
+ SSL_kECDHr,
+ SSL_aECDH,
+ SSL_AES256GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+
#endif /* OPENSSL_NO_ECDH */
+#ifdef TEMP_GOST_TLS
+/* Cipher FF00 */
+ {
+ 1,
+ "GOST-MD5",
+ 0x0300ff00,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_eGOST2814789CNT,
+ SSL_MD5,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ "GOST-GOST94",
+ 0x0300ff01,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_eGOST2814789CNT,
+ SSL_GOST94,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256},
+ {
+ 1,
+ "GOST-GOST89MAC",
+ 0x0300ff02,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_eGOST2814789CNT,
+ SSL_GOST89MAC,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256},
+ {
+ 1,
+ "GOST-GOST89STREAM",
+ 0x0300ff03,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_eGOST2814789CNT,
+ SSL_GOST89MAC,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF | TLS1_STREAM_MAC,
+ 256,
+ 256},
+#endif
+
/* end of list */
};
SSL3_ENC_METHOD SSLv3_enc_data = {
ssl3_enc,
- ssl3_mac,
+ n_ssl3_mac,
ssl3_setup_key_block,
ssl3_generate_master_secret,
ssl3_change_cipher_state,
@@ -1605,6 +2896,9 @@
SSL3_MD_CLIENT_FINISHED_CONST, 4,
SSL3_MD_SERVER_FINISHED_CONST, 4,
ssl3_alert_code,
+ (int (*)(SSL *, unsigned char *, size_t, const char *,
+ size_t, const unsigned char *, size_t,
+ int use_context))ssl_undefined_function,
};
long ssl3_default_timeout(void)
@@ -1616,16 +2910,12 @@
return (60 * 60 * 2);
}
-IMPLEMENT_ssl3_meth_func(sslv3_base_method,
- ssl_undefined_function,
- ssl_undefined_function, ssl_bad_method)
-
int ssl3_num_ciphers(void)
{
return (SSL3_NUM_CIPHERS);
}
-SSL_CIPHER *ssl3_get_cipher(unsigned int u)
+const SSL_CIPHER *ssl3_get_cipher(unsigned int u)
{
if (u < SSL3_NUM_CIPHERS)
return (&(ssl3_ciphers[SSL3_NUM_CIPHERS - 1 - u]));
@@ -1649,13 +2939,14 @@
if ((s3 = OPENSSL_malloc(sizeof *s3)) == NULL)
goto err;
memset(s3, 0, sizeof *s3);
- EVP_MD_CTX_init(&s3->finish_dgst1);
- EVP_MD_CTX_init(&s3->finish_dgst2);
- pq_64bit_init(&(s3->rrec.seq_num));
- pq_64bit_init(&(s3->wrec.seq_num));
+ memset(s3->rrec.seq_num, 0, sizeof(s3->rrec.seq_num));
+ memset(s3->wrec.seq_num, 0, sizeof(s3->wrec.seq_num));
s->s3 = s3;
+#ifndef OPENSSL_NO_SRP
+ SSL_SRP_CTX_init(s);
+#endif
s->method->ssl_clear(s);
return (1);
err:
@@ -1667,11 +2958,18 @@
if (s == NULL)
return;
+#ifdef TLSEXT_TYPE_opaque_prf_input
+ if (s->s3->client_opaque_prf_input != NULL)
+ OPENSSL_free(s->s3->client_opaque_prf_input);
+ if (s->s3->server_opaque_prf_input != NULL)
+ OPENSSL_free(s->s3->server_opaque_prf_input);
+#endif
+
ssl3_cleanup_key_block(s);
if (s->s3->rbuf.buf != NULL)
- OPENSSL_free(s->s3->rbuf.buf);
+ ssl3_release_read_buffer(s);
if (s->s3->wbuf.buf != NULL)
- OPENSSL_free(s->s3->wbuf.buf);
+ ssl3_release_write_buffer(s);
if (s->s3->rrec.comp != NULL)
OPENSSL_free(s->s3->rrec.comp);
#ifndef OPENSSL_NO_DH
@@ -1685,11 +2983,14 @@
if (s->s3->tmp.ca_names != NULL)
sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free);
- EVP_MD_CTX_cleanup(&s->s3->finish_dgst1);
- EVP_MD_CTX_cleanup(&s->s3->finish_dgst2);
- pq_64bit_free(&(s->s3->rrec.seq_num));
- pq_64bit_free(&(s->s3->wrec.seq_num));
-
+ if (s->s3->handshake_buffer) {
+ BIO_free(s->s3->handshake_buffer);
+ }
+ if (s->s3->handshake_dgst)
+ ssl3_free_digest_list(s);
+#ifndef OPENSSL_NO_SRP
+ SSL_SRP_CTX_free(s);
+#endif
OPENSSL_cleanse(s->s3, sizeof *s->s3);
OPENSSL_free(s->s3);
s->s3 = NULL;
@@ -1699,7 +3000,17 @@
{
unsigned char *rp, *wp;
size_t rlen, wlen;
+ int init_extra;
+#ifdef TLSEXT_TYPE_opaque_prf_input
+ if (s->s3->client_opaque_prf_input != NULL)
+ OPENSSL_free(s->s3->client_opaque_prf_input);
+ s->s3->client_opaque_prf_input = NULL;
+ if (s->s3->server_opaque_prf_input != NULL)
+ OPENSSL_free(s->s3->server_opaque_prf_input);
+ s->s3->server_opaque_prf_input = NULL;
+#endif
+
ssl3_cleanup_key_block(s);
if (s->s3->tmp.ca_names != NULL)
sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free);
@@ -1730,15 +3041,20 @@
wp = s->s3->wbuf.buf;
rlen = s->s3->rbuf.len;
wlen = s->s3->wbuf.len;
-
- EVP_MD_CTX_cleanup(&s->s3->finish_dgst1);
- EVP_MD_CTX_cleanup(&s->s3->finish_dgst2);
-
+ init_extra = s->s3->init_extra;
+ if (s->s3->handshake_buffer) {
+ BIO_free(s->s3->handshake_buffer);
+ s->s3->handshake_buffer = NULL;
+ }
+ if (s->s3->handshake_dgst) {
+ ssl3_free_digest_list(s);
+ }
memset(s->s3, 0, sizeof *s->s3);
s->s3->rbuf.buf = rp;
s->s3->wbuf.buf = wp;
s->s3->rbuf.len = rlen;
s->s3->wbuf.len = wlen;
+ s->s3->init_extra = init_extra;
ssl_free_wbio_buffer(s);
@@ -1748,8 +3064,23 @@
s->s3->num_renegotiations = 0;
s->s3->in_read_app_data = 0;
s->version = SSL3_VERSION;
+
+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
+ if (s->next_proto_negotiated) {
+ OPENSSL_free(s->next_proto_negotiated);
+ s->next_proto_negotiated = NULL;
+ s->next_proto_negotiated_len = 0;
+ }
+#endif
}
+#ifndef OPENSSL_NO_SRP
+static char *MS_CALLBACK srp_password_from_info_cb(SSL *s, void *arg)
+{
+ return BUF_strdup(s->srp_ctx.info);
+}
+#endif
+
long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
{
int ret = 0;
@@ -1915,6 +3246,30 @@
ret = 1;
break;
+# ifdef TLSEXT_TYPE_opaque_prf_input
+ case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT:
+ if (larg > 12288) { /* actual internal limit is 2^16 for the
+ * complete hello message * (including the
+ * cert chain and everything) */
+ SSLerr(SSL_F_SSL3_CTRL, SSL_R_OPAQUE_PRF_INPUT_TOO_LONG);
+ break;
+ }
+ if (s->tlsext_opaque_prf_input != NULL)
+ OPENSSL_free(s->tlsext_opaque_prf_input);
+ if ((size_t)larg == 0)
+ s->tlsext_opaque_prf_input = OPENSSL_malloc(1); /* dummy byte
+ * just to get
+ * non-NULL */
+ else
+ s->tlsext_opaque_prf_input = BUF_memdup(parg, (size_t)larg);
+ if (s->tlsext_opaque_prf_input != NULL) {
+ s->tlsext_opaque_prf_input_len = (size_t)larg;
+ ret = 1;
+ } else
+ s->tlsext_opaque_prf_input_len = 0;
+ break;
+# endif
+
case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE:
s->tlsext_status_type = larg;
ret = 1;
@@ -1952,6 +3307,28 @@
ret = 1;
break;
+# ifndef OPENSSL_NO_HEARTBEATS
+ case SSL_CTRL_TLS_EXT_SEND_HEARTBEAT:
+ if (SSL_version(s) == DTLS1_VERSION
+ || SSL_version(s) == DTLS1_BAD_VER)
+ ret = dtls1_heartbeat(s);
+ else
+ ret = tls1_heartbeat(s);
+ break;
+
+ case SSL_CTRL_GET_TLS_EXT_HEARTBEAT_PENDING:
+ ret = s->tlsext_hb_pending;
+ break;
+
+ case SSL_CTRL_SET_TLS_EXT_HEARTBEAT_NO_REQUESTS:
+ if (larg)
+ s->tlsext_heartbeat |= SSL_TLSEXT_HB_DONT_RECV_REQUESTS;
+ else
+ s->tlsext_heartbeat &= ~SSL_TLSEXT_HB_DONT_RECV_REQUESTS;
+ ret = 1;
+ break;
+# endif
+
#endif /* !OPENSSL_NO_TLSEXT */
case SSL_CTRL_CHECK_PROTO_VERSION:
@@ -1967,9 +3344,13 @@
* highest protocol version).
*/
if (s->ctx->method->version == SSLv23_method()->version) {
-#if TLS_MAX_VERSION != TLS1_VERSION
-# error Code needs update for SSLv23_method() support beyond TLS1_VERSION.
+#if TLS_MAX_VERSION != TLS1_2_VERSION
+# error Code needs update for SSLv23_method() support beyond TLS1_2_VERSION.
#endif
+ if (!(s->options & SSL_OP_NO_TLSv1_2))
+ return s->version == TLS1_2_VERSION;
+ if (!(s->options & SSL_OP_NO_TLSv1_1))
+ return s->version == TLS1_1_VERSION;
if (!(s->options & SSL_OP_NO_TLSv1))
return s->version == TLS1_VERSION;
if (!(s->options & SSL_OP_NO_SSLv3))
@@ -2182,12 +3563,51 @@
return 1;
}
+# ifdef TLSEXT_TYPE_opaque_prf_input
+ case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG:
+ ctx->tlsext_opaque_prf_input_callback_arg = parg;
+ return 1;
+# endif
+
case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG:
ctx->tlsext_status_arg = parg;
return 1;
break;
+# ifndef OPENSSL_NO_SRP
+ case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME:
+ ctx->srp_ctx.srp_Mask |= SSL_kSRP;
+ if (ctx->srp_ctx.login != NULL)
+ OPENSSL_free(ctx->srp_ctx.login);
+ ctx->srp_ctx.login = NULL;
+ if (parg == NULL)
+ break;
+ if (strlen((const char *)parg) > 255
+ || strlen((const char *)parg) < 1) {
+ SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_SRP_USERNAME);
+ return 0;
+ }
+ if ((ctx->srp_ctx.login = BUF_strdup((char *)parg)) == NULL) {
+ SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_INTERNAL_ERROR);
+ return 0;
+ }
+ break;
+ case SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD:
+ ctx->srp_ctx.SRP_give_srp_client_pwd_callback =
+ srp_password_from_info_cb;
+ ctx->srp_ctx.info = parg;
+ break;
+ case SSL_CTRL_SET_SRP_ARG:
+ ctx->srp_ctx.srp_Mask |= SSL_kSRP;
+ ctx->srp_ctx.SRP_cb_arg = parg;
+ break;
+
+ case SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH:
+ ctx->srp_ctx.strength = larg;
+ break;
+# endif
#endif /* !OPENSSL_NO_TLSEXT */
+
/* A Thawte special :-) */
case SSL_CTRL_EXTRA_CHAIN_CERT:
if (ctx->extra_certs == NULL) {
@@ -2197,6 +3617,17 @@
sk_X509_push(ctx->extra_certs, (X509 *)parg);
break;
+ case SSL_CTRL_GET_EXTRA_CHAIN_CERTS:
+ *(STACK_OF(X509) **)parg = ctx->extra_certs;
+ break;
+
+ case SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS:
+ if (ctx->extra_certs) {
+ sk_X509_pop_free(ctx->extra_certs, X509_free);
+ ctx->extra_certs = NULL;
+ }
+ break;
+
default:
return (0);
}
@@ -2236,6 +3667,13 @@
ctx->tlsext_servername_callback = (int (*)(SSL *, int *, void *))fp;
break;
+# ifdef TLSEXT_TYPE_opaque_prf_input
+ case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB:
+ ctx->tlsext_opaque_prf_input_callback =
+ (int (*)(SSL *, void *, size_t, void *))fp;
+ break;
+# endif
+
case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB:
ctx->tlsext_status_cb = (int (*)(SSL *, void *))fp;
break;
@@ -2247,6 +3685,22 @@
HMAC_CTX *, int))fp;
break;
+# ifndef OPENSSL_NO_SRP
+ case SSL_CTRL_SET_SRP_VERIFY_PARAM_CB:
+ ctx->srp_ctx.srp_Mask |= SSL_kSRP;
+ ctx->srp_ctx.SRP_verify_param_callback = (int (*)(SSL *, void *))fp;
+ break;
+ case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB:
+ ctx->srp_ctx.srp_Mask |= SSL_kSRP;
+ ctx->srp_ctx.TLS_ext_srp_username_callback =
+ (int (*)(SSL *, int *, void *))fp;
+ break;
+ case SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB:
+ ctx->srp_ctx.srp_Mask |= SSL_kSRP;
+ ctx->srp_ctx.SRP_give_srp_client_pwd_callback =
+ (char *(*)(SSL *, void *))fp;
+ break;
+# endif
#endif
default:
@@ -2259,17 +3713,19 @@
* This function needs to check if the ciphers required are actually
* available
*/
-SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p)
+const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p)
{
- SSL_CIPHER c, *cp;
+ SSL_CIPHER c;
+ const SSL_CIPHER *cp;
unsigned long id;
id = 0x03000000L | ((unsigned long)p[0] << 8L) | (unsigned long)p[1];
c.id = id;
- cp = (SSL_CIPHER *)OBJ_bsearch((char *)&c,
- (char *)ssl3_ciphers,
- SSL3_NUM_CIPHERS, sizeof(SSL_CIPHER),
- FP_ICC ssl_cipher_id_cmp);
+ cp = OBJ_bsearch_ssl_cipher_id(&c, ssl3_ciphers, SSL3_NUM_CIPHERS);
+#ifdef DEBUG_PRINT_UNKNOWN_CIPHERSUITES
+ if (cp == NULL)
+ fprintf(stderr, "Unknown cipher ID %x\n", (p[0] << 8) | p[1]);
+#endif
if (cp == NULL || cp->valid == 0)
return NULL;
else
@@ -2295,10 +3751,14 @@
{
SSL_CIPHER *c, *ret = NULL;
STACK_OF(SSL_CIPHER) *prio, *allow;
- int i, j, ok;
-
+ int i, ii, ok;
+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_EC)
+ unsigned int j;
+ int ec_ok, ec_nid;
+ unsigned char ec_search1 = 0, ec_search2 = 0;
+#endif
CERT *cert;
- unsigned long alg, mask, emask;
+ unsigned long alg_k, alg_a, mask_k, mask_a, emask_k, emask_a;
/* Let's see which ciphers we can support */
cert = s->cert;
@@ -2315,15 +3775,17 @@
#endif
#ifdef CIPHER_DEBUG
- printf("Server has %d from %p:\n", sk_SSL_CIPHER_num(srvr), srvr);
+ fprintf(stderr, "Server has %d from %p:\n", sk_SSL_CIPHER_num(srvr),
+ (void *)srvr);
for (i = 0; i < sk_SSL_CIPHER_num(srvr); ++i) {
c = sk_SSL_CIPHER_value(srvr, i);
- printf("%p:%s\n", c, c->name);
+ fprintf(stderr, "%p:%s\n", (void *)c, c->name);
}
- printf("Client sent %d from %p:\n", sk_SSL_CIPHER_num(clnt), clnt);
+ fprintf(stderr, "Client sent %d from %p:\n", sk_SSL_CIPHER_num(clnt),
+ (void *)clnt);
for (i = 0; i < sk_SSL_CIPHER_num(clnt); ++i) {
c = sk_SSL_CIPHER_value(clnt, i);
- printf("%p:%s\n", c, c->name);
+ fprintf(stderr, "%p:%s\n", (void *)c, c->name);
}
#endif
@@ -2338,47 +3800,268 @@
for (i = 0; i < sk_SSL_CIPHER_num(prio); i++) {
c = sk_SSL_CIPHER_value(prio, i);
+ /* Skip TLS v1.2 only ciphersuites if lower than v1.2 */
+ if ((c->algorithm_ssl & SSL_TLSV1_2) &&
+ (TLS1_get_version(s) < TLS1_2_VERSION))
+ continue;
+
ssl_set_cert_masks(cert, c);
- mask = cert->mask;
- emask = cert->export_mask;
+ mask_k = cert->mask_k;
+ mask_a = cert->mask_a;
+ emask_k = cert->export_mask_k;
+ emask_a = cert->export_mask_a;
+#ifndef OPENSSL_NO_SRP
+ if (s->srp_ctx.srp_Mask & SSL_kSRP) {
+ mask_k |= SSL_kSRP;
+ emask_k |= SSL_kSRP;
+ mask_a |= SSL_aSRP;
+ emask_a |= SSL_aSRP;
+ }
+#endif
#ifdef KSSL_DEBUG
- printf("ssl3_choose_cipher %d alg= %lx\n", i, c->algorithms);
+ /*
+ * fprintf(stderr,"ssl3_choose_cipher %d alg= %lx\n",
+ * i,c->algorithms);
+ */
#endif /* KSSL_DEBUG */
- alg = c->algorithms & (SSL_MKEY_MASK | SSL_AUTH_MASK);
+ alg_k = c->algorithm_mkey;
+ alg_a = c->algorithm_auth;
+
#ifndef OPENSSL_NO_KRB5
- if (alg & SSL_KRB5) {
+ if (alg_k & SSL_kKRB5) {
if (!kssl_keytab_is_available(s->kssl_ctx))
continue;
}
#endif /* OPENSSL_NO_KRB5 */
+#ifndef OPENSSL_NO_PSK
+ /* with PSK there must be server callback set */
+ if ((alg_k & SSL_kPSK) && s->psk_server_callback == NULL)
+ continue;
+#endif /* OPENSSL_NO_PSK */
+
if (SSL_C_IS_EXPORT(c)) {
- ok = ((alg & emask) == alg) ? 1 : 0;
+ ok = (alg_k & emask_k) && (alg_a & emask_a);
#ifdef CIPHER_DEBUG
- printf("%d:[%08lX:%08lX]%p:%s (export)\n", ok, alg, emask,
- c, c->name);
+ fprintf(stderr, "%d:[%08lX:%08lX:%08lX:%08lX]%p:%s (export)\n",
+ ok, alg_k, alg_a, emask_k, emask_a, (void *)c, c->name);
#endif
} else {
- ok = ((alg & mask) == alg) ? 1 : 0;
+ ok = (alg_k & mask_k) && (alg_a & mask_a);
#ifdef CIPHER_DEBUG
- printf("%d:[%08lX:%08lX]%p:%s\n", ok, alg, mask, c, c->name);
+ fprintf(stderr, "%d:[%08lX:%08lX:%08lX:%08lX]%p:%s\n", ok, alg_k,
+ alg_a, mask_k, mask_a, (void *)c, c->name);
#endif
}
+#ifndef OPENSSL_NO_TLSEXT
+# ifndef OPENSSL_NO_EC
+ if (
+ /*
+ * if we are considering an ECC cipher suite that uses our
+ * certificate
+ */
+ (alg_a & SSL_aECDSA || alg_a & SSL_aECDH)
+ /* and we have an ECC certificate */
+ && (s->cert->pkeys[SSL_PKEY_ECC].x509 != NULL)
+ /*
+ * and the client specified a Supported Point Formats
+ * extension
+ */
+ && ((s->session->tlsext_ecpointformatlist_length > 0)
+ && (s->session->tlsext_ecpointformatlist != NULL))
+ /* and our certificate's point is compressed */
+ && ((s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info != NULL)
+ && (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key !=
+ NULL)
+ && (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->
+ key->public_key != NULL)
+ && (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->
+ key->public_key->data != NULL)
+ &&
+ ((*
+ (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->
+ key->public_key->data) == POINT_CONVERSION_COMPRESSED)
+ ||
+ (*
+ (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->
+ key->public_key->data) ==
+ POINT_CONVERSION_COMPRESSED + 1)
+ )
+ )
+ ) {
+ ec_ok = 0;
+ /*
+ * if our certificate's curve is over a field type that the
+ * client does not support then do not allow this cipher suite to
+ * be negotiated
+ */
+ if ((s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec != NULL)
+ && (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group !=
+ NULL)
+ && (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->
+ group->meth != NULL)
+ &&
+ (EC_METHOD_get_field_type
+ (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->
+ group->meth) == NID_X9_62_prime_field)
+ ) {
+ for (j = 0; j < s->session->tlsext_ecpointformatlist_length;
+ j++) {
+ if (s->session->tlsext_ecpointformatlist[j] ==
+ TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime) {
+ ec_ok = 1;
+ break;
+ }
+ }
+ } else
+ if (EC_METHOD_get_field_type
+ (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->
+ group->meth) == NID_X9_62_characteristic_two_field) {
+ for (j = 0; j < s->session->tlsext_ecpointformatlist_length;
+ j++) {
+ if (s->session->tlsext_ecpointformatlist[j] ==
+ TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2) {
+ ec_ok = 1;
+ break;
+ }
+ }
+ }
+ ok = ok && ec_ok;
+ }
+ if (
+ /*
+ * if we are considering an ECC cipher suite that uses our
+ * certificate
+ */
+ (alg_a & SSL_aECDSA || alg_a & SSL_aECDH)
+ /* and we have an ECC certificate */
+ && (s->cert->pkeys[SSL_PKEY_ECC].x509 != NULL)
+ /*
+ * and the client specified an EllipticCurves extension
+ */
+ && ((s->session->tlsext_ellipticcurvelist_length > 0)
+ && (s->session->tlsext_ellipticcurvelist != NULL))
+ ) {
+ ec_ok = 0;
+ if ((s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec != NULL)
+ && (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group !=
+ NULL)
+ ) {
+ ec_nid =
+ EC_GROUP_get_curve_name(s->cert->
+ pkeys[SSL_PKEY_ECC].privatekey->
+ pkey.ec->group);
+ if ((ec_nid == 0)
+ && (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.
+ ec->group->meth != NULL)
+ ) {
+ if (EC_METHOD_get_field_type
+ (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.
+ ec->group->meth) == NID_X9_62_prime_field) {
+ ec_search1 = 0xFF;
+ ec_search2 = 0x01;
+ } else
+ if (EC_METHOD_get_field_type
+ (s->cert->pkeys[SSL_PKEY_ECC].privatekey->
+ pkey.ec->group->meth) ==
+ NID_X9_62_characteristic_two_field) {
+ ec_search1 = 0xFF;
+ ec_search2 = 0x02;
+ }
+ } else {
+ ec_search1 = 0x00;
+ ec_search2 = tls1_ec_nid2curve_id(ec_nid);
+ }
+ if ((ec_search1 != 0) || (ec_search2 != 0)) {
+ for (j = 0;
+ j < s->session->tlsext_ellipticcurvelist_length / 2;
+ j++) {
+ if ((s->session->tlsext_ellipticcurvelist[2 * j] ==
+ ec_search1)
+ && (s->session->tlsext_ellipticcurvelist[2 * j +
+ 1] ==
+ ec_search2)) {
+ ec_ok = 1;
+ break;
+ }
+ }
+ }
+ }
+ ok = ok && ec_ok;
+ }
+# ifndef OPENSSL_NO_ECDH
+ if (
+ /*
+ * if we are considering an ECC cipher suite that uses an
+ * ephemeral EC key
+ */
+ (alg_k & SSL_kEECDH)
+ /* and we have an ephemeral EC key */
+ && (s->cert->ecdh_tmp != NULL)
+ /*
+ * and the client specified an EllipticCurves extension
+ */
+ && ((s->session->tlsext_ellipticcurvelist_length > 0)
+ && (s->session->tlsext_ellipticcurvelist != NULL))
+ ) {
+ ec_ok = 0;
+ if (s->cert->ecdh_tmp->group != NULL) {
+ ec_nid = EC_GROUP_get_curve_name(s->cert->ecdh_tmp->group);
+ if ((ec_nid == 0)
+ && (s->cert->ecdh_tmp->group->meth != NULL)
+ ) {
+ if (EC_METHOD_get_field_type
+ (s->cert->ecdh_tmp->group->meth) ==
+ NID_X9_62_prime_field) {
+ ec_search1 = 0xFF;
+ ec_search2 = 0x01;
+ } else
+ if (EC_METHOD_get_field_type
+ (s->cert->ecdh_tmp->group->meth) ==
+ NID_X9_62_characteristic_two_field) {
+ ec_search1 = 0xFF;
+ ec_search2 = 0x02;
+ }
+ } else {
+ ec_search1 = 0x00;
+ ec_search2 = tls1_ec_nid2curve_id(ec_nid);
+ }
+ if ((ec_search1 != 0) || (ec_search2 != 0)) {
+ for (j = 0;
+ j < s->session->tlsext_ellipticcurvelist_length / 2;
+ j++) {
+ if ((s->session->tlsext_ellipticcurvelist[2 * j] ==
+ ec_search1)
+ && (s->session->tlsext_ellipticcurvelist[2 * j +
+ 1] ==
+ ec_search2)) {
+ ec_ok = 1;
+ break;
+ }
+ }
+ }
+ }
+ ok = ok && ec_ok;
+ }
+# endif /* OPENSSL_NO_ECDH */
+# endif /* OPENSSL_NO_EC */
+#endif /* OPENSSL_NO_TLSEXT */
+
if (!ok)
continue;
- j = sk_SSL_CIPHER_find(allow, c);
- if (j >= 0) {
+ ii = sk_SSL_CIPHER_find(allow, c);
+ if (ii >= 0) {
#if !defined(OPENSSL_NO_EC) && !defined(OPENSSL_NO_TLSEXT)
- if ((alg & SSL_kECDHE) && (alg & SSL_aECDSA)
+ if ((alg_k & SSL_kEECDH) && (alg_a & SSL_aECDSA)
&& s->s3->is_probably_safari) {
if (!ret)
- ret = sk_SSL_CIPHER_value(allow, j);
+ ret = sk_SSL_CIPHER_value(allow, ii);
continue;
}
#endif
- ret = sk_SSL_CIPHER_value(allow, j);
+ ret = sk_SSL_CIPHER_value(allow, ii);
break;
}
}
@@ -2388,12 +4071,22 @@
int ssl3_get_req_cert_type(SSL *s, unsigned char *p)
{
int ret = 0;
- unsigned long alg;
+ unsigned long alg_k;
- alg = s->s3->tmp.new_cipher->algorithms;
+ alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
+#ifndef OPENSSL_NO_GOST
+ if (s->version >= TLS1_VERSION) {
+ if (alg_k & SSL_kGOST) {
+ p[ret++] = TLS_CT_GOST94_SIGN;
+ p[ret++] = TLS_CT_GOST01_SIGN;
+ return (ret);
+ }
+ }
+#endif
+
#ifndef OPENSSL_NO_DH
- if (alg & (SSL_kDHr | SSL_kEDH)) {
+ if (alg_k & (SSL_kDHr | SSL_kEDH)) {
# ifndef OPENSSL_NO_RSA
p[ret++] = SSL3_CT_RSA_FIXED_DH;
# endif
@@ -2402,7 +4095,7 @@
# endif
}
if ((s->version == SSL3_VERSION) &&
- (alg & (SSL_kEDH | SSL_kDHd | SSL_kDHr))) {
+ (alg_k & (SSL_kEDH | SSL_kDHd | SSL_kDHr))) {
# ifndef OPENSSL_NO_RSA
p[ret++] = SSL3_CT_RSA_EPHEMERAL_DH;
# endif
@@ -2418,11 +4111,7 @@
p[ret++] = SSL3_CT_DSS_SIGN;
#endif
#ifndef OPENSSL_NO_ECDH
- /*
- * We should ask for fixed ECDH certificates only for SSL_kECDH (and not
- * SSL_kECDHE)
- */
- if ((alg & SSL_kECDH) && (s->version >= TLS1_VERSION)) {
+ if ((alg_k & (SSL_kECDHr | SSL_kECDHe)) && (s->version >= TLS1_VERSION)) {
p[ret++] = TLS_CT_RSA_FIXED_ECDH;
p[ret++] = TLS_CT_ECDSA_FIXED_ECDH;
}
@@ -2431,7 +4120,7 @@
#ifndef OPENSSL_NO_ECDSA
/*
* ECDSA certs can be used with RSA cipher suites as well so we don't
- * need to check for SSL_kECDH or SSL_kECDHE
+ * need to check for SSL_kECDH or SSL_kEECDH
*/
if (s->version >= TLS1_VERSION) {
p[ret++] = TLS_CT_ECDSA_SIGN;
@@ -2619,3 +4308,16 @@
}
return (ret);
}
+
+/*
+ * If we are using TLS v1.2 or later and default SHA1+MD5 algorithms switch
+ * to new SHA256 PRF and handshake macs
+ */
+long ssl_get_algorithm2(SSL *s)
+{
+ long alg2 = s->s3->tmp.new_cipher->algorithm2;
+ if (s->method->version == TLS1_2_VERSION &&
+ alg2 == (SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF))
+ return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256;
+ return alg2;
+}
Modified: trunk/crypto/openssl/ssl/s3_meth.c
===================================================================
--- trunk/crypto/openssl/ssl/s3_meth.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/ssl/s3_meth.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -60,8 +60,8 @@
#include <openssl/objects.h>
#include "ssl_locl.h"
-static SSL_METHOD *ssl3_get_method(int ver);
-static SSL_METHOD *ssl3_get_method(int ver)
+#ifndef OPENSSL_NO_SSL3_METHOD
+static const SSL_METHOD *ssl3_get_method(int ver)
{
if (ver == SSL3_VERSION)
return (SSLv3_method());
@@ -71,3 +71,4 @@
IMPLEMENT_ssl3_meth_func(SSLv3_method,
ssl3_accept, ssl3_connect, ssl3_get_method)
+#endif
Modified: trunk/crypto/openssl/ssl/s3_pkt.c
===================================================================
--- trunk/crypto/openssl/ssl/s3_pkt.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/ssl/s3_pkt.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -116,6 +116,7 @@
#include "ssl_locl.h"
#include <openssl/evp.h>
#include <openssl/buffer.h>
+#include <openssl/rand.h>
static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
unsigned int len, int create_empty_fragment);
@@ -130,13 +131,49 @@
* s->read_ahead is set, 'max' bytes may be stored in rbuf [plus
* s->packet_length bytes if extend == 1].)
*/
- int i, off, newb;
+ int i, len, left;
+ long align = 0;
+ unsigned char *pkt;
+ SSL3_BUFFER *rb;
+ if (n <= 0)
+ return n;
+
+ rb = &(s->s3->rbuf);
+ if (rb->buf == NULL)
+ if (!ssl3_setup_read_buffer(s))
+ return -1;
+
+ left = rb->left;
+#if defined(SSL3_ALIGN_PAYLOAD) && SSL3_ALIGN_PAYLOAD!=0
+ align = (long)rb->buf + SSL3_RT_HEADER_LENGTH;
+ align = (-align) & (SSL3_ALIGN_PAYLOAD - 1);
+#endif
+
if (!extend) {
/* start with empty packet ... */
- if (s->s3->rbuf.left == 0)
- s->s3->rbuf.offset = 0;
- s->packet = s->s3->rbuf.buf + s->s3->rbuf.offset;
+ if (left == 0)
+ rb->offset = align;
+ else if (align != 0 && left >= SSL3_RT_HEADER_LENGTH) {
+ /*
+ * check if next packet length is large enough to justify payload
+ * alignment...
+ */
+ pkt = rb->buf + rb->offset;
+ if (pkt[0] == SSL3_RT_APPLICATION_DATA
+ && (pkt[3] << 8 | pkt[4]) >= 128) {
+ /*
+ * Note that even if packet is corrupted and its length field
+ * is insane, we can only be led to wrong decision about
+ * whether memmove will occur or not. Header values has no
+ * effect on memmove arguments and therefore no buffer
+ * overrun can be triggered.
+ */
+ memmove(rb->buf + align, pkt, left);
+ rb->offset = align;
+ }
+ }
+ s->packet = rb->buf + rb->offset;
s->packet_length = 0;
/* ... now we can act as if 'extend' was set */
}
@@ -146,52 +183,55 @@
* operation returns the whole packet at once (as long as it fits into
* the buffer).
*/
- if (SSL_version(s) == DTLS1_VERSION) {
- if (s->s3->rbuf.left == 0 && extend)
+ if (SSL_version(s) == DTLS1_VERSION || SSL_version(s) == DTLS1_BAD_VER) {
+ if (left == 0 && extend)
return 0;
- if (s->s3->rbuf.left > 0 && n > s->s3->rbuf.left)
- n = s->s3->rbuf.left;
+ if (left > 0 && n > left)
+ n = left;
}
/* if there is enough in the buffer from a previous read, take some */
- if (s->s3->rbuf.left >= (int)n) {
+ if (left >= n) {
s->packet_length += n;
- s->s3->rbuf.left -= n;
- s->s3->rbuf.offset += n;
+ rb->left = left - n;
+ rb->offset += n;
return (n);
}
/* else we need to read more data */
- if (!s->read_ahead)
- max = n;
- {
- /* avoid buffer overflow */
- int max_max = s->s3->rbuf.len - s->packet_length;
- if (max > max_max)
- max = max_max;
+ len = s->packet_length;
+ pkt = rb->buf + align;
+ /*
+ * Move any available bytes to front of buffer: 'len' bytes already
+ * pointed to by 'packet', 'left' extra ones at the end
+ */
+ if (s->packet != pkt) { /* len > 0 */
+ memmove(pkt, s->packet, len + left);
+ s->packet = pkt;
+ rb->offset = len + align;
}
- if (n > max) { /* does not happen */
+
+ if (n > (int)(rb->len - rb->offset)) { /* does not happen */
SSLerr(SSL_F_SSL3_READ_N, ERR_R_INTERNAL_ERROR);
return -1;
}
- off = s->packet_length;
- newb = s->s3->rbuf.left;
- /*
- * Move any available bytes to front of buffer: 'off' bytes already
- * pointed to by 'packet', 'newb' extra ones at the end
- */
- if (s->packet != s->s3->rbuf.buf) {
- /* off > 0 */
- memmove(s->s3->rbuf.buf, s->packet, off + newb);
- s->packet = s->s3->rbuf.buf;
+ /* We always act like read_ahead is set for DTLS */
+ if (!s->read_ahead && !SSL_IS_DTLS(s))
+ /* ignore max parameter */
+ max = n;
+ else {
+ if (max < n)
+ max = n;
+ if (max > (int)(rb->len - rb->offset))
+ max = rb->len - rb->offset;
}
- while (newb < n) {
+ while (left < n) {
/*
- * Now we have off+newb bytes at the front of s->s3->rbuf.buf and
- * need to read in more until we have off+n (up to off+max if
+ * Now we have len+left bytes at the front of s->s3->rbuf.buf and
+ * need to read in more until we have len+n (up to len+max if
* possible)
*/
@@ -198,7 +238,7 @@
clear_sys_error();
if (s->rbio != NULL) {
s->rwstate = SSL_READING;
- i = BIO_read(s->rbio, &(s->s3->rbuf.buf[off + newb]), max - newb);
+ i = BIO_read(s->rbio, pkt + len + left, max - left);
} else {
SSLerr(SSL_F_SSL3_READ_N, SSL_R_READ_BIO_NOT_SET);
i = -1;
@@ -205,24 +245,30 @@
}
if (i <= 0) {
- s->s3->rbuf.left = newb;
+ rb->left = left;
+ if (s->mode & SSL_MODE_RELEASE_BUFFERS &&
+ SSL_version(s) != DTLS1_VERSION
+ && SSL_version(s) != DTLS1_BAD_VER)
+ if (len + left == 0)
+ ssl3_release_read_buffer(s);
return (i);
}
- newb += i;
+ left += i;
/*
* reads should *never* span multiple packets for DTLS because the
* underlying transport protocol is message oriented as opposed to
* byte oriented as in the TLS case.
*/
- if (SSL_version(s) == DTLS1_VERSION) {
- if (n > newb)
- n = newb; /* makes the while condition false */
+ if (SSL_version(s) == DTLS1_VERSION
+ || SSL_version(s) == DTLS1_BAD_VER) {
+ if (n > left)
+ n = left; /* makes the while condition false */
}
}
/* done reading, now the book-keeping */
- s->s3->rbuf.offset = off + n;
- s->s3->rbuf.left = newb - n;
+ rb->offset += n;
+ rb->left = left - n;
s->packet_length += n;
s->rwstate = SSL_NOTHING;
return (n);
@@ -266,11 +312,10 @@
extra = SSL3_RT_MAX_EXTRA;
else
extra = 0;
- if (extra != s->s3->rbuf.len - SSL3_RT_MAX_PACKET_SIZE) {
+ if (extra && !s->s3->init_extra) {
/*
- * actually likely an application error:
- * SLS_OP_MICROSOFT_BIG_SSLV3_BUFFER set after ssl3_setup_buffers()
- * was done
+ * An application error: SLS_OP_MICROSOFT_BIG_SSLV3_BUFFER set after
+ * ssl3_setup_buffers() was done
*/
SSLerr(SSL_F_SSL3_GET_RECORD, ERR_R_INTERNAL_ERROR);
return -1;
@@ -293,16 +338,31 @@
ssl_minor = *(p++);
version = (ssl_major << 8) | ssl_minor;
n2s(p, rr->length);
+#if 0
+ fprintf(stderr, "Record type=%d, Length=%d\n", rr->type, rr->length);
+#endif
/* Lets check version */
if (!s->first_packet) {
if (version != s->version) {
SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_WRONG_VERSION_NUMBER);
- if ((s->version & 0xFF00) == (version & 0xFF00))
+ if ((s->version & 0xFF00) == (version & 0xFF00)
+ && !s->enc_write_ctx && !s->write_hash) {
+ if (rr->type == SSL3_RT_ALERT) {
+ /*
+ * The record is using an incorrect version number, but
+ * what we've got appears to be an alert. We haven't
+ * read the body yet to check whether its a fatal or
+ * not - but chances are it is. We probably shouldn't
+ * send a fatal alert back. We'll just end.
+ */
+ goto err;
+ }
/*
* Send back error using their minor version number :-)
*/
s->version = (unsigned short)version;
+ }
al = SSL_AD_PROTOCOL_VERSION;
goto f_err;
}
@@ -313,7 +373,7 @@
goto err;
}
- if (rr->length > SSL3_RT_MAX_ENCRYPTED_LENGTH + extra) {
+ if (rr->length > s->s3->rbuf.len - SSL3_RT_HEADER_LENGTH) {
al = SSL_AD_RECORD_OVERFLOW;
SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_PACKET_LENGTH_TOO_LONG);
goto f_err;
@@ -389,11 +449,12 @@
#endif
/* r->length is now the compressed data plus mac */
- if ((sess != NULL) && (s->enc_read_ctx != NULL) && (s->read_hash != NULL)) {
+ if ((sess != NULL) &&
+ (s->enc_read_ctx != NULL) && (EVP_MD_CTX_md(s->read_hash) != NULL)) {
/* s->read_hash != NULL => mac_size != -1 */
unsigned char *mac = NULL;
unsigned char mac_tmp[EVP_MAX_MD_SIZE];
- mac_size = EVP_MD_size(s->read_hash);
+ mac_size = EVP_MD_CTX_size(s->read_hash);
OPENSSL_assert(mac_size <= EVP_MAX_MD_SIZE);
/*
@@ -501,6 +562,10 @@
}
goto again;
}
+#if 0
+ fprintf(stderr, "Ultimate Record type=%d, Length=%d\n", rr->type,
+ rr->length);
+#endif
return (1);
@@ -590,8 +655,8 @@
n = (len - tot);
for (;;) {
- if (n > SSL3_RT_MAX_PLAIN_LENGTH)
- nw = SSL3_RT_MAX_PLAIN_LENGTH;
+ if (n > s->max_send_fragment)
+ nw = s->max_send_fragment;
else
nw = n;
@@ -624,8 +689,10 @@
unsigned char *p, *plen;
int i, mac_size, clear = 0;
int prefix_len = 0;
+ int eivlen;
+ long align = 0;
SSL3_RECORD *wr;
- SSL3_BUFFER *wb;
+ SSL3_BUFFER *wb = &(s->s3->wbuf);
SSL_SESSION *sess;
/*
@@ -632,7 +699,7 @@
* first check if there is a SSL3_BUFFER still being written out. This
* will happen with non blocking IO
*/
- if (s->s3->wbuf.left != 0)
+ if (wb->left != 0)
return (ssl3_write_pending(s, type, buf, len));
/* If we have an alert to send, lets send it */
@@ -643,21 +710,30 @@
/* if it went, fall through and send more stuff */
}
+ if (wb->buf == NULL)
+ if (!ssl3_setup_write_buffer(s))
+ return -1;
+
if (len == 0 && !create_empty_fragment)
return 0;
wr = &(s->s3->wrec);
- wb = &(s->s3->wbuf);
sess = s->session;
if ((sess == NULL) ||
- (s->enc_write_ctx == NULL) || (s->write_hash == NULL))
+ (s->enc_write_ctx == NULL) ||
+ (EVP_MD_CTX_md(s->write_hash) == NULL)) {
+#if 1
+ clear = s->enc_write_ctx ? 0 : 1; /* must be AEAD cipher */
+#else
clear = 1;
-
- if (clear)
+#endif
mac_size = 0;
- else
- mac_size = EVP_MD_size(s->write_hash);
+ } else {
+ mac_size = EVP_MD_CTX_size(s->write_hash);
+ if (mac_size < 0)
+ goto err;
+ }
/*
* 'create_empty_fragment' is true only when this function calls itself
@@ -679,8 +755,9 @@
if (prefix_len <= 0)
goto err;
- if (s->s3->wbuf.len <
- (size_t)prefix_len + SSL3_RT_MAX_PACKET_SIZE) {
+ if (prefix_len >
+ (SSL3_RT_HEADER_LENGTH + SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD))
+ {
/* insufficient space */
SSLerr(SSL_F_DO_SSL3_WRITE, ERR_R_INTERNAL_ERROR);
goto err;
@@ -690,7 +767,28 @@
s->s3->empty_fragment_done = 1;
}
- p = wb->buf + prefix_len;
+ if (create_empty_fragment) {
+#if defined(SSL3_ALIGN_PAYLOAD) && SSL3_ALIGN_PAYLOAD!=0
+ /*
+ * extra fragment would be couple of cipher blocks, which would be
+ * multiple of SSL3_ALIGN_PAYLOAD, so if we want to align the real
+ * payload, then we can just pretent we simply have two headers.
+ */
+ align = (long)wb->buf + 2 * SSL3_RT_HEADER_LENGTH;
+ align = (-align) & (SSL3_ALIGN_PAYLOAD - 1);
+#endif
+ p = wb->buf + align;
+ wb->offset = align;
+ } else if (prefix_len) {
+ p = wb->buf + wb->offset + prefix_len;
+ } else {
+#if defined(SSL3_ALIGN_PAYLOAD) && SSL3_ALIGN_PAYLOAD!=0
+ align = (long)wb->buf + SSL3_RT_HEADER_LENGTH;
+ align = (-align) & (SSL3_ALIGN_PAYLOAD - 1);
+#endif
+ p = wb->buf + align;
+ wb->offset = align;
+ }
/* write the header */
@@ -698,14 +796,37 @@
wr->type = type;
*(p++) = (s->version >> 8);
- *(p++) = s->version & 0xff;
+ /*
+ * Some servers hang if iniatial client hello is larger than 256 bytes
+ * and record version number > TLS 1.0
+ */
+ if (s->state == SSL3_ST_CW_CLNT_HELLO_B
+ && !s->renegotiate && TLS1_get_version(s) > TLS1_VERSION)
+ *(p++) = 0x1;
+ else
+ *(p++) = s->version & 0xff;
/* field where we are to write out packet length */
plen = p;
p += 2;
+ /* Explicit IV length, block ciphers and TLS version 1.1 or later */
+ if (s->enc_write_ctx && s->version >= TLS1_1_VERSION) {
+ int mode = EVP_CIPHER_CTX_mode(s->enc_write_ctx);
+ if (mode == EVP_CIPH_CBC_MODE) {
+ eivlen = EVP_CIPHER_CTX_iv_length(s->enc_write_ctx);
+ if (eivlen <= 1)
+ eivlen = 0;
+ }
+ /* Need explicit part of IV for GCM mode */
+ else if (mode == EVP_CIPH_GCM_MODE)
+ eivlen = EVP_GCM_TLS_EXPLICIT_IV_LEN;
+ else
+ eivlen = 0;
+ } else
+ eivlen = 0;
/* lets setup the record stuff. */
- wr->data = p;
+ wr->data = p + eivlen;
wr->length = (int)len;
wr->input = (unsigned char *)buf;
@@ -731,15 +852,24 @@
*/
if (mac_size != 0) {
- s->method->ssl3_enc->mac(s, &(p[wr->length]), 1);
+ if (s->method->ssl3_enc->mac(s, &(p[wr->length + eivlen]), 1) < 0)
+ goto err;
wr->length += mac_size;
- wr->input = p;
- wr->data = p;
}
- /* ssl3_enc can only have an error on read */
- s->method->ssl3_enc->enc(s, 1);
+ wr->input = p;
+ wr->data = p;
+ if (eivlen) {
+ /*
+ * if (RAND_pseudo_bytes(p, eivlen) <= 0) goto err;
+ */
+ wr->length += eivlen;
+ }
+
+ if (s->method->ssl3_enc->enc(s, 1) < 1)
+ goto err;
+
/* record length after mac and block padding */
s2n(wr->length, plen);
@@ -760,7 +890,6 @@
/* now let's set up wb */
wb->left = prefix_len + wr->length;
- wb->offset = 0;
/*
* memorize arguments so that ssl3_write_pending can detect bad write
@@ -782,6 +911,7 @@
unsigned int len)
{
int i;
+ SSL3_BUFFER *wb = &(s->s3->wbuf);
/* XXXX */
if ((s->s3->wpend_tot > (int)len)
@@ -797,14 +927,19 @@
if (s->wbio != NULL) {
s->rwstate = SSL_WRITING;
i = BIO_write(s->wbio,
- (char *)&(s->s3->wbuf.buf[s->s3->wbuf.offset]),
- (unsigned int)s->s3->wbuf.left);
+ (char *)&(wb->buf[wb->offset]),
+ (unsigned int)wb->left);
} else {
SSLerr(SSL_F_SSL3_WRITE_PENDING, SSL_R_BIO_NOT_SET);
i = -1;
}
- if (i == s->s3->wbuf.left) {
- s->s3->wbuf.left = 0;
+ if (i == wb->left) {
+ wb->left = 0;
+ wb->offset += i;
+ if (s->mode & SSL_MODE_RELEASE_BUFFERS &&
+ SSL_version(s) != DTLS1_VERSION
+ && SSL_version(s) != DTLS1_BAD_VER)
+ ssl3_release_write_buffer(s);
s->rwstate = SSL_NOTHING;
return (s->s3->wpend_ret);
} else if (i <= 0) {
@@ -813,12 +948,12 @@
* For DTLS, just drop it. That's kind of the whole point in
* using a datagram service
*/
- s->s3->wbuf.left = 0;
+ wb->left = 0;
}
return (i);
}
- s->s3->wbuf.offset += i;
- s->s3->wbuf.left -= i;
+ wb->offset += i;
+ wb->left -= i;
}
}
@@ -858,7 +993,7 @@
void (*cb) (const SSL *ssl, int type2, int val) = NULL;
if (s->s3->rbuf.buf == NULL) /* Not initialized yet */
- if (!ssl3_setup_buffers(s))
+ if (!ssl3_setup_read_buffer(s))
return (-1);
if ((type && (type != SSL3_RT_APPLICATION_DATA)
@@ -970,6 +1105,9 @@
if (rr->length == 0) {
s->rstate = SSL_ST_READ_HEADER;
rr->off = 0;
+ if (s->mode & SSL_MODE_RELEASE_BUFFERS
+ && s->s3->rbuf.left == 0)
+ ssl3_release_read_buffer(s);
}
}
return (n);
@@ -998,7 +1136,19 @@
dest = s->s3->alert_fragment;
dest_len = &s->s3->alert_fragment_len;
}
+#ifndef OPENSSL_NO_HEARTBEATS
+ else if (rr->type == TLS1_RT_HEARTBEAT) {
+ tls1_process_heartbeat(s);
+ /* Exit and notify application to read again */
+ rr->length = 0;
+ s->rwstate = SSL_READING;
+ BIO_clear_retry_flags(SSL_get_rbio(s));
+ BIO_set_retry_read(SSL_get_rbio(s));
+ return (-1);
+ }
+#endif
+
if (dest_maxlen > 0) {
n = dest_maxlen - *dest_len; /* available space in 'dest' */
if (rr->length < n)
@@ -1119,7 +1269,7 @@
cb(s, SSL_CB_READ_ALERT, j);
}
- if (alert_level == 1) { /* warning */
+ if (alert_level == SSL3_AL_WARNING) {
s->s3->warn_alert = alert_descr;
if (alert_descr == SSL_AD_CLOSE_NOTIFY) {
s->shutdown |= SSL_RECEIVED_SHUTDOWN;
@@ -1138,7 +1288,11 @@
SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_NO_RENEGOTIATION);
goto f_err;
}
- } else if (alert_level == 2) { /* fatal */
+#ifdef SSL_AD_MISSING_SRP_USERNAME
+ else if (alert_descr == SSL_AD_MISSING_SRP_USERNAME)
+ return (0);
+#endif
+ } else if (alert_level == SSL3_AL_FATAL) {
char tmp[16];
s->rwstate = SSL_NOTHING;
@@ -1220,6 +1374,7 @@
#else
s->state = s->server ? SSL_ST_ACCEPT : SSL_ST_CONNECT;
#endif
+ s->renegotiate = 1;
s->new_session = 1;
}
i = s->handshake_func(s);
@@ -1252,8 +1407,11 @@
switch (rr->type) {
default:
#ifndef OPENSSL_NO_TLS
- /* TLS just ignores unknown message types */
- if (s->version == TLS1_VERSION) {
+ /*
+ * TLS up to v1.1 just ignores unknown message types: TLS v1.2 give
+ * an unexpected message alert.
+ */
+ if (s->version >= TLS1_VERSION && s->version <= TLS1_1_VERSION) {
rr->length = 0;
goto start;
}
@@ -1345,14 +1503,14 @@
slen = s->method->ssl3_enc->client_finished_label_len;
}
- s->s3->tmp.peer_finish_md_len = s->method->ssl3_enc->final_finish_mac(s,
- &
- (s->s3->finish_dgst1),
- &
- (s->s3->finish_dgst2),
- sender,
- slen,
- s->s3->tmp.peer_finish_md);
+ i = s->method->ssl3_enc->final_finish_mac(s,
+ sender, slen,
+ s->s3->tmp.peer_finish_md);
+ if (i == 0) {
+ SSLerr(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC, ERR_R_INTERNAL_ERROR);
+ return 0;
+ }
+ s->s3->tmp.peer_finish_md_len = i;
return (1);
}
Modified: trunk/crypto/openssl/ssl/s3_srvr.c
===================================================================
--- trunk/crypto/openssl/ssl/s3_srvr.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/ssl/s3_srvr.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,4 +1,4 @@
-/* ssl/s3_srvr.c */
+/* ssl/s3_srvr.c -*- mode:C; c-file-style: "eay" -*- */
/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
* All rights reserved.
*
@@ -56,7 +56,7 @@
* [including the GNU Public Licence.]
*/
/* ====================================================================
- * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -121,6 +121,32 @@
* Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories.
*
*/
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
#define REUSE_CIPHER_BUG
#define NETSCAPE_HANG_BUG
@@ -144,12 +170,10 @@
#endif
#include <openssl/md5.h>
-static SSL_METHOD *ssl3_get_server_method(int ver);
-#ifndef OPENSSL_NO_ECDH
-static int nid2curve_id(int nid);
-#endif
+#ifndef OPENSSL_NO_SSL3_METHOD
+static const SSL_METHOD *ssl3_get_server_method(int ver);
-static SSL_METHOD *ssl3_get_server_method(int ver)
+static const SSL_METHOD *ssl3_get_server_method(int ver)
{
if (ver == SSL3_VERSION)
return (SSLv3_server_method());
@@ -160,11 +184,35 @@
IMPLEMENT_ssl3_meth_func(SSLv3_server_method,
ssl3_accept,
ssl_undefined_function, ssl3_get_server_method)
+#endif
+#ifndef OPENSSL_NO_SRP
+static int ssl_check_srp_ext_ClientHello(SSL *s, int *al)
+{
+ int ret = SSL_ERROR_NONE;
+ *al = SSL_AD_UNRECOGNIZED_NAME;
+
+ if ((s->s3->tmp.new_cipher->algorithm_mkey & SSL_kSRP) &&
+ (s->srp_ctx.TLS_ext_srp_username_callback != NULL)) {
+ if (s->srp_ctx.login == NULL) {
+ /*
+ * RFC 5054 says SHOULD reject, we do so if There is no srp
+ * login name
+ */
+ ret = SSL3_AL_FATAL;
+ *al = SSL_AD_UNKNOWN_PSK_IDENTITY;
+ } else {
+ ret = SSL_srp_server_param_with_username(s, al);
+ }
+ }
+ return ret;
+}
+#endif
+
int ssl3_accept(SSL *s)
{
BUF_MEM *buf;
- unsigned long l, Time = (unsigned long)time(NULL);
+ unsigned long alg_k, Time = (unsigned long)time(NULL);
void (*cb) (const SSL *ssl, int type, int val) = NULL;
int ret = -1;
int new_state, state, skip = 0;
@@ -187,6 +235,17 @@
SSLerr(SSL_F_SSL3_ACCEPT, SSL_R_NO_CERTIFICATE_SET);
return (-1);
}
+#ifndef OPENSSL_NO_HEARTBEATS
+ /*
+ * If we're awaiting a HeartbeatResponse, pretend we already got and
+ * don't await it anymore, because Heartbeats don't make sense during
+ * handshakes anyway.
+ */
+ if (s->tlsext_hb_pending) {
+ s->tlsext_hb_pending = 0;
+ s->tlsext_hb_seq++;
+ }
+#endif
for (;;) {
state = s->state;
@@ -193,7 +252,7 @@
switch (s->state) {
case SSL_ST_RENEGOTIATE:
- s->new_session = 1;
+ s->renegotiate = 1;
/* s->state=SSL_ST_ACCEPT; */
case SSL_ST_BEFORE:
@@ -207,6 +266,7 @@
if ((s->version >> 8) != 3) {
SSLerr(SSL_F_SSL3_ACCEPT, ERR_R_INTERNAL_ERROR);
+ s->state = SSL_ST_ERR;
return -1;
}
s->type = SSL_ST_ACCEPT;
@@ -214,10 +274,13 @@
if (s->init_buf == NULL) {
if ((buf = BUF_MEM_new()) == NULL) {
ret = -1;
+ s->state = SSL_ST_ERR;
goto end;
}
if (!BUF_MEM_grow(buf, SSL3_RT_MAX_PLAIN_LENGTH)) {
+ BUF_MEM_free(buf);
ret = -1;
+ s->state = SSL_ST_ERR;
goto end;
}
s->init_buf = buf;
@@ -225,11 +288,17 @@
if (!ssl3_setup_buffers(s)) {
ret = -1;
+ s->state = SSL_ST_ERR;
goto end;
}
s->init_num = 0;
s->s3->flags &= ~SSL3_FLAGS_SGC_RESTART_DONE;
+ s->s3->flags &= ~SSL3_FLAGS_CCS_OK;
+ /*
+ * Should have been reset by ssl3_get_finished, too.
+ */
+ s->s3->change_cipher_spec = 0;
if (s->state != SSL_ST_RENEGOTIATE) {
/*
@@ -238,6 +307,7 @@
*/
if (!ssl_init_wbio_buffer(s, 1)) {
ret = -1;
+ s->state = SSL_ST_ERR;
goto end;
}
@@ -255,6 +325,7 @@
SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
ret = -1;
+ s->state = SSL_ST_ERR;
goto end;
} else {
/*
@@ -289,10 +360,38 @@
case SSL3_ST_SR_CLNT_HELLO_C:
s->shutdown = 0;
- ret = ssl3_get_client_hello(s);
- if (ret <= 0)
- goto end;
- s->new_session = 2;
+ if (s->rwstate != SSL_X509_LOOKUP) {
+ ret = ssl3_get_client_hello(s);
+ if (ret <= 0)
+ goto end;
+ }
+#ifndef OPENSSL_NO_SRP
+ {
+ int al;
+ if ((ret = ssl_check_srp_ext_ClientHello(s, &al)) < 0) {
+ /*
+ * callback indicates firther work to be done
+ */
+ s->rwstate = SSL_X509_LOOKUP;
+ goto end;
+ }
+ if (ret != SSL_ERROR_NONE) {
+ ssl3_send_alert(s, SSL3_AL_FATAL, al);
+ /*
+ * This is not really an error but the only means to for
+ * a client to detect whether srp is supported.
+ */
+ if (al != TLS1_AD_UNKNOWN_PSK_IDENTITY)
+ SSLerr(SSL_F_SSL3_ACCEPT, SSL_R_CLIENTHELLO_TLSEXT);
+ ret = SSL_TLSEXT_ERR_ALERT_FATAL;
+ ret = -1;
+ s->state = SSL_ST_ERR;
+ goto end;
+ }
+ }
+#endif
+
+ s->renegotiate = 2;
s->state = SSL3_ST_SW_SRVR_HELLO_A;
s->init_num = 0;
break;
@@ -320,9 +419,13 @@
case SSL3_ST_SW_CERT_A:
case SSL3_ST_SW_CERT_B:
- /* Check if it is anon DH or anon ECDH or KRB5 */
- if (!(s->s3->tmp.new_cipher->algorithms & SSL_aNULL)
- && !(s->s3->tmp.new_cipher->algorithms & SSL_aKRB5)) {
+ /* Check if it is anon DH or anon ECDH, */
+ /* normal PSK or KRB5 or SRP */
+ if (!
+ (s->s3->tmp.
+ new_cipher->algorithm_auth & (SSL_aNULL | SSL_aKRB5 |
+ SSL_aSRP))
+&& !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)) {
ret = ssl3_send_server_certificate(s);
if (ret <= 0)
goto end;
@@ -346,23 +449,37 @@
case SSL3_ST_SW_KEY_EXCH_A:
case SSL3_ST_SW_KEY_EXCH_B:
- l = s->s3->tmp.new_cipher->algorithms;
+ alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
/*
- * clear this, it may get reset by send_server_key_exchange
+ * clear this, it may get reset by
+ * send_server_key_exchange
*/
s->s3->tmp.use_rsa_tmp = 0;
/*
* only send if a DH key exchange, fortezza or RSA but we have a
- * sign only certificate For ECC ciphersuites, we send a
- * serverKeyExchange message only if the cipher suite is either
- * ECDH-anon or ECDHE. In other cases, the server certificate
- * contains the server's public key for key exchange.
+ * sign only certificate PSK: may send PSK identity hints For
+ * ECC ciphersuites, we send a serverKeyExchange message only if
+ * the cipher suite is either ECDH-anon or ECDHE. In other cases,
+ * the server certificate contains the server's public key for
+ * key exchange.
*/
- if ((l & SSL_kECDHE)
- || (l & (SSL_DH | SSL_kFZA))
- || ((l & SSL_kRSA)
+ if (0
+ /*
+ * PSK: send ServerKeyExchange if PSK identity hint if
+ * provided
+ */
+#ifndef OPENSSL_NO_PSK
+ || ((alg_k & SSL_kPSK) && s->ctx->psk_identity_hint)
+#endif
+#ifndef OPENSSL_NO_SRP
+ /* SRP: send ServerKeyExchange */
+ || (alg_k & SSL_kSRP)
+#endif
+ || (alg_k & (SSL_kDHr | SSL_kDHd | SSL_kEDH))
+ || (alg_k & SSL_kEECDH)
+ || ((alg_k & SSL_kRSA)
&& (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL
|| (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher)
&& EVP_PKEY_size(s->cert->pkeys
@@ -397,7 +514,7 @@
* section "Certificate request" in SSL 3 drafts and in
* RFC 2246):
*/
- ((s->s3->tmp.new_cipher->algorithms & SSL_aNULL) &&
+ ((s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) &&
/*
* ... except when the application insists on
* verification (against the specs, but s3_clnt.c accepts
@@ -407,11 +524,24 @@
/*
* never request cert in Kerberos ciphersuites
*/
- (s->s3->tmp.new_cipher->algorithms & SSL_aKRB5)) {
+ (s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5) ||
+ /* don't request certificate for SRP auth */
+ (s->s3->tmp.new_cipher->algorithm_auth & SSL_aSRP)
+ /*
+ * With normal PSK Certificates and Certificate Requests
+ * are omitted
+ */
+ || (s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)) {
/* no cert request */
skip = 1;
s->s3->tmp.cert_request = 0;
s->state = SSL3_ST_SW_SRVR_DONE_A;
+ if (s->s3->handshake_buffer) {
+ if (!ssl3_digest_cached_records(s)) {
+ s->state = SSL_ST_ERR;
+ return -1;
+ }
+ }
} else {
s->s3->tmp.cert_request = 1;
ret = ssl3_send_certificate_request(s);
@@ -486,47 +616,132 @@
/*
* For the ECDH ciphersuites when the client sends its ECDH
* pub key in a certificate, the CertificateVerify message is
- * not sent.
+ * not sent. Also for GOST ciphersuites when the client uses
+ * its key from the certificate for key exchange.
*/
+#if defined(OPENSSL_NO_TLSEXT) || defined(OPENSSL_NO_NEXTPROTONEG)
s->state = SSL3_ST_SR_FINISHED_A;
+#else
+ if (s->s3->next_proto_neg_seen)
+ s->state = SSL3_ST_SR_NEXT_PROTO_A;
+ else
+ s->state = SSL3_ST_SR_FINISHED_A;
+#endif
s->init_num = 0;
+ } else if (TLS1_get_version(s) >= TLS1_2_VERSION) {
+ s->state = SSL3_ST_SR_CERT_VRFY_A;
+ s->init_num = 0;
+ if (!s->session->peer)
+ break;
+ /*
+ * For TLS v1.2 freeze the handshake buffer at this point and
+ * digest cached records.
+ */
+ if (!s->s3->handshake_buffer) {
+ SSLerr(SSL_F_SSL3_ACCEPT, ERR_R_INTERNAL_ERROR);
+ s->state = SSL_ST_ERR;
+ return -1;
+ }
+ s->s3->flags |= TLS1_FLAGS_KEEP_HANDSHAKE;
+ if (!ssl3_digest_cached_records(s)) {
+ s->state = SSL_ST_ERR;
+ return -1;
+ }
} else {
+ int offset = 0;
+ int dgst_num;
+
s->state = SSL3_ST_SR_CERT_VRFY_A;
s->init_num = 0;
/*
* We need to get hashes here so if there is a client cert,
- * it can be verified
+ * it can be verified FIXME - digest processing for
+ * CertificateVerify should be generalized. But it is next
+ * step
*/
- s->method->ssl3_enc->cert_verify_mac(s,
- &(s->s3->finish_dgst1),
- &(s->s3->
- tmp.cert_verify_md
- [0]));
- s->method->ssl3_enc->cert_verify_mac(s,
- &(s->s3->finish_dgst2),
- &(s->s3->
- tmp.cert_verify_md
- [MD5_DIGEST_LENGTH]));
+ if (s->s3->handshake_buffer) {
+ if (!ssl3_digest_cached_records(s)) {
+ s->state = SSL_ST_ERR;
+ return -1;
+ }
+ }
+ for (dgst_num = 0; dgst_num < SSL_MAX_DIGEST; dgst_num++)
+ if (s->s3->handshake_dgst[dgst_num]) {
+ int dgst_size;
+
+ s->method->ssl3_enc->cert_verify_mac(s,
+ EVP_MD_CTX_type
+ (s->
+ s3->handshake_dgst
+ [dgst_num]),
+ &(s->s3->
+ tmp.cert_verify_md
+ [offset]));
+ dgst_size =
+ EVP_MD_CTX_size(s->s3->handshake_dgst[dgst_num]);
+ if (dgst_size < 0) {
+ s->state = SSL_ST_ERR;
+ ret = -1;
+ goto end;
+ }
+ offset += dgst_size;
+ }
}
break;
case SSL3_ST_SR_CERT_VRFY_A:
case SSL3_ST_SR_CERT_VRFY_B:
-
- s->s3->flags |= SSL3_FLAGS_CCS_OK;
- /* we should decide if we expected this one */
ret = ssl3_get_cert_verify(s);
if (ret <= 0)
goto end;
+#if defined(OPENSSL_NO_TLSEXT) || defined(OPENSSL_NO_NEXTPROTONEG)
s->state = SSL3_ST_SR_FINISHED_A;
+#else
+ if (s->s3->next_proto_neg_seen)
+ s->state = SSL3_ST_SR_NEXT_PROTO_A;
+ else
+ s->state = SSL3_ST_SR_FINISHED_A;
+#endif
s->init_num = 0;
break;
+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
+ case SSL3_ST_SR_NEXT_PROTO_A:
+ case SSL3_ST_SR_NEXT_PROTO_B:
+ /*
+ * Enable CCS for NPN. Receiving a CCS clears the flag, so make
+ * sure not to re-enable it to ban duplicates. This *should* be the
+ * first time we have received one - but we check anyway to be
+ * cautious.
+ * s->s3->change_cipher_spec is set when a CCS is
+ * processed in s3_pkt.c, and remains set until
+ * the client's Finished message is read.
+ */
+ if (!s->s3->change_cipher_spec)
+ s->s3->flags |= SSL3_FLAGS_CCS_OK;
+
+ ret = ssl3_get_next_proto(s);
+ if (ret <= 0)
+ goto end;
+ s->init_num = 0;
+ s->state = SSL3_ST_SR_FINISHED_A;
+ break;
+#endif
+
case SSL3_ST_SR_FINISHED_A:
case SSL3_ST_SR_FINISHED_B:
- s->s3->flags |= SSL3_FLAGS_CCS_OK;
+ /*
+ * Enable CCS for handshakes without NPN. In NPN the CCS flag has
+ * already been set. Receiving a CCS clears the flag, so make
+ * sure not to re-enable it to ban duplicates.
+ * s->s3->change_cipher_spec is set when a CCS is
+ * processed in s3_pkt.c, and remains set until
+ * the client's Finished message is read.
+ */
+ if (!s->s3->change_cipher_spec)
+ s->s3->flags |= SSL3_FLAGS_CCS_OK;
ret = ssl3_get_finished(s, SSL3_ST_SR_FINISHED_A,
SSL3_ST_SR_FINISHED_B);
if (ret <= 0)
@@ -569,6 +784,7 @@
s->session->cipher = s->s3->tmp.new_cipher;
if (!s->method->ssl3_enc->setup_key_block(s)) {
ret = -1;
+ s->state = SSL_ST_ERR;
goto end;
}
@@ -585,6 +801,7 @@
SSL3_CHANGE_CIPHER_SERVER_WRITE))
{
ret = -1;
+ s->state = SSL_ST_ERR;
goto end;
}
@@ -602,9 +819,16 @@
if (ret <= 0)
goto end;
s->state = SSL3_ST_SW_FLUSH;
- if (s->hit)
+ if (s->hit) {
+#if defined(OPENSSL_NO_TLSEXT) || defined(OPENSSL_NO_NEXTPROTONEG)
s->s3->tmp.next_state = SSL3_ST_SR_FINISHED_A;
- else
+#else
+ if (s->s3->next_proto_neg_seen) {
+ s->s3->tmp.next_state = SSL3_ST_SR_NEXT_PROTO_A;
+ } else
+ s->s3->tmp.next_state = SSL3_ST_SR_FINISHED_A;
+#endif
+ } else
s->s3->tmp.next_state = SSL_ST_OK;
s->init_num = 0;
break;
@@ -621,13 +845,9 @@
s->init_num = 0;
- if (s->new_session == 2) { /* skipped if we just sent a
+ if (s->renegotiate == 2) { /* skipped if we just sent a
* HelloRequest */
- /*
- * actually not necessarily a 'new' session unless
- * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION is set
- */
-
+ s->renegotiate = 0;
s->new_session = 0;
ssl_update_cache(s, SSL_SESS_CACHE_SERVER);
@@ -644,6 +864,7 @@
goto end;
/* break; */
+ case SSL_ST_ERR:
default:
SSLerr(SSL_F_SSL3_ACCEPT, SSL_R_UNKNOWN_STATE);
ret = -1;
@@ -798,7 +1019,8 @@
if ((s->version == DTLS1_VERSION && s->client_version > s->version) ||
(s->version != DTLS1_VERSION && s->client_version < s->version)) {
SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_WRONG_VERSION_NUMBER);
- if ((s->client_version >> 8) == SSL3_VERSION_MAJOR) {
+ if ((s->client_version >> 8) == SSL3_VERSION_MAJOR &&
+ !s->enc_write_ctx && !s->write_hash) {
/*
* similar to ssl3_get_record, send alert using remote version
* number
@@ -845,13 +1067,16 @@
s->hit = 0;
/*
- * Versions before 0.9.7 always allow session reuse during renegotiation
- * (i.e. when s->new_session is true), option
- * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION is new with 0.9.7. Maybe
- * this optional behaviour should always have been the default, but we
- * cannot safely change the default behaviour (or new applications might
- * be written that become totally unsecure when compiled with an earlier
- * library version)
+ * Versions before 0.9.7 always allow clients to resume sessions in
+ * renegotiation. 0.9.7 and later allow this by default, but optionally
+ * ignore resumption requests with flag
+ * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION (it's a new flag rather
+ * than a change to default behavior so that applications relying on this
+ * for security won't even compile against older library versions).
+ * 1.0.1 and later also have a function SSL_renegotiate_abbreviated() to
+ * request renegotiation but not a new session (s->new_session remains
+ * unset): for servers, this essentially just means that the
+ * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION setting will be ignored.
*/
if ((s->new_session
&& (s->options & SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION))) {
@@ -859,7 +1084,17 @@
goto err;
} else {
i = ssl_get_prev_session(s, p, j, d + n);
- if (i == 1) { /* previous session */
+ /*
+ * Only resume if the session's version matches the negotiated
+ * version.
+ * RFC 5246 does not provide much useful advice on resumption
+ * with a different protocol version. It doesn't forbid it but
+ * the sanity of such behaviour would be questionable.
+ * In practice, clients do not accept a version mismatch and
+ * will abort the handshake with an error.
+ */
+ if (i == 1 && s->version == s->session->ssl_version) { /* previous
+ * session */
s->hit = 1;
} else if (i == -1)
goto err;
@@ -933,8 +1168,8 @@
goto f_err;
}
n2s(p, i);
- if ((i == 0) && (j != 0)) {
- /* we need a cipher if we are not resuming a session */
+
+ if (i == 0) {
al = SSL_AD_ILLEGAL_PARAMETER;
SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_NO_CIPHERS_SPECIFIED);
goto f_err;
@@ -947,25 +1182,25 @@
SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_MISMATCH);
goto f_err;
}
- if ((i > 0) && (ssl_bytes_to_cipher_list(s, p, i, &(ciphers))
- == NULL)) {
+ if (ssl_bytes_to_cipher_list(s, p, i, &(ciphers)) == NULL) {
goto err;
}
p += i;
/* If it is a hit, check that the cipher is in the list */
- if ((s->hit) && (i > 0)) {
+ if (s->hit) {
j = 0;
id = s->session->cipher->id;
#ifdef CIPHER_DEBUG
- printf("client sent %d ciphers\n", sk_num(ciphers));
+ fprintf(stderr, "client sent %d ciphers\n",
+ sk_SSL_CIPHER_num(ciphers));
#endif
for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) {
c = sk_SSL_CIPHER_value(ciphers, i);
#ifdef CIPHER_DEBUG
- printf("client [%2d of %2d]:%s\n",
- i, sk_num(ciphers), SSL_CIPHER_get_name(c));
+ fprintf(stderr, "client [%2d of %2d]:%s\n",
+ i, sk_SSL_CIPHER_num(ciphers), SSL_CIPHER_get_name(c));
#endif
if (c->id == id) {
j = 1;
@@ -1039,7 +1274,63 @@
SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_CLIENTHELLO_TLSEXT);
goto err;
}
+
+ /*
+ * Check if we want to use external pre-shared secret for this handshake
+ * for not reused session only. We need to generate server_random before
+ * calling tls_session_secret_cb in order to allow SessionTicket
+ * processing to use it in key derivation.
+ */
+ {
+ unsigned char *pos;
+ pos = s->s3->server_random;
+ if (ssl_fill_hello_random(s, 1, pos, SSL3_RANDOM_SIZE) <= 0) {
+ al = SSL_AD_INTERNAL_ERROR;
+ goto f_err;
+ }
+ }
+
+ if (!s->hit && s->version >= TLS1_VERSION && s->tls_session_secret_cb) {
+ SSL_CIPHER *pref_cipher = NULL;
+
+ s->session->master_key_length = sizeof(s->session->master_key);
+ if (s->tls_session_secret_cb(s, s->session->master_key,
+ &s->session->master_key_length, ciphers,
+ &pref_cipher,
+ s->tls_session_secret_cb_arg)) {
+ s->hit = 1;
+ s->session->ciphers = ciphers;
+ s->session->verify_result = X509_V_OK;
+
+ ciphers = NULL;
+
+ /* check if some cipher was preferred by call back */
+ pref_cipher =
+ pref_cipher ? pref_cipher : ssl3_choose_cipher(s,
+ s->
+ session->ciphers,
+ SSL_get_ciphers
+ (s));
+ if (pref_cipher == NULL) {
+ al = SSL_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_NO_SHARED_CIPHER);
+ goto f_err;
+ }
+
+ s->session->cipher = pref_cipher;
+
+ if (s->cipher_list)
+ sk_SSL_CIPHER_free(s->cipher_list);
+
+ if (s->cipher_list_by_id)
+ sk_SSL_CIPHER_free(s->cipher_list_by_id);
+
+ s->cipher_list = sk_SSL_CIPHER_dup(s->session->ciphers);
+ s->cipher_list_by_id = sk_SSL_CIPHER_dup(s->session->ciphers);
+ }
+ }
#endif
+
/*
* Worst case, we will use the NULL compression, but if we have other
* options, we will now look for them. We have i-1 compression
@@ -1047,7 +1338,45 @@
*/
s->s3->tmp.new_compression = NULL;
#ifndef OPENSSL_NO_COMP
- if (s->ctx->comp_methods != NULL) {
+ /* This only happens if we have a cache hit */
+ if (s->session->compress_meth != 0) {
+ int m, comp_id = s->session->compress_meth;
+ /* Perform sanity checks on resumed compression algorithm */
+ /* Can't disable compression */
+ if (s->options & SSL_OP_NO_COMPRESSION) {
+ al = SSL_AD_INTERNAL_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,
+ SSL_R_INCONSISTENT_COMPRESSION);
+ goto f_err;
+ }
+ /* Look for resumed compression method */
+ for (m = 0; m < sk_SSL_COMP_num(s->ctx->comp_methods); m++) {
+ comp = sk_SSL_COMP_value(s->ctx->comp_methods, m);
+ if (comp_id == comp->id) {
+ s->s3->tmp.new_compression = comp;
+ break;
+ }
+ }
+ if (s->s3->tmp.new_compression == NULL) {
+ al = SSL_AD_INTERNAL_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,
+ SSL_R_INVALID_COMPRESSION_ALGORITHM);
+ goto f_err;
+ }
+ /* Look for resumed method in compression list */
+ for (m = 0; m < i; m++) {
+ if (q[m] == comp_id)
+ break;
+ }
+ if (m >= i) {
+ al = SSL_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,
+ SSL_R_REQUIRED_COMPRESSSION_ALGORITHM_MISSING);
+ goto f_err;
+ }
+ } else if (s->hit)
+ comp = NULL;
+ else if (!(s->options & SSL_OP_NO_COMPRESSION) && s->ctx->comp_methods) {
/* See if we have a match */
int m, nn, o, v, done = 0;
@@ -1069,24 +1398,15 @@
else
comp = NULL;
}
-#endif
-
- /* TLS does not mind if there is extra stuff */
-#if 0
+#else
/*
- * SSL 3.0 does not mind either, so we should disable this test (was
- * enabled in 0.9.6d through 0.9.6j and 0.9.7 through 0.9.7b, in earlier
- * SSLeay/OpenSSL releases this test existed but was buggy)
+ * If compression is disabled we'd better not try to resume a session
+ * using compression.
*/
- if (s->version == SSL3_VERSION) {
- if (p < (d + n)) {
- /*
- * wrong number of bytes, there could be more to follow
- */
- al = SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_MISMATCH);
- goto f_err;
- }
+ if (s->session->compress_meth != 0) {
+ al = SSL_AD_INTERNAL_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_INCONSISTENT_COMPRESSION);
+ goto f_err;
}
#endif
@@ -1104,8 +1424,8 @@
sk_SSL_CIPHER_free(s->session->ciphers);
s->session->ciphers = ciphers;
if (ciphers == NULL) {
- al = SSL_AD_ILLEGAL_PARAMETER;
- SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_NO_CIPHERS_PASSED);
+ al = SSL_AD_INTERNAL_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
goto f_err;
}
ciphers = NULL;
@@ -1128,7 +1448,7 @@
sk = s->session->ciphers;
for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) {
c = sk_SSL_CIPHER_value(sk, i);
- if (c->algorithms & SSL_eNULL)
+ if (c->algorithm_enc & SSL_eNULL)
nc = c;
if (SSL_C_IS_EXPORT(c))
ec = c;
@@ -1144,6 +1464,14 @@
s->s3->tmp.new_cipher = s->session->cipher;
}
+ if (TLS1_get_version(s) < TLS1_2_VERSION
+ || !(s->verify_mode & SSL_VERIFY_PEER)) {
+ if (!ssl3_digest_cached_records(s)) {
+ al = SSL_AD_INTERNAL_ERROR;
+ goto f_err;
+ }
+ }
+
/*-
* we now have the following setup.
* client_random
@@ -1156,7 +1484,6 @@
* s->tmp.new_cipher - the new cipher to use.
*/
-#ifndef OPENSSL_NO_TLSEXT
/* Handles TLS extensions that we couldn't check earlier */
if (s->version >= SSL3_VERSION) {
if (ssl_check_clienthello_tlsext_late(s) <= 0) {
@@ -1164,7 +1491,6 @@
goto err;
}
}
-#endif
if (ret < 0)
ret = 1;
@@ -1171,8 +1497,10 @@
if (0) {
f_err:
ssl3_send_alert(s, SSL3_AL_FATAL, al);
+ err:
+ s->state = SSL_ST_ERR;
}
- err:
+
if (ciphers != NULL)
sk_SSL_CIPHER_free(ciphers);
return (ret);
@@ -1183,15 +1511,17 @@
unsigned char *buf;
unsigned char *p, *d;
int i, sl;
- unsigned long l, Time;
+ unsigned long l;
if (s->state == SSL3_ST_SW_SRVR_HELLO_A) {
buf = (unsigned char *)s->init_buf->data;
+#ifdef OPENSSL_NO_TLSEXT
p = s->s3->server_random;
- Time = (unsigned long)time(NULL); /* Time */
- l2n(Time, p);
- if (RAND_pseudo_bytes(p, SSL3_RANDOM_SIZE - 4) <= 0)
+ if (ssl_fill_hello_random(s, 1, p, SSL3_RANDOM_SIZE) <= 0) {
+ s->state = SSL_ST_ERR;
return -1;
+ }
+#endif
/* Do the message type and length last */
d = p = &(buf[4]);
@@ -1202,17 +1532,21 @@
memcpy(p, s->s3->server_random, SSL3_RANDOM_SIZE);
p += SSL3_RANDOM_SIZE;
- /*
- * now in theory we have 3 options to sending back the session id.
- * If it is a re-use, we send back the old session-id, if it is a new
- * session, we send back the new session-id or we send back a 0
- * length session-id if we want it to be single use. Currently I will
- * not implement the '0' length session-id 12-Jan-98 - I'll now
- * support the '0' length stuff. We also have an additional case
- * where stateless session resumption is successful: we always send
- * back the old session id. In this case s->hit is non zero: this can
- * only happen if stateless session resumption is succesful if session
- * caching is disabled so existing functionality is unaffected.
+ /*-
+ * There are several cases for the session ID to send
+ * back in the server hello:
+ * - For session reuse from the session cache,
+ * we send back the old session ID.
+ * - If stateless session reuse (using a session ticket)
+ * is successful, we send back the client's "session ID"
+ * (which doesn't actually identify the session).
+ * - If it is a new session, we send back the new
+ * session ID.
+ * - However, if we want the new session to be single-use,
+ * we send back a 0-length session ID.
+ * s->hit is non-zero in either case of session reuse,
+ * so the following won't overwrite an ID that we're supposed
+ * to send back.
*/
if (!(s->ctx->session_cache_mode & SSL_SESS_CACHE_SERVER)
&& !s->hit)
@@ -1221,6 +1555,7 @@
sl = s->session->session_id_length;
if (sl > (int)sizeof(s->session->session_id)) {
SSLerr(SSL_F_SSL3_SEND_SERVER_HELLO, ERR_R_INTERNAL_ERROR);
+ s->state = SSL_ST_ERR;
return -1;
}
*(p++) = sl;
@@ -1241,11 +1576,17 @@
*(p++) = s->s3->tmp.new_compression->id;
#endif
#ifndef OPENSSL_NO_TLSEXT
+ if (ssl_prepare_serverhello_tlsext(s) <= 0) {
+ SSLerr(SSL_F_SSL3_SEND_SERVER_HELLO, SSL_R_SERVERHELLO_TLSEXT);
+ s->state = SSL_ST_ERR;
+ return -1;
+ }
if ((p =
ssl_add_serverhello_tlsext(s, p,
buf + SSL3_RT_MAX_PLAIN_LENGTH)) ==
NULL) {
SSLerr(SSL_F_SSL3_SEND_SERVER_HELLO, ERR_R_INTERNAL_ERROR);
+ s->state = SSL_ST_ERR;
return -1;
}
#endif
@@ -1308,6 +1649,7 @@
BN_CTX *bn_ctx = NULL;
#endif
EVP_PKEY *pkey;
+ const EVP_MD *md = NULL;
unsigned char *p, *d;
int al, i;
unsigned long type;
@@ -1320,7 +1662,7 @@
EVP_MD_CTX_init(&md_ctx);
if (s->state == SSL3_ST_SW_KEY_EXCH_A) {
- type = s->s3->tmp.new_cipher->algorithms & SSL_MKEY_MASK;
+ type = s->s3->tmp.new_cipher->algorithm_mkey;
cert = s->cert;
buf = s->init_buf;
@@ -1405,7 +1747,7 @@
} else
#endif
#ifndef OPENSSL_NO_ECDH
- if (type & SSL_kECDHE) {
+ if (type & SSL_kEECDH) {
const EC_GROUP *group;
ecdhp = cert->ecdh_tmp;
@@ -1469,7 +1811,8 @@
* (not generic) curves. For supported named curves, curve_id is
* non-zero.
*/
- if ((curve_id = nid2curve_id(EC_GROUP_get_curve_name(group)))
+ if ((curve_id =
+ tls1_ec_nid2curve_id(EC_GROUP_get_curve_name(group)))
== 0) {
SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
SSL_R_UNSUPPORTED_ELLIPTIC_CURVE);
@@ -1525,6 +1868,29 @@
r[3] = NULL;
} else
#endif /* !OPENSSL_NO_ECDH */
+#ifndef OPENSSL_NO_PSK
+ if (type & SSL_kPSK) {
+ /*
+ * reserve size for record length and PSK identity hint
+ */
+ n += 2 + strlen(s->ctx->psk_identity_hint);
+ } else
+#endif /* !OPENSSL_NO_PSK */
+#ifndef OPENSSL_NO_SRP
+ if (type & SSL_kSRP) {
+ if ((s->srp_ctx.N == NULL) ||
+ (s->srp_ctx.g == NULL) ||
+ (s->srp_ctx.s == NULL) || (s->srp_ctx.B == NULL)) {
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
+ SSL_R_MISSING_SRP_PARAM);
+ goto err;
+ }
+ r[0] = s->srp_ctx.N;
+ r[1] = s->srp_ctx.g;
+ r[2] = s->srp_ctx.s;
+ r[3] = s->srp_ctx.B;
+ } else
+#endif
{
al = SSL_AD_HANDSHAKE_FAILURE;
SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
@@ -1531,13 +1897,19 @@
SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE);
goto f_err;
}
- for (i = 0; r[i] != NULL; i++) {
+ for (i = 0; i < 4 && r[i] != NULL; i++) {
nr[i] = BN_num_bytes(r[i]);
- n += 2 + nr[i];
+#ifndef OPENSSL_NO_SRP
+ if ((i == 2) && (type & SSL_kSRP))
+ n += 1 + nr[i];
+ else
+#endif
+ n += 2 + nr[i];
}
- if (!(s->s3->tmp.new_cipher->algorithms & SSL_aNULL)) {
- if ((pkey = ssl_get_sign_pkey(s, s->s3->tmp.new_cipher))
+ if (!(s->s3->tmp.new_cipher->algorithm_auth & (SSL_aNULL | SSL_aSRP))
+ && !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)) {
+ if ((pkey = ssl_get_sign_pkey(s, s->s3->tmp.new_cipher, &md))
== NULL) {
al = SSL_AD_DECODE_ERROR;
goto f_err;
@@ -1555,14 +1927,20 @@
d = (unsigned char *)s->init_buf->data;
p = &(d[4]);
- for (i = 0; r[i] != NULL; i++) {
- s2n(nr[i], p);
+ for (i = 0; i < 4 && r[i] != NULL; i++) {
+#ifndef OPENSSL_NO_SRP
+ if ((i == 2) && (type & SSL_kSRP)) {
+ *p = nr[i];
+ p++;
+ } else
+#endif
+ s2n(nr[i], p);
BN_bn2bin(r[i], p);
p += nr[i];
}
#ifndef OPENSSL_NO_ECDH
- if (type & SSL_kECDHE) {
+ if (type & SSL_kEECDH) {
/*
* XXX: For now, we only support named (not generic) curves. In
* this situation, the serverKeyExchange message has: [1 byte
@@ -1585,6 +1963,16 @@
}
#endif
+#ifndef OPENSSL_NO_PSK
+ if (type & SSL_kPSK) {
+ /* copy PSK identity hint */
+ s2n(strlen(s->ctx->psk_identity_hint), p);
+ strncpy((char *)p, s->ctx->psk_identity_hint,
+ strlen(s->ctx->psk_identity_hint));
+ p += strlen(s->ctx->psk_identity_hint);
+ }
+#endif
+
/* not anonymous */
if (pkey != NULL) {
/*
@@ -1592,7 +1980,8 @@
* points to the space at the end.
*/
#ifndef OPENSSL_NO_RSA
- if (pkey->type == EVP_PKEY_RSA) {
+ if (pkey->type == EVP_PKEY_RSA
+ && TLS1_get_version(s) < TLS1_2_VERSION) {
q = md_buf;
j = 0;
for (num = 2; num > 0; num--) {
@@ -1618,28 +2007,24 @@
n += u + 2;
} else
#endif
-#if !defined(OPENSSL_NO_DSA)
- if (pkey->type == EVP_PKEY_DSA) {
- /* lets do DSS */
- EVP_SignInit_ex(&md_ctx, EVP_dss1(), NULL);
- EVP_SignUpdate(&md_ctx, &(s->s3->client_random[0]),
- SSL3_RANDOM_SIZE);
- EVP_SignUpdate(&md_ctx, &(s->s3->server_random[0]),
- SSL3_RANDOM_SIZE);
- EVP_SignUpdate(&md_ctx, &(d[4]), n);
- if (!EVP_SignFinal(&md_ctx, &(p[2]),
- (unsigned int *)&i, pkey)) {
- SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_LIB_DSA);
- goto err;
+ if (md) {
+ /*
+ * For TLS1.2 and later send signature algorithm
+ */
+ if (TLS1_get_version(s) >= TLS1_2_VERSION) {
+ if (!tls12_get_sigandhash(p, pkey, md)) {
+ /* Should never happen */
+ al = SSL_AD_INTERNAL_ERROR;
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
+ ERR_R_INTERNAL_ERROR);
+ goto f_err;
+ }
+ p += 2;
}
- s2n(i, p);
- n += i + 2;
- } else
+#ifdef SSL_DEBUG
+ fprintf(stderr, "Using hash %s\n", EVP_MD_name(md));
#endif
-#if !defined(OPENSSL_NO_ECDSA)
- if (pkey->type == EVP_PKEY_EC) {
- /* let's do ECDSA */
- EVP_SignInit_ex(&md_ctx, EVP_ecdsa(), NULL);
+ EVP_SignInit_ex(&md_ctx, md, NULL);
EVP_SignUpdate(&md_ctx, &(s->s3->client_random[0]),
SSL3_RANDOM_SIZE);
EVP_SignUpdate(&md_ctx, &(s->s3->server_random[0]),
@@ -1647,15 +2032,14 @@
EVP_SignUpdate(&md_ctx, &(d[4]), n);
if (!EVP_SignFinal(&md_ctx, &(p[2]),
(unsigned int *)&i, pkey)) {
- SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
- ERR_LIB_ECDSA);
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_LIB_EVP);
goto err;
}
s2n(i, p);
n += i + 2;
- } else
-#endif
- {
+ if (TLS1_get_version(s) >= TLS1_2_VERSION)
+ n += 2;
+ } else {
/* Is this error check actually needed? */
al = SSL_AD_HANDSHAKE_FAILURE;
SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
@@ -1686,6 +2070,7 @@
BN_CTX_free(bn_ctx);
#endif
EVP_MD_CTX_cleanup(&md_ctx);
+ s->state = SSL_ST_ERR;
return (-1);
}
@@ -1709,6 +2094,13 @@
p += n;
n++;
+ if (TLS1_get_version(s) >= TLS1_2_VERSION) {
+ nl = tls12_get_req_sig_algs(s, p + 2);
+ s2n(nl, p);
+ p += nl + 2;
+ n += nl + 2;
+ }
+
off = n;
p += 2;
n += 2;
@@ -1776,6 +2168,7 @@
/* SSL3_ST_SW_CERT_REQ_B */
return (ssl3_do_write(s, SSL3_RT_HANDSHAKE));
err:
+ s->state = SSL_ST_ERR;
return (-1);
}
@@ -1783,7 +2176,7 @@
{
int i, al, ok;
long n;
- unsigned long l;
+ unsigned long alg_k;
unsigned char *p;
#ifndef OPENSSL_NO_RSA
RSA *rsa = NULL;
@@ -1813,13 +2206,14 @@
return ((int)n);
p = (unsigned char *)s->init_msg;
- l = s->s3->tmp.new_cipher->algorithms;
+ alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
#ifndef OPENSSL_NO_RSA
- if (l & SSL_kRSA) {
+ if (alg_k & SSL_kRSA) {
unsigned char rand_premaster_secret[SSL_MAX_MASTER_KEY_LENGTH];
int decrypt_len;
unsigned char decrypt_good, version_good;
+ size_t j;
/* FIX THIS UP EAY EAY EAY EAY */
if (s->s3->tmp.use_rsa_tmp) {
@@ -1847,14 +2241,15 @@
rsa = pkey->pkey.rsa;
}
- /* TLS and [incidentally] DTLS, including pre-0.9.8f */
- if (s->version > SSL3_VERSION && s->client_version != DTLS1_BAD_VER) {
+ /* TLS and [incidentally] DTLS{0xFEFF} */
+ if (s->version > SSL3_VERSION && s->version != DTLS1_BAD_VER) {
n2s(p, i);
if (n != i + 2) {
if (!(s->options & SSL_OP_TLS_D5_BUG)) {
+ al = SSL_AD_DECODE_ERROR;
SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG);
- goto err;
+ goto f_err;
} else
p -= 2;
} else
@@ -1862,6 +2257,20 @@
}
/*
+ * Reject overly short RSA ciphertext because we want to be sure
+ * that the buffer size makes it safe to iterate over the entire
+ * size of a premaster secret (SSL_MAX_MASTER_KEY_LENGTH). The
+ * actual expected size is larger due to RSA padding, but the
+ * bound is sufficient to be safe.
+ */
+ if (n < SSL_MAX_MASTER_KEY_LENGTH) {
+ al = SSL_AD_DECRYPT_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+ SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG);
+ goto f_err;
+ }
+
+ /*
* We must not leak whether a decryption failure occurs because of
* Bleichenbacher's attack on PKCS #1 v1.5 RSA padding (see RFC 2246,
* section 7.4.7.1). The code follows that advice of the TLS RFC and
@@ -1924,11 +2333,14 @@
decrypt_good &= version_good;
/*
- * Now copy rand_premaster_secret over p using decrypt_good_mask.
+ * Now copy rand_premaster_secret over from p using
+ * decrypt_good_mask. If decryption failed, then p does not
+ * contain valid plaintext, however, a check above guarantees
+ * it is still sufficiently large to read from.
*/
- for (i = 0; i < (int)sizeof(rand_premaster_secret); i++) {
- p[i] = constant_time_select_8(decrypt_good, p[i],
- rand_premaster_secret[i]);
+ for (j = 0; j < sizeof(rand_premaster_secret); j++) {
+ p[j] = constant_time_select_8(decrypt_good, p[j],
+ rand_premaster_secret[j]);
}
s->session->master_key_length =
@@ -1935,12 +2347,14 @@
s->method->ssl3_enc->generate_master_secret(s,
s->
session->master_key,
- p, i);
- OPENSSL_cleanse(p, i);
+ p,
+ sizeof
+ (rand_premaster_secret));
+ OPENSSL_cleanse(p, sizeof(rand_premaster_secret));
} else
#endif
#ifndef OPENSSL_NO_DH
- if (l & (SSL_kEDH | SSL_kDHr | SSL_kDHd)) {
+ if (alg_k & (SSL_kEDH | SSL_kDHr | SSL_kDHd)) {
n2s(p, i);
if (n != i + 2) {
if (!(s->options & SSL_OP_SSLEAY_080_CLIENT_DH_BUG)) {
@@ -1996,7 +2410,7 @@
} else
#endif
#ifndef OPENSSL_NO_KRB5
- if (l & SSL_kKRB5) {
+ if (alg_k & SSL_kKRB5) {
krb5_error_code krb5rc;
krb5_data enc_ticket;
krb5_data authenticator;
@@ -2003,7 +2417,7 @@
krb5_data enc_pms;
KSSL_CTX *kssl_ctx = s->kssl_ctx;
EVP_CIPHER_CTX ciph_ctx;
- EVP_CIPHER *enc = NULL;
+ const EVP_CIPHER *enc = NULL;
unsigned char iv[EVP_MAX_IV_LENGTH];
unsigned char pms[SSL_MAX_MASTER_KEY_LENGTH + EVP_MAX_BLOCK_LENGTH];
int padl, outl;
@@ -2019,7 +2433,7 @@
n2s(p, i);
enc_ticket.length = i;
- if (n < (int)enc_ticket.length + 6) {
+ if (n < (long)(enc_ticket.length + 6)) {
SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
SSL_R_DATA_LENGTH_TOO_LONG);
goto err;
@@ -2031,7 +2445,7 @@
n2s(p, i);
authenticator.length = i;
- if (n < (int)(enc_ticket.length + authenticator.length) + 6) {
+ if (n < (long)(enc_ticket.length + authenticator.length + 6)) {
SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
SSL_R_DATA_LENGTH_TOO_LONG);
goto err;
@@ -2064,9 +2478,10 @@
if ((krb5rc = kssl_sget_tkt(kssl_ctx, &enc_ticket, &ttimes,
&kssl_err)) != 0) {
# ifdef KSSL_DEBUG
- printf("kssl_sget_tkt rtn %d [%d]\n", krb5rc, kssl_err.reason);
+ fprintf(stderr, "kssl_sget_tkt rtn %d [%d]\n",
+ krb5rc, kssl_err.reason);
if (kssl_err.text)
- printf("kssl_err text= %s\n", kssl_err.text);
+ fprintf(stderr, "kssl_err text= %s\n", kssl_err.text);
# endif /* KSSL_DEBUG */
SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, kssl_err.reason);
goto err;
@@ -2079,10 +2494,10 @@
if ((krb5rc = kssl_check_authent(kssl_ctx, &authenticator,
&authtime, &kssl_err)) != 0) {
# ifdef KSSL_DEBUG
- printf("kssl_check_authent rtn %d [%d]\n",
- krb5rc, kssl_err.reason);
+ fprintf(stderr, "kssl_check_authent rtn %d [%d]\n",
+ krb5rc, kssl_err.reason);
if (kssl_err.text)
- printf("kssl_err text= %s\n", kssl_err.text);
+ fprintf(stderr, "kssl_err text= %s\n", kssl_err.text);
# endif /* KSSL_DEBUG */
SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, kssl_err.reason);
goto err;
@@ -2185,7 +2600,7 @@
#endif /* OPENSSL_NO_KRB5 */
#ifndef OPENSSL_NO_ECDH
- if ((l & SSL_kECDH) || (l & SSL_kECDHE)) {
+ if (alg_k & (SSL_kEECDH | SSL_kECDHr | SSL_kECDHe)) {
int ret = 1;
int field_size = 0;
const EC_KEY *tkey;
@@ -2199,7 +2614,7 @@
}
/* Let's get server private key and group information */
- if (l & SSL_kECDH) {
+ if (alg_k & (SSL_kECDHr | SSL_kECDHe)) {
/* use the certificate */
tkey = s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec;
} else {
@@ -2228,7 +2643,7 @@
if (n == 0L) {
/* Client Publickey was in Client Certificate */
- if (l & SSL_kECDHE) {
+ if (alg_k & SSL_kEECDH) {
al = SSL_AD_HANDSHAKE_FAILURE;
SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
SSL_R_MISSING_TMP_ECDH_KEY);
@@ -2301,9 +2716,10 @@
EVP_PKEY_free(clnt_pub_pkey);
EC_POINT_free(clnt_ecpoint);
- if (srvr_ecdh != NULL)
- EC_KEY_free(srvr_ecdh);
+ EC_KEY_free(srvr_ecdh);
BN_CTX_free(bn_ctx);
+ EC_KEY_free(s->s3->tmp.ecdh);
+ s->s3->tmp.ecdh = NULL;
/* Compute the master secret */
s->session->master_key_length =
@@ -2316,8 +2732,204 @@
return (ret);
} else
#endif
- {
+#ifndef OPENSSL_NO_PSK
+ if (alg_k & SSL_kPSK) {
+ unsigned char *t = NULL;
+ unsigned char psk_or_pre_ms[PSK_MAX_PSK_LEN * 2 + 4];
+ unsigned int pre_ms_len = 0, psk_len = 0;
+ int psk_err = 1;
+ char tmp_id[PSK_MAX_IDENTITY_LEN + 1];
+
al = SSL_AD_HANDSHAKE_FAILURE;
+
+ n2s(p, i);
+ if (n != i + 2) {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, SSL_R_LENGTH_MISMATCH);
+ goto psk_err;
+ }
+ if (i > PSK_MAX_IDENTITY_LEN) {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+ SSL_R_DATA_LENGTH_TOO_LONG);
+ goto psk_err;
+ }
+ if (s->psk_server_callback == NULL) {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+ SSL_R_PSK_NO_SERVER_CB);
+ goto psk_err;
+ }
+
+ /*
+ * Create guaranteed NULL-terminated identity string for the callback
+ */
+ memcpy(tmp_id, p, i);
+ memset(tmp_id + i, 0, PSK_MAX_IDENTITY_LEN + 1 - i);
+ psk_len = s->psk_server_callback(s, tmp_id,
+ psk_or_pre_ms,
+ sizeof(psk_or_pre_ms));
+ OPENSSL_cleanse(tmp_id, PSK_MAX_IDENTITY_LEN + 1);
+
+ if (psk_len > PSK_MAX_PSK_LEN) {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
+ goto psk_err;
+ } else if (psk_len == 0) {
+ /*
+ * PSK related to the given identity not found
+ */
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+ SSL_R_PSK_IDENTITY_NOT_FOUND);
+ al = SSL_AD_UNKNOWN_PSK_IDENTITY;
+ goto psk_err;
+ }
+
+ /* create PSK pre_master_secret */
+ pre_ms_len = 2 + psk_len + 2 + psk_len;
+ t = psk_or_pre_ms;
+ memmove(psk_or_pre_ms + psk_len + 4, psk_or_pre_ms, psk_len);
+ s2n(psk_len, t);
+ memset(t, 0, psk_len);
+ t += psk_len;
+ s2n(psk_len, t);
+
+ if (s->session->psk_identity != NULL)
+ OPENSSL_free(s->session->psk_identity);
+ s->session->psk_identity = BUF_strdup((char *)p);
+ if (s->session->psk_identity == NULL) {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
+ goto psk_err;
+ }
+
+ if (s->session->psk_identity_hint != NULL)
+ OPENSSL_free(s->session->psk_identity_hint);
+ s->session->psk_identity_hint = BUF_strdup(s->ctx->psk_identity_hint);
+ if (s->ctx->psk_identity_hint != NULL &&
+ s->session->psk_identity_hint == NULL) {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
+ goto psk_err;
+ }
+
+ s->session->master_key_length =
+ s->method->ssl3_enc->generate_master_secret(s,
+ s->
+ session->master_key,
+ psk_or_pre_ms,
+ pre_ms_len);
+ psk_err = 0;
+ psk_err:
+ OPENSSL_cleanse(psk_or_pre_ms, sizeof(psk_or_pre_ms));
+ if (psk_err != 0)
+ goto f_err;
+ } else
+#endif
+#ifndef OPENSSL_NO_SRP
+ if (alg_k & SSL_kSRP) {
+ int param_len;
+
+ n2s(p, i);
+ param_len = i + 2;
+ if (param_len > n) {
+ al = SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+ SSL_R_BAD_SRP_A_LENGTH);
+ goto f_err;
+ }
+ if (!(s->srp_ctx.A = BN_bin2bn(p, i, NULL))) {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_BN_LIB);
+ goto err;
+ }
+ if (BN_ucmp(s->srp_ctx.A, s->srp_ctx.N) >= 0
+ || BN_is_zero(s->srp_ctx.A)) {
+ al = SSL_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+ SSL_R_BAD_SRP_PARAMETERS);
+ goto f_err;
+ }
+ if (s->session->srp_username != NULL)
+ OPENSSL_free(s->session->srp_username);
+ s->session->srp_username = BUF_strdup(s->srp_ctx.login);
+ if (s->session->srp_username == NULL) {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ if ((s->session->master_key_length =
+ SRP_generate_server_master_secret(s,
+ s->session->master_key)) < 0) {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+
+ p += i;
+ } else
+#endif /* OPENSSL_NO_SRP */
+ if (alg_k & SSL_kGOST) {
+ int ret = 0;
+ EVP_PKEY_CTX *pkey_ctx;
+ EVP_PKEY *client_pub_pkey = NULL, *pk = NULL;
+ unsigned char premaster_secret[32], *start;
+ size_t outlen = 32, inlen;
+ unsigned long alg_a;
+ int Ttag, Tclass;
+ long Tlen;
+
+ /* Get our certificate private key */
+ alg_a = s->s3->tmp.new_cipher->algorithm_auth;
+ if (alg_a & SSL_aGOST94)
+ pk = s->cert->pkeys[SSL_PKEY_GOST94].privatekey;
+ else if (alg_a & SSL_aGOST01)
+ pk = s->cert->pkeys[SSL_PKEY_GOST01].privatekey;
+
+ pkey_ctx = EVP_PKEY_CTX_new(pk, NULL);
+ EVP_PKEY_decrypt_init(pkey_ctx);
+ /*
+ * If client certificate is present and is of the same type, maybe
+ * use it for key exchange. Don't mind errors from
+ * EVP_PKEY_derive_set_peer, because it is completely valid to use a
+ * client certificate for authorization only.
+ */
+ client_pub_pkey = X509_get_pubkey(s->session->peer);
+ if (client_pub_pkey) {
+ if (EVP_PKEY_derive_set_peer(pkey_ctx, client_pub_pkey) <= 0)
+ ERR_clear_error();
+ }
+ /* Decrypt session key */
+ if (ASN1_get_object
+ ((const unsigned char **)&p, &Tlen, &Ttag, &Tclass,
+ n) != V_ASN1_CONSTRUCTED || Ttag != V_ASN1_SEQUENCE
+ || Tclass != V_ASN1_UNIVERSAL) {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+ SSL_R_DECRYPTION_FAILED);
+ goto gerr;
+ }
+ start = p;
+ inlen = Tlen;
+ if (EVP_PKEY_decrypt
+ (pkey_ctx, premaster_secret, &outlen, start, inlen) <= 0) {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+ SSL_R_DECRYPTION_FAILED);
+ goto gerr;
+ }
+ /* Generate master secret */
+ s->session->master_key_length =
+ s->method->ssl3_enc->generate_master_secret(s,
+ s->
+ session->master_key,
+ premaster_secret, 32);
+ OPENSSL_cleanse(premaster_secret, sizeof(premaster_secret));
+ /* Check if pubkey from client certificate was used */
+ if (EVP_PKEY_CTX_ctrl
+ (pkey_ctx, -1, -1, EVP_PKEY_CTRL_PEER_KEY, 2, NULL) > 0)
+ ret = 2;
+ else
+ ret = 1;
+ gerr:
+ EVP_PKEY_free(client_pub_pkey);
+ EVP_PKEY_CTX_free(pkey_ctx);
+ if (ret)
+ return ret;
+ else
+ goto err;
+ } else {
+ al = SSL_AD_HANDSHAKE_FAILURE;
SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, SSL_R_UNKNOWN_CIPHER_TYPE);
goto f_err;
}
@@ -2325,7 +2937,7 @@
return (1);
f_err:
ssl3_send_alert(s, SSL3_AL_FATAL, al);
-#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_ECDH)
+#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_ECDH) || defined(OPENSSL_NO_SRP)
err:
#endif
#ifndef OPENSSL_NO_ECDH
@@ -2335,6 +2947,7 @@
EC_KEY_free(srvr_ecdh);
BN_CTX_free(bn_ctx);
#endif
+ s->state = SSL_ST_ERR;
return (-1);
}
@@ -2346,41 +2959,36 @@
long n;
int type = 0, i, j;
X509 *peer;
+ const EVP_MD *md = NULL;
+ EVP_MD_CTX mctx;
+ EVP_MD_CTX_init(&mctx);
+ /*
+ * We should only process a CertificateVerify message if we have received
+ * a Certificate from the client. If so then |s->session->peer| will be non
+ * NULL. In some instances a CertificateVerify message is not required even
+ * if the peer has sent a Certificate (e.g. such as in the case of static
+ * DH). In that case the ClientKeyExchange processing will skip the
+ * CertificateVerify state so we should not arrive here.
+ */
+ if (s->session->peer == NULL) {
+ ret = 1;
+ goto end;
+ }
+
n = s->method->ssl_get_message(s,
SSL3_ST_SR_CERT_VRFY_A,
SSL3_ST_SR_CERT_VRFY_B,
- -1, SSL3_RT_MAX_PLAIN_LENGTH, &ok);
+ SSL3_MT_CERTIFICATE_VERIFY,
+ SSL3_RT_MAX_PLAIN_LENGTH, &ok);
if (!ok)
return ((int)n);
- if (s->session->peer != NULL) {
- peer = s->session->peer;
- pkey = X509_get_pubkey(peer);
- type = X509_certificate_type(peer, pkey);
- } else {
- peer = NULL;
- pkey = NULL;
- }
+ peer = s->session->peer;
+ pkey = X509_get_pubkey(peer);
+ type = X509_certificate_type(peer, pkey);
- if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE_VERIFY) {
- s->s3->tmp.reuse_message = 1;
- if (peer != NULL) {
- al = SSL_AD_UNEXPECTED_MESSAGE;
- SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, SSL_R_MISSING_VERIFY_MESSAGE);
- goto f_err;
- }
- ret = 1;
- goto end;
- }
-
- if (peer == NULL) {
- SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, SSL_R_NO_CLIENT_CERT_RECEIVED);
- al = SSL_AD_UNEXPECTED_MESSAGE;
- goto f_err;
- }
-
if (!(type & EVP_PKT_SIGN)) {
SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,
SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE);
@@ -2388,22 +2996,52 @@
goto f_err;
}
- if (s->s3->change_cipher_spec) {
- SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, SSL_R_CCS_RECEIVED_EARLY);
- al = SSL_AD_UNEXPECTED_MESSAGE;
- goto f_err;
- }
-
/* we now have a signature that we need to verify */
p = (unsigned char *)s->init_msg;
- n2s(p, i);
- n -= 2;
- if (i > n) {
- SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, SSL_R_LENGTH_MISMATCH);
- al = SSL_AD_DECODE_ERROR;
- goto f_err;
+ /* Check for broken implementations of GOST ciphersuites */
+ /*
+ * If key is GOST and n is exactly 64, it is bare signature without
+ * length field
+ */
+ if (n == 64 && (pkey->type == NID_id_GostR3410_94 ||
+ pkey->type == NID_id_GostR3410_2001)) {
+ i = 64;
+ } else {
+ if (TLS1_get_version(s) >= TLS1_2_VERSION) {
+ int sigalg = tls12_get_sigid(pkey);
+ /* Should never happen */
+ if (sigalg == -1) {
+ SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, ERR_R_INTERNAL_ERROR);
+ al = SSL_AD_INTERNAL_ERROR;
+ goto f_err;
+ }
+ /* Check key type is consistent with signature */
+ if (sigalg != (int)p[1]) {
+ SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,
+ SSL_R_WRONG_SIGNATURE_TYPE);
+ al = SSL_AD_DECODE_ERROR;
+ goto f_err;
+ }
+ md = tls12_get_hash(p[0]);
+ if (md == NULL) {
+ SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, SSL_R_UNKNOWN_DIGEST);
+ al = SSL_AD_DECODE_ERROR;
+ goto f_err;
+ }
+#ifdef SSL_DEBUG
+ fprintf(stderr, "USING TLSv1.2 HASH %s\n", EVP_MD_name(md));
+#endif
+ p += 2;
+ n -= 2;
+ }
+ n2s(p, i);
+ n -= 2;
+ if (i > n) {
+ SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, SSL_R_LENGTH_MISMATCH);
+ al = SSL_AD_DECODE_ERROR;
+ goto f_err;
+ }
}
-
j = EVP_PKEY_size(pkey);
if ((i > j) || (n > j) || (n <= 0)) {
SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, SSL_R_WRONG_SIGNATURE_SIZE);
@@ -2410,6 +3048,33 @@
al = SSL_AD_DECODE_ERROR;
goto f_err;
}
+
+ if (TLS1_get_version(s) >= TLS1_2_VERSION) {
+ long hdatalen = 0;
+ void *hdata;
+ hdatalen = BIO_get_mem_data(s->s3->handshake_buffer, &hdata);
+ if (hdatalen <= 0) {
+ SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, ERR_R_INTERNAL_ERROR);
+ al = SSL_AD_INTERNAL_ERROR;
+ goto f_err;
+ }
+#ifdef SSL_DEBUG
+ fprintf(stderr, "Using TLS 1.2 with client verify alg %s\n",
+ EVP_MD_name(md));
+#endif
+ if (!EVP_VerifyInit_ex(&mctx, md, NULL)
+ || !EVP_VerifyUpdate(&mctx, hdata, hdatalen)) {
+ SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, ERR_R_EVP_LIB);
+ al = SSL_AD_INTERNAL_ERROR;
+ goto f_err;
+ }
+
+ if (EVP_VerifyFinal(&mctx, p, i, pkey) <= 0) {
+ al = SSL_AD_DECRYPT_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, SSL_R_BAD_SIGNATURE);
+ goto f_err;
+ }
+ } else
#ifndef OPENSSL_NO_RSA
if (pkey->type == EVP_PKEY_RSA) {
i = RSA_verify(NID_md5_sha1, s->s3->tmp.cert_verify_md,
@@ -2453,7 +3118,27 @@
}
} else
#endif
- {
+ if (pkey->type == NID_id_GostR3410_94
+ || pkey->type == NID_id_GostR3410_2001) {
+ unsigned char signature[64];
+ int idx;
+ EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new(pkey, NULL);
+ EVP_PKEY_verify_init(pctx);
+ if (i != 64) {
+ fprintf(stderr, "GOST signature length is %d", i);
+ }
+ for (idx = 0; idx < 64; idx++) {
+ signature[63 - idx] = p[idx];
+ }
+ j = EVP_PKEY_verify(pctx, signature, 64, s->s3->tmp.cert_verify_md,
+ 32);
+ EVP_PKEY_CTX_free(pctx);
+ if (j <= 0) {
+ al = SSL_AD_DECRYPT_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, SSL_R_BAD_ECDSA_SIGNATURE);
+ goto f_err;
+ }
+ } else {
SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, ERR_R_INTERNAL_ERROR);
al = SSL_AD_UNSUPPORTED_CERTIFICATE;
goto f_err;
@@ -2463,8 +3148,15 @@
if (0) {
f_err:
ssl3_send_alert(s, SSL3_AL_FATAL, al);
+ s->state = SSL_ST_ERR;
}
end:
+ if (s->s3->handshake_buffer) {
+ BIO_free(s->s3->handshake_buffer);
+ s->s3->handshake_buffer = NULL;
+ s->s3->flags &= ~TLS1_FLAGS_KEEP_HANDSHAKE;
+ }
+ EVP_MD_CTX_cleanup(&mctx);
EVP_PKEY_free(pkey);
return (ret);
}
@@ -2570,6 +3262,11 @@
al = SSL_AD_HANDSHAKE_FAILURE;
goto f_err;
}
+ /* No client certificate so digest cached records */
+ if (s->s3->handshake_buffer && !ssl3_digest_cached_records(s)) {
+ al = SSL_AD_INTERNAL_ERROR;
+ goto f_err;
+ }
} else {
i = ssl_verify_cert_chain(s, sk);
if (i <= 0) {
@@ -2610,8 +3307,10 @@
if (0) {
f_err:
ssl3_send_alert(s, SSL3_AL_FATAL, al);
+ err:
+ s->state = SSL_ST_ERR;
}
- err:
+
if (x != NULL)
X509_free(x);
if (sk != NULL)
@@ -2626,16 +3325,23 @@
if (s->state == SSL3_ST_SW_CERT_A) {
x = ssl_get_server_send_cert(s);
- if (x == NULL &&
+ if (x == NULL) {
/* VRS: allow null cert if auth == KRB5 */
- (s->s3->tmp.new_cipher->algorithms
- & (SSL_MKEY_MASK | SSL_AUTH_MASK))
- != (SSL_aKRB5 | SSL_kKRB5)) {
+ if ((s->s3->tmp.new_cipher->algorithm_auth != SSL_aKRB5) ||
+ (s->s3->tmp.new_cipher->algorithm_mkey & SSL_kKRB5)) {
+ SSLerr(SSL_F_SSL3_SEND_SERVER_CERTIFICATE,
+ ERR_R_INTERNAL_ERROR);
+ s->state = SSL_ST_ERR;
+ return (0);
+ }
+ }
+
+ l = ssl3_output_cert_chain(s, x);
+ if (!l) {
SSLerr(SSL_F_SSL3_SEND_SERVER_CERTIFICATE, ERR_R_INTERNAL_ERROR);
+ s->state = SSL_ST_ERR;
return (0);
}
-
- l = ssl3_output_cert_chain(s, x);
s->state = SSL3_ST_SW_CERT_B;
s->init_num = (int)l;
s->init_off = 0;
@@ -2645,91 +3351,68 @@
return (ssl3_do_write(s, SSL3_RT_HANDSHAKE));
}
-#ifndef OPENSSL_NO_ECDH
-/* This is the complement of curve_id2nid in s3_clnt.c. */
-static int nid2curve_id(int nid)
-{
- /*
- * ECC curves from draft-ietf-tls-ecc-01.txt (Mar 15, 2001) (no changes
- * in draft-ietf-tls-ecc-03.txt [June 2003])
- */
- switch (nid) {
- case NID_sect163k1: /* sect163k1 (1) */
- return 1;
- case NID_sect163r1: /* sect163r1 (2) */
- return 2;
- case NID_sect163r2: /* sect163r2 (3) */
- return 3;
- case NID_sect193r1: /* sect193r1 (4) */
- return 4;
- case NID_sect193r2: /* sect193r2 (5) */
- return 5;
- case NID_sect233k1: /* sect233k1 (6) */
- return 6;
- case NID_sect233r1: /* sect233r1 (7) */
- return 7;
- case NID_sect239k1: /* sect239k1 (8) */
- return 8;
- case NID_sect283k1: /* sect283k1 (9) */
- return 9;
- case NID_sect283r1: /* sect283r1 (10) */
- return 10;
- case NID_sect409k1: /* sect409k1 (11) */
- return 11;
- case NID_sect409r1: /* sect409r1 (12) */
- return 12;
- case NID_sect571k1: /* sect571k1 (13) */
- return 13;
- case NID_sect571r1: /* sect571r1 (14) */
- return 14;
- case NID_secp160k1: /* secp160k1 (15) */
- return 15;
- case NID_secp160r1: /* secp160r1 (16) */
- return 16;
- case NID_secp160r2: /* secp160r2 (17) */
- return 17;
- case NID_secp192k1: /* secp192k1 (18) */
- return 18;
- case NID_X9_62_prime192v1: /* secp192r1 (19) */
- return 19;
- case NID_secp224k1: /* secp224k1 (20) */
- return 20;
- case NID_secp224r1: /* secp224r1 (21) */
- return 21;
- case NID_secp256k1: /* secp256k1 (22) */
- return 22;
- case NID_X9_62_prime256v1: /* secp256r1 (23) */
- return 23;
- case NID_secp384r1: /* secp384r1 (24) */
- return 24;
- case NID_secp521r1: /* secp521r1 (25) */
- return 25;
- default:
- return 0;
- }
-}
-#endif
#ifndef OPENSSL_NO_TLSEXT
+/* send a new session ticket (not necessarily for a new session) */
int ssl3_send_newsession_ticket(SSL *s)
{
+ unsigned char *senc = NULL;
+ EVP_CIPHER_CTX ctx;
+ HMAC_CTX hctx;
+
if (s->state == SSL3_ST_SW_SESSION_TICKET_A) {
- unsigned char *p, *senc, *macstart;
- int len, slen;
+ unsigned char *p, *macstart;
+ const unsigned char *const_p;
+ int len, slen_full, slen;
+ SSL_SESSION *sess;
unsigned int hlen;
- EVP_CIPHER_CTX ctx;
- HMAC_CTX hctx;
SSL_CTX *tctx = s->initial_ctx;
unsigned char iv[EVP_MAX_IV_LENGTH];
unsigned char key_name[16];
/* get session encoding length */
- slen = i2d_SSL_SESSION(s->session, NULL);
+ slen_full = i2d_SSL_SESSION(s->session, NULL);
/*
* Some length values are 16 bits, so forget it if session is too
* long
*/
- if (slen > 0xFF00)
+ if (slen_full == 0 || slen_full > 0xFF00) {
+ s->state = SSL_ST_ERR;
return -1;
+ }
+ senc = OPENSSL_malloc(slen_full);
+ if (!senc) {
+ s->state = SSL_ST_ERR;
+ return -1;
+ }
+
+ EVP_CIPHER_CTX_init(&ctx);
+ HMAC_CTX_init(&hctx);
+
+ p = senc;
+ if (!i2d_SSL_SESSION(s->session, &p))
+ goto err;
+
+ /*
+ * create a fresh copy (not shared with other threads) to clean up
+ */
+ const_p = senc;
+ sess = d2i_SSL_SESSION(NULL, &const_p, slen_full);
+ if (sess == NULL)
+ goto err;
+ sess->session_id_length = 0; /* ID is irrelevant for the ticket */
+
+ slen = i2d_SSL_SESSION(sess, NULL);
+ if (slen == 0 || slen > slen_full) { /* shouldn't ever happen */
+ SSL_SESSION_free(sess);
+ goto err;
+ }
+ p = senc;
+ if (!i2d_SSL_SESSION(sess, &p)) {
+ SSL_SESSION_free(sess);
+ goto err;
+ }
+ SSL_SESSION_free(sess);
+
/*-
* Grow buffer if need be: the length calculation is as
* follows 1 (size of message name) + 3 (message length
@@ -2741,12 +3424,7 @@
if (!BUF_MEM_grow(s->init_buf,
26 + EVP_MAX_IV_LENGTH + EVP_MAX_BLOCK_LENGTH +
EVP_MAX_MD_SIZE + slen))
- return -1;
- senc = OPENSSL_malloc(slen);
- if (!senc)
- return -1;
- p = senc;
- i2d_SSL_SESSION(s->session, &p);
+ goto err;
p = (unsigned char *)s->init_buf->data;
/* do the header */
@@ -2753,8 +3431,6 @@
*(p++) = SSL3_MT_NEWSESSION_TICKET;
/* Skip message length for now */
p += 3;
- EVP_CIPHER_CTX_init(&ctx);
- HMAC_CTX_init(&hctx);
/*
* Initialize HMAC and cipher contexts. If callback present it does
* all the work otherwise use generated values from parent ctx.
@@ -2761,19 +3437,27 @@
*/
if (tctx->tlsext_ticket_key_cb) {
if (tctx->tlsext_ticket_key_cb(s, key_name, iv, &ctx,
- &hctx, 1) < 0) {
- OPENSSL_free(senc);
- return -1;
- }
+ &hctx, 1) < 0)
+ goto err;
} else {
- RAND_pseudo_bytes(iv, 16);
- EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL,
- tctx->tlsext_tick_aes_key, iv);
- HMAC_Init_ex(&hctx, tctx->tlsext_tick_hmac_key, 16,
- tlsext_tick_md(), NULL);
+ if (RAND_bytes(iv, 16) <= 0)
+ goto err;
+ if (!EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL,
+ tctx->tlsext_tick_aes_key, iv))
+ goto err;
+ if (!HMAC_Init_ex(&hctx, tctx->tlsext_tick_hmac_key, 16,
+ tlsext_tick_md(), NULL))
+ goto err;
memcpy(key_name, tctx->tlsext_tick_key_name, 16);
}
- l2n(s->session->tlsext_tick_lifetime_hint, p);
+
+ /*
+ * Ticket lifetime hint (advisory only): We leave this unspecified
+ * for resumed session (for simplicity), and guess that tickets for
+ * new sessions will live as long as their sessions.
+ */
+ l2n(s->hit ? 0 : s->session->timeout, p);
+
/* Skip ticket length for now */
p += 2;
/* Output key name */
@@ -2784,14 +3468,19 @@
memcpy(p, iv, EVP_CIPHER_CTX_iv_length(&ctx));
p += EVP_CIPHER_CTX_iv_length(&ctx);
/* Encrypt session data */
- EVP_EncryptUpdate(&ctx, p, &len, senc, slen);
+ if (!EVP_EncryptUpdate(&ctx, p, &len, senc, slen))
+ goto err;
p += len;
- EVP_EncryptFinal(&ctx, p, &len);
+ if (!EVP_EncryptFinal(&ctx, p, &len))
+ goto err;
p += len;
+
+ if (!HMAC_Update(&hctx, macstart, p - macstart))
+ goto err;
+ if (!HMAC_Final(&hctx, p, &hlen))
+ goto err;
+
EVP_CIPHER_CTX_cleanup(&ctx);
-
- HMAC_Update(&hctx, macstart, p - macstart);
- HMAC_Final(&hctx, p, &hlen);
HMAC_CTX_cleanup(&hctx);
p += hlen;
@@ -2812,6 +3501,13 @@
/* SSL3_ST_SW_SESSION_TICKET_B */
return (ssl3_do_write(s, SSL3_RT_HANDSHAKE));
+ err:
+ if (senc)
+ OPENSSL_free(senc);
+ EVP_CIPHER_CTX_cleanup(&ctx);
+ HMAC_CTX_cleanup(&hctx);
+ s->state = SSL_ST_ERR;
+ return -1;
}
int ssl3_send_cert_status(SSL *s)
@@ -2824,8 +3520,10 @@
* 1 (ocsp response type) + 3 (ocsp response length)
* + (ocsp response)
*/
- if (!BUF_MEM_grow(s->init_buf, 8 + s->tlsext_ocsp_resplen))
+ if (!BUF_MEM_grow(s->init_buf, 8 + s->tlsext_ocsp_resplen)) {
+ s->state = SSL_ST_ERR;
return -1;
+ }
p = (unsigned char *)s->init_buf->data;
@@ -2848,4 +3546,85 @@
/* SSL3_ST_SW_CERT_STATUS_B */
return (ssl3_do_write(s, SSL3_RT_HANDSHAKE));
}
+
+# ifndef OPENSSL_NO_NEXTPROTONEG
+/*
+ * ssl3_get_next_proto reads a Next Protocol Negotiation handshake message.
+ * It sets the next_proto member in s if found
+ */
+int ssl3_get_next_proto(SSL *s)
+{
+ int ok;
+ int proto_len, padding_len;
+ long n;
+ const unsigned char *p;
+
+ /*
+ * Clients cannot send a NextProtocol message if we didn't see the
+ * extension in their ClientHello
+ */
+ if (!s->s3->next_proto_neg_seen) {
+ SSLerr(SSL_F_SSL3_GET_NEXT_PROTO,
+ SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION);
+ s->state = SSL_ST_ERR;
+ return -1;
+ }
+
+ /* See the payload format below */
+ n = s->method->ssl_get_message(s,
+ SSL3_ST_SR_NEXT_PROTO_A,
+ SSL3_ST_SR_NEXT_PROTO_B,
+ SSL3_MT_NEXT_PROTO, 514, &ok);
+
+ if (!ok)
+ return ((int)n);
+
+ /*
+ * s->state doesn't reflect whether ChangeCipherSpec has been received in
+ * this handshake, but s->s3->change_cipher_spec does (will be reset by
+ * ssl3_get_finished).
+ */
+ if (!s->s3->change_cipher_spec) {
+ SSLerr(SSL_F_SSL3_GET_NEXT_PROTO, SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS);
+ s->state = SSL_ST_ERR;
+ return -1;
+ }
+
+ if (n < 2) {
+ s->state = SSL_ST_ERR;
+ return 0; /* The body must be > 1 bytes long */
+ }
+
+ p = (unsigned char *)s->init_msg;
+
+ /*-
+ * The payload looks like:
+ * uint8 proto_len;
+ * uint8 proto[proto_len];
+ * uint8 padding_len;
+ * uint8 padding[padding_len];
+ */
+ proto_len = p[0];
+ if (proto_len + 2 > s->init_num) {
+ s->state = SSL_ST_ERR;
+ return 0;
+ }
+ padding_len = p[proto_len + 1];
+ if (proto_len + padding_len + 2 != s->init_num) {
+ s->state = SSL_ST_ERR;
+ return 0;
+ }
+
+ s->next_proto_negotiated = OPENSSL_malloc(proto_len);
+ if (!s->next_proto_negotiated) {
+ SSLerr(SSL_F_SSL3_GET_NEXT_PROTO, ERR_R_MALLOC_FAILURE);
+ s->state = SSL_ST_ERR;
+ return 0;
+ }
+ memcpy(s->next_proto_negotiated, p + 1, proto_len);
+ s->next_proto_negotiated_len = proto_len;
+
+ return 1;
+}
+# endif
#endif
Copied: trunk/crypto/openssl/ssl/srtp.h (from rev 7117, vendor-crypto/openssl/dist/ssl/srtp.h)
===================================================================
--- trunk/crypto/openssl/ssl/srtp.h (rev 0)
+++ trunk/crypto/openssl/ssl/srtp.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,148 @@
+/* ssl/srtp.h */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+/*
+ * DTLS code by Eric Rescorla <ekr at rtfm.com>
+ *
+ * Copyright (C) 2006, Network Resonance, Inc. Copyright (C) 2011, RTFM, Inc.
+ */
+
+#ifndef HEADER_D1_SRTP_H
+# define HEADER_D1_SRTP_H
+
+# include <openssl/ssl.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# define SRTP_AES128_CM_SHA1_80 0x0001
+# define SRTP_AES128_CM_SHA1_32 0x0002
+# define SRTP_AES128_F8_SHA1_80 0x0003
+# define SRTP_AES128_F8_SHA1_32 0x0004
+# define SRTP_NULL_SHA1_80 0x0005
+# define SRTP_NULL_SHA1_32 0x0006
+
+# ifndef OPENSSL_NO_SRTP
+
+int SSL_CTX_set_tlsext_use_srtp(SSL_CTX *ctx, const char *profiles);
+int SSL_set_tlsext_use_srtp(SSL *ctx, const char *profiles);
+SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile(SSL *s);
+
+STACK_OF(SRTP_PROTECTION_PROFILE) *SSL_get_srtp_profiles(SSL *ssl);
+SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile(SSL *s);
+
+# endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
Modified: trunk/crypto/openssl/ssl/ssl-lib.com
===================================================================
--- trunk/crypto/openssl/ssl/ssl-lib.com 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/ssl/ssl-lib.com 2015-07-21 23:23:45 UTC (rev 7118)
@@ -30,7 +30,7 @@
$! DECC For DEC C.
$! GNUC For GNU C.
$!
-$! If you don't speficy a compiler, it will try to determine which
+$! If you don't specify a compiler, it will try to determine which
$! "C" compiler to use.
$!
$! P4, if defined, sets a TCP/IP library to use, through one of the following
@@ -42,11 +42,33 @@
$!
$! P5, if defined, sets a compiler thread NOT needed on OpenVMS 7.1 (and up)
$!
+$! P6, if defined, specifies the C pointer size. Ignored on VAX.
+$! ("64=ARGV" gives more efficient code with HP C V7.3 or newer.)
+$! Supported values are:
$!
+$! "" Compile with default (/NOPOINTER_SIZE)
+$! 32 Compile with /POINTER_SIZE=32 (SHORT)
+$! 64 Compile with /POINTER_SIZE=64[=ARGV] (LONG[=ARGV])
+$! (Automatically select ARGV if compiler supports it.)
+$! 64= Compile with /POINTER_SIZE=64 (LONG).
+$! 64=ARGV Compile with /POINTER_SIZE=64=ARGV (LONG=ARGV).
+$!
+$! P7, if defined, specifies a directory where ZLIB files (zlib.h,
+$! libz.olb) may be found. Optionally, a non-default object library
+$! name may be included ("dev:[dir]libz_64.olb", for example).
+$!
+$!
+$! Announce/identify.
+$!
+$ proc = f$environment( "procedure")
+$ write sys$output "@@@ "+ -
+ f$parse( proc, , , "name")+ f$parse( proc, , , "type")
+$!
$! Define A TCP/IP Library That We Will Need To Link To.
$! (That Is, If We Need To Link To One.)
$!
$ TCPIP_LIB = ""
+$ ZLIB_LIB = ""
$!
$! Check What Architecture We Are Using.
$!
@@ -55,7 +77,7 @@
$!
$! The Architecture Is VAX.
$!
-$ ARCH := VAX
+$ ARCH = "VAX"
$!
$! Else...
$!
@@ -70,18 +92,34 @@
$!
$ ENDIF
$!
-$! Define The OBJ Directory.
+$ ARCHD = ARCH
+$ LIB32 = "32"
+$ OPT_FILE = ""
+$ POINTER_SIZE = ""
$!
-$ OBJ_DIR := SYS$DISK:[-.'ARCH'.OBJ.SSL]
+$! Check To Make Sure We Have Valid Command Line Parameters.
$!
-$! Define The EXE Directory.
+$ GOSUB CHECK_OPTIONS
$!
-$ EXE_DIR := SYS$DISK:[-.'ARCH'.EXE.SSL]
+$! Define The OBJ and EXE Directories.
$!
-$! Check To Make Sure We Have Valid Command Line Parameters.
+$ OBJ_DIR := SYS$DISK:[-.'ARCHD'.OBJ.SSL]
+$ EXE_DIR := SYS$DISK:[-.'ARCHD'.EXE.SSL]
$!
-$ GOSUB CHECK_OPTIONS
+$! Specify the destination directory in any /MAP option.
$!
+$ if (LINKMAP .eqs. "MAP")
+$ then
+$ LINKMAP = LINKMAP+ "=''EXE_DIR'"
+$ endif
+$!
+$! Add the location prefix to the linker options file name.
+$!
+$ if (OPT_FILE .nes. "")
+$ then
+$ OPT_FILE = EXE_DIR+ OPT_FILE
+$ endif
+$!
$! Initialise logical names and such
$!
$ GOSUB INITIALISE
@@ -88,7 +126,7 @@
$!
$! Tell The User What Kind of Machine We Run On.
$!
-$ WRITE SYS$OUTPUT "Compiling On A ",ARCH," Machine."
+$ WRITE SYS$OUTPUT "Host system architecture: ''ARCHD'"
$!
$! Check To See If The Architecture Specific OBJ Directory Exists.
$!
@@ -118,12 +156,16 @@
$!
$! Define The Library Name.
$!
-$ SSL_LIB := 'EXE_DIR'LIBSSL.OLB
+$ SSL_LIB := 'EXE_DIR'SSL_LIBSSL'LIB32'.OLB
$!
$! Define The CRYPTO-LIB We Are To Use.
$!
-$ CRYPTO_LIB := SYS$DISK:[-.'ARCH'.EXE.CRYPTO]LIBCRYPTO.OLB
+$ CRYPTO_LIB := SYS$DISK:[-.'ARCHD'.EXE.CRYPTO]SSL_LIBCRYPTO'LIB32'.OLB
$!
+$! Set up exceptional compilations.
+$!
+$ CC5_SHOWN = 0
+$!
$! Check To See What We Are To Do.
$!
$ IF (BUILDALL.EQS."TRUE")
@@ -156,7 +198,7 @@
$!
$ LIBRARY:
$!
-$! Check To See If We Already Have A "[.xxx.EXE.SSL]LIBSSL.OLB" Library...
+$! Check To See If We Already Have A "[.xxx.EXE.SSL]SSL_LIBSSL''LIB32'.OLB" Library...
$!
$ IF (F$SEARCH(SSL_LIB).EQS."")
$ THEN
@@ -171,17 +213,19 @@
$!
$! Define The Different SSL "library" Files.
$!
-$ LIB_SSL = "s2_meth, s2_srvr, s2_clnt, s2_lib, s2_enc, s2_pkt,"+ -
- "s3_meth, s3_srvr, s3_clnt, s3_lib, s3_enc, s3_pkt,s3_both,s3_cbc,"+ -
+$ LIB_SSL = "s2_meth, s2_srvr, s2_clnt, s2_lib, s2_enc, s2_pkt,"+ -
+ "s3_meth, s3_srvr, s3_clnt, s3_lib, s3_enc, s3_pkt, s3_both, s3_cbc,"+ -
"s23_meth,s23_srvr,s23_clnt,s23_lib, s23_pkt,"+ -
- "t1_meth, t1_srvr, t1_clnt, t1_lib, t1_enc,"+ -
- "d1_meth, d1_srvr, d1_clnt, d1_lib, d1_pkt,"+ -
- "d1_both,d1_enc,"+ -
+ "t1_meth, t1_srvr, t1_clnt, t1_lib, t1_enc,"+ -
+ "d1_meth, d1_srvr, d1_clnt, d1_lib, d1_pkt,"+ -
+ "d1_both,d1_enc,d1_srtp,"+ -
"ssl_lib,ssl_err2,ssl_cert,ssl_sess,"+ -
"ssl_ciph,ssl_stat,ssl_rsa,"+ -
"ssl_asn1,ssl_txt,ssl_algs,"+ -
- "bio_ssl,ssl_err,kssl,t1_reneg"
+ "bio_ssl,ssl_err,kssl,tls_srp,t1_reneg,ssl_utst"
$!
+$ COMPILEWITH_CC5 = ""
+$!
$! Tell The User That We Are Compiling The Library.
$!
$ WRITE SYS$OUTPUT "Building The ",SSL_LIB," Library."
@@ -295,43 +339,48 @@
$!
$ ENDIF
$!
+$ COMPILEWITH_CC5 = "" !!! ",ssl_task,"
+$!
$! Tell The User We Are Creating The SSL_TASK.
$!
+$! Tell The User We Are Creating The SSL_TASK.
+$!
$ WRITE SYS$OUTPUT "Creating SSL_TASK OSU HTTP SSL Engine."
$!
+$! Tell The User What File We Are Compiling.
+$!
+$ FILE_NAME = "ssl_task"
+$ WRITE SYS$OUTPUT " ",FILE_NAME,".c"
+$!
$! Compile The File.
$!
$ ON ERROR THEN GOTO SSL_TASK_END
-$ CC5/OBJECT='OBJ_DIR'SSL_TASK.OBJ SYS$DISK:[]SSL_TASK.C
$!
-$! Link The Program.
-$! Check To See If We Are To Link With A Specific TCP/IP Library.
-$!
-$ IF (TCPIP_LIB.NES."")
+$ FILE_NAME0 = ","+ F$ELEMENT(0,".",FILE_NAME)+ ","
+$ IF COMPILEWITH_CC5 - FILE_NAME0 .NES. COMPILEWITH_CC5
$ THEN
-$!
-$! Link With TCP/IP Library.
-$!
-$ LINK/'DEBUGGER'/'TRACEBACK'/EXE='EXE_DIR'SSL_TASK.EXE -
- 'OBJ_DIR'SSL_TASK.OBJ, -
- 'SSL_LIB'/LIBRARY,'CRYPTO_LIB'/LIBRARY, -
- 'TCPIP_LIB','OPT_FILE'/OPTION
-$!
-$! Else...
-$!
+$ if (.not. CC5_SHOWN)
+$ then
+$ CC5_SHOWN = 1
+$ write sys$output " \Using special rule (5)"
+$ x = " "+ CC5
+$ write /symbol sys$output x
+$ endif
+$ CC5 /OBJECT='OBJ_DIR''FILE_NAME'.OBJ SYS$DISK:[]'FILE_NAME'.C
$ ELSE
+$ CC /OBJECT='OBJ_DIR''FILE_NAME'.OBJ SYS$DISK:[]'FILE_NAME'.C
+$ ENDIF
$!
-$! Don't Link With TCP/IP Library.
+$! Link The Program.
$!
-$ LINK/'DEBUGGER'/'TRACEBACK'/EXE='EXE_DIR'SSL_TASK.EXE -
- 'OBJ_DIR'SSL_TASK.OBJ,-
- 'SSL_LIB'/LIBRARY,'CRYPTO_LIB'/LIBRARY, -
- 'OPT_FILE'/OPTION
+$ LINK /'DEBUGGER' /'LINKMAP' /'TRACEBACK' /EXE='EXE_DIR'SSL_TASK.EXE -
+ 'OBJ_DIR'SSL_TASK.OBJ, -
+ 'SSL_LIB'/LIBRARY, -
+ 'CRYPTO_LIB'/LIBRARY -
+ 'TCPIP_LIB' -
+ 'ZLIB_LIB' -
+ ,'OPT_FILE' /OPTIONS
$!
-$! End The TCP/IP Library Check.
-$!
-$ ENDIF
-$!
$! Time To Return.
$!
$SSL_TASK_END:
@@ -356,7 +405,7 @@
$ CREATE 'OPT_FILE'
$DECK
!
-! Default System Options File To Link Agianst
+! Default System Options File To Link Against
! The Sharable VAX C Runtime Library.
!
SYS$SHARE:VAXCRTL.EXE/SHARE
@@ -385,7 +434,7 @@
$ CREATE 'OPT_FILE'
$DECK
!
-! Default System Options File To Link Agianst
+! Default System Options File To Link Against
! The Sharable C Runtime Library.
!
GNU_CC:[000000]GCCLIB/LIBRARY
@@ -420,7 +469,7 @@
$ CREATE 'OPT_FILE'
$DECK
!
-! Default System Options File To Link Agianst
+! Default System Options File To Link Against
! The Sharable DEC C Runtime Library.
!
SYS$SHARE:DECC$SHR.EXE/SHARE
@@ -435,7 +484,7 @@
$ CREATE 'OPT_FILE'
$DECK
!
-! Default System Options File For non-VAX To Link Agianst
+! Default System Options File For non-VAX To Link Against
! The Sharable C Runtime Library.
!
SYS$SHARE:CMA$OPEN_LIB_SHR/SHARE
@@ -524,12 +573,12 @@
$!
$ ELSE
$!
-$! Else, Check To See If P1 Has A Valid Arguement.
+$! Else, Check To See If P1 Has A Valid Argument.
$!
$ IF (P1.EQS."LIBRARY").OR.(P1.EQS."SSL_TASK")
$ THEN
$!
-$! A Valid Arguement.
+$! A Valid Argument.
$!
$ BUILDALL = P1
$!
@@ -548,8 +597,8 @@
$ WRITE SYS$OUTPUT ""
$ WRITE SYS$OUTPUT " Where 'xxx' Stands For:"
$ WRITE SYS$OUTPUT ""
-$ WRITE SYS$OUTPUT " ALPHA : Alpha Architecture."
-$ WRITE SYS$OUTPUT " IA64 : IA64 Architecture."
+$ WRITE SYS$OUTPUT " ALPHA[64]: Alpha Architecture."
+$ WRITE SYS$OUTPUT " IA64[64] : IA64 Architecture."
$ WRITE SYS$OUTPUT " VAX : VAX Architecture."
$ WRITE SYS$OUTPUT ""
$!
@@ -557,7 +606,7 @@
$!
$ EXIT
$!
-$! End The Valid Arguement Check.
+$! End The Valid Argument Check.
$!
$ ENDIF
$!
@@ -570,14 +619,15 @@
$ IF (P2.EQS."NODEBUG")
$ THEN
$!
-$! P2 Is NODEBUG, So Compile Without Debugger Information.
+$! P2 Is NODEBUG, So Compile Without Debugger Information.
$!
-$ DEBUGGER = "NODEBUG"
-$ TRACEBACK = "NOTRACEBACK"
-$ GCC_OPTIMIZE = "OPTIMIZE"
-$ CC_OPTIMIZE = "OPTIMIZE"
-$ WRITE SYS$OUTPUT "No Debugger Information Will Be Produced During Compile."
-$ WRITE SYS$OUTPUT "Compiling With Compiler Optimization."
+$ DEBUGGER = "NODEBUG"
+$ LINKMAP = "NOMAP"
+$ TRACEBACK = "NOTRACEBACK"
+$ GCC_OPTIMIZE = "OPTIMIZE"
+$ CC_OPTIMIZE = "OPTIMIZE"
+$ WRITE SYS$OUTPUT "No Debugger Information Will Be Produced During Compile."
+$ WRITE SYS$OUTPUT "Compiling With Compiler Optimization."
$!
$! Else...
$!
@@ -591,6 +641,7 @@
$! Compile With Debugger Information.
$!
$ DEBUGGER = "DEBUG"
+$ LINKMAP = "MAP"
$ TRACEBACK = "TRACEBACK"
$ GCC_OPTIMIZE = "NOOPTIMIZE"
$ CC_OPTIMIZE = "NOOPTIMIZE"
@@ -598,7 +649,7 @@
$ WRITE SYS$OUTPUT "Compiling Without Compiler Optimization."
$ ELSE
$!
-$! Tell The User Entered An Invalid Option..
+$! Tell The User Entered An Invalid Option.
$!
$ WRITE SYS$OUTPUT ""
$ WRITE SYS$OUTPUT "The Option ",P2," Is Invalid. The Valid Options Are:"
@@ -611,7 +662,7 @@
$!
$ EXIT
$!
-$! End The Valid Arguement Check.
+$! End The Valid Argument Check.
$!
$ ENDIF
$!
@@ -653,6 +704,59 @@
$!
$ ENDIF
$!
+$! Check P6 (POINTER_SIZE).
+$!
+$ IF (P6 .NES. "") .AND. (ARCH .NES. "VAX")
+$ THEN
+$!
+$ IF (P6 .EQS. "32")
+$ THEN
+$ POINTER_SIZE = " /POINTER_SIZE=32"
+$ ELSE
+$ POINTER_SIZE = F$EDIT( P6, "COLLAPSE, UPCASE")
+$ IF ((POINTER_SIZE .EQS. "64") .OR. -
+ (POINTER_SIZE .EQS. "64=") .OR. -
+ (POINTER_SIZE .EQS. "64=ARGV"))
+$ THEN
+$ ARCHD = ARCH+ "_64"
+$ LIB32 = ""
+$ POINTER_SIZE = " /POINTER_SIZE=64"
+$ ELSE
+$!
+$! Tell The User Entered An Invalid Option.
+$!
+$ WRITE SYS$OUTPUT ""
+$ WRITE SYS$OUTPUT "The Option ", P6, -
+ " Is Invalid. The Valid Options Are:"
+$ WRITE SYS$OUTPUT ""
+$ WRITE SYS$OUTPUT -
+ " """" : Compile with default (short) pointers."
+$ WRITE SYS$OUTPUT -
+ " 32 : Compile with 32-bit (short) pointers."
+$ WRITE SYS$OUTPUT -
+ " 64 : Compile with 64-bit (long) pointers (auto ARGV)."
+$ WRITE SYS$OUTPUT -
+ " 64= : Compile with 64-bit (long) pointers (no ARGV)."
+$ WRITE SYS$OUTPUT -
+ " 64=ARGV : Compile with 64-bit (long) pointers (ARGV)."
+$ WRITE SYS$OUTPUT ""
+$!
+$! Time To EXIT.
+$!
+$ EXIT
+$!
+$ ENDIF
+$!
+$ ENDIF
+$!
+$! End The P6 (POINTER_SIZE) Check.
+$!
+$ ENDIF
+$!
+$! Set basic C compiler /INCLUDE directories.
+$!
+$ CC_INCLUDES = "SYS$DISK:[-.CRYPTO],SYS$DISK:[-]"
+$!
$! Check To See If P3 Is Blank.
$!
$ IF (P3.EQS."")
@@ -753,12 +857,68 @@
$ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS
$ CCEXTRAFLAGS = ""
$ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS
-$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX,FOUNDCR"
-$ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN -
- CCDISABLEWARNINGS = CCDISABLEWARNINGS + "," + USER_CCDISABLEWARNINGS
+$ CCDISABLEWARNINGS = "" !!! "MAYLOSEDATA3" !!! "LONGLONGTYPE,LONGLONGSUFX,FOUNDCR"
+$ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. ""
+$ THEN
+$ IF CCDISABLEWARNINGS .NES. "" THEN CCDISABLEWARNINGS = CCDISABLEWARNINGS + ","
+$ CCDISABLEWARNINGS = CCDISABLEWARNINGS + USER_CCDISABLEWARNINGS
+$ ENDIF
$!
-$! Check To See If The User Entered A Valid Paramter.
+$! Check To See If We Have A ZLIB Option.
$!
+$ ZLIB = P7
+$ IF (ZLIB .NES. "")
+$ THEN
+$!
+$! Check for expected ZLIB files.
+$!
+$ err = 0
+$ file1 = f$parse( "zlib.h", ZLIB, , , "SYNTAX_ONLY")
+$ if (f$search( file1) .eqs. "")
+$ then
+$ WRITE SYS$OUTPUT ""
+$ WRITE SYS$OUTPUT "The Option ", ZLIB, " Is Invalid."
+$ WRITE SYS$OUTPUT " Can't find header: ''file1'"
+$ err = 1
+$ endif
+$ file1 = f$parse( "A.;", ZLIB)- "A.;"
+$!
+$ file2 = f$parse( ZLIB, "libz.olb", , , "SYNTAX_ONLY")
+$ if (f$search( file2) .eqs. "")
+$ then
+$ if (err .eq. 0)
+$ then
+$ WRITE SYS$OUTPUT ""
+$ WRITE SYS$OUTPUT "The Option ", ZLIB, " Is Invalid."
+$ endif
+$ WRITE SYS$OUTPUT " Can't find library: ''file2'"
+$ WRITE SYS$OUTPUT ""
+$ err = err+ 2
+$ endif
+$ if (err .eq. 1)
+$ then
+$ WRITE SYS$OUTPUT ""
+$ endif
+$!
+$ if (err .ne. 0)
+$ then
+$ EXIT
+$ endif
+$!
+$ CCDEFS = """ZLIB=1"", "+ CCDEFS
+$ CC_INCLUDES = CC_INCLUDES+ ", "+ file1
+$ ZLIB_LIB = ", ''file2' /library"
+$!
+$! Print info
+$!
+$ WRITE SYS$OUTPUT "ZLIB library spec: ", file2
+$!
+$! End The ZLIB Check.
+$!
+$ ENDIF
+$!
+$! Check To See If The User Entered A Valid Parameter.
+$!
$ IF (P3.EQS."VAXC").OR.(P3.EQS."DECC").OR.(P3.EQS."GNUC")
$ THEN
$!
@@ -780,13 +940,13 @@
$ CC = "CC"
$ IF ARCH.EQS."VAX" .AND. F$TRNLNM("DECC$CC_DEFAULT").NES."/DECC" -
THEN CC = "CC/DECC"
-$ CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/STANDARD=ANSI89" + -
- "/NOLIST/PREFIX=ALL" + -
- "/INCLUDE=(SYS$DISK:[-.CRYPTO],SYS$DISK:[-])" + CCEXTRAFLAGS
+$ CC = CC + " /''CC_OPTIMIZE' /''DEBUGGER' /STANDARD=RELAXED"+ -
+ "''POINTER_SIZE' /NOLIST /PREFIX=ALL" + -
+ " /INCLUDE=(''CC_INCLUDES') " + CCEXTRAFLAGS
$!
$! Define The Linker Options File Name.
$!
-$ OPT_FILE = "''EXE_DIR'VAX_DECC_OPTIONS.OPT"
+$ OPT_FILE = "VAX_DECC_OPTIONS.OPT"
$!
$! End DECC Check.
$!
@@ -815,7 +975,7 @@
$ ENDIF
$ IF F$TRNLNM("DECC$CC_DEFAULT").EQS."/DECC" THEN CC = "CC/VAXC"
$ CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/NOLIST" + -
- "/INCLUDE=(SYS$DISK:[-.CRYPTO],SYS$DISK:[-])" + CCEXTRAFLAGS
+ "/INCLUDE=(''CC_INCLUDES')" + CCEXTRAFLAGS
$ CCDEFS = CCDEFS + ",""VAXC"""
$!
$! Define <sys> As SYS$COMMON:[SYSLIB]
@@ -824,7 +984,7 @@
$!
$! Define The Linker Options File Name.
$!
-$ OPT_FILE = "''EXE_DIR'VAX_VAXC_OPTIONS.OPT"
+$ OPT_FILE = "VAX_VAXC_OPTIONS.OPT"
$!
$! End VAXC Check
$!
@@ -847,11 +1007,11 @@
$!
$ IF F$TYPE(GCC) .EQS. "" THEN GCC := GCC
$ CC = GCC+"/NOCASE_HACK/''GCC_OPTIMIZE'/''DEBUGGER'/NOLIST" + -
- "/INCLUDE=(SYS$DISK:[-.CRYPTO],SYS$DISK:[-])" + CCEXTRAFLAGS
+ "/INCLUDE=(''CC_INCLUDES')" + CCEXTRAFLAGS
$!
$! Define The Linker Options File Name.
$!
-$ OPT_FILE = "''EXE_DIR'VAX_GNUC_OPTIONS.OPT"
+$ OPT_FILE = "VAX_GNUC_OPTIONS.OPT"
$!
$! End The GNU C Check.
$!
@@ -865,21 +1025,33 @@
$!
$ IF COMPILER .EQS. "DECC"
$ THEN
+$! Not all compiler versions support MAYLOSEDATA3.
+$ OPT_TEST = "MAYLOSEDATA3"
+$ DEFINE /USER_MODE SYS$ERROR NL:
+$ DEFINE /USER_MODE SYS$OUTPUT NL:
+$ 'CC' /NOCROSS_REFERENCE /NOLIST /NOOBJECT -
+ /WARNINGS = DISABLE = ('OPT_TEST', EMPTYFILE) NL:
+$ IF ($SEVERITY)
+$ THEN
+$ IF CCDISABLEWARNINGS .NES. "" THEN -
+ CCDISABLEWARNINGS = CCDISABLEWARNINGS+ ","
+$ CCDISABLEWARNINGS = CCDISABLEWARNINGS+ OPT_TEST
+$ ENDIF
$ IF CCDISABLEWARNINGS .EQS. ""
$ THEN
$ CC4DISABLEWARNINGS = "DOLLARID"
$ ELSE
$ CC4DISABLEWARNINGS = CCDISABLEWARNINGS + ",DOLLARID"
-$ CCDISABLEWARNINGS = "/WARNING=(DISABLE=(" + CCDISABLEWARNINGS + "))"
+$ CCDISABLEWARNINGS = " /WARNING=(DISABLE=(" + CCDISABLEWARNINGS + "))"
$ ENDIF
-$ CC4DISABLEWARNINGS = "/WARNING=(DISABLE=(" + CC4DISABLEWARNINGS + "))"
+$ CC4DISABLEWARNINGS = " /WARNING=(DISABLE=(" + CC4DISABLEWARNINGS + "))"
$ ELSE
$ CCDISABLEWARNINGS = ""
$ CC4DISABLEWARNINGS = ""
$ ENDIF
-$ CC2 = CC + "/DEFINE=(" + CCDEFS + ",_POSIX_C_SOURCE)" + CCDISABLEWARNINGS
-$ CC3 = CC + "/DEFINE=(" + CCDEFS + ISSEVEN + ")" + CCDISABLEWARNINGS
-$ CC = CC + "/DEFINE=(" + CCDEFS + ")" + CCDISABLEWARNINGS
+$ CC2 = CC + " /DEFINE=(" + CCDEFS + ",_POSIX_C_SOURCE)" + CCDISABLEWARNINGS
+$ CC3 = CC + " /DEFINE=(" + CCDEFS + ISSEVEN + ")" + CCDISABLEWARNINGS
+$ CC = CC + " /DEFINE=(" + CCDEFS + ")" + CCDISABLEWARNINGS
$ IF COMPILER .EQS. "DECC"
$ THEN
$ CC4 = CC - CCDISABLEWARNINGS + CC4DISABLEWARNINGS
@@ -893,7 +1065,7 @@
$!
$ WRITE/SYMBOL SYS$OUTPUT "Main Compiling Command: ",CC
$!
-$! Else The User Entered An Invalid Arguement.
+$! Else The User Entered An Invalid Argument.
$!
$ ELSE
$!
@@ -925,7 +1097,7 @@
$!
$! Set the library to use SOCKETSHR
$!
-$ TCPIP_LIB = "SYS$DISK:[-.VMS]SOCKETSHR_SHR.OPT/OPT"
+$ TCPIP_LIB = ",SYS$DISK:[-.VMS]SOCKETSHR_SHR.OPT /OPTIONS"
$!
$! Done with SOCKETSHR
$!
@@ -951,13 +1123,13 @@
$!
$! Set the library to use UCX.
$!
-$ TCPIP_LIB = "SYS$DISK:[-.VMS]UCX_SHR_DECC.OPT/OPT"
+$ TCPIP_LIB = ",SYS$DISK:[-.VMS]UCX_SHR_DECC.OPT /OPTIONS"
$ IF F$TRNLNM("UCX$IPC_SHR") .NES. ""
$ THEN
-$ TCPIP_LIB = "SYS$DISK:[-.VMS]UCX_SHR_DECC_LOG.OPT/OPT"
+$ TCPIP_LIB = ",SYS$DISK:[-.VMS]UCX_SHR_DECC_LOG.OPT /OPTIONS"
$ ELSE
$ IF COMPILER .NES. "DECC" .AND. ARCH .EQS. "VAX" THEN -
- TCPIP_LIB = "SYS$DISK:[-.VMS]UCX_SHR_VAXC.OPT/OPT"
+ TCPIP_LIB = ",SYS$DISK:[-.VMS]UCX_SHR_VAXC.OPT /OPTIONS"
$ ENDIF
$!
$! Done with UCX
@@ -971,7 +1143,7 @@
$!
$! Set the library to use TCPIP (post UCX).
$!
-$ TCPIP_LIB = "SYS$DISK:[-.VMS]TCPIP_SHR_DECC.OPT/OPT"
+$ TCPIP_LIB = ",SYS$DISK:[-.VMS]TCPIP_SHR_DECC.OPT /OPTIONS"
$!
$! Done with TCPIP
$!
@@ -992,9 +1164,9 @@
$!
$! Print info
$!
-$ WRITE SYS$OUTPUT "TCP/IP library spec: ", TCPIP_LIB
+$ WRITE SYS$OUTPUT "TCP/IP library spec: ", TCPIP_LIB- ","
$!
-$! Else The User Entered An Invalid Arguement.
+$! Else The User Entered An Invalid Argument.
$!
$ ELSE
$!
Modified: trunk/crypto/openssl/ssl/ssl.h
===================================================================
--- trunk/crypto/openssl/ssl/ssl.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/ssl/ssl.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -56,7 +56,7 @@
* [including the GNU Public Licence.]
*/
/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -109,63 +109,36 @@
*
*/
/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECC cipher suite support in OpenSSL originally developed by
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
*
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
*
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
*
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
*
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
*
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
*/
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECC cipher suite support in OpenSSL originally developed by
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
#ifndef HEADER_SSL_H
# define HEADER_SSL_H
@@ -251,35 +224,62 @@
# define SSL_MAX_MASTER_KEY_LENGTH 48
/* These are used to specify which ciphers to use and not to use */
+
+# define SSL_TXT_EXP40 "EXPORT40"
+# define SSL_TXT_EXP56 "EXPORT56"
# define SSL_TXT_LOW "LOW"
# define SSL_TXT_MEDIUM "MEDIUM"
# define SSL_TXT_HIGH "HIGH"
# define SSL_TXT_FIPS "FIPS"
-# define SSL_TXT_kFZA "kFZA"
-# define SSL_TXT_aFZA "aFZA"
-# define SSL_TXT_eFZA "eFZA"
-# define SSL_TXT_FZA "FZA"
+# define SSL_TXT_kFZA "kFZA"/* unused! */
+# define SSL_TXT_aFZA "aFZA"/* unused! */
+# define SSL_TXT_eFZA "eFZA"/* unused! */
+# define SSL_TXT_FZA "FZA"/* unused! */
+
# define SSL_TXT_aNULL "aNULL"
# define SSL_TXT_eNULL "eNULL"
# define SSL_TXT_NULL "NULL"
+# define SSL_TXT_kRSA "kRSA"
+# define SSL_TXT_kDHr "kDHr"/* no such ciphersuites supported! */
+# define SSL_TXT_kDHd "kDHd"/* no such ciphersuites supported! */
+# define SSL_TXT_kDH "kDH"/* no such ciphersuites supported! */
+# define SSL_TXT_kEDH "kEDH"
# define SSL_TXT_kKRB5 "kKRB5"
-# define SSL_TXT_aKRB5 "aKRB5"
-# define SSL_TXT_KRB5 "KRB5"
+# define SSL_TXT_kECDHr "kECDHr"
+# define SSL_TXT_kECDHe "kECDHe"
+# define SSL_TXT_kECDH "kECDH"
+# define SSL_TXT_kEECDH "kEECDH"
+# define SSL_TXT_kPSK "kPSK"
+# define SSL_TXT_kGOST "kGOST"
+# define SSL_TXT_kSRP "kSRP"
-# define SSL_TXT_kRSA "kRSA"
-# define SSL_TXT_kDHr "kDHr"
-# define SSL_TXT_kDHd "kDHd"
-# define SSL_TXT_kEDH "kEDH"
# define SSL_TXT_aRSA "aRSA"
# define SSL_TXT_aDSS "aDSS"
-# define SSL_TXT_aDH "aDH"
+# define SSL_TXT_aDH "aDH"/* no such ciphersuites supported! */
+# define SSL_TXT_aECDH "aECDH"
+# define SSL_TXT_aKRB5 "aKRB5"
+# define SSL_TXT_aECDSA "aECDSA"
+# define SSL_TXT_aPSK "aPSK"
+# define SSL_TXT_aGOST94 "aGOST94"
+# define SSL_TXT_aGOST01 "aGOST01"
+# define SSL_TXT_aGOST "aGOST"
+# define SSL_TXT_aSRP "aSRP"
+
# define SSL_TXT_DSS "DSS"
# define SSL_TXT_DH "DH"
-# define SSL_TXT_EDH "EDH"
+# define SSL_TXT_EDH "EDH"/* same as "kEDH:-ADH" */
# define SSL_TXT_ADH "ADH"
# define SSL_TXT_RSA "RSA"
+# define SSL_TXT_ECDH "ECDH"
+# define SSL_TXT_EECDH "EECDH"/* same as "kEECDH:-AECDH" */
+# define SSL_TXT_AECDH "AECDH"
+# define SSL_TXT_ECDSA "ECDSA"
+# define SSL_TXT_KRB5 "KRB5"
+# define SSL_TXT_PSK "PSK"
+# define SSL_TXT_SRP "SRP"
+
# define SSL_TXT_DES "DES"
# define SSL_TXT_3DES "3DES"
# define SSL_TXT_RC4 "RC4"
@@ -286,21 +286,32 @@
# define SSL_TXT_RC2 "RC2"
# define SSL_TXT_IDEA "IDEA"
# define SSL_TXT_SEED "SEED"
+# define SSL_TXT_AES128 "AES128"
+# define SSL_TXT_AES256 "AES256"
# define SSL_TXT_AES "AES"
+# define SSL_TXT_AES_GCM "AESGCM"
+# define SSL_TXT_CAMELLIA128 "CAMELLIA128"
+# define SSL_TXT_CAMELLIA256 "CAMELLIA256"
# define SSL_TXT_CAMELLIA "CAMELLIA"
+
# define SSL_TXT_MD5 "MD5"
# define SSL_TXT_SHA1 "SHA1"
-# define SSL_TXT_SHA "SHA"
-# define SSL_TXT_EXP "EXP"
-# define SSL_TXT_EXPORT "EXPORT"
-# define SSL_TXT_EXP40 "EXPORT40"
-# define SSL_TXT_EXP56 "EXPORT56"
+# define SSL_TXT_SHA "SHA"/* same as "SHA1" */
+# define SSL_TXT_GOST94 "GOST94"
+# define SSL_TXT_GOST89MAC "GOST89MAC"
+# define SSL_TXT_SHA256 "SHA256"
+# define SSL_TXT_SHA384 "SHA384"
+
# define SSL_TXT_SSLV2 "SSLv2"
# define SSL_TXT_SSLV3 "SSLv3"
# define SSL_TXT_TLSV1 "TLSv1"
+# define SSL_TXT_TLSV1_1 "TLSv1.1"
+# define SSL_TXT_TLSV1_2 "TLSv1.2"
+
+# define SSL_TXT_EXP "EXP"
+# define SSL_TXT_EXPORT "EXPORT"
+
# define SSL_TXT_ALL "ALL"
-# define SSL_TXT_ECC "ECCdraft"/* ECC ciphersuites are not yet
- * official */
/*-
* COMPLEMENTOF* definitions. These identifiers are used to (de-select)
@@ -323,7 +334,13 @@
* The following cipher list is used by default. It also is substituted when
* an application-defined cipher list string starts with 'DEFAULT'.
*/
-# define SSL_DEFAULT_CIPHER_LIST "ALL:!EXPORT:!aNULL:!eNULL:!SSLv2:@STRENGTH"
+# define SSL_DEFAULT_CIPHER_LIST "ALL:!EXPORT:!aNULL:!eNULL:!SSLv2"
+/*
+ * As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always
+ * starts with a reasonable order, and all we have to do for DEFAULT is
+ * throwing out anonymous and unencrypted ciphersuites! (The latter are not
+ * actually enabled by ALL, but "ALL:RSA" would enable some of them.)
+ */
/* Used in SSL_set_shutdown()/SSL_get_shutdown(); */
# define SSL_SENT_SHUTDOWN 1
@@ -349,25 +366,53 @@
* function parameters used to prototype callbacks in SSL_CTX.
*/
typedef struct ssl_st *ssl_crock_st;
+typedef struct tls_session_ticket_ext_st TLS_SESSION_TICKET_EXT;
+typedef struct ssl_method_st SSL_METHOD;
+typedef struct ssl_cipher_st SSL_CIPHER;
+typedef struct ssl_session_st SSL_SESSION;
+DECLARE_STACK_OF(SSL_CIPHER)
+
+/* SRTP protection profiles for use with the use_srtp extension (RFC 5764)*/
+typedef struct srtp_protection_profile_st {
+ const char *name;
+ unsigned long id;
+} SRTP_PROTECTION_PROFILE;
+
+DECLARE_STACK_OF(SRTP_PROTECTION_PROFILE)
+
+typedef int (*tls_session_ticket_ext_cb_fn) (SSL *s,
+ const unsigned char *data,
+ int len, void *arg);
+typedef int (*tls_session_secret_cb_fn) (SSL *s, void *secret,
+ int *secret_len,
+ STACK_OF(SSL_CIPHER) *peer_ciphers,
+ SSL_CIPHER **cipher, void *arg);
+
+# ifndef OPENSSL_NO_SSL_INTERN
+
/* used to hold info on the particular ciphers used */
-typedef struct ssl_cipher_st {
+struct ssl_cipher_st {
int valid;
const char *name; /* text name */
unsigned long id; /* id, 4 bytes, first is version */
- unsigned long algorithms; /* what ciphers are used */
+ /*
+ * changed in 0.9.9: these four used to be portions of a single value
+ * 'algorithms'
+ */
+ unsigned long algorithm_mkey; /* key exchange algorithm */
+ unsigned long algorithm_auth; /* server authentication */
+ unsigned long algorithm_enc; /* symmetric encryption */
+ unsigned long algorithm_mac; /* symmetric authentication */
+ unsigned long algorithm_ssl; /* (major) protocol version */
unsigned long algo_strength; /* strength and export flags */
unsigned long algorithm2; /* Extra flags */
int strength_bits; /* Number of bits really used */
int alg_bits; /* Number of bits for algorithm */
- unsigned long mask; /* used for matching */
- unsigned long mask_strength; /* also used for matching */
-} SSL_CIPHER;
+};
-DECLARE_STACK_OF(SSL_CIPHER)
-
/* Used to hold functions for SSLv2 or SSLv3/TLSv1 functions */
-typedef struct ssl_method_st {
+struct ssl_method_st {
int version;
int (*ssl_new) (SSL *s);
void (*ssl_clear) (SSL *s);
@@ -388,18 +433,18 @@
int (*ssl_dispatch_alert) (SSL *s);
long (*ssl_ctrl) (SSL *s, int cmd, long larg, void *parg);
long (*ssl_ctx_ctrl) (SSL_CTX *ctx, int cmd, long larg, void *parg);
- SSL_CIPHER *(*get_cipher_by_char) (const unsigned char *ptr);
+ const SSL_CIPHER *(*get_cipher_by_char) (const unsigned char *ptr);
int (*put_cipher_by_char) (const SSL_CIPHER *cipher, unsigned char *ptr);
int (*ssl_pending) (const SSL *s);
int (*num_ciphers) (void);
- SSL_CIPHER *(*get_cipher) (unsigned ncipher);
- struct ssl_method_st *(*get_ssl_method) (int version);
+ const SSL_CIPHER *(*get_cipher) (unsigned ncipher);
+ const struct ssl_method_st *(*get_ssl_method) (int version);
long (*get_timeout) (void);
struct ssl3_enc_method *ssl3_enc; /* Extra SSLv3/TLS stuff */
int (*ssl_version) (void);
long (*ssl_callback_ctrl) (SSL *s, int cb_id, void (*fp) (void));
long (*ssl_ctx_callback_ctrl) (SSL_CTX *s, int cb_id, void (*fp) (void));
-} SSL_METHOD;
+};
/*-
* Lets make this into an ASN.1 type structure as follows
@@ -406,22 +451,28 @@
* SSL_SESSION_ID ::= SEQUENCE {
* version INTEGER, -- structure version number
* SSLversion INTEGER, -- SSL version number
- * Cipher OCTET_STRING, -- the 3 byte cipher ID
- * Session_ID OCTET_STRING, -- the Session ID
- * Master_key OCTET_STRING, -- the master key
- * KRB5_principal OCTET_STRING -- optional Kerberos principal
- * Key_Arg [ 0 ] IMPLICIT OCTET_STRING, -- the optional Key argument
+ * Cipher OCTET STRING, -- the 3 byte cipher ID
+ * Session_ID OCTET STRING, -- the Session ID
+ * Master_key OCTET STRING, -- the master key
+ * KRB5_principal OCTET STRING -- optional Kerberos principal
+ * Key_Arg [ 0 ] IMPLICIT OCTET STRING, -- the optional Key argument
* Time [ 1 ] EXPLICIT INTEGER, -- optional Start Time
* Timeout [ 2 ] EXPLICIT INTEGER, -- optional Timeout ins seconds
* Peer [ 3 ] EXPLICIT X509, -- optional Peer Certificate
- * Session_ID_context [ 4 ] EXPLICIT OCTET_STRING, -- the Session ID context
- * Verify_result [ 5 ] EXPLICIT INTEGER -- X509_V_... code for `Peer'
- * Compression [6] IMPLICIT ASN1_OBJECT -- compression OID XXXXX
+ * Session_ID_context [ 4 ] EXPLICIT OCTET STRING, -- the Session ID context
+ * Verify_result [ 5 ] EXPLICIT INTEGER, -- X509_V_... code for `Peer'
+ * HostName [ 6 ] EXPLICIT OCTET STRING, -- optional HostName from servername TLS extension
+ * PSK_identity_hint [ 7 ] EXPLICIT OCTET STRING, -- optional PSK identity hint
+ * PSK_identity [ 8 ] EXPLICIT OCTET STRING, -- optional PSK identity
+ * Ticket_lifetime_hint [9] EXPLICIT INTEGER, -- server's lifetime hint for session ticket
+ * Ticket [10] EXPLICIT OCTET STRING, -- session ticket (clients only)
+ * Compression_meth [11] EXPLICIT OCTET STRING, -- optional compression method
+ * SRP_username [ 12 ] EXPLICIT OCTET STRING -- optional SRP username
* }
* Look in ssl/ssl_asn1.c for more details
* I'm using EXPLICIT tags so I can read the damn things using asn1parse :-).
*/
-typedef struct ssl_session_st {
+struct ssl_session_st {
int ssl_version; /* what ssl version session info is being
* kept in here? */
/* only really used in SSLv2 */
@@ -439,10 +490,19 @@
*/
unsigned int sid_ctx_length;
unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
-# ifndef OPENSSL_NO_KRB5
+# ifndef OPENSSL_NO_KRB5
unsigned int krb5_client_princ_len;
unsigned char krb5_client_princ[SSL_MAX_KRB5_PRINCIPAL_LENGTH];
-# endif /* OPENSSL_NO_KRB5 */
+# endif /* OPENSSL_NO_KRB5 */
+# ifndef OPENSSL_NO_PSK
+ char *psk_identity_hint;
+ char *psk_identity;
+# endif
+ /*
+ * Used to indicate that session resumption is not allowed. Applications
+ * can also set this bit for a new session via not_resumable_session_cb
+ * to disable session caching and tickets.
+ */
int not_resumable;
/* The cert is the certificate used to establish this connection */
struct sess_cert_st /* SESS_CERT */ *sess_cert;
@@ -461,8 +521,8 @@
int references;
long timeout;
long time;
- int compress_meth; /* Need to lookup the method */
- SSL_CIPHER *cipher;
+ unsigned int compress_meth; /* Need to lookup the method */
+ const SSL_CIPHER *cipher;
unsigned long cipher_id; /* when ASN.1 loaded, this needs to be used
* to load the 'cipher' structure */
STACK_OF(SSL_CIPHER) *ciphers; /* shared ciphers? */
@@ -472,14 +532,25 @@
* implement a maximum cache size.
*/
struct ssl_session_st *prev, *next;
-# ifndef OPENSSL_NO_TLSEXT
+# ifndef OPENSSL_NO_TLSEXT
char *tlsext_hostname;
+# ifndef OPENSSL_NO_EC
+ size_t tlsext_ecpointformatlist_length;
+ unsigned char *tlsext_ecpointformatlist; /* peer's list */
+ size_t tlsext_ellipticcurvelist_length;
+ unsigned char *tlsext_ellipticcurvelist; /* peer's list */
+# endif /* OPENSSL_NO_EC */
/* RFC4507 info */
unsigned char *tlsext_tick; /* Session ticket */
size_t tlsext_ticklen; /* Session ticket length */
long tlsext_tick_lifetime_hint; /* Session lifetime hint in seconds */
+# endif
+# ifndef OPENSSL_NO_SRP
+ char *srp_username;
+# endif
+};
+
# endif
-} SSL_SESSION;
# define SSL_OP_MICROSOFT_SESS_ID_BUG 0x00000001L
# define SSL_OP_NETSCAPE_CHALLENGE_BUG 0x00000002L
@@ -486,7 +557,7 @@
/* Allow initial connection to servers that don't support RI */
# define SSL_OP_LEGACY_SERVER_CONNECT 0x00000004L
# define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x00000008L
-# define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0x00000010L
+# define SSL_OP_TLSEXT_PADDING 0x00000010L
# define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 0x00000020L
# define SSL_OP_SAFARI_ECDHE_ECDSA_BUG 0x00000040L
# define SSL_OP_SSLEAY_080_CLIENT_DH_BUG 0x00000080L
@@ -495,6 +566,8 @@
/* Hasn't done anything since OpenSSL 0.9.7h, retained for compatibility */
# define SSL_OP_MSIE_SSLV2_RSA_PADDING 0x0
+/* Refers to ancient SSLREF and SSLv2, retained for compatibility */
+# define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0x0
/*
* Disable SSL 3.0/TLS 1.0 CBC vulnerability workaround that was added in
@@ -510,7 +583,7 @@
* SSL_OP_ALL: various bug workarounds that should be rather harmless. This
* used to be 0x000FFFFFL before 0.9.7.
*/
-# define SSL_OP_ALL 0x00000FFFL
+# define SSL_OP_ALL 0x80000BFFL
/* DTLS options */
# define SSL_OP_NO_QUERY_MTU 0x00001000L
@@ -523,6 +596,8 @@
/* As server, disallow session resumption on renegotiation */
# define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION 0x00010000L
+/* Don't use compression even if supported */
+# define SSL_OP_NO_COMPRESSION 0x00020000L
/* Permit unsafe legacy renegotiation */
# define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION 0x00040000L
/* If set, always create a new key when using tmp_ecdh parameters */
@@ -546,15 +621,28 @@
# define SSL_OP_NO_SSLv2 0x01000000L
# define SSL_OP_NO_SSLv3 0x02000000L
# define SSL_OP_NO_TLSv1 0x04000000L
+# define SSL_OP_NO_TLSv1_2 0x08000000L
+# define SSL_OP_NO_TLSv1_1 0x10000000L
/*
+ * These next two were never actually used for anything since SSLeay zap so
+ * we have some more flags.
+ */
+/*
* The next flag deliberately changes the ciphertest, this is a check for the
* PKCS#1 attack
*/
-# define SSL_OP_PKCS1_CHECK_1 0x08000000L
-# define SSL_OP_PKCS1_CHECK_2 0x10000000L
+# define SSL_OP_PKCS1_CHECK_1 0x0
+# define SSL_OP_PKCS1_CHECK_2 0x0
+
# define SSL_OP_NETSCAPE_CA_DN_BUG 0x20000000L
# define SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG 0x40000000L
+/*
+ * Make server add server-hello extension from early version of cryptopro
+ * draft, when GOST ciphersuite is negotiated. Required for interoperability
+ * with CryptoPro CSP 3.x
+ */
+# define SSL_OP_CRYPTOPRO_TLSEXT_BUG 0x80000000L
/*
* Allow SSL_write(..., n) to return r with 0 < r < n (i.e. report success
@@ -575,6 +663,19 @@
/* Don't attempt to automatically build certificate chain */
# define SSL_MODE_NO_AUTO_CHAIN 0x00000008L
/*
+ * Save RAM by releasing read and write buffers when they're empty. (SSL3 and
+ * TLS only.) "Released" buffers are put onto a free-list in the context or
+ * just freed (depending on the context's setting for freelist_max_len).
+ */
+# define SSL_MODE_RELEASE_BUFFERS 0x00000010L
+/*
+ * Send the current time in the Random fields of the ClientHello and
+ * ServerHello records for compatibility with hypothetical implementations
+ * that require it.
+ */
+# define SSL_MODE_SEND_CLIENTHELLO_TIME 0x00000020L
+# define SSL_MODE_SEND_SERVERHELLO_TIME 0x00000040L
+/*
* Send TLS_FALLBACK_SCSV in the ClientHello. To be set only by applications
* that reconnect with a downgraded protocol version; see
* draft-ietf-tls-downgrade-scsv-00 for details. DO NOT ENABLE THIS if your
@@ -616,10 +717,19 @@
SSL_ctrl((ssl),SSL_CTRL_MODE,0,NULL)
# define SSL_set_mtu(ssl, mtu) \
SSL_ctrl((ssl),SSL_CTRL_SET_MTU,(mtu),NULL)
+# define DTLS_set_link_mtu(ssl, mtu) \
+ SSL_ctrl((ssl),DTLS_CTRL_SET_LINK_MTU,(mtu),NULL)
+# define DTLS_get_link_min_mtu(ssl) \
+ SSL_ctrl((ssl),DTLS_CTRL_GET_LINK_MIN_MTU,0,NULL)
# define SSL_get_secure_renegotiation_support(ssl) \
SSL_ctrl((ssl), SSL_CTRL_GET_RI_SUPPORT, 0, NULL)
+# ifndef OPENSSL_NO_HEARTBEATS
+# define SSL_heartbeat(ssl) \
+ SSL_ctrl((ssl),SSL_CTRL_TLS_EXT_SEND_HEARTBEAT,0,NULL)
+# endif
+
void SSL_CTX_set_msg_callback(SSL_CTX *ctx,
void (*cb) (int write_p, int version,
int content_type, const void *buf,
@@ -631,6 +741,41 @@
# define SSL_CTX_set_msg_callback_arg(ctx, arg) SSL_CTX_ctrl((ctx), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg))
# define SSL_set_msg_callback_arg(ssl, arg) SSL_ctrl((ssl), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg))
+# ifndef OPENSSL_NO_SRP
+
+# ifndef OPENSSL_NO_SSL_INTERN
+
+typedef struct srp_ctx_st {
+ /* param for all the callbacks */
+ void *SRP_cb_arg;
+ /* set client Hello login callback */
+ int (*TLS_ext_srp_username_callback) (SSL *, int *, void *);
+ /* set SRP N/g param callback for verification */
+ int (*SRP_verify_param_callback) (SSL *, void *);
+ /* set SRP client passwd callback */
+ char *(*SRP_give_srp_client_pwd_callback) (SSL *, void *);
+ char *login;
+ BIGNUM *N, *g, *s, *B, *A;
+ BIGNUM *a, *b, *v;
+ char *info;
+ int strength;
+ unsigned long srp_Mask;
+} SRP_CTX;
+
+# endif
+
+/* see tls_srp.c */
+int SSL_SRP_CTX_init(SSL *s);
+int SSL_CTX_SRP_CTX_init(SSL_CTX *ctx);
+int SSL_SRP_CTX_free(SSL *ctx);
+int SSL_CTX_SRP_CTX_free(SSL_CTX *ctx);
+int SSL_srp_server_param_with_username(SSL *s, int *ad);
+int SRP_generate_server_master_secret(SSL *s, unsigned char *master_key);
+int SRP_Calc_A_param(SSL *s);
+int SRP_generate_client_master_secret(SSL *s, unsigned char *master_key);
+
+# endif
+
# if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN32)
# define SSL_MAX_CERT_LIST_DEFAULT 1024*30
/* 30k max cert list :-) */
@@ -659,25 +804,30 @@
typedef int (*GEN_SESSION_CB) (const SSL *ssl, unsigned char *id,
unsigned int *id_len);
-typedef struct ssl_comp_st {
+typedef struct ssl_comp_st SSL_COMP;
+
+# ifndef OPENSSL_NO_SSL_INTERN
+
+struct ssl_comp_st {
int id;
const char *name;
-# ifndef OPENSSL_NO_COMP
+# ifndef OPENSSL_NO_COMP
COMP_METHOD *method;
-# else
+# else
char *method;
-# endif
-} SSL_COMP;
+# endif
+};
DECLARE_STACK_OF(SSL_COMP)
+DECLARE_LHASH_OF(SSL_SESSION);
struct ssl_ctx_st {
- SSL_METHOD *method;
+ const SSL_METHOD *method;
STACK_OF(SSL_CIPHER) *cipher_list;
/* same as above but sorted for lookup */
STACK_OF(SSL_CIPHER) *cipher_list_by_id;
struct x509_store_st /* X509_STORE */ *cert_store;
- struct lhash_st /* LHASH */ *sessions; /* a set of SSL_SESSIONs */
+ LHASH_OF(SSL_SESSION) *sessions;
/*
* Most session-ids that will be cached, default is
* SSL_SESSION_CACHE_MAX_SIZE_DEFAULT. 0 is unlimited.
@@ -800,21 +950,27 @@
X509_VERIFY_PARAM *param;
-# if 0
+# if 0
int purpose; /* Purpose setting */
int trust; /* Trust setting */
-# endif
+# endif
int quiet_shutdown;
-# ifndef OPENSSL_ENGINE
/*
+ * Maximum amount of data to send in one fragment. actual record size can
+ * be more than this due to padding and MAC overheads.
+ */
+ unsigned int max_send_fragment;
+
+# ifndef OPENSSL_NO_ENGINE
+ /*
* Engine to pass requests for client certs to
*/
ENGINE *client_cert_engine;
-# endif
+# endif
-# ifndef OPENSSL_NO_TLSEXT
+# ifndef OPENSSL_NO_TLSEXT
/* TLS extensions servername callback */
int (*tlsext_servername_callback) (SSL *, int *, void *);
void *tlsext_servername_arg;
@@ -832,10 +988,65 @@
/* Callback for status request */
int (*tlsext_status_cb) (SSL *ssl, void *arg);
void *tlsext_status_arg;
-# endif
+ /* draft-rescorla-tls-opaque-prf-input-00.txt information */
+ int (*tlsext_opaque_prf_input_callback) (SSL *, void *peerinput,
+ size_t len, void *arg);
+ void *tlsext_opaque_prf_input_callback_arg;
+# endif
+
+# ifndef OPENSSL_NO_PSK
+ char *psk_identity_hint;
+ unsigned int (*psk_client_callback) (SSL *ssl, const char *hint,
+ char *identity,
+ unsigned int max_identity_len,
+ unsigned char *psk,
+ unsigned int max_psk_len);
+ unsigned int (*psk_server_callback) (SSL *ssl, const char *identity,
+ unsigned char *psk,
+ unsigned int max_psk_len);
+# endif
+
+# ifndef OPENSSL_NO_BUF_FREELISTS
+# define SSL_MAX_BUF_FREELIST_LEN_DEFAULT 32
+ unsigned int freelist_max_len;
+ struct ssl3_buf_freelist_st *wbuf_freelist;
+ struct ssl3_buf_freelist_st *rbuf_freelist;
+# endif
+# ifndef OPENSSL_NO_SRP
+ SRP_CTX srp_ctx; /* ctx for SRP authentication */
+# endif
+
+# ifndef OPENSSL_NO_TLSEXT
+
+# ifndef OPENSSL_NO_NEXTPROTONEG
+ /* Next protocol negotiation information */
+ /* (for experimental NPN extension). */
+
+ /*
+ * For a server, this contains a callback function by which the set of
+ * advertised protocols can be provided.
+ */
+ int (*next_protos_advertised_cb) (SSL *s, const unsigned char **buf,
+ unsigned int *len, void *arg);
+ void *next_protos_advertised_cb_arg;
+ /*
+ * For a client, this contains a callback function that selects the next
+ * protocol from the list provided by the server.
+ */
+ int (*next_proto_select_cb) (SSL *s, unsigned char **out,
+ unsigned char *outlen,
+ const unsigned char *in,
+ unsigned int inlen, void *arg);
+ void *next_proto_select_cb_arg;
+# endif
+ /* SRTP profiles we are willing to do from RFC 5764 */
+ STACK_OF(SRTP_PROTECTION_PROFILE) *srtp_profiles;
+# endif
};
+# endif
+
# define SSL_SESS_CACHE_OFF 0x0000
# define SSL_SESS_CACHE_CLIENT 0x0001
# define SSL_SESS_CACHE_SERVER 0x0002
@@ -847,7 +1058,7 @@
# define SSL_SESS_CACHE_NO_INTERNAL \
(SSL_SESS_CACHE_NO_INTERNAL_LOOKUP|SSL_SESS_CACHE_NO_INTERNAL_STORE)
-struct lhash_st *SSL_CTX_sessions(SSL_CTX *ctx);
+LHASH_OF(SSL_SESSION) *SSL_CTX_sessions(SSL_CTX *ctx);
# define SSL_CTX_sess_number(ctx) \
SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_NUMBER,0,NULL)
# define SSL_CTX_sess_connect(ctx) \
@@ -919,7 +1130,104 @@
*cookie,
unsigned int
cookie_len));
+# ifndef OPENSSL_NO_NEXTPROTONEG
+void SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *s,
+ int (*cb) (SSL *ssl,
+ const unsigned char
+ **out,
+ unsigned int *outlen,
+ void *arg), void *arg);
+void SSL_CTX_set_next_proto_select_cb(SSL_CTX *s,
+ int (*cb) (SSL *ssl,
+ unsigned char **out,
+ unsigned char *outlen,
+ const unsigned char *in,
+ unsigned int inlen,
+ void *arg), void *arg);
+int SSL_select_next_proto(unsigned char **out, unsigned char *outlen,
+ const unsigned char *in, unsigned int inlen,
+ const unsigned char *client,
+ unsigned int client_len);
+void SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data,
+ unsigned *len);
+
+# define OPENSSL_NPN_UNSUPPORTED 0
+# define OPENSSL_NPN_NEGOTIATED 1
+# define OPENSSL_NPN_NO_OVERLAP 2
+# endif
+
+# ifndef OPENSSL_NO_PSK
+/*
+ * the maximum length of the buffer given to callbacks containing the
+ * resulting identity/psk
+ */
+# define PSK_MAX_IDENTITY_LEN 128
+# define PSK_MAX_PSK_LEN 256
+void SSL_CTX_set_psk_client_callback(SSL_CTX *ctx,
+ unsigned int (*psk_client_callback) (SSL
+ *ssl,
+ const
+ char
+ *hint,
+ char
+ *identity,
+ unsigned
+ int
+ max_identity_len,
+ unsigned
+ char
+ *psk,
+ unsigned
+ int
+ max_psk_len));
+void SSL_set_psk_client_callback(SSL *ssl,
+ unsigned int (*psk_client_callback) (SSL
+ *ssl,
+ const
+ char
+ *hint,
+ char
+ *identity,
+ unsigned
+ int
+ max_identity_len,
+ unsigned
+ char
+ *psk,
+ unsigned
+ int
+ max_psk_len));
+void SSL_CTX_set_psk_server_callback(SSL_CTX *ctx,
+ unsigned int (*psk_server_callback) (SSL
+ *ssl,
+ const
+ char
+ *identity,
+ unsigned
+ char
+ *psk,
+ unsigned
+ int
+ max_psk_len));
+void SSL_set_psk_server_callback(SSL *ssl,
+ unsigned int (*psk_server_callback) (SSL
+ *ssl,
+ const
+ char
+ *identity,
+ unsigned
+ char
+ *psk,
+ unsigned
+ int
+ max_psk_len));
+int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *identity_hint);
+int SSL_use_psk_identity_hint(SSL *s, const char *identity_hint);
+const char *SSL_get_psk_identity_hint(const SSL *s);
+const char *SSL_get_psk_identity(const SSL *s);
+# endif
+
# define SSL_NOTHING 1
# define SSL_WRITING 2
# define SSL_READING 3
@@ -931,6 +1239,11 @@
# define SSL_want_write(s) (SSL_want(s) == SSL_WRITING)
# define SSL_want_x509_lookup(s) (SSL_want(s) == SSL_X509_LOOKUP)
+# define SSL_MAC_FLAG_READ_MAC_STREAM 1
+# define SSL_MAC_FLAG_WRITE_MAC_STREAM 2
+
+# ifndef OPENSSL_NO_SSL_INTERN
+
struct ssl_st {
/*
* protocol version (one of SSL2_VERSION, SSL3_VERSION, TLS1_VERSION,
@@ -940,12 +1253,12 @@
/* SSL_ST_CONNECT or SSL_ST_ACCEPT */
int type;
/* SSLv3 */
- SSL_METHOD *method;
+ const SSL_METHOD *method;
/*
* There are 2 BIO's even though they are normally both the same. This
* is so data can be read and written to different handlers
*/
-# ifndef OPENSSL_NO_BIO
+# ifndef OPENSSL_NO_BIO
/* used by SSL_read */
BIO *rbio;
/* used by SSL_write */
@@ -952,13 +1265,13 @@
BIO *wbio;
/* used during session-id reuse to concatenate messages */
BIO *bbio;
-# else
+# else
/* used by SSL_read */
char *rbio;
/* used by SSL_write */
char *wbio;
char *bbio;
-# endif
+# endif
/*
* This holds a variable that indicates what we were doing when a 0 or -1
* is returned. This is needed for non-blocking IO so we know what
@@ -978,9 +1291,7 @@
/* are we the server side? - mostly used by SSL_clear */
int server;
/*
- * 1 if we are to use a new session.
- * 2 if we are a server and are inside a handshake
- * (i.e. not just sending a HelloRequest)
+ * Generate a new session or reuse an old one.
* NB: For servers, the 'new' session may actually be a previously
* cached session or even the previous session unless
* SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION is set
@@ -1013,10 +1324,10 @@
void *msg_callback_arg;
int hit; /* reusing a previous session */
X509_VERIFY_PARAM *param;
-# if 0
+# if 0
int purpose; /* Purpose setting */
int trust; /* Trust setting */
-# endif
+# endif
/* crypto */
STACK_OF(SSL_CIPHER) *cipher_list;
STACK_OF(SSL_CIPHER) *cipher_list_by_id;
@@ -1024,20 +1335,21 @@
* These are the ones being used, the ones in SSL_SESSION are the ones to
* be 'copied' into these ones
*/
+ int mac_flags;
EVP_CIPHER_CTX *enc_read_ctx; /* cryptographic state */
- const EVP_MD *read_hash; /* used for mac generation */
-# ifndef OPENSSL_NO_COMP
+ EVP_MD_CTX *read_hash; /* used for mac generation */
+# ifndef OPENSSL_NO_COMP
COMP_CTX *expand; /* uncompress */
-# else
+# else
char *expand;
-# endif
+# endif
EVP_CIPHER_CTX *enc_write_ctx; /* cryptographic state */
- const EVP_MD *write_hash; /* used for mac generation */
-# ifndef OPENSSL_NO_COMP
+ EVP_MD_CTX *write_hash; /* used for mac generation */
+# ifndef OPENSSL_NO_COMP
COMP_CTX *compress; /* compression */
-# else
+# else
char *compress;
-# endif
+# endif
/* session info */
/* client cert? */
/* This is used to hold the server certificate used */
@@ -1066,10 +1378,20 @@
int error;
/* actual code */
int error_code;
-# ifndef OPENSSL_NO_KRB5
+# ifndef OPENSSL_NO_KRB5
/* Kerberos 5 context */
KSSL_CTX *kssl_ctx;
-# endif /* OPENSSL_NO_KRB5 */
+# endif /* OPENSSL_NO_KRB5 */
+# ifndef OPENSSL_NO_PSK
+ unsigned int (*psk_client_callback) (SSL *ssl, const char *hint,
+ char *identity,
+ unsigned int max_identity_len,
+ unsigned char *psk,
+ unsigned int max_psk_len);
+ unsigned int (*psk_server_callback) (SSL *ssl, const char *identity,
+ unsigned char *psk,
+ unsigned int max_psk_len);
+# endif
SSL_CTX *ctx;
/*
* set this flag to 1 and a sleep(1) is put into all SSL_read() and
@@ -1090,7 +1412,8 @@
int first_packet;
/* what was passed, used for SSLv3/TLS rollback check */
int client_version;
-# ifndef OPENSSL_NO_TLSEXT
+ unsigned int max_send_fragment;
+# ifndef OPENSSL_NO_TLSEXT
/* TLS extension debug callback */
void (*tlsext_debug_cb) (SSL *s, int client_server, int type,
unsigned char *data, int len, void *arg);
@@ -1116,13 +1439,73 @@
int tlsext_ocsp_resplen;
/* RFC4507 session ticket expected to be received or sent */
int tlsext_ticket_expected;
+# ifndef OPENSSL_NO_EC
+ size_t tlsext_ecpointformatlist_length;
+ /* our list */
+ unsigned char *tlsext_ecpointformatlist;
+ size_t tlsext_ellipticcurvelist_length;
+ /* our list */
+ unsigned char *tlsext_ellipticcurvelist;
+# endif /* OPENSSL_NO_EC */
+ /*
+ * draft-rescorla-tls-opaque-prf-input-00.txt information to be used for
+ * handshakes
+ */
+ void *tlsext_opaque_prf_input;
+ size_t tlsext_opaque_prf_input_len;
+ /* TLS Session Ticket extension override */
+ TLS_SESSION_TICKET_EXT *tlsext_session_ticket;
+ /* TLS Session Ticket extension callback */
+ tls_session_ticket_ext_cb_fn tls_session_ticket_ext_cb;
+ void *tls_session_ticket_ext_cb_arg;
+ /* TLS pre-shared secret session resumption */
+ tls_session_secret_cb_fn tls_session_secret_cb;
+ void *tls_session_secret_cb_arg;
SSL_CTX *initial_ctx; /* initial ctx, used to store sessions */
-# define session_ctx initial_ctx
-# else
-# define session_ctx ctx
-# endif
+# ifndef OPENSSL_NO_NEXTPROTONEG
+ /*
+ * Next protocol negotiation. For the client, this is the protocol that
+ * we sent in NextProtocol and is set when handling ServerHello
+ * extensions. For a server, this is the client's selected_protocol from
+ * NextProtocol and is set when handling the NextProtocol message, before
+ * the Finished message.
+ */
+ unsigned char *next_proto_negotiated;
+ unsigned char next_proto_negotiated_len;
+# endif
+# define session_ctx initial_ctx
+ /* What we'll do */
+ STACK_OF(SRTP_PROTECTION_PROFILE) *srtp_profiles;
+ /* What's been chosen */
+ SRTP_PROTECTION_PROFILE *srtp_profile;
+ /*-
+ * Is use of the Heartbeat extension negotiated?
+ * 0: disabled
+ * 1: enabled
+ * 2: enabled, but not allowed to send Requests
+ */
+ unsigned int tlsext_heartbeat;
+ /* Indicates if a HeartbeatRequest is in flight */
+ unsigned int tlsext_hb_pending;
+ /* HeartbeatRequest sequence number */
+ unsigned int tlsext_hb_seq;
+# else
+# define session_ctx ctx
+# endif /* OPENSSL_NO_TLSEXT */
+ /*-
+ * 1 if we are renegotiating.
+ * 2 if we are a server and are inside a handshake
+ * (i.e. not just sending a HelloRequest)
+ */
+ int renegotiate;
+# ifndef OPENSSL_NO_SRP
+ /* ctx for SRP authentication */
+ SRP_CTX srp_ctx;
+# endif
};
+# endif
+
#ifdef __cplusplus
}
#endif
@@ -1132,6 +1515,7 @@
# include <openssl/tls1.h> /* This is mostly sslv3 with a few tweaks */
# include <openssl/dtls1.h> /* Datagram TLS */
# include <openssl/ssl23.h>
+# include <openssl/srtp.h> /* Support for the use_srtp extension */
#ifdef __cplusplus
extern "C" {
@@ -1160,6 +1544,7 @@
# define SSL_ST_BEFORE 0x4000
# define SSL_ST_OK 0x03
# define SSL_ST_RENEGOTIATE (0x04|SSL_ST_INIT)
+# define SSL_ST_ERR 0x05
# define SSL_CB_LOOP 0x01
# define SSL_CB_EXIT 0x02
@@ -1234,20 +1619,12 @@
# define SSL_get_timeout(a) SSL_SESSION_get_timeout(a)
# define SSL_set_timeout(a,b) SSL_SESSION_set_timeout((a),(b))
-# if 1 /* SSLEAY_MACROS */
-# define d2i_SSL_SESSION_bio(bp,s_id) ASN1_d2i_bio_of(SSL_SESSION,SSL_SESSION_new,d2i_SSL_SESSION,bp,s_id)
-# define i2d_SSL_SESSION_bio(bp,s_id) ASN1_i2d_bio_of(SSL_SESSION,i2d_SSL_SESSION,bp,s_id)
-# define PEM_read_SSL_SESSION(fp,x,cb,u) (SSL_SESSION *)PEM_ASN1_read( \
- (char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,fp,(char **)x,cb,u)
-# define PEM_read_bio_SSL_SESSION(bp,x,cb,u) PEM_ASN1_read_bio_of(SSL_SESSION,d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,bp,x,cb,u)
-# define PEM_write_SSL_SESSION(fp,x) \
- PEM_ASN1_write((int (*)())i2d_SSL_SESSION, \
- PEM_STRING_SSL_SESSION,fp, (char *)x, NULL,NULL,0,NULL,NULL)
-# define PEM_write_bio_SSL_SESSION(bp,x) \
- PEM_ASN1_write_bio_of(SSL_SESSION,i2d_SSL_SESSION,PEM_STRING_SSL_SESSION,bp,x,NULL,NULL,0,NULL,NULL)
-# endif
+# define d2i_SSL_SESSION_bio(bp,s_id) ASN1_d2i_bio_of(SSL_SESSION,SSL_SESSION_new,d2i_SSL_SESSION,bp,s_id)
+# define i2d_SSL_SESSION_bio(bp,s_id) ASN1_i2d_bio_of(SSL_SESSION,i2d_SSL_SESSION,bp,s_id)
-# define SSL_AD_REASON_OFFSET 1000
+DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
+# define SSL_AD_REASON_OFFSET 1000/* offset to get SSL_R_... value
+ * from SSL_AD_... */
/* These alert types are for SSLv3 and TLSv1 */
# define SSL_AD_CLOSE_NOTIFY SSL3_AD_CLOSE_NOTIFY
/* fatal */
@@ -1295,7 +1672,6 @@
# define SSL_AD_UNKNOWN_PSK_IDENTITY TLS1_AD_UNKNOWN_PSK_IDENTITY
/* fatal */
# define SSL_AD_INAPPROPRIATE_FALLBACK TLS1_AD_INAPPROPRIATE_FALLBACK
-
# define SSL_ERROR_NONE 0
# define SSL_ERROR_SSL 1
# define SSL_ERROR_WANT_READ 2
@@ -1306,7 +1682,6 @@
# define SSL_ERROR_ZERO_RETURN 6
# define SSL_ERROR_WANT_CONNECT 7
# define SSL_ERROR_WANT_ACCEPT 8
-
# define SSL_CTRL_NEED_TMP_RSA 1
# define SSL_CTRL_SET_TMP_RSA 2
# define SSL_CTRL_SET_TMP_DH 3
@@ -1314,7 +1689,6 @@
# define SSL_CTRL_SET_TMP_RSA_CB 5
# define SSL_CTRL_SET_TMP_DH_CB 6
# define SSL_CTRL_SET_TMP_ECDH_CB 7
-
# define SSL_CTRL_GET_SESSION_REUSED 8
# define SSL_CTRL_GET_CLIENT_CERT_REQUEST 9
# define SSL_CTRL_GET_NUM_RENEGOTIATIONS 10
@@ -1322,10 +1696,8 @@
# define SSL_CTRL_GET_TOTAL_RENEGOTIATIONS 12
# define SSL_CTRL_GET_FLAGS 13
# define SSL_CTRL_EXTRA_CHAIN_CERT 14
-
# define SSL_CTRL_SET_MSG_CALLBACK 15
# define SSL_CTRL_SET_MSG_CALLBACK_ARG 16
-
/* only applies to datagram connections */
# define SSL_CTRL_SET_MTU 17
/* Stats */
@@ -1343,7 +1715,6 @@
# define SSL_CTRL_SESS_CACHE_FULL 31
# define SSL_CTRL_OPTIONS 32
# define SSL_CTRL_MODE 33
-
# define SSL_CTRL_GET_READ_AHEAD 40
# define SSL_CTRL_SET_READ_AHEAD 41
# define SSL_CTRL_SET_SESS_CACHE_SIZE 42
@@ -1350,10 +1721,9 @@
# define SSL_CTRL_GET_SESS_CACHE_SIZE 43
# define SSL_CTRL_SET_SESS_CACHE_MODE 44
# define SSL_CTRL_GET_SESS_CACHE_MODE 45
-
# define SSL_CTRL_GET_MAX_CERT_LIST 50
# define SSL_CTRL_SET_MAX_CERT_LIST 51
-
+# define SSL_CTRL_SET_MAX_SEND_FRAGMENT 52
/* see tls1.h for macros based on these */
# ifndef OPENSSL_NO_TLSEXT
# define SSL_CTRL_SET_TLSEXT_SERVERNAME_CB 53
@@ -1363,7 +1733,9 @@
# define SSL_CTRL_SET_TLSEXT_DEBUG_ARG 57
# define SSL_CTRL_GET_TLSEXT_TICKET_KEYS 58
# define SSL_CTRL_SET_TLSEXT_TICKET_KEYS 59
-
+# define SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT 60
+# define SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB 61
+# define SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG 62
# define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB 63
# define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG 64
# define SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE 65
@@ -1373,20 +1745,31 @@
# define SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS 69
# define SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP 70
# define SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP 71
-
# define SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB 72
+# define SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB 75
+# define SSL_CTRL_SET_SRP_VERIFY_PARAM_CB 76
+# define SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB 77
+# define SSL_CTRL_SET_SRP_ARG 78
+# define SSL_CTRL_SET_TLS_EXT_SRP_USERNAME 79
+# define SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH 80
+# define SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD 81
+# ifndef OPENSSL_NO_HEARTBEATS
+# define SSL_CTRL_TLS_EXT_SEND_HEARTBEAT 85
+# define SSL_CTRL_GET_TLS_EXT_HEARTBEAT_PENDING 86
+# define SSL_CTRL_SET_TLS_EXT_HEARTBEAT_NO_REQUESTS 87
+# endif
# endif
-
# define DTLS_CTRL_GET_TIMEOUT 73
# define DTLS_CTRL_HANDLE_TIMEOUT 74
# define DTLS_CTRL_LISTEN 75
-
# define SSL_CTRL_GET_RI_SUPPORT 76
# define SSL_CTRL_CLEAR_OPTIONS 77
# define SSL_CTRL_CLEAR_MODE 78
-
+# define SSL_CTRL_GET_EXTRA_CHAIN_CERTS 82
+# define SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS 83
# define SSL_CTRL_CHECK_PROTO_VERSION 119
-
+# define DTLS_CTRL_SET_LINK_MTU 120
+# define DTLS_CTRL_GET_LINK_MIN_MTU 121
# define DTLSv1_get_timeout(ssl, arg) \
SSL_ctrl(ssl,DTLS_CTRL_GET_TIMEOUT,0, (void *)arg)
# define DTLSv1_handle_timeout(ssl) \
@@ -1393,7 +1776,6 @@
SSL_ctrl(ssl,DTLS_CTRL_HANDLE_TIMEOUT,0, NULL)
# define DTLSv1_listen(ssl, peer) \
SSL_ctrl(ssl,DTLS_CTRL_LISTEN,0, (void *)peer)
-
# define SSL_session_reused(ssl) \
SSL_ctrl((ssl),SSL_CTRL_GET_SESSION_REUSED,0,NULL)
# define SSL_num_renegotiations(ssl) \
@@ -1402,7 +1784,6 @@
SSL_ctrl((ssl),SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS,0,NULL)
# define SSL_total_renegotiations(ssl) \
SSL_ctrl((ssl),SSL_CTRL_GET_TOTAL_RENEGOTIATIONS,0,NULL)
-
# define SSL_CTX_need_tmp_RSA(ctx) \
SSL_CTX_ctrl(ctx,SSL_CTRL_NEED_TMP_RSA,0,NULL)
# define SSL_CTX_set_tmp_rsa(ctx,rsa) \
@@ -1411,7 +1792,6 @@
SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_DH,0,(char *)dh)
# define SSL_CTX_set_tmp_ecdh(ctx,ecdh) \
SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_ECDH,0,(char *)ecdh)
-
# define SSL_need_tmp_RSA(ssl) \
SSL_ctrl(ssl,SSL_CTRL_NEED_TMP_RSA,0,NULL)
# define SSL_set_tmp_rsa(ssl,rsa) \
@@ -1420,10 +1800,12 @@
SSL_ctrl(ssl,SSL_CTRL_SET_TMP_DH,0,(char *)dh)
# define SSL_set_tmp_ecdh(ssl,ecdh) \
SSL_ctrl(ssl,SSL_CTRL_SET_TMP_ECDH,0,(char *)ecdh)
-
# define SSL_CTX_add_extra_chain_cert(ctx,x509) \
SSL_CTX_ctrl(ctx,SSL_CTRL_EXTRA_CHAIN_CERT,0,(char *)x509)
-
+# define SSL_CTX_get_extra_chain_certs(ctx,px509) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_GET_EXTRA_CHAIN_CERTS,0,px509)
+# define SSL_CTX_clear_extra_chain_certs(ctx) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS,0,NULL)
# ifndef OPENSSL_NO_BIO
BIO_METHOD *BIO_f_ssl(void);
BIO *BIO_new_ssl(SSL_CTX *ctx, int client);
@@ -1435,7 +1817,7 @@
# endif
int SSL_CTX_set_cipher_list(SSL_CTX *, const char *str);
-SSL_CTX *SSL_CTX_new(SSL_METHOD *meth);
+SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth);
void SSL_CTX_free(SSL_CTX *);
long SSL_CTX_set_timeout(SSL_CTX *ctx, long t);
long SSL_CTX_get_timeout(const SSL_CTX *ctx);
@@ -1446,10 +1828,11 @@
void SSL_CTX_flush_sessions(SSL_CTX *ctx, long tm);
-SSL_CIPHER *SSL_get_current_cipher(const SSL *s);
+const SSL_CIPHER *SSL_get_current_cipher(const SSL *s);
int SSL_CIPHER_get_bits(const SSL_CIPHER *c, int *alg_bits);
char *SSL_CIPHER_get_version(const SSL_CIPHER *c);
const char *SSL_CIPHER_get_name(const SSL_CIPHER *c);
+unsigned long SSL_CIPHER_get_id(const SSL_CIPHER *c);
int SSL_get_fd(const SSL *s);
int SSL_get_rfd(const SSL *s);
@@ -1518,12 +1901,14 @@
long SSL_SESSION_get_timeout(const SSL_SESSION *s);
long SSL_SESSION_set_timeout(SSL_SESSION *s, long t);
void SSL_copy_session_id(SSL *to, const SSL *from);
+X509 *SSL_SESSION_get0_peer(SSL_SESSION *s);
+int SSL_SESSION_set1_id_context(SSL_SESSION *s, const unsigned char *sid_ctx,
+ unsigned int sid_ctx_len);
SSL_SESSION *SSL_SESSION_new(void);
-unsigned long SSL_SESSION_hash(const SSL_SESSION *a);
-int SSL_SESSION_cmp(const SSL_SESSION *a, const SSL_SESSION *b);
const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s,
unsigned int *len);
+unsigned int SSL_SESSION_get_compress_id(const SSL_SESSION *s);
# ifndef OPENSSL_NO_FP_API
int SSL_SESSION_print_fp(FILE *fp, const SSL_SESSION *ses);
# endif
@@ -1588,6 +1973,33 @@
int SSL_CTX_set_trust(SSL_CTX *s, int trust);
int SSL_set_trust(SSL *s, int trust);
+int SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm);
+int SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm);
+
+# ifndef OPENSSL_NO_SRP
+int SSL_CTX_set_srp_username(SSL_CTX *ctx, char *name);
+int SSL_CTX_set_srp_password(SSL_CTX *ctx, char *password);
+int SSL_CTX_set_srp_strength(SSL_CTX *ctx, int strength);
+int SSL_CTX_set_srp_client_pwd_callback(SSL_CTX *ctx,
+ char *(*cb) (SSL *, void *));
+int SSL_CTX_set_srp_verify_param_callback(SSL_CTX *ctx,
+ int (*cb) (SSL *, void *));
+int SSL_CTX_set_srp_username_callback(SSL_CTX *ctx,
+ int (*cb) (SSL *, int *, void *));
+int SSL_CTX_set_srp_cb_arg(SSL_CTX *ctx, void *arg);
+
+int SSL_set_srp_server_param(SSL *s, const BIGNUM *N, const BIGNUM *g,
+ BIGNUM *sa, BIGNUM *v, char *info);
+int SSL_set_srp_server_param_pw(SSL *s, const char *user, const char *pass,
+ const char *grp);
+
+BIGNUM *SSL_get_srp_g(SSL *s);
+BIGNUM *SSL_get_srp_N(SSL *s);
+
+char *SSL_get_srp_username(SSL *s);
+char *SSL_get_srp_userinfo(SSL *s);
+# endif
+
void SSL_free(SSL *ssl);
int SSL_accept(SSL *ssl);
int SSL_connect(SSL *ssl);
@@ -1603,37 +2015,53 @@
const char *SSL_get_version(const SSL *s);
/* This sets the 'default' SSL version that SSL_new() will create */
-int SSL_CTX_set_ssl_version(SSL_CTX *ctx, SSL_METHOD *meth);
+int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth);
-SSL_METHOD *SSLv2_method(void); /* SSLv2 */
-SSL_METHOD *SSLv2_server_method(void); /* SSLv2 */
-SSL_METHOD *SSLv2_client_method(void); /* SSLv2 */
+# ifndef OPENSSL_NO_SSL2
+const SSL_METHOD *SSLv2_method(void); /* SSLv2 */
+const SSL_METHOD *SSLv2_server_method(void); /* SSLv2 */
+const SSL_METHOD *SSLv2_client_method(void); /* SSLv2 */
+# endif
-SSL_METHOD *SSLv3_method(void); /* SSLv3 */
-SSL_METHOD *SSLv3_server_method(void); /* SSLv3 */
-SSL_METHOD *SSLv3_client_method(void); /* SSLv3 */
+# ifndef OPENSSL_NO_SSL3_METHOD
+const SSL_METHOD *SSLv3_method(void); /* SSLv3 */
+const SSL_METHOD *SSLv3_server_method(void); /* SSLv3 */
+const SSL_METHOD *SSLv3_client_method(void); /* SSLv3 */
+# endif
-SSL_METHOD *SSLv23_method(void); /* SSLv3 but can rollback to v2 */
-SSL_METHOD *SSLv23_server_method(void); /* SSLv3 but can rollback to v2 */
-SSL_METHOD *SSLv23_client_method(void); /* SSLv3 but can rollback to v2 */
+const SSL_METHOD *SSLv23_method(void); /* Negotiate highest available SSL/TLS
+ * version */
+const SSL_METHOD *SSLv23_server_method(void); /* Negotiate highest available
+ * SSL/TLS version */
+const SSL_METHOD *SSLv23_client_method(void); /* Negotiate highest available
+ * SSL/TLS version */
-SSL_METHOD *TLSv1_method(void); /* TLSv1.0 */
-SSL_METHOD *TLSv1_server_method(void); /* TLSv1.0 */
-SSL_METHOD *TLSv1_client_method(void); /* TLSv1.0 */
+const SSL_METHOD *TLSv1_method(void); /* TLSv1.0 */
+const SSL_METHOD *TLSv1_server_method(void); /* TLSv1.0 */
+const SSL_METHOD *TLSv1_client_method(void); /* TLSv1.0 */
-SSL_METHOD *DTLSv1_method(void); /* DTLSv1.0 */
-SSL_METHOD *DTLSv1_server_method(void); /* DTLSv1.0 */
-SSL_METHOD *DTLSv1_client_method(void); /* DTLSv1.0 */
+const SSL_METHOD *TLSv1_1_method(void); /* TLSv1.1 */
+const SSL_METHOD *TLSv1_1_server_method(void); /* TLSv1.1 */
+const SSL_METHOD *TLSv1_1_client_method(void); /* TLSv1.1 */
+const SSL_METHOD *TLSv1_2_method(void); /* TLSv1.2 */
+const SSL_METHOD *TLSv1_2_server_method(void); /* TLSv1.2 */
+const SSL_METHOD *TLSv1_2_client_method(void); /* TLSv1.2 */
+
+const SSL_METHOD *DTLSv1_method(void); /* DTLSv1.0 */
+const SSL_METHOD *DTLSv1_server_method(void); /* DTLSv1.0 */
+const SSL_METHOD *DTLSv1_client_method(void); /* DTLSv1.0 */
+
STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s);
int SSL_do_handshake(SSL *s);
int SSL_renegotiate(SSL *s);
+int SSL_renegotiate_abbreviated(SSL *s);
int SSL_renegotiate_pending(SSL *s);
int SSL_shutdown(SSL *s);
-SSL_METHOD *SSL_get_ssl_method(SSL *s);
-int SSL_set_ssl_method(SSL *s, SSL_METHOD *method);
+const SSL_METHOD *SSL_get_ssl_method(SSL *s);
+int SSL_set_ssl_method(SSL *s, const SSL_METHOD *method);
const char *SSL_alert_type_string_long(int value);
const char *SSL_alert_type_string(int value);
const char *SSL_alert_desc_string_long(int value);
@@ -1683,6 +2111,7 @@
void (*SSL_get_info_callback(const SSL *ssl)) (const SSL *ssl, int type,
int val);
int SSL_state(const SSL *ssl);
+void SSL_set_state(SSL *ssl, int state);
void SSL_set_verify_result(SSL *ssl, long v);
long SSL_get_verify_result(const SSL *ssl);
@@ -1731,6 +2160,11 @@
# define SSL_set_max_cert_list(ssl,m) \
SSL_ctrl(ssl,SSL_CTRL_SET_MAX_CERT_LIST,m,NULL)
+# define SSL_CTX_set_max_send_fragment(ctx,m) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_MAX_SEND_FRAGMENT,m,NULL)
+# define SSL_set_max_send_fragment(ssl,m) \
+ SSL_ctrl(ssl,SSL_CTRL_SET_MAX_SEND_FRAGMENT,m,NULL)
+
/* NB: the keylength is only applicable when is_export is true */
# ifndef OPENSSL_NO_RSA
void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx,
@@ -1772,6 +2206,24 @@
int SSL_COMP_add_compression_method(int id, void *cm);
# endif
+/* TLS extensions functions */
+int SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len);
+
+int SSL_set_session_ticket_ext_cb(SSL *s, tls_session_ticket_ext_cb_fn cb,
+ void *arg);
+
+/* Pre-shared secret session resumption functions */
+int SSL_set_session_secret_cb(SSL *s,
+ tls_session_secret_cb_fn tls_session_secret_cb,
+ void *arg);
+
+void SSL_set_debug(SSL *s, int debug);
+int SSL_cache_hit(SSL *s);
+
+# ifndef OPENSSL_NO_UNIT_TEST
+const struct openssl_ssl_test_functions *SSL_test_functions(void);
+# endif
+
/* BEGIN ERROR CODES */
/*
* The following lines are auto generated by the script mkerr.pl. Any changes
@@ -1790,9 +2242,9 @@
# define SSL_F_DO_DTLS1_WRITE 245
# define SSL_F_DO_SSL3_WRITE 104
# define SSL_F_DTLS1_ACCEPT 246
-# define SSL_F_DTLS1_ADD_CERT_TO_BUF 280
+# define SSL_F_DTLS1_ADD_CERT_TO_BUF 295
# define SSL_F_DTLS1_BUFFER_RECORD 247
-# define SSL_F_DTLS1_CHECK_TIMEOUT_NUM 293
+# define SSL_F_DTLS1_CHECK_TIMEOUT_NUM 316
# define SSL_F_DTLS1_CLIENT_HELLO 248
# define SSL_F_DTLS1_CONNECT 249
# define SSL_F_DTLS1_ENC 250
@@ -1800,9 +2252,10 @@
# define SSL_F_DTLS1_GET_MESSAGE 252
# define SSL_F_DTLS1_GET_MESSAGE_FRAGMENT 253
# define SSL_F_DTLS1_GET_RECORD 254
-# define SSL_F_DTLS1_HANDLE_TIMEOUT 282
+# define SSL_F_DTLS1_HANDLE_TIMEOUT 297
+# define SSL_F_DTLS1_HEARTBEAT 305
# define SSL_F_DTLS1_OUTPUT_CERT_CHAIN 255
-# define SSL_F_DTLS1_PREPROCESS_FRAGMENT 277
+# define SSL_F_DTLS1_PREPROCESS_FRAGMENT 288
# define SSL_F_DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE 256
# define SSL_F_DTLS1_PROCESS_RECORD 257
# define SSL_F_DTLS1_READ_BYTES 258
@@ -1846,20 +2299,22 @@
# define SSL_F_SSL2_SET_CERTIFICATE 126
# define SSL_F_SSL2_WRITE 127
# define SSL_F_SSL3_ACCEPT 128
-# define SSL_F_SSL3_ADD_CERT_TO_BUF 281
+# define SSL_F_SSL3_ADD_CERT_TO_BUF 296
# define SSL_F_SSL3_CALLBACK_CTRL 233
# define SSL_F_SSL3_CHANGE_CIPHER_STATE 129
# define SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM 130
-# define SSL_F_SSL3_CHECK_CLIENT_HELLO 292
+# define SSL_F_SSL3_CHECK_CLIENT_HELLO 304
+# define SSL_F_SSL3_CHECK_FINISHED 339
# define SSL_F_SSL3_CLIENT_HELLO 131
# define SSL_F_SSL3_CONNECT 132
# define SSL_F_SSL3_CTRL 213
# define SSL_F_SSL3_CTX_CTRL 133
-# define SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC 279
+# define SSL_F_SSL3_DIGEST_CACHED_RECORDS 293
+# define SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC 292
# define SSL_F_SSL3_ENC 134
# define SSL_F_SSL3_GENERATE_KEY_BLOCK 238
# define SSL_F_SSL3_GET_CERTIFICATE_REQUEST 135
-# define SSL_F_SSL3_GET_CERT_STATUS 288
+# define SSL_F_SSL3_GET_CERT_STATUS 289
# define SSL_F_SSL3_GET_CERT_VERIFY 136
# define SSL_F_SSL3_GET_CLIENT_CERTIFICATE 137
# define SSL_F_SSL3_GET_CLIENT_HELLO 138
@@ -1868,11 +2323,13 @@
# define SSL_F_SSL3_GET_KEY_EXCHANGE 141
# define SSL_F_SSL3_GET_MESSAGE 142
# define SSL_F_SSL3_GET_NEW_SESSION_TICKET 283
+# define SSL_F_SSL3_GET_NEXT_PROTO 306
# define SSL_F_SSL3_GET_RECORD 143
# define SSL_F_SSL3_GET_SERVER_CERTIFICATE 144
# define SSL_F_SSL3_GET_SERVER_DONE 145
# define SSL_F_SSL3_GET_SERVER_HELLO 146
-# define SSL_F_SSL3_NEW_SESSION_TICKET 284
+# define SSL_F_SSL3_HANDSHAKE_MAC 285
+# define SSL_F_SSL3_NEW_SESSION_TICKET 287
# define SSL_F_SSL3_OUTPUT_CERT_CHAIN 147
# define SSL_F_SSL3_PEEK 235
# define SSL_F_SSL3_READ_BYTES 148
@@ -1884,16 +2341,19 @@
# define SSL_F_SSL3_SEND_SERVER_CERTIFICATE 154
# define SSL_F_SSL3_SEND_SERVER_HELLO 242
# define SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE 155
-# define SSL_F_SSL3_SETUP_BUFFERS 156
# define SSL_F_SSL3_SETUP_KEY_BLOCK 157
+# define SSL_F_SSL3_SETUP_READ_BUFFER 156
+# define SSL_F_SSL3_SETUP_WRITE_BUFFER 291
# define SSL_F_SSL3_WRITE_BYTES 158
# define SSL_F_SSL3_WRITE_PENDING 159
-# define SSL_F_SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT 285
-# define SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT 272
+# define SSL_F_SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT 298
+# define SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT 277
+# define SSL_F_SSL_ADD_CLIENTHELLO_USE_SRTP_EXT 307
# define SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK 215
# define SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK 216
-# define SSL_F_SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT 286
-# define SSL_F_SSL_ADD_SERVERHELLO_TLSEXT 273
+# define SSL_F_SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT 299
+# define SSL_F_SSL_ADD_SERVERHELLO_TLSEXT 278
+# define SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT 308
# define SSL_F_SSL_BAD_METHOD 160
# define SSL_F_SSL_BYTES_TO_CIPHER_LIST 161
# define SSL_F_SSL_CERT_DUP 221
@@ -1901,7 +2361,8 @@
# define SSL_F_SSL_CERT_INSTANTIATE 214
# define SSL_F_SSL_CERT_NEW 162
# define SSL_F_SSL_CHECK_PRIVATE_KEY 163
-# define SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT 274
+# define SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT 280
+# define SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG 279
# define SSL_F_SSL_CIPHER_PROCESS_RULESTR 230
# define SSL_F_SSL_CIPHER_STRENGTH_SORT 231
# define SSL_F_SSL_CLEAR 164
@@ -1909,9 +2370,10 @@
# define SSL_F_SSL_CREATE_CIPHER_LIST 166
# define SSL_F_SSL_CTRL 232
# define SSL_F_SSL_CTX_CHECK_PRIVATE_KEY 168
+# define SSL_F_SSL_CTX_MAKE_PROFILES 309
# define SSL_F_SSL_CTX_NEW 169
# define SSL_F_SSL_CTX_SET_CIPHER_LIST 269
-# define SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE 278
+# define SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE 290
# define SSL_F_SSL_CTX_SET_PURPOSE 226
# define SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT 219
# define SSL_F_SSL_CTX_SET_SSL_VERSION 170
@@ -1923,6 +2385,7 @@
# define SSL_F_SSL_CTX_USE_PRIVATEKEY 174
# define SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1 175
# define SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE 176
+# define SSL_F_SSL_CTX_USE_PSK_IDENTITY_HINT 272
# define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY 177
# define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1 178
# define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE 179
@@ -1935,13 +2398,15 @@
# define SSL_F_SSL_INIT_WBIO_BUFFER 184
# define SSL_F_SSL_LOAD_CLIENT_CA_FILE 185
# define SSL_F_SSL_NEW 186
-# define SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT 287
-# define SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT 290
-# define SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT 289
-# define SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT 291
+# define SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT 300
+# define SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT 302
+# define SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT 310
+# define SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT 301
+# define SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT 303
+# define SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT 311
# define SSL_F_SSL_PEEK 270
-# define SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT 275
-# define SSL_F_SSL_PREPARE_SERVERHELLO_TLSEXT 276
+# define SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT 281
+# define SSL_F_SSL_PREPARE_SERVERHELLO_TLSEXT 282
# define SSL_F_SSL_READ 223
# define SSL_F_SSL_RSA_PRIVATE_DECRYPT 187
# define SSL_F_SSL_RSA_PUBLIC_ENCRYPT 188
@@ -1948,6 +2413,7 @@
# define SSL_F_SSL_SESSION_DUP 348
# define SSL_F_SSL_SESSION_NEW 189
# define SSL_F_SSL_SESSION_PRINT_FP 190
+# define SSL_F_SSL_SESSION_SET1_ID_CONTEXT 312
# define SSL_F_SSL_SESS_CERT_NEW 225
# define SSL_F_SSL_SET_CERT 191
# define SSL_F_SSL_SET_CIPHER_LIST 271
@@ -1957,9 +2423,11 @@
# define SSL_F_SSL_SET_RFD 194
# define SSL_F_SSL_SET_SESSION 195
# define SSL_F_SSL_SET_SESSION_ID_CONTEXT 218
+# define SSL_F_SSL_SET_SESSION_TICKET_EXT 294
# define SSL_F_SSL_SET_TRUST 228
# define SSL_F_SSL_SET_WFD 196
# define SSL_F_SSL_SHUTDOWN 224
+# define SSL_F_SSL_SRP_CTX_INIT 313
# define SSL_F_SSL_UNDEFINED_CONST_FUNCTION 243
# define SSL_F_SSL_UNDEFINED_FUNCTION 197
# define SSL_F_SSL_UNDEFINED_VOID_FUNCTION 244
@@ -1969,13 +2437,21 @@
# define SSL_F_SSL_USE_PRIVATEKEY 201
# define SSL_F_SSL_USE_PRIVATEKEY_ASN1 202
# define SSL_F_SSL_USE_PRIVATEKEY_FILE 203
+# define SSL_F_SSL_USE_PSK_IDENTITY_HINT 273
# define SSL_F_SSL_USE_RSAPRIVATEKEY 204
# define SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1 205
# define SSL_F_SSL_USE_RSAPRIVATEKEY_FILE 206
# define SSL_F_SSL_VERIFY_CERT_CHAIN 207
# define SSL_F_SSL_WRITE 208
+# define SSL_F_TLS1_CERT_VERIFY_MAC 286
# define SSL_F_TLS1_CHANGE_CIPHER_STATE 209
+# define SSL_F_TLS1_CHECK_SERVERHELLO_TLSEXT 274
# define SSL_F_TLS1_ENC 210
+# define SSL_F_TLS1_EXPORT_KEYING_MATERIAL 314
+# define SSL_F_TLS1_HEARTBEAT 315
+# define SSL_F_TLS1_PREPARE_CLIENTHELLO_TLSEXT 275
+# define SSL_F_TLS1_PREPARE_SERVERHELLO_TLSEXT 276
+# define SSL_F_TLS1_PRF 284
# define SSL_F_TLS1_SETUP_KEY_BLOCK 211
# define SSL_F_WRITE_PENDING 212
@@ -1996,12 +2472,15 @@
# define SSL_R_BAD_ECC_CERT 304
# define SSL_R_BAD_ECDSA_SIGNATURE 305
# define SSL_R_BAD_ECPOINT 306
+# define SSL_R_BAD_HANDSHAKE_LENGTH 332
# define SSL_R_BAD_HELLO_REQUEST 105
# define SSL_R_BAD_LENGTH 271
# define SSL_R_BAD_MAC_DECODE 113
+# define SSL_R_BAD_MAC_LENGTH 333
# define SSL_R_BAD_MESSAGE_TYPE 114
# define SSL_R_BAD_PACKET_LENGTH 115
# define SSL_R_BAD_PROTOCOL_VERSION_NUMBER 116
+# define SSL_R_BAD_PSK_IDENTITY_HINT_LENGTH 316
# define SSL_R_BAD_RESPONSE_ARGUMENT 117
# define SSL_R_BAD_RSA_DECRYPT 118
# define SSL_R_BAD_RSA_ENCRYPT 119
@@ -2009,6 +2488,14 @@
# define SSL_R_BAD_RSA_MODULUS_LENGTH 121
# define SSL_R_BAD_RSA_SIGNATURE 122
# define SSL_R_BAD_SIGNATURE 123
+# define SSL_R_BAD_SRP_A_LENGTH 347
+# define SSL_R_BAD_SRP_B_LENGTH 348
+# define SSL_R_BAD_SRP_G_LENGTH 349
+# define SSL_R_BAD_SRP_N_LENGTH 350
+# define SSL_R_BAD_SRP_PARAMETERS 371
+# define SSL_R_BAD_SRP_S_LENGTH 351
+# define SSL_R_BAD_SRTP_MKI_VALUE 352
+# define SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST 353
# define SSL_R_BAD_SSL_FILETYPE 124
# define SSL_R_BAD_SSL_SESSION_ID_LENGTH 125
# define SSL_R_BAD_STATE 126
@@ -2025,8 +2512,9 @@
# define SSL_R_CIPHER_CODE_WRONG_LENGTH 137
# define SSL_R_CIPHER_OR_HASH_UNAVAILABLE 138
# define SSL_R_CIPHER_TABLE_SRC_ERROR 139
-# define SSL_R_CLIENTHELLO_TLSEXT 157
+# define SSL_R_CLIENTHELLO_TLSEXT 226
# define SSL_R_COMPRESSED_LENGTH_TOO_LONG 140
+# define SSL_R_COMPRESSION_DISABLED 343
# define SSL_R_COMPRESSION_FAILURE 141
# define SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE 307
# define SSL_R_COMPRESSION_LIBRARY_ERROR 142
@@ -2037,11 +2525,17 @@
# define SSL_R_DATA_LENGTH_TOO_LONG 146
# define SSL_R_DECRYPTION_FAILED 147
# define SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC 281
+# define SSL_R_DH_KEY_TOO_SMALL 372
# define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG 148
# define SSL_R_DIGEST_CHECK_FAILED 149
-# define SSL_R_DTLS_MESSAGE_TOO_BIG 318
+# define SSL_R_DTLS_MESSAGE_TOO_BIG 334
# define SSL_R_DUPLICATE_COMPRESSION_ID 309
+# define SSL_R_ECC_CERT_NOT_FOR_KEY_AGREEMENT 317
+# define SSL_R_ECC_CERT_NOT_FOR_SIGNING 318
+# define SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE 322
+# define SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE 323
# define SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER 310
+# define SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST 354
# define SSL_R_ENCRYPTED_LENGTH_TOO_LONG 150
# define SSL_R_ERROR_GENERATING_TMP_RSA_KEY 282
# define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST 151
@@ -2048,15 +2542,20 @@
# define SSL_R_EXCESSIVE_MESSAGE_SIZE 152
# define SSL_R_EXTRA_DATA_IN_MESSAGE 153
# define SSL_R_GOT_A_FIN_BEFORE_A_CCS 154
+# define SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS 355
+# define SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION 356
# define SSL_R_HTTPS_PROXY_REQUEST 155
# define SSL_R_HTTP_REQUEST 156
# define SSL_R_ILLEGAL_PADDING 283
# define SSL_R_INAPPROPRIATE_FALLBACK 373
+# define SSL_R_INCONSISTENT_COMPRESSION 340
# define SSL_R_INVALID_CHALLENGE_LENGTH 158
# define SSL_R_INVALID_COMMAND 280
+# define SSL_R_INVALID_COMPRESSION_ALGORITHM 341
# define SSL_R_INVALID_PURPOSE 278
-# define SSL_R_INVALID_STATUS_RESPONSE 316
-# define SSL_R_INVALID_TICKET_KEYS_LENGTH 275
+# define SSL_R_INVALID_SRP_USERNAME 357
+# define SSL_R_INVALID_STATUS_RESPONSE 328
+# define SSL_R_INVALID_TICKET_KEYS_LENGTH 325
# define SSL_R_INVALID_TRUST 279
# define SSL_R_KEY_ARG_TOO_LONG 284
# define SSL_R_KRB5 285
@@ -2084,12 +2583,13 @@
# define SSL_R_MISSING_RSA_CERTIFICATE 168
# define SSL_R_MISSING_RSA_ENCRYPTING_CERT 169
# define SSL_R_MISSING_RSA_SIGNING_CERT 170
+# define SSL_R_MISSING_SRP_PARAM 358
# define SSL_R_MISSING_TMP_DH_KEY 171
# define SSL_R_MISSING_TMP_ECDH_KEY 311
# define SSL_R_MISSING_TMP_RSA_KEY 172
# define SSL_R_MISSING_TMP_RSA_PKEY 173
# define SSL_R_MISSING_VERIFY_MESSAGE 174
-# define SSL_R_MULTIPLE_SGC_RESTARTS 325
+# define SSL_R_MULTIPLE_SGC_RESTARTS 346
# define SSL_R_NON_SSLV2_INITIAL_PACKET 175
# define SSL_R_NO_CERTIFICATES_RETURNED 176
# define SSL_R_NO_CERTIFICATE_ASSIGNED 177
@@ -2101,23 +2601,28 @@
# define SSL_R_NO_CIPHERS_SPECIFIED 183
# define SSL_R_NO_CIPHER_LIST 184
# define SSL_R_NO_CIPHER_MATCH 185
-# define SSL_R_NO_CLIENT_CERT_METHOD 317
+# define SSL_R_NO_CLIENT_CERT_METHOD 331
# define SSL_R_NO_CLIENT_CERT_RECEIVED 186
# define SSL_R_NO_COMPRESSION_SPECIFIED 187
+# define SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER 330
# define SSL_R_NO_METHOD_SPECIFIED 188
# define SSL_R_NO_PRIVATEKEY 189
# define SSL_R_NO_PRIVATE_KEY_ASSIGNED 190
# define SSL_R_NO_PROTOCOLS_AVAILABLE 191
# define SSL_R_NO_PUBLICKEY 192
-# define SSL_R_NO_RENEGOTIATION 319
+# define SSL_R_NO_RENEGOTIATION 339
+# define SSL_R_NO_REQUIRED_DIGEST 324
# define SSL_R_NO_SHARED_CIPHER 193
+# define SSL_R_NO_SRTP_PROFILES 359
# define SSL_R_NO_VERIFY_CALLBACK 194
# define SSL_R_NULL_SSL_CTX 195
# define SSL_R_NULL_SSL_METHOD_PASSED 196
# define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED 197
+# define SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED 344
# define SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE 297
+# define SSL_R_OPAQUE_PRF_INPUT_TOO_LONG 327
# define SSL_R_PACKET_LENGTH_TOO_LONG 198
-# define SSL_R_PARSE_TLSEXT 223
+# define SSL_R_PARSE_TLSEXT 227
# define SSL_R_PATH_TOO_LONG 270
# define SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE 199
# define SSL_R_PEER_ERROR 200
@@ -2128,6 +2633,9 @@
# define SSL_R_PRE_MAC_LENGTH_TOO_LONG 205
# define SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS 206
# define SSL_R_PROTOCOL_IS_SHUTDOWN 207
+# define SSL_R_PSK_IDENTITY_NOT_FOUND 223
+# define SSL_R_PSK_NO_CLIENT_CB 224
+# define SSL_R_PSK_NO_SERVER_CB 225
# define SSL_R_PUBLIC_KEY_ENCRYPT_ERROR 208
# define SSL_R_PUBLIC_KEY_IS_NOT_RSA 209
# define SSL_R_PUBLIC_KEY_NOT_RSA 210
@@ -2137,22 +2645,29 @@
# define SSL_R_RECORD_LENGTH_MISMATCH 213
# define SSL_R_RECORD_TOO_LARGE 214
# define SSL_R_RECORD_TOO_SMALL 298
-# define SSL_R_RENEGOTIATE_EXT_TOO_LONG 320
-# define SSL_R_RENEGOTIATION_ENCODING_ERR 321
-# define SSL_R_RENEGOTIATION_MISMATCH 322
+# define SSL_R_RENEGOTIATE_EXT_TOO_LONG 335
+# define SSL_R_RENEGOTIATION_ENCODING_ERR 336
+# define SSL_R_RENEGOTIATION_MISMATCH 337
# define SSL_R_REQUIRED_CIPHER_MISSING 215
+# define SSL_R_REQUIRED_COMPRESSSION_ALGORITHM_MISSING 342
# define SSL_R_REUSE_CERT_LENGTH_NOT_ZERO 216
# define SSL_R_REUSE_CERT_TYPE_NOT_ZERO 217
# define SSL_R_REUSE_CIPHER_LIST_NOT_ZERO 218
-# define SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING 324
-# define SSL_R_SERVERHELLO_TLSEXT 224
+# define SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING 345
+# define SSL_R_SERVERHELLO_TLSEXT 275
# define SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED 277
# define SSL_R_SHORT_READ 219
+# define SSL_R_SIGNATURE_ALGORITHMS_ERROR 360
# define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 220
+# define SSL_R_SRP_A_CALC 361
+# define SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES 362
+# define SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG 363
+# define SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE 364
# define SSL_R_SSL23_DOING_SESSION_ID_REUSE 221
# define SSL_R_SSL2_CONNECTION_ID_TOO_LONG 299
-# define SSL_R_SSL3_EXT_INVALID_SERVERNAME 225
-# define SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE 226
+# define SSL_R_SSL3_EXT_INVALID_ECPOINTFORMAT 321
+# define SSL_R_SSL3_EXT_INVALID_SERVERNAME 319
+# define SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE 320
# define SSL_R_SSL3_SESSION_ID_TOO_LONG 300
# define SSL_R_SSL3_SESSION_ID_TOO_SHORT 222
# define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE 1042
@@ -2193,7 +2708,10 @@
# define SSL_R_TLSV1_UNRECOGNIZED_NAME 1112
# define SSL_R_TLSV1_UNSUPPORTED_EXTENSION 1110
# define SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER 232
-# define SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST 227
+# define SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT 365
+# define SSL_R_TLS_HEARTBEAT_PENDING 366
+# define SSL_R_TLS_ILLEGAL_EXPORTER_LABEL 367
+# define SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST 157
# define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 233
# define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG 234
# define SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER 235
@@ -2214,6 +2732,7 @@
# define SSL_R_UNKNOWN_CERTIFICATE_TYPE 247
# define SSL_R_UNKNOWN_CIPHER_RETURNED 248
# define SSL_R_UNKNOWN_CIPHER_TYPE 249
+# define SSL_R_UNKNOWN_DIGEST 368
# define SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE 250
# define SSL_R_UNKNOWN_PKEY_TYPE 251
# define SSL_R_UNKNOWN_PROTOCOL 252
@@ -2220,13 +2739,15 @@
# define SSL_R_UNKNOWN_REMOTE_ERROR_TYPE 253
# define SSL_R_UNKNOWN_SSL_VERSION 254
# define SSL_R_UNKNOWN_STATE 255
-# define SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED 323
+# define SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED 338
# define SSL_R_UNSUPPORTED_CIPHER 256
# define SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM 257
+# define SSL_R_UNSUPPORTED_DIGEST_TYPE 326
# define SSL_R_UNSUPPORTED_ELLIPTIC_CURVE 315
# define SSL_R_UNSUPPORTED_PROTOCOL 258
# define SSL_R_UNSUPPORTED_SSL_VERSION 259
# define SSL_R_UNSUPPORTED_STATUS_TYPE 329
+# define SSL_R_USE_SRTP_NOT_NEGOTIATED 369
# define SSL_R_WRITE_BIO_NOT_SET 260
# define SSL_R_WRONG_CIPHER_RETURNED 261
# define SSL_R_WRONG_MESSAGE_TYPE 262
@@ -2233,6 +2754,7 @@
# define SSL_R_WRONG_NUMBER_OF_KEY_BITS 263
# define SSL_R_WRONG_SIGNATURE_LENGTH 264
# define SSL_R_WRONG_SIGNATURE_SIZE 265
+# define SSL_R_WRONG_SIGNATURE_TYPE 370
# define SSL_R_WRONG_SSL_VERSION 266
# define SSL_R_WRONG_VERSION_NUMBER 267
# define SSL_R_X509_LIB 268
Modified: trunk/crypto/openssl/ssl/ssl2.h
===================================================================
--- trunk/crypto/openssl/ssl/ssl2.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/ssl/ssl2.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -158,6 +158,8 @@
# define CERT char
# endif
+# ifndef OPENSSL_NO_SSL_INTERN
+
typedef struct ssl2_state_st {
int three_byte_header;
int clear_text; /* clear text */
@@ -213,6 +215,8 @@
} tmp;
} SSL2_STATE;
+# endif
+
/* SSLv2 */
/* client */
# define SSL2_ST_SEND_CLIENT_HELLO_A (0x10|SSL_ST_CONNECT)
Modified: trunk/crypto/openssl/ssl/ssl3.h
===================================================================
--- trunk/crypto/openssl/ssl/ssl3.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/ssl/ssl3.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -123,7 +123,6 @@
# include <openssl/buffer.h>
# include <openssl/evp.h>
# include <openssl/ssl.h>
-# include <openssl/pq_compat.h>
#ifdef __cplusplus
extern "C" {
@@ -172,14 +171,16 @@
# define SSL3_CK_ADH_DES_64_CBC_SHA 0x0300001A
# define SSL3_CK_ADH_DES_192_CBC_SHA 0x0300001B
-# define SSL3_CK_FZA_DMS_NULL_SHA 0x0300001C
-# define SSL3_CK_FZA_DMS_FZA_SHA 0x0300001D
-# if 0 /* Because it clashes with KRB5, is never
+# if 0
+# define SSL3_CK_FZA_DMS_NULL_SHA 0x0300001C
+# define SSL3_CK_FZA_DMS_FZA_SHA 0x0300001D
+# if 0 /* Because it clashes with KRB5, is never
* used any more, and is safe to remove
* according to David Hopwood
* <david.hopwood at zetnet.co.uk> of the
* ietf-tls list */
-# define SSL3_CK_FZA_DMS_RC4_SHA 0x0300001E
+# define SSL3_CK_FZA_DMS_RC4_SHA 0x0300001E
+# endif
# endif
/*
@@ -232,9 +233,11 @@
# define SSL3_TXT_ADH_DES_64_CBC_SHA "ADH-DES-CBC-SHA"
# define SSL3_TXT_ADH_DES_192_CBC_SHA "ADH-DES-CBC3-SHA"
-# define SSL3_TXT_FZA_DMS_NULL_SHA "FZA-NULL-SHA"
-# define SSL3_TXT_FZA_DMS_FZA_SHA "FZA-FZA-CBC-SHA"
-# define SSL3_TXT_FZA_DMS_RC4_SHA "FZA-RC4-SHA"
+# if 0
+# define SSL3_TXT_FZA_DMS_NULL_SHA "FZA-NULL-SHA"
+# define SSL3_TXT_FZA_DMS_FZA_SHA "FZA-FZA-CBC-SHA"
+# define SSL3_TXT_FZA_DMS_RC4_SHA "FZA-RC4-SHA"
+# endif
# define SSL3_TXT_KRB5_DES_64_CBC_SHA "KRB5-DES-CBC-SHA"
# define SSL3_TXT_KRB5_DES_192_CBC3_SHA "KRB5-DES-CBC3-SHA"
@@ -260,23 +263,71 @@
# define SSL3_SESSION_ID_SIZE 32
# define SSL3_RT_HEADER_LENGTH 5
-/* Due to MS stuffing up, this can change.... */
-# if defined(OPENSSL_SYS_WIN16) || \
- (defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN32))
-# define SSL3_RT_MAX_EXTRA (14000)
+# ifndef SSL3_ALIGN_PAYLOAD
+ /*
+ * Some will argue that this increases memory footprint, but it's not
+ * actually true. Point is that malloc has to return at least 64-bit aligned
+ * pointers, meaning that allocating 5 bytes wastes 3 bytes in either case.
+ * Suggested pre-gaping simply moves these wasted bytes from the end of
+ * allocated region to its front, but makes data payload aligned, which
+ * improves performance:-)
+ */
+# define SSL3_ALIGN_PAYLOAD 8
# else
-# define SSL3_RT_MAX_EXTRA (16384)
+# if (SSL3_ALIGN_PAYLOAD&(SSL3_ALIGN_PAYLOAD-1))!=0
+# error "insane SSL3_ALIGN_PAYLOAD"
+# undef SSL3_ALIGN_PAYLOAD
+# endif
# endif
+/*
+ * This is the maximum MAC (digest) size used by the SSL library. Currently
+ * maximum of 20 is used by SHA1, but we reserve for future extension for
+ * 512-bit hashes.
+ */
+
+# define SSL3_RT_MAX_MD_SIZE 64
+
+/*
+ * Maximum block size used in all ciphersuites. Currently 16 for AES.
+ */
+
+# define SSL_RT_MAX_CIPHER_BLOCK_SIZE 16
+
+# define SSL3_RT_MAX_EXTRA (16384)
+
+/* Maximum plaintext length: defined by SSL/TLS standards */
# define SSL3_RT_MAX_PLAIN_LENGTH 16384
+/* Maximum compression overhead: defined by SSL/TLS standards */
+# define SSL3_RT_MAX_COMPRESSED_OVERHEAD 1024
+
+/*
+ * The standards give a maximum encryption overhead of 1024 bytes. In
+ * practice the value is lower than this. The overhead is the maximum number
+ * of padding bytes (256) plus the mac size.
+ */
+# define SSL3_RT_MAX_ENCRYPTED_OVERHEAD (256 + SSL3_RT_MAX_MD_SIZE)
+
+/*
+ * OpenSSL currently only uses a padding length of at most one block so the
+ * send overhead is smaller.
+ */
+
+# define SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD \
+ (SSL_RT_MAX_CIPHER_BLOCK_SIZE + SSL3_RT_MAX_MD_SIZE)
+
+/* If compression isn't used don't include the compression overhead */
+
# ifdef OPENSSL_NO_COMP
-# define SSL3_RT_MAX_COMPRESSED_LENGTH SSL3_RT_MAX_PLAIN_LENGTH
+# define SSL3_RT_MAX_COMPRESSED_LENGTH SSL3_RT_MAX_PLAIN_LENGTH
# else
-# define SSL3_RT_MAX_COMPRESSED_LENGTH (1024+SSL3_RT_MAX_PLAIN_LENGTH)
+# define SSL3_RT_MAX_COMPRESSED_LENGTH \
+ (SSL3_RT_MAX_PLAIN_LENGTH+SSL3_RT_MAX_COMPRESSED_OVERHEAD)
# endif
-# define SSL3_RT_MAX_ENCRYPTED_LENGTH (1024+SSL3_RT_MAX_COMPRESSED_LENGTH)
-# define SSL3_RT_MAX_PACKET_SIZE (SSL3_RT_MAX_ENCRYPTED_LENGTH+SSL3_RT_HEADER_LENGTH)
-# define SSL3_RT_MAX_DATA_SIZE (1024*1024)
+# define SSL3_RT_MAX_ENCRYPTED_LENGTH \
+ (SSL3_RT_MAX_ENCRYPTED_OVERHEAD+SSL3_RT_MAX_COMPRESSED_LENGTH)
+# define SSL3_RT_MAX_PACKET_SIZE \
+ (SSL3_RT_MAX_ENCRYPTED_LENGTH+SSL3_RT_HEADER_LENGTH)
# define SSL3_MD_CLIENT_FINISHED_CONST "\x43\x4C\x4E\x54"
# define SSL3_MD_SERVER_FINISHED_CONST "\x53\x52\x56\x52"
@@ -289,6 +340,7 @@
# define SSL3_RT_ALERT 21
# define SSL3_RT_HANDSHAKE 22
# define SSL3_RT_APPLICATION_DATA 23
+# define TLS1_RT_HEARTBEAT 24
# define SSL3_AL_WARNING 1
# define SSL3_AL_FATAL 2
@@ -306,6 +358,11 @@
# define SSL3_AD_CERTIFICATE_UNKNOWN 46
# define SSL3_AD_ILLEGAL_PARAMETER 47/* fatal */
+# define TLS1_HB_REQUEST 1
+# define TLS1_HB_RESPONSE 2
+
+# ifndef OPENSSL_NO_SSL_INTERN
+
typedef struct ssl3_record_st {
/* type of record */
/*
@@ -338,7 +395,7 @@
/* sequence number, needed by DTLS1 */
/*
* r
- */ PQ_64BIT seq_num;
+ */ unsigned char seq_num[8];
} SSL3_RECORD;
typedef struct ssl3_buffer_st {
@@ -352,6 +409,8 @@
int left;
} SSL3_BUFFER;
+# endif
+
# define SSL3_CT_RSA_SIGN 1
# define SSL3_CT_DSS_SIGN 2
# define SSL3_CT_RSA_FIXED_DH 3
@@ -363,12 +422,18 @@
* SSL3_CT_NUMBER is used to size arrays and it must be large enough to
* contain all of the cert types defined either for SSLv3 and TLSv1.
*/
-# define SSL3_CT_NUMBER 7
+# define SSL3_CT_NUMBER 9
# define SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS 0x0001
# define SSL3_FLAGS_DELAY_CLIENT_FINISHED 0x0002
# define SSL3_FLAGS_POP_BUFFER 0x0004
# define TLS1_FLAGS_TLS_PADDING_BUG 0x0008
+# define TLS1_FLAGS_SKIP_CERT_VERIFY 0x0010
+# define TLS1_FLAGS_KEEP_HANDSHAKE 0x0020
+/*
+ * Set when the handshake is ready to process peer's ChangeCipherSpec message.
+ * Cleared after the message has been processed.
+ */
# define SSL3_FLAGS_CCS_OK 0x0080
/*
@@ -381,12 +446,16 @@
*/
# define SSL3_FLAGS_SGC_RESTART_DONE 0x0040
+# ifndef OPENSSL_NO_SSL_INTERN
+
typedef struct ssl3_state_st {
long flags;
int delay_buf_pop_ret;
unsigned char read_sequence[8];
+ int read_mac_secret_size;
unsigned char read_mac_secret[EVP_MAX_MD_SIZE];
unsigned char write_sequence[8];
+ int write_mac_secret_size;
unsigned char write_mac_secret[EVP_MAX_MD_SIZE];
unsigned char server_random[SSL3_RANDOM_SIZE];
unsigned char client_random[SSL3_RANDOM_SIZE];
@@ -393,6 +462,8 @@
/* flags for countermeasure against known-IV weakness */
int need_empty_fragments;
int empty_fragment_done;
+ /* The value of 'extra' when the buffers were initialized */
+ int init_extra;
SSL3_BUFFER rbuf; /* read IO goes into here */
SSL3_BUFFER wbuf; /* write IO goes into here */
SSL3_RECORD rrec; /* each decoded record goes in here */
@@ -412,12 +483,17 @@
int wpend_ret; /* number of bytes submitted */
const unsigned char *wpend_buf;
/* used during startup, digest all incoming/outgoing packets */
- EVP_MD_CTX finish_dgst1;
- EVP_MD_CTX finish_dgst2;
+ BIO *handshake_buffer;
/*
- * this is set whenerver we see a change_cipher_spec message come in when
- * we are not looking for one
+ * When set of handshake digests is determined, buffer is hashed and
+ * freed and MD_CTX-es for all required digests are stored in this array
*/
+ EVP_MD_CTX **handshake_dgst;
+ /*
+ * Set whenever an expected ChangeCipherSpec message is processed.
+ * Unset when the peer's Finished message is received.
+ * Unexpected ChangeCipherSpec messages trigger a fatal alert.
+ */
int change_cipher_spec;
int warn_alert;
int fatal_alert;
@@ -435,6 +511,15 @@
int total_renegotiations;
int num_renegotiations;
int in_read_app_data;
+ /*
+ * Opaque PRF input as used for the current handshake. These fields are
+ * used only if TLSEXT_TYPE_opaque_prf_input is defined (otherwise, they
+ * are merely present to improve binary compatibility)
+ */
+ void *client_opaque_prf_input;
+ size_t client_opaque_prf_input_len;
+ void *server_opaque_prf_input;
+ size_t server_opaque_prf_input_len;
struct {
/* actually only needs to be 16+20 */
unsigned char cert_verify_md[EVP_MAX_MD_SIZE * 2];
@@ -446,13 +531,13 @@
unsigned long message_size;
int message_type;
/* used to hold the new cipher we are going to use */
- SSL_CIPHER *new_cipher;
-# ifndef OPENSSL_NO_DH
+ const SSL_CIPHER *new_cipher;
+# ifndef OPENSSL_NO_DH
DH *dh;
-# endif
-# ifndef OPENSSL_NO_ECDH
+# endif
+# ifndef OPENSSL_NO_ECDH
EC_KEY *ecdh; /* holds short lived ECDH key */
-# endif
+# endif
/* used when SSL_ST_FLUSH_DATA is entered */
int next_state;
int reuse_message;
@@ -466,11 +551,13 @@
unsigned char *key_block;
const EVP_CIPHER *new_sym_enc;
const EVP_MD *new_hash;
-# ifndef OPENSSL_NO_COMP
+ int new_mac_pkey_type;
+ int new_mac_secret_size;
+# ifndef OPENSSL_NO_COMP
const SSL_COMP *new_compression;
-# else
+# else
char *new_compression;
-# endif
+# endif
int cert_request;
} tmp;
@@ -481,18 +568,27 @@
unsigned char previous_server_finished_len;
int send_connection_binding; /* TODOEKR */
-# ifndef OPENSSL_NO_TLSEXT
-# ifndef OPENSSL_NO_EC
+# ifndef OPENSSL_NO_NEXTPROTONEG
/*
+ * Set if we saw the Next Protocol Negotiation extension from our peer.
+ */
+ int next_proto_neg_seen;
+# endif
+
+# ifndef OPENSSL_NO_TLSEXT
+# ifndef OPENSSL_NO_EC
+ /*
* This is set to true if we believe that this is a version of Safari
* running on OS X 10.6 or newer. We wish to know this because Safari on
* 10.8 .. 10.8.3 has broken ECDHE-ECDSA support.
*/
char is_probably_safari;
-# endif /* !OPENSSL_NO_EC */
-# endif /* !OPENSSL_NO_TLSEXT */
+# endif /* !OPENSSL_NO_EC */
+# endif /* !OPENSSL_NO_TLSEXT */
} SSL3_STATE;
+# endif
+
/* SSLv3 */
/*
* client
@@ -499,6 +595,10 @@
*/
/* extra state */
# define SSL3_ST_CW_FLUSH (0x100|SSL_ST_CONNECT)
+# ifndef OPENSSL_NO_SCTP
+# define DTLS1_SCTP_ST_CW_WRITE_SOCK (0x310|SSL_ST_CONNECT)
+# define DTLS1_SCTP_ST_CR_READ_SOCK (0x320|SSL_ST_CONNECT)
+# endif
/* write to server */
# define SSL3_ST_CW_CLNT_HELLO_A (0x110|SSL_ST_CONNECT)
# define SSL3_ST_CW_CLNT_HELLO_B (0x111|SSL_ST_CONNECT)
@@ -526,6 +626,10 @@
# define SSL3_ST_CW_CERT_VRFY_B (0x191|SSL_ST_CONNECT)
# define SSL3_ST_CW_CHANGE_A (0x1A0|SSL_ST_CONNECT)
# define SSL3_ST_CW_CHANGE_B (0x1A1|SSL_ST_CONNECT)
+# ifndef OPENSSL_NO_NEXTPROTONEG
+# define SSL3_ST_CW_NEXT_PROTO_A (0x200|SSL_ST_CONNECT)
+# define SSL3_ST_CW_NEXT_PROTO_B (0x201|SSL_ST_CONNECT)
+# endif
# define SSL3_ST_CW_FINISHED_A (0x1B0|SSL_ST_CONNECT)
# define SSL3_ST_CW_FINISHED_B (0x1B1|SSL_ST_CONNECT)
/* read from server */
@@ -541,6 +645,10 @@
/* server */
/* extra state */
# define SSL3_ST_SW_FLUSH (0x100|SSL_ST_ACCEPT)
+# ifndef OPENSSL_NO_SCTP
+# define DTLS1_SCTP_ST_SW_WRITE_SOCK (0x310|SSL_ST_ACCEPT)
+# define DTLS1_SCTP_ST_SR_READ_SOCK (0x320|SSL_ST_ACCEPT)
+# endif
/* read from client */
/* Do not change the number values, they do matter */
# define SSL3_ST_SR_CLNT_HELLO_A (0x110|SSL_ST_ACCEPT)
@@ -571,6 +679,10 @@
# define SSL3_ST_SR_CERT_VRFY_B (0x1A1|SSL_ST_ACCEPT)
# define SSL3_ST_SR_CHANGE_A (0x1B0|SSL_ST_ACCEPT)
# define SSL3_ST_SR_CHANGE_B (0x1B1|SSL_ST_ACCEPT)
+# ifndef OPENSSL_NO_NEXTPROTONEG
+# define SSL3_ST_SR_NEXT_PROTO_A (0x210|SSL_ST_ACCEPT)
+# define SSL3_ST_SR_NEXT_PROTO_B (0x211|SSL_ST_ACCEPT)
+# endif
# define SSL3_ST_SR_FINISHED_A (0x1C0|SSL_ST_ACCEPT)
# define SSL3_ST_SR_FINISHED_B (0x1C1|SSL_ST_ACCEPT)
/* write to client */
@@ -595,6 +707,9 @@
# define SSL3_MT_CLIENT_KEY_EXCHANGE 16
# define SSL3_MT_FINISHED 20
# define SSL3_MT_CERTIFICATE_STATUS 22
+# ifndef OPENSSL_NO_NEXTPROTONEG
+# define SSL3_MT_NEXT_PROTO 67
+# endif
# define DTLS1_MT_HELLO_VERIFY_REQUEST 3
# define SSL3_MT_CCS 1
Modified: trunk/crypto/openssl/ssl/ssl_algs.c
===================================================================
--- trunk/crypto/openssl/ssl/ssl_algs.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/ssl/ssl_algs.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -73,16 +73,30 @@
#endif
#ifndef OPENSSL_NO_RC4
EVP_add_cipher(EVP_rc4());
+# if !defined(OPENSSL_NO_MD5) && (defined(__x86_64) || defined(__x86_64__))
+ EVP_add_cipher(EVP_rc4_hmac_md5());
+# endif
#endif
#ifndef OPENSSL_NO_RC2
EVP_add_cipher(EVP_rc2_cbc());
+ /*
+ * Not actually used for SSL/TLS but this makes PKCS#12 work if an
+ * application only calls SSL_library_init().
+ */
+ EVP_add_cipher(EVP_rc2_40_cbc());
#endif
#ifndef OPENSSL_NO_AES
EVP_add_cipher(EVP_aes_128_cbc());
EVP_add_cipher(EVP_aes_192_cbc());
EVP_add_cipher(EVP_aes_256_cbc());
+ EVP_add_cipher(EVP_aes_128_gcm());
+ EVP_add_cipher(EVP_aes_256_gcm());
+# if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
+ EVP_add_cipher(EVP_aes_128_cbc_hmac_sha1());
+ EVP_add_cipher(EVP_aes_256_cbc_hmac_sha1());
+# endif
+
#endif
-
#ifndef OPENSSL_NO_CAMELLIA
EVP_add_cipher(EVP_camellia_128_cbc());
EVP_add_cipher(EVP_camellia_256_cbc());
Modified: trunk/crypto/openssl/ssl/ssl_asn1.c
===================================================================
--- trunk/crypto/openssl/ssl/ssl_asn1.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/ssl/ssl_asn1.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -55,6 +55,32 @@
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
#include <stdio.h>
#include <stdlib.h>
@@ -83,12 +109,19 @@
ASN1_INTEGER tlsext_tick_lifetime;
ASN1_OCTET_STRING tlsext_tick;
#endif /* OPENSSL_NO_TLSEXT */
+#ifndef OPENSSL_NO_PSK
+ ASN1_OCTET_STRING psk_identity_hint;
+ ASN1_OCTET_STRING psk_identity;
+#endif /* OPENSSL_NO_PSK */
+#ifndef OPENSSL_NO_SRP
+ ASN1_OCTET_STRING srp_username;
+#endif /* OPENSSL_NO_SRP */
} SSL_SESSION_ASN1;
int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
{
#define LSIZE2 (sizeof(long)*2)
- int v1 = 0, v2 = 0, v3 = 0, v4 = 0, v5 = 0;
+ int v1 = 0, v2 = 0, v3 = 0, v4 = 0, v5 = 0, v7 = 0, v8 = 0;
unsigned char buf[4], ibuf1[LSIZE2], ibuf2[LSIZE2];
unsigned char ibuf3[LSIZE2], ibuf4[LSIZE2], ibuf5[LSIZE2];
#ifndef OPENSSL_NO_TLSEXT
@@ -96,9 +129,12 @@
unsigned char ibuf6[LSIZE2];
#endif
#ifndef OPENSSL_NO_COMP
+ unsigned char cbuf;
int v11 = 0;
- unsigned char cbuf;
#endif
+#ifndef OPENSSL_NO_SRP
+ int v12 = 0;
+#endif
long l;
SSL_SESSION_ASN1 a;
M_ASN1_I2D_vars(in);
@@ -212,6 +248,26 @@
in->tlsext_tick_lifetime_hint);
}
#endif /* OPENSSL_NO_TLSEXT */
+#ifndef OPENSSL_NO_PSK
+ if (in->psk_identity_hint) {
+ a.psk_identity_hint.length = strlen(in->psk_identity_hint);
+ a.psk_identity_hint.type = V_ASN1_OCTET_STRING;
+ a.psk_identity_hint.data = (unsigned char *)(in->psk_identity_hint);
+ }
+ if (in->psk_identity) {
+ a.psk_identity.length = strlen(in->psk_identity);
+ a.psk_identity.type = V_ASN1_OCTET_STRING;
+ a.psk_identity.data = (unsigned char *)(in->psk_identity);
+ }
+#endif /* OPENSSL_NO_PSK */
+#ifndef OPENSSL_NO_SRP
+ if (in->srp_username) {
+ a.srp_username.length = strlen(in->srp_username);
+ a.srp_username.type = V_ASN1_OCTET_STRING;
+ a.srp_username.data = (unsigned char *)(in->srp_username);
+ }
+#endif /* OPENSSL_NO_SRP */
+
M_ASN1_I2D_len(&(a.version), i2d_ASN1_INTEGER);
M_ASN1_I2D_len(&(a.ssl_version), i2d_ASN1_INTEGER);
M_ASN1_I2D_len(&(a.cipher), i2d_ASN1_OCTET_STRING);
@@ -249,6 +305,20 @@
M_ASN1_I2D_len_EXP_opt(&(a.comp_id), i2d_ASN1_OCTET_STRING, 11, v11);
# endif
#endif /* OPENSSL_NO_TLSEXT */
+#ifndef OPENSSL_NO_PSK
+ if (in->psk_identity_hint)
+ M_ASN1_I2D_len_EXP_opt(&(a.psk_identity_hint), i2d_ASN1_OCTET_STRING,
+ 7, v7);
+ if (in->psk_identity)
+ M_ASN1_I2D_len_EXP_opt(&(a.psk_identity), i2d_ASN1_OCTET_STRING, 8,
+ v8);
+#endif /* OPENSSL_NO_PSK */
+#ifndef OPENSSL_NO_SRP
+ if (in->srp_username)
+ M_ASN1_I2D_len_EXP_opt(&(a.srp_username), i2d_ASN1_OCTET_STRING, 12,
+ v12);
+#endif /* OPENSSL_NO_SRP */
+
M_ASN1_I2D_seq_total();
M_ASN1_I2D_put(&(a.version), i2d_ASN1_INTEGER);
@@ -276,6 +346,16 @@
if (in->tlsext_hostname)
M_ASN1_I2D_put_EXP_opt(&(a.tlsext_hostname), i2d_ASN1_OCTET_STRING, 6,
v6);
+#endif /* OPENSSL_NO_TLSEXT */
+#ifndef OPENSSL_NO_PSK
+ if (in->psk_identity_hint)
+ M_ASN1_I2D_put_EXP_opt(&(a.psk_identity_hint), i2d_ASN1_OCTET_STRING,
+ 7, v7);
+ if (in->psk_identity)
+ M_ASN1_I2D_put_EXP_opt(&(a.psk_identity), i2d_ASN1_OCTET_STRING, 8,
+ v8);
+#endif /* OPENSSL_NO_PSK */
+#ifndef OPENSSL_NO_TLSEXT
if (in->tlsext_tick_lifetime_hint > 0)
M_ASN1_I2D_put_EXP_opt(&a.tlsext_tick_lifetime, i2d_ASN1_INTEGER, 9,
v9);
@@ -287,6 +367,11 @@
if (in->compress_meth)
M_ASN1_I2D_put_EXP_opt(&(a.comp_id), i2d_ASN1_OCTET_STRING, 11, v11);
#endif
+#ifndef OPENSSL_NO_SRP
+ if (in->srp_username)
+ M_ASN1_I2D_put_EXP_opt(&(a.srp_username), i2d_ASN1_OCTET_STRING, 12,
+ v12);
+#endif /* OPENSSL_NO_SRP */
M_ASN1_I2D_finish();
}
@@ -330,14 +415,18 @@
if (ssl_version == SSL2_VERSION) {
if (os.length != 3) {
c.error = SSL_R_CIPHER_CODE_WRONG_LENGTH;
+ c.line = __LINE__;
goto err;
}
id = 0x02000000L |
((unsigned long)os.data[0] << 16L) |
((unsigned long)os.data[1] << 8L) | (unsigned long)os.data[2];
- } else if ((ssl_version >> 8) >= SSL3_VERSION_MAJOR) {
+ } else if ((ssl_version >> 8) == SSL3_VERSION_MAJOR
+ || (ssl_version >> 8) == DTLS1_VERSION_MAJOR
+ || ssl_version == DTLS1_BAD_VER) {
if (os.length != 2) {
c.error = SSL_R_CIPHER_CODE_WRONG_LENGTH;
+ c.line = __LINE__;
goto err;
}
id = 0x03000000L |
@@ -344,6 +433,7 @@
((unsigned long)os.data[0] << 8L) | (unsigned long)os.data[1];
} else {
c.error = SSL_R_UNKNOWN_SSL_VERSION;
+ c.line = __LINE__;
goto err;
}
@@ -433,6 +523,7 @@
if (os.data != NULL) {
if (os.length > SSL_MAX_SID_CTX_LENGTH) {
c.error = SSL_R_BAD_LENGTH;
+ c.line = __LINE__;
goto err;
} else {
ret->sid_ctx_length = os.length;
@@ -465,6 +556,33 @@
os.length = 0;
} else
ret->tlsext_hostname = NULL;
+#endif /* OPENSSL_NO_TLSEXT */
+
+#ifndef OPENSSL_NO_PSK
+ os.length = 0;
+ os.data = NULL;
+ M_ASN1_D2I_get_EXP_opt(osp, d2i_ASN1_OCTET_STRING, 7);
+ if (os.data) {
+ ret->psk_identity_hint = BUF_strndup((char *)os.data, os.length);
+ OPENSSL_free(os.data);
+ os.data = NULL;
+ os.length = 0;
+ } else
+ ret->psk_identity_hint = NULL;
+
+ os.length = 0;
+ os.data = NULL;
+ M_ASN1_D2I_get_EXP_opt(osp, d2i_ASN1_OCTET_STRING, 8);
+ if (os.data) {
+ ret->psk_identity = BUF_strndup((char *)os.data, os.length);
+ OPENSSL_free(os.data);
+ os.data = NULL;
+ os.length = 0;
+ } else
+ ret->psk_identity = NULL;
+#endif /* OPENSSL_NO_PSK */
+
+#ifndef OPENSSL_NO_TLSEXT
ai.length = 0;
M_ASN1_D2I_get_EXP_opt(aip, d2i_ASN1_INTEGER, 9);
if (ai.data != NULL) {
@@ -498,5 +616,18 @@
}
#endif
+#ifndef OPENSSL_NO_SRP
+ os.length = 0;
+ os.data = NULL;
+ M_ASN1_D2I_get_EXP_opt(osp, d2i_ASN1_OCTET_STRING, 12);
+ if (os.data) {
+ ret->srp_username = BUF_strndup((char *)os.data, os.length);
+ OPENSSL_free(os.data);
+ os.data = NULL;
+ os.length = 0;
+ } else
+ ret->srp_username = NULL;
+#endif /* OPENSSL_NO_SRP */
+
M_ASN1_D2I_Finish(a, SSL_SESSION_free, SSL_F_D2I_SSL_SESSION);
}
Modified: trunk/crypto/openssl/ssl/ssl_cert.c
===================================================================
--- trunk/crypto/openssl/ssl/ssl_cert.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/ssl/ssl_cert.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -58,7 +58,7 @@
* [including the GNU Public Licence.]
*/
/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -161,6 +161,21 @@
return ssl_x509_store_ctx_idx;
}
+static void ssl_cert_set_default_md(CERT *cert)
+{
+ /* Set digest values to defaults */
+#ifndef OPENSSL_NO_DSA
+ cert->pkeys[SSL_PKEY_DSA_SIGN].digest = EVP_sha1();
+#endif
+#ifndef OPENSSL_NO_RSA
+ cert->pkeys[SSL_PKEY_RSA_SIGN].digest = EVP_sha1();
+ cert->pkeys[SSL_PKEY_RSA_ENC].digest = EVP_sha1();
+#endif
+#ifndef OPENSSL_NO_ECDSA
+ cert->pkeys[SSL_PKEY_ECC].digest = EVP_sha1();
+#endif
+}
+
CERT *ssl_cert_new(void)
{
CERT *ret;
@@ -174,7 +189,7 @@
ret->key = &(ret->pkeys[SSL_PKEY_RSA_ENC]);
ret->references = 1;
-
+ ssl_cert_set_default_md(ret);
return (ret);
}
@@ -198,8 +213,10 @@
*/
ret->valid = cert->valid;
- ret->mask = cert->mask;
- ret->export_mask = cert->export_mask;
+ ret->mask_k = cert->mask_k;
+ ret->mask_a = cert->mask_a;
+ ret->export_mask_k = cert->export_mask_k;
+ ret->export_mask_a = cert->export_mask_a;
#ifndef OPENSSL_NO_RSA
if (cert->rsa_tmp != NULL) {
@@ -257,35 +274,6 @@
ret->pkeys[i].privatekey = cert->pkeys[i].privatekey;
CRYPTO_add(&ret->pkeys[i].privatekey->references, 1,
CRYPTO_LOCK_EVP_PKEY);
-
- switch (i) {
- /*
- * If there was anything special to do for certain types of
- * keys, we'd do it here. (Nothing at the moment, I think.)
- */
-
- case SSL_PKEY_RSA_ENC:
- case SSL_PKEY_RSA_SIGN:
- /* We have an RSA key. */
- break;
-
- case SSL_PKEY_DSA_SIGN:
- /* We have a DSA key. */
- break;
-
- case SSL_PKEY_DH_RSA:
- case SSL_PKEY_DH_DSA:
- /* We have a DH key. */
- break;
-
- case SSL_PKEY_ECC:
- /* We have an ECC key */
- break;
-
- default:
- /* Can't happen. */
- SSLerr(SSL_F_SSL_CERT_DUP, SSL_R_LIBRARY_BUG);
- }
}
}
@@ -295,6 +283,11 @@
*/
ret->references = 1;
+ /*
+ * Set digests to defaults. NB: we don't copy existing values as they
+ * will be set during handshake.
+ */
+ ssl_cert_set_default_md(ret);
return (ret);
Modified: trunk/crypto/openssl/ssl/ssl_ciph.c
===================================================================
--- trunk/crypto/openssl/ssl/ssl_ciph.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/ssl/ssl_ciph.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -56,7 +56,7 @@
* [including the GNU Public Licence.]
*/
/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -113,12 +113,41 @@
* ECC cipher suite support in OpenSSL originally developed by
* SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
*/
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
+
#include <stdio.h>
#include <openssl/objects.h>
#ifndef OPENSSL_NO_COMP
# include <openssl/comp.h>
#endif
-
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+#endif
#include "ssl_locl.h"
#define SSL_ENC_DES_IDX 0
@@ -126,17 +155,20 @@
#define SSL_ENC_RC4_IDX 2
#define SSL_ENC_RC2_IDX 3
#define SSL_ENC_IDEA_IDX 4
-#define SSL_ENC_eFZA_IDX 5
-#define SSL_ENC_NULL_IDX 6
-#define SSL_ENC_AES128_IDX 7
-#define SSL_ENC_AES256_IDX 8
-#define SSL_ENC_CAMELLIA128_IDX 9
-#define SSL_ENC_CAMELLIA256_IDX 10
+#define SSL_ENC_NULL_IDX 5
+#define SSL_ENC_AES128_IDX 6
+#define SSL_ENC_AES256_IDX 7
+#define SSL_ENC_CAMELLIA128_IDX 8
+#define SSL_ENC_CAMELLIA256_IDX 9
+#define SSL_ENC_GOST89_IDX 10
#define SSL_ENC_SEED_IDX 11
-#define SSL_ENC_NUM_IDX 12
+#define SSL_ENC_AES128GCM_IDX 12
+#define SSL_ENC_AES256GCM_IDX 13
+#define SSL_ENC_NUM_IDX 14
static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX] = {
- NULL, NULL, NULL, NULL, NULL, NULL,
+ NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
+ NULL, NULL
};
#define SSL_COMP_NULL_IDX 0
@@ -147,11 +179,39 @@
#define SSL_MD_MD5_IDX 0
#define SSL_MD_SHA1_IDX 1
-#define SSL_MD_NUM_IDX 2
+#define SSL_MD_GOST94_IDX 2
+#define SSL_MD_GOST89MAC_IDX 3
+#define SSL_MD_SHA256_IDX 4
+#define SSL_MD_SHA384_IDX 5
+/*
+ * Constant SSL_MAX_DIGEST equal to size of digests array should be defined
+ * in the ssl_locl.h
+ */
+#define SSL_MD_NUM_IDX SSL_MAX_DIGEST
static const EVP_MD *ssl_digest_methods[SSL_MD_NUM_IDX] = {
- NULL, NULL,
+ NULL, NULL, NULL, NULL, NULL, NULL
};
+/*
+ * PKEY_TYPE for GOST89MAC is known in advance, but, because implementation
+ * is engine-provided, we'll fill it only if corresponding EVP_PKEY_METHOD is
+ * found
+ */
+static int ssl_mac_pkey_id[SSL_MD_NUM_IDX] = {
+ EVP_PKEY_HMAC, EVP_PKEY_HMAC, EVP_PKEY_HMAC, NID_undef,
+ EVP_PKEY_HMAC, EVP_PKEY_HMAC
+};
+
+static int ssl_mac_secret_size[SSL_MD_NUM_IDX] = {
+ 0, 0, 0, 0, 0, 0
+};
+
+static int ssl_handshake_digest_flag[SSL_MD_NUM_IDX] = {
+ SSL_HANDSHAKE_MAC_MD5, SSL_HANDSHAKE_MAC_SHA,
+ SSL_HANDSHAKE_MAC_GOST94, 0, SSL_HANDSHAKE_MAC_SHA256,
+ SSL_HANDSHAKE_MAC_SHA384
+};
+
#define CIPHER_ADD 1
#define CIPHER_KILL 2
#define CIPHER_DEL 3
@@ -159,7 +219,7 @@
#define CIPHER_SPECIAL 5
typedef struct cipher_order_st {
- SSL_CIPHER *cipher;
+ const SSL_CIPHER *cipher;
int active;
int dead;
struct cipher_order_st *next, *prev;
@@ -166,81 +226,160 @@
} CIPHER_ORDER;
static const SSL_CIPHER cipher_aliases[] = {
- /* Don't include eNULL unless specifically enabled. */
+ /* "ALL" doesn't include eNULL (must be specifically enabled) */
+ {0, SSL_TXT_ALL, 0, 0, 0, ~SSL_eNULL, 0, 0, 0, 0, 0, 0},
+ /* "COMPLEMENTOFALL" */
+ {0, SSL_TXT_CMPALL, 0, 0, 0, SSL_eNULL, 0, 0, 0, 0, 0, 0},
+
/*
- * Don't include ECC in ALL because these ciphers are not yet official.
+ * "COMPLEMENTOFDEFAULT" (does *not* include ciphersuites not found in
+ * ALL!)
*/
- /* must be first */
- {0, SSL_TXT_ALL, 0, SSL_ALL & ~SSL_eNULL & ~SSL_kECDH & ~SSL_kECDHE,
- SSL_ALL, 0, 0, 0, SSL_ALL, SSL_ALL},
+ {0, SSL_TXT_CMPDEF, 0, 0, SSL_aNULL, ~SSL_eNULL, 0, ~SSL_SSLV2,
+ SSL_EXP_MASK, 0, 0, 0},
+
/*
- * TODO: COMPLEMENT OF ALL do not have ECC cipher suites handled properly.
+ * key exchange aliases (some of those using only a single bit here
+ * combine multiple key exchange algs according to the RFCs, e.g. kEDH
+ * combines DHE_DSS and DHE_RSA)
*/
- /* COMPLEMENT OF ALL */
- {0, SSL_TXT_CMPALL, 0, SSL_eNULL, 0, 0, 0, 0, SSL_ENC_MASK, 0},
- {0, SSL_TXT_CMPDEF, 0, SSL_ADH, SSL_EXP_MASK, 0, 0, 0, SSL_AUTH_MASK, 0},
- /* VRS Kerberos5 */
- {0, SSL_TXT_kKRB5, 0, SSL_kKRB5, 0, 0, 0, 0, SSL_MKEY_MASK, 0},
- {0, SSL_TXT_kRSA, 0, SSL_kRSA, 0, 0, 0, 0, SSL_MKEY_MASK, 0},
- {0, SSL_TXT_kDHr, 0, SSL_kDHr, 0, 0, 0, 0, SSL_MKEY_MASK, 0},
- {0, SSL_TXT_kDHd, 0, SSL_kDHd, 0, 0, 0, 0, SSL_MKEY_MASK, 0},
- {0, SSL_TXT_kEDH, 0, SSL_kEDH, 0, 0, 0, 0, SSL_MKEY_MASK, 0},
- {0, SSL_TXT_kFZA, 0, SSL_kFZA, 0, 0, 0, 0, SSL_MKEY_MASK, 0},
- {0, SSL_TXT_DH, 0, SSL_DH, 0, 0, 0, 0, SSL_MKEY_MASK, 0},
- {0, SSL_TXT_ECC, 0, (SSL_kECDH | SSL_kECDHE), 0, 0, 0, 0, SSL_MKEY_MASK,
+ {0, SSL_TXT_kRSA, 0, SSL_kRSA, 0, 0, 0, 0, 0, 0, 0, 0},
+
+ /* no such ciphersuites supported! */
+ {0, SSL_TXT_kDHr, 0, SSL_kDHr, 0, 0, 0, 0, 0, 0, 0, 0},
+ /* no such ciphersuites supported! */
+ {0, SSL_TXT_kDHd, 0, SSL_kDHd, 0, 0, 0, 0, 0, 0, 0, 0},
+ /* no such ciphersuites supported! */
+ {0, SSL_TXT_kDH, 0, SSL_kDHr | SSL_kDHd, 0, 0, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_kEDH, 0, SSL_kEDH, 0, 0, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_DH, 0, SSL_kDHr | SSL_kDHd | SSL_kEDH, 0, 0, 0, 0, 0, 0, 0,
0},
- {0, SSL_TXT_EDH, 0, SSL_EDH, 0, 0, 0, 0, SSL_MKEY_MASK | SSL_AUTH_MASK,
- 0},
- /* VRS Kerberos5 */
- {0, SSL_TXT_aKRB5, 0, SSL_aKRB5, 0, 0, 0, 0, SSL_AUTH_MASK, 0},
- {0, SSL_TXT_aRSA, 0, SSL_aRSA, 0, 0, 0, 0, SSL_AUTH_MASK, 0},
- {0, SSL_TXT_aDSS, 0, SSL_aDSS, 0, 0, 0, 0, SSL_AUTH_MASK, 0},
- {0, SSL_TXT_aFZA, 0, SSL_aFZA, 0, 0, 0, 0, SSL_AUTH_MASK, 0},
- {0, SSL_TXT_aNULL, 0, SSL_aNULL, 0, 0, 0, 0, SSL_AUTH_MASK, 0},
- {0, SSL_TXT_aDH, 0, SSL_aDH, 0, 0, 0, 0, SSL_AUTH_MASK, 0},
- {0, SSL_TXT_DSS, 0, SSL_DSS, 0, 0, 0, 0, SSL_AUTH_MASK, 0},
- {0, SSL_TXT_DES, 0, SSL_DES, 0, 0, 0, 0, SSL_ENC_MASK, 0},
- {0, SSL_TXT_3DES, 0, SSL_3DES, 0, 0, 0, 0, SSL_ENC_MASK, 0},
- {0, SSL_TXT_RC4, 0, SSL_RC4, 0, 0, 0, 0, SSL_ENC_MASK, 0},
- {0, SSL_TXT_RC2, 0, SSL_RC2, 0, 0, 0, 0, SSL_ENC_MASK, 0},
-#ifndef OPENSSL_NO_IDEA
- {0, SSL_TXT_IDEA, 0, SSL_IDEA, 0, 0, 0, 0, SSL_ENC_MASK, 0},
-#endif
- {0, SSL_TXT_SEED, 0, SSL_SEED, 0, 0, 0, 0, SSL_ENC_MASK, 0},
- {0, SSL_TXT_eNULL, 0, SSL_eNULL, 0, 0, 0, 0, SSL_ENC_MASK, 0},
- {0, SSL_TXT_eFZA, 0, SSL_eFZA, 0, 0, 0, 0, SSL_ENC_MASK, 0},
- {0, SSL_TXT_AES, 0, SSL_AES, 0, 0, 0, 0, SSL_ENC_MASK, 0},
- {0, SSL_TXT_CAMELLIA, 0, SSL_CAMELLIA, 0, 0, 0, 0, SSL_ENC_MASK, 0},
+ {0, SSL_TXT_kKRB5, 0, SSL_kKRB5, 0, 0, 0, 0, 0, 0, 0, 0},
- {0, SSL_TXT_MD5, 0, SSL_MD5, 0, 0, 0, 0, SSL_MAC_MASK, 0},
- {0, SSL_TXT_SHA1, 0, SSL_SHA1, 0, 0, 0, 0, SSL_MAC_MASK, 0},
- {0, SSL_TXT_SHA, 0, SSL_SHA, 0, 0, 0, 0, SSL_MAC_MASK, 0},
+ {0, SSL_TXT_kECDHr, 0, SSL_kECDHr, 0, 0, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_kECDHe, 0, SSL_kECDHe, 0, 0, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_kECDH, 0, SSL_kECDHr | SSL_kECDHe, 0, 0, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_kEECDH, 0, SSL_kEECDH, 0, 0, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_ECDH, 0, SSL_kECDHr | SSL_kECDHe | SSL_kEECDH, 0, 0, 0, 0, 0,
+ 0, 0, 0},
- {0, SSL_TXT_NULL, 0, SSL_NULL, 0, 0, 0, 0, SSL_ENC_MASK, 0},
- {0, SSL_TXT_KRB5, 0, SSL_KRB5, 0, 0, 0, 0, SSL_AUTH_MASK | SSL_MKEY_MASK,
+ {0, SSL_TXT_kPSK, 0, SSL_kPSK, 0, 0, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_kSRP, 0, SSL_kSRP, 0, 0, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_kGOST, 0, SSL_kGOST, 0, 0, 0, 0, 0, 0, 0, 0},
+
+ /* server authentication aliases */
+ {0, SSL_TXT_aRSA, 0, 0, SSL_aRSA, 0, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_aDSS, 0, 0, SSL_aDSS, 0, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_DSS, 0, 0, SSL_aDSS, 0, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_aKRB5, 0, 0, SSL_aKRB5, 0, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_aNULL, 0, 0, SSL_aNULL, 0, 0, 0, 0, 0, 0, 0},
+ /* no such ciphersuites supported! */
+ {0, SSL_TXT_aDH, 0, 0, SSL_aDH, 0, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_aECDH, 0, 0, SSL_aECDH, 0, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_aECDSA, 0, 0, SSL_aECDSA, 0, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_ECDSA, 0, 0, SSL_aECDSA, 0, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_aPSK, 0, 0, SSL_aPSK, 0, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_aGOST94, 0, 0, SSL_aGOST94, 0, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_aGOST01, 0, 0, SSL_aGOST01, 0, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_aGOST, 0, 0, SSL_aGOST94 | SSL_aGOST01, 0, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_aSRP, 0, 0, SSL_aSRP, 0, 0, 0, 0, 0, 0, 0},
+
+ /* aliases combining key exchange and server authentication */
+ {0, SSL_TXT_EDH, 0, SSL_kEDH, ~SSL_aNULL, 0, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_EECDH, 0, SSL_kEECDH, ~SSL_aNULL, 0, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_NULL, 0, 0, 0, SSL_eNULL, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_KRB5, 0, SSL_kKRB5, SSL_aKRB5, 0, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_RSA, 0, SSL_kRSA, SSL_aRSA, 0, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_ADH, 0, SSL_kEDH, SSL_aNULL, 0, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_AECDH, 0, SSL_kEECDH, SSL_aNULL, 0, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_PSK, 0, SSL_kPSK, SSL_aPSK, 0, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_SRP, 0, SSL_kSRP, 0, 0, 0, 0, 0, 0, 0, 0},
+
+ /* symmetric encryption aliases */
+ {0, SSL_TXT_DES, 0, 0, 0, SSL_DES, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_3DES, 0, 0, 0, SSL_3DES, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_RC4, 0, 0, 0, SSL_RC4, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_RC2, 0, 0, 0, SSL_RC2, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_IDEA, 0, 0, 0, SSL_IDEA, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_SEED, 0, 0, 0, SSL_SEED, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_eNULL, 0, 0, 0, SSL_eNULL, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_AES128, 0, 0, 0, SSL_AES128 | SSL_AES128GCM, 0, 0, 0, 0, 0,
0},
- {0, SSL_TXT_RSA, 0, SSL_RSA, 0, 0, 0, 0, SSL_AUTH_MASK | SSL_MKEY_MASK,
+ {0, SSL_TXT_AES256, 0, 0, 0, SSL_AES256 | SSL_AES256GCM, 0, 0, 0, 0, 0,
0},
- {0, SSL_TXT_ADH, 0, SSL_ADH, 0, 0, 0, 0, SSL_AUTH_MASK | SSL_MKEY_MASK,
- 0},
- {0, SSL_TXT_FZA, 0, SSL_FZA, 0, 0, 0, 0,
- SSL_AUTH_MASK | SSL_MKEY_MASK | SSL_ENC_MASK, 0},
+ {0, SSL_TXT_AES, 0, 0, 0, SSL_AES, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_AES_GCM, 0, 0, 0, SSL_AES128GCM | SSL_AES256GCM, 0, 0, 0, 0,
+ 0, 0},
+ {0, SSL_TXT_CAMELLIA128, 0, 0, 0, SSL_CAMELLIA128, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_CAMELLIA256, 0, 0, 0, SSL_CAMELLIA256, 0, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_CAMELLIA, 0, 0, 0, SSL_CAMELLIA128 | SSL_CAMELLIA256, 0, 0, 0,
+ 0, 0, 0},
- {0, SSL_TXT_SSLV2, 0, SSL_SSLV2, 0, 0, 0, 0, SSL_SSL_MASK, 0},
- {0, SSL_TXT_SSLV3, 0, SSL_SSLV3, 0, 0, 0, 0, SSL_SSL_MASK, 0},
- {0, SSL_TXT_TLSV1, 0, SSL_TLSV1, 0, 0, 0, 0, SSL_SSL_MASK, 0},
+ /* MAC aliases */
+ {0, SSL_TXT_MD5, 0, 0, 0, 0, SSL_MD5, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_SHA1, 0, 0, 0, 0, SSL_SHA1, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_SHA, 0, 0, 0, 0, SSL_SHA1, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_GOST94, 0, 0, 0, 0, SSL_GOST94, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_GOST89MAC, 0, 0, 0, 0, SSL_GOST89MAC, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_SHA256, 0, 0, 0, 0, SSL_SHA256, 0, 0, 0, 0, 0},
+ {0, SSL_TXT_SHA384, 0, 0, 0, 0, SSL_SHA384, 0, 0, 0, 0, 0},
- {0, SSL_TXT_EXP, 0, 0, SSL_EXPORT, 0, 0, 0, 0, SSL_EXP_MASK},
- {0, SSL_TXT_EXPORT, 0, 0, SSL_EXPORT, 0, 0, 0, 0, SSL_EXP_MASK},
- {0, SSL_TXT_EXP40, 0, 0, SSL_EXP40, 0, 0, 0, 0, SSL_STRONG_MASK},
- {0, SSL_TXT_EXP56, 0, 0, SSL_EXP56, 0, 0, 0, 0, SSL_STRONG_MASK},
- {0, SSL_TXT_LOW, 0, 0, SSL_LOW, 0, 0, 0, 0, SSL_STRONG_MASK},
- {0, SSL_TXT_MEDIUM, 0, 0, SSL_MEDIUM, 0, 0, 0, 0, SSL_STRONG_MASK},
- {0, SSL_TXT_HIGH, 0, 0, SSL_HIGH, 0, 0, 0, 0, SSL_STRONG_MASK},
- {0, SSL_TXT_FIPS, 0, 0, SSL_FIPS, 0, 0, 0, 0, SSL_FIPS | SSL_STRONG_NONE},
+ /* protocol version aliases */
+ {0, SSL_TXT_SSLV2, 0, 0, 0, 0, 0, SSL_SSLV2, 0, 0, 0, 0},
+ {0, SSL_TXT_SSLV3, 0, 0, 0, 0, 0, SSL_SSLV3, 0, 0, 0, 0},
+ {0, SSL_TXT_TLSV1, 0, 0, 0, 0, 0, SSL_TLSV1, 0, 0, 0, 0},
+ {0, SSL_TXT_TLSV1_2, 0, 0, 0, 0, 0, SSL_TLSV1_2, 0, 0, 0, 0},
+
+ /* export flag */
+ {0, SSL_TXT_EXP, 0, 0, 0, 0, 0, 0, SSL_EXPORT, 0, 0, 0},
+ {0, SSL_TXT_EXPORT, 0, 0, 0, 0, 0, 0, SSL_EXPORT, 0, 0, 0},
+
+ /* strength classes */
+ {0, SSL_TXT_EXP40, 0, 0, 0, 0, 0, 0, SSL_EXP40, 0, 0, 0},
+ {0, SSL_TXT_EXP56, 0, 0, 0, 0, 0, 0, SSL_EXP56, 0, 0, 0},
+ {0, SSL_TXT_LOW, 0, 0, 0, 0, 0, 0, SSL_LOW, 0, 0, 0},
+ {0, SSL_TXT_MEDIUM, 0, 0, 0, 0, 0, 0, SSL_MEDIUM, 0, 0, 0},
+ {0, SSL_TXT_HIGH, 0, 0, 0, 0, 0, 0, SSL_HIGH, 0, 0, 0},
+ /* FIPS 140-2 approved ciphersuite */
+ {0, SSL_TXT_FIPS, 0, 0, 0, ~SSL_eNULL, 0, 0, SSL_FIPS, 0, 0, 0},
};
+/*
+ * Search for public key algorithm with given name and return its pkey_id if
+ * it is available. Otherwise return 0
+ */
+#ifdef OPENSSL_NO_ENGINE
+
+static int get_optional_pkey_id(const char *pkey_name)
+{
+ const EVP_PKEY_ASN1_METHOD *ameth;
+ int pkey_id = 0;
+ ameth = EVP_PKEY_asn1_find_str(NULL, pkey_name, -1);
+ if (ameth) {
+ EVP_PKEY_asn1_get0_info(&pkey_id, NULL, NULL, NULL, NULL, ameth);
+ }
+ return pkey_id;
+}
+
+#else
+
+static int get_optional_pkey_id(const char *pkey_name)
+{
+ const EVP_PKEY_ASN1_METHOD *ameth;
+ ENGINE *tmpeng = NULL;
+ int pkey_id = 0;
+ ameth = EVP_PKEY_asn1_find_str(&tmpeng, pkey_name, -1);
+ if (ameth) {
+ EVP_PKEY_asn1_get0_info(&pkey_id, NULL, NULL, NULL, NULL, ameth);
+ }
+ if (tmpeng)
+ ENGINE_finish(tmpeng);
+ return pkey_id;
+}
+
+#endif
+
void ssl_load_ciphers(void)
{
ssl_cipher_methods[SSL_ENC_DES_IDX] = EVP_get_cipherbyname(SN_des_cbc);
@@ -261,10 +400,43 @@
EVP_get_cipherbyname(SN_camellia_128_cbc);
ssl_cipher_methods[SSL_ENC_CAMELLIA256_IDX] =
EVP_get_cipherbyname(SN_camellia_256_cbc);
+ ssl_cipher_methods[SSL_ENC_GOST89_IDX] =
+ EVP_get_cipherbyname(SN_gost89_cnt);
ssl_cipher_methods[SSL_ENC_SEED_IDX] = EVP_get_cipherbyname(SN_seed_cbc);
+ ssl_cipher_methods[SSL_ENC_AES128GCM_IDX] =
+ EVP_get_cipherbyname(SN_aes_128_gcm);
+ ssl_cipher_methods[SSL_ENC_AES256GCM_IDX] =
+ EVP_get_cipherbyname(SN_aes_256_gcm);
+
ssl_digest_methods[SSL_MD_MD5_IDX] = EVP_get_digestbyname(SN_md5);
+ ssl_mac_secret_size[SSL_MD_MD5_IDX] =
+ EVP_MD_size(ssl_digest_methods[SSL_MD_MD5_IDX]);
+ OPENSSL_assert(ssl_mac_secret_size[SSL_MD_MD5_IDX] >= 0);
ssl_digest_methods[SSL_MD_SHA1_IDX] = EVP_get_digestbyname(SN_sha1);
+ ssl_mac_secret_size[SSL_MD_SHA1_IDX] =
+ EVP_MD_size(ssl_digest_methods[SSL_MD_SHA1_IDX]);
+ OPENSSL_assert(ssl_mac_secret_size[SSL_MD_SHA1_IDX] >= 0);
+ ssl_digest_methods[SSL_MD_GOST94_IDX] =
+ EVP_get_digestbyname(SN_id_GostR3411_94);
+ if (ssl_digest_methods[SSL_MD_GOST94_IDX]) {
+ ssl_mac_secret_size[SSL_MD_GOST94_IDX] =
+ EVP_MD_size(ssl_digest_methods[SSL_MD_GOST94_IDX]);
+ OPENSSL_assert(ssl_mac_secret_size[SSL_MD_GOST94_IDX] >= 0);
+ }
+ ssl_digest_methods[SSL_MD_GOST89MAC_IDX] =
+ EVP_get_digestbyname(SN_id_Gost28147_89_MAC);
+ ssl_mac_pkey_id[SSL_MD_GOST89MAC_IDX] = get_optional_pkey_id("gost-mac");
+ if (ssl_mac_pkey_id[SSL_MD_GOST89MAC_IDX]) {
+ ssl_mac_secret_size[SSL_MD_GOST89MAC_IDX] = 32;
+ }
+
+ ssl_digest_methods[SSL_MD_SHA256_IDX] = EVP_get_digestbyname(SN_sha256);
+ ssl_mac_secret_size[SSL_MD_SHA256_IDX] =
+ EVP_MD_size(ssl_digest_methods[SSL_MD_SHA256_IDX]);
+ ssl_digest_methods[SSL_MD_SHA384_IDX] = EVP_get_digestbyname(SN_sha384);
+ ssl_mac_secret_size[SSL_MD_SHA384_IDX] =
+ EVP_MD_size(ssl_digest_methods[SSL_MD_SHA384_IDX]);
}
#ifndef OPENSSL_NO_COMP
@@ -315,10 +487,11 @@
#endif
int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
- const EVP_MD **md, SSL_COMP **comp)
+ const EVP_MD **md, int *mac_pkey_type,
+ int *mac_secret_size, SSL_COMP **comp)
{
int i;
- SSL_CIPHER *c;
+ const SSL_CIPHER *c;
c = s->cipher;
if (c == NULL)
@@ -343,7 +516,7 @@
if ((enc == NULL) || (md == NULL))
return (0);
- switch (c->algorithms & SSL_ENC_MASK) {
+ switch (c->algorithm_enc) {
case SSL_DES:
i = SSL_ENC_DES_IDX;
break;
@@ -362,36 +535,30 @@
case SSL_eNULL:
i = SSL_ENC_NULL_IDX;
break;
- case SSL_AES:
- switch (c->alg_bits) {
- case 128:
- i = SSL_ENC_AES128_IDX;
- break;
- case 256:
- i = SSL_ENC_AES256_IDX;
- break;
- default:
- i = -1;
- break;
- }
+ case SSL_AES128:
+ i = SSL_ENC_AES128_IDX;
break;
- case SSL_CAMELLIA:
- switch (c->alg_bits) {
- case 128:
- i = SSL_ENC_CAMELLIA128_IDX;
- break;
- case 256:
- i = SSL_ENC_CAMELLIA256_IDX;
- break;
- default:
- i = -1;
- break;
- }
+ case SSL_AES256:
+ i = SSL_ENC_AES256_IDX;
break;
+ case SSL_CAMELLIA128:
+ i = SSL_ENC_CAMELLIA128_IDX;
+ break;
+ case SSL_CAMELLIA256:
+ i = SSL_ENC_CAMELLIA256_IDX;
+ break;
+ case SSL_eGOST2814789CNT:
+ i = SSL_ENC_GOST89_IDX;
+ break;
case SSL_SEED:
i = SSL_ENC_SEED_IDX;
break;
-
+ case SSL_AES128GCM:
+ i = SSL_ENC_AES128GCM_IDX;
+ break;
+ case SSL_AES256GCM:
+ i = SSL_ENC_AES256GCM_IDX;
+ break;
default:
i = -1;
break;
@@ -406,7 +573,7 @@
*enc = ssl_cipher_methods[i];
}
- switch (c->algorithms & SSL_MAC_MASK) {
+ switch (c->algorithm_mac) {
case SSL_MD5:
i = SSL_MD_MD5_IDX;
break;
@@ -413,21 +580,82 @@
case SSL_SHA1:
i = SSL_MD_SHA1_IDX;
break;
+ case SSL_SHA256:
+ i = SSL_MD_SHA256_IDX;
+ break;
+ case SSL_SHA384:
+ i = SSL_MD_SHA384_IDX;
+ break;
+ case SSL_GOST94:
+ i = SSL_MD_GOST94_IDX;
+ break;
+ case SSL_GOST89MAC:
+ i = SSL_MD_GOST89MAC_IDX;
+ break;
default:
i = -1;
break;
}
- if ((i < 0) || (i >= SSL_MD_NUM_IDX))
+ if ((i < 0) || (i >= SSL_MD_NUM_IDX)) {
*md = NULL;
- else
+ if (mac_pkey_type != NULL)
+ *mac_pkey_type = NID_undef;
+ if (mac_secret_size != NULL)
+ *mac_secret_size = 0;
+ if (c->algorithm_mac == SSL_AEAD)
+ mac_pkey_type = NULL;
+ } else {
*md = ssl_digest_methods[i];
+ if (mac_pkey_type != NULL)
+ *mac_pkey_type = ssl_mac_pkey_id[i];
+ if (mac_secret_size != NULL)
+ *mac_secret_size = ssl_mac_secret_size[i];
+ }
- if ((*enc != NULL) && (*md != NULL))
+ if ((*enc != NULL) &&
+ (*md != NULL || (EVP_CIPHER_flags(*enc) & EVP_CIPH_FLAG_AEAD_CIPHER))
+ && (!mac_pkey_type || *mac_pkey_type != NID_undef)) {
+ const EVP_CIPHER *evp;
+
+ if (s->ssl_version >> 8 != TLS1_VERSION_MAJOR ||
+ s->ssl_version < TLS1_VERSION)
+ return 1;
+
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode())
+ return 1;
+#endif
+
+ if (c->algorithm_enc == SSL_RC4 &&
+ c->algorithm_mac == SSL_MD5 &&
+ (evp = EVP_get_cipherbyname("RC4-HMAC-MD5")))
+ *enc = evp, *md = NULL;
+ else if (c->algorithm_enc == SSL_AES128 &&
+ c->algorithm_mac == SSL_SHA1 &&
+ (evp = EVP_get_cipherbyname("AES-128-CBC-HMAC-SHA1")))
+ *enc = evp, *md = NULL;
+ else if (c->algorithm_enc == SSL_AES256 &&
+ c->algorithm_mac == SSL_SHA1 &&
+ (evp = EVP_get_cipherbyname("AES-256-CBC-HMAC-SHA1")))
+ *enc = evp, *md = NULL;
return (1);
- else
+ } else
return (0);
}
+int ssl_get_handshake_digest(int idx, long *mask, const EVP_MD **md)
+{
+ if (idx < 0 || idx >= SSL_MD_NUM_IDX) {
+ return 0;
+ }
+ *mask = ssl_handshake_digest_flag[idx];
+ if (*mask)
+ *md = ssl_digest_methods[idx];
+ else
+ *md = NULL;
+ return 1;
+}
+
#define ITEM_SEP(a) \
(((a) == ':') || ((a) == ' ') || ((a) == ';') || ((a) == ','))
@@ -440,7 +668,7 @@
*head = curr->next;
if (curr->prev != NULL)
curr->prev->next = curr->next;
- if (curr->next != NULL) /* should always be true */
+ if (curr->next != NULL)
curr->next->prev = curr->prev;
(*tail)->next = curr;
curr->prev = *tail;
@@ -448,75 +676,132 @@
*tail = curr;
}
-struct disabled_masks { /* This is a kludge no longer needed with
- * OpenSSL 0.9.9, where 128-bit and 256-bit
- * algorithms simply will get separate bits. */
- unsigned long mask; /* everything except m256 */
- unsigned long m256; /* applies to 256-bit algorithms only */
-};
+static void ll_append_head(CIPHER_ORDER **head, CIPHER_ORDER *curr,
+ CIPHER_ORDER **tail)
+{
+ if (curr == *head)
+ return;
+ if (curr == *tail)
+ *tail = curr->prev;
+ if (curr->next != NULL)
+ curr->next->prev = curr->prev;
+ if (curr->prev != NULL)
+ curr->prev->next = curr->next;
+ (*head)->prev = curr;
+ curr->next = *head;
+ curr->prev = NULL;
+ *head = curr;
+}
-static struct disabled_masks ssl_cipher_get_disabled(void)
+static void ssl_cipher_get_disabled(unsigned long *mkey, unsigned long *auth,
+ unsigned long *enc, unsigned long *mac,
+ unsigned long *ssl)
{
- unsigned long mask;
- unsigned long m256;
- struct disabled_masks ret;
+ *mkey = 0;
+ *auth = 0;
+ *enc = 0;
+ *mac = 0;
+ *ssl = 0;
- mask = SSL_kFZA;
#ifdef OPENSSL_NO_RSA
- mask |= SSL_aRSA | SSL_kRSA;
+ *mkey |= SSL_kRSA;
+ *auth |= SSL_aRSA;
#endif
#ifdef OPENSSL_NO_DSA
- mask |= SSL_aDSS;
+ *auth |= SSL_aDSS;
#endif
+ *mkey |= SSL_kDHr | SSL_kDHd; /* no such ciphersuites supported! */
+ *auth |= SSL_aDH;
#ifdef OPENSSL_NO_DH
- mask |= SSL_kDHr | SSL_kDHd | SSL_kEDH | SSL_aDH;
+ *mkey |= SSL_kDHr | SSL_kDHd | SSL_kEDH;
+ *auth |= SSL_aDH;
#endif
#ifdef OPENSSL_NO_KRB5
- mask |= SSL_kKRB5 | SSL_aKRB5;
+ *mkey |= SSL_kKRB5;
+ *auth |= SSL_aKRB5;
#endif
+#ifdef OPENSSL_NO_ECDSA
+ *auth |= SSL_aECDSA;
+#endif
#ifdef OPENSSL_NO_ECDH
- mask |= SSL_kECDH | SSL_kECDHE;
+ *mkey |= SSL_kECDHe | SSL_kECDHr;
+ *auth |= SSL_aECDH;
#endif
+#ifdef OPENSSL_NO_PSK
+ *mkey |= SSL_kPSK;
+ *auth |= SSL_aPSK;
+#endif
+#ifdef OPENSSL_NO_SRP
+ *mkey |= SSL_kSRP;
+#endif
+ /*
+ * Check for presence of GOST 34.10 algorithms, and if they do not
+ * present, disable appropriate auth and key exchange
+ */
+ if (!get_optional_pkey_id("gost94")) {
+ *auth |= SSL_aGOST94;
+ }
+ if (!get_optional_pkey_id("gost2001")) {
+ *auth |= SSL_aGOST01;
+ }
+ /*
+ * Disable GOST key exchange if no GOST signature algs are available *
+ */
+ if ((*auth & (SSL_aGOST94 | SSL_aGOST01)) == (SSL_aGOST94 | SSL_aGOST01)) {
+ *mkey |= SSL_kGOST;
+ }
#ifdef SSL_FORBID_ENULL
- mask |= SSL_eNULL;
+ *enc |= SSL_eNULL;
#endif
- mask |= (ssl_cipher_methods[SSL_ENC_DES_IDX] == NULL) ? SSL_DES : 0;
- mask |= (ssl_cipher_methods[SSL_ENC_3DES_IDX] == NULL) ? SSL_3DES : 0;
- mask |= (ssl_cipher_methods[SSL_ENC_RC4_IDX] == NULL) ? SSL_RC4 : 0;
- mask |= (ssl_cipher_methods[SSL_ENC_RC2_IDX] == NULL) ? SSL_RC2 : 0;
- mask |= (ssl_cipher_methods[SSL_ENC_IDEA_IDX] == NULL) ? SSL_IDEA : 0;
- mask |= (ssl_cipher_methods[SSL_ENC_eFZA_IDX] == NULL) ? SSL_eFZA : 0;
- mask |= (ssl_cipher_methods[SSL_ENC_SEED_IDX] == NULL) ? SSL_SEED : 0;
-
- mask |= (ssl_digest_methods[SSL_MD_MD5_IDX] == NULL) ? SSL_MD5 : 0;
- mask |= (ssl_digest_methods[SSL_MD_SHA1_IDX] == NULL) ? SSL_SHA1 : 0;
-
- /* finally consider algorithms where mask and m256 differ */
- m256 = mask;
- mask |= (ssl_cipher_methods[SSL_ENC_AES128_IDX] == NULL) ? SSL_AES : 0;
- mask |=
+ *enc |= (ssl_cipher_methods[SSL_ENC_DES_IDX] == NULL) ? SSL_DES : 0;
+ *enc |= (ssl_cipher_methods[SSL_ENC_3DES_IDX] == NULL) ? SSL_3DES : 0;
+ *enc |= (ssl_cipher_methods[SSL_ENC_RC4_IDX] == NULL) ? SSL_RC4 : 0;
+ *enc |= (ssl_cipher_methods[SSL_ENC_RC2_IDX] == NULL) ? SSL_RC2 : 0;
+ *enc |= (ssl_cipher_methods[SSL_ENC_IDEA_IDX] == NULL) ? SSL_IDEA : 0;
+ *enc |= (ssl_cipher_methods[SSL_ENC_AES128_IDX] == NULL) ? SSL_AES128 : 0;
+ *enc |= (ssl_cipher_methods[SSL_ENC_AES256_IDX] == NULL) ? SSL_AES256 : 0;
+ *enc |=
+ (ssl_cipher_methods[SSL_ENC_AES128GCM_IDX] ==
+ NULL) ? SSL_AES128GCM : 0;
+ *enc |=
+ (ssl_cipher_methods[SSL_ENC_AES256GCM_IDX] ==
+ NULL) ? SSL_AES256GCM : 0;
+ *enc |=
(ssl_cipher_methods[SSL_ENC_CAMELLIA128_IDX] ==
- NULL) ? SSL_CAMELLIA : 0;
- m256 |= (ssl_cipher_methods[SSL_ENC_AES256_IDX] == NULL) ? SSL_AES : 0;
- m256 |=
+ NULL) ? SSL_CAMELLIA128 : 0;
+ *enc |=
(ssl_cipher_methods[SSL_ENC_CAMELLIA256_IDX] ==
- NULL) ? SSL_CAMELLIA : 0;
+ NULL) ? SSL_CAMELLIA256 : 0;
+ *enc |=
+ (ssl_cipher_methods[SSL_ENC_GOST89_IDX] ==
+ NULL) ? SSL_eGOST2814789CNT : 0;
+ *enc |= (ssl_cipher_methods[SSL_ENC_SEED_IDX] == NULL) ? SSL_SEED : 0;
- ret.mask = mask;
- ret.m256 = m256;
- return ret;
+ *mac |= (ssl_digest_methods[SSL_MD_MD5_IDX] == NULL) ? SSL_MD5 : 0;
+ *mac |= (ssl_digest_methods[SSL_MD_SHA1_IDX] == NULL) ? SSL_SHA1 : 0;
+ *mac |= (ssl_digest_methods[SSL_MD_SHA256_IDX] == NULL) ? SSL_SHA256 : 0;
+ *mac |= (ssl_digest_methods[SSL_MD_SHA384_IDX] == NULL) ? SSL_SHA384 : 0;
+ *mac |= (ssl_digest_methods[SSL_MD_GOST94_IDX] == NULL) ? SSL_GOST94 : 0;
+ *mac |= (ssl_digest_methods[SSL_MD_GOST89MAC_IDX] == NULL
+ || ssl_mac_pkey_id[SSL_MD_GOST89MAC_IDX] ==
+ NID_undef) ? SSL_GOST89MAC : 0;
+
}
static void ssl_cipher_collect_ciphers(const SSL_METHOD *ssl_method,
- int num_of_ciphers, unsigned long mask,
- unsigned long m256,
+ int num_of_ciphers,
+ unsigned long disabled_mkey,
+ unsigned long disabled_auth,
+ unsigned long disabled_enc,
+ unsigned long disabled_mac,
+ unsigned long disabled_ssl,
CIPHER_ORDER *co_list,
CIPHER_ORDER **head_p,
CIPHER_ORDER **tail_p)
{
int i, co_list_num;
- SSL_CIPHER *c;
+ const SSL_CIPHER *c;
/*
* We have num_of_ciphers descriptions compiled in, depending on the
@@ -529,15 +814,16 @@
co_list_num = 0; /* actual count of ciphers */
for (i = 0; i < num_of_ciphers; i++) {
c = ssl_method->get_cipher(i);
-#define IS_MASKED(c) ((c)->algorithms & (((c)->alg_bits == 256) ? m256 : mask))
/* drop those that use any of that is not available */
+ if ((c != NULL) && c->valid &&
#ifdef OPENSSL_FIPS
- if ((c != NULL) && c->valid && !IS_MASKED(c)
- && (!FIPS_mode() || (c->algo_strength & SSL_FIPS)))
-#else
- if ((c != NULL) && c->valid && !IS_MASKED(c))
+ (!FIPS_mode() || (c->algo_strength & SSL_FIPS)) &&
#endif
- {
+ !(c->algorithm_mkey & disabled_mkey) &&
+ !(c->algorithm_auth & disabled_auth) &&
+ !(c->algorithm_enc & disabled_enc) &&
+ !(c->algorithm_mac & disabled_mac) &&
+ !(c->algorithm_ssl & disabled_ssl)) {
co_list[co_list_num].cipher = c;
co_list[co_list_num].next = NULL;
co_list[co_list_num].prev = NULL;
@@ -544,7 +830,8 @@
co_list[co_list_num].active = 0;
co_list_num++;
#ifdef KSSL_DEBUG
- printf("\t%d: %s %lx %lx\n", i, c->name, c->id, c->algorithms);
+ fprintf(stderr, "\t%d: %s %lx %lx %lx\n", i, c->name, c->id,
+ c->algorithm_mkey, c->algorithm_auth);
#endif /* KSSL_DEBUG */
/*
* if (!sk_push(ca_list,(char *)c)) goto err;
@@ -555,27 +842,44 @@
/*
* Prepare linked list from list entries
*/
- for (i = 1; i < co_list_num - 1; i++) {
- co_list[i].prev = &(co_list[i - 1]);
- co_list[i].next = &(co_list[i + 1]);
- }
if (co_list_num > 0) {
- (*head_p) = &(co_list[0]);
- (*head_p)->prev = NULL;
- (*head_p)->next = &(co_list[1]);
- (*tail_p) = &(co_list[co_list_num - 1]);
- (*tail_p)->prev = &(co_list[co_list_num - 2]);
- (*tail_p)->next = NULL;
+ co_list[0].prev = NULL;
+
+ if (co_list_num > 1) {
+ co_list[0].next = &co_list[1];
+
+ for (i = 1; i < co_list_num - 1; i++) {
+ co_list[i].prev = &co_list[i - 1];
+ co_list[i].next = &co_list[i + 1];
+ }
+
+ co_list[co_list_num - 1].prev = &co_list[co_list_num - 2];
+ }
+
+ co_list[co_list_num - 1].next = NULL;
+
+ *head_p = &co_list[0];
+ *tail_p = &co_list[co_list_num - 1];
}
}
-static void ssl_cipher_collect_aliases(SSL_CIPHER **ca_list,
+static void ssl_cipher_collect_aliases(const SSL_CIPHER **ca_list,
int num_of_group_aliases,
- unsigned long mask, CIPHER_ORDER *head)
+ unsigned long disabled_mkey,
+ unsigned long disabled_auth,
+ unsigned long disabled_enc,
+ unsigned long disabled_mac,
+ unsigned long disabled_ssl,
+ CIPHER_ORDER *head)
{
CIPHER_ORDER *ciph_curr;
- SSL_CIPHER **ca_curr;
+ const SSL_CIPHER **ca_curr;
int i;
+ unsigned long mask_mkey = ~disabled_mkey;
+ unsigned long mask_auth = ~disabled_auth;
+ unsigned long mask_enc = ~disabled_enc;
+ unsigned long mask_mac = ~disabled_mac;
+ unsigned long mask_ssl = ~disabled_ssl;
/*
* First, add the real ciphers as already collected
@@ -590,16 +894,39 @@
/*
* Now we add the available ones from the cipher_aliases[] table.
- * They represent either an algorithm, that must be fully
- * supported (not match any bit in mask) or represent a cipher
- * strength value (will be added in any case because algorithms=0).
+ * They represent either one or more algorithms, some of which
+ * in any affected category must be supported (set in enabled_mask),
+ * or represent a cipher strength value (will be added in any case because algorithms=0).
*/
for (i = 0; i < num_of_group_aliases; i++) {
- if ((i == 0) || /* always fetch "ALL" */
- !(cipher_aliases[i].algorithms & mask)) {
- *ca_curr = (SSL_CIPHER *)(cipher_aliases + i);
- ca_curr++;
- }
+ unsigned long algorithm_mkey = cipher_aliases[i].algorithm_mkey;
+ unsigned long algorithm_auth = cipher_aliases[i].algorithm_auth;
+ unsigned long algorithm_enc = cipher_aliases[i].algorithm_enc;
+ unsigned long algorithm_mac = cipher_aliases[i].algorithm_mac;
+ unsigned long algorithm_ssl = cipher_aliases[i].algorithm_ssl;
+
+ if (algorithm_mkey)
+ if ((algorithm_mkey & mask_mkey) == 0)
+ continue;
+
+ if (algorithm_auth)
+ if ((algorithm_auth & mask_auth) == 0)
+ continue;
+
+ if (algorithm_enc)
+ if ((algorithm_enc & mask_enc) == 0)
+ continue;
+
+ if (algorithm_mac)
+ if ((algorithm_mac & mask_mac) == 0)
+ continue;
+
+ if (algorithm_ssl)
+ if ((algorithm_ssl & mask_ssl) == 0)
+ continue;
+
+ *ca_curr = (SSL_CIPHER *)(cipher_aliases + i);
+ ca_curr++;
}
*ca_curr = NULL; /* end of list */
@@ -606,121 +933,125 @@
}
static void ssl_cipher_apply_rule(unsigned long cipher_id,
- unsigned long ssl_version,
- unsigned long algorithms,
- unsigned long mask,
- unsigned long algo_strength,
- unsigned long mask_strength, int rule,
- int strength_bits, CIPHER_ORDER *co_list,
- CIPHER_ORDER **head_p,
+ unsigned long alg_mkey,
+ unsigned long alg_auth,
+ unsigned long alg_enc,
+ unsigned long alg_mac,
+ unsigned long alg_ssl,
+ unsigned long algo_strength, int rule,
+ int strength_bits, CIPHER_ORDER **head_p,
CIPHER_ORDER **tail_p)
{
- CIPHER_ORDER *head, *tail, *curr, *curr2, *tail2;
- SSL_CIPHER *cp;
- unsigned long ma, ma_s;
+ CIPHER_ORDER *head, *tail, *curr, *next, *last;
+ const SSL_CIPHER *cp;
+ int reverse = 0;
#ifdef CIPHER_DEBUG
- printf("Applying rule %d with %08lx %08lx %08lx %08lx (%d)\n",
- rule, algorithms, mask, algo_strength, mask_strength,
- strength_bits);
+ fprintf(stderr,
+ "Applying rule %d with %08lx/%08lx/%08lx/%08lx/%08lx %08lx (%d)\n",
+ rule, alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl,
+ algo_strength, strength_bits);
#endif
- curr = head = *head_p;
- curr2 = head;
- tail2 = tail = *tail_p;
+ if (rule == CIPHER_DEL)
+ reverse = 1; /* needed to maintain sorting between
+ * currently deleted ciphers */
+
+ head = *head_p;
+ tail = *tail_p;
+
+ if (reverse) {
+ next = tail;
+ last = head;
+ } else {
+ next = head;
+ last = tail;
+ }
+
+ curr = NULL;
for (;;) {
- if ((curr == NULL) || (curr == tail2))
+ if (curr == last)
break;
- curr = curr2;
- curr2 = curr->next;
+ curr = next;
+
+ if (curr == NULL)
+ break;
+
+ next = reverse ? curr->prev : curr->next;
+
cp = curr->cipher;
- /* Special case: only satisfied by COMPLEMENTOFDEFAULT */
- if (algo_strength == SSL_EXP_MASK) {
- if ((SSL_C_IS_EXPORT(cp) || cp->algorithms & SSL_SSLV2
- || cp->algorithms & SSL_aNULL)
- && !(cp->algorithms & (SSL_kECDHE|SSL_kECDH)))
- goto ok;
- else
- continue;
- }
/*
- * If explicit cipher suite, match only that one for its own protocol
- * version. Usual selection criteria will be used for similar
- * ciphersuites from other version!
+ * Selection criteria is either the value of strength_bits
+ * or the algorithms used.
*/
-
- if (cipher_id && (cp->algorithms & SSL_SSL_MASK) == ssl_version) {
- if (cp->id != cipher_id)
+ if (strength_bits >= 0) {
+ if (strength_bits != cp->strength_bits)
continue;
- }
-
- /*
- * Selection criteria is either the number of strength_bits
- * or the algorithm used.
- */
- else if (strength_bits == -1) {
- ma = mask & cp->algorithms;
- ma_s = mask_strength & cp->algo_strength;
-
+ } else {
#ifdef CIPHER_DEBUG
- printf
- ("\nName: %s:\nAlgo = %08lx Algo_strength = %08lx\nMask = %08lx Mask_strength %08lx\n",
- cp->name, cp->algorithms, cp->algo_strength, mask,
- mask_strength);
- printf("ma = %08lx ma_s %08lx, ma&algo=%08lx, ma_s&algos=%08lx\n",
- ma, ma_s, ma & algorithms, ma_s & algo_strength);
+ fprintf(stderr,
+ "\nName: %s:\nAlgo = %08lx/%08lx/%08lx/%08lx/%08lx Algo_strength = %08lx\n",
+ cp->name, cp->algorithm_mkey, cp->algorithm_auth,
+ cp->algorithm_enc, cp->algorithm_mac, cp->algorithm_ssl,
+ cp->algo_strength);
#endif
- /*
- * Select: if none of the mask bit was met from the
- * cipher or not all of the bits were met, the
- * selection does not apply.
- */
- if (((ma == 0) && (ma_s == 0)) ||
- ((ma & algorithms) != ma) || ((ma_s & algo_strength) != ma_s))
- continue; /* does not apply */
- } else if (strength_bits != cp->strength_bits)
- continue; /* does not apply */
+ if (algo_strength == SSL_EXP_MASK && SSL_C_IS_EXPORT(cp))
+ goto ok;
+ if (alg_ssl == ~SSL_SSLV2 && cp->algorithm_ssl == SSL_SSLV2)
+ goto ok;
+ if (alg_mkey && !(alg_mkey & cp->algorithm_mkey))
+ continue;
+ if (alg_auth && !(alg_auth & cp->algorithm_auth))
+ continue;
+ if (alg_enc && !(alg_enc & cp->algorithm_enc))
+ continue;
+ if (alg_mac && !(alg_mac & cp->algorithm_mac))
+ continue;
+ if (alg_ssl && !(alg_ssl & cp->algorithm_ssl))
+ continue;
+ if ((algo_strength & SSL_EXP_MASK)
+ && !(algo_strength & SSL_EXP_MASK & cp->algo_strength))
+ continue;
+ if ((algo_strength & SSL_STRONG_MASK)
+ && !(algo_strength & SSL_STRONG_MASK & cp->algo_strength))
+ continue;
+ }
- ok:
+ ok:
#ifdef CIPHER_DEBUG
- printf("Action = %d\n", rule);
+ fprintf(stderr, "Action = %d\n", rule);
#endif
/* add the cipher if it has not been added yet. */
if (rule == CIPHER_ADD) {
+ /* reverse == 0 */
if (!curr->active) {
- int add_this_cipher = 1;
-
- if (((cp->algorithms & (SSL_kECDHE | SSL_kECDH | SSL_aECDSA))
- != 0)) {
- /*
- * Make sure "ECCdraft" ciphersuites are activated only
- * if *explicitly* requested, but not implicitly (such as
- * as part of the "AES" alias).
- */
-
- add_this_cipher =
- (mask & (SSL_kECDHE | SSL_kECDH | SSL_aECDSA)) != 0
- || cipher_id != 0;
- }
-
- if (add_this_cipher) {
- ll_append_tail(&head, curr, &tail);
- curr->active = 1;
- }
+ ll_append_tail(&head, curr, &tail);
+ curr->active = 1;
}
}
/* Move the added cipher to this location */
else if (rule == CIPHER_ORD) {
+ /* reverse == 0 */
if (curr->active) {
ll_append_tail(&head, curr, &tail);
}
- } else if (rule == CIPHER_DEL)
- curr->active = 0;
- else if (rule == CIPHER_KILL) {
+ } else if (rule == CIPHER_DEL) {
+ /* reverse == 1 */
+ if (curr->active) {
+ /*
+ * most recently deleted ciphersuites get best positions for
+ * any future CIPHER_ADD (note that the CIPHER_DEL loop works
+ * in reverse to maintain the order)
+ */
+ ll_append_head(&head, curr, &tail);
+ curr->active = 0;
+ }
+ } else if (rule == CIPHER_KILL) {
+ /* reverse == 0 */
if (head == curr)
head = curr->next;
else
@@ -741,8 +1072,7 @@
*tail_p = tail;
}
-static int ssl_cipher_strength_sort(CIPHER_ORDER *co_list,
- CIPHER_ORDER **head_p,
+static int ssl_cipher_strength_sort(CIPHER_ORDER **head_p,
CIPHER_ORDER **tail_p)
{
int max_strength_bits, i, *number_uses;
@@ -783,8 +1113,8 @@
*/
for (i = max_strength_bits; i >= 0; i--)
if (number_uses[i] > 0)
- ssl_cipher_apply_rule(0, 0, 0, 0, 0, 0, CIPHER_ORD, i,
- co_list, head_p, tail_p);
+ ssl_cipher_apply_rule(0, 0, 0, 0, 0, 0, 0, CIPHER_ORD, i, head_p,
+ tail_p);
OPENSSL_free(number_uses);
return (1);
@@ -791,15 +1121,15 @@
}
static int ssl_cipher_process_rulestr(const char *rule_str,
- CIPHER_ORDER *co_list,
CIPHER_ORDER **head_p,
CIPHER_ORDER **tail_p,
- SSL_CIPHER **ca_list)
+ const SSL_CIPHER **ca_list)
{
- unsigned long algorithms, mask, algo_strength, mask_strength;
+ unsigned long alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl,
+ algo_strength;
const char *l, *buf;
int j, multi, found, rule, retval, ok, buflen;
- unsigned long cipher_id = 0, ssl_version = 0;
+ unsigned long cipher_id = 0;
char ch;
retval = 1;
@@ -830,7 +1160,12 @@
continue;
}
- algorithms = mask = algo_strength = mask_strength = 0;
+ alg_mkey = 0;
+ alg_auth = 0;
+ alg_enc = 0;
+ alg_mac = 0;
+ alg_ssl = 0;
+ algo_strength = 0;
for (;;) {
ch = *l;
@@ -839,9 +1174,9 @@
#ifndef CHARSET_EBCDIC
while (((ch >= 'A') && (ch <= 'Z')) ||
((ch >= '0') && (ch <= '9')) ||
- ((ch >= 'a') && (ch <= 'z')) || (ch == '-'))
+ ((ch >= 'a') && (ch <= 'z')) || (ch == '-') || (ch == '.'))
#else
- while (isalnum(ch) || (ch == '-'))
+ while (isalnum(ch) || (ch == '-') || (ch == '.'))
#endif
{
ch = *(++l);
@@ -886,7 +1221,6 @@
*/
j = found = 0;
cipher_id = 0;
- ssl_version = 0;
while (ca_list[j]) {
if (!strncmp(buf, ca_list[j]->name, buflen) &&
(ca_list[j]->name[buflen] == '\0')) {
@@ -895,29 +1229,104 @@
} else
j++;
}
+
if (!found)
break; /* ignore this entry */
- /*-
- * New algorithms:
- * 1 - any old restrictions apply outside new mask
- * 2 - any new restrictions apply outside old mask
- * 3 - enforce old & new where masks intersect
- */
- algorithms = (algorithms & ~ca_list[j]->mask) | /* 1 */
- (ca_list[j]->algorithms & ~mask) | /* 2 */
- (algorithms & ca_list[j]->algorithms); /* 3 */
- mask |= ca_list[j]->mask;
- algo_strength = (algo_strength & ~ca_list[j]->mask_strength) |
- (ca_list[j]->algo_strength & ~mask_strength) |
- (algo_strength & ca_list[j]->algo_strength);
- mask_strength |= ca_list[j]->mask_strength;
+ if (ca_list[j]->algorithm_mkey) {
+ if (alg_mkey) {
+ alg_mkey &= ca_list[j]->algorithm_mkey;
+ if (!alg_mkey) {
+ found = 0;
+ break;
+ }
+ } else
+ alg_mkey = ca_list[j]->algorithm_mkey;
+ }
- /* explicit ciphersuite found */
+ if (ca_list[j]->algorithm_auth) {
+ if (alg_auth) {
+ alg_auth &= ca_list[j]->algorithm_auth;
+ if (!alg_auth) {
+ found = 0;
+ break;
+ }
+ } else
+ alg_auth = ca_list[j]->algorithm_auth;
+ }
+
+ if (ca_list[j]->algorithm_enc) {
+ if (alg_enc) {
+ alg_enc &= ca_list[j]->algorithm_enc;
+ if (!alg_enc) {
+ found = 0;
+ break;
+ }
+ } else
+ alg_enc = ca_list[j]->algorithm_enc;
+ }
+
+ if (ca_list[j]->algorithm_mac) {
+ if (alg_mac) {
+ alg_mac &= ca_list[j]->algorithm_mac;
+ if (!alg_mac) {
+ found = 0;
+ break;
+ }
+ } else
+ alg_mac = ca_list[j]->algorithm_mac;
+ }
+
+ if (ca_list[j]->algo_strength & SSL_EXP_MASK) {
+ if (algo_strength & SSL_EXP_MASK) {
+ algo_strength &=
+ (ca_list[j]->algo_strength & SSL_EXP_MASK) |
+ ~SSL_EXP_MASK;
+ if (!(algo_strength & SSL_EXP_MASK)) {
+ found = 0;
+ break;
+ }
+ } else
+ algo_strength |= ca_list[j]->algo_strength & SSL_EXP_MASK;
+ }
+
+ if (ca_list[j]->algo_strength & SSL_STRONG_MASK) {
+ if (algo_strength & SSL_STRONG_MASK) {
+ algo_strength &=
+ (ca_list[j]->algo_strength & SSL_STRONG_MASK) |
+ ~SSL_STRONG_MASK;
+ if (!(algo_strength & SSL_STRONG_MASK)) {
+ found = 0;
+ break;
+ }
+ } else
+ algo_strength |=
+ ca_list[j]->algo_strength & SSL_STRONG_MASK;
+ }
+
if (ca_list[j]->valid) {
+ /*
+ * explicit ciphersuite found; its protocol version does not
+ * become part of the search pattern!
+ */
+
cipher_id = ca_list[j]->id;
- ssl_version = ca_list[j]->algorithms & SSL_SSL_MASK;
- break;
+ } else {
+ /*
+ * not an explicit ciphersuite; only in this case, the
+ * protocol version is considered part of the search pattern
+ */
+
+ if (ca_list[j]->algorithm_ssl) {
+ if (alg_ssl) {
+ alg_ssl &= ca_list[j]->algorithm_ssl;
+ if (!alg_ssl) {
+ found = 0;
+ break;
+ }
+ } else
+ alg_ssl = ca_list[j]->algorithm_ssl;
+ }
}
if (!multi)
@@ -930,7 +1339,7 @@
if (rule == CIPHER_SPECIAL) { /* special command */
ok = 0;
if ((buflen == 8) && !strncmp(buf, "STRENGTH", 8))
- ok = ssl_cipher_strength_sort(co_list, head_p, tail_p);
+ ok = ssl_cipher_strength_sort(head_p, tail_p);
else
SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR,
SSL_R_INVALID_COMMAND);
@@ -945,9 +1354,10 @@
while ((*l != '\0') && !ITEM_SEP(*l))
l++;
} else if (found) {
- ssl_cipher_apply_rule(cipher_id, ssl_version, algorithms, mask,
- algo_strength, mask_strength, rule, -1,
- co_list, head_p, tail_p);
+ ssl_cipher_apply_rule(cipher_id,
+ alg_mkey, alg_auth, alg_enc, alg_mac,
+ alg_ssl, algo_strength, rule, -1, head_p,
+ tail_p);
} else {
while ((*l != '\0') && !ITEM_SEP(*l))
l++;
@@ -965,12 +1375,12 @@
const char *rule_str)
{
int ok, num_of_ciphers, num_of_alias_max, num_of_group_aliases;
- unsigned long disabled_mask;
- unsigned long disabled_m256;
+ unsigned long disabled_mkey, disabled_auth, disabled_enc, disabled_mac,
+ disabled_ssl;
STACK_OF(SSL_CIPHER) *cipherstack, *tmp_cipher_list;
const char *rule_p;
CIPHER_ORDER *co_list = NULL, *head = NULL, *tail = NULL, *curr;
- SSL_CIPHER **ca_list = NULL;
+ const SSL_CIPHER **ca_list = NULL;
/*
* Return with error if nothing to do.
@@ -982,12 +1392,8 @@
* To reduce the work to do we only want to process the compiled
* in algorithms, so we first get the mask of disabled ciphers.
*/
- {
- struct disabled_masks d;
- d = ssl_cipher_get_disabled();
- disabled_mask = d.mask;
- disabled_m256 = d.m256;
- }
+ ssl_cipher_get_disabled(&disabled_mkey, &disabled_auth, &disabled_enc,
+ &disabled_mac, &disabled_ssl);
/*
* Now we have to collect the available ciphers from the compiled
@@ -996,7 +1402,8 @@
*/
num_of_ciphers = ssl_method->num_ciphers();
#ifdef KSSL_DEBUG
- printf("ssl_create_cipher_list() for %d ciphers\n", num_of_ciphers);
+ fprintf(stderr, "ssl_create_cipher_list() for %d ciphers\n",
+ num_of_ciphers);
#endif /* KSSL_DEBUG */
co_list =
(CIPHER_ORDER *)OPENSSL_malloc(sizeof(CIPHER_ORDER) * num_of_ciphers);
@@ -1005,10 +1412,72 @@
return (NULL); /* Failure */
}
- ssl_cipher_collect_ciphers(ssl_method, num_of_ciphers, disabled_mask,
- disabled_m256, co_list, &head, &tail);
+ ssl_cipher_collect_ciphers(ssl_method, num_of_ciphers,
+ disabled_mkey, disabled_auth, disabled_enc,
+ disabled_mac, disabled_ssl, co_list, &head,
+ &tail);
+ /* Now arrange all ciphers by preference: */
+
/*
+ * Everything else being equal, prefer ephemeral ECDH over other key
+ * exchange mechanisms
+ */
+ ssl_cipher_apply_rule(0, SSL_kEECDH, 0, 0, 0, 0, 0, CIPHER_ADD, -1, &head,
+ &tail);
+ ssl_cipher_apply_rule(0, SSL_kEECDH, 0, 0, 0, 0, 0, CIPHER_DEL, -1, &head,
+ &tail);
+
+ /* AES is our preferred symmetric cipher */
+ ssl_cipher_apply_rule(0, 0, 0, SSL_AES, 0, 0, 0, CIPHER_ADD, -1, &head,
+ &tail);
+
+ /* Temporarily enable everything else for sorting */
+ ssl_cipher_apply_rule(0, 0, 0, 0, 0, 0, 0, CIPHER_ADD, -1, &head, &tail);
+
+ /* Low priority for MD5 */
+ ssl_cipher_apply_rule(0, 0, 0, 0, SSL_MD5, 0, 0, CIPHER_ORD, -1, &head,
+ &tail);
+
+ /*
+ * Move anonymous ciphers to the end. Usually, these will remain
+ * disabled. (For applications that allow them, they aren't too bad, but
+ * we prefer authenticated ciphers.)
+ */
+ ssl_cipher_apply_rule(0, 0, SSL_aNULL, 0, 0, 0, 0, CIPHER_ORD, -1, &head,
+ &tail);
+
+ /* Move ciphers without forward secrecy to the end */
+ ssl_cipher_apply_rule(0, 0, SSL_aECDH, 0, 0, 0, 0, CIPHER_ORD, -1, &head,
+ &tail);
+ /*
+ * ssl_cipher_apply_rule(0, 0, SSL_aDH, 0, 0, 0, 0, CIPHER_ORD, -1,
+ * &head, &tail);
+ */
+ ssl_cipher_apply_rule(0, SSL_kRSA, 0, 0, 0, 0, 0, CIPHER_ORD, -1, &head,
+ &tail);
+ ssl_cipher_apply_rule(0, SSL_kPSK, 0, 0, 0, 0, 0, CIPHER_ORD, -1, &head,
+ &tail);
+ ssl_cipher_apply_rule(0, SSL_kKRB5, 0, 0, 0, 0, 0, CIPHER_ORD, -1, &head,
+ &tail);
+
+ /* RC4 is sort-of broken -- move the the end */
+ ssl_cipher_apply_rule(0, 0, 0, SSL_RC4, 0, 0, 0, CIPHER_ORD, -1, &head,
+ &tail);
+
+ /*
+ * Now sort by symmetric encryption strength. The above ordering remains
+ * in force within each class
+ */
+ if (!ssl_cipher_strength_sort(&head, &tail)) {
+ OPENSSL_free(co_list);
+ return NULL;
+ }
+
+ /* Now disable everything (maintaining the ordering!) */
+ ssl_cipher_apply_rule(0, 0, 0, 0, 0, 0, 0, CIPHER_DEL, -1, &head, &tail);
+
+ /*
* We also need cipher aliases for selecting based on the rule_str.
* There might be two types of entries in the rule_str: 1) names
* of ciphers themselves 2) aliases for groups of ciphers.
@@ -1018,9 +1487,7 @@
*/
num_of_group_aliases = sizeof(cipher_aliases) / sizeof(SSL_CIPHER);
num_of_alias_max = num_of_ciphers + num_of_group_aliases + 1;
- ca_list =
- (SSL_CIPHER **)OPENSSL_malloc(sizeof(SSL_CIPHER *) *
- num_of_alias_max);
+ ca_list = OPENSSL_malloc(sizeof(SSL_CIPHER *) * num_of_alias_max);
if (ca_list == NULL) {
OPENSSL_free(co_list);
SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
@@ -1027,7 +1494,8 @@
return (NULL); /* Failure */
}
ssl_cipher_collect_aliases(ca_list, num_of_group_aliases,
- (disabled_mask & disabled_m256), head);
+ disabled_mkey, disabled_auth, disabled_enc,
+ disabled_mac, disabled_ssl, head);
/*
* If the rule_string begins with DEFAULT, apply the default rule
@@ -1037,7 +1505,7 @@
rule_p = rule_str;
if (strncmp(rule_str, "DEFAULT", 7) == 0) {
ok = ssl_cipher_process_rulestr(SSL_DEFAULT_CIPHER_LIST,
- co_list, &head, &tail, ca_list);
+ &head, &tail, ca_list);
rule_p += 7;
if (*rule_p == ':')
rule_p++;
@@ -1044,15 +1512,15 @@
}
if (ok && (strlen(rule_p) > 0))
- ok = ssl_cipher_process_rulestr(rule_p, co_list, &head, &tail,
- ca_list);
+ ok = ssl_cipher_process_rulestr(rule_p, &head, &tail, ca_list);
- OPENSSL_free(ca_list); /* Not needed anymore */
+ OPENSSL_free((void *)ca_list); /* Not needed anymore */
if (!ok) { /* Rule processing failure */
OPENSSL_free(co_list);
return (NULL);
}
+
/*
* Allocate new "cipherstack" for the result, return with error
* if we cannot get one.
@@ -1076,7 +1544,7 @@
{
sk_SSL_CIPHER_push(cipherstack, curr->cipher);
#ifdef CIPHER_DEBUG
- printf("<%s>\n", curr->cipher->name);
+ fprintf(stderr, "<%s>\n", curr->cipher->name);
#endif
}
}
@@ -1105,16 +1573,21 @@
int is_export, pkl, kl;
const char *ver, *exp_str;
const char *kx, *au, *enc, *mac;
- unsigned long alg, alg2;
+ unsigned long alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl, alg2;
#ifdef KSSL_DEBUG
static const char *format =
- "%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s AL=%lx\n";
+ "%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s AL=%lx/%lx/%lx/%lx/%lx\n";
#else
static const char *format =
"%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s\n";
#endif /* KSSL_DEBUG */
- alg = cipher->algorithms;
+ alg_mkey = cipher->algorithm_mkey;
+ alg_auth = cipher->algorithm_auth;
+ alg_enc = cipher->algorithm_enc;
+ alg_mac = cipher->algorithm_mac;
+ alg_ssl = cipher->algorithm_ssl;
+
alg2 = cipher->algorithm2;
is_export = SSL_C_IS_EXPORT(cipher);
@@ -1122,14 +1595,16 @@
kl = SSL_C_EXPORT_KEYLENGTH(cipher);
exp_str = is_export ? " export" : "";
- if (alg & SSL_SSLV2)
+ if (alg_ssl & SSL_SSLV2)
ver = "SSLv2";
- else if (alg & SSL_SSLV3)
+ else if (alg_ssl & SSL_SSLV3)
ver = "SSLv3";
+ else if (alg_ssl & SSL_TLSV1_2)
+ ver = "TLSv1.2";
else
ver = "unknown";
- switch (alg & SSL_MKEY_MASK) {
+ switch (alg_mkey) {
case SSL_kRSA:
kx = is_export ? (pkl == 512 ? "RSA(512)" : "RSA(1024)") : "RSA";
break;
@@ -1139,25 +1614,35 @@
case SSL_kDHd:
kx = "DH/DSS";
break;
- case SSL_kKRB5: /* VRS */
- case SSL_KRB5: /* VRS */
+ case SSL_kKRB5:
kx = "KRB5";
break;
- case SSL_kFZA:
- kx = "Fortezza";
- break;
case SSL_kEDH:
kx = is_export ? (pkl == 512 ? "DH(512)" : "DH(1024)") : "DH";
break;
- case SSL_kECDH:
- case SSL_kECDHE:
- kx = is_export ? "ECDH(<=163)" : "ECDH";
+ case SSL_kECDHr:
+ kx = "ECDH/RSA";
break;
+ case SSL_kECDHe:
+ kx = "ECDH/ECDSA";
+ break;
+ case SSL_kEECDH:
+ kx = "ECDH";
+ break;
+ case SSL_kPSK:
+ kx = "PSK";
+ break;
+ case SSL_kSRP:
+ kx = "SRP";
+ break;
+ case SSL_kGOST:
+ kx = "GOST";
+ break;
default:
kx = "unknown";
}
- switch (alg & SSL_AUTH_MASK) {
+ switch (alg_auth) {
case SSL_aRSA:
au = "RSA";
break;
@@ -1167,11 +1652,12 @@
case SSL_aDH:
au = "DH";
break;
- case SSL_aKRB5: /* VRS */
- case SSL_KRB5: /* VRS */
+ case SSL_aKRB5:
au = "KRB5";
break;
- case SSL_aFZA:
+ case SSL_aECDH:
+ au = "ECDH";
+ break;
case SSL_aNULL:
au = "None";
break;
@@ -1178,12 +1664,24 @@
case SSL_aECDSA:
au = "ECDSA";
break;
+ case SSL_aPSK:
+ au = "PSK";
+ break;
+ case SSL_aSRP:
+ au = "SRP";
+ break;
+ case SSL_aGOST94:
+ au = "GOST94";
+ break;
+ case SSL_aGOST01:
+ au = "GOST01";
+ break;
default:
au = "unknown";
break;
}
- switch (alg & SSL_ENC_MASK) {
+ switch (alg_enc) {
case SSL_DES:
enc = (is_export && kl == 5) ? "DES(40)" : "DES(56)";
break;
@@ -1200,51 +1698,39 @@
case SSL_IDEA:
enc = "IDEA(128)";
break;
- case SSL_eFZA:
- enc = "Fortezza";
- break;
case SSL_eNULL:
enc = "None";
break;
- case SSL_AES:
- switch (cipher->strength_bits) {
- case 128:
- enc = "AES(128)";
- break;
- case 192:
- enc = "AES(192)";
- break;
- case 256:
- enc = "AES(256)";
- break;
- default:
- enc = "AES(?" "?" "?)";
- break;
- }
+ case SSL_AES128:
+ enc = "AES(128)";
break;
- case SSL_CAMELLIA:
- switch (cipher->strength_bits) {
- case 128:
- enc = "Camellia(128)";
- break;
- case 256:
- enc = "Camellia(256)";
- break;
- default:
- enc = "Camellia(?" "?" "?)";
- break;
- }
+ case SSL_AES256:
+ enc = "AES(256)";
break;
+ case SSL_AES128GCM:
+ enc = "AESGCM(128)";
+ break;
+ case SSL_AES256GCM:
+ enc = "AESGCM(256)";
+ break;
+ case SSL_CAMELLIA128:
+ enc = "Camellia(128)";
+ break;
+ case SSL_CAMELLIA256:
+ enc = "Camellia(256)";
+ break;
case SSL_SEED:
enc = "SEED(128)";
break;
-
+ case SSL_eGOST2814789CNT:
+ enc = "GOST89(256)";
+ break;
default:
enc = "unknown";
break;
}
- switch (alg & SSL_MAC_MASK) {
+ switch (alg_mac) {
case SSL_MD5:
mac = "MD5";
break;
@@ -1251,6 +1737,21 @@
case SSL_SHA1:
mac = "SHA1";
break;
+ case SSL_SHA256:
+ mac = "SHA256";
+ break;
+ case SSL_SHA384:
+ mac = "SHA384";
+ break;
+ case SSL_AEAD:
+ mac = "AEAD";
+ break;
+ case SSL_GOST89MAC:
+ mac = "GOST89";
+ break;
+ case SSL_GOST94:
+ mac = "GOST94";
+ break;
default:
mac = "unknown";
break;
@@ -1266,7 +1767,7 @@
#ifdef KSSL_DEBUG
BIO_snprintf(buf, len, format, cipher->name, ver, kx, au, enc, mac,
- exp_str, alg);
+ exp_str, alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl);
#else
BIO_snprintf(buf, len, format, cipher->name, ver, kx, au, enc, mac,
exp_str);
@@ -1310,6 +1811,11 @@
return (ret);
}
+unsigned long SSL_CIPHER_get_id(const SSL_CIPHER *c)
+{
+ return c->id;
+}
+
SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n)
{
SSL_COMP *ctmp;
Modified: trunk/crypto/openssl/ssl/ssl_err.c
===================================================================
--- trunk/crypto/openssl/ssl/ssl_err.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/ssl/ssl_err.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -90,6 +90,7 @@
"DTLS1_GET_MESSAGE_FRAGMENT"},
{ERR_FUNC(SSL_F_DTLS1_GET_RECORD), "DTLS1_GET_RECORD"},
{ERR_FUNC(SSL_F_DTLS1_HANDLE_TIMEOUT), "DTLS1_HANDLE_TIMEOUT"},
+ {ERR_FUNC(SSL_F_DTLS1_HEARTBEAT), "DTLS1_HEARTBEAT"},
{ERR_FUNC(SSL_F_DTLS1_OUTPUT_CERT_CHAIN), "DTLS1_OUTPUT_CERT_CHAIN"},
{ERR_FUNC(SSL_F_DTLS1_PREPROCESS_FRAGMENT), "DTLS1_PREPROCESS_FRAGMENT"},
{ERR_FUNC(SSL_F_DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE),
@@ -154,9 +155,12 @@
{ERR_FUNC(SSL_F_SSL3_CONNECT), "SSL3_CONNECT"},
{ERR_FUNC(SSL_F_SSL3_CTRL), "SSL3_CTRL"},
{ERR_FUNC(SSL_F_SSL3_CTX_CTRL), "SSL3_CTX_CTRL"},
+ {ERR_FUNC(SSL_F_SSL3_DIGEST_CACHED_RECORDS),
+ "SSL3_DIGEST_CACHED_RECORDS"},
{ERR_FUNC(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC),
"SSL3_DO_CHANGE_CIPHER_SPEC"},
{ERR_FUNC(SSL_F_SSL3_ENC), "SSL3_ENC"},
+ {ERR_FUNC(SSL_F_SSL3_CHECK_FINISHED), "SSL3_CHECK_FINISHED"},
{ERR_FUNC(SSL_F_SSL3_GENERATE_KEY_BLOCK), "SSL3_GENERATE_KEY_BLOCK"},
{ERR_FUNC(SSL_F_SSL3_GET_CERTIFICATE_REQUEST),
"SSL3_GET_CERTIFICATE_REQUEST"},
@@ -172,11 +176,13 @@
{ERR_FUNC(SSL_F_SSL3_GET_MESSAGE), "SSL3_GET_MESSAGE"},
{ERR_FUNC(SSL_F_SSL3_GET_NEW_SESSION_TICKET),
"SSL3_GET_NEW_SESSION_TICKET"},
+ {ERR_FUNC(SSL_F_SSL3_GET_NEXT_PROTO), "SSL3_GET_NEXT_PROTO"},
{ERR_FUNC(SSL_F_SSL3_GET_RECORD), "SSL3_GET_RECORD"},
{ERR_FUNC(SSL_F_SSL3_GET_SERVER_CERTIFICATE),
"SSL3_GET_SERVER_CERTIFICATE"},
{ERR_FUNC(SSL_F_SSL3_GET_SERVER_DONE), "SSL3_GET_SERVER_DONE"},
{ERR_FUNC(SSL_F_SSL3_GET_SERVER_HELLO), "SSL3_GET_SERVER_HELLO"},
+ {ERR_FUNC(SSL_F_SSL3_HANDSHAKE_MAC), "ssl3_handshake_mac"},
{ERR_FUNC(SSL_F_SSL3_NEW_SESSION_TICKET), "SSL3_NEW_SESSION_TICKET"},
{ERR_FUNC(SSL_F_SSL3_OUTPUT_CERT_CHAIN), "SSL3_OUTPUT_CERT_CHAIN"},
{ERR_FUNC(SSL_F_SSL3_PEEK), "SSL3_PEEK"},
@@ -194,8 +200,9 @@
{ERR_FUNC(SSL_F_SSL3_SEND_SERVER_HELLO), "SSL3_SEND_SERVER_HELLO"},
{ERR_FUNC(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE),
"SSL3_SEND_SERVER_KEY_EXCHANGE"},
- {ERR_FUNC(SSL_F_SSL3_SETUP_BUFFERS), "SSL3_SETUP_BUFFERS"},
{ERR_FUNC(SSL_F_SSL3_SETUP_KEY_BLOCK), "SSL3_SETUP_KEY_BLOCK"},
+ {ERR_FUNC(SSL_F_SSL3_SETUP_READ_BUFFER), "SSL3_SETUP_READ_BUFFER"},
+ {ERR_FUNC(SSL_F_SSL3_SETUP_WRITE_BUFFER), "SSL3_SETUP_WRITE_BUFFER"},
{ERR_FUNC(SSL_F_SSL3_WRITE_BYTES), "SSL3_WRITE_BYTES"},
{ERR_FUNC(SSL_F_SSL3_WRITE_PENDING), "SSL3_WRITE_PENDING"},
{ERR_FUNC(SSL_F_SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT),
@@ -202,6 +209,8 @@
"SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT"},
{ERR_FUNC(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT),
"SSL_ADD_CLIENTHELLO_TLSEXT"},
+ {ERR_FUNC(SSL_F_SSL_ADD_CLIENTHELLO_USE_SRTP_EXT),
+ "SSL_ADD_CLIENTHELLO_USE_SRTP_EXT"},
{ERR_FUNC(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK),
"SSL_add_dir_cert_subjects_to_stack"},
{ERR_FUNC(SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK),
@@ -210,6 +219,8 @@
"SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT"},
{ERR_FUNC(SSL_F_SSL_ADD_SERVERHELLO_TLSEXT),
"SSL_ADD_SERVERHELLO_TLSEXT"},
+ {ERR_FUNC(SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT),
+ "SSL_ADD_SERVERHELLO_USE_SRTP_EXT"},
{ERR_FUNC(SSL_F_SSL_BAD_METHOD), "SSL_BAD_METHOD"},
{ERR_FUNC(SSL_F_SSL_BYTES_TO_CIPHER_LIST), "SSL_BYTES_TO_CIPHER_LIST"},
{ERR_FUNC(SSL_F_SSL_CERT_DUP), "SSL_CERT_DUP"},
@@ -219,6 +230,8 @@
{ERR_FUNC(SSL_F_SSL_CHECK_PRIVATE_KEY), "SSL_check_private_key"},
{ERR_FUNC(SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT),
"SSL_CHECK_SERVERHELLO_TLSEXT"},
+ {ERR_FUNC(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG),
+ "SSL_CHECK_SRVR_ECC_CERT_AND_ALG"},
{ERR_FUNC(SSL_F_SSL_CIPHER_PROCESS_RULESTR),
"SSL_CIPHER_PROCESS_RULESTR"},
{ERR_FUNC(SSL_F_SSL_CIPHER_STRENGTH_SORT), "SSL_CIPHER_STRENGTH_SORT"},
@@ -228,6 +241,7 @@
{ERR_FUNC(SSL_F_SSL_CREATE_CIPHER_LIST), "SSL_CREATE_CIPHER_LIST"},
{ERR_FUNC(SSL_F_SSL_CTRL), "SSL_ctrl"},
{ERR_FUNC(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY), "SSL_CTX_check_private_key"},
+ {ERR_FUNC(SSL_F_SSL_CTX_MAKE_PROFILES), "SSL_CTX_MAKE_PROFILES"},
{ERR_FUNC(SSL_F_SSL_CTX_NEW), "SSL_CTX_new"},
{ERR_FUNC(SSL_F_SSL_CTX_SET_CIPHER_LIST), "SSL_CTX_set_cipher_list"},
{ERR_FUNC(SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE),
@@ -249,6 +263,8 @@
"SSL_CTX_use_PrivateKey_ASN1"},
{ERR_FUNC(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE),
"SSL_CTX_use_PrivateKey_file"},
+ {ERR_FUNC(SSL_F_SSL_CTX_USE_PSK_IDENTITY_HINT),
+ "SSL_CTX_use_psk_identity_hint"},
{ERR_FUNC(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY), "SSL_CTX_use_RSAPrivateKey"},
{ERR_FUNC(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1),
"SSL_CTX_use_RSAPrivateKey_ASN1"},
@@ -267,10 +283,14 @@
"SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT"},
{ERR_FUNC(SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT),
"SSL_PARSE_CLIENTHELLO_TLSEXT"},
+ {ERR_FUNC(SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT),
+ "SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT"},
{ERR_FUNC(SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT),
"SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT"},
{ERR_FUNC(SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT),
"SSL_PARSE_SERVERHELLO_TLSEXT"},
+ {ERR_FUNC(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT),
+ "SSL_PARSE_SERVERHELLO_USE_SRTP_EXT"},
{ERR_FUNC(SSL_F_SSL_PEEK), "SSL_peek"},
{ERR_FUNC(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT),
"SSL_PREPARE_CLIENTHELLO_TLSEXT"},
@@ -282,6 +302,8 @@
{ERR_FUNC(SSL_F_SSL_SESSION_DUP), "ssl_session_dup"},
{ERR_FUNC(SSL_F_SSL_SESSION_NEW), "SSL_SESSION_new"},
{ERR_FUNC(SSL_F_SSL_SESSION_PRINT_FP), "SSL_SESSION_print_fp"},
+ {ERR_FUNC(SSL_F_SSL_SESSION_SET1_ID_CONTEXT),
+ "SSL_SESSION_set1_id_context"},
{ERR_FUNC(SSL_F_SSL_SESS_CERT_NEW), "SSL_SESS_CERT_NEW"},
{ERR_FUNC(SSL_F_SSL_SET_CERT), "SSL_SET_CERT"},
{ERR_FUNC(SSL_F_SSL_SET_CIPHER_LIST), "SSL_set_cipher_list"},
@@ -292,9 +314,12 @@
{ERR_FUNC(SSL_F_SSL_SET_SESSION), "SSL_set_session"},
{ERR_FUNC(SSL_F_SSL_SET_SESSION_ID_CONTEXT),
"SSL_set_session_id_context"},
+ {ERR_FUNC(SSL_F_SSL_SET_SESSION_TICKET_EXT),
+ "SSL_set_session_ticket_ext"},
{ERR_FUNC(SSL_F_SSL_SET_TRUST), "SSL_set_trust"},
{ERR_FUNC(SSL_F_SSL_SET_WFD), "SSL_set_wfd"},
{ERR_FUNC(SSL_F_SSL_SHUTDOWN), "SSL_shutdown"},
+ {ERR_FUNC(SSL_F_SSL_SRP_CTX_INIT), "SSL_SRP_CTX_init"},
{ERR_FUNC(SSL_F_SSL_UNDEFINED_CONST_FUNCTION),
"SSL_UNDEFINED_CONST_FUNCTION"},
{ERR_FUNC(SSL_F_SSL_UNDEFINED_FUNCTION), "SSL_UNDEFINED_FUNCTION"},
@@ -306,6 +331,7 @@
{ERR_FUNC(SSL_F_SSL_USE_PRIVATEKEY), "SSL_use_PrivateKey"},
{ERR_FUNC(SSL_F_SSL_USE_PRIVATEKEY_ASN1), "SSL_use_PrivateKey_ASN1"},
{ERR_FUNC(SSL_F_SSL_USE_PRIVATEKEY_FILE), "SSL_use_PrivateKey_file"},
+ {ERR_FUNC(SSL_F_SSL_USE_PSK_IDENTITY_HINT), "SSL_use_psk_identity_hint"},
{ERR_FUNC(SSL_F_SSL_USE_RSAPRIVATEKEY), "SSL_use_RSAPrivateKey"},
{ERR_FUNC(SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1),
"SSL_use_RSAPrivateKey_ASN1"},
@@ -313,8 +339,19 @@
"SSL_use_RSAPrivateKey_file"},
{ERR_FUNC(SSL_F_SSL_VERIFY_CERT_CHAIN), "SSL_VERIFY_CERT_CHAIN"},
{ERR_FUNC(SSL_F_SSL_WRITE), "SSL_write"},
+ {ERR_FUNC(SSL_F_TLS1_CERT_VERIFY_MAC), "tls1_cert_verify_mac"},
{ERR_FUNC(SSL_F_TLS1_CHANGE_CIPHER_STATE), "TLS1_CHANGE_CIPHER_STATE"},
+ {ERR_FUNC(SSL_F_TLS1_CHECK_SERVERHELLO_TLSEXT),
+ "TLS1_CHECK_SERVERHELLO_TLSEXT"},
{ERR_FUNC(SSL_F_TLS1_ENC), "TLS1_ENC"},
+ {ERR_FUNC(SSL_F_TLS1_EXPORT_KEYING_MATERIAL),
+ "TLS1_EXPORT_KEYING_MATERIAL"},
+ {ERR_FUNC(SSL_F_TLS1_HEARTBEAT), "SSL_F_TLS1_HEARTBEAT"},
+ {ERR_FUNC(SSL_F_TLS1_PREPARE_CLIENTHELLO_TLSEXT),
+ "TLS1_PREPARE_CLIENTHELLO_TLSEXT"},
+ {ERR_FUNC(SSL_F_TLS1_PREPARE_SERVERHELLO_TLSEXT),
+ "TLS1_PREPARE_SERVERHELLO_TLSEXT"},
+ {ERR_FUNC(SSL_F_TLS1_PRF), "tls1_prf"},
{ERR_FUNC(SSL_F_TLS1_SETUP_KEY_BLOCK), "TLS1_SETUP_KEY_BLOCK"},
{ERR_FUNC(SSL_F_WRITE_PENDING), "WRITE_PENDING"},
{0, NULL}
@@ -339,13 +376,17 @@
{ERR_REASON(SSL_R_BAD_ECC_CERT), "bad ecc cert"},
{ERR_REASON(SSL_R_BAD_ECDSA_SIGNATURE), "bad ecdsa signature"},
{ERR_REASON(SSL_R_BAD_ECPOINT), "bad ecpoint"},
+ {ERR_REASON(SSL_R_BAD_HANDSHAKE_LENGTH), "bad handshake length"},
{ERR_REASON(SSL_R_BAD_HELLO_REQUEST), "bad hello request"},
{ERR_REASON(SSL_R_BAD_LENGTH), "bad length"},
{ERR_REASON(SSL_R_BAD_MAC_DECODE), "bad mac decode"},
+ {ERR_REASON(SSL_R_BAD_MAC_LENGTH), "bad mac length"},
{ERR_REASON(SSL_R_BAD_MESSAGE_TYPE), "bad message type"},
{ERR_REASON(SSL_R_BAD_PACKET_LENGTH), "bad packet length"},
{ERR_REASON(SSL_R_BAD_PROTOCOL_VERSION_NUMBER),
"bad protocol version number"},
+ {ERR_REASON(SSL_R_BAD_PSK_IDENTITY_HINT_LENGTH),
+ "bad psk identity hint length"},
{ERR_REASON(SSL_R_BAD_RESPONSE_ARGUMENT), "bad response argument"},
{ERR_REASON(SSL_R_BAD_RSA_DECRYPT), "bad rsa decrypt"},
{ERR_REASON(SSL_R_BAD_RSA_ENCRYPT), "bad rsa encrypt"},
@@ -353,6 +394,15 @@
{ERR_REASON(SSL_R_BAD_RSA_MODULUS_LENGTH), "bad rsa modulus length"},
{ERR_REASON(SSL_R_BAD_RSA_SIGNATURE), "bad rsa signature"},
{ERR_REASON(SSL_R_BAD_SIGNATURE), "bad signature"},
+ {ERR_REASON(SSL_R_BAD_SRP_A_LENGTH), "bad srp a length"},
+ {ERR_REASON(SSL_R_BAD_SRP_B_LENGTH), "bad srp b length"},
+ {ERR_REASON(SSL_R_BAD_SRP_G_LENGTH), "bad srp g length"},
+ {ERR_REASON(SSL_R_BAD_SRP_N_LENGTH), "bad srp n length"},
+ {ERR_REASON(SSL_R_BAD_SRP_PARAMETERS), "bad srp parameters"},
+ {ERR_REASON(SSL_R_BAD_SRP_S_LENGTH), "bad srp s length"},
+ {ERR_REASON(SSL_R_BAD_SRTP_MKI_VALUE), "bad srtp mki value"},
+ {ERR_REASON(SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST),
+ "bad srtp protection profile list"},
{ERR_REASON(SSL_R_BAD_SSL_FILETYPE), "bad ssl filetype"},
{ERR_REASON(SSL_R_BAD_SSL_SESSION_ID_LENGTH),
"bad ssl session id length"},
@@ -376,6 +426,7 @@
{ERR_REASON(SSL_R_CLIENTHELLO_TLSEXT), "clienthello tlsext"},
{ERR_REASON(SSL_R_COMPRESSED_LENGTH_TOO_LONG),
"compressed length too long"},
+ {ERR_REASON(SSL_R_COMPRESSION_DISABLED), "compression disabled"},
{ERR_REASON(SSL_R_COMPRESSION_FAILURE), "compression failure"},
{ERR_REASON(SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE),
"compression id not within private range"},
@@ -391,13 +442,23 @@
{ERR_REASON(SSL_R_DECRYPTION_FAILED), "decryption failed"},
{ERR_REASON(SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC),
"decryption failed or bad record mac"},
+ {ERR_REASON(SSL_R_DH_KEY_TOO_SMALL), "dh key too small"},
{ERR_REASON(SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG),
"dh public value length is wrong"},
{ERR_REASON(SSL_R_DIGEST_CHECK_FAILED), "digest check failed"},
{ERR_REASON(SSL_R_DTLS_MESSAGE_TOO_BIG), "dtls message too big"},
{ERR_REASON(SSL_R_DUPLICATE_COMPRESSION_ID), "duplicate compression id"},
+ {ERR_REASON(SSL_R_ECC_CERT_NOT_FOR_KEY_AGREEMENT),
+ "ecc cert not for key agreement"},
+ {ERR_REASON(SSL_R_ECC_CERT_NOT_FOR_SIGNING), "ecc cert not for signing"},
+ {ERR_REASON(SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE),
+ "ecc cert should have rsa signature"},
+ {ERR_REASON(SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE),
+ "ecc cert should have sha1 signature"},
{ERR_REASON(SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER),
"ecgroup too large for cipher"},
+ {ERR_REASON(SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST),
+ "empty srtp protection profile list"},
{ERR_REASON(SSL_R_ENCRYPTED_LENGTH_TOO_LONG),
"encrypted length too long"},
{ERR_REASON(SSL_R_ERROR_GENERATING_TMP_RSA_KEY),
@@ -407,13 +468,21 @@
{ERR_REASON(SSL_R_EXCESSIVE_MESSAGE_SIZE), "excessive message size"},
{ERR_REASON(SSL_R_EXTRA_DATA_IN_MESSAGE), "extra data in message"},
{ERR_REASON(SSL_R_GOT_A_FIN_BEFORE_A_CCS), "got a fin before a ccs"},
+ {ERR_REASON(SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS),
+ "got next proto before a ccs"},
+ {ERR_REASON(SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION),
+ "got next proto without seeing extension"},
{ERR_REASON(SSL_R_HTTPS_PROXY_REQUEST), "https proxy request"},
{ERR_REASON(SSL_R_HTTP_REQUEST), "http request"},
{ERR_REASON(SSL_R_ILLEGAL_PADDING), "illegal padding"},
{ERR_REASON(SSL_R_INAPPROPRIATE_FALLBACK), "inappropriate fallback"},
+ {ERR_REASON(SSL_R_INCONSISTENT_COMPRESSION), "inconsistent compression"},
{ERR_REASON(SSL_R_INVALID_CHALLENGE_LENGTH), "invalid challenge length"},
{ERR_REASON(SSL_R_INVALID_COMMAND), "invalid command"},
+ {ERR_REASON(SSL_R_INVALID_COMPRESSION_ALGORITHM),
+ "invalid compression algorithm"},
{ERR_REASON(SSL_R_INVALID_PURPOSE), "invalid purpose"},
+ {ERR_REASON(SSL_R_INVALID_SRP_USERNAME), "invalid srp username"},
{ERR_REASON(SSL_R_INVALID_STATUS_RESPONSE), "invalid status response"},
{ERR_REASON(SSL_R_INVALID_TICKET_KEYS_LENGTH),
"invalid ticket keys length"},
@@ -447,6 +516,7 @@
{ERR_REASON(SSL_R_MISSING_RSA_ENCRYPTING_CERT),
"missing rsa encrypting cert"},
{ERR_REASON(SSL_R_MISSING_RSA_SIGNING_CERT), "missing rsa signing cert"},
+ {ERR_REASON(SSL_R_MISSING_SRP_PARAM), "can't find SRP server param"},
{ERR_REASON(SSL_R_MISSING_TMP_DH_KEY), "missing tmp dh key"},
{ERR_REASON(SSL_R_MISSING_TMP_ECDH_KEY), "missing tmp ecdh key"},
{ERR_REASON(SSL_R_MISSING_TMP_RSA_KEY), "missing tmp rsa key"},
@@ -467,6 +537,8 @@
{ERR_REASON(SSL_R_NO_CLIENT_CERT_METHOD), "no client cert method"},
{ERR_REASON(SSL_R_NO_CLIENT_CERT_RECEIVED), "no client cert received"},
{ERR_REASON(SSL_R_NO_COMPRESSION_SPECIFIED), "no compression specified"},
+ {ERR_REASON(SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER),
+ "Peer haven't sent GOST certificate, required for selected ciphersuite"},
{ERR_REASON(SSL_R_NO_METHOD_SPECIFIED), "no method specified"},
{ERR_REASON(SSL_R_NO_PRIVATEKEY), "no privatekey"},
{ERR_REASON(SSL_R_NO_PRIVATE_KEY_ASSIGNED), "no private key assigned"},
@@ -473,14 +545,21 @@
{ERR_REASON(SSL_R_NO_PROTOCOLS_AVAILABLE), "no protocols available"},
{ERR_REASON(SSL_R_NO_PUBLICKEY), "no publickey"},
{ERR_REASON(SSL_R_NO_RENEGOTIATION), "no renegotiation"},
+ {ERR_REASON(SSL_R_NO_REQUIRED_DIGEST),
+ "digest requred for handshake isn't computed"},
{ERR_REASON(SSL_R_NO_SHARED_CIPHER), "no shared cipher"},
+ {ERR_REASON(SSL_R_NO_SRTP_PROFILES), "no srtp profiles"},
{ERR_REASON(SSL_R_NO_VERIFY_CALLBACK), "no verify callback"},
{ERR_REASON(SSL_R_NULL_SSL_CTX), "null ssl ctx"},
{ERR_REASON(SSL_R_NULL_SSL_METHOD_PASSED), "null ssl method passed"},
{ERR_REASON(SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED),
"old session cipher not returned"},
+ {ERR_REASON(SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED),
+ "old session compression algorithm not returned"},
{ERR_REASON(SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE),
"only tls allowed in fips mode"},
+ {ERR_REASON(SSL_R_OPAQUE_PRF_INPUT_TOO_LONG),
+ "opaque PRF input too long"},
{ERR_REASON(SSL_R_PACKET_LENGTH_TOO_LONG), "packet length too long"},
{ERR_REASON(SSL_R_PARSE_TLSEXT), "parse tlsext"},
{ERR_REASON(SSL_R_PATH_TOO_LONG), "path too long"},
@@ -497,6 +576,9 @@
{ERR_REASON(SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS),
"problems mapping cipher functions"},
{ERR_REASON(SSL_R_PROTOCOL_IS_SHUTDOWN), "protocol is shutdown"},
+ {ERR_REASON(SSL_R_PSK_IDENTITY_NOT_FOUND), "psk identity not found"},
+ {ERR_REASON(SSL_R_PSK_NO_CLIENT_CB), "psk no client cb"},
+ {ERR_REASON(SSL_R_PSK_NO_SERVER_CB), "psk no server cb"},
{ERR_REASON(SSL_R_PUBLIC_KEY_ENCRYPT_ERROR), "public key encrypt error"},
{ERR_REASON(SSL_R_PUBLIC_KEY_IS_NOT_RSA), "public key is not rsa"},
{ERR_REASON(SSL_R_PUBLIC_KEY_NOT_RSA), "public key not rsa"},
@@ -511,6 +593,8 @@
"renegotiation encoding err"},
{ERR_REASON(SSL_R_RENEGOTIATION_MISMATCH), "renegotiation mismatch"},
{ERR_REASON(SSL_R_REQUIRED_CIPHER_MISSING), "required cipher missing"},
+ {ERR_REASON(SSL_R_REQUIRED_COMPRESSSION_ALGORITHM_MISSING),
+ "required compresssion algorithm missing"},
{ERR_REASON(SSL_R_REUSE_CERT_LENGTH_NOT_ZERO),
"reuse cert length not zero"},
{ERR_REASON(SSL_R_REUSE_CERT_TYPE_NOT_ZERO), "reuse cert type not zero"},
@@ -522,12 +606,23 @@
{ERR_REASON(SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED),
"session id context uninitialized"},
{ERR_REASON(SSL_R_SHORT_READ), "short read"},
+ {ERR_REASON(SSL_R_SIGNATURE_ALGORITHMS_ERROR),
+ "signature algorithms error"},
{ERR_REASON(SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE),
"signature for non signing certificate"},
+ {ERR_REASON(SSL_R_SRP_A_CALC), "error with the srp params"},
+ {ERR_REASON(SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES),
+ "srtp could not allocate profiles"},
+ {ERR_REASON(SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG),
+ "srtp protection profile list too long"},
+ {ERR_REASON(SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE),
+ "srtp unknown protection profile"},
{ERR_REASON(SSL_R_SSL23_DOING_SESSION_ID_REUSE),
"ssl23 doing session id reuse"},
{ERR_REASON(SSL_R_SSL2_CONNECTION_ID_TOO_LONG),
"ssl2 connection id too long"},
+ {ERR_REASON(SSL_R_SSL3_EXT_INVALID_ECPOINTFORMAT),
+ "ssl3 ext invalid ecpointformat"},
{ERR_REASON(SSL_R_SSL3_EXT_INVALID_SERVERNAME),
"ssl3 ext invalid servername"},
{ERR_REASON(SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE),
@@ -606,6 +701,12 @@
"tlsv1 unsupported extension"},
{ERR_REASON(SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER),
"tls client cert req with anon cipher"},
+ {ERR_REASON(SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT),
+ "peer does not accept heartbeats"},
+ {ERR_REASON(SSL_R_TLS_HEARTBEAT_PENDING),
+ "heartbeat request already pending"},
+ {ERR_REASON(SSL_R_TLS_ILLEGAL_EXPORTER_LABEL),
+ "tls illegal exporter label"},
{ERR_REASON(SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST),
"tls invalid ecpointformat list"},
{ERR_REASON(SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST),
@@ -641,6 +742,7 @@
{ERR_REASON(SSL_R_UNKNOWN_CERTIFICATE_TYPE), "unknown certificate type"},
{ERR_REASON(SSL_R_UNKNOWN_CIPHER_RETURNED), "unknown cipher returned"},
{ERR_REASON(SSL_R_UNKNOWN_CIPHER_TYPE), "unknown cipher type"},
+ {ERR_REASON(SSL_R_UNKNOWN_DIGEST), "unknown digest"},
{ERR_REASON(SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE),
"unknown key exchange type"},
{ERR_REASON(SSL_R_UNKNOWN_PKEY_TYPE), "unknown pkey type"},
@@ -654,11 +756,13 @@
{ERR_REASON(SSL_R_UNSUPPORTED_CIPHER), "unsupported cipher"},
{ERR_REASON(SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM),
"unsupported compression algorithm"},
+ {ERR_REASON(SSL_R_UNSUPPORTED_DIGEST_TYPE), "unsupported digest type"},
{ERR_REASON(SSL_R_UNSUPPORTED_ELLIPTIC_CURVE),
"unsupported elliptic curve"},
{ERR_REASON(SSL_R_UNSUPPORTED_PROTOCOL), "unsupported protocol"},
{ERR_REASON(SSL_R_UNSUPPORTED_SSL_VERSION), "unsupported ssl version"},
{ERR_REASON(SSL_R_UNSUPPORTED_STATUS_TYPE), "unsupported status type"},
+ {ERR_REASON(SSL_R_USE_SRTP_NOT_NEGOTIATED), "use srtp not negotiated"},
{ERR_REASON(SSL_R_WRITE_BIO_NOT_SET), "write bio not set"},
{ERR_REASON(SSL_R_WRONG_CIPHER_RETURNED), "wrong cipher returned"},
{ERR_REASON(SSL_R_WRONG_MESSAGE_TYPE), "wrong message type"},
@@ -665,6 +769,7 @@
{ERR_REASON(SSL_R_WRONG_NUMBER_OF_KEY_BITS), "wrong number of key bits"},
{ERR_REASON(SSL_R_WRONG_SIGNATURE_LENGTH), "wrong signature length"},
{ERR_REASON(SSL_R_WRONG_SIGNATURE_SIZE), "wrong signature size"},
+ {ERR_REASON(SSL_R_WRONG_SIGNATURE_TYPE), "wrong signature type"},
{ERR_REASON(SSL_R_WRONG_SSL_VERSION), "wrong ssl version"},
{ERR_REASON(SSL_R_WRONG_VERSION_NUMBER), "wrong version number"},
{ERR_REASON(SSL_R_X509_LIB), "x509 lib"},
Modified: trunk/crypto/openssl/ssl/ssl_lib.c
===================================================================
--- trunk/crypto/openssl/ssl/ssl_lib.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/ssl/ssl_lib.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -58,7 +58,7 @@
* [including the GNU Public Licence.]
*/
/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -115,6 +115,32 @@
* ECC cipher suite support in OpenSSL originally developed by
* SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
*/
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
#ifdef REF_CHECK
# include <assert.h>
@@ -147,16 +173,18 @@
(int (*)(SSL *, unsigned char *, unsigned char *, int))
ssl_undefined_function,
(int (*)(SSL *, int))ssl_undefined_function,
- (int (*)
- (SSL *, EVP_MD_CTX *, EVP_MD_CTX *, const char *, int,
- unsigned char *))ssl_undefined_function,
+ (int (*)(SSL *, const char *, int, unsigned char *))
+ ssl_undefined_function,
0, /* finish_mac_length */
- (int (*)(SSL *, EVP_MD_CTX *, unsigned char *))ssl_undefined_function,
+ (int (*)(SSL *, int, unsigned char *))ssl_undefined_function,
NULL, /* client_finished_label */
0, /* client_finished_label_len */
NULL, /* server_finished_label */
0, /* server_finished_label_len */
- (int (*)(int))ssl_undefined_function
+ (int (*)(int))ssl_undefined_function,
+ (int (*)(SSL *, unsigned char *, size_t, const char *,
+ size_t, const unsigned char *, size_t,
+ int use_context))ssl_undefined_function,
};
int SSL_clear(SSL *s)
@@ -185,10 +213,10 @@
* This is set if we are doing dynamic renegotiation so keep
* the old cipher. It is sort of a SSL_clear_lite :-)
*/
- if (s->new_session)
+ if (s->renegotiate)
return (1);
#else
- if (s->new_session) {
+ if (s->renegotiate) {
SSLerr(SSL_F_SSL_CLEAR, ERR_R_INTERNAL_ERROR);
return 0;
}
@@ -212,6 +240,8 @@
}
ssl_clear_cipher_ctx(s);
+ ssl_clear_hash_ctx(&s->read_hash);
+ ssl_clear_hash_ctx(&s->write_hash);
s->first_packet = 0;
@@ -233,7 +263,7 @@
}
/** Used to change an SSL_CTXs default SSL method type */
-int SSL_CTX_set_ssl_version(SSL_CTX *ctx, SSL_METHOD *meth)
+int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth)
{
STACK_OF(SSL_CIPHER) *sk;
@@ -241,6 +271,8 @@
sk = ssl_create_cipher_list(ctx->method, &(ctx->cipher_list),
&(ctx->cipher_list_by_id),
+ meth->version ==
+ SSL2_VERSION ? "SSLv2" :
SSL_DEFAULT_CIPHER_LIST);
if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0)) {
SSLerr(SSL_F_SSL_CTX_SET_SSL_VERSION,
@@ -315,6 +347,7 @@
s->trust = ctx->trust;
#endif
s->quiet_shutdown = ctx->quiet_shutdown;
+ s->max_send_fragment = ctx->max_send_fragment;
CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
s->ctx = ctx;
@@ -330,7 +363,11 @@
s->tlsext_ocsp_resplen = -1;
CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
s->initial_ctx = ctx;
+# ifndef OPENSSL_NO_NEXTPROTONEG
+ s->next_proto_negotiated = NULL;
+# endif
#endif
+
s->verify_result = X509_V_OK;
s->method = ctx->method;
@@ -345,15 +382,15 @@
CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data);
+#ifndef OPENSSL_NO_PSK
+ s->psk_client_callback = ctx->psk_client_callback;
+ s->psk_server_callback = ctx->psk_server_callback;
+#endif
+
return (s);
err:
- if (s != NULL) {
- if (s->cert != NULL)
- ssl_cert_free(s->cert);
- if (s->ctx != NULL)
- SSL_CTX_free(s->ctx); /* decrement reference count */
- OPENSSL_free(s);
- }
+ if (s != NULL)
+ SSL_free(s);
SSLerr(SSL_F_SSL_NEW, ERR_R_MALLOC_FAILURE);
return (NULL);
}
@@ -433,7 +470,7 @@
}
CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
- p = (SSL_SESSION *)lh_retrieve(ssl->ctx->sessions, &r);
+ p = lh_SSL_SESSION_retrieve(ssl->ctx->sessions, &r);
CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
return (p != NULL);
}
@@ -458,6 +495,16 @@
return X509_VERIFY_PARAM_set_trust(s->param, trust);
}
+int SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm)
+{
+ return X509_VERIFY_PARAM_set1(ctx->param, vpm);
+}
+
+int SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm)
+{
+ return X509_VERIFY_PARAM_set1(ssl->param, vpm);
+}
+
void SSL_free(SSL *s)
{
int i;
@@ -512,6 +559,8 @@
}
ssl_clear_cipher_ctx(s);
+ ssl_clear_hash_ctx(&s->read_hash);
+ ssl_clear_hash_ctx(&s->write_hash);
if (s->cert != NULL)
ssl_cert_free(s->cert);
@@ -522,6 +571,14 @@
OPENSSL_free(s->tlsext_hostname);
if (s->initial_ctx)
SSL_CTX_free(s->initial_ctx);
+# ifndef OPENSSL_NO_EC
+ if (s->tlsext_ecpointformatlist)
+ OPENSSL_free(s->tlsext_ecpointformatlist);
+ if (s->tlsext_ellipticcurvelist)
+ OPENSSL_free(s->tlsext_ellipticcurvelist);
+# endif /* OPENSSL_NO_EC */
+ if (s->tlsext_opaque_prf_input)
+ OPENSSL_free(s->tlsext_opaque_prf_input);
if (s->tlsext_ocsp_exts)
sk_X509_EXTENSION_pop_free(s->tlsext_ocsp_exts, X509_EXTENSION_free);
if (s->tlsext_ocsp_ids)
@@ -529,6 +586,7 @@
if (s->tlsext_ocsp_resp)
OPENSSL_free(s->tlsext_ocsp_resp);
#endif
+
if (s->client_CA != NULL)
sk_X509_NAME_pop_free(s->client_CA, X509_NAME_free);
@@ -543,6 +601,16 @@
kssl_ctx_free(s->kssl_ctx);
#endif /* OPENSSL_NO_KRB5 */
+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
+ if (s->next_proto_negotiated)
+ OPENSSL_free(s->next_proto_negotiated);
+#endif
+
+#ifndef OPENSSL_NO_SRTP
+ if (s->srtp_profiles)
+ sk_SRTP_PROTECTION_PROFILE_free(s->srtp_profiles);
+#endif
+
OPENSSL_free(s);
}
@@ -953,12 +1021,24 @@
int SSL_renegotiate(SSL *s)
{
- if (s->new_session == 0) {
- s->new_session = 1;
- }
+ if (s->renegotiate == 0)
+ s->renegotiate = 1;
+
+ s->new_session = 1;
+
return (s->method->ssl_renegotiate(s));
}
+int SSL_renegotiate_abbreviated(SSL *s)
+{
+ if (s->renegotiate == 0)
+ s->renegotiate = 1;
+
+ s->new_session = 0;
+
+ return (s->method->ssl_renegotiate(s));
+}
+
int SSL_renegotiate_pending(SSL *s)
{
/*
@@ -965,7 +1045,7 @@
* becomes true when negotiation is requested; false again once a
* handshake has finished
*/
- return (s->new_session != 0);
+ return (s->renegotiate != 0);
}
long SSL_ctrl(SSL *s, int cmd, long larg, void *parg)
@@ -998,18 +1078,11 @@
l = s->max_cert_list;
s->max_cert_list = larg;
return (l);
- case SSL_CTRL_SET_MTU:
-#ifndef OPENSSL_NO_DTLS1
- if (larg < (long)dtls1_min_mtu())
+ case SSL_CTRL_SET_MAX_SEND_FRAGMENT:
+ if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH)
return 0;
-#endif
-
- if (SSL_version(s) == DTLS1_VERSION ||
- SSL_version(s) == DTLS1_BAD_VER) {
- s->d1->mtu = larg;
- return larg;
- }
- return 0;
+ s->max_send_fragment = larg;
+ return 1;
case SSL_CTRL_GET_RI_SUPPORT:
if (s->s3)
return s->s3->send_connection_binding;
@@ -1035,7 +1108,7 @@
}
}
-struct lhash_st *SSL_CTX_sessions(SSL_CTX *ctx)
+LHASH_OF(SSL_SESSION) *SSL_CTX_sessions(SSL_CTX *ctx)
{
return ctx->sessions;
}
@@ -1077,7 +1150,7 @@
return (ctx->session_cache_mode);
case SSL_CTRL_SESS_NUMBER:
- return (ctx->sessions->num_items);
+ return (lh_SSL_SESSION_num_items(ctx->sessions));
case SSL_CTRL_SESS_CONNECT:
return (ctx->stats.sess_connect);
case SSL_CTRL_SESS_CONNECT_GOOD:
@@ -1108,6 +1181,11 @@
return (ctx->mode |= larg);
case SSL_CTRL_CLEAR_MODE:
return (ctx->mode &= ~larg);
+ case SSL_CTRL_SET_MAX_SEND_FRAGMENT:
+ if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH)
+ return 0;
+ ctx->max_send_fragment = larg;
+ return 1;
default:
return (ctx->method->ssl_ctx_ctrl(ctx, cmd, larg, parg));
}
@@ -1293,11 +1371,26 @@
for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) {
c = sk_SSL_CIPHER_value(sk, i);
+ /* Skip TLS v1.2 only ciphersuites if lower than v1.2 */
+ if ((c->algorithm_ssl & SSL_TLSV1_2) &&
+ (TLS1_get_client_version(s) < TLS1_2_VERSION))
+ continue;
#ifndef OPENSSL_NO_KRB5
- if ((c->algorithms & SSL_KRB5) && nokrb5)
+ if (((c->algorithm_mkey & SSL_kKRB5)
+ || (c->algorithm_auth & SSL_aKRB5)) && nokrb5)
continue;
#endif /* OPENSSL_NO_KRB5 */
-
+#ifndef OPENSSL_NO_PSK
+ /* with PSK there must be client callback set */
+ if (((c->algorithm_mkey & SSL_kPSK) || (c->algorithm_auth & SSL_aPSK))
+ && s->psk_client_callback == NULL)
+ continue;
+#endif /* OPENSSL_NO_PSK */
+#ifndef OPENSSL_NO_SRP
+ if (((c->algorithm_mkey & SSL_kSRP) || (c->algorithm_auth & SSL_aSRP))
+ && !(s->srp_ctx.srp_Mask & SSL_kSRP))
+ continue;
+#endif /* OPENSSL_NO_SRP */
j = put_cb(c, p);
p += j;
}
@@ -1306,9 +1399,9 @@
* applicable SCSVs.
*/
if (p != q) {
- if (!s->new_session) {
+ if (!s->renegotiate) {
static SSL_CIPHER scsv = {
- 0, NULL, SSL3_CK_SCSV, 0, 0, 0, 0, 0, 0, 0,
+ 0, NULL, SSL3_CK_SCSV, 0, 0, 0, 0, 0, 0, 0, 0, 0
};
j = put_cb(&scsv, p);
p += j;
@@ -1320,7 +1413,7 @@
if (s->mode & SSL_MODE_SEND_FALLBACK_SCSV) {
static SSL_CIPHER scsv = {
- 0, NULL, SSL3_CK_FALLBACK_SCSV, 0, 0, 0, 0, 0, 0, 0,
+ 0, NULL, SSL3_CK_FALLBACK_SCSV, 0, 0, 0, 0, 0, 0, 0, 0, 0
};
j = put_cb(&scsv, p);
p += j;
@@ -1334,7 +1427,7 @@
int num,
STACK_OF(SSL_CIPHER) **skp)
{
- SSL_CIPHER *c;
+ const SSL_CIPHER *c;
STACK_OF(SSL_CIPHER) *sk;
int i, n;
@@ -1347,9 +1440,13 @@
SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);
return (NULL);
}
- if ((skp == NULL) || (*skp == NULL))
+ if ((skp == NULL) || (*skp == NULL)) {
sk = sk_SSL_CIPHER_new_null(); /* change perhaps later */
- else {
+ if(sk == NULL) {
+ SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
+ return NULL;
+ }
+ } else {
sk = *skp;
sk_SSL_CIPHER_zero(sk);
}
@@ -1360,7 +1457,7 @@
(p[n - 2] == ((SSL3_CK_SCSV >> 8) & 0xff)) &&
(p[n - 1] == (SSL3_CK_SCSV & 0xff))) {
/* SCSV fatal if renegotiating */
- if (s->new_session) {
+ if (s->renegotiate) {
SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,
SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING);
ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
@@ -1436,10 +1533,145 @@
return TLSEXT_NAMETYPE_host_name;
return -1;
}
+
+# ifndef OPENSSL_NO_NEXTPROTONEG
+/*
+ * SSL_select_next_proto implements the standard protocol selection. It is
+ * expected that this function is called from the callback set by
+ * SSL_CTX_set_next_proto_select_cb. The protocol data is assumed to be a
+ * vector of 8-bit, length prefixed byte strings. The length byte itself is
+ * not included in the length. A byte string of length 0 is invalid. No byte
+ * string may be truncated. The current, but experimental algorithm for
+ * selecting the protocol is: 1) If the server doesn't support NPN then this
+ * is indicated to the callback. In this case, the client application has to
+ * abort the connection or have a default application level protocol. 2) If
+ * the server supports NPN, but advertises an empty list then the client
+ * selects the first protcol in its list, but indicates via the API that this
+ * fallback case was enacted. 3) Otherwise, the client finds the first
+ * protocol in the server's list that it supports and selects this protocol.
+ * This is because it's assumed that the server has better information about
+ * which protocol a client should use. 4) If the client doesn't support any
+ * of the server's advertised protocols, then this is treated the same as
+ * case 2. It returns either OPENSSL_NPN_NEGOTIATED if a common protocol was
+ * found, or OPENSSL_NPN_NO_OVERLAP if the fallback case was reached.
+ */
+int SSL_select_next_proto(unsigned char **out, unsigned char *outlen,
+ const unsigned char *server,
+ unsigned int server_len,
+ const unsigned char *client,
+ unsigned int client_len)
+{
+ unsigned int i, j;
+ const unsigned char *result;
+ int status = OPENSSL_NPN_UNSUPPORTED;
+
+ /*
+ * For each protocol in server preference order, see if we support it.
+ */
+ for (i = 0; i < server_len;) {
+ for (j = 0; j < client_len;) {
+ if (server[i] == client[j] &&
+ memcmp(&server[i + 1], &client[j + 1], server[i]) == 0) {
+ /* We found a match */
+ result = &server[i];
+ status = OPENSSL_NPN_NEGOTIATED;
+ goto found;
+ }
+ j += client[j];
+ j++;
+ }
+ i += server[i];
+ i++;
+ }
+
+ /* There's no overlap between our protocols and the server's list. */
+ result = client;
+ status = OPENSSL_NPN_NO_OVERLAP;
+
+ found:
+ *out = (unsigned char *)result + 1;
+ *outlen = result[0];
+ return status;
+}
+
+/*
+ * SSL_get0_next_proto_negotiated sets *data and *len to point to the
+ * client's requested protocol for this connection and returns 0. If the
+ * client didn't request any protocol, then *data is set to NULL. Note that
+ * the client can request any protocol it chooses. The value returned from
+ * this function need not be a member of the list of supported protocols
+ * provided by the callback.
+ */
+void SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data,
+ unsigned *len)
+{
+ *data = s->next_proto_negotiated;
+ if (!*data) {
+ *len = 0;
+ } else {
+ *len = s->next_proto_negotiated_len;
+ }
+}
+
+/*
+ * SSL_CTX_set_next_protos_advertised_cb sets a callback that is called when
+ * a TLS server needs a list of supported protocols for Next Protocol
+ * Negotiation. The returned list must be in wire format. The list is
+ * returned by setting |out| to point to it and |outlen| to its length. This
+ * memory will not be modified, but one should assume that the SSL* keeps a
+ * reference to it. The callback should return SSL_TLSEXT_ERR_OK if it
+ * wishes to advertise. Otherwise, no such extension will be included in the
+ * ServerHello.
+ */
+void SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *ctx,
+ int (*cb) (SSL *ssl,
+ const unsigned char
+ **out,
+ unsigned int *outlen,
+ void *arg), void *arg)
+{
+ ctx->next_protos_advertised_cb = cb;
+ ctx->next_protos_advertised_cb_arg = arg;
+}
+
+/*
+ * SSL_CTX_set_next_proto_select_cb sets a callback that is called when a
+ * client needs to select a protocol from the server's provided list. |out|
+ * must be set to point to the selected protocol (which may be within |in|).
+ * The length of the protocol name must be written into |outlen|. The
+ * server's advertised protocols are provided in |in| and |inlen|. The
+ * callback can assume that |in| is syntactically valid. The client must
+ * select a protocol. It is fatal to the connection if this callback returns
+ * a value other than SSL_TLSEXT_ERR_OK.
+ */
+void SSL_CTX_set_next_proto_select_cb(SSL_CTX *ctx,
+ int (*cb) (SSL *s, unsigned char **out,
+ unsigned char *outlen,
+ const unsigned char *in,
+ unsigned int inlen,
+ void *arg), void *arg)
+{
+ ctx->next_proto_select_cb = cb;
+ ctx->next_proto_select_cb_arg = arg;
+}
+# endif
#endif
-unsigned long SSL_SESSION_hash(const SSL_SESSION *a)
+int SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
+ const char *label, size_t llen,
+ const unsigned char *p, size_t plen,
+ int use_context)
{
+ if (s->version < TLS1_VERSION)
+ return -1;
+
+ return s->method->ssl3_enc->export_keying_material(s, out, olen, label,
+ llen, p, plen,
+ use_context);
+}
+
+static unsigned long ssl_session_hash(const SSL_SESSION *a)
+{
unsigned long l;
l = (unsigned long)
@@ -1457,7 +1689,7 @@
* being able to construct an SSL_SESSION that will collide with any existing
* session with a matching session ID.
*/
-int SSL_SESSION_cmp(const SSL_SESSION *a, const SSL_SESSION *b)
+static int ssl_session_cmp(const SSL_SESSION *a, const SSL_SESSION *b)
{
if (a->ssl_version != b->ssl_version)
return (1);
@@ -1472,10 +1704,10 @@
* variable. The reason is that the functions aren't static, they're exposed
* via ssl.h.
*/
-static IMPLEMENT_LHASH_HASH_FN(SSL_SESSION_hash, SSL_SESSION *)
-static IMPLEMENT_LHASH_COMP_FN(SSL_SESSION_cmp, SSL_SESSION *)
+static IMPLEMENT_LHASH_HASH_FN(ssl_session, SSL_SESSION)
+static IMPLEMENT_LHASH_COMP_FN(ssl_session, SSL_SESSION)
-SSL_CTX *SSL_CTX_new(SSL_METHOD *meth)
+SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
{
SSL_CTX *ret = NULL;
@@ -1552,8 +1784,7 @@
ret->app_gen_cookie_cb = 0;
ret->app_verify_cookie_cb = 0;
- ret->sessions = lh_new(LHASH_HASH_FN(SSL_SESSION_hash),
- LHASH_COMP_FN(SSL_SESSION_cmp));
+ ret->sessions = lh_SSL_SESSION_new();
if (ret->sessions == NULL)
goto err;
ret->cert_store = X509_STORE_new();
@@ -1562,8 +1793,8 @@
ssl_create_cipher_list(ret->method,
&ret->cipher_list, &ret->cipher_list_by_id,
- meth->version == SSL2_VERSION ? "SSLv2" :
- SSL_DEFAULT_CIPHER_LIST);
+ meth->version ==
+ SSL2_VERSION ? "SSLv2" : SSL_DEFAULT_CIPHER_LIST);
if (ret->cipher_list == NULL || sk_SSL_CIPHER_num(ret->cipher_list) <= 0) {
SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_LIBRARY_HAS_NO_CIPHERS);
goto err2;
@@ -1596,6 +1827,8 @@
if (meth->version != DTLS1_VERSION)
ret->comp_methods = SSL_COMP_get_compression_methods();
+ ret->max_send_fragment = SSL3_RT_MAX_PLAIN_LENGTH;
+
#ifndef OPENSSL_NO_TLSEXT
ret->tlsext_servername_callback = 0;
ret->tlsext_servername_arg = NULL;
@@ -1608,8 +1841,36 @@
ret->tlsext_status_cb = 0;
ret->tlsext_status_arg = NULL;
+# ifndef OPENSSL_NO_NEXTPROTONEG
+ ret->next_protos_advertised_cb = 0;
+ ret->next_proto_select_cb = 0;
+# endif
#endif
-
+#ifndef OPENSSL_NO_PSK
+ ret->psk_identity_hint = NULL;
+ ret->psk_client_callback = NULL;
+ ret->psk_server_callback = NULL;
+#endif
+#ifndef OPENSSL_NO_SRP
+ SSL_CTX_SRP_CTX_init(ret);
+#endif
+#ifndef OPENSSL_NO_BUF_FREELISTS
+ ret->freelist_max_len = SSL_MAX_BUF_FREELIST_LEN_DEFAULT;
+ ret->rbuf_freelist = OPENSSL_malloc(sizeof(SSL3_BUF_FREELIST));
+ if (!ret->rbuf_freelist)
+ goto err;
+ ret->rbuf_freelist->chunklen = 0;
+ ret->rbuf_freelist->len = 0;
+ ret->rbuf_freelist->head = NULL;
+ ret->wbuf_freelist = OPENSSL_malloc(sizeof(SSL3_BUF_FREELIST));
+ if (!ret->wbuf_freelist) {
+ OPENSSL_free(ret->rbuf_freelist);
+ goto err;
+ }
+ ret->wbuf_freelist->chunklen = 0;
+ ret->wbuf_freelist->len = 0;
+ ret->wbuf_freelist->head = NULL;
+#endif
#ifndef OPENSSL_NO_ENGINE
ret->client_cert_engine = NULL;
# ifdef OPENSSL_SSL_CLIENT_ENGINE_AUTO
@@ -1651,6 +1912,18 @@
}
#endif
+#ifndef OPENSSL_NO_BUF_FREELISTS
+static void ssl_buf_freelist_free(SSL3_BUF_FREELIST *list)
+{
+ SSL3_BUF_FREELIST_ENTRY *ent, *next;
+ for (ent = list->head; ent; ent = next) {
+ next = ent->next;
+ OPENSSL_free(ent);
+ }
+ OPENSSL_free(list);
+}
+#endif
+
void SSL_CTX_free(SSL_CTX *a)
{
int i;
@@ -1689,7 +1962,7 @@
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_CTX, a, &a->ex_data);
if (a->sessions != NULL)
- lh_free(a->sessions);
+ lh_SSL_SESSION_free(a->sessions);
if (a->cert_store != NULL)
X509_STORE_free(a->cert_store);
@@ -1710,10 +1983,31 @@
#else
a->comp_methods = NULL;
#endif
+
+#ifndef OPENSSL_NO_SRTP
+ if (a->srtp_profiles)
+ sk_SRTP_PROTECTION_PROFILE_free(a->srtp_profiles);
+#endif
+
+#ifndef OPENSSL_NO_PSK
+ if (a->psk_identity_hint)
+ OPENSSL_free(a->psk_identity_hint);
+#endif
+#ifndef OPENSSL_NO_SRP
+ SSL_CTX_SRP_CTX_free(a);
+#endif
#ifndef OPENSSL_NO_ENGINE
if (a->client_cert_engine)
ENGINE_finish(a->client_cert_engine);
#endif
+
+#ifndef OPENSSL_NO_BUF_FREELISTS
+ if (a->wbuf_freelist)
+ ssl_buf_freelist_free(a->wbuf_freelist);
+ if (a->rbuf_freelist)
+ ssl_buf_freelist_free(a->rbuf_freelist);
+#endif
+
OPENSSL_free(a);
}
@@ -1747,21 +2041,24 @@
X509_VERIFY_PARAM_set_depth(ctx->param, depth);
}
-void ssl_set_cert_masks(CERT *c, SSL_CIPHER *cipher)
+void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
{
CERT_PKEY *cpk;
int rsa_enc, rsa_tmp, rsa_sign, dh_tmp, dh_rsa, dh_dsa, dsa_sign;
int rsa_enc_export, dh_rsa_export, dh_dsa_export;
int rsa_tmp_export, dh_tmp_export, kl;
- unsigned long mask, emask;
- int have_ecc_cert, ecdh_ok, ecdsa_ok, ecc_pkey_size;
+ unsigned long mask_k, mask_a, emask_k, emask_a;
+#ifndef OPENSSL_NO_ECDSA
+ int have_ecc_cert, ecdsa_ok, ecc_pkey_size;
+#endif
#ifndef OPENSSL_NO_ECDH
- int have_ecdh_tmp;
+ int have_ecdh_tmp, ecdh_ok;
#endif
+#ifndef OPENSSL_NO_EC
X509 *x = NULL;
EVP_PKEY *ecc_pkey = NULL;
- int signature_nid = 0;
-
+ int signature_nid = 0, pk_nid = 0, md_nid = 0;
+#endif
if (c == NULL)
return;
@@ -1800,62 +2097,80 @@
dh_dsa = (cpk->x509 != NULL && cpk->privatekey != NULL);
dh_dsa_export = (dh_dsa && EVP_PKEY_size(cpk->privatekey) * 8 <= kl);
cpk = &(c->pkeys[SSL_PKEY_ECC]);
+#ifndef OPENSSL_NO_EC
have_ecc_cert = (cpk->x509 != NULL && cpk->privatekey != NULL);
- mask = 0;
- emask = 0;
+#endif
+ mask_k = 0;
+ mask_a = 0;
+ emask_k = 0;
+ emask_a = 0;
#ifdef CIPHER_DEBUG
- printf("rt=%d rte=%d dht=%d re=%d ree=%d rs=%d ds=%d dhr=%d dhd=%d\n",
- rsa_tmp, rsa_tmp_export, dh_tmp,
- rsa_enc, rsa_enc_export, rsa_sign, dsa_sign, dh_rsa, dh_dsa);
+ fprintf(stderr,
+ "rt=%d rte=%d dht=%d ecdht=%d re=%d ree=%d rs=%d ds=%d dhr=%d dhd=%d\n",
+ rsa_tmp, rsa_tmp_export, dh_tmp, have_ecdh_tmp, rsa_enc,
+ rsa_enc_export, rsa_sign, dsa_sign, dh_rsa, dh_dsa);
#endif
+ cpk = &(c->pkeys[SSL_PKEY_GOST01]);
+ if (cpk->x509 != NULL && cpk->privatekey != NULL) {
+ mask_k |= SSL_kGOST;
+ mask_a |= SSL_aGOST01;
+ }
+ cpk = &(c->pkeys[SSL_PKEY_GOST94]);
+ if (cpk->x509 != NULL && cpk->privatekey != NULL) {
+ mask_k |= SSL_kGOST;
+ mask_a |= SSL_aGOST94;
+ }
+
if (rsa_enc || (rsa_tmp && rsa_sign))
- mask |= SSL_kRSA;
+ mask_k |= SSL_kRSA;
if (rsa_enc_export || (rsa_tmp_export && (rsa_sign || rsa_enc)))
- emask |= SSL_kRSA;
+ emask_k |= SSL_kRSA;
#if 0
/* The match needs to be both kEDH and aRSA or aDSA, so don't worry */
if ((dh_tmp || dh_rsa || dh_dsa) && (rsa_enc || rsa_sign || dsa_sign))
- mask |= SSL_kEDH;
+ mask_k |= SSL_kEDH;
if ((dh_tmp_export || dh_rsa_export || dh_dsa_export) &&
(rsa_enc || rsa_sign || dsa_sign))
- emask |= SSL_kEDH;
+ emask_k |= SSL_kEDH;
#endif
if (dh_tmp_export)
- emask |= SSL_kEDH;
+ emask_k |= SSL_kEDH;
if (dh_tmp)
- mask |= SSL_kEDH;
+ mask_k |= SSL_kEDH;
if (dh_rsa)
- mask |= SSL_kDHr;
+ mask_k |= SSL_kDHr;
if (dh_rsa_export)
- emask |= SSL_kDHr;
+ emask_k |= SSL_kDHr;
if (dh_dsa)
- mask |= SSL_kDHd;
+ mask_k |= SSL_kDHd;
if (dh_dsa_export)
- emask |= SSL_kDHd;
+ emask_k |= SSL_kDHd;
if (rsa_enc || rsa_sign) {
- mask |= SSL_aRSA;
- emask |= SSL_aRSA;
+ mask_a |= SSL_aRSA;
+ emask_a |= SSL_aRSA;
}
if (dsa_sign) {
- mask |= SSL_aDSS;
- emask |= SSL_aDSS;
+ mask_a |= SSL_aDSS;
+ emask_a |= SSL_aDSS;
}
- mask |= SSL_aNULL;
- emask |= SSL_aNULL;
+ mask_a |= SSL_aNULL;
+ emask_a |= SSL_aNULL;
#ifndef OPENSSL_NO_KRB5
- mask |= SSL_kKRB5 | SSL_aKRB5;
- emask |= SSL_kKRB5 | SSL_aKRB5;
+ mask_k |= SSL_kKRB5;
+ mask_a |= SSL_aKRB5;
+ emask_k |= SSL_kKRB5;
+ emask_a |= SSL_aKRB5;
#endif
/*
@@ -1862,6 +2177,7 @@
* An ECC certificate may be usable for ECDH and/or ECDSA cipher suites
* depending on the key usage extension.
*/
+#ifndef OPENSSL_NO_EC
if (have_ecc_cert) {
/* This call populates extension flags (ex_flags) */
x = (c->pkeys[SSL_PKEY_ECC]).x509;
@@ -1873,39 +2189,58 @@
ecc_pkey = X509_get_pubkey(x);
ecc_pkey_size = (ecc_pkey != NULL) ? EVP_PKEY_bits(ecc_pkey) : 0;
EVP_PKEY_free(ecc_pkey);
- if ((x->sig_alg) && (x->sig_alg->algorithm))
+ if ((x->sig_alg) && (x->sig_alg->algorithm)) {
signature_nid = OBJ_obj2nid(x->sig_alg->algorithm);
+ OBJ_find_sigid_algs(signature_nid, &md_nid, &pk_nid);
+ }
#ifndef OPENSSL_NO_ECDH
if (ecdh_ok) {
- if ((signature_nid == NID_md5WithRSAEncryption) ||
- (signature_nid == NID_md4WithRSAEncryption) ||
- (signature_nid == NID_md2WithRSAEncryption)) {
- mask |= SSL_kECDH | SSL_aRSA;
- if (ecc_pkey_size <= 163)
- emask |= SSL_kECDH | SSL_aRSA;
+
+ if (pk_nid == NID_rsaEncryption || pk_nid == NID_rsa) {
+ mask_k |= SSL_kECDHr;
+ mask_a |= SSL_aECDH;
+ if (ecc_pkey_size <= 163) {
+ emask_k |= SSL_kECDHr;
+ emask_a |= SSL_aECDH;
+ }
}
- if (signature_nid == NID_ecdsa_with_SHA1) {
- mask |= SSL_kECDH | SSL_aECDSA;
- if (ecc_pkey_size <= 163)
- emask |= SSL_kECDH | SSL_aECDSA;
+
+ if (pk_nid == NID_X9_62_id_ecPublicKey) {
+ mask_k |= SSL_kECDHe;
+ mask_a |= SSL_aECDH;
+ if (ecc_pkey_size <= 163) {
+ emask_k |= SSL_kECDHe;
+ emask_a |= SSL_aECDH;
+ }
}
}
#endif
#ifndef OPENSSL_NO_ECDSA
if (ecdsa_ok) {
- mask |= SSL_aECDSA;
- emask |= SSL_aECDSA;
+ mask_a |= SSL_aECDSA;
+ emask_a |= SSL_aECDSA;
}
#endif
}
+#endif
#ifndef OPENSSL_NO_ECDH
if (have_ecdh_tmp) {
- mask |= SSL_kECDHE;
- emask |= SSL_kECDHE;
+ mask_k |= SSL_kEECDH;
+ emask_k |= SSL_kEECDH;
}
#endif
- c->mask = mask;
- c->export_mask = emask;
+
+#ifndef OPENSSL_NO_PSK
+ mask_k |= SSL_kPSK;
+ mask_a |= SSL_aPSK;
+ emask_k |= SSL_kPSK;
+ emask_a |= SSL_aPSK;
+#endif
+
+ c->mask_k = mask_k;
+ c->mask_a = mask_a;
+ c->export_mask_k = emask_k;
+ c->export_mask_a = emask_a;
c->valid = 1;
}
@@ -1913,13 +2248,19 @@
#define ku_reject(x, usage) \
(((x)->ex_flags & EXFLAG_KUSAGE) && !((x)->ex_kusage & (usage)))
-int check_srvr_ecc_cert_and_alg(X509 *x, SSL_CIPHER *cs)
+#ifndef OPENSSL_NO_EC
+
+int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s)
{
- unsigned long alg = cs->algorithms;
+ unsigned long alg_k, alg_a;
EVP_PKEY *pkey = NULL;
int keysize = 0;
- int signature_nid = 0;
+ int signature_nid = 0, md_nid = 0, pk_nid = 0;
+ const SSL_CIPHER *cs = s->s3->tmp.new_cipher;
+ alg_k = cs->algorithm_mkey;
+ alg_a = cs->algorithm_auth;
+
if (SSL_C_IS_EXPORT(cs)) {
/* ECDH key length in export ciphers must be <= 163 bits */
pkey = X509_get_pubkey(x);
@@ -1933,30 +2274,40 @@
/* This call populates the ex_flags field correctly */
X509_check_purpose(x, -1, 0);
- if ((x->sig_alg) && (x->sig_alg->algorithm))
+ if ((x->sig_alg) && (x->sig_alg->algorithm)) {
signature_nid = OBJ_obj2nid(x->sig_alg->algorithm);
- if (alg & SSL_kECDH) {
+ OBJ_find_sigid_algs(signature_nid, &md_nid, &pk_nid);
+ }
+ if (alg_k & SSL_kECDHe || alg_k & SSL_kECDHr) {
/* key usage, if present, must allow key agreement */
if (ku_reject(x, X509v3_KU_KEY_AGREEMENT)) {
+ SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG,
+ SSL_R_ECC_CERT_NOT_FOR_KEY_AGREEMENT);
return 0;
}
- if (alg & SSL_aECDSA) {
+ if ((alg_k & SSL_kECDHe) && TLS1_get_version(s) < TLS1_2_VERSION) {
/* signature alg must be ECDSA */
- if (signature_nid != NID_ecdsa_with_SHA1) {
+ if (pk_nid != NID_X9_62_id_ecPublicKey) {
+ SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG,
+ SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE);
return 0;
}
}
- if (alg & SSL_aRSA) {
+ if ((alg_k & SSL_kECDHr) && TLS1_get_version(s) < TLS1_2_VERSION) {
/* signature alg must be RSA */
- if ((signature_nid != NID_md5WithRSAEncryption) &&
- (signature_nid != NID_md4WithRSAEncryption) &&
- (signature_nid != NID_md2WithRSAEncryption)) {
+
+ if (pk_nid != NID_rsaEncryption && pk_nid != NID_rsa) {
+ SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG,
+ SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE);
return 0;
}
}
- } else if (alg & SSL_aECDSA) {
+ }
+ if (alg_a & SSL_aECDSA) {
/* key usage, if present, must allow signing */
if (ku_reject(x, X509v3_KU_DIGITAL_SIGNATURE)) {
+ SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG,
+ SSL_R_ECC_CERT_NOT_FOR_SIGNING);
return 0;
}
}
@@ -1964,45 +2315,52 @@
return 1; /* all checks are ok */
}
+#endif
+
/* THIS NEEDS CLEANING UP */
CERT_PKEY *ssl_get_server_send_pkey(const SSL *s)
{
- unsigned long alg, kalg;
+ unsigned long alg_k, alg_a;
CERT *c;
int i;
c = s->cert;
ssl_set_cert_masks(c, s->s3->tmp.new_cipher);
- alg = s->s3->tmp.new_cipher->algorithms;
- kalg = alg & (SSL_MKEY_MASK | SSL_AUTH_MASK);
- if (kalg & SSL_kECDH) {
+ alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
+ alg_a = s->s3->tmp.new_cipher->algorithm_auth;
+
+ if (alg_k & (SSL_kECDHr | SSL_kECDHe)) {
/*
- * we don't need to look at SSL_kECDHE since no certificate is
- * needed for anon ECDH and for authenticated ECDHE, the check for
- * the auth algorithm will set i correctly NOTE: For ECDH-RSA, we
- * need an ECC not an RSA cert but for ECDHE-RSA we need an RSA cert.
- * Placing the checks for SSL_kECDH before RSA checks ensures the
- * correct cert is chosen.
+ * we don't need to look at SSL_kEECDH since no certificate is needed
+ * for anon ECDH and for authenticated EECDH, the check for the auth
+ * algorithm will set i correctly NOTE: For ECDH-RSA, we need an ECC
+ * not an RSA cert but for EECDH-RSA we need an RSA cert. Placing the
+ * checks for SSL_kECDH before RSA checks ensures the correct cert is
+ * chosen.
*/
i = SSL_PKEY_ECC;
- } else if (kalg & SSL_aECDSA) {
+ } else if (alg_a & SSL_aECDSA) {
i = SSL_PKEY_ECC;
- } else if (kalg & SSL_kDHr)
+ } else if (alg_k & SSL_kDHr)
i = SSL_PKEY_DH_RSA;
- else if (kalg & SSL_kDHd)
+ else if (alg_k & SSL_kDHd)
i = SSL_PKEY_DH_DSA;
- else if (kalg & SSL_aDSS)
+ else if (alg_a & SSL_aDSS)
i = SSL_PKEY_DSA_SIGN;
- else if (kalg & SSL_aRSA) {
+ else if (alg_a & SSL_aRSA) {
if (c->pkeys[SSL_PKEY_RSA_ENC].x509 == NULL)
i = SSL_PKEY_RSA_SIGN;
else
i = SSL_PKEY_RSA_ENC;
- } else if (kalg & SSL_aKRB5) {
+ } else if (alg_a & SSL_aKRB5) {
/* VRS something else here? */
return (NULL);
- } else { /* if (kalg & SSL_aNULL) */
+ } else if (alg_a & SSL_aGOST94)
+ i = SSL_PKEY_GOST94;
+ else if (alg_a & SSL_aGOST01)
+ i = SSL_PKEY_GOST01;
+ else { /* if (alg_a & SSL_aNULL) */
SSLerr(SSL_F_SSL_GET_SERVER_SEND_PKEY, ERR_R_INTERNAL_ERROR);
return (NULL);
@@ -2020,31 +2378,34 @@
return cpk->x509;
}
-EVP_PKEY *ssl_get_sign_pkey(SSL *s, SSL_CIPHER *cipher)
+EVP_PKEY *ssl_get_sign_pkey(SSL *s, const SSL_CIPHER *cipher,
+ const EVP_MD **pmd)
{
- unsigned long alg;
+ unsigned long alg_a;
CERT *c;
+ int idx = -1;
- alg = cipher->algorithms;
+ alg_a = cipher->algorithm_auth;
c = s->cert;
- if ((alg & SSL_aDSS) && (c->pkeys[SSL_PKEY_DSA_SIGN].privatekey != NULL))
- return (c->pkeys[SSL_PKEY_DSA_SIGN].privatekey);
- else if (alg & SSL_aRSA) {
+ if ((alg_a & SSL_aDSS) &&
+ (c->pkeys[SSL_PKEY_DSA_SIGN].privatekey != NULL))
+ idx = SSL_PKEY_DSA_SIGN;
+ else if (alg_a & SSL_aRSA) {
if (c->pkeys[SSL_PKEY_RSA_SIGN].privatekey != NULL)
- return (c->pkeys[SSL_PKEY_RSA_SIGN].privatekey);
+ idx = SSL_PKEY_RSA_SIGN;
else if (c->pkeys[SSL_PKEY_RSA_ENC].privatekey != NULL)
- return (c->pkeys[SSL_PKEY_RSA_ENC].privatekey);
- else
- return (NULL);
- } else if ((alg & SSL_aECDSA) &&
+ idx = SSL_PKEY_RSA_ENC;
+ } else if ((alg_a & SSL_aECDSA) &&
(c->pkeys[SSL_PKEY_ECC].privatekey != NULL))
- return (c->pkeys[SSL_PKEY_ECC].privatekey);
- else { /* if (alg & SSL_aNULL) */
-
+ idx = SSL_PKEY_ECC;
+ if (idx == -1) {
SSLerr(SSL_F_SSL_GET_SIGN_PKEY, ERR_R_INTERNAL_ERROR);
return (NULL);
}
+ if (pmd)
+ *pmd = c->pkeys[idx].digest;
+ return c->pkeys[idx].privatekey;
}
void ssl_update_cache(SSL *s, int mode)
@@ -2058,13 +2419,13 @@
if (s->session->session_id_length == 0)
return;
- i = s->ctx->session_cache_mode;
+ i = s->session_ctx->session_cache_mode;
if ((i & mode) && (!s->hit)
&& ((i & SSL_SESS_CACHE_NO_INTERNAL_STORE)
- || SSL_CTX_add_session(s->ctx, s->session))
- && (s->ctx->new_session_cb != NULL)) {
+ || SSL_CTX_add_session(s->session_ctx, s->session))
+ && (s->session_ctx->new_session_cb != NULL)) {
CRYPTO_add(&s->session->references, 1, CRYPTO_LOCK_SSL_SESSION);
- if (!s->ctx->new_session_cb(s, s->session))
+ if (!s->session_ctx->new_session_cb(s, s->session))
SSL_SESSION_free(s->session);
}
@@ -2071,19 +2432,19 @@
/* auto flush every 255 connections */
if ((!(i & SSL_SESS_CACHE_NO_AUTO_CLEAR)) && ((i & mode) == mode)) {
if ((((mode & SSL_SESS_CACHE_CLIENT)
- ? s->ctx->stats.sess_connect_good
- : s->ctx->stats.sess_accept_good) & 0xff) == 0xff) {
- SSL_CTX_flush_sessions(s->ctx, (unsigned long)time(NULL));
+ ? s->session_ctx->stats.sess_connect_good
+ : s->session_ctx->stats.sess_accept_good) & 0xff) == 0xff) {
+ SSL_CTX_flush_sessions(s->session_ctx, (unsigned long)time(NULL));
}
}
}
-SSL_METHOD *SSL_get_ssl_method(SSL *s)
+const SSL_METHOD *SSL_get_ssl_method(SSL *s)
{
return (s->method);
}
-int SSL_set_ssl_method(SSL *s, SSL_METHOD *meth)
+int SSL_set_ssl_method(SSL *s, const SSL_METHOD *meth)
{
int conn = -1;
int ret = 1;
@@ -2219,6 +2580,8 @@
s->handshake_func = s->method->ssl_accept;
/* clear the current cipher */
ssl_clear_cipher_ctx(s);
+ ssl_clear_hash_ctx(&s->read_hash);
+ ssl_clear_hash_ctx(&s->write_hash);
}
void SSL_set_connect_state(SSL *s)
@@ -2229,6 +2592,8 @@
s->handshake_func = s->method->ssl_connect;
/* clear the current cipher */
ssl_clear_cipher_ctx(s);
+ ssl_clear_hash_ctx(&s->read_hash);
+ ssl_clear_hash_ctx(&s->write_hash);
}
int ssl_undefined_function(SSL *s)
@@ -2259,7 +2624,11 @@
const char *SSL_get_version(const SSL *s)
{
- if (s->version == TLS1_VERSION)
+ if (s->version == TLS1_2_VERSION)
+ return ("TLSv1.2");
+ else if (s->version == TLS1_1_VERSION)
+ return ("TLSv1.1");
+ else if (s->version == TLS1_VERSION)
return ("TLSv1");
else if (s->version == SSL3_VERSION)
return ("SSLv3");
@@ -2344,6 +2713,7 @@
ret->in_handshake = s->in_handshake;
ret->handshake_func = s->handshake_func;
ret->server = s->server;
+ ret->renegotiate = s->renegotiate;
ret->new_session = s->new_session;
ret->quiet_shutdown = s->quiet_shutdown;
ret->shutdown = s->shutdown;
@@ -2432,7 +2802,7 @@
return (NULL);
}
-SSL_CIPHER *SSL_get_current_cipher(const SSL *s)
+const SSL_CIPHER *SSL_get_current_cipher(const SSL *s)
{
if ((s->session != NULL) && (s->session->cipher != NULL))
return (s->session->cipher);
@@ -2555,6 +2925,7 @@
SSL_CTX *SSL_set_SSL_CTX(SSL *ssl, SSL_CTX *ctx)
{
+ CERT *ocert = ssl->cert;
if (ssl->ctx == ctx)
return ssl->ctx;
#ifndef OPENSSL_NO_TLSEXT
@@ -2561,13 +2932,42 @@
if (ctx == NULL)
ctx = ssl->initial_ctx;
#endif
- if (ssl->cert != NULL)
- ssl_cert_free(ssl->cert);
ssl->cert = ssl_cert_dup(ctx->cert);
+ if (ocert != NULL) {
+ int i;
+ /* Copy negotiated digests from original */
+ for (i = 0; i < SSL_PKEY_NUM; i++) {
+ CERT_PKEY *cpk = ocert->pkeys + i;
+ CERT_PKEY *rpk = ssl->cert->pkeys + i;
+ rpk->digest = cpk->digest;
+ }
+ ssl_cert_free(ocert);
+ }
+
+ /*
+ * Program invariant: |sid_ctx| has fixed size (SSL_MAX_SID_CTX_LENGTH),
+ * so setter APIs must prevent invalid lengths from entering the system.
+ */
+ OPENSSL_assert(ssl->sid_ctx_length <= sizeof(ssl->sid_ctx));
+
+ /*
+ * If the session ID context matches that of the parent SSL_CTX,
+ * inherit it from the new SSL_CTX as well. If however the context does
+ * not match (i.e., it was set per-ssl with SSL_set_session_id_context),
+ * leave it unchanged.
+ */
+ if ((ssl->ctx != NULL) &&
+ (ssl->sid_ctx_length == ssl->ctx->sid_ctx_length) &&
+ (memcmp(ssl->sid_ctx, ssl->ctx->sid_ctx, ssl->sid_ctx_length) == 0)) {
+ ssl->sid_ctx_length = ctx->sid_ctx_length;
+ memcpy(&ssl->sid_ctx, &ctx->sid_ctx, sizeof(ssl->sid_ctx));
+ }
+
CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
if (ssl->ctx != NULL)
SSL_CTX_free(ssl->ctx); /* decrement reference count */
ssl->ctx = ctx;
+
return (ssl->ctx);
}
@@ -2605,6 +3005,11 @@
return (ssl->state);
}
+void SSL_set_state(SSL *ssl, int state)
+{
+ ssl->state = state;
+}
+
void SSL_set_verify_result(SSL *ssl, long arg)
{
ssl->verify_result = arg;
@@ -2748,6 +3153,109 @@
}
#endif
+#ifndef OPENSSL_NO_PSK
+int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *identity_hint)
+{
+ if (identity_hint != NULL && strlen(identity_hint) > PSK_MAX_IDENTITY_LEN) {
+ SSLerr(SSL_F_SSL_CTX_USE_PSK_IDENTITY_HINT,
+ SSL_R_DATA_LENGTH_TOO_LONG);
+ return 0;
+ }
+ if (ctx->psk_identity_hint != NULL)
+ OPENSSL_free(ctx->psk_identity_hint);
+ if (identity_hint != NULL) {
+ ctx->psk_identity_hint = BUF_strdup(identity_hint);
+ if (ctx->psk_identity_hint == NULL)
+ return 0;
+ } else
+ ctx->psk_identity_hint = NULL;
+ return 1;
+}
+
+int SSL_use_psk_identity_hint(SSL *s, const char *identity_hint)
+{
+ if (s == NULL)
+ return 0;
+
+ if (s->session == NULL)
+ return 1; /* session not created yet, ignored */
+
+ if (identity_hint != NULL && strlen(identity_hint) > PSK_MAX_IDENTITY_LEN) {
+ SSLerr(SSL_F_SSL_USE_PSK_IDENTITY_HINT, SSL_R_DATA_LENGTH_TOO_LONG);
+ return 0;
+ }
+ if (s->session->psk_identity_hint != NULL)
+ OPENSSL_free(s->session->psk_identity_hint);
+ if (identity_hint != NULL) {
+ s->session->psk_identity_hint = BUF_strdup(identity_hint);
+ if (s->session->psk_identity_hint == NULL)
+ return 0;
+ } else
+ s->session->psk_identity_hint = NULL;
+ return 1;
+}
+
+const char *SSL_get_psk_identity_hint(const SSL *s)
+{
+ if (s == NULL || s->session == NULL)
+ return NULL;
+ return (s->session->psk_identity_hint);
+}
+
+const char *SSL_get_psk_identity(const SSL *s)
+{
+ if (s == NULL || s->session == NULL)
+ return NULL;
+ return (s->session->psk_identity);
+}
+
+void SSL_set_psk_client_callback(SSL *s,
+ unsigned int (*cb) (SSL *ssl,
+ const char *hint,
+ char *identity,
+ unsigned int
+ max_identity_len,
+ unsigned char *psk,
+ unsigned int
+ max_psk_len))
+{
+ s->psk_client_callback = cb;
+}
+
+void SSL_CTX_set_psk_client_callback(SSL_CTX *ctx,
+ unsigned int (*cb) (SSL *ssl,
+ const char *hint,
+ char *identity,
+ unsigned int
+ max_identity_len,
+ unsigned char *psk,
+ unsigned int
+ max_psk_len))
+{
+ ctx->psk_client_callback = cb;
+}
+
+void SSL_set_psk_server_callback(SSL *s,
+ unsigned int (*cb) (SSL *ssl,
+ const char *identity,
+ unsigned char *psk,
+ unsigned int
+ max_psk_len))
+{
+ s->psk_server_callback = cb;
+}
+
+void SSL_CTX_set_psk_server_callback(SSL_CTX *ctx,
+ unsigned int (*cb) (SSL *ssl,
+ const char *identity,
+ unsigned char *psk,
+ unsigned int
+ max_psk_len))
+{
+ ctx->psk_server_callback = cb;
+}
+#endif
+
void SSL_CTX_set_msg_callback(SSL_CTX *ctx,
void (*cb) (int write_p, int version,
int content_type, const void *buf,
@@ -2764,6 +3272,40 @@
SSL_callback_ctrl(ssl, SSL_CTRL_SET_MSG_CALLBACK, (void (*)(void))cb);
}
+/*
+ * Allocates new EVP_MD_CTX and sets pointer to it into given pointer
+ * vairable, freeing EVP_MD_CTX previously stored in that variable, if any.
+ * If EVP_MD pointer is passed, initializes ctx with this md Returns newly
+ * allocated ctx;
+ */
+
+EVP_MD_CTX *ssl_replace_hash(EVP_MD_CTX **hash, const EVP_MD *md)
+{
+ ssl_clear_hash_ctx(hash);
+ *hash = EVP_MD_CTX_create();
+ if (md)
+ EVP_DigestInit_ex(*hash, md, NULL);
+ return *hash;
+}
+
+void ssl_clear_hash_ctx(EVP_MD_CTX **hash)
+{
+
+ if (*hash)
+ EVP_MD_CTX_destroy(*hash);
+ *hash = NULL;
+}
+
+void SSL_set_debug(SSL *s, int debug)
+{
+ s->debug = debug;
+}
+
+int SSL_cache_hit(SSL *s)
+{
+ return s->hit;
+}
+
#if defined(_WINDLL) && defined(OPENSSL_SYS_WIN16)
# include "../crypto/bio/bss_file.c"
#endif
@@ -2770,3 +3312,4 @@
IMPLEMENT_STACK_OF(SSL_CIPHER)
IMPLEMENT_STACK_OF(SSL_COMP)
+IMPLEMENT_OBJ_BSEARCH_GLOBAL_CMP_FN(SSL_CIPHER, SSL_CIPHER, ssl_cipher_id);
Modified: trunk/crypto/openssl/ssl/ssl_locl.h
===================================================================
--- trunk/crypto/openssl/ssl/ssl_locl.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/ssl/ssl_locl.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -56,7 +56,7 @@
* [including the GNU Public Licence.]
*/
/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -113,6 +113,32 @@
* ECC cipher suite support in OpenSSL originally developed by
* SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
*/
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
#ifndef HEADER_SSL_LOCL_H
# define HEADER_SSL_LOCL_H
@@ -144,7 +170,7 @@
# define OPENSSL_EXTERN OPENSSL_EXPORT
# endif
-# define PKCS1_CHECK
+# undef PKCS1_CHECK
# define c2l(c,l) (l = ((unsigned long)(*((c)++))) , \
l|=(((unsigned long)(*((c)++)))<< 8), \
@@ -260,73 +286,126 @@
* that the different entities within are mutually exclusive:
* ONLY ONE BIT PER MASK CAN BE SET AT A TIME.
*/
-# define SSL_MKEY_MASK 0x000000FFL
+
+/* Bits for algorithm_mkey (key exchange algorithm) */
/* RSA key exchange */
# define SSL_kRSA 0x00000001L
-/* DH cert RSA CA cert */
+/* DH cert, RSA CA cert */
+/* no such ciphersuites supported! */
# define SSL_kDHr 0x00000002L
-/* DH cert DSA CA cert */
+/* DH cert, DSA CA cert */
+/* no such ciphersuite supported! */
# define SSL_kDHd 0x00000004L
-# define SSL_kFZA 0x00000008L
/* tmp DH key no DH cert */
-# define SSL_kEDH 0x00000010L
+# define SSL_kEDH 0x00000008L
/* Kerberos5 key exchange */
-# define SSL_kKRB5 0x00000020L
-/* ECDH w/ long-term keys */
-# define SSL_kECDH 0x00000040L
+# define SSL_kKRB5 0x00000010L
+/* ECDH cert, RSA CA cert */
+# define SSL_kECDHr 0x00000020L
+/* ECDH cert, ECDSA CA cert */
+# define SSL_kECDHe 0x00000040L
/* ephemeral ECDH */
-# define SSL_kECDHE 0x00000080L
-# define SSL_EDH (SSL_kEDH|(SSL_AUTH_MASK^SSL_aNULL))
+# define SSL_kEECDH 0x00000080L
+/* PSK */
+# define SSL_kPSK 0x00000100L
+/* GOST key exchange */
+# define SSL_kGOST 0x00000200L
+/* SRP */
+# define SSL_kSRP 0x00000400L
-# define SSL_AUTH_MASK 0x00007F00L
-/* Authenticate with RSA */
-# define SSL_aRSA 0x00000100L
-/* Authenticate with DSS */
-# define SSL_aDSS 0x00000200L
-# define SSL_DSS SSL_aDSS
-# define SSL_aFZA 0x00000400L
-/* no Authenticate, ADH */
-# define SSL_aNULL 0x00000800L
-/* no Authenticate, ADH */
-# define SSL_aDH 0x00001000L
-/* Authenticate with KRB5 */
-# define SSL_aKRB5 0x00002000L
-/* Authenticate with ECDSA */
-# define SSL_aECDSA 0x00004000L
+/* Bits for algorithm_auth (server authentication) */
+/* RSA auth */
+# define SSL_aRSA 0x00000001L
+/* DSS auth */
+# define SSL_aDSS 0x00000002L
+/* no auth (i.e. use ADH or AECDH) */
+# define SSL_aNULL 0x00000004L
+/* Fixed DH auth (kDHd or kDHr) */
+/* no such ciphersuites supported! */
+# define SSL_aDH 0x00000008L
+/* Fixed ECDH auth (kECDHe or kECDHr) */
+# define SSL_aECDH 0x00000010L
+/* KRB5 auth */
+# define SSL_aKRB5 0x00000020L
+/* ECDSA auth*/
+# define SSL_aECDSA 0x00000040L
+/* PSK auth */
+# define SSL_aPSK 0x00000080L
+/* GOST R 34.10-94 signature auth */
+# define SSL_aGOST94 0x00000100L
+/* GOST R 34.10-2001 signature auth */
+# define SSL_aGOST01 0x00000200L
+/* SRP auth */
+# define SSL_aSRP 0x00000400L
-# define SSL_NULL (SSL_eNULL)
-# define SSL_ADH (SSL_kEDH|SSL_aNULL)
-# define SSL_RSA (SSL_kRSA|SSL_aRSA)
-# define SSL_DH (SSL_kDHr|SSL_kDHd|SSL_kEDH)
-# define SSL_ECDH (SSL_kECDH|SSL_kECDHE)
-# define SSL_FZA (SSL_aFZA|SSL_kFZA|SSL_eFZA)
-# define SSL_KRB5 (SSL_kKRB5|SSL_aKRB5)
+/* Bits for algorithm_enc (symmetric encryption) */
+# define SSL_DES 0x00000001L
+# define SSL_3DES 0x00000002L
+# define SSL_RC4 0x00000004L
+# define SSL_RC2 0x00000008L
+# define SSL_IDEA 0x00000010L
+# define SSL_eNULL 0x00000020L
+# define SSL_AES128 0x00000040L
+# define SSL_AES256 0x00000080L
+# define SSL_CAMELLIA128 0x00000100L
+# define SSL_CAMELLIA256 0x00000200L
+# define SSL_eGOST2814789CNT 0x00000400L
+# define SSL_SEED 0x00000800L
+# define SSL_AES128GCM 0x00001000L
+# define SSL_AES256GCM 0x00002000L
-# define SSL_ENC_MASK 0x1C3F8000L
-# define SSL_DES 0x00008000L
-# define SSL_3DES 0x00010000L
-# define SSL_RC4 0x00020000L
-# define SSL_RC2 0x00040000L
-# define SSL_IDEA 0x00080000L
-# define SSL_eFZA 0x00100000L
-# define SSL_eNULL 0x00200000L
-# define SSL_AES 0x04000000L
-# define SSL_CAMELLIA 0x08000000L
-# define SSL_SEED 0x10000000L
+# define SSL_AES (SSL_AES128|SSL_AES256|SSL_AES128GCM|SSL_AES256GCM)
+# define SSL_CAMELLIA (SSL_CAMELLIA128|SSL_CAMELLIA256)
-# define SSL_MAC_MASK 0x00c00000L
-# define SSL_MD5 0x00400000L
-# define SSL_SHA1 0x00800000L
-# define SSL_SHA (SSL_SHA1)
+/* Bits for algorithm_mac (symmetric authentication) */
-# define SSL_SSL_MASK 0x03000000L
-# define SSL_SSLV2 0x01000000L
-# define SSL_SSLV3 0x02000000L
+# define SSL_MD5 0x00000001L
+# define SSL_SHA1 0x00000002L
+# define SSL_GOST94 0x00000004L
+# define SSL_GOST89MAC 0x00000008L
+# define SSL_SHA256 0x00000010L
+# define SSL_SHA384 0x00000020L
+/* Not a real MAC, just an indication it is part of cipher */
+# define SSL_AEAD 0x00000040L
+
+/* Bits for algorithm_ssl (protocol version) */
+# define SSL_SSLV2 0x00000001UL
+# define SSL_SSLV3 0x00000002UL
# define SSL_TLSV1 SSL_SSLV3/* for now */
+# define SSL_TLSV1_2 0x00000004UL
-/* we have used 1fffffff - 3 bits left to go. */
+/* Bits for algorithm2 (handshake digests and other extra flags) */
+# define SSL_HANDSHAKE_MAC_MD5 0x10
+# define SSL_HANDSHAKE_MAC_SHA 0x20
+# define SSL_HANDSHAKE_MAC_GOST94 0x40
+# define SSL_HANDSHAKE_MAC_SHA256 0x80
+# define SSL_HANDSHAKE_MAC_SHA384 0x100
+# define SSL_HANDSHAKE_MAC_DEFAULT (SSL_HANDSHAKE_MAC_MD5 | SSL_HANDSHAKE_MAC_SHA)
+
/*
+ * When adding new digest in the ssl_ciph.c and increment SSM_MD_NUM_IDX make
+ * sure to update this constant too
+ */
+# define SSL_MAX_DIGEST 6
+
+# define TLS1_PRF_DGST_MASK (0xff << TLS1_PRF_DGST_SHIFT)
+
+# define TLS1_PRF_DGST_SHIFT 10
+# define TLS1_PRF_MD5 (SSL_HANDSHAKE_MAC_MD5 << TLS1_PRF_DGST_SHIFT)
+# define TLS1_PRF_SHA1 (SSL_HANDSHAKE_MAC_SHA << TLS1_PRF_DGST_SHIFT)
+# define TLS1_PRF_SHA256 (SSL_HANDSHAKE_MAC_SHA256 << TLS1_PRF_DGST_SHIFT)
+# define TLS1_PRF_SHA384 (SSL_HANDSHAKE_MAC_SHA384 << TLS1_PRF_DGST_SHIFT)
+# define TLS1_PRF_GOST94 (SSL_HANDSHAKE_MAC_GOST94 << TLS1_PRF_DGST_SHIFT)
+# define TLS1_PRF (TLS1_PRF_MD5 | TLS1_PRF_SHA1)
+
+/*
+ * Stream MAC for GOST ciphersuites from cryptopro draft (currently this also
+ * goes into algorithm2)
+ */
+# define TLS1_STREAM_MAC 0x04
+
+/*
* Export and cipher strength information. For each cipher we have to decide
* whether it is exportable or not. This information is likely to change
* over time, since the export control rules are no static technical issue.
@@ -342,10 +421,11 @@
* be possible.
*/
# define SSL_EXP_MASK 0x00000003L
+# define SSL_STRONG_MASK 0x000001fcL
+
# define SSL_NOT_EXP 0x00000001L
# define SSL_EXPORT 0x00000002L
-# define SSL_STRONG_MASK 0x000000fcL
# define SSL_STRONG_NONE 0x00000004L
# define SSL_EXP40 0x00000008L
# define SSL_MICRO (SSL_EXP40)
@@ -379,17 +459,12 @@
# define SSL_C_IS_EXPORT40(c) SSL_IS_EXPORT40((c)->algo_strength)
# define SSL_EXPORT_KEYLENGTH(a,s) (SSL_IS_EXPORT40(s) ? 5 : \
- ((a)&SSL_ENC_MASK) == SSL_DES ? 8 : 7)
+ (a) == SSL_DES ? 8 : 7)
# define SSL_EXPORT_PKEYLENGTH(a) (SSL_IS_EXPORT40(a) ? 512 : 1024)
-# define SSL_C_EXPORT_KEYLENGTH(c) SSL_EXPORT_KEYLENGTH((c)->algorithms, \
+# define SSL_C_EXPORT_KEYLENGTH(c) SSL_EXPORT_KEYLENGTH((c)->algorithm_enc, \
(c)->algo_strength)
# define SSL_C_EXPORT_PKEYLENGTH(c) SSL_EXPORT_PKEYLENGTH((c)->algo_strength)
-# define SSL_ALL 0xffffffffL
-# define SSL_ALL_CIPHERS (SSL_MKEY_MASK|SSL_AUTH_MASK|SSL_ENC_MASK|\
- SSL_MAC_MASK)
-# define SSL_ALL_STRENGTHS (SSL_EXP_MASK|SSL_STRONG_MASK)
-
/* Mostly for SSLv3 */
# define SSL_PKEY_RSA_ENC 0
# define SSL_PKEY_RSA_SIGN 1
@@ -397,7 +472,9 @@
# define SSL_PKEY_DH_RSA 3
# define SSL_PKEY_DH_DSA 4
# define SSL_PKEY_ECC 5
-# define SSL_PKEY_NUM 6
+# define SSL_PKEY_GOST94 6
+# define SSL_PKEY_GOST01 7
+# define SSL_PKEY_NUM 8
/*-
* SSL_kRSA <- RSA_ENC | (RSA_TMP & RSA_SIGN) |
@@ -426,6 +503,8 @@
typedef struct cert_pkey_st {
X509 *x509;
EVP_PKEY *privatekey;
+ /* Digest to use when signing */
+ const EVP_MD *digest;
} CERT_PKEY;
typedef struct cert_st {
@@ -441,8 +520,10 @@
* supported by the certs below
*/
int valid;
- unsigned long mask;
- unsigned long export_mask;
+ unsigned long mask_k;
+ unsigned long mask_a;
+ unsigned long export_mask_k;
+ unsigned long export_mask_a;
# ifndef OPENSSL_NO_RSA
RSA *rsa_tmp;
RSA *(*rsa_tmp_cb) (SSL *ssl, int is_export, int keysize);
@@ -529,15 +610,18 @@
int (*generate_master_secret) (SSL *, unsigned char *, unsigned char *,
int);
int (*change_cipher_state) (SSL *, int);
- int (*final_finish_mac) (SSL *, EVP_MD_CTX *, EVP_MD_CTX *, const char *,
- int, unsigned char *);
+ int (*final_finish_mac) (SSL *, const char *, int, unsigned char *);
int finish_mac_length;
- int (*cert_verify_mac) (SSL *, EVP_MD_CTX *, unsigned char *);
+ int (*cert_verify_mac) (SSL *, int, unsigned char *);
const char *client_finished_label;
int client_finished_label_len;
const char *server_finished_label;
int server_finished_label_len;
int (*alert_value) (int);
+ int (*export_keying_material) (SSL *, unsigned char *, size_t,
+ const char *, size_t,
+ const unsigned char *, size_t,
+ int use_context);
} SSL3_ENC_METHOD;
# ifndef OPENSSL_NO_COMP
@@ -550,24 +634,36 @@
} SSL3_COMP;
# endif
+# ifndef OPENSSL_NO_BUF_FREELISTS
+typedef struct ssl3_buf_freelist_st {
+ size_t chunklen;
+ unsigned int len;
+ struct ssl3_buf_freelist_entry_st *head;
+} SSL3_BUF_FREELIST;
+
+typedef struct ssl3_buf_freelist_entry_st {
+ struct ssl3_buf_freelist_entry_st *next;
+} SSL3_BUF_FREELIST_ENTRY;
+# endif
+
extern SSL3_ENC_METHOD ssl3_undef_enc_method;
-OPENSSL_EXTERN SSL_CIPHER ssl2_ciphers[];
+OPENSSL_EXTERN const SSL_CIPHER ssl2_ciphers[];
OPENSSL_EXTERN SSL_CIPHER ssl3_ciphers[];
SSL_METHOD *ssl_bad_method(int ver);
-SSL_METHOD *sslv2_base_method(void);
-SSL_METHOD *sslv23_base_method(void);
-SSL_METHOD *sslv3_base_method(void);
extern SSL3_ENC_METHOD TLSv1_enc_data;
extern SSL3_ENC_METHOD SSLv3_enc_data;
extern SSL3_ENC_METHOD DTLSv1_enc_data;
-# define IMPLEMENT_tls1_meth_func(func_name, s_accept, s_connect, s_get_meth) \
-SSL_METHOD *func_name(void) \
+# define SSL_IS_DTLS(s) (s->method->version == DTLS1_VERSION)
+
+# define IMPLEMENT_tls_meth_func(version, func_name, s_accept, s_connect, \
+ s_get_meth) \
+const SSL_METHOD *func_name(void) \
{ \
- static SSL_METHOD func_name##_data= { \
- TLS1_VERSION, \
+ static const SSL_METHOD func_name##_data= { \
+ version, \
tls1_new, \
tls1_clear, \
tls1_free, \
@@ -601,9 +697,9 @@
}
# define IMPLEMENT_ssl3_meth_func(func_name, s_accept, s_connect, s_get_meth) \
-SSL_METHOD *func_name(void) \
+const SSL_METHOD *func_name(void) \
{ \
- static SSL_METHOD func_name##_data= { \
+ static const SSL_METHOD func_name##_data= { \
SSL3_VERSION, \
ssl3_new, \
ssl3_clear, \
@@ -638,10 +734,10 @@
}
# define IMPLEMENT_ssl23_meth_func(func_name, s_accept, s_connect, s_get_meth) \
-SSL_METHOD *func_name(void) \
+const SSL_METHOD *func_name(void) \
{ \
- static SSL_METHOD func_name##_data= { \
- TLS1_VERSION, \
+ static const SSL_METHOD func_name##_data= { \
+ TLS1_2_VERSION, \
tls1_new, \
tls1_clear, \
tls1_free, \
@@ -675,9 +771,9 @@
}
# define IMPLEMENT_ssl2_meth_func(func_name, s_accept, s_connect, s_get_meth) \
-SSL_METHOD *func_name(void) \
+const SSL_METHOD *func_name(void) \
{ \
- static SSL_METHOD func_name##_data= { \
+ static const SSL_METHOD func_name##_data= { \
SSL2_VERSION, \
ssl2_new, /* local */ \
ssl2_clear, /* local */ \
@@ -712,9 +808,9 @@
}
# define IMPLEMENT_dtls1_meth_func(func_name, s_accept, s_connect, s_get_meth) \
-SSL_METHOD *func_name(void) \
+const SSL_METHOD *func_name(void) \
{ \
- static SSL_METHOD func_name##_data= { \
+ static const SSL_METHOD func_name##_data= { \
DTLS1_VERSION, \
dtls1_new, \
dtls1_clear, \
@@ -724,7 +820,7 @@
ssl3_read, \
ssl3_peek, \
ssl3_write, \
- ssl3_shutdown, \
+ dtls1_shutdown, \
ssl3_renegotiate, \
ssl3_renegotiate_check, \
dtls1_get_message, \
@@ -748,6 +844,15 @@
return &func_name##_data; \
}
+struct openssl_ssl_test_functions {
+ int (*p_ssl_init_wbio_buffer) (SSL *s, int push);
+ int (*p_ssl3_setup_buffers) (SSL *s);
+ int (*p_tls1_process_heartbeat) (SSL *s);
+ int (*p_dtls1_process_heartbeat) (SSL *s);
+};
+
+# ifndef OPENSSL_UNIT_TEST
+
void ssl_clear_cipher_ctx(SSL *s);
int ssl_clear_bad_session(SSL *s);
CERT *ssl_cert_new(void);
@@ -762,6 +867,7 @@
const unsigned char *limit);
SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int ticket);
int ssl_cipher_id_cmp(const SSL_CIPHER *a, const SSL_CIPHER *b);
+DECLARE_OBJ_BSEARCH_GLOBAL_CMP_FN(SSL_CIPHER, SSL_CIPHER, ssl_cipher_id);
int ssl_cipher_ptr_id_cmp(const SSL_CIPHER *const *ap,
const SSL_CIPHER *const *bp);
STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s, unsigned char *p,
@@ -777,7 +883,9 @@
const char *rule_str);
void ssl_update_cache(SSL *s, int mode);
int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
- const EVP_MD **md, SSL_COMP **comp);
+ const EVP_MD **md, int *mac_pkey_type,
+ int *mac_secret_size, SSL_COMP **comp);
+int ssl_get_handshake_digest(int i, long *mask, const EVP_MD **md);
int ssl_verify_cert_chain(SSL *s, STACK_OF(X509) *sk);
int ssl_undefined_function(SSL *s);
int ssl_undefined_void_function(void);
@@ -784,18 +892,19 @@
int ssl_undefined_const_function(const SSL *s);
CERT_PKEY *ssl_get_server_send_pkey(const SSL *s);
X509 *ssl_get_server_send_cert(const SSL *);
-EVP_PKEY *ssl_get_sign_pkey(SSL *, SSL_CIPHER *);
+EVP_PKEY *ssl_get_sign_pkey(SSL *s, const SSL_CIPHER *c, const EVP_MD **pmd);
int ssl_cert_type(X509 *x, EVP_PKEY *pkey);
-void ssl_set_cert_masks(CERT *c, SSL_CIPHER *cipher);
+void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher);
STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s);
int ssl_verify_alarm_type(long type);
void ssl_load_ciphers(void);
+int ssl_fill_hello_random(SSL *s, int server, unsigned char *field, int len);
int ssl2_enc_init(SSL *s, int client);
int ssl2_generate_key_material(SSL *s);
-void ssl2_enc(SSL *s, int send_data);
+int ssl2_enc(SSL *s, int send_data);
void ssl2_mac(SSL *s, unsigned char *mac, int send_data);
-SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p);
+const SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p);
int ssl2_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p);
int ssl2_part_read(SSL *s, unsigned long f, int i);
int ssl2_do_write(SSL *s);
@@ -804,7 +913,7 @@
void ssl2_return_error(SSL *s, int reason);
void ssl2_write_error(SSL *s);
int ssl2_num_ciphers(void);
-SSL_CIPHER *ssl2_get_cipher(unsigned int u);
+const SSL_CIPHER *ssl2_get_cipher(unsigned int u);
int ssl2_new(SSL *s);
void ssl2_free(SSL *s);
int ssl2_accept(SSL *s);
@@ -821,7 +930,7 @@
int ssl2_pending(const SSL *s);
long ssl2_default_timeout(void);
-SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p);
+const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p);
int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p);
void ssl3_init_finished_mac(SSL *s);
int ssl3_send_server_certificate(SSL *s);
@@ -840,22 +949,28 @@
long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok);
int ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen);
int ssl3_num_ciphers(void);
-SSL_CIPHER *ssl3_get_cipher(unsigned int u);
+const SSL_CIPHER *ssl3_get_cipher(unsigned int u);
int ssl3_renegotiate(SSL *ssl);
int ssl3_renegotiate_check(SSL *ssl);
int ssl3_dispatch_alert(SSL *s);
int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek);
int ssl3_write_bytes(SSL *s, int type, const void *buf, int len);
-int ssl3_final_finish_mac(SSL *s, EVP_MD_CTX *ctx1, EVP_MD_CTX *ctx2,
- const char *sender, int slen, unsigned char *p);
-int ssl3_cert_verify_mac(SSL *s, EVP_MD_CTX *in, unsigned char *p);
+int ssl3_final_finish_mac(SSL *s, const char *sender, int slen,
+ unsigned char *p);
+int ssl3_cert_verify_mac(SSL *s, int md_nid, unsigned char *p);
void ssl3_finish_mac(SSL *s, const unsigned char *buf, int len);
int ssl3_enc(SSL *s, int send_data);
-int ssl3_mac(SSL *ssl, unsigned char *md, int send_data);
+int n_ssl3_mac(SSL *ssl, unsigned char *md, int send_data);
+void ssl3_free_digest_list(SSL *s);
unsigned long ssl3_output_cert_chain(SSL *s, X509 *x);
SSL_CIPHER *ssl3_choose_cipher(SSL *ssl, STACK_OF(SSL_CIPHER) *clnt,
STACK_OF(SSL_CIPHER) *srvr);
int ssl3_setup_buffers(SSL *s);
+int ssl3_setup_read_buffer(SSL *s);
+int ssl3_setup_write_buffer(SSL *s);
+int ssl3_release_read_buffer(SSL *s);
+int ssl3_release_write_buffer(SSL *s);
+int ssl3_digest_cached_records(SSL *s);
int ssl3_new(SSL *s);
void ssl3_free(SSL *s);
int ssl3_accept(SSL *s);
@@ -876,12 +991,12 @@
long ssl3_default_timeout(void);
int ssl23_num_ciphers(void);
-SSL_CIPHER *ssl23_get_cipher(unsigned int u);
+const SSL_CIPHER *ssl23_get_cipher(unsigned int u);
int ssl23_read(SSL *s, void *buf, int len);
int ssl23_peek(SSL *s, void *buf, int len);
int ssl23_write(SSL *s, const void *buf, int len);
int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p);
-SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p);
+const SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p);
long ssl23_default_timeout(void);
long tls1_default_timeout(void);
@@ -919,13 +1034,15 @@
struct timeval *dtls1_get_timeout(SSL *s, struct timeval *timeleft);
int dtls1_check_timeout_num(SSL *s);
int dtls1_handle_timeout(SSL *s);
-SSL_CIPHER *dtls1_get_cipher(unsigned int u);
+const SSL_CIPHER *dtls1_get_cipher(unsigned int u);
void dtls1_start_timer(SSL *s);
void dtls1_stop_timer(SSL *s);
int dtls1_is_timer_expired(SSL *s);
void dtls1_double_timeout(SSL *s);
int dtls1_send_newsession_ticket(SSL *s);
-unsigned int dtls1_min_mtu(void);
+unsigned int dtls1_min_mtu(SSL *s);
+unsigned int dtls1_link_min_mtu(void);
+void dtls1_hm_fragment_free(hm_fragment *frag);
/* some client-only functions */
int ssl3_client_hello(SSL *s);
@@ -935,15 +1052,17 @@
int ssl3_get_cert_status(SSL *s);
int ssl3_get_server_done(SSL *s);
int ssl3_send_client_verify(SSL *s);
+int ssl3_send_client_certificate(SSL *s);
int ssl_do_client_cert_cb(SSL *s, X509 **px509, EVP_PKEY **ppkey);
-int ssl3_send_client_certificate(SSL *s);
int ssl3_send_client_key_exchange(SSL *s);
int ssl3_get_key_exchange(SSL *s);
int ssl3_get_server_certificate(SSL *s);
int ssl3_check_cert_and_algorithm(SSL *s);
-# ifndef OPENSSL_NO_TLSEXT
-int ssl3_check_finished(SSL *s);
-# endif
+# ifndef OPENSSL_NO_TLSEXT
+# ifndef OPENSSL_NO_NEXTPROTONEG
+int ssl3_send_next_proto(SSL *s);
+# endif
+# endif
int dtls1_client_hello(SSL *s);
int dtls1_send_client_certificate(SSL *s);
@@ -961,6 +1080,9 @@
int ssl3_get_client_certificate(SSL *s);
int ssl3_get_client_key_exchange(SSL *s);
int ssl3_get_cert_verify(SSL *s);
+# ifndef OPENSSL_NO_NEXTPROTONEG
+int ssl3_get_next_proto(SSL *s);
+# endif
int dtls1_send_hello_request(SSL *s);
int dtls1_send_server_hello(SSL *s);
@@ -979,7 +1101,6 @@
void tls1_clear(SSL *s);
long tls1_ctrl(SSL *s, int cmd, long larg, void *parg);
long tls1_callback_ctrl(SSL *s, int cmd, void (*fp) (void));
-SSL_METHOD *tlsv1_base_method(void);
int dtls1_new(SSL *s);
int dtls1_accept(SSL *s);
@@ -987,7 +1108,7 @@
void dtls1_free(SSL *s);
void dtls1_clear(SSL *s);
long dtls1_ctrl(SSL *s, int cmd, long larg, void *parg);
-SSL_METHOD *dtlsv1_base_method(void);
+int dtls1_shutdown(SSL *s);
long dtls1_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok);
int dtls1_get_record(SSL *s);
@@ -1002,24 +1123,35 @@
int tls1_change_cipher_state(SSL *s, int which);
int tls1_setup_key_block(SSL *s);
int tls1_enc(SSL *s, int snd);
-int tls1_final_finish_mac(SSL *s, EVP_MD_CTX *in1_ctx, EVP_MD_CTX *in2_ctx,
+int tls1_final_finish_mac(SSL *s,
const char *str, int slen, unsigned char *p);
-int tls1_cert_verify_mac(SSL *s, EVP_MD_CTX *in, unsigned char *p);
+int tls1_cert_verify_mac(SSL *s, int md_nid, unsigned char *p);
int tls1_mac(SSL *ssl, unsigned char *md, int snd);
int tls1_generate_master_secret(SSL *s, unsigned char *out,
unsigned char *p, int len);
+int tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen,
+ const char *label, size_t llen,
+ const unsigned char *p, size_t plen,
+ int use_context);
int tls1_alert_code(int code);
int ssl3_alert_code(int code);
int ssl_ok(SSL *s);
-int check_srvr_ecc_cert_and_alg(X509 *x, SSL_CIPHER *cs);
+# ifndef OPENSSL_NO_ECDH
+int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s);
+# endif
SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n);
-# ifndef OPENSSL_NO_TLSEXT
-unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p,
+# ifndef OPENSSL_NO_EC
+int tls1_ec_curve_id2nid(int curve_id);
+int tls1_ec_nid2curve_id(int nid);
+# endif /* OPENSSL_NO_EC */
+
+# ifndef OPENSSL_NO_TLSEXT
+unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf,
unsigned char *limit);
-unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p,
+unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *buf,
unsigned char *limit);
int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **data,
unsigned char *d, int n, int *al);
@@ -1031,16 +1163,29 @@
int ssl_check_clienthello_tlsext_late(SSL *s);
int ssl_check_serverhello_tlsext(SSL *s);
-# ifdef OPENSSL_NO_SHA256
-# define tlsext_tick_md EVP_sha1
-# else
-# define tlsext_tick_md EVP_sha256
-# endif
+# ifndef OPENSSL_NO_HEARTBEATS
+int tls1_heartbeat(SSL *s);
+int dtls1_heartbeat(SSL *s);
+int tls1_process_heartbeat(SSL *s);
+int dtls1_process_heartbeat(SSL *s);
+# endif
+
+# ifdef OPENSSL_NO_SHA256
+# define tlsext_tick_md EVP_sha1
+# else
+# define tlsext_tick_md EVP_sha256
+# endif
int tls1_process_ticket(SSL *s, unsigned char *session_id, int len,
const unsigned char *limit, SSL_SESSION **ret);
+
+int tls12_get_sigandhash(unsigned char *p, const EVP_PKEY *pk,
+ const EVP_MD *md);
+int tls12_get_sigid(const EVP_PKEY *pk);
+const EVP_MD *tls12_get_hash(unsigned char hash_alg);
+
+# endif
EVP_MD_CTX *ssl_replace_hash(EVP_MD_CTX **hash, const EVP_MD *md);
void ssl_clear_hash_ctx(EVP_MD_CTX **hash);
-
int ssl_add_serverhello_renegotiate_ext(SSL *s, unsigned char *p, int *len,
int maxlen);
int ssl_parse_serverhello_renegotiate_ext(SSL *s, unsigned char *d, int len,
@@ -1049,7 +1194,19 @@
int maxlen);
int ssl_parse_clienthello_renegotiate_ext(SSL *s, unsigned char *d, int len,
int *al);
-# endif
+long ssl_get_algorithm2(SSL *s);
+int tls1_process_sigalgs(SSL *s, const unsigned char *data, int dsize);
+int tls12_get_req_sig_algs(SSL *s, unsigned char *p);
+
+int ssl_add_clienthello_use_srtp_ext(SSL *s, unsigned char *p, int *len,
+ int maxlen);
+int ssl_parse_clienthello_use_srtp_ext(SSL *s, unsigned char *d, int len,
+ int *al);
+int ssl_add_serverhello_use_srtp_ext(SSL *s, unsigned char *p, int *len,
+ int maxlen);
+int ssl_parse_serverhello_use_srtp_ext(SSL *s, unsigned char *d, int len,
+ int *al);
+
/* s3_cbc.c */
void ssl3_cbc_copy_mac(unsigned char *out,
const SSL3_RECORD *rec,
@@ -1060,8 +1217,8 @@
int tls1_cbc_remove_padding(const SSL *s,
SSL3_RECORD *rec,
unsigned block_size, unsigned mac_size);
-char ssl3_cbc_record_digest_supported(const EVP_MD *hash);
-void ssl3_cbc_digest_record(const EVP_MD *hash,
+char ssl3_cbc_record_digest_supported(const EVP_MD_CTX *ctx);
+void ssl3_cbc_digest_record(const EVP_MD_CTX *ctx,
unsigned char *md_out,
size_t *md_out_size,
const unsigned char header[13],
@@ -1072,8 +1229,17 @@
unsigned mac_secret_length, char is_sslv3);
void tls_fips_digest_extra(const EVP_CIPHER_CTX *cipher_ctx,
- const EVP_MD *hash, HMAC_CTX *hctx,
- const unsigned char *data, size_t data_len,
- size_t orig_len);
+ EVP_MD_CTX *mac_ctx, const unsigned char *data,
+ size_t data_len, size_t orig_len);
+int srp_verify_server_param(SSL *s, int *al);
+
+# else
+
+# define ssl_init_wbio_buffer SSL_test_functions()->p_ssl_init_wbio_buffer
+# define ssl3_setup_buffers SSL_test_functions()->p_ssl3_setup_buffers
+# define tls1_process_heartbeat SSL_test_functions()->p_tls1_process_heartbeat
+# define dtls1_process_heartbeat SSL_test_functions()->p_dtls1_process_heartbeat
+
+# endif
#endif
Modified: trunk/crypto/openssl/ssl/ssl_rsa.c
===================================================================
--- trunk/crypto/openssl/ssl/ssl_rsa.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/ssl/ssl_rsa.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -677,6 +677,7 @@
}
ret = SSL_CTX_use_certificate(ctx, x);
+
if (ERR_peek_error() != 0)
ret = 0; /* Key/certificate mismatch doesn't imply
* ret==0 ... */
@@ -694,9 +695,9 @@
ctx->extra_certs = NULL;
}
- while ((ca =
- PEM_read_bio_X509(in, NULL, ctx->default_passwd_callback,
- ctx->default_passwd_callback_userdata))
+ while ((ca = PEM_read_bio_X509(in, NULL,
+ ctx->default_passwd_callback,
+ ctx->default_passwd_callback_userdata))
!= NULL) {
r = SSL_CTX_add_extra_chain_cert(ctx, ca);
if (!r) {
Modified: trunk/crypto/openssl/ssl/ssl_sess.c
===================================================================
--- trunk/crypto/openssl/ssl/ssl_sess.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/ssl/ssl_sess.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -55,6 +55,85 @@
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
+/* ====================================================================
+ * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
#include <stdio.h>
#include <openssl/lhash.h>
@@ -130,8 +209,21 @@
ss->compress_meth = 0;
#ifndef OPENSSL_NO_TLSEXT
ss->tlsext_hostname = NULL;
+# ifndef OPENSSL_NO_EC
+ ss->tlsext_ecpointformatlist_length = 0;
+ ss->tlsext_ecpointformatlist = NULL;
+ ss->tlsext_ellipticcurvelist_length = 0;
+ ss->tlsext_ellipticcurvelist = NULL;
+# endif
#endif
CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data);
+#ifndef OPENSSL_NO_PSK
+ ss->psk_identity_hint = NULL;
+ ss->psk_identity = NULL;
+#endif
+#ifndef OPENSSL_NO_SRP
+ ss->srp_username = NULL;
+#endif
return (ss);
}
@@ -153,11 +245,22 @@
* Set the various pointers to NULL so that we can call SSL_SESSION_free in
* the case of an error whilst halfway through constructing dest
*/
+#ifndef OPENSSL_NO_PSK
+ dest->psk_identity_hint = NULL;
+ dest->psk_identity = NULL;
+#endif
dest->ciphers = NULL;
#ifndef OPENSSL_NO_TLSEXT
dest->tlsext_hostname = NULL;
+# ifndef OPENSSL_NO_EC
+ dest->tlsext_ecpointformatlist = NULL;
+ dest->tlsext_ellipticcurvelist = NULL;
+# endif
#endif
dest->tlsext_tick = NULL;
+#ifndef OPENSSL_NO_SRP
+ dest->srp_username = NULL;
+#endif
memset(&dest->ex_data, 0, sizeof(dest->ex_data));
/* We deliberately don't copy the prev and next pointers */
@@ -172,6 +275,21 @@
if (src->peer != NULL)
CRYPTO_add(&src->peer->references, 1, CRYPTO_LOCK_X509);
+#ifndef OPENSSL_NO_PSK
+ if (src->psk_identity_hint) {
+ dest->psk_identity_hint = BUF_strdup(src->psk_identity_hint);
+ if (dest->psk_identity_hint == NULL) {
+ goto err;
+ }
+ }
+ if (src->psk_identity) {
+ dest->psk_identity = BUF_strdup(src->psk_identity);
+ if (dest->psk_identity == NULL) {
+ goto err;
+ }
+ }
+#endif
+
if(src->ciphers != NULL) {
dest->ciphers = sk_SSL_CIPHER_dup(src->ciphers);
if (dest->ciphers == NULL)
@@ -190,6 +308,22 @@
goto err;
}
}
+# ifndef OPENSSL_NO_EC
+ if (src->tlsext_ecpointformatlist) {
+ dest->tlsext_ecpointformatlist =
+ BUF_memdup(src->tlsext_ecpointformatlist,
+ src->tlsext_ecpointformatlist_length);
+ if (dest->tlsext_ecpointformatlist == NULL)
+ goto err;
+ }
+ if (src->tlsext_ellipticcurvelist) {
+ dest->tlsext_ellipticcurvelist =
+ BUF_memdup(src->tlsext_ellipticcurvelist,
+ src->tlsext_ellipticcurvelist_length);
+ if (dest->tlsext_ellipticcurvelist == NULL)
+ goto err;
+ }
+# endif
#endif
if (ticket != 0) {
@@ -201,6 +335,15 @@
dest->tlsext_ticklen = 0;
}
+#ifndef OPENSSL_NO_SRP
+ if (src->srp_username) {
+ dest->srp_username = BUF_strdup(src->srp_username);
+ if (dest->srp_username == NULL) {
+ goto err;
+ }
+ }
+#endif
+
return dest;
err:
SSLerr(SSL_F_SSL_SESSION_DUP, ERR_R_MALLOC_FAILURE);
@@ -216,6 +359,11 @@
return s->session_id;
}
+unsigned int SSL_SESSION_get_compress_id(const SSL_SESSION *s)
+{
+ return s->compress_meth;
+}
+
/*
* Even with SSLv2, we have 16 bytes (128 bits) of session ID space.
* SSLv3/TLSv1 has 32 bytes (256 bits). As such, filling the ID with random
@@ -264,10 +412,10 @@
return (0);
/* If the context has a default timeout, use it */
- if (s->ctx->session_timeout == 0)
+ if (s->session_ctx->session_timeout == 0)
ss->timeout = SSL_get_default_timeout(s);
else
- ss->timeout = s->ctx->session_timeout;
+ ss->timeout = s->session_ctx->session_timeout;
if (s->session != NULL) {
SSL_SESSION_free(s->session);
@@ -284,6 +432,12 @@
} else if (s->version == TLS1_VERSION) {
ss->ssl_version = TLS1_VERSION;
ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
+ } else if (s->version == TLS1_1_VERSION) {
+ ss->ssl_version = TLS1_1_VERSION;
+ ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
+ } else if (s->version == TLS1_2_VERSION) {
+ ss->ssl_version = TLS1_2_VERSION;
+ ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
} else if (s->version == DTLS1_BAD_VER) {
ss->ssl_version = DTLS1_BAD_VER;
ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
@@ -296,7 +450,21 @@
return (0);
}
#ifndef OPENSSL_NO_TLSEXT
- /* If RFC4507 ticket use empty session ID */
+ /*-
+ * If RFC5077 ticket, use empty session ID (as server).
+ * Note that:
+ * (a) ssl_get_prev_session() does lookahead into the
+ * ClientHello extensions to find the session ticket.
+ * When ssl_get_prev_session() fails, s3_srvr.c calls
+ * ssl_get_new_session() in ssl3_get_client_hello().
+ * At that point, it has not yet parsed the extensions,
+ * however, because of the lookahead, it already knows
+ * whether a ticket is expected or not.
+ *
+ * (b) s3_clnt.c calls ssl_get_new_session() before parsing
+ * ServerHello extensions, and before recording the session
+ * ID received from the server, so this block is a noop.
+ */
if (s->tlsext_ticket_expected) {
ss->session_id_length = 0;
goto sess_id_done;
@@ -306,8 +474,8 @@
CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
if (s->generate_session_id)
cb = s->generate_session_id;
- else if (s->ctx->generate_session_id)
- cb = s->ctx->generate_session_id;
+ else if (s->session_ctx->generate_session_id)
+ cb = s->session_ctx->generate_session_id;
CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
/* Choose a session ID */
tmp = ss->session_id_length;
@@ -351,6 +519,38 @@
return 0;
}
}
+# ifndef OPENSSL_NO_EC
+ if (s->tlsext_ecpointformatlist) {
+ if (ss->tlsext_ecpointformatlist != NULL)
+ OPENSSL_free(ss->tlsext_ecpointformatlist);
+ if ((ss->tlsext_ecpointformatlist =
+ OPENSSL_malloc(s->tlsext_ecpointformatlist_length)) ==
+ NULL) {
+ SSLerr(SSL_F_SSL_GET_NEW_SESSION, ERR_R_MALLOC_FAILURE);
+ SSL_SESSION_free(ss);
+ return 0;
+ }
+ ss->tlsext_ecpointformatlist_length =
+ s->tlsext_ecpointformatlist_length;
+ memcpy(ss->tlsext_ecpointformatlist, s->tlsext_ecpointformatlist,
+ s->tlsext_ecpointformatlist_length);
+ }
+ if (s->tlsext_ellipticcurvelist) {
+ if (ss->tlsext_ellipticcurvelist != NULL)
+ OPENSSL_free(ss->tlsext_ellipticcurvelist);
+ if ((ss->tlsext_ellipticcurvelist =
+ OPENSSL_malloc(s->tlsext_ellipticcurvelist_length)) ==
+ NULL) {
+ SSLerr(SSL_F_SSL_GET_NEW_SESSION, ERR_R_MALLOC_FAILURE);
+ SSL_SESSION_free(ss);
+ return 0;
+ }
+ ss->tlsext_ellipticcurvelist_length =
+ s->tlsext_ellipticcurvelist_length;
+ memcpy(ss->tlsext_ellipticcurvelist, s->tlsext_ellipticcurvelist,
+ s->tlsext_ellipticcurvelist_length);
+ }
+# endif
#endif
} else {
ss->session_id_length = 0;
@@ -370,6 +570,26 @@
return (1);
}
+/*-
+ * ssl_get_prev attempts to find an SSL_SESSION to be used to resume this
+ * connection. It is only called by servers.
+ *
+ * session_id: points at the session ID in the ClientHello. This code will
+ * read past the end of this in order to parse out the session ticket
+ * extension, if any.
+ * len: the length of the session ID.
+ * limit: a pointer to the first byte after the ClientHello.
+ *
+ * Returns:
+ * -1: error
+ * 0: a session may have been found.
+ *
+ * Side effects:
+ * - If a session is found then s->session is pointed at it (after freeing an
+ * existing session if need be) and s->verify_result is set from the session.
+ * - Both for new and resumed sessions, s->tlsext_ticket_expected is set to 1
+ * if the server should issue a new session ticket (to 0 otherwise).
+ */
int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len,
const unsigned char *limit)
{
@@ -377,11 +597,12 @@
SSL_SESSION *ret = NULL;
int fatal = 0;
+ int try_session_cache = 1;
#ifndef OPENSSL_NO_TLSEXT
int r;
#endif
- if (len > SSL_MAX_SSL_SESSION_ID_LENGTH)
+ if (len < 0 || len > SSL_MAX_SSL_SESSION_ID_LENGTH)
goto err;
if (session_id + len > limit) {
@@ -389,22 +610,32 @@
goto err;
}
+ if (len == 0)
+ try_session_cache = 0;
+
#ifndef OPENSSL_NO_TLSEXT
+ /* sets s->tlsext_ticket_expected */
r = tls1_process_ticket(s, session_id, len, limit, &ret);
- if (r == -1) {
+ switch (r) {
+ case -1: /* Error during processing */
fatal = 1;
goto err;
- } else if (r == 0 || (!ret && !len))
- goto err;
- else if (!ret
- && !(s->session_ctx->session_cache_mode &
- SSL_SESS_CACHE_NO_INTERNAL_LOOKUP))
-#else
- if (len == 0)
- goto err;
- if (!(s->ctx->session_cache_mode & SSL_SESS_CACHE_NO_INTERNAL_LOOKUP))
+ case 0: /* No ticket found */
+ case 1: /* Zero length ticket found */
+ break; /* Ok to carry on processing session id. */
+ case 2: /* Ticket found but not decrypted. */
+ case 3: /* Ticket decrypted, *ret has been set. */
+ try_session_cache = 0;
+ break;
+ default:
+ abort();
+ }
#endif
- {
+
+ if (try_session_cache &&
+ ret == NULL &&
+ !(s->session_ctx->session_cache_mode &
+ SSL_SESS_CACHE_NO_INTERNAL_LOOKUP)) {
SSL_SESSION data;
data.ssl_version = s->version;
data.session_id_length = len;
@@ -412,22 +643,22 @@
return 0;
memcpy(data.session_id, session_id, len);
CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
- ret = (SSL_SESSION *)lh_retrieve(s->ctx->sessions, &data);
- if (ret != NULL)
+ ret = lh_SSL_SESSION_retrieve(s->session_ctx->sessions, &data);
+ if (ret != NULL) {
/* don't allow other threads to steal it: */
CRYPTO_add(&ret->references, 1, CRYPTO_LOCK_SSL_SESSION);
+ }
CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
+ if (ret == NULL)
+ s->session_ctx->stats.sess_miss++;
}
- if (ret == NULL) {
+ if (try_session_cache &&
+ ret == NULL && s->session_ctx->get_session_cb != NULL) {
int copy = 1;
- s->ctx->stats.sess_miss++;
- ret = NULL;
- if (s->ctx->get_session_cb != NULL
- && (ret = s->ctx->get_session_cb(s, session_id, len, ©))
- != NULL) {
- s->ctx->stats.sess_cb_hit++;
+ if ((ret = s->session_ctx->get_session_cb(s, session_id, len, ©))) {
+ s->session_ctx->stats.sess_cb_hit++;
/*
* Increment reference count now if the session callback asks us
@@ -444,34 +675,27 @@
* well if and only if we are supposed to.
*/
if (!
- (s->
- ctx->session_cache_mode & SSL_SESS_CACHE_NO_INTERNAL_STORE))
+ (s->session_ctx->session_cache_mode &
+ SSL_SESS_CACHE_NO_INTERNAL_STORE))
/*
* The following should not return 1, otherwise, things are
* very strange
*/
- SSL_CTX_add_session(s->ctx, ret);
+ SSL_CTX_add_session(s->session_ctx, ret);
}
- if (ret == NULL)
- goto err;
}
- /* Now ret is non-NULL, and we own one of its reference counts. */
+ if (ret == NULL)
+ goto err;
+ /* Now ret is non-NULL and we own one of its reference counts. */
+
if (ret->sid_ctx_length != s->sid_ctx_length
|| memcmp(ret->sid_ctx, s->sid_ctx, ret->sid_ctx_length)) {
/*
- * We've found the session named by the client, but we don't want to
+ * We have the session requested by the client, but we don't want to
* use it in this context.
*/
-
-#if 0 /* The client cannot always know when a
- * session is not appropriate, so we
- * shouldn't generate an error message. */
-
- SSLerr(SSL_F_SSL_GET_PREV_SESSION,
- SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT);
-#endif
goto err; /* treat like cache miss */
}
@@ -506,42 +730,37 @@
if (ret->cipher == NULL)
goto err;
}
-#if 0 /* This is way too late. */
- /*
- * If a thread got the session, then 'swaped', and another got it and
- * then due to a time-out decided to 'OPENSSL_free' it we could be in
- * trouble. So I'll increment it now, then double decrement later - am I
- * speaking rubbish?.
- */
- CRYPTO_add(&ret->references, 1, CRYPTO_LOCK_SSL_SESSION);
-#endif
-
if (ret->timeout < (long)(time(NULL) - ret->time)) { /* timeout */
- s->ctx->stats.sess_timeout++;
- /* remove it from the cache */
- SSL_CTX_remove_session(s->ctx, ret);
+ s->session_ctx->stats.sess_timeout++;
+ if (try_session_cache) {
+ /* session was from the cache, so remove it */
+ SSL_CTX_remove_session(s->session_ctx, ret);
+ }
goto err;
}
- s->ctx->stats.sess_hit++;
+ s->session_ctx->stats.sess_hit++;
- /*- ret->time=time(NULL); *//*
- * rezero timeout?
- */
- /*
- * again, just leave the session if it is the same session, we have just
- * incremented and then decremented the reference count :-)
- */
if (s->session != NULL)
SSL_SESSION_free(s->session);
s->session = ret;
s->verify_result = s->session->verify_result;
- return (1);
+ return 1;
err:
- if (ret != NULL)
+ if (ret != NULL) {
SSL_SESSION_free(ret);
+#ifndef OPENSSL_NO_TLSEXT
+ if (!try_session_cache) {
+ /*
+ * The session was from a ticket, so we should issue a ticket for
+ * the new session
+ */
+ s->tlsext_ticket_expected = 1;
+ }
+#endif
+ }
if (fatal)
return -1;
else
@@ -564,7 +783,7 @@
*/
CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
- s = (SSL_SESSION *)lh_insert(ctx->sessions, c);
+ s = lh_SSL_SESSION_insert(ctx->sessions, c);
/*
* s != NULL iff we already had a session with the given PID. In this
@@ -630,9 +849,9 @@
if ((c != NULL) && (c->session_id_length != 0)) {
if (lck)
CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
- if ((r = (SSL_SESSION *)lh_retrieve(ctx->sessions, c)) == c) {
+ if ((r = lh_SSL_SESSION_retrieve(ctx->sessions, c)) == c) {
ret = 1;
- r = (SSL_SESSION *)lh_delete(ctx->sessions, c);
+ r = lh_SSL_SESSION_delete(ctx->sessions, c);
SSL_SESSION_list_remove(ctx, c);
}
@@ -686,7 +905,25 @@
OPENSSL_free(ss->tlsext_hostname);
if (ss->tlsext_tick != NULL)
OPENSSL_free(ss->tlsext_tick);
+# ifndef OPENSSL_NO_EC
+ ss->tlsext_ecpointformatlist_length = 0;
+ if (ss->tlsext_ecpointformatlist != NULL)
+ OPENSSL_free(ss->tlsext_ecpointformatlist);
+ ss->tlsext_ellipticcurvelist_length = 0;
+ if (ss->tlsext_ellipticcurvelist != NULL)
+ OPENSSL_free(ss->tlsext_ellipticcurvelist);
+# endif /* OPENSSL_NO_EC */
#endif
+#ifndef OPENSSL_NO_PSK
+ if (ss->psk_identity_hint != NULL)
+ OPENSSL_free(ss->psk_identity_hint);
+ if (ss->psk_identity != NULL)
+ OPENSSL_free(ss->psk_identity);
+#endif
+#ifndef OPENSSL_NO_SRP
+ if (ss->srp_username != NULL)
+ OPENSSL_free(ss->srp_username);
+#endif
OPENSSL_cleanse(ss, sizeof(*ss));
OPENSSL_free(ss);
}
@@ -694,7 +931,7 @@
int SSL_set_session(SSL *s, SSL_SESSION *session)
{
int ret = 0;
- SSL_METHOD *meth;
+ const SSL_METHOD *meth;
if (session != NULL) {
meth = s->ctx->method->get_ssl_method(session->ssl_version);
@@ -708,10 +945,6 @@
if (meth != s->method) {
if (!SSL_set_ssl_method(s, meth))
return (0);
- if (s->ctx->session_timeout == 0)
- session->timeout = SSL_get_default_timeout(s);
- else
- session->timeout = s->ctx->session_timeout;
}
#ifndef OPENSSL_NO_KRB5
if (s->kssl_ctx && !s->kssl_ctx->client_princ &&
@@ -778,6 +1011,25 @@
return (t);
}
+X509 *SSL_SESSION_get0_peer(SSL_SESSION *s)
+{
+ return s->peer;
+}
+
+int SSL_SESSION_set1_id_context(SSL_SESSION *s, const unsigned char *sid_ctx,
+ unsigned int sid_ctx_len)
+{
+ if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) {
+ SSLerr(SSL_F_SSL_SESSION_SET1_ID_CONTEXT,
+ SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
+ return 0;
+ }
+ s->sid_ctx_length = sid_ctx_len;
+ memcpy(s->sid_ctx, sid_ctx, sid_ctx_len);
+
+ return 1;
+}
+
long SSL_CTX_set_timeout(SSL_CTX *s, long t)
{
long l;
@@ -795,13 +1047,73 @@
return (s->session_timeout);
}
+#ifndef OPENSSL_NO_TLSEXT
+int SSL_set_session_secret_cb(SSL *s,
+ int (*tls_session_secret_cb) (SSL *s,
+ void *secret,
+ int *secret_len,
+ STACK_OF(SSL_CIPHER)
+ *peer_ciphers,
+ SSL_CIPHER
+ **cipher,
+ void *arg),
+ void *arg)
+{
+ if (s == NULL)
+ return (0);
+ s->tls_session_secret_cb = tls_session_secret_cb;
+ s->tls_session_secret_cb_arg = arg;
+ return (1);
+}
+
+int SSL_set_session_ticket_ext_cb(SSL *s, tls_session_ticket_ext_cb_fn cb,
+ void *arg)
+{
+ if (s == NULL)
+ return (0);
+ s->tls_session_ticket_ext_cb = cb;
+ s->tls_session_ticket_ext_cb_arg = arg;
+ return (1);
+}
+
+int SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len)
+{
+ if (s->version >= TLS1_VERSION) {
+ if (s->tlsext_session_ticket) {
+ OPENSSL_free(s->tlsext_session_ticket);
+ s->tlsext_session_ticket = NULL;
+ }
+
+ s->tlsext_session_ticket =
+ OPENSSL_malloc(sizeof(TLS_SESSION_TICKET_EXT) + ext_len);
+ if (!s->tlsext_session_ticket) {
+ SSLerr(SSL_F_SSL_SET_SESSION_TICKET_EXT, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+
+ if (ext_data) {
+ s->tlsext_session_ticket->length = ext_len;
+ s->tlsext_session_ticket->data = s->tlsext_session_ticket + 1;
+ memcpy(s->tlsext_session_ticket->data, ext_data, ext_len);
+ } else {
+ s->tlsext_session_ticket->length = 0;
+ s->tlsext_session_ticket->data = NULL;
+ }
+
+ return 1;
+ }
+
+ return 0;
+}
+#endif /* OPENSSL_NO_TLSEXT */
+
typedef struct timeout_param_st {
SSL_CTX *ctx;
long time;
- LHASH *cache;
+ LHASH_OF(SSL_SESSION) *cache;
} TIMEOUT_PARAM;
-static void timeout(SSL_SESSION *s, TIMEOUT_PARAM *p)
+static void timeout_doall_arg(SSL_SESSION *s, TIMEOUT_PARAM *p)
{
if ((p->time == 0) || (p->time > (s->time + s->timeout))) { /* timeout */
/*
@@ -808,7 +1120,7 @@
* The reason we don't call SSL_CTX_remove_session() is to save on
* locking overhead
*/
- lh_delete(p->cache, s);
+ (void)lh_SSL_SESSION_delete(p->cache, s);
SSL_SESSION_list_remove(p->ctx, s);
s->not_resumable = 1;
if (p->ctx->remove_session_cb != NULL)
@@ -817,7 +1129,7 @@
}
}
-static IMPLEMENT_LHASH_DOALL_ARG_FN(timeout, SSL_SESSION *, TIMEOUT_PARAM *)
+static IMPLEMENT_LHASH_DOALL_ARG_FN(timeout, SSL_SESSION, TIMEOUT_PARAM)
void SSL_CTX_flush_sessions(SSL_CTX *s, long t)
{
@@ -830,10 +1142,11 @@
return;
tp.time = t;
CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
- i = tp.cache->down_load;
- tp.cache->down_load = 0;
- lh_doall_arg(tp.cache, LHASH_DOALL_ARG_FN(timeout), &tp);
- tp.cache->down_load = i;
+ i = CHECKED_LHASH_OF(SSL_SESSION, tp.cache)->down_load;
+ CHECKED_LHASH_OF(SSL_SESSION, tp.cache)->down_load = 0;
+ lh_SSL_SESSION_doall_arg(tp.cache, LHASH_DOALL_ARG_FN(timeout),
+ TIMEOUT_PARAM, &tp);
+ CHECKED_LHASH_OF(SSL_SESSION, tp.cache)->down_load = i;
CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
}
@@ -987,3 +1300,6 @@
{
ctx->app_verify_cookie_cb = cb;
}
+
+IMPLEMENT_PEM_rw(SSL_SESSION, SSL_SESSION, PEM_STRING_SSL_SESSION,
+ SSL_SESSION)
Modified: trunk/crypto/openssl/ssl/ssl_stat.c
===================================================================
--- trunk/crypto/openssl/ssl/ssl_stat.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/ssl/ssl_stat.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -55,6 +55,32 @@
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
#include <stdio.h>
#include "ssl_locl.h"
@@ -91,6 +117,9 @@
case SSL_ST_OK | SSL_ST_ACCEPT:
str = "ok/accept SSL initialization";
break;
+ case SSL_ST_ERR:
+ str = "error";
+ break;
#ifndef OPENSSL_NO_SSL2
case SSL2_ST_CLIENT_START_ENCRYPTION:
str = "SSLv2 client start encryption";
@@ -470,6 +499,9 @@
case SSL_ST_OK:
str = "SSLOK ";
break;
+ case SSL_ST_ERR:
+ str = "SSLERR";
+ break;
#ifndef OPENSSL_NO_SSL2
case SSL2_ST_CLIENT_START_ENCRYPTION:
str = "2CSENC";
Modified: trunk/crypto/openssl/ssl/ssl_txt.c
===================================================================
--- trunk/crypto/openssl/ssl/ssl_txt.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/ssl/ssl_txt.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -55,6 +55,32 @@
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
#include <stdio.h>
#include <openssl/buffer.h>
@@ -90,6 +116,10 @@
s = "SSLv2";
else if (x->ssl_version == SSL3_VERSION)
s = "SSLv3";
+ else if (x->ssl_version == TLS1_2_VERSION)
+ s = "TLSv1.2";
+ else if (x->ssl_version == TLS1_1_VERSION)
+ s = "TLSv1.1";
else if (x->ssl_version == TLS1_VERSION)
s = "TLSv1";
else if (x->ssl_version == DTLS1_VERSION)
@@ -157,6 +187,23 @@
goto err;
}
#endif /* OPENSSL_NO_KRB5 */
+#ifndef OPENSSL_NO_PSK
+ if (BIO_puts(bp, "\n PSK identity: ") <= 0)
+ goto err;
+ if (BIO_printf(bp, "%s", x->psk_identity ? x->psk_identity : "None") <= 0)
+ goto err;
+ if (BIO_puts(bp, "\n PSK identity hint: ") <= 0)
+ goto err;
+ if (BIO_printf
+ (bp, "%s", x->psk_identity_hint ? x->psk_identity_hint : "None") <= 0)
+ goto err;
+#endif
+#ifndef OPENSSL_NO_SRP
+ if (BIO_puts(bp, "\n SRP username: ") <= 0)
+ goto err;
+ if (BIO_printf(bp, "%s", x->srp_username ? x->srp_username : "None") <= 0)
+ goto err;
+#endif
#ifndef OPENSSL_NO_TLSEXT
if (x->tlsext_tick_lifetime_hint) {
if (BIO_printf(bp,
@@ -172,11 +219,12 @@
goto err;
}
#endif
+
#ifndef OPENSSL_NO_COMP
if (x->compress_meth != 0) {
SSL_COMP *comp = NULL;
- ssl_cipher_get_evp(x, NULL, NULL, &comp);
+ ssl_cipher_get_evp(x, NULL, NULL, NULL, NULL, &comp);
if (comp == NULL) {
if (BIO_printf(bp, "\n Compression: %d", x->compress_meth) <=
0)
Copied: trunk/crypto/openssl/ssl/ssl_utst.c (from rev 7117, vendor-crypto/openssl/dist/ssl/ssl_utst.c)
===================================================================
--- trunk/crypto/openssl/ssl/ssl_utst.c (rev 0)
+++ trunk/crypto/openssl/ssl/ssl_utst.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,72 @@
+/* ssl_utst.c */
+/*
+ * Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2014 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include "ssl_locl.h"
+
+#ifndef OPENSSL_NO_UNIT_TEST
+
+static const struct openssl_ssl_test_functions ssl_test_functions = {
+ ssl_init_wbio_buffer,
+ ssl3_setup_buffers,
+ tls1_process_heartbeat,
+ dtls1_process_heartbeat
+};
+
+const struct openssl_ssl_test_functions *SSL_test_functions(void)
+{
+ return &ssl_test_functions;
+}
+
+#endif
Modified: trunk/crypto/openssl/ssl/ssltest.c
===================================================================
--- trunk/crypto/openssl/ssl/ssltest.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/ssl/ssltest.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -113,6 +113,32 @@
* ECC cipher suite support in OpenSSL originally developed by
* SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
*/
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
/* Or gethostname won't be declared properly on Linux and GNU platforms. */
#define _BSD_SOURCE 1
@@ -128,10 +154,13 @@
#define USE_SOCKETS
#include "e_os.h"
+#ifdef OPENSSL_SYS_VMS
/*
* Or isascii won't be declared properly on VMS (at least with DECompHP C).
*/
-#define _XOPEN_SOURCE 500
+# define _XOPEN_SOURCE 500
+#endif
+
#include <ctype.h>
#include <openssl/bio.h>
@@ -154,6 +183,9 @@
#ifndef OPENSSL_NO_DH
# include <openssl/dh.h>
#endif
+#ifndef OPENSSL_NO_SRP
+# include <openssl/srp.h>
+#endif
#include <openssl/bn.h>
/*
@@ -212,6 +244,57 @@
static DH *get_dh1024dsa(void);
#endif
+static char *psk_key = NULL; /* by default PSK is not used */
+#ifndef OPENSSL_NO_PSK
+static unsigned int psk_client_callback(SSL *ssl, const char *hint,
+ char *identity,
+ unsigned int max_identity_len,
+ unsigned char *psk,
+ unsigned int max_psk_len);
+static unsigned int psk_server_callback(SSL *ssl, const char *identity,
+ unsigned char *psk,
+ unsigned int max_psk_len);
+#endif
+
+#ifndef OPENSSL_NO_SRP
+/* SRP client */
+/* This is a context that we pass to all callbacks */
+typedef struct srp_client_arg_st {
+ char *srppassin;
+ char *srplogin;
+} SRP_CLIENT_ARG;
+
+# define PWD_STRLEN 1024
+
+static char *MS_CALLBACK ssl_give_srp_client_pwd_cb(SSL *s, void *arg)
+{
+ SRP_CLIENT_ARG *srp_client_arg = (SRP_CLIENT_ARG *)arg;
+ return BUF_strdup((char *)srp_client_arg->srppassin);
+}
+
+/* SRP server */
+/* This is a context that we pass to SRP server callbacks */
+typedef struct srp_server_arg_st {
+ char *expected_user;
+ char *pass;
+} SRP_SERVER_ARG;
+
+static int MS_CALLBACK ssl_srp_server_param_cb(SSL *s, int *ad, void *arg)
+{
+ SRP_SERVER_ARG *p = (SRP_SERVER_ARG *)arg;
+
+ if (strcmp(p->expected_user, SSL_get_srp_username(s)) != 0) {
+ fprintf(stderr, "User %s doesn't exist\n", SSL_get_srp_username(s));
+ return SSL3_AL_FATAL;
+ }
+ if (SSL_set_srp_server_param_pw(s, p->expected_user, p->pass, "1024") < 0) {
+ *ad = SSL_AD_INTERNAL_ERROR;
+ return SSL3_AL_FATAL;
+ }
+ return SSL_ERROR_NONE;
+}
+#endif
+
static BIO *bio_err = NULL;
static BIO *bio_stdout = NULL;
@@ -253,8 +336,10 @@
" -bytes <val> - number of bytes to swap between client/server\n");
#ifndef OPENSSL_NO_DH
fprintf(stderr,
- " -dhe1024 - use 1024 bit key (safe prime) for DHE\n");
+ " -dhe512 - use 512 bit key for DHE (to test failure)\n");
fprintf(stderr,
+ " -dhe1024 - use 1024 bit key (safe prime) for DHE (default, no-op)\n");
+ fprintf(stderr,
" -dhe1024dsa - use 1024 bit key (with 160-bit subprime) for DHE\n");
fprintf(stderr, " -no_dhe - disable DHE\n");
#endif
@@ -261,10 +346,17 @@
#ifndef OPENSSL_NO_ECDH
fprintf(stderr, " -no_ecdhe - disable ECDHE\n");
#endif
+#ifndef OPENSSL_NO_PSK
+ fprintf(stderr, " -psk arg - PSK in hex (without 0x)\n");
+#endif
+#ifndef OPENSSL_NO_SRP
+ fprintf(stderr, " -srpuser user - SRP username to use\n");
+ fprintf(stderr, " -srppass arg - password for 'user'\n");
+#endif
#ifndef OPENSSL_NO_SSL2
fprintf(stderr, " -ssl2 - use SSLv2\n");
#endif
-#ifndef OPENSSL_NO_SSL3
+#ifndef OPENSSL_NO_SSL3_METHOD
fprintf(stderr, " -ssl3 - use SSLv3\n");
#endif
#ifndef OPENSSL_NO_TLS1
@@ -292,12 +384,14 @@
" (default is sect163r2).\n");
#endif
fprintf(stderr,
- " -test_cipherlist - verifies the order of the ssl cipher lists\n");
+ " -test_cipherlist - Verifies the order of the ssl cipher lists.\n"
+ " When this option is requested, the cipherlist\n"
+ " tests are run instead of handshake tests.\n");
}
static void print_details(SSL *c_ssl, const char *prefix)
{
- SSL_CIPHER *ciph;
+ const SSL_CIPHER *ciph;
X509 *cert;
ciph = SSL_get_current_cipher(c_ssl);
@@ -389,6 +483,30 @@
}
}
+#ifdef TLSEXT_TYPE_opaque_prf_input
+struct cb_info_st {
+ void *input;
+ size_t len;
+ int ret;
+};
+struct cb_info_st co1 = { "C", 1, 1 }; /* try to negotiate oqaque PRF input */
+struct cb_info_st co2 = { "C", 1, 2 }; /* insist on oqaque PRF input */
+struct cb_info_st so1 = { "S", 1, 1 }; /* try to negotiate oqaque PRF input */
+struct cb_info_st so2 = { "S", 1, 2 }; /* insist on oqaque PRF input */
+
+int opaque_prf_input_cb(SSL *ssl, void *peerinput, size_t len, void *arg_)
+{
+ struct cb_info_st *arg = arg_;
+
+ if (arg == NULL)
+ return 1;
+
+ if (!SSL_set_tlsext_opaque_prf_input(ssl, arg->input, arg->len))
+ return 0;
+ return arg->ret;
+}
+#endif
+
int main(int argc, char *argv[])
{
char *CApath = NULL, *CAfile = NULL;
@@ -409,36 +527,44 @@
#endif
SSL_CTX *s_ctx = NULL;
SSL_CTX *c_ctx = NULL;
- SSL_METHOD *meth = NULL;
+ const SSL_METHOD *meth = NULL;
SSL *c_ssl, *s_ssl;
int number = 1, reuse = 0;
long bytes = 256L;
#ifndef OPENSSL_NO_DH
DH *dh;
- int dhe1024 = 1, dhe1024dsa = 0;
+ int dhe512 = 0, dhe1024dsa = 0;
#endif
#ifndef OPENSSL_NO_ECDH
EC_KEY *ecdh = NULL;
#endif
+#ifndef OPENSSL_NO_SRP
+ /* client */
+ SRP_CLIENT_ARG srp_client_arg = { NULL, NULL };
+ /* server */
+ SRP_SERVER_ARG srp_server_arg = { NULL, NULL };
+#endif
int no_dhe = 0;
int no_ecdhe = 0;
+ int no_psk = 0;
int print_time = 0;
clock_t s_time = 0, c_time = 0;
int comp = 0;
#ifndef OPENSSL_NO_COMP
COMP_METHOD *cm = NULL;
+ STACK_OF(SSL_COMP) *ssl_comp_methods = NULL;
#endif
- STACK_OF(SSL_COMP) *ssl_comp_methods = NULL;
int test_cipherlist = 0;
#ifdef OPENSSL_FIPS
int fips_mode = 0;
#endif
+ int no_protocol = 0;
verbose = 0;
debug = 0;
cipher = 0;
- bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
+ bio_err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT);
CRYPTO_set_locking_callback(lock_dbg_cb);
@@ -455,7 +581,7 @@
RAND_seed(rnd_seed, sizeof rnd_seed);
- bio_stdout = BIO_new_fp(stdout, BIO_NOCLOSE);
+ bio_stdout = BIO_new_fp(stdout, BIO_NOCLOSE | BIO_FP_TEXT);
argc--;
argv++;
@@ -487,12 +613,12 @@
debug = 1;
else if (strcmp(*argv, "-reuse") == 0)
reuse = 1;
- else if (strcmp(*argv, "-dhe1024") == 0) {
+ else if (strcmp(*argv, "-dhe512") == 0) {
#ifndef OPENSSL_NO_DH
- dhe1024 = 1;
+ dhe512 = 1;
#else
fprintf(stderr,
- "ignoring -dhe1024, since I'm compiled without DH\n");
+ "ignoring -dhe512, since I'm compiled without DH\n");
#endif
} else if (strcmp(*argv, "-dhe1024dsa") == 0) {
#ifndef OPENSSL_NO_DH
@@ -499,19 +625,55 @@
dhe1024dsa = 1;
#else
fprintf(stderr,
- "ignoring -dhe1024, since I'm compiled without DH\n");
+ "ignoring -dhe1024dsa, since I'm compiled without DH\n");
#endif
} else if (strcmp(*argv, "-no_dhe") == 0)
no_dhe = 1;
else if (strcmp(*argv, "-no_ecdhe") == 0)
no_ecdhe = 1;
- else if (strcmp(*argv, "-ssl2") == 0)
+ else if (strcmp(*argv, "-psk") == 0) {
+ if (--argc < 1)
+ goto bad;
+ psk_key = *(++argv);
+#ifndef OPENSSL_NO_PSK
+ if (strspn(psk_key, "abcdefABCDEF1234567890") != strlen(psk_key)) {
+ BIO_printf(bio_err, "Not a hex number '%s'\n", *argv);
+ goto bad;
+ }
+#else
+ no_psk = 1;
+#endif
+ }
+#ifndef OPENSSL_NO_SRP
+ else if (strcmp(*argv, "-srpuser") == 0) {
+ if (--argc < 1)
+ goto bad;
+ srp_server_arg.expected_user = srp_client_arg.srplogin =
+ *(++argv);
+ tls1 = 1;
+ } else if (strcmp(*argv, "-srppass") == 0) {
+ if (--argc < 1)
+ goto bad;
+ srp_server_arg.pass = srp_client_arg.srppassin = *(++argv);
+ tls1 = 1;
+ }
+#endif
+ else if (strcmp(*argv, "-ssl2") == 0) {
+#ifdef OPENSSL_NO_SSL2
+ no_protocol = 1;
+#endif
ssl2 = 1;
- else if (strcmp(*argv, "-tls1") == 0)
+ } else if (strcmp(*argv, "-tls1") == 0) {
+#ifdef OPENSSL_NO_TLS1
+ no_protocol = 1;
+#endif
tls1 = 1;
- else if (strcmp(*argv, "-ssl3") == 0)
+ } else if (strcmp(*argv, "-ssl3") == 0) {
+#ifdef OPENSSL_NO_SSL3_METHOD
+ no_protocol = 1;
+#endif
ssl3 = 1;
- else if (strncmp(*argv, "-num", 4) == 0) {
+ } else if (strncmp(*argv, "-num", 4) == 0) {
if (--argc < 1)
goto bad;
number = atoi(*(++argv));
@@ -604,10 +766,16 @@
goto end;
}
+ /*
+ * test_cipherlist prevails over protocol switch: we test the cipherlist
+ * for all enabled protocols.
+ */
if (test_cipherlist == 1) {
/*
* ensure that the cipher list are correctly sorted and exit
*/
+ fprintf(stdout, "Testing cipherlist order only. Ignoring all "
+ "other options.\n");
if (do_test_cipherlist() == 0)
EXIT(1);
ret = 0;
@@ -614,6 +782,24 @@
goto end;
}
+ if (ssl2 + ssl3 + tls1 > 1) {
+ fprintf(stderr, "At most one of -ssl2, -ssl3, or -tls1 should "
+ "be requested.\n");
+ EXIT(1);
+ }
+
+ /*
+ * Testing was requested for a compiled-out protocol (e.g. SSLv2).
+ * Ideally, we would error out, but the generic test wrapper can't know
+ * when to expect failure. So we do nothing and return success.
+ */
+ if (no_protocol) {
+ fprintf(stderr, "Testing was requested for a disabled protocol. "
+ "Skipping tests.\n");
+ ret = 0;
+ goto end;
+ }
+
if (!ssl2 && !ssl3 && !tls1 && number > 1 && !reuse && !force) {
fprintf(stderr, "This case cannot work. Use -f to perform "
"the test anyway (and\n-d to see what happens), "
@@ -680,27 +866,27 @@
}
#endif
-#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
+ /*
+ * At this point, ssl2/ssl3/tls1 is only set if the protocol is
+ * available. (Otherwise we exit early.) However the compiler doesn't
+ * know this, so we ifdef.
+ */
+#ifndef OPENSSL_NO_SSL2
if (ssl2)
meth = SSLv2_method();
- else if (tls1)
- meth = TLSv1_method();
- else if (ssl3)
+ else
+#endif
+#ifndef OPENSSL_NO_SSL3
+ if (ssl3)
meth = SSLv3_method();
else
- meth = SSLv23_method();
-#else
-# ifdef OPENSSL_NO_SSL2
+#endif
+#ifndef OPENSSL_NO_TLS1
if (tls1)
meth = TLSv1_method();
- else if (ssl3)
- meth = SSLv3_method();
else
+#endif
meth = SSLv23_method();
-# else
- meth = SSLv2_method();
-# endif
-#endif
c_ctx = SSL_CTX_new(meth);
s_ctx = SSL_CTX_new(meth);
@@ -721,10 +907,10 @@
*/
SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_DH_USE);
dh = get_dh1024dsa();
- } else if (dhe1024)
+ } else if (dhe512)
+ dh = get_dh512();
+ else
dh = get_dh1024();
- else
- dh = get_dh512();
SSL_CTX_set_tmp_dh(s_ctx, dh);
DH_free(dh);
}
@@ -743,7 +929,11 @@
goto end;
}
} else
+# ifdef OPENSSL_NO_EC2M
+ nid = NID_X9_62_prime256v1;
+# else
nid = NID_sect163r2;
+# endif
ecdh = EC_KEY_new_by_curve_name(nid);
if (ecdh == NULL) {
@@ -763,6 +953,15 @@
SSL_CTX_set_tmp_rsa_callback(s_ctx, tmp_rsa_cb);
#endif
+#ifdef TLSEXT_TYPE_opaque_prf_input
+ SSL_CTX_set_tlsext_opaque_prf_input_callback(c_ctx, opaque_prf_input_cb);
+ SSL_CTX_set_tlsext_opaque_prf_input_callback(s_ctx, opaque_prf_input_cb);
+ /* or &co2 or NULL */
+ SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(c_ctx, &co1);
+ /* or &so2 or NULL */
+ SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(s_ctx, &so1);
+#endif
+
if (!SSL_CTX_use_certificate_file(s_ctx, server_cert, SSL_FILETYPE_PEM)) {
ERR_print_errors(bio_err);
} else if (!SSL_CTX_use_PrivateKey_file(s_ctx,
@@ -810,6 +1009,52 @@
sizeof session_id_context);
}
+ /* Use PSK only if PSK key is given */
+ if (psk_key != NULL) {
+ /*
+ * no_psk is used to avoid putting psk command to openssl tool
+ */
+ if (no_psk) {
+ /*
+ * if PSK is not compiled in and psk key is given, do nothing and
+ * exit successfully
+ */
+ ret = 0;
+ goto end;
+ }
+#ifndef OPENSSL_NO_PSK
+ SSL_CTX_set_psk_client_callback(c_ctx, psk_client_callback);
+ SSL_CTX_set_psk_server_callback(s_ctx, psk_server_callback);
+ if (debug)
+ BIO_printf(bio_err, "setting PSK identity hint to s_ctx\n");
+ if (!SSL_CTX_use_psk_identity_hint(s_ctx, "ctx server identity_hint")) {
+ BIO_printf(bio_err, "error setting PSK identity hint to s_ctx\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+#endif
+ }
+#ifndef OPENSSL_NO_SRP
+ if (srp_client_arg.srplogin) {
+ if (!SSL_CTX_set_srp_username(c_ctx, srp_client_arg.srplogin)) {
+ BIO_printf(bio_err, "Unable to set SRP username\n");
+ goto end;
+ }
+ SSL_CTX_set_srp_cb_arg(c_ctx, &srp_client_arg);
+ SSL_CTX_set_srp_client_pwd_callback(c_ctx,
+ ssl_give_srp_client_pwd_cb);
+ /*
+ * SSL_CTX_set_srp_strength(c_ctx, srp_client_arg.strength);
+ */
+ }
+
+ if (srp_server_arg.expected_user != NULL) {
+ SSL_CTX_set_verify(s_ctx, SSL_VERIFY_NONE, verify_callback);
+ SSL_CTX_set_srp_cb_arg(s_ctx, &srp_server_arg);
+ SSL_CTX_set_srp_username_callback(s_ctx, ssl_srp_server_param_cb);
+ }
+#endif
+
c_ssl = SSL_new(c_ctx);
s_ssl = SSL_new(s_ctx);
@@ -886,7 +1131,7 @@
#endif
CRYPTO_cleanup_all_ex_data();
ERR_free_strings();
- ERR_remove_state(0);
+ ERR_remove_thread_state(NULL);
EVP_cleanup();
CRYPTO_mem_leaks(bio_err);
if (bio_err != NULL)
@@ -2156,11 +2401,77 @@
}
#endif
+#ifndef OPENSSL_NO_PSK
+/* convert the PSK key (psk_key) in ascii to binary (psk) */
+static int psk_key2bn(const char *pskkey, unsigned char *psk,
+ unsigned int max_psk_len)
+{
+ int ret;
+ BIGNUM *bn = NULL;
+
+ ret = BN_hex2bn(&bn, pskkey);
+ if (!ret) {
+ BIO_printf(bio_err, "Could not convert PSK key '%s' to BIGNUM\n",
+ pskkey);
+ if (bn)
+ BN_free(bn);
+ return 0;
+ }
+ if (BN_num_bytes(bn) > (int)max_psk_len) {
+ BIO_printf(bio_err,
+ "psk buffer of callback is too small (%d) for key (%d)\n",
+ max_psk_len, BN_num_bytes(bn));
+ BN_free(bn);
+ return 0;
+ }
+ ret = BN_bn2bin(bn, psk);
+ BN_free(bn);
+ return ret;
+}
+
+static unsigned int psk_client_callback(SSL *ssl, const char *hint,
+ char *identity,
+ unsigned int max_identity_len,
+ unsigned char *psk,
+ unsigned int max_psk_len)
+{
+ int ret;
+ unsigned int psk_len = 0;
+
+ ret = BIO_snprintf(identity, max_identity_len, "Client_identity");
+ if (ret < 0)
+ goto out_err;
+ if (debug)
+ fprintf(stderr, "client: created identity '%s' len=%d\n", identity,
+ ret);
+ ret = psk_key2bn(psk_key, psk, max_psk_len);
+ if (ret < 0)
+ goto out_err;
+ psk_len = ret;
+ out_err:
+ return psk_len;
+}
+
+static unsigned int psk_server_callback(SSL *ssl, const char *identity,
+ unsigned char *psk,
+ unsigned int max_psk_len)
+{
+ unsigned int psk_len = 0;
+
+ if (strcmp(identity, "Client_identity") != 0) {
+ BIO_printf(bio_err, "server: PSK error: client identity not found\n");
+ return 0;
+ }
+ psk_len = psk_key2bn(psk_key, psk, max_psk_len);
+ return psk_len;
+}
+#endif
+
static int do_test_cipherlist(void)
{
int i = 0;
const SSL_METHOD *meth;
- SSL_CIPHER *ci, *tci = NULL;
+ const SSL_CIPHER *ci, *tci = NULL;
#ifndef OPENSSL_NO_SSL2
fprintf(stderr, "testing SSLv2 cipher list order: ");
Modified: trunk/crypto/openssl/ssl/t1_clnt.c
===================================================================
--- trunk/crypto/openssl/ssl/t1_clnt.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/ssl/t1_clnt.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -63,15 +63,26 @@
#include <openssl/objects.h>
#include <openssl/evp.h>
-static SSL_METHOD *tls1_get_client_method(int ver);
-static SSL_METHOD *tls1_get_client_method(int ver)
+static const SSL_METHOD *tls1_get_client_method(int ver);
+static const SSL_METHOD *tls1_get_client_method(int ver)
{
+ if (ver == TLS1_2_VERSION)
+ return TLSv1_2_client_method();
+ if (ver == TLS1_1_VERSION)
+ return TLSv1_1_client_method();
if (ver == TLS1_VERSION)
- return (TLSv1_client_method());
- else
- return (NULL);
+ return TLSv1_client_method();
+ return NULL;
}
-IMPLEMENT_tls1_meth_func(TLSv1_client_method,
- ssl_undefined_function,
- ssl3_connect, tls1_get_client_method)
+IMPLEMENT_tls_meth_func(TLS1_2_VERSION, TLSv1_2_client_method,
+ ssl_undefined_function,
+ ssl3_connect, tls1_get_client_method)
+
+ IMPLEMENT_tls_meth_func(TLS1_1_VERSION, TLSv1_1_client_method,
+ ssl_undefined_function,
+ ssl3_connect, tls1_get_client_method)
+
+ IMPLEMENT_tls_meth_func(TLS1_VERSION, TLSv1_client_method,
+ ssl_undefined_function,
+ ssl3_connect, tls1_get_client_method)
Modified: trunk/crypto/openssl/ssl/t1_enc.c
===================================================================
--- trunk/crypto/openssl/ssl/t1_enc.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/ssl/t1_enc.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -56,7 +56,7 @@
* [including the GNU Public Licence.]
*/
/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -108,6 +108,32 @@
* Hudson (tjh at cryptsoft.com).
*
*/
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
#include <stdio.h>
#include "ssl_locl.h"
@@ -117,105 +143,178 @@
#include <openssl/evp.h>
#include <openssl/hmac.h>
#include <openssl/md5.h>
+#include <openssl/rand.h>
#ifdef KSSL_DEBUG
# include <openssl/des.h>
#endif
-static void tls1_P_hash(const EVP_MD *md, const unsigned char *sec,
- int sec_len, unsigned char *seed, int seed_len,
- unsigned char *out, int olen)
+/* seed1 through seed5 are virtually concatenated */
+static int tls1_P_hash(const EVP_MD *md, const unsigned char *sec,
+ int sec_len,
+ const void *seed1, int seed1_len,
+ const void *seed2, int seed2_len,
+ const void *seed3, int seed3_len,
+ const void *seed4, int seed4_len,
+ const void *seed5, int seed5_len,
+ unsigned char *out, int olen)
{
int chunk;
- unsigned int j;
- HMAC_CTX ctx;
- HMAC_CTX ctx_tmp;
+ size_t j;
+ EVP_MD_CTX ctx, ctx_tmp;
+ EVP_PKEY *mac_key;
unsigned char A1[EVP_MAX_MD_SIZE];
- unsigned int A1_len;
+ size_t A1_len;
+ int ret = 0;
chunk = EVP_MD_size(md);
+ OPENSSL_assert(chunk >= 0);
- HMAC_CTX_init(&ctx);
- HMAC_CTX_init(&ctx_tmp);
- HMAC_CTX_set_flags(&ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
- HMAC_CTX_set_flags(&ctx_tmp, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
- HMAC_Init_ex(&ctx, sec, sec_len, md, NULL);
- HMAC_Init_ex(&ctx_tmp, sec, sec_len, md, NULL);
- HMAC_Update(&ctx, seed, seed_len);
- HMAC_Final(&ctx, A1, &A1_len);
+ EVP_MD_CTX_init(&ctx);
+ EVP_MD_CTX_init(&ctx_tmp);
+ EVP_MD_CTX_set_flags(&ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
+ EVP_MD_CTX_set_flags(&ctx_tmp, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
+ mac_key = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL, sec, sec_len);
+ if (!mac_key)
+ goto err;
+ if (!EVP_DigestSignInit(&ctx, NULL, md, NULL, mac_key))
+ goto err;
+ if (!EVP_DigestSignInit(&ctx_tmp, NULL, md, NULL, mac_key))
+ goto err;
+ if (seed1 && !EVP_DigestSignUpdate(&ctx, seed1, seed1_len))
+ goto err;
+ if (seed2 && !EVP_DigestSignUpdate(&ctx, seed2, seed2_len))
+ goto err;
+ if (seed3 && !EVP_DigestSignUpdate(&ctx, seed3, seed3_len))
+ goto err;
+ if (seed4 && !EVP_DigestSignUpdate(&ctx, seed4, seed4_len))
+ goto err;
+ if (seed5 && !EVP_DigestSignUpdate(&ctx, seed5, seed5_len))
+ goto err;
+ if (!EVP_DigestSignFinal(&ctx, A1, &A1_len))
+ goto err;
for (;;) {
- HMAC_Init_ex(&ctx, NULL, 0, NULL, NULL); /* re-init */
- HMAC_Init_ex(&ctx_tmp, NULL, 0, NULL, NULL); /* re-init */
- HMAC_Update(&ctx, A1, A1_len);
- HMAC_Update(&ctx_tmp, A1, A1_len);
- HMAC_Update(&ctx, seed, seed_len);
+ /* Reinit mac contexts */
+ if (!EVP_DigestSignInit(&ctx, NULL, md, NULL, mac_key))
+ goto err;
+ if (!EVP_DigestSignInit(&ctx_tmp, NULL, md, NULL, mac_key))
+ goto err;
+ if (!EVP_DigestSignUpdate(&ctx, A1, A1_len))
+ goto err;
+ if (!EVP_DigestSignUpdate(&ctx_tmp, A1, A1_len))
+ goto err;
+ if (seed1 && !EVP_DigestSignUpdate(&ctx, seed1, seed1_len))
+ goto err;
+ if (seed2 && !EVP_DigestSignUpdate(&ctx, seed2, seed2_len))
+ goto err;
+ if (seed3 && !EVP_DigestSignUpdate(&ctx, seed3, seed3_len))
+ goto err;
+ if (seed4 && !EVP_DigestSignUpdate(&ctx, seed4, seed4_len))
+ goto err;
+ if (seed5 && !EVP_DigestSignUpdate(&ctx, seed5, seed5_len))
+ goto err;
if (olen > chunk) {
- HMAC_Final(&ctx, out, &j);
+ if (!EVP_DigestSignFinal(&ctx, out, &j))
+ goto err;
out += j;
olen -= j;
/* calc the next A1 value */
- HMAC_Final(&ctx_tmp, A1, &A1_len);
+ if (!EVP_DigestSignFinal(&ctx_tmp, A1, &A1_len))
+ goto err;
} else { /* last one */
- HMAC_Final(&ctx, A1, &A1_len);
+ if (!EVP_DigestSignFinal(&ctx, A1, &A1_len))
+ goto err;
memcpy(out, A1, olen);
break;
}
}
- HMAC_CTX_cleanup(&ctx);
- HMAC_CTX_cleanup(&ctx_tmp);
+ ret = 1;
+ err:
+ EVP_PKEY_free(mac_key);
+ EVP_MD_CTX_cleanup(&ctx);
+ EVP_MD_CTX_cleanup(&ctx_tmp);
OPENSSL_cleanse(A1, sizeof(A1));
+ return ret;
}
-static void tls1_PRF(const EVP_MD *md5, const EVP_MD *sha1,
- unsigned char *label, int label_len,
- const unsigned char *sec, int slen, unsigned char *out1,
- unsigned char *out2, int olen)
+/* seed1 through seed5 are virtually concatenated */
+static int tls1_PRF(long digest_mask,
+ const void *seed1, int seed1_len,
+ const void *seed2, int seed2_len,
+ const void *seed3, int seed3_len,
+ const void *seed4, int seed4_len,
+ const void *seed5, int seed5_len,
+ const unsigned char *sec, int slen,
+ unsigned char *out1, unsigned char *out2, int olen)
{
- int len, i;
- const unsigned char *S1, *S2;
+ int len, i, idx, count;
+ const unsigned char *S1;
+ long m;
+ const EVP_MD *md;
+ int ret = 0;
- len = slen / 2;
+ /* Count number of digests and partition sec evenly */
+ count = 0;
+ for (idx = 0; ssl_get_handshake_digest(idx, &m, &md); idx++) {
+ if ((m << TLS1_PRF_DGST_SHIFT) & digest_mask)
+ count++;
+ }
+ if (!count) {
+ /* Should never happen */
+ SSLerr(SSL_F_TLS1_PRF, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+ len = slen / count;
+ if (count == 1)
+ slen = 0;
S1 = sec;
- S2 = &(sec[len]);
- len += (slen & 1); /* add for odd, make longer */
-
- tls1_P_hash(md5, S1, len, label, label_len, out1, olen);
- tls1_P_hash(sha1, S2, len, label, label_len, out2, olen);
-
- for (i = 0; i < olen; i++)
- out1[i] ^= out2[i];
+ memset(out1, 0, olen);
+ for (idx = 0; ssl_get_handshake_digest(idx, &m, &md); idx++) {
+ if ((m << TLS1_PRF_DGST_SHIFT) & digest_mask) {
+ if (!md) {
+ SSLerr(SSL_F_TLS1_PRF, SSL_R_UNSUPPORTED_DIGEST_TYPE);
+ goto err;
+ }
+ if (!tls1_P_hash(md, S1, len + (slen & 1),
+ seed1, seed1_len, seed2, seed2_len, seed3,
+ seed3_len, seed4, seed4_len, seed5, seed5_len,
+ out2, olen))
+ goto err;
+ S1 += len;
+ for (i = 0; i < olen; i++) {
+ out1[i] ^= out2[i];
+ }
+ }
+ }
+ ret = 1;
+ err:
+ return ret;
}
-static void tls1_generate_key_block(SSL *s, unsigned char *km,
- unsigned char *tmp, int num)
+static int tls1_generate_key_block(SSL *s, unsigned char *km,
+ unsigned char *tmp, int num)
{
- unsigned char *p;
- unsigned char buf[SSL3_RANDOM_SIZE * 2 + TLS_MD_MAX_CONST_SIZE];
- p = buf;
-
- memcpy(p, TLS_MD_KEY_EXPANSION_CONST, TLS_MD_KEY_EXPANSION_CONST_SIZE);
- p += TLS_MD_KEY_EXPANSION_CONST_SIZE;
- memcpy(p, s->s3->server_random, SSL3_RANDOM_SIZE);
- p += SSL3_RANDOM_SIZE;
- memcpy(p, s->s3->client_random, SSL3_RANDOM_SIZE);
- p += SSL3_RANDOM_SIZE;
-
- tls1_PRF(s->ctx->md5, s->ctx->sha1, buf, (int)(p - buf),
- s->session->master_key, s->session->master_key_length,
- km, tmp, num);
+ int ret;
+ ret = tls1_PRF(ssl_get_algorithm2(s),
+ TLS_MD_KEY_EXPANSION_CONST,
+ TLS_MD_KEY_EXPANSION_CONST_SIZE, s->s3->server_random,
+ SSL3_RANDOM_SIZE, s->s3->client_random, SSL3_RANDOM_SIZE,
+ NULL, 0, NULL, 0, s->session->master_key,
+ s->session->master_key_length, km, tmp, num);
#ifdef KSSL_DEBUG
- printf("tls1_generate_key_block() ==> %d byte master_key =\n\t",
- s->session->master_key_length);
+ fprintf(stderr, "tls1_generate_key_block() ==> %d byte master_key =\n\t",
+ s->session->master_key_length);
{
int i;
for (i = 0; i < s->session->master_key_length; i++) {
- printf("%02X", s->session->master_key[i]);
+ fprintf(stderr, "%02X", s->session->master_key[i]);
}
- printf("\n");
+ fprintf(stderr, "\n");
}
#endif /* KSSL_DEBUG */
+ return ret;
}
int tls1_change_cipher_state(SSL *s, int which)
@@ -222,8 +321,7 @@
{
static const unsigned char empty[] = "";
unsigned char *p, *mac_secret;
- unsigned char *exp_label, buf[TLS_MD_MAX_CONST_SIZE +
- SSL3_RANDOM_SIZE * 2];
+ unsigned char *exp_label;
unsigned char tmp1[EVP_MAX_KEY_LENGTH];
unsigned char tmp2[EVP_MAX_KEY_LENGTH];
unsigned char iv1[EVP_MAX_IV_LENGTH * 2];
@@ -236,6 +334,10 @@
const SSL_COMP *comp;
#endif
const EVP_MD *m;
+ int mac_type;
+ int *mac_secret_size;
+ EVP_MD_CTX *mac_ctx;
+ EVP_PKEY *mac_key;
int is_export, n, i, j, k, exp_label_len, cl;
int reuse_dd = 0;
@@ -242,29 +344,35 @@
is_export = SSL_C_IS_EXPORT(s->s3->tmp.new_cipher);
c = s->s3->tmp.new_sym_enc;
m = s->s3->tmp.new_hash;
+ mac_type = s->s3->tmp.new_mac_pkey_type;
#ifndef OPENSSL_NO_COMP
comp = s->s3->tmp.new_compression;
#endif
#ifdef KSSL_DEBUG
- key_block = s->s3->tmp.key_block;
-
- printf("tls1_change_cipher_state(which= %d) w/\n", which);
- printf("\talg= %ld, comp= %p\n", s->s3->tmp.new_cipher->algorithms,
- (void *)comp);
- printf("\tevp_cipher == %p ==? &d_cbc_ede_cipher3\n", (void *)c);
- printf("\tevp_cipher: nid, blksz= %d, %d, keylen=%d, ivlen=%d\n",
- c->nid, c->block_size, c->key_len, c->iv_len);
- printf("\tkey_block: len= %d, data= ", s->s3->tmp.key_block_length);
+ fprintf(stderr, "tls1_change_cipher_state(which= %d) w/\n", which);
+ fprintf(stderr, "\talg= %ld/%ld, comp= %p\n",
+ s->s3->tmp.new_cipher->algorithm_mkey,
+ s->s3->tmp.new_cipher->algorithm_auth, comp);
+ fprintf(stderr, "\tevp_cipher == %p ==? &d_cbc_ede_cipher3\n", c);
+ fprintf(stderr, "\tevp_cipher: nid, blksz= %d, %d, keylen=%d, ivlen=%d\n",
+ c->nid, c->block_size, c->key_len, c->iv_len);
+ fprintf(stderr, "\tkey_block: len= %d, data= ",
+ s->s3->tmp.key_block_length);
{
- int ki;
- for (ki = 0; ki < s->s3->tmp.key_block_length; ki++)
- printf("%02x", s->s3->tmp.key_block[ki]);
- printf("\n");
+ int i;
+ for (i = 0; i < s->s3->tmp.key_block_length; i++)
+ fprintf(stderr, "%02x", s->s3->tmp.key_block[i]);
+ fprintf(stderr, "\n");
}
#endif /* KSSL_DEBUG */
if (which & SSL3_CC_READ) {
+ if (s->s3->tmp.new_cipher->algorithm2 & TLS1_STREAM_MAC)
+ s->mac_flags |= SSL_MAC_FLAG_READ_MAC_STREAM;
+ else
+ s->mac_flags &= ~SSL_MAC_FLAG_READ_MAC_STREAM;
+
if (s->enc_read_ctx != NULL)
reuse_dd = 1;
else if ((s->enc_read_ctx =
@@ -276,7 +384,7 @@
*/
EVP_CIPHER_CTX_init(s->enc_read_ctx);
dd = s->enc_read_ctx;
- s->read_hash = m;
+ mac_ctx = ssl_replace_hash(&s->read_hash, NULL);
#ifndef OPENSSL_NO_COMP
if (s->expand != NULL) {
COMP_CTX_free(s->expand);
@@ -302,19 +410,24 @@
if (s->version != DTLS1_VERSION)
memset(&(s->s3->read_sequence[0]), 0, 8);
mac_secret = &(s->s3->read_mac_secret[0]);
+ mac_secret_size = &(s->s3->read_mac_secret_size);
} else {
- if (s->enc_write_ctx != NULL)
+ if (s->s3->tmp.new_cipher->algorithm2 & TLS1_STREAM_MAC)
+ s->mac_flags |= SSL_MAC_FLAG_WRITE_MAC_STREAM;
+ else
+ s->mac_flags &= ~SSL_MAC_FLAG_WRITE_MAC_STREAM;
+ if (s->enc_write_ctx != NULL && !SSL_IS_DTLS(s))
reuse_dd = 1;
- else if ((s->enc_write_ctx =
- OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL)
+ else if ((s->enc_write_ctx = EVP_CIPHER_CTX_new()) == NULL)
goto err;
- else
- /*
- * make sure it's intialized in case we exit later with an error
- */
- EVP_CIPHER_CTX_init(s->enc_write_ctx);
dd = s->enc_write_ctx;
- s->write_hash = m;
+ if (SSL_IS_DTLS(s)) {
+ mac_ctx = EVP_MD_CTX_create();
+ if (!mac_ctx)
+ goto err;
+ s->write_hash = mac_ctx;
+ } else
+ mac_ctx = ssl_replace_hash(&s->write_hash, NULL);
#ifndef OPENSSL_NO_COMP
if (s->compress != NULL) {
COMP_CTX_free(s->compress);
@@ -335,6 +448,7 @@
if (s->version != DTLS1_VERSION)
memset(&(s->s3->write_sequence[0]), 0, 8);
mac_secret = &(s->s3->write_mac_secret[0]);
+ mac_secret_size = &(s->s3->write_mac_secret_size);
}
if (reuse_dd)
@@ -341,12 +455,17 @@
EVP_CIPHER_CTX_cleanup(dd);
p = s->s3->tmp.key_block;
- i = EVP_MD_size(m);
+ i = *mac_secret_size = s->s3->tmp.new_mac_secret_size;
+
cl = EVP_CIPHER_key_length(c);
j = is_export ? (cl < SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher) ?
cl : SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher)) : cl;
/* Was j=(exp)?5:EVP_CIPHER_key_length(c); */
- k = EVP_CIPHER_iv_length(c);
+ /* If GCM mode only part of IV comes from PRF */
+ if (EVP_CIPHER_mode(c) == EVP_CIPH_GCM_MODE)
+ k = EVP_GCM_TLS_FIXED_IV_LEN;
+ else
+ k = EVP_CIPHER_iv_length(c);
if ((which == SSL3_CHANGE_CIPHER_CLIENT_WRITE) ||
(which == SSL3_CHANGE_CIPHER_SERVER_READ)) {
ms = &(p[0]);
@@ -377,6 +496,13 @@
}
memcpy(mac_secret, ms, i);
+
+ if (!(EVP_CIPHER_flags(c) & EVP_CIPH_FLAG_AEAD_CIPHER)) {
+ mac_key = EVP_PKEY_new_mac_key(mac_type, NULL,
+ mac_secret, *mac_secret_size);
+ EVP_DigestSignInit(mac_ctx, NULL, m, NULL, mac_key);
+ EVP_PKEY_free(mac_key);
+ }
#ifdef TLS_DEBUG
printf("which = %04X\nmac key=", which);
{
@@ -390,27 +516,22 @@
* In here I set both the read and write key/iv to the same value
* since only the correct one will be used :-).
*/
- p = buf;
- memcpy(p, exp_label, exp_label_len);
- p += exp_label_len;
- memcpy(p, s->s3->client_random, SSL3_RANDOM_SIZE);
- p += SSL3_RANDOM_SIZE;
- memcpy(p, s->s3->server_random, SSL3_RANDOM_SIZE);
- p += SSL3_RANDOM_SIZE;
- tls1_PRF(s->ctx->md5, s->ctx->sha1, buf, (int)(p - buf), key, j,
- tmp1, tmp2, EVP_CIPHER_key_length(c));
+ if (!tls1_PRF(ssl_get_algorithm2(s),
+ exp_label, exp_label_len,
+ s->s3->client_random, SSL3_RANDOM_SIZE,
+ s->s3->server_random, SSL3_RANDOM_SIZE,
+ NULL, 0, NULL, 0,
+ key, j, tmp1, tmp2, EVP_CIPHER_key_length(c)))
+ goto err2;
key = tmp1;
if (k > 0) {
- p = buf;
- memcpy(p, TLS_MD_IV_BLOCK_CONST, TLS_MD_IV_BLOCK_CONST_SIZE);
- p += TLS_MD_IV_BLOCK_CONST_SIZE;
- memcpy(p, s->s3->client_random, SSL3_RANDOM_SIZE);
- p += SSL3_RANDOM_SIZE;
- memcpy(p, s->s3->server_random, SSL3_RANDOM_SIZE);
- p += SSL3_RANDOM_SIZE;
- tls1_PRF(s->ctx->md5, s->ctx->sha1, buf, p - buf, empty, 0,
- iv1, iv2, k * 2);
+ if (!tls1_PRF(ssl_get_algorithm2(s),
+ TLS_MD_IV_BLOCK_CONST, TLS_MD_IV_BLOCK_CONST_SIZE,
+ s->s3->client_random, SSL3_RANDOM_SIZE,
+ s->s3->server_random, SSL3_RANDOM_SIZE,
+ NULL, 0, NULL, 0, empty, 0, iv1, iv2, k * 2))
+ goto err2;
if (client_write)
iv = iv1;
else
@@ -421,20 +542,39 @@
s->session->key_arg_length = 0;
#ifdef KSSL_DEBUG
{
- int ki;
- printf("EVP_CipherInit_ex(dd,c,key=,iv=,which)\n");
- printf("\tkey= ");
- for (ki = 0; ki < c->key_len; ki++)
- printf("%02x", key[ki]);
- printf("\n");
- printf("\t iv= ");
- for (ki = 0; ki < c->iv_len; ki++)
- printf("%02x", iv[ki]);
- printf("\n");
+ int i;
+ fprintf(stderr, "EVP_CipherInit_ex(dd,c,key=,iv=,which)\n");
+ fprintf(stderr, "\tkey= ");
+ for (i = 0; i < c->key_len; i++)
+ fprintf(stderr, "%02x", key[i]);
+ fprintf(stderr, "\n");
+ fprintf(stderr, "\t iv= ");
+ for (i = 0; i < c->iv_len; i++)
+ fprintf(stderr, "%02x", iv[i]);
+ fprintf(stderr, "\n");
}
#endif /* KSSL_DEBUG */
- EVP_CipherInit_ex(dd, c, NULL, key, iv, (which & SSL3_CC_WRITE));
+ if (EVP_CIPHER_mode(c) == EVP_CIPH_GCM_MODE) {
+ if (!EVP_CipherInit_ex(dd, c, NULL, key, NULL, (which & SSL3_CC_WRITE))
+ || !EVP_CIPHER_CTX_ctrl(dd, EVP_CTRL_GCM_SET_IV_FIXED, k, iv)) {
+ SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR);
+ goto err2;
+ }
+ } else {
+ if (!EVP_CipherInit_ex(dd, c, NULL, key, iv, (which & SSL3_CC_WRITE))) {
+ SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR);
+ goto err2;
+ }
+ }
+ /* Needed for "composite" AEADs, such as RC4-HMAC-MD5 */
+ if ((EVP_CIPHER_flags(c) & EVP_CIPH_FLAG_AEAD_CIPHER) && *mac_secret_size
+ && !EVP_CIPHER_CTX_ctrl(dd, EVP_CTRL_AEAD_SET_MAC_KEY,
+ *mac_secret_size, mac_secret)) {
+ SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR);
+ goto err2;
+ }
+
#ifdef TLS_DEBUG
printf("which = %04X\nkey=", which);
{
@@ -464,20 +604,23 @@
int tls1_setup_key_block(SSL *s)
{
- unsigned char *p1, *p2;
+ unsigned char *p1, *p2 = NULL;
const EVP_CIPHER *c;
const EVP_MD *hash;
int num;
SSL_COMP *comp;
+ int mac_type = NID_undef, mac_secret_size = 0;
+ int ret = 0;
#ifdef KSSL_DEBUG
- printf("tls1_setup_key_block()\n");
+ fprintf(stderr, "tls1_setup_key_block()\n");
#endif /* KSSL_DEBUG */
if (s->s3->tmp.key_block_length != 0)
return (1);
- if (!ssl_cipher_get_evp(s->session, &c, &hash, &comp)) {
+ if (!ssl_cipher_get_evp
+ (s->session, &c, &hash, &mac_type, &mac_secret_size, &comp)) {
SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK, SSL_R_CIPHER_OR_HASH_UNAVAILABLE);
return (0);
}
@@ -484,22 +627,27 @@
s->s3->tmp.new_sym_enc = c;
s->s3->tmp.new_hash = hash;
-
+ s->s3->tmp.new_mac_pkey_type = mac_type;
+ s->s3->tmp.new_mac_secret_size = mac_secret_size;
num =
- EVP_CIPHER_key_length(c) + EVP_MD_size(hash) +
- EVP_CIPHER_iv_length(c);
+ EVP_CIPHER_key_length(c) + mac_secret_size + EVP_CIPHER_iv_length(c);
num *= 2;
ssl3_cleanup_key_block(s);
- if ((p1 = (unsigned char *)OPENSSL_malloc(num)) == NULL)
+ if ((p1 = (unsigned char *)OPENSSL_malloc(num)) == NULL) {
+ SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK, ERR_R_MALLOC_FAILURE);
goto err;
- if ((p2 = (unsigned char *)OPENSSL_malloc(num)) == NULL)
- goto err;
+ }
s->s3->tmp.key_block_length = num;
s->s3->tmp.key_block = p1;
+ if ((p2 = (unsigned char *)OPENSSL_malloc(num)) == NULL) {
+ SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK, ERR_R_MALLOC_FAILURE);
+ OPENSSL_free(p1);
+ goto err;
+ }
#ifdef TLS_DEBUG
printf("client random\n");
{
@@ -523,9 +671,8 @@
((z + 1) % 16) ? ' ' : '\n');
}
#endif
- tls1_generate_key_block(s, p1, p2, num);
- OPENSSL_cleanse(p2, num);
- OPENSSL_free(p2);
+ if (!tls1_generate_key_block(s, p1, p2, num))
+ goto err;
#ifdef TLS_DEBUG
printf("\nkey block\n");
{
@@ -535,7 +682,8 @@
}
#endif
- if (!(s->options & SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS)) {
+ if (!(s->options & SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS)
+ && s->method->version <= TLS1_VERSION) {
/*
* enable vulnerability countermeasure for CBC ciphers with known-IV
* problem (http://www.openssl.org/~bodo/tls-cbc.txt)
@@ -543,20 +691,23 @@
s->s3->need_empty_fragments = 1;
if (s->session->cipher != NULL) {
- if ((s->session->cipher->algorithms & SSL_ENC_MASK) == SSL_eNULL)
+ if (s->session->cipher->algorithm_enc == SSL_eNULL)
s->s3->need_empty_fragments = 0;
#ifndef OPENSSL_NO_RC4
- if ((s->session->cipher->algorithms & SSL_ENC_MASK) == SSL_RC4)
+ if (s->session->cipher->algorithm_enc == SSL_RC4)
s->s3->need_empty_fragments = 0;
#endif
}
}
- return (1);
+ ret = 1;
err:
- SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK, ERR_R_MALLOC_FAILURE);
- return (0);
+ if (p2) {
+ OPENSSL_cleanse(p2, num);
+ OPENSSL_free(p2);
+ }
+ return (ret);
}
/*-
@@ -578,13 +729,41 @@
const EVP_CIPHER *enc;
if (send) {
+ if (EVP_MD_CTX_md(s->write_hash)) {
+ int n = EVP_MD_CTX_size(s->write_hash);
+ OPENSSL_assert(n >= 0);
+ }
ds = s->enc_write_ctx;
rec = &(s->s3->wrec);
if (s->enc_write_ctx == NULL)
enc = NULL;
- else
+ else {
+ int ivlen;
enc = EVP_CIPHER_CTX_cipher(s->enc_write_ctx);
+ /* For TLSv1.1 and later explicit IV */
+ if (s->version >= TLS1_1_VERSION
+ && EVP_CIPHER_mode(enc) == EVP_CIPH_CBC_MODE)
+ ivlen = EVP_CIPHER_iv_length(enc);
+ else
+ ivlen = 0;
+ if (ivlen > 1) {
+ if (rec->data != rec->input)
+ /*
+ * we can't write into the input stream: Can this ever
+ * happen?? (steve)
+ */
+ fprintf(stderr,
+ "%s:%d: rec->data != rec->input\n",
+ __FILE__, __LINE__);
+ else if (RAND_bytes(rec->input, ivlen) <= 0)
+ return -1;
+ }
+ }
} else {
+ if (EVP_MD_CTX_md(s->read_hash)) {
+ int n = EVP_MD_CTX_size(s->read_hash);
+ OPENSSL_assert(n >= 0);
+ }
ds = s->enc_read_ctx;
rec = &(s->s3->rrec);
if (s->enc_read_ctx == NULL)
@@ -594,7 +773,7 @@
}
#ifdef KSSL_DEBUG
- printf("tls1_enc(%d)\n", send);
+ fprintf(stderr, "tls1_enc(%d)\n", send);
#endif /* KSSL_DEBUG */
if ((s->session == NULL) || (ds == NULL) || (enc == NULL)) {
@@ -605,7 +784,40 @@
l = rec->length;
bs = EVP_CIPHER_block_size(ds->cipher);
- if ((bs != 1) && send) {
+ if (EVP_CIPHER_flags(ds->cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) {
+ unsigned char buf[EVP_AEAD_TLS1_AAD_LEN], *seq;
+
+ seq = send ? s->s3->write_sequence : s->s3->read_sequence;
+
+ if (s->version == DTLS1_VERSION || s->version == DTLS1_BAD_VER) {
+ unsigned char dtlsseq[9], *p = dtlsseq;
+
+ s2n(send ? s->d1->w_epoch : s->d1->r_epoch, p);
+ memcpy(p, &seq[2], 6);
+ memcpy(buf, dtlsseq, 8);
+ } else {
+ memcpy(buf, seq, 8);
+ for (i = 7; i >= 0; i--) { /* increment */
+ ++seq[i];
+ if (seq[i] != 0)
+ break;
+ }
+ }
+
+ buf[8] = rec->type;
+ buf[9] = (unsigned char)(s->version >> 8);
+ buf[10] = (unsigned char)(s->version);
+ buf[11] = rec->length >> 8;
+ buf[12] = rec->length & 0xff;
+ pad = EVP_CIPHER_CTX_ctrl(ds, EVP_CTRL_AEAD_TLS1_AAD,
+ EVP_AEAD_TLS1_AAD_LEN, buf);
+ if (pad <= 0)
+ return -1;
+ if (send) {
+ l += pad;
+ rec->length += pad;
+ }
+ } else if ((bs != 1) && send) {
i = bs - ((int)l % bs);
/* Add weird padding of upto 256 bytes */
@@ -624,20 +836,21 @@
#ifdef KSSL_DEBUG
{
unsigned long ui;
- printf("EVP_Cipher(ds=%p,rec->data=%p,rec->input=%p,l=%ld) ==>\n",
- ds, rec->data, rec->input, l);
- printf
- ("\tEVP_CIPHER_CTX: %d buf_len, %d key_len [%d %d], %d iv_len\n",
- ds->buf_len, ds->cipher->key_len, DES_KEY_SZ,
- DES_SCHEDULE_SZ, ds->cipher->iv_len);
- printf("\t\tIV: ");
+ fprintf(stderr,
+ "EVP_Cipher(ds=%p,rec->data=%p,rec->input=%p,l=%ld) ==>\n",
+ ds, rec->data, rec->input, l);
+ fprintf(stderr,
+ "\tEVP_CIPHER_CTX: %d buf_len, %d key_len [%lu %lu], %d iv_len\n",
+ ds->buf_len, ds->cipher->key_len, DES_KEY_SZ,
+ DES_SCHEDULE_SZ, ds->cipher->iv_len);
+ fprintf(stderr, "\t\tIV: ");
for (i = 0; i < ds->cipher->iv_len; i++)
- printf("%02X", ds->iv[i]);
- printf("\n");
- printf("\trec->input=");
+ fprintf(stderr, "%02X", ds->iv[i]);
+ fprintf(stderr, "\n");
+ fprintf(stderr, "\trec->input=");
for (ui = 0; ui < l; ui++)
- printf(" %02x", rec->input[ui]);
- printf("\n");
+ fprintf(stderr, " %02x", rec->input[ui]);
+ fprintf(stderr, "\n");
}
#endif /* KSSL_DEBUG */
@@ -646,21 +859,29 @@
return 0;
}
- EVP_Cipher(ds, rec->data, rec->input, l);
-
+ i = EVP_Cipher(ds, rec->data, rec->input, l);
+ if ((EVP_CIPHER_flags(ds->cipher) & EVP_CIPH_FLAG_CUSTOM_CIPHER)
+ ? (i < 0)
+ : (i == 0))
+ return -1; /* AEAD can fail to verify MAC */
+ if (EVP_CIPHER_mode(enc) == EVP_CIPH_GCM_MODE && !send) {
+ rec->data += EVP_GCM_TLS_EXPLICIT_IV_LEN;
+ rec->input += EVP_GCM_TLS_EXPLICIT_IV_LEN;
+ rec->length -= EVP_GCM_TLS_EXPLICIT_IV_LEN;
+ }
#ifdef KSSL_DEBUG
{
- unsigned long ki;
- printf("\trec->data=");
- for (ki = 0; ki < l; i++)
- printf(" %02x", rec->data[ki]);
- printf("\n");
+ unsigned long i;
+ fprintf(stderr, "\trec->data=");
+ for (i = 0; i < l; i++)
+ fprintf(stderr, " %02x", rec->data[i]);
+ fprintf(stderr, "\n");
}
#endif /* KSSL_DEBUG */
ret = 1;
- if (s->read_hash != NULL)
- mac_size = EVP_MD_size(s->read_hash);
+ if (EVP_MD_CTX_md(s->read_hash) != NULL)
+ mac_size = EVP_MD_CTX_size(s->read_hash);
if ((bs != 1) && !send)
ret = tls1_cbc_remove_padding(s, rec, bs, mac_size);
if (pad && !send)
@@ -669,81 +890,129 @@
return ret;
}
-int tls1_cert_verify_mac(SSL *s, EVP_MD_CTX *in_ctx, unsigned char *out)
+int tls1_cert_verify_mac(SSL *s, int md_nid, unsigned char *out)
{
unsigned int ret;
- EVP_MD_CTX ctx;
+ EVP_MD_CTX ctx, *d = NULL;
+ int i;
+ if (s->s3->handshake_buffer)
+ if (!ssl3_digest_cached_records(s))
+ return 0;
+
+ for (i = 0; i < SSL_MAX_DIGEST; i++) {
+ if (s->s3->handshake_dgst[i]
+ && EVP_MD_CTX_type(s->s3->handshake_dgst[i]) == md_nid) {
+ d = s->s3->handshake_dgst[i];
+ break;
+ }
+ }
+ if (!d) {
+ SSLerr(SSL_F_TLS1_CERT_VERIFY_MAC, SSL_R_NO_REQUIRED_DIGEST);
+ return 0;
+ }
+
EVP_MD_CTX_init(&ctx);
- EVP_MD_CTX_copy_ex(&ctx, in_ctx);
+ EVP_MD_CTX_copy_ex(&ctx, d);
EVP_DigestFinal_ex(&ctx, out, &ret);
EVP_MD_CTX_cleanup(&ctx);
return ((int)ret);
}
-int tls1_final_finish_mac(SSL *s, EVP_MD_CTX *in1_ctx, EVP_MD_CTX *in2_ctx,
+int tls1_final_finish_mac(SSL *s,
const char *str, int slen, unsigned char *out)
{
unsigned int i;
EVP_MD_CTX ctx;
- unsigned char buf[TLS_MD_MAX_CONST_SIZE + MD5_DIGEST_LENGTH +
- SHA_DIGEST_LENGTH];
+ unsigned char buf[2 * EVP_MAX_MD_SIZE];
unsigned char *q, buf2[12];
+ int idx;
+ long mask;
+ int err = 0;
+ const EVP_MD *md;
q = buf;
- memcpy(q, str, slen);
- q += slen;
+ if (s->s3->handshake_buffer)
+ if (!ssl3_digest_cached_records(s))
+ return 0;
+
EVP_MD_CTX_init(&ctx);
- EVP_MD_CTX_copy_ex(&ctx, in1_ctx);
- EVP_DigestFinal_ex(&ctx, q, &i);
- q += i;
- EVP_MD_CTX_copy_ex(&ctx, in2_ctx);
- EVP_DigestFinal_ex(&ctx, q, &i);
- q += i;
- tls1_PRF(s->ctx->md5, s->ctx->sha1, buf, (int)(q - buf),
- s->session->master_key, s->session->master_key_length,
- out, buf2, sizeof buf2);
+ for (idx = 0; ssl_get_handshake_digest(idx, &mask, &md); idx++) {
+ if (mask & ssl_get_algorithm2(s)) {
+ int hashsize = EVP_MD_size(md);
+ EVP_MD_CTX *hdgst = s->s3->handshake_dgst[idx];
+ if (!hdgst || hashsize < 0
+ || hashsize > (int)(sizeof buf - (size_t)(q - buf))) {
+ /*
+ * internal error: 'buf' is too small for this cipersuite!
+ */
+ err = 1;
+ } else {
+ if (!EVP_MD_CTX_copy_ex(&ctx, hdgst) ||
+ !EVP_DigestFinal_ex(&ctx, q, &i) ||
+ (i != (unsigned int)hashsize))
+ err = 1;
+ q += hashsize;
+ }
+ }
+ }
+
+ if (!tls1_PRF(ssl_get_algorithm2(s),
+ str, slen, buf, (int)(q - buf), NULL, 0, NULL, 0, NULL, 0,
+ s->session->master_key, s->session->master_key_length,
+ out, buf2, sizeof buf2))
+ err = 1;
EVP_MD_CTX_cleanup(&ctx);
OPENSSL_cleanse(buf, (int)(q - buf));
OPENSSL_cleanse(buf2, sizeof(buf2));
- return sizeof buf2;
+ if (err)
+ return 0;
+ else
+ return sizeof buf2;
}
int tls1_mac(SSL *ssl, unsigned char *md, int send)
{
SSL3_RECORD *rec;
- unsigned char *mac_sec, *seq;
- const EVP_MD *hash;
+ unsigned char *seq;
+ EVP_MD_CTX *hash;
size_t md_size, orig_len;
int i;
- HMAC_CTX hmac;
+ EVP_MD_CTX hmac, *mac_ctx;
unsigned char header[13];
+ int stream_mac = (send ? (ssl->mac_flags & SSL_MAC_FLAG_WRITE_MAC_STREAM)
+ : (ssl->mac_flags & SSL_MAC_FLAG_READ_MAC_STREAM));
+ int t;
if (send) {
rec = &(ssl->s3->wrec);
- mac_sec = &(ssl->s3->write_mac_secret[0]);
seq = &(ssl->s3->write_sequence[0]);
hash = ssl->write_hash;
} else {
rec = &(ssl->s3->rrec);
- mac_sec = &(ssl->s3->read_mac_secret[0]);
seq = &(ssl->s3->read_sequence[0]);
hash = ssl->read_hash;
}
- md_size = EVP_MD_size(hash);
+ t = EVP_MD_CTX_size(hash);
+ OPENSSL_assert(t >= 0);
+ md_size = t;
/* I should fix this up TLS TLS TLS TLS TLS XXXXXXXX */
- HMAC_CTX_init(&hmac);
- HMAC_Init_ex(&hmac, mac_sec, EVP_MD_size(hash), hash, NULL);
+ if (stream_mac) {
+ mac_ctx = hash;
+ } else {
+ if (!EVP_MD_CTX_copy(&hmac, hash))
+ return -1;
+ mac_ctx = &hmac;
+ }
- if (ssl->version == DTLS1_BAD_VER ||
- (ssl->version == DTLS1_VERSION
- && ssl->client_version != DTLS1_BAD_VER)) {
+ if (ssl->version == DTLS1_VERSION || ssl->version == DTLS1_BAD_VER) {
unsigned char dtlsseq[8], *p = dtlsseq;
+
s2n(send ? ssl->d1->w_epoch : ssl->d1->r_epoch, p);
memcpy(p, &seq[2], 6);
@@ -765,7 +1034,7 @@
if (!send &&
EVP_CIPHER_CTX_mode(ssl->enc_read_ctx) == EVP_CIPH_CBC_MODE &&
- ssl3_cbc_record_digest_supported(hash)) {
+ ssl3_cbc_record_digest_supported(mac_ctx)) {
/*
* This is a CBC-encrypted record. We must avoid leaking any
* timing-side channel information about how many blocks of data we
@@ -772,49 +1041,44 @@
* are hashing because that gives an attacker a timing-oracle.
*/
/* Final param == not SSLv3 */
- ssl3_cbc_digest_record(hash,
+ ssl3_cbc_digest_record(mac_ctx,
md, &md_size,
header, rec->input,
rec->length + md_size, orig_len,
ssl->s3->read_mac_secret,
- EVP_MD_size(ssl->read_hash),
- /* not SSLv3 */
- 0);
+ ssl->s3->read_mac_secret_size, 0);
} else {
- unsigned mds;
-
- HMAC_Update(&hmac, header, sizeof(header));
- HMAC_Update(&hmac, rec->input, rec->length);
- HMAC_Final(&hmac, md, &mds);
- md_size = mds;
+ EVP_DigestSignUpdate(mac_ctx, header, sizeof(header));
+ EVP_DigestSignUpdate(mac_ctx, rec->input, rec->length);
+ t = EVP_DigestSignFinal(mac_ctx, md, &md_size);
+ OPENSSL_assert(t > 0);
#ifdef OPENSSL_FIPS
if (!send && FIPS_mode())
tls_fips_digest_extra(ssl->enc_read_ctx,
- hash,
- &hmac, rec->input, rec->length, orig_len);
+ mac_ctx, rec->input, rec->length, orig_len);
#endif
}
- HMAC_CTX_cleanup(&hmac);
+ if (!stream_mac)
+ EVP_MD_CTX_cleanup(&hmac);
#ifdef TLS_DEBUG
- printf("seq=");
+ fprintf(stderr, "seq=");
{
int z;
for (z = 0; z < 8; z++)
- printf("%02X ", seq[z]);
- printf("\n");
+ fprintf(stderr, "%02X ", seq[z]);
+ fprintf(stderr, "\n");
}
- printf("rec=");
+ fprintf(stderr, "rec=");
{
unsigned int z;
for (z = 0; z < rec->length; z++)
- printf("%02X ", rec->data[z]);
- printf("\n");
+ fprintf(stderr, "%02X ", rec->data[z]);
+ fprintf(stderr, "\n");
}
#endif
- if (SSL_version(ssl) != DTLS1_VERSION
- && SSL_version(ssl) != DTLS1_BAD_VER) {
+ if (ssl->version != DTLS1_VERSION && ssl->version != DTLS1_BAD_VER) {
for (i = 7; i >= 0; i--) {
++seq[i];
if (seq[i] != 0)
@@ -825,8 +1089,8 @@
{
unsigned int z;
for (z = 0; z < md_size; z++)
- printf("%02X ", md[z]);
- printf("\n");
+ fprintf(stderr, "%02X ", md[z]);
+ fprintf(stderr, "\n");
}
#endif
return (md_size);
@@ -835,31 +1099,156 @@
int tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p,
int len)
{
- unsigned char buf[SSL3_RANDOM_SIZE * 2 + TLS_MD_MASTER_SECRET_CONST_SIZE];
unsigned char buff[SSL_MAX_MASTER_KEY_LENGTH];
+ const void *co = NULL, *so = NULL;
+ int col = 0, sol = 0;
#ifdef KSSL_DEBUG
- printf("tls1_generate_master_secret(%p,%p, %p, %d)\n", (void *)s, out, p,
- len);
+ fprintf(stderr, "tls1_generate_master_secret(%p,%p, %p, %d)\n", s, out, p,
+ len);
#endif /* KSSL_DEBUG */
- /* Setup the stuff to munge */
- memcpy(buf, TLS_MD_MASTER_SECRET_CONST, TLS_MD_MASTER_SECRET_CONST_SIZE);
- memcpy(&(buf[TLS_MD_MASTER_SECRET_CONST_SIZE]),
- s->s3->client_random, SSL3_RANDOM_SIZE);
- memcpy(&(buf[SSL3_RANDOM_SIZE + TLS_MD_MASTER_SECRET_CONST_SIZE]),
- s->s3->server_random, SSL3_RANDOM_SIZE);
- tls1_PRF(s->ctx->md5, s->ctx->sha1,
- buf, TLS_MD_MASTER_SECRET_CONST_SIZE + SSL3_RANDOM_SIZE * 2, p,
- len, s->session->master_key, buff, sizeof buff);
- OPENSSL_cleanse(buf, sizeof buf);
+#ifdef TLSEXT_TYPE_opaque_prf_input
+ if (s->s3->client_opaque_prf_input != NULL
+ && s->s3->server_opaque_prf_input != NULL
+ && s->s3->client_opaque_prf_input_len > 0
+ && s->s3->client_opaque_prf_input_len ==
+ s->s3->server_opaque_prf_input_len) {
+ co = s->s3->client_opaque_prf_input;
+ col = s->s3->server_opaque_prf_input_len;
+ so = s->s3->server_opaque_prf_input;
+ /*
+ * must be same as col (see
+ * draft-resc-00.txts-opaque-prf-input-00.txt, section 3.1)
+ */
+ sol = s->s3->client_opaque_prf_input_len;
+ }
+#endif
+
+ tls1_PRF(ssl_get_algorithm2(s),
+ TLS_MD_MASTER_SECRET_CONST, TLS_MD_MASTER_SECRET_CONST_SIZE,
+ s->s3->client_random, SSL3_RANDOM_SIZE,
+ co, col,
+ s->s3->server_random, SSL3_RANDOM_SIZE,
+ so, sol, p, len, s->session->master_key, buff, sizeof buff);
OPENSSL_cleanse(buff, sizeof buff);
+#ifdef SSL_DEBUG
+ fprintf(stderr, "Premaster Secret:\n");
+ BIO_dump_fp(stderr, (char *)p, len);
+ fprintf(stderr, "Client Random:\n");
+ BIO_dump_fp(stderr, (char *)s->s3->client_random, SSL3_RANDOM_SIZE);
+ fprintf(stderr, "Server Random:\n");
+ BIO_dump_fp(stderr, (char *)s->s3->server_random, SSL3_RANDOM_SIZE);
+ fprintf(stderr, "Master Secret:\n");
+ BIO_dump_fp(stderr, (char *)s->session->master_key,
+ SSL3_MASTER_SECRET_SIZE);
+#endif
+
#ifdef KSSL_DEBUG
- printf("tls1_generate_master_secret() complete\n");
+ fprintf(stderr, "tls1_generate_master_secret() complete\n");
#endif /* KSSL_DEBUG */
return (SSL3_MASTER_SECRET_SIZE);
}
+int tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen,
+ const char *label, size_t llen,
+ const unsigned char *context,
+ size_t contextlen, int use_context)
+{
+ unsigned char *buff;
+ unsigned char *val = NULL;
+ size_t vallen, currentvalpos;
+ int rv;
+
+#ifdef KSSL_DEBUG
+ fprintf(stderr, "tls1_export_keying_material(%p,%p,%lu,%s,%lu,%p,%lu)\n",
+ s, out, olen, label, llen, context, contextlen);
+#endif /* KSSL_DEBUG */
+
+ buff = OPENSSL_malloc(olen);
+ if (buff == NULL)
+ goto err2;
+
+ /*
+ * construct PRF arguments we construct the PRF argument ourself rather
+ * than passing separate values into the TLS PRF to ensure that the
+ * concatenation of values does not create a prohibited label.
+ */
+ vallen = llen + SSL3_RANDOM_SIZE * 2;
+ if (use_context) {
+ vallen += 2 + contextlen;
+ }
+
+ val = OPENSSL_malloc(vallen);
+ if (val == NULL)
+ goto err2;
+ currentvalpos = 0;
+ memcpy(val + currentvalpos, (unsigned char *)label, llen);
+ currentvalpos += llen;
+ memcpy(val + currentvalpos, s->s3->client_random, SSL3_RANDOM_SIZE);
+ currentvalpos += SSL3_RANDOM_SIZE;
+ memcpy(val + currentvalpos, s->s3->server_random, SSL3_RANDOM_SIZE);
+ currentvalpos += SSL3_RANDOM_SIZE;
+
+ if (use_context) {
+ val[currentvalpos] = (contextlen >> 8) & 0xff;
+ currentvalpos++;
+ val[currentvalpos] = contextlen & 0xff;
+ currentvalpos++;
+ if ((contextlen > 0) || (context != NULL)) {
+ memcpy(val + currentvalpos, context, contextlen);
+ }
+ }
+
+ /*
+ * disallow prohibited labels note that SSL3_RANDOM_SIZE > max(prohibited
+ * label len) = 15, so size of val > max(prohibited label len) = 15 and
+ * the comparisons won't have buffer overflow
+ */
+ if (memcmp(val, TLS_MD_CLIENT_FINISH_CONST,
+ TLS_MD_CLIENT_FINISH_CONST_SIZE) == 0)
+ goto err1;
+ if (memcmp(val, TLS_MD_SERVER_FINISH_CONST,
+ TLS_MD_SERVER_FINISH_CONST_SIZE) == 0)
+ goto err1;
+ if (memcmp(val, TLS_MD_MASTER_SECRET_CONST,
+ TLS_MD_MASTER_SECRET_CONST_SIZE) == 0)
+ goto err1;
+ if (memcmp(val, TLS_MD_KEY_EXPANSION_CONST,
+ TLS_MD_KEY_EXPANSION_CONST_SIZE) == 0)
+ goto err1;
+
+ rv = tls1_PRF(ssl_get_algorithm2(s),
+ val, vallen,
+ NULL, 0,
+ NULL, 0,
+ NULL, 0,
+ NULL, 0,
+ s->session->master_key, s->session->master_key_length,
+ out, buff, olen);
+ OPENSSL_cleanse(val, vallen);
+ OPENSSL_cleanse(buff, olen);
+
+#ifdef KSSL_DEBUG
+ fprintf(stderr, "tls1_export_keying_material() complete\n");
+#endif /* KSSL_DEBUG */
+ goto ret;
+ err1:
+ SSLerr(SSL_F_TLS1_EXPORT_KEYING_MATERIAL,
+ SSL_R_TLS_ILLEGAL_EXPORTER_LABEL);
+ rv = 0;
+ goto ret;
+ err2:
+ SSLerr(SSL_F_TLS1_EXPORT_KEYING_MATERIAL, ERR_R_MALLOC_FAILURE);
+ rv = 0;
+ ret:
+ if (buff != NULL)
+ OPENSSL_free(buff);
+ if (val != NULL)
+ OPENSSL_free(val);
+ return (rv);
+}
+
int tls1_alert_code(int code)
{
switch (code) {
@@ -925,7 +1314,8 @@
return (TLS1_AD_UNKNOWN_PSK_IDENTITY);
case SSL_AD_INAPPROPRIATE_FALLBACK:
return (TLS1_AD_INAPPROPRIATE_FALLBACK);
-#ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
+#if 0
+ /* not appropriate for TLS, not used for DTLS */
case DTLS1_AD_MISSING_HANDSHAKE_MESSAGE:
return (DTLS1_AD_MISSING_HANDSHAKE_MESSAGE);
#endif
Modified: trunk/crypto/openssl/ssl/t1_lib.c
===================================================================
--- trunk/crypto/openssl/ssl/t1_lib.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/ssl/t1_lib.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -55,6 +55,59 @@
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
+/* ====================================================================
+ * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
#include <stdio.h>
#include <openssl/objects.h>
@@ -61,6 +114,7 @@
#include <openssl/evp.h>
#include <openssl/hmac.h>
#include <openssl/ocsp.h>
+#include <openssl/rand.h>
#include "ssl_locl.h"
const char tls1_version_str[] = "TLSv1" OPENSSL_VERSION_PTEXT;
@@ -83,6 +137,7 @@
TLS_MD_CLIENT_FINISH_CONST, TLS_MD_CLIENT_FINISH_CONST_SIZE,
TLS_MD_SERVER_FINISH_CONST, TLS_MD_SERVER_FINISH_CONST_SIZE,
tls1_alert_code,
+ tls1_export_keying_material,
};
long tls1_default_timeout(void)
@@ -94,10 +149,6 @@
return (60 * 60 * 2);
}
-IMPLEMENT_tls1_meth_func(tlsv1_base_method,
- ssl_undefined_function,
- ssl_undefined_function, ssl_bad_method)
-
int tls1_new(SSL *s)
{
if (!ssl3_new(s))
@@ -108,6 +159,11 @@
void tls1_free(SSL *s)
{
+#ifndef OPENSSL_NO_TLSEXT
+ if (s->tlsext_session_ticket) {
+ OPENSSL_free(s->tlsext_session_ticket);
+ }
+#endif /* OPENSSL_NO_TLSEXT */
ssl3_free(s);
}
@@ -114,31 +170,211 @@
void tls1_clear(SSL *s)
{
ssl3_clear(s);
- s->version = TLS1_VERSION;
+ s->version = s->method->version;
}
-#if 0
-long tls1_ctrl(SSL *s, int cmd, long larg, char *parg)
+#ifndef OPENSSL_NO_EC
+
+static int nid_list[] = {
+ NID_sect163k1, /* sect163k1 (1) */
+ NID_sect163r1, /* sect163r1 (2) */
+ NID_sect163r2, /* sect163r2 (3) */
+ NID_sect193r1, /* sect193r1 (4) */
+ NID_sect193r2, /* sect193r2 (5) */
+ NID_sect233k1, /* sect233k1 (6) */
+ NID_sect233r1, /* sect233r1 (7) */
+ NID_sect239k1, /* sect239k1 (8) */
+ NID_sect283k1, /* sect283k1 (9) */
+ NID_sect283r1, /* sect283r1 (10) */
+ NID_sect409k1, /* sect409k1 (11) */
+ NID_sect409r1, /* sect409r1 (12) */
+ NID_sect571k1, /* sect571k1 (13) */
+ NID_sect571r1, /* sect571r1 (14) */
+ NID_secp160k1, /* secp160k1 (15) */
+ NID_secp160r1, /* secp160r1 (16) */
+ NID_secp160r2, /* secp160r2 (17) */
+ NID_secp192k1, /* secp192k1 (18) */
+ NID_X9_62_prime192v1, /* secp192r1 (19) */
+ NID_secp224k1, /* secp224k1 (20) */
+ NID_secp224r1, /* secp224r1 (21) */
+ NID_secp256k1, /* secp256k1 (22) */
+ NID_X9_62_prime256v1, /* secp256r1 (23) */
+ NID_secp384r1, /* secp384r1 (24) */
+ NID_secp521r1 /* secp521r1 (25) */
+};
+
+static int pref_list[] = {
+# ifndef OPENSSL_NO_EC2M
+ NID_sect571r1, /* sect571r1 (14) */
+ NID_sect571k1, /* sect571k1 (13) */
+# endif
+ NID_secp521r1, /* secp521r1 (25) */
+# ifndef OPENSSL_NO_EC2M
+ NID_sect409k1, /* sect409k1 (11) */
+ NID_sect409r1, /* sect409r1 (12) */
+# endif
+ NID_secp384r1, /* secp384r1 (24) */
+# ifndef OPENSSL_NO_EC2M
+ NID_sect283k1, /* sect283k1 (9) */
+ NID_sect283r1, /* sect283r1 (10) */
+# endif
+ NID_secp256k1, /* secp256k1 (22) */
+ NID_X9_62_prime256v1, /* secp256r1 (23) */
+# ifndef OPENSSL_NO_EC2M
+ NID_sect239k1, /* sect239k1 (8) */
+ NID_sect233k1, /* sect233k1 (6) */
+ NID_sect233r1, /* sect233r1 (7) */
+# endif
+ NID_secp224k1, /* secp224k1 (20) */
+ NID_secp224r1, /* secp224r1 (21) */
+# ifndef OPENSSL_NO_EC2M
+ NID_sect193r1, /* sect193r1 (4) */
+ NID_sect193r2, /* sect193r2 (5) */
+# endif
+ NID_secp192k1, /* secp192k1 (18) */
+ NID_X9_62_prime192v1, /* secp192r1 (19) */
+# ifndef OPENSSL_NO_EC2M
+ NID_sect163k1, /* sect163k1 (1) */
+ NID_sect163r1, /* sect163r1 (2) */
+ NID_sect163r2, /* sect163r2 (3) */
+# endif
+ NID_secp160k1, /* secp160k1 (15) */
+ NID_secp160r1, /* secp160r1 (16) */
+ NID_secp160r2, /* secp160r2 (17) */
+};
+
+int tls1_ec_curve_id2nid(int curve_id)
{
- return (0);
+ /* ECC curves from RFC 4492 */
+ if ((curve_id < 1) || ((unsigned int)curve_id >
+ sizeof(nid_list) / sizeof(nid_list[0])))
+ return 0;
+ return nid_list[curve_id - 1];
}
-long tls1_callback_ctrl(SSL *s, int cmd, void *(*fp) ())
+int tls1_ec_nid2curve_id(int nid)
{
- return (0);
+ /* ECC curves from RFC 4492 */
+ switch (nid) {
+ case NID_sect163k1: /* sect163k1 (1) */
+ return 1;
+ case NID_sect163r1: /* sect163r1 (2) */
+ return 2;
+ case NID_sect163r2: /* sect163r2 (3) */
+ return 3;
+ case NID_sect193r1: /* sect193r1 (4) */
+ return 4;
+ case NID_sect193r2: /* sect193r2 (5) */
+ return 5;
+ case NID_sect233k1: /* sect233k1 (6) */
+ return 6;
+ case NID_sect233r1: /* sect233r1 (7) */
+ return 7;
+ case NID_sect239k1: /* sect239k1 (8) */
+ return 8;
+ case NID_sect283k1: /* sect283k1 (9) */
+ return 9;
+ case NID_sect283r1: /* sect283r1 (10) */
+ return 10;
+ case NID_sect409k1: /* sect409k1 (11) */
+ return 11;
+ case NID_sect409r1: /* sect409r1 (12) */
+ return 12;
+ case NID_sect571k1: /* sect571k1 (13) */
+ return 13;
+ case NID_sect571r1: /* sect571r1 (14) */
+ return 14;
+ case NID_secp160k1: /* secp160k1 (15) */
+ return 15;
+ case NID_secp160r1: /* secp160r1 (16) */
+ return 16;
+ case NID_secp160r2: /* secp160r2 (17) */
+ return 17;
+ case NID_secp192k1: /* secp192k1 (18) */
+ return 18;
+ case NID_X9_62_prime192v1: /* secp192r1 (19) */
+ return 19;
+ case NID_secp224k1: /* secp224k1 (20) */
+ return 20;
+ case NID_secp224r1: /* secp224r1 (21) */
+ return 21;
+ case NID_secp256k1: /* secp256k1 (22) */
+ return 22;
+ case NID_X9_62_prime256v1: /* secp256r1 (23) */
+ return 23;
+ case NID_secp384r1: /* secp384r1 (24) */
+ return 24;
+ case NID_secp521r1: /* secp521r1 (25) */
+ return 25;
+ default:
+ return 0;
+ }
}
-#endif
+#endif /* OPENSSL_NO_EC */
#ifndef OPENSSL_NO_TLSEXT
-unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p,
+
+/*
+ * List of supported signature algorithms and hashes. Should make this
+ * customisable at some point, for now include everything we support.
+ */
+
+# ifdef OPENSSL_NO_RSA
+# define tlsext_sigalg_rsa(md) /* */
+# else
+# define tlsext_sigalg_rsa(md) md, TLSEXT_signature_rsa,
+# endif
+
+# ifdef OPENSSL_NO_DSA
+# define tlsext_sigalg_dsa(md) /* */
+# else
+# define tlsext_sigalg_dsa(md) md, TLSEXT_signature_dsa,
+# endif
+
+# ifdef OPENSSL_NO_ECDSA
+# define tlsext_sigalg_ecdsa(md)
+ /* */
+# else
+# define tlsext_sigalg_ecdsa(md) md, TLSEXT_signature_ecdsa,
+# endif
+
+# define tlsext_sigalg(md) \
+ tlsext_sigalg_rsa(md) \
+ tlsext_sigalg_dsa(md) \
+ tlsext_sigalg_ecdsa(md)
+
+static unsigned char tls12_sigalgs[] = {
+# ifndef OPENSSL_NO_SHA512
+ tlsext_sigalg(TLSEXT_hash_sha512)
+ tlsext_sigalg(TLSEXT_hash_sha384)
+# endif
+# ifndef OPENSSL_NO_SHA256
+ tlsext_sigalg(TLSEXT_hash_sha256)
+ tlsext_sigalg(TLSEXT_hash_sha224)
+# endif
+# ifndef OPENSSL_NO_SHA
+ tlsext_sigalg(TLSEXT_hash_sha1)
+# endif
+};
+
+int tls12_get_req_sig_algs(SSL *s, unsigned char *p)
+{
+ size_t slen = sizeof(tls12_sigalgs);
+ if (p)
+ memcpy(p, tls12_sigalgs, slen);
+ return (int)slen;
+}
+
+unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf,
unsigned char *limit)
{
int extdatalen = 0;
- unsigned char *ret = p;
+ unsigned char *orig = buf;
+ unsigned char *ret = buf;
/* don't add extensions for SSLv3 unless doing secure renegotiation */
if (s->client_version == SSL3_VERSION && !s->s3->send_connection_binding)
- return p;
+ return orig;
ret += 2;
@@ -176,11 +412,10 @@
s2n(size_str, ret);
memcpy(ret, s->tlsext_hostname, size_str);
ret += size_str;
-
}
/* Add RI if renegotiating */
- if (s->new_session) {
+ if (s->renegotiate) {
int el;
if (!ssl_add_clienthello_renegotiate_ext(s, 0, &el, 0)) {
@@ -188,7 +423,7 @@
return NULL;
}
- if ((limit - p - 4 - el) < 0)
+ if ((limit - ret - 4 - el) < 0)
return NULL;
s2n(TLSEXT_TYPE_renegotiate, ret);
@@ -201,18 +436,106 @@
ret += el;
}
+# ifndef OPENSSL_NO_SRP
+ /* Add SRP username if there is one */
+ if (s->srp_ctx.login != NULL) { /* Add TLS extension SRP username to the
+ * Client Hello message */
+ int login_len = strlen(s->srp_ctx.login);
+ if (login_len > 255 || login_len == 0) {
+ SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
+ return NULL;
+ }
+
+ /*-
+ * check for enough space.
+ * 4 for the srp type type and entension length
+ * 1 for the srp user identity
+ * + srp user identity length
+ */
+ if ((limit - ret - 5 - login_len) < 0)
+ return NULL;
+
+ /* fill in the extension */
+ s2n(TLSEXT_TYPE_srp, ret);
+ s2n(login_len + 1, ret);
+ (*ret++) = (unsigned char)login_len;
+ memcpy(ret, s->srp_ctx.login, login_len);
+ ret += login_len;
+ }
+# endif
+
+# ifndef OPENSSL_NO_EC
+ if (s->tlsext_ecpointformatlist != NULL) {
+ /*
+ * Add TLS extension ECPointFormats to the ClientHello message
+ */
+ long lenmax;
+
+ if ((lenmax = limit - ret - 5) < 0)
+ return NULL;
+ if (s->tlsext_ecpointformatlist_length > (unsigned long)lenmax)
+ return NULL;
+ if (s->tlsext_ecpointformatlist_length > 255) {
+ SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
+ return NULL;
+ }
+
+ s2n(TLSEXT_TYPE_ec_point_formats, ret);
+ s2n(s->tlsext_ecpointformatlist_length + 1, ret);
+ *(ret++) = (unsigned char)s->tlsext_ecpointformatlist_length;
+ memcpy(ret, s->tlsext_ecpointformatlist,
+ s->tlsext_ecpointformatlist_length);
+ ret += s->tlsext_ecpointformatlist_length;
+ }
+ if (s->tlsext_ellipticcurvelist != NULL) {
+ /*
+ * Add TLS extension EllipticCurves to the ClientHello message
+ */
+ long lenmax;
+
+ if ((lenmax = limit - ret - 6) < 0)
+ return NULL;
+ if (s->tlsext_ellipticcurvelist_length > (unsigned long)lenmax)
+ return NULL;
+ if (s->tlsext_ellipticcurvelist_length > 65532) {
+ SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
+ return NULL;
+ }
+
+ s2n(TLSEXT_TYPE_elliptic_curves, ret);
+ s2n(s->tlsext_ellipticcurvelist_length + 2, ret);
+
+ s2n(s->tlsext_ellipticcurvelist_length, ret);
+ memcpy(ret, s->tlsext_ellipticcurvelist,
+ s->tlsext_ellipticcurvelist_length);
+ ret += s->tlsext_ellipticcurvelist_length;
+ }
+# endif /* OPENSSL_NO_EC */
+
if (!(SSL_get_options(s) & SSL_OP_NO_TICKET)) {
int ticklen;
if (!s->new_session && s->session && s->session->tlsext_tick)
ticklen = s->session->tlsext_ticklen;
- else
+ else if (s->session && s->tlsext_session_ticket &&
+ s->tlsext_session_ticket->data) {
+ ticklen = s->tlsext_session_ticket->length;
+ s->session->tlsext_tick = OPENSSL_malloc(ticklen);
+ if (!s->session->tlsext_tick)
+ return NULL;
+ memcpy(s->session->tlsext_tick,
+ s->tlsext_session_ticket->data, ticklen);
+ s->session->tlsext_ticklen = ticklen;
+ } else
ticklen = 0;
+ if (ticklen == 0 && s->tlsext_session_ticket &&
+ s->tlsext_session_ticket->data == NULL)
+ goto skip_ext;
/*
* Check for enough room 2 for extension type, 2 for len rest for
* ticket
*/
- if (limit - ret - 4 - ticklen < 0)
+ if ((long)(limit - ret - 4 - ticklen) < 0)
return NULL;
s2n(TLSEXT_TYPE_session_ticket, ret);
s2n(ticklen, ret);
@@ -221,7 +544,34 @@
ret += ticklen;
}
}
+ skip_ext:
+ if (TLS1_get_client_version(s) >= TLS1_2_VERSION) {
+ if ((size_t)(limit - ret) < sizeof(tls12_sigalgs) + 6)
+ return NULL;
+ s2n(TLSEXT_TYPE_signature_algorithms, ret);
+ s2n(sizeof(tls12_sigalgs) + 2, ret);
+ s2n(sizeof(tls12_sigalgs), ret);
+ memcpy(ret, tls12_sigalgs, sizeof(tls12_sigalgs));
+ ret += sizeof(tls12_sigalgs);
+ }
+# ifdef TLSEXT_TYPE_opaque_prf_input
+ if (s->s3->client_opaque_prf_input != NULL && s->version != DTLS1_VERSION) {
+ size_t col = s->s3->client_opaque_prf_input_len;
+
+ if ((long)(limit - ret - 6 - col < 0))
+ return NULL;
+ if (col > 0xFFFD) /* can't happen */
+ return NULL;
+
+ s2n(TLSEXT_TYPE_opaque_prf_input, ret);
+ s2n(col + 2, ret);
+ s2n(col, ret);
+ memcpy(ret, s->s3->client_opaque_prf_input, col);
+ ret += col;
+ }
+# endif
+
if (s->tlsext_status_type == TLSEXT_STATUSTYPE_ocsp &&
s->version != DTLS1_VERSION) {
int i;
@@ -266,25 +616,106 @@
if (extlen > 0)
i2d_X509_EXTENSIONS(s->tlsext_ocsp_exts, &ret);
}
+# ifndef OPENSSL_NO_HEARTBEATS
+ /* Add Heartbeat extension */
+ if ((limit - ret - 4 - 1) < 0)
+ return NULL;
+ s2n(TLSEXT_TYPE_heartbeat, ret);
+ s2n(1, ret);
+ /*-
+ * Set mode:
+ * 1: peer may send requests
+ * 2: peer not allowed to send requests
+ */
+ if (s->tlsext_heartbeat & SSL_TLSEXT_HB_DONT_RECV_REQUESTS)
+ *(ret++) = SSL_TLSEXT_HB_DONT_SEND_REQUESTS;
+ else
+ *(ret++) = SSL_TLSEXT_HB_ENABLED;
+# endif
- if ((extdatalen = ret - p - 2) == 0)
- return p;
+# ifndef OPENSSL_NO_NEXTPROTONEG
+ if (s->ctx->next_proto_select_cb && !s->s3->tmp.finish_md_len) {
+ /*
+ * The client advertises an emtpy extension to indicate its support
+ * for Next Protocol Negotiation
+ */
+ if (limit - ret - 4 < 0)
+ return NULL;
+ s2n(TLSEXT_TYPE_next_proto_neg, ret);
+ s2n(0, ret);
+ }
+# endif
- s2n(extdatalen, p);
+# ifndef OPENSSL_NO_SRTP
+ if (SSL_IS_DTLS(s) && SSL_get_srtp_profiles(s)) {
+ int el;
+
+ ssl_add_clienthello_use_srtp_ext(s, 0, &el, 0);
+
+ if ((limit - ret - 4 - el) < 0)
+ return NULL;
+
+ s2n(TLSEXT_TYPE_use_srtp, ret);
+ s2n(el, ret);
+
+ if (ssl_add_clienthello_use_srtp_ext(s, ret, &el, el)) {
+ SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
+ return NULL;
+ }
+ ret += el;
+ }
+# endif
+ /*
+ * Add padding to workaround bugs in F5 terminators. See
+ * https://tools.ietf.org/html/draft-agl-tls-padding-03 NB: because this
+ * code works out the length of all existing extensions it MUST always
+ * appear last.
+ */
+ if (s->options & SSL_OP_TLSEXT_PADDING) {
+ int hlen = ret - (unsigned char *)s->init_buf->data;
+ /*
+ * The code in s23_clnt.c to build ClientHello messages includes the
+ * 5-byte record header in the buffer, while the code in s3_clnt.c
+ * does not.
+ */
+ if (s->state == SSL23_ST_CW_CLNT_HELLO_A)
+ hlen -= 5;
+ if (hlen > 0xff && hlen < 0x200) {
+ hlen = 0x200 - hlen;
+ if (hlen >= 4)
+ hlen -= 4;
+ else
+ hlen = 0;
+
+ s2n(TLSEXT_TYPE_padding, ret);
+ s2n(hlen, ret);
+ memset(ret, 0, hlen);
+ ret += hlen;
+ }
+ }
+
+ if ((extdatalen = ret - orig - 2) == 0)
+ return orig;
+
+ s2n(extdatalen, orig);
return ret;
}
-unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p,
+unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *buf,
unsigned char *limit)
{
int extdatalen = 0;
- unsigned char *ret = p;
+ unsigned char *orig = buf;
+ unsigned char *ret = buf;
+# ifndef OPENSSL_NO_NEXTPROTONEG
+ int next_proto_neg_seen;
+# endif
/*
* don't add extensions for SSLv3, unless doing secure renegotiation
*/
if (s->version == SSL3_VERSION && !s->s3->send_connection_binding)
- return p;
+ return orig;
ret += 2;
if (ret >= limit)
@@ -292,7 +723,7 @@
if (!s->hit && s->servername_done == 1
&& s->session->tlsext_hostname != NULL) {
- if (limit - ret - 4 < 0)
+ if ((long)(limit - ret - 4) < 0)
return NULL;
s2n(TLSEXT_TYPE_server_name, ret);
@@ -307,7 +738,7 @@
return NULL;
}
- if ((limit - p - 4 - el) < 0)
+ if ((limit - ret - 4 - el) < 0)
return NULL;
s2n(TLSEXT_TYPE_renegotiate, ret);
@@ -320,9 +751,38 @@
ret += el;
}
+# ifndef OPENSSL_NO_EC
+ if (s->tlsext_ecpointformatlist != NULL) {
+ /*
+ * Add TLS extension ECPointFormats to the ServerHello message
+ */
+ long lenmax;
+ if ((lenmax = limit - ret - 5) < 0)
+ return NULL;
+ if (s->tlsext_ecpointformatlist_length > (unsigned long)lenmax)
+ return NULL;
+ if (s->tlsext_ecpointformatlist_length > 255) {
+ SSLerr(SSL_F_SSL_ADD_SERVERHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
+ return NULL;
+ }
+
+ s2n(TLSEXT_TYPE_ec_point_formats, ret);
+ s2n(s->tlsext_ecpointformatlist_length + 1, ret);
+ *(ret++) = (unsigned char)s->tlsext_ecpointformatlist_length;
+ memcpy(ret, s->tlsext_ecpointformatlist,
+ s->tlsext_ecpointformatlist_length);
+ ret += s->tlsext_ecpointformatlist_length;
+
+ }
+ /*
+ * Currently the server should not respond with a SupportedCurves
+ * extension
+ */
+# endif /* OPENSSL_NO_EC */
+
if (s->tlsext_ticket_expected && !(SSL_get_options(s) & SSL_OP_NO_TICKET)) {
- if (limit - ret - 4 < 0)
+ if ((long)(limit - ret - 4) < 0)
return NULL;
s2n(TLSEXT_TYPE_session_ticket, ret);
s2n(0, ret);
@@ -334,11 +794,107 @@
s2n(TLSEXT_TYPE_status_request, ret);
s2n(0, ret);
}
+# ifdef TLSEXT_TYPE_opaque_prf_input
+ if (s->s3->server_opaque_prf_input != NULL && s->version != DTLS1_VERSION) {
+ size_t sol = s->s3->server_opaque_prf_input_len;
- if ((extdatalen = ret - p - 2) == 0)
- return p;
+ if ((long)(limit - ret - 6 - sol) < 0)
+ return NULL;
+ if (sol > 0xFFFD) /* can't happen */
+ return NULL;
- s2n(extdatalen, p);
+ s2n(TLSEXT_TYPE_opaque_prf_input, ret);
+ s2n(sol + 2, ret);
+ s2n(sol, ret);
+ memcpy(ret, s->s3->server_opaque_prf_input, sol);
+ ret += sol;
+ }
+# endif
+
+# ifndef OPENSSL_NO_SRTP
+ if (SSL_IS_DTLS(s) && s->srtp_profile) {
+ int el;
+
+ ssl_add_serverhello_use_srtp_ext(s, 0, &el, 0);
+
+ if ((limit - ret - 4 - el) < 0)
+ return NULL;
+
+ s2n(TLSEXT_TYPE_use_srtp, ret);
+ s2n(el, ret);
+
+ if (ssl_add_serverhello_use_srtp_ext(s, ret, &el, el)) {
+ SSLerr(SSL_F_SSL_ADD_SERVERHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
+ return NULL;
+ }
+ ret += el;
+ }
+# endif
+
+ if (((s->s3->tmp.new_cipher->id & 0xFFFF) == 0x80
+ || (s->s3->tmp.new_cipher->id & 0xFFFF) == 0x81)
+ && (SSL_get_options(s) & SSL_OP_CRYPTOPRO_TLSEXT_BUG)) {
+ const unsigned char cryptopro_ext[36] = {
+ 0xfd, 0xe8, /* 65000 */
+ 0x00, 0x20, /* 32 bytes length */
+ 0x30, 0x1e, 0x30, 0x08, 0x06, 0x06, 0x2a, 0x85,
+ 0x03, 0x02, 0x02, 0x09, 0x30, 0x08, 0x06, 0x06,
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x16, 0x30, 0x08,
+ 0x06, 0x06, 0x2a, 0x85, 0x03, 0x02, 0x02, 0x17
+ };
+ if (limit - ret < 36)
+ return NULL;
+ memcpy(ret, cryptopro_ext, 36);
+ ret += 36;
+
+ }
+# ifndef OPENSSL_NO_HEARTBEATS
+ /* Add Heartbeat extension if we've received one */
+ if (s->tlsext_heartbeat & SSL_TLSEXT_HB_ENABLED) {
+ if ((limit - ret - 4 - 1) < 0)
+ return NULL;
+ s2n(TLSEXT_TYPE_heartbeat, ret);
+ s2n(1, ret);
+ /*-
+ * Set mode:
+ * 1: peer may send requests
+ * 2: peer not allowed to send requests
+ */
+ if (s->tlsext_heartbeat & SSL_TLSEXT_HB_DONT_RECV_REQUESTS)
+ *(ret++) = SSL_TLSEXT_HB_DONT_SEND_REQUESTS;
+ else
+ *(ret++) = SSL_TLSEXT_HB_ENABLED;
+
+ }
+# endif
+
+# ifndef OPENSSL_NO_NEXTPROTONEG
+ next_proto_neg_seen = s->s3->next_proto_neg_seen;
+ s->s3->next_proto_neg_seen = 0;
+ if (next_proto_neg_seen && s->ctx->next_protos_advertised_cb) {
+ const unsigned char *npa;
+ unsigned int npalen;
+ int r;
+
+ r = s->ctx->next_protos_advertised_cb(s, &npa, &npalen,
+ s->
+ ctx->next_protos_advertised_cb_arg);
+ if (r == SSL_TLSEXT_ERR_OK) {
+ if ((long)(limit - ret - 4 - npalen) < 0)
+ return NULL;
+ s2n(TLSEXT_TYPE_next_proto_neg, ret);
+ s2n(npalen, ret);
+ memcpy(ret, npa, npalen);
+ ret += npalen;
+ s->s3->next_proto_neg_seen = 1;
+ }
+ }
+# endif
+
+ if ((extdatalen = ret - orig - 2) == 0)
+ return orig;
+
+ s2n(extdatalen, orig);
return ret;
}
@@ -433,22 +989,43 @@
unsigned short len;
unsigned char *data = *p;
int renegotiate_seen = 0;
+ int sigalg_seen = 0;
s->servername_done = 0;
s->tlsext_status_type = -1;
+# ifndef OPENSSL_NO_NEXTPROTONEG
+ s->s3->next_proto_neg_seen = 0;
+# endif
+# ifndef OPENSSL_NO_HEARTBEATS
+ s->tlsext_heartbeat &= ~(SSL_TLSEXT_HB_ENABLED |
+ SSL_TLSEXT_HB_DONT_SEND_REQUESTS);
+# endif
+
# ifndef OPENSSL_NO_EC
if (s->options & SSL_OP_SAFARI_ECDHE_ECDSA_BUG)
ssl_check_for_safari(s, data, d, n);
# endif /* !OPENSSL_NO_EC */
- if (data >= (d + n - 2))
+# ifndef OPENSSL_NO_SRP
+ if (s->srp_ctx.login != NULL) {
+ OPENSSL_free(s->srp_ctx.login);
+ s->srp_ctx.login = NULL;
+ }
+# endif
+
+ s->srtp_profile = NULL;
+
+ if (data == d + n)
goto ri_check;
+ if (data > (d + n - 2))
+ goto err;
+
n2s(data, len);
if (data > (d + n - len))
- goto ri_check;
+ goto err;
while (data <= (d + n - 4)) {
n2s(data, type);
@@ -455,8 +1032,10 @@
n2s(data, size);
if (data + size > (d + n))
- goto ri_check;
-
+ goto err;
+# if 0
+ fprintf(stderr, "Received extension type %d size %d\n", type, size);
+# endif
if (s->tlsext_debug_cb)
s->tlsext_debug_cb(s, 0, type, data, size, s->tlsext_debug_arg);
/*-
@@ -489,16 +1068,12 @@
int servname_type;
int dsize;
- if (size < 2) {
- *al = SSL_AD_DECODE_ERROR;
- return 0;
- }
+ if (size < 2)
+ goto err;
n2s(data, dsize);
size -= 2;
- if (dsize > size) {
- *al = SSL_AD_DECODE_ERROR;
- return 0;
- }
+ if (dsize > size)
+ goto err;
sdata = data;
while (dsize > 3) {
@@ -506,18 +1081,16 @@
n2s(sdata, len);
dsize -= 3;
- if (len > dsize) {
- *al = SSL_AD_DECODE_ERROR;
- return 0;
- }
+ if (len > dsize)
+ goto err;
+
if (s->servername_done == 0)
switch (servname_type) {
case TLSEXT_NAMETYPE_host_name:
if (!s->hit) {
- if (s->session->tlsext_hostname) {
- *al = SSL_AD_DECODE_ERROR;
- return 0;
- }
+ if (s->session->tlsext_hostname)
+ goto err;
+
if (len > TLSEXT_MAXLEN_host_name) {
*al = TLS1_AD_UNRECOGNIZED_NAME;
return 0;
@@ -551,22 +1124,155 @@
dsize -= len;
}
- if (dsize != 0) {
+ if (dsize != 0)
+ goto err;
+
+ }
+# ifndef OPENSSL_NO_SRP
+ else if (type == TLSEXT_TYPE_srp) {
+ if (size == 0 || ((len = data[0])) != (size - 1))
+ goto err;
+ if (s->srp_ctx.login != NULL)
+ goto err;
+ if ((s->srp_ctx.login = OPENSSL_malloc(len + 1)) == NULL)
+ return -1;
+ memcpy(s->srp_ctx.login, &data[1], len);
+ s->srp_ctx.login[len] = '\0';
+
+ if (strlen(s->srp_ctx.login) != len)
+ goto err;
+ }
+# endif
+
+# ifndef OPENSSL_NO_EC
+ else if (type == TLSEXT_TYPE_ec_point_formats) {
+ unsigned char *sdata = data;
+ int ecpointformatlist_length = *(sdata++);
+
+ if (ecpointformatlist_length != size - 1)
+ goto err;
+ if (!s->hit) {
+ if (s->session->tlsext_ecpointformatlist) {
+ OPENSSL_free(s->session->tlsext_ecpointformatlist);
+ s->session->tlsext_ecpointformatlist = NULL;
+ }
+ s->session->tlsext_ecpointformatlist_length = 0;
+ if ((s->session->tlsext_ecpointformatlist =
+ OPENSSL_malloc(ecpointformatlist_length)) == NULL) {
+ *al = TLS1_AD_INTERNAL_ERROR;
+ return 0;
+ }
+ s->session->tlsext_ecpointformatlist_length =
+ ecpointformatlist_length;
+ memcpy(s->session->tlsext_ecpointformatlist, sdata,
+ ecpointformatlist_length);
+ }
+# if 0
+ fprintf(stderr,
+ "ssl_parse_clienthello_tlsext s->session->tlsext_ecpointformatlist (length=%i) ",
+ s->session->tlsext_ecpointformatlist_length);
+ sdata = s->session->tlsext_ecpointformatlist;
+ for (i = 0; i < s->session->tlsext_ecpointformatlist_length; i++)
+ fprintf(stderr, "%i ", *(sdata++));
+ fprintf(stderr, "\n");
+# endif
+ } else if (type == TLSEXT_TYPE_elliptic_curves) {
+ unsigned char *sdata = data;
+ int ellipticcurvelist_length = (*(sdata++) << 8);
+ ellipticcurvelist_length += (*(sdata++));
+
+ if (ellipticcurvelist_length != size - 2 ||
+ ellipticcurvelist_length < 1 ||
+ /* Each NamedCurve is 2 bytes. */
+ ellipticcurvelist_length & 1)
+ goto err;
+
+ if (!s->hit) {
+ if (s->session->tlsext_ellipticcurvelist)
+ goto err;
+
+ s->session->tlsext_ellipticcurvelist_length = 0;
+ if ((s->session->tlsext_ellipticcurvelist =
+ OPENSSL_malloc(ellipticcurvelist_length)) == NULL) {
+ *al = TLS1_AD_INTERNAL_ERROR;
+ return 0;
+ }
+ s->session->tlsext_ellipticcurvelist_length =
+ ellipticcurvelist_length;
+ memcpy(s->session->tlsext_ellipticcurvelist, sdata,
+ ellipticcurvelist_length);
+ }
+# if 0
+ fprintf(stderr,
+ "ssl_parse_clienthello_tlsext s->session->tlsext_ellipticcurvelist (length=%i) ",
+ s->session->tlsext_ellipticcurvelist_length);
+ sdata = s->session->tlsext_ellipticcurvelist;
+ for (i = 0; i < s->session->tlsext_ellipticcurvelist_length; i++)
+ fprintf(stderr, "%i ", *(sdata++));
+ fprintf(stderr, "\n");
+# endif
+ }
+# endif /* OPENSSL_NO_EC */
+# ifdef TLSEXT_TYPE_opaque_prf_input
+ else if (type == TLSEXT_TYPE_opaque_prf_input &&
+ s->version != DTLS1_VERSION) {
+ unsigned char *sdata = data;
+
+ if (size < 2) {
*al = SSL_AD_DECODE_ERROR;
return 0;
}
+ n2s(sdata, s->s3->client_opaque_prf_input_len);
+ if (s->s3->client_opaque_prf_input_len != size - 2) {
+ *al = SSL_AD_DECODE_ERROR;
+ return 0;
+ }
+ if (s->s3->client_opaque_prf_input != NULL) {
+ /* shouldn't really happen */
+ OPENSSL_free(s->s3->client_opaque_prf_input);
+ }
+
+ /* dummy byte just to get non-NULL */
+ if (s->s3->client_opaque_prf_input_len == 0)
+ s->s3->client_opaque_prf_input = OPENSSL_malloc(1);
+ else
+ s->s3->client_opaque_prf_input =
+ BUF_memdup(sdata, s->s3->client_opaque_prf_input_len);
+ if (s->s3->client_opaque_prf_input == NULL) {
+ *al = TLS1_AD_INTERNAL_ERROR;
+ return 0;
+ }
+ }
+# endif
+ else if (type == TLSEXT_TYPE_session_ticket) {
+ if (s->tls_session_ticket_ext_cb &&
+ !s->tls_session_ticket_ext_cb(s, data, size,
+ s->tls_session_ticket_ext_cb_arg))
+ {
+ *al = TLS1_AD_INTERNAL_ERROR;
+ return 0;
+ }
} else if (type == TLSEXT_TYPE_renegotiate) {
if (!ssl_parse_clienthello_renegotiate_ext(s, data, size, al))
return 0;
renegotiate_seen = 1;
+ } else if (type == TLSEXT_TYPE_signature_algorithms) {
+ int dsize;
+ if (sigalg_seen || size < 2)
+ goto err;
+ sigalg_seen = 1;
+ n2s(data, dsize);
+ size -= 2;
+ if (dsize != size || dsize & 1)
+ goto err;
+ if (!tls1_process_sigalgs(s, data, dsize))
+ goto err;
} else if (type == TLSEXT_TYPE_status_request &&
- s->version != DTLS1_VERSION && s->ctx->tlsext_status_cb) {
+ s->version != DTLS1_VERSION) {
- if (size < 5) {
- *al = SSL_AD_DECODE_ERROR;
- return 0;
- }
+ if (size < 5)
+ goto err;
s->tlsext_status_type = *data++;
size--;
@@ -576,35 +1282,26 @@
/* Read in responder_id_list */
n2s(data, dsize);
size -= 2;
- if (dsize > size) {
- *al = SSL_AD_DECODE_ERROR;
- return 0;
- }
+ if (dsize > size)
+ goto err;
while (dsize > 0) {
OCSP_RESPID *id;
int idsize;
- if (dsize < 4) {
- *al = SSL_AD_DECODE_ERROR;
- return 0;
- }
+ if (dsize < 4)
+ goto err;
n2s(data, idsize);
dsize -= 2 + idsize;
size -= 2 + idsize;
- if (dsize < 0) {
- *al = SSL_AD_DECODE_ERROR;
- return 0;
- }
+ if (dsize < 0)
+ goto err;
sdata = data;
data += idsize;
id = d2i_OCSP_RESPID(NULL, &sdata, idsize);
- if (!id) {
- *al = SSL_AD_DECODE_ERROR;
- return 0;
- }
+ if (!id)
+ goto err;
if (data != sdata) {
OCSP_RESPID_free(id);
- *al = SSL_AD_DECODE_ERROR;
- return 0;
+ goto err;
}
if (!s->tlsext_ocsp_ids
&& !(s->tlsext_ocsp_ids =
@@ -621,16 +1318,12 @@
}
/* Read in request_extensions */
- if (size < 2) {
- *al = SSL_AD_DECODE_ERROR;
- return 0;
- }
+ if (size < 2)
+ goto err;
n2s(data, dsize);
size -= 2;
- if (dsize != size) {
- *al = SSL_AD_DECODE_ERROR;
- return 0;
- }
+ if (dsize != size)
+ goto err;
sdata = data;
if (dsize > 0) {
if (s->tlsext_ocsp_exts) {
@@ -640,10 +1333,8 @@
s->tlsext_ocsp_exts =
d2i_X509_EXTENSIONS(NULL, &sdata, dsize);
- if (!s->tlsext_ocsp_exts || (data + dsize != sdata)) {
- *al = SSL_AD_DECODE_ERROR;
- return 0;
- }
+ if (!s->tlsext_ocsp_exts || (data + dsize != sdata))
+ goto err;
}
}
/*
@@ -652,11 +1343,62 @@
else
s->tlsext_status_type = -1;
}
+# ifndef OPENSSL_NO_HEARTBEATS
+ else if (type == TLSEXT_TYPE_heartbeat) {
+ switch (data[0]) {
+ case 0x01: /* Client allows us to send HB requests */
+ s->tlsext_heartbeat |= SSL_TLSEXT_HB_ENABLED;
+ break;
+ case 0x02: /* Client doesn't accept HB requests */
+ s->tlsext_heartbeat |= SSL_TLSEXT_HB_ENABLED;
+ s->tlsext_heartbeat |= SSL_TLSEXT_HB_DONT_SEND_REQUESTS;
+ break;
+ default:
+ *al = SSL_AD_ILLEGAL_PARAMETER;
+ return 0;
+ }
+ }
+# endif
+# ifndef OPENSSL_NO_NEXTPROTONEG
+ else if (type == TLSEXT_TYPE_next_proto_neg &&
+ s->s3->tmp.finish_md_len == 0) {
+ /*-
+ * We shouldn't accept this extension on a
+ * renegotiation.
+ *
+ * s->new_session will be set on renegotiation, but we
+ * probably shouldn't rely that it couldn't be set on
+ * the initial renegotation too in certain cases (when
+ * there's some other reason to disallow resuming an
+ * earlier session -- the current code won't be doing
+ * anything like that, but this might change).
+ *
+ * A valid sign that there's been a previous handshake
+ * in this connection is if s->s3->tmp.finish_md_len >
+ * 0. (We are talking about a check that will happen
+ * in the Hello protocol round, well before a new
+ * Finished message could have been computed.)
+ */
+ s->s3->next_proto_neg_seen = 1;
+ }
+# endif
/* session ticket processed earlier */
+# ifndef OPENSSL_NO_SRTP
+ else if (SSL_IS_DTLS(s) && SSL_get_srtp_profiles(s)
+ && type == TLSEXT_TYPE_use_srtp) {
+ if (ssl_parse_clienthello_use_srtp_ext(s, data, size, al))
+ return 0;
+ }
+# endif
data += size;
}
+
+ /* Spurious data on the end */
+ if (data != d + n)
+ goto err;
+
*p = data;
ri_check:
@@ -663,7 +1405,7 @@
/* Need RI if renegotiating */
- if (!renegotiate_seen && s->new_session &&
+ if (!renegotiate_seen && s->renegotiate &&
!(s->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION)) {
*al = SSL_AD_HANDSHAKE_FAILURE;
SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT,
@@ -672,8 +1414,32 @@
}
return 1;
+err:
+ *al = SSL_AD_DECODE_ERROR;
+ return 0;
}
+# ifndef OPENSSL_NO_NEXTPROTONEG
+/*
+ * ssl_next_proto_validate validates a Next Protocol Negotiation block. No
+ * elements of zero length are allowed and the set of elements must exactly
+ * fill the length of the block.
+ */
+static char ssl_next_proto_validate(unsigned char *d, unsigned len)
+{
+ unsigned int off = 0;
+
+ while (off < len) {
+ if (d[off] == 0)
+ return 0;
+ off += d[off];
+ off++;
+ }
+
+ return off == len;
+}
+# endif
+
int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d,
int n, int *al)
{
@@ -684,6 +1450,16 @@
int tlsext_servername = 0;
int renegotiate_seen = 0;
+# ifndef OPENSSL_NO_NEXTPROTONEG
+ s->s3->next_proto_neg_seen = 0;
+# endif
+ s->tlsext_ticket_expected = 0;
+
+# ifndef OPENSSL_NO_HEARTBEATS
+ s->tlsext_heartbeat &= ~(SSL_TLSEXT_HB_ENABLED |
+ SSL_TLSEXT_HB_DONT_SEND_REQUESTS);
+# endif
+
if (data >= (d + n - 2))
goto ri_check;
@@ -709,7 +1485,50 @@
return 0;
}
tlsext_servername = 1;
- } else if (type == TLSEXT_TYPE_session_ticket) {
+ }
+# ifndef OPENSSL_NO_EC
+ else if (type == TLSEXT_TYPE_ec_point_formats) {
+ unsigned char *sdata = data;
+ int ecpointformatlist_length = *(sdata++);
+
+ if (ecpointformatlist_length != size - 1 ||
+ ecpointformatlist_length < 1) {
+ *al = TLS1_AD_DECODE_ERROR;
+ return 0;
+ }
+ if (!s->hit) {
+ s->session->tlsext_ecpointformatlist_length = 0;
+ if (s->session->tlsext_ecpointformatlist != NULL)
+ OPENSSL_free(s->session->tlsext_ecpointformatlist);
+ if ((s->session->tlsext_ecpointformatlist =
+ OPENSSL_malloc(ecpointformatlist_length)) == NULL) {
+ *al = TLS1_AD_INTERNAL_ERROR;
+ return 0;
+ }
+ s->session->tlsext_ecpointformatlist_length =
+ ecpointformatlist_length;
+ memcpy(s->session->tlsext_ecpointformatlist, sdata,
+ ecpointformatlist_length);
+ }
+# if 0
+ fprintf(stderr,
+ "ssl_parse_serverhello_tlsext s->session->tlsext_ecpointformatlist ");
+ sdata = s->session->tlsext_ecpointformatlist;
+ for (i = 0; i < s->session->tlsext_ecpointformatlist_length; i++)
+ fprintf(stderr, "%i ", *(sdata++));
+ fprintf(stderr, "\n");
+# endif
+ }
+# endif /* OPENSSL_NO_EC */
+
+ else if (type == TLSEXT_TYPE_session_ticket) {
+ if (s->tls_session_ticket_ext_cb &&
+ !s->tls_session_ticket_ext_cb(s, data, size,
+ s->tls_session_ticket_ext_cb_arg))
+ {
+ *al = TLS1_AD_INTERNAL_ERROR;
+ return 0;
+ }
if ((SSL_get_options(s) & SSL_OP_NO_TICKET)
|| (size > 0)) {
*al = TLS1_AD_UNSUPPORTED_EXTENSION;
@@ -716,8 +1535,42 @@
return 0;
}
s->tlsext_ticket_expected = 1;
- } else if (type == TLSEXT_TYPE_status_request &&
- s->version != DTLS1_VERSION) {
+ }
+# ifdef TLSEXT_TYPE_opaque_prf_input
+ else if (type == TLSEXT_TYPE_opaque_prf_input &&
+ s->version != DTLS1_VERSION) {
+ unsigned char *sdata = data;
+
+ if (size < 2) {
+ *al = SSL_AD_DECODE_ERROR;
+ return 0;
+ }
+ n2s(sdata, s->s3->server_opaque_prf_input_len);
+ if (s->s3->server_opaque_prf_input_len != size - 2) {
+ *al = SSL_AD_DECODE_ERROR;
+ return 0;
+ }
+
+ if (s->s3->server_opaque_prf_input != NULL) {
+ /* shouldn't really happen */
+ OPENSSL_free(s->s3->server_opaque_prf_input);
+ }
+ if (s->s3->server_opaque_prf_input_len == 0) {
+ /* dummy byte just to get non-NULL */
+ s->s3->server_opaque_prf_input = OPENSSL_malloc(1);
+ } else {
+ s->s3->server_opaque_prf_input =
+ BUF_memdup(sdata, s->s3->server_opaque_prf_input_len);
+ }
+
+ if (s->s3->server_opaque_prf_input == NULL) {
+ *al = TLS1_AD_INTERNAL_ERROR;
+ return 0;
+ }
+ }
+# endif
+ else if (type == TLSEXT_TYPE_status_request &&
+ s->version != DTLS1_VERSION) {
/*
* MUST be empty and only sent if we've requested a status
* request message.
@@ -728,11 +1581,69 @@
}
/* Set flag to expect CertificateStatus message */
s->tlsext_status_expected = 1;
- } else if (type == TLSEXT_TYPE_renegotiate) {
+ }
+# ifndef OPENSSL_NO_NEXTPROTONEG
+ else if (type == TLSEXT_TYPE_next_proto_neg &&
+ s->s3->tmp.finish_md_len == 0) {
+ unsigned char *selected;
+ unsigned char selected_len;
+
+ /* We must have requested it. */
+ if (s->ctx->next_proto_select_cb == NULL) {
+ *al = TLS1_AD_UNSUPPORTED_EXTENSION;
+ return 0;
+ }
+ /* The data must be valid */
+ if (!ssl_next_proto_validate(data, size)) {
+ *al = TLS1_AD_DECODE_ERROR;
+ return 0;
+ }
+ if (s->
+ ctx->next_proto_select_cb(s, &selected, &selected_len, data,
+ size,
+ s->ctx->next_proto_select_cb_arg) !=
+ SSL_TLSEXT_ERR_OK) {
+ *al = TLS1_AD_INTERNAL_ERROR;
+ return 0;
+ }
+ s->next_proto_negotiated = OPENSSL_malloc(selected_len);
+ if (!s->next_proto_negotiated) {
+ *al = TLS1_AD_INTERNAL_ERROR;
+ return 0;
+ }
+ memcpy(s->next_proto_negotiated, selected, selected_len);
+ s->next_proto_negotiated_len = selected_len;
+ s->s3->next_proto_neg_seen = 1;
+ }
+# endif
+ else if (type == TLSEXT_TYPE_renegotiate) {
if (!ssl_parse_serverhello_renegotiate_ext(s, data, size, al))
return 0;
renegotiate_seen = 1;
}
+# ifndef OPENSSL_NO_HEARTBEATS
+ else if (type == TLSEXT_TYPE_heartbeat) {
+ switch (data[0]) {
+ case 0x01: /* Server allows us to send HB requests */
+ s->tlsext_heartbeat |= SSL_TLSEXT_HB_ENABLED;
+ break;
+ case 0x02: /* Server doesn't accept HB requests */
+ s->tlsext_heartbeat |= SSL_TLSEXT_HB_ENABLED;
+ s->tlsext_heartbeat |= SSL_TLSEXT_HB_DONT_SEND_REQUESTS;
+ break;
+ default:
+ *al = SSL_AD_ILLEGAL_PARAMETER;
+ return 0;
+ }
+ }
+# endif
+# ifndef OPENSSL_NO_SRTP
+ else if (SSL_IS_DTLS(s) && type == TLSEXT_TYPE_use_srtp) {
+ if (ssl_parse_serverhello_use_srtp_ext(s, data, size, al))
+ return 0;
+ }
+# endif
+
data += size;
}
@@ -779,11 +1690,165 @@
return 1;
}
+int ssl_prepare_clienthello_tlsext(SSL *s)
+{
+# ifndef OPENSSL_NO_EC
+ /*
+ * If we are client and using an elliptic curve cryptography cipher
+ * suite, send the point formats and elliptic curves we support.
+ */
+ int using_ecc = 0;
+ int i;
+ unsigned char *j;
+ unsigned long alg_k, alg_a;
+ STACK_OF(SSL_CIPHER) *cipher_stack = SSL_get_ciphers(s);
+
+ for (i = 0; i < sk_SSL_CIPHER_num(cipher_stack); i++) {
+ SSL_CIPHER *c = sk_SSL_CIPHER_value(cipher_stack, i);
+
+ alg_k = c->algorithm_mkey;
+ alg_a = c->algorithm_auth;
+ if ((alg_k & (SSL_kEECDH | SSL_kECDHr | SSL_kECDHe)
+ || (alg_a & SSL_aECDSA))) {
+ using_ecc = 1;
+ break;
+ }
+ }
+ using_ecc = using_ecc && (s->version >= TLS1_VERSION);
+ if (using_ecc) {
+ if (s->tlsext_ecpointformatlist != NULL)
+ OPENSSL_free(s->tlsext_ecpointformatlist);
+ if ((s->tlsext_ecpointformatlist = OPENSSL_malloc(3)) == NULL) {
+ SSLerr(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT,
+ ERR_R_MALLOC_FAILURE);
+ return -1;
+ }
+ s->tlsext_ecpointformatlist_length = 3;
+ s->tlsext_ecpointformatlist[0] = TLSEXT_ECPOINTFORMAT_uncompressed;
+ s->tlsext_ecpointformatlist[1] =
+ TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime;
+ s->tlsext_ecpointformatlist[2] =
+ TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2;
+
+ /* we support all named elliptic curves in RFC 4492 */
+ if (s->tlsext_ellipticcurvelist != NULL)
+ OPENSSL_free(s->tlsext_ellipticcurvelist);
+ s->tlsext_ellipticcurvelist_length =
+ sizeof(pref_list) / sizeof(pref_list[0]) * 2;
+ if ((s->tlsext_ellipticcurvelist =
+ OPENSSL_malloc(s->tlsext_ellipticcurvelist_length)) == NULL) {
+ s->tlsext_ellipticcurvelist_length = 0;
+ SSLerr(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT,
+ ERR_R_MALLOC_FAILURE);
+ return -1;
+ }
+ for (i = 0, j = s->tlsext_ellipticcurvelist; (unsigned int)i <
+ sizeof(pref_list) / sizeof(pref_list[0]); i++) {
+ int id = tls1_ec_nid2curve_id(pref_list[i]);
+ s2n(id, j);
+ }
+ }
+# endif /* OPENSSL_NO_EC */
+
+# ifdef TLSEXT_TYPE_opaque_prf_input
+ {
+ int r = 1;
+
+ if (s->ctx->tlsext_opaque_prf_input_callback != 0) {
+ r = s->ctx->tlsext_opaque_prf_input_callback(s, NULL, 0,
+ s->
+ ctx->tlsext_opaque_prf_input_callback_arg);
+ if (!r)
+ return -1;
+ }
+
+ if (s->tlsext_opaque_prf_input != NULL) {
+ if (s->s3->client_opaque_prf_input != NULL) {
+ /* shouldn't really happen */
+ OPENSSL_free(s->s3->client_opaque_prf_input);
+ }
+
+ if (s->tlsext_opaque_prf_input_len == 0) {
+ /* dummy byte just to get non-NULL */
+ s->s3->client_opaque_prf_input = OPENSSL_malloc(1);
+ } else {
+ s->s3->client_opaque_prf_input =
+ BUF_memdup(s->tlsext_opaque_prf_input,
+ s->tlsext_opaque_prf_input_len);
+ }
+ if (s->s3->client_opaque_prf_input == NULL) {
+ SSLerr(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT,
+ ERR_R_MALLOC_FAILURE);
+ return -1;
+ }
+ s->s3->client_opaque_prf_input_len =
+ s->tlsext_opaque_prf_input_len;
+ }
+
+ if (r == 2)
+ /*
+ * at callback's request, insist on receiving an appropriate
+ * server opaque PRF input
+ */
+ s->s3->server_opaque_prf_input_len =
+ s->tlsext_opaque_prf_input_len;
+ }
+# endif
+
+ return 1;
+}
+
+int ssl_prepare_serverhello_tlsext(SSL *s)
+{
+# ifndef OPENSSL_NO_EC
+ /*
+ * If we are server and using an ECC cipher suite, send the point formats
+ * we support if the client sent us an ECPointsFormat extension. Note
+ * that the server is not supposed to send an EllipticCurves extension.
+ */
+
+ unsigned long alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
+ unsigned long alg_a = s->s3->tmp.new_cipher->algorithm_auth;
+ int using_ecc = (alg_k & (SSL_kEECDH | SSL_kECDHr | SSL_kECDHe))
+ || (alg_a & SSL_aECDSA);
+ using_ecc = using_ecc && (s->session->tlsext_ecpointformatlist != NULL);
+
+ if (using_ecc) {
+ if (s->tlsext_ecpointformatlist != NULL)
+ OPENSSL_free(s->tlsext_ecpointformatlist);
+ if ((s->tlsext_ecpointformatlist = OPENSSL_malloc(3)) == NULL) {
+ SSLerr(SSL_F_SSL_PREPARE_SERVERHELLO_TLSEXT,
+ ERR_R_MALLOC_FAILURE);
+ return -1;
+ }
+ s->tlsext_ecpointformatlist_length = 3;
+ s->tlsext_ecpointformatlist[0] = TLSEXT_ECPOINTFORMAT_uncompressed;
+ s->tlsext_ecpointformatlist[1] =
+ TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime;
+ s->tlsext_ecpointformatlist[2] =
+ TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2;
+ }
+# endif /* OPENSSL_NO_EC */
+
+ return 1;
+}
+
int ssl_check_clienthello_tlsext_early(SSL *s)
{
int ret = SSL_TLSEXT_ERR_NOACK;
int al = SSL_AD_UNRECOGNIZED_NAME;
+# ifndef OPENSSL_NO_EC
+ /*
+ * The handling of the ECPointFormats extension is done elsewhere, namely
+ * in ssl3_choose_cipher in s3_lib.c.
+ */
+ /*
+ * The handling of the EllipticCurves extension is done elsewhere, namely
+ * in ssl3_choose_cipher in s3_lib.c.
+ */
+# endif
+
if (s->ctx != NULL && s->ctx->tlsext_servername_callback != 0)
ret =
s->ctx->tlsext_servername_callback(s, &al,
@@ -795,6 +1860,73 @@
s->
initial_ctx->tlsext_servername_arg);
+# ifdef TLSEXT_TYPE_opaque_prf_input
+ {
+ /*
+ * This sort of belongs into ssl_prepare_serverhello_tlsext(), but we
+ * might be sending an alert in response to the client hello, so this
+ * has to happen here in ssl_check_clienthello_tlsext_early().
+ */
+
+ int r = 1;
+
+ if (s->ctx->tlsext_opaque_prf_input_callback != 0) {
+ r = s->ctx->tlsext_opaque_prf_input_callback(s, NULL, 0,
+ s->
+ ctx->tlsext_opaque_prf_input_callback_arg);
+ if (!r) {
+ ret = SSL_TLSEXT_ERR_ALERT_FATAL;
+ al = SSL_AD_INTERNAL_ERROR;
+ goto err;
+ }
+ }
+
+ if (s->s3->server_opaque_prf_input != NULL) {
+ /* shouldn't really happen */
+ OPENSSL_free(s->s3->server_opaque_prf_input);
+ }
+ s->s3->server_opaque_prf_input = NULL;
+
+ if (s->tlsext_opaque_prf_input != NULL) {
+ if (s->s3->client_opaque_prf_input != NULL &&
+ s->s3->client_opaque_prf_input_len ==
+ s->tlsext_opaque_prf_input_len) {
+ /*
+ * can only use this extension if we have a server opaque PRF
+ * input of the same length as the client opaque PRF input!
+ */
+
+ if (s->tlsext_opaque_prf_input_len == 0) {
+ /* dummy byte just to get non-NULL */
+ s->s3->server_opaque_prf_input = OPENSSL_malloc(1);
+ } else {
+ s->s3->server_opaque_prf_input =
+ BUF_memdup(s->tlsext_opaque_prf_input,
+ s->tlsext_opaque_prf_input_len);
+ }
+ if (s->s3->server_opaque_prf_input == NULL) {
+ ret = SSL_TLSEXT_ERR_ALERT_FATAL;
+ al = SSL_AD_INTERNAL_ERROR;
+ goto err;
+ }
+ s->s3->server_opaque_prf_input_len =
+ s->tlsext_opaque_prf_input_len;
+ }
+ }
+
+ if (r == 2 && s->s3->server_opaque_prf_input == NULL) {
+ /*
+ * The callback wants to enforce use of the extension, but we
+ * can't do that with the client opaque PRF input; abort the
+ * handshake.
+ */
+ ret = SSL_TLSEXT_ERR_ALERT_FATAL;
+ al = SSL_AD_HANDSHAKE_FAILURE;
+ }
+ }
+
+ err:
+# endif
switch (ret) {
case SSL_TLSEXT_ERR_ALERT_FATAL:
ssl3_send_alert(s, SSL3_AL_FATAL, al);
@@ -806,7 +1938,6 @@
case SSL_TLSEXT_ERR_NOACK:
s->servername_done = 0;
-
default:
return 1;
}
@@ -823,7 +1954,7 @@
* changed, and must be called after the cipher has been chosen because
* this may influence which certificate is sent
*/
- if (s->tlsext_status_type != -1 && s->ctx && s->ctx->tlsext_status_cb) {
+ if ((s->tlsext_status_type != -1) && s->ctx && s->ctx->tlsext_status_cb) {
int r;
CERT_PKEY *certpkey;
certpkey = ssl_get_server_send_pkey(s);
@@ -879,6 +2010,40 @@
int ret = SSL_TLSEXT_ERR_NOACK;
int al = SSL_AD_UNRECOGNIZED_NAME;
+# ifndef OPENSSL_NO_EC
+ /*
+ * If we are client and using an elliptic curve cryptography cipher
+ * suite, then if server returns an EC point formats lists extension it
+ * must contain uncompressed.
+ */
+ unsigned long alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
+ unsigned long alg_a = s->s3->tmp.new_cipher->algorithm_auth;
+ if ((s->tlsext_ecpointformatlist != NULL)
+ && (s->tlsext_ecpointformatlist_length > 0)
+ && (s->session->tlsext_ecpointformatlist != NULL)
+ && (s->session->tlsext_ecpointformatlist_length > 0)
+ && ((alg_k & (SSL_kEECDH | SSL_kECDHr | SSL_kECDHe))
+ || (alg_a & SSL_aECDSA))) {
+ /* we are using an ECC cipher */
+ size_t i;
+ unsigned char *list;
+ int found_uncompressed = 0;
+ list = s->session->tlsext_ecpointformatlist;
+ for (i = 0; i < s->session->tlsext_ecpointformatlist_length; i++) {
+ if (*(list++) == TLSEXT_ECPOINTFORMAT_uncompressed) {
+ found_uncompressed = 1;
+ break;
+ }
+ }
+ if (!found_uncompressed) {
+ SSLerr(SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT,
+ SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST);
+ return -1;
+ }
+ }
+ ret = SSL_TLSEXT_ERR_OK;
+# endif /* OPENSSL_NO_EC */
+
if (s->ctx != NULL && s->ctx->tlsext_servername_callback != 0)
ret =
s->ctx->tlsext_servername_callback(s, &al,
@@ -890,12 +2055,38 @@
s->
initial_ctx->tlsext_servername_arg);
+# ifdef TLSEXT_TYPE_opaque_prf_input
+ if (s->s3->server_opaque_prf_input_len > 0) {
+ /*
+ * This case may indicate that we, as a client, want to insist on
+ * using opaque PRF inputs. So first verify that we really have a
+ * value from the server too.
+ */
+
+ if (s->s3->server_opaque_prf_input == NULL) {
+ ret = SSL_TLSEXT_ERR_ALERT_FATAL;
+ al = SSL_AD_HANDSHAKE_FAILURE;
+ }
+
+ /*
+ * Anytime the server *has* sent an opaque PRF input, we need to
+ * check that we have a client opaque PRF input of the same size.
+ */
+ if (s->s3->client_opaque_prf_input == NULL ||
+ s->s3->client_opaque_prf_input_len !=
+ s->s3->server_opaque_prf_input_len) {
+ ret = SSL_TLSEXT_ERR_ALERT_FATAL;
+ al = SSL_AD_ILLEGAL_PARAMETER;
+ }
+ }
+# endif
+
/*
* If we've requested certificate status and we wont get one tell the
* callback
*/
if ((s->tlsext_status_type != -1) && !(s->tlsext_status_expected)
- && s->ctx->tlsext_status_cb) {
+ && s->ctx && s->ctx->tlsext_status_cb) {
int r;
/*
* Set resp to NULL, resplen to -1 so callback knows there is no
@@ -933,12 +2124,40 @@
}
}
-/*
- * Since the server cache lookup is done early on in the processing of client
- * hello and other operations depend on the result we need to handle any TLS
- * session ticket extension at the same time.
+/*-
+ * Since the server cache lookup is done early on in the processing of the
+ * ClientHello, and other operations depend on the result, we need to handle
+ * any TLS session ticket extension at the same time.
+ *
+ * session_id: points at the session ID in the ClientHello. This code will
+ * read past the end of this in order to parse out the session ticket
+ * extension, if any.
+ * len: the length of the session ID.
+ * limit: a pointer to the first byte after the ClientHello.
+ * ret: (output) on return, if a ticket was decrypted, then this is set to
+ * point to the resulting session.
+ *
+ * If s->tls_session_secret_cb is set then we are expecting a pre-shared key
+ * ciphersuite, in which case we have no use for session tickets and one will
+ * never be decrypted, nor will s->tlsext_ticket_expected be set to 1.
+ *
+ * Returns:
+ * -1: fatal error, either from parsing or decrypting the ticket.
+ * 0: no ticket was found (or was ignored, based on settings).
+ * 1: a zero length extension was found, indicating that the client supports
+ * session tickets but doesn't currently have one to offer.
+ * 2: either s->tls_session_secret_cb was set, or a ticket was offered but
+ * couldn't be decrypted because of a non-fatal error.
+ * 3: a ticket was successfully decrypted and *ret was set.
+ *
+ * Side effects:
+ * Sets s->tlsext_ticket_expected to 1 if the server will have to issue
+ * a new session ticket to the client because the client indicated support
+ * (and s->tls_session_secret_cb is NULL) but the client either doesn't have
+ * a session ticket or we couldn't use the one it gave us, or if
+ * s->ctx->tlsext_ticket_key_cb asked to renew the client's ticket.
+ * Otherwise, s->tlsext_ticket_expected is set to 0.
*/
-
int tls1_process_ticket(SSL *s, unsigned char *session_id, int len,
const unsigned char *limit, SSL_SESSION **ret)
{
@@ -946,15 +2165,17 @@
const unsigned char *p = session_id + len;
unsigned short i;
+ *ret = NULL;
+ s->tlsext_ticket_expected = 0;
+
/*
* If tickets disabled behave as if no ticket present to permit stateful
* resumption.
*/
if (SSL_get_options(s) & SSL_OP_NO_TICKET)
- return 1;
-
+ return 0;
if ((s->version <= SSL3_VERSION) || !limit)
- return 1;
+ return 0;
if (p >= limit)
return -1;
/* Skip past DTLS cookie */
@@ -976,7 +2197,7 @@
return -1;
/* Now at start of extensions */
if ((p + 2) >= limit)
- return 1;
+ return 0;
n2s(p, i);
while ((p + 4) <= limit) {
unsigned short type, size;
@@ -983,23 +2204,61 @@
n2s(p, type);
n2s(p, size);
if (p + size > limit)
- return 1;
+ return 0;
if (type == TLSEXT_TYPE_session_ticket) {
- /*
- * If zero length note client will accept a ticket and indicate
- * cache miss to trigger full handshake
- */
+ int r;
if (size == 0) {
+ /*
+ * The client will accept a ticket but doesn't currently have
+ * one.
+ */
s->tlsext_ticket_expected = 1;
- return 0; /* Cache miss */
+ return 1;
}
- return tls_decrypt_ticket(s, p, size, session_id, len, ret);
+ if (s->tls_session_secret_cb) {
+ /*
+ * Indicate that the ticket couldn't be decrypted rather than
+ * generating the session from ticket now, trigger
+ * abbreviated handshake based on external mechanism to
+ * calculate the master secret later.
+ */
+ return 2;
+ }
+ r = tls_decrypt_ticket(s, p, size, session_id, len, ret);
+ switch (r) {
+ case 2: /* ticket couldn't be decrypted */
+ s->tlsext_ticket_expected = 1;
+ return 2;
+ case 3: /* ticket was decrypted */
+ return r;
+ case 4: /* ticket decrypted but need to renew */
+ s->tlsext_ticket_expected = 1;
+ return 3;
+ default: /* fatal error */
+ return -1;
+ }
}
p += size;
}
- return 1;
+ return 0;
}
+/*-
+ * tls_decrypt_ticket attempts to decrypt a session ticket.
+ *
+ * etick: points to the body of the session ticket extension.
+ * eticklen: the length of the session tickets extenion.
+ * sess_id: points at the session ID.
+ * sesslen: the length of the session ID.
+ * psess: (output) on return, if a ticket was decrypted, then this is set to
+ * point to the resulting session.
+ *
+ * Returns:
+ * -1: fatal error, either from parsing or decrypting the ticket.
+ * 2: the ticket couldn't be decrypted.
+ * 3: a ticket was successfully decrypted and *psess was set.
+ * 4: same as 3, but the ticket needs to be renewed.
+ */
static int tls_decrypt_ticket(SSL *s, const unsigned char *etick,
int eticklen, const unsigned char *sess_id,
int sesslen, SSL_SESSION **psess)
@@ -1014,7 +2273,7 @@
SSL_CTX *tctx = s->initial_ctx;
/* Need at least keyname + iv + some encrypted data */
if (eticklen < 48)
- goto tickerr;
+ return 2;
/* Initialize session ticket encryption and HMAC contexts */
HMAC_CTX_init(&hctx);
EVP_CIPHER_CTX_init(&ctx);
@@ -1025,13 +2284,13 @@
if (rv < 0)
return -1;
if (rv == 0)
- goto tickerr;
+ return 2;
if (rv == 2)
renew_ticket = 1;
} else {
/* Check key name matches */
if (memcmp(etick, tctx->tlsext_tick_key_name, 16))
- goto tickerr;
+ return 2;
HMAC_Init_ex(&hctx, tctx->tlsext_tick_hmac_key, 16,
tlsext_tick_md(), NULL);
EVP_DecryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL,
@@ -1042,6 +2301,10 @@
* checks on ticket.
*/
mlen = HMAC_size(&hctx);
+ if (mlen < 0) {
+ EVP_CIPHER_CTX_cleanup(&ctx);
+ return -1;
+ }
eticklen -= mlen;
/* Check HMAC of encrypted ticket */
HMAC_Update(&hctx, etick, eticklen);
@@ -1049,7 +2312,7 @@
HMAC_CTX_cleanup(&hctx);
if (CRYPTO_memcmp(tick_hmac, etick + eticklen, mlen)) {
EVP_CIPHER_CTX_cleanup(&ctx);
- goto tickerr;
+ return 2;
}
/* Attempt to decrypt session data */
/* Move p after IV to start of encrypted ticket, update length */
@@ -1064,7 +2327,7 @@
if (EVP_DecryptFinal(&ctx, sdec + slen, &mlen) <= 0) {
EVP_CIPHER_CTX_cleanup(&ctx);
OPENSSL_free(sdec);
- goto tickerr;
+ return 2;
}
slen += mlen;
EVP_CIPHER_CTX_cleanup(&ctx);
@@ -1074,8 +2337,8 @@
OPENSSL_free(sdec);
if (sess) {
/*
- * The session ID if non-empty is used by some clients to detect that
- * the ticket has been accepted. So we copy it to the session
+ * The session ID, if non-empty, is used by some clients to detect
+ * that the ticket has been accepted. So we copy it to the session
* structure. If it is empty set length to zero as required by
* standard.
*/
@@ -1083,16 +2346,352 @@
memcpy(sess->session_id, sess_id, sesslen);
sess->session_id_length = sesslen;
*psess = sess;
- s->tlsext_ticket_expected = renew_ticket;
+ if (renew_ticket)
+ return 4;
+ else
+ return 3;
+ }
+ ERR_clear_error();
+ /*
+ * For session parse failure, indicate that we need to send a new ticket.
+ */
+ return 2;
+}
+
+/* Tables to translate from NIDs to TLS v1.2 ids */
+
+typedef struct {
+ int nid;
+ int id;
+} tls12_lookup;
+
+static tls12_lookup tls12_md[] = {
+# ifndef OPENSSL_NO_MD5
+ {NID_md5, TLSEXT_hash_md5},
+# endif
+# ifndef OPENSSL_NO_SHA
+ {NID_sha1, TLSEXT_hash_sha1},
+# endif
+# ifndef OPENSSL_NO_SHA256
+ {NID_sha224, TLSEXT_hash_sha224},
+ {NID_sha256, TLSEXT_hash_sha256},
+# endif
+# ifndef OPENSSL_NO_SHA512
+ {NID_sha384, TLSEXT_hash_sha384},
+ {NID_sha512, TLSEXT_hash_sha512}
+# endif
+};
+
+static tls12_lookup tls12_sig[] = {
+# ifndef OPENSSL_NO_RSA
+ {EVP_PKEY_RSA, TLSEXT_signature_rsa},
+# endif
+# ifndef OPENSSL_NO_DSA
+ {EVP_PKEY_DSA, TLSEXT_signature_dsa},
+# endif
+# ifndef OPENSSL_NO_ECDSA
+ {EVP_PKEY_EC, TLSEXT_signature_ecdsa}
+# endif
+};
+
+static int tls12_find_id(int nid, tls12_lookup *table, size_t tlen)
+{
+ size_t i;
+ for (i = 0; i < tlen; i++) {
+ if (table[i].nid == nid)
+ return table[i].id;
+ }
+ return -1;
+}
+
+# if 0
+static int tls12_find_nid(int id, tls12_lookup *table, size_t tlen)
+{
+ size_t i;
+ for (i = 0; i < tlen; i++) {
+ if (table[i].id == id)
+ return table[i].nid;
+ }
+ return -1;
+}
+# endif
+
+int tls12_get_sigandhash(unsigned char *p, const EVP_PKEY *pk,
+ const EVP_MD *md)
+{
+ int sig_id, md_id;
+ if (!md)
+ return 0;
+ md_id = tls12_find_id(EVP_MD_type(md), tls12_md,
+ sizeof(tls12_md) / sizeof(tls12_lookup));
+ if (md_id == -1)
+ return 0;
+ sig_id = tls12_get_sigid(pk);
+ if (sig_id == -1)
+ return 0;
+ p[0] = (unsigned char)md_id;
+ p[1] = (unsigned char)sig_id;
+ return 1;
+}
+
+int tls12_get_sigid(const EVP_PKEY *pk)
+{
+ return tls12_find_id(pk->type, tls12_sig,
+ sizeof(tls12_sig) / sizeof(tls12_lookup));
+}
+
+const EVP_MD *tls12_get_hash(unsigned char hash_alg)
+{
+ switch (hash_alg) {
+# ifndef OPENSSL_NO_SHA
+ case TLSEXT_hash_sha1:
+ return EVP_sha1();
+# endif
+# ifndef OPENSSL_NO_SHA256
+ case TLSEXT_hash_sha224:
+ return EVP_sha224();
+
+ case TLSEXT_hash_sha256:
+ return EVP_sha256();
+# endif
+# ifndef OPENSSL_NO_SHA512
+ case TLSEXT_hash_sha384:
+ return EVP_sha384();
+
+ case TLSEXT_hash_sha512:
+ return EVP_sha512();
+# endif
+ default:
+ return NULL;
+
+ }
+}
+
+/* Set preferred digest for each key type */
+
+int tls1_process_sigalgs(SSL *s, const unsigned char *data, int dsize)
+{
+ int i, idx;
+ const EVP_MD *md;
+ CERT *c = s->cert;
+ /* Extension ignored for TLS versions below 1.2 */
+ if (TLS1_get_version(s) < TLS1_2_VERSION)
return 1;
+ /* Should never happen */
+ if (!c)
+ return 0;
+
+ c->pkeys[SSL_PKEY_DSA_SIGN].digest = NULL;
+ c->pkeys[SSL_PKEY_RSA_SIGN].digest = NULL;
+ c->pkeys[SSL_PKEY_RSA_ENC].digest = NULL;
+ c->pkeys[SSL_PKEY_ECC].digest = NULL;
+
+ for (i = 0; i < dsize; i += 2) {
+ unsigned char hash_alg = data[i], sig_alg = data[i + 1];
+
+ switch (sig_alg) {
+# ifndef OPENSSL_NO_RSA
+ case TLSEXT_signature_rsa:
+ idx = SSL_PKEY_RSA_SIGN;
+ break;
+# endif
+# ifndef OPENSSL_NO_DSA
+ case TLSEXT_signature_dsa:
+ idx = SSL_PKEY_DSA_SIGN;
+ break;
+# endif
+# ifndef OPENSSL_NO_ECDSA
+ case TLSEXT_signature_ecdsa:
+ idx = SSL_PKEY_ECC;
+ break;
+# endif
+ default:
+ continue;
+ }
+
+ if (c->pkeys[idx].digest == NULL) {
+ md = tls12_get_hash(hash_alg);
+ if (md) {
+ c->pkeys[idx].digest = md;
+ if (idx == SSL_PKEY_RSA_SIGN)
+ c->pkeys[SSL_PKEY_RSA_ENC].digest = md;
+ }
+ }
+
}
+
/*
- * If session decrypt failure indicate a cache miss and set state to send
- * a new ticket
+ * Set any remaining keys to default values. NOTE: if alg is not
+ * supported it stays as NULL.
*/
- tickerr:
- s->tlsext_ticket_expected = 1;
+# ifndef OPENSSL_NO_DSA
+ if (!c->pkeys[SSL_PKEY_DSA_SIGN].digest)
+ c->pkeys[SSL_PKEY_DSA_SIGN].digest = EVP_sha1();
+# endif
+# ifndef OPENSSL_NO_RSA
+ if (!c->pkeys[SSL_PKEY_RSA_SIGN].digest) {
+ c->pkeys[SSL_PKEY_RSA_SIGN].digest = EVP_sha1();
+ c->pkeys[SSL_PKEY_RSA_ENC].digest = EVP_sha1();
+ }
+# endif
+# ifndef OPENSSL_NO_ECDSA
+ if (!c->pkeys[SSL_PKEY_ECC].digest)
+ c->pkeys[SSL_PKEY_ECC].digest = EVP_sha1();
+# endif
+ return 1;
+}
+
+#endif
+
+#ifndef OPENSSL_NO_HEARTBEATS
+int tls1_process_heartbeat(SSL *s)
+{
+ unsigned char *p = &s->s3->rrec.data[0], *pl;
+ unsigned short hbtype;
+ unsigned int payload;
+ unsigned int padding = 16; /* Use minimum padding */
+
+ if (s->msg_callback)
+ s->msg_callback(0, s->version, TLS1_RT_HEARTBEAT,
+ &s->s3->rrec.data[0], s->s3->rrec.length,
+ s, s->msg_callback_arg);
+
+ /* Read type and payload length first */
+ if (1 + 2 + 16 > s->s3->rrec.length)
+ return 0; /* silently discard */
+ hbtype = *p++;
+ n2s(p, payload);
+ if (1 + 2 + payload + 16 > s->s3->rrec.length)
+ return 0; /* silently discard per RFC 6520 sec. 4 */
+ pl = p;
+
+ if (hbtype == TLS1_HB_REQUEST) {
+ unsigned char *buffer, *bp;
+ int r;
+
+ /*
+ * Allocate memory for the response, size is 1 bytes message type,
+ * plus 2 bytes payload length, plus payload, plus padding
+ */
+ buffer = OPENSSL_malloc(1 + 2 + payload + padding);
+ bp = buffer;
+
+ /* Enter response type, length and copy payload */
+ *bp++ = TLS1_HB_RESPONSE;
+ s2n(payload, bp);
+ memcpy(bp, pl, payload);
+ bp += payload;
+ /* Random padding */
+ if (RAND_pseudo_bytes(bp, padding) < 0) {
+ OPENSSL_free(buffer);
+ return -1;
+ }
+
+ r = ssl3_write_bytes(s, TLS1_RT_HEARTBEAT, buffer,
+ 3 + payload + padding);
+
+ if (r >= 0 && s->msg_callback)
+ s->msg_callback(1, s->version, TLS1_RT_HEARTBEAT,
+ buffer, 3 + payload + padding,
+ s, s->msg_callback_arg);
+
+ OPENSSL_free(buffer);
+
+ if (r < 0)
+ return r;
+ } else if (hbtype == TLS1_HB_RESPONSE) {
+ unsigned int seq;
+
+ /*
+ * We only send sequence numbers (2 bytes unsigned int), and 16
+ * random bytes, so we just try to read the sequence number
+ */
+ n2s(pl, seq);
+
+ if (payload == 18 && seq == s->tlsext_hb_seq) {
+ s->tlsext_hb_seq++;
+ s->tlsext_hb_pending = 0;
+ }
+ }
+
return 0;
}
+int tls1_heartbeat(SSL *s)
+{
+ unsigned char *buf, *p;
+ int ret = -1;
+ unsigned int payload = 18; /* Sequence number + random bytes */
+ unsigned int padding = 16; /* Use minimum padding */
+
+ /* Only send if peer supports and accepts HB requests... */
+ if (!(s->tlsext_heartbeat & SSL_TLSEXT_HB_ENABLED) ||
+ s->tlsext_heartbeat & SSL_TLSEXT_HB_DONT_SEND_REQUESTS) {
+ SSLerr(SSL_F_TLS1_HEARTBEAT, SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT);
+ return -1;
+ }
+
+ /* ...and there is none in flight yet... */
+ if (s->tlsext_hb_pending) {
+ SSLerr(SSL_F_TLS1_HEARTBEAT, SSL_R_TLS_HEARTBEAT_PENDING);
+ return -1;
+ }
+
+ /* ...and no handshake in progress. */
+ if (SSL_in_init(s) || s->in_handshake) {
+ SSLerr(SSL_F_TLS1_HEARTBEAT, SSL_R_UNEXPECTED_MESSAGE);
+ return -1;
+ }
+
+ /*
+ * Check if padding is too long, payload and padding must not exceed 2^14
+ * - 3 = 16381 bytes in total.
+ */
+ OPENSSL_assert(payload + padding <= 16381);
+
+ /*-
+ * Create HeartBeat message, we just use a sequence number
+ * as payload to distuingish different messages and add
+ * some random stuff.
+ * - Message Type, 1 byte
+ * - Payload Length, 2 bytes (unsigned int)
+ * - Payload, the sequence number (2 bytes uint)
+ * - Payload, random bytes (16 bytes uint)
+ * - Padding
+ */
+ buf = OPENSSL_malloc(1 + 2 + payload + padding);
+ p = buf;
+ /* Message Type */
+ *p++ = TLS1_HB_REQUEST;
+ /* Payload length (18 bytes here) */
+ s2n(payload, p);
+ /* Sequence number */
+ s2n(s->tlsext_hb_seq, p);
+ /* 16 random bytes */
+ if (RAND_pseudo_bytes(p, 16) < 0) {
+ SSLerr(SSL_F_TLS1_HEARTBEAT, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+ p += 16;
+ /* Random padding */
+ if (RAND_pseudo_bytes(p, padding) < 0) {
+ SSLerr(SSL_F_TLS1_HEARTBEAT, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+
+ ret = ssl3_write_bytes(s, TLS1_RT_HEARTBEAT, buf, 3 + payload + padding);
+ if (ret >= 0) {
+ if (s->msg_callback)
+ s->msg_callback(1, s->version, TLS1_RT_HEARTBEAT,
+ buf, 3 + payload + padding,
+ s, s->msg_callback_arg);
+
+ s->tlsext_hb_pending = 1;
+ }
+
+err:
+ OPENSSL_free(buf);
+
+ return ret;
+}
#endif
Modified: trunk/crypto/openssl/ssl/t1_meth.c
===================================================================
--- trunk/crypto/openssl/ssl/t1_meth.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/ssl/t1_meth.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -60,14 +60,22 @@
#include <openssl/objects.h>
#include "ssl_locl.h"
-static SSL_METHOD *tls1_get_method(int ver);
-static SSL_METHOD *tls1_get_method(int ver)
+static const SSL_METHOD *tls1_get_method(int ver)
{
+ if (ver == TLS1_2_VERSION)
+ return TLSv1_2_method();
+ if (ver == TLS1_1_VERSION)
+ return TLSv1_1_method();
if (ver == TLS1_VERSION)
- return (TLSv1_method());
- else
- return (NULL);
+ return TLSv1_method();
+ return NULL;
}
-IMPLEMENT_tls1_meth_func(TLSv1_method,
- ssl3_accept, ssl3_connect, tls1_get_method)
+IMPLEMENT_tls_meth_func(TLS1_2_VERSION, TLSv1_2_method,
+ ssl3_accept, ssl3_connect, tls1_get_method)
+
+ IMPLEMENT_tls_meth_func(TLS1_1_VERSION, TLSv1_1_method,
+ ssl3_accept, ssl3_connect, tls1_get_method)
+
+ IMPLEMENT_tls_meth_func(TLS1_VERSION, TLSv1_method,
+ ssl3_accept, ssl3_connect, tls1_get_method)
Modified: trunk/crypto/openssl/ssl/t1_srvr.c
===================================================================
--- trunk/crypto/openssl/ssl/t1_srvr.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/ssl/t1_srvr.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -64,15 +64,26 @@
#include <openssl/evp.h>
#include <openssl/x509.h>
-static SSL_METHOD *tls1_get_server_method(int ver);
-static SSL_METHOD *tls1_get_server_method(int ver)
+static const SSL_METHOD *tls1_get_server_method(int ver);
+static const SSL_METHOD *tls1_get_server_method(int ver)
{
+ if (ver == TLS1_2_VERSION)
+ return TLSv1_2_server_method();
+ if (ver == TLS1_1_VERSION)
+ return TLSv1_1_server_method();
if (ver == TLS1_VERSION)
- return (TLSv1_server_method());
- else
- return (NULL);
+ return TLSv1_server_method();
+ return NULL;
}
-IMPLEMENT_tls1_meth_func(TLSv1_server_method,
- ssl3_accept,
- ssl_undefined_function, tls1_get_server_method)
+IMPLEMENT_tls_meth_func(TLS1_2_VERSION, TLSv1_2_server_method,
+ ssl3_accept,
+ ssl_undefined_function, tls1_get_server_method)
+
+ IMPLEMENT_tls_meth_func(TLS1_1_VERSION, TLSv1_1_server_method,
+ ssl3_accept,
+ ssl_undefined_function, tls1_get_server_method)
+
+ IMPLEMENT_tls_meth_func(TLS1_VERSION, TLSv1_server_method,
+ ssl3_accept,
+ ssl_undefined_function, tls1_get_server_method)
Modified: trunk/crypto/openssl/ssl/tls1.h
===================================================================
--- trunk/crypto/openssl/ssl/tls1.h 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/ssl/tls1.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -56,6 +56,59 @@
* [including the GNU Public Licence.]
*/
/* ====================================================================
+ * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+/* ====================================================================
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
*
* Portions of the attached software ("Contribution") are developed by
@@ -68,6 +121,32 @@
* Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories.
*
*/
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
#ifndef HEADER_TLS1_H
# define HEADER_TLS1_H
@@ -83,13 +162,7 @@
# define TLS1_VERSION 0x0301
# define TLS1_1_VERSION 0x0302
# define TLS1_2_VERSION 0x0303
-/*
- * TLS 1.1 and 1.2 are not supported by this version of OpenSSL, so
- * TLS_MAX_VERSION indicates TLS 1.0 regardless of the above definitions.
- * (s23_clnt.c and s23_srvr.c have an OPENSSL_assert() check that would catch
- * the error if TLS_MAX_VERSION was too low.)
- */
-# define TLS_MAX_VERSION TLS1_VERSION
+# define TLS_MAX_VERSION TLS1_2_VERSION
# define TLS1_VERSION_MAJOR 0x03
# define TLS1_VERSION_MINOR 0x01
@@ -127,7 +200,7 @@
# define TLS1_AD_BAD_CERTIFICATE_HASH_VALUE 114
# define TLS1_AD_UNKNOWN_PSK_IDENTITY 115/* fatal */
-/* ExtensionType values from RFC 3546 */
+/* ExtensionType values from RFC3546 / RFC4366 / RFC6066 */
# define TLSEXT_TYPE_server_name 0
# define TLSEXT_TYPE_max_fragment_length 1
# define TLSEXT_TYPE_client_certificate_url 2
@@ -134,18 +207,87 @@
# define TLSEXT_TYPE_trusted_ca_keys 3
# define TLSEXT_TYPE_truncated_hmac 4
# define TLSEXT_TYPE_status_request 5
+/* ExtensionType values from RFC4681 */
+# define TLSEXT_TYPE_user_mapping 6
+
+/* ExtensionType values from RFC5878 */
+# define TLSEXT_TYPE_client_authz 7
+# define TLSEXT_TYPE_server_authz 8
+
+/* ExtensionType values from RFC6091 */
+# define TLSEXT_TYPE_cert_type 9
+
+/* ExtensionType values from RFC4492 */
# define TLSEXT_TYPE_elliptic_curves 10
# define TLSEXT_TYPE_ec_point_formats 11
+
+/* ExtensionType value from RFC5054 */
+# define TLSEXT_TYPE_srp 12
+
+/* ExtensionType values from RFC5246 */
+# define TLSEXT_TYPE_signature_algorithms 13
+
+/* ExtensionType value from RFC5764 */
+# define TLSEXT_TYPE_use_srtp 14
+
+/* ExtensionType value from RFC5620 */
+# define TLSEXT_TYPE_heartbeat 15
+
+/*
+ * ExtensionType value for TLS padding extension.
+ * http://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml
+ * http://tools.ietf.org/html/draft-agl-tls-padding-03
+ */
+# define TLSEXT_TYPE_padding 21
+
+/* ExtensionType value from RFC4507 */
# define TLSEXT_TYPE_session_ticket 35
+/* ExtensionType value from draft-rescorla-tls-opaque-prf-input-00.txt */
+# if 0
+/*
+ * will have to be provided externally for now ,
+ * i.e. build with -DTLSEXT_TYPE_opaque_prf_input=38183
+ * using whatever extension number you'd like to try
+ */
+# define TLSEXT_TYPE_opaque_prf_input ?? */
+# endif
+
/* Temporary extension type */
# define TLSEXT_TYPE_renegotiate 0xff01
+# ifndef OPENSSL_NO_NEXTPROTONEG
+/* This is not an IANA defined extension number */
+# define TLSEXT_TYPE_next_proto_neg 13172
+# endif
+
/* NameType value from RFC 3546 */
# define TLSEXT_NAMETYPE_host_name 0
/* status request value from RFC 3546 */
# define TLSEXT_STATUSTYPE_ocsp 1
+/* ECPointFormat values from draft-ietf-tls-ecc-12 */
+# define TLSEXT_ECPOINTFORMAT_first 0
+# define TLSEXT_ECPOINTFORMAT_uncompressed 0
+# define TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime 1
+# define TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2 2
+# define TLSEXT_ECPOINTFORMAT_last 2
+
+/* Signature and hash algorithms from RFC 5246 */
+
+# define TLSEXT_signature_anonymous 0
+# define TLSEXT_signature_rsa 1
+# define TLSEXT_signature_dsa 2
+# define TLSEXT_signature_ecdsa 3
+
+# define TLSEXT_hash_none 0
+# define TLSEXT_hash_md5 1
+# define TLSEXT_hash_sha1 2
+# define TLSEXT_hash_sha224 3
+# define TLSEXT_hash_sha256 4
+# define TLSEXT_hash_sha384 5
+# define TLSEXT_hash_sha512 6
+
# ifndef OPENSSL_NO_TLSEXT
# define TLSEXT_MAXLEN_host_name 255
@@ -152,6 +294,17 @@
const char *SSL_get_servername(const SSL *s, const int type);
int SSL_get_servername_type(const SSL *s);
+/*
+ * SSL_export_keying_material exports a value derived from the master secret,
+ * as specified in RFC 5705. It writes |olen| bytes to |out| given a label and
+ * optional context. (Since a zero length context is allowed, the |use_context|
+ * flag controls whether a context is included.) It returns 1 on success and
+ * zero otherwise.
+ */
+int SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
+ const char *label, size_t llen,
+ const unsigned char *p, size_t plen,
+ int use_context);
# define SSL_set_tlsext_host_name(s,name) \
SSL_ctrl(s,SSL_CTRL_SET_TLSEXT_HOSTNAME,TLSEXT_NAMETYPE_host_name,(char *)name)
@@ -205,19 +358,45 @@
# define SSL_CTX_set_tlsext_status_arg(ssl, arg) \
SSL_CTX_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG,0, (void *)arg)
+# define SSL_set_tlsext_opaque_prf_input(s, src, len) \
+SSL_ctrl(s,SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT, len, src)
+# define SSL_CTX_set_tlsext_opaque_prf_input_callback(ctx, cb) \
+SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB, (void (*)(void))cb)
+# define SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(ctx, arg) \
+SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG, 0, arg)
+
# define SSL_CTX_set_tlsext_ticket_key_cb(ssl, cb) \
SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
+# ifndef OPENSSL_NO_HEARTBEATS
+# define SSL_TLSEXT_HB_ENABLED 0x01
+# define SSL_TLSEXT_HB_DONT_SEND_REQUESTS 0x02
+# define SSL_TLSEXT_HB_DONT_RECV_REQUESTS 0x04
+
+# define SSL_get_tlsext_heartbeat_pending(ssl) \
+ SSL_ctrl((ssl),SSL_CTRL_GET_TLS_EXT_HEARTBEAT_PENDING,0,NULL)
+# define SSL_set_tlsext_heartbeat_no_requests(ssl, arg) \
+ SSL_ctrl((ssl),SSL_CTRL_SET_TLS_EXT_HEARTBEAT_NO_REQUESTS,arg,NULL)
+# endif
# endif
+/* PSK ciphersuites from 4279 */
+# define TLS1_CK_PSK_WITH_RC4_128_SHA 0x0300008A
+# define TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA 0x0300008B
+# define TLS1_CK_PSK_WITH_AES_128_CBC_SHA 0x0300008C
+# define TLS1_CK_PSK_WITH_AES_256_CBC_SHA 0x0300008D
+
/*
- * Additional TLS ciphersuites from draft-ietf-tls-56-bit-ciphersuites-00.txt
- * (available if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES is defined, see
- * s3_lib.c). We actually treat them like SSL 3.0 ciphers, which we probably
- * shouldn't.
+ * Additional TLS ciphersuites from expired Internet Draft
+ * draft-ietf-tls-56-bit-ciphersuites-01.txt (available if
+ * TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES is defined, see s3_lib.c). We
+ * actually treat them like SSL 3.0 ciphers, which we probably shouldn't.
+ * Note that the first two are actually not in the IDs.
*/
-# define TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5 0x03000060
-# define TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 0x03000061
+# define TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5 0x03000060/* not in
+ * ID */
+# define TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 0x03000061/* not in
+ * ID */
# define TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA 0x03000062
# define TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA 0x03000063
# define TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA 0x03000064
@@ -240,6 +419,14 @@
# define TLS1_CK_DHE_RSA_WITH_AES_256_SHA 0x03000039
# define TLS1_CK_ADH_WITH_AES_256_SHA 0x0300003A
+/* TLS v1.2 ciphersuites */
+# define TLS1_CK_RSA_WITH_NULL_SHA256 0x0300003B
+# define TLS1_CK_RSA_WITH_AES_128_SHA256 0x0300003C
+# define TLS1_CK_RSA_WITH_AES_256_SHA256 0x0300003D
+# define TLS1_CK_DH_DSS_WITH_AES_128_SHA256 0x0300003E
+# define TLS1_CK_DH_RSA_WITH_AES_128_SHA256 0x0300003F
+# define TLS1_CK_DHE_DSS_WITH_AES_128_SHA256 0x03000040
+
/* Camellia ciphersuites from RFC4132 */
# define TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA 0x03000041
# define TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA 0x03000042
@@ -248,6 +435,16 @@
# define TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 0x03000045
# define TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA 0x03000046
+/* TLS v1.2 ciphersuites */
+# define TLS1_CK_DHE_RSA_WITH_AES_128_SHA256 0x03000067
+# define TLS1_CK_DH_DSS_WITH_AES_256_SHA256 0x03000068
+# define TLS1_CK_DH_RSA_WITH_AES_256_SHA256 0x03000069
+# define TLS1_CK_DHE_DSS_WITH_AES_256_SHA256 0x0300006A
+# define TLS1_CK_DHE_RSA_WITH_AES_256_SHA256 0x0300006B
+# define TLS1_CK_ADH_WITH_AES_128_SHA256 0x0300006C
+# define TLS1_CK_ADH_WITH_AES_256_SHA256 0x0300006D
+
+/* Camellia ciphersuites from RFC4132 */
# define TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA 0x03000084
# define TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA 0x03000085
# define TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA 0x03000086
@@ -263,6 +460,20 @@
# define TLS1_CK_DHE_RSA_WITH_SEED_SHA 0x0300009A
# define TLS1_CK_ADH_WITH_SEED_SHA 0x0300009B
+/* TLS v1.2 GCM ciphersuites from RFC5288 */
+# define TLS1_CK_RSA_WITH_AES_128_GCM_SHA256 0x0300009C
+# define TLS1_CK_RSA_WITH_AES_256_GCM_SHA384 0x0300009D
+# define TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256 0x0300009E
+# define TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384 0x0300009F
+# define TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256 0x030000A0
+# define TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384 0x030000A1
+# define TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256 0x030000A2
+# define TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384 0x030000A3
+# define TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256 0x030000A4
+# define TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384 0x030000A5
+# define TLS1_CK_ADH_WITH_AES_128_GCM_SHA256 0x030000A6
+# define TLS1_CK_ADH_WITH_AES_256_GCM_SHA384 0x030000A7
+
/*
* ECC ciphersuites from draft-ietf-tls-ecc-12.txt with changes soon to be in
* draft 13
@@ -297,6 +508,38 @@
# define TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA 0x0300C018
# define TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA 0x0300C019
+/* SRP ciphersuites from RFC 5054 */
+# define TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA 0x0300C01A
+# define TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA 0x0300C01B
+# define TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA 0x0300C01C
+# define TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA 0x0300C01D
+# define TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA 0x0300C01E
+# define TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA 0x0300C01F
+# define TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA 0x0300C020
+# define TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA 0x0300C021
+# define TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA 0x0300C022
+
+/* ECDH HMAC based ciphersuites from RFC5289 */
+
+# define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256 0x0300C023
+# define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384 0x0300C024
+# define TLS1_CK_ECDH_ECDSA_WITH_AES_128_SHA256 0x0300C025
+# define TLS1_CK_ECDH_ECDSA_WITH_AES_256_SHA384 0x0300C026
+# define TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256 0x0300C027
+# define TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384 0x0300C028
+# define TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256 0x0300C029
+# define TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384 0x0300C02A
+
+/* ECDH GCM based ciphersuites from RFC5289 */
+# define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 0x0300C02B
+# define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 0x0300C02C
+# define TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 0x0300C02D
+# define TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 0x0300C02E
+# define TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256 0x0300C02F
+# define TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384 0x0300C030
+# define TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256 0x0300C031
+# define TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384 0x0300C032
+
/*
* XXX Inconsistency alert: The OpenSSL names of ciphers with ephemeral DH
* here include the string "DHE", while elsewhere it has always been "EDH".
@@ -358,6 +601,23 @@
# define TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA "AECDH-AES128-SHA"
# define TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA "AECDH-AES256-SHA"
+/* PSK ciphersuites from RFC 4279 */
+# define TLS1_TXT_PSK_WITH_RC4_128_SHA "PSK-RC4-SHA"
+# define TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA "PSK-3DES-EDE-CBC-SHA"
+# define TLS1_TXT_PSK_WITH_AES_128_CBC_SHA "PSK-AES128-CBC-SHA"
+# define TLS1_TXT_PSK_WITH_AES_256_CBC_SHA "PSK-AES256-CBC-SHA"
+
+/* SRP ciphersuite from RFC 5054 */
+# define TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA "SRP-3DES-EDE-CBC-SHA"
+# define TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA "SRP-RSA-3DES-EDE-CBC-SHA"
+# define TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA "SRP-DSS-3DES-EDE-CBC-SHA"
+# define TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA "SRP-AES-128-CBC-SHA"
+# define TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA "SRP-RSA-AES-128-CBC-SHA"
+# define TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA "SRP-DSS-AES-128-CBC-SHA"
+# define TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA "SRP-AES-256-CBC-SHA"
+# define TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA "SRP-RSA-AES-256-CBC-SHA"
+# define TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA "SRP-DSS-AES-256-CBC-SHA"
+
/* Camellia ciphersuites from RFC4132 */
# define TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA "CAMELLIA128-SHA"
# define TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA "DH-DSS-CAMELLIA128-SHA"
@@ -381,6 +641,56 @@
# define TLS1_TXT_DHE_RSA_WITH_SEED_SHA "DHE-RSA-SEED-SHA"
# define TLS1_TXT_ADH_WITH_SEED_SHA "ADH-SEED-SHA"
+/* TLS v1.2 ciphersuites */
+# define TLS1_TXT_RSA_WITH_NULL_SHA256 "NULL-SHA256"
+# define TLS1_TXT_RSA_WITH_AES_128_SHA256 "AES128-SHA256"
+# define TLS1_TXT_RSA_WITH_AES_256_SHA256 "AES256-SHA256"
+# define TLS1_TXT_DH_DSS_WITH_AES_128_SHA256 "DH-DSS-AES128-SHA256"
+# define TLS1_TXT_DH_RSA_WITH_AES_128_SHA256 "DH-RSA-AES128-SHA256"
+# define TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256 "DHE-DSS-AES128-SHA256"
+# define TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256 "DHE-RSA-AES128-SHA256"
+# define TLS1_TXT_DH_DSS_WITH_AES_256_SHA256 "DH-DSS-AES256-SHA256"
+# define TLS1_TXT_DH_RSA_WITH_AES_256_SHA256 "DH-RSA-AES256-SHA256"
+# define TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256 "DHE-DSS-AES256-SHA256"
+# define TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256 "DHE-RSA-AES256-SHA256"
+# define TLS1_TXT_ADH_WITH_AES_128_SHA256 "ADH-AES128-SHA256"
+# define TLS1_TXT_ADH_WITH_AES_256_SHA256 "ADH-AES256-SHA256"
+
+/* TLS v1.2 GCM ciphersuites from RFC5288 */
+# define TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256 "AES128-GCM-SHA256"
+# define TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384 "AES256-GCM-SHA384"
+# define TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256 "DHE-RSA-AES128-GCM-SHA256"
+# define TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384 "DHE-RSA-AES256-GCM-SHA384"
+# define TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256 "DH-RSA-AES128-GCM-SHA256"
+# define TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384 "DH-RSA-AES256-GCM-SHA384"
+# define TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256 "DHE-DSS-AES128-GCM-SHA256"
+# define TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384 "DHE-DSS-AES256-GCM-SHA384"
+# define TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256 "DH-DSS-AES128-GCM-SHA256"
+# define TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384 "DH-DSS-AES256-GCM-SHA384"
+# define TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256 "ADH-AES128-GCM-SHA256"
+# define TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384 "ADH-AES256-GCM-SHA384"
+
+/* ECDH HMAC based ciphersuites from RFC5289 */
+
+# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256 "ECDHE-ECDSA-AES128-SHA256"
+# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384 "ECDHE-ECDSA-AES256-SHA384"
+# define TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256 "ECDH-ECDSA-AES128-SHA256"
+# define TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384 "ECDH-ECDSA-AES256-SHA384"
+# define TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256 "ECDHE-RSA-AES128-SHA256"
+# define TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384 "ECDHE-RSA-AES256-SHA384"
+# define TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256 "ECDH-RSA-AES128-SHA256"
+# define TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384 "ECDH-RSA-AES256-SHA384"
+
+/* ECDH GCM based ciphersuites from RFC5289 */
+# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 "ECDHE-ECDSA-AES128-GCM-SHA256"
+# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 "ECDHE-ECDSA-AES256-GCM-SHA384"
+# define TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 "ECDH-ECDSA-AES128-GCM-SHA256"
+# define TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 "ECDH-ECDSA-AES256-GCM-SHA384"
+# define TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256 "ECDHE-RSA-AES128-GCM-SHA256"
+# define TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384 "ECDHE-RSA-AES256-GCM-SHA384"
+# define TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256 "ECDH-RSA-AES128-GCM-SHA256"
+# define TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384 "ECDH-RSA-AES256-GCM-SHA384"
+
# define TLS_CT_RSA_SIGN 1
# define TLS_CT_DSS_SIGN 2
# define TLS_CT_RSA_FIXED_DH 3
@@ -388,7 +698,13 @@
# define TLS_CT_ECDSA_SIGN 64
# define TLS_CT_RSA_FIXED_ECDH 65
# define TLS_CT_ECDSA_FIXED_ECDH 66
-# define TLS_CT_NUMBER 7
+# define TLS_CT_GOST94_SIGN 21
+# define TLS_CT_GOST01_SIGN 22
+/*
+ * when correcting this number, correct also SSL3_CT_NUMBER in ssl3.h (see
+ * comment there)
+ */
+# define TLS_CT_NUMBER 9
# define TLS1_FINISH_MAC_LENGTH 12
@@ -460,6 +776,12 @@
# define TLS_MD_MASTER_SECRET_CONST "\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74"
# endif
+/* TLS Session Ticket extension struct */
+struct tls_session_ticket_ext_st {
+ unsigned short length;
+ void *data;
+};
+
#ifdef __cplusplus
}
#endif
Copied: trunk/crypto/openssl/ssl/tls_srp.c (from rev 7117, vendor-crypto/openssl/dist/ssl/tls_srp.c)
===================================================================
--- trunk/crypto/openssl/ssl/tls_srp.c (rev 0)
+++ trunk/crypto/openssl/ssl/tls_srp.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,542 @@
+/* ssl/tls_srp.c */
+/*
+ * Written by Christophe Renou (christophe.renou at edelweb.fr) with the
+ * precious help of Peter Sylvester (peter.sylvester at edelweb.fr) for the
+ * EdelKey project and contributed to the OpenSSL project 2004.
+ */
+/* ====================================================================
+ * Copyright (c) 2004-2011 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+#include "ssl_locl.h"
+#ifndef OPENSSL_NO_SRP
+
+# include <openssl/rand.h>
+# include <openssl/srp.h>
+# include <openssl/err.h>
+
+int SSL_CTX_SRP_CTX_free(struct ssl_ctx_st *ctx)
+{
+ if (ctx == NULL)
+ return 0;
+ OPENSSL_free(ctx->srp_ctx.login);
+ BN_free(ctx->srp_ctx.N);
+ BN_free(ctx->srp_ctx.g);
+ BN_free(ctx->srp_ctx.s);
+ BN_free(ctx->srp_ctx.B);
+ BN_free(ctx->srp_ctx.A);
+ BN_free(ctx->srp_ctx.a);
+ BN_free(ctx->srp_ctx.b);
+ BN_free(ctx->srp_ctx.v);
+ ctx->srp_ctx.TLS_ext_srp_username_callback = NULL;
+ ctx->srp_ctx.SRP_cb_arg = NULL;
+ ctx->srp_ctx.SRP_verify_param_callback = NULL;
+ ctx->srp_ctx.SRP_give_srp_client_pwd_callback = NULL;
+ ctx->srp_ctx.N = NULL;
+ ctx->srp_ctx.g = NULL;
+ ctx->srp_ctx.s = NULL;
+ ctx->srp_ctx.B = NULL;
+ ctx->srp_ctx.A = NULL;
+ ctx->srp_ctx.a = NULL;
+ ctx->srp_ctx.b = NULL;
+ ctx->srp_ctx.v = NULL;
+ ctx->srp_ctx.login = NULL;
+ ctx->srp_ctx.info = NULL;
+ ctx->srp_ctx.strength = SRP_MINIMAL_N;
+ ctx->srp_ctx.srp_Mask = 0;
+ return (1);
+}
+
+int SSL_SRP_CTX_free(struct ssl_st *s)
+{
+ if (s == NULL)
+ return 0;
+ OPENSSL_free(s->srp_ctx.login);
+ BN_free(s->srp_ctx.N);
+ BN_free(s->srp_ctx.g);
+ BN_free(s->srp_ctx.s);
+ BN_free(s->srp_ctx.B);
+ BN_free(s->srp_ctx.A);
+ BN_free(s->srp_ctx.a);
+ BN_free(s->srp_ctx.b);
+ BN_free(s->srp_ctx.v);
+ s->srp_ctx.TLS_ext_srp_username_callback = NULL;
+ s->srp_ctx.SRP_cb_arg = NULL;
+ s->srp_ctx.SRP_verify_param_callback = NULL;
+ s->srp_ctx.SRP_give_srp_client_pwd_callback = NULL;
+ s->srp_ctx.N = NULL;
+ s->srp_ctx.g = NULL;
+ s->srp_ctx.s = NULL;
+ s->srp_ctx.B = NULL;
+ s->srp_ctx.A = NULL;
+ s->srp_ctx.a = NULL;
+ s->srp_ctx.b = NULL;
+ s->srp_ctx.v = NULL;
+ s->srp_ctx.login = NULL;
+ s->srp_ctx.info = NULL;
+ s->srp_ctx.strength = SRP_MINIMAL_N;
+ s->srp_ctx.srp_Mask = 0;
+ return (1);
+}
+
+int SSL_SRP_CTX_init(struct ssl_st *s)
+{
+ SSL_CTX *ctx;
+
+ if ((s == NULL) || ((ctx = s->ctx) == NULL))
+ return 0;
+ s->srp_ctx.SRP_cb_arg = ctx->srp_ctx.SRP_cb_arg;
+ /* set client Hello login callback */
+ s->srp_ctx.TLS_ext_srp_username_callback =
+ ctx->srp_ctx.TLS_ext_srp_username_callback;
+ /* set SRP N/g param callback for verification */
+ s->srp_ctx.SRP_verify_param_callback =
+ ctx->srp_ctx.SRP_verify_param_callback;
+ /* set SRP client passwd callback */
+ s->srp_ctx.SRP_give_srp_client_pwd_callback =
+ ctx->srp_ctx.SRP_give_srp_client_pwd_callback;
+
+ s->srp_ctx.N = NULL;
+ s->srp_ctx.g = NULL;
+ s->srp_ctx.s = NULL;
+ s->srp_ctx.B = NULL;
+ s->srp_ctx.A = NULL;
+ s->srp_ctx.a = NULL;
+ s->srp_ctx.b = NULL;
+ s->srp_ctx.v = NULL;
+ s->srp_ctx.login = NULL;
+ s->srp_ctx.info = ctx->srp_ctx.info;
+ s->srp_ctx.strength = ctx->srp_ctx.strength;
+
+ if (((ctx->srp_ctx.N != NULL) &&
+ ((s->srp_ctx.N = BN_dup(ctx->srp_ctx.N)) == NULL)) ||
+ ((ctx->srp_ctx.g != NULL) &&
+ ((s->srp_ctx.g = BN_dup(ctx->srp_ctx.g)) == NULL)) ||
+ ((ctx->srp_ctx.s != NULL) &&
+ ((s->srp_ctx.s = BN_dup(ctx->srp_ctx.s)) == NULL)) ||
+ ((ctx->srp_ctx.B != NULL) &&
+ ((s->srp_ctx.B = BN_dup(ctx->srp_ctx.B)) == NULL)) ||
+ ((ctx->srp_ctx.A != NULL) &&
+ ((s->srp_ctx.A = BN_dup(ctx->srp_ctx.A)) == NULL)) ||
+ ((ctx->srp_ctx.a != NULL) &&
+ ((s->srp_ctx.a = BN_dup(ctx->srp_ctx.a)) == NULL)) ||
+ ((ctx->srp_ctx.v != NULL) &&
+ ((s->srp_ctx.v = BN_dup(ctx->srp_ctx.v)) == NULL)) ||
+ ((ctx->srp_ctx.b != NULL) &&
+ ((s->srp_ctx.b = BN_dup(ctx->srp_ctx.b)) == NULL))) {
+ SSLerr(SSL_F_SSL_SRP_CTX_INIT, ERR_R_BN_LIB);
+ goto err;
+ }
+ if ((ctx->srp_ctx.login != NULL) &&
+ ((s->srp_ctx.login = BUF_strdup(ctx->srp_ctx.login)) == NULL)) {
+ SSLerr(SSL_F_SSL_SRP_CTX_INIT, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+ s->srp_ctx.srp_Mask = ctx->srp_ctx.srp_Mask;
+
+ return (1);
+ err:
+ OPENSSL_free(s->srp_ctx.login);
+ BN_free(s->srp_ctx.N);
+ BN_free(s->srp_ctx.g);
+ BN_free(s->srp_ctx.s);
+ BN_free(s->srp_ctx.B);
+ BN_free(s->srp_ctx.A);
+ BN_free(s->srp_ctx.a);
+ BN_free(s->srp_ctx.b);
+ BN_free(s->srp_ctx.v);
+ return (0);
+}
+
+int SSL_CTX_SRP_CTX_init(struct ssl_ctx_st *ctx)
+{
+ if (ctx == NULL)
+ return 0;
+
+ ctx->srp_ctx.SRP_cb_arg = NULL;
+ /* set client Hello login callback */
+ ctx->srp_ctx.TLS_ext_srp_username_callback = NULL;
+ /* set SRP N/g param callback for verification */
+ ctx->srp_ctx.SRP_verify_param_callback = NULL;
+ /* set SRP client passwd callback */
+ ctx->srp_ctx.SRP_give_srp_client_pwd_callback = NULL;
+
+ ctx->srp_ctx.N = NULL;
+ ctx->srp_ctx.g = NULL;
+ ctx->srp_ctx.s = NULL;
+ ctx->srp_ctx.B = NULL;
+ ctx->srp_ctx.A = NULL;
+ ctx->srp_ctx.a = NULL;
+ ctx->srp_ctx.b = NULL;
+ ctx->srp_ctx.v = NULL;
+ ctx->srp_ctx.login = NULL;
+ ctx->srp_ctx.srp_Mask = 0;
+ ctx->srp_ctx.info = NULL;
+ ctx->srp_ctx.strength = SRP_MINIMAL_N;
+
+ return (1);
+}
+
+/* server side */
+int SSL_srp_server_param_with_username(SSL *s, int *ad)
+{
+ unsigned char b[SSL_MAX_MASTER_KEY_LENGTH];
+ int al;
+
+ *ad = SSL_AD_UNKNOWN_PSK_IDENTITY;
+ if ((s->srp_ctx.TLS_ext_srp_username_callback != NULL) &&
+ ((al =
+ s->srp_ctx.TLS_ext_srp_username_callback(s, ad,
+ s->srp_ctx.SRP_cb_arg)) !=
+ SSL_ERROR_NONE))
+ return al;
+
+ *ad = SSL_AD_INTERNAL_ERROR;
+ if ((s->srp_ctx.N == NULL) ||
+ (s->srp_ctx.g == NULL) ||
+ (s->srp_ctx.s == NULL) || (s->srp_ctx.v == NULL))
+ return SSL3_AL_FATAL;
+
+ if (RAND_bytes(b, sizeof(b)) <= 0)
+ return SSL3_AL_FATAL;
+ s->srp_ctx.b = BN_bin2bn(b, sizeof(b), NULL);
+ OPENSSL_cleanse(b, sizeof(b));
+
+ /* Calculate: B = (kv + g^b) % N */
+
+ return ((s->srp_ctx.B =
+ SRP_Calc_B(s->srp_ctx.b, s->srp_ctx.N, s->srp_ctx.g,
+ s->srp_ctx.v)) !=
+ NULL) ? SSL_ERROR_NONE : SSL3_AL_FATAL;
+}
+
+/*
+ * If the server just has the raw password, make up a verifier entry on the
+ * fly
+ */
+int SSL_set_srp_server_param_pw(SSL *s, const char *user, const char *pass,
+ const char *grp)
+{
+ SRP_gN *GN = SRP_get_default_gN(grp);
+ if (GN == NULL)
+ return -1;
+ s->srp_ctx.N = BN_dup(GN->N);
+ s->srp_ctx.g = BN_dup(GN->g);
+ if (s->srp_ctx.v != NULL) {
+ BN_clear_free(s->srp_ctx.v);
+ s->srp_ctx.v = NULL;
+ }
+ if (s->srp_ctx.s != NULL) {
+ BN_clear_free(s->srp_ctx.s);
+ s->srp_ctx.s = NULL;
+ }
+ if (!SRP_create_verifier_BN
+ (user, pass, &s->srp_ctx.s, &s->srp_ctx.v, GN->N, GN->g))
+ return -1;
+
+ return 1;
+}
+
+int SSL_set_srp_server_param(SSL *s, const BIGNUM *N, const BIGNUM *g,
+ BIGNUM *sa, BIGNUM *v, char *info)
+{
+ if (N != NULL) {
+ if (s->srp_ctx.N != NULL) {
+ if (!BN_copy(s->srp_ctx.N, N)) {
+ BN_free(s->srp_ctx.N);
+ s->srp_ctx.N = NULL;
+ }
+ } else
+ s->srp_ctx.N = BN_dup(N);
+ }
+ if (g != NULL) {
+ if (s->srp_ctx.g != NULL) {
+ if (!BN_copy(s->srp_ctx.g, g)) {
+ BN_free(s->srp_ctx.g);
+ s->srp_ctx.g = NULL;
+ }
+ } else
+ s->srp_ctx.g = BN_dup(g);
+ }
+ if (sa != NULL) {
+ if (s->srp_ctx.s != NULL) {
+ if (!BN_copy(s->srp_ctx.s, sa)) {
+ BN_free(s->srp_ctx.s);
+ s->srp_ctx.s = NULL;
+ }
+ } else
+ s->srp_ctx.s = BN_dup(sa);
+ }
+ if (v != NULL) {
+ if (s->srp_ctx.v != NULL) {
+ if (!BN_copy(s->srp_ctx.v, v)) {
+ BN_free(s->srp_ctx.v);
+ s->srp_ctx.v = NULL;
+ }
+ } else
+ s->srp_ctx.v = BN_dup(v);
+ }
+ s->srp_ctx.info = info;
+
+ if (!(s->srp_ctx.N) ||
+ !(s->srp_ctx.g) || !(s->srp_ctx.s) || !(s->srp_ctx.v))
+ return -1;
+
+ return 1;
+}
+
+int SRP_generate_server_master_secret(SSL *s, unsigned char *master_key)
+{
+ BIGNUM *K = NULL, *u = NULL;
+ int ret = -1, tmp_len;
+ unsigned char *tmp = NULL;
+
+ if (!SRP_Verify_A_mod_N(s->srp_ctx.A, s->srp_ctx.N))
+ goto err;
+ if (!(u = SRP_Calc_u(s->srp_ctx.A, s->srp_ctx.B, s->srp_ctx.N)))
+ goto err;
+ if (!
+ (K =
+ SRP_Calc_server_key(s->srp_ctx.A, s->srp_ctx.v, u, s->srp_ctx.b,
+ s->srp_ctx.N)))
+ goto err;
+
+ tmp_len = BN_num_bytes(K);
+ if ((tmp = OPENSSL_malloc(tmp_len)) == NULL)
+ goto err;
+ BN_bn2bin(K, tmp);
+ ret =
+ s->method->ssl3_enc->generate_master_secret(s, master_key, tmp,
+ tmp_len);
+ err:
+ if (tmp) {
+ OPENSSL_cleanse(tmp, tmp_len);
+ OPENSSL_free(tmp);
+ }
+ BN_clear_free(K);
+ BN_clear_free(u);
+ return ret;
+}
+
+/* client side */
+int SRP_generate_client_master_secret(SSL *s, unsigned char *master_key)
+{
+ BIGNUM *x = NULL, *u = NULL, *K = NULL;
+ int ret = -1, tmp_len;
+ char *passwd = NULL;
+ unsigned char *tmp = NULL;
+
+ /*
+ * Checks if b % n == 0
+ */
+ if (SRP_Verify_B_mod_N(s->srp_ctx.B, s->srp_ctx.N) == 0)
+ goto err;
+ if (!(u = SRP_Calc_u(s->srp_ctx.A, s->srp_ctx.B, s->srp_ctx.N)))
+ goto err;
+ if (s->srp_ctx.SRP_give_srp_client_pwd_callback == NULL)
+ goto err;
+ if (!
+ (passwd =
+ s->srp_ctx.SRP_give_srp_client_pwd_callback(s,
+ s->srp_ctx.SRP_cb_arg)))
+ goto err;
+ if (!(x = SRP_Calc_x(s->srp_ctx.s, s->srp_ctx.login, passwd)))
+ goto err;
+ if (!
+ (K =
+ SRP_Calc_client_key(s->srp_ctx.N, s->srp_ctx.B, s->srp_ctx.g, x,
+ s->srp_ctx.a, u)))
+ goto err;
+
+ tmp_len = BN_num_bytes(K);
+ if ((tmp = OPENSSL_malloc(tmp_len)) == NULL)
+ goto err;
+ BN_bn2bin(K, tmp);
+ ret =
+ s->method->ssl3_enc->generate_master_secret(s, master_key, tmp,
+ tmp_len);
+ err:
+ if (tmp) {
+ OPENSSL_cleanse(tmp, tmp_len);
+ OPENSSL_free(tmp);
+ }
+ BN_clear_free(K);
+ BN_clear_free(x);
+ if (passwd) {
+ OPENSSL_cleanse(passwd, strlen(passwd));
+ OPENSSL_free(passwd);
+ }
+ BN_clear_free(u);
+ return ret;
+}
+
+int srp_verify_server_param(SSL *s, int *al)
+{
+ SRP_CTX *srp = &s->srp_ctx;
+ /*
+ * Sanity check parameters: we can quickly check B % N == 0 by checking B
+ * != 0 since B < N
+ */
+ if (BN_ucmp(srp->g, srp->N) >= 0 || BN_ucmp(srp->B, srp->N) >= 0
+ || BN_is_zero(srp->B)) {
+ *al = SSL3_AD_ILLEGAL_PARAMETER;
+ return 0;
+ }
+
+ if (BN_num_bits(srp->N) < srp->strength) {
+ *al = TLS1_AD_INSUFFICIENT_SECURITY;
+ return 0;
+ }
+
+ if (srp->SRP_verify_param_callback) {
+ if (srp->SRP_verify_param_callback(s, srp->SRP_cb_arg) <= 0) {
+ *al = TLS1_AD_INSUFFICIENT_SECURITY;
+ return 0;
+ }
+ } else if (!SRP_check_known_gN_param(srp->g, srp->N)) {
+ *al = TLS1_AD_INSUFFICIENT_SECURITY;
+ return 0;
+ }
+
+ return 1;
+}
+
+int SRP_Calc_A_param(SSL *s)
+{
+ unsigned char rnd[SSL_MAX_MASTER_KEY_LENGTH];
+
+ if (RAND_bytes(rnd, sizeof(rnd)) <= 0)
+ return -1;
+ s->srp_ctx.a = BN_bin2bn(rnd, sizeof(rnd), s->srp_ctx.a);
+ OPENSSL_cleanse(rnd, sizeof(rnd));
+
+ if (!
+ (s->srp_ctx.A = SRP_Calc_A(s->srp_ctx.a, s->srp_ctx.N, s->srp_ctx.g)))
+ return -1;
+
+ return 1;
+}
+
+BIGNUM *SSL_get_srp_g(SSL *s)
+{
+ if (s->srp_ctx.g != NULL)
+ return s->srp_ctx.g;
+ return s->ctx->srp_ctx.g;
+}
+
+BIGNUM *SSL_get_srp_N(SSL *s)
+{
+ if (s->srp_ctx.N != NULL)
+ return s->srp_ctx.N;
+ return s->ctx->srp_ctx.N;
+}
+
+char *SSL_get_srp_username(SSL *s)
+{
+ if (s->srp_ctx.login != NULL)
+ return s->srp_ctx.login;
+ return s->ctx->srp_ctx.login;
+}
+
+char *SSL_get_srp_userinfo(SSL *s)
+{
+ if (s->srp_ctx.info != NULL)
+ return s->srp_ctx.info;
+ return s->ctx->srp_ctx.info;
+}
+
+# define tls1_ctx_ctrl ssl3_ctx_ctrl
+# define tls1_ctx_callback_ctrl ssl3_ctx_callback_ctrl
+
+int SSL_CTX_set_srp_username(SSL_CTX *ctx, char *name)
+{
+ return tls1_ctx_ctrl(ctx, SSL_CTRL_SET_TLS_EXT_SRP_USERNAME, 0, name);
+}
+
+int SSL_CTX_set_srp_password(SSL_CTX *ctx, char *password)
+{
+ return tls1_ctx_ctrl(ctx, SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD, 0, password);
+}
+
+int SSL_CTX_set_srp_strength(SSL_CTX *ctx, int strength)
+{
+ return tls1_ctx_ctrl(ctx, SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH, strength,
+ NULL);
+}
+
+int SSL_CTX_set_srp_verify_param_callback(SSL_CTX *ctx,
+ int (*cb) (SSL *, void *))
+{
+ return tls1_ctx_callback_ctrl(ctx, SSL_CTRL_SET_SRP_VERIFY_PARAM_CB,
+ (void (*)(void))cb);
+}
+
+int SSL_CTX_set_srp_cb_arg(SSL_CTX *ctx, void *arg)
+{
+ return tls1_ctx_ctrl(ctx, SSL_CTRL_SET_SRP_ARG, 0, arg);
+}
+
+int SSL_CTX_set_srp_username_callback(SSL_CTX *ctx,
+ int (*cb) (SSL *, int *, void *))
+{
+ return tls1_ctx_callback_ctrl(ctx, SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB,
+ (void (*)(void))cb);
+}
+
+int SSL_CTX_set_srp_client_pwd_callback(SSL_CTX *ctx,
+ char *(*cb) (SSL *, void *))
+{
+ return tls1_ctx_callback_ctrl(ctx, SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB,
+ (void (*)(void))cb);
+}
+
+#endif
Modified: trunk/crypto/openssl/test/CAss.cnf
===================================================================
--- trunk/crypto/openssl/test/CAss.cnf 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/test/CAss.cnf 2015-07-21 23:23:45 UTC (rev 7118)
@@ -7,7 +7,7 @@
####################################################################
[ req ]
-default_bits = 1024
+default_bits = 2048
default_keyfile = keySS.pem
distinguished_name = req_distinguished_name
encrypt_rsa_key = no
Copied: trunk/crypto/openssl/test/CAtsa.cnf (from rev 7117, vendor-crypto/openssl/dist/test/CAtsa.cnf)
===================================================================
--- trunk/crypto/openssl/test/CAtsa.cnf (rev 0)
+++ trunk/crypto/openssl/test/CAtsa.cnf 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,163 @@
+
+#
+# This config is used by the Time Stamp Authority tests.
+#
+
+RANDFILE = ./.rnd
+
+# Extra OBJECT IDENTIFIER info:
+oid_section = new_oids
+
+TSDNSECT = ts_cert_dn
+INDEX = 1
+
+[ new_oids ]
+
+# Policies used by the TSA tests.
+tsa_policy1 = 1.2.3.4.1
+tsa_policy2 = 1.2.3.4.5.6
+tsa_policy3 = 1.2.3.4.5.7
+
+#----------------------------------------------------------------------
+[ ca ]
+default_ca = CA_default # The default ca section
+
+[ CA_default ]
+
+dir = ./demoCA
+certs = $dir/certs # Where the issued certs are kept
+database = $dir/index.txt # database index file.
+new_certs_dir = $dir/newcerts # default place for new certs.
+
+certificate = $dir/cacert.pem # The CA certificate
+serial = $dir/serial # The current serial number
+private_key = $dir/private/cakey.pem# The private key
+RANDFILE = $dir/private/.rand # private random number file
+
+default_days = 365 # how long to certify for
+default_md = sha1 # which md to use.
+preserve = no # keep passed DN ordering
+
+policy = policy_match
+
+# For the CA policy
+[ policy_match ]
+countryName = supplied
+stateOrProvinceName = supplied
+organizationName = supplied
+organizationalUnitName = optional
+commonName = supplied
+emailAddress = optional
+
+#----------------------------------------------------------------------
+[ req ]
+default_bits = 1024
+default_md = sha1
+distinguished_name = $ENV::TSDNSECT
+encrypt_rsa_key = no
+prompt = no
+# attributes = req_attributes
+x509_extensions = v3_ca # The extentions to add to the self signed cert
+
+string_mask = nombstr
+
+[ ts_ca_dn ]
+countryName = HU
+stateOrProvinceName = Budapest
+localityName = Budapest
+organizationName = Gov-CA Ltd.
+commonName = ca1
+
+[ ts_cert_dn ]
+countryName = HU
+stateOrProvinceName = Budapest
+localityName = Buda
+organizationName = Hun-TSA Ltd.
+commonName = tsa$ENV::INDEX
+
+[ tsa_cert ]
+
+# TSA server cert is not a CA cert.
+basicConstraints=CA:FALSE
+
+# The following key usage flags are needed for TSA server certificates.
+keyUsage = nonRepudiation, digitalSignature
+extendedKeyUsage = critical,timeStamping
+
+# PKIX recommendations harmless if included in all certificates.
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid,issuer:always
+
+[ non_tsa_cert ]
+
+# This is not a CA cert and not a TSA cert, either (timeStamping usage missing)
+basicConstraints=CA:FALSE
+
+# The following key usage flags are needed for TSA server certificates.
+keyUsage = nonRepudiation, digitalSignature
+# timeStamping is not supported by this certificate
+# extendedKeyUsage = critical,timeStamping
+
+# PKIX recommendations harmless if included in all certificates.
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid,issuer:always
+
+[ v3_req ]
+
+# Extensions to add to a certificate request
+basicConstraints = CA:FALSE
+keyUsage = nonRepudiation, digitalSignature
+
+[ v3_ca ]
+
+# Extensions for a typical CA
+
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid:always,issuer:always
+basicConstraints = critical,CA:true
+keyUsage = cRLSign, keyCertSign
+
+#----------------------------------------------------------------------
+[ tsa ]
+
+default_tsa = tsa_config1 # the default TSA section
+
+[ tsa_config1 ]
+
+# These are used by the TSA reply generation only.
+dir = . # TSA root directory
+serial = $dir/tsa_serial # The current serial number (mandatory)
+signer_cert = $dir/tsa_cert1.pem # The TSA signing certificate
+ # (optional)
+certs = $dir/tsaca.pem # Certificate chain to include in reply
+ # (optional)
+signer_key = $dir/tsa_key1.pem # The TSA private key (optional)
+
+default_policy = tsa_policy1 # Policy if request did not specify it
+ # (optional)
+other_policies = tsa_policy2, tsa_policy3 # acceptable policies (optional)
+digests = md5, sha1 # Acceptable message digests (mandatory)
+accuracy = secs:1, millisecs:500, microsecs:100 # (optional)
+ordering = yes # Is ordering defined for timestamps?
+ # (optional, default: no)
+tsa_name = yes # Must the TSA name be included in the reply?
+ # (optional, default: no)
+ess_cert_id_chain = yes # Must the ESS cert id chain be included?
+ # (optional, default: no)
+
+[ tsa_config2 ]
+
+# This configuration uses a certificate which doesn't have timeStamping usage.
+# These are used by the TSA reply generation only.
+dir = . # TSA root directory
+serial = $dir/tsa_serial # The current serial number (mandatory)
+signer_cert = $dir/tsa_cert2.pem # The TSA signing certificate
+ # (optional)
+certs = $dir/demoCA/cacert.pem# Certificate chain to include in reply
+ # (optional)
+signer_key = $dir/tsa_key2.pem # The TSA private key (optional)
+
+default_policy = tsa_policy1 # Policy if request did not specify it
+ # (optional)
+other_policies = tsa_policy2, tsa_policy3 # acceptable policies (optional)
+digests = md5, sha1 # Acceptable message digests (mandatory)
Modified: trunk/crypto/openssl/test/Makefile
===================================================================
--- trunk/crypto/openssl/test/Makefile 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/test/Makefile 2015-07-21 23:23:45 UTC (rev 7118)
@@ -5,7 +5,7 @@
DIR= test
TOP= ..
CC= cc
-INCLUDES= -I$(TOP) -I../include $(KRB5_INCLUDES) -I$(TOP)/fips
+INCLUDES= -I$(TOP) -I../include $(KRB5_INCLUDES)
CFLAG= -g
MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
PERL= perl
@@ -27,7 +27,6 @@
DLIBSSL= ../libssl.a
LIBCRYPTO= -L.. -lcrypto
LIBSSL= -L.. -lssl
-LIBFIPS= -L.. -lfips
BNTEST= bntest
ECTEST= ectest
@@ -45,6 +44,7 @@
MD4TEST= md4test
MD5TEST= md5test
HMACTEST= hmactest
+WPTEST= wp_test
RC2TEST= rc2test
RC4TEST= rc4test
RC5TEST= rc5test
@@ -59,69 +59,48 @@
RSATEST= rsa_test
ENGINETEST= enginetest
EVPTEST= evp_test
+EVPEXTRATEST=evp_extra_test
IGETEST= igetest
-FIPS_SHATEST= fips_shatest
-FIPS_DESTEST= fips_desmovs
-FIPS_RANDTEST= fips_randtest
-FIPS_AESTEST= fips_aesavs
-FIPS_HMACTEST= fips_hmactest
-FIPS_RSAVTEST= fips_rsavtest
-FIPS_RSASTEST= fips_rsastest
-FIPS_RSAGTEST= fips_rsagtest
-FIPS_DSATEST= fips_dsatest
-FIPS_DSSVS= fips_dssvs
-FIPS_RNGVS= fips_rngvs
-FIPS_TEST_SUITE=fips_test_suite
+JPAKETEST= jpaketest
+SRPTEST= srptest
+ASN1TEST= asn1test
+HEARTBEATTEST= heartbeat_test
CONSTTIMETEST= constant_time_test
TESTS= alltests
EXE= $(BNTEST)$(EXE_EXT) $(ECTEST)$(EXE_EXT) $(ECDSATEST)$(EXE_EXT) $(ECDHTEST)$(EXE_EXT) $(IDEATEST)$(EXE_EXT) \
- $(MD2TEST)$(EXE_EXT) $(MD4TEST)$(EXE_EXT) $(MD5TEST)$(EXE_EXT) $(HMACTEST)$(EXE_EXT) \
+ $(MD2TEST)$(EXE_EXT) $(MD4TEST)$(EXE_EXT) $(MD5TEST)$(EXE_EXT) $(HMACTEST)$(EXE_EXT) $(WPTEST)$(EXE_EXT) \
$(RC2TEST)$(EXE_EXT) $(RC4TEST)$(EXE_EXT) $(RC5TEST)$(EXE_EXT) \
$(DESTEST)$(EXE_EXT) $(SHATEST)$(EXE_EXT) $(SHA1TEST)$(EXE_EXT) $(SHA256TEST)$(EXE_EXT) $(SHA512TEST)$(EXE_EXT) \
$(MDC2TEST)$(EXE_EXT) $(RMDTEST)$(EXE_EXT) \
$(RANDTEST)$(EXE_EXT) $(DHTEST)$(EXE_EXT) $(ENGINETEST)$(EXE_EXT) \
$(BFTEST)$(EXE_EXT) $(CASTTEST)$(EXE_EXT) $(SSLTEST)$(EXE_EXT) $(EXPTEST)$(EXE_EXT) $(DSATEST)$(EXE_EXT) $(RSATEST)$(EXE_EXT) \
- $(EVPTEST)$(EXE_EXT) $(IGETEST)$(EXE_EXT) \
- $(FIPS_SHATEST)$(EXE_EXT) $(FIPS_DESTEST)$(EXE_EXT) \
- $(FIPS_RANDTEST)$(EXE_EXT) $(FIPS_AESTEST)$(EXE_EXT) \
- $(FIPS_HMACTEST)$(EXE_EXT) $(FIPS_RSAVTEST)$(EXE_EXT) \
- $(FIPS_RSASTEST)$(EXE_EXT) $(FIPS_RSAGTEST)$(EXE_EXT) \
- $(FIPS_DSSVS)$(EXE_EXT) $(FIPS_DSATEST)$(EXE_EXT) \
- $(FIPS_RNGVS)$(EXE_EXT) $(FIPS_TEST_SUITE)$(EXE_EXT) \
- jpaketest$(EXE_EXT) $(CONSTTIMETEST)$(EXE_EXT)
+ $(EVPTEST)$(EXE_EXT) $(EVPEXTRATEST)$(EXE_EXT) $(IGETEST)$(EXE_EXT) $(JPAKETEST)$(EXE_EXT) $(SRPTEST)$(EXE_EXT) \
+ $(ASN1TEST)$(EXE_EXT) $(HEARTBEATTEST)$(EXE_EXT) $(CONSTTIMETEST)$(EXE_EXT)
# $(METHTEST)$(EXE_EXT)
OBJ= $(BNTEST).o $(ECTEST).o $(ECDSATEST).o $(ECDHTEST).o $(IDEATEST).o \
$(MD2TEST).o $(MD4TEST).o $(MD5TEST).o \
- $(HMACTEST).o \
+ $(HMACTEST).o $(WPTEST).o \
$(RC2TEST).o $(RC4TEST).o $(RC5TEST).o \
$(DESTEST).o $(SHATEST).o $(SHA1TEST).o $(SHA256TEST).o $(SHA512TEST).o \
$(MDC2TEST).o $(RMDTEST).o \
$(RANDTEST).o $(DHTEST).o $(ENGINETEST).o $(CASTTEST).o \
$(BFTEST).o $(SSLTEST).o $(DSATEST).o $(EXPTEST).o $(RSATEST).o \
- $(EVPTEST).o $(IGETEST).o \
- $(FIPS_SHATEST).o $(FIPS_DESTEST).o $(FIPS_RANDTEST).o \
- $(FIPS_AESTEST).o $(FIPS_HMACTEST).o $(FIPS_RSAVTEST).o \
- $(FIPS_RSASTEST).o $(FIPS_RSAGTEST).o \
- $(FIPS_DSSVS).o $(FIPS_DSATEST).o $(FIPS_RNGVS).o $(FIPS_TEST_SUITE).o \
- jpaketest.o $(CONSTTIMETEST).o
+ $(EVPTEST).o $(EVPEXTRATEST).o $(IGETEST).o $(JPAKETEST).o $(ASN1TEST).o \
+ $(HEARTBEATTEST).o $(CONSTTIMETEST).o
SRC= $(BNTEST).c $(ECTEST).c $(ECDSATEST).c $(ECDHTEST).c $(IDEATEST).c \
$(MD2TEST).c $(MD4TEST).c $(MD5TEST).c \
- $(HMACTEST).c \
+ $(HMACTEST).c $(WPTEST).c \
$(RC2TEST).c $(RC4TEST).c $(RC5TEST).c \
$(DESTEST).c $(SHATEST).c $(SHA1TEST).c $(MDC2TEST).c $(RMDTEST).c \
$(RANDTEST).c $(DHTEST).c $(ENGINETEST).c $(CASTTEST).c \
$(BFTEST).c $(SSLTEST).c $(DSATEST).c $(EXPTEST).c $(RSATEST).c \
- $(EVPTEST).c $(IGETEST).c \
- $(FIPS_SHATEST).c $(FIPS_DESTEST).c $(FIPS_RANDTEST).c \
- $(FIPS_AESTEST).c $(FIPS_HMACTEST).c $(FIPS_RSAVTEST).c \
- $(FIPS_RSASTEST).c $(FIPS_RSAGTEST).c \
- $(FIPS_DSSVS).c $(FIPS_DSATEST).c $(FIPS_RNGVS).c $(FIPS_TEST_SUITE).c \
- jpaketest.c $(CONSTTIMETEST).c
+ $(EVPTEST).c $(EVPEXTRATEST).c $(IGETEST).c $(JPAKETEST).c $(SRPTEST).c $(ASN1TEST).c \
+ $(HEARTBEATTEST).c $(CONSTTIMETEST).c
EXHEADER=
HEADER= $(EXHEADER)
@@ -158,17 +137,20 @@
alltests: \
test_des test_idea test_sha test_md4 test_md5 test_hmac \
- test_md2 test_mdc2 \
+ test_md2 test_mdc2 test_wp \
test_rmd test_rc2 test_rc4 test_rc5 test_bf test_cast test_aes \
test_rand test_bn test_ec test_ecdsa test_ecdh \
test_enc test_x509 test_rsa test_crl test_sid \
test_gen test_req test_pkcs7 test_verify test_dh test_dsa \
- test_ss test_ca test_engine test_evp test_ssl test_ige test_jpake \
- test_constant_time
+ test_ss test_ca test_engine test_evp test_evp_extra test_ssl test_tsa test_ige \
+ test_jpake test_srp test_cms test_heartbeat test_constant_time
test_evp:
../util/shlib_wrap.sh ./$(EVPTEST) evptests.txt
+test_evp_extra:
+ ../util/shlib_wrap.sh ./$(EVPEXTRATEST)
+
test_des:
../util/shlib_wrap.sh ./$(DESTEST)
@@ -180,9 +162,6 @@
../util/shlib_wrap.sh ./$(SHA1TEST)
../util/shlib_wrap.sh ./$(SHA256TEST)
../util/shlib_wrap.sh ./$(SHA512TEST)
- if [ -n "$(FIPSCANLIB)" ]; then \
- ../util/shlib_wrap.sh ./$(FIPS_SHATEST) < SHAmix.r | diff -w SHAmix.x - ; \
- fi
test_mdc2:
../util/shlib_wrap.sh ./$(MDC2TEST)
@@ -196,6 +175,9 @@
test_hmac:
../util/shlib_wrap.sh ./$(HMACTEST)
+test_wp:
+ ../util/shlib_wrap.sh ./$(WPTEST)
+
test_md2:
../util/shlib_wrap.sh ./$(MD2TEST)
@@ -219,12 +201,9 @@
test_rand:
../util/shlib_wrap.sh ./$(RANDTEST)
- if [ -n "$(FIPSCANLIB)" ]; then \
- ../util/shlib_wrap.sh ./$(FIPS_RANDTEST); \
- fi
test_enc:
- sh ./testenc
+ @sh ./testenc
test_x509:
echo test normal x509v1 certificate
@@ -276,7 +255,7 @@
test_verify:
@echo "The following command should have some OK's and some failures"
@echo "There are definitly a few expired certificates"
- ../util/shlib_wrap.sh ../apps/openssl verify -CApath ../certs ../certs/*.pem
+ ../util/shlib_wrap.sh ../apps/openssl verify -CApath ../certs/demo ../certs/demo/*.pem
test_dh:
@echo "Generate a set of DH parameters"
@@ -286,9 +265,6 @@
@echo "Generate a set of DSA parameters"
../util/shlib_wrap.sh ./$(DSATEST)
../util/shlib_wrap.sh ./$(DSATEST) -app2_1
- if [ -n "$(FIPSCANLIB)" ]; then \
- ../util/shlib_wrap.sh ./$(FIPS_DSATEST); \
- fi
test_gen:
@echo "Generate and verify a certificate request"
@@ -328,14 +304,32 @@
# @echo "test Rijndael"
# ../util/shlib_wrap.sh ./$(AESTEST)
+test_tsa:
+ @if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then \
+ echo "skipping testtsa test -- requires RSA"; \
+ else \
+ sh ./testtsa; \
+ fi
+
test_ige: $(IGETEST)$(EXE_EXT)
@echo "Test IGE mode"
../util/shlib_wrap.sh ./$(IGETEST)
-test_jpake: jpaketest$(EXE_EXT)
+test_jpake: $(JPAKETEST)$(EXE_EXT)
@echo "Test JPAKE"
- ../util/shlib_wrap.sh ./jpaketest
+ ../util/shlib_wrap.sh ./$(JPAKETEST)
+test_cms:
+ @echo "CMS consistency test"
+ $(PERL) cms-test.pl
+
+test_srp: $(SRPTEST)$(EXE_EXT)
+ @echo "Test SRP"
+ ../util/shlib_wrap.sh ./srptest
+
+test_heartbeat: $(HEARTBEATTEST)$(EXE_EXT)
+ ../util/shlib_wrap.sh ./$(HEARTBEATTEST)
+
test_constant_time: $(CONSTTIMETEST)$(EXE_EXT)
@echo "Test constant time utilites"
../util/shlib_wrap.sh ./$(CONSTTIMETEST)
@@ -343,32 +337,53 @@
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
-depend:
- @if [ -z "$(THIS)" ]; then \
- $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; \
- else \
- $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(SRC); \
- fi
+update: local_depend
+ @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
+depend: local_depend
+ @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
+local_depend:
+ @[ -z "$(THIS)" ] || $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(SRC)
+
dclean:
$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
mv -f Makefile.new $(MAKEFILE)
+ rm -f $(SRC) $(SHA256TEST).c $(SHA512TEST).c evptests.txt newkey.pem testkey.pem \
+ testreq.pem
clean:
- rm -f .rnd tmp.bntest tmp.bctest *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff $(EXE) *.ss *.srl log dummytest
+ rm -f .rnd tmp.bntest tmp.bctest *.o *.obj *.dll lib tags core .pure .nfs* *.old *.bak fluff $(EXE) *.ss *.srl log dummytest
$(DLIBSSL):
- (cd ..; $(MAKE) DIRS=ssl all)
+ (cd ..; $(MAKE) build_libssl)
$(DLIBCRYPTO):
- (cd ..; $(MAKE) DIRS=crypto all)
+ (cd ..; $(MAKE) build_libcrypto)
BUILD_CMD=shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
shlib_target="$(SHLIB_TARGET)"; \
fi; \
LIBRARIES="$(LIBSSL) $(LIBCRYPTO) $(LIBKRB5)"; \
- [ "$(FIPSCANLIB)" = "libfips" ] && LIBRARIES="$$LIBRARIES -lfips"; \
$(MAKE) -f $(TOP)/Makefile.shared -e \
+ CC="$${CC}" APPNAME=$$target$(EXE_EXT) OBJECTS="$$target.o" \
+ LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
+ link_app.$${shlib_target}
+
+FIPS_BUILD_CMD=shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
+ shlib_target="$(SHLIB_TARGET)"; \
+ fi; \
+ LIBRARIES="$(LIBSSL) $(LIBCRYPTO) $(LIBKRB5)"; \
+ if [ -z "$(SHARED_LIBS)" -a -n "$(FIPSCANLIB)" ] ; then \
+ FIPSLD_CC="$(CC)"; CC=$(FIPSDIR)/bin/fipsld; export CC FIPSLD_CC; \
+ fi; \
+ $(MAKE) -f $(TOP)/Makefile.shared -e \
+ CC="$${CC}" APPNAME=$$target$(EXE_EXT) OBJECTS="$$target.o" \
+ LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
+ link_app.$${shlib_target}
+
+BUILD_CMD_STATIC=shlib_target=; \
+ LIBRARIES="$(DLIBSSL) $(DLIBCRYPTO) $(LIBKRB5)"; \
+ $(MAKE) -f $(TOP)/Makefile.shared -e \
APPNAME=$$target$(EXE_EXT) OBJECTS="$$target.o" \
LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
link_app.$${shlib_target}
@@ -403,71 +418,6 @@
$(SHA512TEST)$(EXE_EXT): $(SHA512TEST).o $(DLIBCRYPTO)
@target=$(SHA512TEST); $(BUILD_CMD)
-FIPS_BUILD_CMD=shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
- shlib_target="$(SHLIB_TARGET)"; \
- fi; \
- if [ "$(FIPSCANLIB)" = "libfips" ]; then \
- LIBRARIES="-L$(TOP) -lfips"; \
- elif [ -n "$(FIPSCANLIB)" ]; then \
- FIPSLD_CC="$(CC)"; CC=$(TOP)/fips/fipsld; export CC FIPSLD_CC; \
- LIBRARIES="$${FIPSLIBDIR:-$(TOP)/fips/}fipscanister.o"; \
- else \
- LIBRARIES="$(LIBCRYPTO)"; \
- fi; \
- $(MAKE) -f $(TOP)/Makefile.shared -e \
- CC="$${CC}" APPNAME=$$target$(EXE_EXT) OBJECTS="$$target.o" \
- LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
- link_app.$${shlib_target}
-
-FIPS_CRYPTO_BUILD_CMD=shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
- shlib_target="$(SHLIB_TARGET)"; \
- fi; \
- LIBRARIES="$(LIBSSL) $(LIBCRYPTO) $(LIBKRB5)"; \
- if [ -z "$(SHARED_LIBS)" -a -n "$(FIPSCANLIB)" ] ; then \
- FIPSLD_CC="$(CC)"; CC=$(TOP)/fips/fipsld; export CC FIPSLD_CC; \
- fi; \
- [ "$(FIPSCANLIB)" = "libfips" ] && LIBRARIES="$$LIBRARIES -lfips"; \
- $(MAKE) -f $(TOP)/Makefile.shared -e \
- CC="$${CC}" APPNAME=$$target$(EXE_EXT) OBJECTS="$$target.o" \
- LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
- link_app.$${shlib_target}
-
-$(FIPS_SHATEST)$(EXE_EXT): $(FIPS_SHATEST).o $(DLIBCRYPTO)
- @target=$(FIPS_SHATEST); $(FIPS_BUILD_CMD)
-
-$(FIPS_AESTEST)$(EXE_EXT): $(FIPS_AESTEST).o $(DLIBCRYPTO)
- @target=$(FIPS_AESTEST); $(FIPS_BUILD_CMD)
-
-$(FIPS_DESTEST)$(EXE_EXT): $(FIPS_DESTEST).o $(DLIBCRYPTO)
- @target=$(FIPS_DESTEST); $(FIPS_BUILD_CMD)
-
-$(FIPS_HMACTEST)$(EXE_EXT): $(FIPS_HMACTEST).o $(DLIBCRYPTO)
- @target=$(FIPS_HMACTEST); $(FIPS_BUILD_CMD)
-
-$(FIPS_RANDTEST)$(EXE_EXT): $(FIPS_RANDTEST).o $(DLIBCRYPTO)
- @target=$(FIPS_RANDTEST); $(FIPS_BUILD_CMD)
-
-$(FIPS_RSAVTEST)$(EXE_EXT): $(FIPS_RSAVTEST).o $(DLIBCRYPTO)
- @target=$(FIPS_RSAVTEST); $(FIPS_BUILD_CMD)
-
-$(FIPS_RSASTEST)$(EXE_EXT): $(FIPS_RSASTEST).o $(DLIBCRYPTO)
- @target=$(FIPS_RSASTEST); $(FIPS_BUILD_CMD)
-
-$(FIPS_RSAGTEST)$(EXE_EXT): $(FIPS_RSAGTEST).o $(DLIBCRYPTO)
- @target=$(FIPS_RSAGTEST); $(FIPS_BUILD_CMD)
-
-$(FIPS_DSATEST)$(EXE_EXT): $(FIPS_DSATEST).o $(DLIBCRYPTO)
- @target=$(FIPS_DSATEST); $(FIPS_BUILD_CMD)
-
-$(FIPS_DSSVS)$(EXE_EXT): $(FIPS_DSSVS).o $(DLIBCRYPTO)
- @target=$(FIPS_DSSVS); $(FIPS_BUILD_CMD)
-
-$(FIPS_RNGVS)$(EXE_EXT): $(FIPS_RNGVS).o $(DLIBCRYPTO)
- @target=$(FIPS_RNGVS); $(FIPS_BUILD_CMD)
-
-$(FIPS_TEST_SUITE)$(EXE_EXT): $(FIPS_TEST_SUITE).o $(DLIBCRYPTO)
- @target=$(FIPS_TEST_SUITE); $(FIPS_BUILD_CMD)
-
$(RMDTEST)$(EXE_EXT): $(RMDTEST).o $(DLIBCRYPTO)
@target=$(RMDTEST); $(BUILD_CMD)
@@ -483,6 +433,9 @@
$(HMACTEST)$(EXE_EXT): $(HMACTEST).o $(DLIBCRYPTO)
@target=$(HMACTEST); $(BUILD_CMD)
+$(WPTEST)$(EXE_EXT): $(WPTEST).o $(DLIBCRYPTO)
+ @target=$(WPTEST); $(BUILD_CMD)
+
$(RC2TEST)$(EXE_EXT): $(RC2TEST).o $(DLIBCRYPTO)
@target=$(RC2TEST); $(BUILD_CMD)
@@ -514,7 +467,7 @@
@target=$(METHTEST); $(BUILD_CMD)
$(SSLTEST)$(EXE_EXT): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO)
- @target=$(SSLTEST); $(FIPS_CRYPTO_BUILD_CMD)
+ @target=$(SSLTEST); $(FIPS_BUILD_CMD)
$(ENGINETEST)$(EXE_EXT): $(ENGINETEST).o $(DLIBCRYPTO)
@target=$(ENGINETEST); $(BUILD_CMD)
@@ -522,6 +475,9 @@
$(EVPTEST)$(EXE_EXT): $(EVPTEST).o $(DLIBCRYPTO)
@target=$(EVPTEST); $(BUILD_CMD)
+$(EVPEXTRATEST)$(EXE_EXT): $(EVPEXTRATEST).o $(DLIBCRYPTO)
+ @target=$(EVPEXTRATEST); $(BUILD_CMD)
+
$(ECDSATEST)$(EXE_EXT): $(ECDSATEST).o $(DLIBCRYPTO)
@target=$(ECDSATEST); $(BUILD_CMD)
@@ -531,9 +487,18 @@
$(IGETEST)$(EXE_EXT): $(IGETEST).o $(DLIBCRYPTO)
@target=$(IGETEST); $(BUILD_CMD)
-jpaketest$(EXE_EXT): jpaketest.o $(DLIBCRYPTO)
- @target=jpaketest; $(BUILD_CMD)
+$(JPAKETEST)$(EXE_EXT): $(JPAKETEST).o $(DLIBCRYPTO)
+ @target=$(JPAKETEST); $(BUILD_CMD)
+$(ASN1TEST)$(EXE_EXT): $(ASN1TEST).o $(DLIBCRYPTO)
+ @target=$(ASN1TEST); $(BUILD_CMD)
+
+$(SRPTEST)$(EXE_EXT): $(SRPTEST).o $(DLIBCRYPTO)
+ @target=$(SRPTEST); $(BUILD_CMD)
+
+$(HEARTBEATTEST)$(EXE_EXT): $(HEARTBEATTEST).o $(DLIBCRYPTO)
+ @target=$(HEARTBEATTEST); $(BUILD_CMD_STATIC)
+
$(CONSTTIMETEST)$(EXE_EXT): $(CONSTTIMETEST).o
@target=$(CONSTTIMETEST) $(BUILD_CMD)
@@ -552,6 +517,18 @@
# DO NOT DELETE THIS LINE -- make depend depends on it.
+asn1test.o: ../include/openssl/asn1.h ../include/openssl/asn1_mac.h
+asn1test.o: ../include/openssl/bio.h ../include/openssl/buffer.h
+asn1test.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+asn1test.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+asn1test.o: ../include/openssl/ecdsa.h ../include/openssl/evp.h
+asn1test.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+asn1test.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+asn1test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+asn1test.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
+asn1test.o: ../include/openssl/sha.h ../include/openssl/stack.h
+asn1test.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
+asn1test.o: ../include/openssl/x509_vfy.h asn1test.c
bftest.o: ../e_os.h ../include/openssl/blowfish.h ../include/openssl/e_os2.h
bftest.o: ../include/openssl/opensslconf.h bftest.c
bntest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
@@ -560,15 +537,14 @@
bntest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
bntest.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
bntest.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-bntest.o: ../include/openssl/evp.h ../include/openssl/fips.h
-bntest.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-bntest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-bntest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-bntest.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-bntest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-bntest.o: ../include/openssl/sha.h ../include/openssl/stack.h
-bntest.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
-bntest.o: ../include/openssl/x509_vfy.h bntest.c
+bntest.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+bntest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+bntest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+bntest.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
+bntest.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+bntest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+bntest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+bntest.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h bntest.c
casttest.o: ../e_os.h ../include/openssl/cast.h ../include/openssl/e_os2.h
casttest.o: ../include/openssl/opensslconf.h casttest.c
constant_time_test.o: ../crypto/constant_time_locl.h ../e_os.h
@@ -610,14 +586,14 @@
ecdsatest.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
ecdsatest.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
ecdsatest.o: ../include/openssl/err.h ../include/openssl/evp.h
-ecdsatest.o: ../include/openssl/fips.h ../include/openssl/lhash.h
-ecdsatest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-ecdsatest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-ecdsatest.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
-ecdsatest.o: ../include/openssl/rand.h ../include/openssl/safestack.h
-ecdsatest.o: ../include/openssl/sha.h ../include/openssl/stack.h
-ecdsatest.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
-ecdsatest.o: ../include/openssl/x509_vfy.h ecdsatest.c
+ecdsatest.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+ecdsatest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+ecdsatest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+ecdsatest.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+ecdsatest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ecdsatest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+ecdsatest.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+ecdsatest.o: ecdsatest.c
ectest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
ectest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
ectest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
@@ -624,27 +600,39 @@
ectest.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
ectest.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
ectest.o: ../include/openssl/err.h ../include/openssl/evp.h
-ectest.o: ../include/openssl/fips.h ../include/openssl/lhash.h
-ectest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-ectest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-ectest.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
-ectest.o: ../include/openssl/rand.h ../include/openssl/safestack.h
-ectest.o: ../include/openssl/sha.h ../include/openssl/stack.h
-ectest.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
-ectest.o: ../include/openssl/x509_vfy.h ectest.c
+ectest.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+ectest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+ectest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+ectest.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+ectest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ectest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+ectest.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ectest.c
enginetest.o: ../include/openssl/asn1.h ../include/openssl/bio.h
enginetest.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
enginetest.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
enginetest.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
enginetest.o: ../include/openssl/engine.h ../include/openssl/err.h
-enginetest.o: ../include/openssl/evp.h ../include/openssl/fips.h
-enginetest.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-enginetest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-enginetest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-enginetest.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
-enginetest.o: ../include/openssl/sha.h ../include/openssl/stack.h
-enginetest.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
-enginetest.o: ../include/openssl/x509_vfy.h enginetest.c
+enginetest.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+enginetest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+enginetest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+enginetest.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
+enginetest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+enginetest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+enginetest.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+enginetest.o: enginetest.c
+evp_extra_test.o: ../include/openssl/asn1.h ../include/openssl/bio.h
+evp_extra_test.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+evp_extra_test.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
+evp_extra_test.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
+evp_extra_test.o: ../include/openssl/err.h ../include/openssl/evp.h
+evp_extra_test.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+evp_extra_test.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+evp_extra_test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+evp_extra_test.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
+evp_extra_test.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+evp_extra_test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+evp_extra_test.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+evp_extra_test.o: evp_extra_test.c
evp_test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
evp_test.o: ../include/openssl/buffer.h ../include/openssl/conf.h
evp_test.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
@@ -651,13 +639,13 @@
evp_test.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
evp_test.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
evp_test.o: ../include/openssl/err.h ../include/openssl/evp.h
-evp_test.o: ../include/openssl/fips.h ../include/openssl/lhash.h
-evp_test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-evp_test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-evp_test.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
-evp_test.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-evp_test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-evp_test.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h evp_test.c
+evp_test.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+evp_test.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+evp_test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+evp_test.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
+evp_test.o: ../include/openssl/sha.h ../include/openssl/stack.h
+evp_test.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
+evp_test.o: ../include/openssl/x509_vfy.h evp_test.c
exptest.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/bn.h
exptest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
exptest.o: ../include/openssl/err.h ../include/openssl/lhash.h
@@ -665,186 +653,35 @@
exptest.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h
exptest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
exptest.o: ../include/openssl/symhacks.h exptest.c
-fips_aesavs.o: ../e_os.h ../fips/fips_utl.h ../include/openssl/aes.h
-fips_aesavs.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-fips_aesavs.o: ../include/openssl/bn.h ../include/openssl/crypto.h
-fips_aesavs.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-fips_aesavs.o: ../include/openssl/evp.h ../include/openssl/fips.h
-fips_aesavs.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-fips_aesavs.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-fips_aesavs.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-fips_aesavs.o: ../include/openssl/safestack.h ../include/openssl/stack.h
-fips_aesavs.o: ../include/openssl/symhacks.h fips_aesavs.c
-fips_desmovs.o: ../e_os.h ../fips/fips_utl.h ../include/openssl/asn1.h
-fips_desmovs.o: ../include/openssl/bio.h ../include/openssl/bn.h
-fips_desmovs.o: ../include/openssl/crypto.h ../include/openssl/des.h
-fips_desmovs.o: ../include/openssl/des_old.h ../include/openssl/e_os2.h
-fips_desmovs.o: ../include/openssl/err.h ../include/openssl/evp.h
-fips_desmovs.o: ../include/openssl/fips.h ../include/openssl/lhash.h
-fips_desmovs.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-fips_desmovs.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-fips_desmovs.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
-fips_desmovs.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-fips_desmovs.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
-fips_desmovs.o: fips_desmovs.c
-fips_dsatest.o: ../e_os.h ../fips/fips_utl.h ../include/openssl/asn1.h
-fips_dsatest.o: ../include/openssl/bio.h ../include/openssl/bn.h
-fips_dsatest.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
-fips_dsatest.o: ../include/openssl/des.h ../include/openssl/des_old.h
-fips_dsatest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-fips_dsatest.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-fips_dsatest.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-fips_dsatest.o: ../include/openssl/err.h ../include/openssl/evp.h
-fips_dsatest.o: ../include/openssl/fips.h ../include/openssl/fips_rand.h
-fips_dsatest.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-fips_dsatest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-fips_dsatest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-fips_dsatest.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-fips_dsatest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-fips_dsatest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-fips_dsatest.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
-fips_dsatest.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-fips_dsatest.o: fips_dsatest.c
-fips_dssvs.o: ../fips/fips_utl.h ../include/openssl/asn1.h
-fips_dssvs.o: ../include/openssl/bio.h ../include/openssl/bn.h
-fips_dssvs.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-fips_dssvs.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-fips_dssvs.o: ../include/openssl/evp.h ../include/openssl/fips.h
-fips_dssvs.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-fips_dssvs.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-fips_dssvs.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-fips_dssvs.o: ../include/openssl/safestack.h ../include/openssl/stack.h
-fips_dssvs.o: ../include/openssl/symhacks.h fips_dssvs.c
-fips_hmactest.o: ../fips/fips_utl.h ../include/openssl/asn1.h
-fips_hmactest.o: ../include/openssl/bio.h ../include/openssl/bn.h
-fips_hmactest.o: ../include/openssl/buffer.h ../include/openssl/conf.h
-fips_hmactest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-fips_hmactest.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-fips_hmactest.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-fips_hmactest.o: ../include/openssl/evp.h ../include/openssl/fips.h
-fips_hmactest.o: ../include/openssl/hmac.h ../include/openssl/lhash.h
-fips_hmactest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-fips_hmactest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-fips_hmactest.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
-fips_hmactest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-fips_hmactest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-fips_hmactest.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-fips_hmactest.o: ../include/openssl/x509v3.h fips_hmactest.c
-fips_randtest.o: ../e_os.h ../fips/fips_utl.h ../include/openssl/bio.h
-fips_randtest.o: ../include/openssl/bn.h ../include/openssl/crypto.h
-fips_randtest.o: ../include/openssl/des.h ../include/openssl/des_old.h
-fips_randtest.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-fips_randtest.o: ../include/openssl/fips_rand.h ../include/openssl/lhash.h
-fips_randtest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-fips_randtest.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h
-fips_randtest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
-fips_randtest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h
-fips_randtest.o: ../include/openssl/ui_compat.h fips_randtest.c
-fips_rngvs.o: ../fips/fips_utl.h ../include/openssl/asn1.h
-fips_rngvs.o: ../include/openssl/bio.h ../include/openssl/bn.h
-fips_rngvs.o: ../include/openssl/buffer.h ../include/openssl/conf.h
-fips_rngvs.o: ../include/openssl/crypto.h ../include/openssl/des.h
-fips_rngvs.o: ../include/openssl/des_old.h ../include/openssl/dsa.h
-fips_rngvs.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-fips_rngvs.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-fips_rngvs.o: ../include/openssl/err.h ../include/openssl/evp.h
-fips_rngvs.o: ../include/openssl/fips.h ../include/openssl/fips_rand.h
-fips_rngvs.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-fips_rngvs.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-fips_rngvs.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-fips_rngvs.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-fips_rngvs.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-fips_rngvs.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-fips_rngvs.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
-fips_rngvs.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-fips_rngvs.o: ../include/openssl/x509v3.h fips_rngvs.c
-fips_rsagtest.o: ../fips/fips_utl.h ../include/openssl/asn1.h
-fips_rsagtest.o: ../include/openssl/bio.h ../include/openssl/bn.h
-fips_rsagtest.o: ../include/openssl/buffer.h ../include/openssl/conf.h
-fips_rsagtest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-fips_rsagtest.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-fips_rsagtest.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-fips_rsagtest.o: ../include/openssl/evp.h ../include/openssl/fips.h
-fips_rsagtest.o: ../include/openssl/hmac.h ../include/openssl/lhash.h
-fips_rsagtest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-fips_rsagtest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-fips_rsagtest.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
-fips_rsagtest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-fips_rsagtest.o: ../include/openssl/sha.h ../include/openssl/stack.h
-fips_rsagtest.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
-fips_rsagtest.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h
-fips_rsagtest.o: fips_rsagtest.c
-fips_rsastest.o: ../fips/fips_utl.h ../include/openssl/asn1.h
-fips_rsastest.o: ../include/openssl/bio.h ../include/openssl/bn.h
-fips_rsastest.o: ../include/openssl/buffer.h ../include/openssl/conf.h
-fips_rsastest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-fips_rsastest.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-fips_rsastest.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-fips_rsastest.o: ../include/openssl/evp.h ../include/openssl/fips.h
-fips_rsastest.o: ../include/openssl/hmac.h ../include/openssl/lhash.h
-fips_rsastest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-fips_rsastest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-fips_rsastest.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
-fips_rsastest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-fips_rsastest.o: ../include/openssl/sha.h ../include/openssl/stack.h
-fips_rsastest.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
-fips_rsastest.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h
-fips_rsastest.o: fips_rsastest.c
-fips_rsavtest.o: ../fips/fips_utl.h ../include/openssl/asn1.h
-fips_rsavtest.o: ../include/openssl/bio.h ../include/openssl/bn.h
-fips_rsavtest.o: ../include/openssl/buffer.h ../include/openssl/conf.h
-fips_rsavtest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-fips_rsavtest.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-fips_rsavtest.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-fips_rsavtest.o: ../include/openssl/evp.h ../include/openssl/fips.h
-fips_rsavtest.o: ../include/openssl/hmac.h ../include/openssl/lhash.h
-fips_rsavtest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-fips_rsavtest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-fips_rsavtest.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
-fips_rsavtest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-fips_rsavtest.o: ../include/openssl/sha.h ../include/openssl/stack.h
-fips_rsavtest.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
-fips_rsavtest.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h
-fips_rsavtest.o: fips_rsavtest.c
-fips_shatest.o: ../fips/fips_utl.h ../include/openssl/asn1.h
-fips_shatest.o: ../include/openssl/bio.h ../include/openssl/bn.h
-fips_shatest.o: ../include/openssl/buffer.h ../include/openssl/conf.h
-fips_shatest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-fips_shatest.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-fips_shatest.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-fips_shatest.o: ../include/openssl/evp.h ../include/openssl/fips.h
-fips_shatest.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-fips_shatest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-fips_shatest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-fips_shatest.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
-fips_shatest.o: ../include/openssl/sha.h ../include/openssl/stack.h
-fips_shatest.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
-fips_shatest.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h
-fips_shatest.o: fips_shatest.c
-fips_test_suite.o: ../fips/fips_utl.h ../include/openssl/aes.h
-fips_test_suite.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-fips_test_suite.o: ../include/openssl/bn.h ../include/openssl/crypto.h
-fips_test_suite.o: ../include/openssl/des.h ../include/openssl/des_old.h
-fips_test_suite.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-fips_test_suite.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-fips_test_suite.o: ../include/openssl/evp.h ../include/openssl/fips.h
-fips_test_suite.o: ../include/openssl/hmac.h ../include/openssl/lhash.h
-fips_test_suite.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-fips_test_suite.o: ../include/openssl/opensslconf.h
-fips_test_suite.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-fips_test_suite.o: ../include/openssl/rand.h ../include/openssl/rsa.h
-fips_test_suite.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-fips_test_suite.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-fips_test_suite.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
-fips_test_suite.o: fips_test_suite.c
+heartbeat_test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+heartbeat_test.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+heartbeat_test.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+heartbeat_test.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+heartbeat_test.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+heartbeat_test.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+heartbeat_test.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+heartbeat_test.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+heartbeat_test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+heartbeat_test.o: ../include/openssl/opensslconf.h
+heartbeat_test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+heartbeat_test.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+heartbeat_test.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+heartbeat_test.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+heartbeat_test.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+heartbeat_test.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+heartbeat_test.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+heartbeat_test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+heartbeat_test.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+heartbeat_test.o: ../include/openssl/x509_vfy.h ../ssl/ssl_locl.h
+heartbeat_test.o: ../test/testutil.h heartbeat_test.c
hmactest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
hmactest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-hmactest.o: ../include/openssl/evp.h ../include/openssl/fips.h
-hmactest.o: ../include/openssl/hmac.h ../include/openssl/md5.h
-hmactest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-hmactest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-hmactest.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
-hmactest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h hmactest.c
+hmactest.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+hmactest.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
+hmactest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+hmactest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+hmactest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+hmactest.o: ../include/openssl/symhacks.h hmactest.c
ideatest.o: ../e_os.h ../include/openssl/e_os2.h ../include/openssl/idea.h
ideatest.o: ../include/openssl/opensslconf.h ideatest.c
igetest.o: ../include/openssl/aes.h ../include/openssl/e_os2.h
@@ -855,35 +692,34 @@
jpaketest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
jpaketest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
jpaketest.o: ../include/openssl/symhacks.h jpaketest.c
-md2test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-md2test.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-md2test.o: ../include/openssl/evp.h ../include/openssl/fips.h
-md2test.o: ../include/openssl/md2.h ../include/openssl/obj_mac.h
-md2test.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+md2test.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+md2test.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h
md2test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
md2test.o: ../include/openssl/safestack.h ../include/openssl/stack.h
md2test.o: ../include/openssl/symhacks.h md2test.c
md4test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
md4test.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-md4test.o: ../include/openssl/evp.h ../include/openssl/fips.h
-md4test.o: ../include/openssl/md4.h ../include/openssl/obj_mac.h
-md4test.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-md4test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-md4test.o: ../include/openssl/safestack.h ../include/openssl/stack.h
-md4test.o: ../include/openssl/symhacks.h md4test.c
+md4test.o: ../include/openssl/evp.h ../include/openssl/md4.h
+md4test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+md4test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+md4test.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
+md4test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h md4test.c
md5test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
md5test.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-md5test.o: ../include/openssl/evp.h ../include/openssl/fips.h
-md5test.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
-md5test.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-md5test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-md5test.o: ../include/openssl/safestack.h ../include/openssl/stack.h
-md5test.o: ../include/openssl/symhacks.h md5test.c
-mdc2test.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
-mdc2test.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h
-mdc2test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-mdc2test.o: ../include/openssl/safestack.h ../include/openssl/stack.h
-mdc2test.o: ../include/openssl/symhacks.h mdc2test.c
+md5test.o: ../include/openssl/evp.h ../include/openssl/md5.h
+md5test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+md5test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+md5test.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
+md5test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h md5test.c
+mdc2test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+mdc2test.o: ../include/openssl/crypto.h ../include/openssl/des.h
+mdc2test.o: ../include/openssl/des_old.h ../include/openssl/e_os2.h
+mdc2test.o: ../include/openssl/evp.h ../include/openssl/mdc2.h
+mdc2test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+mdc2test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+mdc2test.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
+mdc2test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+mdc2test.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h mdc2test.c
randtest.o: ../e_os.h ../include/openssl/e_os2.h
randtest.o: ../include/openssl/opensslconf.h ../include/openssl/ossl_typ.h
randtest.o: ../include/openssl/rand.h randtest.c
@@ -899,12 +735,11 @@
rc5test.o: ../include/openssl/symhacks.h rc5test.c
rmdtest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
rmdtest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-rmdtest.o: ../include/openssl/evp.h ../include/openssl/fips.h
-rmdtest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-rmdtest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-rmdtest.o: ../include/openssl/ossl_typ.h ../include/openssl/ripemd.h
-rmdtest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
-rmdtest.o: ../include/openssl/symhacks.h rmdtest.c
+rmdtest.o: ../include/openssl/evp.h ../include/openssl/obj_mac.h
+rmdtest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+rmdtest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+rmdtest.o: ../include/openssl/ripemd.h ../include/openssl/safestack.h
+rmdtest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h rmdtest.c
rsa_test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
rsa_test.o: ../include/openssl/bn.h ../include/openssl/crypto.h
rsa_test.o: ../include/openssl/e_os2.h ../include/openssl/err.h
@@ -915,20 +750,25 @@
rsa_test.o: ../include/openssl/symhacks.h rsa_test.c
sha1test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
sha1test.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-sha1test.o: ../include/openssl/evp.h ../include/openssl/fips.h
-sha1test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-sha1test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-sha1test.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
-sha1test.o: ../include/openssl/sha.h ../include/openssl/stack.h
-sha1test.o: ../include/openssl/symhacks.h sha1test.c
+sha1test.o: ../include/openssl/evp.h ../include/openssl/obj_mac.h
+sha1test.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+sha1test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+sha1test.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+sha1test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h sha1test.c
shatest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
shatest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-shatest.o: ../include/openssl/evp.h ../include/openssl/fips.h
-shatest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-shatest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-shatest.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
-shatest.o: ../include/openssl/sha.h ../include/openssl/stack.h
-shatest.o: ../include/openssl/symhacks.h shatest.c
+shatest.o: ../include/openssl/evp.h ../include/openssl/obj_mac.h
+shatest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+shatest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+shatest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+shatest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h shatest.c
+srptest.o: ../include/openssl/bio.h ../include/openssl/bn.h
+srptest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+srptest.o: ../include/openssl/err.h ../include/openssl/lhash.h
+srptest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+srptest.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h
+srptest.o: ../include/openssl/safestack.h ../include/openssl/srp.h
+srptest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h srptest.c
ssltest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
ssltest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
ssltest.o: ../include/openssl/comp.h ../include/openssl/conf.h
@@ -937,18 +777,23 @@
ssltest.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
ssltest.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
ssltest.o: ../include/openssl/engine.h ../include/openssl/err.h
-ssltest.o: ../include/openssl/evp.h ../include/openssl/fips.h
-ssltest.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
-ssltest.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-ssltest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-ssltest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-ssltest.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-ssltest.o: ../include/openssl/pkcs7.h ../include/openssl/pq_compat.h
+ssltest.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+ssltest.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+ssltest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ssltest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+ssltest.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+ssltest.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
ssltest.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
ssltest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-ssltest.o: ../include/openssl/sha.h ../include/openssl/ssl.h
+ssltest.o: ../include/openssl/sha.h ../include/openssl/srp.h
+ssltest.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
ssltest.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
ssltest.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
ssltest.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
ssltest.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
ssltest.o: ../include/openssl/x509v3.h ssltest.c
+wp_test.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+wp_test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+wp_test.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
+wp_test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+wp_test.o: ../include/openssl/whrlpool.h wp_test.c
Modified: trunk/crypto/openssl/test/P1ss.cnf
===================================================================
--- trunk/crypto/openssl/test/P1ss.cnf 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/test/P1ss.cnf 2015-07-21 23:23:45 UTC (rev 7118)
@@ -7,7 +7,7 @@
####################################################################
[ req ]
-default_bits = 512
+default_bits = 1024
default_keyfile = keySS.pem
distinguished_name = req_distinguished_name
encrypt_rsa_key = no
Modified: trunk/crypto/openssl/test/P2ss.cnf
===================================================================
--- trunk/crypto/openssl/test/P2ss.cnf 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/test/P2ss.cnf 2015-07-21 23:23:45 UTC (rev 7118)
@@ -7,7 +7,7 @@
####################################################################
[ req ]
-default_bits = 512
+default_bits = 1024
default_keyfile = keySS.pem
distinguished_name = req_distinguished_name
encrypt_rsa_key = no
Deleted: trunk/crypto/openssl/test/SHAmix.r
===================================================================
--- trunk/crypto/openssl/test/SHAmix.r 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/test/SHAmix.r 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,99 +0,0 @@
-[L = 64]
-
-Len = 16
-Msg = 98a1
-
-Len = 104
-Msg = 35a37a46df4ccbadd815942249
-
-Len = 352
-Msg = a93aed0fa5e163a82c9a934aebaab8180edf7de0b32f0fe99f9c75ec305b24609334cefa372c7c758262dc8f
-
-Len = 1016
-Msg = 433e88eb2f8aba562d15c18126fbdffb81d5d6c9397fa052321f5f78cd629708ba099b540da5451e949eeab8687a8d6ac35c531411cb37144ab5ff6a7eb46f1ab28fbcd2ea0444cd87c57bf7d3c02952dba3d3987da07622c16e7c086d90e88ad3d9d4afee301d2bad915d868f54197b70b23c9fa385c443404fbc9abf7e6a
-
-Len = 13696
-Msg = 2c46a76a9dfbae1f5e59f085e9c3d4b600c24b2d404d062cf948e75a3d4ab5b137a31397be9eb34b2a03c78367e0b85448891b511ddee1f787cccd498b172cb7e656c044a03ffde8e42478330fbe9c34072a9e99ce31b41757cc820d98e7d564e06694b96b66f4be34c5eadd0ae4e61fe6abbe4d7ccee855104fedee8b451a7fcedb793d469b0094c0ed07c97fda00dd8c1662b44e3ee6775a5ef6368cb662d257be561a5967893433a4b63f97295036a37272176d081545df00852bc5c4162324161296cd51f76433f2df867a5840f2d0c8d5be00b4dc89443d82175bf69c3bdceb97facae2b2ed68e06ae74fef36d8bd1f75f130cba509341dd54079d45de22845cc8e77a022977c7540aa3e779cb1127f39f825d4d78e55a967ef45e7c1dfb02d9999fd15af2914ba47177177d94576f1091a0657d9e04fe81e6be7b631fc1baae66584c9c26ddbb568750d77555c927bcda1fbdc15c7cbe3e3fe88ca13ff12c59b383343c12976708c0e3dff78be0e286dd32eecf20b71a09fee50a9d0b13c85a15b320b162690f399282798aa3291fdd2f9c40ed873e829388466ddd1da42f2de16aaa9272ccf44790cf3c95382c304e25ae8cb2fc9d9869808f3ee7d42cb143bb0c3a55e03db6d1202ca1bdb744e448640c0aa60d3ebbda5c21e623bb080f4a073a48822725d764e51d415aad1d7c5a7f17433d15ac7d849f910c375ee0899f6a576dada42fd651343383f286009902bb62deeeb2514de6af7f09892c20d0b238f6021f03b62444b1e1f21beeb89acfcd7136416fe7bd8f202e76afaf5345311798be7cb25351add2bb044d2380221009c4d1cbbaba4cdc8631dc0144f2778a6aa1eb3d3c81df0b1b2142fce111af8214d049e40f536c5d462b9224a978e82cc6c420e70ecc3cdaffb726a183c793845315f730fa4dac9fe46e4180397107a6a051f7f0a58ceb9bf4df37e1a81c8e9569187228e8037df2e59c52ba815566768bedc8e09d5e7bdc9f2bff23aaaaf133bb5a3332750f6124ce185e29fda0851addfa2c3d52bb6dfb530fd4ee27dd5bfdce5dc2f41debe6740274bc651aecd4023b098a7d622e2296b50d51b79c4e3f521695a9d43f038e8f273405e26584d3db179e7c1758114a3d39970df674580bbf2884405974f0b9c4b0d8b3287a2314f3f81b6991812f354d655f62513c9551b378cc2efa4c3e08b313c56cada52217fb6112eb8299b28445aca8f72e7170a1cd8bbfee4d2145fbe8d49c6af8831c4d4fc7177a50ee55a7b484261504af946c6bd5e1d6b89092f3c487c0568fa07c356fae9b8e831b8320289039746a435b122cfbc4a0d316bf90d481d3b7d979cc50d98c1190af8dc58e0035557dd5e94f437f41fab513202643a77748f76c6b77302bf40c392cd18731da082c99bdedeb70e15cd68bff596!
19cabcc92adcf122753c55afde0817352bc247d1170b8ddba1ad1b0faadfe0efbfc5fe6334377fa372c3435691f53dfc2ad5e08966b2d3525b1eec2d993a5cd4ff34278bd40dd80313a0727d05e0a932156152f3e11a190d8d69726f5c57d20f811e1e8932e86409ffdac96c6251c2a2976b8757adcac5d2de94931d1cbea866ec8bcba5774f8a7fde792f6acfd0f01356fd66fdf54a416af6a9397e00f848a2e9831627cbcbb52b5a868ec174e69b4cfa1ed72cdf23f39d7eaf4bdb318c188b1f0fe75655e34ad71907cdb77a1a2b162cd7c22d93dc45321eafb17cd60282e83736267b3e1fb249c307d49509f50839942f0f493afd9ef37db053a918e3ec83d801bbdead07554a018b8ba348fe9b7dd92ea7c5fc0e65a644ba19aa1fb6c022ab768ec7cb249ba17b9dda2860bd4aaaa3dc70ec009804141ad5ebc61203658e57a0887ec0fded18d844a96e79ba7e879c4253056f23e205a80ab1471953438f85848f4ab31ab175c089e0bbb97ea0dd6a67385770356741966053735e2cc2ecdd2c8c75cc045181dd7267584b901674b553082b2c58fb8f8be0b99306194a6f069f684535423304d40a268d55784a14260fa9c9cb1306b82f91cbee3c9f43dea9e50903135cc1c6505605a100bfa28564a2057974eef0852b7b72ce264815026d0759f691db618ef760edde73ec888e181403834f7221bb27a69479ec9b28a3fb0c3f68d4467d25712fc48ad78763f9ea6e8a2e85260225ca1b1a38b720e589fafca29f07257c5467cb74ee53189b8c81b784c43e93f98abde1ed53af60b27b13df6ce45001c6e1813de3521028981086f7d88ba13f6fb1a800f312fbe2f842eebe847fd760c394668cfbfd353ec14ca0366eccd7b4cd63318116bdc42e20a632a0d2b8c5cddb37bfc0a239ebe3800a787d2ece077a7968036b3d9b31cd906f888e3ed742cd769033e2c24c5a9e3c10b6d300db5a17dd88
-
-Len = 100816
-Msg = f8ed40e878dc68ceec52cc8e2868722310fb117ca3a52e1839eb85d308b8aa00ed0bf0b76aec8a70eba4f0d14d2d85c5a0e876ce2c8ee59cb36947def6c40a587aa07b368ca8e8a08367018e45b984de0d7f1aa46b977cc18c0cd9b7bb897cbb2814aa0ce8f8c9843e03c86c19f2ba95dd2ac4a466a93aae4b3b05055ff148517ecf43e286c57744a3e10a14d0c26e139a503e7927aa688c78609170ebe3b54104390e5f6cf538093a67922e7210e77fcb584ec9b6844e829be246a266460cb442bad52ca47255fb8cfe276108c36e02f9acbd3d191d34b93d29ec40d80496d1c1bb5ef036221641200e905598c54bc4abb3527c5a5f6258e59d4bf54a0498c108a2725428efc2047e0096b32dfdc6ec69d5d72f81301f881ca62a66c22e5dab9fd9d90084c0a36b2f3a0123cc5327a3bc7a12fd947ab57169ac533e4b6a2cb80fc65b9b527cff9fba26994c7fafb5102a0acd8f9d246a3a54178c23eaa04c0fdfd3c0cd980d1fc7a72b25d74df9b95c3dedce8ca316870c654f9ebea9b806da9767cf40605a4b0c7fb06f6b3f197bae7d8cde9daf38530e25bc51b68f9aa23ec0e95199b14bca96c91f3db15bf8432f714dc46ac87218691bc66cb3a42f6865e1c30f8394c8e68c0ddf5851ab7c5906a1994a9af6ac1c44d0d6b95ff15d9f77825ccea40fb9e516d45888f2378e045d95d936d541cea9c8ca52fe5f7d0d919b2b1c59a42d06105ea4f2943c05178e59d67351c5b2c0051c93a4045e512884fa656b772cf398af89081546d920fd3d24ebd16310506a786ab33293027394c1bcb7b1efe46b550ac28529646e8d2a5ae65c59345e24b44cd7b06673f3ed3b9008aa568a739c26682fa596b7a655842cc6b2758b583487c78d14a76bdac7033806c5c210828ef313f8efc4072681f5fded748c31a58ac933b4665c445f07d603e0905e49b84aa55146eb1c1c99196413832a05efee2e64d6732fefc629b79b37bb9390fcbed7226b412204bda523b8b8af5c4a8bdb263ef9f3f6c7b9e1de3a1dc257c1f33b3d54a9101be5b4f2a9db319993c2cd137c41e35c434ce52e859afd1a635af4d8852252dc5e28c729b2b4c96a56d57f3f3854ded59fe612b9b3a51fee3fc1c83db673b0cc7433bff2472bc74a2eeb6706605e308690fd072a7042ca6474603711d8310909e47063f46f287260a26c4f11fe492298a0f98d28c45948a4899e08fcf443a6ba36457dd8329314d53ac0fd0819fcfc3357426c5bb8d3dfd706e205a81091cf08f31cd3459854f3d07e503991ba5f067e3c406c6c5396d8257496f4ba3703cb1ba25c2fe4aa54577af782cd57e85a88a2d75c54039e8b7bb559219edd6e81e41acb6d575d6f798afb2cbf7f00abd5c9c7b0fceec79f9a0fb040ebcbb7bff3602df7b71357efacd37aa57019350bb81213!
508a006160acde3dae5c42f03141887eaca22d7b33d6791febfb619d11ebabb13e6c5378e9a72e852ddccd31cc53a43275966b7042ddc51485ca20e1c456dcc7020cafb5407548b044d332229911fc74d7fb97de25abff7efb431da82de2ed7e25d0dcc06ffc74e57ca93a6a9f64d76a5c39776fe2266f88d6d0229b527525fd2e22a1407e26f94c5bc6adb1e7327f3c8bb8d4c983385c579dd8f5623df8cd6da569c7de73d9210e6b9253a177653a13ece075940fc81016d8c35fa4f6542df5120c174158ff32533476f4e059e35117081a24798fbdd1eb10f82809836f8dbefe755611347f75423dd8571695960c6f66cca71f0a01e8fecbe1183bee3335eff10b4ff8104132040e2145ec3164b2448f60c730887b9d7894e5f7df3f876cb17136c99cf32db1c02fba860937378dbd093c4c5112133781f06c8ca07c527c2c085e8ba5e52b399f2909e217aef6e3035ecafe2caeb1004069dea023af7eab873deb5ebcef2313c9827821bb9f89fd3d1570a569673d3ede86a4fb13dff242eb98450a8917fd8865c56e0a9f11d72394b79808b0429f3a83cf2465161596887fa2d557b367a1de9c7753666b0cca9c30cba9f0a749c03c55cdc7a6d45852c76ce2010de3e7f75d95228efdc79949b238d90b25f983868b7f07f585f7b00e45d9e132f3c09ee84f794d899759be3dabd46a256f4cf8da71270617cc2425b24cef25d1d2f3945afa6f81abfccc858cd02e05619649b1a5347650934105c02622d538447223d136a8a0455cf3c6f61f696b32266197b5cd1d936fd3ad4288520fb4a2f59bf95e659f33210446ef18debeb679dd99de0c3c74a6eb3dd783861f5db4e94a151c42ce27519d0bbbf1f3b1163563ec06c8bfd881d94a3b896fc07352fc97ada73685588a2242da1b718f81bb1077bc70fbd58b8b52163489ae403838b533851bec30ed0ecd97d72d1af534f3703db59f1f563bdc39d690a0e90e545506463a37e84974fd7b256bbb912cb4077d3e3f5bdd4bd2bab713b696c830b1f2185734c4d2dbd49d5372fe8b813ce73f5e01c36bddbb376ef4541033f2b0355613eeda8951ebf7377e08f967902eb7e23c0fa798c6ae52401721053f1095cacb1e9496500e83c412236fc21566090b3a3eee55aa402c0b774802fd81c9e8579761cfcfdfb1aa23786b2dc35dacd5ca8d8d283369f53e4a5db18060c2c6b0c303052aeeffe169fcaf7ecc63090a9ade245045ab9c8aebf738772297caaef5f857322a597846c7370083d409df27612e47b0cb240daa3cfa51c57108612ac0dddb0f59791289ccbdb3a2cb1fa9ac31a23dd5440682fb373bf0c1f41c4fe2185ad7c53eb69552807410053b0c2d40132250e637b8c425e6a35d93333b5b7d0557927b6179c848ec455fd1ab38348c0e96c60b2da49bd15118df64b6ce4fa48fbc555!
a4b2874141718e731a40b85382ae6e86ead31cea77f83bf5c063bf1febf71688a832d615e09d6f14badedeaeb6ffbfe343fc7274e78cd46a2aaec0a349c5f133291ee57cdcb65c5474e46294de6bb50886bce6c6f44dcb95f2a4761ed2e6c9e7bfed51e0964afab4e0f7e0b07960f2590baae66b1ec9a63ba0fb6c0d27e81508c51487dbbdc9beb8879fd58c188dfc774b3d0ddbd77ee8bdcdfa0ed8a9387728e12b13e8b3c10cc1c132bd822c2147c5ddf9a993aedbf78ec256db1be76644ca8ca7727208bf89732657152d34e948d73c47561d156f773136684d4162d02260300020123d13a95f4f835907c344942ddeccafe2abb7dc4792c4f1e39c24748c63cba933b16be0b8853e058c47a1ae2c4dfff39ec2339b345fe3557d03c1df91a0607a711636c4416ffdb73532aeeb74f237ed8bf971388a0659e4682a46b8327e751034cbf2c87c7828da9d24baf07a742ada34d1ef38ab1e8f2b4f801192c146600709533e61bc2665dc1e9e6441bf3c4f6643bc0c102a10f9a69da5b0e3d0a0c7cb694c682493032b5853f02953b5c2fc0e1348565389762fc2dcfbb34fd305f2d9df080e859396ffcbb7da78aae0a0d72e3de76c774bc6a81c87f2872b6afe97ced5269009304a4992c4add0bbe24e57632e19ad0fe37ae910193aab0aeae32cf6d618ab33eba59f6a04fad00b1d2403396e6fa661d31b695a1b349d62f56c08fe6c6eae7a482177adf341e51d03ea511d7959c721bd20bf371860ecd7fce1d25212891850b85648db0a039e6638d9c78bc958add3e41341536b5007be63fd1f7e3308876bcebcb97dc3b05a7b2eaadd00f8fcc8dcfa7b961bbe727c9aed1626ff786d6a0ffdbd1002cae8a7d047b6181962a686c152b2341c7c58c9f1dab5af424d183ed1c7d003165a1d04ea3683ff31a0f68615af6f91c21f736e67df641ed31b998445afadf9052bbe004d5dad08f62e5d353e42fc35a92242d8414d99dc4e7e81c8c027af686baa5c185e3f99abb3855b22cfdff0a62e2f47a632b7df8e00e0317af5c24ce7c64077bbb15ec27e062070cd3eb8e549ed9112469090ad9a96eb59294b021eed81987178cb2dcff67a9a2e930f6032c753e203380f8a7c987cea393234699de03a1d09ce204f0a8b6d5cf522b6887174fdbccb08f3e7c4fe2f778254465b32766c48812a45151ac37ae354dac87419f9476baa27e24b2f322b2da4ddf579750684a5881bae2269351fb7de59b9d5a4badd8951135f2713dafc57215dc626ee170fae7f20bff98e36b864e1fe0f0f9a300c903069bf0e0b6f2f8e78423cf6063e89dde6c81efcf26ef15510563c84730f611ac879a6628e55115e1a29de6945d37fbe4f803fcf2e344712d9e0d6f6c79f8773a9f199b705235e20a7830ee3357c5dca29d7a6c29a3d2628bf2c42c8f076cc4525301d8!
e1860729070dc53164d9fa08bf63cc889eed01b0130a7146d860bbc09ead3865a3082db0836a45f5506c3e46e452e298764939226cedfd06700e4e33c6b4a78add601140249596831e97f960b973a4e4dc3fe2813fa34eb47f998ce57270368fb81719a09298a223f7e3931ce5cdfab3f658649533354e982c87dc9e49eacebb5bb4af9a767b4f1c03d774431168cd4fec1b2726f1aae3f9a062a825f3295557eebf3af4784487b869fb049de44d03fee71194fc200af72103b157431935b5ab9bc122773ffd313d52d7acf1078386090fc011de695e71567cfd51c06317d4ff8841ceeb74ad35f4e5f4d20921123cb88bb2079674ad39e133cdfd6478d69c9bddc7a818be5d7b254bd9e0abdb030f52846fdfeae8ff370a51a9c5f6017af3c6c3db17c5c614ea18ab0e3ca0dd5de621217dffa36e5c5318fe191040a50cc3ca620683bc34da6c142e1c50afce28a86b8b66d189adcd755561a647080d93f3ede1cf54c3afb7e863fc8a82a2576d3f79e9b2bb634e598507a3d7d017e0176b7868bff3a3dfb4474b3ce03c401f33929364e727fbf8096b77eb351435c7a113b3215cc6246dd86f1517a7e550cf828900248f7c1754e40fed62477b296a37d3e53231360d012c4908b466e49b0e620c0a5031228009f259b030956ebd70e49357c3c3ac2842b6bd6e3ca5a3e985dc03f7105681fec03b320a7ca753b782ad3b52fd9c8e3bd980b48dd6ec8901dbf756108e85015821c880416e0693e0479cb31c0743450f6d9214afabc4feadb9bcee9def460a58d3a02d9e3039970068b8e3fd0a403a6ca7f2c71ae2b46ab3c731b1e65e2104c47fcb1f69e7c8c6df8c09b33f2e1cd4192faab316a44536dcac608832019f5765cc5240eabe3c87445c980c299a5e7ae0acc2c2ed19fdc8f011515bcb00476b03633c7669db1b44f97f6cd402778e9687c740dbe5686789b79d0b13f784a2a866eb91ab2d66f064c49e8df513ec348fd7272ee548ba08e1f9f99696ffb53677550d59c67f88404f6e610455a422d9cd987493ca5c366a397dccface2bba8e3e99719dafa768956cbf6fd8defc4104b8925878716a0514f70cbf3fa2c2bc2f66fabe654eed3076257e71117665703eb88c79e4c2b94e8e856e7a6ef90ee2a358409db78b98056ce1750eb80725d70e35507fdfa5933a61496ba48fbd5555717b33b59d4ef211fe096aefd478859ffc97a41372023ef114adcae5a8d5e03c21369baf1e7f417cb40326bc6db1cdf0904651dda3c1039a2f1755e7c329f7c03bf33f324206ce6e1638711c8c9a45f153aa1f847cca2a5d3af1d24fe7a1e1094819e8e712cbe10ead1012b7371b35cbcc2bd5b10505fb63bea20ac81d25e83ed0105e7595b6c28400f4d336791ce4a584323d0b455bbed44392c5f86c9d5287593f6986d4b0b8f9974a7a4157859!
ba801251d3b44b2bad84f29cb87dcf1680d6d10d1bfd59f0c95fb7bd07fdb3ea2fccd6e3ee80af438956ccfe31e750972f893ea5dcaa26d077fb3f09d990c2f41c8707368bba007803621ecd76540cdb8705435d74f4300eee04710a936f241c034709e625b0dd5dae1f6e86d034426819c365a05f5be420cdf4042bbff965a666a5756f67259448ebf742b6ea189fa17a4c3bfaf651d19a8a525f09d9cff637c8fac02eaa58d3ee3f7221da1e61833c0b183cd9f47686f09597e8115b435454acef80c079eafaa22b18927d07bf8b7c5ebfdec9c42a52b7824d45decef41e6184dc2db1505ca6f94172fafc10731706e79b9856dfede353d2eadeceaf72a302e3492d7dc81e3777e4e9e1f3d33cc4402833ffedb241a75a09e9495d671f80ad3acf06823bb04a92b815edd0ca7d01dcb3318c1ae5c62d3e99c0ec37908b45b51dd65f6b45b34ede2d6f553f60a45e20fafcb34ae4dbd375f52a5db9c62650deeee78e955087c2bea75ede7c304347b171fe0c1a2a033894be6e04605271307f307b2a9cf6ae24b8c87ce033a3fa4cf2bacdfcf54fcccb1f580476c7d00c631a8529a9eea2a713610341e0e25609dc8927e51c58a0a9197a54963b5cb95877354f4b8316df02ed2bea367704a12274d96bcbe0d0d728923a368bb8ab98d5db5401894c822632308ddfd309071fb4b477d8eac0ea5dbbc3e3606d8510d9051dfb5e4b7cdcf2c57c1b76902d864c3109c901da53019ed33cea84b407490486ad9f980a8a63df3d2e3921064afea137f35179130db3351f5bc3f5e7d590a5ab08b5415efbd345f9d57b71ade7dca939efa5a12d677b9af0af14468176a43712bde10cb15787c18bf066eaef8abcdea77d3a0c61d6c74ae7b54fe90940d0233e4b874c9a141dcc740d7fff43b9fbbc012a933d890232cf74fccb7ff7eac1148e203c7381b7f1d1429b1b1152ec25cbf7562596eb402a9328e43b5dc5cae36592da5523f0b9907a6817ecd395a7c778daae85bb11372b20641a04250b77b3a0ece885d07faf9622650259b874536d6d2b92181c834dc111b6fcba483167be40ecc922fb87006f63b9e8e632879563f37a8f712db9fa68c1a20ab239c0116fe022fad1279f3288b8e74a16d447e467b6381515814dd3aecab5c2a09c400b44e9100c04c720dc7e8c6d9460002da6c52004c16999975fef8752c2f9c229cbd9e6446b226cc454bd68cd665668a17328bb30f301e92ef5c7a2197a326df5c99b422096de8af231d1d8872e6e505bcfff026d4862f28d4bb3856a66ced22c9b0587451d8da4230a38561b5b1c69b523a4701a2001382aa82fcbd60733a14696a540227db44aef346d6c0a7ae5173604d59eb828614cafc1b8cfecda054dcc7306f73925e6d1af56ed74c51c6cdb66e9fee8d7a0078254fedb0c0f5dc85a4686870709b49!
9eafbc8451aebadf848b0598ce8f955688bd2d6032abe10d1391d67c20a049841f95d2ee0c8deae2bc1baca0c098d8718cba1ddcd968981c47cd98d247aca4f838f3bf16d092eab8be8deb1f8d504d37cc44a8c96c9f22f2698036d4ad3bb48b31f109626565c147d20a4a7dfd61fb918f81548fb4f78875c1d138e819f6822651b93a3c92ad77793fba5222d870ea671f9cac967919d18f96e92778548415b2e170d90b201215354fc48a77e62823a2c2bb354782ad052732f08beb278f751529416f37d83ea26248517ae2ef2ead28c1077908995a2d25db0deaa957bcab39715283287fd626ea7388abccba2d90e364a7ff4284c84f70da68ce1aafb5be0401cb9d45e085aab41892a49e10cbd5baf2c34f5e0ca076f2772abea6f622b66020d546f8c2f134a87f96edbeb9b08394b585f2c2f98aa792f97b43b5f3aa9c34189804a9ecc2cfaeefbd0f967d85a25bf3136fd8132dec38aa82e4af6ff677682f3b62be27a180aeb22f918c24f23bf6f5954e0722324cccd06829fc32ae4fe3aee6e5a03b3651900e13fb0a759e544d033418b6ed40d037b4549a0404792c8fddc317b7f028493c4c91d6773932f8486417544f3d007e5f9e6fc02fadff175303f77f6b0e1f709bb3d3a93b38552ccf62688a39da1a602dd5e122e6f4e9171769ada5255cc5cf938dfefcbe3ab0faca434c42dc8c357e89a3d1488fa3df35c3580b124ba3bf6d0d203d586707eb692150ed05a01bf9de5c4e67bb948088784016394d47abb853f2b6b643a066ad81bcd1735aed4e108a8c1fcd025b548de874eb60de7f3c568728959147d1219e4b830e06ca2bee1f8a035e28a54ee6958d4821a84e5d1e41139905f7ec60fe67ce5f4eccdcc2c3d1e4a753a32dd3004970a4ff3824471822fe2b5010b9b6c6b01336dbf0181a95cba2624663215468519871cc39e8a7f4a151c8bd03363b402020f2fb98069b2cb8cc1b7e930938e7540d95d1d223e47865135793f9eb573660ff79f7ed2fae503e68ba44596ee745fbd8fa562c5c666d174cc01b1961736e18b8b517161ab9c8058026e0ddd6c94aed0086a26e1b959a5e05eb9d8c1ff5b2ef518ca23b4f265db61b499a48cc46bed28d23ffc1e8d9c9e345c06079ad47c88dd4e8e286575bd7f9420ab9c2d5c6685488b8b34d4c9ac04e1427ae0994cf789b48b01d1db9c2fe75fc5187727bb11119f82d0739ce4048467a08cd635bf78cc1b6cc9c28fdc199d351064a81456f81c9e56a43aef7332973804b06b18a26caa62523a7d0acc272ba49124b17bb68800d5756afd34ddb2b7e2dd8a118aac3fcf39d9f853c4d2c4fd3ed5bd25a6604d68d57db93d15aa1160f8a97e6c24238e84f272780966867f9c644ca2775cdac4af0ece036cfa6ebb1cd9d701dd7daec5763c9a4de0385db383a5647918e79c6a6de1f4!
ee1f6b722c561704c8d7efa4710d78dfce8ad2df0d3d82cbb59cef0bcb001f70bdc6e17af1a720b117fe02bb1dd527b18e6bce70e9447cd0cc85cbcf431fe7c006f5e4ef878a974a93b25f492847c9ae020583c9d412f4124246164d8f080b615e2eee267a7aeb5fa0974de52cefef23cdda7b305a33a91e9b50471ceb72dae337c485d636e28d6ee31f5705983808b1567d4d4ae820ec445c56e6a404cad6b408691475397c0dd6cfad232106ba96e5104052700a653e21f9ac6d79578a9f52548f426a1e81dd45bae30acdd4d22a2dafd633564d6b2f45e7d35413503c955cb0a9784b42ae8c2a5933a6729f3922f969a158540dcd201ecb6e32f88b5b4921914a2e8f424c8b031f115ea5d23a21e6f22439ffd7e5d11b08df729f65613b4f6ad3edbc9a066a5e712ecbddfa6fa764cdf170c0485f82d924a99b7e7ad8dc44c1f93e49b6469a9af3de5691944413f1417b753bcb84d5b7a34f362c383cbc802b0c88bd23a7ac471b9287571c42081b1134bfc8ce104a550942ab1f2a074cb00a90558d6e841ff15cfde6951f03e450a1bfc90dec6c513fcb2692ddccc31d22e5274d41036656183c72fce208e44920776f196193137ac67d6d65ce9cfaae774f23a86e6ee8ff3a4e9422a4667d971906e5496a4e80278774899c882708611bad282f6c1d666bc5e7c40082b43a6e98d494a18e9b3cf7f154fdbf90d786e59e83b72ad0ab893c49aca50ed37ea5202e650fda54f5c46ca2a35c476f4b009c5e6733232275abd1341199b63d22386c484cb95c43ea90e609c407bc79ddd00609cc2eb0d82848db239b249f164b7ea384d0239fe1e64d04955b9297472cafa2ff272c5c78100aaa86cdd8120556f25652a3c12da5853338e3be8f505d93ea03cd1cae7e78e95befdc0e26b760d11e05403c348e0523fe036381408033c009a8e1f117af5100a6eb91f08307df465c20bc1dd029875ef7e49338689f602d98f2dc690a57a6f2864e57098f8bd723574944ad3688b292db6d01387a16493912722ac8f91fd12b748899bdaeabdf0479df788eda440d7bf30d1c25d78d757f00b74bb556506637fc1ab87162f05d464e63a6272db3fe56e9357275035d6b6bee32bd92c4a1dc94778551e94ee1d8854f767bfac3811bd0287672aaa01ea18c25650f05a68cbacd9158e479b508e72df778589e1e03dc543b60bb3b10399e5c50de9e728e69774fb3f5fea757ddefccd0f9da75afe4b67f9c54aaaaf646e858fb001a6deed0a8a769ecef0689c988de566b6015fb8c40aeb5f2df7ea4bee60e8e69d15c4a4aa5411dbe63fbdd6418cf025d87f37362f15e22aba83abe1a3de9857c71c2234023b969eacc0bc526363b7f30b092ca114f2a6cefb34394d146866ac86a33fc497a8cb8e2a5bac398579ff7958878421fb08fff4f8f3deb8c9641b8de3!
92647df3017a5467f9d7b23036935ec6e188dd6dbfb544b8a9e04a4b3c7fa1e4d1d9879daf69986b8083e6eb023a4b5eff80fef17f8f65433c882a21565a919448e6091d1b61013fdaf9fc3e45bbe827c9b4ab10b05600a1961e81d31c7404f8e0d32bfcac2937eaed811db167dfdc29286b0d51bad2bcdb9dea76eaf495a31a7fe717c1c98be374a36271cdd06ed06c02ef4c3c06cb42f73b3332ed488416010e6bf2f4dc4dade6e2e61f19e9306bf941868f59fa0939005743dd647f0a04b576a7e71d4c383c479453501e18ec56d7cb79fe31ff534afbd8609ed701ef163f9de31bc58114399fa0f22b62c66c380e8a10c34b7e731df2a8d39dcf36fbf3a66d67b973e3a94bf6ee0bd96f5c76baa76492032fdd2f59ecaee403d486f543f2cd7ae7b0dabe1b5566e681cd40d384a94349e9668650a6f2d2daf86c59a7b02ba466cd03ce1d50c3f0ca4c02dc4b3d1c0e7b9a77df9eae0bfcffa32117d7e05adc7195f4278c93497401629897a58d08ad7141ea52e0163f14992d7a284e7b875ce4640b4dd48ceedad1ea17d8ab1e760773044845e0899602f1bdfff4d42ab80c0765d1a8bde2ba0a830c050923956d06c80b182264ad19ae4f7c39e43195f7d421bdcda00e3eb5ec5ef2ec91d69df691ba7fe250352acf01fa92af5e2c634b9c7c97889e9147e869acc153d88cdc18908f882f371ba9c1e13c26e9cb8e3cbd4c5e1988080ca65a67b3a4c3460cfadbec904d853fddd2f5375b6070941fca53cc106b5748480213cfbdc1c34320a0478b05f76fd0454c75eca069cb1fa7b21704dab67dc40d041c8a1040db378e76655636ad725219c049e6536982d6ee9f11dd032280e622547c7ff44a938a1f233c356a98182d22d5770fbc871e20bb37483dd5d6ea1551993b95b30774a49b50d411ebe0e8c92834094e23ec2664d822c40e96fb42b8607b62b6949e05edcaa436d0ffac6a8ff384068acfc0220c0b098d368fb8113918a4f8c9de37cece74c8695cef2427e54a6e77ad092a9b7f1d94ac9f0836deff41b905b5dafc58ad6063759b0372a634f69a639e19521825d66a282f489c3172a3659264d0132af3571e637782bb6fe5c0afd24547612166fd3409d0991392fa054ea5bd07a4cd0921a13ad7b62a0b5e6d56cd8adb7f3eaa5c99576941c38aff311c49a8c9d8c755869302a2e5e40109c8365a551cd3f859b9421be189d3a0e9ed78830d5cd6a2414e9cc4c25814d94d98f8848e5386d6dbddd65d22b96c5d20020a5dd409c7e5344065871e57e01c91a443501dc8bf619890fe231319b5480c3879dee618d319962596539e2970513fb5c0c8eac3a71ff99962779cf1d7e916566d0e29d121c5cec5d7302a18ed00be9316f3de8c669a64c2a960a588f9c8a42690f6867cda7146e8ce27aa6a7fb27606eed9df6a235a42d17ce!
71627446e206e879de56025a66556263f06684dedcfd6f083d6a707e5fc8f8212d716e062f0f7fd0c2fc62bea93d68581265a803c31cac3f8ac8939c5f8c464ebd19df42c7e8998494af614c8383294f3f3883f2404ac10404759e182a038c97aea04a85530ec005e203807c5bc30fa9f5339b32fb0427e64915e29a25bb25ac60b92256470e7de5298d42c6b88995f8d2fb704e49d55b66b71e237af90fcbfd71d9093e1a543da2e9911ac4102346dc4704859cb33ac5f5dce2b3331a9dc9fb506461a5436c89bf90d39afcf93cbca4cfc35da6ddb112243928246ae0d1ba269b0fce0468d3ecabbdb925c9ea3241e2dbdc6b151fb4aa724a42f98b0248171fa01fa103f116d0e7deb65dc359b09126f9a420300fd209508ec7a50be56d5b470e387d0c52a1d104625f9571ce1404d1b7af3fb00475b95f752ab96610be112d33ded48624015781e7198f4dcdf917839471fbedb43c34efabe09941fab6b342cf672a29dbb1eed0db788dbfcfcc63bcfe80f7718571f691818dd6f839e3cc282f85f03fe0400171cdf1235049fa53de7450b4c40ed398d5a486f52124c1c63de2afc950e81839f52d17e2a7d32f82788465a65da6cd763c6360763561ed2bf47749080549b6e2db87514e1ee1c85a0bbd346eb6e3cc29267cbedcad67a287fc5be65ec59ba8b6854b31c83dfc5155187d4150685c5c2c342ed68b01ac9e44b60f0c100a347a0f93074dd37d8956fe2f43110dda66e9f9e6185c23dab74cfca21f3ede4bca87687549ea02662f45dfa0ad27f9959a120cacb7c419810e1b1a50fad31c12c47d5bbc61bad77044aa541d29faa6126c60ef088b82eead17a52843307d4bf798b853d90d14c5347ff10615381d85e964331b7a123d15a77a6790d93e920052ddb4db4baaac5e2b27b66ff955e53b8308151c81da4711189ccf0eb393c5bbccfa1f6c94a8d5f4bcd266fc6a12061967ce836ca042257368f567dc42de6ce0be84449234a6163b72069f25b7ead4b2003e1a7665e87ccf211abe94175d1c11bff2c0b6bc110194d34aab96934ef59804cd26e4434ba166d9833fb091be37b139cc10748b881c93690528a96ccccd2dbe024510b8da37dceab567dc52706461c486a0463369cbb99bcca2e8a4d2e005c45401964722a4b3ed37c351c9f21685e8992c9634349379f41796deebffc2928058c8ef6ea37c6e4970dedb78d1c2a00ea9e1ff1e7708470a6c60e6a2b1e966aa872776afdb238e97f716b3df8dfd42bf0f7ceb52bf9eb33731bdba5987b8f48b4599d67b383e77413107857e951ae0625059e5616ccb41131df9a480efd5beab3a9c99615921caedc53dbad675c00ba1030577db1d22731677914fa958b44792cc9c19e2ac71ebe61a05ee67ae7116e39e1c0d103f18bbc9d531164360d901da8234d29fb0b37cd2a60c7aa!
2adb2a4b297ea2fb14122ad95bd4592ef86c88fdae1e37dc8e44ad03c0fcdfa3801e93796771c5a2ec1e4ab12a64b3ffe48e7442c6224661ed5cc987aada6e778399941f7b20f16f94fb346b916be87f005c9c13789741602039d38270643cce3c347565eef5ee09139330301951c15756be47994de6f1802dc5131b9b011051b1d87d744756831a71cc8528487f032fee9dbffccc751e6a1ee6d07bb218b3a7ec6bf5740ead7a47b6907d7aa95b79aecedf4a637ead8fc6fb8654c93d13ee79f5d6258dcc61993aebc65e4fc14eea7d006e31f6e9f60e3bca8ce52ec559876fd20255e507daa99b185671ce1ac11d448c30bcdf97b9617195e0ccd2d15246308dd6cda74a8071114327fe203b1adbaa780f3243105c5111636a51dce966f5652e39d4f91abbbb4576234d6cacc3ec57cef2dd4dda49a6c33d12bb7595fd5ab5bb15b40301f34ddfb831a5dbf62218f496c003227fe6282e2ac054c45e7f3fc93e51b3ee8690f08612395095a0a12729d663eded879d9ffb325c62f2cb546a48bed51ae232fa6ce28a2494c132a6e09d98c2e3d478d5d2d15dce2e2665e4a3db448931068b99899c2bd8ba87349b0cf9e3c52cffdcf58a59b4fe0089b298b42ad7553f831bd60f5cfa3e09102fe773e4c05412973a678f3b3ed420433cd664dc7f218e816a17c5c9013ecb84abf2dd073557dbc41b92a91e0339d57b8b077a9a44d56427fec5748c47c1460b2e2412094db6d0ad06dea0aa0c1368592594bf0b2f590a9d6149e44dd4adc4cb42e5d9940d59397b83b33b88604c210694e3fbd84795c80c1b09ddb3b1ec8bef6e9dfc4d7f295e551a79436007ca48aa605ef5a89571e59cb26f2766e564e39d3bb441deaa0c8664549881d90a77256c0f6c77241fd6ab74b0e2890f78ff16fd2f9271ef96ebfbd0b878ba9c703900752b7447f4efaa60bd9dc9cd5673a36b39d49f54274caf03c0cf82b95141fa20ed3ce02ebf0dd74d9eff8eb9e2dd3a2976b244b12fd33ee75c1f1c459f86a1cefbc817f42d7f43ba406098165cbeab99df4fe751ae3382efce32af252e461652c7598161e74fd8eeca474fab6b1ede039935f2fd4d7562623b90a422a78941f47a76863d95857c33653d1b42b806bbafcfeccb7bb4a0c58acebf6104b2570afc3ca88e4fdf2719cf39c964a1ea7d2ae4a7fadc938abc95adac495093f6b959b1347501606b3f960b6d739291aa8c13eb49e98b0f78d2b91400b6d8961cb6165c8b684738e4d4db2f2ac30ddaa03a5e0cde4142b625e81907f08c60d7cb5729456806c89ff0efd08397423e44738ff38f8e88684f3a099dcda455521caca37ab4f4d9ed5d37975d4fdd778b97cc93babc804864a35e3a2db04598152e67a2f1f157681c3962d46ada23ea5d9a524f9cdbdd08a07a3a85b1f6fbde11d5a35c7743b83bbefd1!
9aedf6d92241d16aeca7f33cc51839b75f111e8edaeaed808daf2f43fdb3c6f032ea45052ac31d4870c4d0d76aa75d0b88635ce449054013f234c4a16cffc58c95ba1cb8a0a0399861eecb1039bdedfab4d05f0270c6b16f03f6b8e629f687f133ebf2662c7f930530746679aac2791f54d6a95bfab5be0c33739074ed4e7ae88dde4a8036a7d6095cf41776366b6ae3f8f4a0734f48c275e129cfffff5e0abd042f99a957bf6f0f47fc7288750f4fe30198f8cad7067b36cd87ebca08abd3f9475e7443f83cca91a1ebfc42ef3494871f51f6d52a5524b9391c687571be5327c7c94ee2a096653acb410917fd51e56a92be4f24c1db6b97b465ca84c31c04c2f61eae07e952eb6554aa4d8a380d9ee81c1c462c360fcc3cdff2867a953b655562cd06162af8b99bbe662e0c27ce4d9a1c1a907def48a3231c2110c930a2f1498e32dbbfee0e5c5869332f3024fa5dfb0327a27c663cacd4e9902de34dd93529e90eb347bafa5035f56fc578e8386c7571d1f0ba335225ecd8be026b4544ad70f3af11501a53119ee39a8558ca0ed5b3d897ffb9cf0fcab55a0942d3bf7bc6b94ea27a6b748f2cfda431f35252c44610b7e843ed91ebf7e8fe10638f04f52d6d5a7752ec62350efcb7c473f80b1f2a26805151e8346d39d23551e92fbe372df7979c3f756bbb43f6bed09bbc6b65fe6fd241ae1c2f1a0d0b805c582853b85502968f9478e9a84895f9d4ef01ec4f3f571e57cd0bda68ee1f6f7e14fb6e0f4ef8c7dff6796472a935294fc27b16216966d5021339ded059687355b42b55926854bbfbd9f974a0c26eadbfca8a6183093996cf252894e6db910c71ca3ab2e82d90d371c36b92c9409cf7937bb266ea9b29c41d774aa522e103cb30bbabfe872b57beb027623742806aa7694a859ede9bc1fd7b9e32880b064b0030fce1a0e5cdf3ce558a5feaa32e323dbfab6661c5878c9377ee52a615b7c17bf1228e328aa20f92d070c71561969e1af532e76835fb0436810c3d87b982217edfb1143bfc3405ac9f6f3a50145608dfa8658b0ab642a347255c55b59cd1c5897b2cf625a0f0706c30ca1c1321e90cec57b7c3d1bd1af455e3732db80643383c41eaa6781f63da6233360ee720cc04d171ae2445b0c071e339d547f7ac32f407d29ec7abce0a9e1ef5276544877bab2f84bd2eef47ffa66f96e7170cd54d836c9badbc59435146031502c1a3cc744a470f693636d9050c5b894d2d6047df60eb0bac16d905d46cbf017ca69d66427cb88036eca4ea9d0e579f6bfd8a4a850703a0fe49d39c107c9358e98689fb62bd0475aab4b2031446b437c7f9e373caf0270a28d7b15c71f02079dde401e26175bb6e392106a9072021f0e5c5145a1db6f595b032faed8551f6e2ce318db1ab513db876a3eb42d225014949c19543e9c5dfd2290e28c5d72!
c87223f0195ffbcba1c02c7d0087721efd2af6881dee7dba7565e07abc35bc3fa41c6a4d6a313222ac6dbb117c69c62db2691c68869ac5fc5e987b0ae4335f815c73ea4235da2582dde81d6fdae5911617daef847be17f2bc09edd88830eac03977f89179fe03eb2dc3b38df43803ca2d38455232549110f4580ec3cc04c0d8cfe493013d2cde47c506ef6a8dfc42d998f70378fac5ce4709345926dc477e9e339d8c87ff6287ea6e2873e14d538cdc3f2a47e0e37a2601652f5b665b616a7d1ef3537a3327a76f93990f7694e6484e7a52a10e9eea2edc92b99406abfb2b11ec86667c7af4a333dfe900bf071d1bbcf4f0ad768fae4f450c53817c507d26e926e753e3395201d3ad89061f16706d841994abad283f0db74cada25beb5fe46f48669a62e0b849cb77097e1b4578b45062af4a071b04f0cfddf87519cf2bfa10ebb4b860239ff187e6dad73806ae968e6ac0f738baa88edb3ae4883a9e59be7a6b222c5f54818f95578daff9fc7a7aba8c4a41a699923e85ddf24a32bb71c808516f64d506058a70539276d57984d75161cba7d53a4a864c51a249a6b8fcad5738dd0055ba8468b56579ba5f102642df65c598490f3a0c9b1064f4eb1962c4c38bfb7d55d496a0b0f7b3f90b42f733d112c89176aaf937eea4bada845f3ca4e9b56b3a5a06b4c90fa4c1914ea47020c2f32531e270007ed389246906ecf2c4465f7cc5d6a347583dd73341ad97199021819be81100d867d628323ef7552db945e4c0be604cf6c4a8197958bcbd6c1879387d3286dff979632c54baba2a35ea84efd7726b662b94fae61464d069e0103692599fb86fdc3a06e01c6ae3deb3de6fdb21806c716e5f82b784e4ad3f0e2de629a18e3a2309003dfde9dde8e5101b83312f76e811277afc286b56879f4eb80468e58c60bc088284d05d725ddfe3185b7c51b472a7ff7db3930839142d4a452ddab628e07d43375801d7c6a711a55b452748d770b84ede35920c1ac74b595baef963d21df9418533fcf959593ccf5afccc753e86c4ae231eafe77a158c2472143faf169db29bf2b53c3288d8b3c9added65778095f85e2cb471ab58362041f0a27d874c42bbb06385a0403ca193cba67cf70029cdb7e73c7e2267b856fa0b8dd4c706b45e7174659b0ee2891df911724324f7ca5daf07c912b9b2abff762e62a1817688757492975db7185c4695f3a90895634b8d07453b36dd95197abc31d5d153dfb0d0ec92639540e99d6590f9b394f14c93a5e829fbb33616e810f59c502be44a13b700fd3009545e34c211abf9afe1bb8ced793c6f516d40010649f83a78ddbe9b71d8596582997d0aa54192e1200db61dade30500d72a184ca7dfcbfb80e5442f489d316cc8b75005564835d4b11c482e2c4d0d160f14a8b13ae0a0fb0ba5e3b782770aaca357df0e1c4d1c3b2!
8b776a8b3e0da1abfd4f7190673fca1e1c5a31c688d6e8ddb21300e4178d07c4e854a718ac3f672b0120d6a54c16957c9ec8c444208e47737bc4eeb0bf2d801eb2fcb72f91fe988aa75f38e6cf26e858dc2a718580ff5d281d13e8fc3e3bc30c75c0193481c39c375a5b06b962d9491f3f1fb80f1cb27067f0709e0b0730573a9b5f5bdbee1708ad84b4ceb1a9a61e4c41e90655764057bfa07b8c81cc83a315be1aed6a49715479c0fd0f53f625fe6c7f36fadd001149ab978532e4d0de3d1a38934c74265b161899843704fad16ffc6189f42a5cadec98603e0f98c6889bd4a559079e074cb40678fad4690a20d988735280a1ee8ea71275069132101b35c18ecc9d3c6eceb4cfe9b165e4b6acc17d4f113ef8283c0fb6506f5635401e916d4f7e7bc3cf49aed166587a0c72cdbe673f467d81bc2e9cd08cd8dd16d90b353481df31e89b45e8b
-
-[L = 48]
-
-Len = 16
-Msg = 3a35
-
-Len = 104
-Msg = 7db15b3ee240b45d4610950996
-
-Len = 352
-Msg = d2a1efc725c46cd6a19760f49edf0bae823c1b4992ae2260085746cf65833bd008e56e64002383f51f960239
-
-Len = 1016
-Msg = d11ad1253592c094746da7b5c88d329bc3ce1929913b8be07e82d3f6b7a536a855f31ad197376eba6f2f4534413fc4e4e7673fdff8739f774a710754b568b7c61a473059a41c98aa4e86617aa66d2601d0f0d584cd9f132afeebdc0ce3da6a8b290059e6e4aa080c195c42ae7f7e1e99865223439929b0a3a0d79b46ca6419
-
-Len = 13696
-Msg = 2f7a9929dffaa4a4dcfeea1fc37b18e3cf935abbaa17cf9d834b3a8d61e9fabfb7683cfc387d6f46ece3f8bf845827c7ebe86a651d6dc1e83c5772cee1a9fee4b04453af2f68430bd87835126cfd1b3f8beea4d3822fb27864570e255cb65b414197480b6bc20a39c5450adf2474da93d72f6ecf8063899722d3755b7a19f71e93e782d89593ab19ddd3ddf053c54e0bf832311fbf132e8b9e540f38e4d9bcc3cdbf69de54e40ef348a9170ba2f65def167f568ce846889c0161448342fe907718a465e451bc1b0f2e4f21f9b911f186589f43dea305811473837c063b915d849c20deb43323bab4b64e61823f1df119e71962dd975700391b411f8778980a3080ba3c14a321d32c082d416ddd2345f0eb751a516d44ee55222395cfa11e7fc4edfbe7cd49bf4ebd4d7428843a2ad5538b3cd201ccd431aeafb146a65d28a4870a6948a7cc0413b0adac7e8dff3a898aeff5f4b65d10b28ceb749bd354c061c3008ec569d5f90a4d4f5caa51d35b49dc4028e738c8ff5939fef3fa202fed9ebef6f2c7dd0ba41cdb5c0c16985f96fd93a65d134fb4a90ffc0fb6cc5396b843c2151bb7c9170f2fa4fb44292a4af28df5481de0c3c917ba1c46467a35302738158493fbf6a0422cee558d4bce3d78e14b4fefb65bb05043e2cc2a6a8ea64565ff6ce2fd2c4f43fc02926ee44ee02fe1dce25cfde0115c9396c9ea06269f17b2caf58e2332cc1c8528d9705c70da1f76f22aeb1d1b93449180640fb5c4c4a708bc4621d7d2bed5b1a752191cfdd45086d34f247ed1df0f24e7c620de32bdfc4d1f882380d2cd7467c926f48abc75cbfac8788f88cd9dc5361517a5eb36311e6b39e21a85fba2038fd47d860f776697bb19cdb5a4d6746fae507e274399c91648537d905015e58910117e5914f44ebcb00e771d38b30c1473e1232d4e222cebceb4810c48e83e0fd4c852f4fffcd643c0ef9e4fae2d0ebc6f102f3f749b02a5e3a61517d53b539cc24120df3957a633d50369d46c0c226f8924cae51dcaf54d716f61385fd8cf38c2c311a32bcd6594d6930133dc18ef36a9671ba8b179abe95f588ef74e8558ebbc974dc73c26bb6eaae78ef464181e18b71f4b0f986ecc8495a9c4dc0b0b96be9806fbd3d32952ca3b4737a06ed6561e9c9581a33a720123fbaa2a70fc3233b83e56444f5aa0cfaf70fb24be6118404f3e11e6ea004cf2d079a3e93a8ac1d4e297cf4fc43851dd26314a7ed6a5a784b386daa26e50c64692f7db28c21d82234289bb45bad5042236667e6d70a24bc9525c3adcb793a6a5725d9b10911e3bc8e3fd604db7998346e7f7dd1815c0cbb735a977bd4b32b5b976932bc92ef3b56bcadc089045ec95f241cdb0a84c67f1f76353da6cb493bb27a881d37a2106b8b3010cf935eb3601ce4dce3e449eff8331e444ab!
117a20809a1010db4cf3be0c488f777b6532df908112e3d11592f04a0cc16232d62340cbb8b5268a662b8278d37c03d848a04f0ab498f5af43b0a20e310197b7e1395a65299fac29f051bcc5fcd09a5605bfee370ee8ea21f5807d9748acca815a44d81796d68b0014eed3bb6a94233fc51725de3809ac6f538beaacf8cbe3d96aca21a7a763a957f8892f22c6d086d9af2e5ac9d90321e186584f17e964c90739559ddd034df076c4aa38c2b78aab6dec8ef6be9adf33bfb66f159ec4826653ee6cb483539c47a4a1d95663e6cc7a42a3bf628623a4c9500a59a50a312aa104b198ce5f3e58952bb79ff1ccfa9ddba2fd4705e91b5acaddab9d6522d7666264ac5f533b6d8ac4512d8371c69c06b6d322b046ae2a0a20aec1c3bfb05f3d91b9044cabdd873abb5f2b0e3e19740df31e39828f9ff9bbb20b73541a7a70b8174ce4e43e0d356e629cdbc6c08d29bd7acb6a4347823075683ce9d7de4ab3ddda6572b175951f30a15263355fe9641b3322df7dd52077402a884cd472e6d0b6c34cd63ab63cec8760c7ebe384f7cc31066bbdb7a3417425e039c4d340166e4bba4839076ac9457c87459c57957d0a06dced2f7a18acd22b7295785dafa435a2a8a2c3a1fa05d115fe129d19fc44c5a29bf15b4d9c2b375bc8e591f92756cfc573a39b8fccb8395cad7617b11f14a60e2dbf69b897844cbbcb70363010f6e1bc0590ea594aa924597dbb32a868b55551789f82437180b85661809089d34a168d44b4d788dba23b13542715843eee797366d9ce7793e72331735bc78cd61b13421a568ba3e66926921c04e9d00888ba7ddeb474db63813756ea4a02c1823083e36ebd2d32d5c88cdebb98d511304cc276c7799cf84a1699ccac9569b13f530c762732e6bd0f8415001b2c02d11dff36660b717054b16df49ba38425e3764a56052ffddecdfc686aff22079897376cc15591e11579fe4feeccb55f
-
-Len = 100816
-Msg = 5f464d3301c5e0871d6b41b002dcd09abc80a805de3482d97f3fd7b9838745da1c0534168f76b93c3c53bbabd904541ffe5179cae619dea77446140b7400f47d242141c7f2e9894d88f44c9e066861498e7394f206f594a419790d697f6a11187f84bc6fb288186109343eb11172bec076d041a4c7306d7978c009fc2d2d62563614ed3555ba2d21c8fcd70e8389352dbe4ec808af3231ce990452eb05b1b0dc4fbb1b4265e69235cc3561dae4148c386cd770474863a84a822b2e5f905fc255d55f90bd6a760d441dc52240ba7d8c888a5283891a2c99963d1fe680549d6267cdea92cfead167f6c49663668f2bfdc61fa647f5abf3ce5ad2c6c175dbd456ba41436aa06f5f68f5c88e6b74ea86a79934bd05b486210d3d470a0967ad6d67f7385260578088d7e63197849354f651aad07e04ed301f1fe7a6d2047d50ce5dc6bbffbb1da6b47d740898f4eb54e3c5a1fbd18ec93254cc01f705fce04e6100ced132c519674b2345547804a372b5c925bd9ee9701527db33408d37b72f8d18b882d3c4744eb58f011d21fce336d426de1fcd5e09610216248b51fe2b79b96c2bd6ca0155e05a8a516b7a24d529a9a475284735bd9c4c437ddf399864b64fc5d0d6ffc4e5a7a3dbdd476bc39ed29a0a92e1f2b6b3506c2be5452d4f896db6eb4f895b554b2af64c4cb8dc2369b91022dc50b7291404cc9605c31569c32756a64ff8c4fbb0f1bca346c7b58a5c6774b2fc7f7fd50741d34c8564d92f396b97be782923ff3c855ea9757bde419f632c8399763003b58ee9140c2d62e914c1e1fa742661a9166d42267edc40905b35a25d5c3cb3fb457376b7422896df7bb19c23e8f764416731d2e20cf2c1beb8663c07edd8f105e078e2fed05c5e5897c430017fa2160f565a75a4c5c64a15dd7d644bf355d169ae2696ae5ed1a39e8f81055cdf315e5b0c6f9235515fc4dbf30281ef17b83a6ed604f89293904bf78c7183fcb0ab236cb1f8935e59c51559217efabc000b165d819b717118a03facb61a13a99b194f8b6c7ddfe5850127d79078397a56564c7ed6716a129409680434061b2a4782c9006587de927c1ae09d6778a5f1c39fc419fe10493eb0d4ad492fbd05485eee7913c59df82fe7182af2cf06a6e8edf06676200077bd1408f5c1cec537cb8566470cb44895826d04ec20f0aba4297c501add65c75d5767ad2ab63aa81b7b66f01b32590f1d55b7e50e6df1ee077a19c8c895f5ef62d452cc336e9aee171fa997ddcedd7af86e6cc37722fb5838a46c5e58e7f700edfb7c6bf832171d9581f660752867118e9535a6118635709d6f1c1cb21b938068958e956149d9bffc67f355cb88205d4894ba97c3e3c8be9fa2d20abe79f3f93a6a2f4f56fd075bb49a4b7dc83630e58c32a29d757fdbcaa607352f65483cf2cb4208!
a3bf94ca7a25e2a4e05279be31c33696c10fa4971d1b64ee938dd299f483e5c098845749a3b706a787529bf2ca56693d0a7a98243e6482a43e1f5d3086ca1b00368d8ead5ed2d0fb79b1e2f537ab9340809ca3a9b5eb2900390432293008ab7086c2811d33de0648be5597ef002c7c462b5e0f4e0b1720a98b2299ad7aa55eb78f0c77c2ab4371385f280107ae40ebf814a8223dc74f31483c63d9e4ed09fc7e5a51bac34d69d97163116a66c84ea9fe4263269b71fd228555ae3cf5109c4d6ced7b9049a2b8069bd2f71834d6c07fffbd7561939188bc07dcea08086bc7182a5270427c3199bf5fb5c4549861fd32a38ec81c4ab058c777dc01864787f0275f911a17838272cd65135f66baf06d8d93bc439eeb55d50b7c5adafed8eb8140b4b05f59871dacf954f4b096c30b7857774fcd319c096750bf605db8e31fe02cd1b9294eaf8bb009d4609f2cdb3a8657f650501b8553765de8f572fb91ac77b35db35f402453e5c58f60146f2906ff56b9c6b3a5d0bb6afb9e2201110919ac9c01a7e9750dfdb2f72afbf7a8d6f64b1c68b9de17a2c9abf289eef24074eee9b1649caf3693118165503a30200993d271aa31b8b92606a10a52612dd1fab495b82f9a98cade18b9d8a723a71ceb63fd1d27372bd281f9b40aa1839b0cc2f2177a09aa8e7b159ac118d7c145e7a4f032e788d21facde2b4dbc1d5d2238f530d9bf9bd2798f611d03ed8919f0c85bc2da99750b7a8d6322d2e66ff6ab9ebaf7424e8c1c3f4fe92be61f65359106395f5ef995e925be3868ad513f561f873acdbaf18590c903d64bd275121c11ea655124d091740887868544c5348664399d3da96e2e35fff34f062fb939d656bc072096e510b40b2f75ff010af68d64fd0acc778e2e13c9667de266b1816c4ac449521b02bbb217002c604be72e73051aa9048d192e3210a68769dd2693e5d44951711aed3a751240d42f8925844131daa36c51d7d59bbaf99623fddf1649db954705fd6f3405e63894f5258c9ffecf83208c2c90cc55b1a8d2972ea6b3a049ee54942b50526b7930953986e428b2c75e47ed870bba68dbfa624dd94112f3059da0a80c583baeb570fe8314f5c66501b34116c81148dd22396fcd6479da49f7e952c8084f97d6803ff85c3787222064ca368f596a1ebb6dab20a03916b3ab071c927d87fc10ecc4e7ab4a5761e3eadaea4de1a0dee30aa39a9e4dbee047201d7d8a4df1284cf668ae3ed7dc4cb2cc4b5cae9307353fd2ae4c105c5d9f3bb021535fc3ae9bf3ff54ddda8b2e1037cd9d69822df436dc1c750a9f557d1a3a63fbe73c64261dae0c70bba6edb57519f5b957f138d1aa5fefe01b73c1851aea42938147bac2762527a492cb85da43014c876e223b05597354d7c9b328df67f354d168a84ce86dff57d8a870db034196dbeff83ebef80bb!
e52425a8810f2c9fea29ee688a201cce4a5f447be789a3881a9da3b6c491288e8f1091719032608b332e0410f4576597e17e0b5dde305f069be2e80d565bb979a3915488f88e3ebb90e81c264bcaddd72b8843af4a4ae31f723d50fa0995b027c334c351128913bb93e67b1b08f101f6b8dc8202b44fbc3d3dfb530f66e5a8f35e69725c86998c05ac87c561a4706e90fa095adab4a566da4fab82bff6b20076e5bdf62dbd6614245b6a6f8cb6bf60106f8d12b9c3e26f8127dc547e2181531ce980a3273f452892110cfe1ea834a30f99d66e026a9d22dc76fc3cec8fda2d7fea701deb84dd45c97dcde57a017693e90983a156f11c4d168d89c06d8a32dbfa590adadd16850854f24bba315b0bbf372f03711a20163afa0c137383b9120b26c59f5e9e7cd2ccaf0ef4e0d70d5a81748ad441ee5fe178e14317cab184fe178fb0cc0d82105d2f423467fdcda0f9871b9d84882609248356f3053a99866dad9f9b0f8c4a897a8cb8f30365a7ae5f3ca6e772d863d445e6d57c6a478e35d719d0e4e84f3a30b1816ddb55bcd79df21ea0e95da72a19cc1fe74fc576120bc108be3ed4cae3bea889fb4ddd67efe858a994237378eb623dab070d954ac780c1e6d2095383c98ba622cbdb18fb53260979fb2672c21a4600f4bf06583a112d303096d4e30e7e1060d869f386eba3cf7aec3052ca17593dcc9969fa9cd88179c262770211cf53f53f175037a5cd445d239cee48f7ed0aa1d715a22ac18a8aeecf191d415e4afd92b76c091803f4c757a9e89f696ab7b11ad6d5f24774e4a004dcb0e3f33705dd8150431f051016af37647b9e44b10bef114276d4b1055b634461c655a82a847639a038ec9f58876e84e9a2955b696e072d8054c3f81173473604d5fcc0a75b4a340dba0c375beb87b8b01a0f2de232bbb8371c3a9d27a0ce521c4c43dd3bdeebf92f42f87d88978d5b4e3e563cba0e5f59dd29c31096885b113ea5c57e66a3be015b703bc26d3fd1d51a7c14f85f65747ac909d7e30c8e800be27eebf4a62e42e538ae30b6883907cebb7fc5e150bc9da3a138f394e817df9a9e44420078f30d0d3d6981ca581791a097a5e3982c983d5cec239096c7d8cc55c87242026d769ef1d04eb96e5b5001e3358af88d417cc61f107659791a35d8b5f7a5767ae24d5b2ba7aa12230076db1f1b9b6f213dceea62949d98bc5db38743b23a59ea75dbe4231a285678f5f07facc053c2048022fcb01f15e8c100d64a877ecd56d196a6ac60ae35e0e09a517224ba409ba7b70d8f9fe65bc427b212a4e9b3cb17b0d332267cea4f3bea7c1e550f7ffe567b20e3057aa0ebb560d00d28e2f7aff718a9f2d4d044f0d20709bb9ad567c98cff7c4810e8c542370cf90a491bc1088f69998d59f344b74db6c1bdb61f284e99b517a11452ca0bb37c7bae77fca6514!
b341066086e600f098a32a92935380a173c9182a2513584c54ff67e580dfe16b508acf1729a3d649ff1eae286bffd688fe658612d6c8e69e6e7f7de4ba85ec54747cdc42b1f23546b7e490e31280f066e52fac117fd3b0792e4de62d5843ee98c7201529455c85b169fdb90cb05e3403cf2f737148bd20a53c73880880a14ffff37d62130e682e50bc7210ea6c1f0c27656cc1785a0d9ce93ff94dbc5b2877519d9bac4a339e98ec594a7cc76f4ddf994fee8070dd4b8e0fe0e51b93105fcf566f83d914dd862b4ce78de7e9e16f142234bd969ff8005dddc641dcd3c7cfbdd6113cd3ba34a9503a0f433899e90e158abde2ed4ed4b3711c991577c5aafeaa982bce80835f8e6d7c7975571fafb1499991646bc499ec32930367d4b1de76ff656442cab987bdecdbcc2b2bc35ce01816594bfa4b6e33080caa41dbdf8ebf2205649f98a2d3bf331fb16b9ecd1824eacbbc9f81297b115b4d36aa7496e05f7d40d4edd1886c1bac10cf3f97840a03277e6369e7a7e90d932050ab8720fce076de5c355fb17959bd75cfaeff325b0737f8f5b1160de0b0184ba04afcc30bca77a6a37e29662302d01858c0bc1d32b883011b7df5a387805296cd91bbc835a3e76152d017ee929d4cbf137eb78db89d71617dd76cb00707aacb8088ac77a1f52ed710331193edb29933a7efd8cc153e6adfc2c6637e88cd86b06036b8177847b4d086b0ff9b5dc91f3cbd1c08217023d7449253c25331594f0f16a3c5f2e122e0145c4ec94f096b45a1fd0b2dd3f1d51e58978471782a336eae49d7bc4e050d1c6a391658f71a1f752c0ec6302bc2dba9e3766359359ce34955a2db86740c90d09cc50e92dbb76e17a39955fa7108bddeaddaf860d1aff14acec8b609ac1d336270a940604209df91cf45be72edee04277d694a6f968ae6d8e065702f3d607f3baf8db4ab7637fa4c78bb0b7fe69937eb1dcb616fca564a5a521e12df71fefbc321187159bd6a47b066a3440ba634de9153a94546b63aa33aed9da2018e1f30628df37f5360ca4f2660a46ffd73e58183e8abffdea25f7bdf798a2b7cddeaa481bcc6e682a67e99143066963d96d4a928a478951dd6ec59b1be8cb23aa688e1867738aecdd9afade39c92c0b2572bdde84eb912ed990ac618834c412231216fdb84f1e01b3f8414fc6dd0f646fd0fa62bb0157b3535e1497c9272df1cc5dcd4e6ab9a8456222655c56ac73fe0d2aa8b599035daddf0986a45b1a59510abe19a11b6dba065c8bcf8a85d20a3681c2414dab7c036cc1358b1dba98d6ae62c5948c36b5b3e307a6f860c0c822ac724a5c917ed5f98ece548a7a741d366868e6c676394c3659f7f6786594196dde332543376f9ba0724b091d30f431f91d919417e5bf7ba1e9a21cb80f6c204c3a58d59d960a5788b5cba5abd7c7518f4c5170115125!
de97009a6c3fc4d5773e4f57fdd433eb7422c7c4dccee57a1679633ced3b5f08df763d4577983c5ca8b49bc4e08fa76f8bff36daf0fed068db47f0c87e0e45d518dffe37c129cc6e2f5f9e0430185723098e715284a42f302a6b8368a4f2dc16f534d1e5db9d0b86659fc4ba6f16c982774115d02a57684c7e5489b1f491584b0f0546e4194a6041f5e5be3bfff3852a4fc772d83491023a61a37228ef6260edc0d1cb972cba610d5ad1d92d554700771d8236ef55e983765ed8eb21e7de7c8bb51aee9368758454fee4a3f32179c1e54af1d069e0b9728cd0554351907e018146511e4d6f0450b57c8ebd21c71450116296bdfc779945da60b9192c5bb9a67b1f04d94992df4cbb3e30732dc8af2177fef17e0b7d01740b8a64db16bc29c1e589b6bdfc967edeb2ce8a649ba892bc856a929f0b837a838ca7f917a52436ea3d20e72afacc5b9d58a7fd0fefd96787c65ffa7f910d6d0ada63d64d5c4679960e7f06aeb8c70dfef954f8e39efdb629b72979be208d616071289cfaa0756a4bb5eea5c7baf8fe7a31501e7e2d67d708d461c0c93e85f03afd70bd9e16437171e01a34f475e4b5a58d13ce4e2fba72bbba93403f3f8981e0bbd6a8a6223327bf096c44b36e0ccbf7592a98c1fa67f198b628787ec80aaef848b4fea158c715799e6f458327f399e6420f0e7821f2dc4663bbea065c7bdfe830b6102e2e7193381b9dc7f2381ba808c43b8fdf3addab4b5fa81564716f7d46e0349d9b27b559710d723c7ef2f79eb55c3a9d75b99ae6fde6877b278b583f8ae3cae776b914b0cae0772397fd19b6a27676c7ca02cd07f4b4d49bbe1ec87f2ac7e39e5f7712319c31271dbbbaf4b826af8a9f4acab696c62719f7a6a032c4bcf90922a3c630647b7c1c7b78b10afbd863f07486561a0bc8d9b1ff5fc41998a7e3c604e24af1c1df2da1dd5d83eefa2e4012f7fb5959ef9339574367deff73723484b5a969c8c23dc251a3b887f34b9ea09c9a1838e8aaabb254445d7556dda257dfd5579737fe1dd6c67f3851ca68b011e7cb7b6958d588f143828f0bb24fceca31b47b77d1ce05e75ab05b55d6c9f9107f0c738f2cf8a1629f7e9b2694324e082503937ff8ca7c5098f770289af7d038dcedcf0ed77c8b82e2a9003a6f3db69e14131e144f6be7cf0bb5353ea96aebd78befbc6ceae9bdde97823cdbc5ca8ef8a993a9d9383aee9f2d6a18fc64ab92990672ea2dc9b89ed248aacf7f1a513da43fe5953335afe76d78867a066f226ae9c727c6c60671c50a50732698ef7a492d51998eb6da5368a667baf6d12b77eb36686ee0ca239dc6f3598be0bda79e47f0891fe4d8989df8c685480de11c148a2b44c8a6bea3a50b09be557c51f545a09a30e9362cf3080e6a6bee3dbad370ce24f6c5a6f8091007ca195057fa3af8f99703a601086c2a1ff!
e55fde4c2c4153dbff8d6601ab68743c0d50d021b0b3099535ba6c40f866ca3ff0df7c19d709a3f58b57b40ab5e43556a8c0c1938c875267bb39c0db6b45840e8ee7c22bf6b48798bd744f70e42fca343a8bdfbd7f55f275ca5d62c7288756d4861fba68d16d842c5b893c1d8171bb3c8b593387d3426f292ace5cee7753c9f9a12e6bb9af5a24192e4184f7d3d191d862d3c3dace7853eaa235b6369fd164e5a7bddd06daa3eec7fe4130e82478d36f88a0999cba1f251ffb3a7689ea2baf016073193898716a9f933448d7ba8e0968c669bdb7dd5e6e32fd84a6ce9e8632b393f9263532ec2107b4c0d2abdf3abb2de2d63511805eb58a70bc4ded040d76640af60ce7f03b9a682b8dd84ed8a47225a48e0b94ea47828f1c8974cd64e5027d8b13d43519875d2bbe4461a7f0f5b5b8d63a472765405ea9c994225806395e64dff88506f7f7f3b6368d769e6e550d4e3e81efb13771cf403e855f75312f1383ce4c2744d0b4e3735a0f1e1b99eb014fa60c0d1ca9035fbc4403330c2fefa8411fb7c3d6ede5b5c8f4736106bbe01923d483a84f031e9685a3b6a70646a2a5059ce35fa496b3f21fca6047471a5bdd33908cc9328de9fb032347c249bf7093390b750696124621dfa67fd9c7fe85d6e5a4d277ad8f8d169f8b5e8dbee280f8443518bd94abc5ca704e781e6cb1868ba2d6fbbaa850326fbfa5a20e4df6fb5f8ee2728e86a758763a8af21e1f7a8584d3f0b09a0b19fe8fcd37bc4fdf45084d7fd92b80544f29aba52496e2c9a0aa4adeb89820be321cfd2f0a53585a15d04c7fe4ec9be6eb5df419e20b71506c1f642df75c53a9e3b2414fe6102fa8af7be3f6c95de824c31fd6fe8ef9d49e26095a2674a33cb574e9e493939bdeaf5b309b4c51256ef71e95dbbcee0a11991693b533f916e1c82ce86d65d89b6d596017fae944ec364546e78abbcbe4322b83e2fcbb4c5d4ccb54d8642c7eb9e28c08598a356a5c46f8813e6b63ec2f3e3bb721b726361f85a734e0514f4e9c4732991ed3998b1ba8f618c2071d1b943eb0f8766fdb7f0492421429bd380deca3325c8d5c7b6ed16429539ae54f1eba39748f09aa44efb67d863cda304e8653ff7499cfad44dc27807779ef8e63be4b376ec403f3c84eda4e5af31c30f9807762e0980b4e5d9dc406cad4e888bfc3ec4186de8ccfcf631b0ba5831747a1c200d45ea06ac82c7952fd09aaae5dcdf5475da427cbc8c1f71ebe5132f2fcae15975ed6fa14a11b38766e1c446894f31c0496b0e5e96507d28e6e4549d6d78841e40630ef306491a1da60eaea3fb69bffcbf192610e2e07bc1124690fea61980e8ed654c5e796f67d26db5de35b4a2c67427833e360ac2a7d4fe7a5ce572144443ed62ac460c1b19402e85c79e3d80e1c143279b20a66d8dcf2bfe1cc44a0f5aa9b0d9b36c46c2!
cae148dd0f2ffe9a8e6e7274d1832e57aa39fb40553da6414094e838d613a20ce9307d49f97d904648d6460985b01af769800cff9a940f70729fe40e98feb64ff0a81c5b2b096b1a9d832e440c49e4e3684bd17a5169fe138d2544d9806fec027dd2a67f1856178e090f9bb2f9b314a202e7e95f2e41fa80dccf7b1810e9cbcaed2acc2445d60e26f7d63ee4b28e4299e60ea4fc659e7d6f0de91748bf1ede1fdb2acde9482bb76bf6716847eb2dd7517e0a94f0bbf20f248d2c79fa0f518b67a44d5c4c73a9bbc3816ba85ae8344b5f377649da75cf1857d6e4338a76446c48e52cc7bc7ce283d4252f8fac5e1427299edc33f84798316f77bad4a87849e91a1a23c0b7a86898046e278eaaa15ff33730a6d3f885dfe2d1dc0acda2a9e49a71cfecb7dcaa9e70eaa8fe15d4567a280e8960ba49d5289535907e9f277f96e8e652c21d89e81696dd821db5b7e1e53e160584477aa9e4c0e12160c9956df36cce6f4e724dd543827366010ed3d843cdf4319c1bf968a70e9b1b6bcd8af96c9eb0620c569716b7bc42e13251a6adf8201faa129844b5e1d699cafa1b66a674e732c7662b0410e5bca2704c5ebed7850d0ebb825cfb0627a183cc9643b709aedeac2c06700358400c389f99666ae97ccd37f265da7addeb07df9ccad6fa777d0da2fc47b6235179136bbbb409596841e921eb278142a19e6203c7f235bf8461ccadb4b47dd290d36ac27126c808b866f9531261f1e0f5c458a6bab6f064b4efc432e1c7379f9af19ac34c5c22e76e6e7651e48f9ce44eff542f018397889d896cc9001a63e8e455fbe4a9ee9a740edad894fe1af2bb21a1dd0318e28ba982c12ed69c08835ce17336ad1638af3cfe0ea892ab8e83d3f25e6bd98d5e4d36292992e2122c265a26cbb3931dd4c1b0d0ac5ee19974d0dd45777908bb416cbce52531820effcd7f28e1fb2d3d4d826e1b2673e834485a25af9f9d174f566abc3b36732ceefdd91a7c3885e1d10d51c321ff704d0883905b7539309ba5e7b7a2bfefd0494e90e9da7541ec37858ec05ea9a9ec5672b113cd5ad6ebfc5b8fe40ed7c3f17d8a73703dc89086b4d75c5eaf06b840bb2f5b4519a4fb17bfdca9605f17253f203efffc92da96fde023007d22cdad05d18aecb4bf08085c5ca5eecd21f2b611e7e8a0ef981fe7aa2014f5ac6862fab44011dfd33be8a1226943aa7ae5fee9221b0400d9ac2ce5241b09a68cde6b13c47d50bf310ecb37f25c32770a299020d8500d8a4b5d7621e4379dbd6ef34a9aceefd4055ea6144f54bbfedefb5b5b0fbd1d81c7a51a802072ec3d84f34585f22c1df84caca07849b1ef054cbef9b40848e9fd238761df5358cf55a79a53a1bc749e49ffab7c5bd9a28bf24ad5833facf43bcc3852c1e85cfe47929fc49c325c20d74588eb9833519f192243cf966250578!
99b70a7c93f8fdbfb60d8129d9c43c95f8782ed8293641ffd21d21d91a0b4db69d766f6d6497e9a414ceb04b65425d6ad6c8811da00639dce8d8030038f2d08330c75b0879aab81bfb3330b950e54c13780d308fceed2a103a1a8b77a923b66aba737654ba7995acd306aa7b80f632184412e2369c353c2132ae614553e626f0a3436959104ba6e0040dc597dfbc3602a49e401bf2249699375b2c722083489f54fcdc1f616a133ef6112a1754818158ff78f245b9046100b0e89407f74145fe336976af971c054f12d98002c68b3aa2bd699fbcd71bc4dc071e430bbf694595a951e01098aaa499be2f70611f248a694539ef8936b2e8b7a3c5de8662436fed1f7bc24a4e5c17a663d9a23b4692993301b08cb3bc10f518eca51081c717ec8dfbb0c2669f7987fe6aa0bd98231d8e8b58951b42537f12884a857e02d62de4fda6b88b6b754b1b27394c6a819e0f92f6b2b2473fe245678e252ed31477cc7ec6895bc361b718fcab3aa550fc9faeccfe77cdb5b151ab1db2e569b5bc923ee26f0b6113504d295112d47218140e44652a10af10a088f95c7cf2fccd040fc93980939122411ec643e26e7d69ced3178402e320fe156e774b75b5afc2f3d6b6ab828bb4993b1436faa5728cec34d66f520f59e82716ed6d1324944c3c91d04d5ffc5a921f4716c39de24768484d0096f7d8dbce35aeec22db11f899e5e7e3d57e7668f35d6c0db3542255d9262137d39ae6cf9bcde254dfccc54a6062fcf8982f781d9ffab2df4f49ec04a72eb9646d63bf9e1799bc0bec0ec7f0675ed9f8dc9b8be15d9f2175dfa1c8bc99071c70ad7bedb10a4143fa91c89f54777f84c9eae9361cf7f4c2b7ab873ee5785a5241db0af86f3c6d7f091623d6dc576d07550a42023633a09c8dfa21d7e70cce64c13f37663f75c47921c246f3f2d1d16a8283ce7697da4cb7e016971a2a1d0c59d6202bc18b7cee3828de597efdab53b33a9fb41aa7b49f1c964512901773bb396ac80e90ba1a94c408b2860065ae9aec64a41d76cf8842d299d0babf14d5840d647d075c34175e26a786f30091a24f1ce8db30137520dce1cfffb6318a0d0fdcac883eac603bf365efa2c806eb4f194cae8c16780342165222192f6ee2e103ae2a31dc08a84dfc89c64d2e9ada7ca1839dfff62ddfb7982c79684cfc821a098bc6bf09f87317209b16d14d45c6f38fc99f7bf9bb73460977bb323665d480c87c687cec052a5f08a2c6744c8e177a8a269b4a47a925b9123cd2c014313edae988f8aeaeb633ee5ba6be7f53fe36da3aa37ab2077f5fd75a82a55a0fe62af213b85e9e7694f78cc2b0e63a8c1b89db484722fc62c688678a511c474f0eff8eef1382946d26de00e5c626ec1d7079445c1b7c6f7f05073249b11fd1fb30257724a14cd7bbf451146bf366de2e826fdf1d25705587c!
4460040ab963e3bd504755b6aa5b18786b68efd3c8e59e8dbd172346fe7f4a18bac98164669d73984044f3c777368f965763742ab86a3720208c64801c796f6e3a1c4748b81e41ac58dcf6ecfa0453b18fad7e3473604f57f7da302e1fa81ad538d4a0280c4ad092007bb9a7a12907227a936871886c699db97d00a1966fdef64d9f3672f1b792c1edadc6781b391c91bea1bd7275f30859dbd1707b1f554e49ceb874ca06e92ab466efa7eeb6990667a27507a7ba789e24d593ea2af8eccb3862cce58daa63eaf212bdd86c01ed471cfc79b191c481ad773d20e821d18af85a7049034e5a9c660357a4c2808b9a6139f32c55c13282b8d98904f4f027d438189dc9487c96172e50dc1100ccc224e7374cf96ea6731032c43fbc9b367a4d1d0b31aa3fa8eb589672e69f1d9144114bbd508d56c2049ecdbfd7b43545375a099ad2885353d8c550d22dbb738e6fe3f104b444c89475a2cc24d7887daced8fa05006c02dfded01c00707e2ad04c41199c5decc1eae34b0c0abb5a5beee1b5253c3350e1a077682767a0b9124a4df2e8879366fd37fc04d4dbcf89883892f46a65ce3aec22123cbe6b3af6364df1f9f5f9751bc8179b6dcc5c126dd65feb7d11a85994e90ab6342834c79c5f82413e88198c73e932c66e3cb60b6e0c0cf438622e5dc5a1036c38afe9cf13559044a9e90f5fd72a3188ef6b1043f5f4e6b40ea51f6235dcb33b3099b2d8c2e02103235f0476ad51bce6d8a2934068549633e521a3ee4c62c22b042fb86c13c8da849233205a5e277aea1129678c31f5c379a71fe08b72fad9449cb923126dd465d1e0ae8a925374149b8248b3afb69f168f3ae701c00f6ea08fe07f1b5338ce6af2f3156ba6f300310114479f2f6119367c88c12c158b84be13b9c8c7b5dd7c90edb5b3ea1fa5927a25ad6d5596992dcd4877f58a134e05dcd80dde4fc2c2a680cc0ccf3084d3f4970e3603fa6bc5a180fcf1ca4241c0b8a1e7c607dc025016e297e2b0645de4ec2fc49851b9374f3ef99edd897c284a67b647ca8c96fcef935d541e9faf334043ea50b99fb8819ecce039227b624e52d8c20003b5a43808e4990da8e4398c4fc172b983351fd11a13dcd2aae5193d42d46e1b57c92e3e01d23fc968c729f3782d6c07dd5a17af2bda96735c12cc7d8023629fb0125e974425f7914690a7ed26508343ae58c8a439ebb6232049a194768d4594f5d65aca37a5686c2a86dd04bef35d74e0755937ac0ce3ebded1c00c8adabf030e5e4a5f44193b62fcf2f1bfa9dca2a25afaf2f1ec06c5d17ef3526d26d17af3e2f257ded24b177ba41c0ba64fd4fbd5042fbd5961a105e0e9f77f3db13c1b6c5bd9a9d04801a5c00a4c544218a21016c65bdff774a44b1d05256e0693e14d76605d67bd10048d3816caf31a6d10886c88c783538bd93e92bbc448!
4f3388b61adac4b92b911c76ebb1dd11b7b4e40be032bccff610068746f41e34a1fbfbfe5faf57c8a4331008e2c1cfd69f57e74379ac80eb6769f4ce4196795b835201ce4ec85ebcaf5eaaec242fe6695cbce1d53fde5b002e006bba8c8a1ee57da061ceed0d21bdd57ab0cab9e46bf3764d9a6c3ab19736d43b33f32eb955f9174ee4a54666e7f19cefeb49aac7a59b7370d9ae730b7bb4e08413222f0a66bfdac252fb61bcfa838f262312febfde8add8f6843f1d64ea3da42d4ef986498604d65737a44f5a099338520cdbdb65ce73b110dd4bcf8592a4adc3e0170b13404f99f0ec8f9fb225c1275a921f09369db165e9109dd5be472b9bc1901bfd882d264d9ed8d88b4c8f3b35f88b69e3e4b8ef5debb895be536a3af492d968dc1caf31879d672f70ad9869ea98335cf9e4a2760f955fd3e8099e4b2eb4269e354548f9de9921e50e49f3f5cbd63468b9db0cfdf17250c8f13535d4c0a1f21c87967cd798fe93b9b2960447401ef90db22c3adfba0f55f5585ad37040e8d6745184dd536d5a26edec365bd6edff1bcc616cdea3bfc8b9d98c0ef9a626054e361194cd05b2287612399f6d3d3be2f71555f14ad2893af6f60ab61adef663c3c2464ade671dd5ebc71935aad290573588fe6e11f48cd2b7db62e4b9932890d1b96e1b83eff70f026d199db75fb1e83197c937b672613c66ea131f485b4318e27c079b4018d4205484993bf50ce70275b244f2caf47cb47eb2a9ca59afbc78809a912eb56a4bb65cae4694f682c6329c690003a1c355f779b5857a60091b1c3685995a366cb43d753a704d3e59c5f5003c78feed877351e27334b3fdefe5907edd9eb25588a42248b9c4a93efa7cc63bad1e5900b95b70436c35eb85cc8251c4030fab9556920141cca24d6acd3122b92b7e868dc174bf071117958a4797fc90866aca685f1456fab397ae647ab9970348082bd74865bab7f248568db98ced7ed84e8360fa91afde3f23509e6b4caf948349ad9fb6a4efe0a0468302cae7a0f999195af1c19058669fc3b88b2780b9075dc180298498caeb7ba0cf8bd42eb36b1959d5ad3ca6fd1e85f76abd27ec5fb637ee38173ad7d86304d5708b6dc8817e099e77f5d43c1a70624cdb96e4e6103bb25e59eb51d894d1dc533a74005bb79cca35b66e10c61d06b5227fcb071457025d605a0862218ca252b871f8343ec231dbee15688aeb914c0f16ebabe6edb0a489b2bd10d4392c6f1863bb6a62181de7cef61997ab02f3bad0a893cc0cd8a99cd7b3f7773085f0929de36b5d124e3729140c375de9a2d0cd9a360cadf17b9e45b7f2adbdff9e75b743b62642ed67aa703b8ef33dcf51a50edc7dbab42d3d2b49badd2457a9f92847aa6a60ae2beae457a5fce1a9e485ecf907be22913893cd1350f20fc6c81c94be426eaf01864e813a03e46744!
91b61516bc95d8a77c15f03d0adfc4adc27f27a5ac4165ff6518eda1a5c408708f78a9e26b834179804a312148d4f75f21a77d78387139da40c0a6293c2a59d0162437d68504f189ed970c5abb9ffc6d8e1be2b0877c7f24b1dc273b1765bfc5ce6f4b8d99a96d5b1c92ee53a39f685b304313d909c1ba8130d20d51c824cec420b0315229df295f75b453a6c131afaae0c36d7c4fff70623638a4f7ded5eb7db58d95deb6249a29b171d8ce651556dee8037bf4ca74453a4a76aab7cc07ba44e55de57dbef8542c3851ea353fb8e259ee89bbecf9ce8d8bd6227afc0028afac48a7acd9b4e8cbe982eb1475917ad6be4cdca9cf6e7cddd971b2924f2bb730264801685d387485e41993c3fa0af9987e8b52c21688fd9a9595ad8d1b9f41e0457be18492aa09f69e64e2954d1ca3cc1d32b2915cd9cf6862ca79c80beb47347c4cceadf48a37b29b1d6de4e94717d60cdb4293fcf170bba388bddf7a9035a15d433f20fd697c3e4c8b8c5f590ab44aefdda94681407008ea48d03ff21e9bbb4ae7a9aa37c855fe3537c44106e8079f18c24d2584474bd4a99367660ce6f7e6d7c294961e174366e7babc569d5f80572a21a4bd7086629363e0c9ee2599c8b8863c96613ae6c32cc67ccafc66e1cce79654567ad08e62e9abc99e44d6a79ca4d8de15b7f8a763a4741676af0e1f3bd4e002c8fa1ebfbb3bd3a65ae68a80c230422f98f6e1e9837252e045eafd585ba389958297d59aea1e8e1f665fcbc5f7ff449996aa712dc0faf582cf3caf3dbae80594f9f07fc06de63d9d672d14d7ac4662b4a54f40d4aab2de766910be2fc7f6f679b5708790b5376498d3baf0463dca2f093b51bb7e9f3e7033ba0384af0174becc3bb477bc5e86959a12a5e8924adf0bffdf5e5b9c1cf24d232881ad5c05c5c0f50318ea83d8683339ca6a583c52198c00f7c1abbda282e7fd3b179297338ecf9c923a3a87a130dfc06164e9b4c1fe11d51b382643de44b30a6831dee119241d1b6f84f2484784fdf65e41f78c38e15fb4b00e45df1edc40e3467cdcda351a4c0a0185ac4649e91024377e1c331587a8586cc0a4dfe29e14004c3536d305f5dee0eeb8c2f216c1b8d27375b239f6458e08980badd6d82e9ee9e007578c0a3b48288d9ad0ec3c934a99a8c5741149af937dc82bdb545df26428b87fc935c05f1a4964a8408539f267e23de9bc498e2a4b0083cdb7c8e27de6252bfaf680a6d5b7ec1a6dac6d7d537334a95f1553324a0739414dbdb50445a767b0f589fd4c33b35905577ef5a53b0f097191f9cee4836a908748779941de2a78fe1bde0c2efd9f48cbf232ce101d9df93d3ed40d036ae7aedc3a5ff619abd1c159ca8d2dbda7de13b4ca62576c7f925c52925eae2d7500dc969fe14c0a335ff95a7df1d276a6f242765c781208d59edb5848d412b1163!
8b27ce5a61b8209075976c2a6aae88f6e6d8704fe9e83b425dec4defeeb3cd311b8c5a818d51f917a8a4525361791d5c4fd5d70704d4b9fa9df1ea119882f400e682753a41931712c043c120a98f0fe786a600b47befefc9d64cc5bbe8a16c191490874e258760c9e4fd215bebf848e0b4d35521f53ec5f9308644b785171fc4cc3ff886e034bd833d59dbcacebdae8f00e43c151bcb24d1d226d1cc19ecf349361530a81ba3168af3df5536fbe52b3b93621f57959df298e5b4d3c14928d2ef7b9c977c7dda54242d17f8661978a62d94d565b00abc199790b9b25fbfd4a3ffc35c95ccafe35d9a138a2c24d17f06ae2cc376e822317f16fcbcd56e23f84ec135dc935e58c61b34cfbf5a36cb00350483b6bac786030e5c5045a6b61c9aba7dfaa4f7fb21897539863ee865ae061a77c0359915de3aacb3b5dc8cfe53c4d17b393c2b6bb23652f36390407922969d510cc97b99d1df4361530aef10707d7a021b2d9576b2d49ca88b3cc83ad1baa6d88ef8c81c08f8baaf515637b21ace9d5cc8fd9fe4ca6c3aa129caea7060791d566f4de8662b90f9e5d849cdadf9bd23cf6737b07ca105142663c30de27adcea11d64d433fe1ace84b0f6917c8b655f2a421602f07e0a7127e61ae9859c5e9f652ec82416fd2566f291f417ecdf99bf3231d02864e2e5a1cf34c13f59de9aa2760d8734bbda79576c62f566b8269990e9384a41c1634271acb4c7a8b768f276685c3a8c7f20872e56b683244b1af562c3e7dcf592a9915f44f886cc2ac5f679c07d5aa1fd69cf3a460f25c722073da336a310aa551062d92c7297002060072af2f3500b9310c239bedf45c5e985c2e0d60c7dd68522376dc7b560fb34d1b5089450c32ffcbff07b35a96bb6fe01259a06868d00af697f8bbb238d03d49570a109181c9576c1ea9d2ee02000cc23e63d6c93c6cf3050bbb15b6f73b09c25da62e5abd4c2bdb1110e1f25db39f04885595cd6a388c4726c8d4cdbad87d80d42fcaeae843e2e17f44c9aed25c8f6f9736c7ba1bbd3b839126de40a930024a65aacb872936e446114e706a868444cb140e53d976816983f3dd1d57eeca01eab8211b7aa8ae99d26e35c06ea4b226e0a6e52172a40e7f0df5f67759ae2ee026749ba10b8e33694c3e01a001526f9d75f6c419cdccece3ea3f78d69014e509c741214581034bbc7e2bbaf76db8421154abb2233117a1ffe2786b21424576e295c9baef262e80fa2edb69aff800b3ea436eb827e8adb73abc48d740b86c69d557b16e874038598b25f616afeb4f4a900be7dd0d38b5b6fb4259c51a3aaf4748d7a445f518485ed72b25c7df8ed0906b74bd29bd6a5724ac3a503c990f3697a5db484821f68718470810862728a80ce34599a41fc5bd8bb46dd845a4812ae1532c457ef4211d0e41835e5a6f030247614822571c9!
30c727ba397e723d6b3aeba9244f054e331c82e65b74c9f6504c74b4301499a1a6f6269a3352aff57f88442d4eda42a82ebcf7776c5629f97d6160bffdd8282a40ce2e6375b161e4c22ee53bce7a45f4774aa827e2da657e1a1bc07445f0bbd770b7a5a25b1b469fd58715510dbf8d97af4e1b9459a20b08a8d3fa9d92feb32db95b22d36de0bc8b1c397b09970a6826392fd8392b2d790dcc1295888f42ac81ad213c7328b2324b28be7cc1f4fb8414a7785472f1dd3e11d66017b1756d1697be92490e15f056346d7e9126a1f35fd76cb016fe2841c8996a3507c4fffe7fc45026df10b03b86fb6cf26e8418926a030b5fa62748fbb728fa19dc2f8947468c1477750771e442e4a9d25b76d359211c05df788ade5b7824f8770b5dac0819737dec916ee59b28a49666ee8b7ca81386eec8049542f18a3207e51bdbc291470eeefecac385c096a
-
-[L = 32]
-
-Len = 16
-Msg = 43cd
-
-Len = 104
-Msg = 5f75a437ce0698a7d8151c3fe0
-
-Len = 352
-Msg = f88bac738d1e3e10f75e46e3fe026d7e423fdcf3d7e4028b33a291bb4aabca53f780fbf99e0346d610d4a38f
-
-Len = 488
-Msg = 832e5b78a73a1012ee62e00621db7f4d248893007c6e5d6e0e689c6b291baeebc72df9cf10b289fe20e7fab80a2399271d0ac63766049da875eed56264
-
-Len = 13976
-Msg = deab57cdeb41974037a9bef5e292894038264eb4d8993d4d1501e6ef9c68fb0f571f57b0925640925deae9a6317e3bc4d6cdd5a0833e52fb48baca16a9ba9b6c8ca469a0555763b54f04c87d4e41aa549258f30eefe5a52d2ba06657a8773b0842e094857b6d8911d6a0636280025e56356fade362b4bf4c875cc19be0c6644b447be0454dbf390eb966c03e10e9de3487b90d0825d327c12495e3c89ad09c9d591e55c91376fb14c2fde9f7461fb25450df1a65806b65f3caf4d5c81ebc6e664871fcf915b9578bb70ee6776acc62205888dce2baa4024941209e81b4b35f0eda1bdcbd9ab1d6db6140bda4c41776fe675d5c681da5852d50c246dda4ddf9fdd7c5fdfeec85ff6c883c78689c2977584406a1ddef977606c182d6c33561c39c071668a2515e5aa6f4aa1faa392aed95b82ab32b79a15e3b5a07551ab068455131b72493126470f26c30b852e4415e1d8b719b3803ecc336e4facbcc5d1908851f4f39b776bec8b6b9794d47e5965458858560eed5a0305e260240c0849d93a19787b0f8c795eb5ba32be573845256ae6d0b0a3336e42a1beac8bdde6d1b6e0b6207903d4b105f4af2ef89bd099ded870daea2f170e03bd5f6f4490e60bc222d4876e16d4c58aeea6e6c400dbb9e9f4b2b142f0fc9bdeaf4132ded38a4a8366e107cac7210945fa2df4b124be37ef76290e5b9758aa3bfe0091bb0448206323584c2f833e0edfbdc0c33075fc9647a3404ca490bfab94302a0679a1a42fe9fec6af0cd98038b09ffbecd2832b579b2294f6ae5b96328fdc0a0b9b3a32cba04fa8bae3389c3951173bdc17caaefe526aa386f98670b177683d0b804c5875fe9c7afa233ee66349c9fd1b60bb0becf5e1d887e67fd3baf34b4f90d94699d18d6bb9d77d4af358f31edc254de2d6c5fe3ec07425c633b18c1b9e3606b78b40b543e1fd31fb578cf58c45744fc073fbf3c7d7d607e815379a5fc565892d81560eab8fb5f1ae6771b998c592e6d288014f13ab283d53fcbfa66e31a9d107308402191fac2cf2b799c7dae91b93a7676898b8a6e516a86eac58ed8f6d8ed2fd4d38031e4a4466dc8798b90c48e6adb6b4391d47872443cfaffa542b4b132f6c3408f0081af8692aadb4c9bbd55053ea56d8b82998f6b4b41d331891acfe6af1bb0d6679989978368ea463743b514866d2d01fb9950e8990867bc14f1db1142254adeccf3da812949cd03cd1d569e9d0bab7ca7405cc21096e3cd4d007cbb9629372e98584b4c6b97ad0bc314e1ab6ac71184ee555c01973570ed9b115bed956f9e4e349083013098b1e483f0fe44d5e9849f38a2f7ae152b36a266ea1faf263ea8c706632ba8629602187379546fc6b82e57ededd6d074c15c771754710731e07c207899eb47e8d7c72ffd768c36257d373375ffa06f9b3f0af114!
17f9ff9f9b44e1f1f96ae8aaa429af88b14da1da81c7bb38a0fe9372ed6a9ac6fb5e9e56b82593d94c5192904450227bf040b7ce0904789f979845e112a1f995c849ec3f7e49bd975a474e8201630f40fc0d80e76019f110ae158cd0f8da96ea4561f24237d8e795ebf52368218bff3e9d5b040ecd2caef4ab1e7127e53bfa2b3b4fb74829f9993ac703192aedef79dd9ad24c2c976638b4575afbce22ecacc273ba43379ed55ceeb51838b0adb80585bd1b5f2707ee16b67a7232adf7163415b24b9ff9dc94b7197fdc89e2a90d2b9eccde45e965edd064dc0d1eadabe11b8ec3aad2742b5d3323ebf913a92817749090c20758f98aef2544d4c8b48874e8936d7ee492d5585675c214deeb74fd67c4d170ac5e0aeefa607c6e37abd4f8238e776fde3921afab75cbd8f392d3e88da057903ce2e140797f4a85737bd89455e6aa27c7535687b78cd0ea59848e006c8de9c9c0cbc7a9f5e977be850adc710503ce4ba7c7bd0b042297f518abec6c8ef451c33e030251f506cbc3744228b6bb4dab86877d9e6019a0ea9f39ed37557b3b5527c171da5f013e0d3c480a038cff2c087d6e5d41b17e6c8f90c334b5e2b9ccbe9d4efd99fba1f907d00a49b71b5a08aedb644fed24bcf04e71be67b03cd20d53ccef8f854f5e9f7f28c1e98a8a53496646713bebe15a93f1ea336e6e8a4e68de5dab0fe880bf983eec75d1c5027357f6669e098411e0bc3ea2293138f5b34425f78b6508b94d4c0cc32ee9afaa409a26e5f2a1fddcd6d5ff42a89755a58b08f243957a2e208e24b055f51992ab447bc06876eba169c545fa71b88a0fc15d1e0be9d334a1dd0c86f44bd149b42c07608a9a30d0b7e13574f8d862f2ac72b2ed38904d7cab194fdb9e4dcb615f5610b24e202a36866baccac01fadb575df11dd43e00a3b92fcdd8c7702ea49d951e7dad2a56c075730b4af1ceda2bcb2310256f28312579fad40ff471336ea6a44143edfcffc297258d48bd2ea47efab8f0dc00f1e6dba1a55009ed627b7
-
-Len = 48824
-Msg = 5223e2fece634a95e1e7c83ad4a11a0478f4a41572bd66c2d7902cf4f94404cd80b1f58fbcb8eeba3984fd759410c12f8ee922865f363f684df5a8787c87ceb3086fb8535157f7f39653dbf5c66ae7219253838ec77cf1c6db518225c5ba0a8212e5911236474b8820ddcb8111b87320adb82ff553986324aa2a21c37ce4a083c89ce9931290d4c1fea933e31d014d7507a28e83aa917ccae10bed1a490e77fe501b299f8e3b78e659407ce1934d5d68c7980800746f26ffa9794ef1d23f793bd2eab7fe524e213e58280f441ba48b40162305335b3a480c2afeac11c27f8d817792fd7805d4b61224eb52d35c0fbf471bcaede505fbc9398b216f43bfd69b1a669a61d44fd21faae410af58ff95e1c3ff1528de1aba93cef56bff4d714d8c4cc88a4ddcda52444ec1208d99ab3fd9fde98c1ee6437d8d138f62c5f782eb4660c5eb28564b5b0d46e3a2546009148f3d02b837c5284e9f508290270b97b9b29e84445a0b4df662d9711e6b73c11cebcb7120dc427034b1ccf57d8e4f5bbdb84d2e1d4bc3862a2b51931d3c9a7a5fd6ee5f4c7327c338abd011af638d730141b6eafe63469eff50f473262e9fdce636eff4c5663acb6075a4fdb00c8b8a8d3322e1700a5b3e7db90b36c1a94991b8f51657121b442db6f890e208f312466778d73bfaa8cc0ead4edd0776155f3eddf9abb1bbfc0c94421adce83d7ee94f99f61e1f25a55fb596f8b40ccedbaa8e5e2cf629496f5ca60bc4cf36d917da4e2b973eb57869dddc409dd66d5061f22642743fe843defa0b19dfb2f56425abeb234181267b5c0d2ab4268c538510feb191bbcd1631b0af6c7451cd4c641025cd8bde2d9ab6e6b948f97c1ee6f35098d553e8e9da9b4d437125046864633f109d6a558b38b270a7dd1785d44d248a863a91e3db5c0a1d7ec133decb65e81c3402c98ee329f660a092172bf6b1a02491895394ebc506882805a6c93e767c0e58a5af717d950a206c0f0055cb39ed88816a9fe3613d15f608e486ac08bfa67d462d24e6a0a37716d3fbdaeb9c0e951c1e847fb884ebc1cfe707dc6e7269eed1c44331d5957bc4ac9dfeaed4b157204a3080fafb9df8917b8d15aff9c49cdc739b8fdc26a546794991c183fa523d14797e051894f48b0d62c2b70834467ff9c993b82fc1152c1f5479ec6144c7e8fb10d1bce26bd1cdbeec4e95ee073f3bcc3c7367328e30543d371b27509a577f5c79f14d5f687ce62b82f856695af9f7dd350543ec763de75b593f1859e44c2ac01ba65f98743cfddd8a89a38115badcb51a0ff5655f830c0122af6a830aec13ae5eb89a93755b3a5a6eca233f21cb12db545a24a5334becb8fa32c3d7f5805faeaaeea85a551fc62c94807faa6474c0d74cae79b5d8ddae07498fcc5b8b4f394867112ef5fad1c9da66765ecbc7fc!
0f3269d29c9c38817c77778f2c19b5a3c705fde9d76a4eb86aed4a7369a832ad267312903462397f7b8fecfa8b195cc2316cd53e48c3371ed2ecaa3e484b8ecd2e22b1aee910c51ed5d71198936266f5a00655d82c089f49295feda0a2bcc1a54ec8adf565acc3a8b2d74c30eafbbd843c59e67f293f6d8296cf7b611f01b57dafec6e2d4d411a633918068c38ef47b72ceff1fae772891141c3bc496824509d78165c1e4cd4b4989321a8722643eed69950dc120fa8da3e53c3181f252d7c4cd2cedf8f086f788ee77a98ab5b019828aa02108f49ea4a51f457f7adfd2220d3e59d5f4a29194e8f5eac40ff80312ff6888ff6393c3fc0914b08c1b9990d247ad80a441558db1ee1203e07353dd99a885a7ff5d791af2548815dde0ca1f56f89d39ef6b93dbcd0cd54b854173903c12649587433f0425fbcbddfb66ebce3eb4800dfddfe7fc44d9b23a3916b1db68c187da4dd13ff0157352814b1a792de7fff855761abc6fb7b93b48525fa90fbe3a51dea974069f3f5fdea86387eccee13f58a8eeb8abc6a43fd30e9788c3bd9ae1751b30a82d420225b2abdb1bc121b9073380be16107188d20be54f2e9c658d5b443869ea0e991c496104086290b6edcc1b656adf94f0d42458750fbd8d88040c518ebbb644f4dc4f7c6971d8d60eee0272df7b51a3d5248b4b264fb22195ad891fb6ac994ae5c0bc6714ae0b0b9a484edc576638b78ee89b568195a8f33ed8362128c30f9b0c7804b3ce1355abc96b15aa55c1e16a9e9ec90d1f580e7cb412a7e85d8585bfb950acd4de5865214ce4db7f6314d81784c588c1482d5f28c5fb62e7dd7aa8237ce9396ccde3a616754414cdf7b5a958c1eb7f25a48c2781b4e0dba220f8c350d7b02ece252b94f5e2e766189c4ac1a8e67f00acacead402316196a9b0a673e24a33f18b7cb6be4a066d33e1c93abd8252feb1c8d9cff134ac0c0861150a463264e316172d0b8e7d6043f2bbf71bf97fa7f9070ca3a21b93853ec55ab67a96db884c2113bea0822a70ea46f9ae5501eb55ec74eaa3179fa96d7842092d9e023844ed96f3c9fc35bbc8ee953d677c636fdd578fd5507719e0c55702fed2eaf4f32b35ec29a7a515bbc8bf61f9baf89a77aeb8bc6f247706c41d398cae5ec80b76abc3a5380001aea500eb31b10160139d5a8e8f1a976dd2dde5ce439a29dba24d370536a14bb87cf201e088e5e3397b3b61477c6a41e22a98af53cc34bc8c55f15d7924e7e32fed4d3c3ddc2ac8eb1dfc438218c08c6a6a8eea888b208f6092dd9f9df49e7ede8bf11051afd23b0b983a81bcc8d00f7d1f2b27cb04c03aeee59c7df23a17775ae5984eda788eb2015680ac5610fb1380b4e7d7a9cda6178dca98690449f5551b66ad2826cab2b662f56903fc95b4611bc86f7a834a34ddc3be7bf142c8baa096abaa3cd51a!
d0c0b6d15e590eab9e50a4c60c91061f1ed6373d91974c1ad9d263110a0d43fd8b596396cafc0ae70b7ac24a59bba090a6994ec483db7ed4c572f723670a11c724e8ffa2497d8fccae37eaa1d14ac1537eaf80efbd2e597b2ffac97f2bc3cd2c4017f170544dfbb0d9109478fddf06ec0981542bc8107a725be25070d2cab4716f4edfad75fddd582ebd363c49e8efaed9a76ee51f22304eebc232a4f67f865b04f610a628fdb317116666785fe8ca30619a07c83cc449855202d687f162b12d93b63af6e7ddfb7223d4ab998a5f450523c1d521ab76f4aa113cc2967e04a38dae07c51c2d0f44fdc8605c3c53ccee91a2c73dade5dae021cbc87d5cd6e5fbefb65335827311fe1e91921ecd66b2055a6102d7a976308a80c44e6d47a67718c84f2112d65486a558f1f269b91d9f47e3e11d09c0c748625bad2718e3674898abdb19d3644bcdc9317c09a3ac02f514b2a57e6a706362e5f6e8fb16cc83daea0eec85fdc8c367d84c9230730291440a4b109f7034d510a3f70a22dd4fa69e8b65e5fdf87045d560eec71f4e59531c7711d4f8917a96e22ad07346d2f92a13fb4569fa6a075da6e1acad1eac1cb2ef19ab452264de2357c927c6dfae6598cbc821eaf3b8da754ce91a96c702c95b2c308bf3a550cbf4d22d417745b5f17d36608feb826b862747c59d26a0e8eb96547a1852f9fbd095f1c5d20721804941d462f3ee2f0876ee2825c8df24c4f00f0844e50588ac688127013df8eba3c971362dd255420649245e880212cb3d732fb82f866dda090040f28e09cf1c86eea5dc4fbfc373eb69745b4afd841ca8e172d4a8510e7698345fd4cab9ec2ca0453a274720bb2d2e5468bf0d0f85919dd762fe3df969e6c071285e25c2e2a49659b8a78289aee655965bfa3cbca9b292a19a855ec40293185354ff4da9451ccf98abfda07f1137e79bc89d688963081dec641a99656b040637402890f185edb28e7e6a2f65848a6af158f90eea440aa6246a2e6c31f5d220b9846aae2027afe5a7caad6dc16b56463367cd9e73bf22a1d6172145de4565ee369c55e3b99ccbef70fb080a3748340fbe8f6b95ba46e8b76de5a3c4bedc37c55ae24ad02267da26769a3a732badac2e0f3a5393028dd54d78701647582cd04c8310e9f1ff1b433125229547130e1737a1f33604f0d670ea7221097c3eb9c7fa4b8293d7b429af76191ea8e481dc1da31344537a09b33404d782eda1d6f5775500c1d8efc615778baf0905d9fcba1806ef986c40b1c6a72335104376b58266c36f5939a8b95123e8635c0c95e80aaeb97379b1179d6332dc07539b595ec32eebd3a336a1128f3cf2e2924db6d8504a516b62f26d012b7f75cab765c8374a3824da5a405746023b51894649ab422d636513ee809fa181d5b6fbc63351e37a1b14efc8f739e86ca78ae3e280f1c!
9e4824b2976ec4dd308ede6171a7474c7f530128089bbd75e10f9e57ee17408b4384f99f886a5f63a2320a9b90eb9bf692e1fc449171eae3bb1bb17a6ed937ea57af3c82db84e073b5306683e1d63705b9742a085fb802cf5a1639818417fc2223f476c2566351f4b3b17a822e11255f3c3412dd39190e200727bcd3f9799519ef792ec7c2b0b9d0e2dccf013d436dee63483c2ce83c15c00a76c4d894a60cb90366ecf9e61221ee8bdaec66d715159876d8305b35c81f96ab2cd8f81f4769e9a6e439c08c329036f5d2591ac42f2747bc0e77d4e566358a3271819b6003b290211b9b847ab70e906aed9f86cc38aae27e1098fdc3bd5d84e66c45292183f198bc329cad794aa4e430534511b7d9a75104061b409676a16c1146af0a286e2de8bf51c4a35193581a902bd3224cb9257c961989042538092af92644a63d6d6f6872a29aceca39341ad29dd22354812c4b7c7068b039ac9ca7e6358e662a28be001d4aa697ace540cc3ed3c97b98d8c5a6fd3543ae9a7962c9229b14b0b646229807747064be3e83191cf24092dd67f675638d9f6510486379f47f5eeda870a3187946819ec9ed05e7b325bfd0eed5c9a0f4a2063d63c1a8a0a309f586c94d4a68bbe860ae9599ce204c92cf9d92cb460ff99cff9e5a8b3824786360e1e1861e71158395faeaebe7aa2f61f76190f174aab9a313f0bf4f1befbbb22768b8c22719cf3fa9ec908b576fa4bbc084b1ee5b5a7eddc89b58b45ae7b421d38215aa6e49304323eb4e202655f3c8b16ebd6b03058e75a907ee63fcf6aad5eb96c1e5faea81b88b5eee525c4663af52877c0f759432913b9d48030903e7f9f70e851cd4e20bc56aaf36cb02293d992b38b583b8f0b25a08c3303d8af5b1b37f5127f7021b13934645ef3020e5caadc5e7326ed4ff56f797e26cb986b6512b0cc76f1d8e7be44aaa88e12cbc644f14a7feb979d2ab66907063c51e052d0f8b25d827377fecc5111be0d365e08d17f559e3134cb9db294f1cac03150f4232f853ec15ecde55fd1023b58e83934869796400088e9177e85a2227ee45addd049c1d6b03e5b29dd570496fdb2fde7d8cc74fbb5fe76266ebd90a3b4d57e6e6cb9f0bbdb7ca03ae955915768011c714c909a27ee20135927af55d4feaf2c345d029a54af942da6f85f2103345d059f66864e6b0578111e2ddd5a1cd8bbf4ae35b60747b93f53ec8ec64c10cf4149909b102a2b88712ff3e5ba3611cf96585a6b36fffb64b8c37a114d6b16a53879136eb0b5e003a5a068e3e8422a4fc8d7c77227cce64ebafcde2437166b62ccf486660a7a2ef37012ebacca26ecd5bdf363feeb06aee39050974c25d6a564594c67f56fcf7ed48b07fab4e25ccffe002bbe460325abafe37f23dd9c145b4667f146a1635e462330f02470b35c5a2519f1350c02b263201ec902!
6cfc57d3659373910e878f2b6c1c5be774df8e01e775d476956c257bd0ccdec17ee939c46e5653d5813eda752ba7bbb245a99a5db1ae55d19692074c2e5820df97c502a4bd1b12929e1be8e9ce6d802347c3e9c4202de6046436c05ab55b2fcb2c227adade6c2046d98102cfd0d859a91f8104eb9f6f155da2acf93df2405bf2c083eafd3ec41d60b810e0bdef6298b21193642a9c0c646bc6771a5c61a25604d96bdb727abd5a7ebe4ddb2a56a6ddece26d8007b26043ad44279c3c8ffb7e6ffb3cd4e10ea2780f509a8a9bc31f99a7e66201195f1543a0a020f754d9a665a29a896faf673df6811379579891374c71b2234fc61e95d4d46f15d44bdb4d7c3b3be3f46410ca46827b8cca976d8866e8ca33c4945d5c87b705588b78015b529843af0b75a7e1e871fd276c1e947d896b92e6181ab7e3ccc7077bb57fe85a6958667d3d7a790f6cde1cebb494c2912478a0eca2bfaad62492e9f1caaa0cc520da08c0d2d910cd44255f4c2ca0646dc89e789a1cf9a28e2f99315d33accb1639cbaf0c94181b85fef648bb4cc7f66dc65b8e90bf5f3b763e58520098febfe7e47bddc2d9cdd5e40dbf4ddb8d51f51bde2e57432266d248d13ed09e62f66794d188f9861c50ec41f0eee30f76f4ece250956733ee97036098db41991a4a3eb7816196c8e447db3a2913bcd992174a7bde1f42d57c764b47f5bc09533760c1ba74943a0dca291f2746bc1fcc573f9a22c72a5eca347b1679683fbc8f32b08d381baf67b7266b14b3ba46a04a3ee45881ac452f64df1bf17f70f4cf9fa4dfed9ae70184679184784a0451d2f5c19c02031e0e4957b4df68b4a069a6f6f6458f6d773924a1841ba664a55c2c3187dd33416cd410e56e4bf8d3671cf737bf67df2a4cc4dcc786872b9e2dc4009fea0e48a749353ac053d80e36357d24d468dd595bc823017c015d7450fe38149370c5decf13b00b6b0e0a2567ac08b45f7b0c8a7c89d227219d051d17a706ccbea49a42035cb327381568eae23b5e2a3b7e8beef6f260d24ab224827ca8ee9d640dd23eee94ed02c9e26abb3053cbfaeadbb1f365a24d8769d92240da842e0b361524020b5c9c22a2fd8602dc9600aaf02b35344309f6bb018a94d4cbc9639ab7430657c4046f0b25df517e31626abeedd58c2e19aa0ae1a43ed2bacad91dc04a2fdf9cc33cc420f4f04379e95988ab36731d5d5402d89fb47e826f4243bb206124364d63564a0872f8d2826eebd9046c7c6f2e7c951e49d4b22a7eec89da1fbed890d63ef15f26422185143c89da3ee269f83e1de11a7467822146042be92295a585e3a09e720ec522e1cbdcb41acf5ac45ee892677ba3ff670d71339a76ed98237be252ae21268e756f05ba0b094a1803f9da84a8a05d0ec9456cf565e1b548cae95eafa0fb01f091935e6eff2413bcb15f605f152!
70408216fb5b41ed83dfa1454c522375e35bdefe54275f109d0ab450636ac4d8e4d9e27f2d81a15b8cc5e98549254a1c9162918db3e399118f5864774a9d6a2347e1315753071eb1204c8bf5f52b1a0da37e484ebbe545fdfe6b031215678c3b83a19a24d7b661f626beb01eb82b384f02f42bcad4f40addd48db8a92b90d2297e6143702056123286617f86fbef4fea940f648867d790b8f803abc5f4e0e3f4226954c296afd96e287e21b7243d05e743161810da578096521805edd81f68a45500f6a3a1885cb1f45cbd399dde024df65072eb973c827fca13eeaa3f140842016f509aa9ab4603d2457c92cc9aef24950697a0044e3d7c483b8d8391886cd50dff8c2f16de3d6caa7f864c1b3874750781b2b78b545a94b4da0b0036433c6561f5cfea50eae9f5645302eef18238473606e9b9931880d0f6368fa9970d1ffbe59c4454bf97f4a5e8091801b53ee4a209e0642d83605836f69742071aaebd9d813b10f4ccac03851ee9f20cd1351f8e68554c9bc5f58ad19d474ca128edbf561d195e52ddf3c19bee3bb597ac2f92143bafc98bc09fbda6d18dd4ff2a93cd2ba17f54f75c32d3f141468c2baef4e53b6a340286dc2599bf7bb002aa86688e26f5b51a6aaf32e48ffd539d4f3f4bbf0cde2d20138151c82384f9ff29a634ab4e0103d93340bb9a7b0caa108bc7fdc88d7de14abb17e9efdad2b0f304f0bfcbabaeb1b9db75959dbf54930e67aed3a9c8309aa90506b6b9ed4f1d06c4ced19746e206e1e9b8879663bf56bf6c5c920ac5e09e6579b780cb63e1875ef0a731b726864b7ae5705a2d6d343a4a213a05928b7337a59f900fd04472382610e2a8d25383c9ab5804d609e79a88d70eaef3ea22d3aa9100fa2a6e98e97684ade9fe90d6bfc59dc9dec3d3d8db8990bc2123ba92e64253235e9b4d682e8aa04e23fb9bb6248a77c065e93249de829bb2fc5ea9e396461090222816bb29bca37bf86698fb995f62c50110cf418bbe2078a56c5f1ec9fdf3d0b09a719ac253b5bcd00932ae058b86611aff51c8ca8448978615854b69b0216a6eb8050ce199fd9a13aa0fd652570a1b187f61e6831b3a960521c3705da8c5e6c64c7b196ed4a49c2912d77b670b177c6458a7a49ecc1ffd8c57c0978d2a05cd1f1c7ac9514dd14b7b0933a52cefd40b6452ca0903df1f55828025c7e18109a6e0f2ab25724cad2d6f57cb5d894a6a508134731e9b9c61254f64990941f4faf97394b634b91860cc6ec346aa666600d323c849ea4c4a0ef55acbc56495ca004f3fca42ff0ffb11b0e1164c95ab89bf1db3d4f575ff334d4e0d7d50e0c54c422eac5ef78c5a3be95f2e18872540fccfb597211ec79d9d47b6cf41e385b9c2e92122167fe584210f63bf919c620d
-
-[L = 28]
-
-Len = 16
-Msg = 3dd2
-
-Len = 104
-Msg = 3d232201038fe7d846ac1bd4c6
-
-Len = 352
-Msg = 44c98cfc71f82215dadf494d68d1d6b92bb4eb81fa0fbf945a659d9aa2c2302b5c93fd3eedba31e479e29d36
-
-Len = 504
-Msg = 02a5c7b1b749d6d49bed302d9439f23ab83020bd4d573906f4190e74216ad33aceab775f71cd31092bba5cfa42f0845bd16fc1b8bed6434dedc92f80b395aa
-
-Len = 13976
-Msg = bd70deb2cafa75918308d703a6783fe9dc5e3d21de9bfeb6dbb1cd531ed5dafeec463a02abde302d4ae6ab3cdc2f0f94865e38339c88bde507ff71bbea6b30b9851cd8cf599e950b8c8e620c90adccba0033f934ca66ea0a936afdad575bb6235099beff1a632c9114a8045a0919fdc21083880eb05c0d8c489c7810aecef4a41766f67c37557e28a9db9a0d909c2b167ff7eba79693afd3ee3aeace38eb73a5a02a882cf89b123812cf2a0f6d5edd1d14362ce9c43257474def5cce3adbba8cb48e7af9a45e702a182dbf47e8869b3f99e953ba81628e502c60d4f8ffc551c31b3ad6ca85c52164839d5e9d493deee4d4b76604174bdb5655385d34ced2c1b09dd5a486e1f9ac501bc611f9d7aa5c748f496faecc14c6c18e1dfc6aee2991bd0207ea1701219955a751df43dbf66f57904675a0e9e6d7f9a0b8bb82a8f44951117ab2642d6671daf1e5d1639d48aff6a05781c2b5e8976653b0a164445872d393d30355acf0bb49bf2bed4265c9a3b786249afc7a438d706eadb6f90a7f93ad51bde6d2c8e6ff09dacb3dc67ba0d3030c54c8367e1e4280bb5903274191344610de61c3c770c6820a6cc9d826f7c743f88f13580ba23cfc00598fd733b5dd069bde7f10f2b8961c16b69761b0f308dd137f844a67f6054e065863f226141755b96645a291e3fa3fc853b2475fbe1d3b25ca22f4da4425dc95fc855e63d6699b311ebd5fec1c7753e6e81f747c808ec3f618f63eaeb1221075edff0532225c40ccadee304a8997c03920e7ce4e60e4df4d120611296786516dd4d9cdda2077ac52bce0fdf552e1ee89a0133f1f87a6f6f35f5c53958ed806465919a0a5fa42488bf29caf33a0dd469e13abae351d5c6fb1a800ee384da199c823c965d9d5457a3ef8292c4d9b142e3f1fb502da498eb44d95f8c85bcd6871bbdbf004bfdc09ab35758f5e8b6a0d0f366c3b255333c52c8fcd4ecb4536b5f6e72897649f3415443612d72c3436505249a344feeb04883f41f90ade40af119014b3c56fc108f1ab0a77087d9226665d416cd975e9e4605529c032e8926002a70924820c6c7e264a794b2a3beb63d69ae56e017294fad4d611cbd0d3847212a38f22d623eabe3b884a36464d8814286fff52c4dd366f6c2abfc2eb865e0dc9ec6e55ca9d81f1b8cc47e2629bb162e54655bf2a9e156ab0bafb4b8ce96858aeea6e6665607a3f268036f4890dad759486b15e3c9e791429ec8f11bae4ea7c490656fdb0551dcf0b0be017c08bc674bd97d9d701c3ac955e2941ba7d5f2ba122a6f0c1b164b1caf2d50df111fd4287e9e195d181f6f514d7dadbefdd4274edc234025b727680576046842a834b6ad89eccaff5c5209bb91d652357e3750d8bb0165572fb71d09fdfc60f6b1e5d868c67c0edead427e7aeb734e29b96e03ea174b6!
b1af523feacaf6bd745ceb1bdecec9251958b7f521182daddf62ff6c4f58977adeba81c616ff2e937ca4f16eb9c44e63f9e974709122083ae45524ff87d7a0cca33a90f09b660db0efeb393c61967de2564315827ef1cf42b71c0f822f471713c9d885a3c3281d7c95dbc96f1c6dde0af70ea11232b00a2d215ec8de8fcf84b6193b6ac9d46de660361aabed3371fa44a6f32107f3854262eac355f9ef98701f580b4649175cefc29950e7a0eec958f629999c4b0a98fd4bdaf5c0bd97c963b551f2220bd41ec00b8726836e949e818a49aa1ac5bf12c64fb9991111ce8be3e0cb9605f753dae1a4c84389416f17fb66cecba45d591b22d64e5a4edcde067a088d9ff7f5dbb9dbf324510000c55d50f480a640fb22da9b4862dd81080d61af9560b601edb5e3346263f5f193df97079a27e3f9876078b80ebdcdb17ca4c50aef0c8329c72a7f77584cd963e105eea9c28a2ad4e95c1d018e27d0e720ea59147f59ad796b80b6293da8a55ed47e8abdd37221db0a5eefff31688e2adc294654ab0fddf9c1ffafd4783f01eb539492cb35a77315d0ad19395f47b18298a7b353dcf5bab0b2f193ff73d99310478d2e5c4ff1c68a2493c138818edef73caec9977bd4eda6249c8933953e06d796b288f78b18c343ef561082fd03bf92b084afaaee741de3004abaf746350048294bc52450e31147173f2da13d6ffc5adc718e149f9df3702f414dd3ee88296ae8a0106b071b589e8696401da7993d58a9bf8e5bf417165498c96b4ff5fd2b45bbf88f551688425122a3737ca54b2992fdb4d60957a93097222c3cf4c45dabe18b9d6a69e6f27567d5adec489e4b6812c29a8fa52f1de642b7b0e749c16f54473ed5ca2fdf2199e885fed308fa62a3e0deb7e0b8e439e25b3e9f95d755fdcb7ebee9d73069dd57dd1cdc5145205882023b54f2c9dec6cced9e3f6d24e8cdbb8ef121b8f3eded574d81908e867af5ac82bfb8ed60848b4bfdc1d998bae3a9ca80c1c49601d11a40409c62b1536f01ca67
-
-Len = 48824
-Msg = 5fd54472a44e4476d254c0940071ad42dc723354f76ba61f63fbb9df80d1ee56136f51b6982e66c1da83602fc08093506a9e2cf27cb92085ba5c627dd63f59f8850e91a1d86cb1d4ca38ad03160f3c584b128d9b21e935570e086d3815307ab8df396cfa0c100bf6cbfc0fd7a8258fa1a656bc178e02cfdc868540d8e5ad39dd46794a8bdc205e710555ee7421ca7475a4f3232e6a0cd55d4b5d4525f0bd7eb1e455931aeea6918b9fceb2a32706d31a6d7028a85e102f228417e2e7db68317ae155af70eda98c8dc1ecc32a62e294d92855354c1114c5735a3c81e551b63a81650107557f3237bf953989d17c65a0fafd2bb1e32c237f98f55389e8f8b0810e97e201914c487a68403c6d621a98ddc515780435564245d87ce462b8785def699f7f06ebfdf33dd1ed7dd5a3e781348298c7950a387bff7d1878731d7ac66ad9a6607f2c3a3b6843c2852a5e882a8d78ae9dce2a79d595cdf09626dfa6f1dba7d40ed21caa29e304e7dbd559a89bd1f07d84165dc259ef112dc6e2c5a3e82b1c50106983f6c4965c85073c5deddbe6323003d56abb0df590f69010981ab3407e43eeaa29c6156995c492c931fff1b686eda3741a0bfb9094747d1620b2580415d431ffd6c02245f6cb03e39f87e82834dcea59355b2ba663ce145d2514e15e2b2c60cf518ff510c6c3e2f16d2dc523832762ed8352a320462ddd4d6fe755350672038163d996b44ed3b85d64989291bdf39398cb996de785b9614ec5d4bd73efcfa37fd4470b17d6240b8e4c715759286b04c3d7d791e2689927c9f18320ff2e6bc7306c805e23a5de66eced5f1a630cb43dd46db515f837f6b824b99b86c10b6df7fcf22d97be05284edf0e0be597b3f9c63556db031339f79ac9e6c5f8a1cefdbb4b30f5bcd23c2a4dcf791cbfdd6460284c5af0621ab7c5571e40a87c87be459c85ec81d746930dea24f43bb11d6611ea83409d3bf4f987778d8eed1d5b246a2112ef78ef0252f9ae464810c13f02359441d289958b4766807d9a3be0054897d35b01830deec1151f9e3d42f92b80f4aeedd65c78c6e98afc562a3bcf6d72f238c6e94a38f2288ac7929a7a61c92875c1f115c0ed8d261a727f0794f17ceaa3dabc717478f6ce7f2e8b295f000241e154b4575bfac8483f6b62f9ef4e18f7d341a65faad5e2fc1ddaf2b09adebc155ff09e63d5aa5f95206e66c7f4ef2ae3aaf3ea7c93589efa8c552df8d203e0ea181c1703d7023b56e603f33b4adb9bf44f7af290d8081210f327a6c9b0785709346087fd090c42d2b8b2711b9a1a5173eb5e246320ee27867ad6c3eadc4407bada44561a12cf5d53bf0448308bb536a8a525eabc1410c3a34becee25fd6fda453251ec229b53751f2280e142c6b331daa659ab655b78cfb08bf18e40bb02b7f1650eb2dd4ba1707f!
0aafa219f21c29521581ce249e2e34f5656b0a04c00485079b040e13cbc038bb9f17f47cb8f908591b26bdc28538d8baffe4cc39b17d2ecffbb9698bc2b8b31b08424034c051b535e0cfdf07b7a0a54781e33ba739759991aeb72c0ed992cbe76eb8ec0ab12c182e8b049cbadd6e82e314f1bf15fef5ae95dc86bd64b8556766f8ff62c33492198e454e5ca59ea856d8e095c04da8045522abac865506096ee1cfa1082af08ca09b3533878ea3580b6c0c57a615e0ab768246b3eda96bb6caa01a2648068e21959f843d853e948588e8c0bfda364ef1f9fbd3235c27916562eb0214891eb55ae0e059f4bf7d1838b5942656c27899dec6d67b823a981d1e1e0aaff5323b0e3d69a7dddf9b12d7787ab763a3c7a2697ac65b655aefc4bae7e6444850ad2540d5193b378682c77a4dbf9aa22e517e68cedfd1ba32e3730ecaa2e3f6ae61a4f427d6e69071dd62a9bf6c860980c9d23ce1fa82a1937e6dc1ce3a2de096b680d23d89ee102912ac0bd769c1c02095678dbb00b4430428797cfb966b2f901480811e1b9cde358b6d499c9e93f0961f050465d7b0c70d4961e75a9fe40a24e36eaad27238231dae6d0a17f446c16bce7348e669be563649eba9f23be29adb8b10f462780a066ae573f74e51215a26097b02469c25180890e06acc53ab063c742e08d51359b0a39749b84b9f6be44f3ae3da8e5a2f340a8607d4eed08877d007928d332d6f49502bb5f416c46d866fc87477c58a22d3c5932a8d6298c1151daa032c84ad92f8f90b8053b5aa6f690d1bf682f314471cbf200f3d30959e07adc6488dd17b0be5279e727f3237b8b4b19b31a220dfe63882937f8d5ead677608c42a57217f2239614c521d94559290e3b0ed8055d5474e96564224f6ca6389b40a71337da11e1c307dead8e4eb43252cc2f1c49addb18781cf20acffd3db693b02e5c8ecc949b51b99005529e0149a13390615f5df6e0bcd68e1ca82b0173d25134dbf76dfe92daa085d3f6b1e4d18217df41b70c4c40101884c2886495f2ef8a473bf23cb47ab6533c93cb38c36c6dcf6837f1272fc91a6962b6e1386fb643e1f1d71fc75ab58d5800bf4081217cdce0c7ae9e3d25de543fc4444314f32067eeb147c08c55c5c8158ed11729837547f28a300eccc312260215f50e98c4e3d4170208a50a4a4def1243538f906df8476b0c46d3449be73866d463d422595300e160840daf8c906ae4aac13a64457853b0ea6d8c32f4efe3b48c0b1450250086d459648b0ab14fd3f341a4a803be77e56a811e7a26827eb0a1a9454f90bc6ece665904adaa3cdeb2c4847858fd1d79750e8cd45d8da9163784b8bd06629410502debfed5eca3cf8fef0fa6bdcef6efaaf35a1986d6fd68e0f436dca9442077a4818ebda4606a94a3c93fda46e7ef5ccfef656896a0d3d93566b02ed8c3f6!
174417cdcb99a415b0c6e9816d94e64b438c295b4bfd69e0d9ad52911de5509971b7370593160629b641d690eb2828bf363857983e3b9098fcd15e66448f786f196685d2ceaa251b17ad06dacd614d9fa78ce0a8b9c1c360b529d0bc1d17ba0b70ea8ac1b8d67f6e5770f0cbaee0b38109d26b09493060dc851f5fef121e83e30aab9c3efc2b8397e8362aefea1708f7ffa14d3656f7f7610f3a629bce14648a593250c6f309c02c6c552bb42984ac58db920dbc7d98f59295f37f3e9b99da55ef074ed65801b390366669b4c7aa1c483ffd23082793f9e5cbe30c34250f63fa3ea2cd097593dc67e8d27b7e4f07e73a9f7b33a5ef6962df1381a038d4f58fdbca9d71ccf640b917f631b75d4a2e8ba46c64a6223f99cee30f47c1a935dccc7f054fc39d3498c824e10cc3ee337e781a3971f0e98295aca611bde701c2359858914248f6bafc88232bbc27bd85883b00990bba7862fd7a7cbd4c86df049071fcd10d686613ec877758d83927cacc530bed9a596b5b21c6fb748c379d676de7e05719a867c9f934b5dad99ed97dcb4e70a9b6542ed5b2f086d9f56fc9752e788785ef8f7837a31e433438cf2f18f58be37fe8412f6d21a5c35000a5efb862926700079413f76ab2c3e79e20b516eba9d8c29897097bee55157936607cabaac41337ea4cc783c0809c875259f8020e16d5045fcc39ac796d11a82f25fcc9579bf0a010200f5745065175fdc15474ed514cc796672c59637c3c8f236cfc9c0978a3db1194680c58c27746090d76ca09f7c48ee4ee7e1d3cf0ea70dbbbd88e30e8814b57404dfd7c33727a0c84cb7bd468b0bcb3c89b526679c00fb0892d2a5e7a3d73698a3db53fd7d78460cdcf24ed22b5f39b8c00b3506541ae4a5b76fae29c1cd5b0f8c3ce142e0af7ae4efe3fa4c438a604bf4a9abb41e3fef1b9227a7dccc3f4d6026ca289b4b1366d9ed546abbbbd5677c8d582e79e2b544f18dc23809ab753313d84dd10fa3ed2f723f0b46277b8877d4f3e0665e88c50caf0f0708b746b736b00c8c83a7d18500384bd035996aebb7da8f09fd6af9b76fde7fbfc0ee854d7ec02950e76abd23ffb27a6ddf1772465016c79b98a61bd3940547b207b6507e32cb9761a5604f0f546834a8edac7ae06910045de218d761a4accea886188f947b57bd876491709028e2e24b075d6b022b51af1880ca16a8c65b7c69e51b2ad580ee058acc0606f0a3a9ea1cd4342bf4be602e941dc4bef1239bb9bccbc8098a6a17d63186c6fa75ec44b6e4fd38a3fe49c5eb995f0cb884e2f3ed6be02515fa605b98453ad935682c3bac6a2971bb68f4094cefeeaceda92dec803ccd3d346f8b40b48f8f489e118a17367801e85c79e9b3bb5d73ac44a8290cdbf83a154f2f125090d42e1a1cb72f5ebbd42da46c7a4d4b9fad9612a4c800de6467ceb74f!
831e1395dfbf5799a3429ba34754add4b34b5960a5fee8f752dae78450322a1ab3d7102b77e907fc1eec5355991e0c7d6c0866660e5436248edeb1a37c0e769a0764cfbb6354332d6e55103b9235c84eedaff918af3f0213c435c32ab409a4b5c7eed8ab6ca9e313dba459bcfa3ee92e7d669be0526856ac3c06a57fbecbba553a9cb4655a901d98af02b74098e478076655d325bd7639d73d7ae00c62fdc361a997ea4ff5b0eba33096b12f35cc7cc0eea62950b912b47c11b9fb386a47c4c15c0602d304b2541da889cff299a1fd415e7e25c70ee4cd83feea7e6a9c50c75d9b128458513d61ec5d0299ef8c090472fe0850f384938ed44d36f10cc2c1d31daee3f946a2fa18f9982a988fd6ac973b1569313ce3c8ff5746c4dd85a241f1e9dca0e904c091832ca028533a3e34c184edcc510bf22a27f530bdca3d057928a96f72dafc73a9aa6dbf2552598e468735cc5736c67a620e9455483e9cb2108045ad80569582ea93a53b491e528c8df336fb326ad74317bc1dfb8ec30a73af01a5dff3e437b7fe48ba5dbb3e8f01ae0c6fc28675a415f23a796bb6e0ef0efeb4b14cf20d4ad88ad1966da43a76b454dac8687bdd97b89b8f8eede91eb34ca4a0523ea65736ae39341fb32b9b716f25662a37382c16f3b9c346c84f03bef54acd6efb364c6401b07b3f7679e8e7f8c9b77b75e6e98b90f4df88460f1978d19744eecccb743a999aaedd00b5a94018e9d5a56bac9d5d55f6e93bad52e84aa7340cbbf98d56213d9dd3e1970867e3972dc98e61b3cff40b64ec49463ff79a41c82dbbcaa37a82b761f432849aa83a3d3c9a209e2207b87ae9ed9959ffced165fcb0d8873668c3cd8f18ba0f92f7acd2bf50416c22ce11692bf6132eb9f558dc789cf9776da94e48cf48607f19d9a11d5df4db11dbaa67a1d20e9f0c96f5956ee3f906e371c489efc88b0c1e56d881e7bf8dd5d6742622eb873e253dbe54f2e2e6d0e6136941de8c23e9a632727bb5f88c23170316c7aa0df28d8d07589dd6022828834f7ea9b4e5876a1704944aa3186dbf89e0e81767cfba03bfb38c55a9945209c4dfd88272c49d1745dce5ceb40f0a6713b5139dc2fb87a8a4888406d2610b7b910a9e5782ef0df719028d8e50a40a269dc9bee12157038522d06537bb31fc87d21af9ad4b2e7e127bbdb313e0a116010f65126cedadd4a122d15a71cbcccc346f55100e354b997154567fe3caccd50251d137c58fc3a2048dd5883b6af9248b51040c01a80c051b8a151a8878edf0304b5554746d6116b749221a1d0082ac925e6e140f0c3b6a180742ac8a50ce0e93e6399102f151d7c14000369ff52d0b537fdd51bec99e7271b1255c6fbc36d83408c417f6825a8e2a58b9054ab2c3ead69d97ea9947fec32d720653c123ecf51a9a3f0ed88743e3fb7b94aea59d0bf0219!
ee50825ef220554312cb907edb90e4d85f29e316ad57d3b90d859391fcfc63e6c0fd3ec27d4e1efd6e0b5ca8165cbd6af25ed8792d805f27fce308ca1d51335ed5d727558dafe05486a6f9149b8d3bc022026656714222830be582889e6800c0b170e48ebfd069e711210e4ac7acf07652a6f5051507de68aeffc9540cab5cdac84ceee46059ec23820c04b127266c0bf8df0d2b856be3377ab42592f495980baeddbeed3ba707a85dba64fe36941eefa8fd37204ec8c18df3852febd2b142b1c9a5cd0f9e424cd408ceb7788270899fd793db99ddb8f9ca8df550c513790d8bad37a1d1f4a62c4527bb64c677462c9b093582decea70c7bbe873095536728e7ce05d5cafb5d166a1f03055e918f787fb244c5857e3d7a1009bd37f30f165564a082c1510ed19bb1633811a76da70dac67641c2478c6b335f409ef54a2d0f370c9510d0aabae3cb998bd023778375cbf9cf5ef125afd584c11efbf40bb51839aacd3016e5e4d79f134245f952dbad617c78cb6f5712bd9c0c7e1303db5029640cf9b56e29329c3e6a9e0a2371aac1a437b9b1c4477ec9842aa80eaa22c5eac11b60c661de6ddbb088e844293ab8589c13d938765bbaa44301e4137148dd0257bd4c8c766c5d3bfe53671e9417cd1b52f622870ffd90f4e17b7a4ae1b5601a2edb032e353bca652fb565beea6fb0b2cdcadac71794c662677fb1dc81d116d94f5eced526b37c004b95284cb6aa2ac415754a1f14882595dcf4d3f1d905c6e8c12cf5a9d23d3ab55bdaf9f17d2f03f933e1bab89040753648c426b072b73aee8c2fc0d1c03fce2c656e20d4c96803fb2ef471b912267eecb4d6f342d3513894b94d77767823fe0c7438e51f21bcf16f0e98b94b23a10760271281cf843989824f7061bf834f93fd8d2090f70e939700dcb4d8964a19da39a9601a7e0ed9f55f567fc7d5682d55a9ba0e68861756bb549f2f17c10ff6bd2042a80477f89743d3d762f1dfaf230bb502eab6f4c46b26135ff3bef5faa179bdfbd288e3cadd3d88d8012706e19b7fcc6e9cc2699d3ba0e624e715599480d6b7dbc6eeea0d12a9236444b17285fc7794040dd40c2b2ef175f7f3641664fc9bb7ea6d7eb3489d504f8013d64a23aebcb5ce233405f5ade067dffff253f27e926431ad806703e8fab23656e0b7431916d8d4c72a7d831e3664e5f30839c76c8167b76f3b2dc75a6ef48df515e06ea54ca51de2fd9c5eeabb1610b7eef06a2f3167859cf82e1a5b76be8ed8beee2bba28c3b15af6890d7a37226834ec9f63306a0da11aff918753d8b83fe7220803c070db98195d6d18357233f5504a6e3bd6f30115d3987f93aa5d89aa0b8b577d1fed94da057a6f088233efc0f44f86798896eae9ad0b20c8c9cdd9d72a3f02213f6797800894b864cb44fed009440fa5b0197023929f9bad16f052cc!
2d87327788a68b9209f46fb4776b092d75713048b5453ccd699d19cafa8e9a93fdab0f0863711916efe3bd81ee71b8e0221e12e9ffe2f6ee1a4dc1a8de6e593480f3c05b3691e916a4a7ca51971eb2f0f693dd10f6b8468f8cf7bcce285938b5a0a76ef86acfa2990f88bdafdc39a065db17b845028ed2b7a9e331c44217de20440e406868f1eca818d0be20248c2948b8f4cb118b2e456e585949139270f57c54715f3297bf714aa7c5f72ed8ddf6a074703ffbf95e45bc81a02c42822c22d2b718f2de5e03d687a4b18d605ef5ae75f9d43c8cb4e77aaa0c0101d978120f29574b22f52783c667f7daab3e1f9cfacf2e68e94a24918e3fe2c4f061deeb64891b5217fe5908e7f389897751839982b7fb736fbfb1232684e93123611b7fc8fbeb74f8815b5ae13240051920f3b6ed34483ff673c467ed7f0a8fbf619796e485affbed0697415d2d0598ba34d5b9e44ffd12a5edc323883a2e28efe9baf860324f2d2016748503eac1888213926b0e0f0335a4b51820a2bd3b42d982ec6ce307b453b6385aed7a735a1e98479394147c40f01c532926e10e1b26a5b395bc150ec4b4daf5b1436bd0baa225583ffc9d9e9d8a354f60fded37b41c7c051daea04e689ab2d4e24d7d07c75c50ccfd6a527e024d1632246c6f40f06b86ffec0b29cf894b665d53d459226b93422d37a8da23587fe884dc3c0f2fb55dea296a9a5b9a0d101f186d9fa6288c912202547cdf958569d2cbf235740eed38d10b0025dbb6de31058e98780d22149c19d4bcaf06dd7353fd91cd1f47e47f45622e1472542be2f63f463d253617eafd4f2ad609f9020884905dd5c22fba53ccc619104b6c0203a7f6c8c26fc80ff6fceb8c0c51600c2e46b4b872e6d597511524545a76cb42278b519d911e6c1320e01682c551e204ccdf91290c52e0836167a5685cbb1af338eb794c10fac92950f3f7956acf28f1ca984e380bcff9876b0c71dc7ce4011d1d0f955da9ca885c6e7bb74c6194dadb0fb9146dd725c8a9574aaf3824b727c9be3fce59c35850b162c17d3013689fca858a0a51d81cf4f30d6a8705bbfe35ff03c34cc7c56aca32140d72c8e8121fc71353596b777b266d75b322c9a97fd2c5d4e2362f19c99de66da7bd9c495c03d9a15b28431a0c051e786fa80f5503a72519e6b419263d72d553d688349c0cf30918eba0622b953a0efce4415c29515c26ba15f00e548ef108afe3f8194aeb965e5e4be94f10df6c45ea5c133a8c3398d09fb80f950b83c1866a1637d2bcc195e05cc32a9233b244cc2b1d4930e66f032cb1163c37b3e58b576ab76de759569797fa9b8bb4fad66aaaa56f09c7a0ce4641d6799d7bb47cf684990ec1e08871458c211a353ccf1285e7429c7b8520180918f7
-
-[L = 20]
-
-Len = 16
-Msg = 8a61
-
-Len = 104
-Msg = 37487aa02b03bdbc6bc62e7e26
-
-Len = 352
-Msg = 6ecd002568bae3bf1873993041bfa292eb94e9ad092d8eb3585be82e8a20cb36a47a06e7a57d301268a4a533
-
-Len = 504
-Msg = f6dc1d2f6b8e126d99939664693d8709513f97d730074ec2794e536d94ede79c81f2b2ecbff3c2c26ca2d181ada2c60050997f3bb087ce48d956c18dedb227
-
-Len = 13976
-Msg = 07a6372c863c7d7c6764e4f05addbbe161762735dfd2d23bf268e2d603cd28de9c369ac379390473e1d3fa7e37af1178cca54fa0f782dfbe68070952b93462ea46c640d43ffe71f5fba42df98f4c48ada0d8aca8753e0731508bc15dff283178ae5c10a6ff132eca5dde63a78d3ac94685152897828eb25a55fdf140fd33fd4e7b03f283e201a1baae8986d25603fb0b2566aab345fb48031d648144dddc2e3556c0ceb1104f348d96ae7dc0152e45c625d21b46e70c31f250c858aec4ab2cf5e79d8c79b0854e0abf5330b9f044113d306161968f4ad6f0973160c9dc296056d5a11523ea2b56fbce8387070fccc639ec1c65ec663b9dc49aa880dc4ddd3020c9d44ff7e8cab6266e436af19b4ecb82010a0f8f9469ef380034a02e3f50051a6a3f233dcfe9d553459dc1bebc538ae0183448c9405c351271dea808d908480e61e9793cca111b4cfb9874b799626a1bd9a0f6e0929ad51b97ad81b2438f5fc255db3a3dfec9f0d8393c6b245b03d3faeb58021db3ad391b17a91174a66db4feef1b4c889699bcbea7928f4d29be2d47f76455c8cb1dc7da9cda41962a28ad8cd7b39965b809e7c7eca1c6792c1ce1c8a4cad6290170e91fcc49fa5ff64ab433b4aa081c8da2d9bbb072f9f18ca455469b946c877e3006b34ffd2219335b30ba2e0980f43cebfb629d0b11fe70dff28883ca012c6ae4855fcefea20a08e189eaeed7eb36ed6db3835976f4e60053205805727c5eec15d0e9f155637a9e66268b9c1c302bcaae6ae88cbb8cf1668a487cc996c4662c4a4e195f094cb31c717165e0e13718f8388957dfe0bf69c70cd0bd763dc38c530b67b9c12244fcab8bd13f602de848a2937699f9ef77944e5f22e3b470601789e1838fbea9359c733aaee2c7082b02ee459b7684ef9bbc200da4b62d368351f5520a65ffa506dc9b097117bb7ae88d04d85fb525e91327689ec0fe86971480c0e864012b1e9f044c7d80a4e48c07320dd4292086e4c71d4c98dd826a9bfced112bfa2beb1ce85cad204451ec45703931bf637d4fe89fe8f485620b7f4b21e011a232ade7a8c92be77925e878ae0bea9723749528fe83cf89ecb9616dae6ca0e8d5754ec6c92abb21108c2f33cdc18c6887c430b72c5b193356494cddccc577bd4c2cd53188f352846edff0c2ac7869cb74bb16a77c0f0f194a7a9477ae15abb890bd0bcfeb0c39381a87f1d05319c7e971c10e9ef687f96450b400e25b4285032892b849fd5db8649cedfb03c88defea063ee144a1ab1f3bf05f59c7db364dc39c11a446c3ce16307d78d50315ba29f5bb9a57438564c8c7b3e367cd37d74b2375a4966f47489dc5448f4979428abd32193d3840aa983d3020a9f29d760fc7493ab2576c90b1934b799c1d0d55e4f2caa78f4ce61930c79dc017c2dea0c5085d73a3b0!
e4a6f341e9a5061a6658af11e5edf95bdad915ac3619969e39bee15788a8de667f92f4efc84f35082d52d562aa74e12cc7f22d3425b58f5056d74afcf162cd44e65b9ee510ff91af094c3d2d42c3b088536d62a98f1c689edcf3ea3fc228d711c109d76ae83d82d6a34dcfbad563cf3726519b519fd48b51741aa86720836494b7a589c778927047a25d73508adaa401e9a6c0767a675e31c5556cbe35fadc9671359b45e985c3c8af84113989b299ae4474b85e4b5d4b0578ab1e8a2915a8df97c4f52a639fe32272cb91bbfb721505dec46d51383cb8973425a714245c2e37d0577fbe0d66381d9239db1f08a380cf609dc699698e0fada2caeda44d58d766c4f8214b10642b80b8d7d8add7cc41d47108ab7d07dab71069a2d982cc900b331caec317942122158bac6eac9175c2dcba0c04443aa9188832b553f5ca8c336880824d6bc02486a2b4c086665d276aafe3b1b93729829adca50c44466fd5b5cb977aa78fbcf5c0f0da1b09216468a11493ffb39efdeda5d669ae92bee2f2fb250aa1b9cbb11c36c7a6c6dd26cdc3cfd572ffd8c1dd72a13c27a327a34c6b6b3d80fc6c67c72152eec0c8ecbdc1bd5cb829b811e7f29af6d786f4e93dd4c96fdda295a6aa258d7b2fcf291c2d68e0b1866032475964ec0c6f2fa8c2d6a3936ecb187350def4e818507bf157c0e9b33406be7660605af14cccc9c799b4e051d0d0899e53495bb8931a6e2984bc6dbe4e02ec8b4642fc2f1cb5fd5a5520b48cfcb49e1f9533838753554dd98b6a1b8a67409279df477330e5f37367e06247ca5c3ffefd00e693dcc0c9c30754121c9ee88a574915b9e77c104fd2f921c2c096573951407ba9b440423d76bdc6fc978237a6e302cede7f99038ec31500884775556941f1edc30e3a417b0e02cb6fb5bfbe5cdfacf4006411287bedc565fb06f1be987416407dc852254934df4ab59edce476f3506e65be6ce6ddf91038642291fb8e92ba5b1f0b105670905a2c14796110bac6f52455b430a47b8eff61
-
-Len = 48824
-Msg = cd8490c93613bdf1f284b94b330f6d6f45a39c651d2a160b340e2eb696fc6d1c35e88872845190d141c669de92a97daa5433b1d7b0b899fdef2ce74b8fe72a7296a5b5be26d1dc86520367c730c7400c2fa06f91ab4c48a7bf4ae35a5b9acd5296c4fdf7451b0ad9cc439b4e34f11e5d7ef2bdda376f8dd34d6f092b219dc085dd4c4a6308b8808f588eedbbc7af7f64e83182fc7ca7cf4741a341060a7969d31445834c982fa8739ded4555108acbea1666a83da17f77cc42ee73323eb53203e3b790f81c08e94c44678b6538096ab7b09916e6cf7ceb2af85987f8e4d982dff1ab59b0bdccaae1f405a73366b5c5935dd0b43e2d2894290ceb66a0246dc02de728c5bba30255fb56ce8107c3144246c5156a8fe40ada9126adf67227fa56b66c37be63f532516211ca012977b04a97916f201f1baa2629eda520b51508ab4229df2ceedce406dece0110e0a911464f69e7be38fb91deba0addcdb3161d2799c628f5a57fa1dc37357c947681bd9c36f4832c20ac466c0c245de3b250c33282ea1a02d007f03b34ed427631283eb614db4d521f555136e7e42b4cfbee8134c63dbe3bb79b5a8b9f9f5b9f5ac61cfab1c54d197f1e3ba613f251eed616df952d691b88a16466343ef2d0f63882ddd2d55b8a6786308b2257f5d7b38af166bd7f1339d2d8899c9eda8fa86215850ba547450c267eb3c9147d96c38161a69d1584e521ffa23384313a1debcd37f72ddad02adb3cadce7ee34b7c1f42a15d0d030487daf9488aa7562845a11ee7ffccdb38b300935caa31f78a4ff3dd93403cf0c6a16ca611b58c736aafd33d6dc56f0f47878211d26f6ab801b9453a7f74b44593dae0f047ddbbf2c902891111729edec44f69a05944b18e7a601f41ad24fd6833da3dbe3029bd390de7c9841b2ee2b079b2bd2737518fe1bbec88da64769dc36e4a8bf716c219b2fe059d7dd220c1ed2c59878db5bf8b198e0689edee921ebc0cd2d3853fcf57c363050ce58071c5fda6ebcfbc1bb62e9eb956286291a108bdd4191c4ff47900d6068e1ea26b487649af119b9bb15dfed804836f2196cbe12d8fc86e3d7ce89b52ad49dc9ddbce5b370f73f512bedd853039366612453733740586d1372143b09f21dd4dbe1a2bfc308db8e4098c5e4b0c1e16141ee50e85fafefc4e2529b3c7252af37aee6f86e19df28871686107d7d57dcc812bc077602642d2ecefdd5f694b8f336913210793e4068da2178600b1f41cffb5221c9b4b6298afb47e85701d7b1a44241679d8996f916c81ff437261cfc358b9ec42a2ce16ca3bacb8690d6c1d91cfb3e0bf1e7ba45bd01606df856fd03c7e946f7ab371a89e1fde86d05fdd97bd7b1c583b04c2ed2b5f6815a460645e4e1b4e950bf6bd81dd0352d1048df85266f1696534aff5b1cbc17f15d82cc8e0c0!
d4f0453f9439094f8e0f7f4bc045b654d9a2f1f44a9c57019f63ecc41021c05b5380675cb56ea8bb691d79ee204d2c4edacde3c1fb3f4996a11d84b035f965e74009e2ab80e2c7ea3c84a834d4971a1e9cf423e4ea67ee526eb3c3e4c2d7372c4290a0741e1fcca5ae4cf36705abe98ac81e98a5419baefcaf3093a7e0449ef1021f88ffb7ad21b2677e41cdda12025b06542c4b2564f15e0b99db43b7c7020028bd829372122cd910227cb07c53cb58fd9dc620c0491f3e2bf883fe6ee8cb1f5b73767977d857e4513e8b5612f6ae4b56014e6a3ad2a065b65472212e2f611743484cfaef860999d1dc5608c58412fab888ad72bb87dd9b55b692f31e252daf8944ec5c02a5a9c23903c50dbd845f2fcc3bc9806af13ca7b025cabe675195b1d56f3fe7d7bca12530bcc0af217efcb03a218bdb6f9726536ea902c8303b02e3ced22be59753588b5f0e2f3419fa5345a942dbcdf3010465384a225ba26cdd0f1d74999c69f336bb6d01fae5cf81cbb8c1a7a29c1eb83ca6b51113bde56b8cfb6a5d72557622a37f039d090a689accd02b57c691174338de8e05bb3620c079705c969c58e56b079dc9eb44eb0fcebe548f5a31f4072a5ed56a2f03107bf40a359b2601eddf53cade66f294cfeaa40a0d94b9c90d15f61852f295d3911f8ea914d015885c8c64540a83badf0021a416c3e37b78236a2ecd1fce4114033416bdd3a36c18ec13250ee9c74c0fc4dd564b3d24a825802d5ae402a53bacace115ae3bbb329be79d1e5e42dbaf0a6446431145fe49b86a8703c7c41f8985d54f12e314c16ff89351d8addf66ebba2783f2d1a11965182aa0b0dd2de53586c5a695c6265c2b173958da648611090557bdebf11a1e042f089fe98e049f4796c60d26be38356fe020d9ace9008410d53a1bb7db78b52ee44bac364213f5c59f1eac4e3314f3423b92fdd7a6156608111ac6ddf58385ec1f3df12061208db98816ac948d803fad10d5ece2018c60faa13de5e5a9033745c824932e53f4122a39f635813545c1b74732cd55642f19ed6deca1585ebf7242c849bde981572a2199066e9c912b2068c8f1c8b936c43ae95c6e22bd7b80dfea05f495d751107da5928e806d0af905c87b5a0795df146af6580d8f9c6a0e2645686d43822ce9b4be0bd5937c097917e048b5af71c7e7521d490f107e9231ee5bd9fbf0727ba87774ed24cd52f471ffb71849ebd55605996515bdcfe95bb1df3541e7c42da4166dd01ec3597634aa6455d15fe14af435e8d7a55ff1682d55a2da867ae63d11fb3fd987fa5d7032ecefc35d3fb9570940e779e13da18070e6df5292f97f2a281f9598101102c955fe4808a2319c85fdef3d55b19e05bb8c2d3da64bafb67a53491513a24f6f0804aa162c8a7db25b38089373fecc45a0eaef65dd9be3b4b7f9436a5423fdcdb5a9b!
60138fc6a2261225390d9ae0d8ab7f0f7ffff69dca06881d33a637d634358abebb333df41151f239add91abaafc89070cb2159ce3a31655c22e4696c9fa7a7211d1251d4bb21ea4a321a3dbebc29d97f526251e40e548dcd7ed07587719a266f006179dcd22e50b3705152817057b097b043ad63b8d867edc20aea9b4c959ef4ff70f47128cfcc21e31f17978ecacc366f459ac1cc459a3976e4173ca322675f84f18036119ec2f204c3fb554a0b72f7e9d8c882ab147b3d280ca9dff7b9160b1b437b901f03cbc05fe05c6f44824b48aa8da52ae7dda1653fd500f9ccd221843cf76513b3b74d094f14d93a00d7cb954bc4cf2f04f9a35e38edcb1e84f62057647dcb3571f1dd296ca1e049f1746a8a282e85138500e7649db756b2d2ad88f11c471c89dc6be2cd43481013b8d0ae83da2b855cea7be424f8b2325b1850d1fdef03e765458df4513d57c72ba9751e1edc3c4e7f97e3202bb46eec7be89871ba3704aa6c6fc08851e551a3f655fa1fb798d12f003faf31c56b6df399a5dd0ed29ef9e4139dbc254bc5d6051840a859eabaaad56324588fae881fd638d2b70fb3813402df61d941ab495588e5fc3823249bf9a03cf877902394f512de118edaf98843a5445e9073fcfa409df3db0221f1c77e2dd21e74f9e10c9e180dc4ed17010eb949c6d67a22bd5337b2c68f9eccdec778ece728e91353696b742c8f5a3a569f054efb8c1ed478ee9b75e26c768a5816aa6bd08a4c72e745fdb5deb34ecb86b3a84346c1c70f9c16fc45bc0421f0da2f630912d5079f390cc53b78e343310de722b53d2a3b4aa386caa0d7e91986e19c3363426ba30eb5284293af81d00158a3f5233327b40c3b989725ba7dd5b31ac7abf8d3e0b737e843065cd7316dc2f374a00bed4cf9caa0d6e232c854df1bc24c3d484bc6bcb14ec770d5745474dc6ac3b3ddbffc551c9fcc2c56a5e0ae17948457c01e701bf1554022bc2b7d9dd42b2b91172fd85e6874d2d61fc7b3bb3cee2a9bfec09f6d7e98279c6f511f4140b116c856c1438e34bca59fdca2409f025b896a52d68719bf93e82e7d89bbf798991fda0af8d06d17f39eba4bca09c1fe594b537ad4c9b94ab52c895539d639425f9146b24b016368a638e5bba391bc8763cae7c52ff9c496884f1d84e5e08ed451358ecb3c4919dd410e82cac35ae744078287c05c89b42999ea6b8b127d40d53a5722d45139e8bc507a11e7add7fa9ab12cc40afeec008a4668e3e6440f27bb5780936c0e3668ac51262390c79b3f21fd041cf36ba3522f3a552714ff188bfd554c60d0e7d11213cf7d3864a5175d4047c2f3284741f18ec22995a5b82bf62190151bc1529c6d9927f9b0c1dacebd9c2dc406f7f64a973f9a70cff6e3abeebeb46514bbf2ead382f7262d46bd43d88c1b91a9011d1f8ba81fa536a7162aee2b2!
ec6fc0f2d6efc87b98d2e41e0f946969da659c21053775ece415a34d42b6cfd5bc52259867b411dfb991461ca618052309ca9c96468c2da12dfab0e822ff3bbe7ba281982a239ac19c47024fe1f0e3550cf0975add1f680a9dac9b2c4ab0aed4f409ddda6765eb8a0a9d1e9d07458c69ac8195541219b18efcd06c0001f2ae7fee2d404666a18ca3cb3aa4f0623e86c5b1229f6c2ca28d951111294b91edc52730b6b2c46e000672a7c89b2f38045bd3e37dbb8a75e18687a514dcf740c87a34834d3c3cc8aadf6166ec0c42d2be92f90a3af49633ff23cd80848ceb57ac550eaf9ae496bdc6a2d7cf50fe107895b4a1ed014f78af24eccd6a07420f1dc0df1e7c44b4ba937dd43cab9c798371b148325578d61931766af02b45054bdc2d9fcab2f4b49092f6fff7c27886820739d6140a4a905f0020249e8ae8dd87da1a1e7b1851eb01045aaa72dc8a2bf68055e7aed41d85336648a3405195d2ab61b0e29a770461f32fd05e14c17d72c5252f026a7b9abe7ea9176d3c46f6ed9fb716758d97b41e4f5d81a24538f763d83eecafafc668422612b40cfc32b3354b24755fbe400a2bfed494fe6d0ba0051713b776e67e2f1915e94708e6dc74b398f2f526933aad8fe7dc32faf40022606aebb6e0756b994c3176fae7640ee06d6c67bd54764c4752f1bf831f43e0227cba101174c5554ce26400f333dd8e9f6db1cdf670ce407d7d06c3aef4c0724b62edc8f1ba3e04f0e394d15a73b9255abb4d6ac70303dcf9160d32dc02d4804219ed5c7e3b48402e58ab2f58305f9bb95d2a8759947de96328ed5234cfe7d0b2a9a014df7e4cd0ae48906315f139b8635d2e6bd4aba32e62b8906cdfe5622c411bf0373d0cb07d17bb2bb5b83eae4401c243605fd1df759fd0ddc704ccab5a9776c40fbf6bde0f11b9646c699f26063a9550ac228c9884c277bcadcc0a2c225dc203e28e253c4e464b23d2529d09c7b7dd3c984667372472b615645f294c4e3b0797f9d1c234015b78502d98bfc04f1fa2f16cf3e7221d5794d035e4b172a4d84e679cb1c82df2fb49d3c6668eb1661bed56705096c2371a19d668832808eedd9e5b1256c18fe7ccc494e5e29145d453c553ec86fb7f3a634d0d45661875f2f1005ba5e734c1a976f37cd23450e4606e32d027bc9ec2edd9395e14b2082179bd7b4f9b8caa2d00a2de71d48553f7d4153cb56a1b08f11925e4b11c9281744ae9171f3d6faa3ab3f88c5c34fd23e4f6efeceafdcbc07686ef56efa62c0ad62f1cdcb4d3b5bc508c1f05263bc347158fa5495828f34eb7fcde98fefaa82bafeefed3f4a58968d751c051b52e0047f066de5be533bc3b1e439ab1c8602f6c67503803c8fa113737cb8279f358dbacdf45432b7a654d0e1122cca93420e956661d7275181c75b0d9c20e84c7007dfc49f27bc00007cf4ff!
a631c892981fd70141d532fcd51de5c23fe0b7a186d0dc296362f235d61698740cc315891cc9342da17843bcde274c17e462263d0e8b4832dd9075a7bbb443d4b26b41e534ad5551ed5ada102175e695363fb48d6b99ac978a3aa6f405d87f983384ce35740e930491d75675337c5dc081e3d301228e61bde5cc169968e5b4350cca2b085f9f75cc4b88497a78cd0a0073d90246c7dc102c7cbf3516498e8a41aa85d8cc5bc285ff66e8338e85ca83fb6889e2bccff52059bb9e92e92c155a349952680ffd0a3c346061a53fdf074417fc90c4d1af7c2acc3ee4b080752cbc9455ba5931b7e910f1e4af0efce905d2cc9c685923ead387fa532c0e8ad92719c76c281cd010e1acce500ae1443838b8afb48af032069dd07aa4df0d56bcb70a64592633699c8658102f1fbca441325e27f1732a7a973d8cb3a0684d72943ef6f1892f2d7ccf39bb6dfe5801ab98653bdbcfbb787bf125253be2624f6cf44177d588bd7b780d9e3f4e3a4e50b8a253fa21abce6a94b9073289c76773b46140f5a6e46b9de9ec066c176f5d1a69f380e1901216617363362d13ebb26ad74fb008ec08841550ff14ca800a1ecf2e007ebaad9f4e0d9664448d60ac0d8544243129fb81c1723b9b4bc2ee971dff736d9fcde0afbfbf5c50a4cc06a4c363998326c17bdc9e2508651dedd9a2a52bd87f8693cfcff60753acf9716c526e8635f12377e36564ae55d0fdb3c7997ec4dbdaa5b4d18c7b660acd95060831795da7d299a5a8d8cf9e92537dbd3ef7f56aebe38fa97c41da6bf0572a0270be7e5a7dcc0be3529339464c811052b65a938e874ea6da469c7d8992ce0aff1c75e82d1621ecb967213c65f2de582cb41de3804c507ddfc708ef3f6096ba4491e431160f98de806d0f334e03cfb7a3bece601099bd971253f3aa0df845da8b478603d5d88533d0cab9c89f2dd9a1404cf8939ffdda652a94093865a85fce2bc3d7babcff7b9f3306bd76b9af80c78ad518f89ee73b7a710da604e72f4927be8d65d06be2e0732fa786a83e27597cfbed9bf98df445499e0746b9f2cb9659ac0a9cef433148521f33b1d78d13c8441c0d1e20fd93ac450a3787a2292bcbd68cd1f961d34937be9a21abaf26f361bf53aa0c095e53c51f3e04d567eabe6e40d96a17c2bcc9230b18f7e079bc549a314b4ae21d30a3341aa205bc75c7f1d21b0a49549c300faeda243d0ce18da5e66c5b663cd705005dd9fea0a9564174abb797d64c58fdab1fae44576d514b75eaa31c9278b15bf9b6df7c6c2873d7a56fb91ab77b83761a09f9e1ddae535622fb87f7462256a60dd39dd3ceb6690b0272920b635ea639daf24f95462c523e5bbd8d8407c61163ab38877d5edfa04c2a78d4d240523ba97c7d01c71783f8748e85164b4dd08c25506a4ed18300b42b7bc6e417f512ae456ceec2ffc!
83190991a06d4a58ede215babcd3688e1d61f1975016244e80c88ae2aec05c7eeb1c50caca72b3b415b6b870bf5e10bd1ac3ba6b4acb1d1afac554444d94c97e171005fa4ea9c651bb4e527ff58d0c2f90fb453a92d6546a26e9e98395b09e8471bdcf2a145aacb649708cf048a7856ce8cf390c107ff2c66efbf2a76c5b041860ea576103cd8c6b25e50eca9ff6a2fa88083fe9ac0d1fb639c516b9bcdf23c34c6145a705498ff9b9747f15e1c08c63da6efeda4eca02c3f00dfec06c82220c9de840040118dde76be788daf84e6a2f44c81fe6defcc474f99c51c4648d297cbc48f081e0809dbda505d020cbe865e430e0491644ec8c52bd3ab8ce8c4862990f49fe2588caf804ce9500ef42d5a50c057c257168e283e4a4aedbe4ccfaf3eeffb212f9e23d15434d60bf4f455f512e2b655aff3225d1b217c261110cec0400f54dd303d6231d028c2eb649bccc91d30a6391c88bff9d447c3cf35a3467be5957e0ea4d4dc237c9f2c68ce48f658f820a3d72d559b60f233ce538c92cb148808e34fedf2d648c21e7f2ea29a77270c393bda42d869351d6c085d965dc12cbfd0311b8bf604f4391d378781eea3b5f1e0da9d0d8f8de88e56fe47d362cd46f591d3ec0f7cccb85a21f21ddcd4107821ce0ca9ddf99dfdfd9b0c9cd45053e5b1b4385bd8f5b227ada31b5c23e9420014474e8b4494fde7c38edfe70994d97b8cbdfac588df49a49c472fcce78cccc051f31cbbc1e0422878d8d490f3aee28adf1587c38fb7e7d1be54abeaa83cf54b633803a5e669ff4295df8735231ce39631616bd05e0e31117c722c2fd6787003b0bc7fe422a089c89329544e085d71102c1813769450a9f66f160d1702cdb17bd2c6fdf0f722762d193ce83623eeffab17b01b10a31db6e2feb6eb3abdbb2e36320e1a56e44e48d26090afa7f65003a98cbfef590ac3ec89b3eb230557cf6aa566e841806aa2767b21bb26fe001f11ae039e0c9a4bf1bf3d271960f16158eb5bd9ebf0080abd8369d512cab2d1aaae2b14d0ff6ee705a38fb0c801a98b0624cc138fc24834fdf430f33e1760db913da3290f34415c9e3df3e97da1780545ab68ac5a24db89f24d62f4a399728e4144a8c89f47ac2d29e30c49b0bcf790a5e3d3fcd1943c6a28f37251d9dd827a69579e6c17b629c927473b5a07b0a29d9562708d6c8ce576109ad1a3473ffb2047eb069beeec24c114bef392c929038c92abd0e6a19b610e27881361824d57008b7373d0ab76379570ded76c9b8284fe2c247791073c29b2fc6fca05019220ab92856892d3c0dcc6da0b597fe559c162d060d71513ebca050d9638164b9ae271fba5575ade787ec5aee8fc253d1b234b1df561db3e36ac64b9b0100dd6b407043537b2b141f
Deleted: trunk/crypto/openssl/test/SHAmix.x
===================================================================
--- trunk/crypto/openssl/test/SHAmix.x 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/test/SHAmix.x 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,129 +0,0 @@
-[L = 64]
-
-Len = 16
-Msg = 98a1
-MD = 74d78642f70ca830bec75fc60a585917e388cfa4cd1d23daab1c4d9ff1010cac3e67275df64db5a6a7c7d0fda24f1fc3eb272678a7c8becff6743ee812129078
-
-Len = 104
-Msg = 35a37a46df4ccbadd815942249
-MD = 6f5589ea195e745654885d50de687d7fe682affc8da1fb09e681540525f04ecb93022361a27759b9e272c883564223c5e4ecafeb0daaf1abce6caa4bd4153379
-
-Len = 352
-Msg = a93aed0fa5e163a82c9a934aebaab8180edf7de0b32f0fe99f9c75ec305b24609334cefa372c7c758262dc8f
-MD = 66a16799d606c569d2fcd70d7d8321ec90ef61711481aaf7d747744ebfd08ec2e7aead49429af7b4ceec6d8e147ed018e034efbe07982699e818db5fc4b1d71a
-
-Len = 1016
-Msg = 433e88eb2f8aba562d15c18126fbdffb81d5d6c9397fa052321f5f78cd629708ba099b540da5451e949eeab8687a8d6ac35c531411cb37144ab5ff6a7eb46f1ab28fbcd2ea0444cd87c57bf7d3c02952dba3d3987da07622c16e7c086d90e88ad3d9d4afee301d2bad915d868f54197b70b23c9fa385c443404fbc9abf7e6a
-MD = 790bc4844e9aeef8938df0ccda17890556a4151817111a526a88919cfb172f0b03c216080c1b60210eb1942097f17b6d0691bf5b018b6d959198d6a694b922c9
-
-Len = 13696
-Msg = 2c46a76a9dfbae1f5e59f085e9c3d4b600c24b2d404d062cf948e75a3d4ab5b137a31397be9eb34b2a03c78367e0b85448891b511ddee1f787cccd498b172cb7e656c044a03ffde8e42478330fbe9c34072a9e99ce31b41757cc820d98e7d564e06694b96b66f4be34c5eadd0ae4e61fe6abbe4d7ccee855104fedee8b451a7fcedb793d469b0094c0ed07c97fda00dd8c1662b44e3ee6775a5ef6368cb662d257be561a5967893433a4b63f97295036a37272176d081545df00852bc5c4162324161296cd51f76433f2df867a5840f2d0c8d5be00b4dc89443d82175bf69c3bdceb97facae2b2ed68e06ae74fef36d8bd1f75f130cba509341dd54079d45de22845cc8e77a022977c7540aa3e779cb1127f39f825d4d78e55a967ef45e7c1dfb02d9999fd15af2914ba47177177d94576f1091a0657d9e04fe81e6be7b631fc1baae66584c9c26ddbb568750d77555c927bcda1fbdc15c7cbe3e3fe88ca13ff12c59b383343c12976708c0e3dff78be0e286dd32eecf20b71a09fee50a9d0b13c85a15b320b162690f399282798aa3291fdd2f9c40ed873e829388466ddd1da42f2de16aaa9272ccf44790cf3c95382c304e25ae8cb2fc9d9869808f3ee7d42cb143bb0c3a55e03db6d1202ca1bdb744e448640c0aa60d3ebbda5c21e623bb080f4a073a48822725d764e51d415aad1d7c5a7f17433d15ac7d849f910c375ee0899f6a576dada42fd651343383f286009902bb62deeeb2514de6af7f09892c20d0b238f6021f03b62444b1e1f21beeb89acfcd7136416fe7bd8f202e76afaf5345311798be7cb25351add2bb044d2380221009c4d1cbbaba4cdc8631dc0144f2778a6aa1eb3d3c81df0b1b2142fce111af8214d049e40f536c5d462b9224a978e82cc6c420e70ecc3cdaffb726a183c793845315f730fa4dac9fe46e4180397107a6a051f7f0a58ceb9bf4df37e1a81c8e9569187228e8037df2e59c52ba815566768bedc8e09d5e7bdc9f2bff23aaaaf133bb5a3332750f6124ce185e29fda0851addfa2c3d52bb6dfb530fd4ee27dd5bfdce5dc2f41debe6740274bc651aecd4023b098a7d622e2296b50d51b79c4e3f521695a9d43f038e8f273405e26584d3db179e7c1758114a3d39970df674580bbf2884405974f0b9c4b0d8b3287a2314f3f81b6991812f354d655f62513c9551b378cc2efa4c3e08b313c56cada52217fb6112eb8299b28445aca8f72e7170a1cd8bbfee4d2145fbe8d49c6af8831c4d4fc7177a50ee55a7b484261504af946c6bd5e1d6b89092f3c487c0568fa07c356fae9b8e831b8320289039746a435b122cfbc4a0d316bf90d481d3b7d979cc50d98c1190af8dc58e0035557dd5e94f437f41fab513202643a77748f76c6b77302bf40c392cd18731da082c99bdedeb70e15cd68bff596!
19cabcc92adcf122753c55afde0817352bc247d1170b8ddba1ad1b0faadfe0efbfc5fe6334377fa372c3435691f53dfc2ad5e08966b2d3525b1eec2d993a5cd4ff34278bd40dd80313a0727d05e0a932156152f3e11a190d8d69726f5c57d20f811e1e8932e86409ffdac96c6251c2a2976b8757adcac5d2de94931d1cbea866ec8bcba5774f8a7fde792f6acfd0f01356fd66fdf54a416af6a9397e00f848a2e9831627cbcbb52b5a868ec174e69b4cfa1ed72cdf23f39d7eaf4bdb318c188b1f0fe75655e34ad71907cdb77a1a2b162cd7c22d93dc45321eafb17cd60282e83736267b3e1fb249c307d49509f50839942f0f493afd9ef37db053a918e3ec83d801bbdead07554a018b8ba348fe9b7dd92ea7c5fc0e65a644ba19aa1fb6c022ab768ec7cb249ba17b9dda2860bd4aaaa3dc70ec009804141ad5ebc61203658e57a0887ec0fded18d844a96e79ba7e879c4253056f23e205a80ab1471953438f85848f4ab31ab175c089e0bbb97ea0dd6a67385770356741966053735e2cc2ecdd2c8c75cc045181dd7267584b901674b553082b2c58fb8f8be0b99306194a6f069f684535423304d40a268d55784a14260fa9c9cb1306b82f91cbee3c9f43dea9e50903135cc1c6505605a100bfa28564a2057974eef0852b7b72ce264815026d0759f691db618ef760edde73ec888e181403834f7221bb27a69479ec9b28a3fb0c3f68d4467d25712fc48ad78763f9ea6e8a2e85260225ca1b1a38b720e589fafca29f07257c5467cb74ee53189b8c81b784c43e93f98abde1ed53af60b27b13df6ce45001c6e1813de3521028981086f7d88ba13f6fb1a800f312fbe2f842eebe847fd760c394668cfbfd353ec14ca0366eccd7b4cd63318116bdc42e20a632a0d2b8c5cddb37bfc0a239ebe3800a787d2ece077a7968036b3d9b31cd906f888e3ed742cd769033e2c24c5a9e3c10b6d300db5a17dd88
-MD = a86e07bcd19080d4a83e1384bd8189f60a7dd7a6998406ade0bf03f805375bd823c7656dd51cd9d63e542f8ade41f16d73794d60d0906424133778156ee54b95
-
-Len = 100816
-Msg = f8ed40e878dc68ceec52cc8e2868722310fb117ca3a52e1839eb85d308b8aa00ed0bf0b76aec8a70eba4f0d14d2d85c5a0e876ce2c8ee59cb36947def6c40a587aa07b368ca8e8a08367018e45b984de0d7f1aa46b977cc18c0cd9b7bb897cbb2814aa0ce8f8c9843e03c86c19f2ba95dd2ac4a466a93aae4b3b05055ff148517ecf43e286c57744a3e10a14d0c26e139a503e7927aa688c78609170ebe3b54104390e5f6cf538093a67922e7210e77fcb584ec9b6844e829be246a266460cb442bad52ca47255fb8cfe276108c36e02f9acbd3d191d34b93d29ec40d80496d1c1bb5ef036221641200e905598c54bc4abb3527c5a5f6258e59d4bf54a0498c108a2725428efc2047e0096b32dfdc6ec69d5d72f81301f881ca62a66c22e5dab9fd9d90084c0a36b2f3a0123cc5327a3bc7a12fd947ab57169ac533e4b6a2cb80fc65b9b527cff9fba26994c7fafb5102a0acd8f9d246a3a54178c23eaa04c0fdfd3c0cd980d1fc7a72b25d74df9b95c3dedce8ca316870c654f9ebea9b806da9767cf40605a4b0c7fb06f6b3f197bae7d8cde9daf38530e25bc51b68f9aa23ec0e95199b14bca96c91f3db15bf8432f714dc46ac87218691bc66cb3a42f6865e1c30f8394c8e68c0ddf5851ab7c5906a1994a9af6ac1c44d0d6b95ff15d9f77825ccea40fb9e516d45888f2378e045d95d936d541cea9c8ca52fe5f7d0d919b2b1c59a42d06105ea4f2943c05178e59d67351c5b2c0051c93a4045e512884fa656b772cf398af89081546d920fd3d24ebd16310506a786ab33293027394c1bcb7b1efe46b550ac28529646e8d2a5ae65c59345e24b44cd7b06673f3ed3b9008aa568a739c26682fa596b7a655842cc6b2758b583487c78d14a76bdac7033806c5c210828ef313f8efc4072681f5fded748c31a58ac933b4665c445f07d603e0905e49b84aa55146eb1c1c99196413832a05efee2e64d6732fefc629b79b37bb9390fcbed7226b412204bda523b8b8af5c4a8bdb263ef9f3f6c7b9e1de3a1dc257c1f33b3d54a9101be5b4f2a9db319993c2cd137c41e35c434ce52e859afd1a635af4d8852252dc5e28c729b2b4c96a56d57f3f3854ded59fe612b9b3a51fee3fc1c83db673b0cc7433bff2472bc74a2eeb6706605e308690fd072a7042ca6474603711d8310909e47063f46f287260a26c4f11fe492298a0f98d28c45948a4899e08fcf443a6ba36457dd8329314d53ac0fd0819fcfc3357426c5bb8d3dfd706e205a81091cf08f31cd3459854f3d07e503991ba5f067e3c406c6c5396d8257496f4ba3703cb1ba25c2fe4aa54577af782cd57e85a88a2d75c54039e8b7bb559219edd6e81e41acb6d575d6f798afb2cbf7f00abd5c9c7b0fceec79f9a0fb040ebcbb7bff3602df7b71357efacd37aa57019350bb81213!
508a006160acde3dae5c42f03141887eaca22d7b33d6791febfb619d11ebabb13e6c5378e9a72e852ddccd31cc53a43275966b7042ddc51485ca20e1c456dcc7020cafb5407548b044d332229911fc74d7fb97de25abff7efb431da82de2ed7e25d0dcc06ffc74e57ca93a6a9f64d76a5c39776fe2266f88d6d0229b527525fd2e22a1407e26f94c5bc6adb1e7327f3c8bb8d4c983385c579dd8f5623df8cd6da569c7de73d9210e6b9253a177653a13ece075940fc81016d8c35fa4f6542df5120c174158ff32533476f4e059e35117081a24798fbdd1eb10f82809836f8dbefe755611347f75423dd8571695960c6f66cca71f0a01e8fecbe1183bee3335eff10b4ff8104132040e2145ec3164b2448f60c730887b9d7894e5f7df3f876cb17136c99cf32db1c02fba860937378dbd093c4c5112133781f06c8ca07c527c2c085e8ba5e52b399f2909e217aef6e3035ecafe2caeb1004069dea023af7eab873deb5ebcef2313c9827821bb9f89fd3d1570a569673d3ede86a4fb13dff242eb98450a8917fd8865c56e0a9f11d72394b79808b0429f3a83cf2465161596887fa2d557b367a1de9c7753666b0cca9c30cba9f0a749c03c55cdc7a6d45852c76ce2010de3e7f75d95228efdc79949b238d90b25f983868b7f07f585f7b00e45d9e132f3c09ee84f794d899759be3dabd46a256f4cf8da71270617cc2425b24cef25d1d2f3945afa6f81abfccc858cd02e05619649b1a5347650934105c02622d538447223d136a8a0455cf3c6f61f696b32266197b5cd1d936fd3ad4288520fb4a2f59bf95e659f33210446ef18debeb679dd99de0c3c74a6eb3dd783861f5db4e94a151c42ce27519d0bbbf1f3b1163563ec06c8bfd881d94a3b896fc07352fc97ada73685588a2242da1b718f81bb1077bc70fbd58b8b52163489ae403838b533851bec30ed0ecd97d72d1af534f3703db59f1f563bdc39d690a0e90e545506463a37e84974fd7b256bbb912cb4077d3e3f5bdd4bd2bab713b696c830b1f2185734c4d2dbd49d5372fe8b813ce73f5e01c36bddbb376ef4541033f2b0355613eeda8951ebf7377e08f967902eb7e23c0fa798c6ae52401721053f1095cacb1e9496500e83c412236fc21566090b3a3eee55aa402c0b774802fd81c9e8579761cfcfdfb1aa23786b2dc35dacd5ca8d8d283369f53e4a5db18060c2c6b0c303052aeeffe169fcaf7ecc63090a9ade245045ab9c8aebf738772297caaef5f857322a597846c7370083d409df27612e47b0cb240daa3cfa51c57108612ac0dddb0f59791289ccbdb3a2cb1fa9ac31a23dd5440682fb373bf0c1f41c4fe2185ad7c53eb69552807410053b0c2d40132250e637b8c425e6a35d93333b5b7d0557927b6179c848ec455fd1ab38348c0e96c60b2da49bd15118df64b6ce4fa48fbc555!
a4b2874141718e731a40b85382ae6e86ead31cea77f83bf5c063bf1febf71688a832d615e09d6f14badedeaeb6ffbfe343fc7274e78cd46a2aaec0a349c5f133291ee57cdcb65c5474e46294de6bb50886bce6c6f44dcb95f2a4761ed2e6c9e7bfed51e0964afab4e0f7e0b07960f2590baae66b1ec9a63ba0fb6c0d27e81508c51487dbbdc9beb8879fd58c188dfc774b3d0ddbd77ee8bdcdfa0ed8a9387728e12b13e8b3c10cc1c132bd822c2147c5ddf9a993aedbf78ec256db1be76644ca8ca7727208bf89732657152d34e948d73c47561d156f773136684d4162d02260300020123d13a95f4f835907c344942ddeccafe2abb7dc4792c4f1e39c24748c63cba933b16be0b8853e058c47a1ae2c4dfff39ec2339b345fe3557d03c1df91a0607a711636c4416ffdb73532aeeb74f237ed8bf971388a0659e4682a46b8327e751034cbf2c87c7828da9d24baf07a742ada34d1ef38ab1e8f2b4f801192c146600709533e61bc2665dc1e9e6441bf3c4f6643bc0c102a10f9a69da5b0e3d0a0c7cb694c682493032b5853f02953b5c2fc0e1348565389762fc2dcfbb34fd305f2d9df080e859396ffcbb7da78aae0a0d72e3de76c774bc6a81c87f2872b6afe97ced5269009304a4992c4add0bbe24e57632e19ad0fe37ae910193aab0aeae32cf6d618ab33eba59f6a04fad00b1d2403396e6fa661d31b695a1b349d62f56c08fe6c6eae7a482177adf341e51d03ea511d7959c721bd20bf371860ecd7fce1d25212891850b85648db0a039e6638d9c78bc958add3e41341536b5007be63fd1f7e3308876bcebcb97dc3b05a7b2eaadd00f8fcc8dcfa7b961bbe727c9aed1626ff786d6a0ffdbd1002cae8a7d047b6181962a686c152b2341c7c58c9f1dab5af424d183ed1c7d003165a1d04ea3683ff31a0f68615af6f91c21f736e67df641ed31b998445afadf9052bbe004d5dad08f62e5d353e42fc35a92242d8414d99dc4e7e81c8c027af686baa5c185e3f99abb3855b22cfdff0a62e2f47a632b7df8e00e0317af5c24ce7c64077bbb15ec27e062070cd3eb8e549ed9112469090ad9a96eb59294b021eed81987178cb2dcff67a9a2e930f6032c753e203380f8a7c987cea393234699de03a1d09ce204f0a8b6d5cf522b6887174fdbccb08f3e7c4fe2f778254465b32766c48812a45151ac37ae354dac87419f9476baa27e24b2f322b2da4ddf579750684a5881bae2269351fb7de59b9d5a4badd8951135f2713dafc57215dc626ee170fae7f20bff98e36b864e1fe0f0f9a300c903069bf0e0b6f2f8e78423cf6063e89dde6c81efcf26ef15510563c84730f611ac879a6628e55115e1a29de6945d37fbe4f803fcf2e344712d9e0d6f6c79f8773a9f199b705235e20a7830ee3357c5dca29d7a6c29a3d2628bf2c42c8f076cc4525301d8!
e1860729070dc53164d9fa08bf63cc889eed01b0130a7146d860bbc09ead3865a3082db0836a45f5506c3e46e452e298764939226cedfd06700e4e33c6b4a78add601140249596831e97f960b973a4e4dc3fe2813fa34eb47f998ce57270368fb81719a09298a223f7e3931ce5cdfab3f658649533354e982c87dc9e49eacebb5bb4af9a767b4f1c03d774431168cd4fec1b2726f1aae3f9a062a825f3295557eebf3af4784487b869fb049de44d03fee71194fc200af72103b157431935b5ab9bc122773ffd313d52d7acf1078386090fc011de695e71567cfd51c06317d4ff8841ceeb74ad35f4e5f4d20921123cb88bb2079674ad39e133cdfd6478d69c9bddc7a818be5d7b254bd9e0abdb030f52846fdfeae8ff370a51a9c5f6017af3c6c3db17c5c614ea18ab0e3ca0dd5de621217dffa36e5c5318fe191040a50cc3ca620683bc34da6c142e1c50afce28a86b8b66d189adcd755561a647080d93f3ede1cf54c3afb7e863fc8a82a2576d3f79e9b2bb634e598507a3d7d017e0176b7868bff3a3dfb4474b3ce03c401f33929364e727fbf8096b77eb351435c7a113b3215cc6246dd86f1517a7e550cf828900248f7c1754e40fed62477b296a37d3e53231360d012c4908b466e49b0e620c0a5031228009f259b030956ebd70e49357c3c3ac2842b6bd6e3ca5a3e985dc03f7105681fec03b320a7ca753b782ad3b52fd9c8e3bd980b48dd6ec8901dbf756108e85015821c880416e0693e0479cb31c0743450f6d9214afabc4feadb9bcee9def460a58d3a02d9e3039970068b8e3fd0a403a6ca7f2c71ae2b46ab3c731b1e65e2104c47fcb1f69e7c8c6df8c09b33f2e1cd4192faab316a44536dcac608832019f5765cc5240eabe3c87445c980c299a5e7ae0acc2c2ed19fdc8f011515bcb00476b03633c7669db1b44f97f6cd402778e9687c740dbe5686789b79d0b13f784a2a866eb91ab2d66f064c49e8df513ec348fd7272ee548ba08e1f9f99696ffb53677550d59c67f88404f6e610455a422d9cd987493ca5c366a397dccface2bba8e3e99719dafa768956cbf6fd8defc4104b8925878716a0514f70cbf3fa2c2bc2f66fabe654eed3076257e71117665703eb88c79e4c2b94e8e856e7a6ef90ee2a358409db78b98056ce1750eb80725d70e35507fdfa5933a61496ba48fbd5555717b33b59d4ef211fe096aefd478859ffc97a41372023ef114adcae5a8d5e03c21369baf1e7f417cb40326bc6db1cdf0904651dda3c1039a2f1755e7c329f7c03bf33f324206ce6e1638711c8c9a45f153aa1f847cca2a5d3af1d24fe7a1e1094819e8e712cbe10ead1012b7371b35cbcc2bd5b10505fb63bea20ac81d25e83ed0105e7595b6c28400f4d336791ce4a584323d0b455bbed44392c5f86c9d5287593f6986d4b0b8f9974a7a4157859!
ba801251d3b44b2bad84f29cb87dcf1680d6d10d1bfd59f0c95fb7bd07fdb3ea2fccd6e3ee80af438956ccfe31e750972f893ea5dcaa26d077fb3f09d990c2f41c8707368bba007803621ecd76540cdb8705435d74f4300eee04710a936f241c034709e625b0dd5dae1f6e86d034426819c365a05f5be420cdf4042bbff965a666a5756f67259448ebf742b6ea189fa17a4c3bfaf651d19a8a525f09d9cff637c8fac02eaa58d3ee3f7221da1e61833c0b183cd9f47686f09597e8115b435454acef80c079eafaa22b18927d07bf8b7c5ebfdec9c42a52b7824d45decef41e6184dc2db1505ca6f94172fafc10731706e79b9856dfede353d2eadeceaf72a302e3492d7dc81e3777e4e9e1f3d33cc4402833ffedb241a75a09e9495d671f80ad3acf06823bb04a92b815edd0ca7d01dcb3318c1ae5c62d3e99c0ec37908b45b51dd65f6b45b34ede2d6f553f60a45e20fafcb34ae4dbd375f52a5db9c62650deeee78e955087c2bea75ede7c304347b171fe0c1a2a033894be6e04605271307f307b2a9cf6ae24b8c87ce033a3fa4cf2bacdfcf54fcccb1f580476c7d00c631a8529a9eea2a713610341e0e25609dc8927e51c58a0a9197a54963b5cb95877354f4b8316df02ed2bea367704a12274d96bcbe0d0d728923a368bb8ab98d5db5401894c822632308ddfd309071fb4b477d8eac0ea5dbbc3e3606d8510d9051dfb5e4b7cdcf2c57c1b76902d864c3109c901da53019ed33cea84b407490486ad9f980a8a63df3d2e3921064afea137f35179130db3351f5bc3f5e7d590a5ab08b5415efbd345f9d57b71ade7dca939efa5a12d677b9af0af14468176a43712bde10cb15787c18bf066eaef8abcdea77d3a0c61d6c74ae7b54fe90940d0233e4b874c9a141dcc740d7fff43b9fbbc012a933d890232cf74fccb7ff7eac1148e203c7381b7f1d1429b1b1152ec25cbf7562596eb402a9328e43b5dc5cae36592da5523f0b9907a6817ecd395a7c778daae85bb11372b20641a04250b77b3a0ece885d07faf9622650259b874536d6d2b92181c834dc111b6fcba483167be40ecc922fb87006f63b9e8e632879563f37a8f712db9fa68c1a20ab239c0116fe022fad1279f3288b8e74a16d447e467b6381515814dd3aecab5c2a09c400b44e9100c04c720dc7e8c6d9460002da6c52004c16999975fef8752c2f9c229cbd9e6446b226cc454bd68cd665668a17328bb30f301e92ef5c7a2197a326df5c99b422096de8af231d1d8872e6e505bcfff026d4862f28d4bb3856a66ced22c9b0587451d8da4230a38561b5b1c69b523a4701a2001382aa82fcbd60733a14696a540227db44aef346d6c0a7ae5173604d59eb828614cafc1b8cfecda054dcc7306f73925e6d1af56ed74c51c6cdb66e9fee8d7a0078254fedb0c0f5dc85a4686870709b49!
9eafbc8451aebadf848b0598ce8f955688bd2d6032abe10d1391d67c20a049841f95d2ee0c8deae2bc1baca0c098d8718cba1ddcd968981c47cd98d247aca4f838f3bf16d092eab8be8deb1f8d504d37cc44a8c96c9f22f2698036d4ad3bb48b31f109626565c147d20a4a7dfd61fb918f81548fb4f78875c1d138e819f6822651b93a3c92ad77793fba5222d870ea671f9cac967919d18f96e92778548415b2e170d90b201215354fc48a77e62823a2c2bb354782ad052732f08beb278f751529416f37d83ea26248517ae2ef2ead28c1077908995a2d25db0deaa957bcab39715283287fd626ea7388abccba2d90e364a7ff4284c84f70da68ce1aafb5be0401cb9d45e085aab41892a49e10cbd5baf2c34f5e0ca076f2772abea6f622b66020d546f8c2f134a87f96edbeb9b08394b585f2c2f98aa792f97b43b5f3aa9c34189804a9ecc2cfaeefbd0f967d85a25bf3136fd8132dec38aa82e4af6ff677682f3b62be27a180aeb22f918c24f23bf6f5954e0722324cccd06829fc32ae4fe3aee6e5a03b3651900e13fb0a759e544d033418b6ed40d037b4549a0404792c8fddc317b7f028493c4c91d6773932f8486417544f3d007e5f9e6fc02fadff175303f77f6b0e1f709bb3d3a93b38552ccf62688a39da1a602dd5e122e6f4e9171769ada5255cc5cf938dfefcbe3ab0faca434c42dc8c357e89a3d1488fa3df35c3580b124ba3bf6d0d203d586707eb692150ed05a01bf9de5c4e67bb948088784016394d47abb853f2b6b643a066ad81bcd1735aed4e108a8c1fcd025b548de874eb60de7f3c568728959147d1219e4b830e06ca2bee1f8a035e28a54ee6958d4821a84e5d1e41139905f7ec60fe67ce5f4eccdcc2c3d1e4a753a32dd3004970a4ff3824471822fe2b5010b9b6c6b01336dbf0181a95cba2624663215468519871cc39e8a7f4a151c8bd03363b402020f2fb98069b2cb8cc1b7e930938e7540d95d1d223e47865135793f9eb573660ff79f7ed2fae503e68ba44596ee745fbd8fa562c5c666d174cc01b1961736e18b8b517161ab9c8058026e0ddd6c94aed0086a26e1b959a5e05eb9d8c1ff5b2ef518ca23b4f265db61b499a48cc46bed28d23ffc1e8d9c9e345c06079ad47c88dd4e8e286575bd7f9420ab9c2d5c6685488b8b34d4c9ac04e1427ae0994cf789b48b01d1db9c2fe75fc5187727bb11119f82d0739ce4048467a08cd635bf78cc1b6cc9c28fdc199d351064a81456f81c9e56a43aef7332973804b06b18a26caa62523a7d0acc272ba49124b17bb68800d5756afd34ddb2b7e2dd8a118aac3fcf39d9f853c4d2c4fd3ed5bd25a6604d68d57db93d15aa1160f8a97e6c24238e84f272780966867f9c644ca2775cdac4af0ece036cfa6ebb1cd9d701dd7daec5763c9a4de0385db383a5647918e79c6a6de1f4!
ee1f6b722c561704c8d7efa4710d78dfce8ad2df0d3d82cbb59cef0bcb001f70bdc6e17af1a720b117fe02bb1dd527b18e6bce70e9447cd0cc85cbcf431fe7c006f5e4ef878a974a93b25f492847c9ae020583c9d412f4124246164d8f080b615e2eee267a7aeb5fa0974de52cefef23cdda7b305a33a91e9b50471ceb72dae337c485d636e28d6ee31f5705983808b1567d4d4ae820ec445c56e6a404cad6b408691475397c0dd6cfad232106ba96e5104052700a653e21f9ac6d79578a9f52548f426a1e81dd45bae30acdd4d22a2dafd633564d6b2f45e7d35413503c955cb0a9784b42ae8c2a5933a6729f3922f969a158540dcd201ecb6e32f88b5b4921914a2e8f424c8b031f115ea5d23a21e6f22439ffd7e5d11b08df729f65613b4f6ad3edbc9a066a5e712ecbddfa6fa764cdf170c0485f82d924a99b7e7ad8dc44c1f93e49b6469a9af3de5691944413f1417b753bcb84d5b7a34f362c383cbc802b0c88bd23a7ac471b9287571c42081b1134bfc8ce104a550942ab1f2a074cb00a90558d6e841ff15cfde6951f03e450a1bfc90dec6c513fcb2692ddccc31d22e5274d41036656183c72fce208e44920776f196193137ac67d6d65ce9cfaae774f23a86e6ee8ff3a4e9422a4667d971906e5496a4e80278774899c882708611bad282f6c1d666bc5e7c40082b43a6e98d494a18e9b3cf7f154fdbf90d786e59e83b72ad0ab893c49aca50ed37ea5202e650fda54f5c46ca2a35c476f4b009c5e6733232275abd1341199b63d22386c484cb95c43ea90e609c407bc79ddd00609cc2eb0d82848db239b249f164b7ea384d0239fe1e64d04955b9297472cafa2ff272c5c78100aaa86cdd8120556f25652a3c12da5853338e3be8f505d93ea03cd1cae7e78e95befdc0e26b760d11e05403c348e0523fe036381408033c009a8e1f117af5100a6eb91f08307df465c20bc1dd029875ef7e49338689f602d98f2dc690a57a6f2864e57098f8bd723574944ad3688b292db6d01387a16493912722ac8f91fd12b748899bdaeabdf0479df788eda440d7bf30d1c25d78d757f00b74bb556506637fc1ab87162f05d464e63a6272db3fe56e9357275035d6b6bee32bd92c4a1dc94778551e94ee1d8854f767bfac3811bd0287672aaa01ea18c25650f05a68cbacd9158e479b508e72df778589e1e03dc543b60bb3b10399e5c50de9e728e69774fb3f5fea757ddefccd0f9da75afe4b67f9c54aaaaf646e858fb001a6deed0a8a769ecef0689c988de566b6015fb8c40aeb5f2df7ea4bee60e8e69d15c4a4aa5411dbe63fbdd6418cf025d87f37362f15e22aba83abe1a3de9857c71c2234023b969eacc0bc526363b7f30b092ca114f2a6cefb34394d146866ac86a33fc497a8cb8e2a5bac398579ff7958878421fb08fff4f8f3deb8c9641b8de3!
92647df3017a5467f9d7b23036935ec6e188dd6dbfb544b8a9e04a4b3c7fa1e4d1d9879daf69986b8083e6eb023a4b5eff80fef17f8f65433c882a21565a919448e6091d1b61013fdaf9fc3e45bbe827c9b4ab10b05600a1961e81d31c7404f8e0d32bfcac2937eaed811db167dfdc29286b0d51bad2bcdb9dea76eaf495a31a7fe717c1c98be374a36271cdd06ed06c02ef4c3c06cb42f73b3332ed488416010e6bf2f4dc4dade6e2e61f19e9306bf941868f59fa0939005743dd647f0a04b576a7e71d4c383c479453501e18ec56d7cb79fe31ff534afbd8609ed701ef163f9de31bc58114399fa0f22b62c66c380e8a10c34b7e731df2a8d39dcf36fbf3a66d67b973e3a94bf6ee0bd96f5c76baa76492032fdd2f59ecaee403d486f543f2cd7ae7b0dabe1b5566e681cd40d384a94349e9668650a6f2d2daf86c59a7b02ba466cd03ce1d50c3f0ca4c02dc4b3d1c0e7b9a77df9eae0bfcffa32117d7e05adc7195f4278c93497401629897a58d08ad7141ea52e0163f14992d7a284e7b875ce4640b4dd48ceedad1ea17d8ab1e760773044845e0899602f1bdfff4d42ab80c0765d1a8bde2ba0a830c050923956d06c80b182264ad19ae4f7c39e43195f7d421bdcda00e3eb5ec5ef2ec91d69df691ba7fe250352acf01fa92af5e2c634b9c7c97889e9147e869acc153d88cdc18908f882f371ba9c1e13c26e9cb8e3cbd4c5e1988080ca65a67b3a4c3460cfadbec904d853fddd2f5375b6070941fca53cc106b5748480213cfbdc1c34320a0478b05f76fd0454c75eca069cb1fa7b21704dab67dc40d041c8a1040db378e76655636ad725219c049e6536982d6ee9f11dd032280e622547c7ff44a938a1f233c356a98182d22d5770fbc871e20bb37483dd5d6ea1551993b95b30774a49b50d411ebe0e8c92834094e23ec2664d822c40e96fb42b8607b62b6949e05edcaa436d0ffac6a8ff384068acfc0220c0b098d368fb8113918a4f8c9de37cece74c8695cef2427e54a6e77ad092a9b7f1d94ac9f0836deff41b905b5dafc58ad6063759b0372a634f69a639e19521825d66a282f489c3172a3659264d0132af3571e637782bb6fe5c0afd24547612166fd3409d0991392fa054ea5bd07a4cd0921a13ad7b62a0b5e6d56cd8adb7f3eaa5c99576941c38aff311c49a8c9d8c755869302a2e5e40109c8365a551cd3f859b9421be189d3a0e9ed78830d5cd6a2414e9cc4c25814d94d98f8848e5386d6dbddd65d22b96c5d20020a5dd409c7e5344065871e57e01c91a443501dc8bf619890fe231319b5480c3879dee618d319962596539e2970513fb5c0c8eac3a71ff99962779cf1d7e916566d0e29d121c5cec5d7302a18ed00be9316f3de8c669a64c2a960a588f9c8a42690f6867cda7146e8ce27aa6a7fb27606eed9df6a235a42d17ce!
71627446e206e879de56025a66556263f06684dedcfd6f083d6a707e5fc8f8212d716e062f0f7fd0c2fc62bea93d68581265a803c31cac3f8ac8939c5f8c464ebd19df42c7e8998494af614c8383294f3f3883f2404ac10404759e182a038c97aea04a85530ec005e203807c5bc30fa9f5339b32fb0427e64915e29a25bb25ac60b92256470e7de5298d42c6b88995f8d2fb704e49d55b66b71e237af90fcbfd71d9093e1a543da2e9911ac4102346dc4704859cb33ac5f5dce2b3331a9dc9fb506461a5436c89bf90d39afcf93cbca4cfc35da6ddb112243928246ae0d1ba269b0fce0468d3ecabbdb925c9ea3241e2dbdc6b151fb4aa724a42f98b0248171fa01fa103f116d0e7deb65dc359b09126f9a420300fd209508ec7a50be56d5b470e387d0c52a1d104625f9571ce1404d1b7af3fb00475b95f752ab96610be112d33ded48624015781e7198f4dcdf917839471fbedb43c34efabe09941fab6b342cf672a29dbb1eed0db788dbfcfcc63bcfe80f7718571f691818dd6f839e3cc282f85f03fe0400171cdf1235049fa53de7450b4c40ed398d5a486f52124c1c63de2afc950e81839f52d17e2a7d32f82788465a65da6cd763c6360763561ed2bf47749080549b6e2db87514e1ee1c85a0bbd346eb6e3cc29267cbedcad67a287fc5be65ec59ba8b6854b31c83dfc5155187d4150685c5c2c342ed68b01ac9e44b60f0c100a347a0f93074dd37d8956fe2f43110dda66e9f9e6185c23dab74cfca21f3ede4bca87687549ea02662f45dfa0ad27f9959a120cacb7c419810e1b1a50fad31c12c47d5bbc61bad77044aa541d29faa6126c60ef088b82eead17a52843307d4bf798b853d90d14c5347ff10615381d85e964331b7a123d15a77a6790d93e920052ddb4db4baaac5e2b27b66ff955e53b8308151c81da4711189ccf0eb393c5bbccfa1f6c94a8d5f4bcd266fc6a12061967ce836ca042257368f567dc42de6ce0be84449234a6163b72069f25b7ead4b2003e1a7665e87ccf211abe94175d1c11bff2c0b6bc110194d34aab96934ef59804cd26e4434ba166d9833fb091be37b139cc10748b881c93690528a96ccccd2dbe024510b8da37dceab567dc52706461c486a0463369cbb99bcca2e8a4d2e005c45401964722a4b3ed37c351c9f21685e8992c9634349379f41796deebffc2928058c8ef6ea37c6e4970dedb78d1c2a00ea9e1ff1e7708470a6c60e6a2b1e966aa872776afdb238e97f716b3df8dfd42bf0f7ceb52bf9eb33731bdba5987b8f48b4599d67b383e77413107857e951ae0625059e5616ccb41131df9a480efd5beab3a9c99615921caedc53dbad675c00ba1030577db1d22731677914fa958b44792cc9c19e2ac71ebe61a05ee67ae7116e39e1c0d103f18bbc9d531164360d901da8234d29fb0b37cd2a60c7aa!
2adb2a4b297ea2fb14122ad95bd4592ef86c88fdae1e37dc8e44ad03c0fcdfa3801e93796771c5a2ec1e4ab12a64b3ffe48e7442c6224661ed5cc987aada6e778399941f7b20f16f94fb346b916be87f005c9c13789741602039d38270643cce3c347565eef5ee09139330301951c15756be47994de6f1802dc5131b9b011051b1d87d744756831a71cc8528487f032fee9dbffccc751e6a1ee6d07bb218b3a7ec6bf5740ead7a47b6907d7aa95b79aecedf4a637ead8fc6fb8654c93d13ee79f5d6258dcc61993aebc65e4fc14eea7d006e31f6e9f60e3bca8ce52ec559876fd20255e507daa99b185671ce1ac11d448c30bcdf97b9617195e0ccd2d15246308dd6cda74a8071114327fe203b1adbaa780f3243105c5111636a51dce966f5652e39d4f91abbbb4576234d6cacc3ec57cef2dd4dda49a6c33d12bb7595fd5ab5bb15b40301f34ddfb831a5dbf62218f496c003227fe6282e2ac054c45e7f3fc93e51b3ee8690f08612395095a0a12729d663eded879d9ffb325c62f2cb546a48bed51ae232fa6ce28a2494c132a6e09d98c2e3d478d5d2d15dce2e2665e4a3db448931068b99899c2bd8ba87349b0cf9e3c52cffdcf58a59b4fe0089b298b42ad7553f831bd60f5cfa3e09102fe773e4c05412973a678f3b3ed420433cd664dc7f218e816a17c5c9013ecb84abf2dd073557dbc41b92a91e0339d57b8b077a9a44d56427fec5748c47c1460b2e2412094db6d0ad06dea0aa0c1368592594bf0b2f590a9d6149e44dd4adc4cb42e5d9940d59397b83b33b88604c210694e3fbd84795c80c1b09ddb3b1ec8bef6e9dfc4d7f295e551a79436007ca48aa605ef5a89571e59cb26f2766e564e39d3bb441deaa0c8664549881d90a77256c0f6c77241fd6ab74b0e2890f78ff16fd2f9271ef96ebfbd0b878ba9c703900752b7447f4efaa60bd9dc9cd5673a36b39d49f54274caf03c0cf82b95141fa20ed3ce02ebf0dd74d9eff8eb9e2dd3a2976b244b12fd33ee75c1f1c459f86a1cefbc817f42d7f43ba406098165cbeab99df4fe751ae3382efce32af252e461652c7598161e74fd8eeca474fab6b1ede039935f2fd4d7562623b90a422a78941f47a76863d95857c33653d1b42b806bbafcfeccb7bb4a0c58acebf6104b2570afc3ca88e4fdf2719cf39c964a1ea7d2ae4a7fadc938abc95adac495093f6b959b1347501606b3f960b6d739291aa8c13eb49e98b0f78d2b91400b6d8961cb6165c8b684738e4d4db2f2ac30ddaa03a5e0cde4142b625e81907f08c60d7cb5729456806c89ff0efd08397423e44738ff38f8e88684f3a099dcda455521caca37ab4f4d9ed5d37975d4fdd778b97cc93babc804864a35e3a2db04598152e67a2f1f157681c3962d46ada23ea5d9a524f9cdbdd08a07a3a85b1f6fbde11d5a35c7743b83bbefd1!
9aedf6d92241d16aeca7f33cc51839b75f111e8edaeaed808daf2f43fdb3c6f032ea45052ac31d4870c4d0d76aa75d0b88635ce449054013f234c4a16cffc58c95ba1cb8a0a0399861eecb1039bdedfab4d05f0270c6b16f03f6b8e629f687f133ebf2662c7f930530746679aac2791f54d6a95bfab5be0c33739074ed4e7ae88dde4a8036a7d6095cf41776366b6ae3f8f4a0734f48c275e129cfffff5e0abd042f99a957bf6f0f47fc7288750f4fe30198f8cad7067b36cd87ebca08abd3f9475e7443f83cca91a1ebfc42ef3494871f51f6d52a5524b9391c687571be5327c7c94ee2a096653acb410917fd51e56a92be4f24c1db6b97b465ca84c31c04c2f61eae07e952eb6554aa4d8a380d9ee81c1c462c360fcc3cdff2867a953b655562cd06162af8b99bbe662e0c27ce4d9a1c1a907def48a3231c2110c930a2f1498e32dbbfee0e5c5869332f3024fa5dfb0327a27c663cacd4e9902de34dd93529e90eb347bafa5035f56fc578e8386c7571d1f0ba335225ecd8be026b4544ad70f3af11501a53119ee39a8558ca0ed5b3d897ffb9cf0fcab55a0942d3bf7bc6b94ea27a6b748f2cfda431f35252c44610b7e843ed91ebf7e8fe10638f04f52d6d5a7752ec62350efcb7c473f80b1f2a26805151e8346d39d23551e92fbe372df7979c3f756bbb43f6bed09bbc6b65fe6fd241ae1c2f1a0d0b805c582853b85502968f9478e9a84895f9d4ef01ec4f3f571e57cd0bda68ee1f6f7e14fb6e0f4ef8c7dff6796472a935294fc27b16216966d5021339ded059687355b42b55926854bbfbd9f974a0c26eadbfca8a6183093996cf252894e6db910c71ca3ab2e82d90d371c36b92c9409cf7937bb266ea9b29c41d774aa522e103cb30bbabfe872b57beb027623742806aa7694a859ede9bc1fd7b9e32880b064b0030fce1a0e5cdf3ce558a5feaa32e323dbfab6661c5878c9377ee52a615b7c17bf1228e328aa20f92d070c71561969e1af532e76835fb0436810c3d87b982217edfb1143bfc3405ac9f6f3a50145608dfa8658b0ab642a347255c55b59cd1c5897b2cf625a0f0706c30ca1c1321e90cec57b7c3d1bd1af455e3732db80643383c41eaa6781f63da6233360ee720cc04d171ae2445b0c071e339d547f7ac32f407d29ec7abce0a9e1ef5276544877bab2f84bd2eef47ffa66f96e7170cd54d836c9badbc59435146031502c1a3cc744a470f693636d9050c5b894d2d6047df60eb0bac16d905d46cbf017ca69d66427cb88036eca4ea9d0e579f6bfd8a4a850703a0fe49d39c107c9358e98689fb62bd0475aab4b2031446b437c7f9e373caf0270a28d7b15c71f02079dde401e26175bb6e392106a9072021f0e5c5145a1db6f595b032faed8551f6e2ce318db1ab513db876a3eb42d225014949c19543e9c5dfd2290e28c5d72!
c87223f0195ffbcba1c02c7d0087721efd2af6881dee7dba7565e07abc35bc3fa41c6a4d6a313222ac6dbb117c69c62db2691c68869ac5fc5e987b0ae4335f815c73ea4235da2582dde81d6fdae5911617daef847be17f2bc09edd88830eac03977f89179fe03eb2dc3b38df43803ca2d38455232549110f4580ec3cc04c0d8cfe493013d2cde47c506ef6a8dfc42d998f70378fac5ce4709345926dc477e9e339d8c87ff6287ea6e2873e14d538cdc3f2a47e0e37a2601652f5b665b616a7d1ef3537a3327a76f93990f7694e6484e7a52a10e9eea2edc92b99406abfb2b11ec86667c7af4a333dfe900bf071d1bbcf4f0ad768fae4f450c53817c507d26e926e753e3395201d3ad89061f16706d841994abad283f0db74cada25beb5fe46f48669a62e0b849cb77097e1b4578b45062af4a071b04f0cfddf87519cf2bfa10ebb4b860239ff187e6dad73806ae968e6ac0f738baa88edb3ae4883a9e59be7a6b222c5f54818f95578daff9fc7a7aba8c4a41a699923e85ddf24a32bb71c808516f64d506058a70539276d57984d75161cba7d53a4a864c51a249a6b8fcad5738dd0055ba8468b56579ba5f102642df65c598490f3a0c9b1064f4eb1962c4c38bfb7d55d496a0b0f7b3f90b42f733d112c89176aaf937eea4bada845f3ca4e9b56b3a5a06b4c90fa4c1914ea47020c2f32531e270007ed389246906ecf2c4465f7cc5d6a347583dd73341ad97199021819be81100d867d628323ef7552db945e4c0be604cf6c4a8197958bcbd6c1879387d3286dff979632c54baba2a35ea84efd7726b662b94fae61464d069e0103692599fb86fdc3a06e01c6ae3deb3de6fdb21806c716e5f82b784e4ad3f0e2de629a18e3a2309003dfde9dde8e5101b83312f76e811277afc286b56879f4eb80468e58c60bc088284d05d725ddfe3185b7c51b472a7ff7db3930839142d4a452ddab628e07d43375801d7c6a711a55b452748d770b84ede35920c1ac74b595baef963d21df9418533fcf959593ccf5afccc753e86c4ae231eafe77a158c2472143faf169db29bf2b53c3288d8b3c9added65778095f85e2cb471ab58362041f0a27d874c42bbb06385a0403ca193cba67cf70029cdb7e73c7e2267b856fa0b8dd4c706b45e7174659b0ee2891df911724324f7ca5daf07c912b9b2abff762e62a1817688757492975db7185c4695f3a90895634b8d07453b36dd95197abc31d5d153dfb0d0ec92639540e99d6590f9b394f14c93a5e829fbb33616e810f59c502be44a13b700fd3009545e34c211abf9afe1bb8ced793c6f516d40010649f83a78ddbe9b71d8596582997d0aa54192e1200db61dade30500d72a184ca7dfcbfb80e5442f489d316cc8b75005564835d4b11c482e2c4d0d160f14a8b13ae0a0fb0ba5e3b782770aaca357df0e1c4d1c3b2!
8b776a8b3e0da1abfd4f7190673fca1e1c5a31c688d6e8ddb21300e4178d07c4e854a718ac3f672b0120d6a54c16957c9ec8c444208e47737bc4eeb0bf2d801eb2fcb72f91fe988aa75f38e6cf26e858dc2a718580ff5d281d13e8fc3e3bc30c75c0193481c39c375a5b06b962d9491f3f1fb80f1cb27067f0709e0b0730573a9b5f5bdbee1708ad84b4ceb1a9a61e4c41e90655764057bfa07b8c81cc83a315be1aed6a49715479c0fd0f53f625fe6c7f36fadd001149ab978532e4d0de3d1a38934c74265b161899843704fad16ffc6189f42a5cadec98603e0f98c6889bd4a559079e074cb40678fad4690a20d988735280a1ee8ea71275069132101b35c18ecc9d3c6eceb4cfe9b165e4b6acc17d4f113ef8283c0fb6506f5635401e916d4f7e7bc3cf49aed166587a0c72cdbe673f467d81bc2e9cd08cd8dd16d90b353481df31e89b45e8b
-MD = be3cfa6c965b2ee4e6fb0236665b0b95f66c8da8b338375b7393672283b0e50b96112d7cb76fffaa6db8ea4a7687fc6234dc1ee52e764d69ba8ac40c0f51beba
-
-[L = 48]
-
-Len = 16
-Msg = 3a35
-MD = 87bea682792f6bb4977fe1b92e0cc7017413dd263732c3604f0ebd63c2817ce5ddc5d78c0137f614a06e72ab1cab2f4c
-
-Len = 104
-Msg = 7db15b3ee240b45d4610950996
-MD = 7311a6356ab38a690c0b3a1581c3e7b6de418996c05e79849891b061c51d53dffc0fff2b8ad1c1eff165aee5ef6e18ff
-
-Len = 352
-Msg = d2a1efc725c46cd6a19760f49edf0bae823c1b4992ae2260085746cf65833bd008e56e64002383f51f960239
-MD = adb1778360ec659e90609e74b6af219a01a024f216b68aa944841429ed5b03b139444b8b848f73fd5f350ef02d46b6ce
-
-Len = 1016
-Msg = d11ad1253592c094746da7b5c88d329bc3ce1929913b8be07e82d3f6b7a536a855f31ad197376eba6f2f4534413fc4e4e7673fdff8739f774a710754b568b7c61a473059a41c98aa4e86617aa66d2601d0f0d584cd9f132afeebdc0ce3da6a8b290059e6e4aa080c195c42ae7f7e1e99865223439929b0a3a0d79b46ca6419
-MD = 0cbec7be7299f48f043c3d1aacf833b4258c32190a21a8ac2471666b4a51b63cc77fff6e081aaf5ef21b1b7523d65763
-
-Len = 13696
-Msg = 2f7a9929dffaa4a4dcfeea1fc37b18e3cf935abbaa17cf9d834b3a8d61e9fabfb7683cfc387d6f46ece3f8bf845827c7ebe86a651d6dc1e83c5772cee1a9fee4b04453af2f68430bd87835126cfd1b3f8beea4d3822fb27864570e255cb65b414197480b6bc20a39c5450adf2474da93d72f6ecf8063899722d3755b7a19f71e93e782d89593ab19ddd3ddf053c54e0bf832311fbf132e8b9e540f38e4d9bcc3cdbf69de54e40ef348a9170ba2f65def167f568ce846889c0161448342fe907718a465e451bc1b0f2e4f21f9b911f186589f43dea305811473837c063b915d849c20deb43323bab4b64e61823f1df119e71962dd975700391b411f8778980a3080ba3c14a321d32c082d416ddd2345f0eb751a516d44ee55222395cfa11e7fc4edfbe7cd49bf4ebd4d7428843a2ad5538b3cd201ccd431aeafb146a65d28a4870a6948a7cc0413b0adac7e8dff3a898aeff5f4b65d10b28ceb749bd354c061c3008ec569d5f90a4d4f5caa51d35b49dc4028e738c8ff5939fef3fa202fed9ebef6f2c7dd0ba41cdb5c0c16985f96fd93a65d134fb4a90ffc0fb6cc5396b843c2151bb7c9170f2fa4fb44292a4af28df5481de0c3c917ba1c46467a35302738158493fbf6a0422cee558d4bce3d78e14b4fefb65bb05043e2cc2a6a8ea64565ff6ce2fd2c4f43fc02926ee44ee02fe1dce25cfde0115c9396c9ea06269f17b2caf58e2332cc1c8528d9705c70da1f76f22aeb1d1b93449180640fb5c4c4a708bc4621d7d2bed5b1a752191cfdd45086d34f247ed1df0f24e7c620de32bdfc4d1f882380d2cd7467c926f48abc75cbfac8788f88cd9dc5361517a5eb36311e6b39e21a85fba2038fd47d860f776697bb19cdb5a4d6746fae507e274399c91648537d905015e58910117e5914f44ebcb00e771d38b30c1473e1232d4e222cebceb4810c48e83e0fd4c852f4fffcd643c0ef9e4fae2d0ebc6f102f3f749b02a5e3a61517d53b539cc24120df3957a633d50369d46c0c226f8924cae51dcaf54d716f61385fd8cf38c2c311a32bcd6594d6930133dc18ef36a9671ba8b179abe95f588ef74e8558ebbc974dc73c26bb6eaae78ef464181e18b71f4b0f986ecc8495a9c4dc0b0b96be9806fbd3d32952ca3b4737a06ed6561e9c9581a33a720123fbaa2a70fc3233b83e56444f5aa0cfaf70fb24be6118404f3e11e6ea004cf2d079a3e93a8ac1d4e297cf4fc43851dd26314a7ed6a5a784b386daa26e50c64692f7db28c21d82234289bb45bad5042236667e6d70a24bc9525c3adcb793a6a5725d9b10911e3bc8e3fd604db7998346e7f7dd1815c0cbb735a977bd4b32b5b976932bc92ef3b56bcadc089045ec95f241cdb0a84c67f1f76353da6cb493bb27a881d37a2106b8b3010cf935eb3601ce4dce3e449eff8331e444ab!
117a20809a1010db4cf3be0c488f777b6532df908112e3d11592f04a0cc16232d62340cbb8b5268a662b8278d37c03d848a04f0ab498f5af43b0a20e310197b7e1395a65299fac29f051bcc5fcd09a5605bfee370ee8ea21f5807d9748acca815a44d81796d68b0014eed3bb6a94233fc51725de3809ac6f538beaacf8cbe3d96aca21a7a763a957f8892f22c6d086d9af2e5ac9d90321e186584f17e964c90739559ddd034df076c4aa38c2b78aab6dec8ef6be9adf33bfb66f159ec4826653ee6cb483539c47a4a1d95663e6cc7a42a3bf628623a4c9500a59a50a312aa104b198ce5f3e58952bb79ff1ccfa9ddba2fd4705e91b5acaddab9d6522d7666264ac5f533b6d8ac4512d8371c69c06b6d322b046ae2a0a20aec1c3bfb05f3d91b9044cabdd873abb5f2b0e3e19740df31e39828f9ff9bbb20b73541a7a70b8174ce4e43e0d356e629cdbc6c08d29bd7acb6a4347823075683ce9d7de4ab3ddda6572b175951f30a15263355fe9641b3322df7dd52077402a884cd472e6d0b6c34cd63ab63cec8760c7ebe384f7cc31066bbdb7a3417425e039c4d340166e4bba4839076ac9457c87459c57957d0a06dced2f7a18acd22b7295785dafa435a2a8a2c3a1fa05d115fe129d19fc44c5a29bf15b4d9c2b375bc8e591f92756cfc573a39b8fccb8395cad7617b11f14a60e2dbf69b897844cbbcb70363010f6e1bc0590ea594aa924597dbb32a868b55551789f82437180b85661809089d34a168d44b4d788dba23b13542715843eee797366d9ce7793e72331735bc78cd61b13421a568ba3e66926921c04e9d00888ba7ddeb474db63813756ea4a02c1823083e36ebd2d32d5c88cdebb98d511304cc276c7799cf84a1699ccac9569b13f530c762732e6bd0f8415001b2c02d11dff36660b717054b16df49ba38425e3764a56052ffddecdfc686aff22079897376cc15591e11579fe4feeccb55f
-MD = 70e1259106fc7a7c6be11d95fb673bfaf0074e342fdaefb458faf4619e7f0edbd68d509b9ca7243d2e5e039d42ee3b47
-
-Len = 100816
-Msg = 5f464d3301c5e0871d6b41b002dcd09abc80a805de3482d97f3fd7b9838745da1c0534168f76b93c3c53bbabd904541ffe5179cae619dea77446140b7400f47d242141c7f2e9894d88f44c9e066861498e7394f206f594a419790d697f6a11187f84bc6fb288186109343eb11172bec076d041a4c7306d7978c009fc2d2d62563614ed3555ba2d21c8fcd70e8389352dbe4ec808af3231ce990452eb05b1b0dc4fbb1b4265e69235cc3561dae4148c386cd770474863a84a822b2e5f905fc255d55f90bd6a760d441dc52240ba7d8c888a5283891a2c99963d1fe680549d6267cdea92cfead167f6c49663668f2bfdc61fa647f5abf3ce5ad2c6c175dbd456ba41436aa06f5f68f5c88e6b74ea86a79934bd05b486210d3d470a0967ad6d67f7385260578088d7e63197849354f651aad07e04ed301f1fe7a6d2047d50ce5dc6bbffbb1da6b47d740898f4eb54e3c5a1fbd18ec93254cc01f705fce04e6100ced132c519674b2345547804a372b5c925bd9ee9701527db33408d37b72f8d18b882d3c4744eb58f011d21fce336d426de1fcd5e09610216248b51fe2b79b96c2bd6ca0155e05a8a516b7a24d529a9a475284735bd9c4c437ddf399864b64fc5d0d6ffc4e5a7a3dbdd476bc39ed29a0a92e1f2b6b3506c2be5452d4f896db6eb4f895b554b2af64c4cb8dc2369b91022dc50b7291404cc9605c31569c32756a64ff8c4fbb0f1bca346c7b58a5c6774b2fc7f7fd50741d34c8564d92f396b97be782923ff3c855ea9757bde419f632c8399763003b58ee9140c2d62e914c1e1fa742661a9166d42267edc40905b35a25d5c3cb3fb457376b7422896df7bb19c23e8f764416731d2e20cf2c1beb8663c07edd8f105e078e2fed05c5e5897c430017fa2160f565a75a4c5c64a15dd7d644bf355d169ae2696ae5ed1a39e8f81055cdf315e5b0c6f9235515fc4dbf30281ef17b83a6ed604f89293904bf78c7183fcb0ab236cb1f8935e59c51559217efabc000b165d819b717118a03facb61a13a99b194f8b6c7ddfe5850127d79078397a56564c7ed6716a129409680434061b2a4782c9006587de927c1ae09d6778a5f1c39fc419fe10493eb0d4ad492fbd05485eee7913c59df82fe7182af2cf06a6e8edf06676200077bd1408f5c1cec537cb8566470cb44895826d04ec20f0aba4297c501add65c75d5767ad2ab63aa81b7b66f01b32590f1d55b7e50e6df1ee077a19c8c895f5ef62d452cc336e9aee171fa997ddcedd7af86e6cc37722fb5838a46c5e58e7f700edfb7c6bf832171d9581f660752867118e9535a6118635709d6f1c1cb21b938068958e956149d9bffc67f355cb88205d4894ba97c3e3c8be9fa2d20abe79f3f93a6a2f4f56fd075bb49a4b7dc83630e58c32a29d757fdbcaa607352f65483cf2cb4208!
a3bf94ca7a25e2a4e05279be31c33696c10fa4971d1b64ee938dd299f483e5c098845749a3b706a787529bf2ca56693d0a7a98243e6482a43e1f5d3086ca1b00368d8ead5ed2d0fb79b1e2f537ab9340809ca3a9b5eb2900390432293008ab7086c2811d33de0648be5597ef002c7c462b5e0f4e0b1720a98b2299ad7aa55eb78f0c77c2ab4371385f280107ae40ebf814a8223dc74f31483c63d9e4ed09fc7e5a51bac34d69d97163116a66c84ea9fe4263269b71fd228555ae3cf5109c4d6ced7b9049a2b8069bd2f71834d6c07fffbd7561939188bc07dcea08086bc7182a5270427c3199bf5fb5c4549861fd32a38ec81c4ab058c777dc01864787f0275f911a17838272cd65135f66baf06d8d93bc439eeb55d50b7c5adafed8eb8140b4b05f59871dacf954f4b096c30b7857774fcd319c096750bf605db8e31fe02cd1b9294eaf8bb009d4609f2cdb3a8657f650501b8553765de8f572fb91ac77b35db35f402453e5c58f60146f2906ff56b9c6b3a5d0bb6afb9e2201110919ac9c01a7e9750dfdb2f72afbf7a8d6f64b1c68b9de17a2c9abf289eef24074eee9b1649caf3693118165503a30200993d271aa31b8b92606a10a52612dd1fab495b82f9a98cade18b9d8a723a71ceb63fd1d27372bd281f9b40aa1839b0cc2f2177a09aa8e7b159ac118d7c145e7a4f032e788d21facde2b4dbc1d5d2238f530d9bf9bd2798f611d03ed8919f0c85bc2da99750b7a8d6322d2e66ff6ab9ebaf7424e8c1c3f4fe92be61f65359106395f5ef995e925be3868ad513f561f873acdbaf18590c903d64bd275121c11ea655124d091740887868544c5348664399d3da96e2e35fff34f062fb939d656bc072096e510b40b2f75ff010af68d64fd0acc778e2e13c9667de266b1816c4ac449521b02bbb217002c604be72e73051aa9048d192e3210a68769dd2693e5d44951711aed3a751240d42f8925844131daa36c51d7d59bbaf99623fddf1649db954705fd6f3405e63894f5258c9ffecf83208c2c90cc55b1a8d2972ea6b3a049ee54942b50526b7930953986e428b2c75e47ed870bba68dbfa624dd94112f3059da0a80c583baeb570fe8314f5c66501b34116c81148dd22396fcd6479da49f7e952c8084f97d6803ff85c3787222064ca368f596a1ebb6dab20a03916b3ab071c927d87fc10ecc4e7ab4a5761e3eadaea4de1a0dee30aa39a9e4dbee047201d7d8a4df1284cf668ae3ed7dc4cb2cc4b5cae9307353fd2ae4c105c5d9f3bb021535fc3ae9bf3ff54ddda8b2e1037cd9d69822df436dc1c750a9f557d1a3a63fbe73c64261dae0c70bba6edb57519f5b957f138d1aa5fefe01b73c1851aea42938147bac2762527a492cb85da43014c876e223b05597354d7c9b328df67f354d168a84ce86dff57d8a870db034196dbeff83ebef80bb!
e52425a8810f2c9fea29ee688a201cce4a5f447be789a3881a9da3b6c491288e8f1091719032608b332e0410f4576597e17e0b5dde305f069be2e80d565bb979a3915488f88e3ebb90e81c264bcaddd72b8843af4a4ae31f723d50fa0995b027c334c351128913bb93e67b1b08f101f6b8dc8202b44fbc3d3dfb530f66e5a8f35e69725c86998c05ac87c561a4706e90fa095adab4a566da4fab82bff6b20076e5bdf62dbd6614245b6a6f8cb6bf60106f8d12b9c3e26f8127dc547e2181531ce980a3273f452892110cfe1ea834a30f99d66e026a9d22dc76fc3cec8fda2d7fea701deb84dd45c97dcde57a017693e90983a156f11c4d168d89c06d8a32dbfa590adadd16850854f24bba315b0bbf372f03711a20163afa0c137383b9120b26c59f5e9e7cd2ccaf0ef4e0d70d5a81748ad441ee5fe178e14317cab184fe178fb0cc0d82105d2f423467fdcda0f9871b9d84882609248356f3053a99866dad9f9b0f8c4a897a8cb8f30365a7ae5f3ca6e772d863d445e6d57c6a478e35d719d0e4e84f3a30b1816ddb55bcd79df21ea0e95da72a19cc1fe74fc576120bc108be3ed4cae3bea889fb4ddd67efe858a994237378eb623dab070d954ac780c1e6d2095383c98ba622cbdb18fb53260979fb2672c21a4600f4bf06583a112d303096d4e30e7e1060d869f386eba3cf7aec3052ca17593dcc9969fa9cd88179c262770211cf53f53f175037a5cd445d239cee48f7ed0aa1d715a22ac18a8aeecf191d415e4afd92b76c091803f4c757a9e89f696ab7b11ad6d5f24774e4a004dcb0e3f33705dd8150431f051016af37647b9e44b10bef114276d4b1055b634461c655a82a847639a038ec9f58876e84e9a2955b696e072d8054c3f81173473604d5fcc0a75b4a340dba0c375beb87b8b01a0f2de232bbb8371c3a9d27a0ce521c4c43dd3bdeebf92f42f87d88978d5b4e3e563cba0e5f59dd29c31096885b113ea5c57e66a3be015b703bc26d3fd1d51a7c14f85f65747ac909d7e30c8e800be27eebf4a62e42e538ae30b6883907cebb7fc5e150bc9da3a138f394e817df9a9e44420078f30d0d3d6981ca581791a097a5e3982c983d5cec239096c7d8cc55c87242026d769ef1d04eb96e5b5001e3358af88d417cc61f107659791a35d8b5f7a5767ae24d5b2ba7aa12230076db1f1b9b6f213dceea62949d98bc5db38743b23a59ea75dbe4231a285678f5f07facc053c2048022fcb01f15e8c100d64a877ecd56d196a6ac60ae35e0e09a517224ba409ba7b70d8f9fe65bc427b212a4e9b3cb17b0d332267cea4f3bea7c1e550f7ffe567b20e3057aa0ebb560d00d28e2f7aff718a9f2d4d044f0d20709bb9ad567c98cff7c4810e8c542370cf90a491bc1088f69998d59f344b74db6c1bdb61f284e99b517a11452ca0bb37c7bae77fca6514!
b341066086e600f098a32a92935380a173c9182a2513584c54ff67e580dfe16b508acf1729a3d649ff1eae286bffd688fe658612d6c8e69e6e7f7de4ba85ec54747cdc42b1f23546b7e490e31280f066e52fac117fd3b0792e4de62d5843ee98c7201529455c85b169fdb90cb05e3403cf2f737148bd20a53c73880880a14ffff37d62130e682e50bc7210ea6c1f0c27656cc1785a0d9ce93ff94dbc5b2877519d9bac4a339e98ec594a7cc76f4ddf994fee8070dd4b8e0fe0e51b93105fcf566f83d914dd862b4ce78de7e9e16f142234bd969ff8005dddc641dcd3c7cfbdd6113cd3ba34a9503a0f433899e90e158abde2ed4ed4b3711c991577c5aafeaa982bce80835f8e6d7c7975571fafb1499991646bc499ec32930367d4b1de76ff656442cab987bdecdbcc2b2bc35ce01816594bfa4b6e33080caa41dbdf8ebf2205649f98a2d3bf331fb16b9ecd1824eacbbc9f81297b115b4d36aa7496e05f7d40d4edd1886c1bac10cf3f97840a03277e6369e7a7e90d932050ab8720fce076de5c355fb17959bd75cfaeff325b0737f8f5b1160de0b0184ba04afcc30bca77a6a37e29662302d01858c0bc1d32b883011b7df5a387805296cd91bbc835a3e76152d017ee929d4cbf137eb78db89d71617dd76cb00707aacb8088ac77a1f52ed710331193edb29933a7efd8cc153e6adfc2c6637e88cd86b06036b8177847b4d086b0ff9b5dc91f3cbd1c08217023d7449253c25331594f0f16a3c5f2e122e0145c4ec94f096b45a1fd0b2dd3f1d51e58978471782a336eae49d7bc4e050d1c6a391658f71a1f752c0ec6302bc2dba9e3766359359ce34955a2db86740c90d09cc50e92dbb76e17a39955fa7108bddeaddaf860d1aff14acec8b609ac1d336270a940604209df91cf45be72edee04277d694a6f968ae6d8e065702f3d607f3baf8db4ab7637fa4c78bb0b7fe69937eb1dcb616fca564a5a521e12df71fefbc321187159bd6a47b066a3440ba634de9153a94546b63aa33aed9da2018e1f30628df37f5360ca4f2660a46ffd73e58183e8abffdea25f7bdf798a2b7cddeaa481bcc6e682a67e99143066963d96d4a928a478951dd6ec59b1be8cb23aa688e1867738aecdd9afade39c92c0b2572bdde84eb912ed990ac618834c412231216fdb84f1e01b3f8414fc6dd0f646fd0fa62bb0157b3535e1497c9272df1cc5dcd4e6ab9a8456222655c56ac73fe0d2aa8b599035daddf0986a45b1a59510abe19a11b6dba065c8bcf8a85d20a3681c2414dab7c036cc1358b1dba98d6ae62c5948c36b5b3e307a6f860c0c822ac724a5c917ed5f98ece548a7a741d366868e6c676394c3659f7f6786594196dde332543376f9ba0724b091d30f431f91d919417e5bf7ba1e9a21cb80f6c204c3a58d59d960a5788b5cba5abd7c7518f4c5170115125!
de97009a6c3fc4d5773e4f57fdd433eb7422c7c4dccee57a1679633ced3b5f08df763d4577983c5ca8b49bc4e08fa76f8bff36daf0fed068db47f0c87e0e45d518dffe37c129cc6e2f5f9e0430185723098e715284a42f302a6b8368a4f2dc16f534d1e5db9d0b86659fc4ba6f16c982774115d02a57684c7e5489b1f491584b0f0546e4194a6041f5e5be3bfff3852a4fc772d83491023a61a37228ef6260edc0d1cb972cba610d5ad1d92d554700771d8236ef55e983765ed8eb21e7de7c8bb51aee9368758454fee4a3f32179c1e54af1d069e0b9728cd0554351907e018146511e4d6f0450b57c8ebd21c71450116296bdfc779945da60b9192c5bb9a67b1f04d94992df4cbb3e30732dc8af2177fef17e0b7d01740b8a64db16bc29c1e589b6bdfc967edeb2ce8a649ba892bc856a929f0b837a838ca7f917a52436ea3d20e72afacc5b9d58a7fd0fefd96787c65ffa7f910d6d0ada63d64d5c4679960e7f06aeb8c70dfef954f8e39efdb629b72979be208d616071289cfaa0756a4bb5eea5c7baf8fe7a31501e7e2d67d708d461c0c93e85f03afd70bd9e16437171e01a34f475e4b5a58d13ce4e2fba72bbba93403f3f8981e0bbd6a8a6223327bf096c44b36e0ccbf7592a98c1fa67f198b628787ec80aaef848b4fea158c715799e6f458327f399e6420f0e7821f2dc4663bbea065c7bdfe830b6102e2e7193381b9dc7f2381ba808c43b8fdf3addab4b5fa81564716f7d46e0349d9b27b559710d723c7ef2f79eb55c3a9d75b99ae6fde6877b278b583f8ae3cae776b914b0cae0772397fd19b6a27676c7ca02cd07f4b4d49bbe1ec87f2ac7e39e5f7712319c31271dbbbaf4b826af8a9f4acab696c62719f7a6a032c4bcf90922a3c630647b7c1c7b78b10afbd863f07486561a0bc8d9b1ff5fc41998a7e3c604e24af1c1df2da1dd5d83eefa2e4012f7fb5959ef9339574367deff73723484b5a969c8c23dc251a3b887f34b9ea09c9a1838e8aaabb254445d7556dda257dfd5579737fe1dd6c67f3851ca68b011e7cb7b6958d588f143828f0bb24fceca31b47b77d1ce05e75ab05b55d6c9f9107f0c738f2cf8a1629f7e9b2694324e082503937ff8ca7c5098f770289af7d038dcedcf0ed77c8b82e2a9003a6f3db69e14131e144f6be7cf0bb5353ea96aebd78befbc6ceae9bdde97823cdbc5ca8ef8a993a9d9383aee9f2d6a18fc64ab92990672ea2dc9b89ed248aacf7f1a513da43fe5953335afe76d78867a066f226ae9c727c6c60671c50a50732698ef7a492d51998eb6da5368a667baf6d12b77eb36686ee0ca239dc6f3598be0bda79e47f0891fe4d8989df8c685480de11c148a2b44c8a6bea3a50b09be557c51f545a09a30e9362cf3080e6a6bee3dbad370ce24f6c5a6f8091007ca195057fa3af8f99703a601086c2a1ff!
e55fde4c2c4153dbff8d6601ab68743c0d50d021b0b3099535ba6c40f866ca3ff0df7c19d709a3f58b57b40ab5e43556a8c0c1938c875267bb39c0db6b45840e8ee7c22bf6b48798bd744f70e42fca343a8bdfbd7f55f275ca5d62c7288756d4861fba68d16d842c5b893c1d8171bb3c8b593387d3426f292ace5cee7753c9f9a12e6bb9af5a24192e4184f7d3d191d862d3c3dace7853eaa235b6369fd164e5a7bddd06daa3eec7fe4130e82478d36f88a0999cba1f251ffb3a7689ea2baf016073193898716a9f933448d7ba8e0968c669bdb7dd5e6e32fd84a6ce9e8632b393f9263532ec2107b4c0d2abdf3abb2de2d63511805eb58a70bc4ded040d76640af60ce7f03b9a682b8dd84ed8a47225a48e0b94ea47828f1c8974cd64e5027d8b13d43519875d2bbe4461a7f0f5b5b8d63a472765405ea9c994225806395e64dff88506f7f7f3b6368d769e6e550d4e3e81efb13771cf403e855f75312f1383ce4c2744d0b4e3735a0f1e1b99eb014fa60c0d1ca9035fbc4403330c2fefa8411fb7c3d6ede5b5c8f4736106bbe01923d483a84f031e9685a3b6a70646a2a5059ce35fa496b3f21fca6047471a5bdd33908cc9328de9fb032347c249bf7093390b750696124621dfa67fd9c7fe85d6e5a4d277ad8f8d169f8b5e8dbee280f8443518bd94abc5ca704e781e6cb1868ba2d6fbbaa850326fbfa5a20e4df6fb5f8ee2728e86a758763a8af21e1f7a8584d3f0b09a0b19fe8fcd37bc4fdf45084d7fd92b80544f29aba52496e2c9a0aa4adeb89820be321cfd2f0a53585a15d04c7fe4ec9be6eb5df419e20b71506c1f642df75c53a9e3b2414fe6102fa8af7be3f6c95de824c31fd6fe8ef9d49e26095a2674a33cb574e9e493939bdeaf5b309b4c51256ef71e95dbbcee0a11991693b533f916e1c82ce86d65d89b6d596017fae944ec364546e78abbcbe4322b83e2fcbb4c5d4ccb54d8642c7eb9e28c08598a356a5c46f8813e6b63ec2f3e3bb721b726361f85a734e0514f4e9c4732991ed3998b1ba8f618c2071d1b943eb0f8766fdb7f0492421429bd380deca3325c8d5c7b6ed16429539ae54f1eba39748f09aa44efb67d863cda304e8653ff7499cfad44dc27807779ef8e63be4b376ec403f3c84eda4e5af31c30f9807762e0980b4e5d9dc406cad4e888bfc3ec4186de8ccfcf631b0ba5831747a1c200d45ea06ac82c7952fd09aaae5dcdf5475da427cbc8c1f71ebe5132f2fcae15975ed6fa14a11b38766e1c446894f31c0496b0e5e96507d28e6e4549d6d78841e40630ef306491a1da60eaea3fb69bffcbf192610e2e07bc1124690fea61980e8ed654c5e796f67d26db5de35b4a2c67427833e360ac2a7d4fe7a5ce572144443ed62ac460c1b19402e85c79e3d80e1c143279b20a66d8dcf2bfe1cc44a0f5aa9b0d9b36c46c2!
cae148dd0f2ffe9a8e6e7274d1832e57aa39fb40553da6414094e838d613a20ce9307d49f97d904648d6460985b01af769800cff9a940f70729fe40e98feb64ff0a81c5b2b096b1a9d832e440c49e4e3684bd17a5169fe138d2544d9806fec027dd2a67f1856178e090f9bb2f9b314a202e7e95f2e41fa80dccf7b1810e9cbcaed2acc2445d60e26f7d63ee4b28e4299e60ea4fc659e7d6f0de91748bf1ede1fdb2acde9482bb76bf6716847eb2dd7517e0a94f0bbf20f248d2c79fa0f518b67a44d5c4c73a9bbc3816ba85ae8344b5f377649da75cf1857d6e4338a76446c48e52cc7bc7ce283d4252f8fac5e1427299edc33f84798316f77bad4a87849e91a1a23c0b7a86898046e278eaaa15ff33730a6d3f885dfe2d1dc0acda2a9e49a71cfecb7dcaa9e70eaa8fe15d4567a280e8960ba49d5289535907e9f277f96e8e652c21d89e81696dd821db5b7e1e53e160584477aa9e4c0e12160c9956df36cce6f4e724dd543827366010ed3d843cdf4319c1bf968a70e9b1b6bcd8af96c9eb0620c569716b7bc42e13251a6adf8201faa129844b5e1d699cafa1b66a674e732c7662b0410e5bca2704c5ebed7850d0ebb825cfb0627a183cc9643b709aedeac2c06700358400c389f99666ae97ccd37f265da7addeb07df9ccad6fa777d0da2fc47b6235179136bbbb409596841e921eb278142a19e6203c7f235bf8461ccadb4b47dd290d36ac27126c808b866f9531261f1e0f5c458a6bab6f064b4efc432e1c7379f9af19ac34c5c22e76e6e7651e48f9ce44eff542f018397889d896cc9001a63e8e455fbe4a9ee9a740edad894fe1af2bb21a1dd0318e28ba982c12ed69c08835ce17336ad1638af3cfe0ea892ab8e83d3f25e6bd98d5e4d36292992e2122c265a26cbb3931dd4c1b0d0ac5ee19974d0dd45777908bb416cbce52531820effcd7f28e1fb2d3d4d826e1b2673e834485a25af9f9d174f566abc3b36732ceefdd91a7c3885e1d10d51c321ff704d0883905b7539309ba5e7b7a2bfefd0494e90e9da7541ec37858ec05ea9a9ec5672b113cd5ad6ebfc5b8fe40ed7c3f17d8a73703dc89086b4d75c5eaf06b840bb2f5b4519a4fb17bfdca9605f17253f203efffc92da96fde023007d22cdad05d18aecb4bf08085c5ca5eecd21f2b611e7e8a0ef981fe7aa2014f5ac6862fab44011dfd33be8a1226943aa7ae5fee9221b0400d9ac2ce5241b09a68cde6b13c47d50bf310ecb37f25c32770a299020d8500d8a4b5d7621e4379dbd6ef34a9aceefd4055ea6144f54bbfedefb5b5b0fbd1d81c7a51a802072ec3d84f34585f22c1df84caca07849b1ef054cbef9b40848e9fd238761df5358cf55a79a53a1bc749e49ffab7c5bd9a28bf24ad5833facf43bcc3852c1e85cfe47929fc49c325c20d74588eb9833519f192243cf966250578!
99b70a7c93f8fdbfb60d8129d9c43c95f8782ed8293641ffd21d21d91a0b4db69d766f6d6497e9a414ceb04b65425d6ad6c8811da00639dce8d8030038f2d08330c75b0879aab81bfb3330b950e54c13780d308fceed2a103a1a8b77a923b66aba737654ba7995acd306aa7b80f632184412e2369c353c2132ae614553e626f0a3436959104ba6e0040dc597dfbc3602a49e401bf2249699375b2c722083489f54fcdc1f616a133ef6112a1754818158ff78f245b9046100b0e89407f74145fe336976af971c054f12d98002c68b3aa2bd699fbcd71bc4dc071e430bbf694595a951e01098aaa499be2f70611f248a694539ef8936b2e8b7a3c5de8662436fed1f7bc24a4e5c17a663d9a23b4692993301b08cb3bc10f518eca51081c717ec8dfbb0c2669f7987fe6aa0bd98231d8e8b58951b42537f12884a857e02d62de4fda6b88b6b754b1b27394c6a819e0f92f6b2b2473fe245678e252ed31477cc7ec6895bc361b718fcab3aa550fc9faeccfe77cdb5b151ab1db2e569b5bc923ee26f0b6113504d295112d47218140e44652a10af10a088f95c7cf2fccd040fc93980939122411ec643e26e7d69ced3178402e320fe156e774b75b5afc2f3d6b6ab828bb4993b1436faa5728cec34d66f520f59e82716ed6d1324944c3c91d04d5ffc5a921f4716c39de24768484d0096f7d8dbce35aeec22db11f899e5e7e3d57e7668f35d6c0db3542255d9262137d39ae6cf9bcde254dfccc54a6062fcf8982f781d9ffab2df4f49ec04a72eb9646d63bf9e1799bc0bec0ec7f0675ed9f8dc9b8be15d9f2175dfa1c8bc99071c70ad7bedb10a4143fa91c89f54777f84c9eae9361cf7f4c2b7ab873ee5785a5241db0af86f3c6d7f091623d6dc576d07550a42023633a09c8dfa21d7e70cce64c13f37663f75c47921c246f3f2d1d16a8283ce7697da4cb7e016971a2a1d0c59d6202bc18b7cee3828de597efdab53b33a9fb41aa7b49f1c964512901773bb396ac80e90ba1a94c408b2860065ae9aec64a41d76cf8842d299d0babf14d5840d647d075c34175e26a786f30091a24f1ce8db30137520dce1cfffb6318a0d0fdcac883eac603bf365efa2c806eb4f194cae8c16780342165222192f6ee2e103ae2a31dc08a84dfc89c64d2e9ada7ca1839dfff62ddfb7982c79684cfc821a098bc6bf09f87317209b16d14d45c6f38fc99f7bf9bb73460977bb323665d480c87c687cec052a5f08a2c6744c8e177a8a269b4a47a925b9123cd2c014313edae988f8aeaeb633ee5ba6be7f53fe36da3aa37ab2077f5fd75a82a55a0fe62af213b85e9e7694f78cc2b0e63a8c1b89db484722fc62c688678a511c474f0eff8eef1382946d26de00e5c626ec1d7079445c1b7c6f7f05073249b11fd1fb30257724a14cd7bbf451146bf366de2e826fdf1d25705587c!
4460040ab963e3bd504755b6aa5b18786b68efd3c8e59e8dbd172346fe7f4a18bac98164669d73984044f3c777368f965763742ab86a3720208c64801c796f6e3a1c4748b81e41ac58dcf6ecfa0453b18fad7e3473604f57f7da302e1fa81ad538d4a0280c4ad092007bb9a7a12907227a936871886c699db97d00a1966fdef64d9f3672f1b792c1edadc6781b391c91bea1bd7275f30859dbd1707b1f554e49ceb874ca06e92ab466efa7eeb6990667a27507a7ba789e24d593ea2af8eccb3862cce58daa63eaf212bdd86c01ed471cfc79b191c481ad773d20e821d18af85a7049034e5a9c660357a4c2808b9a6139f32c55c13282b8d98904f4f027d438189dc9487c96172e50dc1100ccc224e7374cf96ea6731032c43fbc9b367a4d1d0b31aa3fa8eb589672e69f1d9144114bbd508d56c2049ecdbfd7b43545375a099ad2885353d8c550d22dbb738e6fe3f104b444c89475a2cc24d7887daced8fa05006c02dfded01c00707e2ad04c41199c5decc1eae34b0c0abb5a5beee1b5253c3350e1a077682767a0b9124a4df2e8879366fd37fc04d4dbcf89883892f46a65ce3aec22123cbe6b3af6364df1f9f5f9751bc8179b6dcc5c126dd65feb7d11a85994e90ab6342834c79c5f82413e88198c73e932c66e3cb60b6e0c0cf438622e5dc5a1036c38afe9cf13559044a9e90f5fd72a3188ef6b1043f5f4e6b40ea51f6235dcb33b3099b2d8c2e02103235f0476ad51bce6d8a2934068549633e521a3ee4c62c22b042fb86c13c8da849233205a5e277aea1129678c31f5c379a71fe08b72fad9449cb923126dd465d1e0ae8a925374149b8248b3afb69f168f3ae701c00f6ea08fe07f1b5338ce6af2f3156ba6f300310114479f2f6119367c88c12c158b84be13b9c8c7b5dd7c90edb5b3ea1fa5927a25ad6d5596992dcd4877f58a134e05dcd80dde4fc2c2a680cc0ccf3084d3f4970e3603fa6bc5a180fcf1ca4241c0b8a1e7c607dc025016e297e2b0645de4ec2fc49851b9374f3ef99edd897c284a67b647ca8c96fcef935d541e9faf334043ea50b99fb8819ecce039227b624e52d8c20003b5a43808e4990da8e4398c4fc172b983351fd11a13dcd2aae5193d42d46e1b57c92e3e01d23fc968c729f3782d6c07dd5a17af2bda96735c12cc7d8023629fb0125e974425f7914690a7ed26508343ae58c8a439ebb6232049a194768d4594f5d65aca37a5686c2a86dd04bef35d74e0755937ac0ce3ebded1c00c8adabf030e5e4a5f44193b62fcf2f1bfa9dca2a25afaf2f1ec06c5d17ef3526d26d17af3e2f257ded24b177ba41c0ba64fd4fbd5042fbd5961a105e0e9f77f3db13c1b6c5bd9a9d04801a5c00a4c544218a21016c65bdff774a44b1d05256e0693e14d76605d67bd10048d3816caf31a6d10886c88c783538bd93e92bbc448!
4f3388b61adac4b92b911c76ebb1dd11b7b4e40be032bccff610068746f41e34a1fbfbfe5faf57c8a4331008e2c1cfd69f57e74379ac80eb6769f4ce4196795b835201ce4ec85ebcaf5eaaec242fe6695cbce1d53fde5b002e006bba8c8a1ee57da061ceed0d21bdd57ab0cab9e46bf3764d9a6c3ab19736d43b33f32eb955f9174ee4a54666e7f19cefeb49aac7a59b7370d9ae730b7bb4e08413222f0a66bfdac252fb61bcfa838f262312febfde8add8f6843f1d64ea3da42d4ef986498604d65737a44f5a099338520cdbdb65ce73b110dd4bcf8592a4adc3e0170b13404f99f0ec8f9fb225c1275a921f09369db165e9109dd5be472b9bc1901bfd882d264d9ed8d88b4c8f3b35f88b69e3e4b8ef5debb895be536a3af492d968dc1caf31879d672f70ad9869ea98335cf9e4a2760f955fd3e8099e4b2eb4269e354548f9de9921e50e49f3f5cbd63468b9db0cfdf17250c8f13535d4c0a1f21c87967cd798fe93b9b2960447401ef90db22c3adfba0f55f5585ad37040e8d6745184dd536d5a26edec365bd6edff1bcc616cdea3bfc8b9d98c0ef9a626054e361194cd05b2287612399f6d3d3be2f71555f14ad2893af6f60ab61adef663c3c2464ade671dd5ebc71935aad290573588fe6e11f48cd2b7db62e4b9932890d1b96e1b83eff70f026d199db75fb1e83197c937b672613c66ea131f485b4318e27c079b4018d4205484993bf50ce70275b244f2caf47cb47eb2a9ca59afbc78809a912eb56a4bb65cae4694f682c6329c690003a1c355f779b5857a60091b1c3685995a366cb43d753a704d3e59c5f5003c78feed877351e27334b3fdefe5907edd9eb25588a42248b9c4a93efa7cc63bad1e5900b95b70436c35eb85cc8251c4030fab9556920141cca24d6acd3122b92b7e868dc174bf071117958a4797fc90866aca685f1456fab397ae647ab9970348082bd74865bab7f248568db98ced7ed84e8360fa91afde3f23509e6b4caf948349ad9fb6a4efe0a0468302cae7a0f999195af1c19058669fc3b88b2780b9075dc180298498caeb7ba0cf8bd42eb36b1959d5ad3ca6fd1e85f76abd27ec5fb637ee38173ad7d86304d5708b6dc8817e099e77f5d43c1a70624cdb96e4e6103bb25e59eb51d894d1dc533a74005bb79cca35b66e10c61d06b5227fcb071457025d605a0862218ca252b871f8343ec231dbee15688aeb914c0f16ebabe6edb0a489b2bd10d4392c6f1863bb6a62181de7cef61997ab02f3bad0a893cc0cd8a99cd7b3f7773085f0929de36b5d124e3729140c375de9a2d0cd9a360cadf17b9e45b7f2adbdff9e75b743b62642ed67aa703b8ef33dcf51a50edc7dbab42d3d2b49badd2457a9f92847aa6a60ae2beae457a5fce1a9e485ecf907be22913893cd1350f20fc6c81c94be426eaf01864e813a03e46744!
91b61516bc95d8a77c15f03d0adfc4adc27f27a5ac4165ff6518eda1a5c408708f78a9e26b834179804a312148d4f75f21a77d78387139da40c0a6293c2a59d0162437d68504f189ed970c5abb9ffc6d8e1be2b0877c7f24b1dc273b1765bfc5ce6f4b8d99a96d5b1c92ee53a39f685b304313d909c1ba8130d20d51c824cec420b0315229df295f75b453a6c131afaae0c36d7c4fff70623638a4f7ded5eb7db58d95deb6249a29b171d8ce651556dee8037bf4ca74453a4a76aab7cc07ba44e55de57dbef8542c3851ea353fb8e259ee89bbecf9ce8d8bd6227afc0028afac48a7acd9b4e8cbe982eb1475917ad6be4cdca9cf6e7cddd971b2924f2bb730264801685d387485e41993c3fa0af9987e8b52c21688fd9a9595ad8d1b9f41e0457be18492aa09f69e64e2954d1ca3cc1d32b2915cd9cf6862ca79c80beb47347c4cceadf48a37b29b1d6de4e94717d60cdb4293fcf170bba388bddf7a9035a15d433f20fd697c3e4c8b8c5f590ab44aefdda94681407008ea48d03ff21e9bbb4ae7a9aa37c855fe3537c44106e8079f18c24d2584474bd4a99367660ce6f7e6d7c294961e174366e7babc569d5f80572a21a4bd7086629363e0c9ee2599c8b8863c96613ae6c32cc67ccafc66e1cce79654567ad08e62e9abc99e44d6a79ca4d8de15b7f8a763a4741676af0e1f3bd4e002c8fa1ebfbb3bd3a65ae68a80c230422f98f6e1e9837252e045eafd585ba389958297d59aea1e8e1f665fcbc5f7ff449996aa712dc0faf582cf3caf3dbae80594f9f07fc06de63d9d672d14d7ac4662b4a54f40d4aab2de766910be2fc7f6f679b5708790b5376498d3baf0463dca2f093b51bb7e9f3e7033ba0384af0174becc3bb477bc5e86959a12a5e8924adf0bffdf5e5b9c1cf24d232881ad5c05c5c0f50318ea83d8683339ca6a583c52198c00f7c1abbda282e7fd3b179297338ecf9c923a3a87a130dfc06164e9b4c1fe11d51b382643de44b30a6831dee119241d1b6f84f2484784fdf65e41f78c38e15fb4b00e45df1edc40e3467cdcda351a4c0a0185ac4649e91024377e1c331587a8586cc0a4dfe29e14004c3536d305f5dee0eeb8c2f216c1b8d27375b239f6458e08980badd6d82e9ee9e007578c0a3b48288d9ad0ec3c934a99a8c5741149af937dc82bdb545df26428b87fc935c05f1a4964a8408539f267e23de9bc498e2a4b0083cdb7c8e27de6252bfaf680a6d5b7ec1a6dac6d7d537334a95f1553324a0739414dbdb50445a767b0f589fd4c33b35905577ef5a53b0f097191f9cee4836a908748779941de2a78fe1bde0c2efd9f48cbf232ce101d9df93d3ed40d036ae7aedc3a5ff619abd1c159ca8d2dbda7de13b4ca62576c7f925c52925eae2d7500dc969fe14c0a335ff95a7df1d276a6f242765c781208d59edb5848d412b1163!
8b27ce5a61b8209075976c2a6aae88f6e6d8704fe9e83b425dec4defeeb3cd311b8c5a818d51f917a8a4525361791d5c4fd5d70704d4b9fa9df1ea119882f400e682753a41931712c043c120a98f0fe786a600b47befefc9d64cc5bbe8a16c191490874e258760c9e4fd215bebf848e0b4d35521f53ec5f9308644b785171fc4cc3ff886e034bd833d59dbcacebdae8f00e43c151bcb24d1d226d1cc19ecf349361530a81ba3168af3df5536fbe52b3b93621f57959df298e5b4d3c14928d2ef7b9c977c7dda54242d17f8661978a62d94d565b00abc199790b9b25fbfd4a3ffc35c95ccafe35d9a138a2c24d17f06ae2cc376e822317f16fcbcd56e23f84ec135dc935e58c61b34cfbf5a36cb00350483b6bac786030e5c5045a6b61c9aba7dfaa4f7fb21897539863ee865ae061a77c0359915de3aacb3b5dc8cfe53c4d17b393c2b6bb23652f36390407922969d510cc97b99d1df4361530aef10707d7a021b2d9576b2d49ca88b3cc83ad1baa6d88ef8c81c08f8baaf515637b21ace9d5cc8fd9fe4ca6c3aa129caea7060791d566f4de8662b90f9e5d849cdadf9bd23cf6737b07ca105142663c30de27adcea11d64d433fe1ace84b0f6917c8b655f2a421602f07e0a7127e61ae9859c5e9f652ec82416fd2566f291f417ecdf99bf3231d02864e2e5a1cf34c13f59de9aa2760d8734bbda79576c62f566b8269990e9384a41c1634271acb4c7a8b768f276685c3a8c7f20872e56b683244b1af562c3e7dcf592a9915f44f886cc2ac5f679c07d5aa1fd69cf3a460f25c722073da336a310aa551062d92c7297002060072af2f3500b9310c239bedf45c5e985c2e0d60c7dd68522376dc7b560fb34d1b5089450c32ffcbff07b35a96bb6fe01259a06868d00af697f8bbb238d03d49570a109181c9576c1ea9d2ee02000cc23e63d6c93c6cf3050bbb15b6f73b09c25da62e5abd4c2bdb1110e1f25db39f04885595cd6a388c4726c8d4cdbad87d80d42fcaeae843e2e17f44c9aed25c8f6f9736c7ba1bbd3b839126de40a930024a65aacb872936e446114e706a868444cb140e53d976816983f3dd1d57eeca01eab8211b7aa8ae99d26e35c06ea4b226e0a6e52172a40e7f0df5f67759ae2ee026749ba10b8e33694c3e01a001526f9d75f6c419cdccece3ea3f78d69014e509c741214581034bbc7e2bbaf76db8421154abb2233117a1ffe2786b21424576e295c9baef262e80fa2edb69aff800b3ea436eb827e8adb73abc48d740b86c69d557b16e874038598b25f616afeb4f4a900be7dd0d38b5b6fb4259c51a3aaf4748d7a445f518485ed72b25c7df8ed0906b74bd29bd6a5724ac3a503c990f3697a5db484821f68718470810862728a80ce34599a41fc5bd8bb46dd845a4812ae1532c457ef4211d0e41835e5a6f030247614822571c9!
30c727ba397e723d6b3aeba9244f054e331c82e65b74c9f6504c74b4301499a1a6f6269a3352aff57f88442d4eda42a82ebcf7776c5629f97d6160bffdd8282a40ce2e6375b161e4c22ee53bce7a45f4774aa827e2da657e1a1bc07445f0bbd770b7a5a25b1b469fd58715510dbf8d97af4e1b9459a20b08a8d3fa9d92feb32db95b22d36de0bc8b1c397b09970a6826392fd8392b2d790dcc1295888f42ac81ad213c7328b2324b28be7cc1f4fb8414a7785472f1dd3e11d66017b1756d1697be92490e15f056346d7e9126a1f35fd76cb016fe2841c8996a3507c4fffe7fc45026df10b03b86fb6cf26e8418926a030b5fa62748fbb728fa19dc2f8947468c1477750771e442e4a9d25b76d359211c05df788ade5b7824f8770b5dac0819737dec916ee59b28a49666ee8b7ca81386eec8049542f18a3207e51bdbc291470eeefecac385c096a
-MD = b70acba01bd715f542859a4224d035eb177fe7b34d5447e099acd1716ba6d00f515bd02021b5b3015d736b04687544de
-
-[L = 32]
-
-Len = 16
-Msg = 43cd
-MD = 7c5f9ed821a021ef1850dd4e0b179a656fbe27b104463720f467db32bbfab5a4
-
-Len = 104
-Msg = 5f75a437ce0698a7d8151c3fe0
-MD = 774782a9c3023dcef8b2cb83f7994324e3cca35323419b3914a9b6bc3ace5ce1
-
-Len = 352
-Msg = f88bac738d1e3e10f75e46e3fe026d7e423fdcf3d7e4028b33a291bb4aabca53f780fbf99e0346d610d4a38f
-MD = f114f1a390bfc30f34652751f3a38e8bdc9597625e363689459b80082eb34009
-
-Len = 488
-Msg = 832e5b78a73a1012ee62e00621db7f4d248893007c6e5d6e0e689c6b291baeebc72df9cf10b289fe20e7fab80a2399271d0ac63766049da875eed56264
-MD = 7d00fe393c308eadb8c0a4f771d409e17c9a796e63b45fc8e84c0cb2bdb62532
-
-Len = 13976
-Msg = deab57cdeb41974037a9bef5e292894038264eb4d8993d4d1501e6ef9c68fb0f571f57b0925640925deae9a6317e3bc4d6cdd5a0833e52fb48baca16a9ba9b6c8ca469a0555763b54f04c87d4e41aa549258f30eefe5a52d2ba06657a8773b0842e094857b6d8911d6a0636280025e56356fade362b4bf4c875cc19be0c6644b447be0454dbf390eb966c03e10e9de3487b90d0825d327c12495e3c89ad09c9d591e55c91376fb14c2fde9f7461fb25450df1a65806b65f3caf4d5c81ebc6e664871fcf915b9578bb70ee6776acc62205888dce2baa4024941209e81b4b35f0eda1bdcbd9ab1d6db6140bda4c41776fe675d5c681da5852d50c246dda4ddf9fdd7c5fdfeec85ff6c883c78689c2977584406a1ddef977606c182d6c33561c39c071668a2515e5aa6f4aa1faa392aed95b82ab32b79a15e3b5a07551ab068455131b72493126470f26c30b852e4415e1d8b719b3803ecc336e4facbcc5d1908851f4f39b776bec8b6b9794d47e5965458858560eed5a0305e260240c0849d93a19787b0f8c795eb5ba32be573845256ae6d0b0a3336e42a1beac8bdde6d1b6e0b6207903d4b105f4af2ef89bd099ded870daea2f170e03bd5f6f4490e60bc222d4876e16d4c58aeea6e6c400dbb9e9f4b2b142f0fc9bdeaf4132ded38a4a8366e107cac7210945fa2df4b124be37ef76290e5b9758aa3bfe0091bb0448206323584c2f833e0edfbdc0c33075fc9647a3404ca490bfab94302a0679a1a42fe9fec6af0cd98038b09ffbecd2832b579b2294f6ae5b96328fdc0a0b9b3a32cba04fa8bae3389c3951173bdc17caaefe526aa386f98670b177683d0b804c5875fe9c7afa233ee66349c9fd1b60bb0becf5e1d887e67fd3baf34b4f90d94699d18d6bb9d77d4af358f31edc254de2d6c5fe3ec07425c633b18c1b9e3606b78b40b543e1fd31fb578cf58c45744fc073fbf3c7d7d607e815379a5fc565892d81560eab8fb5f1ae6771b998c592e6d288014f13ab283d53fcbfa66e31a9d107308402191fac2cf2b799c7dae91b93a7676898b8a6e516a86eac58ed8f6d8ed2fd4d38031e4a4466dc8798b90c48e6adb6b4391d47872443cfaffa542b4b132f6c3408f0081af8692aadb4c9bbd55053ea56d8b82998f6b4b41d331891acfe6af1bb0d6679989978368ea463743b514866d2d01fb9950e8990867bc14f1db1142254adeccf3da812949cd03cd1d569e9d0bab7ca7405cc21096e3cd4d007cbb9629372e98584b4c6b97ad0bc314e1ab6ac71184ee555c01973570ed9b115bed956f9e4e349083013098b1e483f0fe44d5e9849f38a2f7ae152b36a266ea1faf263ea8c706632ba8629602187379546fc6b82e57ededd6d074c15c771754710731e07c207899eb47e8d7c72ffd768c36257d373375ffa06f9b3f0af114!
17f9ff9f9b44e1f1f96ae8aaa429af88b14da1da81c7bb38a0fe9372ed6a9ac6fb5e9e56b82593d94c5192904450227bf040b7ce0904789f979845e112a1f995c849ec3f7e49bd975a474e8201630f40fc0d80e76019f110ae158cd0f8da96ea4561f24237d8e795ebf52368218bff3e9d5b040ecd2caef4ab1e7127e53bfa2b3b4fb74829f9993ac703192aedef79dd9ad24c2c976638b4575afbce22ecacc273ba43379ed55ceeb51838b0adb80585bd1b5f2707ee16b67a7232adf7163415b24b9ff9dc94b7197fdc89e2a90d2b9eccde45e965edd064dc0d1eadabe11b8ec3aad2742b5d3323ebf913a92817749090c20758f98aef2544d4c8b48874e8936d7ee492d5585675c214deeb74fd67c4d170ac5e0aeefa607c6e37abd4f8238e776fde3921afab75cbd8f392d3e88da057903ce2e140797f4a85737bd89455e6aa27c7535687b78cd0ea59848e006c8de9c9c0cbc7a9f5e977be850adc710503ce4ba7c7bd0b042297f518abec6c8ef451c33e030251f506cbc3744228b6bb4dab86877d9e6019a0ea9f39ed37557b3b5527c171da5f013e0d3c480a038cff2c087d6e5d41b17e6c8f90c334b5e2b9ccbe9d4efd99fba1f907d00a49b71b5a08aedb644fed24bcf04e71be67b03cd20d53ccef8f854f5e9f7f28c1e98a8a53496646713bebe15a93f1ea336e6e8a4e68de5dab0fe880bf983eec75d1c5027357f6669e098411e0bc3ea2293138f5b34425f78b6508b94d4c0cc32ee9afaa409a26e5f2a1fddcd6d5ff42a89755a58b08f243957a2e208e24b055f51992ab447bc06876eba169c545fa71b88a0fc15d1e0be9d334a1dd0c86f44bd149b42c07608a9a30d0b7e13574f8d862f2ac72b2ed38904d7cab194fdb9e4dcb615f5610b24e202a36866baccac01fadb575df11dd43e00a3b92fcdd8c7702ea49d951e7dad2a56c075730b4af1ceda2bcb2310256f28312579fad40ff471336ea6a44143edfcffc297258d48bd2ea47efab8f0dc00f1e6dba1a55009ed627b7
-MD = 6e5905b22cb95e48b73c5a885f5463f554d81257bd26301c4393d57fff1c8323
-
-Len = 48824
-Msg = 5223e2fece634a95e1e7c83ad4a11a0478f4a41572bd66c2d7902cf4f94404cd80b1f58fbcb8eeba3984fd759410c12f8ee922865f363f684df5a8787c87ceb3086fb8535157f7f39653dbf5c66ae7219253838ec77cf1c6db518225c5ba0a8212e5911236474b8820ddcb8111b87320adb82ff553986324aa2a21c37ce4a083c89ce9931290d4c1fea933e31d014d7507a28e83aa917ccae10bed1a490e77fe501b299f8e3b78e659407ce1934d5d68c7980800746f26ffa9794ef1d23f793bd2eab7fe524e213e58280f441ba48b40162305335b3a480c2afeac11c27f8d817792fd7805d4b61224eb52d35c0fbf471bcaede505fbc9398b216f43bfd69b1a669a61d44fd21faae410af58ff95e1c3ff1528de1aba93cef56bff4d714d8c4cc88a4ddcda52444ec1208d99ab3fd9fde98c1ee6437d8d138f62c5f782eb4660c5eb28564b5b0d46e3a2546009148f3d02b837c5284e9f508290270b97b9b29e84445a0b4df662d9711e6b73c11cebcb7120dc427034b1ccf57d8e4f5bbdb84d2e1d4bc3862a2b51931d3c9a7a5fd6ee5f4c7327c338abd011af638d730141b6eafe63469eff50f473262e9fdce636eff4c5663acb6075a4fdb00c8b8a8d3322e1700a5b3e7db90b36c1a94991b8f51657121b442db6f890e208f312466778d73bfaa8cc0ead4edd0776155f3eddf9abb1bbfc0c94421adce83d7ee94f99f61e1f25a55fb596f8b40ccedbaa8e5e2cf629496f5ca60bc4cf36d917da4e2b973eb57869dddc409dd66d5061f22642743fe843defa0b19dfb2f56425abeb234181267b5c0d2ab4268c538510feb191bbcd1631b0af6c7451cd4c641025cd8bde2d9ab6e6b948f97c1ee6f35098d553e8e9da9b4d437125046864633f109d6a558b38b270a7dd1785d44d248a863a91e3db5c0a1d7ec133decb65e81c3402c98ee329f660a092172bf6b1a02491895394ebc506882805a6c93e767c0e58a5af717d950a206c0f0055cb39ed88816a9fe3613d15f608e486ac08bfa67d462d24e6a0a37716d3fbdaeb9c0e951c1e847fb884ebc1cfe707dc6e7269eed1c44331d5957bc4ac9dfeaed4b157204a3080fafb9df8917b8d15aff9c49cdc739b8fdc26a546794991c183fa523d14797e051894f48b0d62c2b70834467ff9c993b82fc1152c1f5479ec6144c7e8fb10d1bce26bd1cdbeec4e95ee073f3bcc3c7367328e30543d371b27509a577f5c79f14d5f687ce62b82f856695af9f7dd350543ec763de75b593f1859e44c2ac01ba65f98743cfddd8a89a38115badcb51a0ff5655f830c0122af6a830aec13ae5eb89a93755b3a5a6eca233f21cb12db545a24a5334becb8fa32c3d7f5805faeaaeea85a551fc62c94807faa6474c0d74cae79b5d8ddae07498fcc5b8b4f394867112ef5fad1c9da66765ecbc7fc!
0f3269d29c9c38817c77778f2c19b5a3c705fde9d76a4eb86aed4a7369a832ad267312903462397f7b8fecfa8b195cc2316cd53e48c3371ed2ecaa3e484b8ecd2e22b1aee910c51ed5d71198936266f5a00655d82c089f49295feda0a2bcc1a54ec8adf565acc3a8b2d74c30eafbbd843c59e67f293f6d8296cf7b611f01b57dafec6e2d4d411a633918068c38ef47b72ceff1fae772891141c3bc496824509d78165c1e4cd4b4989321a8722643eed69950dc120fa8da3e53c3181f252d7c4cd2cedf8f086f788ee77a98ab5b019828aa02108f49ea4a51f457f7adfd2220d3e59d5f4a29194e8f5eac40ff80312ff6888ff6393c3fc0914b08c1b9990d247ad80a441558db1ee1203e07353dd99a885a7ff5d791af2548815dde0ca1f56f89d39ef6b93dbcd0cd54b854173903c12649587433f0425fbcbddfb66ebce3eb4800dfddfe7fc44d9b23a3916b1db68c187da4dd13ff0157352814b1a792de7fff855761abc6fb7b93b48525fa90fbe3a51dea974069f3f5fdea86387eccee13f58a8eeb8abc6a43fd30e9788c3bd9ae1751b30a82d420225b2abdb1bc121b9073380be16107188d20be54f2e9c658d5b443869ea0e991c496104086290b6edcc1b656adf94f0d42458750fbd8d88040c518ebbb644f4dc4f7c6971d8d60eee0272df7b51a3d5248b4b264fb22195ad891fb6ac994ae5c0bc6714ae0b0b9a484edc576638b78ee89b568195a8f33ed8362128c30f9b0c7804b3ce1355abc96b15aa55c1e16a9e9ec90d1f580e7cb412a7e85d8585bfb950acd4de5865214ce4db7f6314d81784c588c1482d5f28c5fb62e7dd7aa8237ce9396ccde3a616754414cdf7b5a958c1eb7f25a48c2781b4e0dba220f8c350d7b02ece252b94f5e2e766189c4ac1a8e67f00acacead402316196a9b0a673e24a33f18b7cb6be4a066d33e1c93abd8252feb1c8d9cff134ac0c0861150a463264e316172d0b8e7d6043f2bbf71bf97fa7f9070ca3a21b93853ec55ab67a96db884c2113bea0822a70ea46f9ae5501eb55ec74eaa3179fa96d7842092d9e023844ed96f3c9fc35bbc8ee953d677c636fdd578fd5507719e0c55702fed2eaf4f32b35ec29a7a515bbc8bf61f9baf89a77aeb8bc6f247706c41d398cae5ec80b76abc3a5380001aea500eb31b10160139d5a8e8f1a976dd2dde5ce439a29dba24d370536a14bb87cf201e088e5e3397b3b61477c6a41e22a98af53cc34bc8c55f15d7924e7e32fed4d3c3ddc2ac8eb1dfc438218c08c6a6a8eea888b208f6092dd9f9df49e7ede8bf11051afd23b0b983a81bcc8d00f7d1f2b27cb04c03aeee59c7df23a17775ae5984eda788eb2015680ac5610fb1380b4e7d7a9cda6178dca98690449f5551b66ad2826cab2b662f56903fc95b4611bc86f7a834a34ddc3be7bf142c8baa096abaa3cd51a!
d0c0b6d15e590eab9e50a4c60c91061f1ed6373d91974c1ad9d263110a0d43fd8b596396cafc0ae70b7ac24a59bba090a6994ec483db7ed4c572f723670a11c724e8ffa2497d8fccae37eaa1d14ac1537eaf80efbd2e597b2ffac97f2bc3cd2c4017f170544dfbb0d9109478fddf06ec0981542bc8107a725be25070d2cab4716f4edfad75fddd582ebd363c49e8efaed9a76ee51f22304eebc232a4f67f865b04f610a628fdb317116666785fe8ca30619a07c83cc449855202d687f162b12d93b63af6e7ddfb7223d4ab998a5f450523c1d521ab76f4aa113cc2967e04a38dae07c51c2d0f44fdc8605c3c53ccee91a2c73dade5dae021cbc87d5cd6e5fbefb65335827311fe1e91921ecd66b2055a6102d7a976308a80c44e6d47a67718c84f2112d65486a558f1f269b91d9f47e3e11d09c0c748625bad2718e3674898abdb19d3644bcdc9317c09a3ac02f514b2a57e6a706362e5f6e8fb16cc83daea0eec85fdc8c367d84c9230730291440a4b109f7034d510a3f70a22dd4fa69e8b65e5fdf87045d560eec71f4e59531c7711d4f8917a96e22ad07346d2f92a13fb4569fa6a075da6e1acad1eac1cb2ef19ab452264de2357c927c6dfae6598cbc821eaf3b8da754ce91a96c702c95b2c308bf3a550cbf4d22d417745b5f17d36608feb826b862747c59d26a0e8eb96547a1852f9fbd095f1c5d20721804941d462f3ee2f0876ee2825c8df24c4f00f0844e50588ac688127013df8eba3c971362dd255420649245e880212cb3d732fb82f866dda090040f28e09cf1c86eea5dc4fbfc373eb69745b4afd841ca8e172d4a8510e7698345fd4cab9ec2ca0453a274720bb2d2e5468bf0d0f85919dd762fe3df969e6c071285e25c2e2a49659b8a78289aee655965bfa3cbca9b292a19a855ec40293185354ff4da9451ccf98abfda07f1137e79bc89d688963081dec641a99656b040637402890f185edb28e7e6a2f65848a6af158f90eea440aa6246a2e6c31f5d220b9846aae2027afe5a7caad6dc16b56463367cd9e73bf22a1d6172145de4565ee369c55e3b99ccbef70fb080a3748340fbe8f6b95ba46e8b76de5a3c4bedc37c55ae24ad02267da26769a3a732badac2e0f3a5393028dd54d78701647582cd04c8310e9f1ff1b433125229547130e1737a1f33604f0d670ea7221097c3eb9c7fa4b8293d7b429af76191ea8e481dc1da31344537a09b33404d782eda1d6f5775500c1d8efc615778baf0905d9fcba1806ef986c40b1c6a72335104376b58266c36f5939a8b95123e8635c0c95e80aaeb97379b1179d6332dc07539b595ec32eebd3a336a1128f3cf2e2924db6d8504a516b62f26d012b7f75cab765c8374a3824da5a405746023b51894649ab422d636513ee809fa181d5b6fbc63351e37a1b14efc8f739e86ca78ae3e280f1c!
9e4824b2976ec4dd308ede6171a7474c7f530128089bbd75e10f9e57ee17408b4384f99f886a5f63a2320a9b90eb9bf692e1fc449171eae3bb1bb17a6ed937ea57af3c82db84e073b5306683e1d63705b9742a085fb802cf5a1639818417fc2223f476c2566351f4b3b17a822e11255f3c3412dd39190e200727bcd3f9799519ef792ec7c2b0b9d0e2dccf013d436dee63483c2ce83c15c00a76c4d894a60cb90366ecf9e61221ee8bdaec66d715159876d8305b35c81f96ab2cd8f81f4769e9a6e439c08c329036f5d2591ac42f2747bc0e77d4e566358a3271819b6003b290211b9b847ab70e906aed9f86cc38aae27e1098fdc3bd5d84e66c45292183f198bc329cad794aa4e430534511b7d9a75104061b409676a16c1146af0a286e2de8bf51c4a35193581a902bd3224cb9257c961989042538092af92644a63d6d6f6872a29aceca39341ad29dd22354812c4b7c7068b039ac9ca7e6358e662a28be001d4aa697ace540cc3ed3c97b98d8c5a6fd3543ae9a7962c9229b14b0b646229807747064be3e83191cf24092dd67f675638d9f6510486379f47f5eeda870a3187946819ec9ed05e7b325bfd0eed5c9a0f4a2063d63c1a8a0a309f586c94d4a68bbe860ae9599ce204c92cf9d92cb460ff99cff9e5a8b3824786360e1e1861e71158395faeaebe7aa2f61f76190f174aab9a313f0bf4f1befbbb22768b8c22719cf3fa9ec908b576fa4bbc084b1ee5b5a7eddc89b58b45ae7b421d38215aa6e49304323eb4e202655f3c8b16ebd6b03058e75a907ee63fcf6aad5eb96c1e5faea81b88b5eee525c4663af52877c0f759432913b9d48030903e7f9f70e851cd4e20bc56aaf36cb02293d992b38b583b8f0b25a08c3303d8af5b1b37f5127f7021b13934645ef3020e5caadc5e7326ed4ff56f797e26cb986b6512b0cc76f1d8e7be44aaa88e12cbc644f14a7feb979d2ab66907063c51e052d0f8b25d827377fecc5111be0d365e08d17f559e3134cb9db294f1cac03150f4232f853ec15ecde55fd1023b58e83934869796400088e9177e85a2227ee45addd049c1d6b03e5b29dd570496fdb2fde7d8cc74fbb5fe76266ebd90a3b4d57e6e6cb9f0bbdb7ca03ae955915768011c714c909a27ee20135927af55d4feaf2c345d029a54af942da6f85f2103345d059f66864e6b0578111e2ddd5a1cd8bbf4ae35b60747b93f53ec8ec64c10cf4149909b102a2b88712ff3e5ba3611cf96585a6b36fffb64b8c37a114d6b16a53879136eb0b5e003a5a068e3e8422a4fc8d7c77227cce64ebafcde2437166b62ccf486660a7a2ef37012ebacca26ecd5bdf363feeb06aee39050974c25d6a564594c67f56fcf7ed48b07fab4e25ccffe002bbe460325abafe37f23dd9c145b4667f146a1635e462330f02470b35c5a2519f1350c02b263201ec902!
6cfc57d3659373910e878f2b6c1c5be774df8e01e775d476956c257bd0ccdec17ee939c46e5653d5813eda752ba7bbb245a99a5db1ae55d19692074c2e5820df97c502a4bd1b12929e1be8e9ce6d802347c3e9c4202de6046436c05ab55b2fcb2c227adade6c2046d98102cfd0d859a91f8104eb9f6f155da2acf93df2405bf2c083eafd3ec41d60b810e0bdef6298b21193642a9c0c646bc6771a5c61a25604d96bdb727abd5a7ebe4ddb2a56a6ddece26d8007b26043ad44279c3c8ffb7e6ffb3cd4e10ea2780f509a8a9bc31f99a7e66201195f1543a0a020f754d9a665a29a896faf673df6811379579891374c71b2234fc61e95d4d46f15d44bdb4d7c3b3be3f46410ca46827b8cca976d8866e8ca33c4945d5c87b705588b78015b529843af0b75a7e1e871fd276c1e947d896b92e6181ab7e3ccc7077bb57fe85a6958667d3d7a790f6cde1cebb494c2912478a0eca2bfaad62492e9f1caaa0cc520da08c0d2d910cd44255f4c2ca0646dc89e789a1cf9a28e2f99315d33accb1639cbaf0c94181b85fef648bb4cc7f66dc65b8e90bf5f3b763e58520098febfe7e47bddc2d9cdd5e40dbf4ddb8d51f51bde2e57432266d248d13ed09e62f66794d188f9861c50ec41f0eee30f76f4ece250956733ee97036098db41991a4a3eb7816196c8e447db3a2913bcd992174a7bde1f42d57c764b47f5bc09533760c1ba74943a0dca291f2746bc1fcc573f9a22c72a5eca347b1679683fbc8f32b08d381baf67b7266b14b3ba46a04a3ee45881ac452f64df1bf17f70f4cf9fa4dfed9ae70184679184784a0451d2f5c19c02031e0e4957b4df68b4a069a6f6f6458f6d773924a1841ba664a55c2c3187dd33416cd410e56e4bf8d3671cf737bf67df2a4cc4dcc786872b9e2dc4009fea0e48a749353ac053d80e36357d24d468dd595bc823017c015d7450fe38149370c5decf13b00b6b0e0a2567ac08b45f7b0c8a7c89d227219d051d17a706ccbea49a42035cb327381568eae23b5e2a3b7e8beef6f260d24ab224827ca8ee9d640dd23eee94ed02c9e26abb3053cbfaeadbb1f365a24d8769d92240da842e0b361524020b5c9c22a2fd8602dc9600aaf02b35344309f6bb018a94d4cbc9639ab7430657c4046f0b25df517e31626abeedd58c2e19aa0ae1a43ed2bacad91dc04a2fdf9cc33cc420f4f04379e95988ab36731d5d5402d89fb47e826f4243bb206124364d63564a0872f8d2826eebd9046c7c6f2e7c951e49d4b22a7eec89da1fbed890d63ef15f26422185143c89da3ee269f83e1de11a7467822146042be92295a585e3a09e720ec522e1cbdcb41acf5ac45ee892677ba3ff670d71339a76ed98237be252ae21268e756f05ba0b094a1803f9da84a8a05d0ec9456cf565e1b548cae95eafa0fb01f091935e6eff2413bcb15f605f152!
70408216fb5b41ed83dfa1454c522375e35bdefe54275f109d0ab450636ac4d8e4d9e27f2d81a15b8cc5e98549254a1c9162918db3e399118f5864774a9d6a2347e1315753071eb1204c8bf5f52b1a0da37e484ebbe545fdfe6b031215678c3b83a19a24d7b661f626beb01eb82b384f02f42bcad4f40addd48db8a92b90d2297e6143702056123286617f86fbef4fea940f648867d790b8f803abc5f4e0e3f4226954c296afd96e287e21b7243d05e743161810da578096521805edd81f68a45500f6a3a1885cb1f45cbd399dde024df65072eb973c827fca13eeaa3f140842016f509aa9ab4603d2457c92cc9aef24950697a0044e3d7c483b8d8391886cd50dff8c2f16de3d6caa7f864c1b3874750781b2b78b545a94b4da0b0036433c6561f5cfea50eae9f5645302eef18238473606e9b9931880d0f6368fa9970d1ffbe59c4454bf97f4a5e8091801b53ee4a209e0642d83605836f69742071aaebd9d813b10f4ccac03851ee9f20cd1351f8e68554c9bc5f58ad19d474ca128edbf561d195e52ddf3c19bee3bb597ac2f92143bafc98bc09fbda6d18dd4ff2a93cd2ba17f54f75c32d3f141468c2baef4e53b6a340286dc2599bf7bb002aa86688e26f5b51a6aaf32e48ffd539d4f3f4bbf0cde2d20138151c82384f9ff29a634ab4e0103d93340bb9a7b0caa108bc7fdc88d7de14abb17e9efdad2b0f304f0bfcbabaeb1b9db75959dbf54930e67aed3a9c8309aa90506b6b9ed4f1d06c4ced19746e206e1e9b8879663bf56bf6c5c920ac5e09e6579b780cb63e1875ef0a731b726864b7ae5705a2d6d343a4a213a05928b7337a59f900fd04472382610e2a8d25383c9ab5804d609e79a88d70eaef3ea22d3aa9100fa2a6e98e97684ade9fe90d6bfc59dc9dec3d3d8db8990bc2123ba92e64253235e9b4d682e8aa04e23fb9bb6248a77c065e93249de829bb2fc5ea9e396461090222816bb29bca37bf86698fb995f62c50110cf418bbe2078a56c5f1ec9fdf3d0b09a719ac253b5bcd00932ae058b86611aff51c8ca8448978615854b69b0216a6eb8050ce199fd9a13aa0fd652570a1b187f61e6831b3a960521c3705da8c5e6c64c7b196ed4a49c2912d77b670b177c6458a7a49ecc1ffd8c57c0978d2a05cd1f1c7ac9514dd14b7b0933a52cefd40b6452ca0903df1f55828025c7e18109a6e0f2ab25724cad2d6f57cb5d894a6a508134731e9b9c61254f64990941f4faf97394b634b91860cc6ec346aa666600d323c849ea4c4a0ef55acbc56495ca004f3fca42ff0ffb11b0e1164c95ab89bf1db3d4f575ff334d4e0d7d50e0c54c422eac5ef78c5a3be95f2e18872540fccfb597211ec79d9d47b6cf41e385b9c2e92122167fe584210f63bf919c620d
-MD = d7c901f0d92a868dced7e2659e90121108611dd7781325fc57e5c336c2279510
-
-[L = 28]
-
-Len = 16
-Msg = 3dd2
-MD = b7399529fe614af98f9ecd73e45790406883cb22e3bdcdf28fadd033
-
-Len = 104
-Msg = 3d232201038fe7d846ac1bd4c6
-MD = d0aee5482c509540a4ea4b902bf42fc8df3af6de42fb14e903d1b2e4
-
-Len = 352
-Msg = 44c98cfc71f82215dadf494d68d1d6b92bb4eb81fa0fbf945a659d9aa2c2302b5c93fd3eedba31e479e29d36
-MD = 56c22e6066cd4c4d6415c5a225257e7f888b317ba4e98eadb72b4be0
-
-Len = 504
-Msg = 02a5c7b1b749d6d49bed302d9439f23ab83020bd4d573906f4190e74216ad33aceab775f71cd31092bba5cfa42f0845bd16fc1b8bed6434dedc92f80b395aa
-MD = 33a84e66cf1ce6970c35807db25e05ca05809e53d4e34cda9bfc0045
-
-Len = 13976
-Msg = bd70deb2cafa75918308d703a6783fe9dc5e3d21de9bfeb6dbb1cd531ed5dafeec463a02abde302d4ae6ab3cdc2f0f94865e38339c88bde507ff71bbea6b30b9851cd8cf599e950b8c8e620c90adccba0033f934ca66ea0a936afdad575bb6235099beff1a632c9114a8045a0919fdc21083880eb05c0d8c489c7810aecef4a41766f67c37557e28a9db9a0d909c2b167ff7eba79693afd3ee3aeace38eb73a5a02a882cf89b123812cf2a0f6d5edd1d14362ce9c43257474def5cce3adbba8cb48e7af9a45e702a182dbf47e8869b3f99e953ba81628e502c60d4f8ffc551c31b3ad6ca85c52164839d5e9d493deee4d4b76604174bdb5655385d34ced2c1b09dd5a486e1f9ac501bc611f9d7aa5c748f496faecc14c6c18e1dfc6aee2991bd0207ea1701219955a751df43dbf66f57904675a0e9e6d7f9a0b8bb82a8f44951117ab2642d6671daf1e5d1639d48aff6a05781c2b5e8976653b0a164445872d393d30355acf0bb49bf2bed4265c9a3b786249afc7a438d706eadb6f90a7f93ad51bde6d2c8e6ff09dacb3dc67ba0d3030c54c8367e1e4280bb5903274191344610de61c3c770c6820a6cc9d826f7c743f88f13580ba23cfc00598fd733b5dd069bde7f10f2b8961c16b69761b0f308dd137f844a67f6054e065863f226141755b96645a291e3fa3fc853b2475fbe1d3b25ca22f4da4425dc95fc855e63d6699b311ebd5fec1c7753e6e81f747c808ec3f618f63eaeb1221075edff0532225c40ccadee304a8997c03920e7ce4e60e4df4d120611296786516dd4d9cdda2077ac52bce0fdf552e1ee89a0133f1f87a6f6f35f5c53958ed806465919a0a5fa42488bf29caf33a0dd469e13abae351d5c6fb1a800ee384da199c823c965d9d5457a3ef8292c4d9b142e3f1fb502da498eb44d95f8c85bcd6871bbdbf004bfdc09ab35758f5e8b6a0d0f366c3b255333c52c8fcd4ecb4536b5f6e72897649f3415443612d72c3436505249a344feeb04883f41f90ade40af119014b3c56fc108f1ab0a77087d9226665d416cd975e9e4605529c032e8926002a70924820c6c7e264a794b2a3beb63d69ae56e017294fad4d611cbd0d3847212a38f22d623eabe3b884a36464d8814286fff52c4dd366f6c2abfc2eb865e0dc9ec6e55ca9d81f1b8cc47e2629bb162e54655bf2a9e156ab0bafb4b8ce96858aeea6e6665607a3f268036f4890dad759486b15e3c9e791429ec8f11bae4ea7c490656fdb0551dcf0b0be017c08bc674bd97d9d701c3ac955e2941ba7d5f2ba122a6f0c1b164b1caf2d50df111fd4287e9e195d181f6f514d7dadbefdd4274edc234025b727680576046842a834b6ad89eccaff5c5209bb91d652357e3750d8bb0165572fb71d09fdfc60f6b1e5d868c67c0edead427e7aeb734e29b96e03ea174b6!
b1af523feacaf6bd745ceb1bdecec9251958b7f521182daddf62ff6c4f58977adeba81c616ff2e937ca4f16eb9c44e63f9e974709122083ae45524ff87d7a0cca33a90f09b660db0efeb393c61967de2564315827ef1cf42b71c0f822f471713c9d885a3c3281d7c95dbc96f1c6dde0af70ea11232b00a2d215ec8de8fcf84b6193b6ac9d46de660361aabed3371fa44a6f32107f3854262eac355f9ef98701f580b4649175cefc29950e7a0eec958f629999c4b0a98fd4bdaf5c0bd97c963b551f2220bd41ec00b8726836e949e818a49aa1ac5bf12c64fb9991111ce8be3e0cb9605f753dae1a4c84389416f17fb66cecba45d591b22d64e5a4edcde067a088d9ff7f5dbb9dbf324510000c55d50f480a640fb22da9b4862dd81080d61af9560b601edb5e3346263f5f193df97079a27e3f9876078b80ebdcdb17ca4c50aef0c8329c72a7f77584cd963e105eea9c28a2ad4e95c1d018e27d0e720ea59147f59ad796b80b6293da8a55ed47e8abdd37221db0a5eefff31688e2adc294654ab0fddf9c1ffafd4783f01eb539492cb35a77315d0ad19395f47b18298a7b353dcf5bab0b2f193ff73d99310478d2e5c4ff1c68a2493c138818edef73caec9977bd4eda6249c8933953e06d796b288f78b18c343ef561082fd03bf92b084afaaee741de3004abaf746350048294bc52450e31147173f2da13d6ffc5adc718e149f9df3702f414dd3ee88296ae8a0106b071b589e8696401da7993d58a9bf8e5bf417165498c96b4ff5fd2b45bbf88f551688425122a3737ca54b2992fdb4d60957a93097222c3cf4c45dabe18b9d6a69e6f27567d5adec489e4b6812c29a8fa52f1de642b7b0e749c16f54473ed5ca2fdf2199e885fed308fa62a3e0deb7e0b8e439e25b3e9f95d755fdcb7ebee9d73069dd57dd1cdc5145205882023b54f2c9dec6cced9e3f6d24e8cdbb8ef121b8f3eded574d81908e867af5ac82bfb8ed60848b4bfdc1d998bae3a9ca80c1c49601d11a40409c62b1536f01ca67
-MD = 60700d4ef068822d0fe6df450b4aa8e206b2790d6dcf973229a59889
-
-Len = 48824
-Msg = 5fd54472a44e4476d254c0940071ad42dc723354f76ba61f63fbb9df80d1ee56136f51b6982e66c1da83602fc08093506a9e2cf27cb92085ba5c627dd63f59f8850e91a1d86cb1d4ca38ad03160f3c584b128d9b21e935570e086d3815307ab8df396cfa0c100bf6cbfc0fd7a8258fa1a656bc178e02cfdc868540d8e5ad39dd46794a8bdc205e710555ee7421ca7475a4f3232e6a0cd55d4b5d4525f0bd7eb1e455931aeea6918b9fceb2a32706d31a6d7028a85e102f228417e2e7db68317ae155af70eda98c8dc1ecc32a62e294d92855354c1114c5735a3c81e551b63a81650107557f3237bf953989d17c65a0fafd2bb1e32c237f98f55389e8f8b0810e97e201914c487a68403c6d621a98ddc515780435564245d87ce462b8785def699f7f06ebfdf33dd1ed7dd5a3e781348298c7950a387bff7d1878731d7ac66ad9a6607f2c3a3b6843c2852a5e882a8d78ae9dce2a79d595cdf09626dfa6f1dba7d40ed21caa29e304e7dbd559a89bd1f07d84165dc259ef112dc6e2c5a3e82b1c50106983f6c4965c85073c5deddbe6323003d56abb0df590f69010981ab3407e43eeaa29c6156995c492c931fff1b686eda3741a0bfb9094747d1620b2580415d431ffd6c02245f6cb03e39f87e82834dcea59355b2ba663ce145d2514e15e2b2c60cf518ff510c6c3e2f16d2dc523832762ed8352a320462ddd4d6fe755350672038163d996b44ed3b85d64989291bdf39398cb996de785b9614ec5d4bd73efcfa37fd4470b17d6240b8e4c715759286b04c3d7d791e2689927c9f18320ff2e6bc7306c805e23a5de66eced5f1a630cb43dd46db515f837f6b824b99b86c10b6df7fcf22d97be05284edf0e0be597b3f9c63556db031339f79ac9e6c5f8a1cefdbb4b30f5bcd23c2a4dcf791cbfdd6460284c5af0621ab7c5571e40a87c87be459c85ec81d746930dea24f43bb11d6611ea83409d3bf4f987778d8eed1d5b246a2112ef78ef0252f9ae464810c13f02359441d289958b4766807d9a3be0054897d35b01830deec1151f9e3d42f92b80f4aeedd65c78c6e98afc562a3bcf6d72f238c6e94a38f2288ac7929a7a61c92875c1f115c0ed8d261a727f0794f17ceaa3dabc717478f6ce7f2e8b295f000241e154b4575bfac8483f6b62f9ef4e18f7d341a65faad5e2fc1ddaf2b09adebc155ff09e63d5aa5f95206e66c7f4ef2ae3aaf3ea7c93589efa8c552df8d203e0ea181c1703d7023b56e603f33b4adb9bf44f7af290d8081210f327a6c9b0785709346087fd090c42d2b8b2711b9a1a5173eb5e246320ee27867ad6c3eadc4407bada44561a12cf5d53bf0448308bb536a8a525eabc1410c3a34becee25fd6fda453251ec229b53751f2280e142c6b331daa659ab655b78cfb08bf18e40bb02b7f1650eb2dd4ba1707f!
0aafa219f21c29521581ce249e2e34f5656b0a04c00485079b040e13cbc038bb9f17f47cb8f908591b26bdc28538d8baffe4cc39b17d2ecffbb9698bc2b8b31b08424034c051b535e0cfdf07b7a0a54781e33ba739759991aeb72c0ed992cbe76eb8ec0ab12c182e8b049cbadd6e82e314f1bf15fef5ae95dc86bd64b8556766f8ff62c33492198e454e5ca59ea856d8e095c04da8045522abac865506096ee1cfa1082af08ca09b3533878ea3580b6c0c57a615e0ab768246b3eda96bb6caa01a2648068e21959f843d853e948588e8c0bfda364ef1f9fbd3235c27916562eb0214891eb55ae0e059f4bf7d1838b5942656c27899dec6d67b823a981d1e1e0aaff5323b0e3d69a7dddf9b12d7787ab763a3c7a2697ac65b655aefc4bae7e6444850ad2540d5193b378682c77a4dbf9aa22e517e68cedfd1ba32e3730ecaa2e3f6ae61a4f427d6e69071dd62a9bf6c860980c9d23ce1fa82a1937e6dc1ce3a2de096b680d23d89ee102912ac0bd769c1c02095678dbb00b4430428797cfb966b2f901480811e1b9cde358b6d499c9e93f0961f050465d7b0c70d4961e75a9fe40a24e36eaad27238231dae6d0a17f446c16bce7348e669be563649eba9f23be29adb8b10f462780a066ae573f74e51215a26097b02469c25180890e06acc53ab063c742e08d51359b0a39749b84b9f6be44f3ae3da8e5a2f340a8607d4eed08877d007928d332d6f49502bb5f416c46d866fc87477c58a22d3c5932a8d6298c1151daa032c84ad92f8f90b8053b5aa6f690d1bf682f314471cbf200f3d30959e07adc6488dd17b0be5279e727f3237b8b4b19b31a220dfe63882937f8d5ead677608c42a57217f2239614c521d94559290e3b0ed8055d5474e96564224f6ca6389b40a71337da11e1c307dead8e4eb43252cc2f1c49addb18781cf20acffd3db693b02e5c8ecc949b51b99005529e0149a13390615f5df6e0bcd68e1ca82b0173d25134dbf76dfe92daa085d3f6b1e4d18217df41b70c4c40101884c2886495f2ef8a473bf23cb47ab6533c93cb38c36c6dcf6837f1272fc91a6962b6e1386fb643e1f1d71fc75ab58d5800bf4081217cdce0c7ae9e3d25de543fc4444314f32067eeb147c08c55c5c8158ed11729837547f28a300eccc312260215f50e98c4e3d4170208a50a4a4def1243538f906df8476b0c46d3449be73866d463d422595300e160840daf8c906ae4aac13a64457853b0ea6d8c32f4efe3b48c0b1450250086d459648b0ab14fd3f341a4a803be77e56a811e7a26827eb0a1a9454f90bc6ece665904adaa3cdeb2c4847858fd1d79750e8cd45d8da9163784b8bd06629410502debfed5eca3cf8fef0fa6bdcef6efaaf35a1986d6fd68e0f436dca9442077a4818ebda4606a94a3c93fda46e7ef5ccfef656896a0d3d93566b02ed8c3f6!
174417cdcb99a415b0c6e9816d94e64b438c295b4bfd69e0d9ad52911de5509971b7370593160629b641d690eb2828bf363857983e3b9098fcd15e66448f786f196685d2ceaa251b17ad06dacd614d9fa78ce0a8b9c1c360b529d0bc1d17ba0b70ea8ac1b8d67f6e5770f0cbaee0b38109d26b09493060dc851f5fef121e83e30aab9c3efc2b8397e8362aefea1708f7ffa14d3656f7f7610f3a629bce14648a593250c6f309c02c6c552bb42984ac58db920dbc7d98f59295f37f3e9b99da55ef074ed65801b390366669b4c7aa1c483ffd23082793f9e5cbe30c34250f63fa3ea2cd097593dc67e8d27b7e4f07e73a9f7b33a5ef6962df1381a038d4f58fdbca9d71ccf640b917f631b75d4a2e8ba46c64a6223f99cee30f47c1a935dccc7f054fc39d3498c824e10cc3ee337e781a3971f0e98295aca611bde701c2359858914248f6bafc88232bbc27bd85883b00990bba7862fd7a7cbd4c86df049071fcd10d686613ec877758d83927cacc530bed9a596b5b21c6fb748c379d676de7e05719a867c9f934b5dad99ed97dcb4e70a9b6542ed5b2f086d9f56fc9752e788785ef8f7837a31e433438cf2f18f58be37fe8412f6d21a5c35000a5efb862926700079413f76ab2c3e79e20b516eba9d8c29897097bee55157936607cabaac41337ea4cc783c0809c875259f8020e16d5045fcc39ac796d11a82f25fcc9579bf0a010200f5745065175fdc15474ed514cc796672c59637c3c8f236cfc9c0978a3db1194680c58c27746090d76ca09f7c48ee4ee7e1d3cf0ea70dbbbd88e30e8814b57404dfd7c33727a0c84cb7bd468b0bcb3c89b526679c00fb0892d2a5e7a3d73698a3db53fd7d78460cdcf24ed22b5f39b8c00b3506541ae4a5b76fae29c1cd5b0f8c3ce142e0af7ae4efe3fa4c438a604bf4a9abb41e3fef1b9227a7dccc3f4d6026ca289b4b1366d9ed546abbbbd5677c8d582e79e2b544f18dc23809ab753313d84dd10fa3ed2f723f0b46277b8877d4f3e0665e88c50caf0f0708b746b736b00c8c83a7d18500384bd035996aebb7da8f09fd6af9b76fde7fbfc0ee854d7ec02950e76abd23ffb27a6ddf1772465016c79b98a61bd3940547b207b6507e32cb9761a5604f0f546834a8edac7ae06910045de218d761a4accea886188f947b57bd876491709028e2e24b075d6b022b51af1880ca16a8c65b7c69e51b2ad580ee058acc0606f0a3a9ea1cd4342bf4be602e941dc4bef1239bb9bccbc8098a6a17d63186c6fa75ec44b6e4fd38a3fe49c5eb995f0cb884e2f3ed6be02515fa605b98453ad935682c3bac6a2971bb68f4094cefeeaceda92dec803ccd3d346f8b40b48f8f489e118a17367801e85c79e9b3bb5d73ac44a8290cdbf83a154f2f125090d42e1a1cb72f5ebbd42da46c7a4d4b9fad9612a4c800de6467ceb74f!
831e1395dfbf5799a3429ba34754add4b34b5960a5fee8f752dae78450322a1ab3d7102b77e907fc1eec5355991e0c7d6c0866660e5436248edeb1a37c0e769a0764cfbb6354332d6e55103b9235c84eedaff918af3f0213c435c32ab409a4b5c7eed8ab6ca9e313dba459bcfa3ee92e7d669be0526856ac3c06a57fbecbba553a9cb4655a901d98af02b74098e478076655d325bd7639d73d7ae00c62fdc361a997ea4ff5b0eba33096b12f35cc7cc0eea62950b912b47c11b9fb386a47c4c15c0602d304b2541da889cff299a1fd415e7e25c70ee4cd83feea7e6a9c50c75d9b128458513d61ec5d0299ef8c090472fe0850f384938ed44d36f10cc2c1d31daee3f946a2fa18f9982a988fd6ac973b1569313ce3c8ff5746c4dd85a241f1e9dca0e904c091832ca028533a3e34c184edcc510bf22a27f530bdca3d057928a96f72dafc73a9aa6dbf2552598e468735cc5736c67a620e9455483e9cb2108045ad80569582ea93a53b491e528c8df336fb326ad74317bc1dfb8ec30a73af01a5dff3e437b7fe48ba5dbb3e8f01ae0c6fc28675a415f23a796bb6e0ef0efeb4b14cf20d4ad88ad1966da43a76b454dac8687bdd97b89b8f8eede91eb34ca4a0523ea65736ae39341fb32b9b716f25662a37382c16f3b9c346c84f03bef54acd6efb364c6401b07b3f7679e8e7f8c9b77b75e6e98b90f4df88460f1978d19744eecccb743a999aaedd00b5a94018e9d5a56bac9d5d55f6e93bad52e84aa7340cbbf98d56213d9dd3e1970867e3972dc98e61b3cff40b64ec49463ff79a41c82dbbcaa37a82b761f432849aa83a3d3c9a209e2207b87ae9ed9959ffced165fcb0d8873668c3cd8f18ba0f92f7acd2bf50416c22ce11692bf6132eb9f558dc789cf9776da94e48cf48607f19d9a11d5df4db11dbaa67a1d20e9f0c96f5956ee3f906e371c489efc88b0c1e56d881e7bf8dd5d6742622eb873e253dbe54f2e2e6d0e6136941de8c23e9a632727bb5f88c23170316c7aa0df28d8d07589dd6022828834f7ea9b4e5876a1704944aa3186dbf89e0e81767cfba03bfb38c55a9945209c4dfd88272c49d1745dce5ceb40f0a6713b5139dc2fb87a8a4888406d2610b7b910a9e5782ef0df719028d8e50a40a269dc9bee12157038522d06537bb31fc87d21af9ad4b2e7e127bbdb313e0a116010f65126cedadd4a122d15a71cbcccc346f55100e354b997154567fe3caccd50251d137c58fc3a2048dd5883b6af9248b51040c01a80c051b8a151a8878edf0304b5554746d6116b749221a1d0082ac925e6e140f0c3b6a180742ac8a50ce0e93e6399102f151d7c14000369ff52d0b537fdd51bec99e7271b1255c6fbc36d83408c417f6825a8e2a58b9054ab2c3ead69d97ea9947fec32d720653c123ecf51a9a3f0ed88743e3fb7b94aea59d0bf0219!
ee50825ef220554312cb907edb90e4d85f29e316ad57d3b90d859391fcfc63e6c0fd3ec27d4e1efd6e0b5ca8165cbd6af25ed8792d805f27fce308ca1d51335ed5d727558dafe05486a6f9149b8d3bc022026656714222830be582889e6800c0b170e48ebfd069e711210e4ac7acf07652a6f5051507de68aeffc9540cab5cdac84ceee46059ec23820c04b127266c0bf8df0d2b856be3377ab42592f495980baeddbeed3ba707a85dba64fe36941eefa8fd37204ec8c18df3852febd2b142b1c9a5cd0f9e424cd408ceb7788270899fd793db99ddb8f9ca8df550c513790d8bad37a1d1f4a62c4527bb64c677462c9b093582decea70c7bbe873095536728e7ce05d5cafb5d166a1f03055e918f787fb244c5857e3d7a1009bd37f30f165564a082c1510ed19bb1633811a76da70dac67641c2478c6b335f409ef54a2d0f370c9510d0aabae3cb998bd023778375cbf9cf5ef125afd584c11efbf40bb51839aacd3016e5e4d79f134245f952dbad617c78cb6f5712bd9c0c7e1303db5029640cf9b56e29329c3e6a9e0a2371aac1a437b9b1c4477ec9842aa80eaa22c5eac11b60c661de6ddbb088e844293ab8589c13d938765bbaa44301e4137148dd0257bd4c8c766c5d3bfe53671e9417cd1b52f622870ffd90f4e17b7a4ae1b5601a2edb032e353bca652fb565beea6fb0b2cdcadac71794c662677fb1dc81d116d94f5eced526b37c004b95284cb6aa2ac415754a1f14882595dcf4d3f1d905c6e8c12cf5a9d23d3ab55bdaf9f17d2f03f933e1bab89040753648c426b072b73aee8c2fc0d1c03fce2c656e20d4c96803fb2ef471b912267eecb4d6f342d3513894b94d77767823fe0c7438e51f21bcf16f0e98b94b23a10760271281cf843989824f7061bf834f93fd8d2090f70e939700dcb4d8964a19da39a9601a7e0ed9f55f567fc7d5682d55a9ba0e68861756bb549f2f17c10ff6bd2042a80477f89743d3d762f1dfaf230bb502eab6f4c46b26135ff3bef5faa179bdfbd288e3cadd3d88d8012706e19b7fcc6e9cc2699d3ba0e624e715599480d6b7dbc6eeea0d12a9236444b17285fc7794040dd40c2b2ef175f7f3641664fc9bb7ea6d7eb3489d504f8013d64a23aebcb5ce233405f5ade067dffff253f27e926431ad806703e8fab23656e0b7431916d8d4c72a7d831e3664e5f30839c76c8167b76f3b2dc75a6ef48df515e06ea54ca51de2fd9c5eeabb1610b7eef06a2f3167859cf82e1a5b76be8ed8beee2bba28c3b15af6890d7a37226834ec9f63306a0da11aff918753d8b83fe7220803c070db98195d6d18357233f5504a6e3bd6f30115d3987f93aa5d89aa0b8b577d1fed94da057a6f088233efc0f44f86798896eae9ad0b20c8c9cdd9d72a3f02213f6797800894b864cb44fed009440fa5b0197023929f9bad16f052cc!
2d87327788a68b9209f46fb4776b092d75713048b5453ccd699d19cafa8e9a93fdab0f0863711916efe3bd81ee71b8e0221e12e9ffe2f6ee1a4dc1a8de6e593480f3c05b3691e916a4a7ca51971eb2f0f693dd10f6b8468f8cf7bcce285938b5a0a76ef86acfa2990f88bdafdc39a065db17b845028ed2b7a9e331c44217de20440e406868f1eca818d0be20248c2948b8f4cb118b2e456e585949139270f57c54715f3297bf714aa7c5f72ed8ddf6a074703ffbf95e45bc81a02c42822c22d2b718f2de5e03d687a4b18d605ef5ae75f9d43c8cb4e77aaa0c0101d978120f29574b22f52783c667f7daab3e1f9cfacf2e68e94a24918e3fe2c4f061deeb64891b5217fe5908e7f389897751839982b7fb736fbfb1232684e93123611b7fc8fbeb74f8815b5ae13240051920f3b6ed34483ff673c467ed7f0a8fbf619796e485affbed0697415d2d0598ba34d5b9e44ffd12a5edc323883a2e28efe9baf860324f2d2016748503eac1888213926b0e0f0335a4b51820a2bd3b42d982ec6ce307b453b6385aed7a735a1e98479394147c40f01c532926e10e1b26a5b395bc150ec4b4daf5b1436bd0baa225583ffc9d9e9d8a354f60fded37b41c7c051daea04e689ab2d4e24d7d07c75c50ccfd6a527e024d1632246c6f40f06b86ffec0b29cf894b665d53d459226b93422d37a8da23587fe884dc3c0f2fb55dea296a9a5b9a0d101f186d9fa6288c912202547cdf958569d2cbf235740eed38d10b0025dbb6de31058e98780d22149c19d4bcaf06dd7353fd91cd1f47e47f45622e1472542be2f63f463d253617eafd4f2ad609f9020884905dd5c22fba53ccc619104b6c0203a7f6c8c26fc80ff6fceb8c0c51600c2e46b4b872e6d597511524545a76cb42278b519d911e6c1320e01682c551e204ccdf91290c52e0836167a5685cbb1af338eb794c10fac92950f3f7956acf28f1ca984e380bcff9876b0c71dc7ce4011d1d0f955da9ca885c6e7bb74c6194dadb0fb9146dd725c8a9574aaf3824b727c9be3fce59c35850b162c17d3013689fca858a0a51d81cf4f30d6a8705bbfe35ff03c34cc7c56aca32140d72c8e8121fc71353596b777b266d75b322c9a97fd2c5d4e2362f19c99de66da7bd9c495c03d9a15b28431a0c051e786fa80f5503a72519e6b419263d72d553d688349c0cf30918eba0622b953a0efce4415c29515c26ba15f00e548ef108afe3f8194aeb965e5e4be94f10df6c45ea5c133a8c3398d09fb80f950b83c1866a1637d2bcc195e05cc32a9233b244cc2b1d4930e66f032cb1163c37b3e58b576ab76de759569797fa9b8bb4fad66aaaa56f09c7a0ce4641d6799d7bb47cf684990ec1e08871458c211a353ccf1285e7429c7b8520180918f7
-MD = 85747c796a910421ecb364b4b4f0e68b49e9217944f6586eac4993ec
-
-[L = 20]
-
-Len = 16
-Msg = 8a61
-MD = 60bdeabf39efdf21ba9c0f94af6552d2ffe699e1
-
-Len = 104
-Msg = 37487aa02b03bdbc6bc62e7e26
-MD = f146072f92dc4a551721a10bf0b01564cc2b43df
-
-Len = 352
-Msg = 6ecd002568bae3bf1873993041bfa292eb94e9ad092d8eb3585be82e8a20cb36a47a06e7a57d301268a4a533
-MD = b0a2d6033cf1d8ff120a605b745d736ee4aa06d2
-
-Len = 504
-Msg = f6dc1d2f6b8e126d99939664693d8709513f97d730074ec2794e536d94ede79c81f2b2ecbff3c2c26ca2d181ada2c60050997f3bb087ce48d956c18dedb227
-MD = 395dd2989edc854746e384f339f0808c515747be
-
-Len = 13976
-Msg = 07a6372c863c7d7c6764e4f05addbbe161762735dfd2d23bf268e2d603cd28de9c369ac379390473e1d3fa7e37af1178cca54fa0f782dfbe68070952b93462ea46c640d43ffe71f5fba42df98f4c48ada0d8aca8753e0731508bc15dff283178ae5c10a6ff132eca5dde63a78d3ac94685152897828eb25a55fdf140fd33fd4e7b03f283e201a1baae8986d25603fb0b2566aab345fb48031d648144dddc2e3556c0ceb1104f348d96ae7dc0152e45c625d21b46e70c31f250c858aec4ab2cf5e79d8c79b0854e0abf5330b9f044113d306161968f4ad6f0973160c9dc296056d5a11523ea2b56fbce8387070fccc639ec1c65ec663b9dc49aa880dc4ddd3020c9d44ff7e8cab6266e436af19b4ecb82010a0f8f9469ef380034a02e3f50051a6a3f233dcfe9d553459dc1bebc538ae0183448c9405c351271dea808d908480e61e9793cca111b4cfb9874b799626a1bd9a0f6e0929ad51b97ad81b2438f5fc255db3a3dfec9f0d8393c6b245b03d3faeb58021db3ad391b17a91174a66db4feef1b4c889699bcbea7928f4d29be2d47f76455c8cb1dc7da9cda41962a28ad8cd7b39965b809e7c7eca1c6792c1ce1c8a4cad6290170e91fcc49fa5ff64ab433b4aa081c8da2d9bbb072f9f18ca455469b946c877e3006b34ffd2219335b30ba2e0980f43cebfb629d0b11fe70dff28883ca012c6ae4855fcefea20a08e189eaeed7eb36ed6db3835976f4e60053205805727c5eec15d0e9f155637a9e66268b9c1c302bcaae6ae88cbb8cf1668a487cc996c4662c4a4e195f094cb31c717165e0e13718f8388957dfe0bf69c70cd0bd763dc38c530b67b9c12244fcab8bd13f602de848a2937699f9ef77944e5f22e3b470601789e1838fbea9359c733aaee2c7082b02ee459b7684ef9bbc200da4b62d368351f5520a65ffa506dc9b097117bb7ae88d04d85fb525e91327689ec0fe86971480c0e864012b1e9f044c7d80a4e48c07320dd4292086e4c71d4c98dd826a9bfced112bfa2beb1ce85cad204451ec45703931bf637d4fe89fe8f485620b7f4b21e011a232ade7a8c92be77925e878ae0bea9723749528fe83cf89ecb9616dae6ca0e8d5754ec6c92abb21108c2f33cdc18c6887c430b72c5b193356494cddccc577bd4c2cd53188f352846edff0c2ac7869cb74bb16a77c0f0f194a7a9477ae15abb890bd0bcfeb0c39381a87f1d05319c7e971c10e9ef687f96450b400e25b4285032892b849fd5db8649cedfb03c88defea063ee144a1ab1f3bf05f59c7db364dc39c11a446c3ce16307d78d50315ba29f5bb9a57438564c8c7b3e367cd37d74b2375a4966f47489dc5448f4979428abd32193d3840aa983d3020a9f29d760fc7493ab2576c90b1934b799c1d0d55e4f2caa78f4ce61930c79dc017c2dea0c5085d73a3b0!
e4a6f341e9a5061a6658af11e5edf95bdad915ac3619969e39bee15788a8de667f92f4efc84f35082d52d562aa74e12cc7f22d3425b58f5056d74afcf162cd44e65b9ee510ff91af094c3d2d42c3b088536d62a98f1c689edcf3ea3fc228d711c109d76ae83d82d6a34dcfbad563cf3726519b519fd48b51741aa86720836494b7a589c778927047a25d73508adaa401e9a6c0767a675e31c5556cbe35fadc9671359b45e985c3c8af84113989b299ae4474b85e4b5d4b0578ab1e8a2915a8df97c4f52a639fe32272cb91bbfb721505dec46d51383cb8973425a714245c2e37d0577fbe0d66381d9239db1f08a380cf609dc699698e0fada2caeda44d58d766c4f8214b10642b80b8d7d8add7cc41d47108ab7d07dab71069a2d982cc900b331caec317942122158bac6eac9175c2dcba0c04443aa9188832b553f5ca8c336880824d6bc02486a2b4c086665d276aafe3b1b93729829adca50c44466fd5b5cb977aa78fbcf5c0f0da1b09216468a11493ffb39efdeda5d669ae92bee2f2fb250aa1b9cbb11c36c7a6c6dd26cdc3cfd572ffd8c1dd72a13c27a327a34c6b6b3d80fc6c67c72152eec0c8ecbdc1bd5cb829b811e7f29af6d786f4e93dd4c96fdda295a6aa258d7b2fcf291c2d68e0b1866032475964ec0c6f2fa8c2d6a3936ecb187350def4e818507bf157c0e9b33406be7660605af14cccc9c799b4e051d0d0899e53495bb8931a6e2984bc6dbe4e02ec8b4642fc2f1cb5fd5a5520b48cfcb49e1f9533838753554dd98b6a1b8a67409279df477330e5f37367e06247ca5c3ffefd00e693dcc0c9c30754121c9ee88a574915b9e77c104fd2f921c2c096573951407ba9b440423d76bdc6fc978237a6e302cede7f99038ec31500884775556941f1edc30e3a417b0e02cb6fb5bfbe5cdfacf4006411287bedc565fb06f1be987416407dc852254934df4ab59edce476f3506e65be6ce6ddf91038642291fb8e92ba5b1f0b105670905a2c14796110bac6f52455b430a47b8eff61
-MD = 1adccf11e5b7ce2a3ddf71e920138c8647ad699c
-
-Len = 48824
-Msg = cd8490c93613bdf1f284b94b330f6d6f45a39c651d2a160b340e2eb696fc6d1c35e88872845190d141c669de92a97daa5433b1d7b0b899fdef2ce74b8fe72a7296a5b5be26d1dc86520367c730c7400c2fa06f91ab4c48a7bf4ae35a5b9acd5296c4fdf7451b0ad9cc439b4e34f11e5d7ef2bdda376f8dd34d6f092b219dc085dd4c4a6308b8808f588eedbbc7af7f64e83182fc7ca7cf4741a341060a7969d31445834c982fa8739ded4555108acbea1666a83da17f77cc42ee73323eb53203e3b790f81c08e94c44678b6538096ab7b09916e6cf7ceb2af85987f8e4d982dff1ab59b0bdccaae1f405a73366b5c5935dd0b43e2d2894290ceb66a0246dc02de728c5bba30255fb56ce8107c3144246c5156a8fe40ada9126adf67227fa56b66c37be63f532516211ca012977b04a97916f201f1baa2629eda520b51508ab4229df2ceedce406dece0110e0a911464f69e7be38fb91deba0addcdb3161d2799c628f5a57fa1dc37357c947681bd9c36f4832c20ac466c0c245de3b250c33282ea1a02d007f03b34ed427631283eb614db4d521f555136e7e42b4cfbee8134c63dbe3bb79b5a8b9f9f5b9f5ac61cfab1c54d197f1e3ba613f251eed616df952d691b88a16466343ef2d0f63882ddd2d55b8a6786308b2257f5d7b38af166bd7f1339d2d8899c9eda8fa86215850ba547450c267eb3c9147d96c38161a69d1584e521ffa23384313a1debcd37f72ddad02adb3cadce7ee34b7c1f42a15d0d030487daf9488aa7562845a11ee7ffccdb38b300935caa31f78a4ff3dd93403cf0c6a16ca611b58c736aafd33d6dc56f0f47878211d26f6ab801b9453a7f74b44593dae0f047ddbbf2c902891111729edec44f69a05944b18e7a601f41ad24fd6833da3dbe3029bd390de7c9841b2ee2b079b2bd2737518fe1bbec88da64769dc36e4a8bf716c219b2fe059d7dd220c1ed2c59878db5bf8b198e0689edee921ebc0cd2d3853fcf57c363050ce58071c5fda6ebcfbc1bb62e9eb956286291a108bdd4191c4ff47900d6068e1ea26b487649af119b9bb15dfed804836f2196cbe12d8fc86e3d7ce89b52ad49dc9ddbce5b370f73f512bedd853039366612453733740586d1372143b09f21dd4dbe1a2bfc308db8e4098c5e4b0c1e16141ee50e85fafefc4e2529b3c7252af37aee6f86e19df28871686107d7d57dcc812bc077602642d2ecefdd5f694b8f336913210793e4068da2178600b1f41cffb5221c9b4b6298afb47e85701d7b1a44241679d8996f916c81ff437261cfc358b9ec42a2ce16ca3bacb8690d6c1d91cfb3e0bf1e7ba45bd01606df856fd03c7e946f7ab371a89e1fde86d05fdd97bd7b1c583b04c2ed2b5f6815a460645e4e1b4e950bf6bd81dd0352d1048df85266f1696534aff5b1cbc17f15d82cc8e0c0!
d4f0453f9439094f8e0f7f4bc045b654d9a2f1f44a9c57019f63ecc41021c05b5380675cb56ea8bb691d79ee204d2c4edacde3c1fb3f4996a11d84b035f965e74009e2ab80e2c7ea3c84a834d4971a1e9cf423e4ea67ee526eb3c3e4c2d7372c4290a0741e1fcca5ae4cf36705abe98ac81e98a5419baefcaf3093a7e0449ef1021f88ffb7ad21b2677e41cdda12025b06542c4b2564f15e0b99db43b7c7020028bd829372122cd910227cb07c53cb58fd9dc620c0491f3e2bf883fe6ee8cb1f5b73767977d857e4513e8b5612f6ae4b56014e6a3ad2a065b65472212e2f611743484cfaef860999d1dc5608c58412fab888ad72bb87dd9b55b692f31e252daf8944ec5c02a5a9c23903c50dbd845f2fcc3bc9806af13ca7b025cabe675195b1d56f3fe7d7bca12530bcc0af217efcb03a218bdb6f9726536ea902c8303b02e3ced22be59753588b5f0e2f3419fa5345a942dbcdf3010465384a225ba26cdd0f1d74999c69f336bb6d01fae5cf81cbb8c1a7a29c1eb83ca6b51113bde56b8cfb6a5d72557622a37f039d090a689accd02b57c691174338de8e05bb3620c079705c969c58e56b079dc9eb44eb0fcebe548f5a31f4072a5ed56a2f03107bf40a359b2601eddf53cade66f294cfeaa40a0d94b9c90d15f61852f295d3911f8ea914d015885c8c64540a83badf0021a416c3e37b78236a2ecd1fce4114033416bdd3a36c18ec13250ee9c74c0fc4dd564b3d24a825802d5ae402a53bacace115ae3bbb329be79d1e5e42dbaf0a6446431145fe49b86a8703c7c41f8985d54f12e314c16ff89351d8addf66ebba2783f2d1a11965182aa0b0dd2de53586c5a695c6265c2b173958da648611090557bdebf11a1e042f089fe98e049f4796c60d26be38356fe020d9ace9008410d53a1bb7db78b52ee44bac364213f5c59f1eac4e3314f3423b92fdd7a6156608111ac6ddf58385ec1f3df12061208db98816ac948d803fad10d5ece2018c60faa13de5e5a9033745c824932e53f4122a39f635813545c1b74732cd55642f19ed6deca1585ebf7242c849bde981572a2199066e9c912b2068c8f1c8b936c43ae95c6e22bd7b80dfea05f495d751107da5928e806d0af905c87b5a0795df146af6580d8f9c6a0e2645686d43822ce9b4be0bd5937c097917e048b5af71c7e7521d490f107e9231ee5bd9fbf0727ba87774ed24cd52f471ffb71849ebd55605996515bdcfe95bb1df3541e7c42da4166dd01ec3597634aa6455d15fe14af435e8d7a55ff1682d55a2da867ae63d11fb3fd987fa5d7032ecefc35d3fb9570940e779e13da18070e6df5292f97f2a281f9598101102c955fe4808a2319c85fdef3d55b19e05bb8c2d3da64bafb67a53491513a24f6f0804aa162c8a7db25b38089373fecc45a0eaef65dd9be3b4b7f9436a5423fdcdb5a9b!
60138fc6a2261225390d9ae0d8ab7f0f7ffff69dca06881d33a637d634358abebb333df41151f239add91abaafc89070cb2159ce3a31655c22e4696c9fa7a7211d1251d4bb21ea4a321a3dbebc29d97f526251e40e548dcd7ed07587719a266f006179dcd22e50b3705152817057b097b043ad63b8d867edc20aea9b4c959ef4ff70f47128cfcc21e31f17978ecacc366f459ac1cc459a3976e4173ca322675f84f18036119ec2f204c3fb554a0b72f7e9d8c882ab147b3d280ca9dff7b9160b1b437b901f03cbc05fe05c6f44824b48aa8da52ae7dda1653fd500f9ccd221843cf76513b3b74d094f14d93a00d7cb954bc4cf2f04f9a35e38edcb1e84f62057647dcb3571f1dd296ca1e049f1746a8a282e85138500e7649db756b2d2ad88f11c471c89dc6be2cd43481013b8d0ae83da2b855cea7be424f8b2325b1850d1fdef03e765458df4513d57c72ba9751e1edc3c4e7f97e3202bb46eec7be89871ba3704aa6c6fc08851e551a3f655fa1fb798d12f003faf31c56b6df399a5dd0ed29ef9e4139dbc254bc5d6051840a859eabaaad56324588fae881fd638d2b70fb3813402df61d941ab495588e5fc3823249bf9a03cf877902394f512de118edaf98843a5445e9073fcfa409df3db0221f1c77e2dd21e74f9e10c9e180dc4ed17010eb949c6d67a22bd5337b2c68f9eccdec778ece728e91353696b742c8f5a3a569f054efb8c1ed478ee9b75e26c768a5816aa6bd08a4c72e745fdb5deb34ecb86b3a84346c1c70f9c16fc45bc0421f0da2f630912d5079f390cc53b78e343310de722b53d2a3b4aa386caa0d7e91986e19c3363426ba30eb5284293af81d00158a3f5233327b40c3b989725ba7dd5b31ac7abf8d3e0b737e843065cd7316dc2f374a00bed4cf9caa0d6e232c854df1bc24c3d484bc6bcb14ec770d5745474dc6ac3b3ddbffc551c9fcc2c56a5e0ae17948457c01e701bf1554022bc2b7d9dd42b2b91172fd85e6874d2d61fc7b3bb3cee2a9bfec09f6d7e98279c6f511f4140b116c856c1438e34bca59fdca2409f025b896a52d68719bf93e82e7d89bbf798991fda0af8d06d17f39eba4bca09c1fe594b537ad4c9b94ab52c895539d639425f9146b24b016368a638e5bba391bc8763cae7c52ff9c496884f1d84e5e08ed451358ecb3c4919dd410e82cac35ae744078287c05c89b42999ea6b8b127d40d53a5722d45139e8bc507a11e7add7fa9ab12cc40afeec008a4668e3e6440f27bb5780936c0e3668ac51262390c79b3f21fd041cf36ba3522f3a552714ff188bfd554c60d0e7d11213cf7d3864a5175d4047c2f3284741f18ec22995a5b82bf62190151bc1529c6d9927f9b0c1dacebd9c2dc406f7f64a973f9a70cff6e3abeebeb46514bbf2ead382f7262d46bd43d88c1b91a9011d1f8ba81fa536a7162aee2b2!
ec6fc0f2d6efc87b98d2e41e0f946969da659c21053775ece415a34d42b6cfd5bc52259867b411dfb991461ca618052309ca9c96468c2da12dfab0e822ff3bbe7ba281982a239ac19c47024fe1f0e3550cf0975add1f680a9dac9b2c4ab0aed4f409ddda6765eb8a0a9d1e9d07458c69ac8195541219b18efcd06c0001f2ae7fee2d404666a18ca3cb3aa4f0623e86c5b1229f6c2ca28d951111294b91edc52730b6b2c46e000672a7c89b2f38045bd3e37dbb8a75e18687a514dcf740c87a34834d3c3cc8aadf6166ec0c42d2be92f90a3af49633ff23cd80848ceb57ac550eaf9ae496bdc6a2d7cf50fe107895b4a1ed014f78af24eccd6a07420f1dc0df1e7c44b4ba937dd43cab9c798371b148325578d61931766af02b45054bdc2d9fcab2f4b49092f6fff7c27886820739d6140a4a905f0020249e8ae8dd87da1a1e7b1851eb01045aaa72dc8a2bf68055e7aed41d85336648a3405195d2ab61b0e29a770461f32fd05e14c17d72c5252f026a7b9abe7ea9176d3c46f6ed9fb716758d97b41e4f5d81a24538f763d83eecafafc668422612b40cfc32b3354b24755fbe400a2bfed494fe6d0ba0051713b776e67e2f1915e94708e6dc74b398f2f526933aad8fe7dc32faf40022606aebb6e0756b994c3176fae7640ee06d6c67bd54764c4752f1bf831f43e0227cba101174c5554ce26400f333dd8e9f6db1cdf670ce407d7d06c3aef4c0724b62edc8f1ba3e04f0e394d15a73b9255abb4d6ac70303dcf9160d32dc02d4804219ed5c7e3b48402e58ab2f58305f9bb95d2a8759947de96328ed5234cfe7d0b2a9a014df7e4cd0ae48906315f139b8635d2e6bd4aba32e62b8906cdfe5622c411bf0373d0cb07d17bb2bb5b83eae4401c243605fd1df759fd0ddc704ccab5a9776c40fbf6bde0f11b9646c699f26063a9550ac228c9884c277bcadcc0a2c225dc203e28e253c4e464b23d2529d09c7b7dd3c984667372472b615645f294c4e3b0797f9d1c234015b78502d98bfc04f1fa2f16cf3e7221d5794d035e4b172a4d84e679cb1c82df2fb49d3c6668eb1661bed56705096c2371a19d668832808eedd9e5b1256c18fe7ccc494e5e29145d453c553ec86fb7f3a634d0d45661875f2f1005ba5e734c1a976f37cd23450e4606e32d027bc9ec2edd9395e14b2082179bd7b4f9b8caa2d00a2de71d48553f7d4153cb56a1b08f11925e4b11c9281744ae9171f3d6faa3ab3f88c5c34fd23e4f6efeceafdcbc07686ef56efa62c0ad62f1cdcb4d3b5bc508c1f05263bc347158fa5495828f34eb7fcde98fefaa82bafeefed3f4a58968d751c051b52e0047f066de5be533bc3b1e439ab1c8602f6c67503803c8fa113737cb8279f358dbacdf45432b7a654d0e1122cca93420e956661d7275181c75b0d9c20e84c7007dfc49f27bc00007cf4ff!
a631c892981fd70141d532fcd51de5c23fe0b7a186d0dc296362f235d61698740cc315891cc9342da17843bcde274c17e462263d0e8b4832dd9075a7bbb443d4b26b41e534ad5551ed5ada102175e695363fb48d6b99ac978a3aa6f405d87f983384ce35740e930491d75675337c5dc081e3d301228e61bde5cc169968e5b4350cca2b085f9f75cc4b88497a78cd0a0073d90246c7dc102c7cbf3516498e8a41aa85d8cc5bc285ff66e8338e85ca83fb6889e2bccff52059bb9e92e92c155a349952680ffd0a3c346061a53fdf074417fc90c4d1af7c2acc3ee4b080752cbc9455ba5931b7e910f1e4af0efce905d2cc9c685923ead387fa532c0e8ad92719c76c281cd010e1acce500ae1443838b8afb48af032069dd07aa4df0d56bcb70a64592633699c8658102f1fbca441325e27f1732a7a973d8cb3a0684d72943ef6f1892f2d7ccf39bb6dfe5801ab98653bdbcfbb787bf125253be2624f6cf44177d588bd7b780d9e3f4e3a4e50b8a253fa21abce6a94b9073289c76773b46140f5a6e46b9de9ec066c176f5d1a69f380e1901216617363362d13ebb26ad74fb008ec08841550ff14ca800a1ecf2e007ebaad9f4e0d9664448d60ac0d8544243129fb81c1723b9b4bc2ee971dff736d9fcde0afbfbf5c50a4cc06a4c363998326c17bdc9e2508651dedd9a2a52bd87f8693cfcff60753acf9716c526e8635f12377e36564ae55d0fdb3c7997ec4dbdaa5b4d18c7b660acd95060831795da7d299a5a8d8cf9e92537dbd3ef7f56aebe38fa97c41da6bf0572a0270be7e5a7dcc0be3529339464c811052b65a938e874ea6da469c7d8992ce0aff1c75e82d1621ecb967213c65f2de582cb41de3804c507ddfc708ef3f6096ba4491e431160f98de806d0f334e03cfb7a3bece601099bd971253f3aa0df845da8b478603d5d88533d0cab9c89f2dd9a1404cf8939ffdda652a94093865a85fce2bc3d7babcff7b9f3306bd76b9af80c78ad518f89ee73b7a710da604e72f4927be8d65d06be2e0732fa786a83e27597cfbed9bf98df445499e0746b9f2cb9659ac0a9cef433148521f33b1d78d13c8441c0d1e20fd93ac450a3787a2292bcbd68cd1f961d34937be9a21abaf26f361bf53aa0c095e53c51f3e04d567eabe6e40d96a17c2bcc9230b18f7e079bc549a314b4ae21d30a3341aa205bc75c7f1d21b0a49549c300faeda243d0ce18da5e66c5b663cd705005dd9fea0a9564174abb797d64c58fdab1fae44576d514b75eaa31c9278b15bf9b6df7c6c2873d7a56fb91ab77b83761a09f9e1ddae535622fb87f7462256a60dd39dd3ceb6690b0272920b635ea639daf24f95462c523e5bbd8d8407c61163ab38877d5edfa04c2a78d4d240523ba97c7d01c71783f8748e85164b4dd08c25506a4ed18300b42b7bc6e417f512ae456ceec2ffc!
83190991a06d4a58ede215babcd3688e1d61f1975016244e80c88ae2aec05c7eeb1c50caca72b3b415b6b870bf5e10bd1ac3ba6b4acb1d1afac554444d94c97e171005fa4ea9c651bb4e527ff58d0c2f90fb453a92d6546a26e9e98395b09e8471bdcf2a145aacb649708cf048a7856ce8cf390c107ff2c66efbf2a76c5b041860ea576103cd8c6b25e50eca9ff6a2fa88083fe9ac0d1fb639c516b9bcdf23c34c6145a705498ff9b9747f15e1c08c63da6efeda4eca02c3f00dfec06c82220c9de840040118dde76be788daf84e6a2f44c81fe6defcc474f99c51c4648d297cbc48f081e0809dbda505d020cbe865e430e0491644ec8c52bd3ab8ce8c4862990f49fe2588caf804ce9500ef42d5a50c057c257168e283e4a4aedbe4ccfaf3eeffb212f9e23d15434d60bf4f455f512e2b655aff3225d1b217c261110cec0400f54dd303d6231d028c2eb649bccc91d30a6391c88bff9d447c3cf35a3467be5957e0ea4d4dc237c9f2c68ce48f658f820a3d72d559b60f233ce538c92cb148808e34fedf2d648c21e7f2ea29a77270c393bda42d869351d6c085d965dc12cbfd0311b8bf604f4391d378781eea3b5f1e0da9d0d8f8de88e56fe47d362cd46f591d3ec0f7cccb85a21f21ddcd4107821ce0ca9ddf99dfdfd9b0c9cd45053e5b1b4385bd8f5b227ada31b5c23e9420014474e8b4494fde7c38edfe70994d97b8cbdfac588df49a49c472fcce78cccc051f31cbbc1e0422878d8d490f3aee28adf1587c38fb7e7d1be54abeaa83cf54b633803a5e669ff4295df8735231ce39631616bd05e0e31117c722c2fd6787003b0bc7fe422a089c89329544e085d71102c1813769450a9f66f160d1702cdb17bd2c6fdf0f722762d193ce83623eeffab17b01b10a31db6e2feb6eb3abdbb2e36320e1a56e44e48d26090afa7f65003a98cbfef590ac3ec89b3eb230557cf6aa566e841806aa2767b21bb26fe001f11ae039e0c9a4bf1bf3d271960f16158eb5bd9ebf0080abd8369d512cab2d1aaae2b14d0ff6ee705a38fb0c801a98b0624cc138fc24834fdf430f33e1760db913da3290f34415c9e3df3e97da1780545ab68ac5a24db89f24d62f4a399728e4144a8c89f47ac2d29e30c49b0bcf790a5e3d3fcd1943c6a28f37251d9dd827a69579e6c17b629c927473b5a07b0a29d9562708d6c8ce576109ad1a3473ffb2047eb069beeec24c114bef392c929038c92abd0e6a19b610e27881361824d57008b7373d0ab76379570ded76c9b8284fe2c247791073c29b2fc6fca05019220ab92856892d3c0dcc6da0b597fe559c162d060d71513ebca050d9638164b9ae271fba5575ade787ec5aee8fc253d1b234b1df561db3e36ac64b9b0100dd6b407043537b2b141f
-MD = 2cbc07b9b9c819b8fd38d8a614a8a9c3fa7e40ee
Modified: trunk/crypto/openssl/test/Uss.cnf
===================================================================
--- trunk/crypto/openssl/test/Uss.cnf 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/test/Uss.cnf 2015-07-21 23:23:45 UTC (rev 7118)
@@ -7,11 +7,11 @@
####################################################################
[ req ]
-default_bits = 1024
+default_bits = 2048
default_keyfile = keySS.pem
distinguished_name = req_distinguished_name
encrypt_rsa_key = no
-default_md = md2
+default_md = sha256
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
Copied: trunk/crypto/openssl/test/asn1test.c (from rev 7117, vendor-crypto/openssl/dist/test/asn1test.c)
===================================================================
--- trunk/crypto/openssl/test/asn1test.c (rev 0)
+++ trunk/crypto/openssl/test/asn1test.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,21 @@
+#include <openssl/x509.h>
+#include <openssl/asn1_mac.h>
+
+typedef struct X {
+ STACK_OF(X509_EXTENSION) *ext;
+} X;
+
+/* This isn't meant to run particularly, it's just to test type checking */
+int main(int argc, char **argv)
+{
+ X *x = NULL;
+ unsigned char **pp = NULL;
+
+ M_ASN1_I2D_vars(x);
+ M_ASN1_I2D_len_SEQUENCE_opt_type(X509_EXTENSION, x->ext,
+ i2d_X509_EXTENSION);
+ M_ASN1_I2D_seq_total();
+ M_ASN1_I2D_put_SEQUENCE_opt_type(X509_EXTENSION, x->ext,
+ i2d_X509_EXTENSION);
+ M_ASN1_I2D_finish();
+}
Copied: trunk/crypto/openssl/test/bctest.com (from rev 7117, vendor-crypto/openssl/dist/test/bctest.com)
===================================================================
--- trunk/crypto/openssl/test/bctest.com (rev 0)
+++ trunk/crypto/openssl/test/bctest.com 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,152 @@
+$!
+$! Check operation of "bc".
+$!
+$! 2010-04-05 SMS. New. Based (loosely) on "bctest".
+$!
+$!
+$ tmp_file_name = "tmp.bctest"
+$ failure = ""
+$!
+$! Basic command test.
+$!
+$ on warning then goto bc_fail
+$ bc
+$ on error then exit
+$!
+$! Test for SunOS 5.[78] bc bug.
+$!
+$ if (failure .eqs. "")
+$ then
+$!
+$ define /user_mode sys$output 'tmp_file_name'
+$ bc
+obase=16
+ibase=16
+a=AD88C418F31B3FC712D0425001D522B3AE9134FF3A98C13C1FCC1682211195406C1A6C66C6A\
+CEEC1A0EC16950233F77F1C2F2363D56DD71A36C57E0B2511FC4BA8F22D261FE2E9356D99AF57\
+10F3817C0E05BF79C423C3F66FDF321BE8D3F18F625D91B670931C1EF25F28E489BDA1C5422D1\
+C3F6F7A1AD21585746ECC4F10A14A778AF56F08898E965E9909E965E0CB6F85B514150C644759\
+3BE731877B16EA07B552088FF2EA728AC5E0FF3A23EB939304519AB8B60F2C33D6BA0945B66F0\
+4FC3CADF855448B24A9D7640BCF473E
+b=DCE91E7D120B983EA9A104B5A96D634DD644C37657B1C7860B45E6838999B3DCE5A555583C6\
+9209E41F413422954175A06E67FFEF6746DD652F0F48AEFECC3D8CAC13523BDAAD3F5AF4212BD\
+8B3CD64126E1A82E190228020C05B91C8B141F1110086FC2A4C6ED631EBA129D04BB9A19FC53D\
+3ED0E2017D60A68775B75481449
+(a/b)*b + (a%b) - a
+$ status = $status
+$ output_expected = "0"
+$ gosub check_output
+$ if (output .ne. 1)
+$ then
+$ failure = "SunOStest"
+$ else
+$ delete 'f$parse( tmp_file_name)'
+$ endif
+$ endif
+$!
+$! Test for SCO bc bug.
+$!
+$ if (failure .eqs. "")
+$ then
+$!
+$ define /user_mode sys$output 'tmp_file_name'
+$ bc
+obase=16
+ibase=16
+-FFDD63BA1A4648F0D804F8A1C66C53F0D2110590E8A3907EC73B4AEC6F15AC177F176F2274D2\
+9DC8022EA0D7DD3ABE9746D2D46DD3EA5B5F6F69DF12877E0AC5E7F5ADFACEE54573F5D256A06\
+11B5D2BC24947724E22AE4EC3FB0C39D9B4694A01AFE5E43B4D99FB9812A0E4A5773D8B254117\
+1239157EC6E3D8D50199 * -FFDD63BA1A4648F0D804F8A1C66C53F0D2110590E8A3907EC73B4\
+AEC6F15AC177F176F2274D29DC8022EA0D7DD3ABE9746D2D46DD3EA5B5F6F69DF12877E0AC5E7\
+F5ADFACEE54573F5D256A0611B5D2BC24947724E22AE4EC3FB0C39D9B4694A01AFE5E43B4D99F\
+B9812A0E4A5773D8B2541171239157EC6E3D8D50199 - FFBACC221682DA464B6D7F123482522\
+02EDAEDCA38C3B69E9B7BBCD6165A9CD8716C4903417F23C09A85B851961F92C217258CEEB866\
+85EFCC5DD131853A02C07A873B8E2AF2E40C6D5ED598CD0E8F35AD49F3C3A17FDB7653E4E2DC4\
+A8D23CC34686EE4AD01F7407A7CD74429AC6D36DBF0CB6A3E302D0E5BDFCD048A3B90C1BE5AA8\
+E16C3D5884F9136B43FF7BB443764153D4AEC176C681B078F4CC53D6EB6AB76285537DDEE7C18\
+8C72441B52EDBDDBC77E02D34E513F2AABF92F44109CAFE8242BD0ECBAC5604A94B02EA44D43C\
+04E9476E6FBC48043916BFA1485C6093603600273C9C33F13114D78064AE42F3DC466C7DA543D\
+89C8D71
+AD534AFBED2FA39EE9F40E20FCF9E2C861024DB98DDCBA1CD118C49CA55EEBC20D6BA51B2271C\
+928B693D6A73F67FEB1B4571448588B46194617D25D910C6A9A130CC963155CF34079CB218A44\
+8A1F57E276D92A33386DDCA3D241DB78C8974ABD71DD05B0FA555709C9910D745185E6FE108E3\
+37F1907D0C56F8BFBF52B9704 % -E557905B56B13441574CAFCE2BD257A750B1A8B2C88D0E36\
+E18EF7C38DAC80D3948E17ED63AFF3B3467866E3B89D09A81B3D16B52F6A3C7134D3C6F5123E9\
+F617E3145BBFBE9AFD0D6E437EA4FF6F04BC67C4F1458B4F0F47B64 - 1C2BBBB19B74E86FD32\
+9E8DB6A8C3B1B9986D57ED5419C2E855F7D5469E35E76334BB42F4C43E3F3A31B9697C171DAC4\
+D97935A7E1A14AD209D6CF811F55C6DB83AA9E6DFECFCD6669DED7171EE22A40C6181615CAF3F\
+5296964
+$ status = $status
+$ output_expected = "0\0"
+$ gosub check_output
+$ if (output .ne. 1)
+$ then
+$ failure = "SCOtest"
+$ else
+$ delete 'f$parse( tmp_file_name)'
+$ endif
+$ endif
+$!
+$! Test for working 'print' command.
+$!
+$ if (failure .eqs. "")
+$ then
+$!
+$ define /user_mode sys$output 'tmp_file_name'
+$ bc
+print "OK"
+$ status = $status
+$ output_expected = "OK"
+$ gosub check_output
+$ if (output .ne. 1)
+$ then
+$ failure = "printtest"
+$ else
+$ delete 'f$parse( tmp_file_name)'
+$ endif
+$ endif
+$!
+$ if (failure .nes. "")
+$ then
+$ write sys$output -
+ "No working bc found. Consider installing GNU bc."
+$ exit %X00030000 ! %DCL-W-NORMAL
+$ endif
+$!
+$ exit
+$!
+$!
+$! Complete "bc" command failure.
+$!
+$ bc_fail:
+$ write sys$output -
+ "No ""bc"" program/symbol found. Consider installing GNU bc."
+$ exit %X00030000 ! %DCL-W-NORMAL
+$!
+$!
+$! Output check subroutine.
+$!
+$ check_output:
+$ eof = 0
+$ line_nr = 0
+$ open /read tmp_file 'tmp_file_name'
+$ c_o_loop:
+$ read /error = error_read tmp_file line
+$ goto ok_read
+$ error_read:
+$ eof = 1
+$ ok_read:
+$ line_expected = f$element( line_nr, "\", output_expected)
+$ line_nr = line_nr+ 1
+$ if ((line_expected .nes. "\") .and. (.not. eof) .and. -
+ (line_expected .eqs. line)) then goto c_o_loop
+$!
+$ if ((line_expected .eqs. "\") .and. eof)
+$ then
+$ output = 1
+$ else
+$ output = 0
+$ endif
+$ close tmp_file
+$ return
+$!
Copied: trunk/crypto/openssl/test/bntest.com (from rev 7117, vendor-crypto/openssl/dist/test/bntest.com)
===================================================================
--- trunk/crypto/openssl/test/bntest.com (rev 0)
+++ trunk/crypto/openssl/test/bntest.com 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,76 @@
+$!
+$! Analyze bntest output file.
+$!
+$! Exit status = 1 (success) if all tests passed,
+$! 0 (warning) if any test failed.
+$!
+$! 2011-02-20 SMS. Added code to skip "#" comments in the input file.
+$!
+$! 2010-04-05 SMS. New. Based (loosely) on perl code in bntest-vms.sh.
+$!
+$! Expect data like:
+$! test test_name1
+$! 0
+$! [...]
+$! test test_name2
+$! 0
+$! [...]
+$! [...]
+$!
+$! Some tests have no following "0" lines.
+$!
+$ result_file_name = f$edit( p1, "TRIM")
+$ if (result_file_name .eqs. "")
+$ then
+$ result_file_name = "bntest-vms.out"
+$ endif
+$!
+$ fail = 0
+$ passed = 0
+$ tests = 0
+$!
+$ on control_c then goto tidy
+$ on error then goto tidy
+$!
+$ open /read result_file 'result_file_name'
+$!
+$ read_loop:
+$ read /end = read_loop_end /error = tidy result_file line
+$ t1 = f$element( 0, " ", line)
+$!
+$! Skip "#" comment lines.
+$ if (f$extract( 0, 1, f$edit( line, "TRIM")) .eqs. "#") then -
+ goto read_loop
+$!
+$ if (t1 .eqs. "test")
+$ then
+$ passed = passed+ 1
+$ tests = tests+ 1
+$ fail = 1
+$ t2 = f$extract( 5, 1000, line)
+$ write sys$output "verify ''t2'"
+$ else
+$ if (t1 .nes. "0")
+$ then
+$ write sys$output "Failed! bc: ''line'"
+$ passed = passed- fail
+$ fail = 0
+$ endif
+$ endif
+$ goto read_loop
+$ read_loop_end:
+$ write sys$output "''passed'/''tests' tests passed"
+$!
+$ tidy:
+$ if f$trnlnm( "result_file", "LNM$PROCESS_TABLE", , "SUPERVISOR", , "CONFINE")
+$ then
+$ close result_file
+$ endif
+$!
+$ if ((tests .gt. 0) .and. (tests .eq. passed))
+$ then
+$ exit 1
+$ else
+$ exit 0
+$ endif
+$!
Copied: trunk/crypto/openssl/test/clean_test.com (from rev 7117, vendor-crypto/openssl/dist/test/clean_test.com)
===================================================================
--- trunk/crypto/openssl/test/clean_test.com (rev 0)
+++ trunk/crypto/openssl/test/clean_test.com 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,35 @@
+$!
+$! Delete various test results files.
+$!
+$ def_orig = f$environment( "default")
+$ proc = f$environment( "procedure")
+$ proc_dev_dir = f$parse( "A.;", proc) - "A.;"
+$!
+$ on control_c then goto tidy
+$ on error then goto tidy
+$!
+$ set default 'proc_dev_dir'
+$!
+$ files := *.cms;*, *.srl;*, *.ss;*, -
+ cms.err;*, cms.out;*, newreq.pem;*, -
+ p.txt-zlib-cipher;*, -
+ smtst.txt;*, testkey.pem;*, testreq.pem;*, -
+ test_*.err;*, test_*.out;*, -
+ .rnd;*
+$!
+$ delim = ","
+$ i = 0
+$ loop:
+$ file = f$edit( f$element( i, delim, files), "trim")
+$ if (file .eqs. delim) then goto loop_end
+$ if (f$search( file) .nes. "") then -
+ delete 'p1' 'file'
+$ i = i+ 1
+$ goto loop
+$ loop_end:
+$!
+$ tidy:
+$
+$ if (f$type( def_orig) .nes. "") then -
+ set default 'def_orig'
+$!
Modified: trunk/crypto/openssl/test/cms-test.pl
===================================================================
--- trunk/crypto/openssl/test/cms-test.pl 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/test/cms-test.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -54,9 +54,13 @@
# OpenSSL PKCS#7 and CMS implementations.
my $ossl_path;
-my $redir = " 2>cms.err 1>cms.out";
+my $redir = " 2> cms.err > cms.out";
+# Make VMS work
+if ( $^O eq "VMS" && -f "OSSLX:openssl.exe" ) {
+ $ossl_path = "pipe mcr OSSLX:openssl";
+}
# Make MSYS work
-if ( $^O eq "MSWin32" && -f "../apps/openssl.exe" ) {
+elsif ( $^O eq "MSWin32" && -f "../apps/openssl.exe" ) {
$ossl_path = "cmd /c ..\\apps\\openssl";
}
elsif ( -f "../apps/openssl$ENV{EXE_EXT}" ) {
@@ -84,79 +88,79 @@
[
"signed content DER format, RSA key",
- "-sign -in smcont.txt -outform DER -nodetach"
+ "-sign -in smcont.txt -outform \"DER\" -nodetach"
. " -certfile $smdir/smroot.pem"
. " -signer $smdir/smrsa1.pem -out test.cms",
- "-verify -in test.cms -inform DER "
- . " -CAfile $smdir/smroot.pem -out smtst.txt"
+ "-verify -in test.cms -inform \"DER\" "
+ . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
],
[
"signed detached content DER format, RSA key",
- "-sign -in smcont.txt -outform DER"
+ "-sign -in smcont.txt -outform \"DER\""
. " -signer $smdir/smrsa1.pem -out test.cms",
- "-verify -in test.cms -inform DER "
- . " -CAfile $smdir/smroot.pem -out smtst.txt -content smcont.txt"
+ "-verify -in test.cms -inform \"DER\" "
+ . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt -content smcont.txt"
],
[
"signed content test streaming BER format, RSA",
- "-sign -in smcont.txt -outform DER -nodetach"
+ "-sign -in smcont.txt -outform \"DER\" -nodetach"
. " -stream -signer $smdir/smrsa1.pem -out test.cms",
- "-verify -in test.cms -inform DER "
- . " -CAfile $smdir/smroot.pem -out smtst.txt"
+ "-verify -in test.cms -inform \"DER\" "
+ . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
],
[
"signed content DER format, DSA key",
- "-sign -in smcont.txt -outform DER -nodetach"
+ "-sign -in smcont.txt -outform \"DER\" -nodetach"
. " -signer $smdir/smdsa1.pem -out test.cms",
- "-verify -in test.cms -inform DER "
- . " -CAfile $smdir/smroot.pem -out smtst.txt"
+ "-verify -in test.cms -inform \"DER\" "
+ . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
],
[
"signed detached content DER format, DSA key",
- "-sign -in smcont.txt -outform DER"
+ "-sign -in smcont.txt -outform \"DER\""
. " -signer $smdir/smdsa1.pem -out test.cms",
- "-verify -in test.cms -inform DER "
- . " -CAfile $smdir/smroot.pem -out smtst.txt -content smcont.txt"
+ "-verify -in test.cms -inform \"DER\" "
+ . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt -content smcont.txt"
],
[
"signed detached content DER format, add RSA signer",
- "-resign -inform DER -in test.cms -outform DER"
+ "-resign -inform \"DER\" -in test.cms -outform \"DER\""
. " -signer $smdir/smrsa1.pem -out test2.cms",
- "-verify -in test2.cms -inform DER "
- . " -CAfile $smdir/smroot.pem -out smtst.txt -content smcont.txt"
+ "-verify -in test2.cms -inform \"DER\" "
+ . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt -content smcont.txt"
],
[
"signed content test streaming BER format, DSA key",
- "-sign -in smcont.txt -outform DER -nodetach"
+ "-sign -in smcont.txt -outform \"DER\" -nodetach"
. " -stream -signer $smdir/smdsa1.pem -out test.cms",
- "-verify -in test.cms -inform DER "
- . " -CAfile $smdir/smroot.pem -out smtst.txt"
+ "-verify -in test.cms -inform \"DER\" "
+ . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
],
[
"signed content test streaming BER format, 2 DSA and 2 RSA keys",
- "-sign -in smcont.txt -outform DER -nodetach"
+ "-sign -in smcont.txt -outform \"DER\" -nodetach"
. " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem"
. " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem"
. " -stream -out test.cms",
- "-verify -in test.cms -inform DER "
- . " -CAfile $smdir/smroot.pem -out smtst.txt"
+ "-verify -in test.cms -inform \"DER\" "
+ . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
],
[
"signed content test streaming BER format, 2 DSA and 2 RSA keys, no attributes",
- "-sign -in smcont.txt -outform DER -noattr -nodetach"
+ "-sign -in smcont.txt -outform \"DER\" -noattr -nodetach"
. " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem"
. " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem"
. " -stream -out test.cms",
- "-verify -in test.cms -inform DER "
- . " -CAfile $smdir/smroot.pem -out smtst.txt"
+ "-verify -in test.cms -inform \"DER\" "
+ . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
],
[
@@ -165,7 +169,7 @@
. " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem"
. " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem"
. " -stream -out test.cms",
- "-verify -in test.cms " . " -CAfile $smdir/smroot.pem -out smtst.txt"
+ "-verify -in test.cms " . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
],
[
@@ -174,7 +178,7 @@
. " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem"
. " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem"
. " -stream -out test.cms",
- "-verify -in test.cms " . " -CAfile $smdir/smroot.pem -out smtst.txt"
+ "-verify -in test.cms " . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
],
[
@@ -215,12 +219,12 @@
[
"signed content test streaming BER format, 2 DSA and 2 RSA keys, keyid",
- "-sign -in smcont.txt -outform DER -nodetach -keyid"
+ "-sign -in smcont.txt -outform \"DER\" -nodetach -keyid"
. " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem"
. " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem"
. " -stream -out test.cms",
- "-verify -in test.cms -inform DER "
- . " -CAfile $smdir/smroot.pem -out smtst.txt"
+ "-verify -in test.cms -inform \"DER\" "
+ . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
],
[
@@ -230,7 +234,7 @@
. " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem"
. " -stream -out test.cms",
"-verify -in test.cms -inform PEM "
- . " -CAfile $smdir/smroot.pem -out smtst.txt"
+ . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
],
[
@@ -239,7 +243,7 @@
. " -receipt_request_to test\@openssl.org -receipt_request_all"
. " -out test.cms",
"-verify -in test.cms "
- . " -CAfile $smdir/smroot.pem -out smtst.txt"
+ . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
],
[
@@ -248,7 +252,7 @@
. " -signer $smdir/smrsa2.pem"
. " -out test2.cms",
"-verify_receipt test2.cms -in test.cms"
- . " -CAfile $smdir/smroot.pem"
+ . " \"-CAfile\" $smdir/smroot.pem"
],
[
@@ -289,28 +293,28 @@
[
"encrypted content test streaming PEM format, 128 bit RC2 key",
- "-EncryptedData_encrypt -in smcont.txt -outform PEM"
+ "\"-EncryptedData_encrypt\" -in smcont.txt -outform PEM"
. " -rc2 -secretkey 000102030405060708090A0B0C0D0E0F"
. " -stream -out test.cms",
- "-EncryptedData_decrypt -in test.cms -inform PEM "
+ "\"-EncryptedData_decrypt\" -in test.cms -inform PEM "
. " -secretkey 000102030405060708090A0B0C0D0E0F -out smtst.txt"
],
[
"encrypted content test streaming PEM format, 40 bit RC2 key",
- "-EncryptedData_encrypt -in smcont.txt -outform PEM"
+ "\"-EncryptedData_encrypt\" -in smcont.txt -outform PEM"
. " -rc2 -secretkey 0001020304"
. " -stream -out test.cms",
- "-EncryptedData_decrypt -in test.cms -inform PEM "
+ "\"-EncryptedData_decrypt\" -in test.cms -inform PEM "
. " -secretkey 0001020304 -out smtst.txt"
],
[
"encrypted content test streaming PEM format, triple DES key",
- "-EncryptedData_encrypt -in smcont.txt -outform PEM"
+ "\"-EncryptedData_encrypt\" -in smcont.txt -outform PEM"
. " -des3 -secretkey 000102030405060708090A0B0C0D0E0F1011121314151617"
. " -stream -out test.cms",
- "-EncryptedData_decrypt -in test.cms -inform PEM "
+ "\"-EncryptedData_decrypt\" -in test.cms -inform PEM "
. " -secretkey 000102030405060708090A0B0C0D0E0F1011121314151617"
. " -out smtst.txt"
],
@@ -317,10 +321,10 @@
[
"encrypted content test streaming PEM format, 128 bit AES key",
- "-EncryptedData_encrypt -in smcont.txt -outform PEM"
+ "\"-EncryptedData_encrypt\" -in smcont.txt -outform PEM"
. " -aes128 -secretkey 000102030405060708090A0B0C0D0E0F"
. " -stream -out test.cms",
- "-EncryptedData_decrypt -in test.cms -inform PEM "
+ "\"-EncryptedData_decrypt\" -in test.cms -inform PEM "
. " -secretkey 000102030405060708090A0B0C0D0E0F -out smtst.txt"
],
Copied: trunk/crypto/openssl/test/evp_extra_test.c (from rev 7117, vendor-crypto/openssl/dist/test/evp_extra_test.c)
===================================================================
--- trunk/crypto/openssl/test/evp_extra_test.c (rev 0)
+++ trunk/crypto/openssl/test/evp_extra_test.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1 @@
+link ../crypto/evp/evp_extra_test.c
\ No newline at end of file
Modified: trunk/crypto/openssl/test/evptests.txt
===================================================================
--- trunk/crypto/openssl/test/evptests.txt 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/test/evptests.txt 2015-07-21 23:23:45 UTC (rev 7118)
@@ -158,6 +158,19 @@
AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E1C656305ED1A7A6563805746FE03EDC:30C81C46A35CE411E5FBC1191A0A52EF:71AB47A086E86EEDF39D1C5BBA97C408:0
AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:41635BE625B48AFC1666DD42A09D96E7:F69F2445DF4F9B17AD2B417BE66C3710:0126141D67F37BE8538F5A8BE740E484:0
+# AES Counter test vectors from RFC3686
+aes-128-ctr:AE6852F8121067CC4BF7A5765577F39E:00000030000000000000000000000001:53696E676C6520626C6F636B206D7367:E4095D4FB7A7B3792D6175A3261311B8:1
+aes-128-ctr:7E24067817FAE0D743D6CE1F32539163:006CB6DBC0543B59DA48D90B00000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F:5104A106168A72D9790D41EE8EDAD388EB2E1EFC46DA57C8FCE630DF9141BE28:1
+aes-128-ctr:7691BE035E5020A8AC6E618529F9A0DC:00E0017B27777F3F4A1786F000000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223:C1CF48A89F2FFDD9CF4652E9EFDB72D74540A42BDE6D7836D59A5CEAAEF3105325B2072F:1
+
+aes-192-ctr:16AF5B145FC9F579C175F93E3BFB0EED863D06CCFDB78515:0000004836733C147D6D93CB00000001:53696E676C6520626C6F636B206D7367:4B55384FE259C9C84E7935A003CBE928:1
+aes-192-ctr:7C5CB2401B3DC33C19E7340819E0F69C678C3DB8E6F6A91A:0096B03B020C6EADC2CB500D00000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F:453243FC609B23327EDFAAFA7131CD9F8490701C5AD4A79CFC1FE0FF42F4FB00:1
+aes-192-ctr:02BF391EE8ECB159B959617B0965279BF59B60A786D3E0FE:0007BDFD5CBD60278DCC091200000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223:96893FC55E5C722F540B7DD1DDF7E758D288BC95C69165884536C811662F2188ABEE0935:1
+
+aes-256-ctr:776BEFF2851DB06F4C8A0542C8696F6C6A81AF1EEC96B4D37FC1D689E6C1C104:00000060DB5672C97AA8F0B200000001:53696E676C6520626C6F636B206D7367:145AD01DBF824EC7560863DC71E3E0C0:1
+aes-256-ctr:F6D66D6BD52D59BB0796365879EFF886C66DD51A5B6A99744B50590C87A23884:00FAAC24C1585EF15A43D87500000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F:F05E231B3894612C49EE000B804EB2A9B8306B508F839D6A5530831D9344AF1C:1
+aes-256-ctr:FF7A617CE69148E4F1726E2F43581DE2AA62D9F805532EDFF1EED687FB54153D:001CC5B751A51D70A1C1114800000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223:EB6C52821D0BBBF7CE7594462ACA4FAAB407DF866569FD07F48CC0B583D6071F1EC0E6B8:1
+
# DES ECB tests (from destest)
DES-ECB:0000000000000000::0000000000000000:8CA64DE9C1B123A7
Deleted: trunk/crypto/openssl/test/fips_aesavs.c
===================================================================
--- trunk/crypto/openssl/test/fips_aesavs.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/test/fips_aesavs.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1 +0,0 @@
-link ../fips/aes/fips_aesavs.c
\ No newline at end of file
Deleted: trunk/crypto/openssl/test/fips_desmovs.c
===================================================================
--- trunk/crypto/openssl/test/fips_desmovs.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/test/fips_desmovs.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1 +0,0 @@
-link ../fips/des/fips_desmovs.c
\ No newline at end of file
Deleted: trunk/crypto/openssl/test/fips_dsatest.c
===================================================================
--- trunk/crypto/openssl/test/fips_dsatest.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/test/fips_dsatest.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1 +0,0 @@
-link ../fips/dsa/fips_dsatest.c
\ No newline at end of file
Deleted: trunk/crypto/openssl/test/fips_dssvs.c
===================================================================
--- trunk/crypto/openssl/test/fips_dssvs.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/test/fips_dssvs.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1 +0,0 @@
-link ../fips/dsa/fips_dssvs.c
\ No newline at end of file
Deleted: trunk/crypto/openssl/test/fips_hmactest.c
===================================================================
--- trunk/crypto/openssl/test/fips_hmactest.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/test/fips_hmactest.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1 +0,0 @@
-link ../fips/hmac/fips_hmactest.c
\ No newline at end of file
Deleted: trunk/crypto/openssl/test/fips_randtest.c
===================================================================
--- trunk/crypto/openssl/test/fips_randtest.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/test/fips_randtest.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1 +0,0 @@
-link ../fips/rand/fips_randtest.c
\ No newline at end of file
Deleted: trunk/crypto/openssl/test/fips_rngvs.c
===================================================================
--- trunk/crypto/openssl/test/fips_rngvs.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/test/fips_rngvs.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1 +0,0 @@
-link ../fips/rand/fips_rngvs.c
\ No newline at end of file
Deleted: trunk/crypto/openssl/test/fips_rsagtest.c
===================================================================
--- trunk/crypto/openssl/test/fips_rsagtest.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/test/fips_rsagtest.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1 +0,0 @@
-link ../fips/rsa/fips_rsagtest.c
\ No newline at end of file
Deleted: trunk/crypto/openssl/test/fips_rsastest.c
===================================================================
--- trunk/crypto/openssl/test/fips_rsastest.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/test/fips_rsastest.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1 +0,0 @@
-link ../fips/rsa/fips_rsastest.c
\ No newline at end of file
Deleted: trunk/crypto/openssl/test/fips_rsavtest.c
===================================================================
--- trunk/crypto/openssl/test/fips_rsavtest.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/test/fips_rsavtest.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1 +0,0 @@
-link ../fips/rsa/fips_rsavtest.c
\ No newline at end of file
Deleted: trunk/crypto/openssl/test/fips_shatest.c
===================================================================
--- trunk/crypto/openssl/test/fips_shatest.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/test/fips_shatest.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1 +0,0 @@
-link ../fips/sha/fips_shatest.c
\ No newline at end of file
Deleted: trunk/crypto/openssl/test/fips_test_suite.c
===================================================================
--- trunk/crypto/openssl/test/fips_test_suite.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/test/fips_test_suite.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1 +0,0 @@
-link ../fips/fips_test_suite.c
\ No newline at end of file
Copied: trunk/crypto/openssl/test/heartbeat_test.c (from rev 7117, vendor-crypto/openssl/dist/test/heartbeat_test.c)
===================================================================
--- trunk/crypto/openssl/test/heartbeat_test.c (rev 0)
+++ trunk/crypto/openssl/test/heartbeat_test.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1 @@
+link ../ssl/heartbeat_test.c
\ No newline at end of file
Modified: trunk/crypto/openssl/test/maketests.com
===================================================================
--- trunk/crypto/openssl/test/maketests.com 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/test/maketests.com 2015-07-21 23:23:45 UTC (rev 7118)
@@ -6,6 +6,7 @@
$! byer at mail.all-net.net
$!
$! Changes by Richard Levitte <richard at levitte.org>
+$! Zoltan Arpadffy <arpadffy at polarhome.com>
$!
$! This command files compiles and creates all the various different
$! "test" programs for the different types of encryption for OpenSSL.
@@ -25,7 +26,7 @@
$! DECC For DEC C.
$! GNUC For GNU C.
$!
-$! If you don't speficy a compiler, it will try to determine which
+$! If you don't specify a compiler, it will try to determine which
$! "C" compiler to use.
$!
$! P3, if defined, sets a TCP/IP library to use, through one of the following
@@ -37,31 +38,72 @@
$! P4, if defined, sets a compiler thread NOT needed on OpenVMS 7.1 (and up)
$!
$!
+$! P5, if defined, specifies the C pointer size. Ignored on VAX.
+$! ("64=ARGV" gives more efficient code with HP C V7.3 or newer.)
+$! Supported values are:
+$!
+$! "" Compile with default (/NOPOINTER_SIZE)
+$! 32 Compile with /POINTER_SIZE=32 (SHORT)
+$! 64 Compile with /POINTER_SIZE=64[=ARGV] (LONG[=ARGV])
+$! (Automatically select ARGV if compiler supports it.)
+$! 64= Compile with /POINTER_SIZE=64 (LONG).
+$! 64=ARGV Compile with /POINTER_SIZE=64=ARGV (LONG=ARGV).
+$!
+$! P6, if defined, specifies a directory where ZLIB files (zlib.h,
+$! libz.olb) may be found. Optionally, a non-default object library
+$! name may be included ("dev:[dir]libz_64.olb", for example).
+$!
+$!
+$! Announce/identify.
+$!
+$ proc = f$environment( "procedure")
+$ write sys$output "@@@ "+ -
+ f$parse( proc, , , "name")+ f$parse( proc, , , "type")
+$!
$! Define A TCP/IP Library That We Will Need To Link To.
-$! (That is, If Wee Need To Link To One.)
+$! (That is, If We Need To Link To One.)
$!
$ TCPIP_LIB = ""
+$ ZLIB_LIB = ""
$!
$! Check Which Architecture We Are Using.
$!
-$ if (f$getsyi( "HW_MODEL") .lt. 1024)
+$ if (f$getsyi( "cpu") .lt. 128)
$ then
-$ arch = "VAX"
+$ ARCH = "VAX"
$ else
-$ arch = ""
-$ arch = arch+ f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
-$ if (arch .eqs. "") then arch = "UNK"
+$ ARCH = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
+$ if (ARCH .eqs. "") then ARCH = "UNK"
$ endif
$!
-$! Define The OBJ and EXE Directories (EXE before CHECK_OPTIONS).
+$ ARCHD = ARCH
+$ LIB32 = "32"
+$ OPT_FILE = ""
+$ POINTER_SIZE = ""
$!
-$ OBJ_DIR := SYS$DISK:[-.'ARCH'.OBJ.TEST]
-$ EXE_DIR := SYS$DISK:[-.'ARCH'.EXE.TEST]
-$!
$! Check To Make Sure We Have Valid Command Line Parameters.
$!
$ GOSUB CHECK_OPTIONS
$!
+$! Define The OBJ and EXE Directories.
+$!
+$ OBJ_DIR := SYS$DISK:[-.'ARCHD'.OBJ.TEST]
+$ EXE_DIR := SYS$DISK:[-.'ARCHD'.EXE.TEST]
+$!
+$! Specify the destination directory in any /MAP option.
+$!
+$ if (LINKMAP .eqs. "MAP")
+$ then
+$ LINKMAP = LINKMAP+ "=''EXE_DIR'"
+$ endif
+$!
+$! Add the location prefix to the linker options file name.
+$!
+$ if (OPT_FILE .nes. "")
+$ then
+$ OPT_FILE = EXE_DIR+ OPT_FILE
+$ endif
+$!
$! Initialise logical names and such
$!
$ GOSUB INITIALISE
@@ -68,15 +110,15 @@
$!
$! Tell The User What Kind of Machine We Run On.
$!
-$ WRITE SYS$OUTPUT "Compiling On ''ARCH'."
+$ WRITE SYS$OUTPUT "Host system architecture: ''ARCHD'"
$!
$! Define The CRYPTO-LIB We Are To Use.
$!
-$ CRYPTO_LIB := SYS$DISK:[-.'ARCH'.EXE.CRYPTO]LIBCRYPTO.OLB
+$ CRYPTO_LIB := SYS$DISK:[-.'ARCHD'.EXE.CRYPTO]SSL_LIBCRYPTO'LIB32'.OLB
$!
$! Define The SSL We Are To Use.
$!
-$ SSL_LIB := SYS$DISK:[-.'ARCH'.EXE.SSL]LIBSSL.OLB
+$ SSL_LIB := SYS$DISK:[-.'ARCHD'.EXE.SSL]SSL_LIBSSL'LIB32'.OLB
$!
$! Create the OBJ and EXE Directories, if needed.
$!
@@ -99,15 +141,16 @@
$! thereby making it fairly easy to verify that the lists are the same.
$!
$ TEST_FILES = "BNTEST,ECTEST,ECDSATEST,ECDHTEST,IDEATEST,"+ -
- "MD2TEST,MD4TEST,MD5TEST,HMACTEST,"+ -
+ "MD2TEST,MD4TEST,MD5TEST,HMACTEST,WP_TEST,"+ -
"RC2TEST,RC4TEST,RC5TEST,"+ -
"DESTEST,SHATEST,SHA1TEST,SHA256T,SHA512T,"+ -
"MDC2TEST,RMDTEST,"+ -
"RANDTEST,DHTEST,ENGINETEST,"+ -
"BFTEST,CASTTEST,SSLTEST,EXPTEST,DSATEST,RSA_TEST,"+ -
- "EVP_TEST,JPAKETEST,IGETEST"
+ "EVP_TEST,IGETEST,JPAKETEST,SRPTEST,"+ -
+ "ASN1TEST,HEARTBEAT_TEST,CONSTANT_TIME_TEST"
$! Should we add MTTEST,PQ_TEST,LH_TEST,DIVTEST,TABTEST as well?
-$
+$!
$! Additional directory information.
$ T_D_BNTEST := [-.crypto.bn]
$ T_D_ECTEST := [-.crypto.ec]
@@ -118,6 +161,7 @@
$ T_D_MD4TEST := [-.crypto.md4]
$ T_D_MD5TEST := [-.crypto.md5]
$ T_D_HMACTEST := [-.crypto.hmac]
+$ T_D_WP_TEST := [-.crypto.whrlpool]
$ T_D_RC2TEST := [-.crypto.rc2]
$ T_D_RC4TEST := [-.crypto.rc4]
$ T_D_RC5TEST := [-.crypto.rc5]
@@ -138,8 +182,12 @@
$ T_D_DSATEST := [-.crypto.dsa]
$ T_D_RSA_TEST := [-.crypto.rsa]
$ T_D_EVP_TEST := [-.crypto.evp]
+$ T_D_IGETEST := [-.test]
$ T_D_JPAKETEST := [-.crypto.jpake]
-$ T_D_IGETEST := [-.test]
+$ T_D_SRPTEST := [-.crypto.srp]
+$ T_D_ASN1TEST := [-.test]
+$ T_D_HEARTBEAT_TEST := [-.ssl]
+$ T_D_CONSTANT_TIME_TEST := [-.crypto]
$!
$ TCPIP_PROGRAMS = ",,"
$ IF COMPILER .EQS. "VAXC" THEN -
@@ -212,7 +260,7 @@
$! Inform The User That A TCP/IP Library Is Needed To Compile This Program.
$!
$ WRITE SYS$OUTPUT -
- FILE_NAME," Needs A TCP/IP Library. Can't Link. Skipping..."
+ FILE_NAME," Needs A TCP/IP Library. Can't Link. Skipping..."
$ GOTO NEXT_FILE
$!
$! End The TCP/IP Library Check.
@@ -222,34 +270,16 @@
$! Link The Program, Check To See If We Need To Link With RSAREF Or Not.
$! Check To See If We Are To Link With A Specific TCP/IP Library.
$!
-$ IF (TCPIP_LIB.NES."")
-$ THEN
-$!
$! Don't Link With The RSAREF Routines And TCP/IP Library.
$!
-$ LINK /'DEBUGGER' /'TRACEBACK' /EXECUTABLE = 'EXE_FILE' -
- 'OBJECT_FILE', -
- 'SSL_LIB' /LIBRARY, -
- 'CRYPTO_LIB' /LIBRARY, -
- 'TCPIP_LIB', -
- 'OPT_FILE' /OPTIONS
+$ LINK /'DEBUGGER' /'LINKMAP' /'TRACEBACK' /EXECTABLE = 'EXE_FILE' -
+ 'OBJECT_FILE', -
+ 'SSL_LIB' /LIBRARY, -
+ 'CRYPTO_LIB' /LIBRARY -
+ 'TCPIP_LIB' -
+ 'ZLIB_LIB' -
+ ,'OPT_FILE' /OPTIONS
$!
-$! Else...
-$!
-$ ELSE
-$!
-$! Don't Link With The RSAREF Routines And Link With A TCP/IP Library.
-$!
-$ LINK /'DEBUGGER' /'TRACEBACK' /EXECUTABLE = 'EXE_FILE' -
- 'OBJECT_FILE', -
- 'SSL_LIB' /LIBRARY, -
- 'CRYPTO_LIB' /LIBRARY, -
- 'OPT_FILE' /OPTIONS
-$!
-$! End The TCP/IP Library Check.
-$!
-$ ENDIF
-$!
$! Go Back And Do It Again.
$!
$ GOTO NEXT_FILE
@@ -283,8 +313,8 @@
$ CREATE 'OPT_FILE'
$DECK
!
-! Default System Options File To Link Against
-! The Shareable VAX C Runtime Library.
+! Default System Options File To Link Against
+! The Sharable VAX C Runtime Library.
!
SYS$SHARE:VAXCRTL.EXE /SHAREABLE
$EOD
@@ -312,8 +342,8 @@
$ CREATE 'OPT_FILE'
$DECK
!
-! Default System Options File To Link Against
-! The Shareable C Runtime Library.
+! Default System Options File To Link Against
+! The Sharable C Runtime Library.
!
GNU_CC:[000000]GCCLIB.OLB /LIBRARY
SYS$SHARE:VAXCRTL.EXE /SHAREABLE
@@ -347,8 +377,8 @@
$ CREATE 'OPT_FILE'
$DECK
!
-! Default System Options File To Link Against
-! The Shareable DEC C Runtime Library.
+! Default System Options File To Link Against
+! The Sharable DEC C Runtime Library.
!
SYS$SHARE:DECC$SHR.EXE /SHAREABLE
$EOD
@@ -362,8 +392,8 @@
$ CREATE 'OPT_FILE'
$DECK
!
-! Default System Options File For non-VAX To Link Against
-! The Shareable C Runtime Library.
+! Default System Options File For non-VAX To Link Against
+! The Sharable C Runtime Library.
!
SYS$SHARE:CMA$OPEN_LIB_SHR.EXE /SHAREABLE
SYS$SHARE:CMA$OPEN_RTL.EXE /SHAREABLE
@@ -441,19 +471,24 @@
$!
$ CHECK_OPTIONS:
$!
+$! Set basic C compiler /INCLUDE directories.
+$!
+$ CC_INCLUDES = "SYS$DISK:[-],SYS$DISK:[-.CRYPTO]"
+$!
$! Check To See If P1 Is Blank.
$!
$ IF (P1.EQS."NODEBUG")
$ THEN
$!
-$! P1 Is NODEBUG, So Compile Without Debugger Information.
+$! P1 Is NODEBUG, So Compile Without Debugger Information.
$!
-$ DEBUGGER = "NODEBUG"
-$ TRACEBACK = "NOTRACEBACK"
-$ GCC_OPTIMIZE = "OPTIMIZE"
-$ CC_OPTIMIZE = "OPTIMIZE"
-$ WRITE SYS$OUTPUT "No Debugger Information Will Be Produced During Compile."
-$ WRITE SYS$OUTPUT "Compiling With Compiler Optimization."
+$ DEBUGGER = "NODEBUG"
+$ LINKMAP = "NOMAP"
+$ TRACEBACK = "NOTRACEBACK"
+$ GCC_OPTIMIZE = "OPTIMIZE"
+$ CC_OPTIMIZE = "OPTIMIZE"
+$ WRITE SYS$OUTPUT "No Debugger Information Will Be Produced During Compile."
+$ WRITE SYS$OUTPUT "Compiling With Compiler Optimization."
$!
$! Else...
$!
@@ -467,6 +502,7 @@
$! Compile With Debugger Information.
$!
$ DEBUGGER = "DEBUG"
+$ LINKMAP = "MAP"
$ TRACEBACK = "TRACEBACK"
$ GCC_OPTIMIZE = "NOOPTIMIZE"
$ CC_OPTIMIZE = "NOOPTIMIZE"
@@ -477,7 +513,7 @@
$!
$ ELSE
$!
-$! Tell The User Entered An Invalid Option..
+$! Tell The User Entered An Invalid Option.
$!
$ WRITE SYS$OUTPUT ""
$ WRITE SYS$OUTPUT "The Option ",P1," Is Invalid. The Valid Options Are:"
@@ -490,14 +526,90 @@
$!
$ EXIT
$!
-$! End The Valid Arguement Check.
+$! End The Valid Argument Check.
$!
$ ENDIF
$!
-$! End The P2 Check.
+$! End The P1 Check.
$!
$ ENDIF
$!
+$! Check P5 (POINTER_SIZE).
+$!
+$ IF (P5 .NES. "") .AND. (ARCH .NES. "VAX")
+$ THEN
+$!
+$ IF (P5 .EQS. "32")
+$ THEN
+$ POINTER_SIZE = " /POINTER_SIZE=32"
+$ ELSE
+$ POINTER_SIZE = F$EDIT( P5, "COLLAPSE, UPCASE")
+$ IF ((POINTER_SIZE .EQS. "64") .OR. -
+ (POINTER_SIZE .EQS. "64=") .OR. -
+ (POINTER_SIZE .EQS. "64=ARGV"))
+$ THEN
+$ ARCHD = ARCH+ "_64"
+$ LIB32 = ""
+$ IF (F$EXTRACT( 2, 1, POINTER_SIZE) .EQS. "=")
+$ THEN
+$! Explicit user choice: "64" or "64=ARGV".
+$ IF (POINTER_SIZE .EQS. "64=") THEN POINTER_SIZE = "64"
+$ ELSE
+$ SET NOON
+$ DEFINE /USER_MODE SYS$OUTPUT NL:
+$ DEFINE /USER_MODE SYS$ERROR NL:
+$ CC /NOLIST /NOOBJECT /POINTER_SIZE=64=ARGV NL:
+$ IF ($STATUS .AND. %X0FFF0000) .EQ. %X00030000
+$ THEN
+$ ! If we got here, it means DCL complained like this:
+$ ! %DCL-W-NOVALU, value not allowed - remove value specification
+$ ! \64=\
+$ !
+$ ! If the compiler was run, logicals defined in /USER would
+$ ! have been deassigned automatically. However, when DCL
+$ ! complains, they aren't, so we do it here (it might be
+$ ! unnecessary, but just in case there will be another error
+$ ! message further on that we don't want to miss)
+$ DEASSIGN /USER_MODE SYS$ERROR
+$ DEASSIGN /USER_MODE SYS$OUTPUT
+$ ELSE
+$ POINTER_SIZE = POINTER_SIZE + "=ARGV"
+$ ENDIF
+$ SET ON
+$ ENDIF
+$ POINTER_SIZE = " /POINTER_SIZE=''POINTER_SIZE'"
+$ ELSE
+$!
+$! Tell The User Entered An Invalid Option.
+$!
+$ WRITE SYS$OUTPUT ""
+$ WRITE SYS$OUTPUT "The Option ", P5, -
+ " Is Invalid. The Valid Options Are:"
+$ WRITE SYS$OUTPUT ""
+$ WRITE SYS$OUTPUT -
+ " """" : Compile with default (short) pointers."
+$ WRITE SYS$OUTPUT -
+ " 32 : Compile with 32-bit (short) pointers."
+$ WRITE SYS$OUTPUT -
+ " 64 : Compile with 64-bit (long) pointers (auto ARGV)."
+$ WRITE SYS$OUTPUT -
+ " 64= : Compile with 64-bit (long) pointers (no ARGV)."
+$ WRITE SYS$OUTPUT -
+ " 64=ARGV : Compile with 64-bit (long) pointers (ARGV)."
+$ WRITE SYS$OUTPUT ""
+$!
+$! Time To EXIT.
+$!
+$ EXIT
+$!
+$ ENDIF
+$!
+$ ENDIF
+$!
+$! End The P5 (POINTER_SIZE) Check.
+$!
+$ ENDIF
+$!
$! Check To See If P2 Is Blank.
$!
$ IF (P2.EQS."")
@@ -598,12 +710,65 @@
$ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS
$ CCEXTRAFLAGS = ""
$ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS
-$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX,FOUNDCR"
+$ CCDISABLEWARNINGS = "" !!! "LONGLONGTYPE,LONGLONGSUFX,FOUNDCR"
$ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN -
CCDISABLEWARNINGS = CCDISABLEWARNINGS + "," + USER_CCDISABLEWARNINGS
$!
-$! Check To See If The User Entered A Valid Paramter.
+$! Check To See If We Have A ZLIB Option.
$!
+$ ZLIB = P6
+$ IF (ZLIB .NES. "")
+$ THEN
+$!
+$! Check for expected ZLIB files.
+$!
+$ err = 0
+$ file1 = f$parse( "zlib.h", ZLIB, , , "SYNTAX_ONLY")
+$ if (f$search( file1) .eqs. "")
+$ then
+$ WRITE SYS$OUTPUT ""
+$ WRITE SYS$OUTPUT "The Option ", ZLIB, " Is Invalid."
+$ WRITE SYS$OUTPUT " Can't find header: ''file1'"
+$ err = 1
+$ endif
+$ file1 = f$parse( "A.;", ZLIB)- "A.;"
+$!
+$ file2 = f$parse( ZLIB, "libz.olb", , , "SYNTAX_ONLY")
+$ if (f$search( file2) .eqs. "")
+$ then
+$ if (err .eq. 0)
+$ then
+$ WRITE SYS$OUTPUT ""
+$ WRITE SYS$OUTPUT "The Option ", ZLIB, " Is Invalid."
+$ endif
+$ WRITE SYS$OUTPUT " Can't find library: ''file2'"
+$ WRITE SYS$OUTPUT ""
+$ err = err+ 2
+$ endif
+$ if (err .eq. 1)
+$ then
+$ WRITE SYS$OUTPUT ""
+$ endif
+$!
+$ if (err .ne. 0)
+$ then
+$ GOTO EXIT
+$ endif
+$!
+$ CCDEFS = """ZLIB=1"", "+ CCDEFS
+$ CC_INCLUDES = CC_INCLUDES+ ", "+ file1
+$ ZLIB_LIB = ", ''file2' /library"
+$!
+$! Print info
+$!
+$ WRITE SYS$OUTPUT "ZLIB library spec: ", file2
+$!
+$! End The P8 Check.
+$!
+$ ENDIF
+$!
+$! Check To See If The User Entered A Valid Parameter.
+$!
$ IF (P2.EQS."VAXC").OR.(P2.EQS."DECC").OR.(P2.EQS."GNUC")
$ THEN
$!
@@ -625,13 +790,13 @@
$ CC = "CC"
$ IF ARCH.EQS."VAX" .AND. F$TRNLNM("DECC$CC_DEFAULT").NES."/DECC" -
THEN CC = "CC /DECC"
-$ CC = CC + "/''CC_OPTIMIZE' /''DEBUGGER' /STANDARD=ANSI89" + -
- "/NOLIST /PREFIX=ALL" + -
- "/INCLUDE=(SYS$DISK:[-],SYS$DISK:[-.CRYPTO])" + CCEXTRAFLAGS
+$ CC = CC + " /''CC_OPTIMIZE' /''DEBUGGER' /STANDARD=RELAXED"+ -
+ "''POINTER_SIZE' /NOLIST /PREFIX=ALL" + -
+ " /INCLUDE=(''CC_INCLUDES') " + CCEXTRAFLAGS
$!
$! Define The Linker Options File Name.
$!
-$ OPT_FILE = "''EXE_DIR'VAX_DECC_OPTIONS.OPT"
+$ OPT_FILE = "VAX_DECC_OPTIONS.OPT"
$!
$! End DECC Check.
$!
@@ -660,7 +825,7 @@
$ ENDIF
$ IF F$TRNLNM("DECC$CC_DEFAULT").EQS."/DECC" THEN CC = "CC /VAXC"
$ CC = CC + "/''CC_OPTIMIZE' /''DEBUGGER' /NOLIST" + -
- "/INCLUDE=(SYS$DISK:[-],SYS$DISK:[-.CRYPTO])" + CCEXTRAFLAGS
+ "/INCLUDE=(''CC_INCLUDES')" + CCEXTRAFLAGS
$ CCDEFS = CCDEFS + ",""VAXC"""
$!
$! Define <sys> As SYS$COMMON:[SYSLIB]
@@ -669,7 +834,7 @@
$!
$! Define The Linker Options File Name.
$!
-$ OPT_FILE = "''EXE_DIR'VAX_VAXC_OPTIONS.OPT"
+$ OPT_FILE = "VAX_VAXC_OPTIONS.OPT"
$!
$! End VAXC Check
$!
@@ -691,11 +856,11 @@
$! Use GNU C...
$!
$ CC = "GCC /NOCASE_HACK /''GCC_OPTIMIZE' /''DEBUGGER' /NOLIST" + -
- "/INCLUDE=(SYS$DISK:[-],SYS$DISK:[-.CRYPTO])" + CCEXTRAFLAGS
+ "/INCLUDE=(''CC_INCLUDES')" + CCEXTRAFLAGS
$!
$! Define The Linker Options File Name.
$!
-$ OPT_FILE = "''EXE_DIR'VAX_GNUC_OPTIONS.OPT"
+$ OPT_FILE = "VAX_GNUC_OPTIONS.OPT"
$!
$! End The GNU C Check.
$!
@@ -714,20 +879,20 @@
$ CC4DISABLEWARNINGS = "DOLLARID"
$ ELSE
$ CC4DISABLEWARNINGS = CCDISABLEWARNINGS + ",DOLLARID"
-$ CCDISABLEWARNINGS = "/WARNING=(DISABLE=(" + CCDISABLEWARNINGS + "))"
+$ CCDISABLEWARNINGS = " /WARNING=(DISABLE=(" + CCDISABLEWARNINGS + "))"
$ ENDIF
-$ CC4DISABLEWARNINGS = "/WARNING=(DISABLE=(" + CC4DISABLEWARNINGS + "))"
+$ CC4DISABLEWARNINGS = " /WARNING=(DISABLE=(" + CC4DISABLEWARNINGS + "))"
$ ELSE
$ CCDISABLEWARNINGS = ""
$ CC4DISABLEWARNINGS = ""
$ ENDIF
-$ CC = CC + "/DEFINE=(" + CCDEFS + ")" + CCDISABLEWARNINGS
+$ CC = CC + " /DEFINE=(" + CCDEFS + ")" + CCDISABLEWARNINGS
$!
$! Show user the result
$!
$ WRITE /SYMBOL SYS$OUTPUT "Main Compiling Command: ", CC
$!
-$! Else The User Entered An Invalid Arguement.
+$! Else The User Entered An Invalid Argument.
$!
$ ELSE
$!
@@ -759,7 +924,7 @@
$!
$! Set the library to use SOCKETSHR
$!
-$ TCPIP_LIB = "SYS$DISK:[-.VMS]SOCKETSHR_SHR.OPT /OPTIONS"
+$ TCPIP_LIB = ",SYS$DISK:[-.VMS]SOCKETSHR_SHR.OPT /OPTIONS"
$!
$! Done with SOCKETSHR
$!
@@ -785,13 +950,13 @@
$!
$! Set the library to use UCX.
$!
-$ TCPIP_LIB = "SYS$DISK:[-.VMS]UCX_SHR_DECC.OPT /OPTIONS"
+$ TCPIP_LIB = ",SYS$DISK:[-.VMS]UCX_SHR_DECC.OPT /OPTIONS"
$ IF F$TRNLNM("UCX$IPC_SHR") .NES. ""
$ THEN
-$ TCPIP_LIB = "SYS$DISK:[-.VMS]UCX_SHR_DECC_LOG.OPT /OPTIONS"
+$ TCPIP_LIB = ",SYS$DISK:[-.VMS]UCX_SHR_DECC_LOG.OPT /OPTIONS"
$ ELSE
$ IF COMPILER .NES. "DECC" .AND. ARCH .EQS. "VAX" THEN -
- TCPIP_LIB = "SYS$DISK:[-.VMS]UCX_SHR_VAXC.OPT /OPTIONS"
+ TCPIP_LIB = ",SYS$DISK:[-.VMS]UCX_SHR_VAXC.OPT /OPTIONS"
$ ENDIF
$!
$! Done with UCX
@@ -805,7 +970,7 @@
$!
$! Set the library to use TCPIP (post UCX).
$!
-$ TCPIP_LIB = "SYS$DISK:[-.VMS]TCPIP_SHR_DECC.OPT /OPTIONS"
+$ TCPIP_LIB = ",SYS$DISK:[-.VMS]TCPIP_SHR_DECC.OPT /OPTIONS"
$!
$! Done with TCPIP
$!
@@ -826,9 +991,9 @@
$!
$! Print info
$!
-$ WRITE SYS$OUTPUT "TCP/IP library spec: ", TCPIP_LIB
+$ WRITE SYS$OUTPUT "TCP/IP library spec: ", TCPIP_LIB- ","
$!
-$! Else The User Entered An Invalid Arguement.
+$! Else The User Entered An Invalid Argument.
$!
$ ELSE
$!
Modified: trunk/crypto/openssl/test/md2test.c
===================================================================
--- trunk/crypto/openssl/test/md2test.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/test/md2test.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1 +1 @@
-link ../crypto/md2/md2test.c
\ No newline at end of file
+link dummytest.c
\ No newline at end of file
Modified: trunk/crypto/openssl/test/mdc2test.c
===================================================================
--- trunk/crypto/openssl/test/mdc2test.c 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/test/mdc2test.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1 +1 @@
-link dummytest.c
\ No newline at end of file
+link ../crypto/mdc2/mdc2test.c
\ No newline at end of file
Copied: trunk/crypto/openssl/test/pkits-test.pl (from rev 7117, vendor-crypto/openssl/dist/test/pkits-test.pl)
===================================================================
--- trunk/crypto/openssl/test/pkits-test.pl (rev 0)
+++ trunk/crypto/openssl/test/pkits-test.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,949 @@
+# test/pkits-test.pl
+# Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
+# project.
+#
+# ====================================================================
+# Copyright (c) 2008 The OpenSSL Project. All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+#
+# 1. Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+#
+# 2. Redistributions in binary form must reproduce the above copyright
+# notice, this list of conditions and the following disclaimer in
+# the documentation and/or other materials provided with the
+# distribution.
+#
+# 3. All advertising materials mentioning features or use of this
+# software must display the following acknowledgment:
+# "This product includes software developed by the OpenSSL Project
+# for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+#
+# 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+# endorse or promote products derived from this software without
+# prior written permission. For written permission, please contact
+# licensing at OpenSSL.org.
+#
+# 5. Products derived from this software may not be called "OpenSSL"
+# nor may "OpenSSL" appear in their names without prior written
+# permission of the OpenSSL Project.
+#
+# 6. Redistributions of any form whatsoever must retain the following
+# acknowledgment:
+# "This product includes software developed by the OpenSSL Project
+# for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+#
+# THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+# ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+# OF THE POSSIBILITY OF SUCH DAMAGE.
+# ====================================================================
+
+# Perl utility to run PKITS tests for RFC3280 compliance.
+
+my $ossl_path;
+
+if ( -f "../apps/openssl" ) {
+ $ossl_path = "../util/shlib_wrap.sh ../apps/openssl";
+}
+elsif ( -f "..\\out32dll\\openssl.exe" ) {
+ $ossl_path = "..\\out32dll\\openssl.exe";
+}
+elsif ( -f "..\\out32\\openssl.exe" ) {
+ $ossl_path = "..\\out32\\openssl.exe";
+}
+else {
+ die "Can't find OpenSSL executable";
+}
+
+my $pkitsdir = "pkits/smime";
+my $pkitsta = "pkits/certs/TrustAnchorRootCertificate.crt";
+
+die "Can't find PKITS test data" if !-d $pkitsdir;
+
+my $nist1 = "2.16.840.1.101.3.2.1.48.1";
+my $nist2 = "2.16.840.1.101.3.2.1.48.2";
+my $nist3 = "2.16.840.1.101.3.2.1.48.3";
+my $nist4 = "2.16.840.1.101.3.2.1.48.4";
+my $nist5 = "2.16.840.1.101.3.2.1.48.5";
+my $nist6 = "2.16.840.1.101.3.2.1.48.6";
+
+my $apolicy = "X509v3 Any Policy";
+
+# This table contains the chapter headings of the accompanying PKITS
+# document. They provide useful informational output and their names
+# can be converted into the filename to test.
+
+my @testlists = (
+ [ "4.1", "Signature Verification" ],
+ [ "4.1.1", "Valid Signatures Test1", 0 ],
+ [ "4.1.2", "Invalid CA Signature Test2", 7 ],
+ [ "4.1.3", "Invalid EE Signature Test3", 7 ],
+ [ "4.1.4", "Valid DSA Signatures Test4", 0 ],
+ [ "4.1.5", "Valid DSA Parameter Inheritance Test5", 0 ],
+ [ "4.1.6", "Invalid DSA Signature Test6", 7 ],
+ [ "4.2", "Validity Periods" ],
+ [ "4.2.1", "Invalid CA notBefore Date Test1", 9 ],
+ [ "4.2.2", "Invalid EE notBefore Date Test2", 9 ],
+ [ "4.2.3", "Valid pre2000 UTC notBefore Date Test3", 0 ],
+ [ "4.2.4", "Valid GeneralizedTime notBefore Date Test4", 0 ],
+ [ "4.2.5", "Invalid CA notAfter Date Test5", 10 ],
+ [ "4.2.6", "Invalid EE notAfter Date Test6", 10 ],
+ [ "4.2.7", "Invalid pre2000 UTC EE notAfter Date Test7", 10 ],
+ [ "4.2.8", "Valid GeneralizedTime notAfter Date Test8", 0 ],
+ [ "4.3", "Verifying Name Chaining" ],
+ [ "4.3.1", "Invalid Name Chaining EE Test1", 20 ],
+ [ "4.3.2", "Invalid Name Chaining Order Test2", 20 ],
+ [ "4.3.3", "Valid Name Chaining Whitespace Test3", 0 ],
+ [ "4.3.4", "Valid Name Chaining Whitespace Test4", 0 ],
+ [ "4.3.5", "Valid Name Chaining Capitalization Test5", 0 ],
+ [ "4.3.6", "Valid Name Chaining UIDs Test6", 0 ],
+ [ "4.3.7", "Valid RFC3280 Mandatory Attribute Types Test7", 0 ],
+ [ "4.3.8", "Valid RFC3280 Optional Attribute Types Test8", 0 ],
+ [ "4.3.9", "Valid UTF8String Encoded Names Test9", 0 ],
+ [ "4.3.10", "Valid Rollover from PrintableString to UTF8String Test10", 0 ],
+ [ "4.3.11", "Valid UTF8String Case Insensitive Match Test11", 0 ],
+ [ "4.4", "Basic Certificate Revocation Tests" ],
+ [ "4.4.1", "Missing CRL Test1", 3 ],
+ [ "4.4.2", "Invalid Revoked CA Test2", 23 ],
+ [ "4.4.3", "Invalid Revoked EE Test3", 23 ],
+ [ "4.4.4", "Invalid Bad CRL Signature Test4", 8 ],
+ [ "4.4.5", "Invalid Bad CRL Issuer Name Test5", 3 ],
+ [ "4.4.6", "Invalid Wrong CRL Test6", 3 ],
+ [ "4.4.7", "Valid Two CRLs Test7", 0 ],
+
+ # The test document suggests these should return certificate revoked...
+ # Subsquent discussion has concluded they should not due to unhandle
+ # critical CRL extensions.
+ [ "4.4.8", "Invalid Unknown CRL Entry Extension Test8", 36 ],
+ [ "4.4.9", "Invalid Unknown CRL Extension Test9", 36 ],
+
+ [ "4.4.10", "Invalid Unknown CRL Extension Test10", 36 ],
+ [ "4.4.11", "Invalid Old CRL nextUpdate Test11", 12 ],
+ [ "4.4.12", "Invalid pre2000 CRL nextUpdate Test12", 12 ],
+ [ "4.4.13", "Valid GeneralizedTime CRL nextUpdate Test13", 0 ],
+ [ "4.4.14", "Valid Negative Serial Number Test14", 0 ],
+ [ "4.4.15", "Invalid Negative Serial Number Test15", 23 ],
+ [ "4.4.16", "Valid Long Serial Number Test16", 0 ],
+ [ "4.4.17", "Valid Long Serial Number Test17", 0 ],
+ [ "4.4.18", "Invalid Long Serial Number Test18", 23 ],
+ [ "4.4.19", "Valid Separate Certificate and CRL Keys Test19", 0 ],
+ [ "4.4.20", "Invalid Separate Certificate and CRL Keys Test20", 23 ],
+
+ # CRL path is revoked so get a CRL path validation error
+ [ "4.4.21", "Invalid Separate Certificate and CRL Keys Test21", 54 ],
+ [ "4.5", "Verifying Paths with Self-Issued Certificates" ],
+ [ "4.5.1", "Valid Basic Self-Issued Old With New Test1", 0 ],
+ [ "4.5.2", "Invalid Basic Self-Issued Old With New Test2", 23 ],
+ [ "4.5.3", "Valid Basic Self-Issued New With Old Test3", 0 ],
+ [ "4.5.4", "Valid Basic Self-Issued New With Old Test4", 0 ],
+ [ "4.5.5", "Invalid Basic Self-Issued New With Old Test5", 23 ],
+ [ "4.5.6", "Valid Basic Self-Issued CRL Signing Key Test6", 0 ],
+ [ "4.5.7", "Invalid Basic Self-Issued CRL Signing Key Test7", 23 ],
+ [ "4.5.8", "Invalid Basic Self-Issued CRL Signing Key Test8", 20 ],
+ [ "4.6", "Verifying Basic Constraints" ],
+ [ "4.6.1", "Invalid Missing basicConstraints Test1", 24 ],
+ [ "4.6.2", "Invalid cA False Test2", 24 ],
+ [ "4.6.3", "Invalid cA False Test3", 24 ],
+ [ "4.6.4", "Valid basicConstraints Not Critical Test4", 0 ],
+ [ "4.6.5", "Invalid pathLenConstraint Test5", 25 ],
+ [ "4.6.6", "Invalid pathLenConstraint Test6", 25 ],
+ [ "4.6.7", "Valid pathLenConstraint Test7", 0 ],
+ [ "4.6.8", "Valid pathLenConstraint Test8", 0 ],
+ [ "4.6.9", "Invalid pathLenConstraint Test9", 25 ],
+ [ "4.6.10", "Invalid pathLenConstraint Test10", 25 ],
+ [ "4.6.11", "Invalid pathLenConstraint Test11", 25 ],
+ [ "4.6.12", "Invalid pathLenConstraint Test12", 25 ],
+ [ "4.6.13", "Valid pathLenConstraint Test13", 0 ],
+ [ "4.6.14", "Valid pathLenConstraint Test14", 0 ],
+ [ "4.6.15", "Valid Self-Issued pathLenConstraint Test15", 0 ],
+ [ "4.6.16", "Invalid Self-Issued pathLenConstraint Test16", 25 ],
+ [ "4.6.17", "Valid Self-Issued pathLenConstraint Test17", 0 ],
+ [ "4.7", "Key Usage" ],
+ [ "4.7.1", "Invalid keyUsage Critical keyCertSign False Test1", 20 ],
+ [ "4.7.2", "Invalid keyUsage Not Critical keyCertSign False Test2", 20 ],
+ [ "4.7.3", "Valid keyUsage Not Critical Test3", 0 ],
+ [ "4.7.4", "Invalid keyUsage Critical cRLSign False Test4", 35 ],
+ [ "4.7.5", "Invalid keyUsage Not Critical cRLSign False Test5", 35 ],
+
+ # Certificate policy tests need special handling. They can have several
+ # sub tests and we need to check the outputs are correct.
+
+ [ "4.8", "Certificate Policies" ],
+ [
+ "4.8.1.1",
+ "All Certificates Same Policy Test1",
+ "-policy anyPolicy -explicit_policy",
+ "True", $nist1, $nist1, 0
+ ],
+ [
+ "4.8.1.2",
+ "All Certificates Same Policy Test1",
+ "-policy $nist1 -explicit_policy",
+ "True", $nist1, $nist1, 0
+ ],
+ [
+ "4.8.1.3",
+ "All Certificates Same Policy Test1",
+ "-policy $nist2 -explicit_policy",
+ "True", $nist1, "<empty>", 43
+ ],
+ [
+ "4.8.1.4",
+ "All Certificates Same Policy Test1",
+ "-policy $nist1 -policy $nist2 -explicit_policy",
+ "True", $nist1, $nist1, 0
+ ],
+ [
+ "4.8.2.1",
+ "All Certificates No Policies Test2",
+ "-policy anyPolicy",
+ "False", "<empty>", "<empty>", 0
+ ],
+ [
+ "4.8.2.2",
+ "All Certificates No Policies Test2",
+ "-policy anyPolicy -explicit_policy",
+ "True", "<empty>", "<empty>", 43
+ ],
+ [
+ "4.8.3.1",
+ "Different Policies Test3",
+ "-policy anyPolicy",
+ "False", "<empty>", "<empty>", 0
+ ],
+ [
+ "4.8.3.2",
+ "Different Policies Test3",
+ "-policy anyPolicy -explicit_policy",
+ "True", "<empty>", "<empty>", 43
+ ],
+ [
+ "4.8.3.3",
+ "Different Policies Test3",
+ "-policy $nist1 -policy $nist2 -explicit_policy",
+ "True", "<empty>", "<empty>", 43
+ ],
+
+ [
+ "4.8.4",
+ "Different Policies Test4",
+ "-policy anyPolicy",
+ "True", "<empty>", "<empty>", 43
+ ],
+ [
+ "4.8.5",
+ "Different Policies Test5",
+ "-policy anyPolicy",
+ "True", "<empty>", "<empty>", 43
+ ],
+ [
+ "4.8.6.1",
+ "Overlapping Policies Test6",
+ "-policy anyPolicy",
+ "True", $nist1, $nist1, 0
+ ],
+ [
+ "4.8.6.2",
+ "Overlapping Policies Test6",
+ "-policy $nist1",
+ "True", $nist1, $nist1, 0
+ ],
+ [
+ "4.8.6.3",
+ "Overlapping Policies Test6",
+ "-policy $nist2",
+ "True", $nist1, "<empty>", 43
+ ],
+ [
+ "4.8.7",
+ "Different Policies Test7",
+ "-policy anyPolicy",
+ "True", "<empty>", "<empty>", 43
+ ],
+ [
+ "4.8.8",
+ "Different Policies Test8",
+ "-policy anyPolicy",
+ "True", "<empty>", "<empty>", 43
+ ],
+ [
+ "4.8.9",
+ "Different Policies Test9",
+ "-policy anyPolicy",
+ "True", "<empty>", "<empty>", 43
+ ],
+ [
+ "4.8.10.1",
+ "All Certificates Same Policies Test10",
+ "-policy $nist1",
+ "True", "$nist1:$nist2", "$nist1", 0
+ ],
+ [
+ "4.8.10.2",
+ "All Certificates Same Policies Test10",
+ "-policy $nist2",
+ "True", "$nist1:$nist2", "$nist2", 0
+ ],
+ [
+ "4.8.10.3",
+ "All Certificates Same Policies Test10",
+ "-policy anyPolicy",
+ "True", "$nist1:$nist2", "$nist1:$nist2", 0
+ ],
+ [
+ "4.8.11.1",
+ "All Certificates AnyPolicy Test11",
+ "-policy anyPolicy",
+ "True", "$apolicy", "$apolicy", 0
+ ],
+ [
+ "4.8.11.2",
+ "All Certificates AnyPolicy Test11",
+ "-policy $nist1",
+ "True", "$apolicy", "$nist1", 0
+ ],
+ [
+ "4.8.12",
+ "Different Policies Test12",
+ "-policy anyPolicy",
+ "True", "<empty>", "<empty>", 43
+ ],
+ [
+ "4.8.13.1",
+ "All Certificates Same Policies Test13",
+ "-policy $nist1",
+ "True", "$nist1:$nist2:$nist3", "$nist1", 0
+ ],
+ [
+ "4.8.13.2",
+ "All Certificates Same Policies Test13",
+ "-policy $nist2",
+ "True", "$nist1:$nist2:$nist3", "$nist2", 0
+ ],
+ [
+ "4.8.13.3",
+ "All Certificates Same Policies Test13",
+ "-policy $nist3",
+ "True", "$nist1:$nist2:$nist3", "$nist3", 0
+ ],
+ [
+ "4.8.14.1", "AnyPolicy Test14",
+ "-policy $nist1", "True",
+ "$nist1", "$nist1",
+ 0
+ ],
+ [
+ "4.8.14.2", "AnyPolicy Test14",
+ "-policy $nist2", "True",
+ "$nist1", "<empty>",
+ 43
+ ],
+ [
+ "4.8.15",
+ "User Notice Qualifier Test15",
+ "-policy anyPolicy",
+ "False", "$nist1", "$nist1", 0
+ ],
+ [
+ "4.8.16",
+ "User Notice Qualifier Test16",
+ "-policy anyPolicy",
+ "False", "$nist1", "$nist1", 0
+ ],
+ [
+ "4.8.17",
+ "User Notice Qualifier Test17",
+ "-policy anyPolicy",
+ "False", "$nist1", "$nist1", 0
+ ],
+ [
+ "4.8.18.1",
+ "User Notice Qualifier Test18",
+ "-policy $nist1",
+ "True", "$nist1:$nist2", "$nist1", 0
+ ],
+ [
+ "4.8.18.2",
+ "User Notice Qualifier Test18",
+ "-policy $nist2",
+ "True", "$nist1:$nist2", "$nist2", 0
+ ],
+ [
+ "4.8.19",
+ "User Notice Qualifier Test19",
+ "-policy anyPolicy",
+ "False", "$nist1", "$nist1", 0
+ ],
+ [
+ "4.8.20",
+ "CPS Pointer Qualifier Test20",
+ "-policy anyPolicy -explicit_policy",
+ "True", "$nist1", "$nist1", 0
+ ],
+ [ "4.9", "Require Explicit Policy" ],
+ [
+ "4.9.1",
+ "Valid RequireExplicitPolicy Test1",
+ "-policy anyPolicy",
+ "False", "<empty>", "<empty>", 0
+ ],
+ [
+ "4.9.2",
+ "Valid RequireExplicitPolicy Test2",
+ "-policy anyPolicy",
+ "False", "<empty>", "<empty>", 0
+ ],
+ [
+ "4.9.3",
+ "Invalid RequireExplicitPolicy Test3",
+ "-policy anyPolicy",
+ "True", "<empty>", "<empty>", 43
+ ],
+ [
+ "4.9.4",
+ "Valid RequireExplicitPolicy Test4",
+ "-policy anyPolicy",
+ "True", "$nist1", "$nist1", 0
+ ],
+ [
+ "4.9.5",
+ "Invalid RequireExplicitPolicy Test5",
+ "-policy anyPolicy",
+ "True", "<empty>", "<empty>", 43
+ ],
+ [
+ "4.9.6",
+ "Valid Self-Issued requireExplicitPolicy Test6",
+ "-policy anyPolicy",
+ "False", "<empty>", "<empty>", 0
+ ],
+ [
+ "4.9.7",
+ "Invalid Self-Issued requireExplicitPolicy Test7",
+ "-policy anyPolicy",
+ "True", "<empty>", "<empty>", 43
+ ],
+ [
+ "4.9.8",
+ "Invalid Self-Issued requireExplicitPolicy Test8",
+ "-policy anyPolicy",
+ "True", "<empty>", "<empty>", 43
+ ],
+ [ "4.10", "Policy Mappings" ],
+ [
+ "4.10.1.1",
+ "Valid Policy Mapping Test1",
+ "-policy $nist1",
+ "True", "$nist1", "$nist1", 0
+ ],
+ [
+ "4.10.1.2",
+ "Valid Policy Mapping Test1",
+ "-policy $nist2",
+ "True", "$nist1", "<empty>", 43
+ ],
+ [
+ "4.10.1.3",
+ "Valid Policy Mapping Test1",
+ "-policy anyPolicy -inhibit_map",
+ "True", "<empty>", "<empty>", 43
+ ],
+ [
+ "4.10.2.1",
+ "Invalid Policy Mapping Test2",
+ "-policy anyPolicy",
+ "True", "<empty>", "<empty>", 43
+ ],
+ [
+ "4.10.2.2",
+ "Invalid Policy Mapping Test2",
+ "-policy anyPolicy -inhibit_map",
+ "True", "<empty>", "<empty>", 43
+ ],
+ [
+ "4.10.3.1",
+ "Valid Policy Mapping Test3",
+ "-policy $nist1",
+ "True", "$nist2", "<empty>", 43
+ ],
+ [
+ "4.10.3.2",
+ "Valid Policy Mapping Test3",
+ "-policy $nist2",
+ "True", "$nist2", "$nist2", 0
+ ],
+ [
+ "4.10.4",
+ "Invalid Policy Mapping Test4",
+ "-policy anyPolicy",
+ "True", "<empty>", "<empty>", 43
+ ],
+ [
+ "4.10.5.1",
+ "Valid Policy Mapping Test5",
+ "-policy $nist1",
+ "True", "$nist1", "$nist1", 0
+ ],
+ [
+ "4.10.5.2",
+ "Valid Policy Mapping Test5",
+ "-policy $nist6",
+ "True", "$nist1", "<empty>", 43
+ ],
+ [
+ "4.10.6.1",
+ "Valid Policy Mapping Test6",
+ "-policy $nist1",
+ "True", "$nist1", "$nist1", 0
+ ],
+ [
+ "4.10.6.2",
+ "Valid Policy Mapping Test6",
+ "-policy $nist6",
+ "True", "$nist1", "<empty>", 43
+ ],
+ [ "4.10.7", "Invalid Mapping From anyPolicy Test7", 42 ],
+ [ "4.10.8", "Invalid Mapping To anyPolicy Test8", 42 ],
+ [
+ "4.10.9",
+ "Valid Policy Mapping Test9",
+ "-policy anyPolicy",
+ "True", "$nist1", "$nist1", 0
+ ],
+ [
+ "4.10.10",
+ "Invalid Policy Mapping Test10",
+ "-policy anyPolicy",
+ "True", "<empty>", "<empty>", 43
+ ],
+ [
+ "4.10.11",
+ "Valid Policy Mapping Test11",
+ "-policy anyPolicy",
+ "True", "$nist1", "$nist1", 0
+ ],
+
+ # TODO: check notice display
+ [
+ "4.10.12.1",
+ "Valid Policy Mapping Test12",
+ "-policy $nist1",
+ "True", "$nist1:$nist2", "$nist1", 0
+ ],
+
+ # TODO: check notice display
+ [
+ "4.10.12.2",
+ "Valid Policy Mapping Test12",
+ "-policy $nist2",
+ "True", "$nist1:$nist2", "$nist2", 0
+ ],
+ [
+ "4.10.13",
+ "Valid Policy Mapping Test13",
+ "-policy anyPolicy",
+ "True", "$nist1", "$nist1", 0
+ ],
+
+ # TODO: check notice display
+ [
+ "4.10.14",
+ "Valid Policy Mapping Test14",
+ "-policy anyPolicy",
+ "True", "$nist1", "$nist1", 0
+ ],
+ [ "4.11", "Inhibit Policy Mapping" ],
+ [
+ "4.11.1",
+ "Invalid inhibitPolicyMapping Test1",
+ "-policy anyPolicy",
+ "True", "<empty>", "<empty>", 43
+ ],
+ [
+ "4.11.2",
+ "Valid inhibitPolicyMapping Test2",
+ "-policy anyPolicy",
+ "True", "$nist1", "$nist1", 0
+ ],
+ [
+ "4.11.3",
+ "Invalid inhibitPolicyMapping Test3",
+ "-policy anyPolicy",
+ "True", "<empty>", "<empty>", 43
+ ],
+ [
+ "4.11.4",
+ "Valid inhibitPolicyMapping Test4",
+ "-policy anyPolicy",
+ "True", "$nist2", "$nist2", 0
+ ],
+ [
+ "4.11.5",
+ "Invalid inhibitPolicyMapping Test5",
+ "-policy anyPolicy",
+ "True", "<empty>", "<empty>", 43
+ ],
+ [
+ "4.11.6",
+ "Invalid inhibitPolicyMapping Test6",
+ "-policy anyPolicy",
+ "True", "<empty>", "<empty>", 43
+ ],
+ [
+ "4.11.7",
+ "Valid Self-Issued inhibitPolicyMapping Test7",
+ "-policy anyPolicy",
+ "True", "$nist1", "$nist1", 0
+ ],
+ [
+ "4.11.8",
+ "Invalid Self-Issued inhibitPolicyMapping Test8",
+ "-policy anyPolicy",
+ "True", "<empty>", "<empty>", 43
+ ],
+ [
+ "4.11.9",
+ "Invalid Self-Issued inhibitPolicyMapping Test9",
+ "-policy anyPolicy",
+ "True", "<empty>", "<empty>", 43
+ ],
+ [
+ "4.11.10",
+ "Invalid Self-Issued inhibitPolicyMapping Test10",
+ "-policy anyPolicy",
+ "True", "<empty>", "<empty>", 43
+ ],
+ [
+ "4.11.11",
+ "Invalid Self-Issued inhibitPolicyMapping Test11",
+ "-policy anyPolicy",
+ "True", "<empty>", "<empty>", 43
+ ],
+ [ "4.12", "Inhibit Any Policy" ],
+ [
+ "4.12.1",
+ "Invalid inhibitAnyPolicy Test1",
+ "-policy anyPolicy",
+ "True", "<empty>", "<empty>", 43
+ ],
+ [
+ "4.12.2",
+ "Valid inhibitAnyPolicy Test2",
+ "-policy anyPolicy",
+ "True", "$nist1", "$nist1", 0
+ ],
+ [
+ "4.12.3.1",
+ "inhibitAnyPolicy Test3",
+ "-policy anyPolicy",
+ "True", "$nist1", "$nist1", 0
+ ],
+ [
+ "4.12.3.2",
+ "inhibitAnyPolicy Test3",
+ "-policy anyPolicy -inhibit_any",
+ "True", "<empty>", "<empty>", 43
+ ],
+ [
+ "4.12.4",
+ "Invalid inhibitAnyPolicy Test4",
+ "-policy anyPolicy",
+ "True", "<empty>", "<empty>", 43
+ ],
+ [
+ "4.12.5",
+ "Invalid inhibitAnyPolicy Test5",
+ "-policy anyPolicy",
+ "True", "<empty>", "<empty>", 43
+ ],
+ [
+ "4.12.6",
+ "Invalid inhibitAnyPolicy Test6",
+ "-policy anyPolicy",
+ "True", "<empty>", "<empty>", 43
+ ],
+ [ "4.12.7", "Valid Self-Issued inhibitAnyPolicy Test7", 0 ],
+ [ "4.12.8", "Invalid Self-Issued inhibitAnyPolicy Test8", 43 ],
+ [ "4.12.9", "Valid Self-Issued inhibitAnyPolicy Test9", 0 ],
+ [ "4.12.10", "Invalid Self-Issued inhibitAnyPolicy Test10", 43 ],
+ [ "4.13", "Name Constraints" ],
+ [ "4.13.1", "Valid DN nameConstraints Test1", 0 ],
+ [ "4.13.2", "Invalid DN nameConstraints Test2", 47 ],
+ [ "4.13.3", "Invalid DN nameConstraints Test3", 47 ],
+ [ "4.13.4", "Valid DN nameConstraints Test4", 0 ],
+ [ "4.13.5", "Valid DN nameConstraints Test5", 0 ],
+ [ "4.13.6", "Valid DN nameConstraints Test6", 0 ],
+ [ "4.13.7", "Invalid DN nameConstraints Test7", 48 ],
+ [ "4.13.8", "Invalid DN nameConstraints Test8", 48 ],
+ [ "4.13.9", "Invalid DN nameConstraints Test9", 48 ],
+ [ "4.13.10", "Invalid DN nameConstraints Test10", 48 ],
+ [ "4.13.11", "Valid DN nameConstraints Test11", 0 ],
+ [ "4.13.12", "Invalid DN nameConstraints Test12", 47 ],
+ [ "4.13.13", "Invalid DN nameConstraints Test13", 47 ],
+ [ "4.13.14", "Valid DN nameConstraints Test14", 0 ],
+ [ "4.13.15", "Invalid DN nameConstraints Test15", 48 ],
+ [ "4.13.16", "Invalid DN nameConstraints Test16", 48 ],
+ [ "4.13.17", "Invalid DN nameConstraints Test17", 48 ],
+ [ "4.13.18", "Valid DN nameConstraints Test18", 0 ],
+ [ "4.13.19", "Valid Self-Issued DN nameConstraints Test19", 0 ],
+ [ "4.13.20", "Invalid Self-Issued DN nameConstraints Test20", 47 ],
+ [ "4.13.21", "Valid RFC822 nameConstraints Test21", 0 ],
+ [ "4.13.22", "Invalid RFC822 nameConstraints Test22", 47 ],
+ [ "4.13.23", "Valid RFC822 nameConstraints Test23", 0 ],
+ [ "4.13.24", "Invalid RFC822 nameConstraints Test24", 47 ],
+ [ "4.13.25", "Valid RFC822 nameConstraints Test25", 0 ],
+ [ "4.13.26", "Invalid RFC822 nameConstraints Test26", 48 ],
+ [ "4.13.27", "Valid DN and RFC822 nameConstraints Test27", 0 ],
+ [ "4.13.28", "Invalid DN and RFC822 nameConstraints Test28", 47 ],
+ [ "4.13.29", "Invalid DN and RFC822 nameConstraints Test29", 47 ],
+ [ "4.13.30", "Valid DNS nameConstraints Test30", 0 ],
+ [ "4.13.31", "Invalid DNS nameConstraints Test31", 47 ],
+ [ "4.13.32", "Valid DNS nameConstraints Test32", 0 ],
+ [ "4.13.33", "Invalid DNS nameConstraints Test33", 48 ],
+ [ "4.13.34", "Valid URI nameConstraints Test34", 0 ],
+ [ "4.13.35", "Invalid URI nameConstraints Test35", 47 ],
+ [ "4.13.36", "Valid URI nameConstraints Test36", 0 ],
+ [ "4.13.37", "Invalid URI nameConstraints Test37", 48 ],
+ [ "4.13.38", "Invalid DNS nameConstraints Test38", 47 ],
+ [ "4.14", "Distribution Points" ],
+ [ "4.14.1", "Valid distributionPoint Test1", 0 ],
+ [ "4.14.2", "Invalid distributionPoint Test2", 23 ],
+ [ "4.14.3", "Invalid distributionPoint Test3", 44 ],
+ [ "4.14.4", "Valid distributionPoint Test4", 0 ],
+ [ "4.14.5", "Valid distributionPoint Test5", 0 ],
+ [ "4.14.6", "Invalid distributionPoint Test6", 23 ],
+ [ "4.14.7", "Valid distributionPoint Test7", 0 ],
+ [ "4.14.8", "Invalid distributionPoint Test8", 44 ],
+ [ "4.14.9", "Invalid distributionPoint Test9", 44 ],
+ [ "4.14.10", "Valid No issuingDistributionPoint Test10", 0 ],
+ [ "4.14.11", "Invalid onlyContainsUserCerts CRL Test11", 44 ],
+ [ "4.14.12", "Invalid onlyContainsCACerts CRL Test12", 44 ],
+ [ "4.14.13", "Valid onlyContainsCACerts CRL Test13", 0 ],
+ [ "4.14.14", "Invalid onlyContainsAttributeCerts Test14", 44 ],
+ [ "4.14.15", "Invalid onlySomeReasons Test15", 23 ],
+ [ "4.14.16", "Invalid onlySomeReasons Test16", 23 ],
+ [ "4.14.17", "Invalid onlySomeReasons Test17", 3 ],
+ [ "4.14.18", "Valid onlySomeReasons Test18", 0 ],
+ [ "4.14.19", "Valid onlySomeReasons Test19", 0 ],
+ [ "4.14.20", "Invalid onlySomeReasons Test20", 23 ],
+ [ "4.14.21", "Invalid onlySomeReasons Test21", 23 ],
+ [ "4.14.22", "Valid IDP with indirectCRL Test22", 0 ],
+ [ "4.14.23", "Invalid IDP with indirectCRL Test23", 23 ],
+ [ "4.14.24", "Valid IDP with indirectCRL Test24", 0 ],
+ [ "4.14.25", "Valid IDP with indirectCRL Test25", 0 ],
+ [ "4.14.26", "Invalid IDP with indirectCRL Test26", 44 ],
+ [ "4.14.27", "Invalid cRLIssuer Test27", 3 ],
+ [ "4.14.28", "Valid cRLIssuer Test28", 0 ],
+ [ "4.14.29", "Valid cRLIssuer Test29", 0 ],
+
+ # Although this test is valid it has a circular dependency. As a result
+ # an attempt is made to reursively checks a CRL path and rejected due to
+ # a CRL path validation error. PKITS notes suggest this test does not
+ # need to be run due to this issue.
+ [ "4.14.30", "Valid cRLIssuer Test30", 54 ],
+ [ "4.14.31", "Invalid cRLIssuer Test31", 23 ],
+ [ "4.14.32", "Invalid cRLIssuer Test32", 23 ],
+ [ "4.14.33", "Valid cRLIssuer Test33", 0 ],
+ [ "4.14.34", "Invalid cRLIssuer Test34", 23 ],
+ [ "4.14.35", "Invalid cRLIssuer Test35", 44 ],
+ [ "4.15", "Delta-CRLs" ],
+ [ "4.15.1", "Invalid deltaCRLIndicator No Base Test1", 3 ],
+ [ "4.15.2", "Valid delta-CRL Test2", 0 ],
+ [ "4.15.3", "Invalid delta-CRL Test3", 23 ],
+ [ "4.15.4", "Invalid delta-CRL Test4", 23 ],
+ [ "4.15.5", "Valid delta-CRL Test5", 0 ],
+ [ "4.15.6", "Invalid delta-CRL Test6", 23 ],
+ [ "4.15.7", "Valid delta-CRL Test7", 0 ],
+ [ "4.15.8", "Valid delta-CRL Test8", 0 ],
+ [ "4.15.9", "Invalid delta-CRL Test9", 23 ],
+ [ "4.15.10", "Invalid delta-CRL Test10", 12 ],
+ [ "4.16", "Private Certificate Extensions" ],
+ [ "4.16.1", "Valid Unknown Not Critical Certificate Extension Test1", 0 ],
+ [ "4.16.2", "Invalid Unknown Critical Certificate Extension Test2", 34 ],
+);
+
+
+my $verbose = 1;
+
+my $numtest = 0;
+my $numfail = 0;
+
+my $ossl = "ossl/apps/openssl";
+
+my $ossl_cmd = "$ossl_path cms -verify -verify_retcode ";
+$ossl_cmd .= "-CAfile pkitsta.pem -crl_check_all -x509_strict ";
+
+# Check for expiry of trust anchor
+system "$ossl_path x509 -inform DER -in $pkitsta -checkend 0";
+if ($? == 256)
+ {
+ print STDERR "WARNING: using older expired data\n";
+ $ossl_cmd .= "-attime 1291940972 ";
+ }
+
+$ossl_cmd .= "-policy_check -extended_crl -use_deltas -out /dev/null 2>&1 ";
+
+system "$ossl_path x509 -inform DER -in $pkitsta -out pkitsta.pem";
+
+die "Can't create trust anchor file" if $?;
+
+print "Running PKITS tests:\n" if $verbose;
+
+foreach (@testlists) {
+ my $argnum = @$_;
+ if ( $argnum == 2 ) {
+ my ( $tnum, $title ) = @$_;
+ print "$tnum $title\n" if $verbose;
+ }
+ elsif ( $argnum == 3 ) {
+ my ( $tnum, $title, $exp_ret ) = @$_;
+ my $filename = $title;
+ $exp_ret += 32 if $exp_ret;
+ $filename =~ tr/ -//d;
+ $filename = "Signed${filename}.eml";
+ if ( !-f "$pkitsdir/$filename" ) {
+ print "\"$filename\" not found\n";
+ }
+ else {
+ my $ret;
+ my $test_fail = 0;
+ my $errmsg = "";
+ my $cmd = $ossl_cmd;
+ $cmd .= "-in $pkitsdir/$filename -policy anyPolicy";
+ my $cmdout = `$cmd`;
+ $ret = $? >> 8;
+ if ( $? & 0xff ) {
+ $errmsg .= "Abnormal OpenSSL termination\n";
+ $test_fail = 1;
+ }
+ if ( $exp_ret != $ret ) {
+ $errmsg .= "Return code:$ret, ";
+ $errmsg .= "expected $exp_ret\n";
+ $test_fail = 1;
+ }
+ if ($test_fail) {
+ print "$tnum $title : Failed!\n";
+ print "Filename: $pkitsdir/$filename\n";
+ print $errmsg;
+ print "Command output:\n$cmdout\n";
+ $numfail++;
+ }
+ $numtest++;
+ }
+ }
+ elsif ( $argnum == 7 ) {
+ my ( $tnum, $title, $exargs, $exp_epol, $exp_aset, $exp_uset, $exp_ret )
+ = @$_;
+ my $filename = $title;
+ $exp_ret += 32 if $exp_ret;
+ $filename =~ tr/ -//d;
+ $filename = "Signed${filename}.eml";
+ if ( !-f "$pkitsdir/$filename" ) {
+ print "\"$filename\" not found\n";
+ }
+ else {
+ my $ret;
+ my $cmdout = "";
+ my $errmsg = "";
+ my $epol = "";
+ my $aset = "";
+ my $uset = "";
+ my $pol = -1;
+ my $test_fail = 0;
+ my $cmd = $ossl_cmd;
+ $cmd .= "-in $pkitsdir/$filename $exargs -policy_print";
+ @oparr = `$cmd`;
+ $ret = $? >> 8;
+
+ if ( $? & 0xff ) {
+ $errmsg .= "Abnormal OpenSSL termination\n";
+ $test_fail = 1;
+ }
+ foreach (@oparr) {
+ my $test_failed = 0;
+ $cmdout .= $_;
+ if (/^Require explicit Policy: (.*)$/) {
+ $epol = $1;
+ }
+ if (/^Authority Policies/) {
+ if (/empty/) {
+ $aset = "<empty>";
+ }
+ else {
+ $pol = 1;
+ }
+ }
+ $test_fail = 1 if (/leak/i);
+ if (/^User Policies/) {
+ if (/empty/) {
+ $uset = "<empty>";
+ }
+ else {
+ $pol = 2;
+ }
+ }
+ if (/\s+Policy: (.*)$/) {
+ if ( $pol == 1 ) {
+ $aset .= ":" if $aset ne "";
+ $aset .= $1;
+ }
+ elsif ( $pol == 2 ) {
+ $uset .= ":" if $uset ne "";
+ $uset .= $1;
+ }
+ }
+ }
+
+ if ( $epol ne $exp_epol ) {
+ $errmsg .= "Explicit policy:$epol, ";
+ $errmsg .= "expected $exp_epol\n";
+ $test_fail = 1;
+ }
+ if ( $aset ne $exp_aset ) {
+ $errmsg .= "Authority policy set :$aset, ";
+ $errmsg .= "expected $exp_aset\n";
+ $test_fail = 1;
+ }
+ if ( $uset ne $exp_uset ) {
+ $errmsg .= "User policy set :$uset, ";
+ $errmsg .= "expected $exp_uset\n";
+ $test_fail = 1;
+ }
+
+ if ( $exp_ret != $ret ) {
+ print "Return code:$ret, expected $exp_ret\n";
+ $test_fail = 1;
+ }
+
+ if ($test_fail) {
+ print "$tnum $title : Failed!\n";
+ print "Filename: $pkitsdir/$filename\n";
+ print "Command output:\n$cmdout\n";
+ $numfail++;
+ }
+ $numtest++;
+ }
+ }
+}
+
+if ($numfail) {
+ print "$numfail tests failed out of $numtest\n";
+}
+else {
+ print "All Tests Successful.\n";
+}
+
+unlink "pkitsta.pem";
+
Copied: trunk/crypto/openssl/test/srptest.c (from rev 7117, vendor-crypto/openssl/dist/test/srptest.c)
===================================================================
--- trunk/crypto/openssl/test/srptest.c (rev 0)
+++ trunk/crypto/openssl/test/srptest.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1 @@
+link ../crypto/srp/srptest.c
\ No newline at end of file
Modified: trunk/crypto/openssl/test/tcrl.com
===================================================================
--- trunk/crypto/openssl/test/tcrl.com 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/test/tcrl.com 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,14 +1,17 @@
$! TCRL.COM -- Tests crl keys
$
-$ __arch := VAX
+$ __arch = "VAX"
$ if f$getsyi("cpu") .ge. 128 then -
__arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
-$ if __arch .eqs. "" then __arch := UNK
-$ exe_dir := sys$disk:[-.'__arch'.exe.apps]
+$ if __arch .eqs. "" then __arch = "UNK"
+$!
+$ if (p2 .eqs. "64") then __arch = __arch+ "_64"
+$!
+$ exe_dir = "sys$disk:[-.''__arch'.exe.apps]"
$
-$ cmd := mcr 'exe_dir'openssl crl
+$ cmd = "mcr ''exe_dir'openssl crl"
$
-$ t := testcrl.pem
+$ t = "testcrl.pem"
$ if p1 .nes. "" then t = p1
$
$ write sys$output "testing CRL conversions"
Modified: trunk/crypto/openssl/test/test.cnf
===================================================================
--- trunk/crypto/openssl/test/test.cnf 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/test/test.cnf 2015-07-21 23:23:45 UTC (rev 7118)
@@ -56,7 +56,7 @@
####################################################################
[ req ]
-default_bits = 512
+default_bits = 1024
default_keyfile = testkey.pem
distinguished_name = req_distinguished_name
encrypt_rsa_key = no
Copied: trunk/crypto/openssl/test/test_padlock (from rev 7117, vendor-crypto/openssl/dist/test/test_padlock)
===================================================================
--- trunk/crypto/openssl/test/test_padlock (rev 0)
+++ trunk/crypto/openssl/test/test_padlock 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,64 @@
+#!/bin/sh
+
+PROG=$1
+
+if [ -x $PROG ]; then
+ if expr "x`$PROG version`" : "xOpenSSL" > /dev/null; then
+ :
+ else
+ echo "$PROG is not OpenSSL executable"
+ exit 1
+ fi
+else
+ echo "$PROG is not executable"
+ exit 1;
+fi
+
+if $PROG engine padlock | grep -v no-ACE; then
+
+ HASH=`cat $PROG | $PROG dgst -hex`
+
+ ACE_ALGS=" aes-128-ecb aes-192-ecb aes-256-ecb \
+ aes-128-cbc aes-192-cbc aes-256-cbc \
+ aes-128-cfb aes-192-cfb aes-256-cfb \
+ aes-128-ofb aes-192-ofb aes-256-ofb"
+
+ nerr=0
+
+ for alg in $ACE_ALGS; do
+ echo $alg
+ TEST=`( cat $PROG | \
+ $PROG enc -e -k "$HASH" -$alg -bufsize 999 -engine padlock | \
+ $PROG enc -d -k "$HASH" -$alg | \
+ $PROG dgst -hex ) 2>/dev/null`
+ if [ "$TEST" != "$HASH" ]; then
+ echo "-$alg encrypt test failed"
+ nerr=`expr $nerr + 1`
+ fi
+ TEST=`( cat $PROG | \
+ $PROG enc -e -k "$HASH" -$alg | \
+ $PROG enc -d -k "$HASH" -$alg -bufsize 999 -engine padlock | \
+ $PROG dgst -hex ) 2>/dev/null`
+ if [ "$TEST" != "$HASH" ]; then
+ echo "-$alg decrypt test failed"
+ nerr=`expr $nerr + 1`
+ fi
+ TEST=`( cat $PROG | \
+ $PROG enc -e -k "$HASH" -$alg -engine padlock | \
+ $PROG enc -d -k "$HASH" -$alg -engine padlock | \
+ $PROG dgst -hex ) 2>/dev/null`
+ if [ "$TEST" != "$HASH" ]; then
+ echo "-$alg en/decrypt test failed"
+ nerr=`expr $nerr + 1`
+ fi
+ done
+
+ if [ $nerr -gt 0 ]; then
+ echo "PadLock ACE test failed."
+ exit 1;
+ fi
+else
+ echo "PadLock ACE is not available"
+fi
+
+exit 0
Modified: trunk/crypto/openssl/test/testca.com
===================================================================
--- trunk/crypto/openssl/test/testca.com 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/test/testca.com 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,11 +1,13 @@
$! TESTCA.COM
$
-$ __arch := VAX
+$ __arch = "VAX"
$ if f$getsyi("cpu") .ge. 128 then -
__arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
-$ if __arch .eqs. "" then __arch := UNK
+$ if __arch .eqs. "" then __arch = "UNK"
+$!
+$ if (p1 .eqs. "64") then __arch = __arch+ "_64"
$
-$ openssl := mcr 'exe_dir'openssl
+$ openssl = "mcr ''exe_dir'openssl"
$
$ SSLEAY_CONFIG="-config ""CAss.cnf"""
$
@@ -12,7 +14,7 @@
$ set noon
$ if f$search("demoCA.dir") .nes. ""
$ then
-$ call deltree [.demoCA]*.*
+$ @[-.util]deltree [.demoCA]*.*
$ set file/prot=(S:RWED,O:RWED,G:RWED,W:RWED) demoCA.dir;*
$ delete demoCA.dir;*
$ endif
@@ -39,7 +41,7 @@
$ if $severity .ne. 1 then exit 3
$
$ set noon
-$ call deltree [.demoCA]*.*
+$ @[-.util]deltree [.demoCA]*.*
$ set file/prot=(S:RWED,O:RWED,G:RWED,W:RWED) demoCA.dir;*
$ delete demoCA.dir;*
$ if f$search("newcert.pem") .nes. "" then delete newcert.pem;*
@@ -48,32 +50,3 @@
$! #usage: CA -newcert|-newreq|-newca|-sign|-verify
$
$ exit
-$
-$ deltree: subroutine ! P1 is a name of a directory
-$ on control_y then goto dt_STOP
-$ on warning then goto dt_exit
-$ _dt_def = f$trnlnm("SYS$DISK")+f$directory()
-$ if f$parse(p1) .eqs. "" then exit
-$ set default 'f$parse(p1,,,"DEVICE")''f$parse(p1,,,"DIRECTORY")'
-$ p1 = f$parse(p1,,,"NAME") + f$parse(p1,,,"TYPE")
-$ _fp = f$parse(".DIR",p1)
-$ dt_loop:
-$ _f = f$search(_fp)
-$ if _f .eqs. "" then goto dt_loopend
-$ call deltree [.'f$parse(_f,,,"NAME")']*.*
-$ goto dt_loop
-$ dt_loopend:
-$ _fp = f$parse(p1,".;*")
-$ if f$search(_fp) .eqs. "" then goto dt_exit
-$ set noon
-$ set file/prot=(S:RWED,O:RWED,G:RWED,W:RWED) '_fp'
-$ set on
-$ delete/nolog '_fp'
-$ dt_exit:
-$ set default '_dt_def'
-$ exit
-$ dt_STOP:
-$ set default '_dt_def'
-$ stop/id=""
-$ exit
-$ endsubroutine
Modified: trunk/crypto/openssl/test/testenc.com
===================================================================
--- trunk/crypto/openssl/test/testenc.com 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/test/testenc.com 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,13 +1,16 @@
$! TESTENC.COM -- Test encoding and decoding
$
-$ __arch := VAX
+$ __arch = "VAX"
$ if f$getsyi("cpu") .ge. 128 then -
__arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
-$ if __arch .eqs. "" then __arch := UNK
+$ if __arch .eqs. "" then __arch = "UNK"
+$!
+$ if (p1 .eqs. 64) then __arch = __arch+ "_64"
$
-$ testsrc := makefile.
-$ test := p.txt
-$ cmd := mcr 'exe_dir'openssl
+$ exe_dir = "sys$disk:[-.''__arch'.exe.apps]"
+$ testsrc = "makefile."
+$ test = "p.txt"
+$ cmd = "mcr ''exe_dir'openssl"
$
$ if f$search(test) .nes. "" then delete 'test';*
$ convert/fdl=sys$input: 'testsrc' 'test'
Modified: trunk/crypto/openssl/test/testgen.com
===================================================================
--- trunk/crypto/openssl/test/testgen.com 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/test/testgen.com 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,14 +1,15 @@
-$! TETSGEN.COM
+$! TESTGEN.COM
$
-$ __arch := VAX
+$ __arch = "VAX"
$ if f$getsyi("cpu") .ge. 128 then -
__arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
-$ if __arch .eqs. "" then __arch := UNK
-$ exe_dir := sys$disk:[-.'__arch'.exe.apps]
+$ if __arch .eqs. "" then __arch = "UNK"
+$ if (p1 .eqs. 64) then __arch = __arch+ "_64"
+$ exe_dir = "sys$disk:[-.''__arch'.exe.apps]"
$
-$ T := testcert
+$ T = "testcert"
$ KEY = 512
-$ CA := [-.certs]testca.pem
+$ CA = "[-.certs]testca.pem"
$
$ set noon
$ if f$search(T+".1;*") .nes. "" then delete 'T'.1;*
@@ -20,7 +21,8 @@
$
$ append/new nl: .rnd
$ open/append random_file .rnd
-$ write random_file "string to make the random number generator think it has entropy"
+$ write random_file -
+ "string to make the random number generator think it has entropy"
$ close random_file
$
$ set noon
@@ -33,8 +35,10 @@
$ req_new="-newkey dsa:[-.apps]dsa512.pem"
$ else
$ req_new="-new"
-$ write sys$output "There should be a 2 sequences of .'s and some +'s."
-$ write sys$output "There should not be more that at most 80 per line"
+$ write sys$output -
+ "There should be a 2 sequences of .'s and some +'s."
+$ write sys$output -
+ "There should not be more that at most 80 per line"
$ endif
$
$ write sys$output "This could take some time."
Modified: trunk/crypto/openssl/test/tests.com
===================================================================
--- trunk/crypto/openssl/test/tests.com 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/test/tests.com 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,22 +1,43 @@
$! TESTS.COM -- Performs the necessary tests
$!
$! P1 tests to be performed. Empty means all.
-$
+$! P2 Pointer size: "", "32", or "64".
+$!
+$! Announce/identify.
+$!
+$ proc = f$environment( "procedure")
+$ write sys$output "@@@ "+ -
+ f$parse( proc, , , "name")+ f$parse( proc, , , "type")
+$!
$ __proc = f$element(0,";",f$environment("procedure"))
$ __here = f$parse(f$parse("A.;",__proc) - "A.;","[]A.;") - "A.;"
$ __save_default = f$environment("default")
-$ __arch := VAX
+$ __arch = "VAX"
$ if f$getsyi("cpu") .ge. 128 then -
__arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
-$ if __arch .eqs. "" then __arch := UNK
-$ texe_dir := sys$disk:[-.'__arch'.exe.test]
-$ exe_dir := sys$disk:[-.'__arch'.exe.apps]
+$ if __arch .eqs. "" then __arch = "UNK"
+$!
+$ __archd = __arch
+$ pointer_size = ""
+$ if (p2 .eq. "64")
+$ then
+$ pointer_size = "64"
+$ __archd = __arch+ "_64"
+$ endif
+$!
+$ texe_dir := sys$disk:[-.'__archd'.exe.test]
+$ exe_dir := sys$disk:[-.'__archd'.exe.apps]
$
-$ sslroot = f$parse("sys$disk:[-.apps];",,,,"syntax_only") - "].;"+ ".]"
-$ define /translation_attributes = concealed sslroot 'sslroot'
-$
$ set default '__here'
$
+$ ROOT = F$PARSE("sys$disk:[-]A.;0",,,,"SYNTAX_ONLY,NO_CONCEAL") - "A.;0"
+$ ROOT_DEV = F$PARSE(ROOT,,,"DEVICE","SYNTAX_ONLY")
+$ ROOT_DIR = F$PARSE(ROOT,,,"DIRECTORY","SYNTAX_ONLY") -
+ - ".][000000" - "[000000." - "][" - "[" - "]"
+$ ROOT = ROOT_DEV + "[" + ROOT_DIR
+$ DEFINE/NOLOG SSLROOT 'ROOT'.APPS.] /TRANS=CONC
+$ openssl_conf := sslroot:[000000]openssl-vms.cnf
+$
$ on control_y then goto exit
$ on error then goto exit
$
@@ -29,12 +50,13 @@
$! if there's a difference that needs to be taken care of.
$ tests := -
test_des,test_idea,test_sha,test_md4,test_md5,test_hmac,-
- test_md2,test_mdc2,-
- test_rmd,test_rc2,test_rc4,test_rc5,test_bf,test_cast,test_rd,-
+ test_md2,test_mdc2,test_wp,-
+ test_rmd,test_rc2,test_rc4,test_rc5,test_bf,test_cast,test_aes,-
test_rand,test_bn,test_ec,test_ecdsa,test_ecdh,-
test_enc,test_x509,test_rsa,test_crl,test_sid,-
test_gen,test_req,test_pkcs7,test_verify,test_dh,test_dsa,-
- test_ss,test_ca,test_engine,test_evp,test_ssl,test_ige,test_jpake
+ test_ss,test_ca,test_engine,test_evp,test_ssl,test_tsa,test_ige,-
+ test_jpake,test_srp,test_cms,test_heartbeat,test_constant_time
$ endif
$ tests = f$edit(tests,"COLLAPSE")
$
@@ -46,6 +68,8 @@
$ IDEATEST := ideatest
$ SHATEST := shatest
$ SHA1TEST := sha1test
+$ SHA256TEST := sha256t
+$ SHA512TEST := sha512t
$ MDC2TEST := mdc2test
$ RMDTEST := rmdtest
$ MD2TEST := md2test
@@ -52,6 +76,7 @@
$ MD4TEST := md4test
$ MD5TEST := md5test
$ HMACTEST := hmactest
+$ WPTEST := wp_test
$ RC2TEST := rc2test
$ RC4TEST := rc4test
$ RC5TEST := rc5test
@@ -68,17 +93,22 @@
$ EVPTEST := evp_test
$ IGETEST := igetest
$ JPAKETEST := jpaketest
-$
+$ SRPTEST := srptest
+$ ASN1TEST := asn1test
+$ HEARTBEATTEST := heartbeat_test
+$ CONSTTIMETEST := constant_time_test
+$!
$ tests_i = 0
$ loop_tests:
$ tests_e = f$element(tests_i,",",tests)
$ tests_i = tests_i + 1
$ if tests_e .eqs. "," then goto exit
+$ write sys$output "---> ''tests_e'"
$ gosub 'tests_e'
$ goto loop_tests
$
$ test_evp:
-$ mcr 'texe_dir''evptest' evptests.txt
+$ mcr 'texe_dir''evptest' 'ROOT'.CRYPTO.EVP]evptests.txt
$ return
$ test_des:
$ mcr 'texe_dir''destest'
@@ -89,6 +119,8 @@
$ test_sha:
$ mcr 'texe_dir''shatest'
$ mcr 'texe_dir''sha1test'
+$ mcr 'texe_dir''sha256test'
+$ mcr 'texe_dir''sha512test'
$ return
$ test_mdc2:
$ mcr 'texe_dir''mdc2test'
@@ -102,6 +134,9 @@
$ test_hmac:
$ mcr 'texe_dir''hmactest'
$ return
+$ test_wp:
+$ mcr 'texe_dir''wptest'
+$ return
$ test_md2:
$ mcr 'texe_dir''md2test'
$ return
@@ -127,68 +162,109 @@
$ mcr 'texe_dir''randtest'
$ return
$ test_enc:
-$ @testenc.com
+$ @testenc.com 'pointer_size'
$ return
$ test_x509:
-$ define sys$error nla0:
+$ set noon
+$ define sys$error test_x509.err
$ write sys$output "test normal x509v1 certificate"
-$ @tx509.com
+$ @tx509.com "" 'pointer_size'
$ write sys$output "test first x509v3 certificate"
-$ @tx509.com v3-cert1.pem
+$ @tx509.com v3-cert1.pem 'pointer_size'
$ write sys$output "test second x509v3 certificate"
-$ @tx509.com v3-cert2.pem
+$ @tx509.com v3-cert2.pem 'pointer_size'
$ deassign sys$error
+$ set on
$ return
$ test_rsa:
-$ define sys$error nla0:
-$ @trsa.com
+$ set noon
+$ define sys$error test_rsa.err
+$ @trsa.com "" 'pointer_size'
$ deassign sys$error
$ mcr 'texe_dir''rsatest'
+$ set on
$ return
$ test_crl:
-$ define sys$error nla0:
-$ @tcrl.com
+$ set noon
+$ define sys$error test_crl.err
+$ @tcrl.com "" 'pointer_size'
$ deassign sys$error
+$ set on
$ return
$ test_sid:
-$ define sys$error nla0:
-$ @tsid.com
+$ set noon
+$ define sys$error test_sid.err
+$ @tsid.com "" 'pointer_size'
$ deassign sys$error
+$ set on
$ return
$ test_req:
-$ define sys$error nla0:
-$ @treq.com
-$ @treq.com testreq2.pem
+$ set noon
+$ define sys$error test_req.err
+$ @treq.com "" 'pointer_size'
+$ @treq.com testreq2.pem 'pointer_size'
$ deassign sys$error
+$ set on
$ return
$ test_pkcs7:
-$ define sys$error nla0:
-$ @tpkcs7.com
-$ @tpkcs7d.com
+$ set noon
+$ define sys$error test_pkcs7.err
+$ @tpkcs7.com "" 'pointer_size'
+$ @tpkcs7d.com "" 'pointer_size'
$ deassign sys$error
+$ set on
$ return
$ test_bn:
-$ write sys$output "starting big number library test, could take a while..."
-$ create bntest-vms.fdl
+$ write sys$output -
+ "starting big number library test, could take a while..."
+$ set noon
+$ define sys$error test_bn.err
+$ define sys$output test_bn.out
+$ @ bctest.com
+$ status = $status
+$ deassign sys$error
+$ deassign sys$output
+$ set on
+$ if (status)
+$ then
+$ create /fdl = sys$input bntest-vms.tmp
FILE
ORGANIZATION sequential
RECORD
FORMAT stream_lf
-$ create/fdl=bntest-vms.fdl bntest-vms.sh
-$ open/append foo bntest-vms.sh
-$ type/output=foo: sys$input:
+$ define /user_mode sys$output bntest-vms.tmp
+$ mcr 'texe_dir''bntest'
+$ define /user_mode sys$input bntest-vms.tmp
+$ define /user_mode sys$output bntest-vms.out
+$ bc
+$ @ bntest.com bntest-vms.out
+$ status = $status
+$ if (status)
+$ then
+$ delete bntest-vms.out;*
+$ delete bntest-vms.tmp;*
+$ endif
+$ else
+$ create /fdl = sys$input bntest-vms.sh
+FILE
+ ORGANIZATION sequential
+RECORD
+ FORMAT stream_lf
+$ open /append bntest_file bntest-vms.sh
+$ type /output = bntest_file sys$input:
<< __FOO__ sh -c "`sh ./bctest`" | perl -e '$i=0; while (<STDIN>) {if (/^test (.*)/) {print STDERR "\nverify $1";} elsif (!/^0$/) {die "\nFailed! bc: $_";} else {print STDERR "."; $i++;}} print STDERR "\n$i tests passed\n"'
-$ define/user sys$output bntest-vms.tmp
-$ mcr 'texe_dir''bntest'
-$ copy bntest-vms.tmp foo:
-$ delete bntest-vms.tmp;*
-$ type/output=foo: sys$input:
+$ define /user_mode sys$output bntest-vms.tmp
+$ mcr 'texe_dir''bntest'
+$ copy bntest-vms.tmp bntest_file
+$ delete bntest-vms.tmp;*
+$ type /output = bntest_file sys$input:
__FOO__
-$ close foo
-$ write sys$output "-- copy the [.test]bntest-vms.sh and [.test]bctest files to a Unix system and"
-$ write sys$output "-- run bntest-vms.sh through sh or bash to verify that the bignum operations"
-$ write sys$output "-- went well."
-$ write sys$output ""
+$ close bntest_file
+$ write sys$output "-- copy the [.test]bntest-vms.sh and [.test]bctest files to a Unix system and"
+$ write sys$output "-- run bntest-vms.sh through sh or bash to verify that the bignum operations"
+$ write sys$output "-- went well."
+$ write sys$output ""
+$ endif
$ write sys$output "test a^b%c implementations"
$ mcr 'texe_dir''exptest'
$ return
@@ -207,7 +283,7 @@
$ test_verify:
$ write sys$output "The following command should have some OK's and some failures"
$ write sys$output "There are definitly a few expired certificates"
-$ @tverify.com
+$ @tverify.com 'pointer_size'
$ return
$ test_dh:
$ write sys$output "Generate a set of DH parameters"
@@ -219,7 +295,7 @@
$ return
$ test_gen:
$ write sys$output "Generate and verify a certificate request"
-$ @testgen.com
+$ @testgen.com 'pointer_size'
$ return
$ maybe_test_ss:
$ testss_RDT = f$cvtime(f$file_attributes("testss.com","RDT"))
@@ -232,7 +308,7 @@
$ return
$ test_ss:
$ write sys$output "Generate and certify a test certificate"
-$ @testss.com
+$ @testss.com 'pointer_size'
$ return
$ test_engine:
$ write sys$output "Manipulate the ENGINE structures"
@@ -241,11 +317,11 @@
$ test_ssl:
$ write sys$output "test SSL protocol"
$ gosub maybe_test_ss
-$ @testssl.com keyU.ss certU.ss certCA.ss
+$ @testssl.com keyU.ss certU.ss certCA.ss 'pointer_size'
$ return
$ test_ca:
$ set noon
-$ define/user sys$output nla0:
+$ define /user_mode sys$output test_ca.out
$ mcr 'exe_dir'openssl no-rsa
$ save_severity=$SEVERITY
$ set on
@@ -254,13 +330,26 @@
$ write sys$output "skipping CA.com test -- requires RSA"
$ else
$ write sys$output "Generate and certify a test certificate via the 'ca' program"
-$ @testca.com
+$ @testca.com 'pointer_size'
$ endif
$ return
-$ test_rd:
-$ write sys$output "test Rijndael"
-$ !mcr 'texe_dir''rdtest'
+$ test_aes:
+$! write sys$output "test AES"
+$! !mcr 'texe_dir''aestest'
$ return
+$ test_tsa:
+$ set noon
+$ define /user_mode sys$output nla0:
+$ mcr 'exe_dir'openssl no-rsa
+$ save_severity=$SEVERITY
+$ set on
+$ if save_severity
+$ then
+$ write sys$output "skipping testtsa.com test -- requires RSA"
+$ else
+$ @testtsa.com "" "" "" 'pointer_size'
+$ endif
+$ return
$ test_ige:
$ write sys$output "Test IGE mode"
$ mcr 'texe_dir''igetest'
@@ -269,9 +358,30 @@
$ write sys$output "Test JPAKE"
$ mcr 'texe_dir''jpaketest'
$ return
+$ test_cms:
+$ write sys$output "CMS consistency test"
+$ ! Define the logical name used to find openssl.exe in the perl script.
+$ define /user_mode osslx 'exe_dir'
+$ perl CMS-TEST.PL
+$ return
+$ test_srp:
+$ write sys$output "Test SRP"
+$ mcr 'texe_dir''srptest'
+$ return
+$ test_heartbeat:
+$ write sys$output "Test HEARTBEAT"
+$ mcr 'texe_dir''heartbeattest'
+$ return
+$ test_constant_time:
+$ write sys$output "Test constant time utilities"
+$ mcr 'texe_dir''consttimetest'
+$ return
$
$
$ exit:
+$ on error then goto exit2 ! In case openssl.exe didn't build.
+$ mcr 'exe_dir'openssl version -a
+$ exit2:
$ set default '__save_default'
$ deassign sslroot
$ exit
Modified: trunk/crypto/openssl/test/testss.com
===================================================================
--- trunk/crypto/openssl/test/testss.com 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/test/testss.com 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,16 +1,19 @@
$! TESTSS.COM
$
-$ __arch := VAX
+$ __arch = "VAX"
$ if f$getsyi("cpu") .ge. 128 then -
__arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
-$ if __arch .eqs. "" then __arch := UNK
-$ exe_dir := sys$disk:[-.'__arch'.exe.apps]
+$ if __arch .eqs. "" then __arch = "UNK"
+$!
+$ if (p1 .eqs. "64") then __arch = __arch+ "_64"
+$!
+$ exe_dir = "sys$disk:[-.''__arch'.exe.apps]"
$
$ digest="-md5"
-$ reqcmd := mcr 'exe_dir'openssl req
-$ x509cmd := mcr 'exe_dir'openssl x509 'digest'
-$ verifycmd := mcr 'exe_dir'openssl verify
-$ dummycnf := sys$disk:[-.apps]openssl-vms.cnf
+$ reqcmd = "mcr ''exe_dir'openssl req"
+$ x509cmd = "mcr ''exe_dir'openssl x509 ''digest'"
+$ verifycmd = "mcr ''exe_dir'openssl verify"
+$ dummycnf = "sys$disk:[-.apps]openssl-vms.cnf"
$
$ CAkey="""keyCA.ss"""
$ CAcert="""certCA.ss"""
Modified: trunk/crypto/openssl/test/testssl
===================================================================
--- trunk/crypto/openssl/test/testssl 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/test/testssl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -100,8 +100,8 @@
$ssltest $extra || exit 1
if [ $dsa_cert = NO ]; then
- echo test sslv2/sslv3 w/o DHE via BIO pair
- $ssltest -bio_pair -no_dhe $extra || exit 1
+ echo 'test sslv2/sslv3 w/o (EC)DHE via BIO pair'
+ $ssltest -bio_pair -no_dhe -no_ecdhe $extra || exit 1
fi
echo test sslv2/sslv3 with 1024bit DHE via BIO pair
@@ -119,10 +119,9 @@
echo test sslv2/sslv3 with both client and server authentication via BIO pair and app verify
$ssltest -bio_pair -server_auth -client_auth -app_verify $CA $extra || exit 1
-echo "Testing ciphersuites"
-for protocol in SSLv3; do
- echo "Testing ciphersuites for $protocol"
- for cipher in `../util/shlib_wrap.sh ../apps/openssl ciphers "RSA+$protocol" | tr ':' ' '`; do
+test_cipher() {
+ local cipher=$1
+ local protocol=$2
echo "Testing $cipher"
prot=""
if [ $protocol = "SSLv3" ] ; then
@@ -133,7 +132,38 @@
echo "Failed $cipher"
exit 1
fi
+}
+
+echo "Testing ciphersuites"
+for protocol in TLSv1.2 SSLv3; do
+ echo "Testing ciphersuites for $protocol"
+ for cipher in `../util/shlib_wrap.sh ../apps/openssl ciphers "RSA+$protocol" | tr ':' ' '`; do
+ test_cipher $cipher $protocol
done
+ if ../util/shlib_wrap.sh ../apps/openssl no-dh; then
+ echo "skipping RSA+DHE tests"
+ else
+ for cipher in `../util/shlib_wrap.sh ../apps/openssl ciphers "EDH+aRSA+$protocol:-EXP" | tr ':' ' '`; do
+ test_cipher $cipher $protocol
+ done
+ echo "testing connection with weak DH, expecting failure"
+ if [ $protocol = "SSLv3" ] ; then
+ $ssltest -cipher EDH -dhe512 -ssl3
+ else
+ $ssltest -cipher EDH -dhe512
+ fi
+ if [ $? -eq 0 ]; then
+ echo "FAIL: connection with weak DH succeeded"
+ exit 1
+ fi
+ fi
+ if ../util/shlib_wrap.sh ../apps/openssl no-ec; then
+ echo "skipping RSA+ECDHE tests"
+ else
+ for cipher in `../util/shlib_wrap.sh ../apps/openssl ciphers "EECDH+aRSA+$protocol:-EXP" | tr ':' ' '`; do
+ test_cipher $cipher $protocol
+ done
+ fi
done
#############################################################################
@@ -148,8 +178,8 @@
if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then
echo skipping RSA tests
else
- echo test tls1 with 1024bit RSA, no DHE, multiple handshakes
- ../util/shlib_wrap.sh ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -no_dhe -num 10 -f -time $extra || exit 1
+ echo 'test tls1 with 1024bit RSA, no (EC)DHE, multiple handshakes'
+ ../util/shlib_wrap.sh ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -no_dhe -no_ecdhe -num 10 -f -time $extra || exit 1
if ../util/shlib_wrap.sh ../apps/openssl no-dh; then
echo skipping RSA+DHE tests
@@ -159,4 +189,26 @@
fi
fi
+echo test tls1 with PSK
+$ssltest -tls1 -cipher PSK -psk abc123 $extra || exit 1
+
+echo test tls1 with PSK via BIO pair
+$ssltest -bio_pair -tls1 -cipher PSK -psk abc123 $extra || exit 1
+
+if ../util/shlib_wrap.sh ../apps/openssl no-srp; then
+ echo skipping SRP tests
+else
+ echo test tls1 with SRP
+ $ssltest -tls1 -cipher SRP -srpuser test -srppass abc123
+
+ echo test tls1 with SRP via BIO pair
+ $ssltest -bio_pair -tls1 -cipher SRP -srpuser test -srppass abc123
+
+ echo test tls1 with SRP auth
+ $ssltest -tls1 -cipher aSRP -srpuser test -srppass abc123
+
+ echo test tls1 with SRP auth via BIO pair
+ $ssltest -bio_pair -tls1 -cipher aSRP -srpuser test -srppass abc123
+fi
+
exit 0
Modified: trunk/crypto/openssl/test/testssl.com
===================================================================
--- trunk/crypto/openssl/test/testssl.com 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/test/testssl.com 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,11 +1,14 @@
$! TESTSSL.COM
$
-$ __arch := VAX
+$ __arch = "VAX"
$ if f$getsyi("cpu") .ge. 128 then -
__arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
-$ if __arch .eqs. "" then __arch := UNK
-$ texe_dir := sys$disk:[-.'__arch'.exe.test]
-$ exe_dir := sys$disk:[-.'__arch'.exe.apps]
+$ if __arch .eqs. "" then __arch = "UNK"
+$!
+$ if (p4 .eqs. "64") then __arch = __arch+ "_64"
+$!
+$ texe_dir = "sys$disk:[-.''__arch'.exe.test]"
+$ exe_dir = "sys$disk:[-.''__arch'.exe.apps]"
$
$ if p1 .eqs. ""
$ then
@@ -19,21 +22,21 @@
$ else
$ cert=p2
$ endif
-$ ssltest := mcr 'texe_dir'ssltest -key 'key' -cert 'cert' -c_key 'key' -c_cert 'cert'
-$
+$ ssltest = "mcr ''texe_dir'ssltest -key ''key'"+ -
+ " -cert ''cert' -c_key ''key' -c_cert ''cert'"
+$!
+$ set noon
$ define/user sys$output testssl-x509-output.
$ define/user sys$error nla0:
$ mcr 'exe_dir'openssl x509 -in 'cert' -text -noout
-$ set noon
$ define/user sys$error nla0:
$ search/output=nla0: testssl-x509-output. "DSA Public Key"/exact
$ if $severity .eq. 1
$ then
-$ dsa_cert := YES
+$ dsa_cert = "YES"
$ else
-$ dsa_cert := NO
+$ dsa_cert = "NO"
$ endif
-$ set on
$ delete testssl-x509-output.;*
$
$ if p3 .eqs. ""
@@ -161,7 +164,6 @@
$
$!###########################################################################
$
-$ set noon
$ define/user sys$output nla0:
$ mcr 'exe_dir'openssl no-rsa
$ no_rsa=$SEVERITY
@@ -168,7 +170,6 @@
$ define/user sys$output nla0:
$ mcr 'exe_dir'openssl no-dh
$ no_dh=$SEVERITY
-$ set on
$
$ if no_dh
$ then
@@ -203,4 +204,5 @@
$ RET = 3
$ exit:
$ if p3 .eqs. "" then delete certs.tmp;*
+$ set on
$ exit 'RET'
Copied: trunk/crypto/openssl/test/testtsa (from rev 7117, vendor-crypto/openssl/dist/test/testtsa)
===================================================================
--- trunk/crypto/openssl/test/testtsa (rev 0)
+++ trunk/crypto/openssl/test/testtsa 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,238 @@
+#!/bin/sh
+
+#
+# A few very basic tests for the 'ts' time stamping authority command.
+#
+
+SH="/bin/sh"
+if test "$OSTYPE" = msdosdjgpp; then
+ PATH="../apps\;$PATH"
+else
+ PATH="../apps:$PATH"
+fi
+export SH PATH
+
+OPENSSL_CONF="../CAtsa.cnf"
+export OPENSSL_CONF
+# Because that's what ../apps/CA.sh really looks at
+SSLEAY_CONFIG="-config $OPENSSL_CONF"
+export SSLEAY_CONFIG
+
+OPENSSL="`pwd`/../util/opensslwrap.sh"
+export OPENSSL
+
+error () {
+
+ echo "TSA test failed!" >&2
+ exit 1
+}
+
+setup_dir () {
+
+ rm -rf tsa 2>/dev/null
+ mkdir tsa
+ cd ./tsa
+}
+
+clean_up_dir () {
+
+ cd ..
+ rm -rf tsa
+}
+
+create_ca () {
+
+ echo "Creating a new CA for the TSA tests..."
+ TSDNSECT=ts_ca_dn
+ export TSDNSECT
+ ../../util/shlib_wrap.sh ../../apps/openssl req -new -x509 -nodes \
+ -out tsaca.pem -keyout tsacakey.pem
+ test $? != 0 && error
+}
+
+create_tsa_cert () {
+
+ INDEX=$1
+ export INDEX
+ EXT=$2
+ TSDNSECT=ts_cert_dn
+ export TSDNSECT
+
+ ../../util/shlib_wrap.sh ../../apps/openssl req -new \
+ -out tsa_req${INDEX}.pem -keyout tsa_key${INDEX}.pem
+ test $? != 0 && error
+echo Using extension $EXT
+ ../../util/shlib_wrap.sh ../../apps/openssl x509 -req \
+ -in tsa_req${INDEX}.pem -out tsa_cert${INDEX}.pem \
+ -CA tsaca.pem -CAkey tsacakey.pem -CAcreateserial \
+ -extfile $OPENSSL_CONF -extensions $EXT
+ test $? != 0 && error
+}
+
+print_request () {
+
+ ../../util/shlib_wrap.sh ../../apps/openssl ts -query -in $1 -text
+}
+
+create_time_stamp_request1 () {
+
+ ../../util/shlib_wrap.sh ../../apps/openssl ts -query -data ../testtsa -policy tsa_policy1 -cert -out req1.tsq
+ test $? != 0 && error
+}
+
+create_time_stamp_request2 () {
+
+ ../../util/shlib_wrap.sh ../../apps/openssl ts -query -data ../testtsa -policy tsa_policy2 -no_nonce \
+ -out req2.tsq
+ test $? != 0 && error
+}
+
+create_time_stamp_request3 () {
+
+ ../../util/shlib_wrap.sh ../../apps/openssl ts -query -data ../CAtsa.cnf -no_nonce -out req3.tsq
+ test $? != 0 && error
+}
+
+print_response () {
+
+ ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $1 -text
+ test $? != 0 && error
+}
+
+create_time_stamp_response () {
+
+ ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -section $3 -queryfile $1 -out $2
+ test $? != 0 && error
+}
+
+time_stamp_response_token_test () {
+
+ RESPONSE2=$2.copy.tsr
+ TOKEN_DER=$2.token.der
+ ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $2 -out $TOKEN_DER -token_out
+ test $? != 0 && error
+ ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $TOKEN_DER -token_in -out $RESPONSE2
+ test $? != 0 && error
+ cmp $RESPONSE2 $2
+ test $? != 0 && error
+ ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $2 -text -token_out
+ test $? != 0 && error
+ ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $TOKEN_DER -token_in -text -token_out
+ test $? != 0 && error
+ ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -queryfile $1 -text -token_out
+ test $? != 0 && error
+}
+
+verify_time_stamp_response () {
+
+ ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -queryfile $1 -in $2 -CAfile tsaca.pem \
+ -untrusted tsa_cert1.pem
+ test $? != 0 && error
+ ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -data $3 -in $2 -CAfile tsaca.pem \
+ -untrusted tsa_cert1.pem
+ test $? != 0 && error
+}
+
+verify_time_stamp_token () {
+
+ # create the token from the response first
+ ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $2 -out $2.token -token_out
+ test $? != 0 && error
+ ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -queryfile $1 -in $2.token -token_in \
+ -CAfile tsaca.pem -untrusted tsa_cert1.pem
+ test $? != 0 && error
+ ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -data $3 -in $2.token -token_in \
+ -CAfile tsaca.pem -untrusted tsa_cert1.pem
+ test $? != 0 && error
+}
+
+verify_time_stamp_response_fail () {
+
+ ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -queryfile $1 -in $2 -CAfile tsaca.pem \
+ -untrusted tsa_cert1.pem
+ # Checks if the verification failed, as it should have.
+ test $? = 0 && error
+ echo Ok
+}
+
+# main functions
+
+echo "Setting up TSA test directory..."
+setup_dir
+
+echo "Creating CA for TSA tests..."
+create_ca
+
+echo "Creating tsa_cert1.pem TSA server cert..."
+create_tsa_cert 1 tsa_cert
+
+echo "Creating tsa_cert2.pem non-TSA server cert..."
+create_tsa_cert 2 non_tsa_cert
+
+echo "Creating req1.req time stamp request for file testtsa..."
+create_time_stamp_request1
+
+echo "Printing req1.req..."
+print_request req1.tsq
+
+echo "Generating valid response for req1.req..."
+create_time_stamp_response req1.tsq resp1.tsr tsa_config1
+
+echo "Printing response..."
+print_response resp1.tsr
+
+echo "Verifying valid response..."
+verify_time_stamp_response req1.tsq resp1.tsr ../testtsa
+
+echo "Verifying valid token..."
+verify_time_stamp_token req1.tsq resp1.tsr ../testtsa
+
+# The tests below are commented out, because invalid signer certificates
+# can no longer be specified in the config file.
+
+# echo "Generating _invalid_ response for req1.req..."
+# create_time_stamp_response req1.tsq resp1_bad.tsr tsa_config2
+
+# echo "Printing response..."
+# print_response resp1_bad.tsr
+
+# echo "Verifying invalid response, it should fail..."
+# verify_time_stamp_response_fail req1.tsq resp1_bad.tsr
+
+echo "Creating req2.req time stamp request for file testtsa..."
+create_time_stamp_request2
+
+echo "Printing req2.req..."
+print_request req2.tsq
+
+echo "Generating valid response for req2.req..."
+create_time_stamp_response req2.tsq resp2.tsr tsa_config1
+
+echo "Checking '-token_in' and '-token_out' options with '-reply'..."
+time_stamp_response_token_test req2.tsq resp2.tsr
+
+echo "Printing response..."
+print_response resp2.tsr
+
+echo "Verifying valid response..."
+verify_time_stamp_response req2.tsq resp2.tsr ../testtsa
+
+echo "Verifying response against wrong request, it should fail..."
+verify_time_stamp_response_fail req1.tsq resp2.tsr
+
+echo "Verifying response against wrong request, it should fail..."
+verify_time_stamp_response_fail req2.tsq resp1.tsr
+
+echo "Creating req3.req time stamp request for file CAtsa.cnf..."
+create_time_stamp_request3
+
+echo "Printing req3.req..."
+print_request req3.tsq
+
+echo "Verifying response against wrong request, it should fail..."
+verify_time_stamp_response_fail req3.tsq resp1.tsr
+
+echo "Cleaning up..."
+clean_up_dir
+
+exit 0
Copied: trunk/crypto/openssl/test/testtsa.com (from rev 7117, vendor-crypto/openssl/dist/test/testtsa.com)
===================================================================
--- trunk/crypto/openssl/test/testtsa.com (rev 0)
+++ trunk/crypto/openssl/test/testtsa.com 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,255 @@
+$!
+$! A few very basic tests for the 'ts' time stamping authority command.
+$!
+$
+$ __arch = "VAX"
+$ if f$getsyi("cpu") .ge. 128 then -
+ __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
+$ if __arch .eqs. "" then __arch = "UNK"
+$!
+$ if (p4 .eqs. "64") then __arch = __arch+ "_64"
+$!
+$ exe_dir = "sys$disk:[-.''__arch'.exe.apps]"
+$
+$ openssl = "mcr ''f$parse(exe_dir+"openssl.exe")'"
+$ OPENSSL_CONF = "[-]CAtsa.cnf"
+$ ! Because that's what ../apps/CA.sh really looks at
+$ SSLEAY_CONFIG = "-config " + OPENSSL_CONF
+$
+$ error:
+$ subroutine
+$ write sys$error "TSA test failed!"
+$ exit 3
+$ endsubroutine
+$
+$ setup_dir:
+$ subroutine
+$
+$ if f$search("tsa.dir") .nes ""
+$ then
+$ @[-.util]deltree [.tsa]*.*
+$ set file/prot=(S:RWED,O:RWED,G:RWED,W:RWED) tsa.dir;*
+$ delete tsa.dir;*
+$ endif
+$
+$ create/dir [.tsa]
+$ set default [.tsa]
+$ endsubroutine
+$
+$ clean_up_dir:
+$ subroutine
+$
+$ set default [-]
+$ @[-.util]deltree [.tsa]*.*
+$ set file/prot=(S:RWED,O:RWED,G:RWED,W:RWED) tsa.dir;*
+$ delete tsa.dir;*
+$ endsubroutine
+$
+$ create_ca:
+$ subroutine
+$
+$ write sys$output "Creating a new CA for the TSA tests..."
+$ TSDNSECT = "ts_ca_dn"
+$ openssl req -new -x509 -nodes -
+ -out tsaca.pem -keyout tsacakey.pem
+$ if $severity .ne. 1 then call error
+$ endsubroutine
+$
+$ create_tsa_cert:
+$ subroutine
+$
+$ INDEX=p1
+$ EXT=p2
+$ TSDNSECT = "ts_cert_dn"
+$
+$ openssl req -new -
+ -out tsa_req'INDEX'.pem -keyout tsa_key'INDEX'.pem
+$ if $severity .ne. 1 then call error
+$
+$ write sys$output "Using extension ''EXT'"
+$ openssl x509 -req -
+ -in tsa_req'INDEX'.pem -out tsa_cert'INDEX'.pem -
+ "-CA" tsaca.pem "-CAkey" tsacakey.pem "-CAcreateserial" -
+ -extfile 'OPENSSL_CONF' -extensions "''EXT'"
+$ if $severity .ne. 1 then call error
+$ endsubroutine
+$
+$ print_request:
+$ subroutine
+$
+$ openssl ts -query -in 'p1' -text
+$ endsubroutine
+$
+$ create_time_stamp_request1: subroutine
+$
+$ openssl ts -query -data [-]testtsa.com -policy tsa_policy1 -
+ -cert -out req1.tsq
+$ if $severity .ne. 1 then call error
+$ endsubroutine
+$
+$ create_time_stamp_request2: subroutine
+$
+$ openssl ts -query -data [-]testtsa.com -policy tsa_policy2 -
+ -no_nonce -out req2.tsq
+$ if $severity .ne. 1 then call error
+$ endsubroutine
+$
+$ create_time_stamp_request3: subroutine
+$
+$ openssl ts -query -data [-]CAtsa.cnf -no_nonce -out req3.tsq
+$ if $severity .ne. 1 then call error
+$ endsubroutine
+$
+$ print_response:
+$ subroutine
+$
+$ openssl ts -reply -in 'p1' -text
+$ if $severity .ne. 1 then call error
+$ endsubroutine
+$
+$ create_time_stamp_response:
+$ subroutine
+$
+$ openssl ts -reply -section 'p3' -queryfile 'p1' -out 'p2'
+$ if $severity .ne. 1 then call error
+$ endsubroutine
+$
+$ time_stamp_response_token_test:
+$ subroutine
+$
+$ RESPONSE2 = p2+ "-copy_tsr"
+$ TOKEN_DER = p2+ "-token_der"
+$ openssl ts -reply -in 'p2' -out 'TOKEN_DER' -token_out
+$ if $severity .ne. 1 then call error
+$ openssl ts -reply -in 'TOKEN_DER' -token_in -out 'RESPONSE2'
+$ if $severity .ne. 1 then call error
+$ backup/compare 'RESPONSE2' 'p2'
+$ if $severity .ne. 1 then call error
+$ openssl ts -reply -in 'p2' -text -token_out
+$ if $severity .ne. 1 then call error
+$ openssl ts -reply -in 'TOKEN_DER' -token_in -text -token_out
+$ if $severity .ne. 1 then call error
+$ openssl ts -reply -queryfile 'p1' -text -token_out
+$ if $severity .ne. 1 then call error
+$ endsubroutine
+$
+$ verify_time_stamp_response:
+$ subroutine
+$
+$ openssl ts -verify -queryfile 'p1' -in 'p2' -
+ "-CAfile" tsaca.pem -untrusted tsa_cert1.pem
+$ if $severity .ne. 1 then call error
+$ openssl ts -verify -data 'p3' -in 'p2' -
+ "-CAfile" tsaca.pem -untrusted tsa_cert1.pem
+$ if $severity .ne. 1 then call error
+$ endsubroutine
+$
+$ verify_time_stamp_token:
+$ subroutine
+$
+$ ! create the token from the response first
+$ openssl ts -reply -in "''p2'" -out "''p2'-token" -token_out
+$ if $severity .ne. 1 then call error
+$ openssl ts -verify -queryfile "''p1'" -in "''p2'-token" -
+ -token_in "-CAfile" tsaca.pem -untrusted tsa_cert1.pem
+$ if $severity .ne. 1 then call error
+$ openssl ts -verify -data "''p3'" -in "''p2'-token" -
+ -token_in "-CAfile" tsaca.pem -untrusted tsa_cert1.pem
+$ if $severity .ne. 1 then call error
+$ endsubroutine
+$
+$ verify_time_stamp_response_fail:
+$ subroutine
+$
+$ openssl ts -verify -queryfile 'p1' -in 'p2' -
+ "-CAfile" tsaca.pem -untrusted tsa_cert1.pem
+$ ! Checks if the verification failed, as it should have.
+$ if $severity .eq. 1 then call error
+$ write sys$output "Ok"
+$ endsubroutine
+$
+$ ! Main body ----------------------------------------------------------
+$
+$ set noon
+$
+$ write sys$output "Setting up TSA test directory..."
+$ call setup_dir
+$
+$ write sys$output "Creating CA for TSA tests..."
+$ call create_ca
+$
+$ write sys$output "Creating tsa_cert1.pem TSA server cert..."
+$ call create_tsa_cert 1 "tsa_cert"
+$
+$ write sys$output "Creating tsa_cert2.pem non-TSA server cert..."
+$ call create_tsa_cert 2 "non_tsa_cert"
+$
+$ write sys$output "Creating req1.req time stamp request for file testtsa..."
+$ call create_time_stamp_request1
+$
+$ write sys$output "Printing req1.req..."
+$ call print_request "req1.tsq"
+$
+$ write sys$output "Generating valid response for req1.req..."
+$ call create_time_stamp_response "req1.tsq" "resp1.tsr" "tsa_config1"
+$
+$ write sys$output "Printing response..."
+$ call print_response "resp1.tsr"
+$
+$ write sys$output "Verifying valid response..."
+$ call verify_time_stamp_response "req1.tsq" "resp1.tsr" "[-]testtsa.com"
+$
+$ write sys$output "Verifying valid token..."
+$ call verify_time_stamp_token "req1.tsq" "resp1.tsr" "[-]testtsa.com"
+$
+$ ! The tests below are commented out, because invalid signer certificates
+$ ! can no longer be specified in the config file.
+$
+$ ! write sys$output "Generating _invalid_ response for req1.req..."
+$ ! call create_time_stamp_response "req1.tsq" "resp1_bad.tsr" "tsa_config2"
+$
+$ ! write sys$output "Printing response..."
+$ ! call print_response "resp1_bad.tsr"
+$
+$ ! write sys$output "Verifying invalid response, it should fail..."
+$ ! call verify_time_stamp_response_fail "req1.tsq" "resp1_bad.tsr"
+$
+$ write sys$output "Creating req2.req time stamp request for file testtsa..."
+$ call create_time_stamp_request2
+$
+$ write sys$output "Printing req2.req..."
+$ call print_request "req2.tsq"
+$
+$ write sys$output "Generating valid response for req2.req..."
+$ call create_time_stamp_response "req2.tsq" "resp2.tsr" "tsa_config1"
+$
+$ write sys$output "Checking '-token_in' and '-token_out' options with '-reply'..."
+$ call time_stamp_response_token_test "req2.tsq" "resp2.tsr"
+$
+$ write sys$output "Printing response..."
+$ call print_response "resp2.tsr"
+$
+$ write sys$output "Verifying valid response..."
+$ call verify_time_stamp_response "req2.tsq" "resp2.tsr" "[-]testtsa.com"
+$
+$ write sys$output "Verifying response against wrong request, it should fail..."
+$ call verify_time_stamp_response_fail "req1.tsq" "resp2.tsr"
+$
+$ write sys$output "Verifying response against wrong request, it should fail..."
+$ call verify_time_stamp_response_fail "req2.tsq" "resp1.tsr"
+$
+$ write sys$output "Creating req3.req time stamp request for file CAtsa.cnf..."
+$ call create_time_stamp_request3
+$
+$ write sys$output "Printing req3.req..."
+$ call print_request "req3.tsq"
+$
+$ write sys$output "Verifying response against wrong request, it should fail..."
+$ call verify_time_stamp_response_fail "req3.tsq" "resp1.tsr"
+$
+$ write sys$output "Cleaning up..."
+$ call clean_up_dir
+$
+$ set on
+$
+$ exit
Copied: trunk/crypto/openssl/test/testutil.h (from rev 7117, vendor-crypto/openssl/dist/test/testutil.h)
===================================================================
--- trunk/crypto/openssl/test/testutil.h (rev 0)
+++ trunk/crypto/openssl/test/testutil.h 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,118 @@
+/* test/testutil.h */
+/*-
+ * Utilities for writing OpenSSL unit tests.
+ *
+ * More information:
+ * http://wiki.openssl.org/index.php/How_To_Write_Unit_Tests_For_OpenSSL
+ *
+ * Author: Mike Bland (mbland at acm.org)
+ * Date: 2014-06-07
+ * ====================================================================
+ * Copyright (c) 2014 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#ifndef HEADER_TESTUTIL_H
+# define HEADER_TESTUTIL_H
+
+/*-
+ * SETUP_TEST_FIXTURE and EXECUTE_TEST macros for test case functions.
+ *
+ * SETUP_TEST_FIXTURE will call set_up() to create a new TEST_FIXTURE_TYPE
+ * object called "fixture". It will also allocate the "result" variable used
+ * by EXECUTE_TEST. set_up() should take a const char* specifying the test
+ * case name and return a TEST_FIXTURE_TYPE by value.
+ *
+ * EXECUTE_TEST will pass fixture to execute_func() by value, call
+ * tear_down(), and return the result of execute_func(). execute_func() should
+ * take a TEST_FIXTURE_TYPE by value and return zero on success or one on
+ * failure.
+ *
+ * Unit tests can define their own SETUP_TEST_FIXTURE and EXECUTE_TEST
+ * variations like so:
+ *
+ * #define SETUP_FOOBAR_TEST_FIXTURE()\
+ * SETUP_TEST_FIXTURE(FOOBAR_TEST_FIXTURE, set_up_foobar)
+ *
+ * #define EXECUTE_FOOBAR_TEST()\
+ * EXECUTE_TEST(execute_foobar, tear_down_foobar)
+ *
+ * Then test case functions can take the form:
+ *
+ * static int test_foobar_feature()
+ * {
+ * SETUP_FOOBAR_TEST_FIXTURE();
+ * [...set individual members of fixture...]
+ * EXECUTE_FOOBAR_TEST();
+ * }
+ */
+# define SETUP_TEST_FIXTURE(TEST_FIXTURE_TYPE, set_up)\
+ TEST_FIXTURE_TYPE fixture = set_up(TEST_CASE_NAME);\
+ int result = 0
+
+# define EXECUTE_TEST(execute_func, tear_down)\
+ if (execute_func(fixture) != 0) result = 1;\
+ tear_down(fixture);\
+ return result
+
+/*
+ * TEST_CASE_NAME is defined as the name of the test case function where
+ * possible; otherwise we get by with the file name and line number.
+ */
+# if __STDC_VERSION__ < 199901L
+# if defined(_MSC_VER)
+# define TEST_CASE_NAME __FUNCTION__
+# else
+# define testutil_stringify_helper(s) #s
+# define testutil_stringify(s) testutil_stringify_helper(s)
+# define TEST_CASE_NAME __FILE__ ":" testutil_stringify(__LINE__)
+# endif /* _MSC_VER */
+# else
+# define TEST_CASE_NAME __func__
+# endif /* __STDC_VERSION__ */
+
+#endif /* HEADER_TESTUTIL_H */
Modified: trunk/crypto/openssl/test/times
===================================================================
--- trunk/crypto/openssl/test/times 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/test/times 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,7 +1,7 @@
More number for the questions about SSL overheads....
-The following numbers were generated on a pentium pro 200, running linux.
+The following numbers were generated on a Pentium pro 200, running Linux.
They give an indication of the SSL protocol and encryption overheads.
The program that generated them is an unreleased version of ssl/ssltest.c
@@ -11,7 +11,7 @@
How do I read this? The protocol and cipher are reasonable obvious.
The next number is the number of connections being made. The next is the
-number of bytes exchanged bewteen the client and server side of the protocol.
+number of bytes exchanged between the client and server side of the protocol.
This is the number of bytes that the client sends to the server, and then
the server sends back. Because this is all happening in one process,
the data is being encrypted, decrypted, encrypted and then decrypted again.
@@ -55,10 +55,10 @@
What does this all mean? Well for a server, with no session-id reuse, with
a transfer size of 10240 bytes, using RC4-MD5 and a 512bit server key,
-a pentium pro 200 running linux can handle the SSLv3 protocol overheads of
+a Pentium pro 200 running Linux can handle the SSLv3 protocol overheads of
about 49 connections a second. Reality will be quite different :-).
-Remeber the first number is 1000 full ssl handshakes, the second is
+Remember the first number is 1000 full ssl handshakes, the second is
1 full and 999 with session-id reuse. The RSA overheads for each exchange
would be one public and one private operation, but the protocol/MAC/cipher
cost would be quite similar in both the client and server.
@@ -72,21 +72,21 @@
killer in SSL. Often delays in the TCP protocol will make session-id
reuse look slower that new sessions, but this would not be the case on
a loaded server.
-- The TCP round trip latencies, while slowing indervidual connections,
+- The TCP round trip latencies, while slowing individual connections,
would have minimal impact on throughput.
- Instead of sending one 102400 byte buffer, one 8k buffer is sent until
- the required number of bytes are processed.
-- The SSLv3 connections were actually SSLv2 compatable SSLv3 headers.
+- The SSLv3 connections were actually SSLv2 compatible SSLv3 headers.
- A 512bit server key was being used except where noted.
- No server key verification was being performed on the client side of the
protocol. This would slow things down very little.
- The library being used is SSLeay 0.8.x.
-- The normal mesauring system was commands of the form
+- The normal measuring system was commands of the form
time ./ssltest -num 1000 -bytes 102400 -cipher DES-CBC-SHA -reuse
This modified version of ssltest should be in the next public release of
SSLeay.
-The general cipher performace number for this platform are
+The general cipher performance number for this platform are
SSLeay 0.8.2a 04-Sep-1997
built on Fri Sep 5 17:37:05 EST 1997
Modified: trunk/crypto/openssl/test/tpkcs7.com
===================================================================
--- trunk/crypto/openssl/test/tpkcs7.com 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/test/tpkcs7.com 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,14 +1,17 @@
$! TPKCS7.COM -- Tests pkcs7 keys
$
-$ __arch := VAX
+$ __arch = "VAX"
$ if f$getsyi("cpu") .ge. 128 then -
__arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
-$ if __arch .eqs. "" then __arch := UNK
-$ exe_dir := sys$disk:[-.'__arch'.exe.apps]
+$ if __arch .eqs. "" then __arch = "UNK"
+$!
+$ if (p2 .eqs. "64") then __arch = __arch+ "_64"
+$!
+$ exe_dir = "sys$disk:[-.''__arch'.exe.apps]"
$
-$ cmd := mcr 'exe_dir'openssl pkcs7
+$ cmd = "mcr ''exe_dir'openssl pkcs7"
$
-$ t := testp7.pem
+$ t = "testp7.pem"
$ if p1 .nes. "" then t = p1
$
$ write sys$output "testing PKCS7 conversions"
Modified: trunk/crypto/openssl/test/tpkcs7d.com
===================================================================
--- trunk/crypto/openssl/test/tpkcs7d.com 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/test/tpkcs7d.com 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,14 +1,17 @@
$! TPKCS7.COM -- Tests pkcs7 keys
$
-$ __arch := VAX
+$ __arch = "VAX"
$ if f$getsyi("cpu") .ge. 128 then -
__arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
-$ if __arch .eqs. "" then __arch := UNK
-$ exe_dir := sys$disk:[-.'__arch'.exe.apps]
+$ if __arch .eqs. "" then __arch = "UNK"
+$!
+$ if (p2 .eqs. "64") then __arch = __arch+ "_64"
+$!
+$ exe_dir = "sys$disk:[-.''__arch'.exe.apps]"
$
-$ cmd := mcr 'exe_dir'openssl pkcs7
+$ cmd = "mcr ''exe_dir'openssl pkcs7"
$
-$ t := pkcs7-1.pem
+$ t = "pkcs7-1.pem"
$ if p1 .nes. "" then t = p1
$
$ write sys$output "testing PKCS7 conversions (2)"
Modified: trunk/crypto/openssl/test/treq.com
===================================================================
--- trunk/crypto/openssl/test/treq.com 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/test/treq.com 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,14 +1,17 @@
$! TREQ.COM -- Tests req keys
$
-$ __arch := VAX
+$ __arch = "VAX"
$ if f$getsyi("cpu") .ge. 128 then -
__arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
-$ if __arch .eqs. "" then __arch := UNK
-$ exe_dir := sys$disk:[-.'__arch'.exe.apps]
+$ if __arch .eqs. "" then __arch = "UNK"
+$!
+$ if (p2 .eqs. "64") then __arch = __arch+ "_64"
+$!
+$ exe_dir = "sys$disk:[-.''__arch'.exe.apps]"
$
-$ cmd := mcr 'exe_dir'openssl req -config [-.apps]openssl-vms.cnf
+$ cmd = "mcr ''exe_dir'openssl req -config [-.apps]openssl-vms.cnf"
$
-$ t := testreq.pem
+$ t = "testreq.pem"
$ if p1 .nes. "" then t = p1
$
$ write sys$output "testing req conversions"
Modified: trunk/crypto/openssl/test/trsa.com
===================================================================
--- trunk/crypto/openssl/test/trsa.com 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/test/trsa.com 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,10 +1,13 @@
$! TRSA.COM -- Tests rsa keys
$
-$ __arch := VAX
+$ __arch = "VAX"
$ if f$getsyi("cpu") .ge. 128 then -
__arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
-$ if __arch .eqs. "" then __arch := UNK
-$ exe_dir := sys$disk:[-.'__arch'.exe.apps]
+$ if __arch .eqs. "" then __arch = "UNK"
+$!
+$ if (p2 .eqs. "64") then __arch = __arch+ "_64"
+$!
+$ exe_dir = "sys$disk:[-.''__arch'.exe.apps]"
$
$ set noon
$ define/user sys$output nla0:
@@ -17,9 +20,9 @@
$ exit
$ endif
$
-$ cmd := mcr 'exe_dir'openssl rsa
+$ cmd = "mcr ''exe_dir'openssl rsa"
$
-$ t := testrsa.pem
+$ t = "testrsa.pem"
$ if p1 .nes. "" then t = p1
$
$ write sys$output "testing RSA conversions"
Modified: trunk/crypto/openssl/test/tsid.com
===================================================================
--- trunk/crypto/openssl/test/tsid.com 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/test/tsid.com 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,14 +1,17 @@
$! TSID.COM -- Tests sid keys
$
-$ __arch := VAX
+$ __arch = "VAX"
$ if f$getsyi("cpu") .ge. 128 then -
__arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
-$ if __arch .eqs. "" then __arch := UNK
-$ exe_dir := sys$disk:[-.'__arch'.exe.apps]
+$ if __arch .eqs. "" then __arch = "UNK"
+$!
+$ if (p2 .eqs. "64") then __arch = __arch+ "_64"
+$!
+$ exe_dir = "sys$disk:[-.''__arch'.exe.apps]"
$
-$ cmd := mcr 'exe_dir'openssl sess_id
+$ cmd = "mcr ''exe_dir'openssl sess_id"
$
-$ t := testsid.pem
+$ t = "testsid.pem"
$ if p1 .nes. "" then t = p1
$
$ write sys$output "testing session-id conversions"
Modified: trunk/crypto/openssl/test/tverify.com
===================================================================
--- trunk/crypto/openssl/test/tverify.com 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/test/tverify.com 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,13 +1,15 @@
$! TVERIFY.COM
$
-$ __arch := VAX
+$ __arch = "VAX"
$ if f$getsyi("cpu") .ge. 128 then -
__arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
-$ if __arch .eqs. "" then __arch := UNK
+$ if __arch .eqs. "" then __arch = "UNK"
$!
+$ if (p1 .eqs. "64") then __arch = __arch+ "_64"
+$!
$ line_max = 255 ! Could be longer on modern non-VAX.
$ temp_file_name = "certs_"+ f$getjpi( "", "PID")+ ".tmp"
-$ exe_dir := sys$disk:[-.'__arch'.exe.apps]
+$ exe_dir = "sys$disk:[-.''__arch'.exe.apps]"
$ cmd = "mcr ''exe_dir'openssl verify ""-CAfile"" ''temp_file_name'"
$ cmd_len = f$length( cmd)
$ pems = "[-.certs...]*.pem"
@@ -19,7 +21,7 @@
$! Loop through all the certificate files.
$!
$ args = ""
-$ old_f :=
+$ old_f = ""
$ loop_file:
$ f = f$search( pems)
$ if ((f .nes. "") .and. (f .nes. old_f))
Modified: trunk/crypto/openssl/test/tx509.com
===================================================================
--- trunk/crypto/openssl/test/tx509.com 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/test/tx509.com 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,14 +1,17 @@
$! TX509.COM -- Tests x509 certificates
$
-$ __arch := VAX
+$ __arch = "VAX"
$ if f$getsyi("cpu") .ge. 128 then -
__arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
-$ if __arch .eqs. "" then __arch := UNK
-$ exe_dir := sys$disk:[-.'__arch'.exe.apps]
+$ if __arch .eqs. "" then __arch = "UNK"
+$!
+$ if (p2 .eqs. "64") then __arch = __arch+ "_64"
+$!
+$ exe_dir = "sys$disk:[-.''__arch'.exe.apps]"
$
-$ cmd := mcr 'exe_dir'openssl x509
+$ cmd = "mcr ''exe_dir'openssl x509"
$
-$ t := testx509.pem
+$ t = "testx509.pem"
$ if p1 .nes. "" then t = p1
$
$ write sys$output "testing X509 conversions"
Copied: trunk/crypto/openssl/test/wp_test.c (from rev 7117, vendor-crypto/openssl/dist/test/wp_test.c)
===================================================================
--- trunk/crypto/openssl/test/wp_test.c (rev 0)
+++ trunk/crypto/openssl/test/wp_test.c 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1 @@
+link ../crypto/whrlpool/wp_test.c
\ No newline at end of file
Modified: trunk/crypto/openssl/times/x86/des3s.cpp
===================================================================
--- trunk/crypto/openssl/times/x86/des3s.cpp 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/times/x86/des3s.cpp 2015-07-21 23:23:45 UTC (rev 7118)
@@ -60,7 +60,7 @@
des_encrypt3(&data[0],key1,key2,key3);
}
- printf("des %d %d (%d)\n",
+ printf("des3 %d %d (%d)\n",
e1-s1,e2-s2,((e2-s2)-(e1-s1)));
}
}
Modified: trunk/crypto/openssl/tools/Makefile
===================================================================
--- trunk/crypto/openssl/tools/Makefile 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/tools/Makefile 2015-07-21 23:23:45 UTC (rev 7118)
@@ -44,11 +44,14 @@
errors:
+update: depend
+
depend:
dclean:
$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
mv -f Makefile.new $(MAKEFILE)
+ rm -f c_rehash
clean:
rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
Modified: trunk/crypto/openssl/tools/c_rehash
===================================================================
--- trunk/crypto/openssl/tools/c_rehash 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/tools/c_rehash 2015-07-21 23:23:45 UTC (rev 7118)
@@ -16,13 +16,23 @@
$ENV{OPENSSL} = $openssl;
}
-$ENV{PATH} .= ":$dir/bin";
+my $pwd;
+eval "require Cwd";
+if (defined(&Cwd::getcwd)) {
+ $pwd=Cwd::getcwd();
+} else {
+ $pwd=`pwd`; chomp($pwd);
+}
+my $path_delim = ($pwd =~ /^[a-z]\:/i) ? ';' : ':'; # DOS/Win32 or Unix delimiter?
+$ENV{PATH} = "$prefix/bin" . ($ENV{PATH} ? $path_delim . $ENV{PATH} : ""); # prefix our path
+
if(! -x $openssl) {
my $found = 0;
- foreach (split /:/, $ENV{PATH}) {
+ foreach (split /$path_delim/, $ENV{PATH}) {
if(-x "$_/$openssl") {
$found = 1;
+ $openssl = "$_/$openssl";
last;
}
}
@@ -35,11 +45,16 @@
if(@ARGV) {
@dirlist = @ARGV;
} elsif($ENV{SSL_CERT_DIR}) {
- @dirlist = split /:/, $ENV{SSL_CERT_DIR};
+ @dirlist = split /$path_delim/, $ENV{SSL_CERT_DIR};
} else {
$dirlist[0] = "$dir/certs";
}
+if (-d $dirlist[0]) {
+ chdir $dirlist[0];
+ $openssl="$pwd/$openssl" if (!-x $openssl);
+ chdir $pwd;
+}
foreach (@dirlist) {
if(-d $_ and -w $_) {
@@ -102,7 +117,7 @@
sub link_hash_cert {
my $fname = $_[0];
$fname =~ s/'/'\\''/g;
- my ($hash, $fprint) = `"$openssl" x509 -hash -fingerprint -noout -in '$fname'`;
+ my ($hash, $fprint) = `"$openssl" x509 -hash -fingerprint -noout -in "$fname"`;
chomp $hash;
chomp $fprint;
$fprint =~ s/^.*=//;
@@ -123,7 +138,11 @@
if ($symlink_exists) {
symlink $fname, $hash;
} else {
- system ("cp", $fname, $hash);
+ open IN,"<$fname" or die "can't open $fname for read";
+ open OUT,">$hash" or die "can't open $hash for write";
+ print OUT <IN>; # does the job for small text files
+ close OUT;
+ close IN;
}
$hashlist{$hash} = $fprint;
}
Modified: trunk/crypto/openssl/tools/c_rehash.in
===================================================================
--- trunk/crypto/openssl/tools/c_rehash.in 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/tools/c_rehash.in 2015-07-21 23:23:45 UTC (rev 7118)
@@ -16,13 +16,23 @@
$ENV{OPENSSL} = $openssl;
}
-$ENV{PATH} .= ":$dir/bin";
+my $pwd;
+eval "require Cwd";
+if (defined(&Cwd::getcwd)) {
+ $pwd=Cwd::getcwd();
+} else {
+ $pwd=`pwd`; chomp($pwd);
+}
+my $path_delim = ($pwd =~ /^[a-z]\:/i) ? ';' : ':'; # DOS/Win32 or Unix delimiter?
+$ENV{PATH} = "$prefix/bin" . ($ENV{PATH} ? $path_delim . $ENV{PATH} : ""); # prefix our path
+
if(! -x $openssl) {
my $found = 0;
- foreach (split /:/, $ENV{PATH}) {
+ foreach (split /$path_delim/, $ENV{PATH}) {
if(-x "$_/$openssl") {
$found = 1;
+ $openssl = "$_/$openssl";
last;
}
}
@@ -35,11 +45,16 @@
if(@ARGV) {
@dirlist = @ARGV;
} elsif($ENV{SSL_CERT_DIR}) {
- @dirlist = split /:/, $ENV{SSL_CERT_DIR};
+ @dirlist = split /$path_delim/, $ENV{SSL_CERT_DIR};
} else {
$dirlist[0] = "$dir/certs";
}
+if (-d $dirlist[0]) {
+ chdir $dirlist[0];
+ $openssl="$pwd/$openssl" if (!-x $openssl);
+ chdir $pwd;
+}
foreach (@dirlist) {
if(-d $_ and -w $_) {
@@ -102,7 +117,7 @@
sub link_hash_cert {
my $fname = $_[0];
$fname =~ s/'/'\\''/g;
- my ($hash, $fprint) = `"$openssl" x509 -hash -fingerprint -noout -in '$fname'`;
+ my ($hash, $fprint) = `"$openssl" x509 -hash -fingerprint -noout -in "$fname"`;
chomp $hash;
chomp $fprint;
$fprint =~ s/^.*=//;
@@ -123,7 +138,11 @@
if ($symlink_exists) {
symlink $fname, $hash;
} else {
- system ("cp", $fname, $hash);
+ open IN,"<$fname" or die "can't open $fname for read";
+ open OUT,">$hash" or die "can't open $hash for write";
+ print OUT <IN>; # does the job for small text files
+ close OUT;
+ close IN;
}
$hashlist{$hash} = $fprint;
}
Deleted: trunk/crypto/openssl/util/arx.pl
===================================================================
--- trunk/crypto/openssl/util/arx.pl 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/util/arx.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,15 +0,0 @@
-#!/bin/perl
-
-# Simple perl script to wrap round "ar" program and exclude any
-# object files in the environment variable EXCL_OBJ
-
-map { s/^.*\/([^\/]*)$/$1/ ; $EXCL{$_} = 1} split(' ', $ENV{EXCL_OBJ});
-
-#my @ks = keys %EXCL;
-#print STDERR "Excluding: @ks \n";
-
-my @ARGS = grep { !exists $EXCL{$_} } @ARGV;
-
-system @ARGS;
-
-exit $? >> 8;
Modified: trunk/crypto/openssl/util/ck_errf.pl
===================================================================
--- trunk/crypto/openssl/util/ck_errf.pl 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/util/ck_errf.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -7,8 +7,16 @@
# perl util/ck_errf.pl */*.c */*/*.c
#
+my $err_strict = 0;
+my $bad = 0;
+
foreach $file (@ARGV)
{
+ if ($file eq "-strict")
+ {
+ $err_strict = 1;
+ next;
+ }
open(IN,"<$file") || die "unable to open $file\n";
$func="";
while (<IN>)
@@ -20,13 +28,13 @@
$func = $1;
$func =~ tr/A-Z/a-z/;
}
- if (/([A-Z0-9]+)err\(([^,]+)/)
+ if (/([A-Z0-9]+)err\(([^,]+)/ && ! /ckerr_ignore/)
{
$errlib=$1;
$n=$2;
if ($func eq "")
- { print "$file:$.:???:$n\n"; next; }
+ { print "$file:$.:???:$n\n"; $bad = 1; next; }
if ($n !~ /([^_]+)_F_(.+)$/)
{
@@ -37,11 +45,11 @@
$n=$2;
if ($lib ne $errlib)
- { print "$file:$.:$func:$n [${errlib}err]\n"; next; }
+ { print "$file:$.:$func:$n [${errlib}err]\n"; $bad = 1; next; }
$n =~ tr/A-Z/a-z/;
if (($n ne $func) && ($errlib ne "SYS"))
- { print "$file:$.:$func:$n\n"; next; }
+ { print "$file:$.:$func:$n\n"; $bad = 1; next; }
# print "$func:$1\n";
}
}
@@ -48,3 +56,9 @@
close(IN);
}
+if ($bad && $err_strict)
+ {
+ print STDERR "FATAL: error discrepancy\n";
+ exit 1;
+ }
+
Modified: trunk/crypto/openssl/util/clean-depend.pl
===================================================================
--- trunk/crypto/openssl/util/clean-depend.pl 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/util/clean-depend.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -42,6 +42,7 @@
my @deps = map { $_ =~ s/^\.\///; $_ } @{$files{$file}};
foreach $dep (sort @deps) {
+ $dep=~s/^\.\///;
next if $prevdep eq $dep; # to exterminate duplicates...
$prevdep = $dep;
$len=0 if $len+length($dep)+1 >= 80;
Modified: trunk/crypto/openssl/util/cygwin.sh
===================================================================
--- trunk/crypto/openssl/util/cygwin.sh 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/util/cygwin.sh 2015-07-21 23:23:45 UTC (rev 7118)
@@ -11,6 +11,7 @@
INSTALL_PREFIX=/tmp/install/INSTALL
VERSION=
+SHLIB_VERSION_NUMBER=
SUBVERSION=$1
function cleanup()
@@ -28,6 +29,13 @@
echo " Check value of variable VERSION in Makefile."
exit 1
fi
+ eval `grep '^SHLIB_VERSION_NUMBER=' Makefile`
+ if [ -z "${SHLIB_VERSION_NUMBER}" ]
+ then
+ echo "Error: Couldn't retrieve OpenSSL shared lib version from Makefile."
+ echo " Check value of variable SHLIB_VERSION_NUMBER in Makefile."
+ exit 1
+ fi
}
function base_install()
@@ -124,7 +132,7 @@
chmod u-w usr/lib/engines/*.so
# Runtime package
-tar cjf libopenssl${VERSION//[!0-9]/}-${VERSION}-${SUBVERSION}.tar.bz2 \
+tar cjf libopenssl${SHLIB_VERSION_NUMBER//[!0-9]/}-${VERSION}-${SUBVERSION}.tar.bz2 \
usr/bin/cyg*dll
# Base package
find etc usr/bin/openssl.exe usr/bin/c_rehash usr/lib/engines usr/share/doc \
@@ -139,7 +147,7 @@
ls -l openssl-${VERSION}-${SUBVERSION}.tar.bz2
ls -l openssl-devel-${VERSION}-${SUBVERSION}.tar.bz2
-ls -l libopenssl${VERSION//[!0-9]/}-${VERSION}-${SUBVERSION}.tar.bz2
+ls -l libopenssl${SHLIB_VERSION_NUMBER//[!0-9]/}-${VERSION}-${SUBVERSION}.tar.bz2
cleanup
Copied: trunk/crypto/openssl/util/deltree.com (from rev 7117, vendor-crypto/openssl/dist/util/deltree.com)
===================================================================
--- trunk/crypto/openssl/util/deltree.com (rev 0)
+++ trunk/crypto/openssl/util/deltree.com 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,34 @@
+$! DELTREE.COM
+$
+$ call deltree 'p1'
+$ exit $status
+$
+$ deltree: subroutine ! P1 is a name of a directory
+$ on control_y then goto dt_STOP
+$ on warning then goto dt_exit
+$ _dt_def = f$trnlnm("SYS$DISK")+f$directory()
+$ if f$parse(p1) .eqs. "" then exit
+$ set default 'f$parse(p1,,,"DEVICE")''f$parse(p1,,,"DIRECTORY")'
+$ p1 = f$parse(p1,,,"NAME") + f$parse(p1,,,"TYPE")
+$ _fp = f$parse(".DIR",p1)
+$ dt_loop:
+$ _f = f$search(_fp)
+$ if _f .eqs. "" then goto dt_loopend
+$ call deltree [.'f$parse(_f,,,"NAME")']*.*
+$ goto dt_loop
+$ dt_loopend:
+$ _fp = f$parse(p1,".;*")
+$ if f$search(_fp) .eqs. "" then goto dt_exit
+$ set noon
+$ set file/prot=(S:RWED,O:RWED,G:RWED,W:RWED) '_fp'
+$ set on
+$ delete/nolog '_fp'
+$ dt_exit:
+$ set default '_dt_def'
+$ goto dt_end
+$ dt_STOP:
+$ set default '_dt_def'
+$ stop/id=""
+$ exit
+$ dt_end:
+$ endsubroutine
Modified: trunk/crypto/openssl/util/domd
===================================================================
--- trunk/crypto/openssl/util/domd 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/util/domd 2015-07-21 23:23:45 UTC (rev 7118)
@@ -22,13 +22,17 @@
done
sed -e '/^# DO NOT DELETE.*/,$d' < Makefile > Makefile.tmp
echo '# DO NOT DELETE THIS LINE -- make depend depends on it.' >> Makefile.tmp
- ${CC:-gcc} -D OPENSSL_DOING_MAKEDEPEND -M $args >> Makefile.tmp
+ ${MAKEDEPEND} -Werror -D OPENSSL_DOING_MAKEDEPEND -M $args >> Makefile.tmp || exit 1
${PERL} $TOP/util/clean-depend.pl < Makefile.tmp > Makefile.new
+ RC=$?
rm -f Makefile.tmp
else
- ${MAKEDEPEND} -D OPENSSL_DOING_MAKEDEPEND $@
+ ${MAKEDEPEND} -D OPENSSL_DOING_MAKEDEPEND $@ && \
${PERL} $TOP/util/clean-depend.pl < Makefile > Makefile.new
+ RC=$?
fi
mv Makefile.new Makefile
# unfake the presence of Kerberos
rm $TOP/krb5.h
+
+exit $RC
Deleted: trunk/crypto/openssl/util/fipslink.pl
===================================================================
--- trunk/crypto/openssl/util/fipslink.pl 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/util/fipslink.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,83 +0,0 @@
-#!/usr/bin/perl
-
-sub check_env
- {
- my @ret;
- foreach (@_)
- {
- die "Environment variable $_ not defined!\n" unless exists $ENV{$_};
- push @ret, $ENV{$_};
- }
- return @ret;
- }
-
-
-my ($fips_cc,$fips_cc_args, $fips_link,$fips_target, $fips_libdir, $sha1_exe)
- = check_env("FIPS_CC", "FIPS_CC_ARGS", "FIPS_LINK", "FIPS_TARGET",
- "FIPSLIB_D", "FIPS_SHA1_EXE");
-
-
-
-if (exists $ENV{"PREMAIN_DSO_EXE"})
- {
- $fips_premain_dso = $ENV{"PREMAIN_DSO_EXE"};
- }
- else
- {
- $fips_premain_dso = "";
- }
-
-check_hash($sha1_exe, "fips_premain.c");
-check_hash($sha1_exe, "fipscanister.lib");
-
-
-print "Integrity check OK\n";
-
-print "$fips_cc $fips_cc_args $fips_libdir/fips_premain.c\n";
-system "$fips_cc $fips_cc_args $fips_libdir/fips_premain.c";
-die "First stage Compile failure" if $? != 0;
-
-print "$fips_link @ARGV\n";
-system "$fips_link @ARGV";
-die "First stage Link failure" if $? != 0;
-
-
-print "$fips_premain_dso $fips_target\n";
-system("$fips_premain_dso $fips_target >$fips_target.sha1");
-die "Get hash failure" if $? != 0;
-open my $sha1_res, '<', $fips_target.".sha1" or die "Get hash failure";
-$fips_hash=<$sha1_res>;
-close $sha1_res;
-unlink $fips_target.".sha1";
-chomp $fips_hash;
-die "Get hash failure" if $? != 0;
-
-
-print "$fips_cc -DHMAC_SHA1_SIG=\\\"$fips_hash\\\" $fips_cc_args $fips_libdir/fips_premain.c\n";
-system "$fips_cc -DHMAC_SHA1_SIG=\\\"$fips_hash\\\" $fips_cc_args $fips_libdir/fips_premain.c";
-die "Second stage Compile failure" if $? != 0;
-
-
-print "$fips_link @ARGV\n";
-system "$fips_link @ARGV";
-die "Second stage Link failure" if $? != 0;
-
-sub check_hash
- {
- my ($sha1_exe, $filename) = @_;
- my ($hashfile, $hashval);
-
- open(IN, "${fips_libdir}/${filename}.sha1") || die "Cannot open file hash file ${fips_libdir}/${filename}.sha1";
- $hashfile = <IN>;
- close IN;
- $hashval = `$sha1_exe ${fips_libdir}/$filename`;
- chomp $hashfile;
- chomp $hashval;
- $hashfile =~ s/^.*=\s+//;
- $hashval =~ s/^.*=\s+//;
- die "Invalid hash syntax in file" if (length($hashfile) != 40);
- die "Invalid hash received for file" if (length($hashval) != 40);
- die "***HASH VALUE MISMATCH FOR FILE $filename ***" if ($hashval ne $hashfile);
- }
-
-
Modified: trunk/crypto/openssl/util/libeay.num
===================================================================
--- trunk/crypto/openssl/util/libeay.num 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/util/libeay.num 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,9 +1,9 @@
SSLeay 1 EXIST::FUNCTION:
SSLeay_version 2 EXIST::FUNCTION:
-ASN1_BIT_STRING_asn1_meth 3 EXIST::FUNCTION:
-ASN1_HEADER_free 4 EXIST::FUNCTION:
-ASN1_HEADER_new 5 EXIST::FUNCTION:
-ASN1_IA5STRING_asn1_meth 6 EXIST::FUNCTION:
+ASN1_BIT_STRING_asn1_meth 3 NOEXIST::FUNCTION:
+ASN1_HEADER_free 4 NOEXIST::FUNCTION:
+ASN1_HEADER_new 5 NOEXIST::FUNCTION:
+ASN1_IA5STRING_asn1_meth 6 NOEXIST::FUNCTION:
ASN1_INTEGER_get 7 EXIST::FUNCTION:
ASN1_INTEGER_set 8 EXIST::FUNCTION:
ASN1_INTEGER_to_BN 9 EXIST::FUNCTION:
@@ -75,8 +75,8 @@
BIO_new_accept 79 EXIST::FUNCTION:
BIO_new_connect 80 EXIST::FUNCTION:
BIO_new_fd 81 EXIST::FUNCTION:
-BIO_new_file 82 EXIST:!WIN16:FUNCTION:FP_API
-BIO_new_fp 83 EXIST:!WIN16:FUNCTION:FP_API
+BIO_new_file 82 EXIST::FUNCTION:FP_API
+BIO_new_fp 83 EXIST::FUNCTION:FP_API
BIO_new_socket 84 EXIST::FUNCTION:
BIO_pop 85 EXIST::FUNCTION:
BIO_printf 86 EXIST::FUNCTION:
@@ -86,7 +86,7 @@
BIO_s_accept 90 EXIST::FUNCTION:
BIO_s_connect 91 EXIST::FUNCTION:
BIO_s_fd 92 EXIST::FUNCTION:
-BIO_s_file 93 EXIST:!WIN16:FUNCTION:FP_API
+BIO_s_file 93 EXIST::FUNCTION:FP_API
BIO_s_mem 95 EXIST::FUNCTION:
BIO_s_null 96 EXIST::FUNCTION:
BIO_s_proxy_client 97 NOEXIST::FUNCTION:
@@ -172,7 +172,7 @@
CRYPTO_dbg_remalloc 180 NOEXIST::FUNCTION:
CRYPTO_free 181 EXIST::FUNCTION:
CRYPTO_get_add_lock_callback 182 EXIST::FUNCTION:
-CRYPTO_get_id_callback 183 EXIST::FUNCTION:
+CRYPTO_get_id_callback 183 EXIST::FUNCTION:DEPRECATED
CRYPTO_get_lock_name 184 EXIST::FUNCTION:
CRYPTO_get_locking_callback 185 EXIST::FUNCTION:
CRYPTO_get_mem_functions 186 EXIST::FUNCTION:
@@ -185,10 +185,10 @@
CRYPTO_realloc 193 EXIST::FUNCTION:
CRYPTO_remalloc 194 EXIST::FUNCTION:
CRYPTO_set_add_lock_callback 195 EXIST::FUNCTION:
-CRYPTO_set_id_callback 196 EXIST::FUNCTION:
+CRYPTO_set_id_callback 196 EXIST::FUNCTION:DEPRECATED
CRYPTO_set_locking_callback 197 EXIST::FUNCTION:
CRYPTO_set_mem_functions 198 EXIST::FUNCTION:
-CRYPTO_thread_id 199 EXIST::FUNCTION:
+CRYPTO_thread_id 199 EXIST::FUNCTION:DEPRECATED
DH_check 200 EXIST::FUNCTION:DH
DH_compute_key 201 EXIST::FUNCTION:DH
DH_free 202 EXIST::FUNCTION:DH
@@ -243,7 +243,7 @@
ERR_print_errors_fp 251 EXIST::FUNCTION:FP_API
ERR_put_error 252 EXIST::FUNCTION:
ERR_reason_error_string 253 EXIST::FUNCTION:
-ERR_remove_state 254 EXIST::FUNCTION:
+ERR_remove_state 254 EXIST::FUNCTION:DEPRECATED
EVP_BytesToKey 255 EXIST::FUNCTION:
EVP_CIPHER_CTX_cleanup 256 EXIST::FUNCTION:
EVP_CipherFinal 257 EXIST::FUNCTION:
@@ -343,7 +343,7 @@
NETSCAPE_SPKI_sign 351 EXIST::FUNCTION:EVP
NETSCAPE_SPKI_verify 352 EXIST::FUNCTION:EVP
OBJ_add_object 353 EXIST::FUNCTION:
-OBJ_bsearch 354 EXIST::FUNCTION:
+OBJ_bsearch 354 NOEXIST::FUNCTION:
OBJ_cleanup 355 EXIST::FUNCTION:
OBJ_cmp 356 EXIST::FUNCTION:
OBJ_create 357 EXIST::FUNCTION:
@@ -356,9 +356,9 @@
OBJ_obj2nid 364 EXIST::FUNCTION:
OBJ_sn2nid 365 EXIST::FUNCTION:
OBJ_txt2nid 366 EXIST::FUNCTION:
-PEM_ASN1_read 367 EXIST:!WIN16:FUNCTION:
+PEM_ASN1_read 367 EXIST::FUNCTION:
PEM_ASN1_read_bio 368 EXIST::FUNCTION:BIO
-PEM_ASN1_write 369 EXIST:!WIN16:FUNCTION:
+PEM_ASN1_write 369 EXIST::FUNCTION:
PEM_ASN1_write_bio 370 EXIST::FUNCTION:BIO
PEM_SealFinal 371 EXIST::FUNCTION:RSA
PEM_SealInit 372 EXIST::FUNCTION:RSA
@@ -366,7 +366,7 @@
PEM_SignFinal 374 EXIST::FUNCTION:
PEM_SignInit 375 EXIST::FUNCTION:
PEM_SignUpdate 376 EXIST::FUNCTION:
-PEM_X509_INFO_read 377 EXIST:!WIN16:FUNCTION:
+PEM_X509_INFO_read 377 EXIST::FUNCTION:
PEM_X509_INFO_read_bio 378 EXIST::FUNCTION:BIO
PEM_X509_INFO_write_bio 379 EXIST::FUNCTION:BIO
PEM_dek_info 380 EXIST::FUNCTION:
@@ -373,7 +373,7 @@
PEM_do_header 381 EXIST::FUNCTION:
PEM_get_EVP_CIPHER_INFO 382 EXIST::FUNCTION:
PEM_proc_type 383 EXIST::FUNCTION:
-PEM_read 384 EXIST:!WIN16:FUNCTION:
+PEM_read 384 EXIST::FUNCTION:
PEM_read_DHparams 385 EXIST:!WIN16:FUNCTION:DH
PEM_read_DSAPrivateKey 386 EXIST:!WIN16:FUNCTION:DSA
PEM_read_DSAparams 387 EXIST:!WIN16:FUNCTION:DSA
@@ -393,7 +393,7 @@
PEM_read_bio_X509 401 EXIST::FUNCTION:
PEM_read_bio_X509_CRL 402 EXIST::FUNCTION:
PEM_read_bio_X509_REQ 403 EXIST::FUNCTION:
-PEM_write 404 EXIST:!WIN16:FUNCTION:
+PEM_write 404 EXIST::FUNCTION:
PEM_write_DHparams 405 EXIST:!WIN16:FUNCTION:DH
PEM_write_DSAPrivateKey 406 EXIST:!WIN16:FUNCTION:DSA
PEM_write_DSAparams 407 EXIST:!WIN16:FUNCTION:DSA
@@ -469,7 +469,7 @@
RC4 477 EXIST::FUNCTION:RC4
RC4_options 478 EXIST::FUNCTION:RC4
RC4_set_key 479 EXIST::FUNCTION:RC4
-RSAPrivateKey_asn1_meth 480 EXIST::FUNCTION:RSA
+RSAPrivateKey_asn1_meth 480 NOEXIST::FUNCTION:
RSAPrivateKey_dup 481 EXIST::FUNCTION:RSA
RSAPublicKey_dup 482 EXIST::FUNCTION:RSA
RSA_PKCS1_SSLeay 483 EXIST::FUNCTION:RSA
@@ -624,7 +624,7 @@
X509_VAL_free 631 EXIST::FUNCTION:
X509_VAL_new 632 EXIST::FUNCTION:
X509_add_ext 633 EXIST::FUNCTION:
-X509_asn1_meth 634 EXIST::FUNCTION:
+X509_asn1_meth 634 NOEXIST::FUNCTION:
X509_certificate_type 635 EXIST::FUNCTION:
X509_check_private_key 636 EXIST::FUNCTION:
X509_cmp_current_time 637 EXIST::FUNCTION:
@@ -704,7 +704,7 @@
_ossl_old_crypt 711 EXIST:!NeXT,!PERL5:FUNCTION:DES
d2i_ASN1_BIT_STRING 712 EXIST::FUNCTION:
d2i_ASN1_BOOLEAN 713 EXIST::FUNCTION:
-d2i_ASN1_HEADER 714 EXIST::FUNCTION:
+d2i_ASN1_HEADER 714 NOEXIST::FUNCTION:
d2i_ASN1_IA5STRING 715 EXIST::FUNCTION:
d2i_ASN1_INTEGER 716 EXIST::FUNCTION:
d2i_ASN1_OBJECT 717 EXIST::FUNCTION:
@@ -809,7 +809,7 @@
i2a_ASN1_STRING 817 EXIST::FUNCTION:BIO
i2d_ASN1_BIT_STRING 818 EXIST::FUNCTION:
i2d_ASN1_BOOLEAN 819 EXIST::FUNCTION:
-i2d_ASN1_HEADER 820 EXIST::FUNCTION:
+i2d_ASN1_HEADER 820 NOEXIST::FUNCTION:
i2d_ASN1_IA5STRING 821 EXIST::FUNCTION:
i2d_ASN1_INTEGER 822 EXIST::FUNCTION:
i2d_ASN1_OBJECT 823 EXIST::FUNCTION:
@@ -950,9 +950,9 @@
EVP_PKEY_cmp_parameters 967 EXIST::FUNCTION:
HMAC_cleanup 968 NOEXIST::FUNCTION:
BIO_ptr_ctrl 969 EXIST::FUNCTION:
-BIO_new_file_internal 970 EXIST:WIN16:FUNCTION:FP_API
-BIO_new_fp_internal 971 EXIST:WIN16:FUNCTION:FP_API
-BIO_s_file_internal 972 EXIST:WIN16:FUNCTION:FP_API
+BIO_new_file_internal 970 NOEXIST::FUNCTION:
+BIO_new_fp_internal 971 NOEXIST::FUNCTION:
+BIO_s_file_internal 972 NOEXIST::FUNCTION:
BN_BLINDING_convert 973 EXIST::FUNCTION:
BN_BLINDING_invert 974 EXIST::FUNCTION:
BN_BLINDING_update 975 EXIST::FUNCTION:
@@ -984,8 +984,8 @@
CRYPTO_free_ex_data 1004 EXIST::FUNCTION:
CRYPTO_get_ex_data 1005 EXIST::FUNCTION:
CRYPTO_set_ex_data 1007 EXIST::FUNCTION:
-ERR_load_CRYPTO_strings 1009 EXIST:!OS2,!VMS,!WIN16:FUNCTION:
-ERR_load_CRYPTOlib_strings 1009 EXIST:OS2,VMS,WIN16:FUNCTION:
+ERR_load_CRYPTO_strings 1009 EXIST:!OS2,!VMS:FUNCTION:
+ERR_load_CRYPTOlib_strings 1009 EXIST:OS2,VMS:FUNCTION:
EVP_PKEY_bits 1010 EXIST::FUNCTION:
MD5_Transform 1011 EXIST::FUNCTION:MD5
SHA1_Transform 1012 EXIST::FUNCTION:SHA,SHA1
@@ -1050,7 +1050,7 @@
ASN1_TYPE_set_int_octetstring 1078 EXIST::FUNCTION:
ASN1_TYPE_set_octetstring 1079 EXIST::FUNCTION:
ASN1_UTCTIME_set_string 1080 EXIST::FUNCTION:
-ERR_add_error_data 1081 EXIST::FUNCTION:BIO
+ERR_add_error_data 1081 EXIST::FUNCTION:
ERR_set_error_data 1082 EXIST::FUNCTION:
EVP_CIPHER_asn1_to_param 1083 EXIST::FUNCTION:
EVP_CIPHER_param_to_asn1 1084 EXIST::FUNCTION:
@@ -1117,11 +1117,11 @@
COMP_expand_block 1145 EXIST::FUNCTION:
COMP_rle 1146 EXIST::FUNCTION:
COMP_zlib 1147 EXIST::FUNCTION:
-ms_time_diff 1148 EXIST::FUNCTION:
-ms_time_new 1149 EXIST::FUNCTION:
-ms_time_free 1150 EXIST::FUNCTION:
-ms_time_cmp 1151 EXIST::FUNCTION:
-ms_time_get 1152 EXIST::FUNCTION:
+ms_time_diff 1148 NOEXIST::FUNCTION:
+ms_time_new 1149 NOEXIST::FUNCTION:
+ms_time_free 1150 NOEXIST::FUNCTION:
+ms_time_cmp 1151 NOEXIST::FUNCTION:
+ms_time_get 1152 NOEXIST::FUNCTION:
PKCS7_set_attributes 1153 EXIST::FUNCTION:
PKCS7_set_signed_attributes 1154 EXIST::FUNCTION:
X509_ATTRIBUTE_create 1155 EXIST::FUNCTION:
@@ -1255,8 +1255,8 @@
PKCS12_verify_mac 1279 EXIST::FUNCTION:
PKCS12_set_mac 1280 EXIST::FUNCTION:
PKCS12_setup_mac 1281 EXIST::FUNCTION:
-asc2uni 1282 EXIST:!NETWARE:FUNCTION:
-uni2asc 1283 EXIST:!NETWARE:FUNCTION:
+OPENSSL_asc2uni 1282 EXIST::FUNCTION:
+OPENSSL_uni2asc 1283 EXIST::FUNCTION:
i2d_PKCS12_BAGS 1284 EXIST::FUNCTION:
PKCS12_BAGS_new 1285 EXIST::FUNCTION:
d2i_PKCS12_BAGS 1286 EXIST::FUNCTION:
@@ -1806,6 +1806,7 @@
ASN1_UTCTIME_get 2350 NOEXIST::FUNCTION:
X509_REQ_digest 2362 EXIST::FUNCTION:EVP
X509_CRL_digest 2391 EXIST::FUNCTION:EVP
+ASN1_STRING_clear_free 2392 EXIST::FUNCTION:
d2i_ASN1_SET_OF_PKCS7 2397 NOEXIST::FUNCTION:
X509_ALGOR_cmp 2398 EXIST::FUNCTION:
EVP_CIPHER_CTX_set_key_length 2399 EXIST::FUNCTION:
@@ -2082,7 +2083,7 @@
NETSCAPE_SPKAC_it 2641 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
X509_REVOKED_it 2642 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
X509_REVOKED_it 2642 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-ASN1_STRING_encode 2643 EXIST::FUNCTION:
+ASN1_STRING_encode 2643 NOEXIST::FUNCTION:
EVP_aes_128_ecb 2644 EXIST::FUNCTION:AES
KRB5_AUTHENT_free 2645 EXIST::FUNCTION:
OCSP_BASICRESP_get_ext_by_critical 2646 EXIST:!VMS:FUNCTION:
@@ -2733,8 +2734,8 @@
KRB5_APREQ_free 3179 EXIST::FUNCTION:
ASN1_OBJECT_it 3180 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
ASN1_OBJECT_it 3180 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-OCSP_crlID_new 3181 EXIST:!OS2,!VMS,!WIN16:FUNCTION:
-OCSP_crlID2_new 3181 EXIST:OS2,VMS,WIN16:FUNCTION:
+OCSP_crlID_new 3181 EXIST:!OS2,!VMS:FUNCTION:
+OCSP_crlID2_new 3181 EXIST:OS2,VMS:FUNCTION:
CONF_modules_load_file 3182 EXIST::FUNCTION:
CONF_imodule_set_usr_data 3183 EXIST::FUNCTION:
ENGINE_set_default_string 3184 EXIST::FUNCTION:ENGINE
@@ -2805,42 +2806,42 @@
ENGINE_setup_bsd_cryptodev 3246 EXIST:__FreeBSD__:FUNCTION:ENGINE
ERR_release_err_state_table 3247 EXIST::FUNCTION:LHASH
EVP_aes_128_cfb8 3248 EXIST::FUNCTION:AES
-FIPS_corrupt_rsa 3249 EXIST:OPENSSL_FIPS:FUNCTION:
-FIPS_selftest_des 3250 EXIST:OPENSSL_FIPS:FUNCTION:
+FIPS_corrupt_rsa 3249 NOEXIST::FUNCTION:
+FIPS_selftest_des 3250 NOEXIST::FUNCTION:
EVP_aes_128_cfb1 3251 EXIST::FUNCTION:AES
EVP_aes_192_cfb8 3252 EXIST::FUNCTION:AES
-FIPS_mode_set 3253 EXIST:OPENSSL_FIPS:FUNCTION:
-FIPS_selftest_dsa 3254 EXIST:OPENSSL_FIPS:FUNCTION:
+FIPS_mode_set 3253 EXIST::FUNCTION:
+FIPS_selftest_dsa 3254 NOEXIST::FUNCTION:
EVP_aes_256_cfb8 3255 EXIST::FUNCTION:AES
FIPS_allow_md5 3256 NOEXIST::FUNCTION:
DES_ede3_cfb_encrypt 3257 EXIST::FUNCTION:DES
EVP_des_ede3_cfb8 3258 EXIST::FUNCTION:DES
FIPS_rand_seeded 3259 NOEXIST::FUNCTION:
-AES_cfbr_encrypt_block 3260 EXIST::FUNCTION:AES
+AES_cfbr_encrypt_block 3260 NOEXIST::FUNCTION:
AES_cfb8_encrypt 3261 EXIST::FUNCTION:AES
-FIPS_rand_seed 3262 EXIST:OPENSSL_FIPS:FUNCTION:
-FIPS_corrupt_des 3263 EXIST:OPENSSL_FIPS:FUNCTION:
+FIPS_rand_seed 3262 NOEXIST::FUNCTION:
+FIPS_corrupt_des 3263 NOEXIST::FUNCTION:
EVP_aes_192_cfb1 3264 EXIST::FUNCTION:AES
-FIPS_selftest_aes 3265 EXIST:OPENSSL_FIPS:FUNCTION:
+FIPS_selftest_aes 3265 NOEXIST::FUNCTION:
FIPS_set_prng_key 3266 NOEXIST::FUNCTION:
EVP_des_cfb8 3267 EXIST::FUNCTION:DES
-FIPS_corrupt_dsa 3268 EXIST:OPENSSL_FIPS:FUNCTION:
+FIPS_corrupt_dsa 3268 NOEXIST::FUNCTION:
FIPS_test_mode 3269 NOEXIST::FUNCTION:
-FIPS_rand_method 3270 EXIST:OPENSSL_FIPS:FUNCTION:
+FIPS_rand_method 3270 NOEXIST::FUNCTION:
EVP_aes_256_cfb1 3271 EXIST::FUNCTION:AES
-ERR_load_FIPS_strings 3272 EXIST:OPENSSL_FIPS:FUNCTION:
-FIPS_corrupt_aes 3273 EXIST:OPENSSL_FIPS:FUNCTION:
-FIPS_selftest_sha1 3274 EXIST:OPENSSL_FIPS:FUNCTION:
-FIPS_selftest_rsa 3275 EXIST:OPENSSL_FIPS:FUNCTION:
-FIPS_corrupt_sha1 3276 EXIST:OPENSSL_FIPS:FUNCTION:
+ERR_load_FIPS_strings 3272 NOEXIST::FUNCTION:
+FIPS_corrupt_aes 3273 NOEXIST::FUNCTION:
+FIPS_selftest_sha1 3274 NOEXIST::FUNCTION:
+FIPS_selftest_rsa 3275 NOEXIST::FUNCTION:
+FIPS_corrupt_sha1 3276 NOEXIST::FUNCTION:
EVP_des_cfb1 3277 EXIST::FUNCTION:DES
FIPS_dsa_check 3278 NOEXIST::FUNCTION:
AES_cfb1_encrypt 3279 EXIST::FUNCTION:AES
EVP_des_ede3_cfb1 3280 EXIST::FUNCTION:DES
-FIPS_rand_check 3281 EXIST:OPENSSL_FIPS:FUNCTION:
+FIPS_rand_check 3281 NOEXIST::FUNCTION:
FIPS_md5_allowed 3282 NOEXIST::FUNCTION:
-FIPS_mode 3283 EXIST:OPENSSL_FIPS:FUNCTION:
-FIPS_selftest_failed 3284 EXIST:OPENSSL_FIPS:FUNCTION:
+FIPS_mode 3283 EXIST::FUNCTION:
+FIPS_selftest_failed 3284 NOEXIST::FUNCTION:
sk_is_sorted 3285 EXIST::FUNCTION:
X509_check_ca 3286 EXIST::FUNCTION:
private_idea_set_encrypt_key 3287 EXIST:OPENSSL_FIPS:FUNCTION:IDEA
@@ -2848,9 +2849,9 @@
private_SHA_Init 3289 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA0
private_CAST_set_key 3290 EXIST:OPENSSL_FIPS:FUNCTION:CAST
private_RIPEMD160_Init 3291 EXIST:OPENSSL_FIPS:FUNCTION:RIPEMD
-private_RC5_32_set_key 3292 EXIST:OPENSSL_FIPS:FUNCTION:RC5
+private_RC5_32_set_key 3292 NOEXIST::FUNCTION:
private_MD5_Init 3293 EXIST:OPENSSL_FIPS:FUNCTION:MD5
-private_RC4_set_key 3294 EXIST:OPENSSL_FIPS:FUNCTION:RC4
+private_RC4_set_key 3294 EXIST::FUNCTION:RC4
private_MDC2_Init 3295 EXIST:OPENSSL_FIPS:FUNCTION:MDC2
private_RC2_set_key 3296 EXIST:OPENSSL_FIPS:FUNCTION:RC2
private_MD4_Init 3297 EXIST:OPENSSL_FIPS:FUNCTION:MD4
@@ -2869,13 +2870,13 @@
PROXY_POLICY_free 3308 EXIST::FUNCTION:
PROXY_POLICY_new 3309 EXIST::FUNCTION:
BN_MONT_CTX_set_locked 3310 EXIST::FUNCTION:
-FIPS_selftest_rng 3311 EXIST:OPENSSL_FIPS:FUNCTION:
+FIPS_selftest_rng 3311 NOEXIST::FUNCTION:
EVP_sha384 3312 EXIST:!VMSVAX:FUNCTION:SHA,SHA512
EVP_sha512 3313 EXIST:!VMSVAX:FUNCTION:SHA,SHA512
EVP_sha224 3314 EXIST::FUNCTION:SHA,SHA256
EVP_sha256 3315 EXIST::FUNCTION:SHA,SHA256
-FIPS_selftest_hmac 3316 EXIST:OPENSSL_FIPS:FUNCTION:
-FIPS_corrupt_rng 3317 EXIST:OPENSSL_FIPS:FUNCTION:
+FIPS_selftest_hmac 3316 NOEXIST::FUNCTION:
+FIPS_corrupt_rng 3317 NOEXIST::FUNCTION:
BN_mod_exp_mont_consttime 3318 EXIST::FUNCTION:
RSA_X931_hash_id 3319 EXIST::FUNCTION:RSA
RSA_padding_check_X931 3320 EXIST::FUNCTION:RSA
@@ -2894,21 +2895,21 @@
X509_STORE_CTX_set0_crls 3333 EXIST::FUNCTION:
ENGINE_set_STORE 3334 EXIST::FUNCTION:ENGINE
ENGINE_register_ECDSA 3335 EXIST::FUNCTION:ENGINE
-STORE_method_set_list_start_function 3336 EXIST:!VMS:FUNCTION:
-STORE_meth_set_list_start_fn 3336 EXIST:VMS:FUNCTION:
+STORE_meth_set_list_start_fn 3336 NOEXIST::FUNCTION:
+STORE_method_set_list_start_function 3336 NOEXIST::FUNCTION:
BN_BLINDING_invert_ex 3337 EXIST::FUNCTION:
NAME_CONSTRAINTS_free 3338 EXIST::FUNCTION:
-STORE_ATTR_INFO_set_number 3339 EXIST::FUNCTION:
-BN_BLINDING_get_thread_id 3340 EXIST::FUNCTION:
+STORE_ATTR_INFO_set_number 3339 NOEXIST::FUNCTION:
+BN_BLINDING_get_thread_id 3340 EXIST::FUNCTION:DEPRECATED
X509_STORE_CTX_set0_param 3341 EXIST::FUNCTION:
POLICY_MAPPING_it 3342 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
POLICY_MAPPING_it 3342 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-STORE_parse_attrs_start 3343 EXIST::FUNCTION:
+STORE_parse_attrs_start 3343 NOEXIST::FUNCTION:
POLICY_CONSTRAINTS_free 3344 EXIST::FUNCTION:
EVP_PKEY_add1_attr_by_NID 3345 EXIST::FUNCTION:
BN_nist_mod_192 3346 EXIST::FUNCTION:
-EC_GROUP_get_trinomial_basis 3347 EXIST::FUNCTION:EC
-STORE_set_method 3348 EXIST::FUNCTION:
+EC_GROUP_get_trinomial_basis 3347 EXIST::FUNCTION:EC,EC2M
+STORE_set_method 3348 NOEXIST::FUNCTION:
GENERAL_SUBTREE_free 3349 EXIST::FUNCTION:
NAME_CONSTRAINTS_it 3350 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
NAME_CONSTRAINTS_it 3350 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
@@ -2915,22 +2916,22 @@
ECDH_get_default_method 3351 EXIST::FUNCTION:ECDH
PKCS12_add_safe 3352 EXIST::FUNCTION:
EC_KEY_new_by_curve_name 3353 EXIST::FUNCTION:EC
-STORE_method_get_update_store_function 3354 EXIST:!VMS:FUNCTION:
-STORE_meth_get_update_store_fn 3354 EXIST:VMS:FUNCTION:
+STORE_meth_get_update_store_fn 3354 NOEXIST::FUNCTION:
+STORE_method_get_update_store_function 3354 NOEXIST::FUNCTION:
ENGINE_register_ECDH 3355 EXIST::FUNCTION:ENGINE
SHA512_Update 3356 EXIST:!VMSVAX:FUNCTION:SHA,SHA512
i2d_ECPrivateKey 3357 EXIST::FUNCTION:EC
BN_get0_nist_prime_192 3358 EXIST::FUNCTION:
-STORE_modify_certificate 3359 EXIST::FUNCTION:
-EC_POINT_set_affine_coordinates_GF2m 3360 EXIST:!VMS:FUNCTION:EC
-EC_POINT_set_affine_coords_GF2m 3360 EXIST:VMS:FUNCTION:EC
-BN_GF2m_mod_exp_arr 3361 EXIST::FUNCTION:
-STORE_ATTR_INFO_modify_number 3362 EXIST::FUNCTION:
+STORE_modify_certificate 3359 NOEXIST::FUNCTION:
+EC_POINT_set_affine_coordinates_GF2m 3360 EXIST:!VMS:FUNCTION:EC,EC2M
+EC_POINT_set_affine_coords_GF2m 3360 EXIST:VMS:FUNCTION:EC,EC2M
+BN_GF2m_mod_exp_arr 3361 EXIST::FUNCTION:EC2M
+STORE_ATTR_INFO_modify_number 3362 NOEXIST::FUNCTION:
X509_keyid_get0 3363 EXIST::FUNCTION:
ENGINE_load_gmp 3364 EXIST::FUNCTION:ENGINE,GMP,STATIC_ENGINE
pitem_new 3365 EXIST::FUNCTION:
-BN_GF2m_mod_mul_arr 3366 EXIST::FUNCTION:
-STORE_list_public_key_endp 3367 EXIST::FUNCTION:
+BN_GF2m_mod_mul_arr 3366 EXIST::FUNCTION:EC2M
+STORE_list_public_key_endp 3367 NOEXIST::FUNCTION:
o2i_ECPublicKey 3368 EXIST::FUNCTION:EC
EC_KEY_copy 3369 EXIST::FUNCTION:EC
BIO_dump_fp 3370 EXIST::FUNCTION:FP_API
@@ -2939,73 +2940,73 @@
i2o_ECPublicKey 3373 EXIST::FUNCTION:EC
EC_KEY_precompute_mult 3374 EXIST::FUNCTION:EC
a2i_IPADDRESS 3375 EXIST::FUNCTION:
-STORE_method_set_initialise_function 3376 EXIST:!VMS:FUNCTION:
-STORE_meth_set_initialise_fn 3376 EXIST:VMS:FUNCTION:
+STORE_meth_set_initialise_fn 3376 NOEXIST::FUNCTION:
+STORE_method_set_initialise_function 3376 NOEXIST::FUNCTION:
X509_STORE_CTX_set_depth 3377 EXIST::FUNCTION:
X509_VERIFY_PARAM_inherit 3378 EXIST::FUNCTION:
EC_POINT_point2bn 3379 EXIST::FUNCTION:EC
-STORE_ATTR_INFO_set_dn 3380 EXIST::FUNCTION:
+STORE_ATTR_INFO_set_dn 3380 NOEXIST::FUNCTION:
X509_policy_tree_get0_policies 3381 EXIST::FUNCTION:
-EC_GROUP_new_curve_GF2m 3382 EXIST::FUNCTION:EC
-STORE_destroy_method 3383 EXIST::FUNCTION:
+EC_GROUP_new_curve_GF2m 3382 EXIST::FUNCTION:EC,EC2M
+STORE_destroy_method 3383 NOEXIST::FUNCTION:
ENGINE_unregister_STORE 3384 EXIST::FUNCTION:ENGINE
EVP_PKEY_get1_EC_KEY 3385 EXIST::FUNCTION:EC
-STORE_ATTR_INFO_get0_number 3386 EXIST::FUNCTION:
+STORE_ATTR_INFO_get0_number 3386 NOEXIST::FUNCTION:
ENGINE_get_default_ECDH 3387 EXIST::FUNCTION:ENGINE
EC_KEY_get_conv_form 3388 EXIST::FUNCTION:EC
ASN1_OCTET_STRING_NDEF_it 3389 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
ASN1_OCTET_STRING_NDEF_it 3389 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-STORE_delete_public_key 3390 EXIST::FUNCTION:
-STORE_get_public_key 3391 EXIST::FUNCTION:
-STORE_modify_arbitrary 3392 EXIST::FUNCTION:
+STORE_delete_public_key 3390 NOEXIST::FUNCTION:
+STORE_get_public_key 3391 NOEXIST::FUNCTION:
+STORE_modify_arbitrary 3392 NOEXIST::FUNCTION:
ENGINE_get_static_state 3393 EXIST::FUNCTION:ENGINE
pqueue_iterator 3394 EXIST::FUNCTION:
ECDSA_SIG_new 3395 EXIST::FUNCTION:ECDSA
OPENSSL_DIR_end 3396 EXIST::FUNCTION:
-BN_GF2m_mod_sqr 3397 EXIST::FUNCTION:
+BN_GF2m_mod_sqr 3397 EXIST::FUNCTION:EC2M
EC_POINT_bn2point 3398 EXIST::FUNCTION:EC
X509_VERIFY_PARAM_set_depth 3399 EXIST::FUNCTION:
EC_KEY_set_asn1_flag 3400 EXIST::FUNCTION:EC
-STORE_get_method 3401 EXIST::FUNCTION:
+STORE_get_method 3401 NOEXIST::FUNCTION:
EC_KEY_get_key_method_data 3402 EXIST::FUNCTION:EC
ECDSA_sign_ex 3403 EXIST::FUNCTION:ECDSA
-STORE_parse_attrs_end 3404 EXIST::FUNCTION:
+STORE_parse_attrs_end 3404 NOEXIST::FUNCTION:
EC_GROUP_get_point_conversion_form 3405 EXIST:!VMS:FUNCTION:EC
EC_GROUP_get_point_conv_form 3405 EXIST:VMS:FUNCTION:EC
-STORE_method_set_store_function 3406 EXIST::FUNCTION:
-STORE_ATTR_INFO_in 3407 EXIST::FUNCTION:
+STORE_method_set_store_function 3406 NOEXIST::FUNCTION:
+STORE_ATTR_INFO_in 3407 NOEXIST::FUNCTION:
PEM_read_bio_ECPKParameters 3408 EXIST::FUNCTION:EC
-EC_GROUP_get_pentanomial_basis 3409 EXIST::FUNCTION:EC
+EC_GROUP_get_pentanomial_basis 3409 EXIST::FUNCTION:EC,EC2M
EVP_PKEY_add1_attr_by_txt 3410 EXIST::FUNCTION:
BN_BLINDING_set_flags 3411 EXIST::FUNCTION:
X509_VERIFY_PARAM_set1_policies 3412 EXIST::FUNCTION:
X509_VERIFY_PARAM_set1_name 3413 EXIST::FUNCTION:
X509_VERIFY_PARAM_set_purpose 3414 EXIST::FUNCTION:
-STORE_get_number 3415 EXIST::FUNCTION:
+STORE_get_number 3415 NOEXIST::FUNCTION:
ECDSA_sign_setup 3416 EXIST::FUNCTION:ECDSA
-BN_GF2m_mod_solve_quad_arr 3417 EXIST::FUNCTION:
+BN_GF2m_mod_solve_quad_arr 3417 EXIST::FUNCTION:EC2M
EC_KEY_up_ref 3418 EXIST::FUNCTION:EC
POLICY_MAPPING_free 3419 EXIST::FUNCTION:
-BN_GF2m_mod_div 3420 EXIST::FUNCTION:
+BN_GF2m_mod_div 3420 EXIST::FUNCTION:EC2M
X509_VERIFY_PARAM_set_flags 3421 EXIST::FUNCTION:
EC_KEY_free 3422 EXIST::FUNCTION:EC
-STORE_method_set_list_next_function 3423 EXIST:!VMS:FUNCTION:
-STORE_meth_set_list_next_fn 3423 EXIST:VMS:FUNCTION:
+STORE_meth_set_list_next_fn 3423 NOEXIST::FUNCTION:
+STORE_method_set_list_next_function 3423 NOEXIST::FUNCTION:
PEM_write_bio_ECPrivateKey 3424 EXIST::FUNCTION:EC
d2i_EC_PUBKEY 3425 EXIST::FUNCTION:EC
-STORE_method_get_generate_function 3426 EXIST:!VMS:FUNCTION:
-STORE_meth_get_generate_fn 3426 EXIST:VMS:FUNCTION:
-STORE_method_set_list_end_function 3427 EXIST:!VMS:FUNCTION:
-STORE_meth_set_list_end_fn 3427 EXIST:VMS:FUNCTION:
-pqueue_print 3428 EXIST:!VMSVAX:FUNCTION:
+STORE_meth_get_generate_fn 3426 NOEXIST::FUNCTION:
+STORE_method_get_generate_function 3426 NOEXIST::FUNCTION:
+STORE_meth_set_list_end_fn 3427 NOEXIST::FUNCTION:
+STORE_method_set_list_end_function 3427 NOEXIST::FUNCTION:
+pqueue_print 3428 EXIST::FUNCTION:
EC_GROUP_have_precompute_mult 3429 EXIST::FUNCTION:EC
EC_KEY_print_fp 3430 EXIST::FUNCTION:EC,FP_API
-BN_GF2m_mod_arr 3431 EXIST::FUNCTION:
+BN_GF2m_mod_arr 3431 EXIST::FUNCTION:EC2M
PEM_write_bio_X509_CERT_PAIR 3432 EXIST::FUNCTION:
EVP_PKEY_cmp 3433 EXIST::FUNCTION:
X509_policy_level_node_count 3434 EXIST::FUNCTION:
-STORE_new_engine 3435 EXIST::FUNCTION:
-STORE_list_public_key_start 3436 EXIST::FUNCTION:
+STORE_new_engine 3435 NOEXIST::FUNCTION:
+STORE_list_public_key_start 3436 NOEXIST::FUNCTION:
X509_VERIFY_PARAM_new 3437 EXIST::FUNCTION:
ECDH_get_ex_data 3438 EXIST::FUNCTION:ECDH
EVP_PKEY_get_attr 3439 EXIST::FUNCTION:
@@ -3015,72 +3016,72 @@
EC_KEY_set_conv_form 3443 EXIST::FUNCTION:EC
EC_POINT_dup 3444 EXIST::FUNCTION:EC
GENERAL_SUBTREE_new 3445 EXIST::FUNCTION:
-STORE_list_crl_endp 3446 EXIST::FUNCTION:
+STORE_list_crl_endp 3446 NOEXIST::FUNCTION:
EC_get_builtin_curves 3447 EXIST::FUNCTION:EC
X509_policy_node_get0_qualifiers 3448 EXIST:!VMS:FUNCTION:
X509_pcy_node_get0_qualifiers 3448 EXIST:VMS:FUNCTION:
-STORE_list_crl_end 3449 EXIST::FUNCTION:
+STORE_list_crl_end 3449 NOEXIST::FUNCTION:
EVP_PKEY_set1_EC_KEY 3450 EXIST::FUNCTION:EC
-BN_GF2m_mod_sqrt_arr 3451 EXIST::FUNCTION:
+BN_GF2m_mod_sqrt_arr 3451 EXIST::FUNCTION:EC2M
i2d_ECPrivateKey_bio 3452 EXIST::FUNCTION:BIO,EC
ECPKParameters_print_fp 3453 EXIST::FUNCTION:EC,FP_API
pqueue_find 3454 EXIST::FUNCTION:
ECDSA_SIG_free 3455 EXIST::FUNCTION:ECDSA
PEM_write_bio_ECPKParameters 3456 EXIST::FUNCTION:EC
-STORE_method_set_ctrl_function 3457 EXIST::FUNCTION:
-STORE_list_public_key_end 3458 EXIST::FUNCTION:
+STORE_method_set_ctrl_function 3457 NOEXIST::FUNCTION:
+STORE_list_public_key_end 3458 NOEXIST::FUNCTION:
EC_KEY_set_private_key 3459 EXIST::FUNCTION:EC
pqueue_peek 3460 EXIST::FUNCTION:
-STORE_get_arbitrary 3461 EXIST::FUNCTION:
-STORE_store_crl 3462 EXIST::FUNCTION:
+STORE_get_arbitrary 3461 NOEXIST::FUNCTION:
+STORE_store_crl 3462 NOEXIST::FUNCTION:
X509_policy_node_get0_policy 3463 EXIST::FUNCTION:
PKCS12_add_safes 3464 EXIST::FUNCTION:
BN_BLINDING_convert_ex 3465 EXIST::FUNCTION:
X509_policy_tree_free 3466 EXIST::FUNCTION:
OPENSSL_ia32cap_loc 3467 EXIST::FUNCTION:
-BN_GF2m_poly2arr 3468 EXIST::FUNCTION:
-STORE_ctrl 3469 EXIST::FUNCTION:
-STORE_ATTR_INFO_compare 3470 EXIST::FUNCTION:
+BN_GF2m_poly2arr 3468 EXIST::FUNCTION:EC2M
+STORE_ctrl 3469 NOEXIST::FUNCTION:
+STORE_ATTR_INFO_compare 3470 NOEXIST::FUNCTION:
BN_get0_nist_prime_224 3471 EXIST::FUNCTION:
i2d_ECParameters 3472 EXIST::FUNCTION:EC
i2d_ECPKParameters 3473 EXIST::FUNCTION:EC
BN_GENCB_call 3474 EXIST::FUNCTION:
d2i_ECPKParameters 3475 EXIST::FUNCTION:EC
-STORE_method_set_generate_function 3476 EXIST:!VMS:FUNCTION:
-STORE_meth_set_generate_fn 3476 EXIST:VMS:FUNCTION:
+STORE_meth_set_generate_fn 3476 NOEXIST::FUNCTION:
+STORE_method_set_generate_function 3476 NOEXIST::FUNCTION:
ENGINE_set_ECDH 3477 EXIST::FUNCTION:ENGINE
NAME_CONSTRAINTS_new 3478 EXIST::FUNCTION:
SHA256_Init 3479 EXIST::FUNCTION:SHA,SHA256
EC_KEY_get0_public_key 3480 EXIST::FUNCTION:EC
PEM_write_bio_EC_PUBKEY 3481 EXIST::FUNCTION:EC
-STORE_ATTR_INFO_set_cstr 3482 EXIST::FUNCTION:
-STORE_list_crl_next 3483 EXIST::FUNCTION:
-STORE_ATTR_INFO_in_range 3484 EXIST::FUNCTION:
+STORE_ATTR_INFO_set_cstr 3482 NOEXIST::FUNCTION:
+STORE_list_crl_next 3483 NOEXIST::FUNCTION:
+STORE_ATTR_INFO_in_range 3484 NOEXIST::FUNCTION:
ECParameters_print 3485 EXIST::FUNCTION:BIO,EC
-STORE_method_set_delete_function 3486 EXIST:!VMS:FUNCTION:
-STORE_meth_set_delete_fn 3486 EXIST:VMS:FUNCTION:
-STORE_list_certificate_next 3487 EXIST::FUNCTION:
+STORE_meth_set_delete_fn 3486 NOEXIST::FUNCTION:
+STORE_method_set_delete_function 3486 NOEXIST::FUNCTION:
+STORE_list_certificate_next 3487 NOEXIST::FUNCTION:
ASN1_generate_nconf 3488 EXIST::FUNCTION:
BUF_memdup 3489 EXIST::FUNCTION:
-BN_GF2m_mod_mul 3490 EXIST::FUNCTION:
-STORE_method_get_list_next_function 3491 EXIST:!VMS:FUNCTION:
-STORE_meth_get_list_next_fn 3491 EXIST:VMS:FUNCTION:
-STORE_ATTR_INFO_get0_dn 3492 EXIST::FUNCTION:
-STORE_list_private_key_next 3493 EXIST::FUNCTION:
+BN_GF2m_mod_mul 3490 EXIST::FUNCTION:EC2M
+STORE_meth_get_list_next_fn 3491 NOEXIST::FUNCTION:
+STORE_method_get_list_next_function 3491 NOEXIST::FUNCTION:
+STORE_ATTR_INFO_get0_dn 3492 NOEXIST::FUNCTION:
+STORE_list_private_key_next 3493 NOEXIST::FUNCTION:
EC_GROUP_set_seed 3494 EXIST::FUNCTION:EC
X509_VERIFY_PARAM_set_trust 3495 EXIST::FUNCTION:
-STORE_ATTR_INFO_free 3496 EXIST::FUNCTION:
-STORE_get_private_key 3497 EXIST::FUNCTION:
+STORE_ATTR_INFO_free 3496 NOEXIST::FUNCTION:
+STORE_get_private_key 3497 NOEXIST::FUNCTION:
EVP_PKEY_get_attr_count 3498 EXIST::FUNCTION:
-STORE_ATTR_INFO_new 3499 EXIST::FUNCTION:
-EC_GROUP_get_curve_GF2m 3500 EXIST::FUNCTION:EC
-STORE_method_set_revoke_function 3501 EXIST:!VMS:FUNCTION:
-STORE_meth_set_revoke_fn 3501 EXIST:VMS:FUNCTION:
-STORE_store_number 3502 EXIST::FUNCTION:
+STORE_ATTR_INFO_new 3499 NOEXIST::FUNCTION:
+EC_GROUP_get_curve_GF2m 3500 EXIST::FUNCTION:EC,EC2M
+STORE_meth_set_revoke_fn 3501 NOEXIST::FUNCTION:
+STORE_method_set_revoke_function 3501 NOEXIST::FUNCTION:
+STORE_store_number 3502 NOEXIST::FUNCTION:
BN_is_prime_ex 3503 EXIST::FUNCTION:
-STORE_revoke_public_key 3504 EXIST::FUNCTION:
+STORE_revoke_public_key 3504 NOEXIST::FUNCTION:
X509_STORE_CTX_get0_param 3505 EXIST::FUNCTION:
-STORE_delete_arbitrary 3506 EXIST::FUNCTION:
+STORE_delete_arbitrary 3506 NOEXIST::FUNCTION:
PEM_read_X509_CERT_PAIR 3507 EXIST:!WIN16:FUNCTION:
X509_STORE_set_depth 3508 EXIST::FUNCTION:
ECDSA_get_ex_data 3509 EXIST::FUNCTION:ECDSA
@@ -3088,13 +3089,13 @@
BIO_dump_indent_fp 3511 EXIST::FUNCTION:FP_API
EC_KEY_set_group 3512 EXIST::FUNCTION:EC
BUF_strndup 3513 EXIST::FUNCTION:
-STORE_list_certificate_start 3514 EXIST::FUNCTION:
-BN_GF2m_mod 3515 EXIST::FUNCTION:
+STORE_list_certificate_start 3514 NOEXIST::FUNCTION:
+BN_GF2m_mod 3515 EXIST::FUNCTION:EC2M
X509_REQ_check_private_key 3516 EXIST::FUNCTION:
EC_GROUP_get_seed_len 3517 EXIST::FUNCTION:EC
-ERR_load_STORE_strings 3518 EXIST::FUNCTION:
+ERR_load_STORE_strings 3518 NOEXIST::FUNCTION:
PEM_read_bio_EC_PUBKEY 3519 EXIST::FUNCTION:EC
-STORE_list_private_key_end 3520 EXIST::FUNCTION:
+STORE_list_private_key_end 3520 NOEXIST::FUNCTION:
i2d_EC_PUBKEY 3521 EXIST::FUNCTION:EC
ECDSA_get_default_method 3522 EXIST::FUNCTION:ECDSA
ASN1_put_eoc 3523 EXIST::FUNCTION:
@@ -3101,52 +3102,52 @@
X509_STORE_CTX_get_explicit_policy 3524 EXIST:!VMS:FUNCTION:
X509_STORE_CTX_get_expl_policy 3524 EXIST:VMS:FUNCTION:
X509_VERIFY_PARAM_table_cleanup 3525 EXIST::FUNCTION:
-STORE_modify_private_key 3526 EXIST::FUNCTION:
+STORE_modify_private_key 3526 NOEXIST::FUNCTION:
X509_VERIFY_PARAM_free 3527 EXIST::FUNCTION:
EC_METHOD_get_field_type 3528 EXIST::FUNCTION:EC
EC_GFp_nist_method 3529 EXIST::FUNCTION:EC
-STORE_method_set_modify_function 3530 EXIST:!VMS:FUNCTION:
-STORE_meth_set_modify_fn 3530 EXIST:VMS:FUNCTION:
-STORE_parse_attrs_next 3531 EXIST::FUNCTION:
-ENGINE_load_padlock 3532 EXIST::FUNCTION:ENGINE
+STORE_meth_set_modify_fn 3530 NOEXIST::FUNCTION:
+STORE_method_set_modify_function 3530 NOEXIST::FUNCTION:
+STORE_parse_attrs_next 3531 NOEXIST::FUNCTION:
+ENGINE_load_padlock 3532 EXIST::FUNCTION:ENGINE,STATIC_ENGINE
EC_GROUP_set_curve_name 3533 EXIST::FUNCTION:EC
X509_CERT_PAIR_it 3534 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
X509_CERT_PAIR_it 3534 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-STORE_method_get_revoke_function 3535 EXIST:!VMS:FUNCTION:
-STORE_meth_get_revoke_fn 3535 EXIST:VMS:FUNCTION:
-STORE_method_set_get_function 3536 EXIST::FUNCTION:
-STORE_modify_number 3537 EXIST::FUNCTION:
-STORE_method_get_store_function 3538 EXIST::FUNCTION:
-STORE_store_private_key 3539 EXIST::FUNCTION:
-BN_GF2m_mod_sqr_arr 3540 EXIST::FUNCTION:
+STORE_meth_get_revoke_fn 3535 NOEXIST::FUNCTION:
+STORE_method_get_revoke_function 3535 NOEXIST::FUNCTION:
+STORE_method_set_get_function 3536 NOEXIST::FUNCTION:
+STORE_modify_number 3537 NOEXIST::FUNCTION:
+STORE_method_get_store_function 3538 NOEXIST::FUNCTION:
+STORE_store_private_key 3539 NOEXIST::FUNCTION:
+BN_GF2m_mod_sqr_arr 3540 EXIST::FUNCTION:EC2M
RSA_setup_blinding 3541 EXIST::FUNCTION:RSA
BIO_s_datagram 3542 EXIST::FUNCTION:DGRAM
-STORE_Memory 3543 EXIST::FUNCTION:
+STORE_Memory 3543 NOEXIST::FUNCTION:
sk_find_ex 3544 EXIST::FUNCTION:
-EC_GROUP_set_curve_GF2m 3545 EXIST::FUNCTION:EC
+EC_GROUP_set_curve_GF2m 3545 EXIST::FUNCTION:EC,EC2M
ENGINE_set_default_ECDSA 3546 EXIST::FUNCTION:ENGINE
POLICY_CONSTRAINTS_new 3547 EXIST::FUNCTION:
-BN_GF2m_mod_sqrt 3548 EXIST::FUNCTION:
+BN_GF2m_mod_sqrt 3548 EXIST::FUNCTION:EC2M
ECDH_set_default_method 3549 EXIST::FUNCTION:ECDH
EC_KEY_generate_key 3550 EXIST::FUNCTION:EC
SHA384_Update 3551 EXIST:!VMSVAX:FUNCTION:SHA,SHA512
-BN_GF2m_arr2poly 3552 EXIST::FUNCTION:
-STORE_method_get_get_function 3553 EXIST::FUNCTION:
-STORE_method_set_cleanup_function 3554 EXIST:!VMS:FUNCTION:
-STORE_meth_set_cleanup_fn 3554 EXIST:VMS:FUNCTION:
+BN_GF2m_arr2poly 3552 EXIST::FUNCTION:EC2M
+STORE_method_get_get_function 3553 NOEXIST::FUNCTION:
+STORE_meth_set_cleanup_fn 3554 NOEXIST::FUNCTION:
+STORE_method_set_cleanup_function 3554 NOEXIST::FUNCTION:
EC_GROUP_check 3555 EXIST::FUNCTION:EC
d2i_ECPrivateKey_bio 3556 EXIST::FUNCTION:BIO,EC
EC_KEY_insert_key_method_data 3557 EXIST::FUNCTION:EC
-STORE_method_get_lock_store_function 3558 EXIST:!VMS:FUNCTION:
-STORE_meth_get_lock_store_fn 3558 EXIST:VMS:FUNCTION:
+STORE_meth_get_lock_store_fn 3558 NOEXIST::FUNCTION:
+STORE_method_get_lock_store_function 3558 NOEXIST::FUNCTION:
X509_VERIFY_PARAM_get_depth 3559 EXIST::FUNCTION:
SHA224_Final 3560 EXIST::FUNCTION:SHA,SHA256
-STORE_method_set_update_store_function 3561 EXIST:!VMS:FUNCTION:
-STORE_meth_set_update_store_fn 3561 EXIST:VMS:FUNCTION:
+STORE_meth_set_update_store_fn 3561 NOEXIST::FUNCTION:
+STORE_method_set_update_store_function 3561 NOEXIST::FUNCTION:
SHA224_Update 3562 EXIST::FUNCTION:SHA,SHA256
d2i_ECPrivateKey 3563 EXIST::FUNCTION:EC
ASN1_item_ndef_i2d 3564 EXIST::FUNCTION:
-STORE_delete_private_key 3565 EXIST::FUNCTION:
+STORE_delete_private_key 3565 NOEXIST::FUNCTION:
ERR_pop_to_mark 3566 EXIST::FUNCTION:
ENGINE_register_all_STORE 3567 EXIST::FUNCTION:ENGINE
X509_policy_level_get0_node 3568 EXIST::FUNCTION:
@@ -3153,45 +3154,45 @@
i2d_PKCS7_NDEF 3569 EXIST::FUNCTION:
EC_GROUP_get_degree 3570 EXIST::FUNCTION:EC
ASN1_generate_v3 3571 EXIST::FUNCTION:
-STORE_ATTR_INFO_modify_cstr 3572 EXIST::FUNCTION:
+STORE_ATTR_INFO_modify_cstr 3572 NOEXIST::FUNCTION:
X509_policy_tree_level_count 3573 EXIST::FUNCTION:
-BN_GF2m_add 3574 EXIST::FUNCTION:
+BN_GF2m_add 3574 EXIST::FUNCTION:EC2M
EC_KEY_get0_group 3575 EXIST::FUNCTION:EC
-STORE_generate_crl 3576 EXIST::FUNCTION:
-STORE_store_public_key 3577 EXIST::FUNCTION:
+STORE_generate_crl 3576 NOEXIST::FUNCTION:
+STORE_store_public_key 3577 NOEXIST::FUNCTION:
X509_CERT_PAIR_free 3578 EXIST::FUNCTION:
-STORE_revoke_private_key 3579 EXIST::FUNCTION:
+STORE_revoke_private_key 3579 NOEXIST::FUNCTION:
BN_nist_mod_224 3580 EXIST::FUNCTION:
SHA512_Final 3581 EXIST:!VMSVAX:FUNCTION:SHA,SHA512
-STORE_ATTR_INFO_modify_dn 3582 EXIST::FUNCTION:
-STORE_method_get_initialise_function 3583 EXIST:!VMS:FUNCTION:
-STORE_meth_get_initialise_fn 3583 EXIST:VMS:FUNCTION:
-STORE_delete_number 3584 EXIST::FUNCTION:
+STORE_ATTR_INFO_modify_dn 3582 NOEXIST::FUNCTION:
+STORE_meth_get_initialise_fn 3583 NOEXIST::FUNCTION:
+STORE_method_get_initialise_function 3583 NOEXIST::FUNCTION:
+STORE_delete_number 3584 NOEXIST::FUNCTION:
i2d_EC_PUBKEY_bio 3585 EXIST::FUNCTION:BIO,EC
BIO_dgram_non_fatal_error 3586 EXIST::FUNCTION:
EC_GROUP_get_asn1_flag 3587 EXIST::FUNCTION:EC
-STORE_ATTR_INFO_in_ex 3588 EXIST::FUNCTION:
-STORE_list_crl_start 3589 EXIST::FUNCTION:
+STORE_ATTR_INFO_in_ex 3588 NOEXIST::FUNCTION:
+STORE_list_crl_start 3589 NOEXIST::FUNCTION:
ECDH_get_ex_new_index 3590 EXIST::FUNCTION:ECDH
-STORE_method_get_modify_function 3591 EXIST:!VMS:FUNCTION:
-STORE_meth_get_modify_fn 3591 EXIST:VMS:FUNCTION:
+STORE_meth_get_modify_fn 3591 NOEXIST::FUNCTION:
+STORE_method_get_modify_function 3591 NOEXIST::FUNCTION:
v2i_ASN1_BIT_STRING 3592 EXIST::FUNCTION:
-STORE_store_certificate 3593 EXIST::FUNCTION:
-OBJ_bsearch_ex 3594 EXIST::FUNCTION:
+STORE_store_certificate 3593 NOEXIST::FUNCTION:
+OBJ_bsearch_ex 3594 NOEXIST::FUNCTION:
X509_STORE_CTX_set_default 3595 EXIST::FUNCTION:
-STORE_ATTR_INFO_set_sha1str 3596 EXIST::FUNCTION:
-BN_GF2m_mod_inv 3597 EXIST::FUNCTION:
-BN_GF2m_mod_exp 3598 EXIST::FUNCTION:
-STORE_modify_public_key 3599 EXIST::FUNCTION:
-STORE_method_get_list_start_function 3600 EXIST:!VMS:FUNCTION:
-STORE_meth_get_list_start_fn 3600 EXIST:VMS:FUNCTION:
+STORE_ATTR_INFO_set_sha1str 3596 NOEXIST::FUNCTION:
+BN_GF2m_mod_inv 3597 EXIST::FUNCTION:EC2M
+BN_GF2m_mod_exp 3598 EXIST::FUNCTION:EC2M
+STORE_modify_public_key 3599 NOEXIST::FUNCTION:
+STORE_meth_get_list_start_fn 3600 NOEXIST::FUNCTION:
+STORE_method_get_list_start_function 3600 NOEXIST::FUNCTION:
EC_GROUP_get0_seed 3601 EXIST::FUNCTION:EC
-STORE_store_arbitrary 3602 EXIST::FUNCTION:
-STORE_method_set_unlock_store_function 3603 EXIST:!VMS:FUNCTION:
-STORE_meth_set_unlock_store_fn 3603 EXIST:VMS:FUNCTION:
-BN_GF2m_mod_div_arr 3604 EXIST::FUNCTION:
+STORE_store_arbitrary 3602 NOEXIST::FUNCTION:
+STORE_meth_set_unlock_store_fn 3603 NOEXIST::FUNCTION:
+STORE_method_set_unlock_store_function 3603 NOEXIST::FUNCTION:
+BN_GF2m_mod_div_arr 3604 EXIST::FUNCTION:EC2M
ENGINE_set_ECDSA 3605 EXIST::FUNCTION:ENGINE
-STORE_create_method 3606 EXIST::FUNCTION:
+STORE_create_method 3606 NOEXIST::FUNCTION:
ECPKParameters_print 3607 EXIST::FUNCTION:BIO,EC
EC_KEY_get0_private_key 3608 EXIST::FUNCTION:EC
PEM_write_EC_PUBKEY 3609 EXIST:!WIN16:FUNCTION:EC
@@ -3199,7 +3200,7 @@
ECDH_set_method 3611 EXIST::FUNCTION:ECDH
v2i_GENERAL_NAME_ex 3612 EXIST::FUNCTION:
ECDH_set_ex_data 3613 EXIST::FUNCTION:ECDH
-STORE_generate_key 3614 EXIST::FUNCTION:
+STORE_generate_key 3614 NOEXIST::FUNCTION:
BN_nist_mod_521 3615 EXIST::FUNCTION:
X509_policy_tree_get0_level 3616 EXIST::FUNCTION:
EC_GROUP_set_point_conversion_form 3617 EXIST:!VMS:FUNCTION:EC
@@ -3207,42 +3208,42 @@
PEM_read_EC_PUBKEY 3618 EXIST:!WIN16:FUNCTION:EC
i2d_ECDSA_SIG 3619 EXIST::FUNCTION:ECDSA
ECDSA_OpenSSL 3620 EXIST::FUNCTION:ECDSA
-STORE_delete_crl 3621 EXIST::FUNCTION:
+STORE_delete_crl 3621 NOEXIST::FUNCTION:
EC_KEY_get_enc_flags 3622 EXIST::FUNCTION:EC
ASN1_const_check_infinite_end 3623 EXIST::FUNCTION:
EVP_PKEY_delete_attr 3624 EXIST::FUNCTION:
ECDSA_set_default_method 3625 EXIST::FUNCTION:ECDSA
-EC_POINT_set_compressed_coordinates_GF2m 3626 EXIST:!VMS:FUNCTION:EC
-EC_POINT_set_compr_coords_GF2m 3626 EXIST:VMS:FUNCTION:EC
+EC_POINT_set_compressed_coordinates_GF2m 3626 EXIST:!VMS:FUNCTION:EC,EC2M
+EC_POINT_set_compr_coords_GF2m 3626 EXIST:VMS:FUNCTION:EC,EC2M
EC_GROUP_cmp 3627 EXIST::FUNCTION:EC
-STORE_revoke_certificate 3628 EXIST::FUNCTION:
+STORE_revoke_certificate 3628 NOEXIST::FUNCTION:
BN_get0_nist_prime_256 3629 EXIST::FUNCTION:
-STORE_method_get_delete_function 3630 EXIST:!VMS:FUNCTION:
-STORE_meth_get_delete_fn 3630 EXIST:VMS:FUNCTION:
+STORE_meth_get_delete_fn 3630 NOEXIST::FUNCTION:
+STORE_method_get_delete_function 3630 NOEXIST::FUNCTION:
SHA224_Init 3631 EXIST::FUNCTION:SHA,SHA256
PEM_read_ECPrivateKey 3632 EXIST:!WIN16:FUNCTION:EC
SHA512_Init 3633 EXIST:!VMSVAX:FUNCTION:SHA,SHA512
-STORE_parse_attrs_endp 3634 EXIST::FUNCTION:
+STORE_parse_attrs_endp 3634 NOEXIST::FUNCTION:
BN_set_negative 3635 EXIST::FUNCTION:
ERR_load_ECDSA_strings 3636 EXIST::FUNCTION:ECDSA
EC_GROUP_get_basis_type 3637 EXIST::FUNCTION:EC
-STORE_list_public_key_next 3638 EXIST::FUNCTION:
+STORE_list_public_key_next 3638 NOEXIST::FUNCTION:
i2v_ASN1_BIT_STRING 3639 EXIST::FUNCTION:
-STORE_OBJECT_free 3640 EXIST::FUNCTION:
+STORE_OBJECT_free 3640 NOEXIST::FUNCTION:
BN_nist_mod_384 3641 EXIST::FUNCTION:
i2d_X509_CERT_PAIR 3642 EXIST::FUNCTION:
PEM_write_ECPKParameters 3643 EXIST:!WIN16:FUNCTION:EC
ECDH_compute_key 3644 EXIST::FUNCTION:ECDH
-STORE_ATTR_INFO_get0_sha1str 3645 EXIST::FUNCTION:
+STORE_ATTR_INFO_get0_sha1str 3645 NOEXIST::FUNCTION:
ENGINE_register_all_ECDH 3646 EXIST::FUNCTION:ENGINE
pqueue_pop 3647 EXIST::FUNCTION:
-STORE_ATTR_INFO_get0_cstr 3648 EXIST::FUNCTION:
+STORE_ATTR_INFO_get0_cstr 3648 NOEXIST::FUNCTION:
POLICY_CONSTRAINTS_it 3649 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
POLICY_CONSTRAINTS_it 3649 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-STORE_get_ex_new_index 3650 EXIST::FUNCTION:
+STORE_get_ex_new_index 3650 NOEXIST::FUNCTION:
EVP_PKEY_get_attr_by_OBJ 3651 EXIST::FUNCTION:
X509_VERIFY_PARAM_add0_policy 3652 EXIST::FUNCTION:
-BN_GF2m_mod_solve_quad 3653 EXIST::FUNCTION:
+BN_GF2m_mod_solve_quad 3653 EXIST::FUNCTION:EC2M
SHA256 3654 EXIST::FUNCTION:SHA,SHA256
i2d_ECPrivateKey_fp 3655 EXIST::FUNCTION:EC,FP_API
X509_policy_tree_get0_user_policies 3656 EXIST:!VMS:FUNCTION:
@@ -3250,8 +3251,8 @@
OPENSSL_DIR_read 3657 EXIST::FUNCTION:
ENGINE_register_all_ECDSA 3658 EXIST::FUNCTION:ENGINE
X509_VERIFY_PARAM_lookup 3659 EXIST::FUNCTION:
-EC_POINT_get_affine_coordinates_GF2m 3660 EXIST:!VMS:FUNCTION:EC
-EC_POINT_get_affine_coords_GF2m 3660 EXIST:VMS:FUNCTION:EC
+EC_POINT_get_affine_coordinates_GF2m 3660 EXIST:!VMS:FUNCTION:EC,EC2M
+EC_POINT_get_affine_coords_GF2m 3660 EXIST:VMS:FUNCTION:EC,EC2M
EC_GROUP_dup 3661 EXIST::FUNCTION:EC
ENGINE_get_default_ECDSA 3662 EXIST::FUNCTION:ENGINE
EC_KEY_new 3663 EXIST::FUNCTION:EC
@@ -3261,19 +3262,19 @@
EC_POINT_point2hex 3667 EXIST::FUNCTION:EC
ENGINE_get_STORE 3668 EXIST::FUNCTION:ENGINE
SHA512 3669 EXIST:!VMSVAX:FUNCTION:SHA,SHA512
-STORE_get_certificate 3670 EXIST::FUNCTION:
+STORE_get_certificate 3670 NOEXIST::FUNCTION:
ECDSA_do_sign_ex 3671 EXIST::FUNCTION:ECDSA
ECDSA_do_verify 3672 EXIST::FUNCTION:ECDSA
d2i_ECPrivateKey_fp 3673 EXIST::FUNCTION:EC,FP_API
-STORE_delete_certificate 3674 EXIST::FUNCTION:
+STORE_delete_certificate 3674 NOEXIST::FUNCTION:
SHA512_Transform 3675 EXIST:!VMSVAX:FUNCTION:SHA,SHA512
X509_STORE_set1_param 3676 EXIST::FUNCTION:
-STORE_method_get_ctrl_function 3677 EXIST::FUNCTION:
-STORE_free 3678 EXIST::FUNCTION:
+STORE_method_get_ctrl_function 3677 NOEXIST::FUNCTION:
+STORE_free 3678 NOEXIST::FUNCTION:
PEM_write_ECPrivateKey 3679 EXIST:!WIN16:FUNCTION:EC
-STORE_method_get_unlock_store_function 3680 EXIST:!VMS:FUNCTION:
-STORE_meth_get_unlock_store_fn 3680 EXIST:VMS:FUNCTION:
-STORE_get_ex_data 3681 EXIST::FUNCTION:
+STORE_meth_get_unlock_store_fn 3680 NOEXIST::FUNCTION:
+STORE_method_get_unlock_store_function 3680 NOEXIST::FUNCTION:
+STORE_get_ex_data 3681 NOEXIST::FUNCTION:
EC_KEY_set_public_key 3682 EXIST::FUNCTION:EC
PEM_read_ECPKParameters 3683 EXIST:!WIN16:FUNCTION:EC
X509_CERT_PAIR_new 3684 EXIST::FUNCTION:
@@ -3283,8 +3284,8 @@
ECParameters_print_fp 3688 EXIST::FUNCTION:EC,FP_API
X509V3_NAME_from_section 3689 EXIST::FUNCTION:
EVP_PKEY_add1_attr 3690 EXIST::FUNCTION:
-STORE_modify_crl 3691 EXIST::FUNCTION:
-STORE_list_private_key_start 3692 EXIST::FUNCTION:
+STORE_modify_crl 3691 NOEXIST::FUNCTION:
+STORE_list_private_key_start 3692 NOEXIST::FUNCTION:
POLICY_MAPPINGS_it 3693 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
POLICY_MAPPINGS_it 3693 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
GENERAL_SUBTREE_it 3694 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
@@ -3293,7 +3294,7 @@
PEM_write_X509_CERT_PAIR 3696 EXIST:!WIN16:FUNCTION:
BIO_dump_indent_cb 3697 EXIST::FUNCTION:
d2i_X509_CERT_PAIR 3698 EXIST::FUNCTION:
-STORE_list_private_key_endp 3699 EXIST::FUNCTION:
+STORE_list_private_key_endp 3699 NOEXIST::FUNCTION:
asn1_const_Finish 3700 EXIST::FUNCTION:
i2d_EC_PUBKEY_fp 3701 EXIST::FUNCTION:EC,FP_API
BN_nist_mod_256 3702 EXIST::FUNCTION:
@@ -3303,14 +3304,14 @@
ECDSA_size 3706 EXIST::FUNCTION:ECDSA
d2i_EC_PUBKEY_bio 3707 EXIST::FUNCTION:BIO,EC
BN_get0_nist_prime_521 3708 EXIST::FUNCTION:
-STORE_ATTR_INFO_modify_sha1str 3709 EXIST::FUNCTION:
+STORE_ATTR_INFO_modify_sha1str 3709 NOEXIST::FUNCTION:
BN_generate_prime_ex 3710 EXIST::FUNCTION:
EC_GROUP_new_by_curve_name 3711 EXIST::FUNCTION:EC
SHA256_Final 3712 EXIST::FUNCTION:SHA,SHA256
DH_generate_parameters_ex 3713 EXIST::FUNCTION:DH
PEM_read_bio_ECPrivateKey 3714 EXIST::FUNCTION:EC
-STORE_method_get_cleanup_function 3715 EXIST:!VMS:FUNCTION:
-STORE_meth_get_cleanup_fn 3715 EXIST:VMS:FUNCTION:
+STORE_meth_get_cleanup_fn 3715 NOEXIST::FUNCTION:
+STORE_method_get_cleanup_function 3715 NOEXIST::FUNCTION:
ENGINE_get_ECDH 3716 EXIST::FUNCTION:ENGINE
d2i_ECDSA_SIG 3717 EXIST::FUNCTION:ECDSA
BN_is_prime_fasttest_ex 3718 EXIST::FUNCTION:
@@ -3317,12 +3318,12 @@
ECDSA_sign 3719 EXIST::FUNCTION:ECDSA
X509_policy_check 3720 EXIST::FUNCTION:
EVP_PKEY_get_attr_by_NID 3721 EXIST::FUNCTION:
-STORE_set_ex_data 3722 EXIST::FUNCTION:
+STORE_set_ex_data 3722 NOEXIST::FUNCTION:
ENGINE_get_ECDSA 3723 EXIST::FUNCTION:ENGINE
EVP_ecdsa 3724 EXIST::FUNCTION:SHA
BN_BLINDING_get_flags 3725 EXIST::FUNCTION:
PKCS12_add_cert 3726 EXIST::FUNCTION:
-STORE_OBJECT_new 3727 EXIST::FUNCTION:
+STORE_OBJECT_new 3727 NOEXIST::FUNCTION:
ERR_load_ECDH_strings 3728 EXIST::FUNCTION:ECDH
EC_KEY_dup 3729 EXIST::FUNCTION:EC
EVP_CIPHER_CTX_rand_key 3730 EXIST::FUNCTION:
@@ -3329,21 +3330,21 @@
ECDSA_set_method 3731 EXIST::FUNCTION:ECDSA
a2i_IPADDRESS_NC 3732 EXIST::FUNCTION:
d2i_ECParameters 3733 EXIST::FUNCTION:EC
-STORE_list_certificate_end 3734 EXIST::FUNCTION:
-STORE_get_crl 3735 EXIST::FUNCTION:
+STORE_list_certificate_end 3734 NOEXIST::FUNCTION:
+STORE_get_crl 3735 NOEXIST::FUNCTION:
X509_POLICY_NODE_print 3736 EXIST::FUNCTION:
SHA384_Init 3737 EXIST:!VMSVAX:FUNCTION:SHA,SHA512
-EC_GF2m_simple_method 3738 EXIST::FUNCTION:EC
+EC_GF2m_simple_method 3738 EXIST::FUNCTION:EC,EC2M
ECDSA_set_ex_data 3739 EXIST::FUNCTION:ECDSA
SHA384_Final 3740 EXIST:!VMSVAX:FUNCTION:SHA,SHA512
PKCS7_set_digest 3741 EXIST::FUNCTION:
EC_KEY_print 3742 EXIST::FUNCTION:BIO,EC
-STORE_method_set_lock_store_function 3743 EXIST:!VMS:FUNCTION:
-STORE_meth_set_lock_store_fn 3743 EXIST:VMS:FUNCTION:
+STORE_meth_set_lock_store_fn 3743 NOEXIST::FUNCTION:
+STORE_method_set_lock_store_function 3743 NOEXIST::FUNCTION:
ECDSA_get_ex_new_index 3744 EXIST::FUNCTION:ECDSA
SHA384 3745 EXIST:!VMSVAX:FUNCTION:SHA,SHA512
POLICY_MAPPING_new 3746 EXIST::FUNCTION:
-STORE_list_certificate_endp 3747 EXIST::FUNCTION:
+STORE_list_certificate_endp 3747 NOEXIST::FUNCTION:
X509_STORE_CTX_get0_policy_tree 3748 EXIST::FUNCTION:
EC_GROUP_set_asn1_flag 3749 EXIST::FUNCTION:EC
EC_KEY_check_key 3750 EXIST::FUNCTION:EC
@@ -3351,13 +3352,13 @@
PKCS7_set0_type_other 3752 EXIST::FUNCTION:
PEM_read_bio_X509_CERT_PAIR 3753 EXIST::FUNCTION:
pqueue_next 3754 EXIST::FUNCTION:
-STORE_method_get_list_end_function 3755 EXIST:!VMS:FUNCTION:
-STORE_meth_get_list_end_fn 3755 EXIST:VMS:FUNCTION:
+STORE_meth_get_list_end_fn 3755 NOEXIST::FUNCTION:
+STORE_method_get_list_end_function 3755 NOEXIST::FUNCTION:
EVP_PKEY_add1_attr_by_OBJ 3756 EXIST::FUNCTION:
X509_VERIFY_PARAM_set_time 3757 EXIST::FUNCTION:
pqueue_new 3758 EXIST::FUNCTION:
ENGINE_set_default_ECDH 3759 EXIST::FUNCTION:ENGINE
-STORE_new_method 3760 EXIST::FUNCTION:
+STORE_new_method 3760 NOEXIST::FUNCTION:
PKCS12_add_key 3761 EXIST::FUNCTION:
DSO_merge 3762 EXIST::FUNCTION:
EC_POINT_hex2point 3763 EXIST::FUNCTION:EC
@@ -3365,9 +3366,9 @@
SHA256_Update 3765 EXIST::FUNCTION:SHA,SHA256
pqueue_insert 3766 EXIST::FUNCTION:
pitem_free 3767 EXIST::FUNCTION:
-BN_GF2m_mod_inv_arr 3768 EXIST::FUNCTION:
+BN_GF2m_mod_inv_arr 3768 EXIST::FUNCTION:EC2M
ENGINE_unregister_ECDSA 3769 EXIST::FUNCTION:ENGINE
-BN_BLINDING_set_thread_id 3770 EXIST::FUNCTION:
+BN_BLINDING_set_thread_id 3770 EXIST::FUNCTION:DEPRECATED
get_rfc3526_prime_8192 3771 EXIST::FUNCTION:
X509_VERIFY_PARAM_clear_flags 3772 EXIST::FUNCTION:
get_rfc2409_prime_1024 3773 EXIST::FUNCTION:
@@ -3386,7 +3387,7 @@
Camellia_cfb1_encrypt 3786 EXIST::FUNCTION:CAMELLIA
Camellia_cfb8_encrypt 3787 EXIST::FUNCTION:CAMELLIA
Camellia_ctr128_encrypt 3788 EXIST::FUNCTION:CAMELLIA
-Camellia_cfbr_encrypt_block 3789 EXIST::FUNCTION:CAMELLIA
+Camellia_cfbr_encrypt_block 3789 NOEXIST::FUNCTION:
Camellia_decrypt 3790 EXIST::FUNCTION:CAMELLIA
Camellia_ecb_encrypt 3791 EXIST::FUNCTION:CAMELLIA
Camellia_encrypt 3792 EXIST::FUNCTION:CAMELLIA
@@ -3588,7 +3589,7 @@
i2d_CMS_bio 3976 EXIST::FUNCTION:CMS
CMS_EncryptedData_set1_key 3977 EXIST::FUNCTION:CMS
CMS_decrypt 3978 EXIST::FUNCTION:CMS
-int_smime_write_ASN1 3979 EXIST::FUNCTION:
+int_smime_write_ASN1 3979 NOEXIST::FUNCTION:
CMS_unsigned_delete_attr 3980 EXIST::FUNCTION:CMS
CMS_unsigned_get_attr_count 3981 EXIST::FUNCTION:CMS
CMS_add_smimecap 3982 EXIST::FUNCTION:CMS
@@ -3660,51 +3661,50 @@
ENGINE_get_ssl_client_cert_function 4045 EXIST:!VMS:FUNCTION:ENGINE
ENGINE_get_ssl_client_cert_fn 4045 EXIST:VMS:FUNCTION:ENGINE
ENGINE_load_ssl_client_cert 4046 EXIST::FUNCTION:ENGINE
-ENGINE_load_capi 4047 EXIST:WIN32:FUNCTION:CAPIENG,ENGINE,STATIC_ENGINE
+ENGINE_load_capi 4047 EXIST::FUNCTION:ENGINE,STATIC_ENGINE
OPENSSL_isservice 4048 EXIST::FUNCTION:
-FIPS_dsa_sig_decode 4049 EXIST:OPENSSL_FIPS:FUNCTION:DSA
+FIPS_dsa_sig_decode 4049 NOEXIST::FUNCTION:
EVP_CIPHER_CTX_clear_flags 4050 EXIST::FUNCTION:
-FIPS_rand_status 4051 EXIST:OPENSSL_FIPS:FUNCTION:
-FIPS_rand_set_key 4052 EXIST:OPENSSL_FIPS:FUNCTION:
-CRYPTO_set_mem_info_functions 4053 EXIST::FUNCTION:
-RSA_X931_generate_key_ex 4054 EXIST::FUNCTION:RSA
-int_ERR_set_state_func 4055 EXIST:OPENSSL_FIPS:FUNCTION:
-int_EVP_MD_set_engine_callbacks 4056 EXIST:OPENSSL_FIPS:FUNCTION:ENGINE
-int_CRYPTO_set_do_dynlock_callback 4057 EXIST:!VMS:FUNCTION:
-int_CRYPTO_set_do_dynlock_cb 4057 EXIST:VMS:FUNCTION:
-FIPS_rng_stick 4058 EXIST:OPENSSL_FIPS:FUNCTION:
+FIPS_rand_status 4051 NOEXIST::FUNCTION:
+FIPS_rand_set_key 4052 NOEXIST::FUNCTION:
+CRYPTO_set_mem_info_functions 4053 NOEXIST::FUNCTION:
+RSA_X931_generate_key_ex 4054 NOEXIST::FUNCTION:
+int_ERR_set_state_func 4055 NOEXIST::FUNCTION:
+int_EVP_MD_set_engine_callbacks 4056 NOEXIST::FUNCTION:
+int_CRYPTO_set_do_dynlock_callback 4057 NOEXIST::FUNCTION:
+FIPS_rng_stick 4058 NOEXIST::FUNCTION:
EVP_CIPHER_CTX_set_flags 4059 EXIST::FUNCTION:
BN_X931_generate_prime_ex 4060 EXIST::FUNCTION:
-FIPS_selftest_check 4061 EXIST:OPENSSL_FIPS:FUNCTION:
-FIPS_rand_set_dt 4062 EXIST:OPENSSL_FIPS:FUNCTION:
-CRYPTO_dbg_pop_info 4063 EXIST::FUNCTION:
-FIPS_dsa_free 4064 EXIST:OPENSSL_FIPS:FUNCTION:DSA
-RSA_X931_derive_ex 4065 EXIST::FUNCTION:RSA
-FIPS_rsa_new 4066 EXIST:OPENSSL_FIPS:FUNCTION:RSA
-FIPS_rand_bytes 4067 EXIST:OPENSSL_FIPS:FUNCTION:
-fips_cipher_test 4068 EXIST:OPENSSL_FIPS:FUNCTION:
+FIPS_selftest_check 4061 NOEXIST::FUNCTION:
+FIPS_rand_set_dt 4062 NOEXIST::FUNCTION:
+CRYPTO_dbg_pop_info 4063 NOEXIST::FUNCTION:
+FIPS_dsa_free 4064 NOEXIST::FUNCTION:
+RSA_X931_derive_ex 4065 NOEXIST::FUNCTION:
+FIPS_rsa_new 4066 NOEXIST::FUNCTION:
+FIPS_rand_bytes 4067 NOEXIST::FUNCTION:
+fips_cipher_test 4068 NOEXIST::FUNCTION:
EVP_CIPHER_CTX_test_flags 4069 EXIST::FUNCTION:
-CRYPTO_malloc_debug_init 4070 EXIST::FUNCTION:
-CRYPTO_dbg_push_info 4071 EXIST::FUNCTION:
-FIPS_corrupt_rsa_keygen 4072 EXIST:OPENSSL_FIPS:FUNCTION:
-FIPS_dh_new 4073 EXIST:OPENSSL_FIPS:FUNCTION:DH
-FIPS_corrupt_dsa_keygen 4074 EXIST:OPENSSL_FIPS:FUNCTION:
-FIPS_dh_free 4075 EXIST:OPENSSL_FIPS:FUNCTION:DH
-fips_pkey_signature_test 4076 EXIST:OPENSSL_FIPS:FUNCTION:
+CRYPTO_malloc_debug_init 4070 NOEXIST::FUNCTION:
+CRYPTO_dbg_push_info 4071 NOEXIST::FUNCTION:
+FIPS_corrupt_rsa_keygen 4072 NOEXIST::FUNCTION:
+FIPS_dh_new 4073 NOEXIST::FUNCTION:
+FIPS_corrupt_dsa_keygen 4074 NOEXIST::FUNCTION:
+FIPS_dh_free 4075 NOEXIST::FUNCTION:
+fips_pkey_signature_test 4076 NOEXIST::FUNCTION:
EVP_add_alg_module 4077 EXIST::FUNCTION:
-int_RAND_init_engine_callbacks 4078 EXIST:OPENSSL_FIPS:FUNCTION:ENGINE
-int_EVP_CIPHER_set_engine_callbacks 4079 EXIST:OPENSSL_FIPS:FUNCTION:ENGINE
-int_EVP_MD_init_engine_callbacks 4080 EXIST:OPENSSL_FIPS:FUNCTION:ENGINE
-FIPS_rand_test_mode 4081 EXIST:OPENSSL_FIPS:FUNCTION:
-FIPS_rand_reset 4082 EXIST:OPENSSL_FIPS:FUNCTION:
-FIPS_dsa_new 4083 EXIST:OPENSSL_FIPS:FUNCTION:DSA
-int_RAND_set_callbacks 4084 EXIST:OPENSSL_FIPS:FUNCTION:ENGINE
+int_RAND_init_engine_callbacks 4078 NOEXIST::FUNCTION:
+int_EVP_CIPHER_set_engine_callbacks 4079 NOEXIST::FUNCTION:
+int_EVP_MD_init_engine_callbacks 4080 NOEXIST::FUNCTION:
+FIPS_rand_test_mode 4081 NOEXIST::FUNCTION:
+FIPS_rand_reset 4082 NOEXIST::FUNCTION:
+FIPS_dsa_new 4083 NOEXIST::FUNCTION:
+int_RAND_set_callbacks 4084 NOEXIST::FUNCTION:
BN_X931_derive_prime_ex 4085 EXIST::FUNCTION:
-int_ERR_lib_init 4086 EXIST:OPENSSL_FIPS:FUNCTION:
-int_EVP_CIPHER_init_engine_callbacks 4087 EXIST:OPENSSL_FIPS:FUNCTION:ENGINE
-FIPS_rsa_free 4088 EXIST:OPENSSL_FIPS:FUNCTION:RSA
-FIPS_dsa_sig_encode 4089 EXIST:OPENSSL_FIPS:FUNCTION:DSA
-CRYPTO_dbg_remove_all_info 4090 EXIST::FUNCTION:
+int_ERR_lib_init 4086 NOEXIST::FUNCTION:
+int_EVP_CIPHER_init_engine_callbacks 4087 NOEXIST::FUNCTION:
+FIPS_rsa_free 4088 NOEXIST::FUNCTION:
+FIPS_dsa_sig_encode 4089 NOEXIST::FUNCTION:
+CRYPTO_dbg_remove_all_info 4090 NOEXIST::FUNCTION:
OPENSSL_init 4091 EXIST::FUNCTION:
private_Camellia_set_key 4092 EXIST:OPENSSL_FIPS:FUNCTION:CAMELLIA
CRYPTO_strdup 4093 EXIST::FUNCTION:
@@ -3729,6 +3729,588 @@
ERR_load_JPAKE_strings 4112 EXIST::FUNCTION:JPAKE
JPAKE_STEP2_init 4113 EXIST::FUNCTION:JPAKE
pqueue_size 4114 EXIST::FUNCTION:
-OPENSSL_uni2asc 4115 EXIST:NETWARE:FUNCTION:
-OPENSSL_asc2uni 4116 EXIST:NETWARE:FUNCTION:
+i2d_TS_ACCURACY 4115 EXIST::FUNCTION:
+i2d_TS_MSG_IMPRINT_fp 4116 EXIST::FUNCTION:
+i2d_TS_MSG_IMPRINT 4117 EXIST::FUNCTION:
+EVP_PKEY_print_public 4118 EXIST::FUNCTION:
+EVP_PKEY_CTX_new 4119 EXIST::FUNCTION:
+i2d_TS_TST_INFO 4120 EXIST::FUNCTION:
+EVP_PKEY_asn1_find 4121 EXIST::FUNCTION:
+DSO_METHOD_beos 4122 EXIST::FUNCTION:
+TS_CONF_load_cert 4123 EXIST::FUNCTION:
+TS_REQ_get_ext 4124 EXIST::FUNCTION:
+EVP_PKEY_sign_init 4125 EXIST::FUNCTION:
+ASN1_item_print 4126 EXIST::FUNCTION:
+TS_TST_INFO_set_nonce 4127 EXIST::FUNCTION:
+TS_RESP_dup 4128 EXIST::FUNCTION:
+ENGINE_register_pkey_meths 4129 EXIST::FUNCTION:ENGINE
+EVP_PKEY_asn1_add0 4130 EXIST::FUNCTION:
+PKCS7_add0_attrib_signing_time 4131 EXIST::FUNCTION:
+i2d_TS_TST_INFO_fp 4132 EXIST::FUNCTION:
+BIO_asn1_get_prefix 4133 EXIST::FUNCTION:
+TS_TST_INFO_set_time 4134 EXIST::FUNCTION:
+EVP_PKEY_meth_set_decrypt 4135 EXIST::FUNCTION:
+EVP_PKEY_set_type_str 4136 EXIST::FUNCTION:
+EVP_PKEY_CTX_get_keygen_info 4137 EXIST::FUNCTION:
+TS_REQ_set_policy_id 4138 EXIST::FUNCTION:
+d2i_TS_RESP_fp 4139 EXIST::FUNCTION:
+ENGINE_get_pkey_asn1_meth_engine 4140 EXIST:!VMS:FUNCTION:ENGINE
+ENGINE_get_pkey_asn1_meth_eng 4140 EXIST:VMS:FUNCTION:ENGINE
+WHIRLPOOL_Init 4141 EXIST:!VMSVAX:FUNCTION:WHIRLPOOL
+TS_RESP_set_status_info 4142 EXIST::FUNCTION:
+EVP_PKEY_keygen 4143 EXIST::FUNCTION:
+EVP_DigestSignInit 4144 EXIST::FUNCTION:
+TS_ACCURACY_set_millis 4145 EXIST::FUNCTION:
+TS_REQ_dup 4146 EXIST::FUNCTION:
+GENERAL_NAME_dup 4147 EXIST::FUNCTION:
+ASN1_SEQUENCE_ANY_it 4148 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_SEQUENCE_ANY_it 4148 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+WHIRLPOOL 4149 EXIST:!VMSVAX:FUNCTION:WHIRLPOOL
+X509_STORE_get1_crls 4150 EXIST::FUNCTION:
+ENGINE_get_pkey_asn1_meth 4151 EXIST::FUNCTION:ENGINE
+EVP_PKEY_asn1_new 4152 EXIST::FUNCTION:
+BIO_new_NDEF 4153 EXIST::FUNCTION:
+ENGINE_get_pkey_meth 4154 EXIST::FUNCTION:ENGINE
+TS_MSG_IMPRINT_set_algo 4155 EXIST::FUNCTION:
+i2d_TS_TST_INFO_bio 4156 EXIST::FUNCTION:
+TS_TST_INFO_set_ordering 4157 EXIST::FUNCTION:
+TS_TST_INFO_get_ext_by_OBJ 4158 EXIST::FUNCTION:
+CRYPTO_THREADID_set_pointer 4159 EXIST::FUNCTION:
+TS_CONF_get_tsa_section 4160 EXIST::FUNCTION:
+SMIME_write_ASN1 4161 EXIST::FUNCTION:
+TS_RESP_CTX_set_signer_key 4162 EXIST::FUNCTION:
+EVP_PKEY_encrypt_old 4163 EXIST::FUNCTION:
+EVP_PKEY_encrypt_init 4164 EXIST::FUNCTION:
+CRYPTO_THREADID_cpy 4165 EXIST::FUNCTION:
+ASN1_PCTX_get_cert_flags 4166 EXIST::FUNCTION:
+i2d_ESS_SIGNING_CERT 4167 EXIST::FUNCTION:
+TS_CONF_load_key 4168 EXIST::FUNCTION:
+i2d_ASN1_SEQUENCE_ANY 4169 EXIST::FUNCTION:
+d2i_TS_MSG_IMPRINT_bio 4170 EXIST::FUNCTION:
+EVP_PKEY_asn1_set_public 4171 EXIST::FUNCTION:
+b2i_PublicKey_bio 4172 EXIST::FUNCTION:
+BIO_asn1_set_prefix 4173 EXIST::FUNCTION:
+EVP_PKEY_new_mac_key 4174 EXIST::FUNCTION:
+BIO_new_CMS 4175 EXIST::FUNCTION:CMS
+CRYPTO_THREADID_cmp 4176 EXIST::FUNCTION:
+TS_REQ_ext_free 4177 EXIST::FUNCTION:
+EVP_PKEY_asn1_set_free 4178 EXIST::FUNCTION:
+EVP_PKEY_get0_asn1 4179 EXIST::FUNCTION:
+d2i_NETSCAPE_X509 4180 EXIST::FUNCTION:
+EVP_PKEY_verify_recover_init 4181 EXIST::FUNCTION:
+EVP_PKEY_CTX_set_data 4182 EXIST::FUNCTION:
+EVP_PKEY_keygen_init 4183 EXIST::FUNCTION:
+TS_RESP_CTX_set_status_info 4184 EXIST::FUNCTION:
+TS_MSG_IMPRINT_get_algo 4185 EXIST::FUNCTION:
+TS_REQ_print_bio 4186 EXIST::FUNCTION:
+EVP_PKEY_CTX_ctrl_str 4187 EXIST::FUNCTION:
+EVP_PKEY_get_default_digest_nid 4188 EXIST::FUNCTION:
+PEM_write_bio_PKCS7_stream 4189 EXIST::FUNCTION:
+TS_MSG_IMPRINT_print_bio 4190 EXIST::FUNCTION:
+BN_asc2bn 4191 EXIST::FUNCTION:
+TS_REQ_get_policy_id 4192 EXIST::FUNCTION:
+ENGINE_set_default_pkey_asn1_meths 4193 EXIST:!VMS:FUNCTION:ENGINE
+ENGINE_set_def_pkey_asn1_meths 4193 EXIST:VMS:FUNCTION:ENGINE
+d2i_TS_ACCURACY 4194 EXIST::FUNCTION:
+DSO_global_lookup 4195 EXIST::FUNCTION:
+TS_CONF_set_tsa_name 4196 EXIST::FUNCTION:
+i2d_ASN1_SET_ANY 4197 EXIST::FUNCTION:
+ENGINE_load_gost 4198 EXIST::FUNCTION:ENGINE,GOST,STATIC_ENGINE
+WHIRLPOOL_BitUpdate 4199 EXIST:!VMSVAX:FUNCTION:WHIRLPOOL
+ASN1_PCTX_get_flags 4200 EXIST::FUNCTION:
+TS_TST_INFO_get_ext_by_NID 4201 EXIST::FUNCTION:
+TS_RESP_new 4202 EXIST::FUNCTION:
+ESS_CERT_ID_dup 4203 EXIST::FUNCTION:
+TS_STATUS_INFO_dup 4204 EXIST::FUNCTION:
+TS_REQ_delete_ext 4205 EXIST::FUNCTION:
+EVP_DigestVerifyFinal 4206 EXIST::FUNCTION:
+EVP_PKEY_print_params 4207 EXIST::FUNCTION:
+i2d_CMS_bio_stream 4208 EXIST::FUNCTION:CMS
+TS_REQ_get_msg_imprint 4209 EXIST::FUNCTION:
+OBJ_find_sigid_by_algs 4210 EXIST::FUNCTION:
+TS_TST_INFO_get_serial 4211 EXIST::FUNCTION:
+TS_REQ_get_nonce 4212 EXIST::FUNCTION:
+X509_PUBKEY_set0_param 4213 EXIST::FUNCTION:
+EVP_PKEY_CTX_set0_keygen_info 4214 EXIST::FUNCTION:
+DIST_POINT_set_dpname 4215 EXIST::FUNCTION:
+i2d_ISSUING_DIST_POINT 4216 EXIST::FUNCTION:
+ASN1_SET_ANY_it 4217 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_SET_ANY_it 4217 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+EVP_PKEY_CTX_get_data 4218 EXIST::FUNCTION:
+TS_STATUS_INFO_print_bio 4219 EXIST::FUNCTION:
+EVP_PKEY_derive_init 4220 EXIST::FUNCTION:
+d2i_TS_TST_INFO 4221 EXIST::FUNCTION:
+EVP_PKEY_asn1_add_alias 4222 EXIST::FUNCTION:
+d2i_TS_RESP_bio 4223 EXIST::FUNCTION:
+OTHERNAME_cmp 4224 EXIST::FUNCTION:
+GENERAL_NAME_set0_value 4225 EXIST::FUNCTION:
+PKCS7_RECIP_INFO_get0_alg 4226 EXIST::FUNCTION:
+TS_RESP_CTX_new 4227 EXIST::FUNCTION:
+TS_RESP_set_tst_info 4228 EXIST::FUNCTION:
+PKCS7_final 4229 EXIST::FUNCTION:
+EVP_PKEY_base_id 4230 EXIST::FUNCTION:
+TS_RESP_CTX_set_signer_cert 4231 EXIST::FUNCTION:
+TS_REQ_set_msg_imprint 4232 EXIST::FUNCTION:
+EVP_PKEY_CTX_ctrl 4233 EXIST::FUNCTION:
+TS_CONF_set_digests 4234 EXIST::FUNCTION:
+d2i_TS_MSG_IMPRINT 4235 EXIST::FUNCTION:
+EVP_PKEY_meth_set_ctrl 4236 EXIST::FUNCTION:
+TS_REQ_get_ext_by_NID 4237 EXIST::FUNCTION:
+PKCS5_pbe_set0_algor 4238 EXIST::FUNCTION:
+BN_BLINDING_thread_id 4239 EXIST::FUNCTION:
+TS_ACCURACY_new 4240 EXIST::FUNCTION:
+X509_CRL_METHOD_free 4241 EXIST::FUNCTION:
+ASN1_PCTX_get_nm_flags 4242 EXIST::FUNCTION:
+EVP_PKEY_meth_set_sign 4243 EXIST::FUNCTION:
+CRYPTO_THREADID_current 4244 EXIST::FUNCTION:
+EVP_PKEY_decrypt_init 4245 EXIST::FUNCTION:
+NETSCAPE_X509_free 4246 EXIST::FUNCTION:
+i2b_PVK_bio 4247 EXIST::FUNCTION:RC4
+EVP_PKEY_print_private 4248 EXIST::FUNCTION:
+GENERAL_NAME_get0_value 4249 EXIST::FUNCTION:
+b2i_PVK_bio 4250 EXIST::FUNCTION:RC4
+ASN1_UTCTIME_adj 4251 EXIST::FUNCTION:
+TS_TST_INFO_new 4252 EXIST::FUNCTION:
+EVP_MD_do_all_sorted 4253 EXIST::FUNCTION:
+TS_CONF_set_default_engine 4254 EXIST::FUNCTION:
+TS_ACCURACY_set_seconds 4255 EXIST::FUNCTION:
+TS_TST_INFO_get_time 4256 EXIST::FUNCTION:
+PKCS8_pkey_get0 4257 EXIST::FUNCTION:
+EVP_PKEY_asn1_get0 4258 EXIST::FUNCTION:
+OBJ_add_sigid 4259 EXIST::FUNCTION:
+PKCS7_SIGNER_INFO_sign 4260 EXIST::FUNCTION:
+EVP_PKEY_paramgen_init 4261 EXIST::FUNCTION:
+EVP_PKEY_sign 4262 EXIST::FUNCTION:
+OBJ_sigid_free 4263 EXIST::FUNCTION:
+EVP_PKEY_meth_set_init 4264 EXIST::FUNCTION:
+d2i_ESS_ISSUER_SERIAL 4265 EXIST::FUNCTION:
+ISSUING_DIST_POINT_new 4266 EXIST::FUNCTION:
+ASN1_TIME_adj 4267 EXIST::FUNCTION:
+TS_OBJ_print_bio 4268 EXIST::FUNCTION:
+EVP_PKEY_meth_set_verify_recover 4269 EXIST:!VMS:FUNCTION:
+EVP_PKEY_meth_set_vrfy_recover 4269 EXIST:VMS:FUNCTION:
+TS_RESP_get_status_info 4270 EXIST::FUNCTION:
+CMS_stream 4271 EXIST::FUNCTION:CMS
+EVP_PKEY_CTX_set_cb 4272 EXIST::FUNCTION:
+PKCS7_to_TS_TST_INFO 4273 EXIST::FUNCTION:
+ASN1_PCTX_get_oid_flags 4274 EXIST::FUNCTION:
+TS_TST_INFO_add_ext 4275 EXIST::FUNCTION:
+EVP_PKEY_meth_set_derive 4276 EXIST::FUNCTION:
+i2d_TS_RESP_fp 4277 EXIST::FUNCTION:
+i2d_TS_MSG_IMPRINT_bio 4278 EXIST::FUNCTION:
+TS_RESP_CTX_set_accuracy 4279 EXIST::FUNCTION:
+TS_REQ_set_nonce 4280 EXIST::FUNCTION:
+ESS_CERT_ID_new 4281 EXIST::FUNCTION:
+ENGINE_pkey_asn1_find_str 4282 EXIST::FUNCTION:ENGINE
+TS_REQ_get_ext_count 4283 EXIST::FUNCTION:
+BUF_reverse 4284 EXIST::FUNCTION:
+TS_TST_INFO_print_bio 4285 EXIST::FUNCTION:
+d2i_ISSUING_DIST_POINT 4286 EXIST::FUNCTION:
+ENGINE_get_pkey_meths 4287 EXIST::FUNCTION:ENGINE
+i2b_PrivateKey_bio 4288 EXIST::FUNCTION:
+i2d_TS_RESP 4289 EXIST::FUNCTION:
+b2i_PublicKey 4290 EXIST::FUNCTION:
+TS_VERIFY_CTX_cleanup 4291 EXIST::FUNCTION:
+TS_STATUS_INFO_free 4292 EXIST::FUNCTION:
+TS_RESP_verify_token 4293 EXIST::FUNCTION:
+OBJ_bsearch_ex_ 4294 EXIST::FUNCTION:
+ASN1_bn_print 4295 EXIST::FUNCTION:BIO
+EVP_PKEY_asn1_get_count 4296 EXIST::FUNCTION:
+ENGINE_register_pkey_asn1_meths 4297 EXIST::FUNCTION:ENGINE
+ASN1_PCTX_set_nm_flags 4298 EXIST::FUNCTION:
+EVP_DigestVerifyInit 4299 EXIST::FUNCTION:
+ENGINE_set_default_pkey_meths 4300 EXIST::FUNCTION:ENGINE
+TS_TST_INFO_get_policy_id 4301 EXIST::FUNCTION:
+TS_REQ_get_cert_req 4302 EXIST::FUNCTION:
+X509_CRL_set_meth_data 4303 EXIST::FUNCTION:
+PKCS8_pkey_set0 4304 EXIST::FUNCTION:
+ASN1_STRING_copy 4305 EXIST::FUNCTION:
+d2i_TS_TST_INFO_fp 4306 EXIST::FUNCTION:
+X509_CRL_match 4307 EXIST::FUNCTION:
+EVP_PKEY_asn1_set_private 4308 EXIST::FUNCTION:
+TS_TST_INFO_get_ext_d2i 4309 EXIST::FUNCTION:
+TS_RESP_CTX_add_policy 4310 EXIST::FUNCTION:
+d2i_TS_RESP 4311 EXIST::FUNCTION:
+TS_CONF_load_certs 4312 EXIST::FUNCTION:
+TS_TST_INFO_get_msg_imprint 4313 EXIST::FUNCTION:
+ERR_load_TS_strings 4314 EXIST::FUNCTION:
+TS_TST_INFO_get_version 4315 EXIST::FUNCTION:
+EVP_PKEY_CTX_dup 4316 EXIST::FUNCTION:
+EVP_PKEY_meth_set_verify 4317 EXIST::FUNCTION:
+i2b_PublicKey_bio 4318 EXIST::FUNCTION:
+TS_CONF_set_certs 4319 EXIST::FUNCTION:
+EVP_PKEY_asn1_get0_info 4320 EXIST::FUNCTION:
+TS_VERIFY_CTX_free 4321 EXIST::FUNCTION:
+TS_REQ_get_ext_by_critical 4322 EXIST::FUNCTION:
+TS_RESP_CTX_set_serial_cb 4323 EXIST::FUNCTION:
+X509_CRL_get_meth_data 4324 EXIST::FUNCTION:
+TS_RESP_CTX_set_time_cb 4325 EXIST::FUNCTION:
+TS_MSG_IMPRINT_get_msg 4326 EXIST::FUNCTION:
+TS_TST_INFO_ext_free 4327 EXIST::FUNCTION:
+TS_REQ_get_version 4328 EXIST::FUNCTION:
+TS_REQ_add_ext 4329 EXIST::FUNCTION:
+EVP_PKEY_CTX_set_app_data 4330 EXIST::FUNCTION:
+OBJ_bsearch_ 4331 EXIST::FUNCTION:
+EVP_PKEY_meth_set_verifyctx 4332 EXIST::FUNCTION:
+i2d_PKCS7_bio_stream 4333 EXIST::FUNCTION:
+CRYPTO_THREADID_set_numeric 4334 EXIST::FUNCTION:
+PKCS7_sign_add_signer 4335 EXIST::FUNCTION:
+d2i_TS_TST_INFO_bio 4336 EXIST::FUNCTION:
+TS_TST_INFO_get_ordering 4337 EXIST::FUNCTION:
+TS_RESP_print_bio 4338 EXIST::FUNCTION:
+TS_TST_INFO_get_exts 4339 EXIST::FUNCTION:
+HMAC_CTX_copy 4340 EXIST::FUNCTION:HMAC
+PKCS5_pbe2_set_iv 4341 EXIST::FUNCTION:
+ENGINE_get_pkey_asn1_meths 4342 EXIST::FUNCTION:ENGINE
+b2i_PrivateKey 4343 EXIST::FUNCTION:
+EVP_PKEY_CTX_get_app_data 4344 EXIST::FUNCTION:
+TS_REQ_set_cert_req 4345 EXIST::FUNCTION:
+CRYPTO_THREADID_set_callback 4346 EXIST::FUNCTION:
+TS_CONF_set_serial 4347 EXIST::FUNCTION:
+TS_TST_INFO_free 4348 EXIST::FUNCTION:
+d2i_TS_REQ_fp 4349 EXIST::FUNCTION:
+TS_RESP_verify_response 4350 EXIST::FUNCTION:
+i2d_ESS_ISSUER_SERIAL 4351 EXIST::FUNCTION:
+TS_ACCURACY_get_seconds 4352 EXIST::FUNCTION:
+EVP_CIPHER_do_all 4353 EXIST::FUNCTION:
+b2i_PrivateKey_bio 4354 EXIST::FUNCTION:
+OCSP_CERTID_dup 4355 EXIST::FUNCTION:
+X509_PUBKEY_get0_param 4356 EXIST::FUNCTION:
+TS_MSG_IMPRINT_dup 4357 EXIST::FUNCTION:
+PKCS7_print_ctx 4358 EXIST::FUNCTION:
+i2d_TS_REQ_bio 4359 EXIST::FUNCTION:
+EVP_whirlpool 4360 EXIST:!VMSVAX:FUNCTION:WHIRLPOOL
+EVP_PKEY_asn1_set_param 4361 EXIST::FUNCTION:
+EVP_PKEY_meth_set_encrypt 4362 EXIST::FUNCTION:
+ASN1_PCTX_set_flags 4363 EXIST::FUNCTION:
+i2d_ESS_CERT_ID 4364 EXIST::FUNCTION:
+TS_VERIFY_CTX_new 4365 EXIST::FUNCTION:
+TS_RESP_CTX_set_extension_cb 4366 EXIST::FUNCTION:
+ENGINE_register_all_pkey_meths 4367 EXIST::FUNCTION:ENGINE
+TS_RESP_CTX_set_status_info_cond 4368 EXIST:!VMS:FUNCTION:
+TS_RESP_CTX_set_stat_info_cond 4368 EXIST:VMS:FUNCTION:
+EVP_PKEY_verify 4369 EXIST::FUNCTION:
+WHIRLPOOL_Final 4370 EXIST:!VMSVAX:FUNCTION:WHIRLPOOL
+X509_CRL_METHOD_new 4371 EXIST::FUNCTION:
+EVP_DigestSignFinal 4372 EXIST::FUNCTION:
+TS_RESP_CTX_set_def_policy 4373 EXIST::FUNCTION:
+NETSCAPE_X509_it 4374 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+NETSCAPE_X509_it 4374 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+TS_RESP_create_response 4375 EXIST::FUNCTION:
+PKCS7_SIGNER_INFO_get0_algs 4376 EXIST::FUNCTION:
+TS_TST_INFO_get_nonce 4377 EXIST::FUNCTION:
+EVP_PKEY_decrypt_old 4378 EXIST::FUNCTION:
+TS_TST_INFO_set_policy_id 4379 EXIST::FUNCTION:
+TS_CONF_set_ess_cert_id_chain 4380 EXIST::FUNCTION:
+EVP_PKEY_CTX_get0_pkey 4381 EXIST::FUNCTION:
+d2i_TS_REQ 4382 EXIST::FUNCTION:
+EVP_PKEY_asn1_find_str 4383 EXIST::FUNCTION:
+BIO_f_asn1 4384 EXIST::FUNCTION:
+ESS_SIGNING_CERT_new 4385 EXIST::FUNCTION:
+EVP_PBE_find 4386 EXIST::FUNCTION:
+X509_CRL_get0_by_cert 4387 EXIST::FUNCTION:
+EVP_PKEY_derive 4388 EXIST::FUNCTION:
+i2d_TS_REQ 4389 EXIST::FUNCTION:
+TS_TST_INFO_delete_ext 4390 EXIST::FUNCTION:
+ESS_ISSUER_SERIAL_free 4391 EXIST::FUNCTION:
+ASN1_PCTX_set_str_flags 4392 EXIST::FUNCTION:
+ENGINE_get_pkey_asn1_meth_str 4393 EXIST::FUNCTION:ENGINE
+TS_CONF_set_signer_key 4394 EXIST::FUNCTION:
+TS_ACCURACY_get_millis 4395 EXIST::FUNCTION:
+TS_RESP_get_token 4396 EXIST::FUNCTION:
+TS_ACCURACY_dup 4397 EXIST::FUNCTION:
+ENGINE_register_all_pkey_asn1_meths 4398 EXIST:!VMS:FUNCTION:ENGINE
+ENGINE_reg_all_pkey_asn1_meths 4398 EXIST:VMS:FUNCTION:ENGINE
+X509_CRL_set_default_method 4399 EXIST::FUNCTION:
+CRYPTO_THREADID_hash 4400 EXIST::FUNCTION:
+CMS_ContentInfo_print_ctx 4401 EXIST::FUNCTION:CMS
+TS_RESP_free 4402 EXIST::FUNCTION:
+ISSUING_DIST_POINT_free 4403 EXIST::FUNCTION:
+ESS_ISSUER_SERIAL_new 4404 EXIST::FUNCTION:
+CMS_add1_crl 4405 EXIST::FUNCTION:CMS
+PKCS7_add1_attrib_digest 4406 EXIST::FUNCTION:
+TS_RESP_CTX_add_md 4407 EXIST::FUNCTION:
+TS_TST_INFO_dup 4408 EXIST::FUNCTION:
+ENGINE_set_pkey_asn1_meths 4409 EXIST::FUNCTION:ENGINE
+PEM_write_bio_Parameters 4410 EXIST::FUNCTION:
+TS_TST_INFO_get_accuracy 4411 EXIST::FUNCTION:
+X509_CRL_get0_by_serial 4412 EXIST::FUNCTION:
+TS_TST_INFO_set_version 4413 EXIST::FUNCTION:
+TS_RESP_CTX_get_tst_info 4414 EXIST::FUNCTION:
+TS_RESP_verify_signature 4415 EXIST::FUNCTION:
+CRYPTO_THREADID_get_callback 4416 EXIST::FUNCTION:
+TS_TST_INFO_get_tsa 4417 EXIST::FUNCTION:
+TS_STATUS_INFO_new 4418 EXIST::FUNCTION:
+EVP_PKEY_CTX_get_cb 4419 EXIST::FUNCTION:
+TS_REQ_get_ext_d2i 4420 EXIST::FUNCTION:
+GENERAL_NAME_set0_othername 4421 EXIST::FUNCTION:
+TS_TST_INFO_get_ext_count 4422 EXIST::FUNCTION:
+TS_RESP_CTX_get_request 4423 EXIST::FUNCTION:
+i2d_NETSCAPE_X509 4424 EXIST::FUNCTION:
+ENGINE_get_pkey_meth_engine 4425 EXIST::FUNCTION:ENGINE
+EVP_PKEY_meth_set_signctx 4426 EXIST::FUNCTION:
+EVP_PKEY_asn1_copy 4427 EXIST::FUNCTION:
ASN1_TYPE_cmp 4428 EXIST::FUNCTION:
+EVP_CIPHER_do_all_sorted 4429 EXIST::FUNCTION:
+EVP_PKEY_CTX_free 4430 EXIST::FUNCTION:
+ISSUING_DIST_POINT_it 4431 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ISSUING_DIST_POINT_it 4431 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+d2i_TS_MSG_IMPRINT_fp 4432 EXIST::FUNCTION:
+X509_STORE_get1_certs 4433 EXIST::FUNCTION:
+EVP_PKEY_CTX_get_operation 4434 EXIST::FUNCTION:
+d2i_ESS_SIGNING_CERT 4435 EXIST::FUNCTION:
+TS_CONF_set_ordering 4436 EXIST::FUNCTION:
+EVP_PBE_alg_add_type 4437 EXIST::FUNCTION:
+TS_REQ_set_version 4438 EXIST::FUNCTION:
+EVP_PKEY_get0 4439 EXIST::FUNCTION:
+BIO_asn1_set_suffix 4440 EXIST::FUNCTION:
+i2d_TS_STATUS_INFO 4441 EXIST::FUNCTION:
+EVP_MD_do_all 4442 EXIST::FUNCTION:
+TS_TST_INFO_set_accuracy 4443 EXIST::FUNCTION:
+PKCS7_add_attrib_content_type 4444 EXIST::FUNCTION:
+ERR_remove_thread_state 4445 EXIST::FUNCTION:
+EVP_PKEY_meth_add0 4446 EXIST::FUNCTION:
+TS_TST_INFO_set_tsa 4447 EXIST::FUNCTION:
+EVP_PKEY_meth_new 4448 EXIST::FUNCTION:
+WHIRLPOOL_Update 4449 EXIST:!VMSVAX:FUNCTION:WHIRLPOOL
+TS_CONF_set_accuracy 4450 EXIST::FUNCTION:
+ASN1_PCTX_set_oid_flags 4451 EXIST::FUNCTION:
+ESS_SIGNING_CERT_dup 4452 EXIST::FUNCTION:
+d2i_TS_REQ_bio 4453 EXIST::FUNCTION:
+X509_time_adj_ex 4454 EXIST::FUNCTION:
+TS_RESP_CTX_add_flags 4455 EXIST::FUNCTION:
+d2i_TS_STATUS_INFO 4456 EXIST::FUNCTION:
+TS_MSG_IMPRINT_set_msg 4457 EXIST::FUNCTION:
+BIO_asn1_get_suffix 4458 EXIST::FUNCTION:
+TS_REQ_free 4459 EXIST::FUNCTION:
+EVP_PKEY_meth_free 4460 EXIST::FUNCTION:
+TS_REQ_get_exts 4461 EXIST::FUNCTION:
+TS_RESP_CTX_set_clock_precision_digits 4462 EXIST:!VMS:FUNCTION:
+TS_RESP_CTX_set_clk_prec_digits 4462 EXIST:VMS:FUNCTION:
+TS_RESP_CTX_add_failure_info 4463 EXIST::FUNCTION:
+i2d_TS_RESP_bio 4464 EXIST::FUNCTION:
+EVP_PKEY_CTX_get0_peerkey 4465 EXIST::FUNCTION:
+PEM_write_bio_CMS_stream 4466 EXIST::FUNCTION:CMS
+TS_REQ_new 4467 EXIST::FUNCTION:
+TS_MSG_IMPRINT_new 4468 EXIST::FUNCTION:
+EVP_PKEY_meth_find 4469 EXIST::FUNCTION:
+EVP_PKEY_id 4470 EXIST::FUNCTION:
+TS_TST_INFO_set_serial 4471 EXIST::FUNCTION:
+a2i_GENERAL_NAME 4472 EXIST::FUNCTION:
+TS_CONF_set_crypto_device 4473 EXIST::FUNCTION:
+EVP_PKEY_verify_init 4474 EXIST::FUNCTION:
+TS_CONF_set_policies 4475 EXIST::FUNCTION:
+ASN1_PCTX_new 4476 EXIST::FUNCTION:
+ESS_CERT_ID_free 4477 EXIST::FUNCTION:
+ENGINE_unregister_pkey_meths 4478 EXIST::FUNCTION:ENGINE
+TS_MSG_IMPRINT_free 4479 EXIST::FUNCTION:
+TS_VERIFY_CTX_init 4480 EXIST::FUNCTION:
+PKCS7_stream 4481 EXIST::FUNCTION:
+TS_RESP_CTX_set_certs 4482 EXIST::FUNCTION:
+TS_CONF_set_def_policy 4483 EXIST::FUNCTION:
+ASN1_GENERALIZEDTIME_adj 4484 EXIST::FUNCTION:
+NETSCAPE_X509_new 4485 EXIST::FUNCTION:
+TS_ACCURACY_free 4486 EXIST::FUNCTION:
+TS_RESP_get_tst_info 4487 EXIST::FUNCTION:
+EVP_PKEY_derive_set_peer 4488 EXIST::FUNCTION:
+PEM_read_bio_Parameters 4489 EXIST::FUNCTION:
+TS_CONF_set_clock_precision_digits 4490 EXIST:!VMS:FUNCTION:
+TS_CONF_set_clk_prec_digits 4490 EXIST:VMS:FUNCTION:
+ESS_ISSUER_SERIAL_dup 4491 EXIST::FUNCTION:
+TS_ACCURACY_get_micros 4492 EXIST::FUNCTION:
+ASN1_PCTX_get_str_flags 4493 EXIST::FUNCTION:
+NAME_CONSTRAINTS_check 4494 EXIST::FUNCTION:
+ASN1_BIT_STRING_check 4495 EXIST::FUNCTION:
+X509_check_akid 4496 EXIST::FUNCTION:
+ENGINE_unregister_pkey_asn1_meths 4497 EXIST:!VMS:FUNCTION:ENGINE
+ENGINE_unreg_pkey_asn1_meths 4497 EXIST:VMS:FUNCTION:ENGINE
+ASN1_PCTX_free 4498 EXIST::FUNCTION:
+PEM_write_bio_ASN1_stream 4499 EXIST::FUNCTION:
+i2d_ASN1_bio_stream 4500 EXIST::FUNCTION:
+TS_X509_ALGOR_print_bio 4501 EXIST::FUNCTION:
+EVP_PKEY_meth_set_cleanup 4502 EXIST::FUNCTION:
+EVP_PKEY_asn1_free 4503 EXIST::FUNCTION:
+ESS_SIGNING_CERT_free 4504 EXIST::FUNCTION:
+TS_TST_INFO_set_msg_imprint 4505 EXIST::FUNCTION:
+GENERAL_NAME_cmp 4506 EXIST::FUNCTION:
+d2i_ASN1_SET_ANY 4507 EXIST::FUNCTION:
+ENGINE_set_pkey_meths 4508 EXIST::FUNCTION:ENGINE
+i2d_TS_REQ_fp 4509 EXIST::FUNCTION:
+d2i_ASN1_SEQUENCE_ANY 4510 EXIST::FUNCTION:
+GENERAL_NAME_get0_otherName 4511 EXIST::FUNCTION:
+d2i_ESS_CERT_ID 4512 EXIST::FUNCTION:
+OBJ_find_sigid_algs 4513 EXIST::FUNCTION:
+EVP_PKEY_meth_set_keygen 4514 EXIST::FUNCTION:
+PKCS5_PBKDF2_HMAC 4515 EXIST::FUNCTION:
+EVP_PKEY_paramgen 4516 EXIST::FUNCTION:
+EVP_PKEY_meth_set_paramgen 4517 EXIST::FUNCTION:
+BIO_new_PKCS7 4518 EXIST::FUNCTION:
+EVP_PKEY_verify_recover 4519 EXIST::FUNCTION:
+TS_ext_print_bio 4520 EXIST::FUNCTION:
+TS_ASN1_INTEGER_print_bio 4521 EXIST::FUNCTION:
+check_defer 4522 EXIST::FUNCTION:
+DSO_pathbyaddr 4523 EXIST::FUNCTION:
+EVP_PKEY_set_type 4524 EXIST::FUNCTION:
+TS_ACCURACY_set_micros 4525 EXIST::FUNCTION:
+TS_REQ_to_TS_VERIFY_CTX 4526 EXIST::FUNCTION:
+EVP_PKEY_meth_set_copy 4527 EXIST::FUNCTION:
+ASN1_PCTX_set_cert_flags 4528 EXIST::FUNCTION:
+TS_TST_INFO_get_ext 4529 EXIST::FUNCTION:
+EVP_PKEY_asn1_set_ctrl 4530 EXIST::FUNCTION:
+TS_TST_INFO_get_ext_by_critical 4531 EXIST::FUNCTION:
+EVP_PKEY_CTX_new_id 4532 EXIST::FUNCTION:
+TS_REQ_get_ext_by_OBJ 4533 EXIST::FUNCTION:
+TS_CONF_set_signer_cert 4534 EXIST::FUNCTION:
+X509_NAME_hash_old 4535 EXIST::FUNCTION:
+ASN1_TIME_set_string 4536 EXIST::FUNCTION:
+EVP_MD_flags 4537 EXIST::FUNCTION:
+TS_RESP_CTX_free 4538 EXIST::FUNCTION:
+DSAparams_dup 4539 EXIST::FUNCTION:DSA
+DHparams_dup 4540 EXIST::FUNCTION:DH
+OCSP_REQ_CTX_add1_header 4541 EXIST::FUNCTION:
+OCSP_REQ_CTX_set1_req 4542 EXIST::FUNCTION:
+X509_STORE_set_verify_cb 4543 EXIST::FUNCTION:
+X509_STORE_CTX_get0_current_crl 4544 EXIST::FUNCTION:
+X509_STORE_CTX_get0_parent_ctx 4545 EXIST::FUNCTION:
+X509_STORE_CTX_get0_current_issuer 4546 EXIST:!VMS:FUNCTION:
+X509_STORE_CTX_get0_cur_issuer 4546 EXIST:VMS:FUNCTION:
+X509_issuer_name_hash_old 4547 EXIST::FUNCTION:MD5
+X509_subject_name_hash_old 4548 EXIST::FUNCTION:MD5
+EVP_CIPHER_CTX_copy 4549 EXIST::FUNCTION:
+UI_method_get_prompt_constructor 4550 EXIST:!VMS:FUNCTION:
+UI_method_get_prompt_constructr 4550 EXIST:VMS:FUNCTION:
+UI_method_set_prompt_constructor 4551 EXIST:!VMS:FUNCTION:
+UI_method_set_prompt_constructr 4551 EXIST:VMS:FUNCTION:
+EVP_read_pw_string_min 4552 EXIST::FUNCTION:
+CRYPTO_cts128_encrypt 4553 EXIST::FUNCTION:
+CRYPTO_cts128_decrypt_block 4554 EXIST::FUNCTION:
+CRYPTO_cfb128_1_encrypt 4555 EXIST::FUNCTION:
+CRYPTO_cbc128_encrypt 4556 EXIST::FUNCTION:
+CRYPTO_ctr128_encrypt 4557 EXIST::FUNCTION:
+CRYPTO_ofb128_encrypt 4558 EXIST::FUNCTION:
+CRYPTO_cts128_decrypt 4559 EXIST::FUNCTION:
+CRYPTO_cts128_encrypt_block 4560 EXIST::FUNCTION:
+CRYPTO_cbc128_decrypt 4561 EXIST::FUNCTION:
+CRYPTO_cfb128_encrypt 4562 EXIST::FUNCTION:
+CRYPTO_cfb128_8_encrypt 4563 EXIST::FUNCTION:
+OPENSSL_strcasecmp 4564 EXIST::FUNCTION:
+OPENSSL_memcmp 4565 EXIST::FUNCTION:
+OPENSSL_strncasecmp 4566 EXIST::FUNCTION:
+OPENSSL_gmtime 4567 EXIST::FUNCTION:
+OPENSSL_gmtime_adj 4568 EXIST::FUNCTION:
+SRP_VBASE_get_by_user 4569 EXIST::FUNCTION:SRP
+SRP_Calc_server_key 4570 EXIST::FUNCTION:SRP
+SRP_create_verifier 4571 EXIST::FUNCTION:SRP
+SRP_create_verifier_BN 4572 EXIST::FUNCTION:SRP
+SRP_Calc_u 4573 EXIST::FUNCTION:SRP
+SRP_VBASE_free 4574 EXIST::FUNCTION:SRP
+SRP_Calc_client_key 4575 EXIST::FUNCTION:SRP
+SRP_get_default_gN 4576 EXIST::FUNCTION:SRP
+SRP_Calc_x 4577 EXIST::FUNCTION:SRP
+SRP_Calc_B 4578 EXIST::FUNCTION:SRP
+SRP_VBASE_new 4579 EXIST::FUNCTION:SRP
+SRP_check_known_gN_param 4580 EXIST::FUNCTION:SRP
+SRP_Calc_A 4581 EXIST::FUNCTION:SRP
+SRP_Verify_A_mod_N 4582 EXIST::FUNCTION:SRP
+SRP_VBASE_init 4583 EXIST::FUNCTION:SRP
+SRP_Verify_B_mod_N 4584 EXIST::FUNCTION:SRP
+EC_KEY_set_public_key_affine_coordinates 4585 EXIST:!VMS:FUNCTION:EC
+EC_KEY_set_pub_key_aff_coords 4585 EXIST:VMS:FUNCTION:EC
+EVP_aes_192_ctr 4586 EXIST::FUNCTION:AES
+EVP_PKEY_meth_get0_info 4587 EXIST::FUNCTION:
+EVP_PKEY_meth_copy 4588 EXIST::FUNCTION:
+ERR_add_error_vdata 4589 EXIST::FUNCTION:
+EVP_aes_128_ctr 4590 EXIST::FUNCTION:AES
+EVP_aes_256_ctr 4591 EXIST::FUNCTION:AES
+EC_GFp_nistp224_method 4592 EXIST::FUNCTION:EC,EC_NISTP_64_GCC_128
+EC_KEY_get_flags 4593 EXIST::FUNCTION:EC
+RSA_padding_add_PKCS1_PSS_mgf1 4594 EXIST::FUNCTION:RSA
+EVP_aes_128_xts 4595 EXIST::FUNCTION:AES
+private_SHA224_Init 4596 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256
+private_AES_set_decrypt_key 4597 EXIST::FUNCTION:AES
+private_WHIRLPOOL_Init 4598 EXIST:OPENSSL_FIPS:FUNCTION:WHIRLPOOL
+EVP_aes_256_xts 4599 EXIST::FUNCTION:AES
+private_SHA512_Init 4600 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512
+EVP_aes_128_gcm 4601 EXIST::FUNCTION:AES
+EC_KEY_clear_flags 4602 EXIST::FUNCTION:EC
+EC_KEY_set_flags 4603 EXIST::FUNCTION:EC
+private_DES_set_key_unchecked 4604 EXIST:OPENSSL_FIPS:FUNCTION:DES
+EVP_aes_256_ccm 4605 EXIST::FUNCTION:AES
+private_AES_set_encrypt_key 4606 EXIST::FUNCTION:AES
+RSA_verify_PKCS1_PSS_mgf1 4607 EXIST::FUNCTION:RSA
+private_SHA1_Init 4608 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA1
+EVP_aes_128_ccm 4609 EXIST::FUNCTION:AES
+private_SEED_set_key 4610 EXIST:OPENSSL_FIPS:FUNCTION:SEED
+EVP_aes_192_gcm 4611 EXIST::FUNCTION:AES
+X509_ALGOR_set_md 4612 EXIST::FUNCTION:
+private_SHA256_Init 4613 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256
+RAND_init_fips 4614 EXIST:OPENSSL_FIPS:FUNCTION:
+EVP_aes_256_gcm 4615 EXIST::FUNCTION:AES
+private_SHA384_Init 4616 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512
+EVP_aes_192_ccm 4617 EXIST::FUNCTION:AES
+CMAC_CTX_copy 4618 EXIST::FUNCTION:
+CMAC_CTX_free 4619 EXIST::FUNCTION:
+CMAC_CTX_get0_cipher_ctx 4620 EXIST::FUNCTION:
+CMAC_CTX_cleanup 4621 EXIST::FUNCTION:
+CMAC_Init 4622 EXIST::FUNCTION:
+CMAC_Update 4623 EXIST::FUNCTION:
+CMAC_resume 4624 EXIST::FUNCTION:
+CMAC_CTX_new 4625 EXIST::FUNCTION:
+CMAC_Final 4626 EXIST::FUNCTION:
+CRYPTO_ctr128_encrypt_ctr32 4627 EXIST::FUNCTION:
+CRYPTO_gcm128_release 4628 EXIST::FUNCTION:
+CRYPTO_ccm128_decrypt_ccm64 4629 EXIST::FUNCTION:
+CRYPTO_ccm128_encrypt 4630 EXIST::FUNCTION:
+CRYPTO_gcm128_encrypt 4631 EXIST::FUNCTION:
+CRYPTO_xts128_encrypt 4632 EXIST::FUNCTION:
+EVP_rc4_hmac_md5 4633 EXIST::FUNCTION:MD5,RC4
+CRYPTO_nistcts128_decrypt_block 4634 EXIST::FUNCTION:
+CRYPTO_gcm128_setiv 4635 EXIST::FUNCTION:
+CRYPTO_nistcts128_encrypt 4636 EXIST::FUNCTION:
+EVP_aes_128_cbc_hmac_sha1 4637 EXIST::FUNCTION:AES,SHA,SHA1
+CRYPTO_gcm128_tag 4638 EXIST::FUNCTION:
+CRYPTO_ccm128_encrypt_ccm64 4639 EXIST::FUNCTION:
+ENGINE_load_rdrand 4640 EXIST::FUNCTION:ENGINE
+CRYPTO_ccm128_setiv 4641 EXIST::FUNCTION:
+CRYPTO_nistcts128_encrypt_block 4642 EXIST::FUNCTION:
+CRYPTO_gcm128_aad 4643 EXIST::FUNCTION:
+CRYPTO_ccm128_init 4644 EXIST::FUNCTION:
+CRYPTO_nistcts128_decrypt 4645 EXIST::FUNCTION:
+CRYPTO_gcm128_new 4646 EXIST::FUNCTION:
+CRYPTO_ccm128_tag 4647 EXIST::FUNCTION:
+CRYPTO_ccm128_decrypt 4648 EXIST::FUNCTION:
+CRYPTO_ccm128_aad 4649 EXIST::FUNCTION:
+CRYPTO_gcm128_init 4650 EXIST::FUNCTION:
+CRYPTO_gcm128_decrypt 4651 EXIST::FUNCTION:
+ENGINE_load_rsax 4652 EXIST::FUNCTION:ENGINE
+CRYPTO_gcm128_decrypt_ctr32 4653 EXIST::FUNCTION:
+CRYPTO_gcm128_encrypt_ctr32 4654 EXIST::FUNCTION:
+CRYPTO_gcm128_finish 4655 EXIST::FUNCTION:
+EVP_aes_256_cbc_hmac_sha1 4656 EXIST::FUNCTION:AES,SHA,SHA1
+PKCS5_pbkdf2_set 4657 EXIST::FUNCTION:
+CMS_add0_recipient_password 4658 EXIST::FUNCTION:CMS
+CMS_decrypt_set1_password 4659 EXIST::FUNCTION:CMS
+CMS_RecipientInfo_set0_password 4660 EXIST::FUNCTION:CMS
+RAND_set_fips_drbg_type 4661 EXIST:OPENSSL_FIPS:FUNCTION:
+X509_REQ_sign_ctx 4662 EXIST::FUNCTION:EVP
+RSA_PSS_PARAMS_new 4663 EXIST::FUNCTION:RSA
+X509_CRL_sign_ctx 4664 EXIST::FUNCTION:EVP
+X509_signature_dump 4665 EXIST::FUNCTION:EVP
+d2i_RSA_PSS_PARAMS 4666 EXIST::FUNCTION:RSA
+RSA_PSS_PARAMS_it 4667 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RSA
+RSA_PSS_PARAMS_it 4667 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RSA
+RSA_PSS_PARAMS_free 4668 EXIST::FUNCTION:RSA
+X509_sign_ctx 4669 EXIST::FUNCTION:EVP
+i2d_RSA_PSS_PARAMS 4670 EXIST::FUNCTION:RSA
+ASN1_item_sign_ctx 4671 EXIST::FUNCTION:EVP
+EC_GFp_nistp521_method 4672 EXIST::FUNCTION:EC,EC_NISTP_64_GCC_128
+EC_GFp_nistp256_method 4673 EXIST::FUNCTION:EC,EC_NISTP_64_GCC_128
+OPENSSL_stderr 4674 EXIST::FUNCTION:
+OPENSSL_cpuid_setup 4675 EXIST::FUNCTION:
+OPENSSL_showfatal 4676 EXIST::FUNCTION:
+BIO_new_dgram_sctp 4677 EXIST::FUNCTION:SCTP
+BIO_dgram_sctp_msg_waiting 4678 EXIST::FUNCTION:SCTP
+BIO_dgram_sctp_wait_for_dry 4679 EXIST::FUNCTION:SCTP
+BIO_s_datagram_sctp 4680 EXIST::FUNCTION:DGRAM,SCTP
+BIO_dgram_is_sctp 4681 EXIST::FUNCTION:SCTP
+BIO_dgram_sctp_notification_cb 4682 EXIST::FUNCTION:SCTP
Modified: trunk/crypto/openssl/util/mk1mf.pl
===================================================================
--- trunk/crypto/openssl/util/mk1mf.pl 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/util/mk1mf.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -6,36 +6,61 @@
#
$INSTALLTOP="/usr/local/ssl";
+$OPENSSLDIR="/usr/local/ssl";
$OPTIONS="";
$ssl_version="";
$banner="\t\@echo Building OpenSSL";
-my $no_static_engine = 0;
+my $no_static_engine = 1;
my $engines = "";
+my $otherlibs = "";
local $zlib_opt = 0; # 0 = no zlib, 1 = static, 2 = dynamic
local $zlib_lib = "";
+local $perl_asm = 0; # 1 to autobuild asm files from perl scripts
-local $fips_canister_path = "";
-my $fips_premain_dso_exe_path = "";
-my $fips_premain_c_path = "";
-my $fips_sha1_exe_path = "";
+my $ex_l_libs = "";
-local $fipscanisterbuild = 0;
-local $fipsdso = 0;
+# Options to import from top level Makefile
-my $fipslibdir = "";
-my $baseaddr = "";
+my %mf_import = (
+ VERSION => \$ssl_version,
+ OPTIONS => \$OPTIONS,
+ INSTALLTOP => \$INSTALLTOP,
+ OPENSSLDIR => \$OPENSSLDIR,
+ PLATFORM => \$mf_platform,
+ CFLAG => \$mf_cflag,
+ DEPFLAG => \$mf_depflag,
+ CPUID_OBJ => \$mf_cpuid_asm,
+ BN_ASM => \$mf_bn_asm,
+ DES_ENC => \$mf_des_asm,
+ AES_ENC => \$mf_aes_asm,
+ BF_ENC => \$mf_bf_asm,
+ CAST_ENC => \$mf_cast_asm,
+ RC4_ENC => \$mf_rc4_asm,
+ RC5_ENC => \$mf_rc5_asm,
+ MD5_ASM_OBJ => \$mf_md5_asm,
+ SHA1_ASM_OBJ => \$mf_sha_asm,
+ RMD160_ASM_OBJ => \$mf_rmd_asm,
+ WP_ASM_OBJ => \$mf_wp_asm,
+ CMLL_ENC => \$mf_cm_asm,
+ BASEADDR => \$baseaddr,
+ FIPSDIR => \$fipsdir,
+);
-my $ex_l_libs = "";
open(IN,"<Makefile") || die "unable to open Makefile!\n";
while(<IN>) {
- $ssl_version=$1 if (/^VERSION=(.*)$/);
- $OPTIONS=$1 if (/^OPTIONS=(.*)$/);
- $INSTALLTOP=$1 if (/^INSTALLTOP=(.*$)/);
+ my ($mf_opt, $mf_ref);
+ while (($mf_opt, $mf_ref) = each %mf_import) {
+ if (/^$mf_opt\s*=\s*(.*)$/) {
+ $$mf_ref = $1;
+ }
+ }
}
close(IN);
+$debug = 1 if $mf_platform =~ /^debug-/;
+
die "Makefile is not the toplevel Makefile!\n" if $ssl_version eq "";
$infile="MINFO";
@@ -58,6 +83,7 @@
"netware-libc", "CodeWarrior for NetWare - LibC - with WinSock Sockets",
"netware-libc-bsdsock", "CodeWarrior for NetWare - LibC - with BSD Sockets",
"default","cc under unix",
+ "auto", "auto detect from top level Makefile"
);
$platform="";
@@ -82,6 +108,7 @@
just-ssl - remove all non-ssl keys/digest
no-asm - No x86 asm
no-krb5 - No KRB5
+ no-srp - No SRP
no-ec - No EC
no-ecdsa - No ECDSA
no-ecdh - No ECDH
@@ -144,6 +171,12 @@
$NT=0;
push(@INC,"util/pl","pl");
+
+if ($platform eq "auto") {
+ $platform = $mf_platform;
+ print STDERR "Imported platform $mf_platform\n";
+}
+
if (($platform =~ /VC-(.+)/))
{
$FLAVOR=$1;
@@ -200,6 +233,8 @@
$cflags.=' -DTERMIO';
}
+$fipsdir =~ s/\//${o}/g;
+
$out_dir=(defined($VARS{'OUT'}))?$VARS{'OUT'}:$out_def.($debug?".dbg":"");
$tmp_dir=(defined($VARS{'TMP'}))?$VARS{'TMP'}:$tmp_def.($debug?".dbg":"");
$inc_dir=(defined($VARS{'INC'}))?$VARS{'INC'}:$inc_def;
@@ -228,21 +263,24 @@
$cflags.=" -DOPENSSL_NO_RSA" if $no_rsa;
$cflags.=" -DOPENSSL_NO_DSA" if $no_dsa;
$cflags.=" -DOPENSSL_NO_DH" if $no_dh;
+$cflags.=" -DOPENSSL_NO_WHIRLPOOL" if $no_whirlpool;
$cflags.=" -DOPENSSL_NO_SOCK" if $no_sock;
$cflags.=" -DOPENSSL_NO_SSL2" if $no_ssl2;
$cflags.=" -DOPENSSL_NO_SSL3" if $no_ssl3;
$cflags.=" -DOPENSSL_NO_TLSEXT" if $no_tlsext;
+$cflags.=" -DOPENSSL_NO_SRP" if $no_srp;
$cflags.=" -DOPENSSL_NO_CMS" if $no_cms;
-$cflags.=" -DOPENSSL_NO_JPAKE" if $no_jpake;
-$cflags.=" -DOPENSSL_NO_CAPIENG" if $no_capieng;
$cflags.=" -DOPENSSL_NO_ERR" if $no_err;
$cflags.=" -DOPENSSL_NO_KRB5" if $no_krb5;
$cflags.=" -DOPENSSL_NO_EC" if $no_ec;
$cflags.=" -DOPENSSL_NO_ECDSA" if $no_ecdsa;
$cflags.=" -DOPENSSL_NO_ECDH" if $no_ecdh;
+$cflags.=" -DOPENSSL_NO_GOST" if $no_gost;
$cflags.=" -DOPENSSL_NO_ENGINE" if $no_engine;
$cflags.=" -DOPENSSL_NO_HW" if $no_hw;
$cflags.=" -DOPENSSL_FIPS" if $fips;
+$cflags.=" -DOPENSSL_NO_JPAKE" if $no_jpake;
+$cflags.=" -DOPENSSL_NO_EC2M" if $no_ec2m;
$cflags.= " -DZLIB" if $zlib_opt;
$cflags.= " -DZLIB_SHARED" if $zlib_opt == 2;
@@ -264,9 +302,9 @@
$ex_libs="$l_flags$ex_libs" if ($l_flags ne "");
+
%shlib_ex_cflags=("SSL" => " -DOPENSSL_BUILD_SHLIBSSL",
- "CRYPTO" => " -DOPENSSL_BUILD_SHLIBCRYPTO",
- "FIPS" => " -DOPENSSL_BUILD_SHLIBCRYPTO");
+ "CRYPTO" => " -DOPENSSL_BUILD_SHLIBCRYPTO");
if ($msdos)
{
@@ -280,6 +318,7 @@
$link="$bin_dir$link" if ($link !~ /^\$/);
$INSTALLTOP =~ s|/|$o|g;
+$OPENSSLDIR =~ s|/|$o|g;
#############################################
# We parse in input file and 'store' info for later printing.
@@ -287,7 +326,7 @@
$_=<IN>;
for (;;)
{
- chop;
+ s/\s*$//; # was chop, didn't work in mixture of perls for Windows...
($key,$val)=/^([^=]+)=(.*)/;
if ($key eq "RELATIVE_DIRECTORY")
@@ -294,21 +333,11 @@
{
if ($lib ne "")
{
- if ($fips && $dir =~ /^fips/)
- {
- $uc = "FIPS";
- }
- else
- {
- $uc=$lib;
- $uc =~ s/^lib(.*)\.a/$1/;
- $uc =~ tr/a-z/A-Z/;
- }
- if (($uc ne "FIPS") || $fipscanisterbuild)
- {
- $lib_nam{$uc}=$uc;
- $lib_obj{$uc}.=$libobj." ";
- }
+ $uc=$lib;
+ $uc =~ s/^lib(.*)\.a/$1/;
+ $uc =~ tr/a-z/A-Z/;
+ $lib_nam{$uc}=$uc;
+ $lib_obj{$uc}.=$libobj." ";
}
last if ($val eq "FINISHED");
$lib="";
@@ -339,6 +368,12 @@
$lib=$val;
$lib =~ s/^.*\/([^\/]+)$/$1/;
}
+ if ($key eq "LIBNAME" && $no_static_engine)
+ {
+ $lib=$val;
+ $lib =~ s/^.*\/([^\/]+)$/$1/;
+ $otherlibs .= " $lib";
+ }
if ($key eq "EXHEADER")
{ $exheader.=&var_add($dir,$val, 1); }
@@ -351,130 +386,11 @@
if ($key eq "LIBNAMES" && $dir eq "engines" && $no_static_engine)
{ $engines.=$val }
- if ($key eq "FIPS_EX_OBJ")
- {
- $fips_ex_obj=&var_add("crypto",$val,0);
- }
-
- if ($key eq "FIPSLIBDIR")
- {
- $fipslibdir=$val;
- $fipslibdir =~ s/\/$//;
- $fipslibdir =~ s/\//$o/g;
- }
-
- if ($key eq "BASEADDR")
- { $baseaddr=$val;}
-
if (!($_=<IN>))
{ $_="RELATIVE_DIRECTORY=FINISHED\n"; }
}
close(IN);
-if ($fips)
- {
-
- foreach (split " ", $fips_ex_obj)
- {
- $fips_exclude_obj{$1} = 1 if (/\/([^\/]*)$/);
- }
-
- $fips_exclude_obj{"cpu_win32"} = 1;
- $fips_exclude_obj{"bn_asm"} = 1;
- $fips_exclude_obj{"des_enc"} = 1;
- $fips_exclude_obj{"fcrypt_b"} = 1;
- $fips_exclude_obj{"aes_core"} = 1;
- $fips_exclude_obj{"aes_cbc"} = 1;
-
- my @ltmp = split " ", $lib_obj{"CRYPTO"};
-
-
- $lib_obj{"CRYPTO"} = "";
-
- foreach(@ltmp)
- {
- if (/\/([^\/]*)$/ && exists $fips_exclude_obj{$1})
- {
- if ($fipscanisterbuild)
- {
- $lib_obj{"FIPS"} .= "$_ ";
- }
- }
- else
- {
- $lib_obj{"CRYPTO"} .= "$_ ";
- }
- }
-
- }
-
-if ($fipscanisterbuild)
- {
- $fips_canister_path = "\$(LIB_D)${o}fipscanister.lib" if $fips_canister_path eq "";
- $fips_premain_c_path = "\$(LIB_D)${o}fips_premain.c";
- }
-else
- {
- if ($fips_canister_path eq "")
- {
- $fips_canister_path = "\$(FIPSLIB_D)${o}fipscanister.lib";
- }
-
- if ($fips_premain_c_path eq "")
- {
- $fips_premain_c_path = "\$(FIPSLIB_D)${o}fips_premain.c";
- }
- }
-
-if ($fips)
- {
- if ($fips_sha1_exe_path eq "")
- {
- $fips_sha1_exe_path =
- "\$(BIN_D)${o}fips_standalone_sha1$exep";
- }
- }
- else
- {
- $fips_sha1_exe_path = "";
- }
-
-if ($fips_premain_dso_exe_path eq "")
- {
- $fips_premain_dso_exe_path = "\$(BIN_D)${o}fips_premain_dso$exep";
- }
-
-# $ex_build_targets .= "\$(BIN_D)${o}\$(E_PREMAIN_DSO)$exep" if ($fips);
-
-#$ex_l_libs .= " \$(L_FIPS)" if $fipsdso;
-
-if ($fips)
- {
- if (!$shlib)
- {
- $ex_build_targets .= " \$(LIB_D)$o$crypto_compat \$(PREMAIN_DSO_EXE)";
- $ex_l_libs .= " \$(O_FIPSCANISTER)";
- $ex_libs_dep .= " \$(O_FIPSCANISTER)" if $fipscanisterbuild;
- }
- if ($fipscanisterbuild)
- {
- $fipslibdir = "\$(LIB_D)";
- }
- else
- {
- if ($fipslibdir eq "")
- {
- open (IN, "util/fipslib_path.txt") || fipslib_error();
- $fipslibdir = <IN>;
- chomp $fipslibdir;
- close IN;
- }
- fips_check_files($fipslibdir,
- "fipscanister.lib", "fipscanister.lib.sha1",
- "fips_premain.c", "fips_premain.c.sha1");
- }
- }
-
if ($shlib)
{
$extra_install= <<"EOF";
@@ -498,6 +414,11 @@
\$(CP) \"\$(O_CRYPTO)\" \"\$(INSTALLTOP)${o}lib\"
EOF
$ex_libs .= " $zlib_lib" if $zlib_opt == 1;
+ if ($fips)
+ {
+ $build_targets .= " \$(LIB_D)$o$crypto_compat \$(PREMAIN_DSO_EXE)";
+ $ex_l_libs .= " \$(O_FIPSCANISTER)";
+ }
}
$defs= <<"EOF";
@@ -520,6 +441,7 @@
$defs.= <<"EOF";
INSTALLTOP=$INSTALLTOP
+OPENSSLDIR=$OPENSSLDIR
# Set your compiler options
PLATFORM=$platform
@@ -540,33 +462,7 @@
LINK=$link
LFLAGS=$lflags
RSC=$rsc
-FIPSLINK=\$(PERL) util${o}fipslink.pl
-AES_ASM_OBJ=$aes_asm_obj
-AES_ASM_SRC=$aes_asm_src
-BN_ASM_OBJ=$bn_asm_obj
-BN_ASM_SRC=$bn_asm_src
-BNCO_ASM_OBJ=$bnco_asm_obj
-BNCO_ASM_SRC=$bnco_asm_src
-DES_ENC_OBJ=$des_enc_obj
-DES_ENC_SRC=$des_enc_src
-BF_ENC_OBJ=$bf_enc_obj
-BF_ENC_SRC=$bf_enc_src
-CAST_ENC_OBJ=$cast_enc_obj
-CAST_ENC_SRC=$cast_enc_src
-RC4_ENC_OBJ=$rc4_enc_obj
-RC4_ENC_SRC=$rc4_enc_src
-RC5_ENC_OBJ=$rc5_enc_obj
-RC5_ENC_SRC=$rc5_enc_src
-MD5_ASM_OBJ=$md5_asm_obj
-MD5_ASM_SRC=$md5_asm_src
-SHA1_ASM_OBJ=$sha1_asm_obj
-SHA1_ASM_SRC=$sha1_asm_src
-RMD160_ASM_OBJ=$rmd160_asm_obj
-RMD160_ASM_SRC=$rmd160_asm_src
-CPUID_ASM_OBJ=$cpuid_asm_obj
-CPUID_ASM_SRC=$cpuid_asm_src
-
# The output directory for everything intersting
OUT_D=$out_dir
# The output directory for all the temporary muck
@@ -586,15 +482,16 @@
# FIPS validated module and support file locations
+FIPSDIR=$fipsdir
+BASEADDR=$baseaddr
+FIPSLIB_D=\$(FIPSDIR)${o}lib
+FIPS_PREMAIN_SRC=\$(FIPSLIB_D)${o}fips_premain.c
+O_FIPSCANISTER=\$(FIPSLIB_D)${o}fipscanister.lib
+FIPS_SHA1_EXE=\$(FIPSDIR)${o}bin${o}fips_standalone_sha1${exep}
E_PREMAIN_DSO=fips_premain_dso
+PREMAIN_DSO_EXE=\$(BIN_D)${o}fips_premain_dso$exep
+FIPSLINK=\$(PERL) \$(FIPSDIR)${o}bin${o}fipslink.pl
-FIPSLIB_D=$fipslibdir
-BASEADDR=$baseaddr
-FIPS_PREMAIN_SRC=$fips_premain_c_path
-O_FIPSCANISTER=$fips_canister_path
-FIPS_SHA1_EXE=$fips_sha1_exe_path
-PREMAIN_DSO_EXE=$fips_premain_dso_exe_path
-
######################################################
# You should not need to touch anything below this point
######################################################
@@ -602,7 +499,6 @@
E_EXE=openssl
SSL=$ssl
CRYPTO=$crypto
-LIBFIPS=libosslfips
# BIN_D - Binary output directory
# TEST_D - Binary test file output directory
@@ -623,12 +519,10 @@
O_SSL= \$(LIB_D)$o$plib\$(SSL)$shlibp
O_CRYPTO= \$(LIB_D)$o$plib\$(CRYPTO)$shlibp
-O_FIPS= \$(LIB_D)$o$plib\$(LIBFIPS)$shlibp
SO_SSL= $plib\$(SSL)$so_shlibp
SO_CRYPTO= $plib\$(CRYPTO)$so_shlibp
L_SSL= \$(LIB_D)$o$plib\$(SSL)$libp
L_CRYPTO= \$(LIB_D)$o$plib\$(CRYPTO)$libp
-L_FIPS= \$(LIB_D)$o$plib\$(LIBFIPS)$libp
L_LIBS= \$(L_SSL) \$(L_CRYPTO) $ex_l_libs
@@ -640,13 +534,13 @@
APP_CFLAGS=\$(INC) \$(CFLAG) \$(APP_CFLAG)
LIB_CFLAGS=\$(INC) \$(CFLAG) \$(LIB_CFLAG)
SHLIB_CFLAGS=\$(INC) \$(CFLAG) \$(LIB_CFLAG) \$(SHLIB_CFLAG)
-LIBS_DEP=\$(O_CRYPTO) \$(O_SSL) $ex_libs_dep
+LIBS_DEP=\$(O_CRYPTO) \$(O_SSL)
#############################################
EOF
$rules=<<"EOF";
-all: banner \$(TMP_D) \$(BIN_D) \$(TEST_D) \$(LIB_D) \$(INCO_D) headers \$(FIPS_SHA1_EXE) lib exe $ex_build_targets
+all: banner \$(TMP_D) \$(BIN_D) \$(TEST_D) \$(LIB_D) \$(INCO_D) headers lib exe $build_targets
banner:
$banner
@@ -683,8 +577,9 @@
\$(MKDIR) \"\$(INSTALLTOP)${o}include${o}openssl\"
\$(MKDIR) \"\$(INSTALLTOP)${o}lib\"
\$(CP) \"\$(INCO_D)${o}*.\[ch\]\" \"\$(INSTALLTOP)${o}include${o}openssl\"
- \$(CP) \"\$(BIN_D)$o\$(E_EXE)$exep\" \"\$(INSTALLTOP)${o}bin\"
- \$(CP) \"apps${o}openssl.cnf\" \"\$(INSTALLTOP)\"
+ \$(CP) \"\$(BIN_D)$o\$(E_EXE)$exep \$(INSTALLTOP)${o}bin\"
+ \$(MKDIR) \"\$(OPENSSLDIR)\"
+ \$(CP) apps${o}openssl.cnf \"\$(OPENSSLDIR)\"
$extra_install
@@ -730,7 +625,7 @@
printf OUT <<EOF;
#ifdef $platform_cpp_symbol
/* auto-generated/updated by util/mk1mf.pl for crypto/cversion.c */
- #define CFLAGS "$cc $cflags"
+ #define CFLAGS "compiler: $cc $cflags"
#define PLATFORM "$platform"
EOF
printf OUT " #define DATE \"%s\"\n", scalar gmtime();
@@ -761,24 +656,14 @@
$defs.=&do_defs("E_OBJ",$e_exe,"\$(OBJ_D)",$obj);
$rules.=&do_compile_rule("\$(OBJ_D)",$e_exe,'-DMONOLITH $(APP_CFLAGS)');
-# Special case rules for fips_start and fips_end fips_premain_dso
+# Special case rule for fips_premain_dso
if ($fips)
{
- if ($fipscanisterbuild)
- {
- $rules.=&cc_compile_target("\$(OBJ_D)${o}fips_start$obj",
- "fips${o}fips_canister.c",
- "-DFIPS_START \$(SHLIB_CFLAGS)");
- $rules.=&cc_compile_target("\$(OBJ_D)${o}fips_end$obj",
- "fips${o}fips_canister.c", "\$(SHLIB_CFLAGS)");
- }
- $rules.=&cc_compile_target("\$(OBJ_D)${o}fips_standalone_sha1$obj",
- "fips${o}sha${o}fips_standalone_sha1.c",
- "\$(SHLIB_CFLAGS)");
$rules.=&cc_compile_target("\$(OBJ_D)${o}\$(E_PREMAIN_DSO)$obj",
- "fips${o}fips_premain.c",
- "-DFINGERPRINT_PREMAIN_DSO_LOAD \$(SHLIB_CFLAGS)");
+ "\$(FIPS_PREMAIN_SRC)",
+ "-DFINGERPRINT_PREMAIN_DSO_LOAD \$(SHLIB_CFLAGS)", "");
+ $rules.=&do_link_rule("\$(PREMAIN_DSO_EXE)","\$(OBJ_D)${o}\$(E_PREMAIN_DSO)$obj \$(CRYPTOOBJ) \$(O_FIPSCANISTER)","","\$(EX_LIBS)", 1);
}
foreach (values %lib_nam)
@@ -786,71 +671,6 @@
$lib_obj=$lib_obj{$_};
local($slib)=$shlib;
- if ((!$fips && ($_ eq "CRYPTO")) || ($fips && ($_ eq "FIPS")))
- {
- if ($cpuid_asm_obj ne "")
- {
- $lib_obj =~ s/(\S*\/cryptlib\S*)/$1 \$(CPUID_ASM_OBJ)/;
- $rules.=&do_asm_rule($cpuid_asm_obj,$cpuid_asm_src);
- }
- if ($aes_asm_obj ne "")
- {
- $lib_obj =~ s/\s(\S*\/aes_core\S*)/ \$(AES_ASM_OBJ)/;
- $lib_obj =~ s/\s\S*\/aes_cbc\S*//;
- $rules.=&do_asm_rule($aes_asm_obj,$aes_asm_src);
- }
- if ($sha1_asm_obj ne "")
- {
- $lib_obj =~ s/\s(\S*\/sha1dgst\S*)/ $1 \$(SHA1_ASM_OBJ)/;
- $rules.=&do_asm_rule($sha1_asm_obj,$sha1_asm_src);
- }
- if ($bn_asm_obj ne "")
- {
- $lib_obj =~ s/\s\S*\/bn_asm\S*/ \$(BN_ASM_OBJ)/;
- $rules.=&do_asm_rule($bn_asm_obj,$bn_asm_src);
- }
- if ($bnco_asm_obj ne "")
- {
- $lib_obj .= "\$(BNCO_ASM_OBJ)";
- $rules.=&do_asm_rule($bnco_asm_obj,$bnco_asm_src);
- }
- if ($des_enc_obj ne "")
- {
- $lib_obj =~ s/\s\S*des_enc\S*/ \$(DES_ENC_OBJ)/;
- $lib_obj =~ s/\s\S*\/fcrypt_b\S*\s*/ /;
- $rules.=&do_asm_rule($des_enc_obj,$des_enc_src);
- }
- }
- if (($bf_enc_obj ne "") && ($_ eq "CRYPTO"))
- {
- $lib_obj =~ s/\s\S*\/bf_enc\S*/ \$(BF_ENC_OBJ)/;
- $rules.=&do_asm_rule($bf_enc_obj,$bf_enc_src);
- }
- if (($cast_enc_obj ne "") && ($_ eq "CRYPTO"))
- {
- $lib_obj =~ s/(\s\S*\/c_enc\S*)/ \$(CAST_ENC_OBJ)/;
- $rules.=&do_asm_rule($cast_enc_obj,$cast_enc_src);
- }
- if (($rc4_enc_obj ne "") && ($_ eq "CRYPTO"))
- {
- $lib_obj =~ s/\s\S*\/rc4_enc\S*/ \$(RC4_ENC_OBJ)/;
- $rules.=&do_asm_rule($rc4_enc_obj,$rc4_enc_src);
- }
- if (($rc5_enc_obj ne "") && ($_ eq "CRYPTO"))
- {
- $lib_obj =~ s/\s\S*\/rc5_enc\S*/ \$(RC5_ENC_OBJ)/;
- $rules.=&do_asm_rule($rc5_enc_obj,$rc5_enc_src);
- }
- if (($md5_asm_obj ne "") && ($_ eq "CRYPTO"))
- {
- $lib_obj =~ s/\s(\S*\/md5_dgst\S*)/ $1 \$(MD5_ASM_OBJ)/;
- $rules.=&do_asm_rule($md5_asm_obj,$md5_asm_src);
- }
- if (($rmd160_asm_obj ne "") && ($_ eq "CRYPTO"))
- {
- $lib_obj =~ s/\s(\S*\/rmd_dgst\S*)/ $1 \$(RMD160_ASM_OBJ)/;
- $rules.=&do_asm_rule($rmd160_asm_obj,$rmd160_asm_src);
- }
$defs.=&do_defs(${_}."OBJ",$lib_obj,"\$(OBJ_D)",$obj);
$lib=($slib)?" \$(SHLIB_CFLAGS)".$shlib_ex_cflags{$_}:" \$(LIB_CFLAGS)";
$rules.=&do_compile_rule("\$(OBJ_D)",$lib_obj{$_},$lib);
@@ -866,9 +686,6 @@
\$(OBJ_D)\\\$(SSL).res: ms\\version32.rc
\$(RSC) /fo"\$(OBJ_D)\\\$(SSL).res" /d SSL ms\\version32.rc
-\$(OBJ_D)\\\$(LIBFIPS).res: ms\\version32.rc
- \$(RSC) /fo"\$(OBJ_D)\\\$(LIBFIPS).res" /d FIPS ms\\version32.rc
-
EOF
}
@@ -875,37 +692,12 @@
$defs.=&do_defs("T_EXE",$test,"\$(TEST_D)",$exep);
foreach (split(/\s+/,$test))
{
- my $t_libs;
$t=&bname($_);
- my $ltype;
- # Check to see if test program is FIPS
- if ($fips && /fips/)
- {
- # If fipsdso link to libosslfips.dll
- # otherwise perform static link to
- # $(O_FIPSCANISTER)
- if ($fipsdso)
- {
- $t_libs = "\$(L_FIPS)";
- $ltype = 0;
- }
- else
- {
- $t_libs = "\$(O_FIPSCANISTER)";
- $ltype = 2;
- }
- }
- else
- {
- $t_libs = "\$(L_LIBS)";
- $ltype = 0;
- }
-
$tt="\$(OBJ_D)${o}$t${obj}";
- $rules.=&do_link_rule("\$(TEST_D)$o$t$exep",$tt,"\$(LIBS_DEP)","$t_libs \$(EX_LIBS)", $ltype);
+ $rules.=&do_link_rule("\$(TEST_D)$o$t$exep",$tt,"\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)");
}
-$defs.=&do_defs("E_SHLIB",$engines,"\$(ENG_D)",$shlibp);
+$defs.=&do_defs("E_SHLIB",$engines . $otherlibs,"\$(ENG_D)",$shlibp);
foreach (split(/\s+/,$engines))
{
@@ -921,30 +713,15 @@
{
if ($shlib)
{
- if ($fipsdso)
- {
- $rules.= &do_lib_rule("\$(CRYPTOOBJ)",
- "\$(O_CRYPTO)", "$crypto",
- $shlib, "", "");
- $rules.= &do_lib_rule(
- "\$(O_FIPSCANISTER)",
- "\$(O_FIPS)", "\$(LIBFIPS)",
- $shlib, "\$(SO_CRYPTO)", "\$(BASEADDR)");
- $rules.= &do_sdef_rule();
- }
- else
- {
- $rules.= &do_lib_rule(
- "\$(CRYPTOOBJ) \$(O_FIPSCANISTER)",
+ $rules.= &do_lib_rule("\$(CRYPTOOBJ) \$(O_FIPSCANISTER)",
"\$(O_CRYPTO)", "$crypto",
$shlib, "\$(SO_CRYPTO)", "\$(BASEADDR)");
- }
}
else
{
$rules.= &do_lib_rule("\$(CRYPTOOBJ)",
"\$(O_CRYPTO)",$crypto,$shlib,"\$(SO_CRYPTO)", "");
- $rules.= &do_lib_rule("\$(CRYPTOOBJ) \$(FIPSOBJ)",
+ $rules.= &do_lib_rule("\$(CRYPTOOBJ) \$(O_FIPSCANISTER)",
"\$(LIB_D)$o$crypto_compat",$crypto,$shlib,"\$(SO_CRYPTO)", "");
}
}
@@ -954,28 +731,12 @@
"\$(SO_CRYPTO)");
}
-if ($fips)
+foreach (split(" ",$otherlibs))
{
- if ($fipscanisterbuild)
- {
- $rules.= &do_rlink_rule("\$(O_FIPSCANISTER)",
- "\$(OBJ_D)${o}fips_start$obj",
- "\$(FIPSOBJ)",
- "\$(OBJ_D)${o}fips_end$obj",
- "\$(FIPS_SHA1_EXE)", "");
- $rules.=&do_link_rule("\$(FIPS_SHA1_EXE)",
- "\$(OBJ_D)${o}fips_standalone_sha1$obj \$(OBJ_D)${o}sha1dgst$obj \$(SHA1_ASM_OBJ)",
- "","\$(EX_LIBS)", 1);
- }
- else
- {
- $rules.=&do_link_rule("\$(FIPS_SHA1_EXE)",
- "\$(OBJ_D)${o}fips_standalone_sha1$obj \$(O_FIPSCANISTER)",
- "","", 1);
+ my $uc = $_;
+ $uc =~ tr /a-z/A-Z/;
+ $rules.= &do_lib_rule("\$(${uc}OBJ)","\$(ENG_D)$o$_$shlibp", "", $shlib, "");
- }
- $rules.=&do_link_rule("\$(PREMAIN_DSO_EXE)","\$(OBJ_D)${o}\$(E_PREMAIN_DSO)$obj \$(CRYPTOOBJ) \$(O_FIPSCANISTER)","","\$(EX_LIBS)", 1);
-
}
$rules.=&do_link_rule("\$(BIN_D)$o\$(E_EXE)$exep","\$(E_OBJ)","\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)", ($fips && !$shlib) ? 2 : 0);
@@ -1015,9 +776,9 @@
return("") if $no_dsa && $dir =~ /\/dsa/;
return("") if $no_dh && $dir =~ /\/dh/;
return("") if $no_ec && $dir =~ /\/ec/;
+ return("") if $no_gost && $dir =~ /\/ccgost/;
return("") if $no_cms && $dir =~ /\/cms/;
return("") if $no_jpake && $dir =~ /\/jpake/;
- return("") if !$fips && $dir =~ /^fips/;
if ($no_des && $dir =~ /\/des/)
{
if ($val =~ /read_pwd/)
@@ -1029,6 +790,7 @@
return("") if $no_sock && $dir =~ /\/proxy/;
return("") if $no_bf && $dir =~ /\/bf/;
return("") if $no_cast && $dir =~ /\/cast/;
+ return("") if $no_whirlpool && $dir =~ /\/whrlpool/;
$val =~ s/^\s*(.*)\s*$/$1/;
@a=split(/\s+/,$val);
@@ -1046,8 +808,8 @@
@a=grep(!/^e_camellia$/, at a) if $no_camellia;
@a=grep(!/^e_seed$/, at a) if $no_seed;
- @a=grep(!/(^s2_)|(^s23_)/, at a) if $no_ssl2;
- @a=grep(!/(^s3_)|(^s23_)/, at a) if $no_ssl3;
+ #@a=grep(!/(^s2_)|(^s23_)/, at a) if $no_ssl2;
+ #@a=grep(!/(^s3_)|(^s23_)/, at a) if $no_ssl3;
@a=grep(!/(_sock$)|(_acpt$)|(_conn$)|(^pxy_)/, at a) if $no_sock;
@@ -1071,6 +833,8 @@
@a=grep(!/(^sha1)|(_sha1$)|(m_dss1$)/, at a) if $no_sha1;
@a=grep(!/_mdc2$/, at a) if $no_mdc2;
+ @a=grep(!/(srp)/, at a) if $no_srp;
+
@a=grep(!/^engine$/, at a) if $no_engine;
@a=grep(!/^hw$/, at a) if $no_hw;
@a=grep(!/(^rsa$)|(^genrsa$)/, at a) if $no_rsa;
@@ -1121,6 +885,7 @@
else { $pf=$postfix; }
if ($_ =~ /BN_ASM/) { $t="$_ "; }
elsif ($_ =~ /BNCO_ASM/){ $t="$_ "; }
+ elsif ($_ =~ /AES_ASM/){ $t="$_ "; }
elsif ($_ =~ /DES_ENC/) { $t="$_ "; }
elsif ($_ =~ /BF_ENC/) { $t="$_ "; }
elsif ($_ =~ /CAST_ENC/){ $t="$_ "; }
@@ -1128,8 +893,8 @@
elsif ($_ =~ /RC5_ENC/) { $t="$_ "; }
elsif ($_ =~ /MD5_ASM/) { $t="$_ "; }
elsif ($_ =~ /SHA1_ASM/){ $t="$_ "; }
- elsif ($_ =~ /AES_ASM/){ $t="$_ "; }
elsif ($_ =~ /RMD160_ASM/){ $t="$_ "; }
+ elsif ($_ =~ /WHIRLPOOL_ASM/){ $t="$_ "; }
elsif ($_ =~ /CPUID_ASM/){ $t="$_ "; }
else { $t="$location${o}$_$pf "; }
@@ -1157,6 +922,13 @@
return($ret);
}
+# return the leading path
+sub dname
+ {
+ my $ret=shift;
+ $ret =~ s/(^.*)[\\\/][^\\\/]+$/$1/;
+ return($ret);
+ }
##############################################################
# do a rule for each file that says 'compile' to new direcory
@@ -1164,13 +936,29 @@
sub do_compile_rule
{
local($to,$files,$ex)=@_;
- local($ret,$_,$n);
-
+ local($ret,$_,$n,$d,$s);
+
$files =~ s/\//$o/g if $o ne '/';
foreach (split(/\s+/,$files))
{
$n=&bname($_);
- $ret.=&cc_compile_target("$to${o}$n$obj","${_}.c",$ex)
+ $d=&dname($_);
+ if (-f "${_}.c")
+ {
+ $ret.=&cc_compile_target("$to${o}$n$obj","${_}.c",$ex)
+ }
+ elsif (-f ($s="${d}${o}asm${o}${n}.pl") or
+ ($s=~s/sha256/sha512/ and -f $s) or
+ -f ($s="${d}${o}${n}.pl"))
+ {
+ $ret.=&perlasm_compile_target("$to${o}$n$obj",$s,$n);
+ }
+ elsif (-f ($s="${d}${o}asm${o}${n}.S") or
+ -f ($s="${d}${o}${n}.S"))
+ {
+ $ret.=&Sasm_compile_target("$to${o}$n$obj",$s,$n);
+ }
+ else { die "no rule for $_"; }
}
return($ret);
}
@@ -1177,16 +965,43 @@
##############################################################
# do a rule for each file that says 'compile' to new direcory
+sub perlasm_compile_target
+ {
+ my($target,$source,$bname)=@_;
+ my($ret);
+
+ $bname =~ s/(.*)\.[^\.]$/$1/;
+ $ret ="\$(TMP_D)$o$bname.asm: $source\n";
+ $ret.="\t\$(PERL) $source $asmtype \$(CFLAG) >\$\@\n\n";
+ $ret.="$target: \$(TMP_D)$o$bname.asm\n";
+ $ret.="\t\$(ASM) $afile\$\@ \$(TMP_D)$o$bname.asm\n\n";
+ return($ret);
+ }
+
+sub Sasm_compile_target
+ {
+ my($target,$source,$bname)=@_;
+ my($ret);
+
+ $bname =~ s/(.*)\.[^\.]$/$1/;
+ $ret ="\$(TMP_D)$o$bname.asm: $source\n";
+ $ret.="\t\$(CC) -E \$(CFLAG) $source >\$\@\n\n";
+ $ret.="$target: \$(TMP_D)$o$bname.asm\n";
+ $ret.="\t\$(ASM) $afile\$\@ \$(TMP_D)$o$bname.asm\n\n";
+ return($ret);
+ }
+
sub cc_compile_target
{
- local($target,$source,$ex_flags)=@_;
+ local($target,$source,$ex_flags, $srcd)=@_;
local($ret);
$ex_flags.=" -DMK1MF_BUILD -D$platform_cpp_symbol" if ($source =~ /cversion/);
$target =~ s/\//$o/g if $o ne "/";
$source =~ s/\//$o/g if $o ne "/";
- $ret ="$target: \$(SRC_D)$o$source\n\t";
- $ret.="\$(CC) ${ofile}$target $ex_flags -c \$(SRC_D)$o$source\n\n";
+ $srcd = "\$(SRC_D)$o" unless defined $srcd;
+ $ret ="$target: $srcd$source\n\t";
+ $ret.="\$(CC) ${ofile}$target $ex_flags -c $srcd$source\n\n";
return($ret);
}
@@ -1199,13 +1014,25 @@
$target =~ s/\//$o/g if $o ne "/";
$src =~ s/\//$o/g if $o ne "/";
+ @t=split(/\s+/,$target);
@s=split(/\s+/,$src);
- @t=split(/\s+/,$target);
+
for ($i=0; $i<=$#s; $i++)
{
- $ret.="$t[$i]: $s[$i]\n";
- $ret.="\t\$(ASM) $afile$t[$i] \$(SRC_D)$o$s[$i]\n\n";
+ my $objfile = $t[$i];
+ my $srcfile = $s[$i];
+
+ if ($perl_asm == 1)
+ {
+ my $plasm = $objfile;
+ $plasm =~ s/${obj}/.pl/;
+ $ret.="$srcfile: $plasm\n";
+ $ret.="\t\$(PERL) $plasm $asmtype \$(CFLAG) >$srcfile\n\n";
+ }
+
+ $ret.="$objfile: $srcfile\n";
+ $ret.="\t\$(ASM) $afile$objfile \$(SRC_D)$o$srcfile\n\n";
}
return($ret);
}
@@ -1244,12 +1071,17 @@
return($ret);
}
+# Options picked up from the OPTIONS line in the top level Makefile
+# generated by Configure.
+
sub read_options
{
# Many options are handled in a similar way. In particular
# no-xxx sets zero or more scalars to 1.
- # Process these using a hash containing the option name and
- # reference to the scalars to set.
+ # Process these using the %valid_options hash containing the option
+ # name and reference to the scalars to set. In some cases the option
+ # needs no special handling and can be ignored: this is done by
+ # setting the value to 0.
my %valid_options = (
"no-rc2" => \$no_rc2,
@@ -1269,6 +1101,7 @@
"no-sha1" => \$no_sha1,
"no-ripemd" => \$no_ripemd,
"no-mdc2" => \$no_mdc2,
+ "no-whirlpool" => \$no_whirlpool,
"no-patents" =>
[\$no_rc2, \$no_rc4, \$no_rc5, \$no_idea, \$no_rsa],
"no-rsa" => \$no_rsa,
@@ -1277,16 +1110,18 @@
"no-hmac" => \$no_hmac,
"no-asm" => \$no_asm,
"nasm" => \$nasm,
- "ml64" => \$ml64,
"nw-nasm" => \$nw_nasm,
"nw-mwasm" => \$nw_mwasm,
"gaswin" => \$gaswin,
"no-ssl2" => \$no_ssl2,
"no-ssl3" => \$no_ssl3,
+ "no-ssl3-method" => 0,
"no-tlsext" => \$no_tlsext,
+ "no-srp" => \$no_srp,
"no-cms" => \$no_cms,
+ "no-ec2m" => \$no_ec2m,
"no-jpake" => \$no_jpake,
- "no-capieng" => \$no_capieng,
+ "no-ec_nistp_64_gcc_128" => 0,
"no-err" => \$no_err,
"no-sock" => \$no_sock,
"no-krb5" => \$no_krb5,
@@ -1293,13 +1128,15 @@
"no-ec" => \$no_ec,
"no-ecdsa" => \$no_ecdsa,
"no-ecdh" => \$no_ecdh,
+ "no-gost" => \$no_gost,
"no-engine" => \$no_engine,
"no-hw" => \$no_hw,
+ "no-rsax" => 0,
"just-ssl" =>
[\$no_rc2, \$no_idea, \$no_des, \$no_bf, \$no_cast,
\$no_md2, \$no_sha, \$no_mdc2, \$no_dsa, \$no_dh,
\$no_ssl2, \$no_err, \$no_ripemd, \$no_rc5,
- \$no_aes, \$no_camellia, \$no_seed],
+ \$no_aes, \$no_camellia, \$no_seed, \$no_srp],
"rsaref" => 0,
"gcc" => \$gcc,
"debug" => \$debug,
@@ -1307,15 +1144,17 @@
"shlib" => \$shlib,
"dll" => \$shlib,
"shared" => 0,
+ "no-sctp" => 0,
+ "no-srtp" => 0,
"no-gmp" => 0,
"no-rfc3779" => 0,
"no-montasm" => 0,
"no-shared" => 0,
+ "no-store" => 0,
+ "no-unit-test" => 0,
"no-zlib" => 0,
"no-zlib-dynamic" => 0,
- "fips" => \$fips,
- "fipscanisterbuild" => [\$fips, \$fipscanisterbuild],
- "fipsdso" => [\$fips, \$fipscanisterbuild, \$fipsdso],
+ "fips" => \$fips
);
if (exists $valid_options{$_})
@@ -1392,31 +1231,3 @@
else { return(0); }
return(1);
}
-
-sub fipslib_error
- {
- print STDERR "***FIPS module directory sanity check failed***\n";
- print STDERR "FIPS module build failed, or was deleted\n";
- print STDERR "Please rebuild FIPS module.\n";
- exit 1;
- }
-
-sub fips_check_files
- {
- my $dir = shift @_;
- my $ret = 1;
- if (!-d $dir)
- {
- print STDERR "FIPS module directory $dir does not exist\n";
- fipslib_error();
- }
- foreach (@_)
- {
- if (!-f "$dir${o}$_")
- {
- print STDERR "FIPS module file $_ does not exist!\n";
- $ret = 0;
- }
- }
- fipslib_error() if ($ret == 0);
- }
Copied: trunk/crypto/openssl/util/mkbuildinf.pl (from rev 7117, vendor-crypto/openssl/dist/util/mkbuildinf.pl)
===================================================================
--- trunk/crypto/openssl/util/mkbuildinf.pl (rev 0)
+++ trunk/crypto/openssl/util/mkbuildinf.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -0,0 +1,35 @@
+#!/usr/local/bin/perl
+
+my ($cflags, $platform) = @ARGV;
+
+$cflags = "compiler: $cflags";
+$date = localtime();
+print <<"END_OUTPUT";
+#ifndef MK1MF_BUILD
+ /* auto-generated by util/mkbuildinf.pl for crypto/cversion.c */
+ #define CFLAGS cflags
+ /*
+ * Generate CFLAGS as an array of individual characters. This is a
+ * workaround for the situation where CFLAGS gets too long for a C90 string
+ * literal
+ */
+ static const char cflags[] = {
+END_OUTPUT
+my $ctr = 0;
+foreach my $c (split //, $cflags) {
+ # Max 18 characters per line
+ if (($ctr++ % 18) == 0) {
+ if ($ctr != 1) {
+ print "\n";
+ }
+ print " ";
+ }
+ print "'$c',";
+}
+print <<"END_OUTPUT";
+'\\0'
+ };
+ #define PLATFORM "platform: $platform"
+ #define DATE "built on: $date"
+#endif
+END_OUTPUT
Modified: trunk/crypto/openssl/util/mkdef.pl
===================================================================
--- trunk/crypto/openssl/util/mkdef.pl 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/util/mkdef.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -78,13 +78,16 @@
# Set this to make typesafe STACK definitions appear in DEF
my $safe_stack_def = 0;
-my @known_platforms = ( "__FreeBSD__", "PERL5", "NeXT", "NETWARE",
- "EXPORT_VAR_AS_FUNCTION", "ZLIB", "OPENSSL_FIPS");
+my @known_platforms = ( "__FreeBSD__", "PERL5", "NeXT",
+ "EXPORT_VAR_AS_FUNCTION", "ZLIB", "OPENSSL_FIPS" );
my @known_ossl_platforms = ( "VMS", "WIN16", "WIN32", "WINNT", "OS2" );
my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF",
"CAST", "MD2", "MD4", "MD5", "SHA", "SHA0", "SHA1",
"SHA256", "SHA512", "RIPEMD",
- "MDC2", "RSA", "DSA", "DH", "EC", "ECDH", "ECDSA", "HMAC", "AES", "CAMELLIA", "SEED",
+ "MDC2", "WHIRLPOOL", "RSA", "DSA", "DH", "EC", "ECDH", "ECDSA", "EC2M",
+ "HMAC", "AES", "CAMELLIA", "SEED", "GOST",
+ # EC_NISTP_64_GCC_128
+ "EC_NISTP_64_GCC_128",
# Envelope "algorithms"
"EVP", "X509", "ASN1_TYPEDEFS",
# Helper "algorithms"
@@ -94,18 +97,32 @@
"FP_API", "STDIO", "SOCK", "KRB5", "DGRAM",
# Engines
"STATIC_ENGINE", "ENGINE", "HW", "GMP",
- # RFC3779 support
+ # RFC3779
"RFC3779",
- # TLS extension support
- "TLSEXT",
+ # TLS
+ "TLSEXT", "PSK", "SRP", "HEARTBEATS",
# CMS
"CMS",
# CryptoAPI Engine
"CAPIENG",
+ # SSL v2
+ "SSL2",
+ # SSL v3 method
+ "SSL3_METHOD",
# JPAKE
"JPAKE",
+ # NEXTPROTONEG
+ "NEXTPROTONEG",
# Deprecated functions
- "DEPRECATED" );
+ "DEPRECATED",
+ # Hide SSL internals
+ "SSL_INTERN",
+ # SCTP
+ "SCTP",
+ # SRTP
+ "SRTP",
+ # Unit testing
+ "UNIT_TEST");
my $options="";
open(IN,"<Makefile") || die "unable to open Makefile!\n";
@@ -118,16 +135,21 @@
# defined with ifndef(NO_XXX) are not included in the .def file, and everything
# in directory xxx is ignored.
my $no_rc2; my $no_rc4; my $no_rc5; my $no_idea; my $no_des; my $no_bf;
-my $no_cast;
+my $no_cast; my $no_whirlpool; my $no_camellia; my $no_seed;
my $no_md2; my $no_md4; my $no_md5; my $no_sha; my $no_ripemd; my $no_mdc2;
my $no_rsa; my $no_dsa; my $no_dh; my $no_hmac=0; my $no_aes; my $no_krb5;
-my $no_ec; my $no_ecdsa; my $no_ecdh; my $no_engine; my $no_hw; my $no_camellia;
-my $no_seed;
-my $no_fp_api; my $no_static_engine; my $no_gmp; my $no_deprecated;
-my $no_rfc3779; my $no_tlsext; my $no_cms; my $no_capieng; my $no_jpake;
+my $no_ec; my $no_ecdsa; my $no_ecdh; my $no_engine; my $no_hw;
+my $no_fp_api; my $no_static_engine=1; my $no_gmp; my $no_deprecated;
+my $no_rfc3779; my $no_psk; my $no_tlsext; my $no_cms; my $no_capieng;
+my $no_jpake; my $no_srp; my $no_ssl2; my $no_ec2m; my $no_nistp_gcc;
+my $no_nextprotoneg; my $no_sctp; my $no_srtp;
+my $no_unit_test; my $no_ssl3_method;
+
my $fips;
+my $zlib;
+
foreach (@ARGV, split(/ /, $options))
{
$debug=1 if $_ eq "debug";
@@ -148,10 +170,9 @@
$VMS=1 if $_ eq "VMS";
$OS2=1 if $_ eq "OS2";
$fips=1 if /^fips/;
-
- if ($_ eq "zlib" || $_ eq "zlib-dynamic"
- || $_ eq "enable-zlib-dynamic") {
- $zlib = 1;
+ if ($_ eq "zlib" || $_ eq "enable-zlib" || $_ eq "zlib-dynamic"
+ || $_ eq "enable-zlib-dynamic") {
+ $zlib = 1;
}
$do_ssl=1 if $_ eq "ssleay";
@@ -180,6 +201,7 @@
elsif (/^no-des$/) { $no_des=1; $no_mdc2=1; }
elsif (/^no-bf$/) { $no_bf=1; }
elsif (/^no-cast$/) { $no_cast=1; }
+ elsif (/^no-whirlpool$/) { $no_whirlpool=1; }
elsif (/^no-md2$/) { $no_md2=1; }
elsif (/^no-md4$/) { $no_md4=1; }
elsif (/^no-md5$/) { $no_md5=1; }
@@ -212,8 +234,17 @@
elsif (/^no-rfc3779$/) { $no_rfc3779=1; }
elsif (/^no-tlsext$/) { $no_tlsext=1; }
elsif (/^no-cms$/) { $no_cms=1; }
+ elsif (/^no-ec2m$/) { $no_ec2m=1; }
+ elsif (/^no-ec_nistp_64_gcc_128$/) { $no_nistp_gcc=1; }
+ elsif (/^no-nextprotoneg$/) { $no_nextprotoneg=1; }
+ elsif (/^no-ssl2$/) { $no_ssl2=1; }
+ elsif (/^no-ssl3-method$/) { $no_ssl3_method=1; }
elsif (/^no-capieng$/) { $no_capieng=1; }
elsif (/^no-jpake$/) { $no_jpake=1; }
+ elsif (/^no-srp$/) { $no_srp=1; }
+ elsif (/^no-sctp$/) { $no_sctp=1; }
+ elsif (/^no-srtp$/) { $no_srtp=1; }
+ elsif (/^no-unit-test$/){ $no_unit_test=1; }
}
@@ -250,9 +281,13 @@
my $ssl="ssl/ssl.h";
$ssl.=" ssl/kssl.h";
$ssl.=" ssl/tls1.h";
+$ssl.=" ssl/srtp.h";
my $crypto ="crypto/crypto.h";
+$crypto.=" crypto/cryptlib.h";
$crypto.=" crypto/o_dir.h";
+$crypto.=" crypto/o_str.h";
+$crypto.=" crypto/o_time.h";
$crypto.=" crypto/des/des.h crypto/des/des_old.h" ; # unless $no_des;
$crypto.=" crypto/idea/idea.h" ; # unless $no_idea;
$crypto.=" crypto/rc4/rc4.h" ; # unless $no_rc4;
@@ -260,6 +295,7 @@
$crypto.=" crypto/rc2/rc2.h" ; # unless $no_rc2;
$crypto.=" crypto/bf/blowfish.h" ; # unless $no_bf;
$crypto.=" crypto/cast/cast.h" ; # unless $no_cast;
+$crypto.=" crypto/whrlpool/whrlpool.h" ;
$crypto.=" crypto/md2/md2.h" ; # unless $no_md2;
$crypto.=" crypto/md4/md4.h" ; # unless $no_md4;
$crypto.=" crypto/md5/md5.h" ; # unless $no_md5;
@@ -278,6 +314,7 @@
$crypto.=" crypto/ecdsa/ecdsa.h" ; # unless $no_ecdsa;
$crypto.=" crypto/ecdh/ecdh.h" ; # unless $no_ecdh;
$crypto.=" crypto/hmac/hmac.h" ; # unless $no_hmac;
+$crypto.=" crypto/cmac/cmac.h" ; # unless $no_hmac;
$crypto.=" crypto/engine/engine.h"; # unless $no_engine;
$crypto.=" crypto/stack/stack.h" ; # unless $no_stack;
@@ -301,17 +338,18 @@
$crypto.=" crypto/x509/x509.h";
$crypto.=" crypto/x509/x509_vfy.h";
$crypto.=" crypto/x509v3/x509v3.h";
+$crypto.=" crypto/ts/ts.h";
$crypto.=" crypto/rand/rand.h";
$crypto.=" crypto/comp/comp.h" ; # unless $no_comp;
$crypto.=" crypto/ocsp/ocsp.h";
$crypto.=" crypto/ui/ui.h crypto/ui/ui_compat.h";
$crypto.=" crypto/krb5/krb5_asn.h";
-$crypto.=" crypto/tmdiff.h";
-$crypto.=" crypto/store/store.h";
+#$crypto.=" crypto/store/store.h";
$crypto.=" crypto/pqueue/pqueue.h";
$crypto.=" crypto/cms/cms.h";
$crypto.=" crypto/jpake/jpake.h";
-$crypto.=" fips/fips.h fips/rand/fips_rand.h";
+$crypto.=" crypto/modes/modes.h";
+$crypto.=" crypto/srp/srp.h";
my $symhacks="crypto/symhacks.h";
@@ -885,6 +923,7 @@
s/\{\}/\(\)/gs;
s/STACK_OF\(\)/void/gs;
+ s/LHASH_OF\(\)/void/gs;
print STDERR "DEBUG: \$_ = \"$_\"\n" if $debug;
if (/^\#INFO:([^:]*):(.*)$/) {
@@ -961,7 +1000,6 @@
$platform{"PEM_write_NS_CERT_SEQ"} = "VMS";
$platform{"PEM_read_P8_PRIV_KEY_INFO"} = "VMS";
$platform{"PEM_write_P8_PRIV_KEY_INFO"} = "VMS";
-
$platform{"EVP_sha384"} = "!VMSVAX";
$platform{"EVP_sha512"} = "!VMSVAX";
$platform{"SHA384_Init"} = "!VMSVAX";
@@ -974,8 +1012,13 @@
$platform{"SHA512_Update"} = "!VMSVAX";
$platform{"SHA512_Final"} = "!VMSVAX";
$platform{"SHA512"} = "!VMSVAX";
+ $platform{"WHIRLPOOL_Init"} = "!VMSVAX";
+ $platform{"WHIRLPOOL"} = "!VMSVAX";
+ $platform{"WHIRLPOOL_BitUpdate"} = "!VMSVAX";
+ $platform{"EVP_whirlpool"} = "!VMSVAX";
+ $platform{"WHIRLPOOL_Final"} = "!VMSVAX";
+ $platform{"WHIRLPOOL_Update"} = "!VMSVAX";
- $platform{"pqueue_print"} = "!VMSVAX";
# Info we know about
@@ -1100,9 +1143,9 @@
if ($platforms) {
# platforms
- if ($keyword eq "VMS" && $VMS) { return 1; }
if ($keyword eq "VMSVAX" && $VMSVAX) { return 1; }
if ($keyword eq "VMSNonVAX" && $VMSNonVAX) { return 1; }
+ if ($keyword eq "VMS" && $VMS) { return 1; }
if ($keyword eq "WIN32" && $W32) { return 1; }
if ($keyword eq "WIN16" && $W16) { return 1; }
if ($keyword eq "WINNT" && $NT) { return 1; }
@@ -1134,6 +1177,7 @@
if ($keyword eq "SHA" && $no_sha) { return 0; }
if ($keyword eq "RIPEMD" && $no_ripemd) { return 0; }
if ($keyword eq "MDC2" && $no_mdc2) { return 0; }
+ if ($keyword eq "WHIRLPOOL" && $no_whirlpool) { return 0; }
if ($keyword eq "RSA" && $no_rsa) { return 0; }
if ($keyword eq "DSA" && $no_dsa) { return 0; }
if ($keyword eq "DH" && $no_dh) { return 0; }
@@ -1160,9 +1204,20 @@
if ($keyword eq "GMP" && $no_gmp) { return 0; }
if ($keyword eq "RFC3779" && $no_rfc3779) { return 0; }
if ($keyword eq "TLSEXT" && $no_tlsext) { return 0; }
+ if ($keyword eq "PSK" && $no_psk) { return 0; }
if ($keyword eq "CMS" && $no_cms) { return 0; }
+ if ($keyword eq "EC2M" && $no_ec2m) { return 0; }
+ if ($keyword eq "NEXTPROTONEG" && $no_nextprotoneg) { return 0; }
+ if ($keyword eq "EC_NISTP_64_GCC_128" && $no_nistp_gcc)
+ { return 0; }
+ if ($keyword eq "SSL2" && $no_ssl2) { return 0; }
+ if ($keyword eq "SSL3_METHOD" && $no_ssl3_method) { return 0; }
if ($keyword eq "CAPIENG" && $no_capieng) { return 0; }
if ($keyword eq "JPAKE" && $no_jpake) { return 0; }
+ if ($keyword eq "SRP" && $no_srp) { return 0; }
+ if ($keyword eq "SCTP" && $no_sctp) { return 0; }
+ if ($keyword eq "SRTP" && $no_srtp) { return 0; }
+ if ($keyword eq "UNIT_TEST" && $no_unit_test) { return 0; }
if ($keyword eq "DEPRECATED" && $no_deprecated) { return 0; }
# Nothing recognise as true
Modified: trunk/crypto/openssl/util/mkerr.pl
===================================================================
--- trunk/crypto/openssl/util/mkerr.pl 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/util/mkerr.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,6 +1,7 @@
#!/usr/local/bin/perl -w
my $config = "crypto/err/openssl.ec";
+my $hprefix = "openssl/";
my $debug = 0;
my $rebuild = 0;
my $static = 1;
@@ -12,11 +13,16 @@
my $pack_errcode;
my $load_errcode;
+my $errcount;
+
while (@ARGV) {
my $arg = $ARGV[0];
if($arg eq "-conf") {
shift @ARGV;
$config = shift @ARGV;
+ } elsif($arg eq "-hprefix") {
+ shift @ARGV;
+ $hprefix = shift @ARGV;
} elsif($arg eq "-debug") {
$debug = 1;
shift @ARGV;
@@ -38,6 +44,71 @@
} elsif($arg eq "-write") {
$dowrite = 1;
shift @ARGV;
+ } elsif($arg eq "-help" || $arg eq "-h" || $arg eq "-?" || $arg eq "--help") {
+ print STDERR <<"EOF";
+mkerr.pl [options] ...
+
+Options:
+
+ -conf F Use the config file F instead of the default one:
+ crypto/err/openssl.ec
+
+ -hprefix P Prepend the filenames in generated #include <header>
+ statements with prefix P. Default: 'openssl/' (without
+ the quotes, naturally)
+
+ -debug Turn on debugging verbose output on stderr.
+
+ -rebuild Rebuild all header and C source files, irrespective of the
+ fact if any error or function codes have been added/removed.
+ Default: only update files for libraries which saw change
+ (of course, this requires '-write' as well, or no
+ files will be touched!)
+
+ -recurse scan a preconfigured set of directories / files for error and
+ function codes:
+ (<crypto/*.c>, <crypto/*/*.c>, <ssl/*.c>, <apps/*.c>)
+ When this option is NOT specified, the filelist is taken from
+ the commandline instead. Here, wildcards may be embedded. (Be
+ sure to escape those to prevent the shell from expanding them
+ for you when you wish mkerr.pl to do so instead.)
+ Default: take file list to scan from the command line.
+
+ -reindex Discard the numeric values previously assigned to the error
+ and function codes as extracted from the scanned header files;
+ instead renumber all of them starting from 100. (Note that
+ the numbers assigned through 'R' records in the config file
+ remain intact.)
+ Default: keep previously assigned numbers. (You are warned
+ when collisions are detected.)
+
+ -nostatic Generates a different source code, where these additional
+ functions are generated for each library specified in the
+ config file:
+ void ERR_load_<LIB>_strings(void);
+ void ERR_unload_<LIB>_strings(void);
+ void ERR_<LIB>_error(int f, int r, char *fn, int ln);
+ #define <LIB>err(f,r) ERR_<LIB>_error(f,r,__FILE__,__LINE__)
+ while the code facilitates the use of these in an environment
+ where the error support routines are dynamically loaded at
+ runtime.
+ Default: 'static' code generation.
+
+ -staticloader Prefix generated functions with the 'static' scope modifier.
+ Default: don't write any scope modifier prefix.
+
+ -write Actually (over)write the generated code to the header and C
+ source files as assigned to each library through the config
+ file.
+ Default: don't write.
+
+ -help / -h / -? / --help Show this help text.
+
+ ... Additional arguments are added to the file list to scan,
+ assuming '-recurse' was NOT specified on the command line.
+
+EOF
+ exit 1;
} else {
last;
}
@@ -44,8 +115,7 @@
}
if($recurse) {
- @source = ( <crypto/*.c>, <crypto/*/*.c>, <ssl/*.c>,
- <fips/*.c>, <fips/*/*.c>);
+ @source = (<crypto/*.c>, <crypto/*/*.c>, <ssl/*.c>);
} else {
@source = @ARGV;
}
@@ -64,8 +134,8 @@
$cskip{$3} = $1;
if($3 ne "NONE") {
$csrc{$1} = $3;
- $fmax{$1} = 99;
- $rmax{$1} = 99;
+ $fmax{$1} = 100;
+ $rmax{$1} = 100;
$fassigned{$1} = ":";
$rassigned{$1} = ":";
$fnew{$1} = 0;
@@ -191,7 +261,8 @@
if($1 eq "R") {
$rcodes{$name} = $code;
if ($rassigned{$lib} =~ /:$code:/) {
- print STDERR "!! ERROR: $lib reason code $code assigned twice\n";
+ print STDERR "!! ERROR: $lib reason code $code assigned twice (collision at $name)\n";
+ ++$errcount;
}
$rassigned{$lib} .= "$code:";
if(!(exists $rextra{$name}) &&
@@ -200,7 +271,8 @@
}
} else {
if ($fassigned{$lib} =~ /:$code:/) {
- print STDERR "!! ERROR: $lib function code $code assigned twice\n";
+ print STDERR "!! ERROR: $lib function code $code assigned twice (collision at $name)\n";
+ ++$errcount;
}
$fassigned{$lib} .= "$code:";
if($code > $fmax{$lib}) {
@@ -231,6 +303,7 @@
if ($rmax{$lib} >= 1000) {
print STDERR "!! ERROR: SSL error codes 1000+ are reserved for alerts.\n";
print STDERR "!! Any new alerts must be added to $config.\n";
+ ++$errcount;
print STDERR "\n";
}
}
@@ -255,6 +328,9 @@
print STDERR "File loaded: ".$file."\r" if $debug;
open(IN, "<$file") || die "Can't open source file $file\n";
while(<IN>) {
+ # skip obsoleted source files entirely!
+ last if(/^#error\s+obsolete/);
+
if(/(([A-Z0-9]+)_F_([A-Z0-9_]+))/) {
next unless exists $csrc{$2};
next if($1 eq "BIO_F_BUFFER_CTX");
@@ -264,6 +340,7 @@
$fnew{$2}++;
}
$notrans{$1} = 1 unless exists $ftrans{$3};
+ print STDERR "Function: $1\t= $fcodes{$1} (lib: $2, name: $3)\n" if $debug;
}
if(/(([A-Z0-9]+)_R_[A-Z0-9_]+)/) {
next unless exists $csrc{$2};
@@ -272,6 +349,7 @@
$rcodes{$1} = "X";
$rnew{$2}++;
}
+ print STDERR "Reason: $1\t= $rcodes{$1} (lib: $2)\n" if $debug;
}
}
close IN;
@@ -369,6 +447,10 @@
"#ifndef HEADER_${lib}_ERR_H\n",
"#define HEADER_${lib}_ERR_H\n",
"\n",
+"#ifdef __cplusplus\n",
+"extern \"C\" {\n",
+"#endif\n",
+"\n",
"/* BEGIN ERROR CODES */\n";
}
open (OUT, ">$hfile") || die "Can't Open File $hfile for writing\n";
@@ -457,9 +539,14 @@
chomp;
$_ = $line . $_;
$line = "";
- if (/{ERR_REASON\(/) {
+ if (/{ERR_(FUNC|REASON)\(/) {
if (/\b(${lib}_R_\w*)\b.*\"(.*)\"/) {
$err_reason_strings{$1} = $2;
+ } elsif (/\b${lib}_F_(\w*)\b.*\"(.*)\"/) {
+ if (!exists $ftrans{$1} && ($1 ne $2)) {
+ print STDERR "WARNING: Mismatched function string $2\n";
+ $ftrans{$1} = $2;
+ }
} else {
$line = $_;
}
@@ -468,10 +555,11 @@
close(IN);
}
+
my $hincf;
if($static) {
$hfile =~ /([^\/]+)$/;
- $hincf = "<openssl/$1>";
+ $hincf = "<${hprefix}$1>";
} else {
$hincf = "\"$hfile\"";
}
@@ -721,3 +809,9 @@
print STDERR "$_\n";
}
}
+
+if($errcount) {
+ print STDERR "There were errors, failing...\n\n";
+ exit $errcount;
+}
+
Modified: trunk/crypto/openssl/util/mkfiles.pl
===================================================================
--- trunk/crypto/openssl/util/mkfiles.pl 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/util/mkfiles.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -15,6 +15,7 @@
"crypto/sha",
"crypto/mdc2",
"crypto/hmac",
+"crypto/cmac",
"crypto/ripemd",
"crypto/des",
"crypto/rc2",
@@ -26,6 +27,7 @@
"crypto/aes",
"crypto/camellia",
"crypto/seed",
+"crypto/modes",
"crypto/bn",
"crypto/rsa",
"crypto/dsa",
@@ -46,6 +48,7 @@
"crypto/pem",
"crypto/x509",
"crypto/x509v3",
+"crypto/cms",
"crypto/conf",
"crypto/jpake",
"crypto/txt_db",
@@ -56,25 +59,21 @@
"crypto/ocsp",
"crypto/ui",
"crypto/krb5",
-"crypto/store",
+#"crypto/store",
"crypto/pqueue",
-"crypto/cms",
-"fips",
-"fips/aes",
-"fips/des",
-"fips/dsa",
-"fips/dh",
-"fips/hmac",
-"fips/rand",
-"fips/rsa",
-"fips/sha",
+"crypto/whrlpool",
+"crypto/ts",
+"crypto/srp",
"ssl",
"apps",
"engines",
+"engines/ccgost",
"test",
"tools"
);
+%top;
+
foreach (@dirs) {
&files_dir ($_, "Makefile");
}
@@ -118,8 +117,8 @@
$o =~ s/\s+$//;
$o =~ s/\s+/ /g;
- $o =~ s/\$[({]([^)}]+)[)}]/$sym{$1}/g;
- $sym{$s}=$o;
+ $o =~ s/\$[({]([^)}]+)[)}]/$top{$1} or $sym{$1}/ge;
+ $sym{$s}=($top{$s} or $o);
}
}
@@ -129,6 +128,15 @@
{
print "$_=$sym{$_}\n";
}
+if ($dir eq "." && defined($sym{"BUILDENV"}))
+ {
+ foreach (split(' ',$sym{"BUILDENV"}))
+ {
+ /^(.+)=/;
+ $top{$1}=$sym{$1};
+ }
+ }
+
print "RELATIVE_DIRECTORY=\n";
close (IN);
Modified: trunk/crypto/openssl/util/mklink.pl
===================================================================
--- trunk/crypto/openssl/util/mklink.pl 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/util/mklink.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -15,21 +15,13 @@
# Apart from this, this script should be able to handle even the most
# pathological cases.
-my $pwd;
-eval 'use Cwd;';
-if ($@)
- {
- $pwd = `pwd`;
- }
-else
- {
- $pwd = getcwd();
- }
+use Cwd;
my $from = shift;
my @files = @ARGV;
my @from_path = split(/[\\\/]/, $from);
+my $pwd = getcwd();
chomp($pwd);
my @pwd_path = split(/[\\\/]/, $pwd);
@@ -59,6 +51,7 @@
my $file;
$symlink_exists=eval {symlink("",""); 1};
+if ($^O eq "msys") { $symlink_exists=0 };
foreach $file (@files) {
my $err = "";
if ($symlink_exists) {
Deleted: trunk/crypto/openssl/util/mksdef.pl
===================================================================
--- trunk/crypto/openssl/util/mksdef.pl 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/util/mksdef.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,87 +0,0 @@
-
-# Perl script to split libeay32.def into two distinct DEF files for use in
-# fipdso mode. It works out symbols in each case by running "link" command and
-# parsing the output to find the list of missing symbols then splitting
-# libeay32.def based on the result.
-
-
-# Get list of unknown symbols
-
-my @deferr = `link @ARGV`;
-
-my $preamble = "";
-my @fipsdll;
-my @fipsrest;
-my %nosym;
-
-# Add symbols to a hash for easy lookup
-
-foreach (@deferr)
- {
- if (/^.*symbol (\S+)$/)
- {
- $nosym{$1} = 1;
- }
- }
-
-open (IN, "ms/libeay32.def") || die "Can't Open DEF file for spliting";
-
-my $started = 0;
-
-# Parse libeay32.def into two arrays depending on whether the symbol matches
-# the missing list.
-
-
-foreach (<IN>)
- {
- if (/^\s*(\S+)\s*(\@\S+)\s*$/)
- {
- $started = 1;
- if (exists $nosym{$1})
- {
- push @fipsrest, $_;
- }
- else
- {
- my $imptmp = sprintf " %-39s %s\n",
- "$1=libosslfips.$1", $2;
- push @fipsrest, $imptmp;
- push @fipsdll, "\t$1\n";
- }
- }
- $preamble .= $_ unless $started;
- }
-
-close IN;
-
-# Hack! Add some additional exports needed for libcryptofips.dll
-#
-
-push @fipsdll, "\tOPENSSL_showfatal\n";
-push @fipsdll, "\tOPENSSL_cpuid_setup\n";
-
-# Write out DEF files for each array
-
-write_def("ms/libosslfips.def", "LIBOSSLFIPS", $preamble, \@fipsdll);
-write_def("ms/libeayfips.def", "", $preamble, \@fipsrest);
-
-
-sub write_def
- {
- my ($fnam, $defname, $preamble, $rdefs) = @_;
- open (OUT, ">$fnam") || die "Can't Open DEF file $fnam for Writing\n";
-
- if ($defname ne "")
- {
- $preamble =~ s/LIBEAY32/$defname/g;
- $preamble =~ s/LIBEAY/$defname/g;
- }
- print OUT $preamble;
- foreach (@$rdefs)
- {
- print OUT $_;
- }
- close OUT;
- }
-
-
Modified: trunk/crypto/openssl/util/mkstack.pl
===================================================================
--- trunk/crypto/openssl/util/mkstack.pl 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/util/mkstack.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -21,7 +21,7 @@
}
- at source = (<crypto/*.[ch]>, <crypto/*/*.[ch]>, <ssl/*.[ch]>);
+ at source = (<crypto/*.[ch]>, <crypto/*/*.[ch]>, <ssl/*.[ch]>, <apps/*.[ch]>);
foreach $file (@source) {
next if -l $file;
@@ -31,11 +31,19 @@
while(<IN>) {
if (/^DECLARE_STACK_OF\(([^)]+)\)/) {
push @stacklst, $1;
- } if (/^DECLARE_ASN1_SET_OF\(([^)]+)\)/) {
+ }
+ if (/^DECLARE_SPECIAL_STACK_OF\(([^,\s]+)\s*,\s*([^>\s]+)\)/) {
+ push @sstacklst, [$1, $2];
+ }
+ if (/^DECLARE_ASN1_SET_OF\(([^)]+)\)/) {
push @asn1setlst, $1;
- } if (/^DECLARE_PKCS12_STACK_OF\(([^)]+)\)/) {
+ }
+ if (/^DECLARE_PKCS12_STACK_OF\(([^)]+)\)/) {
push @p12stklst, $1;
}
+ if (/^DECLARE_LHASH_OF\(([^)]+)\)/) {
+ push @lhashlst, $1;
+ }
}
close(IN);
}
@@ -65,7 +73,7 @@
foreach $type_thing (sort @stacklst) {
$new_stackfile .= <<EOF;
-#define sk_${type_thing}_new(st) SKM_sk_new($type_thing, (st))
+#define sk_${type_thing}_new(cmp) SKM_sk_new($type_thing, (cmp))
#define sk_${type_thing}_new_null() SKM_sk_new_null($type_thing)
#define sk_${type_thing}_free(st) SKM_sk_free($type_thing, (st))
#define sk_${type_thing}_num(st) SKM_sk_num($type_thing, (st))
@@ -88,6 +96,39 @@
#define sk_${type_thing}_is_sorted(st) SKM_sk_is_sorted($type_thing, (st))
EOF
}
+
+ foreach $type_thing (sort @sstacklst) {
+ my $t1 = $type_thing->[0];
+ my $t2 = $type_thing->[1];
+ $new_stackfile .= <<EOF;
+
+#define sk_${t1}_new(cmp) ((STACK_OF($t1) *)sk_new(CHECKED_SK_CMP_FUNC($t2, cmp)))
+#define sk_${t1}_new_null() ((STACK_OF($t1) *)sk_new_null())
+#define sk_${t1}_push(st, val) sk_push(CHECKED_STACK_OF($t1, st), CHECKED_PTR_OF($t2, val))
+#define sk_${t1}_find(st, val) sk_find(CHECKED_STACK_OF($t1, st), CHECKED_PTR_OF($t2, val))
+#define sk_${t1}_value(st, i) (($t1)sk_value(CHECKED_STACK_OF($t1, st), i))
+#define sk_${t1}_num(st) SKM_sk_num($t1, st)
+#define sk_${t1}_pop_free(st, free_func) sk_pop_free(CHECKED_STACK_OF($t1, st), CHECKED_SK_FREE_FUNC2($t1, free_func))
+#define sk_${t1}_insert(st, val, i) sk_insert(CHECKED_STACK_OF($t1, st), CHECKED_PTR_OF($t2, val), i)
+#define sk_${t1}_free(st) SKM_sk_free(${t1}, st)
+#define sk_${t1}_set(st, i, val) sk_set(CHECKED_STACK_OF($t1, st), i, CHECKED_PTR_OF($t2, val))
+#define sk_${t1}_zero(st) SKM_sk_zero($t1, (st))
+#define sk_${t1}_unshift(st, val) sk_unshift(CHECKED_STACK_OF($t1, st), CHECKED_PTR_OF($t2, val))
+#define sk_${t1}_find_ex(st, val) sk_find_ex((_STACK *)CHECKED_CONST_PTR_OF(STACK_OF($t1), st), CHECKED_CONST_PTR_OF($t2, val))
+#define sk_${t1}_delete(st, i) SKM_sk_delete($t1, (st), (i))
+#define sk_${t1}_delete_ptr(st, ptr) ($t1 *)sk_delete_ptr(CHECKED_STACK_OF($t1, st), CHECKED_PTR_OF($t2, ptr))
+#define sk_${t1}_set_cmp_func(st, cmp) \\
+ ((int (*)(const $t2 * const *,const $t2 * const *)) \\
+ sk_set_cmp_func(CHECKED_STACK_OF($t1, st), CHECKED_SK_CMP_FUNC($t2, cmp)))
+#define sk_${t1}_dup(st) SKM_sk_dup($t1, st)
+#define sk_${t1}_shift(st) SKM_sk_shift($t1, (st))
+#define sk_${t1}_pop(st) ($t2 *)sk_pop(CHECKED_STACK_OF($t1, st))
+#define sk_${t1}_sort(st) SKM_sk_sort($t1, (st))
+#define sk_${t1}_is_sorted(st) SKM_sk_is_sorted($t1, (st))
+
+EOF
+ }
+
foreach $type_thing (sort @asn1setlst) {
$new_stackfile .= <<EOF;
@@ -108,6 +149,31 @@
SKM_PKCS12_decrypt_d2i($type_thing, (algor), (d2i_func), (free_func), (pass), (passlen), (oct), (seq))
EOF
}
+
+ foreach $type_thing (sort @lhashlst) {
+ my $lc_tt = lc $type_thing;
+ $new_stackfile .= <<EOF;
+
+#define lh_${type_thing}_new() LHM_lh_new(${type_thing},${lc_tt})
+#define lh_${type_thing}_insert(lh,inst) LHM_lh_insert(${type_thing},lh,inst)
+#define lh_${type_thing}_retrieve(lh,inst) LHM_lh_retrieve(${type_thing},lh,inst)
+#define lh_${type_thing}_delete(lh,inst) LHM_lh_delete(${type_thing},lh,inst)
+#define lh_${type_thing}_doall(lh,fn) LHM_lh_doall(${type_thing},lh,fn)
+#define lh_${type_thing}_doall_arg(lh,fn,arg_type,arg) \\
+ LHM_lh_doall_arg(${type_thing},lh,fn,arg_type,arg)
+#define lh_${type_thing}_error(lh) LHM_lh_error(${type_thing},lh)
+#define lh_${type_thing}_num_items(lh) LHM_lh_num_items(${type_thing},lh)
+#define lh_${type_thing}_down_load(lh) LHM_lh_down_load(${type_thing},lh)
+#define lh_${type_thing}_node_stats_bio(lh,out) \\
+ LHM_lh_node_stats_bio(${type_thing},lh,out)
+#define lh_${type_thing}_node_usage_stats_bio(lh,out) \\
+ LHM_lh_node_usage_stats_bio(${type_thing},lh,out)
+#define lh_${type_thing}_stats_bio(lh,out) \\
+ LHM_lh_stats_bio(${type_thing},lh,out)
+#define lh_${type_thing}_free(lh) LHM_lh_free(${type_thing},lh)
+EOF
+ }
+
$new_stackfile .= "/* End of util/mkstack.pl block, you may now edit :-) */\n";
$inside_block = 2;
}
Modified: trunk/crypto/openssl/util/pl/BC-32.pl
===================================================================
--- trunk/crypto/openssl/util/pl/BC-32.pl 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/util/pl/BC-32.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -18,7 +18,7 @@
$tmp_def="tmp32";
$inc_def="inc32";
#enable max error messages, disable most common warnings
-$cflags="-DWIN32_LEAN_AND_MEAN -q -w-ccc -w-rch -w-pia -w-aus -w-par -w-inl -c -tWC -tWM -DOPENSSL_SYSNAME_WIN32 -DL_ENDIAN -DDSO_WIN32 -D_stricmp=stricmp -D_strnicmp=strnicmp ";
+$cflags="-DWIN32_LEAN_AND_MEAN -q -w-ccc -w-rch -w-pia -w-aus -w-par -w-inl -c -tWC -tWM -DOPENSSL_SYSNAME_WIN32 -DL_ENDIAN -DDSO_WIN32 -D_stricmp=stricmp -D_strnicmp=strnicmp -D_timeb=timeb -D_ftime=ftime ";
if ($debug)
{
$cflags.="-Od -y -v -vi- -D_DEBUG";
@@ -38,7 +38,7 @@
$exep='.exe';
if ($no_sock)
{ $ex_libs=""; }
-else { $ex_libs="cw32mt.lib import32.lib"; }
+else { $ex_libs="cw32mt.lib import32.lib crypt32.lib ws2_32.lib"; }
# static library stuff
$mklib='tlib /P64';
@@ -51,8 +51,8 @@
$shlib_ex_obj="";
$app_ex_obj="c0x32.obj";
-$asm='nasmw -f obj -d__omf__';
-$asm.=" /Zi" if $debug;
+$asm=(`nasm -v 2>NUL` ge `nasmw -v 2>NUL`?"nasm":"nasmw")." -f obj -d__omf__";
+$asm.=" -g" if $debug;
$afile='-o';
$bn_mulw_obj='';
@@ -117,7 +117,7 @@
else
{
local($ex)=($target =~ /O_SSL/)?' $(L_CRYPTO)':'';
- $ex.=' wsock32.lib gdi32.lib';
+ $ex.=' ws2_32.lib gdi32.lib';
$ret.="\t\$(LINK) \$(MLFLAGS) $efile$target /def:ms/${Name}.def @<<\n \$(SHLIB_EX_OBJ) $objs $ex\n<<\n";
}
$ret.="\n";
@@ -130,7 +130,7 @@
local($ret,$_);
$file =~ s/\//$o/g if $o ne '/';
- $n=&bname($targer);
+ $n=&bname($target);
$ret.="$target: $files $dep_libs\n";
$ret.="\t\$(LINK) \$(LFLAGS) $files \$(APP_EX_OBJ), $target,, $libs\n\n";
return($ret);
Modified: trunk/crypto/openssl/util/pl/Mingw32.pl
===================================================================
--- trunk/crypto/openssl/util/pl/Mingw32.pl 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/util/pl/Mingw32.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -19,7 +19,7 @@
if ($debug)
{ $cflags="-DL_ENDIAN -DDSO_WIN32 -g2 -ggdb"; }
else
- { $cflags="-DL_ENDIAN -DDSO_WIN32 -fomit-frame-pointer -O3 -march=i486 -Wall"; }
+ { $cflags="-DL_ENDIAN -DDSO_WIN32 -fomit-frame-pointer -O3 -mcpu=i486 -Wall"; }
if ($gaswin and !$no_asm)
{
@@ -43,8 +43,6 @@
$rmd160_asm_src='crypto/ripemd/asm/rm-win32.s';
$sha1_asm_obj='$(OBJ_D)\s1-win32.o';
$sha1_asm_src='crypto/sha/asm/s1-win32.s';
- $cpuid_asm_obj='$(OBJ_D)\cpu-win32.o';
- $cpuid_asm_src='crypto/cpu-win32.s';
$cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM -DOPENSSL_BN_ASM_PART_WORDS";
}
@@ -57,7 +55,7 @@
$lflags='${CFLAGS}';
$efile='-o ';
$exep='';
-$ex_libs="-lwsock32 -lgdi32";
+$ex_libs="-lws2_32 -lgdi32";
# static library stuff
$mklib='ar r';
Modified: trunk/crypto/openssl/util/pl/VC-32.pl
===================================================================
--- trunk/crypto/openssl/util/pl/VC-32.pl 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/util/pl/VC-32.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -4,6 +4,7 @@
#
$ssl= "ssleay32";
+$crypto="libeay32";
if ($fips && !$shlib)
{
@@ -15,11 +16,6 @@
$crypto="libeay32";
}
-if ($fipscanisterbuild)
- {
- $fips_canister_path = "\$(LIB_D)\\fipscanister.lib";
- }
-
$o='\\';
$cp='$(PERL) util/copy.pl';
$mkdir='$(PERL) util/mkdir-p.pl';
@@ -31,6 +27,8 @@
$l_flags =~ s/-L("\[^"]+")/\/libpath:$1/g;
$l_flags =~ s/-L(\S+)/\/libpath:$1/g;
+my $ff = "";
+
# C compiler stuff
$cc='cl';
if ($FLAVOR =~ /WIN64/)
@@ -46,14 +44,28 @@
# per 0.9.8 release remaining warnings were explicitly examined and
# considered safe to ignore.
#
- $base_cflags=' /W3 /Gs0 /GF /Gy /nologo -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDSO_WIN32 -DOPENSSL_SYSNAME_WIN32 -DOPENSSL_SYSNAME_WINNT -DUNICODE -D_UNICODE';
- $base_cflags.=' -D_CRT_SECURE_NO_DEPRECATE'; # shut up VC8
- $base_cflags.=' -D_CRT_NONSTDC_NO_DEPRECATE'; # shut up VC8
+ $base_cflags= " $mf_cflag";
my $f = $shlib || $fips ?' /MD':' /MT';
$lib_cflag='/Zl' if (!$shlib); # remove /DEFAULTLIBs from static lib
$opt_cflags=$f.' /Ox';
$dbg_cflags=$f.'d /Od -DDEBUG -D_DEBUG';
$lflags="/nologo /subsystem:console /opt:ref";
+
+ *::perlasm_compile_target = sub {
+ my ($target,$source,$bname)=@_;
+ my $ret;
+
+ $bname =~ s/(.*)\.[^\.]$/$1/;
+ $ret=<<___;
+\$(TMP_D)$o$bname.asm: $source
+ set ASM=\$(ASM)
+ \$(PERL) $source \$\@
+
+$target: \$(TMP_D)$o$bname.asm
+ \$(ASM) $afile\$\@ \$(TMP_D)$o$bname.asm
+
+___
+ }
}
elsif ($FLAVOR =~ /CE/)
{
@@ -103,19 +115,20 @@
}
$cc='$(CC)';
- $base_cflags=' /W3 /WX /GF /Gy /nologo -DUNICODE -D_UNICODE -DOPENSSL_SYSNAME_WINCE -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDSO_WIN32 -DNO_CHMOD -I$(WCECOMPAT)/include -DOPENSSL_SMALL_FOOTPRINT';
+ $base_cflags=' /W3 /WX /GF /Gy /nologo -DUNICODE -D_UNICODE -DOPENSSL_SYSNAME_WINCE -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDSO_WIN32 -DNO_CHMOD -DOPENSSL_SMALL_FOOTPRINT';
$base_cflags.=" $wcecdefs";
+ $base_cflags.=' -I$(WCECOMPAT)/include' if (defined($ENV{'WCECOMPAT'}));
+ $base_cflags.=' -I$(PORTSDK_LIBPATH)/../../include' if (defined($ENV{'PORTSDK_LIBPATH'}));
$opt_cflags=' /MC /O1i'; # optimize for space, but with intrinsics...
- $dbg_clfags=' /MC /Od -DDEBUG -D_DEBUG';
+ $dbg_cflags=' /MC /Od -DDEBUG -D_DEBUG';
$lflags="/nologo /opt:ref $wcelflag";
}
else # Win32
{
- $base_cflags=' /W3 /WX /Gs0 /GF /Gy /nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDSO_WIN32';
- $base_cflags.=' -D_CRT_SECURE_NO_DEPRECATE'; # shut up VC8
- $base_cflags.=' -D_CRT_NONSTDC_NO_DEPRECATE'; # shut up VC8
+ $base_cflags= " $mf_cflag";
my $f = $shlib || $fips ?' /MD':' /MT';
$lib_cflag='/Zl' if (!$shlib); # remove /DEFAULTLIBs from static lib
+ $ff = "/fixed";
$opt_cflags=$f.' /Ox /O2 /Ob2';
$dbg_cflags=$f.'d /Od -DDEBUG -D_DEBUG';
$lflags="/nologo /subsystem:console /opt:ref";
@@ -122,15 +135,15 @@
}
$mlflags='';
-$out_def="out32"; $out_def.='_$(TARGETCPU)' if ($FLAVOR =~ /CE/);
-$tmp_def="tmp32"; $tmp_def.='_$(TARGETCPU)' if ($FLAVOR =~ /CE/);
+$out_def ="out32"; $out_def.="dll" if ($shlib);
+ $out_def.='_$(TARGETCPU)' if ($FLAVOR =~ /CE/);
+$tmp_def ="tmp32"; $tmp_def.="dll" if ($shlib);
+ $tmp_def.='_$(TARGETCPU)' if ($FLAVOR =~ /CE/);
$inc_def="inc32";
if ($debug)
{
- $cflags=$dbg_cflags.$base_cflags.' /Zi';
- $lflags.=" /debug";
- $mlflags.=' /debug';
+ $cflags=$dbg_cflags.$base_cflags;
}
else
{
@@ -137,7 +150,13 @@
$cflags=$opt_cflags.$base_cflags;
}
+# generate symbols.pdb unconditionally
+$app_cflag.=" /Zi /Fd\$(TMP_D)/app";
+$lib_cflag.=" /Zi /Fd\$(TMP_D)/lib";
+$lflags.=" /debug";
+
$obj='.obj';
+$asm_suffix='.asm';
$ofile="/Fo";
# EXE linking stuff
@@ -147,39 +166,23 @@
$exep='.exe';
if ($no_sock) { $ex_libs=''; }
elsif ($FLAVOR =~ /CE/) { $ex_libs='winsock.lib'; }
-else { $ex_libs='wsock32.lib'; }
+else { $ex_libs='ws2_32.lib'; }
-my $oflow;
-
-
-if ($FLAVOR =~ /WIN64/ and `cl 2>&1` =~ /14\.00\.4[0-9]{4}\./)
- {
- $oflow=' bufferoverflowu.lib';
- }
-else
- {
- $oflow="";
- }
-
if ($FLAVOR =~ /CE/)
{
- $ex_libs.=' $(WCECOMPAT)/lib/wcecompatex.lib';
+ $ex_libs.=' $(WCECOMPAT)/lib/wcecompatex.lib' if (defined($ENV{'WCECOMPAT'}));
+ $ex_libs.=' $(PORTSDK_LIBPATH)/portlib.lib' if (defined($ENV{'PORTSDK_LIBPATH'}));
$ex_libs.=' /nodefaultlib:oldnames.lib coredll.lib corelibc.lib' if ($ENV{'TARGETCPU'} eq "X86");
}
else
{
- $ex_libs.=' gdi32.lib crypt32.lib advapi32.lib user32.lib';
- $ex_libs.= $oflow;
-
+ $ex_libs.=' gdi32.lib advapi32.lib crypt32.lib user32.lib';
+ $ex_libs.=' bufferoverflowu.lib' if ($FLAVOR =~ /WIN64/ and `cl 2>&1` =~ /14\.00\.4[0-9]{4}\./);
+ # WIN32 UNICODE build gets linked with unicows.lib for
+ # backward compatibility with Win9x.
+ $ex_libs="unicows.lib $ex_libs" if ($FLAVOR =~ /WIN32/ and $cflags =~ /\-DUNICODE/);
}
-# As native NT API is pure UNICODE, our WIN-NT build defaults to UNICODE,
-# but gets linked with unicows.lib to ensure backward compatibility.
-if ($FLAVOR =~ /NT/)
- {
- $cflags.=" -DOPENSSL_SYSNAME_WINNT -DUNICODE -D_UNICODE";
- $ex_libs="unicows.lib $ex_libs";
- }
# static library stuff
$mklib='lib /nologo';
$ranlib='';
@@ -190,23 +193,30 @@
$shlib_ex_obj="";
$app_ex_obj="setargv.obj" if ($FLAVOR !~ /CE/);
-if ($nasm) {
+if ($FLAVOR =~ /WIN64A/) {
+ if (`nasm -v 2>NUL` =~ /NASM version ([0-9]+\.[0-9]+)/ && $1 >= 2.0) {
+ $asm='nasm -f win64 -DNEAR -Ox -g';
+ $afile='-o ';
+ } else {
+ $asm='ml64 /c /Cp /Cx /Zi';
+ $afile='/Fo';
+ }
+} elsif ($FLAVOR =~ /WIN64I/) {
+ $asm='ias -d debug';
+ $afile="-o ";
+} elsif ($nasm) {
my $ver=`nasm -v 2>NUL`;
my $vew=`nasmw -v 2>NUL`;
# pick newest version
- $asm=($ver gt $vew?"nasm":"nasmw")." -f win32";
+ $asm=($ver ge $vew?"nasm":"nasmw")." -f win32";
+ $asmtype="win32n";
$afile='-o ';
-} elsif ($ml64) {
- $asm='ml64 /c /Cp /Cx';
- $asm.=' /Zi' if $debug;
- $afile='/Fo';
} else {
- $asm='ml /nologo /Cp /coff /c /Cx';
- $asm.=" /Zi" if $debug;
+ $asm='ml /nologo /Cp /coff /c /Cx /Zi';
$afile='/Fo';
+ $asmtype="win32";
}
-$aes_asm_obj='';
$bn_asm_obj='';
$bn_asm_src='';
$des_enc_obj='';
@@ -215,56 +225,26 @@
$bf_enc_src='';
if (!$no_asm)
- {
- if ($FLAVOR =~ "WIN32")
{
- $aes_asm_obj='crypto\aes\asm\a_win32.obj';
- $aes_asm_src='crypto\aes\asm\a_win32.asm';
- $bn_asm_obj='crypto\bn\asm\bn_win32.obj crypto\bn\asm\mt_win32.obj';
- $bn_asm_src='crypto\bn\asm\bn_win32.asm crypto\bn\asm\mt_win32.asm';
- $bnco_asm_obj='crypto\bn\asm\co_win32.obj';
- $bnco_asm_src='crypto\bn\asm\co_win32.asm';
- $des_enc_obj='crypto\des\asm\d_win32.obj crypto\des\asm\y_win32.obj';
- $des_enc_src='crypto\des\asm\d_win32.asm crypto\des\asm\y_win32.asm';
- $bf_enc_obj='crypto\bf\asm\b_win32.obj';
- $bf_enc_src='crypto\bf\asm\b_win32.asm';
- $cast_enc_obj='crypto\cast\asm\c_win32.obj';
- $cast_enc_src='crypto\cast\asm\c_win32.asm';
- $rc4_enc_obj='crypto\rc4\asm\r4_win32.obj';
- $rc4_enc_src='crypto\rc4\asm\r4_win32.asm';
- $rc5_enc_obj='crypto\rc5\asm\r5_win32.obj';
- $rc5_enc_src='crypto\rc5\asm\r5_win32.asm';
- $md5_asm_obj='crypto\md5\asm\m5_win32.obj';
- $md5_asm_src='crypto\md5\asm\m5_win32.asm';
- $sha1_asm_obj='crypto\sha\asm\s1_win32.obj crypto\sha\asm\sha512-sse2.obj';
- $sha1_asm_src='crypto\sha\asm\s1_win32.asm crypto\sha\asm\sha512-sse2.asm';
- $rmd160_asm_obj='crypto\ripemd\asm\rm_win32.obj';
- $rmd160_asm_src='crypto\ripemd\asm\rm_win32.asm';
- $cpuid_asm_obj='crypto\cpu_win32.obj';
- $cpuid_asm_src='crypto\cpu_win32.asm';
- $cflags.=" -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DAES_ASM -DBN_ASM -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_BN_ASM_MONT -DMD5_ASM -DSHA1_ASM -DRMD160_ASM";
+ win32_import_asm($mf_bn_asm, "bn", \$bn_asm_obj, \$bn_asm_src);
+ win32_import_asm($mf_aes_asm, "aes", \$aes_asm_obj, \$aes_asm_src);
+ win32_import_asm($mf_des_asm, "des", \$des_enc_obj, \$des_enc_src);
+ win32_import_asm($mf_bf_asm, "bf", \$bf_enc_obj, \$bf_enc_src);
+ win32_import_asm($mf_cast_asm, "cast", \$cast_enc_obj, \$cast_enc_src);
+ win32_import_asm($mf_rc4_asm, "rc4", \$rc4_enc_obj, \$rc4_enc_src);
+ win32_import_asm($mf_rc5_asm, "rc5", \$rc5_enc_obj, \$rc5_enc_src);
+ win32_import_asm($mf_md5_asm, "md5", \$md5_asm_obj, \$md5_asm_src);
+ win32_import_asm($mf_sha_asm, "sha", \$sha1_asm_obj, \$sha1_asm_src);
+ win32_import_asm($mf_rmd_asm, "ripemd", \$rmd160_asm_obj, \$rmd160_asm_src);
+ win32_import_asm($mf_wp_asm, "whrlpool", \$whirlpool_asm_obj, \$whirlpool_asm_src);
+ win32_import_asm($mf_cpuid_asm, "", \$cpuid_asm_obj, \$cpuid_asm_src);
+ $perl_asm = 1;
}
- elsif ($FLAVOR =~ "WIN64A")
- {
- $aes_asm_obj='$(OBJ_D)\aes-x86_64.obj';
- $aes_asm_src='crypto\aes\asm\aes-x86_64.asm';
- $bn_asm_obj='$(OBJ_D)\x86_64-mont.obj $(OBJ_D)\bn_asm.obj';
- $bn_asm_src='crypto\bn\asm\x86_64-mont.asm';
- $sha1_asm_obj='$(OBJ_D)\sha1-x86_64.obj $(OBJ_D)\sha256-x86_64.obj $(OBJ_D)\sha512-x86_64.obj';
- $sha1_asm_src='crypto\sha\asm\sha1-x86_64.asm crypto\sha\asm\sha256-x86_64.asm crypto\sha\asm\sha512-x86_64.asm';
- $cpuid_asm_obj='$(OBJ_D)\cpuid-x86_64.obj';
- $cpuid_asm_src='crypto\cpuid-x86_64.asm';
- $cflags.=" -DOPENSSL_CPUID_OBJ -DAES_ASM -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM";
- }
- }
if ($shlib && $FLAVOR !~ /CE/)
{
$mlflags.=" $lflags /dll";
-# $cflags =~ s| /MD| /MT|;
- $lib_cflag=" -D_WINDLL";
- $out_def="out32dll";
- $tmp_def="tmp32dll";
+ $lib_cflag.=" -D_WINDLL";
#
# Engage Applink...
#
@@ -284,8 +264,8 @@
EXHEADER= $(EXHEADER) $(INCO_D)\applink.c
LIBS_DEP=$(LIBS_DEP) $(OBJ_D)\applink.obj
+CRYPTOOBJ=$(OBJ_D)\uplink.obj $(CRYPTOOBJ)
___
-$banner .= "CRYPTOOBJ=\$(OBJ_D)\\uplink.obj \$(CRYPTOOBJ)\n";
$banner.=<<'___' if ($FLAVOR =~ /WIN64/);
CRYPTOOBJ=ms\uptable.obj $(CRYPTOOBJ)
___
@@ -293,13 +273,10 @@
elsif ($shlib && $FLAVOR =~ /CE/)
{
$mlflags.=" $lflags /dll";
- $lib_cflag=" -D_WINDLL -D_DLL";
- $out_def='out32dll_$(TARGETCPU)';
- $tmp_def='tmp32dll_$(TARGETCPU)';
+ $lflags.=' /entry:mainCRTstartup' if(defined($ENV{'PORTSDK_LIBPATH'}));
+ $lib_cflag.=" -D_WINDLL -D_DLL";
}
-$cflags.=" /Fd$out_def";
-
sub do_lib_rule
{
my($objs,$target,$name,$shlib,$ign,$base_addr) = @_;
@@ -315,12 +292,8 @@
{
$base_arg = "";
}
- if ($target =~ /O_CRYPTO/ && $fipsdso)
+ if ($name ne "")
{
- $name = "/def:ms/libeayfips.def";
- }
- elsif ($name ne "")
- {
$name =~ tr/a-z/A-Z/;
$name = "/def:ms/${name}.def";
}
@@ -330,60 +303,17 @@
if (!$shlib)
{
# $ret.="\t\$(RM) \$(O_$Name)\n";
- $ex =' ';
$ret.="$target: $objs\n";
- $ret.="\t\$(MKLIB) $lfile$target @<<\n $objs $ex\n<<\n";
+ $ret.="\t\$(MKLIB) $lfile$target @<<\n $objs\n<<\n";
}
else
{
- my $ex = "";
- if ($target !~ /O_CRYPTO/)
- {
- $ex .= " \$(L_CRYPTO)";
- #$ex .= " \$(L_FIPS)" if $fipsdso;
- }
- my $fipstarget;
- if ($fipsdso)
- {
- $fipstarget = "O_FIPS";
- }
- else
- {
- $fipstarget = "O_CRYPTO";
- }
-
-
- if ($name eq "")
- {
- $ex.= $oflow;
- if ($target =~ /capi/)
- {
- $ex.=' crypt32.lib advapi32.lib';
- }
- }
- elsif ($FLAVOR =~ /CE/)
- {
- $ex.=' winsock.lib $(WCECOMPAT)/lib/wcecompatex.lib';
- }
- else
- {
- $ex.=' unicows.lib' if ($FLAVOR =~ /NT/);
- $ex.=' wsock32.lib gdi32.lib advapi32.lib user32.lib';
- $ex.=' crypt32.lib';
- $ex.= $oflow;
- }
+ local($ex)=($target =~ /O_CRYPTO/)?'':' $(L_CRYPTO)';
$ex.=" $zlib_lib" if $zlib_opt == 1 && $target =~ /O_CRYPTO/;
- if ($fips && $target =~ /$fipstarget/)
+ if ($fips && $target =~ /O_CRYPTO/)
{
- $ex.= $mwex unless $fipscanisterbuild;
$ret.="$target: $objs \$(PREMAIN_DSO_EXE)";
- if ($fipsdso)
- {
- $ex.=" \$(OBJ_D)\\\$(LIBFIPS).res";
- $ret.=" \$(OBJ_D)\\\$(LIBFIPS).res";
- $ret.=" ms/\$(LIBFIPS).def";
- }
$ret.="\n\tSET FIPS_LINK=\$(LINK)\n";
$ret.="\tSET FIPS_CC=\$(CC)\n";
$ret.="\tSET FIPS_CC_ARGS=/Fo\$(OBJ_D)${o}fips_premain.obj \$(SHLIB_CFLAGS) -c\n";
@@ -391,22 +321,16 @@
$ret.="\tSET FIPS_SHA1_EXE=\$(FIPS_SHA1_EXE)\n";
$ret.="\tSET FIPS_TARGET=$target\n";
$ret.="\tSET FIPSLIB_D=\$(FIPSLIB_D)\n";
- $ret.="\t\$(FIPSLINK) \$(MLFLAGS) /fixed /map $base_arg $efile$target ";
- $ret.="$name @<<\n \$(SHLIB_EX_OBJ) $objs ";
+ $ret.="\t\$(FIPSLINK) \$(MLFLAGS) $ff /map $base_arg $efile$target ";
+ $ret.="$name @<<\n \$(SHLIB_EX_OBJ) $objs \$(EX_LIBS) ";
$ret.="\$(OBJ_D)${o}fips_premain.obj $ex\n<<\n";
}
else
{
$ret.="$target: $objs";
- if ($target =~ /O_CRYPTO/ && $fipsdso)
- {
- $ret .= " \$(O_FIPS)";
- $ex .= " \$(L_FIPS)";
- }
- $ret.="\n\t\$(LINK) \$(MLFLAGS) $efile$target $name @<<\n \$(SHLIB_EX_OBJ) $objs $ex\n<<\n";
+ $ret.="\n\t\$(LINK) \$(MLFLAGS) $efile$target $name @<<\n \$(SHLIB_EX_OBJ) $objs $ex \$(EX_LIBS)\n<<\n";
}
-
- $ret.="\tIF EXIST \$@.manifest mt -nologo -manifest \$@.manifest -outputresource:\$@;2\n\n";
+ $ret.="\tIF EXIST \$@.manifest mt -nologo -manifest \$@.manifest -outputresource:\$@;2\n\n";
}
$ret.="\n";
return($ret);
@@ -417,7 +341,7 @@
my($target,$files,$dep_libs,$libs,$standalone)=@_;
local($ret,$_);
$file =~ s/\//$o/g if $o ne '/';
- $n=&bname($targer);
+ $n=&bname($target);
$ret.="$target: $files $dep_libs\n";
if ($standalone == 1)
{
@@ -434,7 +358,7 @@
$ret.="\tSET FIPS_TARGET=$target\n";
$ret.="\tSET FIPS_SHA1_EXE=\$(FIPS_SHA1_EXE)\n";
$ret.="\tSET FIPSLIB_D=\$(FIPSLIB_D)\n";
- $ret.="\t\$(FIPSLINK) \$(LFLAGS) /fixed /map $efile$target @<<\n";
+ $ret.="\t\$(FIPSLINK) \$(LFLAGS) $ff /map $efile$target @<<\n";
$ret.="\t\$(APP_EX_OBJ) $files \$(OBJ_D)${o}fips_premain.obj $libs\n<<\n";
}
else
@@ -446,32 +370,31 @@
return($ret);
}
-sub do_rlink_rule
+sub win32_import_asm
{
- local($target,$rl_start, $rl_mid, $rl_end,$dep_libs,$libs)=@_;
- local($ret,$_);
- my $files = "$rl_start $rl_mid $rl_end";
+ my ($mf_var, $asm_name, $oref, $sref) = @_;
+ my $asm_dir;
+ if ($asm_name eq "")
+ {
+ $asm_dir = "crypto\\";
+ }
+ else
+ {
+ $asm_dir = "crypto\\$asm_name\\asm\\";
+ }
- $file =~ s/\//$o/g if $o ne '/';
- $n=&bname($targer);
- $ret.="$target: $files $dep_libs \$(FIPS_SHA1_EXE)\n";
- $ret.="\t\$(PERL) ms\\segrenam.pl \$\$a $rl_start\n";
- $ret.="\t\$(PERL) ms\\segrenam.pl \$\$b $rl_mid\n";
- $ret.="\t\$(PERL) ms\\segrenam.pl \$\$c $rl_end\n";
- $ret.="\t\$(MKLIB) $lfile$target @<<\n\t$files\n<<\n";
- $ret.="\t\$(FIPS_SHA1_EXE) $target > ${target}.sha1\n";
- $ret.="\t\$(PERL) util${o}copy.pl -stripcr fips${o}fips_premain.c \$(LIB_D)${o}fips_premain.c\n";
- $ret.="\t\$(CP) fips${o}fips_premain.c.sha1 \$(LIB_D)${o}fips_premain.c.sha1\n";
- $ret.="\n";
- return($ret);
- }
+ $$oref = "";
+ $mf_var =~ s/\.o$/.obj/g;
-sub do_sdef_rule
- {
- my $ret = "ms/\$(LIBFIPS).def: \$(O_FIPSCANISTER)\n";
- $ret.="\t\$(PERL) util/mksdef.pl \$(MLFLAGS) /out:dummy.dll /def:ms/libeay32.def @<<\n \$(O_FIPSCANISTER)\n<<\n";
- $ret.="\n";
- return $ret;
+ foreach (split(/ /, $mf_var))
+ {
+ $$oref .= $asm_dir . $_ . " ";
+ }
+ $$oref =~ s/ $//;
+ $$sref = $$oref;
+ $$sref =~ s/\.obj/.asm/g;
+
}
+
1;
Modified: trunk/crypto/openssl/util/pl/netware.pl
===================================================================
--- trunk/crypto/openssl/util/pl/netware.pl 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/util/pl/netware.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -131,13 +131,14 @@
# assembler
if ($nw_nasm)
{
+ $asm=(`nasm -v 2>NUL` gt `nasmw -v 2>NUL`?"nasm":"nasmw");
if ($gnuc)
{
- $asm="nasmw -s -f elf";
+ $asm.=" -s -f elf";
}
else
{
- $asm="nasmw -s -f coff";
+ $asm.=" -s -f coff -d __coff__";
}
$afile="-o ";
$asm.=" -g" if $debug;
@@ -211,7 +212,7 @@
# Turned off the "possible" warnings ( -w nopossible ). Metrowerks
# complained a lot about various stuff. May want to turn back
# on for further development.
- $cflags.=" -nostdinc -ir crypto -ir engines -ir apps -I$include_path \\
+ $cflags.=" -nostdinc -ir crypto -ir ssl -ir engines -ir apps -I$include_path \\
-msgstyle gcc -align 4 -processor pentium -char unsigned \\
-w on -w nolargeargs -w nopossible -w nounusedarg -w nounusedexpr \\
-w noimplicitconv -relax_pointers -nosyspath -maxerrors 20";
@@ -323,13 +324,16 @@
$rc5_enc_src="crypto${o}rc5${o}asm${o}r5-nw.asm";
$md5_asm_obj="\$(OBJ_D)${o}m5-nw${obj}";
$md5_asm_src="crypto${o}md5${o}asm${o}m5-nw.asm";
- $sha1_asm_obj="\$(OBJ_D)${o}s1-nw${obj}";
- $sha1_asm_src="crypto${o}sha${o}asm${o}s1-nw.asm";
+ $sha1_asm_obj="\$(OBJ_D)${o}s1-nw${obj} \$(OBJ_D)${o}sha256-nw${obj} \$(OBJ_D)${o}sha512-nw${obj}";
+ $sha1_asm_src="crypto${o}sha${o}asm${o}s1-nw.asm crypto${o}sha${o}asm${o}sha256-nw.asm crypto${o}sha${o}asm${o}sha512-nw.asm";
$rmd160_asm_obj="\$(OBJ_D)${o}rm-nw${obj}";
$rmd160_asm_src="crypto${o}ripemd${o}asm${o}rm-nw.asm";
+ $whirlpool_asm_obj="\$(OBJ_D)${o}wp-nw${obj}";
+ $whirlpool_asm_src="crypto${o}whrlpool${o}asm${o}wp-nw.asm";
$cpuid_asm_obj="\$(OBJ_D)${o}x86cpuid-nw${obj}";
$cpuid_asm_src="crypto${o}x86cpuid-nw.asm";
- $cflags.=" -DOPENSSL_CPUID_OBJ -DBN_ASM -DOPENSSL_BN_ASM_PART_WORDS -DMD5_ASM -DSHA1_ASM";
+ $cflags.=" -DOPENSSL_CPUID_OBJ -DBN_ASM -DOPENSSL_BN_ASM_PART_WORDS -DMD5_ASM -DWHIRLPOOL_ASM";
+ $cflags.=" -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM";
$cflags.=" -DAES_ASM -DRMD160_ASM";
}
else
@@ -356,6 +360,8 @@
$sha1_asm_src='';
$rmd160_asm_obj='';
$rmd160_asm_src='';
+ $whirlpool_asm_obj='';
+ $whirlpool_asm_src='';
$cpuid_asm_obj='';
$cpuid_asm_src='';
}
Modified: trunk/crypto/openssl/util/point.sh
===================================================================
--- trunk/crypto/openssl/util/point.sh 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/util/point.sh 2015-07-21 23:23:45 UTC (rev 7118)
@@ -1,7 +1,7 @@
#!/bin/sh
rm -f "$2"
-if test "$OSTYPE" = msdosdjgpp; then
+if test "$OSTYPE" = msdosdjgpp || test "x$PLATFORM" = xmingw ; then
cp "$1" "$2"
else
ln -s "$1" "$2"
Modified: trunk/crypto/openssl/util/selftest.pl
===================================================================
--- trunk/crypto/openssl/util/selftest.pl 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/util/selftest.pl 2015-07-21 23:23:45 UTC (rev 7118)
@@ -78,7 +78,7 @@
print "Checking compiler...\n";
if (open(TEST,">cctest.c")) {
- print TEST "#include <stdio.h>\n#include <errno.h>\nmain(){printf(\"Hello world\\n\");}\n";
+ print TEST "#include <stdio.h>\n#include <stdlib.h>\n#include <errno.h>\nmain(){printf(\"Hello world\\n\");}\n";
close(TEST);
system("$cc -o cctest cctest.c");
if (`./cctest` !~ /Hello world/) {
@@ -96,7 +96,7 @@
print OUT "Can't create cctest.c\n";
}
if (open(TEST,">cctest.c")) {
- print TEST "#include <openssl/opensslv.h>\nmain(){printf(OPENSSL_VERSION_TEXT);}\n";
+ print TEST "#include <stdio.h>\n#include <stdlib.h>\n#include <openssl/opensslv.h>\nmain(){printf(OPENSSL_VERSION_TEXT);}\n";
close(TEST);
system("$cc -o cctest -Iinclude cctest.c");
$cctest = `./cctest`;
Modified: trunk/crypto/openssl/util/shlib_wrap.sh
===================================================================
--- trunk/crypto/openssl/util/shlib_wrap.sh 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/util/shlib_wrap.sh 2015-07-21 23:23:45 UTC (rev 7118)
@@ -88,4 +88,10 @@
export LD_PRELOAD _RLD_LIST DYLD_INSERT_LIBRARIES
fi
-exec "$@"
+cmd="$1${EXE_EXT}"
+shift
+if [ $# -eq 0 ]; then
+ exec "$cmd" # old sh, such as Tru64 4.x, fails to expand empty "$@"
+else
+ exec "$cmd" "$@"
+fi
Modified: trunk/crypto/openssl/util/ssleay.num
===================================================================
--- trunk/crypto/openssl/util/ssleay.num 2015-07-21 15:38:55 UTC (rev 7117)
+++ trunk/crypto/openssl/util/ssleay.num 2015-07-21 23:23:45 UTC (rev 7118)
@@ -98,12 +98,12 @@
SSLv23_client_method 110 EXIST::FUNCTION:RSA
SSLv23_method 111 EXIST::FUNCTION:RSA
SSLv23_server_method 112 EXIST::FUNCTION:RSA
-SSLv2_client_method 113 EXIST::FUNCTION:RSA
-SSLv2_method 114 EXIST::FUNCTION:RSA
-SSLv2_server_method 115 EXIST::FUNCTION:RSA
-SSLv3_client_method 116 EXIST::FUNCTION:
-SSLv3_method 117 EXIST::FUNCTION:
-SSLv3_server_method 118 EXIST::FUNCTION:
+SSLv2_client_method 113 EXIST::FUNCTION:RSA,SSL2
+SSLv2_method 114 EXIST::FUNCTION:RSA,SSL2
+SSLv2_server_method 115 EXIST::FUNCTION:RSA,SSL2
+SSLv3_client_method 116 EXIST::FUNCTION:SSL3_METHOD
+SSLv3_method 117 EXIST::FUNCTION:SSL3_METHOD
+SSLv3_server_method 118 EXIST::FUNCTION:SSL3_METHOD
d2i_SSL_SESSION 119 EXIST::FUNCTION:
i2d_SSL_SESSION 120 EXIST::FUNCTION:
BIO_f_ssl 121 EXIST::FUNCTION:BIO
@@ -117,8 +117,8 @@
SSL_CIPHER_get_version 129 EXIST::FUNCTION:
SSL_CIPHER_get_name 130 EXIST::FUNCTION:
BIO_ssl_shutdown 131 EXIST::FUNCTION:BIO
-SSL_SESSION_cmp 132 EXIST::FUNCTION:
-SSL_SESSION_hash 133 EXIST::FUNCTION:
+SSL_SESSION_cmp 132 NOEXIST::FUNCTION:
+SSL_SESSION_hash 133 NOEXIST::FUNCTION:
SSL_SESSION_get_time 134 EXIST::FUNCTION:
SSL_SESSION_set_time 135 EXIST::FUNCTION:
SSL_SESSION_get_timeout 136 EXIST::FUNCTION:
@@ -181,6 +181,7 @@
SSL_CTX_set_session_id_context 231 EXIST::FUNCTION:
SSL_CTX_set_cert_verify_callback 232 EXIST:!VMS:FUNCTION:
SSL_CTX_set_cert_verify_cb 232 EXIST:VMS:FUNCTION:
+SSL_test_functions 233 EXIST::FUNCTION:UNIT_TEST
SSL_CTX_set_default_passwd_cb_userdata 235 EXIST:!VMS:FUNCTION:
SSL_CTX_set_def_passwd_cb_ud 235 EXIST:VMS:FUNCTION:
SSL_set_purpose 236 EXIST::FUNCTION:
@@ -242,3 +243,81 @@
SSL_get_servername 291 EXIST::FUNCTION:TLSEXT
SSL_get_servername_type 292 EXIST::FUNCTION:TLSEXT
SSL_CTX_set_client_cert_engine 293 EXIST::FUNCTION:ENGINE
+SSL_CTX_use_psk_identity_hint 294 EXIST::FUNCTION:PSK
+SSL_CTX_set_psk_client_callback 295 EXIST::FUNCTION:PSK
+PEM_write_bio_SSL_SESSION 296 EXIST::FUNCTION:
+SSL_get_psk_identity_hint 297 EXIST::FUNCTION:PSK
+SSL_set_psk_server_callback 298 EXIST::FUNCTION:PSK
+SSL_use_psk_identity_hint 299 EXIST::FUNCTION:PSK
+SSL_set_psk_client_callback 300 EXIST::FUNCTION:PSK
+PEM_read_SSL_SESSION 301 EXIST:!WIN16:FUNCTION:
+PEM_read_bio_SSL_SESSION 302 EXIST::FUNCTION:
+SSL_CTX_set_psk_server_callback 303 EXIST::FUNCTION:PSK
+SSL_get_psk_identity 304 EXIST::FUNCTION:PSK
+PEM_write_SSL_SESSION 305 EXIST:!WIN16:FUNCTION:
+SSL_set_session_ticket_ext 306 EXIST::FUNCTION:
+SSL_set_session_secret_cb 307 EXIST::FUNCTION:
+SSL_set_session_ticket_ext_cb 308 EXIST::FUNCTION:
+SSL_set1_param 309 EXIST::FUNCTION:
+SSL_CTX_set1_param 310 EXIST::FUNCTION:
+SSL_tls1_key_exporter 311 NOEXIST::FUNCTION:
+SSL_renegotiate_abbreviated 312 EXIST::FUNCTION:
+TLSv1_1_method 313 EXIST::FUNCTION:
+TLSv1_1_client_method 314 EXIST::FUNCTION:
+TLSv1_1_server_method 315 EXIST::FUNCTION:
+SSL_CTX_set_srp_client_pwd_callback 316 EXIST:!VMS:FUNCTION:SRP
+SSL_CTX_set_srp_client_pwd_cb 316 EXIST:VMS:FUNCTION:SRP
+SSL_get_srp_g 317 EXIST::FUNCTION:SRP
+SSL_CTX_set_srp_username_callback 318 EXIST:!VMS:FUNCTION:SRP
+SSL_CTX_set_srp_un_cb 318 EXIST:VMS:FUNCTION:SRP
+SSL_get_srp_userinfo 319 EXIST::FUNCTION:SRP
+SSL_set_srp_server_param 320 EXIST::FUNCTION:SRP
+SSL_set_srp_server_param_pw 321 EXIST::FUNCTION:SRP
+SSL_get_srp_N 322 EXIST::FUNCTION:SRP
+SSL_get_srp_username 323 EXIST::FUNCTION:SRP
+SSL_CTX_set_srp_password 324 EXIST::FUNCTION:SRP
+SSL_CTX_set_srp_strength 325 EXIST::FUNCTION:SRP
+SSL_CTX_set_srp_verify_param_callback 326 EXIST:!VMS:FUNCTION:SRP
+SSL_CTX_set_srp_vfy_param_cb 326 EXIST:VMS:FUNCTION:SRP
+SSL_CTX_set_srp_miss_srp_un_cb 327 NOEXIST::FUNCTION:
+SSL_CTX_set_srp_missing_srp_username_callback 327 NOEXIST::FUNCTION:
+SSL_CTX_set_srp_cb_arg 328 EXIST::FUNCTION:SRP
+SSL_CTX_set_srp_username 329 EXIST::FUNCTION:SRP
+SSL_CTX_SRP_CTX_init 330 EXIST::FUNCTION:SRP
+SSL_SRP_CTX_init 331 EXIST::FUNCTION:SRP
+SRP_Calc_A_param 332 EXIST::FUNCTION:SRP
+SRP_generate_server_master_secret 333 EXIST:!VMS:FUNCTION:SRP
+SRP_gen_server_master_secret 333 EXIST:VMS:FUNCTION:SRP
+SSL_CTX_SRP_CTX_free 334 EXIST::FUNCTION:SRP
+SRP_generate_client_master_secret 335 EXIST:!VMS:FUNCTION:SRP
+SRP_gen_client_master_secret 335 EXIST:VMS:FUNCTION:SRP
+SSL_srp_server_param_with_username 336 EXIST:!VMS:FUNCTION:SRP
+SSL_srp_server_param_with_un 336 EXIST:VMS:FUNCTION:SRP
+SRP_have_to_put_srp_username 337 NOEXIST::FUNCTION:
+SSL_SRP_CTX_free 338 EXIST::FUNCTION:SRP
+SSL_set_debug 339 EXIST::FUNCTION:
+SSL_SESSION_get0_peer 340 EXIST::FUNCTION:
+TLSv1_2_client_method 341 EXIST::FUNCTION:
+SSL_SESSION_set1_id_context 342 EXIST::FUNCTION:
+TLSv1_2_server_method 343 EXIST::FUNCTION:
+SSL_cache_hit 344 EXIST::FUNCTION:
+SSL_get0_kssl_ctx 345 EXIST::FUNCTION:KRB5
+SSL_set0_kssl_ctx 346 EXIST::FUNCTION:KRB5
+SSL_SESSION_get0_id 347 NOEXIST::FUNCTION:
+SSL_set_state 348 EXIST::FUNCTION:
+SSL_CIPHER_get_id 349 EXIST::FUNCTION:
+TLSv1_2_method 350 EXIST::FUNCTION:
+SSL_SESSION_get_id_len 351 NOEXIST::FUNCTION:
+kssl_ctx_get0_client_princ 352 EXIST::FUNCTION:KRB5
+SSL_export_keying_material 353 EXIST::FUNCTION:TLSEXT
+SSL_set_tlsext_use_srtp 354 EXIST::FUNCTION:SRTP
+SSL_CTX_set_next_protos_advertised_cb 355 EXIST:!VMS:FUNCTION:NEXTPROTONEG
+SSL_CTX_set_next_protos_adv_cb 355 EXIST:VMS:FUNCTION:NEXTPROTONEG
+SSL_get0_next_proto_negotiated 356 EXIST::FUNCTION:NEXTPROTONEG
+SSL_get_selected_srtp_profile 357 EXIST::FUNCTION:SRTP
+SSL_CTX_set_tlsext_use_srtp 358 EXIST::FUNCTION:SRTP
+SSL_select_next_proto 359 EXIST::FUNCTION:NEXTPROTONEG
+SSL_get_srtp_profiles 360 EXIST::FUNCTION:SRTP
+SSL_CTX_set_next_proto_select_cb 361 EXIST:!VMS:FUNCTION:NEXTPROTONEG
+SSL_CTX_set_next_proto_sel_cb 361 EXIST:VMS:FUNCTION:NEXTPROTONEG
+SSL_SESSION_get_compress_id 362 EXIST::FUNCTION:
More information about the Midnightbsd-cvs
mailing list